Ocean freight from China ,Jan 2012

[Jolie]

HiMuhammad IMRAN,Happy new year ,my dear friend.

Hope we have good luck and close relationship in this nice year.

We update O/F to your side, share it with you as normal.

By the way, many carrier cut some vessels before our Chinese New year
holiday, any accurate info, contact us any time.




POD

POL

Carrier

20GP

40GP

40HQ

LCL<3 CBM

T/T

Validity


SURABAYA

DALIAN

APL

460

670

670

29

17

25TH,JAN


TIANJIN

PAN

380

650

650

17

16


QINGDAO

SINO

355

620

620

19

13


LIANYUNGANG

MCC

420

760

760

26

15


SHANGHAI

MCC

310

620

620

18

13


NINGBO

YML

310

630

630

15

11


XIAMEN

APL

320

520

520

17

13


FUZHOU

APL

320

520

520

26

13


SHANTOU

CSCL

430

860

860

29

13


GUANGZHOU

HANJIN

380

730

750

9

7


FOSHAN/SHUNDE

ZIM

410

760

760

17

8


JIANGMEN

CSCL

460

820

820

17

8


SHENZHEN

OOCL

310

630

630

4

5


ZHUHAI

WHL

440

820

820

26

10



Ben shi (MR)

Overseas dept

Shanghai Harvest International Logistics Co., Ltd

Tel: 0086-21-63249293*803 Fax: 0086-21-63244312

ATT: sw...@harvest-log.comSkype: harvestlog1

Logis Website: www.harvest-log.com

Trade Website: www.harvest-log.com/soupo

Headoffice Address: Room 2108 ,Fude building ,No.,1688,

North Sichuan Road,Hongkou District#,Shanghai, China

we have 12 offices in Chinese mainland.they can help to handle local
shipments.

Re: OpenBSDd functionality equal to "neighbor allowas-in"?

[Pete Vickers]

SOO can be used for loop detection, but only if your bgp peerings don't strip
extended communities.

another dirty hack would be to get the peer to aggregate your 'remote'
prefixes towards you (without as-set) to conceal the ASN. beware that ebgp
routes are prefered over ibgp by default though - this is a gun & and your
feet look tempting.

/Pete


On 6. jan. 2012, at 22:01, Stuart Henderson  wrote:

> On 2012-01-06, Donald Reichert  wrote:
>> Hi list,
>>
>> I'd like to replace some Ciscos by OpenBSD machines.
>>
>> On the routers I have configured the possibility to span networks from our
own AS over peerings, Cisco speak: neighbor x.x.x.x allowas-in
>>
>> This is needed for disjunct networks.
>>
>> I didn't find a clue how to do this with OpenBGPd - any hints?
>>
>> Thanks,
>>
>> Donald
>
> Not currently possible, it will need code changes. Normally this check
> is done to prevent route loops. It shouldn't be too hard to naively hack
> this type of option into place, but I'm not sure what else might need
> to be done to avoid loops.

Re: OpenBSDd functionality equal to "neighbor allowas-in"?

[Jussi Peltola]

You can work around this by pointing a default at your provider, too.
But it is kind of yucky.

On Sat, Jan 07, 2012 at 09:21:35AM +0100, Pete Vickers wrote:
> SOO can be used for loop detection, but only if your bgp peerings don't strip
> extended communities.
> 
> another dirty hack would be to get the peer to aggregate your 'remote'
> prefixes towards you (without as-set) to conceal the ASN. beware that ebgp
> routes are prefered over ibgp by default though - this is a gun & and your
> feet look tempting.
> 
> /Pete
> 
> 
> On 6. jan. 2012, at 22:01, Stuart Henderson  wrote:
> 
> > On 2012-01-06, Donald Reichert  wrote:
> >> Hi list,
> >>
> >> I'd like to replace some Ciscos by OpenBSD machines.
> >>
> >> On the routers I have configured the possibility to span networks from our
> own AS over peerings, Cisco speak: neighbor x.x.x.x allowas-in
> >>
> >> This is needed for disjunct networks.
> >>
> >> I didn't find a clue how to do this with OpenBGPd - any hints?
> >>
> >> Thanks,
> >>
> >> Donald
> >
> > Not currently possible, it will need code changes. Normally this check
> > is done to prevent route loops. It shouldn't be too hard to naively hack
> > this type of option into place, but I'm not sure what else might need
> > to be done to avoid loops.

Re: Router performance - high BDP and low transfer speeds

[Stuart Henderson]

In gmane.os.openbsd.misc, you wrote:
> I'm trying to troubleshoot some performance issues for high speed data 
> transfers across a long network path with a fairly high bandwidth delay.

Any difference between TCP and UDP?

As a test to help pinpoint things, can you try passing the traffic
near the top of your ruleset with 'pass quick..flags any no state'?
Or with PF ddisabled if that's possible?

Anything in syslog from PF? How about after pfctl -xmisc?

Is this path using the same network interface as you've used in
local tests?

Always worth including dmesg, irq assignments might be interesting.

Are any interfaces marked 'down'?

Are you using pfsync?

Doing any bridging or just routing?

Routing to public ip of pppoe(4) interface

[Christopher Zimmermann]

Hi,

for every address of a local interface a loopback route is created on
demand.
Those routes look like the second one here:

192.168.123.252/30 link#3 UC 10 - 4 vr2
192.168.123.25300:0d:b9:24:60:42  UHLc   04 - 4 lo0

But this mechanism does somehow not work for Point to Point interfaces like
pppoe(4) or tun(4). The only routes I get here are the following; the
first one being created by the netstart script like suggested in
pppoe(4).

default213.20.223.35  UGS3 2190 - 8
pppoe0
213.20.223.35  217.190.92.137 UH 00 - 4
pppoe0

I would like to automatically add a route

217.190.92.137 127.0.0.1  UGHS   00 33196 8 lo0

So that local processes talking to my public IP won't get routed to my
ISP and back. The problem is that the IPs are dynamic.

What confuses me is that packets arriving on a local lan interface with
a destination to my public IP already get routed via the loopback
interface. This leads to the strange situation that connections from
lan are faster than connections from localhost.


Christopher

Re: inet6 autoconfprivacy broken on -current ?

[Simon Perreault]

Le 02/01/2012 6:00 PM, Mattieu Baptiste a icrit :

On my machine running -current/amd64, inet6 autoconfprivacy seems to
broke neighbor sol/adv.


I just tested this and it works for me. Sorry.

Simon

Re: Daily digest, Issue 2350 (31 messages)

[Chris Wopat]

Henning Brauer  wrote:
>* Pete Vickers  [2012-01-06 11:38]:
>> Just a quick question to see if anyone's working on implementing the above on
>> OpenBSD, and in particular it's integration with OpenBGPD/OpenOSPF ? Note 
>> that
>> this is not a 'please can I have this feature for free' or suchlike, merely a
>> tentative status query. (BFD is appearing more & more frequently in the
>> multi-vendor environments some of my OpenBSD boxen reside in).
>
> we've been talking about it for at least 2 years now, but so far
> nobody got around to actually write the code :(

Chiming in as a happy OpenBSD/BGP/OSPF user who and would definitely
use this feature whenever it happens. I also have hardware from C, J
and a few other vendors that I could test with.

--Chris

Re: Router performance - high BDP and low transfer speeds

[Graham Allan]

On 1/7/2012 4:48 AM, Stuart Henderson wrote:

In gmane.os.openbsd.misc, you wrote:

I'm trying to troubleshoot some performance issues for high speed data
transfers across a long network path with a fairly high bandwidth delay.


Any difference between TCP and UDP?


I haven't been able to compare fully since I don't have a udp iperf 
server at the far end; mostly I used the udp iperf test for its 
reporting of packet loss (it showed the same loss with or without going 
through the firewall). Our first suspicion was packet drops at the 
router, which would have a huge effect on the long path, but that 
doesn't seem to be the case.



As a test to help pinpoint things, can you try passing the traffic
near the top of your ruleset with 'pass quick..flags any no state'?
Or with PF ddisabled if that's possible?


"no state" would be an interesting test - will try that and report. I'd 
like to try with pf disabled but there are a few hundred machines behind 
it which I don't want to open up. Maybe with a separate test rig...



Anything in syslog from PF? How about after pfctl -xmisc?


Haven't seen anything but I will switch on the "misc" logging (that's a 
setting I missed!).



Is this path using the same network interface as you've used in
local tests?


Yes, it has only 3 physical interfaces (internal/external/pfsync), it 
does have a bunch of vlan and carp interfaces defined on the internal 
physical interface but everything is the same for local/remote tests.



Always worth including dmesg, irq assignments might be interesting.


I will include that now... I know it's always useful but my initial 
message seemed pretty long already. It's a Dell 1750; I disabled any 
non-essential devices in the BIOS (USB, floppy, serial etc) though there 
are still a few extras showing up from the DRAC module...



Are any interfaces marked 'down'?

Are you using pfsync?

Doing any bridging or just routing?


Nothing marked 'down' though the second onboard NIC bge1 is unused. It 
uses pfsync on bge0 to an identical twin for carp failover. Just simple 
routing, no bridging...


Here's the dmesg...

OpenBSD 4.6-stable (GENERIC) #2: Fri Jan 29 16:35:10 CST 2010
r...@dodo.spa.umn.edu:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Xeon(TM) CPU 3.06GHz ("GenuineIntel" 686-class) 3.06 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID

,xTPR
real mem  = 4227264512 (4031MB)
avail mem = 4111294464 (3920MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/29/06, BIOS32 rev. 0 @ 0xffe90, 
SMBIOS rev. 2.3 @ 0xfb320 (56 entries)

bios0: vendor Dell Computer Corporation version "A12" date 09/29/2006
bios0: Dell Computer Corporation PowerEdge 1750
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC SPCR
acpi0: wakeup devices RTC_(S5) PCI0(S5) PCI3(S5) PCI2(S5) PCI1(S5)
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 132MHz
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 8 pa 0xfec0, version 11, 16 pins
ioapic0: misconfigured as apic 0, remapped to apid 8
ioapic1 at mainbus0: apid 9 pa 0xfec01000, version 11, 16 pins
ioapic1: misconfigured as apic 0, remapped to apid 9
ioapic2 at mainbus0: apid 10 pa 0xfec02000, version 11, 16 pins
ioapic2: misconfigured as apic 0, remapped to apid 10
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt0: no apic found for irq -1
acpiprt1 at acpi0: bus 4 (PCI4)
acpiprt2 at acpi0: bus 3 (PCI3)
acpiprt3 at acpi0: bus 2 (PCI2)
acpiprt4 at acpi0: bus 1 (PCI1)
acpicpu0 at acpi0
bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xc9000/0x4000 
0xcd000/0x1800 0xce800/0x600 0xec000/0x4000!

ipmi at mainbus0 not configured
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "ServerWorks CNB20-HE Host (GC-LE)" rev 0x33
pchb1 at pci0 dev 0 function 1 "ServerWorks CNB20-HE Host (GC-LE)" rev 0x00
pci1 at pchb1 bus 1
em0 at pci1 dev 4 function 0 "Intel PRO/1000MT (82546GB)" rev 0x03: apic 
9 int 4 (irq 7), address 00:04:23:c5:24:0e
em1 at pci1 dev 4 function 1 "Intel PRO/1000MT (82546GB)" rev 0x03: apic 
9 int 5 (irq 6), address 00:04:23:c5:24:0f

pchb2 at pci0 dev 0 function 2 "ServerWorks CNB20-HE Host (GC-LE)" rev 0x00
pci2 at pchb2 bus 3
"Dell DRAC 4 Embedded/Optional" rev 0x00 at pci0 dev 8 function 0 not 
configured
puc0 at pci0 dev 8 function 1 "Dell DRAC 3 Virtual UART" rev 0x00: 
ports: 1 com

com3 at puc0 port 0 apic 9 int 13 (irq 14): ns16550a, 16 byte fifo
com3: probed fifo depth: 0 bytes
"Dell DRAC 3 Embedded/Optional" rev 0x00 at pci0 dev 8 function 2 not 
configured

vga1 at pci0 dev 14 function 0 "ATI Rage XL" rev 0x27
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
piixpm0 at pci0 dev 15 function 0 "ServerWorks CSB5" rev 0x93: SMBus 
disabled

pcib0 at pci0 dev 15 function 3 "ServerWorks CSB5 

Re: Router performance - high BDP and low transfer speeds

[Graham Allan]

On 1/6/2012 11:13 PM, Hassan Monfared wrote:

Hi,
have you tried timeout and optimization settings in PF ?

try :
set optimization high-latency
or
set optimization conservative


Thanks for the ideas. I did consider the high-latency setting, but have 
not tried it. My understanding (which might be wrong) is that it 
increases the timeouts for the state tables, but my network latency of 
250ms really isn't that high (compared to a satellite link or suchlike). 
But there could certainly be some implication I don't understand...



also try
set timeout .

and watch the limits of state tables and set the properly if needed.


Thanks,

Graham

Re: OpenBSD as router for UK FTTC?

[percy piper]

For the archives sake, we finally solved this. pppoe(4) never requests
an mru during lcp negotiation (and acks any reasonable mru offered).
In our case we were being offered an mru (1492) by the BT AC (BRAS)
which we ack'd. With the mru agreed at both ends of the link our auth
with the BT bras succeeded.

We were *not* being offered an mru by our ISP's AC. Therefore, because
pppoe(4) never requests one, no mru was negotiated for the link. This
caused our subsequent auth  response to be ignored by our ISP's AC.
(Is that a bug at the ISP's equipment or a bug in pppoe(4)?)

I hacked sppp(4) to nak any lcp configure request it received that
didn't include an mru option, setting the option value in the nak to
mru = 1492. This ensures the mru is always negotiated and now our auth
to our ISP succeeds. I believe ppp(8) does something similar too
(hence why ppp(8) worked for us where pppoe(4) didn't).

I'm not sure if pppoe(4) should always attempt mru negotiation but
I'll cook up a patch anyway most likely using the configured mtu of
the pppoe interface as the initial mru option value.

Re: dual dvi with 2 monitors, 1 dvi is not detected

[Matthieu Herrb]

On Fri, Jan 06, 2012 at 04:15:53PM +0100, Marc Espie wrote:
> On Fri, Jan 06, 2012 at 03:52:40PM +0100, Didier Wiroth wrote:
> > Hello,
> > I've purchased a zotac nvidia geforce 210 graphic card. it has a dual
> > dvi output, which I was hoping to use with xorg and 2 monitors.
> 
> Note for the future: don't buy nvidia cards. nvidia doesn't give their specs.
> 
> (hoping someone else finds a solution to your issue anyways).
> 

I won't. The nv driver has been abandonned by nVidia and since it's
full of undocumented magic numbers, no one outside of them is going to
be able to maintain, enhance it or add support for more cards to it.

Poking around g80_output.c, you may be able to find a way to fix the
detection of the outputs, but you're on your own, and please don't
complain if you brick your card by writing random values to its
registers.
-- 
Matthieu Herrb

Re: dual dvi with 2 monitors, 1 dvi is not detected

[Didier Wiroth]

Hmm ... unfortunately, I'm not a programmer. I guess I'll have to buy
another brand/card.
I had a look at the ati driver manual
.
I checked many online shops, but I was not able to find a PCIe dual
dvi card that is supported. The supported chips listed in the openbsd
manuals are really old, and most available ati cards are radeon >= HD
5000. May be you have any recommandations?

Are there other brands I could have a look, I would really appreciate
your feedback.

Thank you very much for your help.
Kind regards,
Didier

On 7 January 2012 21:48, Matthieu Herrb  wrote:
> On Fri, Jan 06, 2012 at 04:15:53PM +0100, Marc Espie wrote:
>> On Fri, Jan 06, 2012 at 03:52:40PM +0100, Didier Wiroth wrote:
>> > Hello,
>> > I've purchased a zotac nvidia geforce 210 graphic card. it has a dual
>> > dvi output, which I was hoping to use with xorg and 2 monitors.
>>
>> Note for the future: don't buy nvidia cards. nvidia doesn't give their specs.
>>
>> (hoping someone else finds a solution to your issue anyways).
>>
>
> I won't. The nv driver has been abandonned by nVidia and since it's
> full of undocumented magic numbers, no one outside of them is going to
> be able to maintain, enhance it or add support for more cards to it.
>
> Poking around g80_output.c, you may be able to find a way to fix the
> detection of the outputs, but you're on your own, and please don't
> complain if you brick your card by writing random values to its
> registers.
> --
> Matthieu Herrb



-- 
Didier Wiroth

Re: dual dvi with 2 monitors, 1 dvi is not detected

[Jure Pečar]

On Sat, 7 Jan 2012 22:02:22 +0100
Didier Wiroth  wrote:

> Are there other brands I could have a look, I would really appreciate
> your feedback.

I remember Matrox G450 as being well supported even by XFree86. They have
G550 dual dvi model, no expirience with it though.

-- 

Jure PeD
ar

Re: dual dvi with 2 monitors, 1 dvi is not detected

[Christian Weisgerber]

Jure Pe?ar  wrote:

> I remember Matrox G450 as being well supported even by XFree86. They have
> G550 dual dvi model, no expirience with it though.

Well, since we seem to be reminiscing instead of checking current
facts--which would be work and sort of boring, you know, so why
bother--let me tell you that I remember newer Matrox cards not being
supported at all, and even the supported ones required a binary
blob to enable DVI, or maybe it was higher resolutions than 800x600
on DVI.

-- 
Christian "naddy" Weisgerber  na...@mips.inka.de

Re: dual dvi with 2 monitors, 1 dvi is not detected

[Tobias Ulmer]

On Sat, Jan 07, 2012 at 10:02:22PM +0100, Didier Wiroth wrote:
> Hmm ... unfortunately, I'm not a programmer. I guess I'll have to buy
> another brand/card.
> I had a look at the ati driver manual
> .
> I checked many online shops, but I was not able to find a PCIe dual
> dvi card that is supported. The supported chips listed in the openbsd
> manuals are really old, and most available ati cards are radeon >= HD
> 5000. May be you have any recommandations?

You don't need "dual DVI", most cards these days have DVI and HDMI
outputs, which are two names for the same standard. All you need is an
adapter.

Any low-end, passively cooled HD4xxx should do.

Ted Unangst Static Source Code Analysis

[Lars]

I was watching an older video regarding Static Source code analysis to
make code more secure.  I especially enjoyed your comments about SQL
injections and escaping sql which all sorts of websites forget to do.

What tools are used in OpenBSD for static source code analysis? I guess
Lint is considered one tool?  Do you, Ted, use other tools than Lint? 
This post is not just meant to be sent for Ted, of course anyone else
could reply if they know about source code analysis.

Should some of these static source code analysis techniques be merged into
compilers to catch more errors right within the development process,
instead of it being a separate tool?

Advantages of keeping static source code analysis separate tools:
-keeps the compiler simpler, doesn't add extra code to the compiler
-the source code analysis tool can be used not just with one compiler that
has it built in
-source code analysis needs to be configured on a case by case basis,
embedding it into the compiler might make things too complex for the user
setting up the compiler


Disadvantages of keeping static analysis separate:
-people are less inclined to use the separate tool and practice proper
coding techniques. Building it into the compiler would force them to write
more secure code on day one.
-people see the tool as an extra option, rather than developing their code
right from day one as an essential.

How to solve the disadvantages:
-ship source code analysis tools with the compiler and encourage people to
use it moreso than we do now, keep the tools as separate modules so they
can be developed individually but run together possibly with
processes/pipes.
-write more books on the topic, I doubt they would be Bestsellers though 
since people are more interested in just having their program compile and
run quickly

--
Regards, Lars

GNG is not GNU
http://gng.z505.com

Re: OpenBSD as router for UK FTTC?

[percy piper]

http://www.sinet.bt.com/506v1p0.pdf

OpenBSD 5.0 Snapshot: ASUS Wireless Card - Not Configured

[Steven]

Hi,

I recently purchased an ASUS PCE-N15 Wireless-N PCI-E Adapter.

http://www.asus.com/Networks/Wireless_Adapters/PCEN15/

After i installed it and restarted my computer I got this in the
dmesg (I'm assuming this is the ASUS adapter as it's the only new
device message I noticed in the logs. I'll include the full dmesg so
more knowledgeable minds can figure it out.)

pci2 at ppb1 bus 2
vendor "Realtek", unknown product 0x8178 (class network subclass miscellaneous, 
rev 0x01) at pci2 dev 0 function 0 not configured

It looks to be a half card and so I'm worried that I may have bought
a win-device. Is this ASUS Adapter supported by OpenBSD, do I have a
bad card, or is this a win-device?

Thanks.

Computer: AMD64 X4
OpenBSD 5.0 20 Dec snapshot.

ifconfig -a

lo0: flags=8049 mtu 33152
priority: 0
groups: lo
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
inet 127.0.0.1 netmask 0xff00
re0: flags=8843 mtu 1500
lladdr 1c:6f:65:83:06:26
priority: 0
groups: egress
media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
status: active
inet6 fe80::1e6f:65ff:fe83:626%re0 prefixlen 64 scopeid 0x1
inet 10.0.1.7 netmask 0xff00 broadcast 10.0.1.255
enc0: flags=0<>
priority: 0
groups: enc
status: active

dmesg

OpenBSD 5.0-current (GENERIC.MP) #159: Tue Dec 20 11:02:37 MST 2011
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8586723328 (8188MB)
avail mem = 8344002560 (7957MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf0100 (57 entries)
bios0: vendor Award Software International, Inc. version "F2" date 06/07/2010
bios0: Gigabyte Technology Co., Ltd. GA-870A-UD3
acpi0 at bios0: rev 0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT HPET MCFG MATS TAMG APIC
acpi0: wakeup devices USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) 
USB6(S3) SBAZ(S4) PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5) P2P_(S5) PCE2(S4) 
PCE3(S4) PCE4(S4) PCE5(S4) PCE6(S4) PCE7(S4) PCE8(S4) PCE9(S4) PCEA(S4) 
PCEB(S4) PCEC(S4) PS2M(S5) PS2K(S5) PCI0(S5)
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpihpet0 at acpi0: 14318180 Hz
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD Phenom(tm) II X4 955 Processor, 3215.16 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 
16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu0: apic clock running at 200MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD Phenom(tm) II X4 955 Processor, 3214.82 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 
16-way L2 cache
cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu2 at mainbus0: apid 2 (application processor)
cpu2: AMD Phenom(tm) II X4 955 Processor, 3214.82 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 
16-way L2 cache
cpu2: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu2: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu3 at mainbus0: apid 3 (application processor)
cpu3: AMD Phenom(tm) II X4 955 Processor, 3214.82 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 
16-way L2 cache
cpu3: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu3: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 21, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 6 (PEX0)
acpiprt2 at acpi0: bus 7 (PEX1)
acpiprt3 at acpi0: bus 8 (PEX2)
acpiprt4 at acpi0: bus 9 (PEX3)
acpiprt5 at acpi0: bus 5 (P2P_)
acpiprt6 at acpi0: bus 1 (PCE2)
acpiprt7 at acpi0: bus -1 (PCE3)
acpiprt8 at acpi0: bus -1 (PCE4)
acpiprt9 at acpi0: bus -1 (PCE5)
acpiprt10 at acpi0: bus 2 (PCE6)
acpiprt11 at acpi0: bus -1 (PCE7)
acpiprt12 at acpi0: bus -1 (PCE8)
acpiprt13 at acpi0: bus 3 (PCE9

Re: Ted Unangst Static Source Code Analysis

[Tomas Bodzar]

On Sun, Jan 8, 2012 at 1:04 AM, Lars  wrote:
> I was watching an older video regarding Static Source code analysis to
> make code more secure. B I especially enjoyed your comments about SQL
> injections and escaping sql which all sorts of websites forget to do.
>
> What tools are used in OpenBSD for static source code analysis? I guess
> Lint is considered one tool? B Do you, Ted, use other tools than Lint?
> This post is not just meant to be sent for Ted, of course anyone else
> could reply if they know about source code analysis.

Parfait
http://labs.oracle.com/projects/downunder/publications/documents/kca09.pdf

(document about finding bugs in kernels of OpenBSD, Linux and OpenSolaris)

>
> Should some of these static source code analysis techniques be merged into
> compilers to catch more errors right within the development process,
> instead of it being a separate tool?
>
> Advantages of keeping static source code analysis separate tools:
> -keeps the compiler simpler, doesn't add extra code to the compiler
> -the source code analysis tool can be used not just with one compiler that
> has it built in
> -source code analysis needs to be configured on a case by case basis,
> embedding it into the compiler might make things too complex for the user
> setting up the compiler
>
>
> Disadvantages of keeping static analysis separate:
> -people are less inclined to use the separate tool and practice proper
> coding techniques. Building it into the compiler would force them to write
> more secure code on day one.
> -people see the tool as an extra option, rather than developing their code
> right from day one as an essential.
>
> How to solve the disadvantages:
> -ship source code analysis tools with the compiler and encourage people to
> use it moreso than we do now, keep the tools as separate modules so they
> can be developed individually but run together possibly with
> processes/pipes.
> -write more books on the topic, I doubt they would be Bestsellers though
> since people are more interested in just having their program compile and
> run quickly
>
> --
> Regards, Lars
>
> GNG is not GNU
> http://gng.z505.com

Re: OpenBSD 5.0 Snapshot: ASUS Wireless Card - Not Configured

[Tomas Bodzar]

On Sun, Jan 8, 2012 at 6:29 AM, Steven 
wrote:
> Hi,
>
> I recently purchased an ASUS PCE-N15 Wireless-N PCI-E Adapter.
>
> http://www.asus.com/Networks/Wireless_Adapters/PCEN15/
>
> After i installed it and restarted my computer I got this in the
> dmesg (I'm assuming this is the ASUS adapter as it's the only new
> device message I noticed in the logs. I'll include the full dmesg so
> more knowledgeable minds can figure it out.)
>
> pci2 at ppb1 bus 2
> vendor "Realtek", unknown product 0x8178 (class network subclass
> miscellaneous, rev 0x01) at pci2 dev 0 function 0 not configured

http://www.openbsd.org/faq/faq6.html#Wireless

>
> It looks to be a half card and so I'm worried that I may have bought
> a win-device. Is this ASUS Adapter supported by OpenBSD, do I have a
> bad card, or is this a win-device?

http://ubuntuforums.org/showthread.php?t=1814675

Details from pcidump will be maybe useful for developers, but it seems
like you have some Win-only/proprietary stuff for which Linux has
binary blob because of NDA or something.

>
> Thanks.
>
> Computer: AMD64 X4
> OpenBSD 5.0 20 Dec snapshot.
>
> ifconfig -a
>
> lo0: flags=8049 mtu 33152
> B  B  B  B priority: 0
> B  B  B  B groups: lo
> B  B  B  B inet6 ::1 prefixlen 128
> B  B  B  B inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
> B  B  B  B inet 127.0.0.1 netmask 0xff00
> re0: flags=8843 mtu 1500
> B  B  B  B lladdr 1c:6f:65:83:06:26
> B  B  B  B priority: 0
> B  B  B  B groups: egress
> B  B  B  B media: Ethernet autoselect (1000baseT
full-duplex,rxpause,txpause)
> B  B  B  B status: active
> B  B  B  B inet6 fe80::1e6f:65ff:fe83:626%re0 prefixlen 64 scopeid 0x1
> B  B  B  B inet 10.0.1.7 netmask 0xff00 broadcast 10.0.1.255
> enc0: flags=0<>
> B  B  B  B priority: 0
> B  B  B  B groups: enc
> B  B  B  B status: active
>
> dmesg
>
> OpenBSD 5.0-current (GENERIC.MP) #159: Tue Dec 20 11:02:37 MST 2011
> B  B dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> real mem = 8586723328 (8188MB)
> avail mem = 8344002560 (7957MB)
> mainbus0 at root
> bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf0100 (57 entries)
> bios0: vendor Award Software International, Inc. version "F2" date
> 06/07/2010
> bios0: Gigabyte Technology Co., Ltd. GA-870A-UD3
> acpi0 at bios0: rev 0
> acpi0: sleep states S0 S3 S4 S5
> acpi0: tables DSDT FACP SSDT HPET MCFG MATS TAMG APIC
> acpi0: wakeup devices USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3)
> USB6(S3) SBAZ(S4) PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5) P2P_(S5) PCE2(S4)
> PCE3(S4) PCE4(S4) PCE5(S4) PCE6(S4) PCE7(S4) PCE8(S4) PCE9(S4) PCEA(S4)
> PCEB(S4) PCEC(S4) PS2M(S5) PS2K(S5) PCI0(S5)
> acpitimer0 at acpi0: 3579545 Hz, 32 bits
> acpihpet0 at acpi0: 14318180 Hz
> acpimcfg0 at acpi0 addr 0xe000, bus 0-255
> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> cpu0 at mainbus0: apid 0 (boot processor)
> cpu0: AMD Phenom(tm) II X4 955 Processor, 3215.16 MHz
> cpu0:
>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DN
OW
> cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
> 64b/line 16-way L2 cache
> cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully
> associative
> cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully
> associative
> cpu0: apic clock running at 200MHz
> cpu1 at mainbus0: apid 1 (application processor)
> cpu1: AMD Phenom(tm) II X4 955 Processor, 3214.82 MHz
> cpu1:
>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DN
OW
> cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
> 64b/line 16-way L2 cache
> cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully
> associative
> cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully
> associative
> cpu2 at mainbus0: apid 2 (application processor)
> cpu2: AMD Phenom(tm) II X4 955 Processor, 3214.82 MHz
> cpu2:
>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DN
OW
> cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
> 64b/line 16-way L2 cache
> cpu2: ITLB 32 4KB entries fully associative, 16 4MB entries fully
> associative
> cpu2: DTLB 48 4KB entries fully associative, 48 4MB entries fully
> associative
> cpu3 at mainbus0: apid 3 (application processor)
> cpu3: AMD Phenom(tm) II X4 955 Processor, 3214.82 MHz
> cpu3:
>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DN
OW
> cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
> 64b/line 16-way L2 cache
> cpu3: ITLB 32 4KB entries fully associative, 16 4MB entries fully
> associative
> cpu3: DTLB 48 4KB entries fully associative, 48 4MB entries fully
> associative