Re: rtorrent problems - solved?
viq wrote: Sorry for the carpet bombing, I grabbed the list of people who I saw report problems with rtorrent. I'm writing to ask those who had problems with rtorrent try it again with newest snapshots, I was not able to reproduce the problem on a box that used to freeze. Please test and report, maybe Otto just fixed another obscure bug ;) I'm experiencing the same. Rtorrent is working without taking down the complete system. It seems that Arthur Grabowski's work [1] paid of. There is however one point of concern; Rtorrent is a real memory hog; it just keeps on taking and taking... Kind regards, BjC6rn Ketelaars [1] http://marc.info/?l=openbsd-cvsm=121501219121627w=2
Re: rtorrent problems - solved?
On Mon, Jul 14, 2008 at 07:55:23AM +0200, Bj??rn Ketelaars wrote: viq wrote: Sorry for the carpet bombing, I grabbed the list of people who I saw report problems with rtorrent. I'm writing to ask those who had problems with rtorrent try it again with newest snapshots, I was not able to reproduce the problem on a box that used to freeze. Please test and report, maybe Otto just fixed another obscure bug ;) I'm experiencing the same. Rtorrent is working without taking down the complete system. It seems that Arthur Grabowski's work [1] paid of. There is however one point of concern; Rtorrent is a real memory hog; it just keeps on taking and taking... I used to use rtorrent until it started to freeze the whole system so that I was able to ping it, but no userland worked. The box became unreachable, which wasn't easy to debug. I believe other people on this list experienced similar problems. In any case, I switched to btpd and never looked back. It's stable and doesn't consume more than 4MB of ram after 44 days of uptime while seeding 50+ torrents. Kind regards, BjC6rn Ketelaars [1] http://marc.info/?l=openbsd-cvsm=121501219121627w=2
gnome-display-properties for OpenBSD ?
is this packages exist in OpenBSD? i have install OpenBSD 4.3 and using gnome as X Window. In Fedora Core, i can using gnome-display-properties for change my resolution, but in OpenBSD 4.3 i can't found it. i have install xorg.conf in /etc/X11/xorg.conf thx
Re: Identifying Bandwidth Hogs
Joe S [EMAIL PROTECTED] writes: Check out argus (http://qosient.com/argus/). It's worth noting that there's a port of argus-3.0.0 in -current -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
pf openbsd 4.2 machine stopped responding
Hi, I have an openbsd 4.2 pf firewall using a generic, multiprocessor kernel that has been running with no issues for 101 days. Yesterday it stopped forwarding traffic and stopped allowing me to log on via ssh. Unfortunately, although it stopped forwarding traffic, it didn't fail over to its CARP standby node. We forced a failover by shutting down one of its switch ports. Now when I try to log on over the serial port I get the following message: 'internal resource failure'. First question: We have the machine left in its failed state at the moment. Is there a signal I can send it over the serial port to get the machine to panic before rebooting it (to give us as much information as possible)? (More questions to follow no doubt!) Thanks in advance, Cliff.
Sendmail won't use port 587 instead of 25
I can't get sendmail to use port 587 and not port 25, which my ISP Comcast blocks. I've added these lines to my sendmail.mc file, which is a copy of openbsd-proto.mc I've tried this with the openbsd-localhost.mc file also, but no success. ~ define(`SMART_HOST', `smtp.comcast.net')dnl define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl define(`SMTP_MAILER_ARGS', `TCP $h 587')dnl MASQUERADE_AS(`comcast.net')dnl FEATURE(masquerade_envelope)dnl ~ These are the only lines I've changed I am running 4.3 Release on i386. What's odd is that after creating my sendmail.cf, I cannot find the port 587 arguments: Msmtp, P=[IPC], F=mDFMuX, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, T=DNS/RFC822/SMTP, A=TCP $h Mesmtp, P=[IPC], F=mDFMuXa, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, T=DNS/RFC822/SMTP, A=TCP $h Msmtp8, P=[IPC], F=mDFMuX8, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, T=DNS/RFC822/SMTP, A=TCP $h Mdsmtp, P=[IPC], F=mDFMuXa%, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, T=DNS/RFC822/SMTP, A=TCP $h Mrelay, P=[IPC], F=mDFMuXa8, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040, T=DNS/RFC822/SMTP, A=TCP $h Is this a bug or did I do something wrong? Is there a way to prevent sendmail from EVER sending mail on port 25? My goal is to prevent sendmail from EVER sending email on port 25 since my ISP blocks it. (Please don't tell me to get another ISP. This is all I can get.) I just want my daily report emails to get sent to me. I'm not trying to run a full fledged mail server. Just want to send my root emails and daily reports to my gmail address. If this can't be done with sendmail, is there another mail server that can do this?
Re: gnome-display-properties for OpenBSD ?
On Mon, Jul 14, 2008 at 12:38:15AM -0700, my mail wrote: is this packages exist in OpenBSD? i have install OpenBSD 4.3 and using gnome as X Window. In Fedora Core, i can using gnome-display-properties for change my resolution, but in OpenBSD 4.3 i can't found it. i have install xorg.conf in /etc/X11/xorg.conf thx hi, thanks for this notice, i see why it is missing and i'll fix this soonish ;-) cheers, jasper -- Intelligence should guide our actions, but in harmony with the texture of the situation at hand -- Francisco Varela
Re: pf openbsd 4.2 machine stopped responding
I encountered this kind of situation before. From what I experienced, it was some sort of a thing that the memory suddenly freezes all the running processes. I can even remember that I saw something like db I did tried changing a different machine with the same hard disk still there was a point in time that the machine just suddenly halted. To sort it out, I migrated to 4.3 and I got an OpenBSD running seamlessly. Hi, I have an openbsd 4.2 pf firewall using a generic, multiprocessor kernel that has been running with no issues for 101 days. Yesterday it stopped forwarding traffic and stopped allowing me to log on via ssh. Unfortunately, although it stopped forwarding traffic, it didn't fail over to its CARP standby node. We forced a failover by shutting down one of its switch ports. Now when I try to log on over the serial port I get the following message: 'internal resource failure'. First question: We have the machine left in its failed state at the moment. Is there a signal I can send it over the serial port to get the machine to panic before rebooting it (to give us as much information as possible)? (More questions to follow no doubt!) Thanks in advance, Cliff.
Re: pf openbsd 4.2 machine stopped responding
On 2008-07-14, clifford bailey [EMAIL PROTECTED] wrote: First question: We have the machine left in its failed state at the moment. Is there a signal I can send it over the serial port to get the machine to panic before rebooting it (to give us as much information as possible)? Depends whether you A) have it set to use serial console and B) have already set ddb.console=1 in sysctl.conf. If both those things are true, send it a break over the serial port to enter DDB. N.B. whether ddb.console with serial console is useful depends on what you have on the serial port; some devices send a break when they reboot, which is not quite what you want, unless you want to find out your terminal server rebooted by noticing all the attached devices need you to continue... (as an aside, this seemed like knowledge worth passing on: if you've got a serial port, maybe a USB-RS232 adapter, that doesn't let you send break, apparently sending a single NULL at 50baud emulates it for some devices).
Re: problems with Areca ARC-1200
Hi, it's been a while since I used areca controllers. At that time there were some controller bios settings you had to use for proper disk spin up. You can set the timing for the disk spinup. Also it used to be recommended to disable the quickboot option in your bios. regards sebastian Ryan Corder schrieb: I unfortunately don't have a full dmesg output to send everyone, but I'm hoping I can provide enough to figure out what is wrong. Today I was trying to install 4.3 from my official CDs, but got stopped once I found that the kernel could not see the drives attached to my ARC-1200. According to the card's BIOS, I have one fully initialized RAID 1 array between two drives -- the kernel boot prompt even lists 'hd0+*'. However, once the kernel (bsd.rd on amd64) boots, it sees the card, but never the drives. So, I get a line like this: arc0 at pci11 dev 14 function 0 *Areca* ARC-1200 rev B: apic 8 int 0 (irq 10) but I don't get anything more, like: arc0: 2 ports, 128MB SDRAM, firmware V1.44 2008-3-20 or _most_ importantly: sd0 at scsibus1 targ 0 lun 0: *Areca*, ARC-1200-VOL#00, R001 SCSI3 0/direct fixed sd0: 476837MB, 56514 cyl, 36 head, 480 sec, 512 bytes/sec, 976562176 sec total any thoughts? Is the RAMDISK_CD on 4.3 that much different from GENERIC? I looked in CVS and saw that both 'arc* at pci?' and 'scsibus* at arc?'. What am I missing? thanks. ryanc -- Sebastian Schmitzdorff Managing Director Hamburgnet Kottwitzstrasse 49 D-20253 Hamburg fon: +49 40 736 72-322 fax: +49 40 736 72-321 Ust-IdNr. DE256504490 http://www.hamburgnet.de
Re: sendmail STARTTLS
On Fri, Jul 11, 2008 at 2:16 PM, GVG GVG [EMAIL PROTECTED] wrote: On Fri, Jul 11, 2008 at 2:01 PM, Stuart Henderson [EMAIL PROTECTED] wrote: On 2008-07-11, GVG GVG [EMAIL PROTECTED] wrote: Just to summarize, currently there is the 'maillog' and a 'sendmail_log' a standard installation doesn't have sendmail_log. 'standard' in terms of using the out of the box supplied features with no alternations! I don't think that the name of a self-defined log file (which you are 'obliged' to do anyway when using the '-D' flag!) makes any difference! Thanks George Any more idea on this subject? Something I should check that I missed? Your help is much appreciated Thanks George
Re: pf openbsd 4.2 machine stopped responding
Hi Stuart, I hadn't set ddb.console to 1 before, so unfortunately this isn't an option. I will do that in future though.. Looks like a hard-reboot is my only option. Thanks, Cliff. Stuart Henderson wrote: On 2008-07-14, clifford bailey [EMAIL PROTECTED] wrote: First question: We have the machine left in its failed state at the moment. Is there a signal I can send it over the serial port to get the machine to panic before rebooting it (to give us as much information as possible)? Depends whether you A) have it set to use serial console and B) have already set ddb.console=1 in sysctl.conf. If both those things are true, send it a break over the serial port to enter DDB. N.B. whether ddb.console with serial console is useful depends on what you have on the serial port; some devices send a break when they reboot, which is not quite what you want, unless you want to find out your terminal server rebooted by noticing all the attached devices need you to continue... (as an aside, this seemed like knowledge worth passing on: if you've got a serial port, maybe a USB-RS232 adapter, that doesn't let you send break, apparently sending a single NULL at 50baud emulates it for some devices).
Re: sendmail STARTTLS
On 2008-07-14, GVG GVG [EMAIL PROTECTED] wrote: Any more idea on this subject? Something I should check that I missed? Your help is much appreciated I would go through starttls(8) again from scratch, it does work. I think the only thing it doesn't _explicitly_ say is to type your hostname in as the Common Name in the certificate (though the prompts from openssl should suggest that it's needed).
Re: Sendmail won't use port 587 instead of 25
On Sun, Jul 13, 2008 at 04:16:20PM -0700, Joe S wrote:
I can't get sendmail to use port 587 and not port 25, which my ISP
Comcast blocks.
I've added these lines to my sendmail.mc file, which is a copy of
openbsd-proto.mc I've tried this with the openbsd-localhost.mc file
also, but no success.
~
define(`SMART_HOST', `smtp.comcast.net')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`SMTP_MAILER_ARGS', `TCP $h 587')dnl
MASQUERADE_AS(`comcast.net')dnl
FEATURE(masquerade_envelope)dnl
~
These defines need to come before the MAILER macros. Though you
didn't post your whole .mc, I bet the above defines are down by the
MASQUERADE* section, which is too late.
--
o--{ Will Maier }--o
| web:...http://www.lfod.us/ | [EMAIL PROTECTED] |
*-[ BSD: Live Free or Die ]*
Re: CARP node crashing reproducibly (4.3-stable)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Henning Brauer wrote:
| * Stephan A. Rickauer [EMAIL PROTECTED] [2008-07-11
16:59]:
| Here's all data I was able to get off our crashing machine, the backup
| node of our CARP cluster, that used to run flawlessly since 3.7.
|
| We can reproduce the problem
|
| if you follow http://www.benzedrine.cx/crashreport.html we have a
| chance to actually fix the bug...
|
Hello,
I'm a colleague of Stephan Rickauer and I've been taking a look at this
problem.
It's a NULL pointer bug!
dmesg shows
kernel: page fault trap, code=0
Stopped at pf_send_icmp+0x2b: orb
and ddb trace shows:
$0x1,0x32(%eax)pf_send_icmp(d62f3200,3,3,2,d67191b8,d115d500,2,db2a4eb8)
at pf_send_icmp+0x2b
ddb registers shows (among others):
eax0
eip 0xd02f56dbpf_send_icmp+0x2b
and helpfully disassembles the faulting instruction thus:
pf_send_icmp+0x2b: orb $0x1,0x32(%eax)
which is from line 1726 in pf_send_icmp() in pf.c:
m0-m_pkthdr.pf.flags |= PF_TAG_GENERATED;
The beginning of this function (up to the line with the or) is as follows:
pf_send_icmp(struct mbuf *m, u_int8_t type, u_int8_t code, sa_family_t af,
~struct pf_rule *r)
{
struct mbuf *m0;
m0 = m_copy(m, 0, M_COPYALL);
m0-m_pkthdr.pf.flags |= PF_TAG_GENERATED;
Thus we have m_copy (actually m_copym, since m_copy is a macro defined
in /usr/src/sys/sys/mbuf.h in terms of m_copym, which itself is a
one-line wrapper around m_copym0) returning a NULL pointer in eax (= m0)
and the subsequent OR getting a page fault when it tries to use it.
Looking at m_copym0, it looks like it can legitimately fail and return
NULL (it even increments a global variable MCFail when it does so) and
therefore the bug is that its return value is not being checked in
pf_send_icmp.
As far as I can see, the precise nature of the packet being handled at
the time of the crash is not important. Using ddb on the crashed
machine, it looks as if the packet being handled at the time is a
(relatively) innocent UDP broadcast as follows:
IP header:
45 0 0 1d
0 0 0 0
40 11 1b a2
ac 10 3 f
ac 10 3 ff
ip header length = 5 32-bit words
length = 29
id = 0
flags = 0
fragmentation offset = 0
TTL = 64
Protocol = 17, UDP
Source address = 172.16.3.15 (zynapse.lan.ini.uzh.ch)
Dest address = 172.16.3.255
UDP header:
bb b5 22 3d
0 9 a5 ba
source port = bbb5 = 48053
dest port = 223d = 8765 (Ultraseek HTTP ?)
length = 9
Data:
1d
Adrian
- --
Adrian M. Whatley
Universitaet/ETH Zuerich,
Institut fuer Neuroinformatik,
Winterthurerstrasse 190,
CH-8057 Zuerich, Switzerland.
Phone: +41 44 635 3067 Fax: +41 44 635 3053
Email: [EMAIL PROTECTED]WWW: http://www.ini.uzh.ch/~amw/
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFIeyy7Lgk3RqYSp9YRAlgfAJ4wYygStPwwScv9eScXXjIRtwc4oQCghkTb
rUhs3B5ZZPkyMQwXxyg9Xys=
=0Dyq
-END PGP SIGNATURE-
acer aspire m1610
Dear all, I have acer aspire M1610 and M1641 and try install openbsd 4.3 the result is : - acer aspire M1610 can't detect the onboard landcard - acer aspire M1641 is totaly blank after detect nvidia chipset . and my question how to make it work acer Aspire M1610 ( working with onboard lan card ) and for Acer Aspire M1641 can use for Openbsd . Thank's -- sonjaya http://sicute.blogspot.com
Re: Hardware recommendation for firewalls (more than 4 NICs)
* Curt Micol [EMAIL PROTECTED] [2008-07-13 16:20]: On Sun, Jul 13, 2008 at 5:55 AM, Henning Brauer [EMAIL PROTECTED] wrote: which is exactly the point. there are too many misconfigured VLAN setups out there, and some vendors (namely: cisco) have fucked up defaults. cisco (at least: used to, not sure about the current status, I long abondoned that crap) I am curious and risk running off topic here, but... Henning, knowing that you run an ISP of sorts what type of routers are you using? I am curious the setup you have considering you've abandoned Cisco and apparently don't have high regards for HP. :) The bigger HP Procurve switches are ok. Some shit, as usual, but all in all very usable. Routers: OpenBSD, what else? -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: Hardware recommendation for firewalls (more than 4 NICs)
On Fri, Jul 11, 2008 at 11:47 PM, Martmn Coco [EMAIL PROTECTED] wrote: Hi misc, I'm currently looking for hardware alternatives for firewalls that should have more than four NICs. Currently we are buying R200s from Dell, but we have the 4 NIC limitation. We could tell Dell to install a quad port NIC (in addition to the two-port onboard card), but I haven't read good things about the way they work. I've also looked into soekris, but they don't seem to have enough CPU for what we want (this is pure speculation) as we also have intense IPSec traffic on some of these firewalls (I've seen that some of them could have encryption boards added to increase performance, but I don't know if it works for any kind of protocol, or at what rate). In any case, what I would like to have is firewalls with multiple NICs (at least 6 NICs) *and* sufficient CPU to let IPSec work alright at least at ~50Mbps (internal backbone firewalls). The multiple NICs are to use trunk, pfsync, real network interfaces, etc. Thanks, Martmn. We run a pair of dell 1950s and have been generally happy with them. We run one dual port intel card and the two build in ports, no problem pushing about 400mbit. The intel cards have worked ok for us for years now in various versions. You can configure the box with two dual nics or two quad nics on the dell web.
Re: sendmail STARTTLS
On Mon, Jul 14, 2008 at 12:27 PM, Stuart Henderson [EMAIL PROTECTED] wrote: On 2008-07-14, GVG GVG [EMAIL PROTECTED] wrote: Any more idea on this subject? Something I should check that I missed? Your help is much appreciated I would go through starttls(8) again from scratch, it does work. I think the only thing it doesn't _explicitly_ say is to type your hostname in as the Common Name in the certificate (though the prompts from openssl should suggest that it's needed). I think I found it! Well the problem was due to the following error: --- STARTTLS=server: file /etc/mail/CA/key.pem unsafe: Group readable file in the /var/log/maillog file! Up to now, I didn't get that error cause the debugging option I had defined wasn't sufficient! In: -- http://www.sendmail.org/~ca/email/starttls.html -- is stated: -- If this doesn't reveal any problems, increase the LogLevel to 14 and try again - After doing the above modifications I do get '250-STARTTLS' when doing 'telnet localhost 25' etc. Thanks all of you for your support
Re: CARP node crashing reproducibly (4.3-stable)
* Adrian M. Whatley [EMAIL PROTECTED] [2008-07-14 13:54]:
It's a NULL pointer bug!
which is from line 1726 in pf_send_icmp() in pf.c:
m0-m_pkthdr.pf.flags |= PF_TAG_GENERATED;
Looking at m_copym0, it looks like it can legitimately fail and return
NULL (it even increments a global variable MCFail when it does so) and
therefore the bug is that its return value is not being checked in
pf_send_icmp.
perfect analysis!
looks like the only sane thing to do in that case is to bail and not
send the icmp.
Index: pf.c
===
RCS file: /cvs/src/sys/net/pf.c,v
retrieving revision 1.609
diff -u -p -r1.609 pf.c
--- pf.c10 Jul 2008 07:41:21 - 1.609
+++ pf.c14 Jul 2008 12:20:27 -
@@ -1819,7 +1819,9 @@ pf_send_icmp(struct mbuf *m, u_int8_t ty
{
struct mbuf *m0;
- m0 = m_copy(m, 0, M_COPYALL);
+ if ((m0 = m_copy(m, 0, M_COPYALL)) == NULL)
+ return;
+
m0-m_pkthdr.pf.flags |= PF_TAG_GENERATED;
if (r-rtableid = 0)
--
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
pfctl
Hi, I have noticed that you are unable to view the currently loaded options for pf using pfctl, even 'pfctl -sa' doesn't show the options eg. set skip on tun0. Is this going to be implemented soon or is it there and I'm missing something? Regards, -- Charlie Clark Network Engineer Lemon Computing Ltd Unit 9 26-28 Priests Bridge London SW14 8TA UK Tel: +44 208 878 2138 Fax: +44 208 878 2163 Email: [EMAIL PROTECTED] Site: http://www.lemon-computing.com/
Re: pfctl
On 2008-07-14, Charlie Clark [EMAIL PROTECTED] wrote: I have noticed that you are unable to view the currently loaded options for pf using pfctl, even 'pfctl -sa' doesn't show the options eg. set skip on tun0. Some of the set options aren't directly passed to PF, they're just used in pfctl. Others are available from various modifiers to pfctl -s, e.g. for skip rules: -s Interfaces Show the list of interfaces and interface drivers available to PF. When used together with -v, it additionally lists which interfaces have skip rules activated. When used together with -vv, in- terface statistics are also shown. -i can be used to select an interface or a group of interfaces.
Weird RAIDFrame behaviour in 4.3
Hi, I'm currently trying to set up a root-on-raid server using RAIDframe. Compiling a suitable kernel and building the array didn't cause much problems, but somehow I can't get the setup to be persistent across reboots -- the spare drive on which the mirror was reconstructed just doesn't get incorporated into the array : Before reboot: # raidctl -s raid0 raid0 Components: component0: spared /dev/wd1d: optimal Spares: /dev/wd0d: used_spare Parity status: clean Reconstruction is 100% complete. Parity Re-write is 100% complete. Copyback is 100% complete. # After reboot: # raidctl -s raid0 raid0 Components: component0: failed /dev/wd1d: optimal No spares. Parity status: clean Reconstruction is 100% complete. Parity Re-write is 100% complete. Copyback is 100% complete. I suspect this is due to a problem with the raidframe label on wd0d, but I have no clue on how to fix this : # raidctl -g /dev/wd0d raid0 raidctl: ioctl (RAIDFRAME_GET_COMPONENT_LABEL) failed # raidctl -g /dev/wd1d raid0 Component label for /dev/wd1d: Row: 0, Column: 1, Num Rows: 1, Num Columns: 2 Version: 2, Serial Number: 2008071301, Mod Counter: 829714127 Clean: No, Status: 0 sectPerSU: 128, SUsPerPU: 1, SUsPerRU: 1 Queue size: 100, blocksize: 512, numBlocks: 78064512 RAID Level: 1 Autoconfig: Yes Root partition: Yes Last configured as: raid0 # I tried rebooting on a non-RAID setup (wd0a) and recreating the array from there, to no avail. Any hint ? Simon - raid0.conf ## ARRAY SECTION START array # RowsColsSpare 1 2 0 ## DISK SECTION START disks # Components of the array # Was wd2d at creation time, I suspect this is part of the problem /dev/wd0d /dev/wd1d ## SPARE SECTION START spare # Spare devices ## LAYOUT SECTION START layout # SectPerSU SUsPerParityUnitSUsPerReconUnit RaidLevel 128 1 1 1 ## QUEUE SECTION START queue fifo100 - dmesg OpenBSD 4.3-stable (RAID-43-orbis-sjv1.MP) #1: Sun Jul 13 12:17:55 CEST 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAID-43-orbis-sjv1.MP cpu0: Intel Pentium II (GenuineIntel 686-class, 512KB L2 cache) 449 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR real mem = 268001280 (255MB) avail mem = 254795776 (242MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 08/16/00, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.2 @ 0xfb5e0 (83 entries) bios0: vendor Dell Computer Corporation version A14 date 08/16/00 bios0: Dell Computer Corporation Precision WorkStation 410 MT acpi at bios0 function 0x0 not configured pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfcab0/192 (10 entries) pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #2 is the last bus bios0: ROM list: 0xc/0x8000! 0xc8000/0x800 0xc8800/0x3800 mainbus0: Intel MP Specification (Version 1.4) cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 99MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel Pentium II (GenuineIntel 686-class, 512KB L2 cache) 449 MHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR mainbus0: bus 0 is type PCI mainbus0: bus 1 is type PCI mainbus0: bus 2 is type PCI mainbus0: bus 3 is type ISA ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x02 agp0 at pchb0: aperture at 0xf000, size 0x400 ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x02 pci1 at ppb0 bus 1 vga0 at pci1 dev 0 function 0 Matrox MGA G200 AGP rev 0x01 wsdisplay0 at vga0 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) piixpcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x02 pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: Maxtor 6E040L0 wd0: 16-sector PIO, LBA, 39205MB, 80293248 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 wd1 at pciide0 channel 1 drive 0: Maxtor 6E040L0 wd1: 16-sector PIO, LBA, 39205MB, 80293248 sectors wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 uhci0 at pci0 dev 7 function 2 Intel 82371AB USB rev 0x01: apic 2 int 19 (irq 11) piixpm0 at pci0 dev 7 function 3 Intel 82371AB Power rev 0x02: SMBus disabled xl0 at pci0 dev 17 function 0 3Com 3c905B 100Base-TX rev 0x00: apic 2 int 19 (irq 11), address 00:c0:4f:68:b2:64 exphy0 at xl0 phy 24: 3Com internal media interface ppb1 at pci0 dev 19 function 0 DEC 21152 PCI-PCI rev 0x03 pci2 at ppb1 bus 2 ahc0 at pci2 dev 14 function 0 Adaptec AIC-7880 rev 0x01: apic 2 int 18
ipmi not working on poweredge 2850
Hi list, today i tried to read the esm log on a poweredge 2850 running OpenBSD 4.3 stable. In the past i could see much more output from the internal sensors than only the raid sensor snip [EMAIL PROTECTED] root # sysctl hw.sensors hw.sensors.ami0.drive0=online (sd0), OK /snip the dmesg says that impi is not configured. Is there a way to turn it on? Kind regards, Joerg dmesg: OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Xeon(TM) CPU 3.00GHz (GenuineIntel 686-class) 3 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16,xTPR real mem = 1073053696 (1023MB) avail mem = 1029550080 (981MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 10/03/06, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf9920 (87 entries) bios0: vendor Dell Computer Corporation version A06 date 10/03/2006 bios0: Dell Computer Corporation PowerEdge 2850 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC SPCR HPET MCFG acpi0: wakeup devices PCI0(S5) PALO(S5) PBLO(S5) VPR0(S5) PBHI(S5) VPR1(S5) PICH(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PALO) acpiprt2 at acpi0: bus 2 (DOBA) acpiprt3 at acpi0: bus 3 (DOBB) acpiprt4 at acpi0: bus 4 (PBLO) acpiprt5 at acpi0: bus 5 (PBHI) acpiprt6 at acpi0: bus 6 (PXB1) acpiprt7 at acpi0: bus 7 (PXB2) acpiprt8 at acpi0: bus 8 (VPR1) acpiprt9 at acpi0: bus 9 (PXC1) acpiprt10 at acpi0: bus 11 (PXC2) acpiprt11 at acpi0: bus 14 (PICH) acpicpu0 at acpi0 bios0: ROM list: 0xc/0xb000! 0xcb000/0x2200 0xec000/0x4000! ipmi at mainbus0 not configured cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel E7520 Host rev 0x09 ppb0 at pci0 dev 2 function 0 Intel E7520 PCIE rev 0x09 pci1 at ppb0 bus 1 ppb1 at pci1 dev 0 function 0 Intel IOP332 PCIE-PCIX rev 0x06 pci2 at ppb1 bus 2 ami0 at pci2 dev 14 function 0 Dell PERC 4e/Di rev 0x06: irq 7 ami0: Dell 16d, 32b, FW 522D, BIOS vH430, 256MB RAM ami0: 2 channels, 0 FC loops, 1 logical drives scsibus0 at ami0: 40 targets sd0 at scsibus0 targ 0 lun 0: AMI, Host drive #00, SCSI2 0/direct fixed sd0: 139900MB, 17834 cyl, 255 head, 63 sec, 512 bytes/sec, 286515200 sec total scsibus1 at ami0: 16 targets safte0 at scsibus1 targ 6 lun 0: PE/PV, 1x6 SCSI BP, 1.0 SCSI2 3/processor fixed scsibus2 at ami0: 16 targets ppb2 at pci1 dev 0 function 2 Intel IOP332 PCIE-PCIX rev 0x06 pci3 at ppb2 bus 3 ppb3 at pci0 dev 4 function 0 Intel E7520 PCIE rev 0x09 pci4 at ppb3 bus 4 ppb4 at pci0 dev 5 function 0 Intel E7520 PCIE rev 0x09 pci5 at ppb4 bus 5 ppb5 at pci5 dev 0 function 0 Intel PCIE-PCIE rev 0x09 pci6 at ppb5 bus 6 em0 at pci6 dev 7 function 0 Intel PRO/1000MT (82541GI) rev 0x05: irq 11, address 00:18:8b:30:f1:72 ppb6 at pci5 dev 0 function 2 Intel PCIE-PCIE rev 0x09 pci7 at ppb6 bus 7 em1 at pci7 dev 8 function 0 Intel PRO/1000MT (82541GI) rev 0x05: irq 3, address 00:18:8b:30:f1:73 ppb7 at pci0 dev 6 function 0 Intel E7520 PCIE rev 0x09 pci8 at ppb7 bus 8 ppb8 at pci8 dev 0 function 0 Intel PCIE-PCIE rev 0x09 pci9 at ppb8 bus 9 ppb9 at pci9 dev 4 function 0 Intel S21152BB PCI-PCI rev 0x00 pci10 at ppb9 bus 10 ste0 at pci10 dev 4 function 0 D-Link Systems 550TX rev 0x15: irq 7, address 00:0d:88:68:30:f4 ukphy0 at ste0 phy 1: Generic IEEE 802.3u media interface, rev. 0: OUI 0x0090c3, model 0x0004 ste1 at pci10 dev 5 function 0 D-Link Systems 550TX rev 0x15: irq 10, address 00:0d:88:68:30:f5 ukphy1 at ste1 phy 1: Generic IEEE 802.3u media interface, rev. 0: OUI 0x0090c3, model 0x0004 ste2 at pci10 dev 6 function 0 D-Link Systems 550TX rev 0x15: irq 11, address 00:0d:88:68:30:f6 ukphy2 at ste2 phy 1: Generic IEEE 802.3u media interface, rev. 0: OUI 0x0090c3, model 0x0004 ste3 at pci10 dev 7 function 0 D-Link Systems 550TX rev 0x15: irq 3, address 00:0d:88:68:30:f7 ukphy3 at ste3 phy 1: Generic IEEE 802.3u media interface, rev. 0: OUI 0x0090c3, model 0x0004 ppb10 at pci8 dev 0 function 2 Intel PCIE-PCIE rev 0x09 pci11 at ppb10 bus 11 ppb11 at pci11 dev 2 function 0 Intel S21152BB PCI-PCI rev 0x00 pci12 at ppb11 bus 12 ste4 at pci12 dev 4 function 0 D-Link Systems 550TX rev 0x15: irq 11, address 00:0d:88:68:31:00 ukphy4 at ste4 phy 1: Generic IEEE 802.3u media interface, rev. 0: OUI 0x0090c3, model 0x0004 ste5 at pci12 dev 5 function 0 D-Link Systems 550TX rev 0x15: irq 3, address 00:0d:88:68:31:01 ukphy5 at ste5 phy 1: Generic IEEE 802.3u media interface, rev. 0: OUI 0x0090c3, model 0x0004 ste6 at pci12 dev 6 function 0 D-Link Systems 550TX rev 0x15: irq 7, address 00:0d:88:68:31:02 ukphy6 at ste6 phy 1: Generic IEEE 802.3u media interface, rev. 0: OUI 0x0090c3, model 0x0004 ste7 at pci12 dev 7 function 0 D-Link Systems 550TX rev 0x15: irq 10, address 00:0d:88:68:31:03 ukphy7 at ste7 phy 1: Generic IEEE 802.3u media interface, rev.
Re: CARP node crashing reproducibly (4.3-stable)
On Mon, 2008-07-14 at 14:22 +0200, Henning Brauer wrote: perfect analysis! looks like the only sane thing to do in that case is to bail and not send the icmp. I've compiled a new kernel with the patch. The machine is no longer crashing on pf_send_icmp(). However, I now see memory leaking until the machine locks up (it doesn't crash but its network becomes unusable). Unfortunately, it then also puts all CARP interfaces in MASTER state, though the other node works perfectly as master already. This will, of course, knock down our entire network until I manually put down the carp interfaces. I have increased kern.maxclusters to gain more time for debugging of the memory leak. However, all I could find out so far is that lots of mbufs are allocated while there is no significant traffic to be handled (remember the machine is the CARP backup). The machine crashes within 15 minutes after reboot. Because of the line wrapping in this email, I've also put the output of netstat and vmstat online) http://www.ini.uzh.ch/~stephan/vmstat+netstat.txt # vmstat -m Memory statistics by bucket size Size In Use Free Requests HighWater Couldfree 16 3549 10275 3042441280 7725 32 303209 51063 640 0 64 2968360 93244 320 89 128 511 65 5665 160 0 256 189131 12817 80 1065 512 351 9 3326 40 0 1024 2313 11 3302 20 0 2048 33 1 1536 10 0 4096 28 1 6834 5 0 8192 12 0 12 5 0 163846 0 6 5 0 327685 0 5 5 0 655361 0 1 5 0 Memory usage type by bucket size Size Type(s) 16 devbuf, pcb, routetbl, ifaddr, sysctl, UFS mount, dirhash, in_multi, exec, xform_data, VM swap, UVM amap, UVM aobj, USB, USB device, packet tags, temp 32 devbuf, pcb, routetbl, ifaddr, UFS mount, sem, dirhash, proc, VFS cluster, in_multi, ether_multi, xform_data, VM swap, UVM amap, USB, temp, AGP Memory 64 devbuf, pcb, routetbl, ifaddr, vnodes, sem, dirhash, ip_moptions, in_multi, pfkey data, UVM amap, USB, NDP, temp 128 devbuf, routetbl, ifaddr, vnodes, ttys, exec, UVM amap, USB, USB device, NDP, temp, AGP Memory 256 devbuf, routetbl, ifaddr, sysctl, ioctlops, vnodes, shm, VM map, proc, NFS srvsock, NFS daemon, newblk, UVM amap, USB, USB device, temp 512 devbuf, pcb, ifaddr, ioctlops, mount, UFS mount, shm, dirhash, ttys, exec, UVM amap, USB device, temp 1024 devbuf, ioctlops, namecache, proc, ttys, exec, UVM amap, UVM aobj, crypto data, temp 2048 devbuf, ifaddr, ioctlops, UFS mount, pagedep, VM swap, UVM amap, temp 4096 devbuf, ioctlops, UFS mount, MSDOSFS mount, memdesc, temp 8192 devbuf, NFS node, namecache, UFS quota, UFS mount, ISOFS mount, inodedep 16384 devbuf, namecache, UVM amap 32768 devbuf, VM swap 65536 VM swap Memory statistics by type Type Kern Type InUse MemUse HighUse Limit Requests Limit Limit Size(s) devbuf 3808 2545K 2545K 39322K 38800 0 16,32,64,128,256,512,1024,2048,4096,8192,16384,32768 pcb30 4K 4K 39322K 780 0 16,32,64,512 routetbl 28027K 44K 39322K 14000 0 16,32,64,128,256 ifaddr 14325K 25K 39322K 1450 0 16,32,64,128,256,512,2048 sysctl 2 1K 1K 39322K20 0 16,256 ioctlops 0 0K 4K 39322K 54570 0 256,512,1024,2048,4096 mount 4 2K 2K 39322K40 0 512 NFS node 1 8K 8K 39322K10 0 8192 vnodes 125683K 87K 39322K 13120 0 64,128,256 namecache 325K 25K 39322K30 0 1024,8192,16384 UFS quota 1 8K 8K 39322K10 0 8192 UFS mount1735K 35K 39322K 170 0 16,32,512,2048,4096,8192 shm 2 1K 1K 39322K20 0 256,512 VM map 4 1K 1K 39322K40 0 256 sem 2 1K 1K 39322K20 0 32,64 dirhash30 6K 6K 39322K 300 0 16,32,64,512 proc15 3K 3K 39322K 150 0 32,256,1024 VFS cluster 0 0K 1K 39322K 260 0 32 NFS srvsock 1 1K 1K 39322K10 0 256 NFS daemon 1 1K 1K
Re: CARP node crashing reproducibly (4.3-stable)
* Stephan A. Rickauer [EMAIL PROTECTED] [2008-07-14 17:27]: On Mon, 2008-07-14 at 14:22 +0200, Henning Brauer wrote: perfect analysis! looks like the only sane thing to do in that case is to bail and not send the icmp. I've compiled a new kernel with the patch. The machine is no longer crashing on pf_send_icmp(). However, I now see memory leaking until the machine locks up (it doesn't crash but its network becomes unusable). Unfortunately, it then also puts all CARP interfaces in MASTER state, though the other node works perfectly as master already. This will, of course, knock down our entire network until I manually put down the carp interfaces. I have increased kern.maxclusters to gain more time for debugging of the memory leak. However, all I could find out so far is that lots of mbufs are allocated while there is no significant traffic to be handled (remember the machine is the CARP backup). The machine crashes within 15 minutes after reboot. ok that is weird. icmp_error as called in pf_send_icmp does not m_free anything but the passed mbuf, and we now just bail if tghe allocation of it fails. so i have a hard time seeing this as related... might be something completely different. and finding mbuf leaks tends to be damn hard and following a lot of code... -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: Identifying Bandwidth Hogs
On Tue, Jul 8, 2008 at 10:51 PM, David Schulz [EMAIL PROTECTED] wrote: Hello, can someone recommend me a good way to quickly determine who on the network is using up most the Bandwith, and preferrably, what are the using it for? I have a 4.3 Machine, which is the Firewall and Router for a Network with about 100 Machines. Every once in a while, i see the Traffic picking up consideribly when using bwm-ng to check. During normal Operation, i know the average Kilobytes per second is around 100kbps , but when bwm-ng shows me the traffic is going up 750kbps, and then i know something is up. Normally then i use something like pftop -s 1 -o rate , and then find out who is on top of the list. I wonder if anyone has a better way of finding Bandwidth Hogs. On an older FreeBSD System, i simply installed iftop, which quickly showed me my top Users. Similar to bwm-ng, but basically showing you per IP who is using how much Bandwidth. Ideally would be a way that not only shows me quickly who is using the most Bandwidth, but also, if they are using it for HTTP traffic, or simply downloading a large mail or having a Skype Conversation or else. Excellent would also be a way i can somehow graph all of that, so that even when i am not in the office, i can identify people who are doing things they shouldnt. I do have an RRD Graph for my main Interface, so i can say for example a few hours ago something made the Traffic pick up to 750kbps for 20 minutes, but i have no idea who it was. I once had all my protocols and IP's labeled, and used pfctl -s labels to parse them into my rrd files, but the whole process with collecting and graphing got quite slow. Also i tried darkstat, but its doesnt do a better job than current bwm-ng and pftop. Thanks for any suggestions, David Dear Mr David, Two months ago, one of my members was using Hex to deploy a quick solution to analyze his network. You may try to check and see either it is suitable for your environment or not by visiting this website: http://www.rawpacket.org/projects/hex Have a nice day! ;) -zamri-
X font sizes
Hi, sometime between the June 25 snapshot and today something in X changed. Font sizes of some programms (like Konsole, Psi, xclock when using -render) are much larger then before. It also isn't possible to get back to the old look by just selecting a smaller font size. Since it also happens for xclock when using -render I asume it is not related to KDE/qt. Only thing I did was updating to the latest snapshot. Sadly I can not provide a before/after screenshot, but here are some infos. Would be nice if anyone has a clue what happened and how to get back to the old look. Currently the Konsole is really useless because it is either way to small (to read) or too large (consuming too much space on screen). Thanks in advance, Michael # dmesg OpenBSD 4.4-beta (GENERIC.MP) #799: Fri Jul 11 16:49:03 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Pentium(R) D CPU 3.00GHz (GenuineIntel 686-class) 3 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,CNXT-ID,CX16,xTPR real mem = 1063378944 (1014MB) avail mem = 1019953152 (972MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/31/06, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf0450 (73 entries) bios0: vendor Dell Inc. version A07 date 03/31/2006 bios0: Dell Inc. OptiPlex GX620 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SSDT APIC BOOT ASF! MCFG HPET SSDT SSDT SSDT acpi0: wakeup devices VBTN(S4) PCI0(S5) PCI4(S5) PCI2(S5) PCI3(S5) PCI1(S5) PCI5(S5) PCI6(S5) MOU_(S3) USB0(S3) USB1(S3) USB2(S3) USB3(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Pentium(R) D CPU 3.00GHz (GenuineIntel 686-class) 3 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,CNXT-ID,CX16,xTPR ioapic0 at mainbus0: apid 8 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 8 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 3 (PCI4) acpiprt1 at acpi0: bus 1 (PCI2) acpiprt2 at acpi0: bus 2 (PCI3) acpiprt3 at acpi0: bus -1 (PCI1) acpiprt4 at acpi0: bus -1 (PCI5) acpiprt5 at acpi0: bus -1 (PCI6) acpiprt6 at acpi0: bus 0 (PCI0) acpicpu0 at acpi0: FVS, 3000, 2400 MHz acpicpu1 at acpi0: FVS, 3000, 2400 MHz acpibtn0 at acpi0: VBTN bios0: ROM list: 0xc/0xa800! 0xca800/0x2000! 0xcc800/0x3800 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82945G Host rev 0x02 vga1 at pci0 dev 2 function 0 Intel 82945G Video rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: aperture at 0xe000, size 0x1000 Intel 82945G Video rev 0x02 at pci0 dev 2 function 1 not configured ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01: apic 8 int 16 (irq 11) pci1 at ppb0 bus 1 bge0 at pci1 dev 0 function 0 Broadcom BCM5751 rev 0x01, BCM5750 A1 (0x4001): apic 8 int 16 (irq 11), address 00:13:72:cf:5d:52 brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x01: apic 8 int 17 (irq 10) pci2 at ppb1 bus 2 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: apic 8 int 21 (irq 9) uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: apic 8 int 22 (irq 5) uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: apic 8 int 18 (irq 3) uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: apic 8 int 23 (irq 10) ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: apic 8 int 21 (irq 9) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb2 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xe1 pci3 at ppb2 bus 3 auich0 at pci0 dev 30 function 2 Intel 82801GB AC97 rev 0x01: apic 8 int 23 (irq 10), ICH7 AC97 ac97: codec id 0x41445374 (Analog Devices AD1981B) ac97: codec features headphone, 20 bit DAC, No 3D Stereo audio0 at auich0 ichpcib0 at pci0 dev 31 function 0 Intel 82801GB LPC rev 0x01: PM disabled pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets, initiator 7 cd0 at scsibus0 targ 0 lun 0: TSSTcorp, CDRW/DVD TSL462C, DE06 ATAPI 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 ignored (disabled) pciide1 at pci0 dev 31 function 2 Intel 82801GB SATA rev 0x01: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using apic 8 int 20 (irq 5) for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: WDC
Postfix race condition at boot
Hi, I've an OpenBSD box that's been running postfix for a few years, strictly as a send-only mta, and every night the box gets rebooted. Every couple of months postfix does not come up on reboot. All that shows up in the logs is: snip postfix/postfix-script[3005]: fatal: Postfix integrity check failed! My suspicion is that syslogd has not yet finished making the log socket and the postfix check that happens at postfix start fails. (/etc/rc.conf.local has: syslogd_flags=-a /var/spool/postfix/dev/log ) I can always log in and start postfix manually using the same sendmail command that the rc scripts use. Any suggestions as to how to confirm the problem and/or what to do about it? Does anyone else have this problem? Should I be talking to the postfix port maintainer? FWIW the box is old and slow, a 500MHz-ish i386-ish something. Clearly this does not have my undies in a bunch, but it would be nice to make the problem go away. Thanks for the help. Karl [EMAIL PROTECTED] Free Software: You don't pay back, you pay forward. -- Robert A. Heinlein
Re: X font sizes
On Mon, Jul 14, 2008 at 06:49:43PM +0200, Michael wrote: sometime between the June 25 snapshot and today something in X changed. Font sizes of some programms (like Konsole, Psi, xclock when using -render) are much larger then before. http://marc.info/?l=openbsd-miscm=121372109126372w=2 Martin
Re: X font sizes
Hi, Martin Toft schrieb: On Mon, Jul 14, 2008 at 06:49:43PM +0200, Michael wrote: sometime between the June 25 snapshot and today something in X changed. Font sizes of some programms (like Konsole, Psi, xclock when using -render) are much larger then before. http://marc.info/?l=openbsd-miscm=121372109126372w=2 Thanks, somehow I missed that. :-( Michael
Re: Hardware recommendation for firewalls (more than 4 NICs)
Thanks! Have you tried the quad nics on those Dells? We do have a couple of R200s, 860s and 850s running with 2 dual port cards no problem, but we have never tried the quad ports. Torsten Frost escribis: On Fri, Jul 11, 2008 at 11:47 PM, Martmn Coco [EMAIL PROTECTED] wrote: Hi misc, I'm currently looking for hardware alternatives for firewalls that should have more than four NICs. Currently we are buying R200s from Dell, but we have the 4 NIC limitation. We could tell Dell to install a quad port NIC (in addition to the two-port onboard card), but I haven't read good things about the way they work. I've also looked into soekris, but they don't seem to have enough CPU for what we want (this is pure speculation) as we also have intense IPSec traffic on some of these firewalls (I've seen that some of them could have encryption boards added to increase performance, but I don't know if it works for any kind of protocol, or at what rate). In any case, what I would like to have is firewalls with multiple NICs (at least 6 NICs) *and* sufficient CPU to let IPSec work alright at least at ~50Mbps (internal backbone firewalls). The multiple NICs are to use trunk, pfsync, real network interfaces, etc. Thanks, Martmn. We run a pair of dell 1950s and have been generally happy with them. We run one dual port intel card and the two build in ports, no problem pushing about 400mbit. The intel cards have worked ok for us for years now in various versions. You can configure the box with two dual nics or two quad nics on the dell web.
Re: Hardware recommendation for firewalls (more than 4 NICs)
First of all, thanks to all of you that have replied. I've thought of adding VLANs, and will be doing it in the future maybe, but in our current situation, that's not possible; not all the switches support this option, and there's still some concern about security implications (specially in upper layers of the company). This may be unfounded, but there is not much that I can do for the time being, and keeping things simple by dividing networks physically does it for us right now. I know that it means more cables, more switches, etc., but we can also choose almost any kind of switch and do not need to manage each switch in addition to the firewalls. I really don't want to add to this discussion, but that's the way it's being done right now. Anyway, thanks to everyone! Martmn Coco escribis: Hi misc, I'm currently looking for hardware alternatives for firewalls that should have more than four NICs. Currently we are buying R200s from Dell, but we have the 4 NIC limitation. We could tell Dell to install a quad port NIC (in addition to the two-port onboard card), but I haven't read good things about the way they work. I've also looked into soekris, but they don't seem to have enough CPU for what we want (this is pure speculation) as we also have intense IPSec traffic on some of these firewalls (I've seen that some of them could have encryption boards added to increase performance, but I don't know if it works for any kind of protocol, or at what rate). In any case, what I would like to have is firewalls with multiple NICs (at least 6 NICs) *and* sufficient CPU to let IPSec work alright at least at ~50Mbps (internal backbone firewalls). The multiple NICs are to use trunk, pfsync, real network interfaces, etc. Thanks, Martmn.
PF DiffServ
Hi Misc@, I was wondering if I could use pf to read and write DSCP code to packets, maybe using scrub or altq? If there is a way to do it using Puffy, maybe I could try it on my box. Thanks, Insan -- insandotpraja(at)gmaildotcom
Re: X font sizes
Michael wrote: Hi, sometime between the June 25 snapshot and today something in X changed. Font sizes of some programms (like Konsole, Psi, xclock when using -render) are much larger then before. It also isn't possible to get back to the old look by just selecting a smaller font size. Since it also happens for xclock when using -render I asume it is not related to KDE/qt. Only thing I did was updating to the latest snapshot. Sadly I can not provide a before/after screenshot, but here are some infos. Would be nice if anyone has a clue what happened and how to get back to the old look. Currently the Konsole is really useless because it is either way to small (to read) or too large (consuming too much space on screen). Thanks in advance, Michael # dmesg OpenBSD 4.4-beta (GENERIC.MP) #799: Fri Jul 11 16:49:03 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Pentium(R) D CPU 3.00GHz (GenuineIntel 686-class) 3 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,CNXT-ID,CX16,xTPR real mem = 1063378944 (1014MB) avail mem = 1019953152 (972MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/31/06, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf0450 (73 entries) bios0: vendor Dell Inc. version A07 date 03/31/2006 bios0: Dell Inc. OptiPlex GX620 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SSDT APIC BOOT ASF! MCFG HPET SSDT SSDT SSDT acpi0: wakeup devices VBTN(S4) PCI0(S5) PCI4(S5) PCI2(S5) PCI3(S5) PCI1(S5) PCI5(S5) PCI6(S5) MOU_(S3) USB0(S3) USB1(S3) USB2(S3) USB3(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Pentium(R) D CPU 3.00GHz (GenuineIntel 686-class) 3 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,CNXT-ID,CX16,xTPR ioapic0 at mainbus0: apid 8 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 8 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 3 (PCI4) acpiprt1 at acpi0: bus 1 (PCI2) Michael [EMAIL PROTECTED] acpiprt2 at acpi0: bus 2 (PCI3) acpiprt3 at acpi0: bus -1 (PCI1) acpiprt4 at acpi0: bus -1 (PCI5) acpiprt5 at acpi0: bus -1 (PCI6) acpiprt6 at acpi0: bus 0 (PCI0) acpicpu0 at acpi0: FVS, 3000, 2400 MHz acpicpu1 at acpi0: FVS, 3000, 2400 MHz acpibtn0 at acpi0: VBTN bios0: ROM list: 0xc/0xa800! 0xca800/0x2000! 0xcc800/0x3800 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82945G Host rev 0x02 vga1 at pci0 dev 2 function 0 Intel 82945G Video rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: aperture at 0xe000, size 0x1000 Intel 82945G Video rev 0x02 at pci0 dev 2 function 1 not configured ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01: apic 8 int 16 (irq 11) pci1 at ppb0 bus 1 bge0 at pci1 dev 0 function 0 Broadcom BCM5751 rev 0x01, BCM5750 A1 (0x4001): apic 8 int 16 (irq 11), address 00:13:72:cf:5d:52 brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x01: apic 8 int 17 (irq 10) pci2 at ppb1 bus 2 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: apic 8 int 21 (irq 9) uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: apic 8 int 22 (irq 5) uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: apic 8 int 18 (irq 3) uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: apic 8 int 23 (irq 10) ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: apic 8 int 21 (irq 9) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb2 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xe1 pci3 at ppb2 bus 3 auich0 at pci0 dev 30 function 2 Intel 82801GB AC97 rev 0x01: apic 8 int 23 (irq 10), ICH7 AC97 ac97: codec id 0x41445374 (Analog Devices AD1981B) ac97: codec features headphone, 20 bit DAC, No 3D Stereo audio0 at auich0 ichpcib0 at pci0 dev 31 function 0 Intel 82801GB LPC rev 0x01: PM disabled pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets, initiator 7 cd0 at scsibus0 targ 0 lun 0: TSSTcorp, CDRW/DVD TSL462C, DE06 ATAPI 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 ignored (disabled) pciide1 at pci0 dev 31 function 2 Intel 82801GB SATA rev 0x01: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using apic 8 int 20 (irq 5) for native-PCI interrupt
Re: ipmi not working on poweredge 2850
On Mon, Jul 14, 2008 at 05:09:10PM +0200, J??rg Streckfu?? wrote: today i tried to read the esm log on a poweredge 2850 running OpenBSD 4.3 stable. In the past i could see much more output from the internal sensors than only the raid sensor snip [EMAIL PROTECTED] root # sysctl hw.sensors hw.sensors.ami0.drive0=online (sd0), OK /snip the dmesg says that impi is not configured. Is there a way to turn it on? Heh, I happen to have played alot with that recently :P You only have to turn it on in your kernel, using the config binary. config -e -f /bsd enable ipmi quit And you're all set (after a reboot). Ciao, Ariane
Re: Hardware recommendation for firewalls (more than 4 NICs)
Never done the quad in my maxchines. I havent heard anyone getting fired over it either though. A quick check on dells web indicates you have two pci-e slots in those r200s, why not get two dual nics. On Mon, Jul 14, 2008 at 8:28 PM, Martmn Coco [EMAIL PROTECTED] wrote: Thanks! Have you tried the quad nics on those Dells? We do have a couple of R200s, 860s and 850s running with 2 dual port cards no problem, but we have never tried the quad ports. Torsten Frost escribis: On Fri, Jul 11, 2008 at 11:47 PM, Martmn Coco [EMAIL PROTECTED] wrote: Hi misc, I'm currently looking for hardware alternatives for firewalls that should have more than four NICs. Currently we are buying R200s from Dell, but we have the 4 NIC limitation. We could tell Dell to install a quad port NIC (in addition to the two-port onboard card), but I haven't read good things about the way they work. I've also looked into soekris, but they don't seem to have enough CPU for what we want (this is pure speculation) as we also have intense IPSec traffic on some of these firewalls (I've seen that some of them could have encryption boards added to increase performance, but I don't know if it works for any kind of protocol, or at what rate). In any case, what I would like to have is firewalls with multiple NICs (at least 6 NICs) *and* sufficient CPU to let IPSec work alright at least at ~50Mbps (internal backbone firewalls). The multiple NICs are to use trunk, pfsync, real network interfaces, etc. Thanks, Martmn. We run a pair of dell 1950s and have been generally happy with them. We run one dual port intel card and the two build in ports, no problem pushing about 400mbit. The intel cards have worked ok for us for years now in various versions. You can configure the box with two dual nics or two quad nics on the dell web.
Re: gnome-display-properties for OpenBSD ?
--- On Mon, 7/14/08, Jasper Lievisse Adriaanse [EMAIL PROTECTED] wrote: From: Jasper Lievisse Adriaanse [EMAIL PROTECTED] Subject: Re: gnome-display-properties for OpenBSD ? this was fixed in -current a couple of minutes ago. cheers, jasper thanks jasper, if want install this packages i must update my OpenBSD 4.3 into -current branch, right?
Re: pfctl
Stuart Henderson escreveu: On 2008-07-14, Charlie Clark [EMAIL PROTECTED] wrote: I have noticed that you are unable to view the currently loaded options for pf using pfctl, even 'pfctl -sa' doesn't show the options eg. set skip on tun0. Some of the set options aren't directly passed to PF, they're just used in pfctl. Others are available from various modifiers to pfctl -s, e.g. for skip rules: -s Interfaces Show the list of interfaces and interface drivers available to PF. When used together with -v, it additionally lists which interfaces have skip rules activated. When used together with -vv, in- terface statistics are also shown. -i can be used to select an interface or a group of interfaces. Another RTFM thread. I think there should be more emphasis about how good and complete openbsd doc is, on the download page of the site, to avoid this kind of thread. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Herom 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
Re: rtorrent problems - solved?
On Sun, Jul 13, 2008 at 11:16:59PM -0700, Aaron Stellman wrote: On Mon, Jul 14, 2008 at 07:55:23AM +0200, Bj??rn Ketelaars wrote: viq wrote: Sorry for the carpet bombing, I grabbed the list of people who I saw report problems with rtorrent. I'm writing to ask those who had problems with rtorrent try it again with newest snapshots, I was not able to reproduce the problem on a box that used to freeze. Please test and report, maybe Otto just fixed another obscure bug ;) I'm experiencing the same. Rtorrent is working without taking down the complete system. It seems that Arthur Grabowski's work [1] paid of. ... I used to use rtorrent until it started to freeze the whole system so that I was able to ping it, but no userland worked. The box became unreachable, which wasn't easy to debug that sounds like very similar if not precisely the same effects of the pagedaemon thing. i was on jun.30 snapshots and also maybe jul.2 snapshots and was still getting my ass bit by the pagedaemon thing; right now i'm on jul.11th snapshots for 2d and things are seeming to be still OK. that's all orthogonal to what torrent client does what, but fwiw... -- jared
PF and Binat
Hi, I am having some issues with PF and Binat. Here is my scenario: I have 5 static ips assisgned to me. I have frontended my network (external) with an OpenBSD machine running pf. I would like 2 of these IPs to have ONE to ONE translation. I have 2 very different servers serving different purpose. 75.36.44.22 for web serving and 75.36.44.23 for mail For example: 75.36.44.22 - 172.16.10.22 75.36.44.23 - 172.16.10.23 I do this with the following binat statements: ## i have nat for anything that is not my servers nat on $ext_if from !($ext_if) to any - ($ext_if:0) ### here are my servers binat on $ext_if from 172.16.10.22 to any - 75.36.44.22 binat on $ext_if from 172.16.10.23 to any - 75.36.44.23 pass in on $ext_if proto tcp from any to 75.36.44.22 port 80 pass in on $ext_if proto tcp from any to 75.36.44.23 port 25 Problem is when I try to access my servers from outside (different external network), I cannot reach them at all. Why can't I do this? When I try to add the external ips as aliases on my external interface, it works fine. Isn't the BINAT statement sufficient??? do i have to use aliases??? I spun off sniffer on the Openbsd gateway to see if it was even getting the request and of course I don't even see the request come through as I am assuming my Netopia router doesn't know where the external IPs are for that server (arp). When I go the aliases way, everything works fine. Can someone shed some light on this? Thanks
Re: PF and Binat
On Mon, Jul 14, 2008 at 09:19:22PM -0700, Parvinder Bhasin wrote: When I try to add the external ips as aliases on my external interface, it works fine. Isn't the BINAT statement sufficient??? do i have to use aliases??? Unless the addresses are being routed to the firewall in question, yes, you have to use aliases. Otherwise your system will not reply to ARP requests for the addresses, and the upstream router will not know where to send the traffic.
Re: PF and Binat
Actually Ryan, when I do the aliases way , do I still need the binat statements? because when I use aliases and binat statements together, it doesn't work. Without the binat statements and with aliases everything works fine?? what gives? On Jul 14, 2008, at 9:31 PM, Ryan McBride wrote: On Mon, Jul 14, 2008 at 09:19:22PM -0700, Parvinder Bhasin wrote: When I try to add the external ips as aliases on my external interface, it works fine. Isn't the BINAT statement sufficient??? do i have to use aliases??? Unless the addresses are being routed to the firewall in question, yes, you have to use aliases. Otherwise your system will not reply to ARP requests for the addresses, and the upstream router will not know where to send the traffic.
Re: PF and Binat
Thanks Ryan!! That was my hunch too, but wanted to be sure. Another question that arises from this is whenever I reboot the box or do sh /etc/netstart, the ip address that is bound to the external interface (with aliases) would sort of round robin between the different aliases. Is this normal behaviour? On Jul 14, 2008, at 9:31 PM, Ryan McBride wrote: On Mon, Jul 14, 2008 at 09:19:22PM -0700, Parvinder Bhasin wrote: When I try to add the external ips as aliases on my external interface, it works fine. Isn't the BINAT statement sufficient??? do i have to use aliases??? Unless the addresses are being routed to the firewall in question, yes, you have to use aliases. Otherwise your system will not reply to ARP requests for the addresses, and the upstream router will not know where to send the traffic.
Re: PF and Binat
On Mon, Jul 14, 2008 at 09:48:22PM -0700, Parvinder Bhasin wrote: Actually Ryan, when I do the aliases way , do I still need the binat statements? because when I use aliases and binat statements together, it doesn't work. Without the binat statements and with aliases everything works fine?? If you do aliases without the binat, you're not connecting to your natted hosts, you're connecting to your firewall. what gives? Oh, I missed this before: pass in on $ext_if proto tcp from any to 75.36.44.22 port 80 pass in on $ext_if proto tcp from any to 75.36.44.23 port 25 Filtering happens AFTER translation, so you need to filter on the real addresses of the hosts, not the alias addresses.
Re: problems with Areca ARC-1200
On Mon, Jul 14, 2008 at 2:50 AM, Sebastian Schmitzdorff [EMAIL PROTECTED] wrote: it's been a while since I used areca controllers. At that time there were some controller bios settings you had to use for proper disk spin up. You can set the timing for the disk spinup. Also it used to be recommended to disable the quickboot option in your bios. Unfortunately, this wasn't the problem. To make double sure, I threw in a CD of the latest Arch Linux and it saw both the card and the RAID 1 set. I was able to create partitions, filesystems, and move around files. At this point, I started wondering about the driver and the fact that this is a rev. B card. Upon closer inspection, support for this card (and all over Marvell firmware-based Areca cards) was added in version 1.72 - 1.75 of arc.c. According to CVS, this version made it into OPENBSD_4_3. The only change since release has been the addition to control the LEDs via bioctl. So, is it the firmware? the definition in pcidevs? I'm just baffled as to why the card shows up but the drives don't. I really, really don't want to keep Linux on this machine, so _any_ help is greatly appreciated. -- Ryan Corder [EMAIL PROTECTED]
Re: PF and Binat
On Jul 14, 2008, at 10:00 PM, Ryan McBride wrote: On Mon, Jul 14, 2008 at 09:48:22PM -0700, Parvinder Bhasin wrote: Actually Ryan, when I do the aliases way , do I still need the binat statements? because when I use aliases and binat statements together, it doesn't work. Without the binat statements and with aliases everything works fine?? If you do aliases without the binat, you're not connecting to your natted hosts, you're connecting to your firewall. I understand that part fine, I use RDR when not using binat. It works fine. I would really like to make it work through binat than the RDR. So what do you think the config should look like? what gives? Oh, I missed this before: pass in on $ext_if proto tcp from any to 75.36.44.22 port 80 pass in on $ext_if proto tcp from any to 75.36.44.23 port 25 Filtering happens AFTER translation, so you need to filter on the real addresses of the hosts, not the alias addresses. Hmm by real ip do you mean internal ips of the servers??
