pfsync defer, ipv6 delay problem

[Marco Fretz]

Hi,

I have a problem with ipv6 connections and firewalls with enabled
pfsync defer. IPv4 inital packets are forwarded without noticeable
delay. IPv6 inital packes are delayed by 0.5-2 seconds.

The situation looks like this:

2 firewalls at main site
2 firewalls at remote site

firewalls are redundant with carp and pfsync.

master firewall (site1) has a gif / ipsec tunnel to master firewall (site2)
slave firewall (site1) has gif / ipsec tunnel to slave firewall (site2)

ospf is running over the gif tunnels and internal network. defer is
needed to use both tunnels for redundancy. working great.

currently I just use ipv4 traffic trough the gif tunnels and also no
ospf for ipv6 is running at all.

the firewalls are fully ipv6 enabled and office network and some
servers at site1 need ipv6 internet access.

unfortunately this ipv6 internet traffic is affected by the pfsync defer.

site 1
~ $ netstat -sp pfsync
pfsync:
65205 packets received (IPv4)
0 packets received (IPv6)
0 packets discarded for bad interface
0 packets discarded for bad ttl
0 packets shorter than header
0 packets discarded for bad version
0 packets discarded for bad HMAC
0 packets discarded for bad action
0 packets discarded for short packet
9261 states discarded for bad values
1045 stale states
347 failed state lookup/inserts
4879875 packets sent (IPv4)
0 packets sent (IPv6)
0 send failed due to mbuf memory error
0 send error
site 2
~ $  netstat -sp pfsync
pfsync:
4878073 packets received (IPv4)
0 packets received (IPv6)
0 packets discarded for bad interface
0 packets discarded for bad ttl
0 packets shorter than header
0 packets discarded for bad version
0 packets discarded for bad HMAC
0 packets discarded for bad action
0 packets discarded for short packet
464 states discarded for bad values
2037 stale states
21950 failed state lookup/inserts
483946 packets sent (IPv4)
0 packets sent (IPv6)
0 send failed due to mbuf memory error
0 send error

the delay for ipv6 connections for the initial packet is gone as soon
I do a ifconfig pfsync0 -defer.

any ideas?

thanks in advance for any hints on this.

greets
marco

Re: insecure scheduler in OpenBSD 4.7

[Kevin Chadwick]

On Thu, 16 Dec 2010 19:56:50 -0500
Jeremy O'Brien obrien6...@gmail.com wrote:

 On Tue, Oct 12, 2010 at 01:57:20PM +0200, Alexandre Ratchov wrote:
  On Tue, Oct 12, 2010 at 12:41:04AM +0400, Dmitry-T wrote:
   Try to recover ballance:
   renice 20 -p 30996
   renice -20 -p 21919 25914 754
   ^
  
  If you run any cpu bound process with priority -20, you will give all
  the cpu to that process, without giving any chance to other processes
  to run, so your box will hang until it terminates. This requires root
  privileges.
  
   
   It is not secure. One user script or program may load CPU and
   database or another servers lost speed in disk operations.
   This is hole for DOS attacks in OpenBSD design.
  
  Yeah, this is an attack root can do by renicing a cpu bound process,
  but ``rm -rf /'' is much easier, isn't it?
 
 I was curious why no one brought this up earlier. A normal user _can't_
 nice processes to anything below 0. Therefore this point is moot.
 

It's definately in there and in a couple of places I think, among the
chaff, It turned into two threads. I couldn't recreate the
problem originally stated either. There was some differences to the
Linux scheduler and disk io brought up that was slightly debateable but
generally favoured the linux scheduler atleast when taken by itself,
AFAIK.

Old IPSEC bug

[Joachim Schipper]

I'm sure most of you are already aware, but
http://news.ycombinator.com/item?id=2014004 suggests that Jason fixed a
potentially-dangerous bug in the IPSEC code in the NETSEC timeframe
(src/sys/netinet/ip_esp.c r1.75).

Joachim

Re: Clarification smtpd.conf(5)

[Gilles Chehade]

Sorry for the delay, I didn't have a clear mind when I received your
mail and didn't understand exactly what you meant :-)

You are right this behavior is not documented, we'll fix it shortly
with a little rephrasing. 

however, on a related note, I also have plans to change this code a 
bit so that we can specify filenames rather than certnames from which 
we infer .crt and .key, this would allow to store key's and cert's in
separate directories for example.

Anyways, thanks for your diff

Gilles


On Fri, Dec 17, 2010 at 04:53:35AM +0530, Sunil Nimmagadda wrote:
 I am new to OpenBSD and smtpd, please ignore if this is too trivial to
 inform. Smtpd checks for two files instead of one when no certificate
 name is specified for listen on. Though one of the examples shows
 exactly what has to be done, I thought it helps mentioning explicitly.
 
 Index: smtpd.conf.5
 ===
 RCS file: /cvs/src/usr.sbin/smtpd/smtpd.conf.5,v
 retrieving revision 1.36
 diff -u -r1.36 smtpd.conf.5
 --- smtpd.conf.529 Oct 2010 09:16:08 -  1.36
 +++ smtpd.conf.516 Dec 2010 22:53:51 -
 @@ -116,9 +116,9 @@
  .Ar name
  is specified, the
  .Pa /etc/mail/certs
 -directory is searched for a file named by joining
 -the interface name with a .crt extension, e.g.\
 -.Pa /etc/mail/certs/fxp0.crt .
 +directory is searched for files named by joining
 +the interface name with .crt, .key extensions, e.g.\
 +.Pa /etc/mail/certs/fxp0.crt /etc/mail/certs/fxp0.key .
  .Pp
  If the
  .Ic enable auth
 

-- 
Gilles Chehade
freelance developer/sysadmin/consultant

   http://www.poolp.org

RAVIE DE FAIRE TA CONNAISSANCE

[Mnass Caroline (via Multiply)]

This is a MIME-encoded message that mnass21 sent through Multiply.  To read
it, you need a HTML-capable mail client.

Re: 4.8 breaks ral (hostap) for me

[stolendata.net]

Out of curiosity, could you post your hostname.xxx configuration
files? (minus the sensitive parts of course, like wpa-psk info etc.)


On Sun, Dec 12, 2010 at 3:33 PM, Snoop sn...@email.it wrote:
 Hi Stephen (and anyone else),
 I'm experiencing your same problem. I was looking for a solution on the
 web but I'd say unsuccessfully. I couldn't found any reply to his
 complaint (that is in fact the only one I've found around) and I was
 wondering if you received a solution or a tip in private.

 Sorry for this late email, I usually don't like to disturb others and it
 usually works (I found the solution on internet). But in this case I
 didn't find anything at all! And this quite impressed me. I was thinking
 that ral as AP was widely used too.

 Thanks in advance, any tip/direction is more than welcome.

 On Tue, 2010-11-30 at 03:33 +, Stephen Biggs wrote:
 Running 4.8 patch/stable with all updated, apm disable via config, upgraded
from
 4.7 patch/stable.

 Any time ral0 is initialized (in hostap mode) using, say, sh /etc/netstart,
the
 following message is shown on the console:
 ral0: timeout waiting for BBP

 The code shows that when this happens, the device initialization is aborted
and
 EIO error is returned, making 4.8 patch/stable useless for running the box
as a
 wireless access point using ral.

 This may ordinarily point to hardware failing except for two things:
 1. checking the code shows that the busy bit is actually cleared because
no
 cannot read from BBP message is seen, only a 0 is returned from the
version
 flash read. My guess is that some firmware is being loaded wrong onto the
 hardware in 4.8?
 ...and
 2. ral0 initializes just fine without the timeout using either my previous
4.7
 kernel, or the -current kernel which I am running now.

 The relevant parts of dmesg (relevant imho; if there is more that is
needed,
 please advise) are:
 ral0 at pci0 dev 14 function 0 Ralink RT2561S rev 0x00: irq 3, address
00:24:1
 d:39:f6:84
 ral0: MAC/BBP RT2561C, RF RT2527

 Also, pcidump -v shows for this device:
 B 0:14:0: Ralink RT2561S
 B  B  B  B  0x: Vendor ID: 1814 Product ID: 0301
 B  B  B  B  0x0004: Command: 0017 Status ID: 0410
 B  B  B  B  0x0008: Class: 02 Subclass: 80 Interface: 00 Revision: 00
 B  B  B  B  0x000c: BIST: 00 Header Type: 00 Latency Timer: 20 Cache Line
Size: 08
 B  B  B  B  0x0010: BAR mem 32bit addr: 0xe380
 B  B  B  B  0x0014: BAR empty ()
 B  B  B  B  0x0018: BAR empty ()
 B  B  B  B  0x001c: BAR empty ()
 B  B  B  B  0x0020: BAR empty ()
 B  B  B  B  0x0024: BAR empty ()
 B  B  B  B  0x0028: Cardbus CIS: 0601
 B  B  B  B  0x002c: Subsystem Vendor ID: 1458 Product ID: e934
 B  B  B  B  0x0030: Expansion ROM Base Address: 
 B  B  B  B  0x0038: 
 B  B  B  B  0x003c: Interrupt Pin: 01 Line: 03 Min Gnt: 00 Max Lat: 00
 B  B  B  B  0x0040: Capability 0x01: Power Management

 I don't know what to do next here. I am understandably very apprehensive
about
 running a -current kernel on top of a 4.8 stable userland. B I don't want
to be
 running -current at all.

 I was thinking about posting a bug using sendbug but that seems a bit
pointless
 considering that I am right now running the -current kernel.

 The best case scenario would be for whomever knows what causes the
-current
 kernel to work in this instance to post what relevant changes there are (or
a
 patch?) or better yet, post a patch to the errata so I can go back to a
4.8
 stable kernel with the patch.

 What is interesting about this is that I can't find any other mention of
this
 problem anywhere else on the Internet. B I would have thought that a lot
of
 people would be running ral0 as an access point and would have found this.

 If this is only local to me, I would sure appreciate any advice on how to
track
 this down.





 B --
 B Caselle da 1GB, trasmetti allegati fino a 3GB e in piu' IMAP, POP3 e SMTP
autenticato? GRATIS solo con Email.it http://www.email.it/f

 B Sponsor:
 B Idee Regalo Personalizzate a partire da euro 3.90! Su MisterCupido.com
alta qualit` a prezzi imbattibili... e questa settimana GRATIS per te, la
confezione regalo!
 B Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=11027d=12-12

Re: 4.8 breaks ral (hostap) for me

[Snoop]

Hi there,
because of my needs I'm using a small script to start the AP that by the way 
includes the following command line:
ifconfig ral0 inet $AP_IPADDR netmask $AP_SUBMASK media autoselect mediaopt 
hostap mode $MODE chan $CHAN bssid $MAC_MASK nwid $NWID -powersave wpa wpaakms 
psk wpaciphers ccmp wpagroupcipher ccmp wpaprotos wpa2 wpapsk `cat 
/root/WPA-PSK-64HEX` debug up

and for the record:
$MODE=11g
$CHAN (I've tried many)
-powersave (disabled on purpose as not supported)

This was working flawlessly for the last three releases on two different
APs which have different hardware.

Are you experiencing the same problem?



On Fri, 2010-12-17 at 13:50 +0100, stolendata.net wrote:
 Out of curiosity, could you post your hostname.xxx configuration
 files? (minus the sensitive parts of course, like wpa-psk info etc.)
 
 
 On Sun, Dec 12, 2010 at 3:33 PM, Snoop sn...@email.it wrote:
  Hi Stephen (and anyone else),
  I'm experiencing your same problem. I was looking for a solution on the
  web but I'd say unsuccessfully. I couldn't found any reply to his
  complaint (that is in fact the only one I've found around) and I was
  wondering if you received a solution or a tip in private.
 
  Sorry for this late email, I usually don't like to disturb others and it
  usually works (I found the solution on internet). But in this case I
  didn't find anything at all! And this quite impressed me. I was thinking
  that ral as AP was widely used too.
 
  Thanks in advance, any tip/direction is more than welcome.
 
  On Tue, 2010-11-30 at 03:33 +, Stephen Biggs wrote:
  Running 4.8 patch/stable with all updated, apm disable via config, upgraded
 from
  4.7 patch/stable.
 
  Any time ral0 is initialized (in hostap mode) using, say, sh /etc/netstart,
 the
  following message is shown on the console:
  ral0: timeout waiting for BBP
 
  The code shows that when this happens, the device initialization is aborted
 and
  EIO error is returned, making 4.8 patch/stable useless for running the box
 as a
  wireless access point using ral.
 
  This may ordinarily point to hardware failing except for two things:
  1. checking the code shows that the busy bit is actually cleared because
 no
  cannot read from BBP message is seen, only a 0 is returned from the
 version
  flash read. My guess is that some firmware is being loaded wrong onto the
  hardware in 4.8?
  ...and
  2. ral0 initializes just fine without the timeout using either my previous
 4.7
  kernel, or the -current kernel which I am running now.
 
  The relevant parts of dmesg (relevant imho; if there is more that is
 needed,
  please advise) are:
  ral0 at pci0 dev 14 function 0 Ralink RT2561S rev 0x00: irq 3, address
 00:24:1
  d:39:f6:84
  ral0: MAC/BBP RT2561C, RF RT2527
 
  Also, pcidump -v shows for this device:
  B 0:14:0: Ralink RT2561S
  B  B  B  B  0x: Vendor ID: 1814 Product ID: 0301
  B  B  B  B  0x0004: Command: 0017 Status ID: 0410
  B  B  B  B  0x0008: Class: 02 Subclass: 80 Interface: 00 Revision: 00
  B  B  B  B  0x000c: BIST: 00 Header Type: 00 Latency Timer: 20 Cache Line
 Size: 08
  B  B  B  B  0x0010: BAR mem 32bit addr: 0xe380
  B  B  B  B  0x0014: BAR empty ()
  B  B  B  B  0x0018: BAR empty ()
  B  B  B  B  0x001c: BAR empty ()
  B  B  B  B  0x0020: BAR empty ()
  B  B  B  B  0x0024: BAR empty ()
  B  B  B  B  0x0028: Cardbus CIS: 0601
  B  B  B  B  0x002c: Subsystem Vendor ID: 1458 Product ID: e934
  B  B  B  B  0x0030: Expansion ROM Base Address: 
  B  B  B  B  0x0038: 
  B  B  B  B  0x003c: Interrupt Pin: 01 Line: 03 Min Gnt: 00 Max Lat: 00
  B  B  B  B  0x0040: Capability 0x01: Power Management
 
  I don't know what to do next here. I am understandably very apprehensive
 about
  running a -current kernel on top of a 4.8 stable userland. B I don't want
 to be
  running -current at all.
 
  I was thinking about posting a bug using sendbug but that seems a bit
 pointless
  considering that I am right now running the -current kernel.
 
  The best case scenario would be for whomever knows what causes the
 -current
  kernel to work in this instance to post what relevant changes there are (or
 a
  patch?) or better yet, post a patch to the errata so I can go back to a
 4.8
  stable kernel with the patch.
 
  What is interesting about this is that I can't find any other mention of
 this
  problem anywhere else on the Internet. B I would have thought that a lot
 of
  people would be running ral0 as an access point and would have found this.
 
  If this is only local to me, I would sure appreciate any advice on how to
 track
  this down.
 
 
 
 
 
  B --
  B Caselle da 1GB, trasmetti allegati fino a 3GB e in piu' IMAP, POP3 e SMTP
 autenticato? GRATIS solo con Email.it http://www.email.it/f
 
  B Sponsor:
  B Idee Regalo Personalizzate a partire da euro 3.90! Su MisterCupido.com
 alta qualit` a prezzi imbattibili... e questa settimana GRATIS per te, la
 confezione regalo!
  B Clicca 

font size in applications are huge in my VM instance

[Bryan]

Greetings,

I use my OpenBSD at work on a VMware instance.  I have tried this in
my default WM (scrotwm), and also in fluxbox.  When I launch an
application, like Gimp, or Firefox in my VM instance, the fonts in the
dialog boxes, menus, and toolbars are large, like someone did a
'Ctrl+' in firefox to increase the font. The resolution on the
instance is 1280x1024, because xrandr won't emulate a 1680x1050
screen.

I have a screenshot here:

http://picasaweb.google.com/lh/photo/DRmfBOWqCpl64VFjc_5kwPpTm2ZJIAmfG4KTNOagEkk?feat=directlink


vmt0 appears to work well, as does 'vmwh' from ports...


OpenBSD 4.8-current (GENERIC.MP) #16: Fri Dec 10 12:31:59 CST 2010

r...@openbsd-amd64-v0.ultra-ats.com:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 1236205568 (1178MB)
avail mem = 1189343232 (1134MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe4010 (45 entries)
bios0: vendor Phoenix Technologies LTD version 6.00 date 08/15/2008
bios0: VMware, Inc. VMware Virtual Platform
acpi0 at bios0: rev 2
acpi0: sleep states S0 S1 S4 S5
acpi0: tables DSDT FACP BOOT APIC MCFG SRAT
acpi0: wakeup devices PCI0(S3) USB_(S1) P2P0(S3) S1F0(S3) S2F0(S3)
S3F0(S3) S4F0(S3) S5F0(S3) S6F0(S3) S7F0(S3) S8F0(S3) S9F0(S3)
Z00P(S3) Z00Q(S3) Z00R(S3) Z00S(S3) Z00T(S3) Z00U(S3) Z00V(S3)
Z00W(S3) Z00X(S3
) Z00Y(S3) Z00Z(S3) Z010(S3) Z011(S3) Z012(S3) Z013(S3) Z014(S3)
Z015(S3) Z016(S3) Z017(S3) Z018(S3) Z019(S3) Z01A(S3) Z01B(S3)
P2P1(S3) S1F0(S3) S2F0(S3) S3F0(S3) S4F0(S3) S5F0(S3) S6F0(S3)
S7F0(S3) S8F0(S3)
S9F0(S3) Z00P(S3) Z00Q(S3) Z00R(S3) Z00S(S3) Z00T(S3) Z00U(S3)
Z00V(S3) Z00W(S3) Z00X(S3) Z00Y(S3) Z00Z(S3) Z010(S3) Z011(S3)
Z012(S3) Z013(S3) Z014(S3) Z015(S3) Z016(S3) Z017(S3) Z018(S3)
Z019(S3) Z01A(S3) Z0
1B(S3) P2P2(S3) S1F0(S3) S2F0(S3) S3F0(S3) S4F0(S3) S5F0(S3) S6F0(S3)
S7F0(S3) S8F0(S3) S9F0(S3) Z00P(S3) Z00Q(S3) Z00R(S3) Z00S(S3)
Z00T(S3) Z00U(S3) Z00V(S3) Z00W(S3) Z00X(S3) Z00Y(S3) Z00Z(S3)
Z010(S3) Z011
(S3) Z012(S3) Z013(S3) Z014(S3) Z015(S3) Z016(S3) Z017(S3) Z018(S3)
Z019(S3) Z01A(S3) Z01B(S3) P2P3(S3) S1F0(S3) S2F0(S3) S3F0(S3)
S4F0(S3) S5F0(S3) S6F0(S3) S7F0(S3) S8F0(S3) S9F0(S3) Z00P(S3)
Z00Q(S3) Z00R(S
3) Z00S(S3) Z00T(S3) Z00U(S3) Z00V(S3) Z00W(S3) Z00X(S3) Z00Y(S3)
Z00Z(S3) Z010(S3) Z011(S3) Z012(S3) Z013(S3) Z014(S3) Z015(S3)
Z016(S3) Z017(S3) Z018(S3) Z019(S3) Z01A(S3) Z01B(S3) PE40(S3)
S1F0(S3) PE50(S3)
 S1F0(S3) PE60(S3) S1F0(S3) PE70(S3) S1F0(S3) PE80(S3) S1F0(S3)
PE90(S3) S1F0(S3) PEA0(S3) S1F0(S3) PEB0(S3) S1F0(S3) PEC0(S3)
S1F0(S3) PED0(S3) S1F0(S3) PEE0(S3) S1F0(S3) PE41(S3) S1F0(S3)
PE42(S3) S1F0(S3) P
E43(S3) S1F0(S3) PE44(S3) S1F0(S3) PE45(S3) S1F0(S3) PE46(S3) S1F0(S3)
PE47(S3) S1F0(S3) PE51(S3) S1F0(S3) PE52(S3) S1F0(S3) PE53(S3)
S1F0(S3) PE54(S3) S1F0(S3) PE55(S3) S1F0(S3) PE56(S3) S1F0(S3)
PE57(S3) S1F
0(S3) PE61(S3) S1F0(S3) PE62(S3) S1F0(S3) PE63(S3) S1F0(S3) PE64(S3)
S1F0(S3) PE65(S3) S1F0(S3) PE66(S3) S1F0(S3) PE67(S3) S1F0(S3)
PE71(S3) S1F0(S3) PE72(S3) S1F0(S3) PE73(S3) S1F0(S3) PE74(S3)
S1F0(S3) PE75(
S3) S1F0(S3) PE76(S3) S1F0(S3) PE77(S3) S1F0(S3) PE81(S3) S1F0(S3)
PE82(S3) S1F0(S3) PE83(S3) S1F0(S3) PE84(S3) S1F0(S3) PE85(S3)
S1F0(S3) PE86(S3) S1F0(S3) PE87(S3) S1F0(S3) PE91(S3) S1F0(S3)
PE92(S3) S1F0(S3
) PE93(S3) S1F0(S3) PE94(S3) S1F0(S3) PE95(S3) S1F0(S3) PE96(S3)
S1F0(S3) PE97(S3) S1F0(S3) PEA1(S3) S1F0(S3) PEA2(S3) S1F0(S3)
PEA3(S3) S1F0(S3) PEA4(S3) S1F0(S3) PEA5(S3) S1F0(S3) PEA6(S3)
S1F0(S3) PEA7(S3)
S1F0(S3) PEB1(S3) S1F0(S3) PEB2(S3) S1F0(S3) PEB3(S3) S1F0(S3)
PEB4(S3) S1F0(S3) PEB5(S3) S1F0(S3) PEB6(S3) S1F0(S3) PEB7(S3)
S1F0(S3) SLPB(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz, 2667.24 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,SSE3,SSSE3,CX16,NXE,LONG
cpu0: 4MB 64b/line 16-way L2 cache
cpu0: apic clock running at 65MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz, 2666.86 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,SSE3,SSSE3,CX16,NXE,LONG
cpu1: 4MB 64b/line 16-way L2 cache
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0
acpicpu1 at acpi0
acpibat0 at acpi0: BAT1 not present
acpibat1 at acpi0: BAT2 not present
acpiac0 at acpi0: AC unit online
acpibtn0 at acpi0: SLPB
vmt0 at mainbus0
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x01
ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x01
pci1 at ppb0 bus 1
pcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x08
pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at pciide0 channel 0 drive 0: VMware Virtual IDE Hard Drive
wd0: 64-sector PIO, LBA, 51200MB, 104857600 sectors

Re: font size in applications are huge in my VM instance

[Gonzalo L. R.]

maybe you need something like this:

~ $ cat .gtkrc-2.0
gtk-font-name = Sans 8

in your home.

El 12/17/10 11:55, Bryan escribiC3:

Greetings,

I use my OpenBSD at work on a VMware instance.  I have tried this in
my default WM (scrotwm), and also in fluxbox.  When I launch an
application, like Gimp, or Firefox in my VM instance, the fonts in the
dialog boxes, menus, and toolbars are large, like someone did a
'Ctrl+' in firefox to increase the font. The resolution on the
instance is 1280x1024, because xrandr won't emulate a 1680x1050
screen.

I have a screenshot here:

http://picasaweb.google.com/lh/photo/DRmfBOWqCpl64VFjc_5kwPpTm2ZJIAmfG4KTNOagEkk?feat=directlink


vmt0 appears to work well, as does 'vmwh' from ports...


OpenBSD 4.8-current (GENERIC.MP) #16: Fri Dec 10 12:31:59 CST 2010
 
r...@openbsd-amd64-v0.ultra-ats.com:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 1236205568 (1178MB)
avail mem = 1189343232 (1134MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe4010 (45 entries)
bios0: vendor Phoenix Technologies LTD version 6.00 date 08/15/2008
bios0: VMware, Inc. VMware Virtual Platform
acpi0 at bios0: rev 2
acpi0: sleep states S0 S1 S4 S5
acpi0: tables DSDT FACP BOOT APIC MCFG SRAT
acpi0: wakeup devices PCI0(S3) USB_(S1) P2P0(S3) S1F0(S3) S2F0(S3)
S3F0(S3) S4F0(S3) S5F0(S3) S6F0(S3) S7F0(S3) S8F0(S3) S9F0(S3)
Z00P(S3) Z00Q(S3) Z00R(S3) Z00S(S3) Z00T(S3) Z00U(S3) Z00V(S3)
Z00W(S3) Z00X(S3
) Z00Y(S3) Z00Z(S3) Z010(S3) Z011(S3) Z012(S3) Z013(S3) Z014(S3)
Z015(S3) Z016(S3) Z017(S3) Z018(S3) Z019(S3) Z01A(S3) Z01B(S3)
P2P1(S3) S1F0(S3) S2F0(S3) S3F0(S3) S4F0(S3) S5F0(S3) S6F0(S3)
S7F0(S3) S8F0(S3)
S9F0(S3) Z00P(S3) Z00Q(S3) Z00R(S3) Z00S(S3) Z00T(S3) Z00U(S3)
Z00V(S3) Z00W(S3) Z00X(S3) Z00Y(S3) Z00Z(S3) Z010(S3) Z011(S3)
Z012(S3) Z013(S3) Z014(S3) Z015(S3) Z016(S3) Z017(S3) Z018(S3)
Z019(S3) Z01A(S3) Z0
1B(S3) P2P2(S3) S1F0(S3) S2F0(S3) S3F0(S3) S4F0(S3) S5F0(S3) S6F0(S3)
S7F0(S3) S8F0(S3) S9F0(S3) Z00P(S3) Z00Q(S3) Z00R(S3) Z00S(S3)
Z00T(S3) Z00U(S3) Z00V(S3) Z00W(S3) Z00X(S3) Z00Y(S3) Z00Z(S3)
Z010(S3) Z011
(S3) Z012(S3) Z013(S3) Z014(S3) Z015(S3) Z016(S3) Z017(S3) Z018(S3)
Z019(S3) Z01A(S3) Z01B(S3) P2P3(S3) S1F0(S3) S2F0(S3) S3F0(S3)
S4F0(S3) S5F0(S3) S6F0(S3) S7F0(S3) S8F0(S3) S9F0(S3) Z00P(S3)
Z00Q(S3) Z00R(S
3) Z00S(S3) Z00T(S3) Z00U(S3) Z00V(S3) Z00W(S3) Z00X(S3) Z00Y(S3)
Z00Z(S3) Z010(S3) Z011(S3) Z012(S3) Z013(S3) Z014(S3) Z015(S3)
Z016(S3) Z017(S3) Z018(S3) Z019(S3) Z01A(S3) Z01B(S3) PE40(S3)
S1F0(S3) PE50(S3)
  S1F0(S3) PE60(S3) S1F0(S3) PE70(S3) S1F0(S3) PE80(S3) S1F0(S3)
PE90(S3) S1F0(S3) PEA0(S3) S1F0(S3) PEB0(S3) S1F0(S3) PEC0(S3)
S1F0(S3) PED0(S3) S1F0(S3) PEE0(S3) S1F0(S3) PE41(S3) S1F0(S3)
PE42(S3) S1F0(S3) P
E43(S3) S1F0(S3) PE44(S3) S1F0(S3) PE45(S3) S1F0(S3) PE46(S3) S1F0(S3)
PE47(S3) S1F0(S3) PE51(S3) S1F0(S3) PE52(S3) S1F0(S3) PE53(S3)
S1F0(S3) PE54(S3) S1F0(S3) PE55(S3) S1F0(S3) PE56(S3) S1F0(S3)
PE57(S3) S1F
0(S3) PE61(S3) S1F0(S3) PE62(S3) S1F0(S3) PE63(S3) S1F0(S3) PE64(S3)
S1F0(S3) PE65(S3) S1F0(S3) PE66(S3) S1F0(S3) PE67(S3) S1F0(S3)
PE71(S3) S1F0(S3) PE72(S3) S1F0(S3) PE73(S3) S1F0(S3) PE74(S3)
S1F0(S3) PE75(
S3) S1F0(S3) PE76(S3) S1F0(S3) PE77(S3) S1F0(S3) PE81(S3) S1F0(S3)
PE82(S3) S1F0(S3) PE83(S3) S1F0(S3) PE84(S3) S1F0(S3) PE85(S3)
S1F0(S3) PE86(S3) S1F0(S3) PE87(S3) S1F0(S3) PE91(S3) S1F0(S3)
PE92(S3) S1F0(S3
) PE93(S3) S1F0(S3) PE94(S3) S1F0(S3) PE95(S3) S1F0(S3) PE96(S3)
S1F0(S3) PE97(S3) S1F0(S3) PEA1(S3) S1F0(S3) PEA2(S3) S1F0(S3)
PEA3(S3) S1F0(S3) PEA4(S3) S1F0(S3) PEA5(S3) S1F0(S3) PEA6(S3)
S1F0(S3) PEA7(S3)
S1F0(S3) PEB1(S3) S1F0(S3) PEB2(S3) S1F0(S3) PEB3(S3) S1F0(S3)
PEB4(S3) S1F0(S3) PEB5(S3) S1F0(S3) PEB6(S3) S1F0(S3) PEB7(S3)
S1F0(S3) SLPB(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz, 2667.24 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,SSE3,SSSE3,CX16,NXE,LONG
cpu0: 4MB 64b/line 16-way L2 cache
cpu0: apic clock running at 65MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz, 2666.86 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,SSE3,SSSE3,CX16,NXE,LONG
cpu1: 4MB 64b/line 16-way L2 cache
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0
acpicpu1 at acpi0
acpibat0 at acpi0: BAT1 not present
acpibat1 at acpi0: BAT2 not present
acpiac0 at acpi0: AC unit online
acpibtn0 at acpi0: SLPB
vmt0 at mainbus0
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x01
ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x01
pci1 at ppb0 bus 1
pcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x08
pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA,
channel 0 configured to compatibility, channel 1 configured 

Re: font size in applications are huge in my VM instance

[Ted Unangst]

On Fri, Dec 17, 2010 at 9:55 AM, Bryan bra...@gmail.com wrote:
 I use my OpenBSD at work on a VMware instance.  I have tried this in
 my default WM (scrotwm), and also in fluxbox.  When I launch an
 application, like Gimp, or Firefox in my VM instance, the fonts in the
 dialog boxes, menus, and toolbars are large, like someone did a
 'Ctrl+' in firefox to increase the font. The resolution on the
 instance is 1280x1024, because xrandr won't emulate a 1680x1050
 screen.

Font sizes are based on your DPI settings, which are guessed by the X
server.  There are ways to specify better values, though I'm not sure
how since I've never done it.  The intertubes may know more.

Re: font size in applications are huge in my VM instance

[Bryan]

On Fri, Dec 17, 2010 at 09:40, Ted Unangst ted.unan...@gmail.com wrote:
 On Fri, Dec 17, 2010 at 9:55 AM, Bryan bra...@gmail.com wrote:
 I use my OpenBSD at work on a VMware instance. B I have tried this in
 my default WM (scrotwm), and also in fluxbox. B When I launch an
 application, like Gimp, or Firefox in my VM instance, the fonts in the
 dialog boxes, menus, and toolbars are large, like someone did a
 'Ctrl+' in firefox to increase the font. The resolution on the
 instance is 1280x1024, because xrandr won't emulate a 1680x1050
 screen.

 Font sizes are based on your DPI settings, which are guessed by the X
 server. B There are ways to specify better values, though I'm not sure
 how since I've never done it. B The intertubes may know more.


That gets me a step closer... I didn't know how to search for fonts
sizes are huge in certain X applications...


hmmm looks like xrandr has a switch for --dpi.  I will mess around
with that...


Thanks all...

Re: font size in applications are huge in my VM instance

[Bryan]

On Fri, Dec 17, 2010 at 09:40, Gonzalo L. R. gonz...@x61.com.ar wrote:
 maybe you need something like this:

 ~ $ cat .gtkrc-2.0
 gtk-font-name = Sans 8

 in your home.


That worked for things like firefox, inkscape, and gimp, is there a
kde version?  Koffice is still huge...

Re: Old IPSEC bug

[Theo de Raadt]

 I'm sure most of you are already aware, but
 http://news.ycombinator.com/item?id=2014004 suggests that Jason fixed a
 potentially-dangerous bug in the IPSEC code in the NETSEC timeframe
 (src/sys/netinet/ip_esp.c r1.75).

A developer fixed a bug?   Oh my lord.   Fixing bugs is what developers do.

Regarding the current fuss, what is so special about this commit?

It is easy to look back with 20/20 vision and realize it was a bad
bug.  Yet every bad bug does not get errata, or we would get no
development done, and would spend all our time writing up errata.a

This project -- with it's limited manpower -- is going to remain
deeply inconsistant at (a) realizing the impact of a bug fix and (b)
making an errata available.

Those who have been following the project for years know that this is
nothing new and it will not change.

People keep trying to hold us to standards they don't apply to
themselves, and that is just so laughable.

Re: font size in applications are huge in my VM instance

[Gonzalo L. R.]

gtk != qt I don't use qt :/ sorry

El 12/17/10 13:04, Bryan escribiC3:

On Fri, Dec 17, 2010 at 09:40, Gonzalo L. R.gonz...@x61.com.ar  wrote:

maybe you need something like this:

~ $ cat .gtkrc-2.0
gtk-font-name = Sans 8

in your home.



That worked for things like firefox, inkscape, and gimp, is there a
kde version?  Koffice is still huge...


--
Sending from my Computer.

Re: Old IPSEC bug

[J Sisson]

On Fri, Dec 17, 2010 at 10:24 AM, Theo de Raadt dera...@cvs.openbsd.orgwrote:

 This project -- with it's limited manpower -- is going to remain
 deeply inconsistant at (a) realizing the impact of a bug fix and (b)
 making an errata available.

 That's the beauty of OpenBSD, though...a dev sees a bug, so the dev fixes
it.
Dev doesn't worry about exploitability or severity or whatever...just fix
the bug
and move on.

That's a feature, not a...well, you get the point.

Re: hotplugd and auto mount UI

[Christopher Hilton]

On Dec 11, 2010, at 8:46 AM, Jean-Francois wrote:

 Hello,

 Has someone already programmed any kind UI or GUI used with hotplugd for
auto
 mounting and user interface to eventually mount or unmount the device ?

 I am quite doing this for a friend, however if something already exists ...


I used to do this with amd. The one trick I recall is that you want to use
program mounts and specify the mount and unmount commands by hand. The problem
that I saw was that the ufs mounts assume that the disk is permanently mounted
in a cabinet so amd never times them out. Basically I let amd control a
directory: /hotplug and put the devices into it so I would find my usb
flashdrive at /hotplug/flashdrive The trick with amd is that any file
operation on the mount point will cause amd to do the mount on it's own. e.g.
$ ls -l /hotplug/flashdrive caused amd to mount my flashdrive. Lack of
activity on the directory triggers a timeout which unmounts the drive.
Althought I didn't do it this way, you could use a simple perl or python tk
script to pop up a directory box in your gui from hotplug... In my case my
flashdrive had my uber ssh keys on it plugging it in would trigger the action
needed to add my uber key to my ssh-agent.

-- Chris

Chris Hilton  e: chris /at/ vindaloo /dot/ com

All I was doing was trying to get home from work!
 -- Rosa Parks

NORPHI Pictures - la nouvelle banque d'images

[NORPHI Pictures]

The new picture library

FranC'ais : www.norphipictures.com

English : www.norphipictures.com/en

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

Recherche par catalogue :

  * Architecture

  * Alimentaire

  * Image d'exception

  * Industrie

  * Tradition

  * Fond et matiC(re

  * EvC)nement

  * Nature

  * Transport

  * Animal

  * Maison

  * Habillement

  * Personnage

Les plus de NORPHI Pictures : photos et dessins anciens

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

Site NORPHI Pictures :

Ce site a C)tC) crC)C) par des professionnels de la communication du
marketing et du web, nos formations sont artistiques, avec les divers
mC)tiers tel que, photographe publicitaire et artistique, graphiste
designer et dC)corateur. Il veut rC)pondre aux attentes des
professionnels des mC)tiers d'arts graphiques de la publicitC) et de tout
autre mC)tier graphique et artistique. Son C)volution se fera avec vous
par vos demandes, vos souhaits et vos aspirations. NORPHIpictures est un
site vivant et C)volutif, avec un systC(me de recherche ou les mots clC)s
ne sont plus prioritaires, mais ou la prioritC) est donnC)e aux
catalogues.Ce mode de recherche sera constamment en C)volution, ceci afin
dbC)viter lberreur humaine de la frappe et les erreurs liC)es aux
trop nombreux mots clC)s.

Pour ne plus recevoir d'emails de notre part, cliquez-ici
If you no longer wish to receive email from us, click here

AUGURI

[SANITALIA]

[IMAGE]

Bonjour

[Marie Corion (via Multiply)]

This is a MIME-encoded message that corion2 sent through Multiply.  To read
it, you need a HTML-capable mail client.