date:20081202

mutt and ffs stat performance when starting mutt

2008-12-02 Thread David Schulz

Hi,

I am running OpenBSD 4.4 i386. I have a 20 Gigabyte Mailbox inside my 
Home folder in ~/mail/ in maildir format. Altogether there are about 
148800 Mails inside. Yes its too big, and probably should be split up 
better, but it is what it is, and occasionally i need to search trough 
it for some old Information. For this i have installed mutt-1.5.18.

Here is my .muttrc , plane jane:
set mbox_type=Maildir
set folder=$HOME/mail
set spoolfile=+/INBOX
set header_cache=/faster/hcache/
set message_cachedir=/faster/bcache/
set check_new=no
set read_inc=1000
ignore *
unignore From To Cc Subject Date Reply-To Organization X-Mailer

If i now type `mutt` into my Terminal, mutt will take about 736 seconds 
just to open up the Mailbox, displaying a "Reading 
/home/ds/mail/INBOX...x/148800 (3%)".
`top` shows the CPU (P4, 3GhZ) working away at 60% or so, but vmstat -c 
100 nor iostat -c 100 show much activity.

If i now add the Option unset maildir_header_cache_verify to my .muttrc 
, opening mutt takes about 9 seconds, much much faster, so it seems my 
maildir is very slow to stat.

maildir_header_cache_verify means : Check for Maildir unaware programs 
other than Mutt-ng having modified maildir files when the header cache 
is in use. This incurs one stat(2) per message every time the folder is 
opened.

Can anyone tell me why this is? Does this have to do with our Filesystem 
and that there are a lot of files in a directory, or is the reason to be 
searched inside mutt? Are there maybe some other Ideas i can use to 
improve my mutt performance?

In any case, if someone else has a ridiculously big mailbox and finds 
mutt is slow to open it, consider adding 'unset 
maildir_header_cache_verify' to your .muttrc.

Thanks and regards,
David
OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) D CPU 3.00GHz ("GenuineIntel" 686-class) 3 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,CNXT-ID,CX16,xTPR
real mem  = 1064660992 (1015MB)
avail mem = 1021030400 (973MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 10/23/07, BIOS32 rev. 0 @ 0xf0010, SMBIOS 
rev. 2.5 @ 0xfcd70 (27 entries)
bios0: vendor American Megatrends Inc. version "080014" date 10/23/2007
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 3.0 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf55f0/192 (10 entries)
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801GH LPC" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xea00!
cpu0 at mainbus0
cpu0: Enhanced SpeedStep disabled by BIOS
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82945G Host" rev 0x02
vga1 at pci0 dev 2 function 0 "Intel 82945G Video" rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
agp0 at vga1: aperture at 0xe000, size 0x1000
drm at vga1 unsupported
azalia0 at pci0 dev 27 function 0 "Intel 82801GB HD Audio" rev 0x01: irq 10
azalia0: codec[s]: Realtek ALC883
audio0 at azalia0
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: irq 5
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x01: irq 11
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: irq 3
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x01: irq 10
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01: irq 5
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb0 at pci0 dev 30 function 0 "Intel 82801BA Hub-to-PCI" rev 0xe1
pci1 at ppb0 bus 1
rl0 at pci1 dev 5 function 0 "Realtek 8139" rev 0x10: irq 7, address 
00:1b:22:03:1a:30
rlphy0 at rl0 phy 0: RTL internal PHY
ichpcib0 at pci0 dev 31 function 0 "Intel 82801GB LPC" rev 0x01: PM disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x01: DMA, channel 0 
configured to compatibility, channel 1 configured to compatibility
atapiscsi0 at pciide0 channel 0 drive 1
scsibus0 at atapiscsi0: 2 targets, initiator 7
cd0 at scsibus0 targ 0 lun 0:  ATAPI 5/cdrom removable
cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 5
pciide0: channel 1 disabled (no drives)
pciide1 at pci0 dev 31 function 2 "Intel 82801GB SATA" rev 0x01: DMA, channel 0 
configured to native-PCI, channel 1 configured to native-PCI
pciide1: using irq 11 for native-PCI interrupt
wd0 at pciide1 channel 1 drive 0: 
wd0: 16-sector PIO, LBA, 78167MB, 160086528 sectors
wd0(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 5
ichiic0 at pci0 dev 31 function 3 "Intel 82801GB SMBus" rev 0x01: irq 11
iic0 at ichiic0
spdmem0 at iic0 addr 0x52: 1GB DDR2 SDRAM non-parity PC2-5300CL5
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: U

Re: bash for root?

2008-12-02 Thread Brian

--- On Tue, 12/2/08, Ted Unangst <[EMAIL PROTECTED]> wrote:

> > Install bash statically linked.  That's all.
> 
> Never make a mistake.  That's all.

Exactly.  I don't get this thread.  I mean, I could understand BASH as an 
option when openBSD was moving off of csh back in the day.  But ksh works 
pretty much just like BASH, so I just don't get this.  Is this just minor 
growing pains of someone coming over from linux?

Re: halt -p does not power off ThinkPad X61 under 4.4

2008-12-02 Thread David Schulz


Matthew Szudzik wrote:
used halt -p to shutdown the machine and walked away. The next morning i 
found that while it appears to have shutdown correctly, the machine did 
not power off but instead showed


syncing disks...done
uchi2: host controller halted



This bug has been supposedly fixed in OpenBSD -current. See
 http://marc.info/?l=openbsd-bugs&m=122788235218793


!DSPAM:4933174b261041409213015!


  
I downloaded and installed the latest 4.4 Snapshot from 01.12.2008, and 
playing around with it for two days, it indeed seems that halt -p now 
powers down that machine. Many thanks!

Re: OpenBSD and XenSource

2008-12-02 Thread Dongsheng Song

Yes, I running OpenBSD amd64 in Debian 5.0(lenny) kvm box for OpenBSD
Translation
Status[1] at lease one month, it's fine!

[1] http://repo.e2echina.com/status/

---
Dongsheng Song

2008/12/3 Vinicius Vianna <[EMAIL PROTECTED]>:
> tico escreveu:
>>
>> Stephan A. Rickauer wrote:
>>>
>>> Those of you interested in running OpenBSD as a Xen guest in
>>> XenEnterprise might want to use this opportunity to raise their voice:
>>>
>>> http://forums.citrix.com/thread.jspa?threadID=151525
>>>
>>
>> Stephan, thanks for the notice -- I just posted my $0.02 on that board as
>> well. If you manage to make any progress in your efforts (or any one else's)
>> to run OpenBSD under Xen with any amount of usefulness, I'd be interested to
>> hear about it. Feel free to contact me off-list.
>>
>> Cheers!
>> -Tico
>
> Don't know if it fits your project, but have you tried KVM? Read at least
> Ubuntu is moving to it since some issues with licenses and code with Xen,
> don't know in depth what was.
> I have some OpenBSD's installed in KVM with no issues using the e1000
> emulated nic (em0 in OpenBSD) for some network test setups.
>
> HTH,
> DS

Re: OpenBSD and XenSource

2008-12-02 Thread Vinicius Vianna


tico escreveu:

Stephan A. Rickauer wrote:

Those of you interested in running OpenBSD as a Xen guest in
XenEnterprise might want to use this opportunity to raise their voice:

http://forums.citrix.com/thread.jspa?threadID=151525
  
Stephan, thanks for the notice -- I just posted my $0.02 on that board 
as well. If you manage to make any progress in your efforts (or any 
one else's) to run OpenBSD under Xen with any amount of usefulness, 
I'd be interested to hear about it. Feel free to contact me off-list.


Cheers!
-Tico
Don't know if it fits your project, but have you tried KVM? Read at 
least Ubuntu is moving to it since some issues with licenses and code 
with Xen, don't know in depth what was.
I have some OpenBSD's installed in KVM with no issues using the e1000 
emulated nic (em0 in OpenBSD) for some network test setups.


HTH,
DS

Re: Failure to NAT

2008-12-02 Thread - Tethys

On Tue, Dec 2, 2008 at 9:47 PM, Stijn <[EMAIL PROTECTED]> wrote:


> Can you post the output of "pfctl -s all".

I could do, but the problem was the lack of pf=YES in rc.conf

It all works fine now.

Tet

-- 
Perl is like vise grips. You can do anything with it but it is the
wrong tool for every job. -- Bruce Eckel

Re: radeondrm issues

2008-12-02 Thread Dan Harnett

On Tue, Dec 02, 2008 at 11:50:16PM +, Stuart Henderson wrote:
> On 2008-12-02, Dan Harnett <[EMAIL PROTECTED]> wrote:
> > Also, curious how one
> > can tell the machine panic'd rather than simply not repainting the
> > screen if there is nothing there.
> 
> ssh'ing in from another machine...

Of course.  But the T43 is a laptop.  Anything else to try if you're out
in the field with it, or for whatever reason it's standalone?  My T42
stopped working with one of the recent changes (already fixed).  I blame
myself for installing a snapshot without testing it before heading out
with the unit.  I just found myself in the same boat as the OP.  There
have been several times X has crashed on this machine and the console
was left so dim I almost didn't notice that there was something to read.
I'm at a loss how one can tell the machine locked up, panic'd, or the
console is just dim without typing blindly.  The OP seems convinced it
panic'd, but then said he got no reaction to ddb commands.

Re: bash for root?

2008-12-02 Thread Jesse Zbikowski

Nick Holland wrote:
>the generally bad idea of duplicate user numbers

I am not aware that this is considered a bad idea to have two
usernames for the same UID.  It is a pretty established practice to
add a so-called "toor" username for exactly the reason of getting a
nice superuser shell.  I have been doing this in a production
environment for years with no problem.

http://en.wikipedia.org/wiki/Toor

Re: radeondrm issues

2008-12-02 Thread Dan Harnett

On Wed, Dec 03, 2008 at 12:12:48AM +0100, Mattieu Baptiste wrote:
> 
> You can imagine that if I had the oportunity to do something on the console,
> I would have already done that.

You'd be surprised.

> The point is the screen goes black and the only solution I have is to reboot
> the machine. oga@ suggested me to ask if other people with a proper serial
> console can reproduce the problem.

You failed to mention this in your first post.

> That is the reason I ask misc.

How up to date is your source tree?  You said you've had this problem
for a few days.  Have you updated since a few days ago?  There have been
several fixes for radeons.  Did you try a kernel with drm and radeondrm
disabled to see if it makes any difference?  Did you try backing out any
source to an earlier version to narrow down what change could have broke
this?  Does dropping kqemu change anything?

> > You can try `boot reboot`, or `boot dump`, either might give you
> > information, but its not guarenteed.
> 
> Thanks for the suggestion Peter but it doesn't change anything. The machine
> has no reaction.

Well, you should notice the hard drive light go solid with a 'boot
dump'.  That is if you have enough space.  It will take a while as you
have quite a bit of memory.  Besides the light, the machine will appear
to be doing nothing.  I would suggest hitting enter before typing 'boot
dump' incase there is any garbage input on the console.  You're also
typing blind.  Don't assume that you're in DDB or that DDB is behaving
nicely.

Da li ste već odabrali poklone za Novu Godinu?

2008-12-02 Thread Top Shop

Top Shop

PoruD
ite prazniD
ne poklone.
Veliki izbor, odliD
ne ponude. Kliknite ovde i odaberite poklone.

PoD
etna

Kuhinja i domaDinstvo

Budi fit!

Lepota

Zabava

Zdravlje

IgraD
ke

Knjige

Originalni prazniD
ni pokloni samo na e-topshop!

PoE!tovani,

Praznici su veD pred vratima. Kako bi pretprazniD
na kupovina za vas
bila jednostavnija i brE>a, pripremili smo specijalnu internet stranicu -
sa izborom najboljih Top Shop proizvoda i magiD
nim iznenaDenjima.

Na jednom mestu Dete lako pronaDi sve za svoje najdraE>e: decu,
partnera, roditelje ... pored toga - pokloni su sortirani i po cenama.
Kako biste doE>iveli potpunu prazniD
nu D
aroliju dodali smo poklone,
popuste i nekoliko praktiD
nih saveta. Kliknite ovde i proverite.

E=elimo vam vesele praznike i istinsko uE>ivanje u biranju poklona!
VaE! Top Shop tim

Saveti za uE>ivanje u praznicima

>> E ta sve D
ini savrE!ene praznike?

>> Tajne prazniD
nog ukraE!avanja

>>PrazniD
ni filmovi za prijatne veD
eri provedene uz televizor

>> 5 stvarno loE!ih poklona za Novu Godinu

>> Praznici su na pragub& Pravite li E>urku?

>> Zablistajte za Novu godinu - Ideje za novogodiE!nju toaletu

Posebna ponuda za vaE!u novogodiE!nju kupovinu

Air Climber

Air Climber

Cena: 7.641,50 RSD
15% popusta!

[ViE!e]

Air Lounge

Air Lounge

Cena: 5.091,50 RSD
15% popusta!

[ViE!e]

Bun & Thigh Doer

Bun & Thigh Doer

Cena: 5.091,50 RSD
15% popusta!

[ViE!e]

Ab Rocket

Ab Rocket

Cena: 6.490,00 RSD

+ POKLON

[ViE!e]

Total Sauna

Total Sauna

Cena: 8.990,00 RSD
+ POKLON

[ViE!e]

Celluless

Celluless

Cena: 3.990,00 RSD
+ POKLON

[ViE!e]

Didi Car

Didi Car

Cena: 3.391,50 RSD
15% popusta!

[ViE!e]

Table Mate 4 Kids

Table Mate 4 Kids

Cena: 2.490,00 RSD
17% popusta!

[ViE!e]

The Bean

The Bean

Cena: 3.646,50

15% popust!

[ViE!e]

Odaberite svoj poklon
-

Za maliE!ane

Za maliE!ane

Za E>ene

Za E>ene

Za muE!karce

Za muE!karce

Za starije

Za starije

Ovaj e-mail je poslat na adresu: [EMAIL PROTECTED] Dobijate ga jer ste
uD
estvovali u nagradnim i poklon igrama ili na neki drugi naD
in
svojevoljno ostavili svoju e-mail adresu na www.e-topshop.tv ili se
prijavili za Top Shop e-magazin.

Uslovi ponude date u ovom e-mailu vaE>e samo za porudE>bine putem
Interneta ili broja telefona 021 489 26 60. TakoDe, isporuka je moguDa
samo u okviru teritorije Republike Srbije.

Ukoliko viE!e ne E>elite da primate naE!u elektronsku poE!tu, kliknite
ovde. U obrazac na stranici upiE!ite svoju taD
nu e-mail adresu i odjavu
potvrdite.

Ponude date u ovom e-mail vaE>e do isteka zaliha. Isporuka do Nove Godine
zagarantovana je samo za proizvode za koje je to posebno napomenuto na
stranici www.e-topshop.tv.

STUDIO MODERNA, d.o.o., Bulevar vojvode Stepe 30, 21000 Novi Sad, R.
Srbija, Tel: 021 489 29 00; Fax: 021 489 29 08, e-mail:
[EMAIL PROTECTED]

[IMAGE]If you would no longer like to receive our emails please
unsubscribe by clicking here.

Re: radeondrm issues

2008-12-02 Thread Stuart Henderson

On 2008-12-02, Dan Harnett <[EMAIL PROTECTED]> wrote:
> Also, curious how one
> can tell the machine panic'd rather than simply not repainting the
> screen if there is nothing there.

ssh'ing in from another machine...

> The OP hasn't mentioned anything like this.

indeed.

Re: bash for root?

2008-12-02 Thread Juan Miscaro

2008/12/2 System Administrator <[EMAIL PROTECTED]>:
> On 2 Dec 2008 at 14:33, Juan Miscaro wrote:
>
>> 2008/12/2 Daniel Ouellet <[EMAIL PROTECTED]>:
>> > Juan Miscaro wrote:
>> >>
>> >> 2008/12/2 Tony Abernethy <[EMAIL PROTECTED]>:
>> >>>
>> >>> Juan Miscaro wrote:
>> 
>>  I turn off those annoying checks and I use the same password.
>>   Works great.
>> 
>>  /juan
>> 
>> >>> ... until it doesn't.
>> >>
>> >> Got anything to back that up?
>>
>>
>> > I remember one specially where a user had to drive about 200 miles...
>> >...He forget that bash wasn't compile statically and needed library...
>>
>> Stop.
>>
>> Install bash statically linked.  That's all.
>
> You are missing a very important point that Chris Linn has aluded to:
> no two shells are exactly alike and sooner or later a script written
> for one will blow-up in another. And since OpenBSD comes with and
> reasonably assumes that /bin/sh is the Korn Shell, all system (i.e.
> root) scripts are written accordingly. The converse is also a likely
> problem -- you install bash as root shell and start installing bash-
> specific scripts critical for system operation. Then during an upgrade
> bash is no longer available or is no longer statically compiled
> (remember bash in packages is dynamic and you have to upgrade the base
> OS before you can custom build your bastardized port...)

Who would be stupid enough to write system scripts in bash?  Just
because a user (again, I'm not even talking about root but a user with
same uid/gid) has a bash shell does not force him to write bash
scripts.

> The long and the short of it has been repeated here many times:
>
>"leave the root shell alove"

And as I've also said many times: "I am".

/juan

Re: radeondrm issues

2008-12-02 Thread Dan Harnett

On Tue, Dec 02, 2008 at 10:08:49PM +0100, Peter Hessler wrote:
> 
> minor problem.  X doesn't repaint the screen into text mode when it
> panics, so its not possible to read anything.

I'm aware of that.  Though, the OP simply mentioned not having a serial
port.  Nada about there being nothing to read.  Also, curious how one
can tell the machine panic'd rather than simply not repainting the
screen if there is nothing there.  Typing blindly and see what happens?
The OP hasn't mentioned anything like this.

> You can try `boot reboot`, or `boot dump`, either might give you
> information, but its not guarenteed.

The Xorg log for the failed session wouldn't hurt either.  Unless X is
spinning, the old log would be rotated and saved.

: CVSROOT:/cvs
: Module name:src
: Changes by: [EMAIL PROTECTED] 2008/11/24 16:00:33
: 
: Modified files:
: sys/dev/pci/drm: ati_pcigart.c radeon_cp.c radeon_drv.c 
:  radeon_state.c 
: 
: Log message:
: Work around the stupidity of radeondrm by double checking that things are
: running before we play with things.
: 
: Lots more cleanup needed, but now you can shut X without it crashing.

Suspicious, no?  Does the OP's source tree contain that fix?  I'll just
re-iterate my suggestion to use a vanilla GENERIC kernel from a snapshot
or -current.  Dropping kqemu to rule it out also does not hurt.  Trying
a kernel with drm and radeondrm disabled might also help to narrow down
the cause.

Re: radeondrm issues

2008-12-02 Thread Mattieu Baptiste

On Tue, Dec 2, 2008 at 10:08 PM, Peter Hessler <[EMAIL PROTECTED]> wrote:

> :
> :From http://www.openbsd.org/faq/faq2.html#Bugs
> :
> :  "...  In this case, Smart User provided output captured on a serial
> :  console; if you can not do that, you will have to use paper and pencil
> :  to record the crash."
> :
> :You can use any means necessary to copy that information.  Some methods
> :are more tedious than others.  As long as the end result is readable
> :plain text.
>

You can imagine that if I had the oportunity to do something on the console,
I would have already done that.

The point is the screen goes black and the only solution I have is to reboot
the machine. oga@ suggested me to ask if other people with a proper serial
console can reproduce the problem.

That is the reason I ask misc.

>
>
> minor problem.  X doesn't repaint the screen into text mode when it
> panics, so its not possible to read anything.
>
> You can try `boot reboot`, or `boot dump`, either might give you
> information, but its not guarenteed.

Thanks for the suggestion Peter but it doesn't change anything. The machine
has no reaction.

-- 
Mattieu Baptiste
"/earth is 102% full ... please delete anyone you can."

Re: PANIC on latest source

2008-12-02 Thread David Gwynne


On 02/12/2008, at 11:11 PM, Insan Praja SW wrote:

On Tue, 02 Dec 2008 11:17:42 +0700, David Gwynne <[EMAIL PROTECTED]>  
wrote:

Hi,
Here the dmesg attach after compiling the source. It works just fine  
but I

can't change em(4) MTU over 1600.


thanks for testing the diff.

not all em(4) adapters support large MTUs. try changing it on all  
three of yours, if one works then i suggest you rewire to take  
advantage of it.


dlg



$ sudo ifconfig em0 mtu 1514
ifconfig: SIOCSIFMTU: Invalid argument
$ sudo ifconfig re0 mtu 1600

Thanks,

Insan

OpenBSD 4.4-current (GENERIC) #0: Wed Dec  3 01:22:28 WIT 2008
 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
RTC BIOS diagnostic error 9
cpu0: Intel(R) Pentium(R) D CPU 3.00GHz ("GenuineIntel" 686-class)  
3.01 GHz

cpu0:
FPU 
,V86 
,DE 
,PSE 
,TSC 
,MSR 
,PAE 
,MCE 
,CX8 
,APIC 
,SEP 
,MTRR 
,PGE 
,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,S

SE3,MWAIT,DS-CPL,EST,CNXT-ID,CX16,xTPR
real mem  = 2142744576 (2043MB)
avail mem = 2063687680 (1968MB)
RTC BIOS diagnostic error 9
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/13/07, SMBIOS rev. 2.4 @
0x7fbe4000 (43 entries)
bios0: vendor Intel Corporation version
"S3000.86B.02.00.0051.091720081311" date 09/17/2008
bios0: Intel S3000AH
acpi0 at bios0: rev 0
acpi0: tables DSDT SLIC FACP APIC WDDT HPET MCFG ASF! SSDT SSDT SSDT  
SSDT

SSDT HEST BERT ERST EINJ
acpi0: wakeup devices SLPB(S4) P32_(S4) UAR1(S1) PEX4(S4) PEX5(S4)
UHC1(S1) UHC2(S1) UHC3(S1) UHC4(S1) EHCI(S1) AC9M(S4) AZAL(
S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 4 (P32_)
acpiprt2 at acpi0: bus 1 (PEX0)
acpiprt3 at acpi0: bus -1 (PEX1)
acpiprt4 at acpi0: bus -1 (PEX2)
acpiprt5 at acpi0: bus -1 (PEX3)
acpiprt6 at acpi0: bus 2 (PEX4)
acpiprt7 at acpi0: bus 3 (PEX5)
acpicpu0 at acpi0: FVS, 3000, 2400 MHz
acpibtn0 at acpi0: SLPB
bios0: ROM list: 0xc/0x9000 0xc9000/0x1800
cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel E7230 Host" rev 0x00
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01: irq 9
pci1 at ppb0 bus 1
ppb1 at pci0 dev 28 function 4 "Intel 82801G PCIE" rev 0x01: irq 9
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 5 "Intel 82801G PCIE" rev 0x01: irq 11
pci3 at ppb2 bus 3
em0 at pci3 dev 0 function 0 "Intel PRO/1000MT (82573E)" rev 0x03:  
irq 9,

address 00:15:17:39:1c:bc
"Intel 82573E Serial" rev 0x03 at pci3 dev 0 function 3 not configured
"Intel 82573E KCS" rev 0x03 at pci3 dev 0 function 4 not configured
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: irq 11
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x01: irq 10
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: irq 11
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x01: irq 11
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01: irq 11
ehci0: timed out waiting for BIOS
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb3 at pci0 dev 30 function 0 "Intel 82801BA Hub-to-PCI" rev 0xe1
pci4 at ppb3 bus 4
re0 at pci4 dev 0 function 0 "Realtek 8169" rev 0x10: RTL8169S  
(0x0400),

irq 11, address 00:13:f7:55:00:b7
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 0
fxp0 at pci4 dev 1 function 0 "Intel 8255x" rev 0x08, i82559: irq 11,
address 00:02:55:64:99:a8
inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4
vga1 at pci4 dev 4 function 0 "ATI ES1000" rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
radeondrm0 at vga1
drm0 at radeondrm0
em1 at pci4 dev 5 function 0 "Intel PRO/1000MT (82541GI)" rev 0x05:  
irq 9,

address 00:15:17:39:1c:bd
ichpcib0 at pci0 dev 31 function 0 "Intel 82801GB LPC" rev 0x01: PM
disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x01: DMA,
channel 0 configured to compatibility, channel 1 configur
ed to compatibility
pciide0: channel 0 disabled (no drives)
pciide0: channel 1 disabled (no drives)
pciide1 at pci0 dev 31 function 2 "Intel 82801GB SATA" rev 0x01: DMA,
channel 0 configured to native-PCI, channel 1 configured
  to native-PCI
pciide1: using irq 10 for native-PCI interrupt
wd0 at pciide1 channel 0 drive 0: 
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5
ichiic0 at pci0 dev 31 function 3 "Intel 82801GB SMBus" rev 0x01:  
irq 10

iic0 at ichiic0
adt0 at iic0 addr 0x2e: sch5027 rev 0x69
spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5
spdmem1 at iic0 addr 0x52: 1GB DDR2 SDRAM non-parity PC2-5300CL5
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4

Re: radeondrm issues

2008-12-02 Thread Peter Hessler

On 2008 Dec 02 (Tue) at 14:19:42 -0500 (-0500), Dan Harnett wrote:
:On Tue, Dec 02, 2008 at 04:40:28PM +0100, Mattieu Baptiste wrote:
:> 
:> I noticed some problems with radeondrm since a few days. I have an IBM T43
:> (dmesg following) and when I exit X, my system crashes. Since it is a laptop
:> without serial port, I can not give further details.
:> 
:> I contacted oga@ about this issue but it's impossible to diagnose without
:> more details than a dmesg... So I send this email to misc to see if people
:> are in the same situation but with a built-in serial port in the machine.
:
:From http://www.openbsd.org/faq/faq2.html#Bugs
:
:  "...  In this case, Smart User provided output captured on a serial
:  console; if you can not do that, you will have to use paper and pencil
:  to record the crash."
:
:You can use any means necessary to copy that information.  Some methods
:are more tedious than others.  As long as the end result is readable
:plain text.

minor problem.  X doesn't repaint the screen into text mode when it
panics, so its not possible to read anything.

You can try `boot reboot`, or `boot dump`, either might give you
information, but its not guarenteed.

-- 
I like your game but we have to change the rules.

Re: bash for root?

2008-12-02 Thread System Administrator

On 2 Dec 2008 at 14:33, Juan Miscaro wrote:

> 2008/12/2 Daniel Ouellet <[EMAIL PROTECTED]>:
> > Juan Miscaro wrote:
> >>
> >> 2008/12/2 Tony Abernethy <[EMAIL PROTECTED]>:
> >>>
> >>> Juan Miscaro wrote:
> 
>  I turn off those annoying checks and I use the same password.
>   Works great.
> 
>  /juan
> 
> >>> ... until it doesn't.
> >>
> >> Got anything to back that up?
> 
> 
> > I remember one specially where a user had to drive about 200 miles...
> >...He forget that bash wasn't compile statically and needed library...
> 
> Stop.
> 
> Install bash statically linked.  That's all.

You are missing a very important point that Chris Linn has aluded to: 
no two shells are exactly alike and sooner or later a script written 
for one will blow-up in another. And since OpenBSD comes with and 
reasonably assumes that /bin/sh is the Korn Shell, all system (i.e. 
root) scripts are written accordingly. The converse is also a likely 
problem -- you install bash as root shell and start installing bash-
specific scripts critical for system operation. Then during an upgrade 
bash is no longer available or is no longer statically compiled 
(remember bash in packages is dynamic and you have to upgrade the base 
OS before you can custom build your bastardized port...)

The long and the short of it has been repeated here many times:

"leave the root shell alove"

> 
> /juan

Re: bash for root?

2008-12-02 Thread Daniel Ouellet


Juan Miscaro wrote:

2008/12/2 Daniel Ouellet <[EMAIL PROTECTED]>:

Juan Miscaro wrote:

2008/12/2 Tony Abernethy <[EMAIL PROTECTED]>:

Juan Miscaro wrote:

I turn off those annoying checks and I use the same password.
 Works great.

/juan


... until it doesn't.

Got anything to back that up?




I remember one specially where a user had to drive about 200 miles...
...He forget that bash wasn't compile statically and needed library...


Stop.

Install bash statically linked.  That's all.

/juan


And the default is not, so do it every time and one day you will forget 
it, or someone else will upgrade that box for you and will not think 
about it, nor will you check it out.


Like I said, do as you wish, your box, your head.

Forget best practice until you get stuck, or forget one day to recompile 
it statically.


misc@ is full of example like that.

Do as you wish, you have been warn about it.

I am done.

Re: radeondrm issues

2008-12-02 Thread Dan Harnett

On Tue, Dec 02, 2008 at 04:40:28PM +0100, Mattieu Baptiste wrote:
> 
> I noticed some problems with radeondrm since a few days. I have an IBM T43
> (dmesg following) and when I exit X, my system crashes. Since it is a laptop
> without serial port, I can not give further details.
> 
> I contacted oga@ about this issue but it's impossible to diagnose without
> more details than a dmesg... So I send this email to misc to see if people
> are in the same situation but with a built-in serial port in the machine.

>From http://www.openbsd.org/faq/faq2.html#Bugs

  "...  In this case, Smart User provided output captured on a serial
  console; if you can not do that, you will have to use paper and pencil
  to record the crash."

You can use any means necessary to copy that information.  Some methods
are more tedious than others.  As long as the end result is readable
plain text.

> kqemu: kqemu version 0x00010300 loaded, max locked mem=490732kB
> DDB symbols added: 331296 bytes

I also suggest using a vanilla GENERIC kernel from a snapshot or
-current without any kernel modules loaded when you gather the necessary
information.

Re: bash for root?

2008-12-02 Thread Jim Willis

Really? I mean really are we going to put this to bed yet? Cause I am bored
to tears seeing new replies to something so trivial! Next real diagnostic
issue please.

-Jim

Re: bash for root?

2008-12-02 Thread Ted Unangst

On Tue, Dec 2, 2008 at 2:33 PM, Juan Miscaro <[EMAIL PROTECTED]> wrote:
> Install bash statically linked.  That's all.

Never make a mistake.  That's all.

Re: bash for root?

2008-12-02 Thread Juan Miscaro

2008/12/2 Daniel Ouellet <[EMAIL PROTECTED]>:
> Juan Miscaro wrote:
>>
>> 2008/12/2 Tony Abernethy <[EMAIL PROTECTED]>:
>>>
>>> Juan Miscaro wrote:

 I turn off those annoying checks and I use the same password.
  Works great.

 /juan

>>> ... until it doesn't.
>>
>> Got anything to back that up?


> I remember one specially where a user had to drive about 200 miles...
>...He forget that bash wasn't compile statically and needed library...

Stop.

Install bash statically linked.  That's all.

/juan

Re: bash for root?

2008-12-02 Thread Christopher Linn

On Sat, Nov 29, 2008 at 08:46:00AM +, Dieter wrote:
> 
> What is wrong with bash as shell for root?
> (Assuming bash is in /bin and statically linked.)
> 

all talk of why or why not misses one highly held best practice 
for system management, no matter what the OS.

never change the default root shell. 

learn to use the "exec" builtin:

$ sudo su -
Password:
Terminal type? [xterm]
# exec bash
# 

now for this login session your interactive shell is bash, and you 
have all your favorite bells, whistles and blinken lights.

the time spent in typing "# exec my-favorite-shell" is about 2.0
seconds.  multiply that by the number of times you need an interactive
root shell, compare to the time spent without access to your system 
or recovering it from such problems.  because, if you continue to 
do stuff like that, eventually you will have such problems.

let me repeat that.

if you continue to do stuff like that, then eventually you will 
have such problems.

so, just learn to use exec.  simple and quick, keeps things clean.
(and working.)  you will even give other people the impression that 
you know what you are doing..

cel

p.s. 13+ years experience system management with NeXT, SunOS{4.x,5.x}, 
 MacOS, OpenBSD (2.2 to present), Linux, OSF1/Tru64.

-- 
Christopher Linn   | By no means shall either the CEC
System Administrator II   | or MTU be held in any way liable
  Center for Experimental Computation | for any opinions or conjecture I
Michigan Technological University | hold to or imply to hold herein.

Re: bash for root?

2008-12-02 Thread Daniel Ouellet


Juan Miscaro wrote:

2008/12/2 Tony Abernethy <[EMAIL PROTECTED]>:

Juan Miscaro wrote:

I turn off those annoying checks and I use the same password.
 Works great.

/juan


... until it doesn't.


Got anything to back that up?


If you really want stories about cases where users got cut into this 
before, just look in the archive and you will find many.


I remember one specially where a user had to drive about 200 miles based 
on what he said to fix it after an upgrade that got his system wrong and 
lock himself out where he could have access to the server with a user 
that had sh as the shell, but not in wheel group and the only users he 
could use for wheel were setup for bash and that was screw up. So, he 
had access to the server, but couldn't get access to root in anyway as 
it was bash for root and he just had to drive there to fix it. He forget 
that bash wasn't compile statically and needed library that he couldn't 
access then.


Something like that anyway. It's been about 1 1/2 years I think, so my 
memory may be somewhat fuzzy, but if I recall properly, that's was about 
it, or close to it anyway. He got a lots of help trying to help him, but 
tin the end, no other option then a long drive.


So you do as you see fit, that's your system after all. No one will be 
stuck other then you if that happened, but plenty give you the warning 
about it. In the end, you do as you see fit.


I know very wise people give you advise and warning on it, I would very 
strongly recommend to listen to them, but in the end, do as you see fit. 
It's your time in the end and your head.


Best,

Daniel

Re: bash for root?

2008-12-02 Thread Juan Miscaro

2008/12/2 Tony Abernethy <[EMAIL PROTECTED]>:
> Juan Miscaro wrote:
>>
>> I turn off those annoying checks and I use the same password.
>>  Works great.
>>
>> /juan
>>
> ... until it doesn't.

Got anything to back that up?

/juan

Re: voip card

2008-12-02 Thread Victor Camacho


Michiel van Baak wrote:

On 15:20, Tue 02 Dec 08, sonjaya wrote:
  

have you try in openbsd 4.3 or 4.4   ?
I try make one small box for voip service with openbsd  4.3/4.4



At the moment there is no stable zaptel version for OpenBSD 4.4.
But I think it's best to ask on the asterisk-bsd mailinglist hosted by
Digium (the company behind asterisk)

My advise is to use PSTN gateways like linksys or grandstream or .

  
The BSDTalk podcast #166 just did an interview with John Todd who is an 
Asterisk Open Source Community Director. Good interview. He says he runs 
Asterisk on OpenBSD but also said that there are issues with using the 
zaptel driver. The zaptel driver is changing its name to DAHDI (Digium 
Asterisk Hardware Device Interface). Of course I just purchased a Digium 
board to set up a pbx to use my business POTS lines and incorporate 
VOIP. I did not know about the Patton box, thank you Stuart. If I cannot 
use the Digium board with OpenBSD then I may look into that box to 
connect to POTS and internal analog phones. If I can move this project 
up on my list I will report back.


Victor Camacho

radeondrm issues

2008-12-02 Thread Mattieu Baptiste

Hi all,

I noticed some problems with radeondrm since a few days. I have an IBM T43
(dmesg following) and when I exit X, my system crashes. Since it is a laptop
without serial port, I can not give further details.

I contacted oga@ about this issue but it's impossible to diagnose without
more details than a dmesg... So I send this email to misc to see if people
are in the same situation but with a built-in serial port in the machine.

Thanks,

OpenBSD 4.4-current (GENERIC) #35: Fri Nov 28 14:47:51 CET 2008
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) M processor 1.86GHz ("GenuineIntel" 686-class)
1.87 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2
real mem  = 1005023232 (958MB)
avail mem = 963420160 (918MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 08/21/06, BIOS32 rev. 0 @ 0xfd760,
SMBIOS rev. 2.33 @ 0xe0010 (64 entries)
bios0: vendor IBM version "1YET65WW (1.29 )" date 08/21/2006
bios0: IBM 2668WEV
apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 99%
apm0: AC on, battery charge high
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xfd6f0/0x910
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdeb0/256 (14 entries)
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82371FB ISA" rev 0x00)
pcibios0: PCI bus #12 is the last bus
bios0: ROM list: 0xc/0x1 0xd/0x1600 0xd1800/0x1000
0xdc000/0x4000! 0xe/0x1
cpu0 at mainbus0: (uniprocessor)
cpu0: Enhanced SpeedStep 1867 MHz (1308 mV): speeds: 1867, 1600, 1333, 1067,
800 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82915GM Host" rev 0x03
ppb0 at pci0 dev 1 function 0 "Intel 82915GM PCIE" rev 0x03: irq 11
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Radeon Mobility M300 M22" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
radeondrm0 at vga1
drm0 at radeondrm0
ppb1 at pci0 dev 28 function 0 "Intel 82801FB PCIE" rev 0x03: irq 11
pci2 at ppb1 bus 2
bge0 at pci2 dev 0 function 0 "Broadcom BCM5751M" rev 0x11, BCM5750 B1
(0x4101): irq 11, address 00:11:25:d3:54:2c
brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0
ppb2 at pci0 dev 28 function 2 "Intel 82801FB PCIE" rev 0x03: irq 11
pci3 at ppb2 bus 3
uhci0 at pci0 dev 29 function 0 "Intel 82801FB USB" rev 0x03: irq 11
uhci1 at pci0 dev 29 function 1 "Intel 82801FB USB" rev 0x03: irq 11
uhci2 at pci0 dev 29 function 2 "Intel 82801FB USB" rev 0x03: irq 11
uhci3 at pci0 dev 29 function 3 "Intel 82801FB USB" rev 0x03: irq 11
ehci0 at pci0 dev 29 function 7 "Intel 82801FB USB" rev 0x03: irq 11
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb3 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xd3
pci4 at ppb3 bus 11
cbb0 at pci4 dev 0 function 0 "Ricoh 5C476 CardBus" rev 0x8d: irq 11
iwi0 at pci4 dev 2 function 0 "Intel PRO/Wireless 2200BG" rev 0x05: irq 11,
address 00:12:f0:dc:3d:69
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 12 device 0 cacheline 0x0, lattimer 0xb0
pcmcia0 at cardslot0
auich0 at pci0 dev 30 function 2 "Intel 82801FB AC97" rev 0x03: irq 11, ICH6
AC97
ac97: codec id 0x41445374 (Analog Devices AD1981B)
ac97: codec features headphone, 20 bit DAC, No 3D Stereo
audio0 at auich0
"Intel 82801FB Modem" rev 0x03 at pci0 dev 30 function 3 not configured
ichpcib0 at pci0 dev 31 function 0 "Intel 82801FBM LPC" rev 0x03: PM
disabled
pciide0 at pci0 dev 31 function 2 "Intel 82801FBM SATA" rev 0x03: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA, 76319MB, 156301488 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets, initiator 7
cd0 at scsibus0 targ 0 lun 0:  ATAPI
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
ichiic0 at pci0 dev 31 function 3 "Intel 82801FB SMBus" rev 0x03: irq 11
iic0 at ichiic0
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: 
spkr0 at pcppi0
lpt2 at isa0 port 0x3bc/4: polled
aps0 at isa0 port 0x1600/31
npx0 at isa0

Re: Failure to NAT

2008-12-02 Thread Nick Ryan

is pf enabled? sounds like it's just acting as a router at the mo to  
me...


pf -ef /etc/pf.conf



On 2 Dec 2008, at 15:10, - Tethys wrote:


Hi...

The hard drive on my firewall machine died overnight, so I rebuilt
it with a new hard drive this morning. I grabbed the most recent
OpenBSD CD I had to hand (which was 3.8 -- yes, I know, and the
order for 4.4 followed as soon as I got to work and had net access
again).

The problem is that while I have net access from the firewall itself,
I don't from any of the machines on my internal network. After playing
with tcpdump, it seems that packets are coming in fine on the internal
interface, and are leaving on the external interface, but are not  
being

NATed on the way through. Nothing is being logged on pflog0.

My internal interface is 192.168.8.1, and the external interface is
10.0.8.224/28. My minimal pf.conf[1] looks like:

int = "fxp0"
ext = "rl0"

nat on rl0 from 192.168.8.4 to any -> 10.0.8.230

block in log
pass in log quick on $int
pass out log on $ext keep state

192.168.8.4 is the test machine I'm using on the internal network.
Yet packets from that machine are leaving rl0 with a source IP of
192.168.8.4, not 10.0.8.230 as the NAT rule implies they should be.

Obviously I'll reinstall with 4.4 when it arrives, but in the mean
time, I'm stuck without net access for most of the machines in the
house, and urgently need to sort this out.

Any ideas on where I might be going wrong, and what I can do to fix  
it?


Thanks,

Tet

[1] Obviously the real one will be somewhat more complex, but I need
   to get something working first, and then I'll build a pf.conf
   that does what I need.

--
Perl is like vise grips. You can do anything with it but it is the
wrong tool for every job. -- Bruce Eckel

Re: Hardware recomendations please

2008-12-02 Thread Louis V. Lambrecht


Stuart Henderson wrote:

On 2008-12-02, nuffnough <[EMAIL PROTECTED]> wrote:
  

Hey there.

My firewalls are getting old, so I thought it would be a great idea to
replace them.  I figured that a budget of around $1500 would be more
than adequate,  but because no one makes mobos with 5 pci slots
anymore I am struggling to get these under $2800.

I have requirements for 6 legs plus the carp sync (which I could do
with a usb nowadays,  so that means just 6).  The rest of the system
is relatively undemanding, so 4 gig RAM is overkill, and it doesn't
require huge CPU grunt either.  It would be great if I could fit it
into a small formfactor case to save rackspace, but this isn't worth
$2k to me.

Please recommend mobo/NIC combo that would fit within the budget!



Most 1U servers have at least two onboard network interfaces (dell r200,
dell 1950, hp dl140, dl145, ...) and there are a few choices for 4-port
PCI-X and PCIE cards. If you look harder you find 6-port ones too e.g.
hotlavasystems.com (copper or SFP, Intel chips, look like rebadged
solway.co.kr boards) and silicom.co.il (copper, Broadcom).

Or "firewall-on-a-stick" as mentioned before is a good option in some
environments (tagged VLANs to a managed switch).


  

Ever considered non "standard" PC's (what it might mean).
http://www.soekris.com/net4801.htm
http://www.pcengines.ch/alix.htm
these really cuts your budget and are well OpenBSD supported.

Failure to NAT

2008-12-02 Thread - Tethys

Hi...

The hard drive on my firewall machine died overnight, so I rebuilt
it with a new hard drive this morning. I grabbed the most recent
OpenBSD CD I had to hand (which was 3.8 -- yes, I know, and the
order for 4.4 followed as soon as I got to work and had net access
again).

The problem is that while I have net access from the firewall itself,
I don't from any of the machines on my internal network. After playing
with tcpdump, it seems that packets are coming in fine on the internal
interface, and are leaving on the external interface, but are not being
NATed on the way through. Nothing is being logged on pflog0.

My internal interface is 192.168.8.1, and the external interface is
10.0.8.224/28. My minimal pf.conf[1] looks like:

int = "fxp0"
ext = "rl0"

nat on rl0 from 192.168.8.4 to any -> 10.0.8.230

block in log
pass in log quick on $int
pass out log on $ext keep state

192.168.8.4 is the test machine I'm using on the internal network.
Yet packets from that machine are leaving rl0 with a source IP of
192.168.8.4, not 10.0.8.230 as the NAT rule implies they should be.

Obviously I'll reinstall with 4.4 when it arrives, but in the mean
time, I'm stuck without net access for most of the machines in the
house, and urgently need to sort this out.

Any ideas on where I might be going wrong, and what I can do to fix it?

Thanks,

Tet

[1] Obviously the real one will be somewhat more complex, but I need
to get something working first, and then I'll build a pf.conf
that does what I need.

-- 
Perl is like vise grips. You can do anything with it but it is the
wrong tool for every job. -- Bruce Eckel

Re: bash for root?

2008-12-02 Thread Tony Abernethy

Juan Miscaro wrote:
> 
> I turn off those annoying checks and I use the same password. 
>  Works great.
> 
> /juan
> 
... until it doesn't.

Re: voip card

2008-12-02 Thread Michiel van Baak

On 15:20, Tue 02 Dec 08, sonjaya wrote:
> have you try in openbsd 4.3 or 4.4   ?
> I try make one small box for voip service with openbsd  4.3/4.4

At the moment there is no stable zaptel version for OpenBSD 4.4.
But I think it's best to ask on the asterisk-bsd mailinglist hosted by
Digium (the company behind asterisk)

My advise is to use PSTN gateways like linksys or grandstream or .

> 
> thank's
> 
> On Tue, Dec 2, 2008 at 2:04 PM, Zafer Da:tan <[EMAIL PROTECTED]> wrote:
> > Stuart Henderson yazm}~:
> >> On 2008-12-01, sonjaya <[EMAIL PROTECTED]> wrote:
> >>
> >>> Dear all
> >>>
> >>> do you have anyone here using voip card ( digium , sangoma etc ) in
> >>> openbsd , i will be thank's if someone share 
> >>>
> >>>
> >>
> >> no, but there are PSTN/SIP gateways which cost about the same as the
> >> cards (e.g. patton)
> >>
> >>
> > I used Sangoma FXS/FXO+asterisk cards in 3.8 in experimental network and
> > it worked well.  if zaptel is ported properly, I think there will be no
> > problem. (one point voip cards are no longer supported for OpenBSD)
> >
> > --
> >
> > Zafer Da~tan
> >
> > *Z-Sistem*
> > *]nternet Serv. Bili~im Tekno. Veri G|v. San Tic. Ltd. ^ti.*
> > Adres : Beyler Cad. Dost Kent Yan} No:4 Gayyolu / ANKARA TR 06530
> > Tel : +90 (0) 312 238 24 15
> > Faks  : +90 (0) 312 238 24 18
> > GSM  : +90 (0) 532 548 28 30
> > http://www.z-sistem.com 
> > http://www.i-bekci.com 
> >
> >
> 
> 
> 
> -- 
> sonjaya
> http://idsale.blogspot.com
> 

-- 

Michiel van Baak
[EMAIL PROTECTED]
http://michiel.vanbaak.eu
GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x71C946BD

"Why is it drug addicts and computer aficionados are both called users?"

Re: bash for root?

2008-12-02 Thread Juan Miscaro

2008/12/1 Nick Holland <[EMAIL PROTECTED]>:
> Juan Miscaro wrote:
> ...
>>
>> Why not set up a user (ex: bigguy) and then force his uid and gid to
>> be 0 and 0 with vipw?  Give that user a nice coloured bash prompt and
>> set up directories in his home.  This way you get a customized
>> superuser while keeping the real root environment pristine.
>
> Other than generating duplicate user number error reports from the nightly
> security check, the generally bad idea of duplicate user numbers, creating
> confusion and ambiguity that doesn't need to be there, the likelihood that
> you will have forgot the 'root' password when you need it and being a really
> silly way to solve a completely non-problem?  No reason at all.

I turn off those annoying checks and I use the same password.  Works great.

/juan

Re: PANIC on latest source

2008-12-02 Thread Insan Praja SW


On Tue, 02 Dec 2008 11:17:42 +0700, David Gwynne <[EMAIL PROTECTED]> wrote:
Hi,
Here the dmesg attach after compiling the source. It works just fine but I
can't change em(4) MTU over 1600.
$ sudo ifconfig em0 mtu 1514
ifconfig: SIOCSIFMTU: Invalid argument
$ sudo ifconfig re0 mtu 1600

Thanks,

Insan

OpenBSD 4.4-current (GENERIC) #0: Wed Dec  3 01:22:28 WIT 2008
  [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
RTC BIOS diagnostic error 9
cpu0: Intel(R) Pentium(R) D CPU 3.00GHz ("GenuineIntel" 686-class) 3.01 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,S
SE3,MWAIT,DS-CPL,EST,CNXT-ID,CX16,xTPR
real mem  = 2142744576 (2043MB)
avail mem = 2063687680 (1968MB)
RTC BIOS diagnostic error 9
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/13/07, SMBIOS rev. 2.4 @
0x7fbe4000 (43 entries)
bios0: vendor Intel Corporation version
"S3000.86B.02.00.0051.091720081311" date 09/17/2008
bios0: Intel S3000AH
acpi0 at bios0: rev 0
acpi0: tables DSDT SLIC FACP APIC WDDT HPET MCFG ASF! SSDT SSDT SSDT SSDT
SSDT HEST BERT ERST EINJ
acpi0: wakeup devices SLPB(S4) P32_(S4) UAR1(S1) PEX4(S4) PEX5(S4)
UHC1(S1) UHC2(S1) UHC3(S1) UHC4(S1) EHCI(S1) AC9M(S4) AZAL(
S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 4 (P32_)
acpiprt2 at acpi0: bus 1 (PEX0)
acpiprt3 at acpi0: bus -1 (PEX1)
acpiprt4 at acpi0: bus -1 (PEX2)
acpiprt5 at acpi0: bus -1 (PEX3)
acpiprt6 at acpi0: bus 2 (PEX4)
acpiprt7 at acpi0: bus 3 (PEX5)
acpicpu0 at acpi0: FVS, 3000, 2400 MHz
acpibtn0 at acpi0: SLPB
bios0: ROM list: 0xc/0x9000 0xc9000/0x1800
cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel E7230 Host" rev 0x00
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01: irq 9
pci1 at ppb0 bus 1
ppb1 at pci0 dev 28 function 4 "Intel 82801G PCIE" rev 0x01: irq 9
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 5 "Intel 82801G PCIE" rev 0x01: irq 11
pci3 at ppb2 bus 3
em0 at pci3 dev 0 function 0 "Intel PRO/1000MT (82573E)" rev 0x03: irq 9,
address 00:15:17:39:1c:bc
"Intel 82573E Serial" rev 0x03 at pci3 dev 0 function 3 not configured
"Intel 82573E KCS" rev 0x03 at pci3 dev 0 function 4 not configured
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: irq 11
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x01: irq 10
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: irq 11
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x01: irq 11
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01: irq 11
ehci0: timed out waiting for BIOS
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb3 at pci0 dev 30 function 0 "Intel 82801BA Hub-to-PCI" rev 0xe1
pci4 at ppb3 bus 4
re0 at pci4 dev 0 function 0 "Realtek 8169" rev 0x10: RTL8169S (0x0400),
irq 11, address 00:13:f7:55:00:b7
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 0
fxp0 at pci4 dev 1 function 0 "Intel 8255x" rev 0x08, i82559: irq 11,
address 00:02:55:64:99:a8
inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4
vga1 at pci4 dev 4 function 0 "ATI ES1000" rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
radeondrm0 at vga1
drm0 at radeondrm0
em1 at pci4 dev 5 function 0 "Intel PRO/1000MT (82541GI)" rev 0x05: irq 9,
address 00:15:17:39:1c:bd
ichpcib0 at pci0 dev 31 function 0 "Intel 82801GB LPC" rev 0x01: PM
disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x01: DMA,
channel 0 configured to compatibility, channel 1 configur
ed to compatibility
pciide0: channel 0 disabled (no drives)
pciide0: channel 1 disabled (no drives)
pciide1 at pci0 dev 31 function 2 "Intel 82801GB SATA" rev 0x01: DMA,
channel 0 configured to native-PCI, channel 1 configured
   to native-PCI
pciide1: using irq 10 for native-PCI interrupt
wd0 at pciide1 channel 0 drive 0: 
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5
ichiic0 at pci0 dev 31 function 3 "Intel 82801GB SMBus" rev 0x01: irq 10
iic0 at ichiic0
adt0 at iic0 addr 0x2e: sch5027 rev 0x69
spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5
spdmem1 at iic0 addr 0x52: 1GB DDR2 SDRAM non-parity PC2-5300CL5
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at

4.4 arrives in Brazil

2008-12-02 Thread Ricardo Augusto de Souza

OpenBSD 4.4 arrives in Brazil.

http://www.temporeal.com.br/produtos.php?id=172290


It4s just R$ 99,00

Re: Hardware recomendations please

2008-12-02 Thread Stuart Henderson

On 2008-12-02, nuffnough <[EMAIL PROTECTED]> wrote:
> Hey there.
>
> My firewalls are getting old, so I thought it would be a great idea to
> replace them.  I figured that a budget of around $1500 would be more
> than adequate,  but because no one makes mobos with 5 pci slots
> anymore I am struggling to get these under $2800.
>
> I have requirements for 6 legs plus the carp sync (which I could do
> with a usb nowadays,  so that means just 6).  The rest of the system
> is relatively undemanding, so 4 gig RAM is overkill, and it doesn't
> require huge CPU grunt either.  It would be great if I could fit it
> into a small formfactor case to save rackspace, but this isn't worth
> $2k to me.
>
> Please recommend mobo/NIC combo that would fit within the budget!

Most 1U servers have at least two onboard network interfaces (dell r200,
dell 1950, hp dl140, dl145, ...) and there are a few choices for 4-port
PCI-X and PCIE cards. If you look harder you find 6-port ones too e.g.
hotlavasystems.com (copper or SFP, Intel chips, look like rebadged
solway.co.kr boards) and silicom.co.il (copper, Broadcom).

Or "firewall-on-a-stick" as mentioned before is a good option in some
environments (tagged VLANs to a managed switch).

Re: sendmail and PF

2008-12-02 Thread Jay Torrini

Keeping state on the outgoing connections worked like a charm. I also
took your advice and removed quick from my SSH rule (don't recall
why I had it there in the first place). Thanks to everyone for their help.

On Tue, Dec 2, 2008 at 3:11 AM, Martin Toft <[EMAIL PROTECTED]> wrote:

> You have nothing that creates states for connections being made in the
> outgoing direction. I am not completely certain, but something like
> "pass out" before other filtering rules should make your day :-)
>
> It would also be cleaner if you deleted "quick" from the ssh rule and
> moved it down to the domain and smtp rules... IMHO.
>
> Just remember that filtering is "last matching rule wins", and you will
> rarely need the quick keyword.
>
> Martin

Re: Hardware recomendations please

2008-12-02 Thread Joseph A Borg


I just bought an Asus P5KPL-C, if you're going really cheap.
http://asus.com/products.aspx?l1=3&l2=11&l3=563&l4=0&model=1978&modelmenu=2

The onboard Gbit ethernet is not compatible with OpenBSD, it lacks  
onboard graphics, but has 4 onboard sata ports available and 1 pata,  
if you need them. Has 3pci, 1x pcie x16, 1x pcie x1


As for nic cards I use realtek, but I'm cheap!



On Dec 2, 2008, at 07:43, nuffnough wrote:


Hey there.

My firewalls are getting old, so I thought it would be a great idea to
replace them.  I figured that a budget of around $1500 would be more
than adequate,  but because no one makes mobos with 5 pci slots
anymore I am struggling to get these under $2800.

I have requirements for 6 legs plus the carp sync (which I could do
with a usb nowadays,  so that means just 6).  The rest of the system
is relatively undemanding, so 4 gig RAM is overkill, and it doesn't
require huge CPU grunt either.  It would be great if I could fit it
into a small formfactor case to save rackspace, but this isn't worth
$2k to me.

Please recommend mobo/NIC combo that would fit within the budget!

TIA

nuffi

Re: sendmail and PF

2008-12-02 Thread Stuart Henderson

On 2008-12-02, Jay Torrini <[EMAIL PROTECTED]> wrote:
> In response to people who keep telling me to allow SMTP out: that has
> not and will not help since no outgoing packets are ever filtered.
>
> A quick check to pflog reveals many such lines:
>
> Dec 02 02:37:42.368333 rule 5/(match) block in on dc0: \
> 68.87.69.146.53 > 192.168.1.102.17175: 41421 NXDomain[|domain] (DF)
> Dec 02 02:37:55.356917 rule 5/(match) block in on dc0: \
> 68.87.78.130.53 > 192.168.1.102.2207: 41421 NXDomain[|domain] (DF)
> Dec 02 02:37:55.691202 rule 5/(match) block in on dc0: \
> 68.87.85.98.53 > 192.168.1.102.33981: 43339 0/1/0 (84) (DF) [tos 0x48]
> Dec 02 02:38:00.729462 rule 5/(match) block in on dc0: \
> 68.87.69.146.53 > 192.168.1.102.30325: 43339 0/1/0 (84) (DF)
> Dec 02 02:38:05.719205 rule 5/(match) block in on dc0: \
> 68.87.78.130.53 > 192.168.1.102.22741: 43339 0/1/0 (84) (DF)
>
>
> This is after opening udp 50 and 53.
>
> At the risk of being a broken record: I really just need to know what to
> let in since nothing is filtered going out.

You don't *pass* any outgoing packets either, so no state is created
to allow the return packets back.

Re: sendmail and PF

2008-12-02 Thread Martin Toft

On Mon, Dec 01, 2008 at 11:40:17AM -0700, Jay Torrini wrote:
> Just need to know what to let in.
> 
> ext_if="dc0"
> trusted = "REMOVED"
> webports = "{ http }"
> table  persist file "/etc/pf.blockedip.conf"
> 
> set block-policy return
> set optimization aggressive
> scrub in all
> 
> antispoof for $ext_if
> 
> pass in quick on $ext_if inet proto tcp from $trusted to $ext_if port ssh
> 
> block in log (all) all
> 
> block in quick from 
> 
> pass in on $ext_if proto tcp from any to $ext_if port $webports
> 
> pass in on $ext_if inet proto tcp from any to any port domain
> pass in on $ext_if inet proto tcp from any to any port smtp

You have nothing that creates states for connections being made in the
outgoing direction. I am not completely certain, but something like
"pass out" before other filtering rules should make your day :-)

It would also be cleaner if you deleted "quick" from the ssh rule and
moved it down to the domain and smtp rules... IMHO.

Just remember that filtering is "last matching rule wins", and you will
rarely need the quick keyword.

Martin

Re: sendmail and PF

2008-12-02 Thread Peter N. M. Hansteen

"Jay Torrini" <[EMAIL PROTECTED]> writes:

> In response to people who keep telling me to allow SMTP out: that has
> not and will not help since no outgoing packets are ever filtered.

see what happens if you add logging to your smtp pass rule

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: sendmail and PF

2008-12-02 Thread Jay Torrini

In response to people who keep telling me to allow SMTP out: that has
not and will not help since no outgoing packets are ever filtered.

A quick check to pflog reveals many such lines:

Dec 02 02:37:42.368333 rule 5/(match) block in on dc0: \
68.87.69.146.53 > 192.168.1.102.17175: 41421 NXDomain[|domain] (DF)
Dec 02 02:37:55.356917 rule 5/(match) block in on dc0: \
68.87.78.130.53 > 192.168.1.102.2207: 41421 NXDomain[|domain] (DF)
Dec 02 02:37:55.691202 rule 5/(match) block in on dc0: \
68.87.85.98.53 > 192.168.1.102.33981: 43339 0/1/0 (84) (DF) [tos 0x48]
Dec 02 02:38:00.729462 rule 5/(match) block in on dc0: \
68.87.69.146.53 > 192.168.1.102.30325: 43339 0/1/0 (84) (DF)
Dec 02 02:38:05.719205 rule 5/(match) block in on dc0: \
68.87.78.130.53 > 192.168.1.102.22741: 43339 0/1/0 (84) (DF)


This is after opening udp 50 and 53.

At the risk of being a broken record: I really just need to know what to
let in since nothing is filtered going out.
I hope I'm not misunderstanding something here.

On Mon, Dec 1, 2008 at 8:48 PM, ropers <[EMAIL PROTECTED]> wrote:

> If I understand you correctly, then PF and sendmail are running on the
> same host and you'd like to send emails from that host to somewhere
> else. This means you have, in the first instance, to allow smtp
> traffic OUT. (Once state is established, the conversation with the
> other MTA will proceed anyway, and replies from the remote MTA will be
> let through.) None of your quoted rules appear to allow smtp traffic
> OUT, just in but that's irrelevant, for the said reason. Jason's rule
> should sort you out.
>
> 'Hope I'm not mistaken/overlooking something, and 'hope this helps,
> Cheers,
> --ropers

Re: Hardware recomendations please

2008-12-02 Thread Rod Whitworth

On Tue, 2 Dec 2008 17:43:39 +1100, nuffnough wrote:

>Hey there.
>
>My firewalls are getting old, so I thought it would be a great idea to
>replace them.  I figured that a budget of around $1500 would be more
>than adequate,  but because no one makes mobos with 5 pci slots
>anymore I am struggling to get these under $2800.
>
>I have requirements for 6 legs plus the carp sync (which I could do
>with a usb nowadays,  so that means just 6).  The rest of the system
>is relatively undemanding, so 4 gig RAM is overkill, and it doesn't
>require huge CPU grunt either.  It would be great if I could fit it
>into a small formfactor case to save rackspace, but this isn't worth
>$2k to me.
>
>Please recommend mobo/NIC combo that would fit within the budget!

OK I know how many ether ports you need but little else.

However I have just received two of these
http://www.yawarra.com.au/product.php?productCode=HW-NT55-R2 (Go down
the spec list and choose the 500MHz processor for board 1, choose the
LAN 1641 for board 2 and you will see a price of $1220.00)

The price includes Aussie GST 10% so divide by 1.1 and then correct for
$AUD1=$US0.64 and you get a nice surprise.

You could just buy the case and get the boards from Soekris.
Also note that the internal PSU is specced at 240V input but the input
range is 100-240VAC.

I have to configure two of these in a CARP setup with BGPd handling a
/21 IPv4 feed and a /32 IPv6 feed with three sources (1 v4, 1 v6, 1
both). That's really fun - I've never done any BGP before but, after
all, I am using OpenBSD so I'll get there somehow. 8-)

>
>TIA
>
>nuffi
>

*** NOTE *** Please DO NOT CC me. I  subscribed to the list.
Mail to the sender address that does not originate at the list server is 
tarpitted. The reply-to: address is provided for those who feel compelled to 
reply off list. Thankyou.

Rod/
/earth: write failed, file system is full
cp: /earth/creatures: No space left on device

Re: Hardware recomendations please

2008-12-02 Thread Jussi Peltola

On Tue, Dec 02, 2008 at 05:43:39PM +1100, nuffnough wrote:
> Hey there.
> 
> My firewalls are getting old, so I thought it would be a great idea to
> replace them.  I figured that a budget of around $1500 would be more
> than adequate,  but because no one makes mobos with 5 pci slots
> anymore I am struggling to get these under $2800.
> 
> I have requirements for 6 legs plus the carp sync (which I could do
> with a usb nowadays,  so that means just 6).  The rest of the system
> is relatively undemanding, so 4 gig RAM is overkill, and it doesn't
> require huge CPU grunt either.  It would be great if I could fit it
> into a small formfactor case to save rackspace, but this isn't worth
> $2k to me.
> 
> Please recommend mobo/NIC combo that would fit within the budget!
 
Any server, some extra gigabit cards and a good manageable switch. That
will take an extra rack unit but should fit in $1500. With the small
(depth-wise) supermicro servers it might actually fit in 1U but that's a
bit hack-ish.

-- 
Jussi Peltola

Re: bash for root?

2008-12-02 Thread Sean Kamath


On Dec 1, 2008, at 4:55 AM, Nick Holland wrote:
Other than generating duplicate user number error reports from the  
nightly security check, the generally bad idea of duplicate user  
numbers, creating confusion and ambiguity that doesn't need to be  
there, the likelihood that you will have forgot the 'root' password  
when you need it and being a really silly way to solve a completely  
non-problem?  No reason at all.


Just sudo when you need to be root -- avoids ever logging in as root  
unless something's *REALLY* wrong.  You can keep your shell (or better  
yet, just run the command you need to run as root).


Sean

Re: voip card

2008-12-02 Thread sonjaya

have you try in openbsd 4.3 or 4.4   ?
I try make one small box for voip service with openbsd  4.3/4.4

thank's

On Tue, Dec 2, 2008 at 2:04 PM, Zafer Da:tan <[EMAIL PROTECTED]> wrote:
> Stuart Henderson yazm}~:
>> On 2008-12-01, sonjaya <[EMAIL PROTECTED]> wrote:
>>
>>> Dear all
>>>
>>> do you have anyone here using voip card ( digium , sangoma etc ) in
>>> openbsd , i will be thank's if someone share 
>>>
>>>
>>
>> no, but there are PSTN/SIP gateways which cost about the same as the
>> cards (e.g. patton)
>>
>>
> I used Sangoma FXS/FXO+asterisk cards in 3.8 in experimental network and
> it worked well.  if zaptel is ported properly, I think there will be no
> problem. (one point voip cards are no longer supported for OpenBSD)
>
> --
>
> Zafer Da~tan
>
> *Z-Sistem*
> *]nternet Serv. Bili~im Tekno. Veri G|v. San Tic. Ltd. ^ti.*
> Adres : Beyler Cad. Dost Kent Yan} No:4 Gayyolu / ANKARA TR 06530
> Tel : +90 (0) 312 238 24 15
> Faks  : +90 (0) 312 238 24 18
> GSM  : +90 (0) 532 548 28 30
> http://www.z-sistem.com 
> http://www.i-bekci.com 
>
>



-- 
sonjaya
http://idsale.blogspot.com

46 matches

Mail list logo