Re: Failing to get [EMAIL PROTECTED] in X
Quoting Ted Unangst ([EMAIL PROTECTED]):
> On 5/14/07, Alex Holst <[EMAIL PROTECTED]> wrote:
> >Quoting Ted Unangst ([EMAIL PROTECTED]):
> >> On 5/13/07, Alex Holst <[EMAIL PROTECTED]> wrote:
> >> >I set VertRefresh to 60-60, included a modeline generated by gtf and
> >> >disabled DDC, resulting in X being a smartarse ("Sure, I can do 60Hz"):
> >>
> >> can you post the full log somewhere? if you can wait to tuesday, i'll
> >> also try to get it working myself.
>
> sorry man, it just works for me. i've got a t60 running current.
Well, if it just works, clearly you must be doing something wrong :)
You didn't need to use 915resolution?
Could you post a full Xorg.log and maybe a generated xorg.conf somewhere?
--
I prefer the dark of the night, after midnight and before four-thirty,
when it's more bare, more hollow.http://a.mongers.org
Re: openbsd and dell PE 860 1u rack server
i am considering a Dell PE 860 1u rack server for usage as my network storage server (nfs). I wonder about reports from the openbsd comunity using it with openbsd 4.0/4.1 on stability and performance. What you guys/girls have to report? It is worth its price? I don't run one myself, but got several reports of happy users running OpenBSD on it. Have a look at http://www.armorlogic.com/oscl
Re: SFTP no autocompletion?
On Tue, May 15, 2007 at 12:36:43PM +0200, Paul de Weerd wrote: > On Tue, May 15, 2007 at 11:33:27AM +0200, Pieter Verberne wrote: > | Hi there, > | > | does SFTP have no TAB-autocompletion for local/remote files? TAB > | doesn't work. It makes transferring files very clumsy. And does SFTP > | secure my username and password or only my file transfers by default? > > SFTP uses ssh and thus secures the entire connection. The sftp(1) > client that comes by default with OpenBSD does not do tabcompletion. > Feel free to use another client or to write support for it and send a > patch ;) Anyone looking into this would probably want to look at what Ben Lindstrom has already done with this: http://www.eviladmin.org/patches/sftp-tab.patch -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Re: skey with scp
On Tue, May 15, 2007 at 04:36:15PM -0500, Eric Johnson wrote: > Does anyone know of a method of using skey for scp transfers (apart > from port forwarding through an ssh tunnel)? > > I've tried: > scp username:[EMAIL PROTECTED]:/home/username/foo.bar . > and > scp "username:skey"@host.example.com:/home/username/foo.bar . > > Any other suggestions? I don't use skey so I can't test it but this will probably work: scp -o User="username:skey" host.example.com:/home/username/foo.bar . -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Re: hostnames stored in an other file than /etc/hosts ?
Antti Harri wrote: On Wed, 16 May 2007, Yggdrasill Senecoen wrote: [snip] So, do OpenBSD save this information in an another file than /etc/hosts ? Check resolv.conf(5) and the "lookup" directive. Forgot to add the lookup directive in my resolv.conf. It's working fine now. Thanks, Yanic
Re: hostnames stored in an other file than /etc/hosts ?
On Wed, 16 May 2007, Yggdrasill Senecoen wrote: [snip] So, do OpenBSD save this information in an another file than /etc/hosts ? Check resolv.conf(5) and the "lookup" directive. -- Antti Harri
Re: new openbsd 4.0 server, panic on ufsdirhash
Linux OS'en (IIRC) use lspci like what pciconf is for FreeBSD. I don't know if Open would have any of those tools built in. I don't have a "ready" openbsd box right now. Google search for "thunderboot ultimate boot cd" doesn't reveal anything. it suggested a spelling correction, for thunderboom, which didn't easily reveal any bootable cd. A link to the ISO and I'd offer what I can for diagnostics and probing solutions. Is there a way to get the kernel to more verbosely announce what it's probing and configuring, like what FreeBSD's boot loader's "-v" option will do? Haven't tried, haven't looked anything up. We are definately narrowing down the culprit, and I just hope we come to a solid conclusion. --- John Mendenhall <[EMAIL PROTECTED]> wrote: > Tim, > > > John, since you were able to boot the ultimate boot cd and run both > > drives completely, I don't think any hardware is the culprit. Your > CD > > drive, Hard Drive(s), memory, etc all work under that OS. > > > > My mindset is now leading to some bug that OpenBSD is doing > (probably) > > with the ATA controller. Probe from the ultimate boot cd to see > what > > ATA controller it is using, and then find what OpenBSD is finding > the > > ATA controller to be. A minor model difference could be the > culprit > > (model 1234 versus model 1234a, for example). > > I am using the thunderboot ultimate boot cd. > Any hints on which tool could get the ata controller the box is > using? > I can see the ATA-# supported (6,5,4,3,2). Lots of other > information. > I don't see a model/version number yet. > > I will keep checking all the tools on here. > > JohnM > > -- > john mendenhall > [EMAIL PROTECTED] > surf utopia > internet services > If opportunity doesn't knock, build a door. "I can" is a way of life. More and Bigger is not always Better. The road to success is always uphill. You snooze, you lose. Get messages ASAP with AutoCheck in the all-new Yahoo! Mail Beta. http://advision.webevents.yahoo.com/mailbeta/newmail_html.html
hostnames stored in an other file than /etc/hosts ?
Hi, Since a few days I find out a strange stuff. There is a device on my network which is on 172.16.85.1, associate with it's own hostname on my /etc/hosts file. But when I try to reach this device using it's hostname my workstation try to reach this host with a bad ip address. Typicaly : -- #cat /etc/hosts|grep Caliphora 172.16.85.1 Caliphora cali #ping Caliphora PING Caliphora (10.0.0.113): 56 data bytes --- Caliphora ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss So, do OpenBSD save this information in an another file than /etc/hosts ? Thanks for help, Yanic.
Re: OT: unix/openbsd printer support
On 5/15/07, Frank Brodbeck <[EMAIL PROTECTED]> wrote: Moin, John Nietzsche has spoken, thus: > I wonder if some here has already deployed such in openbsd environment > and knows the site i am talking about. I think http://www.linux-foundation.org/en/OpenPrinting is what you are looking for. ...which used to be linuxprinting.org, John. Perhaps that's the site that you had previously bookmarked. -Todd
skey with scp
Does anyone know of a method of using skey for scp transfers (apart from port forwarding through an ssh tunnel)? I've tried: scp username:[EMAIL PROTECTED]:/home/username/foo.bar . and scp "username:skey"@host.example.com:/home/username/foo.bar . Any other suggestions? Thanks, Eric
Re: log rotation
On 15 May, 2007, at 10:41 PM, Robert Zajda wrote: But it dont' want to work in chroot. On 5/15/07, Allie D. <[EMAIL PROTECTED]> wrote: Cronolog...no restart needed. Actually it can, with a little patch [1] that I've "ported" to the ports system [2]; unpack the tar.gz in /usr/ports/www and install cronolog as usual. This patch adds --set-uid and --set-gid switches, witch make cronolog drop his privileges like apache do. [1] http://cronolog.org/patches/cronolog-setugid-patch.txt [2] http://spatof.org/obsd/cronolog-1.6.2-setuid.tar.gz Daniel K. -- Hi, I'm a .signature virus! Copy me to your .signature file and help me propagate, thanks!
Re: log rotation
I run it on a chrooted server...works fine. ErrorLog "|/usr/local/sbin/cronolog /var/www/logs/%Y/%m/%d/error.log" CustomLog "|/usr/local/sbin/cronolog /var/www/logs/%Y/%m/%d/access.log" combined I don't think there's any more configuration than that. -- ~Allie D. On Tue, May 15, 2007 13:41, Robert Zajda wrote: > But it dont' want to work in chroot. > > On 5/15/07, Allie D. <[EMAIL PROTECTED]> wrote: >> Cronolog...no restart needed. >> -- >> ~Allie D. >> >> >> On Tue, May 15, 2007 12:11, John Mendenhall wrote: >> >> If you don't mind a second or two of down time then you can use >> >> something like this in newsyslog.conf as a restart command: >> >> >> >> "apachectl stop;sleep 1;apachctl start;sleep 10;apachectl start" >> >> >> >> The first sleep gives apache a second to finish active requests >> before >> >> trying to start again. The second sleep and start is to catch the >> case >> >> where the first start fails because apache is still running. >> > >> > I have a script which does the following: >> > >> > + rotates logs >> > + calls apachectl stop (twice, with sleep 2 after each call) >> > + calls apachectl stop and greps the output to make sure it is stopped >> > (looks for 'not running') >> > + if I don't find not running, pages me >> > + run apachectl startssl >> > >> > This is all in a wrapper script which then calls awstats >> > after a successful rotate and restart. >> > >> > Works for us. >> > >> > JohnM >> > >> > -- >> > john mendenhall >> > [EMAIL PROTECTED] >> > surf utopia >> > internet services
Re: very weak bridge performance
On 5/15/07, Peter Hessler <[EMAIL PROTECTED]> wrote: :bridging is layer 2 and has nothing to do with net.inet.ip.forwarding=1. :The problem is more somewhere deep inside the bridging code. One possible :problem could be a to small interface queue but I could be totaly wrong. :If nobody beats me I will have a look at this somewhen in the next month :or so. I've had net.inet.ip.forwarding help on a bridge before. Not saying there isn't a problem, but that I've gotten a performance increase from enabling it. It can cause problems, though, too. For example, if you have a bridge in front of machines that do multicast-based IP load balancing (specifically, Microsoft's NLB) then the packet duplication with net.inet.ip.forwarding craps on your network. Turning off net.inet.ip.forwarding reduces the packet duplication and shit works again. -Mark
Re: log rotation
I've always rotated my logs without ever starting apache. I just do something like this. cp access_log $date_access_log echo > access_log gzip $date_access_log It's possible to lose a line or 2 of logging, but if that's ok, this is what I've done. Robert Zajda wrote: It's hosting server so restarting apache is bad idea. On 5/15/07, John Mendenhall <[EMAIL PROTECTED]> wrote: > If you don't mind a second or two of down time then you can use > something like this in newsyslog.conf as a restart command: > > "apachectl stop;sleep 1;apachctl start;sleep 10;apachectl start" > > The first sleep gives apache a second to finish active requests before > trying to start again. The second sleep and start is to catch the case > where the first start fails because apache is still running. I have a script which does the following: + rotates logs + calls apachectl stop (twice, with sleep 2 after each call) + calls apachectl stop and greps the output to make sure it is stopped (looks for 'not running') + if I don't find not running, pages me + run apachectl startssl This is all in a wrapper script which then calls awstats after a successful rotate and restart. Works for us. JohnM -- john mendenhall [EMAIL PROTECTED] surf utopia internet services -- Alex Thurlow Technical Director Blastro Networks email: [EMAIL PROTECTED] office: 512-485-3148 mobile: 512-762-5814
Re: log rotation
But it dont' want to work in chroot. On 5/15/07, Allie D. <[EMAIL PROTECTED]> wrote: Cronolog...no restart needed. -- ~Allie D. On Tue, May 15, 2007 12:11, John Mendenhall wrote: >> If you don't mind a second or two of down time then you can use >> something like this in newsyslog.conf as a restart command: >> >> "apachectl stop;sleep 1;apachctl start;sleep 10;apachectl start" >> >> The first sleep gives apache a second to finish active requests before >> trying to start again. The second sleep and start is to catch the case >> where the first start fails because apache is still running. > > I have a script which does the following: > > + rotates logs > + calls apachectl stop (twice, with sleep 2 after each call) > + calls apachectl stop and greps the output to make sure it is stopped > (looks for 'not running') > + if I don't find not running, pages me > + run apachectl startssl > > This is all in a wrapper script which then calls awstats > after a successful rotate and restart. > > Works for us. > > JohnM > > -- > john mendenhall > [EMAIL PROTECTED] > surf utopia > internet services
Re: log rotation
It's hosting server so restarting apache is bad idea. On 5/15/07, John Mendenhall <[EMAIL PROTECTED]> wrote: > If you don't mind a second or two of down time then you can use > something like this in newsyslog.conf as a restart command: > > "apachectl stop;sleep 1;apachctl start;sleep 10;apachectl start" > > The first sleep gives apache a second to finish active requests before > trying to start again. The second sleep and start is to catch the case > where the first start fails because apache is still running. I have a script which does the following: + rotates logs + calls apachectl stop (twice, with sleep 2 after each call) + calls apachectl stop and greps the output to make sure it is stopped (looks for 'not running') + if I don't find not running, pages me + run apachectl startssl This is all in a wrapper script which then calls awstats after a successful rotate and restart. Works for us. JohnM -- john mendenhall [EMAIL PROTECTED] surf utopia internet services
NVIDIA nForce Pro support
Hi, does anyone know if this chipset "NVIDIA nForce Professional 3400 MCP" is completely supported by openBSD?? The hardware support page is not clear about that, it only shows "NVIDIA nForce/nForce2/nForce2-400/nForce3/nForce3-250/nForce4, MCP04/MCP51/MCP55/MCP61/MCP65/MCP67". Thanks _ Soyez parmi les premiers ` essayer Windows Live Mail. http://ideas.live.com/programpage.aspx?versionId=5d21c51a-b161-4314-9b0e-4911 fb2b2e6d
Re: very weak bridge performance
Diana Eichert wrote: > On Tue, 15 May 2007, Renaud Allard wrote: > >> No nothing showed in the logs. And I don't understand why such a >> performance difference between routing and bridging. >> >> >> Marco Peereboom wrote: >>> Possibly interrupt issues. Where them dmesg'? > > I believe Marco requested the dmesg info and indicated it might be an > interrupt issue. > > # vmstat -i > > # systat -w 1 vmstat > > Well, I didn't understand it that way, but I will post the dmesg tomorrow. Unfortunately, I cannot reproduce the 1Gbps tests as I don't have the 1Gbps fluke analyzer anymore. I can only have access to one that produces 155Mbps max throughput.
Re: new openbsd 4.0 server, panic on ufsdirhash
Tim, > John, since you were able to boot the ultimate boot cd and run both > drives completely, I don't think any hardware is the culprit. Your CD > drive, Hard Drive(s), memory, etc all work under that OS. > > My mindset is now leading to some bug that OpenBSD is doing (probably) > with the ATA controller. Probe from the ultimate boot cd to see what > ATA controller it is using, and then find what OpenBSD is finding the > ATA controller to be. A minor model difference could be the culprit > (model 1234 versus model 1234a, for example). I am using the thunderboot ultimate boot cd. Any hints on which tool could get the ata controller the box is using? I can see the ATA-# supported (6,5,4,3,2). Lots of other information. I don't see a model/version number yet. I will keep checking all the tools on here. JohnM -- john mendenhall [EMAIL PROTECTED] surf utopia internet services
Re: log rotation
Cronolog...no restart needed. -- ~Allie D. On Tue, May 15, 2007 12:11, John Mendenhall wrote: >> If you don't mind a second or two of down time then you can use >> something like this in newsyslog.conf as a restart command: >> >> "apachectl stop;sleep 1;apachctl start;sleep 10;apachectl start" >> >> The first sleep gives apache a second to finish active requests before >> trying to start again. The second sleep and start is to catch the case >> where the first start fails because apache is still running. > > I have a script which does the following: > > + rotates logs > + calls apachectl stop (twice, with sleep 2 after each call) > + calls apachectl stop and greps the output to make sure it is stopped > (looks for 'not running') > + if I don't find not running, pages me > + run apachectl startssl > > This is all in a wrapper script which then calls awstats > after a successful rotate and restart. > > Works for us. > > JohnM > > -- > john mendenhall > [EMAIL PROTECTED] > surf utopia > internet services
Re: very weak bridge performance
On 2007 May 15 (Tue) at 20:34:19 +0200 (+0200), Claudio Jeker wrote: :On Tue, May 15, 2007 at 11:09:03AM -0700, Peter Hessler wrote: :> you forgot to enable sysctl net.inet.ip.forwarding=1 on the first test. :> Turn that on, then re-measure the speeds of the bridge. :> : :bridging is layer 2 and has nothing to do with net.inet.ip.forwarding=1. :The problem is more somewhere deep inside the bridging code. One possible :problem could be a to small interface queue but I could be totaly wrong. :If nobody beats me I will have a look at this somewhen in the next month :or so. I've had net.inet.ip.forwarding help on a bridge before. Not saying there isn't a problem, but that I've gotten a performance increase from enabling it. -- You can do this in a number of ways. IBM chose to do all of them. Why do you find that funny? -- D. Taylor, Computer Science 350, University of Washington
Re: log rotation
> If you don't mind a second or two of down time then you can use > something like this in newsyslog.conf as a restart command: > > "apachectl stop;sleep 1;apachctl start;sleep 10;apachectl start" > > The first sleep gives apache a second to finish active requests before > trying to start again. The second sleep and start is to catch the case > where the first start fails because apache is still running. I have a script which does the following: + rotates logs + calls apachectl stop (twice, with sleep 2 after each call) + calls apachectl stop and greps the output to make sure it is stopped (looks for 'not running') + if I don't find not running, pages me + run apachectl startssl This is all in a wrapper script which then calls awstats after a successful rotate and restart. Works for us. JohnM -- john mendenhall [EMAIL PROTECTED] surf utopia internet services
Re: Failing to get [EMAIL PROTECTED] in X
On 5/14/07, Alex Holst <[EMAIL PROTECTED]> wrote:
Quoting Ted Unangst ([EMAIL PROTECTED]):
> On 5/13/07, Alex Holst <[EMAIL PROTECTED]> wrote:
> >I set VertRefresh to 60-60, included a modeline generated by gtf and
> >disabled DDC, resulting in X being a smartarse ("Sure, I can do 60Hz"):
>
> can you post the full log somewhere? if you can wait to tuesday, i'll
> also try to get it working myself.
sorry man, it just works for me. i've got a t60 running current.
i started at a console, hit fn-f7, ran startx, and it worked. the
monitor's even rotated vertically, but xrandr -o left works fine.
(II) I810(0): Builtin Default Monitor: Using hsync range of 30.00-81.00 kHz
(II) I810(0): Builtin Default Monitor: Using vrefresh range of 56.00-75.00 Hz
(WW) I810(0): Unable to estimate virtual size
(--) I810(0): Virtual size is 1680x1050 (pitch 1680)
(**) I810(0): *Built-in mode "1680x1050"
(**) I810(0): *Built-in mode "1400x1050"
(**) I810(0): *Built-in mode "1280x1024"
(**) I810(0): *Built-in mode "1440x900"
(**) I810(0): *Built-in mode "1280x800"
(**) I810(0): *Built-in mode "1024x768"
(**) I810(0): *Built-in mode "800x600"
(**) I810(0): *Built-in mode "640x480"
(II) I810(0): Attempting to use 60.00Hz refresh for mode "1680x1050" (865)
(II) I810(0): Attempting to use 74.76Hz refresh for mode "1400x1050" (85a)
(II) I810(0): Attempting to use 75.02Hz refresh for mode "1280x1024" (858)
(II) I810(0): Attempting to use 75.00Hz refresh for mode "1440x900" (862)
(II) I810(0): Attempting to use 75.00Hz refresh for mode "1280x800" (868)
(II) I810(0): Attempting to use 75.03Hz refresh for mode "1024x768" (854)
(II) I810(0): Attempting to use 75.00Hz refresh for mode "800x600" (852)
(II) I810(0): Attempting to use 75.00Hz refresh for mode "640x480" (850)
Re: log rotation
On Tue, May 15, 2007 at 08:21:24PM +0200, Przemyslaw Nowaczyk wrote: > On Tue, May 15, 2007 at 07:10:28PM +0200, Bambero wrote: > > Hello > > > > I'm wondering how to implement log rotation with chrooted apache. > > > > Anyone solved this problem ? > > > > Thanks > > Bambero > > same as with any other log..? (newsyslog(8) && cron(8)) > cheers, The problem there is that sending a SIGHUP won't work as expected, and neither will "apachectl restart" If you don't mind a second or two of down time then you can use something like this in newsyslog.conf as a restart command: "apachectl stop;sleep 1;apachctl start;sleep 10;apachectl start" The first sleep gives apache a second to finish active requests before trying to start again. The second sleep and start is to catch the case where the first start fails because apache is still running. This is far from perfect, but works is you're just serving pages (as opposed to large, long-lived downloads). Other, better solutions involve piping logs to chronolog or something similar. -- Darrin Chandler| Phoenix BSD User Group | MetaBUG [EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
Re: very weak bridge performance
On Tue, May 15, 2007 at 11:09:03AM -0700, Peter Hessler wrote: > you forgot to enable sysctl net.inet.ip.forwarding=1 on the first test. > Turn that on, then re-measure the speeds of the bridge. > bridging is layer 2 and has nothing to do with net.inet.ip.forwarding=1. The problem is more somewhere deep inside the bridging code. One possible problem could be a to small interface queue but I could be totaly wrong. If nobody beats me I will have a look at this somewhen in the next month or so. > On 2007 May 15 (Tue) at 19:04:47 +0200 (+0200), Renaud Allard wrote: > :Hello, > : > :I just had the opportunity to test some Fluke network equipment, notably > :one which is able to throughput test gigabit networks. > : > :I installed a Nexcom NSA1086 with OpenBSD 4.1-stable and did some tests. > :The NSA1086 units are equipped with a Pentium IV 3.2Ghz (hyperthreading > :disabled), and 1Gb ram. They have 4 sk gigabit interfaces, and 4 msk > :gigabit interfaces. Here are the tests: > : > :** > :ifconfig sk0 up > :ifconfig sk1 up > :ifconfig bridge0 create > :ifconfig bridge0 up > :brconfig bridge0 add sk0 > :brconfig bridge0 add sk1 > :sysctl kern.maxclusters=256000 > : > :Then I connected the fluke analyzers to both sk ports. connections were > :correctly seen at 1000 base T full Duplex. then I started a throughput > :test on 1Gbps, and I was extremely surprised to see how performance was > :very poor. The throughput was only about 77Mbps. > : > :*** > : > :Seeing that I decided to try on msk interfaces and got about the same > :"performance". > : > :*** > : > :Then I configured routing between two interfaces. > :ifconfig sk2 inet 192.168.0.1 255.255.255.0 > :ifconfig sk3 inet 192.168.1.1 255.255.255.0 > :sysctl net.inet.ip.forwarding=1 > :sysctl kern.maxclusters=256000 > : > :I did the throughput test, and got about 500Mbps both on sk and msk, > :with the CPU keeping quiet. > : > :** > : > :So the weak performance doesn't seem related to the bus, the CPU, or the > :sk/msk drivers. Has someone an explanation on why I get this kind of > :behavior? > : > > > -- > Anthony's Law of Force: > Don't force it; get a larger hammer. > -- :wq Claudio
Re: very weak bridge performance
On Tue, 15 May 2007, Renaud Allard wrote: No nothing showed in the logs. And I don't understand why such a performance difference between routing and bridging. Marco Peereboom wrote: Possibly interrupt issues. Where them dmesg'? I believe Marco requested the dmesg info and indicated it might be an interrupt issue. # vmstat -i # systat -w 1 vmstat
Re: log rotation
On Tue, May 15, 2007 at 07:10:28PM +0200, Bambero wrote: > Hello > > I'm wondering how to implement log rotation with chrooted apache. > > Anyone solved this problem ? > > Thanks > Bambero same as with any other log..? (newsyslog(8) && cron(8)) cheers, -- Przemyslaw Nowaczyk <[EMAIL PROTECTED]> CS student @ Poznan University of Technology http://www.student.put.poznan.pl/~przemyslaw.nowaczyk/
Re: very weak bridge performance
you forgot to enable sysctl net.inet.ip.forwarding=1 on the first test. Turn that on, then re-measure the speeds of the bridge. On 2007 May 15 (Tue) at 19:04:47 +0200 (+0200), Renaud Allard wrote: :Hello, : :I just had the opportunity to test some Fluke network equipment, notably :one which is able to throughput test gigabit networks. : :I installed a Nexcom NSA1086 with OpenBSD 4.1-stable and did some tests. :The NSA1086 units are equipped with a Pentium IV 3.2Ghz (hyperthreading :disabled), and 1Gb ram. They have 4 sk gigabit interfaces, and 4 msk :gigabit interfaces. Here are the tests: : :** :ifconfig sk0 up :ifconfig sk1 up :ifconfig bridge0 create :ifconfig bridge0 up :brconfig bridge0 add sk0 :brconfig bridge0 add sk1 :sysctl kern.maxclusters=256000 : :Then I connected the fluke analyzers to both sk ports. connections were :correctly seen at 1000 base T full Duplex. then I started a throughput :test on 1Gbps, and I was extremely surprised to see how performance was :very poor. The throughput was only about 77Mbps. : :*** : :Seeing that I decided to try on msk interfaces and got about the same :"performance". : :*** : :Then I configured routing between two interfaces. :ifconfig sk2 inet 192.168.0.1 255.255.255.0 :ifconfig sk3 inet 192.168.1.1 255.255.255.0 :sysctl net.inet.ip.forwarding=1 :sysctl kern.maxclusters=256000 : :I did the throughput test, and got about 500Mbps both on sk and msk, :with the CPU keeping quiet. : :** : :So the weak performance doesn't seem related to the bus, the CPU, or the :sk/msk drivers. Has someone an explanation on why I get this kind of :behavior? : -- Anthony's Law of Force: Don't force it; get a larger hammer.
openbsd and dell PE 860 1u rack server
Dear gentleman, i am considering a Dell PE 860 1u rack server for usage as my network storage server (nfs). I wonder about reports from the openbsd comunity using it with openbsd 4.0/4.1 on stability and performance. What you guys/girls have to report? It is worth its price? Another question: I am familiar with SAS raid controller. Formerly, U320 SCSI one were required to have dual/quad channels (internal/external) if more discs were required to be supported. Is the channels (internal/external) ideia sound within SAS RAID world ? thanks in advance.
Re: very weak bridge performance
No nothing showed in the logs. And I don't understand why such a performance difference between routing and bridging. Marco Peereboom wrote: > Possibly interrupt issues. Where them dmesg'? > > On Tue, May 15, 2007 at 07:04:47PM +0200, Renaud Allard wrote: >> Hello, >> >> I just had the opportunity to test some Fluke network equipment, notably >> one which is able to throughput test gigabit networks. >> >> I installed a Nexcom NSA1086 with OpenBSD 4.1-stable and did some tests. >> The NSA1086 units are equipped with a Pentium IV 3.2Ghz (hyperthreading >> disabled), and 1Gb ram. They have 4 sk gigabit interfaces, and 4 msk >> gigabit interfaces. Here are the tests: >> >> ** >> ifconfig sk0 up >> ifconfig sk1 up >> ifconfig bridge0 create >> ifconfig bridge0 up >> brconfig bridge0 add sk0 >> brconfig bridge0 add sk1 >> sysctl kern.maxclusters=256000 >> >> Then I connected the fluke analyzers to both sk ports. connections were >> correctly seen at 1000 base T full Duplex. then I started a throughput >> test on 1Gbps, and I was extremely surprised to see how performance was >> very poor. The throughput was only about 77Mbps. >> >> *** >> >> Seeing that I decided to try on msk interfaces and got about the same >> "performance". >> >> *** >> >> Then I configured routing between two interfaces. >> ifconfig sk2 inet 192.168.0.1 255.255.255.0 >> ifconfig sk3 inet 192.168.1.1 255.255.255.0 >> sysctl net.inet.ip.forwarding=1 >> sysctl kern.maxclusters=256000 >> >> I did the throughput test, and got about 500Mbps both on sk and msk, >> with the CPU keeping quiet. >> >> ** >> >> So the weak performance doesn't seem related to the bus, the CPU, or the >> sk/msk drivers. Has someone an explanation on why I get this kind of >> behavior?
Re: new openbsd 4.0 server, panic on ufsdirhash
I (still) receive the digest, copied message without quoting characters - QUOTE: We have done a low level disk format using an ultimate boot cd. Didn't output any errors. Did this on both drives in the system. Took a very long time. Then, tried to install the OS. Received a panic on installing the comp set, ffs_valloc dup alloc. Reconfigured to have all install go to one drive. Same error, different inode. Tried all on other drive, same error, different inode. Kept trying it over and over. Always panicked on comp set. Always same error of ffs_valloc dup alloc. Always a different inode. I am unable to copy in the actual error. I just have this on a monitor in the room. No console capability. Same dmesg as before in this thread. I can post again if needed. My question is, to debug this, or fix it, do I need to start swapping out cables, hard disks, motherboard, etc? Any hints or suggestions are appreciated. Thanks in advance! JohnM /QUOTE John, since you were able to boot the ultimate boot cd and run both drives completely, I don't think any hardware is the culprit. Your CD drive, Hard Drive(s), memory, etc all work under that OS. My mindset is now leading to some bug that OpenBSD is doing (probably) with the ATA controller. Probe from the ultimate boot cd to see what ATA controller it is using, and then find what OpenBSD is finding the ATA controller to be. A minor model difference could be the culprit (model 1234 versus model 1234a, for example). Bug may not be the right word, but it's what's coming to mind. Not to steer away from OpenBSD, but if the three big BSDs all have trouble, we might be able to limit what might be the problem. FreeBSD operating system runs on a live CD either with their disc1 (install disk, look for the "fixit" option and then select "CD/DVD") start running things like dd and etc to run data on the drive. Nothing valuable there now anyway, is there? Maybe using a *rand device under /dev NetBSD doesn't have (AFAIK) a live-cd, but i'm pretty sure you can escape to shell from their installer. Run similar/same tools. get dmesg from both Free and Net while you're on it. save it to external medium (usb stick, floppy). Compare the findings to OpenBSD's dmesg. Basically, it boils down to the fact that one OS ran for several hours with CONSTANT hdd activity with no errors. I think it's a software problem, including drivers into the software category. Thanks! If opportunity doesn't knock, build a door. "I can" is a way of life. More and Bigger is not always Better. The road to success is always uphill. Moody friends. Drama queens. Your life? Nope! - their life, your story. Play Sims Stories at Yahoo! Games. http://sims.yahoo.com/
Re: very weak bridge performance
Possibly interrupt issues. Where them dmesg'? On Tue, May 15, 2007 at 07:04:47PM +0200, Renaud Allard wrote: > Hello, > > I just had the opportunity to test some Fluke network equipment, notably > one which is able to throughput test gigabit networks. > > I installed a Nexcom NSA1086 with OpenBSD 4.1-stable and did some tests. > The NSA1086 units are equipped with a Pentium IV 3.2Ghz (hyperthreading > disabled), and 1Gb ram. They have 4 sk gigabit interfaces, and 4 msk > gigabit interfaces. Here are the tests: > > ** > ifconfig sk0 up > ifconfig sk1 up > ifconfig bridge0 create > ifconfig bridge0 up > brconfig bridge0 add sk0 > brconfig bridge0 add sk1 > sysctl kern.maxclusters=256000 > > Then I connected the fluke analyzers to both sk ports. connections were > correctly seen at 1000 base T full Duplex. then I started a throughput > test on 1Gbps, and I was extremely surprised to see how performance was > very poor. The throughput was only about 77Mbps. > > *** > > Seeing that I decided to try on msk interfaces and got about the same > "performance". > > *** > > Then I configured routing between two interfaces. > ifconfig sk2 inet 192.168.0.1 255.255.255.0 > ifconfig sk3 inet 192.168.1.1 255.255.255.0 > sysctl net.inet.ip.forwarding=1 > sysctl kern.maxclusters=256000 > > I did the throughput test, and got about 500Mbps both on sk and msk, > with the CPU keeping quiet. > > ** > > So the weak performance doesn't seem related to the bus, the CPU, or the > sk/msk drivers. Has someone an explanation on why I get this kind of > behavior?
log rotation
Hello I'm wondering how to implement log rotation with chrooted apache. Anyone solved this problem ? Thanks Bambero
very weak bridge performance
Hello, I just had the opportunity to test some Fluke network equipment, notably one which is able to throughput test gigabit networks. I installed a Nexcom NSA1086 with OpenBSD 4.1-stable and did some tests. The NSA1086 units are equipped with a Pentium IV 3.2Ghz (hyperthreading disabled), and 1Gb ram. They have 4 sk gigabit interfaces, and 4 msk gigabit interfaces. Here are the tests: ** ifconfig sk0 up ifconfig sk1 up ifconfig bridge0 create ifconfig bridge0 up brconfig bridge0 add sk0 brconfig bridge0 add sk1 sysctl kern.maxclusters=256000 Then I connected the fluke analyzers to both sk ports. connections were correctly seen at 1000 base T full Duplex. then I started a throughput test on 1Gbps, and I was extremely surprised to see how performance was very poor. The throughput was only about 77Mbps. *** Seeing that I decided to try on msk interfaces and got about the same "performance". *** Then I configured routing between two interfaces. ifconfig sk2 inet 192.168.0.1 255.255.255.0 ifconfig sk3 inet 192.168.1.1 255.255.255.0 sysctl net.inet.ip.forwarding=1 sysctl kern.maxclusters=256000 I did the throughput test, and got about 500Mbps both on sk and msk, with the CPU keeping quiet. ** So the weak performance doesn't seem related to the bus, the CPU, or the sk/msk drivers. Has someone an explanation on why I get this kind of behavior?
D-Link DE-660, PCMCIA/Cardbus on oldish labtop
Dear all,
I have a bit of a diffcult time with an admittetly nowadays marginal
piece of hardware, a Pentium 233 Mhz Labtop with two PCMCIA/Cardbus
slots. But then, where is the fun/satisfaction coming from using
something more recent? I use a D-Link DE-660 card in one of those
slots, which is detected and used correctly by the floppy41.fs
installation disk. This is the dmesg output:
OpenBSD 4.1 (RAMDISK) #260: Sat Mar 10 19:38:22 MST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK
cpu0: Intel Pentium/MMX ("GenuineIntel" 586-class) 234 MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,MMX
cpu0: F00F bug workaround installed
real mem = 66678784 (65116K)
avail mem = 55922688 (54612K)
using 844 buffers containing 3457024 bytes (3376K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+ BIOS, date 08/11/98, BIOS32 rev. 0 @ 0xfab80
apm0 at bios0: Power Management spec V1.2
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0xaff8
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfd890/96 (4 entries)
pcibios0: PCI Exclusive IRQs: 11
pcibios0: PCI Interrupt Router at 000:01:0 ("Opti 82C700" rev 0x00)
pcibios0: PCI bus #2 is the last bus
bios0: ROM list: 0xc/0xa000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Opti 82C701" rev 0x32
pcib0 at pci0 dev 1 function 0 "Opti 82C700" rev 0x31
vga1 at pci0 dev 6 function 0 "Neomagic Magicgraph NM2160" rev 0x01
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
"O2 Micro OZ6836/OZ6860 CardBus" rev 0x62 at pci0 dev 7 function 0 not
configured
"O2 Micro OZ6836/OZ6860 CardBus" rev 0x62 at pci0 dev 7 function 1 not
configured
"Opti 82C861" rev 0x10 at pci0 dev 8 function 0 not configured
pciide0 at pci0 dev 20 function 0 "Opti 82D568 IDE" rev 0x30: DMA
(unsupported), channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at pciide0 channel 0 drive 0:
wd0: 16-sector PIO, LBA, 19077MB, 39070080 sectors
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
isapnp0 at isa0 port 0x279: read port 0x203
"ESS ES1869 Plug and Play AudioD, ESS0006, , " at isapnp0 port 0x800/8 not
configured
"ESS ES1869 Plug and Play AudioD, ESS1869, , " at isapnp0 port
0x220/16,0x388/4,0x330/2 irq 5 drq 1,0 not configured
"ESS ES1869 Plug and Play AudioD, ESS0001, , " at isapnp0 port 0x201/1 not
configured
pcic0 at isa0 port 0x3e0/2 iomem 0xd/16384
pcic0 controller 0: has sockets A and B
pcmcia0 at pcic0 controller 0 socket 0
pcmcia1 at pcic0 controller 0 socket 1
ne3 at pcmcia1 function 0 "D-Link, DE-660, 118B6603" port 0x340/32, irq 3,
address 00:80:c8:8a:d2:9f
pcic0: irq 4, polling enabled
biomask ffe5 netmask ffed ttymask
rd0: fixed, 3800 blocks
dkcsum: wd0 matches BIOS drive 0x80
root on rd0a
rootdev=0x1100 rrootdev=0x2f00 rawdev=0x2f02
So another ne2000 clone apparently. Good. But after installing and
rebooting things are not detected properly. Here is the dmesg after
installation booting the GENERIC kernel:
OpenBSD 4.1 (GENERIC) #1435: Sat Mar 10 19:07:45 MST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium/MMX ("GenuineIntel" 586-class) 234 MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,MMX
cpu0: F00F bug workaround installed
real mem = 66678784 (65116K)
avail mem = 52531200 (51300K)
using 844 buffers containing 3457024 bytes (3376K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+ BIOS, date 08/11/98, BIOS32 rev. 0 @ 0xfab80
apm0 at bios0: Power Management spec V1.2
apm0: AC on, no battery
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0xaff8
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfd890/96 (4 entries)
pcibios0: PCI Exclusive IRQs: 11
pcibios0: PCI Interrupt Router at 000:01:0 ("Opti 82C700" rev 0x00)
pcibios0: PCI bus #2 is the last bus
bios0: ROM list: 0xc/0xa000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Opti 82C701" rev 0x32
pcib0 at pci0 dev 1 function 0 "Opti 82C700" rev 0x31
vga1 at pci0 dev 6 function 0 "Neomagic Magicgraph NM2160" rev 0x01
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
cbb0 at pci0 dev 7 function 0 "O2 Micro OZ6836/OZ6860 CardBus" rev 0x62: irq 11
cbb1 at pci0 dev 7 function 1 "O2 Micro OZ6836/OZ6860
Re: Chrooting users the right way
[EMAIL PROTECTED] wrote: > Hi > > I am setting up a new OpenBSD machine in which I want to chroot users. I don't > want to use any of the patching solutions to OpenSSH but want to implement a > real system chroot solution so any user, who is chrooted, is jailed even if he > logs in manually. > > I have tried to find articles on this, but haven't been succesfull. > > Does anyone know of a good tutorial on how to do this on OpenBSD? > > Best and kind regards. > > Rico Secada. > > Hi, Take a look at sysjail (http://sysjail.bsd.lv/). It is more or less what you want.
Re: Troubleshooting NFS/SFU
On Tue, May 15, 2007 at 12:11:00PM -0300, John Nietzsche wrote: > i am trying to get my windows boxes access nfs directly by means of > SFU, too! > I would like to have a global mount, say drive g: to mount from my > home directories. > > Is it possible? How have you been doing in order to get a global drive > mapping? I think it might be better to ask in the forums at the SFU website: http://www.interopsystems.com/tools (Unless you are having problems on the OpenBSD side.)
Re: Troubleshooting NFS/SFU
Dear folks, i am trying to get my windows boxes access nfs directly by means of SFU, too! I would like to have a global mount, say drive g: to mount from my home directories. Is it possible? How have you been doing in order to get a global drive mapping? Thanks in advance. On 5/14/07, David Higgs <[EMAIL PROTECTED]> wrote: I've tried to configure NFS and am nearly all the way there, but it seems like I've hit a pretty big stumbling block. I've got OpenBSD 4.1-stable (10.0.0.1) with an NFS export of my home directory. I also have a Windows XP machine (10.0.0.2) and installed the SFU 3.5 NFS client. [/etc/exports] /home/david -mapall=david:guest -network=10.0.0.0 -mask=255.255.255.0 I can successfully mount this share locally and perform both reads and writes. Without any of SFU's User Name Mapping configured, I can mount the share with uid/gid of -2/-2 as advertised. Appropriately, I cannot access any files or directories that are not world-readable. However, inside a chmod-777 directory, I cannot create files or directories (which might be as expected). After configuring User Name Mapping to map my Windows account to the UNIX account, I can mount the share with the expected uid/gid. Although I can read user-only files and directories, I still cannot create any files or directories. Windows keeps reporting that the drive has write-protection enabled. I know this isn't a SFU help forum, but any ideas to try or tips on troubleshooting the NFS side is more than welcome. Thanks in advance. --david P.S. On an unrelated sidenote, does mountd always bind to the same ports by default? If not, is there a way to fix them at certain values, so that PF rules can be written to match? Linux rpc.mountd(8) supposedly has a -p option that can be used for this purpose.
Re: PF
Hi, Yeah man, that worked Thanks for all and you patience.. Thanks again. On 5/14/07, Joachim Schipper <[EMAIL PROTECTED]> wrote: > > On Mon, May 14, 2007 at 07:25:34PM +0200, Alberich de megres wrote: > > On 5/14/07, Joachim Schipper <[EMAIL PROTECTED]> wrote: > > > > > > On Mon, May 14, 2007 at 06:12:12PM +0200, Alberich de megres wrote: > > > > On 5/14/07, Joachim Schipper <[EMAIL PROTECTED]> wrote: > > > > > > > > > > On Mon, May 14, 2007 at 12:41:18PM +0200, Alberich de megres > wrote: > > > > > > Hi again, > > > > > > > > > > > > And sorry to insist on this I'm really lost. > > > > > > > > > > > > I read in most webs-docs with rdr rule trafic get redirected to > > > > > > internal servers and with this and pass rule is enought. But i > > > > > > find myself in a different scenario, with rdr rule and pass rule > > > > > > packets get redirected to internal server with the same external > > > > > > ip. > > > > > > > > > > > > With a tcpdump on internal server packets arrive to internal > > > > > > server but this one don't ask it back. > > > > > > > > > > > > If i add a nat rule from any to internal server, the server logs > > > > > > show me access only from firewall ip address ( logically ). Is > > > > > > there some way to redirect external traffic to internal server > and > > > > > > the internal server to see external address ( for logs control, > > > > > > and access without firewall rule...only on server machine ) and > > > > > > all works fine? > > > > > > > > > > I don't really see what you mean: is there a server with public > > > address > > > > > 1.2.3.4 behind a firewall with public address 1.2.3.1, and rules > like > > > > > > > > > > rdr pass on $ext_if to $server $port1 -> $port2 > > > > > pass on $ext_if to $server port $port3 > > > > > > > > > > In that case, that should just work. > > > > > > > No, > > > > > > > > There's a firewall with public address, and a server with internal > > > address. > > > > > > > > firewall: 1.2.3.4 > > > > server: 192.168.1.1 > > > > > > In that case, > > > > > > server = "192.168.1.1" > > > > > > rdr pass on $ext_if to $ext_if $port1 -> $server > > > rdr pass on $ext_if to $ext_if $port2 -> $server $port3 > > > > > > should work just fine. What is your /etc/pf.conf? And what doesn't > work? > > > > > > (The underlying idea is that 'rdr pass' is very useful for simple > cases, > > > and one should be careful with NAT.) > > > > I tried this you told me, and that not works, i get a syntax error > > > > my pf.conf: > > > > #supose 10.0.0.254 is external address.. > > ext_if="sis0" > > ext_carp_if="carp1" > > int_if="rl0" > > int_carp_if="carp0" > > > > nat on carp1 from 192.168.1.0/24 to any -> 10.0.0.254 > > rdr on sis0 inet proto tcp from any to 10.0.0.254 port 80 -> > 192.168.1.69port 80 > > > > pass all > > Why are you messing with CARP before the whole thing works at all? CARP > is wonderful and not that difficult to set up, but there are a couple of > gotchas in combining CARP and pf that are best dealt with once you know > pf.conf works. At least the first time. > > Also, actually using the $ext_if macro might be more useful than just > defining it; there is no magic there, it's just a common macro to > define. 'pass all' is the default; no need to define it. Your handling > of IPv6 makes little sense (why allow IPv4 to $server port 80, but > handle IPv6 on the firewall? Either 'block drop inet6' or do without > 'inet'). Finally, symbolic names are more readable: use 'http' instead > of '80'. > > That said, > > ext_if=sis0 > int_if=rl0 > server=192.168.1.69 > > nat on $ext_if from $int_if:network -> $ext_if > rdr on $ext_if inet proto tcp to $ext_if port http -> $server > > should work for the no-CARP scenario. With CARP, that should become > something like the below (not tested): > > ext_if_base=sis0 > ext_if_carp=carp1 > int_if_base=rl0 > int_if_carp=carp0 > server=192.168.1.69 > > nat on $ext_if_base from $int_if_carp:network -> ($ext_if_carp) > rdr on $ext_if_base proto tcp to $ext_if_carp port http -> $server > >Joachim > > -- > TFMotD: trek (6) - trekkie game
Re: Chaos Computer Camp 2007. Anyone going?
On Sat, May 12, 2007 at 09:01:49PM +0200, Karl Sjvdahl - dunceor wrote: > On 5/12/07, Edd Barrett <[EMAIL PROTECTED]> wrote: > >Hi, > > > >My german housemate has reccommneded the chaos computer camp to me. > >Looks like a good laugh. A couple of my student buddies and myself are > >thinking of coming. > > > >I see there is a "BSD village". Is that you lot? Would be nice to meet > >some of the developers. > > > >-- > >Best Regards > > > >Edd > > > >--- > >http://students.dec.bournemouth.ac.uk/ebarrett/ > > > > > > I think Wim is one of the organizers of the BSD Village. He was at WTH > at least so I think he is involved. I doubt that they will miss that > big event. > > I'm hopening to go if I can get time of from work. I will be in the > BSD village then if I go. Is it necessary to do any kind of "reservation" for the BSD Village? I would really enjoy hanging out with the OpenBSD devs/users and even to learn/do some hacking. I could ask Wim in private, but the answer could be of interest to other people as well. Regards, ahb
Re: authpf wrong shell warning
Lawrence Horvath wrote: > I am trying to set up authpf. I created all the files however i would > like to be able to login and then start authpf instead of having a > separate user for authpf. when ever i try to start authpf after loging > in with ssh i get the below error > > May 14 22:03:31 freemon authpf: wrong shell for user lawrence.horvath, uid > 1002 > > how do i get it to be the "right" shell? > authpf has some security checks which make sense in the general case, but sometimes annoy in the specific case. One of those checks is to make sure it is the user's default shell, which is what you are trying to avoid. The nice thing about Open Source software is you can change code you don't like or change it as you wish. Be careful, however, this was done for a reason. From memory, if you can run authpf from a command line, you can feed it any info you wish, including bogus IP addresses, so user X coming from W.X.Y.Z could fire up authpf for a user coming from A.B.C.D, without that user having to log in at all...and that's bad in the general case. However, sometimes you want things a little different than original plans. I run a very private IRC server, just some long-time friends that (for the most part) all know each other in "real life". These users have reason to both have shell and IRC access to these machines. In my case, I trust these users (at least on these machines), it's the rest of the world I don't trust, so I've cut out some code from authpf.c to enable authpf to be run from the command line, and even backgrounded, so it will hold an IP open until the machine is rebooted or until someone kill(1)s the authpf process. VERY dangerous in the general case, but ok for *my* application. The authpf code is quite readable..look for the error message, look at the code that generates it, and remove it. There are a couple other tests you probably need to remove as well in the same immediate area. There are the bullets. Provide your own feet. :) Nick.
Re: OT: 32bit vs 64bit network card question
On Tue, 15 May 2007 14:29:02 +0200 Henning Brauer <[EMAIL PROTECTED]> wrote: > * Timo Schoeler <[EMAIL PROTECTED]> [2007-05-15 13:47]: > > On Tue, 15 May 2007 13:38:10 +0200 > > Henning Brauer <[EMAIL PROTECTED]> wrote: > > > > > * Henning Brauer <[EMAIL PROTECTED]> [2007-05-15 00:03]: > > > > * bofh <[EMAIL PROTECTED]> [2007-05-14 21:54]: > > > > > I have a question. Some 64 bit cards (PCI-X?) seem to work > > > > > in 32 bit slots (PCI 2.2?). Is this a feature, or am I > > > > > looking at possible issues down the road? Specifically, I am > > > > > trying to build a n old(er) box, and on a whim (and vague > > > > > memories about this working), stuck an em card into it. Box > > > > > seems to boot, and network traffic seems to flow. Not sure > > > > > if I should spend some $ $ to buy another network card. > > > > > > > > yes, may 64bit PCI cards (from 64/33 to PCI-X 133) wor just > > > > fine in > > >^^^ > > > that should read "many". there are cards that are NOT backwards > > > compatible. > > > also, the ones that are need 3.3V pci slots, not the ancient 5V > > > ones. > > > > as a rule of thumb one can say that cards that won't work guaranteed > > also should NOT fit into that slot; at least not without using a > > hammer or similar tools ;) > > no, that is not true. there are some that fir physically but just do > not work unless they are in a 64bit slot. they will not be damanged > by inserting them in a 32bit one, they'll just not work. then one should throw them away anyways as being not compliant to specs. > -- > Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] > BS Web Services, http://bsws.de > Full-Service ISP - Secure Hosting, Mail and DNS Services > Dedicated Servers, Rootservers, Application Hosting - Hamburg & > Amsterdam
Re: OT: 32bit vs 64bit network card question
* Timo Schoeler <[EMAIL PROTECTED]> [2007-05-15 13:47]: > On Tue, 15 May 2007 13:38:10 +0200 > Henning Brauer <[EMAIL PROTECTED]> wrote: > > > * Henning Brauer <[EMAIL PROTECTED]> [2007-05-15 00:03]: > > > * bofh <[EMAIL PROTECTED]> [2007-05-14 21:54]: > > > > I have a question. Some 64 bit cards (PCI-X?) seem to work in 32 > > > > bit slots (PCI 2.2?). Is this a feature, or am I looking at > > > > possible issues down the road? Specifically, I am trying to > > > > build a n old(er) box, and on a whim (and vague memories about > > > > this working), stuck an em card into it. Box seems to boot, and > > > > network traffic seems to flow. Not sure if I should spend some $ > > > > $ to buy another network card. > > > > > > yes, may 64bit PCI cards (from 64/33 to PCI-X 133) wor just fine in > >^^^ > > that should read "many". there are cards that are NOT backwards > > compatible. > > also, the ones that are need 3.3V pci slots, not the ancient 5V ones. > > as a rule of thumb one can say that cards that won't work guaranteed > also should NOT fit into that slot; at least not without using a hammer > or similar tools ;) no, that is not true. there are some that fir physically but just do not work unless they are in a 64bit slot. they will not be damanged by inserting them in a 32bit one, they'll just not work. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
Re: OT: 32bit vs 64bit network card question
On 5/15/07, Henning Brauer <[EMAIL PROTECTED]> wrote: * Henning Brauer <[EMAIL PROTECTED]> [2007-05-15 00:03]: > * bofh <[EMAIL PROTECTED]> [2007-05-14 21:54]: > > I have a question. Some 64 bit cards (PCI-X?) seem to work in 32 bit > > slots (PCI 2.2?). Is this a feature, or am I looking at possible > > issues down the road? Specifically, I am trying to build a n old(er) > > box, and on a whim (and vague memories about this working), stuck an > > em card into it. Box seems to boot, and network traffic seems to > > flow. Not sure if I should spend some $$ to buy another network card. > > yes, may 64bit PCI cards (from 64/33 to PCI-X 133) wor just fine in ^^^ Much thanx! -- "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation.
Re: OT: 32bit vs 64bit network card question
On Tue, 15 May 2007 13:38:10 +0200 Henning Brauer <[EMAIL PROTECTED]> wrote: > * Henning Brauer <[EMAIL PROTECTED]> [2007-05-15 00:03]: > > * bofh <[EMAIL PROTECTED]> [2007-05-14 21:54]: > > > I have a question. Some 64 bit cards (PCI-X?) seem to work in 32 > > > bit slots (PCI 2.2?). Is this a feature, or am I looking at > > > possible issues down the road? Specifically, I am trying to > > > build a n old(er) box, and on a whim (and vague memories about > > > this working), stuck an em card into it. Box seems to boot, and > > > network traffic seems to flow. Not sure if I should spend some $ > > > $ to buy another network card. > > > > yes, may 64bit PCI cards (from 64/33 to PCI-X 133) wor just fine in >^^^ > that should read "many". there are cards that are NOT backwards > compatible. > also, the ones that are need 3.3V pci slots, not the ancient 5V ones. as a rule of thumb one can say that cards that won't work guaranteed also should NOT fit into that slot; at least not without using a hammer or similar tools ;) timo -- Line Printer paper is strongest at the perforations.
Re: OT: 32bit vs 64bit network card question
* Henning Brauer <[EMAIL PROTECTED]> [2007-05-15 00:03]: > * bofh <[EMAIL PROTECTED]> [2007-05-14 21:54]: > > I have a question. Some 64 bit cards (PCI-X?) seem to work in 32 bit > > slots (PCI 2.2?). Is this a feature, or am I looking at possible > > issues down the road? Specifically, I am trying to build a n old(er) > > box, and on a whim (and vague memories about this working), stuck an > > em card into it. Box seems to boot, and network traffic seems to > > flow. Not sure if I should spend some $$ to buy another network card. > > yes, may 64bit PCI cards (from 64/33 to PCI-X 133) wor just fine in ^^^ that should read "many". there are cards that are NOT backwards compatible. also, the ones that are need 3.3V pci slots, not the ancient 5V ones. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
Re: Troubleshooting NAT on a VLAN interface
Tor Houghton <[EMAIL PROTECTED]> writes: > I can get a DHCP address on the interface, and I appear to be able to > connect to anywhere _from_ the host, but not through it. Just to eliminate the obvious - you /do/ have the required syctl.conf magic and relevant pass rules in place? -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: SFTP no autocompletion?
On Tue, May 15, 2007 at 11:33:27AM +0200, Pieter Verberne wrote: | Hi there, | | does SFTP have no TAB-autocompletion for local/remote files? TAB | doesn't work. It makes transferring files very clumsy. And does SFTP | secure my username and password or only my file transfers by default? SFTP uses ssh and thus secures the entire connection. The sftp(1) client that comes by default with OpenBSD does not do tabcompletion. Feel free to use another client or to write support for it and send a patch ;) | Pieter Verberne | | p.s. (my lines are longer than 72 caracters, is that a problem?) Yes. You shouldn't. Why are you even asking and not just limiting your lines to <72 chars ? Please read http://www.openbsd.org/mail.html Paul 'WEiRD' de Weerd -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<>-]<+.--.[-] http://www.weirdnet.nl/
Re: Troubleshooting NAT on a VLAN interface
On Tue, 15 May 2007 11:11:39 +0200, Tor Houghton <[EMAIL PROTECTED]> wrote: > Hi, > > I'm trying to troubleshoot NAT on a VLAN interface (parent interface is > xl0 > - a 3com 905). With OpenBSD 3.4 I got a 'initialized with non-standard mtu > 1496' message with the same interface card, but with 4.1 this disappeared. > > Does this mean "everything is fine, this card supports VLAN trunks", or > should I be dubious and use something else (which one)? > > I am not able to provide debug output at this minute, but essentially I > can't seem to do NAT when vlan0 is set as the external interface ($ext_if; > the suggested nat line in pf.conf(5) is used, with ext_if="vlan0"). > > I can get a DHCP address on the interface, and I appear to be able to > connect to anywhere _from_ the host, but not through it. > > A 'pfctl -s all' only shows me the static mappings (rdr's). Then obviously there are no nat rules to perform translation. Quit blaming it on hardware or vlan interfaces, it's probably just a broken ruleset. Post your pf.conf (and optionally, your hostname.if files). -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net
SFTP no autocompletion?
Hi there, does SFTP have no TAB-autocompletion for local/remote files? TAB doesn't work. It makes transferring files very clumsy. And does SFTP secure my username and password or only my file transfers by default? Pieter Verberne p.s. (my lines are longer than 72 caracters, is that a problem?)
OT: flowcharts
Hi all I have an OT question for you guys. Do any of you use flowcharting software, and if so what do you use? I am just beginning to explore the world of programming and have so far used Microsoft (spit) Visio. I tried both Kivio and Dia but they fall short for me. My code choices are (due to the course I am attending) limited to JavaScript and pseudocode. Any recommendations? Marius.
Troubleshooting NAT on a VLAN interface
Hi, I'm trying to troubleshoot NAT on a VLAN interface (parent interface is xl0 - a 3com 905). With OpenBSD 3.4 I got a 'initialized with non-standard mtu 1496' message with the same interface card, but with 4.1 this disappeared. Does this mean "everything is fine, this card supports VLAN trunks", or should I be dubious and use something else (which one)? I am not able to provide debug output at this minute, but essentially I can't seem to do NAT when vlan0 is set as the external interface ($ext_if; the suggested nat line in pf.conf(5) is used, with ext_if="vlan0"). I can get a DHCP address on the interface, and I appear to be able to connect to anywhere _from_ the host, but not through it. A 'pfctl -s all' only shows me the static mappings (rdr's). Is my question too broad? I'm running 4.1 GENERIC, and the inside interface is a dc; Linksys I think. I can provide debug/configuration output once I am in a position to do so later if this helps. Thanks, Tor
Re: OT: unix/openbsd printer support
Moin, John Nietzsche has spoken, thus: > I wonder if some here has already deployed such in openbsd environment > and knows the site i am talking about. I think http://www.linux-foundation.org/en/OpenPrinting is what you are looking for. Regards, Frank. -- What can you use used tampons for? Tea bags for vampires. openBSD - Can't fight the Systemagic. \ber tragic. Frank Brodbeck <[EMAIL PROTECTED]> Politicians do it to everyone.
