4.8 fail boot
Hello, after boot on my DL360 G3 2Gb ram, hp array i5 (2x36gb mirroring) with new 4.8 the boot blocked on: npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 rd0: fixed, 3800 block softraid0 at root end . NO error, no other info... 4.6 boot regulary...
Re: 4.8 fail boot
On Tue, Nov 23, 2010 at 12:33:41PM +0100, fabioFVZ wrote: > Hello, > after boot on my DL360 G3 2Gb ram, hp array i5 (2x36gb mirroring) > with new 4.8 the boot blocked on: > > npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 > rd0: fixed, 3800 block > softraid0 at root > > > end . > > NO error, no other info... > > 4.6 boot regulary... > 4.6 to 4.8 is a long time. Does 4.7 boot? Does a -current snapshot? How about the usual information about the box? Without some clues you will get no help. http://openbsd.org/report.html Ken
Re: 4.8 fail boot
Plug serial cable and get some info. > Date: Tue, 23 Nov 2010 12:33:41 +0100 > From: fa...@openbeer.it > To: misc@openbsd.org > Subject: 4.8 fail boot > > Hello, > after boot on my DL360 G3 2Gb ram, hp array i5 (2x36gb mirroring) > with new 4.8 the boot blocked on: > > npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 > rd0: fixed, 3800 block > softraid0 at root > > > end . > > NO error, no other info... > > 4.6 boot regulary...
Apache (base) and proxy_module
I'm running an application with a web-interface behind an Apache reverse proxy (from base). As this application is on the same host as Apache it is running on another port (8080 instead of 80). Unfortunately Apache sends back the wrong Host-Header. After carefully checking the CVS-log for a bit of inspiration I found that a similar problem was solved almost nine months ago [1]. When returning to an older revision (1.19.2.1) of proxy_http.c my problems were gone. After carefully looking at the code I think I have found a solution for the former problem as well as my problem. # diff -u proxy_http.c.orig proxy_http.c --- proxy_http.c.orig Tue Nov 23 12:05:25 2010 +++ proxy_http.cTue Nov 23 12:44:26 2010 @@ -367,7 +367,7 @@ AP_HOOK_DECLINE(DECLINED), &rc, r, f, desthost, destportstr, destportstr); if (rc == DECLINED) { - if (destportstr != NULL && destport != DEFAULT_HTTP_PORT) + if (destportstr != NULL || destport != DEFAULT_HTTP_PORT) ap_bvputs(f, "Host: ", desthost, ":", destportstr, CRLF, NULL); else ap_bvputs(f, "Host: ", desthost, CRLF, NULL); What do you think? [1] http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/httpd/src/modules/proxy/proxy_http.c
OT: Disadvantages of using virtual firewalls like OpenBSd
Hi all, First of all, I don't want to start a flame. I will to know your opinion about using virtual firewalls in virtual infraestructures like vmware, kvm ,xen, etc ... like OpenBSD. Advantages are very clear for me: provisioning, administration tasks, etc ... But I will to know disadvantages. What is your opinion from the point of view of security? Thanks. -- CL Martinez carlopmart {at} gmail {d0t} com
Re: Apache (base) and proxy_module
2010/11/23 BjC6rn Ketelaars : > - B B B B B if (destportstr != NULL && destport != DEFAULT_HTTP_PORT) > + B B B B B if (destportstr != NULL || destport != DEFAULT_HTTP_PORT) Your expression is always true, no sense in checking. -- Dmitrij D. Czarkoff
Re: Apache (base) and proxy_module
Sorry, I was too fast to answer. I believe it can make sense. 2010/11/23 PPP2 : > 2010/11/23 BjC6rn Ketelaars : >> - B B B B B if (destportstr != NULL && destport != DEFAULT_HTTP_PORT) >> + B B B B B if (destportstr != NULL || destport != DEFAULT_HTTP_PORT) > > Your expression is always true, no sense in checking. -- Dmitrij D. Czarkoff
Re: Linux or OpenBSD
Hi, On Sun, 24.10.2010 at 08:20:35 +0530, Siju George wrote: > On Sat, Oct 23, 2010 at 7:18 PM, Toni Mueller wrote: > > Also, Linux is better supported by hardware vendors, and/or much less > > picky about hardware than OpenBSD is. > Not always is it ? of course, my statement reflects only my experience. Which is about what you read. > I have had toswitch from Linux to OpenBSD twice just because of > hardware support. For me, it's just the other way round. But leaving that aside, I usually have a use case that can be satisfied with one XOR the other system, and so I try to adapt the hardware to the requirements wherever possible. -- Kind regards, --Toni++
Re: Linux or OpenBSD
Hi, On Sat, 23.10.2010 at 10:36:54 -0500, Marco Peereboom wrote: > On Oct 23, 2010, at 8:48, Toni Mueller wrote: > > Also, Linux is better supported by hardware vendors, and/or much less > > picky about hardware than OpenBSD is. > If you consider the garbage these vendors call drivers then sure. > > The only debate really comes down to smp and flash. nope. I regularly see hardware which is supposed to be good, and which gives no problems under Linux, which causes a lot of problems under OpenBSD. I'm just about to throw away a bunch of recent machines that worked fine with older OpenBSDs, but horribly crash with later releases, up to the point that they even refuse to boot. -- Kind regards, --Toni++
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On 11/23/2010 01:42 PM, Bret Lambert wrote: Because you're still relying on your host's network stack, you aren't actually firewalling it. Uhmm .. I am not sure about this. For example: you can configure several virtual bridges under a ESXi host and then attach them to a virtual firewall like OpenBSD. If you configure some pf rules, you are doing firewalling ... In this case you have all network stack except layer 1, correct?? -- CL Martinez carlopmart {at} gmail {d0t} com
Re: Apache (base) and proxy_module
2010/11/23 Bjvrn Ketelaars : > I'm running an application with a web-interface behind an Apache > reverse proxy (from base). As this application is on the same host as > Apache it is running on another port (8080 instead of 80). > Unfortunately Apache sends back the wrong Host-Header. After carefully > checking the CVS-log for a bit of inspiration I found that a similar > problem was solved almost nine months ago [1]. When returning to an > older revision (1.19.2.1) of proxy_http.c my problems were gone. After > carefully looking at the code I think I have found a solution for the > former problem as well as my problem. > > # diff -u proxy_http.c.orig proxy_http.c > --- proxy_http.c.orig Tue Nov 23 12:05:25 2010 > +++ proxy_http.cTue Nov 23 12:44:26 2010 > @@ -367,7 +367,7 @@ >AP_HOOK_DECLINE(DECLINED), >&rc, r, f, desthost, destportstr, destportstr); > if (rc == DECLINED) { > - if (destportstr != NULL && destport != DEFAULT_HTTP_PORT) > + if (destportstr != NULL || destport != DEFAULT_HTTP_PORT) >ap_bvputs(f, "Host: ", desthost, ":", destportstr, CRLF, NULL); >else >ap_bvputs(f, "Host: ", desthost, CRLF, NULL); > > What do you think? > > [1] http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/httpd/src/modules/proxy/pr oxy_http.c > I believe I made a mistake: destportstr != NULL => will be evaluated as true when a port is given. destport != DEFAULT_HTTP_PORT => will ALWAYS be evaluated as false because in line 118 (proxy_http.c) destport is set to DEFAULT_HTTP_PORT and never changes. What really has to be compared is the value of destportstr with destport (or DEFAULT_HTTP_PORT). So the expression should be: atoi(destportstr) != destport New diff: # diff -u proxy_http.c.orig proxy_http.c --- proxy_http.c.orig Tue Nov 23 12:05:25 2010 +++ proxy_http.cTue Nov 23 14:00:15 2010 @@ -367,7 +367,7 @@ AP_HOOK_DECLINE(DECLINED), &rc, r, f, desthost, destportstr, destportstr); if (rc == DECLINED) { - if (destportstr != NULL && destport != DEFAULT_HTTP_PORT) + if (destportstr != NULL && atoi(destportstr) != destport) ap_bvputs(f, "Host: ", desthost, ":", destportstr, CRLF, NULL); else ap_bvputs(f, "Host: ", desthost, CRLF, NULL); What do you think?
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On 11/23/2010 01:48 PM, carlopmart wrote: On 11/23/2010 01:42 PM, Bret Lambert wrote: Because you're still relying on your host's network stack, you aren't actually firewalling it. Uhmm .. I am not sure about this. For example: you can configure several virtual bridges under a ESXi host and then attach them to a virtual firewall like OpenBSD. If you configure some pf rules, you are doing firewalling ... In this case you have all network stack except layer 1, correct?? And one more thing: with latest releases of hypervisors like ESXi and KVM (I don't know about xen), you can attach physical hardware to a specific guest, like network interfaces. Then, you have all network stack asigned to a virtual machine. Where are the disadvantages in scenarios like this?? Thanks. -- CL Martinez carlopmart {at} gmail {d0t} com
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
* carlopmart [101123 08:22]: > On 11/23/2010 01:48 PM, carlopmart wrote: > >On 11/23/2010 01:42 PM, Bret Lambert wrote: > >>Because you're still relying on your host's network stack, you aren't > >>actually firewalling it. > >> > > > >Uhmm .. I am not sure about this. For example: you can configure several > >virtual > >bridges under a ESXi host and then attach them to a virtual firewall like > >OpenBSD. > >If you configure some pf rules, you are doing firewalling ... In this case > >you have > >all network stack except layer 1, correct?? > > And one more thing: with latest releases of hypervisors like ESXi > and KVM (I don't know about xen), you can attach physical hardware > to a specific guest, like network interfaces. Then, you have all > network stack asigned to a virtual machine. Where are the > disadvantages in scenarios like this?? > > Thanks. > > -- > CL Martinez > carlopmart {at} gmail {d0t} com > You're still relying on software to the right thing and protect against abuse. "attach physical hardware to a specific guest" is done via software. Do you trust that software? jim@
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On 11/23/2010 02:30 PM, Timo Schoeler wrote: thus carlopmart spake: On 11/23/2010 01:48 PM, carlopmart wrote: On 11/23/2010 01:42 PM, Bret Lambert wrote: Because you're still relying on your host's network stack, you aren't actually firewalling it. Uhmm .. I am not sure about this. For example: you can configure several virtual bridges under a ESXi host and then attach them to a virtual firewall like OpenBSD. If you configure some pf rules, you are doing firewalling ... In this case you have all network stack except layer 1, correct?? And one more thing: with latest releases of hypervisors like ESXi and KVM (I don't know about xen), you can attach physical hardware to a specific guest, like network interfaces. Then, you have all network stack asigned to a virtual machine. Where are the disadvantages in scenarios like this?? Thanks. http://kerneltrap.org/mailarchive/openbsd-misc/2007/10/24/352059 Yes, but this question is three years old and hypervisors have changed Thanks. -- CL Martinez carlopmart {at} gmail {d0t} com
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On 11/23/2010 02:33 PM, Jim Razmus wrote: * carlopmart [101123 08:22]: On 11/23/2010 01:48 PM, carlopmart wrote: On 11/23/2010 01:42 PM, Bret Lambert wrote: Because you're still relying on your host's network stack, you aren't actually firewalling it. Uhmm .. I am not sure about this. For example: you can configure several virtual bridges under a ESXi host and then attach them to a virtual firewall like OpenBSD. If you configure some pf rules, you are doing firewalling ... In this case you have all network stack except layer 1, correct?? And one more thing: with latest releases of hypervisors like ESXi and KVM (I don't know about xen), you can attach physical hardware to a specific guest, like network interfaces. Then, you have all network stack asigned to a virtual machine. Where are the disadvantages in scenarios like this?? Thanks. -- CL Martinez carlopmart {at} gmail {d0t} com You're still relying on software to the right thing and protect against abuse. "attach physical hardware to a specific guest" is done via software. Do you trust that software? jim@ Uhmm ... good point Jim. But, but one question: can you compromise this virtual firewall using a specific exploit, procedure, etc and don't do the same with a physical firewall ?? -- CL Martinez carlopmart {at} gmail {d0t} com
Re: ESXi client / NFS server performance
On 11/14/2010 1:04 PM, Steven Surdock wrote: Greetings, I'm attempting to use an OBSD 4.8-stable machine as an NFS server for storing snapshots from an ESXi 3.5 server. Unfortunately my NFS performance seems relatively poor at about 55 Mbps (6 MBps). I've found ESX performance over NFS is horrible unless you're doing async mounts or using an NFS server that "cheats" with sync mounts (like a NetApp filer where it writes to NVRAM and sends the response before it's actually on disk).
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On 11/23/10 07:38, carlopmart wrote: Hi all, First of all, I don't want to start a flame. I will to know your opinion about using virtual firewalls in virtual infraestructures like vmware, kvm ,xen, etc ... like OpenBSD. Advantages are very clear for me: provisioning, administration tasks, etc ... But I will to know disadvantages. What is your opinion from the point of view of security? Thanks. Don't. Search the archives for virtualization and you'll get some ideas about it. --STeve Andre'
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On Tue, Nov 23, 2010 at 1:38 PM, carlopmart wrote: > Hi all, > > First of all, I don't want to start a flame. I will to know your opinion > about using virtual firewalls in virtual infraestructures like vmware, kvm > ,xen, etc ... like OpenBSD. > > Advantages are very clear for me: provisioning, administration tasks, etc > ... But I will to know disadvantages. What is your opinion from the point of > view of security? Because you're still relying on your host's network stack, you aren't actually firewalling it. > > Thanks. > -- > CL Martinez > carlopmart {at} gmail {d0t} com
HP Proliant NEO N36L
Hi, This looks like a nice, small and cheap server: HP ProLiant AMD Athlon II NEO N36L http://www.newegg.com/Product/Product.aspx?Item=N82E16859105905 However, there seem to be some HP stuff in there which Im not sure is supported. Ethernet Controller Embedded NC107i PCI Express Gigabit Ethernet Server Adapter (Seems like this is a bge(4) according to this(?) http://old.nabble.com/HP-DL120-G6-with-OpenBSD--tt28315871.html#a28315871 ) Storage Controller Embedded SATA Controller with Embedded RAID (0, 1) Has anyone tried OpenBSD on one of these? Any DMESG available? In general, are the HP Proliant boxes good with OpenBSD? Regards, /Joakim
尊貴的: misc: 一Click邁向成功
Having problems viewing this email? Please click here.For enquiry, please send email to sa...@epromotion.com.hk e&g!f3i1h.d;%d8ge'e.9o<h+f f-$.e&f d;;d=f%h)"h+i;i5h3 sa...@epromotion.com.hk e&ff(d8 f3e f6e0fegd?!d;6o<h+fih#ie. Important Notice: Base on the Unsolicited Electronic Messages Ordinance, if you DO NOT want to receive any promotional email messages from us in the future, please kindly reply this e-mail for DELETION. If you would like to continue to receive our promotional email massages, you do not need to reply us.
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
OK You are right. But you know in this case your security level is not higher than virtual machine. Because your security level in complex chained system is not higher than weakest point.In fact you are accepting the risk of using virtual machine. I think in this case if your virtual machine system is not stronger than OpenBSD you should not use it. If one can exploit virtual machine he/she can hurt your platform. I think virtual systems are very very useful but they are not very good for security box. I think virtual machine is one of your assets that you should be able to protect it. because it may have many guest and provide several services for your client . For example in this senario you can not protect your network even your firewall box against DoS or DDoS attack. because your virtual machine has to get a lot of packet before your firewall. On Tue, Nov 23, 2010 at 4:47 PM, carlopmart wrote: > On 11/23/2010 01:48 PM, carlopmart wrote: > >> On 11/23/2010 01:42 PM, Bret Lambert wrote: >> >>> Because you're still relying on your host's network stack, you aren't >>> actually firewalling it. >>> >>> >> Uhmm .. I am not sure about this. For example: you can configure several >> virtual >> bridges under a ESXi host and then attach them to a virtual firewall like >> OpenBSD. >> If you configure some pf rules, you are doing firewalling ... In this case >> you have >> all network stack except layer 1, correct?? >> > > And one more thing: with latest releases of hypervisors like ESXi and KVM > (I don't know about xen), you can attach physical hardware to a specific > guest, like network interfaces. Then, you have all network stack asigned to > a virtual machine. Where are the disadvantages in scenarios like this?? > > Thanks. > > > -- > CL Martinez > carlopmart {at} gmail {d0t} com > > -- Gula_Gula =;=; BNF
Re: HP Proliant NEO N36L
Storage Controller Embedded SATA Controller with Embedded RAID (0, 1) This concerns me. Generally with RAID, it's either a known, branded raid controller that can easily be replaced, or software raid. Anything in the middle like raid on desktop motherboards I avoid for servers
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
carlopmart wrote: > Advantages are very clear for me: provisioning, administration tasks, > etc ... But I will to know disadvantages. What is your opinion from the > point of view of security? I use virtualization for many things (mainly for the productivity advantages that you list), but it has always bothered me because virtualization is pretending. In Java, for example, the VM pretends about a lot of things that are not true in the physical world. This makes it easy and convenient for programmers. The problem is that they come to believe that the pretend things are real and then make assumptions (when dealing with physical machines) that are incorrect. I would say that so long as you understand that a lot of pretending is going on when doing any sort of virtualization, (and you accept that) and that you know the differences between the pretend machines and the real machines then you know all you need to know in order to decide if it is right for your environment. Brad
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On 23/11/10 13:56, Bahador NazariFard wrote: OK You are right. But you know in this case your security level is not higher than virtual machine. Because your security level in complex chained system is not higher than weakest point.In fact you are accepting the risk of using virtual machine. I think in this case if your virtual machine system is not stronger than OpenBSD you should not use it. If one can exploit virtual machine he/she can hurt your platform. I think virtual systems are very very useful but they are not very good for security box. I think virtual machine is one of your assets that you should be able to protect it. because it may have many guest and provide several services for your client . For example in this senario you can not protect your network even your firewall box against DoS or DDoS attack. because your virtual machine has to get a lot of packet before your firewall. This is a good post. I have esxi servers and they work well, but you'd have a hardware firewall sitting at the front of network, unless you want to do firewall testing etc. If you can afford to get some esxi servers, I'm sure you can pay the little bit extra to get an OpenBSD firewall on the go, even two for that matter
Re: em(4) detailed errors
Hi, On Thu, 18.11.2010 at 16:38:55 +0100, Manuel Guesdon wrote: > Is there a way to get detailed em(4) device errors without having to > recompile kernel with EM_DEBUG ? > I try to find in-errors reason(s) but netstat only gives errors as a sum of > dropped_pkts + stats.rxerrc + stats.crcerrs + sc->stats.algnerrc +... as far > as I can see :-( I'm having a similar problem. On one 4x em(4) machine, I get a lot of input errors and, much more serious, intermittend packet loss, but only on one interface out of two with similar traffic levels (~1-4kpps per direction). After reading the latest em(4) threads, I also found this very strange thing, which must have been automatically configured: # ifconfig em3 em3: flags=8b43 mtu 1500 lladdr 00:30:48:94:0b:21 priority: 0 media: Ethernet autoselect (1000baseT full-duplex,master) ^ status: active I'm unsure about how to remove this feature from this (physical) interface, and the machine uses none of carp, pfsync or sasync. The hardware for this interface is em3 at pci5 dev 0 function 0 "Intel PRO/1000MT (82573L)" rev 0x00: apic 2 int 17 (irq 11), address 00:30:48:94:0b:21 as detected by OpenBSD 4.8-stable (i386). The ability to selectively enable or disable debugging for individual devices at runtime would be a great feature, from a sysadmin's perspective. -- Kind regards, --Toni++
Re: em(4) detailed errors
On Tue, Nov 23, 2010 at 03:16:57PM +0100, Toni Mueller wrote: > Hi, > > On Thu, 18.11.2010 at 16:38:55 +0100, Manuel Guesdon > wrote: > > Is there a way to get detailed em(4) device errors without having to > > recompile kernel with EM_DEBUG ? > > I try to find in-errors reason(s) but netstat only gives errors as a sum of > > dropped_pkts + stats.rxerrc + stats.crcerrs + sc->stats.algnerrc +... as far > > as I can see :-( > > I'm having a similar problem. On one 4x em(4) machine, I get a lot of > input errors and, much more serious, intermittend packet loss, but only > on one interface out of two with similar traffic levels (~1-4kpps per > direction). > > After reading the latest em(4) threads, I also found this very strange > thing, which must have been automatically configured: > > # ifconfig em3 > em3: > flags=8b43 mtu 1500 > lladdr 00:30:48:94:0b:21 > priority: 0 > media: Ethernet autoselect (1000baseT full-duplex,master) > ^ > status: active > > > I'm unsure about how to remove this feature from this (physical) > interface, and the machine uses none of carp, pfsync or sasync. > The hardware for this interface is > If you wonder about the "master" in the media line then be assured that all is fine. 1000BaseT require autoselection to always run and every link needs one PHY running as master (normaly the switch). > em3 at pci5 dev 0 function 0 "Intel PRO/1000MT (82573L)" rev 0x00: apic 2 int > 17 (irq 11), address 00:30:48:94:0b:21 > > as detected by OpenBSD 4.8-stable (i386). > > The ability to selectively enable or disable debugging for individual > devices at runtime would be a great feature, from a sysadmin's > perspective. > -- :wq Claudio
Re: HP Proliant NEO N36L
On 2010-11-23, Joakim Aronius wrote: > Hi, > > This looks like a nice, small and cheap server: > HP ProLiant AMD Athlon II NEO N36L > http://www.newegg.com/Product/Product.aspx?Item=N82E16859105905 > > However, there seem to be some HP stuff in there which Im not sure is > supported. FreeBSD dmesg here: http://www23.atwiki.jp/dragonkiller?cmd=upload&act=open&pageid=239&file=proliant-microserver_freenas0.7.2-dmesg.txt >From this I would make educated guesses that the ethernet should be ok, raid probably won't work in raid mode but should be ok in ahci mode. But as to whether ACPI will work, you can't really make a guess ... > Ethernet Controller > Embedded NC107i PCI Express Gigabit Ethernet Server Adapter > (Seems like this is a bge(4) according to this(?) > http://old.nabble.com/HP-DL120-G6-with-OpenBSD--tt28315871.html#a28315871 ) > Storage Controller > Embedded SATA Controller with Embedded RAID (0, 1) > > > Has anyone tried OpenBSD on one of these? Any DMESG available? > > In general, are the HP Proliant boxes good with OpenBSD? "The HP Proliant boxes" cover a huge range of machines over a long period of time. Some work fine, others didn't but got fixed, there may well be others which still don't.
Re: em(4) detailed errors
On Tue, Nov 23, 2010 at 03:16:57PM +0100, Toni Mueller wrote: > Hi, > > On Thu, 18.11.2010 at 16:38:55 +0100, Manuel Guesdon > wrote: > > Is there a way to get detailed em(4) device errors without having to > > recompile kernel with EM_DEBUG ? > > I try to find in-errors reason(s) but netstat only gives errors as a sum of > > dropped_pkts + stats.rxerrc + stats.crcerrs + sc->stats.algnerrc +... as far > > as I can see :-( > > I'm having a similar problem. On one 4x em(4) machine, I get a lot of > input errors and, much more serious, intermittend packet loss, but only > on one interface out of two with similar traffic levels (~1-4kpps per > direction). > > After reading the latest em(4) threads, I also found this very strange > thing, which must have been automatically configured: > > # ifconfig em3 > em3: > flags=8b43 mtu 1500 > lladdr 00:30:48:94:0b:21 > priority: 0 > media: Ethernet autoselect (1000baseT full-duplex,master) > ^ > status: active > > > I'm unsure about how to remove this feature from this (physical) > interface, and the machine uses none of carp, pfsync or sasync. > The hardware for this interface is I would rather investigate why the PROMISC and ALLMULTI flags are set on this interface. -Otto > > em3 at pci5 dev 0 function 0 "Intel PRO/1000MT (82573L)" rev 0x00: apic 2 int > 17 (irq 11), address 00:30:48:94:0b:21 > > as detected by OpenBSD 4.8-stable (i386). > > The ability to selectively enable or disable debugging for individual > devices at runtime would be a great feature, from a sysadmin's > perspective. > > > -- > Kind regards, > --Toni++
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On 2010-11-23, carlopmart wrote: > Hi all, > > First of all, I don't want to start a flame. I will to know your opinion > about > using virtual firewalls in virtual infraestructures like vmware, kvm ,xen, > etc ... > like OpenBSD. > > Advantages are very clear for me: provisioning, administration tasks, etc > ... But > I will to know disadvantages. What is your opinion from the point of view of > security? > > Thanks. How will you protect your management interface if the firewall is virtualised?
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On 11/23/2010 04:03 PM, Stuart Henderson wrote: On 2010-11-23, carlopmart wrote: Hi all, First of all, I don't want to start a flame. I will to know your opinion about using virtual firewalls in virtual infraestructures like vmware, kvm ,xen, etc ... like OpenBSD. Advantages are very clear for me: provisioning, administration tasks, etc ... But I will to know disadvantages. What is your opinion from the point of view of security? Thanks. How will you protect your management interface if the firewall is virtualised? At logical level or physical level?? At logical level I can configure a virtual bridge on this interface and apply firewall rules. Physically, impossible, obvious. -- CL Martinez carlopmart {at} gmail {d0t} com
México el Museo más Grande del Mundo
?Problemas visualizando este e-mail? Ver Online Smguenos en: [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] Coordinacisn Ejecutiva Nacional de las Conmemoraciones del 2010â [IMAGE] Cuando veas esta pregunta [IMAGE] ?Quiin sabe qui pass aqum? [IMAGE] Podras descubrir la historia de Mixico a travis de tu celular [IMAGE] Sslo marca *2010 o envma un SMS al 2020 + Nzmero de monumento. Al instante sabras ?Qui pass ahm? [IMAGE] 2010 monumentos, 2010 historias por conocer Mixico el museo mas grande del Mundo [IMAGE] Te invitamos a registrarte y ser parte de la gran conmemoracisn [IMAGE] *Nombre *Apellido Paterno *Apellido Materno Sexo Fecha de Nacimiento Telifono Femenino Masculino Celular ?Deseas recibir informacisn en tu celular? C.P. SI NO Municipio / Delegacisn Estado Su direccisn de e-mail Si usas Hotmail, Outlook 2007, Entourage, Outlook Web Assistant, o no puedes contestar la encuesta, haz clic aqum Los campos con * son requeridos. [IMAGE] !Invita a un amigo a ser parte de este gran evento! [IMAGE] Nombre de tu amigo e-mail de tu amigo [IMAGE] Mixico es mi Museo [IMAGE] TODOS LOS CONTENIDOS QUE SE INCLUYEN EN ESTE SITIO, TALES COMO TEXTOS, GRAFICOS, LOGOTIPOS, ICONOS, IMAGENES, AUDIOCLIPS, DESCARGAS DIGITALES, COMPILACISN DE DATOS Y SOFTWARE SON PROPIEDAD DEL INSTITUTO NACIONAL DE ESTUDIOS HISTSRICOS DE LAS REVOLUCIONES DE MIXICO - UNIDAD BICENTENARIO Y/O DE SUS PROVEEDORES DE CONTENIDOS Y ESTAN PROTEGIDOS POR LAS LEYES MEXICANAS E INTERNACIONALES DEL COPYRIGHT O DERECHO DE AUTOR. AL VISITAR ESTE SITIO, USTED CONOCE Y ACEPTA QUE DICHAS LEGISLACIONES RIGEN LAS CONDICIONES DE USO DEL MISMO. Si no eres el usuario o si deseas ser borrado de nuestro listado de envmos sslo haz clic aqum. [IMAGE]
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On 2010-11-23, at 6:38 AM, carlopmart wrote: > Hi all, > > First of all, I don't want to start a flame. I will to know your opinion about using virtual firewalls in virtual infraestructures like vmware, kvm ,xen, etc ... like OpenBSD. > > Advantages are very clear for me: provisioning, administration tasks, etc ... But I will to know disadvantages. What is your opinion from the point of view of security? > > Thanks. > -- > CL Martinez > carlopmart {at} gmail {d0t} com > I am not a fan of using VMs for firewall infrastructure even though I like VMs for software development/testing/staging purposes. 1) With regards to provisioning there are lots of complexities you end up dealing with if you are in a highly available network. I could not find simple solutions for obvious issues -- especially solutions that could be delegated in an idiot-proof manner. In addition, when firewalls and proxies and load balancers are on real boxes, it is easier to see where network cables are coming from and which switches and patch panels they are going to. When hosted on VMs stuff does happen :) 2) Administration tasks work OK when the VM is running properly and all components are "certified". But it was very difficult to get practical advice from vendors when I had issues running OpenBSD. I feel it is more secure to run OpenBSD on real hardware than as a VM guest because with real hardware you only need to restrict physical access and OpenBSD can take care of the rest. With virtualization, you end up having to learn a lot more about the VM environment and that knowledge seems to be very fleeting. Installing OpenBSD firewalls on top of that "moving" structure may still protect you but to me it makes everything needlessly complicated. Vijay Sankar vsan...@foretell.ca
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
At logical level who is responsible against layer two threats (vm or fw)? You are using virtual machine and its network drivers aren't you? I think it is so clear that in this solution health of VM is vital for your network. It seems you are concentrating and focus only about network layer vulnerabilities. but you VM may be vulnerable against application layer attacks even against local guest system users. for example VM may have a vulnerable web administration interface that can be a good start point for your enemies! eventually you have many guest system on your VM and your VM threats is not limited only to network layer threats. however I think even in this situam your firewall should process and filter network traffic before than others(including VM). On Tue, Nov 23, 2010 at 6:45 PM, carlopmart wrote: > On 11/23/2010 04:03 PM, Stuart Henderson wrote: > >> On 2010-11-23, carlopmart wrote: >> >>> Hi all, >>> >>> First of all, I don't want to start a flame. I will to know your >>> opinion about >>> using virtual firewalls in virtual infraestructures like vmware, kvm >>> ,xen, etc ... >>> like OpenBSD. >>> >>> Advantages are very clear for me: provisioning, administration tasks, >>> etc ... But >>> I will to know disadvantages. What is your opinion from the point of view >>> of security? >>> >>> Thanks. >>> >> >> How will you protect your management interface if the firewall is >> virtualised? >> >> >> > At logical level or physical level?? At logical level I can configure a > virtual bridge on this interface and apply firewall rules. Physically, > impossible, obvious. > > > -- > CL Martinez > carlopmart {at} gmail {d0t} com > > -- Gula_Gula =;=; BNF
Re: em(4) detailed errors
On Tue, Nov 23, 2010 at 10:02 AM, Otto Moerbeek wrote: > On Tue, Nov 23, 2010 at 03:16:57PM +0100, Toni Mueller wrote: >> # ifconfig em3 >> em3: >> flags=8b43 mtu 1500 >> lladdr 00:30:48:94:0b:21 >> priority: 0 >> media: Ethernet autoselect (1000baseT full-duplex,master) >> ^ >> status: active > I would rather investigate why the PROMISC and ALLMULTI flags are set > on this interface. trunked?
Re: Linux or OpenBSD
On Tue, Nov 23, 2010 at 01:50:09PM +0100, Toni Mueller wrote: > nope. I regularly see hardware which is supposed to be good, and which > gives no problems under Linux, which causes a lot of problems under > OpenBSD. I'm just about to throw away a bunch of recent machines that > worked fine with older OpenBSDs, but horribly crash with later > releases, up to the point that they even refuse to boot. Why don't you run linux on them? You aren't being very environmentally aware are you?
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
* carlopmart [101123 08:44]: > On 11/23/2010 02:33 PM, Jim Razmus wrote: > >* carlopmart [101123 08:22]: > >>On 11/23/2010 01:48 PM, carlopmart wrote: > >>>On 11/23/2010 01:42 PM, Bret Lambert wrote: > Because you're still relying on your host's network stack, you aren't > actually firewalling it. > > >>> > >>>Uhmm .. I am not sure about this. For example: you can configure several > >>>virtual > >>>bridges under a ESXi host and then attach them to a virtual firewall like > >>>OpenBSD. > >>>If you configure some pf rules, you are doing firewalling ... In this case > >>>you have > >>>all network stack except layer 1, correct?? > >> > >>And one more thing: with latest releases of hypervisors like ESXi > >>and KVM (I don't know about xen), you can attach physical hardware > >>to a specific guest, like network interfaces. Then, you have all > >>network stack asigned to a virtual machine. Where are the > >>disadvantages in scenarios like this?? > >> > >>Thanks. > >> > >>-- > >>CL Martinez > >>carlopmart {at} gmail {d0t} com > >> > > > >You're still relying on software to the right thing and protect against > >abuse. "attach physical hardware to a specific guest" is done via > >software. Do you trust that software? > > > >jim@ > > > > > > Uhmm ... good point Jim. But, but one question: can you compromise > this virtual firewall using a specific exploit, procedure, etc and > don't do the same with a physical firewall ?? > > -- > CL Martinez > carlopmart {at} gmail {d0t} com > Possibly, yes. Here's why. You're not attacking an OpenBSD host. The hypervisor has a network stack that is engaged before any guest. How else can you setup virtual switches, "attach interfaces", etc. Assuming that stack is vulnerable in some fashion, you have the opportunity to attack the guests from an entirely new angle. Moreover, if your hypervisor is now compromised, why try to fight your way through the network interface of the virtual firewall when you can attack the firewall or other guests directly? Further, why even attack the guests through their respective virtual network interfaces when you can poison their virtual CPUs or other "hardware" devices? IMO, this is a kin to the blob problem for hardware, but on a larger scale. Your guests, OpenBSD or otherwise, are entirely dependent on another layer of software. In this case ESXi, which is not infallible. Does that explain it better? jim@
A bad entry in the spamdb kills pfctl
Somehow I have an bad entry in my /var/db/spamdb the entry in question is a follows. GREY|kadorken.thspamdb -t -a itroll.03092...@thinkage.chinkage.on.ca|spamdb -t -a kgdykesb...@thinkage.on.ca|spamdb -t -a kgdykesb...@thinkage.on.ca|spamdb -t -a kgdykescxspamdb|1160168514|0|0|1|-2 I have no idea how the entry got there. How can I delete it? I cannot get the "spamdb -d" to work, it is expecting an IP address spamd seems to still work, but seems to use a much more memory to operate. The memory usage caused a problem that was hard to track down. spamd calls pfctl to update the table spamd-white, pfclt would fail with insufficient memory. No error message (that I could find) was reported. The side effect of the failure of pfctl was the spamd-white table in pf was not updated, which mean that no mail from new locations could be received. Eventually there were complaints. I found the problem after booting the system and noticing the spamd-white table had no entries. If spamd was run in debug mode, then the error message did appear. My workaround was to add more memory to the system.
Re: Linux or OpenBSD
Quoting Toni Mueller : > Hi, > > On Sat, 23.10.2010 at 10:36:54 -0500, Marco Peereboom > wrote: >> On Oct 23, 2010, at 8:48, Toni Mueller wrote: >> > Also, Linux is better supported by hardware vendors, and/or much less >> > picky about hardware than OpenBSD is. >> If you consider the garbage these vendors call drivers then sure. >> >> The only debate really comes down to smp and flash. > > nope. I regularly see hardware which is supposed to be good, and which > gives no problems under Linux, which causes a lot of problems under > OpenBSD. I'm just about to throw away a bunch of recent machines that > worked fine with older OpenBSDs, but horribly crash with later > releases, up to the point that they even refuse to boot. > > > -- > Kind regards, > --Toni++ Toni, have you published a list of the hardware thats been causing you problems? My experience has been different. Sure, newer hardware can have things like an ethernet chip that isn't yet supported, but that gets fixed over time in the vast majority of cases. Overall though, i386 stuff just works for me. Apologies if you've already done this. Knowing what things out there that don't (yet) work would benefit everyone, I think. --STeve Andre'
Re: [Bulk] Re: OT: Disadvantages of using virtual firewalls like OpenBSd
> Possibly, yes. Here's why. You're not attacking an OpenBSD host. > > The hypervisor has a network stack that is engaged before any guest. > How else can you setup virtual switches, "attach interfaces", etc. > Assuming that stack is vulnerable in some fashion, you have the > opportunity to attack the guests from an entirely new angle. Moreover, > if your hypervisor is now compromised, why try to fight your way through > the network interface of the virtual firewall when you can attack the > firewall or other guests directly? Further, why even attack the guests > through their respective virtual network interfaces when you can poison > their virtual CPUs or other "hardware" devices? > > IMO, this is a kin to the blob problem for hardware, but on a larger > scale. Your guests, OpenBSD or otherwise, are entirely dependent on > another layer of software. In this case ESXi, which is not infallible. > > Does that explain it better? > > jim@ > I'd certainly run native wherever 'fee'sable. However if it's a choice between a stripped down Linux KVM kernel running OpenBSD and a full blown Linux kernel server. I'd choose OpenBSD whilst worrying about other guests and the hosts drivers etc. For firewalling if it's protecting other non virtual hosts and/or has uncontrolled guests then you may be adding risk to them.
OpenBSD 4.8 kernel: protect fault trap, code=0
-- Forwarded message -- From: R0me0 *** Date: 2010/11/23 Subject: Re: OpenBSD 4.8 kernel: protect fault trap, code=0 To: Theo de Raadt OpenBSD 4.8 (GENERIC.MP) #335: Mon Aug 16 09:09:20 MDT 2010 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2112618496 (2014MB) avail mem = 2042560512 (1947MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xfbf60 (49 entries) bios0: vendor American Megatrends Inc. version "080012" date 03/07/2006 bios0: ECS P4M800PRO-M acpi0 at bios0: rev 0 acpi0: sleep states S0 S1 S4 S5 acpi0: tables DSDT FACP APIC OEMB acpi0: wakeup devices UAR1(S4) MC97(S4) USB1(S1) USB2(S1) USB3(S1) USB4(S1) PCI1(S4) PCI2(S4) PCI3(S4) OLAN(S4) ILAN(S4) SLPB(S4) PWRB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Pentium(R) D CPU 2.80GHz, 2795.02 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16,xTPR,LONG cpu0: 1MB 64b/line 8-way L2 cache cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Pentium(R) D CPU 2.80GHz, 2794.56 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16,xTPR,LONG cpu1: 1MB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 2 pa 0xfec0, version 3, 24 pins ioapic0: misconfigured as apic 1, remapped to apid 2 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P1) acpicpu0 at acpi0acpi0: unable to load \\_PR_.CPU1.SSDT acpicpu1 at acpi0acpi0: unable to load \\_PR_.CPU2.SSDT acpitz0 at acpi0: critical temperature 110 degC acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: PWRB pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "VIA CN700 Host" rev 0x00 agp at pchb0 not configured pchb1 at pci0 dev 0 function 1 "VIA CN700 Host" rev 0x00 pchb2 at pci0 dev 0 function 2 "VIA CN700 Host" rev 0x00 pchb3 at pci0 dev 0 function 3 "VIA PT890 Host" rev 0x00 pchb4 at pci0 dev 0 function 4 "VIA CN700 Host" rev 0x00 pchb5 at pci0 dev 0 function 7 "VIA CN700 Host" rev 0x00 ppb0 at pci0 dev 1 function 0 "VIA VT8377 AGP" rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 "VIA S3 Unichrome PRO IGP" rev 0x01 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) rl0 at pci0 dev 8 function 0 "Realtek 8139" rev 0x10: apic 2 int 16 (irq 10), address 00:1a:3f:51:72:3d rlphy0 at rl0 phy 0: RTL internal PHY rl1 at pci0 dev 9 function 0 "Realtek 8139" rev 0x10: apic 2 int 17 (irq 11), address 00:1a:3f:51:46:59 rlphy1 at rl1 phy 0: RTL internal PHY rl2 at pci0 dev 10 function 0 "Realtek 8139" rev 0x10: apic 2 int 18 (irq 5), address 00:1a:3f:52:34:4f rlphy2 at rl2 phy 0: RTL internal PHY pciide0 at pci0 dev 15 function 0 "VIA VT6420 SATA" rev 0x80: DMA pciide0: using apic 2 int 20 (irq 5) for native-PCI interrupt wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6 pciide1 at pci0 dev 15 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility pciide1: channel 0 disabled (no drives) pciide1: channel 1 disabled (no drives) uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 (irq 10) uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 (irq 10) uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 (irq 11) uhci3 at pci0 dev 16 function 3 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 (irq 11) ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x86: apic 2 int 21 (irq 5) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "VIA EHCI root hub" rev 2.00/1.00 addr 1 viapm0 at pci0 dev 17 function 0 "VIA VT8237 ISA" rev 0x00 iic0 at viapm0 spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5 spdmem1 at iic0 addr 0x51: 1GB DDR2 SDRAM non-parity PC2-5300CL5 vr0 at pci0 dev 18 function 0 "VIA RhineII-2" rev 0x78: apic 2 int 23 (irq 10), address 00:16:ec:82:1c:3b ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 10: OUI 0x004063, model 0x0032 usb1 at uhci0: USB revision 1.0 uhub1 at usb1 "VIA UHCI root hub" rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 "VIA UHCI root hub" rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 "VIA UHCI root hub" rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 "VIA UHCI root hub" rev 1.00/1.00 addr 1 isa0 at mainbus0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 it0 at isa0 port 0x2e/2: IT8705F rev 3, EC port 0x290 mtrr: Pentium Pro MTRR support softraid0 at
reply for more information
$B?7$7$$%a!<%k%"%I%l%9$r$*CN$i$;$7$^$9?7$7$$%a!<%k%"%I%l%9!'(B edithab...@yahoo.co.jp I am Mrs Edith Abed I am a cancer woman that have short time to live. I want to make a donation to you. i am awaiting for your reply for more information Your Direct Tel & Fax Your ID Your Age - Mrs edith abed
Re: Linux or OpenBSD
On Nov 23, 2010, at 7:50 AM, Toni Mueller wrote: > Hi, > > On Sat, 23.10.2010 at 10:36:54 -0500, Marco Peereboom wrote: >> On Oct 23, 2010, at 8:48, Toni Mueller wrote: >>> Also, Linux is better supported by hardware vendors, and/or much less >>> picky about hardware than OpenBSD is. >> If you consider the garbage these vendors call drivers then sure. >> >> The only debate really comes down to smp and flash. > > nope. I regularly see hardware which is supposed to be good, and which > gives no problems under Linux, which causes a lot of problems under > OpenBSD. I'm just about to throw away a bunch of recent machines that > worked fine with older OpenBSDs, but horribly crash with later > releases, up to the point that they even refuse to boot. > > > -- > Kind regards, > --Toni++ > Perhaps one or more developers would be curious about the crashes? Why not donate the machines instead of throw them out?
Re: A bad entry in the spamdb kills pfctl
On Tue, Nov 23, 2010 at 05:05:14PM +, Peter Fraser wrote: > Somehow I have an bad entry in my /var/db/spamdb the entry in question is a > follows. > > GREY|kadorken.thspamdb -t -a itroll.03092...@thinkage.chinkage.on.ca|spamdb -t > -a kgdykesb...@thinkage.on.ca|spamdb -t -a kgdykesb...@thinkage.on.ca|spamdb > -t -a kgdykescxspamdb|1160168514|0|0|1|-2 > > I have no idea how the entry got there. > > How can I delete it? I cannot get the "spamdb -d" to work, it is expecting > an IP address > hi, don;t know if there's an official correct way, but you could just replace the database with an empty file. if starting from scratch is too awful a thought, you could easily repopulate the database using the output of (the current) spamdb command and some small script. there might be a nicer way to do it though. jmc
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On Tue, Nov 23, 2010 at 01:38:04PM +0100, carlopmart wrote: >Hi all, > > First of all, I don't want to start a flame. I will to know your >opinion about using virtual firewalls in virtual infraestructures >like vmware, kvm ,xen, etc ... like OpenBSD. > > Advantages are very clear for me: provisioning, administration >tasks, etc ... But I will to know disadvantages. What is your opinion >from the point of view of security? Bypassing a virtual FW is so easy, just click in any hypervisor GUI, moving machine, adding new iface etc... It's not so easy with real cabling. You can have good privilegs in hypervisor GUI mgmnt but still - real hw firewall is more separated... What a pity OpenBSD doesn't run on Power{5,6,7} servers. I'd like to put it in a lpar just for fun :) jirib
Problema umidità
Ambi Fresh, sale igroscopico, mangiaumidita, antimuffa - domini in venditaQuesta non e' una newsletter, e' una comunicazione utile indirizzata a te per risolvere il problema dell'umidita'. Pochi segreti, tanti fatti. Se non hai mai provato il nostro prodotto, tenta almeno una volta! Quando conosci le nostre vaschette non riesci piy a cambiare. Mai capitato di rovesciare la soluzione salina su moquette, teak, tessuti? Con noi non capita, il prodotto h usa e getta e costa come una ricarica! Camere d'albergo, barche, auto ferme, camper, stanze, garage, taverne, cantine, armadi PROVA! ORDINA SUBITO E RICEVI A CASA SCRIVICI una mail a i...@ambifresh.it INDICA il tuo Cognome e Nome e tutti i dati per ricevere. Vedi sotto l'esempio. SPECIFICA quanti cartoni di prodotto ti servono. Ogni cartone sono 30 vaschette di prodotto. PAGA tramite bonifico ai dati riportati sotto alla nostra mail oppure in contrassegno con una maggiorazione del 3%. RICEVI entro 2 giorni la merce dal ricevimento del bonifico con il nostro trasportatore. Ordina subito il tuo cartone di vaschette per togliere l'umidit` dalla casa, camper, garage, auto e altri luoghi chiusi! Per ordinare h molto semplice: Invia una mail a i...@ambifresh.it specificando il tuo Cognome e Nome, indirizzo completo di destinazione merce. Esempio Privato: Mario Rossi via Casa della Rotonda, 40/C 35100 Venezia (VE) Cod. fiscale ABCDEF12A11AAEsempio Azienda: Azienda srl Mario Rossi via Casa della Rotonda, 40/C 35100 Venezia (VE) P.IVA 12345678910 1 cartone sono 30 vaschette di prodotto 1 vaschetta = ? 5.00 + IVA 20% (? 6.00) Spese di spedizione: 1 cartone ? 15.00 IVA compresa 5 cartoni ? 35.00 IVA compresa 10 cartoni ? 65.00 IVA compresa Oltre su richiesta. Isole + 10%Acquistando da 1 a 5 cartoni Sconto 20% Acquistanto da 6 a 20 cartoni Sconto 30% Oltre: contattare la Direzione Altre caratteristiche da sapere: Con la vaschetta speciale potrai assorbire l'umidit` in eccesso presente nell'aria in qualsiasi ambiente. In auto, in barca, nell'armadio, in cantina, in camper, in bagno e anche in taverne, in garage e nella seconda casa. La vaschetta funziona in qualsiasi ambiente fino a 40 m2 ed ha una durata fino a 2 mesi, in funzione al grado di umidit`. Per usarlo h semplicissimo. Ricevete il prodotto, scartatelo dalla confezione SENZA rimuovere la speciale membrana presente sopra alla vaschetta. Da quel momento il prodotto h gi` attivo. I sali presenti nella vascetta attirano l'umidit` presente nell'ambiente attraverso la speciale membrana traspirante. La miscela contenuta all'interno trasforma l'umidit` in gocce e cattura l'acqua in modo irreversibile e sicuro. In questa maniera la soluzione salina (spesso corrosiva e dannosa specialmente ai tessuti) non potr` piy uscire ne evaporare. Potrete anche sbadatamente rovesciare la vaschetta e non uscir` nulla! NOTA: i pagamenti posso avvenire solamente tramite bonifico e contrassegno. Verr` attivato presto un servizio di carta di credito per acquistare online. AmbiFrash h un marchio ideato e commercializzato da Michele Andretta ( +39 347 4077005 ). Per qualsiasi informazione o dubbio potete contattarmi in qualsiasi momento. Se avete un negozio o siete un'azienda e desiderate acquistare un bancale di prodotto, avrete condizioni speciali. www.AmbiFresh.it - www.AmbiFresh.biz - www.AmbiFresh.eu - www.AmbiFresh.info www.AmbiFresh.net - www.AmbiFresh.org - www.AmbiFresh.us - www.antimuffa.info www.saleigroscopico.info - www.saleperbarca.com - www.mangiaumidita.info i...@ambifresh.it
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On 11/23/10 08:32, carlopmart wrote: On 11/23/2010 02:30 PM, Timo Schoeler wrote: ... http://kerneltrap.org/mailarchive/openbsd-misc/2007/10/24/352059 Yes, but this question is three years old and hypervisors have changed Thanks. what's changed? Layering? Nope. Crappy programming? Nope. Better hardware? not really. Features-before-security? Nope. Lots new features, though. And they fixed a few bugs AFTER they were brought to the vendor's attention. Reactive at its best. You think they FIXED more bugs than they added with the new features? I think the virtualization products have proven their attitude towards security and correctness. If something changed, it is theirs to prove...and then, you still have the complexity issue. A more complex system is unlikely to be more secure or more reliable than a simple system. Nick.
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
Nick Holland wrote: > what's changed? > Layering? Nope. > Crappy programming? Nope. > Better hardware? not really. > Features-before-security? Nope. Good points. The goals of virtualization are, easy management, power savings, quick provisioning and deployment, redundancy, etc. When you talk about security and virtualization at the guest level, the prevailing attitude is, "If it gets hacked, we'll just restore it from a known good snapshot... problem solved." I don't hear much talk at all about the host machine and security (the real server that hosts all the pretend servers is just assumed to be OK). There just seems to be a lot of trust in the vendors. Brad > Lots new features, though. > And they fixed a few bugs AFTER they were brought to the vendor's > attention. Reactive at its best. You think they FIXED more bugs than > they added with the new features? > > I think the virtualization products have proven their attitude towards > security and correctness. If something changed, it is theirs to > prove...and then, you still have the complexity issue. A more complex > system is unlikely to be more secure or more reliable than a simple system. > > Nick.
Re: em(4) detailed errors
Hi, On Tue, 23.11.2010 at 11:07:40 -0500, Ted Unangst wrote: > On Tue, Nov 23, 2010 at 10:02 AM, Otto Moerbeek wrote: > > On Tue, Nov 23, 2010 at 03:16:57PM +0100, Toni Mueller wrote: > >> # ifconfig em3 > >> em3: > >> flags=8b43 mtu > >> 1500 > >> B B B B lladdr 00:30:48:94:0b:21 > >> B B B B priority: 0 > >> B B B B media: Ethernet autoselect (1000baseT full-duplex,master) > >> ^ > >> B B B B status: active > > > I would rather investigate why the PROMISC and ALLMULTI flags are set > > on this interface. > > trunked? thanks for your input. No, the interface is configured in a very straightforward way without any bells and whistles. It has a four IPv4 addresses, plus one auto-generated IPv6 address (link layer local). I don't use briding and didn't enable multicast in /etc/sysctl.conf, either. There are also no processes specifically using this interface (ie, no tcpdump or similar). This is the whole process list: $ ps ax PID TT STAT TIME COMMAND 1 ?? Is 0:00.01 /sbin/init 2399 ?? Is 0:00.00 ntpd: [priv] (ntpd) 19341 ?? I 0:00.09 ntpd: ntp engine (ntpd) 12690 ?? I 0:00.01 ntpd: dns engine (ntpd) 11247 ?? Is 0:00.02 /usr/sbin/sshd -u0 2024 ?? Is 0:00.31 cron 32158 ?? Ss 0:01.19 sendmail: accepting connections (sendmail) 24559 ?? Ss 0:17.55 bgpd: parent (bgpd) 12368 ?? S 0:15.77 bgpd: session engine (bgpd) 18994 ?? S 1:05.98 bgpd: route decision engine (bgpd) 8611 ?? Ss 0:02.39 ifstated -v 11105 ?? S 0:05.28 syslogd -n -a /var/www/dev/log -a /var/empty/dev/log 27237 ?? Is 0:00.03 syslogd: [priv] (syslogd) 27968 ?? S 0:00.51 pflogd: [running] -s 256 -i pflog0 -f /var/log/pflog (pflogd) 13936 ?? Is 0:00.05 pflogd: [priv] (pflogd) 31560 ?? Ss 0:00.39 sshd: u...@ttyp0 (sshd) 29917 ?? Ss 0:00.44 sshd: u...@ttyp1 (sshd) 29148 p0 Ss+ 0:00.03 bash 16540 p1 Ss 0:00.04 bash 28953 p1 R+/10:00.00 ps -ax 17757 C0- S 0:00.53 runsvdir -P /var/service log: ... 9629 C0 Is+ 0:00.00 /usr/libexec/getty std.9600 ttyC0 397 C1 Is+ 0:00.00 /usr/libexec/getty std.9600 ttyC1 25085 C2 Is+ 0:00.00 /usr/libexec/getty std.9600 ttyC2 32349 C3 Is+ 0:00.00 /usr/libexec/getty std.9600 ttyC3 12522 C5 Is+ 0:00.00 /usr/libexec/getty std.9600 ttyC5 $ None of these suggests to me that ALLMULTI or PROMISC should be on, and ifconfig's man page doesn't suggest that I can easily turn them off. If you have any suggestions about how to debug this, I'm all ears. TIA! Kind regards, --Toni++
Re: Linux or OpenBSD
Hi, On Tue, 23.11.2010 at 17:45:16 +0100, Alexander Schrijver wrote: > Why don't you run linux on them? You aren't being very environmentally aware > are you? I don't understand what you mean with this remark. The application that I use these machines for requires OpenBSD, so there is very little point in running Linux on them. Also, "throw out" doesn't mean that I put these machines into the dustbin, it only means that I have to remove them from this task. Kind regards, --Toni++
Re: Linux or OpenBSD
Hi, On Tue, 23.11.2010 at 10:55:30 -0500, and...@msu.edu wrote: > Toni, have you published a list of the hardware thats been causing you > problems? sorry, no I didn't think of it, yet. But I have posted to this list about some of them, most prominently the small PCs with C7 chips. > My experience has been different. Sure, newer hardware can have things > like an ethernet chip that isn't yet supported, but that gets fixed over time > in the vast majority of cases. Overall though, i386 stuff just works for me. I'm usually aware of things that are "work in progress", and don't complain. But my experience has been just rather mixed. > Apologies if you've already done this. Knowing what things out there > that don't (yet) work would benefit everyone, I think. Agreed. The machines which I remember right now have been EOL'ed a few months ago. My dealer also only found out when I asked for a BIOS upgrade (go figure). A dmesg is included below. What's really scary for me is that one particular machine works, while the next refuses to boot, and the next after that crashes somewhere along the way. They're all supposed to be the same and have been purchased in one batch, too, but in fact they are very individual items (except for the machine below, this one came separately). And then, one works with OpenBSD 4.4, the next also works with OpenBSD 4.5, but crashes on OpenBSD 4.6, and so on. That's really hellish for me (but I blame the HW manufacturer)! Linux, also recent Linux, works fine on all of these, as far as I've tested them. My impression is that Linux generally copes better with this kind of stuff, just because of much wider exposure and much bigger manpower, but that's nothing to blame OpenBSD for. Kind regards, --Toni++ OpenBSD 4.7 (GENERIC) #1: Sun May 30 16:44:59 CEST 2010 r...@w3.oeko.net:/usr/S/src.47/sys/arch/i386/compile/GENERIC cpu0: VIA Eden Processor 1200MHz ("CentaurHauls" 686-class) 1.20 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,SSE3,EST,TM2,xTPR real mem = 1005940736 (959MB) avail mem = 965959680 (921MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 10/15/08, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.5 @ 0xfc0c0 (47 entries) bios0: vendor American Megatrends Inc. version "080014" date 10/15/2008 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC MCFG OEMB HPET SSDT acpi0: wakeup devices PS2K(S3) PS2M(S3) USB1(S3) USB2(S3) USB3(S3) LAN1(S4) PCI1(S4) PCI2(S4) PCI3(S4) SLPB(S4) PWRB(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: RNG AES AES-CTR SHA1 SHA256 RSA cpu0: apic clock running at 99MHz ioapic0 at mainbus0: apid 1 pa 0xfec0, version 3, 24 pins acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P1) acpiprt2 at acpi0: bus 2 (P0P2) acpicpu0 at acpi0: PSS acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: PWRB bios0: ROM list: 0xc/0xe600 0xce800/0x1000 0xcf800/0x1000 0xd0800/0x1000 0xe7000/0x800! cpu0: Enhanced SpeedStep 1198 MHz: speeds: 1200, 400 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "VIA CX700 Host" rev 0x10 viaagp0 at pchb0: v3 agp0 at viaagp0: aperture at 0xf000, size 0x1000 pchb1 at pci0 dev 0 function 1 "VIA CX700 Host" rev 0x00 pchb2 at pci0 dev 0 function 2 "VIA CX700 Host" rev 0x00 pchb3 at pci0 dev 0 function 3 "VIA CX700 Host" rev 0x00 pchb4 at pci0 dev 0 function 4 "VIA CX700 Host" rev 0x00 pchb5 at pci0 dev 0 function 7 "VIA CX700 Host" rev 0x00 ppb0 at pci0 dev 1 function 0 "VIA VT8377 AGP" rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 "VIA S3 UniChrome Pro II IGP" rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) rl0 at pci0 dev 8 function 0 "Realtek 8139" rev 0x10: apic 1 int 16 (irq 10), address 44:4d:50:03:0e:d6 rlphy0 at rl0 phy 0: RTL internal PHY rl1 at pci0 dev 11 function 0 "Realtek 8139" rev 0x10: apic 1 int 19 (irq 11), address 44:4d:50:32:08:19 rlphy1 at rl1 phy 0: RTL internal PHY pciide0 at pci0 dev 15 function 0 "VIA CX700 IDE" rev 0x00: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility pciide0: channel 0 disabled (no drives) wd0 at pciide0 channel 1 drive 0: wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 5 uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x90: apic 1 int 20 (irq 10) ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x90: apic 1 int 23 (irq 11) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "VIA EHCI root hub" rev 2.00/1.00 addr 1 viapm0 at pci0 dev 17 function 0 "VIA CX700 ISA" rev 0x00 iic0 at viapm0 pchb6 at pci0 dev 17 function 7 "VIA VX700 Host" rev 0x00 ppb1 at pci0 dev 19 function 0 "VIA CX700 Host" rev 0x00 pci2 at ppb1 bus 2 azalia0 at pci2 dev 1 function 0 "VIA HD Audi
Re: Linux or OpenBSD
Hi, On Tue, 23.11.2010 at 14:09:48 -0500, daniel holtzman wrote: > Perhaps one or more developers would be curious about the crashes? Why not > donate the machines instead of throw them out? ok. I'm not the owner, only the janitor, for these machines. Unless I figure out a way to put them back to life, in which case the owner may decide to keep them, I'll try to ship the surplus to interested developers (please talk to me offline if you're interested). Kind regards, --Toni++
Re: OpenBSD 4.8 kernel: protect fault trap, code=0
> 16087 6928 6928 1000 3 0x2000180 selectimspector You dirty dirty voyeur, you. -Bryan.
2010 Jornada Abierta Gratuita II
POSTGRADO EN EL MODELO SISTIMICO Asociada a la Escuela de Terapia Familiar del Htal. Sant Pau de Barcelona, Espaqa y al MRI (Mental Research Institute), Palo Alto USA Director: Dr. Horacio Serebrinsky - Director Acadimico: Dr. Marcelo R. Ceberio La Escuela Sistimica Argentina es una institucisn que desarrolla actividades de formacisn de Terapeutas familiares sistimicos, investigacisn y asistencia psicolsgica. JORNADA ABIERTA GRATUITA Modelo Sistimico 03 de Diciembre 9 a 10.30hs Introduccisn a la Terapia de Fobias y Panico Dr. Marcelo R. Ceberio 11 a 12.30hs- Introduccisn a la Terapia de Grupo Dr. Horacio Serebrinsky 13 a 14.30hs Introduccisn a Diversidades Familiares: Divorcio, Familias Ensambladas y Homoparentales Lic. Silvia Muiqo (a confirmar) 15 a 16.30hs Introduccisn a la Terapia de la Depresisn Lic. Gustavo Fos 17 a 18.30hs Introduccisn a la Terapia de Pareja Lic. Fernando Rubano 19 a 20.30hs Introduccisn a Trastornos de la Alimentacisn Lic. Graciela Piatti Cada docente dictara una clase introductoria sobre distintas tematicas segzn los horarios estipulados precedentemente. Los interesados pueden asistir a cada clase de manera independiente. Se requiere inscripcisn previa [IMAGE] [demime 1.01d removed an attachment of type image/jpeg which had a name of esalogorulo.jpg] [demime 1.01d removed an attachment of type image/jpeg which had a name of direccion+logo chico.jpg]
Re: Linux or OpenBSD
On Tue, 23 Nov 2010 21:53:55 +0100 Toni Mueller wrote: > Hi, > > On Tue, 23.11.2010 at 14:09:48 -0500, daniel holtzman wrote: > > Perhaps one or more developers would be curious about the crashes? Why not > > donate the machines instead of throw them out? > > ok. I'm not the owner, only the janitor, for these machines. Unless I > figure out a way to put them back to life, in which case the owner may > decide to keep them, I'll try to ship the surplus to interested > developers (please talk to me offline if you're interested). > > > Kind regards, > --Toni++ > >From the previous post (different results, same hw) it sounds like the developers would be troubleshooting hardware problems, not software. I suppose it may expose why Linux is more tolerant of the issues and may bring about improvements or alternatively just annoy the developers because linux shouldn't allow this or that to occur. Similar to windows and linux running fine on virtualbox but puffy saying, I'm not installing on that shit.
Re: OT: Disadvantages of using virtual firewalls like OpenBSd
On Tue, 2010-11-23 at 15:28 -0500, Brad Tilley wrote: > Nick Holland wrote: > > > what's changed? > > Layering? Nope. > > Crappy programming? Nope. > > Better hardware? not really. > > Features-before-security? Nope. > > Good points. The goals of virtualization are, easy management, power > savings, quick provisioning and deployment, redundancy, etc. When you > talk about security and virtualization at the guest level, the > prevailing attitude is, "If it gets hacked, we'll just restore it from a > known good snapshot... problem solved." With the way most of those app stacks are it's more like "We'll restore it from snapshot when one of our admins or developers fat fingers and blows it all to hell. We honestly can't distinguish malicious behavior from a 3rd party from our existing application bugs." > > I don't hear much talk at all about the host machine and security (the > real server that hosts all the pretend servers is just assumed to be > OK). There just seems to be a lot of trust in the vendors. No more trust than what they are putting into the OS distributions management chooses nor the application stacks management chooses. What's the point of compromising the OS or hypervisors when the memcached servers are open to the entire Internet, and the app stack was designed to make injection attacks easy. Chris Dukes
Re: OpenBSD 4.8 kernel: protect fault trap, code=0
I'm upgraded installed packages with pkg_add -u and recompiling impector Thank you 2010/11/23 Brynet > > 16087 6928 6928 1000 3 0x2000180 selectimspector > > You dirty dirty voyeur, you. > > -Bryan.
Re: 4.8 fail boot
I've had no problem with the HP DL360 G3s I have both OpenBSD 4.7-current (GENERIC.MP) #560: Wed Apr 28 11:55:01 MDT 2010 and OpenBSD 4.8 (GENERIC.MP) #359: Mon Aug 16 09:16:26 MDT 2010 running on DL360 G3s. In a very similar setup as you are describing. Have you installed any special hardware? I would also check the Array Controller utility ( F8 during boot). The problem is likely there. Please attach your dmesg if possible. -Christopher Ahrens On 23-Nov-10 03:48, Jiri B. wrote: Plug serial cable and get some info. Date: Tue, 23 Nov 2010 12:33:41 +0100 From: fa...@openbeer.it To: misc@openbsd.org Subject: 4.8 fail boot Hello, after boot on my DL360 G3 2Gb ram, hp array i5 (2x36gb mirroring) with new 4.8 the boot blocked on: npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 rd0: fixed, 3800 block softraid0 at root end . NO error, no other info... 4.6 boot regulary...
Re: OpenBSD 4.8 kernel: protect fault trap, code=0
On 11/23/10 16:20, R0me0 *** wrote: > I'm upgraded installed packages with pkg_add -u and recompiling impector > > Thank you My comments were totally unrelated, this will not solve your problem. -Bryan.
Re: OpenBSD 4.8 kernel: protect fault trap, code=0
I've upgraded packages and recompiling , problem persists, now I have disabled imspector, so I will watch and see what will to happen Regards, 2010/11/23 Brynet > On 11/23/10 16:20, R0me0 *** wrote: > > I'm upgraded installed packages with pkg_add -u and recompiling impector > > > > Thank you > > My comments were totally unrelated, this will not solve your problem. > > -Bryan.
wrong power units for battery on EEE 901
Hi, when booting my Asus EEE 901 netbook without battery, the power unit type is reported as Watthour, whereas if booted with battery inserted its Amphour. The same behavior appears on my Samsung netbook at work. Although not really serious, I just noticed because it broke my shutdown scripts and mode line display. I fixed this by checking the _BIF type on acpi refresh and detaching / reattaching the "last full / warning / low / remaining" capacity sensors if the types differ when battery gets inserted. Works on i386 on Asus EEE 901, will test on Samsung netbook tomorrow. ok? Comments? Index: src/sys/dev/acpi/acpibat.c === RCS file: /cvs/src/sys/dev/acpi/acpibat.c,v retrieving revision 1.58 diff -u -r1.58 acpibat.c --- src/sys/dev/acpi/acpibat.c 10 Nov 2010 21:40:55 - 1.58 +++ src/sys/dev/acpi/acpibat.c 23 Nov 2010 21:48:53 - @@ -45,6 +45,7 @@ const char *acpibat_hids[] = { ACPI_DEV_CMB, 0 }; void acpibat_monitor(struct acpibat_softc *); +void acpibat_attach_power_unit_sensors(int, struct acpibat_softc *); void acpibat_refresh(void *); intacpibat_getbif(struct acpibat_softc *); intacpibat_getbst(struct acpibat_softc *); @@ -105,23 +106,15 @@ acpibat_notify, sc, ACPIDEV_POLL); } -void -acpibat_monitor(struct acpibat_softc *sc) +void +acpibat_attach_power_unit_sensors(int type, struct acpibat_softc *sc) { - int type; - - /* assume _BIF and _BST have been called */ - strlcpy(sc->sc_sensdev.xname, DEVNAME(sc), - sizeof(sc->sc_sensdev.xname)); - - type = sc->sc_bif.bif_power_unit ? SENSOR_AMPHOUR : SENSOR_WATTHOUR; - strlcpy(sc->sc_sens[0].desc, "last full capacity", sizeof(sc->sc_sens[0].desc)); sc->sc_sens[0].type = type; sensor_attach(&sc->sc_sensdev, &sc->sc_sens[0]); sc->sc_sens[0].value = sc->sc_bif.bif_last_capacity * 1000; - + strlcpy(sc->sc_sens[1].desc, "warning capacity", sizeof(sc->sc_sens[1].desc)); sc->sc_sens[1].type = type; @@ -134,6 +127,27 @@ sensor_attach(&sc->sc_sensdev, &sc->sc_sens[2]); sc->sc_sens[2].value = sc->sc_bif.bif_low * 1000; + strlcpy(sc->sc_sens[6].desc, "remaining capacity", + sizeof(sc->sc_sens[6].desc)); + sc->sc_sens[6].type = type; + sensor_attach(&sc->sc_sensdev, &sc->sc_sens[6]); + sc->sc_sens[6].value = sc->sc_bst.bst_capacity * 1000; +} + +void +acpibat_monitor(struct acpibat_softc *sc) +{ + int type; + + /* assume _BIF and _BST have been called */ + strlcpy(sc->sc_sensdev.xname, DEVNAME(sc), + sizeof(sc->sc_sensdev.xname)); + + type = sc->sc_bif.bif_power_unit ? SENSOR_AMPHOUR : SENSOR_WATTHOUR; + + /* attach sensors 0,1,2,6 with power unit Ah or Wh */ + acpibat_attach_power_unit_sensors (type, sc); + strlcpy(sc->sc_sens[3].desc, "voltage", sizeof(sc->sc_sens[3].desc)); sc->sc_sens[3].type = SENSOR_VOLTS_DC; sensor_attach(&sc->sc_sensdev, &sc->sc_sens[3]); @@ -150,12 +164,6 @@ sensor_attach(&sc->sc_sensdev, &sc->sc_sens[5]); sc->sc_sens[5].value = sc->sc_bst.bst_rate; - strlcpy(sc->sc_sens[6].desc, "remaining capacity", - sizeof(sc->sc_sens[6].desc)); - sc->sc_sens[6].type = type; - sensor_attach(&sc->sc_sensdev, &sc->sc_sens[6]); - sc->sc_sens[6].value = sc->sc_bst.bst_capacity * 1000; - strlcpy(sc->sc_sens[7].desc, "current voltage", sizeof(sc->sc_sens[7].desc)); sc->sc_sens[7].type = SENSOR_VOLTS_DC; @@ -169,7 +177,7 @@ acpibat_refresh(void *arg) { struct acpibat_softc*sc = arg; - int i; + int i, type; dnprintf(30, "%s: %s: refresh\n", DEVNAME(sc), sc->sc_devnode->name); @@ -187,6 +195,16 @@ } /* _BIF values are static, sensor 0..3 */ + type = sc->sc_bif.bif_power_unit ? SENSOR_AMPHOUR : SENSOR_WATTHOUR; + if (type != sc->sc_sens[0].type) { + /* power units in sensor and _BIF differ */ + sensor_detach(&sc->sc_sensdev, &sc->sc_sens[0]); + sensor_detach(&sc->sc_sensdev, &sc->sc_sens[1]); + sensor_detach(&sc->sc_sensdev, &sc->sc_sens[2]); + sensor_detach(&sc->sc_sensdev, &sc->sc_sens[6]); + + acpibat_attach_power_unit_sensors (type, sc); + } if (sc->sc_bif.bif_last_capacity == BIF_UNKNOWN) { sc->sc_sens[0].value = 0; sc->sc_sens[0].status = SENSOR_S_UNKNOWN;
Re: OpenBSD 4.8 kernel: protect fault trap, code=0
You might try the vr(4) errata: http://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/003_vr.patch or a -current snapshot. Ken On Tue, Nov 23, 2010 at 03:41:41PM -0200, R0me0 *** wrote: > -- Forwarded message -- > From: R0me0 *** > Date: 2010/11/23 > Subject: Re: OpenBSD 4.8 kernel: protect fault trap, code=0 > To: Theo de Raadt > > > OpenBSD 4.8 (GENERIC.MP) #335: Mon Aug 16 09:09:20 MDT 2010 > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > real mem = 2112618496 (2014MB) > avail mem = 2042560512 (1947MB) > mainbus0 at root > bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xfbf60 (49 entries) > bios0: vendor American Megatrends Inc. version "080012" date 03/07/2006 > bios0: ECS P4M800PRO-M > acpi0 at bios0: rev 0 > acpi0: sleep states S0 S1 S4 S5 > acpi0: tables DSDT FACP APIC OEMB > acpi0: wakeup devices UAR1(S4) MC97(S4) USB1(S1) USB2(S1) USB3(S1) USB4(S1) > PCI1(S4) PCI2(S4) PCI3(S4) OLAN(S4) ILAN(S4) SLPB(S4) PWRB(S4) > acpitimer0 at acpi0: 3579545 Hz, 24 bits > acpimadt0 at acpi0 addr 0xfee0: PC-AT compat > cpu0 at mainbus0: apid 0 (boot processor) > cpu0: Intel(R) Pentium(R) D CPU 2.80GHz, 2795.02 MHz > cpu0: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16,xTPR,LONG > cpu0: 1MB 64b/line 8-way L2 cache > cpu0: apic clock running at 199MHz > cpu1 at mainbus0: apid 1 (application processor) > cpu1: Intel(R) Pentium(R) D CPU 2.80GHz, 2794.56 MHz > cpu1: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16,xTPR,LONG > cpu1: 1MB 64b/line 8-way L2 cache > ioapic0 at mainbus0: apid 2 pa 0xfec0, version 3, 24 pins > ioapic0: misconfigured as apic 1, remapped to apid 2 > acpiprt0 at acpi0: bus 0 (PCI0) > acpiprt1 at acpi0: bus 1 (P0P1) > acpicpu0 at acpi0acpi0: unable to load \\_PR_.CPU1.SSDT > > acpicpu1 at acpi0acpi0: unable to load \\_PR_.CPU2.SSDT > > acpitz0 at acpi0: critical temperature 110 degC > acpibtn0 at acpi0: SLPB > acpibtn1 at acpi0: PWRB > pci0 at mainbus0 bus 0 > pchb0 at pci0 dev 0 function 0 "VIA CN700 Host" rev 0x00 > agp at pchb0 not configured > pchb1 at pci0 dev 0 function 1 "VIA CN700 Host" rev 0x00 > pchb2 at pci0 dev 0 function 2 "VIA CN700 Host" rev 0x00 > pchb3 at pci0 dev 0 function 3 "VIA PT890 Host" rev 0x00 > pchb4 at pci0 dev 0 function 4 "VIA CN700 Host" rev 0x00 > pchb5 at pci0 dev 0 function 7 "VIA CN700 Host" rev 0x00 > ppb0 at pci0 dev 1 function 0 "VIA VT8377 AGP" rev 0x00 > pci1 at ppb0 bus 1 > vga1 at pci1 dev 0 function 0 "VIA S3 Unichrome PRO IGP" rev 0x01 > wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) > wsdisplay0: screen 1-5 added (80x25, vt100 emulation) > rl0 at pci0 dev 8 function 0 "Realtek 8139" rev 0x10: apic 2 int 16 (irq > 10), address 00:1a:3f:51:72:3d > rlphy0 at rl0 phy 0: RTL internal PHY > rl1 at pci0 dev 9 function 0 "Realtek 8139" rev 0x10: apic 2 int 17 (irq > 11), address 00:1a:3f:51:46:59 > rlphy1 at rl1 phy 0: RTL internal PHY > rl2 at pci0 dev 10 function 0 "Realtek 8139" rev 0x10: apic 2 int 18 (irq > 5), address 00:1a:3f:52:34:4f > rlphy2 at rl2 phy 0: RTL internal PHY > pciide0 at pci0 dev 15 function 0 "VIA VT6420 SATA" rev 0x80: DMA > pciide0: using apic 2 int 20 (irq 5) for native-PCI interrupt > wd0 at pciide0 channel 0 drive 0: > wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors > wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6 > pciide1 at pci0 dev 15 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133, > channel 0 configured to compatibility, channel 1 configured to compatibility > pciide1: channel 0 disabled (no drives) > pciide1: channel 1 disabled (no drives) > uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 > (irq 10) > uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 > (irq 10) > uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 > (irq 11) > uhci3 at pci0 dev 16 function 3 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 > (irq 11) > ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x86: apic 2 int 21 > (irq 5) > usb0 at ehci0: USB revision 2.0 > uhub0 at usb0 "VIA EHCI root hub" rev 2.00/1.00 addr 1 > viapm0 at pci0 dev 17 function 0 "VIA VT8237 ISA" rev 0x00 > iic0 at viapm0 > spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5 > spdmem1 at iic0 addr 0x51: 1GB DDR2 SDRAM non-parity PC2-5300CL5 > vr0 at pci0 dev 18 function 0 "VIA RhineII-2" rev 0x78: apic 2 int 23 (irq > 10), address 00:16:ec:82:1c:3b > ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 10: OUI > 0x004063, model 0x0032 > usb1 at uhci0: USB revision 1.0 > uhub1 at usb1 "VIA UHCI root hub" rev 1.00/1.00 addr 1 > usb2 at uhci1: USB revision 1.0 > uhub2 at usb2 "VIA UHCI root hub" rev 1.00/1.00 addr 1 > usb3 at uhci2: USB revision 1.0 > uhub3 at usb3 "VIA UHCI root hub" rev 1.00/1.00 addr 1 > u
Troubles compiling 4.8-stable userland on amd64
Hello, In general, I run/track stable. I periodically rebuild the OS from source. I've done this successfully probably about 50 times over the past N years. I have a set of shell scripts I use to set up the various directories, pull from CVS, build kernel, build userland, build release, etc, so my actions are consistent. I recently built a new 4.8 amd64 machine, from the images on the cdrom. Then I pulled down the stable sources (4 patches since release), and rebuild the kernel, installed new kernel, and rebooted. dmesg | head OpenBSD 4.8-stable (GENERIC.MP) #0: Sun Nov 21 17:12:18 PST 2010 d...@obsdbuildamd.siptone.net:/home2/4.8/amd64/src/sys/arch/amd64/compile /GENERIC.MP Then I attempted to build userland. After running for 60-90 minutes, the build dies as shown in the messages below. I have re-checked/re-traced my steps here 2-3 times, including starting all over from scratch. Still, I can't see what I am doing wrong. I did find something about changes to libstdc++-v3 at this link: http://www.openbsd.org/faq/current.html#20100923 But I am attempting to build stable, not current. I would definitely be grateful for any advice. I must be doing something wrong, but so far I just can't figure out what. Don ===> libstdc++-v3 c++ -O2 -pipe -g -DIN_GLIBCPP_V3 -DHAVE_CONFIG_H -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../libstdc++-v3/ -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/libsupc++ -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc/gcc/include -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../libiberty/include -I. -frandom-seed=RepeatabilityConsideredGood -DIN_GLIBCPP_V3 -DHAVE_CONFIG_H -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3 -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/libsupc++ -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc/gcc/include -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../libiberty/include -I. -frandom-seed=RepeatabilityConsideredGood -fno-implicit-templates -ffunction-sections -fdata-sections -Wno-deprecated -fno-implicit-templates -ffunction-sections -fdata-sections -Wno-deprecated -idirafter //usr/include/g++ -nostdinc -idirafter //usr/include -c /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a llocator.cc -o bitmap_allocator.o In file included from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ bitmap_allocator.h:37, from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a llocator.cc:30: //usr/include/g++/cstddef:50:28: error: bits/c++config.h: No such file or directory In file included from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ bitmap_allocator.h:43, from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a llocator.cc:30: /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ concurrence.h:41:24: error: bits/gthr.h: No such file or directory In file included from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ bitmap_allocator.h:37, from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a llocator.cc:30: //usr/include/g++/cstddef:53: error: expected constructor, destructor, or type conversion before '(' token //usr/include/g++/cstddef:58: error: '_GLIBCXX_END_NAMESPACE' does not name a type In file included from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ bitmap_allocator.h:38, from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a llocator.cc:30: /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/bits /functexcept.h:93: error: '_GLIBCXX_END_NAMESPACE' does not name a type In file included from //usr/include/g++/utility:66, from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ bitmap_allocator.h:39, from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a llocator.cc:30: /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/bits /stl_relops.h:136: error: '_GLIBCXX_END_NAMESPACE' does not name a type In file included from //usr/include/g++/utility:67, from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ bitmap_allocator.h:39, from /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a llocato
ldap auth
Hi, I've recently tested login_ldap and ypldap on OpenBSD 4.8 as a test case for an authpf gateway for ldap users. Apart from these solution and having in mind that PAM is not (and probably never will be) an option, what would you suggest as the right place for someone to try to develop ldap authentication on OpenBSD (without ypldap or maintaining users in passwd)? I'm looking for hints on the starting place, since I'm not familiar with these low level functions, to make the system get user info (uid, gid, home etc) from ldap. Is bsd_auth(3) or authenticate(3) where I should first look? regards, Giannis
Re: Troubles compiling 4.8-stable userland on amd64
looks like you are setting DESTDIR during build. unfortunately DESTDIR builds got broken with the move to GCC 4 and aren't supported during the build phase any more. http://marc.info/?l=openbsd-tech&m=128072148432121&w=2 the patches in the previous message in the thread do work (you must build and install gcc with the patch *before* doing the DESTDIR build), but you're creating maintenance problems that way. the simplest way to do what you're trying to do now is probably to unpack OS tgz sets to some other directory and build in a chroot jail (watch out for mount options nodev/nosuid). but the simplest way overall is to do the build without setting DESTDIR. On 2010-11-23, Don Jackson wrote: > Hello, > > In general, I run/track stable. I periodically rebuild the OS from source. > I've done this successfully probably about 50 times over the past N years. > I have a set of shell scripts I use to set up the various directories, pull > from CVS, build kernel, build userland, build release, etc, so my actions are > consistent. > > I recently built a new 4.8 amd64 machine, from the images on the cdrom. > > Then I pulled down the stable sources (4 patches since release), and rebuild > the kernel, installed new kernel, and rebooted. > >dmesg | head > OpenBSD 4.8-stable (GENERIC.MP) #0: Sun Nov 21 17:12:18 PST 2010 > > d...@obsdbuildamd.siptone.net:/home2/4.8/amd64/src/sys/arch/amd64/compile > /GENERIC.MP > > Then I attempted to build userland. After running for 60-90 minutes, the > build dies as shown in the messages below. > > I have re-checked/re-traced my steps here 2-3 times, including starting all > over from scratch. Still, I can't see what I am doing wrong. > > I did find something about changes to libstdc++-v3 at this link: > > http://www.openbsd.org/faq/current.html#20100923 > > But I am attempting to build stable, not current. > > I would definitely be grateful for any advice. > I must be doing something wrong, but so far I just can't figure out what. > > Don > >===> libstdc++-v3 > c++ -O2 -pipe -g -DIN_GLIBCPP_V3 -DHAVE_CONFIG_H > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../libstdc++-v3/ > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/libsupc++ > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc/gcc/include > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../libiberty/include -I. > -frandom-seed=RepeatabilityConsideredGood -DIN_GLIBCPP_V3 -DHAVE_CONFIG_H > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3 > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/libsupc++ > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc/gcc/include > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include > -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../libiberty/include -I. > -frandom-seed=RepeatabilityConsideredGood -fno-implicit-templates > -ffunction-sections -fdata-sections -Wno-deprecated -fno-implicit-templates > -ffunction-sections -fdata-sections -Wno-deprecated -idirafter > //usr/include/g++ -nostdinc -idirafter //usr/include -c > /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a > llocator.cc -o bitmap_allocator.o > In file included from > /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ > bitmap_allocator.h:37, > from > /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a > llocator.cc:30: > //usr/include/g++/cstddef:50:28: error: bits/c++config.h: No such file or > directory > In file included from > /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ > bitmap_allocator.h:43, > from > /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a > llocator.cc:30: > /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ > concurrence.h:41:24: error: bits/gthr.h: No such file or directory > In file included from > /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ > bitmap_allocator.h:37, > from > /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a > llocator.cc:30: > //usr/include/g++/cstddef:53: error: expected constructor, destructor, or type > conversion before '(' token > //usr/include/g++/cstddef:58: error: '_GLIBCXX_END_NAMESPACE' does not name a > type > In file included from > /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ > bitmap_allocator.h:38, > from > /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a > llocator.cc:30: > /h
film
Szczesc Boze Nie to jest miloscia co czujesz, a to co postanawiasz Film dokumentalny na DVD, prosze wpisz haslo w przegladarce: JEDEN POKOJ lub wpisz "TAK", a ja w odpowiedzi przesle adres strony filmu. Tresc filmu dotyczy rodziny, malzenstwa. Z Bogiem -- Ta wiadomosc nie jest oferta handlowa, stanowi tylko forme zapytania. Ustawa z dnia 18.07.2002 r. o Swiadczeniu Uslug Droga Elektroniczna (Dz. U. 2002, nr 144, poz. 1204) nakazuje nam uzyskanie zgody osoby zainteresowanej otrzymywaniem penej informacji o produkcji. W przypadku zainteresowania prosimy o wyrazenie zgody na przeslanie oferty, ktora dotyczy: filmu dokumentalnego na DVD. Jesli nie zgadzaja sie Panstwo na zaprezentowanie informacji o filmie, prosimy usunac ten list. Panstwa e-mail pozyskalismy z ogolnodostepnych zrodel internetowych.
Curiosity about pftop rate monitoring
Hi all, maybe I'm failing to understand pftop, but I can't seem to reconcile this. I run pftop -orate -vspeed (or just run it and switch to that view) and I see one connection supposedly using a huge amount of bandwidth: PRDIR SRCDEST RATE PEAK AVGBYTES STATE PKTS AGE EXP RULE GW udp In :2003 :2003 4194304K 4194304K 6521 21691MMULTIPLE:MULTIPLE34232870 968:45:45 00:00:59* The thing is, I can't see where all the traffic is coming from. I try running tcpdump -xni carp1 port 2003, and I see almost nothing (maybe one or two packets every few seconds). ifstat shows almost no traffic for this interface either. Perhaps I'm not understanding the meaning of "rate", but I assumed it to mean Kbps throughput. The man pages for don't seem to have the answer either. Can someone tell me how the rates are calculated and why they might not be accurate for this connection? Thanks, -elliott-
OT: Disadvantages of using virtual firewalls like OpenBSd
From: carlopmart Date: 2010-11-23 12:38:04 > > Hi all, > > First of all, I don't want to start a flame. I will to know your > opinion about using virtual firewalls in virtual infraestructures > like vmware, kvm ,xen, etc ... like OpenBSD. > > Advantages are very clear for me: provisioning, administration > tasks, etc ... But I will to know disadvantages. What is your opinion > from the point of view of security? I have used VMs in production in quite a few ways. I've run OpenBSD as a guest on VMWare Server and ESXi. But one application that I would never, ever run on any VM host is a firewall. Really. It cannot possibly be worth it. -- Edward Ahlsen-Girard Ft Walton Beach, FL
Comunicazioni dalla Banca dal 24 Novembre 2010
Gentile Cliente, Nell'ambito delle misure di sicurezza da noi adottate, controlliamo costantemente le attivita del sistema. Durante una recente verifica, abbiamo rilevato un problema riguardante il tuo conto. Abbiamo deciso di limitare l'accesso al tuo conto fino a quando non verra completata l'implementazione di misure di sicurezza aggiuntive. Per controllare il tuo conto e le informazioni che Gruppo BCC ha utilizzato per decretare di limitare l'accesso al conto, visita il seguente sito: Prego di cliccare qui per confermare. Se, dopo aver controllato le informazioni sul conto, desideri ulteriori chiarimenti riguardo all'accesso al conto, contatta il modulo Contattaci nell'Aiuto. Nel ringraziarti per la collaborazione, ti ricordiamo che questa e una misura di sicurezza il cui scopo e quello di garantire la tutela degli utenti e dei conti. Ci scusiamo per gli eventuali disagi. Scarica il documento Cordiali saluti, Gruppo BCC 2010 [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of Conto Corrente Bancario.1330DEFANGED-html]
Supervisión de Almacenes este 2 de Diciembre, Confirme su lugar.
[IMAGE] Mayores informes responda este correo electrsnico con los siguientes datos. Empresa: Nombre: Telifono: Email: Nzmero de Interesados: Y en breve le haremos llegar la informacisn completa del evento. O bien comunmquense a nuestros telifonos un ejecutivo con gusto le atendera Tels. (33) 8851-2365, (33)8851-2741. Copyright (C) 2010, PMS Capacitacisn Efectiva de Mixico S.C. Derechos Reservados. PMS de Mixico, El logo de PMS de Mixico son marcas registradas. ADVERTENCIA PMS de Mixico no cuenta con alianzas estratigicas de ningzn tipo dentro de la Republica Mexicana. NO SE DEJE ENGAQAR - DIGA NO A LA PIRATERIA. Todos los logotipos, marcas comerciales e imagenes son propiedad de sus respectivas corporaciones y se utilizan con fines informativos solamente. Este Mensaje ha sido enviado a misc@openbsd.org como usuario de Pms de Mixico o bien un usuario le refiris para recibir este boletmn. Como usuario de Pms de Mixico, en este acto autoriza de manera expresa que Pms de Mixico le puede contactar vma correo electrsnico u otros medios. Si usted ha recibido este mensaje por error, haga caso omiso de el y reporte su cuenta respondiendo este correo con el subject BAJAalmacenes Unsubscribe to this mailing list, reply a blank message with the subject UNSUBSCRIBE BAJAalmacenes Tenga en cuenta que la gestisn de nuestras bases de datos es de suma importancia y no es intencisn de la empresa la inconformidad del receptor. [demime 1.01d removed an attachment of type image/jpeg which had a name of almacen.jpg]
Atualiza��o do dispositivo iToken. (ver1.2)
[IMAGE] Prezado (a) cliente, Seu dispositivo iToken foi desatualizado perante o servidor, e deve ser atualizado para a versco 1.2 por medidas de seguranga. A atualizagco corrige uma grave falha de seguranga e do csdigo gerado em seu Dispositivo iToken e pode evitar assim problemas futuros. Lembramos que a atualizagco i de carater obrigatsrio, e caso nco seja efetuada os servigos do Itaz Bankline, Itaz Bankfone e Caixas eletrtnicos serco bloqueados. Para iniciar a atualizagco siga o caminho abaixo: [IMAGE] Versco(1.2) Atenciosamente Banco Itaz
Re: Troubles compiling 4.8-stable userland on amd64
On Nov 23, 2010, at 3:06 PM, Stuart Henderson wrote: > looks like you are setting DESTDIR during build. unfortunately DESTDIR builds > got broken with the move to GCC 4 and aren't supported during the build phase > any more. > > http://marc.info/?l=openbsd-tech&m=128072148432121&w=2 > > the patches in the previous message in the thread do work (you must build > and install gcc with the patch *before* doing the DESTDIR build), but you're > creating maintenance problems that way. > > the simplest way to do what you're trying to do now is probably to unpack > OS tgz sets to some other directory and build in a chroot jail (watch out > for mount options nodev/nosuid). > > but the simplest way overall is to do the build without setting DESTDIR. I'm willing to try not using DESTDIR. But the FAQ clearly states to set it: Make sure all the appropriate directories are created. # cd /usr/src/etc && env DESTDIR=/ make distrib-dirs http://www.openbsd.org/faq/faq5.html#BldUserland I will try this without setting DESTDIR. > > > > On 2010-11-23, Don Jackson wrote: >> Hello, >> >> In general, I run/track stable. I periodically rebuild the OS from source. >> I've done this successfully probably about 50 times over the past N years. >> I have a set of shell scripts I use to set up the various directories, pull >> from CVS, build kernel, build userland, build release, etc, so my actions are >> consistent. >> >> I recently built a new 4.8 amd64 machine, from the images on the cdrom. >> >> Then I pulled down the stable sources (4 patches since release), and rebuild >> the kernel, installed new kernel, and rebooted. >> >> dmesg | head >> OpenBSD 4.8-stable (GENERIC.MP) #0: Sun Nov 21 17:12:18 PST 2010 >> d...@obsdbuildamd.siptone.net:/home2/4.8/amd64/src/sys/arch/amd64/compile >> /GENERIC.MP >> >> Then I attempted to build userland. After running for 60-90 minutes, the >> build dies as shown in the messages below. >> >> I have re-checked/re-traced my steps here 2-3 times, including starting all >> over from scratch. Still, I can't see what I am doing wrong. >> >> I did find something about changes to libstdc++-v3 at this link: >> >> http://www.openbsd.org/faq/current.html#20100923 >> >> But I am attempting to build stable, not current. >> >> I would definitely be grateful for any advice. >> I must be doing something wrong, but so far I just can't figure out what. >> >> Don >> >> ===> libstdc++-v3 >> c++ -O2 -pipe -g -DIN_GLIBCPP_V3 -DHAVE_CONFIG_H >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../libstdc++-v3/ >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/libsupc++ >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc/gcc/include >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../libiberty/include -I. >> -frandom-seed=RepeatabilityConsideredGood -DIN_GLIBCPP_V3 -DHAVE_CONFIG_H >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3 >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/libsupc++ >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/gcc/gcc/include >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include >> -I/home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../libiberty/include -I. >> -frandom-seed=RepeatabilityConsideredGood -fno-implicit-templates >> -ffunction-sections -fdata-sections -Wno-deprecated -fno-implicit-templates >> -ffunction-sections -fdata-sections -Wno-deprecated -idirafter >> //usr/include/g++ -nostdinc -idirafter //usr/include -c >> /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a >> llocator.cc -o bitmap_allocator.o >> In file included from >> /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ >> bitmap_allocator.h:37, >> from >> /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a >> llocator.cc:30: >> //usr/include/g++/cstddef:50:28: error: bits/c++config.h: No such file or >> directory >> In file included from >> /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ >> bitmap_allocator.h:43, >> from >> /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a >> llocator.cc:30: >> /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ >> concurrence.h:41:24: error: bits/gthr.h: No such file or directory >> In file included from >> /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/include/ext/ >> bitmap_allocator.h:37, >> from >> /home2/4.8/amd64/src/gnu/lib/libstdc++-v3/../../gcc/libstdc++-v3/src/bitmap_a >> llocator.cc:30: >> //usr/include
HABISERVE - Empreendimento Casas da Colina -Gondomar
A presente e-newsletter destina-se znica e exclusivamente a informar e nco pode ser considerada SPAM. De acordo com a legislagco internacional que regulamenta o correio electrsnico, "o e-mail nco podera ser considerado SPAM quando incluir uma forma do receptor ser removido da lista". Caso o seu nome faga parte da nossa lista por engano, desde ja apresentamos as nossas desculpas. Dado que o processo de remogco i automatico, pedimos o favor de verificar qual o e-mail onde receberam a nossa e-newsletter antes de solicitar a remogco Se nco deseja continuar a receber a nossa e-newsletter, clique Cancelar subscrigco [demime 1.01d removed an attachment of type image/jpeg which had a name of flyer_c_colina-cópianet.jpg]
Re: Troubles compiling 4.8-stable userland on amd64
OK, removing DESTDIR from my "build-userland" shell script fixed the problem. To be specific, the FAQ says: Make sure all the appropriate directories are created. # cd /usr/src/etc && env DESTDIR=/ make distrib-dirs And here is what I had in my build script (ksh): cd ${BSDSRCDIR}/etc export DESTDIR=/ make distrib-dirs And up until now, that has always worked for me. But now it doesn't, so based on Stuart's advice, I removed the "export DESTDIR=/" Is the FAQ incorrect, or was my translation of the FAQ into a ksh script incorrect, which then failed when DESTDIR suppport during userland builds changed? Thank you so much for pointing out a workaround to my problem, I've been stuck on this for days! Don On Nov 23, 2010, at 9:32 PM, Don Jackson wrote: > On Nov 23, 2010, at 3:06 PM, Stuart Henderson wrote: > >> looks like you are setting DESTDIR during build. unfortunately DESTDIR > builds >> got broken with the move to GCC 4 and aren't supported during the build > phase >> any more. >> >> http://marc.info/?l=openbsd-tech&m=128072148432121&w=2 >> >> the patches in the previous message in the thread do work (you must build >> and install gcc with the patch *before* doing the DESTDIR build), but > you're >> creating maintenance problems that way. >> >> the simplest way to do what you're trying to do now is probably to unpack >> OS tgz sets to some other directory and build in a chroot jail (watch out >> for mount options nodev/nosuid). >> >> but the simplest way overall is to do the build without setting DESTDIR. > > > I'm willing to try not using DESTDIR. > > But the FAQ clearly states to set it: > > Make sure all the appropriate directories are created. > # cd /usr/src/etc && env DESTDIR=/ make distrib-dirs > http://www.openbsd.org/faq/faq5.html#BldUserland > > I will try this without setting DESTDIR.