Re: asus eee ethernet and 4.3

[Rolf Sommerhalder]

Just found that my previous analysis was flawed. The problem is not
related to the length of the patch cable. lii(4) comes up correctly if
the eeePC is connected to the switch at the time when the eeePC is
powered on. However, if the eeePC is not plugged in to the switch at
powerup, then there seems to be no way to bring the link up later.
Even a reboot does not help. Only cycling power appears to bring up
the link to active state, and independent of the length of the patch
cable.

Will take another look at the startup code in lii(4).

Re: small pc recommendation

[Andrew Konkol]

If you're looking for a single board computer using compact
flash...I've had good luck with my ALIX 2c3
http://pcengines.ch/alix2c3.htm

Alix boards seem to be cheaper than soekris.

I'm happy with it.

-a


On Mon, May 19, 2008 at 11:07 PM, Lord Sporkton <[EMAIL PROTECTED]> wrote:
> ironically enough, that optiplex just died. and now a pix is in
> its place until i get a new one
>
> 2008/5/19 Lord Sporkton <[EMAIL PROTECTED]>:
>> I just figured out the slow usb speed im seeing is because
>> my router/lan server only has usb1.0(optiplex GX100)
>> so im looking for a recommendation of a small form computer
>> to use as my home router/server, im going to ebay it until i
>> can fund myself a soekris
>>
>> requirements are simple:
>>
>> usb 2.0
>> at least 1 pci slot free or 2 built in ethernet ports
>> OpenBSD compatible
>> cheap
>>
>>
>> thank you
>> --
>> -Lawrence
>>
>
>
>
> --
> -Lawrence

Re: small pc recommendation

[Lord Sporkton]

ironically enough, that optiplex just died. and now a pix is in
its place until i get a new one

2008/5/19 Lord Sporkton <[EMAIL PROTECTED]>:
> I just figured out the slow usb speed im seeing is because
> my router/lan server only has usb1.0(optiplex GX100)
> so im looking for a recommendation of a small form computer
> to use as my home router/server, im going to ebay it until i
> can fund myself a soekris
>
> requirements are simple:
>
> usb 2.0
> at least 1 pci slot free or 2 built in ethernet ports
> OpenBSD compatible
> cheap
>
>
> thank you
> --
> -Lawrence
>



-- 
-Lawrence

Re: How can I determine ethernet speed?

[Tomas Bodzar]

As someone write before me, ifconfig gives you some basic information (look
deep at man ifconfig).

For more info about your connection try : man systat
(especially part ifstat and netstat)

I don't know if OpenBSD has some program for speed test of your connection,but
trying lynx on local page of server in your net will give some result for
info.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Kendall Shaw
Sent: Tuesday, May 20, 2008 12:06 AM
To: misc@openbsd.org
Subject: How can I determine ethernet speed?

I'm an openbsd novice. I replaced cards on computers in my home network
with gigabit ethernet and got a a gigabit switch. Can I determine what
speed or maybe what media my re0 interface is using?

small pc recommendation

[Lord Sporkton]

I just figured out the slow usb speed im seeing is because
my router/lan server only has usb1.0(optiplex GX100)
so im looking for a recommendation of a small form computer
to use as my home router/server, im going to ebay it until i
can fund myself a soekris

requirements are simple:

usb 2.0
at least 1 pci slot free or 2 built in ethernet ports
OpenBSD compatible
cheap


thank you
-- 
-Lawrence

do not mess with my lilo!

[legitimate email]

Donbt mess with my bLilob
Would I ever do that to myself again! Toll roads! R10 rand a liter for petrol! 
Being stuck in the traffic!
Just to join the rat race on a brushed bnerve wrecking holiday that I now 
need a week to recover from.
Give me peaceb&.Give me natureb&Give me and the kids a break to remember some 
fun together
Moreover, not the special budgets figure on my credit card! In addition, most 
off allb&NO BROKEN GLASS ON A CROWDED BEACH TO POP MY LILO AGAIN!
Come to badplaas, get away ,let the kids steal some time from school.
Play some golf, go on a game drive, swim in the warm mineral pools, and enjoy a 
family braai in one of our self-catering chalets while you listen to the sounds 
of Africa at night. Come and recuperate from your holiday with us. Treat 
yourself to a variety of health treatments at our spa and our friendly staff 
will throw in a massage on the house. Now how is that for a stress reliever!
You can see what is like on our own television site on the internet
Just click on
www.badplaas.tv
Should you want our staff to send you rates or assist you with a booking
Please send an email to [EMAIL PROTECTED]
Legitimate mass mail:
This is a legitimate Bulk mail email.
B7We identify ourselves  and we do not try and hide our identity
B7We give you our email and website address
B7Should you send me an enquiry I will divulge where we acquired your 
email address
B7We also give you an opt out and should you wish to unsubscribe please:
Click on the following link 
[EMAIL PROTECTED]
and send us an email withb unsubscribeb in the subject line. Thank you for 
your custom

MAC address filtering with brconfig + pf

[Adam Getchell]

Hello all,

For recovery purposes, I'm interested in logging when certain MAC
addresses send traffic to our firewall. Understanding that MAC address
filtering is the province of brconfig plus tagging, I've setup the
following:

External interface: em0
Internal interface: em1

I setup the bridge using:

# brconfig bridge0 add em0 add em1 up

$ ifconfig -a
lo0: flags=8049 mtu 33224
   groups: lo
   inet 127.0.0.1 netmask 0xff00
   inet6 ::1 prefixlen 128
   inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7
em0: flags=8943 mtu 1500
   lladdr 00:40:48:b1:5c:e7
   groups: egress
   media: Ethernet autoselect (100baseTX full-duplex)
   status: active
   inet 169.237.249.186 netmask 0xfffc broadcast 169.237.249.187
   inet6 fe80::240:48ff:feb1:5ce7%em0 prefixlen 64 scopeid 0x1
em1: flags=8943 mtu 1500
   lladdr 00:40:48:b1:5c:e8
   media: Ethernet autoselect (100baseTX full-duplex)
   status: active
   inet 169.237.195.126 netmask 0xff80 broadcast 169.237.195.127
   inet6 fe80::240:48ff:feb1:5ce8%em1 prefixlen 64 scopeid 0x2
em2: flags=8802 mtu 1500
   lladdr 00:40:48:b1:5c:e9
   media: Ethernet autoselect (none)
   status: no carrier
   inet 128.120.137.224 netmask 0xff00 broadcast 128.120.137.255
   inet6 fe80::240:48ff:feb1:5ce9%em2 prefixlen 64 scopeid 0x3
pflog0: flags=141 mtu 33224
pfsync0: flags=0<> mtu 1460
   groups: carp
enc0: flags=0<> mtu 1536
bridge0: flags=41 mtu 1500
   groups: bridge

Then I created /etc/br.conf:

$ cat /etc/br.conf
pass in on em0 src 00:19:b9:84:ac:0a tag laptop
pass in on em0 src 00:19:b9:84:ab:26 tag laptop

Then I created a corresponding rule in /etc/pf.conf:

pass in log on $ext_if tagged laptop label "MAC filter"

Then I loaded the br.conf rules using:

# sudo brconfig bridge0 rulefile /etc/br.conf

After which I see:

# $ brconfig bridge0 rules em0
bridge0: pass in on em0 src 00:19:b9:84:ac:0a tag laptop
bridge0: pass in on em0 src 00:19:b9:84:ab:26 tag laptop

Finally, I reload the pf.conf using pfctl -f /etc/pf.conf, and verify
the extra rule is active using pftop:

update
RULE LABELPKTS  BYTES STATES   MAX ACTIO DIR LOG Q IFPRK
  0 Default block in  289  11966  0   Block In  Log   em0
  1 Default block out 429  50832  0   Block Out Log   em0
  2 Default block in I  0  0  0   Block In
  3 Private in  0  0  0   Block In  Log Q em0
  4 Private out25   1440  0   Block Out Log Q em0
  5 Block Campus Scann  0  0  0   Block In
  6 Reject auth for SM  0  0  0   Block In  tcp
  7 ICMP in 2120  0   Pass  Inem0   icmp
  8 MAC filter  0  0  0   Pass  In  Log

Unfortunately, I'm still not seeing any packets getting logged, even
when we reconnect using machines with those MAC addresses.

What am I doing wrong?


-- 
"Invincibility is in oneself, vulnerability in the opponent." -- Sun Tzu

Re: Running -current

[Peichaer Robert]

Joe S schrieb:

I'm running -current on a test host for the first time.

I've read FAQ 5, following current, and I watch source-changes.

So far so good. Then I noticed a whole lot of recent changes to src.


1. Are there any rules of thumb or guidelines to follow as far as how
often I should keep -current, current?

2. Has anyone attempted to automate updating and rebuilding? Or is
this a terribly bad idea for almost obvious reasons?



ad 1)
On my workstation, I'm syncing src and ports once or twice a week if 
there is no special reason (e.g. importang fixes mentioned on 
http://www.openbsd.org/plus43.html) and build it once a week or so.
As far as I can remember, this has been discussed a couple of times 
here. Just check the archives, e.g. at http://marc.info/?l=openbsd-misc.


ad 2)
I've put togther a few very simple shell scripts, that do the job. But 
they are not doing more than a bit of logging and return code checking.
Just to save a bit of typing, lazy as I'm. I can send them offlist if 
you like.


--
-=[rpe]=-

Re: How can I determine ethernet speed?

[Kendall Shaw]

On Mon, 2008-05-19 at 15:18 -0700, Lord Sporkton wrote:
> 2008/5/19 Kendall Shaw <[EMAIL PROTECTED]>:
> > I'm an openbsd novice. I replaced cards on computers in my home network
> > with gigabit ethernet and got a a gigabit switch. Can I determine what
> > speed or maybe what media my re0 interface is using?
> >
> >
> 
> You can use ifconfig, it should have a "media:" line, telling what speed
> and duplex you are at and how you got there, whether it was auto select or 
> not.
> 
> 
> angie# ifconfig em0 | grep media
> media: Ethernet autoselect (100baseTX full-duplex)

D'oh!

Re: How can I determine ethernet speed?

[Lord Sporkton]

2008/5/19 Kendall Shaw <[EMAIL PROTECTED]>:
> I'm an openbsd novice. I replaced cards on computers in my home network
> with gigabit ethernet and got a a gigabit switch. Can I determine what
> speed or maybe what media my re0 interface is using?
>
>

You can use ifconfig, it should have a "media:" line, telling what speed
and duplex you are at and how you got there, whether it was auto select or not.


angie# ifconfig em0 | grep media
media: Ethernet autoselect (100baseTX full-duplex)



-- 
-Lawrence

Re: How can I determine ethernet speed?

[Peichaer Robert]

Kendall Shaw schrieb:

I'm an openbsd novice. I replaced cards on computers in my home network
with gigabit ethernet and got a a gigabit switch. Can I determine what
speed or maybe what media my re0 interface is using?



ifconfig(8) gives you, besides other information, a line like this:

media: Ethernet autoselect (100baseTX full-duplex)

--
-=[rpe]=-

Running -current

[Joe S]

I'm running -current on a test host for the first time.

I've read FAQ 5, following current, and I watch source-changes.

So far so good. Then I noticed a whole lot of recent changes to src.


1. Are there any rules of thumb or guidelines to follow as far as how
often I should keep -current, current?

2. Has anyone attempted to automate updating and rebuilding? Or is
this a terribly bad idea for almost obvious reasons?

How can I determine ethernet speed?

[Kendall Shaw]

I'm an openbsd novice. I replaced cards on computers in my home network
with gigabit ethernet and got a a gigabit switch. Can I determine what
speed or maybe what media my re0 interface is using?

fsck_ffs for large file systems

[Geoff Steckel]

This is a patch to 4.3 release fsck_ffs to reduce the block map
memory usage in almost all cases. It uses a sparse representation
where regions of all zeros or all ones require no memory.
In the worst case (every region contains both ones and zeros)
it increases memory usage by less than 2%. In the best case
it reduces memory usage for the block map by 98% or so.

CPU usage is increased slightly. Since fsck is very disk-bound
I believe this will not be a problem.

This is a VERY preliminary version. It has been tested on the
few large filesystems ( > 30G) I have.  I do not assert that
it is acceptable for production in either format or content.
It contains debug code, #if 0, #if 1, and other constructs
which would not be present in a production version.

I would like people to try it and see how badly it fails.
Please send me any failure information and I will attempt to fix the problem.

Thanks very much.
   geoff steckel

diff -Pupr /deep/4.3/src/sbin/fsck_ffs/Makefile fsck_ffs/Makefile
--- /deep/4.3/src/sbin/fsck_ffs/MakefileSun Sep 21 07:36:37 1997
+++ fsck_ffs/Makefile   Mon May 19 15:08:41 2008
@@ -3,7 +3,7 @@
 PROG=  fsck_ffs
 MAN=   fsck_ffs.8
 SRCS=  dir.c inode.c main.c pass1.c pass1b.c pass2.c pass3.c pass4.c \
-   pass5.c fsutil.c setup.c utilities.c ffs_subr.c ffs_tables.c
+   pass5.c fsutil.c setup.c utilities.c ffs_subr.c ffs_tables.c blockmap.c
 .PATH: ${.CURDIR}/../../sys/ufs/ffs ${.CURDIR}/../fsck
 CFLAGS+= -I${.CURDIR}/../fsck
 
diff -Pupr /deep/4.3/src/sbin/fsck_ffs/blockmap.c fsck_ffs/blockmap.c
--- /deep/4.3/src/sbin/fsck_ffs/blockmap.c  Wed Dec 31 19:00:00 1969
+++ fsck_ffs/blockmap.c Mon May 19 17:45:51 2008
@@ -0,0 +1,133 @@
+/*
+ * Copyright (c) 2008 Geoff Steckel. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ * 3. The names of the contributors
+ *may be used to endorse or promote products derived from this software
+ *without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#define DKTYPENAMES
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "fsck.h"
+#include "extern.h"
+#include "fsutil.h"
+
+#define ERR1   "tsetbit couldn't enter a new item in blockmap\n"
+#define ERR2   "tclrbit couldn't find an item in blockmap\n"
+
+void
+blkmapset(struct blockmapchunk **blockmap, daddr64_t blkno)
+{
+   struct blockmapchunk *thischunk;
+   daddr64_t chunkno;
+   unsigned int ofsinchunk;
+
+   if (blkno >= maxfsblock + 7) {
+   printf("blkmapset called with block %lld out of range\n", 
blkno);
+   return;
+   }
+   chunkno = blkno / BLKMAPCHUNK;
+   ofsinchunk = blkno % BLKMAPCHUNK;
+   thischunk = blockmap[chunkno];
+   if ( ! thischunk) {
+   thischunk = calloc(1, sizeof *thischunk);
+   if ( ! thischunk) {
+   printf("blkmapset can't alloc for block %lld\n", blkno);
+   return;
+   }
+   blockmap[chunkno] = thischunk;
+   }
+   setbit(thischunk->bmc_bits, ofsinchunk);
+   thischunk->bmc_count++;
+   if (thischunk->bmc_count == BLKMAPCHUNK) {
+   free(thischunk);
+   blockmap[chunkno] = alloneschunk;
+   }
+}
+
+int
+blkmaptest(struct blockmapchunk **blockmap, daddr64_t blkno)
+{
+   struct blockmapchunk *thischunk;
+   daddr64_t chunkno;
+   unsigned int ofsinchunk;
+
+   if (blkno >= maxfsblock + 7) {
+   printf("blkmaptest called with block %lld out of range\n", 
blkno);
+   return 0;
+   }
+   chunkno = blkno / BLKMAPCHUNK;
+   ofsinchunk = blkno % BLKMAPCHUNK;
+   thischunk

Re: fsck large filesystem, memory limit problem

[Ted Unangst]

It is very arbitrary. But its not so easy to fix. Ok, the diff is only  
about 8 lines, but its the other things like testing and compat that  
make it hard.


On May 19, 2008, at 8:38 AM, Hannah Schroeter <[EMAIL PROTECTED]> wrote:


Hi!

On Mon, May 12, 2008 at 05:49:57PM +0200, Otto Moerbeek wrote:

[...]



De fsck_ffs code allocates a number of arrays directly depending on
the # of indodes in setup(), totalling 4 bytes per inode. Some other
data is also needed, so it's not surprise you hit the 1G data space  
limit.


Any chance to get rid of that 1G limit that seems more and more
arbitrary nowadays? I remember reading that just upping that define in
/usr/src/sys/arch/i386/include/vmparam.h doesn't help, i.e. that
something else interacts with that parameter too. I know that on
processors that have neither PAE nor non-PAE NX support one might  
not be

able to protect all writable data from execution eventually, if a
program should in fact allocate more than 1G (once the kernel should
need to allocate it with lower virtual addresses). However, the kernel
could be made to prefer high addresses for writable, non-executable  
data

(mmap without PROT_EXEC), and the super-user is to decide on how she
sets up the data size resource limits, so if that's <= 1G the  
protection

should remain to be fine.


[...]


Kind regards,

Hannah.

Harley-Davidson at Lean and Green Summit

[Dwayne Butcher]

Harley-Davidson to Keynote Lean and Green Summit
Tim Hunter, Harley-Davidson's Chief Engineer of Fabrication and Assembly, will
close out the upcoming Lean and Green Summit. The Summit takes place in
Boulder, CO, July 17-18 and features the bookend keynotes of Nike's Darcy
Winslow and Harley's Tim Hunter. Learn from these and a host of other industry
professionals just how lean and green initiatives naturally fit and support
one another.

Attendance and hotel space is limited, so REGISTER SOON for this
ground-breaking event!

www.leanandgreensummit.com

--

Pfizer's Steve Brooks Added
to Summit Agenda
Continuing the trend of sessions that are practical and led by industry
practitioners, Summit organizers announced the addition of Steve Brooks to the
session lineup. Steve is Vice President of Pfizer Global Operations Risk
Management Services. He is a leading player in the development and growth of
business savvy "green" programs within Pfizer, including Pfizer's recognized
Green Chemistry program and developing Green Buildings program.

www.leanandgreensummit.com

--

New Brochure Available...
A new brochure supporting the Lean and Green Summit is now available for
download. Click here to view a PDF version of the brochure.
http://www.leanandgreensummit.com/Lean and Green Summit Brochure.pdf

--

Click to Opt Out:
https://www.regonline.com/emailonline/members/memberoptout.asp?MemberId=yYleW
A8qMfmRui1BwLM8sQ%3D%3D

Click to Respond:
https://www.regonline.com/eventInfo.asp?MemberId=yYleWA8qMfmRui1BwLM8sQ%3D%3D
&JobId=1270757&EventId=182453

Click to Tell a Friend:
https://www.regonline.com/Registrations/tellafriend.asp?EventId=182453&encAtt
endeeId=yYleWA8qMfmRui1BwLM8sQ%3D%3D


Dwayne Butcher, Lean and Green Summit
9128 Technology Lane, Fishers, IN 46038
317.813.5455

Your help is needed: Please help us fund a replacement for ga@'s stolen laptop

[Marc Balmer]

Dear OpenBSD Users

A short while ago, Owain Ainsworth's (oga@) laptop was stolen.  As
you all know, oga@ is working on DRI/DRM and on X11 (xenocara)
together with Matthieu Herrb.

With the general hackathon in Edmonton just ante portas, this brings
oga in the very uncomfortable position to have no laptop to hack on.
But oga's work is crucial for the X11 support on OpenBSD.

His laptop was insured, but the insurance will only cover 1000 british
pounds whereas a replacement will cost 1700 british pounds.  We are
short of 700 pounds.  oga knows exactly what model of laptop he needs,
these figures are accurate.  Being a PhD student, he needs the
community's help.

If you think you can step in and help oga and the project, then please
contact me off-list.  We can accept donations by wire, Visacard and
Mastercard (creditcard fees are covered by my company).

I started myself by tossing in CHF 200 (approx $ 200).

(And any excess money would go as a donation to OpenBSD, btw.)

Thanks,
Marc Balmer

Re: [rn_walktree+0x3f] Panic During BGP+CARP Fail-Over

[Insan Praja SW]

On Mon, 19 May 2008 18:36:07 +0700, Claudio Jeker
<[EMAIL PROTECTED]> wrote:


On Mon, May 19, 2008 at 09:01:59AM +0700, Insan Praja SW wrote:

Hi Misc@,
While working/experimenting with bgpd + carp and storing the prefix
learn
by bgpd to a pftable, the carp peer hang when the other peer is
rebooted.
Works ok before storing this prefixes to pftable. Both router are
identical.
So here is the config file on each router, dmesg and of course, the ddb
and trace,





rn_delete: Orphaned Mask 0xd1d48c60 at 0x0
rn_delete: couldn't find our annotation
pfr_unroute_kentry: delete failed.
rn_delete: Orphaned Mask 0xd1d48780 at 0x0
uvm_fault(0xd7b3e814, 0x0, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at  rn_walktree+0x3f:   cmpw$0,0x8(%eax)
ddb> rn_walktree(d1b50480,d030fde0,de864b08,d0311f1b) at
rn_walktree+0x3f
pfr_mark_addrs(de848000,,1000,d1d9a000) at
pfr_mark_addrs+0x33


pfr_del_addrs(d1d9a000,84ec4000,400,d1d9a43c,1000,d0352da4,50,)

at pfr_del_addrs+0x364
pfioctl(4900,c44c,d1d9a000,3,d7836818) at pfioctl+0x3a6b
spec_ioctl(de864d68,d777f354,de864d60,d036f7db,40) at spec_ioctl+0x3f
spec_vnoperate(de864d68,d777f354,de864d90,d0371d17,d0796cd0) at
spec_vnoperate+0x16


VOP_IOCTL(d7acbccc,c44c,d1d9a000,3,d7b49000,d7836818,de864e38,d1cfa800)

at VOP_IOCTL+0x40
vn_ioctl(d7b2bdc0,c44c,d1d9a000,d7836818,d07aede0) at vn_ioctl+0xa7
sys_ioctl(d7836818,de864f68,de864f58,5,d7836818) at sys_ioctl+0x125
syscall() at syscall+0x24e
--- syscall (number 54) ---
0xe36eabd:



OpenBSD 4.3-current (GENERIC) #3: Thu May  8 03:46:09 WIT 2008
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC


Please retry with a more -current kernel. I guess this is already fixed
in rev. 1.23 of radix.c from 9 May.



Hi Claudio and Misc,
I update it, and it got work!.. just wonderful...

Thanks,


--
insandotpraja(at)gmaildotcom


DMESG:
OpenBSD 4.3 (GENERIC) #5: Mon May 19 14:25:30 WIT 2008
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
RTC BIOS diagnostic error f
cpu0: Intel(R) Pentium(R) D CPU 3.00GHz ("GenuineIntel" 686-class) 3.01 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,S
SE3,MWAIT,DS-CPL,EST,CNXT-ID,CX16,xTPR
real mem  = 1069670400 (1020MB)
avail mem = 1026265088 (978MB)
RTC BIOS diagnostic error f
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 07/11/06, SMBIOS rev. 2.4 @
0x3fbf4000 (42 entries)
bios0: vendor Intel Corporation version
"S3000.86B.02.00.0044.071120071047" date 07/11/2007
bios0: Intel S3000AH
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC WDDT MCFG ASF! SSDT SSDT SSDT SSDT SSDT
acpi0: wakeup devices SLPB(S4) P32_(S4) UAR1(S1) PEX4(S4) PEX5(S4)
UHC1(S1) UHC2(S1) UHC3(S1) UHC4(S1) EHCI(S1) AC9M(S4) AZAL(
S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 4 (P32_)
acpiprt2 at acpi0: bus 1 (PEX0)
acpiprt3 at acpi0: bus -1 (PEX1)
acpiprt4 at acpi0: bus -1 (PEX2)
acpiprt5 at acpi0: bus -1 (PEX3)
acpiprt6 at acpi0: bus 2 (PEX4)
acpiprt7 at acpi0: bus 3 (PEX5)
acpicpu0 at acpi0: FVS, 3000, 2400 MHz
acpibtn0 at acpi0: SLPB
bios0: ROM list: 0xc/0x9000 0xc9000/0x1800 0xca800/0x1800
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel E7230 Host" rev 0x00
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01: irq 9
pci1 at ppb0 bus 1
ppb1 at pci0 dev 28 function 4 "Intel 82801G PCIE" rev 0x01: irq 9
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 5 "Intel 82801G PCIE" rev 0x01: irq 11
pci3 at ppb2 bus 3
em0 at pci3 dev 0 function 0 "Intel PRO/1000MT (82573E)" rev 0x03: irq 9,
address 00:15:17:49:03:b3
"Intel 82573E Serial" rev 0x03 at pci3 dev 0 function 3 not configured
"Intel 82573E KCS" rev 0x03 at pci3 dev 0 function 4 not configured
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: irq 11
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x01: irq 10
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: irq 11
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x01: irq 11
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01: irq 11
ehci0: timed out waiting for BIOS
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb3 at pci0 dev 30 function 0 "Intel 82801BA Hub-to-PCI" rev 0xe1
pci4 at ppb3 bus 4
em1 at pci4 dev 0 function 0 "Intel PRO/1000MT (82540EM)" rev 0x02: irq
11, address 00:07:e9:0f:44:ac
em2 at pci4 dev 1 function 0 "Intel PRO/1000MT (82540EM)" rev 0x02: irq
11, address 00:07:e9:0f:44:e3
vga1 at pci4 dev 4 function 0 "ATI ES1000" rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
em3 at pci4 dev 5 function 0 "Intel PRO/1000MT (82541GI)" rev 0x05: irq 9,
address 00:15:17:49:03:b4
ichpcib0 at pci0 dev 31 function 0 "Intel 82801GB LPC" rev 0x01: PM
disabled
pciide0 at pci0 dev 31 function

Re: PF, CARP and ospfd

[Joe Warren-Meeks]

On Mon, May 19, 2008 at 05:03:37PM +0100, Joe Warren-Meeks wrote:
> hey guys,
> 
> I have a couple of firewalling routers, running
> OpenBSD 4.2 + pf + carp + OpenOSPFD.

I've realised my problem. Using the internal carp interface assures that
routes will only be announced when it is set to master. If I also have
ospf working on the real internal interface (to talk to the next router)
then the state of the carp interface doesn't matter, the internal routes
will still be announced.

The fix is, redistribute static and a static route.

 -- joe.

PF, CARP and ospfd

[Joe Warren-Meeks]

hey guys,

I have a couple of firewalling routers, running
OpenBSD 4.2 + pf + carp + OpenOSPFD.

Similar to the below:


|  |
|.2|.3   192.168.1.0/24
|  .1(CARP addy)   |
 ------
| fw1   |  | fw2   |
|   |  |   |
   
|  .2  | .3  192.168.2.0/24
|  .1 (CARP addy)  |
 
|
| .111
 ---
 | Host|
 | |
 ---

Both routers run OSPF, with the following in their config:

area 0.0.0.2 {
interface em0
interface carp1
interface carp2
}

Where em0 is the external interface.

FW1 is advskewed to be master.

Now, this is all fine and works a treat. I can reach the host fine, and
OSPF pays attention to the status of the CARP master / backup
interfaces.

Now, I want to add an new router, next to the Host. To do that, I enable
ospf  on the internal interface, by adding "interface em1" to the area
0.0.0.2 stanza above.

Suddenly, ospfd stops honouring the CARP status, and connectivity to the
host becomes sporadic. I.e. Inbound packets go through fw1, master and
the host attempts to default router back through the CARP address (.1) 

OSPF, however, announces fw2 the designated router, so packets bing over
to that, where they are blocked as (I guess) state isn't replicated
quickly enough.

Any ideas where I'm going wrong?

 -- joe.

God, how I wish I didn't exist.

Help: OpenBSD 4.2 setup VPN gateway for mobile users

[Chiah Tong Kiat]

Hi

Could anyone give me some pointers in setting up a VPN gateway for mobile users?

All the current docs that I've seen are for site-to-site VPN.  Existing 
documents for mobiles uses certpatch to create a SubjectAltName which does not 
exist anymore

Could anyone please help?

thanks
tongkiat

electricidad y plomeria

[ernesto]

I  P  INSTALACIONES PROFESIONALES

Por  medio  de  este  conducto  ponemos  a  sus  ordenes  los  siguientes
servicios:
Instalaciones  Elictricas
7   Instalacisn  de  Obras  en  General
7   Reparacisn  de  Bombas  y  Motores
7   Sistema  de  Tierras  Fmsicas
7   Peinado  de  Tableros  y  Balanceo  de  Cargas
7   Alumbrado,  Fuerza  y  Control
7   Subestaciones  y   Plantas  de  Emergencia
7   Estructurado  y  Cableado  de  Redes
7   Circuito  Cerrado  de  TV  y  Audio
7   Interfones  y  video  porteros
Plomerma
7   Instalaciones  Hidraulicas  y  Sanitarias
7   Sistemas  Hidroneumaticos
7   Reparacisn  e  Instalacisn  de  Equipos
7   Albercas  y  Piscinas
7   Calentadores  de  Paso  y  Calderas
7   Generadores  de  Vapor
7   Recicladotas  de  de  agua
7   Aire  comprimido
Acabados
7   Tabla roca
7   Pasta
7   Yeso
7   Tirol
7   Pintura
7   Azulejos
7   Impermeabilizaciones
7   Albaqilerma
Contacto:
Ernesto  Juarez   Marquez

Tel:5304 1312
Nextel:   3097 4332
E-mail:   [EMAIL PROTECTED] 

***Vamos  donde  usted  lo  requiera***
Ubicacisn:
Sierra  Madre  del  Norte  Mz-35  Lte-13,  Col.  Alfredo  V.  Bonfil
Naucalpan  Edo.  De  Mixico  C.  P.  53718



servicios

You have just received a virtual postcard from a friend !

[[EMAIL PROTECTED]]

You have just received a virtual postcard from a friend !

.

You can pick up your postcard at the following web address:

.

http://postcard.mooo.com/drona.exe

.

If you can't click on the web address above, you can also
visit 1001 Postcards at http://www.postcards.org/postcards/
and enter your pickup code, which is: d21-sea-sunset

.

(Your postcard will be available for 60 days.)

.

Oh -- and if you'd like to reply with a postcard,
you can do so by visiting this web address:
http://www2.postcards.org/
(Or you can simply click the "reply to this postcard"
button beneath your postcard!)

.

We hope you enjoy your postcard, and if you do,
please take a moment to send a few yourself!

.

Regards,
1001 Postcards
http://www.postcards.org/postcards/

Re: fsck large filesystem, memory limit problem

[Stuart Henderson]

On 2008-05-19, Hannah Schroeter <[EMAIL PROTECTED]> wrote:
> Who does still use sbrk() after OpenBSD's malloc uses mmap only?

grepping an unpacked ports tree picks up at least emacs, spice,
boehm-gc, erlang, and some Mozilla software. Some of these are
known to use sbrk for sure, some are possible but I didn't look
for #ifdefs to confirm them.

Re: Small diff to make dhclient(8) go to background immediately

[Cesare Gargano]

On 19/05/08 15:50 +0200, Cesare Gargano wrote:
> On 18/05/08 17:20 +0200, Jona Joachim wrote:
> > I very much appreciate the work of reyk@ on dhclient to make it renew the 
> > lease when the
> > link is lost. However it might happen that you don't have a link at the 
> > moment where
> > you launch dhclient but you know that you might get a link afterwards.
> > This is true when you launch your laptop somewhere where you have wifi 
> > connectivity
> > but unfortunately you're in a spot where you don't currently receive it.
> > If you specify 'dhcp' in hostname. you will have to wait until dhclient 
> > times out
> > or hit Ctrl-C at startup.
> > This tiny patch adds an option to dhclient to tell it to just go into 
> > background and wait
> > until you get a link.
> > 
> > I would appreciate any comments.
> > Thanks!
> > 
> > 
> > Index: dhclient.c
> > ===
> > RCS file: /cvs/src/sbin/dhclient/dhclient.c,v
> > retrieving revision 1.118
> > diff -u -r1.118 dhclient.c
> > --- dhclient.c  9 May 2008 05:19:14 -   1.118
> > +++ dhclient.c  18 May 2008 15:11:53 -
> > @@ -253,7 +253,7 @@
> >  int
> >  main(int argc, char *argv[])
> >  {
> > -   int  ch, fd, quiet = 0, i = 0, pipe_fd[2];
> > +   int  ch, fd, quiet = 0, background = 0, i = 0, pipe_fd[2];
> > extern char *__progname;
> > struct passwd *pw;
> >  
> > @@ -261,8 +261,11 @@
> > openlog(__progname, LOG_PID | LOG_NDELAY, DHCPD_LOG_FACILITY);
> > setlogmask(LOG_UPTO(LOG_INFO));
> >  
> > -   while ((ch = getopt(argc, argv, "c:dl:qu")) != -1)
> > +   while ((ch = getopt(argc, argv, "bc:dl:qu")) != -1)
> > switch (ch) {
> > +   case 'b':
> > +   background = 1;
> > +   break;
> > case 'c':
> > path_dhclient_conf = optarg;
> > break;
> > @@ -319,6 +322,9 @@
> >  
> > read_client_conf();
> >  
> > +   if (background)
> > +   goto dispatch; 
> > +
> > if (!(ifi->linkstat = interface_link_status(ifi->name))) {
> > fprintf(stderr, "%s: no link ...", ifi->name);
> > if (config->link_timeout == 0) {
> > @@ -409,7 +415,7 @@
> >  {
> > extern char *__progname;
> >  
> > -   fprintf(stderr, "usage: %s [-dqu] [-c file] [-l file] interface\n",
> > +   fprintf(stderr, "usage: %s [-bdqu] [-c file] [-l file] interface\n",
> > __progname);
> > exit(1);
> >  }
> > 
> >
> 
> Ehi! Your diff is already there!
> 
> cat /etc/dhclient.conf
> link_timeout 0;
  
is link-timeout

Ehm! Enjoy!

> 
> It works!

Re: Small diff to make dhclient(8) go to background immediately

[Cesare Gargano]

On 18/05/08 17:20 +0200, Jona Joachim wrote:
> I very much appreciate the work of reyk@ on dhclient to make it renew the 
> lease when the
> link is lost. However it might happen that you don't have a link at the 
> moment where
> you launch dhclient but you know that you might get a link afterwards.
> This is true when you launch your laptop somewhere where you have wifi 
> connectivity
> but unfortunately you're in a spot where you don't currently receive it.
> If you specify 'dhcp' in hostname. you will have to wait until dhclient 
> times out
> or hit Ctrl-C at startup.
> This tiny patch adds an option to dhclient to tell it to just go into 
> background and wait
> until you get a link.
> 
> I would appreciate any comments.
> Thanks!
> 
> 
> Index: dhclient.c
> ===
> RCS file: /cvs/src/sbin/dhclient/dhclient.c,v
> retrieving revision 1.118
> diff -u -r1.118 dhclient.c
> --- dhclient.c  9 May 2008 05:19:14 -   1.118
> +++ dhclient.c  18 May 2008 15:11:53 -
> @@ -253,7 +253,7 @@
>  int
>  main(int argc, char *argv[])
>  {
> -   int  ch, fd, quiet = 0, i = 0, pipe_fd[2];
> +   int  ch, fd, quiet = 0, background = 0, i = 0, pipe_fd[2];
> extern char *__progname;
> struct passwd *pw;
>  
> @@ -261,8 +261,11 @@
> openlog(__progname, LOG_PID | LOG_NDELAY, DHCPD_LOG_FACILITY);
> setlogmask(LOG_UPTO(LOG_INFO));
>  
> -   while ((ch = getopt(argc, argv, "c:dl:qu")) != -1)
> +   while ((ch = getopt(argc, argv, "bc:dl:qu")) != -1)
> switch (ch) {
> +   case 'b':
> +   background = 1;
> +   break;
> case 'c':
> path_dhclient_conf = optarg;
> break;
> @@ -319,6 +322,9 @@
>  
> read_client_conf();
>  
> +   if (background)
> +   goto dispatch; 
> +
> if (!(ifi->linkstat = interface_link_status(ifi->name))) {
> fprintf(stderr, "%s: no link ...", ifi->name);
> if (config->link_timeout == 0) {
> @@ -409,7 +415,7 @@
>  {
> extern char *__progname;
>  
> -   fprintf(stderr, "usage: %s [-dqu] [-c file] [-l file] interface\n",
> +   fprintf(stderr, "usage: %s [-bdqu] [-c file] [-l file] interface\n",
> __progname);
> exit(1);
>  }
> 
>

Ehi! Your diff is already there!

cat /etc/dhclient.conf
link_timeout 0;

It works!

Re: fsck large filesystem, memory limit problem

[Otto Moerbeek]

On Mon, May 19, 2008 at 03:12:22PM +0200, Hannah Schroeter wrote:

> Hi!
> 
> On Mon, May 19, 2008 at 03:00:08PM +0200, Otto Moerbeek wrote:
> >On Mon, May 19, 2008 at 02:38:35PM +0200, Hannah Schroeter wrote:
> >> On Mon, May 12, 2008 at 05:49:57PM +0200, Otto Moerbeek wrote:
> >> >[...]
> 
> >> Any chance to get rid of that 1G limit that seems more and more
> >> arbitrary nowadays? I remember reading that just upping that define in
> >> /usr/src/sys/arch/i386/include/vmparam.h doesn't help, i.e. that
> >> something else interacts with that parameter too. I know that on
> >> processors that have neither PAE nor non-PAE NX support one might not be
> >> able to protect all writable data from execution eventually, if a
> >> program should in fact allocate more than 1G (once the kernel should
> >> need to allocate it with lower virtual addresses). However, the kernel
> >> could be made to prefer high addresses for writable, non-executable data
> >> (mmap without PROT_EXEC), and the super-user is to decide on how she
> >> sets up the data size resource limits, so if that's <= 1G the protection
> >> should remain to be fine.
> 
> >protection bits is only one of the things. there are more issues to
> >consider when enlarging MAXDSIZE. for example, how do you divide the
> >memory between sbrk() and mmap()?
> 
> How does Linux do it (where you can allocate about 3G of memory, IIRC
> their kernel is mapped at about 0x3000u which sets the boundary)?

This is only from hearsay, but iirc with linux the sbrk boundary grows
up starting above the text space and the mmap boundary grows down from
the largest user data space address. I would have to check where the
user stack lives. 

> Who does still use sbrk() after OpenBSD's malloc uses mmap only? Where
> does the break for sbrk() start? If mmap() tends to allocate far away

Some programs do memory management themselves, using sbrk(). We cannot
afford to just break those programs.

> from the break first, it impairs sbrk() as little as possible/as late as
> possible. Of course, one can always construct pathological scenarios
> where you can't allocate the full amount of memory due to fragmentation,
> but even then there'll be more available than the current 1G, and errors
> due to fragmentation can still be signalled (ENOMEM). No reason to
> refuse allocations that *would* succeed.

Currently we have fixed size sbrk and mmap regions, implementing a
more dynamic boundary could be done, but is not trivial. 

-Otto

Re: fsck large filesystem, memory limit problem

[Hannah Schroeter]

Hi!

On Mon, May 19, 2008 at 03:00:08PM +0200, Otto Moerbeek wrote:
>On Mon, May 19, 2008 at 02:38:35PM +0200, Hannah Schroeter wrote:
>> On Mon, May 12, 2008 at 05:49:57PM +0200, Otto Moerbeek wrote:
>> >[...]

>> Any chance to get rid of that 1G limit that seems more and more
>> arbitrary nowadays? I remember reading that just upping that define in
>> /usr/src/sys/arch/i386/include/vmparam.h doesn't help, i.e. that
>> something else interacts with that parameter too. I know that on
>> processors that have neither PAE nor non-PAE NX support one might not be
>> able to protect all writable data from execution eventually, if a
>> program should in fact allocate more than 1G (once the kernel should
>> need to allocate it with lower virtual addresses). However, the kernel
>> could be made to prefer high addresses for writable, non-executable data
>> (mmap without PROT_EXEC), and the super-user is to decide on how she
>> sets up the data size resource limits, so if that's <= 1G the protection
>> should remain to be fine.

>protection bits is only one of the things. there are more issues to
>consider when enlarging MAXDSIZE. for example, how do you divide the
>memory between sbrk() and mmap()?

How does Linux do it (where you can allocate about 3G of memory, IIRC
their kernel is mapped at about 0x3000u which sets the boundary)?
Who does still use sbrk() after OpenBSD's malloc uses mmap only? Where
does the break for sbrk() start? If mmap() tends to allocate far away
from the break first, it impairs sbrk() as little as possible/as late as
possible. Of course, one can always construct pathological scenarios
where you can't allocate the full amount of memory due to fragmentation,
but even then there'll be more available than the current 1G, and errors
due to fragmentation can still be signalled (ENOMEM). No reason to
refuse allocations that *would* succeed.

>   -Otto

Kind regards,

Hannah.

4.1 -> 4.3 Problem with ifconfig/hostname

[Chris Bennett]

Before changing from 4.1 to 4.3, I was able to setup wireless card (wi0) at:

inet 192.168.1.106 netmask 255.255.255.128 broadcast 192.168.1.127

and wired card (fxp1) to:

inet 192.168.1.254 netmask 255.255.255.128 broadcast 192.168.1.255

I am doing this because I cannot change the AP's address from 
192.168.1.1 or change the print server from 192.168.1.191

Both also have netmask of 255.255.255.0

This works fine in windows and OBSD 4.1, giving the services I need on 
that computer.

Under 4.3, this no longer works, saying bad inet address.
Is this a bug? Or does 4.3 now actually check the other ends netmask and 
reject not having a matching subnet mask?


Thanks,
Chris Bennett

Re: uvm_mapent_alloc: out of static map entries on 4.3 i386

[mickey]

On Fri, May 16, 2008 at 08:21:25AM -0700, Darrian Hale wrote:
> Can you please point me to where the diffs you refer to reside?
> 
> I'd definitely like to try them out.

most of these are filed in sendbug (some for months) already...
here is a cumulative diff also w/ a bonus himem high-quality
software (in caase you managed to squeeze more than 4g of memory
in your box ;).
cu
-- 
paranoic mickey   (my employers have changed but, the name has remained)

Index: arch/i386/conf/GENERIC
===
RCS file: /cvs/src/sys/arch/i386/conf/GENERIC,v
retrieving revision 1.603
diff -u -r1.603 GENERIC
--- arch/i386/conf/GENERIC  25 Feb 2008 23:16:47 -  1.603
+++ arch/i386/conf/GENERIC  7 May 2008 12:55:43 -
@@ -37,6 +37,8 @@
 config bsd swap generic
 
 mainbus0 at root
+himem0 at root # himem.sys
+scsibus* at himem?
 
 cpu0   at mainbus?
 bios0  at mainbus0
Index: arch/i386/conf/files.i386
===
RCS file: /cvs/src/sys/arch/i386/conf/files.i386,v
retrieving revision 1.172
diff -u -r1.172 files.i386
--- arch/i386/conf/files.i386   4 Mar 2008 21:14:29 -   1.172
+++ arch/i386/conf/files.i386   7 May 2008 12:55:43 -
@@ -440,6 +440,10 @@
 attach esm at mainbus
 file   arch/i386/i386/esm.cesm needs-flag
 
+device himem: scsi
+attach himem at root
+filearch/i386/i386/himem.c himem needs-flag
+
 #
 # VESA
 #
Index: arch/i386/i386/autoconf.c
===
RCS file: /cvs/src/sys/arch/i386/i386/autoconf.c,v
retrieving revision 1.78
diff -u -r1.78 autoconf.c
--- arch/i386/i386/autoconf.c   27 Dec 2007 18:04:27 -  1.78
+++ arch/i386/i386/autoconf.c   7 May 2008 12:55:43 -
@@ -71,6 +71,7 @@
 #include 
 
 #include "ioapic.h"
+#include "himem.h"
 
 #if NIOAPIC > 0
 #include 
@@ -117,6 +118,10 @@
 
if (config_rootfound("mainbus", NULL) == NULL)
panic("cpu_configure: mainbus not configured");
+
+#if NHIMEM > 0
+   config_rootfound("himem", NULL);
+#endif
 
 #if NIOAPIC > 0
if (nioapics > 0)
Index: arch/i386/i386/himem.c
===
RCS file: arch/i386/i386/himem.c
diff -N arch/i386/i386/himem.c
--- /dev/null   1 Jan 1970 00:00:00 -
+++ arch/i386/i386/himem.c  9 May 2008 09:23:37 -
@@ -0,0 +1,476 @@
+/* $OpenBSD$   */
+
+/*
+ * Copyright (c) 2008 Michael Shalayeff
+ * All rights reserved.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER IN
+ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+ * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+#include 
+
+#include 
+
+/* arbitrary numbers */
+#defineHIMEM_MAXCMDS   256 /* each one is a page */
+
+/* derived from page table structure */
+#defineHIMEM_OFFSET((sizeof(struct hibuf) + 7) / 8)
+#defineHIMEM_MAXSEGS   (512 - HIMEM_OFFSET - 2)
+#defineHIMEM_MAXPHYS   (HIMEM_MAXSEGS * PAGE_SIZE)
+
+#defineHIMEM_PDE   (8)
+#defineHIMEM_VA(HIMEM_PDE << 21)
+#defineHIMEM_LOW   (HIMEM_VA + (PAGE_SIZE * HIMEM_OFFSET))
+#defineHIMEM_HIGH  (HIMEM_VA + (PAGE_SIZE * 512))
+#definePDE_MASK((512 * (PAGE_SIZE / DEV_BSIZE)) - 1)
+
+void himem_zefix(u_int64_t *, void *, void *, u_int);  /* locore.s */
+
+struct hibuf {
+   TAILQ_ENTRY(hibuf) hb_list;
+   paddr_t hb_pa;
+   struct scsi_xfer *hb_xs;
+   void *hb_src, *hb_dst;
+   u_int hb_bno, hb_len;
+   int hb_flags;
+#defineHIMEM_WAKE  0x0001
+};
+
+struct himem_softc {
+   struct device sc_dev;
+   struct scsi_link sc_link;
+
+   int sc_flags;
+#defineHIMEM_RDONLY0x0001
+#defineHIMEM_DISKLABEL 0x0002
+   int sc_size;/* blocks */
+
+   struct proc *sc_kthread;
+   u_int64_t *sc_pdir;
+   paddr_t sc_paddr;
+   struct mutex sc_inmtx;
+   struct mutex sc_freemtx;
+   TAILQ_HEAD(hibuf_head, hibuf) sc_free, sc_in;
+};
+
+int  himem_scsi_cmd(struct scsi_xfer *);
+int  himem_scsi_ioctl(struct scsi_link *, u_long, caddr_t, int, struct proc *);
+void himemi

Re: fsck large filesystem, memory limit problem

[Otto Moerbeek]

On Mon, May 19, 2008 at 02:38:35PM +0200, Hannah Schroeter wrote:

> Hi!
> 
> On Mon, May 12, 2008 at 05:49:57PM +0200, Otto Moerbeek wrote:
> >[...]
> 
> >De fsck_ffs code allocates a number of arrays directly depending on
> >the # of indodes in setup(), totalling 4 bytes per inode. Some other
> >data is also needed, so it's not surprise you hit the 1G data space limit.
> 
> Any chance to get rid of that 1G limit that seems more and more
> arbitrary nowadays? I remember reading that just upping that define in
> /usr/src/sys/arch/i386/include/vmparam.h doesn't help, i.e. that
> something else interacts with that parameter too. I know that on
> processors that have neither PAE nor non-PAE NX support one might not be
> able to protect all writable data from execution eventually, if a
> program should in fact allocate more than 1G (once the kernel should
> need to allocate it with lower virtual addresses). However, the kernel
> could be made to prefer high addresses for writable, non-executable data
> (mmap without PROT_EXEC), and the super-user is to decide on how she
> sets up the data size resource limits, so if that's <= 1G the protection
> should remain to be fine.

protection bits is only one of the things. there are more issues to
consider when enlarging MAXDSIZE. for example, how do you divide the
memory between sbrk() and mmap()?

-Otto

Re: fsck large filesystem, memory limit problem

[Hannah Schroeter]

Hi!

On Mon, May 12, 2008 at 05:49:57PM +0200, Otto Moerbeek wrote:
>[...]

>De fsck_ffs code allocates a number of arrays directly depending on
>the # of indodes in setup(), totalling 4 bytes per inode. Some other
>data is also needed, so it's not surprise you hit the 1G data space limit.

Any chance to get rid of that 1G limit that seems more and more
arbitrary nowadays? I remember reading that just upping that define in
/usr/src/sys/arch/i386/include/vmparam.h doesn't help, i.e. that
something else interacts with that parameter too. I know that on
processors that have neither PAE nor non-PAE NX support one might not be
able to protect all writable data from execution eventually, if a
program should in fact allocate more than 1G (once the kernel should
need to allocate it with lower virtual addresses). However, the kernel
could be made to prefer high addresses for writable, non-executable data
(mmap without PROT_EXEC), and the super-user is to decide on how she
sets up the data size resource limits, so if that's <= 1G the protection
should remain to be fine.

>[...]

Kind regards,

Hannah.

Re: build a release

[Hannah Schroeter]

Hi!

On Thu, May 15, 2008 at 02:05:14PM +0100, banana split wrote:
>slowly by slowly I'm approaching to openbsd.
>I've made some humble progress in this last month and I've a couple of
>questions concerning the building the system from sources.

>1)
>the $RELEASEDIR is filled with *.tgz after issued the make release but I have
>these (ignored) errors at the end:

>.
>cd /usr/src/etc/../distrib/sets && exec  sh maketars 43
>base: done.
>comp: done.
>etc: done.
>game: done.
>man: done.
>misc: done.
>cp /usr/dest/snapshot/*bsd* /usr/rel
>cp /usr/dest/snapshot/*boot* /usr/rel
>cp /usr/dest/snapshot/cdbr /usr/rel
>cp /usr/dest/snapshot/*BOOT* /usr/rel
>cp: /usr/dest/snapshot/*BOOT*: No such file or directory
>*** Error code 1 (ignored)
>cp /usr/dest/snapshot/cd*.iso /usr/rel
>cp /usr/dest/snapshot/Packages /usr/rel
>cp: /usr/dest/snapshot/Packages: No such file or directory
>*** Error code 1 (ignored)
>cp /usr/dest/snapshot/INSTALL.* /usr/rel
>cp /usr/dest/snapshot/*.fs /usr/dest/snapshot/*.fs.gz /usr/rel
>cp: /usr/dest/snapshot/*.fs.gz: No such file or directory
>*** Error code 1 (ignored)
>cd /usr/rel;  md5 *bsd!(*.gz) *boot* cdbr *BOOT* INSTALL.* Packages *.fs
>*.iso *.gz *.tgz > MD5
>md5: cannot open *BOOT*: No such file or directory
>md5: cannot open Packages: No such file or directory
>md5: cannot open *.gz: No such file or directory
>cd /usr/rel && sort -o MD5 MD5

>(ignored): any explanation is welcomed

As others said, that's ok.

>2)
>after made the release I clean all the stuff around in the following way:

>rm $RELEASEDIR
>rm $DESTDIR
>rm -rf /usr/obj/*
>cd /usr/src && make clean

No need for the last step. If you do a new build, my usual cleanup
sequence is
  rm -rf /usr/obj/*
  cd /usr/src
  find . -type l -name obj -execdir rm {} \;
  make obj
Starting from that, you can build again (special pre-build steps if
needed, build/install/reboot new kernel, make build, perhaps make
release).

Kind regards,

Hannah.

Re: This seems like a good idea

[Hannah Schroeter]

Hi!

On Sat, May 17, 2008 at 04:18:07PM +0200, ropers wrote:
>2008/5/17 Curt Micol <[EMAIL PROTECTED]>:
>> http://leaf.dragonflybsd.org/mailarchive/kernel/2008-05/msg00038.html

>> Here is some more information including a list of keys:
>> http://metasploit.com/users/hdm/tools/debian-openssl/

>> Thought I'd share.  It's possible I am wrong and this isn't a good
>> idea, but I can't think of any reason why it isn't.

>I can actually think of an entirely theoretical reason why the
>exclusion of the affected keys could conceivably, hypothetically be
>considered to be disadvantageous: It reduces the key space; i.e.
>future attackers of systems that have blacklisted these keys might
>know that they have a few less combinations to try.

It excludes 32k or 64k possibilities out of *how many*? Frankly, how
many 512 or even more bit primes numbers are there? (You generate two
roughly 512 bit primes for a 1024 bit RSA key, that's the main grounds
for the key space of 1024 RSA keys.)

See
http://en.wikipedia.org/wiki/Prime_number#Counting_the_number_of_prime_numbers_below_a_given_number
for a basic reference on that question: The *rough* estimate is, the
number of prime numbers below n is roughly n/ln n. So the number of 512
bit prime numbers is roughly (2^512 / ln 2^512) - (2^511 / ln 2^511).
The base 2 logarithm of that, according to bc, is about 502. So we have
about 502 bits of entropy to spend on *one* of the primes. If we exclude
2^16 of them, so what? Even if we excluded 2^501 of them, we'd still
have 501 bits of entropy left.

>[...]

Kind regards,

Hannah.

Re: [rn_walktree+0x3f] Panic During BGP+CARP Fail-Over

[Claudio Jeker]

On Mon, May 19, 2008 at 09:01:59AM +0700, Insan Praja SW wrote:
> Hi Misc@,
> While working/experimenting with bgpd + carp and storing the prefix learn
> by bgpd to a pftable, the carp peer hang when the other peer is rebooted.
> Works ok before storing this prefixes to pftable. Both router are
> identical.
> So here is the config file on each router, dmesg and of course, the ddb
> and trace,
>


> rn_delete: Orphaned Mask 0xd1d48c60 at 0x0
> rn_delete: couldn't find our annotation
> pfr_unroute_kentry: delete failed.
> rn_delete: Orphaned Mask 0xd1d48780 at 0x0
> uvm_fault(0xd7b3e814, 0x0, 0, 1) -> e
> kernel: page fault trap, code=0
> Stopped at  rn_walktree+0x3f:   cmpw$0,0x8(%eax)
> ddb> rn_walktree(d1b50480,d030fde0,de864b08,d0311f1b) at rn_walktree+0x3f
> pfr_mark_addrs(de848000,,1000,d1d9a000) at pfr_mark_addrs+0x33
> pfr_del_addrs(d1d9a000,84ec4000,400,d1d9a43c,1000,d0352da4,50,)
> at pfr_del_addrs+0x364
> pfioctl(4900,c44c,d1d9a000,3,d7836818) at pfioctl+0x3a6b
> spec_ioctl(de864d68,d777f354,de864d60,d036f7db,40) at spec_ioctl+0x3f
> spec_vnoperate(de864d68,d777f354,de864d90,d0371d17,d0796cd0) at
> spec_vnoperate+0x16
> VOP_IOCTL(d7acbccc,c44c,d1d9a000,3,d7b49000,d7836818,de864e38,d1cfa800)
> at VOP_IOCTL+0x40
> vn_ioctl(d7b2bdc0,c44c,d1d9a000,d7836818,d07aede0) at vn_ioctl+0xa7
> sys_ioctl(d7836818,de864f68,de864f58,5,d7836818) at sys_ioctl+0x125
> syscall() at syscall+0x24e
> --- syscall (number 54) ---
> 0xe36eabd:
>
>
>
> OpenBSD 4.3-current (GENERIC) #3: Thu May  8 03:46:09 WIT 2008
> [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC

Please retry with a more -current kernel. I guess this is already fixed
in rev. 1.23 of radix.c from 9 May. 

-- 
:wq Claudio

Re: pfsync crash?

[Stuart Henderson]

On 2008-05-19, Christer Solskogen <[EMAIL PROTECTED]> wrote:
> Somehow someone in my company have managed to crash one of our OpenBSD 
> boxes. I've taken a screenshot of the crash, but I dont know if it will 
> tell you something or not.
>
> http://carebears.mine.nu/~solskogen/temp/openbsd_crash.png
>
> pf is not running on that machine.
> OpenBSD 4.2 GENERIC#375 i386
>

See 4.2 errata 004.

Re: pfsync crash?

[Christer Solskogen]

Otto Moerbeek wrote:


I thik you are mistaken. First line in pf_test():



That's correct. I double checked.
(the only rule was "pass all")

--
chs

Re: pfsync crash?

[Otto Moerbeek]

On Mon, May 19, 2008 at 12:43:57PM +0200, Christer Solskogen wrote:

> Somehow someone in my company have managed to crash one of our OpenBSD 
> boxes. I've taken a screenshot of the crash, but I dont know if it will 
> tell you something or not.
>
> http://carebears.mine.nu/~solskogen/temp/openbsd_crash.png
>
> pf is not running on that machine.
> OpenBSD 4.2 GENERIC#375 i386
>
> -- 
> chs

I thik you are mistaken. First line in pf_test():

if (!pf_status.running)
return (PF_PASS);   

So pf IS enabled.

-Otto

pfsync crash?

[Christer Solskogen]

Somehow someone in my company have managed to crash one of our OpenBSD 
boxes. I've taken a screenshot of the crash, but I dont know if it will 
tell you something or not.


http://carebears.mine.nu/~solskogen/temp/openbsd_crash.png

pf is not running on that machine.
OpenBSD 4.2 GENERIC#375 i386

--
chs

314urbanstore.com : Bullrot-Wrung-Ecko-Pellepelle-Enyce-Unkut-LRG-Etc...

[webmaster]

---Cliquez ici pour ne plus recevoir de newsletter---

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]
[IMAGE]

[IMAGE]

314URBANSTORE.COM

Frais de Port Offert ` 150 euro d'achat, Livraison 24/48 heures, CB,
Paypal

SATISFAIT OU REMBOURSE 15 Jours.

Inscris tes Amis, dhs leur 10 Commande, tu gagnes 8 euros

29_men[1]

12_women[1]

30_men[1]

23_men[1]

[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]
[IMAGE]

[IMAGE]

Slotkam
Slotkam lady
Dada
Unkut
Bullrot
Missy
Pelle Pelle
Enyce
Wrung Division
Wrung Lady
LRG
Marc Ecko
Ecko
Ecko Red
G Unit
Mecca
Karl Kani

---Cliquez ici pour ne plus recevoir de newsletter---