Re: pf rule?

[fqui nonez]

2011/7/20 fqui nonez fquinon...@gmail.com:
 2011/7/20 Andres Perera andre...@zoho.com:
 On Wed, Jul 20, 2011 at 8:49 AM, fqui nonez fquinon...@gmail.com wrote:

 On Wed, 20 Jul 2011 01:09:09 -0700, fqui nonez fquinon...@gmail.com
 wrote:
 Hello

 I have a sshd/ftpd/httpd server box, 4.9 stable; and I want to log all
 blocked packets, and send them to /var/log/pfblocklog to be read with
 tcpdump. What and where should be the rule?

 Thanks for your attention.

 Hello

 I changed it to:

 #$OpenBSD: pf.conf,v 1.49 2009/09/17 06:39:03 jmc Exp $
 #

 set skip on lo

 ### Agregadas por mi: (added by me)
 block log

 pass out quick on rl0

 antispoof quick for rl0

 pass in log on rl0 proto tcp from any to port 22
 pass in log on rl0 proto tcp from any to port 21
 pass in log on rl0 proto tcp from any to port 80

 replace all three by:
 pass in log on rl0 proto tcp to port { 21 22 80 }


 ### Fin. (end)

 # filter rules and anchor for ftp-proxy(8)
 anchor ftp-proxy/*
 pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021

 you already pass these packets before. redundant rules make pfctl
 output hard to read, so change it to:
 match in proto tcp to port ftp rdr-to localhost port 8021


 Done, thanks again!


Hello, again.

I am receiving this message at client side :
425 Can't build data connection: illegal port number
then, i changed it to:

#   $OpenBSD: pf.conf,v 1.49 2009/09/17 06:39:03 jmc Exp $

set skip on lo

# filter rules and anchor for ftp-proxy(8)
anchor ftp-proxy/*
pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021

### Agregadas por mi: (added by me)
block log

pass out quick on rl0

antispoof quick for rl0

pass in log on rl0 proto tcp from any to port {21 22 80}

### Fin. (end)

#pass   # to establish keep-state

# By default, do not permit remote connections to X11
#block in on ! lo0 proto tcp to port 6000:6010

ftpd is not working correctly with those rules; does somebody see the error?

Thanks for your attention.

Re: Creating route tables

[Gregory Edigarov]

Josh,

the table needs to be created and an interface need to be assigned to
the rdomain like:

ifconfig  em0 a.b.c.d/24 rdomain 1

then you can use it like, just for example, this:
route -T 1 add e.f.g.h/24 a.b.c.x

that does the trick.

On Tue, 19 Jul 2011 13:26:37 -0500
Josh Hoppes josh.hop...@gmail.com wrote:

 I'm trying to configure bgpd to run in an alternate routing table so I
 can use it to manage black holed prefixes. When trying to specify an
 alternate routing table I get the error message rtable id 1 does not
 exist when starting bgpd. I've gone through route(8) and route(4) but
 can't find any information on creating a routing table. My attempts at
 creating by just adding a prefix appear to be of no use. I'm sure I
 missed something in the documentation and I would appreciate any hints
 people can provide.
 
 This is on OpenBSD 4.9 GENERIC.MP#819 amd64
 
 Basic bgpd.conf I'm using
 
 # global configuration
 AS 65100
 fib-update no
 route-collector yes
 holdtime 10
 
 # Alternate Routing Table
 rtable 1
 
 Error output from bgpd:
 
 # bgpd -vnf bgpd.conf
 bgpd.conf:8: rtable id 1 does not exist
 
 error output from route:
 
 # route -T 1 add -inet 192.168.0.0/24 127.0.0.1
 route: routing table 1: No such file or directory
 
 Thanks in advance, and sorry for the noise.

Re: pf rule?

[Wesley MOUEDINE ASSABY]

Hi,

For your ftp issue, see here : http://www.openbsd.org/faq/pf/ftp.html

Wesley. M
www.mouedine.net
www.e-solutions.re

On Wed, 20 Jul 2011 23:26:33 -0700, fqui nonez fquinon...@gmail.com
wrote:
 2011/7/20 fqui nonez fquinon...@gmail.com:
 2011/7/20 Andres Perera andre...@zoho.com:
 On Wed, Jul 20, 2011 at 8:49 AM, fqui nonez fquinon...@gmail.com
 wrote:

 On Wed, 20 Jul 2011 01:09:09 -0700, fqui nonez
fquinon...@gmail.com
 wrote:
 Hello

 I have a sshd/ftpd/httpd server box, 4.9 stable; and I want to log
 all
 blocked packets, and send them to /var/log/pfblocklog to be read
 with
 tcpdump. What and where should be the rule?

 Thanks for your attention.

 Hello

 I changed it to:

 #$OpenBSD: pf.conf,v 1.49 2009/09/17 06:39:03 jmc Exp $
 #

 set skip on lo

 ### Agregadas por mi: (added by me)
 block log

 pass out quick on rl0

 antispoof quick for rl0

 pass in log on rl0 proto tcp from any to port 22
 pass in log on rl0 proto tcp from any to port 21
 pass in log on rl0 proto tcp from any to port 80

 replace all three by:
 pass in log on rl0 proto tcp to port { 21 22 80 }


 ### Fin. (end)

 # filter rules and anchor for ftp-proxy(8)
 anchor ftp-proxy/*
 pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021

 you already pass these packets before. redundant rules make pfctl
 output hard to read, so change it to:
 match in proto tcp to port ftp rdr-to localhost port 8021


 Done, thanks again!

 
 Hello, again.
 
 I am receiving this message at client side :
 425 Can't build data connection: illegal port number
 then, i changed it to:
 
 # $OpenBSD: pf.conf,v 1.49 2009/09/17 06:39:03 jmc Exp $
 
 set skip on lo
 
 # filter rules and anchor for ftp-proxy(8)
 anchor ftp-proxy/*
 pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021
 
 ### Agregadas por mi: (added by me)
 block log
 
 pass out quick on rl0
 
 antispoof quick for rl0
 
 pass in log on rl0 proto tcp from any to port {21 22 80}
 
 ### Fin. (end)
 
 #pass # to establish keep-state
 
 # By default, do not permit remote connections to X11
 #block in on ! lo0 proto tcp to port 6000:6010
 
 ftpd is not working correctly with those rules; does somebody see the
 error?
 
 Thanks for your attention.

Re: OpenBSD5.0-beta - 19-Jul-2011 - Dell R510 Perc H700

[Hrvoje Popovski]

On 20.7.2011. 22:17, Marco Peereboom wrote:

I committed a workaround for this.  Try a kernel from cvs.

I'll be working on a permanent fix.




it seems to work from cvs


thank you ...



# dmesg
OpenBSD 5.0-beta (GENERIC.MP) #0: Thu Jul 21 10:09:02 CEST 2011
r...@rtr1.sheroes.int:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 12870717440 (12274MB)
avail mem = 12513980416 (11934MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xcf49c000 (78 entries)
bios0: vendor Dell Inc. version 1.6.3 date 02/01/2011
bios0: Dell Inc. PowerEdge R510
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP APIC SPCR HPET DM__ MCFG WD__ SLIC ERST HEST 
BERT EINJ SRAT TCPA SSDT

acpi0: wakeup devices PCI0(S5)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 32 (boot processor)
cpu0: Intel(R) Xeon(R) CPU E5630 @ 2.53GHz, 2533.81 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG

cpu0: 256KB 64b/line 8-way L2 cache
cpu0: apic clock running at 133MHz
cpu1 at mainbus0: apid 34 (application processor)
cpu1: Intel(R) Xeon(R) CPU E5630 @ 2.53GHz, 2533.42 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG

cpu1: 256KB 64b/line 8-way L2 cache
cpu2 at mainbus0: apid 50 (application processor)
cpu2: Intel(R) Xeon(R) CPU E5630 @ 2.53GHz, 2533.42 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG

cpu2: 256KB 64b/line 8-way L2 cache
cpu3 at mainbus0: apid 52 (application processor)
cpu3: Intel(R) Xeon(R) CPU E5630 @ 2.53GHz, 2533.42 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG

cpu3: 256KB 64b/line 8-way L2 cache
cpu4 at mainbus0: apid 33 (application processor)
cpu4: Intel(R) Xeon(R) CPU E5630 @ 2.53GHz, 2533.42 MHz
cpu4: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG

cpu4: 256KB 64b/line 8-way L2 cache
cpu5 at mainbus0: apid 35 (application processor)
cpu5: Intel(R) Xeon(R) CPU E5630 @ 2.53GHz, 2533.42 MHz
cpu5: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG

cpu5: 256KB 64b/line 8-way L2 cache
cpu6 at mainbus0: apid 51 (application processor)
cpu6: Intel(R) Xeon(R) CPU E5630 @ 2.53GHz, 2533.42 MHz
cpu6: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG

cpu6: 256KB 64b/line 8-way L2 cache
cpu7 at mainbus0: apid 53 (application processor)
cpu7: Intel(R) Xeon(R) CPU E5630 @ 2.53GHz, 2533.42 MHz
cpu7: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG

cpu7: 256KB 64b/line 8-way L2 cache
ioapic0 at mainbus0: apid 0 pa 0xfec0, version 20, 24 pins
ioapic1 at mainbus0: apid 1 pa 0xfec8, version 20, 24 pins
ioapic1: misconfigured as apic 0, remapped to apid 1
acpihpet0 at acpi0: 14318179 Hz
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (PEX1)
acpiprt2 at acpi0: bus 2 (PEX3)
acpiprt3 at acpi0: bus 3 (PEX7)
acpiprt4 at acpi0: bus 4 (PEX9)
acpiprt5 at acpi0: bus 5 (PEXA)
acpiprt6 at acpi0: bus -1 (SBEX)
acpiprt7 at acpi0: bus 6 (COMP)
acpicpu0 at acpi0: C3, C1
acpicpu1 at acpi0: C3, C1
acpicpu2 at acpi0: C3, C1
acpicpu3 at acpi0: C3, C1
acpicpu4 at acpi0: C3, C1
acpicpu5 at acpi0: C3, C1
acpicpu6 at acpi0: C3, C1
acpicpu7 at acpi0: C3, C1
ipmi at mainbus0 not configured
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel 5500 Host rev 0x13
ppb0 at pci0 dev 1 function 0 Intel X58 PCIE rev 0x13
pci1 at ppb0 bus 1
bnx0 at pci1 dev 0 function 0 Broadcom BCM5716 rev 0x20: apic 1 int 4
bnx1 at pci1 dev 0 function 1 Broadcom BCM5716 rev 0x20: apic 1 int 16
ppb1 at pci0 dev 3 function 0 Intel X58 PCIE rev 0x13: msi
pci2 at ppb1 bus 2
mfi0 at pci2 dev 0 function 0 Symbios Logic MegaRAID SAS2108 

Re: [patch] Huawei E1750 support

[Chris Turner]

On 07/20/11 13:52, David Coppa wrote:


Please, can you provide us a dmesg with your patch applied?
Is the device working with ppp?


Doh -

My bad on sending to bugs@ rather than misc@ - looks like I missed your
commit of this diff by like 1h - please see my mail of 2011-07-20


Subject: umsm(4) patch for Huawei E181


basically same thing - add the usbdev entry for the gizmo and it sends the magic
device stuff to switch from driver disk to serial port - figguring you need
to see the same thing r.e. dmesg  ppp confirmation -

umsm0 at uhub0 port 2 configuration 1 interface 0 HUAWEI Technology HUAWEI Mobi
le rev 2.00/0.00 addr 2
ucom0 at umsm0
umsm1 at uhub0 port 2 configuration 1 interface 1 HUAWEI Technology HUAWEI Mobi
le rev 2.00/0.00 addr 2
ucom1 at umsm1
umsm2 at uhub0 port 2 configuration 1 interface 2 HUAWEI Technology HUAWEI Mobi
le rev 2.00/0.00 addr 2
ucom2 at umsm2
umsm3 at uhub0 port 2 configuration 1 interface 3 HUAWEI Technology HUAWEI Mobi
le rev 2.00/0.00 addr 2
umsm4 at uhub0 port 2 configuration 1 interface 4 HUAWEI Technology HUAWEI Mobi
le rev 2.00/0.00 addr 2
umsm5 at uhub0 port 2 configuration 1 interface 5 HUAWEI Technology HUAWEI Mobi
le rev 2.00/0.00 addr 2
ucom3 at umsm5

this one is a DEV_HUAWEI type gizmo (full patch on the bugs@ list)

ditto ppp working on /dev/{tty,cua}U0

ksh - arrow keys in vi mode?

[Dmitrij D. Czarkoff]

Hello!

I tried both documentation and google, and I could only figure out how to
enable arrow keys in emacs mode of ksh.

Is there a way to enable them in vi mode? Same goes for HOME and END buttons.

P.S.: I know it is rather a separate question, but is there a way to start
with command mode as it is in vi? Man page says just You start out in insert
mode without any tips on whether this configuration is default or fixed.

-- 
Dmitrij D. Czarkoff

Am looking for an external hard drive enclosure that can hold multiple laptop drives and connects to OBSD host via USB.

[s . caswell]

Hi all,

I'd like to reuse some of the old laptop hard drives (parallel ATA) that I have 
laying around, preferably by putting them all into an external drive enclosure 
and then plugging that into an OpenBSD computer via USB 2 port.

Then I imagine I can create RAID volumes via Softraid.

Anyone know of a drive enclosure (make  model) that can hold between 3 and 6 
PATA laptop drives and can present them via a single USB bus to a host 
computer.?

Any info would be greatly appreciated.

Regards,

:-)

Sarah

Jail-System for OpenBSD

[Christian Barthel]

Hello, 

I think the question is not new but I only found an old talk for version
3.x, so I want to ask again: 

Is there anything comparable to FreeBSD jails (now)? 

I found sysjail but I am not sure, if it is working under 4.9 (maybe I
will try it in the next few days): 
http://richizo.wordpress.com/2008/12/31/jailing-openbsd-in-5-steps/

And if there's nothing matchable to FreeBSD jails: Is there an interest
to develop such a container system for further versions?

Christian
-- 
Christian Barthel (Public-Key: http://bc.user-mode.org/bc.asc ) 
Mail: b...@user-mode.org
Web: http://bc.user-mode.org

Re: ksh - arrow keys in vi mode?

[Alexander Polakov]

* Dmitrij D. Czarkoff czark...@gmail.com [110721 14:49]:
 Hello!
 
 I tried both documentation and google, and I could only figure out how to
 enable arrow keys in emacs mode of ksh.
 
 Is there a way to enable them in vi mode? Same goes for HOME and END buttons.

No. Currently there's no way to do that.
 
 P.S.: I know it is rather a separate question, but is there a way to start
 with command mode as it is in vi? Man page says just You start out in insert
 mode without any tips on whether this configuration is default or fixed.

No. But you can use the patch below:

diff --git a/vi.c b/vi.c
index 0bac6be..b8f6d5b 100644
--- a/vi.c
+++ b/vi.c
@@ -193,6 +193,7 @@ x_vi(char *buf, size_t len)
int c;
 
vi_reset(buf, len  CMDLEN ? CMDLEN : len);
+   insert = 0;
vi_pprompt(1);
x_flush();
while (1) {

-- 
Alexander Polakov | plhk.ru

Re: Creating route tables

[Insan Praja SW]

Hi Josh,
On Thu, 21 Jul 2011 03:00:08 +0700, Josh Hoppes josh.hop...@gmail.com  
wrote:



Hello Insan,

I guess I'm not sure I understand that statement, or I'm
miss-interpreting the rdomain configuration section and how it
interacts with rtables. If I understand the documentation correctly
additional rib tables defined in bgpd must exist inside the default
routing domain. The error messages read as if I missed a step and need
to create the additional routing table some how, which I'm having
trouble finding how to do that. Are you suggesting I add a rdomain
section in bgpd.conf in to create the rtable?


You need at least an interface on a desired rdomain, rdomain and rtable  
actually the same thing. You do that by using ifconfig to assign a  
spesific interface to an rdomain. Then bgpd can use it.




On Tue, Jul 19, 2011 at 4:40 PM, Insan Praja SW insan.pr...@gmail.com  
wrote:

Hi,

You missed rdomain.
On Wed, 20 Jul 2011 01:26:37 +0700, Josh Hoppes josh.hop...@gmail.com
wrote:


I'm trying to configure bgpd to run in an alternate routing table so I
can use it to manage black holed prefixes. When trying to specify an
alternate routing table I get the error message rtable id 1 does not
exist when starting bgpd. I've gone through route(8) and route(4) but
can't find any information on creating a routing table. My attempts at
creating by just adding a prefix appear to be of no use. I'm sure I
missed something in the documentation and I would appreciate any hints
people can provide.

This is on OpenBSD 4.9 GENERIC.MP#819 amd64

Basic bgpd.conf I'm using

# global configuration
AS 65100
fib-update no
route-collector yes
holdtime 10

# Alternate Routing Table
rtable 1

Error output from bgpd:

# bgpd -vnf bgpd.conf
bgpd.conf:8: rtable id 1 does not exist

error output from route:

# route -T 1 add -inet 192.168.0.0/24 127.0.0.1
route: routing table 1: No such file or directory

Thanks in advance, and sorry for the noise.




--
Using Opera's revolutionary email client: http://www.opera.com/mail/




HTH,


Insan Praja

--
Using Opera's revolutionary email client: http://www.opera.com/mail/

Re: Jail-System for OpenBSD

[Tomas Bodzar]

There's chroot of course. Jail itself has issues and some of them are
described eg. here http://www.youtube.com/watch?v=JaVnNllZxn4

On Thu, Jul 21, 2011 at 1:55 PM, Christian Barthel b...@user-mode.org wrote:
 Hello,

 I think the question is not new but I only found an old talk for version
 3.x, so I want to ask again:

 Is there anything comparable to FreeBSD jails (now)?

 I found sysjail but I am not sure, if it is working under 4.9 (maybe I
 will try it in the next few days):
 http://richizo.wordpress.com/2008/12/31/jailing-openbsd-in-5-steps/

 And if there's nothing matchable to FreeBSD jails: Is there an interest
 to develop such a container system for further versions?

 Christian
 --
 Christian Barthel (Public-Key: http://bc.user-mode.org/bc.asc )
 Mail: b...@user-mode.org
 Web: http://bc.user-mode.org

Re: Jail-System for OpenBSD

[Kristaps Dzonsons]

I think the question is not new but I only found an old talk for version
3.x, so I want to ask again:

Is there anything comparable to FreeBSD jails (now)?

I found sysjail but I am not sure, if it is working under 4.9 (maybe I
will try it in the next few days):
http://richizo.wordpress.com/2008/12/31/jailing-openbsd-in-5-steps/


I haven't touched sysjail since 4.3 and nobody's sent patches to update 
it since then (though some hot air's been blown around).  The linked 
tutorial is also wrong: it just copies around some ifdefs instead of 
actually making sure nothing's changed between versions.  Bad.  Please 
contact me off-list if you're SERIOUS about maintaining sysjail between 
versions (no patches = don't bother).  Of course, this won't change that 
sysjail is breakable (and, note significantly, NOT part of OpenBSD proper).


Kristaps.

Re: Jail-System for OpenBSD

[Kristaps Dzonsons]

There's chroot of course. Jail itself has issues and some of them are
described eg. here http://www.youtube.com/watch?v=JaVnNllZxn4


(Note I've also not put any work into mult, sadly.  All of my hacking 
time's pushed into mandoc sweet-sweet-sweetness.)  (Yeah, that's me in 
the presentation.)

Re: ksh - arrow keys in vi mode?

[Marco Peereboom]

I'll pay cash money for this!

(emacs mode works but vi does not).

On Thu, Jul 21, 2011 at 12:47:40PM +0200, Dmitrij D. Czarkoff wrote:
 Hello!
 
 I tried both documentation and google, and I could only figure out how to
 enable arrow keys in emacs mode of ksh.
 
 Is there a way to enable them in vi mode? Same goes for HOME and END buttons.
 
 P.S.: I know it is rather a separate question, but is there a way to start
 with command mode as it is in vi? Man page says just You start out in insert
 mode without any tips on whether this configuration is default or fixed.
 
 -- 
 Dmitrij D. Czarkoff

Re: Creating route tables

[Claudio Jeker]

On Thu, Jul 21, 2011 at 09:40:44AM +0300, Gregory Edigarov wrote:
 Josh,
 
 the table needs to be created and an interface need to be assigned to
 the rdomain like:
 
 ifconfig  em0 a.b.c.d/24 rdomain 1
 
 then you can use it like, just for example, this:
 route -T 1 add e.f.g.h/24 a.b.c.x
 
 that does the trick.

Nope. Something sneaked in that makes it impossible to create alternative
tables. I will have a look.

-- 
:wq Claudio

Re: Is there a kernel walkthough for newbies?

[Dunceor]

On Tue, Jul 19, 2011 at 4:34 PM, Billy Wong bi...@tube-fish.net wrote:
 Hi everybody,

 Just wondering if there are some documentations telling a newbie his
 whereabouts in the kernel? It doesnt need to be an extensive line-by-line or
 file-by-file treatment but something at a higher level of the general design
 and architecture approach.

 thanks and regards,

 bill



I you are looking for documentation about the design you could either read:
The Design and Implementation of the 4.4 BSD Operating System, which
is a bit old but still valid.
A new book that could be interesting is:
The Design and Implementation of the FreeBSD Operating System , which
focus on FreeBSD but is still valid.

There is also good information among these presentations:
http://openbsd.org/papers/

BR
Dunceor

Re: Is there a kernel walkthough for newbies?

[Christiano F. Haesbaert]

On 19 July 2011 11:34, Billy Wong bi...@tube-fish.net wrote:
 Hi everybody,

 Just wondering if there are some documentations telling a newbie his
 whereabouts in the kernel? It doesnt need to be an extensive line-by-line or
 file-by-file treatment but something at a higher level of the general design
 and architecture approach.

 thanks and regards,


If you're looking for networking stuff, TCP/IP Illustrated Vol 2 is
still quite valid.

Re: ksh - arrow keys in vi mode?

[Alexander Polakov]

* Dmitrij D. Czarkoff czark...@gmail.com [110721 14:49]:
 Hello!
 
 I tried both documentation and google, and I could only figure out how to
 enable arrow keys in emacs mode of ksh.
 
 Is there a way to enable them in vi mode? Same goes for HOME and END buttons.

Try the patch below. 

You probably wonder why cursor movement is done in such a strange way,
reimplementing both domove() and vi_cmd(), but I couldn't find a better
way to go to end of line + one.

diff --git a/vi.c b/vi.c
index 0bac6be..c1a7b7d 100644
--- a/vi.c
+++ b/vi.c
@@ -247,6 +247,48 @@ x_vi(char *buf, size_t len)
return es-linelen;
 }
 
+static void keypad(int ch) {
+   int cur = 0;
+   char cmd;
+
+   switch (ch) {
+   case 'D': /* left */
+   cur--;
+   break;
+   case 'C': /* right */
+   cur++;
+   break;
+   case 'A': /* up */
+   cmd = 'k';
+   vi_cmd(1, cmd);
+   break;
+   case 'B': /* down */
+   cmd = 'j';
+   vi_cmd(1, cmd);
+   break;
+   case 'H': /* home */
+   es-cursor = 0;
+   break;
+   case 'F': /* end */
+   es-cursor = es-linelen;
+   break;
+   default:
+   vi_error();
+   return;
+   }
+   if ((cur += es-cursor) = 0) {
+   if (cur  es-linelen  cur != 0) {
+   cur--;
+   vi_error();
+   }
+   es-cursor = cur;
+   } else
+   vi_error();
+
+   refresh(0);
+   return;
+}
+
 static int
 vi_hook(int ch)
 {
@@ -261,6 +303,15 @@ vi_hook(int ch)
state = VLIT;
ch = '^';
}
+
+   if (ch == '\033') {
+  if (x_getc() == '[')
+  keypad(x_getc());
+  else /* unknown sequence */
+  vi_error();
+  return 0;
+   }
+   
switch (vi_insert(ch)) {
case -1:
vi_error();

-- 
Alexander Polakov | plhk.ru

Re: Creating route tables

[Josh Hoppes]

Thanks for the help and for the better understanding of routing
domains and tables. In the end I was over thinking the problem and
didn't actually need the additional routing table.

On Thu, Jul 21, 2011 at 10:17 AM, Claudio Jeker
cje...@diehard.n-r-g.com wrote:
 On Thu, Jul 21, 2011 at 09:40:44AM +0300, Gregory Edigarov wrote:
 Josh,

 the table needs to be created and an interface need to be assigned to
 the rdomain like:

 ifconfig  em0 a.b.c.d/24 rdomain 1

 then you can use it like, just for example, this:
 route -T 1 add e.f.g.h/24 a.b.c.x

 that does the trick.

 Nope. Something sneaked in that makes it impossible to create alternative
 tables. I will have a look.

 --
 :wq Claudio

Question about .PATH.o in Makefiles

[Patsy]

Hello list,

I'm a little confused by the .PATH.o target in makefiles. For
the record I'm running on a snapshot from the 29th of June
(amd64).

I have the following file structure:

./Makefile
./port.c
./cheese.c
./Makefile
./objects/
./include/
./include/port.h

I have the following makefile:

=
.SUFFIXES: .o .c .h
.INCLUDES: .h

.PATH.h: include
.PATH.o: objects

OBJ_DIR=objects
CFLAGS=-Iinclude

happiness:  cheese.o \
port.o
gcc $(CFLAGS) -o happiness \
$(OBJ_DIR)/cheese.o \
$(OBJ_DIR)/port.o

port.o: port.c  port.h
gcc -c $(CFLAGS) -o $(OBJ_DIR)/port.o port.c

cheese.o:   cheese.c port.h
gcc -c $(CFLAGS) -o $(OBJ_DIR)/cheese.o cheese.c



If I run make, I get the following output:

gcc -c -Iinclude -o objects/cheese.o cheese.c
gcc -c -Iinclude -o objects/port.o port.c
gcc -Iinclude -o happiness  objects/cheese.o  objects/port.o

which is fine, dandy and what I expect. If I run make again
however, I get the same result. running make -d m indicates
that it isn't finding port.o or cheese.o in the objects
directory, it is only looking in the current directory.

Prefixing port.o/cheese.o with $(OBJ_DIR) results in their
targets not being found. Adding $(OBJ_DIR) as a prefix to all
.o files seem a little verbose.

I thought that specifying .PATH.o in the manner above would
mean that make would interpret port.o as $(.PATH.o)/port.o
whether it be a dependency or a target. I have read the man
page (hence I know that .PATH.o exists) but I can't see why
what I have shouldn't work.

It seems obvious to me that I'm missing something, but I can't
see what it is. Could somebody explain it to me, or suggest
how I could patch the above makefile to make use of .PATH.o?

Thanks,
Patsy

It appears to be able to find port.h (removing .PATH.h causes
a non-existant error).

Re: ksh - arrow keys in vi mode?

[Marco Peereboom]

doesn't work at all it seems

On Thu, Jul 21, 2011 at 10:01:12PM +0400, Alexander Polakov wrote:
 * Dmitrij D. Czarkoff czark...@gmail.com [110721 14:49]:
  Hello!
  
  I tried both documentation and google, and I could only figure out how to
  enable arrow keys in emacs mode of ksh.
  
  Is there a way to enable them in vi mode? Same goes for HOME and END 
  buttons.
 
 Try the patch below. 
 
 You probably wonder why cursor movement is done in such a strange way,
 reimplementing both domove() and vi_cmd(), but I couldn't find a better
 way to go to end of line + one.
 
 diff --git a/vi.c b/vi.c
 index 0bac6be..c1a7b7d 100644
 --- a/vi.c
 +++ b/vi.c
 @@ -247,6 +247,48 @@ x_vi(char *buf, size_t len)
   return es-linelen;
  }
  
 +static void keypad(int ch) {
 + int cur = 0;
 + char cmd;
 +
 + switch (ch) {
 + case 'D': /* left */
 + cur--;
 + break;
 + case 'C': /* right */
 + cur++;
 + break;
 + case 'A': /* up */
 + cmd = 'k';
 + vi_cmd(1, cmd);
 + break;
 + case 'B': /* down */
 + cmd = 'j';
 + vi_cmd(1, cmd);
 + break;
 + case 'H': /* home */
 + es-cursor = 0;
 + break;
 + case 'F': /* end */
 + es-cursor = es-linelen;
 + break;
 + default:
 + vi_error();
 + return;
 + }
 + if ((cur += es-cursor) = 0) {
 + if (cur  es-linelen  cur != 0) {
 + cur--;
 + vi_error();
 + }
 + es-cursor = cur;
 + } else
 + vi_error();
 +
 + refresh(0);
 + return;
 +}
 +
  static int
  vi_hook(int ch)
  {
 @@ -261,6 +303,15 @@ vi_hook(int ch)
   state = VLIT;
   ch = '^';
   }
 +
 + if (ch == '\033') {
 +if (x_getc() == '[')
 +keypad(x_getc());
 +else /* unknown sequence */
 +vi_error();
 +return 0;
 + }
 + 
   switch (vi_insert(ch)) {
   case -1:
   vi_error();
 
 -- 
 Alexander Polakov | plhk.ru

Re: ksh - arrow keys in vi mode?

[Theo de Raadt]

 + if (ch == '\033') {
 +if (x_getc() == '[')
 +keypad(x_getc());
 +else /* unknown sequence */

Good grief.  So everything is VT100 compatible these days?

Re: Creating route tables

[Claudio Jeker]

On Thu, Jul 21, 2011 at 01:57:10PM -0500, Josh Hoppes wrote:
 Thanks for the help and for the better understanding of routing
 domains and tables. In the end I was over thinking the problem and
 didn't actually need the additional routing table.
 
 On Thu, Jul 21, 2011 at 10:17 AM, Claudio Jeker
 cje...@diehard.n-r-g.com wrote:
  On Thu, Jul 21, 2011 at 09:40:44AM +0300, Gregory Edigarov wrote:
  Josh,
 
  the table needs to be created and an interface need to be assigned to
  the rdomain like:
 
  ifconfig  em0 a.b.c.d/24 rdomain 1
 
  then you can use it like, just for example, this:
  route -T 1 add e.f.g.h/24 a.b.c.x
 
  that does the trick.
 
  Nope. Something sneaked in that makes it impossible to create alternative
  tables. I will have a look.
 
  --
  :wq Claudio
 

Still here is a diff to fix the porblem. route(8) was failing too early.
Maybe someone has a better idea on how to solve the gettable() issue in a
nicer way.

-- 
:wq Claudio

Index: route.c
===
RCS file: /cvs/src/sbin/route/route.c,v
retrieving revision 1.155
diff -u -p -r1.155 route.c
--- route.c 4 Jul 2011 22:48:31 -   1.155
+++ route.c 21 Jul 2011 20:16:45 -
@@ -102,7 +102,7 @@ void set_metric(char *, int);
 voidinet_makenetandmask(u_int32_t, struct sockaddr_in *, int);
 voidinterfaces(void);
 voidgetlabel(char *);
-voidgettable(const char *);
+int gettable(const char *);
 int rdomain(int, char **);
 
 __dead void
@@ -130,6 +130,7 @@ main(int argc, char **argv)
int ch;
int rval = 0;
int kw;
+   int Terr = 0;
 
if (argc  2)
usage(NULL);
@@ -150,7 +151,7 @@ main(int argc, char **argv)
tflag = 1;
break;
case 'T':
-   gettable(optarg);
+   Terr = gettable(optarg);
Tflag = 1;
break;
case 'd':
@@ -169,6 +170,10 @@ main(int argc, char **argv)
usage(NULL);
 
kw = keyword(*argv);
+   if (Tflag  Terr != 0  kw != K_ADD) {
+   errno = Terr;
+   err(1, routing table %i, tableid);
+   }
switch (kw) {
case K_EXEC:
break;
@@ -183,7 +188,8 @@ main(int argc, char **argv)
if (s == -1)
err(1, socket);
/* force socket onto table user requested */
-   if (Tflag  setsockopt(s, AF_ROUTE, ROUTE_TABLEFILTER,
+   if (Tflag == 1  Terr == 0 
+   setsockopt(s, AF_ROUTE, ROUTE_TABLEFILTER,
tableid, sizeof(tableid)) == -1)
err(1, setsockopt(ROUTE_TABLEFILTER));
break;
@@ -1630,7 +1636,7 @@ getlabel(char *name)
rtm_addrs |= RTA_LABEL;
 }
 
-void
+int
 gettable(const char *s)
 {
const char  *errstr;
@@ -1651,7 +1657,9 @@ gettable(const char *s)
 
len = sizeof(info);
if (sysctl(mib, 6, info, len, NULL, 0) == -1)
-   err(1, routing table %i, tableid);
+   return (errno);
+   else
+   return (0);
 }
 
 int

Hang: radeondrm0: wait for fifo failed status

[RD Thrush]

Since the bug tracker is broken, I'm sending sendbug info to misc and bugs...


Synopsis:   The system hung hard while using xenocara
Category:   kernel
System  : OpenBSD 5.0
Details : OpenBSD 5.0-beta (GENERIC.MP) #34: Tue Jul 19 20:07:26 
MDT 2011


dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

Architecture: OpenBSD.amd64
Machine : amd64
Description:
Hard hang while using xenocara.  The keyboard was unusable, ie. no LED 
response.
The mouse cursor was hung.  Pings were working.  I was unable to enter 
the serial
ddb from the pc keyboard but was able to enter ddb via the serail 
console.
I have appended the results of that session.  boot crash from ddb hung 
so there
is no crash dump.

How-To-Repeat:
Dunno. This was the first time.
Fix:
Let me know if I can collect additional info, install patches,...

## ddb transcript #
radeondrm0: Can't use AGP base @0xe400, won't fit
pms0: enable error
pms0: disable error
radeondrm0: wait for fifo failed status : 0x80036100 0x
 [ ... repeated 700+ times ... ]
radeondrm0: wait for fifo failed status : 0x80036100 0x
Stopped at  Debugger+0x5:   leave
ddb{0} trace
Debugger() at Debugger+0x5
comintr() at comintr+0x268
Xintr_ioapic_edge4() at Xintr_ioapic_edge4+0xe8
--- interrupt ---
Bad frame pointer: 0x8000222c1be0
end trace frame: 0x8000222c1be0, count: -3
bus_space_read_4+0xe:
ddb{0} show registers
ds0x1af8
es0x56a0acpi_pdirpa+0x12a8
fs0x9dc0acpi_pdirpa+0x59c8
gs0xc9c9acpi_pdirpa+0x85d1
rdi0
rsi0x3f8
rbp   0x8000222c1a88
rbx 0xf9
rdx0x3f8
rcx   0x80a07660cpu_info_primary
rax0
r80x80d5cf30x86_soft_intrs+0x50
r9   0x1
r100
r11   0x80122b40radeondrm_ioctl
r12   0x8018c110
r13   0x8018c000
r14   0x80141740
r150x3f8
rip   0x8042f1d5Debugger+0x5
cs   0x8
rflags0x3202mp_pdirpa+0x111b
rsp   0x8000222c1a88
ss  0x10
Debugger+0x5:   leave
ddb{0} ps
   PID   PPID   PGRPUID  S   FLAGS  WAIT  COMMAND
 25731  20688  20688   1000  7   0bash
 20688   3993  20688   1000  30x80  piperdbash
  3993  17217  17217   1000  30x80  selectsshd
 17217  32747  17217  0  30x80  poll  sshd
 25024  32087  15285   1000  30x80  nanosleep sleep
 11026   1062  21129   1000  30x80  nanosleep sleep
  4217  29418   4217   1000  30x80  selectslogin
  9783  14293   9783   1000  30x80  selectslogin
 17994  24869  17994   1000  30x80  selectslogin
 29979527  29979   1000  30x80  selectssh
  5020527   5020   1000  30x80  selectssh
  7559527   7559   1000  30x80  selectssh
 25477  25271  25477   1000  30x80  selectslogin
  4668  19880   4668   1000  30x80  selectslogin
 20352  27243  20352   1000  30x80  selectslogin
 29519  15814  29519   1000  30x80  selectslogin
  8557  22473   8557   1000  30x80  selectslogin
  2920   3160   2920   1000  30x80  selectslogin
  1781   8995   1781   1000  30x80  selectslogin
 12814   4935  12814   1000  30x80  ttyoutslogin
 26260  14222  26260   1000  30x80  selectslogin
  6618  29077   6618   1000  30x80  selectslogin
  9028  22188   9028   1000  30x80  selectxemacs-21.4.22
 30905  14379  23803   1000  30x80  poll  chrome
  7690  17753   7690   1000  30x80  selectslogin
  4659  14379  23803   1000  30x80  poll  chrome
 12517   9809  12517   1000  30x80  selectslogin
 16199  12363  16199   1000  30x80  selectslogin
 16001  16255  16001   1000  30x80  selectslogin
 10869436  10869   1000  30x80  selectslogin
  1118  14793   1118   1000  30x80  selectslogin
 20722  23803  23803   1000  30x80  selectssh
 14379  30683  23803   1000  30x80  poll  chrome
  2999  30683  23803   1000  30x80  poll  chrome
  9388  1  23803   1000  30x80  poll  korgac
 19014527  19014   1000  30x80  ttyin 

Re: Jail-System for OpenBSD

[Paul Suh]

Folks,

I would add that sysjail (not the FreeBSD implementation but the
implementation http://sysjail.bsd.lv/ based on systrace(4)) has known holes
that make it unsuitable as a security tool; please don't use it. I had the
privilege of speaking with Robert Watson directly at a conference a few years
ago, and he explained to me exactly how systrace is vulnerable to practical
attacks based on race conditions. His paper on this is at:

http://www.lightbluetouchpaper.org/2007/08/06/usenix-woot07-exploiting-concu
rrency-vulnerabilities-in-system-call-wrappers-and-the-evil-genius/


--Paul


On Jul 21, 2011, at 9:05 AM, Kristaps Dzonsons wrote:

 I think the question is not new but I only found an old talk for version
 3.x, so I want to ask again:

 Is there anything comparable to FreeBSD jails (now)?

 I found sysjail but I am not sure, if it is working under 4.9 (maybe I
 will try it in the next few days):
 http://richizo.wordpress.com/2008/12/31/jailing-openbsd-in-5-steps/

 I haven't touched sysjail since 4.3 and nobody's sent patches to update it
since then (though some hot air's been blown around).  The linked tutorial is
also wrong: it just copies around some ifdefs instead of actually making sure
nothing's changed between versions.  Bad.  Please contact me off-list if
you're SERIOUS about maintaining sysjail between versions (no patches = don't
bother).  Of course, this won't change that sysjail is breakable (and, note
significantly, NOT part of OpenBSD proper).

 Kristaps.

[demime 1.01d removed an attachment of type application/pkcs7-signature which 
had a name of smime.p7s]

IPsec 4.94.9 VPN

[Mikeal Clark]

Please cc me on replies.

Can't seem to get this to work.  I was following the directions from
http://stuffresearch.tor.hu/?p=64
Both OpenBSD 4.9 machines are behind NAT, but set as DMZ(crappy linksys
routers)
PF is default hasn't been changed.

I SCPed the local.pubs into the /etc/isakmpd/pubkeys/ipv4/ipaddress

Site A:

local_ip=1.2.3.4
local_network=192.168.1.0
remote_ip=5.6.7.8
remote_network=10.10.2.0/24

ike passive esp from $local_network to $remote_network peer $remote_ip
ike passive esp from $local_ip to $remote_network peer $remote_ip
ike passive esp from $local_ip to $remote_ip

Site B:

local_ip=5.6.7.8
local_network=10.10.2.0/24
remote_ip=1.2.3.4
remote_network=192.168.1.0/24

ike esp from $local_network to $remote_network peer $remote_ip srcid 5.6.7.8
dstid 1.2.3.4
ike esp from $local_ip to $remote_network peer $remote_ip srcid 5.6.7.8
dstid 1.2.3.4
ike esp from $local_ip to $remote_ip srcid 5.6.7.8 dstid 1.2.3.4

Site A:

# isakmpd -KdD A=20 
[1] 3084
# 163327.982146 Default log_debug_cmd: log level changed from 0 to 20 for
class 0 [priv]
163327.982627 Default log_debug_cmd: log level changed from 0 to 20 for
class 1 [priv]
163327.982632 Default log_debug_cmd: log level changed from 0 to 20 for
class 2 [priv]
163327.982639 Default log_debug_cmd: log level changed from 0 to 20 for
class 3 [priv]
163327.982645 Default log_debug_cmd: log level changed from 0 to 20 for
class 4 [priv]
163327.982651 Default log_debug_cmd: log level changed from 0 to 20 for
class 5 [priv]
163327.982657 Default log_debug_cmd: log level changed from 0 to 20 for
class 6 [priv]
163327.982663 Default log_debug_cmd: log level changed from 0 to 20 for
class 7 [priv]
163327.982669 Default log_debug_cmd: log level changed from 0 to 20 for
class 8 [priv]
163327.982675 Default log_debug_cmd: log level changed from 0 to 20 for
class 9 [priv]
163327.982681 Default log_debug_cmd: log level changed from 0 to 20 for
class 10 [priv]
163327.982687 Default isakmpd: starting [priv]
163328.066400 Misc 10 monitor_init: privileges dropped for child process
163328.136903 Misc 20 udp_make: transport 0x8096f200 socket 8 ip 127.0.0.1
port 500
163328.138081 Misc 20 udp_encap_make: transport 0x8096f440 socket 9 ip
127.0.0.1 port 4500
163328.139017 Misc 20 udp_make: transport 0x8096f3c0 socket 10 ip ::1 port
500
163328.139914 Misc 20 udp_encap_make: transport 0x8096f380 socket 11 ip ::1
port 4500
163328.140764 Misc 20 udp_make: transport 0x8096f100 socket 12 ip fe80:3::1
port 500
163328.141634 Misc 20 udp_encap_make: transport 0x8096f800 socket 13 ip
fe80:3::1 port 4500
163328.142544 Misc 20 udp_make: transport 0x8096f7c0 socket 14 ip
192.168.1.200 port 500
163328.143391 Misc 20 udp_encap_make: transport 0x8096f580 socket 15 ip
192.168.1.200 port 4500
163328.144297 Misc 20 udp_make: transport 0x8096f8c0 socket 16 ip
fe80:1::20c:29ff:fe03:c119 port 500
163328.145217 Misc 20 udp_encap_make: transport 0x8096f900 socket 17 ip
fe80:1::20c:29ff:fe03:c119 port 4500
163328.146154 Misc 20 udp_make: transport 0x8096fa00 socket 18 ip 0.0.0.0
port 500
163328.146984 Misc 20 udp_encap_make: transport 0x8096f080 socket 19 ip
0.0.0.0 port 4500
163328.147902 Misc 20 udp_make: transport 0x8096f9c0 socket 20 ip :: port
500
163328.148795 Misc 20 udp_encap_make: transport 0x8096fb40 socket 21 ip ::
port 4500

# ipsecctl -f /etc/ipsec.conf
16.119487 Timr 10 timer_add_event: event ui_conn_reinit(0x0) added last,
expiration in 5s
# 16.120293 Timr 10 timer_remove_event: removing event
ui_conn_reinit(0x0)
16.120606 Timr 10 timer_add_event: event ui_conn_reinit(0x0) added last,
expiration in 5s
16.120805 Timr 10 timer_remove_event: removing event ui_conn_reinit(0x0)
16.121106 Timr 10 timer_add_event: event ui_conn_reinit(0x0) added last,
expiration in 5s
163338.127294 Timr 10 timer_handle_expirations: event ui_conn_reinit(0x0)
163350.391022 Timr 10 timer_add_event: event exchange_free_aux(0x85e34800)
added last, expiration in 120s
163350.391778 Exch 10 exchange_setup_p1: 0x85e34800 peer-5.6.7.8
phase1-peer-5.6.7.8 policy responder phase 1 doi 1 exchange 2 step 0
163350.392135 Exch 10 exchange_setup_p1: icookie 3bf0675c2a37c56e rcookie
e7e8262cb1189387
163350.392450 Exch 10 exchange_setup_p1: msgid 
163350.392736 Exch 10 check_vendor_openbsd: OpenBSD (OpenBSD-4.0)
163350.393058 Exch 10 nat_t_check_vendor_payload: NAT-T capable peer
detected
163350.393356 Exch 10 nat_t_check_vendor_payload: NAT-T capable peer
detected
163350.393678 Exch 10 nat_t_check_vendor_payload: NAT-T capable peer
detected
163350.393982 Exch 10 dpd_check_vendor_payload: DPD capable peer detected
163350.394272 Negt 20 ike_phase_1_validate_prop: success
163350.394753 Misc 20 ipsec_decode_transform: transform 0 chosen
163350.395501 Timr 10 timer_add_event: event message_send_expire(0x85e33680)
added before exchange_free_aux(0x85e34800), expiration in 7s
163350.511194 Mesg 20 message_free: freeing 0x85e33680
163350.511491 Timr 10 timer_remove_event: removing event

hi

[Allen Altland]

hi my name is allen altland i was wondering there coming out with a roller
coaster tycoon 4

Freeze on sh /etc/netstart urtwn0

[Carson Chittom]

I'm having an intermittent problem on 4.9-stable.  Occasionally (four 
times now) manually (re)running


$ sudo sh /etc/netstart urtwn0

makes everything completely freeze (X, keyboard, mouse) permanently.  I 
cannot Ctl-Alt-F1 to a console.  Unfortunately, every time it's 
happened, I haven't had another computer handy to try to SSH into this 
one, so I've just held down the power button until it turns off.  I 
looked at the log files in /var/log, but to be honest, I didn't know 
what I was looking for.


Can anybody point me in the right direction?  I'll be glad to provide 
any additional information; I don't know what's relevant.  A dmesg follows.




OpenBSD 4.9-stable (GENERIC.MP) #0: Sun Jul  3 10:20:44 CDT 2011
car...@jackson.wistly.net:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 3488284672 (3326MB)
avail mem = 3381407744 (3224MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xfcb10 (25 entries)
bios0: vendor American Megatrends Inc. version 6.02 date 07/21/2010
bios0: Hewlett-Packard p6653w
acpi0 at bios0: rev 2
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG SLIC OEMB SSDT SRAT HPET SSDT
acpi0: wakeup devices PCE2(S4) PCE5(S4) PCE6(S4) PCE7(S4) PCE9(S4) 
PCEA(S4) SBAZ(S4) PS2K(S3) PS2M(S3) P0PC(S4) UHC1(S3) UHC2(S3) UHC3(S3) 
USB4(S3) UHC5(S3) UHC6(S3) UHC7(S3) PWRB(S3)

acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD Athlon(tm) II X2 250 Processor, 3000.38 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 
64b/line 16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully 
associative
cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully 
associative

cpu0: apic clock running at 200MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD Athlon(tm) II X2 250 Processor, 3000.02 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 
64b/line 16-way L2 cache
cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully 
associative
cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully 
associative

ioapic0 at mainbus0: apid 2 pa 0xfec0, version 21, 24 pins
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpihpet0 at acpi0: 14318180 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (P0P1)
acpiprt2 at acpi0: bus -1 (PCE2)
acpiprt3 at acpi0: bus -1 (PCE5)
acpiprt4 at acpi0: bus -1 (PCE6)
acpiprt5 at acpi0: bus -1 (PCE7)
acpiprt6 at acpi0: bus -1 (PCE9)
acpiprt7 at acpi0: bus 2 (PCEA)
acpicpu0 at acpi0: PSS
acpicpu1 at acpi0: PSS
acpibtn0 at acpi0: PWRB
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 AMD RS780 Host rev 0x00
ppb0 at pci0 dev 1 function 0 AMD RS780 PCIE rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 5 function 0 ATI Radeon HD 4200 rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
radeondrm0 at vga1: apic 2 int 18 (irq 10)
drm0 at radeondrm0
ppb1 at pci0 dev 10 function 0 AMD RS780 PCIE rev 0x00: apic 2 int 18 
(irq 10)

pci2 at ppb1 bus 2
re0 at pci2 dev 0 function 0 Realtek 8101E rev 0x05: RTL8168E/8111E 
(0x2c00), apic 2 int 18 (irq 10), address d4:85:64:a3:8b:de

rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 4
ahci0 at pci0 dev 17 function 0 ATI SBx00 SATA rev 0x00: apic 2 int 22 
(irq 11), AHCI 1.1

scsibus0 at ahci0: 32 targets
sd0 at scsibus0 targ 0 lun 0: ATA, ST31000528AS, HP35 SCSI3 0/direct fixed
sd0: 953869MB, 512 bytes/sec, 1953525168 sec total
cd0 at scsibus0 targ 2 lun 0: hp, DVD A DH16ABLH, 3HD9 ATAPI 5/cdrom 
removable
ohci0 at pci0 dev 18 function 0 ATI SB700 USB rev 0x00: apic 2 int 16 
(irq 7), version 1.0, legacy support
ohci1 at pci0 dev 18 function 1 ATI SB700 USB rev 0x00: apic 2 int 16 
(irq 7), version 1.0, legacy support
ehci0 at pci0 dev 18 function 2 ATI SB700 USB2 rev 0x00: apic 2 int 17 
(irq 4)

usb0 at ehci0: USB revision 2.0
uhub0 at usb0 ATI EHCI root hub rev 2.00/1.00 addr 1
ohci2 at pci0 dev 19 function 0 ATI SB700 USB rev 0x00: apic 2 int 18 
(irq 10), version 1.0, legacy support
ohci3 at pci0 dev 19 function 1 ATI SB700 USB rev 0x00: apic 2 int 18 
(irq 10), version 1.0, legacy support
ehci1 at pci0 dev 19 function 2 ATI SB700 USB2 rev 0x00: apic 2 int 19 
(irq 10)

usb1 at ehci1: USB revision 2.0
uhub1 at usb1 ATI EHCI root hub rev 2.00/1.00 addr 1
piixpm0 at pci0 dev 20 function 0 ATI SBx00 SMBus rev 0x3c: SMI
iic0 at piixpm0
spdmem0 at iic0 addr 0x51: 1GB DDR3 SDRAM PC3-10600
spdmem1 at iic0 addr 0x52: 2GB DDR3 SDRAM PC3-10600
spdmem2 at iic0 addr 0x53: 2GB DDR3 SDRAM PC3-10600
azalia0 at pci0 dev 20 

Re: Freeze on sh /etc/netstart urtwn0

[Matthew Dempsky]

On Thu, Jul 21, 2011 at 5:13 PM, Carson Chittom car...@wistly.net wrote:
 Can anybody point me in the right direction?  I'll be glad to provide any
 additional information; I don't know what's relevant.  A dmesg follows.

Set ddb.console=1 in /etc/sysctl.conf and reboot.  Read ddb(4) to
figure out how to break into DDB from the console, and verify that
this works.  (Type continue to return to normal execution.)  Try to
reproduce the hang again at the console.  If you can, break into DDB
again and send the output from running trace and ps here.

If you don't have a serial console, taking photos of the output and
posting them online somewhere should suffice, but please at least
transcribe the trace output and include it in your reply.

Re: Freeze on sh /etc/netstart urtwn0

[Carson Chittom]

On 07/21/11 19:35, Matthew Dempsky wrote:

On Thu, Jul 21, 2011 at 5:13 PM, Carson Chittomcar...@wistly.net  wrote:

Can anybody point me in the right direction?  I'll be glad to provide any
additional information; I don't know what's relevant.  A dmesg follows.

Set ddb.console=1 in /etc/sysctl.conf and reboot.  Read ddb(4) to
figure out how to break into DDB from the console, and verify that
this works.  (Type continue to return to normal execution.)  Try to
reproduce the hang again at the console.  If you can, break into DDB
again and send the output from running trace and ps here.
Based on my experience trying to do the above and what I've found 
online, it appears that ddb doesn't work with a USB keyboard (is this 
correct?).  As this particular computer doesn't have PS/2 or serial 
ports, and the problem is intermittent, I'll just live with it, I suppose.


Thank you for your help.

Call for Papers - BSDday Argentina 2011

[virtualroot | werpo]

BSDday Argentina 2011 - http://www.bsdday.org.ar/

4-5 Nov.
Buenos Aires City, Argentina
Universidad Tecnolsgica Nacional, Facultad Regional Buenos Aires

*BSD users in Argentina call to the community of free software, users,
system administrators and developers of BSD systems for participation
on the BSDday 2011.

The subject of the event is BSD operating systems, BSD-licensed
software, licensing issues, BSD philosophy and related topics.

There is no maximum number of speakers or length of the talks, but you
should indicate both at the time of the talk submission.

Talks and slides can be in Spanish or English, talks with
practical/lab content besides theoretical content in which attendees
can perform labs practices and exercises are preferred over purely
theoretical ones.

For lab talks, the speaker should indicate the materials and
assistants needed (i.e. a laptop with a specific OS).

NOTE: On budget issues, the organizators may pay some of the passages
or hotels, in whole or in part, to the selected authors residing
outside of Buenos Aires City (Argentina).

We appreciate the contribution of everyone in the dissemination of
this call and the event itself. Feel free to forward this email to any
individuals/organizations you may think would be interested in it.

Until when you can submit papers?

Proposals will be received until October 10th inclusive.

Where to send?

The information of the paper should be sent in plain text and slide
attachments (if you have) to the following address of email: llamcha
[at] bsdday.org.

How to send?

The sending of the proposed talk should have the following information:

Title: Title of the paper.
Author's Name: Brief description of each, place of residence,
association, BUG, agency or enterprise to which he belongs, if
applicable.
Type: It can be traditional or workshop.
Estimated time of duration: The talks are usually 45 'and the
workshops have a length of 1:45. If it is more or less the time
required, please tell us.
Brief description of the talk: One or two paragraphs to explain the
content of the presentation.
Level of the attendees: newbie / intermediate / advanced / expert.
Background information: Specify that knowledge must have assistants.
Subject: programming, multimedia, communications, workstation, network
services, interoperability, education, kernel, etc.
Phone of the author: To communicate with you.
Residence: of the author.
Format

The shipment of the slides should be one of the following formats:

Openoffice.org presentation
HTML standard
Postscript
PDF
Plaintext
LaTex
License

Specify a license that allows the event organizers and distribute
material that can be downloaded from the BSDday website.

If you can not specify, you can choose from GFDL or cc-by-sa 2.5 en.