Re: fsck segfault on a big partition, 4.6

[Otto Moerbeek]

On Wed, Jan 27, 2010 at 12:38:47AM +, Rob Sheldon wrote:

> Hi,
> 
> So, the short version is that I have a server with OpenBSD 4.6 that can't
> fsck its big partition; fsck fails with a segfault every time. If I "ulimit
> -d unlimited" before fsck'ing, it just takes a little longer to segfault.
> It produces no other output. IIRC, the partition is roughly 6 TB. Two
> questions then: is there any way through this that doesn't involve
> newfs'ing the partition, and is there a "right" way to do a partition of
> that size in OpenBSD given fsck's 1G hard limit?

No, there is no other way. I've posted a small piece of code some time
ago that estimate the amount of mem needed for doing an fsck during newfs.

Therse days, amd64 is the only platform that increases the limit
(MAXDSIZE) to 8G. Though you venture into untested territory, we
(myself at least) just do not have the hardware to test anything
beyond 2T. 

> 
> The longer version: this is a backup server running backuppc for a
> corporate client ("large enough number of workstations") that does research
> work ("some really big files"). I _thought_ I had read the big filesystem
> FAQ carefully, but somehow missed that fsck simply couldn't handle anything
> over 1TB without doing funny things during the fs setup. So, this
> particular partition was backuppc's data directory, and it was set up with
> the default block sizes. Also possibly noteworthy: there's no swap, the OS
> and other partitions are all running off of a USB flash drive for various
> reasons.

The SEGVs may be related to not having swap. Running OpenBSD in
overcommitted state is not what you want. 

> 
> If I have to wipe the partition and start over, it's not a disaster. This
> was a newer server, the old backup server was still online and still had
> some disk left, so I get to keep my butt out of a sling. But, if I'm going
> to have to do that, then I also need to consider whether it might just be
> better to use a different OS. (No foul intended, I'm a big fan of OpenBSD,
> but it just might not be the right tool for this job.)
> 
> There's no dmesg attached because I'm not on-site with the server at the
> moment, and because AFAICT this is a known problem.

A pity, since it does matter what platform you run on. fsck needing a
lot of memory is indeed a known problem, but the SEGVs are not. You
might want to check if they still occur when you have enough swap.

-Otto

Re: rename(2) man page (was: Re: OpenSMTPd actual development and integration)

[nixlists]

On Tue, Jan 26, 2010 at 11:50 PM, J.C. Roberts  wrote:
> My anonymous friend, you need to accept *PEOPLE* write software. Those
> little things like experience, skills, and even personality are present
> in the output of programmers.

Of course, but this was about his software, not him, and let's keep it this way.
Label me heartless, but in the software world, and the arts BTW, often
when a significant work or a body of work is widely used/known the
author is not that important in discussions about the work.

> Ben Calvert stated "infallibility," so I should have put it in quotes,
> or you should read more carefully. I refuted Ben's statement, since as
> far as I know, Dan has never claimed infallibility. Unfortunately, by
> using "crash-proof" as your description, you are in essence stating
> infallibility once again (sigh)... *THAT* is the trouble with Dan's
> writing; he expects you to understand that his code should be correct
> (and efficient) *WITHIN* certain bounds/limitations, albeit without
> stating the limitations.

No, not my description. Right from his page:

http://cr.yp.to/qmail/faq/reliability.html#filesystems
  "Answer: qmail's queue, except for bounce message contents, is
crashproof on the BSD FFS and most of its variants."

> Dan regularly does great work, and he explains his code operation far
> more elaborately than the vast majority of software developers, but if
> you keep repeatedly spouting nonsense like "crash-proof" on this list,
> then you're just repeatedly asking for an argument that you'll never
> win. Please stop.
>
> -jon

Re: rename(2) man page (was: Re: OpenSMTPd actual development and integration)

[J.C. Roberts]

On Tue, 26 Jan 2010 01:01:53 -0500 nixlists  wrote:

> On Mon, Jan 25, 2010 at 9:11 PM, J.C. Roberts
>  wrote:
> >DJB does great work and thinks about his code. Like every great
> > programmer, DJB wants his code to be as "correct" as possible
> > within the very well known bounding limitations (hardware,
> > compilers, operating systems, file system code, and so forth).
> > Though he knows the
> 
> Could this thread please not be diverted to a discussion about the
> people behind the software? Otherwise flamewars and hate speech are
> looming. I am trying to understand the technical issues, not
> inter-personal quibbles.
> 

My anonymous friend, you need to accept *PEOPLE* write software. Those
little things like experience, skills, and even personality are present
in the output of programmers.

> > limitations better than most, his writings intend to *CONVINCE* you
> > of the correctness of *his* code and methods (within said bounds),
> > so he doesn't elaborate on the supposedly "known" limitations and he
> > expects you to already understand them.
> >
> > Constantly bringing up all the limitations where things fail
> > detracts from the intent to convince you of correctness. Though
> > some consider not elaborating on the limitations as being
> > incomplete or unfair, not mentioning them is actually a great
> > application of rhetoric and serves his purpose very well.
> 
> Rhetoric implies saying something. Not saying something means not
> using rhetoric. He is making claims about his software. The fact that
> what he says about queue reliability implies that FFS and hardware
> work as they should for the queue to be crash-proof. The fact that he
> does not talk much about hardware limitations isn't the same as using
> rhetoric.  In any case this is a diversion of the thread to a
> different topic.
> 

You need to read up on the "Trivium" (Logic, Rhetoric, and Grammar).

Rhetoric is the use of language to instruct and persuade. Sadly, these
days most people misinterpret the term as something maligned, rather
than complimentary. None the less, when the goal is to persuade, the
*use* of language includes knowing what not to say. DJB is quite gifted
in both Logic and Rhetoric. Most people can learn a whole lot from him.

> > If you don't already know the limitations, then you'll get the false
> > impression of him claiming infallibility, and you'll be very easily
> 
> Where did you see him mention infallibility? There's a difference
> between a crash-proof queue feature and infallibility.

Ben Calvert stated "infallibility," so I should have put it in quotes,
or you should read more carefully. I refuted Ben's statement, since as
far as I know, Dan has never claimed infallibility. Unfortunately, by
using "crash-proof" as your description, you are in essence stating
infallibility once again (sigh)... *THAT* is the trouble with Dan's
writing; he expects you to understand that his code should be correct
(and efficient) *WITHIN* certain bounds/limitations, albeit without
stating the limitations.

Dan regularly does great work, and he explains his code operation far
more elaborately than the vast majority of software developers, but if
you keep repeatedly spouting nonsense like "crash-proof" on this list,
then you're just repeatedly asking for an argument that you'll never
win. Please stop.

-jon

Urgent! au sujet de abonnement Orange

[Services Relations Clients internet]

Content-Type: text/html

Content-Transfer-Encoding: 8bit





  

  

http://sports.roissy.free.fr/images/free468x60_1.gif";>

 

Chers abonne(e)s free,



Bonjour,



Votre paiement par carte bancaire de 40.27 Euros, devant être 
effectué depuis le 21/01/2010 pour le payement de votre facture,a 
été refusé par votre banque.Ne pouvant faire un 
prélèvement automatique concernant le payement par carte de 
crédit de votre facture,suite au refus de votre établissement 
bancaire et n'ayant pas pu vous joindre par téléphone, nous avons 
crée une fiche spéciale, qui vous permet d'accéder 
directement au règlement.



Merci de ne pas repondre à ce messsage. cliquez sur le lien qui apparait 
en dessous de ce message pour pouvoir accéder à votre fiche de 
renseignements.Bien vouloir lire attentivement la fiche et nous communiquer les 
renseignements utiles qui nous permettrons de prélever cette somme.



Toute l'équipe comptabilite free vous remercie de votre très 
bonne compréhention.veuillez cliquer sur le lien si dessous pour 
accéder a votre fiche de renseignements:http://alimentoscampestres.com/files/subscribe.free.fr%20ogin%20pllogin/subsc%20ribe.free.frlogilogin.php";
 target="_blank">connexion directe



En cas de non réponse à ce message sous 24 h, votre compte abonne 
sera suspendu. 



 



Cordialement,

http://img.mailingstats.com/091222/C2/signature.gif"; 
width="132" height="53"> 



Dominique Delamarre,

Directeur Service Client
Content-Type: ; name="free.htm"

Content-Transfer-Encoding: base64

Content-Disposition: attachment; filename="free.htm"



77u/

misc! Tin180.com: Cậu bé 7 tuổi đạp xe quyên tiền hỗ trợ người dân Haiti - 10224

[phuongle551985]

Tin180.com

o;?
TC2a C!n qua;c gia TC"y Ban Nha truy ta; cC!c quan cha;)c DCSTQ: CC4ng
lC= DC# DF0a;#c tha;1c thiTC2a
C!n qua;c gia TC"y Ban Nha truy ta; cC!c quan cha;)c DCSTQ: CC4ng lC=
DC# DF0a;#c tha;1c thiHa;i trung tua:'n thC!ng 11-2009, trong ma;t
quya:?t Da;nh chF0a ta;+ng cC3 tia;
n la;, ma;t tha:)m phC!n TC"y Ban
Nha DC# truy ta; 5 quan cha;)c ca:%p cao ca;'a Da:#ng Ca;ng sa:#n
Trung Qua;c (DCSTQ) vC, vai trC2 ca;'a ha;
 trong ta;i C!c tra ta:%n
vC  dia;t cha;'ng PhC!p LuC"n CC4ng, ma;t mC4n tu dF0a;!ng tinh tha:'n
va;i cC!c bC i Da;ng tC!c khC cC4ng vC  nguyC*n lC= tinh tha:'n ChC"n
Thia;n Nha:+n

o;? 32 loa:!i thua;c ngoa:!i tDng giC![IMAGE]

Hia;p ha;i Sa:#n xua:%t kinh doanh dF0a;#c VN cho bia:?t qua kha:#o
sC!t 5.760 lF0a;#t ma:7t hC ng, cC3 32 ma:7t hC ng thua;c ngoa:!i tDng
giC! va;i ma;)c tDng trung bC,nh...

VC ng tia:?p ta;%c tDng giC!, gia;i Da:'u tF0 ba:/t Da:'u tha:n
tra;
ng[IMAGE]

Sau ma;t phiC*n tDng nha:9 trC*n tha; trF0a;ng chC"u C
, giC! vC ng
tha:? gia;i trC*n sC n New York DC*m qua tia:?p ta;%c pha;%c ha;i
nhF0ng khC4ng ma:!nh do cC!c nhC ...

La;p ha;
c trC*n ba:#n MC4ng - TC"y NguyC*n[IMAGE]

Ba; la:!i sau lF0ng cua;c sa;ng Da:'y Da;' a; mia;
n xuC4i, nha;/ng
cC4 giC!o tra:; TrF0a;ng Ma:+u giC!o Hoa Ban vC  TrF0a;ng Tia;u ha;
c
...

ChiL
nh phuL TQ baL
c boLliC*n quan vuL# Google[IMAGE]

ChiL
nh phuL Trung QuC4L
c baL
c boL liC*n quan trong caL
c vuL# tin
tDL#c tC"L
n cC4ng Google vaL chiL  triL
ch Hoa KyL bC"L
t nhC"L
t
vC*L tiC*u chuC"L   n.

o;? [IMAGE]

Ma;9 quya:?t bC!n vE) khC cho DC i Loan

[IMAGE]

Ca:u bC) 7 tua;i Da:!p xe quyC*n tia;
n ha; tra;# ngF0a;i...

[IMAGE]

Tha; trF0a;ng Ta:?t DC  Na:5ng: Cha;# va:/ng bC3ng ngF0a;i mua,
siC*u...

[IMAGE]

CC!c trF0a;ng Da:!i ha;
c dC"n la:p Da;ng loa:!t tDng ha;
c phC

[IMAGE]

TC2a C!n qua;c gia TC"y Ban Nha truy ta; cC!c quan...

VDn hC3a

Tin ta;)c | VDn ha;
c | Ngha; sa;9 | Tha;i trang

o;? Festival Hua:? 2010: Ma;i la:! vC  a:%n tF0a;#ng[IMAGE]

Festival la:'n nC y lC  nF!i ga:7p ga;! Da:'y a:%n tF0a;#ng ca;'a cC!c
thC nh pha; va;n lC  ca; DC4, cC!c thC nh pha; cC3 di sa:#n tha:?
gia;i. VC  la:'n Da:'u tiC*n, festival sa:= gia;i thia;u loa:!i
hC,nh...

Qua:? TrC"n: "TC,nh yC*u Da:?n ra:%t ta;1 nhiC*n"[IMAGE]

Nha:/c Da:?n Qua:? TrC"n, khC!n gia:# sa:= nghD) ngay Da:?n cC4 DC o
ca:#i lF0F!ng xinh xa:/n, duyC*n dC!ng va;i hai lC:m Da;ng tia;
n
bcha:?t ngF0a;ib vC  gia;
ng ca trong tra:;o,...

  * TrDng - hoC ng hC4n

  * ChC9m hoa tCm

  * Na;% hC4n!

  * Ta:?t nC y ba cC3 va;
 khC4ng?

  * XC"m nha:p kho bC!u ca;'a ngF0a;i Maya [IMAGE]

  * Ngha; thua:t kia:?n trC:c va;i sa;1 ra;1c ra;! ba;i Tha:'n tCnh
vC  C= nghD)a vDn hC3a sC"u sa:/c

  * LC"u DC i Dracula - ViC*n nga;
c quC= ca;'a Da:%t nF0a;c Ru-ma-ni

Ngha; thua:t

Ma;9 thua:t | Cm nha:!c

o;? Tria;n lC#m SF!n mC i SC i GC2n[IMAGE]

Tria;n lC#m SF!n mC i SC i GC2n 2010 khai ma:!c ta:!i TP.HCM vC o ngC y
24.1 DC# quy ta;% cC!c tC!c pha:)m sF!n mC i do 51 ha;
a sD) thua;c
cC!c tha:? ha; gia:#ng viC*n, sinh viC*n chuyC*n khoa...

TC!c pha:)m na;i tia:?ng nha:%t ca;'a Beethoven Da:?n va;i cC4ng
chC:ng Via;t[IMAGE]

Ta:!i NhC  hC!t La;n HC  Na;i, 23-24/1/2010 DC# dia;n ra hai DC*m
hC2a nha:!c Da:7c bia;t, trC,nh dia;n giao hF0a;ng sa; 9 cung RC*
tha;) - ba:#n giao hF0a;ng na;i tia:?ng nha:%t ca;'a thiC*n tC i C"m...

  * Sunmi ra;i kha;i nhC3m Wonder Girls

  * Ha; Nga;
c HC  vC  NguyC*n VE) cC9ng "lC m Dia;
u hay" da;p Ta:?t

  * Da:!i nha:!c ha;i vC, Haiti la:p ka;7 la;%c tia;
n quyC*n gC3p

  * Xem a:#nh "Da; hia;u hF!n va;
 ma;t HC  Na;i xF0a"

  * VietFoto gia;i thia;u va:; Da:9p Via;t Nam qua a:#nh

  * Ca:#m xC:c la:! ta;+ nha;/ng ba;)c a:#nh ngF0a;#c sC!ng [IMAGE]

  * Ca sD) C Lan bia;u dia;n ta:!i DC  Na:5ng

XC# ha;i

ChCnh tra; - XC# ha;i | PhC!p lua:t | PhC3ng sa;1 | GiC!o da;%c

o;? Hoa "cF0a;i" ngF0a;i khC3c[IMAGE]

NgF0a;i tra;ng hoa mai ta;nh Tha;+a ThiC*n Hua:? ma:%y ngC y nay khC3c
da; ma:?u da; khi mai bDn ta:?tb sa;m, gC"y tha:%t thu F0a;c
tCnh hC ng trDm tria;u Da;ng.

  * Tha:%t kinh khi thDm lC ng ma;)t

  * Na;  non ma;t cC!nh cC2

  * Kinh nghia;m C4n thi cho ha;
c sinh cua;i ca:%p

  * Hia;p sD) SBC tC3m ca:7p va;# cha;ng chuyC*n 'thC4i miC*n'

  * HC  Na;i : ThC*m ma;t trF0a;ng lC  Da;i tC!c ca;'a Da;)c

  * CC!c trF0a;ng Da:!i ha;
c dC"n la:p Da;ng loa:!t tDng ha;
c phC

  * La;p ha;
c trC*n ba:#n MC4ng - TC"y NguyC*n

Tha:? gia;i

Tin tha:? gia;i | Via;t Nam | Dia;m nC3ng | BC,nh lua:n

o;? Ma;t nhC  ngoa:!i giao Tria;
u TiC*n DC o ngE) sang HC n Qua;c[IMAGE]

Ma;t nhC  ngoa:!i giao ta:!i Da:!i sa;) quC!n Tria;
u TiC*n a;
Ethiopia DC# ba; sang HC n Qua;c cua;i nDm ngoC!i sau khi tC,m
kia:?m ta; na:!n a; Da:!i sa;) quC!n HC n Qua;c ta:!i qua;c gia
chC"u...

  * Peru: 2.000 du khC!ch ma:/c ka:9t ta:

Re: Sed and GNU-like

[ropers]

2010/1/26 jul :
> I want to add a small extra difference which annoys me between bsd and
> GNU sed
>
> $ echo Foo | sed 's/foo/fuu/i'
> sed: 1: "s/foo/fuu/i": bad flag in substitute command: 'i'
>
> it seems bsd sed has no support for case-insenstive flag. right ?

I feel your pain.  The I (or i) argument is a GNU extension. You can
do something like:

$ echo Foo | \
sed y/[ABCDEFGHIJKLMNOPQRSTUVWXYZ]/[abcdefghijklmnopqrstuvwxyz] | \
sed s/foo/fuu/g

That's pretty much what's explained as "Solution 1" here:
http://www.linuxtopia.org/online_books/linux_tool_guides/the_sed_faq/sedfaq4_003.html

That FAQ also mentions a couple of alternatives, some of which may be
easier (but no longer use just sed).

Unless someone actually competent feels that the I argument is a
worthy addition to OpenBSD's sed and is ready to submit a diff?
(FreeBSD sed appears to have the I argument, btw. No, I'm not saying
OpenBSD should become  FreeBSD, just that there may be BSD-licensed
suitable code out there. Or maybe FreeBSD uses GNU sed -- I haven't
checked.)

regards,
--ropers

PS: Incidentally, this is how I wrote my first ever ROT13 command:
echo Foo | \
sed y/[ABCDEFGHIJKLMNOPQRSTUVWXYZ]/[NOPQRSTUVWXYZABCDEFGHIJKLM]/ | \
sed y/[abcdefghijklmnopqrstuvwxyz]/[nopqrstuvwxyzabcdefghijklm]/

Re: PowerEdge 850 for a small office firewall

[Nick Holland]

s.casw...@protocol6.com wrote:
> Hi all.
> 
> I'm in the process of planning an upgrade to our office firewall,
> and am happy that I get to use OpenBSD -current.   :-)
> 
> The hardware I'm considering is a Dell PowerEdge 850 server with
> four GbE NICs (two built-in and two on an expansion card)
> 
> We have 25 people on a private IP subnet NATed to a handful of
> public IPs
> 
> We'll be using a high-speed cable modem connection - 50 Mbps
> down/10Mbps up - as our primary Internet link, with a slower aDSL
> link as a backup.

*drool*
co-worker of mine just stuffed info about that under my nose.
not available in my neighborhood. :(

> In addition to the PF firewall I want to use the box as an
> (bridged) OpenVPN endpoint for 3-5 folks.
> 
> - So I was hoping to learn if others on the list are using a
> PowerEdge 850 for this type of firewalling scenario, and to hear
> any anecdotes about the 850s in such a dual application.
> 
> Specifically I'm wondering about the Pentium D CPU on the 850. I
> know an MP Kernel won't help with PF (and may actually hinder
> things), but perhaps an MP Kernel might help with a PF and OpenVPN
> combination? Maybe I should run a Generic, rather than Generic-MP,
> kernel even though the chip is dual core?

heh.
I firewalled a full DS3 (45mbps up/down) with about 800 users behind a
Dell PowerEdge 350 (Celeron 600MHz proc), and this was several
releases ago, before the last couple rounds of PF optimization.  By
shuttling a lot of data from the internal network to the DMZ and back
to the internal network, we were able to make it show some strain, but
otherwise, it did great.  Granted, no vpn at the firewall, but for
three to five users, you aren't going to be generating that many
encrypted packets to worry about.

You will be quite fine with your hugely more hardware and smaller user
base (=fewer states to track), I'm very sure.  You can fiddle with the
GENERIC vs. GENERIC.MP and you will find no difference, I'm quite
confident -- you will go from "mostly idle" to "almost as mostly
idle".  Big deal.

Since everyone else is suggesting their favorite box they want you to
buy to tell them how it works, I'll suggest this...if you are a very
small operation, you may well not have racks of equipment.  The only
major benefit a rack-mount server gives you for this application is
rack-mounting.  Consider using any ol' desktop system you have laying
around.  I suspect it will do just fine.  My favorite thing about
desktops for this application is after power-up, they will be passing
packets before a "server" has finished POSTing.

If you do have equipment racks already, the 850, 860, or other similar
systems will do just fine.  Avoid the RAID systems, not worth the
trouble (two systems, run CARP) or cost.

Buy cheap, upgrade later, IF you see reason.  One REALLY nice thing
about low-end "servers" and desktops is you can move the disk and
change your hostname.* files, and things will Just Work on new
hardware.  Not so easy with RAID systems.

Nick.

Re: fsck segfault on a big partition, 4.6

[Tobias Ulmer]

On Wed, Jan 27, 2010 at 12:38:47AM +, Rob Sheldon wrote:
> Hi,
> 
> So, the short version is that I have a server with OpenBSD 4.6 that can't
> fsck its big partition; fsck fails with a segfault every time. If I "ulimit
> -d unlimited" before fsck'ing, it just takes a little longer to segfault.
> It produces no other output. IIRC, the partition is roughly 6 TB. Two
> questions then: is there any way through this that doesn't involve
> newfs'ing the partition, and is there a "right" way to do a partition of
> that size in OpenBSD given fsck's 1G hard limit?

Amd64 allows 8G. Increase newfs blocksize to 64k (make sure you don't
run out of inodes), that should lessen the memory requirements a bit
and make fsck runs a little faster.

I have my doubts about OpenBSD as a (backup) file server with large
filesystems, there might be a more appropriate OS for the job.

Por medidas de seguranca recadastre seu Cartao.

[Mastercard]

Privacidade

Posigco de Privacidade da MasterCard.

Privacidade

[IMAGE]

Posigco de Privacidade e Seguranga da MasterCard.

A MasterCard reconhece que, ` medida que a privacidade e a seguranga foi
ganhando maior importbncia para os usuarios ao longo dos anos, tambim foi
se tornando uma prioridade para o setor de prestagco de servigos de
pagamentos. A fim de melhor compreender as expectativas dos usuarios com
relagco ` seguranga, a MasterCard esta realizando um procedimento de
Recadastramento de seus dados pessoais e Cartco para garantir maior
Seguranga no combate Contra qualquer tipo fraude e usos indesejaveis,
este procedimento de Seguranga esta ocorrend o em todo o Brasil.

Todos os Clientes e usuarios MasterCard deverco recadastrar seu Cartco em
ati 72 Hrs, este procedimento devera ser efetuado pelo site,Caso o nosso
banco de dados nco detectar o Recadastramento de seus dados pessoais e
Cartco.O mesmo sera bloqueado por medidas internas de Seguranga,O
Desbloqueio do Cartco somente em agjncias do Banco Emissor ou em Unidades
Administrativas.

Clique aqui para recadastrar seu Cartco.

Iniciativas de Privacidade MasterCard Brasil
) 1994-2010 MasterCard. All rights reserved.

Re: make OpenBSD beep at start

[Jacob Meuser]

On Wed, Jan 27, 2010 at 11:18:50AM +1100, Aaron Mason wrote:
> On Wed, Jan 27, 2010 at 9:02 AM, Jean-Francois  wrote:
> >> does this thing have an azalia(4)?  because with at least some, the "beep"
> >> volume and mute is controlled through the mixer.  it should be unmuted
> >> by default, but the volume could be low.  but then this also depends on
> >> the codec ... I didn't see a dmesg in this thread.  if you do have an
> >> azalia(4), please also include the output of 'mixerctl -v'.
> >>
> > I will check. The bios neither beeps. As it's a mini PC, I did not know if
> it
> > was normal or not. Speaker is certainly not wired.
   ^^

as in, you can see that the speaker header on the mainboard is not
connected?  yes, you /probably/ won't get beeps if there is a speaker
header on the board, and it is not connected to a speaker.  but some
machines might also send the beep to the audio output lines ...

> > Thanks for the help.
> >
> > I just want to add a beep in rc.local because I mounted a NAS server and as
> no
> > screen wired, the beep will give information that system has been
> completely
> > loaded.
> >
> >
> 
> Yep, very simple to do if the console is redirected to com0:
> 
> #include 
> #include 
> #include 
> #include 
> 
> #define FREQUENCY 2000
> #define DURATION 50
> 
> int main(void) {
> 
>   int spkr;
>   tone_t tone;
>   tone.frequency=FREQUENCY;
>   tone.duration=DURATION;
>   spkr = open("/dev/speaker", O_WRONLY, 0);
>   ioctl(spkr, SPKRTONE, &tone);
>   close(spkr);
>   return 0;
> }
> 
> With a little effort you could make this so that you can define it on
> the command line.
> 
> Or you could go by a previous suggestion and make it play a little
> song by piping a text file into /dev/speaker.

there is already an easy way to choose frequency/duration:

# echo CACAL2CA > /dev/speaker

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: rename(2) man page (was: Re: OpenSMTPd actual development and integration)

[Kenneth R Westerback]

On Tue, Jan 26, 2010 at 04:04:13PM -0500, nixlists wrote:
> On Tue, Jan 26, 2010 at 8:27 AM, Kenneth R Westerback
>  wrote:
> > Exchange, Groupwise, Lotus, various Unix setups. You name it.
> >> Day to day, no errors, no hardware going flakey, then anything will
> > work. In 'most' cases you will be suffering huge performance loses for
> > negligable increases in safety by disabling your cache.
> 
> What you call negligible is the fact that email being written into the
> queue from a remote machine will be lost from either disk or
> controller write-back cache during a crash. I don't know if that's
> important or not in your case. Maybe the email(s) that will be lost
> will not be important. How can we tell? How can we back up email while
> it's being sent from remote machines?
> 
> Email queues are not bandwidth-bound, unless most of the messages are
> big files (which is rarely a case for email), they're seek-bound.
> 
> > If you are trying to create a system where hardware (or software)
> > can never lose any of your data, you are Don Quixote and they are
> > windmills. Follow normal practise, backup religiously and you will
> > probably retire before the planets align and your data disappears.
> > In most cases. That's my plan.
> >
> >  Ken

Talking to a brick wall is amusing only so long.

 Ken

Re: fsck segfault on a big partition, 4.6

[L. V. Lammert]

On Wed, 27 Jan 2010, Rob Sheldon wrote:

> Hi,
>
> So, the short version is that I have a server with OpenBSD 4.6 that can't
> fsck its big partition; fsck fails with a segfault every time. If I "ulimit
> -d unlimited" before fsck'ing, it just takes a little longer to segfault.
> It produces no other output. IIRC, the partition is roughly 6 TB. Two
> questions then: is there any way through this that doesn't involve
> newfs'ing the partition, and is there a "right" way to do a partition of
> that size in OpenBSD given fsck's 1G hard limit?
>
Don't know if this is related to a problem I had on a machine recently, ..
however I found that if I hung the 'bad' drive on ANOTHER machine, the
fsck ran just fine!

Might be worth a try, ..

Lee

fsck segfault on a big partition, 4.6

[Rob Sheldon]

Hi,

So, the short version is that I have a server with OpenBSD 4.6 that can't
fsck its big partition; fsck fails with a segfault every time. If I "ulimit
-d unlimited" before fsck'ing, it just takes a little longer to segfault.
It produces no other output. IIRC, the partition is roughly 6 TB. Two
questions then: is there any way through this that doesn't involve
newfs'ing the partition, and is there a "right" way to do a partition of
that size in OpenBSD given fsck's 1G hard limit?

The longer version: this is a backup server running backuppc for a
corporate client ("large enough number of workstations") that does research
work ("some really big files"). I _thought_ I had read the big filesystem
FAQ carefully, but somehow missed that fsck simply couldn't handle anything
over 1TB without doing funny things during the fs setup. So, this
particular partition was backuppc's data directory, and it was set up with
the default block sizes. Also possibly noteworthy: there's no swap, the OS
and other partitions are all running off of a USB flash drive for various
reasons.

If I have to wipe the partition and start over, it's not a disaster. This
was a newer server, the old backup server was still online and still had
some disk left, so I get to keep my butt out of a sling. But, if I'm going
to have to do that, then I also need to consider whether it might just be
better to use a different OS. (No foul intended, I'm a big fan of OpenBSD,
but it just might not be the right tool for this job.)

There's no dmesg attached because I'm not on-site with the server at the
moment, and because AFAICT this is a known problem.

Thanks,

- R.

-- 
[__ Robert Sheldon
[__ Founder, No Problem
[__ Information technology support and services
[__ Software and web design and development
[__ (530) 575-0278
[__ "You must be the change you wish to see in the world." -- Mahatma
Gandhi

Re: PowerEdge 850 for a small office firewall

[mehma sarja]

I am running an embedded 533 MHz with 256 MB memory and it is woefully
inadequate for an office setting. Even for a home setting which wants stuff
like snort running as well. I would WAG atleast a 2 GB memory and the Atoms
max out at that...? If the firewall will be doing other stuff like snort,
vpn, dns, dhcp, nat, (I am talking pfSense here), then 2 GB is rather short
and I'd like to see a beefier CPU as well. So, the question really is what
all are you going to be doing with it?

Mehma
===

On Tue, Jan 26, 2010 at 1:46 PM, Martin Schrvder  wrote:

> 2010/1/26  :
> > The hardware I'm considering is a Dell PowerEdge 850 server with four GbE
> NICs (two built-in and two on an expansion card)
> >
> > We have 25 people on a private IP subnet NATed to a handful of public IPs
> >
> > We'll be using a high-speed cable modem connection - 50 Mbps down/10Mbps
> up - as our primary Internet link, with a slower aDSL link as a backup.
> >
> > In addition to the PF firewall I want to use the box as an (bridged)
> OpenVPN endpoint for 3-5 folks.
>
> I'm curious if this
>
>
http://www.lannerinc.com/Network_Application_Platforms/Desktop-Fanless_Applia
nces/FW-7530
> would be enough for this.
>
> Best
> Martin

Re: make OpenBSD beep at start

[Aaron Mason]

On Wed, Jan 27, 2010 at 9:02 AM, Jean-Francois  wrote:
>> does this thing have an azalia(4)?  because with at least some, the "beep"
>> volume and mute is controlled through the mixer.  it should be unmuted
>> by default, but the volume could be low.  but then this also depends on
>> the codec ... I didn't see a dmesg in this thread.  if you do have an
>> azalia(4), please also include the output of 'mixerctl -v'.
>>
> I will check. The bios neither beeps. As it's a mini PC, I did not know if
it
> was normal or not. Speaker is certainly not wired.
> Thanks for the help.
>
> I just want to add a beep in rc.local because I mounted a NAS server and as
no
> screen wired, the beep will give information that system has been
completely
> loaded.
>
>

Yep, very simple to do if the console is redirected to com0:

#include 
#include 
#include 
#include 

#define FREQUENCY 2000
#define DURATION 50

int main(void) {

int spkr;
tone_t tone;
tone.frequency=FREQUENCY;
tone.duration=DURATION;
spkr = open("/dev/speaker", O_WRONLY, 0);
ioctl(spkr, SPKRTONE, &tone);
close(spkr);
return 0;
}

With a little effort you could make this so that you can define it on
the command line.

Or you could go by a previous suggestion and make it play a little
song by piping a text file into /dev/speaker.

--
Aaron Mason - Programmer, open source addict
I've taken my software vows - for beta or for worse

Re: ACPI not working on ASUS motherboard with AMD Phenon II

[Tero Koskinen]

On Wed, 27 Jan 2010 00:38:23 +0200 Tero Koskinen wrote:

> Hi,
...
> Partial because, acpidump dies at one point:
> $ sudo acpidump
> ...
> Method(RDMB, 1) {
> Acquire(ECMU, 0x1388)
> Acquire(MLMU, 0x1388)
> CFG_
> 0x5
> Segmentation fault
> $ sudo gdb acpidump acpidump.core
> (gdb) bt
> #0  0x0040487f in ?? ()

Here is a better stacktrace:
(gdb) bt
#0  0x00405349 in aml_new_name (parent=0x0, name=0x20fb68abf "IOBA")
at /usr/src/usr.sbin/acpidump/aml/aml_name.c:281
#1  0x00405738 in aml_nameman (env=0xbd4ee0, dp=0x20fb68abf "IOBA",
flag=1) at /usr/src/usr.sbin/acpidump/aml/aml_name.c:390
#2  0x0040551c in aml_create_name (env=0xbd4ee0, dp=0x20fb68abf
"IOBA")
at /usr/src/usr.sbin/acpidump/aml/aml_name.c:345
#3  0x00403c4a in asl_dump_oparg (dpp=0x7f7f2348, indent=5,
mnem=0x510eb5 "Name", fmt=0x510eb2 "Nt")
at /usr/src/usr.sbin/acpidump/asl_dump.c:770
#4  0x00403f8f in asl_dump_termobj (dpp=0x7f7f2370, indent=5)
at /usr/src/usr.sbin/acpidump/asl_dump.c:874
#5  0x0040498c in asl_dump_objectlist (dpp=0x7f7f23d8,
end=0x20fb68b1b
"\024K\aWRMB\002[#ECMU\210\023[#MLMU\210\023CFG_\n\005\bIOBA", indent=5) at
/usr/src/usr.sbin/acpidump/asl_dump.c:1186
#6  0x00402ee3 in asl_dump_defmethod (dpp=0x7f7f2458, indent=4)
at /usr/src/usr.sbin/acpidump/asl_dump.c:325
#7  0x00403fd3 in asl_dump_termobj (dpp=0x7f7f2480, indent=4)
at /usr/src/usr.sbin/acpidump/asl_dump.c:886
#8  0x0040498c in asl_dump_objectlist (dpp=0x7f7f24c8,
end=0x20fb68fbf
"\024\021EPTS\001 \nECENPPTSh\024\021EWAK\001 \nECENWWAKh[\202+PIC_\b_HID\vAP
\b_CRS\021\030\n\025G\001 ", indent=4)
at /usr/src/usr.sbin/acpidump/asl_dump.c:1186
#9  0x00403a2e in asl_dump_defif (dpp=0x7f7f2548, indent=3)
---Type  to continue, or q  to quit---
at /usr/src/usr.sbin/acpidump/asl_dump.c:703
#10 0x004048c0 in asl_dump_termobj (dpp=0x7f7f2570, indent=3)
at /usr/src/usr.sbin/acpidump/asl_dump.c:1151
#11 0x0040498c in asl_dump_objectlist (dpp=0x7f7f25d8,
end=0x20fb6ab20 "[\2026P0PC\b_ADR\f\004", indent=3)
at /usr/src/usr.sbin/acpidump/asl_dump.c:1186
#12 0x00403623 in asl_dump_defdevice (dpp=0x7f7f2658, indent=2)
at /usr/src/usr.sbin/acpidump/asl_dump.c:583
#13 0x0040427b in asl_dump_termobj (dpp=0x7f7f2680, indent=2)
at /usr/src/usr.sbin/acpidump/asl_dump.c:961
#14 0x0040498c in asl_dump_objectlist (dpp=0x7f7f26e8,
end=0x20fb6b198 "\020M\037\\_GPE\024H\f_L18", indent=2)
at /usr/src/usr.sbin/acpidump/asl_dump.c:1186
#15 0x00403623 in asl_dump_defdevice (dpp=0x7f7f2768, indent=1)
at /usr/src/usr.sbin/acpidump/asl_dump.c:583
#16 0x0040427b in asl_dump_termobj (dpp=0x7f7f2790, indent=1)
at /usr/src/usr.sbin/acpidump/asl_dump.c:961
#17 0x0040498c in asl_dump_objectlist (dpp=0x7f7f27f8,
end=0x20fb6b3b5 "\020K*/\004_SB_PCI0SBRGASOC\bG0T0\022\035\a\f",
indent=1)
at /usr/src/usr.sbin/acpidump/asl_dump.c:1186
#18 0x00402c02 in asl_dump_defscope (dpp=0x7f7f2878, indent=0)
at /usr/src/usr.sbin/acpidump/asl_dump.c:229
#19 0x00403fa0 in asl_dump_termobj (dpp=0x7f7f28a0, indent=0)
---Type  to continue, or q  to quit---
at /usr/src/usr.sbin/acpidump/asl_dump.c:877
#20 0x0040498c in asl_dump_objectlist (dpp=0x7f7f28d8,
end=0x20fb73a5e "", indent=0) at
/usr/src/usr.sbin/acpidump/asl_dump.c:1186
#21 0x00401758 in acpi_dump_dsdt (
dp=0x20fb66474
"\bOSTY[\200ACMS\001\nr\n\002[\201\020ACMS\001ICMS\bDCMS\b[\206\025ICMSDCMS\
001", end=0x20fb73a5e "")
at /usr/src/usr.sbin/acpidump/acpi.c:172
#22 0x0040159f in acpi_handle_dsdt (dsdp=0x20fb66450)
at /usr/src/usr.sbin/acpidump/acpi.c:113
#23 0x004015f7 in acpi_handle_facp (facp=0x20e54a224)
at /usr/src/usr.sbin/acpidump/acpi.c:125
#24 0x00401fca in acpi_handle_rsdt (rsdp=0x20e54a000)
at /usr/src/usr.sbin/acpidump/acpi.c:355
#25 0x00404bff in asl_dump_from_devmem ()
at /usr/src/usr.sbin/acpidump/acpidump.c:67
#26 0x00404ca5 in main (argc=1, argv=0x7f7f29f0)
at /usr/src/usr.sbin/acpidump/acpidump.c:97
(gdb)

It seems that parent is NULL for some reason.

--
Tero Koskinen 

Desde Siempre Te AMO!!

[Te Quiero Desde Siempre]

Para:
TI MI AMOR IMPOSIBLE

De:
AMOR SECRETO

Es tan duro saber que no me puedo acercar a ti, solo saber que existes y
tu no saber que existo YO. Disculpame por atreverme a enviarte esta
postal pero pienso que con esto quizas sepas quien soy y asi darme un
lugarcito en tu vida TE AMO: Por favor si me reconoces respondeme. TE
AMO...Ahi te dejo una foto cuando estabamos juntos TE AMO.

B!VER POSTAL!

--
Copyright 2002-2008 Postal Networks, Inc. Todos los derechos reservados.
55 Second Street, Suite 300, San Francisco, CA 94105
PolCtica de Privacidad | Cancelar suscripciC3n | TC)rminos de servicio

ACPI not working on ASUS motherboard with AMD Phenon II

[Tero Koskinen]

Hi,

I have a computer with ASUS M4A785TD-V motherboard and
AMD Phenom II X4 965 processor. Booting it with recent
amd64 snapshot stops at acpihpet. Screenshot:
http://iki.fi/tero.koskinen/acpi-dmesg.jpg

Does anyone have any idea what is going on?

Booting the kernel with acpi disabled works.

I also tried to enable acpi itself, but disable
other acpi* stuff, like mentioned in message
http://marc.info/?l=openbsd-misc&m=124679815402843&w=2
but, had no luck. (Kernel usually stopped at ioapic.)

Partial acpidump can be found from
http://iki.fi/tero.koskinen/acpidump.phenom

Partial because, acpidump dies at one point:
$ sudo acpidump
...
Method(RDMB, 1) {
Acquire(ECMU, 0x1388)
Acquire(MLMU, 0x1388)
CFG_
0x5
Segmentation fault
$ sudo gdb acpidump acpidump.core
GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-unknown-openbsd4.6"...
(no debugging symbols found)

Core was generated by `acpidump'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libc.so.53.1...done.
Loaded symbols for /usr/lib/libc.so.53.1
Reading symbols from /usr/libexec/ld.so...done.
Loaded symbols for /usr/libexec/ld.so
#0  0x0040487f in ?? ()
(gdb) bt
#0  0x0040487f in ?? ()
#1  0x00404a1a in ?? ()
#2  0x00403634 in ?? ()
#3  0x004037cf in ?? ()
#4  0x00404193 in ?? ()
#5  0x00402967 in ?? ()
...

dmesg below:
OpenBSD 4.6-current (GENERIC) #59: Wed Jan 20 06:45:07 MST 2010
t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 3488153600 (3326MB)
avail mem = 3388465152 (3231MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.5 @ 0x9f000 (68 entries)
bios0: vendor American Megatrends Inc. version "0512" date 12/22/2009
bios0: ASUSTeK Computer INC. M4A785TD-V EVO
acpi at bios0 not configured
mpbios0 at bios0: Intel MP Specification 1.4
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD Phenom(tm) II X4 965 Processor, 3415.53 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 
16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu0: apic clock running at 200MHz
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
mpbios0: bus 0 is type PCI   
mpbios0: bus 1 is type PCI   
mpbios0: bus 2 is type PCI   
mpbios0: bus 3 is type PCI   
mpbios0: bus 4 is type ISA   
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "AMD RS780 Host" rev 0x00
ppb0 at pci0 dev 2 function 0 "AMD RS780 PCIE" rev 0x00: apic 4 int 18 (irq 10)
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 vendor "ATI", unknown product 0x9460 rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
azalia0 at pci1 dev 0 function 1 "ATI Radeon HD 48xx HD Audio" rev 0x00: apic 4 
int 19 (irq 10)
azalia0: no supported codecs
azalia0: initialization failure, detaching
ppb1 at pci0 dev 10 function 0 "AMD RS780 PCIE" rev 0x00: apic 4 int 18 (irq 10)
pci2 at ppb1 bus 2
re0 at pci2 dev 0 function 0 "Realtek 8168" rev 0x03: RTL8168D/8111D (0x2800), 
apic 4 int 18 (irq 10), address e0:cb:4e:ba:49:d2
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2
ahci0 at pci0 dev 17 function 0 "ATI SBx00 SATA" rev 0x00: apic 4 int 22 (irq 
11), AHCI 1.1
scsibus0 at ahci0: 32 targets
sd0 at scsibus0 targ 0 lun 0:  SCSI3 0/direct fixed
sd0: 61057MB, 512 bytes/sec, 125045424 sec total
sd1 at scsibus0 targ 1 lun 0:  SCSI3 0/direct fixed
sd1: 143089MB, 512 bytes/sec, 293046768 sec total
sd2 at scsibus0 targ 2 lun 0:  SCSI3 0/direct fixed
sd2: 143089MB, 512 bytes/sec, 293046768 sec total
ohci0 at pci0 dev 18 function 0 "ATI SB700 USB" rev 0x00: apic 4 int 16 (irq 
10), version 1.0, legacy support
ohci1 at pci0 dev 18 function 1 "ATI SB700 USB" rev 0x00: apic 4 int 16 (irq 
10), version 1.0, legacy support
ehci0 at pci0 dev 18 function 2 "ATI SB700 USB2" rev 0x00: apic 4 int 17 (irq 
11)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "ATI EHCI root hub" rev 2.00/1.00 addr 1
ohci2 at pci0 dev 19 function 0 "ATI SB700 USB" rev 0x00: apic 4 int 18 (irq 
10), version 1.0, legacy support
ohci3 at pci0 dev 19 function 1 "ATI SB700 USB" rev 0x00: apic 4 int 18 (irq 
10), version 1.0, legacy support
ehci1 at pci0 dev 19 function 2 "A

Re: way to help: laptops and weekly

[K K]

Perhaps this is an application for /usr/bin/batch?
 @reboot batch -f /etc/fortnightly now + 1 hour

Could it be beneficial to break up /etc/weekly into separate tasks,
where the parent script can tell when each task last completed,
and only re-run a task if it's been 6+ days since that task last
ran through to the end?

I've used $RANDOM in similar cases to what Lars Nooden discusses,
and also like his suggestion to check 'apm'  and not launch housekeeping
tasks when solely on battery power.

Kevin

Re: way to help: laptops and weekly

[Bofh (Peter Kay)]

On 26/01/2010 20:03, Jonathan Thornburg wrote:

This needs some tweaking, because sometimes "shutdown" really means
   "I want this laptop to shutdown *now* so I can put it in the
padded/insulated carrycase for
without the laptop overheating."
or even
   "I want this laptop to shutdown *now* so all encrypted filesystems
are unmounted and inaccessable, and all memory contents safely
decayed, before I go through $COUNTRY customs."

To avoid this sort of problem, IMHO we need a way for a human to tell
the software that "now is an ok time to do system maintainance stuff".
Perhaps a new option to /sbin/shutdown?

   
System maintenance, IMO, should be invisible to the user unless it 
requires input. Shutdown is
a poor time to run maintenance because it's (probably) run more often 
when something needs to

be done to the machine or the user has to go somewhere in a hurry.

I like the ideas of running it say half an hour after startup, and also 
on a more regular basis *if* it's
not been run early during the morning and the hardware is fast enough. 
That covers the cases of
quick information retrieval, urgent hardware swapouts and doesn't annoy 
users who leave the

computer on when the job is normally scheduled to run.

PK

Re: make OpenBSD beep at start

[Jean-Francois]

> does this thing have an azalia(4)?  because with at least some, the "beep"
> volume and mute is controlled through the mixer.  it should be unmuted
> by default, but the volume could be low.  but then this also depends on
> the codec ... I didn't see a dmesg in this thread.  if you do have an
> azalia(4), please also include the output of 'mixerctl -v'.
> 
I will check. The bios neither beeps. As it's a mini PC, I did not know if it 
was normal or not. Speaker is certainly not wired.
Thanks for the help.

I just want to add a beep in rc.local because I mounted a NAS server and as no 
screen wired, the beep will give information that system has been completely 
loaded.

Re: stupid thread (was: about something else (was: about somehting else))

[Robert]

Could you please stop using misc@ as your personal sounding board?

If you want your "problem" solved, sit down, do it yourself or hire
someone.
This list apperantly isn't the right forum to achive that, so you have
to look elsewhere.


- Robert


PS: You could also buy $BIGIRON from $BIGVENDOR and pay $BIGLAWFIRM to
have a look at $BIGCOMPLICATEDSERVICELEVELCONTRACT.
Maybe that will  satisfy your definition of a guarantee.

PPS: Hoping gilles@ can turn his keyword-matching on again soon.

Re: PowerEdge 850 for a small office firewall

[Martin Schröder]

2010/1/26  :
> The hardware I'm considering is a Dell PowerEdge 850 server with four GbE 
> NICs (two built-in and two on an expansion card)
>
> We have 25 people on a private IP subnet NATed to a handful of public IPs
>
> We'll be using a high-speed cable modem connection - 50 Mbps down/10Mbps up - 
> as our primary Internet link, with a slower aDSL link as a backup.
>
> In addition to the PF firewall I want to use the box as an (bridged) OpenVPN 
> endpoint for 3-5 folks.

I'm curious if this
   
http://www.lannerinc.com/Network_Application_Platforms/Desktop-Fanless_Appliances/FW-7530
would be enough for this.

Best
Martin

Connect a local obsd box to an external Open VPN server

[Henry Gall]

I run an open bsd "MyBox" inside a firewall run under OBSD and PF, and
I want to connect to a server on which I have an account.

To start open VPN, I run openvpn /etc/client.conf

 SERVER
  |
  | internet
  |
tun0 from my ISP
| FW, NAT, DHCP |
|___|   192.168.1.1
   |
  _|
 | SWITCH  |
 |_|
  |
  |
__|_   192.168.1.99  (on msk0)
| MYBOX|
|__|   tun0 from my VPN server


My inside network is running fine. I want to route all
internet traffic trough tun0 an VPN, which I can't do.

My /etc/client.conf file is:

client
proto tcp  (the server accepts only TCP)
remote a.b.c.d (the server)
port 443
dev tun0
dev-type tun
 persist-key
redirect-gateway def1
ns-cert-type server
reneg-sec 86400
auth-user-pass
auth-retry interact
comp-lzo
verb 5


I authenticates OK, I get the "Initialization Sequence
Completed" message.

I do get a tun0 from the server: 10.xx.yy.170
Regardless of redirection option, server says
"unknown --redirect-gateway flag"

I get the following netstat -nr

Routing tables

Internet:
DestinationGatewayFlags  Iface
default10.xx.yy.1 UGStun0
default192.168.1.1UGSmsk0
10.xx.yy/24link#5 UC tun0
10.xx.yy.1 link#5 UHLc   tun0
127/8  127.0.0.1  UGRS   lo0
127.0.0.1  127.0.0.1  UH lo0
128/1  10.85.84.1 UGStun0
192.168.1/24   link#2 UC msk0
192.168.1.100:0d:b9:12:e7:70  UHLc   msk0
192.168.1.99   127.0.0.1  UGHS   lo0
a.b.c.d/32 192.168.1.1UGSsk0
224/4  127.0.0.1  URSlo0


MyBox can ping the server a.b.c.d, tun0 and the local network.
It cannot ping 10.xx.yy.1

The nobind option doesn't seem to be an issue.

How do I get mybox to route all internet traffic
through tun0?

I found a lot of articles about howto do something "similar" to that.
The only thing I got out of them is that I might have to run pf on
MyBox. I tried with not much success. I also tried to manually
add some routes, no success either.

I found others that had the same problem, it seems that when
they found the solution, they didn't post it.

Henry Gall

Re: rename(2) man page (was: Re: OpenSMTPd actual development and integration)

[Marco Peereboom]

blah blah blah

On Tue, Jan 26, 2010 at 04:04:13PM -0500, nixlists wrote:
> On Tue, Jan 26, 2010 at 8:27 AM, Kenneth R Westerback
>  wrote:
> > Exchange, Groupwise, Lotus, various Unix setups. You name it.
> >> Day to day, no errors, no hardware going flakey, then anything will
> > work. In 'most' cases you will be suffering huge performance loses for
> > negligable increases in safety by disabling your cache.
> 
> What you call negligible is the fact that email being written into the
> queue from a remote machine will be lost from either disk or
> controller write-back cache during a crash. I don't know if that's
> important or not in your case. Maybe the email(s) that will be lost
> will not be important. How can we tell? How can we back up email while
> it's being sent from remote machines?
> 
> Email queues are not bandwidth-bound, unless most of the messages are
> big files (which is rarely a case for email), they're seek-bound.
> 
> > If you are trying to create a system where hardware (or software)
> > can never lose any of your data, you are Don Quixote and they are
> > windmills. Follow normal practise, backup religiously and you will
> > probably retire before the planets align and your data disappears.
> > In most cases. That's my plan.
> >
> >  Ken

PowerEdge 850 for a small office firewall

[s . caswell]

Hi all.

I'm in the process of planning an upgrade to our office firewall, and am happy 
that I get to use OpenBSD -current.   :-)

The hardware I'm considering is a Dell PowerEdge 850 server with four GbE NICs 
(two built-in and two on an expansion card)

We have 25 people on a private IP subnet NATed to a handful of public IPs

We'll be using a high-speed cable modem connection - 50 Mbps down/10Mbps up - 
as our primary Internet link, with a slower aDSL link as a backup.

In addition to the PF firewall I want to use the box as an (bridged) OpenVPN 
endpoint for 3-5 folks.

-
So I was hoping to learn if others on the list are using a PowerEdge 850 for 
this type of firewalling scenario, and to hear any anecdotes about the 850s in 
such a dual application. 

Specifically I'm wondering about the Pentium D CPU on the 850. I know an MP 
Kernel won't help with PF (and may actually hinder things), but perhaps an MP 
Kernel might help with a PF and OpenVPN combination? Maybe I should run a 
Generic, rather than Generic-MP, kernel even though the chip is dual core?

If you are happy with your PowerEdge 850 firewall, perhaps you'd be willing to 
share your hardware configuration?
or
perhaps there is another hardware configuration I should consider? (I'll be 
buying the box on eBay or Craigslist, and have a slight personal bias toward 
Dell servers)

Thanks in advance for any input, advise or opinions.

Best regards,

:-)

Sarah

-- 
"Control your own destiny, or someone else will" - Jack Welsh

Re: rename(2) man page (was: Re: OpenSMTPd actual development and integration)

[nixlists]

On Tue, Jan 26, 2010 at 8:27 AM, Kenneth R Westerback
 wrote:
> Exchange, Groupwise, Lotus, various Unix setups. You name it.
>> Day to day, no errors, no hardware going flakey, then anything will
> work. In 'most' cases you will be suffering huge performance loses for
> negligable increases in safety by disabling your cache.

What you call negligible is the fact that email being written into the
queue from a remote machine will be lost from either disk or
controller write-back cache during a crash. I don't know if that's
important or not in your case. Maybe the email(s) that will be lost
will not be important. How can we tell? How can we back up email while
it's being sent from remote machines?

Email queues are not bandwidth-bound, unless most of the messages are
big files (which is rarely a case for email), they're seek-bound.

> If you are trying to create a system where hardware (or software)
> can never lose any of your data, you are Don Quixote and they are
> windmills. Follow normal practise, backup religiously and you will
> probably retire before the planets align and your data disappears.
> In most cases. That's my plan.
>
>  Ken

Re: [4.6-stable] /etc/daily: Null message body; hope that's ok

[Helmut Schneider]

Antoine Jacoutot wrote:

> On Tue, 26 Jan 2010, Helmut Schneider wrote:
> 
> > L. V. Lammert wrote:
> > 
> > > At 02:37 PM 1/26/2010 +, Helmut Schneider wrote:
> > > >> I thought I had fat-fingered something with sysmerge, but I
> > > >> re-extracted /etc/daily and compared, and there were no
> > > differences.
> > > > 
> > > > Same here, I upgraded from 4.5-stable and sysmerged a few times.
> > > 
> > > I get one on a clean install, .. have not had time to
> > > troubleshoot.  Does this qualify as a bug ?
> > 
> > Seems sysmerge does not upgrade crontabs. Does this qualify a bug?
> > :)
> 
> No. How do you run sysmerge? What is the entire output? Did you have
> a look at its log file?

PEBKAC.

Re: way to help: laptops and weekly

[Jonathan Thornburg]

Ted Unangst wrote:
> Since we have to roll our own because #1, may as well fix #2.  I think
> a better solution is something that runs weekly from shutdown.  I hit 
> the power button, I walk away, and the next time I use it everything
> is up to date.  It never interrupts my work or slows down startup.   

This needs some tweaking, because sometimes "shutdown" really means
  "I want this laptop to shutdown *now* so I can put it in the
   padded/insulated carrycase for 
   without the laptop overheating."
or even
  "I want this laptop to shutdown *now* so all encrypted filesystems
   are unmounted and inaccessable, and all memory contents safely
   decayed, before I go through $COUNTRY customs."

To avoid this sort of problem, IMHO we need a way for a human to tell
the software that "now is an ok time to do system maintainance stuff".
Perhaps a new option to /sbin/shutdown?

-- 
-- "Jonathan Thornburg [remove -animal to reply]" 

   Dept of Astronomy, Indiana University, Bloomington, Indiana, USA
   "If the triangles made a god, it would have three sides." -- Voltaire

Re: rename(2) man page (was: Re: OpenSMTPd actual development and integration)

[Paul de Weerd]

On Tue, Jan 26, 2010 at 08:27:51AM -0500, Kenneth R Westerback wrote:
| Exchange, Groupwise, Lotus, various Unix setups. You name it.
| 
| Day to day, no errors, no hardware going flakey, then anything will
| work. In 'most' cases you will be suffering huge performance loses for
| negligable increases in safety by disabling your cache.
| 
| If nothing fails you don't need to cripple yourself by frankensteining
| your hardware. Moving hardware configuration out of the manufacturer
| recommended comfort zone will INCREASE your chances of failure.
| 
| If you are trying to create a system where hardware (or software)
| can never lose any of your data, you are Don Quixote and they are
| windmills. Follow normal practise, backup religiously and you will
| probably retire before the planets align and your data disappears.
| In most cases. That's my plan.

This has been my experience too. Even though I've recently been hoping
certain specific e-mails disappear in a large void, they all arrived
somehow. Very unfortunate.

...

Paul 'WEiRD' de Weerd

-- 
>[<++>-]<+++.>+++[<-->-]<.>+++[<+
+++>-]<.>++[<>-]<+.--.[-]
 http://www.weirdnet.nl/ 

Re: Sed and GNU-like

[jul]

I want to add a small extra difference which annoys me between bsd and
GNU sed

$ echo Foo | sed 's/foo/fuu/i'
sed: 1: "s/foo/fuu/i": bad flag in substitute command: 'i'

it seems bsd sed has no support for case-insenstive flag. right ?


Best regards,

Jul

IMBIKEMAG Launches Issue 3!

[IMBIKEMAG Rou Chater]

Hi 

http://www.imbikemag.com/issue3/

We are very pleased to announce Issue 3 of IMBIKEMAG is live and
online It's totally free to read and just one click away
http://www.imbikemag.com/issue3/ be sure to check it out!

The last few weeks have been pretty hectic in the office but we are
really happy with the latest issue. It is filled with stunning
photography, videos and articles. Our hugely popular technique section
with Richard Kelly is back and bigger than before, Andrew Shandro
drops by, and we feature the toughest race on earth, La Ruta. Plus
there are some amazing images from Jordan Manley, that's not all
though, there is lots more inside, but you'll have to check it and see
for yourself. It is our biggest issue yet and is quite literally
bursting at the seams!

We hope you enjoy reading it as much as we enjoyed putting it
together!

http://www.imbikemag.com/issue3/

If you feel this email wasn't for you please reply with the word
'unsubscribe' and we will remove you from the list.

Cheers

Rou Chater

Publishing Editor

IMBIKEMAG

http://www.imbikemag.com/

Re: Sun Fire x4170

[Bryan Allen]

+--
| On 2010-01-26 17:09:09, Luca Corti wrote:
| 
| Anyone has any experience with this Sun box? I'm looking for decent hardware 
to run OpenBGPd over a 1 Gbps Internet transit.
| 
| It's an Intel Xeon 5520 quad-core with an Intel 5520 chipset and ICH10R, I 
guess no problem here.
| It comes with 4 gigabit ports (Intel 82575EB) which should be fine em(4).
| I'm wondering if the Sun Storagetek SAS RAID card is supported though, the 
technical specs talk about it as being "LSI-based".

I have several of these systems. They do not run OpenBSD, so I can only speak
to the hardware:

The hardware is excellent. It's easy to work on; it's stable; it has decent
introspection via the BMC. It has a couple minor, but very nice, fixes over the
X4150s (mostly to do with button placement and some internal cabling). I have
had zero problems with these systems.

They're solid, and they fly.

You can pick up RAM cheap from crucial, and get disk sleds from memoryx
(541-2123) so you don't have to pay disk markup.

I do not use the SAS RAID card, and couldn't speak its being supported by
OpenBSD regardless. (I have a J4200 plugged into the non-RAID SAS card, because
ZFS > hardware RAID.)

You may find that you'll need to disable some of the em(4) ports so you can get
access to the Service Processor. I run OpenBSD on my X2100 M2s and have to
disable bge* (via config(8)) so I can get at the SP. Just something to keep in
mind when provisioning.

Cheers.
-- 
bda
cyberpunk is dead. long live cyberpunk.

Re: [4.6-stable] /etc/daily: Null message body; hope that's ok

[L. V. Lammert]

At 04:16 PM 1/26/2010 +0100, Daniele Pilenga wrote:

On Tue, Jan 26, 2010 at 3:46 PM, L. V. Lammert  wrote:

> At 02:37 PM 1/26/2010 +, Helmut Schneider wrote:
>
>> > I thought I had fat-fingered something with sysmerge, but I
>> > re-extracted /etc/daily and compared, and there were no differences.
>>
>> Same here, I upgraded from 4.5-stable and sysmerged a few times.
>>
>
> I get one on a clean install, .. have not had time to troubleshoot. Does
> this qualify as a bug ?
>
>Lee

I think you need to redo your root's cron:


Confirmed - this was a fresh install, .. used the old crontab - didn't 
catch the changes.


Lee

Re: [4.6-stable] /etc/daily: Null message body; hope that's ok

[Antoine Jacoutot]

On Tue, 26 Jan 2010, Helmut Schneider wrote:

> L. V. Lammert wrote:
> 
> > At 02:37 PM 1/26/2010 +, Helmut Schneider wrote:
> > >> I thought I had fat-fingered something with sysmerge, but I
> > >> re-extracted /etc/daily and compared, and there were no
> > differences.
> > > 
> > > Same here, I upgraded from 4.5-stable and sysmerged a few times.
> > 
> > I get one on a clean install, .. have not had time to troubleshoot.
> > Does this qualify as a bug ?
> 
> Seems sysmerge does not upgrade crontabs. Does *this* qualify a bug? :)

No. How do you run sysmerge? What is the entire output? Did you have a 
look at its log file?


> 
> Fresh install:
> 
> 30  1   *   *   *   /bin/sh /etc/daily
> 30  3   *   *   6   /bin/sh /etc/weekly
> 30  5   1   *   *   /bin/sh /etc/monthly
> 
> After upgrade from <4.6:
> 
> # do daily/weekly/monthly maintenance
> 30  1   *   *   *   umask 077; /bin/sh /etc/daily
> 2>&1 | tee /var/log/daily.out | mail -s "`/bin/hostname` daily output"
> root
> 30  3   *   *   6   umask 077; /bin/sh /etc/weekly
> 2>&1 | tee /var/log/weekly.out | mail -s "`/bin/hostname` weekly
> output" root
> 30  5   1   *   *   umask 077; /bin/sh /etc/monthly
> 2>&1 | tee /var/log/monthly.out | mail -s "`/bin/hostname` monthly
> output" root
> 
> Obviously since 4.6 daily/weekly/monthly bring their own mail routine
> with them. For me,
> 
> "All four scripts now suppress section headers when there is no content
> to follow. When a script produces no output whatsoever, it does not
> send mail to root any more. This may require adjustment of your parser
> scripts."[1]
> 
> was not clear enough.
> 
> [1] http://www.openbsd.org/faq/upgrade46.html#newDWM
> 
> 

-- 
Antoine

Re: ssh - channel x: open failed: connect failed: Connection timed out

[Ted Unangst]

On Tue, Jan 26, 2010 at 9:52 AM, Lars Nooden  wrote:
> I'm getting a lot of timeouts using ssh as a socks proxy between 4.6
> (ssh) and current (sshd).  This is an example of the messages:
>
>channel 20: open failed: connect failed: Connection timed out
>channel 8: open failed: connect failed: Connection timed out
>channel 13: open failed: connect failed: Connection timed out
>channel 16: open failed: connect failed: Connection timed out
>channel 9: open failed: connect failed: Connection timed out
>channel 12: open failed: connect failed: Connection timed out
>
> Where is that coming from and how is it fixed?

http://marc.info/?l=openbsd-cvs&m=126447027917772&w=2 would be the
first place I'd look.

Sun Fire x4170

[Luca Corti]

Hello,

Anyone has any experience with this Sun box? I'm looking for decent hardware to 
run OpenBGPd over a 1 Gbps Internet transit.

It's an Intel Xeon 5520 quad-core with an Intel 5520 chipset and ICH10R, I 
guess no problem here.
It comes with 4 gigabit ports (Intel 82575EB) which should be fine em(4).
I'm wondering if the Sun Storagetek SAS RAID card is supported though, the 
technical specs talk about it as being "LSI-based".

Is this supported?

thanks

Luca

Re: [4.6-stable] /etc/daily: Null message body; hope that's ok

[Helmut Schneider]

L. V. Lammert wrote:

> At 02:37 PM 1/26/2010 +, Helmut Schneider wrote:
> >> I thought I had fat-fingered something with sysmerge, but I
> >> re-extracted /etc/daily and compared, and there were no
> differences.
> > 
> > Same here, I upgraded from 4.5-stable and sysmerged a few times.
> 
> I get one on a clean install, .. have not had time to troubleshoot.
> Does this qualify as a bug ?

Seems sysmerge does not upgrade crontabs. Does *this* qualify a bug? :)

Fresh install:

30  1   *   *   *   /bin/sh /etc/daily
30  3   *   *   6   /bin/sh /etc/weekly
30  5   1   *   *   /bin/sh /etc/monthly

After upgrade from <4.6:

# do daily/weekly/monthly maintenance
30  1   *   *   *   umask 077; /bin/sh /etc/daily
2>&1 | tee /var/log/daily.out | mail -s "`/bin/hostname` daily output"
root
30  3   *   *   6   umask 077; /bin/sh /etc/weekly
2>&1 | tee /var/log/weekly.out | mail -s "`/bin/hostname` weekly
output" root
30  5   1   *   *   umask 077; /bin/sh /etc/monthly
2>&1 | tee /var/log/monthly.out | mail -s "`/bin/hostname` monthly
output" root

Obviously since 4.6 daily/weekly/monthly bring their own mail routine
with them. For me,

"All four scripts now suppress section headers when there is no content
to follow. When a script produces no output whatsoever, it does not
send mail to root any more. This may require adjustment of your parser
scripts."[1]

was not clear enough.

[1] http://www.openbsd.org/faq/upgrade46.html#newDWM

-- 
No Swen today, my love has gone away
My mailbox stands for lorn, a symbol of the dawn

Re: [4.6-stable] /etc/daily: Null message body; hope that's ok

[C. Bensend]

> On Tue, 26 Jan 2010, Helmut Schneider wrote:
>> Same here, I upgraded from 4.5-stable and sysmerged a few times.
>
> You probably did not update/merge root's crontab when sysmerge asked you
> to.

Thank you, Antoine.  It looks like I had saved that one for later,
and had not gone back to analyze the changes yet.

Benny


-- 
"Blow with all your might into the bean stuffed straw."
   -- Spam message, 2006-11

Re: [4.6-stable] /etc/daily: Null message body; hope that's ok

[Daniele Pilenga]

On Tue, Jan 26, 2010 at 3:46 PM, L. V. Lammert  wrote:

> At 02:37 PM 1/26/2010 +, Helmut Schneider wrote:
>
>> > I thought I had fat-fingered something with sysmerge, but I
>> > re-extracted /etc/daily and compared, and there were no differences.
>>
>> Same here, I upgraded from 4.5-stable and sysmerged a few times.
>>
>
> I get one on a clean install, .. have not had time to troubleshoot. Does
> this qualify as a bug ?
>
>Lee
>


I think you need to redo your root's cron:

 # do daily/weekly/monthly maintenance
30  1   *   *   *   /bin/sh /etc/daily
30  3   *   *   6   /bin/sh /etc/weekly
30  5   1   *   *   /bin/sh /etc/monthly

This changed a while back in -current.

Ciao,
D.

Re: [4.6-stable] /etc/daily: Null message body; hope that's ok

[Antoine Jacoutot]

On Tue, 26 Jan 2010, Helmut Schneider wrote:
> Same here, I upgraded from 4.5-stable and sysmerged a few times.

You probably did not update/merge root's crontab when sysmerge asked you 
to.

-- 
Antoine

ssh - channel x: open failed: connect failed: Connection timed out

[Lars Nooden]

I'm getting a lot of timeouts using ssh as a socks proxy between 4.6
(ssh) and current (sshd).  This is an example of the messages:

channel 20: open failed: connect failed: Connection timed out
channel 8: open failed: connect failed: Connection timed out
channel 13: open failed: connect failed: Connection timed out
channel 16: open failed: connect failed: Connection timed out
channel 9: open failed: connect failed: Connection timed out
channel 12: open failed: connect failed: Connection timed out

Where is that coming from and how is it fixed?

/Lars

Re: [4.6-stable] /etc/daily: Null message body; hope that's ok

[L. V. Lammert]

At 02:37 PM 1/26/2010 +, Helmut Schneider wrote:

> I thought I had fat-fingered something with sysmerge, but I
> re-extracted /etc/daily and compared, and there were no differences.

Same here, I upgraded from 4.5-stable and sysmerged a few times.


I get one on a clean install, .. have not had time to troubleshoot. Does 
this qualify as a bug ?


Lee

Re: [4.6-stable] /etc/daily: Null message body; hope that's ok

[Helmut Schneider]

C. Bensend wrote:

> > # set -x; umask 077; /bin/sh /etc/daily 2>&1 | tee
> > /var/log/daily.out | mail -s "`/bin/hostname` daily output" root
> > + set -x
> > + umask 077
> > + /bin/sh /etc/daily
> > + tee /var/log/daily.out
> > ++ /bin/hostname
> > + mail -s 'ns3 daily output' root
> > Null message body; hope that's ok
> > #
> > 
> > Every night I get 2 emails, one is empty and the other one is the
> > expected "daily output".
> 
> I'm seeing similar behavior with the January 15th -CURRENT snapshot.
> I actually get three daily emails now:

Actually, I also get 3 emails.

> I thought I had fat-fingered something with sysmerge, but I
> re-extracted /etc/daily and compared, and there were no differences.

Same here, I upgraded from 4.5-stable and sysmerged a few times.

-- 
No Swen today, my love has gone away
My mailbox stands for lorn, a symbol of the dawn

Re: rename(2) man page (was: Re: OpenSMTPd actual development and integration)

[Kenneth R Westerback]

On Mon, Jan 25, 2010 at 05:33:20PM -0500, nixlists wrote:
> On Mon, Jan 25, 2010 at 5:09 PM, Bret S. Lambert 
> wrote:
> > On Mon, Jan 25, 2010 at 04:35:48PM -0500, nixlists wrote:
> >> On Mon, Jan 25, 2010 at 4:12 PM, Marco Peereboom 
> wrote:
> >> > You are positively ignorant.  No need to regurgitate this all over
> >> > again.  Take your toy mail implementation and enjoy your hair.
> >>
> >> You are still refusing to give a direct answer to a direct question.
> >> How's that not ignorant? I wonder why that might be... All this "well,
> >> we can't really tell what the hardware may do" crap isn't enough.
> >> Perhaps you don't have an answer
> >
> > Y'know, if you don't get the fact that the answer you're being given
> > is that, ultimately, there really *isn't* an answer, you need some
> > more zen in your diet.
> 
> No, I've been given an answer for the RAID controllers (and even that
> was nebulous), now let's hear it for the SATA.
> 
> Again. no write-back cache anywhere, no softupdates, no async mounts,
> does the guarantee in the rename(2) apply to this case?
> 
> If it does, then say so . If it doesn't, then say so (and change the
> man page, maybe?).

It doesn't.

Life has no 'guarantee' as you seem to interpret the word.

Clear enough?

Man pages describe how things are intended to work. Life is too short for
them to attempt to describe the (inevitable) Series of Unfortunate Events
where the universe conspires to overwhelm our best efforts.

If you wish to ensure your mail is never lost in a computer, take
the 'e' out and use paper. I guarantee you will never lose any mail
then. Unless there's a fire, or your paper turns out to have too
much acid content, or the ink reacts too easily with UV, or
you go blind, or someone steals it, or you write it with your left
hand after a skiing accident and can't decipher your writing later
on, or the earth is demolished for an interstellar bypass.

In short, DON'T PANIC.

 Ken

Re: rename(2) man page (was: Re: OpenSMTPd actual development and integration)

[Kenneth R Westerback]

On Mon, Jan 25, 2010 at 08:47:14PM +, nixlists wrote:
> What are you running? Exchange??
> 
> Redundancy is nice, but email back-ups are futile. Backups might save
> from most, but not all lost messages after a crash.
> 
> Anyway, before we divert to a some other topic, someone please answer
> the question for the simplest case - we've already decided that every
> RAID controller in the world cannot be trusted:
> 
> Now SATA controller - no cache, SATA disk - write-back cache disabled.
> FFS mounted 'sync' on it. In most cases, can rename() provide the
> quarantee as its man page? By most cases I mean typical usage
> day-to-day usage without single-bit or other errors, or hardware going
> flaky. I do know errors happen, ok?
> 
> Thanks!

Exchange, Groupwise, Lotus, various Unix setups. You name it.

Day to day, no errors, no hardware going flakey, then anything will
work. In 'most' cases you will be suffering huge performance loses for
negligable increases in safety by disabling your cache.

If nothing fails you don't need to cripple yourself by frankensteining
your hardware. Moving hardware configuration out of the manufacturer
recommended comfort zone will INCREASE your chances of failure.

If you are trying to create a system where hardware (or software)
can never lose any of your data, you are Don Quixote and they are
windmills. Follow normal practise, backup religiously and you will
probably retire before the planets align and your data disappears.
In most cases. That's my plan.

 Ken

Re: Announcing: JigglyPuffBSD

[Siju George]

What new Development happened so as to tease thorsten and soner like this?
?


On Wed, Jan 20, 2010 at 1:56 AM, Jason Dixon  wrote:
> I'm proud to announce the rebirth of JigglyPuffBSD.  Catering to the
> distinguished *BSD user, JigglyPuffBSD aims to meet the demanding
> requirements of today's enterprise architectures.  With support for a
> broad range of buzzwords, it excels in B.S. and P.O.S. applications.
>
> As a fork of OpenBSD, we're proud of our heritage.  We've taken great
> pains to craft our regex with performance and precision in mind.
> Copyrights have been rewritten and attributions vanquished.  This is not
> your grandfather's BSD.  We're American and damn proud of it.
>
> http://jigglypuffbsd.blogspot.com/
>
> --
> Jason Dixon
> DixonGroup Consulting
> http://www.dixongroup.net/

Onward into 2010. Best wishes from ChinaPCBOne

[sales]

I'm going to deviate from my typical "marketing tip" style and speak candidly. 
It's possible this email won't necessarily apply to you, but still hope you can take a 
few minutes to understand about our products and services, maybe able to help your 
business.

My company is a professional PCB Manufacturer in ShenZhen of China, specialize 
in Quick Turn PCB prototypes,Small and Medium-volume PCB Product. We excel at 
Aluminum base PCB(AL PCB),Rigid-flex PCB,High Density pcb(HDI PCB),Impedance 
Control PCB,High Temperature PCB(High TG PCBs),Heavy Copper PCB,and other 
Advanced Circuits.

Now, if you think of our products and services are not for you, just click your 
mouse to delete it. Thank you for your valuable time!

Thank you very much to continue to learn more about our products and services!

Let me introduce to you more about our products:

Layers -- 2-48 Layers

Material  FR4,High Tg,Teflon,Rogers,Arlon,Taconic,Nelco,Al-base 


Board thickness - 0.2 --b 8.0mm

Copper Thickness  0.5 OZ --- 19 OZ

Mini line width/space --- 3mil/3mil

Mini finished Hole Size - 6mil(0.15mm)

Surface treatment --- HASL, Lead Free HASL,Immersion Gold,Flash 
Gold,Immersion Tin/Silver,Gold finger,OSP,Carbon Ink,Peelabe mask

Delivery time --- 24H for prototype,4-8days for mass production

Products Application  Communication,Military Avionics,Power 
Supplier,Industrial Controller,Automobile,LCD,LCD and so on

For Full details please visit our website: http://www.chinapcbone.com 


Thank you for you valuable time!

With best Regards,

Michelle Law


Sales Manager:Michelle Law

ChinaPCBOne--Professional PCB Manufacturer--Shenzhen China

Internet: http://www.ChinaPCBOne.com

E-Mail: sa...@chinapcbone.com

Phone: +86 (755) 27370200

Fax: +86 (755) 27395968

Mobile:+86-13612807580

Skype call:michelle.law.

MSN:sa...@chinapcbone.com


The information contained in this e-mail may be confidential information, and 
may also be the subject of professional privilege. If you are not the intended 
recipient, any use, interference with, disclosure or copying of this material 
is unauthorised and prohibited. Please inform us immediately and destroy the 
e-mail.

Re: OpenVPN problem.

[Alessandro Baggi]

Hi Simen. Then 10.0.8.1 and 10.0.8.2 are allocate by openvpn server and 
in the client are 10.0.8.6 and 10.0.8.5

they appear in ifconfing of tun0 on client and server side in this form:

10.0.8.1 -> 10.0.8.2
10.0.8.6 -> 10.0.8.5

My purpose is to study VPN with openvpn and i've not a remote place to 
get this setup and then I've reproduced a little reality.

Simen Stavdal wrote:

Ciao Alessandro,

So, from the server, the client gets allocated 10.0.8.5/32
(btw, probably a minor thing, but in your server conf file, you have a 
mismatch on the host/mask when you push the routes- it reads

push "route 10.1.1.1 255.255.0.0"  while it should read 10.1.0.0)
(doesn't seem to bother the client too much, but it might be worth a 
try to correct it).


Also, on the server side routing table, you have the following :
192.168.7/24  10.0.8.2   UGS0  175 
- 8 tun0


Where is 10.0.8.2?
This is from the pool of client addresses, but does not exist anywhere?

You also have som route statements in your server conf file, like this 
one :

route 192.168.7.0 255.255.255.0
It doesn't have a gateway, and is not locally connected
This tells the client host to route 192.168.7.0 to nowhere (even 
though it is locally connected on the client side).


On my config, the client side routing table looks like this (windows 
host) :

   10.10.177.0255.255.255.0  10.10.177.5 10.10.177.6   1
   10.10.177.4  255.255.255.252  10.10.177.6 10.10.177.6   30


Also, the two hosts are not connected with public addresses, can I ask 
why you want to use NAT between to RFC1918 networks that don't overlap?
I am trying to understand your objective and the purpose of the setup, 
maybe there is a different way of setting it up?


Cheers,
Simon.


Alessandro Baggi wrote:

Simen Stavdal wrote:

and...

do you have the routing table for some of the hosts that can/cannot 
ping each other?
Are there other gateways out of the networks, other than the openvpn 
box?


S.


I'm trying openvpn in my internal network:
 
   internet

 |
   primary node
192.168.1.1

/ \
  OBSD  
OBSD 2

  192.168.1.33   192.168.1.2
  10.1.0.0/16   
192.168.7.0/24
   |  
  |
. 
   .

Re: [4.6-stable] /etc/daily: Null message body; hope that's ok

[C. Bensend]

> # set -x; umask 077; /bin/sh /etc/daily 2>&1 | tee /var/log/daily.out |
> mail -s "`/bin/hostname` daily output" root
> + set -x
> + umask 077
> + /bin/sh /etc/daily
> + tee /var/log/daily.out
> ++ /bin/hostname
> + mail -s 'ns3 daily output' root
> Null message body; hope that's ok
> #
>
> Every night I get *2* emails, one is empty and the other one is the
> expected "daily output".

I'm seeing similar behavior with the January 15th -CURRENT snapshot.
I actually get three daily emails now:

* 1 that's completely blank
* 1 that says "Null message body; hope that's ok"
* 1 normal one with all the expected output

I thought I had fat-fingered something with sysmerge, but I
re-extracted /etc/daily and compared, and there were no differences.

Benny


-- 
"Blow with all your might into the bean stuffed straw."
   -- Spam message, 2006-11

UN perfecto "10", Las Hadas Manzanillo

[Las Hadas]

En caso de no poder ver correctamente este correo favor de dar haga clic aqum
Le interesa recibir nuestros email?
 

$ 1,570 Tarifa Hadas
(por noche habitacisn doble mas 16% IVA + 2% impuesto hospedaje)
Znicamente si mencionas este mail en tu reservacisn

Habitacisn de Lujo en ocupacisn 
sencilla o doble.
2 menores de 12 aqos compartiendo habitacisn con sus padres gratis.
Asignacisn preferencial
Coctel de bienvenida
50% descuento en Green Fee
30% descuento renta de carrito de Golf
Habitacisn de lujo


Av. Vista Hermosa s/n,
Fracc. Penmnsula de Santiago
Manzanillo, Colima / MIXICO
Csdigo Postal: 28867
Tel.:   (314) 331 0101
Fax.:  (314) 331 0121
Lada sin costo: 
01-800-713-3233

lasha...@brisas.com.mx
Codigo p/ reservacisn PROMHAD0110
Vigencia enero 20 a Febrero 28,2010.
   
 

Este mensaje fue enviado para informacisn de nuestras promociones. No 
pretendemos saturar su correo ni causarle molestias. Este mensaje de correo 
electrsnico no se considera "SPAM", ya que cumple con lo establecido en el 
capmtulo VIII BIS de los lineamientos sobre comercio electrsnico publicados por 
la PROFECO, ademas de contener instrucciones y una forma electrsnica para 
notificar y solicitar la cancelacisn de su envmo y no continuar recibiindolo. 
Si no desea recibir en un futuro estos mensajes favor de hacer clic en ( 
unsuscr...@pqstravel.com ) y sera removido de nuestra lista en 72 horas.
Si desea informacisn sobre nuestros servicios, contactennos a m...@pqstravel.com

[4.6-stable] /etc/daily: Null message body; hope that's ok

[Helmut Schneider]

Hi,

# set -x; umask 077; /bin/sh /etc/daily 2>&1 | tee /var/log/daily.out |
mail -s "`/bin/hostname` daily output" root
+ set -x
+ umask 077
+ /bin/sh /etc/daily
+ tee /var/log/daily.out
++ /bin/hostname
+ mail -s 'ns3 daily output' root
Null message body; hope that's ok
#

Every night I get *2* emails, one is empty and the other one is the
expected "daily output".

What's wrong?

Thanks, Helmut

-- 
No Swen today, my love has gone away
My mailbox stands for lorn, a symbol of the dawn