Re: script

[Tom Van Looy]

Nick Guenther wrote:
 Does anybody provide a commercial shell scripting???
 
 for i in Don't wait Buy Things Now Save Now $0.99 Get your
 instant trial account now Double Your Sales Calls, Free Script
 Demo; do
   echo $i
 done
 
 Like that?

Hey man, that wasn't just 'commercial grade', that was Enterprise(tm) ready!
Almost ready to be:
#!/usr/games/fortune 500
...

Actually, there's a bug in the script. Should be \$0.99. ;o)

Re: script

[Jacek Artymiak]

 Actually, there's a bug in the script. Should be \$0.99. ;o)

That's so wasteful. That's one keystroke too many. '$0.99' would be
more appropriate for today's 'green' enterprises ;-)

-- 
Jacek Artymiak
http://devGuide.net

Re: xterm and home-dir with automounter

[Ben Calvert]

an interesting discussion of this very problem:

http://plan9.bell-labs.com/sys/doc/lexnames.html

On Jan 12, 2009, at 2:44 PM, Philip Guenther wrote:


On Mon, Jan 12, 2009 at 2:35 PM, Rudi Ludwig rud...@gmx.de wrote:

On Monday 12 January 2009 20:38:03 Philip Guenther wrote:

When the shell is started by konsole, or xterm, or login, it's
working directory has already been set to $HOME.  At that point, it
can only see the physical path (sans symlinks).  If you want it to
see the logical path, then you need to have it do a chdir  
itself...as

you figured out when you do 'cd' first thing.


So the shell starts whereever it is put to by xterm, konsole, etc.
and does not itself evaluate $HOME at start-up?


What do you mean by 'evaluate'?  It doesn't chdir there itself.  It
knows HOME=/home/rudi, and it knows that its current working directory
is /usr/home/rudi, but that's it.



So, just put some logic into your .profile to cd $HOME if the
physical directory is that of $HOME.

case $PWD in
 $(cd $HOME  pwd -P) ) cd $HOME;;
esac

I have put that at the end of my .profile and it works for remote  
login

(ssh).
But the KDE konsole and xterm  still resist and display the physical
location at start-up instead of $HOME (~).


When that happens, what do the following output?
 echo $PWD
 (cd $HOME  pwd -P)
 echo $HOME


Philip Guenther

Re: spamd won't use my WHITElist

[Gregory Edigarov]

engineer wrote:

Hi.

I run spamd on 4.4-stable. There are some blacklist and whitelist. But
spamd don't use it (at least, whitelist) and use greylist scheme for
all connections.
I need to get emails from WHITElisted networks immediately, skipping
spamd. Please, help me understand where I'm wrong.
Here is my configs.

$ fgrep -v '#' /etc/mail/spamd.conf
all:\
:myblack:uatraps:nixspam:china:korea:mywhite:

myblack:\
:black:\
:msg=Your address %A has sent spam to me:\
:method=file:\
:file=/etc/postfix/spamd_black.txt:

mywhite:\
:white:\
:method=file:\
:file=/etc/postfix/spamd_white.txt:

uatraps:\
:black:\
:msg=Your address %A has sent mail to a ualberta.ca spamtrap\n\
within the last 24 hours:\
:method=http:\
:file=www.openbsd.org/spamd/traplist.gz

nixspam:\
:black:\
:msg=Your address %A is in the nixspam list\n\
See http://www.heise.de/ix/nixspam/dnsbl_en/ for details:\
:method=http:\
:file=www.openbsd.org/spamd/nixspam.gz

china:\
:black:\
:msg=SPAM. Your address %A appears to be from China\n\
See http://www.okean.com/asianspamblocks.html for more details:\
:method=http:\
:file=www.openbsd.org/spamd/chinacidr.txt.gz:

korea:\
:black:\
:msg=SPAM. Your address %A appears to be from Korea\n\
See http://www.okean.com/asianspamblocks.html for more details:\
:method=http:\
:file=www.openbsd.org/spamd/koreacidr.txt.gz:


$ fgrep -v '#' /etc/postfix/spamd_white.txt
194.67.23.0 - 194.67.23.255
194.67.57.0 - 194.67.57.255
195.239.211.0 - 195.239.211.255
213.180.192.0 - 213.180.193.255
213.180.200.0 - 213.180.200.255
213.180.223.0 - 213.180.223.255
87.250.251.0 - 87.250.251.255
77.88.21.0 - 77.88.21.255
93.158.134.0 -  93.158.134.255
209.85.128.0 - 209.85.255.255
217.150.32.41 - 217.150.32.42

In /etc/pf.conf
...
table spamd-white persist
...
rdr on $ext_if proto tcp from any to $mx_IP port smtp - 127.0.0.1 port spamd
  

should be :
rdr on $ext_if proto tcp from !spamd-white to $mx_IP port smtp - 
127.0.0.1 port spamd

And when someone try to send me email from @mail.ru I see this (my
... hides real symbols):
# spamdb |fgrep 't...@mail.ru'
GREY|194.67.23.194|mx33.mail.ru|t...@mail.ru|s...@ru|1231821097|1231835497|1231835497|1|0
GREY|194.67.23.36|mx40.mail.ru|t...@mail.ru|s...@ru|1231819993|1231834393|1231834393|1|0

It seems like spamd completely skipped WHITElisted network
(194.67.23.0 - 194.67.23.255).

I was thinking that all WHITElisted nets will be in the spamd-white
immediately, just after spamd started...
  


--
With best regards,
Gregory Edigarov

Re: script

[David Gwynne]

On 13/01/2009, at 6:37 PM, Jacek Artymiak wrote:


Actually, there's a bug in the script. Should be \$0.99. ;o)


That's so wasteful. That's one keystroke too many. '$0.99' would be
more appropriate for today's 'green' enterprises ;-)


all those extra escapes could cost you a cup of tea.

Re: spamd won't use my WHITElist

[engineer]

2009/1/13 Gregory Edigarov g...@bestnet.kharkov.ua:
 In /etc/pf.conf
 ...
 table spamd-white persist
 ...
 rdr on $ext_if proto tcp from any to $mx_IP port smtp - 127.0.0.1 port
 spamd

 should be :
 rdr on $ext_if proto tcp from !spamd-white to $mx_IP port smtp -
 127.0.0.1 port spamd

Oh, sorry, I forgot to supply one string. Actually it looks like this:

no rdr on $ext_if proto tcp from spamd-white to $mx_IP port smtp
rdr on $ext_if proto tcp from any to $mx_IP port smtp - 127.0.0.1 port spamd

--
engineer

Re: /var/mail permissions?

[Thorsten Glaser]

On Wed, 8 May 2002, J.D. Bronson wrote:

 What is the correct permissions for /var/mail?

$ sudo chown root:wheel /var/mail; sudo chmod 1777 /var/mail

In this order. Not 1. And not g+s, that is only required on SYSV UNIXB..

 I am concerned about this as some POP3 daemons make the file rw-rw and
 therefore any other user could read email!

Then they suck ;)

//mirabilos
--
tarent Gesellschaft fCr Softwareentwicklung und IT-Beratung mbH

Heilsbachstr. 24, 53123 Bonn  | Poststr. 4-5, 10178 Berlin
fon: +49(228) / 52675-0   | fon: +49(30) / 27594853
fax: +49(228) / 52675-25  | fax: +49(30) / 78709617

GeschC$ftsfChrer
Boris Esser, Elmar Geese
HRB AG Bonn 5168
Ust-ID: DE122264941

isakmpd does not initiate quick mode after main mode is established

[Christoph Leser]

I'm still struggling to keep my ipsec vpns running smoothly.

Is there a reference to a more detailed description of the allowed
isakmp exchanges?
Watching tcpdump for some time gives me a rough impression of what is
going on, but it is hard to tell what's wrong ( if anything at all )
when the exchanges proceed other than they normally do.


For example I see that 'normally' my isakmpd enters into phase-2
exchange immediately after phase-1 is established. But sometimes it
delays to initiate phase-2 for up to 10 minutes ater phase-1 completes,
and it often fails in these case ( no response from remote ).

Any hints to books or online material are welcome.

Thanks and regards

Christoph

Stormedias - Semaine 2 : Démarrage des Soldes !!!!!

[Newsletter Stormedias]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

Illustrations et textes non contractuels - Prix valables ` la date de
parution de cette publiciti et modifiables sans priavis par la suite.
Tous les stocks s'entendent dans la limite des stocks disponibles.
Conformiment ` l'article 34 de la loi Informatique et Liberti du 6
janvier 1978,
vous disposez d'un droit d'acchs, de modification, de rectification et de
suppression des donnies vous concernant.

Si vous ne souhaitez plus recevoir d'offres de Stormedias
Se disinscrire

Re: xterm and home-dir with automounter

[Julian Leyh]

Rudi Ludwig schrieb:

I have put that at the end of my .profile and it works for remote login
(ssh).
But the KDE konsole and xterm  still resist and display the physical
location at start-up instead of $HOME (~).
I did logout of the X session and login again, just to make sure.


Are you using a login-shell for xterm/konsole? (-ls for xterm)

If not, it won't evaluate your .profile.

Greetings,
Julian

greytrapping and sendmail

[Thorsten Glaser]

Hi all,

imagine you have an address like junk@mydomain added to
the list of traps. Now, someone sends mails to you (or, via
spamlogd, vice versa) then spams the trap address. Sendmail
will let him pass, and either reject junk@ or have it alia-
sed to /dev/null. Not with me b:

Diffs slightly hand-edited to only contain relevant material.

==
/etc/changelist diffs (-OLD  +NEW)
==
--- /var/backups/etc_changelist.current Tue Aug 12 22:51:27 2008
+++ /etc/changelist Mon Jan 12 15:48:29 2009
@@ -56,14 +56,15 @@
 /etc/mail.rc
 /etc/mail/access
 /etc/mail/aliases
 /etc/mail/genericstable
 /etc/mail/helpfile
+/etc/mail/junk.sh
 /etc/mail/local-host-names
 /etc/mail/localhost.cf
 /etc/mail/mailertable
 /etc/mail/relay-domains
 /etc/mail/sendmail.cf
 /etc/mail/spamd.conf
 /etc/mail/submit.cf
 /etc/mail/trusted-users
 /etc/mail/virtusertable

==
/etc/mail/aliases diffs (-OLD  +NEW)
==
--- /var/backups/etc_mail_aliases.current   Fri Jan  9 14:54:44 2009
+++ /etc/mail/aliases   Mon Jan 12 15:20:26 2009
@@ -81,3 +81,4 @@
 # msgs: |/usr/bin/msgs -s

 root:  [b]
+junk:  |/bin/mksh /etc/mail/junk.sh

==
/etc/sudoers diffs (-OLD  +NEW)
==
--- /var/backups/etc_sudoers.currentWed Jan  7 14:59:29 2009
+++ /etc/sudoersMon Jan 12 15:37:54 2009
@@ -42,3 +42,5 @@
 # Samples
 # %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
 # %users  localhost=/sbin/shutdown -h now
+
+%daemonALL=(root) NOPASSWD: /usr/sbin/spamdb


The sudoers line is needed to make c/etc/mail/junk.shc
 able
to delete the whitelisting line and add a TRAPPED entry. It
runs as daemon, as itbs listed in /etc/mail/aliases (do not
forget to (cd /etc/mail; sudo make) after editingB9), although
I considered adding a LOCAL_MAILER to openbsd-proto.mc espe-
cially for this.


Now, herebs junk.shB2:

-BEGIN CUTTING HERE MAY DAMAGE YOUR SCREEN SURFACE-
#!/bin/mksh

export
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/mpkg/bin:/usr/mpkg/sbi
n:/usr/local/bin:/usr/local/sbin

# yeah, we all love regular expressions and shell scripts like this one b:
# you are not expected to understand this
# b change all ` to _
# b change all newline to `
# b change all `  (space or tab at beginning of line) to just a space
# b change back ` to newline (above ones were joined)
# b take the first line beginning with Received
# b get the IPv4 or IPv6 address of the sender, without the IPv6: praefix
# you are not expected to understand the above textual description
# eitherB3, just look at the actual shell script line then :C
ip=$(tr '`\n' '_`' | sed 's/`[   ]/ /g' | tr '`' '\n' | \
grep '^Received' | head -1 | \
sed -n 's/^[^(]*: from [^(]* ([^]]*\[\(IPv6:\)*\([^]]*\)\]) by .*$/\2/p')

if [[ -n $ip ]]; then
# delete from whitelist
sudo spamdb -d $ip
# trap for 24 hours
sudo spamdb -t -a $ip
fi
exit 0
-END CUTTING HERE MAY DAMAGE YOUR SCREEN SURFACE-

If anyone has a better method for extracting the IPv4 or IPv6 address,
Ibd be delighted to hear it. Using a custom mailer would actually make
some macros available, but I donbt know if the sender socket address
is among them.


bye,
//mirabilos

b  Kudos to OpenBSD for adding a Makefile there, by the way.
  Nice idea.
b! While I did install http://mirbsd.de/mksh on the box, oksh
  (OpenBSD /bin/ksh) _might_ also work. Actually, should.
  I have an unofficial port for mksh waiting for anyone to commit itb
b Like some of my colleagues b;
--
tarent Gesellschaft fCr Softwareentwicklung und IT-Beratung mbH

Heilsbachstr. 24, 53123 Bonn  | Poststr. 4-5, 10178 Berlin
fon: +49(228) / 52675-0   | fon: +49(30) / 27594853
fax: +49(228) / 52675-25  | fax: +49(30) / 78709617

GeschC$ftsfChrer
Boris Esser, Elmar Geese
HRB AG Bonn 5168
Ust-ID: DE122264941

Re: spamd won't use my WHITElist

[Darrin Chandler]

On Tue, Jan 13, 2009 at 11:30:21AM +0500, engineer wrote:
 $ fgrep -v '#' /etc/mail/spamd.conf
 all:\
 :myblack:uatraps:nixspam:china:korea:mywhite:

 myblack:\
 :black:\
 :msg=Your address %A has sent spam to me:\
 :method=file:\
 :file=/etc/postfix/spamd_black.txt:

 mywhite:\
 :white:\
 :method=file:\
 :file=/etc/postfix/spamd_white.txt:
...SNIP...
 I was thinking that all WHITElisted nets will be in the spamd-white
 immediately, just after spamd started...

Do not be confused by similar (or same) named in different places. In
this case whitelists in spamd.conf merely subtract entries from
blacklists, and only from immeditately preceeding blacklists. Check
spamd.conf(5) for more details.

What you want is possible, but you have to do it yourself in pf.conf.
The good news is that it's easy...

table mywhite persist file /etc/postfix/spamd_white.txt

no rdr inet proto tcp from mywhite to any port smtp

Put the no rdr line *before* the other spamd rdr lines. Note that pf
will only read spamd_white.txt when pf.conf is loaded. If you edit your
list and want it to take effect you can do it manually with pfctl
-tmywhite -Treplace /etc/postfix/spamd_white.txt

--
Darrin Chandler|  Phoenix BSD User Group  |  MetaBUG
dwchand...@stilyagin.com   |  http://phxbug.org/  |  http://metabug.org/
http://www.stilyagin.com/  |  Daemons in the Desert   |  Global BUG
Federation

[demime 1.01d removed an attachment of type application/pgp-signature]

sound and graphics card recommendations?

[Sebastian Reitenbach]

Hi,

I switched my desktop from Linux to OpenBSD. My SB audigy card doesn't seem to 
be supported very well. I can move the sliders in the mixers, but the volume 
stays the same. But after reading Bugs section in the emu man page, I guess 
that is what I see there. Therefore I took the onboard card, and sound 
started to work, but only stereo. Is 5.1 sound working well with the cmpci 
based cards? I thought about buying one of those cheap cards.

The second thing is, I have a monitor, with a resolution 1920x1200. 
With the nvidia geforce based card I had in the agp slot, and nv driver in 
xorg, the best resolution that I got was 1280x1024. I removed that card, and 
took the onboard graphics card, its an intel 82865G. I also installed the 
915resolution port, and did define a resolution for 1920x1200, but that did 
not helped, xorgconfig did not catched this as a valid resolution that the 
card supports. I added the resolution manually to the xorg.conf file, but 
xorg refused to use it. The best resolution it was using now is: 1600x1200, 
better than with the nvidia card, but not yet the native resolution of the 
monitor.
I wonder whether the intel or nv driver are able to provide me the native 
resolution of the monitor?
Otherwise, anybody can recommend me a card that will be able to run my monitor 
in the high resolution?


cheers
Sebastian

Re: E220 as 3G Internet Access

[Olivier Cherrier]

On Fri, Jan 09, 2009 at 02:15:21PM +0700, sonj...@gmail.com wrote:
 i have E220 from Huawei for mobile internet connection . Now i want
 using E220 as internet sharing from my obsd 4.4 box.
 i have found good link  obsd 4.4 and E220  http://www.jensolsson.se/?p=123
 when i try connect get error like this bellow :
 
 Jan  9 13:54:15 bsd pppd[28000]: pppd 2.3.5 started by root, uid 0
 Jan  9 13:54:20 bsd pppd[28000]: Connect: ppp0 -- /dev/ttyU0
 Jan  9 13:54:23 bsd pppd[28000]: Could not determine remote IP address
 Jan  9 13:54:23 bsd pppd[28000]: Connection terminated.
 Jan  9 13:54:25 bsd pppd: Exit.
 
 here my ppp conf :
 
 # cat /etc/ppp/qiandra
 /dev/ttyU0
 crtscts
 defaultroute
 noauth
 connect '/usr/sbin/chat -v -f /etc/ppp/qiandra.chat'
 #
 chat
 # cat /etc/ppp/qiandra.chat
 ABORT NO CARRIER
 ABORT NO DIALTONE
 ABORT ERROR
 ABORT NO ANSWER
 ABORT BUSY
 ABORT Username/Password Incorrect
 TIMEOUT 15
  ATZ
 OK ATE1
 OK ATQ0V1E1S0=0C1D2+FCLASS=0
 OK 'AT+CGDCONT=1,IP,apnisp'
 OK ATDT*99***1#
 TIMEOUT 30
 CONNECT \d\c
 #
 options
 
 # cat /etc/ppp/options
 modem
 defaultroute
 netmask 255.255.255.0

?

 ipcp-accept-local
 ipcp-accept-remote
 noipdefault
 lock
 auth
 usehostname
 #
 basic my isp using dhcp for ip address and  i must set static dns for tunning.
 
 so how to solved my problem with E220 and OBSD 4.4 do i missing something ?

There are some configuration examples in the mailing-list archives. You
may have a look.


-- 
Olivier Cherrier
mailto:o...@symacx.com

Re: sound and graphics card recommendations?

[Eugene Ryazanov]

IFAIK nv X.org driver supports only following resolutions:

2048x1536
1920x1440
1836x1392
1792x1344
1600x1200
1400x1050
1280x1024
1280x960
1152x864
1152x768
1024x768
960x720
928x696
896x672
832x624
800x600
700x525
640x512
640x480
720x400
640x400
576x432
640x350
576x384
512x384
416x312
400x300
320x240
360x200
320x200
320x175

so you cannot use 1920x1200 with this nVidia card driver.
To use 1600x1200 (or some other resolution) you should edit /etc/X11/xorg.conf.
An example from my configuration

-- cut here --
Section Monitor
Identifier  SyncMaster959NF

# HorizSync is in kHz unless units are specified.
# HorizSync may be a comma separated list of discrete values, or a
# comma separated list of ranges of values.
# NOTE: THE VALUES HERE ARE EXAMPLES ONLY.  REFER TO YOUR MONITOR'S
# USER MANUAL FOR THE CORRECT NUMBERS.

HorizSync   31.5-110

#HorizSync  30-64 # multisync
#HorizSync  31.5, 35.2# multiple fixed sync frequencies
#HorizSync  15-25, 30-50  # multiple ranges of sync frequencies

# VertRefresh is in Hz unless units are specified.
# VertRefresh may be a comma separated list of discrete values, or a
# comma separated list of ranges of values.
# NOTE: THE VALUES HERE ARE EXAMPLES ONLY.  REFER TO YOUR MONITOR'S
# USER MANUAL FOR THE CORRECT NUMBERS.

VertRefresh 85-150

EndSection

Section Device
Identifier  GeForceFX5700
Driver  nv
#VideoRam131072
# Insert Clocks lines here if appropriate
EndSection

Section Screen
Identifier  Screen 1
Device  GeForceFX5700
Monitor SyncMaster959NF
DefaultDepth 24

Subsection Display
Depth   8
Modes   1600x1200
ViewPort0 0
EndSubsection
Subsection Display
Depth   16
Modes   1600x1200
ViewPort0 0
EndSubsection
Subsection Display
Depth   24
Modes   1600x1200
ViewPort0 0
EndSubsection
EndSection
-- cut here --

My SB Audigy 2 Value 7.1 card works fine only with 4.4-current kernel
but not with the stable kernel. I can hear sound from all speakers on
my 7.1 system. But I still not cheched is there 5.1 - 7.1 mapping for
DVD movies or 5.1 - 2.0 - 7.1 with elimination of all surround
effects.

Re: sound and graphics card recommendations?

[Jacob Meuser]

On Tue, Jan 13, 2009 at 01:45:28PM +0100, Sebastian Reitenbach wrote:
 Hi,
 
 I switched my desktop from Linux to OpenBSD. My SB audigy card doesn't seem 
 to 
 be supported very well. I can move the sliders in the mixers, but the volume 
 stays the same. But after reading Bugs section in the emu man page, I guess 
 that is what I see there. Therefore I took the onboard card, and sound 
 started to work, but only stereo. Is 5.1 sound working well with the cmpci 
 based cards? I thought about buying one of those cheap cards.

what's your onboard card?

the cmpci support up to 7.1 channels.

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: REPLY ME IMMEDIATELY

[Dan Colish]

On Tue, Jan 13, 2009 at 8:11 AM, Arno Kumpel arkump...@yahoo.com wrote:

 I have a new email address!You can now email me at: arkump...@yahoo.com

 *- I have the sum of $8.5USD for offshore investment*. I will appreciate
 it so immersely if you could give details and be patient for us to build
 good relationship. Regards, Arno. Kumpel


Geez, times must be bad when even spam is poor.

Re: spamd won't use my WHITElist

[engineer]

 I was thinking that all WHITElisted nets will be in the spamd-white
 immediately, just after spamd started...

 Do not be confused by similar (or same) named in different places. In
 this case whitelists in spamd.conf merely subtract entries from
 blacklists, and only from immeditately preceeding blacklists. Check
 spamd.conf(5) for more details.

 What you want is possible, but you have to do it yourself in pf.conf.
 The good news is that it's easy...

Ok, I understand.

Thank's.
-- 
engineer

Split Horizon DNS issues....

[Christopher Sean Hilton]

I'm trying to track down a split horizon DNS issue. On initial startup  
everything works great. Internal hosts can resolve names against my  
complete zone and can resolve names for other internal hosts just  
fine. External hosts get the abbreviated views that I've setup. But  
after a period of time named stops responding to external host.  
Requests to it just time out. I'm running stock named on OpenBSD 4.3.  
I've attached my named.conf file to this message. Sorry about the Mime  
attachment.

-- Chris

Chris Hilton   e: chris|at|vindaloo| 
dot|com

   The pattern juggler lifts his hand; The orchestra  
begin.
   As slowly turns the grinding wheel in the court of the crimson  
king.
-- Ian McDonald / Peter  
Sinfield

[demime 1.01d removed an attachment of type application/octet-stream which had 
a name of named.conf-split-obsd]

Re: Split Horizon DNS issues....

[Alexander Yurchenko]

On Tue, Jan 13, 2009 at 10:05:02AM -0500, Christopher Sean Hilton wrote:
 I've attached my named.conf file to this message. Sorry about the Mime  
 attachment.

no problem, mr. demime took care about it:

 [demime 1.01d removed an attachment of type application/octet-stream which 
 had a name of named.conf-split-obsd]

-- 
   Alexander Yurchenko

Re: REPLY ME IMMEDIATELY

[johan beisser]

On Jan 13, 2009, at 6:42 AM, Dan Colish wrote:

On Tue, Jan 13, 2009 at 8:11 AM, Arno Kumpel arkump...@yahoo.com  
wrote:



I have a new email address!You can now email me at: arkump...@yahoo.com

*- I have the sum of $8.5USD for offshore investment*. I will  
appreciate
it so immersely if you could give details and be patient for us to  
build

good relationship. Regards, Arno. Kumpel



Geez, times must be bad when even spam is poor.



The economy's been rough on everyone. Even spammers.

Re: Split Horizon DNS issues w/named.conf

[Christopher Sean Hilton]

Repost with conf file included:

I'm trying to track down a split horizon DNS issue. On initial startup  
everything works great. Internal hosts can resolve names against my  
complete zone and can resolve names for other internal hosts just  
fine. External hosts get the abbreviated views that I've setup. But  
after a period of time named stops responding to external host.  
Requests to it just time out. I'm running stock named on OpenBSD 4.3.  
I've attached my named.conf file to this message:

// $OpenBSD: named-dual.conf,v 1.6 2004/08/16 15:48:28 jakob Exp $
//
acl clients {
127.0.0.0/8;
192.168.0.0/23;
::1;
};

options {
version ; // remove this to allow version queries

listen-on{ any; };
listen-on-v6 { any; };
};

logging {
category lame-servers { null; };
};

view internal {
match-clients { clients; };
match-recursive-only yes;

// 
-
// Standard zones
//
zone . {
type hint;
file standard/root.hint;
};

zone localhost {
type master;
file standard/localhost;
allow-transfer { localhost; };
};

zone 127.in-addr.arpa {
type master;
file standard/loopback;
allow-transfer { localhost; };
};

zone 
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa {
type master;
file standard/loopback6.arpa;
allow-transfer { localhost; };
};

// 
-
// Slave zones
//

zone example.com IN {
type slave;
file slave/db.example.com;
check-names ignore;
masters { 192.168.1.34; };
allow-transfer { localhost; 192.168.1.34; 192.168.0.34; };
};

zone 0.168.192.in-addr.arpa IN {
type slave;
file slave/db.192.168.0;
masters { 192.168.1.34; };
allow-transfer { localhost; 192.168.1.34; 192.168.0.34; };
};

zone 1.168.192.in-addr.arpa IN {
type slave;
file slave/db.192.168.1;
masters { 192.168.1.34; };
allow-transfer { localhost; 192.168.1.34; 192.168.0.34; };
};
};

view external {
match-clients { any; };
recursion no;
additional-from-auth no;
additional-from-cache no;

// 
-
// Master zones

zone example.com {
type master;
file master/db.example.com;
};
};

// Local variables:
// mode: fundamental
// mode: font-lock
// tab-width: 4
// End:



-- Chris

-- 
Chris Hilton   chris-at-vindaloo-dot-com

All I was doing was trying to get home from work!
 -- Rosa Parks

Re: sound and graphics card recommendations?

[Stuart Henderson]

Try intel with xrandr to set the resolution.

On 2009-01-13, Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote:
 Hi,

 I switched my desktop from Linux to OpenBSD. My SB audigy card doesn't seem 
 to 
 be supported very well. I can move the sliders in the mixers, but the volume 
 stays the same. But after reading Bugs section in the emu man page, I guess 
 that is what I see there. Therefore I took the onboard card, and sound 
 started to work, but only stereo. Is 5.1 sound working well with the cmpci 
 based cards? I thought about buying one of those cheap cards.

 The second thing is, I have a monitor, with a resolution 1920x1200. 
 With the nvidia geforce based card I had in the agp slot, and nv driver in 
 xorg, the best resolution that I got was 1280x1024. I removed that card, and 
 took the onboard graphics card, its an intel 82865G. I also installed the 
 915resolution port, and did define a resolution for 1920x1200, but that did 
 not helped, xorgconfig did not catched this as a valid resolution that the 
 card supports. I added the resolution manually to the xorg.conf file, but 
 xorg refused to use it. The best resolution it was using now is: 1600x1200, 
 better than with the nvidia card, but not yet the native resolution of the 
 monitor.
 I wonder whether the intel or nv driver are able to provide me the native 
 resolution of the monitor?
 Otherwise, anybody can recommend me a card that will be able to run my 
 monitor 
 in the high resolution?


 cheers
 Sebastian

Re: Split Horizon DNS issues w/named.conf

[Jacob Yocom-Piatt]

Christopher Sean Hilton wrote:

Repost with conf file included:

I'm trying to track down a split horizon DNS issue. On initial startup  
everything works great. Internal hosts can resolve names against my  
complete zone and can resolve names for other internal hosts just  
fine. External hosts get the abbreviated views that I've setup. But  
after a period of time named stops responding to external host.  
Requests to it just time out. I'm running stock named on OpenBSD 4.3.  
I've attached my named.conf file to this message:


  



take note of the security advisory for 4.3's BIND: 
http://openbsd.org/errata43.html#004_bind


upgrade your grey matter cuz one day it may matter



// $OpenBSD: named-dual.conf,v 1.6 2004/08/16 15:48:28 jakob Exp $
//
acl clients {
127.0.0.0/8;
192.168.0.0/23;
::1;
};

options {
version ;   // remove this to allow version queries

listen-on{ any; };
listen-on-v6 { any; };
};

logging {
category lame-servers { null; };
};

view internal {
match-clients { clients; };
match-recursive-only yes;

// 
-
// Standard zones
//
zone . {
type hint;
file standard/root.hint;
};

zone localhost {
type master;
file standard/localhost;
allow-transfer { localhost; };
};

zone 127.in-addr.arpa {
type master;
file standard/loopback;
allow-transfer { localhost; };
};

zone 
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa {
type master;
file standard/loopback6.arpa;
allow-transfer { localhost; };
};

// 
-
// Slave zones
//

zone example.com IN {
type slave;
file slave/db.example.com;
check-names ignore;
masters { 192.168.1.34; };
allow-transfer { localhost; 192.168.1.34; 192.168.0.34; };
};

zone 0.168.192.in-addr.arpa IN {
type slave;
file slave/db.192.168.0;
masters { 192.168.1.34; };
allow-transfer { localhost; 192.168.1.34; 192.168.0.34; };
};

zone 1.168.192.in-addr.arpa IN {
type slave;
file slave/db.192.168.1;
masters { 192.168.1.34; };
allow-transfer { localhost; 192.168.1.34; 192.168.0.34; };
};
};

view external {
match-clients { any; };
recursion no;
additional-from-auth no;
additional-from-cache no;

// 
-
// Master zones

zone example.com {
type master;
file master/db.example.com;
};
};

// Local variables:
// mode: fundamental
// mode: font-lock
// tab-width: 4
// End:



-- Chris

Re: sound and graphics card recommendations?

[Owain Ainsworth]

On Tue, Jan 13, 2009 at 01:45:28PM +0100, Sebastian Reitenbach wrote:
 Hi,
 
 I switched my desktop from Linux to OpenBSD. My SB audigy card doesn't seem 
 to 
 
 The second thing is, I have a monitor, with a resolution 1920x1200. 
 With the nvidia geforce based card I had in the agp slot, and nv driver in 
 xorg, the best resolution that I got was 1280x1024. I removed that card, and 
 took the onboard graphics card, its an intel 82865G. I also installed the 
 915resolution port, and did define a resolution for 1920x1200, but that did 
 not helped, xorgconfig did not catched this as a valid resolution that the 
 card supports. I added the resolution manually to the xorg.conf file, but 
 xorg refused to use it. The best resolution it was using now is: 1600x1200, 
 better than with the nvidia card, but not yet the native resolution of the 
 monitor.
 I wonder whether the intel or nv driver are able to provide me the native 
 resolution of the monitor?
 Otherwise, anybody can recommend me a card that will be able to run my monitor
 in the high resolution?

Intel. or ATI (amd). 

Repeat after me:
I will not buy Nvidia
I will not buy Nvidia
I will not buy Nvidia
I will not buy Nvidia

Trust me on this one,

-0-
-- 
I'd love to go out with you, but I'm converting my calendar watch from
Julian to Gregorian.

Re: sound and graphics card recommendations?

[Gilles Chehade]

On Tue, Jan 13, 2009 at 04:39:12PM +, Owain Ainsworth wrote:
 On Tue, Jan 13, 2009 at 01:45:28PM +0100, Sebastian Reitenbach wrote:
  Hi,
  
  I switched my desktop from Linux to OpenBSD. My SB audigy card doesn't seem 
  to 
  
  The second thing is, I have a monitor, with a resolution 1920x1200. 
  With the nvidia geforce based card I had in the agp slot, and nv driver in 
  xorg, the best resolution that I got was 1280x1024. I removed that card, 
  and 
  took the onboard graphics card, its an intel 82865G. I also installed the 
  915resolution port, and did define a resolution for 1920x1200, but that did 
  not helped, xorgconfig did not catched this as a valid resolution that the 
  card supports. I added the resolution manually to the xorg.conf file, but 
  xorg refused to use it. The best resolution it was using now is: 1600x1200, 
  better than with the nvidia card, but not yet the native resolution of the 
  monitor.
  I wonder whether the intel or nv driver are able to provide me the native 
  resolution of the monitor?
  Otherwise, anybody can recommend me a card that will be able to run my 
  monitor
  in the high resolution?
 
 Intel. or ATI (amd). 
 
 Repeat after me:
 I will not buy Nvidia
 I will not buy Nvidia
 I will not buy Nvidia
 I will not buy Nvidia
 
 Trust me on this one,
 

I add my voice to this, don't buy from Nvidia, you will be screwed.

Gilles

-- 
Gilles Chehade
http://www.poolp.org/~gilles/

Can't get relayd to work for DNS

[BARDOU Pierre]

Hello,

I am trying to setup relayd for loadbalancing on my DNS servers.
The problem is that relayd seems to handle only TCP connexions, UDP isn't
taken into account.
I found a known bug on openBSD 4.2, but I am using openBSD 4.4.

I've tried the same setup with a relay, and still have the same problem.

Where am I mistaking ?

# pfctl -a relayd/DNS -s nat
rdr inet proto tcp from any to 10.31.33.254 port = domain (tcp.established
600) - DNS port 53 round-robin

# cat /etc/relayd.conf
node1=10.60.0.101
node2=10.60.0.102
node3=10.60.0.103

squid_int=10.31.33.254
dns_int=10.31.33.254

# Global Options
interval 5
log updates
prefork 10
timeout 1500

table squid { $node1 , $node3 }
table DNS { $node1 , $node3 }

redirect squid {
listen on $squid_int port 3128
forward to squid mode roundrobin check tcp
}

redirect DNS {
listen on $dns_int port 53
forward to DNS mode roundrobin check tcp
}

Relay config :
dns protocol dnsfilter {
   ### TCP performance options
tcp { nodelay, sack, socket buffer 1024, backlog 1000 }
}

relay dns {
   ### listen and accept redirected connections from pf
listen on $dns_int port 53

   ### apply web filters
protocol dnsfilter

   ### forward to web server(s)
forward to DNS mode roundrobin check tcp
}
--
Cordialement,
 
Pierre BARDOU
CSIM - Bureau 012
 
Midi Picardie Informatique Hospitalihre
12 rue Michel Labrousse
BP93668
F-31036 Toulouse CEDEX 1
 
Til : 05 67 31 90 84
Fax : 05 34 61 51 00
Mail : bardo...@mipih.fr

SSH X Forwarding xhost

[Aaron W. Hsu]

I have read ssh(1) and xhost(1), as well as this page:

http://piast.cbio.psu.edu/reference/NetworkingCD2.0/ssh/ch09_03.htm

where it says:

X forwarding with authentication spoofing solves all but one of
the X authentication problems we raised earlier:

xhost

X forwarding doesn't use xhost. (By the way, make sure
to disable all xhost permissions when using X
forwarding, or you will undermine the X security
provided by SSH.)

in xhost(1) I read:

+   Access is granted to everyone, even if they aren't on
the list (i.e., access control is turned  off).

and in ssh(1) I read:

-X  Enables X11 forwarding.  This can also be specified on a
per-host basis in a configuration file.

X11 forwarding should be enabled with caution.  Users
with the ability to bypass file permissions on the
remote host (for the user's X authorization database)
can access the local X11 display through the forwarded
connection.  An attacker may then be able to perform
activities such as keystroke monitoring.

For this reason, X11 forwarding is subjected to X11
SECURITY ex- tension restrictions by default.  Please
refer to the ssh -Y op- tion and the ForwardX11Trusted
directive in ssh_config(5) for more information.

[...]

-Y  Enables trusted X11 forwarding.  Trusted X11 forwardings
are not subjected to the X11 SECURITY extension controls.

And this is where I become confused: I am connecting to my remote host
through ssh using the command `ssh -X u...@host` and it works alright
when I use `xhost +`, but does not work when I do `xhost +host`; ssh
-X u...@host` nor when I use `xhost -; ssh -X u...@host`. 

When I read the web link, it tells me to disable xhost, but it does not
give me a way to do that.  Reading the xhost man page makes me think
that `xhost +` actually disables xhost authentication rather than making
xhost pre-authenticate the entire address space.  This appears to be
born out by the fact that ssh -X does not work when I just manually add
the right xhost in; if I were wrong here, I would expect X forwarding to
fail both when I used `xhost +` and when I used `xhost +host`. 

However, reading outsie the parentheses in the xhost man page, it makes
me think that it really is authenticating all the address space, and
making it possible for every client in the world to authenticate to my X
server without having to use any kind of xauth authentication, which I
want to avoid.  The parenthetical clause seems to say something
different though; it seems to say that xhost is disabled, and any client
wishing to connect will now have to authenticate with a different
mechanism. 

I have tried using ssh -Y and that works, but I am concerned about using
that because of the warnings issued in ssh(1), since it appears that -Y
disables all the proper security measures that -X uses.

Can someone please confirm whether I am wrong or right and if wrong,
what the right way to do this is?  I would like to make a semi-secure
connection to this remote machine somehow, and I am concerned that the
use of `xhost +` is quite insecure.

-- 
Aaron W. Hsu arcf...@sacrideo.us | http://www.sacrideo.us
Government is the great fiction, through which everybody endeavors to
live at the expense of everybody else. -- Frederic Bastiat
+++ ((lambda (x) (x x)) (lambda (x) (x x))) ++

IPSEC: packets flow into enc0, but no esp packet are sent

[Christoph Leser]

After migrating to OBSD 4.4 ( from 4.1 ) I sometimes find that for a
particular VPN ( tunnel mode ) :

1. The corresponding flows are established, as shown by
netstat -rnf encap
and
ipsecctl -sflow

2. The packets sent to the remote site show up in
tcpdump -leni enc0
with a valid SPI, as confirmed by
ipsecctl -ssa

3. BUT NO corresponding esp packets leave the external interface:
tcpdump -leni vr1 ip host remote-peer
Only key exchange packets can be seen ( showing that the route to
remote-peer is indeed via the external interface ).

The other VPN tunnels work just fine. In this situation Tear down and
reestablish the flows and/or SAs does not help. Restart isakmpd helps.

Any ideas?

Regards

Re: sound and graphics card recommendations?

[Jacob Meuser]

On Tue, Jan 13, 2009 at 09:32:18PM +0800, Eugene Ryazanov wrote:

 My SB Audigy 2 Value 7.1 card works fine only with 4.4-current kernel
 but not with the stable kernel. I can hear sound from all speakers on
 my 7.1 system. But I still not cheched is there 5.1 - 7.1 mapping for
 DVD movies or 5.1 - 2.0 - 7.1 with elimination of all surround
 effects.

emu(4) does not have proper multichannel support.  if you can get
docs from Creative ...

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

4.4 hangs

[Lars Kotthoff]

Dear list,

 I'm having problems with my 4.4 server where it starts to become unresponsive
after a couple of days and finally hangs.

The symptoms are very weird, the system runs fine for several days and then
performance degrades within a couple of hours until the system is unusable. It
doesn't freeze completely though, it's still running and appears to be doing
something.

I have checked various logs (messages, daemon, secure, cron, httpd...) and symon
graphs of CPU, memory, I/O... -- there's nothing suspicious at all. Neither
memory nor CPU usage is high even when I'm not able to ssh into the system
anymore or access the webserver.

When this occurs the machine has to be rebooted manually; I'm running a watchdog
on it, but somehow the system seems to find enough resources to keep it going.

I'm sorry that I can't provide more specific information, but I don't know what
else to look for. Has anybody ever experienced something similar or does anybody
have any ideas what might cause such behaviour?

Thanks,

Lars

Re: 4.4 hangs

[Lars Kotthoff]

 Telling people exactly what you are using might help.  A server means a
 lot of things.  A complete dmesg output would help, too.  Lastly have you
 patched it, and have you added anything to it?  Are you running the stock
 generic kernel?

Well, specifically it's this box
http://herologic.com/oscommerce/catalog/product_info.php?cPath=1_34products_id=58

The kernel is patched to support DMA for the chipset (now in CVS
http://marc.info/?l=openbsd-cvsm=123106551324431w=2), but the same symptoms
occur with the stock kernel. Full dmesg below.

Lars

OpenBSD 4.4 (GENERIC) #2: Mon Dec 29 01:37:50 GMT 2008
lars@:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Geode(TM) Integrated Processor by National Semi (Geode by NSC 
586-class) 333 MHz
cpu0: FPU,DE,PSE,TSC,MSR,CX8,PGE,CMOV,MMX
real mem  = 259350528 (247MB)
avail mem = 242323456 (231MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/01/06, BIOS32 rev. 0 @ 0xfadd0, SMBIOS 
rev. 2.2 @ 0xf (28 entries)
bios0: vendor Phoenix Technologies, LTD version 6.00 PG date 09/01/2006
apm0 at bios0: Power Management spec V1.2 (slowidle)
apm0: AC on, battery charge unknown
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xf/0xdfb4
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf20/144 (7 entries)
pcibios0: bad IRQ table checksum
pcibios0: PCI BIOS has 7 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 5 7 10 11
pcibios0: no compatible PCI ICU found
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #0 is the last bus
bios0: ROM list: 0xc/0x8000 0xef000/0x1000!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 1 function 0 NS CS5535 Host rev 0x21
vga1 at pci0 dev 1 function 1 NS CS5535 VIDEO rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
drm at vga1 unsupported
pcib0 at pci0 dev 15 function 0 NS CS5535 ISA rev 0x13
pciide0 at pci0 dev 15 function 2 NS CS5535 IDE rev 0x00: DMA, channel 0 
wired to compatibility
wd0 at pciide0 channel 0 drive 0: SAMSUNG HM160HC
wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4
ohci0 at pci0 dev 15 function 4 NS CS5535 USB rev 0x06: irq 10, version 1.0, 
legacy support
ohci1 at pci0 dev 15 function 5 NS CS5535 USB rev 0x06: irq 7, version 1.0, 
legacy support
rl0 at pci0 dev 18 function 0 Realtek 8139 rev 0x10: irq 11, address 
00:00:00:00:00:00
rlphy0 at rl0 phy 0: RTL internal PHY
rl1 at pci0 dev 19 function 0 Realtek 8139 rev 0x10: irq 5, address 
00:00:00:00:00:00
rlphy1 at rl1 phy 0: RTL internal PHY
rl2 at pci0 dev 20 function 0 Realtek 8139 rev 0x10: irq 10, address 
00:00:00:00:00:00
rlphy2 at rl2 phy 0: RTL internal PHY
ral0 at pci0 dev 21 function 0 Ralink RT2860 rev 0x00: irq 11, address 
00:00:00:00:00:00
ral0: MAC/BBP RT2860 (rev 0x0101), RF RT2820 (2T3R)
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
it0 at isa0 port 0x2e/2: IT8712F rev 0x07, EC port 0x290
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
usb0 at ohci0: USB revision 1.0
uhub0 at usb0 NS OHCI root hub rev 1.00/1.00 addr 1
usb1 at ohci1: USB revision 1.0
uhub1 at usb1 NS OHCI root hub rev 1.00/1.00 addr 1
biomask f7cd netmask ffed ttymask 
softraid0 at root
root on wd0a swap on wd0b dump on wd0b

10G NIC - Netxen

[Parvinder Bhasin]

Hi,

Anyone have any experience with 10G NICs from Netxen - Fiber and OBSD  
4.x?

I don't see under the supported NICs list.

Thanks

Re: xterm and home-dir with automounter

[Rudi Ludwig]

On Tuesday 13 January 2009 12:24:32 Julian Leyh wrote:
 Rudi Ludwig schrieb:
  I have put that at the end of my .profile and it works for remote
  login (ssh).
  But the KDE konsole and xterm  still resist and display the
  physical location at start-up instead of $HOME (~).
  I did logout of the X session and login again, just to make sure.

 Are you using a login-shell for xterm/konsole? (-ls for xterm)

 If not, it won't evaluate your .profile.

This option was new to me. It doesn't seam to be the default setup in
KDE. Adding the switch (--ls) to the command did the trick. Now I get 
the expacted behaviour. Thanks.

Rudi

Re: panic: rtfree 2

[Claudio Jeker]

On Tue, Jan 13, 2009 at 01:43:09PM +0700, Insan Praja wrote:
 Hi Misc@,
 
 On Tue, Jan 13, 2009 at 6:32 AM, Claudio Jeker cje...@diehard.n-r-g.com 
 wrote:
  On Tue, Jan 13, 2009 at 05:49:00AM +0700, Insan Praja SW wrote:
  Hi Misc@,
  So I tried to move the cable (and configs) to other interfaces.
  Unplugging the cable will reproduce the problem. So IMHO it must be
  something in bgpd or something in kernel that manages routes.
  Thanks,
 
 
  Could you please send me the output of netstat -Arn just before you
  produce the panic. Hopefully this gives me the hint what goes wrong.
 
 
 It's a lot of output (full routes), but I could cut some of the first output
 

I would need the full output but I just saw your PR and there you mention
multiple routing tables. Did you try without multiple tables?
Is bgp writing to an alternate table?
I see if I can reproduce it.

-- 
:wq Claudio

cryptographic accelerator for a laptop

[roger]

I recently started using a VPN with my laptop for when I travel(which is
quite often) and I have noticed a detectable degradation when going
through the VPN especially when using streaming video. My laptop is a few
years old and the problem isn't that big a deal but I was wondering if
there is a card I could buy that I could offload the work to. Hopefully
one that isn't very expensive would be nice. Just wondering if anybody has
any suggestions.

roger

VirtualBox 64?

[L. V. Lammert]

Has anyone gotten 4.4 64 to start under VBOX? Tried this evening but it
seems to crash booting the install kernel (from floppy.fs image):

00:00:04.858 Guest Log: BIOS: Booting from Floppy...
00:00:04.938 PIIX3 ATA: Ctl#0: RESET, DevSel=1 AIOIf=0 CmdIf0=0xec (-1
usec ago) CmdIf1=0x00 (-1 usec ago)
00:00:04.939 PIIX3 ATA: Ctl#0: finished processing RESET
00:00:08.251
00:00:08.251 !!Assertion Failed!!
00:00:08.251 Expression: NULL
00:00:08.251 Location  :
/home/vbox/vbox-2.1.0/src/recompiler_new/VBoxRecompiler.c(4325) cpu_abort
00:00:08.251 fatal error in recompiler cpu: triple fault

Running OpenSuSE 11.1_64 as the host. ust curious as to another setting
(like PAE required to boot from the floppy image) might make a difference.

lee

==
 Leland V. Lammertl...@omnitec.net
  Chief ScientistOmnitec Corporation
 Network/Internet Consultants www.omnitec.net
==

Re: VirtualBox 64?

[Eugene Ryazanov]

Virtual Box has a some known problems with CPU emulation, especially
if Intel VT-x AMD-V is not available. If your physical CPU supports
hardware virtualization, try to enable it on
Machine-Settings-General-Advanced-Enable VT-x/AMD-V. This checkbox
disabled when this extensions is not supported by your CPU. If this
checkbox is enabled, check it. Without this Virtual Box cannot run any
64-bit guests. And without this even OpenBSD/i386 (and some other
systems) runs with serious problems.

If this does not help try another emulator, like qemu or vmware.
Virtual Box is still too buggy.

after 4.3 - 4.4 upgrade, fails to boot

[Patrick Cummings]

Hello to everyone,
I have one home firewall/router PC that I use since 3.8 that I upgrade every 6
month. Yesterday I did the 4.3 - 4.4 upgrade using a boot cd. However, it
fails to boot when I reboot (after the upgrade, when I boot it for the first
time from the hard drive). And by that, I mean that it simply prints this:

 OpenBSD/i386 BOOT 3.02
boot
booting hd0a:/bsd: 6238560+1041588=0x6f1788
entry point at 0x200120


And then nothing else. Forever. It just stays there.

Is there any change from 4.3 to 4.4 that could have caused this with my
hardware? (a dmesg follows) Could it be that I now need a custom kernel? How
could I get more infos about what is wrong with it (I don't know how to get
more debugging). I have recovered 4.3 from backups and it works like it used
to.

Thanks to anyone that can help!


OpenBSD 4.3 (GENERIC) #0: Mon Sep  1 01:52:32 EDT 2008
r...@.***.**.net:/usr/src/sys/arch/i386/compile/GENER
IC
cpu0: Intel Pentium/MMX (GenuineIntel 586-class) 234 MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,MMX
cpu0: F00F bug workaround installed
real mem  = 267939840 (255MB)
avail mem = 251023360 (239MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 07/15/95, BIOS32 rev. 0 @ 0xfdb80
apm0 at bios0: Power Management spec V1.2 (BIOS management disabled)
apm0: APM power management enable: power management disabled (1)
apm0: APM engage (device 1): power management disabled (1)
apm0: AC on, battery charge unknown
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI BIOS has 5 Interrupt Routing table entries
pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371AB PIIX4 ISA rev
0x00)
pcibios0: PCI bus #1 is the last bus
WARNING: can't reserve area for I/O APIC.
bios0: ROM list: 0xc/0x8000 0xc8000/0x2c00 0xcb000/0x1000 0xcc000/0x1000
0xcd000/0x1000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82439TX System rev 0x01
piixpcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x01
pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA, channel 0
wired to compatibility, channel 1 wired to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  SCSI0 5/cdrom removable
cd0(pciide0:0:0): using PIO mode 4, DMA mode 2
pciide0: channel 1 ignored (disabled)
uhci0 at pci0 dev 7 function 2 Intel 82371AB USB rev 0x01: irq 10
piixpm0 at pci0 dev 7 function 3 Intel 82371AB Power rev 0x01: polling
iic0 at piixpm0
iic0: addr 0x2d 00=a8 01=c3 02=68 03=30 05=18 06=02 07=59 08=18 09=0b 0a=60
0b=46 0c=a0 0d=d4 0e=80 10=24 11=4c 12=68 13=04 14=33 15=99 16=28 17=40 18=52
19=5c 1a=a4 1b=49 1c=45 1d=a0 1e=cc 1f=92 20=b7 21=3c 22=01 23=80 24=11 26=e2
27=5e 28=23 29=f1 2a=2c 2b=3c 2c=60 2d=2f 2e=a3 2f=b0 30=cc 31=23 32=0b 33=ac
34=76 35=98 36=1c 37=05 38=04 39=10 3a=0a 3b=0a 3c=5e 3d=03 3e=78 3f=82 40=08
46=40 47=57 48=2d 49=40 4b=40 4c=40 4d=40 4e=78 50=08 56=40 57=57 58=2d 59=40
5a=40 5b=40 5c=40 5d=40 5e=40 60=b7 61=3c 62=01 63=80 64=11 66=e2 67=5e 68=23
69=f1 6a=2c 6b=3c 6c=60 6d=2f 6e=a3 6f=b0 70=cc 71=23 72=0b 73=ac 74=76 75=98
76=1c 77=05 78=04 79=10 7a=0a 7b=0a 7c=5e 7d=03 7e=78 7f=82 80=a8 81=c3 82=68
83=30 85=18 86=02 87=59 88=18 89=0b 8a=60 8b=46 8c=a0 8d=d4 8e=80 90=24 91=4c
92=68 93=04 94=33 95=99 96=28 97=40 98=52 99=5c 9a=a4 9b=49 9c=45 9d=a0 9e=cc
9f=92 a0=b7 a1=3c a2=01 a3=80 a4=11 a6=e2 a7=5e a8=23 a9=f1 aa=2c ab=3c ac=60
ad=2f ae=a3 af=b0 b0=cc b1=23 b2=0b b3=ac b4=76 b5=98 b6=1c b7=05 b8=04 b9=10
ba=0a bb=0a bc=5e bd=03 be=78 bf=82 c0=08 c6=40 c7=57 c8=2d c9=40 ca=40 cb=40
cc=40 cd=40 ce=40 d0=08 d6=40 d7=57 d8=2d d9=40 da=40 db=40 dc=40 dd=40 de=40
e0=b7 e1=3c e2=01 e3=80 e4=11 e6=e2 e7=5e e8=23 e9=f1 ea=2c eb=3c ec=60 ed=2f
ee=a3 ef=b0 f0=cc f1=23 f2=0b f3=ac f4=76 f5=98 f6=1c f7=05 f8=04 f9=10 fa=0a
fb=0a fc=5e fd=03 fe=78 ff=82 words 00=a880 01=c380 02=6880 03=3080 04=0080
05=1880 06=0280 07=5980 08=1880 09=0b80 0a=6080 0b=4680 0c=a080 0d=d480
0e=8080 0f=0080
lmtemp0 at iic0 addr 0x4a: lm75
spdmem0 at iic0 addr 0x50: 256MB SDRAM non-parity PC133CL3
ppb0 at pci0 dev 17 function 0 Intel i960 RP PCI-PCI rev 0x03
pci1 at ppb0 bus 1
ami0 at pci0 dev 17 function 1 Intel 80960RP ATU rev 0x03: irq 11
ami0: AMI 438, 32b, FW GH8E, BIOS v1.48, 64MB RAM
ami0: 3 channels, 16 targets, 1 logical drives
scsibus1 at ami0: 1 targets
sd0 at scsibus1 targ 0 lun 0:  SCSI2 0/direct fixed
sd0: 17017MB, 2169 cyl, 255 head, 63 sec, 512 bytes/sec, 34850816 sec total
fxp0 at pci0 dev 18 function 0 Intel 8255x rev 0x08, i82559: irq 15, address
00:04:ac:d3:04:e6
inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4
fxp1 at pci0 dev 19 function 0 Intel 8255x rev 0x08, i82559: irq 9, address
00:04:ac:a3:fc:ac
inphy1 at fxp1 phy 1: i82555 10/100 PHY, rev. 4
fxp2 at pci0 dev 20 function 0 Intel 8255x rev 0x08, i82559: irq 10, address
00:04:ac:e3:f7:b0
inphy2 at fxp2 phy 1: i82555 10/100 PHY, rev. 4
isa0 at piixpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at 

tcpdump port range

[Steve Laurie]

Hello,

I'm trying to use tcpdump to capture a range of ports and can't get it
to work. I've read the man page, searched the Internet and experimented
with many combinations like 10:120 10-120 { 10 120 } etc. and nothing
seems to work.

I'm sure I used to use it like that. Am I'm missing something really
simple or is it just not capable of doing this?

TIA
Cheers, 
Steve Laurie

-- 
Hey, it compiles! Ship it!

tcpdump functionality

[Steve Laurie]

Hi all,

I'm trying to find out if tcpdump can be used to listen on a particular
port range (ports 10 to 120 TCP inclusive to be specific) but can't seem
to get it to work. I'm sure I've used it like this in the past but I've
read the man page, searched the Internet and experimented with countless
combinations like 10-120, { 10:120 } etc. to no avail.

Am I remembering incorrectly? Is tcpdump incapable of reporting on a
port range?

TIA,
-- 
Steve Laurie

Re: tcpdump functionality

[Chris Kuethe]

((tcp[0:2] = 10)  (tcp[0:2]  120)) || ((tcp[2:2] = 10) 
(tcp[2:2]  120))

On Sat, Jan 10, 2009 at 5:36 AM, Steve Laurie st...@foo-unix.org wrote:
 Hi all,

 I'm trying to find out if tcpdump can be used to listen on a particular
 port range (ports 10 to 120 TCP inclusive to be specific) but can't seem
 to get it to work. I'm sure I've used it like this in the past but I've
 read the man page, searched the Internet and experimented with countless
 combinations like 10-120, { 10:120 } etc. to no avail.

 Am I remembering incorrectly? Is tcpdump incapable of reporting on a
 port range?

 TIA,
 --
 Steve Laurie





-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?

Re: 10G NIC - Netxen

[tico]

Parvinder Bhasin wrote:

Hi,

Anyone have any experience with 10G NICs from Netxen - Fiber and OBSD 
4.x?

I don't see under the supported NICs list.

Thanks


Parvinder,

By searching in the usual places I found the following:

I went to the misc@ archives and searched netxen and got the following 
result:

http://marc.info/?l=openbsd-miscm=117685930328686w=2

The want page lists 10Gig ethernet as an area of development currently:
http://www.openbsd.org/want.html

And the man pages for -current list the 'nx' driver, but not 4.4 :
http://www.openbsd.org/cgi-bin/man.cgi?query=nxapropos=0sektion=0manpath=OpenBSD+Currentarch=i386format=html

And CVS shows that nx is no longer in the tree:
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/Attic/if_nx.c

As for the hardware itself, I have no experience with it.

-Tico

Re: panic: rtfree 2

[Insan Praja SW]

On Wed, 14 Jan 2009 06:11:56 +0700, Claudio Jeker  
cje...@diehard.n-r-g.com wrote:



On Tue, Jan 13, 2009 at 01:43:09PM +0700, Insan Praja wrote:

Hi Misc@,

On Tue, Jan 13, 2009 at 6:32 AM, Claudio Jeker  
cje...@diehard.n-r-g.com wrote:

 On Tue, Jan 13, 2009 at 05:49:00AM +0700, Insan Praja SW wrote:
 Hi Misc@,
 So I tried to move the cable (and configs) to other interfaces.
 Unplugging the cable will reproduce the problem. So IMHO it must be
 something in bgpd or something in kernel that manages routes.
 Thanks,


 Could you please send me the output of netstat -Arn just before you
 produce the panic. Hopefully this gives me the hint what goes wrong.


It's a lot of output (full routes), but I could cut some of the first  
output




I would need the full output but I just saw your PR and there you mention
multiple routing tables. Did you try without multiple tables?
Is bgp writing to an alternate table?
I see if I can reproduce it.



Bgpd use rtable 0. I use multiple routing table to produce VRF/VPN-like  
network on my routers. I got rtable 1 and rtable 2. I haven't tested this  
with single table. A full netstat -Arn output would be a 62.5Mb files, a  
don't think it would pass the mailer. Here's a link  
http://www.4shared.com/file/80547753/5bb42570/netstat.html for downloading  
link.

Thanks,


Insan
--
insandotpraja(at)gmaildotcom

disable sound

[Jon]

 I have a remote server which keeps beeping - every so often. I have checked
the console messages etc - but can't figure out why.

 any idea ?  - Also - I am mostly now happy if some one can tell me how
(command) to disable sound ? the node is headless and has a internal
speaker.

Re: sound and graphics card recommendations?

[Sebastian Reitenbach]

On Tuesday 13 January 2009 14:38:01 Jacob Meuser wrote:
 On Tue, Jan 13, 2009 at 01:45:28PM +0100, Sebastian Reitenbach wrote:
  Hi,
 
  I switched my desktop from Linux to OpenBSD. My SB audigy card doesn't
  seem to be supported very well. I can move the sliders in the mixers, but
  the volume stays the same. But after reading Bugs section in the emu man
  page, I guess that is what I see there. Therefore I took the onboard
  card, and sound started to work, but only stereo. Is 5.1 sound working
  well with the cmpci based cards? I thought about buying one of those
  cheap cards.

 what's your onboard card?
the card I use right now is a stereo only eap(4) based one.


 the cmpci support up to 7.1 channels.
sounds sufficient to me ;)

thanks 
Sebastian

Re: sound and graphics card recommendations?

[Sebastian Reitenbach]

On Tuesday 13 January 2009 17:39:12 Owain Ainsworth wrote:
 On Tue, Jan 13, 2009 at 01:45:28PM +0100, Sebastian Reitenbach wrote:
  Hi,
 
  I switched my desktop from Linux to OpenBSD. My SB audigy card doesn't
  seem to
 
  The second thing is, I have a monitor, with a resolution 1920x1200.
  With the nvidia geforce based card I had in the agp slot, and nv driver
  in xorg, the best resolution that I got was 1280x1024. I removed that
  card, and took the onboard graphics card, its an intel 82865G. I also
  installed the 915resolution port, and did define a resolution for
  1920x1200, but that did not helped, xorgconfig did not catched this as a
  valid resolution that the card supports. I added the resolution manually
  to the xorg.conf file, but xorg refused to use it. The best resolution it
  was using now is: 1600x1200, better than with the nvidia card, but not
  yet the native resolution of the monitor.
  I wonder whether the intel or nv driver are able to provide me the native
  resolution of the monitor?
  Otherwise, anybody can recommend me a card that will be able to run my
  monitor in the high resolution?

 Intel. or ATI (amd).

 Repeat after me:
 I will not buy Nvidia
 I will not buy Nvidia
 I will not buy Nvidia
 I will not buy Nvidia

 Trust me on this one,

 -0-
OK, then I'll take a look for Intel or ATI, thanks.
IIRC, you were working on 3D accellerartion, Any special chipset 
recommendation in case I want to enable 3D?

thanks
Sebastian

Re: disable sound

[Abel Camarillo]

Have you tried 

$ wsconsctl keyboard.bell.volume=0 

?, it comes in /etc/wsconsctl.conf

On Tue, Jan 13, 2009 at 10:28:55PM -0800, Jon wrote:
  I have a remote server which keeps beeping - every so often. I have checked
 the console messages etc - but can't figure out why.
 
  any idea ?  - Also - I am mostly now happy if some one can tell me how
 (command) to disable sound ? the node is headless and has a internal
 speaker.

Re: sound and graphics card recommendations?

[Sebastian Reitenbach]

On Tuesday 13 January 2009 04:34:36 pm Stuart Henderson wrote:
 Try intel with xrandr to set the resolution.

I added a 1920x1200 mode in the xorg.conf file for the various color depths, 
and also added that resolution with 915resolution to the bios of the card. 
However, xrandr only offers 1600x1200 as the maximum resolution.

Sebastian



 On 2009-01-13, Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote:
  Hi,
 
  I switched my desktop from Linux to OpenBSD. My SB audigy card doesn't
  seem to be supported very well. I can move the sliders in the mixers, but
  the volume stays the same. But after reading Bugs section in the emu man
  page, I guess that is what I see there. Therefore I took the onboard
  card, and sound started to work, but only stereo. Is 5.1 sound working
  well with the cmpci based cards? I thought about buying one of those
  cheap cards.
 
  The second thing is, I have a monitor, with a resolution 1920x1200.
  With the nvidia geforce based card I had in the agp slot, and nv driver
  in xorg, the best resolution that I got was 1280x1024. I removed that
  card, and took the onboard graphics card, its an intel 82865G. I also
  installed the 915resolution port, and did define a resolution for
  1920x1200, but that did not helped, xorgconfig did not catched this as a
  valid resolution that the card supports. I added the resolution manually
  to the xorg.conf file, but xorg refused to use it. The best resolution it
  was using now is: 1600x1200, better than with the nvidia card, but not
  yet the native resolution of the monitor.
  I wonder whether the intel or nv driver are able to provide me the native
  resolution of the monitor?
  Otherwise, anybody can recommend me a card that will be able to run my
  monitor in the high resolution?
 
 
  cheers
  Sebastian