Re: Installer bug? - Upgrade 4.6 to 4.7 failed to upgrade base47, on i386 and amd64
> Theo de Raadt cvs.openbsd.org> writes: > > > A chit-chat on a public mailing list isn't going to find this supposed > > bug. Why discuss it? Why not just keep prove it happened. > > Yes, Theo. Though: How? This is what I tried to find out. > I showed the list if files. Do you assume I tinkered with it? Why should I? > pfctl wasn't working correctly. Without the help of the list, I wouldn't have > been able to drill it down to some 70 files being of the previous version. > Thanks to everyone who helped! > > > Don't you see > > how tiring it is to discuss it when we've seen no evidence? > > It might be tiring, but what evidence do you want? Here, I want to solve a > problem of files missing. Since I followed the Upgrade guide to the dot, > rebooted to bsd.rd in the beginning, rebooted at the command prompt, we (I) > need > to find what went wrong. That's all. I don't even mind if the mistake was on > my > side, then I could learn. > > So, please, specify the evidence that you need. If everyone felt the need to debug the personal problem with their own machines on this giant mailing list in the fashion you just did, I will unsubscribe. It isn't tiring -- it is just plain ridiculous. Figure out what is wrong, THEN POST THAT.
Re: pf and ftp-proxy active/passive problems
On Jun 3, 2010, at 3:51 AM, Calomel Org wrote: > Teemu, > > Are you sure the ftp server you are connecting to supports active and > passive ftp? You may want to try your test against ftp.openbsd.org. That is a very good point. I thought so as I got both modes working from different nodes, but I am not sure any more. I tried to ftp.openbsd.org and the results are different indeed. >From a host behind my pf machine: host$ ftp ftp.openbsd.org Connected to openbsd.sunsite.ualberta.ca. ftp> ls 229 Entering Extended Passive Mode (|||60318|) ftp: Can't connect to `129.128.5.191': Connection refused 200 EPRT command successful. 150 Opening ASCII mode data connection for '/bin/ls'. total 8 drwxr-xr-x 2 0 0 512 May 4 2009 etc drwxr-xr-x 3 0 0 512 Jul 21 2009 pub 226 Transfer complete. host$ ftp -p ftp.openbsd.org Connected to openbsd.sunsite.ualberta.ca. ftp> ls 229 Entering Extended Passive Mode (|||63762|) ftp: Can't connect to `129.128.5.191': Connection refused >From the pf machine: fw$ ftp ftp.openbsd.org Connected to openbsd.sunsite.ualberta.ca. ftp> ls 150 Opening ASCII mode data connection for '/bin/ls'. total 8 drwxr-xr-x 2 0 0 512 May 4 2009 etc drwxr-xr-x 3 0 0 512 Jul 21 2009 pub 226 Transfer complete. fw$ ftp -p ftp.openbsd.org Connected to openbsd.sunsite.ualberta.ca. ftp> ls 150 Opening ASCII mode data connection for '/bin/ls'. total 8 drwxr-xr-x 2 0 0 512 May 4 2009 etc drwxr-xr-x 3 0 0 512 Jul 21 2009 pub 226 Transfer complete. If that doesn't ring a bell and you still have time and interest, my pf.conf is at http://www.rinta-aho.org/tmp/pf.conf Thanks! Teemu
Re: Installer bug? - Upgrade 4.6 to 4.7 failed to upgrade base47, on i386 and amd64
Theo de Raadt cvs.openbsd.org> writes: > A chit-chat on a public mailing list isn't going to find this supposed > bug. Why discuss it? Why not just keep prove it happened. Yes, Theo. Though: How? This is what I tried to find out. I showed the list if files. Do you assume I tinkered with it? Why should I? pfctl wasn't working correctly. Without the help of the list, I wouldn't have been able to drill it down to some 70 files being of the previous version. Thanks to everyone who helped! > Don't you see > how tiring it is to discuss it when we've seen no evidence? It might be tiring, but what evidence do you want? Here, I want to solve a problem of files missing. Since I followed the Upgrade guide to the dot, rebooted to bsd.rd in the beginning, rebooted at the command prompt, we (I) need to find what went wrong. That's all. I don't even mind if the mistake was on my side, then I could learn. So, please, specify the evidence that you need. Uwe
Re: traffic management
On Wed, June 2, 2010 13:37, Theo de Raadt wrote: >> > Hello Misc, >> > >> > Ideally this control altq the similarity in the tc tool in Linux. >> Who would want this? This was the main reason for me to switch my >> routers to OpenBSD. (consistency, ease of configuring) >> I didn't want to fiddle with iptables and tc, search in outdated >> tc documentations or make (or use) huge scripts just to set a sane >> firewall-trafficshaping with a little extensibility. The native OpenBSD >> tools are just fine. me too ... iptables naver more ... damn prerouting and postrouting ... >> (wifi-configuration's the same) > > Well, Andreas, don't worry -- it won't be changing. great, thanks for pf ! matheus -- We will call you cygnus, The God of balance you shall be A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? http://en.wikipedia.org/wiki/Posting_style
RES: Implementing ntop - Last Version
Ok, thanks!!! Att -- Rovercy De: Janne Johansson [mailto:icepic...@gmail.com] Enviada em: Wednesday, June 02, 2010 10:59 AM Para: Rovercy de Oliveira; misc@openbsd.org Assunto: Re: Implementing ntop - Last Version 2010/6/2 Rovercy de Oliveira I did not paste the details error, because that is not the point. I am just wondering if someone got success with last ntop version on OpenBSD. If your point was "I need to get recent ntop to work", details really should be included. -- To our sweethearts and wives. May they never meet. -- 19th century toast Este comunicado, incluindo seus anexos, e de uso exclusivo do destinatario e pode conter informacoes confidenciais e/ou privilegiadas. Se voce nao e o destinatario designado, qualquer uso, copia, divulgacao, veiculacao ou distribuicao e estritamente proibida. Por favor notifique o remetente imediatamente, respondendo este email, apague esta mensagem e destrua todas as copias. This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.
Re: traffic management
2010/6/3 irix : > Hello Misc, > > Ideally this control altq the similarity in the tc tool in Linux. > > -- > Best regards, > irix mailto:i...@ukr.net Nobody here is stopping you from using Linux.
Re: pf and ftp-proxy active/passive problems
Teemu,
Are you sure the ftp server you are connecting to supports active and
passive ftp? You may want to try your test against ftp.openbsd.org.
This is a linux machine behind a pf firewall (openbsd v4.7) using
ftp-proxy. Both active (PORT) and passive listings seem to work.
$ ftp ftp.openbsd.org
Connected to openbsd.sunsite.ualberta.ca.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for '/bin/ls'.
total 8
drwxr-xr-x 2 0 0 512 May 4 2009 etc
drwxr-xr-x 3 0 0 512 Jul 21 2009 pub
226 Transfer complete.
$ ftp -p ftp.openbsd.org
Connected to openbsd.sunsite.ualberta.ca.
ftp> ls
227 Entering Passive Mode (129,128,5,191,214,178)
150 Opening ASCII mode data connection for '/bin/ls'.
total 8
drwxr-xr-x 2 0 0 512 May 4 2009 etc
drwxr-xr-x 3 0 0 512 Jul 21 2009 pub
226 Transfer complete.
Was this the problem?
--
Calomel @ https://calomel.org
Open Source Research and Reference
On Wed, Jun 02, 2010 at 07:23:24PM -0400, Teemu Rinta-aho wrote:
>Hi all,
>
>(First, sorry if you receive this e-mail multiple times,
>I changed my smtp server as the first one doesn't seem
>to get mails to this list.)
>
>my firewall (OpenBSD 4.7) is running packet filter with NAT
>and tcp-proxy to provide FTP for hosts in the network behind
>the firewall/NAT.
>
>The problem is that a host behind the firewall, connecting
>to an FTP server in the internet through the firewall, active
>mode works but passive doesn't. On firewall's external
>interface I can see packets going to the FTP server but no reply
>packets.
>
>Trying FTP directly from the firewall, passive mode works but active
>doesn't (ftp client says "425 Could not open data connection
>to port 55476: Connection refused"). In this case ftp-proxy is
>not used as the firewall should be just like any other ftp client.
>
>I have updated my pf.conf as per the 4.7 upgrade instructions
>and I have run tcpdump to network interfaces as well as pflog0,
>but so far I don't understand what might be wrong. I tried to
>see pf rules or states inserted by ftp-proxy with commands like
>'pfctl -a "ftp-proxy/*" -sr' but either it doesn't print anything
>and trying 'pfctl -a '*' -sr' I get:
>
>
>anchor "*" all {
>pfctl: DIOCGETRULES: Invalid argument
>}
>...
>
>Any help appreciated. It is not a showstopper but pretty annoying,
>as e.g. Firefox defaults to passive mode.
>
>Teemu
pf and ftp-proxy active/passive problems
Hi all,
(First, sorry if you receive this e-mail multiple times,
I changed my smtp server as the first one doesn't seem
to get mails to this list.)
my firewall (OpenBSD 4.7) is running packet filter with NAT
and tcp-proxy to provide FTP for hosts in the network behind
the firewall/NAT.
The problem is that a host behind the firewall, connecting
to an FTP server in the internet through the firewall, active
mode works but passive doesn't. On firewall's external
interface I can see packets going to the FTP server but no reply
packets.
Trying FTP directly from the firewall, passive mode works but active
doesn't (ftp client says "425 Could not open data connection
to port 55476: Connection refused"). In this case ftp-proxy is
not used as the firewall should be just like any other ftp client.
I have updated my pf.conf as per the 4.7 upgrade instructions
and I have run tcpdump to network interfaces as well as pflog0,
but so far I don't understand what might be wrong. I tried to
see pf rules or states inserted by ftp-proxy with commands like
'pfctl -a "ftp-proxy/*" -sr' but either it doesn't print anything
and trying 'pfctl -a '*' -sr' I get:
anchor "*" all {
pfctl: DIOCGETRULES: Invalid argument
}
...
Any help appreciated. It is not a showstopper but pretty annoying,
as e.g. Firefox defaults to passive mode.
Teemu
Re: UVC Webcams
I tested Skype on NetBSD and DragonflyBSD where is newer Linux emulation (SuSe 10), but it wasn't running by default because of problem directly in SuSe so you need newer libasound.so.2 but not much newer :-) And you need version of Skype which is in FreeBSD ports 2.0.0.72. It's possible to download it from some places on Internet. Of course that you will get only chat. On OpenBSD it was running with older version of Skype. Newer versions are not running and app just hangs or create core dump or start without displaying contacts. It's because of older Linux emulation layer in OpenBSD and because Skype changes their binary so much. Didn't played with it for some time now, but I'm sure that it's possible to get it running and main source of problems seems to be correct version of libasound.so.2 and Skype binary. On Wed, Jun 2, 2010 at 8:03 PM, Robert Kopp wrote: > I have used a number of operating systems, including Linux and FreeBSD, and am thinking about adding OpenBSD to the list. (This would be i386, or amd64 if the latter has enough features: my hardware will support it). I use a UVC Webcam with Linux, and it would increase my motivation to try OpenBSD if such equipment would also work with that OS. I heard that 4.4 offered "partial" support, and there are more recent releases than that. Has anyone here tried using such a Webcam (say, with Skype or Ekiga?). Skype probably doesn't work unless Linux emulation is pretty well-developed, as with FreeBSD, but there should be a native port of Ekiga. > > > Robert "Tim" Kopp > http://analytic.tripod.com/ > > -- http://www.openbsd.org/lyrics.html
Re: UVC Webcams
On Wed, 2 Jun 2010 11:03:26 -0700 (PDT), Robert Kopp wrote: > I have used a number of operating systems, including Linux and > FreeBSD, and am thinking about adding OpenBSD to the list. (This > would be i386, or amd64 if the latter has enough features: my > hardware will support it). I use a UVC Webcam with Linux, and it > would increase my motivation to try OpenBSD if such equipment would > also work with that OS. I heard that 4.4 offered "partial" support, > and there are more recent releases than that. Has anyone here tried > using such a Webcam (say, with Skype or Ekiga?). Skype probably > doesn't work unless Linux emulation is pretty well-developed, as with > FreeBSD, but there should be a native port of Ekiga. > > > Robert "Tim" Kopp > http://analytic.tripod.com/ > >From my personal experiences -- I wouldn't count on Skype. I could get it to run, but I couldn't make it display cyrillic characters properly and it worked somewhat oddly, ultimately it would freeze up after a few minutes of work. USB webcams work.
Re: PF Tables scoping.
James,
I can confirm. If a table is created by an anchor with the same name as
an existing table the following error is printed:
pfctl: warning: namespace collision with global table.
The anchors table is different from the main pf table.
pfctl -vvs Tables
--a-rhC BLOCKTEMP
Addresses: 12
Cleared: Wed Dec 31 19:00:00 1969
pfctl -a games -vvs Tables
--a-r-C BLOCKTEMP games
Addresses: 0
Cleared: Wed Jun 2 16:40:14 2010
--
Calomel @ https://calomel.org
Open Source Research and Reference
On Wed, Jun 02, 2010 at 04:23:54PM -0400, James Records wrote:
>On Wed, Jun 2, 2010 at 10:48 AM, James Records wrote:
>
>> Hi All,
>>
>> Having an issue with anchors and tables again, I had this same issue a
>> couple of years ago in 4.5 but never got any response, hoping someone can
>> shed some light onto what I'm missing here, or if this is even supported,
>> I'm trying to use an overload rule inside of an anchor to populate a table
>> defined outside of all anchors. I haven't seen anything that specifically
>> says this isn't supported, but if thats the case I'd like to get it
>> clarified. Here are snippets of pf.conf that don't work, and one that does,
>> and an explanation of why I can't just use the one that does work without
>> side effects.
>>
>> Thanks in advance,
>>
>> J
>>
>>
>>
>> Doesn't work:
>>
>> ##
>> Tables ###
>> ##
>> table persist
>>
>> #
>> Blocked Sites
>> #
>> anchor "Blocked_Sites" {
>> block in quick from to any
>> }
>>
>> ##
>> ### TEST_IN ###
>> ##
>> anchor "TEST_IN" {
>> pass in log quick on em0 inet proto tcp \
>> from any to \
>> port { 443 } keep state \
>> (max 100, source-track rule, max-src-nodes 10, max-src-states 20,
>> max-src-conn 20, max-src-conn-rate 2/15, overload flush)
>> }
>>
>>
>> But remove the anchor from the overload rule and it works fine:
>>
>> ###
>> Tables
>> ###
>> table persist
>>
>> #
>> Blocked Sites
>> #
>> anchor "Blocked_Sites" {
>> block in quick from to any
>> }
>>
>> ###
>> ### TEST_IN ###
>> ###
>> #anchor "TEST_IN" {
>> pass in log quick on em0 inet proto tcp \
>> from any to \
>> port { 443 } keep state \
>> (max 100, source-track rule, max-src-nodes 10, max-src-states 20,
>> max-src-conn 20, max-src-conn-rate 2/15, overload flush)
>> #}
>>
>> This would be simple enough but I want to be able to parse my logs using
>> the anchor names, this isn't possible using the 2nd method.
>>
>> The docs say this should just work from everything I can tell, I can "read"
>> from a global table from within an anchor but am failing to "write" to it
>> from within an anchor using the overload rule
>>
>
>
>
>Just an update, I've done some more digging, it seems like I'm running into
>an issue where its creating a new table inside the anchor, I'm thinking this
>is just a bug where the table gets created because it doesn't look outside
>of the anchor to see if one already exists, but I just want to get another
>pair of eyes to confirm.
>
>Thanks
>J
>
> pfctl -vvs Tables
>-pa--h-blocked_sites
> Addresses: 0
> Cleared: Wed Jun 2 06:10:20 2010
> References: [ Anchors: 3 Rules: 0 ]
> Evaluations: [ NoMatch: 162Match: 0 ]
> In/Block:[ Packets: 0 Bytes: 0 ]
> In/Pass: [ Packets: 0 Bytes: 0 ]
> In/XPass:[ Packets: 0 Bytes: 0 ]
> Out/Block: [ Packets: 0 Bytes: 0 ]
> Out/Pass:[ Packets: 0 Bytes: 0 ]
> Out/XPass: [ Packets: 0 Bytes: 0 ]
>
>$ pfctl -a "TEST_IN" -vvs Tables
>--a-r--blocked_sites TEST_IN
> Addresses: 1
> Cleared: Wed Jun 2 01:55:11 2010
> References: [ Anchors: 0 Rules: 5 ]
> Evaluations: [ NoMatch: 114Match: 69 ]
> In/Block:[ Packets: 69 Bytes: 6732 ]
> In/Pass: [ Packets: 0 Bytes: 0 ]
> In/XPass:[ Packets: 0 Bytes: 0 ]
> Out/Block: [ Packets: 0 Bytes: 0 ]
> Out/Pass:[ Packets: 0 Bytes: 0 ]
> Out/XPass: [ Packets: 0 Bytes: 0 ]
Re: PF Tables scoping.
On Wed, Jun 2, 2010 at 10:48 AM, James Records wrote:
> Hi All,
>
> Having an issue with anchors and tables again, I had this same issue a
> couple of years ago in 4.5 but never got any response, hoping someone can
> shed some light onto what I'm missing here, or if this is even supported,
> I'm trying to use an overload rule inside of an anchor to populate a table
> defined outside of all anchors. I haven't seen anything that specifically
> says this isn't supported, but if thats the case I'd like to get it
> clarified. Here are snippets of pf.conf that don't work, and one that does,
> and an explanation of why I can't just use the one that does work without
> side effects.
>
> Thanks in advance,
>
> J
>
>
>
> Doesn't work:
>
> ##
> Tables ###
> ##
> table persist
>
> #
> Blocked Sites
> #
> anchor "Blocked_Sites" {
> block in quick from to any
> }
>
> ##
> ### TEST_IN ###
> ##
> anchor "TEST_IN" {
> pass in log quick on em0 inet proto tcp \
> from any to \
> port { 443 } keep state \
> (max 100, source-track rule, max-src-nodes 10, max-src-states 20,
> max-src-conn 20, max-src-conn-rate 2/15, overload flush)
> }
>
>
> But remove the anchor from the overload rule and it works fine:
>
> ###
> Tables
> ###
> table persist
>
> #
> Blocked Sites
> #
> anchor "Blocked_Sites" {
> block in quick from to any
> }
>
> ###
> ### TEST_IN ###
> ###
> #anchor "TEST_IN" {
> pass in log quick on em0 inet proto tcp \
> from any to \
> port { 443 } keep state \
> (max 100, source-track rule, max-src-nodes 10, max-src-states 20,
> max-src-conn 20, max-src-conn-rate 2/15, overload flush)
> #}
>
> This would be simple enough but I want to be able to parse my logs using
> the anchor names, this isn't possible using the 2nd method.
>
> The docs say this should just work from everything I can tell, I can "read"
> from a global table from within an anchor but am failing to "write" to it
> from within an anchor using the overload rule
>
Just an update, I've done some more digging, it seems like I'm running into
an issue where its creating a new table inside the anchor, I'm thinking this
is just a bug where the table gets created because it doesn't look outside
of the anchor to see if one already exists, but I just want to get another
pair of eyes to confirm.
Thanks
J
pfctl -vvs Tables
-pa--h- blocked_sites
Addresses: 0
Cleared: Wed Jun 2 06:10:20 2010
References: [ Anchors: 3 Rules: 0 ]
Evaluations: [ NoMatch: 162Match: 0 ]
In/Block:[ Packets: 0 Bytes: 0 ]
In/Pass: [ Packets: 0 Bytes: 0 ]
In/XPass:[ Packets: 0 Bytes: 0 ]
Out/Block: [ Packets: 0 Bytes: 0 ]
Out/Pass:[ Packets: 0 Bytes: 0 ]
Out/XPass: [ Packets: 0 Bytes: 0 ]
$ pfctl -a "TEST_IN" -vvs Tables
--a-r-- blocked_sites TEST_IN
Addresses: 1
Cleared: Wed Jun 2 01:55:11 2010
References: [ Anchors: 0 Rules: 5 ]
Evaluations: [ NoMatch: 114Match: 69 ]
In/Block:[ Packets: 69 Bytes: 6732 ]
In/Pass: [ Packets: 0 Bytes: 0 ]
In/XPass:[ Packets: 0 Bytes: 0 ]
Out/Block: [ Packets: 0 Bytes: 0 ]
Out/Pass:[ Packets: 0 Bytes: 0 ]
Out/XPass: [ Packets: 0 Bytes: 0 ]
Re: UVC Webcams
On Wed, 2 Jun 2010 11:03:26 -0700 (PDT) Robert Kopp wrote: > I have used a number of operating systems, including Linux and > FreeBSD, and am thinking about adding OpenBSD to the list. (This > would be i386, or amd64 if the latter has enough features: my > hardware will support it). I use a UVC Webcam with Linux, and it > would increase my motivation to try OpenBSD if such equipment would > also work with that OS. I heard that 4.4 offered "partial" support, > and there are more recent releases than that. Has anyone here tried > using such a Webcam (say, with Skype or Ekiga?). Skype probably > doesn't work unless Linux emulation is pretty well-developed, as with > FreeBSD, but there should be a native port of Ekiga. > > > Robert "Tim" Kopp > http://analytic.tripod.com/ > "UVC" cams should just work. Why not just try it with OpenBSD installed onto an usbstick? :)
Re: UVC Webcams
On Wed, Jun 02, 2010 at 11:03:26AM -0700, Robert Kopp wrote: > I have used a number of operating systems, including Linux and > FreeBSD, and am thinking about adding OpenBSD to the list. (This would > be i386, or amd64 if the latter has enough features: my hardware will > support it). I use a UVC Webcam with Linux, and it would increase my > motivation to try OpenBSD if such equipment would also work with that > OS. I heard that 4.4 offered "partial" support, and there are more > recent releases than that. Has anyone here tried using such a Webcam > (say, with Skype or Ekiga?). Skype probably doesn't work unless Linux > emulation is pretty well-developed, as with FreeBSD, but there should > be a native port of Ekiga. Just try it: uvideo(4) supports most (USB) webcams and ekiga is in ports. I don't think Skype works, though. Joachim
Re: Installer bug? - Upgrade 4.6 to 4.7 failed to upgrade base47, on i386 and amd64
> > Based on the latest results, the problem seems to exist only for most of the > > /sbin files. So, the upgrade runs through as programmed. > > With a public mirror, it will take hours. I really hope SHA256 is good > > enough to > > confirm the integrity of the archives. Serial console seems a good idea; I > > have > > to use it in any case. > > What I have in mind, is, before the reboot, to use the command prompt to > > check > > the files in the /sbin-to-be. I have a hunch, that they'll be there, then. > > Then > > I'll do the same after the reboot, and once again, after the package > > upgrade. > > Should the phenomenon show again, by now I can imagine that the changes are > > happening some time later. We'll see ... > > Just for clarity: is everything that fails to change on the same disk? > I.e. can you post the output of 'mount' (within bsd.rd) as well? And I > presume you shut down in a sensible fashion, right? A chit-chat on a public mailing list isn't going to find this supposed bug. Why discuss it? Why not just keep prove it happened. Don't you see how tiring it is to discuss it when we've seen no evidence?
Re: Installer bug? - Upgrade 4.6 to 4.7 failed to upgrade base47, on i386 and amd64
On Wed, Jun 02, 2010 at 02:42:53PM +, Uwe Dippel wrote: > Nick Holland holland-consulting.net> writes: > > > > There is one more machine (amd64) that needs to be upgraded. Before I do > > > this, I rather solicit suggestions on how to log the upgrade process, > > > debug it, or otherwise. > > > > serial console. > > Log everything from the first chars out the serial port to the reboot. > > In fact, log the reboot. > > Don't edit anything. > > Use a public mirror or an official CD for the install, make sure it is > > obvious which. > > > > Stick the resulting file on a webserver. > > Thanks, Nick. > > Based on the latest results, the problem seems to exist only for most of the > /sbin files. So, the upgrade runs through as programmed. > With a public mirror, it will take hours. I really hope SHA256 is good enough > to > confirm the integrity of the archives. Serial console seems a good idea; I > have > to use it in any case. > What I have in mind, is, before the reboot, to use the command prompt to check > the files in the /sbin-to-be. I have a hunch, that they'll be there, then. > Then > I'll do the same after the reboot, and once again, after the package upgrade. > Should the phenomenon show again, by now I can imagine that the changes are > happening some time later. We'll see ... Just for clarity: is everything that fails to change on the same disk? I.e. can you post the output of 'mount' (within bsd.rd) as well? And I presume you shut down in a sensible fashion, right? Joachim
Re: unknown i686 model 0x1e, can't get bus clock (0x0)
On Wed, 2 Jun 2010 13:54:34 +0300
"kryptos...@gmail.com " wrote:
> Hi,
>
> On OpenBSD 4.7, my dmesg output has the following alerts:
>
> cpu1: unknown i686 model 0x1e, can't get bus clock (0x0)
> cpu2: unknown i686 model 0x1e, can't get bus clock (0x0)
> cpu3: unknown i686 model 0x1e, can't get bus clock (0x0)
>
> Is this a normal alert? Any idea?
>
> My CPU is an Intel Core i5 750 @ 2.67 Ghz,
> It is a "ASUS P7H55-M SI" computer.
>
> I've sent the following details to dm...@openbsd.org;
>
> dmesg, sysctl hw, sysctl hw.sensors outputs are here:
>
> http://pastebin.com/raw.php?i=BUm5ENvv
>
> Thanks.
>
For speedstep you need something ___similar___ to this.
Didn't bother to look up the supported fsbfreqs, just remembered
something bout 133MHz base clock. (check intel site or code and adapt)
Atleast this should get you an idea where the love is needed.
Index: est.c
===
RCS file: /cvs/src/sys/arch/amd64/amd64/est.c,v
retrieving revision 1.19
diff -u -p -u -p -r1.19 est.c
--- est.c 20 Apr 2010 22:05:41 - 1.19
+++ est.c 2 Jun 2010 19:13:14 -
@@ -216,6 +216,19 @@ p3_get_bus_clock(struct cpu_info *ci)
break;
}
break;
+ case 0x1e: /* Intel Core i5 */
+ msr = rdmsr(MSR_FSB_FREQ);
+ bus = (msr >> 0) & 0x7;
+ switch (bus) {
+ case 1:
+ bus_clock = BUS133;
+ break;
+ default:
+ printf("%s: unknown Core i5 FSB_FREQ value %d",
+ ci->ci_dev->dv_xname, bus);
+ break;
+ }
+ break;
default:
printf("%s: unknown i686 model 0x%x, can't get bus clock\n",
ci->ci_dev->dv_xname, ci->ci_model);
Re: Mysql connection from within php
On 2 June 2010, Eugene Yunak wrote:
> On 2 June 2010 20:48, Liviu Daia wrote:
> > On 2 June 2010, Eugene Yunak wrote:
> >> On 1 June 2010 16:30, What you get is Not what you see
> >> wrote:
> >> > Freshly installed on openbsd 4.6 mysql,php and php5-mysql packages.
> >> > Done the configs. Now php and mysql works. But I couldnt make it
> >> > connect to mysql from within php with such a command
> >> > mysql_connect("localhost","user","pass")
> >> > It used to give "Cant connect to mysql through socket error" till I
> >> > change the command to
> >> > mysql_connect(127.0.0.1,"user","pass")
> >> > I want to learn why?
> >> >
> >>
> >> As you've been already told, this is because default apache is
> >> chrooted and thus cannot access mysql socket.
> >> To correct it, just do
> >>
> >> # mkdir -p /var/www/var/run/mysql
> >> # ln -f /var/run/mysql/mysql.sock /var/www/var/run/mysql/mysql.sock
> >
> > B B Please, stop perpetrating this nonsense. B This only works until you
> > restart mysqld. B The reason is mysqld removes the socket when it starts
> > before creating it anew.
> >
> > B B If you really must use a socket instead of TCP then move the socket
> > to jail and give programs different views to it from inside and outside
> > the jail, using my.cnf. B Not tested:
> >
> > - in /etc/my.cnf:
> >
> > socket = /var/www/var/run/mysql/mysql.sock
> >
> > - in /var/www/etc/my.cnf:
> >
> > socket = /var/run/mysql/mysql.sock
> >
>
> I fail to see how this is nonsense or what stops one from creating
> this hardlink in rc.local (which would be normally used to start mysql
> anyway).
Like I said, it stops working when you restart mysqld. This doesn't
necessarily happen at boot. If, for whatever reason, you restart mysqld
manually, will you remember to re-create the link?
> Your solution however works as well, of course.
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
UVC Webcams
I have used a number of operating systems, including Linux and FreeBSD, and am thinking about adding OpenBSD to the list. (This would be i386, or amd64 if the latter has enough features: my hardware will support it). I use a UVC Webcam with Linux, and it would increase my motivation to try OpenBSD if such equipment would also work with that OS. I heard that 4.4 offered "partial" support, and there are more recent releases than that. Has anyone here tried using such a Webcam (say, with Skype or Ekiga?). Skype probably doesn't work unless Linux emulation is pretty well-developed, as with FreeBSD, but there should be a native port of Ekiga. Robert "Tim" Kopp http://analytic.tripod.com/
Re: Mysql connection from within php
On 2 June 2010 20:48, Liviu Daia wrote:
> On 2 June 2010, Eugene Yunak wrote:
>> On 1 June 2010 16:30, What you get is Not what you see
>> wrote:
>> > Freshly installed on openbsd 4.6 mysql,php and php5-mysql packages.
>> > Done the configs. Now php and mysql works. But I couldnt make it
>> > connect to mysql from within php with such a command
>> > mysql_connect("localhost","user","pass")
>> > It used to give "Cant connect to mysql through socket error" till I
>> > change the command to
>> > mysql_connect(127.0.0.1,"user","pass")
>> > I want to learn why?
>> >
>>
>> As you've been already told, this is because default apache is
>> chrooted and thus cannot access mysql socket.
>> To correct it, just do
>>
>> # mkdir -p /var/www/var/run/mysql
>> # ln -f /var/run/mysql/mysql.sock /var/www/var/run/mysql/mysql.sock
>
> B B Please, stop perpetrating this nonsense. B This only works until you
> restart mysqld. B The reason is mysqld removes the socket when it starts
> before creating it anew.
>
> B B If you really must use a socket instead of TCP then move the socket
> to jail and give programs different views to it from inside and outside
> the jail, using my.cnf. B Not tested:
>
> - in /etc/my.cnf:
>
> socket = /var/www/var/run/mysql/mysql.sock
>
> - in /var/www/etc/my.cnf:
>
> socket = /var/run/mysql/mysql.sock
>
I fail to see how this is nonsense or what stops one from creating
this hardlink in rc.local (which would be normally used to start mysql
anyway). Your solution however works as well, of course.
--
The best the little guy can do is what
the little guy does right
Re: Mysql connection from within php
On 2 June 2010, Eugene Yunak wrote:
> On 1 June 2010 16:30, What you get is Not what you see
> wrote:
> > Freshly installed on openbsd 4.6 mysql,php and php5-mysql packages.
> > Done the configs. Now php and mysql works. But I couldnt make it
> > connect to mysql from within php with such a command
> > mysql_connect("localhost","user","pass")
> > It used to give "Cant connect to mysql through socket error" till I
> > change the command to
> > mysql_connect(127.0.0.1,"user","pass")
> > I want to learn why?
> >
>
> As you've been already told, this is because default apache is
> chrooted and thus cannot access mysql socket.
> To correct it, just do
>
> # mkdir -p /var/www/var/run/mysql
> # ln -f /var/run/mysql/mysql.sock /var/www/var/run/mysql/mysql.sock
Please, stop perpetrating this nonsense. This only works until you
restart mysqld. The reason is mysqld removes the socket when it starts
before creating it anew.
If you really must use a socket instead of TCP then move the socket
to jail and give programs different views to it from inside and outside
the jail, using my.cnf. Not tested:
- in /etc/my.cnf:
socket = /var/www/var/run/mysql/mysql.sock
- in /var/www/etc/my.cnf:
socket = /var/run/mysql/mysql.sock
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
Elevador para Placas de Durlock o Knauf - misc
HERRAMIENTAS PARA LA CONSTRUCCION Y MAS * ANDAMIOS TUBULARES * ACCESORIOS DE SEGURIDAD * CABALLETES EXTENSIBLES * ELEVADOR PARA PLACAS DE DURLOCK O KNAUF * ESCALERAS TIPO BURROS * TORRES DE ELEVACION DE MATERIALES * TRIBUNAS Y GRADAS * CARROS RECOLECTORES * VALLAS CERRAMIENTOS * GUINCHES * PLUMAS * LINEA CARRITOS www.nuevosairesnet.com.ar e mail infonuevosai...@speedy.com.ar
PF Tables scoping.
Hi All,
Having an issue with anchors and tables again, I had this same issue a
couple of years ago in 4.5 but never got any response, hoping someone can
shed some light onto what I'm missing here, or if this is even supported,
I'm trying to use an overload rule inside of an anchor to populate a table
defined outside of all anchors. I haven't seen anything that specifically
says this isn't supported, but if thats the case I'd like to get it
clarified. Here are snippets of pf.conf that don't work, and one that does,
and an explanation of why I can't just use the one that does work without
side effects.
Thanks in advance,
J
Doesn't work:
##
Tables ###
##
table persist
#
Blocked Sites
#
anchor "Blocked_Sites" {
block in quick from to any
}
##
### TEST_IN ###
##
anchor "TEST_IN" {
pass in log quick on em0 inet proto tcp \
from any to \
port { 443 } keep state \
(max 100, source-track rule, max-src-nodes 10, max-src-states 20,
max-src-conn 20, max-src-conn-rate 2/15, overload flush)
}
But remove the anchor from the overload rule and it works fine:
###
Tables
###
table persist
#
Blocked Sites
#
anchor "Blocked_Sites" {
block in quick from to any
}
###
### TEST_IN ###
###
#anchor "TEST_IN" {
pass in log quick on em0 inet proto tcp \
from any to \
port { 443 } keep state \
(max 100, source-track rule, max-src-nodes 10, max-src-states 20,
max-src-conn 20, max-src-conn-rate 2/15, overload flush)
#}
This would be simple enough but I want to be able to parse my logs using the
anchor names, this isn't possible using the 2nd method.
The docs say this should just work from everything I can tell, I can "read"
from a global table from within an anchor but am failing to "write" to it
from within an anchor using the overload rule
Re: HP Compaq 6005 hanging on boot
I have the same problem (i think) on a HP dc5850. In my test I've installed OpenBSD 4.7 on a USB drive and have sucessfully testet OpenBSD on several computers :) But when I try it on the dc5850: Attempting Boot From USB Device Using drive 0, partition 3. Loading... probing: pc0 pci mem[ it hangs. I also tried to start it with the 4.7 CD's (I tried both i386 and the amd64 cd) with the same result. I tried setting the "Integrated Graphics Memory Size" to a fixed size (64 MB) because I noticed that it hangs on "mem[", but I really have no idea if this could possibly be related to IGM, I am troubleshooting blindly here :S Any pointers on what man pages to look at, bios settings, anything at all really, would be nice. If you need more information to be able to help, please let me know. Thanks! >Hello, > >I tried to install OpenBSD on an HP Compaq 6005 machine, but it's not >booting OpenBSD from a CD-ROM. It prints the following messages: > > CD-ROM: 9F > Loading /4.7/I386/CDBOOT > probing: pc0 com0 pci mem[ > >and then simply hangs. > >I've tried the latest 4.7 snapshot (both i386 and amd64) and 4.6/i386, all >with the same results. > >The same machine runs Linux (Ubuntu 9.10, FWIW) just fine. I'm not sure it >helps, but I've appended a Linux dmesg below (no OpenBSD dmesg since the >thing won't boot). > >Any hints on how to solve the problem? > >Cheers, >Rafael
Re: traffic management
> > Hello Misc, > > > > Ideally this control altq the similarity in the tc tool in Linux. > Who would want this? This was the main reason for me to switch my > routers to OpenBSD. (consistency, ease of configuring) > I didn't want to fiddle with iptables and tc, search in outdated > tc documentations or make (or use) huge scripts just to set a sane > firewall-trafficshaping with a little extensibility. The native OpenBSD tools > are just fine. > > (wifi-configuration's the same) Well, Andreas, don't worry -- it won't be changing.
Re: traffic management
irix wrote: > Hello Misc, > > Ideally this control altq the similarity in the tc tool in Linux. Who would want this? This was the main reason for me to switch my routers to OpenBSD. (consistency, ease of configuring) I didn't want to fiddle with iptables and tc, search in outdated tc documentations or make (or use) huge scripts just to set a sane firewall-trafficshaping with a little extensibility. The native OpenBSD tools are just fine. (wifi-configuration's the same) Andreas
Re: traffic management
2010/6/2 Janne Johansson : > 2010/6/2 irix > >> Hello Misc, >> >> All of a sudden started talking about some fixes. Have I mentioned >> somewhere that something needs to be corrected, >> or that something is not working? I just said about remaking to simplify >> the code. >> > > You said: "Or replace altq to something else, more fast, simple and > functional." > It is not a stretch to assume you imagined altq to not be fast, nor simple > and not even functional. > > -- > To our sweethearts and wives. May they never meet. -- 19th century toast > > For MY personal opinion, using altq was the easiest thing and well documented(I came from Linux world) it even work with an eye glimpse Like this some day "someone" will say: "Why not use GPL license???"... -- Atentamente Andris Genovez Tobar / Sistemas Elastix ECE - Linux LPI-1 - Novell CLA - Apple ACMT Jabber: bitfr...@asgard.crice.org http://www.crice.org
Re: help with azalia(4) and 6 channels
On Wed, Jun 02, 2010 at 07:34:57AM +, Jacob Meuser wrote:
> On Wed, Jun 02, 2010 at 07:23:38AM +, Jacob Meuser wrote:
> > On Tue, Jun 01, 2010 at 09:40:07PM -0700, Aaron Stellman wrote:
> > > Hello,
> > > First of all, I appreciate all the work that has been put in to making
> > > azalia knobs more user friendly.
> > > Now, my goal is to have the same audio signal sent to all 6 channels.
> > > outputs.line-grn_sense=plugged
> > > outputs.line-blk_sense=plugged
> > > outputs.line-org_sense=plugged
> > > I'm running aucat and mpd, playing random mp3s
> > > I've read azalia(4) and mixerctl(1) but am still at a loss on how to get
> > > it to do what I want. Basically, right now only grn jack gets output.
> > > blk and org are getting nothing. Any ideas? They're appreciated
> >
> > you can't do this with with your hardware, but you can do it with
> > aucat:
>
> what I mean is, you can't accomplish this by playing with mixerctl,
> but you can accomplish it with aucat.
>
> > $ aucat -c 0:5 -l
> >
> > that starts aucat with the normal stereo recording and 6 channel
> > playback, where stereo playback is copied from channels 0:1 to 2:3
> > and 4:5. at least, it's that easy in -current.
> >
> > you can't do it with your hardware because:
> >
> > > inputs.line-org_source=dac-2:3,mix3 { dac-2:3 mix3 }
> > > inputs.line-gry_source=dac-6:7,mix3 { dac-6:7 mix3 }
> > > inputs.line-grn_source=dac-0:1,mix3 { dac-0:1 mix3 }
> > > inputs.line-blk_source=dac-4:5,mix3 { dac-4:5 mix3 }
>
> with that aucat command, you'll get output on dac-0:1, dac-2:3 and
> dac-4:5, which your green, orange and black jacks use as sources.
Thanks, aucat solution seems to work quite well
Re: traffic management
2010/6/2 irix > Hello Misc, > > All of a sudden started talking about some fixes. Have I mentioned > somewhere that something needs to be corrected, > or that something is not working? I just said about remaking to simplify > the code. > You said: "Or replace altq to something else, more fast, simple and functional." It is not a stretch to assume you imagined altq to not be fast, nor simple and not even functional. -- To our sweethearts and wives. May they never meet. -- 19th century toast
Re: traffic management
> Ideally this control altq the similarity in the tc tool in Linux. It is not going to happen.
Re: traffic management
Hello Misc, Ideally this control altq the similarity in the tc tool in Linux. -- Best regards, irix mailto:i...@ukr.net
Re: traffic management
> All of a sudden started talking about some fixes. Have I mentioned > somewhere that something needs to be corrected, >or that something is not working? I just said about remaking to simplify > the code. > Alternatives queue was initially conceived as framework in which you can > with minimal effort to connect disciplines > to develop. With the existing code in the form pf/altq add a new discipline > has been a daunting task, you need a heap of places to dopiski indicate the > new variables need to finish the new syntax. > I simply asked why the code altq not do the same as the code nat / rdr, > scrub to remove it and greatly simplified. >As an option to make altq separately from firewall. Where's the diffs?
Re: unknown i686 model 0x1e, can't get bus clock (0x0)
weird... Maybe OpenBSD doesn't support Intel Core i5 750? cool mainboard, btw.. On 2 June 2010 13:54, kryptos...@gmail.com wrote: > Hi, > > On OpenBSD 4.7, my dmesg output has the following alerts: > > cpu1: unknown i686 model 0x1e, can't get bus clock (0x0) > cpu2: unknown i686 model 0x1e, can't get bus clock (0x0) > cpu3: unknown i686 model 0x1e, can't get bus clock (0x0) > > Is this a normal alert? Any idea? > > My CPU is an Intel Core i5 750 @ 2.67 Ghz, > It is a "ASUS P7H55-M SI" computer. > > I've sent the following details to dm...@openbsd.org; > > dmesg, sysctl hw, sysctl hw.sensors outputs are here: > > http://pastebin.com/raw.php?i=BUm5ENvv > > Thanks.
Re: traffic management
Hello Misc, All of a sudden started talking about some fixes. Have I mentioned somewhere that something needs to be corrected, or that something is not working? I just said about remaking to simplify the code. Alternatives queue was initially conceived as framework in which you can with minimal effort to connect disciplines to develop. With the existing code in the form pf/altq add a new discipline has been a daunting task, you need a heap of places to dopiski indicate the new variables need to finish the new syntax. I simply asked why the code altq not do the same as the code nat / rdr, scrub to remove it and greatly simplified. As an option to make altq separately from firewall. -- Best regards, irix mailto:i...@ukr.net
Re: Installer bug? - Upgrade 4.6 to 4.7 failed to upgrade base47, on i386 and amd64
Nick Holland holland-consulting.net> writes: > > There is one more machine (amd64) that needs to be upgraded. Before I do > > this, I rather solicit suggestions on how to log the upgrade process, > > debug it, or otherwise. > > serial console. > Log everything from the first chars out the serial port to the reboot. > In fact, log the reboot. > Don't edit anything. > Use a public mirror or an official CD for the install, make sure it is > obvious which. > > Stick the resulting file on a webserver. Thanks, Nick. Based on the latest results, the problem seems to exist only for most of the /sbin files. So, the upgrade runs through as programmed. With a public mirror, it will take hours. I really hope SHA256 is good enough to confirm the integrity of the archives. Serial console seems a good idea; I have to use it in any case. What I have in mind, is, before the reboot, to use the command prompt to check the files in the /sbin-to-be. I have a hunch, that they'll be there, then. Then I'll do the same after the reboot, and once again, after the package upgrade. Should the phenomenon show again, by now I can imagine that the changes are happening some time later. We'll see ... Uwe
Re: Implementing ntop - Last Version
2010/6/2 Rovercy de Oliveira > > I did not paste the details error, because that is not the point. I am > just wondering if someone got success with last ntop version on OpenBSD. > > If your point was "I need to get recent ntop to work", details really should be included. -- To our sweethearts and wives. May they never meet. -- 19th century toast
Re: Mysql connection from within php
On 1 June 2010 16:30, What you get is Not what you see
wrote:
> Freshly installed on openbsd 4.6 mysql,php and php5-mysql packages.
> Done the configs. Now php and mysql works. But I couldnt make it
> connect to mysql from within php with such a command
> mysql_connect("localhost","user","pass")
> It used to give "Cant connect to mysql through socket error" till I
> change the command to
> mysql_connect(127.0.0.1,"user","pass")
> I want to learn why?
>
As you've been already told, this is because default apache is
chrooted and thus cannot access mysql socket.
To correct it, just do
# mkdir -p /var/www/var/run/mysql
# ln -f /var/run/mysql/mysql.sock /var/www/var/run/mysql/mysql.sock
--
The best the little guy can do is what
the little guy does right
Re: traffic management
2010/6/2 irix : > Hello Misc, > > But at least you can say why? > >>no kidding. As we've told "irix" before, it will not happen. > > -- > Best regards, > irix mailto:i...@ukr.net Because it makes my VoIP phones at home and a friends workplace go from hit-and-miss to... "ohh yeah, that's right, we're using VoIP now! I forgot!", every time I receive a bill from my PSTN Telco with $0 for phone calls (for the past years). ie, pf/altq works so well for me that VoIP becomes so well behaved that I forget I'm even using it, even when uploads and downloads are going like the clappers. Once I go ADSL2+ Naked, then I hopefully won't be getting bills from that crusty money grubbing old Telco ever again, so I might almost completely forget how much pf/altq rocks (until "obvious troll is obvious" comes back of course). So, like others have said, it seems pretty far from broken to me. Maybe you have mis-configured it. Shane
PPTP/GRE pass-through PF Firewall
Hello,
I have installed OpenBSD 4.7 and configured PF as a firewall and NAT.
Currently the NAT and Firewall are working, but Im struggling trying to
get the Microsoft VPN (PPTP) to pass-through the firewall.
Here is my pf.conf and the logs:
# $OpenBSD: pf.conf,v 1.49 2009/09/17 06:39:03 jmc Exp $
#
# See pf.conf(5) for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.
ext_if = "em0"
int_if = "em1"
wan_ip = "1.1.1.1"
vpn = "192.168.1.10"
localnet = $int_if:network
tcp_services = "{ ssh, smtp, domain, www, https, pop3, auth, pop3s }"
auth_services = "{ www, https, ssh }"
udp_services = "{ domain, ntp }"
# dont filter on the loopback
set skip on lo
# scrub incoming packets
match in all scrub (no-df)
# nat
match out on $ext_if from $localnet nat-to ($ext_if)
# Rule set
## Block by default
block log all
## pass our nat traffic
pass log inet proto tcp from { lo0, $int_if:network } to any port
$auth_services
pass out log on $ext_if proto tcp from any to port $auth_services
pass out log on $ext_if proto udp from any to port $udp_services
pass in log on $int_if proto udp from any to port $udp_services
pass in log on $int_if proto tcp from any to any port 22
## Microsoft VPN
pass in log on $ext_if proto tcp from any to any port 1723 \
rdr-to $vpn
pass in log on $ext_if proto udp from any to any port 500 \
rdr-to $vpn
pass in log on $ext_if inet proto tcp from any to any port 443 keep state
pass in log on $ext_if proto gre from any to any keep state
pass in log on $int_if inet proto tcp from any to any port = 1723 flags S/SA
keep state
pass out log inet proto gre all keep state
pass out log on $int_if proto tcp from any to $vpn port 1723
pass out log on $int_if proto udp from any to $vpn port 500
### tcpdump -nettt -i pflog0
# 120.120.120.120 = client ip address
# 1.1.1.1 = vpn external ip address
# 192.168.1.10 = vpn server address
Jun 01 20:57:54.513340 rule 17/(match) pass in on em0: 120.120.120.120.61852
> 1.1.1.1.1723: S 2646936410:2646936410(0) win 8192 (DF)
Jun 01 20:57:54.513366 rule 19/(match) pass out on em1:
120.120.120.120.61852 > 192.168.1.10.1723: S 2646936410:2646936410(0) win
8192
Jun 01 20:58:15.829754 rule 18/(match) pass in on em0: 120.120.120.120.500 >
1.1.1.1.500: isakmp v2.0 exchange 34 (unknown)
cookie: 2b8d652f987a85e7-> msgid: [|isakmp]
Jun 01 20:58:15.829779 rule 20/(match) pass out on em1: 120.120.120.120.500
> 192.168.1.10.500: isakmp v2.0 exchange 34 (unknown)
cookie: 2b8d652f987a85e7-> msgid: [|isakmp]
Jun 01 20:58:23.000449 rule 22/(match) pass in on em0: 120.120.120.120.61859
> 1.1.1.1.443: S 2167692171:2167692171(0) win 8192 (DF)
Jun 01 20:58:23.569367 rule 22/(match) pass in on em0: 120.120.120.120.61860
> 1.1.1.1.443: S 2167692171:2167692171(0) win 8192 (DF)
Jun 01 20:58:24.144319 rule 22/(match) pass in on em0: 120.120.120.120.61861
> 1.1.1.1.443: S 2167692171:2167692171(0) win 8192
(DF)
But it the client still fails to authenticate.
The Microsoft VPN is a Windows 2003 Server.
Googling the subject Ive seen very old post stating that I need to remove
GRE from the kernel is this still the case? Or am I just missing something
in my rules set.
Currently GRE is enable:
# sysctl -w | grep gre
net.inet.gre.allow=1
net.inet.gre.wccp=1
Thanks in advance for the help
Re: carp and OS upgrades
* Reyk Floeter [2010-06-02 11:16]: > > also, due to pfsync changes, the failover isn't perfect (pfsync is out > > of the equation), so you'll lose your sessions. given how often I lose > > perfectly valid tcp sessions that just idle a bit when I am at foreign > > networks (conferences, especially at universities, hotels, ...) users > > must be used to that :) > well, hmmm, depends on the users and the networks. i think pf is used > in other places than just in playgrounds, conferences, and hotels ;( apparently that wasn't clear. these places use some other crap for firewall/NAT, not OpenBSD. The idea that someone installing those networks could have remotely enough of a clue to find tcp.established and change it to, what, 300 seconds... no. impossible. wait. clue and changing tcp.established to something small in one person cannot exist. q. e. d. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: traffic management
Gregory Edigarov ha scritto: On Wed, 2 Jun 2010 03:37:35 +0300 irix wrote: Hello Misc, But at least you can say why? Obvious: don't fix what's not broken. Gregory, its an hard concept to get by most of the people :) no kidding. As we've told "irix" before, it will not happen.
Re: BGPD Socket errors when trying to establish IBGP on lo1
>First try without "tcp md5sig" and enable it only when it is
>working.
>But I guess your problem is that the other side is expecting the
>connection to come from a different IP than the one selected by
>the route
>lookup. In that case set "local-address 172.16.101.170" in the
>iBGP group.
>
>Setting "local-address" is a good habit and necessary if you use
>loopback
>interfaces or have non directly attached peers.
>--
>:wq Claudio
Per your kind comments, I have re-configured IBGP group as below.
This time it seems that despite "local-address" being configured,
it seems one of the peers is picking up its bge0 address
(172.16.101.178)
group "iBGP_Neighbors" {
remote-as $MY_ASN
announce all
neighbor 172.16.101.169
local-address $MY_ROUTER_ID
}
group "iBGP_Neighbors" {
remote-as $MY_ASN
announce all
neighbor 172.16.101.170
local-address $MY_ROUTER_ID
}
# bgpd -dv
startup
MY_ASN = "65015"
MY_IPV4NET = "172.16.101.0/21"
MY_ROUTER_ID = "172.16.101.169"
route decision engine ready
session engine ready
listening on 0.0.0.0
listening on ::
SE reconfigured
neighbor 172.16.101.170: state change None -> Idle, reason: None
neighbor 172.16.101.170: state change Idle -> Connect, reason: Start
neighbor 172.16.101.170: state change Connect -> OpenSent, reason:
Connection opened
neighbor 172.16.101.170: state change OpenSent -> Active, reason:
Connection closed
RDE reconfigured
neighbor 172.16.101.170: state change Active -> Idle, reason: Stop
session engine exiting
Lost child: session engine exited
route decision engine exiting
kernel routing table decoupled
Terminating
# bgpd -dv
startup
MY_ASN = "65015"
MY_IPV4NET = "172.16.101.0/21"
MY_ROUTER_ID = "172.16.101.170"
route decision engine ready
RDE reconfigured
session engine ready
listening on 0.0.0.0
listening on ::
SE reconfigured
neighbor 172.16.101.169: state change None -> Idle, reason: None
neighbor 172.16.101.169: state change Idle -> Connect, reason: Start
neighbor 172.16.101.169: socket error: Connection refused
neighbor 172.16.101.169: state change Connect -> Active, reason:
Connection open failed
connection from non-peer 172.16.101.178 refused
neighbor 172.16.101.169: socket error: Connection refused
neighbor 172.16.101.169: state change Active -> Idle, reason: Stop
session engine exiting
Lost child: session engine exited
route decision engine exiting
kernel routing table decoupled
Terminating
Re: Installer bug? - Upgrade 4.6 to 4.7 failed to upgrade base47, on i386 and amd64
On 06/01/10 23:25, Uwe Dippel wrote: ... > There is one more machine (amd64) that needs to be upgraded. Before I do > this, I rather solicit suggestions on how to log the upgrade process, > debug it, or otherwise. serial console. Log everything from the first chars out the serial port to the reboot. In fact, log the reboot. Don't edit anything. Use a public mirror or an official CD for the install, make sure it is obvious which. Stick the resulting file on a webserver. ... Nick.
Re: BGPD Socket errors when trying to establish IBGP on lo1
On Wed, Jun 02, 2010 at 10:56:59AM +0100, rh...@hushmail.com wrote:
> Despite having a working OSPF setup and no PF config, I'm seeing
> socket errors in the logs when attempting to establish an IBGP
> session to lo1 on another machine.
>
> # ospfctl sh ne
> ID Pri StateDeadTime Address Iface
> Uptime
> 172.16.101.169 100 FULL/BCKUP 00:00:13 172.16.101.178 bge0
> 00:42:50
>
> # ping 172.16.101.169
> PING 172.16.101.169 (172.16.101.169): 56 data bytes
> 64 bytes from 172.16.101.169: icmp_seq=0 ttl=255 time=0.355 ms
> 64 bytes from 172.16.101.169: icmp_seq=1 ttl=255 time=0.240 ms
> 64 bytes from 172.16.101.169: icmp_seq=2 ttl=255 time=0.240 ms
>
> # pfctl -sr
> pass all flags S/SA keep state
> block drop in on ! lo0 proto tcp from any to any port 6000:6010
>
>
> # bgpd -dv
> startup
> MY_ASN = "65015"
> MY_IPV4NET = "172.16.101.0/20"
> MY_ROUTER_ID = "172.16.101.170"
> route decision engine ready
> RDE reconfigured
> session engine ready
> listening on 0.0.0.0
> listening on ::
> SE reconfigured
> neighbor 172.16.101.169: state change None -> Idle, reason: None
> neighbor 172.16.101.169: state change Idle -> Connect, reason: Start
> neighbor 172.16.101.169: socket error: Operation timed out
> neighbor 172.16.101.169: state change Connect -> Active, reason:
> Connection open failed
> neighbor 172.16.101.169: socket error: Operation timed out
> neighbor 172.16.101.169: state change Connect -> Idle, reason: Stop
> session engine exiting
> Lost child: session engine exited
> route decision engine exiting
> kernel routing table decoupled
> Terminating
>
> bgpd.conf:
> MY_ASN = "65015"
> MY_IPV4NET = "172.16.101.0/20"
> MY_ROUTER_ID = "172.16.101.170"
> AS $MY_ASN
> router-id $MY_ROUTER_ID
> holdtime 90
> holdtime min 3
> fib-update yes
> network 172.16.101.0/20
> group "iBGP_Neighbors" {
> remote-as $MY_ASN
> tcp md5sig password **
> announce all
> neighbor 172.16.101.169
> }
>
First try without "tcp md5sig" and enable it only when it is working.
But I guess your problem is that the other side is expecting the
connection to come from a different IP than the one selected by the route
lookup. In that case set "local-address 172.16.101.170" in the iBGP group.
Setting "local-address" is a good habit and necessary if you use loopback
interfaces or have non directly attached peers.
--
:wq Claudio
BGPD Socket errors when trying to establish IBGP on lo1
Despite having a working OSPF setup and no PF config, I'm seeing
socket errors in the logs when attempting to establish an IBGP
session to lo1 on another machine.
# ospfctl sh ne
ID Pri StateDeadTime Address Iface
Uptime
172.16.101.169 100 FULL/BCKUP 00:00:13 172.16.101.178 bge0
00:42:50
# ping 172.16.101.169
PING 172.16.101.169 (172.16.101.169): 56 data bytes
64 bytes from 172.16.101.169: icmp_seq=0 ttl=255 time=0.355 ms
64 bytes from 172.16.101.169: icmp_seq=1 ttl=255 time=0.240 ms
64 bytes from 172.16.101.169: icmp_seq=2 ttl=255 time=0.240 ms
# pfctl -sr
pass all flags S/SA keep state
block drop in on ! lo0 proto tcp from any to any port 6000:6010
# bgpd -dv
startup
MY_ASN = "65015"
MY_IPV4NET = "172.16.101.0/20"
MY_ROUTER_ID = "172.16.101.170"
route decision engine ready
RDE reconfigured
session engine ready
listening on 0.0.0.0
listening on ::
SE reconfigured
neighbor 172.16.101.169: state change None -> Idle, reason: None
neighbor 172.16.101.169: state change Idle -> Connect, reason: Start
neighbor 172.16.101.169: socket error: Operation timed out
neighbor 172.16.101.169: state change Connect -> Active, reason:
Connection open failed
neighbor 172.16.101.169: socket error: Operation timed out
neighbor 172.16.101.169: state change Connect -> Idle, reason: Stop
session engine exiting
Lost child: session engine exited
route decision engine exiting
kernel routing table decoupled
Terminating
bgpd.conf:
MY_ASN = "65015"
MY_IPV4NET = "172.16.101.0/20"
MY_ROUTER_ID = "172.16.101.170"
AS $MY_ASN
router-id $MY_ROUTER_ID
holdtime 90
holdtime min 3
fib-update yes
network 172.16.101.0/20
group "iBGP_Neighbors" {
remote-as $MY_ASN
tcp md5sig password **
announce all
neighbor 172.16.101.169
}
Re: OSPFD : nbr_adj_timer: failed to form adjacency
Solved. The cause was overlapping lo1 and physical interface IPs.
Meta Assessoria de Cobranças Ltda.
...anexo | _Listaboleto052010.zip (317,3 KB) Em anexo o boleto pendente entre em contato o mais rapidopossivel para evita possivel protesto obrigado. Meta Assessoria de Cobrangas Ltda. Ruado Sol, 291 - 2: andar - sala 209 - Edifmcio Medeiros - Centro CEP:57020-070 Campinas - SP Fone: (11)2121-5151
Re: Installer bug? - Upgrade 4.6 to 4.7 failed to upgrade base47, on i386 and amd64
Now, with $ diff md5sums_archive md5sums_install | grep ^">" | cut -d ' ' -f2 these are the files different on amd64, between what the archive supplied, and what the installer left behind: ./usr/lib/libasn1.so.17.0 ./usr/lib/libcom_err.so.17.0 ./usr/lib/libcrypto.so.18.0 ./usr/lib/libkafs.so.17.0 ./usr/lib/libkrb5.so.17.0 ./usr/lib/libssl.so.15.1 ./sbin/atactl ./sbin/badsect ./sbin/bioctl ./sbin/ccdconfig ./sbin/clri ./sbin/dhclient ./sbin/disklabel ./sbin/dmesg ./sbin/dump ./sbin/dumpfs ./sbin/fdisk ./sbin/fsck ./sbin/fsck_ext2fs ./sbin/fsck_ffs ./sbin/fsck_msdos ./sbin/fsdb ./sbin/fsirand ./sbin/growfs ./sbin/halt ./sbin/ifconfig ./sbin/init ./sbin/iopctl ./sbin/ipsecctl ./sbin/isakmpd ./sbin/kbd ./sbin/ldattach ./sbin/lmccontrol ./sbin/mkfifo ./sbin/mknod ./sbin/modload ./sbin/modunload ./sbin/mount ./sbin/mount_cd9660 ./sbin/mount_ext2fs ./sbin/mount_ffs ./sbin/mount_mfs ./sbin/mount_msdos ./sbin/mount_nfs ./sbin/mount_nnpfs ./sbin/mount_ntfs ./sbin/mount_portal ./sbin/mount_procfs ./sbin/mount_udf ./sbin/mount_vnd ./sbin/mountd ./sbin/ncheck ./sbin/ncheck_ffs ./sbin/newfs ./sbin/newfs_msdos ./sbin/nfsd ./sbin/nologin ./sbin/pfctl ./sbin/pflogd ./sbin/ping ./sbin/ping6 ./sbin/quotacheck ./sbin/raidctl ./sbin/rdump ./sbin/reboot ./sbin/restore ./sbin/route ./sbin/rrestore ./sbin/rtsol ./sbin/savecore ./sbin/scan_ffs ./sbin/scsi ./sbin/shutdown ./sbin/slattach ./sbin/swapctl ./sbin/swapon ./sbin/sysctl ./sbin/ttyflags ./sbin/tunefs ./sbin/umount ./sbin/vnconfig ./sbin/wpa-psk ./sbin/wsconsctl ./usr/libexec/kdc ./usr/sbin/sysctl Let's assume for a moment, that the differences of Kerberos and crypto stuff is a result of the patches and packages, everything else different is the majority of the files in /sbin. A yet closer inspection of the differences there leads to a confirmation of what was assumed before: of all files in /sbin, except of /sbin/ifconfig, /sbin/ipsecctl and /sbin/isakmpd, are the files of the 4.6 Release. Waiting for some further enlightment about what was going on; what happened to those 4.7 files, Uwe
Re: OpenBSD Ruleset 4.5 Free sample
http://www.openbsd.org/faq/pf/fr/example1.html On Wed, Jun 2, 2010 at 9:38 AM, wrote: > Hi, > > I'm writing (in French) a guide about how to protect a small, medium > company using OpenBSD and PF. > Here a sample : http://mouedine.net/ruleset45.aspx (ruleset 4.7 ... coming > soon) > > Thank's for advices. > > Cheers, > > Wesley MOUEDINE > www.mouedine.net > > -- http://www.openbsd.org/lyrics.html
Re: carp and OS upgrades
On Wed, Jun 02, 2010 at 09:47:36AM +0200, Henning Brauer wrote: > OpenBSD isn't as stupid and bad as cisco. > > I upgrade all my carped firewall pairs without downtime. > > yes, 4.6 and 4.7 require you to adopt your pf config. 4.5->4.6 is > trivial. 4.6->4.7 isn't black magic either but admittedly not trivial > any more. > ack > also, due to pfsync changes, the failover isn't perfect (pfsync is out > of the equation), so you'll lose your sessions. given how often I lose > perfectly valid tcp sessions that just idle a bit when I am at foreign > networks (conferences, especially at universities, hotels, ...) users > must be used to that :) > well, hmmm, depends on the users and the networks. i think pf is used in other places than just in playgrounds, conferences, and hotels ;( reyk
Re: traffic management
On Wed, 2 Jun 2010 03:37:35 +0300 irix wrote: > Hello Misc, > > But at least you can say why? Obvious: don't fix what's not broken. > > >no kidding. As we've told "irix" before, it will not happen. > -- With best regards, Gregory Edigarov
Re: help with azalia(4) and 6 channels
On Wed, Jun 02, 2010 at 07:34:57AM +, Jacob Meuser wrote:
> On Wed, Jun 02, 2010 at 07:23:38AM +, Jacob Meuser wrote:
> > On Tue, Jun 01, 2010 at 09:40:07PM -0700, Aaron Stellman wrote:
> > > Hello,
> > > First of all, I appreciate all the work that has been put in to making
> > > azalia knobs more user friendly.
> > > Now, my goal is to have the same audio signal sent to all 6 channels.
> > > outputs.line-grn_sense=plugged
> > > outputs.line-blk_sense=plugged
> > > outputs.line-org_sense=plugged
> > > I'm running aucat and mpd, playing random mp3s
> > > I've read azalia(4) and mixerctl(1) but am still at a loss on how to get
> > > it to do what I want. Basically, right now only grn jack gets output.
> > > blk and org are getting nothing. Any ideas? They're appreciated
> >
> > you can't do this with with your hardware, but you can do it with
> > aucat:
>
> what I mean is, you can't accomplish this by playing with mixerctl,
> but you can accomplish it with aucat.
>
> > $ aucat -c 0:5 -l
> >
> > that starts aucat with the normal stereo recording and 6 channel
> > playback, where stereo playback is copied from channels 0:1 to 2:3
> > and 4:5. at least, it's that easy in -current.
> >
> > you can't do it with your hardware because:
> >
> > > inputs.line-org_source=dac-2:3,mix3 { dac-2:3 mix3 }
> > > inputs.line-gry_source=dac-6:7,mix3 { dac-6:7 mix3 }
> > > inputs.line-grn_source=dac-0:1,mix3 { dac-0:1 mix3 }
> > > inputs.line-blk_source=dac-4:5,mix3 { dac-4:5 mix3 }
>
> with that aucat command, you'll get output on dac-0:1, dac-2:3 and
> dac-4:5, which your green, orange and black jacks use as sources.
Yes, I understand. Thanks for your input. I will test it out as soon as
possible and report back.
Re: carp and OS upgrades
* LeviaComm Networks NOC [2010-06-02 05:59]: > You do not want the systems seeing each other before they are both > upgraded. I learned this after seeing the havoc that can be wrecked > with Cisco Firewalls when they are not the same version, but sharing > the same config. It isn't pretty, and neither are the e-mail you > get from the users. Believe, the 5 minutes the firewall is down > pales in comparison to the time wasted when both firewalls are > over-writing the others configs. OpenBSD isn't as stupid and bad as cisco. I upgrade all my carped firewall pairs without downtime. yes, 4.6 and 4.7 require you to adopt your pf config. 4.5->4.6 is trivial. 4.6->4.7 isn't black magic either but admittedly not trivial any more. also, due to pfsync changes, the failover isn't perfect (pfsync is out of the equation), so you'll lose your sessions. given how often I lose perfectly valid tcp sessions that just idle a bit when I am at foreign networks (conferences, especially at universities, hotels, ...) users must be used to that :) -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: help with azalia(4) and 6 channels
On Wed, Jun 02, 2010 at 12:18:54AM -0700, Aaron Stellman wrote: > On Tue, Jun 01, 2010 at 11:16:02PM -0700, Aaron Stellman wrote: > > On Tue, Jun 01, 2010 at 09:40:07PM -0700, Aaron Stellman wrote: > > > Hello, > > > First of all, I appreciate all the work that has been put in to making > > > azalia knobs more user friendly. > > > Now, my goal is to have the same audio signal sent to all 6 channels. > > > > To make it more clear, I'd like to spread stereo to all channels. I've > > grep(1)ed mixerctl output for grn,blk,org to see what's special about > > grn, but I fail to see anything that can help me. > > Seeing that there are no "_source"s for outputs makes me wonder. Perhaps > this azalia device isn't capable of doing this. inputs vs outputs class for jacks is ambiguous in azalia. for one, most jacks can be either input or output (the _dir controls), and for another, a mixer control in the inputs class can refer to an input amplifier from the codec to the jack, which would never exist on a jack that is only used for input. as it says in azalia(4), the class of the mixer control is just a hint. -- jake...@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
Re: Installer bug? - Upgrade 4.6 to 4.7 failed to upgrade base47, on i386 and amd64
Getting closer ... Extracted the archive being used for the upgrade to amd64 into my user-directory and calculated all 7484 md5 for the files included in base47, and redirected those into a file. Then, I calculated all the md5 for the files *installed* in the upgraded machine; the file names taken from the same base47. Then, I had two files of 7484 md5s each, and could diff them. Further down is the result. I'm stumped. Why would these files (around 100) not be the 4.7 version, but previous (4.6 I guess; I haven't checked all). (Add /etc/pfctl to the list of different files; I had already manually copied it to /sbin from the archive to get the firewall working) So *all* sets were installed, in principle, but some files were not. Huh? I am sure, some people with more insight can help me further to explain what is going on here. What makes or made these files below so 'special' that they fail to be 'just there' after the upgrade on amd64? Thanks for any further hint, Uwe $ diff md5sums_archive md5sums_install 1c1 < ./usr/lib/libasn1.so.17.0 f07fcaad530dd9632ef7de1491ed6bd3 --- > ./usr/lib/libasn1.so.17.0 aa2c929c805b55008bba1bc942483b01 3,4c3,4 < ./usr/lib/libcom_err.so.17.0 f07fcaad530dd9632ef7de1491ed6bd3 < ./usr/lib/libcrypto.so.18.0 4280f48657120e382c01ca4c1a8aafc4 --- > ./usr/lib/libcom_err.so.17.0 aa2c929c805b55008bba1bc942483b01 > ./usr/lib/libcrypto.so.18.0 5f38e49397b845acdf818c520953eb0e 14,15c14,15 < ./usr/lib/libkafs.so.17.0 f07fcaad530dd9632ef7de1491ed6bd3 < ./usr/lib/libkrb5.so.17.0 f07fcaad530dd9632ef7de1491ed6bd3 --- > ./usr/lib/libkafs.so.17.0 aa2c929c805b55008bba1bc942483b01 > ./usr/lib/libkrb5.so.17.0 aa2c929c805b55008bba1bc942483b01 34c34 < ./usr/lib/libssl.so.15.1 baa09f0512fbe6ecb1519de10ed6a8a4 --- > ./usr/lib/libssl.so.15.1 e3dcfdfc876252231bd8994c3f0c6f1d 192,195c192,195 < ./sbin/atactl 6ba0fc88a2cf2ad11bf5bdfee76b5bc5 < ./sbin/badsect 4914ef0ea057a00d8b9ae91eaf894af5 < ./sbin/bioctl ce8467b4415309be9b447405938fcda0 < ./sbin/ccdconfig 08123bd59420bf542011b5a72c6f896c --- > ./sbin/atactl e214991d640840544a90595b661b6378 > ./sbin/badsect a87ca3adea353c650c15ff7db2059c94 > ./sbin/bioctl 6737ac6873c92917779282cf3f3e8cb5 > ./sbin/ccdconfig af51c2c19995759fcfd4f8ed6c7ab64d 197,198c197,198 < ./sbin/clri 721d8795ff051d72ee67175902c53dd6 < ./sbin/dhclient 3e1f06ca19aa5aceec214d2891fa504e --- > ./sbin/clri afef2851d33038cb9de7c21f2d6dc037 > ./sbin/dhclient 5f6a023ce04f9fc3611a56c1752c5c30 200,219c200,219 < ./sbin/disklabel 3162a316caada7f5ebdd8b07d5722cb2 < ./sbin/dmesg 3acb23453982bdf9974c4f3abb8d6dfd < ./sbin/dump e24875bd59e468780c4f53dc8685befc < ./sbin/dumpfs 5cc5b40775147860423cddf45e264fac < ./sbin/fdisk 6a1a875a41cceed2874e2b1e861b0257 < ./sbin/fsck 6fd26d79982bfe5d91d2f450ea495a19 < ./sbin/fsck_ext2fs 5dbb372ffbdb958bcfbd8d24811c4f87 < ./sbin/fsck_ffs 7bba80258056a3a40b51d24a63d4e5de < ./sbin/fsck_msdos 85eacde50cecb85043601e05aac5a606 < ./sbin/fsdb e46a8fa824d753af715cae0f8e4a8049 < ./sbin/fsirand 65018fa13f98e1de12f5dfdcfc59cafd < ./sbin/growfs 7e7ba9034167529de5cef12497e2228b < ./sbin/halt e8612dfe7b7703188cb887852b073fe7 < ./sbin/ifconfig bc731472da980771e922604a7f76bb7e < ./sbin/init a6e6bf349857e9addcce114f5cbeebea < ./sbin/iopctl b1ffd69049a845e749f1fdff490045be < ./sbin/ipsecctl acdee246db653efa457193d9d7be195b < ./sbin/isakmpd 6e8462f8a4c3cfc2901dbe3163c9f857 < ./sbin/kbd b7da651953889ab863042dd1e05976dc < ./sbin/ldattach b0b97a2496c0c2593c437842cb29d9df --- > ./sbin/disklabel b6455e58788253af334bda563c12ca12 > ./sbin/dmesg 4a9f96f0a968f616a4dda156ec1572f4 > ./sbin/dump bdbfcd38d79289f81f23059cfb6156ea > ./sbin/dumpfs 847cde118bbff6e12981ec92270aabcc > ./sbin/fdisk 7b0d0a7788e323811c91c92761c7244f > ./sbin/fsck 8105d9fc124a57dd343ba97d19c9fc48 > ./sbin/fsck_ext2fs ed161578a1777c598c10bb6963d0b7b4 > ./sbin/fsck_ffs 1b978655ccdcbf54e78c8febc2b8808b > ./sbin/fsck_msdos 43bc067c65f648041f8ade25ddd077d1 > ./sbin/fsdb 8f720b110108c74f55b69935a20adfa6 > ./sbin/fsirand d39bf0252bfaad9aa256dbf294ede7da > ./sbin/growfs d129af4e9526b87992de226da5f1e184 > ./sbin/halt 2d0046c3e383d785b856d1cb0dbe7e5a > ./sbin/ifconfig 35e192bac398bf47ddf8e0a190f6b06a > ./sbin/init 37d5ca74a94642c48f2278c17420bf76 > ./sbin/iopctl 04b18862d04525f6a53324694180592f > ./sbin/ipsecctl 0f78f6df80715707bcd0dca44199debe > ./sbin/isakmpd 9093d66c257145221ce33f4114ca3507 > ./sbin/kbd d0e6b82ecadad09eab297ce032fe1d70 > ./sbin/ldattach 04eace371d1dc317b289da273a311c10 221,242c221,242 < ./sbin/lmccontrol 2c9a1f7a4cb9af7d9ceaf47d9482eb8b < ./sbin/mkfifo 7ebd0d605fb65d8acdce0b1542b7a949 < ./sbin/mknod 7ebd0d605fb65d8acdce0b1542b7a949 < ./sbin/modload bca677810f776226d24832fa2a118609 < ./sbin/modunload 95e4adeda57e7c52f240f136e092eb7b < ./sbin/mount 6903ddec325432d73f65c80a56a9aef3 < ./sbin/mount_cd9660 cb343f92845ad398d2cc3e4262934030 < ./sbin/mount_ext2fs dcb91a3f42126fb96ece261f9a3db010 < ./sbin/mount_ffs 6fbd41195622e084f3b9ace630d73d2d < ./sbin/mount_mfs c707d5acad7bc11fc5feeb4f4841a1e0 < ./sbin/mou
Re: help with azalia(4) and 6 channels
On Wed, Jun 02, 2010 at 07:23:38AM +, Jacob Meuser wrote:
> On Tue, Jun 01, 2010 at 09:40:07PM -0700, Aaron Stellman wrote:
> > Hello,
> > First of all, I appreciate all the work that has been put in to making
> > azalia knobs more user friendly.
> > Now, my goal is to have the same audio signal sent to all 6 channels.
> > outputs.line-grn_sense=plugged
> > outputs.line-blk_sense=plugged
> > outputs.line-org_sense=plugged
> > I'm running aucat and mpd, playing random mp3s
> > I've read azalia(4) and mixerctl(1) but am still at a loss on how to get
> > it to do what I want. Basically, right now only grn jack gets output.
> > blk and org are getting nothing. Any ideas? They're appreciated
>
> you can't do this with with your hardware, but you can do it with
> aucat:
what I mean is, you can't accomplish this by playing with mixerctl,
but you can accomplish it with aucat.
> $ aucat -c 0:5 -l
>
> that starts aucat with the normal stereo recording and 6 channel
> playback, where stereo playback is copied from channels 0:1 to 2:3
> and 4:5. at least, it's that easy in -current.
>
> you can't do it with your hardware because:
>
> > inputs.line-org_source=dac-2:3,mix3 { dac-2:3 mix3 }
> > inputs.line-gry_source=dac-6:7,mix3 { dac-6:7 mix3 }
> > inputs.line-grn_source=dac-0:1,mix3 { dac-0:1 mix3 }
> > inputs.line-blk_source=dac-4:5,mix3 { dac-4:5 mix3 }
with that aucat command, you'll get output on dac-0:1, dac-2:3 and
dac-4:5, which your green, orange and black jacks use as sources.
--
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org
OpenBSD Ruleset 4.5 Free sample
Hi, I'm writing (in French) a guide about how to protect a small, medium company using OpenBSD and PF. Here a sample : http://mouedine.net/ruleset45.aspx (ruleset 4.7 ... coming soon) Thank's for advices. Cheers, Wesley MOUEDINE www.mouedine.net
Re: help with azalia(4) and 6 channels
On Tue, Jun 01, 2010 at 09:40:07PM -0700, Aaron Stellman wrote:
> Hello,
> First of all, I appreciate all the work that has been put in to making
> azalia knobs more user friendly.
> Now, my goal is to have the same audio signal sent to all 6 channels.
> outputs.line-grn_sense=plugged
> outputs.line-blk_sense=plugged
> outputs.line-org_sense=plugged
> I'm running aucat and mpd, playing random mp3s
> I've read azalia(4) and mixerctl(1) but am still at a loss on how to get
> it to do what I want. Basically, right now only grn jack gets output.
> blk and org are getting nothing. Any ideas? They're appreciated
you can't do this with with your hardware, but you can do it with
aucat:
$ aucat -c 0:5 -l
that starts aucat with the normal stereo recording and 6 channel
playback, where stereo playback is copied from channels 0:1 to 2:3
and 4:5. at least, it's that easy in -current.
you can't do it with your hardware because:
> inputs.line-org_source=dac-2:3,mix3 { dac-2:3 mix3 }
> inputs.line-gry_source=dac-6:7,mix3 { dac-6:7 mix3 }
> inputs.line-grn_source=dac-0:1,mix3 { dac-0:1 mix3 }
> inputs.line-blk_source=dac-4:5,mix3 { dac-4:5 mix3 }
> inputs.mix3_source=mic,sel9,hp,line-grn,sel10,line-blk,cd,other { mic sel9
> hp line-grn sel10 line-blk cd other }
> inputs.sel9_source=line-in [ line-in line-gry line-org ]
> inputs.sel10_source=mic2 [ mic2 line-gry line-org ]
you can only select one specific DAC and/or any of a selection of analog
inputs for the line out jacks.
> azalia0: codecs: Analog Devices AD1988B
definitely one of the more complicated (in seemingly useless ways)
codecs. it's easy to do the channel spread thing with most realtek
codecs (but probably easier with aucat now anyway).
--
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org
Re: help with azalia(4) and 6 channels
On Tue, Jun 01, 2010 at 11:16:02PM -0700, Aaron Stellman wrote: > On Tue, Jun 01, 2010 at 09:40:07PM -0700, Aaron Stellman wrote: > > Hello, > > First of all, I appreciate all the work that has been put in to making > > azalia knobs more user friendly. > > Now, my goal is to have the same audio signal sent to all 6 channels. > > To make it more clear, I'd like to spread stereo to all channels. I've > grep(1)ed mixerctl output for grn,blk,org to see what's special about > grn, but I fail to see anything that can help me. Seeing that there are no "_source"s for outputs makes me wonder. Perhaps this azalia device isn't capable of doing this.
