EUSecWest Amsterdam 2010 Call For Papers (short deadline May 5 - conf June 16/17)
EUSecWest CALL FOR PAPERS AMSTERDAM, Nederland -- The sixth annual EUSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown Amsterdam at the the Melkweg Multimedia Center near Leidseplein on June 16/17, 2010. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. The EUSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most scenic cities - a short walk away from several large hotels and the Leidseplein entertainment and shopping district, conveniently close to many famous museums, convenient transport, Vondel Park, and a plentitude of restaurants and bars. This year the first evening party will feature a special musical guest star. We will announce the performer(s) shortly. The EUSecWest conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application excercises to maximize information transfer. We would like to announce the opportunity to submit papers, and/or lightning talk proposals for selection by the CanSecWest technical review committee. This year we will be doing one hour talks, and some shorter talk sessions. Please make your paper proposal submissions before May 5th, 2010. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accomodations for the speakers. If you have a proposal for a tutorial session then please make your submission by mailing a plain text version of the information along with any other supporting material or formats to synopsis of the material and your biography, papers and, speaking background to "secwest10 [at] eusecwest.com" Only slides will be needed for the June paper deadline, full text does not have to be submitted - but will be accepted if available. This year we -- will be opening up the presentation guidelines to include talks not in English (particularly Chinese) which we will offer to translate for the speaker if they are not a native English speaker. The EUSecWest 2010 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1. Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2. Employer and/or affiliations. 3. Brief biography, list of publications and papers. 4. Any significant presentation and educational experience/background. 5. Topic synopsis, Proposed paper title, and a one paragraph description. 6. Reason why this material is innovative or significant or an important tutorial. 7. Optionally, any samples of prepared material or outlines ready. 8. Will you have full text available or only slides? 9. Language of preference for submission. 10. Please list any other publications or conferences where this material has been or will be published/submitted. IMPORTANT:Please include the plain text version of this information in your email as well as any file, pdf, sxw, ppt, or html attachments. Please forward the above information to "secwest10 [at] eusecwest.com" to be considered for placement on the speaker roster, or have your lightning talk scheduled. If you contact anyone else at our organization pl
Re: Research Affecting "Creative Commons"
On Thu, Apr 29, 2010 at 4:09 PM, Bryan wrote: > > > like http://www.kingdomofloathing.com > > Great... I just another time sink for work... :) > > Be careful...
Re: Research Affecting "Creative Commons"
On Thu, Apr 29, 2010 at 04:20:34PM -0600, Duncan Patton a Campbell wrote: > But in any event an interesting feature was that a "punishment" > system was found to be of little value in maintaining a resource, > and also that "strong control" (eg traditional ownership) was > no certain guarantee of a resource's good managment. This is > of possible interest to BSD vs. GPL3 debate in that the GPL > licence is intended to "punish" those who break it's rules, > whereas the BSD licence wastes no time on such a "downside" > and recognizes only potential for "constructivist" engagement. that has always been why GPL is less free. even the GPL people themselves say that code (ideas) are different than "real" goods. but then they try to compare the need to protect real goods (e.g. a home, a life) with the "need" to protect code (ideas). you don't really need any fancy research to see the hypocracy there. -- jake...@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
ktrace pppd errno 25 Was: pppd- unable to set non-blocking mode
The first few lines of a ktrace to the pppd process with a umodem detected card reveals: 31129 pppd EMUL "native" 31129 pppd RET nanosleep 0 31129 pppd CALL ioctl(0x5,TIOCMBIS,0x7f7eee64) 31129 pppd RET ioctl -1 errno 25 Inappropriate ioctl for device ioctl -1 errno 25 "Inappropriate ioctl for device" Isn't umodem supposed to make it behave as a tty? Again this is behavior seen on the last two snapshots. It is not something I have seen before... Original Message Subject: pppd- unable to set non-blocking mode Date: Wed, 28 Apr 2010 07:20:07 -0700 From: dave To: misc@openbsd.org Hi there, For the last two snapshots, I have started receiving the following output in /var/log/daemon: Apr 28 06:17:07 puffy pppd[5388]: Couldn't set device to non-blocking mode: Inappropriate ioctl for device A search of both @tech and @misc reveals only the suggestion that the poster's kernel and pppd are out of sync but that is not the case here. A google search and reading Stevens "Advanced Programming in the Unix Environment" Terminal IO lead me to believe that a successful connection to the isp would cause the DCD to be detected and the serial terminal to be opened with O_RDWR... I know that output is that is pasted above comes from /usr/src/usr.sbin/pppd/sys-bsd.c. Unfortuately, I cannot trace the code using the kdebug 2 option with pppd, so I don't know how to correct the inappropriate ioctl message. Pppd still works with this output, but I don't understand what would have changed; I have not had this output before. The configuration files have not changed either. /var/log/daemon Apr 28 06:16:55 puffy pppd[5388]: pppd 2.3.5 started by dave, uid 0 Apr 28 06:17:06 puffy pppd[5388]: Serial connection established. Apr 28 06:17:07 puffy pppd[5388]: Couldn't set device to non-blocking mode: Inappropriate ioctl for device Apr 28 06:17:07 puffy pppd[5388]: Using interface ppp0 Apr 28 06:17:07 puffy pppd[5388]: Connect: ppp0 <--> /dev/cuaU0 Apr 28 06:17:07 puffy pppd[5388]: Remote message: Congratulations! Apr 28 06:17:10 puffy pppd[5388]: local IP address 166.128.66.34 Apr 28 06:17:10 puffy pppd[5388]: remote IP address 72.215.255.9 Apr 28 06:19:37 puffy pppd[5388]: Connection terminated. Apr 28 06:19:37 puffy pppd[5388]: Couldn't restore device fd flags: Inappropriate ioctl for device Apr 28 06:19:37 puffy pppd[5388]: ioctl(TIOCSETD): Inappropriate ioctl for device Apr 28 06:19:37 puffy named[18899]: shutting down Apr 28 06:19:37 puffy named[18899]: stopping command channel on 127.0.0.1#953 Apr 28 06:19:37 puffy named[18899]: no longer listening on 127.0.0.1#53 Apr 28 06:19:37 puffy named[18899]: no longer listening on ::1#53 Apr 28 06:19:37 puffy named[18899]: exiting Apr 28 06:19:38 puffy pppd[5388]: tcsetattr: Inappropriate ioctl for device /etc/ppp/peers/umts cuaU0 921600 :72.215.255.9 noipdefault defaultroute crtscts modem modem_chat passive asyncmap 0 lock passive noauth user i...@cingulargprs.com connect '/usr/sbin/chat -e -f /etc/ppp/peers/umts.chat' /etc/ppp/peers/umts.chat ABORT BUSY ABORT "NO ANSWER" ABORT "NO DIALTONE" ABORT "NO CARRIER" '' AT TIMEOUT 30 '' AT+CFUN=1 T+CFUN=1 '' OK '' '+PACSP0' 'AT+CGDCONT=1,"IP","isp.cingular","0.0.0.0",0,1' OK\r\n 'ATDT*99***1#' \r\n\c CONNECT \c I start pppd with the following function: function pppup { if [[ $# -ne 0 ]]; then echo 'Usage: pppup' >&2 return 2 fi if [[ -n $(netstat -nrf inet | grep default) ]]; then sudo ifconfig trunk0 down && sudo route -q delete default fi sudo ifconfig ppp0 create sudo cp /etc/resolv.conf /etc/resolv.conf.bk sudo cp /etc/resolv.localhost /etc/resolv.conf sudo named && pppd call umts } Here is the dmesg: OpenBSD 4.7-current (GENERIC.MP) #225: Tue Apr 27 11:25:08 MDT 2010 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3177910272 (3030MB) avail mem = 3079602176 (2936MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (80 entries) bios0: vendor LENOVO version "6EET50WW (3.10 )" date 03/16/2010 bios0: LENOVO 2777CTO acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT TCPA SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) PCI1(S4) USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU U9600 @ 1.60GHz, 1596.23 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG cpu0: 3MB 64b/line 8-way L2 cache cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU U9600 @ 1.60GHz, 1596.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,
Re: Research Affecting "Creative Commons"
On Fri, 30 Apr 2010 09:16:40 +1000 "Rod Whitworth" wrote: > On Thu, 29 Apr 2010 16:20:34 -0600, Duncan Patton a Campbell wrote: > > Loads of crap. Trying to sound like a philosopher and failing. > > Why don't you piss off to some advocacy list. > > There is no functional difference between a troll and a pseud. > > Don't bother replying: All future mail on this topic >/dev/wanker > (In case you didn't guess: > ls -l /dev/null /dev/wanker > crw-rw-rw- 2 root wheel2, 2 Apr 30 08:55 /dev/null > crw-rw-rw- 2 root wheel2, 2 Apr 30 08:55 /dev/wanker) > > > > > *** NOTE *** Please DO NOT CC me. I subscribed to the list. > Mail to the sender address that does not originate at the list server is > tarpitted. The reply-to: address is provided for those who feel compelled to > reply off list. Thankyou. > > Rod/ > /earth: write failed, file system is full > cp: /earth/creatures: No space left on device > jus' checkin' on the verity of the forgoing ... ;) Dhu
Re: scp speed ffs/fat
I'v just tried again from obsd, and now it goes at 2.3MB/s Don't know what was on yesterday morning. Sorry for noise.
Re: Research Affecting "Creative Commons"
On Thu, 29 Apr 2010 16:20:34 -0600, Duncan Patton a Campbell wrote: Loads of crap. Trying to sound like a philosopher and failing. Why don't you piss off to some advocacy list. There is no functional difference between a troll and a pseud. Don't bother replying: All future mail on this topic >/dev/wanker (In case you didn't guess: ls -l /dev/null /dev/wanker crw-rw-rw- 2 root wheel2, 2 Apr 30 08:55 /dev/null crw-rw-rw- 2 root wheel2, 2 Apr 30 08:55 /dev/wanker) *** NOTE *** Please DO NOT CC me. I subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ /earth: write failed, file system is full cp: /earth/creatures: No space left on device
Re: Research Affecting "Creative Commons"
On Thu, 29 Apr 2010 21:57:19 +0200 "Bret S. Lambert" wrote: > On Thu, Apr 29, 2010 at 12:53:15PM -0600, Duncan Patton a Campbell wrote: > > Howdy List? > > > > This may, at first blush, seem to be more spam unrelated > > to the work of Open BSD. But it seems to me over the > > years one of the major criticisms of the Free/Open software > > movement has come from classical economics/ecology in the > > Really? I've never seen one that wasn't a press release > from Microsoft; please to cite your sources. > > > form of Garrett Hardin's Tragedy of the Commons. If we > > are to believe Hardin's thesis then building something > > like a free operating system (or "free" ideas in general) > > is the essense of pointless vanity. > > There is no parallel. The tragedy of the commons happens > because of the overuse of a limited resource; the open > source software world more closely resembles (in no small > part because it grew out of) academia; if the tragedy of > the commons were true for open source software, it would > be true for universities as well, and humanity would have > succumbed to gibbering idiocy long ago as human intellect > was mined to the point of exhaustion. That argument only falls on imagination not being a finite resource, but the "market" in which it must subsist is a time/space constrained ecology. But in any event an interesting feature was that a "punishment" system was found to be of little value in maintaining a resource, and also that "strong control" (eg traditional ownership) was no certain guarantee of a resource's good managment. This is of possible interest to BSD vs. GPL3 debate in that the GPL licence is intended to "punish" those who break it's rules, whereas the BSD licence wastes no time on such a "downside" and recognizes only potential for "constructivist" engagement. Also interesting is that the only way this common governance breaks down is when people do not adhere to rules they've made/agreed to. > > Now, since you have a magical thinking box that you're > using to communicate with a large number of people > automagically over the intertruck (itself something that > would've been subject to the aforementioned process), > the assertion is rather rediculous on its face, and ignores > the fundamental difference between the two areas: human > knowledge is entirely additive, whereas physical resources > are consumed in some manner. You take an idea, and it's > still there for someone else; you take a fish, and you've > fucked somebody else out of their dinner. > > It's a false analogy, and I need something better > *cough*girlfriend*cough* to do with my evenings. > > > > > But here: > > > > http://www.physorg.com/news191765285.html > > > > we have a games model showing that resources managed by > > a communicant group are not necessarily exploited to > > extinction. Interestingly the ability to impose > > sanctions in the form of fines for overexploitation > > did not appear to enhance resource productivity, > > only the ability to make ongoing agreements about > > constructive action appear to have mattered. > > > > If you think this is "off topic" and irrelevant to > > misc at openbsd org please accept my apologies and > > press delete now ;-) > > > > Dhu
Re: Research Affecting "Creative Commons"
On Thu, Apr 29, 2010 at 14:13, Ted Roby wrote: > In my opinion, Hooray! > I've experienced this phenomenon through games > like http://www.kingdomofloathing.com > > Great... I just another time sink for work... :)
Re: Research Affecting "Creative Commons"
On Thu, 29 Apr 2010 21:57:19 +0200 "Bret S. Lambert" wrote: > On Thu, Apr 29, 2010 at 12:53:15PM -0600, Duncan Patton a Campbell wrote: > > Howdy List? > > > > This may, at first blush, seem to be more spam unrelated > > to the work of Open BSD. But it seems to me over the > > years one of the major criticisms of the Free/Open software > > movement has come from classical economics/ecology in the > > Really? I've never seen one that wasn't a press release > from Microsoft; please to cite your sources. > > > form of Garrett Hardin's Tragedy of the Commons. If we > > are to believe Hardin's thesis then building something > > like a free operating system (or "free" ideas in general) > > is the essense of pointless vanity. > > There is no parallel. The tragedy of the commons happens > because of the overuse of a limited resource; the open > source software world more closely resembles (in no small > part because it grew out of) academia; if the tragedy of > the commons were true for open source software, it would > be true for universities as well, and humanity would have > succumbed to gibbering idiocy long ago as human intellect > was mined to the point of exhaustion. > > Now, since you have a magical thinking box that you're > using to communicate with a large number of people > automagically over the intertruck (itself something that > would've been subject to the aforementioned process), > the assertion is rather rediculous on its face, and ignores > the fundamental difference between the two areas: human > knowledge is entirely additive, whereas physical resources > are consumed in some manner. You take an idea, and it's > still there for someone else; you take a fish, and you've > fucked somebody else out of their dinner. Not so: ideas have an ecological context that limits their economic applicability in both space and time... stealing an idea and "taking it to market" first amounts to using someone's "better hook" to catch all the fish ... > > It's a false analogy, and I need something better > *cough*girlfriend*cough* to do with my evenings. Don't we all ;-) Dhu > > > > > But here: > > > > http://www.physorg.com/news191765285.html > > > > we have a games model showing that resources managed by > > a communicant group are not necessarily exploited to > > extinction. Interestingly the ability to impose > > sanctions in the form of fines for overexploitation > > did not appear to enhance resource productivity, > > only the ability to make ongoing agreements about > > constructive action appear to have mattered. > > > > If you think this is "off topic" and irrelevant to > > misc at openbsd org please accept my apologies and > > press delete now ;-) > > > > Dhu
NYTimes.com: Letters
This page was sent to you by: abdelkari...@live.fr. Dear friend,This message may Surprise you please accept my apology if it does upset you.however,It's my urgent need for a foreign partner that made me to contact you.I am a bank manager.I have an opportunity to transfer US$10.5Million.You should contact me for more details about the transaction. FASHION & STYLE | April 29, 2010 Letters Readers' feedback on "A Mother's Loss, a Daughter's Story" an article that ran in Thursday Styles, April 22. http://www.nytimes.com/2010/04/29/fashion/29letters.html?emc=eta1 -- ABOUT THIS E-MAIL This e-mail was sent to you by a friend through NYTimes.com's E-mail This Article service. For general information about NYTimes.com, write to h...@nytimes.com. NYTimes.com 620 Eighth Avenue New York, NY 10018 Copyright 2010 The New York Times Company
Re: Research Affecting "Creative Commons"
On Thu, Apr 29, 2010 at 12:53:15PM -0600, Duncan Patton a Campbell wrote: > Howdy List? > > This may, at first blush, seem to be more spam unrelated > to the work of Open BSD. But it seems to me over the > years one of the major criticisms of the Free/Open software > movement has come from classical economics/ecology in the Really? I've never seen one that wasn't a press release from Microsoft; please to cite your sources. > form of Garrett Hardin's Tragedy of the Commons. If we > are to believe Hardin's thesis then building something > like a free operating system (or "free" ideas in general) > is the essense of pointless vanity. There is no parallel. The tragedy of the commons happens because of the overuse of a limited resource; the open source software world more closely resembles (in no small part because it grew out of) academia; if the tragedy of the commons were true for open source software, it would be true for universities as well, and humanity would have succumbed to gibbering idiocy long ago as human intellect was mined to the point of exhaustion. Now, since you have a magical thinking box that you're using to communicate with a large number of people automagically over the intertruck (itself something that would've been subject to the aforementioned process), the assertion is rather rediculous on its face, and ignores the fundamental difference between the two areas: human knowledge is entirely additive, whereas physical resources are consumed in some manner. You take an idea, and it's still there for someone else; you take a fish, and you've fucked somebody else out of their dinner. It's a false analogy, and I need something better *cough*girlfriend*cough* to do with my evenings. > > But here: > > http://www.physorg.com/news191765285.html > > we have a games model showing that resources managed by > a communicant group are not necessarily exploited to > extinction. Interestingly the ability to impose > sanctions in the form of fines for overexploitation > did not appear to enhance resource productivity, > only the ability to make ongoing agreements about > constructive action appear to have mattered. > > If you think this is "off topic" and irrelevant to > misc at openbsd org please accept my apologies and > press delete now ;-) > > Dhu
Re: Research Affecting "Creative Commons"
On Thu, Apr 29, 2010 at 12:53 PM, Duncan Patton a Campbell < campb...@neotext.ca> wrote: > > > http://www.physorg.com/news191765285.html > > My initial reading of this causes me to think these test results are in favor of Decentralization. How political do you want to get on this board? In my opinion, Hooray! I've experienced this phenomenon through games like http://www.kingdomofloathing.com
Research Affecting "Creative Commons"
Howdy List? This may, at first blush, seem to be more spam unrelated to the work of Open BSD. But it seems to me over the years one of the major criticisms of the Free/Open software movement has come from classical economics/ecology in the form of Garrett Hardin's Tragedy of the Commons. If we are to believe Hardin's thesis then building something like a free operating system (or "free" ideas in general) is the essense of pointless vanity. But here: http://www.physorg.com/news191765285.html we have a games model showing that resources managed by a communicant group are not necessarily exploited to extinction. Interestingly the ability to impose sanctions in the form of fines for overexploitation did not appear to enhance resource productivity, only the ability to make ongoing agreements about constructive action appear to have mattered. If you think this is "off topic" and irrelevant to misc at openbsd org please accept my apologies and press delete now ;-) Dhu
Re: Questions about tables on pf
Lars Nooden wrote: On Thu, 29 Apr 2010, Leonardo Carneiro - Veltrac wrote: Tks. This info is very important to me 'cause my disk sucks, Look at the manual page for mount_mfs(8) and the option -P you can load a directory and the files in it into memory. and i'll have to create some tables that will be "hitted" very often in my ruleset. What are planning on adding to the tables? There may be another way to add addresses to the tables. /Lars Just list of IPs, and maybe some ports list, but this is not defined yet. But the table will not be updated very often. In fact, the "how-to-update-the-table" question was just an academic curiosity. I readed on the manual that are ways to add content "on the fly" in tables through the firewall, but i don't have this need yet.
Re: Questions about tables on pf
On Thu, 29 Apr 2010, Leonardo Carneiro - Veltrac wrote: Tks. This info is very important to me 'cause my disk sucks, Look at the manual page for mount_mfs(8) and the option -P you can load a directory and the files in it into memory. and i'll have to create some tables that will be "hitted" very often in my ruleset. What are planning on adding to the tables? There may be another way to add addresses to the tables. /Lars
Re: scp speed ffs/fat
I've just tried to issue the same command from linux double booted on the same machine, and it gives me this speed: 2.4MB/s
Re: Questions about tables on pf
Otto Moerbeek wrote: On Thu, Apr 29, 2010 at 10:15:08AM -0300, Leonardo Carneiro - Veltrac wrote: this file in memory or does it read from the disk for every packet? Neither. The addresses are loaded in kernel memory via pfctl. -Otto Tks. This info is very important to me 'cause my disk sucks, and i'll have to create some tables that will be "hitted" very often in my ruleset. Tks for the infos.
Re: Questions about tables on pf
Gregory Edigarov wrote: On Thu, 29 Apr 2010 10:15:08 -0300 Leonardo Carneiro - Veltrac wrote: Hello everyone. I have a table in my pf.conf: table persist const file "/etc/pf.conf.d/ips_allowed" If I add or remove IPs from this file mannualy, will the firewall be aware of such changes or do i need to reload pf? Also, pf do map this file in memory or does it read from the disk for every packet? Tks in advance and sorry for my poor english Please read the manual page. you will need to do something like: pfctl -Treplace -tips_allowed in order to reload your table Hi Gregory and others, I have read the documentation and i was aware that i can reload just the table instead the hole firewall, what i did not know was if pf could "sense" the changes in the file. But tks for the tips anyway.
Re: Questions about tables on pf
Leonardo Carneiro - Veltrac writes: > If I add or remove IPs from this file mannualy, will the firewall be > aware of such changes or do i need to reload pf? You can check what actually happens easily after editing the file by comparing the output of $ sudo pfctl -t ips_allowed -T show with the contents of the file, but the shorter answer is: No. You will need to reload table contents, with a command like $ sudo pfctl -t ips_allowed -T replace -f /etc/pf.conf.d/ips_allowed > Also, pf do map this file in memory or does it read from the disk > for every packet? Tables sourced from files are held in memory, and rule set evaluation in most cases is not triggered as long as an arriving packet matches a pre-existing state. My own take on basic table operations are up at http://home.nuug.no/~peter/pf/en/tables.html, the PF User Guide (aka The PF FAQ) has a tables section at http://www.openbsd.org/faq/pf/tables.html (and your friendly neighborhood mirror) - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Questions about tables on pf
On Thu, Apr 29, 2010 at 10:15:08AM -0300, Leonardo Carneiro - Veltrac wrote: > Hello everyone. > > I have a table in my pf.conf: > > table persist const file "/etc/pf.conf.d/ips_allowed" > > If I add or remove IPs from this file mannualy, will the firewall be > aware of such changes or do i need to reload pf? Also, pf do map You need to reload. Check the man page. > this file in memory or does it read from the disk for every packet? Neither. The addresses are loaded in kernel memory via pfctl. -Otto
Re: Questions about tables on pf
On Thu, 29 Apr 2010 10:15:08 -0300 Leonardo Carneiro - Veltrac wrote: > Hello everyone. > > I have a table in my pf.conf: > > table persist const file "/etc/pf.conf.d/ips_allowed" > > If I add or remove IPs from this file mannualy, will the firewall be > aware of such changes or do i need to reload pf? Also, pf do map this > file in memory or does it read from the disk for every packet? > > Tks in advance and sorry for my poor english Please read the manual page. you will need to do something like: pfctl -Treplace -tips_allowed in order to reload your table -- With best regards, Gregory Edigarov
Questions about tables on pf
Hello everyone. I have a table in my pf.conf: table persist const file "/etc/pf.conf.d/ips_allowed" If I add or remove IPs from this file mannualy, will the firewall be aware of such changes or do i need to reload pf? Also, pf do map this file in memory or does it read from the disk for every packet? Tks in advance and sorry for my poor english -- Leonardo Carneiro
Re: scp speed ffs/fat
On Thu, 29 Apr 2010, Claudio Jeker wrote: On Wed, Apr 28, 2010 at 08:50:45PM -0400, Brad Tilley wrote: On Thu, 29 Apr 2010 07:09 +0800, shweg...@gmail.com wrote: Transfering a file using scp into my home directory gives me this speed (home netword): 658.8KB/s while copying it directly into a usb stick (fat32) gives me this: 1.5MB/s is it normal? scp is encrypted and traveling across your network. Those things will impact transfer speeds. This does not realy matter here since using a usb stick gives double the performance. The encryption overhead is not much of an issue these days unless you run on a sparc, m68k or another system with 2 digit MHz speed. Now if a dmesg would have been included we would know more. I blame it on the disk or actually missing UDMA. -- :wq Claudio thanks for replying, it's a thinkpad x200 this is my dmesg: OpenBSD 4.6 (GENERIC.MP) #89: Thu Jul 9 21:32:39 MDT 2009 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz ("GenuineIntel" 686-class) 2.27 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL, VMX,SMX,EST,TM2,CX16,xTPR real mem = 3176427520 (3029MB) avail mem = 3076603904 (2934MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 05/18/09, BIOS32 rev. 0 @ 0xfdc80, SMBIOS rev. 2.4 @ 0xe0010 (68 entries) bios0: vendor LENOVO version "6DET53WW (3.03 )" date 05/18/2009 bios0: LENOVO 7457AC1 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT TCPA DMAR SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz ("GenuineIntel" 686-class) 2.27 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL, VMX,SMX,EST,TM2,CX16,xTPR ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus -1 (EXP2) acpiprt5 at acpi0: bus 5 (EXP3) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpipwrres0 at acpi0: PUBS acpitz0 at acpi0: critical temperature 127 degC acpitz1 at acpi0: critical temperature 104 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model "42T4646" serial 4612 type LION oem "SANYO" acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit offline acpithinkpad0 at acpi0 acpidock0 at acpi0: GDCK not docked (0) bios0: ROM list: 0xc/0x1! 0xd/0x1000 0xd1000/0x1000 0xd2000/0x1000 0xde000/0x1800! 0xe/0x1 cpu0: Enhanced SpeedStep 2262 MHz: speeds: 2267, 2266, 1600, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel GM45 Host" rev 0x07 vga1 at pci0 dev 2 function 0 "Intel GM45 Video" rev 0x07 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 (irq 11) drm0 at inteldrm0 "Intel GM45 Video" rev 0x07 at pci0 dev 2 function 1 not configured "Intel GM45 HECI" rev 0x07 at pci0 dev 3 function 0 not configured pciide0 at pci0 dev 3 function 2 "Intel GM45 PT IDER" rev 0x07: DMA (unsupported), channel 0 wired to native-PCI, channel 1 wired to native-PCI pciide0: using apic 1 int 18 (irq 11) for native-PCI interrupt pciide0: channel 0 ignored (not responding; disabled or no drives?) pciide0: channel 1 ignored (not responding; disabled or no drives?) "Intel GM45 AMT SOL" rev 0x07 at pci0 dev 3 function 3 not configured em0 at pci0 dev 25 function 0 "Intel ICH9 IGP M AMT" rev 0x03: apic 1 int 20 (irq 11), address 00:1f:16:1f:da:e3 uhci0 at pci0 dev 26 function 0 "Intel 82801I USB" rev 0x03: apic 1 int 20 (irq 11) uhci1 at pci0 dev 26 function 1 "Intel 82801I USB" rev 0x03: apic 1 int 21 (irq 11) uhci2 at pci0 dev 26 function 2 "Intel 82801I USB" rev 0x03: apic 1 int 22 (irq 11) ehci0 at pci0 dev 26 function 7 "Intel 82801I USB" rev 0x03: apic 1 int 23 (irq 11) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 "Intel 82801I HD Audio" rev 0x03: apic 1 int 17 (irq 11) azalia0: codecs: Conexant CX20561 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 "Intel 82801I PCIE" rev 0x03: apic 1 int 20 (irq 11) pci1 a
Venez me joindre sur « Nous avons la Parole de Dieu »!
Nous avons la Parole de Dieu: Le site Nous avons la Parole de Dieu vous souhaite la bienvenue ! Venez me joindre sur Nous avons la Parole de Dieu! Antoinette Gurrieri Cliquez sur le lien ci-dessous pour vous joindre C un rC)seauB : http://nousavonslaparolededieu.ning.com/?xgi=05bfAtulVXvAvM&xg_source=msg_invite_net If your email program doesn't recognize the web address above as an active link, please copy and paste it into your web browser Membres dC)jC sur Nous avons la Parole de Dieu MPASSI NGOUONO thecle Elodie, Marcel Harrison, Doudou, Coucoucmoi, Stephane Apffel Au sujet du rC)seau: Nous avons la Parole de Dieu La vision du site est lbC)vangC)lisation et la proclamation de la Parole de Dieu. 632 membres 416 photos 108 chansons 110 vidC)os 319 discussions 25 billets Pour dC)terminer quels courriels vous recevez dans le coin, ou exclusion, passer C : http://nousavonslaparolededieu.ning.com/?xgo=EyWTUKfv-lZwWIKo0unMNXPB5yKJhHqwW6jF3pwwX9PcJ-KLP0ksKw&xg_source=msg_invite_net
No ACPI battery/ac status readings on a ASUS UL30A laptop.
Hi misc! I just got one of these babies as a present and put OpenBSD on it right away. Everything seems to be running smoothly, with the single exception of battery and ac status readings in apm(8): Battery state: absent, 0% remaining, unknown life estimate A/C adapter state: not known Performance adjustment mode: auto (1300 MHz) If however, I remove and reattach the battery, it's status is there in all it's glory. I've poked around in acpibat.c and acpiac.c but my experience with ACPI is pretty limited and I can't really make much sense of it (yet). Has anyone else experienced this problem? Are there any obvious things I can try to get things working? I'm currently building a kernel with ACPI_DEBUG defined to see if I can get some more information on what's going on. dmesg: OpenBSD 4.7-current (GENERIC.MP) #557: Tue Apr 27 00:36:31 MDT 2010 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Genuine Intel(R) CPU U7300 @ 1.30GHz ("GenuineIntel" 686-class) 1.34 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE real mem = 3184717824 (3037MB) avail mem = 3089928192 (2946MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/28/09, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.5 @ 0xfcce0 (41 entries) bios0: vendor American Megatrends Inc. version "212" date 12/28/2009 bios0: ASUSTeK Computer Inc. UL30A acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC MCFG SLIC ECDT DBGP BOOT OEMB HPET GSCI SSDT acpi0: wakeup devices USB0(S3) USB1(S3) USB2(S3) USB5(S3) EUSB(S3) USB3(S3) USB4(S3) USB6(S3) USBE(S3) HDAC(S3) P0P1(S3) P0P3(S3) P0P5(S3) P0P6(S3) P0P7(S4) LAN_(S4) GLAN(S4) P0P8(S3) SLPB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 205MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Genuine Intel(R) CPU U7300 @ 1.30GHz ("GenuineIntel" 686-class) 1.34 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 2 (P0P2) acpiprt2 at acpi0: bus 3 (P0P7) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C1, PSS acpicpu1 at acpi0: C3, C1, PSS acpitz0 at acpi0: critical temperature 100 degC acpiac0 at acpi0: AC unit in unknown state acpibat0 at acpi0: BAT0 not present acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: LID_ acpivideo0 at acpi0: VGA_ acpivout0 at acpivideo0: CRTD acpivout1 at acpivideo0: LCDD acpivout2 at acpivideo0: HDMI bios0: ROM list: 0xc/0xfe00! cpu0: Enhanced SpeedStep 1339 MHz: speeds: 1300, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel GM45 Host" rev 0x07 vga1 at pci0 dev 2 function 0 "Intel GM45 Video" rev 0x07 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 2 int 16 (irq 10) drm0 at inteldrm0 "Intel GM45 Video" rev 0x07 at pci0 dev 2 function 1 not configured uhci0 at pci0 dev 26 function 0 "Intel 82801I USB" rev 0x03: apic 2 int 16 (irq 10) uhci1 at pci0 dev 26 function 1 "Intel 82801I USB" rev 0x03: apic 2 int 21 (irq 7) uhci2 at pci0 dev 26 function 2 "Intel 82801I USB" rev 0x03: apic 2 int 19 (irq 3) ehci0 at pci0 dev 26 function 7 "Intel 82801I USB" rev 0x03: apic 2 int 18 (irq 6) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 "Intel 82801I HD Audio" rev 0x03: apic 2 int 22 (irq 4) azalia0: codecs: Realtek ALC269, Intel/0x2802, using Realtek ALC269 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 "Intel 82801I PCIE" rev 0x03 pci1 at ppb0 bus 1 ppb1 at pci0 dev 28 function 1 "Intel 82801I PCIE" rev 0x03 pci2 at ppb1 bus 2 athn0 at pci2 dev 0 function 0 "Atheros AR9285" rev 0x01: apic 2 int 17 (irq 5), address 1c:4b:d6:ba:b3:4b athn0: AR9285 rev 2 (1T1R), ROM rev 13 ppb2 at pci0 dev 28 function 5 "Intel 82801I PCIE" rev 0x03: apic 2 int 17 (irq 5) pci3 at ppb2 bus 3 alc0 at pci3 dev 0 function 0 "Attansic Technology L2C" rev 0xc0: apic 2 int 17 (irq 5), address 48:5b:39:3f:2b:f0 atphy0 at alc0 phy 0: F1 10/100/1000 PHY, rev. 11 uhci3 at pci0 dev 29 function 0 "Intel 82801I USB" rev 0x03: apic 2 int 23 (irq 10) uhci4 at pci0 dev 29 function 1 "Intel 82801I USB" rev 0x03: apic 2 int 19 (irq 3) uhci5 at pci0 dev 29 function 2 "Intel 82801I USB" rev 0x03: apic 2 int 18 (irq 6) ehci1 at pci0 dev 29 function 7 "Intel 82801I USB" rev 0x03: apic 2 int 23 (irq 10) usb1 at ehci1: USB revision 2.0 uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1 ppb3
Re: ftp issue
writes: > In my rc.conf.local, i added these 2 lines > ftpproxy_flags="" > ftpproxy_flags="-R 172.17.2.21 -p 21 -b 10.10.10.10" That way you set the variable twice, only the last one is actually used. > Is it good ? (my ftp server is 172.17.2.21 and Ext_IP : 10.10.10.10") > At reboot, i have only 1 ftp-proxy started, is it normal? Yes, if you want two separate proxies, you need to run the second on some other port and with a separate set of startup options. Keep the ftpproxy_flags="" part in your rc.conf.local, but put the magic for the second one in rc.local much like you would for any non-default daemon, and adjust the pf rules so the traffic hits the relevant proxy and the back end. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: confused about updating -current
If you use a snapshot you'll be very close to current and --- On Thu, 29/4/10, Jacob Meuser wrote: > From: Jacob Meuser > Subject: Re: confused about updating -current > To: misc@openbsd.org > Date: Thursday, 29 April, 2010, 2:59 > On Wed, Apr 28, 2010 at 05:05:06PM > -0500, Chris Bennett wrote: > > A while back on some thread, someone said that they > ran -current > > versions for a long while, updating ports tree for > that snapshot and > > could "run" with that particular -current as long as > they liked by > > adding packages as needed by building with that ports > snapshot, > > rather than using a later ports tree or packages. > > > > This seems like it could be a good way to jump forward > but not need > > to constantly update even if a new package is needed, > since ports > > tree holds proper builds for that snapshot at that > time. > > If you run current you will likely have very few problems running any packages you like apart from temporary problems due to being in the middle of ongoing changes but may have to be prepared to resync and try again. If you run a snapshot or current without keeping up then you may be able to get it to work with a particular package for a few months, years or just a few days/hours but you may be able to add libraries etc to buy time. This is not supported because the consequences would be complicated, cannot be checked and possibly only known to a particular developer, but may work for you. If you run stable, everything in the stable ports tree should work fine and more of it is being kept upto date. I heard 4.7 will likely keep firefox upto date :-). Server packages such as postgresql are more likely to be kept upto date. If you jump from stable to current/snapshot and the upgrade guide isn't out yet, you may find your pf.conf needs updating, or other problems etc. www.openbsd.org/plus47.html may help you here but will never be as clear as the upgrade guide. It is easy to see what versions packages are at in cvs web or snapshot folders etc. I'm not sure if you can in stable aside from by building the port?
3ЕМЛЯ И ВСЕ ЧТО С НЕЙ СВЯЗАНО!!! ФИЗ И ЮР ЛИЦАМ!
3ELK_ H BQE WRN Q MEI q...@mn!!! THG H ^P k...@l! Opednqr`bkel{e sqksch: - aeq...@rm[e jnmqs...@vhh - ntnplkemhe op`b qnaqrbemmnqrh m` gelk~ - oepentnplkemhe h ophb`rhg`vh gelek|m{u sw`qrjnb qnck`qmn onqkedmhu hglememhi g`jnmnd`rek|qrb` b jnpnrjhe qpnjh; - hglememhe vekebncn m`gm`wemh gelek|m{u sw`qrjnb; - oepeqlnrp `pemdmni ok`r{ g` gelk~ b qrnpnms ee slem|xemh; - op`bnbni `sdhr gelek|m{u sw`qrjnb, ondcnrnbj` ~phdhweqjhu b{bndnb; - qnqr`bkemhe operemghi, f`kna, hqjnb, ` r`jfe opedqr`bkemhe hmrepeqnb b qsde h dpschu cnqsd`pqrbemm{u npc`m`u; - nazedhmemhe h p`gdekemhe gelek|m{u sw`qrjnb; - qnopnbnfdemhe mnbncn qrpnhrek|qrb` (b r.w. jnrredfmne qrpnhrek|qrbn) h kec`khg`vh q`lnbnk|mncn qrpnhrek|qrb`; - jnmqsk|r`vhh on m`kncnnaknfemh~ gelkh h medbhfhlnqrh; rek./t`jq (044) 5l6-51-32, (044) 353-l1-37, (050) 44l-29-89 E-mail: i...@olimp.kiev.ua www.olimp.kiev.ua = = = = = iylzkg jszxmqnd tzgol zmtaxd gtphvrq ugynwlgb
Re: Printing schemas
On Sat, Apr 24, 2010 at 10:47 PM, Ed Ahlsen-Girard wrote: > I'm looking specifically ay how to print to a USB printer that is > hanging off an XP box. cups + samba will do what you want. For a little howto, have a look at: http://vext01.blogspot.com/2009/11/setting-up-printer-on-openbsd-and-cups.html cheers, David