Re: 4.8-stable bsd.rd hangs on boot

[Karl O. Pinc]

On 11/15/2010 06:35:38 PM, Nick Holland wrote:
> On 11/15/10 15:54, Karl O. Pinc wrote:

> > I've an old HP Vectra, with 64MB RAM.  When I try to upgrade
> > from 4.7 to 4.8 the bsd.rd hangs --

> >
> > Where should I go from here?
>
> try a snapshot, or do a "remote" upgrade (which doesn't use bsd.rd).
>
> As I recall, 4.8 bsd works just fine on Pentium I machines, but
> bsd.rd
> does not.  Only impacts Pentium I machines, not 486 (unless you put a
> "Pentium Overdrive" chip in it), not PII.

The "remote" upgrade option worked.  Thanks!

FYI, the Nov 14 bsd.rd snapshot boots as well.

> > The 4.8 bsd.rd serial port boot output:
> > --

> > OpenBSD 4.8-stable (RAMDISK_CD) #0: Sat Nov 13 01:56:19 CST 2010
> > k...@forge.meme.com:/usr/src/sys/arch/i386/compile/RAMDISK_CD
> > cpu0: Intel Pentium (P54C) ("GenuineIntel" 586-class) 100 MHz
> ... (gotta love dmesgs!) ...

:)



Karl 
Free Software:  "You don't pay back, you pay forward."
 -- Robert A. Heinlein

Re: OpenBSD-capable, fanless, diskful computer with ECC RAM

[Marko Kraljevic]

On Fri, Oct 29, 2010 at 6:14 PM, Damien Miller  wrote:
> Hi,
>
> Can anyone recommend a small, fanless computer that will accept a HD (perhaps
> a 2.5" drive) that uses ECC RAM? Needless to say, it must run OpenBSD.
>
> Being 64 bit, having accellerated crypto and/or supporting multiple drives
> would be bonus points, but are not required.
>
> -d
>
>

I've seen various mini ITX boards around, with the ~1GHz VIA chips
(that happen to have some sort of hardware RNG).
No idea about ECC though.

There are similar boards using laptop CPUs around. Not so cheap.
Usually embedded in some sort of machine control application, but you
can find used pulled ones fairly cheap on occasion. You'd have to make
a box for it though, of course.

Re: HP Mini 5102 with networking ?

[Kevin Lo]

On Mon, 2010-11-15 at 11:35 -0800, Frans Haarman wrote:
> Does anybody have a hp min 5102 with networking ?
> 
> I managed to install 4.8 amd on a usbdisk (using qemu, on windows7, *sigh*).
>  It boots, and works fine, just missing
> networking support.   I managed to boot i386 bsd.rd, and snapshots bsd.rd
> but both claim [vlan0] is the way to go.

It seems like the wired network is a SysKonnect Yukon2. 
Could you try this diff? Thanks.

Index: if_msk.c
===
RCS file: /cvs/src/sys/dev/pci/if_msk.c,v
retrieving revision 1.90
diff -u -p -r1.90 if_msk.c
--- if_msk.c20 Sep 2010 07:40:38 -  1.90
+++ if_msk.c16 Nov 2010 02:34:36 -
@@ -208,6 +208,7 @@ const struct pci_matchid mskc_devices[] 
{ PCI_VENDOR_MARVELL,   PCI_PRODUCT_MARVELL_YUKON_8056 },
{ PCI_VENDOR_MARVELL,   PCI_PRODUCT_MARVELL_YUKON_8057 },
{ PCI_VENDOR_MARVELL,   PCI_PRODUCT_MARVELL_YUKON_8058 },
+   { PCI_VENDOR_MARVELL,   PCI_PRODUCT_MARVELL_YUKON_8059 },
{ PCI_VENDOR_MARVELL,   PCI_PRODUCT_MARVELL_YUKON_8061CU },
{ PCI_VENDOR_MARVELL,   PCI_PRODUCT_MARVELL_YUKON_8061X },
{ PCI_VENDOR_MARVELL,   PCI_PRODUCT_MARVELL_YUKON_8062CU },

Re: HP Mini 5102 with networking ?

[Frans Haarman]

2010/11/15 Andres Perera 

> On Mon, Nov 15, 2010 at 3:05 PM, Frans Haarman 
> wrote:
> > Does anybody have a hp min 5102 with networking ?
> >
> > I managed to install 4.8 amd on a usbdisk (using qemu, on windows7,
> *sigh*).
> >  It boots, and works fine, just missing
> > networking support.   I managed to boot i386 bsd.rd, and snapshots bsd.rd
> > but both claim [vlan0] is the way to go.
> >
> > OpenBSD 4.8 (GENERIC) #182: Mon Aug 16 09:02:40 MDT 2010
> >dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
> > RTC BIOS diagnostic error
> > bf
>
> mine also can't give a battery usage estimate, not even in linux
>
> 
>
> > vendor "Broadcom", unknown product 0x4353 (class network subclass
> > miscellaneous, rev 0x01) at pci1 dev 0 function 0 not configured
>
> would be interesting if you say what type of network card is it
>
> i have a similar HP mini but it uses ral and re
>

I've been advised to use a usb wifi device for the time being. The broadcom
chipset is unsupported as of yet.

Re: HP Mini 5102 with networking ?

[Andres Perera]

On Mon, Nov 15, 2010 at 3:05 PM, Frans Haarman 
wrote:
> Does anybody have a hp min 5102 with networking ?
>
> I managed to install 4.8 amd on a usbdisk (using qemu, on windows7,
*sigh*).
> B It boots, and works fine, just missing
> networking support. B  I managed to boot i386 bsd.rd, and snapshots bsd.rd
> but both claim [vlan0] is the way to go.
>
> OpenBSD 4.8 (GENERIC) #182: Mon Aug 16 09:02:40 MDT 2010
> B  B dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
> RTC BIOS diagnostic error
> bf

mine also can't give a battery usage estimate, not even in linux



> vendor "Broadcom", unknown product 0x4353 (class network subclass
> miscellaneous, rev 0x01) at pci1 dev 0 function 0 not configured

would be interesting if you say what type of network card is it

i have a similar HP mini but it uses ral and re

VLAN Tagging problem Intel D945GCLF / Realtek 8101E

[Simon Slaytor]

Hey Folks,

I've been pulling my hair out on this one for a little while now, I have 
a 4.7 AMD64 release firewall based around an Intel D945GCLF using the 
on-board 8101E based Realtek Nic which is connected to a Netgear 
FSM726v1 L2 Managed switch.


I've been trying to configure the Firewall/Switch to run multiple .1q 
vlans over the single interface without any luck. Configs listed below. 
So in a fit of desperation I pulled out an old Nokia IP440, installed 
4.8 i386 release and configured up the 'same' vlan interface, the Nokia 
uses the dc nic driver. In this configuration with this device the 
tagging works!


Both devices where plugged into the same port on the switch, the 
configuration of which wasn't changed.


So my question is this, is the problem with 4.7AMD64 the Realtek Nic or 
the Intel D945GCLF board? Given the teething problems of BSD of the 
Intel board I suspect its this but thought I'd try and save myself the 
time in re-installing etc if someone in the know could point out whats 
fubar'd.


Cheers guys, 4.8 yet another fantastic release ;)

Simon

Non working D945GCLF

# cat /etc/hostname.re0
up

# cat /etc/hostname.vlan11
inet 11.0.0.199 255.255.255.0 11.0.0.255 vlan 11 vlandev re0

Working Nokia IP440

# cat /etc/hostname.dc0
up

# cat /etc/hostname.vlan11
inet 11.0.0.199 255.255.255.0 11.0.0.255 vlan 11 vlandev dc0

Switch Config (FSM726 firmware 2.6.5):

interface Ethernet 1/1
 cos normal
 description Not Defined
 no shutdown
 speed 100
 duplex full
 flow-ctrl
 negotiation auto
 broadcast-rate 3000
 dot1x port-control authorized
 no mac-lockdown
 no switchport access vlan 1
 switchport access vlan tagged 11
 switchport access native 11
 no mirror
 spanning-tree port-priority 128
 spanning-tree cost 19
 spanning-tree fastlink
 exit

Intel Board:

OpenBSD 4.7 (GENERIC) #112: Wed Mar 17 20:43:49 MDT 2010
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 2135109632 (2036MB)
avail mem = 2068836352 (1972MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe3590 (23 entries)
bios0: vendor Intel Corp. version "LF94510J.86A.0038.2008.0427.2223" 
date 04/27/2008

bios0: Intel Corporation D945GCLF
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC WDDT MCFG ASF!
acpi0: wakeup devices SLPB(S4) P32_(S4) UAR1(S4) UAR2(S4) PEX0(S4) 
PEX1(S4) PEX2(S4) PEX3(S4) PEX4(S4) PEX5(S4) UHC1(S3) UHC2(S3) UHC3(S3) 
UHC4(S3) EHCI(S3) AC9M(S4) AZAL(S4)

acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) CPU 230 @ 1.60GHz, 1596.34 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CX16,xTPR,NXE,LONG

cpu0: 512KB 64b/line 16-way L2 cache
cpu0: apic clock running at 133MHz
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 4 (P32_)
acpiprt2 at acpi0: bus 1 (PEX0)
acpiprt3 at acpi0: bus -1 (PEX1)
acpiprt4 at acpi0: bus 2 (PEX2)
acpiprt5 at acpi0: bus 3 (PEX3)
acpiprt6 at acpi0: bus -1 (PEX4)
acpiprt7 at acpi0: bus -1 (PEX5)
acpicpu0 at acpi0
acpibtn0 at acpi0: SLPB
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82945G Host" rev 0x02
vga1 at pci0 dev 2 function 0 "Intel 82945G Video" rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0x8000, size 0x1000
inteldrm0 at vga1: apic 2 int 16 (irq 11)
drm0 at inteldrm0
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01: apic 2 int 
17 (irq 255)

pci1 at ppb0 bus 1
re0 at pci1 dev 0 function 0 "Realtek 8101E" rev 0x02: RTL8102EL 
(0x2480), apic 2 int 16 (irq 11), address 00:1c:c0:45:3e:65

rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1
ppb1 at pci0 dev 28 function 2 "Intel 82801GB PCIE" rev 0x01: apic 2 int 
18 (irq 255)

pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 3 "Intel 82801GB PCIE" rev 0x01: apic 2 int 
19 (irq 255)

pci3 at ppb2 bus 3
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: apic 2 int 
23 (irq 9)
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x01: apic 2 int 
19 (irq 10)
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: apic 2 int 
18 (irq 11)
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x01: apic 2 int 
16 (irq 11)
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01: apic 2 int 
23 (irq 9)

usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb3 at pci0 dev 30 function 0 "Intel 82801BA Hub-to-PCI" rev 0xe1
pci4 at ppb3 bus 4
pcib0 at pci0 dev 31 function 0 "Intel 82801GB LPC" rev 0x01
pciide0 at pci0 dev 31 function 2 "Intel 82801GB SATA" rev 0x01: DMA, 
channel 0 configured to native-PCI, channel 1 configured to native-PCI

pciide0: using apic 2 int 19 (irq 10

Re: 4.8-stable bsd.rd hangs on boot

[Nick Holland]

On 11/15/10 15:54, Karl O. Pinc wrote:
> Hi,
> 
> I've an old HP Vectra, with 64MB RAM.  When I try to upgrade
> from 4.7 to 4.8 the bsd.rd hangs -- the boot
> sequence gets as far as "softraid0 at root"
> and then stops.  There is no response to
> ctrl-alt-del and the system must be power
> cycled.
> 
> Appended is the output from a serial console
> booting 4.8 bsd.rd and the dmesg from a regular
> 4.7 boot.  (The output below is from my rebuild
> of bsd.rd from the latest in cvs, booting off
> the hard drive.  I get the same behavior when
> booting from a purchased 4.8 cd.)
> 
> Where should I go from here?

try a snapshot, or do a "remote" upgrade (which doesn't use bsd.rd).

As I recall, 4.8 bsd works just fine on Pentium I machines, but bsd.rd
does not.  Only impacts Pentium I machines, not 486 (unless you put a
"Pentium Overdrive" chip in it), not PII.

Nick.

> Thanks.
> 
> The 4.8 bsd.rd serial port boot output:
> --
>>> OpenBSD/i386 BOOT 3.02
> boot> bsd.rd
> booting hd0a:bsd.rd: 5869116+942776 [61+224832+212939]=0x6ea0dc
> entry point at 0x200120
> 
> Copyright (c) 1982, 1986, 1989, 1991, 1993
> The Regents of the University of California.  All rights
> reserved.
> Copyright (c) 1995-2010 OpenBSD. All rights reserved.  http://
> www.OpenBSD.org
> 
> OpenBSD 4.8-stable (RAMDISK_CD) #0: Sat Nov 13 01:56:19 CST 2010
> k...@forge.meme.com:/usr/src/sys/arch/i386/compile/RAMDISK_CD
> cpu0: Intel Pentium (P54C) ("GenuineIntel" 586-class) 100 MHz
... (gotta love dmesgs!) ...

Please confirm subscription to eTradeChannel.net's newsletter! (Action required)

[etradechannel]

Dear Valued Subscriber,

Please confirm your subcription to eTradeChannel.net by clicking the
click below.

Confirm Subscription

Confirmation is needed in order to protect you from receiving unwanted
email. If you do not confirm, your email address will not be added to the
subscription.

Thank you.

Yours sincerely,
eTradeChannel.net

Update Contact / Profile | Unsubscribe

[IMAGE]

eTradeChannel.net
Flat O, 10/F, International Industrial Ctr, 2-8 Kwei Tei St., Fo
Tan,,Shatin,Hong Kong
Telo<852-27998002  Faxo<   Websiteo<

4.8-stable bsd.rd hangs on boot

[Karl O. Pinc]

Hi,

I've an old HP Vectra, with 64MB RAM.  When I try to upgrade
from 4.7 to 4.8 the bsd.rd hangs -- the boot
sequence gets as far as "softraid0 at root"
and then stops.  There is no response to
ctrl-alt-del and the system must be power
cycled.

Appended is the output from a serial console
booting 4.8 bsd.rd and the dmesg from a regular
4.7 boot.  (The output below is from my rebuild
of bsd.rd from the latest in cvs, booting off
the hard drive.  I get the same behavior when
booting from a purchased 4.8 cd.)

Where should I go from here?

Thanks.

The 4.8 bsd.rd serial port boot output:
--
>> OpenBSD/i386 BOOT 3.02
boot> bsd.rd
booting hd0a:bsd.rd: 5869116+942776 [61+224832+212939]=0x6ea0dc
entry point at 0x200120

Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights
reserved.
Copyright (c) 1995-2010 OpenBSD. All rights reserved.  http://
www.OpenBSD.org

OpenBSD 4.8-stable (RAMDISK_CD) #0: Sat Nov 13 01:56:19 CST 2010
k...@forge.meme.com:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: Intel Pentium (P54C) ("GenuineIntel" 586-class) 100 MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8
real mem  = 66678784 (63MB)
avail mem = 58777600 (56MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 06/27/97, BIOS32 rev. 0 @ 0xf849d
apm0 at bios0: Power Management spec V1.1
apm0: APM power management enable: unrecognized device ID (9)
pcibios0 at bios0: rev 2.1 @ 0xf83b0/0x920
pcibios0: PCI BIOS has 5 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 9
pcibios0: PCI Interrupt Router at 000:15:0 ("Intel 82371FB ISA" rev
0x00)
pcibios0: PCI bus #0 is the last bus
bios0: ROM list: 0xc/0x8000
cpu0 at mainbus0: (uniprocessor)
cpu0: F00F bug workaround installed
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82437FX" rev 0x02
rl0 at pci0 dev 7 function 0 "Realtek 8139" rev 0x10: irq 9, address
00:50:fc:4e:9b:5b
rlphy0 at rl0 phy 0: RTL internal PHY
vga1 at pci0 dev 13 function 0 "S3 Trio32/64" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
pcib0 at pci0 dev 15 function 0 "Intel 82371FB ISA" rev 0x02
pciide0 at pci0 dev 15 function 1 "Intel 82371FB IDE" rev 0x02: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA, 1222MB, 2503872 sectors
wd0(pciide0:0:0): using PIO mode 4, DMA mode 2
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
wdc_atapi_intr: warning: reading only 0 of 18 bytes
wdc_atapi_intr: warning: reading only 0 of 36 bytes
wdc_atapi_intr: warning: reading only 0 of 18 bytes
cd0 at scsibus0 targ 0 lun 0:  ATAPI 5/
cdrom removable
cd0(pciide0:1:0): using PIO mode 3
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask fde5 netmask ffe5 ttymask 
rd0: fixed, 3800 blocks
softraid0 at root

--


4.7 dmesg output
--
$ dmesg
OpenBSD 4.7-stable (GENERIC) #55: Mon Nov  8 03:16:58 CST 2010
k...@forge.meme.com:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium (P54C) ("GenuineIntel" 586-class) 100 MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8
real mem  = 66678784 (63MB)
avail mem = 54943744 (52MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 06/27/97, BIOS32 rev. 0 @ 0xf849d
apm0 at bios0: Power Management spec V1.1 (BIOS management disabled)
apm0: APM power management enable: unrecognized device ID (9)
apm0: AC on, battery charge unknown
pcibios0 at bios0: rev 2.1 @ 0xf83b0/0x920
pcibios0: PCI BIOS has 5 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 9
pcibios0: PCI Interrupt Router at 000:15:0 ("Intel 82371FB ISA" rev
0x00)
pcibios0: PCI bus #0 is the last bus
bios0: ROM list: 0xc/0x8000
cpu0 at mainbus0: (uniprocessor)
cpu0: F00F bug workaround installed
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82437FX" rev 0x02
rl0 at pci0 dev 7 function 0 "Realtek 8139" rev 0x10: irq 9, address
00:50:fc:4e:9b:5b
rlphy0 at rl0 phy 0: RTL internal PHY
vga1 at pci0 dev 13 function 0 "S3 Trio32/64" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 15 function 0 "Intel 82371FB ISA" rev 0x02
pciide0 at pci0 dev 15 function 1 "Intel 82371FB IDE" rev 0x02: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA, 1222MB, 2503872 sectors
wd0(pciide0:0:0): us

Re: bgplgsh via telnet

[Max Clark]

Andy,

This is perfect thank you - I'm ended up using the following in the
daemontools supervise script:

#!/bin/sh
exec 2>&1
exec envuidgid rviews tcpserver -vDRHl0 0 23 ptyrun /usr/bin/bgplgsh

Two more questions for you:

- is it possible to set a timeout on the tcpserver/ptyrun/bgplgsh
program? I want the server to disconnect the remote user after 30
seconds of inactivity.

- tcpserver has a -B option to display a banner - this seems to need
to be inline with the tcpserver execution. Do you know of a way to
include an external file? Or even better is there a way to have
ptyrun/bgplgsh display the motd?

Thanks,
Max


On Sat, Nov 13, 2010 at 10:25 AM, Andy Bradford
 wrote:
> Thus said Max Clark on Sat, 13 Nov 2010 07:54:00 PST:
>
>> I've  experimented  with  tcpserver  from the  ucspi  package  without
>> success. How  do I  give access  to the  bgplgsh application  only via
>> telnet?
>
> Probably because  you are missing a  tty. If you also  install ptyget[1]
> you might be able to accomplish it with something like:
>
> tcpserver -v 0 1234 ptyrun /usr/bin/login -f -u bgplg bgplg
>
> or maybe:
>
> tcpserver -u `id -u bgplg` -g `id -g bgplg` -v 0 1234 ptyrun
/usr/bin/bgplgsh
>
> Andy
>
> [1] http://cr.yp.to/software/ptyget-0.50.tar.gz

Re: OpenBSD-capable, fanless, diskful computer with ECC RAM

[Kami Petersen]

Damien Miller skrev 2010-10-30 02.14:

Hi,

Can anyone recommend a small, fanless computer that will accept a HD (perhaps
a 2.5" drive) that uses ECC RAM? Needless to say, it must run OpenBSD.

Being 64 bit, having accellerated crypto and/or supporting multiple drives
would be bonus points, but are not required.


Although I've got no experience with it, the VIA ART-3000 might take 
ECC: according to Wikipedia the Via Nano CPU supports it, however I 
can't find anything official on that.


I'd be interested to hear back if anyone tries this system, as it looks 
impressive.


/Kami

HP Mini 5102 with networking ?

[Frans Haarman]

Does anybody have a hp min 5102 with networking ?

I managed to install 4.8 amd on a usbdisk (using qemu, on windows7, *sigh*).
 It boots, and works fine, just missing
networking support.   I managed to boot i386 bsd.rd, and snapshots bsd.rd
but both claim [vlan0] is the way to go.

OpenBSD 4.8 (GENERIC) #182: Mon Aug 16 09:02:40 MDT 2010
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
RTC BIOS diagnostic error
bf
real mem = 1057562624 (1008MB)
avail mem = 1015611392 (968MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0x3e815000 (22 entries)
bios0: vendor Hewlett-Packard version "68PGU Ver. F.06" date 05/25/2010
bios0: Hewlett-Packard HP Mini 5102
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET APIC MCFG ASF! SSDT SLIC SSDT SSDT
acpi0: wakeup devices HDEF(S3) RP01(S5) WNIC(S5) RP04(S5) NIC_(S5) USB1(S3)
USB2(S3) USB3(S3) USB4(S3) EHC1(S3) PCIB(S5) HST1(S5)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) CPU N450 @ 1.66GHz, 1662.81 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG
cpu0: 512KB 64b/line 8-way L2 cache
cpu0: apic clock running at 166MHz
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 1
acpiprt0 at acpi0: bus -1 (PEGP)
acpiprt1 at acpi0: bus 1 (RP01)
acpiprt2 at acpi0: bus 2 (RP03)
acpiprt3 at acpi0: bus 67 (RP04)
acpiprt4 at acpi0: bus 68 (PCIB)
acpiprt5 at acpi0: bus 0 (PCI0)
acpiec0 at acpi0
acpicpu0 at acpi0: C3, C2, C1, PSS
acpipwrres0 at acpi0: APPR
acpipwrres1 at acpi0: COMP
acpipwrres2 at acpi0: LPP_
acpipwrres3 at acpi0: PFN0
acpipwrres4 at acpi0: PFN1
acpipwrres5 at acpi0: PFN2
acpipwrres6 at acpi0: PFN3
acpipwrres7 at acpi0: PFN4
acpitz0 at acpi0: critical temperature 105 degC
acpitz1 at acpi0: critical temperature 103 degC
acpitz2 at acpi0: critical temperature 78 degC
acpitz3 at acpi0: critical temperature 103 degC
acpitz4 at acpi0: critical temperature 110 degC
acpibat0 at acpi0: BAT0 model "Primary" serial 10707 2010/07/21 type LIon
oem "Hewlett-Packard"
acpibat1 at acpi0: BAT1 not present
acpiac0 at acpi0: AC unit offline
acpibtn0 at acpi0: SLPB
acpibtn1 at acpi0: LID_
acpivideo0 at acpi0: DGFX
acpivideo1 at acpi0: GFX0
acpivout0 at acpivideo1: DD02
cpu0: Enhanced SpeedStep 1662 MHz: speeds: 1666, 1333, 1000 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Pineview DMI" rev 0x00
vga1 at pci0 dev 2 function 0 "Intel Pineview Video" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0x4000, size 0x1000
inteldrm0 at vga1: apic 1 int 16 (irq 10)
drm0 at inteldrm0
"Intel Pineview Video" rev 0x00 at pci0 dev 2 function 1 not configured
azalia0 at pci0 dev 27 function 0 "Intel 82801GB HD Audio" rev 0x02: apic 1
int 19 (irq 11)
azalia0: codecs: IDT 92HD75B1/2
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x02: apic 1 int 16
(irq 10)
pci1 at ppb0 bus 1
vendor "Broadcom", unknown product 0x4353 (class network subclass
miscellaneous, rev 0x01) at pci1 dev 0 function 0 not configured
ppb1 at pci0 dev 28 function 2 "Intel 82801GB PCIE" rev 0x02: apic 1 int 18
(irq 10)
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 3 "Intel 82801GB PCIE" rev 0x02: apic 1 int 19
(irq 11)
pci3 at ppb2 bus 67
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x02: apic 1 int 20
(irq 10)
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x02: apic 1 int 22
(irq 10)
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x02: apic 1 int 18
(irq 10)
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x02: apic 1 int 19
(irq 11)
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x02: apic 1 int 20
(irq 10)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb3 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xe2
pci4 at ppb3 bus 68
pcib0 at pci0 dev 31 function 0 "Intel Tigerpoint LPC" rev 0x02
ahci0 at pci0 dev 31 function 2 "Intel 82801GR AHCI" rev 0x02: apic 1 int 22
(irq 10), AHCI 1.1
ahci0: PHY offline on port 1
scsibus0 at ahci0: 32 targets
sd0 at scsibus0 targ 0 lun 0:  SCSI3 0/direct
fixed
sd0: 238475MB, 512 bytes/sec, 488397168 sec total
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x

Re: Seeking inexpensive RAID 1 hardware recommendation

[m...@mdaniel.de]

> mpi/mpii cards that do IR/IS or IM should do RAID 1 just fine and are
> supported by bioctl.B  You just have to purchase the card carefully
> and make sure it has one of those acronyms.
Thanks for the info. This will make it easier to find the right cards
I don't want to appear lazy but finding the actual products is quite
hard because most shops/vendors do not supply chipset iformation.
So any furher information about actual models would be appreciated.

> A bit more expensive would be mfi but those are well supported.
Noted.
B 
> What I don't know much about but is cheap are the areca cards.B  Some
> people swear by them; I simply haven't used them so I have no opinion.
The areca cards look very good and are quite inexpensive when compared to
other similar cards but they are way more expensive than e.g. mpi cards
and a battery backup module for the builtin cache would also be needed.
They would be my first choice for Raid cards that can do more than Raid1.

Today's pkg_add -u broke my Thunar on xfce

[Paolo Aglialoro]

thanks dude :)

anyway, after recompiling old version, to see if all deps were ok,
downloaded one breaks ./configure with following error:

"no iconv() implementation found in C library or libiconv"

even though libiconv-1.13p2 is installed and even if I install
p5-Text-Iconv-1.7p0
What am I missing?



On Mon, Nov 15, 2010 at 6:06 PM, Remi Pointel  wrote:

> On Mon, 15 Nov 2010 17:58:49 +0100
> Paolo Aglialoro  wrote:
> > Great to know :
> > On servers there's still 2.26p1, though.
> > Where did you get 2.26.1 from?
> > thanks
>
> in ports... : http://openports.se/devel/glib2
>
> Cheers,
>
> Remi.

Fattura BancoPosta

[Bancopostaonline BPOL]

Sicurezza dei dati personali

Abbiamo recentemente esaminato il suo account, e abbiamo il sospetto di
una transazione non autorizzata sul proprio conto.
Proteggere il suo account h la nostra principale preoccupazione. Come
misura preventiva, abbiamo temporaneamente limitato l'accesso alle
informazioni sensibili.

BancoPosta caratteristiche.
Al fine di garantire che il vostro account non h compromesso, h
sufficiente fare clic "Centro risoluzioni" per confermare la tua ident`
di membro BancoPosta.

Nota: non rispondere a questa e-mail. Eventuali informazioni sono
disponibili sul sito.

Codice identificativo: 062201-672-17080015
Poste Italiane S.p.A. 2010

Poste Italiane

Autorizzazione: Climatizzazione & Riscaldamento

[stefano.lorusso]

Egregio Signore, Gentile signora

Con la presente e  nel rispetto della vigente normativa in materia di
privacy, richiedo lbautorizzazione allbinvio di depliant in formato
elettronico contenenti documentazione informativa e ns offerte inerenti
ai seguenti argomenti:
SarC  inviato materiale informativo via mail solo ed esclusivamente a
coloro che espressamente lo richiederanno dando l'autorizzazione.

1) Climatizzazione e riscaldamento per ambienti domestici

2) Climatizzazione e riscaldamento per ambienti lavorativi (negozi, show
rooms, ecc...)

3) Climatizzazione e riscaldamento per ambienti commerciali e industriali
(negozi, magazzini, laboratori e capannoni

Se fosse interessato prema il tasto "rispondi" dal suo programma di posta
elettronica, esprimendo con poche parole la sua volontC  (es. sono
d'accordo sull'invio, ok, va bene)
ricordandosi di specificare l'argomento di suo interesse e aggiungendo le
informazioni che ritenesse necessarie, in modo da ricevere via mail, una
brochure informativa e ns. offerte a riguardo.

Puo' richiedere gratuitamente e senza impegno un sopralluogo termotecnico
gratuito non impegnativo

In attesa di un vs. gradito riscontro porgo distinti saluti

Idroclima
Responsabile tecnico commerciale
Stefano Lorusso 3939852228

Re: Seeking inexpensive RAID 1 hardware recommendation

[Marco Peereboom]

mpi/mpii cards that do IR/IS or IM should do RAID 1 just fine and are
supported by bioctl.  You just have to purchase the card carefully and
make sure it has one of those acronyms.

A bit more expensive would be mfi but those are well supported.

What I don't know much about but is cheap are the areca cards.  Some
people swear by them; I simply haven't used them so I have no opinion.

On Mon, Nov 15, 2010 at 06:30:18PM +0100, m...@mdaniel.de wrote:
> I have a hard time finding a RAID1 capable controller that is well
> supported via bioctl, available, and not too expensive.
> Is there e.g. a nice mpi or mpii card that can be controlled via bioctl?
> The man page only mentions that some mpi cards offer Raid1. Of course
> it doesn't have to be a mpi card.
> This PCI-e card would be used with Sata disks on the i386 architecture
> (OpenBSD 4.8).
> 
> Thanks.
> 
> Background:
> ---
> I could do /var on softraid together with altroot but I seek the
> convenience of RAID1 to be able to select when to reboot in case
> of disk failure.
> I am fully aware that RAID is no backup concept and that now the
> controller becomes a single point of failure.
> Maybe the controller that you recommend will have the additional
> benefit of allowing me to attach a disk to a standard Sata controller
> in case of RAID controller failure? Otherwise I am prepared to order
> two identical controllers to mitigate this problem.
> 
> Please feel free to point out any error in my thinking and don't hesitate
> to mention if I should implement a different set up.
> It is probably unavoidable that my desire for cheap raid hardware will
> not be met with unconditional approval ;-)
> 
> Cheers,
> 
> Marcus

Seeking inexpensive RAID 1 hardware recommendation

[m...@mdaniel.de]

I have a hard time finding a RAID1 capable controller that is well
supported via bioctl, available, and not too expensive.
Is there e.g. a nice mpi or mpii card that can be controlled via bioctl?
The man page only mentions that some mpi cards offer Raid1. Of course
it doesn't have to be a mpi card.
This PCI-e card would be used with Sata disks on the i386 architecture
(OpenBSD 4.8).

Thanks.

Background:
---
I could do /var on softraid together with altroot but I seek the
convenience of RAID1 to be able to select when to reboot in case
of disk failure.
I am fully aware that RAID is no backup concept and that now the
controller becomes a single point of failure.
Maybe the controller that you recommend will have the additional
benefit of allowing me to attach a disk to a standard Sata controller
in case of RAID controller failure? Otherwise I am prepared to order
two identical controllers to mitigate this problem.

Please feel free to point out any error in my thinking and don't hesitate
to mention if I should implement a different set up.
It is probably unavoidable that my desire for cheap raid hardware will
not be met with unconditional approval ;-)

Cheers,

Marcus

Re: ldapd and self-signed certificate

[Joel Carnat]

-Message initial-
@:  Joel Carnat ;
Cc: Philip Guenther ; misc@openbsd.org;
De: Martin Hedenfalk 
Envoyi: lun. 15-11-2010 11:44
Sujet:  Re: ldapd and self-signed certificate
> 15 nov 2010 kl. 00.01 skrev Joel Carnat:
>
> > -Message initial-
> > @:  Joel Carnat ;
> > Cc: misc@openbsd.org;
> > De: Philip Guenther 
> > Envoyi: dim. 14-11-2010 02:25
> > Sujet:  Re: ldapd and self-signed certificate
> >> On Sat, Nov 13, 2010 at 12:02 PM, Joel Carnat  wrote:
> >>> I want to use LDAP to store postfix, apache and dovecot users.
> >>> This sounds a quite simple need so I plan to use the native ldapd.
> >> ...
> >>> Then I created a self-signed certificate in /etc/ldap/ using directions
> > from
> >>> starttls(8).
> >>> The ldapd starts and listens to ldap and ldaps ports.
> >>> But when I run: # ldapmodify -x -H ldaps://ldapd.tumfatig.local -D
> >>> "cn=admin,dc=tumfatig,dc=local" -W -f /tmp/tumfatig
> >>> I get: "additional info: error:14090086:SSL
> >>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed"
> >>> The ldapd (in debug mode) says: "SSL library error: ssl_session_accept:
> >>> error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca"
> >>>
> >>> Can I use ldapd with self-signed certificate ?
> >>> Did I miss a step ?
> >>
> >> There are two aspects to verifying a cert:
> >> 1) does it have a valid signature?
> >> 2) is the CA that signed this trustable at all?
> >>
> >> The point of this is to know whether you can trust the contents of the
> >> cert so that you're protected from Man-in-the-Middle attacks.  If you
> >> accepted any self-signed cert then anyone could generate a cert that
> >> claimed to be your server, then splice your TCP connection and snoop
> >> and modify all your data.
> >>
> >> So, you need some way to know which certs to trust; that's where #1
> >> and #2 come in.  #1 validates that this cert can be traced back to a
> >> particular CA, while #2 is where you decide whether that CA is okay.
> >> #1 is done automatically by the OpenSSL code; #2 is done by putting
> >> all the CAs you want to trust in location(s) that OpenSSL checks.
> >>
> >> For a self-signed cert, step #1 is basically trivial, while #2 is done
> >> by either putting a link to the cert in /etc/ssl/certs/ with a name
> >> that's derived from a hash of the cert's subject, or adding the cert
> >> itself to /etc/ssl/cert.pem.  The latter is easy but you may find it
> >> cluttered.  To do the former, do something like:
> >>cert_file=/absolute/path/to/the/cert.pem
> >>ln -s $cert_file /etc/ssl/certs/`openssl x509 -noout -in
> >> $cert_file -subject_hash`.0
> >>
> >> Note that /etc/ssl/cert* are the default trust paths for practically
> >> all openssl-based apps, so a cert added there will be trusted for lots
> >> of things.  If you don't like that idea then you'll need to look at
> >> how to set the CA paths for the apps you want to trust that cert.
> >> That's fairly specific to the involved app.  starttls(8) describes the
> >> settings for sendmail, ldap.conf(5) describes it for the OpenLDAP
> >> libldap and clients, etc.
> >>
> >>
> >> Philip Guenther
> >>
> >
> > Thank you for this detailed explanation.
> >
> > For the moment, I just testing things in a "closed" environment.
> > This is why I used self-signed certificates. In a "real" environment, I
> > would go with certificates signed by publicly known CA.
> >
> > I did try creating /etc/ssl/certs and linking my self-signed certificates
> > as you describe. But that doesn't seem to work neither.
> >
> > I also took one of my certificates, signed by a publicly know CA but I
> > still got the same message... I checked the certificate and it contains
> > the path to the CA.
> >
> > But I still get the "tlsv1 alert unknown ca" error :(
>
> As Philip pointed out, you can specify the trusted CA certificate (or the
> certificate itself in case of self-signed certs) as specified in
ldap.conf(5),
> provided you are using OpenLDAP.
>
> Try this in you ~/ldaprc:
> TLS_CACERT /path/to/ldapd.crt
>
>   -martin
>

That worked, thanks.

In fact, the self-signed certificate I generated had a weird expire date.
Now, having the certificate copied in /etc/ssl/certs/ and referenced in
/etc/openldap/ldap.conf enables the SSL connection.

Thanks a lot guys!

Venha conhecer - Recall automotivos

[Auto-Motivos]

Se vocj nco esta conseguindo ver o contezdo deste email acesse a versco
alternativa.

informativo 03

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

Re: dot.forward in OpenBSD smtpd

[Gilles Chehade]

On 11/15/10 17:23, Grzegorz Mrzyglod wrote:

hi all,
i would like to know if the dot.forward file syntax ''\user'' is
supported in the recent release.
i read some explanation on OpenBSD Journal but they are from 2008
http://undeadly.org/cgi?action=article&sid=20081203183856&pid=25
   


Hi,

In theory it should but you should really try it out to make sure.

Aliases and .forward files are broken, they work for the very basic cases
but will not work correctly otherwise. They are *very high* in my list of
things to rewrite as they have not evolved that much despite many changes
in smtpd...

Gilles

dot.forward in OpenBSD smtpd

[Grzegorz Mrzyglod]

hi all,
i would like to know if the dot.forward file syntax ''\user'' is
supported in the recent release.
i read some explanation on OpenBSD Journal but they are from 2008
http://undeadly.org/cgi?action=article&sid=20081203183856&pid=25

-- 
Greg M

Re: net.inet.tcp sysctl's

[Claudio Jeker]

On Mon, Nov 15, 2010 at 02:14:26AM +1300, Ben Aitchison wrote:
> On Sat, Nov 06, 2010 at 03:47:54PM +0100, Claudio Jeker wrote:
> > On Sat, Nov 06, 2010 at 02:13:46PM +0100, Jan Stary wrote:
> > > For some time now, I have been using the following sysctl's
> > > mentioned in FAQ 6.6.4, which sped up my network traffic
> > > considerably:
> > > 
> > > net.inet.tcp.recvspace
> > > net.inet.tcp.sendspace
> > > net.inet.udp.recvspace
> > > net.inet.udp.sendspace
> > > 
> > > Now that I have reinstalled with current/amd64, the tcp ones
> > > seem to have disappeared (while the udp ones are still there).
> > > 
> > > Am I missing something?
> > > 
> > 
> > No. The TCP ones are gone, enjoy fast downloads without pushing buttons.
> > The automatic TCP windowscaling in -current makes the global tcp.recvspace
> > and tcp.sendspace superfluous.
> 
> 
> I've found that receiving traffic from Linux hosts with timestamps turned
> off has decreased in performance with the new window scaling.  Is this because
> the RTT cannot be determined.  Or an oversight?

Yes, we need timestamps to be able to figure out the RTT. The current
receive window scaling algorithm is built that way.
 
> The thing is in general timestamps don't seem to improve things a lot, and 
> take
> up an extra 12 bytes if you're otherwise not using TCP options.

Timestamps are needed for PAWS and are needed for high speed TCP
connections. Embrace the 12 extra bytes, they will not hurt you.
 
> I was doing tcpdumps etc, and found that basically the window size doesn't 
> raise
> above 16k like the old default.  But in general I've been setting TCP window 
> size
> manually for a long time.

Yes, if the timestamps are not available the window will not scale. Again
this is a limitation of the current implementation and I'm happy if
someone comes up with a version that does not rely on timestamps.

> I also noticed that now OpenBSD seems to be faster at sending data than Linux 
> to
> my home ADSL link from a closeish connection. :)
> 
> Also I was wondering if making the initial cwnd window size be tunable as been
> taken into consideration.  As well as being able to run-time tune the maximum
> window size above 256k. (or below)

Bigger initial window sizes is something that we should think about.
Currently the default is to send up to around 3 packets. Or to be more
precise OpenBSD uses RFC 3390 by default (sysctl net.inet.tcp.rfc3390).

There is some discussion to increase the initial window even more, which
is nice for systems connected to a high speed line but it may cause
queuing issues on slower links (gprsi/edge, slow ADSL lines, etc) where
the router suddenly needs to hold a lot more packages to manage this
initial burst (from probably multiple sessions).

But be assured that if I change the initial window size or maximum socket
buffer size then I will probably remove some more knobs to fiddle with.
Letting users push buttons based on bad blog entries they found on the
internet is a sign of developers taking no responsibility for their code. 
 
> I poked around in the source a little.  And I noticed that I could tune 
> maximum
> window size up to 1024k and could change the minimum window size up.  But I 
> am at
> a loss to understand if it's possible to use > 64k window size on hosts 
> without
> timestamps (because I saw the window size set being advertised directly 
> before it
> is known whether there was window scaling or not) and whether memory pressure
> could lead to issues from bigger buffers.  ie does something else have to be
> raised assuming one has sufficient memory and bandwidth/latency.

For now we keep the old limit of 256k maximum socket buffer size. The
increased memory consumption because of the bigger socket buffers is
something that may run systems out of memory and so we decided to keep the
current value until the effect of windowscaling are known.
While it may be OK for a workstation to have huge socket buffers it is
most probably causing issues on servers.

Yes, OpenBSD could scale way more aggressive and be more instable because
of this but I prefer a reliable and working system.

> In my own testing I noticed a speed jump from 14 to 31 megabit going from a 
> 256k
> to 1024k maximum window size.  Which to me seems significant.  

Sure you can increase the maximum socket buffer size but by doing so you
void your warranty :).

-- 
:wq Claudio

24grammata e-Magazine (Language - History - Culture)

[24grammata]

24N3O
,Nhttp://www.24grammata.com/>

/NN;N5N:OO
N?N=N9N:L ON5O
N9N?N4N9N:L N3N9N1 ON7 *N*N;NOON1,
ON7N= *N*OON?O
/N1 N:N1N9 ON?N= *N *N?N;N9ON9ONN7 ON7O N5N2N4N?N<,N4N1O* *N1OL ON1 **24N3O
,Nhttp://www.24grammata.com/>
**: *N N9OON?O
/N1 ON7O N;-N>N7O *N'N?MN=ON1O *(N:N1N9 N7
N5OONN7 junta (OO
N?O. bN9N?MN=ON1b > OON1 N5N;N;.
bON?MN=ON1b ) ON7NN9N:LON7NN9N?ON5O
/N5O
N3N7 N:N1N9 N5N=ON5N;NO OOON1/N1 N5/N=N1N9 N7
N5OONN7O N'N?MN=ON1O NN7 *OOLN=ON1* (OON?N=O,O
O  , OON?N=O,O
N9ONhttp://24grammata.com/>

*/NN9N4N9N:L N1ON9-O
ON-N3N5O
ON7 ON?O
N N?N;OON5ON=N5/N?O N:N1N9 ON?N= N1N=ON9N4N9N:ON1ON?O
N9N:L
N1N3NN=N1 (1967-1974)./*

*/31 ,O
N8O
N1 OON9O 3 OO
NON5O ON5N;/N4N5O/*

1. *ON5N9 N=LN7NN1N=N4O
N?O N N1N=N1N3N?MN;N7O *

5. *NN;-N:N?O** N N1N=N1N3N?MN;N7O: -N=N1O .O
O N1O *

6. *N#OMO
N?O NN?OOON1N:N;.O: -N=N1O ,N3N=O  OON?O .O
O   N1O
(/OO   O, N3N9N1O/ N4N5N= .ON1N= N:N?N (N? N?N4N7N3LO ON?O
ON1N=N: ON?O N N?N;OON5ON=N5/N?O) *

13. *NO,O
N?O: OLON?O N5N>N?O
/N1O N1OL ON7N=
N1O
ON1N9LON7ON1 *

14. *N N9OON?O
/N1 ON?O N:ON7O
/N?O ON7O NN4N?M
NON?ONN9N:N?O.NN?O
/N1 O   O ON?N;N9ON9N:. N:N1ON1OON?N;. OON?N=
N5N;N;N7N=N9N:L 20N? N1N9NN=N1*

24. *N$N1 N5N= NN8N7N=N1N9O N:N?N;N1OO.O
N9N1 ON7O N'N?MN=ON1O
*

25. *N ON?N;N9ON9ONN7 ON7O
N5N2N4N?N<,N4N1Ob/* N1N;N;, N:N1N9 ,N;N;N1 N5N=N4N9N1O-O
N?N=ON1
,O
N8O
N1 OON7 N4N9N5MN8ON=ON7 *www**.24**grammata**.**com*

. NON?O
N5/ON5 N=N1 N5N3N3O
N1ON5/ON5 N3N9N1 N=N1
N5N=N7Nhttp://24grammata.com/?page_id=6
. NN= N4N5N= N5ON9N8ONmailto:unsubscr...@24grammata.com>
 NN7 ON1N=OLO
N4N9N:N1N9NNN7 N1OL ON1 24N3O
N1N

Re: My pf.conf and an nmap scan

[Henning Brauer]

* Kevin Chadwick  [2010-11-14 17:43]:
> I'd say drop mode saves some resources in case of dos

no. if the attack is doen using the stack of the atacking host(s),
sending the damn RAT back will ave you ressources.

> I don't see timeouts for users connecting to the wrong place
> as a big problem at all, though the messages may help them
> very occasionally.

uh, no, there is much more to that. 

> I wonder whether a labrea/stutter type option for pf would be cool in
> some cases?

i wonder wether people do some research before posting to misc.
hmm. no. not really.

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting

Re: RAL(4) together with RT28XX chipset - recurring problem

[Stuart Henderson]

On 2010-11-15, Ing. Alexander Kr??ek  wrote:
> On Fri, 2010-11-12 at 21:38 +, Stuart Henderson wrote:
>> On 2010-11-12, David Coppa  wrote:
>> > On Fri, Nov 12, 2010 at 4:52 PM, stolendata.net
>> > wrote:
>> >> I've been using the RAL(4) driver and a wifi card with the RT2561
>> >> chipset (Linksys WMP54g) for a few years as my wifi access point, and
>> >> have had no problems at all. Recently I switched to an 802.11n card
>> >> with RT2860 chipset (Edimax EW-7728in) in hopes of getting some higher
>> >> transfer speeds to my server storage, only to find out that OpenBSD's
>> >> 802.11 stack doesn't have any 11n functionality at all and thusly runs
>> >> as 11g only. Since I switched to using the RT2860 chipset, first on
>> >> obsd 4.3 and currently on 4.8, I've started to experience a recurring
>> >> problem: every now and then, after disconnecting a machine from the
>> >> access point, RAL(4) will refuse further connections from that machine
>> >> (I'm not sure if it depends on the IP of the client or its MAC address
>> >> etc.), resulting in only getting a "connection timed out" when trying
>> >> to associate with the AP, until I down/up the RAL(4) interface or
>> >> simply "restart" it using /etc/netstart.
>> >>
>> >> Any ideas? Anyone seen this with before with RAL(4) and/or the RT2860
>> >> family? I'm currently netstart'ing the interface every 24 hours via
>> >> cron to solve the problem, but it feels like jumping through hoops, so
>> >> to speak - this is after all a bug of some sort.
>> >
>> > Yes, it's a known problem with table of associated clients not being
>> > refreshed properly in our 802.11 stack.
>> > For what I know, some dev should be working on fixing it...
>> >
>> > ciao,
>> > david
>> >
>> >
>> 
>> hmm. well, the fact that this didn't happen with RT2561 is interesting...
>> 
>
> Well, it did happen on RT2561 to me (-current, compiled all system every
> 1-3 weeks) every now and then (in variable interval from one day to
> several days), till about 1-2 months ago.
> So, for RT2561 it seems (to me) to be fixed, after all.

ah, interesting... in that case, "stolendata.net" whoever you are, 
try pulling sys/net80211/ieee80211_ioctl.c up to -current and see if
that helps at all.

Re: ldapd and self-signed certificate

[Martin Hedenfalk]

15 nov 2010 kl. 00.01 skrev Joel Carnat:

> -Message initial-
> @:Joel Carnat ;
> Cc:   misc@openbsd.org;
> De:   Philip Guenther 
> Envoyi:   dim. 14-11-2010 02:25
> Sujet:Re: ldapd and self-signed certificate
>> On Sat, Nov 13, 2010 at 12:02 PM, Joel Carnat  wrote:
>>> I want to use LDAP to store postfix, apache and dovecot users.
>>> This sounds a quite simple need so I plan to use the native ldapd.
>> ...
>>> Then I created a self-signed certificate in /etc/ldap/ using directions
> from
>>> starttls(8).
>>> The ldapd starts and listens to ldap and ldaps ports.
>>> But when I run: # ldapmodify -x -H ldaps://ldapd.tumfatig.local -D
>>> "cn=admin,dc=tumfatig,dc=local" -W -f /tmp/tumfatig
>>> I get: "additional info: error:14090086:SSL
>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed"
>>> The ldapd (in debug mode) says: "SSL library error: ssl_session_accept:
>>> error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca"
>>>
>>> Can I use ldapd with self-signed certificate ?
>>> Did I miss a step ?
>>
>> There are two aspects to verifying a cert:
>> 1) does it have a valid signature?
>> 2) is the CA that signed this trustable at all?
>>
>> The point of this is to know whether you can trust the contents of the
>> cert so that you're protected from Man-in-the-Middle attacks.  If you
>> accepted any self-signed cert then anyone could generate a cert that
>> claimed to be your server, then splice your TCP connection and snoop
>> and modify all your data.
>>
>> So, you need some way to know which certs to trust; that's where #1
>> and #2 come in.  #1 validates that this cert can be traced back to a
>> particular CA, while #2 is where you decide whether that CA is okay.
>> #1 is done automatically by the OpenSSL code; #2 is done by putting
>> all the CAs you want to trust in location(s) that OpenSSL checks.
>>
>> For a self-signed cert, step #1 is basically trivial, while #2 is done
>> by either putting a link to the cert in /etc/ssl/certs/ with a name
>> that's derived from a hash of the cert's subject, or adding the cert
>> itself to /etc/ssl/cert.pem.  The latter is easy but you may find it
>> cluttered.  To do the former, do something like:
>>cert_file=/absolute/path/to/the/cert.pem
>>ln -s $cert_file /etc/ssl/certs/`openssl x509 -noout -in
>> $cert_file -subject_hash`.0
>>
>> Note that /etc/ssl/cert* are the default trust paths for practically
>> all openssl-based apps, so a cert added there will be trusted for lots
>> of things.  If you don't like that idea then you'll need to look at
>> how to set the CA paths for the apps you want to trust that cert.
>> That's fairly specific to the involved app.  starttls(8) describes the
>> settings for sendmail, ldap.conf(5) describes it for the OpenLDAP
>> libldap and clients, etc.
>>
>>
>> Philip Guenther
>>
>
> Thank you for this detailed explanation.
>
> For the moment, I just testing things in a "closed" environment.
> This is why I used self-signed certificates. In a "real" environment, I
> would go with certificates signed by publicly known CA.
>
> I did try creating /etc/ssl/certs and linking my self-signed certificates
> as you describe. But that doesn't seem to work neither.
>
> I also took one of my certificates, signed by a publicly know CA but I
> still got the same message... I checked the certificate and it contains
> the path to the CA.
>
> But I still get the "tlsv1 alert unknown ca" error :(

As Philip pointed out, you can specify the trusted CA certificate (or the
certificate itself in case of self-signed certs) as specified in ldap.conf(5),
provided you are using OpenLDAP.

Try this in you ~/ldaprc:
TLS_CACERT /path/to/ldapd.crt

-martin

Re: RAL(4) together with RT28XX chipset - recurring problem

[Ing. Alexander]

On Fri, 2010-11-12 at 21:38 +, Stuart Henderson wrote:
> On 2010-11-12, David Coppa  wrote:
> > On Fri, Nov 12, 2010 at 4:52 PM, stolendata.net
> > wrote:
> >> I've been using the RAL(4) driver and a wifi card with the RT2561
> >> chipset (Linksys WMP54g) for a few years as my wifi access point, and
> >> have had no problems at all. Recently I switched to an 802.11n card
> >> with RT2860 chipset (Edimax EW-7728in) in hopes of getting some higher
> >> transfer speeds to my server storage, only to find out that OpenBSD's
> >> 802.11 stack doesn't have any 11n functionality at all and thusly runs
> >> as 11g only. Since I switched to using the RT2860 chipset, first on
> >> obsd 4.3 and currently on 4.8, I've started to experience a recurring
> >> problem: every now and then, after disconnecting a machine from the
> >> access point, RAL(4) will refuse further connections from that machine
> >> (I'm not sure if it depends on the IP of the client or its MAC address
> >> etc.), resulting in only getting a "connection timed out" when trying
> >> to associate with the AP, until I down/up the RAL(4) interface or
> >> simply "restart" it using /etc/netstart.
> >>
> >> Any ideas? Anyone seen this with before with RAL(4) and/or the RT2860
> >> family? I'm currently netstart'ing the interface every 24 hours via
> >> cron to solve the problem, but it feels like jumping through hoops, so
> >> to speak - this is after all a bug of some sort.
> >
> > Yes, it's a known problem with table of associated clients not being
> > refreshed properly in our 802.11 stack.
> > For what I know, some dev should be working on fixing it...
> >
> > ciao,
> > david
> >
> >
> 
> hmm. well, the fact that this didn't happen with RT2561 is interesting...
> 

Well, it did happen on RT2561 to me (-current, compiled all system every
1-3 weeks) every now and then (in variable interval from one day to
several days), till about 1-2 months ago.
So, for RT2561 it seems (to me) to be fixed, after all.

PC Engines Alix 2D13 (http://www.pcengines.ch/alix2d13.htm)
Tonze PC-620C (miniPCI 802.11b/g)

ral0 at pci0 dev 12 function 0 "Ralink RT2561S" rev 0x00: irq 9, address
00:17:b7:30:41:ab
ral0: MAC/BBP RT2561C, RF RT2527

ral0:
flags=28943 mtu
1500
lladdr 00:17:b7:30:41:ab
priority: 4
groups: wlan
media: IEEE802.11 autoselect mode 11g hostap
status: active
ieee80211: nwid *** chan 7 bssid 00:17:b7:30:41:ab wpakey 0x***
wpaprotos wpa1,wpa2 wpaakms psk wpaciphers ccmp wpagroupcipher ccmp
100dBm
inet ...


Alexander

Write Apt and Accurate English

[binson]

Scroll
Write Apt And Accurate English

Dear friends,
The LCCI Certificate in English for Business Level 2 programme Is designed to
equip participants with the skills in writing, using formats that are current
and common in business communication.


Objectives
Write apt and accurate English suited to the stated purpose - Write business
correspondence in a clear and concise manner- Adopt the tone, form, layout,
content, and composition apppropriate to the requirement of a given situation
-Effectively resolve problems through writing.

Course Outline
Writing Skills:
Write with appropriate level of clarity, relevance, economy, logic, accuracy
and professionalism- Adopting the right style of wrting- Write busines
communication in a variety of forms including : a memo,a notice,a leafleft, a
letter and an ariticle- Obtaining and providing information- Choice of words-
Adopting the right tone- Omit irrelevant information- Expand, reduce, rewrite
and reassemble elements of text for a requested purpose.

Language:
Misunderstanding in written communications- Grammer- Vocabulary building-
Verb,  Phrasal verb, Tense- Conjunctions, Articles, Pronuncs, Propositions,
Punctuation.

Handling Different Situation:
Passive and active voice- Practive on voices (greeting, parting and polite
phrases)-Moods; sentence combination- Useful expression- Dialogue using
correct sentence combination- How to give information to enhance service

Resolving Problems using Logic Words
Logicwords-to add ideas, show causes, results, sequence and to conclude-
Practice on logic words-The 7 Step Plan.

Administrative Details

Start date: 30.11.2010
   End date: 01.03.2011
Day/Time:Tuesday / 7pm to 10pm
Course duration:13 sessions ( 1 session per week )
Training venue :to be advised
   Course fee with SDF funding is $250 or $90 only
For enquiry or registration:Binson  @ 91783929



Attention !!! Attention!!
Course Fee excludes exam fee of $135 and textbook of $25
SDF Funding is for Singapore Citizen and Singapore Permanent Resident only
Fee without SDF funding: $530
Fee with Enhance SDF Funding: $90 ( those above aged 40,and with education
level of GCE 'A' and below )
Fee with Normal SDF Funding: $250 ( those not under Enhance SDF funding )

Organised by EDU TRAINING RESOURCES PTE.LTD
Address : 40C Hongkong Street .Singapore 059679
Email: bin...@edutrainingresources.com.sg




 -


If you no longer wish to receive our emails, you may unsubcribe
EDU TRAINING RESOURCES PTE.LTD

email: bin...@edutrainingresources.com.sg