Re: a GOOD idea to harden OpenSSH!
On Tue, Apr 19, 2011 at 11:56:51AM +0200, Peter N. M. Hansteen wrote: Alexander Schrijver alexander.schrij...@gmail.com writes: I think it's a bad idea to disable ssh login while someone is bruteforcing your account. (...) industrial-scale password guessing (...) If you allow password logins at all, there are worse ideas than running john (or similar) to flush out the bad ones occasionally. If you're going to check password quality, use security/passwdqc (by the same author as John the Ripper, based on the same code) - it will actually prevent people from setting bad passwords, and using it to check plaintext passwords is much more efficient than running john. (Of course, it doesn't work on passwords already set, so *one* john runs makes sense.) Joachim -- PotD: devel/p5-YAML - YAML ain't a markup language http://www.joachimschipper.nl/
Re: syslog and interfaces
On Tue, Apr 19, 2011 at 09:08:52AM +, Julien Dyie wrote: Hi, after the reading of syslog.conf (5) and syslogd (8), I can't find how to disable syslog's listening on specifical interfaces. syslogd always opens a UDP port, but it silently drops all traffic unless you pass the -u option. Yes, this is a bit confusing. Joachim -- PotD: x11/fvwm2,-main,i18n - multiple virtual desktop window manager, with icons http://www.joachimschipper.nl/
Re: /dev/pf permission for squid 3.2.0.6 on openbsd 4.8
On Tue, Apr 19, 2011 at 12:00 PM, Indunil Jayasooriya induni...@gmail.com wrote: many thanks. I got it working. I changed from http_port 3129 intercept to http_port 127.0.0.1:3129 intercept in squid.conf file. Here's the rule in pf.conf pass in log on $int_if proto tcp from $lan_net to any port 80 \ divert-to 127.0.0.1 port 3129 very sorry. After sending this mail, I checked squid cache.log with below command tail -f /var/squid/logs/cache.log this below error still appears. Intercept.cc(305) PfInterception: PF open failed: (13) Permission denied I just wanted to let you know. If this is a trouble, Pls excuse me. -- Thank you Indunil Jayasooriya
Re: Building from the source -Current
* Insan Praja SW insan.pr...@gmail.com [2011-04-19 21:50]: Hi Misc@, Tried to build kernel from the source but something like this; $ sudo config GENERIC.MP Don't forget to run make depend Kernel options have changed -- you must run make clean $ cd ../compile/GENERIC.MP/ $ sudo make clean sudo make depend sudo make sudo make install rm -f eddep *bsd *bsd.gdb tags *.[io] [a-z]*.s [Ee]rrs linterrs assym.h make: don't know how to make machine/freebsd_machdep.h. Stop in /usr/src/sys/arch/i386/compile/GENERIC.MP. What should I do? rm -rf ./compile/GENERIC.MP/ and reconfig. occasionally make clean is not enough. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: Citrix ICAclient hangs whole PC with latest i386 PC
Sorry, still same issue as yesterday even with latest sources so I can't build new kernel. I tried make clean make depend make too even as make depend is not needed anymore, but just to be sure. ERVER -DCD9660 -DUDF -DMSDOSFS -DFIFO -DSOCKET_SPLICE -DTCP_SACK -DTCP_ECN -DTCP_SIGNATURE -DINET -DALTQ -DINET6 -DIPSEC -DPPP_BSDCOMP -DPPP_DEFLATE -DMROUTING -DMPLS -DBOOT_CONFIG -DUSER_PCICONF -DKVM86 -DUSER_LDT -DAPERTURE -DCOMPAT_SVR4 -DCOMPAT_LINUX -DCOMPAT_AOUT -DPROCFS -DNTFS -DPCIVERBOSE -DEISAVERBOSE -DUSBVERBOSE -DWSDISPLAY_COMPAT_USL -DWSDISPLAY_COMPAT_RAWKBD -DWSDISPLAY_DEFAULTSCREENS=6 -DWSDISPLAY_COMPAT_PCVT -DX86EMU -DONEWIREVERBOSE -DMAXUSERS=80 -D_KERNEL -MD -MP -c ../../../../kern/vfs_vops.c ../../../../kern/vfs_vops.c: In function 'VOP_ISLOCKED': ../../../../kern/vfs_vops.c:66: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_LOOKUP': ../../../../kern/vfs_vops.c:81: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_CREATE': ../../../../kern/vfs_vops.c:99: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_MKNOD': ../../../../kern/vfs_vops.c:116: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_OPEN': ../../../../kern/vfs_vops.c:130: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_CLOSE': ../../../../kern/vfs_vops.c:146: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_ACCESS': ../../../../kern/vfs_vops.c:162: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_GETATTR': ../../../../kern/vfs_vops.c:177: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_SETATTR': ../../../../kern/vfs_vops.c:194: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_READ': ../../../../kern/vfs_vops.c:210: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_WRITE': ../../../../kern/vfs_vops.c:227: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_IOCTL': ../../../../kern/vfs_vops.c:244: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_POLL': ../../../../kern/vfs_vops.c:257: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_KQFILTER': ../../../../kern/vfs_vops.c:269: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_REVOKE': ../../../../kern/vfs_vops.c:281: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_FSYNC': ../../../../kern/vfs_vops.c:298: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_REMOVE': ../../../../kern/vfs_vops.c:314: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_LINK': ../../../../kern/vfs_vops.c:329: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_RENAME': ../../../../kern/vfs_vops.c:349: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_MKDIR': ../../../../kern/vfs_vops.c:366: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_RMDIR': ../../../../kern/vfs_vops.c:382: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_SYMLINK': ../../../../kern/vfs_vops.c:400: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_READDIR': ../../../../kern/vfs_vops.c:419: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_READLINK': ../../../../kern/vfs_vops.c:434: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_ABORTOP': ../../../../kern/vfs_vops.c:446: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_INACTIVE': ../../../../kern/vfs_vops.c:460: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_RECLAIM': ../../../../kern/vfs_vops.c:472: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_LOCK': ../../../../kern/vfs_vops.c:485: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_UNLOCK': ../../../../kern/vfs_vops.c:498: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_BMAP': ../../../../kern/vfs_vops.c:516: error: 'struct vops' has no member named 'vop_default'
Re: CARP compatibility
Router 2 carp1: flags=8803UP,BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:00:00:00:00:00 priority: 0 carp: INIT carpdev none vhid 2 advbase 1 advskew 0 groups: carp This mightily looks like some other interface is trying to use the same IP-address (the 00:00:00:00:00:00 hints at that). In that case the carp interface naturally remains at INIT. Marcus
Re: Like OpenBSD? Like to see new stuff happening? You really need to order a CD today :)
On Tue, Apr 19, 2011 at 08:11:10PM +, Miod Vallat wrote: The OpenBSD project does not receive any proceeds from tshirt, posters, doll or book sales. In any case, the OpenBSD project receives more money from the sale of one CD set than from the sale of one clothing attire, due to the production costs of said items. So if you want to contribute but don't know what to get, get a CD set (or several!). Noone will mind if you frame them and hang them on your wall; it's the thought which counts. Miod In fact one famous CD decorates the ceiling of a Calgary bar. Why not upgrade the decor of your local drinking establishment and give them a CD set to put on the wall/ceiling! And then you can raise a beer to OpenBSD every visit. Ken Ken, I hang out in the most red-neck hick places. They would likely try to put the cd in the juke box and would get mad that it didn't play. You should see them look at the OpenBSD shirts that I wear there occasionally. I think they think they are for some kind of devil-music rock band or something. s
Re: 4.7 ospfd FIB/RIB synchronization
you might be able to upgrade your passive firewall to 4.9 next to the active 4.7 one. it looks like the protocol stayed the same so they should be able to talk to each other. however, it looks like bulk updates were broken in 4.7, which would explain your failover problems. you can work around that by going pfctl -S /dev/stdout | ssh activefw pfctl -L /dev/stdin as root on the passive fw. as a matter of interest, are you using ospf for failover on one side of your firewalls? dlg On 20/04/2011, at 2:45 PM, Jonathan Lassoff wrote: On Tue, Apr 19, 2011 at 7:14 PM, David Gwynne l...@animata.net wrote: i had this same problem and fixed it in time for the 4.8 release. is it possible you can upgrade? Do you mean that this was an issue in 4.7 that was fixed in 4.8? I most definitely plan to upgrade (all the way to 4.9, most likely), but am stuck with 4.7 for now, since there's not a hitless way for me to upgrade right now (mostly due to pfsync causing sessions to reset when failing over). Thanks for the pointer. Cheers, jof
En Abril nuestras Bases de Datos al 2 x 1 (ID:243807)
Me interesa la promocisn de todo al 2 x 1... dar click aqum Una base de datos es determinante para el ixito de un negocio. Durante Abril todas nuestras bases de datos al 2 x 1 Hola: Durante el mes de Abril todas nuestras bases de Datos al 2 x 1. En la compra de una se lleva otra de igual o menor precio sin costo adicional. O puede llevarse 3 o mas con un atractivo descuento. Base Registros Precio de Lista Hospitales 3,000 $4,500 Farmacias 15,000 $9,900 Midicos 47,000 $9,500 Laboratorios Clmnicos 4,500 $4,200 Gimnasios y Clubes 3,000 $3,000 Restaurantes 25,000 $2,500 Hoteles 10,000 $2,000 Bares, Centros Nocturnos y Vinatermas 10,000 $2,000 Constructoras y Afines 20,000 $5,500 Talleres Mecanicos 13,000 $2,500 Venta y Renta Autos 4,500 $2,000 Refaccionarias 15,000 $2,750 Nuestras bases de datos cuentan con los siguientes campos: * Nombre * Direccion * Telifono * Giro Tenemos otras bases de datos, si la que necesita no esta en la lista, llamenos. Durante Abril todas al 2 x 1. Di click aqum Para mas detalles sobre nuestras bases de datos, llamenos al 01 800-716-1681 Eliminar mi direccion de su lista
Re: OpenBSD-Wiki.org
e( 2011e944f19f%ffd:oWayne Oliver wayn0...@gmail.com eio -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 18 Apr 2011, at 5:22 PM, Kenny wrote: Due to an circumstances beyond my control, I'm not longer able to host / maintain /work with OpenBSD-Wiki.org. I was in the process of updating it when some personal issues came up. I'm interested in passing this off to someone else who may be interested. I'll help migrate it, get things back up and going -- if help is needed / wanted. I'm not subscribed to the list, so send an email to this email. -- Kennith (Kenny) Mann Hey B Kenny, If nobody else has offered, I will be willing to take this over. I can help too if needed. I can run a slave dns on my openbsd server and linux vps. And I know a few things about HTML/php/webdev and what not. -- g):g.1e/h2/g )cf71h07e/e.9f04c
Re: CARP compatibility
* Marcus M|lb|sch muelbue...@as-infodienste.de [2011-04-20 13:34]: Router 2 carp1: flags=8803UP,BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:00:00:00:00:00 priority: 0 carp: INIT carpdev none vhid 2 advbase 1 advskew 0 groups: carp This mightily looks like some other interface is trying to use the same IP-address (the 00:00:00:00:00:00 hints at that). no, that is wrong. In that case the carp interface naturally remains at INIT. it remains at init because afaict there is no IP address on that interface (once again incomplete output has been presented...). carp doesn't work without and stays in init. and the macaddr depends on the vhid so it is set late-ish. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: Like OpenBSD? Like to see new stuff happening? You really need to order a CD today :)
* Stuart VanZee stua...@datalinesys.com [2011-04-20 14:12]: I hang out in the most red-neck hick places. They would likely try to put the cd in the juke box and would get mad that it didn't play. You should see them look at the OpenBSD shirts that I wear there occasionally. I think they think they are for some kind of devil-music rock band or something. and that isn't actually THAT faar off, is it? ;) -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: 4.7 ospfd FIB/RIB synchronization
On Wed, Apr 20, 2011 at 4:22 AM, David Gwynne l...@animata.net wrote: you might be able to upgrade your passive firewall to 4.9 next to the active 4.7 one. it looks like the protocol stayed the same so they should be able to talk to each other. This would seem to be the case. This (http://undeadly.org/cgi?action=articlesid=20090301211402) is an absolutely excellent bit of writing about the improvements to pfsync, BTW. Thanks for letting that be shared. however, it looks like bulk updates were broken in 4.7, which would explain your failover problems. you can work around that by going pfctl -S /dev/stdout | ssh activefw pfctl -L /dev/stdin as root on the passive fw. As an initial seeding of state? It seems to me that only some of my flows get affected when failing over (not everything is reset and traffic can still flow). It appears that both firewalls have an approximately congruent set of states, but usually a pfctl -ss | wc -l can be off by several hundred, to several thousand states at times. My hunch is that state creation and counter updates are not updated synchronously, so when failing over there are still some updates in-flight, and for flows that are moving their sequence numbers at a decent clip I could see why they might get reset. Have you ever used pfsync with the defer option set? I can imagine that it just takes longer for sessions to start since each firewall would have to wait for the insertion of the state on the other firewall, but I wonder how much latency that adds in practice. Another open question would be what to do in the case of multiple firewalls receiving the multicast update (not applicable for me, but something I'm considering trying). I wonder if there ought to be a hook for defer to count the number of related received state insertion messages it gets before starting. as a matter of interest, are you using ospf for failover on one side of your firewalls? I'm hooking CARP interfaces up into ospfd to signal to my IGP which firewall is active at a given time. ospfd seems to have hooks into CARP which will change LSA metrics based on the CARP state. For the interfaces that these firewalls are announcing into the IGP, CARP is used to direct upstream traffic at the active router. Cheers, jof
About destroying tunX ifaces with ifconfig and ppp.linkdown
There is any differences in do (when I connect to my isp via modem): pkill ppp or ifconfig tun0 destroy my real doubt it's that I need to know if the ppp.linkdown it's executed in the second case.
Re: Citrix ICAclient hangs whole PC with latest i386 PC
On Mon, Apr 18, 2011 at 4:57 PM, Paul Irofti p...@irofti.net wrote: Try this, let me know what happens. Index: linux_exec.c === RCS file: /cvs/src/sys/compat/linux/linux_exec.c,v retrieving revision 1.33 diff -u -p -r1.33 linux_exec.c --- linux_exec.c B B B B 5 Apr 2011 15:44:40 - B B B 1.33 +++ linux_exec.c B B B B 18 Apr 2011 13:50:37 - @@ -197,14 +197,17 @@ linux_e_proc_exit(struct proc *p) B void B linux_e_proc_fork(struct proc *p, struct proc *parent) B { - B B B struct linux_emuldata *emul = p-p_emuldata; - B B B struct linux_emuldata *p_emul = parent-p_emuldata; + B B B struct linux_emuldata *emul; + B B B struct linux_emuldata *p_emul; B B B B /* Allocate new emuldata for the new process. */ B B B B p-p_emuldata = NULL; B B B B /* fork, use parent's vmspace (our vmspace may not be setup yet) */ B B B B linux_e_proc_init(p, parent-p_vmspace); + + B B B emul = p-p_emuldata; + B B B p_emul = parent-p_emuldata; B B B B emul-my_set_tid = p_emul-child_set_tid; B B B B emul-my_clear_tid = p_emul-child_clear_tid; yes now it's working again. Thx a lot PS: my src was messed somewhat so that's why I was not able to build kernel properly
Re: 4.7 ospfd FIB/RIB synchronization
On 20/04/2011, at 11:08 PM, Jonathan Lassoff wrote: On Wed, Apr 20, 2011 at 4:22 AM, David Gwynne l...@animata.net wrote: you might be able to upgrade your passive firewall to 4.9 next to the active 4.7 one. it looks like the protocol stayed the same so they should be able to talk to each other. This would seem to be the case. This (http://undeadly.org/cgi?action=articlesid=20090301211402) is an absolutely excellent bit of writing about the improvements to pfsync, BTW. Thanks for letting that be shared. however, it looks like bulk updates were broken in 4.7, which would explain your failover problems. you can work around that by going pfctl -S /dev/stdout | ssh activefw pfctl -L /dev/stdin as root on the passive fw. As an initial seeding of state? It seems to me that only some of my flows get affected when failing over (not everything is reset and traffic can still flow). yes. the pfctl commands will do a bulk update since the in kernel implementation was unreliable back then. It appears that both firewalls have an approximately congruent set of states, but usually a pfctl -ss | wc -l can be off by several hundred, to several thousand states at times. My hunch is that state creation and counter updates are not updated synchronously, so when failing over there are still some updates in-flight, and for flows that are moving their sequence numbers at a decent clip I could see why they might get reset. pf has a bit of fuzz when it does its tcp window matching, so packets can get ahead of the firewall and be ok. also, pf will drop out of window packets rather than send RSTs and such. pfsync will also make a good effort to merge state updates with local changes and will aggressively send updates to its peers when it thinks traffic has recently gone over both legs of a firewall. however, if the bulk update didnt work properly then you can have some missing after failover. if the state doesnt exist then you fall through to the ruleset, pfsync doesnt ask its peers for missing states. this used to affect me with very long lived connections that could be idle for a while (eg, nfs). Have you ever used pfsync with the defer option set? I can imagine that it just takes longer for sessions to start since each firewall would have to wait for the insertion of the state on the other firewall, but I wonder how much latency that adds in practice. i wrote defer, so yes... on my boxes the increase in latency is about .2 to .3ms. if a firewall is missing its peer(s) it will go up to about 1/100th of a second. Another open question would be what to do in the case of multiple firewalls receiving the multicast update (not applicable for me, but something I'm considering trying). I wonder if there ought to be a hook for defer to count the number of related received state insertion messages it gets before starting. the code assumes that if one peer got and acked the update, then all your peers got the update. as a matter of interest, are you using ospf for failover on one side of your firewalls? I'm hooking CARP interfaces up into ospfd to signal to my IGP which firewall is active at a given time. ospfd seems to have hooks into CARP which will change LSA metrics based on the CARP state. For the interfaces that these firewalls are announcing into the IGP, CARP is used to direct upstream traffic at the active router. thats exactly how i have my stuff configured. dlg
Re: syslog and interfaces
On Tue, Apr 19, 2011 at 09:08:52AM +, Julien Dyie wrote: Hi, after the reading of syslog.conf (5) and syslogd (8), I can't find how to disable syslog's listening on specifical interfaces. syslogd always opens a UDP port, but it silently drops all traffic unless you pass the -u option. Yes, this is a bit confusing. It is NOT confusing. It is fully documented.
Re: Citrix ICAclient hangs whole PC with latest i386 PC
You have to rm -rf the kernel directory I always do it. The # is always 0 in my case if I build it. rm -rf /usr/src/sys/arch/YOUR_ARCH/compile/GENERIC{.MP} On Wed, Apr 20, 2011 at 5:26 AM, Tomas Bodzar tomas.bod...@gmail.com wrote: Sorry, still same issue as yesterday even with latest sources so I can't build new kernel. I tried make clean make depend make too even as make depend is not needed anymore, but just to be sure. ERVER -DCD9660 -DUDF -DMSDOSFS -DFIFO -DSOCKET_SPLICE -DTCP_SACK -DTCP_ECN -DTCP_SIGNATURE -DINET -DALTQ -DINET6 -DIPSEC -DPPP_BSDCOMP -DPPP_DEFLATE -DMROUTING -DMPLS -DBOOT_CONFIG -DUSER_PCICONF -DKVM86 -DUSER_LDT -DAPERTURE -DCOMPAT_SVR4 -DCOMPAT_LINUX -DCOMPAT_AOUT -DPROCFS -DNTFS -DPCIVERBOSE -DEISAVERBOSE -DUSBVERBOSE -DWSDISPLAY_COMPAT_USL -DWSDISPLAY_COMPAT_RAWKBD -DWSDISPLAY_DEFAULTSCREENS=6 -DWSDISPLAY_COMPAT_PCVT -DX86EMU -DONEWIREVERBOSE -DMAXUSERS=80 -D_KERNEL -MD -MP -c ../../../../kern/vfs_vops.c ../../../../kern/vfs_vops.c: In function 'VOP_ISLOCKED': ../../../../kern/vfs_vops.c:66: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_LOOKUP': ../../../../kern/vfs_vops.c:81: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_CREATE': ../../../../kern/vfs_vops.c:99: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_MKNOD': ../../../../kern/vfs_vops.c:116: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_OPEN': ../../../../kern/vfs_vops.c:130: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_CLOSE': ../../../../kern/vfs_vops.c:146: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_ACCESS': ../../../../kern/vfs_vops.c:162: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_GETATTR': ../../../../kern/vfs_vops.c:177: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_SETATTR': ../../../../kern/vfs_vops.c:194: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_READ': ../../../../kern/vfs_vops.c:210: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_WRITE': ../../../../kern/vfs_vops.c:227: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_IOCTL': ../../../../kern/vfs_vops.c:244: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_POLL': ../../../../kern/vfs_vops.c:257: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_KQFILTER': ../../../../kern/vfs_vops.c:269: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_REVOKE': ../../../../kern/vfs_vops.c:281: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_FSYNC': ../../../../kern/vfs_vops.c:298: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_REMOVE': ../../../../kern/vfs_vops.c:314: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_LINK': ../../../../kern/vfs_vops.c:329: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_RENAME': ../../../../kern/vfs_vops.c:349: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_MKDIR': ../../../../kern/vfs_vops.c:366: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_RMDIR': ../../../../kern/vfs_vops.c:382: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_SYMLINK': ../../../../kern/vfs_vops.c:400: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_READDIR': ../../../../kern/vfs_vops.c:419: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_READLINK': ../../../../kern/vfs_vops.c:434: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_ABORTOP': ../../../../kern/vfs_vops.c:446: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_INACTIVE': ../../../../kern/vfs_vops.c:460: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_RECLAIM': ../../../../kern/vfs_vops.c:472: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_LOCK': ../../../../kern/vfs_vops.c:485: error:
Re: Citrix ICAclient hangs whole PC with latest i386 PC
I've done that of course, but it was still complaining during make phase about something in vfs code (see previous posts from me). After rm -rf /usr/src and complete new checkout from AnonCVS I was able to continue. On Wed, Apr 20, 2011 at 4:30 PM, Amit Kulkarni amitk...@gmail.com wrote: You have to rm -rf the kernel directory I always do it. The # is always 0 in my case if I build it. rm -rf /usr/src/sys/arch/YOUR_ARCH/compile/GENERIC{.MP} On Wed, Apr 20, 2011 at 5:26 AM, Tomas Bodzar tomas.bod...@gmail.com wrote: Sorry, still same issue as yesterday even with latest sources so I can't build new kernel. I tried make clean make depend make too even as make depend is not needed anymore, but just to be sure. ERVER -DCD9660 -DUDF -DMSDOSFS -DFIFO -DSOCKET_SPLICE -DTCP_SACK -DTCP_ECN -DTCP_SIGNATURE -DINET -DALTQ -DINET6 -DIPSEC -DPPP_BSDCOMP -DPPP_DEFLATE -DMROUTING -DMPLS -DBOOT_CONFIG -DUSER_PCICONF -DKVM86 -DUSER_LDT -DAPERTURE -DCOMPAT_SVR4 -DCOMPAT_LINUX -DCOMPAT_AOUT -DPROCFS -DNTFS -DPCIVERBOSE -DEISAVERBOSE -DUSBVERBOSE -DWSDISPLAY_COMPAT_USL -DWSDISPLAY_COMPAT_RAWKBD -DWSDISPLAY_DEFAULTSCREENS=6 -DWSDISPLAY_COMPAT_PCVT -DX86EMU -DONEWIREVERBOSE -DMAXUSERS=80 -D_KERNEL -MD -MP B -c ../../../../kern/vfs_vops.c ../../../../kern/vfs_vops.c: In function 'VOP_ISLOCKED': ../../../../kern/vfs_vops.c:66: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_LOOKUP': ../../../../kern/vfs_vops.c:81: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_CREATE': ../../../../kern/vfs_vops.c:99: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_MKNOD': ../../../../kern/vfs_vops.c:116: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_OPEN': ../../../../kern/vfs_vops.c:130: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_CLOSE': ../../../../kern/vfs_vops.c:146: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_ACCESS': ../../../../kern/vfs_vops.c:162: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_GETATTR': ../../../../kern/vfs_vops.c:177: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_SETATTR': ../../../../kern/vfs_vops.c:194: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_READ': ../../../../kern/vfs_vops.c:210: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_WRITE': ../../../../kern/vfs_vops.c:227: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_IOCTL': ../../../../kern/vfs_vops.c:244: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_POLL': ../../../../kern/vfs_vops.c:257: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_KQFILTER': ../../../../kern/vfs_vops.c:269: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_REVOKE': ../../../../kern/vfs_vops.c:281: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_FSYNC': ../../../../kern/vfs_vops.c:298: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_REMOVE': ../../../../kern/vfs_vops.c:314: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_LINK': ../../../../kern/vfs_vops.c:329: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_RENAME': ../../../../kern/vfs_vops.c:349: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_MKDIR': ../../../../kern/vfs_vops.c:366: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_RMDIR': ../../../../kern/vfs_vops.c:382: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_SYMLINK': ../../../../kern/vfs_vops.c:400: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_READDIR': ../../../../kern/vfs_vops.c:419: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_READLINK': ../../../../kern/vfs_vops.c:434: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_ABORTOP': ../../../../kern/vfs_vops.c:446: error: 'struct vops' has no member named 'vop_default' ../../../../kern/vfs_vops.c: In function 'VOP_INACTIVE': ../../../../kern/vfs_vops.c:460:
Re: Citrix ICAclient hangs whole PC with latest i386 PC
That happens sometimes :) good luck. PS: my src was messed somewhat so that's why I was not able to build kernel properly
Routing all traffic through IPSEC VPN
Hello @misc I seem to still be having some problems but I have made progress. The branch office cannot get out to the internet at large which I think may be a NAT problem. At least, when changing the default route on the branch office, I don't lose connectivity to it. On the branch office, the routing tables don't display unless I use netstat -rn -f inet. I also cannot traceroute. Kindly advise what pf rules and additionaly static routing is appropriate. --Main Office-- # The main office has a PPPoE connection to the internet cat /etc/pf.conf: pass all match out on tun0 from 10.40.60.0 to any nat-to (tun0) cat /etc/hostname.gre0: inet 172.16.254.1 255.255.255.255 172.16.254.2 link0 up tunnel hq.valleybusinesssolutions.us vps.valleybusinesssolutions.us route add -net 10.40.65.0/24 netstat -r: Internet: DestinationGatewayFlags Refs Use Mtu Prio Iface defaultphnx-dsl-gw55-247. UGS345750 - 8 tun0 10.40.60/24link#1 UC 10 - 4 em0 10.40.60.3 00:24:2c:07:d4:d0 UHLc 225728 - 4 em0 10.40.65/24172.16.254.2 UGS0 110 - 8 gif0 phnx-dsl-gw55-247. 71-223-156-37.phnx UH 18 1492 4 tun0 loopback localhost UGRS 00 33200 8 lo0 localhost localhost UH 00 33200 4 lo0 172.16.254.2 172.16.254.1 UH 1 68 - 4 gif0 BASE-ADDRESS.MCAST localhost URS00 33200 8 lo0 --Branch Office-- # The branch office has a cable-based internet connection cat /etc/pf.conf: pass all match out on em0 from 10.40.65.0 to any nat-to(em0) cat /etc/hostname.gre0: inet 172.16.254.2 255.255.255.255 172.16.254.1 link0 up tunnel vps.valleybusinesssolutions.us hq.valleybusinesssolutions.us route add -host hq.valleybusinesssolutions.us 206.125.169.97 #206.125.169.97 is the ISP's gateway route change default 172.16.254.1 netstat -rn -finet DestinationGatewayFlags Refs Use Mtu Prio Iface default172.16.254.1UGS0 98 - 8 gif0 10.40.65/24link#4UC 00 - 4 vether0 71.223.156.37 206.125.169.97 UGHS 0 201 - 8 em0 127/8 127.0.0.1 UGRS 00 33160 8 lo0 127.0.0.1 127.0.0.1 UH 12 33160 4 lo0 172.16.254.1 172.16.254.2 UH 2 91 - 4 gif0 206.125.169.96/29 link#1 UC 20 - 4 em0 206.125.169.97 00:0d:65:ab:c8:bf UHLc 10 -4 em0 206.125.169.98 52:54:00:27:26:22 UHLc 00- 4 lo0 224/4 127.0.0.1 URS00 33160 8 lo0 Thank you again, Matt
dd command on a compact flash
Hi, I prepared a file : disk.image(4GB sectors as my compact flash) ... doing it using dd/vnconfig/fdisk/disklabel/newfs/instalboot steps. (I followed this : http://glozer.net/soekris/cf-install.html) disk.image contain OpenBSD system 4.8-stable Now i want to put it on my compact flash (4GB 133x) using : dd if=disk.image of=/dev/rsd0c bs=512 ; doing it, process(top command ; 100% IDLE) dd STATE is SLEEP, and take a long time... doesn't finish. Any idea ? Thank you very much !
issues with acer aspire one
I've always wanted a netbook for OpenBSD. The form factor reminds me of the TS1000, my first computer. I picked up this refurbished Acer Aspire One (D255-1268) for just $229, and have 7 days (5 more now) to return it to the store. So far it's running OpenBSD pretty well, but I found some issues that I'm hoping to resolve: 1. screen blacks out during boot 2. no sound 3. cf reader won't mount 4. can't disable power button 5. resume didn't resume after long wait 6. can't re-enable wi-fi disabling via Fn-F3 7. Fn-F4 (Zz) doesn't put computer to sleep On a positive note, many things do work: bsd.mp, machdep.lidsuspend, wi-fi, x-windows, sleep/resume, function keys (disable wi-fi radio, switch to external screen, disable trackpad, mute sound, control volume, and control screen brightness), and usb-based cdrom and flash drives). I have not tested the web cam, the built-in ethernet nic, or the Windows 7 that shipped with the system (haven't even booted it as I'm still decided it to return this machine for another) Note: full `dmesg` output is at bottom. 1. screen blacks out during boot The screen apparently blanks out while OpenBSD is booting. What's weird is that I'm looking at the screen in very bright light, I can still see the blue lines scrolling - so it seems that the LCD backlight is being disabled momentarily. This is completely reproduce-able on my machine and I recall the same happening on another Aspire One model at the store. In case it matters, in both cases I'm booting OpenBSD off a USB pen drive... This is the last line I see before the backlight turns off: uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 This is the first line I see when the backlight turns back on: npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 So, comparing to the `dmesg` below, the following messages are posted while the backlight is off: usb3 at uhci2: USB revision 1.0 uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 2. no sound -- azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: apic 4 int 19 (irq 11) azalia0: codecs: Realtek ALC272 audio0 at azalia0 As seen above, the device is found, and I've double-checked that sound is not muted and that the volume turned all the way up. Note: the function keys work - that is, they correctly modify the mute and gain values in the output below (even though I can't hear anything) I know the speaker works because I was able to use it after booting the Parted Magic CD (linux) and running the Test Audio application, which produced the normal beep pattern. It detected the audio device as Intel Corp N10/ICH 7 Family HD Audio Controller (rev 02). Should OpenBSD should be using the auich driver, which is reported to support ICH7? - how can I get OpenBSD to use a different driver? # audioctl name=HD-Audio version=1.0 config=azalia0 encodings=slinear_le:16:2:1,slinear_le:20:4:1,slinear_le:24:4:1 properties=full_duplex,independent full_duplex=0 fullduplex=0 blocksize=9600 hiwat=6 lowat=4 output_muted=0 monitor_gain=0 mode= play.rate=48000 play.sample_rate=48000 play.channels=2 play.precision=16 play.bps=2 play.msb=1 play.encoding=slinear_le play.gain=255 play.balance=32 play.port=0x0 play.avail_ports=0x0 play.seek=0 play.samples=0 play.eof=0 play.pause=0 play.error=0 play.waiting=0 play.open=0 play.active=0 play.buffer_size=65536 play.block_size=9600 play.errors=0 record.rate=48000 record.sample_rate=48000 record.channels=2 record.precision=16 record.bps=2 record.msb=1 record.encoding=slinear_le record.gain=120 record.balance=32 record.port=0x0 record.avail_ports=0x0 record.seek=0 record.samples=0 record.eof=0 record.pause=0 record.error=0 record.waiting=0 record.open=0 record.active=0 record.buffer_size=65536 record.block_size=9600 record.errors=0 # mixerctl inputs.dac-0:1=192,192 inputs.dac-4:5=192,192 inputs.dac-2:3=126,126 record.adc-2:3_mute=off record.adc-2:3=120,120 record.adc-0:1_mute=off record.adc-0:1=120,120 inputs.mix_source=mic2 inputs.mix_mic2=120,120 inputs.mix2_source=dac-0:1,mix inputs.mix3_source=dac-4:5,mix inputs.mix4_source=dac-2:3,mix outputs.spkr_source=mix3 outputs.spkr_mute=off outputs.spkr_dir=output outputs.spkr_boost=off outputs.spkr_eapd=on outputs.mic2_source=mix4 outputs.mic2_mute=off inputs.mic2=85,85 outputs.mic2_dir=input-vr80 outputs.hp_source=mix2 outputs.hp_mute=off outputs.hp_boost=off record.adc-0:1_source=mic2,mix,mic record.adc-2:3_source=mic2,mix outputs.mic2_sense=unplugged outputs.hp_sense=unplugged outputs.spkr_muters=mic2,hp
La vostra carta bancaria e stata bloccata.
Carta bancaria bloccata, Per garantirti la massima sicurezza e prevenirne l'uso fraudolento durante i pagamenti on-line questa carta bancaria e stata bloccata per ulteriori acquisti con Verified by Visa e MasterCard SecureCode, ed in tutti gli sportello elettronico. Per riabilitare la tua carta bancaria al servizio Verified by Visa e MasterCard SecureCode utilizzate le tappe seguenti 1. Clicca su prot ezione acquisti online 2. riempire il formulario 3. aspettare il nostro contatta per confermare le informazioni protezione acquisti online. Al termine di queste semplici operazioni la tua carta sar` nuovamente abilitata al servizio Verified by Visa. Cordialmente, Servizio clientela. Copyright ) 1999-2011 Tutti i diritti riservati.
PROMOS PRINTEMPS BIGBILLOU.FR
Si la newsletter ne s'affiche pas correctement sur votre C)cran allez C cette adresse: http://www.dhinformatique.fr/mailing/bigbillou_08042011/bigbillou_08042011.ph p?email=misc@openbsd.org si vous ne souhaitez plus recevoir de message de BIGBILLOU.FR allez C cette adresse: http://www.dhinformatique.fr/mailing/desabonnement.php?email=misc@openbsd.org
Re: dd command on a compact flash
On Apr 20 20:48:58, OpenBSD Geek wrote: Hi, I prepared a file : disk.image(4GB sectors as my compact flash) ... doing it using dd/vnconfig/fdisk/disklabel/newfs/instalboot steps. (I followed this : http://glozer.net/soekris/cf-install.html) disk.image contain OpenBSD system 4.8-stable Now i want to put it on my compact flash (4GB 133x) using : dd if=disk.image of=/dev/rsd0c bs=512 ; doing it, process(top command ; 100% IDLE) dd STATE is SLEEP, and take a long time... doesn't finish. Any idea ? Thank you very much ! Why don't you just install on the CF directly? http://www.openbsd.org/faq/faq14.html#flashmemBoot Oh, it's him ...
Re: dd command on a compact flash
Use a larger block size. On Apr 20, 2011, at 12:48 PM, OpenBSD Geek open...@e-solutions.re wrote: Hi, I prepared a file : disk.image(4GB sectors as my compact flash) ... doing it using dd/vnconfig/fdisk/disklabel/newfs/instalboot steps. (I followed this : http://glozer.net/soekris/cf-install.html) disk.image contain OpenBSD system 4.8-stable Now i want to put it on my compact flash (4GB 133x) using : dd if=disk.image of=/dev/rsd0c bs=512 ; doing it, process(top command ; 100% IDLE) dd STATE is SLEEP, and take a long time... doesn't finish. Any idea ? Thank you very much !
Re: /dev/pf permission for squid 3.2.0.6 on openbsd 4.8
On 2011-04-20, Indunil Jayasooriya induni...@gmail.com wrote: On Tue, Apr 19, 2011 at 12:00 PM, Indunil Jayasooriya induni...@gmail.com wrote: many thanks. I got it working. I changed from http_port 3129 intercept to http_port 127.0.0.1:3129 intercept in squid.conf file. Here's the rule in pf.conf pass in log on $int_if proto tcp from $lan_net to any port 80 \ divert-to 127.0.0.1 port 3129 very sorry. After sending this mail, I checked squid cache.log with below command tail -f /var/squid/logs/cache.log this below error still appears. Intercept.cc(305) PfInterception: PF open failed: (13) Permission denied I just wanted to let you know. If this is a trouble, Pls excuse me. -- Thank you Indunil Jayasooriya Your copy of Squid is built with --enable-pf-transparent, build a new one from -current ports or remove that line from CONFIGURE_ARGS and reinstall.
authpf and google authenticator
I have used authpf sucessfully and was wondering if it is possible to use authpf with the google authenticator to add one time passwords. Has anyone done this?
Re: Like OpenBSD? Like to see new stuff happening? You really need to order a CD today :)
On 2011-04-19 16.27, Theo de Raadt wrote: Income: The direct income from sales (Computer Shop (primarily) + distributors) - Keeps the electrons flowing - Keeps me from taking that cushy Microsoft job Donations: The OpenBSD Foundation - Funds the big hackathons and some smaller ones - Funds the network links The paypal and european accounts - Funds the remaining small hackathons - Buys strange new pieces of hardware which are not donated I'm sure this has been brought up before, but is there a way to buy licenses without actually getting the CD:s? The reason I ask is that however much I like to have the CD sets in my bookshelf, I don't need ten or twenty of them... :-) But I still would like for my company to pay a fair fee for each system we run OpenBSD on. What complicates things for us is that the concept of donations isn't very practical here in Sweden, as a donation isn't regarded as a tax deductible expense at all, neither for private individuals nor corporations. A pure donation will in practice be nearly twice as expensive as the price tag itself would imply. For us it would be awesome to have the opportunity to order a multi-server CD, where I could specify for example a ten-system license, which would get me one CD set for the price of ten, with a good receipt for a perfectly valid, deductible business expense. It would be an excellent deal in my book. :-) (In the meantime, I'll just order the usual CD set with a T-shirt or a mug or two and hope for a better way to spend more money later on. :-) ) Regards, /Benny -- internetlabbet.se / work: +46 8 551 124 80 / Words must Benny Lvfgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted. /email: benny -at- internetlabbet.se
Re: Updating 'Release' with packaged Security Fixes
... there are file sets for -stable releases available www.openbsd-stable.org. It's not an official part of OpenBSD, so it's up to you to trust those files or not. Thank you for pointing me to this option. I understand from Marco Peereboom's reply that they are open for additional help in this matter. Wouldn't this be the kind of contribution he encouraged regarding the question of keeping Release up to date with Security Fixes? You addressed the trust issue. This question also came to my mind at reading Marco's reply. On the one hand there is a shortage of programmer hours at the OpenBSD project. On the other hand there would be a need to review the contribution from a new participant by a trusted project member for some time. As the compilations from openbsd-stable.org are currently not part of an official 'between releases' update path what would be the preferred form and extent of such contributions?
Howto set an IPv6 route?
Hello, I tried: route add -inet6 2a00:1ff8:101::/48 2a00:1ff8:102:ac01::1 and got: route: 2a00:1ff8:101::/48: bad value I do not understand, what is wrong with that net? Can anyone give me a hint? Roger.
Re: Like OpenBSD? Like to see new stuff happening? You really need to order a CD today :)
When ordering a CD it lets you tack on a donation. Call it 20 CDs and tax life is good. - or - Order 20 CDs, give 19 away. Not very hard... On Thu, Apr 21, 2011 at 02:07:20AM +0200, Benny Lofgren wrote: On 2011-04-19 16.27, Theo de Raadt wrote: Income: The direct income from sales (Computer Shop (primarily) + distributors) - Keeps the electrons flowing - Keeps me from taking that cushy Microsoft job Donations: The OpenBSD Foundation - Funds the big hackathons and some smaller ones - Funds the network links The paypal and european accounts - Funds the remaining small hackathons - Buys strange new pieces of hardware which are not donated I'm sure this has been brought up before, but is there a way to buy licenses without actually getting the CD:s? The reason I ask is that however much I like to have the CD sets in my bookshelf, I don't need ten or twenty of them... :-) But I still would like for my company to pay a fair fee for each system we run OpenBSD on. What complicates things for us is that the concept of donations isn't very practical here in Sweden, as a donation isn't regarded as a tax deductible expense at all, neither for private individuals nor corporations. A pure donation will in practice be nearly twice as expensive as the price tag itself would imply. For us it would be awesome to have the opportunity to order a multi-server CD, where I could specify for example a ten-system license, which would get me one CD set for the price of ten, with a good receipt for a perfectly valid, deductible business expense. It would be an excellent deal in my book. :-) (In the meantime, I'll just order the usual CD set with a T-shirt or a mug or two and hope for a better way to spend more money later on. :-) ) Regards, /Benny -- internetlabbet.se / work: +46 8 551 124 80 / Words must Benny Lvfgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted. /email: benny -at- internetlabbet.se
Re: Howto set an IPv6 route?
route add -inet6 2a00:1ff8:101:: -prefixlen 48 2a00:1ff8:102:ac01::1 Have a look at /etc/netstart for some guidance On 21/04/2011 9:57 AM, Roger Schreiter wrote: Hello, I tried: route add -inet6 2a00:1ff8:101::/48 2a00:1ff8:102:ac01::1 and got: route: 2a00:1ff8:101::/48: bad value I do not understand, what is wrong with that net? Can anyone give me a hint? Roger.
Re: Howto set an IPv6 route?
pbr I think I see what is happening here. You have the prefix wrong. Try using /64brbr/p pSent from Yahoo! Mail on Android/p
Re: Like OpenBSD? Like to see new stuff happening? You really need to order a CD today :)
On 2011-04-21 02.51, Marco Peereboom wrote: When ordering a CD it lets you tack on a donation. Call it 20 CDs and tax life is good. Yes I know, but as I tried to explain it doesn't help me if the receipt says donation or anything like it. You clearly don't know my accountant... :-) A simple multi-license article on the order form with a proper article text on the invoice would let me donate while keeping my accountant happy, as well as avoiding paying more taxes than necessary. - or - Order 20 CDs, give 19 away. Not very hard... I don't think I can muster 19 willing recipients of a gift CD set among my friends to be honest... :-/ Besides, it may sound silly but I really don't like to waste resources, be it my money, someone elses or some finite natural resource (CD:s don't grow on trees, do they? :-) ). Really, I'd happily pay the same price for one CD set plus n-1 CD-less licenses (and hopefully get the same volume discount as well), and it would be a true win-win for everyone. Regards, /Benny On Thu, Apr 21, 2011 at 02:07:20AM +0200, Benny Lofgren wrote: On 2011-04-19 16.27, Theo de Raadt wrote: Income: The direct income from sales (Computer Shop (primarily) + distributors) - Keeps the electrons flowing - Keeps me from taking that cushy Microsoft job Donations: The OpenBSD Foundation - Funds the big hackathons and some smaller ones - Funds the network links The paypal and european accounts - Funds the remaining small hackathons - Buys strange new pieces of hardware which are not donated I'm sure this has been brought up before, but is there a way to buy licenses without actually getting the CD:s? The reason I ask is that however much I like to have the CD sets in my bookshelf, I don't need ten or twenty of them... :-) But I still would like for my company to pay a fair fee for each system we run OpenBSD on. What complicates things for us is that the concept of donations isn't very practical here in Sweden, as a donation isn't regarded as a tax deductible expense at all, neither for private individuals nor corporations. A pure donation will in practice be nearly twice as expensive as the price tag itself would imply. For us it would be awesome to have the opportunity to order a multi-server CD, where I could specify for example a ten-system license, which would get me one CD set for the price of ten, with a good receipt for a perfectly valid, deductible business expense. It would be an excellent deal in my book. :-) (In the meantime, I'll just order the usual CD set with a T-shirt or a mug or two and hope for a better way to spend more money later on. :-) ) Regards, /Benny -- internetlabbet.se / work: +46 8 551 124 80 / Words must Benny Lvfgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted. /email: benny -at- internetlabbet.se -- internetlabbet.se / work: +46 8 551 124 80 / Words must Benny Lvfgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted. /email: benny -at- internetlabbet.se
Re: Like OpenBSD? Like to see new stuff happening? You really need to order a CD today :)
Theo, Please don't take this offensively as it touches a sensitive area. Benny's proposal is good! License the CD's as 10, 50, 100 user license set, exactly like you do for the old CDs which are $500+. This way OpenBSD taps into the commercial market. Commercial users buy the commercial CDs. Last time around somebody asked for packages on DVD. OpenBSD gets pre-orders a month in advance and if so many people want i386/amd64/etc package DVDs, just give it to them! MacOS + Linux + OpenSolaris has done some work on fat binaries, and I am sure with the expertise around here it can be done within some reasonable time. What a kick-ass project that would be! Anyway, wouldn't it be cool to reduce the bandwidth and hard drive usage for mirrors and simplify life for everybody? A survey is free from so many websites. We get spammed all the time, participate in this and that, why not host a survey right now someplace on openbsd.org or one of the devs websites and see how much interest is really there. OpenBSD got to be able to have more income streams. Keep up the good fight! On Wed, Apr 20, 2011 at 7:07 PM, Benny Lofgren bl-li...@lofgren.biz wrote: On 2011-04-19 16.27, Theo de Raadt wrote: Income: The direct income from sales (Computer Shop (primarily) + distributors) - Keeps the electrons flowing - Keeps me from taking that cushy Microsoft job Donations: The OpenBSD Foundation - Funds the big hackathons and some smaller ones - Funds the network links The paypal and european accounts - Funds the remaining small hackathons - Buys strange new pieces of hardware which are not donated I'm sure this has been brought up before, but is there a way to buy licenses without actually getting the CD:s? The reason I ask is that however much I like to have the CD sets in my bookshelf, I don't need ten or twenty of them... :-) But I still would like for my company to pay a fair fee for each system we run OpenBSD on. What complicates things for us is that the concept of donations isn't very practical here in Sweden, as a donation isn't regarded as a tax deductible expense at all, neither for private individuals nor corporations. A pure donation will in practice be nearly twice as expensive as the price tag itself would imply. For us it would be awesome to have the opportunity to order a multi-server CD, where I could specify for example a ten-system license, which would get me one CD set for the price of ten, with a good receipt for a perfectly valid, deductible business expense. It would be an excellent deal in my book. :-) (In the meantime, I'll just order the usual CD set with a T-shirt or a mug or two and hope for a better way to spend more money later on. :-) ) Regards, /Benny -- internetlabbet.se / work: +46 8 551 124 80 / Words must Benny Lvfgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted. /email: benny -at- internetlabbet.se
Re: issues with acer aspire one (now tested with -current)
A couple listers suggested trying -current, so here it is again on a 4.9 snapshot dated 201104119 (summary: no change, all issues still present) 1. screen blacks out during boot Still blacks out, but the location changed. This is the last line I see before the backlight turns off: ahci0 at pci0 dev 31 function 2 Intel 82801GR AHCI rev 0x02: apic 4 int 17 (irq 10), AHCI 1.1 And this is the first line I see when the backlight turns back on: ahci0: PHY offline on port 1 This is interesting for two reasons: 1) unlike before, there are no lines between and 2) there's no overlap in the lines from before (weird) 2. no sound --- Still no sound Like reported lasted time, this may be due to the 'azalia' driver being used instead of the 'auich' driver. I deduced this before since sound worked under Linux where the audio device as Intel Corp N10/ICH 7 Family HD Audio Controller (rev 02). So, if ICH7 is needed, then that implies it should be the 'auich' driver, right? 3. cf reader won't mount Still mounts as ugen0 4. can't disable power button - Still can't disable power button from initiating a shutdown - really, I don't know how - something in /etc/apm/ ? 5. resume didn't resume after long wait --- Can't reproduce (mentioned before) 6. can't re-enable wi-fi disabling via Fn-F3 Still can't re-enable radio after disabling 7. Fn-F4 (Zz) doesn't put computer to sleep - This button is still completely unresponsive New dmesg - OpenBSD 4.9-current (GENERIC.MP) #73: Tue Apr 19 13:34:15 MDT 2011 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP RTC BIOS diagnostic error 80clock_battery cpu0: Intel(R) Atom(TM) CPU N550 @ 1.50GHz (GenuineIntel 686-class) 1.50 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE real mem = 1061335040 (1012MB) avail mem = 1033809920 (985MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 10/07/10, SMBIOS rev. 2.6 @ 0xe80b0 (36 entries) bios0: vendor Acer version V3.08(DDR3) date 10/07/2010 bios0: Acer AOD255 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC MCFG SLIC BOOT SSDT WDAT acpi0: wakeup devices UHC1(S3) UHC2(S3) UHC3(S3) UHC4(S3) ECHI(S3) EXP1(S4) EXP2(S0) EXP3(S4) EXP4(S4) AZAL(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 166MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Atom(TM) CPU N550 @ 1.50GHz (GenuineIntel 686-class) 1.50 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Atom(TM) CPU N550 @ 1.50GHz (GenuineIntel 686-class) 1.50 GHz cpu2: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Atom(TM) CPU N550 @ 1.50GHz (GenuineIntel 686-class) 1.50 GHz cpu3: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 4 acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (EXP1) acpiprt2 at acpi0: bus 2 (EXP2) acpiprt3 at acpi0: bus -1 (EXP3) acpiprt4 at acpi0: bus -1 (EXP4) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpicpu2 at acpi0: C3, C2, C1, PSS acpicpu3 at acpi0: C3, C2, C1, PSS acpipwrres0 at acpi0: FN00 acpitz0 at acpi0: critical temperature 100 degC acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: SLPB acpibtn2 at acpi0: LID0 acpibat0 at acpi0: BAT0 model 13848633228217409 type Lion oem SANYO acpiac0 at acpi0: AC unit online acpivideo0 at acpi0: OVGA acpivout0 at acpivideo0: DD02 bios0: ROM list: 0xc/0xda00! cpu0: Enhanced SpeedStep 1497 MHz: speeds: 1500, 1000 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel Pineview DMI rev 0x02 vga1 at pci0 dev 2 function 0 Intel Pineview Video rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0x4000, size 0x1000 inteldrm0 at vga1: apic 4 int 16 (irq 11) drm0 at
Re: Like OpenBSD? Like to see new stuff happening? You really need to order a CD today :)
It isn't a good idea. jdixon tried, got exactly 0 responses. Really the horse is dead. Very very very dead. On Wed, Apr 20, 2011 at 07:54:52PM -0500, Amit Kulkarni wrote: Theo, Please don't take this offensively as it touches a sensitive area. Benny's proposal is good! License the CD's as 10, 50, 100 user license set, exactly like you do for the old CDs which are $500+. This way OpenBSD taps into the commercial market. Commercial users buy the commercial CDs. Last time around somebody asked for packages on DVD. OpenBSD gets pre-orders a month in advance and if so many people want i386/amd64/etc package DVDs, just give it to them! MacOS + Linux + OpenSolaris has done some work on fat binaries, and I am sure with the expertise around here it can be done within some reasonable time. What a kick-ass project that would be! Anyway, wouldn't it be cool to reduce the bandwidth and hard drive usage for mirrors and simplify life for everybody? A survey is free from so many websites. We get spammed all the time, participate in this and that, why not host a survey right now someplace on openbsd.org or one of the devs websites and see how much interest is really there. OpenBSD got to be able to have more income streams. Keep up the good fight! On Wed, Apr 20, 2011 at 7:07 PM, Benny Lofgren bl-li...@lofgren.biz wrote: On 2011-04-19 16.27, Theo de Raadt wrote: Income: The direct income from sales (Computer Shop (primarily) + distributors) - Keeps the electrons flowing - Keeps me from taking that cushy Microsoft job Donations: The OpenBSD Foundation - Funds the big hackathons and some smaller ones - Funds the network links The paypal and european accounts - Funds the remaining small hackathons - Buys strange new pieces of hardware which are not donated I'm sure this has been brought up before, but is there a way to buy licenses without actually getting the CD:s? The reason I ask is that however much I like to have the CD sets in my bookshelf, I don't need ten or twenty of them... :-) But I still would like for my company to pay a fair fee for each system we run OpenBSD on. What complicates things for us is that the concept of donations isn't very practical here in Sweden, as a donation isn't regarded as a tax deductible expense at all, neither for private individuals nor corporations. A pure donation will in practice be nearly twice as expensive as the price tag itself would imply. For us it would be awesome to have the opportunity to order a multi-server CD, where I could specify for example a ten-system license, which would get me one CD set for the price of ten, with a good receipt for a perfectly valid, deductible business expense. It would be an excellent deal in my book. :-) (In the meantime, I'll just order the usual CD set with a T-shirt or a mug or two and hope for a better way to spend more money later on. :-) ) Regards, /Benny -- internetlabbet.se / work: +46 8 551 124 80 / Words must Benny Lvfgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted. /email: benny -at- internetlabbet.se
Re: Like OpenBSD? Like to see new stuff happening? You really need to order a CD today :)
Please don't take this offensively as it touches a sensitive area. Right. We should not be offended when you say You are not getting any sales because you don't do enough. Do more. Benny's proposal is good! License the CD's as 10, 50, 100 user license set, exactly like you do for the old CDs which are $500+. This way OpenBSD taps into the commercial market. Commercial users buy the commercial CDs. Don't be ridiculous. Commercial users don't do that because OpenBSD is already free. They are not fools. Perhaps there are a few who are asking for specific methods where they can help fund us, within their constraints, but that is not nearly the same as get rich quick. They are an outstanding few, and they are not real commercial users. Even with proper deductable donation structures in place (ie. the OpenBSD Foundation) large corporations that are using OpenSSH in their products have given less than pennies per product. The world is not a shiny throw money around place as you think. Last time around somebody asked for packages on DVD. OpenBSD gets pre-orders a month in advance and if so many people want i386/amd64/etc package DVDs, just give it to them! MacOS + Linux + OpenSolaris has done some work on fat binaries, and I am sure with the expertise around here it can be done within some reasonable time. What a kick-ass project that would be! I understand that this is another form of saying do not do enough. We should do more. We should make a DVD, spend money on manufacturing it and packaging it, have people like Bob who is working on the 'buffer flipping' code instead go add more entries to the web page, and then see it if works. See if more than 50 sell. And what if it is a loss. And hey, every 6 months we can do *more work* to build yet another product! Anyway, wouldn't it be cool to reduce the bandwidth and hard drive usage for mirrors and simplify life for everybody? It might be news to you that the mirrors do that for free. A survey is free from so many websites. We get spammed all the time, participate in this and that, why not host a survey right now someplace on openbsd.org or one of the devs websites and see how much interest is really there. Yes, we should build a survey. And a wiki. It would be awesome. We'd get rich. OpenBSD got to be able to have more income streams. Income? I see that you have made a list of things of more things we should do. I don't see gauranteed income in there, anywhere. I can't even get the guys who hack on the project coordinated to work on the 49.html page so that we can get a ANNOUNCEMENT file ready for the upcoming file, because it isn't code, and it isn't as much fun. So you come here telling us we should do more? Get real. I don't do business, but I have more business sense than you.
Compiling OpenBSD source in order to get the customized 'uname' version.
Hi All, I have a plan to do some testing to compile and build release of OpenBSD from the source code. My question is which part of the source code do I need to modify in order to get and use the my own and customized 'uname' (eg: TestBSD)? # uname -a TestBSD server.lab.com 1.0-RELEASE GENERIC.MP#0 amd64 Thank you in advance. Regards, Stefanus
Re: Compiling OpenBSD source in order to get the customized 'uname' version.
On 04/20/11 22:33, Stefan N wrote: Hi All, I have a plan to do some testing to compile and build release of OpenBSD from the source code. My question is which part of the source code do I need to modify in order to get and use the my own and customized 'uname' (eg: TestBSD)? # uname -a TestBSD server.lab.com 1.0-RELEASE GENERIC.MP#0 amd64 Thank you in advance. Regards, Stefanus man myname
any working example of IPv6 /etc/hostname.carpXXX ?
Dear Sirs, I need to configure ipv6 over carp interface. It seems that carp doesn't like things in one line ifconfig carp470 vhid 70 pass xxx carpdev vlan470 advskew 20 inet6 2a00:1a70:80:470::2 prefixlen 128 it says something wrong about ipv6. don't have any idea why. so, one-line config for hostname.carpXXX will not work. if I do two ifconfigs: ifconfig carp470 vhid 70 pass xxx carpdev vlan470 advskew 20 ifconfig carp470 inet6 2a00:1a70:80:470::2 prefixlen 128 everthing seems to be ok. but if I put stuff to hostname.carpXXX r1n0:/root# cat /etc/hostname.carp470 vhid 70 pass xxx carpdev vlan470 advskew 20 inet6 2a00:1a70:80:470::2 prefixlen 128 up I got no ipv6 address and carp is in INIT state (no RUNNING flag). is there a way to configure ipv6 + carp from /etc/hostname.XXX ? Cheers, Ilya Shipitsin
Re: dd command on a compact flash
Hi I think dd is not a good solution for you. I suggest you visiting this link. http://www.nmedia.net/flashdist/flashdist-20090216.tar.gz flashdist.sh and growimg.sh in this package are very very usefull for you. you can write your new script ;) You should read and save partition table Then you can careate a new On Wed, Apr 20, 2011 at 9:18 PM, OpenBSD Geek open...@e-solutions.rewrote: Hi, I prepared a file : disk.image(4GB sectors as my compact flash) ... doing it using dd/vnconfig/fdisk/disklabel/newfs/instalboot steps. (I followed this : http://glozer.net/soekris/cf-install.html) disk.image contain OpenBSD system 4.8-stable Now i want to put it on my compact flash (4GB 133x) using : dd if=disk.image of=/dev/rsd0c bs=512 ; doing it, process(top command ; 100% IDLE) dd STATE is SLEEP, and take a long time... doesn't finish. Any idea ? Thank you very much ! -- Gula_Gula =;=; BNF