dhcpd question
I'm building a firewall/router for a small private network. The external network interface uses dhclient. The internal interface will run dhcpd. Rather than hard-coding 'option domain-name-servers' in dhcpd.conf I'd like dhcpd to pass whatever nameservers were received by the dhclient running on the other interface. Is there a recommended way to accomplish this? Thanks in advance for any thoughts or advice. RPK.
Re: shell script (background ogg-stream dumping) - no such process
On Oct 27 07:56:51, Pawel S. Veselov wrote:
*Usually* (I know) it finishes OK, and the *ogg is a valid ogg stream.
In this failing case, it *also* is a valid ogg stream, but much
shorter than usual.
So I suppose the background nc dies before I try to kill it myself
(that is, after sleeping for $LENGTH seconds).
Since only happens infrequently, I'd start 'nc' under trace, and
preserve the trace file in the case when 'kill' has nothing to kill.
Trace file should show what 'nc' encountered on the network...
Thanks for the advice, Pawel - I did run nc(1) under ktrace(1), and
found that after (many) sucessfull calls of read(2), the next read(2)
call returns 0, upon which nc(1) exits.
As this is reading a streamed ogg, there are always more bytes
to be read - what are the possible reasons for read(2)ing on a socket
to return 0 (except EOF being read)? Can a network timeout cause this?
Thanks
Jan
#!/bin/sh
# A simple recorder of streaming internet radio.
# $1 is the station, $2 is length in seconds, $3 is the output file.
# If $3 is not given, it is invented from the station name and date.
# We suppose it's an ogg/mp3 FILE, reachable at a given PORT of a given HOST,
# which we HTTP GET. The response's HTTP header needs to be trimmed off.
# (FIXME: test for HTTP errors)
# Supported stations: add yours here
praha=http://amp1.cesnet.cz:8000/cro2.ogg;
vltava=http://amp1.cesnet.cz:8000/cro3.ogg;
#testfm=host.org:8000/some/path/script.cgi?stream:yes;file=name.ogg
#testfm=http://stream.rozhlas.cz:8000/cro2_low.mp3;
usage() {
echo usage : $0 station length [outfile] 21
echo stations: praha vltava 21
}
eval URL=\$$1
test -n $URL || { usage ; exit 1 ; }
test $# -ge 2 || { usage ; exit 1 ; }
NC=`which nc 2/dev/null`
test -x $NC || exit 1
STATION=${1}
SECONDS=${2}
OUTFILE=${3}
AUXFIFO=/tmp/radio.$$
NCTRACE=/tmp/radio.$$.nc
NCERROR=0
eval `echo $URL | sed \
-e s,^http://,HOST=', \
-e s,:,' ; PORT=', \
-e s,/,' ; FILE=', \
-e s,$,',`
test -n $OUTFILE || OUTFILE=$STATION-`date +%Y%m%d%H%M%S`.${FILE##*.}
test -e $OUTFILE { echo $OUTFILE already exists 2 ; exit 1 ; }
mkfifo $AUXFIFO || { echo Cannot create output stream $AUXFIFO 2; exit 1; }
sed -n -e '1,/^
/!p' $AUXFIFO $OUTFILE
{ echo GET /$FILE HTTP/1.0 ; echo ; } \
| $NC $HOST $PORT $AUXFIFO
PID=$!
ktrace -p $PID -f $NCTRACE || {
echo Cannot ktrace $PID ($NC) 2
NCERROR=1;
}
sleep $SECONDS
if ps -p $PID /dev/null 21 ; then
kill -9 $PID /dev/null 21
else
echo $NC ($PID) is already dead (see $NCTRACE) 2
NCERROR=1
fi
test $NCERROR -eq 0 rm -f $NCTRACE
rm -f $AUXFIFO
exit $NCERROR
Re: openbsd 4.0 snmpd core dumps with vlan interface number higher as 9
On 2006/12/14 10:44, [EMAIL PROTECTED] wrote: the core dump is here http://www.tbits.org/snmpd.core.gz first: if you built the port yourself, try running from a binary package to rule out compilation errors. if that doesn't help... this seems easily repeatable, so recompile the port with debugging (assuming the port honours CFLAGS: make clean; CFLAGS=-g make, then either reinstall or just run snmpd from the port build directory). get it to dump core then run 'gdb snmpd snmpd.core', type 'bt' which should display where in the source code the error occurred. by itself the core file is not very useful; the information from this backtrace is a lot better. if the output of that doesn't give sufficient clues to track it down yourself, send the output to the maintainer (run 'make show=MAINTAINER' in the port directory) along with more details about what you're running: which version of the port/package, machine arch, OpenBSD version - the last two are best satisfied by sending a dmesg. fwiw I have vlans numbered higher than 10 on OpenBSD/i386 boxes running snmpd with no problem. I don't recall trying it on any of my sparc64 or arm (strict alignment architectures where non- portable code is fairly likely to produce bus errors).
Re: openbsd 4.0 snmpd core dumps with vlan interface number higher as 9
i've this problem on a sparc64 ... :-| i'll try the debug ... thx Thomas On Thursday 14 December 2006 12:15, Stuart Henderson wrote: On 2006/12/14 10:44, [EMAIL PROTECTED] wrote: the core dump is here http://www.tbits.org/snmpd.core.gz first: if you built the port yourself, try running from a binary package to rule out compilation errors. if that doesn't help... this seems easily repeatable, so recompile the port with debugging (assuming the port honours CFLAGS: make clean; CFLAGS=-g make, then either reinstall or just run snmpd from the port build directory). get it to dump core then run 'gdb snmpd snmpd.core', type 'bt' which should display where in the source code the error occurred. by itself the core file is not very useful; the information from this backtrace is a lot better. if the output of that doesn't give sufficient clues to track it down yourself, send the output to the maintainer (run 'make show=MAINTAINER' in the port directory) along with more details about what you're running: which version of the port/package, machine arch, OpenBSD version - the last two are best satisfied by sending a dmesg. fwiw I have vlans numbered higher than 10 on OpenBSD/i386 boxes running snmpd with no problem. I don't recall trying it on any of my sparc64 or arm (strict alignment architectures where non- portable code is fairly likely to produce bus errors).
Re: openbsd 4.0 ralink problem low operation range
it seems nobody uses minipci ralink cards ... :-( On Tuesday 12 December 2006 13:27, Anis Kadri wrote: Same problem with minipci ral cards max distance: 5-8m. On 12/12/06, Clint Pachl [EMAIL PROTECTED] wrote: Sam Fourman Jr. wrote: I have a Linksys card that uses ral and I can confirm this Sam Fourman Jr. On 12/9/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi List, i've tried today openbsd 4.0 with several cards: rt2561t - PC-620C rt2560f - WMIR-103G rt2560f - GN-WIKG with all cards i got a connection (mediaopt ibss - adhoc) with a distance of some meters. but if i tried a distance of 150 meters with 2 yagi (12dbi) i got no connection :-(. i one test i've used a prism2 card on only the one site and a got a connection but the performance was very bad. with 2 prism cards it work fine. 2 prism - ok 1 prism and 1 ral - bad performance 2 ral - no connection has anyone an idea whats the problem of this low operation range ? I have a similar problem in 3.9 with ral cards; very poor range. Linksys (ath) [ap] - Level One (ral) = 5-7 meters Linksys (ath) [ap] - Old 1MBit Intel (wi?) = +30 meters Level One (ral pci) [ap] - Level One (ral pccard) = must be within 1-2 meters I tried changing the Tx Power, but that didn't have an effect. Because I've heard that the ral driver is very good, I was just assuming that my Level One cards have crappy transceivers and/or antennas.
Re: openbsd 4.0 ralink problem low operation range
On 2006/12/14 12:08, [EMAIL PROTECTED] wrote: it seems nobody uses minipci ralink cards ... :-( try different pigtails if possible. I've had very poor signal strength in a soekris with a couple of different pigtails with both ral(4) and ath(4) whereas the same cards in a thinkpad did work ok. (still haven't got them working very well in the soekris though..)
Re: dhcpd question
Richard P. Koett wrote: I'm building a firewall/router for a small private network. The external network interface uses dhclient. The internal interface will run dhcpd. Rather than hard-coding 'option domain-name-servers' in dhcpd.conf I'd like dhcpd to pass whatever nameservers were received by the dhclient running on the other interface. Is there a recommended way to accomplish this? yes, don't :) You could write a simple script to modify dhcpd.conf as needed, but I set up a lot of systems similar to yours for small offices. For a number of years, I tried to use the ISP's DNS resolver, but after a while, I realized that virtually EVERY ONE of the systems ended up with me installing a local resolver on the firewall because the ISP's went down at some point. The local DNS resolvers proved to be a no-cost clear win. While my inclination is always to avoid unneeded complexity, this wasn't very complex, nor was it unneeded. Further, you will probably need some kind of INTERNAL DNS definitions, just so addresses like 10.0.0.25 resolve for you. Failing to do that will often make maintaining the firewall itself annoying (reverse DNS lookups), but it will also give your ISP a clue that you have a firewall and a bunch of computers behind it, as THEY will be getting reverse DNS lookups for your internal addresses. Most ISPs no longer care about this, but some might... Nick.
Re: openbsd 4.0 ralink problem low operation range
Le Thu, 14 Dec 2006 11:45:37 + Stuart Henderson [EMAIL PROTECTED] a pris sa plume: On 2006/12/14 12:08, [EMAIL PROTECTED] wrote: it seems nobody uses minipci ralink cards ... :-( ralink is the worst radio chipset in term of radio performance but the best documented for driver :( ralink is the last compare to prism, hermers, atheros, broadcom
Re: openbsd 4.0 ralink problem low operation range
On Thu, 14 Dec 2006 12:08:00 +0100, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: it seems nobody uses minipci ralink cards ... :-( I also have a ralink card (regular PCI used in a Soekris with OBSD 4.0), and I am experiencing similar problems - horribly low radio performace over short distances. The other Soekris with minipci ath card works flawlessly. I have to admit that I have not made further investigations into the problem, but I am definitely following this thread and would be very interested in any insights. Bernd
Re: openbsd 4.0 ralink problem low operation range
it's not a pigtail problem, as i wrote that a always used prism cards and it works. the resistor value of the pigtail is ok. On Thursday 14 December 2006 12:45, Stuart Henderson wrote: On 2006/12/14 12:08, [EMAIL PROTECTED] wrote: it seems nobody uses minipci ralink cards ... :-( try different pigtails if possible. I've had very poor signal strength in a soekris with a couple of different pigtails with both ral(4) and ath(4) whereas the same cards in a thinkpad did work ok. (still haven't got them working very well in the soekris though..)
Re: openbsd 4.0 ralink problem low operation range
I just found a Proxim Gold 8470-FC card on eBay for $60 w/ shipping. Is this a good deal? Is your card 8470-FC? Thanks for the info. Yeah, but mine is not FC but WD.
Re: openbsd 4.0 ralink problem low operation range
2006/12/12, Clint Pachl [EMAIL PROTECTED]: Anton Karpov wrote: It's a known problem with ralink. Bad radio. That's what I was thinking. Hey, could you recommend a good range card? I have Proxim Orinoco Gold 8470, works fine for me. But it's fucking ath(4) . I suppose the best way is to wind card with external antenna connection.
Yeni yilinizi kutlariz.
Bayraminizi en igten dileklerimizle kutlar, yeni yilin saglik ve mutluluk gegmesini dileriz. RETA M\HENDISLIK depo ve raf sistemleri Adres: 4/7 Sokak No:4/1 Ayakkabıcılar Sitesi Yolu PınarbaÅı Bornova / Ä°ZMÄ°R Tel : +90 (232) 436 10 71 Tel : +90 (232) 436 11 58 Tel : +90 (232) 436 33 14 Fax : +90 (232) 436 33 15 GSM Tel: +90 (533) 749 99 04 Eposta: [EMAIL PROTECTED] Web Sitesi http://www.retamuhendislik.com.tr ... Siz m|sterilerimize yapabilecegimizin en iyisini sunmak ve maksimum faydayi saglamak, m|sterilerimizi yanliz bug|n degil, gelecekte de yanimizda gvrmek temel amacimizdir. ...
Antigen Notification: Antigen found a message matching a filter
Microsoft Antigen for Exchange found a message matching a filter. The message is currently Purged. Message: Yeni yilinizi kutlariz. Filter name: IllegalMimeHeader Sent from: [EMAIL PROTECTED] Folder: SMTP Messages\Inbound And Outbound Location: mmicmanhomenet/First Administrative Group/EXCHANGE - This mail was scanned by BitDefender For more informations please visit http://www.bitdefender.com -
Re: openbsd 4.0 ralink problem low operation range
It's a known problem with ralink. Bad radio.
Re: spam story
is there any way to work around users like this besides not whitelisting outbound mail? a spamlogd blacklist of users that do not have the outbound mail IPs whitelisted is a thought, but maybe not the right idea. Actually, come to think of it, if I could get away with it, I'd change the dumb shit's email to another address. give him a week to tell his friends it has moved, and then add him as as a greytrap address. they you use his stupidity in adding himself to every spammer on the planet's top 10 to your advantage. But that depends if you can get away with forcing him to change his email. -Bob
Re: help! 855 chipset resolution
Hi... I'm rather stubborn and I've installed o'bsd with an only slice. It remembers me when I took the decision of removing the windows partition and only use linux... it has shown to really pay off. i've learnt a lot. Now it's the turn for o'bsd I have followed your advice, woodchuck and it compiles fine but it doesn't want to run. Logging as su and without X running I get 1280pgm 30 1280 768 Unable to open /dev/mem: Operation not permitted This sounds like a security thing, maybe the securelevel In any case, 915resolution is not working either: Running it as root and without X: # 915resolution -l Intel 800/900 Series VBIOS Hack : version 0.5.2 Unable to open the BIOS file: Operation not permitted I know that it must be added to /etc/rc.securelevel $ cat /etc/rc.securelevel # $OpenBSD: rc.securelevel,v 1.16 2004/07/06 04:05:03 deraadt Exp $ # # site-specific startup actions, daemons, and other things which # can be done BEFORE your system goes into securemode. For actions # which should be done AFTER your system has gone into securemode # please see /etc/rc.local # This is the desired security level # XXX # XXX it is not really acceptable to put this value in a configuration # XXX file, because locking it down requires immutability on about # XXX 5 files instead of 2 (the kernel and init) # XXX securelevel=1 echo -n 'starting pre-securelevel daemons:' # # Place local actions here. # # 915resolution if [ -x /usr/local/sbin/915resolution ]; then echo -n ' 915resolution' /usr/local/sbin/915resolution 3d 1920 1440 /dev/null echo '.' 3d 1920 1440 is one mode I don't want to use; you have to overwrite one of them like that I guessed that one because I have a logbook from my experimentations with the same laptop and Linux + 915resolution. In linux it was working like that any hint? Cheers, Pau Try compiling the code like this: cc -D__NetBSD__ -o 1280pgm 1280patch-845g-855gm-865g.c -li386 that compiles without error, It will produce an executable named 1280pgm. Gods know what it will do when you run it, though. (OpenBSD is kinda-sorta like NetBSD.) See man i386_iopl before running it, about setting your sysctls properly. (They probably are already set OK if you are running X). Let us know if smoke rises from your screen.
Re: help! 855 chipset resolution
Vim Visual wrote: Logging as su and without X running I get 1280pgm 30 1280 768 Unable to open /dev/mem: Operation not permitted You must run this before securelevel gets raised. 3d 1920 1440 is one mode I don't want to use; you have to overwrite one of them like that I guessed that one because I have a logbook from my experimentations with the same laptop and Linux + 915resolution. In linux it was working like that To set this stuff up interactively, it's easiest to start OpenBSD in single user mode (enter -s at the boot prompt), and do it from there. First use 915resolution -l to list the available modes from your BIOS, choose the one you'd like to overwrite, and you can immediately try out running 915resolution with the proper parameters. Once you got those, just put those in rc.securelevel.
ksh input control: read
i'm mostly done with a little ksh CGI script that allows users to change
their dovecot passwords after submitting an HTML form, but the issue of
input control has been giving me trouble.
to generate a new password hash the CGI script takes POSTed form data,
splits it into variables named FORM_username, FORM_password,
FORM_newpassword1 and FORM_newpassword2 then performs a couple operations:
newhash=`/usr/local/sbin/dovecotpw -p $FORM_newpassword1`
/usr/bin/sed /$FORM_username/s/{HMAC-MD5}[a-z0-9]*:/$newhash:/g
/etc/dovecot/virtual.passwd /etc/dovecot/virtual.passwd
it's obviously a bad idea to use the form variables without putting them
through the ksh read f'n or something similar to catch characters that
should be escaped (`,',,%, etc.). the problem is pushing the variables
through read. a few links show read being used as
print testing | read testread
so that echo $testread should print testing after the read. this
does not work the same on the openbsd ksh CL and leaves testread empty.
however,
read testread test.txt
works fine if test.txt is non-empty. this is very much circumlocutory
and i would rather not print passwords to a file only to read them back in.
advice on how best to pipe the $FORM_ variables into read is
appreciated. if read is not a safe method to filter for danger inputs,
do let me know.
cheers,
jake
Re: dhcpd question
Hi Richard. yes, don't :) True. You could write a simple script to modify dhcpd.conf as needed, but I set I don't recommend that. A little typo or unexpected error and all your clients are unable to resolve or even get a lease - depending on the errors the script introduces. This happens to me some years ago :/ Very true :-) long time back I did this on my firewalls http://cr.yp.to/djbdns/install.html http://cr.yp.to/djbdns/run-cache-x.html I installed djbdns/dnscache from DJB some years ago because of this problem. It gives you a DNS cache too so you clients DNS lookups will speed up, especially if your line to your ISP is nearly saturated. I used a real old Pentium 120 with 64MB RAM and give the DNS cache about 30 MB and that was a good thing (tm) for my small network (5 active users). Although the djbdns is a old package, it is reliable and secure with a small memory footprint. (It is not in the ports because of the copyright issues I guess). you could use bind that comes with the base also :-) Thats also a solution. But for small LANs I recommend djbdns because I am a DJB fanatic ;) HTH, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: dhcpd question
Andreas Maus wrote: Very true :-) long time back I did this on my firewalls http://cr.yp.to/djbdns/install.html http://cr.yp.to/djbdns/run-cache-x.html I installed djbdns/dnscache from DJB some years ago because of this problem. It gives you a DNS cache too so you clients DNS lookups will speed up, especially if your line to your ISP is nearly saturated. I used a real old Pentium 120 with 64MB RAM and give the DNS cache about 30 MB and that was a good thing (tm) for my small network (5 active users). after having used djbdns for a while i must suggest you not use it. when i used to use it there was some problem where windows machines could not query the server and i would have to restart it. the commands to manipulate djbdns, which do not have manpages AFAICR, and its logs totally suck, IMO. just one more thing to remember when doing admin work. i've been using the BIND that comes with openbsd for ~6 months now and it works great. not to mention there's also a systrace policy for it sitting in /etc/systrace, in case you're paranoid. there are no superfluous commands to remember either. Although the djbdns is a old package, it is reliable and secure with a small memory footprint. (It is not in the ports because of the copyright issues I guess). you could use bind that comes with the base also :-) Thats also a solution. But for small LANs I recommend djbdns because I am a DJB fanatic ;) can't say i've tried qmail, but after running djbdns for a while (~1.5 years) i'm very much disinclined to use any of DJB's software. also, if i'm not mistaken, there have been very few updates to djbdns's source during the past 2 years. cheers, jake HTH, Andreas.
Home networking for an amateur
I've get an box laying in my basement running OpenBSD 3.7 (probably should upgrade that some time but I've never taken the time) acting as gateway for both wired and wireless networks. Everything has been working flawlessly except one thing; I can not access computers on the wireless network from the wired one or vice versa. This has not been much of a problem since I'm mostly connecting via the wired network but now my mother has gotten herself a laptop and she wishes to be able to access another computer to print. Most computers (are not mine) and run Windows. I have three NICs in the box, two rl(4) and one ath(4), rl1 is connected to the Internet and rl0 and ath0 are the local networks. As I understand things I need to bridge the two local NICs somehow to be able to access computers on both networks seamlessly, however I recall trying that once but with no success. Obviously I did something wrong, so I'd hope that someone might be able to explain to me how to set up the network. I've put copies of all files I thought might be of relevance on the web at http://www.chalmers.it/~eriwik/obsd/ Thanks for your time -- Erik Wikstrvm
Re: Home networking for an amateur
At 09:22 PM 12/14/2006 +0100, Erik Wikstrvm wrote: I've get an box laying in my basement running OpenBSD 3.7 (probably should upgrade that some time but I've never taken the time) acting as gateway for both wired and wireless networks. Everything has been working flawlessly except one thing; I can not access computers on the wireless network from the wired one or vice versa. This has not been much of a problem since I'm mostly connecting via the wired network but now my mother has gotten herself a laptop and she wishes to be able to access another computer to print. Most computers (are not mine) and run Windows. Your wireless router is probably blocking port 139 (Windows SMB) - standard practice. Go to the router configuration page and unblock. Lee
Re: dhcpd question
On Thu, Dec 14, 2006 at 01:47:36PM -0600, Jacob Yocom-Piatt wrote: after having used djbdns for a while i must suggest you not use it. when i used to use it there was some problem where windows machines could not query the server and i would have to restart it. the commands to manipulate djbdns, which do not have manpages AFAICR, and its logs totally suck, IMO. just one more thing to remember when doing admin work. The problem you ran into was probably due to dnscache giving up on long CNAME chains. There is a trivial fix as shown in http://marc.theaimsgroup.com/?t=10942216221r=1w=2 but DJB refuses to fix it on the ground that only idiots would use that method of serving DNS. He is undoubtedly correct, but since the idiots at Akamai have clients such as Microsoft and Yahoo, it is a real problem for those unfortunate enough to have to deal with them. However, as I said before the fix seems to be trivial. I don't know why DJB stopped using man pages, but a couple of people have translated his html docs to man pages, for those of us who prefer them. I don't find the management or log file format to be a problem, but that's just where our personal preferences differ. i've been using the BIND that comes with openbsd for ~6 months now and it works great. not to mention there's also a systrace policy for it sitting in /etc/systrace, in case you're paranoid. there are no superfluous commands to remember either. I haven't had any problem with the OpenBSD version of BIND either. can't say i've tried qmail, but after running djbdns for a while (~1.5 years) i'm very much disinclined to use any of DJB's software. also, if i'm not mistaken, there have been very few updates to djbdns's source during the past 2 years. AFAIK, there haven't been ANY updates in over 5 years. No big deal. Emilio
OpenBSD -Current and WINE
helllo misc@ I was wondering if someone out there has a wine port newer than the one in the ports tree I am looking for wine 0.9.24 or better Just for kicks I downloaded the latest wine 0.9.27 and ran a ./configure then a make depends make I never expected it to compile on OpenBSD unpatched , but i wanted to see how far it would get I got this for a error after some time (no surprise here) ../../tools/winegcc/winegcc -B../../tools/winebuild -shared ./dmusic32.specdmusic32_main.o version.res -o dmusic32.dll.so -lwinmm -luser32 -ladvapi32 -lkernel32 -luuid ../../libs/port/libwine_port.a -lossaudio -li386 gcc -c -I. -I. -I../../include -I../../include -D__WINESRC__ -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing -Wwrite-strings -Wpointer-arith -g -O2 -o main.o main.c main.c: In function `DllMain': main.c:51: warning: visibility attribute not supported in this configuration; ignored gcc -c -I. -I. -I../../include -I../../include -D__WINESRC__ -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing -Wwrite-strings -Wpointer-arith -g -O2 -o name.o name.c In file included from name.c:46: dnsapi.h:143: error: syntax error before ns_msg dnsapi.h:144: error: syntax error before '*' token *** Error code 1 Stop in /root/Desktop/wine-0.9.27/dlls/dnsapi. *** Error code 1 Stop in /root/Desktop/wine-0.9.27/dlls (line 596 of Makefile). *** Error code 1 Stop in /root/Desktop/wine-0.9.27 (line 377 of Makefile). # I am assuming there is some technical issue as to why there is not a updated wine in the tree Thank you in advance for any help Sam Fourman Jr.
Re: openbsd 4.0 ralink problem low operation range
On Fri, 15 Dec 2006 08:12:49 +1100 (EST), Damien Miller wrote: On Tue, 12 Dec 2006, Clint Pachl wrote: I have a similar problem in 3.9 with ral cards; very poor range. Linksys (ath) [ap] - Level One (ral) = 5-7 meters Linksys (ath) [ap] - Old 1MBit Intel (wi?) = +30 meters Level One (ral pci) [ap] - Level One (ral pccard) = must be within 1-2 meters I tried changing the Tx Power, but that didn't have an effect. Because I've heard that the ral driver is very good, I was just assuming that my Level One cards have crappy transceivers and/or antennas. 30 metres is beyond crappy. I have never seen a ral(4) do that badly. Do you have interference on the channel? You might want to try another one... I live and work in a leaky faraday cage. The walls are 75mm thick re-inforced lightweight concrete on a steel frame. Notwithstanding that I get reasonable connectivity with a laptop (Thinkpad r50, ath wi-fi) about 20 metres up the driveway. My AP is a Soekris 4801 with a pci MSI adaptor that shows up in dmesg as: ral0 at pci0 dev 10 function 0 Ralink RT2560 rev 0x01: irq 11, address 00:13:d3:6b:a9:be ral0: MAC/BBP RT2560 (rev 0x04), RF RT2525 So not all ral cards are bad news for range. FWIW. YMMV. From the land down under: Australia. Do we look umop apisdn from up over?
Re: openbsd 4.0 ralink problem low operation range
On Tue, Dec 12, 2006 at 01:27:19PM +0100, Anis Kadri wrote: Same problem with minipci ral cards max distance: 5-8m. About the same here. 2-3m meters the signal strength is ok 3-6m its a good day if I can connect 6- no connection can be made what so ever The signal strength(if one can call it that) is about the same with different channels and or different pigtails. Tried to change the contact the pigtail is hooked into, and lastly i tried agains wi, malo and ath. Some differences can be noticed, but nothing that make the ral anything near decent. OpenBSD 4.0-stable (GENERIC) #1: Mon Dec 4 22:21:43 CET 2006 cpu0: Geode(TM) Integrated Processor by National Semi (Geode by NSC 586-class) 267 MHz ral0 at pci0 dev 14 function 0 Ralink RT2561 rev 0x00: irq 11, address 00:08:a1:9c:32:f9 ral0: MAC/BBP RT2661B, RF RT2527 Not that its a good thing others have problem, but it is good to know Im not alone :) -- Henrik
vim Easy Mode Broken?
Someone hit me with a clue-by-four. On both 4.0 release and -current (13/12/2006) I find vim -y does not work as it did on 3.9. Likely a question for the vim lists, but I'm hoping someone will confirm what I'm experiencing. vim -y should start in an emacs-like mode. However, I'm finding the -y switch does nothing. In all cases I install the no_x11 flavor. My users pointed this behavior out after my upgrade to 4.0. Can anyone else confirm this behavior on another machine? Jim
Re: TCP hangs between boxes behind two OpenBSD firewalls
Try adding flags S/SA to all of your tcp rules and reload your ruleset. -- Mathieu Sauve-Frankel
Re: openbsd 4.0 ralink problem low operation range
I have had similar experiences using ral in 802.11b mode. Forcing 802.11G mode seems to help alot. Could people in this thread please mention whether they are using ral in b or g mode ? -- Mathieu Sauve-Frankel
Re: ksh input control: read
On Thu, Dec 14, 2006 at 12:55:42PM -0600, Jacob Yocom-Piatt wrote: print testing | read testread This is a known problem with pdksh that the developers have stated they don't plan to change. `read' only updates the value of `testread' in the child shell process, not the parent. E.g., ``print testing | ( read testread; echo $testread )'' will work.
limiting outbound throughput from an IP using altq
OpenBSD 3.9 i386, using pf/altq
I have a nat/firewall box running here, with our cable internet
(6mbps/1mbps) on the external interface and our lan (100mbps) on
the internal interface. I'm attempting to assign outbound traffic
from an internal IP (10.0.0.243 in this case) to 1% of the total
queue. I feel like I'm missing something really obvious here. If
anyone can tell me what I'm doing wrong I would *really*
appreciate it.
Traffic is being assigned to the nick_int queue, and inbound
(from the internet to the lan) traffic is being limited... to my
surprise. That doesn't even make any sense to me.
No traffic is being assigned to nick_ext at all.. everything is
showing up on the default queue (other) instead.
I'm using 'pfctl -vvs queue' to check whether any traffic is
being assigned to a queue and using my own IP for $nick_net to
test.
related text from my pf.conf:
=
ext_if = xl1
int_if = xl0
nick_net= 10.0.0.243
set block-policy drop
set state-policy if-bound
altq on $ext_if cbq bandwidth 950Kb queue { nick_ext, other }
queue nick_ext bandwidth 1% priority 1 cbq
queue other bandwidth 99% priority 7 cbq(default, borrow)
altq on $int_if cbq bandwidth 8Mb queue { all_in, nick_int }
queue all_in bandwidth 99% priority 7 cbq(default)
queue nick_intbandwidth 1% priority 1 cbq
nat on $ext_if from $int_if:network to any - ($ext_if)
block drop all
pass in on $int_if from $int_if:network to any keep state
pass out on $int_if from any to $int_if:network keep state queue
all_in
pass out on $ext_if from any to any keep state queue other
pass in quick on $int_if from $nick_net to any keep state queue
nick_int
pass out quick on $ext_if from $nick_net to any keep state queue
nick_ext
=
Have I set this up completely wrong or am I just missing
something? I've assigned traffic based on the external
interface's local port successfully before, but if I take that
same rule and specify an internal IP then no traffic is assigned
at all.
--
Joel
[rootrider]
Re: openbsd 4.0 ralink problem low operation range
http://www.netgate.com/info/miniPCI/2511MPPLUS/2511MP_PLUS_Spec.pdf Receive sensitivity: -89dBm to -91dBm. http://soekris.kd85.com/pdf/ralabg.pdf Receive sensitivity: -70dBm to -84dBm.
Get into Music Making
GET INTO MUSIC MAKING FOR 2007! Are you or someone you know, thinking of taking up an instrument this coming year? Perhaps you would simply like to 'play along' with other musicians during impromptu kitchen parties? Download our Christmas Catalogue at www.musicstop.com QUICK PREVIEW: Here are a number of great 'starter' instrument suggestions from Musicstop: == MCNALLY STRUM STICK == Incredibly easy to play and affordable. This versatile instrument is loads of fun and a great stepping stone to guitar playing. == SQUIER MINI STRAT == Learn on the real thing in compact form for compact rockers. == PSR E303 == Amazingly powerful and affordable entry into keyboard playing. Download our Christmas Catalogue == FENDER/SQUIER SE100 PACK == Many of the world's best guitarist choose Fender. Why start on a no-name guitar from a grocery store when you can play the best brand in the business! == MEINL CAJON == Got rhythm? Play any style with this incredibly versatile percussion instrument. You can even sit on it! == PEARL LUDWIG SETS == Affordable drum sets from the best. Download our Christmas Catalogue == MUSICAL GIFTS UNDER $50 == Ukes, Mini accordians, Penny Whistles, Harmonicas, bongos, kid's percussion packs?we have loads of affordable musical gifts == VISIT OUR NEW MUSICWARE BOUTIQUE! == Each Musicstop branch now carries a broad selection of cool musically themed clothing, gifts and collectables. As well as a HUGE SELECTION of quality Guitar straps priced from $10 to $300! Many musical gifts and collectables are well under $25! Download our Christmas Catalogue at www.musicstop.com === We appreciate you allowing us to contact you regarding upcoming events and industry news. If you would prefer not to receive our updates, you can always unsubscribe by emailing [EMAIL PROTECTED] with 'Please remove me' in the subject.
Re: Home networking for an amateur
On 12/14/06, L. V. Lammert [EMAIL PROTECTED] wrote: At 09:22 PM 12/14/2006 +0100, Erik Wikstrvm wrote: I've get an box laying in my basement running OpenBSD 3.7 (probably should upgrade that some time but I've never taken the time) acting as gateway for both wired and wireless networks. Everything has been working flawlessly except one thing; I can not access computers on the wireless network from the wired one or vice versa. This has not been much of a problem since I'm mostly connecting via the wired network but now my mother has gotten herself a laptop and she wishes to be able to access another computer to print. Most computers (are not mine) and run Windows. Your wireless router is probably blocking port 139 (Windows SMB) - standard practice. Go to the router configuration page and unblock. I didn't know that OpenBSD had a router configuration page. Unfortunately I've looked at his pf.conf for a little bit now and in my caffeine deprived state I don't see anything preventing access between rl0 and ath0. A little detail from the OP on how he is trying to reach the other computers would help. Can he ping by IP? Can he ping by name? Is his mother trying to print via name or IP address? Greg
Re: Home networking for an amateur
On Thu, 14 Dec 2006, Greg Thomas wrote: On 12/14/06, L. V. Lammert [EMAIL PROTECTED] wrote: At 09:22 PM 12/14/2006 +0100, Erik Wikstrvm wrote: Your wireless router is probably blocking port 139 (Windows SMB) - standard practice. Go to the router configuration page and unblock. I didn't know that OpenBSD had a router configuration page. It doesn't. A 'Wireless Router' is the box with the antennas. Lee
Re: Home networking for an amateur
On 12/14/06, L. V. Lammert [EMAIL PROTECTED] wrote: On Thu, 14 Dec 2006, Greg Thomas wrote: On 12/14/06, L. V. Lammert [EMAIL PROTECTED] wrote: At 09:22 PM 12/14/2006 +0100, Erik Wikstrvm wrote: Your wireless router is probably blocking port 139 (Windows SMB) - standard practice. Go to the router configuration page and unblock. I didn't know that OpenBSD had a router configuration page. It doesn't. A 'Wireless Router' is the box with the antennas. Where does he mention 'Wireless Router'? He appears to have ath in an OpenBSD box. Greg
Re: ksh input control: read
Original message Date: Thu, 14 Dec 2006 19:06:30 -0600 From: Matthew R. Dempsky [EMAIL PROTECTED] Subject: Re: ksh input control: read To: misc@openbsd.org On Thu, Dec 14, 2006 at 12:55:42PM -0600, Jacob Yocom-Piatt wrote: print testing | read testread This is a known problem with pdksh that the developers have stated they don't plan to change. `read' only updates the value of `testread' in the child shell process, not the parent. E.g., ``print testing | ( read testread; echo $testread )'' will work. yeah, after further reading i found that pdksh and ksh behave differently w.r.t. child shells. the syntax you suggest above is what i've already fiddled with and see that it can work. is there a ksh command that will print a variable, say $form_pw, with any combination of bad characters (e.g. `,',,%,,,|) stored in it? this seems like it would be a useful command since, AFAICT this issue is relatively common. if no command exists, i can certainly write some C code to do it but would rather see if it's doable using just ksh. is there a list of all the characters you should escape/filter when writing shell scripts?
Re: Home networking for an amateur
On Thu, Dec 14, 2006 at 07:09:22PM -0800, Greg Thomas wrote: On 12/14/06, L. V. Lammert [EMAIL PROTECTED] wrote: At 09:22 PM 12/14/2006 +0100, Erik Wikstrvm wrote: I've get an box laying in my basement running OpenBSD 3.7 (probably should upgrade that some time but I've never taken the time) acting as gateway for both wired and wireless networks. Everything has been working flawlessly except one thing; I can not access computers on the wireless network from the wired one or vice versa. This has not been much of a problem since I'm mostly connecting via the wired network but now my mother has gotten herself a laptop and she wishes to be able to access another computer to print. Most computers (are not mine) and run Windows. Your wireless router is probably blocking port 139 (Windows SMB) - standard practice. Go to the router configuration page and unblock. I didn't know that OpenBSD had a router configuration page. Unfortunately I've looked at his pf.conf for a little bit now and in my caffeine deprived state I don't see anything preventing access between rl0 and ath0. A little detail from the OP on how he is trying to reach the other computers would help. Can he ping by IP? Can he ping by name? Is his mother trying to print via name or IP address? I can't see anything obviously wrong, either. Then again I'm about 2 seconds away from falling asleep. tcpdump pflog0 and ping tests seems like a good place to start. -- Darrin Chandler| Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ |
Re: ksh input control: read
On 12/14/06, Jacob Yocom-Piatt [EMAIL PROTECTED] wrote:
This is a known problem with pdksh that the developers have stated
they don't plan to change. `read' only updates the value of
`testread' in the child shell process, not the parent.
E.g., ``print testing | ( read testread; echo $testread )'' will
work.
is there a ksh command that will print a variable, say $form_pw, with any
combination of bad characters (e.g. `,',,%,,,|) stored in it? this seems
like it would be a useful command since, AFAICT this issue is relatively common.
if no command exists, i can certainly write some C code to do it but would
rather see if it's doable using just ksh.
is there a list of all the characters you should escape/filter when writing
shell scripts?
You can use the ${varname} syntax (curly braces) to reference a
variable with special characters in the value.
If you're still on the CGI piece and want to filter out characters
from your input variables, you'll have to determine what those are
yourself, although ksh does support some advanced parameter editing
within the value of a variable. See ksh(1).
--
Darren Spruell
[EMAIL PROTECTED]
Re: Home networking for an amateur
On Friday 15 December 2006 06:00, Darrin Chandler wrote: On Thu, Dec 14, 2006 at 07:09:22PM -0800, Greg Thomas wrote: On 12/14/06, L. V. Lammert [EMAIL PROTECTED] wrote: At 09:22 PM 12/14/2006 +0100, Erik Wikstrvm wrote: I've get an box laying in my basement running OpenBSD 3.7 (probably should upgrade that some time but I've never taken the time) acting as gateway for both wired and wireless networks. Everything has been working flawlessly except one thing; I can not access computers on the wireless network from the wired one or vice versa. This has not been much of a problem since I'm mostly connecting via the wired network but now my mother has gotten herself a laptop and she wishes to be able to access another computer to print. Most computers (are not mine) and run Windows. Your wireless router is probably blocking port 139 (Windows SMB) - standard practice. Go to the router configuration page and unblock. I didn't know that OpenBSD had a router configuration page. Unfortunately I've looked at his pf.conf for a little bit now and in my caffeine deprived state I don't see anything preventing access between rl0 and ath0. A little detail from the OP on how he is trying to reach the other computers would help. Can he ping by IP? Can he ping by name? Is his mother trying to print via name or IP address? I can't see anything obviously wrong, either. Then again I'm about 2 seconds away from falling asleep. tcpdump pflog0 and ping tests seems like a good place to start. I'm pretty new to pf, but isn't nat on rl1 from ath0:network to any - (rl1) nat on rl1 from rl0:network to any - (rl1) his problem? In my understanding this will also nat connections from ath0 to rl0. -- Greetings Chris
Re: openbsd 4.0 snmpd core dumps with vlan interface number higher as 9
ok, it seems its a problem of a variable definition in snmpd, isn't it ? Thomas On Wednesday 13 December 2006 23:30, Brian A. Seklecki wrote: That's awesome! BTW, I submitted a PR on this yesterday but haven't gotten the automated response. Will forward to you if I do. ~BAS On Wed, 13 Dec 2006, [EMAIL PROTECTED] wrote: Hi List, openbsd 4.0 i've vlan interfaces from vlan1 to vlan9 i can start snmpd -x localhost without any problems if i create vlan10 snmpd core dumps Bus error (core dumped) the last lines from the debug are trace: netsnmp_send_traps(): agent_trap.c, 603: trap: send_trap 0 0 NET-SNMP-MIB::netSnmpAgentOIDs.255trace: netsnmp_send_traps(): agent_trap.c, 605: trap: Bus error (core dumped) if i destroy vlan10 it works again. the core dump is here http://www.tbits.org/snmpd.core.gz Have everyone an idea ? Thx Thomas l8* -lava (Brian A. Seklecki - Pittsburgh, PA, USA) http://www.spiritual-machines.org/ ...from back in the heady days when helpdesk meant nothing, diskquota meant everything, and lives could be bought and sold for a couple of pages of laser printout - and frequently were.
Re: openbsd 4.0 ralink problem low operation range
I have experienced the same problems with both ath(4) and ral(4) (minipci cards). I tried to use different modes (B G) and different settings (channels, ..) and using an external antenna but the performance's still lossy :-/ for ral(4): g mode doesn't work very well for me (packet loss, ...) so i'm sticking with b mode for ath(4): changing the mode just causes the kernel to crash :/ so i used b mode as well. I don't know if ath(4) works better than ral(4) for some of you. I heard it has a better radio chipset but it is not documented. On 12/15/06, pedro la peu [EMAIL PROTECTED] wrote: http://www.netgate.com/info/miniPCI/2511MPPLUS/2511MP_PLUS_Spec.pdf Receive sensitivity: -89dBm to -91dBm. http://soekris.kd85.com/pdf/ralabg.pdf Receive sensitivity: -70dBm to -84dBm.
