Re: How to disable wireless card ath0

[ML mail]

I didn't buy it, just got it for free and I am playing around... In my opinion
OpenBSD is an universal operating system and why not use it with other
computers. Actually OpenBSD should be installed on all computers, that would
be a better world ;-) 


- Original Message -
From: Zantgo
zan...@gmail.com
To: Jonathan Gray j...@goblin.cx
Cc: ML mail
mlnos...@yahoo.com; misc@openbsd.org misc@openbsd.org
Sent: Tuesday,
October 25, 2011 2:45 AM
Subject: Re: How to disable wireless card ath0
please explain why you bought a Mac!

El 24-10-2011, a las 19:55, Jonathan
Gray j...@goblin.cx escribiC3:

 This is stupid and not required, simply
don't configure
 the interface with ifconfig or hostname.ath0 and it won't

scan.

 On Mon, Oct 24, 2011 at 02:06:06PM -0700, ML mail wrote:
 mhh, I
must be blind! Thanks it worked perfectly by using disable ath.



- Original Message -
 From: Jan Stary h...@stare.cz
 To:
misc@openbsd.org misc@openbsd.org
 Cc:
 Sent: Monday, October 24, 2011
10:39 PM
 Subject: Re: How to disable wireless card ath0

 On Oct 24
12:42:10, ML mail wrote:
 Hello,

 I am running OpenBSD 4.9 i386 on
an Apple Mac mini and these mac mini
 have one ethernet as well as one
wireless card. I will only be using the
 ethernet card so I wanted to be
sure that my ath0 is disabled and not all
the
 time scanning. Basically I
would like it to be off so that it doesn't emit
any
 radio signals.


If I don't configure the card is this already the case? or do
 I need to
enforce this through an ifconfig ath0 down? I couldn't find
anything
 about
this topic on the FAQ...


http://www.openbsd.org/faq/faq5.html#BootConfig

Keyboard no longer works after upgrading xenocara to -current (amd64, hp g42 laptop)

[Brett]

Hi,
Yesterday morning, I updated my source tree, (after the recent changes to 
xenocara shown at http://marc.info/?l=openbsd-cvsm=131938646714330w=2) and 
rebuilt kernel, userland, and xenocara (rebooting before doing each build). I 
had previously recompiled kernel and userland about a week earlier, though up 
till that point xenocara was still running from the version installed from 8th 
Oct snapshot CD. Upon booting into XFCE, the keyboard would not respond 
(inbuilt laptop keyboard or external usb keyboard). The mouse still works fine 
- so I can open xterm or xfce4-terminal from the start menu, but then I try to 
type and nothing happens. Ctrl-alt-backspace does not work but I can still shut 
down cleanly by pressing the power button.

XFCE rebuilt from ports after this problem showed the same behaviour. 

I then tried doing startx into the base FVWM window system ($ startx after 
removing my .xinitrc file), and still no keyboard.

I'm not complaining, just wanted to report the problem. :-)

Happy to test patches if you have some.

Brett.

OpenBSD 5.0-current (GENERIC.MP) #1: Mon Oct 24 11:20:31 EST 2011
r...@hp.crossmonster.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
RTC BIOS diagnostic error 80clock_battery
real mem = 2946756608 (2810MB)
avail mem = 2854227968 (2722MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xe8320 (22 entries)
bios0: vendor Hewlett-Packard version F.17 date 11/07/2010
bios0: Hewlett-Packard HP G42 Notebook PC
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET APIC MCFG BOOT SLIC SSDT
acpi0: wakeup devices PB2_(S5) PB3_(S4) PB5_(S5) PB6_(S4) USB0(S3) USB1(S3) 
USB4(S3) USB5(S3) USB6(S3) PS2K(S3) PS2M(S3) P2P_(S5)
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpihpet0 at acpi0: 14318180 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD Turion(tm) II P540 Dual-Core Processor, 2394.42 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 
16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu0: apic clock running at 199MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD Turion(tm) II P540 Dual-Core Processor, 2394.02 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 
16-way L2 cache
cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 4
acpimcfg0 at acpi0 addr 0xf700, bus 0-15
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (AGP_)
acpiprt2 at acpi0: bus -1 (PB2_)
acpiprt3 at acpi0: bus -1 (PB3_)
acpiprt4 at acpi0: bus 2 (PB5_)
acpiprt5 at acpi0: bus 3 (PB6_)
acpiprt6 at acpi0: bus 4 (P2P_)
acpiec0 at acpi0
acpicpu0 at acpi0: PSS
acpicpu1 at acpi0: PSS
acpitz0 at acpi0acpitz0: THRM: failed to read _CRT
: no critical temperature defined
acpibtn0 at acpi0: PWRB
acpiac0 at acpi0: AC unit online
acpibat0 at acpi0: BAT0 model Primary serial   type NiMH oem Hewlett-Packard
acpibtn1 at acpi0: LID_
acpivideo0 at acpi0: VGA_
acpivout0 at acpivideo0: LCD_
acpivideo1 at acpi0: VGA_
acpivideo2 at acpi0: VGA_
cpu0: 2394 MHz: speeds: 2400 2200 1900 1500 800 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 AMD RS880 Host rev 0x00
ppb0 at pci0 dev 1 function 0 AMD RS780 PCIE rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 5 function 0 ATI Mobility Radeon HD 4200 rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
radeondrm0 at vga1: apic 4 int 18
drm0 at radeondrm0
azalia0 at pci1 dev 5 function 1 ATI Radeon HD 4200 HD Audio rev 0x00: msi
azalia0: no supported codecs
ppb1 at pci0 dev 5 function 0 AMD RS780 PCIE rev 0x00: msi
pci2 at ppb1 bus 2
athn0 at pci2 dev 0 function 0 Atheros AR9285 rev 0x01: apic 4 int 17
athn0: AR9285 rev 2 (1T1R), ROM rev 14, address 4c:0f:6e:61:40:ac
ppb2 at pci0 dev 6 function 0 AMD RS780 PCIE rev 0x00: msi
pci3 at ppb2 bus 3
re0 at pci3 dev 0 function 0 Realtek 8101E rev 0x02: RTL8102EL (0x2480), apic 
4 int 18, address 3c:4a:92:59:48:0f
rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1
ahci0 at pci0 dev 17 function 0 ATI SBx00 SATA rev 0x00: apic 4 int 19, AHCI 
1.2
scsibus0 at ahci0: 32 targets
sd0 at scsibus0 targ 0 lun 0: ATA, SAMSUNG HM321HI, 2AJ1 SCSI3 0/direct fixed 
naa.50024e9203b7cb23
sd0: 305245MB, 512 bytes/sector, 625142448 sectors
cd0 at scsibus0 

Re: Keyboard no longer works after upgrading xenocara to -current (amd64, hp g42 laptop)

[LEVAI Daniel]

On Tue, Oct 25, 2011 at 18:59:48 +1100, Brett wrote:
[...]
 installed from 8th Oct snapshot CD. Upon booting into XFCE, the
 keyboard would not respond (inbuilt laptop keyboard or external usb
[...]


There is a workaround for this [1]:

# mv /usr/X11R6/share/X11/xkb /usr/X11R6/share/X11/xkb_orig
# cd /usr/xenocara/data/xkeyboard-config  make build  make install

This assumes you have the xenocara sources in /usr/xenocara.


HTH,
Daniel


[1] http://marc.info/?l=openbsd-cvsm=131914643624601w=2

-- 
LIVAI Daniel
PGP key ID = 0x83B63A8F
Key fingerprint = DBEC C66B A47A DFA2 792D  650C C69B BE4C 83B6 3A8F

dedicating a server to spamd

[ML mail]

Hello,

I am currently running spamd on an OpenBSD firewall which does greylisting to 
protect a qmail linux mail server on a DMZ and was wondering if it would be 
possible to have both tasks (firewalling and spamd/greylisting) on two 
different physical machines so that the firewall would just do packet filtering 
and another separate machine just greylisting?

The problem here what I see is that the dedicated greylisting machine would 
have somehow to redirect IP addresses which are not on the greylist to the mail 
server. As far as I know this is not possible with a machine having only one 
NIC.

Any ideas on recommendation on how to achieve this?

Regards,
ML

Re: Keyboard no longer works after upgrading xenocara to -current (amd64, hp g42 laptop)

[Brett]

 On Tue, Oct 25, 2011 at 18:59:48 +1100, Brett wrote:
  installed from 8th Oct snapshot CD. Upon booting into XFCE, the
  keyboard would not respond (inbuilt laptop keyboard or external usb
 [...]

 There is a workaround for this [1]:
 
 # mv /usr/X11R6/share/X11/xkb /usr/X11R6/share/X11/xkb_orig
 # cd /usr/xenocara/data/xkeyboard-config  make build  make install
 
 This assumes you have the xenocara sources in /usr/xenocara.
 HTH,
 Daniel
 [1] http://marc.info/?l=openbsd-cvsm=131914643624601w=2
 

Thanks, Daniel, works fine again after doing that.
Brett.

Re: dedicating a server to spamd

[carlopmart]

On 10/25/2011 11:09 AM, ML mail wrote:

Hello,

I am currently running spamd on an OpenBSD firewall which does greylisting to 
protect a qmail linux mail server on a DMZ and was wondering if it would be 
possible to have both tasks (firewalling and spamd/greylisting) on two 
different physical machines so that the firewall would just do packet filtering 
and another separate machine just greylisting?

The problem here what I see is that the dedicated greylisting machine would 
have somehow to redirect IP addresses which are not on the greylist to the mail 
server. As far as I know this is not possible with a machine having only one 
NIC.

Any ideas on recommendation on how to achieve this?

Regards,
ML



Place another OpenBSD box on the DMZ area with greylisting tasks ... On 
the OpenBSD firewall side, do only packet filtering ...


--
CL Martinez
carlopmart {at} gmail {d0t} com

Re: dedicating a server to spamd

[ML mail]

That's what I thought, but how will the valid (non-spam) packets get forwarded
from the spamd OpenBSD server to the Linux qmail server (both sitting on the
same DMZ network as you suggest) ?
 



- Original Message -
From:
carlopmart carlopm...@gmail.com
To: misc@openbsd.org
Cc: 
Sent: Tuesday,
October 25, 2011 11:29 AM
Subject: Re: dedicating a server to spamd

On
10/25/2011 11:09 AM, ML mail wrote:
 Hello,

 I am currently running spamd
on an OpenBSD firewall which does greylisting to protect a qmail linux mail
server on a DMZ and was wondering if it would be possible to have both tasks
(firewalling and spamd/greylisting) on two different physical machines so that
the firewall would just do packet filtering and another separate machine just
greylisting?

 The problem here what I see is that the dedicated greylisting
machine would have somehow to redirect IP addresses which are not on the
greylist to the mail server. As far as I know this is not possible with a
machine having only one NIC.

 Any ideas on recommendation on how to achieve
this?

 Regards,
 ML


Place another OpenBSD box on the DMZ area with
greylisting tasks ... On 
the OpenBSD firewall side, do only packet filtering
...

-- 
CL Martinez
carlopmart {at} gmail {d0t} com

Re: dedicating a server to spamd

[Sevan / Venture37]

On 25/10/2011 10:57, ML mail wrote:

That's what I thought, but how will the valid (non-spam) packets get forwarded
from the spamd OpenBSD server to the Linux qmail server (both sitting on the
same DMZ network as you suggest) ?


Why use another box, use vlans on a managed switch to split your 
networks up  tag each vlan on the switch port the openbsd fw is 
connected on, on the openbsd fw side of things, enable ip forwarding 
(net.inet.ip.forwarding=1)  configure a vlan(4) interface for each vlan 
configured on the switch port, this tactic is sometimes referred to as a 
router on a stick



Sevan

Re: dhclient, resolv.conf

[scire]

Hello!

I have a question about dhclient-script. I am not sh programmer, and
have only few knowledge about dhclient. I copied bellow the last part
of /sbin/dhclient-script. Does this mean that at TIMEOUT it must exit
with error, unless it changes resolv.conf, what I dont want? I have
a wanted lease only until TIMEOUT, after that I must accept that
dhclient change resolv.conf against my will? I would realy like to
delete the call to add_new_resolv_conf (that changes resolv.conf),
but the life is limited until TIMEOUT.

Rod.

TIMEOUT)
delete_old_alias
add_new_address
sleep 1
if [ -n $new_routers ]; then
set $new_routers
if ping -q -c 1 -w 1 $1; then
if [ $new_ip_address != $alias_ip_address ]; then
add_new_alias
fi
add_new_routes
if add_new_resolv_conf; then
exit 0
fi
fi
fi
ifconfig $interface inet $new_ip_address delete $medium
# XXX Why not a delete_old_address as before all other invocations of
# delete_old_routes?
delete_old_routes
exit 1
;;
esac
exit 0

KDE 4 porting mailing group

[Vadim Zhukov]

(same mail as was just sent to ports@)

Hello all.

I've just set up a mailing group at Google:

  openbsd-...@googlegroups.com

AKA

  https://groups.google.com/forum/#!forum/openbsd-kde

The page at HTTP link above contains quick start guide for newbies.
If you have any questions or problems that you don't want to express on 
ports@ list, welcome. You're also welcome with any ideas how to fix 
current items in KDE TODO lists:


  https://github.com/jasperla/openbsd-wip/blob/master/x11/kde4/TODO

and some more lists are scattered in ports subdirectories. Most valuable 
ones will be solutions for migrating from and/or co-existing with KDE 4, 
but any other useful ideas are welcome too. Patches are welcome even 
more, of course. :)


The group is fully open, so you don't need to register in Google.
--
WBR, Vadim Zhukov

Re: Keyboard no longer works after upgrading xenocara to -current (amd64, hp g42 laptop)

[Gonzalo L. R.]

http://openbsd.org/faq/current.html#20111015


El 10/25/11 04:59, Brett escribis:

Hi,
Yesterday morning, I updated my source tree, (after the recent changes to xenocara 
shown at http://marc.info/?l=openbsd-cvsm=131938646714330w=2) and rebuilt 
kernel, userland, and xenocara (rebooting before doing each build). I had previously 
recompiled kernel and userland about a week earlier, though up till that point xenocara 
was still running from the version installed from 8th Oct snapshot CD. Upon booting 
into XFCE, the keyboard would not respond (inbuilt laptop keyboard or external usb 
keyboard). The mouse still works fine - so I can open xterm or xfce4-terminal from the 
start menu, but then I try to type and nothing happens. Ctrl-alt-backspace does not 
work but I can still shut down cleanly by pressing the power button.

XFCE rebuilt from ports after this problem showed the same behaviour.

I then tried doing startx into the base FVWM window system ($ startx after 
removing my .xinitrc file), and still no keyboard.

I'm not complaining, just wanted to report the problem. :-)

Happy to test patches if you have some.

Brett.

OpenBSD 5.0-current (GENERIC.MP) #1: Mon Oct 24 11:20:31 EST 2011
 r...@hp.crossmonster.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
RTC BIOS diagnostic error 80clock_battery
real mem = 2946756608 (2810MB)
avail mem = 2854227968 (2722MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xe8320 (22 entries)
bios0: vendor Hewlett-Packard version F.17 date 11/07/2010
bios0: Hewlett-Packard HP G42 Notebook PC
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET APIC MCFG BOOT SLIC SSDT
acpi0: wakeup devices PB2_(S5) PB3_(S4) PB5_(S5) PB6_(S4) USB0(S3) USB1(S3) 
USB4(S3) USB5(S3) USB6(S3) PS2K(S3) PS2M(S3) P2P_(S5)
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpihpet0 at acpi0: 14318180 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD Turion(tm) II P540 Dual-Core Processor, 2394.42 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 
16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu0: apic clock running at 199MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD Turion(tm) II P540 Dual-Core Processor, 2394.02 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 
16-way L2 cache
cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 4
acpimcfg0 at acpi0 addr 0xf700, bus 0-15
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (AGP_)
acpiprt2 at acpi0: bus -1 (PB2_)
acpiprt3 at acpi0: bus -1 (PB3_)
acpiprt4 at acpi0: bus 2 (PB5_)
acpiprt5 at acpi0: bus 3 (PB6_)
acpiprt6 at acpi0: bus 4 (P2P_)
acpiec0 at acpi0
acpicpu0 at acpi0: PSS
acpicpu1 at acpi0: PSS
acpitz0 at acpi0acpitz0: THRM: failed to read _CRT
: no critical temperature defined
acpibtn0 at acpi0: PWRB
acpiac0 at acpi0: AC unit online
acpibat0 at acpi0: BAT0 model Primary serial   type NiMH oem Hewlett-Packard
acpibtn1 at acpi0: LID_
acpivideo0 at acpi0: VGA_
acpivout0 at acpivideo0: LCD_
acpivideo1 at acpi0: VGA_
acpivideo2 at acpi0: VGA_
cpu0: 2394 MHz: speeds: 2400 2200 1900 1500 800 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 AMD RS880 Host rev 0x00
ppb0 at pci0 dev 1 function 0 AMD RS780 PCIE rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 5 function 0 ATI Mobility Radeon HD 4200 rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
radeondrm0 at vga1: apic 4 int 18
drm0 at radeondrm0
azalia0 at pci1 dev 5 function 1 ATI Radeon HD 4200 HD Audio rev 0x00: msi
azalia0: no supported codecs
ppb1 at pci0 dev 5 function 0 AMD RS780 PCIE rev 0x00: msi
pci2 at ppb1 bus 2
athn0 at pci2 dev 0 function 0 Atheros AR9285 rev 0x01: apic 4 int 17
athn0: AR9285 rev 2 (1T1R), ROM rev 14, address 4c:0f:6e:61:40:ac
ppb2 at pci0 dev 6 function 0 AMD RS780 PCIE rev 0x00: msi
pci3 at ppb2 bus 3
re0 at pci3 dev 0 function 0 Realtek 8101E rev 0x02: RTL8102EL (0x2480), apic 
4 int 18, address 3c:4a:92:59:48:0f
rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1
ahci0 at pci0 dev 17 function 0 ATI SBx00 SATA rev 0x00: apic 4 int 19, AHCI 
1.2
scsibus0 at ahci0: 32 targets
sd0 at scsibus0 targ 0 lun 0:ATA, SAMSUNG HM321HI, 2AJ1  SCSI3 0/direct fixed 

Re: dedicating a server to spamd

[ML mail]

Unfortunately, I don't have a managed switch and I would really like to have
spamd on another box (which will only have one network interface) and would
like to know if this kind of configuration is possible or not, if yes how... 
- Original Message -
From: Sevan / Venture37 ventur...@gmail.com
To:
misc@openbsd.org
Cc: 
Sent: Tuesday, October 25, 2011 12:23 PM
Subject: Re:
dedicating a server to spamd

On 25/10/2011 10:57, ML mail wrote:
 That's
what I thought, but how will the valid (non-spam) packets get forwarded
 from
the spamd OpenBSD server to the Linux qmail server (both sitting on the
 same
DMZ network as you suggest) ?

Why use another box, use vlans on a managed
switch to split your networks up  tag each vlan on the switch port the
openbsd fw is connected on, on the openbsd fw side of things, enable ip
forwarding (net.inet.ip.forwarding=1)  configure a vlan(4) interface for each
vlan configured on the switch port, this tactic is sometimes referred to as a
router on a stick


Sevan

Re: dedicating a server to spamd

[Benny Lofgren]

On 2011-10-25 11.09, ML mail wrote:
 I am currently running spamd on an OpenBSD firewall which does greylisting to 
 protect a qmail linux mail server on a DMZ and was wondering if it would be 
 possible to have both tasks (firewalling and spamd/greylisting) on two 
 different physical machines so that the firewall would just do packet 
 filtering and another separate machine just greylisting?
 
 The problem here what I see is that the dedicated greylisting machine would 
 have somehow to redirect IP addresses which are not on the greylist to the 
 mail server. As far as I know this is not possible with a machine having only 
 one NIC.
 
 Any ideas on recommendation on how to achieve this?

* Set up a spam filter box with PF and spamd as usual.

* Let PF forward to the internal sendmail.

* Set up /etc/mail/access in that sendmail, list all domains you accept
mail for and mark them as RELAY

* Set up /etc/mail/mailertable, listing the same domains as in the
access file. Tag each with SMTP:[ip.of.your.qmail.host]. This will make
sendmail relay incoming mail to accepted domains to your qmail server.

* Don't forget to makemap(8) the access and mailertable files!

This setup will give you an additional benefit in that the spam filter
box spools incoming mail for the qmail server, so if it is inoperative
you won't lose any mail.

The disadvantage is that it can't reject mail with unknown To: addresses
because it has no knowledge of what mailboxes are defined in the qmail
box. This may or may not be a problem to you; invalid destinations will
cause qmail to send an error reply mail so any real users will be
notified of their mistake anyway. Unfortunately spam almost always have
fake From: addresses, which means you will also inadvertently spam
innocent people with qmail:s rejection mails. :-/

(I suppose this can be solved by using LDAP and having sendmail on the
incoming spam filter box check the validity of each incoming To: address
but I have never tried that myself so I can't vouch for its viability.)

Oh, and if you use this kind of setup, you would probably want to send
outgoing mail from qmail via this server as well, since many smart
spam filtering schemes elsewhere assume that mail sent from domain x.y
must have x.y in the MX record as well. :-/


Regards,
/Benny


-- 
internetlabbet.se / work:   +46 8 551 124 80  / Words must
Benny Lofgren/  mobile: +46 70 718 11 90 /   be weighed,
/   fax:+46 8 551 124 89/not counted.
   /email:  benny -at- internetlabbet.se

Re: dedicating a server to spamd

[ML mail]

Many thanks for your solution based on using the local sendmail installation.
That makes sense and sendmail will then be taking care of routing the mails to
the qmail server, a nice solution which I will give a go. So is this basically
the only solution if someone wants to use spamd on a dedicated box?
 



-
Original Message -
From: Benny Lofgren bl-li...@lofgren.biz
To: ML mail
mlnos...@yahoo.com
Cc: misc@openbsd.org misc@openbsd.org
Sent: Tuesday,
October 25, 2011 1:37 PM
Subject: Re: dedicating a server to spamd

On
2011-10-25 11.09, ML mail wrote:
 I am currently running spamd on an OpenBSD
firewall which does greylisting to protect a qmail linux mail server on a DMZ
and was wondering if it would be possible to have both tasks (firewalling and
spamd/greylisting) on two different physical machines so that the firewall
would just do packet filtering and another separate machine just greylisting?
 
 The problem here what I see is that the dedicated greylisting machine
would have somehow to redirect IP addresses which are not on the greylist to
the mail server. As far as I know this is not possible with a machine having
only one NIC.
 
 Any ideas on recommendation on how to achieve this?

* Set
up a spam filter box with PF and spamd as usual.

* Let PF forward to the
internal sendmail.

* Set up /etc/mail/access in that sendmail, list all
domains you accept
mail for and mark them as RELAY

* Set up
/etc/mail/mailertable, listing the same domains as in the
access file. Tag
each with SMTP:[ip.of.your.qmail.host]. This will make
sendmail relay incoming
mail to accepted domains to your qmail server.

* Don't forget to makemap(8)
the access and mailertable files!

This setup will give you an additional
benefit in that the spam filter
box spools incoming mail for the qmail server,
so if it is inoperative
you won't lose any mail.

The disadvantage is that it
can't reject mail with unknown To: addresses
because it has no knowledge of
what mailboxes are defined in the qmail
box. This may or may not be a problem
to you; invalid destinations will
cause qmail to send an error reply mail so
any real users will be
notified of their mistake anyway. Unfortunately spam
almost always have
fake From: addresses, which means you will also
inadvertently spam
innocent people with qmail:s rejection mails. :-/

(I
suppose this can be solved by using LDAP and having sendmail on the
incoming
spam filter box check the validity of each incoming To: address
but I have
never tried that myself so I can't vouch for its viability.)

Oh, and if you
use this kind of setup, you would probably want to send
outgoing mail from
qmail via this server as well, since many smart
spam filtering schemes
elsewhere assume that mail sent from domain x.y
must have x.y in the MX record
as well. :-/


Regards,
/Benny


-- 
internetlabbet.se / work:   +46 8 551
124 80  / Words must
Benny Lofgren/  mobile: +46 70 718 11 90   
/   be weighed,
/   fax:+46 8 551 124 89/not
counted.
   /email:  benny -at- internetlabbet.se

Re: Daily digest, Issue 2282 (37 messages)

[BARDOU Pierre]

Hello,

The firewall redirects inbound SMTP to spamd box (let's say its address is
192.168.0.10).
Then the spamd box redirects non-spam traffic to the qmail box while doing NAT
to 192.168.0.10 (to avoid asymmetrical routing).
Should work like a charm.

Outgoing mail will go through the default gateway (ie. the firewall), and so
save resources on the spamd box.

--
Cordialement,
Pierre BARDOU


-Message d'origine-
De : owner-m...@openbsd.org [mailto:owner-m...@openbsd.org]
Envoyi : mardi 25 octobre 2011 12:20
@ : misc@openbsd.org
Objet : [misc] Daily digest, Issue 2282 (37 messages)

The pre-dawn daily digest
Volume 1 : Issue 2282 : mime Format

Messages in this Issue:
  Re: pfsync0 MTU
  Re: pfsync0 MTU
  =?iso-8859-1?Q?Viajes_familiares_a_Canc=FAn_-_Ver_precios_y_condiciones?=
  Re: dhclient, resolv.conf
  Re: dhclient, resolv.conf
  Re: Acer aspire one - synaptics regression
  Re: Acer aspire one - synaptics regression
  =?iso-8859-1?Q?RECOLETA_2_LOCALES_EN_VENTA_JUNTOS_o_SEPARADOS,_Rodriguez_?=
=?iso-8859-1?Q?Pe=F1a_entre_Juncal_y_Av._Las_Heras?=
  How to disable wireless card ath0
  Re: How to disable wireless card ath0
  Re: How to disable wireless card ath0
  Re: How to disable wireless card ath0
  Re: How to disable wireless card ath0
  Re: How to disable wireless card ath0
  Re: fatal machine check (18) in supervisor mode
  Re: fatal machine check (18) in supervisor mode
  I can use snapshots packages in a release?
  Re: I can use snapshots packages in a release?
  Re: I can use snapshots packages in a release?
  Re: I can use snapshots packages in a release?
  Re: I can use snapshots packages in a release?
  Re: I can use snapshots packages in a release?
  Re: I can use snapshots packages in a release?
  Re: I can use snapshots packages in a release?
  Re: I can use snapshots packages in a release?
  Re: I can use snapshots packages in a release?
  Re;payment Confirmation
  El arte de vender cualquier cosa 4686
  =?utf-8?B?MTQy44CB56WI5oS/5L2g5oiR77yM5aaC6bKc6Iqx57u/5Y+25oC755u45Ly077yM5
YOP6Z2S?=   =?utf-8?B?5bGx57u/5rC05oC755u46ZqP44CCfWFkbWluQG9wZW5hcg==?=
=?utf-8?B?Y2guY29t4pag6LSkdnlvenU4OTBxOXVr?=
=?utf-8?B?a31hZG1pbkBvcGVuYXJjaC5jb20=?==?utf
  wt...@terra.com
  TORRE con todos los Amenities, 2amb desde us 90mil de 48,1m2 TORRE con todos
los Amenities, 2amb desde us 90m
  Keyboard no longer works after upgrading xenocara to -current (amd64, hp g42
laptop)
  Re: Keyboard no longer works after upgrading xenocara to -current (amd64, hp
g42 laptop)
  Re: Keyboard no longer works after upgrading xenocara to -current (amd64, hp
g42 laptop)
  dedicating a server to spamd
  Re: dedicating a server to spamd
  Re: dedicating a server to spamd

Resize /usr with disklabel - Maximum size

[Erick Andrade]

I have OpenBSD4.9 running on a VPS, and i want to reduce the size of
/home partition,
and increase the size of /usr.



After reduce the size of /home, disklabel says:

--- OpenBSD area: 64-20964825; size: 10236.7M; free: 2000.3M



But, when i try edit /usr partition to add the 2G free space to it,
disklabel says:


--- Partition f is currently 2185664 sectors in size, and can have a maximum
size of 2185664 sectors.



Can you give me some hints?


Thank you.



-- 
[]s
Erick

scriptreplay

[Stefan Johnson]

Good morning list.

I noticed that OpenBSD (4.8 and 4.9... haven't checked 5.0 yet) include the
script command for recording sessions.  I have used this command in the
past on other systems to create training materials to be played back with
scriptreplay.  I thought of doing something similar here, but scriptreplay
is missing.  I was wondering what the history on this is.  I looked in ports
and did not find a scriptreplay or equivalent in the ports tree, but there

is a script replacement called ttyrec (that has ttyreplay) that can be used.

I am aware that the port will work for me, but I am still curious on why
script is provided with no scriptreplay in the core system.  I appreciate
any and all responses!

Thanks,
Stefan Johnson

Re: Resize /usr with disklabel - Maximum size

[Jeremie Courreges-Anglas]

Erick Andrade wrote:
 I have OpenBSD4.9 running on a VPS, and i want to reduce the size of
 /home partition,
 and increase the size of /usr.
 
 After reduce the size of /home, disklabel says:
 --- OpenBSD area: 64-20964825; size: 10236.7M; free: 2000.3M
 
 But, when i try edit /usr partition to add the 2G free space to it,
 disklabel says:
 --- Partition f is currently 2185664 sectors in size, and can have a maximum
 size of 2185664 sectors.

You can't reduce the size of a ffs (filesystem), /home here.
Unless you destroy it and then re-create it.
And I can't think of an easy way (if any) to move the beginning of
an existing ffs system (that's what I think you want to do with
here with /usr).

What you can do is use the space freed after re-creating the /home
label / fs to create another label/fs that could hold,
for example, /usr/src.

If I were you, I'd just do backups (you got backups already, right?)
and reinstall properly.

IPv6 and carp(4) problems

[Stefan Rinkes]

Hi,

I'm still playing/testing around with CARP and ran into some
problems with IPv6 on CARP.

Here the configuration:

System1:

$ ifconfig carp
carp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:00:5e:00:01:65
priority: 0
carp: carpdev em0 advbase 1 balancing ip-stealth
state MASTER vhid 101 advskew 0
state BACKUP vhid 102 advskew 254
state BACKUP vhid 110 advskew 254
state MASTER vhid 120 advskew 0
groups: carp
status: master
inet6 fe80::60b8:702d:2636:fba1%carp0 prefixlen 64 scopeid 0x5
inet 192.168.2.240 netmask 0xff00 broadcast 192.168.2.255
inet6 dead:beef:1::3 prefixlen 64
inet6 dead:beef:1::6 prefixlen 64
carp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:00:5e:00:01:c8
priority: 0
carp: MASTER carpdev em0 vhid 200 advbase 1 advskew 0
groups: carp
status: master
inet6 fe80::200:5eff:fe00:1c8%carp1 prefixlen 64 scopeid 0x6
inet 192.168.200.241 netmask 0xff00 broadcast 192.168.200.255
inet 192.168.201.241 netmask 0xff00 broadcast 192.168.201.255
inet6 dead:beef:1::1 prefixlen 64
carp2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:00:5e:00:01:c9
priority: 0
carp: BACKUP carpdev em0 vhid 201 advbase 1 advskew 254
groups: carp
status: backup
inet6 fe80::200:5eff:fe00:1c9%carp2 prefixlen 64 scopeid 0x7
inet 192.168.200.242 netmask 0x
inet 192.168.202.241 netmask 0xff00 broadcast 192.168.202.255
inet6 dead:beef:1::2 prefixlen 128

System2:

$ ifconfig carp
carp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:00:5e:00:01:65
priority: 0
carp: carpdev em0 advbase 1 balancing ip-stealth
state BACKUP vhid 101 advskew 254
state MASTER vhid 102 advskew 0
state MASTER vhid 110 advskew 0
state BACKUP vhid 120 advskew 254
groups: carp
status: backup
inet6 fe80::94e1:6afd:9d82:5964%carp0 prefixlen 64 scopeid 0x5
inet 192.168.2.240 netmask 0xff00 broadcast 192.168.2.255
inet6 dead:beef:1::3 prefixlen 64 duplicated
inet6 dead:beef:1::6 prefixlen 64
carp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:00:5e:00:01:c8
priority: 0
carp: BACKUP carpdev em0 vhid 200 advbase 1 advskew 254
groups: carp
status: backup
inet6 fe80::200:5eff:fe00:1c8%carp1 prefixlen 64 scopeid 0x6
inet 192.168.200.241 netmask 0x
inet 192.168.201.241 netmask 0xff00 broadcast 192.168.201.255
inet6 dead:beef:1::1 prefixlen 128
carp2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:00:5e:00:01:c9
priority: 0
carp: MASTER carpdev em0 vhid 201 advbase 1 advskew 0
groups: carp
status: master
inet6 fe80::200:5eff:fe00:1c9%carp2 prefixlen 64 scopeid 0x7
inet 192.168.200.242 netmask 0xff00 broadcast 192.168.200.255
inet 192.168.202.241 netmask 0xff00 broadcast 192.168.202.255
inet6 dead:beef:1::2 prefixlen 64

After booting on one machine one IPv6 address is marked as duplicated.
Running /etc/netstart again 'fixes' the duplicate address.

dmesg:
carp0: DAD detected duplicate IPv6 address dead:beef:0001::0003: NS 
in/out=0/1, NA in=1

carp0: DAD complete for dead:beef:0001::0003 - duplicate found
carp0: manual intervention required

And nd6_na_input() complains about an different duplicate address, too:
dmesg:
nd6_na_input: duplicate IP6 address fe80:0007::0200:5eff:fe00:01c9
nd6_na_input: duplicate IP6 address dead:beef:0001::0002

The nd6_na_input message seems to be triggered by the NA packet carp sends
if it switches from BACKUP to MASTER. Can be triggered by:
ifconfig em0 down  sleep 1  ifconfig em0 up.

While balancing generates (wrong) DAD messages, on non-balancing carps 
DAD does

not work. Even if I configure an address already used by a different system.

I've read a lot of code, IPv6 and carp, and was not able to find a 
solution for the problems.

Maybe someone here can help or has an idea.

BTW. why do the link local addresses on balancing carp interfaces differ 
on each system?

fe80::60b8:702d:2636:fba1%carp0 and fe80::94e1:6afd:9d82:5964%carp0

If some configuration details are missing, please let me know.

Thanks in advance!
Stefan

Re: scriptreplay

[Jeremie Courreges-Anglas]

Stefan Johnson wrote:
[snip]
 I am aware that the port will work for me, but I am still curious on why
 script is provided with no scriptreplay in the core system.  I appreciate
 any and all responses!

Nothing about other possible uses in the manpage? :)

Re: scriptreplay

[Stefan Johnson]

On Tue, Oct 25, 2011 at 9:52 AM, Jeremie Courreges-Anglas 
ktulu+o...@wxcvbn.org wrote:

 Stefan Johnson wrote:
 [snip]
  I am aware that the port will work for me, but I am still curious on why
  script is provided with no scriptreplay in the core system.  I appreciate
  any and all responses!

 Nothing about other possible uses in the manpage? :)


I saw the comment about student papers.  This appears to be about the only
thing it is
useful for.  The version provided doesn't create a timing file to make a
scriptreplay
useful at all.  No timing file means no way to mimic scriptreplay with perl,
even (sanely
anyway.)  But that makes sense, because being able to print the results is
still useful
in some scenarios (student papers being the big example given in the man
pages.)

Thanks for the reply!

Stefan Johnson

Re: dedicating a server to spamd

[Benny Lofgren]

On 2011-10-25 15.17, ML mail wrote:
 Many thanks for your solution based on using the local sendmail installation. 
 That makes sense and sendmail will then be taking care of routing the mails 
 to the qmail server, a nice solution which I will give a go. So is this 
 basically the only solution if someone wants to use spamd on a dedicated box?

I wouldn't say it's the *only* solution, but it is the solution I've been
running with for several years and it works great in our environment.


Regards,
/Benny



 
 - Original Message -
 From: Benny Lofgren bl-li...@lofgren.biz
 To: ML mail mlnos...@yahoo.com
 Cc: misc@openbsd.org misc@openbsd.org
 Sent: Tuesday, October 25, 2011 1:37 PM
 Subject: Re: dedicating a server to spamd
 
 On 2011-10-25 11.09, ML mail wrote:
 I am currently running spamd on an OpenBSD firewall which does greylisting 
 to protect a qmail linux mail server on a DMZ and was wondering if it would 
 be possible to have both tasks (firewalling and spamd/greylisting) on two 
 different physical machines so that the firewall would just do packet 
 filtering and another separate machine just greylisting?

 The problem here what I see is that the dedicated greylisting machine would 
 have somehow to redirect IP addresses which are not on the greylist to the 
 mail server. As far as I know this is not possible with a machine having 
 only one NIC.

 Any ideas on recommendation on how to achieve this?
 
 * Set up a spam filter box with PF and spamd as usual.
 
 * Let PF forward to the internal sendmail.
 
 * Set up /etc/mail/access in that sendmail, list all domains you accept
 mail for and mark them as RELAY
 
 * Set up /etc/mail/mailertable, listing the same domains as in the
 access file. Tag each with SMTP:[ip.of.your.qmail.host]. This will make
 sendmail relay incoming mail to accepted domains to your qmail server.
 
 * Don't forget to makemap(8) the access and mailertable files!
 
 This setup will give you an additional benefit in that the spam filter
 box spools incoming mail for the qmail server, so if it is inoperative
 you won't lose any mail.
 
 The disadvantage is that it can't reject mail with unknown To: addresses
 because it has no knowledge of what mailboxes are defined in the qmail
 box. This may or may not be a problem to you; invalid destinations will
 cause qmail to send an error reply mail so any real users will be
 notified of their mistake anyway. Unfortunately spam almost always have
 fake From: addresses, which means you will also inadvertently spam
 innocent people with qmail:s rejection mails. :-/
 
 (I suppose this can be solved by using LDAP and having sendmail on the
 incoming spam filter box check the validity of each incoming To: address
 but I have never tried that myself so I can't vouch for its viability.)
 
 Oh, and if you use this kind of setup, you would probably want to send
 outgoing mail from qmail via this server as well, since many smart
 spam filtering schemes elsewhere assume that mail sent from domain x.y
 must have x.y in the MX record as well. :-/
 
 
 Regards,
 /Benny
 
 

-- 
internetlabbet.se / work:   +46 8 551 124 80  / Words must
Benny Lofgren/  mobile: +46 70 718 11 90 /   be weighed,
/   fax:+46 8 551 124 89/not counted.
   /email:  benny -at- internetlabbet.se

Re: Resize /usr with disklabel - Maximum size

[Erick Andrade]

Thank you, Jeremie.
Erick

2011/10/25 Jeremie Courreges-Anglas ktulu+o...@wxcvbn.org:
 Erick Andrade wrote:
 I have OpenBSD4.9 running on a VPS, and i want to reduce the size of
 /home partition,
 and increase the size of /usr.

 After reduce the size of /home, disklabel says:
 --- OpenBSD area: 64-20964825; size: 10236.7M; free: 2000.3M

 But, when i try edit /usr partition to add the 2G free space to it,
 disklabel says:
 --- Partition f is currently 2185664 sectors in size, and can have a maximum
 size of 2185664 sectors.

 You can't reduce the size of a ffs (filesystem), /home here.
 Unless you destroy it and then re-create it.
 And I can't think of an easy way (if any) to move the beginning of
 an existing ffs system (that's what I think you want to do with
 here with /usr).

 What you can do is use the space freed after re-creating the /home
 label / fs to create another label/fs that could hold,
 for example, /usr/src.

 If I were you, I'd just do backups (you got backups already, right?)
 and reinstall properly.





-- 
[]s
Erick

┦明友绿 老 板： x2`LO4@#g6vw2

[mail...@tw.mtf.news.yahoo.com]

 t02n343r e/d:d8e fg+ g5d= e!!

g5f(ggh(o

ccf(e%=o
ig%f(h:+d=e
%e:7o
h
#e4gbh
f   9eeh!d8ied8i+f!#f,!gdh4(igo
f   e.iGgeg1eegd:'o
feh!ia
ge
g i=e(od;7f e.f oh4(ig;e/9d?h/
o

f/egd::e#+h*g(c
i
g$c
f 9ec
i6e.gfd=3ied:'e
o

cce(e=ee0ee/h4'e0d;f,o

gh/7e
g%h:+h9f ih
gfeoh0h0o


h=/d8e
329o?%280e/f!cce
d:,(d9d:h3e0

f(e6f!g)o?%580e/f!
g!,d8e
c
o?%220e/f!ccg:f23i
(f(e6f!g)ccc o?%580e/f!
i;i9$f%(h=/1916
f(e6f!g)co?%580e/f!cchg(h=/ig )c
o?%220e/f!
i;i9$f%(g!,1916
f(e6f!g)co?%520e/f!ccee$)d8
o?%600e/f!
i;i9$f%(h=/ff
) f(e6f!g)co?%660e/f!cch
h g(i;g3
f(e6f!g)co?%380e/f!
i;i9$f%(h=/g4+i
f(e6f!g)co?%380e/f!cch
h g(hh=/g)
o?%220e/f!
i;i9$f%(h=/f+e$)f88
f(e6f!g)o?%500e/f!cch
h g(hg!,g)
o?%180e/f!
i;i9$f%(h.:i

f(e6f!g)cco?%280e/f!ccih
h gccc
o?%130e/f!
i;i9$f%(f;!e$)f)
co?%180e/f!cce
0h1!d:gccc
o?%220e/f!
i;i9$f%(g!,ii)c
o?%130e/f!ccg
e
d:gccc o?%130e/f!
e,h+e$h

o?%360e/f!ccg   f:*c o?%130e/f!
bb
ef   f4e$d:'e
df(i f)oeid:h'#f4e$e
g'
c
e
g  e
e7d=d;7f of,h?f%g5e(h/f4=h0o

h
cg3;cg5ch/oooocoooocoooo
h
ccg3;ccd::oig;g
ef   f   f  0f,h/7h0h'#!

i=ii5o(j/-nZi|i?f5.e


bfeg;?cch
cf?ocx2`LO4@#g6vw2n 
http://tw.myblog.yahoo.com/jw!1K84p1yREQXRDO9YOXH0EfAuoaYkEjm18Q--/article?mid=1

Yahoo!e%f)fe0 d= gfe0.e
e3.gf4;f0i+i)c
http://tw.fashion.yahoo.com/
g   f,
f   f   Yahoo!e%f)

Re: I can use snapshots packages in a release?

[Jiri B]

On Mon, Oct 24, 2011 at 09:10:20PM -0300, Zantgo wrote:
 Forgiveness must be a translation problem, if you answered my question.
 Thanks

OMFG, this is not a chat! Use your brain and do not send
idiotic 5 words mail!

Go to IRC if you need to chat.

jirib

Re: lpd printing problem

[Stefan Unterweger]

* Pascal Stumpf on Wed, Oct 12, 2011 at 05:39:48PM +0200:
  Check your /var/log/lpd.errs.

 Doesn't contain anything but restarted messages.

  Also, ktracing lpd with the the -i flag might give a clue to what the
  lpd child is doing.

 Apparently, it segfaults:

 I remembered I had the S malloc flag set, so I removed
 /etc/malloc.conf, and ta-daaa, works. So this is a bug in the lpd code.
 I suspect it is somewhere in the common code for all lp programs, as
 I've also experienced SIGSEGVs in lpc. I'll see if I can hunt it down
 further if I have time ...

I've had a very similar problem after last upgrading to -current.
lpr'ing new jobs would spool them, but complaining about 'unable to
start daemon'. Restarting lpd, purging the queue and some other
hocuspocus eventually got the printing going again, but this was pretty
much at random -- sometimes, it'd just work. (All that without the 'S'
flag to malloc.conf, though.)

The patches from Otto and Todd (i.e., today's snapshot) made the problem
disappear -- many thanks! The rest of the message is just for the
archives (Googling for this kind of problem is an exercise in
frustration...).

The log was basically useless (the lpd master process _did_ see and log
the new jobs, but then apparently did nothing about them). After digging
through the code, it seems to be the same problem as Pascal's, that the
lpd childs were dying instead of working, and from then on the whole
system gets out of sync.

What stymied me was that the whole lpr/lpd code wasn't touched in
years (except for mandoc stuff); since I'd upgraded from 4.7 in theory
nothing should have changed, so everything should have still been
working -- until I stumbled over this thread.


Now that I've already waded through that code (and if my meagre C skills
allow it), I'll try to gently add a few lines of diagnostic messages for
the log, so that it isn't that difficult to hunt down this kind of
problem in the future.

So in this regard, what's the established practice in this situations?
Is code for those kinds of base daemons expected to be correct or should
there be a degree of 'mistrust'? Or in other words: Should lpd assume
that its children will never segfault, or should it assume that
sometimes, something may happen and try to restart?

Up until recently (I've not yet taken a look at the new rc-scripting
stuff yet) the way daemons were started suggested the former.


Cheers,
s//un

-- 
When I read about the evils of drinking, I gave up reading.
-- Henry Youngman

Re: IPv6 and carp(4) problems

[Jussi Peltola]

I had some similar looking problems some releases back. Using a separate
carp if for ipv6 mostly fixed it. Didn't write down the exact problem,
though.

Invitacion Especial para Noviembre

[Areliz del Carmen]

[IMAGE]

Presentaciones Excepcionales PowerPoint

Construir facilmente graficos que ayuden a su audiencia a comprender
informacisn compleja.

08 Noviembre 2011

Como Disenar Folletos Revistas y Mucho Mas

Aprenda las habilidades esenciales del diseqo grafico que haran que cada
uno de los proyectos que diseqe sea visualmente mas efectivo y poderoso.

10 Noviembre 2011
Taller de Presupuestos

Conozca, las mejores ticnicas para la planeacisn de presupuestos y vea
csmo sus decisiones gerenciales se traducen en dinero.

10 Noviembre 2011

Como Organizar Archivos y Documentos

Le brindara los conocimientos, herramientas y le ayudara a desarrollar
las cualidades que la convertiran en un elemento eficiente y confiable.

11 Noviembre 2011
15 Solidos Consejos para Seleccion de Personal

Le proporcionara ticnicas actualizadas que incrementaran notablemente su
habilidad para tomar las mejores decisiones en la SELECCISN DE PERSONAL.

11 Noviembre 2011

Seguridad Industrial y Analisis de Riesgos

Obtenga las herramientas para el diseqo y coordinacisn de planes y
programas eficaces, tanto de prevencisn como de correccisn de riesgos
laborales.

16 Noviembre 2011
Como Resolver las Quejas de los Clientes

La primera cualidad que las personas que atienden al pzblico necesitan
para alcanzar el ixito.

16 Noviembre 2011

El Arte de Negociar en Compras

Identifique los principios, criterios y directrices para establecer
alianzas poderosas que incrementen las utilidades de su empresa.

16 Noviembre 2011
Las 7 Reglas de Oro del Control de Inventarios

Conocera los tipos de inventario, el rol del almacin, mitodos de
resurtido, confiabilidad de registros y otros temas de alta relevancia
que seran perfectamente comprendidos.

16 Noviembre 2011

Como Ser un Gran Negociador

Valiosa informacisn que le enseqara csmo ser un mejor, mas fuerte y mas
efectivo negociador.

17 Noviembre 2011
Manejo Optimo d ela Ley de Adquisiciones

Lo indispensable para el manejo sptimo de las Adquisiciones,
Arrendamientos y Servicios de las dependencias y entidades de la
Administracisn Pzblica Federal.

17 Noviembre 2011

El Planeador Maestro

Asegurar la satisfaccisn de sus clientes con embarques en tiempo y forma,
sin el estris, la presisn y los costos extra que implica una programacisn
deficiente.

18 Noviembre 2011
Re-Ingenieria de Empresas

Csmo manejar el impacto de la reestructuracisn en la estrategia
corporativa, en el mercadeo, en el control financiero y en el personal de
la organizacisn.

18 Noviembre 2011

Como Supervisar a las Personas

Lograra que sus propias habilidades sean perfeccionadas y con esto todos
en su organizacisn se beneficiaran.

18 Noviembre 2011
Contratacion Despido Finiquito y Liquidacion

Las respuestas que usted necesita para manejar efectivamente las
relaciones laborales de su organizacisn, desde el punto de vista
individual y colectivo.

18 Noviembre 2011

Credito y Cobranza

Lograra la optimizacisn inmediata del flujo de caja, volviendo rentable
la cobranza, asm como para realizar de manera adecuada la gestisn
avanzada de cridito y cobranza.

23 Noviembre 2011
Auditorias Administrativas

Lograr una administracisn EFECTIVA, mediante la localizacisn de
irregularidades o anomalmas y el planteamiento de posibles alternativas
de solucisn.

23 Noviembre 2011

Asistente Extraordinaria

Le ofrecemos una solucisn facil, rapida y efectiva para afinar sus
habilidades y convertirse en una Asistente Extraordinaria.

23 Noviembre 2011
Coaching para Supervisores Gerentes y Lideres

En este magnmfico seminario usted aprendera csmo crear un clima de gran
energma que genere iniciativa e innovacisn.

24 Noviembre 2011

Licitaciones Electronicas Compranet 5

Le guiara desde los procedimientos mas basicos de CompraNet 5.0 hasta los
mas avanzados, que le permitan convertirse en un eficiente y exitoso
agente licitante.

24 Noviembre 2011
Como Manejar Operaciones de Almacenes

Identificar fallas e ineficiencias en las operaciones (recepcisn, surtido
y almacenamiento) y csmo corregirlas.

24 Noviembre 2011

Como Comunicarse con Diplomacia y Tacto

Podra desarrollar habilidades de comunicacisn y le enseqara csmo
proyectar una imagen segura y csmo mantener el control y manejar
situaciones estresantes.

25 Noviembre 2011
El Arte de Liderear Proyectos

Le proveera de los conocimientos que requiere para comprender mejor las
distintas etapas de la administracisn de proyectos.

25 Noviembre 2011

Taller para el Director Financiero

Aprenda a comunicar claramente la visisn de su compaqma y a desarrollar
medidas que le ayudaran a evaluar el progreso.

25 Noviembre 2011
Como Manejar el Departamento de Compras

Aprendera a organizar un departamento de compras, a modernizar las
habilidades y asignar responsabilidades de manejo de proveedores.

25 Noviembre 2011

Cursos On-line



[IMAGE]

Polmticas de Privacidad

Para actualizar sus preferencias o para borrarse de esta lista visite
este 

Question: c_config.sh and symon.conf on symon for OpenBSD PF

[Stefan N]

Hi Guys,

This is the first time I tried to install symon on OpenBSD and my main goal is 
to monitor OpenBSD interface,disk,cpu as well as PF statistic.
As per symon documentation on 
http://wpd.home.xs4all.nl/symon/documentation.html, the symon config file is 
located in /etc/symon.conf
However, I found another file (c_config.sh) contains an example of shell script 
for collecting info of interface and io. Before I move forward to install and 
configure symux, I have the following doubts about symon.conf and c_config.sh 
script/

My questions about symon:
1.Do I need to configure symon.conf only? Do I need to customize c_config.sh to 
meet my specific requirement because c_config.sh file contains and collect 
interface and io information only?
2.The default location of firewall rule file will be read from /etc/pf.conf. 
How do I change the setting if my firewall config is located in different 
folder(for example on /etc/fw/pf.conf?)

Thank you in advance.

Regards,
Stefan

Re: Question: c_config.sh and symon.conf on symon for OpenBSD PF

[Brett]

On Tue, 25 Oct 2011 20:29:39 -0700 (PDT)
Stefan N stefanbsd...@yahoo.com wrote:

 My questions about symon:
 1.Do I need to configure symon.conf only? Do I need to customize c_config.sh 
 to meet my specific requirement because c_config.sh file contains and collect 
 interface and io information only?

Probably better to ask this question on their mailinglist (if any).

 2.The default location of firewall rule file will be read from /etc/pf.conf. 
 How do I change the setting if my firewall config is located in different 
 folder(for example on /etc/fw/pf.conf?)

# pfctl -f /new_file_location   (see pfctl man page)

 
 Thank you in advance.
 
 Regards,
 Stefan

Taller de Remuneración de Personal, Retenga Talento!

[Veronica Solis]

290205

[IMAGE]

Pms de Mixico prestigiada firma de Capacitacisn presenta:

Remuneracisn de Personal Estratigica (Retencisn de Talento y Generador de
Utilidades).

14 de Noviembre, Ciudad de Mixico.

Promociones especiales por cierre de aqo.

Experto consultor C.P. Gustavo Rangel L.

Obtenga las herramientas necesarias para alcanzar un sptimo desempeqo en
su funcisn.

Empresa Registrada ante la STPS

Smguenos en Twitter@pmscapacitacion o bien en Facebook PMS de Mixico.

!Solicite Mayores Informes! Por favor responda este e-mail con los datos
siguientes.

Empresa:

Nombre:
Telifono:
Email:

Nzmero de Interesados:

En breve recibira la informacisn completa de este inigualable evento.

Comunmquese a los telifonos y con gusto uno de nuestros ejecutivos le
atendera.

Telifonos: (0133) 8851-2365, (0133) 8851-2741. 10 lmneas a su servicio.

Copyright (C) 2011, PMS Capacitacisn Efectiva de Mixico  S.C. Derechos
Reservados. PMS de Mixico, El logo de PMS de Mixico son marcas
registradas. ADVERTENCIA PMS de Mixico no cuenta con alianzas
estratigicas de ningzn tipo dentro de la Republica Mexicana. NO SE DEJE
ENGAQAR - DIGA NO A LA PIRATERIA. Todos los logotipos, marcas comerciales
e imagenes son propiedad de sus respectivas corporaciones y se utilizan
con fines informativos solamente.

Este Mensaje ha sido enviado a misc@openbsd.org como usuario de Pms de
Mixico o bien un usuario le refiris para recibir este boletmn.
Como usuario de Pms de Mixico, en este acto autoriza de manera expresa
que Pms de Mixico le puede contactar vma correo electrsnico u otros
medios.
Si usted ha recibido este mensaje por error, haga caso omiso de el y
reporte su cuenta respondiendo este correo con el subject BAJAREMUNERA

Unsubscribe to this mailing list, reply a blank message with the subject
UNSUBSCRIBE BAJAREMUNERA
Tenga en cuenta que la gestisn de nuestras bases de datos es de suma
importancia y no es intencisn de la empresa la inconformidad del
receptor.

[demime 1.01d removed an attachment of type image/jpeg which had a name of 
remuneracion.jpg]

Taller Intensivo de Finanzas Directivas, 23 de Noviembre.

[Ing. Gabriela Sanchez]

[IMAGE]
Pms de Mixico prestigiada firma de Capacitacisn presenta:
Seminario Intensivo de Finanzas Directivas
23 de Noviembre, Ciudad de Mixico.
Promociones especiales por cierre de aqo.
Experto consultor Lic. Miguel Bustos
Obtenga las herramientas necesarias para alcanzar un sptimo desempeqo en
su funcisn.
Empresa Registrada ante la STPS
Smguenos en Twitter@pmscapacitacion o bien en Facebook PMS de Mixico.
!Solicite Mayores Informes! Por favor responda este e-mail con los datos
siguientes.
Empresa:
Nombre:
Telifono:
Email:
Nzmero de Interesados:
En breve recibira la informacisn completa de este inigualable evento.
Comunmquese a los telifonos y con gusto uno de nuestros ejecutivos le
atendera.
Telifonos: (0133) 8851-2365, (0133) 8851-2741. 10 lmneas a su servicio.

Copyright (C) 2011, PMS Capacitacisn Efectiva de Mixico  S.C. Derechos
Reservados. PMS de Mixico, El logo de PMS de Mixico son marcas
registradas. ADVERTENCIA PMS de Mixico no cuenta con alianzas
estratigicas de ningzn tipo dentro de la Republica Mexicana. NO SE DEJE
ENGAQAR - DIGA NO A LA PIRATERIA. Todos los logotipos, marcas comerciales
e imagenes son propiedad de sus respectivas corporaciones y se utilizan
con fines informativos solamente.

Este Mensaje ha sido enviado a  misc@openbsd.org como usuario de Pms de
Mixico o bien un usuario le refiris para recibir este boletmn.
Como usuario de Pms de Mixico, en este acto autoriza de manera expresa
que Pms de Mixico le puede contactar vma correo electrsnico u otros
medios.
Si usted ha recibido este mensaje por error, haga caso omiso de el y
reporte su cuenta respondiendo este correo con el subject BAJADIRECTIVA
Unsubscribe to this mailing list, reply a blank message with the subject
UNSUBSCRIBE BAJADIRECTIVA
Tenga en cuenta que la gestisn de nuestras bases de datos es de suma
importancia y no es intencisn de la empresa la inconformidad del
receptor.

[demime 1.01d removed an attachment of type image/jpeg which had a name of 
image002.jpg]