2000 Products Onto Google Shopping for $29.95
[IMAGE] Get a Web store with 2,000 products + Publishing to Google Shopping for $29.95 per month Get a professional online store with great features and no transaction fees. Plus, you get a well designed back office management module to build your store and run your business. Get a search engine optimized Web store FastCommerce lets you build an eCommerce site with unlimited potential. A big store with 2000 products all for the low price of $29.95. There are not other fees. Get a professional webstore with your own domain, and start building your business right away. Go to: www.fastcommerce.com or call 888.598.2211 or email to sa...@fastcommerce.com This email is sent by FastCommerce, 303 Twin Dolphin Drive, Suite 600, Redwood City, CA 94065 Tel: 888-598-2211 . === eNewsletter Information You are subscribed to Fastcommerce.com newsletter with the e-mail address m...@openbsd.org. Click here to unsubscribe from this newsletter.
Error establishing ppp connection with UMTS modem mini-pci card
Hello list, I have a minipci umts modem that is reconized fine by OpenBSD (4.7-stable) but I'm unable to find the good pppd configuration to establish the configuration to my ISP. The modem is reconized as follows : umsm0 at uhub1 port 2 configuration 1 interface 0 "HP HP hs2300 HSDPA Broadband Wireless Module" rev 1.10/0.01 addr 2 ucom0 at umsm0 and ATI send : Sierra Wireless, Inc. MC8775 APP1 OK I'm using this configuration for pppd : /etc/ppp/peers/orange : /dev/cuaU0 384000 noauth noipdefault defaultroute deflate 0 bsdcomp 0 noccp noaccomp novj novjccomp lock debug kdebug 1 user "orange" connect "/usr/sbin/chat -v -f /etc/ppp/chat/orange" The content of /etc/ppp/chat/orange : ABORT BUSY ABORT 'NO CARRIER' ABORT VOICE ABORT "NO DIALTONE" "" AT OK AT+CGDCONT=1,"IP","orange.fr" OK ATDT*99***1# 'CONNECT' '\c' 'TIMEOUT' '5' In the /var/log/messages I can see these lines : Aug 24 02:51:14 fw pppd[14700]: pppd 2.3.5 started by root, uid 0 Aug 24 02:52:00 fw pppd[14700]: Connect script failed Any help appreciated :) Thanks, Claer
Re: Just upgraded firewall from 4.2-current
On Wed, Sep 29, 2010 at 6:31 AM, Henning Brauer wrote: > * Ray [2010-09-29 09:49]: > > I just upgraded a firewall from 4.2-current to 4.8-current. > > you got it all wrong. you are supposed to whine about the oh so hard > jump over the pf syntax changes. it is so hard. i read it in ze > inderwebtz, zo it muzt be true > > I think the wine comes after the upgrade. Just make sure you get the good stuff. -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=30v_g83VHK4
High Resolution Timer
Hi Guys, I need to read a performance monitoring counter (RDPMC) every 100 microseconds or so. I found a way to do this on linux using the normal getitimer library. However, the resolution of this timer in OBSD is 10 milliseconds. Do you know a way to have a higher resolution of the timer in OBSD? One way is to do a busy loop, but this is not feasible in my problem. Thanks in advance, Luis.
Re: How to use /dev/srandom
> On Wed, Sep 29, 2010 at 12:49 PM, Kevin Chadwick > wrote: > >> > And isn't srandom sometimes (very rarely!) appropriate? E.g. for > >> > generating encryption keys? > > If arandom is somehow not appropriate for generating keys, it should > be fixed. I'd be interested to hear more. For those who don't want to go read the code, the algorith on the very back end is roughly this: (a) collect entropy until there is a big enough buffer (b) fold it into the srandom buffer, eventually That is just like the past. But the front end is different. From the kernel side: (1) grab a srandom buffer and start a arc4 stream cipher on it (discarding the first bit, of course) (2) now the kernel starts taking data from this on every packet it sends, to modulate this, to modulate that, who knows. (3) lots of other subsystems get small chunks of random from the stream; deeply unpredictable when (4) on very interrupt, based on quality, the kernel injects something into (a) (5) re-seed the buffer as stated in (1) when needed Simultaneously, userland programs need random data: (i) libc does a sysctl to get a chunk from the rc4 buffer (ii) starts a arc4 buffer of it's own, in that program (iii) feeds data to the program, and re-seeds the buffer when needed The arc4 stream ciphers get new entropy when they need. But the really neat architecture here is that a single stream cipher is *unpredictably* having entropy taken out of it, by hundreds of consumers. In regular unix operating systems, there are only a few entropy consumers. In OpenBSD there are hundreds and hundreds. The entire system is full of random number readers, at every level. That is why this works so well. > > I notice arandom doesn't pause. Is arandom always better or only when > > there's enough entropy? > > It is more efficient. There is almost always enough entropy for > arandom, and if there isn't, you would have a hard time detecting > that. There is always enough. The generator will keep moving, until it has fetched too much, or too much time has gone by. Then it reseeds; though I think it fundamentally does not care if the srandom buffer it feeds from is full or not.
Re: How to use /dev/srandom
> On Wed, Sep 29, 2010 at 11:39 AM, Theo de Raadt w= > rote: > >> Independent of other problems, I don't think you should be using > >> srandom. =A0We should just take that interface away, people see it and > >> then they want to use it, but it doesn't work the way they want. > > > > Taking it away would first require an extensive audit of the ports > > tree -- to make sure that the applications in there don't end up > > choosing something even *worse* than srandom... > > I was just going to make it a symlink to arandom. :) Ah! That's a good idea.
Re: How to use /dev/srandom
On Wed, Sep 29, 2010 at 11:39 AM, Theo de Raadt wrote: >> Independent of other problems, I don't think you should be using >> srandom. We should just take that interface away, people see it and >> then they want to use it, but it doesn't work the way they want. > > Taking it away would first require an extensive audit of the ports > tree -- to make sure that the applications in there don't end up > choosing something even *worse* than srandom... I was just going to make it a symlink to arandom. :)
Re: How to use /dev/srandom
On Wed, Sep 29, 2010 at 12:49 PM, Kevin Chadwick wrote: >> > And isn't srandom sometimes (very rarely!) appropriate? E.g. for >> > generating encryption keys? If arandom is somehow not appropriate for generating keys, it should be fixed. I'd be interested to hear more. > I notice arandom doesn't pause. Is arandom always better or only when > there's enough entropy? It is more efficient. There is almost always enough entropy for arandom, and if there isn't, you would have a hard time detecting that.
Re: How to use /dev/srandom
On Wed, 29 Sep 2010 10:02:16 -0600 Theo de Raadt wrote: > > And isn't srandom sometimes (very rarely!) appropriate? E.g. for > > generating encryption keys? > > hell no! > > srandom is definately worse than the arc4random generator. > > oh, but linux people told you it was the best. I get it. > I notice arandom doesn't pause. Is arandom always better or only when there's enough entropy?
Re: Very long delay between username/password entry
Received several helpful responses, was a DNS issue (the boxes were configured with DNS servers prior to being shipped to another location, DNS was no longer valid which was causing the delay). Thanks for the help!
Re: How to use /dev/srandom
> On Wed, Sep 29, 2010 at 09:39:06AM -0600, Theo de Raadt wrote: > > > On Wed, Sep 29, 2010 at 9:57 AM, Simon Perreault > > > wrote: > > > > I'm trying to use /dev/srandom, but I can't get even a single byte out > > > > of it. > > > > > > Independent of other problems, I don't think you should be using > > > srandom. We should just take that interface away, people see it and > > > then they want to use it, but it doesn't work the way they want. > > > > Taking it away would first require an extensive audit of the ports > > tree -- to make sure that the applications in there don't end up > > choosing something even *worse* than srandom... > > And isn't srandom sometimes (very rarely!) appropriate? E.g. for > generating encryption keys? hell no! srandom is definately worse than the arc4random generator. oh, but linux people told you it was the best. I get it.
Very long delay between username/password entry
I've recently setup a few new OpenBSD 4.7 servers inside vmware virtual machines, and have noticed a weird behavior on some of them. When logging on through SSH, the "login as" entry comes up immediately, but after I put in a username and hit enter there is a very long delay before it will ask for or let me input a password. I haven't timed it but conservative estimate would be like 15-20 seconds. It can actually make the login process difficult, because it only gives me a few seconds after the password entry finally appears before it drops the connection. Any thoughts on why this might be happening? I've done some searching but failed to find anything, and am not really sure where to even begin looking at this problem. Of the 3 boxes I setup, one works normally and 2 are experiencing this problem. It happens every single time when connecting to either box (on different vmware hosts esxi hosts). The only configuration done after the fresh install is to configure the networking (ip, gateway, dns).
Re: How to use /dev/srandom
On Wed, Sep 29, 2010 at 09:39:06AM -0600, Theo de Raadt wrote: > > On Wed, Sep 29, 2010 at 9:57 AM, Simon Perreault > > wrote: > > > I'm trying to use /dev/srandom, but I can't get even a single byte out > > > of it. > > > > Independent of other problems, I don't think you should be using > > srandom. We should just take that interface away, people see it and > > then they want to use it, but it doesn't work the way they want. > > Taking it away would first require an extensive audit of the ports > tree -- to make sure that the applications in there don't end up > choosing something even *worse* than srandom... And isn't srandom sometimes (very rarely!) appropriate? E.g. for generating encryption keys? Joachim
Re: How to use /dev/srandom
> On Wed, Sep 29, 2010 at 9:57 AM, Simon Perreault > wrote: > > I'm trying to use /dev/srandom, but I can't get even a single byte out > > of it. > > Independent of other problems, I don't think you should be using > srandom. We should just take that interface away, people see it and > then they want to use it, but it doesn't work the way they want. Taking it away would first require an extensive audit of the ports tree -- to make sure that the applications in there don't end up choosing something even *worse* than srandom...
Re: How to use /dev/srandom
On Wed, Sep 29, 2010 at 9:57 AM, Simon Perreault wrote: > I'm trying to use /dev/srandom, but I can't get even a single byte out > of it. Independent of other problems, I don't think you should be using srandom. We should just take that interface away, people see it and then they want to use it, but it doesn't work the way they want.
Re: How to use /dev/srandom
On 2010-09-29 10:49, Theo de Raadt wrote:
> Perhaps a posix weenie can look into making hexdump use setvbuf and
> adjusting the read requirements for fread() when the length (-n
> argument) is specified as being short of the blocksize.
How about this weenie?
Index: display.c
===
RCS file: /cvs/src/usr.bin/hexdump/display.c,v
retrieving revision 1.18
diff -u -p -r1.18 display.c
--- display.c 27 Oct 2009 23:59:39 - 1.18
+++ display.c 29 Sep 2010 15:03:11 -
@@ -300,6 +300,8 @@ next(char **argv)
++_argv;
continue;
}
+ if (length > 0 && length < BUFSIZ)
+ setvbuf(stdin, NULL, _IONBF, 0);
statok = done = 1;
} else {
if (done++)
--
NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca
STUN/TURN server--> http://numb.viagenie.ca
vCard 4.0 --> http://www.vcarddav.org
Re: OpenBSD on DELL R310
I have booted on a R310 and it went fine, I did not do any raid-related things, just checked that ethernet and disks were found and so on. Den 29 september 2010 15:31 skrev Bjvrn Sandell : > Hi, > > Is anyone running OpenBSD on a DELL R310? With a H200 raid controller? Any > issues? > > Thanks, > -- > Bjvrn Sandell > > -- To our sweethearts and wives. May they never meet. -- 19th century toast
Re: How to use /dev/srandom
> > it is hanging because: > > > > 23208 hexdump CALL read(0,0x81ffc000,0x1) > > > > It is trying to read too much. A whole buffer, into stdio. > > > > So it empties the pool it can have, and then has to wait for more. > > eventually it does get data, and print 1 char. > > Thanks! I was using the much slower "add printf()s" debugging method... > > > I am susprised that hexdump doesn't decide to read less based on the -n > > argument. > > Me too! > > Thanks a lot for your help, that fixes my issue. Perhaps a posix weenie can look into making hexdump use setvbuf and adjusting the read requirements for fread() when the length (-n argument) is specified as being short of the blocksize.
Re: How to use /dev/srandom
On Wed, Sep 29, 2010 at 09:57:53AM -0400, Simon Perreault wrote: > I'm trying to use /dev/srandom, but I can't get even a single byte out > of it. > > $ hexdump -n 1 /dev/srandom > > It just hangs there, sleeping. If I use /dev/urandom instead, it returns > immediately, as expected: > > $ hexdump -n 1 /dev/urandom > 000 0069 > 001 > > I tried on various routers that have been forwarding packets since > forever. I waited a "long time" for the read to succeed. I tried on > OpenBSD 4.3 and 4.6. Am I doing something wrong? Using hexdump(1), apparently - "dd if=/dev/srandom bs=1 count=1 | hexdump" works just fine. You may want to sendbug this one. Joachim -- TFMotD: string2key (8) - map a password into a key http://www.joachimschipper.nl/
Re: How to use /dev/srandom
On 2010-09-29 10:36, Theo de Raadt wrote: > it is hanging because: > > 23208 hexdump CALL read(0,0x81ffc000,0x1) > > It is trying to read too much. A whole buffer, into stdio. > > So it empties the pool it can have, and then has to wait for more. > eventually it does get data, and print 1 char. Thanks! I was using the much slower "add printf()s" debugging method... > I am susprised that hexdump doesn't decide to read less based on the -n > argument. Me too! Thanks a lot for your help, that fixes my issue. Simon -- NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca STUN/TURN server--> http://numb.viagenie.ca vCard 4.0 --> http://www.vcarddav.org
Re: How to use /dev/srandom
it is hanging because: 23208 hexdump CALL read(0,0x81ffc000,0x1) It is trying to read too much. A whole buffer, into stdio. So it empties the pool it can have, and then has to wait for more. eventually it does get data, and print 1 char. I am susprised that hexdump doesn't decide to read less based on the -n argument.
How to use /dev/srandom
Hello, I'm trying to use /dev/srandom, but I can't get even a single byte out of it. To reproduce: $ hexdump -n 1 /dev/srandom It just hangs there, sleeping. If I use /dev/urandom instead, it returns immediately, as expected: $ hexdump -n 1 /dev/urandom 000 0069 001 I tried on various routers that have been forwarding packets since forever. I waited a "long time" for the read to succeed. I tried on OpenBSD 4.3 and 4.6. Am I doing something wrong? Thanks, Simon -- NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca STUN/TURN server--> http://numb.viagenie.ca vCard 4.0 --> http://www.vcarddav.org
OpenBSD on DELL R310
Hi, Is anyone running OpenBSD on a DELL R310? With a H200 raid controller? Any issues? Thanks, -- Bjvrn Sandell
pf.conf manual missing
Hello, Is there any special reason that web manuals lack pf.conf man pages for 4.7? 4.6 and current looks ok. Mitja
Re: snmpd reports the wrong IfIndex/IP association
sorry, I push the send button accidently. NET-SNMP version: 5.4.2.1 Web: http://www.net-snmp.org/ Email: net-snmp-cod...@lists.sourceforge.net I didnt make changes during snmpd is running, I also reboot the server. maybe someone have a idea? regard, Tom > Hi, > > I try to query the interfaces on my OpenBSD firewall. > But I get a wrong IfIndex/IP association: > > IF-MIB::ifDescr.1 = STRING: lo0 > IF-MIB::ifDescr.2 = STRING: em0 > IF-MIB::ifDescr.3 = STRING: em1 > IF-MIB::ifDescr.4 = STRING: em2 > IF-MIB::ifDescr.5 = STRING: em3 > IF-MIB::ifDescr.6 = STRING: enc0 > IF-MIB::ifDescr.7 = STRING: pfsync0 > IF-MIB::ifDescr.8 = STRING: pflog0 > IF-MIB::ifDescr.9 = STRING: carp0 > IF-MIB::ifDescr.10 = STRING: carp1 > IF-MIB::ifDescr.11 = STRING: carp2 > > > IP-MIB::ipAdEntIfIndex.10.100.102.235 = INTEGER: 1 > IP-MIB::ipAdEntIfIndex.172.16.0.235 = INTEGER: 2 > IP-MIB::ipAdEntIfIndex.172.16.1.235 = INTEGER: 3 > IP-MIB::ipAdEntIfIndex.192.168.56.1 = INTEGER: 4 > IP-MIB::ipAdEntIfIndex.127.0.0.1 = INTEGER: 6 > IP-MIB::ipAdEntIfIndex.10.100.102.239 = INTEGER: 7 > IP-MIB::ipAdEntIfIndex.172.16.0.239 = INTEGER: 8 > IP-MIB::ipAdEntIfIndex.172.16.1.239 = INTEGER: 9
snmpd reports the wrong IfIndex/IP association
Hi, I try to query the interfaces on my OpenBSD firewall. But I get a wrong IfIndex/IP association: IF-MIB::ifDescr.1 = STRING: lo0 IF-MIB::ifDescr.2 = STRING: em0 IF-MIB::ifDescr.3 = STRING: em1 IF-MIB::ifDescr.4 = STRING: em2 IF-MIB::ifDescr.5 = STRING: em3 IF-MIB::ifDescr.6 = STRING: enc0 IF-MIB::ifDescr.7 = STRING: pfsync0 IF-MIB::ifDescr.8 = STRING: pflog0 IF-MIB::ifDescr.9 = STRING: carp0 IF-MIB::ifDescr.10 = STRING: carp1 IF-MIB::ifDescr.11 = STRING: carp2 IP-MIB::ipAdEntIfIndex.10.100.102.235 = INTEGER: 1 IP-MIB::ipAdEntIfIndex.172.16.0.235 = INTEGER: 2 IP-MIB::ipAdEntIfIndex.172.16.1.235 = INTEGER: 3 IP-MIB::ipAdEntIfIndex.192.168.56.1 = INTEGER: 4 IP-MIB::ipAdEntIfIndex.127.0.0.1 = INTEGER: 6 IP-MIB::ipAdEntIfIndex.10.100.102.239 = INTEGER: 7 IP-MIB::ipAdEntIfIndex.172.16.0.239 = INTEGER: 8 IP-MIB::ipAdEntIfIndex.172.16.1.239 = INTEGER: 9 [demime 1.01d removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
Re: Just upgraded firewall from 4.2-current
* Ray [2010-09-29 09:49]: > I just upgraded a firewall from 4.2-current to 4.8-current. you got it all wrong. you are supposed to whine about the oh so hard jump over the pf syntax changes. it is so hard. i read it in ze inderwebtz, zo it muzt be true -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: netatalk causes panic
* Bryan Irvine [2010-09-26 01:21]: > I'm running a custom kernel (because it's required). The only change > I made was uncommenting the following line. > > option NETATALK# AppleTalk my condolences. I can't wait to delete that shit. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: Kernel Panic immediately after boot with CARP
* Steve W [2010-09-26 18:46]: > login: panic: pool_do_get(mcl2k): free list modified: page 0xd68bc000;; item > addr 0xd68bc800; offset 0x0=0x2d304436 sigh. use-after-free (most likely, at least) somewhere. unlikely to be carp itself. might be re (wild guess). -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Just upgraded firewall from 4.2-current
Thanks to nick@ and ajacoutot@, I just upgraded a firewall from 4.2-current to 4.8-current. Didn't have access to the console, did it all remotely by untarring, rebooting, praying, and running sysmerge. Couldn't have done it without the FAQ and sysmerge. You guys rock! -Ray-
