Re: WWW to go public, if pf would let me
On 6/9/07, Bray Mailloux <[EMAIL PROTECTED]> wrote: So, I'm trying to get my WWW server, public: 64.142.102.11; private: 192.168.1.4, to answer requests from the internet. Each time I try to access the public address, via firefox, the browser claims it does not exist. Try some more basic network layer stuff -- can you ping it? telnet to port 80? if yes on the latter, you're good. Also, apply a little thought-powder and do some troubleshooting, or explain to us what you've done -- can you get the pages locally? How about with PF turned off? More info will help! Marti -- Systems Programmer, Principal Electrical & Computer Engineering The University of Arizona [EMAIL PROTECTED]
Re: adaptec 2410sa raid card not reconized
luccio01 wrote: ... > And what do you think about stability of aac driver ? > Because I read it is not a good idea to use it ... http://www.openbsd.org/faq/faq12.html#aac do you care about your data? do you feel lucky? Nick.
Re: WWW to go public, if pf would let me
On 6/9/07, Bray Mailloux <[EMAIL PROTECTED]> wrote:
Hello Everyone;
# ifconfig -A
rl0: flags=8843 mtu 1500
lladdr 00:50:bf:3a:2e:66
groups: egress
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::250:bfff:fe3a:2e66%rl0 prefixlen 64 scopeid 0x1
inet 64.142.102.8 netmask 0xff00 broadcast 64.142.102.255
inet 64.142.102.9 netmask 0xff00 broadcast 64.142.102.255
inet 64.142.102.10 netmask 0xff00 broadcast 64.142.102.255
inet 64.142.102.11 netmask 0xff00 broadcast 64.142.102.255
rl1: flags=8843 mtu 1500
lladdr 00:13:46:30:0b:b2
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::213:46ff:fe30:bb2%rl1 prefixlen 64 scopeid 0x2
inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255
vr0: flags=8843 mtu 1500
lladdr 00:19:5b:3d:12:12
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::219:5bff:fe3d:1212%vr0 prefixlen 64 scopeid 0x3
inet 192.168.0.1 netmask 0xff00 broadcast 192.168.0.255
# cat /etc/pf.conf
# $OpenBSD: pf.conf,v 1.31 2006/01/30 12:20:31 camield Exp $
# See pf.conf(5) and /usr/share/pf for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.
#Macros
# 192.168.0.1 subnet
ext_ip="64.142.102.8"
int_ip="192.168.0.1"
int_block="192.168.0.0/24"
#DMZ subnet
#Interface
dmz_ip="192.168.1.1"
dmz_block="192.168.1.0/24"
#DNS 1
scarlett="192.168.1.2"
pub_scarlett="64.142.102.9"
#DNS 2
shelly="192.168.1.3"
pub_shelly="64.142.102.10"
#WWW 1
www_ip="192.168.1.4"
pub_www="64.142.102.11"
#DMZ Services
services="{ domain, www, smtp, }"
#Normalizing
scrub in all
64.142.102.11
#NAT and Binat
nat on rl0 from $int_block to any -> $ext_ip
binat on rl0 from $scarlett to any -> $pub_scarlett
binat on rl0 from $shelly to any -> $pub_shelly
binat on rl0 from $www_ip to any -> $pub_www
#Redirection
rdr on rl1 proto tcp from any to 64.142.102.11 port 80 -> $www_ip port 8000
rdr on rl1 proto udp from any to any port domain -> $shelly
rdr on rl1 proto udp from any to any port domain -> $scarlett
#Default block policy
block all
#Anti-spoofing
block in quick from urpf-failed
#vr0 traffic
pass in on vr0 proto tcp from $int_block to any port 6112
pass in on vr0 proto tcp from $int_block to any port 80
pass in on vr0 proto tcp from $int_block to 207.212.58.16 port 25
pass in on vr0 proto { udp, icmp } from $int_block to any
#rl1 traffic
pass in log on rl1 proto tcp from $dmz_block to $www_ip port 80
pass in log on rl1 proto udp from $dmz_block to $shelly port domain
pass in log on rl1 proto udp from $dmz_block to $scarlett port domain
pass out on rl1 proto tcp from $www_ip to any port 80
pass out on rl1 proto udp from $shelly to any port domain
pass out on rl1 proto udp from $scarlett to any port domain
So, I'm trying to get my WWW server, public: 64.142.102.11; private:
192.168.1.4, to answer requests from the internet. Each time I try to
access the public address, via firefox, the browser claims it does not
exist.
"Does not exist" is a vague error description. What happens when you
attempt a simple socket connection (with telnet or nc, etc.) to the
IP/port it uses? There are many variables (DNS, etc.) in testing with
a browser; simplify your test to a focused tool. Also, you're testing
this from the Internet, not from your internal network, right?
Although by the time I've written this someone else has already solved
your problem, generally speaking, it helps to reduce your pf.conf to
as simple a configuration as you can to isolate the issues. You can
load the trimmed down ruleset from an alternate file and diagnose just
the components you need to. For me personally, following your use of
macros and jumping up and down the ruleset requires more time than I'm
willing to commit. :)
So, not sure about the connections failing. As for your aliases, check
hostname.if(5) and you'll see that IPv4 interface aliases typically
have full /32 subnet masks.
DS
Re: WWW to go public, if pf would let me
On Jun 9, 2007, at 9:28 PM, Darren Spruell wrote: So, not sure about the connections failing. As for your aliases, check hostname.if(5) and you'll see that IPv4 interface aliases typically have full /32 subnet masks. Is this true? All of my interfaces with aliases have the same netmask as the actual netmask. Using /32 as the netmask has not worked for me. However, on FreeBSD for example, you need to use /32 or it will not work. At least this is true on a legacy FreeBSD 5.5 machine I will soon be rid of. Bryan
Re: WWW to go public, if pf would let me
On Jun 9, 2007, at 9:28 PM, Darren Spruell wrote: So, not sure about the connections failing. As for your aliases, check hostname.if(5) and you'll see that IPv4 interface aliases typically have full /32 subnet masks. Sorry! I spoke too soon. I find that it works either with the /32 or the actual netmask. According to hostname.if(5) it is not clear except that the example given shows /32 as the netmask for aliases. Are there any problems with using the actual netmask? Bryan
Re: WWW to go public, if pf would let me
On 6/9/07, Bryan Vyhmeister <[EMAIL PROTECTED]> wrote: On Jun 9, 2007, at 9:28 PM, Darren Spruell wrote: > So, not sure about the connections failing. As for your aliases, check > hostname.if(5) and you'll see that IPv4 interface aliases typically > have full /32 subnet masks. Sorry! I spoke too soon. I find that it works either with the /32 or the actual netmask. According to hostname.if(5) it is not clear except that the example given shows /32 as the netmask for aliases. Are there any problems with using the actual netmask? Nowadays, I don't know. It used to be back in the days of /etc/ifaliases that you'd have problems getting the alias in the routing table correctly unless you gave the alias a full 255.255.255.255 netmask. Nowadays I don't know if it really matters, but I stick with it because that what all the references say. e.g.: http://marc.info/?l=openbsd-misc&m=95202862819912&w=2 DS
User mount cdrom?
Hello, I'm having great difficulty allowing my users to mount the cdrom. I've looked in the faq and both fstab and mount manpages, but still can't find it! I think the GNU tools allow: mount /dev/cd0a /mnt/cdrom -t cd9660 -o user I'm looking for the appropriate fstab entry, but according to the man pages, there doesn't seem to be a way? I thought it would be something like this: /dev/cd0a /mnt/cdrom cd9660 noauto,ro,user 0 0 But I get the following: "mount_cd9660: -o user: option not supported" Help! Timothy.
Re: User mount cdrom?
On 6/8/07, Timothy Wilson <[EMAIL PROTECTED]> wrote: Hello, I'm having great difficulty allowing my users to mount the cdrom. I've looked in the faq and both fstab and mount manpages, but still can't find it! I think the GNU tools allow: this isn't gnu. mount /dev/cd0a /mnt/cdrom -t cd9660 -o user I'm looking for the appropriate fstab entry, but according to the man pages, there doesn't seem to be a way? I thought it would be something like this: /dev/cd0a /mnt/cdrom cd9660 noauto,ro,user 0 0 But I get the following: "mount_cd9660: -o user: option not supported" indeed, there's no such option. sysctl kern.usermount.
Re: User mount cdrom?
On 2007/06/09 16:56, Timothy Wilson wrote: > I'm having great difficulty allowing my users to mount the cdrom. I've > looked in the faq and both fstab and mount manpages, but still can't > find it! I think the GNU tools allow: > > mount /dev/cd0a /mnt/cdrom -t cd9660 -o user OpenBSD mount(8) isn't installed setuid root to allow this sort of thing. How about sudo(8) instead?
Re: PPPoE MTU Problem
On 2007/06/09 01:49, Will Jenkins wrote: > Also I can't work out how to get any kind of logs from kernel pppoe. # ifconfig pppoe0 debug then to turn it off (to avoid spamming /var/log/messages with each outgoing packet): # ifconfig pppoe0 -debug Sometimes running tcpdump on the ethernet interface that pppoe runs over can be informative too, e.g. tcpdump -ni -vvs1500
4.1 with network card issue
HI All,
I am having problem with network card on Intel Motherboard on OpenBSD 4.1.
However the same motherboard and network card do not have problem wiht
OpenBSD 4.0
When loading the card:
em0 at pci3 dev 0 function 0 "Intel PRO/1000MT (82573e)" rev
0x03uvm_fault(0xd0691180,
0x1f000, 0, 1) ->
fatal page fault (6) in supervisor mode
trap type 6 code 0 eip d02b0a10 cs 8 eflags 10202 cr2 1ff07 cp0
panic: trap type 6, code-0, pc-d02b0a10
the operating system has halted
please press any key to reboot
On OpenBSD 4.0 the dmesg:
OpenBSD 4.0 (GENERIC) #1107: Sat Sep 16 19:15:58 MDT 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
RTC BIOS diagnostic error 3
cpu0: Intel(R) Pentium(R) 4 CPU 3.00GHz ("GenuineIntel" 686-class) 3.01 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CF
LUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,CNXT-ID,C
X16
cpu0: EST: strange msr value 0x0f270f27
real mem = 533651456 (521144K)
avail mem = 478867456 (467644K)
using 4256 buffers containing 26783744 bytes (26156K) of memory
RTC BIOS diagnostic error 3
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 07/11/06, SMBIOS rev. 2.4 @
0x1fe0e000
(42 entries)
bios0: Intel Corporation S3000AH
pcibios at bios0 function 0x1a not configured
bios0: ROM list: 0xc/0x9000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel E7230 MCH" rev 0x00
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01
pci1 at ppb0 bus 1
ppb1 at pci0 dev 28 function 4 "Intel 82801G PCIE" rev 0x01
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 5 "Intel 82801G PCIE" rev 0x01
pci3 at ppb2 bus 3
em0 at pci3 dev 0 function 0 "Intel PRO/1000MT (82573E)" rev 0x03: irq 9,
addres
s 00:15:17:13:c7:36
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: irq 10
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x01: irq 11
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: irq 11
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x01: irq 11
usb3 at uhci3: USB revision 1.0
uhub3 at usb3
uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01: irq 10
usb4 at ehci0: USB revision 2.0
uhub4 at usb4
uhub4: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
ppb3 at pci0 dev 30 function 0 "Intel 82801BA AGP" rev 0xe1
pci4 at ppb3 bus 4
vga1 at pci4 dev 4 function 0 "ATI ES1000" rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
em1 at pci4 dev 5 function 0 "Intel PRO/1000MT (82541GI)" rev 0x05: irq 9,
addre
ss 00:15:17:13:c7:37
ichpcib0 at pci0 dev 31 function 0 "Intel 82801GB LPC" rev 0x01: PM disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x01: DMA,
channel 0 c
onfigured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0:
wd0: 16-sector PIO, LBA, 19092MB, 39102336 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
pciide0: channel 1 disabled (no drives)
ichiic0 at pci0 dev 31 function 3 "Intel 82801GB SMBus" rev 0x01: irq 11
iic0 at ichiic0
adt0 at iic0 addr 0x2e: sch5017 rev 0x8a
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0:
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
biomask eded netmask efed ttymask ffef
pctr: user-level cycle counter enabled
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
thanks and best regards,
riwan
Arc Raid Card trouble
I am having Trouble with a *Areca* 1200 series RAID card,
When I try and boot OpenBSD -current with the *Areca* raid card in the system
it hangs with error message:
***
root on wd0a swap on wd0b dump on wd0b
Unable to query firmware for sensor info
***
however without the raid card I get the following dmesg
OpenBSD 4.1-current (GENERIC.MP) #124: Tue Jun 5 21:39:19 MDT 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Pentium(R) D CPU 2.80GHz ("GenuineIntel" 686-class)
2.81 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16,xTPR
real mem = 1064857600 (1015MB)
avail mem = 1018224640 (971MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 12/29/06, BIOS32 rev. 0 @
0xfa020, SMBIOS rev. 2.4 @ 0xf (39 entries)
bios0: Biostar 945GZ Micro 775 SE
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 70102 dobusy 1 doidle 1
pcibios0 at bios0: rev 3.0 @ 0xf/0xc964
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc810/288 (16 entries)
pcibios0: bad IRQ table checksum
pcibios0: PCI BIOS has 19 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 5 7 10 11 12 15
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801GB LPC" rev 0x00)
pcibios0: PCI bus #4 is the last bus
bios0: ROM list: 0xc/0xaa00!
mainbus0: Intel MP Specification (Version 1.4)
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 200 MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Pentium(R) D CPU 2.80GHz ("GenuineIntel" 686-class, 0KB
L2 cache) 2.81 GHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16,xTPR
mainbus0: bus 0 is type PCI
mainbus0: bus 1 is type PCI
mainbus0: bus 2 is type PCI
mainbus0: bus 3 is type PCI
mainbus0: bus 4 is type PCI
mainbus0: bus 5 is type ISA
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 4
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82945GP" rev 0x02
vga1 at pci0 dev 2 function 0 "Intel 82945G Video" rev 0x02: aperture
at 0xfdf0, size 0x1000
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01
pci_intr_map: bus 0 dev 28 func 0 pin 2; line 12
pci_intr_map: no MP mapping found
pci_intr_map: bus 0 dev 28 func 0 pin 3; line 11
pci_intr_map: no MP mapping found
pci_intr_map: bus 0 dev 28 func 0 pin 4; line 15
pci_intr_map: no MP mapping found
pci1 at ppb0 bus 1
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: apic 4
int 23 (irq 7)
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01: apic 4
int 23 (irq 7)
usb0 at ehci0: USB revision
2.0
uhub0 at usb0: Intel EHCI root hub, rev 2.00/1.00, addr 1
ppb1 at pci0 dev 30 function 0 "Intel 82801BA AGP" rev 0xe1
pci_intr_map: bus 0 dev 30 func 0 pin 1; line 12
pci_intr_map: no MP mapping found
pci_intr_map: bus 0 dev 30 func 0 pin 2; line 10
pci_intr_map: no MP mapping found
pci2 at ppb1 bus 2
ppb2 at pci2 dev 1 function 0 "DEC 21152 PCI-PCI" rev 0x03
pci_intr_map: bus 2 dev 1 func 0 pin 2; line 11
pci_intr_map: no MP mapping found
pci_intr_map: bus 2 dev 1 func 0 pin 3; line 15
pci_intr_map: no MP mapping found
pci3 at ppb2 bus 3
dc0 at pci3 dev 4 function 0 "DEC 21142/3" rev 0x30: apic 4 int 18
(irq 11), address 00:c0:95:e1:03:28
dcphy0 at dc0 phy 31: internal PHY
dc1 at pci3 dev 5 function 0 "DEC 21142/3" rev 0x30: apic 4 int 18
(irq 11), address 00:c0:95:e1:03:29
dcphy1 at dc1 phy 31: internal PHY
dc2 at pci3 dev 6 function 0 "DEC 21142/3" rev 0x30: apic 4 int 18
(irq 11), address 00:c0:95:e1:03:2a
dcphy2 at dc2 phy 31: internal PHY
dc3 at pci3 dev 7 function 0 "DEC 21142/3" rev 0x30: apic 4 int 18
(irq 11), address 00:c0:95:e1:03:2b
dcphy3 at dc3 phy 31: internal PHY
ppb3 at pci2 dev 2 function 0 "DEC 21152 PCI-PCI" rev 0x03
pci_intr_map: bus 2 dev 2 func 0 pin 1; line 5
pci_intr_map: no MP mapping found
pci_intr_map: bus 2 dev 2 func 0 pin 2; line 12
pci_intr_map: no MP mapping found
pci4 at ppb3 bus 4
dc4 at pci4 dev 4 function 0 "DEC 21142/3" rev 0x41: apic 4 int 17
(irq 12), address 00:c0:95:e2:4f:04
dcphy4 at dc4 phy 31: internal PHY
dc5 at pci4 dev 5 function 0 "DEC 21142/3" rev 0x41: apic 4 int 17
(irq 12), address 00:c0:95:e2:4f:05
dcphy5 at dc5 phy 31: internal PHY
dc6 at pci4 dev 6 function 0 "DEC 21142/3" rev 0x41: apic 4 int 17
(irq 12), address 00:c0:95:e2:4f:06
dcphy6 at dc6 phy 31: internal PHY
dc7 at pci4 dev 7 function 0 "DEC 21142/3" rev 0x41: apic 4 int 17
(irq 12), address 00:c0:95:e2:4f:07
dcphy7 at dc7 phy 31: internal PHY
rl0 at pci2 dev 5 function 0 "Realtek 8139" rev 0x10: apic 4 int 20
(irq 10), address 00:e0:4d:14:d6:22
rlphy0 at rl0 phy 0: RTL internal PHY
ichpcib0 at pci0 dev 31 func
Re: User mount cdrom?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Today Timothy Wilson wrote: Hello, I'm having great difficulty allowing my users to mount the cdrom. I've looked in the faq and both fstab and mount manpages, but still can't find it! I think the GNU tools allow: mount /dev/cd0a /mnt/cdrom -t cd9660 -o user I'm looking for the appropriate fstab entry, but according to the man pages, there doesn't seem to be a way? I thought it would be something like this: /dev/cd0a /mnt/cdrom cd9660 noauto,ro,user 0 0 But I get the following: "mount_cd9660: -o user: option not supported" Help! Timothy. Try man sudoers & look for the cdrom example. === GnuPG key : 0x1644E79A | http://wwwkeys.nl.pgp.net Fingerprint: D0A9 AD44 1F10 E09E 0E67 EC25 CB44 F2E5 1644 E79A === iD8DBQFGankhy0Ty5RZE55oRAvHUAJ9TldfC3jY73sBh7kZOHih5fJLGVgCeL0Rn 1Je0wQ5rmj2tqXfVUrt0sw8= =8lqo -END PGP SIGNATURE-
beck's greyscanner for spamd 4.1
I've noticed that original greyscanner by beck@ doesn't work with latest spamd. Is there fixed/updated version of greyscanner anywhere? Thanks.
Win a weekend of sublime luxury at The Chedi Muscat with ArabianBusiness.com
[IMAGE] If this email does not display properly, please click here. YOUR DETAILS (ALL FIELDS ARE REQUIRED) TITLE MRMRSMISSDROTHER GENDER MaleFemale NAME COMPANY POSITION INDUSTRY EMAIL COUNTRY OF RESIDENCE RECOMMEND YOUR FRIENDS EMAIL 1 EMAIL 2 EMAIL 3 EMAIL 4 EMAIL 5 Terms & Conditions: Prize includes 2 round trip economy flights from either Dubai, Kuwait, Qatar or Bahrain to Muscat and 2 nights in the Chedi Suite including Breakfast and Airport transfers. Closing date 11th June 2007. Prizes are valid from 15th May to 30th September 2007. Visa processing to be undertaken by the winner. Dates of travel are subject to availability. By entering this competition you are automatically subscribing to both the ArabianBusiness.com twice-daily eNewsletters. You have received this email message from ITP, the leading business, consumer, communication and IT publishers in the Middle East. Your email address has been recorded because either you have subscribed to or advertised in one of our market leading magazines or have registered on one of our web sites (ITP.net; ArabianBusiness.com; GitexTimes.com; TimeOutDubai.com; TimeOutAbuDhabi.com; Ahlan.ae and Mumtazz.com). Should you wish to remove your email address from the mailing list please click here. Is this email in your junk/bulk folder? To ensure that you receive all future newsletters in your Inbox, add [EMAIL PROTECTED] to your address book and [EMAIL PROTECTED] to your white list filters.
Re: need a machine for an itanium port
On Sat, 2007-06-09 at 08:50 +0200, Alf Schlichting wrote: > One more. > > Alf > Me too- Warren.
OpenBSD arp proxy
Dear All,
I have a problem configuring routing. Here is how my setup looks:
Internet - - - ADSL modem (bridge mode) - - - OpenBSD BOX - - - - - - - Switch
- - - - - - - Server 1
IPOA: 196.218.x.97 vr1: 196.218.x.98
| bge0: 196.218.x.100
|
|
|
Server 2
eth0: 196.218.x.101
The idea is to give public IPs to servers behind OpenBSD firewall. I don't want
to assagin IP addresses to OpenBSD BOX and use binat. I want to servers have IP
assigned to their interfaces so I can
reach them directly from internet.
Someone told me that I have to use arp proxy. As I know OpenBSD has builtin arp
proxy using userland arp utillity.
When I added arp -s 196.218.x.100 mac_address_of_server1 perm pub . I still
couldn't reach 196.218.x.100 .
Ofcoure I will have to add: no nat on $ext_if from { 10.0.0.3, 10.0.0.7 } to
any .
Thank you in advance,
Dominik
Re: OpenBSD arp proxy
2007/6/9, Dominik Zalewski <[EMAIL PROTECTED]>: > > Dear All, > > I have a problem configuring routing. Here is how my setup looks: > > > Internet - - - ADSL modem (bridge mode) - - - OpenBSD BOX - - - - - - - > Switch - - - - - - - Server 1 > IPOA: 196.218.x.97 vr1: 196.218.x.98 > | > bge0: 196.218.x.100 > > | > > | > > | > > Server > 2 > > eth0: > 196.218.x.101 In such setup, you should configure obsd box as a (address-less) bridge, something like this: [(16:58):[EMAIL PROTECTED]:~ ] cat /etc/bridgename.bridge0 add fxp0 add xl0 blocknonip fxp0 blocknonip xl0 up [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.xl0 up [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.fxp0 up or if you WANT to assign IP-address to obsd box: [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.fxp0 inet 196.218.x.98 255.255.255.248 NONE I hope you get the idea
Re: OpenBSD arp proxy
On Saturday 09 June 2007 04:04:13 pm Anton Karpov wrote: > 2007/6/9, Dominik Zalewski <[EMAIL PROTECTED]>: > > Dear All, > > > > I have a problem configuring routing. Here is how my setup looks: > > > > > > Internet - - - ADSL modem (bridge mode) - - - OpenBSD BOX - - - - - - - > > Switch - - - - - - - Server 1 > > IPOA: 196.218.x.97 vr1: 196.218.x.98 > > | bge0: 196.218.x.100 > > > > > > > > > > > > > > > > Server 2 > > > > eth0: 196.218.x.101 > > In such setup, you should configure obsd box as a (address-less) bridge, > something like this: > > [(16:58):[EMAIL PROTECTED]:~ ] cat /etc/bridgename.bridge0 > add fxp0 > add xl0 > blocknonip fxp0 > blocknonip xl0 > up > > [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.xl0 > up > [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.fxp0 > up > > > or if you WANT to assign IP-address to obsd box: > > [(16:59):[EMAIL PROTECTED]:~ ] cat /etc/hostname.fxp0 > inet 196.218.x.98 255.255.255.248 NONE > > > I hope you get the idea It works:) Thank man:) Dominik
Re: User mount cdrom?
On 6/9/07, Timothy Wilson <[EMAIL PROTECTED]> wrote: Hello, I'm having great difficulty allowing my users to mount the cdrom. I've looked in the faq and both fstab and mount manpages, but still can't find it! I think the GNU tools allow: Hello Tim: I got user mount of the CDROM to work as follows: 1) Edit /etc/sysctl.conf and insert kern.usermount=1 2) As root, do # mkdir /cdrom # cd /cdrom # mkdir tim (assuming the user account is named tim) 3) Do: # chown tim /cdrom/tim this is based on the comment from: ___ http://monkey.org/openbsd/archive/misc/0309/msg01664.html /* * If the user is not root, ensure that they own the directory * onto which we are attempting to mount. */ 4) Edit /etc/fstab and insert the following line: /dev/cd0a /cdrom/tim cd9660 ro,noauto 0 0 5) Add the user tim to the operator group, in /etc/group like so: operator:*:5:root,tim - To make a user mountable thumb drive: 1) Make sure /etc/sysctl.conf has: kern.usermount=1 2) As root, do # mkdir /thumb # cd /cdrom # mkdir tim (assuming the user account is named bsd) 3) Do: # chown tim /thumb/tim Again see: http://monkey.org/openbsd/archive/misc/0309/msg01664.html for the details. 4) Edit /etc/fstab and insert the following line: /dev/sd0i /thumb/tim msdos rw,noauto 0 0 5) Again, make sure the user tim is in the operator group, in /etc/group like so: operator:*:5:root,tim 6) Last step, do # chmod g+w /dev/sd0i (sd0i is the mount point for the USB thumb drive) -- Kind regards, Jonathan
Re: need a machine for an itanium port
Hey Diana, > So where are the other 18 or so folks? +1 Thanks for the reminder... Nico
Re: About BSD Certification
On Sat, Jun 09, 2007 at 02:28:30AM +0200, Rico Secada wrote: > On Sat, 9 Jun 2007 00:28:08 +0200 > Marc Balmer <[EMAIL PROTECTED]> wrote: > > > * Rico Secada wrote: > > > > > What do you think of The BSD Certification Group at bsdcertification.org? > > > > It is as useless as MSCE and all the other vendor certificates. I would > > even go so far to claim it's a lot worse than a Microsoft or Cisco > > certificate. > > > > This is not backed by any industry, it just reflects what some people in > > the BSD community think would be needed to do a day job. > > My point exactly. > > Darren Spruell wrote: "Then take a look at the names affiliated with the > organization, and the people that are putting effort into furthering a > BSD certification track and the reasons why. Many of the names you should > recognize as contributors in our community." > > Contributors in our community yes, but this doesn't mean that a BSD > certification is worth the money they charge. > > What it serves in my opinion, especially if the industri was backing it, > is a way to keep very skillful people from getting a job! Not the opposite. > > A lot of people can't afford some 10 different certificates just to prove > something which a certificate in reality doesn't prove anyway. > > > bsdcertification.org is there to boost the ego of it's members only. > > There is no real value in it. > > Perhaps I am mistaken about the "them making money part", but I agree > with this. No value! Just my 2 cents. Personally there is nothing wrong with making money. What I find sad is when that becomes the only way to enter the fray. For example the CISSP certification cost quite a bit and is used as a secret handshake by quite a few corps. It is the tip of the iceberg and is geared to those with lots of money to throw around. This means from observation that some are denied entry just because they do not have the dough to SHELL out. Hey it is an excellent baseline but certainly not the holy grail many tout it to be. By the way anyone willing to verify I have been involved in security for the past num++ years so I can get my CISSP certification. :-)
Re: About BSD Certification
Uggg, certs, I give little credence to any "vendor" cert. So many people use "bootcamps" for tests and walk away with little more than paper. I know, I work with them. I'm proud to say I'm darn near uneducated, besides the 15 month tech certificate in Optics/Photonics I received from a local tech school almost 2 decades ago. g.day
samba: really low throughput
got a 4.1-release machine that shares its disks via samba to a few windows xp workstations and is transferring files slow as molasses (1 GB file takes ~30 min to transfer). this machine serves FTP at ~10 MBps, close to linespeed for 100 Mbit, so disk speed is not the bottleneck on the server side. i expect to go gigabit on this stuff in another week or two so any further tips that apply in that regime would be nice to see. have read through the samba howto doc section on performance tuning and have tried a number of the suggested knobs to no avail. here is what has been added to the mostly default smb.conf that's being used: read raw = yes write raw = yes oplocks = yes max xmit = 65535 dead time = 15 getwd cache = yes socket options = TCP_NODELAY the share sections of smb.conf look like so: [d] comment = d unencrypted path = /d valid users = @smb write list = @smb read list = @smb force group = smb public = no writable = yes printable = no create mask = 0770 directory mask = 0770 read only = no i'm sure there are some of you out there using samba sans shite performance like this, would appreciate clues on how to fix this. cheers, jake
Re: samba: really low throughput
On Sat, Jun 09, 2007 at 10:59:42AM -0500, Jacob Yocom-Piatt wrote: > got a 4.1-release machine that shares its disks via samba to a few > windows xp workstations and is transferring files slow as molasses (1 GB > file takes ~30 min to transfer). this machine serves FTP at ~10 MBps, > close to linespeed for 100 Mbit, so disk speed is not the bottleneck on > the server side. i expect to go gigabit on this stuff in another week or > two so any further tips that apply in that regime would be nice to see. > [snip] > socket options = TCP_NODELAY Try: socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 Then tweak those send and receive buffer sizes for your setup. I get around 7MB/sec transfers from samba with this setup. [snip] > > i'm sure there are some of you out there using samba sans shite > performance like this, would appreciate clues on how to fix this. Hope that helps. -Dan -- "Burnished gallows set with red Caress the fevered, empty mind Of man who hangs bloodied and blind To reach for wisdom, not for bread." -- Deoridhe Grimsdaughter
Re: samba: really low throughput
Jacob Yocom-Piatt wrote: got a 4.1-release machine that shares its disks via samba to a few windows xp workstations and is transferring files slow as molasses (1 GB file takes ~30 min to transfer). this machine serves FTP at ~10 MBps, close to linespeed for 100 Mbit, so disk speed is not the bottleneck on the server side. i expect to go gigabit on this stuff in another week or two so any further tips that apply in that regime would be nice to see. have read through the samba howto doc section on performance tuning and have tried a number of the suggested knobs to no avail. here is what has been added to the mostly default smb.conf that's being used: read raw = yes write raw = yes oplocks = yes max xmit = 65535 dead time = 15 getwd cache = yes socket options = TCP_NODELAY the share sections of smb.conf look like so: [d] comment = d unencrypted path = /d valid users = @smb write list = @smb read list = @smb force group = smb public = no writable = yes printable = nocreate mask = 0770 directory mask = 0770 read only = no i'm sure there are some of you out there using samba sans shite performance like this, would appreciate clues on how to fix this. cheers, jake what about a dmesg? maybe there something is hiding. what's your network setup (switches, topology, etc)? Timo
Re: need a machine for an itanium port
A big shout out to deanna@ for getting this up on undeadly.org. Okay, y'all, with deanna@'s post of dlg@'s request on undeadly.org this is gathering steam. So, keep your cards(Credit) and letters($ EUR YEN) coming, so Santa can visit Aus. a little earlier than usual this year. diana
Re: Looking for readers of RFC's
On Fri, Jun 08, 2007 at 01:13:49PM +0200, Peter J. Philipp wrote: > Hi, > > I'm looking for up to 4000+ readers to read one RFC out loud and record it. > Please contact me to be handed a number to read. I'm looking to give these > to OpenBSD as a community effort. Please read my blog at http://centroid.eu > for more information. > > -peter Also I'm looking for people who would like to be proof-listeners with text and sound before them. Another set of people would be people translating RFC's into different languages, so I need speakers and proof-listeners for that as well. Don't feel shy, you'll get a number of RFC to do when you mail me with this subject. When you're done send the URL to me, and I'll put it up as a website, in the end we'll send it all to an Open Source project such as OpenBSD to serve RFC's spoken (with source code and kernel implementations), this is important because often bugs hide around things that aren't well understood, if listening to someone read it, it may help someone spoon feed the info into their head. -peter
General Answers about OpenBSD
Yes I've been using BSD since 1994/95. Yes, I've been using OpenBSD since 1998/1999. I've been buying CD's since 2000. Yes it has come a long way. Yes security is an ongoing effort. It runs firefox now, which is nice. There is always issues with shit in this box. It's a constant drain on nerves, but for some reason I still do it. Yes once in a while I submit a patch that gets committed as "similar fix committed". Yes I watch trolling once in a while. Here, that's my Innu cents worth.
Re: samba: really low throughput
Timo Schoeler wrote: Jacob Yocom-Piatt wrote: socket options = TCP_NODELAY dan's suggestion of replacing the above line with socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 has helped a bunch. now transfers are going at ~5 MBps. what about a dmesg? maybe there something is hiding. what's your network setup (switches, topology, etc)? timo, both machines are plugged into the same gigabit switch and clients are on 100 Mbit while the server's on gigabit. here is a dmesg for the server is below. cheers, jake OpenBSD 4.1 (GENERIC) #874: Sat Mar 10 19:09:51 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 1073278976 (1048124K) avail mem = 907526144 (886256K) using 22937 buffers containing 107536384 bytes (105016K) of memory mainbus0 (root) bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf9100 (61 entries) acpi at mainbus0 not configured ipmi0 at mainbus0: reserve send fails cpu0 at mainbus0: (uniprocessor) cpu0: AMD Sempron(tm) Processor 3000+, 1596.26 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 256KB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative pci0 at mainbus0 bus 0: configuration mode 1 ppb0 at pci0 dev 1 function 0 "ServerWorks HT-1000 PCI" rev 0x00 pci1 at ppb0 bus 1 ppb1 at pci1 dev 13 function 0 "ServerWorks HT-1000 PCIX" rev 0xc0 pci2 at ppb1 bus 2 ppb2 at pci2 dev 3 function 0 "Intel IOP331 PCIX-PCIX" rev 0x07 pci3 at ppb2 bus 3 ami0 at pci3 dev 14 function 0 "Symbios Logic MegaRAID SATA 4x/8x" rev 0x07: irq 7 ami0: LSI 3008, 32b, FW 813G, BIOS vH425, 128MB RAM ami0: 1 channels, 0 FC loops, 4 logical drives scsibus0 at ami0: 40 targets sd0 at scsibus0 targ 0 lun 0: SCSI2 0/direct fixed sd0: 189781MB, 189781 cyl, 64 head, 32 sec, 512 bytes/sec, 388671488 sec total sd1 at scsibus0 targ 1 lun 0: SCSI2 0/direct fixed sd1: 715248MB, 715248 cyl, 64 head, 32 sec, 512 bytes/sec, 1464827904 sec total sd2 at scsibus0 targ 2 lun 0: SCSI2 0/direct fixed sd2: 715263MB, 715263 cyl, 64 head, 32 sec, 512 bytes/sec, 1464858624 sec total sd3 at scsibus0 targ 3 lun 0: SCSI2 0/direct fixed sd3: 476837MB, 476837 cyl, 64 head, 32 sec, 512 bytes/sec, 976562176 sec total scsibus1 at ami0: 16 targets pciide0 at pci1 dev 14 function 0 "ServerWorks HT-1000 SATA" rev 0x00: DMA pciide0: using irq 11 for native-PCI interrupt pciide0: port 0: PHY offline pciide0: port 1: PHY offline pciide0: port 2: PHY offline pciide0: port 3: PHY offline pciide1 at pci1 dev 14 function 1 "ServerWorks HT-1000 SATA" rev 0x00 piixpm0 at pci0 dev 2 function 0 "ServerWorks HT-1000" rev 0x00: polling iic0 at piixpm0 adt0 at iic0 addr 0x2e: adt7476 rev 0x69 pciide2 at pci0 dev 2 function 1 "ServerWorks HT-1000 IDE" rev 0x00: DMA pcib0 at pci0 dev 2 function 2 "ServerWorks HT-1000 LPC" rev 0x00 ohci0 at pci0 dev 3 function 0 "ServerWorks HT-1000 USB" rev 0x01: irq 10, version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: ServerWorks OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered ohci1 at pci0 dev 3 function 1 "ServerWorks HT-1000 USB" rev 0x01: irq 10, version 1.0, legacy support usb1 at ohci1: USB revision 1.0 uhub1 at usb1 uhub1: ServerWorks OHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered ehci0 at pci0 dev 3 function 2 "ServerWorks HT-1000 USB" rev 0x01: irq 10 usb2 at ehci0: USB revision 2.0 uhub2 at usb2 uhub2: ServerWorks EHCI root hub, rev 2.00/1.00, addr 1 uhub2: 4 ports with 4 removable, self powered em0 at pci0 dev 4 function 0 "Intel PRO/1000MT (82541GI)" rev 0x05: irq 9, address 00:e0:81:72:7d:05 em1 at pci0 dev 5 function 0 "Intel PRO/1000MT (82541GI)" rev 0x05: irq 5, address 00:e0:81:72:7d:06 vga1 at pci0 dev 6 function 0 "XGI Technology Volari Z7" rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pchb0 at pci0 dev 24 function 0 "AMD AMD64 HyperTransport" rev 0x00 pchb1 at pci0 dev 24 function 1 "AMD AMD64 Address Map" rev 0x00 pchb2 at pci0 dev 24 function 2 "AMD AMD64 DRAM Cfg" rev 0x00 pchb3 at pci0 dev 24 function 3 "AMD AMD64 Misc Cfg" rev 0x00 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pmsi0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pmsi0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: spkr0 at pcppi0 fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 dkcsum: sd0 matches BIOS drive 0x80 dkcsum: sd1 matches BIOS drive
Re: Looking for readers of RFC's
On 6/9/07, Peter J. Philipp <[EMAIL PROTECTED]> wrote: On Fri, Jun 08, 2007 at 01:13:49PM +0200, Peter J. Philipp wrote: > Hi, > > I'm looking for up to 4000+ readers to read one RFC out loud and record it. > Please contact me to be handed a number to read. I'm looking to give these > to OpenBSD as a community effort. Please read my blog at http://centroid.eu > for more information. > > -peter Also I'm looking for people who would like to be proof-listeners with text and sound before them. Another set of people would be people translating RFC's into different languages, so I need speakers and proof-listeners for that as well. Don't feel shy, you'll get a number of RFC to do when you mail me with this subject. When you're done send the URL to me, and I'll put it up as a website, in the end we'll send it all to an Open Source project such as OpenBSD to serve RFC's spoken (with source code and kernel implementations), this is important because often bugs hide around things that aren't well understood, if listening to someone read it, it may help someone spoon feed the info into their head. I'll do it as long as I get RFC1149. Hell, I'd even translate it into boontling. Greg -- http://ticketmastersucks.org/tracker.html Dethink to survive - Mclusky
simple spamd questions
Hi, I am new to OpenBSD and SPAMD, so forgive if I say stupid questions. 1. When run in default mode (greylist), spamd knows the spammers come from blacklists in spamd.conf. But there is no spamd table in PF. How? 2. Is there one way to know how many and which are the blacklisted hosts at the moment? 3. A host that is not in any of blacklist in spamd.conf can be blacklisted? If so, how can I take one off this list? Thank you. Jeff -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
adaptec 2410sa raid card not reconized
Hello, I am trying to use an adaptec 2410sa raid sata card on Openbsd 4.1. But my card seems not to be recognized. In dmesg she does not appear. A have tried to boot with kernel on cd41.iso cdrom and with kernel installed in floppyB41.fs. But the results are rather the same : the cards seems not to be recognized. Can someone help me ? A little precison : my card is bridged on a 32 bits pci ports and she works we other os.
Re: adaptec 2410sa raid card not reconized
Read the notes on Adaptec hardware at http://www.openbsd.org/i386.html Best Martin
Re: General Answers about OpenBSD
On 6/9/07, Peter J. Philipp <[EMAIL PROTECTED]> wrote: There is always issues with shit in this box. It's a constant drain on nerves, but for some reason I still do it. ? -- An OpenBSD user... and that's all you need to know =) Please, send private emails to [EMAIL PROTECTED]
Odd errors
I keep getting these illegal instructions bugs when compiling the sources.. (make build)... anyone know what I may have to do here? from /usr/src/lib/libssl/src/crypto/asn1/a_strex.c:62: /usr/include/openssl/bn.h:474: internal compiler error: Illegal instruction Please submit a full bug report, with preprocessed source if appropriate. See http://gcc.gnu.org/bugs.html> for instructions. *** Error code 1 OpenBSD 4.1-current (GENERIC) #1025: Wed May 30 03:53:04 MDT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 1073278976 (1023MB) avail mem = 1025294336 (977MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf (39 entries) bios0: MICRO-STAR INTERNATIONAL CO., LTD MS-7125 acpi0 at mainbus0: rev 0 acpi0: tables DSDT FACP MCFG APIC acpitimer at acpi0 not configured acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (HUB0) acpicpu at acpi0 not configured acpitz at acpi0 not configured acpibtn at acpi0 not configured cpu0 at mainbus0: (uniprocessor) cpu0: AMD Athlon(tm) 64 Processor 3500+, 2211.58 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,NXE,MMXX,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: AMD errata 86, 89, 97, 104 present, BIOS upgrade may be required cpu0: Cool'n'Quiet K8 2211 MHz: speeds: 2200 2000 1800 1000 MHz pci0 at mainbus0 bus 0: configuration mode 1 "NVIDIA nForce4 DDR" rev 0xa3 at pci0 dev 0 function 0 not configured pcib0 at pci0 dev 1 function 0 "NVIDIA nForce4 ISA" rev 0xa3 nviic0 at pci0 dev 1 function 1 "NVIDIA nForce4 SMBus" rev 0xa2 iic0 at nviic0 iic1 at nviic0 iic1: addr 0x2f 00=84 01=0f 02=10 03=00 04=07 05=20 06=18 07=00 08=00 14=14 15=62 16=02 17=05 ohci0 at pci0 dev 2 function 0 "NVIDIA nForce4 USB" rev 0xa2: irq 12, version 1.0, legacy support ehci0 at pci0 dev 2 function 1 "NVIDIA nForce4 USB" rev 0xa3: irq 10 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 uhub0: NVIDIA EHCI root hub, rev 2.00/1.00, addr 1 uhub0: 10 ports with 10 removable, self powered auich0 at pci0 dev 4 function 0 "NVIDIA nForce4 AC97" rev 0xa2: irq 5, nForce4 AC97 ac97: codec id 0x414c4790 (Avance Logic ALC850 rev 0) audio0 at auich0 pciide0 at pci0 dev 6 function 0 "NVIDIA nForce4 IDE" rev 0xa2: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide0: channel 0 disabled (no drives) atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, DMA mode 2 pciide1 at pci0 dev 7 function 0 "NVIDIA nForce4 SATA" rev 0xa3: DMA pciide1: using irq 10 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 wd1 at pciide1 channel 1 drive 0: wd1: 16-sector PIO, LBA48, 238475MB, 488397168 sectors wd1(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 5 pciide2 at pci0 dev 8 function 0 "NVIDIA nForce4 SATA" rev 0xa3: DMA pciide2: using irq 12 for native-PCI interrupt atapiscsi1 at pciide2 channel 0 drive 0 scsibus1 at atapiscsi1: 2 targets cd1 at scsibus1 targ 0 lun 0: SCSI0 5/cdrom removable cd1(pciide2:0:0): using PIO mode 4, Ultra-DMA mode 5 ppb0 at pci0 dev 9 function 0 "NVIDIA nForce4 PCI-PCI" rev 0xa2 pci1 at ppb0 bus 1 vendor "Motorola", unknown product 0x3052 (class communications subclass modem, rev 0x04) at pci1 dev 7 function 0 not configured ahc0 at pci1 dev 8 function 0 "Adaptec AHA-19160B U160" rev 0x02: irq 11 scsibus2 at ahc0: 16 targets nfe0 at pci0 dev 10 function 0 "NVIDIA CK804 LAN" rev 0xa3: irq 3, address 00:0c:76:50:a9:48 eephy0 at nfe0 phy 1: Marvell 88E Gigabit PHY, rev. 2 ppb1 at pci0 dev 11 function 0 "NVIDIA nForce4 PCIE" rev 0xa3 pci2 at ppb1 bus 2 ppb2 at pci0 dev 12 function 0 "NVIDIA nForce4 PCIE" rev 0xa3 pci3 at ppb2 bus 3 ppb3 at pci0 dev 13 function 0 "NVIDIA nForce4 PCIE" rev 0xa3 pci4 at ppb3 bus 4 ppb4 at pci0 dev 14 function 0 "NVIDIA nForce4 PCIE" rev 0xa3 pci5 at ppb4 bus 5 vga1 at pci5 dev 0 function 0 vendor "NVIDIA", unknown product 0x016a rev 0xa1 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pchb0 at pci0 dev 24 function 0 "AMD AMD64 HyperTransport" rev 0x00 pchb1 at pci0 dev 24 function 1 "AMD AMD64 Address Map" rev 0x00 pchb2 at pci0 dev 24 function 2 "AMD AMD64 DRAM Cfg" rev 0x00 pchb3 at pci0 dev 24 function 3 "AMD AMD64 Misc Cfg" rev 0x00 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcp
Re: How much time to 'master' OpenBSD
Like the other guy said 4-5 years. And that I would say I'm above intermediate level but not an advanced level. I don't look at it so much as how long to master OpenBSD but how long to master Unix! I read somewhere when I first started learning Unix, that no knows everything there is to know about Unix. So I'd say I'll be spending the rest of my life learning Unix. I found that OpenBSD is better to learn Unix than Linux. Linux I find to be to overwhelming to learn Unix because of all the bloat it has (i.e. 5 text editors on one distro). I've also found that OpenBSD is hard to learn to easy to use. It may be hard to learn what configuration you need to change in a text file to make something work the way you want, but once you learn, the task is as easy as "making a change in a text file". I'd say subjectively that 80% of "learning OpenBSD" is not learning OpenBSD, but learning bind, sendmail, ftp, vi, etc. There are whole books on those individual programs.
Re: About BSD Certification
dreamwvr wrote: Just my 2 cents. Personally there is nothing wrong with making money. What I find sad is when that becomes the only way to enter the fray. For example the CISSP certification cost quite a bit and is used as a secret handshake by quite a few corps. It is the tip of the iceberg and is geared to those with lots of money to throw around. This means from observation that some are denied entry just because they do not have the dough to SHELL out. Hey it is an excellent baseline but certainly not the holy grail many tout it to be. By the way anyone willing to verify I have been involved in security for the past num++ years so I can get my CISSP certification. :-) I can tell you that I used to higher many people in my previous life and now time to time with two of my business and I can honestly say that every time someone comes to me with flashing all the various credential, specially all the various MCSE one. I really get a big trip out of candidate that send you CV with signature with credential at the bottom of the emails longer then their CV itself. Time have show my over and over that candidate that need to justify what they know by papers are not the one that get the job done when you are in crisis and as such, that become my quick filter before the interview as to who not to invite. Not to bust your bubble, but really, that's what I do and I never regretted it yet once! The best candidate are always the one that can explain it without fuss, show you by example and just get it done without the needs to put themselves on a pedestal! I can also tell you that as of now, for many years, not once yet did I had to provide support to a MSCE guys that wasn't wrong in his setup. I love getting these emails with, you have a network problem, of setup wrong here, or what ever and they signed their emails with more crediential then the 8 1/2 by 11 sheet of paers can hold. Best, Daniel
Re: simple spamd questions
On 2007/06/09 13:17, Jeff Santos wrote: > 1. When run in default mode (greylist), spamd knows the spammers come > from blacklists in spamd.conf. But there is no spamd table in PF. > How? Everyone who isn't whitelisted gets redirected to spamd, so there's only a need for a copy of the table in spamd itself. Pre-4.1 this was fed into a separate PF table _as well as_ into spamd, but the PF table isn't needed any more unless you use blacklist-only mode. This is a good thing since it takes pressure off kernel memory for the PF table, and lets you use larger blacklists. (this wasn't just a cosmetic 'most people use greylisting so make it the default' change). > 2. Is there one way to know how many and which are the blacklisted > hosts at the moment? You could run spamd -dv and watch output, but that's not a general method. I don't think there's an easy way to find this out directly (pulling the files by ftp(1) then loading them into spamd-setup with method=file is probably the simpelst way if you need that). > 3. A host that is not in any of blacklist in spamd.conf can be > blacklisted? If so, how can I take one off this list? I'm having trouble parsing this question..
Re: simple spamd questions
--- Jeff Santos <[EMAIL PROTECTED]> wrote: > Hi, > > I am new to OpenBSD and SPAMD, so forgive if I say stupid questions. > > 1. When run in default mode (greylist), spamd knows the spammers come > from blacklists in spamd.conf. But there is no spamd table in PF. > How? Greylisting and blacklisting are separate mechanisms. You can implement one without the other. If you using blacklisting then you must have a spmad table set up in pf.conf that redirects hosts to spamd that may optionally engage stuttering. > 2. Is there one way to know how many and which are the blacklisted > hosts at the moment? Yes. Which hosts: # pfctl -t spamd -T show How many: # pfctl -t spamd -T show | wc -l > 3. A host that is not in any of blacklist in spamd.conf can be > blacklisted? If so, how can I take one off this list? Yes, you can create your own blacklist (a local file). To take one off simply remove it from the blacklist (did I miss something?). Juan Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail at http://mrd.mail.yahoo.com/try_beta?.intl=ca
Re: adaptec 2410sa raid card not reconized
Martin, I have already read notes on adaptec hardware : Adaptec FSA-based RAID controllers (aac), including: (*) Note: In the past year Adaptec has lied to us repeatedly about forthcoming documentation so that RAID support for these (rather buggy) raid controllers could be stabilized, improved, and managed. As a result, we do not recommend the Adaptec cards for use. * Adaptec AAC-2622, AAC-364, AAC-3642, 2130S, 2200S, 2230SLP, 2410SA, 2610SA, 2810SA, 21610SA But I understood that adaptec 2410SA is supported but not recommended by openbsd Is that wrong ? My card is not supported ? Thanks luccio -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Martin Schrvder Envoyi : samedi 9 juin 2007 20:39 @ : Misc OpenBSD Objet : Re: adaptec 2410sa raid card not reconized Read the notes on Adaptec hardware at http://www.openbsd.org/i386.html Best Martin
Re: adaptec 2410sa raid card not reconized
luccio01 wrote: > Hello, > > I am trying to use an adaptec 2410sa raid sata card on Openbsd 4.1. > But my card seems not to be recognized. > In dmesg she does not appear. > > A have tried to boot with kernel on cd41.iso cdrom and with kernel installed > in floppyB41.fs. > But the results are rather the same : the cards seems not to be recognized. > > Can someone help me ? > > A little precison : my card is bridged on a 32 bits pci ports and she works > we other os. > > Feel free to use my kernel and CD image for 4.1 with aac enabled http://www.llorien.org/OpenBSD/4.1/i386/bsd.aac http://www.llorien.org/OpenBSD/4.1/i386/bsd.rd.aac http://www.llorien.org/OpenBSD/4.1/i386/cdrom41.fs.aac
Re: samba: really low throughput
Jacob Yocom-Piatt wrote: got a 4.1-release machine that shares its disks via samba to a few windows xp workstations and is transferring files slow as molasses (1 GB file takes ~30 min to transfer). this machine serves FTP at ~10 MBps, close to linespeed for 100 Mbit, so disk speed is not the bottleneck on the server side. i expect to go gigabit on this stuff in another week or two so any further tips that apply in that regime would be nice to see. Try comparing local transfers via smbclient vs. ftp, see if taking the network out of the picture makes a difference. Beyond that, you'll probably have to look at a network trace to see what's going wrong.
uath kernel panic on sparc64
I have a TRENDnet TEW-444UB that is supported under the atheros driver, and works wonderfully on i386. Sparc64 however, is a different story. If I plug the device in to an already running system, it is recognized and nothing seems to go terribly wrong, I can even scan with `ifconfig -M uath0`. However, it cannot associate with any access points. And if I have the device in at startup I get a pretty nasty kernel panic. It is also worth noting that I am not actually detaching the device when those events come up in the dmesg. I have posted this previously to bugs@, but I decided to repost it to misc@ in the hopes of getting a wider audience, this is also with the latest snapshot, previous post was with 4.1-release. keyboard not found. Sun Blade 100 (UltraSPARC-IIe), No Keyboard OpenBoot 4.0, 1664 MB memory installed, Serial #51234104. Ethernet address 0:3:ba:d:c5:38, Host ID: 830dc538. Rebooting with command: boot Boot device: /[EMAIL PROTECTED],0/[EMAIL PROTECTED]/[EMAIL PROTECTED],0:a File and args: OpenBSD IEEE 1275 Bootblock 1.1 ..>> OpenBSD 4.1 (obj) #1: Wed Mar 7 02:44:33 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/sparc64/stand/ofwboot/obj : trying bsd... Booting /[EMAIL PROTECTED],0/[EMAIL PROTECTED]/[EMAIL PROTECTED],0:a/bsd [EMAIL PROTECTED]@[EMAIL PROTECTED] symbols @ 0xfef88240 52+299040+178911 start=0x100 [ using 478584 bytes of bsd ELF symbol table ] console is /[EMAIL PROTECTED],0/[EMAIL PROTECTED]/[EMAIL PROTECTED],3f8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2007 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.1-current (GENERIC) #1312: Fri Jun 8 16:54:02 MDT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/sparc64/compile/GENERIC real mem = 1744830464 (1664MB) avail mem = 1672323072 (1594MB) mainbus0 at root: Sun Blade 100 (UltraSPARC-IIe) cpu0 at mainbus0: SUNW,UltraSPARC-IIe (rev 1.4) @ 502 MHz, version 0 FPU cpu0: physical 16K instruction (32 b/l), 16K data (32 b/l), 256K external (64 b/l) psycho0 at mainbus0: pci108e,a001, impl 0, version 0, ign 7c0 psycho0: bus range 0-1, PCI bus 0 psycho0: dvma map c000-dfff, iotdb 230c000-238c000 pci0 at psycho0 ebus0 at pci0 dev 12 function 0 "Sun RIO EBus" rev 0x01 "flashprom" at ebus0 addr 0-f not configured clock1 at ebus0 addr 0-1fff: mk48t59 ebus1 at pci0 dev 7 function 0 "Acer Labs M1533 ISA" rev 0x00 "dma" at ebus1 addr 0- ipl 42 not configured power0 at ebus1 addr 800-82f ipl 32 com0 at ebus1 addr 3f8-3ff ipl 43: ns16550a, 16 byte fifo com0: console com1 at ebus1 addr 2e8-2ef ipl 43: ns16550a, 16 byte fifo gem0 at pci0 dev 12 function 1 "Sun ERI Ether" rev 0x01: ivec 0x7c6, address 00:03:ba:0d:c5:38 ukphy0 at gem0 phy 1: Generic IEEE 802.3u media interface, rev. 1: OUI 0x0010dd, model 0x0002 "Sun FireWire" rev 0x01 at pci0 dev 12 function 2 not configured ohci0 at pci0 dev 12 function 3 "Sun USB" rev 0x01: ivec 0x7e4, version 1.0, legacy support alipm0 at pci0 dev 3 function 0 "Acer Labs M7101 Power" rev 0x00: 223KHz clock iic0 at alipm0 admtemp0 at iic0 addr 0x18: max1617 autri0 at pci0 dev 8 function 0 "Acer Labs M5451 Audio" rev 0x01: ivec 0x7e3 ac97: codec id 0x41445348 (Analog Devices AD1881A) ac97: codec features headphone, Analog Devices Phat Stereo audio0 at autri0 midi0 at autri0: <4DWAVE MIDI UART> pciide0 at pci0 dev 13 function 0 "Acer Labs M5229 UDMA IDE" rev 0xc3: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide0: using ivec 0x7cc for native-PCI interrupt wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA, 19458MB, 39851760 sectors atapiscsi0 at pciide0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) vgafb0 at pci0 dev 19 function 0 "ATI Rage XL" rev 0x27 wsdisplay0 at vgafb0 wsdisplay0: screen 0 added (std, sun emulation) ppb0 at pci0 dev 5 function 0 "DEC 21152 PCI-PCI" rev 0x03 pci1 at ppb0 bus 1 usb0 at ohci0: USB revision 1.0 uhub0 at usb0: Sun OHCI root hub, rev 1.00/1.00, addr 1 "pcons" at mainbus0 not configured uath0 at uhub0 port 4 uath0: Atheros Communications Inc AR5523, rev 2.00/0.01, addr 2 softraid0 at root bootpath: /[EMAIL PROTECTED],0/[EMAIL PROTECTED],0/[EMAIL PROTECTED],0 root on wd0a swap on wd0b dump on wd0b uath0: at uhub0 port 4 (addr 2) disconnected uath0 detached panic: kernel data fault: pc=1392bd0 addr=feef0065c000 kdb breakpoint at 1376fa0 Stopped at Debugger+0x4: nop RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! ddb> trace data_access_fault(1c09af0, 30, 1392bd0, feef0065c000, feef0065c34f, 0) a t data_access_fault+0x304 trapbase(40001a43000, 4, 1c09ce0, 1088, 40017eda000, 3e8) at trapbase+0x87ac uath
Re: uath kernel panic on sparc64
On 6/9/07, Jimmy Mitchener <[EMAIL PROTECTED]> wrote: I have a TRENDnet TEW-444UB that is supported under the atheros driver, and works wonderfully on i386. Sparc64 however, is a different story. If I plug the device in to an already running system, it is recognized and nothing seems to go terribly wrong, I can even scan with `ifconfig -M uath0`. However, it cannot associate with any access points. And if I have the device in at startup I get a pretty nasty kernel panic. It is also worth noting that I am not actually detaching the device when those events come up in the dmesg. It is now panicking when plugged in to an already running system. OpenBSD/sparc64 (blade.my.domain) (console) login: root Password: Last login: Sat Jun 9 12:34:56 on console OpenBSD 4.1-current (GENERIC) #1312: Fri Jun 8 16:54:02 MDT 2007 Welcome to OpenBSD: The proactively secure Unix-like operating system. Please use the sendbug(1) utility to report bugs in the system. Before reporting a bug, please try to reproduce it with the latest version of the code. With bug reports, please try to ensure that enough information to reproduce the problem is enclosed, and if a known fix for it exists, include that as well. You have new mail. Terminal type? [sun] # ifconfig lo0: flags=8049 mtu 33168 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 gem0: flags=8822 mtu 1500 lladdr 00:03:ba:0d:c5:38 media: Ethernet autoselect (none) status: no carrier enc0: flags=0<> mtu 1536 uath0: flags=8802 mtu 1500 lladdr 00:14:d1:c1:b7:24 groups: wlan media: IEEE802.11 autoselect status: no network ieee80211: nwid "" 100dBm # ifconfig -M uath0 uath0: flags=8802 mtu 1500 lladdr 00:14:d1:c1:b7:24 groups: wlan media: IEEE802.11 autoselect status: no network ieee80211: nwid "" 100dBm nwid "Drittz's Home" chan 6 bssid 00:06:25:f8:78:08 5dB 11M pollable,privacy nwid Poolie chan 6 bssid 00:0c:41:6f:a3:b6 7dB 11M pollable,privacy nwid HomeNet chan 10 bssid 00:0d:93:80:ab:bc 21dB 54M privacy,short_slottime nwid leftsquareA chan 2 bssid 00:0f:3d:aa:32:43 34dB 54M privacy nwid Rick chan 11 bssid 00:11:50:c8:7d:6e 8dB 54M privacy,short_preamble,short_slottime lladdr 00:14:bf:33:ea:0a 0dB 11M cache nwid leftsquare chan 6 bssid 00:16:01:4a:bb:64 30dB 54M privacy,short_slottime nwid Shutit chan 1 bssid 00:17:3f:a1:11:d4 10dB 54M privacy,short_slottime nwid linksys chan 6 bssid 00:1a:70:4a:bc:35 3dB 54M privacy,short_slottime nwid linksys_SES_35661 chan 6 bssid 00:1a:70:57:c9:81 9dB 54M privacy,short_slottime lladdr 06:86:ee:21:b5:6a 0dB 11M cache lladdr 07:8d:cc:52:c9:81 0dB 54M cache lladdr 20:b2:73:4a:b0:bf 0dB 54M cache lladdr 26:be:dd:9e:e9:7c 0dB 54M cache lladdr 29:4e:ff:2f:9b:f6 0dB 54M cache lladdr 60:88:1d:75:87:a7 0dB 11M cache lladdr 92:93:48:4f:2c:f7 0dB 11M cache lladdr 97:cf:6f:df:ed:ff 0dB 54M cache # data error type 32 sfsr=0 sfva=4d646000 afsr=8400 afva=1fe02000600 tf=0x400175ab9c0 panic: data fault: pc=1347558 addr=4d646000 sfsr=0 kdb breakpoint at 1376fa0 Stopped at Debugger+0x4: nop RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! ddb> trace ddb> ps PID PPID PGRPUID S FLAGS WAIT COMMAND 29265 1 29265 0 3 0x4082 ttyin ksh 28527 1 28527 0 30x80 select cron 18180 1 18180 0 3 0x40180 select sendmail 8236 1 8236 0 30x80 select sshd 20166 1 20166 0 3 0x180 select inetd 14255 2873 2873 83 3 0x180 poll ntpd 2873 1 2873 0 30x80 poll ntpd 5393 1026 1026 73 2 0x180 syslogd 1026 1 1026 0 30x88 netio syslogd 13 0 0 0 30x100200 crypto_wa crypto 12 0 0 0 30x100200 aiodoned aiodoned 11 0 0 0 20x100200 update 10 0 0 0 30x100200 cleanercleaner 9 0 0 0 30x100200 reaper reaper 8 0 0 0 30x100200 pgdaemon pagedaemon 7 0 0 0 30x100200 pftm pfpurge 6 0 0 0 30x100200 usbtsk usbtask 5 0 0 0 30x100200 usbevt usb0 *4 0 0 0 70x100200 sensors 3 0 0 0 30x100200 bored syswq 2 0 0 0 30x100200 kmallockmthread 1 0 1
Re: How much time to 'master' OpenBSD
On 6/8/07, Ted Unangst <[EMAIL PROTECTED]> wrote: i'm going to be different and say 3 months, but probably much less than that. Not to be an expert, or even a competent sysadmin, in my case. It was 1992, and I was working the VMS hell desk for the school as a student worker. Heard about this new "unix" system they have, so I asked for an acount. Got one, logged in, and couldn't do anything. Went back to the person who gave me an account, and asked for help. She told me to type "learn". And that's how I got started. Do a lot of reading and learning on my own, read RFCs even, when people pointed them to me. Hung out around comp.sys, alt.hackers, alt.unix.wizards. I learn quite a bit, then reached a level of competence as a user. Then, another growth spurt, and I learn about system administration. After a while, I could install/configure a basic system, but didn't have large system/big installation experience. Read a lot more, test things out a lot more, picked up some good books that filled in the holes in my knowledge (on certain things, I still suck, printing, for example). Being employed to do system admin type stuff was helpful, because I now have to learn how to do certain things, and also document them for others - yes, even writing good documentation is a good sysadmin skill [the guy who took over after I left was reading my docs one day, and asked around about me - then said that just from what I wrote, it would have been cool to meet me, heh :)] you can learn enough vi (or mg) to do basic tasks like editing config files within a day. And then, practice, practice, practice you can learn enough about starting apache, named, or whatever to use the shipped default configs in about a day for each service. Probably will need a bit more time, if he wants to understand what he is doing, if he didn't have a network/service background. Obviously learning a second service is easier, and then easier for a third. Don't try to play with sendmail, just go postfix or exim :) needed to learn regex back expressions. yes, to master openbsd takes a long time, but you don't need to be a master to use it successfully. you only need to master the parts you use. By the time I got to openbsd (around 2.4 or so), I've already been playing with ultrix, osf/1, sunos, solaris and the slackware (never did like rhell, _ever_), so picking openbsd up wasn't an issue. Read the install file, read the manpages, done. One thing openbsd does very well is the, everything has a manpage mantra. And I was so impressed/surprised when Theo took committed code *OUT* because the manpage hasn't been written yet. OpenBSD is a good operating system to start on. It doesn't have some of the things that you may, or may not need, but you can definitely learn a lot from it, and if you go to other OSes from OpenBSD, you'll be coming in strong. Also take a look at usenix/sage's system administration levels, that should give you a good roadmap on the kinds of skills needed. A couple of good books to get you started: UNIX System Administration (purple book, I had the 2nd edition which was red) and any of the books by the guy who wrote Advanced Unix programming. Also go over to Matt Bishop's website, and read the articles/classes he has up. The most important thing is this - it's not how well you can tune sendmail or whatever, but the mindset. If you have the correct mindset, when you encounter a new problem, you'll be able to figure out how to fix it. -- "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation.
Re: General Answers about OpenBSD
2007/6/9, Leonardo Rodrigues <[EMAIL PROTECTED]>: > > On 6/9/07, Peter J. Philipp <[EMAIL PROTECTED]> wrote: > > There is always issues with shit in this box. > > It's a constant drain on nerves, but for some reason I still do it. > > ? Maybe he tried to compare openbsd speed with another un*x on desktop?
Re: adaptec 2410sa raid card not reconized
Renaud, Thanks for your help In fact I understand GENERIC kernel is not configured with aac driver active. So, to produce a kernel with aac active I just need to use a config file for kernel compilation with this 2 lines uncommented : #aac* at pci? # Adaptec FSA RAID controllers #scsibus* at aac? Is that right ? And what do you think about stability of aac driver ? Because I read it is not a good idea to use it ... Thanks luccio -Message d'origine- De : Renaud Allard [mailto:[EMAIL PROTECTED] Envoyi : samedi 9 juin 2007 22:39 @ : luccio01 Cc : misc@openbsd.org Objet : Re: adaptec 2410sa raid card not reconized luccio01 wrote: > Hello, > > I am trying to use an adaptec 2410sa raid sata card on Openbsd 4.1. > But my card seems not to be recognized. > In dmesg she does not appear. > > A have tried to boot with kernel on cd41.iso cdrom and with kernel installed > in floppyB41.fs. > But the results are rather the same : the cards seems not to be recognized. > > Can someone help me ? > > A little precison : my card is bridged on a 32 bits pci ports and she works > we other os. > > Feel free to use my kernel and CD image for 4.1 with aac enabled http://www.llorien.org/OpenBSD/4.1/i386/bsd.aac http://www.llorien.org/OpenBSD/4.1/i386/bsd.rd.aac http://www.llorien.org/OpenBSD/4.1/i386/cdrom41.fs.aac
WWW to go public, if pf would let me
Hello Everyone;
# ifconfig -A
rl0: flags=8843 mtu 1500
lladdr 00:50:bf:3a:2e:66
groups: egress
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::250:bfff:fe3a:2e66%rl0 prefixlen 64 scopeid 0x1
inet 64.142.102.8 netmask 0xff00 broadcast 64.142.102.255
inet 64.142.102.9 netmask 0xff00 broadcast 64.142.102.255
inet 64.142.102.10 netmask 0xff00 broadcast 64.142.102.255
inet 64.142.102.11 netmask 0xff00 broadcast 64.142.102.255
rl1: flags=8843 mtu 1500
lladdr 00:13:46:30:0b:b2
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::213:46ff:fe30:bb2%rl1 prefixlen 64 scopeid 0x2
inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255
vr0: flags=8843 mtu 1500
lladdr 00:19:5b:3d:12:12
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::219:5bff:fe3d:1212%vr0 prefixlen 64 scopeid 0x3
inet 192.168.0.1 netmask 0xff00 broadcast 192.168.0.255
# cat /etc/pf.conf
# $OpenBSD: pf.conf,v 1.31 2006/01/30 12:20:31 camield Exp $
# See pf.conf(5) and /usr/share/pf for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.
#Macros
# 192.168.0.1 subnet
ext_ip="64.142.102.8"
int_ip="192.168.0.1"
int_block="192.168.0.0/24"
#DMZ subnet
#Interface
dmz_ip="192.168.1.1"
dmz_block="192.168.1.0/24"
#DNS 1
scarlett="192.168.1.2"
pub_scarlett="64.142.102.9"
#DNS 2
shelly="192.168.1.3"
pub_shelly="64.142.102.10"
#WWW 1
www_ip="192.168.1.4"
pub_www="64.142.102.11"
#DMZ Services
services="{ domain, www, smtp, }"
#Normalizing
scrub in all
#NAT and Binat
nat on rl0 from $int_block to any -> $ext_ip
binat on rl0 from $scarlett to any -> $pub_scarlett
binat on rl0 from $shelly to any -> $pub_shelly
binat on rl0 from $www_ip to any -> $pub_www
#Redirection
rdr on rl1 proto tcp from any to 64.142.102.11 port 80 -> $www_ip port 8000
rdr on rl1 proto udp from any to any port domain -> $shelly
rdr on rl1 proto udp from any to any port domain -> $scarlett
#Default block policy
block all
#Anti-spoofing
block in quick from urpf-failed
#vr0 traffic
pass in on vr0 proto tcp from $int_block to any port 6112
pass in on vr0 proto tcp from $int_block to any port 80
pass in on vr0 proto tcp from $int_block to 207.212.58.16 port 25
pass in on vr0 proto { udp, icmp } from $int_block to any
#rl1 traffic
pass in log on rl1 proto tcp from $dmz_block to $www_ip port 80
pass in log on rl1 proto udp from $dmz_block to $shelly port domain
pass in log on rl1 proto udp from $dmz_block to $scarlett port domain
pass out on rl1 proto tcp from $www_ip to any port 80
pass out on rl1 proto udp from $shelly to any port domain
pass out on rl1 proto udp from $scarlett to any port domain
#rl0 traffic
pass in on rl0 inet proto { tcp, udp } all modulate state
pass out on rl0 proto { tcp, udp, icmp } all modulate state
pass in log on rl0 proto tcp from any to $www_ip port 80
pass in log on rl0 proto udp from any to $shelly port domain
pass in log on rl0 proto udp from any to $scarlett port domain
#dmesg
OpenBSD 4.1 (GENERIC) #1435: Sat Mar 10 19:07:45 MST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III ("GenuineIntel" 686-class) 931 MHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem = 401108992 (391708K)
avail mem = 357941248 (349552K)
using 4278 buffers containing 20180992 bytes (19708K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+ BIOS, date 10/14/00, BIOS32 rev. 0 @ 0xfd8a0
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xfd8a0/0x760
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf50/144 (7 entries)
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82371FB ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xa000
acpi at mainbus0 not configured
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82810E" rev 0x03: rng active, 7Kb/sec
vga1 at pci0 dev 1 function 0 "Intel 82810E Graphics" rev 0x03: aperture
at 0xf800, size 0x400
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb0 at pci0 dev 30 function 0 "Intel 82801AA Hub-to-PCI" rev 0x02
pci1 at ppb0 bus 1
rl0 at pci1 dev 11 function 0 "Realtek 8139" rev 0x10: irq 5, address
00:50:bf:3a:2e:66
rlphy0 at rl0 phy 0: RTL internal PHY
rl1 at pci1 dev 13 function 0 "D-Link Systems 530TX+" rev 0x10: irq 9,
address 00:13:46:30:0b:b2
rlphy1 at rl1 phy 0: RTL internal PHY
vr0 at pci1 dev 14 function 0 "VIA VT6105 RhineIII" rev 0x86: irq 10,
address 00:19:5b:3d:12:12
ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev
