Re: malo driver

[Claudio Jeker]

On Thu, May 03, 2007 at 09:00:56PM -0500, Default User wrote:
> According to http://openbsd.org/i386.html#hardware the Netgear WG511v2
> Wireless PC card should work, using the malo driver:
> 
> "Marvell Libertas IEEE 802.11b/g CardBus adapters (malo), including: (G)
> Netgear WG511v2"
> 
> But on a laptop with OpenBSD 4.1, the card was not (apparently)
> recognized, nor did the malo driver seem to load.  
> 

Please provide the dmesg of your box with the card inserted. From your two
lines I don't know if the card was not seen at all (e.g. your cardbus slot
plays games like mine likes to do) or if it was recognized but the driver
did not attach because the PCI IDs were not matched. Without that info we
can not help you.

> This same system recognies a Netgear MA111 v1 usb wireless adapter,
> automatically loading the wi driver, and the whole system was installed
> by network that way, with no wired ethernet connection needed. 
> 
> So, does the malo driver need to be loaded manually, and is it even on
> the OpenBSD 4.1 network install cd (from cd41.iso)?  
> 

No malo(4) is not on any of the install medias as we are not allowed to
ship the firmware. Without firmware you can not make the card work and so
it does not make sense to include the driver.
GENERIC on the other hand has malo(4) enabled.

-- 
:wq Claudio

Re: about spam

[Jussi Peltola]

On Fri, May 04, 2007 at 01:26:58PM +0900, LinuxUser wrote:
> Hi ,all .my name is tuyosi , a japanese .
> 
> there are little infomation about spamd .
> so i barely run spamd in my own fashion .
> but i donot see whethe my way is good or not , so i make quetions.
> 
> my doing is next ,
> 1)in /etc/services , i add next line
> spamd-sync 8025/udp
> 
> 2)in /etc/pf.conf , according to ' man pf.conf" , i add next line
> rdr on $ext_if inet proto tcp from  to port smtp \
> tag SPAMD -> 127.0.0.1 port spamd
> block in on $ext_if
> pass in on $ext_if inet proto tcp tagged SPAMD
> 
> 
> 3) in /etc/rc.local ,  i add next lines
> if [ -x /usr/local/bin/spamd ]; then
> echo -n ' ---spamd--- '; /usr/local/bin/spamd -d
> fi
> 
> 
> 4) in /etc/rc/conf.local 
> #spamd_flags="" #NO # for normal use: "" and see spamd-setup(8)
> spamd_grey=YES  #NO # use spamd greylisting if YES
> spamlogd_flags="-i pppoe0" # use eg. "-i interface" and see spamlogd(8)
> namely spamd_flags="" has no effect .
> 
> 
> and restart openbsd , 
> # ps -ax | grep spam
> 13425 ?? Is 0:19.82 perl: /usr/local/bin/spamd -d (perl)
> 23460 ?? I 0:00.06 perl: spamd child (perl)
> 6975 ?? I 0:00.10 perl: spamd child (perl)
> 5950 p0 I+ 0:00.02 grep spam
>   
> 
> where do i see orthodox practice of spamd ?
> 

Hi Tuyosi san,

I think you have confused the OpenBSD project's spamd with the
daemonized version of SpamAssassin (it is also called spamd).

Spamd is a part of OpenBSD and can be enabled in rc.conf.local.

Have you read the man page of spamd? There is also a list of databases
and links to the man pages at http://www.openbsd.org/spamd/.

-- 
Regards,
Jussi Peltola

PF rules2

[Tang Tse]

Hi again,

I follow with my own fight with PF. ( sorry to send other mail, but i can't
really fix this ).

If I reduce pf.conf to the following rules:
block in all
pass in on $int_if proto {tcp,udp] from any to any port 22 keep state

I can connect to ssh, but it takes at least on minute to ask me the user and
pass.

If i change it to block in on $ext_if all, then i can connect with the
normal speed.

The rules order is correct ( i think ), pf goes from less specific rule to
more especific rule.. If i told pf if there is no match block in all, if
connection is to port 22 pass it. I can't understand why this doesn't work..

please, can you point to what is wrong?

Thanks!
Tang Tse

Re: another dumb vlan question

[Clint Pachl]

Axton wrote:

On 5/2/07, Matiss Miglans <[EMAIL PROTECTED]> wrote:

Hi
Scenario 1 will be right.
Don't mix there "normal" ethernet with vlan's.

Jonathan Whiteman wrote:
> Lets say I'm setting up vlan devices so that 4 completely separate
> subnets' gateways can share same ethernet port on the router.  Is it
> more appropriate to give the physical device itself an ip address and
> then create 3 vlan devices, or to give the physical device no ip 
address

> at all and create 4 vlan devices?  Or?


I have a hypothetical question regarding security concerning this setup. 
Would it be more secure to have 4 physically different interfaces each 
connected to a single VLAN? I am kind of new to VLANs and I am trying to 
discern the security issues involved. I was thinking about doing 
something similar to the OP.


-pachl

about spam

[LinuxUser]

Hi ,all .my name is tuyosi , a japanese .

there are little infomation about spamd .
so i barely run spamd in my own fashion .
but i donot see whethe my way is good or not , so i make quetions.

my doing is next ,
1)in /etc/services , i add next line
spamd-sync 8025/udp

2)in /etc/pf.conf , according to ' man pf.conf" , i add next line
rdr on $ext_if inet proto tcp from  to port smtp \
tag SPAMD -> 127.0.0.1 port spamd
block in on $ext_if
pass in on $ext_if inet proto tcp tagged SPAMD


3) in /etc/rc.local ,  i add next lines
if [ -x /usr/local/bin/spamd ]; then
echo -n ' ---spamd--- '; /usr/local/bin/spamd -d
fi


4) in /etc/rc/conf.local 
#spamd_flags="" #NO # for normal use: "" and see spamd-setup(8)
spamd_grey=YES  #NO # use spamd greylisting if YES
spamlogd_flags="-i pppoe0" # use eg. "-i interface" and see spamlogd(8)
namely spamd_flags="" has no effect .


and restart openbsd , 
# ps -ax | grep spam
13425 ?? Is 0:19.82 perl: /usr/local/bin/spamd -d (perl)
23460 ?? I 0:00.06 perl: spamd child (perl)
6975 ?? I 0:00.10 perl: spamd child (perl)
5950 p0 I+ 0:00.02 grep spam


where do i see orthodox practice of spamd ?

wpi firmware on amd64 platform

[abutter gao]

I installed OpenBSD-current on my laptop and downloaded wpi firmware
from http://damien.bergamini.free.fr/packages/openbsd/wpi-firmware-1.13.tgz
by the wpi manual.

After running "pkg_add -v wpi-firmware-1.13.tgz", the pkg_add says
that tarball is the incompatible.

I thought the firmware was not platform-relative, So I run "pkg_add -A
i386 -v wpi-firmware-1.13.tgz", and it was ok.

When I run "dhclient wpi0", the result was below:
wpi0: timeout waiting for thermal sensors calibration
wpi0: timeout waiting for thermal sensors calibration
wpi0: fatal firmware error

It there something that I missed ?

Thanks for any tips !

Re: 4.1 Packages Page

[David Perfors]

No problems with cvsweb here. but packages page isn't available

On 5/4/07, djgoku <[EMAIL PROTECTED]> wrote:
>
> On 5/3/07, djgoku <[EMAIL PROTECTED]> wrote:
> > http://www.openbsd.org/4.1_packages/
> > Gets a 404 error.
> > http://www.openbsd.org/4.0_packages/
> > Works fine.
> >
> > Link found on: http://openbsd.org/faq/faq15.html
>
> http://www.openbsd.org/cgi-bin/cvsweb/
>
> Am also having issues with cvsweb. Anyone else?

Re: 4.1 Packages Page

[djgoku]

On 5/3/07, djgoku <[EMAIL PROTECTED]> wrote:

http://www.openbsd.org/4.1_packages/
Gets a 404 error.
http://www.openbsd.org/4.0_packages/
Works fine.

Link found on: http://openbsd.org/faq/faq15.html


http://www.openbsd.org/cgi-bin/cvsweb/

Am also having issues with cvsweb. Anyone else?

malo driver

[Default User]

According to http://openbsd.org/i386.html#hardware the Netgear WG511v2
Wireless PC card should work, using the malo driver:

"Marvell Libertas IEEE 802.11b/g CardBus adapters (malo), including: (G)
Netgear WG511v2"

But on a laptop with OpenBSD 4.1, the card was not (apparently)
recognized, nor did the malo driver seem to load.  

This same system recognies a Netgear MA111 v1 usb wireless adapter,
automatically loading the wi driver, and the whole system was installed
by network that way, with no wired ethernet connection needed. 

So, does the malo driver need to be loaded manually, and is it even on
the OpenBSD 4.1 network install cd (from cd41.iso)?  

Re: another dumb vlan question

[Axton]

On 5/2/07, Matiss Miglans <[EMAIL PROTECTED]> wrote:

Hi
Scenario 1 will be right.
Don't mix there "normal" ethernet with vlan's.

Jonathan Whiteman wrote:
> Lets say I'm setting up vlan devices so that 4 completely separate
> subnets' gateways can share same ethernet port on the router.  Is it
> more appropriate to give the physical device itself an ip address and
> then create 3 vlan devices, or to give the physical device no ip address
> at all and create 4 vlan devices?  Or?
>
> The basic functionality of vlan devices seems straightforward enough.  I
> imagined starting with one of the following two configurations but the
> man pages referenced from the openbsd faq did not clarify this point for
> me.
>
> Any advice is appreciated,
> ~jon
>
> --
> scenario 1
> --
> hostname.dc0: up
>
> hostname.vlan0: inet 172.17.1.1 255.255.255.0 172.17.1.255 vlan 512
> vlandev dc0 vlanprio 1
>
> hostname.vlan1: inet 172.17.2.1 255.255.255.0 172.17.2.255 vlan 513
> vlandev dc0 vlanprio 2
>
> hostname.vlan2: inet 172.17.3.1 255.255.255.0 172.17.3.255 vlan 514
> vlandev dc0 vlanprio 3
>
> hostname.vlan3: inet 172.17.4.1 255.255.255.0 172.17.4.255 vlan 515
> vlandev dc0 vlanprio 4
>
> --
> scenario 2
> --
>
> hostname.dc0: inet 172.17.1.1 255.255.255.0 172.17.1.255 vlan 512
> vlandev dc0 vlanprio 1
>
> hostname.vlan0: inet 172.17.2.1 255.255.255.0 172.17.2.255 vlan 513
> vlandev dc0 vlanprio 2
>
> hostname.vlan1: inet 172.17.3.1 255.255.255.0 172.17.3.255 vlan 514
> vlandev dc0 vlanprio 3
>
> hostname.vlan2: inet 172.17.4.1 255.255.255.0 172.17.4.255 vlan 515
> vlandev dc0 vlanprio 4



Scenario 1 is the right way.  This is my setup, which has 5 physical
interfaces, with 4 vlans, using trunk to aggregate the interfaces with
round-robin.  What I don't understand is why ipv6 addresses are
assigned to each physical iface (lack of knowledge on my part I'm
sure).

# ifconfig -a
lo0: flags=8049 mtu 33192
   groups: lo
   inet 127.0.0.1 netmask 0xff00
   inet6 ::1 prefixlen 128
   inet6 fe80::1%lo0 prefixlen 64 scopeid 0x9
gem0: 
flags=8b63
mtu 1500
   lladdr 00:03:ba:04:b2:1d
   trunk: trunkdev trunk0
   media: Ethernet 100baseTX full-duplex
   status: active
   inet6 fe80::203:baff:fe04:b21d%gem0 prefixlen 64 scopeid 0x1
hme0: 
flags=8b63
mtu 1500
   lladdr 00:03:ba:04:b2:1d
   trunk: trunkdev trunk0
   media: Ethernet 100baseTX full-duplex
   status: active
   inet6 fe80::a00:20ff:feca:7dc4%hme0 prefixlen 64 scopeid 0x2
hme1: 
flags=8b63
mtu 1500
   lladdr 00:03:ba:04:b2:1d
   trunk: trunkdev trunk0
   media: Ethernet 100baseTX full-duplex
   status: active
   inet6 fe80::a00:20ff:feca:7dc5%hme1 prefixlen 64 scopeid 0x3
hme2: 
flags=8b63
mtu 1500
   lladdr 00:03:ba:04:b2:1d
   trunk: trunkdev trunk0
   media: Ethernet 100baseTX full-duplex
   status: active
   inet6 fe80::a00:20ff:feca:7dc6%hme2 prefixlen 64 scopeid 0x4
hme3: 
flags=8b63
mtu 1500
   lladdr 00:03:ba:04:b2:1d
   trunk: trunkdev trunk0
   media: Ethernet 100baseTX full-duplex
   status: active
   inet6 fe80::a00:20ff:feca:7dc7%hme3 prefixlen 64 scopeid 0x5
pflog0: flags=141 mtu 33192
pfsync0: flags=0<> mtu 1460
   groups: carp
enc0: flags=0<> mtu 1536
trunk0: flags=8843 mtu 1500
   lladdr 00:03:ba:04:b2:1d
   trunk: trunkproto roundrobin
   trunkport hme0 active
   trunkport hme1 active
   trunkport hme3 active
   trunkport hme2 active
   trunkport gem0 master,active
   groups: trunk
   media: Ethernet autoselect
   status: active
   inet6 fe80::203:baff:fe04:b21d%trunk0 prefixlen 64 scopeid 0xa
vlan10: flags=8843 mtu 1500
   lladdr 00:03:ba:04:b2:1d
   vlan: 10 priority: 0 parent interface: trunk0
   groups: vlan
   inet6 fe80::203:baff:fe04:b21d%vlan10 prefixlen 64 scopeid 0xb
   inet 10.180.16.1 netmask 0xff00 broadcast 10.180.16.255
vlan2: flags=8843 mtu 1500
   lladdr 00:03:ba:04:b2:1d
   vlan: 2 priority: 0 parent interface: trunk0
   groups: vlan
   inet6 fe80::203:baff:fe04:b21d%vlan2 prefixlen 64 scopeid 0xc
   inet 10.107.208.1 netmask 0xff00 broadcast 10.107.208.255
vlan3: flags=8843 mtu 1500
   lladdr 00:03:ba:04:b2:1d
   vlan: 3 priority: 0 parent interface: trunk0
   groups: vlan egress
   inet6 y::y:y:y:y%vlan3 prefixlen 64 scopeid 0xd
   inet x.x.x.x netmask 0xf800 broadcast 255.255.255.255
vlan30: flags=8843 mtu 1500
   lladdr 00:03:ba:04:b2:1d
   vlan: 30 priority: 0 parent interface: trunk0
   groups: vlan
   inet6 fe80::203:baff:fe04:b21d%vlan30 prefixlen 64 scopeid 0xe
   inet 10.180.17.1 netmask 0xff00 broadcast 10.180.17.255


The routing tables then look like this:

# route -n show
Routing tables

Spamd Q

[Steve Shockley]

I've just upgraded my firewall to 4.1.  The firewall runs spamd, and 
redirects connections (that don't go to spamd) to a server behind the 
firewall.


I modified my pf.conf per the sample in the spamd(8) man page.  It's a 
couple of days later, and suddenly I realize that I'm only getting mail 
that's explicitly in my whitelist, from this rule:


rdr on $ext_cable proto tcp from  to port smtp -> $mail 
port 25


I'm thinking my problem is the "no rdr" rule, maybe that's preventing 
the smtp connections from getting redirected.  Here's all my 
smtp-related rdr rules:



rdr on $ext_cable proto tcp from  to port smtp -> $mail 
port 25


no rdr on $ext_cable proto tcp from  to any port smtp

rdr pass on $ext_cable proto tcp from any to any port smtp -> 127.0.0.1 
port spamd


# Send smtp to mail server
rdr on $ext_cable inet proto tcp from any to any port  25 -> $mail port 25


So, what's my best solution?  Would changing the "no rdr" to a rdr -> 
$mail do what I want, or would I be better off moving spamd to my mail 
server?

Re: DJBDNS woes

[Allie Daneman]

You need to read the directions a bit closer.like this part.
http://cr.yp.to/djbdns/run-server.html
Bray Mailloux([EMAIL PROTECTED])@Thu, May 03, 2007 at 05:33:25PM -0700:
> So, I recently installed daemontools, ucspi and djbdns. But, to my 
> demise, after compiling the source and configuring the system, I've 
> found that the directory /service/tinydns/root does not exist!
> Have anyone experienced a similar problem?
> 

-- 
~Allie D.

Sex is a natural bodily process, like a stroke.

DJBDNS woes

[Bray Mailloux]

So, I recently installed daemontools, ucspi and djbdns. But, to my 
demise, after compiling the source and configuring the system, I've 
found that the directory /service/tinydns/root does not exist!

Have anyone experienced a similar problem?

new openbsd 4.0 server, panic on ufsdirhash

[John Mendenhall]

I am attempting to get the source copied from the cd
to /usr/src.

I ran the tar command to extract the source from the
cd.  The system panicked after a minute or two.
After this, I rebooted.

When it came up, I went to the src dir to see what
was there.  I tried removing the partial set of files.
It panicked after just a short time.

The dmesg is at the bottom.

Does this indicate I have a bad drive?  Or, does it
just need fsck run on it?  I just installed openbsd 4.0
on this box a few days ago.  It rebuilt the file systems
from scratch.  Do I need to redo everything?

Or, do I need to start looking at hardware problems with
the drive or the motherboard?

Please let me know the next step to run that will help
me get to a stable system.

Thanks!

JohnM



panic #1:
-
panic: kernel diagnostic assertion "(dirblock < dh->dh_nblk &&
dh->dh_blkfree[dirblock] >= (((slotneeded) + ((4) - 1)) / (4)))" failed: file
"/usr/src/sys/ufs/ufs/ufs_dirhash.c", line 510
Stopped at  Debugger+0x4:   leave
RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC!
DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION!
ddb> Debugger(40,e9e27b88,e9e27b70,3,d6a8d690) at Debugger+0x4
panic(d0660c40,d06305f7,d0675ea0,d0675e20,1fe) at panic+0x63
tablefull(d06305f7,d0675e20,1fe,d0675ea0,d07172c0) at tablefull
ufsdirhash_findfree(d6a8d690,18,e9e27c3c,e9e27e3c) at
ufsdirhash_findfree+0x94
ufs_lookup(e9e27c68,e9e27e3c,e9e27c80,d035162e,d0717180) at ufs_lookup+0x18e
VOP_LOOKUP(d6a8c444,e9e27e28,e9e27e3c,20) at VOP_LOOKUP+0x2e
lookup(e9e27e18,d6c02c00,400,e9e27e30) at lookup+0x1d0
namei(e9e27e18,d1167310,e9e27d60,1e4940) at namei+0x180
vn_open(e9e27e18,e02,1a4,d6b2bcb0) at vn_open+0x7b
sys_open(d6b2bcb0,e9e27f68,e9e27f58,0,0) at sys_open+0xdb
syscall() at syscall+0x2ea
--- syscall (number 5) ---
0x1c00e3e1:
ddb>PID   PPID   PGRPUID  S   FLAGS  WAIT   COMMAND
 30524  14560  14560  0  3  0x4086  pipewr gzip
*14560  16456  14560  0  7  0x4006 tar
 16456  14200  16456   1000  3  0x4086  pause  csh
 14200  14618  14618   1000  3   0x184  select sshd
 14618  19009  14618  0  3  0x4084  netio  sshd
  4633  1   4633  0  3  0x4086  ttyin  getty
 11447  1  11447  0  3  0x4086  ttyin  getty
 18246  1  18246  0  3  0x4086  ttyin  getty
 22102  1  22102  0  3  0x4086  ttyin  getty
 11015  1  11015  0  3  0x4086  ttyin  getty
 27803  1  27803  0  30x84  select cron
 26298  1  26298  0  3 0x40184  select sendmail
 19009  1  19009  0  30x84  select sshd
 12832  1  12832  0  3   0x184  select inetd
 10395  26437  26437 83  3   0x184  poll   ntpd
 26437  1  26437  0  30x84  poll   ntpd
  1666   2020   2020 73  3   0x184  poll   syslogd
  2020  1   2020  0  30x8c  netio  syslogd
13  0  0  0  30x100204  crypto_wa  crypto
12  0  0  0  30x100204  aiodoned   aiodoned
11  0  0  0  30x100204  syncer update
10  0  0  0  30x100204  cleanercleaner
 9  0  0  0  30x100204  reaper reaper
 8  0  0  0  30x100204  pgdaemon   pagedaemon
 7  0  0  0  30x100204  pftm   pfpurge
 6  0  0  0  30x100204  wait   wskbd_hotkey
 5  0  0  0  30x100204  usbtsk usbtask
 4  0  0  0  30x100204  usbevt usb0
 3  0  0  0  30x100204  apmev  apm0
 2  0  0  0  30x100204  kmallockmthread
 1  0  1  0  3  0x4084  wait   init
 0 -1  0  0  3 0x80204  scheduler  swapper
-

panic #2:
-
WARNING: / was not properly unmounted
panic: ufsdirhash_findslot: 'crash66.C' not found
Stopped at  Debugger+0x4:   leave
RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC!
DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION!
ddb> Debugger(d6c53118,0,2000,d12e4220,400) at Debugger+0x4
panic(d0676280,9,ddafa748,d12e4220,7ff) at panic+0x63
ufsdirhash_delslot(d12e5c00,ddafa748,9,740,d6b99b38) at ufsdirhash_delslot
ufsdirhash_remove(d6b99d30,ddafa740,740,d12e5c00) at ufsdirhash_remove+0x3c
ufs_dirremove(d6b9f1d4,d6b99b38,800c,0) at ufs_dirremove+0x6b
ufs_remove(e9e27e88,d6b9f30c,d6b309e0,d6c141e0,d0717580) at ufs_remove+0x9b
VOP_REMOVE(d6b9f1d4,d6b9f30c,e9e27edc,2) at VOP_REMOVE+0x2e
sys_unlink(d6b309e0,e9e27f68,e9e27f58,b,252) at sys_unlink+0x80
syscall() at syscall+0x2ea
--- syscall (number 10) ---
0x1c007f95:
ddb> syncing disks... 31 28 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 giving up
rebooting...
-

dmesg:
-
OpenBSD 4.0 (GENERIC) #1107: Sat Sep 16 19:15:58 MDT 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENER

Re: openbsd 4.0 server, new setup, getting panics

[John Mendenhall]

> > The symptoms you describe sound like classic hardware problems,
> > however, I see a couple things worthy of note in your dmesg:
> > 
> > > -
> > > OpenBSD 4.0 (GENERIC) #1107: Sat Sep 16 19:15:58 MDT 2006
> > > [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
> > > cpu0: AMD Duron(tm) Processor ("AuthenticAMD" 686-class, 64KB L2 cache) 
> > > 1.61 GHz
> > > cpu0: 
> > > FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
> > 
> > No idea why, but I've seen a number of AMD systems of that
> > vintage which were temperamental about their RAM.  Wasn't that
> > the RAM was bad...but the system bus timing was off in some
> > way.
> > 
> > Curiously, these machines had more-than-usual amounts of clock
> > speed control, and they seemed to settle down by cranking down
> > the clock speed a tad.  You won't miss it, really.
> 
> I have set the front side bus to be 200, instead of 266 and
> am re-running the memory tests.

I was still getting errors after decreasing the fsb speed.
I modified the bios as follows:
 - sdram timing by spd enabled
 - auto detect pci clock enabled
 - clk spread spectrum enabled
I retested the memory, ran it overnight using memtest86+.
No errors.

I don't know which of the above fixed the problem.
However, it is not causing any memory errors now.

Thanks so much for the pointers.

JohnM

-- 
john mendenhall
[EMAIL PROTECTED]
surf utopia
internet services

Re: Wap browser

[Mike Alaimo]

You should try the firefox, wml browser extension

wap 2.0 is just xhtml so any browser should work fine...

Always test on your mobile device ;p :)

hope this helps.

On 5/3/07, Rafael Morales <[EMAIL PROTECTED]> wrote:

Hi list,

Is there any wap browser for openbsd ??, Because I'm
trying to use the Openwave emulator using WINE,
however I get this error:

$ wine Openwave_SDK_622.exe
fixme:win32:PE_LoadImage Need to relocate
F:\OPEN~EPB.EXE, but no relocation records present
(stripped during link).
wine: can't exec 'Openwave_SDK_622.exe': error=0
wine: no executable file found.

Any help ???, I don't care if I have to use wine, or
one browser or any other tool, I just need to see the
result of my developments in XHTML.

Thanks to all

__
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam !gratis!
Regmstrate ya - http://correo.yahoo.com.mx/

Re: 4.1-stable build fails for sparc64

[Maurice Janssen]

On Monday, April 30, 2007 at 11:45:05 +0200, Maurice Janssen wrote:
>Hi,
>
>I'm trying to build a release(8) of 4.1-stable for a couple of
>architectures.  I installed 4.1-release from the CD on i386, sparc and
>sparc64.  I untarred the srs.tar.gz from the CD on an NFS server (also
>running 4.1-release) and updated the cvs tree through anoncvs
>(cvs -qd [EMAIL PROTECTED]:/cvs up -rOPENBSD_4_1 -Pd).
>So far so good.
>
>The updated /usr/src is mounted as nfs mount on the three systems that
>I'm building the release on.  Compiling the kernel worked fine for all
>three systems.  'make build' failed on sparc64, but it worked fine for
>i386.  sparc is still compiling, but it passed the point where sparc64
>failed.
>
>The build for sparc64 failed somewhere in gnu/usr.bin/binutils (see
>below, dmesg also below).  Any ideas what's going wrong?

In my original attempt, /usr/obj was also an NFS mount.  Today I tried
again with /usr/obj on a local filesystem and the build finished without
a problem.
Very strange.  Builds for sparc and i386 work fine when /usr/obj is NFS
mounted.

Should /osr/obj always be in a localfilesystem or is something else
going in?

Maurice

Re: Wap browser

[Nelson Murilo]

May you could try "wApua" writing in perl. 

Br,

./nelson -murilo

On Thu, May 03, 2007 at 03:21:45PM -0500, Rafael Morales wrote:
> Hi list,
> 
> Is there any wap browser for openbsd ?? 

Wap browser

[Rafael Morales]

Hi list,

Is there any wap browser for openbsd ??, Because I'm
trying to use the Openwave emulator using WINE,
however I get this error:

$ wine Openwave_SDK_622.exe
fixme:win32:PE_LoadImage Need to relocate
F:\OPEN~EPB.EXE, but no relocation records present
(stripped during link).
wine: can't exec 'Openwave_SDK_622.exe': error=0
wine: no executable file found.

Any help ???, I don't care if I have to use wine, or
one browser or any other tool, I just need to see the
result of my developments in XHTML.

Thanks to all 

__
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam !gratis! 
Regmstrate ya - http://correo.yahoo.com.mx/ 

pf wierd effect

[Tang Tse]

Hi,

Now it's time to play with pf. I got some weird trouble on pass ssh
connections.. here is my pf.con


# NICs
ext_if="rl1"
int_if="rl2"
pf_if="rl0"


allow_ports_out="{80,110,143}"
allow_proto_out="{tcp,udp,icmp}"
allow_proto_in="{tcp, udp}"


table  persist file "/etc/blocked.conf"

table  persist file "/etc/lan.conf"


scrub out on $ext_if all random-id

rdr on $ext_if proto $allow_proto_in from any to ($ext_if) port $ssh_ext_m2
-> 192.168.0.2 port $ssh_int_m2
rdr on $ext_if proto $allow_proto_in from any to ($ext_if) port $http_ext_2
-> 192.168.0.2 port $http_int_2

rdr on $ext_if proto $allow_proto_in from any to ($ext_if) port $http_ext_m2
-> 192.168.0.3 port $http_int_m2

nat on $ext_if from  to any -> ($ext_if)


pass out on $pf_if proto carp keep state
pass on $pf_if proto pfsync


block drop in quick on $ext_if from 

antispoof for $ext_if
antispoof for $int_if


#block in on $ext_if all
block in all

pass in on $int_if proto tcp from  to ($int_if) port 22 flags
S/SA modulate state

pass out on $ext_if proto tcp from  to any flags S/SA modulate
state
pass out on $ext_if proto udp from  to any keep state


It's a very simple pf.conf.. only for play. My trouble comes when i try to
connect via ssh throught int_if ( My lan ). If i use "block in all" rule and
"pass in on $int_if proto tcp from  to ($int_if) port $ssh_mer
flags S/SA modulate state" i can't connect to ssh. If i change "block in
all" to "block in on$ext_if all" then i can connect to the host. With "block
in all" and if i take off "port 22" from the previous rule, ( so the rule
will be: "pass in on $int_if proto tcp from  to ($int_if) flags
S/SA modulate state") than again i can connect from the lan to the host via
ssh.

More schematic:

I can't connect:
block in all
pass in on $int_if proto tcp from  to ($int_if) port 22 flags
S/SA modulate state

I can connect:
block in on $ext_if all
pass in on $int_if proto tcp from  to ($int_if) port 22 flags
S/SA modulate state

I can connect:
block in on $ext_if all
pass in on $int_if proto tcp from  to ($int_if) flags S/SA
modulate state

I can't find why, any help? what i am doing bad?

Thanks once again you all,

Tang

Re: ntpd use dhclient ntp-servers

[Tom Van Looy]

Maurice Janssen wrote:

On Thursday, May  3, 2007 at 00:23:00 +0200, Tom Van Looy wrote:
Hi, I wanted to let my ntp client use the servers it receives from the 
dhcp server (3.0 from packages). I made it working like this:


I added ntp-servers to /etc/dhclient.conf, and the following function to 
the /sbin/dhclient-script script:


add_new_ntp() {
  if [ -n "$new_ntp_servers" ]; then
 sed "/^server/d" /etc/ntpd.conf > /etc/ntpd.conf.new
 for address in $new_ntp_servers; do
echo "server" $address >> /etc/ntpd.conf.new
 done
 mv /etc/ntpd.conf.new /etc/ntpd.conf && pkill -KILL ntpd && ntpd
  fi
}

I use add_new_ntp after add_new_routes in BOUND|RENEW|REBIND|REBOOT)

Is this the right way to do let ntp use dhclient?
And, is what I did in add_new_ntp() the best way to do it?


I'm not sure if it is wise to restart ntpd each time your dhcp
lease is renewed.  ntpd needs some time to settle and this will
interrupt this process again and again.

Maurice



You could be right. I changed it to only do it on REBOOT now.
Any idea about the DHCPACK from 127.0.0.1? That's still strange.

Re: Redundant Firewalls, CARP + IPSEC + SASYNCD

[askthelist]

I mean Phase 1 of the IPSEC connection by ISAKMPD session. Hmm sounds like
I'm on the right track but I definately missing something. Maybe I  had some
misconfigurations somewhere. I'll have to try again and see how it goes. If
I still have problems I will post the configs.Thanks for the help.

On 5/3/07, Dag Richards <[EMAIL PROTECTED]> wrote:
>
> [EMAIL PROTECTED] wrote:
> > Ok that setup is similar to what I have and I do have carp interfaces on
> > both sides of the firewall. I was able to configure sasynd but when
> > running netstat -rnf encap was not able to see any of the flows on the
> > slave machine, but then I realized or thought that it was because the
> > ISAKMPD session was not established on the slave machine.
>
> I do not understand your terms here, ISAKMPD session 
>
> >
> > If your trying to establish the ISAKMPD session from the slave box which
> > does not have control of the active carp interface, how is the
> > ISAKMPD/IPSEC connection established? Doesn't it need to be established
> > for sasynd to know about the SA's? or upon failover does the session
> > then get established on the fly? Do you use isakmpd.conf or ipsec.conf
> > to control your flows?
>
> I use isakmpd.conf, though it seems to be deprecated and so really
> should be moving over to ipsec.conf.
>
> I have a dedicated NIC on each machine with a x-over cable to carry the
> sasync and pfsync traffic, you can use an ipsec tunnel for this though I
> found it to fail occasionally.
>
> Run isakmpd on both hosts with the listen addr being that of the carp
> iface and you should see SPI's propagated from the active server to the
> second.
>
>
> off to lunch now, if this does not clear things up sufficiently you
> should consider posting ifconfigs, sassync.conf isakmpd.conf and maybe
> some dumps ...
>
>
>
> maybe one of the smart people will help us then,.
>
> >
> > Thanks.
> >
> > On 5/2/07, *Dag Richards* <[EMAIL PROTECTED]
> > > wrote:
> >
> > [EMAIL PROTECTED]  wrote:
> >  > I have a redundant firewall setup with carp interfaces on both
> > sides of the
> >  > firewall. I have a mirror of this setup in a 2nd location. Now im
> > a little
> >  > confused on how to set up the VPN. Do I use 1) the physical
> > interfaces
> >  > between the peers or 2) do I use the carp interface as the peers
> > or 3)do I
> >  > use both the physical and carp interfaces as the peers.
> >  >
> >  > When trying to setup sasyncd in this sort of enviornment I cant
> > get the
> >  > slave firewall to establish an IKE session because of the ips of
> > the peers.
> >  > Can anyone give me any insight into this?
> >  >
> >
> > What I have been doing is setting up the VPNs between the sites
> using
> > the carp addrs.  sasync follows the state of the carp interface so
> you
> > should get
> >
> >
> >
> >   box a -   - box y-
> > \  /\
> > carp 0 ---vpncarp 0  carp1 --internal
> nets
> >  / \/
> >   box c -   - box z-
> >
> > a netstat -rnf encap run on a and c should look the same
> > and y and z should as well. Packets will only be forwarded down the
> > tunnel by the machine who is carp master of either end. You will
> > probably want to have internal carp ifaces as well, as seen on boxes
> y
> > and z.

Re: anyone working on packages for landisk?

[Theo de Raadt]

> Is anyone working on packages for the landisk platform?
> If so, what packages are on your priority list?

They are there in 4.1/packages/sh/

autobook-1.5.tgz libltdl-1.5.22p1.tgz
autoconf-2.13p0.tgz  libogg-1.1.3.tgz
autoconf-2.52p1.tgz  libtheora-1.0alpha7.tgz
autoconf-2.57p0.tgz  libtool-1.5.22p8.tgz
autoconf-2.59p1.tgz  libungif-4.1.4p0.tgz
automake-1.4.6.tgz   links+-2.1pre26-no_x11.tgz
automake-1.8.5p1.tgz mergemaster-1.46p2.tgz
automake-1.9.6p1.tgz metaauto-0.7.tgz
bash-3.2.tgz mutt-1.4.2.2i.tgz
bsd-airtools-0.2p2.tgz   openmotif-2.1.30.5p2.tgz
bzip2-1.0.4.tgz  openmotif-debuglibs-2.1.30.5p0.tgz
cdparanoia-3.a9.8p0.tgz  openmotif-demos-2.1.30.5p0.tgz
curl-7.16.0.tgz  png-1.2.14p0.tgz
epic4-2.4.tgzprocmail-3.22p1.tgz
expat-2.0.0.tgz  rsync-2.6.9.tgz
fetchmail-6.3.6.tgz  rtunes-0.6p0.tgz
gettext-0.14.6.tgz   screen-4.0.3p0.tgz
gmake-3.80p1.tgz speex-1.0.5p0.tgz
gnupg-1.4.6.tgz  stunnel-4.20.tgz
gtar-1.16.1.tgz  t1lib-5.1.0p0.tgz
help2man-1.29.tgztcpflow-0.21p0.tgz
hping-2.0.0rc3p0.tgz tcsh-6.14.00p1.tgz
id-utils-3.2dp0.tgz  unzip-5.52.tgz
index.txtvim-7.0.178-no_x11.tgz
ircII-20040820.tgz   vim-lang-7.0.178-no_x11.tgz
jpeg-6bp3.tgzzsh-4.2.6p2.tgz
libiconv-1.9.2p3.tgz

Not very many, but maybe more next release.

'sh' is of course the cpu architecture for the landisk.

anyone working on packages for landisk?

[Darth Lists]

Hello list,

Is anyone working on packages for the landisk platform?
If so, what packages are on your priority list?

There was this quote from Diana which leads me to think this is not just 
a matter of building them for this arch:

===quoth Diana===
   In my opinion the only thing needed to make the landisk platform 
really versatile is shared lib support,

   which is required for a lot of packages.


/Jason

BGP + Multiple Providers + Redundant Firewalls

[askthelist]

Any recommendations on running BGP on redundant firewalls to multiple
providers advertising the same network thru both links, and talking iBGP
with the other firewall? Just asking because I ran into a problem with this
scenario when traffic would enter 1 host, traverse the iBGP crossover link
and then exit the 2nd host, and  return traffic would come back in thru the
1st host. There was a mismatch of the states that seemed to cause my
problems. Heres how i was set up.

Problem Scenario:

  box-a ---> Provider-A
   / |
carp0 |
   \  box-b->Provider-B


Solution:
   Box-A & Box-B are my redundant firewalls running pfsync between the
dedicated link. Box-C & Box-D are just T1 routers running BGP. The routers
route to carp1 on the firewalls and the firewalls route to carp0 on the
routers. Box-C and Box-D run iBGP between there dedicated link to share
routes to external networks. The multiple providers are for both redundancy
and aggregate bandwidth. Running BGP in an active/backup scenarios based on
who has the carp0 interface isnt an option because of the necessity of the
aggregate bandwidth.This solution works fine for us but we really wanted to
run on two boxes. I believe the only problem we have now is with BGP
Convergence. If anyone has any tips on how to minimize this when I reboot
box-c or box-d I that would be great. If anyone has comments,
recommendations, adjustments, tips on our setup please do share.

  box-a  switchbox-c-> Provider-A
   / |\  |   /|
carp0 |carp1   |   carp0 |
   \ |/  |   \|
  box-b -switchbox-d->Provider-B

Re: Redundant Firewalls, CARP + IPSEC + SASYNCD

[Dag Richards]

[EMAIL PROTECTED] wrote:
Ok that setup is similar to what I have and I do have carp interfaces on 
both sides of the firewall. I was able to configure sasynd but when 
running netstat -rnf encap was not able to see any of the flows on the 
slave machine, but then I realized or thought that it was because the 
ISAKMPD session was not established on the slave machine.


I do not understand your terms here, ISAKMPD session 



If your trying to establish the ISAKMPD session from the slave box which 
does not have control of the active carp interface, how is the 
ISAKMPD/IPSEC connection established? Doesn't it need to be established 
for sasynd to know about the SA's? or upon failover does the session 
then get established on the fly? Do you use isakmpd.conf or ipsec.conf 
to control your flows?


I use isakmpd.conf, though it seems to be deprecated and so really 
should be moving over to ipsec.conf.


I have a dedicated NIC on each machine with a x-over cable to carry the 
sasync and pfsync traffic, you can use an ipsec tunnel for this though I 
found it to fail occasionally.


Run isakmpd on both hosts with the listen addr being that of the carp 
iface and you should see SPI's propagated from the active server to the 
second.



off to lunch now, if this does not clear things up sufficiently you 
should consider posting ifconfigs, sassync.conf isakmpd.conf and maybe 
some dumps ...




maybe one of the smart people will help us then,.



Thanks.

On 5/2/07, *Dag Richards* <[EMAIL PROTECTED] 
> wrote:


[EMAIL PROTECTED]  wrote:
 > I have a redundant firewall setup with carp interfaces on both
sides of the
 > firewall. I have a mirror of this setup in a 2nd location. Now im
a little
 > confused on how to set up the VPN. Do I use 1) the physical
interfaces
 > between the peers or 2) do I use the carp interface as the peers
or 3)do I
 > use both the physical and carp interfaces as the peers.
 >
 > When trying to setup sasyncd in this sort of enviornment I cant
get the
 > slave firewall to establish an IKE session because of the ips of
the peers.
 > Can anyone give me any insight into this?
 >

What I have been doing is setting up the VPNs between the sites using
the carp addrs.  sasync follows the state of the carp interface so you
should get



  box a -   - box y-
\  /\
carp 0 ---vpncarp 0  carp1 --internal nets
 / \/
  box c -   - box z-

a netstat -rnf encap run on a and c should look the same
and y and z should as well. Packets will only be forwarded down the
tunnel by the machine who is carp master of either end. You will
probably want to have internal carp ifaces as well, as seen on boxes y
and z.

Re: vmware vmxnet driver (vic) error

[Reyk Floeter]

On Thu, May 03, 2007 at 08:01:53PM +0200, Bert Koelewijn wrote:
> Is anybody successfully using the vmxnet network driver (vic)?

yes, i was using it with esx and the freeware vmware server.

time to test it again...

> With various VMWare Server 1.0+ versions and host operating 
> systems I'm experiencing the following problem:
> 
>  vm_fault(0xd5fd9298, 0x0, 0, 3) -> e
>  kernel: page fault trap, code=0
>  Stopped at  _bus_dmamap_load_mbuf+0xf:   movl$0,0x18(%esi)
> 

yuck

do you get the ddb prompt to enter a 'trace' command?

> 
> -Bert
> lo0: flags=8049 mtu 33224
>   groups: lo
>   inet 127.0.0.1 netmask 0xff00
>   inet6 ::1 prefixlen 128
>   inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
> vic0: flags=8843 mtu 1500
>   lladdr 00:0c:29:07:b9:ae
>   groups: egress
>   media: Ethernet autoselect
>   status: active
>   inet 192.168.2.30 netmask 0xff00 broadcast 192.168.2.255
>   inet6 fe80::20c:29ff:fe07:b9ae%vic0 prefixlen 64 scopeid 0x1
> pflog0: flags=0<> mtu 33224
> enc0: flags=0<> mtu 1536
> OpenBSD 4.1 (GENERIC) #1435: Sat Mar 10 19:07:45 MST 2007
> [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
> cpu0: Genuine Intel(R) CPU T2300 @ 1.66GHz ("GenuineIntel" 686-class) 1.67 GHz
> cpu0: 
> FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,SSE3
> real mem  = 267939840 (261660K)
> avail mem = 236793856 (231244K)
> using 3302 buffers containing 13524992 bytes (13208K) of memory
> mainbus0 (root)
> bios0 at mainbus0: AT/286+ BIOS, date 04/17/06, BIOS32 rev. 0 @ 0xfd880, 
> SMBIOS rev. 2.31 @ 0xe0010 (45 entries)
> bios0: VMware, Inc. VMware Virtual Platform
> apm0 at bios0: Power Management spec V1.2
> apm0: AC on, battery charge unknown
> apm0: flags 30102 dobusy 0 doidle 1
> pcibios0 at bios0: rev 2.1 @ 0xfd880/0x780
> pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf30/176 (9 entries)
> pcibios0: PCI Interrupt Router at 000:07:0 ("Intel 82371FB ISA" rev 0x00)
> pcibios0: PCI bus #1 is the last bus
> bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xdc000/0x4000! 0xe/0x4000!
> acpi at mainbus0 not configured
> cpu0 at mainbus0
> pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
> pchb0 at pci0 dev 0 function 0 "Intel 82443BX AGP" rev 0x01
> ppb0 at pci0 dev 1 function 0 "Intel 82443BX AGP" rev 0x01
> pci1 at ppb0 bus 1
> pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev 0x08
> pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01: DMA, channel 0 
> configured to compatibility, channel 1 configured to compatibility
> wd0 at pciide0 channel 0 drive 0: 
> wd0: 64-sector PIO, LBA, 8192MB, 16777216 sectors
> wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
> atapiscsi0 at pciide0 channel 1 drive 0
> scsibus0 at atapiscsi0: 2 targets
> cd0 at scsibus0 targ 0 lun 0:  SCSI0 
> 5/cdrom removable
> cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
> piixpm0 at pci0 dev 7 function 3 "Intel 82371AB Power" rev 0x08: SMBus 
> disabled
> vga1 at pci0 dev 15 function 0 "VMware Virtual SVGA II" rev 0x00
> wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
> wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
> mpi0 at pci0 dev 16 function 0 "Symbios Logic 53c1030" rev 0x01: irq 9
> scsibus1 at mpi0: 16 targets
> vic0 at pci0 dev 17 function 0 "VMware Virtual NIC" rev 0x10: irq 11
> vic0: VMXnet 864F, address 00:0c:29:07:b9:ae
> isa0 at pcib0
> isadma0 at isa0
> pckbc0 at isa0 port 0x60/5
> pckbd0 at pckbc0 (kbd slot)
> pckbc0: using irq 1 for kbd slot
> wskbd0 at pckbd0: console keyboard, using wsdisplay0
> pmsi0 at pckbc0 (aux slot)
> pckbc0: using irq 12 for aux slot
> wsmouse0 at pmsi0 mux 0
> pcppi0 at isa0 port 0x61
> midi0 at pcppi0: 
> spkr0 at pcppi0
> lpt0 at isa0 port 0x378/4 irq 7
> npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
> pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
> pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
> fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
> biomask ef65 netmask ef65 ttymask ffe7
> pctr: 686-class user-level performance counters enabled
> mtrr: CPU supports MTRRs but not enabled
> dkcsum: wd0 matches BIOS drive 0x80
> root on wd0a
> rootdev=0x0 rrootdev=0x300 rawdev=0x302
> arp info overwritten for 192.168.2.254 by 00:50:56:fe:78:6c on vic0

Re: Redundant Firewalls, CARP + IPSEC + SASYNCD

[askthelist]

Ok that setup is similar to what I have and I do have carp interfaces on
both sides of the firewall. I was able to configure sasynd but when running
netstat -rnf encap was not able to see any of the flows on the slave
machine, but then I realized or thought that it was because the ISAKMPD
session was not established on the slave machine.

If your trying to establish the ISAKMPD session from the slave box which
does not have control of the active carp interface, how is the ISAKMPD/IPSEC
connection established? Doesn't it need to be established for sasynd to know
about the SA's? or upon failover does the session then get established on
the fly? Do you use isakmpd.conf or ipsec.conf to control your flows?

Thanks.

On 5/2/07, Dag Richards <[EMAIL PROTECTED]> wrote:
>
> [EMAIL PROTECTED] wrote:
> > I have a redundant firewall setup with carp interfaces on both sides of
> the
> > firewall. I have a mirror of this setup in a 2nd location. Now im a
> little
> > confused on how to set up the VPN. Do I use 1) the physical interfaces
> > between the peers or 2) do I use the carp interface as the peers or 3)do
> I
> > use both the physical and carp interfaces as the peers.
> >
> > When trying to setup sasyncd in this sort of enviornment I cant get the
> > slave firewall to establish an IKE session because of the ips of the
> peers.
> > Can anyone give me any insight into this?
> >
>
> What I have been doing is setting up the VPNs between the sites using
> the carp addrs.  sasync follows the state of the carp interface so you
> should get
>
>
>
>   box a -   - box y-
> \  /\
> carp 0 ---vpncarp 0  carp1 --internal nets
>  / \/
>   box c -   - box z-
>
> a netstat -rnf encap run on a and c should look the same
> and y and z should as well. Packets will only be forwarded down the
> tunnel by the machine who is carp master of either end. You will
> probably want to have internal carp ifaces as well, as seen on boxes y
> and z.

vmware vmxnet driver (vic) error

[Bert Koelewijn]

Is anybody successfully using the vmxnet network driver (vic)? With various 
VMWare Server 1.0+ versions and host operating 
systems I'm experiencing the following problem:

 vm_fault(0xd5fd9298, 0x0, 0, 3) -> e
 kernel: page fault trap, code=0
 Stopped at  _bus_dmamap_load_mbuf+0xf:   movl$0,0x18(%esi)


-Bert
lo0: flags=8049 mtu 33224
groups: lo
inet 127.0.0.1 netmask 0xff00
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
vic0: flags=8843 mtu 1500
lladdr 00:0c:29:07:b9:ae
groups: egress
media: Ethernet autoselect
status: active
inet 192.168.2.30 netmask 0xff00 broadcast 192.168.2.255
inet6 fe80::20c:29ff:fe07:b9ae%vic0 prefixlen 64 scopeid 0x1
pflog0: flags=0<> mtu 33224
enc0: flags=0<> mtu 1536
OpenBSD 4.1 (GENERIC) #1435: Sat Mar 10 19:07:45 MST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Genuine Intel(R) CPU T2300 @ 1.66GHz ("GenuineIntel" 686-class) 1.67 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,SSE3
real mem  = 267939840 (261660K)
avail mem = 236793856 (231244K)
using 3302 buffers containing 13524992 bytes (13208K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+ BIOS, date 04/17/06, BIOS32 rev. 0 @ 0xfd880, SMBIOS 
rev. 2.31 @ 0xe0010 (45 entries)
bios0: VMware, Inc. VMware Virtual Platform
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xfd880/0x780
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf30/176 (9 entries)
pcibios0: PCI Interrupt Router at 000:07:0 ("Intel 82371FB ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xdc000/0x4000! 0xe/0x4000!
acpi at mainbus0 not configured
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82443BX AGP" rev 0x01
ppb0 at pci0 dev 1 function 0 "Intel 82443BX AGP" rev 0x01
pci1 at ppb0 bus 1
pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev 0x08
pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01: DMA, channel 0 
configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 64-sector PIO, LBA, 8192MB, 16777216 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  SCSI0 5/cdrom 
removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
piixpm0 at pci0 dev 7 function 3 "Intel 82371AB Power" rev 0x08: SMBus disabled
vga1 at pci0 dev 15 function 0 "VMware Virtual SVGA II" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
mpi0 at pci0 dev 16 function 0 "Symbios Logic 53c1030" rev 0x01: irq 9
scsibus1 at mpi0: 16 targets
vic0 at pci0 dev 17 function 0 "VMware Virtual NIC" rev 0x10: irq 11
vic0: VMXnet 864F, address 00:0c:29:07:b9:ae
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: 
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
biomask ef65 netmask ef65 ttymask ffe7
pctr: 686-class user-level performance counters enabled
mtrr: CPU supports MTRRs but not enabled
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
arp info overwritten for 192.168.2.254 by 00:50:56:fe:78:6c on vic0

Dual-port Gigabit SX NICs?

[K K]

I have a need to set up a sniffer based off NetOptics Fiber tap,
collecting data from two different segments (so four interfaces
total), with a total of around 800Mbps receive traffic, zero transmit.

This would be our first foray into Fiber NICs on OpenBSD, looking for
recommendations for on affordable, reliable dual 1000baseSX NICs with
good OpenBSD support.  Reading Mark Kettenis's O'Reilly interview for
4.0, I see that Marvell/SysKonnect is uncooperative and buggy.

We mostly use Intel's Pro/1000 Quad cards for copper GigE, so I could
go with the very expensive Intel PWLA8492MF, but at $750/each, the
Intel card doesn't meet the "affordable" part of my criteria.


Thanks,

Kevin

Re: CARP, carpdemote and kernel routing table

[François Rousseau]

Hi,

I have a very similar issue and I working on a solution with ifstated daemon.

You have to remove the route from the routing table when a carp
interface goes init or backup.  Like that, the OSPF daemon will be
able to add is route to the routing table.  When a CARP interface come
back has Master, the new route from CARP is automatically added to the
routing table and replace the old OSPF route.

Right now my script work well if I start everything in the good
order;) I have to add some test/verification in it to make it more
stable.

I will post my script on this mailing list when I will have time to
finish it (probably in a few days)

FranC'ois Rousseau

2007/5/2, Falk Brockerhoff <[EMAIL PROTECTED]>:

Claudio Jeker schrieb:

> Most people use carp on both sides of the firewall and then preemption
> will take care of makeing the backup system invisible to the network. If
> you are using carp with ospfd you need at the moment dedicated carp boxes
> that connect to your ospf cloud. The carp backup router will not announce
> the network and so no traffic will flow in his direction.
> This is not optimal I know.

Ah ok, thank you for your explanation!

> I hope we can finally fix this at the upcomming c2k7

On the website there aren't any information about the upcoming c2k7 -
can you tell me a spotted month?

In another posting you wrote "A spare brain, lot of beer, drugs and
time." - let me know where to deliver a box of your favorite beer ;-)

Regards,

Falk

4.1 Packages Page

[djgoku]

http://www.openbsd.org/4.1_packages/
Gets a 404 error.
http://www.openbsd.org/4.0_packages/
Works fine.

Link found on: http://openbsd.org/faq/faq15.html

Re: 4.1-stable compile fails

[Sean Malloy]

Using the the mirror anoncvs.usa.openbsd.org fixed the problem. Thanks.

Re: pf - drop or return - is stealth mode overrated?

[Henning Brauer]

* Kian Mohageri <[EMAIL PROTECTED]> [2007-05-02 21:52]:
> Henning Brauer wrote:
> > * Chris Smith <[EMAIL PROTECTED]> [2007-04-25 00:42]:
> >> Using openbsd as a firewall in several cases - a few small businesses, and 
> >> also for home use. Some websites, such as grc.com, stress that "stealth 
> >> mode" 
> >> (which openbsd handles with ease) is the safest. But I've also read that 
> >> using 'return' instead of 'drop' is good netizenship. So I'm wondered how 
> >> others are handling this and what recommendations you might have.
> > 
> > "stealth" mode is totally overrated.
> > 
> 
> For my clarification, are we talking about "stealth mode" as in dropping
> everything (including pings) from untrusted hosts, or the default
> block-policy (drop vs. return)?

the latter, drop.
the former is not overrated. it is incredibly stupid.

> Based on this discussion, I'm trying to decide if I want to change our
> firewall block-policy to 'return' even though we already allow ping and
> 'return' traffic to the firewalls themselves so things like traceroute
> can work.

being a nice net citizen you return and RST/icmp when you block sth.

-- 
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam

Re: 4.1-stable compile fails

[James Turner]

On Thu, May 03, 2007 at 10:41:32AM -0500, Sean Malloy wrote:
> I have been getting exactly the same error trying to track 4.1 STABLE
> and 4.0 STABLE on my amd64 machine. I have tried several different
> mirrors with no luck. I don't know how to fix the problem, but you are
> not alone.
> -- 
> Sean Malloy
> Registered GNU/Linux User #417855
> www.catgrepsort.com

I had the same issue yesterday.  I was able to use
anoncvs.usa.openbsd.org to restore editor.c.  Also there is my
posting on tech@, where someone posted some links where you might be
able to get the files from cvsweb.  Might be worth checking out.

Re: 4.1-stable compile fails

[Jason Haag]

> I have been getting exactly the same error trying to track
> 4.1 STABLE and 4.0 STABLE on my amd64 machine. I have tried
> several different mirrors with no luck. I don't know how to
> fix the problem, but you are not alone.

I have been pointed to a thread on -tech:
http://marc.info/?l=openbsd-tech&m=117816265602086&w=2

According to the linked post above, using anoncvs.usa.openbsd.org will
work. Haven't tried it yet, though.

-Jason

Re: : : HP ProLiant DL140 G3 problems

[Boris Golberg]

Hello Raimo,

Wednesday, May 2, 2007, 9:52:40 AM, you wrote:

RN> Sorry, I can't make it work. For a DL140 G3 (or rather now a DL145 G3).

RN> I remember seing something like that on a DL380, though.

RN> telnet  gives a weird prompt /./ that has no help and only
RN> responds with command errors. There is also a HTTP server running
RN> at the address. But not ssh.

RN> On Sat, Apr 28, 2007 at 10:46:45PM -0400, Steve Shockley wrote:
>> Darth Lists wrote:
>> >Honestly, it blows big-time compared to a 
>> >real serial console since it has a more or less useless scroll-back 
>> >buffer.
>> 
>> You can ssh in to the ILO IP address and get console redirection.  You 
>> can even redirect the serial console to the ILO ssh after POST if you want.

  I  believe  you need at least iLO Select license to activate ssh and ssl,
and DL100/DL300 are coming by default with just iLO Standard.

  BTW, why don't you call HP and ask them these questions?

-- 
Best regards,
 Borismailto:[EMAIL PROTECTED]

Re: 4.1-stable compile fails

[Sean Malloy]

On 5/3/07, Jason Haag <[EMAIL PROTECTED]> wrote:

Did a "cvs up -rOPENBSD_4_1" against rt.fm, started a build and got the
error below. Anyone else seeing this or did I mess up my source tree?

editor.c does not exist in the reference directory, but the Makefile
refers to it.

Re-running a "cvs up -rOPENBSD_4_1" doesn't add the file.

And in case it helps, here's my .cvsrc:
===
cvs -q [EMAIL PROTECTED]:/cvs
update -Pd
===

Thanks,
-Jason

===> sbin/ccdconfig
mkdep -a /usr/src/sbin/ccdconfig/ccdconfig.c
===> sbin/disklabel
make: don't know how to make editor.c. Stop in /usr/src/sbin/disklabel.
*** Error code 2

Stop in /usr/src/sbin.
*** Error code 1

Stop in /usr/src.
*** Error code 1

Stop in /usr/src (line 73 of Makefile).




I have been getting exactly the same error trying to track 4.1 STABLE
and 4.0 STABLE on my amd64 machine. I have tried several different
mirrors with no luck. I don't know how to fix the problem, but you are
not alone.
--
Sean Malloy
Registered GNU/Linux User #417855
www.catgrepsort.com

Re: 4.1-stable compile fails

[Daniel Bosk]

Some people mailed about it as "4.1 disklable compile issues"

 -- Daniel


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
> On Behalf Of Jason Haag
> Sent: Thursday, May 03, 2007 5:16 PM
> To: misc@openbsd.org
> Subject: 4.1-stable compile fails
> 
> Did a "cvs up -rOPENBSD_4_1" against rt.fm, started a build 
> and got the
> error below. Anyone else seeing this or did I mess up my source tree?
> 
> editor.c does not exist in the reference directory, but the Makefile
> refers to it.
> 
> Re-running a "cvs up -rOPENBSD_4_1" doesn't add the file.
> 
> And in case it helps, here's my .cvsrc:
> ===
> cvs -q [EMAIL PROTECTED]:/cvs
> update -Pd
> ===
> 
> Thanks,
> -Jason
> 
> ===> sbin/ccdconfig
> mkdep -a /usr/src/sbin/ccdconfig/ccdconfig.c
> ===> sbin/disklabel
> make: don't know how to make editor.c. Stop in 
> /usr/src/sbin/disklabel.
> *** Error code 2
> 
> Stop in /usr/src/sbin.
> *** Error code 1
> 
> Stop in /usr/src.
> *** Error code 1
> 
> Stop in /usr/src (line 73 of Makefile).

Re: : : Serial console on OpenBSD 4.1 on HP ProLiant DL145 G3

[Matthew Franz]

So did anyone get the web console (which basically uses a VNC-ish java
applet) working? BTW, ssh worked for me, it just took a lng time
to login.

- mdf

On 5/3/07, Raimo Niskanen <[EMAIL PROTECTED]> wrote:

Beautiful! Thanks a lot!

But, which FM should I R? I have searched high and low
alas apparently not right.



On Thu, May 03, 2007 at 03:25:20PM +0200, Reyk Floeter wrote:
> hi!
>
> On Thu, May 03, 2007 at 12:19:01PM +0200, Raimo Niskanen wrote:
> > Aah, here we go again.
> >
> > I still haven't figured out how to use the iLO remote console.
> >
> > I have tried ssh towards the iLO IP address and get no connection.
> >
> > I have tried telnet towards the iLO IP address and get a weird
> > /./-> prompt. Can I do anything useful with it?
> >
>
> RTFM ;)
>
> /./-> cd system1
>
> /./system1/-> show
> /./system1
> Targets
> log1
>
> Properties
> name=Hewlett-Packard
> enabledstate=enabled
>
> Verbs
> cd
> version
> exit
> show
> reset
> start
> stop
> help
>
>
> /./system1/-> stop
> System1 stopped.
>
> /./system1/-> start
> System1 started.
>
>
> > I have tried http towards the iLO IP address and get the
> > server virtual power controls, etc, rather flashy, can remote
> > power on, watch temperature sensors. Cool. But no console.
> >
> > You (or someone) just briefly mentioned Esc-Q. Where is it used?
> >
>
> just press ESC-q anywhere at the prompt
>
> /./-> 
>
> and you'll get the system console. leave it with ESC-(
>
> >
> >
> > On Thu, May 03, 2007 at 01:41:32AM +0200, Reyk Floeter wrote:
> > > On Wed, May 02, 2007 at 05:41:49PM +0200, Raimo Niskanen wrote:
> > > > I have now spent the entre afternoon on it, but I can not get
> > > > the serial console to work.
> > > >
> > > > boot> set tty com0
> > > > gives no prompt anywhere. I have tried many BIOS settings
> > > > (but probably not all).
> > > >
> > > > Has anyone got it to work?
> > > >
> > >
> > > yes, but i'm using it for the iLO remote console, not for the physical
> > > serial interface. it might conflict with the iLO interface, i think
> > > there are some related buttons in the BIOS IPMI/BCM section.
> > >
> > > # sysctl hw.product
> > > hw.product=ProLiant DL145 G3
> > > # grep tty /etc/boot.conf
> > > set tty com0
> > > # uname -m
> > > amd64
> > >
> > > reyk
> >
> > --
> >
> > / Raimo Niskanen, Erlang/OTP, Ericsson AB

--

/ Raimo Niskanen, Erlang/OTP, Ericsson AB





--
Matthew Franz
http://www.threatmind.net/

4.1-stable compile fails

[Jason Haag]

Did a "cvs up -rOPENBSD_4_1" against rt.fm, started a build and got the
error below. Anyone else seeing this or did I mess up my source tree?

editor.c does not exist in the reference directory, but the Makefile
refers to it.

Re-running a "cvs up -rOPENBSD_4_1" doesn't add the file.

And in case it helps, here's my .cvsrc:
===
cvs -q [EMAIL PROTECTED]:/cvs
update -Pd
===

Thanks,
-Jason

===> sbin/ccdconfig
mkdep -a /usr/src/sbin/ccdconfig/ccdconfig.c
===> sbin/disklabel
make: don't know how to make editor.c. Stop in /usr/src/sbin/disklabel.
*** Error code 2

Stop in /usr/src/sbin.
*** Error code 1

Stop in /usr/src.
*** Error code 1

Stop in /usr/src (line 73 of Makefile).

Re: Hardware Compatibility: Sun Ultra 20 or better suggestion

[Shane Harbour]

Edd Barrett wrote:

On 5/3/07, Edd Barrett <[EMAIL PROTECTED]> wrote:

Hi Shane,
Superb! I dont mind putting another NIC in, but I would hope that this
is resolved in newer models.


Oh, the other thing was, these usually ship with ATI/Nvidea graphics
cards. I couldnt care less for 3d accelleration, as long as I can run
X reasonably well.

Are you running X?

Yes I am.  I did have it setup with the on-board graphics and it worked 
great even with 8MB of video RAM.  However, I did put an NVIDIA PCI 
Express card in later since it was free :)

Re: Hardware Compatibility: Sun Ultra 20 or better suggestion

[Edd Barrett]

On 5/3/07, Edd Barrett <[EMAIL PROTECTED]> wrote:

Hi Shane,
Superb! I dont mind putting another NIC in, but I would hope that this
is resolved in newer models.


Oh, the other thing was, these usually ship with ATI/Nvidea graphics
cards. I couldnt care less for 3d accelleration, as long as I can run
X reasonably well.

Are you running X?

--
Best Regards

Edd

---
http://students.dec.bournemouth.ac.uk/ebarrett/

Re: : : Serial console on OpenBSD 4.1 on HP ProLiant DL145 G3

[Raimo Niskanen]

Beautiful! Thanks a lot!

But, which FM should I R? I have searched high and low
alas apparently not right.



On Thu, May 03, 2007 at 03:25:20PM +0200, Reyk Floeter wrote:
> hi!
> 
> On Thu, May 03, 2007 at 12:19:01PM +0200, Raimo Niskanen wrote:
> > Aah, here we go again.
> > 
> > I still haven't figured out how to use the iLO remote console.
> > 
> > I have tried ssh towards the iLO IP address and get no connection.
> > 
> > I have tried telnet towards the iLO IP address and get a weird
> > /./-> prompt. Can I do anything useful with it?
> > 
> 
> RTFM ;)
> 
> /./-> cd system1
> 
> /./system1/-> show
> /./system1
> Targets
> log1
> 
> Properties
> name=Hewlett-Packard
> enabledstate=enabled
> 
> Verbs
> cd
> version
> exit
> show
> reset
> start
> stop
> help
> 
> 
> /./system1/-> stop
> System1 stopped.
> 
> /./system1/-> start
> System1 started.
> 
> 
> > I have tried http towards the iLO IP address and get the
> > server virtual power controls, etc, rather flashy, can remote
> > power on, watch temperature sensors. Cool. But no console.
> > 
> > You (or someone) just briefly mentioned Esc-Q. Where is it used?
> > 
> 
> just press ESC-q anywhere at the prompt
> 
> /./-> 
> 
> and you'll get the system console. leave it with ESC-(
> 
> > 
> > 
> > On Thu, May 03, 2007 at 01:41:32AM +0200, Reyk Floeter wrote:
> > > On Wed, May 02, 2007 at 05:41:49PM +0200, Raimo Niskanen wrote:
> > > > I have now spent the entre afternoon on it, but I can not get
> > > > the serial console to work.
> > > > 
> > > > boot> set tty com0
> > > > gives no prompt anywhere. I have tried many BIOS settings
> > > > (but probably not all).
> > > > 
> > > > Has anyone got it to work?
> > > > 
> > > 
> > > yes, but i'm using it for the iLO remote console, not for the physical
> > > serial interface. it might conflict with the iLO interface, i think
> > > there are some related buttons in the BIOS IPMI/BCM section. 
> > > 
> > > # sysctl hw.product 
> > > hw.product=ProLiant DL145 G3
> > > # grep tty /etc/boot.conf 
> > > set tty com0
> > > # uname -m
> > >  
> > > amd64
> > > 
> > > reyk
> > 
> > -- 
> > 
> > / Raimo Niskanen, Erlang/OTP, Ericsson AB

-- 

/ Raimo Niskanen, Erlang/OTP, Ericsson AB

Re: : Serial console on OpenBSD 4.1 on HP ProLiant DL145 G3

[Reyk Floeter]

hi!

On Thu, May 03, 2007 at 12:19:01PM +0200, Raimo Niskanen wrote:
> Aah, here we go again.
> 
> I still haven't figured out how to use the iLO remote console.
> 
> I have tried ssh towards the iLO IP address and get no connection.
> 
> I have tried telnet towards the iLO IP address and get a weird
> /./-> prompt. Can I do anything useful with it?
> 

RTFM ;)

/./-> cd system1

/./system1/-> show
/./system1
Targets
log1

Properties
name=Hewlett-Packard
enabledstate=enabled

Verbs
cd
version
exit
show
reset
start
stop
help


/./system1/-> stop
System1 stopped.

/./system1/-> start
System1 started.


> I have tried http towards the iLO IP address and get the
> server virtual power controls, etc, rather flashy, can remote
> power on, watch temperature sensors. Cool. But no console.
> 
> You (or someone) just briefly mentioned Esc-Q. Where is it used?
> 

just press ESC-q anywhere at the prompt

/./-> 

and you'll get the system console. leave it with ESC-(

> 
> 
> On Thu, May 03, 2007 at 01:41:32AM +0200, Reyk Floeter wrote:
> > On Wed, May 02, 2007 at 05:41:49PM +0200, Raimo Niskanen wrote:
> > > I have now spent the entre afternoon on it, but I can not get
> > > the serial console to work.
> > > 
> > >   boot> set tty com0
> > > gives no prompt anywhere. I have tried many BIOS settings
> > > (but probably not all).
> > > 
> > > Has anyone got it to work?
> > > 
> > 
> > yes, but i'm using it for the iLO remote console, not for the physical
> > serial interface. it might conflict with the iLO interface, i think
> > there are some related buttons in the BIOS IPMI/BCM section. 
> > 
> > # sysctl hw.product 
> > hw.product=ProLiant DL145 G3
> > # grep tty /etc/boot.conf 
> > set tty com0
> > # uname -m  
> >
> > amd64
> > 
> > reyk
> 
> -- 
> 
> / Raimo Niskanen, Erlang/OTP, Ericsson AB

Re: dmesg output Sun Fire 4200

[Srebrenko Sehic]

On 5/3/07, Daniel Ouellet <[EMAIL PROTECTED]> wrote:


If I may ask, how the "Sun Integrated Lights Out Manager (ILOM)" on this
  X4100 box compare to the regular LOM of the Sparc 64 series?

Power cycle and possible to do full remote install via console as well
like the regular Sun?


I don't know how LOM works on USIII boxes, but those on X4200 allow
you complete control. You can (via Java based remote console) gain
full control of the box. Ie. reboot, shutdown, access OpenBSD's
console, install remotely, even mount an ISO image locally on your PC
and install OpenBSD on it.

Pretty much anything you ever wanted. And ILOM is on a dedicated
network interface. Not like the X2100 shared crap.

Re: OpenBSD 4.1 Torrents

[Michael Clark]

If you participate on this list, buy the cds. This isn't your flavor of the
week linux distro.

On 5/2/07, Matiss Miglans <[EMAIL PROTECTED]> wrote:
>
> I think there is checksums only for base system, without X, source,
> ports, packages, etc
> Or, I don't know where they find.
>
> Open Phugu wrote:
> > On 5/2/07, Mike Erdely <[EMAIL PROTECTED]> wrote:
> >> On Wed, May 02, 2007 at 08:07:10PM -0400, Clint M. Sand wrote:
> >> > On Tue, May 01, 2007 at 02:33:50PM -0700, andrew fresh wrote:
> >> > > http://openbsd.somedomain.net/index.php?version=4.1
> >> > Just out of curiosity...
> >> >
> >> > Is it logical to use an OS for the intense focus on security and
> >> > correctness, yet download the binaries from a random person on a
> >> mailing
> >> > list instead of any official source with reasonable file integrity
> >> > checking process in place?
> >> >
> >> > Seems odd that people would use OpenBSD because they trust the code,
> >> yet
> >> > download the binaries from random torrents on the internet.
> >>
> >> man 1 cksum
> >> ftp://ftp5.usa.openbsd.org/pub/OpenBSD/4.1/i386/CKSUM
> > Seems odd that people would use OpenBSD because they trust the code, yet
> > use a CRC32 to verify the integrity of said operating system.
> > Speaking of this, when will the OpenBSD project begin to post SHA256
> hashes
> > to the ftp sites. MD5 is dead: these two files are different and yet
> > have the same
> > MD5 hash.
> > http://www.cits.rub.de/imperia/md/content/magnus/letter_of_rec.ps
> > http://www.cits.rub.de/imperia/md/content/magnus/order.ps

Re: Using a DVD-RAM drive with OpenBSD

[Timo Schoeler]

[adding footnote]

> hi,
> 
> i have a nice DVD-RAM drive in my Power Mac, which i'd like to put in
> my (amd64) home server for doing backups on this very nice medium.
> 
> however, i wonder what's the best way to use it running OpenBSD; use
> it like a hard disc, or is there a way to use UDF (like the Mac does,
> and is the preferred format for DVD-RAM media)?
> 
> [0] says that OpenBSD 3.8 supports read access to UDF; has there been
> progress on this (read: read + write)?
> 
> thanks,
> 
> timo schoeler
> 
> -- 
> The best cure for insomnia is to get a lot of sleep.
>   -- W. C. Fields
> 
[0] --  http://en.wikipedia.org/wiki/Universal_Disk_Format

Using a DVD-RAM drive with OpenBSD

[Timo Schoeler]

hi,

i have a nice DVD-RAM drive in my Power Mac, which i'd like to put in
my (amd64) home server for doing backups on this very nice medium.

however, i wonder what's the best way to use it running OpenBSD; use it
like a hard disc, or is there a way to use UDF (like the Mac does, and
is the preferred format for DVD-RAM media)?

[0] says that OpenBSD 3.8 supports read access to UDF; has there been
progress on this (read: read + write)?

thanks,

timo schoeler

-- 
The best cure for insomnia is to get a lot of sleep.
-- W. C. Fields

Re: dmesg output Sun Fire 4200

[Daniel Ouellet]

Marco Peereboom wrote:

I am running an X4100 with -current and I see no issues at all.


If I may ask, how the "Sun Integrated Lights Out Manager (ILOM)" on this 
 X4100 box compare to the regular LOM of the Sparc 64 series?


Power cycle and possible to do full remote install via console as well 
like the regular Sun?


I know the X2100 is far from the usual "LOM" I am use to.

Thanks for your time!

Best,

Daniel

Re: Hardware Compatibility: Sun Ultra 20 or better suggestion

[Edd Barrett]

Hi Shane,

On 5/3/07, Shane Harbour <[EMAIL PROTECTED]> wrote:

I'm running -current on one of the older Ultra 20's and it works well
for me.  It's been a while since I've actually sat down and played with
it, but most stuff is supported out of the box.  I did have to put a
different NIC in mine though.  The built in nfe kept locking up during
long transfers (like cvs updates) and I haven't had time to track down
the issue.  Here's the dmesg from my machine:


Superb! I dont mind putting another NIC in, but I would hope that this
is resolved in newer models.

Thanks very much for this.

--
Best Regards

Edd

---
http://students.dec.bournemouth.ac.uk/ebarrett/

Re: OSPF + BGP + emX watchdog timeout -> box freezes

[Falk Brockerhoff]

Henning Brauer schrieb:

> there is some weird unresolved bug in (or rather, with) em. only seems 
> to happen with multiport ems.

Maybe I can insert a delay before starten ospfd/bgpd; manually starting
after boot works fine.

I run this setup an two Dell Poweredge 1650 boxes with two em-interfaces
which should be implemented as multiport nics.

Regards,

Falk

Re: : Serial console on OpenBSD 4.1 on HP ProLiant DL145 G3

[Raimo Niskanen]

Aah, here we go again.

I still haven't figured out how to use the iLO remote console.

I have tried ssh towards the iLO IP address and get no connection.

I have tried telnet towards the iLO IP address and get a weird
/./-> prompt. Can I do anything useful with it?

I have tried http towards the iLO IP address and get the
server virtual power controls, etc, rather flashy, can remote
power on, watch temperature sensors. Cool. But no console.

You (or someone) just briefly mentioned Esc-Q. Where is it used?



On Thu, May 03, 2007 at 01:41:32AM +0200, Reyk Floeter wrote:
> On Wed, May 02, 2007 at 05:41:49PM +0200, Raimo Niskanen wrote:
> > I have now spent the entre afternoon on it, but I can not get
> > the serial console to work.
> > 
> > boot> set tty com0
> > gives no prompt anywhere. I have tried many BIOS settings
> > (but probably not all).
> > 
> > Has anyone got it to work?
> > 
> 
> yes, but i'm using it for the iLO remote console, not for the physical
> serial interface. it might conflict with the iLO interface, i think
> there are some related buttons in the BIOS IPMI/BCM section. 
> 
> # sysctl hw.product 
> hw.product=ProLiant DL145 G3
> # grep tty /etc/boot.conf 
> set tty com0
> # uname -m
>  
> amd64
> 
> reyk

-- 

/ Raimo Niskanen, Erlang/OTP, Ericsson AB

Re: LACP

[Reyk Floeter]

hi!

On Wed, May 02, 2007 at 05:56:53PM -0700, Tom Bombadil wrote:
> is there any support for LACP on openbsd? On any plan to have it working?
> 

lacp will be added as an additional protocol for trunk(4) very soon.

> A quick read on trunk(4) doesn't look very promising, but I read an
> interview on onlamp a while ago saying it would be available sometime.
> 
> Thanks!

Re: authpf: real world uses of $user_id ?

[Matthias Bertschy]

 Bob Beck wrote:

  * Matthias Bertschy   <[EMAIL PROTECTED]>   [2007-05-02 11:26]:

I think this would only make sense if authpf could stand multiple 
connections from same host...
Unfortunately, it is not possible: http://www.mail-archive.com/[EMAIL 
PROTECTED]/msg08318.html
So, I still wonder why such a feature exists...

  Oh for god's sake. 
  
  It matters when you play with tagging. You can tag
  in the authpf rule based on $user_id and then have rules
  which reference the tagged packet. 
  
  I.e. packets tagged with "beck" get different treatment
  from everyone else.
  ...
  block out on $ext_if
  pass out quick on $ext_if tagged beck
  pass out quick on $ext_if tagged ckuethe
  pass out on $ext_if proto tcp port = {80,443,22}
  ...
  
  And yes it's useful, in some situations. if you can't think
  of it, probably not yours. 
  
  -Bob

now it is clear, thank you Bob !

Matthias