Any Hardware Advice for Building an 802.11a AP?

[Max Hayden Chiz]

I'm planning on building an OpenBSD wireless access point.  I am
primarily interested in having 802.11a as there are already close to
30 2.4GHz APs in the vicinity.

I want something small, quiet, and low-power.  There aren't many
people using my network, but I would like something that can handle a
large SCP transfer or stream a video to a laptop without choking.  My
initial plan was to get a Soekris net5501-70 and a PCI ral card.
Because I'm in a high-noise urban area, I want to have the ability to
hook a decent high-gain/directional antenna.  I was specifically
looking at the Linksys WMP600N which Google says uses the rt2870
chipset.

A search of the misc@ archives, however, shows a whole lot of people
having stability issues with ral-based cards.  I couldn't find an
email recommending something better though.  What would list members
suggest I buy for wireless?  Does anyone have any suggestions on where
to buy quality antennas here in the US?

Thanks for any help you can provide.

--MHC

Re: slim and capable hardware for firewalls use

[Steve B]

Casetronic makes a 1U rackmount chassis that will hold two mini-ITX BOARDS.
Take a look at their website -
http://www.casetronic.com/product_d.php?id=16. I believe you can buy
these from either logicsupply.com or mini-box.com. You could put a pair of
boards in there powered by a pair of Pico PSUs

On Mon, Jun 15, 2009 at 1:12 PM, Peter N. M. Hansteen wrote:

> I've been asked to hunt for hardware that meets roughly these specs:
>
> * preferably in a 1u, space for two autonomous machines with as many
>  Ethernet interfaces as will physically fit the form factor
>
> * Gigabit capable
>
> Anything else is really just a bonus, 'works with OpenBSD' is a must,
> onboard graphics, sound etc is totally irellevant, humans will
> interact physically with this only rarely if we do this right. The
> location is in northern Europe, anybody who is not scared of shipping
> there is fine with us.
>
> Any war stories, notes or anecdotes (including don't do this, go for
> $foo instead) welcome.  The amount of misleadingly tagged webshop
> pages stuffed to the brim with inane animated and barely related ads
> sort of got to me at one point.
>
> All the best,
> Peter
>
> --
> Peter N. M. Hansteen, member of the first RFC 1149 implementation team
> http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
> "Remember to set the evil bit on all malicious network traffic"
> delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: slim and capable hardware for firewalls use

[tico]

Stuart Henderson wrote:

On 2009-06-15, tico  wrote:
  
Also, if you want to cram two boxes in 1U and still have a decent number 
of NICs, check out ABMX:

http://www.abmx.com/1u-twin-server



those are supermicro machines. 

Correct. I should have specified that.

they also have short-depth boxes with
front i/o you may be able to mount back-to-back; this has certain
advantages over having 2 machines in a single chassis.
  
I have used quite a few of their short-depth front-IO boxes (some with 4 
built-in gigE NICs) in the past for pretty high traffic loads and been 
quite pleased with them. As for mounting them back-to-back I'm not wild 
about having the machine in the rear sucking in warm air from the hot 
aisle while the unit in the front gets the nice cool air ... though I'm 
sure that it would work just fine, especially if there was only a CF 
"disk" involved instead of a hard drive.


There used to be a company that packaged either 2 or 4 mini ITX boards 
with Via chips in them (and 3 Realtek's on-board each) in a 1U form 
factor that was pretty nice. I was pleased that each unit had its own 
power supply and separate power switch. I seem to recall that it was 
configured with two systems' IO facing forward and two towards the rear.


I think this is what I'm talking about:
http://rackmountmart.stores.yahoo.net/newrm1uracsu.html

-tico

Re: Apache php weird problem

[MANI]

On Tue, Jun 16, 2009 at 7:52 AM, MANI  wrote:

> # apachectl stop
> # tail -f /var/www/logs &
> # apachectl start
> #
>   3  
>   4 Hello PHP!
>   5  
>   6 
>
> # apachectl stop
> # tail -f /var/www/logs &
> # apachectl start
>
>

Sorry mistype I mean:

# apachectl stop
# tail -f /var/www/logs/error_log &
# apachectl start

Apache php weird problem

[MANI]

Hi misc,

#uname -a

OpenBSD agent47.bsd.org 4.5 GENERIC.MP#45 i386

# pkg_add -v php5-core
# pkg_add -v mysql-server-5.0.77
# pkg_add -v php5-mysqli-5.2.8

in /var/www/conf/httpd.conf :  *Include /var/www/conf/modules/*.conf*

in /var/www/conf/modules/php5.conf -> /var/www/conf/modules.sample/php5.conf
:
*LoadModule php5_module /usr/local/lib/php/libphp5.so*
*AddType application/x-httpd-php .php .phtml .php3
AddType application/x-httpd-php-source .phps
DirectoryIndex index.php*

in /var/www/conf/php5 :  mysqli.ini -> /var/www/conf/php5.sample/mysqli.ini
also default php.ini in /var/www/conf exists.


# cd /var/www/conf
# vi index.php

  1
  2  PHP Test Page!
  3  
  4 Hello PHP!
  5  
  6 

# apachectl stop
# tail -f /var/www/logs &
# apachectl start
#
  3  
  4 Hello PHP!
  5  
  6 

# apachectl stop
# tail -f /var/www/logs &
# apachectl start
# [Tue Jun 16 07:42:38 2009] [notice] Initializing etag from
/var/www/logs/etag-state
[Tue Jun 16 07:42:38 2009] [notice] chrooted in /var/www
[Tue Jun 16 07:42:38 2009] [notice] changed to uid 67, gid 67
[Tue Jun 16 07:42:38 2009] [notice] Apache configured -- resuming normal
operations
[Tue Jun 16 07:42:38 2009] [notice] Accept mutex: sysvsem (Default: sysvsem)

browsing to http://127.0.0.1/index.html shows *It Worked!* default page.

browsing to http://127.0.0.1/index.php will shows a blank page, when I view
source in firefox there in no html in source with following log:

[Tue Jun 16 07:45:41 2009] [notice] child pid 12856 exit signal Segmentation
fault (11)

I also tried to LoadModule directly into httpd.conf without using any
Include file but no luck, also started apache in a non-chrooted environment
will not help.
File permission are also ok in htdocs: -r--r--r-- root bin index.php
Any Idea?

Re: Translating dst_port (but not dst_addr) with PF?

[Jason Dixon]

On Mon, Jun 15, 2009 at 04:52:17PM -0700, Matthew Dempsky wrote:
> On Mon, Jun 15, 2009 at 2:52 PM, Jason Dixon wrote:
> > One of our internal customers asked me to setup a bypass rule for some
> > outbound SMTP tests so that they could send to a specific high port
> > (e.g. 60025) and have it redirect to port 25 on the same target.
> 
> You can abuse the bitmask pool flag for this:
> 
> rdr on $intif proto tcp to any port 60025 -> 0.0.0.0/0 port 25 bitmask

Brilliant, thanks!

-- 
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net/

Je sur comptable a la banque BCB je vais virée $12.million sui votre compte

[Kito Waziri]

Invitation : "Je sur comptable a la banque BCB je vais virie $12.million 
sui votre compte".


Par votre htte Kito Waziri:


 Date:  mardi 16 juin 2009

 Heure: 1h 00 - 2h 00 (GMT+00:00)
 Lieu:  Cher Ami Salut, Je suis MR, Kito Waziri comptable a la 
BANQUE COMERCIALE DU BURKINA (BCB), je vais virie $12.million (usd) sui votre 
compte ci ga vous intersse je vous enverrons tous les ditails sur la fagon dont 
on va fait le demache et igalement noter que vous aurez 30% du montant indiqui 
.si vous jtes d'accord pour m'aider ` exicuter cette transaction. reponne moi 
rapidement et s.v.p ces un propossition confidentielle merci

Invitis:

 * tupeuxtjrsre...@hotmail.fr
 * duaux...@hotmail.fr
 * b...@hotmail.fr
 * artefact...@gmail.com
 * artepopu...@hotmail.fr
 * eric.sir...@bellnet.ca
 * ell40are...@yahoo.com
 * paces312...@yahoo.ca
 * isabel.desla...@mail.mcgill.ca
 * l...@yahoo.ca
 * shawna.sain...@usherbrooke.ca
 * s...@videotron.ca
 * misc@openbsd.org
 * ericbern...@yahoo.ca
 * jcen...@videotron.ca
 * iterc...@ugr.es
 * isacrisbarr...@yahoo.ca
 * dominique_tetrea...@yahoo.ca
 * jeanmarin...@yahoo.ca
 * vtroit...@yahoo.ca
 * gen_...@yahoo.ca
 * francois.dalla...@clevislauzon.qc.ca
 * pour_franc...@yahoo.ca
 * bombd2...@yahoo.ca
 * isab...@ppc.ca
 * isabel.lapla...@umontreal.ca
 * cpa_s...@yahoo.ca
 * marysh...@yahoo.ca
 * leahmossb...@yahoo.ca
 * isabel.brod...@mels.gouv.qc.ca
 * rosalie_bru...@yahoo.ca
 * ipache...@hotmail.com
 * isabel.lavicto...@tpsgc-pwgsc.gc.ca
 * fotinipano...@yahoo.ca
 * c_o_s_...@groupesyahoo.ca
 * c_o_s_...@yahoo.ca
 * f...@yahoo.ca
 * fg...@yahoo.ca
 * alimage2...@yahoo.ca
 * isabelle_peyrich...@yahoo.ca
 * yvan...@yahoo.ca
 * beaudoin_sen...@yahoo.ca
 * jfrancoismille...@yahoo.ca
 * isabel.rodrig...@collegeahuntsic.qc.ca
 * isabel.habi...@gmx.de
 * ilse_vandervel...@yahoo.ca
 * ivdvel...@hotmail.com
 * fondation_...@yahoo.ca
 * troupedute...@yahoo.ca
 * villagevoice2...@yahoo.ca
 * centaures_a...@yahoo.ca
 * isabel.frene...@educsa.org
 * rejeanne...@yahoo.ca
 * dgmicros...@yahoo.ca
 * thibaude...@yahoo.ca
 * dost...@videotron.ca
 * maber...@univalle.edu.co
 * deniq...@yahoo.ca
 * isa...@royallaurentien.com
 * gerryraef...@yahoo.ca
 * carro...@nrtco.net
 * manongla...@yahoo.ca
 * zazo...@hotmail.com
 * irenelay...@yahoo.ca
 * juli...@coteau-du-lac.com
 * dominique-m...@yahoo.ca
 * melanie.cu...@gmail.com
 * i...@oniduo.pt
 * jeanpaulsi...@paulkant.com
 * rosa...@yahoo.ca
 * karober...@yahoo.ca
 * isabel.robich...@hotmail.com
 * myale...@yahoo.ca
 * jeanni...@hotmail.com
 * infoentrepreneur...@yahoo.ca
 * giguereisabe...@yahoo.ca
 * veronique.labe...@yahoo.ca
 * rosairedum...@yahoo.ca
 * julie_isa...@globetrotter.net
 * turme...@videotron.ca

invitation_add_to_your_yahoo_calendar:

 
http://fr.calendar.yahoo.com//?v=60&ST=20090616T01%2B&TITLE=Je+sur+comptable+a+la+banque+BCB+je+vais+vir%c3%a9e+$12.million+sui+votre+compte&DUR=0100&VIEW=d&in_loc=Cher+Ami+Salut,+Je+suis+MR,+Kito+Waziri+comptable+a+la+BANQUE+COMERCIALE+DU+BURKINA+(BCB),+je+vais+vir%c3%a9e+$12.million+(usd)+sui+votre+compte+ci+%c3%a7a+vous+intersse+je+vous+enverrons+tous+les+d%c3%a9tails+sur+la+fa%c3%a7on+dont+on+va+fait+le+demache+et+%c3%a9galement+noter+que+vous+aurez+30%25+du+montant+indiqu%c3%a9+.si+vous+%c3%aates+d%27accord+pour+m%27aider+%c3%a0+ex%c3%a9cuter+cette+transaction.+reponne+moi+rapidement+et+s.v.p+ces+un+propossition+confidentielle+merci&TYPE=10


Copyright ) 2009 Tous droits riservis.
 www.yahoo.fr

Donnies personnelles:
 http://privacy.yahoo.com/privacy/us

Conditions d'utilisation:
 http://docs.yahoo.com/info/terms/

Re: slim and capable hardware for firewalls use

[Stuart Henderson]

On 2009-06-15, tico  wrote:
> Also, if you want to cram two boxes in 1U and still have a decent number 
> of NICs, check out ABMX:
> http://www.abmx.com/1u-twin-server

those are supermicro machines. they also have short-depth boxes with
front i/o you may be able to mount back-to-back; this has certain
advantages over having 2 machines in a single chassis.

> Peter, why are you trying to terminate a bunch of GigE ports directly 
> onto PC-based routers instead of using [redundant?] switches+VLANs and 
> trunking a pair of gigE ports back to each router? Do you actually 
> expect to *route* Nx1 gigabits of traffic over your router? Or are you 
> just trying to aggregate a bunch of ports?

there are pros and cons for both ways.

> If space is an issue, and "ugly" is OK, then just dump a mac mini or two 
> on a shelf mounted in reverse in the back of your cabinet behind a 
> switch ... sort of like these guys:
> http://www.fubra.com/blog/2007/10/mac-mini-bgp-routers-part-2.html

ugly isn't the problem, they're inappropriate machines for that sort of
use. good for publicity though (as long as you replace them with something
better once it's attracted enough people...).

Re: "X -configure" command reboots machine

[web1]

Hello,

I ran "pcidump -vv" as instructed and it also rebooted the machine, but it 
produced some output before that (which I have attached), and this output 
stops in the "Chips and Technologies 65550" section, the last few lines of 
the section are missing.


I went back to Xorg and ran it in gdb, and as far as I could tell the 
reboot happens in the "pci_system_openbsd_create" function in the 
libpciaccess library.


I hope this helps to narrow it down.

Thanks a lot again for your help.

  pcidump --v  ==
Domain /dev/pci0:
 0:0:0: Acer Labs M1523 PCI
0x: Vendor ID: 10b9 Product ID: 1521
0x0004: Command: 0006 Status ID: 2400
0x0008: Class: 06 Subclass: 00 Interface: 00 Revision: 1c
0x000c: BIST: 00 Header Type: 00 Latency Timer: 20 Cache Line 
Size: 00

0x0010: BAR empty ()
0x0014: BAR empty ()
0x0018: BAR empty ()
0x001c: BAR empty ()
0x0020: BAR empty ()
0x0024: BAR empty ()
0x0028: Cardbus CIS: 
0x002c: Subsystem Vendor ID: 10b9 Product ID: 1521
0x0030: Expansion ROM Base Address: 
0x0038: 
0x003c: Interrupt Pin: 00 Line: 00 Min Gnt: 00 Max Lat: 00
 0:2:0: Acer Labs M1523 ISA
0x: Vendor ID: 10b9 Product ID: 1523
0x0004: Command: 000f Status ID: 3200
0x0008: Class: 06 Subclass: 01 Interface: 00 Revision: 07
0x000c: BIST: 00 Header Type: 80 Latency Timer: 00 Cache Line 
Size: 00

0x0010: BAR empty ()
0x0014: BAR empty ()
0x0018: BAR empty ()
0x001c: BAR empty ()
0x0020: BAR empty ()
0x0024: BAR empty ()
0x0028: Cardbus CIS: 
0x002c: Subsystem Vendor ID: 10b9 Product ID: 1523
0x0030: Expansion ROM Base Address: 
0x0038: 
0x003c: Interrupt Pin: 00 Line: 00 Min Gnt: 00 Max Lat: 00
 0:2:1: Acer Labs M5219 UDMA IDE
0x: Vendor ID: 10b9 Product ID: 5219
0x0004: Command: 0005 Status ID: 0280
0x0008: Class: 01 Subclass: 01 Interface: fa Revision: 20
0x000c: BIST: 00 Header Type: 80 Latency Timer: 40 Cache Line 
Size: 00

0x0010: BAR empty ()
0x0014: BAR empty ()
0x0018: BAR empty ()
0x001c: BAR empty ()
0x0020: BAR io addr: 0xfcf0
0x0024: BAR empty ()
0x0028: Cardbus CIS: 
0x002c: Subsystem Vendor ID:  Product ID: 
0x0030: Expansion ROM Base Address: 
0x0038: 
0x003c: Interrupt Pin: 01 Line: ff Min Gnt: 02 Max Lat: 04
 0:4:0: TI PCI1130 CardBus
0x: Vendor ID: 104c Product ID: ac12
0x0004: Command: 0007 Status ID: 0200
0x0008: Class: 06 Subclass: 07 Interface: 00 Revision: 04
0x000c: BIST: 00 Header Type: 82 Latency Timer: 40 Cache Line 
Size: 04

0x0010: Cardbus Control Registers Base Address: 0280
0x0018: Primary Bus: 0 Cardbus Bus: 1 Subordinate Bus: 5
Cardbus Latency Timer: 00
0x001c: Memory Base 0: 
0x0020: Memory Limit 0: 
0x0024: Memory Base 1: 
0x0028: Memory Limit 1: 
0x002c: I/O Base 0: 
0x0030: I/O Limit 0: 
0x0034: I/O Base 1: 
0x0038: I/O Limit 1: 
0x003c: Interrupt Pin: 01 Line: ff Bridge Control: 0340
0x0040: Subsystem Vendor ID:  Product ID: 
0x0044: 16-bit Legacy Mode Base Address: 03e1
 0:4:1: TI PCI1130 CardBus
0x: Vendor ID: 104c Product ID: ac12
0x0004: Command: 0007 Status ID: 0200
0x0008: Class: 06 Subclass: 07 Interface: 00 Revision: 04
0x000c: BIST: 00 Header Type: 82 Latency Timer: 40 Cache Line 
Size: 04

0x0010: Cardbus Control Registers Base Address: 02801000
0x0018: Primary Bus: 0 Cardbus Bus: 6 Subordinate Bus: 10
Cardbus Latency Timer: 00
0x001c: Memory Base 0: 
0x0020: Memory Limit 0: 
0x0024: Memory Base 1: 
0x0028: Memory Limit 1: 
0x002c: I/O Base 0: 
0x0030: I/O Limit 0: 
0x0034: I/O Base 1: 
0x0038: I/O Limit 1: 
0x003c: Interrupt Pin: 02 Line: ff Bridge Control: 0340
0x0040: Subsystem Vendor ID:  Product ID: 
0x0044: 16-bit Legacy Mode Base Address: 03e1
 0:6:0: Chips and Technologies 65550
0x: Vendor ID: 102c Product ID: 00e0
0x0004: Command: 0083 Status ID: 0280
0x0008: Class: 03 Subclass: 00 Interface: 00 Revision: 05
0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line 
Size: 00

0x0010: BAR mem 32bit addr: 0xfd00
0x0014: BAR empty ()

Re: Translating dst_port (but not dst_addr) with PF?

[Matthew Dempsky]

On Mon, Jun 15, 2009 at 2:52 PM, Jason Dixon wrote:
> One of our internal customers asked me to setup a bypass rule for some
> outbound SMTP tests so that they could send to a specific high port
> (e.g. 60025) and have it redirect to port 25 on the same target.

You can abuse the bitmask pool flag for this:

rdr on $intif proto tcp to any port 60025 -> 0.0.0.0/0 port 25 bitmask

Re: Commercials for TV?

[Christiano Farina Haesbaert]

And someone is getting payed for writing that...

Re: slim and capable hardware for firewalls use

[tico]

Peter N. M. Hansteen wrote:

I've been asked to hunt for hardware that meets roughly these specs:

* preferably in a 1u, space for two autonomous machines with as many
  Ethernet interfaces as will physically fit the form factor

* Gigabit capable 
  
Here's a 1U with 4x gigE + 4x FE. I haven't tried this model, though 
I've had great experiences with Nexcom's other offerings, particularly 
their no-moving-parts "NICE" series.


There's a bunch of other similar systems listed here:
http://code.google.com/p/bsd-appliance/w/list

Also, if you want to cram two boxes in 1U and still have a decent number 
of NICs, check out ABMX:

http://www.abmx.com/1u-twin-server

Each node has 2xGigE onboard, plus a PCI slot, which you can add a 
4xGigE card into for a total of 12GigE ports in 1U.
I can also vouch for ABMX as a company-- they're good guys, I've done a 
decent bit of business with them, (actually I just ordered more 
equipment this morning,) and I've never regretted ordering from them. 
Oftentimes they'll test install openbsd on a server for me if I ask nicely.

Anything else is really just a bonus, 'works with OpenBSD' is a must,
onboard graphics, sound etc is totally irellevant, humans will
interact physically with this only rarely if we do this right. The
location is in northern Europe, anybody who is not scared of shipping
there is fine with us.
  
Any war stories, notes or anecdotes (including don't do this, go for

$foo instead) welcome.  The amount of misleadingly tagged webshop
pages stuffed to the brim with inane animated and barely related ads
sort of got to me at one point.
  
Peter, why are you trying to terminate a bunch of GigE ports directly 
onto PC-based routers instead of using [redundant?] switches+VLANs and 
trunking a pair of gigE ports back to each router? Do you actually 
expect to *route* Nx1 gigabits of traffic over your router? Or are you 
just trying to aggregate a bunch of ports?


If space is an issue, and "ugly" is OK, then just dump a mac mini or two 
on a shelf mounted in reverse in the back of your cabinet behind a 
switch ... sort of like these guys:

http://www.fubra.com/blog/2007/10/mac-mini-bgp-routers-part-2.html

Cheers,
Tico

Re: Commercials for TV?

[ropers]

2009/6/15 Fernando Quintero :
> http://www.bbspot.com/News/2009/06/openbsd.html?from=rss
>
> wtf?

http://en.wikipedia.org/wiki/BBspot

But seriously, that was surprisingly well written. BBspot's ideas
intrigue me and I would like to subscribe to their newsletter.  :)

regards,
--ropers

Re: slim and capable hardware for firewalls use

[Peter van Oord van der Vlies]

The HP DL360 works very well. We are running more then 40 of those systems 
for more then 5 years now.
I have tried some DL320 but they are not that fast as the 360's and i 
don't like ATA/SATA .


On Mon, 15 Jun 2009, Peter N. M. Hansteen wrote:


I've been asked to hunt for hardware that meets roughly these specs:

* preferably in a 1u, space for two autonomous machines with as many
 Ethernet interfaces as will physically fit the form factor

* Gigabit capable

Anything else is really just a bonus, 'works with OpenBSD' is a must,
onboard graphics, sound etc is totally irellevant, humans will
interact physically with this only rarely if we do this right. The
location is in northern Europe, anybody who is not scared of shipping
there is fine with us.

Any war stories, notes or anecdotes (including don't do this, go for
$foo instead) welcome.  The amount of misleadingly tagged webshop
pages stuffed to the brim with inane animated and barely related ads
sort of got to me at one point.

All the best,
Peter

--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Translating dst_port (but not dst_addr) with PF?

[Jason Dixon]

One of our internal customers asked me to setup a bypass rule for some
outbound SMTP tests so that they could send to a specific high port
(e.g. 60025) and have it redirect to port 25 on the same target.  I feel
like I'm overlooking something obvious, but I don't see any way to do
this with nat or rdr.  This feels like some sort of hybrid nat/rdr
function.  Example connection:

10.0.0.20:1025 -> 1.2.3.4:60025
   becomes...
10.0.0.20:1025 -> :2048 -> 1.2.3.4:25

This customer does a lot of messaging tests, so it's important for them
to be able to send from any of their test systems to a variety of
external vendor systems to test compliance.  Using a designated "bypass
port" will make it easy on them to test with any of their systems.  If 
there's no way to do this with PF we'll just have to set aside a pool 
of addresses to bypass the existing SMTP filters instead.

Thanks,

-- 
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net/

Re: slim and capable hardware for firewalls use

[Dag Richards]

HP DL360G5 we have 5 of these that we use with 4 port bge cards
as vpn servers and firewall.

Running or have run 4.3 4.4 4.5

HW Raid controller
I like the lights out management  cards on  the older ones ( G3 ) better 
as they just give you a screen scrape console.  The G5 does something 
different I have not yet really looked in to  well enough to get a 
console running on.


SunFire x2100 - Meh, less expensive not as ready for prime time, no RAID
no management card that runs for us.

Peter N. M. Hansteen wrote:

I've been asked to hunt for hardware that meets roughly these specs:

* preferably in a 1u, space for two autonomous machines with as many
  Ethernet interfaces as will physically fit the form factor

* Gigabit capable 


Anything else is really just a bonus, 'works with OpenBSD' is a must,
onboard graphics, sound etc is totally irellevant, humans will
interact physically with this only rarely if we do this right. The
location is in northern Europe, anybody who is not scared of shipping
there is fine with us.

Any war stories, notes or anecdotes (including don't do this, go for
$foo instead) welcome.  The amount of misleadingly tagged webshop
pages stuffed to the brim with inane animated and barely related ads
sort of got to me at one point.

All the best,
Peter

slim and capable hardware for firewalls use

[Peter N. M. Hansteen]

I've been asked to hunt for hardware that meets roughly these specs:

* preferably in a 1u, space for two autonomous machines with as many
  Ethernet interfaces as will physically fit the form factor

* Gigabit capable 

Anything else is really just a bonus, 'works with OpenBSD' is a must,
onboard graphics, sound etc is totally irellevant, humans will
interact physically with this only rarely if we do this right. The
location is in northern Europe, anybody who is not scared of shipping
there is fine with us.

Any war stories, notes or anecdotes (including don't do this, go for
$foo instead) welcome.  The amount of misleadingly tagged webshop
pages stuffed to the brim with inane animated and barely related ads
sort of got to me at one point.

All the best,
Peter

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: cwm - unmaximizing a widnow moves it back, too

[Thomas Pfaff]

On Mon, 15 Jun 2009 07:19:48 -0400
Okan Demirmen  wrote:
>
> The behavior of course can be changed, but I'm unlikely to want a knob
> for such a thing, so there would have to be a consensus.
> 

While I'm at it; I don't like the default behaviour where a window gain
input focus just by hovering the mouse cursor over it.  I was thinking
of adding something like `mousefocuswindow ||' ...

My personal preference would be `mousebind mousefocuswindow click' but
I would also like to make it the top window, so maybe something like
`mousetopwindow ||' again?

I've just started playing with this, though.  Does anyone else have any
thoughts or comments on this?

(Yes, this would mean more knobs, but still ...)

Re: Commercials for TV?

[Giancarlo Razzolini]

Fernando Quintero escreveu:

http://www.bbspot.com/News/2009/06/openbsd.html?from=rss

wtf?

  

http://www.bbspot.com/Legal/about.html

--
Giancarlo Razzolini
http://lock.razzolini.adm.br
Linux User 172199
Red Hat Certified Engineer no:804006389722501
Verify:https://www.redhat.com/certification/rhce/current/
Moleque Sem Conteudo Numero #002
OpenBSD 4.5
Ubuntu 9.04 Jaunty Jackalope
4386 2A6F FFD4 4D5F 5842  6EA0 7ABE BBAB 9C0E 6B85

Re: Commercials for TV?

[neal hogan]

On Mon, Jun 15, 2009 at 12:01:36PM -0700, Aaron Stellman wrote:
> On Mon, Jun 15, 2009 at 01:54:09PM -0500, Fernando Quintero wrote:
> > http://www.bbspot.com/News/2009/06/openbsd.html?from=rss
> > 
> > wtf?
> 
> epic fail of geeky humour
>

indeed 

Re: Commercials for TV?

[STeve Andre']

On Monday 15 June 2009 14:54:09 Fernando Quintero wrote:
> http://www.bbspot.com/News/2009/06/openbsd.html?from=rss
>
> wtf?

>From their about section:

  Called "the world's greatest tech humour site" by The Register, BBspot
creates entertainment for the geekier side of the world. BBspot produces a
variety of features like fake news stories satirizing the tech and political
worlds, the BBspot Mailbag which pokes fun at the Believers (people who
believe our fake news) and much more. BBspot was started by Brian Briggs in
April of 2000 as a hobby to bring some fun to the web, but grew to the point
where Brian "quit his day job" and made the site his full-time occupation in
January of 2003.


So perhaps they're trying to be the Onion of the tech world?

--STeve Andre'

Re: Commercials for TV?

[Aaron Stellman]

On Mon, Jun 15, 2009 at 01:54:09PM -0500, Fernando Quintero wrote:
> http://www.bbspot.com/News/2009/06/openbsd.html?from=rss
> 
> wtf?

epic fail of geeky humour

Commercials for TV?

[Fernando Quintero]

http://www.bbspot.com/News/2009/06/openbsd.html?from=rss

wtf?

-- 
--

Fernando Quintero
http://nonroot.blogspot.com/
*Just a nonroot User*

Re: screen, ksh with .profile loaded

[Jennifer Ma]

thanks all of you!

dudes using openbsd are really cool!~

On Tue, Jun 16, 2009 at 2:13 AM, patrick keshishian
wrote:
> On Mon, Jun 15, 2009 at 10:43 AM, Philip Guenther
wrote:
>> On Mon, Jun 15, 2009 at 7:57 AM, Paul de Weerd wrote:
>>> On Mon, Jun 15, 2009 at 10:51:16PM +0800, Jennifer Ma wrote:
>>> | my question is how to use screen(from package) to load ksh with
>>> | $HOME/.profile loaded(like a full login shell), so my alias can work
>>> | again.
>> ...
>>> However, in your .profile export ENV=~/.kshrc and then put all your
>>> aliases and shell options in your ~/.kshrc.
>>
>> To expand on that just a bit...
>>
>> In general, only three types of settings belong in your .profile:
>> 1) stuff that's inherited by child processes: umask, environment
>> variables, ulimits, traps
>> 2) stuff that's session-wide: terminal settings (stty, tset, etc),
>> mesg y/n, biff y/n
>> 3) stuff that you only want run once, just because: fortune
>>
>>
>> Everything else has to be set anew in each shell process, so it
>> belongs in your $ENV file.
>> That includes, but is not limited to:
>> - functions
>> - shell options
>> - aliases
>> - key bindings
>>
>>
>>> That way, all shells get your aliases/shellopts, not just in screen.
>>
>> For example, if you start a shell from inside 'vi' using the ':shell'
>> command, or use the '!'  command to filter lines, you'll only be able
>> to use aliases/functions/etc in that shell if you use the $ENV file.
>>
>>
>> Philip Guenther
>
>
> Great info Philip and Paul. I learned something today :)
> Cheers!
> --patrick

Re: screen, ksh with .profile loaded

[patrick keshishian]

On Mon, Jun 15, 2009 at 10:43 AM, Philip Guenther wrote:
> On Mon, Jun 15, 2009 at 7:57 AM, Paul de Weerd wrote:
>> On Mon, Jun 15, 2009 at 10:51:16PM +0800, Jennifer Ma wrote:
>> | my question is how to use screen(from package) to load ksh with
>> | $HOME/.profile loaded(like a full login shell), so my alias can work
>> | again.
> ...
>> However, in your .profile export ENV=~/.kshrc and then put all your
>> aliases and shell options in your ~/.kshrc.
>
> To expand on that just a bit...
>
> In general, only three types of settings belong in your .profile:
> 1) stuff that's inherited by child processes: umask, environment
> variables, ulimits, traps
> 2) stuff that's session-wide: terminal settings (stty, tset, etc),
> mesg y/n, biff y/n
> 3) stuff that you only want run once, just because: fortune
>
>
> Everything else has to be set anew in each shell process, so it
> belongs in your $ENV file.
> That includes, but is not limited to:
> - functions
> - shell options
> - aliases
> - key bindings
>
>
>> That way, all shells get your aliases/shellopts, not just in screen.
>
> For example, if you start a shell from inside 'vi' using the ':shell'
> command, or use the '!' B command to filter lines, you'll only be able
> to use aliases/functions/etc in that shell if you use the $ENV file.
>
>
> Philip Guenther


Great info Philip and Paul. I learned something today :)
Cheers!
--patrick

Re: screen, ksh with .profile loaded

[Philip Guenther]

On Mon, Jun 15, 2009 at 7:57 AM, Paul de Weerd wrote:
> On Mon, Jun 15, 2009 at 10:51:16PM +0800, Jennifer Ma wrote:
> | my question is how to use screen(from package) to load ksh with
> | $HOME/.profile loaded(like a full login shell), so my alias can work
> | again.
...
> However, in your .profile export ENV=~/.kshrc and then put all your
> aliases and shell options in your ~/.kshrc.

To expand on that just a bit...

In general, only three types of settings belong in your .profile:
1) stuff that's inherited by child processes: umask, environment
variables, ulimits, traps
2) stuff that's session-wide: terminal settings (stty, tset, etc),
mesg y/n, biff y/n
3) stuff that you only want run once, just because: fortune


Everything else has to be set anew in each shell process, so it
belongs in your $ENV file.
That includes, but is not limited to:
- functions
- shell options
- aliases
- key bindings


> That way, all shells get your aliases/shellopts, not just in screen.

For example, if you start a shell from inside 'vi' using the ':shell'
command, or use the '!'  command to filter lines, you'll only be able
to use aliases/functions/etc in that shell if you use the $ENV file.


Philip Guenther

Re: screen, ksh with .profile loaded

[Alexander Hall]

Jennifer Ma wrote:
> hi all,
> 
> i am new to openbsd and screen and ksh ...
> 
> my question is how to use screen(from package) to load ksh with
> $HOME/.profile loaded(like a full login shell), so my alias can work
> again.
> 
> i've already tried
> # screen -s /bin/ksh
> no luck.
> 
> please help, many thanks.

If you are not already a screen user I'd recommend using tmux instead
(which is in ports, and per -current in the base system).

$ cat ~/.tmux.conf

set-option -g default-command "cd; exec $SHELL -l"

/Alexander

Re: screen, ksh with .profile loaded

[William Boshuck]

On Mon, Jun 15, 2009 at 10:51:16PM +0800, Jennifer Ma wrote:
> hi all,
> 
> i am new to openbsd and screen and ksh ...
> 
> my question is how to use screen(from package) to load ksh with
> $HOME/.profile loaded(like a full login shell), so my alias can work
> again.

You can use 'ksh -l' or -/bin/ksh (and if you want
this by default when you run screen, put the line

shell -/bin/ksh

in $HOME/.screenrc).

If you want your personalizations available more
generally, then you may want to put them in, e.g.,
$HOME/.kshrc and then put the line

export ENV=$HOME/.kshrc

in $HOME/.profile.

But if you are really new to screen and you plan on
giving OpenBSD a go, you might want to get familiar
with tmux (http://tmux.sourceforge.net/) instead of
screen.  It's available as a package and it is in
base in snapshots now, so it looks like it will be
in base in the next release.

cheers,
-wb

Ljubav na poslu

[Top Shop]

Top Shop

Top e-revija: 37 l 15. jun 2009.

Najbolja praktiD
na reE!enja i saveti za bolji E>ivot

PoD
etna l Budi fit l Lepota l Zdrav E>ivot l Kuhinja i domaDinstvo

Zabava i deca lKnjige

Top Shop

HIT TV proizvodi!

Ab Rocket

Ab Rocket

Twezze

Tweeze

leg magic

Leg Magic

Dry Cooker

Dry Cooker

turbo maximus

Turbo Maximus

Zavodite na poslu? Budite oprezni!

NajveDi izum posle toD
ka - dva toD
ka

Zvezda koja ne gasne: Starka je roDena

ZaE!titite kosu od sunca i soli: maske iz kuhinje

Ne moE>ete da skinete pogled sa  simpatiD
nog saradnika za stolom na
svega par metara od vas?

Jeste li se ikada zapitali koje je najveDe i najkorisnije otkriDe
D
oveD
anstva posle pronalaska toD
ka?

Da li znate koja obuDa veD 73 godine izgleda potpuno isto, napravljena
je od platna i gume i uvek je u modi?

Vrelo letnje sunce, slana morska voda i hlor u bazenima nisu
najprijatniji za vaE!u kosu...

Zavodite na poslu

Zavodite na poslu? Budite oprezni!

Ne moE>ete da skinete pogled sa viE!e nego simpatiD
nog kolege/atraktivne
koleginice za stolom na svega par metara od vas? DobrodoE!li u ponekad
lep, a najD
eE!De pomalo komplikovan svet ljubavi na radnom mestu. [viE!e...]

Top Shop rasprodaja!

Rasprodaja

Popusti
joE!
vaE>e!

Rasprodaja

Neki proizvodi su rasprodati,
ali neke joE! moE>ete kupiti po  ekstra ceni!

Kako da to uD
inite?
PoE>urite! Kliknite ovde.

Proverite i ponudu fitnesa i saznajte
kako da se oslobodite celulita i dobijete POKLON!

Bicikl

NajveDi izum posle toD
ka - dva toD
ka

Jeste li se ikada zapitali koje je najveDe i najkorisnije otkriDe
D
oveD
anstva posle pronalaska toD
ka? Verovatno bi mnogi nabrojali
automobil, mobilni telefon, moE>da TV i niz drugih stvari koje nam
svakodnevnicu D
ine lakE!om, zabavnijom, jednostavnijomb& A E!ta kaE>ete
na bicikl? [viE!e...]

Budi fit predstavlja - NOVO!

Mini Exerciser - Mini trenaE>er za noge

Indoor Exercise Bike

Multi-Functional Bench - viE!enamenski benD


Mini Exerciser
Cena: 4.290 RSD

Indoor Exercise Bike
Cena: 12.990 RSD

ViE!enamenski benD

Cena: 7.490 RSD

Mali trenaE>er za noge i ruke. MoE>ete podeE!avati otpor u skladu sa
fiziD
kom formom.

Sobni bicikl na kojem moE>ete podesiti ruD
ke i sediE!te. Idealna sprava
za kardio veE>be.

MoguDnost viE!e razliD
itih veE>bi za gornji i donji deo tela uz
opuE!tajuDu masaE>u leDa.

[ViE!e l PoruD
i odmah]

[ViE!e l PoruD
i odmah]

[ViE!e l PoruD
i odmah]

Starka je roDena

Zvezda koja ne gasne: Starka je roDena

Da li znate koja obuDa veD 73 godine izgleda potpuno isto, napravljena
od platna i gume i uvek je u modi? Retke zvezde koje su oliD
enje, bunta,
rok en rol i grandE> stila? Najprodavanije patike svih vremena u Americi?
Sa ponosom predstavljamo - Starke. [viE!e...]

Za nju, za njega, za njih...

FlavorWave Turbo Oven - turbo rerna

Samurai Shark - oE!traD
 noE>eva

Massage cushion - jastuk za masaE>u

FlavorWave
Cena: 11.490 RSD

Samurai Shark
Cena: 2.490 RSD

Massage Cushion
Cena: 2.990 RSD

Zdravi obroci uz minimalno masnoDe, pomoDu vrelog vazduha koji
cirkuliE!e u posudi.

Jednostavno oE!tri sve tipove oE!trica i seD
iva, D
ak i zupD
aste
noE>eve. Mali i praktiD
an.

Massage Cushion, uz pomoD 5 ugraDenih motora, masira D
itava leDa i
butine.

[ViE!e l PoruD
i odmah]

[ViE!e l PoruD
i odmah]

[ViE!e l PoruD
i odmah]

ZaE!titite kosu

ZaE!titite kosu od sunca i soli

Vrelo letnje sunce, slana morska voda i hlor u bazenima nisu
najprijatniji za VaE!u kosu. Kako se sa letnjih odmora i izleta ne biste
vratili sa suvom i beE>ivotnom kosom, koja podseDa na slamu, za vas smo
potraE>ili nekoliko jednostavnih saveta za prirodnu negu kose. [viE!e...]

ProleDne ponude - opuE!teno i zaljubljeno

Tweeze - pinceta na baterije

Celluless - anticelulit masaE>er

2xSweet Dream pillow - anatomski jastuci

Tweeze
Cena: 2.490 RSD

Celluless
Cena: 3.990 RSD

2 x Sweet Dream Pillow
Cena: 2.590 RSD

Pinceta za nausnice, obraze, dlaD
ice na prstima ruku i nogu, na
preponama. KoE>u ostavlja mekom i neE>nom.

Terapija vakuumskom masaE>om je dokazano jedan od najefikasnijih tretmana
protiv celulita - proverite!

Anatomski jastuci od memorijske pene koja se prilagoDava obliku glave,
sada po sniE>enoj ceni.

[ViE!e l PoruD
i odmah]

[ViE!e l PoruD
i odmah]

[ViE!e l PoruD
i odmah]

Ovu elektronsku poE!tu primate, ukoliko ste svojevoljno ostavili svoju
e-mail adresu na nekom od sajtova Top Shop-a, uD
estvovali u naE!oj
poklon igri ili nagradnom kvizu ili se prijavili za e-D
asopis Top Shop-a
ili nekog od nasih brendova.

Ponude date u ovom e-mailu vaE>e iskljuD
ivo za porudE>bine upuDene
putem Interneta ili broja telefona 021 489 26 60.

Ukoliko ne E>elite viE!e da primate naE!e elektronske poruke, za
odjavljivanje sa naE!e e-mailing liste, kliknite ovde.

Studio Moderna d.o.o., Bulevar vojvode Stepe 30, 21000 Novi Sad, Tel: 021
489 26 60, Fax: 021 489 29 08,
E-mail: i...@news.e-topshop.tv

[IMAGE]If you would no longer like to receive our emails please
unsubscribe by clicking here.

Re: CPU power control and 'unknown Enhanced SpeedStep CPU'

[Ted Unangst]

On Mon, Jun 15, 2009 at 10:29 AM, Jan Stary wrote:
> What is the best way to learn about the power/frequency/thermal
> control options of my CPU from bsd's point of view (besides
> dmesg and sysctl)? For example, what are the P-states and C-states
> my CPU can enter, and which of those does bsd support?

you can adjust hw.setperf from 0 to 100.

given the current level of acpi support, the only state your cpu can
enter is "on".

> What exactly is the relation of apm, acpi, and hw.setperf?

apm is what laptops used to go to sleep 10 years ago.  acpi is what
laptops today use to annoy kernel developers.  hw.setperf is a uniform
userland interface to what may be one of many backend drivers.

> So, neither apm nor acpi (acpicpu) is needed to use hw.setperf?

no.

> Also, the Enhanced SpeedStep support on my CPU reduces to
>
>cpu0: unknown Enhanced SpeedStep CPU, msr 0x061a082006000820
>cpu0: using only highest and lowest power states
>cpu0: Enhanced SpeedStep 2667 MHz (1212 mV): speeds: 2667, 2000 MHz
>
> - is there something I can do about it? Is there a point in running
> current (as opposed to 4.5-stable) with regard to this?

current has different acpi code.  maybe that works.  what difference
acpicpu makes over est.c is probably none.

on most machines now, setperf works by poking registers in the cpu
telling it to speed up or slow down.  est knows about two settings,
fast and slow.  acpi may have information about some other settings in
the middle which are unlikely to be of use unless your cpu is
frequently exactly 40% busy.

Re: screen, ksh with .profile loaded

[Paul de Weerd]

On Mon, Jun 15, 2009 at 10:51:16PM +0800, Jennifer Ma wrote:
| hi all,
| 
| i am new to openbsd and screen and ksh ...
| 
| my question is how to use screen(from package) to load ksh with
| $HOME/.profile loaded(like a full login shell), so my alias can work
| again.
| 
| i've already tried
| # screen -s /bin/ksh
| no luck.
| 
| please help, many thanks.

Let screen start ksh -l.

However, in your .profile export ENV=~/.kshrc and then put all your
aliases and shell options in your ~/.kshrc. That way, all shells get
your aliases/shellopts, not just in screen.

Cheers,

Paul 'WEiRD' de Weerd

-- 
>[<++>-]<+++.>+++[<-->-]<.>+++[<+
+++>-]<.>++[<>-]<+.--.[-]
 http://www.weirdnet.nl/ 

screen, ksh with .profile loaded

[Jennifer Ma]

hi all,

i am new to openbsd and screen and ksh ...

my question is how to use screen(from package) to load ksh with
$HOME/.profile loaded(like a full login shell), so my alias can work
again.

i've already tried
# screen -s /bin/ksh
no luck.

please help, many thanks.

obsd 4.5 sendmail problem SOLVED

[Tuttle, Matthew D.]

OK.  Problem solved.

The problem was caused by the multitude of hostnames associated with the
external IP addresses serviced by this firewall.  One of the names was
the mail server's name, so sendmail thought it was the mail server.  I
decided to add dummy entries into the /etc/hosts file, so that upgrades
would be less complicated.

(Un)fortunately now I know more about sendmail than I ever wanted to,
but not enough to truly be competent.  (Does anyone outside of a mental
institution understand the gobbled-goop in a .cf file?!?)  It really is
too bad that the other secure mailers have incompatible licenses.
*SIGH*

CPU power control and 'unknown Enhanced SpeedStep CPU'

[Jan Stary]

Running on 4.5 (dmesg below), I want to reduce the power
consumption of my machine; some questions arise (for me anyway):

What is the best way to learn about the power/frequency/thermal
control options of my CPU from bsd's point of view (besides
dmesg and sysctl)? For example, what are the P-states and C-states
my CPU can enter, and which of those does bsd support?

What exactly is the relation of apm, acpi, and hw.setperf?
In my 4.5-stable kernel, I have apm enabled (but nothing
appears in dmesg about apm), acpi disabled (with acpi, I can't
even boot), and dmesg mentions my cpu0 as Enhanced SpeedStep CPU.
So, neither apm nor acpi (acpicpu) is needed to use hw.setperf?
(I can set hw.setperf manually.)

Also, the Enhanced SpeedStep support on my CPU reduces to

cpu0: unknown Enhanced SpeedStep CPU, msr 0x061a082006000820
cpu0: using only highest and lowest power states
cpu0: Enhanced SpeedStep 2667 MHz (1212 mV): speeds: 2667, 2000 MHz

- is there something I can do about it? Is there a point in running
current (as opposed to 4.5-stable) with regard to this?

Thanks

Jan

# dmesg
OpenBSD 4.5-stable (GENERIC.MP) #2: Wed Jun 10 15:17:51 CEST 2009
r...@stary.dhcp.fjfi.cvut.cz:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Core(TM)2 Duo CPU E8200 @ 2.66GHz ("GenuineIntel" 686-class) 
2.67 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,CX16,xTPR
real mem  = 2145873920 (2046MB)
avail mem = 2066673664 (1970MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 11/16/07, BIOS32 rev. 0 @ 0xfb3f0, SMBIOS 
rev. 2.4 @ 0xf0100 (40 entries)
bios0: vendor Award Software International, Inc. version "F10" date 11/16/2007
bios0: Gigabyte Technology Co., Ltd. P35-DS3
acpi at bios0 function 0x0 not configured
mpbios0 at bios0: Intel MP Specification 1.4
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 333MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 Duo CPU E8200 @ 2.66GHz ("GenuineIntel" 686-class) 
2.67 GHz
cpu1: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,CX16,xTPR
mpbios0: bus 0 is type PCI   
mpbios0: bus 1 is type PCI   
mpbios0: bus 2 is type PCI   
mpbios0: bus 3 is type PCI   
mpbios0: bus 4 is type PCI   
mpbios0: bus 5 is type PCI   
mpbios0: bus 6 is type ISA   
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 4
pcibios0 at bios0: rev 3.0 @ 0xf/0xdb94
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfda70/288 (16 entries)
pcibios0: PCI Exclusive IRQs: 3 5 6 9 10 11
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801GH LPC" rev 0x00)
pcibios0: PCI bus #5 is the last bus
bios0: ROM list: 0xc/0xce00
cpu0: unknown Enhanced SpeedStep CPU, msr 0x061a082006000820
cpu0: using only highest and lowest power states
cpu0: Enhanced SpeedStep 2667 MHz (1212 mV): speeds: 2667, 2000 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82G33 Host" rev 0x02
ppb0 at pci0 dev 1 function 0 "Intel 82G33 PCIE" rev 0x02: apic 4 int 16 (irq 
10)
pci_intr_map: bus 0 dev 1 func 0 pin 2; line 3
pci_intr_map: no MP mapping found
pci_intr_map: bus 0 dev 1 func 0 pin 3; line 9
pci_intr_map: no MP mapping found
pci_intr_map: bus 0 dev 1 func 0 pin 4; line 11
pci_intr_map: no MP mapping found
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "NVIDIA GeForce 8600 GT" rev 0xa1
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
uhci0 at pci0 dev 26 function 0 "Intel 82801I USB" rev 0x02: apic 4 int 16 (irq 
10)
uhci1 at pci0 dev 26 function 1 "Intel 82801I USB" rev 0x02: apic 4 int 21 (irq 
6)
uhci2 at pci0 dev 26 function 2 "Intel 82801I USB" rev 0x02: apic 4 int 18 (irq 
9)
ehci0 at pci0 dev 26 function 7 "Intel 82801I USB" rev 0x02: apic 4 int 18 (irq 
9)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 82801I HD Audio" rev 0x02: apic 4 int 
22 (irq 5)
azalia0: codecs: Realtek ALC885
audio0 at azalia0
ppb1 at pci0 dev 28 function 0 "Intel 82801I PCIE" rev 0x02: apic 4 int 16 (irq 
10)
pci_intr_map: bus 0 dev 28 func 0 pin 2; line 3
pci_intr_map: no MP mapping found
pci_intr_map: bus 0 dev 28 func 0 pin 3; line 9
pci_intr_map: no MP mapping found
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 3 "Intel 82801I PCIE" rev 0x02: apic 4 int 19 (irq 
11)
pci_intr_map: bus 0 dev 28 func 3 pin 2; line 3
pci_intr_map: no MP mapping found
pci_intr_map: bus 0 dev 28 func 3 pin 3; line 9
pci_intr_map: no MP mapping found
pci3 at ppb2 bus 3
jmb0 at pci3 dev 0 function 0 "JMicron JMB363 IDE/SATA" rev 0x02
ahci0 at jmb0: apic 4 int 19 (irq 11), AHCI 1.0
scsibus0 at ahci0: 32 targets
pciide0 at jmb0: DMA, channel 0 wired to nati

Re: Recovering a RAID0 volume on faulty controller

[Manuel Ravasio]

Hello list.

During the weekend I tried the simplest of experiments, removing the disks from 
the supposedly-failing controller and attaching them to the mobo builtin IDE 
controller, without paying much attention to which was the "lowest" and which 
the "higher".
I fired OpenBSD up and it booted correctly, recognizing both disks and mounting 
the RAID0 volume without any complain.

Needless to wasy, the onboard stuff has been copied away and the disks have 
already been reused in separate USB cases.

Once more, OpenBSD rocks!
Thank you all for the great job done and all the effort you put in creating and 
maintaining such a smoothly running operating system.

Manuel Ravasio


 --
Hana wa sakuragi, hito wa bushi

Re: Multipath routing and ftp-proxy

[Karl O. Pinc]

On 06/15/2009 06:58:33 AM, Claudio Jeker wrote:

On Sun, Jun 14, 2009 at 11:28:31PM -0500, Karl O. Pinc wrote:
> Hi,
>
> It occurs to me that multipath routing
> (http://www.openbsd.org/faq/faq6.html#Multipath)
> might not play nicely with ftp-proxy on a firewall
> because passive ftp sessions could multiplex the
> data and control connections via different ISPs.
> My assumption here is that if you're using
> multipath routing and 2 ISPs then your NATting,
> so the ftp server on the Internet would see
> the control connection from one ISP and the
> data connection from another, leading to failure.
>
> Is this a correct analysis or am I missing something?
>

This could only happen if you created such a freak setup that only a
few
people manage to setup. The multipath code uses a hash over src and
destination IP to decide wich link it will take. So it should be
almost impossible to get a mixup of ftp session to the same host.


Thanks.  I was confused about 2 things:  The RFC referenced in the
multipath FAQ refesr only to flows, and it was not clear whether
the hash that determined path was only over source
and  destination IP or also included the source
and destination port.  2nd I somehow missed the NAT-ting of the
passive data connection to the ftp-proxy source address (doh).
You cleared these up for me.

Karl 
Free Software:  "You don't pay back, you pay forward."
 -- Robert A. Heinlein

Re: Multipath routing and ftp-proxy

[Claudio Jeker]

On Sun, Jun 14, 2009 at 11:28:31PM -0500, Karl O. Pinc wrote:
> Hi,
>
> It occurs to me that multipath routing
> (http://www.openbsd.org/faq/faq6.html#Multipath)
> might not play nicely with ftp-proxy on a firewall
> because passive ftp sessions could multiplex the
> data and control connections via different ISPs.
> My assumption here is that if you're using
> multipath routing and 2 ISPs then your NATting,
> so the ftp server on the Internet would see
> the control connection from one ISP and the
> data connection from another, leading to failure.
>
> Is this a correct analysis or am I missing something?
>

This could only happen if you created such a freak setup that only a few
people manage to setup. The multipath code uses a hash over src and
destination IP to decide wich link it will take. So it should be
almost impossible to get a mixup of ftp session to the same host.

-- 
:wq Claudio

Re: cwm - unmaximizing a widnow moves it back, too

[Thomas Pfaff]

On Mon, 15 Jun 2009 07:19:48 -0400
Okan Demirmen  wrote:
>
> Yes - this is intentional; for both the max (fullscreen) and vertmax
> cases; the position and dimensions get reset to pre-maximization values.
> 
> The behavior of course can be changed, but I'm unlikely to want a knob
> for such a thing, so there would have to be a consensus.
> 
> Cheers,
> Okan
> 

I'd like this change.

Also, if I vertically maximize a window and then later make
it fullscreen, when I go back from fullscreen it is no longer
vertically maximized.  I find this a bit annoying.

Thomas

Re: cwm - unmaximizing a widnow moves it back, too

[Okan Demirmen]

On Mon 2009.06.15 at 11:46 +0200, Jan Stary wrote:
> This is 4.5-stable.
> 
> In cwm, I use the C-M-f feature to toggle the 
> full-screen size of a window (mostly xterms). That works. However,
> if I maximize a window with C-M-f, then move it somewhere else
> (maximized), and then later unmaximize it again with C-M-f, the window
> not only resizes to its former size, but also moves back to its
> former location.
> 
> Is this intentional?

Hi Jan,

Yes - this is intentional; for both the max (fullscreen) and vertmax
cases; the position and dimensions get reset to pre-maximization values.

The behavior of course can be changed, but I'm unlikely to want a knob
for such a thing, so there would have to be a consensus.

Cheers,
Okan

cwm - unmaximizing a widnow moves it back, too

[Jan Stary]

This is 4.5-stable.

In cwm, I use the C-M-f feature to toggle the 
full-screen size of a window (mostly xterms). That works. However,
if I maximize a window with C-M-f, then move it somewhere else
(maximized), and then later unmaximize it again with C-M-f, the window
not only resizes to its former size, but also moves back to its
former location.

Is this intentional?

Thanks

Jan

Re: Traffic Accounting

[Alexandre ADAM]

have a look to this tool :
http://www.cacti.net/


hebert Maia a icrit :

Hello misc!

I am owning a openbsd box by a german ISP who did not
support any kind of traffic overview.

On Linux i used "IPTraf", which seems horrible to port :/

My question is: How do you people make your own traffic statistics
(over months/years) on a single openbsd box?

Thanks alot

Traffic Accounting

[hebert Maia]

Hello misc!

I am owning a openbsd box by a german ISP who did not
support any kind of traffic overview.

On Linux i used "IPTraf", which seems horrible to port :/

My question is: How do you people make your own traffic statistics
(over months/years) on a single openbsd box?

Thanks alot

Krizden önce BRIC ülkeleri çıkabilir

[Çinden Haberler]

Gin'den Haberler 11 Haziran 2009 Say}: 9

 Gin'den Haberler'i d|zg|n gvr|nt|lenemiyorsa l|tfen t}klay}n}z

. 

 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 


 
http://www.email2clients.com/geotourism/lists/lt.php?id=ZU4EAg4OVwgHAkpWAlRKUlAGDlIH
 
http://www.email2clients.com/geotourism/lists/lt.php?id=ZU4EAg4OVwgHBUpWAlRKUlAGDlIH
 

 
http://www.email2clients.com/geotourism/lists/lt.php?id=ZU4EAg4OVwgHBEpWAlRKUlAGDlIH
 

 

 







--
Powered by PHPlist, www.phplist.com --

Re: pflow question - incorrect FIRST and LAST values ?

[Фролов Константин]

Hello.

13.06.09, 12:08, "Joerg Goltermann" :

> are you sure both versions are captured at the same time?

Yes.

> pflow(4) uses the counters from pf. Can you reproduce the
> difference of 14?


Yes, see attached file - i start softflowd and pflow capture at the same time, 
but
get different results. This capture i make with your new patch.

# date
Mon Jun 15 11:02:40 MSD 2009

# /usr/local/sbin/softflowd -n 127.0.0.1:1234 -i vic0
# ifconfig pflow0 flowsrc 192.168.227.131 flowdst 127.0.0.1:4321
# flow-capture -w /var/spool/netflow/softflowd -N 0 0/0/1234
# flow-capture -w /var/spool/netflow/pflow -N 0 0/0/4321

# lynx www.openbsd.org

.. (wait for log rotation by flow-capture, 15 mins)

# date
Mon Jun 15 11:15:53 MSD 2009

# flow-cat /var/spool/netflow/softflowd/ft* | flow-export -f 2 > softflowd.csv
# flow-cat /var/spool/netflow/pflow/ft* | flow-export -f 2 > pflow.csv


Just one question
softflowd will expire flows after user-configurable periods.
Can i configure expire period for pflow ? 

[demime 1.01d removed an attachment of type application/octet-stream which had 
a name of pflow.csv]

[demime 1.01d removed an attachment of type application/octet-stream which had 
a name of softflowd.csv]