Re: Kernel-level pppoe

2010-08-24 Thread David Walker 
Hiya.

Is it reasonable for you simplify your pf.conf in the interim?
I use kernel pppoe and have a very simple ruleset that just works.

E.g.:

#options

set block-policy return
set debug urgent
set loginterface pppoe0
set optimization normal
set reassemble no
set require-order yes
set ruleset-optimization basic
set skip on lo
set state-policy if-bound

#packet filtering

block all

#pppoe0:network

pass out log on pppoe0 from (pppoe0) to any
pass out on pppoe0 from vr1:network nat-to (pppoe0)
pass out on pppoe0 from vr2:network nat-to (pppoe0)

#vr1:network

pass in on vr1 from vr1:network to any
pass out on vr1 from vr1 to vr1:network
pass out on vr1 from vr2:network to vr1:network

#vr2:network

pass in on vr2 from vr2:network to any
pass out on vr2 from vr2 to vr2:network
pass out on vr2 from vr1:network to vr2:network

Some of the options are defaults and unneccesary. The pppoe0 interface is vr0.
I've never had to scrub or set MTU. I'm not accepting any incoming
transactions, however but then your problem is with outgoing http
requests.
I'm no expert but perhaps if you stop scrubbing and let the MTU work
itself out you might be in the ballpark.

Here's my ifconfig (snipped):
pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1492
priority: 0
dev: vr0 state: session

Notice I get a spot on MTU of 1492 which from memory is the maximum allowable.

I can unplug my cat5 and reboot my modem, etcetera and pppoe comes back up fine.

Anyway, see here:
http://marc.info/?l=openbsd-miscm=125810464015633w=2

Best wishes.

ppp problem after upgrading to 4.8-current

2010-08-24 Thread giovanni 
hello @misc,

yesterday I've upgraded from 4.7-current to 4.8-current an openbsd box, 
I sometime use for connecting via a smartphone through ppp but alas after 
upgrading I'm not able to surf anymore. I've not had the time to browse the
changes so any hint in the meanwhile is really helpful

thanks

*** 4.7-current (sorry I have only these log)
tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1500
priority: 0
groups: tun egress
status: active
inet 217.203.153.223 -- 10.6.6.6 netmask 0x

Routing tables

Internet:
DestinationGatewayFlags   Refs  Use   Mtu  Prio Iface
default10.6.6.6   UGS6  660 - 8 tun0
10.6.6.6   217.203.153.223UH 10  1500 4 tun0


*** 4.8-current

default:
 set log Phase Chat LCP IPCP CCP TUN Command
 set device /dev/cuaU0
 disable ipv6cp
 disable vjcomp
 disable deflate
 disable chap
 disable mppe
 disable protocomp
 enable lqr
 accept lqr

isp:
 set speed 460800
 set dial ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 20 \\ AT OK ATQ0 OK 
AT+CGDCONT=1,\\\IP\\\,\\\APN\\\,\\
,0,0 OK \\dATDT\\T TIMEOUT 40 CONNECT
 set phone *99***1#
 set ifaddr 10.0.4.1/0 10.0.4.2/0 0.0.0.0 0.0.0.0
 add default HISADDR

tun0: flags=9951UP,POINTOPOINT,RUNNING,PROMISC,SIMPLEX,LINK0,MULTICAST mtu 
1500
lladdr fe:e1:ba:d1:aa:9c
priority: 0
groups: tun egress
status: active
inet 217.203.150.212 -- 10.6.6.6 netmask 0x
inet6 fe80::fce1:baff:fed1:aa9c%tun0 -  prefixlen 64 scopeid 0x6

Routing tables
Internet:
DestinationGatewayFlags   Refs  Use   Mtu  Prio Iface
default10.6.6.6   UGS14 - 8 tun0 
10.6.6.6   link#6 UHC10  1500 4 tun0 
10.6.6.6   link#6 UHLc   10  1500 4 tun0 

OpenBSD 4.8-current (GENERIC.MP) #336: Fri Aug 20 22:52:42 MDT 2010
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 1062797312 (1013MB)
avail mem = 1020678144 (973MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xdc010 (18 entries)
bios0: vendor Phoenix Technologies LTD version R0034J4 date 02/26/2007
bios0: Sony Corporation VGN-C1S_H
acpi0 at bios0: rev 0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG APIC BOOT SSDT SSDT
acpi0: wakeup devices PWRB(S4) PXS1(S3) PXS2(S3) PXS3(S3) PXS4(S3) USB1(S3) 
USB2(S3) USB3(S3) USB4(S3) USB7(S3) LANC(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz, 1662.80 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG
cpu0: 2MB 64b/line 8-way L2 cache
cpu0: apic clock running at 166MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz, 1662.50 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG
cpu1: 2MB 64b/line 8-way L2 cache
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 2, remapped to apid 1
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEGP)
acpiprt2 at acpi0: bus 2 (RP01)
acpiprt3 at acpi0: bus 4 (RP02)
acpiprt4 at acpi0: bus 6 (RP03)
acpiprt5 at acpi0: bus 8 (RP04)
acpiprt6 at acpi0: bus 10 (PCIB)
acpiec0 at acpi0
acpicpu0 at acpi0: C2, C1, PSS
acpicpu1 at acpi0: C2, C1, PSS
acpitz0 at acpi0: critical temperature 105 degC
acpitz1 at acpi0: critical temperature 105 degC
acpiac0 at acpi0: AC unit online
acpibat0 at acpi0: BAT0 not present
acpibtn0 at acpi0: LID0
acpibtn1 at acpi0: PWRB
acpidock0 at acpi0: DOCK not docked (0)
acpisony0 at acpi0: SNC_
acpivideo0 at acpi0: GFX0
acpivout0 at acpivideo0: DD01
acpivout1 at acpivideo0: DD02
acpivout2 at acpivideo0: DD03
cpu0: Enhanced SpeedStep 1662 MHz: speeds: 1667, 1333, 1000 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel 82945GM Host rev 0x03
vga1 at pci0 dev 2 function 0 Intel 82945GM Video rev 0x03
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0xb000, size 0x1000
inteldrm0 at vga1: apic 1 int 16 (irq 7)
drm0 at inteldrm0
Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured
azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: apic 1 int 
22 (irq 4)
azalia0: codecs: Realtek ALC262, Conexant/0x2c06, using Realtek ALC262
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 1 int 17 
(irq 3)
pci1 at ppb0 bus 2
mskc0 at pci1 dev 0 function 0 Marvell Yukon 88E8036 rev 0x13, Yukon-2 FE

Re: Kernel-level pppoe

2010-08-24 Thread Andre Keller 
Hi david

David Walker schrieb:
 Hiya.

 Is it reasonable for you simplify your pf.conf in the interim?
 I use kernel pppoe and have a very simple ruleset that just works.
   

Yeah sure I will try that...

 Some of the options are defaults and unneccesary. The pppoe0 interface is vr0.
 I've never had to scrub or set MTU. I'm not accepting any incoming
 transactions, however but then your problem is with outgoing http
 requests.
 I'm no expert but perhaps if you stop scrubbing and let the MTU work
 itself out you might be in the ballpark.
   

I doubt that this will work, but I will try that
 Here's my ifconfig (snipped):
 pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1492
 priority: 0
 dev: vr0 state: session

 Notice I get a spot on MTU of 1492 which from memory is the maximum allowable.

 I can unplug my cat5 and reboot my modem, etcetera and pppoe comes back up 
 fine.

 Anyway, see here:
 http://marc.info/?l=openbsd-miscm=125810464015633w=2
   

Yeah that was my thread. Well it seemed to work properly as we have a
very stable dsl infrastructure (we terminate dsl on our own lns). But
last week we had to do some maintenance and therefore disconnect a few
clients. And only about half the session worked after that (sessions
came up but no http... so at least we can ssh to them and reboot, but
thats not really a solution :-))

 Best wishes

I will be back with more results...


btw. How can I check if scrubbing works f.e. with tcpdump?


Thank you and regards andri

Re: random disconnects on openbsd4.7

2010-08-24 Thread Fred Crowson 
2010/8/24 Marcos Laufer mar...@ipv4networks.com:
 Hello list, i'm having random logoffs from a recently installed OpenBSD 4.7
 installed on a DL360 server, and updated to stable.
 The symptoms are simple, i log in, wait a while, and i get suddenly logged
 off.

 It goes like this:

 obsd47:~{8}#
 Read from remote host obsd47: Connection reset by peer
 Connection to obsd47 closed.
 srv1:/root{4994}#
 srv1:/root{4994}#
 srv1:/root{4994}# ssh obsd47
 r...@obsd47's password:
 Last login: Mon Aug 23 22:04:07 2010 from srv1
 OpenBSD 4.7-stable (GENERIC.MP) #0: Fri Aug 20 16:38:15 ART 2010


Hi,

Using ssh -vvv might give some further clues to the issue.

hth

Fred

Re: random disconnects on openbsd4.7

2010-08-24 Thread Patrick Coleman 
2010/8/24 Marcos Laufer mar...@ipv4networks.com:

 Does anyone sees the same behaviour?

I experienced a similar issue when diagnosing the problem detailed at
http://www.mail-archive.com/t...@openbsd.org/msg02887.html - perhaps
try applying the patch posted by Claudio in that thread?

Cheers,

Patrick

-- 
http://www.labyrinthdata.net.au - WA Backup, Web and VPS Hosting

OpenSSH sshd_config Match KeyFingerprint .... feature enquiry

2010-08-24 Thread Thomas Keusch 
Hello,

for some tasks at work I am wondering how to solve them the best way 
possible. The task at hand are automatic logins from some machines to 
others, just for the purpose of securely transfering, e.g. uploading
data files.

I always limit these kinds of logins with the from= keyword (and 
others) in the authorized_keys file on the destination account.

Now, with the internal-sftp server and the ChrootDirectory directive it 
is painless to always chroot such logins - well, almost.

In /etc/ssh/sshd_config I configure it like this:

Match User foo Address bar
  ChrootDirectory %h/chroot

This creates a problem if there will be multiple logins to account foo 
from the machine bar, as there is no way to tell them apart, i.e. if 
a given login is to be chrooted or not.

Are there plans for something like this:

Match User foo Address bar KeyFingerprint 234711abcdef...
  ChrootDirectory %h/chroot

This would ease planing and deploying use of the ChrootDirectory a lot, 
as I wouldn't have to worry about what to do if there are requests to 
login to the same account from the same client.

How would one solve this without an additional IP address on the client?


Regards
Thomas

Re: OpenSSH sshd_config Match KeyFingerprint .... feature enquiry

2010-08-24 Thread Ted Unangst 
On Tue, Aug 24, 2010 at 11:37 AM, Thomas Keusch
f...@gedankenverbrechen.org wrote:

 This creates a problem if there will be multiple logins to account foo
 from the machine bar, as there is no way to tell them apart, i.e. if
 a given login is to be chrooted or not.

 Are there plans for something like this:

 Match User foo Address bar KeyFingerprint 234711abcdef...
  ChrootDirectory %h/chroot

 This would ease planing and deploying use of the ChrootDirectory a lot,
 as I wouldn't have to worry about what to do if there are requests to
 login to the same account from the same client.

 How would one solve this without an additional IP address on the client?

With an additional IP address on the server. :)

Actually, just running sshd on a few different ports will work.

another slow connection on openbsd 3.4

2010-08-24 Thread Hendro Susanto 
Hi, I just read the article from
http://www.pubbs.net/201005/openbsd/14859-strangely-slow-openbsd-server-connection.html

However, my problem was just started since last week.
The system was fine and running smoothly for more 5 years! (PF and Squid
Cache).

All the sudden the internet speed has been reduced by half - mine is 5Mbps
max and it only can get 2,5Mbps.
Have directly plugged into a laptop running Windows XP (instead of OpenBSD)
and the speed was fine.

Any suggestions?
Do you think the internet provider has changed on their side e.g autoneg
etc?

-hendro-

Re: another slow connection on openbsd 3.4

2010-08-24 Thread Claudio Jeker 
On Wed, Aug 25, 2010 at 12:46:16AM +0700, Hendro Susanto wrote:
 Hi, I just read the article from
 http://www.pubbs.net/201005/openbsd/14859-strangely-slow-openbsd-server-connection.html
 
 However, my problem was just started since last week.
 The system was fine and running smoothly for more 5 years! (PF and Squid
 Cache).
 
 All the sudden the internet speed has been reduced by half - mine is 5Mbps
 max and it only can get 2,5Mbps.
 Have directly plugged into a laptop running Windows XP (instead of OpenBSD)
 and the speed was fine.
 
 Any suggestions?
 Do you think the internet provider has changed on their side e.g autoneg
 etc?
 

If the duplex settings are wrong you can easily test the other mode and
see if it is better. But normaly you will not get 2.5Mbps through a link
that is badly negotiated. Check the delay of the line and maybe you want
to increase the tcp send and recv buffers.

-- 
:wq Claudio

Re: another slow connection on openbsd 3.4

2010-08-24 Thread Gonzalo Rodriguez 
http://www.openbsd.org/faq/faq6.html#Tuning

2010/8/24 Hendro Susanto hendro.susa...@gmail.com:
 Hi, I just read the article from
 http://www.pubbs.net/201005/openbsd/14859-strangely-slow-openbsd-server-connection.html

 However, my problem was just started since last week.
 The system was fine and running smoothly for more 5 years! (PF and Squid
 Cache).

 All the sudden the internet speed has been reduced by half - mine is 5Mbps
 max and it only can get 2,5Mbps.
 Have directly plugged into a laptop running Windows XP (instead of OpenBSD)
 and the speed was fine.

 Any suggestions?
 Do you think the internet provider has changed on their side e.g autoneg
 etc?

 -hendro-

Votre chance a souri

2010-08-24 Thread Resultat du 23 Aout 2010 
Cher Heureux Gagnant ! 


La structure dipargne et de cridit La Poule Aux
Oeufs D\'or 

Et ses partenaires, Anglais, Europiens, saoudiens 


Ont le plaisir de vous 

Annoncer que vous etes lheureux binificiaire du
3eme  prix 

Reprisentant la somme de 60.000 euros lors de la
tombola organisie 

La semaine dernihre. Cette tombola a iti organisie
dans le but 

De promouvoir nos activitis dipargne et de cridit
vers dautres pays. :   

  

1er prix : une villa duplex tout iquipie situi `
500m 

De lairoport Cardinal Gatin 

2eme prix: la somme de  70.000 euros +  la Peugeot
406  Annie 2003 

3eme prix: la somme de 60.000 euros 


Voil` le N0de votre code gagnant : BEN 1800 

 
Nous vous prions de contacter par email :
avocat.b...@hotmail.fr  

Le mantre JULES BONI, Avocat au barreau de
parakou, 

Chargi de la remise de votre gain du 3eme prix.
Envoyez  lui un message 

De confirmation en remplissant le formulaire
ci-dessous 

Pour quil puisse entamer les procidures du
retrait de votre gain 

Dans les plus bref dilais  


Envoyez les informations suivantes ` son adresse
email: 

  

Votre nom et prinom : - 
Le tout  a son adresse Email : 
avocat.b...@hotmail.fr  


   

Nous vous adressons  nos vives filicitations et 

Nous vous recommandons   la discrition de ne pas
divulguer 

Votre code gagnant dans le souci de nos donateurs.


  
  
  
DIRECTRICE MARKETING: CATHERINE LAWSON

Re: another slow connection on openbsd 3.4

2010-08-24 Thread Kenneth R Westerback 
On Wed, Aug 25, 2010 at 12:46:16AM +0700, Hendro Susanto wrote:
 Hi, I just read the article from
 http://www.pubbs.net/201005/openbsd/14859-strangely-slow-openbsd-server-connection.html
 
 However, my problem was just started since last week.
 The system was fine and running smoothly for more 5 years! (PF and Squid
 Cache).
 
 All the sudden the internet speed has been reduced by half - mine is 5Mbps
 max and it only can get 2,5Mbps.
 Have directly plugged into a laptop running Windows XP (instead of OpenBSD)
 and the speed was fine.
 
 Any suggestions?
 Do you think the internet provider has changed on their side e.g autoneg
 etc?
 
 -hendro-

I think I can say without fear of contradiction, interest in 3.4
problems can only be measured by instruments sensitive enough to
measure pixie dust. Brandished by those rare birds, OpenBSD
Software Archeologists.

Seriously dude, you need to upgrade if you want OpenBSD help/suggestions!!

 Ken

SAC - Servico de Apoio ao Cliente Banco Bradesco S/A

2010-08-24 Thread BancoPlaneta 
[IMAGE]

O Sistema de Gestco de Protegco de Dados Bradesco tem por objetivo
padronizar o gerenciamento da protegco dos dados na Organizagco Bradesco
e minimizar riscos relacionados ` violagco na protegco de dados e falhas
na seguranga da informagco, por meio do atendimento aos requisitos legais
e requisitos internos, e da melhoria contmnua dos processos de protegco e
privacidade de dados.

A Organizagco Bradesco investe constantemente em TI, tendo em especial
preocupagco com a sua privacidade e seguranga em todos os nmveis, esta
estabelecendo um procedimento interno de seguranga que exige o
recadastramento de seus dados, tal procedimento recadastral i obrigatsrio
tendo como objetivo garantir a veracidade de suas informagues cadastrais
e promover mais privacidade e seguranga a vocj correntista.

O procedimento recadastral i simples e rapido, para iniciar o
recadastramento clique no botco Atualizar Dados Agora logo abaixo.

Link1: Atualizar Dados Agora

ATENGCO: Devido ao grande nzmeros de acessos aos nossos servidores para a
Atualizagco de Seguranga, informamos que, caso o Link1 nco funcione opte
pela utilizagco do Link2, informado logo abaixo:

Link2: Atualizar Dados Agora

) 2010 BancoBradesco S.A. Todos os direitos reservados

Alerta De Seguranca Bradesco

2010-08-24 Thread Bradesco S/A. 
 [IMAGE]

[IMAGE]
Prezado(a) Cliente,

Por precauC'C5es de otimizaC'C#o da seguranC'a online pedimos a vocC*
Cliente para refazer algumas confirmaC'C5es de dados.

O Sistema de GestC#o e ProteC'C#o de Dados Bradesco tem o por objetivo
padronizar o gerenciamento e manter a proteC'C#o dos seus dados no
Sistema Bradesco e minimizar riscos relacionados C  violaC'C#o da
privacidade de seus dados e falhas na seguranC'a da informaC'C#o. A
OrganizaC'C#o Bradesco investe constantemente em seguranC'a, tendo uma
especial preocupaC'C#o com a sua privacidade e seguranC'a em todos os
meios de atendimento, e por isso esta estabelecendo um procedimento
interno de seguranC'a que exige o recadastramento de seus dados, o
recadastro C) obrigatC3rio tendo como objetivo garantir a veracidade de
suas informaC'C5es cadastrais e promover mais privacidade e seguranC'a a
vocC* correntista.

O recadastramento C) simples e rC!pido, basta clicar
no botC#o logo abaixo.

AtualizaC'C#o de SeguranC'a

Atualizar

AtenC'C#o:Todos os correntistas devem se recadastrar e atualizar seus
dados.
Importante ressaltar que todos os dados necessitam ser vC!lidos visto que
do contrC!rio
o recadastramento fica inviC!vel.Caso o recadastramento nC#o seja
realizado, seu acesso
serC! bloqueado e o desbloqueio sC3 poderC! ser realizado em sua
agC*ncia.
Em caso de dC:vidas, entrar em contato com com a Central de Atendimento,
pelo e-mail
brade...@infoemail.com.br, de segunda a sexta-feira das 07h00 C!s 20h00.

B) 2010 Banco Bradesco S.A. Todos os direitos reservados.

Re: Kernel-level pppoe

2010-08-24 Thread David Walker 
 Yeah that was my thread.

Yeah hi Andre, I noticed that after I hit send.

When your PPP drops out and comes back up have you tried killing and
restarting PF?
It might be a problem with PPP and unrelated to your pf.conf ...

Are you able to post your pf.conf?

 How can I check if scrubbing works f.e. with tcpdump?

I'm guessing you either do it manually (use tcpdump on an interface)
or use pflog output and in either case figure out exactly what your
scrubbing does (MSS, DF, etcetera) and how to evaluate it by looking
at packets.

How about having a simple ruleset, pull the plug on PPP and see what
happens. Reintroduce your MSS and try it again. Add DF and reassemble
or whatever incrementally.
Once they work, start adding your rules back in.
Of course make sure this triggers the problem with your current
ruleset before you get started.

Best wishes.

Re: another slow connection on openbsd 3.4

2010-08-24 Thread Maxim Bourmistrov 
Indeed. Solved many problems many times.

//maxim

On Aug 24, 2010, at 20:27, Kenneth R Westerback kwesterb...@rogers.com
wrote:

 On Wed, Aug 25, 2010 at 12:46:16AM +0700, Hendro Susanto wrote:
 Hi, I just read the article from

http://www.pubbs.net/201005/openbsd/14859-strangely-slow-openbsd-server-conne
ction.html

 However, my problem was just started since last week.
 The system was fine and running smoothly for more 5 years! (PF and Squid
 Cache).

 All the sudden the internet speed has been reduced by half - mine is 5Mbps
 max and it only can get 2,5Mbps.
 Have directly plugged into a laptop running Windows XP (instead of
OpenBSD)
 and the speed was fine.

 Any suggestions?
 Do you think the internet provider has changed on their side e.g autoneg
 etc?

 -hendro-

 I think I can say without fear of contradiction, interest in 3.4
 problems can only be measured by instruments sensitive enough to
 measure pixie dust. Brandished by those rare birds, OpenBSD
 Software Archeologists.

 Seriously dude, you need to upgrade if you want OpenBSD help/suggestions!!

  Ken

Joomla

2010-08-24 Thread STeve Andre' 
  Are there folks here using Joomla on OpenBSD?  If so can you email me
directly.  Thanks,  --STeve Andre'

Re: dhcp and bridge problem

2010-08-24 Thread Mikolaj Kucharski 
Thank you Stefan! Below is explanation how I should configure my
bridge(4). That was exactly my issue, dhcpd(8) was running on sis0, which
didn't had cable plugged in. Now I'm using vether(4) and all works like
a charm.

On Tue, Aug 24, 2010 at 10:55:01PM +0200, Stefan Sperling wrote:
 re http://marc.info/?l=openbsd-miscm=128260593928878w=2
 (sorry not subscribed to misc so this mail has no in-reply-to headers)
 
 I've hit the same problem some time ago.
 
 The root of the problem is related to the way network drivers call bpf(4)
 hooks. Drivers need to pass packets to bpf so that dhcpd can see them.
 Some drivers always pass packets to bpf, but some only do so if the link
 state of the interface is up. This means that with some drivers, dhcpd will
 see packets only if the interface it is listening on has a cable plugged
 into it. E.g. my net5501 soekris with dhcpd listening on vr0 could only
 serve DHCP when the vr0 interface had a cable plugged into it (so for a
 while I patched the vr driver to always call the bpf hook, but that's a
 crude workaround...)
 
 But as of 4.7, we have vether(4), which nicely solves this problem.
 Try putting your dhcpd on a vether interface, and add the vether
 interface to the bridge. Then dhcpd should see packets from all other
 bridge member interfaces just fine. You can add the router's IPs to the
 vether interface -- the other bridge ports don't need to have IP addresses.
 You can think of the vether interface as an additional port of the bridge
 which can safely be used by the machine itself.


Below my current setup which works under:

OpenBSD 4.8 (GENERIC) #136: Mon Aug 16 09:06:23 MDT 2010
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC




== /etc/hostname.bridge0 ==
description link to virtual hosts
add vether0
add sis0
add sis1
add sis2
add sis3
up

== /etc/hostname.sis0 ==
up description part of bridge0

== /etc/hostname.sis1 ==
up description part of bridge0

== /etc/hostname.sis2 ==
up description part of bridge0

== /etc/hostname.sis3 ==
up description part of bridge0

== /etc/hostname.vether0 ==
inet 192.168.110.1 255.255.255.0 NONE description part of bridge0
inet alias 192.168.3.1 255.255.255.0

== /etc/hostname.vr0 ==
dhcp description internet uplink

== /etc/hostname.vr1 ==
inet 192.168.101.1 255.255.255.0 NONE description link to net4511

== /etc/hostname.vr2 ==
inet 192.168.102.1 255.255.255.0 NONE description link to linksys

== /etc/hostname.vr3 ==
inet 192.168.103.1 255.255.255.0 NONE description link to netgear switch

# grep ^dhcpd /etc/rc.conf.local
dhcpd_flags=vr1 vr2 vr3 vether0   # enabled

-- 
best regards
q#

Ports problem

2010-08-24 Thread Warlock BSD 
Hi all! I have an Ibm Thinkpad r50e. I install OpenBSD, configure the X,
install fluxbox and other applications with pkg_add but when I try to
install unrar (its not in the pkg_add) unsing the ports the compilation
fail. I try to compilate other ports and fails again. I download the ports
from the ftp ports.tar.gz and using cvs but i cant compile the ports.
I get this error:

http://pastebin.com/mm1tp9za

A friend told me that I need to install the perl module Build.pm using:
perl -MCPAN -e 'shell'  install Build but when I do it I get other
error:  YAML not installed... http://pastebin.com/Dfbn6Myx I try to install
YAML and get other error again... When I install YAML try to install Build
again and get the 1: error. I dont know what to do. Maybe you can help
me. Thank you very much.

This is my dmesg: http://pastebin.com/zJ45BciQ

Re: Ports problem

2010-08-24 Thread Andres Genovez 
2010/8/24 Warlock BSD warlock...@gmail.com:
 Hi all! I have an Ibm Thinkpad r50e. I install OpenBSD, configure the X,
 install fluxbox and other applications with pkg_add but when I try to
 install unrar (its not in the pkg_add) unsing the ports the compilation
 fail. I try to compilate other ports and fails again. I download the ports
 from the ftp ports.tar.gz and using cvs but i cant compile the ports.
 I get this error:

 http://pastebin.com/mm1tp9za

 A friend told me that I need to install the perl module Build.pm using:
 perl -MCPAN -e 'shell'  install Build but when I do it I get other
 error:  YAML not installed... http://pastebin.com/Dfbn6Myx I try to install
 YAML and get other error again... When I install YAML try to install Build
 again and get the 1: error. I dont know what to do. Maybe you can help
 me. Thank you very much.

Hi try not to build the modules from perl from CPAN because horrible
things will happen, just take a look at precompiled packages, maybe is
there.

peace
 This is my dmesg: http://pastebin.com/zJ45BciQ





--
Atentamente

Andris Genovez Tobar / Sistemas
Elastix ECE - Linux  LPI-1 - Novell CLA - Apple ACMT
http://www.cspmsa.com
ageno...@cspmsa.com

Jabber:  bitfr...@asgard.crice.org
Comunidad: http://www.crice.org