OpenVPN server refuses connections

[Yuriy A. Dmitrishin]

Hi. I'm using OpenVPN server with such configuration:

/etc/openvpn/server.conf:

daemon openvpn
local 192.168.0.1
port 1194
proto udp
dev tun1
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key  # This file should be kept secret
dh /etc/openvpn/keys/dh1024.pem
server 10.10.10.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push redirect-gateway local def1
keepalive 10 120
cipher BF-CBC# Blowfish (default)
comp-lzo
max-clients 10
user _openvpn
group _openvpn
persist-key
persist-tun
status /var/log/openvpn-status.log
log /var/log/openvpn.log
log-append  /var/log/openvpn.log
verb 3

Here's my log:

Fri Feb 20 12:46:10 2009 OpenVPN 2.0.9 i386-unknown-openbsd4.3 [SSL] [LZO]
built on Oct 24 2008
Fri Feb 20 12:46:10 2009 Diffie-Hellman initialized with 1024 bit key
Fri Feb 20 12:46:10 2009 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0
EL:0 ]
Fri Feb 20 12:46:10 2009 gw 66.66.66.66
Fri Feb 20 12:46:10 2009 /sbin/ifconfig tun1 destroy
Fri Feb 20 12:46:10 2009 /sbin/ifconfig tun1 create
Fri Feb 20 12:46:10 2009 NOTE: Tried to delete pre-existing tun/tap
instance -- No Problem if failure
Fri Feb 20 12:46:10 2009 /sbin/ifconfig tun1 10.10.10.1 10.10.10.2 mtu 1500
netmask 255.255.255.255 up
Fri Feb 20 12:46:10 2009 TUN/TAP device /dev/tun1 opened
Fri Feb 20 12:46:10 2009 /sbin/route add -net 10.10.10.0 10.10.10.2 -netmask
255.255.255.0
add net 10.10.10.0: gateway 10.10.10.2
Fri Feb 20 12:46:10 2009 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135
ET:0 EL:0 AF:3/1 ]
Fri Feb 20 12:46:10 2009 GID set to _openvpn
Fri Feb 20 12:46:10 2009 UID set to _openvpn
Fri Feb 20 12:46:10 2009 UDPv4 link local (bound): 192.168.0.1:1194
Fri Feb 20 12:46:10 2009 UDPv4 link remote: [undef]
Fri Feb 20 12:46:10 2009 MULTI: multi_init called, r=256 v=256
Fri Feb 20 12:46:10 2009 IFCONFIG POOL: base=10.10.10.4 size=62
Fri Feb 20 12:46:10 2009 IFCONFIG POOL LIST
Fri Feb 20 12:46:10 2009 Initialization Sequence Completed

Now I'm trying to make a connection on my Linux mashine.

/etc/openvpn/client.conf:

client
dev tun
proto udp
remote 66.66.66.66 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/client1.crt
key /etc/openvpn/keys/client1.key
ns-cert-type server
comp-lzo
verb 3
ping 10
ping-restart 60

$ openvpn --config /etc/openvpn/client.conf
Wed Mar  4 10:15:51 2009 OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2]
[EPOLL] [PKCS11] built on Oct 15 2008
Wed Mar  4 10:15:51 2009 /usr/bin/openssl-vulnkey -q -b 1024 -m modulus
omitted
Wed Mar  4 10:15:52 2009 LZO compression initialized
Wed Mar  4 10:15:52 2009 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0
ET:0 EL:0 ]
Wed Mar  4 10:15:52 2009 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135
ET:0 EL:0 AF:3/1 ]
Wed Mar  4 10:15:52 2009 Local Options hash (VER=V4): '41690919'
Wed Mar  4 10:15:52 2009 Expected Remote Options hash (VER=V4): '530fdded'
Wed Mar  4 10:15:52 2009 Socket Buffers: R=[112640-131072]
S=[112640-131072]
Wed Mar  4 10:15:52 2009 UDPv4 link local: [undef]
Wed Mar  4 10:15:52 2009 UDPv4 link remote: 66.66.66.66:1194
Wed Mar  4 10:15:52 2009 read UDPv4 [ECONNREFUSED]: Connection refused
(code=111)
Wed Mar  4 10:15:54 2009 read UDPv4 [ECONNREFUSED]: Connection refused
(code=111)
Wed Mar  4 10:15:56 2009 read UDPv4 [ECONNREFUSED]: Connection refused
(code=111)
^CWed Mar  4 10:16:24 2009 event_wait : Interrupted system call (code=4)
Wed Mar  4 10:16:24 2009 TCP/UDP: Closing socket
Wed Mar  4 10:16:24 2009 SIGINT[hard,] received, process exiting

Thanks for your help.
--
P! QP2P0P6P5P=P8P5P, P.QP8P9 PPP8QQP8QP8P=.

Re: OpenVPN server refuses connections

[Robert Blacquiere]

Hi,


On Wed, Mar 04, 2009 at 10:17:40AM +0200, Yuriy A. Dmitrishin wrote:
 Hi. I'm using OpenVPN server with such configuration:
 
 /etc/openvpn/server.conf:
 
 daemon openvpn
 local 192.168.0.1

You are listening on 192.168.0.1 with the openvpn server.

 port 1194
 proto udp
 dev tun1
 ca /etc/openvpn/keys/ca.crt
 cert /etc/openvpn/keys/server.crt
 key /etc/openvpn/keys/server.key  # This file should be kept secret
 dh /etc/openvpn/keys/dh1024.pem
 server 10.10.10.0 255.255.255.0
 ifconfig-pool-persist ipp.txt
 push redirect-gateway local def1
 keepalive 10 120
 cipher BF-CBC# Blowfish (default)
 comp-lzo
 max-clients 10
 user _openvpn
 group _openvpn
 persist-key
 persist-tun
 status /var/log/openvpn-status.log
 log /var/log/openvpn.log
 log-append  /var/log/openvpn.log
 verb 3
 
 Here's my log:
 
 Fri Feb 20 12:46:10 2009 OpenVPN 2.0.9 i386-unknown-openbsd4.3 [SSL] [LZO]
 built on Oct 24 2008
 Fri Feb 20 12:46:10 2009 Diffie-Hellman initialized with 1024 bit key
 Fri Feb 20 12:46:10 2009 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0
 EL:0 ]
 Fri Feb 20 12:46:10 2009 gw 66.66.66.66
 Fri Feb 20 12:46:10 2009 /sbin/ifconfig tun1 destroy
 Fri Feb 20 12:46:10 2009 /sbin/ifconfig tun1 create
 Fri Feb 20 12:46:10 2009 NOTE: Tried to delete pre-existing tun/tap
 instance -- No Problem if failure
 Fri Feb 20 12:46:10 2009 /sbin/ifconfig tun1 10.10.10.1 10.10.10.2 mtu 1500
 netmask 255.255.255.255 up
 Fri Feb 20 12:46:10 2009 TUN/TAP device /dev/tun1 opened
 Fri Feb 20 12:46:10 2009 /sbin/route add -net 10.10.10.0 10.10.10.2 -netmask
 255.255.255.0
 add net 10.10.10.0: gateway 10.10.10.2
 Fri Feb 20 12:46:10 2009 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135
 ET:0 EL:0 AF:3/1 ]
 Fri Feb 20 12:46:10 2009 GID set to _openvpn
 Fri Feb 20 12:46:10 2009 UID set to _openvpn
 Fri Feb 20 12:46:10 2009 UDPv4 link local (bound): 192.168.0.1:1194

You succesfully bound 192.168.0.1 port 1194 on the server.

 Fri Feb 20 12:46:10 2009 UDPv4 link remote: [undef]
 Fri Feb 20 12:46:10 2009 MULTI: multi_init called, r=256 v=256
 Fri Feb 20 12:46:10 2009 IFCONFIG POOL: base=10.10.10.4 size=62
 Fri Feb 20 12:46:10 2009 IFCONFIG POOL LIST
 Fri Feb 20 12:46:10 2009 Initialization Sequence Completed
 
 Now I'm trying to make a connection on my Linux mashine.
 
 /etc/openvpn/client.conf:
 
 client
 dev tun
 proto udp
 remote 66.66.66.66 1194

You are connecting to a public ip address? Instead of 192.168.0.1? Is
your server behind a nat rules? Please check your firewall and nat
rules.

 resolv-retry infinite
 nobind
 persist-key
 persist-tun
 ca /etc/openvpn/keys/ca.crt
 cert /etc/openvpn/keys/client1.crt
 key /etc/openvpn/keys/client1.key
 ns-cert-type server
 comp-lzo
 verb 3
 ping 10
 ping-restart 60
 
 $ openvpn --config /etc/openvpn/client.conf
 Wed Mar  4 10:15:51 2009 OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2]
 [EPOLL] [PKCS11] built on Oct 15 2008
 Wed Mar  4 10:15:51 2009 /usr/bin/openssl-vulnkey -q -b 1024 -m modulus
 omitted
 Wed Mar  4 10:15:52 2009 LZO compression initialized
 Wed Mar  4 10:15:52 2009 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0
 ET:0 EL:0 ]
 Wed Mar  4 10:15:52 2009 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135
 ET:0 EL:0 AF:3/1 ]
 Wed Mar  4 10:15:52 2009 Local Options hash (VER=V4): '41690919'
 Wed Mar  4 10:15:52 2009 Expected Remote Options hash (VER=V4): '530fdded'
 Wed Mar  4 10:15:52 2009 Socket Buffers: R=[112640-131072]
 S=[112640-131072]
 Wed Mar  4 10:15:52 2009 UDPv4 link local: [undef]
 Wed Mar  4 10:15:52 2009 UDPv4 link remote: 66.66.66.66:1194
 Wed Mar  4 10:15:52 2009 read UDPv4 [ECONNREFUSED]: Connection refused
 (code=111)
 Wed Mar  4 10:15:54 2009 read UDPv4 [ECONNREFUSED]: Connection refused
 (code=111)
 Wed Mar  4 10:15:56 2009 read UDPv4 [ECONNREFUSED]: Connection refused
 (code=111)
 ^CWed Mar  4 10:16:24 2009 event_wait : Interrupted system call (code=4)
 Wed Mar  4 10:16:24 2009 TCP/UDP: Closing socket
 Wed Mar  4 10:16:24 2009 SIGINT[hard,] received, process exiting
 
 Thanks for your help.

No problem.

Robert

Re: OpenVPN server refuses connections

[Stephan A. Rickauer]

 /etc/openvpn/server.conf:
 local 192.168.0.1

 /etc/openvpn/client.conf
 remote 66.66.66.66 1194

?

-- 

 Stephan A. Rickauer

 ---
 Institute of Neuroinformatics Tel  +41 44 635 30 50
 University / ETH Zurich   Sec  +41 44 635 30 52
 Winterthurerstrasse 190   Fax  +41 44 635 30 53
 CH-8057 ZurichWebwww.ini.uzh.ch

Re: Can't ping top-level public IP subnets

[ropers]

NB: Read Understanding IP Addressing (
http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf ), as
linked here:

http://openbsd.org/faq/faq6.html#Intro

The document has a bunch of formatting errors where they write e.g. 32
instead of 3^2 because the second number is supposed to be superscript
but isn't formatted correctly in the PDF.

And while the bulk of the document deals with IPv4 and is pretty good,
there is a section on IPv6 tacked on at the end, and it's very bad,
error-ridden, and pretty useless, so you want to mostly ignore that.

Apart from these problems, the PDF should give you a good foundation
knowledge that you probably need if you want to competently do the
things you are doing here.

regards,
--ropers

2009/2/12 Vivek Ayer vivek.a...@gmail.com:
 Thanks very much! Problem Solved!

 Vivek

 On Wed, Feb 11, 2009 at 2:56 PM, Vivek Ayer vivek.a...@gmail.com wrote:
 This is what I had:

 /etc/hostname.carp0:
 up 184.159.29.23 vhid 1

 /etc/hostname.carp1:
 up 192.168.1.1 vhid 1

 I can use up or inet, right? The syntax would be something like this:
 inet 184.159.29.23 255.255.255.0 184.159.29.255 vhid 1, right? Then
 again, how would not having a netmask on the carp interface block
 certain subnets, but not all of them?

 I'll let you know once I've put in the netmask  broadcast to see if it
works.

 Thanks a bunch!
 Vivek

 On Wed, Feb 11, 2009 at 2:25 PM, Jussi Peltola pe...@pelzi.net wrote:
 CARP interfaces don't share L3 (IP) config with the parent, it's just
 the physical interface where packets travel through. You need to
 configure the netmask and ip address separately; they may even be in
 completely different networks. If you don't specify a netmask for carp0
 some default will be used, which is likely wrong.

 On Wed, Feb 11, 2009 at 01:39:32PM -0800, Vivek Ayer wrote:
 carp0 doesn't automatically know the netmask of its parent? Well, that
 would explain the problem, right? Because I don't believe I fiddled
 with netmask in /etc/hostname.carp0.

 Thanks,
 Vivek

 On Wed, Feb 11, 2009 at 12:43 PM, Jussi Peltola pe...@pelzi.net wrote:
  Everything to 184.159/16, that is, 184.159.x.x, goes out of carp0. You
  need to specify a netmask for carp just like any interface, and in any
  sane situation it should be the same as the parent's (I assume re0)
when
  they both have (different) addresses in the same subnet.
 
 
  On Wed, Feb 11, 2009 at 12:35:05PM -0800, Vivek Ayer wrote:
  I tried that and here's some interesting information.
 
  First of all, I forgot to mention that this router was carped with
  another one. Not sure if this could be leading to the problem. But
  anyway, I did route -n show and for my external interface re0
  corresponding to carp0 here's the relevant info:
 
  Dest   GatewayInterface
  default   184.159.35.1 re0
  184.159/16 link #6   carp0  ---
  184.159.35/24link #2   re0
  184.159.35.1  (MAC addr)re0
  184.159.35.23184.159.35.23   carp0
 
  The second line is interesting because it makes me wonder whether
  there's more to setting up the carp interface. I assume carp0 has the
  same netmask as re0, but if you can explain the second line, that'd
be
  great.
 
  Thanks,
  Vivek
 
  Just so that you don't get confused, I think in previous emails, I
  said 29 was my subnet and I'm now saying 35 when I meant to say 29,
  but you get the idea, whatever.
 
  On Wed, Feb 11, 2009 at 11:58 AM, Jussi Peltola pe...@pelzi.net
wrote:
   1. ifconfig
   2. route -n show
   3. a network topology description
  
   --
   Jussi Peltola

How do I monitor my PF based firewall?

[Falk Brockerhoff - smartTERRA GmbH]

Hello,

I like to monitor my firewalls using snmp and cacti. But I don't know  
how to get all the information about pf, states, etc. On the net I  
only found hints about older OpenBSD Versions (I use OpenBSD 4.4 - 
stable and the included snmpd). Can you please give me a hint into the  
right direction?


Regards,

Falk

Re: OpenVPN server refuses connections

[Yuriy A. Dmitrishin]

  /etc/openvpn/server.conf:
  local 192.168.0.1
 
  /etc/openvpn/client.conf
  remote 66.66.66.66 1194

 ?
Yes, this is my mistake.
 local 66.66.66.66
Now it works, thanks.

-- 
P! QP2P0P6P5P=P8P5P, P.QP8P9 PPP8QQP8QP8P=.

resolved: xenocara: build problem: Package xdmcp was not found...

[dtalk]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

dt...@drizzle.com wrote:


This occurs when building xenocara after updating /usr/src, /usr/ports, 
/usr/xenocara to -stable from cvs and successfully building kernel and src:
- 
---
checking for XDMCP... Package xdmcp was not found in the pkg-config search 
path

configure: error: Package requirements (xdmcp) were not met:


How embarrassing ... and, as I feared, blindingly obvious, when I looked 
at the build output with fresh eyes.


I had reproduced this on several machines, and had consistently done the 
same thing every time: built kernel, built src, made release of src (you 
can see this coming, right?), built xenocara.


I was the victim of my own environmental pollution. Re-setting 
DESTDIR resolved the problem.


If there's a chance that I'm not the only one who might be blockheaded 
enough to miss this when working linearly through FAQ section 5, it 
might be wise to note in FAQ 5.5 that 'make build' will be interested in 
(and possibly led astray by) the value of DESTDIR exported in 5.4.


My apologies for the noise.

Cheers -d

- --

David Talkington
dt...@drizzle.com
- --
PGP key: http://www.flyingjoke.org/keys/801E3976.asc
iQEcBAEBAgAGBQJJrk7mAAoJEO7jL1CAHjl2Vy4H/i/nsH/QbQAPI/udiM4sYNzd
kc3FJ3a6DWb8hZxy/ZMaEcL2vfgZr0wYxQDeSFc+qQPzCsR36TmO4ujrHYgyh5B8
ZnJWzF55/x95kRKEoeEUwxkK0dCBfwLm10vF+3p2GUovR9euKmZ4i8vEHJoxdqaY
LSdnO+/dmGDsienXCpCgrVLiACO/KDGTpLc1n0CEAn5TnpcaYXcaCWTid1R7JET7
ZWbSklrOAP0T3bcTEwe4CaNhAvPeRzmrICofjoz+Klu/k2oblCN3C3ozTVsi8MeT
22Hu7yqjmqzVYJv1+VDwuTCnHmNsdnspg7A8mGcI65KnKKnzQr8MdF+0CfX+WLQ=
=Arov
-END PGP SIGNATURE-

Problems with vnc on OpenBSD 4.4

[Dr. Harry Knitter]

Hello,

I have successfully set um an OpenBSD machine (amd64) in an Virtualbox using X 
and KDE as desktop.
So far everything works fine, KDE is starting after boot.
tightvnc is installed.
However I cannot start vncserver.
log
The log file shows:
Couldn't open RGB_DB '/usr/X11R6/lib/X11/rgb'
Getting interface configuration (4): Device not configured
04/03/09 11:05:13 Xvnc version 3.3.tight1.2.9
04/03/09 11:05:13 Copyright (C) 1999 ATT Laboratories Cambridge.
04/03/09 11:05:13 Copyright (C) 2000-2002 Constantin Kaplinsky.
04/03/09 11:05:13 All Rights Reserved.
04/03/09 11:05:13 See http://www.uk.research.att.com/vnc for information on 
VNC
04/03/09 11:05:13 See http://www.tightvnc.com for TightVNC-specific 
information
04/03/09 11:05:13 Desktop name 'X' (openbsd.mydomain.com:1)
04/03/09 11:05:13 Protocol version supported 3.3
04/03/09 11:05:13 Listening for VNC connections on TCP port 5901
04/03/09 11:05:13 Listening for HTTP connections on TCP port 5801
04/03/09 11:05:13   URL http://openbsd.mydomain.com:5801
xrdb: Can't open display ':1'
xset:  unable to open display :1
xsetroot:  unable to open display ':1'
startkde: Starting up...
ksplash: cannot connect to X server :1
xprop:  unable to open display ':1'
usage:  xprop [-options ...] [[format [dformat]] atom] ...

where options include:
-grammar   print out full grammar for command line
-display host:dpy  the X server to contact
-id id resource id of window to examine
-name name name of window to examine
-font name name of font to examine
-remove propname   remove a property
-set propname valueset a property to a given value
-root  examine the root window
-len n display at most n bytes of any property
-notypedo not display the type field
-fs filename   where to look for formats for properties
-frame don't ignore window manager frames
-f propname format [dformat]   formats to use for property of given name
-spy   examine window properties forever

kdeinit: Can't connect to the X Server.
kdeinit: Might not terminate at end of session.
kded: cannot connect to X server :1
kded: ERROR: KUniqueApplication: Registering failed!
kded: ERROR: Communication problem with kded, it probably crashed.
kcminit_startup: cannot connect to X server :1
ksmserver: cannot connect to X server :1
startkde: Shutting down...
klauncher: Exiting on signal 1
sound server terminated
startkde: Running shutdown scripts...
xprop:  unable to open display ':1'
usage:  xprop [-options ...] [[format [dformat]] atom] ...

where options include:
-grammar   print out full grammar for command line
-display host:dpy  the X server to contact
-id id resource id of window to examine
-name name name of window to examine
-font name name of font to examine
-remove propname   remove a property
-set propname valueset a property to a given value
-root  examine the root window
-len n display at most n bytes of any property
-notypedo not display the type field
-fs filename   where to look for formats for properties
-frame don't ignore window manager frames
-f propname format [dformat]   formats to use for property of given name
-spy   examine window properties forever

startkde: Done.
/log

starting xhost from a Terminal within KDE as ordinary user shows:

xhost
access control enabled, only authorized clients can connect
xhost

environment variable DISPLAY is set to :0.0

xauth shows MIT_MAGIC_COOKIES_1 for localhost and the fqdn of the machine.

However, vncserver cannot connect.

Trying to call xhost within a ssh-shell (as ordinary user) also xhost cannot 
connect to X, regardless what command line argument I use.

What the hell ist going wrong?

Thanks for any answers that can solve the problem.

Greetings

Harry

Re: How do I monitor my PF based firewall?

[Stephan A. Rickauer]

On Wed, 2009-03-04 at 09:32 +0100, Falk Brockerhoff - smartTERRA GmbH
wrote:
 Hello,
 
 I like to monitor my firewalls using snmp and cacti. But I don't know  
 how to get all the information about pf, states, etc. On the net I  
 only found hints about older OpenBSD Versions (I use OpenBSD 4.4 - 
 stable and the included snmpd). Can you please give me a hint into the  
 right direction?

As far as I remember, including a 'PF-MIB' into opensnmpd is on reyk@'s
ever growing todo list already.

-- 

 Stephan A. Rickauer

 ---
 Institute of Neuroinformatics Tel  +41 44 635 30 50
 University / ETH Zurich   Sec  +41 44 635 30 52
 Winterthurerstrasse 190   Fax  +41 44 635 30 53
 CH-8057 ZurichWebwww.ini.uzh.ch

Re: How do I monitor my PF based firewall?

[Lars Noodén]

Falk Brockerhoff - smartTERRA GmbH wrote:
 But I don't know how to get all the information about pf, states, etc. 

It's probably simplest to start with pftop.

Or do you want visualization?
http://www.openbsd.org/4.4_packages/i386/pfstat-2.3p0.tgz-long.html

Regards
-Lars

Re: How do I monitor my PF based firewall?

[Falk Brockerhoff - smartTERRA GmbH]

Am 04.03.2009 um 11:23 schrieb Lars Noodin:


It's probably simplest to start with pftop.


After a first quick look pftop is a great tool for debugging und
manually monitoring firewall activity. But it seems that I really
can't use it for a data source collector for cacti, can I?


Or do you want visualization?
http://www.openbsd.org/4.4_packages/i386/pfstat-2.3p0.tgz-long.html


Yes, but I want to use cacti for visualization as I use it for
anything else :)


Regards
-Lars


Thanks!

Falk

Re: How do I monitor my PF based firewall?

[Falk Brockerhoff - smartTERRA GmbH]

Am 04.03.2009 um 11:11 schrieb Stephan A. Rickauer:

As far as I remember, including a 'PF-MIB' into opensnmpd is on  
reyk@'s

ever growing todo list already.


Good news, that this is on a todo list. Bad news, that this list is  
ever growing.  :)


But thanks for this information anyways!


Stephan A. Rickauer


Regards,

Falk

Re: How do I monitor my PF based firewall?

[Martin Schröder]

2009/3/4 Lars Noodin larsnoo...@openoffice.org:
 Or do you want visualization?
 http://www.openbsd.org/4.4_packages/i386/pfstat-2.3p0.tgz-long.html

While pfstat is nice (I use it), it's daily compression job is also
slow. mrtg is the way to go...

Best
Martin

Re: How do I monitor my PF based firewall?

[Stephan A. Rickauer]

On Wed, 2009-03-04 at 11:33 +0100, Falk Brockerhoff - smartTERRA GmbH
wrote:
 Am 04.03.2009 um 11:23 schrieb Lars Noodin:
 
  It's probably simplest to start with pftop.
 
 After a first quick look pftop is a great tool for debugging und
 manually monitoring firewall activity. But it seems that I really
 can't use it for a data source collector for cacti, can I?
 
  Or do you want visualization?
  http://www.openbsd.org/4.4_packages/i386/pfstat-2.3p0.tgz-long.html
 
 Yes, but I want to use cacti for visualization as I use it for
 anything else :)

you can still use 'extend's in (net-)snmpd.conf that use pfctl to gain
some numbers, like states created and such. One can then create SNMP
OID based graphs in cacti.

Re: How do I monitor my PF based firewall?

[Dan Carley]

2009/3/4 Falk Brockerhoff - smartTERRA GmbH n...@smartterra.eu

 Am 04.03.2009 um 11:23 schrieb Lars Noodin:

 Or do you want visualization?
 http://www.openbsd.org/4.4_packages/i386/pfstat-2.3p0.tgz-long.html


 Yes, but I want to use cacti for visualization as I use it for
 anything else :)


If you're using 4.4 then `systat states` does the same job as pfstat and
doesn't require any installation.

For exporting to Cacti, until PF-MIBsm are in OpenSNMPd, you can apply them
to net-snmp. Either from ports or referencing them from a source tarball.
From memory you may have to write the Cacti definitions yourself though.

http://www.packetmischief.ca/openbsd/snmp/

Regards,

Re: Using ldap everywhere ...

[a. e.]

 Hi everybody,



 I'm trying to set up a web/mail/dns/ftp/etc. ... using ldap everywhere...

 But It seems that serving ns zones over ldap is not possible on OpenBSD...
The
 sdb-ldap backend is not in the OpenBSD ports...

 For the Apache vhosts, i've found that module mod_ldapvhost. But it's
almost
 not documented...



 I can manage easily the link between Postfix/ldap Ftp/ldap courrier/ldap.



 Do you have some advices, comments, links to provide for the setup of
dns/ldap
  apache/ldap on OpenBSD ?...

 I really don't want to do this on ubuntu...



 Regards.

 ae.

I really need your point of view and your advices about this... could anyone
help ?...

Regards
ae.

_
Vous voulez savoir ce que vous pouvez faire avec le nouveau Windows Live ?
Lancez-vous !
http://www.microsoft.com/windows/windowslive/default.aspx

AMD64 24th Feb Panic uvm_pdaemon.c

[Insan Praja SW]

Hi Guys,
I currently running AMD64.MP snapshot from 24th Feb '09. On the blue  
screen it says:
Panic : kernel diagnostic assertion uvmexp.swpgonly = uvmexp.swpages  
failed : file ../../../../uvm/uvm_pdaemon.c, line 575

ddb trace
Panic () at panic +0x122
__assert() at __assert + 0x21
uvm_aiodone_daemon() at uvm_aiodone_daemon+0x30d
uvm_aiodone_daemon() at uvm_aiodone_daemon+0x958
uvm_pageout() at uvm_pageout+0xca
end trace frame: 0x0, count: -6

The dmesg would be:

OpenBSD 4.5-beta (GENERIC.MP) #2127: Wed Feb 25 11:47:32 MST 2009
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 1063124992 (1013MB)
avail mem = 1020096512 (972MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.34 @ 0x3f6ee000 (78 entries)
bios0: vendor FUJITSU SIEMENS // Phoenix Technologies Ltd. version 5.00  
R1.10.2151.A1 date 05/08/2006

bios0: FUJITSU SIEMENS D2151-A1
acpi0 at bios0: rev 2
acpi0: tables DSDT FACP ASF! SSDT MCFG HPET APIC BOOT
acpi0: wakeup devices PEXA(S4) PEXB(S4) PEXC(S4) PEXD(S4) PEXE(S4)  
USB1(S4) USB2(S4) USB3(S4) USB4(S4) USB5(S4) PCIH(S4) KEYB(

S4) PS2M(S4) COM1(S1) COM2(S1)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Pentium(R) D CPU 2.66GHz, 2660.48 MHz
cpu0:  
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,S

SE3,MWAIT,DS-CPL,TM2,CNXT-ID,CX16,xTPR,NXE,LONG
cpu0: 1MB 64b/line 8-way L2 cache
cpu0: apic clock running at 133MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Pentium(R) D CPU 2.66GHz, 2660.07 MHz
cpu1:  
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,S

SE3,MWAIT,DS-CPL,TM2,CNXT-ID,CX16,xTPR,NXE,LONG
cpu1: 1MB 64b/line 8-way L2 cache
ioapic0 at mainbus0 apid 2 pa 0xfec0, version 20, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEXA)
acpiprt2 at acpi0: bus 3 (PEXB)
acpiprt3 at acpi0: bus 5 (PEXC)
acpiprt4 at acpi0: bus 7 (PEXD)
acpiprt5 at acpi0: bus 9 (PEXE)
acpiprt6 at acpi0: bus 11 (PCIH)
acpicpu0 at acpi0: FVS, 2667, 1862 MHz
acpicpu1 at acpi0
acpibtn0 at acpi0: PWRB
pci0 at mainbus0 bus 0: configuration mode 1
pchb0 at pci0 dev 0 function 0 Intel 82945G Host rev 0x02
vga1 at pci0 dev 2 function 0 Intel 82945G Video rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0xe000, size 0x1000
inteldrm0 at vga1: apic 2 int 16 (irq 11)
drm0 at inteldrm0
azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x01: apic  
2 int 18 (irq 9)

azalia0: codecs: Realtek ALC260
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01: apic 2 int  
17 (irq 11)

pci1 at ppb0 bus 3
ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x01: apic 2 int  
16 (irq 11)

pci2 at ppb1 bus 5
bge0 at pci2 dev 0 function 0 Broadcom BCM5751 rev 0x01, BCM5750 A1  
(0x4001): apic 2 int 17 (irq 11), address 00:30:05:c9:79

:df
brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0
ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x01: apic 2 int  
18 (irq 9)

pci3 at ppb2 bus 7
ppb3 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x01: apic 2 int  
19 (irq 9)

pci4 at ppb3 bus 9
uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: apic 2 int  
23 (irq 11)
uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: apic 2 int  
22 (irq 10)
uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: apic 2 int  
21 (irq 5)
uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: apic 2 int  
20 (irq 9)
ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: apic 2 int  
23 (irq 11)

ehci0: timed out waiting for BIOS
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb4 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xe1
pci5 at ppb4 bus 11
rl0 at pci5 dev 5 function 0 D-Link Systems 530TX+ rev 0x10: apic 2 int  
22 (irq 10), address 00:1e:58:3e:70:45

rlphy0 at rl0 phy 0: RTL internal PHY
rl1 at pci5 dev 7 function 0 D-Link Systems 530TX+ rev 0x10: apic 2 int  
21 (irq 5), address 00:11:95:63:48:63

rlphy1 at rl1 phy 0: RTL internal PHY
pcib0 at pci0 dev 31 function 0 Intel 82801GB LPC rev 0x01
pciide0 at pci0 dev 31 function 2 Intel 82801GB SATA rev 0x01: DMA,  
channel 0 wired to compatibility, channel 1 wired to com

patibility
wd0 at pciide0 channel 0 drive 0: ST3160211AS
wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 1
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: TSSTcorp, DVD-ROM SH-D162D, SB00 ATAPI  
5/cdrom removable

cd0(pciide0:1:1): using PIO mode 4, Ultra-DMA mode 2
ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 

Re: How do I monitor my PF based firewall?

[Helmut Schneider]

Dan Carley dan.car...@gmail.com wrote:

2009/3/4 Falk Brockerhoff - smartTERRA GmbH n...@smartterra.eu


Am 04.03.2009 um 11:23 schrieb Lars Noodin:


Or do you want visualization?
http://www.openbsd.org/4.4_packages/i386/pfstat-2.3p0.tgz-long.html



Yes, but I want to use cacti for visualization as I use it for
anything else :)



If you're using 4.4 then `systat states` does the same job as pfstat and
doesn't require any installation.

For exporting to Cacti, until PF-MIBsm are in OpenSNMPd, you can apply
them to net-snmp. Either from ports or referencing them from a source
tarball. From memory you may have to write the Cacti definitions
yourself though.

http://www.packetmischief.ca/openbsd/snmp/



Sidenote: They do not work with net-snmp from ports-stable, but from 
ports-current the do.


@Falk: If you require the pf-enabled snmp port and cannot compile it 
yourself, pm me.


--
No Swen today, my love has gone away
My mailbox stands for lorn, a symbol of the dawn 

Re: How do I monitor my PF based firewall?

[Jason Dixon]

On Wed, Mar 04, 2009 at 09:32:44AM +0100, Falk Brockerhoff - smartTERRA GmbH 
wrote:
 Hello,

 I like to monitor my firewalls using snmp and cacti. But I don't know how 
 to get all the information about pf, states, etc. On the net I only found 
 hints about older OpenBSD Versions (I use OpenBSD 4.4 -stable and the 
 included snmpd). Can you please give me a hint into the right direction?

Here's how you can use net-snmp's extend functionality:

$ grep extend /etc/snmp/snmpd.conf
extend PFstates /usr/local/sbin/countPFstates.sh

$ cat /usr/local/sbin/countPFstates.sh  
   
#!/bin/sh
pfctl -si | grep entries | awk '{print $3}'

Then you just need to find the right OID and create your data source in
Cacti.

-- 
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net/

Re: How do I monitor my PF based firewall?

[Falk Brockerhoff - smartTERRA GmbH]

Am 04.03.2009 um 14:10 schrieb Jason Dixon:



Here's how you can use net-snmp's extend functionality:

$ cat /usr/local/sbin/countPFstates.sh
#!/bin/sh
pfctl -si | grep entries | awk '{print $3}'


Ok, this is a way we can go. Is there any possibility to use the  
extend feature with openbsd builtin snmpd?


Does anybody monitor pf values this (or another) way and may share  
which information from pf should be monitored?


Regards,

Falk

Re: How do I monitor my PF based firewall?

[Jason Dixon]

On Wed, Mar 04, 2009 at 02:17:30PM +0100, Falk Brockerhoff - smartTERRA GmbH 
wrote:
 Am 04.03.2009 um 14:10 schrieb Jason Dixon:


 Here's how you can use net-snmp's extend functionality:

 $ cat /usr/local/sbin/countPFstates.sh
 #!/bin/sh
 pfctl -si | grep entries | awk '{print $3}'

 Ok, this is a way we can go. Is there any possibility to use the extend 
 feature with openbsd builtin snmpd?

Not currently.

 Does anybody monitor pf values this (or another) way and may share which 
 information from pf should be monitored?

I just did.  :)

Other people use the PF-MIB patch to net-snmp.  We don't need that
functionality.  We like to monitor the following for our PF firewalls in
Cacti:

CPU
Interrupts
Load
Memory Usage
PF States (see above)
Traffic
Unicast Packets
Non-Unicast Packets
Errors

I haven't come across any other vectors that would have been useful to
us, although I can see where the Source track and Filter rule label
counters in the PF-MIB patch might be useful to others.


-- 
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net/

Re: How do I monitor my PF based firewall?

[Falk Brockerhoff - smartTERRA GmbH]

Am 04.03.2009 um 14:46 schrieb Jason Dixon:


Other people use the PF-MIB patch to net-snmp.  We don't need that
functionality.  We like to monitor the following for our PF  
firewalls in

Cacti:


The number of the passed and blocked packets would be also  
interesting. Perfect, if I can get this values per vlan...


Any idea how to get this values?




Regards,

Falk

Re: How do I monitor my PF based firewall?

[Jason Dixon]

On Wed, Mar 04, 2009 at 02:55:46PM +0100, Falk Brockerhoff - smartTERRA GmbH 
wrote:
 Am 04.03.2009 um 14:46 schrieb Jason Dixon:

 Other people use the PF-MIB patch to net-snmp.  We don't need that
 functionality.  We like to monitor the following for our PF firewalls in
 Cacti:

 The number of the passed and blocked packets would be also interesting. 
 Perfect, if I can get this values per vlan...

 Any idea how to get this values?

You've already been given the link to the PF-MIB patch.

-- 
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net/

Re: How do I monitor my PF based firewall?

[Dan Carley]

On 04/03/2009, Jason Dixon ja...@dixongroup.net wrote:
 On Wed, Mar 04, 2009 at 02:17:30PM +0100, Falk Brockerhoff - smartTERRA GmbH
 wrote:
 Ok, this is a way we can go. Is there any possibility to use the extend
 feature with openbsd builtin snmpd?

 Not currently.

I don't believe there are any plan to do so. You should stick with the
more heavyweight net-snmp if you need extend/exec/pass.

Besides, extend always feels slightly hackish in my opinion. The MIBs
function well.

Re: Using ldap everywhere ...

[Alexander Hall]

Since you seem to get few responses to this, I'll give you my $.02 here:

After years of using OpenBSD, I've come to the conclusion that OpenBSD 
is best served with as little fuzz as possible (using what's in the base 
system if at all possible). Of course you can install ISC bind if that 
helps and mod_ldapvhost too but I really fear all that will give you in 
the end is a frankenstein system that requires quite a struggle to keep 
up-to-date and patched etc.


Asking for howto's (not even finding any from the googling you seem to 
have done) on how to setup this is to me a warning sign that things are 
going to be messy at best. Those you'll find, if any, will likely be 
quite outdated.


But what the heck - go ahead! Take one service at the time, and have fun 
trying. You'll definitely learn stuff on the way. If you succeed you can 
even write a howto for others in the same situation! :-)


/Alexander (who has never really used ldap, btw)

a. e. wrote:

Hi everybody,



I'm trying to set up a web/mail/dns/ftp/etc. ... using ldap everywhere...

But It seems that serving ns zones over ldap is not possible on OpenBSD... The
sdb-ldap backend is not in the OpenBSD ports...

For the Apache vhosts, i've found that module mod_ldapvhost. But it's almost
not documented...



I can manage easily the link between Postfix/ldap Ftp/ldap courrier/ldap.



Do you have some advices, comments, links to provide for the setup of dns/ldap
 apache/ldap on OpenBSD ?...

I really don't want to do this on ubuntu...



Regards.

ae.

_
Tiliphonez gratuitement ` tous vos proches avec Windows Live Messenger  ! 
Tilichargez-le maintenant !

http://www.windowslive.fr/messenger/1.asp

Re: Using ldap everywhere ...

[Marc Balmer]

Am 04.03.2009 um 15:15 schrieb Alexander Hall:

Since you seem to get few responses to this, I'll give you my $.02  
here:


After years of using OpenBSD, I've come to the conclusion that  
OpenBSD is best served with as little fuzz as possible (using what's  
in the base system if at all possible). Of course you can install  
ISC bind if that helps and mod_ldapvhost too but I really fear all  
that will give you in the end is a frankenstein system that requires  
quite a struggle to keep up-to-date and patched etc.


Using a module in httpd does not frankensteinice your system.  modules  
are there to
extend the webserver.  and mod_ldapvhost is particularly stable and  
used on some
larger webserver, trust me, I know the developer... (though the module  
certainly has

some rough edges)



Asking for howto's (not even finding any from the googling you seem  
to have done) on how to setup this is to me a warning sign that  
things are going to be messy at best. Those you'll find, if any,  
will likely be quite outdated.


But what the heck - go ahead! Take one service at the time, and have  
fun trying. You'll definitely learn stuff on the way. If you succeed  
you can even write a howto for others in the same situation! :-)


/Alexander (who has never really used ldap, btw)

a. e. wrote:

Hi everybody,
I'm trying to set up a web/mail/dns/ftp/etc. ... using ldap  
everywhere...
But It seems that serving ns zones over ldap is not possible on  
OpenBSD... The

sdb-ldap backend is not in the OpenBSD ports...
For the Apache vhosts, i've found that module mod_ldapvhost. But  
it's almost

not documented...
I can manage easily the link between Postfix/ldap Ftp/ldap courrier/ 
ldap.
Do you have some advices, comments, links to provide for the setup  
of dns/ldap

 apache/ldap on OpenBSD ?...
I really don't want to do this on ubuntu...
Regards.
ae.
_
Tiliphonez gratuitement ` tous vos proches avec Windows Live  
Messenger  ! Tilichargez-le maintenant !

http://www.windowslive.fr/messenger/1.asp

Re: Using ldap everywhere ...

[a. e.]

I totally agree with what you say...

But the goal of our jobs is to satisfy the user and to help him to get what he
wants. Saying that i'm not saying I will forget security, performance and
stability.

My specific goal is to manage, over openldap the maximum of services. I've
been using OpenBSD since the 2.9. My web hosting server is up and running for
so many years. I've always managed to get everything functionnal with the
minimum possible of mess. I'm trying to advocate that OS because I think it's
the only really secured and capable to manage a real High Performance and High
Usage system. I've switched so many servers from Linux to OpenBsd everywhere I
worked...

Otherwise, if I accept the point of view that it's better to use an OpenBSD
out of the box without a lot of custimization and with the minimum of software
installed, I should accept the fact that I can't do all I want with that OS
(All I want as server). that also means that For some usages I have to use
Linux. I love Linux as a desktop. But I really want to only use OpenBSD as
server.

Anyway thank's A LOT for the response, sincerly, and excuse my poor frenchy
english.

Best Regards
ae.


 Date: Wed, 4 Mar 2009 15:15:18 +0100
 From: alexan...@beard.se
 To: misc@openbsd.org
 Subject: Re: Using ldap everywhere ...

 Since you seem to get few responses to this, I'll give you my $.02 here:

 After years of using OpenBSD, I've come to the conclusion that OpenBSD
 is best served with as little fuzz as possible (using what's in the base
 system if at all possible). Of course you can install ISC bind if that
 helps and mod_ldapvhost too but I really fear all that will give you in
 the end is a frankenstein system that requires quite a struggle to keep
 up-to-date and patched etc.

 Asking for howto's (not even finding any from the googling you seem to
 have done) on how to setup this is to me a warning sign that things are
 going to be messy at best. Those you'll find, if any, will likely be
 quite outdated.

 But what the heck - go ahead! Take one service at the time, and have fun
 trying. You'll definitely learn stuff on the way. If you succeed you can
 even write a howto for others in the same situation! :-)

 /Alexander (who has never really used ldap, btw)

 a. e. wrote:
  Hi everybody,
 
 
 
  I'm trying to set up a web/mail/dns/ftp/etc. ... using ldap everywhere...
 
  But It seems that serving ns zones over ldap is not possible on OpenBSD...
The
  sdb-ldap backend is not in the OpenBSD ports...
 
  For the Apache vhosts, i've found that module mod_ldapvhost. But it's
almost
  not documented...
 
 
 
  I can manage easily the link between Postfix/ldap Ftp/ldap courrier/ldap.
 
 
 
  Do you have some advices, comments, links to provide for the setup of
dns/ldap
   apache/ldap on OpenBSD ?...
 
  I really don't want to do this on ubuntu...
 
 
 
  Regards.
 
  ae.
 
  _
  Tiliphonez gratuitement ` tous vos proches avec Windows Live Messenger !
  Tilichargez-le maintenant !
  http://www.windowslive.fr/messenger/1.asp


_
Dicouvrez toutes les possibilitis de communication avec vos proches
http://www.microsoft.com/windows/windowslive/default.aspx

Re: Using ldap everywhere ...

[a. e.]

 CC: misc@openbsd.org
 From: m...@msys.ch
 To: alexan...@beard.se
 Subject: Re: Using ldap everywhere ...
 Date: Wed, 4 Mar 2009 16:51:15 +0100

 Am 04.03.2009 um 15:15 schrieb Alexander Hall:

  Since you seem to get few responses to this, I'll give you my $.02
  here:
 
  After years of using OpenBSD, I've come to the conclusion that
  OpenBSD is best served with as little fuzz as possible (using what's
  in the base system if at all possible). Of course you can install
  ISC bind if that helps and mod_ldapvhost too but I really fear all
  that will give you in the end is a frankenstein system that requires
  quite a struggle to keep up-to-date and patched etc.

 Using a module in httpd does not frankensteinice your system. modules
 are there to
 extend the webserver. and mod_ldapvhost is particularly stable and
 used on some
 larger webserver, trust me, I know the developer... (though the module
 certainly has
 some rough edges)


Hi,



Thank's for the reaction...
Could you point me to a documentation of the mod_ldapvhost ?... Because My
apache has the module loaded and activated. The OpenLdap server loads the
vhost schema. But apache doesn't even try to connect to the ldap server...


 
  Asking for howto's (not even finding any from the googling you seem
  to have done) on how to setup this is to me a warning sign that
  things are going to be messy at best. Those you'll find, if any,
  will likely be quite outdated.
 
  But what the heck - go ahead! Take one service at the time, and have
  fun trying. You'll definitely learn stuff on the way. If you succeed
  you can even write a howto for others in the same situation! :-)
 
  /Alexander (who has never really used ldap, btw)
 
  a. e. wrote:
  Hi everybody,
  I'm trying to set up a web/mail/dns/ftp/etc. ... using ldap
  everywhere...
  But It seems that serving ns zones over ldap is not possible on
  OpenBSD... The
  sdb-ldap backend is not in the OpenBSD ports...
  For the Apache vhosts, i've found that module mod_ldapvhost. But
  it's almost
  not documented...
  I can manage easily the link between Postfix/ldap Ftp/ldap courrier/
  ldap.
  Do you have some advices, comments, links to provide for the setup
  of dns/ldap
   apache/ldap on OpenBSD ?...
  I really don't want to do this on ubuntu...
  Regards.
  ae.
  _
  Tiliphonez gratuitement ` tous vos proches avec Windows Live
  Messenger ! Tilichargez-le maintenant !
  http://www.windowslive.fr/messenger/1.asp



_
Dicouvrez toutes les possibilitis de communication avec vos proches
http://www.microsoft.com/windows/windowslive/default.aspx

chsh patch ...

[Karl-Heinz Wild]

Hi

I got sick when adding a expire date for an useraccount with chsh.
The line with the format shows [month day year] but
the parameter you have to insert is the monthname as local name
or an abbreviation.

My patch adds the possibility to enter the old format and
the numerical format as well.

Maybe you'll find that ok or better helpful

--- usr.bin/chpass/util.c.orig  Tue Dec 16 06:25:55 2008
+++ usr.bin/chpass/util.c   Fri Feb 27 21:36:03 2009
@@ -75,11 +75,16 @@
 return (0);
 }
 (void) memset(tm, 0, sizeof(tm));
-   for (t = p; (t = strchr(t, ',')) != NULL; t++)
-   *t = ' ';
+   for (t = p; *t != NULL; t++ )
+   if( *t == ',' || *t == '/' || *t == '.' )
+   *t = ' ';
 t = strptime(p, %B %d %Y, tm);
-   if (t == NULL || (*t != '\0'  *t != '\n'))
-   return 1;
+   if (t == NULL || (*t != '\0'  *t != '\n')) {
+   t = strptime( p, %m %d %Y, tm );
+   if (t == NULL || (*t != '\0'  *t != '\n')) {
+   return 1;
+   }
+   }
 tm.tm_isdst = -1;
 *store = mktime(tm);
 if (*store == (time_t) -1)


Regards
Karl-Heinz

[demime 1.01d removed an attachment of type application/pkcs7-signature which 
had a name of smime.p7s]

Re: Using ldap everywhere ...

[Piotr Sikora]

But It seems that serving ns zones over ldap is not possible on OpenBSD... 
The

sdb-ldap backend is not in the OpenBSD ports...


You can add dlz-ldap backend to OpenBSD's bind.

All you need to do (assuming that you've got OpenBSD's sources in /usr/src
and bind-9.4.2-P2.tar.gz unpacked in your working directory):
1) cp -R bind-9.4.2-P2/contrib /usr/src/usr.sbin/bind/
2) cp bind-9.4.2-P2/configure /usr/src/usr.sbin/bind/
3) edit configure script and remove all *tests* from ac_config_files
4) add --with-dlz-ldap=yes to CONFIGURE_OPTS in Makefile.bsd-wrapper
5) rebuild bind

Best regards,
Piotr Sikora  pi...@sikora.nu 

Re: Using ldap everywhere ...

[Alexander Hall]

Marc Balmer wrote:

Am 04.03.2009 um 15:15 schrieb Alexander Hall:


Since you seem to get few responses to this, I'll give you my $.02 here:

After years of using OpenBSD, I've come to the conclusion that OpenBSD 
is best served with as little fuzz as possible (using what's in the 
base system if at all possible). Of course you can install ISC bind if 
that helps and mod_ldapvhost too but I really fear all that will give 
you in the end is a frankenstein system that requires quite a struggle 
to keep up-to-date and patched etc.


Using a module in httpd does not frankensteinice your system.  modules 
are there to
extend the webserver.  and mod_ldapvhost is particularly stable and used 
on some
larger webserver, trust me, I know the developer... (though the module 
certainly has

some rough edges)


I stand corrected. I incorrectly assumed it was some old unmaintained 
non-ported piece of software. I'm sorry if I offended anyone. :-)


Asking for howto's (not even finding any from the googling you seem to 
have done) on how to setup this is to me a warning sign that things 
are going to be messy at best. Those you'll find, if any, will likely 
be quite outdated.


But what the heck - go ahead! Take one service at the time, and have 
fun trying. You'll definitely learn stuff on the way. If you succeed 
you can even write a howto for others in the same situation! :-)


/Alexander (who has never really used ldap, btw)

a. e. wrote:

Hi everybody,
I'm trying to set up a web/mail/dns/ftp/etc. ... using ldap 
everywhere...
But It seems that serving ns zones over ldap is not possible on 
OpenBSD... The

sdb-ldap backend is not in the OpenBSD ports...
For the Apache vhosts, i've found that module mod_ldapvhost. But it's 
almost

not documented...
I can manage easily the link between Postfix/ldap Ftp/ldap 
courrier/ldap.
Do you have some advices, comments, links to provide for the setup of 
dns/ldap

 apache/ldap on OpenBSD ?...
I really don't want to do this on ubuntu...
Regards.
ae.
_
Tiliphonez gratuitement ` tous vos proches avec Windows Live 
Messenger  ! Tilichargez-le maintenant !

http://www.windowslive.fr/messenger/1.asp

Re: Using ldap everywhere ...

[Alexander Hall]

a. e. wrote:

I totally agree with what you say...

But the goal of our jobs is to satisfy the user and to help him to get what he
wants. Saying that i'm not saying I will forget security, performance and
stability.

My specific goal is to manage, over openldap the maximum of services. I've
been using OpenBSD since the 2.9. My web hosting server is up and running for
so many years. I've always managed to get everything functionnal with the
minimum possible of mess. I'm trying to advocate that OS because I think it's
the only really secured and capable to manage a real High Performance and High
Usage system. I've switched so many servers from Linux to OpenBsd everywhere I
worked...

Otherwise, if I accept the point of view that it's better to use an OpenBSD
out of the box without a lot of custimization and with the minimum of software
installed, I should accept the fact that I can't do all I want with that OS
(All I want as server). that also means that For some usages I have to use
Linux. I love Linux as a desktop. But I really want to only use OpenBSD as
server.


Using third-party software on OpenBSD (preferrably from ports/packages) 
is not a bad thing but for _me_, migrating back to what's in base 
(sendmail with real users instead of postfix with virtual tables) has 
made my systems much easier to maintain, plus I get important fixes 
delivered (as patches) at the uncommon event that a critical bug should 
be found.


I realize I misread your post a bit and that my answer was a little 
off-topic, but, hey, I seem to have bumped the thread at least! :-P


/Alexander

Re: 3Qs, including How insane to have /var mount with softraid discipline raid 1 ?

[J.C. Roberts]

On Tue, 3 Mar 2009 22:26:09 -0600 Marco Peereboom sl...@peereboom.us
wrote:

 #1
 no
 
 #2
 i use softraid for all kinds of uses; nothing you mention here is odd
 or out of place
 
 #3
 that is correct; the lazy author still hasn't finished partial bringup
 and rebuilds.  that guy kind of sucks and needs to be reminded often
 to get off his lazy slack bum butt.


Maybe we could motivate him by asking for his autograph?


-- 
J.C. Roberts

Re: Problems with vnc on OpenBSD 4.4

[Chris.Karle]

I *think* (hope) you're running into what I've worked on before.

It's in the archives...

http://archives.neohapsis.com/archives/openbsd/2007-11/0691.html


-Original Message-
From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf
Of Dr. Harry Knitter
Sent: Wednesday, March 04, 2009 3:39 AM
To: misc@openbsd.org
Subject: Problems with vnc on OpenBSD 4.4

Hello,

I have successfully set um an OpenBSD machine (amd64) in an Virtualbox
using X and KDE as desktop.
So far everything works fine, KDE is starting after boot.
tightvnc is installed.
However I cannot start vncserver.
log
The log file shows:
Couldn't open RGB_DB '/usr/X11R6/lib/X11/rgb'
Getting interface configuration (4): Device not configured
04/03/09 11:05:13 Xvnc version 3.3.tight1.2.9
04/03/09 11:05:13 Copyright (C) 1999 ATT Laboratories Cambridge.
04/03/09 11:05:13 Copyright (C) 2000-2002 Constantin Kaplinsky.
04/03/09 11:05:13 All Rights Reserved.
04/03/09 11:05:13 See http://www.uk.research.att.com/vnc for information
on VNC
04/03/09 11:05:13 See http://www.tightvnc.com for TightVNC-specific
information
04/03/09 11:05:13 Desktop name 'X' (openbsd.mydomain.com:1)
04/03/09 11:05:13 Protocol version supported 3.3
04/03/09 11:05:13 Listening for VNC connections on TCP port 5901
04/03/09 11:05:13 Listening for HTTP connections on TCP port 5801
04/03/09 11:05:13   URL http://openbsd.mydomain.com:5801
xrdb: Can't open display ':1'
xset:  unable to open display :1
xsetroot:  unable to open display ':1'
startkde: Starting up...
ksplash: cannot connect to X server :1
xprop:  unable to open display ':1'
usage:  xprop [-options ...] [[format [dformat]] atom] ...

where options include:
-grammar   print out full grammar for command
line
-display host:dpy  the X server to contact
-id id resource id of window to examine
-name name name of window to examine
-font name name of font to examine
-remove propname   remove a property
-set propname valueset a property to a given value
-root  examine the root window
-len n display at most n bytes of any
property
-notypedo not display the type field
-fs filename   where to look for formats for
properties
-frame don't ignore window manager frames
-f propname format [dformat]   formats to use for property of given
name
-spy   examine window properties forever

kdeinit: Can't connect to the X Server.
kdeinit: Might not terminate at end of session.
kded: cannot connect to X server :1
kded: ERROR: KUniqueApplication: Registering failed!
kded: ERROR: Communication problem with kded, it probably crashed.
kcminit_startup: cannot connect to X server :1
ksmserver: cannot connect to X server :1
startkde: Shutting down...
klauncher: Exiting on signal 1
sound server terminated
startkde: Running shutdown scripts...
xprop:  unable to open display ':1'
usage:  xprop [-options ...] [[format [dformat]] atom] ...

where options include:
-grammar   print out full grammar for command
line
-display host:dpy  the X server to contact
-id id resource id of window to examine
-name name name of window to examine
-font name name of font to examine
-remove propname   remove a property
-set propname valueset a property to a given value
-root  examine the root window
-len n display at most n bytes of any
property
-notypedo not display the type field
-fs filename   where to look for formats for
properties
-frame don't ignore window manager frames
-f propname format [dformat]   formats to use for property of given
name
-spy   examine window properties forever

startkde: Done.
/log

starting xhost from a Terminal within KDE as ordinary user shows:

xhost
access control enabled, only authorized clients can connect xhost

environment variable DISPLAY is set to :0.0

xauth shows MIT_MAGIC_COOKIES_1 for localhost and the fqdn of the
machine.

However, vncserver cannot connect.

Trying to call xhost within a ssh-shell (as ordinary user) also xhost
cannot connect to X, regardless what command line argument I use.

What the hell ist going wrong?

Thanks for any answers that can solve the problem.

Greetings

Harry

IBM System x3650 + System Storage DS4700 not working on last snap.

[Sergey Prysiazhnyi]

Hello, I'd recently make a try to boot -current OpenBSD on Subj system 
(results):


0. bsd.rd:
boot boot bsd.rd
booting tftp:bsd.rd: 5197108+918896 [52+205088+189820]=0x635ae8
entry point at 0x200120
Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of 
California. All rights reserved.
Copyright (c) 1995-2009 OpenBSD. All rights reserved. http://www.OpenBSD.org
OpenBSD 4.5 (RAMDISK_CD) #1112: Sat Feb 28 15:06:26 MST 2009 
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: Intel(R) Xeon(R) CPU E5405 @ 2.00GHz (GenuineIntel 686-class) 2 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR
real mem  = 3220459520 (3071MB)
avail mem = 3122147328 (2977MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 02/07/08, BIOS32 rev. 0 @ 0xfd831, SMBIOS 
rev. 2.4 @ 0xbffceac0 (113 entrie+s)
bios0: vendor IBM version -[GGE136AUS-1.09]- date 02/07/2008
bios0: IBM IBM System x3650 -[7979KPG]-
acpi0 at bios0: rev 2
acpi0: tables DSDT FACP APIC SRAT HPET MCFG ERST
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 332MHz
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 14 pa 0xfec0, version 20, 24 pins
acpiprt0 at acpi0: bus 28 (PCI6)
acpiprt1 at acpi0: bus 36 (PCI7)
acpiprt2 at acpi0: bus 1 (PCIS)
acpiprt3 at acpi0: bus 2 (PCI2)
acpiprt4 at acpi0: bus 5 (PC2B)
acpiprt5 at acpi0: bus 0 (PCI0)
bios0: ROM list: 0xc/0xb000 0xcb000/0x1800 0xcc800/0x1800 0xce000/0x5000! 
0xd3000/0x200
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 5000P Host rev 0xb1
ppb0 at pci0 dev 2 function 0 Intel 5000 PCIE rev 0xb1
pci1 at ppb0 bus 26
ppb1 at pci1 dev 0 function 0 Intel 6321ESB PCIE rev 0x01
pci2 at ppb1 bus 27
ppb2 at pci2 dev 0 function 0 Intel 6321ESB PCIE rev 0x01
pci3 at ppb2 bus 28
ppb3 at pci2 dev 1 function 0 Intel 6321ESB PCIE rev 0x01
pci4 at ppb3 bus 36
ppb4 at pci1 dev 0 function 3 Intel 6321ESB PCIE-PCIX rev 0x01
pci5 at ppb4 bus 37
ppb5 at pci0 dev 3 function 0 Intel 5000 PCIE rev 0xb1
pci6 at ppb5 bus 4
Adaptec ASR-2120S rev 0x02 at pci6 dev 0 function 0 not configured
ppb6 at pci0 dev 4 function 0 Intel 5000 PCIE x8 rev 0xb1
pci7 at ppb6 bus 16
ppb7 at pci0 dev 5 function 0 Intel 5000 PCIE rev 0xb1
pci8 at ppb7 bus 69
ppb8 at pci0 dev 6 function 0 Intel 5000 PCIE x8 rev 0xb1
pci9 at ppb8 bus 7
QLogic ISP2432 rev 0x03 at pci9 dev 0 function 0 not configured
QLogic ISP2432 rev 0x03 at pci9 dev 0 function 1 not configured
ppb9 at pci0 dev 7 function 0 Intel 5000 PCIE rev 0xb1
pci10 at ppb9 bus 68
Intel I/OAT rev 0xb1 at pci0 dev 8 function 0 not configured
pchb1 at pci0 dev 16 function 0 Intel 5000 Error Reporting rev 0xb1
pchb2 at pci0 dev 16 function 1 Intel 5000 Error Reporting rev 0xb1
pchb3 at pci0 dev 16 function 2 Intel 5000 Error Reporting rev 0xb1
pchb4 at pci0 dev 17 function 0 Intel 5000 Reserved rev 0xb1
pchb5 at pci0 dev 19 function 0 Intel 5000 Reserved rev 0xb1
pchb6 at pci0 dev 21 function 0 Intel 5000 FBD rev 0xb1
pchb7 at pci0 dev 22 function 0 Intel 5000 FBD rev 0xb1
ppb10 at pci0 dev 28 function 0 Intel 6321ESB PCIE rev 0x09
pci11 at ppb10 bus 2
ppb11 at pci11 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc3
pci12 at ppb11 bus 3
bnx0 at pci12 dev 0 function 0 Broadcom BCM5708 rev 0x12: apic 14 int 16 (irq 
3)
ppb12 at pci0 dev 28 function 1 Intel 6321ESB PCIE rev 0x09
pci13 at ppb12 bus 5
ppb13 at pci13 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc3
pci14 at ppb13 bus 6
bnx1 at pci14 dev 0 function 0 Broadcom BCM5708 rev 0x12: apic 14 int 17 (irq 
10)
uhci0 at pci0 dev 29 function 0 Intel 6321ESB USB rev 0x09: apic 14 int 23 
(irq 5)
uhci1 at pci0 dev 29 function 1 Intel 6321ESB USB rev 0x09: apic 14 int 22 
(irq 11)
uhci2 at pci0 dev 29 function 2 Intel 6321ESB USB rev 0x09: apic 14 int 23 
(irq 5)
uhci3 at pci0 dev 29 function 3 Intel 6321ESB USB rev 0x09: apic 14 int 22 
(irq 11)
ehci0 at pci0 dev 29 function 7 Intel 6321ESB USB rev 0x09: apic 14 int 23 
(irq 5)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb14 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xd9
pci15 at ppb14 bus 1
vga1 at pci15 dev 6 function 0 ATI ES1000 rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
ichpcib0 at pci0 dev 31 function 0 Intel 6321ESB LPC rev 0x09: PM disabled
pciide0 at pci0 dev 31 function 2 Intel 6321ESB SATA rev 0x09: DMA, channel 0 
wired to compatibility, channel 1 wired to compatibility
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: HL-DT-ST, RW/DVD GCC-T10N, 1.00 ATAPI 5/cdrom 
removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
Intel 6321ESB SMBus rev 0x09 at pci0 dev 31 function 3 not configured
usb1 at uhci0: USB revision 

Re: ar5213a stuck on 11b

[FRLinux]

On Mon, Mar 2, 2009 at 9:52 PM, FRLinux frli...@gmail.com wrote:
media: IEEE802.11 autoselect mode 11b hostap
status: active

Hello, I have looked at this issue a bit closer. The speed I am
getting from the client seems faster than 11b, would that be vaguely
possible for openbsd to be slightly confused when showing what mode is
it on?

Cheers,
Steph

Re: How do I monitor my PF based firewall?

[Ryan Corder]

On Wed, Mar 04, 2009 at 09:32:44AM +0100, Falk Brockerhoff - smartTERRA GmbH
wrote:
 Hello,

 I like to monitor my firewalls using snmp and cacti. But I don't know how
 to get all the information about pf, states, etc. On the net I only found
 hints about older OpenBSD Versions (I use OpenBSD 4.4 -stable and the
 included snmpd). Can you please give me a hint into the right direction?

symon - it's in ports.  It doesn't fit the SNMP bill, but it will give
you rrd files that cacti could use.


--
Ryan Corder  || () ASCII ribbon campaign
ryanc at greengrey.org || /\  against HTML email
http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x1CB59D69

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: disk perfomance issues with Symbios Logic MegaRAID SAS 1064R and mfi driver

[Denis Hainsworth]

Thanks for your response.  Sorry I left out any details in my intial
email.   Also wanted to thank you Marco for all the work you've done for
openbsd.  


We are running a fairly basic bonnie++ test like so
bonnie++ -d /path -s 12000 -m machinename -u 0:0

Here are the full details:
Version  1.03   --Sequential Output-- --Sequential Input- --Random-
-Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks--
MachineSize K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP  /sec %CP
machine1 12000M  6131   3  6470   1  6220   1 72017  51 103703  19 361.3   0
--Sequential Create-- Random Create
-Create-- --Read--- -Delete-- -Create-- --Read--- -Delete--
  files  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP
 16  1423  93 + +++  8049  27  1434  93  1689  99  4005  98
machine1,12000M,6131,3,6470,1,6220,1,72017,51,103703,19,361.3,0,16,1423,93, 
 
+,+++,8049,27,1434,93,1689,99,4005,98


This is on a 388GB partition that is made up out of 4disks in a RAID5
config.  Here are the mount options we have been using:
type ffs (local, noatime, softdep) .. we've tried turing off softdep,
but it did not help.  This filesystem was initialized using 4k inodes.
Increasing the inode size also did not seem to help.

 Due to the fact that we have not gotten the megacli working, we
have not made any changes to the raid options. I can at least read the
options sorta using LSI's builtin Megacli in their newer firmware. It
shows that the cache policy is set to:

WriteThrough, ReadAheadNone, Direct, NoWrite if Bad BBU (I confirmed the
BBU shows as good)
Write Policy: WT (writethrough I presume)
Read Policy : None
 
We threw openbsd 4.4 on a spare machine we dug up.  This machine is
phsically identical to the ones we are having issues with.  

We did not see the same write problems .. here is a similar bonnie run,
against a standard openbsd filesystem mounted as  type ffs (local,
nodev) this files system was initialized using 8k inodes.

Version  1.03   --Sequential Output-- --Sequential Input- --Random-
   -Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks--
MachineSize K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP  /sec %CP
machine2 12000M 31174  13 40551   5 10003   1 60582  35 82658   7 381.1 0
   --Sequential Create-- Random Create
   -Create-- --Read--- -Delete-- -Create-- --Read--- -Delete--
 files  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP
16   850   1 + +++  1848   1   868   1 + +++   344 0
machine2,12000M,31174,13,40551,5,10003,1,60582,35,82658,7,381.1,0,16,850,1,+++
 +++,+++,1848,1,868,1,+,+++,344,0


Additionally as I stated before our previous version of hardware which is
nearly identical and running the same openbsd 4.2 setup also performs fine.
It has the same 4k inode filesystem mounted with (local, noatime, softdep)
options.

Version  1.03   --Sequential Output-- --Sequential Input- --Random-
-Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks--
MachineSize K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP  /sec %CP
machine3 12000M 23656  20 30849  20 10298   5 29102  37 36291  12 225.0   1
--Sequential Create-- Random Create
-Create-- --Read--- -Delete-- -Create-- --Read--- -Delete--
  files  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP
 16  1206  92 + +++ 16083  45  1070  81  1417  97  2991  88
machine3,12000M,23656,20,30849,20,10298,5,29102,37,36291,12,225.0,1,16,1206,92,+
  
,+++,16083,45,1070,81,1417,97,2991,88



So since machine1 and machine3 are running the same exact software it would 
seem to indicate a hardware issue.  Yet the same hardware running openbsd
4.4 also seems ok which tends to indicate some odd interaction between the
hardware and openbsd 4.2.  

So if anyone has any thoughts they would be appreciated as I have been
going around in circles on this issue for a while now.  

Lastly Marco mentioned I might have interrupt issues.  How would I check
for  that?

-denis

Os Tue, Mar 03, 2009 at 10:21:51PM -0600, Marco Peereboom wrote:
 I think I have to conclude that you (or your hardware) are doing it
 wrong.  Either you have interrupt issues or your raid card setup wrong.
 
 I also have no idea how you measured these numbers so I can't deduce
 any validity from them.
 
 On Tue, Mar 03, 2009 at 05:45:02PM -0500, Denis Hainsworth wrote:
  Hello,
  
  Some what of a novice openbsd user and hope I didnt miss something obvious. 
   I
  have a box running openbsd 4.2 which I cannot upgrade for various
  reasons.  The 

Re: Corny shit with filesystems + mp3 player

[ropers]

2009/2/12 Ted Unangst ted.unan...@gmail.com:
 On Thu, Feb 12, 2009 at 11:56 AM,  auto709...@hushmail.com wrote:
 Is it possible to end up with
 a FAT 12 file system + some kind
 of Netware (Novell or otherwise)
 on a hard drive which used to
 be a hard drive with one partition
 through plugging in an Intenso Video Voyager
 with a MicroSDHC?

 Yup.

Apologies for the late and daft question, but I'm intrigued:

Are you saying you plugged in a certain mass storage device (via
USB?), and that somehow replaced the partition table on your
(non-flash?) hard disk?

How?

I didn't seem to find relevant info by googling.
Just curious.

regards,
--ropers

4.5 snapshot fails to detect pcmcia/cardbus adapters

[Nigel J. Taylor]

Hi,

I have just tried out the 4.5 snapshot on a laptop, and found that the
cardbus/ethernet adapters I used are no longer detected. Both types had been
working with OpenBSD v4.4.

The laptop had OpenBSD v4.4 installed, and the card was detected as in this 
extract.

ep1 at pcmcia0 function 0 3Com, Megahertz 574B, B port 0xa000/32: address
00:01:03:fb:8c:a7
tqphy0 at ep1 phy 0: 78Q2120 10/100 PHY, rev. 10
softraid0 at root
root on rd0a swap on rd0b dump on rd0b


I had a second type of card, again the card was detected by v4.4 as below, which
is the same driver type as the internal adapter.

rl1 at cardbus0 dev 0 function 0 D-Link Systems DFE-690TXD rev 0x10: irq 11,
address 00:0d:88:29:0d:04
rlphy1 at rl1 phy 0: RTL internal PHY
softraid0 at root
root on rd0a swap on rd0b dump on rd0b

The full dmesg with v4.5 snapshot is below with either card with it is the same,
neither card is being found. The difference between the OpenBSD v4.4 and v4.5
dmesgs are the adapter missing lines in v4.5 plus the expected and this

-cpu0 at mainbus0
-pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
+cpu0 at mainbus0: (uniprocessor)
+pci0 at mainbus0 bus 0: configuration mode 1 (bios)


The following appears in the configuration for GENERIC and RAMDISK_CD, which I
think implies they should be enabled, where do I look next?
ep* at pcmcia?  # PCMCIA based 3C5xx ethernet
rl* at cardbus? # RealTek 81[23]9 ethernet

Regards

Nigel Taylor

OpenBSD 4.5 (RAMDISK_CD) #1112: Sat Feb 28 15:06:26 MST 2009
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: Intel(R) Pentium(R) III Mobile CPU 1000MHz (GenuineIntel 686-class) 1 
GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem  = 1063743488 (1014MB)
avail mem = 1021931520 (974MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 07/02/02, BIOS32 rev. 0 @ 0xfd850, SMBIOS
rev. 2.3 @ 0x3f6f (47 entries)
bios0: vendor Phoenix/FUJITSU version Version 1.06 date 07/02/2002
bios0: FUJITSU SIEMENS LIFEBOOK S Series
apm0 at bios0: Power Management spec V1.2
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xfd850/0x7b0
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf30/176 (9 entries)
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00)
pcibios0: PCI bus #3 is the last bus
bios0: ROM list: 0xc/0xd200! 0xcd800/0x1000
cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82830M Host rev 0x04
vga1 at pci0 dev 2 function 0 Intel 82830M Video rev 0x04
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
Intel 82830M Video rev 0x00 at pci0 dev 2 function 1 not configured
uhci0 at pci0 dev 29 function 0 Intel 82801CA/CAM USB rev 0x02: irq 11
uhci1 at pci0 dev 29 function 1 Intel 82801CA/CAM USB rev 0x02: irq 11
ppb0 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x42
pci1 at ppb0 bus 1
rl0 at pci1 dev 9 function 0 Realtek 8139 rev 0x10: irq 11, address
00:e0:00:ba:c5:66
rlphy0 at rl0 phy 0: RTL internal PHY
cbb0 at pci1 dev 10 function 0 O2 Micro OZ6933 CardBus rev 0x02: irq 11
cbb1 at pci1 dev 10 function 1 O2 Micro OZ6933 CardBus rev 0x02: irq 11
TI TSB43AB21 FireWire rev 0x00 at pci1 dev 12 function 0 not configured
wi0 at pci1 dev 13 function 0 Intersil PRISM2.5 rev 0x01: irq 11
wi0: PRISM2.5 ISL3874A(Mini-PCI) (0x8013), Firmware 1.1.0 (primary), 1.4.1
(station), address 00:e0:00:89:12:4e
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 2 device 0 cacheline 0x0, lattimer 0x20
pcmcia0 at cardslot0
cardslot1 at cbb1 slot 1 flags 0
cardbus1 at cardslot1: bus 3 device 0 cacheline 0x0, lattimer 0x20
pcmcia1 at cardslot1
ichpcib0 at pci0 dev 31 function 0 Intel 82801CAM LPC rev 0x02: 24-bit timer
at 3579545Hz
pciide0 at pci0 dev 31 function 1 Intel 82801CAM IDE rev 0x02: DMA, channel 0
configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: TOSHIBA MK3018GAS
wd0: 16-sector PIO, LBA, 28615MB, 58605120 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: MATSHITA, UJ-820D, 1.00 ATAPI 5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
Intel 82801CA/CAM SMBus rev 0x02 at pci0 dev 31 function 3 not configured
Intel 82801CA/CAM AC97 rev 0x02 at pci0 dev 31 function 5 not configured
Intel 82801CA/CAM Modem rev 0x02 at pci0 dev 31 function 6 not configured
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 Intel UHCI root hub rev 1.00/1.00 addr 1
usb1 at uhci1: USB revision 1.0
uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
npx0 at isa0 port 

Re: Upgrade on non-live disk

[Damon McMahon]

Tue, 03 Mar 2009 07:17:56 -0500  steve.shock...@shockley.net:

On 3/2/2009 7:31 PM, Damon McMahon wrote:

   Is it possible/wise to follow the upgrade instructions on a non-live
  OpenBSD disk mounted on /altroot? I have a second drive I use as a
   non-live mirror with dd(1); can I use the Upgrading without install
   kernel instructions to upgrade this disk by mounting its file systems
   in /altroot and then substituting /altroot for / in the Upgrading
   without install kernel instructions?


Why not just continue to use your existing mirror process, and update the 
mirror once your prod drive is upgraded?

To minimise down-time to a simple reboot - best not to rush these
things, and there's nothing like a production system being down to
cause me to rush!

Thanks to Nick for the advice, it seemed to work fine. For the
archives, just make REALLY sure you replace / with /altroot at every
step in the upgrade instructions (I slipped a couple of times,
thankfully both instances were recoverable) and I did find some minor
steps e.g. running newaliases(8) that would seem to require the system
being upgraded to be live and running.

Re: 4.5 snapshot fails to detect pcmcia/cardbus adapters

[Nigel J. Taylor]

Hi,

Update, had an idea to try same adapters in second laptop, can't install OpenBSD
v4.5 from snapshot, but could run up bsd.rd off the install CD and get the
dmesg, as below, on this laptop the cards are detected.


OpenBSD 4.5 (RAMDISK_CD) #1112: Sat Feb 28 15:06:26 MST 2009
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: Intel(R) Core(TM) Duo CPU T2500 @ 2.00GHz (GenuineIntel 686-class) 2 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,VMX,EST,TM2,xTPR
real mem  = 1063219200 (1013MB)
avail mem = 1021431808 (974MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 08/21/06, BIOS32 rev. 0 @ 0xfdbf4, SMBIOS
rev. 2.4 @ 0xe4f00 (65 entries)
bios0: vendor FUJITSU // Phoenix Technologies Ltd. version Version 1.18 date
08/21/2006
bios0: FUJITSU SIEMENS LIFEBOOK S7110
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP SSDT MCFG SSDT SSDT APIC HPET BOOT
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 166MHz
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 8 (PCIB)
acpiprt2 at acpi0: bus 2 (RP01)
acpiprt3 at acpi0: bus 3 (RP02)
acpiprt4 at acpi0: bus 5 (RP03)
bios0: ROM list: 0xc/0xe600! 0xce800/0x1000 0xcfa00/0x1000 0xdc000/0x1c00!
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82945GM Host rev 0x03
vga1 at pci0 dev 2 function 0 Intel 82945GM Video rev 0x03
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured
Intel 82801GB HD Audio rev 0x02 at pci0 dev 27 function 0 not configured
ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 2 int 22 
(irq 11)
pci1 at ppb0 bus 2
mskc0 at pci1 dev 0 function 0 Marvell Yukon 88E8055 rev 0x12, Yukon-2 EC
Ultra rev. A1 (0x2): apic 2 int 16 (irq 11)
msk0 at mskc0 port A: address 00:17:42:30:80:2a
eephy0 at msk0 phy 0: 88E1149 Gigabit PHY, rev. 1
ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02: apic 2 int 21 
(irq 11)
pci2 at ppb1 bus 3
ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02: apic 2 int 20 
(irq 11)
pci3 at ppb2 bus 5
wpi0 at pci3 dev 0 function 0 Intel PRO/Wireless 3945ABG rev 0x02: apic 2 int
18 (irq 11): could not power ON adapter
uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 2 int 23 
(irq 11)
uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 2 int 20 
(irq 11)
uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 2 int 18 
(irq 11)
uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 2 int 16 
(irq 11)
ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x02: apic 2 int 23 
(irq 11)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb3 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2
pci4 at ppb3 bus 8
cbb0 at pci4 dev 3 function 0 O2 Micro OZ711MP1 CardBus rev 0x21: apic 2 int
16 (irq 11)
O2 Micro Firewire rev 0x02 at pci4 dev 3 function 4 not configured
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 9 device 0 cacheline 0x0, lattimer 0x20
pcmcia0 at cardslot0
ichpcib0 at pci0 dev 31 function 0 Intel 82801GBM LPC rev 0x02: PM disabled
pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x02: DMA, channel 0
configured to compatibility, channel 1 configured to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: MATSHITA, DVD-RAM UJ-841S, 1.31 ATAPI 5/cdrom
removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
ahci0 at pci0 dev 31 function 2 Intel 82801GBM AHCI rev 0x02: apic 2 int 19
(irq 11), AHCI 1.1
ahci0: PHY offline on port 2
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 0 lun 0: ATA, ST98823AS, 3.04 SCSI3 0/direct fixed
sd0: 76319MB, 512 bytes/sec, 156301488 sec total
Intel 82801GB SMBus rev 0x02 at pci0 dev 31 function 3 not configured
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
rd0: fixed, 3800 blocks
ep1 at pcmcia0 function 0 3Com, Megahertz 574B, B port 0xa000/32: address
00:01:03:fb:8c:a7
tqphy0 at ep1 phy 0: 78Q2120 10/100 PHY, rev. 10
umass0 at uhub0 port 2 configuration 1 interface 0 

OBSD 4.5 - Lenovo Thinkpad T60 suspend resume

[Chris]

Does anyone know whether ACPI suspend/ resume now works? I do ctrl+alt
+ F1 (or 2, 3.. ) and try to suspend from
there with zzz and I get message: suspending system but nothing
happens. I get the same message when I type zzz from my wm (awesome).

Here's my dmesg. Thanks;

OpenBSD 4.5 (GENERIC) #1749: Sat Feb 28 14:51:18 MST 2009
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz (GenuineIntel 686-class) 1.83 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,
SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR
real mem  = 526807040 (502MB)
avail mem = 501088256 (477MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 04/12/07, BIOS32 rev. 0 @
0xfd6b0, SMBIOS rev. 2.4 @ 0xe0010 (68 entries)
bios0: vendor LENOVO version 79ETD2WW (2.12 ) date 04/12/2007
bios0: LENOVO 1954PJM
acpi0 at bios0: rev 2
acpi0: tables DSDT FACP SSDT ECDT TCPA APIC MCFG HPET SLIC BOOT SSDT
SSDT SSDT SSDT
acpi0: wakeup devices LID_(S3) SLPB(S3) LURT(S3) DURT(S3) EXP0(S4)
EXP1(S4) EXP2(S4) EXP3(S4) PCI1(S4) USB0(S3) USB1(S3) USB2
(S3) USB7(S3) HDEF(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 166MHz
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 2, remapped to apid 1
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (AGP_)
acpiprt2 at acpi0: bus 2 (EXP0)
acpiprt3 at acpi0: bus 3 (EXP1)
acpiprt4 at acpi0: bus 4 (EXP2)
acpiprt5 at acpi0: bus 12 (EXP3)
acpiprt6 at acpi0: bus 21 (PCI1)
acpiec0 at acpi0
acpicpu0 at acpi0: C3, C2
acpitz0 at acpi0: critical temperature 127 degC
acpitz1 at acpi0: critical temperature 99 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpibat0 at acpi0: BAT0 model 92P1141 serial  1159 type LION oem SONY
acpibat1 at acpi0: BAT1 not present
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0
acpidock at acpi0 not configured
acpivideo at acpi0 not configured
acpivideo at acpi0 not configured
bios0: ROM list: 0xc/0xea00! 0xcf000/0x1000 0xd/0x1000
0xdc000/0x4000! 0xe/0x1!
cpu0: unknown Enhanced SpeedStep CPU, msr 0x06130b2506000b25
cpu0: using only highest and lowest power states
cpu0: Enhanced SpeedStep 1833 MHz (1292 mV): speeds: 1833, 1000 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82945GM Host rev 0x03
vga1 at pci0 dev 2 function 0 Intel 82945GM Video rev 0x03
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0xd000, size 0x1000
inteldrm0 at vga1: apic 1 int 16 (irq 11)
drm0 at inteldrm0
Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured
azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02:
apic 1 int 17 (irq 11)
azalia0: codecs: Analog Devices AD1981HD, Conexant/0x2bfa, using
Analog Devices AD1981HD
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 1
int 20 (irq 11)
pci1 at ppb0 bus 2
em0 at pci1 dev 0 function 0 Intel PRO/1000MT (82573L) rev 0x00:
apic 1 int 16 (irq 11), address 00:15:58:c3:aa:e0
ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02: apic 1
int 21 (irq 11)
pci2 at ppb1 bus 3
wpi0 at pci2 dev 0 function 0 Intel PRO/Wireless 3945ABG rev 0x02:
apic 1 int 17 (irq 11), MoW1, address 00:1b:77:4d:5a:f4
ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02: apic 1
int 22 (irq 11)
pci3 at ppb2 bus 4
ppb3 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x02: apic 1
int 23 (irq 11)
pci4 at ppb3 bus 12
uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 1
int 16 (irq 11)
uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 1
int 17 (irq 11)
uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 1
int 18 (irq 11)
uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 1
int 19 (irq 11)
ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x02: apic 1
int 19 (irq 11)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb4 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2
pci5 at ppb4 bus 21
cbb0 at pci5 dev 0 function 0 TI PCI1510 CardBus rev 0x00: apic 1
int 16 (irq 11)
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 22 device 0 cacheline 0x8, lattimer 0xb0
pcmcia0 at cardslot0
ichpcib0 at pci0 dev 31 function 0 Intel 82801GBM LPC rev 0x02: PM disabled
pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x02: DMA,
channel 0 configured to compatibility, channel 1 configu
red to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: HL-DT-ST, DVDRAM GSA-4083N, 1.00 ATAPI
5/cdrom removable
cd0(pciide0:0:0): 

Re: OBSD 4.5 - Lenovo Thinkpad T60 suspend resume

[Ted Unangst]

On Wed, Mar 4, 2009 at 10:26 PM, Chris atst...@gmail.com wrote:
 Does anyone know whether ACPI suspend/ resume now works? I do ctrl+alt

no, nor in 4.5.  but it is being worked on.

Re: disk perfomance issues with Symbios Logic MegaRAID SAS 1064R and mfi driver

[J.C. Roberts]

On Wed, 4 Mar 2009 18:30:47 -0500 Denis Hainsworth
de...@alumni.brandeis.edu wrote:

 So since machine1 and machine3 are running the same exact software it
 would seem to indicate a hardware issue.  Yet the same hardware
 running openbsd 4.4 also seems ok which tends to indicate some odd
 interaction between the hardware and openbsd 4.2.  
 
 So if anyone has any thoughts they would be appreciated as I have been
 going around in circles on this issue for a while now.


I realize you said you're new to OpenBSD, but the rule to remember is,
if you're not running a GENERIC kernel, then you're on your own.

It's already difficult to replicate problems using similar hardware and
the same GENERIC kernel, but trying to replicate problems found in an
undefined custom kernel is just wasted effort. This is the reason why
custom kernels are unsupported.

You said the support for the controller was hacked into 4.2 by adding
the PCI Device-ID, and you also said you are unaware of any other
changes but that certainly doesn't mean other changes were not made.
All of this means you cannot replicate the problem with the 4.2 GENERIC
kernel because there is no default support for the device.

Additionally, 4.2 is a year and a half old, and you're only noticing
this issue now, so you obviously did not do much testing or monitoring
of your custom support for the device.

As your test with 4.4 has shown, proper support for the device has been
added, and the self-inflicted performance problem you mentioned no
longer exists. I realize you said there's some supposed reason why
you cannot upgrade, but this self-imposed limitation leaves you only
one choice: You can back-port all of the changes from 4.4-release, or
4.4-stable, or even better 4.5-beta to your customized 4.2 build.

Even if you did succeed in back-porting all the changes to 4.2, you'd
still be running your own custom FrankenSource monster, and once again,
no one would realistically be able to help you with it.

It's a whole lot easier to just upgrade.

-- 
J.C. Roberts

scrotwm.conf setting custom xterm

[Bryan]

Greetings,

In my .profile I have the following:

PS1=\...@\h \w \$ 
export PS1

On the console, I see:

u...@host pwd $

I was looking at the man page for xterm(1), and I saw that by invoking
xterm -ls, the terminal should read .profile, and set the prompt.
In an xterm, I was able to run xterm -ls and have just this exact
thing happen.

Then I installed scrotwm, and went into /etc/scrotwm.conf and set the
spawn_term to xterm -ls, thinking this would do the same, but it
does not.

What am I doing wrong?  I am using the default shell.  Does scrotwm do
something special to call xterm?

Regards,
Bryan

Re: scrotwm.conf setting custom xterm

[Matt Jibson]

scrotwm uses newlines, spaces, tabs, and '=' as conf file delimiters.
It thus does not recognize quoted strings, but breaks at the first
delimiter it finds. To configure xterm, you need to use the .Xdefaults
file, although that does not look like what you need. scrotwm may not
be able to do what you need directly. How about making a shell script
with xterm -ls as contents and invoking that as your terminal?

On Wed, Mar 4, 2009 at 9:57 PM, Bryan bra...@gmail.com wrote:
 Greetings,

 In my .profile I have the following:

 PS1=\...@\h \w \$ 
 export PS1

 On the console, I see:

 u...@host pwd $

 I was looking at the man page for xterm(1), and I saw that by invoking
 xterm -ls, the terminal should read .profile, and set the prompt.
 In an xterm, I was able to run xterm -ls and have just this exact
 thing happen.

 Then I installed scrotwm, and went into /etc/scrotwm.conf and set the
 spawn_term to xterm -ls, thinking this would do the same, but it
 does not.

 What am I doing wrong?  I am using the default shell.  Does scrotwm do
 something special to call xterm?

 Regards,
 Bryan

Re: disk perfomance issues with Symbios Logic MegaRAID SAS 1064R and mfi driver

[Otto Moerbeek]

On Wed, Mar 04, 2009 at 06:30:47PM -0500, Denis Hainsworth wrote:

 Thanks for your response.  Sorry I left out any details in my intial
 email.   Also wanted to thank you Marco for all the work you've done for
 openbsd.  
 
 
 We are running a fairly basic bonnie++ test like so
 bonnie++ -d /path -s 12000 -m machinename -u 0:0
 
 Here are the full details:
 Version  1.03   --Sequential Output-- --Sequential Input- 
 --Random-
 -Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- 
 --Seeks--
 MachineSize K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP  /sec 
 %CP
 machine1 12000M  6131   3  6470   1  6220   1 72017  51 103703  19 361.3  
  0
 --Sequential Create-- Random 
 Create
 -Create-- --Read--- -Delete-- -Create-- --Read--- 
 -Delete--
   files  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec 
 %CP
  16  1423  93 + +++  8049  27  1434  93  1689  99  4005  
 98
 machine1,12000M,6131,3,6470,1,6220,1,72017,51,103703,19,361.3,0,16,1423,93,
   
 +,+++,8049,27,1434,93,1689,99,4005,98
 
 
 This is on a 388GB partition that is made up out of 4disks in a RAID5
 config.  Here are the mount options we have been using:
 type ffs (local, noatime, softdep) .. we've tried turing off softdep,
 but it did not help.  This filesystem was initialized using 4k inodes.
 Increasing the inode size also did not seem to help.

Ehhm ffs has a fixed inode size. What paramters dud you use for newfs exactly?

-Otto

 
  Due to the fact that we have not gotten the megacli working, we
 have not made any changes to the raid options. I can at least read the
 options sorta using LSI's builtin Megacli in their newer firmware. It
 shows that the cache policy is set to:
 
 WriteThrough, ReadAheadNone, Direct, NoWrite if Bad BBU (I confirmed the
 BBU shows as good)
 Write Policy: WT (writethrough I presume)
 Read Policy : None
  
 We threw openbsd 4.4 on a spare machine we dug up.  This machine is
 phsically identical to the ones we are having issues with.  
 
 We did not see the same write problems .. here is a similar bonnie run,
 against a standard openbsd filesystem mounted as  type ffs (local,
 nodev) this files system was initialized using 8k inodes.
 
 Version  1.03   --Sequential Output-- --Sequential Input- 
 --Random-
-Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks--
 MachineSize K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP  /sec 
 %CP
 machine2 12000M 31174  13 40551   5 10003   1 60582  35 82658   7 381.1 0
--Sequential Create-- Random Create
-Create-- --Read--- -Delete-- -Create-- --Read--- -Delete--
  files  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP
 16   850   1 + +++  1848   1   868   1 + +++   344 0
 machine2,12000M,31174,13,40551,5,10003,1,60582,35,82658,7,381.1,0,16,850,1,+++
  +++,+++,1848,1,868,1,+,+++,344,0
 
 
 Additionally as I stated before our previous version of hardware which is
 nearly identical and running the same openbsd 4.2 setup also performs fine.
 It has the same 4k inode filesystem mounted with (local, noatime, softdep)
 options.
 
 Version  1.03   --Sequential Output-- --Sequential Input- 
 --Random-
 -Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- 
 --Seeks--
 MachineSize K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP  /sec 
 %CP
 machine3 12000M 23656  20 30849  20 10298   5 29102  37 36291  12 225.0   
 1
 --Sequential Create-- Random 
 Create
 -Create-- --Read--- -Delete-- -Create-- --Read--- 
 -Delete--
   files  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec 
 %CP
  16  1206  92 + +++ 16083  45  1070  81  1417  97  2991  
 88
 machine3,12000M,23656,20,30849,20,10298,5,29102,37,36291,12,225.0,1,16,1206,92,+
   
 ,+++,16083,45,1070,81,1417,97,2991,88
 
 
 
 So since machine1 and machine3 are running the same exact software it would 
 seem to indicate a hardware issue.  Yet the same hardware running openbsd
 4.4 also seems ok which tends to indicate some odd interaction between the
 hardware and openbsd 4.2.  
 
 So if anyone has any thoughts they would be appreciated as I have been
 going around in circles on this issue for a while now.  
 
 Lastly Marco mentioned I might have interrupt issues.  How would I check
 for  that?
 
 -denis
 
 Os Tue, Mar 03, 2009 at 10:21:51PM -0600, Marco Peereboom wrote:
  I think I have to conclude that you (or your hardware) are doing it
  wrong.  Either you have interrupt issues or your raid card setup wrong.
  
  I also have no idea how you measured these numbers so 

Re: scrotwm.conf setting custom xterm

[Olivier Mehani]

On Wed, Mar 04, 2009 at 10:28:43PM -0700, Matt Jibson wrote:
  I was looking at the man page for xterm(1), and I saw that by
  invoking xterm -ls, the terminal should read .profile, and set the
  prompt.  In an xterm, I was able to run xterm -ls and have just
  this exact thing happen.  Then I installed scrotwm, and went into
  /etc/scrotwm.conf and set the spawn_term to xterm -ls, thinking
  this would do the same, but it does not.  What am I doing wrong?  I
  am using the default shell.  Does scrotwm do something special to
  call xterm?
 To configure xterm, you need to use the .Xdefaults file, although that
 does not look like what you need.

In case an example can help, I have the following in my .Xdefaults to start
all
xterms as login shells.

xterm*loginShell:   true

Works like a charm.

--
Olivier Mehani sht...@ssji.net
PGP fingerprint: 3720 A1F7 1367 9FA3 C654  6DFB 6845 4071 E346 2FD1

[demime 1.01d removed an attachment of type application/pgp-signature]