Re: Modemsupport?
On Tue, Oct 24, 2006 at 06:34:52PM -0500, Marco Peereboom wrote: No, winmodes are not supported. Only actual modems are supported. NetBSD has some support for the AC97 Intel based ones, not sure how/if it works. I don't have any particular interest in hacking on this myself.
Re: Sun x2100 M2 DMESG weirdenn and remote access. OpenBSD 4.0
Daniel Ouellet wrote: stan wrote: That's actually not a given IFIRK Sun says the RAID on the 2100's is Windows only. Interesting! I didn't read that. Must have skip my reading then somehow. The choice are in the BIOS to enable it. I didn't buy two drives as it was for testing only, so I can't say if it would work or not for sure, or if it would be supported in OpenBSD or not. No clue. If there is feedback as to it should be supported, not only in Windows, and some are interested to know if it does or not, I could buy an other drive and try it. Not that I will need two drives for what this baby will be use in. So, what's the controller in x2100 ? In v65x it was a u320 aic79xx, Adaptec only provides Windows drivers for it, and is not so willing to share with the microcode needed to support built-in RAID. Someone also mentioned that enabling these kind of RAIDs is of little use, since they put almost the same strain on the CPU, making it run controller's microcode. Why Sun picks that kinda hardware for it's servers, is another kinda question But the controller manufacturers play evil here... Thanks, Pawel.
Re: USR GigE adapter: USR997902A
On Tue, Oct 24, 2006 at 01:04:14PM -0500, Jacob Yocom-Piatt wrote: can anyone confirm that the USR997902A gigabit ethernet card is supported for i386? the device is listed as supported using the re driver, but it lists the model number without the A at the end. here is a link to the adapter http://www.cdw.com/shop/products/default.aspx?EDC=996808 i want to make certain the chipset has not changed in the A version. if there are adapters of comparable price that are better, please make a suggestion. i am constrained to purchasing from CDW for the time being, as this is for work. cheers, jake We support nearly every Gigabit Ethernet chip out there, the only exceptions that come to mind are the Agere PCI Express one, one built into a few SiS south bridges. I'd be surprised if you manage to buy something that isn't supported. Jonathan
Re: Automating updates question
On Tue, 24 Oct 2006, Michael Osburn wrote: While I fully realize that installing from ports is not the accepted process for anyone except for developers, I wish to start helping out in any way I can; though, being a low-skilled OpenBSD programmer tends to hurt more then help. I started looking at using my spare machine (it only plays music to the stereo and has a lot of unused cycles) to help test snapshots and new ports. After bringing the base system to current, I found it a major headache to update the ports from the initial 3.9 stable branch to current. The problem stemmed from trying to build updated ports and having to manually pkg_delete all of my previously installed software and rebuild from scratch. It seemed rather silly to me to manually tear my entire system down for updates when I could be better using the system to test the installed applications. Thinking about how a lot of developers use OpenBSD as their main system (and presuming that they are not mixing stable with current) I feel there must be a more efficient way of updating the installed packages/ports. It seems that this type of updating would be a tremendous time sink for those actually doing the hard work. Would anyone care to share their tips on keeping their own machines current without having to uninstall/reinstall every time they update? Ehhh, I don't know how you are trying to update, buta I just do pkg_add -ui with a PKG_PATH pointing to my favorite mirror snapshot dir. First I make sure I have an up-to-date base system, of course; sometimes built from src, sometimes I install a snapshot. Unless you are working on tge src tree, I would recommend installing a snap. -Otto
Re: What would you do with field defect rate predictions?
On Wed, 25 Oct 2006, Paul Luo Li wrote: Thank you very much for the response. By field defect I mean a PR in the Bug Tracking system of the Class sw-bug. That is a measure which contains lots of noise and is also incomplete. A lot of time bugs gets fixed without being a made a PR. I was wondering if you think predictions at the time of release of the number of field defects in each month after release can help: -allocate resources, such as having enough people available to fix problems How do you allocate resources in a almost completely volunteer orgaization? I hack what I want on. Of course I feel responsible for certain parts in the system. But sometimes I do not have a lot of time or other things get my atttention. Of course Theo pushes now and then, but that doesn't mean I cannot say: not now, try to find somebody else. He even respects that. -adjust the deployment date, like pushing back the release, or I'm very happy with the elapsed-time constrained development cycle. -identify possible ways of improving the process, assuming that the predictions are made using software metrics, such as the number of changes to the code I don't think a statistical method will help gaining insight. -Otto
Re: NOD32 Antivirus and OpenBSD?
On Tuesday 24 October 2006 13:41, Leonardo Rodrigues wrote: Or another really good antivirus that I may consider? ClamAV works fine on OpenBSD and it's even in ports. --- Lars Hansson
Re: What would you do with field defect rate predictions?
On Wed, Oct 25, 2006 at 12:01:47AM -0400, Paul Luo Li wrote: Thank you very much for the response. By field defect I mean a PR in the Bug Tracking system of the Class sw-bug. I was wondering if you think predictions at the time of release of the number of field defects in each month after release can help: -allocate resources, such as having enough people available to fix problems -adjust the deployment date, like pushing back the release, or -identify possible ways of improving the process, assuming that the predictions are made using software metrics, such as the number of changes to the code You might want to check out Michael Lyu's Handbook of Software Reliability Engineering http://www.cse.cuhk.edu.hk/~lyu/book/reliability/ (You can now download all 800+ pages in pdf.) Regards, Andrew Dalgleish
Re: Newbie login.conf and xdm question
On 10/24/06, Greg Thomas [EMAIL PROTECTED] wrote:
On 10/24/06, Greg Thomas [EMAIL PROTECTED] wrote:
Ok, I'm trying to get my user account setup so the Java plugin works
with Friefox, it's currently working fine for root. From Kurt's
suggestion I changed staff's section of login.conf to:
Ok, I have my ulimit issue worked out, I had a ulimit -d set in my
.xsession, I've fixed that now:
[EMAIL PROTECTED] ulimit -a
time(cpu-seconds)unlimited
file(blocks) unlimited
coredump(blocks) unlimited
data(kbytes) 1048576
stack(kbytes)8192
lockedmem(kbytes)156489
memory(kbytes) 467896
nofiles(descriptors) 1024
processes532
[EMAIL PROTECTED]:/home/ethant# ulimit -a
time(cpu-seconds)unlimited
file(blocks) unlimited
coredump(blocks) unlimited
data(kbytes) 1048576
stack(kbytes)8192
lockedmem(kbytes)156489
memory(kbytes) 467896
nofiles(descriptors) 1024
processes532
If I run Firefox from my regular account it crashes while loading
Java. If I do a sudo mozilla-firefox then Java runs fine. What
other resource differences are there between a regular account and
root?
Ok, one more test before I head to sleep. From csh:
corn:ethant {4} unlimit
corn:ethant {5} limit
cputime unlimited
filesizeunlimited
datasize1048576 kbytes
stacksize 32768 kbytes
coredumpsizeunlimited
memoryuse 469468 kbytes
memorylocked469468 kbytes
maxproc 532
openfiles 1024
corn:ethant {6} /usr/local/bin/mozilla-firefox
The above works fine, but if I stay in ksh and set the limits to the
above it still crashes while loading the java plugin:
[EMAIL PROTECTED] ulimit -s 32768
[EMAIL PROTECTED] ulimit -m 469468
[EMAIL PROTECTED] ulimit -l 469468
[EMAIL PROTECTED] ulimit -a
time(cpu-seconds)unlimited
file(blocks) unlimited
coredump(blocks) unlimited
data(kbytes) 1048576
stack(kbytes)32768
lockedmem(kbytes)469468
memory(kbytes) 469468
nofiles(descriptors) 1024
processes532
[EMAIL PROTECTED] mozilla-firefox
Internal error : Could not dup 61 into 10
INTERNAL ERROR on Browser End: Pipe closed during read? State may be corrupt
System error?:: Resource temporarily unavailable
[EMAIL PROTECTED] /usr/local/bin/mozilla-firefox
Internal error : Could not dup 57 into 10
INTERNAL ERROR on Browser End: Pipe closed during read? State may be corrupt
System error?:: Resource temporarily unavailable
At least now I don't have to rely on root.
Greg
Re: NOD32 Antivirus and OpenBSD?
All free antiviruses sucks (except a clamav version for UNIX/BSD/Linux). Virus signatures almost are outdated and don't know a lot of vires and you have no support for ir. In corporate networs you should use commercial software. For OpenBSD it might be Dr.Web, very good AV software :) Lars Hansson wrote: On Tuesday 24 October 2006 13:41, Leonardo Rodrigues wrote: Or another really good antivirus that I may consider? ClamAV works fine on OpenBSD and it's even in ports. --- Lars Hansson
Re: NOD32 Antivirus and OpenBSD?
On Wednesday 25 October 2006 15:22, edgarz wrote: All free antiviruses sucks (except a clamav version for UNIX/BSD/Linux). Virus signatures almost are outdated and don't know a lot of vires Detecting DOS boot sector viruses from the 1980's isn't all that important. It's not how many viruses you can detect that's important, it's what active viruses you detect and how fast that's important. In corporate networs you should use commercial software. ClamAV works great in a corporate network, especially for scanning email. --- Lars Hansson
Re: I need help in interpreting some Docs
On Tue, Oct 24, 2006 at 03:17:05PM -0700, John Draper wrote: Hi, I'm posting this to both OpenBSD and Snort mailing lists. In reading through the snort documentation, in section 1.5 (Inline mode), they state the following... In order for Snort Inline to work properly, Download and compile the iptables code to include make install-devel. (http://www,iptables.org) Would I do the make install-devel from within the Snort's Source build system, or the iptables build system?. IPTables, if I read the docs correctly. This will install the libipq library that allows snort Inline to interface with iptables. Also, you must build and install LibNet, which is available from www.packetfactory.net. Ok, all fine and well, but I'm using snort on an OpenBSD platform, which uses PF instead of iptables... I'm assuming that iptables is only for Linux, or does OpenBSD also use iptables? I didn't see any mention of it in either OpenBSD docs or Snort docs other then this, and as far as I can remember, iptables is used primarily with Linux, is that right? IPTables is for Linux, pf is for OpenBSD. Would I follow the same installation procedures? or would I ditch this effort alltogether and write it off as something OpenBSD is not setup to do, or is there an alternative I can use with Snort? Snort-inline is written to work with IPTables. It might be possible to implement something similar for pf, although it would most likely require some patches; however, to the best of my knowledge, this has not been done yet. It would be possible to use Snort's response mechanism to put someone in a table, say badguys. pf can be configured to handle tables in many interesting ways. This is not real-time blocking, but might be close enough. I haven't looked at Snort since 2003, and from reading the new docs, a lot of new features have been added, some of which I haven't come across yet. I'm basically setting up snort that if it sees a Priority one attack it executes a script or Binary file, well, actually it will instantiate a thread that does this in whatever scripting language I choose (Python) in my case. Easy DoS. I Haven't read ALL the new stuff yet, but am ready to install any additional utilities, like Barnyard. Which I already have running. Barnyard doesn't have a lot to do with Snort-inline, really. Is it possible to use Snort in normal NIDS mode, then when I get a higher priority attach, to switch to Inline mode? How fast can Snort switch from one mode to another? Also, is it possible to use Snort to look at a binary file and display contents via the ./snort -dvr option while snort is running? You cannot switch modes, that's just silly. Inline mode most likely does allow you to warn only, so that would take care of any need for running Snort in two modes. Do you mean the log_tcpdump output module when you say 'binary file'? If so, use tcpdump. And yes, this can be done while Snort is running, although the file is most likely not complete, so you will be unable to see the last (couple of) packet(s). Those questions are all answered in the documentation, really. Not worth bothering two lists with. Joachim
openbsd cd resellers in asia?
hi, im from the Philippines and i would like to order a openbsd 4.0 cd, does anyone in here can help where in asia can i order the said openbsd stuff? the http://www.genesis.com.hk which openbsd.org said where i can purchase in asia seems not responding. :( thanks --jay--
Re: Problem when mount USB to OpenBSD
On Tue, Oct 24, 2006 at 05:32:02PM -0700, Maverick wrote: Greg Thomas-3 wrote: On 10/24/06, Maverick [EMAIL PROTECTED] wrote: I am trying to mount a USB pen drive to OpenBSD. When i connect the usb to the computer there is no notice or lines appear. so i tried to mount -t msdos /dev/usb0i /mnt/usb and got the message No such file and directory Hmmm, I thought USB drives showed up as SCSI? Isn't /dev/usb0 just the bus? At least I'm still doing the following: mount_msdos /dev/sd0i /mnt Also, in addition to usbdevs you should be providing a dmesg. hi yeahhh it working Sorry i am a new bee to Unix in general. I having another question. Can we intall firefox in openbsd? Looking at the dmesg would have provided you with this information. There is actually a notice when the key gets attached, and it gets sent do dmesg. Looking at that, or just the system logfile, would suffice. Adding Firefox is trivial; Greg already pointed you to the FAQ. Also read afterboot(8), and so on. Joachim
Re: OpenBSD AJAX
On Wed, Oct 25, 2006 at 01:56:32AM +0200, ropers wrote: Ryan, Joachim (, others): You mentioned that you dislike PHP. I would be curious to learn your reasons for this. I'm not trying to instigate religious wars or the like, it's just that my programming skills are mostly nonexistant coughGW BASIC shell scripts/cough and I'm thinking of properly learning PHP, kind of as an evolutionary step, up from XHTML. Should a coding n00b like myself avoid PHP like the plague, or do your reasons only come into play once a certain level of programming proficiency is attained? Thanks and regards, --ropers PS: I probably could see that the mere fact that PHP does server-side processing could be seen as a huge downside as opposed to ECMAscript / AJAX, where processing occurs on the client side. OTOH, you're not supposed to trust the client -- and I know that pretty friggin large PHP-script deployments do exist, eg. MediaWiki/Wikipedia. (Then again, WP uses a slew of Squid proxies...) Let it be said that PHP has huge advantages. Notably, it's very, very popular, and as such a lot of stuff has been written to work in it. It's also rather easy to write a quick PHP script. The fact that PHP integrates well with web pages is a major plus for this kind of thing. Performance is also not bad. A properly written FastCGI program in a 'fast' language like C should outperform mod_php, but there are not many things that will - and for simple projects, the C program is liable to take ten times as much time. If you're into web development, it's likely that you will encounter PHP, and it's a good idea to familiarize yourself with it. In fact, despite my misgivings, I use PHP almost exclusively. As you might know, almost all my web development is done for my students' association, and one of the main requirements is that the whole site should work when handed over to a commercial hoster, and that someone else should be able to maintain it. In short, a Common LISP FastCGI-based application using a custom ISAM implementation, while it could be really neat, is not really what they're looking for. ;-) PHP does have downsides, though. For one, it's horribly insecure - it's very easy to write insecure scripts, and even if the scripts themselves are secure there are many bugs in PHP and/or the libraries it commonly uses. It's truly strange that a web-oriented language is not more focused on preventing, for instance, SQL injection or XSS. (It is possible to write secure scripts in PHP, and the hardened-php project's patches do increase the security of the thing itself; still, it's not good.) The request-oriented nature of a PHP script, while it does make them easy to write, has its downsides; this leads to the common abuse of a database as a filesystem. One could think of other downsides, but the insecurity is one of the major downsides to me. As to Javascript, that is a client-side technology; it would be useful to learn at least a little about it, or a lot if you want to do AJAX, but you'll still require some server-side scripting. Joachim
Re: openbsd cd resellers in asia?
On Wednesday 25 October 2006 16:20, Jay Jesus Amorin wrote: hi, im from the Philippines and i would like to order a openbsd 4.0 cd, does anyone in here can help where in asia can i order the said openbsd stuff? the http://www.genesis.com.hk which openbsd.org said where i can purchase in asia seems not responding. :( Welcome to the club, I havent found any reseller in Asia and certainly not here in Ph. Australia might work, presuming they even ship abroad, but then you have to deal with shipping and all the nice taxes you get with an official looking parcel at the Post Office. I suggest just downloading it and then donating. --- Lars Hansson
Re: Automating updates question
On Tue, Oct 24, 2006 at 07:26:24PM -0600, Michael Osburn wrote: While I fully realize that installing from ports is not the accepted process for anyone except for developers, I wish to start helping out in any way I can; though, being a low-skilled OpenBSD programmer tends to hurt more then help. I started looking at using my spare machine (it only plays music to the stereo and has a lot of unused cycles) to help test snapshots and new ports. After bringing the base system to current, I found it a major headache to update the ports from the initial 3.9 stable branch to current. The problem stemmed from trying to build updated ports and having to manually pkg_delete all of my previously installed software and rebuild from scratch. It seemed rather silly to me to manually tear my entire system down for updates when I could be better using the system to test the installed applications. Thinking about how a lot of developers use OpenBSD as their main system (and presuming that they are not mixing stable with current) I feel there must be a more efficient way of updating the installed packages/ports. It seems that this type of updating would be a tremendous time sink for those actually doing the hard work. Would anyone care to share their tips on keeping their own machines current without having to uninstall/reinstall every time they update? Updated packages can always be found on the mirrors, under /pub/OpenBSD/snapshots/packages/myarch. While this always lags behind the ports tree a little, it's usually sufficient; in rare cases (security problems?), you want to get a port ASAP and will have to compile it yourself. This is the exception, though. Joachim
Re: OpenBSD AJAX
On Tue, Oct 24, 2006 at 09:49:33PM -0500, Sam Fourman Jr. wrote: Thank you all for the input this is GREAT I have always liked Procedural languages as well as compiled languages, I tend not to like runtimes. One of the Major reasons for FINALLY ditching Windows, cold turkey and switching to OpenBSD, was I felt that Windows in general made it hard to code in C, and i didn't see that changing, with the new whizzbang WinFX .NET mess. that said, is it not a wise decision to develop a large AJAX / PostgreSQL application (For a government client), where the code base will be around for a certain 15 years(the current application is FoxPro 2.6 1991 Runtime) Security is Paramount(hence the OpenBSD over Rhat Choice for the Operating System, and PostgreSQL over MySQL for the database) it would seem to me that C is PostgreSQL's Native language and OpenBSD developers prefer C the uphill battle may be worth it. I am Searching the Internet for a Basic Hello World Ajax sample written in C if anyone has one laying around please reply to this post C is not the language commonly used for web applications. While this shouldn't be taken to mean that C cannot be used in such a role, you would deprive yourself of a lot of useful work done in other environments. For instance, PHP, despite its downsides, does have a large number of libraries and pre-made scripts that are very useful when writing a web application. Other scripting languages (Perl, Python, Ruby) have similar support, but without as many security issues. If you are building something that should work in 15 years, though, C may not be the worst choice. PHP breaks compatability quite often, and Perl 6 is also likely to break things in interesting ways. I wouldn't know about Python or Ruby, but C has been around for a long time and it's highly likely that a well-written C app will still compile on OpenBSD 5.5. Some adapting to newer versions of external libraries is likely to be required, though. Others with more experience in this particular arena might be willing to suggest alternatives - Java, perhaps? However, it's probably better to get someone to do some maintenance in the interval and just using a scripting language with web libraries. Using C, while very much possible, would be a painful way to learn. Joachim
Re: openbsd cd resellers in asia?
hello, this seems to be a problem for me too, i am from cebu, philippines and the website you've provided is not responding, maybe you can try Linux Systems Labs Australia Pty. Ltd., their website is http://www.lsl.com.au, its not in asia but it is nearer. i'll try this myself later. hth, ymc - Original Message - From: Jay Jesus Amorin [EMAIL PROTECTED] To: misc@openbsd.org Sent: Wednesday, October 25, 2006 4:20 PM Subject: openbsd cd resellers in asia? hi, im from the Philippines and i would like to order a openbsd 4.0 cd, does anyone in here can help where in asia can i order the said openbsd stuff? the http://www.genesis.com.hk which openbsd.org said where i can purchase in asia seems not responding. :( thanks --jay--
OpenBSD 4.0 arrived in The Netherlands!
Hello everyone, Five minutes ago my OpenBSD 4.0 cds, the three disks of freedom, have arrived here in The Netherlands! Many thanks to Wim Vandeputte and off course the OpenBSD team. Frank
Re: OpenBSD AJAX
On 10/25/06, ropers [EMAIL PROTECTED] wrote: Ryan, Joachim (, others): You mentioned that you dislike PHP. I would be curious to learn your reasons for this. I'm not trying to instigate religious wars or the like, it's just that my programming skills are mostly nonexistant coughGW BASIC shell scripts/cough and I'm thinking of properly learning PHP, kind of as an evolutionary step, up from XHTML. Should a coding n00b like myself avoid PHP like the plague, or do your reasons only come into play once a certain level of programming proficiency is attained? run like hell, this stuff is cursed. not that you wouldn't be able to write (more or less) correct code, but once you have to work in a team, there's a 90% chance it is dominated by braindead code monkeys who work with php since The Early Days(tm) which means a) all-global vars b) not the faintest idea of object orientation c) nor sense for code maintenance and d) really good stuff spaghetti style --knitti
Re: OpenBSD 4.0 arrived in The Netherlands!
On 10/25/06, Frank [EMAIL PROTECTED] wrote: Hello everyone, Five minutes ago my OpenBSD 4.0 cds, the three disks of freedom, have arrived here in The Netherlands! Many thanks to Wim Vandeputte and off course the OpenBSD team. Frank Got mine yesterday. Great system, great Asterix styling. Chris
Re: OpenBSD AJAX
On 10/25/06, knitti [EMAIL PROTECTED] wrote: [OT comment] sorry for this, it was off topic and slightly offensive --knitti
Re: OpenBSD AJAX
On 25/10/06, bofh [EMAIL PROTECTED] wrote: On 10/24/06, ropers [EMAIL PROTECTED] wrote: You mentioned that you dislike PHP. I would be curious to learn your reasons for this. If you look back at the history of PHP, it was created so that non-programmers can easily program. Well, if you want to see the results of a non-programmer writing scripts, go google Not Matt's Scripts and read the reason it was created. Then look again at the library of PHP scripts out there, and consider them in light of Not Matt's Scripts. It's prolly worth noting that both Matt's scripts and nms are written in Perl, not PHP. However, I still do take your point, which I understand to be a **general** point about the very concept of allowing non-programmers to easily churn out code, and the way that PHP facilitates that.
Re: OpenBSD AJAX
On 25/10/06, knitti [EMAIL PROTECTED] wrote: On 10/25/06, knitti [EMAIL PROTECTED] wrote: [OT comment] sorry for this, it was off topic and slightly offensive --knitti No offense taken; thanks for your input. :)
Re: openbsd cd resellers in asia?
TZ 2006Dj10TB25HU PGFZH} 16:20#,Jay Jesus Amorin [EMAIL PROTECTED]: hi, im from the Philippines and i would like to order a openbsd 4.0 cd, does anyone in here can help where in asia can i order the said openbsd stuff? the http://www.genesis.com.hk which openbsd.org said where i can purchase in asia seems not responding. :( thanks --jay-- I want to own the cd sets to. I'm in China mainland. :(
OT: Monitoring vpn tunnels on openbsd
hi all,
Actually we have five openbsd firewalls managed from a linux server
that acts a repository for firewall rules. Now we need to deploy vpn
tunnels between them and monitoring this tunnels.
My requeriments are:
- we need to know at what time clients connects to our infraestructure
- we need to know from which ip address (public) they connect.
- we need to deploy this using repository linux server that actually
works.
And my questions are:
- Can I assign ip's via dhcp on openbsd boxes to vpn clients?
- Which software do you recommends me to deploy this?
My openbsd boxes are 3.9 with carp configured.
Many thanks.
--
CL Martinez
carlopmart {at} gmail {d0t} com
Re: OpenBSD AJAX
On Wed, Oct 25, 2006 at 02:21:55PM +0200, ropers wrote:
On 25/10/06, bofh [EMAIL PROTECTED] wrote:
On 10/24/06, ropers [EMAIL PROTECTED] wrote:
You mentioned that you dislike PHP.
I would be curious to learn your reasons for this.
If you look back at the history of PHP, it was created so that
non-programmers can easily program. Well, if you want to see the results
of a non-programmer writing scripts, go google Not Matt's Scripts and
read
the reason it was created. Then look again at the library of PHP scripts
out there, and consider them in light of Not Matt's Scripts.
It's prolly worth noting that both Matt's scripts and nms are written
in Perl, not PHP.
However, I still do take your point, which I understand to be a
**general** point about the very concept of allowing non-programmers
to easily churn out code, and the way that PHP facilitates that.
That's partly true, but if PHP actually tried to make it hard to write
insecure scripts, one could get somewhere.
Just a half-baked thought, but escaping any non-constant expression
(i.e., actual variable, not fixed string) passed to the browser or a
database would go a long way toward solving most problems.
That is,
$hello = Hello World;
echo Hello World , $hello;
could produce
Hello World lt;Hello Worldgt;
And
do_query('select var1, var2 from mydb where id = ' . $my_id);
would not be as dangerous as it is now.
Of course, this is an ugly hack [1]. But a hack that would make my life
quite a bit easier.
Joachim
[1] The first example is not that bad, treating constants and variables
differently is just one sin; the interesting part is figuring out a sane
way to do the latter.
Re: OpenBSD AJAX
On 10/25/06, ropers [EMAIL PROTECTED] wrote: On 25/10/06, bofh [EMAIL PROTECTED] wrote: If you look back at the history of PHP, it was created so that non-programmers can easily program. Well, if you want to see the results of a non-programmer writing scripts, go google Not Matt's Scripts and read the reason it was created. Then look again at the library of PHP scripts out there, and consider them in light of Not Matt's Scripts. It's prolly worth noting that both Matt's scripts and nms are written in Perl, not PHP. However, I still do take your point, which I understand to be a **general** point about the very concept of allowing non-programmers to easily churn out code, and the way that PHP facilitates that. It's not so much that non-programmers can easily churn out code, but that non-programmers can easily churn out incorrect code, but one that works. You also learn bad habits, much to knitti's point. For experienced programmers, who know where are the holes, and how to recognize them, it's useful. For new programmers, where you have to learn to program *correctly* as well as having something that works, something else like python or ruby is much much better. Just my opinion.
Re: NOD32 Antivirus and OpenBSD?
hmm, on Tue, Oct 24, 2006 at 02:41:11AM -0300, Leonardo Rodrigues said that I'm thinking on purchasing this NOD32 anti-virus solution from ESET.COM and use it here at work. I really want to use it with nod is a breeze to install and maintain, i've installed a couple of linux versions in the past. some 2-3 years ago they had an official openbsd version. 3.4 - 3.6-ish times if i remember correctly. but this is the niche of niche markets, i don't think they have sold a single copy, why maintain the codebase? quite possibly the linux and/or freebsd version would run nicely in binary emulation, but that is never recommended in production environment, losing support is not fun at all. -f -- sex is not the answer. sex is the question. yes is the answer.
Re: Automating updates question
On Tue, Oct 24, 2006 at 07:26:24PM -0600, Michael Osburn wrote: While I fully realize that installing from ports is not the accepted process for anyone except for developers, I wish to start helping out in any way I can; though, being a low-skilled OpenBSD programmer tends to hurt more then help. I started looking at using my spare machine (it only plays music to the stereo and has a lot of unused cycles) to help test snapshots and new ports. After bringing the base system to current, I found it a major headache to update the ports from the initial 3.9 stable branch to current. The problem stemmed from trying to build updated ports and having to manually pkg_delete all of my previously installed software and rebuild from scratch. It seemed rather silly to me to manually tear my entire system down for updates when I could be better using the system to test the installed applications. Thinking about how a lot of developers use OpenBSD as their main system (and presuming that they are not mixing stable with current) I feel there must be a more efficient way of updating the installed packages/ports. It seems that this type of updating would be a tremendous time sink for those actually doing the hard work. Would anyone care to share their tips on keeping their own machines current without having to uninstall/reinstall every time they update? Updated packages can always be found on the mirrors, under /pub/OpenBSD/snapshots/packages/myarch. While this always lags behind the ports tree a little, it's usually sufficient; in rare cases (security problems?), you want to get a port ASAP and will have to compile it yourself. This is the exception, though. Joachim I should clarify the issue a bit. What I would like to do is start doing build testing or the ports tree to assist the developers with finging build errors as well as run tim errors. I have been running pkg_add -ui via a cron script on my laptop to keep that atleast snapshop current but I would like know if their is some thing that I set to be able to help with build errors esp with flavors of the ports. Packages work wonderfully on my test laptop I am just hoping to find a way to help test as best as possiable while I get my programming skills up to an OpenBSD passable level and help port new applications. An example of what I am looking for in OpenBSD is FreeBSD's portupgrade command that only rebulids the out of date ports with the tree sync'd via cvs. I do understand that there will be times that I will need to rebuild everything this way (gettext upgrades for an example) but I would prefer not to have to do this on a daily basis, say rebuild the few ports that change every day with commits. The ports@ list gets alot of requests for testing new diffs on a daily basis and I am wanting to help as much as possiable. Thanks Michael
4.0 OK in MO
Arrived Monday here in St. Louis - GREAT PACKAGING! Also the 'how to' booklet is quite a nice departure from the standard 'attitude' here on the forums. Let's not forget to remind everyone to get at least one T-Shirt so there's extra padding. Lee Leland V. Lammert[EMAIL PROTECTED] Chief Scientist Omnitec Corporation Network/Internet Consultants www.omnitec.net
Re: NOD32 Antivirus and OpenBSD?
Leonardo Rodrigues wrote: with NOD32 and OpenBSD? Or another really good antivirus that I may consider? Hello, I don't know how good it is, but f-prot has bsd version that used to work on openbsd. http://www.f-prot.com/support/helpfiles/unix/workstation/index.html May be you want to have a look at it. Kind regards, Didier
Re: OpenBSD AJAX
On Tue, 24 Oct 2006, Sam Fourman Jr. wrote: Thank you all for the input this is GREAT it would seem to me that C is PostgreSQL's Native language and OpenBSD developers prefer C the uphill battle may be worth it. You might want to contact the developers of Tibet - they presented on more than one occasion at our Web Developers group, .. and they have a much longer history (arguably the 'first' AJAX toolset). Might have some suggestions for your project, .. I *know* they have some AJAX JS code you can use that is much more robust than most other current AJAX tools. The chap that presented here in 2002 was William Edney, .. Lee Leland V. Lammert[EMAIL PROTECTED] Chief Scientist Omnitec Corporation Network/Internet Consultants www.omnitec.net
periodic scripts umask
Hi. Since the addition of umask 077; in root's crontab for periodic scripts, everything is now run with this umask (obviously), including the *.local scripts which can be a problem for some. This diff should bring back the old behaviour while maintaining a 077 umask for the output log. Of course one could add umask 022 in it's *.local script, but having it as a default seems better. -- Antoine Jacoutot Observatoire de Paris SIO - Centre de calcul (Bat 15) 5, Place Jules Janssen 92195 Meudon Cedex Tel : +33 (0)1.45.07.71.95 Index: daily === RCS file: /cvs/src/etc/daily,v retrieving revision 1.55 diff -u -r1.55 daily --- daily 4 Oct 2006 17:46:34 - 1.55 +++ daily 25 Oct 2006 13:57:40 - @@ -3,6 +3,8 @@ # $OpenBSD: daily,v 1.55 2006/10/04 17:46:34 deraadt Exp $ # From: @(#)daily 8.2 (Berkeley) 1/25/94 # +umask 022 + PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin bak=/var/backups Index: monthly === RCS file: /cvs/src/etc/monthly,v retrieving revision 1.6 diff -u -r1.6 monthly --- monthly 12 Nov 2005 16:14:37 - 1.6 +++ monthly 25 Oct 2006 13:57:40 - @@ -1,5 +1,6 @@ #!/bin/sh - # $OpenBSD: monthly,v 1.6 2005/11/12 16:14:37 jmc Exp $ +umask 022 if [ -f /etc/monthly.local ];then echo Index: weekly === RCS file: /cvs/src/etc/weekly,v retrieving revision 1.17 diff -u -r1.17 weekly --- weekly 6 Oct 2006 04:50:31 - 1.17 +++ weekly 25 Oct 2006 13:57:40 - @@ -2,6 +2,7 @@ # # $OpenBSD: weekly,v 1.17 2006/10/06 04:50:31 hugh Exp $ # +umask 022 PATH=/bin:/sbin:/usr/sbin:/usr/bin:/usr/libexec export PATH
Re: OpenBSD AJAX
On 10/25/06, Joachim Schipper [EMAIL PROTECTED] wrote: ... Just a half-baked thought, but escaping any non-constant expression (i.e., actual variable, not fixed string) passed to the browser or a database would go a long way toward solving most problems. That would only work if: a) it's unambiguous how the string will be used, so that the the correct quoting/encoding rules can be selected, and b) you never need nested encodings. ... $hello = Hello World; echo Hello World , $hello; could produce Hello World lt;Hello Worldgt; So what would this ouput? echo a href=\/cgi/foo?, $hello, \, $hello, /a ...and if the answer is a href=/cgi/foo?%3CHello%32World%3Elt;Hello Worldgt;/a then try this: echo a href=\/cgi/foo?, $hello, \http://server/cgi/foo?;, $hello, /a and think about what the goal of that is... Philip Guenther
altq not working properly openbsd 3.8
Helo list,
Im using similar ( diffrence in bandwidth ) altq configuration in pf on my
fw boxes.On one obsd3.9 it's working fine on second obsd3.8 altq does not
work properly ( it assgin any traffic only to default queue ) My setup is as
follow:
lan-- [obsd3.8] - [obs3.9]sdsl
|
adsl
obsd3.9 :
...
altq on $if_adsl priq bandwidth 496Kb queue { ftp_adsl, ssh_vienna,
std_adsl, mail_adsl, icmp, ack_adsl }
altq on $if_sdsl priq bandwidth 1984Kb queue { ftp_sdsl, std_sdsl,
im_ssh_out, icmp, ack_sdsl }
queue ftp_adsl priority 0
queue ssh_vienna priority 1
queue std_adsl priority 2 priq(default)
queue mail_adsl priority 6
queue ftp_sdsl priority 0
queue std_sdsl priority 1 priq(default)
queue im_ssh_out priority 8 priq(red)
queue icmp priority 10
queue ack_adsl priority 15
queue ack_sdsl priority 15
#rules for outgoining connections
pass out quick on $if_sdsl proto tcp from any to any port $ssh flags S/SA
keep state queue (im_ssh_out, ack_sdsl)
pass out quick on $if_sdsl proto tcp from any to any port $serv_sdsl flags
S/SA keep state queue (std_sdsl, ack_sdsl) label aim/https/gg: $nr
pass out on $if_sdsl proto tcp from any to any flags S/SA keep state queue
(std_sdsl, ack_sdsl)
pass out quick on $if_adsl proto tcp from any to any port $ftp flags S/SA
keep state queue (ftp_adsl, ack_adsl)
pass out quick on $if_adsl proto tcp from any to any port $mail flags S/SA
keep state queue (mail_adsl, ack_adsl)
pass out on $if_adsl proto tcp from any to any flags S/SA keep state queue
(std_adsl, ack_adsl)
pass out on { $if_adsl, $if_sdsl } proto { udp, icmp } from any to any keep
state
$sudo pfctl -vsq
queue ftp_adsl priority 0
[ pkts: 92 bytes: 7195 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue ssh_in
[ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue std_adsl priority 2 priq( default )
[ pkts: 15501 bytes:2569793 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue mail_adsl priority 6
[ pkts:979 bytes:1235023 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue ftp_sdsl priority 0
[ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue std_sdsl priq( default )
[ pkts: 6183 bytes:4418834 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue im_ssh_out priority 8 priq( red )
[ pkts: 47 bytes: 6874 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue icmp priority 10
[ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue icmp priority 10
[ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue ack_adsl priority 15
[ pkts: 60398 bytes:2892252 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue ack_sdsl priority 15
[ pkts: 2032 bytes: 124540 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
---
obsd 3.8
i put out outgoing bandwidth as a sum of adsl and sdsl line
ssh ={ 22, 443 }
www = 80
.
altq on $if_ext bandwidth 2570Kb priq queue { std, web, secure, tcp_ack }
queue std priority 1 priq(default)
queue web priority 6
queue secure priority 8
queue tcp_ack priority 15
...
#allow for any traffic from external interfaces tcp
pass out quick on $if_ext proto tcp from any to any port $ssh flags S/SA
keep state queue (secure, tcp_ack)
pass out quick on $if_ext proto tcp from any to any port $www flags S/SA
keep state queue (web, tcp_ack)
pass out on $if_ext proto tcp all keep state queue (std, tcp_ack)
$sudo pfctl -vsq
queue std priq( default )
[ pkts: 2601 bytes: 316940 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue web priority 6
[ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue secure priority 8
[ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
queue tcp_ack priority 15
[ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0
]
[ qlength: 0/ 50 ]
And whatever i would do it assign traffic to default queue , i also tried
to comment out
pass out on $if_ext proto tcp all keep state queue (std, tcp_ack) line
but it did not force to use diffren queue for web and ssh traffic
Perhaps one of You were using such setup or had similar issues and would
like to share with experience.
Thanks in advance
Jacek
[OT] Is he on the way of becoming an OpenBSD developer?
Since apparently all developers are humppa lovers I was wondering what I'm into with my soon to be three year old son. http://niesens.com/tmp/Humppa.3g2 I know the newest QuickTime and RealPlayer play the video. Unfortunately I only had my phone available to capture the moment and haven't found a way to successfully convert the video format. Sorry BTW, I got the CDs a couple days ago. They look great as always. Thanks, Claus
OT Apache reverse proxy to ROR Mongrel app
Hi all, I am running 3.9 sparc64 release with apache configured as a reverse proxy back to a Ruby on Rails app running Mongrel as the web server (also 3.9 sparc64 release). I keep getting the following message : |Proxy Error The proxy server received an invalid response from an upstream server. The proxy server could not handle the request GET If I use PF on the front server to direct traffic to the application, bypassing the proxy everything works fine. This seems to be an issue with apache and some workarounds seem to exist for 2.x. Have there been any changes to 4.0 release version of Apache that may help this ? Any other thoughts ? Thanks, Steve |
Whatever happened to the 64bit SH-5 dsign? Was: anyone know where I can get an IO-DATA USL-5P in the United States?
While perusing the Renesas SuperH Roadmap web page this morning I noticed the SH-5 is no longer included. Does any one know what happened to this CPU? Did Renesas not get it out of the Hitachi deal? thanks diana
dhclient does not get lease after reboot
Hello, I have a nagging problem that has plauged my openbsd systems for YEARS. Picture this, openbsd firewall three interfaces. xl0 is the outside interface which is connected to an business class road runner cable modem connection. I can do dhclient xl0 at the console and grab an lease just fine from the cable modem. NOW, if I reboot the machine it will not get an lease. I have to manually do it from the console. The firewall/router machine is 3.9 at the moment but I have had this problem ever since 2.7. It isn't THAT big of a deal since the machine rarely needs rebooting but it sure can be annoying when there is a power outtage. # more /etc/hostname.xl0---outside interface connected to cable modem dhcp # more /etc/hostname.xl1 inet 192.168.1.1 255.255.255.0 192.168.1.255 description Inside Interface # more /etc/hostname.xl2 inet 192.168.3.1 255.255.255.0 192.168.3.255 description DMZ Interface /etc/dhclient.conf file exists and all values are commented out so we are using defaults! When the daemon is running after starting it at console it gladly accepts a lease from the modem, My /var/log/daemon shows many of these Oct 24 13:42:41 imelda dhclient[25525]: DHCPACK from 10.58.224.1 Oct 24 21:37:15 imelda dhclient[25525]: DHCPREQUEST on xl0 to 10.58.224.1 port 67 When the machine reboots I have to kill the current dhclient then start another one. I am also running dhcpd on the firewall server. The dhcpd daemon is offering leases to two other interfaces but not to the outside interface (xl0) obviously. Does anyone have any ideas? Thanks. Matt
Re: openbsd cd resellers in asia?
I want to own the cd sets to. I'm in China mainland. :( Have you tried the UK-based CheepLinux.com? Here's their shipping rates to China for OpenBSD 4.0: 1st Class shipping to CN : 0.15 Kg = $6.00 Direct link: http://www.cheeplinux.com/product_info.php?currency=USDproducts_id=530 Note that the shown prices are with the British VAT: GBP 29.99, EUR 44.40, US$ 55.75. For shipments outside the E.U. (is P. R. China outside the E.u.? :-)), you will have this, after having created an acct with them: GBP 25.52, EUR 37.78, US $47.44. Add US$ 6 for reaching China. They expect to receive OpenBSD 4.0 around Oct. 27, so this is a preorder only. R. - The best gets better. See why everyone is raving about the All-new Yahoo! Mail.
Re: OpenBSD AJAX
On Wed, 25 Oct 2006, Darrin Chandler wrote: Strange, but there doesn't seem to be any code, downloads, or anything at http://www.technicalpursuit.com/ (the developers of Tibet) or anywhere else I can find. I see some blogs talking about how great Tibet is (with no examples), with comments by confused people trying to find out actual information. Is this vapor? Definately not vapor ware, .. I don't remember how they position their s/w in the marketplace, however, .. (i.e. OS vs. commercial versions). Lee Leland V. Lammert[EMAIL PROTECTED] Chief Scientist Omnitec Corporation Network/Internet Consultants www.omnitec.net
nfs failover in openbsd
Earlier on the list there have been discussions on setting up failover solutions with carp. I think most people agree that carp does a wonderful job. However there seems to be problems with nfs servers that needs a little bit more work. I can find information about nfsv4 and syncing files with rsync. But no followups saying that it actually works and how it should be done. Is it possible to get it up and work proberly in OpenBSD? I have seen some linux solutions but they look really ugly.
Re: Whatever happened to the 64bit SH-5 dsign? Was: anyone know where I can get an IO-DATA USL-5P in the United States?
While perusing the Renesas SuperH Roadmap web page this morning I noticed the SH-5 is no longer included. Does any one know what happened to this CPU? Did Renesas not get it out of the Hitachi deal? SH-5 is pretty much confidential, if not dead. When it was still in the design stage, it was supposed to be produced and used in America, Europe and Asia, but Hitachi changed its mind and decided it would be for the asian market only. Aside from the SH-5 evaluation boards, it was supposed to be used in some DVD players, and I don't even know if these products came to life. Basically the target applications for this kind of cpu do not really need a 64 bit cpu, and the ``SHMedia'' instruction set did not get popular enough for SH-3e or SH-4 based designs to switch over to SH-5. Miod
Re: dhclient does not get lease after reboot
On Wed, 25 Oct 2006, Matt Bettinger wrote: Hello, I have a nagging problem that has plauged my openbsd systems for YEARS. Picture this, openbsd firewall three interfaces. xl0 is the outside interface which is connected to an business class road runner cable modem connection. I can do dhclient xl0 at the console and grab an lease just fine from the cable modem. NOW, if I reboot the machine it will not get an lease. I have to manually do it from the console. The firewall/router machine is 3.9 at the moment but I have had this problem ever since 2.7. It isn't THAT big of a deal since the machine rarely needs rebooting but it sure can be annoying when there is a power outtage. # more /etc/hostname.xl0---outside interface connected to cable modem dhcp # more /etc/hostname.xl1 inet 192.168.1.1 255.255.255.0 192.168.1.255 description Inside Interface # more /etc/hostname.xl2 inet 192.168.3.1 255.255.255.0 192.168.3.255 description DMZ Interface /etc/dhclient.conf file exists and all values are commented out so we are using defaults! When the daemon is running after starting it at console it gladly accepts a lease from the modem, My /var/log/daemon shows many of these Oct 24 13:42:41 imelda dhclient[25525]: DHCPACK from 10.58.224.1 Oct 24 21:37:15 imelda dhclient[25525]: DHCPREQUEST on xl0 to 10.58.224.1 port 67 When the machine reboots I have to kill the current dhclient then start another one. I am also running dhcpd on the firewall server. The dhcpd daemon is offering leases to two other interfaces but not to the outside interface (xl0) obviously. Does anyone have any ideas? What does /var/log/daemon say before you kill the original dhclient? It should log what it is doing... Also, the console log lists what dhclient is doing. Without that info, it is hard to tell what is going on. The machines I use that have an adsl connection happily use dhclient... -Otto
Re: dhclient does not get lease after reboot
On Wed, Oct 25, 2006 at 10:26:38AM -0500, Matt Bettinger wrote: snip # more /etc/hostname.xl0---outside interface connected to cable modem dhcp The only difference I have is this: fw# cat hostname.xl0 dhcp NONE NONE NONE Not sure if this is your problem but mine always get a lease. -- Terry http://tyson.homeunix.org
Re: dhclient does not get lease after reboot
On 10/25/06, Matt Bettinger [EMAIL PROTECTED] wrote: I can do dhclient xl0 at the console and grab an lease just fine from the cable modem. NOW, if I reboot the machine it will not get an lease. I have to manually do it from the console. The # more /etc/hostname.xl0---outside interface connected to cable modem # more /etc/hostname.xl1 # more /etc/hostname.xl2 /etc/dhclient.conf file exists and all values are commented out so we My /var/log/daemon shows many of these Matt what about: sh -x /etc/netstart xl0 ?
Re: Whatever happened to the 64bit SH-5 dsign?
On Wed, 25 Oct 2006, Miod Vallat wrote: SH-5 is pretty much confidential, if not dead. When it was still in the design stage, it was supposed to be produced and used in America, Europe and Asia, but Hitachi changed its mind and decided it would be for the asian market only. Aside from the SH-5 evaluation boards, it was supposed to be used in some DVD players, and I don't even know if these products came to life. Basically the target applications for this kind of cpu do not really need a 64 bit cpu, and the ``SHMedia'' instruction set did not get popular enough for SH-3e or SH-4 based designs to switch over to SH-5. Miod thanks for the quick reply. It sure looked like an interesting design, sounds like Hitachi decided to keep it for themselves. On another note, where can I find a snapshot to load on my Plextor? diana
Re: dhclient does not get lease after reboot
On 10/25/06, Jeff Quast [EMAIL PROTECTED] wrote: On 10/25/06, Matt Bettinger [EMAIL PROTECTED] wrote: I can do dhclient xl0 at the console and grab an lease just fine from the cable modem. NOW, if I reboot the machine it will not get an lease. I have to manually do it from the console. The # more /etc/hostname.xl0---outside interface connected to cable modem # more /etc/hostname.xl1 # more /etc/hostname.xl2 /etc/dhclient.conf file exists and all values are commented out so we My /var/log/daemon shows many of these Matt what about: sh -x /etc/netstart xl0 ? imelda# sh -x /etc/netstart xl0 + . /etc/rc.conf + routed_flags=NO + mrouted_flags=NO + ospfd_flags=NO + bgpd_flags=NO + rarpd_flags=NO + bootparamd_flags=NO + rbootd_flags=NO + sshd_flags= + named_flags=NO + rdate_flags=NO + timed_flags=NO + ntpd_flags=NO + isakmpd_flags= + mopd_flags=NO + apmd_flags=NO + acpid_flags=NO + dhcpd_flags= + rtadvd_flags=NO + route6d_flags=NO + rtsold_flags=NO + lpd_flags=NO + sensorsd_flags=NO + hotplugd_flags=NO + watchdogd_flags=NO + ftpproxy_flags= + httpd_flags=NO + sendmail_flags=-L sm-mta -C/etc/mail/localhost.cf -bd -q30m + spamd_flags= + spamd_grey=NO + spamlogd_flags= + ftpd_flags=NO + identd_flags=NO + xdm_flags=NO + wsmoused_flags=NO + rwhod=NO + nfs_server=NO + lockd=NO + amd=NO + pf=YES + portmap=NO + inetd=YES + check_quotas=YES + krb5_master_kdc=NO + krb5_slave_kdc=NO + afs=NO + multicast_host=NO + multicast_router=NO + savecore_flags= + ypserv_flags= + yppasswdd_flags=NO + nfsd_flags=-tun 4 + amd_dir=/tmp_mnt + amd_master=/etc/amd/master + syslogd_flags= + pf_rules=/etc/pf.dmz + pflogd_flags= + afsd_flags= + shlib_dirs= + local_rcconf=/etc/rc.conf.local + [ -f /etc/rc.conf.local ] + . /etc/rc.conf.local + ftpproxy_flags= + [ xl0x = autobootx ] + [ 1 -gt 0 ] + [ 1 -gt 0 ] + [ -f /etc/bridgename.xl0 ] + ifstart xl0 DHCPREQUEST on xl0 to 255.255.255.255 port 67 DHCPACK from 10.58.224.1 bound to 71.41.202.254 -- renewal in 29023 seconds. + shift + [ 0 -gt 0 ] + return #
Re: [OT] Is he on the way of becoming an OpenBSD developer?
Claus wrote: Since apparently all developers are humppa lovers I was wondering what I'm into with my soon to be three year old son. I think he real understood the meaning of blog and the lack of documentations and was just not understanding why so many on the list and in other projects don't get it. He was banging his head in desperation! (:
Re: OpenBSD AJAX
L. V. Lammert wrote: On Tue, 24 Oct 2006, Sam Fourman Jr. wrote: Thank you all for the input this is GREAT it would seem to me that C is PostgreSQL's Native language and OpenBSD developers prefer C the uphill battle may be worth it. You might want to contact the developers of Tibet - they presented on more than one occasion at our Web Developers group, .. and they have a much longer history (arguably the 'first' AJAX toolset). Might have some suggestions for your project, .. I *know* they have some AJAX JS code you can use that is much more robust than most other current AJAX tools. The chap that presented here in 2002 was William Edney, .. Strange, but there doesn't seem to be any code, downloads, or anything at http://www.technicalpursuit.com/ (the developers of Tibet) or anywhere else I can find. I see some blogs talking about how great Tibet is (with no examples), with comments by confused people trying to find out actual information. Is this vapor? -- Darrin Chandler| Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ |
Re: Whatever happened to the 64bit SH-5 dsign?
thanks for the quick reply. It sure looked like an interesting design, sounds like Hitachi decided to keep it for themselves. Well, Renesas owns the design, and licenses it. They just don't manufacture SH-5 processors. On another note, where can I find a snapshot to load on my Plextor? We have signed an NDA (Non Distribution Agreement) with Santa. Thus, we can't release anything until the agreement expires on december 26th. Miod
Re: OpenBSD AJAX
Joachim Schipper [EMAIL PROTECTED] wrote:
Performance is also not bad. A properly written FastCGI program in a
'fast' language like C should outperform mod_php, but there are not many
things that will
Yes, there are lots of things that will. A properly written fcgi app in
pretty much any language is faster than PHP. I think ruby might be slower,
or at least as slow as PHP, but perl and python are certainly faster.
the main requirements is that the whole site should work when handed
over to a commercial hoster,
Any decent hosting company can handle perl/python/etc. Wether it be in
the form of mod_${LANG} or fastcgi apps.
Adam
Re: I need help in interpreting some Docs
Joachim Schipper wrote: On Tue, Oct 24, 2006 at 03:17:05PM -0700, John Draper wrote: Hi, I'm posting this to both OpenBSD and Snort mailing lists. In reading through the snort documentation, in section 1.5 (Inline mode), they state the following... In order for Snort Inline to work properly, Download and compile the iptables code to include make install-devel. (http://www,iptables.org) Would I do the make install-devel from within the Snort's Source build system, or the iptables build system?. IPTables, if I read the docs correctly. Hmm - that's what I thought... wasn't sure. This will install the libipq library that allows snort Inline to interface with iptables. Also, you must build and install LibNet, which is available from www.packetfactory.net. Ok, all fine and well, but I'm using snort on an OpenBSD platform, which uses PF instead of iptables... I'm assuming that iptables is only for Linux, or does OpenBSD also use iptables? I didn't see any mention of it in either OpenBSD docs or Snort docs other then this, and as far as I can remember, iptables is used primarily with Linux, is that right? IPTables is for Linux, pf is for OpenBSD. That's what I thought. Would I follow the same installation procedures? or would I ditch this effort alltogether and write it off as something OpenBSD is not setup to do, or is there an alternative I can use with Snort? Snort-inline is written to work with IPTables. It might be possible to implement something similar for pf, although it would most likely require some patches; however, to the best of my knowledge, this has not been done yet. It would be possible to use Snort's response mechanism to put someone in a table, say badguys. pf can be configured to handle tables in many interesting ways. This is not real-time blocking, but might be close enough. I also posted this to the snort users list, [EMAIL PROTECTED], but (sigh) my postings are not making it to the list. Have they changed their list mailing address? I suppose I shouldn't ask that in this forum, but if anyone knows the snort mailing list address, and if it's different, then I need to know that. I haven't looked at Snort since 2003, and from reading the new docs, a lot of new features have been added, some of which I haven't come across yet. I'm basically setting up snort that if it sees a Priority one attack it executes a script or Binary file, well, actually it will instantiate a thread that does this in whatever scripting language I choose (Python) in my case. Easy DoS. I simplified this... of course it is... but was just giving an example. I Haven't read ALL the new stuff yet, but am ready to install any additional utilities, like Barnyard. Which I already have running. Barnyard doesn't have a lot to do with Snort-inline, really. I know, I'm still trying to figure it all out. Wish I could reach the snort community Can't seem to mail to their list after signing up. Is it possible to use Snort in normal NIDS mode, then when I get a higher priority attach, to switch to Inline mode? How fast can Snort switch from one mode to another? Also, is it possible to use Snort to look at a binary file and display contents via the ./snort -dvr option while snort is running? You cannot switch modes, that's just silly. Inline mode most likely does allow you to warn only, so that would take care of any need for running Snort in two modes. Ok, thanx for the info when I was playing with Snort, they didn't have this mode. Do you mean the log_tcpdump output module when you say 'binary file'? If so, use tcpdump. And yes, this can be done while Snort is running, although the file is most likely not complete, so you will be unable to see the last (couple of) packet(s). OK, right. Those questions are all answered in the documentation, really. Not worth bothering two lists with. If they can be answered in the documentation, then please point me to it... the snort docs have more then 150 files, most are not related with what I want to do, some are not titled with names indicitive of what they talk about, because I scanned each entry, and read 80% of them, and NO, I didn't find the answers to my questions by reading the docs. I think I'm only bothering ONE list. For some reason, my messages are not making it to the snort list. John
trouble setting up a freebsd program
greetings! i am a new user of openbsd, comming from freebsd. ive been spending all morning working on getting the freebsd compatibility to work with the freebsd netbackup client. here is where im at so far: # ldd /usr/openv/netbackup/bin/bpcd /usr/openv/netbackup/bin/bpcd: libkvm.so.2 = not found (0x0) libstdc++.so.3 = not found (0x0) libm.so.2 = not found (0x0) libc.so.4 = not found (0x0) # find / -name libkvm.so.2 -print /usr/local/emul/freebsd/usr/lib/libkvm.so.2 # find / -name libstdc++.so.3 -print /usr/local/emul/freebsd/usr/lib/libstdc++.so.3 # find / -name libm.so.2 -print /usr/local/emul/freebsd/usr/lib/libm.so.2 # find / -name libc.so.4 -print /usr/local/emul/freebsd/usr/lib/libc.so.4 as you can see, the bpcd binary required those 4 libraries, and thinks they are not on the system. find however, proves they are there. ive read the man page over and over, but i cant comprehend the proper way to use ldconfig to make the system recognize the freebsd libraries. btw, the netbackup client is a scripted install from the netbackup cd, and there are no options to change the destination install directory that i can see (other than manually moving it and updating /etc/inetd.conf i suppose). when a freebsd app is installed, does it need to be under /emul/freebsd, or can it work from wherever it is? can someone point me in the right direction here? thanks a million! jonathan
IP-IP with ipsecctl problem
Hi, I am trying to build IP-IP flows with the new ipsecctl tool. I have two OpenBSD 4.0 snapshots running in different vmware virtual machines, attached to the same network. Box 1 has the following configuration: fw_1 = 10.0.0.1/32 fw_2 = 10.0.0.2/32 flow ipip from $fw_1 to $fw_2 ipip from $fw_1 to $fw_2 spi 0x:0x1110 And Box 2: fw_1 = 10.0.0.1/32 fw_2 = 10.0.0.2/32 flow ipip from $fw_2 to $fw_1 ipip from $fw_2 to $fw_1 spi 0x1110:0x When I ping from either machine to the other having these flows/associations in place, I can see the following on the receiving end (using tcpdump): In Box 1 # ping 10.0.0.2 In Box 2 # tcpdump -ni pcn0 tcpdump: listening on pcn0, link-type EN10MB 17:44:01.570028 10.0.0.1 10.0.0.2: icmp: echo request (encap) 17:44:02.610017 10.0.0.1 10.0.0.2: icmp: echo request (encap) 17:44:03.590016 10.0.0.1 10.0.0.2: icmp: echo request (encap) 17:44:04.590479 10.0.0.1 10.0.0.2: icmp: echo request (encap) 17:44:05.610017 10.0.0.1 10.0.0.2: icmp: echo request (encap) And the reply is never sent from box 2. I've tried to set net.inet.ipip.allow to 1, but it's the same story. pf is disabled. I've also tried tcpdump on the enc0 interface (after bringing it up), but I don't see anything there either. I was succesful in setting up ipsecctl to use esp flows though. The thing is that I didn't find any examples using ipip with ipsecctl. Any clues? Thanks, Martmn.
Re: OpenBSD AJAX
On Wed, Oct 25, 2006 at 01:54:47PM -0400, Adam wrote:
Joachim Schipper [EMAIL PROTECTED] wrote:
Performance is also not bad. A properly written FastCGI program in a
'fast' language like C should outperform mod_php, but there are not many
things that will
Yes, there are lots of things that will. A properly written fcgi app in
pretty much any language is faster than PHP. I think ruby might be slower,
or at least as slow as PHP, but perl and python are certainly faster.
the main requirements is that the whole site should work when handed
over to a commercial hoster,
Any decent hosting company can handle perl/python/etc. Wether it be in
the form of mod_${LANG} or fastcgi apps.
Yes, but the cheapest offer only PHP. ;-)
But the real reason is that PHP is the most widely-used language; it's
quite a bit more likely that we can find someone who has written a PHP
script or two to replace me than pretty much anything else. Learning
a new language is a non-trivial time investment, after all.
This is the main reason. If it were just me, I'd write the pages in a
combination of C, Perl, and whatever language I'm toying with today, all
over FastCGI.
Joachim
Re: OpenBSD AJAX
On Wed, Oct 25, 2006 at 08:30:45AM -0600, Philip Guenther wrote: On 10/25/06, Joachim Schipper [EMAIL PROTECTED] wrote: ... Just a half-baked thought, but escaping any non-constant expression (i.e., actual variable, not fixed string) passed to the browser or a database would go a long way toward solving most problems. That would only work if: a) it's unambiguous how the string will be used, so that the the correct quoting/encoding rules can be selected, and b) you never need nested encodings. ... $hello = Hello World; echo Hello World , $hello; could produce Hello World lt;Hello Worldgt; So what would this ouput? echo a href=\/cgi/foo?, $hello, \, $hello, /a a href=/cgi/foo?lt;Hello Worldgt;lt;Hello Worldgt;/a, obviously, which doesn't work. The point is not so much that it is more convenient, although it may be, but that it fails in a way that is less likely to cause problems (this is a thoroughly broken link; a href=/cgi/goo?script language=Javascript alert(Y00 h4v3 b33n pwn3d!);/scriptHello World is far more dangerous). So, b) is solved by letting the programmer override the default; I don't see how a) is a problem, as this should be decided at echo() time. (This could be implemented as having echo call a 'printHTML' method on each argument, or somesuch.) ...and if the answer is a href=/cgi/foo?%3CHello%32World%3Elt;Hello Worldgt;/a then try this: echo a href=\/cgi/foo?, $hello, \http://server/cgi/foo?;, $hello, /a and think about what the goal of that is... No, trying to decide whether or not to URL-encode is far too much magic for my liking. For exactly this sort of reason, although this would actually work if watching for a tags. Not that I'm sure this is actually a good idea, but this would make it harder for non-programmers, and even for programmers, to make certain common errors. Joachim
Re: Automating updates question
On Wed, Oct 25, 2006 at 07:01:59AM -0700, [EMAIL PROTECTED] wrote: On Tue, Oct 24, 2006 at 07:26:24PM -0600, Michael Osburn wrote: While I fully realize that installing from ports is not the accepted process for anyone except for developers, I wish to start helping out in any way I can; though, being a low-skilled OpenBSD programmer tends to hurt more then help. I started looking at using my spare machine (it only plays music to the stereo and has a lot of unused cycles) to help test snapshots and new ports. After bringing the base system to current, I found it a major headache to update the ports from the initial 3.9 stable branch to current. The problem stemmed from trying to build updated ports and having to manually pkg_delete all of my previously installed software and rebuild from scratch. It seemed rather silly to me to manually tear my entire system down for updates when I could be better using the system to test the installed applications. Thinking about how a lot of developers use OpenBSD as their main system (and presuming that they are not mixing stable with current) I feel there must be a more efficient way of updating the installed packages/ports. It seems that this type of updating would be a tremendous time sink for those actually doing the hard work. Would anyone care to share their tips on keeping their own machines current without having to uninstall/reinstall every time they update? Updated packages can always be found on the mirrors, under /pub/OpenBSD/snapshots/packages/myarch. I should clarify the issue a bit. What I would like to do is start doing build testing or the ports tree to assist the developers with finging build errors as well as run tim errors. I have been running pkg_add -ui via a cron script on my laptop to keep that atleast snapshop current but I would like know if their is some thing that I set to be able to help with build errors esp with flavors of the ports. Packages work wonderfully on my test laptop I am just hoping to find a way to help test as best as possiable while I get my programming skills up to an OpenBSD passable level and help port new applications. An example of what I am looking for in OpenBSD is FreeBSD's portupgrade command that only rebulids the out of date ports with the tree sync'd via cvs. I do understand that there will be times that I will need to rebuild everything this way (gettext upgrades for an example) but I would prefer not to have to do this on a daily basis, say rebuild the few ports that change every day with commits. The ports@ list gets alot of requests for testing new diffs on a daily basis and I am wanting to help as much as possiable. You mean /usr/ports/infrastructure/out-of-date? ;-) However, that's not what *I* do. I update my ports tree every couple of weeks, and have a custom /usr/ports/mystuff containing new ports and copies of ports with patches from ports@ applied. I can then freely test-build these. Anything else gets pkg_add -ui'ed every now and then. Only tracking commits is too slow; you'll have to actually get some patches from ports@ and play with them if you want to be optimally useful. Joachim
Re: nfs failover in openbsd
On Wed, Oct 25, 2006 at 05:46:37PM +0200, Per-Erik Persson wrote: Earlier on the list there have been discussions on setting up failover solutions with carp. I think most people agree that carp does a wonderful job. However there seems to be problems with nfs servers that needs a little bit more work. I can find information about nfsv4 and syncing files with rsync. But no followups saying that it actually works and how it should be done. Is it possible to get it up and work proberly in OpenBSD? I have seen some linux solutions but they look really ugly. There is currently no NFSv4 support in OpenBSD, although a web search will turn up a patch and binary distribution. This should work, but it's still ugly. AFS has other downsides, but it should be able to do read-only replication. Joachim
Re: Whatever happened to the 64bit SH-5 dsign?
On Wed, 25 Oct 2006, Miod Vallat wrote: On another note, where can I find a snapshot to load on my Plextor? We have signed an NDA (Non Distribution Agreement) with Santa. Thus, we can't release anything until the agreement expires on december 26th. Miod Ahhh, crap, I'm so much more a Winter Solstice kind of person. Besides, Santa doesn't exist, you know? I did get into the serial console on my Plextor for the first time about 10 minutes ago. diana
Re: Automating updates question
On Wed, Oct 25, 2006 at 07:01:59AM -0700, [EMAIL PROTECTED] wrote: On Tue, Oct 24, 2006 at 07:26:24PM -0600, Michael Osburn wrote: While I fully realize that installing from ports is not the accepted process for anyone except for developers, I wish to start helping out in any way I can; though, being a low-skilled OpenBSD programmer tends to hurt more then help. I started looking at using my spare machine (it only plays music to the stereo and has a lot of unused cycles) to help test snapshots and new ports. After bringing the base system to current, I found it a major headache to update the ports from the initial 3.9 stable branch to current. The problem stemmed from trying to build updated ports and having to manually pkg_delete all of my previously installed software and rebuild from scratch. It seemed rather silly to me to manually tear my entire system down for updates when I could be better using the system to test the installed applications. Thinking about how a lot of developers use OpenBSD as their main system (and presuming that they are not mixing stable with current) I feel there must be a more efficient way of updating the installed packages/ports. It seems that this type of updating would be a tremendous time sink for those actually doing the hard work. Would anyone care to share their tips on keeping their own machines current without having to uninstall/reinstall every time they update? Updated packages can always be found on the mirrors, under /pub/OpenBSD/snapshots/packages/myarch. I should clarify the issue a bit. What I would like to do is start doing build testing or the ports tree to assist the developers with finging build errors as well as run tim errors. I have been running pkg_add -ui via a cron script on my laptop to keep that atleast snapshop current but I would like know if their is some thing that I set to be able to help with build errors esp with flavors of the ports. Packages work wonderfully on my test laptop I am just hoping to find a way to help test as best as possiable while I get my programming skills up to an OpenBSD passable level and help port new applications. An example of what I am looking for in OpenBSD is FreeBSD's portupgrade command that only rebulids the out of date ports with the tree sync'd via cvs. I do understand that there will be times that I will need to rebuild everything this way (gettext upgrades for an example) but I would prefer not to have to do this on a daily basis, say rebuild the few ports that change every day with commits. The ports@ list gets alot of requests for testing new diffs on a daily basis and I am wanting to help as much as possiable. You mean /usr/ports/infrastructure/out-of-date? ;-) However, that's not what *I* do. I update my ports tree every couple of weeks, and have a custom /usr/ports/mystuff containing new ports and copies of ports with patches from ports@ applied. I can then freely test-build these. Anything else gets pkg_add -ui'ed every now and then. Only tracking commits is too slow; you'll have to actually get some patches from ports@ and play with them if you want to be optimally useful. Joachim Thanks! This type of info was what I was looking for. Once I fall back into programming I want to be able to attempt new ports or work on some smaller ones with out really trashing my system in order to work on a few ports.Looking forward to setting this up when I get home and start helping as best as I can. Michael
Re: Whatever happened to the 64bit SH-5 dsign?
Ahhh, crap, I'm so much more a Winter Solstice kind of person. Besides, This is so has been. Smart people celebrate Agnostica those days. Santa doesn't exist, you know? That's what people told me, but since he used to spam my mailbox, he must exist somehow. Miod
Re: Whatever happened to the 64bit SH-5 dsign?
On Oct 25, 2006, at 2:09 PM, Miod Vallat wrote: Ahhh, crap, I'm so much more a Winter Solstice kind of person. Besides, This is so has been. Smart people celebrate Agnostica those days. I celebrate Sir Isaac Newton's Birthday. (12/25) -- Jack J. Woehr Director of Development Absolute Performance, Inc. [EMAIL PROTECTED] 303-443-7000 ext. 527
Re: OpenBSD AJAX
Sam Fourman Jr. wrote:
I am Searching the Internet for a Basic Hello World Ajax sample written
in C
if anyone has one laying around please reply to this post
Wanted simple/minimal hello world AJAX app using C ?
here it is...
/*
* C part
*/
#include stdio.h
int main(void)
{
printf(Content-type: text/html\n\n);
printf(Hello world);
return 0;
}
/*
* HTML/JS part
*/
html
script type=text/javascript
var say_hello = function() {
req = new XMLHttpRequest();
req.open(GET, '/cgi-bin/hello', true);
req.onreadystatechange = function() {
if (req.readyState == 4) {
if (req.status == 200)
alert(req.responseText)
}
}
req.send(null)
}
/script
input type=button value=Ask for hello... onClick=say_hello()
/html
OpenBSD Audio series other than bsdtalk ?
Hi all, Other than bsdtalk, NYCBUG and some rare one off taster programmes are there any recordings of talks about OpenBSD (OGG or MP3) available on the web ? Douglas
Re: Whatever happened to the 64bit SH-5 dsign?
On Wed, 25 Oct 2006, Miod Vallat wrote: Santa doesn't exist, you know? That's what people told me, but since he used to spam my mailbox, he must exist somehow. Yes, and we know that he suffers from erectile dysfunction... -d
Re: OpenBSD Audio series other than bsdtalk ?
On 10/25/06, Douglas Hunter [EMAIL PROTECTED] wrote: Other than bsdtalk, NYCBUG and some rare one off taster programmes are there any recordings of talks about OpenBSD (OGG or MP3) available on the web ? I'm really hoping someone recorded Theo's talk at the CUUG last night. I've seen the slides from a few presentations floating around, but audio to accompy them would be icing on the cake. -- Jon
Re: new LiveCD instructions for OpenBSD
Just an update to this: Kenny Mann ([EMAIL PROTECTED]) contacted be about www.openbsd-wiki.org he built and hosts. For one I'd like to thank him for doing this. Secondly I put my instructions there as well: http://openbsd-wiki.org/index.php/LiveCD Much easier to read than the old .txt description. Regards, ahb
Re: OpenBSD Audio series other than bsdtalk ?
Jon Simola wrote: On 10/25/06, Douglas Hunter [EMAIL PROTECTED] wrote: Other than bsdtalk, NYCBUG and some rare one off taster programmes are there any recordings of talks about OpenBSD (OGG or MP3) available on the web ? I'm really hoping someone recorded Theo's talk at the CUUG last night. I've seen the slides from a few presentations floating around, but audio to accompy them would be icing on the cake. If anyone has recorded any bsd related audio and wants to send it to me, I'd be glad to include it in bsdtalk. -- Will
Re: new LiveCD instructions for OpenBSD
On 25/10/06, Andreas Bihlmaier [EMAIL PROTECTED] wrote: Just an update to this: Kenny Mann ([EMAIL PROTECTED]) contacted be about www.openbsd-wiki.org he built and hosts. For one I'd like to thank him for doing this. I smell a user-maintained live and annotated HCL (hardware compatibility list). Secondly I put my instructions there as well: http://openbsd-wiki.org/index.php/LiveCD Much easier to read than the old .txt description. Superb. Forget John Romero; Andreas Bihlmaier has made me his biatch. ;o)
Re: Sun x2100 M2 DMESG weirdenn and remote access. OpenBSD 4.0
On Tue, Oct 24, 2006 at 11:11:43PM -0700, Pawel S. Veselov wrote: Daniel Ouellet wrote: stan wrote: That's actually not a given IFIRK Sun says the RAID on the 2100's is Windows only. Interesting! I didn't read that. Must have skip my reading then somehow. The choice are in the BIOS to enable it. I didn't buy two drives as it was for testing only, so I can't say if it would work or not for sure, or if it would be supported in OpenBSD or not. No clue. If there is feedback as to it should be supported, not only in Windows, and some are interested to know if it does or not, I could buy an other drive and try it. Not that I will need two drives for what this baby will be use in. So, what's the controller in x2100 ? In v65x it was a u320 aic79xx, Adaptec only provides Windows drivers for it, and is not so willing to share with the microcode needed to support built-in RAID. Someone also mentioned that enabling these kind of RAIDs is of little use, since they put almost the same strain on the CPU, making it run controller's microcode. Why Sun picks that kinda hardware for it's servers, is another kinda question But the controller manufacturers play evil here... Thanks, Pawel. Well, I just found about a half-dozen of these machines in the back room... It's not easy to get to, but the RAID controller is an NVidia nf4-ultra-n-a3; I didn't see any sort of EEPROM or SRAM chip to hold metadata. From what I've heard, there are only Windows drivers available. -Damian
Re: Modemsupport?
On Tue, Oct 24, 2006 at 08:23:06PM -0400, STeve Andre' wrote: On Tuesday 24 October 2006 19:47, Stuart Henderson wrote: On 2006/10/25 01:18, [EMAIL PROTECTED] wrote: I had a old Laptop and in my Dmesg was a Modemchip from VIA wich wasn`t supported. Now I do own a Thinkpad and I`ve a INTEL Modem-Chip wich isn`t supported either. Often they're no modem chip, just a telephone line interface to the sound codec, and the modulation/demodulation is done on the cpu. So does OpenBSD support any Modems except some via USB? Anything with a standard RS232 interface - puc(4), com(4) - and some USB (though other USB will not work). I have a cardbus modem that I've used for years. The relevant line in the dmesg data is pccom3 at pcmcia1 function 0 U.S. Robotics, XJ/CC1560, Megahertz 56kbps \ Modem port 0xa3f8/8: ns16550a, 16 byte fifo --STeve Andre' FWIW, I've got a bunch of cardbus modems like the one Steve mentioned. If anyone wants them and is going to be at NYCBSDCon this weekend I can bring 'em. -Damian
Re: OpenBSD AJAX
On Wed, Oct 25, 2006 at 02:43:21PM +1000, Damien Miller wrote: On Tue, 24 Oct 2006, Sam Fourman Jr. wrote: I am Searching the Internet for a Basic Hello World Ajax sample written in C if anyone has one laying around please reply to this post I think you would be nuts to write your web applications in C, unless you are a master with a good reason. -d I did that back in the mid-nineties. More than half of the code ends up being calls to string, memory and regex functions. -Damian
Re: Whatever happened to the 64bit SH-5 dsign?
On Thu, 26 Oct 2006, Damien Miller wrote: On Wed, 25 Oct 2006, Miod Vallat wrote: Santa doesn't exist, you know? That's what people told me, but since he used to spam my mailbox, he must exist somehow. Yes, and we know that he suffers from erectile dysfunction... -d Yes, that may very well be true, but he also has some incredibly great, can't miss stock tips. How else do you think I can afford to buy all this uber cool, geeky hardware that OpenBSD now runs on? diana
Re: OpenBSD AJAX
On Wed, Oct 25, 2006 at 03:06:36PM +0200, Joachim Schipper wrote:
[snip]
Just a half-baked thought, but escaping any non-constant expression
(i.e., actual variable, not fixed string) passed to the browser or a
database would go a long way toward solving most problems.
That is,
$hello = Hello World;
echo Hello World , $hello;
could produce
Hello World lt;Hello Worldgt;
And
do_query('select var1, var2 from mydb where id = ' . $my_id);
would not be as dangerous as it is now.
Of course, this is an ugly hack [1]. But a hack that would make my life
quite a bit easier.
Joachim
[1] The first example is not that bad, treating constants and variables
differently is just one sin; the interesting part is figuring out a sane
way to do the latter.
Or you could use DBI's bind parameters and not have to worry about the
issue.
My main problem with PHP is that it allows programmers to be extremely
sloppy and embed application logic into what would otherwise be an HTML
page. Using code to iterate through a list and display the values
contained within is fine, but I see a lot of people doing transactional
processing in PHP pages. This isn't unique to PHP, as JSPs tend to have
the same problems.
-Damian
Re: Whatever happened to the 64bit SH-5 dsign?
On Wed, Oct 25, 2006 at 02:28:22PM -0600, Jack J. Woehr wrote: On Oct 25, 2006, at 2:09 PM, Miod Vallat wrote: Ahhh, crap, I'm so much more a Winter Solstice kind of person. Besides, This is so has been. Smart people celebrate Agnostica those days. I celebrate Sir Isaac Newton's Birthday. (12/25) -- Jack J. Woehr Director of Development Absolute Performance, Inc. [EMAIL PROTECTED] 303-443-7000 ext. 527 It's Festivus for the rest of us. -Damian
OpenBSD, sparc64, OpenVPN : log date formating.
Hello, It seems that i missed something when reading the man pages but i am clearly unable to get correct date within openvpn log file when produced directly by the daemon without syslog interaction. Here is a small extract from my test machine : sparcstation ultra5, openbsd 3.9 generic, openvpn package from official repository... The following lines were produced a few minutes ago : Thu Jan 1 01:00:00 1970 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Thu Jan 1 01:00:00 1970 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Jan 1 01:00:00 1970 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Thu Jan 1 01:00:00 1970 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Jan 1 01:00:00 1970 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Does someone know what is the configuration command/control/etc i missed during my readings ? Thanks, Eric.
Re: Whatever happened to the 64bit SH-5 dsign? Was: anyone know where I can get an IO-DATA USL-5P in the United States?
On 10/25/06, Diana Eichert [EMAIL PROTECTED] wrote: While perusing the Renesas SuperH Roadmap web page this morning I noticed the SH-5 is no longer included. Does any one know what happened to this CPU? Did Renesas not get it out of the Hitachi deal? Not sure if this helps, but as per a friend at Renesas, most of the meaningful parts of SH5 were incorporated into SH-4A. The rest of the core isn't undergoing any development until someone decides they want a 64-bit ABI again. thanks diana
Re: Whatever happened to the 64bit SH-5 dsign?
On Wed, 25 Oct 2006, Bill Traynor wrote: Not sure if this helps, but as per a friend at Renesas, most of the meaningful parts of SH5 were incorporated into SH-4A. The rest of the core isn't undergoing any development until someone decides they want a 64-bit ABI again. Yeah, I was reading about the new and improved SH-4A.
Re: OpenBSD 4.0 arrived in The Netherlands!
They have now made it all the way to New Zealand - pre ordering is the best. On 10/26/06, Chris Smith [EMAIL PROTECTED] wrote: On 10/25/06, Frank [EMAIL PROTECTED] wrote: Hello everyone, Five minutes ago my OpenBSD 4.0 cds, the three disks of freedom, have arrived here in The Netherlands! Many thanks to Wim Vandeputte and off course the OpenBSD team. Frank Got mine yesterday. Great system, great Asterix styling. Chris
Re: dhclient does not get lease after reboot
On 10/25/06, Jeff Quast [EMAIL PROTECTED] wrote: On 10/25/06, Matt Bettinger [EMAIL PROTECTED] wrote: I can do dhclient xl0 at the console and grab an lease just fine from the cable modem. NOW, if I reboot the machine it will not get an lease. I have to manually do it from the console. The # more /etc/hostname.xl0---outside interface connected to cable modem # more /etc/hostname.xl1 # more /etc/hostname.xl2 /etc/dhclient.conf file exists and all values are commented out so we My /var/log/daemon shows many of these Matt what about: sh -x /etc/netstart xl0 ? I added a pause as suggested by Jason Dixon, and still cannot pick up a lease unless I do it manually. I'm really at a loss as what can be causing this and running out of places where I can check for the problem. Does anyone else have any suggestions? Thanks. -mb
Re: dhclient does not get lease after reboot
On 10/25/06, Matt Bettinger [EMAIL PROTECTED] wrote: On 10/25/06, Jeff Quast [EMAIL PROTECTED] wrote: On 10/25/06, Matt Bettinger [EMAIL PROTECTED] wrote: I can do dhclient xl0 at the console and grab an lease just fine from the cable modem. NOW, if I reboot the machine it will not get an lease. I have to manually do it from the console. The # more /etc/hostname.xl0---outside interface connected to cable modem # more /etc/hostname.xl1 # more /etc/hostname.xl2 /etc/dhclient.conf file exists and all values are commented out so we My /var/log/daemon shows many of these Matt what about: sh -x /etc/netstart xl0 ? I added a pause as suggested by Jason Dixon, and still cannot pick up a lease unless I do it manually. I'm really at a loss as what can be causing this and running out of places where I can check for the problem. Does anyone else have any suggestions? Thanks. -mb Lame workaround just added pkill dhclient ; dhclient xl0 and things bounce back up just fine. It still bothers me. I wonder if it has something to do with the old motorolla cable modem from rr.com. PCX100 model I believe. -mb
Re: dhclient does not get lease after reboot
I added a pause as suggested by Jason Dixon, and still cannot pick up a lease unless I do it manually. I'm really at a loss as what can be causing this and running out of places where I can check for the problem. Does anyone else have any suggestions? wildguess = YES perhaps it's something to do with a busted watchdog timer or something? What if you switch xl0 and xl1?
