vic(4) problems with Dec 11th snap

[Brian Keefer]

Has anyone else had problems with vic(4) in the Dec 11th i386 snap?  I  
have a guest on ESXi 3.5 that I upgraded from 4.3 to 4.4-release and  
it was working fine, but then I upgraded to the latest i386 snap and I  
no longer saw any traffic to/from the guest when viewing tcpdump, even  
on other guest VMs on the same host.  To clarify I only saw outgoing  
ARP requests (from the guest itself), no incoming traffic what so  
ever.  No ARP replies, no broadcast, nothing... none of the other  
guests saw the outbound traffic.


Disabling ACPI made no difference (was the only thing I could think of  
based on a diff of the dmesgs).


I rolled back to the 4.4-release kernel and it worked fine.

OpenBSD 4.4-current (GENERIC) #1610: Thu Dec 11 19:55:57 MST 2008
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Xeon(TM) CPU 2.66GHz (GenuineIntel 686-class) 2.88 GHz
cpu0:  
FPU 
,V86 
,DE 
,PSE 
,TSC 
,MSR 
,PAE 
,MCE 
,CX8 
,APIC 
,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS

real mem  = 402157568 (383MB)
avail mem = 380329984 (362MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 01/30/08, BIOS32 rev. 0 @  
0xfd880, SMBIOS rev. 2.31 @ 0xe0010 (45 entries)

bios0: vendor Phoenix Technologies LTD version 6.00 date 01/30/2008
bios0: VMware, Inc. VMware Virtual Platform
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC BOOT
acpi0: wakeup devices USB_(S1)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0
acpibat0 at acpi0: BAT1 not present
acpibat1 at acpi0: BAT2 not present
acpiac0 at acpi0: AC unit online
bios0: ROM list: 0xc/0x8000 0xc8000/0x1e00! 0xca000/0x1000  
0xdc000/0x4000! 0xe/0x4000!

cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x01
ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x01
pci1 at ppb0 bus 1
piixpcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x08
pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA,  
channel 0 configured to compatibility, channel 1 configured to  
compatibility

atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets, initiator 7
cd0 at scsibus0 targ 0 lun 0: NECVMWar, VMware IDE CDR00, 1.00 ATAPI  
5/cdrom removable

cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
piixpm0 at pci0 dev 7 function 3 Intel 82371AB Power rev 0x08: SMBus  
disabled

vga1 at pci0 dev 15 function 0 VMware Virtual SVGA II rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb1 at pci0 dev 16 function 0 VMware Virtual PCI-PCI rev 0x02
pci2 at ppb1 bus 2
mpi0 at pci2 dev 0 function 0 Symbios Logic 53c1030 rev 0x01: irq 9
scsibus1 at mpi0: 16 targets, initiator 7
sd0 at scsibus1 targ 0 lun 0: VMware, Virtual disk, 1.0 SCSI2 0/ 
direct fixed

sd0: 8192MB, 512 bytes/sec, 16777216 sec total
mpi0: target 0 Sync at 160MHz width 16bit offset 127 QAS 1 DT 1 IU 1
vic0 at pci2 dev 1 function 0 AMD 79c970 PCnet-PCI rev 0x10: irq 11,  
address 00:0c:29:72:b1:81

isa0 at piixpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask e765 netmask ef65 ttymask 
mtrr: Pentium Pro MTRR support
softraid0 at root
root on sd0a swap on sd0b dump on sd0b

[ch...@suez scratch]$ diff 20080812-release-dmesg 20081211-snap-dmesg
1c1
 OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008
---
 OpenBSD 4.4-current (GENERIC) #1610: Thu Dec 11 19:55:57 MST 2008
3c3
 cpu0: Intel(R) Xeon(TM) CPU 2.66GHz (GenuineIntel 686-class) 2.74  
GHz

---
 cpu0: Intel(R) Xeon(TM) CPU 2.66GHz (GenuineIntel 686-class) 2.88  
GHz

6c6
 avail mem = 380170240 (362MB)
---
 avail mem = 380329984 (362MB)
11,17c11,19
 apm0 at bios0: Power Management spec V1.2
 apm0: AC on, battery charge unknown
 acpi at bios0 function 0x0 not configured
 pcibios0 at bios0: rev 2.1 @ 0xfd880/0x780
 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf30/176 (9 entries)
 pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371FB ISA rev  
0x00)

 pcibios0: PCI bus #2 is the last bus
---
 acpi0 at bios0: rev 0
 acpi0: tables DSDT FACP APIC BOOT
 acpi0: wakeup devices USB_(S1)
 acpitimer0 at acpi0: 3579545 Hz, 24 bits
 acpiprt0 at acpi0: bus 0 (PCI0)
 acpicpu0 at acpi0
 acpibat0 at acpi0: BAT1 not present
 acpibat1 at acpi0: BAT2 not present
 acpiac0 at acpi0: 

Re: OT, .. but eCommerce?

[Toni Mueller]

Hi,

On Sat, 13.12.2008 at 01:09:35 -0500, bofh goodb...@gmail.com wrote:
 Really unfortunate nothing non-PHP based.

well, we're running Interchange (www.icdevgroup.org), which is
Perl-based, but will most likely switch to Satchmo
(www.satchmoproject.com), which was already mentioned, which works on
top of Django (www.djangoproject.com).

 Hopefully one day, some one will have an itch to scratch that will not
 be PHP based.

No need to let yourself be blinded by the plethora of PHP stuff, imho.


Kind regards,
--Toni++

Re: vic(4) problems with Dec 11th snap

[David Gwynne]

vic seems fickle with jumbos. ive backed them out very recently, so  
try building your own kernel or wait for a new snapshot. it should be  
working now.


dlg

On 13/12/2008, at 6:51 PM, Brian Keefer wrote:

Has anyone else had problems with vic(4) in the Dec 11th i386 snap?   
I have a guest on ESXi 3.5 that I upgraded from 4.3 to 4.4-release  
and it was working fine, but then I upgraded to the latest i386 snap  
and I no longer saw any traffic to/from the guest when viewing  
tcpdump, even on other guest VMs on the same host.  To clarify I  
only saw outgoing ARP requests (from the guest itself), no incoming  
traffic what so ever.  No ARP replies, no broadcast, nothing... none  
of the other guests saw the outbound traffic.


Disabling ACPI made no difference (was the only thing I could think  
of based on a diff of the dmesgs).


I rolled back to the 4.4-release kernel and it worked fine.

OpenBSD 4.4-current (GENERIC) #1610: Thu Dec 11 19:55:57 MST 2008
   dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Xeon(TM) CPU 2.66GHz (GenuineIntel 686-class) 2.88  
GHz
cpu0:  
FPU 
,V86 
,DE 
,PSE 
,TSC 
,MSR 
,PAE 
,MCE 
,CX8 
,APIC 
,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS

real mem  = 402157568 (383MB)
avail mem = 380329984 (362MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 01/30/08, BIOS32 rev. 0 @  
0xfd880, SMBIOS rev. 2.31 @ 0xe0010 (45 entries)

bios0: vendor Phoenix Technologies LTD version 6.00 date 01/30/2008
bios0: VMware, Inc. VMware Virtual Platform
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC BOOT
acpi0: wakeup devices USB_(S1)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0
acpibat0 at acpi0: BAT1 not present
acpibat1 at acpi0: BAT2 not present
acpiac0 at acpi0: AC unit online
bios0: ROM list: 0xc/0x8000 0xc8000/0x1e00! 0xca000/0x1000  
0xdc000/0x4000! 0xe/0x4000!

cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x01
ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x01
pci1 at ppb0 bus 1
piixpcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x08
pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA,  
channel 0 configured to compatibility, channel 1 configured to  
compatibility

atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets, initiator 7
cd0 at scsibus0 targ 0 lun 0: NECVMWar, VMware IDE CDR00, 1.00  
ATAPI 5/cdrom removable

cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
piixpm0 at pci0 dev 7 function 3 Intel 82371AB Power rev 0x08:  
SMBus disabled

vga1 at pci0 dev 15 function 0 VMware Virtual SVGA II rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb1 at pci0 dev 16 function 0 VMware Virtual PCI-PCI rev 0x02
pci2 at ppb1 bus 2
mpi0 at pci2 dev 0 function 0 Symbios Logic 53c1030 rev 0x01: irq 9
scsibus1 at mpi0: 16 targets, initiator 7
sd0 at scsibus1 targ 0 lun 0: VMware, Virtual disk, 1.0 SCSI2 0/ 
direct fixed

sd0: 8192MB, 512 bytes/sec, 16777216 sec total
mpi0: target 0 Sync at 160MHz width 16bit offset 127 QAS 1 DT 1 IU 1
vic0 at pci2 dev 1 function 0 AMD 79c970 PCnet-PCI rev 0x10: irq  
11, address 00:0c:29:72:b1:81

isa0 at piixpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask e765 netmask ef65 ttymask 
mtrr: Pentium Pro MTRR support
softraid0 at root
root on sd0a swap on sd0b dump on sd0b

[ch...@suez scratch]$ diff 20080812-release-dmesg 20081211-snap-dmesg
1c1
 OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008
---
 OpenBSD 4.4-current (GENERIC) #1610: Thu Dec 11 19:55:57 MST 2008
3c3
 cpu0: Intel(R) Xeon(TM) CPU 2.66GHz (GenuineIntel 686-class)  
2.74 GHz

---
 cpu0: Intel(R) Xeon(TM) CPU 2.66GHz (GenuineIntel 686-class)  
2.88 GHz

6c6
 avail mem = 380170240 (362MB)
---
 avail mem = 380329984 (362MB)
11,17c11,19
 apm0 at bios0: Power Management spec V1.2
 apm0: AC on, battery charge unknown
 acpi at bios0 function 0x0 not configured
 pcibios0 at bios0: rev 2.1 @ 0xfd880/0x780
 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf30/176 (9 entries)
 pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371FB ISA  
rev 0x00)

 pcibios0: PCI bus #2 is the last bus
---
 acpi0 at bios0: rev 0
 acpi0: tables DSDT FACP APIC BOOT
 acpi0: 

Re: type of softraid

[Michael]

Hi,

Stuart Henderson schrieb:
 On 2008-12-12, Stuart Henderson s...@spacehopper.org wrote:
 On 2008-12-12, Marco Peereboom sl...@peereboom.us wrote:
 It isn't pretty but:
 dd if=/dev/wd1a skip=8244 bs=1 count=4 | hexdump -C
 4+0 records in
 4+0 records out
 4 bytes transferred in 0.001 secs (3263 bytes/sec)
   41 00 00 00   |A...|
 0004
 Here's a fragment you can add to /etc/magic so that these can be
 recognised with file -s /dev/wd1a.

 8192string  marcCRAMOpenBSD softraid
 8244   long03777  RAID 0
 8244   long03777  0001RAID 1
 8244   long03777  0041AOE target
 8244   long03777  004ccrypto
 8244   long03777  006cAOE initiator
 Filling in more flags from softraidvar.h sr_metadata is left as
 an exercise for the reader :)


 
 better:
 
 8192string  marcCRAMOpenBSD softraid
 8200   long0x 0  version %u
 8244  long0x RAID 0
 8244  long0x 0001RAID 1
 8244  long0x 0041AOE target
 8244  long0x 004ccrypto
 8244  long0x 006cAOE initiator

Thanks a lot, however as long as this doesn't make it into base I prefer
Marcos version to solve the problem. Makes the script more machine
independent.

Would you consider to commit a patch for magic if I provide one?


Michael

Re: Forcing re driver to 1000baseT = no connection? (4.4 release)

[Henning Brauer]

* Josh Archambault j...@snowplow.org [2008-11-20 18:12]:
 At 10Mb/s and 100Mb/s there are good reasons to fix media speed and  
 duplex

no.

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg  Amsterdam

Please test this on all available nVidia AHCI-capable controllers

[Mike Belopuhov]

Including MCP65, MCP67, MCP73, MCP77 and MCP79 families.

If you see something like this in your dmesg:

pciide1 at pci0 dev 9 function 0 NVIDIA MCP77 AHCI rev 0xa2: \
DMA (unsupported)

please make sure you've switched your SATA controller to the native
(or AHCI mode) in the BIOS.

** ACHTUNG! ACHTUNG! ***

If you switch your controller from compatible to native mode, disk
names will be changed too!  From wdX to sdX.  Please take this into
account.



The patch should apply cleanly on 4.3, 4.4 and -current.

Please report back any breakage and success if you've switched to AHCI
mode.

Cheers.

Index: ahci.c
===
RCS file: /cvs/src/sys/dev/pci/ahci.c,v
retrieving revision 1.145
diff -u -p -u -r1.145 ahci.c
--- ahci.c  13 Dec 2008 11:49:54 -  1.145
+++ ahci.c  13 Dec 2008 12:58:32 -
@@ -648,6 +648,12 @@ ahci_pci_attach(struct device *parent, s
}
}
 
+   /*
+*  nVidia AHCI controllers need special handling
+*/
+   if (ad-ad_vendor == PCI_VENDOR_NVIDIA)
+   sc-sc_flags |= AHCI_F_IGN_FR;
+
if (pci_intr_map(pa, ih) != 0) {
printf(: unable to map interrupt\n);
return;

Re: type of softraid

[Cesare Gargano]

On 12/12/08 11:07 -0600, Marco Peereboom wrote:
 It isn't pretty but:
 dd if=/dev/wd1a skip=8244 bs=1 count=4 | hexdump -C
 4+0 records in
 4+0 records out
 4 bytes transferred in 0.001 secs (3263 bytes/sec)
   41 00 00 00   |A...|
 0004
 
 wd1a is the cooked RAID partition.  In this case this is an AOE target.
 If it was crypto it would have been 4c 00 00 00 |C...|
 
 Currently the possible values are: 0x00 (RAID 0), 0x01 (RAID 1), 0x41
 (AOE target), 0x4c (CRYPTO)  0x61 (AOE initiator).
 Note that softraid is not endian neutral so on big endian machines the
 numbers are flipped.


wd0i is my RAID partition:

.. $ dd if=/dev/wd0i skip=8244 bs=1 count=4 | hexdump -C
4+0 records in
4+0 records out
4 bytes transferred in 0.000 secs (11799 bytes/sec)
  43 00 00 00   |C...|
0004
.. $

what does 0x43 means?

regards,
c.

 
 FWIW,
 /marco
 
 On Fri, Dec 12, 2008 at 01:33:14PM +0100, Michael wrote:
  Todd T. Fries schrieb:
   tried 
   
 bioctl -h softraid0
   lately?
  
  
  Well, yes... but it only works if I already activated the softraid device...
  
  # bioctl -h softraid0
  Volume  Status   Size Device
  softraid0 0 Online   3.8G sd1 CRYPTO
0 Online   3.8G 0:0.0   noencl sd0a
  # bioctl -d sd1
  # bioctl -h softraid0
  
  
  ...but I would like to know what kind of type sd0a is before I try to use
  
  bioctl -c [01C] -l /dev/... softraid0
  
  to be able to use bioctl from a script, only for CRYPTO.
  
  Only other way I currently see is to set the label from disklabel of sd0
  to some name and check what to do from that information.

Re: type of softraid

[Marco Peereboom]

Crypto

On Sat, Dec 13, 2008 at 03:42:27PM +0100, Cesare Gargano wrote:
 On 12/12/08 11:07 -0600, Marco Peereboom wrote:
  It isn't pretty but:
  dd if=/dev/wd1a skip=8244 bs=1 count=4 | hexdump -C
  4+0 records in
  4+0 records out
  4 bytes transferred in 0.001 secs (3263 bytes/sec)
    41 00 00 00   |A...|
  0004
  
  wd1a is the cooked RAID partition.  In this case this is an AOE target.
  If it was crypto it would have been 4c 00 00 00 |C...|
  
  Currently the possible values are: 0x00 (RAID 0), 0x01 (RAID 1), 0x41
  (AOE target), 0x4c (CRYPTO)  0x61 (AOE initiator).
  Note that softraid is not endian neutral so on big endian machines the
  numbers are flipped.
 
 
 wd0i is my RAID partition:
 
 .. $ dd if=/dev/wd0i skip=8244 bs=1 count=4 | hexdump -C
 4+0 records in
 4+0 records out
 4 bytes transferred in 0.000 secs (11799 bytes/sec)
   43 00 00 00   |C...|
 0004
 .. $
 
 what does 0x43 means?
 
 regards,
 c.
 
  
  FWIW,
  /marco
  
  On Fri, Dec 12, 2008 at 01:33:14PM +0100, Michael wrote:
   Todd T. Fries schrieb:
tried 

bioctl -h softraid0
lately?
   
   
   Well, yes... but it only works if I already activated the softraid 
   device...
   
   # bioctl -h softraid0
   Volume  Status   Size Device
   softraid0 0 Online   3.8G sd1 CRYPTO
 0 Online   3.8G 0:0.0   noencl sd0a
   # bioctl -d sd1
   # bioctl -h softraid0
   
   
   ...but I would like to know what kind of type sd0a is before I try to use
   
   bioctl -c [01C] -l /dev/... softraid0
   
   to be able to use bioctl from a script, only for CRYPTO.
   
   Only other way I currently see is to set the label from disklabel of sd0
   to some name and check what to do from that information.

Re: type of softraid

[Cesare Gargano]

ok, so what does 0x4c means?

regards,
c.

On 13/12/08 08:52 -0600, Marco Peereboom wrote:
 Crypto
 
 On Sat, Dec 13, 2008 at 03:42:27PM +0100, Cesare Gargano wrote:
  On 12/12/08 11:07 -0600, Marco Peereboom wrote:
   It isn't pretty but:
   dd if=/dev/wd1a skip=8244 bs=1 count=4 | hexdump -C
   4+0 records in
   4+0 records out
   4 bytes transferred in 0.001 secs (3263 bytes/sec)
     41 00 00 00   |A...|
   0004
   
   wd1a is the cooked RAID partition.  In this case this is an AOE target.
   If it was crypto it would have been 4c 00 00 00 |C...|
   
   Currently the possible values are: 0x00 (RAID 0), 0x01 (RAID 1), 0x41
   (AOE target), 0x4c (CRYPTO)  0x61 (AOE initiator).
   Note that softraid is not endian neutral so on big endian machines the
   numbers are flipped.
  
  
  wd0i is my RAID partition:
  
  .. $ dd if=/dev/wd0i skip=8244 bs=1 count=4 | hexdump -C
  4+0 records in
  4+0 records out
  4 bytes transferred in 0.000 secs (11799 bytes/sec)
    43 00 00 00   |C...|
  0004
  .. $
  
  what does 0x43 means?
  
  regards,
  c.
  
   
   FWIW,
   /marco
   
   On Fri, Dec 12, 2008 at 01:33:14PM +0100, Michael wrote:
Todd T. Fries schrieb:
 tried 
 
   bioctl -h softraid0
 lately?


Well, yes... but it only works if I already activated the softraid 
device...

# bioctl -h softraid0
Volume  Status   Size Device
softraid0 0 Online   3.8G sd1 CRYPTO
  0 Online   3.8G 0:0.0   noencl sd0a
# bioctl -d sd1
# bioctl -h softraid0


...but I would like to know what kind of type sd0a is before I try to 
use

bioctl -c [01C] -l /dev/... softraid0

to be able to use bioctl from a script, only for CRYPTO.

Only other way I currently see is to set the label from disklabel of sd0
to some name and check what to do from that information.

Re: type of softraid

[Marco Peereboom]

first entry in teh google overlord tracking machine:
http://en.wikipedia.org/wiki/Hexadecimal

On Sat, Dec 13, 2008 at 04:08:48PM +0100, Cesare Gargano wrote:
 ok, so what does 0x4c means?
 
 regards,
 c.
 
 On 13/12/08 08:52 -0600, Marco Peereboom wrote:
  Crypto
  
  On Sat, Dec 13, 2008 at 03:42:27PM +0100, Cesare Gargano wrote:
   On 12/12/08 11:07 -0600, Marco Peereboom wrote:
It isn't pretty but:
dd if=/dev/wd1a skip=8244 bs=1 count=4 | hexdump -C
4+0 records in
4+0 records out
4 bytes transferred in 0.001 secs (3263 bytes/sec)
  41 00 00 00   |A...|
0004

wd1a is the cooked RAID partition.  In this case this is an AOE target.
If it was crypto it would have been 4c 00 00 00 |C...|

Currently the possible values are: 0x00 (RAID 0), 0x01 (RAID 1), 0x41
(AOE target), 0x4c (CRYPTO)  0x61 (AOE initiator).
Note that softraid is not endian neutral so on big endian machines the
numbers are flipped.
   
   
   wd0i is my RAID partition:
   
   .. $ dd if=/dev/wd0i skip=8244 bs=1 count=4 | hexdump -C
   4+0 records in
   4+0 records out
   4 bytes transferred in 0.000 secs (11799 bytes/sec)
     43 00 00 00   |C...|
   0004
   .. $
   
   what does 0x43 means?
   
   regards,
   c.
   

FWIW,
/marco

On Fri, Dec 12, 2008 at 01:33:14PM +0100, Michael wrote:
 Todd T. Fries schrieb:
  tried 
  
  bioctl -h softraid0
  lately?
 
 
 Well, yes... but it only works if I already activated the softraid 
 device...
 
 # bioctl -h softraid0
 Volume  Status   Size Device
 softraid0 0 Online   3.8G sd1 CRYPTO
   0 Online   3.8G 0:0.0   noencl sd0a
 # bioctl -d sd1
 # bioctl -h softraid0
 
 
 ...but I would like to know what kind of type sd0a is before I try to 
 use
 
 bioctl -c [01C] -l /dev/... softraid0
 
 to be able to use bioctl from a script, only for CRYPTO.
 
 Only other way I currently see is to set the label from disklabel of 
 sd0
 to some name and check what to do from that information.

Re: Setting time range and timeout for authpf rules

[carlopmart]

ropers wrote:

carlopmart wrote:

 How can I establish a time range and timeout for an authpf rule?
For example I will to permit access from my windows servers access (previous
ssh authentication) to windowsupdate servers from 10:00 am to 13:00 am
and block this traffic if any connection is established during 10 minutes.



Wade, Daniel wrote:

Crontab job to load a different pf.conf


2008/12/12 carlopmart carlopm...@gmail.com:

Thanks Daniel, but I had already thought about this option but exists some
problems:

 a) I need to mantain several pf.conf files for every access
 b) i can't control timeouts when servers doesn't generate traffic ...


About (a):
I guess if you're really worried about maintaining two pf.conf files,
you could write a script that will edit your one single pf.conf (so
that it would comment out/de-comment specific lines; by content, not
by line number) and call that script via crontab. It would however be
really easy to clobber your pf.conf when doing this, if you're not
careful.

About (b):
I understand you would prefer to only permit your Windows-based
servers to access Microsoft's windowsupdate servers if and only if
they will actually try to reach windowsupdate between 10 and 13 am.

I'm no Hansteen, Hartmeier or Henning, but it is my understanding that
Pf has no clairvoyance feature. Is it really harmful to allow your
servers to access windowsupdate from 10 to 13, whether they actually
will do it or not? Also, from what I understand you want to
dynamically change your active ruleset to allow access once traffic
starts flowing during that time. What is the difference between that
and allowing access during that time anyway? Or what am I missing? Am
I horribly misunderstanding you?

A somewhat confused
--ropers




many thaks for your answers ropers. About a) question. Ok, if I only need to 
maintain two pf.conf files, crontab is the perfect solution as I can open rules 
dynamically with pfctl, but I have other situations on I need to open and close 
rules if traffic doesn't exists ... but if crontab is the only solution at this 
moment, then I will use it.


About b) question, you have understand me perfectly ... and you are rigth in 
this case it doesn't matter. But suppose that instead of being windows servers, 
are remote users. I do not like the rules that were permanently open in that 
time slot. How can I close this rules inmediatly??




--
CL Martinez
carlopmart {at} gmail {d0t} com

Re: Setting time range and timeout for authpf rules

[ropers]

2008/12/13 carlopmart carlopm...@gmail.com:
 ropers wrote:

 carlopmart wrote:

  How can I establish a time range and timeout for an authpf rule?
 For example I will to permit access from my windows servers access
 (previous
 ssh authentication) to windowsupdate servers from 10:00 am to 13:00 am
 and block this traffic if any connection is established during 10
 minutes.

 Wade, Daniel wrote:

 Crontab job to load a different pf.conf

 2008/12/12 carlopmart carlopm...@gmail.com:

 Thanks Daniel, but I had already thought about this option but exists
 some
 problems:

  a) I need to mantain several pf.conf files for every access
  b) i can't control timeouts when servers doesn't generate traffic ...

 About (a):
 I guess if you're really worried about maintaining two pf.conf files,
 you could write a script that will edit your one single pf.conf (so
 that it would comment out/de-comment specific lines; by content, not
 by line number) and call that script via crontab. It would however be
 really easy to clobber your pf.conf when doing this, if you're not
 careful.

 About (b):
 I understand you would prefer to only permit your Windows-based
 servers to access Microsoft's windowsupdate servers if and only if
 they will actually try to reach windowsupdate between 10 and 13 am.

 I'm no Hansteen, Hartmeier or Henning, but it is my understanding that
 Pf has no clairvoyance feature. Is it really harmful to allow your
 servers to access windowsupdate from 10 to 13, whether they actually
 will do it or not? Also, from what I understand you want to
 dynamically change your active ruleset to allow access once traffic
 starts flowing during that time. What is the difference between that
 and allowing access during that time anyway? Or what am I missing? Am
 I horribly misunderstanding you?

 A somewhat confused
 --ropers



 many thaks for your answers ropers. About a) question. Ok, if I only need to
 maintain two pf.conf files, crontab is the perfect solution as I can open
 rules dynamically with pfctl, but I have other situations on I need to open
 and close rules if traffic doesn't exists ... but if crontab is the only
 solution at this moment, then I will use it.

 About b) question, you have understand me perfectly ... and you are rigth in
 this case it doesn't matter. But suppose that instead of being windows
 servers, are remote users. I do not like the rules that were permanently
 open in that time slot. How can I close this rules inmediatly??

Hm, have you looked at authpf?
http://www.openbsd.org/cgi-bin/man.cgi?query=authpf

regards,
--ropers

Re: OT, .. but eCommerce?

[Marc Espie]

There are oodles of plugins for drupal for ecommerce sites.
I have mostly not ported these because I don't have the usage for it, but
it's generally very easy to do (put it under sites/all/modules, check
that it works, package).

I remember a framework called Hdndel based off catalyst (maybe without the
umlaut)

Re: OT, .. but eCommerce?

[raven]

Marc Espie ha scritto:

There are oodles of plugins for drupal for ecommerce sites.
I have mostly not ported these because I don't have the usage for it, but
it's generally very easy to do (put it under sites/all/modules, check
that it works, package).

I remember a framework called Hdndel based off catalyst (maybe without the
umlaut)
  

Is Handel [1]

[1] http://handelframework.com/blog/

utf-8 in OpenBSD

[Dmitrij Czarkoff]

I have a usb flash key with ext2fs and filenames in UTF-8. When I do:
# export LC_ALL=en_US.UTF-8
# mount /dev/sd1i /mnt
# ls /mnt
filenames are not converted.

This is done in xterm launched as xterm -u8. Can I do anything to
get the filenames converted? Is en_US.UTF-8 locale functional?

Please include my e-mail on answering, as I am not on list.

-- 
Dmitrij D. Czarkoff

Re: utf-8 in OpenBSD

[Dmitrij Czarkoff]

Two things more:
When using uxterm I have all the UTF-8 files concatinated right, but
some chars in filenames are replaced with ?. I use 4.4 with vanilla
configuration.

Please include my e-mail on answering, as I am not on list.

On Sat, Dec 13, 2008 at 11:18 PM, Dmitrij Czarkoff czark...@gmail.com wrote:
 I have a usb flash key with ext2fs and filenames in UTF-8. When I do:
 # export LC_ALL=en_US.UTF-8
 # mount /dev/sd1i /mnt
 # ls /mnt
 filenames are not converted.

 This is done in xterm launched as xterm -u8. Can I do anything to
 get the filenames converted? Is en_US.UTF-8 locale functional?

-- 
Dmitrij D. Czarkoff

Re: Setting time range and timeout for authpf rules

[Stuart Henderson]

On 2008-12-13, ropers rop...@gmail.com wrote:
 About (a):
 I guess if you're really worried about maintaining two pf.conf files,
 you could write a script that will edit your one single pf.conf (so
 that it would comment out/de-comment specific lines; by content, not
 by line number) and call that script via crontab. It would however be
 really easy to clobber your pf.conf when doing this, if you're not
 careful.

it's safer to use and redefine macros:

$ cat a
foo=#
bar=
$foo pass to 1.1.1.1
$bar pass to 2.2.2.2

$ pfctl -nvf a
foo = #
bar = 
pass inet from any to 2.2.2.2 flags S/SA keep state

$ pfctl -nvf a -D bar=# -D foo=
foo = #
bar = 
pass inet from any to 1.1.1.1 flags S/SA keep state

Re: OT, .. but eCommerce?

[Marc Balmer]

* Marc Espie wrote:
 There are oodles of plugins for drupal for ecommerce sites.
 I have mostly not ported these because I don't have the usage for it, but
 it's generally very easy to do (put it under sites/all/modules, check
 that it works, package).
 
 I remember a framework called Hdndel based off catalyst (maybe without the
 umlaut)

It is not directly related, but we have a port for the Swiss Telekurs/Six
Card Solutions Saferpay Software wich allows for credit card transactions
over the internet.

Since saferpay is commercial, our port is not in the ports tree.  But
interested parties can always contact us.

 
-- 
Marc Balmer, Micro Systems, Wiesendamm 2a, Postfach, CH-4019 Basel, Switzerland
http://www.msys.ch/ http://www.vnode.ch/   In God we trust, in C we code.

Re: Setting time range and timeout for authpf rules

[Jussi Peltola]

On Sun, Dec 14, 2008 at 01:39:50AM +0100, carlopmart wrote:
 Yes, I see it, but can I define timeouts to authpf rule?? authpf it is a 
 perfect solution for my enviroment, only if i can assign timeouts ...

Cron hacks (pkill authpf and switch of configs or somesuch that suits your 
environment).

It shouldn't be a very big patch for authpf itself to do it, though.

Enforcing a maximum length for the session would be almost a necessity
in a WLAN like environment anyway (it prevents sloppy student A from
logging in on her girlfriend's laptop in the morning, forgetting to log
out and her then using it all day).

-- 
Jussi Peltola

Re: vic(4) problems with Dec 11th snap

[Brian Keefer]

On Dec 13, 2008, at 2:14 AM, David Gwynne wrote:

vic seems fickle with jumbos. ive backed them out very recently, so  
try building your own kernel or wait for a new snapshot. it should  
be working now.


dlg

On 13/12/2008, at 6:51 PM, Brian Keefer wrote:

Has anyone else had problems with vic(4) in the Dec 11th i386  
snap?  I have a guest on ESXi 3.5 that I upgraded from 4.3 to 4.4- 
release and it was working fine, but then I upgraded to the latest  
i386 snap and I no longer saw any traffic to/from the guest when  
viewing tcpdump, even on other guest VMs on the same host.  To  
clarify I only saw outgoing ARP requests (from the guest itself),  
no incoming traffic what so ever.  No ARP replies, no broadcast,  
nothing... none of the other guests saw the outbound traffic.


Disabling ACPI made no difference (was the only thing I could think  
of based on a diff of the dmesgs).


I rolled back to the 4.4-release kernel and it worked fine.


I built generic MP with vmt enabled this afternoon (-rHEAD)) and it  
worked fine.  Thanks!


--
bk