Birthday Calendar

[Kilaru Rajeev chowdary]

Hi

Please click on the link below and enter your birthday into my calendar.
It's quick, easy, and you'll be helping me out.

http://www.birthdayalarm.com/bd2/32773631a768693082b1444358117c322281324d1386

Kilaru

Re: ifconfig priority issues

[Michael]

Hi,

 There is one piece missing and that's a smarter dhclient script as it
 currently removes the default route even if it was not inserted by
 dhclient. I have a diff to fix this issue that I will send out in the next
 days or hours.

Any eta on when the updated script will be available? :-)


Michael

Re: OpenLDAP w/o bdb okay?

[Rubin]

Henning Brauer wrote:
 * Philip Guenther guent...@gmail.com [2009-01-06 00:40]:
 On Mon, Jan 5, 2009 at 11:15 AM, Claudio Jeker cje...@diehard.n-r-g.com 
 wrote:
 ...
 Any DB that needs human help after a crash is in my opinion a bad choice.
 So that would rule out the ldbm backend, no?  Last I checked the libc
 btree code, a crash while writing out a page split would corrupt the
 subtree.
 
 I am using openldap with ldbm backend in an not exactly small
 installation for 9 or 10 years now. I have never ever experienced a
 broken database. never.

I second that,

5+ years of ldbm backend usage without any problems. We've had
poweroutages, disks running full, all sorts of mischief, but never a
problem with corrupt ldbm databases. Ever. I *did* have thee times of
huge trouble with bdb as a backend. Two times with unexpected halts of
the system after which the slapd process would simply not be able to
read the bdb files anymore and one time with a prickly problem where I
needed to upgrade my database because bdb was updated on that system
(not a major release mind you, 4.x to 4.newer_x).

I know this is all not very scientific evidence regarding the stability
and robustness of bdb, but I guess it is hard to forget the pain that
came from using bdb in the couple of times I had to or did so
unknowingly. Mind you, the last time I've used bdb is 4 years ago.
Things might have changed these days.

 trying bdb lead to disasters all over the place. but admittedly that
 was many many many moons ago.
 
 openldap is still a piece of shit, but the ldbm backend is probably the
 sanest one.

Re: Changing IRQ setting from console/userland

[Stuart Henderson]

On 2009-01-06, Insan Praja SW insan.pr...@gmail.com wrote:
 On Mon, 05 Jan 2009 23:53:01 +0700, Philip Guenther guent...@gmail.com  
 wrote:

 On Mon, Jan 5, 2009 at 12:48 AM, Insan Praja SW insan.pr...@gmail.com  
 wrote:
 ...
 I always got a;
 ping: sendto: No buffer space available
 ping: wrote 202.abc.de.fgh 64 chars, ret=-1

 To quote a message on this list from Claudio Jeker:
 I think I mentionened this already a few times but I'll do it again.
 sendto: No buffer space available means an ENOBUF error was returned.
 On modern systems ENOBUF is almost only generated by the interfaces and
 their queues (e.g. if you enable a too restrictive altq limit).
 So if you have altq enabled I would look at the pfctl -sq -vv output.

   I do have restrictive altq limit, using upperlimit, since this client  
 should not be over 22Mbps. At first, I put it at child queue, now I move  
 them to parent queue (interface). It began to show some noise reduction.

When the queue is full, you get this error.

 A quick examination of the if_sk code shows that many of the ENOBUFS
 return cases also write something to the dmesg/syslog.  Does dmesg
 show any messages after the 'root on' line?

   No, nothing on dmesg.

 sk0 shares the same irq as uhci, which is nothing attached to them. Our  
 plan
 is to disable/change setting for usb config from BIOS. But We really  
 need to
 gather more info on this. Any hints and suggestion will be appreciated.

 PCI, unlike ISA, works just fine with shared interrupts.  Do you have
 a specific reason to suspect the source of the problem is the sharing
 of interrupts?

   Actually this suspicion came from an old thread on a milis, which I  
 gather from google. AFAIK, sk devices don't have interrupt mitigation,  
 unlike em devices.

http://www.mail-archive.com/misc@openbsd.org/msg05854.html

Re: OpenLDAP w/o bdb okay?

[ppruett-lists]

 Here's an untested tarball of an updated openldap port, split into
 directories for 2.3 and 2.4: http://spacehopper.org/tmp/openldap.tgz



This issue has been kicked around for maybe two years, it has been on 
the misc list before,

https://kerneltrap.org/mailarchive/openbsd-misc/2007/5/20/149916/thread

I think trying the port with packages 2.3.* and 2.4.* for openldap maybe 
a solution.

test port at http://spacehopper.org/tmp/openldap.tgz

On a AMD64 dual,
So far it compiled and made the packages, after I uncommented the 
subpackage for 2.4 in the Makefile.

(Did you leave # in front of 2.4 for a reason Stuart?)



BTW expected:
# pkg_add openldap-server-2.4.12.tgz
Can't install openldap-server-2.4.12 because of conflicts 
(openldap-client-2.3.43)

/usr/sbin/pkg_add: openldap-server-2.4.12:Fatal error

As expected php5-ldap-5.2.6 and phpldapadmin-1.1.0.5 had to be uninstalled
to uninstall the openldap-client-2.3.43
Good news, the packages php5-ldap and phpldapadmin did not complain after
reinstalling with openldap 2.4.12 package.

Of note, the 2.4.12 package install complained about
/var/openldap-data/DB_CONFIG could not be installed


After some sleep, will endeavor to test on a small scale.







# pkg_add ./openldap-server-2.4.12.tgz
openldap-client-2.4.12: complete
File /var/openldap-data/DB_CONFIG could not be 
installed:*  | 94%

   No such file or directory
openldap-server-2.4.12: complete
--- openldap-server-2.4.12 ---
To start slapd, configure it in /etc/openldap/slapd.conf then add
the following line to /etc/rc.conf.local:

slapd_flags=-u _openldap

and to /etc/rc.local (be sure to start it _before_ any daemon that may
need it):

if [ $slapd_flags != NO -a -x /usr/local/libexec/slapd ]; then
   install -d -o _openldap /var/run/openldap
   /usr/local/libexec/slapd $slapd_flags
   echo -n ' slapd'
fi
#

Re: Testing in a virtual environment

[Tor Houghton]

 On 09:41, Sat 03 Jan 09, Daniel A. Ramaley wrote:

 Running OpenBSD under VirtualBox is not stable at all.
 I have good experience running OpenBSD under xen, kvm and vmware-server.

FWIW, my experience with OpenBSD and VirtualBox has so far been more than
I could hope for. I had to migrate to virtual hardware for some of my systems
and vmware-server was my first choice. The host's performance was dire, and
I'm not even going to dignify to comment on vmware's user interface.

In my experience (emphasis!), the host hardly notices when the guests are
loaded (e.g. make build), and the lightweight (in comparison) access to
the guest has been remarkably user friendly (especially when sitting on the
other end of a piece of string rather than a fast network).

Host downtime due to system updates bring the guests down, not because of
any instabilities in VBox (again, in my experience -- and as this experience
with virtualisation is roughly a year long, one can possibly argue the value
of it, but I though I'd pipe up nevertheless).

Tor

Re: OpenLDAP w/o bdb okay?

[ppruett-lists]

 This pattern comes up often, but almost noone suggests an alternative
 LDAP server package



Actually a lot linux users suggest using mysql for the non relational 
authentication tables

;)

Re: OpenLDAP w/o bdb okay?

[Toni Mueller]

Hi,

On Tue, 06.01.2009 at 01:08:27 +0100, Henning Brauer lists-open...@bsws.de 
wrote:
 I am using openldap with ldbm backend in an not exactly small
 installation for 9 or 10 years now. I have never ever experienced a
 broken database. never.

my last encounter with ldbm, a few years back, drove me to bdb really
fast, because my - though small - installation(s) seem to behave the
opposite way. In any case, knowing how to repair a broken ldbm database
would be a good thing. With bdb, there is dbX.Y_recover, which worked
nicely for me when I needed it.

Having said that, bdb appears to be the prerequisite for the ability to
modify existing object's DNs.

 openldap is still a piece of shit, but the ldbm backend is probably the
 sanest one.

This pattern comes up often, but almost noone suggests an alternative
LDAP server package.


-- 
Kind regards,
--Toni++

Re: Changing IRQ setting from console/userland

[Insan Praja SW]

On Tue, 06 Jan 2009 18:07:12 +0700, Stuart Henderson s...@spacehopper.org  
wrote:



On 2009-01-06, Insan Praja SW insan.pr...@gmail.com wrote:

On Mon, 05 Jan 2009 23:53:01 +0700, Philip Guenther guent...@gmail.com
wrote:


On Mon, Jan 5, 2009 at 12:48 AM, Insan Praja SW insan.pr...@gmail.com
wrote:
...

I always got a;
ping: sendto: No buffer space available
ping: wrote 202.abc.de.fgh 64 chars, ret=-1


To quote a message on this list from Claudio Jeker:

I think I mentionened this already a few times but I'll do it again.
sendto: No buffer space available means an ENOBUF error was  
returned.
On modern systems ENOBUF is almost only generated by the interfaces  
and

their queues (e.g. if you enable a too restrictive altq limit).
So if you have altq enabled I would look at the pfctl -sq -vv output.



  I do have restrictive altq limit, using upperlimit, since this client
should not be over 22Mbps. At first, I put it at child queue, now I move
them to parent queue (interface). It began to show some noise reduction.


When the queue is full, you get this error.

On the interface SNMP statistic, it's still below 22Mbps. Weird. Maybe  
because it's burstyness?



A quick examination of the if_sk code shows that many of the ENOBUFS
return cases also write something to the dmesg/syslog.  Does dmesg
show any messages after the 'root on' line?


  No, nothing on dmesg.


sk0 shares the same irq as uhci, which is nothing attached to them.  
Our

plan
is to disable/change setting for usb config from BIOS. But We really
need to
gather more info on this. Any hints and suggestion will be  
appreciated.


PCI, unlike ISA, works just fine with shared interrupts.  Do you have
a specific reason to suspect the source of the problem is the sharing
of interrupts?


  Actually this suspicion came from an old thread on a milis, which I
gather from google. AFAIK, sk devices don't have interrupt mitigation,
unlike em devices.


http://www.mail-archive.com/misc@openbsd.org/msg05854.html

 I got to admit, I was wrong about these cards capabilities. I'm going to  
install INTEL EXPI9402PT, dual ports PCI-express NIC with Intel. 82572GI  
Gigabit Controller just to see where the problem is. Anyone knows if this  
one support interrupt mitigation?


Best Regards,


Insan
--
insandotpraja(at)gmaildotcom

Re: Per User Bandwidth Limiting

[Fabio Almeida]

Hi,

I'm running HFSC with 251 queues and it's performing very well.
I can't say what are the exact implications of increasing the limit
from 64 queues to 512 or even 1024 but in my case I increased to 256
and the system is controlling the queues without any problems and as
precisely as usual.

Fabio

On Sun, Dec 14, 2008 at 9:05 AM, Justin Fletcher jyfletc...@gmail.com wrote:
 I have an ISP situation where there is about 1000 users sitting behind Cisco
 3550 switches.  Each port is 1 user and is configured with an individual
 VLAN where each VLAN is assigned a small network subnet and corresponding
 DHCP scope.

 The problem is that it seems (so I have been told) is these 3550's will not
 effectively bandwidth limit at the port level.  Incoming bandwith is limited
 as configured, but outgoing is not.  So, I am looking at a pf solution but
 google is not turning up any specific information for such a situation.

 Ideally I would limit each subnet (and thus corresponding
 VLAN/Port/Customer) to what the customer is paying for (1Mb up/1Mb down,
 etc).  Is anyone running 1000 different queues with pf?  Any experience or
 suggestions on the performance and reliability?  Is there another direction
 I should be looking to accomplish this?

 As an additional note:  I don't need to do any traffic prioritization or
 QoS.  Just raw limiting.  It might be nice to allow bursting but it is not a
 requirement.

 Any info would be appreciated.

 Thanks,
 -Justin

Re: OpenLDAP w/o bdb okay?

[Stuart Henderson]

Moving this to po...@. Reply-To/MFT set, please honour it.

On 2009/01/06 06:11, ppruett-lists wrote:
  Here's an untested tarball of an updated openldap port, split into
  directories for 2.3 and 2.4: http://spacehopper.org/tmp/openldap.tgz



 This issue has been kicked around for maybe two years, it has been on  
 the misc list before,
 https://kerneltrap.org/mailarchive/openbsd-misc/2007/5/20/149916/thread

 I think trying the port with packages 2.3.* and 2.4.* for openldap 
 maybe a solution.
 test port at http://spacehopper.org/tmp/openldap.tgz

 On a AMD64 dual,
 So far it compiled and made the packages, after I uncommented the  
 subpackage for 2.4 in the Makefile.
 (Did you leave # in front of 2.4 for a reason Stuart?)

Yes. The most important thing at first is to know that this
doesn't break 2.3. And actually now I think about it again, it's
going to cause problems for the 37 depending ports, we probably
need to install the libraries and headers into subdirectories
and change all those ports to pick up the right ones. *Ugh*.
Can anyone think of a better way I've missed?

Only one headphone jack working with Intel 82801

[Jordi Beltran Creix]

I hadn't noticed this until now and I don't know if this is a known
issue(sorry I didn't find anything in the lists) or something I am
doing wrong. My laptop has a dual headphone jack but only the left
jack is working in OpenBSD. The hardware is okay and everything else
seems to be working.

Thank you

$ dmesg | grep azalia # current GENERIC.MP with azalia debug enabled
azalia0 at pci0 dev 27 function 0 Intel 82801H HD Audio rev 0x02:
apic 2 int 21 (irq 9)
azalia0: host: High Definition Audio rev. 1.0
azalia0: host: 4 output, 4 input, and 0 bidi streams
azalia_attach: resetting
azalia_attach: reset counter = 4999
azalia_attach: reset counter = 4985
azalia0: found a codec at #0
azalia0: found a codec at #2
azalia_init_corb: CORB allocation succeeded.
azalia_init_corb: CORBWP=0; size=256
azalia_init_rirb: RIRB allocation succeeded.
azalia_init_rirb: RIRBRP=0, size=256
azalia0: codec[0] vid 0x83847616, subid 0x02091028, rev. 2.1, HDA version 1.0
azalia0: nidstart=1 #functions=1
azalia_codec_init: FTYPE result = 0x0101
azalia_codec_init: There are 35 widgets in the audio function.
azalia0: dac02 wcap=d0c05LRSWAP,POWER,OUTAMP,STEREO
azalia0: dac03 wcap=d0c05LRSWAP,POWER,OUTAMP,STEREO
azalia0: dac04 wcap=d0c05LRSWAP,POWER,OUTAMP,STEREO
azalia0: dac05 wcap=d0c05LRSWAP,POWER,OUTAMP,STEREO
azalia0: vendor06 wcap=fd0c05LRSWAP,POWER,OUTAMP,STEREO
azalia0: adc07 wcap=1d0541POWER,CONNLIST,PROC,STEREO
azalia0: adc08 wcap=1d0541POWER,CONNLIST,PROC,STEREO
azalia0: adc09 wcap=1d0541POWER,CONNLIST,PROC,STEREO
azalia0: black0a wcap=400181CONNLIST,UNSOL,STEREO
azalia0: unknown0b wcap=400181CONNLIST,UNSOL,STEREO
azalia0: unknown0c wcap=400181CONNLIST,UNSOL,STEREO
azalia0: unknown0d wcap=400181CONNLIST,UNSOL,STEREO
azalia0: black0e wcap=400181CONNLIST,UNSOL,STEREO
azalia0: black0f wcap=400181CONNLIST,UNSOL,STEREO
azalia0: unknown10 wcap=400181CONNLIST,UNSOL,STEREO
azalia0: unknown11 wcap=400181CONNLIST,UNSOL,STEREO
azalia0: unknown12 wcap=41STEREO
azalia0: unknown13 wcap=41STEREO
azalia0: unknown14 wcap=41STEREO
azalia0: sel15 wcap=30010dCONNLIST,AMPOV,OUTAMP,STEREO
azalia0: sel16 wcap=30010dCONNLIST,AMPOV,OUTAMP,STEREO
azalia0: sel17 wcap=30010dCONNLIST,AMPOV,OUTAMP,STEREO
azalia0: sel18 wcap=300103CONNLIST,INAMP,STEREO
azalia0: sel19 wcap=300103CONNLIST,INAMP,STEREO
azalia0: sel1a wcap=300103CONNLIST,INAMP,STEREO
azalia0: sel1b wcap=30090dLRSWAP,CONNLIST,AMPOV,OUTAMP,STEREO
azalia0: sel1c wcap=30090dLRSWAP,CONNLIST,AMPOV,OUTAMP,STEREO
azalia0: sel1d wcap=30090dLRSWAP,CONNLIST,AMPOV,OUTAMP,STEREO
azalia0: dac1e wcap=40211DIGITAL,FORMATOV,STEREO
azalia0: vendor1f wcap=f30201DIGITAL,STEREO
azalia0: adc20 wcap=140311DIGITAL,CONNLIST,FORMATOV,STEREO
azalia0: gray21 wcap=400301DIGITAL,CONNLIST,STEREO
azalia0: unknown22 wcap=430681POWER,DIGITAL,UNSOL,STEREO
azalia0: beep23 wcap=7cAMPOV,OUTAMP
azalia0: volume24 wcap=60
azalia_generic_codec_add_convgroup: looking for analog DACs
azalia_generic_codec_add_convgroup: looking for digital DACs
azalia_generic_codec_add_convgroup: looking for analog ADCs
azalia_generic_codec_add_convgroup: looking for digital ADCs
azalia0: dacgroup[0]: 02 03 05 04
azalia0: dacgroup[1]: 1e
azalia0: adcgroup[0]: 07 08 09
azalia0: codec[2] vid 0x10951392, subid 0x02091028, rev. 0.0, HDA version 1.0
azalia0: nidstart=1 #functions=1
azalia_codec_init: FTYPE result = 0x0001
azalia_codec_init: There are 2 widgets in the audio function.
azalia0: dac02 wcap=6211DIGITAL,FORMATOV,STEREO
azalia0: unknown03 wcap=40738dDIGITAL,CONNLIST,UNSOL,AMPOV,OUTAMP,STEREO
azalia_generic_codec_add_convgroup: looking for analog DACs
azalia_generic_codec_add_convgroup: looking for digital DACs
azalia_generic_codec_add_convgroup: looking for analog ADCs
azalia_generic_codec_add_convgroup: looking for digital ADCs
azalia0: dacgroup[0]: 02
azalia0: codecs: Sigmatel STAC9228X, CMD Technology/0x1392, using
Sigmatel STAC9228X
audio0 at azalia0

$ mixerctl -a
inputs.dac_mute=off
inputs.dac=126,126
inputs.dac2_mute=off
inputs.dac2=126,126
inputs.dac4_mute=off
inputs.dac4=126,126
inputs.dac3_mute=off
inputs.dac3=126,126
inputs.vendor_mute=off
inputs.vendor=126,126
outputs.hp_source=dac
outputs.hp_dir=output
outputs.hp_boost=off
outputs.spkr_source=dac
outputs.spkr_dir=output
outputs.spkr_boost=off
outputs.mic_source=dac4
outputs.mic_dir=input
outputs.line_source=dac3
outputs.line_dir=output
inputs.sel_source=mic
outputs.sel=126,126
inputs.sel2_source=mic
outputs.sel2=126,126
inputs.sel3_source=mic
outputs.sel3=126,126
inputs.sel4_source=sel
inputs.sel4_sel=126,126
inputs.sel5_source=sel2
inputs.sel5_sel2=126,126
inputs.sel6_source=sel3
inputs.sel6_sel3=126,126
record.adc_source=sel4
record.adc_mute=off
record.adc2_source=sel5
record.adc2_mute=off
record.adc3_source=sel6
record.adc3_mute=off
outputs.SPDIF_source=dig-dac
inputs.beep=85
outputs.hp_sense=plugged
outputs.mic_sense=plugged
outputs.line_sense=unplugged
outputs.master=126,126
outputs.master.mute=off
outputs.master.slaves=dac,vendor
record.volume=0,0

Re: OpenLDAP w/o bdb okay?

[Henning Brauer]

* Toni Mueller openbsd-m...@oeko.net [2009-01-06 12:25]:
  openldap is still a piece of shit, but the ldbm backend is probably the
  sanest one.
 
 This pattern comes up often, but almost noone suggests an alternative
 LDAP server package.

I am not aware of any. Lack of options doesn't make openldap better.

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg  Amsterdam

Re: CARP under heavy load

[ropers]

 * ropers rop...@gmail.com [2008-12-12 15:01]:

 Maybe --possibly-- my own understanding is sorely lacking. Let me try
 to explain. The following requires a non-proportional font:


(...)

 OTOH, if you have a dedicated link, maybe your setup looks like this?

  external network
 ||
 OpenBSD#0OpenBSD#1
 ||
  internal network

 I was under the impression that it should be possible to exchange CARP
 advertisements via the dedicated link (), though I have to
 admit that I haven't actually built such a network yet -- I'm planning
 to do that shortly. Maybe others can weigh in?

2008/12/23 Henning Brauer lists-open...@bsws.de:
 that would defeat carp's purpose. if, in your scenario above,
 OpenBSD#0 loses link to the external network, wouldn't you want
 OpenBSD#1 to become master?

Thanks for that. But I have a follow-up: To fully work, the OpenBSD
hosts in the above scenario need working external and internal
interfaces. So if CARP talked over the external network, that would
just test the external interfaces. OTOH, if CARP talked over the
internal network, that would just test the internal interfaces. Is
there a way for a CARPed host to detect if either its external or
internal links go down?

Please forgive the sort of stupid question, but I'm curious.

regards,
--ropers

Re: CARP under heavy load

[Felipe Alfaro Solana]

On Tue, Jan 6, 2009 at 3:51 PM, ropers rop...@gmail.com wrote:

  * ropers rop...@gmail.com [2008-12-12 15:01]:
 
  Maybe --possibly-- my own understanding is sorely lacking. Let me try
  to explain. The following requires a non-proportional font:
 

 (...)

  OTOH, if you have a dedicated link, maybe your setup looks like this?
 
   external network
  ||
  OpenBSD#0OpenBSD#1
  ||
   internal network
 
  I was under the impression that it should be possible to exchange CARP
  advertisements via the dedicated link (), though I have to
  admit that I haven't actually built such a network yet -- I'm planning
  to do that shortly. Maybe others can weigh in?

 2008/12/23 Henning Brauer lists-open...@bsws.de:
  that would defeat carp's purpose. if, in your scenario above,
  OpenBSD#0 loses link to the external network, wouldn't you want
  OpenBSD#1 to become master?

 Thanks for that. But I have a follow-up: To fully work, the OpenBSD
 hosts in the above scenario need working external and internal
 interfaces. So if CARP talked over the external network, that would
 just test the external interfaces. OTOH, if CARP talked over the
 internal network, that would just test the internal interfaces. Is
 there a way for a CARPed host to detect if either its external or
 internal links go down?

 Please forgive the sort of stupid question, but I'm curious.


I don't think you need that.

When deploying multiple CARP interfaces, you can enable CARP preempt. When
CARP preempt is enabled (via sysctl), if one CARP interface goes into backup
mode, all other CARP interfaces will also failover to backup.

So, if you have carp0 (internal network) and carp1 (external network) and
carp0 fails over because e.g. the network link goes down or the cable gets
unplugged, carp1 will also fail over.

-- 
http://www.felipe-alfaro.org/blog/disclaimer/

Release IP-adress OpenBSD 3.8

[Anders Öquist]

Hello.

I have been looking for information on how to release the current lease of
IP-adress.

What should I di, where should I start, if I want to release the IP-adress?

/Anders

Re: Release IP-adress OpenBSD 3.8

[Jim Willis]

www.google.com

On Wed, Jan 7, 2009 at 10:37 AM, Anders Vquist
oquist.and...@telia.comwrote:

 Hello.

 I have been looking for information on how to release the current lease of
 IP-adress.

 What should I di, where should I start, if I want to release the IP-adress?

 /Anders

Re: Release IP-adress OpenBSD 3.8

[Anders Öquist]

Thanks Ill try to remember that.



If anyone else knows where I should start and they feel like then can help
me out I would very much appreciate it.
Im not subscribing to this mailing list to waste anyones time Im
subscribing in the hope of getting valuable help.
Neglecting that wasting my times with an arrogant answer like that is
perfectly ok.



Im no expert on OpenBSD far from it. I have had it running on a router for
a couple of years. Never needed any interaction.

But those things that I learnt is soon forgotten as I dont use it much.

And searching on google have been fruitless I have been doing that for the
last couple of hours.



But sorry if I offend anyone by my question.



/Anders



  _

Fren: Jim Willis [mailto:jim.h.wil...@gmail.com]
Skickat: den 6 januari 2009 18:47
Till: Anders Vquist
Kopia:
Dmne: Re: Release IP-adress OpenBSD 3.8



www.google.com

On Wed, Jan 7, 2009 at 10:37 AM, Anders Vquist oquist.and...@telia.com
wrote:

Hello.

I have been looking for information on how to release the current lease of
IP-adress.

What should I di, where should I start, if I want to release the IP-adress?

/Anders

Re: Release IP-adress OpenBSD 3.8

[Jim Willis]

man -k dhcp

On Wed, Jan 7, 2009 at 11:22 AM, Anders Vquist erep...@gmail.com wrote:

 Thanks I ll try to remember that.



 If anyone else knows where I should start and they feel like then can help
 me out I would very much appreciate it.
 I m not subscribing to this mailing list to waste anyones time I m
 subscribing in the hope of getting valuable help.
 Neglecting that wasting my times with an arrogant answer like that is
 perfectly ok.



 I m no expert on OpenBSD far from it. I have had it running on a router for
 a couple of years. Never needed any interaction.

 But those things that I learnt is soon forgotten as I don t use it much.

 And searching on google have been fruitless I have been doing that for the
 last couple of hours.



 But sorry if I offend anyone by my question.



 /Anders



  _

 Fren: Jim Willis [mailto:jim.h.wil...@gmail.com]
 Skickat: den 6 januari 2009 18:47
 Till: Anders Vquist
 Kopia:
 Dmne: Re: Release IP-adress OpenBSD 3.8



 www.google.com

 On Wed, Jan 7, 2009 at 10:37 AM, Anders Vquist oquist.and...@telia.com
 wrote:

 Hello.

 I have been looking for information on how to release the current lease of
 IP-adress.

 What should I di, where should I start, if I want to release the IP-adress?

 /Anders

spamd issues

[Frank Bax]

I've been using spamd since 3.5 or 3.6 - It seems to be working great,
so mostly I just let it do it's thing and ignore it.

Today I was having some issues sending mail through a local ISP to my
system (4.4 release).  Some investigation showed that spamdb reports the
ip address of the ISP's smtp server as both WHITE and GREY?  This should
not be possible, should it?

$ sudo spamdb | grep 64.7.153.18
WHITE|64.7.153.18|||1231252840|1231254379|1234364784|9|0
GREY|64.7.153.18|smarthost1.sentex.ca|x...@clgw.ca|x...@clgw.ca|1231252840|1231254390|1231267240|10|0

Is it possible to remove the GREY entry (spamdb -d only removes WHITE
entires)?

I'm trying to remember how many config files need to be included for
this; hopefully, I don't miss any.


= = /etc/pf.conf

ext_if=rl0

in_mx=127.0.0.1

table spamd persist
table spamd-white persist
table spamd-mywhite persist

scrub in

rdr pass on $ext_if proto tcp from spamd-mywhite to port smtp \
- $in_mx port smtp
rdr pass on $ext_if proto tcp from spamd to port smtp \
- 127.0.0.1 port spamd
rdr pass on $ext_if proto tcp from spamd-white to port smtp \
- $in_mx port smtp
rdr pass on $ext_if proto tcp from !spamd-white to port smtp \
- 127.0.0.1 port spamd

pass in log on $ext_if proto tcp to ($ext_if) port smtp keep state
pass out log on $ext_if proto tcp from ($ext_if) to port smtp keep state


all:\
:myblack:mywhite:uatraps:nixspam:china:korea:

uatraps:\
:black:\
:msg=Your address %A has sent mail to a ualberta.ca spamtrap\n\
within the last 24 hours:\
:method=http:\
:file=www.openbsd.org/spamd/traplist.gz

nixspam:\
:black:\
:msg=Your address %A is in the nixspam list\n\
See http://www.heise.de/ix/nixspam/dnsbl_en/ for details:\
:method=http:\
:file=www.openbsd.org/spamd/nixspam.gz

china:\
:black:\
:msg=SPAM. Your address %A appears to be from China\n\
See http://www.okean.com/asianspamblocks.html for more details:\
:method=http:\
:file=www.openbsd.org/spamd/chinacidr.txt.gz:

korea:\
:black:\
:msg=SPAM. Your address %A appears to be from Korea\n\
See http://www.okean.com/asianspamblocks.html for more details:\
:method=http:\
:file=www.openbsd.org/spamd/koreacidr.txt.gz:


myblack:\
:black:\
:msg=SPAM: %A has been blacklisted.:\
:method=file:\
:file=/etc/mail/spamd_black.txt:

mywhite:\
:white:\
:method=file:\
:file=/etc/mail/spamd_white.txt:



= = = /etc/mail/spamd_white.txt
Adapted from

http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt

Site seems to be down at the moment; but it hadn't changed content in
sometime.

Re: spamd issues

[Darrin Chandler]

On Tue, Jan 06, 2009 at 12:58:00PM -0500, Frank Bax wrote:
 Today I was having some issues sending mail through a local ISP to my
 system (4.4 release).  Some investigation showed that spamdb reports the
 ip address of the ISP's smtp server as both WHITE and GREY?  This should
 not be possible, should it?

 $ sudo spamdb | grep 64.7.153.18
 WHITE|64.7.153.18|||1231252840|1231254379|1234364784|9|0

GREY|64.7.153.18|smarthost1.sentex.ca|x...@clgw.ca|x...@clgw.ca|1231252840|
1231254390|1231267240|10|0

 Is it possible to remove the GREY entry (spamdb -d only removes WHITE
 entires)?

WHITE is seen first, so the GREY has no effect. This behavior started a
few releases ago, and it's been discussed several times. There's no need
to remove the GREY entries. They expire on their own in short order.

--
Darrin Chandler|  Phoenix BSD User Group  |  MetaBUG
dwchand...@stilyagin.com   |  http://phxbug.org/  |  http://metabug.org/
http://www.stilyagin.com/  |  Daemons in the Desert   |  Global BUG
Federation

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: Release IP-adress OpenBSD 3.8

[Ted Unangst]

On Tue, Jan 6, 2009 at 1:30 PM, Jim Willis jim.h.wil...@gmail.com wrote:
 man -k dhcp

again, fail.  maybe you should be the one to read the man pages and
discover that they don't say anything about releasing a lease.

the correct answer is you can't.

Re: Release IP-adress OpenBSD 3.8

[Bryan Irvine]

On Tue, Jan 6, 2009 at 10:46 AM, Ted Unangst ted.unan...@gmail.com wrote:
 On Tue, Jan 6, 2009 at 1:30 PM, Jim Willis jim.h.wil...@gmail.com wrote:
 man -k dhcp

 again, fail.  maybe you should be the one to read the man pages and
 discover that they don't say anything about releasing a lease.

 the correct answer is you can't.

ifconfig device lladdr  ;-)

-Bryan

Re: Only one headphone jack working with Intel 82801

[Jacob Meuser]

On Tue, Jan 06, 2009 at 10:16:01PM +0900, Jordi Beltran Creix wrote:
 I hadn't noticed this until now and I don't know if this is a known
 issue(sorry I didn't find anything in the lists) or something I am
 doing wrong. My laptop has a dual headphone jack but only the left
 jack is working in OpenBSD. The hardware is okay and everything else
 seems to be working.
 
 Thank you
 
 $ dmesg | grep azalia

this info is useless, since about half of the azalia info is missing.

 $ mixerctl -a

there's no need for -a, and if you're asking questions, always use -v.

 inputs.dac_mute=off
 inputs.dac=126,126
 inputs.dac2_mute=off
 inputs.dac2=126,126
 inputs.dac4_mute=off
 inputs.dac4=126,126
 inputs.dac3_mute=off
 inputs.dac3=126,126
 inputs.vendor_mute=off
 inputs.vendor=126,126
 outputs.hp_source=dac
 outputs.hp_dir=output
 outputs.hp_boost=off
 outputs.spkr_source=dac
 outputs.spkr_dir=output
 outputs.spkr_boost=off
 outputs.mic_source=dac4
 outputs.mic_dir=input
 outputs.line_source=dac3
 outputs.line_dir=output
 inputs.sel_source=mic
 outputs.sel=126,126
 inputs.sel2_source=mic
 outputs.sel2=126,126
 inputs.sel3_source=mic
 outputs.sel3=126,126
 inputs.sel4_source=sel
 inputs.sel4_sel=126,126
 inputs.sel5_source=sel2
 inputs.sel5_sel2=126,126
 inputs.sel6_source=sel3
 inputs.sel6_sel3=126,126
 record.adc_source=sel4
 record.adc_mute=off
 record.adc2_source=sel5
 record.adc2_mute=off
 record.adc3_source=sel6
 record.adc3_mute=off
 outputs.SPDIF_source=dig-dac
 inputs.beep=85
 outputs.hp_sense=plugged
 outputs.mic_sense=plugged
 outputs.line_sense=unplugged
 outputs.master=126,126
 outputs.master.mute=off
 outputs.master.slaves=dac,vendor
 record.volume=0,0
 record.volume.mute=off
 record.volume.slaves=adc,adc2,adc3
 inputs.usingdac=02030504
 

your device only advertises one hp jack.  what is the other one?
I find it hard to believe that there are really two jacks there that
are by default headphones.  only the one marked hp and the speaker
are capable of headphone boost.  if a manufaturer is serious about
calling a jack a headphones jack, then it will have headphone
boost capabillity.

now, if what you're asking about is the line-out jack, I need to know
what your other choices are for this 'outputs.line_source=dac3'.
that's part of the info that got lost from your dmesg by running it
through grep.  it would also be shown by using -v with mixerctl.
and I'll save the trouble, if you can set it to 'dac', then that's
what you need to do.

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: Release IP-adress OpenBSD 3.8

[Jim Willis]

Okay, so here are the steps that should have been taken to find the answer
to the question asked.

I want to release the IP-adress?
I have had it running on a router for a couple of years. Never needed any
interaction.
the correct answer is you can't.

man -k dhcp - Me

$ man -k dhcp
dhclient (8) - Dynamic Host Configuration Protocol (DHCP) Client
dhclient-script (8) - DHCP client network configuration script
dhclient.conf (5) - DHCP client configuration file
dhclient.leases (5) - DHCP client lease database
dhcp (8) - configuring OpenBSD for DHCP
dhcp-options (5) - Dynamic Host Configuration Protocol options
dhcpd (8) - Dynamic Host Configuration Protocol Server
dhcpd.conf (5) - dhcpd configuration file
dhcpd.leases (5) - DHCP client lease database

$ man dhcpd

DHCPD(8)OpenBSD System Manager's Manual
DHCPD(8)

NAME
 dhcpd - Dynamic Host Configuration Protocol Server


 -L leased_ip_table
 When an address is leased dhcpd will insert it into the pf(4)
 table named leased_ip_table.  Addresses are removed from the
 table when the lease expires.  Combined with the table of aban-
 doned addresses, this can help enforce a requirement to use
DHCP
 on a network, or can place DHCP users in a different class of
 service.  Users are cautioned against placing much trust in
Eth-
 ernet or IP addresses; *ifconfig(8) can be used to trivially
 change the interface's address*, and on a busy DHCP network, IP
 addresses will likely be quickly recycled.

$ man ifconfig

Next time don't be so quick to tell other to read man pages then suggest
something cant be done. (You might learn something if you read them in there
entirety)

Cheers,
Jim

Re: Release IP-adress OpenBSD 3.8

[Ted Unangst]

On Tue, Jan 6, 2009 at 2:52 PM, Jim Willis jim.h.wil...@gmail.com wrote:
  ernet or IP addresses; ifconfig(8) can be used to trivially
  change the interface's address, and on a busy DHCP network, IP
  addresses will likely be quickly recycled.

 $ man ifconfig

 Next time don't be so quick to tell other to read man pages then suggest
 something cant be done. (You might learn something if you read them in there
 entirety)

still wrong.  ifconfig does not release the lease back to the server.

Re: Release IP-adress OpenBSD 3.8

[Giancarlo Razzolini]

Anders Vquist escreveu:

Hello.

I have been looking for information on how to release the current lease of
IP-adress.

What should I di, where should I start, if I want to release the IP-adress?

/Anders


  
It's a little vague, but, if you are using dhclient to get an ip from a 
dhcp server and want to change your ip address, the short answer is: you 
can't. But, if the dhcp server was configured according some best 
practices, the lease time you be one day or so. So, if you stay one day 
with the machine offline, you'll probably get a new ip the next time you 
turn it on. Another option is to change the interface mac address, but 
this must be done every time you boot the machine, which is a pain in 
the ass.


Now, if you are the dhpd server and want to release an ip address, i 
always find it more easy to:


1) stop the dhcpd server
2) edit the file /var/db/dhcpd.leases and manually remove the entries 
corresponding to the desired ip address.

3) start the dhcpd server again.

Keep in mind the next time you answer something on the list to be more 
specific and descriptive.


My regards,

--
Giancarlo Razzolini
http://lock.razzolini.adm.br
Linux User 172199
Red Hat Certified Engineer no:804006389722501
Verify:https://www.redhat.com/certification/rhce/current/
Moleque Sem Conteudo Numero #002
OpenBSD Stable
Ubuntu 8.04 Hardy Heron
4386 2A6F FFD4 4D5F 5842  6EA0 7ABE BBAB 9C0E 6B85

Understanding messages from MAILER-DAEMON

[Richard Koett]

Before asking my question I should mention that it involves a somewhat
dated version of OpenBSD (3.9) and a Microsoft Exchange server. If
either of these makes this too off-topic for the list, please accept
my apology and ignore this post.

OpenBSD is running sendmail 8.13.4 as a backup MX server for a domain
hosted on MS Exchange. (The OpenBSD box has been fantastically reliable
in this role, btw. Thanks!). The /etc/mail/aliases file sends root's
email to me, in case that's relevant.

I receive a fair number of messages from MAILER-DAEMON with the subject
Undeliverable: returned mail: see transcript for details.

The messages are always sent to an address I've never heard of, so I
assume someone is forging my address in the From: field of their
spam. (I've implemented SPF records, incidentally, but it hasn't had
a noticeable effect).

Here's part of a sample message. Note that mail.mydomain.com
is the OpenBSD server:

--- BEGIN SAMPLE ---
Generating server: mail.mydomain.com

solom...@myramstore.com
sitemail.everyone.net #sitemail.everyone.net #5.1.1 SMTP;
550 Recipient Rejected: No account by that name here #SMTP#

Original message headers:

Return-Path: MAILER-DAEMON
Received: from localhost (localhost)
by mail.mydomain.com (8.13.4/8.13.4) id n06HNI36007149;
Tue, 6 Jan 2009 09:23:18 -0800 (PST)
Date: Tue, 6 Jan 2009 09:23:18 -0800
From: Mail Delivery Subsystem MAILER-DAEMON
Message-ID: 200901061723.n06hni36007...@mail.mydomain.com
To: solom...@myramstore.com
MIME-Version: 1.0
Content-Type: text/plain
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
--- END SAMPLE ---

This appears straightforward. I was forged as the sender, so I
received the bounce. However, here's where I'm confused...

The above sample is only the bottom part of what I receive.
The top part reads:

--- BEGIN SAMPLE ---
Delivery has failed to these recipients or distribution lists:

scow...@gawilliamsfineart.com
The recipient's e-mail address was not found in the recipient's
e-mail system. Microsoft Exchange will not try to redeliver this
message for you. Please check the e-mail address and try resending
this message, or provide the following diagnostic text to your
system administrator.

The following organization rejected your message: mx1.emailsrvr.com.

Diagnostic information for administrators:
--- END SAMPLE ---

What's confusing me is the Microsoft Exchange will not try to
redeliver this message part. The bottom part says Generating
server: mail.mydomain.com, which is the OpenBSD server. I take
that to mean that the OpenBSD machine was trying to deliver the
message, not the Exchange server. Plus, the message is from
MAILER-DAEMON. Why would mailer-dae...@mydomain.com e-mail me to
say that an Exchange server won't retry delivery? It makes sense
that the Exchange server is receiving the bounce message for me,
(since OpenBSD forwards my mail there), but not that it had anything
to do with the original delivery attempt.

I must be misunderstanding something about the origin/flow of
these messages and would appreciate if anyone can point me in
the right direction.

Thanks,
Richard Koett.

Re: Release IP-adress OpenBSD 3.8

[Paul de Weerd]

On Tue, Jan 06, 2009 at 06:37:14PM +0100, Anders ?quist wrote:
| Hello.
| 
| I have been looking for information on how to release the current lease of
| IP-adress.
| 
| What should I di, where should I start, if I want to release the IP-adress?

The first answer you got was actually the most correct, but it takes
some knowledge of how the internet works (the part about how
protocols are (were) written and made standards). Since most protocols
are specified in so called RFC's, googling for [dhcp rfc] would have
given you the several references to RFC 2131[1], the document
detailing the DHCP protocol. Searching this RFC for 'release' would
have shown you that there is a mechanism called 'DHCPRELEASE'.

So, the answer to your question how to release the current lease of
IP-adress (sic) is By sending a DHCPRELEASE message to the DHCP
server that gave you the lease in the first place.

A quick grep in /usr/src/usr.sbin/dhcpd/ and /usr/src/sbin/dhclient/
shows that the stock OpenBSD dhcpd(8) supports DHCPRELEASE (so the
server side is covered) but that dhclient(8) does not support this.
So, Ted was also right - OpenBSD doesn't support releasing a lease.

My sincere apologies for answering your question with such an arrogant
reply.

Paul 'WEiRD' de Weerd

[1]: http://www.faqs.org/rfcs/rfc2131.html

-- 
[++-]+++.+++[---].+++[+
+++-].++[-]+.--.[-]
 http://www.weirdnet.nl/ 

Re: Only one headphone jack working with Intel 82801

[Jordi Beltran Creix]

Sorry, I always screw my reports. Now I see the mess.
The only option I get is dac3. I don't know what the hell they are - I
know nothing about sound hardware - but both work exactly the same in
Linux with regular earphones, if there is some technical difference I
am not aware of it. Next you will tell me I don't have a teacup tray
;)
I assumed they are made to fit those earphones with two sticks like
the ones you get in planes. They do in fact fit and sound right with
stereo sound. In OpenBSD I only get sound in one ear when the
earphones are plugged to both jacks at the same time.

1   2  Mic What happens(Linux in parentheses)
|   |   |
o   o  Stereo sound(Stereo sound)
o   o  No sound(Stereo sound)
o___o   o  Sound in one ear(Stereo sound)

$ mixerctl -v
inputs.dac_mute=off  [ off on ]
inputs.dac=126,126
inputs.dac2_mute=off  [ off on ]
inputs.dac2=126,126
inputs.dac4_mute=off  [ off on ]
inputs.dac4=126,126
inputs.dac3_mute=off  [ off on ]
inputs.dac3=126,126
inputs.vendor_mute=off  [ off on ]
inputs.vendor=126,126
outputs.hp_source=dac  [ dac dac2 ]
outputs.hp_dir=output  [ input output ]
outputs.hp_boost=off  [ off on ]
outputs.spkr_source=dac  [ dac ]
outputs.spkr_dir=output  [ input output ]
outputs.spkr_boost=off  [ off on ]
outputs.mic_source=dac4  [ dac4 ]
outputs.mic_dir=input  [ input output ]
outputs.line_source=dac3  [ dac3 ]
outputs.line_dir=output  [ input output ]
inputs.sel_source=mic  [ mic line spkr hp ]
outputs.sel=126,126
inputs.sel2_source=mic  [ mic line spkr hp ]
outputs.sel2=126,126
inputs.sel3_source=mic  [ mic line spkr hp ]
outputs.sel3=126,126
inputs.sel4_source=sel  [ sel ]
inputs.sel4_sel=126,126
inputs.sel5_source=sel2  [ sel2 ]
inputs.sel5_sel2=126,126
inputs.sel6_source=sel3  [ sel3 ]
inputs.sel6_sel3=126,126
record.adc_source=sel4  [ sel4 mic2 ]
record.adc_mute=off  [ off on ]
record.adc2_source=sel5  [ sel5 mic2 ]
record.adc2_mute=off  [ off on ]
record.adc3_source=sel6  [ sel6 mic2 ]
record.adc3_mute=off  [ off on ]
outputs.SPDIF_source=dig-dac  [ dig-dac vendor2 adc adc2 adc3 ]
inputs.beep=85
outputs.hp_sense=plugged  [ unplugged plugged ]
outputs.mic_sense=plugged  [ unplugged plugged ]
outputs.line_sense=plugged  [ unplugged plugged ]
outputs.master=126,126
outputs.master.mute=off  [ off on ]
outputs.master.slaves=dac,vendor  { dac dac2 dac4 dac3 vendor sel sel2
sel3 beep }
record.volume=0,0
record.volume.mute=off  [ off on ]
record.volume.slaves=adc,adc2,adc3  { adc adc2 adc3 }
inputs.usingdac=02030504  [ 02030504 1e ]

and dmesg for good measure:

OpenBSD 4.4-current (GENERIC.MP) #7: Wed Jan  7 04:59:17 JST 2009
r...@amaterasu.amaterasu:/sys/arch/amd64/compile/GENERIC.MP
real mem = 3747008512 (3573MB)
avail mem = 3624816640 (3456MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf71c0 (44 entries)
bios0: vendor Dell Inc. version A11 date 06/19/2008
bios0: Dell Inc. XPS M1330
acpi0 at bios0: rev 2
acpi0: tables DSDT FACP HPET APIC MCFG BOOT SSDT
acpi0: wakeup devices PCI0(S5) PCIE(S4) USB1(S0) USB2(S0) USB3(S0)
USB4(S0) USB5(S0) EHC2(S0) EHCI(S0) AZAL(S3) RP01(S3) RP02(S3)
RP03(S3) RP04(S3) RP05(S3) RP06(S5) LID_(S3) PBTN(S4) MBTN(S5)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz, 2394.42 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR,NXE,LONG
cpu0: 3MB 64b/line 8-way L2 cache
cpu0: apic clock running at 199MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz, 2394.00 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR,NXE,LONG
cpu1: 3MB 64b/line 8-way L2 cache
ioapic0 at mainbus0 apid 2 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
acpiprt0 at acpi0: bus 3 (PCIE)
acpiprt1 at acpi0: bus -1 (AGP_)
acpiprt2 at acpi0: bus 11 (RP01)
acpiprt3 at acpi0: bus 12 (RP02)
acpiprt4 at acpi0: bus -1 (RP03)
acpiprt5 at acpi0: bus 13 (RP04)
acpiprt6 at acpi0: bus -1 (RP05)
acpiprt7 at acpi0: bus 9 (RP06)
acpiprt8 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0: C3, C2, C1, PSS
acpicpu1 at acpi0: C3, C2, C1, PSS
acpitz0 at acpi0: critical temperature 104 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: PBTN
acpibtn2 at acpi0: SBTN
acpiac0 at acpi0: AC unit online
acpibat0 at acpi0: BAT0 model DELL KP4058 serial 108 type LION oem Sanyo
acpivideo at acpi0 not configured
acpivideo at acpi0 not configured
acpivideo at acpi0 not configured
cpu0: Enhanced SpeedStep 2394 MHz: speeds: 2401, 2400, 2000, 1600, 1200, 800 MHz
pci0 at mainbus0 bus 0: configuration mode 1
pchb0 at pci0 dev 0 function 0 Intel GM965 Host rev 0x0c
vga1 at pci0 dev 2 function 0 Intel GM965 Video rev 0x0c

Re: Only one headphone jack working with Intel 82801

[Jacob Meuser]

On Wed, Jan 07, 2009 at 05:32:38AM +0900, Jordi Beltran Creix wrote:
 Sorry, I always screw my reports. Now I see the mess.
 The only option I get is dac3. I don't know what the hell they are - I
 know nothing about sound hardware

faq13 explains a little.  so does mixerctl.conf(5).

 - but both work exactly the same in
 Linux with regular earphones, if there is some technical difference I
 am not aware of it. Next you will tell me I don't have a teacup tray
 ;)

the difference is the rules governing which dacs are connected to
which channels of the HDA controller.  azalia(4) rules are simple.
I cannot understand the linux HDA driver because it has way too many
device specific hooks.

 I assumed they are made to fit those earphones with two sticks like
 the ones you get in planes. They do in fact fit and sound right with
 stereo sound. In OpenBSD I only get sound in one ear when the
 earphones are plugged to both jacks at the same time.
 
 1   2  Mic What happens(Linux in parentheses)
 |   |   |
 o   o  Stereo sound(Stereo sound)
 o   o  No sound(Stereo sound)
 o___o   o  Sound in one ear(Stereo sound)

I'm not familiar with airplane headphones.  from your description, it
sounds like one is the left channel and one is the right channel.
do the plugs look different?  that is, is the ring in the same place
on both?  I would expect it to be in different places.

anyway, the simple solution is to have all line-outs play the first
channels(s) when only the first channel(s) would be playing.  that could
get annoying for people who have multichannel speakers plugged in ... or
maybe people would prefer that?

so azalia users please let your voice be heard.  would you find it annoying
when playing *only* mono or stereo to have all outputs play the audio,
or would you like that?

this would not apply when using more than one dac (more than two channels).
otherwise multi-channel/multi-streaming would not work.

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: Release IP-adress OpenBSD 3.8

[Stuart Henderson]

On 2009-01-06, Anders Vquist oquist.and...@telia.com wrote:
 Hello.

 I have been looking for information on how to release the current lease of
 IP-adress.

 What should I di, where should I start, if I want to release the IP-adress?

In the answers given to you so far there's been a lot of guessing as
to exactly what you want to do; hopefully this shows you and other
readers that giving a little more information about the _ends_ not
just one possible means you have thought of, is likely to get a
more useful answer.

Release is an optional part of DHCP but some servers won't reassign the
IP address to a client with another MAC unless it happens.  In that case 
the best option is probably to try another DHCP client from ports/packages.

At least in the current OpenBSD version you have a couple of options;
the ISC client allows this with the -r flag, and the WIDE client allows
it with SIGUSR2.

I have no idea when these were implemented and either or both may not
work in the versions available for 3.8.

Only one headphone jack working - good or bad?

[Jacob Meuser]

this was deep into another thread, so I'm reposting so it will be seen
by more people (hopefully).

so azalia users please let your voice be heard.  would you find it annoying
when playing *only* mono or stereo to have all outputs play the audio,
or would you like that?

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: Only one headphone jack working with Intel 82801

[Jordi Beltran Creix]

 I'm not familiar with airplane headphones.  from your description, it
 sounds like one is the left channel and one is the right channel.
 do the plugs look different?  that is, is the ring in the same place
 on both?  I would expect it to be in different places.

The ones I have can be used in normal mode and two plugs mode. The
second one looks like a retractile mono plug. If it is out, one of the
channels of the regular stereo plug is muted. I guess it is an
alternative way of having stereo sound. I just happened to notice that
one of the jacks didn't have sound output because I had the airplane
headphones plugged in.

Re: Only one headphone jack working - good or bad?

[Martin Toft]

On Tue, Jan 06, 2009 at 09:29:37PM +, Jacob Meuser wrote:
 so azalia users please let your voice be heard.  would you find it
 annoying when playing *only* mono or stereo to have all outputs play
 the audio, or would you like that?

Please excuse me if I have interpreted the question wrongly. I would
like to (continue to) have the possibility to mute my laptop's speakers
while using headphones. Otherwise other passengers are forced to listen
to my music when I use the laptop as a portable music player on a bus or
train.

Thanks for all your work!

Martin

Re: Only one headphone jack working - good or bad?

[Jacob Meuser]

On Tue, Jan 06, 2009 at 09:29:37PM +, Jacob Meuser wrote:
 this was deep into another thread, so I'm reposting so it will be seen
 by more people (hopefully).
 
 so azalia users please let your voice be heard.  would you find it annoying
 when playing *only* mono or stereo to have all outputs play the audio,
 or would you like that?

let me clarify a little.  the output jacks would still be mutable as
they are now, but they would be getting the mono or stereo stream.

I can see this being both useful and also annoying, so I'm asking what
others' opinions are.

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: Understanding messages from MAILER-DAEMON

[Richard Koett]

Hi Stuart:

Thanks for the reply. I noticed that I had cut  pasted from two
different messages, so here is an intact sample:

(It's To: rich...@cybernet.ca, which OpenBSD forwards to
the Exchange server, From: mailer-dae...@cybernet.ca):


--- BEGIN SAMPLE ---
Delivery has failed to these recipients or distribution lists:

solom...@myramstore.com
The recipient's e-mail address was not found in the recipient's
e-mail system. Microsoft Exchange will not try to redeliver this
message for you. Please check the e-mail address and try resending
this message, or provide the following diagnostic text to your
system administrator.

The following organization rejected your message:
sitemail.everyone.net.

Diagnostic information for administrators:

Generating server: mail.cybernet.ca

solom...@myramstore.com
sitemail.everyone.net #sitemail.everyone.net #5.1.1 SMTP;
550 Recipient Rejected: No account by that name here #SMTP#

Original message headers:

Return-Path: MAILER-DAEMON
Received: from localhost (localhost)
by mail.cybernet.ca (8.13.4/8.13.4) id n06HNI36007149;
Tue, 6 Jan 2009 09:23:18 -0800 (PST)
Date: Tue, 6 Jan 2009 09:23:18 -0800
From: Mail Delivery Subsystem MAILER-DAEMON
Message-ID: 200901061723.n06hni36007...@mail.cybernet.ca
To: solom...@myramstore.com
MIME-Version: 1.0
Content-Type: text/plain
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
--- END SAMPLE ---

I'm mulling over a reply from L. V Lammert on this but still
not quite clear on the sequence of events. Any further elucidation
would be much appreciated.

Thanks,
Richard Koett.

Re: Only one headphone jack working - good or bad?

[Ted Unangst]

On Tue, Jan 6, 2009 at 4:39 PM, Jacob Meuser jake...@sdf.lonestar.org wrote:
 On Tue, Jan 06, 2009 at 09:29:37PM +, Jacob Meuser wrote:
 this was deep into another thread, so I'm reposting so it will be seen
 by more people (hopefully).

 so azalia users please let your voice be heard.  would you find it annoying
 when playing *only* mono or stereo to have all outputs play the audio,
 or would you like that?

 let me clarify a little.  the output jacks would still be mutable as
 they are now, but they would be getting the mono or stereo stream.

I'd find it surprising that suddenly playing something on the back
channels changes where front channel audio goes.  This does not match
my experience with other stereo equipment, where one must always
request 4 or 6 channel stereo.

Re: Only one headphone jack working - good or bad?

[Vadim Zhukov]

On 7 January 2009 c. 00:39:58 Jacob Meuser wrote:
 On Tue, Jan 06, 2009 at 09:29:37PM +, Jacob Meuser wrote:
  this was deep into another thread, so I'm reposting so it will be
  seen by more people (hopefully).
 
  so azalia users please let your voice be heard.  would you find it
  annoying when playing *only* mono or stereo to have all outputs play
  the audio, or would you like that?

 let me clarify a little.  the output jacks would still be mutable as
 they are now, but they would be getting the mono or stereo stream.

 I can see this being both useful and also annoying, so I'm asking what
 others' opinions are.

For me, it looks like having mono/stereo output on all jacks is better:
if you have =4 speakers then you'll have all of them playing when, for
example, watching stereo-only video. And this will not differ much from
all those 4-5-6... channels enabled video. Otherwise it'll require too
much work every time you want to play something: you will have to check
number of sound channels in clip and, possibly, play with your
videoplayer or aucat(1) options. Much harder and non-obvious way than
just muting/unmuting, IMHO.

--
  Best wishes,
Vadim Zhukov

Re: AH+ESP and IPv6

[Fortunato]

Hello again,

I was hoping to avoid a discussion on the merits of AH versus ESP. 

ESP does provide authentication but in the context of of integrity check value 
for the IPv6 payload not the IPv6 header. Additionally from what I've read ESP 
authentication optional, therefore my follow up question is, Is there a way to 
turn off optional ESP authentication in OpenBSD? 

But back to my original question. One of the requirements we have is to use 
both AH and ESP. Is there a way to this in OpenBSD? We got another OSs to use 
both AH and ESP, but I'd personally like to get OpenBSD involved in a more the 
heterogeneous testbed.

Cheers,

-Original Message-
From: t...@fries.net
Sent: Jan 2, 2009 11:36 AM
To: Felipe Alfaro Solana felipe.alf...@gmail.com
Cc: fortunato.montre...@earthlink.net, misc@openbsd.org
Subject: Re: AH+ESP and IPv6

If ESP does not decrypt, the payload is invalid. Adding AH adds no further
functionality other than to thwart any attempts at NAT.
-- 
Todd Fries .. t...@fries.net

 _
| \  1.636.410.0632 (voice)
| Free Daemon Consulting, LLC \  1.405.227.9094 (voice)
| http://FreeDaemonConsulting.com \  1.866.792.3418 (FAX)
| ..in support of free software solutions.  \  250797 (FWD)
| \
 \\
 
  37E7 D3EB 74D0 8D66 A68D  B866 0326 204E 3F42 004A
http://todd.fries.net/pgp.txt

Penned by Felipe Alfaro Solana on 20090102 20:29.56, we have:
| On Fri, Jan 2, 2009 at 7:52 PM, Todd T. Fries t...@fries.net wrote:
| 
|  The other answer is, ESP provides AH, therefore AH is deprecated.
| 
| 
| What do you mean? That OpenBSD's implementation of ESP automatically uses AH
| too? (payload inside AH inside ESP?) Because ESP only provides
| authentication for the payload only but not for the IP header. That's why AH
| is useful.
| 
| Unless you really really want to play with AH to verify it works and such
|  (which the below suggests it does not) ...
|  --
|  Todd Fries .. t...@fries.net
| 
|   _
|  | \  1.636.410.0632 (voice)
|  | Free Daemon Consulting, LLC \  1.405.227.9094 (voice)
|  | http://FreeDaemonConsulting.com \  1.866.792.3418 (FAX)
|  | ..in support of free software solutions.  \  250797 (FWD)
|  | \
|   \\
| 
|   37E7 D3EB 74D0 8D66 A68D  B866 0326 204E 3F42 004A
| http://todd.fries.net/pgp.txt
| 
|  Penned by Felipe Alfaro Solana on 20090102 17:38.51, we have:
|  | On Tue, Dec 30, 2008 at 9:29 PM, fortunato.montre...@earthlink.net
|  wrote:
|  |
|  |  I'm trying to use both AH and ESP to setup IPsec using Transport mode
|  |  between two IPv6 OpenBSD 4.4 hosts.
|  | 
|  |  So far it worked for AH Transport mode or ESP Transport mode but I
|  don't
|  |  quite know how to do both AH and ESP. Any ideas?
|  | 
|  |  Here's a snippet from /etc/ipsec.conf :
|  | 
|  |   ike esp transport from 2001::10 to 2001::5 psk secret
|  | 
|  |  The tried the following (and vice versa - ah vice esp).
|  | 
|  |   ike esp transport from 2001::10 to 2001::5 psk secret
|  |   flow ah from 2001::10 to 2001::5
|  | 
|  |  I'm not sure either.
|  |
|  | Since you can apply ESP then AH, or apply AH and then ESP (depending on
|  | what's more important for you, the digital signature or the encryption)
|  it's
|  | not obvious to me how to do it.
|  |
|  | --
|  | http://www.felipe-alfaro.org/blog/disclaimer/
| 
| 
| 
| 
| -- 
| http://www.felipe-alfaro.org/blog/disclaimer/

Re: Intel D945GCLF2

[Noah Pugsley]

Those Intel boards must be popular. Everywhere I look they are sold out...

-n

Anathae Townsend wrote:
 msi has one,
 http://global.msi.com.tw/index.php?func=proddescmaincat_no=388cat2_no=599;
 cat3_no=601prod_no=1614#

   
 -Original Message-
 From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf
 Of Nenhum_de_Nos
 Sent: Friday, January 02, 2009 7:20 PM
 To: misc@openbsd.org
 Subject: Re: Intel D945GCLF2

 On Fri, January 2, 2009 17:40, Chris Cohen wrote:
 
 Has anyone installed openbsd on the Atom board D945GCLF2? If so
   
 could
 
 you post a dmesg and does it run stable?

 --
 Thanks
 Chris
   
 has anyone seen any atom dual core with two lan ?

 I'd like a pf router that would be low energy :)

 Alix is openbsd friend right ? ( 2d3 in this case )
 I did like alix but a mini itx with regular vga is better for me :)

 thanks,

 matheus


 --
 We will call you cygnus,
 The God of balance you shall be

Re: Only one headphone jack working - good or bad?

[Sam Fourman Jr.]

On Tue, Jan 6, 2009 at 3:29 PM, Jacob Meuser jake...@sdf.lonestar.org wrote:
 this was deep into another thread, so I'm reposting so it will be seen
 by more people (hopefully).

 so azalia users please let your voice be heard.  would you find it annoying
 when playing *only* mono or stereo to have all outputs play the audio,
 or would you like that?

idk if this is along the same topic, but what I have wanted to do for
a long time
is setup a milti room mp3 player in my house, I have 9 rooms all with
in wall speakers

could I put 3 azailla sound cards (maybe I could do it with less) in a
OpenBSD computer, and plug 3 rooms into each sound card
and somehow be able to play 9 different MP3's

maybe I am barking up the wrong tree here.

Sam Fourman Jr.
Fourman Networks

Re: Only one headphone jack working with Intel 82801

[Jacob Meuser]

On Wed, Jan 07, 2009 at 06:32:51AM +0900, Jordi Beltran Creix wrote:
  I'm not familiar with airplane headphones.  from your description, it
  sounds like one is the left channel and one is the right channel.
  do the plugs look different?  that is, is the ring in the same place
  on both?  I would expect it to be in different places.
 
 The ones I have can be used in normal mode and two plugs mode. The
 second one looks like a retractile mono plug. If it is out, one of the
 channels of the regular stereo plug is muted. I guess it is an
 alternative way of having stereo sound. I just happened to notice that
 one of the jacks didn't have sound output because I had the airplane
 headphones plugged in.

sure.  that makes sense.

but this got me thinking that it could be nice to have stereo output
on more than one jack, so multple headphones could be plugged in and
all getting the same source.

on some codecs this is possible by setting the correct _source control.
for example on my laptop:

$ mixerctl -v outputs.{hp,line-in}_source
outputs.hp_source=mix2  [ mix2 mix3 mix4 mix5 mix8 ]
outputs.line-in_source=mix2  [ mix2 mix3 mix4 mix5 mix8 ]

so I can set the source of the hp and line-in jacks.  they are both
currently set to mix2.  what is mix2?

$ mixerctl -v | grep mix2
outputs.mix2=120,120
inputs.mix2_source=dac,mix  { dac mix }
outputs.hp_source=mix2 [mix2 mix3 mix4 mix5 mix8 ]
outputs.spkr_source=mix3 [mix2 mix3 mix4 mix5 mix8 ]
outputs.mic_source=mix2 [mix2 mix3 mix4 mix5 mix8 ]
outputs.line-in_source=mix2 [mix2 mix3 mix4 mix5 mix8 ]
outputs.master.slaves=mix2,mix3,hp,spkr  { mix2 mix3 mix4 mix5 hp spkr mic mic2 
line-in mix8 }
$

the source of mix2 is 'dac' and 'mix'.  'dac' is the first DAC, digital
to analog converter.  this is what converts your audio data to what
tickles your speakers.  in -current, dac is the first two channels, dac2
is the next two channels, dac3 is the next two channels, etc[1].  so
stereo playback is handled by 'dac'.  if I am playing a stereo Ogg
file, I want my ultimate source to be 'dac'.  'mix' is the input mixer
on this device.  we'll just ignore that for now as it's not relevant
to this discussion.

so, by having hp and line-in sources set to mix2, and mix2 source set to
dac, both hp and line-in are getting the first stereo channels.

but there is another thing to check.  some jacks are capable of both
input and output.  this means that it is possible to control which
channels (input or output) are connected to the jack.  line-in is by
default connected to the input channel:

$ mixerctl -v outputs.line-in_dir
outputs.line-in_dir=input  [none output input input-vr0 input-vr50 input-vr80 ]

so I change it to output

$ mixerctl outputs.line-in_dir=output
outputs.line-in_dir: input - output

now I have both jacks configured for stereo output.  in this configuration,
your two plug headphones would work.  note that I only made one change.

[1] when only the first dac would be used, other dacs can also get
the first channel(s).  for example, if a system has both hp and spkr
then 'dac', the dac connected by default to hp and the dac connected
by default to spkr all get the first channels.  usually this is just
'dac' and/or 'dac2'.  and I'm wondering if it would make sense for
all dacs to get the first channel(s) if only the first dac would be
used.

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: Only one headphone jack working - good or bad?

[Jacob Meuser]

On Tue, Jan 06, 2009 at 10:40:41PM +0100, Martin Toft wrote:
 On Tue, Jan 06, 2009 at 09:29:37PM +, Jacob Meuser wrote:
  so azalia users please let your voice be heard.  would you find it
  annoying when playing *only* mono or stereo to have all outputs play
  the audio, or would you like that?
 
 Please excuse me if I have interpreted the question wrongly. I would
 like to (continue to) have the possibility to mute my laptop's speakers
 while using headphones. Otherwise other passengers are forced to listen
 to my music when I use the laptop as a portable music player on a bus or
 train.

well, hp/spkr are already like this.

there are a few ways to mute spkr.  not all devices support all methods,
but,

the obvious one:

mixerctl outputs.spkr_mute=on

change the direction of spkr to 'none':

mixerctl outputs.spkr_dir=none

set it's source to something that it muted:

mixerctl outputs.mix3_source=   # mutes all inputs to mix3
mixerctl outputs.spkr_source=mix3

there may even be others.  if your hp jack is capable of sending
unsolicited responses then one of the first two is done more or less
automaticly when hp is plugged.  also some devices do automatic muting
completely in hardware.

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Updating AD DNS server

[Peter Bako]

I'm looking for a script that I can run on my OpenBSD boxes that would allow
them to register their DHCP assigned IP addresses with my Windows 2003 DNS
server.  My windows boxes do this automatically and its convenient to be
able to just ping them by name regardless of what IP they have been given,
but for my BSD boxes I don't have this.  It would be nice to find a script
that could be called as part of the boot process with which they could also
register their name and IP addresses to the Server 2003 DNS server.

Thanks,
Peter

Re: Only one headphone jack working - good or bad?

[Jacob Meuser]

On Tue, Jan 06, 2009 at 03:56:03PM -0600, Sam Fourman Jr. wrote:
 On Tue, Jan 6, 2009 at 3:29 PM, Jacob Meuser jake...@sdf.lonestar.org wrote:
  this was deep into another thread, so I'm reposting so it will be seen
  by more people (hopefully).
 
  so azalia users please let your voice be heard.  would you find it annoying
  when playing *only* mono or stereo to have all outputs play the audio,
  or would you like that?
 
 idk if this is along the same topic, but what I have wanted to do for
 a long time
 is setup a milti room mp3 player in my house, I have 9 rooms all with
 in wall speakers
 
 could I put 3 azailla sound cards (maybe I could do it with less) in a
 OpenBSD computer, and plug 3 rooms into each sound card
 and somehow be able to play 9 different MP3's
 
 maybe I am barking up the wrong tree here.

aucat can do multi-streaming.  that is what you want.  and this would
explicitely not conflict with multi-streaming because you would need
more than one dac for that.

I'm not aware of azalia in audio cards, or even two controllers in
one mother board, so there is a limit of 5 channels from azalia.

the only multi-channel cards supported by OpenBSD that I know of,
besides envy(4), are cmpci(4).

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: Only one headphone jack working - good or bad?

[Jacob Meuser]

On Tue, Jan 06, 2009 at 10:42:06PM +, Jacob Meuser wrote:
 On Tue, Jan 06, 2009 at 03:56:03PM -0600, Sam Fourman Jr. wrote:
  On Tue, Jan 6, 2009 at 3:29 PM, Jacob Meuser jake...@sdf.lonestar.org 
  wrote:
   this was deep into another thread, so I'm reposting so it will be seen
   by more people (hopefully).
  
   so azalia users please let your voice be heard.  would you find it 
   annoying
   when playing *only* mono or stereo to have all outputs play the audio,
   or would you like that?
  
  idk if this is along the same topic, but what I have wanted to do for
  a long time
  is setup a milti room mp3 player in my house, I have 9 rooms all with
  in wall speakers
  
  could I put 3 azailla sound cards (maybe I could do it with less) in a
  OpenBSD computer, and plug 3 rooms into each sound card
  and somehow be able to play 9 different MP3's
  
  maybe I am barking up the wrong tree here.
 
 aucat can do multi-streaming.  that is what you want.  and this would
 explicitely not conflict with multi-streaming because you would need
 more than one dac for that.
 
 I'm not aware of azalia in audio cards, or even two controllers in
 one mother board, so there is a limit of 5 channels from azalia.

make that 10 channels or 5 stereo streams

 the only multi-channel cards supported by OpenBSD that I know of,
 besides envy(4), are cmpci(4).
 
 -- 
 jake...@sdf.lonestar.org
 SDF Public Access UNIX System - http://sdf.lonestar.org
 

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: Only one headphone jack working - good or bad?

[Jacob Meuser]

On Tue, Jan 06, 2009 at 04:50:54PM -0500, Ted Unangst wrote:
 On Tue, Jan 6, 2009 at 4:39 PM, Jacob Meuser jake...@sdf.lonestar.org wrote:
  On Tue, Jan 06, 2009 at 09:29:37PM +, Jacob Meuser wrote:
  this was deep into another thread, so I'm reposting so it will be seen
  by more people (hopefully).
 
  so azalia users please let your voice be heard.  would you find it annoying
  when playing *only* mono or stereo to have all outputs play the audio,
  or would you like that?
 
  let me clarify a little.  the output jacks would still be mutable as
  they are now, but they would be getting the mono or stereo stream.
 
 I'd find it surprising that suddenly playing something on the back
 channels changes where front channel audio goes.

well, it doesn't really change that.  if there is different front and
rear output, that would imply two dacs are in use, and this wouldn't
be applied in that case.

  This does not match
 my experience with other stereo equipment, where one must always
 request 4 or 6 channel stereo.

from what I've seen, there is usually an option to spread stereo
input across all channels.  this is pretty much what would be
happening.  I could make this optional through a mixer control, but
it could only be changed when the device is not open for playing/
recoding.

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Wireless N adapter recommendation and support

[FRLinux]

Hello,

I bought a Linksys WUSB600N adapter from (Cisco) Linksys. The device
is detected when inserted as a generic ugen0 device :

/bsd: ugen0 at uhub0
/bsd:  port 4 Cisco-Linksys LLC Dual-Band Wireless-N USB Network
Adapter rev 2.00/1.01 addr 2

I upgraded the box to current using snapshots from the 3rd of January
then grabbed the latest sources and tried to add some support for my
device (which as far as I know is based on ralink) :

# cd /usr/src/sys/dev/usb/
# grep WUSB600N *
if_ral.c:   { USB_VENDOR_CISCOLINKSYS,
USB_PRODUCT_CISCOLINKSYS_WUSB600N },
usbdevs:product CISCOLINKSYS WUSB600N   0x0071  WUSB600N
usbdevs.h:#define   USB_PRODUCT_CISCOLINKSYS_WUSB600N   0x0071
 /* WUSB600N */
usbdevs_data.h: USB_VENDOR_CISCOLINKSYS, USB_PRODUCT_CISCOLINKSYS_WUSB600N,
usbdevs_data.h: WUSB600N,

Still have no luck getting it recognized so far (and you've guessed,
my knowledge in adding stuff to the OpenBSD kernel is not that great).
So, do you know if that might have chances to get supported at all ?

OpenBSD 4.4-current (GENERIC) #2: Mon Jan  5 12:00:06 GMT 2009
r...@testbox:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: AMD Athlon(tm) 64 Processor 3000+ (AuthenticAMD 686-class,
512KB L2 cache) 1.81 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3
cpu0: AMD erratum 89 present, BIOS upgrade may be required
real mem  = 2146988032 (2047MB)
avail mem = 2067808256 (1972MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 12/21/05, BIOS32 rev. 0 @
0xfad10, SMBIOS rev. 2.2 @ 0xf (39 entries)
bios0: vendor Phoenix Technologies, LTD version 6.00 PG date 12/21/2005
bios0: EPoX COMPUTER CO., LTD nForce4 DDR: 9NPA+ / 9NPA+Ultra / 9NPAJ
/ 9NPA Ultra Series
apm0 at bios0: Power Management spec V1.2 (slowidle)
apm0: AC on, battery charge unknown
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 3.0 @ 0xf/0xd434
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfd320/240 (13 entries)
pcibios0: bad IRQ table checksum
pcibios0: PCI BIOS has 15 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 5 7 10 11 12
pcibios0: no compatible PCI ICU found
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #5 is the last bus
bios0: ROM list: 0xc/0xee00 0xd/0x4000!
cpu0 at mainbus0: (uniprocessor)
cpu0: AMD erratum 89 present, BIOS upgrade may be required
cpu0: AMD erratum 89 present, BIOS upgrade may be required
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
NVIDIA nForce4 DDR rev 0xa3 at pci0 dev 0 function 0 not configured
pcib0 at pci0 dev 1 function 0 NVIDIA nForce4 ISA rev 0xa3
nviic0 at pci0 dev 1 function 1 NVIDIA nForce4 SMBus rev 0xa2
iic0 at nviic0
spdmem0 at iic0 addr 0x50: 512MB DDR SDRAM non-parity PC3200CL2.5
spdmem1 at iic0 addr 0x51: 512MB DDR SDRAM non-parity PC3200CL2.5
spdmem2 at iic0 addr 0x52: 512MB DDR SDRAM non-parity PC3200CL2.5
spdmem3 at iic0 addr 0x53: 512MB DDR SDRAM non-parity PC3200CL2.5
iic1 at nviic0
ohci0 at pci0 dev 2 function 0 NVIDIA nForce4 USB rev 0xa2: irq 10,
version 1.0, legacy support
ehci0 at pci0 dev 2 function 1 NVIDIA nForce4 USB rev 0xa3: irq 11
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 NVIDIA EHCI root hub rev 2.00/1.00 addr 1
pciide0 at pci0 dev 6 function 0 NVIDIA nForce4 IDE rev 0xa2: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
atapiscsi0 at pciide0 channel 0 drive 1
scsibus0 at atapiscsi0: 2 targets, initiator 7
cd0 at scsibus0 targ 0 lun 0: _NEC, DVD_RW ND-3500AG, 2.18 ATAPI
5/cdrom removable
cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
pciide1 at pci0 dev 8 function 0 NVIDIA nForce4 SATA rev 0xa3: DMA
pciide1: using irq 11 for native-PCI interrupt
wd0 at pciide1 channel 0 drive 0: WDC WD2500KS-00MJB0
wd0: 16-sector PIO, LBA48, 238475MB, 488397168 sectors
wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5
ppb0 at pci0 dev 9 function 0 NVIDIA nForce4 PCI-PCI rev 0xa2
pci1 at ppb0 bus 1
re0 at pci1 dev 5 function 0 D-Link Systems DGE-528T rev 0x10:
RTL8169S (0x0400), irq 10, address 00:15:e9:f0:f9:b2
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 0
VIA VT6306 FireWire rev 0x80 at pci1 dev 9 function 0 not configured
nfe0 at pci0 dev 10 function 0 NVIDIA CK804 LAN rev 0xa3: irq 5,
address 00:04:61:ab:68:fa
ciphy0 at nfe0 phy 1: CS8201 10/100/1000TX PHY, rev. 3
ppb1 at pci0 dev 11 function 0 NVIDIA nForce4 PCIE rev 0xa3
pci2 at ppb1 bus 2
ppb2 at pci0 dev 12 function 0 NVIDIA nForce4 PCIE rev 0xa3
pci3 at ppb2 bus 3
ppb3 at pci0 dev 13 function 0 NVIDIA nForce4 PCIE rev 0xa3
pci4 at ppb3 bus 4
ppb4 at pci0 dev 14 function 0 NVIDIA nForce4 PCIE rev 0xa3
pci5 at ppb4 bus 5
vga1 at pci5 dev 0 function 0 NVIDIA GeForce 6200 rev 0xa1
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pchb0 at pci0 dev 24 function 0 AMD AMD64 0Fh HyperTransport rev 0x00
pchb1 at pci0 dev 24 function 

Re: Only one headphone jack working - good or bad?

[Jacob Meuser]

On Tue, Jan 06, 2009 at 11:08:15PM +, Jacob Meuser wrote:
 On Tue, Jan 06, 2009 at 04:50:54PM -0500, Ted Unangst wrote:
  On Tue, Jan 6, 2009 at 4:39 PM, Jacob Meuser jake...@sdf.lonestar.org 
  wrote:
   On Tue, Jan 06, 2009 at 09:29:37PM +, Jacob Meuser wrote:
   this was deep into another thread, so I'm reposting so it will be seen
   by more people (hopefully).
  
   so azalia users please let your voice be heard.  would you find it 
   annoying
   when playing *only* mono or stereo to have all outputs play the audio,
   or would you like that?
  
   let me clarify a little.  the output jacks would still be mutable as
   they are now, but they would be getting the mono or stereo stream.
  
  I'd find it surprising that suddenly playing something on the back
  channels changes where front channel audio goes.
 
 well, it doesn't really change that.  if there is different front and
 rear output, that would imply two dacs are in use, and this wouldn't
 be applied in that case.
 
   This does not match
  my experience with other stereo equipment, where one must always
  request 4 or 6 channel stereo.
 
 from what I've seen, there is usually an option to spread stereo
 input across all channels.  this is pretty much what would be
 happening.  I could make this optional through a mixer control, but
 it could only be changed when the device is not open for playing/
 recoding.

and going back to azalia.c r1.52, what was in 4.4-release, all dacs
were getting the first channel(s) when  2 were being played, so
this would match the behaviour of 4.4-release.  I don't recall anyone
complaining about output on all channels.

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: Understanding messages from MAILER-DAEMON

[Stuart Henderson]

In gmane.os.openbsd.misc, you wrote:
 Hi Stuart:

 Thanks for the reply. I noticed that I had cut  pasted from two
 different messages, so here is an intact sample:

 (It's To: rich...@cybernet.ca, which OpenBSD forwards to
 the Exchange server, From: mailer-dae...@cybernet.ca):

Ok, most likely scenario: spammer sends to solom...@myramstore.com,
hits Sendmail, Sendmail tries to pass it to Exchange.

Exchange generates a bounce *by email* to the sender
address (most Exchange versions don't reject user unknown
at the SMTP port, instead they fully bounce the email. oops.)

I guess you are also relaying outbound mail via the sendmail
box so Exchange sends it there, Sendmail tries to deliver it
and fails, then as you're receiving postmaster's mail you get
a copy of the double bounce.

If that is what's happening, the fix is to reject mail for
invalid users before the message hits Sendmail. You can create
/etc/mail/access populated with a list of the valid addresses
on the Exchange server, something like:

To:myramstore.com   error:550 5.1.1 No such user
validu...@myramstore.comOK
anot...@myramstore.com  OK
etc.

Then rebuild the hash file as shown in the comments.

You can actually build the list from the MS directory
fetching it via ldapsearch (from OpenLDAP) but the exact
command line is dependent on how the Windows server is 
arranged.

Keep an eye on /var/log/maillog (tail -f is good for this)
when you put this in place, and you might like to do it with
a test domain first.


 --- BEGIN SAMPLE ---
 Delivery has failed to these recipients or distribution lists:

 solom...@myramstore.com
 The recipient's e-mail address was not found in the recipient's
 e-mail system. Microsoft Exchange will not try to redeliver this
 message for you. Please check the e-mail address and try resending
 this message, or provide the following diagnostic text to your
 system administrator.

 The following organization rejected your message:
 sitemail.everyone.net.

 Diagnostic information for administrators:

 Generating server: mail.cybernet.ca

 solom...@myramstore.com
 sitemail.everyone.net #sitemail.everyone.net #5.1.1 SMTP;
 550 Recipient Rejected: No account by that name here #SMTP#

 Original message headers:

 Return-Path: MAILER-DAEMON
 Received: from localhost (localhost)
   by mail.cybernet.ca (8.13.4/8.13.4) id n06HNI36007149;
   Tue, 6 Jan 2009 09:23:18 -0800 (PST)
 Date: Tue, 6 Jan 2009 09:23:18 -0800
 From: Mail Delivery Subsystem MAILER-DAEMON
 Message-ID: 200901061723.n06hni36007...@mail.cybernet.ca
 To: solom...@myramstore.com
 MIME-Version: 1.0
 Content-Type: text/plain
 Subject: Returned mail: see transcript for details
 Auto-Submitted: auto-generated (failure)
 --- END SAMPLE ---

 I'm mulling over a reply from L. V Lammert on this but still
 not quite clear on the sequence of events. Any further elucidation
 would be much appreciated.

 Thanks,
 Richard Koett.

Re: Wireless N adapter recommendation and support

[Jonathan Gray]

On Tue, Jan 06, 2009 at 11:08:28PM +, FRLinux wrote:
 Hello,
 
 I bought a Linksys WUSB600N adapter from (Cisco) Linksys. The device
 is detected when inserted as a generic ugen0 device :
 
 /bsd: ugen0 at uhub0
 /bsd:  port 4 Cisco-Linksys LLC Dual-Band Wireless-N USB Network
 Adapter rev 2.00/1.01 addr 2
 
 I upgraded the box to current using snapshots from the 3rd of January
 then grabbed the latest sources and tried to add some support for my
 device (which as far as I know is based on ralink) :
 
 # cd /usr/src/sys/dev/usb/
 # grep WUSB600N *
 if_ral.c:   { USB_VENDOR_CISCOLINKSYS,
 USB_PRODUCT_CISCOLINKSYS_WUSB600N },
 usbdevs:product CISCOLINKSYS WUSB600N   0x0071  WUSB600N
 usbdevs.h:#define   USB_PRODUCT_CISCOLINKSYS_WUSB600N   0x0071
  /* WUSB600N */
 usbdevs_data.h: USB_VENDOR_CISCOLINKSYS, 
 USB_PRODUCT_CISCOLINKSYS_WUSB600N,
 usbdevs_data.h: WUSB600N,
 
 Still have no luck getting it recognized so far (and you've guessed,
 my knowledge in adding stuff to the OpenBSD kernel is not that great).
 So, do you know if that might have chances to get supported at all ?

Try adding it to dev/usb/if_run.c, if_ral.c is several ralink
chip generations ago.

If that doesn't work include the output of
usbdevs -v with the device plugged in and I'll send you a diff to apply.

It is apparently the type of chip that run(4) supports.

Re: Updating AD DNS server

[Jacob Yocom-Piatt]

Peter Bako wrote:

I'm looking for a script that I can run on my OpenBSD boxes that would allow
them to register their DHCP assigned IP addresses with my Windows 2003 DNS
server.  My windows boxes do this automatically and its convenient to be
able to just ping them by name regardless of what IP they have been given,
but for my BSD boxes I don't have this.  It would be nice to find a script
that could be called as part of the boot process with which they could also
register their name and IP addresses to the Server 2003 DNS server.

  



if you're willing to let openbsd handle the dns, you can do this

http://www.bsdguides.org/guides/openbsd/networking/ad_dynamic_dns_dhcp.php

i have this running in a couple places and it works quite nicely. i do 
not like having a windows machine in charge of something as fundamental 
as dns.m


cheers,
jake

Re: Wireless N adapter recommendation and support

[Stuart Henderson]

On 2009-01-06, FRLinux frli...@gmail.com wrote:
 I bought a Linksys WUSB600N adapter from (Cisco) Linksys. The device
 is detected when inserted as a generic ugen0 device :

There are several ralink chips. This one is somewhat likely to
be run(4), try adding the ID to dev/usb/if_run.c. Make sure your
base OS and kernel sources are up-to-date, you will need
/etc/firmware/run-rt2870.

 /bsd: ugen0 at uhub0
 /bsd:  port 4 Cisco-Linksys LLC Dual-Band Wireless-N USB Network
 Adapter rev 2.00/1.01 addr 2

 I upgraded the box to current using snapshots from the 3rd of January
 then grabbed the latest sources and tried to add some support for my
 device (which as far as I know is based on ralink) :

 usbdevs:product CISCOLINKSYS WUSB600N   0x0071  WUSB600N

gmake write error and possible solution

[Vadim Zhukov]

Hello all.

Putting this on a misc@ list because this looks like not the port problem 
itself.

Recently I start running (too) often in GMake's write error problem. It 
was reported some times ago here with no result. And after some more 
digging I found that commit in DragonFlyBSD:

http://www.mail-archive.com/commits%40crater.dragonflybsd.org/msg02534.html

 Log:
 Do not set O_NONBLOCK on a threaded program's descriptors any more. 
 Instead, use the new system calls to directly issue non-blocking I/O. 
 Additionally, force blocking I/O for debug output.

 This partly solves the problem of programs such as bmake or gmake
 fork/exec'd children which happen to be threaded.  The children would
 set O_NONBLOCK on e.g. stdin, stdout, and stderr, resulting in
 unexpected operation if the unrelated parent program tries to issue a
 read or write.

 Solves: gmake 'write error' problem

Can anyone expirinced comment this, please?

-- 
  Best wishes,
Vadim Zhukov

Re: Updating AD DNS server

[Daniel Melameth]

On Tue, Jan 6, 2009 at 3:41 PM, Peter Bako pe...@bakonet.org wrote:
 I'm looking for a script that I can run on my OpenBSD boxes that would allow
 them to register their DHCP assigned IP addresses with my Windows 2003 DNS
 server.  My windows boxes do this automatically and its convenient to be
 able to just ping them by name regardless of what IP they have been given,
 but for my BSD boxes I don't have this.  It would be nice to find a script
 that could be called as part of the boot process with which they could also
 register their name and IP addresses to the Server 2003 DNS server.

I don't know if you use a Windows DHCP server as well, but it might be
best to just let the DHCP server handle the DNS update on behalf of
the client if you do.  It is a simple configuration change on your
DHCP server.

CARP issues 4.3

[Jon Slusher]

Yesterday, while troubleshooting a rdr on the pair of openBSD 4.3 
firewalls we use here I discovered there was a rule that required a 
particular IP to be listed as an alias on the WAN interface. I used 
ifconfig to add the alias to the interface and this brought our network 
down. I didn't realize that the IP I added as the alias was already 
being used as an the IP of the physical WAN interface of the BACKUP 
firewall. 

Here is where things started to get wonky: I then removed the alias from 
the firewall. The box failed over to the secondary at this point, and 
when that happened, about 10% of our packets started dropping. I tried 
to bring the primary back as the main firewall, but it didn't seem to 
want to respond. I rebooted out of desperation, and when the main box 
came back, the CARP LAN interface remained in an INIT state, which meant 
the secondary, which drops 10% of its packets, was still acting as the 
gateway. I was able to get it to accept the Carp IP, and after taking 
down the secondary, things went back to stable. I booted the secondary, 
and for some reason it tried to take over as the MASTER, while its CARP 
LAN interface would also not go beyond the INIT state. I had to shut it 
down and give the main fw back its priority.

Anyway, the state of things now is that when I bring either machine up, 
the CARP LAN interface will not move from its INIT state. The secondary 
firewall dropping packets might be unrelated. I guess I'm looking for a 
direction toward which to start troubleshooting. I was going to try to 
upgrade to 4.4, but I wanted to get some advice first. I'll include a 
dmesg and the carp interface configs.

*Main FW dmesg:

OpenBSD 4.3 (GENERIC) #1368: Wed Mar 12 11:05:31 MDT 2008
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 468250624 (446MB)
avail mem = 442597376 (422MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf (67 entries)
bios0: vendor Phoenix Technologies, LTD version 3.09 date 06/14/2006
bios0: Compaq Presario 061 EX310AA-ABA SR1910NX NA630
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP SSDT MCFG APIC
acpi0: wakeup devices HUB0(S5) XVRA(S5) XVRB(S5) XVRC(S5) USB0(S3) 
USB2(S3) AZAD(S5) MMAC(S5) MMCI(S5) UAR1(S5) PS2M(S4) PS2K(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 3 (HUB0)
acpicpu0 at acpi0: PSS
acpitz0 at acpi0: critical temperature 75 degC
acpibtn0 at acpi0: PWRB
cpu0 at mainbus0: (uniprocessor)
cpu0: AMD Sempron(tm) Processor 3200+, 1804.01 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 256KB 
64b/line 16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu0: AMD erratum 89 present, BIOS upgrade may be required
cpu0: Cool'n'Quiet K8 1804 MHz: speeds: 1800 1000 MHz
pci0 at mainbus0 bus 0: configuration mode 1
NVIDIA C51 Host rev 0xa2 at pci0 dev 0 function 0 not configured
NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 1 not configured
NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 2 not configured
NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 3 not configured
NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 4 not configured
NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 5 not configured
NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 6 not configured
NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 7 not configured
ppb0 at pci0 dev 2 function 0 NVIDIA C51 PCIE rev 0xa1
pci1 at ppb0 bus 1
ppb1 at pci0 dev 4 function 0 NVIDIA C51 PCIE rev 0xa1
pci2 at ppb1 bus 2
vga1 at pci0 dev 5 function 0 NVIDIA GeForce 6150 LE rev 0xa2
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
NVIDIA MCP51 Host rev 0xa2 at pci0 dev 9 function 0 not configured
pcib0 at pci0 dev 10 function 0 NVIDIA MCP51 ISA rev 0xa3
nviic0 at pci0 dev 10 function 1 NVIDIA MCP51 SMBus rev 0xa3
iic0 at nviic0
adt0 at iic0 addr 0x2e: sch5017 rev 0x8a
spdmem0 at iic0 addr 0x50: 256MB DDR SDRAM non-parity PC3200CL3.0
spdmem1 at iic0 addr 0x51: 256MB DDR SDRAM non-parity PC3200CL3.0
iic1 at nviic0
NVIDIA MCP51 Memory rev 0xa3 at pci0 dev 10 function 2 not configured
ohci0 at pci0 dev 11 function 0 NVIDIA MCP51 USB rev 0xa3: couldn't 
map interrupt
ehci0 at pci0 dev 11 function 1 NVIDIA MCP51 USB rev 0xa3: couldn't 
map interrupt
pciide0 at pci0 dev 13 function 0 NVIDIA MCP51 IDE rev 0xa1: DMA, 
channel 0 configured to compatibility, channel 1 configured to compatibility
pciide0: channel 0 disabled (no drives)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: LITE-ON, COMBO SOHC-4836K, SPJ2 SCSI0 
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
pciide1 at pci0 dev 

Re: Wireless N adapter recommendation and support

[FRLinux]

On Tue, Jan 6, 2009 at 11:25 PM, Jonathan Gray j...@goblin.cx wrote:
 Try adding it to dev/usb/if_run.c, if_ral.c is several ralink
 chip generations ago.

 If that doesn't work include the output of
 usbdevs -v with the device plugged in and I'll send you a diff to apply.

 It is apparently the type of chip that run(4) supports.

Hi again,

Thanks a lot for your reply, appreciated. I have now modified the following:

# cd /usr/src/sys/dev/usb/
# grep 600N *
usbdevs:product LINKSYS4 WUSB600N   0x0071  RT2870
usbdevs.h:#define   USB_PRODUCT_LINKSYS4_WUSB600N   0x0071
 /* WUSB600N */
usbdevs_data.h: USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB600N,
usbdevs_data.h: WUSB600N,

Rebuilt the kernel then rebooted :

OpenBSD 4.4-current (GENERIC) #3: Wed Jan  7 00:13:27 GMT 2009
r...@testbox:/usr/src/sys/arch/i386/compile/GENERIC
...
ugen0 at uhub0 port 4 Cisco-Linksys LLC Dual-Band Wireless-N USB
Network Adapter rev 2.00/1.01 addr 2

But still no joy :(

What did I actually forget?

Here is the output you asked for :

# usbdevs -v
Controller /dev/usb0:
addr 1: high speed, self powered, config 1, EHCI root hub(0x),
NVIDIA(0x10de), rev 1.00
 port 1 powered
 port 2 powered
 port 3 powered
getstring: ioctl: Input/output error
 port 4 addr 2: high speed, power 450 mA, config 1, Dual-Band
Wireless-N USB Network Adapter(0x0071), Cisco-Linksys LLC(0x1737), rev
1.01
 port 5 powered
 port 6 powered
 port 7 powered
 port 8 powered
 port 9 powered
 port 10 powered
Controller /dev/usb1:
addr 1: full speed, self powered, config 1, OHCI root hub(0x),
NVIDIA(0x10de), rev 1.00
 port 1 addr 2: low speed, power 100 mA, config 1, Type 6
Mouse(0x0100), Sun Microsystems(0x0430), rev 1.02
 port 2 powered
 port 3 addr 3: low speed, power 100 mA, config 1, Type 6
Keyboard(0x0005), Sun Microsystems(0x0430), rev 1.02
 port 4 powered
 port 5 powered
 port 6 powered
 port 7 powered
 port 8 powered
 port 9 powered
 port 10 powered


Cheers,
Steph

Re: Only one headphone jack working - good or bad?

[Ted Unangst]

On Tue, Jan 6, 2009 at 6:08 PM, Jacob Meuser jake...@sdf.lonestar.org wrote:
 On Tue, Jan 06, 2009 at 04:50:54PM -0500, Ted Unangst wrote:
 On Tue, Jan 6, 2009 at 4:39 PM, Jacob Meuser jake...@sdf.lonestar.org 
 wrote:
  On Tue, Jan 06, 2009 at 09:29:37PM +, Jacob Meuser wrote:
  this was deep into another thread, so I'm reposting so it will be seen
  by more people (hopefully).
 
  so azalia users please let your voice be heard.  would you find it 
  annoying
  when playing *only* mono or stereo to have all outputs play the audio,
  or would you like that?
 
  let me clarify a little.  the output jacks would still be mutable as
  they are now, but they would be getting the mono or stereo stream.

 I'd find it surprising that suddenly playing something on the back
 channels changes where front channel audio goes.

 well, it doesn't really change that.  if there is different front and
 rear output, that would imply two dacs are in use, and this wouldn't
 be applied in that case.

I think I need more clarification.  Suppose I am listening to 2
channel music.  Without any options, the new (old?) default will be to
play on all output channels.  Now I play a short sound on the back
channels.  Does the music stop?  Does the sound blend?

Re: Testing in a virtual environment

[tico]

Dongsheng,

I've been able to reproduce (what appears to be) your problem on my i386 
kvm box.
In my case, using CPU scaling (apmd) on my OpenBSD client would cause it 
to get screwy and lose the clock source if I alternately let it run idle 
and then ran a bunch of CPU or I/O intensive tasks on it.


Some googling appears that this is a known problem with some versions of 
KVM not emulating the RTC correctly, though I'm not 100% sure, as I'm 
not a KVM developer. Folks have recommended disabling HPET in the BIOS 
and/or making sure that the host linux kernel has HPET_EMULATE_RTC set 
in the .config though I experienced this problem with my OpenBSD guests 
even with that option set in the hosting linux kernel.


In my case, I found that not enabling apmd at all (and rebooting the 
guests where I *had* enabled it, even once) made the problem much more 
bearable. Basically if the machine is mostly idle I never get the 
Alternate system clock has died message on 'systat -w1 vmstat', and it 
doesn't lock up anymore like it did when apmd was running.


Now the only issues I have are that under high load I occasionally get
em0: watchdog timeout -- resetting
em0: watchdog timeout -- resetting
em0: watchdog timeout -- resetting
messages on the console when using the e1000 NIC emulation, but it 
doesn't seem to be too severe right now, and is only occurring when I'm 
serving a decent bit of data (55-68mbps SSH/rsync data).


Best of luck,
-Tico

Dongsheng Song wrote:

When I running OpenBSD under kvm,  process time aways 0 !

[dongsh...@dl:~/kvm]% cat OpenBSD-x64/start.sh  [09-01-05 21:53:50]
#!/bin/sh

cd /home/dongsheng/kvm/OpenBSD-x64

kvm -name OpenBSD-x64 -m 1024M -hda hda.img \
-cdrom ../../var/iso/openbsd-amd64-4_4-20081215.iso \
-net nic,vlan=0,macaddr=52:54:00:12:34:01,model=e1000 \
-net tap,vlan=0,ifname=tap01,script=no \
-net nic,vlan=1,macaddr=52:54:00:12:34:11,model=e1000 \
-net tap,vlan=1,ifname=tap11,script=no \
-vnc :11 -daemonize

[dongsh...@x64:~]% w[09-01-05 21:53:17]
 9:53PM  up 16 days, 13:30, 1 user, load averages: 0.08, 0.08, 0.08
USERTTY FROM  LOGIN@  IDLE WHAT
dongsheng p0 116.23.101.68 9:53PM 0 w

load averages:  0.06,  0.08,  0.08 21:53:37
17 processes:  16 idle, 1 on processor
CPU states:  1.1% user,  0.3% nice, 11.0% system,  7.9% interrupt, 79.7% idle
Memory: Real: 11M/134M act/tot  Free: 852M  Swap: 0K/2055M used/tot

  PID USERNAME PRI NICE  SIZE   RES STATEWAIT  TIMECPU COMMAND
 8430 root   20 1188K 2032K sleepselect0:00  0.00% sendmail
26190 root   20  696K 1344K idle select0:00  0.00% sshd
26396 _syslogd   20  452K  824K sleeppoll  0:00  0.00% syslogd
26716 root   20  472K  884K idle select0:00  0.00% cron
16624 root   20  400K  868K idle select0:00  0.00% inetd
1 root  100  360K  364K idle wait  0:00  0.00% init
21396 dongshen   20  340K 1416K idle select0:00  0.00% ssh-agent
13401 dongshen  180  976K 3132K sleeppause 0:00  0.00% zsh
10013 root   20 3372K 3092K idle netio 0:00  0.00% sshd
 7279 root   20  420K  740K idle netio 0:00  0.00% syslogd
20347 dongshen  280  448K 1496K onproc   - 0:00  0.00% top
15854 dongshen   20 3344K 2180K sleepselect0:00  0.00% sshd

2009/1/4 Michiel van Baak mich...@vanbaak.info:
  

On 09:41, Sat 03 Jan 09, Daniel A. Ramaley wrote:

Running OpenBSD under VirtualBox is not stable at all.
I have good experience running OpenBSD under xen, kvm and vmware-server.

Re: gmake write error and possible solution

[Ted Unangst]

On Tue, Jan 6, 2009 at 6:47 PM, Vadim Zhukov persg...@gmail.com wrote:
 Recently I start running (too) often in GMake's write error problem. It
 was reported some times ago here with no result. And after some more
 digging I found that commit in DragonFlyBSD:

 http://www.mail-archive.com/commits%40crater.dragonflybsd.org/msg02534.html

 Log:
 Do not set O_NONBLOCK on a threaded program's descriptors any more.
 Instead, use the new system calls to directly issue non-blocking I/O.
 Additionally, force blocking I/O for debug output.

 This partly solves the problem of programs such as bmake or gmake
 fork/exec'd children which happen to be threaded.  The children would
 set O_NONBLOCK on e.g. stdin, stdout, and stderr, resulting in
 unexpected operation if the unrelated parent program tries to issue a
 read or write.

 Solves: gmake 'write error' problem

 Can anyone expirinced comment this, please?

We don't have whatever these new syscalls are and are unlikely to
adopt them, so I don't think the fix is particularly relevant to
openbsd.  But yeah, faking threads in userland causes trouble.  If we
replace the thread library with a better one, then the problem goes
away.  Maybe.

Let me qualify that.  The reason for the maybe is that there can be
many reasons for a program to set stdout to non-blocking.  It may not
always be the result of pthread fiddling.  So gmake is still wrong.
If its behavior depends on whether a fd is set nonblocking in a child,
that's a problem.  Just a problem that occurs less frequently without
threads it seems.

Re: Only one headphone jack working - good or bad?

[Jacob Meuser]

On Tue, Jan 06, 2009 at 07:59:04PM -0500, Ted Unangst wrote:
 On Tue, Jan 6, 2009 at 6:08 PM, Jacob Meuser jake...@sdf.lonestar.org wrote:
  On Tue, Jan 06, 2009 at 04:50:54PM -0500, Ted Unangst wrote:
  On Tue, Jan 6, 2009 at 4:39 PM, Jacob Meuser jake...@sdf.lonestar.org 
  wrote:
   On Tue, Jan 06, 2009 at 09:29:37PM +, Jacob Meuser wrote:
   this was deep into another thread, so I'm reposting so it will be seen
   by more people (hopefully).
  
   so azalia users please let your voice be heard.  would you find it 
   annoying
   when playing *only* mono or stereo to have all outputs play the audio,
   or would you like that?
  
   let me clarify a little.  the output jacks would still be mutable as
   they are now, but they would be getting the mono or stereo stream.
 
  I'd find it surprising that suddenly playing something on the back
  channels changes where front channel audio goes.
 
  well, it doesn't really change that.  if there is different front and
  rear output, that would imply two dacs are in use, and this wouldn't
  be applied in that case.
 
 I think I need more clarification.  Suppose I am listening to 2
 channel music.  Without any options, the new (old?) default will be to
 play on all output channels.

actually, it will give all dacs the first channel(s) digital data.

  Now I play a short sound on the back
 channels.  Does the music stop?  Does the sound blend?
 

I don't understand what you're saying here. how do you play sound on
the back channels?

if you are using aucat in a multichannel/multistream configuration, then
you are using more than one dac and there is no copying of data.

if you are switching from stereo playback to multichannel playback,
then the music stops anyway.

if you are just muting/unmuting channels, then nothing stops from
dac's perspective.

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: spamd issues

[Frank Bax]

Darrin Chandler wrote:

On Tue, Jan 06, 2009 at 12:58:00PM -0500, Frank Bax wrote:

Today I was having some issues sending mail through a local ISP to my
system (4.4 release).  Some investigation showed that spamdb reports the
ip address of the ISP's smtp server as both WHITE and GREY?  This should
not be possible, should it?

$ sudo spamdb | grep 64.7.153.18
WHITE|64.7.153.18|||1231252840|1231254379|1234364784|9|0


GREY|64.7.153.18|smarthost1.sentex.ca|x...@clgw.ca|x...@clgw.ca|1231252840|
1231254390|1231267240|10|0

Is it possible to remove the GREY entry (spamdb -d only removes WHITE
entires)?


WHITE is seen first, so the GREY has no effect. This behavior started a
few releases ago, and it's been discussed several times. There's no need
to remove the GREY entries. They expire on their own in short order.



Ah, my bad; sorry.  Thanks for being kind enough to post the same answer 
a second time.  Now I've done a bit of homework.


http://marc.info/?l=openbsd-miscm=118755082205516w=2
http://marc.info/?l=openbsd-miscm=120033441815022w=2
http://marc.info/?l=openbsd-miscm=120507275423154w=2

The basic response was that this behaviour is normal; but I started to 
wonder about this when 2 of 3 posts did not contain a pf.conf file.  In 
the only thread (first one) where a pf.conf file was included; Edgars 
happened to mention:

  I've always had my spamd-white list match on a no rdr
  before any of the other rules.
I don't have a no rdr rule and neither did the OP that included his 
pf.conf file.


Going through the changelog for pf.conf, I notice this change Feb.2007:

http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.conf.diff?r1=1.33;r2=1.34

I'm afraid I barely understood how spamd worked when I first did the 
setup back in 3.5; and now I don't fully understand the impact of these 
changes made to examples in pf.conf; but I do notice a few things. 
First, I notice that other people started having soon after this change 
was committed.  Is it possible that a change to my pf.conf would get rid 
of the duplicate ip addresses (once the GREY's had expired)?


I notice that one example line was removed:
   table spamd persist
I guess I can delete that line from my file too?

I notice that the two example rules that were changed match my 2nd and 
4th rules.  That cannot be coincidence.


in_mx=127.0.0.1
rdr pass on $ext_if proto tcp from spamd-mywhite to port smtp \
- $in_mx port smtp
rdr pass on $ext_if proto tcp from spamd to port smtp \
- 127.0.0.1 port spamd
rdr pass on $ext_if proto tcp from spamd-white to port smtp \
- $in_mx port smtp
rdr pass on $ext_if proto tcp from !spamd-white to port smtp \
- 127.0.0.1 port spamd

Should I change my file to:

rdr pass on $ext_if proto tcp from spamd-mywhite to port smtp \
- $in_mx port smtp
no rdr on $ext_if proto tcp from spamd-white to any port smtp
rdr pass on $ext_if proto tcp from spamd-white to port smtp \
- $in_mx port smtp
rdr pass on $ext_if proto tcp from any to any port smtp \
- 127.0.0.1 port spamd

I'm thinking my 3rd rule is now redundant - is this correct?

Frank

Re: gmake write error and possible solution

[Philip Guenther]

On Tue, Jan 6, 2009 at 5:07 PM, Ted Unangst ted.unan...@gmail.com wrote:
...
 Let me qualify that.  The reason for the maybe is that there can be
 many reasons for a program to set stdout to non-blocking.  It may not
 always be the result of pthread fiddling.  So gmake is still wrong.
 If its behavior depends on whether a fd is set nonblocking in a child,
 that's a problem.  Just a problem that occurs less frequently without
 threads it seems.

Some of us wish that the non-blocking flag was an fd flag (like
FD_CLOEXEC) instead of a file table flag like it really is**; this
would have never been an issue then.

As for this being a bug in gmake, well, the same bug exists in *lots*
of programs.  I used to hit it all the time with the system 'vi' when
debugging a threaded program that crashed, leaving the session's
std{in,out,err} as non-blocking.  That mostly went away when the
system ksh started resetting the terminal to blocking when the
foreground process exited, but you can still hit it by running 'vi'
from inside a threaded program (with system()), then stopping and
starting the program and vi with ^Z and fg:
  Error: input: Resource temporarily unavailable

Notice that resetting the state at startup isn't enough.  Since the
state could be changed by another process at any moment, you actually
have to replace each should-be-blocking call with try it, then poll()
and loop if EAGAIN logic...which probably isn't correct for a
terminal device in non-canonical mode.  Altering almost every program
on the system to do that seems like the Wrong Thing to me.


Philip Guenther

** Yes, yes, there would have had to been some way to specify
non-blocking open().  If we lived in that universe, the details would
have been worked out already.

Re: gmake write error and possible solution

[Ted Unangst]

On Tue, Jan 6, 2009 at 8:51 PM, Philip Guenther guent...@gmail.com wrote:
 As for this being a bug in gmake, well, the same bug exists in *lots*
 of programs.  I used to hit it all the time with the system 'vi' when
 debugging a threaded program that crashed, leaving the session's
 std{in,out,err} as non-blocking.  That mostly went away when the
 system ksh started resetting the terminal to blocking when the
 foreground process exited, but you can still hit it by running 'vi'
 from inside a threaded program (with system()), then stopping and
 starting the program and vi with ^Z and fg:
  Error: input: Resource temporarily unavailable

 Notice that resetting the state at startup isn't enough.  Since the
 state could be changed by another process at any moment, you actually
 have to replace each should-be-blocking call with try it, then poll()
 and loop if EAGAIN logic...which probably isn't correct for a
 terminal device in non-canonical mode.  Altering almost every program
 on the system to do that seems like the Wrong Thing to me.

My opinion is that for vi this is more a corner case.  I think it's
reasonable for vi to assume it has blocking fds to start, and for the
shell to enforce that. Same for any other app that doesn't anticipate
being toggled with another app on console.  But gmake is actively
execing other jobs.  It *knows* that other processes are running and
that they are likely writing to stdout, so it should handle this case.

Fixing every program that writes out data to use a loop is certainly
overkill, but I don't think fixing every program that uses fork+exec
to reset or deal with non-blocking shared descriptors is too much to
ask.

Re: Wireless N adapter recommendation and support

[Jonathan Gray]

On Wed, Jan 07, 2009 at 12:19:35AM +, FRLinux wrote:
 On Tue, Jan 6, 2009 at 11:25 PM, Jonathan Gray j...@goblin.cx wrote:
  Try adding it to dev/usb/if_run.c, if_ral.c is several ralink
  chip generations ago.
 
  If that doesn't work include the output of
  usbdevs -v with the device plugged in and I'll send you a diff to apply.
 
  It is apparently the type of chip that run(4) supports.
 
 Hi again,
 
 Thanks a lot for your reply, appreciated. I have now modified the following:
 
 # cd /usr/src/sys/dev/usb/
 # grep 600N *
 usbdevs:product LINKSYS4 WUSB600N   0x0071  RT2870
 usbdevs.h:#define   USB_PRODUCT_LINKSYS4_WUSB600N   0x0071
  /* WUSB600N */
 usbdevs_data.h: USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB600N,
 usbdevs_data.h: WUSB600N,
 
 Rebuilt the kernel then rebooted :
 
 OpenBSD 4.4-current (GENERIC) #3: Wed Jan  7 00:13:27 GMT 2009
 r...@testbox:/usr/src/sys/arch/i386/compile/GENERIC
 ...
 ugen0 at uhub0 port 4 Cisco-Linksys LLC Dual-Band Wireless-N USB
 Network Adapter rev 2.00/1.01 addr 2
 
 But still no joy :(
 
 What did I actually forget?

Try this and run 'make' in /usr/src/sys/dev/usb before
building a kernel.

cd /usr/src/sys/dev/usb
patch -p0  /path/to/diff
make

Index: usbdevs
===
RCS file: /cvs/src/sys/dev/usb/usbdevs,v
retrieving revision 1.403
diff -u -p -r1.403 usbdevs
--- usbdevs 29 Dec 2008 12:18:39 -  1.403
+++ usbdevs 7 Jan 2009 02:08:05 -
@@ -1840,6 +1840,7 @@ product LIEBERT POWERSURE_PXT 0x  Pow
 
 /* Linksys products */
 product LINKSYS4 USB1000   0x0039  USB1000
+product LINKSYS4 WUSB600N  0x0071  WUSB600N
 product LINKSYS MAUSB2 0x0105  Camedia MAUSB-2
 product LINKSYS USB10TX1   0x200c  USB10TX
 product LINKSYS USB10T 0x2202  USB10T Ethernet
Index: if_run.c
===
RCS file: /cvs/src/sys/dev/usb/if_run.c,v
retrieving revision 1.1
diff -u -p -r1.1 if_run.c
--- if_run.c3 Jan 2009 18:39:33 -   1.1
+++ if_run.c7 Jan 2009 02:08:05 -
@@ -161,9 +161,10 @@ static const struct usb_devno run_devs[]
USB_ID(LOGITEC, RT2870_1),
USB_ID(LOGITEC, RT2870_2),
USB_ID(LOGITEC, RT2870_3),
-   USB_ID(AIRTIES, RT3070)
+   USB_ID(AIRTIES, RT3070),
 
/* Entries not in the Ralink Linux driver. */
+   USB_ID(LINKSYS4,WUSB600N)
 };
 
 intrun_match(struct device *, void *, void *);

Pf Blocks

[dug]

Hello,

I have some troubles with PF blocks.

I have two networks connected with a VPN between an
Openbsd 4.4 and a Freebsd 6.4 firewall.
So, I can connect to a remote host, from my computer behind the
Openbsd  firewall, throught the VPN with SSH.
But a few second after, the following block appears in my pf log
on the Openbsd firewall :

# tcpdump -vvveni pflog0
tcpdump: listening on pflog0, link-type PFLOG

03:35:48.937334 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
10.11.1.100.65024  192.168.1.150.22: [|tcp] [tos 0x10]
(ttl 63, id 32188, len 100)

03:35:49.108254 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
10.11.1.100.65024  192.168.1.150.22: [|tcp] [tos 0x10]
(ttl 63, id 58480, len 100)

03:35:49.178617 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
10.11.1.100.65024  192.168.1.150.22: [|tcp] [tos 0x10]
(ttl 63, id 32629, len 148)

03:35:49.267735 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
10.11.1.100.65024  192.168.1.150.22: [|tcp] [tos 0x10]
(ttl 63, id 16761, len 100)

Yet, in my PF configuration, I set rule which allow this traffic :
pass log quick on nfe0 from 10.11.0.0/16 to any flags S/SA keep state
(if-bound)

This is the option of my pf.conf file :
scrub in all no-df random-id fragment reassemble
scrub on nfe0 all reassemble tcp fragment reassemble

I have another similar problem.
I'm trying to connect to a web server behind the Openbsd Firewall from a
computer behind the Freebsd Firewall.
I have this block in my PF log :

# tcpdump -vvveni pflog0
tcpdump: listening on pflog0, link-type PFLOG

03:36:03.309939 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
10.10.1.39.80  192.168.1.150.56417: [|tcp] (ttl 127, id 35287, len 48)

03:36:06.002860 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
10.10.1.39.80  192.168.1.150.56417: [|tcp] (ttl 127, id 50439, len 48)


This is a rule set in my pf.conf file :

pass log quick on nfe0 inet from 10.10.1.39 to 192.168.1.0/24 flags S/SA
keep state (if-bound)



Somebody have an idea  to help me ?

Thank you.

Re: Testing in a virtual environment

[Dongsheng Song]

I'm  run kvm-72 in debian 5.0(lenny) amd64, dell 2950.
Only OpenBSD-x64 vm has such problem, the Linux-x64 vm running good.

2009/1/7 tico t...@raapid.net:
 Dongsheng,

 I've been able to reproduce (what appears to be) your problem on my i386 kvm
 box.
 In my case, using CPU scaling (apmd) on my OpenBSD client would cause it to
 get screwy and lose the clock source if I alternately let it run idle and
 then ran a bunch of CPU or I/O intensive tasks on it.

 Some googling appears that this is a known problem with some versions of KVM
 not emulating the RTC correctly, though I'm not 100% sure, as I'm not a KVM
 developer. Folks have recommended disabling HPET in the BIOS and/or making
 sure that the host linux kernel has HPET_EMULATE_RTC set in the .config
 though I experienced this problem with my OpenBSD guests even with that
 option set in the hosting linux kernel.

 In my case, I found that not enabling apmd at all (and rebooting the guests
 where I *had* enabled it, even once) made the problem much more bearable.
 Basically if the machine is mostly idle I never get the Alternate system
 clock has died message on 'systat -w1 vmstat', and it doesn't lock up
 anymore like it did when apmd was running.

 Now the only issues I have are that under high load I occasionally get
 em0: watchdog timeout -- resetting
 em0: watchdog timeout -- resetting
 em0: watchdog timeout -- resetting
 messages on the console when using the e1000 NIC emulation, but it doesn't
 seem to be too severe right now, and is only occurring when I'm serving a
 decent bit of data (55-68mbps SSH/rsync data).

 Best of luck,
 -Tico

 Dongsheng Song wrote:

 When I running OpenBSD under kvm,  process time aways 0 !

 [dongsh...@dl:~/kvm]% cat OpenBSD-x64/start.sh  [09-01-05
 21:53:50]
 #!/bin/sh

 cd /home/dongsheng/kvm/OpenBSD-x64

 kvm -name OpenBSD-x64 -m 1024M -hda hda.img \
-cdrom ../../var/iso/openbsd-amd64-4_4-20081215.iso \
-net nic,vlan=0,macaddr=52:54:00:12:34:01,model=e1000 \
-net tap,vlan=0,ifname=tap01,script=no \
-net nic,vlan=1,macaddr=52:54:00:12:34:11,model=e1000 \
-net tap,vlan=1,ifname=tap11,script=no \
-vnc :11 -daemonize

 [dongsh...@x64:~]% w[09-01-05
 21:53:17]
  9:53PM  up 16 days, 13:30, 1 user, load averages: 0.08, 0.08, 0.08
 USERTTY FROM  LOGIN@  IDLE WHAT
 dongsheng p0 116.23.101.68 9:53PM 0 w

 load averages:  0.06,  0.08,  0.08
 21:53:37
 17 processes:  16 idle, 1 on processor
 CPU states:  1.1% user,  0.3% nice, 11.0% system,  7.9% interrupt, 79.7%
 idle
 Memory: Real: 11M/134M act/tot  Free: 852M  Swap: 0K/2055M used/tot

  PID USERNAME PRI NICE  SIZE   RES STATEWAIT  TIMECPU COMMAND
  8430 root   20 1188K 2032K sleepselect0:00  0.00%
 sendmail
 26190 root   20  696K 1344K idle select0:00  0.00% sshd
 26396 _syslogd   20  452K  824K sleeppoll  0:00  0.00% syslogd
 26716 root   20  472K  884K idle select0:00  0.00% cron
 16624 root   20  400K  868K idle select0:00  0.00% inetd
1 root  100  360K  364K idle wait  0:00  0.00% init
 21396 dongshen   20  340K 1416K idle select0:00  0.00%
 ssh-agent
 13401 dongshen  180  976K 3132K sleeppause 0:00  0.00% zsh
 10013 root   20 3372K 3092K idle netio 0:00  0.00% sshd
  7279 root   20  420K  740K idle netio 0:00  0.00% syslogd
 20347 dongshen  280  448K 1496K onproc   - 0:00  0.00% top
 15854 dongshen   20 3344K 2180K sleepselect0:00  0.00% sshd

 2009/1/4 Michiel van Baak mich...@vanbaak.info:


 On 09:41, Sat 03 Jan 09, Daniel A. Ramaley wrote:

 Running OpenBSD under VirtualBox is not stable at all.
 I have good experience running OpenBSD under xen, kvm and vmware-server.

Re: spamd issues

[Darrin Chandler]

On Tue, Jan 06, 2009 at 08:26:37PM -0500, Frank Bax wrote:
 I notice that one example line was removed:
table spamd persist
 I guess I can delete that line from my file too?

Er, you'll still need that unless something's happened that I totally
missed.

 I notice that the two example rules that were changed match my 2nd and
 4th rules.  That cannot be coincidence.

 in_mx=127.0.0.1
 rdr pass on $ext_if proto tcp from spamd-mywhite to port smtp \
 - $in_mx port smtp
 rdr pass on $ext_if proto tcp from spamd to port smtp \
 - 127.0.0.1 port spamd
 rdr pass on $ext_if proto tcp from spamd-white to port smtp \
 - $in_mx port smtp
 rdr pass on $ext_if proto tcp from !spamd-white to port smtp \
 - 127.0.0.1 port spamd

 Should I change my file to:

 rdr pass on $ext_if proto tcp from spamd-mywhite to port smtp \
 - $in_mx port smtp
 no rdr on $ext_if proto tcp from spamd-white to any port smtp
 rdr pass on $ext_if proto tcp from spamd-white to port smtp \
 - $in_mx port smtp
 rdr pass on $ext_if proto tcp from any to any port smtp \
   - 127.0.0.1 port spamd

 I'm thinking my 3rd rule is now redundant - is this correct?

I'm a little confused. Do you have separate firewall  mail server, and
are running spamd on the firewall? If so I think the following
(untested) should work:

rdr pass on $ext_if proto tcp from spamd-mywhite to any port smtp \
- $in_mx port smtp
rdr pass on $ext_if proto tcp from spamd-white to any port smtp \
- $in_mx port smtp
rdr pass on $ext_if proto tcp from any to any port smtp \
- 127.0.0.1 port spamd


If you are running spamd on your mail server then it's a bit simpler:

no rdr on $ext_if proto tcp from spamd-mywhite to any port smtp
no rdr on $ext_if proto tcp from spamd-white to any port smtp
rdr pass on $ext_if proto tcp from any to any port smtp \
   - 127.0.0.1 port spamd

--
Darrin Chandler|  Phoenix BSD User Group  |  MetaBUG
dwchand...@stilyagin.com   |  http://phxbug.org/  |  http://metabug.org/
http://www.stilyagin.com/  |  Daemons in the Desert   |  Global BUG
Federation

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: Pf Blocks

[James Records]

Dug,

Not really enough info here to determine what is going on, but to be sure,
try this:

pfctl -vvs rules

This will show you the order of your rules, and whatever rule is listed as
1 is what is blocking this packet.  If it is the rule you are talking
about here, then its too hard to tell with this info.  Do you have access to
the other boxes log?  That may be helpful, but this should at least make
sure you are troubleshooting the correct rule.

Hope this helps.

Jim

On Tue, Jan 6, 2009 at 6:38 PM, dug d...@xgs-france.com wrote:

 Hello,

 I have some troubles with PF blocks.

 I have two networks connected with a VPN between an
 Openbsd 4.4 and a Freebsd 6.4 firewall.
 So, I can connect to a remote host, from my computer behind the
 Openbsd  firewall, throught the VPN with SSH.
 But a few second after, the following block appears in my pf log
 on the Openbsd firewall :

 # tcpdump -vvveni pflog0
 tcpdump: listening on pflog0, link-type PFLOG

 03:35:48.937334 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
 10.11.1.100.65024  192.168.1.150.22: [|tcp] [tos 0x10]
 (ttl 63, id 32188, len 100)

 03:35:49.108254 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
 10.11.1.100.65024  192.168.1.150.22: [|tcp] [tos 0x10]
 (ttl 63, id 58480, len 100)

 03:35:49.178617 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
 10.11.1.100.65024  192.168.1.150.22: [|tcp] [tos 0x10]
 (ttl 63, id 32629, len 148)

 03:35:49.267735 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
 10.11.1.100.65024  192.168.1.150.22: [|tcp] [tos 0x10]
 (ttl 63, id 16761, len 100)

 Yet, in my PF configuration, I set rule which allow this traffic :
 pass log quick on nfe0 from 10.11.0.0/16 to any flags S/SA keep state
 (if-bound)

 This is the option of my pf.conf file :
 scrub in all no-df random-id fragment reassemble
 scrub on nfe0 all reassemble tcp fragment reassemble

 I have another similar problem.
 I'm trying to connect to a web server behind the Openbsd Firewall from a
 computer behind the Freebsd Firewall.
 I have this block in my PF log :

 # tcpdump -vvveni pflog0
 tcpdump: listening on pflog0, link-type PFLOG

 03:36:03.309939 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
 10.10.1.39.80  192.168.1.150.56417: [|tcp] (ttl 127, id 35287, len 48)

 03:36:06.002860 rule 1/(match) [uid 0, pid 14289] block in on nfe0:
 10.10.1.39.80  192.168.1.150.56417: [|tcp] (ttl 127, id 50439, len 48)


 This is a rule set in my pf.conf file :

 pass log quick on nfe0 inet from 10.10.1.39 to 192.168.1.0/24 flags S/SA
 keep state (if-bound)



 Somebody have an idea  to help me ?

 Thank you.