Re: Can one interface have an IP address and bridge as well?

2011-06-22 Thread Stuart Henderson
That would make things simpler.

On Thu, 23 Jun 2011 03:09:16 +0100, Paul Suh wrote:
> Folks,
> 
> I could add another physical interface for the internal end of the bridge, 
> but not for the external end. Would this work? 
> 
> 
> --Paul
> 
> 
> On Jun 22, 2011, at 6:56 AM, Stuart Henderson wrote:
> 
> > Seconded, or alternatively can you add another interface (physical
> > or vlan) to place the server on?
> > 
> > It might be possible to do bridging and nat on the same interface
> > (possibly using bridge rules and PF tags) but at best you're setting
> > yourself up for a complicated and fragile ruleset.
> > 
> > On 2011-06-22, Shane Lazarus  wrote:
> >> Heya
> >> 
> >> On Wed, Jun 22, 2011 at 12:13 PM, Paul Suh  wrote:
> >> 
> >>> Folks,
> >>> 
> >>> Is this possible and/or a good idea? I have a router with three 
> >>> interfaces:
> >>> 
> >>> sis0: external interface, IPv4 address 1.2.3.4/24
> >>> sis1: internal interface, IPv4 address 192.168.1.1/24
> >>> sis2 : DMZ interface, IPv4 address
> >>> 192.168.2.1/24
> >>> 
> >>> NAT rules pass all traffic from the internal and DMZ zones through the
> >>> external IP address. I have a couple of servers with IPv4 addresses
> >>> 192.168.2.2 and 192.168.2.3 in the DMZ, with rdr-to rules that send 
> >>> traffic
> >>> in
> >>> to them from 1.2.3.4.
> >>> 
> >>> I need to place a server at 1.2.3.5, and the software I have to run needs
> >>> the
> >>> server itself to have the IPv4 address 1.2.3.5 -- I can't NAT it and give
> >>> the
> >>> server the address 192.168.2.4 in the DMZ. (Don't ask. *shudder*) Can I 
> >>> set
> >>> up
> >>> a bridge between sis0 and sis2 so that traffic for 1.2.3.5 gets passed
> >>> through
> >>> to the server via sis2 as well as having the IPv4 address 1.2.3.4 on sis0?
> >>> Or
> >>> is there a better way to do this?
> >>> 
> >>> 
> >>> --Paul
> >>> 
> >>> [demime 1.01d removed an attachment of type application/pkcs7-signature
> >>> which had a name of smime.p7s]
> >>> 
> >>> 
> >> I personally would check to see if you could get a /30 routed to 1.2.3.4.
> >> 5.6.7.8 - 5.6.7.11
> >> 
> >> Append one of the /30 to the sis2 interface, and the other to your new
> >> server.
> >> 
> >> If 1.2.3.4 & 1.2.3.5 are part of a bigger block that you own, see if you
> >> can't allocate a /30 from that larger pool.
> >> ( 1.2.3.8 - 1.2.3.11 ?? )
> >> 
> >> 
> >> Shane



Re: Automatic reboot on kernel panic

2011-06-22 Thread Peter Hessler
On 2011 Jun 23 (Thu) at 00:32:40 +0200 (+0200), ter Voorde Informatiesystemen 
wrote:
:You are completely right.
:
:I was only wondering if I do not set the variable explicitly, the
:default value would be 0 or 1.
:
:Kind regards,
:
:Frank
:

For some sysctls, the default is 0, for others, the default is 1.
You'll need to run it to see.  `sysctl ddb.panic`


-- 
Electrocution, n.:
Burning at the stake with all the modern improvements.



Question: IP NAT syntax on CARP interface

2011-06-22 Thread Stefan N
Hi guys,

I am in the midst of configuring the OpenBSD 4.9 PF using ip balancing and 
active-passive solution.
Every interface was configured successfully but I hit the problem when I am 
going to add IP Alias/NAT IP on carp interface.

1)For active-passive scenario:
Let say I am going to configure carp1 interface and I edit  /etc/hostname.carp1 
with 172.16.2.216 as virtual IP and 172.16.2.222 as  NAT IP
inet 172.16.2.216 255.255.255.0 172.16.2.255 vhid 2 advbase 20 advskew 0 
carpdev 
em1 pass p455w0rd
inet 172.16.2.222 255.255.255.255 vhid 2 advbase 20 advskew 0 carpdev em1 pass 
p455w0rd

Then I save the config and restart carp1 interface: sh /etc/netstart carp1
but the output is ifconfig: vhid: bad value.

2)For ip balancing scenario, carp1 will have the virtual IP and some NAT IP 
addresses :
Let say I am going to configure carp1 interface and I edit /etc/hostname.carp1 
with 172.16.1.216 as virtual IP and 172.16.1.222 as NAT IP
inet 172.16.1.216 255.255.255.0 172.16.1.255 balancing ip carpnodes 3:0,4:100 
pass p455w0rd
inet 172.16.1.222 255.255.255.255 balancing ip carpnodes 3:0,4:100 pass p455w0rd

Then I save the config and restart carp1 interface: sh /etc/netstart carp1
but the output is ifconfig: balancing: bad value.

How is the right syntax to configure and add NAT IP on carp interface?
Is the concept to add NAT IP(s) on carp interface(s) on active-active and ip 
balancing scenario correct?

Thank you in advance.

Stefan



Julio mes de la Secretaria, lV Convención Playa del Carmen 2011

2011-06-22 Thread Adriana Hernandez
172871

[IMAGE]

Pms Capacitacisn Efectiva de Mixico le presenta este programa:

Convencisn Nacional Secretarmas Ejecutivas y Asistentes 2011

22-23 de Julio, Playa del Carmen

Exclusivas conferencias presentadas por 3 Expertos Expositores

Empresa Registrada ante la STPS Reg. COLG640205CP30005

Smguenos en Twitter@pmscapacitacion o bien en Facebook PMS de Mixico

Solicite Mayores informes responda este correo electrsnico con los
siguientes datos.
Empresa:
Nombre:
Telifono:
Email:
Nzmero de Interesados:
Y en breve le haremos llegar la informacisn completa del evento. 
O bien comunmquense a nuestros telifonos  un ejecutivo con gusto le
atendera
Tels. (33) 8851-2365, (33)8851-2741.

Copyright (C) 2010, PMS Capacitacisn Efectiva de Mixico  S.C. Derechos
Reservados. PMS de Mixico, El logo de PMS de Mixico son marcas
registradas. ADVERTENCIA PMS de Mixico no cuenta con alianzas
estratigicas de ningzn tipo dentro de la Republica Mexicana. NO SE DEJE
ENGAQAR - DIGA NO A LA PIRATERIA. Todos los logotipos, marcas comerciales
e imagenes son propiedad de sus respectivas corporaciones y se utilizan
con fines informativos solamente.

Este Mensaje ha sido enviado a misc@openbsd.org como usuario de Pms de
Mixico o bien un usuario le refiris para recibir este boletmn.
Como usuario de Pms de Mixico, en este acto autoriza de manera expresa
que Pms de Mixico le puede contactar vma correo electrsnico u otros
medios.
Si usted ha recibido este mensaje por error, haga caso omiso de el y
reporte su cuenta respondiendo este correo con el subject BAJACONVENCION

Unsubscribe to this mailing list, reply a blank message with the subject
UNSUBSCRIBE BAJACONVENCION
Tenga en cuenta que la gestisn de nuestras bases de datos es de suma
importancia y no es intencisn de la empresa la inconformidad del
receptor.

[demime 1.01d removed an attachment of type image/jpeg which had a name of 
promo asistentes 4.jpg]



Quarantine Digest

2011-06-22 Thread administrator
Quarantine Digest for misc@openbsd.org

Click here to access your spam quarantine.
The spam quarantine contains emails that are being held from your email
account.
Quarantined emails can be released to your inbox or deleted using the
spam quarantine link.



Re: Can command-line options be specified in any place?

2011-06-22 Thread Bryan Irvine
On Wednesday, June 22, 2011, ropers  wrote:
> On 22 June 2011 21:22, Bryan Irvine  wrote:
>>
>> For what it's worth ls, is part of GNU.
>>
>> I yanked this right from ls.c
>>
>> /* Written by Richard Stallman and David MacKenzie.  */
>>
>> **ducks**
>
> Huh?
>
>
http://www.openbsd.org/cgi-bin/cvsweb/src/bin/ls/ls.c?rev=1.37;content-type=t
ext%2Fplain

I was correcting the assumption that Linus wrote the linux version if
ls. Sorry to confuse. :-)



Re: Can one interface have an IP address and bridge as well?

2011-06-22 Thread Paul Suh
Folks,

I could add another physical interface for the internal end of the bridge, but
not for the external end. Would this work?


--Paul


On Jun 22, 2011, at 6:56 AM, Stuart Henderson wrote:

> Seconded, or alternatively can you add another interface (physical
> or vlan) to place the server on?
>
> It might be possible to do bridging and nat on the same interface
> (possibly using bridge rules and PF tags) but at best you're setting
> yourself up for a complicated and fragile ruleset.
>
> On 2011-06-22, Shane Lazarus  wrote:
>> Heya
>>
>> On Wed, Jun 22, 2011 at 12:13 PM, Paul Suh  wrote:
>>
>>> Folks,
>>>
>>> Is this possible and/or a good idea? I have a router with three
interfaces:
>>>
>>> sis0: external interface, IPv4 address 1.2.3.4/24
>>> sis1: internal interface, IPv4 address 192.168.1.1/24
>>> sis2 : DMZ interface, IPv4 address
>>> 192.168.2.1/24
>>>
>>> NAT rules pass all traffic from the internal and DMZ zones through the
>>> external IP address. I have a couple of servers with IPv4 addresses
>>> 192.168.2.2 and 192.168.2.3 in the DMZ, with rdr-to rules that send
traffic
>>> in
>>> to them from 1.2.3.4.
>>>
>>> I need to place a server at 1.2.3.5, and the software I have to run needs
>>> the
>>> server itself to have the IPv4 address 1.2.3.5 -- I can't NAT it and give
>>> the
>>> server the address 192.168.2.4 in the DMZ. (Don't ask. *shudder*) Can I
set
>>> up
>>> a bridge between sis0 and sis2 so that traffic for 1.2.3.5 gets passed
>>> through
>>> to the server via sis2 as well as having the IPv4 address 1.2.3.4 on
sis0?
>>> Or
>>> is there a better way to do this?
>>>
>>>
>>> --Paul
>>>
>>> [demime 1.01d removed an attachment of type application/pkcs7-signature
>>> which had a name of smime.p7s]
>>>
>>>
>> I personally would check to see if you could get a /30 routed to 1.2.3.4.
>> 5.6.7.8 - 5.6.7.11
>>
>> Append one of the /30 to the sis2 interface, and the other to your new
>> server.
>>
>> If 1.2.3.4 & 1.2.3.5 are part of a bigger block that you own, see if you
>> can't allocate a /30 from that larger pool.
>> ( 1.2.3.8 - 1.2.3.11 ?? )
>>
>>
>> Shane

[demime 1.01d removed an attachment of type application/pkcs7-signature which 
had a name of smime.p7s]



Re: Automatic reboot on kernel panic

2011-06-22 Thread ter Voorde Informatiesystemen

You are completely right.

I was only wondering if I do not set the variable explicitly, the 
default value would be 0 or 1.


Kind regards,

Frank

On 06/22/11 17:12, Raimo Niskanen wrote:

On Wed, Jun 22, 2011 at 11:45:49AM -0300, Marcos Laufer wrote:

I am sorry, this confused me, and i didn't quite understand.

Just to be clear:

ddb.panic=0 will boot instead of dropping you into a ddb?

Or is it ddb.panic=1 the option that will make the system boot?

Please... are we not a wee bit lazy now... man sysctl.conf:

EXAMPLES
  To turn on IP forwarding, one would use the following line:

net.inet.ip.forwarding=1

  To cause the kernel to reboot on a panic, instead of dropping into the
  debugger, the following can be used:

ddb.panic=0



Regards,

David Coppa wrote:

On Wed, 22 Jun 2011, ter Voorde Informatiesystemen wrote:



In /etc/sysctl.conf I see the following commented line:

#ddb.panic=0

and nothing else about ddb.panic is present there. With other words,
I guess: 'ddb.panic=0' is the default boot time setting and does not
have to be set explicitly.

I now suppose: on a kernel panic, this system will not drop into ddb
(kind-of waiting for someone to retrieve useful information about
the panic) and is most likely to reboot. Is that correct?


Exactly the opposite:

$ sysctl ddb.panic
ddb.panic=1

You need to uncomment that line in /etc/sysctl.conf.

Cheers,
David




Re: Can command-line options be specified in any place?

2011-06-22 Thread Benny Lofgren
On 2011-06-22 13.49, Tobias Ulmer wrote:
> OpenBSD specifically and old BSD in general is not true to Unix. From
> ksh to billions of options to find and other tools to the entire
> networking framework (bolted on with additional syscalls, pseudo devices
> etc), nothing of that is Unix (or even -like).

I respectfully disagree. They are most definitely true to the unix
spirit. Sure, there are some things that are inconsistently implemented,
but it's hard to be stringent at all times. Some tradeoffs may also need
to be made over time for performance, usability or other practical reasons.

> Here is something to read: http://harmful.cat-v.org/cat-v/

Yes, I remember that debate from back in the day. But it's hardly relevant
to this discussion. I've never said that unix can't evolve, that the
original "ten command(ment)s" should be set in stone and never change or
be expanded.

> BSD went through a similar phase as GNU: adding every feature known to
> man to the original Unix commands. Have a look at lpr(1) for GNUism in
> action. After some time we got a little wiser and stopped adding flags
> for everything that was convenient.

Sure, lpr is no fun. SysV:s lp is no fun either, for similar reasons.
But look at ls or ps, they've "always" had a large number of options,
most with perfectly reasonable reasons to exist. There is a difference
between the "base" set of utilities, that in essence are extensions to
the shell scripting language and more "application"-like system features
such as the printer spooler and so on.

> Linux, especially with the constant influx of new developers and
> commercial interests, hasn't yet cooled down enough to stop messing
> around with their "base" system.

Very true. But the unix/linux community at large would have been even
better off if the two "camps" had had more in common. It's just a pity
that didn't happen, that's all I'm saying. I'm not saying there's no
talent in the Linux corner, I know there's plenty of good minds there.

> However if I got my history right, the improvements of BSD are why people
> bought a Unix license and then installed BSD. It was better, it had more
> features, networking, usable error messages, better language support
> etc. etc.

Sure. Not to mention it came with source code, which you only got from
AT&T if you had a source license, and those were *expensive*. I was
fortunate enough to work for a company that had exactly that source
license during the 1980:s, and I learned a *lot* just by reading the
code. Wish I still had a copy of it today, for nostalgia. :-)

> Are you ready to test my patch where I'm going to remove -exec from
> find(1) so you can have your real Unix back? And -r from grep? And...

Bullshit, as you so eloquently put it below. :-)

find(1) has had -exec since very very near the beginning. I've actually
still got an old system alive and running an SVR3 derivative from
the early 1980:s, and its find definitely has -exec. (I had to log on
to it just to double-check, and sure enough, there it was. :-) )

And grep... I never actually use either the deprecated -r or -R.
My fingers are perpetually locked into typing something like
"find . -type f -exec grep foobar {} \; -print" so I don't need it.

(That is probably because -r didn't exist back in the day, so it
never found its way into my autonomous nervous system... And it sort
of makes my point - when I first started to learn unix around 1982,
what stuck then is still valid today. Unless I'm on a Linux system.
There I get around by having a general idea of what to do. (And the
lousy state of Linux man pages doesn't help either.))

> Bullshit, you use BSD because just like Linux, it added lots of handy
> features while keeping it simple. Linux may overdo it from your and my
> point of view, but so does OpenBSD from the POV of some old unix guys.

No actually, quite the opposite. I use OpenBSD for two reasons: because
of its developers' non-compromising stance on code quality and simply
because I'm an old fart and OpenBSD is - by far - the most familiar OS
around for me today.

In fact I'm just such an old unix guy you're referring to. No beard
though. And OpenBSD gets the mix Just Right imo. :-)

> The getopt(3) function is inconsistent amongst operating systems and
> could use some polish in my opinion. Maybe there are technical reasons
> why this feature can't be implemented, but this discussion has certainly
> extinguished my curiosity about it.

I'm not sure what you mean, but if you refer to the "feature" the OP
mentioned of tacking on switches after other arguments in ls, in my
mind that's a bug in the gnu implementation. ls semantics have never
been like that.

Here's a snippet from my old steam computer:

 ds90$ ls .profile
 .profile
 ds90$ ls -l .profile
 -rwxr-xr-x   1 root sys   252 May 23  1992 .profile
 ds90$ ls .profile -l
 ls:  -l not found
 .profile
 ds90$ _


> Backwards threads like this one prevent people from trying to improve
> things, which is th

Re: Can command-line options be specified in any place?

2011-06-22 Thread ropers
On 22 June 2011 21:22, Bryan Irvine  wrote:
>
> For what it's worth ls, is part of GNU.
>
> I yanked this right from ls.c
>
> /* Written by Richard Stallman and David MacKenzie.  */
>
> **ducks**

Huh?

http://www.openbsd.org/cgi-bin/cvsweb/src/bin/ls/ls.c?rev=1.37;content-type=t
ext%2Fplain



Re: Can command-line options be specified in any place?

2011-06-22 Thread Bryan Irvine
> Linus didn't do his homework properly. That, combined with the fact that
> Linux became such a huge success is both a blessing and a curse to us
> in the unix community; on the one hand Linux provides us with plenty of
> young blood in a new generation of hackers... while on the other hand
> they can't speak properly!

For what it's worth ls, is part of GNU.

I yanked this right from ls.c

/* Written by Richard Stallman and David MacKenzie.  */

**ducks**



Re: Can command-line options be specified in any place?

2011-06-22 Thread m brandenberg

On Wed, 22 Jun 2011, vadi...@gmail.com wrote:


Why don't you use aliases ?


It's not about 'ls' only: I've just used it as an example. I noticed
that after running a command with one set of options sometimes I want
to add another option(s). For some reason this is important for me to
the extent that I have not become a FreeBSD user when I had a chance.


There are (or were) a number of 'do what I mean' shells that correct
for usage and intent.  You might look at some of these to provide an
experience closer to what you're looking for.  (I think plan9 offers
one but not certain)

--
Monty Brandenberg, Software Engineer   MCB, Inc.
mcb...@panix.com P.O. Box 426188
mcb...@pobox.com   Cambridge, MA  02142-0021
617.864.6907



Re: Can command-line options be specified in any place?

2011-06-22 Thread Eric S Pulley
On Tue, June 21, 2011 5:39 pm, vadi...@gmail.com wrote:
> Hi,
>
> I'm considering migrating my desktop from Linux to OpenBSD but the
> main feature that
> kept me away from *BSD world for over a decade since I've first tried
> FreeBSD was the
> one that options must only be specified after command before any
> arguments. (At least
> that is true for basic commands). For example on Linux a command
>
>   ls -l foo -h
>
> will print the foo's size with suffix (K, M, G, etc.). On *BSD
> (including Mac OS X) I get error
> message:
>
>   ls: -h: No such file or directory
>
> Is there an easy way to get the desired behavior on OpenBSD? If that
> can only be achieved
> by patching system's sources is there a standard way to maintain my
> personal set of
> patches so that they will be automatically applied every time I upgrade
> system?
>
> Best regards,
> Vadim.
>
>

To answer your question:
No
Not even in Linux
>From the GNU ls man page:

SYNOPSIS
   ls [OPTION]... [FILE]...

Your use of the tool is incorrect. You *can* hit your hand with a hammer
but that's not what it's for...

Now can we all move on? Or do we now discuses the merits of claw vs.
ball-peen hammers for hand smashing?



Re: Can command-line options be specified in any place?

2011-06-22 Thread Andres Perera
On Wed, Jun 22, 2011 at 7:19 AM, Tobias Ulmer  wrote:
>
> The getopt(3) function is inconsistent amongst operating systems and
> could use some polish in my opinion. Maybe there are technical reasons
> why this feature can't be implemented, but this discussion has certainly
> extinguished my curiosity about it.
>

inconsistent implementations are not the problem at all

if the system getopt is patched to always use  FLAG_PERMUTE like
getopt_long, then scripts that expect the old behaviour would have to
be changed. for example, /etc/rc.d/rc.subr:

-rcexec="su -l -c ${daemon_class} -s /bin/sh ${daemon_user} -c"
+rcexec="su -l -c ${daemon_class} -s /bin/sh -- ${daemon_user} -c"

going through all the scripts is a bigger problem than some other os
using another implementation with remarkably different semantics



Re: Can command-line options be specified in any place?

2011-06-22 Thread David Hoskin
When I first switched to OpenBSD, I thought this would be a huge
problem, but I got used to it in a week or two.

Like someone else said, I just use CTRL-A to go back to the start of the
line.

On Tue, Jun 21, 2011 at 4:39 PM,   wrote:
> Hi,
>
> I'm considering migrating my desktop from Linux to OpenBSD but the
> main feature that
> kept me away from *BSD world for over a decade since I've first tried
> FreeBSD was the
> one that options must only be specified after command before any
> arguments. (At least
> that is true for basic commands). For example on Linux a command
>
>  ls -l foo -h
>
> will print the foo's size with suffix (K, M, G, etc.). On *BSD
> (including Mac OS X) I get error
> message:
>
>  ls: -h: No such file or directory
>
> Is there an easy way to get the desired behavior on OpenBSD? If that
> can only be achieved
> by patching system's sources is there a standard way to maintain my
> personal set of
> patches so that they will be automatically applied every time I upgrade
system?
>
> Best regards,
> Vadim.



Re: nroff

2011-06-22 Thread Tim van der Molen
On Wed, 22 Jun 2011 16:52:17 +0200, Friedrich Locke wrote:
> i have installed openbsd 4.9 and i am trying to compile ucspi-tcp-0.88
> with a ssl patch, but the compilation process fails due to not finding
> a program called nroff.
> 
> Previous version of OpenBSD seems to have installed nroff. Does
> anybody knows why it was removed?

nroff is part of groff, which has been removed from the base system in
favour of mandoc(1). See:

http://mdocml.bsd.lv/
http://undeadly.org/cgi?action=article&sid=20110314142734

> How could i install it?

You can install groff from packages or ...

> ./load instcheck hier.o auto_home.o unix.a byte.a
> nroff -man tcpclient.1 > tcpclient.0

... replace "nroff -man" with "mandoc" and see if the output in
tcpclient.0 is readable. Chances are you don't even need nroff.



Re: Can command-line options be specified in any place?

2011-06-22 Thread Ted Unangst
On Wed, Jun 22, 2011 at 7:49 AM, Tobias Ulmer  wrote:
> tl;dr: In my opinion, these anti Linux rants do harm to OpenBSD by
> condemning everything Linux does instead of allowing us to pick out just
> the good parts.

Don't worry, the ranters and the pickers aren't the same people.



Re: Automatic reboot on kernel panic

2011-06-22 Thread Kevin Chadwick
On Wed, 22 Jun 2011 18:11:36 +0300
Gregory Edigarov wrote:

> On Wed, 22 Jun 2011 11:45:49 -0300
> Marcos Laufer  wrote:
> 
> > ddb.panic=0 will boot instead of dropping you into a ddb?
> greg@greg:~$ banner YES
> # # ###  #
>  #   #  #   # #
>   # #   #   #
>###
>## #
>##   # #
>####  #
> 

That's how the man pages should be written.



Re: nroff

2011-06-22 Thread Kevin Chadwick
On Wed, 22 Jun 2011 11:52:17 -0300
Friedrich Locke wrote:

> Previous version of OpenBSD seems to have installed nroff. Does
> anybody knows why it was removed?
> How could i install it?

I think it wasn't needed for the man pages anymore. It is in ports,
groff, I think. A search for nroff on the mailing list archives
would have worked in seconds.



Re: nroff

2011-06-22 Thread Ted Unangst
pkg_add groff

On Wed, Jun 22, 2011 at 10:52 AM, Friedrich Locke
 wrote:
> Hi folks,
>
> i have installed openbsd 4.9 and i am trying to compile ucspi-tcp-0.88
> with a ssl patch, but the compilation process fails due to not finding
> a program called nroff.
>
> Previous version of OpenBSD seems to have installed nroff. Does
> anybody knows why it was removed?
> How could i install it?
>
> Thanks in advance.
>
> Here goes the output :
>
> ./load instcheck hier.o auto_home.o unix.a byte.a
> nroff -man tcpclient.1 > tcpclient.0
> /bin/sh: nroff: not found
> *** Error code 127
>
> Stop in /tmp/ucspi-tcp-0.88 (line 781 of Makefile).
> sioux@gustav$



Re: Automatic reboot on kernel panic

2011-06-22 Thread Raimo Niskanen
On Wed, Jun 22, 2011 at 11:45:49AM -0300, Marcos Laufer wrote:
> I am sorry, this confused me, and i didn't quite understand.
> 
> Just to be clear:
> 
> ddb.panic=0 will boot instead of dropping you into a ddb?
> 
> Or is it ddb.panic=1 the option that will make the system boot?

Please... are we not a wee bit lazy now... man sysctl.conf:

EXAMPLES
 To turn on IP forwarding, one would use the following line:

   net.inet.ip.forwarding=1

 To cause the kernel to reboot on a panic, instead of dropping into the
 debugger, the following can be used:

   ddb.panic=0

> 
> 
> Regards,
> 
> David Coppa wrote:
> > On Wed, 22 Jun 2011, ter Voorde Informatiesystemen wrote:
> >
> >   
> >> In /etc/sysctl.conf I see the following commented line:
> >>
> >> #ddb.panic=0
> >>
> >> and nothing else about ddb.panic is present there. With other words,
> >> I guess: 'ddb.panic=0' is the default boot time setting and does not
> >> have to be set explicitly.
> >>
> >> I now suppose: on a kernel panic, this system will not drop into ddb
> >> (kind-of waiting for someone to retrieve useful information about
> >> the panic) and is most likely to reboot. Is that correct?
> >> 
> >
> > Exactly the opposite:
> >
> > $ sysctl ddb.panic
> > ddb.panic=1
> >
> > You need to uncomment that line in /etc/sysctl.conf.
> >
> > Cheers,
> > David

-- 

/ Raimo Niskanen, Erlang/OTP, Ericsson AB



Re: Can command-line options be specified in any place?

2011-06-22 Thread Gregory Edigarov
On Wed, 22 Jun 2011 15:09:17 + (UTC)
Stuart Henderson  wrote:

> On 2011-06-22, Gregory Edigarov  wrote:
> > On Wed, 22 Jun 2011 13:49:22 +0200
> > Tobias Ulmer  wrote:
> >
> >> tl;dr: In my opinion, these anti Linux rants do harm to OpenBSD by
> >> condemning everything Linux does instead of allowing us to pick out
> >> just the good parts.
> > Hmm. Even if there would be no antilinux rants it is just
> > impossible,to get something from linux... remember licence
> > differencies.
> 
> That doesn't prevent an alternative implementation.
> 
Yes, of course

--
With best regards,
   Gregory Edigarov



Re: Automatic reboot on kernel panic

2011-06-22 Thread Gregory Edigarov
On Wed, 22 Jun 2011 11:45:49 -0300
Marcos Laufer  wrote:

> ddb.panic=0 will boot instead of dropping you into a ddb?
greg@greg:~$ banner YES
# # ###  #
 #   #  #   # #
  # #   #   #
   ###
   ## #
   ##   # #
   ####  #



Re: Can command-line options be specified in any place?

2011-06-22 Thread Stuart Henderson
On 2011-06-22, Gregory Edigarov  wrote:
> On Wed, 22 Jun 2011 13:49:22 +0200
> Tobias Ulmer  wrote:
>
>> tl;dr: In my opinion, these anti Linux rants do harm to OpenBSD by
>> condemning everything Linux does instead of allowing us to pick out
>> just the good parts.
> Hmm. Even if there would be no antilinux rants it is just
> impossible,to get something from linux... remember licence differencies.

That doesn't prevent an alternative implementation.



nroff

2011-06-22 Thread Friedrich Locke
Hi folks,

i have installed openbsd 4.9 and i am trying to compile ucspi-tcp-0.88
with a ssl patch, but the compilation process fails due to not finding
a program called nroff.

Previous version of OpenBSD seems to have installed nroff. Does
anybody knows why it was removed?
How could i install it?

Thanks in advance.

Here goes the output :

./load instcheck hier.o auto_home.o unix.a byte.a
nroff -man tcpclient.1 > tcpclient.0
/bin/sh: nroff: not found
*** Error code 127

Stop in /tmp/ucspi-tcp-0.88 (line 781 of Makefile).
sioux@gustav$



Re: Can command-line options be specified in any place?

2011-06-22 Thread Marco Peereboom
tl;dr

linux still sucks

On Wed, Jun 22, 2011 at 01:49:22PM +0200, Tobias Ulmer wrote:
> tl;dr: In my opinion, these anti Linux rants do harm to OpenBSD by
> condemning everything Linux does instead of allowing us to pick out just
> the good parts.
> 
> On Wed, Jun 22, 2011 at 11:22:02AM +0200, Benny Lofgren wrote:
> > On 2011-06-22 09.24, Tobias Ulmer wrote:
> > > On Wed, Jun 22, 2011 at 03:48:59AM +0200, Benny Lofgren wrote:
> > >> On 2011-06-22 03.03, vadi...@gmail.com wrote:
> >  Please continue to use Linux.
> >  That's ugly, useless and dangerous.
> > >>>
> > >>> Oops, looks like that was a "holy war" type of question. Sorry I did
> > >>> not want to start that.
> > >>>
> >  If you want Linux, use Linux.
> > >>>
> > >>> It's not that I want specifically Linux. I've just decided to look for
> > >>> a system that cat satisfy me from the usability point of view. I do
> > >>> not care if that will be Linux or *BSD or Solaris or whatever  else.
> > >>> The main idea was that the work with the system should be a pleasure,
> > >>> not a pain :)
> > >>
> > >> What you should do is relearn the proper way. :-)
> > >>
> > 
> > [the rest of my rant deleted]
> > 
> > > Oh please, Linus wrote the kernel, not Ubuntu. If you hate coreutils or
> > > getopt, blame the respective groups that developed them and not someone
> > > writing a kernel, a long time ago.
> > 
> > No, I don't hate coreutils or getopt, getopt is good shit. What I hate
> > is the inconsistensies, the fact that Linux isn't a homogenous piece of
> > work but so obviously a product of a thousand chefs, few with similar
> > taste.
> > 
> > And my criticism extends to the kernel too, or rather begins with it, so
> > it definitley applies to Linus himself and the kernel guys.
> > 
> > > This rose tinted "OpenBSD is the greatest" shit really gets on my
> > > nerves. It's all fun to bash others, but from time to time you have to
> > > look at their stuff and figure out which parts they did right and you
> > > could improve.
> > 
> > Granted, my rant was, on purpose, negatively Linux-biased, but not in
> > one single place - also on purpose - would you have found the word
> > OpenBSD or any slant towards it, which makes me suspect you couldn't
> > stand what I wrote long enough to actually read all of it. :-)
> 
> Right. And I felt in the mood to take the opposite position for the fun
> of it.
> 
> > 
> > So I think you might have missed my point. There is a "true unix"
> > heritage that needs to be cared for, THAT MAKES LIFE SIMPLER if you
> > understand and take advantage of it.
> 
> OpenBSD specifically and old BSD in general is not true to Unix. From
> ksh to billions of options to find and other tools to the entire
> networking framework (bolted on with additional syscalls, pseudo devices
> etc), nothing of that is Unix (or even -like).
> 
> Here is something to read: http://harmful.cat-v.org/cat-v/
> 
> BSD went through a similar phase as GNU: adding every feature known to
> man to the original Unix commands. Have a look at lpr(1) for GNUism in
> action. After some time we got a little wiser and stopped adding flags
> for everything that was convenient.
> 
> Linux, especially with the constant influx of new developers and
> commercial interests, hasn't yet cooled down enough to stop messing
> around with their "base" system.
> 
> However if I got my history right, the improvements of BSD are why people
> bought a Unix license and then installed BSD. It was better, it had more
> features, networking, usable error messages, better language support
> etc. etc.
> 
> > Linus missed or chose to ignore that part entirely. That's fine, as
> > Linux is not said to be a unix operating system, but a "unix like" one.
> > 
> > The problem is, this "likeness" is not "like enough", so it really
> > doesn't help the community overall but rather hinders it. This is
> > something the Linux and GNU folks could have addressed in the early
> > days but either chose to ignore or were ignorant about. For that
> > they absolutely deserve some blame.
> 
> Are you ready to test my patch where I'm going to remove -exec from
> find(1) so you can have your real Unix back? And -r from grep? And...
> 
> Bullshit, you use BSD because just like Linux, it added lots of handy
> features while keeping it simple. Linux may overdo it from your and my
> point of view, but so does OpenBSD from the POV of some old unix guys.
> 
> > 
> > Now, the OP:s questions are certainly addressable by choosing a shell
> > he is used to, and perhaps by a set of aliases and/or scripts to tune
> > the "user experience" into something familiar for him.
> 
> The getopt(3) function is inconsistent amongst operating systems and
> could use some polish in my opinion. Maybe there are technical reasons
> why this feature can't be implemented, but this discussion has certainly
> extinguished my curiosity about it.
> 
> Backwards threads like this one prevent people from trying to improve
> things, whi

Re: Automatic reboot on kernel panic

2011-06-22 Thread Marcos Laufer
I am sorry, this confused me, and i didn't quite understand.

Just to be clear:

ddb.panic=0 will boot instead of dropping you into a ddb?

Or is it ddb.panic=1 the option that will make the system boot?


Regards,

David Coppa wrote:
> On Wed, 22 Jun 2011, ter Voorde Informatiesystemen wrote:
>
>   
>> In /etc/sysctl.conf I see the following commented line:
>>
>> #ddb.panic=0
>>
>> and nothing else about ddb.panic is present there. With other words,
>> I guess: 'ddb.panic=0' is the default boot time setting and does not
>> have to be set explicitly.
>>
>> I now suppose: on a kernel panic, this system will not drop into ddb
>> (kind-of waiting for someone to retrieve useful information about
>> the panic) and is most likely to reboot. Is that correct?
>> 
>
> Exactly the opposite:
>
> $ sysctl ddb.panic
> ddb.panic=1
>
> You need to uncomment that line in /etc/sysctl.conf.
>
> Cheers,
> David



Re: net-snmp in 4.9 : does it work for you ?

2011-06-22 Thread Patrick Lamaiziere
Le Wed, 22 Jun 2011 09:23:01 +0200,
Patrick Lamaiziere  a C)crit :

> Hello,
> 
> I've updated my two pf firewalls today from 4.8 to 4.9 (worked fine,
> nice). But it looks there is a problem with net-snmp and the
> traffic reported (IF-MIB). This is not correct anymore (like 30
> Mbits/s instead more than 150 Mbits/s). I've checked the interfaces
> indexes in the snmp tables and they did not change. Other values (like
> packet per second) look good.
> 
> I've tried the previous version of net-snmp (net-snmp-5.4.2.1p5) and
> there is the same problem.
> 
> Any clue?

Ooops. 

Looks like someone has changed the configuration of Cacti.
My apologies. Regards.



Watchdog timeout on Marvell Yukon 88E8053 (driver msk, 4.9-release)

2011-06-22 Thread Mathieu Blanc

Hello everybody,

I updated my openbsd firewalls (two carp-ed fw) last month (May 24th) to 
4.9 release. I don't know if this is related, but i have a significant 
numbers of "watchdog timeout" errors in logs (the master becomes slave 
when the error appears).


Before the update, i've just seen this error 2 times (May 17th and April 
14th). xx-1 is normally the master and xx-2 the slave (dmesg are exactly 
the same). Watchdog timeout in logs appear when the firewall is master 
(bw ~ 20Mb/s).


xx-1:~# zgrep watchdog /var/log/messages*
/var/log/messages.0.gz:Jun 14 13:59:41 xx-1 /bsd: msk2: watchdog timeout
/var/log/messages.0.gz:Jun 15 15:05:55 xx-1 /bsd: msk0: watchdog timeout
/var/log/messages.0.gz:Jun 15 16:56:32 xx-1 /bsd: msk0: watchdog timeout
/var/log/messages.0.gz:Jun 15 17:23:05 xx-1 /bsd: msk1: watchdog timeout
/var/log/messages.1.gz:Jun  6 10:32:16 xx-1 /bsd: msk1: watchdog timeout
/var/log/messages.1.gz:Jun  6 17:30:55 xx-1 /bsd: msk2: watchdog timeout
/var/log/messages.1.gz:Jun  9 10:17:31 xx-1 /bsd: msk0: watchdog timeout
/var/log/messages.2.gz:May 30 17:10:45 xx-1 /bsd: msk0: watchdog timeout
/var/log/messages.2.gz:May 31 18:02:13 xx-1 /bsd: msk0: watchdog timeout
/var/log/messages.4.gz:May 17 16:18:45 xx-1 /bsd: msk0: watchdog timeout
/var/log/messages.9.gz:Apr 14 16:00:26 xx-1 /bsd: msk0: watchdog timeout

xx-2:~# zgrep watchdog /var/log/messages*
/var/log/messages:Jun 20 10:14:20 xx-2 /bsd: msk0: watchdog timeout
/var/log/messages:Jun 21 15:48:32 xx-2 /bsd: msk2: watchdog timeout
/var/log/messages.0.gz:Jun 17 10:16:12 xx-2 /bsd: msk0: watchdog timeout

The 4.9 upgrade and the increase of watchdog timeout logs seem to 
coincide but there are no pieces of evidence.


Does anybody has the same type of network card and the same problem ?
I found some old mails (2007) but i don't see if it could help me  :
http://gnats.netbsd.org/36454
http://kerneltrap.org/mailarchive/openbsd-misc/2007/5/11/149534/thread

Some mails/forums are not so old (2010) but concern freebsd :
http://www.freebsd.org/cgi/query-pr.cgi?pr=116853
http://forums.freebsd.org/showthread.php?t=10183

Thank you in advance !

Here is the dmesg of one of the firewall (they are strictly the same).

OpenBSD 4.9 (GENERIC.MP) #794: Wed Mar  2 07:19:02 MST 2011
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Pentium(R) 4 CPU 3.40GHz ("GenuineIntel" 686-class) 3.41 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,CNXT-ID,CX16,xTPR,PDCM

real mem  = 2145939456 (2046MB)
avail mem = 2100670464 (2003MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 08/29/05, BIOS32 rev. 0 @ 0xf9680, 
SMBIOS rev. 2.2 @ 0xf0800 (39 entries)

bios0: vendor Phoenix Technologies, LTD version "6.00 PG" date 08/29/2005
acpi0 at bios0: rev 0
acpi0: sleep states S0 S1
acpi0: tables DSDT FACP MCFG APIC
acpi0: wakeup devices PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5) HUB0(S5) 
UAR1(S5) UAR2(S5) USB0(S1) USB1(S1) USB2(S1) USBE(S1) AC97(S5) AZAL(S5) 
PCI0(S5)

acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimcfg0 at acpi0 addr 0xe000, bus 0-0
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 200MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Pentium(R) 4 CPU 3.40GHz ("GenuineIntel" 686-class) 3.41 GHz
cpu1: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,CNXT-ID,CX16,xTPR,PDCM

ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (PEX0)
acpiprt2 at acpi0: bus 2 (PEX1)
acpiprt3 at acpi0: bus 3 (PEX2)
acpiprt4 at acpi0: bus 4 (PEX3)
acpiprt5 at acpi0: bus 5 (HUB0)
acpicpu0 at acpi0
acpicpu1 at acpi0
acpitz0 at acpi0: critical temperature 75 degC
acpibtn0 at acpi0: PWRB
bios0: ROM list: 0xc/0xa800! 0xcc000/0x8000! 0xef000/0x1000!
cpu0: Enhanced SpeedStep disabled by BIOS
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82915G Host" rev 0x0e
vga1 at pci0 dev 2 function 0 "Intel 82915G Video" rev 0x0e
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0xc000, size 0x1000
inteldrm0 at vga1: apic 2 int 16 (irq 5)
drm0 at inteldrm0
ppb0 at pci0 dev 28 function 0 "Intel 82801FB PCIE" rev 0x04: apic 2 int 
16 (irq 5)

pci1 at ppb0 bus 1
mskc0 at pci1 dev 0 function 0 "Marvell Yukon 88E8053" rev 0x15, Yukon-2 
EC rev. A3 (0x2): apic 2 int 16 (irq 5)

msk0 at mskc0 port A: address 00:10:f3:13:c6:98
eephy0 at msk0 phy 0: 88E Gigabit PHY, rev. 2
ppb1 at pci0 dev 28 function 1 "Intel 82801FB PCIE" rev 0x04: apic 2 int 
17 (irq 10)

pci2 at ppb1 bus 2
mskc1 at pci2 dev 0 functi

Re: Automatic reboot on kernel panic

2011-06-22 Thread ter Voorde Informatiesystemen

Sir Coppa,

That's why I apologized... Forgetting the possibility of reading out the 
value of ddb.panic. Kind of stupid for a person (me) doing 'sysctl 
hw.sensors' 10 times a week. But that's off topic.


It is set now and returns 0. That machine will me moved 30 kilometers 
away and must stay up for a month or two. I think 'ddb.panic=0' is the 
right thing to set on that machine.


Thanks to you, Sir Coppa, and also to Sir Edigarov who replied also,

Kind regards,

Frank ter Voorde

On 06/22/11 15:21, David Coppa wrote:

On Wed, 22 Jun 2011, ter Voorde Informatiesystemen wrote:


In /etc/sysctl.conf I see the following commented line:

#ddb.panic=0

and nothing else about ddb.panic is present there. With other words,
I guess: 'ddb.panic=0' is the default boot time setting and does not
have to be set explicitly.

I now suppose: on a kernel panic, this system will not drop into ddb
(kind-of waiting for someone to retrieve useful information about
the panic) and is most likely to reboot. Is that correct?

Exactly the opposite:

$ sysctl ddb.panic
ddb.panic=1

You need to uncomment that line in /etc/sysctl.conf.

Cheers,
David




Re: Automatic reboot on kernel panic

2011-06-22 Thread Gregory Edigarov
On Wed, 22 Jun 2011 15:12:30 +0200
ter Voorde Informatiesystemen  wrote:

> Hi there,
> 
> At first, I would like to apologize for the possibility that this
> e-mail message might fatigue you, but I just want to be sure.
> 
> I would like to know if my machine automatically reboots at a kernel 
> panic (if it's not failing too much because of malfunctioning
> hardware, etc., ofcourse) by default, or if it will not.
> 
> The machine is an i386 running OpenBSD 4.9 GENERIC.MP#794 and had a 
> default cd install with no additional manual compile options set. It 
> only has two users and sshd configured, so I didn't touch anything
> else. Pretty default.
> 
> In /etc/sysctl.conf I see the following commented line:
> 
> #ddb.panic=0
> 
> and nothing else about ddb.panic is present there. With other words,
> I guess: 'ddb.panic=0' is the default boot time setting and does not
> have to be set explicitly.
you have wrong guess, go do
# sysctl ddb.panic

> I now suppose: on a kernel panic, this system will not drop into ddb 
> (kind-of waiting for someone to retrieve useful information about the 
> panic) and is most likely to reboot. Is that correct?
wrong. by default it _WILL_ drop into ddb
> 
> Kind regards,
> 
> Frank ter Voorde



Re: Automatic reboot on kernel panic

2011-06-22 Thread David Coppa
On Wed, 22 Jun 2011, ter Voorde Informatiesystemen wrote:

> In /etc/sysctl.conf I see the following commented line:
> 
> #ddb.panic=0
> 
> and nothing else about ddb.panic is present there. With other words,
> I guess: 'ddb.panic=0' is the default boot time setting and does not
> have to be set explicitly.
> 
> I now suppose: on a kernel panic, this system will not drop into ddb
> (kind-of waiting for someone to retrieve useful information about
> the panic) and is most likely to reboot. Is that correct?

Exactly the opposite:

$ sysctl ddb.panic
ddb.panic=1

You need to uncomment that line in /etc/sysctl.conf.

Cheers,
David



Automatic reboot on kernel panic

2011-06-22 Thread ter Voorde Informatiesystemen

Hi there,

At first, I would like to apologize for the possibility that this e-mail 
message might fatigue you, but I just want to be sure.


I would like to know if my machine automatically reboots at a kernel 
panic (if it's not failing too much because of malfunctioning hardware, 
etc., ofcourse) by default, or if it will not.


The machine is an i386 running OpenBSD 4.9 GENERIC.MP#794 and had a 
default cd install with no additional manual compile options set. It 
only has two users and sshd configured, so I didn't touch anything else. 
Pretty default.


In /etc/sysctl.conf I see the following commented line:

#ddb.panic=0

and nothing else about ddb.panic is present there. With other words, I 
guess: 'ddb.panic=0' is the default boot time setting and does not have 
to be set explicitly.


I now suppose: on a kernel panic, this system will not drop into ddb 
(kind-of waiting for someone to retrieve useful information about the 
panic) and is most likely to reboot. Is that correct?


Kind regards,

Frank ter Voorde



Re: Can command-line options be specified in any place?

2011-06-22 Thread gilbert . fernandes
On Wed, Jun 22, 2011 at 09:24:35AM +0200, Tobias Ulmer wrote:

> This rose tinted "OpenBSD is the greatest" shit really gets on my
> nerves. It's all fun to bash others, but from time to time you have to
> look at their stuff and figure out which parts they did right and you
> could improve.

Yeah sure.

Go tell that to Linux that called OpenBSD users masturbating
monkeys.

-- 
Where the fsck is my signature ?



Re: Can command-line options be specified in any place?

2011-06-22 Thread Gregory Edigarov
On Wed, 22 Jun 2011 13:49:22 +0200
Tobias Ulmer  wrote:

> tl;dr: In my opinion, these anti Linux rants do harm to OpenBSD by
> condemning everything Linux does instead of allowing us to pick out
> just the good parts.
Hmm. Even if there would be no antilinux rants it is just
impossible,to get something from linux... remember licence differencies.

> On Wed, Jun 22, 2011 at 11:22:02AM +0200, Benny Lofgren wrote:
> > On 2011-06-22 09.24, Tobias Ulmer wrote:
> > > On Wed, Jun 22, 2011 at 03:48:59AM +0200, Benny Lofgren wrote:
> > >> On 2011-06-22 03.03, vadi...@gmail.com wrote:
> >  Please continue to use Linux.
> >  That's ugly, useless and dangerous.
> > >>>
> > >>> Oops, looks like that was a "holy war" type of question. Sorry
> > >>> I did not want to start that.
> > >>>
> >  If you want Linux, use Linux.
> > >>>
> > >>> It's not that I want specifically Linux. I've just decided to
> > >>> look for a system that cat satisfy me from the usability point
> > >>> of view. I do not care if that will be Linux or *BSD or Solaris
> > >>> or whatever  else. The main idea was that the work with the
> > >>> system should be a pleasure, not a pain :)
> > >>
> > >> What you should do is relearn the proper way. :-)
> > >>
> > 
> > [the rest of my rant deleted]
> > 
> > > Oh please, Linus wrote the kernel, not Ubuntu. If you hate
> > > coreutils or getopt, blame the respective groups that developed
> > > them and not someone writing a kernel, a long time ago.
> > 
> > No, I don't hate coreutils or getopt, getopt is good shit. What I
> > hate is the inconsistensies, the fact that Linux isn't a homogenous
> > piece of work but so obviously a product of a thousand chefs, few
> > with similar taste.
> > 
> > And my criticism extends to the kernel too, or rather begins with
> > it, so it definitley applies to Linus himself and the kernel guys.
> > 
> > > This rose tinted "OpenBSD is the greatest" shit really gets on my
> > > nerves. It's all fun to bash others, but from time to time you
> > > have to look at their stuff and figure out which parts they did
> > > right and you could improve.
> > 
> > Granted, my rant was, on purpose, negatively Linux-biased, but not
> > in one single place - also on purpose - would you have found the
> > word OpenBSD or any slant towards it, which makes me suspect you
> > couldn't stand what I wrote long enough to actually read all of
> > it. :-)
> 
> Right. And I felt in the mood to take the opposite position for the
> fun of it.
> 
> > 
> > So I think you might have missed my point. There is a "true unix"
> > heritage that needs to be cared for, THAT MAKES LIFE SIMPLER if you
> > understand and take advantage of it.
> 
> OpenBSD specifically and old BSD in general is not true to Unix. From
> ksh to billions of options to find and other tools to the entire
> networking framework (bolted on with additional syscalls, pseudo
> devices etc), nothing of that is Unix (or even -like).
> 
> Here is something to read: http://harmful.cat-v.org/cat-v/
> 
> BSD went through a similar phase as GNU: adding every feature known to
> man to the original Unix commands. Have a look at lpr(1) for GNUism in
> action. After some time we got a little wiser and stopped adding flags
> for everything that was convenient.
> 
> Linux, especially with the constant influx of new developers and
> commercial interests, hasn't yet cooled down enough to stop messing
> around with their "base" system.
> 
> However if I got my history right, the improvements of BSD are why
> people bought a Unix license and then installed BSD. It was better,
> it had more features, networking, usable error messages, better
> language support etc. etc.
> 
> > Linus missed or chose to ignore that part entirely. That's fine, as
> > Linux is not said to be a unix operating system, but a "unix like"
> > one.
> > 
> > The problem is, this "likeness" is not "like enough", so it really
> > doesn't help the community overall but rather hinders it. This is
> > something the Linux and GNU folks could have addressed in the early
> > days but either chose to ignore or were ignorant about. For that
> > they absolutely deserve some blame.
> 
> Are you ready to test my patch where I'm going to remove -exec from
> find(1) so you can have your real Unix back? And -r from grep? And...
> 
> Bullshit, you use BSD because just like Linux, it added lots of handy
> features while keeping it simple. Linux may overdo it from your and my
> point of view, but so does OpenBSD from the POV of some old unix guys.
> 
> > 
> > Now, the OP:s questions are certainly addressable by choosing a
> > shell he is used to, and perhaps by a set of aliases and/or scripts
> > to tune the "user experience" into something familiar for him.
> 
> The getopt(3) function is inconsistent amongst operating systems and
> could use some polish in my opinion. Maybe there are technical reasons
> why this feature can't be implemented, but this discussion has
> certainly extinguished my cu

Re: Can command-line options be specified in any place?

2011-06-22 Thread Tobias Ulmer
tl;dr: In my opinion, these anti Linux rants do harm to OpenBSD by
condemning everything Linux does instead of allowing us to pick out just
the good parts.

On Wed, Jun 22, 2011 at 11:22:02AM +0200, Benny Lofgren wrote:
> On 2011-06-22 09.24, Tobias Ulmer wrote:
> > On Wed, Jun 22, 2011 at 03:48:59AM +0200, Benny Lofgren wrote:
> >> On 2011-06-22 03.03, vadi...@gmail.com wrote:
>  Please continue to use Linux.
>  That's ugly, useless and dangerous.
> >>>
> >>> Oops, looks like that was a "holy war" type of question. Sorry I did
> >>> not want to start that.
> >>>
>  If you want Linux, use Linux.
> >>>
> >>> It's not that I want specifically Linux. I've just decided to look for
> >>> a system that cat satisfy me from the usability point of view. I do
> >>> not care if that will be Linux or *BSD or Solaris or whatever  else.
> >>> The main idea was that the work with the system should be a pleasure,
> >>> not a pain :)
> >>
> >> What you should do is relearn the proper way. :-)
> >>
> 
> [the rest of my rant deleted]
> 
> > Oh please, Linus wrote the kernel, not Ubuntu. If you hate coreutils or
> > getopt, blame the respective groups that developed them and not someone
> > writing a kernel, a long time ago.
> 
> No, I don't hate coreutils or getopt, getopt is good shit. What I hate
> is the inconsistensies, the fact that Linux isn't a homogenous piece of
> work but so obviously a product of a thousand chefs, few with similar
> taste.
> 
> And my criticism extends to the kernel too, or rather begins with it, so
> it definitley applies to Linus himself and the kernel guys.
> 
> > This rose tinted "OpenBSD is the greatest" shit really gets on my
> > nerves. It's all fun to bash others, but from time to time you have to
> > look at their stuff and figure out which parts they did right and you
> > could improve.
> 
> Granted, my rant was, on purpose, negatively Linux-biased, but not in
> one single place - also on purpose - would you have found the word
> OpenBSD or any slant towards it, which makes me suspect you couldn't
> stand what I wrote long enough to actually read all of it. :-)

Right. And I felt in the mood to take the opposite position for the fun
of it.

> 
> So I think you might have missed my point. There is a "true unix"
> heritage that needs to be cared for, THAT MAKES LIFE SIMPLER if you
> understand and take advantage of it.

OpenBSD specifically and old BSD in general is not true to Unix. From
ksh to billions of options to find and other tools to the entire
networking framework (bolted on with additional syscalls, pseudo devices
etc), nothing of that is Unix (or even -like).

Here is something to read: http://harmful.cat-v.org/cat-v/

BSD went through a similar phase as GNU: adding every feature known to
man to the original Unix commands. Have a look at lpr(1) for GNUism in
action. After some time we got a little wiser and stopped adding flags
for everything that was convenient.

Linux, especially with the constant influx of new developers and
commercial interests, hasn't yet cooled down enough to stop messing
around with their "base" system.

However if I got my history right, the improvements of BSD are why people
bought a Unix license and then installed BSD. It was better, it had more
features, networking, usable error messages, better language support
etc. etc.

> Linus missed or chose to ignore that part entirely. That's fine, as
> Linux is not said to be a unix operating system, but a "unix like" one.
> 
> The problem is, this "likeness" is not "like enough", so it really
> doesn't help the community overall but rather hinders it. This is
> something the Linux and GNU folks could have addressed in the early
> days but either chose to ignore or were ignorant about. For that
> they absolutely deserve some blame.

Are you ready to test my patch where I'm going to remove -exec from
find(1) so you can have your real Unix back? And -r from grep? And...

Bullshit, you use BSD because just like Linux, it added lots of handy
features while keeping it simple. Linux may overdo it from your and my
point of view, but so does OpenBSD from the POV of some old unix guys.

> 
> Now, the OP:s questions are certainly addressable by choosing a shell
> he is used to, and perhaps by a set of aliases and/or scripts to tune
> the "user experience" into something familiar for him.

The getopt(3) function is inconsistent amongst operating systems and
could use some polish in my opinion. Maybe there are technical reasons
why this feature can't be implemented, but this discussion has certainly
extinguished my curiosity about it.

Backwards threads like this one prevent people from trying to improve
things, which is the real damage done.

Once they get "discussed" in this manner on misc@, it's  difficult to
get even very sensible patches committed. Some developers may have
formed a strong "anti" stance and it takes years to convince them.

> 
> My problem with that, and the reason for the recommendation I

Re: Sendmail+SSL+SASL

2011-06-22 Thread Stuart Henderson
On 2011-06-21, gdrm  wrote:
> Hello misc,
> I'm trying to configure OpenBSD4.9 with Sendmail as a mail server and so far,
> so good, I have a configuration with static IP, masked and with ssl support,
> but I can not figure out how to implement sasl, someonehas a link where to
> find information and guides on the subject?
> thanks
>
>

http://www.undeadly.org/cgi?action=article&sid=20110225174433



Re: Can one interface have an IP address and bridge as well?

2011-06-22 Thread Stuart Henderson
Seconded, or alternatively can you add another interface (physical
or vlan) to place the server on?

It might be possible to do bridging and nat on the same interface
(possibly using bridge rules and PF tags) but at best you're setting
yourself up for a complicated and fragile ruleset.

On 2011-06-22, Shane Lazarus  wrote:
> Heya
>
> On Wed, Jun 22, 2011 at 12:13 PM, Paul Suh  wrote:
>
>> Folks,
>>
>> Is this possible and/or a good idea? I have a router with three interfaces:
>>
>> sis0: external interface, IPv4 address 1.2.3.4/24
>> sis1: internal interface, IPv4 address 192.168.1.1/24
>> sis2 : DMZ interface, IPv4 address
>> 192.168.2.1/24
>>
>> NAT rules pass all traffic from the internal and DMZ zones through the
>> external IP address. I have a couple of servers with IPv4 addresses
>> 192.168.2.2 and 192.168.2.3 in the DMZ, with rdr-to rules that send traffic
>> in
>> to them from 1.2.3.4.
>>
>> I need to place a server at 1.2.3.5, and the software I have to run needs
>> the
>> server itself to have the IPv4 address 1.2.3.5 -- I can't NAT it and give
>> the
>> server the address 192.168.2.4 in the DMZ. (Don't ask. *shudder*) Can I set
>> up
>> a bridge between sis0 and sis2 so that traffic for 1.2.3.5 gets passed
>> through
>> to the server via sis2 as well as having the IPv4 address 1.2.3.4 on sis0?
>> Or
>> is there a better way to do this?
>>
>>
>> --Paul
>>
>> [demime 1.01d removed an attachment of type application/pkcs7-signature
>> which had a name of smime.p7s]
>>
>>
> I personally would check to see if you could get a /30 routed to 1.2.3.4.
> 5.6.7.8 - 5.6.7.11
>
> Append one of the /30 to the sis2 interface, and the other to your new
> server.
>
> If 1.2.3.4 & 1.2.3.5 are part of a bigger block that you own, see if you
> can't allocate a /30 from that larger pool.
> ( 1.2.3.8 - 1.2.3.11 ?? )
>
>
> Shane



Re: Can command-line options be specified in any place?

2011-06-22 Thread Marc Espie
On Tue, Jun 21, 2011 at 11:20:22PM -0400, vadi...@gmail.com wrote:
> Sorry I really did not want to start any flame. I just thought that
> getting answer from the mailing list would be faster than spending my
> time studying source code of the new system.
> 
> > What you should do is relearn the proper way. :-)
> 
> Ok, let me turn my question the other way around. Suppose I typed
> 
>  ls -l /some/very/long/path/to/file
> 
> and the file is too big so I want to use -h option. I use a text
> terminal so I can not use mouse to position cursor. How people usually
> handle this on *BSD systems?

They learn to use their tools. 

Whatever the mode, be it vi or emacs, there are shortcuts to go back 
to the beginning of the line easily.

The behavior you want is highly ambiguous and leads to unpredictability.
How do you list a file called -h ? Your command line will mean different
things depending on whether there *is* a file called -h in the system 
or not.  You said you were interested security ? Predictability is a 
prerequirement.



Re: Can command-line options be specified in any place?

2011-06-22 Thread Benny Lofgren
On 2011-06-22 09.24, Tobias Ulmer wrote:
> On Wed, Jun 22, 2011 at 03:48:59AM +0200, Benny Lofgren wrote:
>> On 2011-06-22 03.03, vadi...@gmail.com wrote:
 Please continue to use Linux.
 That's ugly, useless and dangerous.
>>>
>>> Oops, looks like that was a "holy war" type of question. Sorry I did
>>> not want to start that.
>>>
 If you want Linux, use Linux.
>>>
>>> It's not that I want specifically Linux. I've just decided to look for
>>> a system that cat satisfy me from the usability point of view. I do
>>> not care if that will be Linux or *BSD or Solaris or whatever  else.
>>> The main idea was that the work with the system should be a pleasure,
>>> not a pain :)
>>
>> What you should do is relearn the proper way. :-)
>>

[the rest of my rant deleted]

> Oh please, Linus wrote the kernel, not Ubuntu. If you hate coreutils or
> getopt, blame the respective groups that developed them and not someone
> writing a kernel, a long time ago.

No, I don't hate coreutils or getopt, getopt is good shit. What I hate
is the inconsistensies, the fact that Linux isn't a homogenous piece of
work but so obviously a product of a thousand chefs, few with similar
taste.

And my criticism extends to the kernel too, or rather begins with it, so
it definitley applies to Linus himself and the kernel guys.

> This rose tinted "OpenBSD is the greatest" shit really gets on my
> nerves. It's all fun to bash others, but from time to time you have to
> look at their stuff and figure out which parts they did right and you
> could improve.

Granted, my rant was, on purpose, negatively Linux-biased, but not in
one single place - also on purpose - would you have found the word
OpenBSD or any slant towards it, which makes me suspect you couldn't
stand what I wrote long enough to actually read all of it. :-)

So I think you might have missed my point. There is a "true unix"
heritage that needs to be cared for, THAT MAKES LIFE SIMPLER if you
understand and take advantage of it.

Linus missed or chose to ignore that part entirely. That's fine, as
Linux is not said to be a unix operating system, but a "unix like" one.

The problem is, this "likeness" is not "like enough", so it really
doesn't help the community overall but rather hinders it. This is
something the Linux and GNU folks could have addressed in the early
days but either chose to ignore or were ignorant about. For that
they absolutely deserve some blame.

Now, the OP:s questions are certainly addressable by choosing a shell
he is used to, and perhaps by a set of aliases and/or scripts to tune
the "user experience" into something familiar for him.

My problem with that, and the reason for the recommendation I made
before digressing into rant mode, is that that practice will get him
into trouble in the long run, as he encounters other flavors of unix,
linux, Solaris, *BSD and whatever else might lie in his path in the
future. So my suggestion, while tongue in cheek, was made in all
seriousness and is in my opinion still a very valid one.

(Ok, this will be my last novel in this thread, I promise... I just
seem genetically unable to say things in just a few words.)


Regards,
/Benny

-- 
internetlabbet.se / work:   +46 8 551 124 80  / "Words must
Benny LC6fgren/  mobile: +46 70 718 11 90 /   be weighed,
/   fax:+46 8 551 124 89/not counted."
   /email:  benny -at- internetlabbet.se



Re: Can command-line options be specified in any place?

2011-06-22 Thread vadimou
> Why don't you use aliases ?

It's not about 'ls' only: I've just used it as an example. I noticed
that after running a command with one set of options sometimes I want
to add another option(s). For some reason this is important for me to
the extent that I have not become a FreeBSD user when I had a chance.

On 6/22/11, vadi...@gmail.com  wrote:
> I understood the idea, but please keep in mind that I'm just a regular
> user, not OS developer. I just pick features I find useful no matter
> how wrong they look. That was a "stop or go" kind of question because
> I do not want to spend a lot of time reading manual and experimenting
> with stuff just to end up in an environment I'm not comfortable with.
>
> Now I have my question answered and I decided to give it a try. Thanks
> to everyone who replied.



Re: Can command-line options be specified in any place?

2011-06-22 Thread vadimou
I understood the idea, but please keep in mind that I'm just a regular
user, not OS developer. I just pick features I find useful no matter
how wrong they look. That was a "stop or go" kind of question because
I do not want to spend a lot of time reading manual and experimenting
with stuff just to end up in an environment I'm not comfortable with.

Now I have my question answered and I decided to give it a try. Thanks
to everyone who replied.



Re: Can command-line options be specified in any place?

2011-06-22 Thread Morgan LEFIEUX

Why don't you use aliases ?

in your .zshrc:

alias ls="ls -lh"
alias l="ls -lh"

Le 22/06/2011 05:50, vadi...@gmail.com a C)crit :

On 6/21/11, Johan Beisser  wrote:

I use Bash and OpenBSD's ksh. In both CTRL-a gets me back to the beginning
of the line.


I use zsh in vi mode. So Esc, Shift+6, f, -, a, h (total 7 keys) or ls
-lh !!$ (total 10 keys). Just adding -h requires pressing 3 keys.
Looks like I'm too lazy for BSD :)




Re: Can command-line options be specified in any place?

2011-06-22 Thread Tobias Ulmer
On Wed, Jun 22, 2011 at 03:48:59AM +0200, Benny Lofgren wrote:
> On 2011-06-22 03.03, vadi...@gmail.com wrote:
> >> Please continue to use Linux.
> >> That's ugly, useless and dangerous.
> > 
> > Oops, looks like that was a "holy war" type of question. Sorry I did
> > not want to start that.
> > 
> >> If you want Linux, use Linux.
> > 
> > It's not that I want specifically Linux. I've just decided to look for
> > a system that cat satisfy me from the usability point of view. I do
> > not care if that will be Linux or *BSD or Solaris or whatever  else.
> > The main idea was that the work with the system should be a pleasure,
> > not a pain :)
> 
> What you should do is relearn the proper way. :-)
> 
> Consider the fact that Unix have been around since the 1970's, and the
> *BSD flavor is as direct a descendant of the original look, feel and
> intent as you can possibly find today.
> 
> Linux is, in that regard, an abomination. It's the bastard child of
> someone not properly trained in the "unix way", who made stuff up
> as he went without regard for history, continuity, elegance or, for
> that matter, backwards compatibility.
> 
> I feel the same way as you do, only the other way around. I really
> can't stand using a linux system for any length of time. Everything
> is similar, but different. Or different, but similar. And so darn stupid!
> 
> Linus didn't do his homework properly. That, combined with the fact that
> Linux became such a huge success is both a blessing and a curse to us
> in the unix community; on the one hand Linux provides us with plenty of
> young blood in a new generation of hackers... while on the other hand
> they can't speak properly!

Oh please, Linus wrote the kernel, not Ubuntu. If you hate coreutils or
getopt, blame the respective groups that developed them and not someone
writing a kernel, a long time ago.

This rose tinted "OpenBSD is the greatest" shit really gets on my
nerves. It's all fun to bash others, but from time to time you have to
look at their stuff and figure out which parts they did right and you
could improve.

Blah blah misc@

> 
> It's as if they've accidentally gone to veterinary school instead of
> medical school, without knowing it. Sure, they'd know just as much
> about anatomy as a real doctor would, but take my advice: if you're
> not a horse, don't go there for your pains...
> 
> 
> Regards,
> /Benny
> 
> -- 
> internetlabbet.se / work:   +46 8 551 124 80  / "Words must
> Benny LC6fgren/  mobile: +46 70 718 11 90 /   be weighed,
> /   fax:+46 8 551 124 89/not counted."
>/email:  benny -at- internetlabbet.se



net-snmp in 4.9 : does it work for you ?

2011-06-22 Thread Patrick Lamaiziere
Hello,

I've updated my two pf firewalls today from 4.8 to 4.9 (worked fine,
nice). But it looks there is a problem with net-snmp and the
traffic reported (IF-MIB). This is not correct anymore (like 30
Mbits/s instead more than 150 Mbits/s). I've checked the interfaces
indexes in the snmp tables and they did not change. Other values (like
packet per second) look good.

I've tried the previous version of net-snmp (net-snmp-5.4.2.1p5) and
there is the same problem.

Any clue?

Thanks, regards.