Re: new tool: openportd

[Nick Guenther]

On 10/21/06, Steffen Wendzel <[EMAIL PROTECTED]> wrote:

hi,

I wrote a new tool I call OpenPortd for my linux distribution
but since I my linux distribution is still under development
and I want to release the tool, I wrote an OpenBSD version
too, you maybe like it.
[...]
You can define keys and actions in /etc/openportd.conf. If a
key is received, an action is executed. Here are examples:

04t3904jg034 reboot
0987654321   pkill sshd
1234567890   /usr/sbin/sshd
40tg340503n5 pf/iptables (load some other rules or whatever)



So this is like an insecure version of SSH?

-Nick

Re: pf load balancing and failover

[Kevin Reay]

Point of correction, slbd didn't have the ability to ping IP addresses.


Good call.



You might check the code in CVS, it should compile and work on 3.9.


Your right, I didn't notice it was being maintained. Thanks for the
pointer, and thanks so much for keeping it maintained (I just noticed
you were the one who updated it in CVS).

Back to the original question; it looks slbd would be a good and
elegant way to achieve what your looking to do. Just grab it from the
sourceforge CVS repository.

Kevin

Re: pf load balancing and failover

[Bill Marquette]

On 10/21/06, Kevin Reay <[EMAIL PROTECTED]> wrote:

> there should be a userland process doing these checks and reoving the
> offending address from the pool on failure. unfortunately, to my
> knowledge, still nobody wrote something which does it.
>

A while ago I used this with great success:
http://slbd.sourceforge.net/

It's open source (bsd!) and written for OpenBSD and pf. Unfortunately it
seems to have become outdated (won't compile on recent versions
of OpenBSD) because of the changed pf interface. (updating it
probably wouldn't be too much work)

It had the ability to query webservers (http), ping ip addresses, and connect


Point of correction, slbd didn't have the ability to ping IP addresses.


to specific tcp ports for heartbeat; and it would automatically remove
the address from a pf poll (and optionality run a command) when a
host failed.

It really would be cool if someone updated it (maybe me if I get some
time in the future)


You might check the code in CVS, it should compile and work on 3.9.

--Bill

Re: pf load balancing and failover

[Kevin Reay]

there should be a userland process doing these checks and reoving the
offending address from the pool on failure. unfortunately, to my
knowledge, still nobody wrote something which does it.



A while ago I used this with great success:
http://slbd.sourceforge.net/

It's open source (bsd!) and written for OpenBSD and pf. Unfortunately it
seems to have become outdated (won't compile on recent versions
of OpenBSD) because of the changed pf interface. (updating it
probably wouldn't be too much work)

It had the ability to query webservers (http), ping ip addresses, and connect
to specific tcp ports for heartbeat; and it would automatically remove
the address from a pf poll (and optionality run a command) when a
host failed.

It really would be cool if someone updated it (maybe me if I get some
time in the future)

Kevin

Solution to -> Re: SSH upgrade to ver 4.4 on OBSD 3.9 stable broke key auth

[Per-Olov Sjöholm]

On Tuesday 17 October 2006 12:08, Per-Olov SjC6holm wrote:
> On Tuesdayen den 17 October 2006 11:17, you wrote:
> > On Tue, 17 Oct 2006, Per-Olov SjCB6holm wrote:
> > > What should I clean when I totaly wiped out /usr/src and /usr/obj
> > > before the cvs update.
> > >
> > > The build is done as follows...
> > > --snip--
> > > cd /usr
> > > export CVSROOT="[EMAIL PROTECTED]:/cvs"
> > > cvs -z5 -q get -rOPENBSD_3_9 -P src
> > > cd /usr/src/sys/arch/i386/conf
> > > config GENERIC
> > > cd ../compile/GENERIC
> > > make clean && make depend && make
> > > mv /bsd /bsd.old
> > > cp bsd /
> > > reboot
> > > cd /usr/src
> > > rm -r /usr/obj/*
> > > make obj && make build
> > > reboot
> >
> > Hmm, that looks allright. One possibility might be that anoncvs1 was
> > not up-to-date, but that's unlikely, since the stable update was some
> > time ago. If updating doesn't show any new files, try to run the sshd
> > in debug mode (on another port), that might give a clue.
> >
> > -Otto
>
> I just run a debug "/usr/sbin/sshd -ddde -p 2022" as  Darren Tucker asked
> me for it.  And I just sent the debug output to him
>
> A key login works from a patched (now ssh 4.4) to a non patched (ssh 4.3)
> system. but it wont work between two ssh 4.4 updated systems. Between these
> only password login works.
>
>
>
> Regards
> Per-Olov

Hi misc

For the archives...

Here is a post with info that solves and explain the case if someone else get 
stuck in the problem.

 This problem was actually caused by an updated OpenSSL. I have had 2048 and 
4096 SSH keys that have worked perfect until my last complete 3-9 -stable 
update.

In OpenSSL  the limit is 3kbit for DSA keys and 16k for RSA keys.  These days 
ssh-keygen won't let you generate DSA keys other than 1024 bit ones (which is 
all the FIPS-186-2 spec allows) so if you want larger keys then you should 
use RSA. The thing that actually caused the problem was an openssl update 
earlier (013_openssl2.patch or its equivalent in -stable), but it didn't 
become apparent until sshd was rebuilt with the new openssl.


Thanks you *very* much for the help Darren Tucker!

Regards
/Per-Olov SjC6holm

Re: Do mp3 concatenation programs exist?

[Peter Philipp]

On Fri, Oct 20, 2006 at 11:41:43PM +0300, Peter Philipp wrote:
> license for your own programs.  Now all I gotta do is bang out my program
> based on this info. :-)

Just a followup on this, I did bang out this program and have been spending
the greater part of the day re-concatenating my old mp3 clips.  Remember my
original need for this, I disconnect/reconnect my pppoe every minute.  This
gives me a new IP every minute.  Since there is an overlap on the MP3 
streaming server I'm able to concatenate the pieces together based on a
series of checksums that are part of the MP3 format.  If you would like
to see my program you can download it from 

https://ssl-id.de/centroid.eu/peter/merge-mp3-clips.c

[checksum: MD5 (src/misc/merge-mp3-clips.c) = 9281305ab48233aa86d2df3c184b0b93 ]

To make it use for your stuff it probably needs a bit of editing/hardcoding.
I hardcoded the directories and the files have the format "ckln.`date +"%s"`".

The listening of this is a pleasure again without skips, repeats and screeches.

This program can also be used for groups on the Internet.  Say you want to
protect your identity from MP3 streaming vendors and have a few friends on
the Internet you can all download a minute of listening at different offsets
in time (crontabbed perhaps?) and then change your IP.  During the download
of the stream you don't do any network activity, that way noone can 
correlate your IP to any other service on the Internet (prior to the download
you also change IP).  At the end of each download the MP3 clip is uploaded 
to a central server or on a P2P network and re-assembled with similar 
programs such as this for your uninterupted listening pleasure.

This pretty well protects your privacy globally and noone can be sure who 
is listening into a certain program for a long time, noone can proove that 
you are interested in a certain topic/discussion (say if someone talks about 
coups, rebellions, dissent), all they'll be able to tell is that someone 
listened for a minute and then had enough (hardly incriminating them in 
orwellian societies/states).

Have fun!

-peter

--
Here my ticker tape .signature  My name is Peter Philipp  lynx -dump 
"http://en.wikipedia.org/w/index.php?title=Pufferfish&oldid=20768394"; | sed -n 
131,137p  http://centroid.eu  So long and thanks for all the fish!!!

new tool: openportd

[Steffen Wendzel]

hi,

I wrote a new tool I call OpenPortd for my linux distribution
but since I my linux distribution is still under development
and I want to release the tool, I wrote an OpenBSD version
too, you maybe like it.

It is like a port knocking service but a little bit different:

Normaly a port knocking service uses TCP/UDP, but openportd
uses ICMP echo response packets because they are not so easy
to send like echo requests or TCP/UDP port tests (kiddies could
simply use ping or nmap for this job).

You can define keys and actions in /etc/openportd.conf. If a
key is received, an action is executed. Here are examples:

04t3904jg034 reboot
0987654321   pkill sshd
1234567890   /usr/sbin/sshd
40tg340503n5 pf/iptables (load some other rules or whatever)

You can download the tgz file here:
http://files.doomed-reality.org/Projects/openportd/

There is currently no client available. But you can for example
use my vstt[1] and send data via FIFO to vstt using icmp
tunneling mode.

regards
steffen

[1] http://www.ploetner-it.de/~dr/site/index.php?id=70

Re: need help in dealing with a simple thing (file permissions)

[Matthew R. Dempsky]

On Sat, Oct 21, 2006 at 02:50:57PM +0200, LeVA wrote:
> Then the umask command came to my mind, but then I would have to make a 
> script, which contains the umask line, and after that call cronolog, 
> and pipe the logs to this script.
> Would someone please hint me with a more simple and elegant solution?

I think the shell script solution is fine, but if you want something
more flexible, put the following into /usr/local/bin/with-umask:

#!/bin/sh -e
umask "$1"; shift
exec "$@"

and then change your call to

cronolog...

to

with-umask 027 cronolog

Our new catalogue - Notre nouveau catalogue

[K-LALA Furniture and decorative items]

Si vous ne lisez pas cette page en HTML, allez sur .
http://www.k-lala.com/letter2006/emailing01.html
  
If you do not read this page in HTML, please go to.
http://www.k-lala.com/letter2006/emailing01.html
 ...







Dicouvrez notre catalogue
  - To have a view to our catalogue


Pour ne plus recevoir de mail de notre par, cliquez ici
  - If you do not want to receive
anymore e-mail from us, click here 

K-LALA Meubles et objets de dicoration SARL au capital de 9418,68 euros

Code APE : 514S - RCS Roubaix Tourcoing - Siret : 491 133 46800018 - N0
TVA FR01491133468

6/2 place de la Gare 59100 Roubaix FRANCE Til. +33 (0)872464422
Portable: +33(0)680705297 Fax : +33 (0)359350205

E-mail : [EMAIL PROTECTED]   -
http://www.k-lala.com

Re: rc.local command for postgres

[Francisco Valladolid]

Hi

Maybe you need do a sleep 1 before close the if .. fi  loop for let to
pg_ctl go to background.

regards.


On 10/20/06, David B. <[EMAIL PROTECTED]> wrote:
>
> trying to get postgres to start up at boot.  found this at postgresql's
> site
>
> On OpenBSD, add the following lines to the file /etc/rc.local:
>
> if [ -x /usr/local/pgsql/bin/pg_ctl -a -x /usr/local/pgsql/bin/postmaster
> ];
> then
>su - -c '/usr/local/pgsql/bin/pg_ctl start -l /var/postgresql/log -s'
> postgres
>echo -n ' postgresql'
> fi
>
> my pg_ctl and postmaster executables are at /usr/local/bin, and have
> modified
> the script accordingly.  my script reads as follows:
>
> if [ -x /usr/local/bin/pg_ctl -a -x /usr/local/bin/postmaster ]; then
> su - -c '/usr/local/bin/pg_ctl -D /WEBSITE/DATADIRECTORY start' postgres
> fi
>
> at boot the error thrown is "No such login class: /usr/local/bin/pg_ctl -D
> /WEBSITE/DATADIRECTORY start"
>
> the command I usually use after su'ing into postgres is:
>
> pg_ctl -D /WEBSITE/DATADIRECTORY start
>
> as /usr/local/bin is obviously in my PATH.
>
> Any Ideas?
>
> thanks
>
> _
> Stay in touch with old friends and meet new ones with Windows Live Spaces
>
> http://clk.atdmt.com/MSN/go/msnnkwsp007001msn/direct/01/?href=http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us
>
>


-- 
---
BSD - Unix simplicity.
Francisco Valladolid Hdez.
[EMAIL PROTECTED]

Disconnection php4 from the builds.

[Robert Nagy]

Hi.

A couple of us thing that people should switch to php5
because the php4 ports is not going to be updated.
Everything in the ports tree uses php5 now and we do not
see any reasons to ship whit it.

It is possible that a lot of people are relying on php4
so we are still going to keep it in the tree but we are
not going to build the packages.

If you have objections, please tell me.

pppoe goes to sleep

[Tim Gruene]

Hi,

I recently installed OpenBSD 3.9 on a PC(dmesg.log attached) which should 
act as gateway for a small home network. The setup of pf, the config-file 
for ppp to connect to our ISP, and the system setup (rc.conf.local) were 
copied from a different machine running OpenBSD 3.6 which currently acts 
as gateway but should be replaced by the other machine.

After booting, the machine works fine for about 15min. Thereafter the 
connection through the DLS-modem to the internet is down. According to 
'top', ppp and pppoe are in sleep state, but I do not know whether this is 
the reason.

Killing ppp and restarting it does not help.

The phenomenon occurs with apm enabled and disabled. It is not due to the 
network card for I had also installed a different network card (a 3Com 
3c905b instead of the VIA VT8233).

Would anyone have an idea how to fix the problem?

Tim

--
Tim Gruene
Institut fuer anorganische Chemie
Tammannstr. 4
D-37077 Goettingen

GPG Key ID = A46BEE1A
OpenBSD 3.9 (GENERIC) #617: Thu Mar  2 02:26:48 MST 2006

[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC

cpu0: Intel(R) Celeron(R) CPU 2.20GHz ("GenuineIntel" 686-class) 2.20 GHz

cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID

real mem  = 259567616 (253484K)

avail mem = 229863424 (224476K)

using 3194 buffers containing 13082624 bytes (12776K) of memory

mainbus0 (root)

bios0 at mainbus0: AT/286+(3c) BIOS, date 10/01/03, BIOS32 rev. 0 @ 0xfb4c0

apm0 at bios0: Power Management spec V1.2

apm0: AC on, battery charge unknown

apm0: flags 70102 dobusy 1 doidle 1

pcibios0 at bios0: rev 2.1 @ 0xf/0xdf44

pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdec0/128 (6 entries)

pcibios0: PCI Exclusive IRQs: 3 5 11 12

pcibios0: PCI Interrupt Router at 000:17:0 ("VIA VT82C596A ISA" rev 0x00)

pcibios0: PCI bus #1 is the last bus

bios0: ROM list: 0xc/0xc000

cpu0 at mainbus0

pci0 at mainbus0 bus 0: configuration mode 1 (no bios)

pchb0 at pci0 dev 0 function 0 "VIA VT8751 PCI" rev 0x00

ppb0 at pci0 dev 1 function 0 "VIA VT8633 AGP" rev 0x00

pci1 at ppb0 bus 1

vga1 at pci1 dev 0 function 0 "S3 ProSavage DDR" rev 0x00

wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)

wsdisplay0: screen 1-5 added (80x25, vt100 emulation)

sis0 at pci0 dev 8 function 0 "NS DP83815 10/100" rev 0x00, DP83816A: irq 11, 
address 00:14:6c:30:8b:1c

nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1

uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x80: irq 11

usb0 at uhci0: USB revision 1.0

uhub0 at usb0

uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1

uhub0: 2 ports with 2 removable, self powered

uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x80: irq 3

usb1 at uhci1: USB revision 1.0

uhub1 at usb1

uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1

uhub1: 2 ports with 2 removable, self powered

uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x80: irq 12

usb2 at uhci2: USB revision 1.0

uhub2 at usb2

uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1

uhub2: 2 ports with 2 removable, self powered

ehci0 at pci0 dev 16 function 3 "VIA VT6202 USB" rev 0x82: irq 5

usb3 at ehci0: USB revision 2.0

uhub3 at usb3

uhub3: VIA EHCI root hub, rev 2.00/1.00, addr 1

uhub3: 6 ports with 6 removable, self powered

viapm0 at pci0 dev 17 function 0 "VIA VT8235 ISA" rev 0x00

iic0 at viapm0

"unknown" at iic0 addr 0x18 not configured

pciide0 at pci0 dev 17 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133, channel 
0 configured to compatibility, channel 1 configured to compatibility

wd0 at pciide0 channel 0 drive 0: 

wd0: 16-sector PIO, LBA, 38166MB, 78165360 sectors

wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5

atapiscsi0 at pciide0 channel 1 drive 0

scsibus0 at atapiscsi0: 2 targets

cd0 at scsibus0 targ 0 lun 0:  SCSI0 5/cdrom 
removable

cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2

auvia0 at pci0 dev 17 function 5 "VIA VT8233 AC97" rev 0x50: irq 12

ac97: codec id 0x434d4961 (C-Media Electronics CMI9739)

audio0 at auvia0

"VIA VT82C686 Modem" rev 0x80 at pci0 dev 17 function 6 not configured

vr0 at pci0 dev 18 function 0 "VIA RhineII-2" rev 0x74: irq 11, address 
00:e0:4c:b7:dd:45

ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 8: OUI 0x004063, 
model 0x0032

isa0 at mainbus0

isadma0 at isa0

pckbc0 at isa0 port 0x60/5

pckbd0 at pckbc0 (kbd slot)

pckbc0: using irq 1 for kbd slot

wskbd0 at pckbd0: console keyboard, using wsdisplay0

pcppi0 at isa0 port 0x61

midi0 at pcppi0: 

spkr0 at pcppi0

lpt0 at isa0 port 0x378/4 irq 7

it0 at isa0 port 0x290/8: IT87

npx0 at isa0 port 0xf0/16: using exception 16

pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo

fdc0 at isa0 port 0x3f0/6 irq 6 drq 2

fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec

biomask ff6d netmask ff6d ttymask ffef

pctr: user-level cycle counter enabled

dkcsum: wd0 matches BIOS drive 0x80

root on wd0a

rootdev=0x0 rrootdev=0x

Re: OpenBSD dedicated hosting

[Francisco Valladolid]

Hi,

I had a OpenBSD box in http://rootr.net a couple years ago, and they offer
good service.

Now i had a account in http://geekisp.com Dave, the owner has excellent
support and service,


Regards.

On 10/18/06, Bryan Irvine <[EMAIL PROTECTED]> wrote:
>
> http://www.simpli.biz/
>
> Is based in San Jose.  I've been talking to them about hosting for me
> $59/mo for a full-root server.
>
>
>
> On 9/16/06, Gilles Chehade <[EMAIL PROTECTED]> wrote:
> > Hi misc@,
> >
> > I am looking for companies that provide OpenBSD-powered dedicated
> hosting.
> > Currently, I am being hosted by a french company which turned out to be
> as
> > incompetent as can be, and I am willing to switch as soon as possible
> > (preferably before the 25th of September).
> >
> > I have google-d a bit and found out a few companies, but its hard to
> know
> > in advance which are competent and which will drive me into depression.
> So
> > I'm turning to you, if you know of companies that do good work, that
> aren't
> > too expensive and that provide OpenBSD based services, please mail me
> > off-list so I can start digging their offers.
> >
> > Thanks a lot people ;)
>
>


-- 
---
BSD - Unix simplicity.
Francisco Valladolid Hdez.
[EMAIL PROTECTED]

Re: need help in dealing with a simple thing (file permissions)

[LeVA]

2006. October 21. 16:23, Han Boetes:
> Read /etc/newsyslog and man newsyslog.
>
>
> # Han
Thanks, but newsyslog can not help me, because it can not reload my 
apache when the rotation happening (it is chrooted and has to load 
external modules).

Daniel

-- 
LeVA

Re: need help in dealing with a simple thing (file permissions)

[Han Boetes]

Read /etc/newsyslog and man newsyslog.


# Han

Re: need help in dealing with a simple thing (file permissions)

[Joachim Schipper]

On Sat, Oct 21, 2006 at 02:50:57PM +0200, LeVA wrote:
> Hi!
> 
> I know this is a rather simple problem, but I would like to hear the 
> advices.
> 
> I'm using a piped Custom- and ErrorLog in apache, it pipes the output to 
> cronolog (the log files are rotated per 24hour). The log files are 
> created with 644 permissions, and this is what I try to avoid, and 
> force the new logfile to have 640 permissions.
> So far I thought of a cron line which would be `chmod -R 
> o= /var/www/logs/`.
> Then the umask command came to my mind, but then I would have to make a 
> script, which contains the umask line, and after that call cronolog, 
> and pipe the logs to this script.
> Would someone please hint me with a more simple and elegant solution?
> 
> Thanks!
> 
> Daniel

The last solution works fine:

#!/bin/sh

umask 027
exec /usr/.../cronolog

The alternative would be chmod'ing the log directory to 0750, or
somesuch.

Joachim

need help in dealing with a simple thing (file permissions)

[LeVA]

Hi!

I know this is a rather simple problem, but I would like to hear the 
advices.

I'm using a piped Custom- and ErrorLog in apache, it pipes the output to 
cronolog (the log files are rotated per 24hour). The log files are 
created with 644 permissions, and this is what I try to avoid, and 
force the new logfile to have 640 permissions.
So far I thought of a cron line which would be `chmod -R 
o= /var/www/logs/`.
Then the umask command came to my mind, but then I would have to make a 
script, which contains the umask line, and after that call cronolog, 
and pipe the logs to this script.
Would someone please hint me with a more simple and elegant solution?

Thanks!

Daniel

-- 
LeVA

Re: what version to install now and P.D.

[Iñigo Tejedor Arrondo]

El vie, 20-10-2006 a las 23:10 -0400, Nick Holland escribis:

> Given the choices you have right now, I'd probably go with 3.9 now, keep
> the system as minimal as possible, then upgrade to 4.0 after it is
> released...that is, if your hardware is fully supported.  It's pretty
> painless to do, and it is good to get in the habit of doing it before
> the system is relied upon continually.

Well, now it is installed and in 3.9-stable (from cvs :). It has been my
first install 'not a release' that I did, and has been as a dream,
everything works perfectly. Very good work, developers of openbsd!

> If your hardware isn't sufficiently supported by 4.0, you have a bit of
> a problem.  If you go with a snapshot, you are stuck to -current until
> 4.1 comes out (or stuck reloading and rebuilding from scratch on 4.0
> later).  That's far from the end of the world, but it might be more
> exciting than you are planning on.
> 
> Me?  My CDs arrived Monday.  Order early, order often! :)  (no, being on
> the team doesn't get me CDs any earlier).

jajaja... perhaps when the month finishes, if something of money exceeds
to me (difficult thing), can order mine, and who knows... more stuff :)

> "howto"s for writing a driver sounds like it is a mindless formula; drop
> in some manuals, a semi-warm body, turn a crank, and out pops a driver.
> I don't think I'd ever short-change the OpenBSD driver writers like
> that, it is not a formulaic process at all.

Sure, I can imagine it, I will begin by read /usr/src/sys and some man
pages ;)

> As for tasks...do something that needs to be done.  One good starting
> place is:
>http://www.openbsd.org/want.html
> Get hardware developers want/need in their hands, and magic happens.
> Note the part about "hardware developers want/need"...  dumping junk on
> 'em, or dumping hardware where the issue is code doesn't help.  I
> suspect plenty of developers have multi-proc SPARC machines...the issue
> there is no one is writing the code, not the lack of hardware.  Again,
> this is not a formulaic task, lots of hard and original work needs to be
> done.
> 
> Which isn't to say that some people don't LIKE old junk...but you could
> give me lots more SMP sparc machines, and OpenBSD/sparc SMP support
> won't be a day closer.

It gives me shame to say it, but I don't want to die of hunger or that
the bank clears my the house :S  The money isn't my strongpoint, and I
just have hardware of type i386 that people would throw. I'm watching
the page, to see if there is something that can obtain at work, where i
can obtain better hardware.

> Otherwise...just find something you don't like and fix/improve it.
> Understand that the vast majority of "improvements" people come up with
> aren't accepted as part of the base system, but absolute none of "just
> talk" is ever accepted, and you will probably learn something in doing
> the work...and learn more if it is rejected. :)

For example, i would like to start working at the webpage, the
translation to spanish has been taked off, now i'm reading all the doc
that I can, so it could be a good point to make the two things (learn
and colaborate). As always, everything what I need, is perfectly
documented:

http://www.openbsd.org/translation-explained.html

Of course, now that I have the laptop 'free of work', i'm going to prove
-current. Also, who knows if I start to do a small package (security
related) port, instead of a complicated kernel module.

> Nick.

Greetings
Inigo

Re: pf load balancing and failover

[Henning Brauer]

* Alexander Lind <[EMAIL PROTECTED]> [2006-10-20 19:18]:
> OpenBSDs PF loadbalancing functionality does not support any sort of 
> failover rule rewriting, or conditional rulesets, does it?
> 
> For example, if I have PF round-robin to 4 webservers, and one goes 
> down, is there any way to make PF notice this and remove the downed host 
> from the pool, based on something as simple as missing ping replies?

there should be a userland process doing these checks and reoving the 
offending address from the pool on failure. unfortunately, to my 
knowledge, still nobody wrote something which does it.

you might be able to achieve the same by using redirects to a table, 
some generic monitoring package and a little scripting.

-- 
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam

Re: Is doing a network restore from bsd.rd at all possible?

[Henning Brauer]

* Michal Soltys <[EMAIL PROTECTED]> [2006-10-21 10:02]:
> smith wrote:
> 
> >
> >If you successfully do this, can you post how you did it?
> >
> 
> The "magic" is in bsd's ftp(1) -o flag, which makes it a bit similar beast 
> to the wget. It can also pull the file using http or, since 4.0, https - 
> check "AUTO-FETCHING FILES" section in the man, it's quite fexible piece of 
> tool.

but on the ramdisks there is a slightly limited version (for space 
reasons), that does not support https (but plain http).

-- 
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam

Re: Is doing a network restore from bsd.rd at all possible?

[Michal Soltys]

smith wrote:



If you successfully do this, can you post how you did it?



The "magic" is in bsd's ftp(1) -o flag, which makes it a bit similar beast 
to the wget. It can also pull the file using http or, since 4.0, https - 
check "AUTO-FETCHING FILES" section in the man, it's quite fexible piece of 
tool.


As for recovering / cloning using bsd.rd, you could simply do something like:

newfs /dev/rwd1e
mount -o async /dev/wd1e /mnt
cd /mnt
ftp -o - ftp://openbsd.example.com/partition.dump | restore rvf -
cd /
umount /mnt

One remark though - use or prepare larger /tmp before doing so, or you may 
irritate restore quite a bit, if you recover some larger filesystem.

no xdm on asus pundit-p1

[riwanlky]

hi all,

i just purchase a new asus barebone pc pundit-p1 and want to install openbsd.
i had to disable ieee 1394 and usb controller.
i run xdm, and it only show blank screen.
attached is the dmesg and the Xorg.0.log

can anyone give me information on how to resolve this.

thanks and best regards,
riwan

OpenBSD 3.9 (GENERIC) #617: Thu Mar  2 02:26:48 MST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Celeron(R) CPU 2.66GHz ("GenuineIntel" 686-class) 2.67 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CF

LUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,TM2,CNXT-ID
real mem  = 232300544 (226856K)
avail mem = 204988416 (200184K)
using 2861 buffers containing 11718656 bytes (11444K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(58) BIOS, date 12/09/05, BIOS32 rev. 0 @ 0xf1da0
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 70102 dobusy 1 doidle 1
pcibios0 at bios0: rev 3.0 @ 0xf/0xcc94
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfcb90/240 (13 entries)
pcibios0: bad IRQ table checksum
pcibios0: PCI BIOS has 14 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 5 10 11 12
pcibios0: no compatible PCI ICU found
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #2 is the last bus
WARNING: can't reserve area for I/O APIC.
WARNING: can't reserve area for Local APIC.
WARNING: can't reserve area for BIOS PROM.
bios0: ROM list: 0xc/0xf000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 vendor "ATI", unknown product 0x5a33 rev 0x01
ppb0 at pci0 dev 1 function 0 "ATI RS480 PCIE" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 5 function 0 "ATI Radeon XPRESS 200" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pciide0 at pci0 dev 18 function 0 "ATI IXP400 SATA" rev 0x00: DMA
pciide0: using irq 11 for native-PCI interrupt
piixpm0 at pci0 dev 20 function 0 "ATI IXP400 SMBus" rev 0x11: SMI
iic0 at piixpm0
pciide1 at pci0 dev 20 function 1 "ATI IXP400 IDE" rev 0x00: DMA, channel 0 
conf

igured to compatibility, channel 1 configured to compatibility
atapiscsi0 at pciide1 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  SCSI0 
5/cdrom rem

ovable
wd0 at pciide1 channel 0 drive 1: 
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
cd0(pciide1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
wd0(pciide1:0:1): using PIO mode 4, DMA mode 2, Ultra-DMA mode 5
pcib0 at pci0 dev 20 function 3 "ATI IXP400 ISA" rev 0x00
ppb1 at pci0 dev 20 function 4 "ATI IXP400 PCI" rev 0x00
pci2 at ppb1 bus 2
rl0 at pci2 dev 2 function 0 "Realtek 8139" rev 0x10: irq 10, address 
00:15:f2:9

a:7b:e5
rlphy0 at rl0 phy 0: RTL internal PHY
auixp0 at pci0 dev 20 function 5 "ATI IXP400 AC97" rev 0x02: irq 12
auixp0: soft resetting aclink
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: 
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fdc0: drive 0: unknown device type 0xf0
fdc0: drive 1: unknown device type 0xf0
biomask eb6d netmask ef6d ttymask efef
pctr: user-level cycle counter enabled
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
ac97: codec id 0x414c4760 (Avance Logic ALC655)
audio0 at auixp0


Xorg.0.log
(--) checkDevMem: using aperture driver /dev/xf86
(--) Using wscons driver on /dev/ttyC4 in pcvt compatibility mode (version 
3.32)

(WW) GARTInit: AGPIOC_INFO failed (Device not configured)

X Window System Version 6.9.0 (for OpenBSD)
Release Date: 21 December 2005
X Protocol Version 11, Revision 0, Release 6.9
Build Operating System: OpenBSD 3.9 i386 [ELF]
Current Operating System: OpenBSD fids1.cucis.com 3.9 GENERIC#617 i386
Build Date: 10 March 2006
Before reporting problems, check http://wiki.X.Org
to make sure that you have the latest version.
Module Loader present
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Sat Oct 21 14:19:34 2006
(EE) Unable to locate/open config file
(II) Module ABI versions:
X.Org ANSI C Emulation: 0.2
X.Org Video Driver: 0.8
X.Org XInput driver : 0.5
X.Org Server Extension : 0.2
X.Org Font Renderer : 0.4
(II) Loader running on openbsd
(II) LoadModule: "bitmap"
(II) Loading /usr/X11R6/lib/modules/fonts/libbitmap.so
(II) Module bitmap: vendor="X.Org Foundation"
compiled for 6.9.0, module ve