date:20071016

MegaRAID SAS 8204XLP (amd64)

2007-10-16 Thread Taso N. Devetzis

Hello,

Per the man page, the mfi driver supports the MegaRAID SAS family of
RAID controllers, including the 8208XLP.  Can anyone confirm/deny
support for the 4-port version (8204XLP) in 4.x?  While the LSI/Dell
MegaRAID SAS controller family is mentioned on the amd64 platform
page, I would like to confirm support for this specific model.  I have
searched the mail archives and Google with no results.

Opinions on this HBA are welcome as well (trying to avoid 3Ware).

Thanks,
/taso

Re: vic(4) on ESX 3.0.2

2007-10-16 Thread Christian Plattner

Sometimes it is very annoying that your settings in the .vmx won't be 
respected / changed back by the VI client.


A very slow, but bullet-proof method is the following:

1.) Connect directly with the VI client to the ESX
(I do not have virtual center)

2.) Stop the VM and remove it from the inventory.
(right click on the vm in the left pannel,
then Remove from the Inventory)

3.) Change the .vmx file, i.e., append something like

(if you want to use the em driver and have 3 interfaces)

ethernet0.virtualDev = e1000
ethernet1.virtualDev = e1000
ethernet2.virtualDev = e1000

or (if you want to use use the vic driver)

ethernet0.virtualDev = vmxnet
ethernet1.virtualDev = vmxnet
ethernet2.virtualDev = vmxnet

4.) Add the VM again to the repository.

(With the VI client, go to the global Configuration Tab,
click on Storage (SCSI, SAN and NFS), then right-click
on the storage (i.e., typically storage1) and choose Browse
Datastore Search for the .vmx file and then via
right-click Add to Inventory.)

Brother HL-5250DN printer w/OpenBSD

2007-10-16 Thread Pawel Veselov

Hello,

I spent some time picking a relatively cheap printer that I can also use
with OpenBSD, and finally got a Brother HL-5250DN, that can connect over
ethernet and has duplex printing. I put together an instruction sheet at
http://manticore.2y.net/hl5250dn.html, if anyone's interested.

Thanks,
  Pawel.

-- 
With best of best regards
Pawel S. Veselov

Re: Brother HL-5250DN printer w/OpenBSD

2007-10-16 Thread Predrag Punosevac


Pawel Veselov wrote:

Hello,

I spent some time picking a relatively cheap printer that I can also use
with OpenBSD, and finally got a Brother HL-5250DN, that can connect over
ethernet and has duplex printing. I put together an instruction sheet at
http://manticore.2y.net/hl5250dn.html, if anyone's interested.

Thanks,
  Pawel.

  
Forgive me for saying this but I just do not get it. Why did you need to 
use Linux compatibility layer when CUPS is

OpenBSD packages?

cups-1.2.7.tgz

1. Install cups

2. Use the default cupsd.conf that came with the package

3. Ran the following two commands

/usr/local/sbin/cupsd -c /etc/cups/cupsd.conf
/usr/local/sbin/cups-enable


That is to hide native commands for lpd. Note lpd daemon is off by 
default anyway


4. Adjust permissions since the CUPS daemon is not supper user. (For 
example for my locally attached printer chmod 0666 /dev/lpt0 )


5. Start cups daemon

6. Go to http://localhost:631 for a printer administration

7. Rest is self explanatory. When directed to download PPD file go to 
http://www.linux-foundation.org/en/OpenPrinting

to get  the one you  need.



Why is your how to released under GPL license? Because of CUPS license?

Re: Brother HL-5250DN printer w/OpenBSD

2007-10-16 Thread Pawel Veselov

Hi,

The processing filter for the printer is a pre-compiled Linux binary.
The GPL license is because of Brother CUPS and LPD drivers.

Thanks,
  Pawel.


On 10/16/07, Predrag Punosevac [EMAIL PROTECTED] wrote:

 Pawel Veselov wrote:
  Hello,
 
  I spent some time picking a relatively cheap printer that I can also use
  with OpenBSD, and finally got a Brother HL-5250DN, that can connect over
  ethernet and has duplex printing. I put together an instruction sheet at
  http://manticore.2y.net/hl5250dn.html, if anyone's interested.
 
  Thanks,
Pawel.
 
 
 Forgive me for saying this but I just do not get it. Why did you need to
 use Linux compatibility layer when CUPS is
 OpenBSD packages?

 cups-1.2.7.tgz

 1. Install cups

 2. Use the default cupsd.conf that came with the package

 3. Ran the following two commands

 /usr/local/sbin/cupsd -c /etc/cups/cupsd.conf
 /usr/local/sbin/cups-enable


 That is to hide native commands for lpd. Note lpd daemon is off by
 default anyway

 4. Adjust permissions since the CUPS daemon is not supper user. (For
 example for my locally attached printer chmod 0666 /dev/lpt0 )

 5. Start cups daemon

 6. Go to http://localhost:631 for a printer administration

 7. Rest is self explanatory. When directed to download PPD file go to
 http://www.linux-foundation.org/en/OpenPrinting
 to get  the one you  need.



 Why is your how to released under GPL license? Because of CUPS license?




-- 
With best of best regards
Pawel S. Veselov

Re: : expansion of FAQ# 1.10 re OpenBSD as a desktop system

2007-10-16 Thread Jan Stary

On Oct 15 19:34:38, Douglas A. Tutty wrote:
 On Mon, Oct 15, 2007 at 03:57:19PM +0200, Jan Stary wrote:
  On Oct 15 09:16:39, Douglas A. Tutty wrote:
   Well, at least I know that I'm not alone in needing to use flash to get
   real work done (not for games or other time-wasters).  Which means that
   for any box from which I want to get real work done, I can't use
   OpenBSD.  It would be great if it were possible to somehow wrap up
   fireforx + flash so that it was possible and safe to run as a normal
   user on OpenBSD.  By which I don't mean to suggest that you need to be
   root to run it but instead that I know that in general its not wise to
   run any X app, especially a browser to the net, as root.
  
  In general, it's not wise to use flash to get real work done.
  
 
 I need to look something up in a catalog.  The catalog doesn't come
 in print.  I phone the supplier, they say look on the web.  Its in
 flash.  So, I need flash to get work done.

See? That's exactly what was talking about.

Jan

Tackilng multiple versions of autoconf

2007-10-16 Thread Amarendra Godbole

Hi,

A peculiar thing I noticed with many ports is they need different versions of
autoconf installed (set through the AUTOCONF_VERSION variable) - so in the
end, my system has 3 versions after a couple of port builds (2.13, 2.59, and
2.61). The 2.61 version seems to be the latest one.

In order to avoid having multiple autoconf versions, I bumped the versions of
a couple of ports (cdparanoia, tcl, tk) to the latest (2.61), and
built them. They
did fine. Is any effort underway, which aims at baselining the autoconf versions
across the board? (it need not be the latest, but something which can compile
*all* ports). If not, I'd like to volunteer for this effort. Here is
how I plan to tackle
it:
1. search for AUTOCONF_VERSION= across all port Makefiles, and make a list
of all ports that use autoconf
2. try building each port with the latest version of autoconf, and go back one
version until the port builds.
3. if all versions are required (wasted effort of 1. and 2.),
individually check each
port to see what do they need more/less to configure with latest
autoconf (if
needed contact the port maintainer).
4. iterate through steps 2 and 3, until only one autoconf version is used
throughout.

It is possible that by the time the above steps are executed, a newer autoconf
is released. Maybe in the future, individual port maintainer can be given the
responsibility of bumping the autoconf version to the latest.

If someone is already working on similar thing, I'd be happy to join
him/her. Thanks!

-Amarendra

Re: Tackilng multiple versions of autoconf

2007-10-16 Thread Stuart Henderson

On 2007/10/16 16:10, Amarendra Godbole wrote:
 A peculiar thing I noticed with many ports is they need different versions of
 autoconf installed (set through the AUTOCONF_VERSION variable) - so in the
 end, my system has 3 versions after a couple of port builds (2.13, 2.59, and
 2.61).

This isn't a problem.

Re: vic(4) on ESX 3.0.2

2007-10-16 Thread Fernando Braga

On 10/15/07, Piotrek Kapczuk [EMAIL PROTECTED] wrote:

 2007/10/15, Fernando Braga [EMAIL PROTECTED]:
 
  I'm failing to use vic(4) driver on ESX 3.0.2 and OpenBSD 4.2. I've
  configuredethernet0.virtualDev = vmxnet as instructed on
  vic(4) man page.
 
  dmesg follows:
 
  OpenBSD 4.2 (GENERIC) #1: Fri Oct 12 16:00:29 BRT 2007
 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC

 [...]
  pcn0 at pci0 dev 17 function 0 AMD 79c970 PCnet-PCI rev 0x10,
  pcn1 at pci0 dev 18 function 0 AMD 79c970 PCnet-PCI rev 0x10,
 [...]

 pcn (!!)

 Vmware still starts your VM with AMD NIC.
 I wrote a quick solution to this.
 http://communities.vmware.com/thread/31256

Bulls eye!

But... Does it mean VirtualCenter never will be able to start this VM
without changing back to vlance ?

I've shutdown the VM while connected to ESX server, and then started
again with VIC conected back to VI3, and vmxnet has remained.

I hope it stays like this.

Thanks!

Re: How can i boot a bsd.rd from windows 2000 ?

2007-10-16 Thread Vincent GROSS

On 10/11/07, Christopher Bianchi [EMAIL PROTECTED] wrote:
 Craig Skinner ha scritto:
  Christopher Bianchi wrote:
  The situation is this: this notebook can boot from cdrom and floppy,
  yes..but from docking station ! i haven't docking station ! Desperate
  :-(
 
  Can it boot from a USB floppy?
 
 
 in the bios there aren't any voices for boot from usb... so i assume
 that this notebook can't boot in this way :-(



and from a pen drive ?

if your laptop can boot from usb flash pen drive, the following should work :

1) save the contents of your pen drive somewhere
2) do a fdisk -i insert device name, create a single partition with
disklabel then newfs it
3) copy /bsd.rd and /boot on the freshly newfs'ed partition.
4) do an installboot to set up properly the PBR on the pen drive
5) plug the pendrive on your laptop and try to have the bios boot it.
6) at the boot prompt, type bsd.rd and voila !

see fdisk(8), disklabel(8), newfs(8) and installboot(8) for more informations

-- 
Vincent GROSS
GUIs normally make it simple to accomplish simple actions and
impossible to accomplish complex actions. --Doug Gwyn (22/Jun/91 in
comp.unix.wizards)

running password gorilla on 4.1 on i386

2007-10-16 Thread Chris

I'm having trouble running Gorilla on 4.1. I downloaded the source file
(http://www.fpx.de/fp/Software/Gorilla/download/gorilla-1.4.tar.gz) and ran
./configure. If I type ./gorilla the GUI client says The password Gorilla
requires the [incr TCL] add-on to Tcl. Please install the [incr Tcl] package.

I have tcl-8.4.7p5 and tk-8.4.7p1 install; I could not find incrTcl in
the package or ports list. I downloaded v8.4.9 of tclkit
(http://www.equi4.com/pub/tk/downloads.html) but when I run it, it
says can't load library 'libc.so.34.1'

Any help would be much appreciated. Thanks.

Re: How can i boot a bsd.rd from windows 2000 ?

2007-10-16 Thread Christopher Bianchi

nikolai wrote:
 Hello everyone. My situation is this:
 i've a laptop, a Sharp pc-ax10 with Windows 2000 preinstalled , without
 cdrom, floppy. I wish install OpenBSD on it. Naturally bios can't boot
 from USB.
 So i've thinked to boot the bsd.rd , but how ? The faq explain the
 procedure from an older OpenBSD operating system... i've Windows 2000 on
 it.

 Is it possible ? and if is possible, in which way ? Where i must put the
 bsd.rd and in which way i can boot from him ?

 I've tried google, but nothing :-(

 Thanks for the attention

 Christopher Bianchi


 

 Christopher,

 Check out http://www.openbsd.org/faq/faq4.html#Multibooting,
 the Windows NT/2000/XP NTLDR section.
 Worked perfectly for me on W2K.

 --
  Nick


   
thanks to all, i've resolved pulling out the hard disk...simply way ! thanks

How do I configure sendmail?

2007-10-16 Thread Sunnz

Hi, I have read the man pages of afterboot, sendmail, and also looked
at /usr/share/sendmail/README. I also have tried to google, and are
now confused then ever.

Here's what I have 4.0-stable of OpenBSD, and my ISP provides a smtps
(smtp over ssl on port 465 server to send e-mails, generally I could
just use any graphics e-mail client, type in the address and port
number of the ISP's mail server, enter my username and password, and
ready to send mails.

I want to have my OpenBSD's sendmail to do this as well, which I
believe setting a relay server... am I terribly wrong? I am not
worrying about getting OpenBSD to act as a smtps server yet, just
letting its local users to send e-mails to the outside world at this
stage.

Is there any man pages or web pages that explained how to go about
this that I have missed?

Thanks.

-- 
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

Re: Max clients of OpenSSH

2007-10-16 Thread Jeremy C. Reed

On Tue, 16 Oct 2007, Bibby wrote:

 Where/How can i set the max client number of OpenSSH?
 sshd_config(5) and sshd(8) do not contain any info about this.
 
 I use OpenSSH 4.3p2(RHEL 5 Client).
 
 Thanks very much.

Have a look at MaxStartups which is for concurrent unauthenticated 
connections.



  Jeremy C. Reed

Re: How can i boot a bsd.rd from windows 2000 ?

2007-10-16 Thread Rodrigo V. Raimundo

Em Seg, 2007-10-15 C s 22:11 -0400, nikolai escreveu:
  Hello everyone. My situation is this:
  i've a laptop, a Sharp pc-ax10 with Windows 2000 preinstalled , without
  cdrom, floppy. I wish install OpenBSD on it. Naturally bios can't boot
  from USB.
  So i've thinked to boot the bsd.rd , but how ? The faq explain the
  procedure from an older OpenBSD operating system... i've Windows 2000 on
  it.
 
  Is it possible ? and if is possible, in which way ? Where i must put the
  bsd.rd and in which way i can boot from him ?
 
  I've tried google, but nothing :-(
 
  Thanks for the attention
 
  Christopher Bianchi
 
 
 
 Christopher,
 
 Check out http://www.openbsd.org/faq/faq4.html#Multibooting,
 the Windows NT/2000/XP NTLDR section.
 Worked perfectly for me on W2K.
 

Booting from NTLDR works when you have OpenBSD already installed. I see
no way how can it work without OpenBSD installed.

 --
  Nick

Re: vic(4) on ESX 3.0.2

2007-10-16 Thread Piotrek Kapczuk

2007/10/16, Fernando Braga [EMAIL PROTECTED]:
 On 10/15/07, Piotrek Kapczuk [EMAIL PROTECTED] wrote:
 
  2007/10/15, Fernando Braga [EMAIL PROTECTED]:
  
   I'm failing to use vic(4) driver on ESX 3.0.2 and OpenBSD 4.2. I've
   configuredethernet0.virtualDev = vmxnet as instructed on
   vic(4) man page.
  
   dmesg follows:
  
   OpenBSD 4.2 (GENERIC) #1: Fri Oct 12 16:00:29 BRT 2007
  [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
 
  [...]
   pcn0 at pci0 dev 17 function 0 AMD 79c970 PCnet-PCI rev 0x10,
   pcn1 at pci0 dev 18 function 0 AMD 79c970 PCnet-PCI rev 0x10,
  [...]
 
  pcn (!!)
 
  Vmware still starts your VM with AMD NIC.
  I wrote a quick solution to this.
  http://communities.vmware.com/thread/31256

 Bulls eye!

 But... Does it mean VirtualCenter never will be able to start this VM
 without changing back to vlance ?

No.

 I've shutdown the VM while connected to ESX server, and then started
 again with VIC conected back to VI3, and vmxnet has remained.

 I hope it stays like this.

It will.

This happens because VI server does some weird caching. When you edit
manually .vmx file and start VM VI server compares it with repository
and does sync. So you have to do that trick to override VI smartness
trying to be bullet proof.

Regards
Piotr

Re: Compile error nmap-4.22SOC7 on OpenBSD (SOLVED)

2007-10-16 Thread Vijay Sankar

On October 11, 2007 11:57:09 am Vijay Sankar wrote:
 Unfortunately, I am not able to compile nmap on OpenBSD 4.1 or 4.2
 (release) or 4.2-current. gmake dies at tcpip.o.

 Earlier on (while I was having errors with SOC6 code), I did get a message
 from Eddie Bell, author of portreasons.h, who was planning to look at his
 portreasons.h., so that may resolve this but I am wondering if I am making
 some other mistake or if there is something else that is wrong. If you have
 any thoughts on how I could compile this properly, please let me know.

 Thanks very much,

 Vijay


Thanks to David Fifield, I was able to compile nmap-4.22SOC7 on OpenBSD 4.1.
The new user graphical user interface for nmap is also working very nicely on
OpenBSD 4.1.

As per David's advice, I changed portreasons.h as follows:

Index: portreasons.h
===
--- portreasons.h   (revision 6010)
+++ portreasons.h   (working copy)
@@ -102,6 +102,8 @@
 #ifndef REASON_H
 #define REASON_H
 
+#include nmap.h
+
 #ifdef WIN32
 #include winsock2.h
 #else

After that, my normal .configure command worked. Just in case it is of help to
anyone else, here is the command I typically use:

./configure --with-libpcap=/usr --with-openssl=/usr --with-libpcre=/usr/local
--
with-libdnet=/usr/local --prefix=/usr/local --sysconfdir=/etc
--mandir=/usr/loca
l/man --infodir=/usr/local/info

Vijay

--
Vijay Sankar, M.Eng., P.Eng.
President  CEO
ForeTell Technologies Limited
59 Flamingo Avenue, Winnipeg, MB Canada R3J 0X6
Phone: +1 204 885 9535, E-Mail: [EMAIL PROTECTED]

Re: Max clients of OpenSSH

2007-10-16 Thread Cristiano Deana

2007/10/16, Bibby [EMAIL PROTECTED]:

 Where/How can i set the max client number of OpenSSH?

I don't know, but you can do it using pf.

-- 
Cris, member of G.U.F.I
Italian FreeBSD User Group
http://www.gufi.org/

Re: Brother HL-5250DN printer w/OpenBSD

2007-10-16 Thread Jeremy C. Reed

FWIW: I use the HL-5150D (via USB). I don't use cups. I don't use lpr/lpd. 
I just use foomatic-rip (because I don't need queueing at my desk very 
often) with a BR5150_2.ppd.

Re: How do I configure sendmail?

2007-10-16 Thread Samuel Moñux

2007/10/16, Sunnz [EMAIL PROTECTED]:
 Hi, I have read the man pages of afterboot, sendmail, and also looked
 at /usr/share/sendmail/README. I also have tried to google, and are
 now confused then ever.


Look at Providing SMTP AUTH Data when sendmail acts as Client
section in that file. I think its all what you need.

Best regards.
Samuel

Re: Tackilng multiple versions of autoconf

2007-10-16 Thread Douglas A. Tutty

On Tue, Oct 16, 2007 at 11:52:27AM +0100, Stuart Henderson wrote:
 On 2007/10/16 16:10, Amarendra Godbole wrote:
  A peculiar thing I noticed with many ports is they need different versions 
  of
  autoconf installed (set through the AUTOCONF_VERSION variable) - so in the
  end, my system has 3 versions after a couple of port builds (2.13, 2.59, and
  2.61).
 
 This isn't a problem.

The OP seems to think it is or he (she?) wouldn't waste his time
emailing the list or making an offer to a considerable amount of work to
fix it.  Rather than just dissing him, why not enlighten us as to why
its not a problem?

Perhaps address the statement ... they _NEED_ different versions of
autoconf installed

Doug.

Cyrus IMAP performance problems [Long]

2007-10-16 Thread Samuel Moñux

Hello everyone,

I running into some problems with a Cyrus Imap server. A year ago I
asked about sizing the server and it was defined as overkill (Dell
1850, Perc 4e/DC, 4 300GB 10krpm disks in Raid 10) for 300 users, but
now I'm suffering of really high loads and performance problems. I
think it's due I/O contention (more than a thousand t/s in iostat),
but don't know why Cyrus is so intensive in I/O that this hardware
can't handle it. Memory consumption is also very high.

When I started with ~60 users everything was ok, but after surpasing
the one hundred, performance problems arised. I added a imap proxy
which sited between the server and the webmail(Squirrel) and improved
overall performance, but now we have 215 users and the server has
severe problems during peak hours, when load can reach values of 12 or
more. Users perceive degraded response times.

Top usually lota of imap processes waiting for getblk, biowait, lockf,
or select. Vmstat also shows always proceses blocked waiting for I/O.

I had to tweak default kernel values because server crashed when
importing old mailboxes:
maxusers64  # estimated number of users
option NKMEMPAGES_MAX=65535
option BUFCACHEPERCENT=15

Cyrus was compiled from ports, with default options. The server is
running Sendmail and a lightly loaded openldap.

I don't know where to look at or what to tweak. Any ideas will be welcome.

Best regards.

Dmesg and other relevant data (non peak hours).

load averages: 10.36,  6.97,  5.79
17:59:50
259 processes: 258 idle, 1 on processor
CPU states:  3.7% user,  0.0% nice, 20.6% system,  1.9% interrupt, 73.8% idle
Memory: Real: 1135M/1702M act/tot  Free: 312M  Swap: 47M/2196M used/tot

  PID USERNAME PRI NICE  SIZE   RES STATEWAIT TIMECPU COMMAND
 9503 _cyrus 20 2716K 4392K sleepselect   0:08  1.12% imapd
16618 _cyrus-50 3976K 5728K sleepbiowai   0:08  1.03% imapd
14158 _cyrus 20 3544K 5568K sleepselect   0:01  0.68% imapd
23082 _cyrus-50   11M   11M sleepgetblk   0:06  0.54% imapd
 4397 _cyrus 20 1664K 3396K sleepselect   0:00  0.54% imapd
  831 _cyrus-50   14M   16M sleepgetblk   0:01  0.34% imapd
30096 _cyrus 20 6136K 7464K sleepselect   0:03  0.29% imapd
10307 _cyrus-50 5572K 5908K sleepgetblk   0:00  0.29% imapd
28758 _cyrus-50 7664K 9412K sleepbiowai   0:02  0.20% imapd
27091 _cyrus-50   10M   12M sleepgetblk   0:02  0.20% imapd
15191 _cyrus 20 1740K 3664K sleepselect   0:00  0.20% imapd
17387 _cyrus 20 2216K 4056K sleepselect   0:02  0.15% imapd
25614 _cyrus 20 2056K 3952K sleepselect   0:02  0.15% imapd

# iostat 5 5
  ttysd0 sd1 cd0
fd0 cpu
 tin tout  KB/t t/s MB/s   KB/t t/s MB/s   KB/t t/s MB/s   KB/t t/s
MB/s  us ni sy in id
   08 10.77  18 0.19  14.30 242 3.38   0.00   0 0.00   0.00   0
0.00  18  0  5  1 77
   0   54  9.93  34 0.33  15.00 956 14.00   0.00   0 0.00   0.00   0
0.00   3  0 13  0 84
   0   18 12.07  80 0.95  14.33 615 8.61   0.00   0 0.00   0.00   0
0.00   7  0 15  1 77
   0   18  8.68   9 0.08  14.03 575 7.88   0.00   0 0.00   0.00   0
0.00   1  0  6  1 92
   0   18 10.21  30 0.30  13.26 709 9.19   0.00   0 0.00   0.00   0
0.00   1  0  9  2 88

# vmstat 5 5
 procs   memorypagedisks traps cpu
 r b wavmfre   flt  re  pi  po  fr  sr sd0 sd1  int   sys   cs us sy id
 7 2 01206040 321392  1719   0   0  11   0 174  12 430  573 4294967005
 446 18  6 77
 1 7 01200372 329816  7117   0   0   0   0   0  28 1497 1488  8354 1469 11 17 72
 0 2 01198584 331560  4741   0   0   0   0   0  15 1770 1390  5770 1202  3 14 83
 0 2 01189932 341820  2549   0   0   0   0   0  37 778  800  2981  592  2  8 90
 1 5 01196632 334756  5348   0   0   0   0   0  56 1622 1455  6145 1247  3 18 78


/etc/sysctl.conf :

kern.maxproc=1024
kern.maxfiles=8000
net.inet.tcp.sendspace=65535
net.inet.tcp.recvspace=65535

# mount
/dev/sd0a on / type ffs (local)
/dev/sd0i on /home type ffs (local, nodev, softdep)
/dev/sd0d on /tmp type ffs (local, nodev, nosuid)
/dev/sd0f on /usr type ffs (local, nodev)
/dev/sd0e on /var type ffs (local, nodev, nosuid, softdep)
/dev/sd0h on /var/spool type ffs (local, noatime, nodev, nosuid, softdep)
/dev/sd1a on /das0 type ffs (local, noatime, nodev, nosuid, softdep)

# df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd0a  500M   99.9M375M21%/
/dev/sd0i 50.7G   42.4G5.8G88%/home
/dev/sd0d  124M   16.0K117M 0%/tmp
/dev/sd0f  7.9G3.3G4.2G44%/usr
/dev/sd0e  2.0G344M1.5G18%/var
/dev/sd0h  3.9G   55.7M3.7G 1%/var/spool
/dev/sd1a  550G   78.3G444G15%/das0

# cat /etc/cyrus.conf
START {
  # do not delete this entry!
  recover   cmd=ctl_cyrusdb -r

  # this is

Re: : Which remvable drive is connected to which USB port

2007-10-16 Thread Douglas A. Tutty

On Tue, Oct 16, 2007 at 12:32:21PM +0930, Edwards, David  (JTS) wrote:
 
 I was hoping to use physical lables on the USB disks
 with labelled USB cables but I've just found out during
 testing that the connection between a USB device and a
 physical cable is not as simple as I first thought.
 
 I unplugged all the disks and plugged one back into
 a labelled port.  That port used to be /dev/usb4 addr 5.
 but it seems it's now /dev/usb4 addr 3 and addr 5 doesn't
 seem to exist anymore.
 
 Looks like I'm going to have to use disklabel to label each
 disk and hotplug to mount them.  The backup script will
 have to check the mount point to make sure the disk is
 mounted and unmount it after the backup is finished.
 
 In other words, the script I posted earlier is useless
 folks..
 
 My problem now is to figure out how to get our people
 to work with this.  Preparing a new USB disk is not going
 to be easy for them.  I'm probably going to have to write
 a web interface for it sigh.

As far as I know, every time you put a filesystem on a device, you can
lable it but it will also be assigned a UUID.  Whoever first uses a USB
disk/stick can either give it a name from whatever namespace you specify
or note the UUID that it gets assigned and put that on a physical label
on the device.  

Then, make a set of mount points, one for each device and put a line for
each in fstab.  Stick the devices into whatever USB slots you like, and
have the backup script mount all the devices at which time it can verify
that all devices have mounted successfully.  Then it can go ahead and
run the backup and umount them at the end.

I don't see, and never have seen, a use for hotplug, especially if
things are scripted anyway.  

As for preparing a new USB disk, write a new-disk script that tells
people step by step what to do.  like (psudocode)

get tail /var/log/syslog
print plug new device into any USB port
get tail /var/log/syslog
diff the two, grep for sd*,  if more than one device
print more than one device showed up, lets try again
loop back to top
print This device is showing up as /dev/sde and is listed as a 
Seagate super-duper 100 TeraByte pocket USB drive.  Is this
correct? Y/N
Y
print placing new filesystem on device...
print UUID is DAKA90Q20KA002IWWA2IWREKA
print creating mount point and fstab entry
print New device is now registered with the backup system.
print Create a physical label with the UUID and place it on the drive.

Or:
print The printer is now printing out a barcode UUID label.
print Please affix this this to the drive and then store the drive.
print Thank you.


Doug.

Re: Brother HL-5250DN printer w/OpenBSD

2007-10-16 Thread Greg Thomas

On 10/16/07, Pawel Veselov [EMAIL PROTECTED] wrote:
 Hi,

 The processing filter for the printer is a pre-compiled Linux binary.
 The GPL license is because of Brother CUPS and LPD drivers.


But the 5250 does Postscript emulation, do you need more than that?  I
don't do much with my printer but all that I did was a simple
/etc/printcap and I use lpd/lpr.

Greg

-- 
Ticketmaster and Ticketweb suck, but everyone knows that:
http://ticketmastersucks.org
http://lodesertprotosites.org
Dethink to survive - Mclusky

Re: Brother HL-5250DN printer w/OpenBSD

2007-10-16 Thread Matthew Szudzik

 Forgive me for saying this but I just do not get it. Why did you need to use
 Linux compatibility layer when CUPS is
 OpenBSD packages?

According to
 http://www.openprinting.org/show_printer.cgi?recnum=Brother-HL-5250DN 
this is not a true PostScript printer.  Instead, the Windows and Linux 
drivers do PostScript emulation.

In other words, this printer is not ideal for OpenBSD.

Re: Brother HL-5250DN printer w/OpenBSD

2007-10-16 Thread Aaron W. Hsu

 Date: Tue, 16 Oct 2007 02:26:06 -0700
 From: Pawel Veselov [EMAIL PROTECTED]
 Subject: Re: Brother HL-5250DN printer w/OpenBSD

 On 10/16/07, Predrag Punosevac [EMAIL PROTECTED] wrote:

 Forgive me for saying this but I just do not get it. Why did you need
 to use Linux compatibility layer when CUPS is OpenBSD packages?

 The processing filter for the printer is a pre-compiled Linux binary.
 The GPL license is because of Brother CUPS and LPD drivers.

I know that you may not like this option, but I just thought I would
throw this out there. I always prefer to use the native LPD daemon when
I can, since it is already installed, and it is relatively easy to
configure. It doesn't require keeping track of strange drivers and CUPS
installations.

Looking in the Linux Printing database [1], it seems to me that you
don't need to use the provided binary blob for your printer. I have a
Brother HL-2070n which I had some issues configuring just a while ago,
and I imagine that these printers are similar in their setup. I actually
broke down the scripts provided by Brother for their Linux drivers, and
found out what I needed to know. There are a variety of Free drivers out
there that will allow you to print nicely on your Brother.

I am using the pxlmono driver with my networked Brother printer, and it
works like a charm. It is easy to set up. I use APSFilter to do the
configuration. I highly recommend it. You can avoid having to install
CUPS at all, unless you like CUPS. The only gotcha to remember is that
instead of doing a network based installation using APSFilter, you have
to specify a file (usb/parallel) setup, and then give the IP and port of
the printer instead of a device ([EMAIL PROTECTED]) [2]. 

This should be the easier way to get everything working, and it feels
more OpenBSD-ish to me.

[1] http://www.linuxprinting.org
[2] printcap(5); note section FILTERS and the lp entry.

-- 
((name Aaron Hsu)
 (email/xmpp [EMAIL PROTECTED])
 (phone 703-597-7656)
 (site http://www.aaronhsu.com;))

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: How do I configure sendmail?

2007-10-16 Thread Sunnz

Ohh thanks for the tip.

So does sendmail supports smtp over ssl? When I restart sendmail I got
something like:

554 5.3.5 /etc/mail/localhost.cf: line 239: service smtps unknown

And in that line I've got:

# SMTP client options

O ClientPortOptions=Family=inet6, Address=::
O ClientPortOptions=Family=inet, Address=0.0.0.0
O ClientPortOptions=Port=smtps, Name=MTA

I think I have done something seriously wrong here...

2007/10/17, Samuel MoC1ux [EMAIL PROTECTED]:
 2007/10/16, Sunnz [EMAIL PROTECTED]:
  Hi, I have read the man pages of afterboot, sendmail, and also looked
  at /usr/share/sendmail/README. I also have tried to google, and are
  now confused then ever.
 

 Look at Providing SMTP AUTH Data when sendmail acts as Client
 section in that file. I think its all what you need.

 Best regards.
 Samuel




-- 
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

Re: Cyrus IMAP performance problems [Long]

2007-10-16 Thread Marcus Andree

snip

Got similar problems with imap once, a long time ago... Had to switch from
mailbox format to maildir

Re: How do I configure sendmail?

2007-10-16 Thread Samuel Moñux

2007/10/16, Sunnz [EMAIL PROTECTED]:
 Ohh thanks for the tip.

 So does sendmail supports smtp over ssl? When I restart sendmail I got
 something like:

Honestly, don't know. I thought the main problem was authenticating to
the relay, not doing smtp over ssl (you ISP doesn't support standard
STARTTLS in port 25?). Look at comp.mail.sendmail archive.

Best regards,
Samuel

Re: Tackilng multiple versions of autoconf

2007-10-16 Thread Gregg Reynolds

On 10/16/07, Douglas A. Tutty [EMAIL PROTECTED] wrote:

  This isn't a problem.

 The OP seems to think it is or he (she?) wouldn't waste his time
 emailing the list or making an offer to a considerable amount of work to
 fix it.  Rather than just dissing him, why not enlighten us as to why

That wasn't a diss, it was a statement of fact.  A diss would be This
isn't a problem, you big fat slob.

It's not a problem because the autotools tools are designed that way.
You can't control what versions of what a particular autoconfiscated
package will use.  So an autotools upgrade doesn't affect previously
installed versions.  If you try ./configuring something that needs an
older version it will tell you, so you can install the older version,
set an env var (I think, it's been a while), and do the build.

-g

Re: How do I configure sendmail?

2007-10-16 Thread Aaron W. Hsu

 Date: Tue, 16 Oct 2007 17:17:36 +0200
 From: =?ISO-8859-1?Q?Samuel_Mo=F1ux?= [EMAIL PROTECTED]
 Subject: Re: How do I configure sendmail?

 2007/10/16, Sunnz [EMAIL PROTECTED]:
  Hi, I have read the man pages of afterboot, sendmail, and also looked
  at /usr/share/sendmail/README. I also have tried to google, and are
  now confused then ever.

 Look at Providing SMTP AUTH Data when sendmail acts as Client
 section in that file. I think its all what you need.

Are you sure that this is everything he needs? From my experience with
OpenBSD's Sendmail configuration, he needs SASL to authenticate to his
smtps server. Normally, this would be a simple, compiled in option on
most sendmails, and then, he could follow the instructions in the README
file for setting up his configuration. (BTW, Sunnz, there are some good
tutorials dedicated to just this if you don't understand the file format
of the access file.)

However, when I tried to do this at first, with my SASL enabled
Slackware mail server, I ran into trouble. For some reason, my OpenBSD
sendmail did not have the capacity to authenticate using SASL and normal
SMTP AUTH. I was led to believe that this was the way sendmail was
compiled on OpenBSD, and that I would need to recompile sendmail with
new options to get the needed SMTP AUTH functionality. Is this true?

In the end, I solved the problem by adding pure STARTTLS based
certificate authentication on my server and added my client's certs to
the list of allowable relayers. I like this way of working, but this
also means that Sunnz can't use this model, because he doesn't have
access to the configuration on his ISP's servers, obviously.

-- 
((name Aaron Hsu)
 (email/xmpp [EMAIL PROTECTED])
 (phone 703-597-7656)
 (site http://www.aaronhsu.com;))

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: How do I configure sendmail?

2007-10-16 Thread Tor Houghton

On Wed, Oct 17, 2007 at 02:16:15AM +1000, Sunnz wrote:
 Ohh thanks for the tip.
 
 So does sendmail supports smtp over ssl? When I restart sendmail I got
 something like:
 
 554 5.3.5 /etc/mail/localhost.cf: line 239: service smtps unknown
 
 And in that line I've got:
 
 # SMTP client options
 
 O ClientPortOptions=Family=inet6, Address=::
 O ClientPortOptions=Family=inet, Address=0.0.0.0
 O ClientPortOptions=Port=smtps, Name=MTA
 

You could change smtps to 465, or you could change it to smtp-ssl or similar
if this exists in your /etc/services file:

smtp-ssl465/tcp # SMTP over SSL/TLS

Tor

Re: Tackilng multiple versions of autoconf

2007-10-16 Thread Marc Espie

On Tue, Oct 16, 2007 at 11:50:52AM -0400, Douglas A. Tutty wrote:
 On Tue, Oct 16, 2007 at 11:52:27AM +0100, Stuart Henderson wrote:
  On 2007/10/16 16:10, Amarendra Godbole wrote:
   A peculiar thing I noticed with many ports is they need different 
   versions of
   autoconf installed (set through the AUTOCONF_VERSION variable) - so in the
   end, my system has 3 versions after a couple of port builds (2.13, 2.59, 
   and
   2.61).
  
  This isn't a problem.
 
 The OP seems to think it is or he (she?) wouldn't waste his time
 emailing the list or making an offer to a considerable amount of work to
 fix it.  Rather than just dissing him, why not enlighten us as to why
 its not a problem?
 
 Perhaps address the statement ... they _NEED_ different versions of
 autoconf installed
 
 Doug.

Fixing this is a waste of time.

Autoconf itself is an issue. Actually a lot of engineering issues.
Using it in the first place is a mistake.

If you prefer, it's up to external projects to fix up their shit.

KDE has stopped using the GNU auto* dreck, and I'm very happy for their
switch to cmake.

It's already enough of a headache to work around autoconf issues. Unifying
them ? nope, not a chance.

We have loads of better things to do.

From a practical point of view, each autoconf version is very small, and
compiles/installs in just a fraction of the time it would take to `fix'
ports to use a common autoconf.

Re: Max clients of OpenSSH

2007-10-16 Thread Jeremy C. Reed

I am now testing the following (which includes a little documentation for 
a new MaxClients):

Index: servconf.c
===
RCS file: /cvs/openssh/servconf.c,v
retrieving revision 1.163
diff -u -r1.163 servconf.c
--- servconf.c  20 May 2007 05:03:16 -  1.163
+++ servconf.c  16 Oct 2007 16:50:46 -
@@ -108,6 +108,7 @@
options-protocol = SSH_PROTO_UNKNOWN;
options-gateway_ports = -1;
options-num_subsystems = 0;
+   options-max_clients = -1;
options-max_startups_begin = -1;
options-max_startups_rate = -1;
options-max_startups = -1;
@@ -224,6 +225,8 @@
options-allow_tcp_forwarding = 1;
if (options-gateway_ports == -1)
options-gateway_ports = 0;
+   if (options-max_clients == -1)
+   options-max_clients = 1000;
if (options-max_startups == -1)
options-max_startups = 10;
if (options-max_startups_rate == -1)
@@ -286,7 +289,7 @@
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
-   sMaxStartups, sMaxAuthTries,
+   sMaxClients, sMaxStartups, sMaxAuthTries,
sBanner, sUseDNS, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
@@ -387,6 +390,7 @@
{ protocol, sProtocol, SSHCFG_GLOBAL },
{ gatewayports, sGatewayPorts, SSHCFG_ALL },
{ subsystem, sSubsystem, SSHCFG_GLOBAL },
+   { maxclients, sMaxClients, SSHCFG_GLOBAL },
{ maxstartups, sMaxStartups, SSHCFG_GLOBAL },
{ maxauthtries, sMaxAuthTries, SSHCFG_GLOBAL },
{ banner, sBanner, SSHCFG_ALL },
@@ -1115,6 +1119,10 @@
options-subsystem_args[options-num_subsystems] = p;
options-num_subsystems++;
break;
+
+   case sMaxClients:
+   intptr = options-max_clients;
+   goto parse_int;
 
case sMaxStartups:
arg = strdelim(cp);
Index: servconf.h
===
RCS file: /cvs/openssh/servconf.h,v
retrieving revision 1.72
diff -u -r1.72 servconf.h
--- servconf.h  19 Feb 2007 11:25:38 -  1.72
+++ servconf.h  16 Oct 2007 16:50:46 -
@@ -115,6 +115,7 @@
u_int num_accept_env;
char   *accept_env[MAX_ACCEPT_ENV];
 
+   int max_clients;
int max_startups_begin;
int max_startups_rate;
int max_startups;
Index: sshd.c
===
RCS file: /cvs/openssh/sshd.c,v
retrieving revision 1.364
diff -u -r1.364 sshd.c
--- sshd.c  5 Jun 2007 08:22:32 -   1.364
+++ sshd.c  16 Oct 2007 16:50:47 -
@@ -181,6 +181,11 @@
 int num_listen_socks = 0;
 
 /*
+ * Keep track of number of clients for MaxClients.
+ */
+int num_clients = 0;
+
+/*
  * the client's version string, passed by sshd2 in compat mode. if != NULL,
  * sshd will skip the version-number exchange
  */
@@ -338,6 +343,8 @@
(pid  0  errno == EINTR))
;
 
+   num_clients--;
+
signal(SIGCHLD, main_sigchld_handler);
errno = save_errno;
 }
@@ -1092,6 +1099,11 @@
close(*newsock);
continue;
}
+   if (num_clients = options.max_clients) {
+   debug(max clients %d, num_clients);
+   close(*newsock);
+   continue;
+   }
if (drop_connection(startups) == 1) {
debug(drop connection #%d, startups);
close(*newsock);
@@ -1185,6 +1197,8 @@
debug(Forked child %ld., (long)pid);
 
close(startup_p[1]);
+
+   num_clients++;
 
if (rexec_flag) {
send_rexec_state(config_s[0], cfg);
Index: sshd_config
===
RCS file: /cvs/openssh/sshd_config,v
retrieving revision 1.78
diff -u -r1.78 sshd_config
--- sshd_config 17 Sep 2007 01:57:38 -  1.78
+++ sshd_config 16 Oct 2007 16:50:47 -
@@ -100,6 +100,7 @@
 #ClientAliveCountMax 3
 #UseDNS yes
 #PidFile /var/run/sshd.pid
+#MaxClients 1000
 #MaxStartups 10
 #PermitTunnel no
 
Index: sshd_config.5
===
RCS file: /cvs/openssh/sshd_config.5,v
retrieving revision 1.84
diff -u -r1.84 sshd_config.5
--- sshd_config.5   17 Sep 2007 01:57:38 -  1.84
+++ sshd_config.5   16 Oct 2007 16:50:47 -
@@

Re: How do I configure sendmail?

2007-10-16 Thread Aaron W. Hsu

Sunnz,

 So does sendmail supports smtp over ssl? When I restart sendmail I got
 something like:

 554 5.3.5 /etc/mail/localhost.cf: line 239: service smtps unknown 

Did you check whether that service is actually defined in /etc/services? I 
don't know if sendmail uses that file, but I would expect it to use it for 
something like this.

-- 
((name Aaron Hsu)
 (email/xmpp [EMAIL PROTECTED])
 (phone 703-597-7656)
 (site http://www.aaronhsu.com;))

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: Tackilng multiple versions of autoconf

2007-10-16 Thread Landry Breuil

Hi,

To be more reasonable (i suppose most ports using autotools in tree
won't change their build scheme before earth blows itself, maybe
because of autotools), i'd like to add my tiny-little p.o.v to this
discussion :

When upgrading a port, it costs little time to check that newest
version still needs a particular  AUTO*_VERSION, and remove the option
if ports compiles with 'normal-latest' autotools version. But digging
through whole tree to test each port would be a real waste of time.

Landry


On 10/16/07, Marc Espie [EMAIL PROTECTED] wrote:
 On Tue, Oct 16, 2007 at 11:50:52AM -0400, Douglas A. Tutty wrote:
  On Tue, Oct 16, 2007 at 11:52:27AM +0100, Stuart Henderson wrote:
   On 2007/10/16 16:10, Amarendra Godbole wrote:
A peculiar thing I noticed with many ports is they need different
 versions of
autoconf installed (set through the AUTOCONF_VERSION variable) - so in
 the
end, my system has 3 versions after a couple of port builds (2.13,
 2.59, and
2.61).
  
   This isn't a problem.
 
  The OP seems to think it is or he (she?) wouldn't waste his time
  emailing the list or making an offer to a considerable amount of work to
  fix it.  Rather than just dissing him, why not enlighten us as to why
  its not a problem?
 
  Perhaps address the statement ... they _NEED_ different versions of
  autoconf installed
 
  Doug.

 Fixing this is a waste of time.

 Autoconf itself is an issue. Actually a lot of engineering issues.
 Using it in the first place is a mistake.

 If you prefer, it's up to external projects to fix up their shit.

 KDE has stopped using the GNU auto* dreck, and I'm very happy for their
 switch to cmake.

 It's already enough of a headache to work around autoconf issues. Unifying
 them ? nope, not a chance.

 We have loads of better things to do.

 From a practical point of view, each autoconf version is very small, and
 compiles/installs in just a fraction of the time it would take to `fix'
 ports to use a common autoconf.

Re: logs

2007-10-16 Thread Mike F

Re: How do I configure sendmail?

2007-10-16 Thread Amarendra Godbole

On 10/16/07, Aaron W. Hsu [EMAIL PROTECTED] wrote:
  Date: Tue, 16 Oct 2007 17:17:36 +0200
  From: =?ISO-8859-1?Q?Samuel_Mo=F1ux?= [EMAIL PROTECTED]
  Subject: Re: How do I configure sendmail?

  2007/10/16, Sunnz [EMAIL PROTECTED]:
   Hi, I have read the man pages of afterboot, sendmail, and also looked
   at /usr/share/sendmail/README. I also have tried to google, and are
   now confused then ever.

  Look at Providing SMTP AUTH Data when sendmail acts as Client
  section in that file. I think its all what you need.

 Are you sure that this is everything he needs? From my experience with
 OpenBSD's Sendmail configuration, he needs SASL to authenticate to his
 smtps server. Normally, this would be a simple, compiled in option on
 most sendmails, and then, he could follow the instructions in the README
 file for setting up his configuration. (BTW, Sunnz, there are some good
 tutorials dedicated to just this if you don't understand the file format
 of the access file.)

 However, when I tried to do this at first, with my SASL enabled
 Slackware mail server, I ran into trouble. For some reason, my OpenBSD
 sendmail did not have the capacity to authenticate using SASL and normal
 SMTP AUTH. I was led to believe that this was the way sendmail was
 compiled on OpenBSD, and that I would need to recompile sendmail with
 new options to get the needed SMTP AUTH functionality. Is this true?
[...]

OpenBSD's sendmail is not compiled with the SASL option enabled -
which means, to do an SMTP AUTH with SASL -
1. add the cyrus-sasl package
2. re-compile sendmail with -DSASL (add WANT_SMTPAUTH= yes in /etc/mk.conf)
3. follow a standard tutorial on setting up SMTP AUTH with sendmail
client (AuthInfo option in sendmail, and setting the smarthost entry
in sendmail.cf)

Hopefully, sendmail should be able to authenticate itself against your
smtp server now. I say hopefully, because, with sendmail, it always
takes me more than one try to get things working (or maybe I am too
dumb! :-))

A quick googling turned up the following link which may be useful:
http://www.dsrw.org/~dlg/sysadmin/sendmail/
A friend of mine has written another useful document on setting
sendmail as a client with smtp auth:
http://www.hserus.net/wiki/index.php/Sendmail

-Amarendra

Re: Max clients of OpenSSH

2007-10-16 Thread Jeremy C. Reed

On Tue, 16 Oct 2007, Jeremy C. Reed wrote:

 Index: sshd_config.5
 ===
 RCS file: /cvs/openssh/sshd_config.5,v
 retrieving revision 1.84
 diff -u -r1.84 sshd_config.5
 --- sshd_config.5 17 Sep 2007 01:57:38 -  1.84
 +++ sshd_config.5 16 Oct 2007 16:50:47 -
 @@ -536,6 +536,11 @@
  Once the number of failures reaches half this value,
  additional failures are logged.
  The default is 6.
 +.It Cm MaxClients
 +Specifies the maximum number of concurrent connections to the
 +SSH daemon.
 +The default is 1000.
 +.Pp

I guess I should document some more here:

This includes current unauthenticated connections, so consider keeping  
this greater than
.Cm MaxStartups
so legitimate connections will not be locked out by unauthenticated 
connections.




  .It Cm MaxStartups
  Specifies the maximum number of concurrent unauthenticated connections to the
  SSH daemon.

  Jeremy C. Reed

Re: logs

2007-10-16 Thread Mike F

hey all,

is there a similar logwatch program as in other linux systems

any recommendation?

thanks

Re: logs

2007-10-16 Thread Peter N. M. Hansteen

Mike F [EMAIL PROTECTED] writes:

 is there a similar logwatch program as in other linux systems

only vaguely remembering logwatch, I think logsentry (in ports and
packages) would be something like what you are looking for

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: logs

2007-10-16 Thread Jeremy C. Reed

On Tue, 16 Oct 2007, Mike F wrote:

 is there a similar logwatch program as in other linux systems
 
 any recommendation?

See security/logsurfer and security/logsentry. Maybe others too.

  Jeremy C. Reed

Re: Brother HL-5250DN printer w/OpenBSD

2007-10-16 Thread Greg Thomas

On 10/16/07, Matthew Szudzik [EMAIL PROTECTED] wrote:
  Forgive me for saying this but I just do not get it. Why did you need to use
  Linux compatibility layer when CUPS is
  OpenBSD packages?

 According to
  http://www.openprinting.org/show_printer.cgi?recnum=Brother-HL-5250DN
 this is not a true PostScript printer.  Instead, the Windows and Linux
 drivers do PostScript emulation.

 In other words, this printer is not ideal for OpenBSD.


That's misleading.  I have one here at home (on an earlier thread on
misc I confused my home printer with my work printer) and the
BR-Script3 or whatever Brother calls their emulation works fine.  I
bought mine specifically to use with OpenBSD, other than paper curling
issues it's a great cheap laser printer.

Internet Printing Protocol Configuration:

IPP is Enabled

Available URLs:
   http://192.168.x.x:631/
   http://192.168.x.x:631/ipp
   http://192.168.x.x:631/ipp/port1
   http://192.168.x.x:631/brn_7d6138_p1
   http://192.168.x.x:631/binary_p1
   http://192.168.x.x:631/text_p1
   http://192.168.x.x:631/postscript_p1
   http://192.168.x.x:631/pcl_p1
   http://192.168.x.x:631/brn_7d6138_p1_at

Greg
-- 
Ticketmaster and Ticketweb suck, but everyone knows that:
http://ticketmastersucks.org
http://lodesertprotosites.org
Dethink to survive - Mclusky

Re: Tackilng multiple versions of autoconf

2007-10-16 Thread Marc Espie

On Tue, Oct 16, 2007 at 07:45:24PM +0200, Landry Breuil wrote:
 Hi,
 
 To be more reasonable (i suppose most ports using autotools in tree
 won't change their build scheme before earth blows itself, maybe
 because of autotools), i'd like to add my tiny-little p.o.v to this
 discussion :
 
 When upgrading a port, it costs little time to check that newest
 version still needs a particular  AUTO*_VERSION, and remove the option
 if ports compiles with 'normal-latest' autotools version. But digging
 through whole tree to test each port would be a real waste of time.
 
 Landry
 
Nope, even this is a waste of time.
If you use another version, you run the risk of running into hidden
incompatibilities that we have to fix later

Re: : expansion of FAQ# 1.10 re OpenBSD as a desktop system

2007-10-16 Thread Shawn K. Quinn

On Mon, 2007-10-15 at 19:34 -0400, Douglas A. Tutty wrote:
 I need to look something up in a catalog.  The catalog doesn't come
 in print.  I phone the supplier, they say look on the web.  Its in
 flash.  So, I need flash to get work done. 

Maybe it's time to look for an alternate supplier that makes the catalog
available as HTML or PDF?

-- 
Shawn K. Quinn [EMAIL PROTECTED]

Re: Tackilng multiple versions of autoconf

2007-10-16 Thread Christian Weisgerber

Landry Breuil [EMAIL PROTECTED] wrote:

 When upgrading a port, it costs little time to check that newest
 version still needs a particular  AUTO*_VERSION, and remove the option
 if ports compiles with 'normal-latest' autotools version.

Actually, I check the included configure script and use the same
autoconf version.  There is nothing to be gained in using the latest
one.

-- 
Christian naddy Weisgerber  [EMAIL PROTECTED]

Re: How do I configure sendmail?

2007-10-16 Thread Douglas A. Tutty

On Tue, Oct 16, 2007 at 11:21:36PM +0530, Amarendra Godbole wrote:
 On 10/16/07, Aaron W. Hsu [EMAIL PROTECTED] wrote:
   2007/10/16, Sunnz [EMAIL PROTECTED]:
Hi, I have read the man pages of afterboot, sendmail, and also looked
at /usr/share/sendmail/README. I also have tried to google, and are
now confused then ever.
  
 
 OpenBSD's sendmail is not compiled with the SASL option enabled -
 which means, to do an SMTP AUTH with SASL -
 1. add the cyrus-sasl package
 2. re-compile sendmail with -DSASL (add WANT_SMTPAUTH= yes in /etc/mk.conf)
 3. follow a standard tutorial on setting up SMTP AUTH with sendmail
 client (AuthInfo option in sendmail, and setting the smarthost entry
 in sendmail.cf)
 
 Hopefully, sendmail should be able to authenticate itself against your
 smtp server now. I say hopefully, because, with sendmail, it always
 takes me more than one try to get things working (or maybe I am too
 dumb! :-))
 
 A quick googling turned up the following link which may be useful:
 http://www.dsrw.org/~dlg/sysadmin/sendmail/
 A friend of mine has written another useful document on setting
 sendmail as a client with smtp auth:
 http://www.hserus.net/wiki/index.php/Sendmail

Wouldn't it be easier to just install exim?  Does the exim packaged for
OpenBSD do this out of the box?  FWIW it does on Debian.

Doug.

Re: : expansion of FAQ# 1.10 re OpenBSD as a desktop system

2007-10-16 Thread Douglas A. Tutty

On Tue, Oct 16, 2007 at 02:39:59PM -0500, Shawn K. Quinn wrote:
 On Mon, 2007-10-15 at 19:34 -0400, Douglas A. Tutty wrote:
  I need to look something up in a catalog.  The catalog doesn't come
  in print.  I phone the supplier, they say look on the web.  Its in
  flash.  So, I need flash to get work done. 
 
 Maybe it's time to look for an alternate supplier that makes the catalog
 available as HTML or PDF?
 

Not an option.

Doug.

Re: Cyrus IMAP performance problems [Long]

2007-10-16 Thread Samuel Moñux

It seems that Francesco pointed me in the right direction in a private
message. Cyrus in OpenBSD can't use mmap since it assumes that changes
in an mmaped file are inmediately seen by VFS system calls. OpenBSD
hasn't an unified buffer and page cache so this semantic requirement
of mmap isn't met (requires and explicit msync()). Another
implementation based in lseek and xmalloc must be used, which performs
much worse than the mmap based.

I think this explains memory usage, and the high number of IOPS.

Now, I must switch the IMAP server or the operating system.

Thanks to everyone, specially Francesco.

2007/10/16, Samuel Moqux [EMAIL PROTECTED]:
 Hello everyone,

 I running into some problems with a Cyrus Imap server. A year ago I
 asked about sizing the server and it was defined as overkill (Dell
 1850, Perc 4e/DC, 4 300GB 10krpm disks in Raid 10) for 300 users, but
 now I'm suffering of really high loads and performance problems. I
 think it's due I/O contention (more than a thousand t/s in iostat),
 but don't know why Cyrus is so intensive in I/O that this hardware
 can't handle it. Memory consumption is also very high.

 When I started with ~60 users everything was ok, but after surpasing
 the one hundred, performance problems arised. I added a imap proxy
 which sited between the server and the webmail(Squirrel) and improved
 overall performance, but now we have 215 users and the server has
 severe problems during peak hours, when load can reach values of 12 or
 more. Users perceive degraded response times.

 Top usually lota of imap processes waiting for getblk, biowait, lockf,
 or select. Vmstat also shows always proceses blocked waiting for I/O.

 I had to tweak default kernel values because server crashed when
 importing old mailboxes:
 maxusers64  # estimated number of users
 option NKMEMPAGES_MAX=65535
 option BUFCACHEPERCENT=15

 Cyrus was compiled from ports, with default options. The server is
 running Sendmail and a lightly loaded openldap.

 I don't know where to look at or what to tweak. Any ideas will be welcome.

 Best regards.

 Dmesg and other relevant data (non peak hours).

 load averages: 10.36,  6.97,  5.79
 17:59:50
 259 processes: 258 idle, 1 on processor
 CPU states:  3.7% user,  0.0% nice, 20.6% system,  1.9% interrupt, 73.8%
idle
 Memory: Real: 1135M/1702M act/tot  Free: 312M  Swap: 47M/2196M used/tot

   PID USERNAME PRI NICE  SIZE   RES STATEWAIT TIMECPU COMMAND
  9503 _cyrus 20 2716K 4392K sleepselect   0:08  1.12% imapd
 16618 _cyrus-50 3976K 5728K sleepbiowai   0:08  1.03% imapd
 14158 _cyrus 20 3544K 5568K sleepselect   0:01  0.68% imapd
 23082 _cyrus-50   11M   11M sleepgetblk   0:06  0.54% imapd
  4397 _cyrus 20 1664K 3396K sleepselect   0:00  0.54% imapd
   831 _cyrus-50   14M   16M sleepgetblk   0:01  0.34% imapd
 30096 _cyrus 20 6136K 7464K sleepselect   0:03  0.29% imapd
 10307 _cyrus-50 5572K 5908K sleepgetblk   0:00  0.29% imapd
 28758 _cyrus-50 7664K 9412K sleepbiowai   0:02  0.20% imapd
 27091 _cyrus-50   10M   12M sleepgetblk   0:02  0.20% imapd
 15191 _cyrus 20 1740K 3664K sleepselect   0:00  0.20% imapd
 17387 _cyrus 20 2216K 4056K sleepselect   0:02  0.15% imapd
 25614 _cyrus 20 2056K 3952K sleepselect   0:02  0.15% imapd

 # iostat 5 5
   ttysd0 sd1 cd0
 fd0 cpu
  tin tout  KB/t t/s MB/s   KB/t t/s MB/s   KB/t t/s MB/s   KB/t t/s
 MB/s  us ni sy in id
08 10.77  18 0.19  14.30 242 3.38   0.00   0 0.00   0.00   0
 0.00  18  0  5  1 77
0   54  9.93  34 0.33  15.00 956 14.00   0.00   0 0.00   0.00   0
 0.00   3  0 13  0 84
0   18 12.07  80 0.95  14.33 615 8.61   0.00   0 0.00   0.00   0
 0.00   7  0 15  1 77
0   18  8.68   9 0.08  14.03 575 7.88   0.00   0 0.00   0.00   0
 0.00   1  0  6  1 92
0   18 10.21  30 0.30  13.26 709 9.19   0.00   0 0.00   0.00   0
 0.00   1  0  9  2 88

 # vmstat 5 5
  procs   memorypagedisks traps cpu
  r b wavmfre   flt  re  pi  po  fr  sr sd0 sd1  int   sys   cs us sy
id
  7 2 01206040 321392  1719   0   0  11   0 174  12 430  573 4294967005
  446 18  6 77
  1 7 01200372 329816  7117   0   0   0   0   0  28 1497 1488  8354 1469 11
17 72
  0 2 01198584 331560  4741   0   0   0   0   0  15 1770 1390  5770 1202  3
14 83
  0 2 01189932 341820  2549   0   0   0   0   0  37 778  800  2981  592  2  8
90
  1 5 01196632 334756  5348   0   0   0   0   0  56 1622 1455  6145 1247  3
18 78


 /etc/sysctl.conf :

 kern.maxproc=1024
 kern.maxfiles=8000
 net.inet.tcp.sendspace=65535
 net.inet.tcp.recvspace=65535

 # mount
 /dev/sd0a on / type ffs (local)
 /dev/sd0i on /home type ffs (local, nodev, softdep)
 /dev/sd0d on /tmp type ffs (local, nodev, nosuid)
 /dev/sd0f on /usr type ffs (local, nodev)

Re: logs

2007-10-16 Thread Douglas A. Tutty

On Tue, Oct 16, 2007 at 05:55:03PM +, Mike F wrote:
 
 is there a similar logwatch program as in other linux systems

What do you mean by _other_ linux systems.  This isn't a linux system.
:)))

Doug.

em(4) - IFCAP_VLAN_MTU IFCAP_VLAN_HWTAGGING ?

2007-10-16 Thread Brian A. Seklecki


All:

I see that IFCAP_VLAN_MTU is available, but IFCAP_VLAN_HWTAGGING, as seen 
in ti(4), is absent in em(4).  Version 6.6.6 of em(4) elsewhere is 
promising TOE (TCP Segment Offload) and already supports a vlanhwtag and 
jumbo frames.


For VLAN routing security boxes, this would be a big plus for a lot of 
embedded SBCs that support only integrated Intel NICs.


Two such units that I've been loooking at:

http://www.nycbug.org/?NAV=dmesgd;f_dmesg=;f_bsd=;f_nick=;f_descr=;dmesgid=1913#1913
http://www.nycbug.org/?NAV=dmesgd;f_dmesg=;f_bsd=;f_nick=;f_descr=;dmesgid=1911#1911


l8*
-lava (Brian A. Seklecki - Pittsburgh, PA, USA)
   http://www.spiritual-machines.org/

Re: Brother HL-5250DN printer w/OpenBSD

2007-10-16 Thread Brian Havens

On Tue, Oct 16, 2007 at 12:18:16PM -0400, Matthew Szudzik wrote:
  Forgive me for saying this but I just do not get it. Why did you need to use
  Linux compatibility layer when CUPS is
  OpenBSD packages?
 
 According to
  http://www.openprinting.org/show_printer.cgi?recnum=Brother-HL-5250DN 
 this is not a true PostScript printer.  Instead, the Windows and Linux 
 drivers do PostScript emulation.
 
 In other words, this printer is not ideal for OpenBSD.
 

It seems to support PostScript for me and works great using OpenBSD's
built-in lpd/lpr without the need of filters or extra stuff.

I think that BR-Script3 is Brother's own PostScript Level 3 emulation
(renamed to avoid paying licenses to Adobe).

-Brian

Re: OpenBSD current: XF4 or xenocara?

2007-10-16 Thread Martin Toft

On Sun, Oct 14, 2007 at 11:16:18PM +0200, Martin Toft wrote:
 I would like to upgrade from a snapshot to current. I know my way
 around kernel, userland and ports, but I'm a bit confused with regard
 to XF4 versus xenocara. I would like to try out xenocara -- should I
 follow section 5.3 in the FAQ
 (http://www.openbsd.org/faq/faq5.html#Bld) and checkout (using cvs)
 the XF4 module or should I checkout the xenocare module?

For the archives: release(8) answers my question. It appears to be the
most up-to-date building documentation.

Martin

[demime 1.01d removed an attachment of type application/pgp-signature which had 
a name of signature.asc]

Re: Brother HL-5250DN printer w/OpenBSD

2007-10-16 Thread Ted Unangst

On 10/16/07, Matthew Szudzik [EMAIL PROTECTED] wrote:
  Forgive me for saying this but I just do not get it. Why did you need to use
  Linux compatibility layer when CUPS is
  OpenBSD packages?

 According to
  http://www.openprinting.org/show_printer.cgi?recnum=Brother-HL-5250DN
 this is not a true PostScript printer.  Instead, the Windows and Linux
 drivers do PostScript emulation.

and the line above that says Best results are obtained when the
printer is used in PostScript mode with a PPD file from the printer's
driver CD.

the wonders of collaborative documentation...

Re: logs

2007-10-16 Thread Dave Ewart

On Tuesday, 16.10.2007 at 17:55 +, Mike F wrote:

 hey all,
 
 is there a similar logwatch program as in other linux systems

logsentry is what you want.  OpenBSD's logsentry *is* logcheck, just
renamed.

Dave.
-- 
Dave Ewart - [EMAIL PROTECTED] - jabber: [EMAIL PROTECTED] - freenode: davee
All email from me is now digitally signed, key from http://www.sungate.co.uk/
Fingerprint: AEC5 9360 0A35 7F66 66E9 82E4 9E10 6769 CD28 DA92

Re: : How can i boot a bsd.rd from windows 2000 ?

2007-10-16 Thread Andrew Daugherity

On 10/15/07, Rodrigo V. Raimundo [EMAIL PROTECTED] wrote:
 Em Sex, 2007-10-12 C s 09:57 +0200, Raimo Niskanen escreveu:
  Can grub actually boot a bsd kernel. I thought it was in a
  different binary format than Linux kernels.

 Grub can boot *BSD kernel and can detect in what binary format it is.
 But in case it dont recognite the binary there is a --type=openbsd
 parameter that can be used with the kernel command.

  Does grub pass kernel arguments to the bsd kernel in the
  right way.

 It is not possible to pass kernel parameters from grub to /bsd*

I have not had success booting an OpenBSD kernel directly from GRUB.
Specifying --type=openbsd allows GRUB to load the kernel, but the
kernel then dies with panic: /boot too old: upgrade!  This happens
both with bsd and bsd.rd from the most recent snapshot.

NetBSD does boot successfully from GRUB, and with netbsd-4 and
-current, kernel arguments work as well.  Kernel args don't really
apply to FreeBSD since for booting FBSD  directly with GRUB you use
kernel /boot/loader and the loader takes over from there.

I'm sure OpenBSD could be made to boot from GRUB but I don't imagine
that's very high on anyone's list.

Andrew

SOLVED [was: firewall is very slow, something's wrong]

2007-10-16 Thread Florin Andrei


Florin Andrei wrote:


##
Huge performance improvements in the network stack, including:
* In pf, store routing table ID, queue ID etc directly in the packet 
header mbuf instead of using mbuf tags (which use malloc'd memory). This 
yields a 100% improvement in pf performance.
* Skip TCP/UDP/ICMP/ICMP6 checksumming when not necessary. This 
yields a further 10% improvement in pf performance.
* A change in the way the kernel random pool is stirred greatly 
increases performance with network interface cards that support 
interrupt mitigation, especially on architectures where reading the 
clock is expensive (such as amd64).

##

I'll try 4.2.


HOLY SH*T! I tried 4.2. It rocks!

Just the first test that I tried after installing it:
- switched gigabit network
- web server behind 1:1 NATing firewall
- firewall is AMD64 X2 2.4GHz
- downloading 2GB file via HTTP through the firewall in infinite loop
- flooding the firewall with small UDP packets, random source IPs, 
generated as fast as my workstation (AMD64 X2 6400, Intel Pro/1000 PCI 
Express card, Linux Fedora 7, running the kernel-level pktgen packet 
generator which is very fast) can crank them out. The packets are 
directed to the NATed address of the web server, to a port that's 
blocked by the firewall.


Under these conditions, OpenBSD 4.1 as a firewall just keels over and 
dies. All traffic through the firewall just stops in an instant.
Linux 2.6.18 fares slightly better, the current download finishes up, 
but another one won't start.


But the default OpenBSD 4.2 i386 uniprocessor kernel doesn't seem to 
care. The download just keeps going. New downloads are initiated OK 
through the firewall. There are even spare CPU cycles left :-) not many 
(10%) but still. There's a very large percentage of CPU (80...90%) used 
for interrupts.


Good job folks, I'm impressed.

Anyone building gigabit routers and firewalls, don't delay, upgrade to 
4.2. Heck, do that even for 100Mbit systems, this type of DoS doesn't 
need much bandwidth to be effective.


I'll keep doing tests. If anything interesting shows up, I'll post the 
results in a new thread.


--
Florin Andrei

http://florin.myip.org/

Re: How do I configure sendmail?

2007-10-16 Thread L. V. Lammert

On Tue, 16 Oct 2007, Douglas A. Tutty wrote:

 On Tue, Oct 16, 2007 at 11:21:36PM +0530, Amarendra Godbole wrote:
  On 10/16/07, Aaron W. Hsu [EMAIL PROTECTED] wrote:
2007/10/16, Sunnz [EMAIL PROTECTED]:
 Hi, I have read the man pages of afterboot, sendmail, and also looked
 at /usr/share/sendmail/README. I also have tried to google, and are
 now confused then ever.
   

MUCH MUCH simpler process - install Webmin (www.webmin.com). We use it
here for all Sendmail admin.

We have not used any of the Sendmail SSL components, however.

Lee

Re: Tackilng multiple versions of autoconf

2007-10-16 Thread Stuart Henderson

On 2007/10/16 21:45, Marc Espie wrote:
 On Tue, Oct 16, 2007 at 07:45:24PM +0200, Landry Breuil wrote:
  Hi,
  
  To be more reasonable (i suppose most ports using autotools in tree
  won't change their build scheme before earth blows itself, maybe
  because of autotools), i'd like to add my tiny-little p.o.v to this
  discussion :
  
  When upgrading a port, it costs little time to check that newest
  version still needs a particular  AUTO*_VERSION, and remove the option
  if ports compiles with 'normal-latest' autotools version. But digging
  through whole tree to test each port would be a real waste of time.
  
  Landry
  
 Nope, even this is a waste of time.
 If you use another version, you run the risk of running into hidden
 incompatibilities that we have to fix later

$ locate patch-|grep configure|wc -l
 618 

ok, they won't _all_ be autoconf, but this gives you a rough idea how
often autoconf users don't take account of making things work properly
on other OS, which is rather the point of autoconf isn't it?

with a lot of time and work testing and finding and fixing problems,
the end result will be packages which work how they do already. i can
think of better ways to use that time...

Re: : How can i boot a bsd.rd from windows 2000 ?

2007-10-16 Thread Stuart Henderson

On 2007/10/16 16:58, Andrew Daugherity wrote:
 I have not had success booting an OpenBSD kernel directly from GRUB.
 Specifying --type=openbsd allows GRUB to load the kernel, but the
 kernel then dies with panic: /boot too old: upgrade!

it's probably trying to boot is as a.out; no guarantees but try
--type=netbsd-elf

Re: SOLVED [was: firewall is very slow, something's wrong]

2007-10-16 Thread James Hartley

On 10/16/07, Florin Andrei [EMAIL PROTECTED] wrote:
 - flooding the firewall with small UDP packets, random source IPs,
 generated as fast as my workstation (AMD64 X2 6400, Intel Pro/1000 PCI
 Express card, Linux Fedora 7, running the kernel-level pktgen packet
 generator which is very fast) can crank them out.

First, thanks for sharing your findings.

Secondly, does anyone on the mailing list know of an OpenBSD
equivalent to pktgen?

Thanks.

Jim

Re: SOLVED [was: firewall is very slow, something's wrong]

2007-10-16 Thread Stuart Henderson

On 2007/10/16 15:27, James Hartley wrote:
 On 10/16/07, Florin Andrei [EMAIL PROTECTED] wrote:
  - flooding the firewall with small UDP packets, random source IPs,
  generated as fast as my workstation (AMD64 X2 6400, Intel Pro/1000 PCI
  Express card, Linux Fedora 7, running the kernel-level pktgen packet
  generator which is very fast) can crank them out.
 
 First, thanks for sharing your findings.
 
 Secondly, does anyone on the mailing list know of an OpenBSD
 equivalent to pktgen?

Not in-kernel, but netblast from the netrate package is somewhat
useful.

Re: Tackilng multiple versions of autoconf

2007-10-16 Thread Jacob Meuser

On Tue, Oct 16, 2007 at 11:12:36PM +0100, Stuart Henderson wrote:

 $ locate patch-|grep configure|wc -l
  618 
 
 ok, they won't _all_ be autoconf, but this gives you a rough idea how
 often autoconf users don't take account of making things work properly
 on other OS, which is rather the point of autoconf isn't it?

heh, using autoconf gives a false sense of portability ;P

-- 
[EMAIL PROTECTED]
SDF Public Access UNIX System - http://sdf.lonestar.org

Internal loadbalancing

2007-10-16 Thread Vladimir

I have an existing firewall that already load balances our web server 
traffic from an external IP across two web servers that are on the 
internal network. I would like to set up internal load balancing since 
I have webservices internally I would like to provide to the rest of the 
cluster. These services should not be exposed to the external world. So 
for such a purpose I added an alias to an existing carp interface for 
10.0.5.200


carp50: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
   lladdr 00:00:5e:00:01:96
   carp: MASTER carpdev vlan50 vhid 150 advbase 1 advskew 100
   groups: carp
   inet6 fe80::200:5eff:fe00:196%carp50 prefixlen 64 scopeid 0x10
   inet 10.0.5.1 netmask 0xff00 broadcast 10.0.5.255
   inet 10.0.5.200 netmask 0xff00 broadcast 10.0.5.255

I would like to load balance that traffic across two other web servers 
that are on e.g. 10.0.5.81 and 10.0.5.82. For the time being I added a 
following RDR rule


rdr pass on $if_local proto tcp to 10.0.5.200 port $ports_web - 10.0.5.81

Unfortunately I can't connect to 10.0.5.200. For example if from another 
server on the network I do


$ telnet 10.0.5.81 80
Trying 10.0.5.81...
Connected to web1.local (10.0.5.81).
Escape character is '^]'.

However if I do

$ telnet 10.0.5.200 80
Trying 10.0.5.200...
telnet: connect to address 10.0.5.200: Connection refused
telnet: Unable to connect to remote host: Connection refused

Sniffing on carp50 shows no activity. I suppose there may be some 
routing confusion however I even tried setting up another totally 
different physical interface, created carp10 and IP 10.0.1.200 
redirecting to 10.0.5.81 with the same effect.


Any help would be appreciated.

Thanks,

Vladimir

Re: Internal loadbalancing

2007-10-16 Thread dane johansen

Probably you run into this situation:

client (10.0.5.233) - firewall (10.0.5.200) - rdr - server (10.0.5.81)

No servers see's that packet came in from the same subnet and goes directly
to the client which does not expect reply from 10.0.5.81 it expects reply
from 10.0.5.200.

You may want to read this:

http://www.openbsd.org/faq/pf/rdr.html#reflect

On 10/16/07, Vladimir [EMAIL PROTECTED] wrote:

 I have an existing firewall that already load balances our web server
 traffic from an external IP across two web servers that are on the
 internal network. I would like to set up internal load balancing since
 I have webservices internally I would like to provide to the rest of the
 cluster. These services should not be exposed to the external world. So
 for such a purpose I added an alias to an existing carp interface for
 10.0.5.200

 carp50: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lladdr 00:00:5e:00:01:96
 carp: MASTER carpdev vlan50 vhid 150 advbase 1 advskew 100
 groups: carp
 inet6 fe80::200:5eff:fe00:196%carp50 prefixlen 64 scopeid 0x10
 inet 10.0.5.1 netmask 0xff00 broadcast 10.0.5.255
 inet 10.0.5.200 netmask 0xff00 broadcast 10.0.5.255

 I would like to load balance that traffic across two other web servers
 that are on e.g. 10.0.5.81 and 10.0.5.82. For the time being I added a
 following RDR rule

 rdr pass on $if_local proto tcp to 10.0.5.200 port $ports_web - 10.0.5.81

 Unfortunately I can't connect to 10.0.5.200. For example if from another
 server on the network I do

 $ telnet 10.0.5.81 80
 Trying 10.0.5.81...
 Connected to web1.local (10.0.5.81).
 Escape character is '^]'.

 However if I do

 $ telnet 10.0.5.200 80
 Trying 10.0.5.200...
 telnet: connect to address 10.0.5.200: Connection refused
 telnet: Unable to connect to remote host: Connection refused

 Sniffing on carp50 shows no activity. I suppose there may be some
 routing confusion however I even tried setting up another totally
 different physical interface, created carp10 and IP 10.0.1.200
 redirecting to 10.0.5.81 with the same effect.

 Any help would be appreciated.

 Thanks,

 Vladimir

Message (Your message dated Tue, 16 Oct 2007 18:53:46...)

2007-10-16 Thread L-Soft list server at The CA-IDMS Database Applications User Association (1.8e)

Your message dated Tue, 16 Oct 2007 18:53:46 -0400 with subject Hello has
been  submitted  to   the  moderator  of  the  IDMS-L   list:  Daniel  Hall
[EMAIL PROTECTED].

Re: Internal loadbalancing

2007-10-16 Thread Vladimir


dane johansen wrote:

Probably you run into this situation:

client (10.0.5.233 http://10.0.5.233) - firewall (10.0.5.200 
http://10.0.5.200) - rdr - server (10.0.5.81 http://10.0.5.81)


No servers see's that packet came in from the same subnet and goes 
directly to the client which does not expect reply from 10.0.5.81 
http://10.0.5.81 it expects reply from 10.0.5.200 http://10.0.5.200.


You may want to read this:

http://www.openbsd.org/faq/pf/rdr.html#reflect


I obviously omitted the most pertinent information. My apologies.

client's IP is actually 10.0.1.50 coming from a different subnet so the 
path is really


client (10.0.1.50) - firewall (10.0.1.1) - firewall (10.0.5.200) -  
rdr - server (10.0.5.81 = gw is 10.0.5.1)




Vladimir

Re: SOLVED [was: firewall is very slow, something's wrong]

2007-10-16 Thread Florin Andrei


Stuart Henderson wrote:

On 2007/10/16 15:27, James Hartley wrote:


Secondly, does anyone on the mailing list know of an OpenBSD
equivalent to pktgen?


Not in-kernel, but netblast from the netrate package is somewhat
useful.


If anybody has a same-hardware performance comparison between pktgen and 
netblast, please post it. I'm especially interested in generating lots 
of small packets, which is difficult.


--
Florin Andrei

http://florin.myip.org/

Expat in OpenBSD -current

2007-10-16 Thread Sam Fourman Jr.

hello misc@

today I installed a new computer with -current (10/16/2007)

I did not select the X windows files from the install program because
I do not need X

I went to compile /usr/ports/editors/vim with FLAVOR=no_x11 huge

during the build gettext complains about not having expat.

after further investigation I found this:

Log message:
All ports are now using the libexpat that's shipped with xenocara.
Add COMES_WITH=4.2 here.
ok sturm@, steven@, matthieu@, naddy@


it would appear that expat has been removed from ports.

so what is the correct move? Should I have installed xenocara anyway
even if this computer only needs a console?


any help is appreciated.

Sam Fourman Jr.

Re: logs

2007-10-16 Thread Uwe Dippel

On Tue, 16 Oct 2007 17:55:03 +, Mike F wrote:

 is there a similar logwatch program as in other linux systems

There is logwatch. Just download and install ...

Uwe

Re: Expat in OpenBSD -current

2007-10-16 Thread Scott Vanderbilt


Sam Fourman Jr. wrote:


it would appear that expat has been removed from ports.

so what is the correct move? Should I have installed xenocara anyway
even if this computer only needs a console?


This bit me too. Just install xbase and you'll be fine.

Re: Expat in OpenBSD -current

2007-10-16 Thread Sam Fourman Jr.

On 10/16/07, Scott Vanderbilt [EMAIL PROTECTED] wrote:
 Sam Fourman Jr. wrote:

  it would appear that expat has been removed from ports.
 
  so what is the correct move? Should I have installed xenocara anyway
  even if this computer only needs a console?

 This bit me too. Just install xbase and you'll be fine.

how do I install xbase without reformatting and reinstalling the whole OS?

Re: Expat in OpenBSD -current

2007-10-16 Thread Daniel Ouellet


Sam Fourman Jr. wrote:

how do I install xbase without reformatting and reinstalling the whole OS?


http://openbsd.org/faq/faq4.html#AddFileSet

Re: Expat in OpenBSD -current

2007-10-16 Thread Scott Vanderbilt


Sam Fourman Jr. wrote:


so what is the correct move? Should I have installed xenocara anyway
even if this computer only needs a console?

This bit me too. Just install xbase and you'll be fine.


how do I install xbase without reformatting and reinstalling the whole OS?



This is answered in the very nicely done FAQ:

http://www.openbsd.org/faq/faq4.html#AddFileSet

Re: Expat in OpenBSD -current

2007-10-16 Thread Jacob Meuser

On Tue, Oct 16, 2007 at 06:14:38PM -0700, Scott Vanderbilt wrote:
 Sam Fourman Jr. wrote:
 
 so what is the correct move? Should I have installed xenocara anyway
 even if this computer only needs a console?
 This bit me too. Just install xbase and you'll be fine.

if you are building ports, you should also install xshare, as it contains
headers and pkg-config files which may be used by ports.

 how do I install xbase without reformatting and reinstalling the whole OS?
 
 
 This is answered in the very nicely done FAQ:
 
 http://www.openbsd.org/faq/faq4.html#AddFileSet
 

also, ports questions really belong on the [EMAIL PROTECTED] list.

-- 
[EMAIL PROTECTED]
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: Tackilng multiple versions of autoconf

2007-10-16 Thread Amarendra Godbole

On 10/17/07, Stuart Henderson [EMAIL PROTECTED] wrote:
 On 2007/10/16 21:45, Marc Espie wrote:
  On Tue, Oct 16, 2007 at 07:45:24PM +0200, Landry Breuil wrote:
   Hi,
  
   To be more reasonable (i suppose most ports using autotools in tree
   won't change their build scheme before earth blows itself, maybe
   because of autotools), i'd like to add my tiny-little p.o.v to this
   discussion :
  
   When upgrading a port, it costs little time to check that newest
   version still needs a particular  AUTO*_VERSION, and remove the option
   if ports compiles with 'normal-latest' autotools version. But digging
   through whole tree to test each port would be a real waste of time.
  
   Landry
  
  Nope, even this is a waste of time.
  If you use another version, you run the risk of running into hidden
  incompatibilities that we have to fix later

 $ locate patch-|grep configure|wc -l
  618

 ok, they won't _all_ be autoconf, but this gives you a rough idea how
 often autoconf users don't take account of making things work properly
 on other OS, which is rather the point of autoconf isn't it?

 with a lot of time and work testing and finding and fixing problems,
 the end result will be packages which work how they do already. i can
 think of better ways to use that time...
[...]

Okay, after reading a lot of you, I guess it won't be wise to proceed
with fixing autoconf versions in the ports. Being a newcomer to
OpenBSD, and having some programming experience, I'd like to
contribute back. Can you point me to some better ways to utilize that
time? Thanks!

Oh, and for those who were wondering, I am a he. :-) Good day (evening) folks!

-Amarendra

--
Pune, India.

Re: Max clients of OpenSSH

2007-10-16 Thread Bibby

Hi, Reed.

Can you send me a separated patch and tell me the usage? I want to test it.

Thanks very much.

--
Best regards.

Bibby

2007/10/17, Jeremy C. Reed [EMAIL PROTECTED]:

 I am now testing the following (which includes a little documentation for
 a new MaxClients):

Wireless ImtelliMouse problem

2007-10-16 Thread Vadim Jukov

Hello all.

Due to different reasons I bought MS Wireless Desktop (keyboard + mouse).
While keyboard works fine, mouse produces headache. I'll skip simptoms,
going straight to information gathered.

I tried to used new mouse both alone and with Logitech UltraX Optical
in pair. Logitech works OK in both cases (it suffers from, err,
hardware problems:), which were the reasons to buy new mouse).
IntelliMouse going wrong in both cases too.

Snip from dmesg (full version later):

uhidev0 at uhub1 port 1 configuration 1 interface 0 Logitech USB-PS/2 Optical 
Mouse rev 2.00/20.00 addr 2
uhidev0: iclass 3/1
ums0 at uhidev0: 4 buttons and Z dir.
wsmouse0 at ums0 mux 0
uhidev1 at uhub1 port 2 configuration 1 interface 0 Microsoft Microsoft 
Wireless Optical Desktop\M-. 2.10 rev 2.00/0.41 addr 3
uhidev1: iclass 3/1
ukbd0 at uhidev1: 8 modifier keys, 6 key codes
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
uhidev2 at uhub1 port 2 configuration 1 interface 1 Microsoft Microsoft 
Wireless Optical Desktop\M-. 2.10 rev 2.00/0.41 addr 3
uhidev2: iclass 3/0
uhidev2: 23 report ids
uhid0 at uhidev2 reportid 1: input=7, output=0, feature=0
uhid1 at uhidev2 reportid 2: input=2, output=0, feature=0
uhid2 at uhidev2 reportid 3: input=1, output=0, feature=0
uhid3 at uhidev2 reportid 4: input=1, output=0, feature=0
uhid4 at uhidev2 reportid 5: input=3, output=0, feature=0
uhid5 at uhidev2 reportid 6: input=0, output=0, feature=1
ums1 at uhidev2 reportid 17: 5 buttons and Z dir.
wsmouse1 at ums1 mux 0
uhid6 at uhidev2 reportid 18: input=0, output=0, feature=1
uhid7 at uhidev2 reportid 19: input=1, output=0, feature=0
uhid8 at uhidev2 reportid 20: input=1, output=0, feature=0
uhid9 at uhidev2 reportid 21: input=3, output=0, feature=0
uhid10 at uhidev2 reportid 23: input=0, output=0, feature=1

xev(1) output for mouse clicks are different: while Logitech
produces single mouse down and mouse release events as
it should, IntelliMouse produces mouse down and mouse up
on each move too, which yields many strange things. I can send
exact logs (enter window, mouse move, mouse down, mouse move,
mouse up, mouse move, exit window) if anyone is interested in
them.

One more thing: xmseconfig(1) tells me that X server doesn't
handle Protocol option in xorg.conf, always setting it to
microsoft instead of wsmouse (or, at least, intellimouse,
which is compatible, instead of microsoft). After reverting
protocol to something more closer to reality, some bugs
disappear, but xev(1) still says there are mouse down and
mouse release events on each move with pressed button.

Even more: when I try to move objects like scrollbars by
dragging using any mouse button, they began to move up, like
mouse wheel tell is being scrolled.

But mouse wheel doesn't work. At all. It worked many days,
and some days ago it sopped working. I thought that was due
to hardware problems (some juice over it) with Logitech
mouse, and I went to buy new mouse... And now I'm stuck.

It's more likely OpenBSD-related problem because all is OK on
a fresh (Mandriva 2008.0) Linux distribution which I pulled in.

Today I'm going to test this mouse on another OpenBSD machine,
which is CURRENT too. If I'll find something more than I'll
post it here, of course.

Thank you for any tips.

-- 
  Best wishes,
Vadim Jukov


OpenBSD 4.2-current (GENERIC) #431: Sun Oct 14 22:00:04 MDT 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: AMD Sempron(tm) Processor 2600+ (AuthenticAMD 686-class, 128KB L2 
cache) 1.61 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3
cpu0: AMD erratum 89 present, BIOS upgrade may be required
real mem  = 1072459776 (1022MB)
avail mem = 1029238784 (981MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 06/28/05, BIOS32 rev. 0 @ 0xf0010, SMBIOS 
rev. 2.3 @ 0xf0530 (55 entries)
bios0: vendor American Megatrends Inc. version 1008.013 date 
06/28/2005
bios0: ASUSTeK Computer Inc. K8V-MX
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf58a0/224 (12 entries)
pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8237 ISA rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xd000 0xcd000/0x2000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 VIA K8M800 Host rev 0x00
pchb1 at pci0 dev 0 function 1 VIA K8M800 Host rev 0x00
pchb2 at pci0 dev 0 function 2 VIA K8M800 Host rev 0x00
pchb3 at pci0 dev 0 function 3 VIA K8M800 Host rev 0x00
pchb4 at pci0 dev 0 function 4 VIA K8M800 Host rev 0x00
pchb5 at pci0 dev 0 function 7 VIA K8M800 Host rev 0x00
ppb0 at pci0 dev 1 function 0 VIA K8HTB AGP rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 ATI Radeon 9600 Pro rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0:

Re: Wireless ImtelliMouse problem

2007-10-16 Thread Vadim Jukov

P QPPP1QP5P=P8P8 PQ Wednesday 17 October 2007 Vadim Jukov
P=P0P?P8QP0P;(a):
 Even more: when I try to move objects like scrollbars by
 dragging using any mouse button, they began to move up, like
 mouse wheel tell is being scrolled.

Sorry, I'm bit asleep now, so said something wrong. Scrollbars works OK
after using xmseconfig(1), but when I, for example, try to select text
in the terminal client, it begins to move selection upper and upper. No
crashes still (yet?).

And xmseconfig(1) says following right after startup (when mouse first
time enters it's window):

Error in Tcl Script

Error: invalid command name tk::ScreenChanged

A copy of stack trace has been saved in the file
/tmp/X.err

If you think this error has not been reported before blah-blah-blah

X differs on each run, of course. Stack trace consists following:

invalid command name tk::ScreenChanged
while executing
tk::ScreenChanged :0.0
(changing screen in event binding)


--
  Best wishes,
Vadim Jukov

Re: Expat in OpenBSD -current

2007-10-16 Thread Sam Fourman Jr.

On 10/16/07, Jacob Meuser [EMAIL PROTECTED] wrote:
 On Tue, Oct 16, 2007 at 06:14:38PM -0700, Scott Vanderbilt wrote:
  Sam Fourman Jr. wrote:
 
  so what is the correct move? Should I have installed xenocara anyway
  even if this computer only needs a console?
  This bit me too. Just install xbase and you'll be fine.

 if you are building ports, you should also install xshare, as it contains
 headers and pkg-config files which may be used by ports.

  how do I install xbase without reformatting and reinstalling the whole OS?
 
 
  This is answered in the very nicely done FAQ:
 
  http://www.openbsd.org/faq/faq4.html#AddFileSet
 

 also, ports questions really belong on the [EMAIL PROTECTED] list.

 --
Thank you all for your help, in the Future I will post ports questions
to the ports@ list, I was confused on where this question should be
placed because now expat is part of the base system(xenocara) so I
thought ports@ or x11@ , I ended up choosing misc@

Sam Fourman Jr.

CVSync web page

2007-10-16 Thread Landry Breuil

hi,

i've just set up a little CVSync mirror, and following cvsync.html, i
stumble on the cvs [checkout aborted]: /cvs/CVSROOT: No such file or
directory issue when trying to checkout from my fresh mirror.

Maybe it is worth saying on the page that cvs repository has to be
init'ed with 'cvs -d /cvs init' before being usable for checkouts...
or maybe i'm wrong somewhere.

Landry

81 matches

Mail list logo