Re: 5.0 Stable (amd64) build appears broken.
On Mon, Feb 20, 2012, Duncan Patton a Campbell wrote: > On Mon, 20 Feb 2012 10:05:19 -0500 > Ted Unangst wrote: > >> you are running config from a different version than the source you >> are trying to compile. > > Ok, but if I've started with 5.0 Release, how do I get 5.0 Stable's config > without > building it? I would revisit the assumption you are building 5.0 on 5.0. You are reporting an error nobody else is reporting, that just happens to be exactly the error one sees when building with a mismatched config and src, so You see where I'm coming from?
Diventa 16shop point
Diventa Rivendiventore 16SHOP Apri uno Shop Point con noi ...IT'S PLAY TIME Intrattenimento 3600 www.16shop.it X INFO e maggiori informazioni. Contatta agente di zona: Mariano Della Monica cell.: +39 392 5004800 o scrivi a mail1: mariano.dellamon...@tin.it mail2: vend...@marianodellamonica.it mail3: m.dellamo...@16shop.it web: www.marianodellamonica.it Cordiali Saluti RESTO A DISPOSIZIONE PER QUALSIASI CHIARIMENTO IN MERITO E IN TALE ATTESA GRADITE I MIEI MIGLIORI SALUTI Buona giornata e buon lavoro. Best Regards Mariano Della Monica Agente di Vendita cell.: +39 392 50048 00 mariano.dellamon...@tin.it Le informazioni contenute in questo messaggio sono riservate e confidenziali. Il loro utilizzo e? consentito esclusivamente al destinatario del messaggio, per le finalit` indicate nel messaggio stesso. Qualora Lei non fosse la persona a cui il presente messaggio h destinato, La invitiamo ad eliminarlo dal Suo Sistema e a distruggere le varie copie o stampe, dandocene gentilmente comunicazione. Ogni utilizzo improprio e? contrario ai principi del D.lgs 196/03 ed alla legislazione europea (Direttiva 2002/58/CE). La informiamo inoltre che il trattamento dei dati degli iscritti al servizio della newsletter e' conforme a quanto previsto dal Codice in materia di protezione dei dati personali (Decreto legislativo 30 giugno 2003, n. 196).opera in conformit` del D.lgs 196/2003 e della legislazione europea. Gli indirizzi e-mail esistenti nell'archivio sono pervenuti direttamente al nostro recapito o estrapolati dagli elenchi di pubblico dominio. E' sufficiente inviare un messaggio a mariano.dellamon...@tin.it per essere cancellati dalla mailing list.
Re: smartphones and managing openbsd servers
I use ConnectBot to SSH into servers on my Google/Samsung Nexus S 4G running CyanogenMod with the Hacker's Keyboard. It works great in a pinch, but I wouldn't want to spend all day using it to admin a server. -Nick On Sat, Feb 18, 2012 at 5:06 PM, Marcos Ariel Laufer wrote: > Hello list, > This might not be OpenBSD specific, but maybe users can share their > experiences with smartphones an managing OpenBSD servers. > So far, my smartphone has been a very usefull tool to manage my OpenBSD > servers. Currently i am using a Palm Treo 680 with some lousy ssh > application to access my servers, it is usefull, but this is getting pretty > ancient, doesn't have wifi for exaple, and i would like that feature on a > smartphone. I also love the touch screen. > What newer smartphones do you recommend for using also as a tool for > managing OpenBSD servers (maybe windogs too) ? What experiences had you had > with smartphones and OpenBSD managing? > > Best regards, > Marcos
halt -p not powering down Sony Vaio (13 Feb snapshot)
halt -p clears the screen, quiets the disk, but the cpu fan runs on, the screen stays lit and the power light stays on. For hours. Have to mash the power button for aound 8 seconds to get it really shut off. apmd is enabled in rc.conf.local. Messages extract next paragraph. Dmesg below sig. Feb 20 17:41:17 vaiopenbsd halt: halted (with powerdown) by ed Feb 20 17:41:18 vaiopenbsd syslogd: exiting on signal 15 Feb 20 17:42:45 vaiopenbsd syslogd: start OpenBSD 5.1 (GENERIC.MP) #207: Sun Feb 12 09:42:14 MST 2012 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8496082944 (8102MB) avail mem = 8255754240 (7873MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xeb3a0 (17 entries) bios0: vendor American Megatrends Inc. version "R1100V2" date 04/15/2011 bios0: Sony Corporation VPCCA25FX acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC HPET SSDT SLIC MCFG SSDT SSDT ECDT SSDT acpi0: wakeup devices B0D4(S4) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) USB6 (S3) USB7(S3) EHC1(S3) EHC2(S3) PXSX(S3) PXSX(S3) PXSX(S3) RP03(S3) PXSX(S3) RP0 4(S3) PWRB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz, 2295.14 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CF LUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM 2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,XSAVE,AVX,NXE,LONG,LAHF cpu0: 256KB 64b/line 8-way L2 cache cpu0: apic clock running at 99MHz cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz, 2294.79 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CF LUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM 2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,XSAVE,AVX,NXE,LONG,LAHF cpu1: 256KB 64b/line 8-way L2 cache cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz, 2294.79 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CF LUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM 2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,XSAVE,AVX,NXE,LONG,LAHF cpu2: 256KB 64b/line 8-way L2 cache cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz, 2294.79 MHz cpu3: FPU,VME,DE,PSE,TSC,acpiprt1 at acpi0: bus -1 (PEG0) acpiprt2 at acpi0: bus 1 (RP01) acpiprt3 at acpi0: bus 2 (RP02) acpiprt4 at acpi0: bus 3 (RP03) acpiprt5 at acpi0: bus 4 (RP04) acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpicpu2 at acpi0: C3, C2, C1, PSS acpicpu3 at acpi0: C3, C2, C1, PSS acpitz0 at acpi0: critical temperature is 96 degC acpitz1 at acpi0: critical temperature is 96 degC acpibat0 at acpi0: BAT0 type LiOn oem "Sony Corp." acpiac0 at acpi0: AC unit offline acpibtn0 at acpi0: LID0 acpibtn1 at acpi0: PWRB acpivideo0 at acpi0: GFX0 acpivout0 at acpivideo0: DD02 cpu0: Enhanced SpeedStep 2294 MHz: speeds: 2301, 2300, 1800, 1600, 1400, 1200, 1 000, 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel Core 2G Host" rev 0x09 vga1 at pci0 dev 2 function 0 "Intel GT2 Video" rev 0x09 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CF LUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM 2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,XSAVE,AVX,NXE,LONG,LAHF cpu3: 256KB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpihpet0 at acpi0: 14318179 Hz acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpiec0 at acpi0 acpiprt0 at acpi0: bus 0 (PCI0) -- Ed Ahlsen-Girard Ft. Walton Beach FL wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xe000, size 0x1000 inteldrm0 at vga1: apic 2 int 16 drm0 at inteldrm0 "Intel 6 Series MEI" rev 0x04 at pci0 dev 22 function 0 not configured ehci0 at pci0 dev 26 function 0 "Intel 6 Series USB" rev 0x04: apic 2 int 16 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 "Intel 6 Series HD Audio" rev 0x04: msi azalia0: codecs: Realtek ALC269, Intel/0x2805, using Realtek ALC269 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 "Intel 6 Series PCIE" rev 0xb4: msi pci1 at ppb0 bus 1 iwn0 at pci1 dev 0 function 0 "Intel WiFi Link 1000" rev 0x00: msi, MIMO 1T2R, B GS, address 74:e5:0b:51:4c:4e ppb1 at pci0 dev 28 function 1 "Intel 6 Series PCIE" rev 0xb4: msi pci2 at ppb1 bus 2 sdhc0 at pci2 dev 0 function 0 "Ricoh 5U823 SD/MMC" rev 0x04: apic 2 int 17 sdmmc0 at sdhc0 vendor "Ricoh", unknown product 0xe232 (class system subclass miscellaneous, rev 0x04) at pci2 dev 0 function 1 not configured ppb2 at pci0 dev 28 funct
Re: xlock segfault only with certain users
On Sun, Feb 19, 2012 at 11:31:22PM -0700, Theo de Raadt wrote: > >On Sun, Feb 19, 2012, Chris Bennett wrote: > >> I am running snapshot from right before ports unlock on i386. > >> > >> I can use xlock just fine, however when another user logs in, it > >> segfaults saying need to relink program. > > > >Actually, it says you need to relink it, then it segfaults some time > >after. The solution, of course, is to relink the program. Or install a > >snapshot where it was properly linked. > > Or in future releases we could remove that important message from ld.so, > so that it would just crash silently. > I think I'll go with the newer snapshot thing. Part of my question was why good for one user and crash for another? As far as that really cool new "feature", could we also remove that annoying password thing. It wastes so much time and everyone keeps forgetting it! ;)
Re: /etc/netstart diff
> Apart from that, there's a number of places where a different wifi > configuration is necessary, call them /etc/hostname.athn0.apX. > > Being at one of these places, typing "sh /etc/netstart athn0.apX" > suffices to have a working setup. > Another way is to have a different command for each place you visit: #! /bin/ksh int="rum0" ifconfig $int down ifconfig $int nwid "id" wpa wpakey "password" sleep 2 dhclient $int Then if you go to a new place, just copy the script, changing id and password, and instantly connect.
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
On 02/20/12 14:07, Francesco Cardi wrote: > I upgraded the ram is 32m now, I want to use OpenBSD on this machine. > So should I change the little watch battery? this is not really an OpenBSD issue, but rather, "PC 101". First, the very basic troubleshooting part: does the additional RAM permit an OpenBSD install, or are you still having a problem? If still having problems, it is funky hw, probably not worth lots of effort. Second: is this machine "totally useless" or just "Really annoying" without a CMOS battery? PCs have all kinds of issues without good CMOS batteries. Some will make non-stupid assumptions and will be just annoying, and an "rdate" or "ntpd -s" at boot will solve some of the rest. Others will consider this a major hw failure and will not attempt to boot without lots of manual setting at boot, rendering the machine somewhere between frustrating and useless. In short: YOU need to answer your question. Nick.
Re: Recovery after newfs_msdos
Quoting JFS : > Hello, > > Sorry for that question however > > I have made a newfs_msdos on the wrong USB sticker which contained jpeg > > and mov files. > Since nothing has been done on that disk afterwards, do we have any mean > > to recover the datas ? Maybe try http://en.wikipedia.org/wiki/Photorec Never used it myself. And there might be better answers, so wait and see! > > Thanks, > > Jean-Frangois
Re: /etc/netstart diff
On Fri, 17 14:18 , Stuart Henderson wrote: > I only see this as being marginally useful as-is. Why would you > want to configure every network interface individually? You might > as well just use a separate script in that case. The use case is to have a default configuration of a wireless interface, call it /etc/hostname.athn0. Apart from that, there's a number of places where a different wifi configuration is necessary, call them /etc/hostname.athn0.apX. Being at one of these places, typing "sh /etc/netstart athn0.apX" suffices to have a working setup. I can of course wrap nearly everything into some script, doing one and the same thing over and over again (or script the scripting). However avoiding additional overhead by applying a change once is just the idea of the patch. But it doesn't really sound like this idea is attractive to anyone. > I'd rather have an option to specify this be used for *all* > hostname.if files so you could "sh /etc/netstart -s mobile" etc. > > Or maybe easier to have "netstart -d /etc/net/home" etc to look in > a different directory (though this has implications for /etc/security > and changelist). > > With either of these, it would probably make sense to add "netstart_flags" > support to rc.conf/rc as well. The latter might be a proper solution as well, but is not as minimally invasive as intended. All the best, /Markus
Recovery after newfs_msdos
Hello, Sorry for that question however I have made a newfs_msdos on the wrong USB sticker which contained jpeg and mov files. Since nothing has been done on that disk afterwards, do we have any mean to recover the datas ? Thanks, Jean-Frangois
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
I upgraded the ram is 32m now, I want to use OpenBSD on this machine. So should I change the little watch battery? -- Cardi Francesco alias Il Parente Free Software activist Diaspora*: https://joindiaspora.com/u/ilparente Identi.ca: https://identi.ca/cardifrancesco Jabber: ilpare...@jabber.org
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
On 2012-02-20, Francesco Cardi wrote: >> I was responding to a followup mail, not directly about your problem > > ah ok ;) > > >>> The problem that is annoying the bios, maybe >> >> Normally the 'CHECK AND RESET THE DATE' message is non-fatal >> and only prints once. >> >> Did you read Nick's message about memory? > > Yes I read everything, so the problem is that OpenBSD requires minimum > 32 MB RAM? > This problem *may* be lack of RAM but even if you get past this, the machine won't be very useful running OpenBSD. In particular I can't imagine a constantly swapping years-old laptop drive is going to last very long... Nick wrote: << I'm not sure if the RAM is the reason the "Check and reset the date" error is repeating, but 16M just won't cut it for i386 in 2012. >>
Re: How to deal with DDoS ?
I think the quickest and most effective solution is to blackhole the target ip in your upstream's network, if you are running BGP, most of the ISPs have blackhole communities that accepts /32 prefixes. All the other solution are very complex and involves "super" hardware. If you cannot afford to lose the target ip's visibility during the attack there are several methods that lessens the traffic, example, if your site is targeted to national customers you can use DNS answer different ip's based on request's country the you can direct all requests from china/north korea etc to a vps that you can rent for $50 Commercial solutions exists, but they are just large clusters of firewalls and load-balancers in which they are doing something like you do in your box. there is no horizontal solution to these attacks, just per user case. HTH mindlessgr blog: http://wp.mindless.gr From: Roger S. To: misc@openbsd.org Sent: Monday, February 20, 2012 6:57 PM Subject: How to deal with DDoS ? Greetings misc@ I am facing regular and consequent DDoS, and I would like to know how the OpenBSD community deal with these. Hints and inputs welcome. The obvious first : my input pipes are not filled, there is plenty of bandwith available for my regular users. As OpenBSD is not enough (in my setup, I am sure there is a solution) to mitigate such attacks we use a proprietary product, but this solution has some undesirable side-effects and is not a viable long term solution for us. Methodology is more or less always the same : - massive UDP flood : 2 Gbps / 150 Kpps -> dropped directly on the router, not a problem - moderate ICMP flood : 10 Mbps / 12 Kpps - moderate IP fragments flood : 380 Mbps / 57 Kpps - moderate TCP RST flood : 10 Mbps / 30 Kpps - massive TCP SYN flood : 640 Mbps / 2 Mpps -> yup, that hurts So, UDP never ever reaches my OpenBSD box. The SYN are made with a very vicious method : each used IP send exactly one SYN, but there are millions of them (traffic probably spoofed, but can not use uRPF as we have asymmetric traffic and routes). I tried to set limit states with 1M entries, and it was quickly filled (tried 5M but the box collapses way before that). So in the end, the state table collapses and no traffic can pass, even for regular users with already established connections. I ran some experiments in a lab trying to reproduce this, with a box roughly identical to what I have in production (but much weaker, of course). The box collapses at 600 Kpps SYN (100% interrupts), but handles everything very gently (less than 50% interrupts and no packet loss) if the first rule evaluated is block drop in quick from ! . So it seems that my bottleneck is PF here, not the hardware. A consequence of this saturation : both my main firewall and my backup claims MASTER ownership of the CARP (split brain syndrome). CARP works just fine when I add the block rule, though. Some configuration details : - OS : OpenBSD 5.0/amd64 box, using GENERIC.MP - CPU : Intel X3460 CPU (4 cores, 2.80GHz) - RAM : 4GB - NIC : 2x Intel 82576 (2 ports each) Each network card has the following setup : one port to the LAN, one port to the WAN. Each pair (LAN1/LAN2 and WAN1/WAN2) is trunked using LACP. Already bumped net.inet.ip.ifq.maxlen, as all NICs are supported. My benchmarks did highlight two interesting things : amd64 has better performance than i386 (roughly 5-10% less interrupts, with same rules and traffic), but the difference between GENERIC and GENERIC.MP is insignificant. My current idea is to hack a daemon to track established connections (extracting them ` la netstat), and inject my block rule in an anchor (` la relayd) when needed (watching some stats from pf, with its ioctl interface). Pros: regular users the firewall saw before the attack can still use the service. Cons: no new users are allowed until the removal of the rule, obviously. Better than nothing, but I welcome any other hints :) One other solution may be to add boxes. I tried a carpnodes cluster, but at 600 Kpps I got a "split brain" with both nodes claiming MASTER for each carpnode. Maybe if I configure ALTQ it could help this ? As I have more boxes, I could deal with the performance impact of ALTQ. I am willing to test any patch/suggestion you may have, of course. Even just hints about kernel code, as I am currently messing with PF code myself. I did compile a profiled kernel, I must now check the results but that will be another story. To finish, here is the typical load on the box (errors are from various DDoS, not related to normal use) : Status: Enabled for 77 days 02:17:58 Debug: err Interface Stats for trunk1IPv4 IPv6 Bytes In 88853303832730 Bytes Out 7244931605029820224 Packets In Passed 487387028750 Blo
Re: smartphones and managing openbsd servers
With custom kernel settings (Swappolube) at least for me Yes -- Phantom reboots. Sorry Jan my mistake. >>> I Really don't know if Nokia is going to continue Another issue is the "No Sim Card Inserted", some people fix this with a piece of paper between the slider and the Sim card. Or if under warranty you can get a new one. I hope this helps... On Mon, Feb 20, 2012 at 10:59 AM, Johan Beisser wrote: > On Feb 20, 2012, at 8:49, Jan Stary wrote: > >> On Feb 20 10:19:48, Daniel mora wrote: >>> I've worked with several different OS and phone brands (Nokia/Symbian, >>> iPhone, HTC/Android). >>> The one I feel more comfortable is the Nokia N900 it runs Maemo 5, is >>> a Debian like Linux, you can use it as a normal Linux machine. Maybe >>> another phones running Maemo could bring a similar experience. >>> >>> The cons... >>> I Really don't know if Nokia is going to continue supporting Maemo. >> >> Correction: >> >>I Really don't know if Nokia is going to continue > > Nokia already said they'd kill Maemo and Symbian. > > I've heard the n900 has some stability issues. Any truth to this?
Re: smartphones and managing openbsd servers
On Feb 20, 2012, at 8:49, Jan Stary wrote: > On Feb 20 10:19:48, Daniel mora wrote: >> I've worked with several different OS and phone brands (Nokia/Symbian, >> iPhone, HTC/Android). >> The one I feel more comfortable is the Nokia N900 it runs Maemo 5, is >> a Debian like Linux, you can use it as a normal Linux machine. Maybe >> another phones running Maemo could bring a similar experience. >> >> The cons... >> I Really don't know if Nokia is going to continue supporting Maemo. > > Correction: > >I Really don't know if Nokia is going to continue Nokia already said they'd kill Maemo and Symbian. I've heard the n900 has some stability issues. Any truth to this?
How to deal with DDoS ?
Greetings misc@ I am facing regular and consequent DDoS, and I would like to know how the OpenBSD community deal with these. Hints and inputs welcome. The obvious first : my input pipes are not filled, there is plenty of bandwith available for my regular users. As OpenBSD is not enough (in my setup, I am sure there is a solution) to mitigate such attacks we use a proprietary product, but this solution has some undesirable side-effects and is not a viable long term solution for us. Methodology is more or less always the same : - massive UDP flood : 2 Gbps / 150 Kpps -> dropped directly on the router, not a problem - moderate ICMP flood : 10 Mbps / 12 Kpps - moderate IP fragments flood : 380 Mbps / 57 Kpps - moderate TCP RST flood : 10 Mbps / 30 Kpps - massive TCP SYN flood : 640 Mbps / 2 Mpps -> yup, that hurts So, UDP never ever reaches my OpenBSD box. The SYN are made with a very vicious method : each used IP send exactly one SYN, but there are millions of them (traffic probably spoofed, but can not use uRPF as we have asymmetric traffic and routes). I tried to set limit states with 1M entries, and it was quickly filled (tried 5M but the box collapses way before that). So in the end, the state table collapses and no traffic can pass, even for regular users with already established connections. I ran some experiments in a lab trying to reproduce this, with a box roughly identical to what I have in production (but much weaker, of course). The box collapses at 600 Kpps SYN (100% interrupts), but handles everything very gently (less than 50% interrupts and no packet loss) if the first rule evaluated is block drop in quick from ! . So it seems that my bottleneck is PF here, not the hardware. A consequence of this saturation : both my main firewall and my backup claims MASTER ownership of the CARP (split brain syndrome). CARP works just fine when I add the block rule, though. Some configuration details : - OS : OpenBSD 5.0/amd64 box, using GENERIC.MP - CPU : Intel X3460 CPU (4 cores, 2.80GHz) - RAM : 4GB - NIC : 2x Intel 82576 (2 ports each) Each network card has the following setup : one port to the LAN, one port to the WAN. Each pair (LAN1/LAN2 and WAN1/WAN2) is trunked using LACP. Already bumped net.inet.ip.ifq.maxlen, as all NICs are supported. My benchmarks did highlight two interesting things : amd64 has better performance than i386 (roughly 5-10% less interrupts, with same rules and traffic), but the difference between GENERIC and GENERIC.MP is insignificant. My current idea is to hack a daemon to track established connections (extracting them ` la netstat), and inject my block rule in an anchor (` la relayd) when needed (watching some stats from pf, with its ioctl interface). Pros: regular users the firewall saw before the attack can still use the service. Cons: no new users are allowed until the removal of the rule, obviously. Better than nothing, but I welcome any other hints :) One other solution may be to add boxes. I tried a carpnodes cluster, but at 600 Kpps I got a "split brain" with both nodes claiming MASTER for each carpnode. Maybe if I configure ALTQ it could help this ? As I have more boxes, I could deal with the performance impact of ALTQ. I am willing to test any patch/suggestion you may have, of course. Even just hints about kernel code, as I am currently messing with PF code myself. I did compile a profiled kernel, I must now check the results but that will be another story. To finish, here is the typical load on the box (errors are from various DDoS, not related to normal use) : Status: Enabled for 77 days 02:17:58 Debug: err Interface Stats for trunk1IPv4 IPv6 Bytes In 88853303832730 Bytes Out 7244931605029820224 Packets In Passed 487387028750 Blocked101528656110 Packets Out Passed 67293792876 281 Blocked 45576371330 State Table Total Rate current entries37135 searches13077192954819632.2/s inserts 4718030394 708.3/s removals 4717993259 708.3/s Source Tracking Table current entries 7455 searches 4951426366 743.3/s inserts623672861 93.6/s removals 623665406 93.6/s Counters match 5600111978 840.7/s bad-offset 00.0/s fragment 35913790.5/s short25001330.4/s normalize
Re: smartphones and managing openbsd servers
On Feb 20 10:19:48, Daniel mora wrote: > I've worked with several different OS and phone brands (Nokia/Symbian, > iPhone, HTC/Android). > The one I feel more comfortable is the Nokia N900 it runs Maemo 5, is > a Debian like Linux, you can use it as a normal Linux machine. Maybe > another phones running Maemo could bring a similar experience. > > The cons... > I Really don't know if Nokia is going to continue supporting Maemo. Correction: I Really don't know if Nokia is going to continue
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
On 02/20/12 05:03, Francesco Cardi wrote: > Unfortunately there is no way forward is blocked at that time, in > moemnto where there is loading and the first phase of installation. > 16 mb ram does not go well with OpenBSD? well, you don't describe what you want to do with the machine, but if the goal is to be doing more than watching the hard disk light blink due to swap, yes, it will not go well at all. I've done some pretty cool stuff with very little RAM, but I can't think of any productive anything you will do with 16M on i386. ... >>> You may have other problems with the machine you are using -- normally >>> the clock time error is not fatal...just a "hey, your RTclock is hosed >>> and as time is pretty important to a unix machine, you might want to >>> know this" type warning and move on. ... > The battery does not work, I use the notebook to connect the AC cord. > I want to install OpenBSD without buying a new battery, do not want to > spend money on a very old notebook. Be aware that there are normally TWO batteries in most notebooks. One is the big rechargeable that powers the operation when the machine is disconnected from the wall outlet; the other is the very small battery which powers the Real Time Clock. This is usually one of four things: a disposable lithium cell, a SMALL rechargeable battery, a "supercap" (large value capacitor, though it has been a VERY long time since I saw these in a laptop; I think they fell out of favor), or a lithium battery built into a chip that's probably soldered on the main board (I've not seen these in a lot of laptops; that may say more about my sample sources than real life). The little batteries are replaceable. Cost depends on how creative you are. If you go looking for an IBM model blabla replacement lithium battery, cost will be high. If you snip the ends off the existing battery, and attach them to whatever you have laying around that will fit, almost free. > There is a possibility to load a parameter from the boot to eliminate > this problem? not if you are limited to 16M. Again, we have no idea what your goal is, if you could get by with a small amount more memory, find out what kind of RAM your computer needs, and go talk to your local, been-in-business-forever tiny computer store, odds are he's got a 16M or 32M (or better!) upgrade he pulled out of someone's machine he'd almost give you for justifying his holding onto the junk for the last ten years. :) 32M would get you a small firewall, serial/SSH terminal in text mode. If you want anything GUI, I'd guess 64M to bring up X and a bunch of xterms, but if you want anything that people think of as graphical...256M and more is where you need to start. Nick.
Re: smartphones and managing openbsd servers
I've worked with several different OS and phone brands (Nokia/Symbian, iPhone, HTC/Android). The one I feel more comfortable is the Nokia N900 it runs Maemo 5, is a Debian like Linux, you can use it as a normal Linux machine. Maybe another phones running Maemo could bring a similar experience. The cons... I Really don't know if Nokia is going to continue supporting Maemo. Good Luck! On Mon, Feb 20, 2012 at 3:13 AM, MERIGHI Marcus wrote: > Nokia 5230 Software 51.0.002 > > SSH client: PuTTY for Symbian OS > http://s2putty.sourceforge.net/ > http://s2putty.sourceforge.net/download.html > putty_s60v3_1.5.2.zip > putty_s60v3_1.5.2.sisx > > no fun but works. Mode: Input a line, send. > > bye, Marcus > > h...@osvaldobarrera.com.ar (Hugo Osvaldo Barrera), 2012.02.20 (Mon) 06:00 > (CET): >> On 2012-02-18 20:06, Marcos Ariel Laufer wrote: >> > Hello list, >> > This might not be OpenBSD specific, but maybe users can share their >> > experiences with smartphones an managing OpenBSD servers. >> > So far, my smartphone has been a very usefull tool to manage my OpenBSD >> > servers. Currently i am using a Palm Treo 680 with some lousy ssh >> > application to access my servers, it is usefull, but this is getting >> > pretty ancient, doesn't have wifi for exaple, and i would like that >> > feature on a smartphone. I also love the touch screen. >> > What newer smartphones do you recommend for using also as a tool for >> > managing OpenBSD servers (maybe windogs too) ? What experiences had you >> > had with smartphones and OpenBSD managing? >> > >> > Best regards, >> > Marcos >> > >> >> I use a Nokia N900 for this. It's a real GNU/Linux, so you you get ssh >> out-of-the-box, and there's other stuff you might occasionally use (like >> rsync). >> It also has a pretty good hardware keyboard, which I feel is a must in >> order to use ssh comfortably, and makes the real difference. >> I log into OpenBSD servers on a daily basis (well, just two servers >> actually), and it's pretty good. >> >> -- >> Hugo Osvaldo Barrera
Re: 5.0 Stable (amd64) build appears broken.
On Mon, 20 Feb 2012 10:05:19 -0500 Ted Unangst wrote: > you are running config from a different version than the source you > are trying to compile. Ok, but if I've started with 5.0 Release, how do I get 5.0 Stable's config without building it? d > > On Mon, Feb 20, 2012, Duncan Patton a Campbell wrote: > > arrrgh. hit the send b4 that was finished, anyways > > > > > > I install 5.0 AMD64 base.. > > # uname -a > > OpenBSD jimg.indx.ca 5.0 GENERIC.MP#63 amd64 > > > > then fetch the patchbranch source.. > > > > export CVSROOT=anon...@anoncvs1.ca.openbsd.org:/cvs > > cvs -d$CVSROOT checkout -rOPENBSD_5_0 -P src ports xenocara > > > > then do the kernel make > > # cd /usr/src/sys/arch/amd64/conf > > # config GENERIC > > config: symlink(machine -> ../../../../arch/amd64/include): File exists > > config: symlink(amd64 -> machine): File exists > > *** Stop. > > (this is where we start to go sideways, but mebbe file extance is ok..) > > > > # cd ../compile/GENERIC > > # make clean > > # make > > cc -Werror -Wall -Wstrict-prototypes -Wmissing-prototypes -Wno-main > > -Wno-uninitialized -Wno-format -Wstack-larger-than-2047 -mcmodel=kernel > > -mno-red-zone -mno-sse2 -mno-sse -mno-3dnow -mno-mmx -msoft-float > > -fno-omit-frame-pointer -fno-builtin-printf -fno-builtin-snprintf > > -fno-builtin-vsnprintf -fno-builtin-log -fno-builtin-log2 > > -fno-builtin-malloc -O2 -pipe -nostdinc -I. -I../../../.. > > -I../../../../arch -DDDB -DDIAGNOSTIC -DKTRACE -DACCOUNTING -DKMEMSTATS > > -DPTRACE -DCRYPTO -DSYSVMSG -DSYSVSEM -DSYSVSHM -DUVM_SWAP_ENCRYPT > > -DCOMPAT_43 -DCOMPAT_O48 -DLKM -DFFS -DFFS2 -DFFS_SOFTUPDATES > > -DUFS_DIRHASH -DQUOTA -DEXT2FS -DMFS -DNFSCLIENT -DNFSSERVER -DCD9660 > > -DUDF -DMSDOSFS -DFIFO -DSOCKET_SPLICE -DTCP_SACK -DTCP_ECN > > -DTCP_SIGNATURE -DINET -DALTQ -DINET6 -DIPSEC -DPPP_BSDCOMP -DPPP_DEFLATE > > -DPIPEX -DMROUTING -DMPLS -DBOOT_CONFIG -DUSER_PCICONF -DAPERTURE -DMTRR > > -DNTFS -DPCIVERBOSE -DUSBVERBOSE -DWSDISPLAY_COMPAT_USL > > -DWSDISPLAY_COMPAT_RAWKBD -DWSDISPLAY_DEFAULTSCREENS="6" -DWS! > > DISPLAY_COMPAT_PCVT -DX86EMU -DONEWIREVERBOSE -DMAXUSERS=80 -D_KERNEL -MD > > -MP -c ioconf.c > > cc1: warnings being treated as errors > > ioconf.c:803: warning: excess elements in struct initializer > > ioconf.c:803: warning: (near initialization for 'cfdata[0]') > > ioconf.c:805: warning: excess elements in struct initializer > > > > ioconf.c:1521: warning: (near initialization for 'cfdata[359]') > > ioconf.c:1523: warning: excess elements in struct initializer > > ioconf.c:1523: warning: (near initialization for 'cfdata[360]') > > *** Error code 1 > > > > Stop in /usr/src/sys/arch/amd64/compile/GENERIC (line 735 of Makefile). > > # > > > > And thats all. Same thing happens trying to build 5.0stable on a 4.9 > > system... > > > > Any help would be appreciated, > > > > Thanks, > > > > Dhu > > > > > > -- > > Duncan Patton a Campbell is Dhu >>> Ne obliviscaris, vix ea nostro voco. > -- Duncan Patton a Campbell is Dhu >>> Ne obliviscaris, vix ea nostro voco.
Re: 5.0 Stable (amd64) build appears broken.
you are running config from a different version than the source you are trying to compile. On Mon, Feb 20, 2012, Duncan Patton a Campbell wrote: > arrrgh. hit the send b4 that was finished, anyways > > > I install 5.0 AMD64 base.. > # uname -a > OpenBSD jimg.indx.ca 5.0 GENERIC.MP#63 amd64 > > then fetch the patchbranch source.. > > export CVSROOT=anon...@anoncvs1.ca.openbsd.org:/cvs > cvs -d$CVSROOT checkout -rOPENBSD_5_0 -P src ports xenocara > > then do the kernel make > # cd /usr/src/sys/arch/amd64/conf > # config GENERIC > config: symlink(machine -> ../../../../arch/amd64/include): File exists > config: symlink(amd64 -> machine): File exists > *** Stop. > (this is where we start to go sideways, but mebbe file extance is ok..) > > # cd ../compile/GENERIC > # make clean > # make > cc -Werror -Wall -Wstrict-prototypes -Wmissing-prototypes -Wno-main > -Wno-uninitialized -Wno-format -Wstack-larger-than-2047 -mcmodel=kernel > -mno-red-zone -mno-sse2 -mno-sse -mno-3dnow -mno-mmx -msoft-float > -fno-omit-frame-pointer -fno-builtin-printf -fno-builtin-snprintf > -fno-builtin-vsnprintf -fno-builtin-log -fno-builtin-log2 > -fno-builtin-malloc -O2 -pipe -nostdinc -I. -I../../../.. > -I../../../../arch -DDDB -DDIAGNOSTIC -DKTRACE -DACCOUNTING -DKMEMSTATS > -DPTRACE -DCRYPTO -DSYSVMSG -DSYSVSEM -DSYSVSHM -DUVM_SWAP_ENCRYPT > -DCOMPAT_43 -DCOMPAT_O48 -DLKM -DFFS -DFFS2 -DFFS_SOFTUPDATES > -DUFS_DIRHASH -DQUOTA -DEXT2FS -DMFS -DNFSCLIENT -DNFSSERVER -DCD9660 > -DUDF -DMSDOSFS -DFIFO -DSOCKET_SPLICE -DTCP_SACK -DTCP_ECN > -DTCP_SIGNATURE -DINET -DALTQ -DINET6 -DIPSEC -DPPP_BSDCOMP -DPPP_DEFLATE > -DPIPEX -DMROUTING -DMPLS -DBOOT_CONFIG -DUSER_PCICONF -DAPERTURE -DMTRR > -DNTFS -DPCIVERBOSE -DUSBVERBOSE -DWSDISPLAY_COMPAT_USL > -DWSDISPLAY_COMPAT_RAWKBD -DWSDISPLAY_DEFAULTSCREENS="6" -DWS! > DISPLAY_COMPAT_PCVT -DX86EMU -DONEWIREVERBOSE -DMAXUSERS=80 -D_KERNEL -MD > -MP -c ioconf.c > cc1: warnings being treated as errors > ioconf.c:803: warning: excess elements in struct initializer > ioconf.c:803: warning: (near initialization for 'cfdata[0]') > ioconf.c:805: warning: excess elements in struct initializer > > ioconf.c:1521: warning: (near initialization for 'cfdata[359]') > ioconf.c:1523: warning: excess elements in struct initializer > ioconf.c:1523: warning: (near initialization for 'cfdata[360]') > *** Error code 1 > > Stop in /usr/src/sys/arch/amd64/compile/GENERIC (line 735 of Makefile). > # > > And thats all. Same thing happens trying to build 5.0stable on a 4.9 > system... > > Any help would be appreciated, > > Thanks, > > Dhu > > > -- > Duncan Patton a Campbell is Dhu >>> Ne obliviscaris, vix ea nostro voco.
Re: alix2d2 LM86, no hw.sensors
On Sun, Feb 19, 2012 at 01:12:13PM +0100, Mike Belopuhov wrote: > and i forgot to mention that kernel config has to be patched too. > thanks to shadchin@ for reminding. It didn't work, here is the dmesg: [15:19:ttyp0][root@T3:~:5]$ sysctl hw hw.machine=i386 hw.model=Geode(TM) Integrated Processor by AMD PCS ("AuthenticAMD" 586-class) hw.ncpu=1 hw.byteorder=1234 hw.pagesize=4096 hw.disknames=wd0:c8fc559b0e991404 hw.diskcount=1 hw.cpuspeed=499 hw.physmem=267976704 hw.usermem=267964416 hw.ncpufound=1 hw.allowpowerdown=1 OpenBSD 5.0 (GENERIC.MP) #0: Mon Feb 20 09:41:29 CET 2012 r...@t3.nmi:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Geode(TM) Integrated Processor by AMD PCS ("AuthenticAMD" 586-class) 499 MHz cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX real mem = 267976704 (255MB) avail mem = 253517824 (241MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 11/05/08, BIOS32 rev. 0 @ 0xfd088 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xe/0xa800 cpu0 at mainbus0: (uniprocessor) pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 1 function 0 "AMD Geode LX" rev 0x33 glxsb0 at pci0 dev 1 function 2 "AMD Geode LX Crypto" rev 0x00: RNG AES vr0 at pci0 dev 9 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 10, address 00:0d:b9:25:8f:ec ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr1 at pci0 dev 11 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 15, address 00:0d:b9:25:8f:ed ukphy1 at vr1 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 glxpcib0 at pci0 dev 15 function 0 "AMD CS5536 ISA" rev 0x03: rev 3, 32-bit 3579545Hz timer, watchdog, gpio, i2c freq=0x7f gpio0 at glxpcib0: 32 pins iic0 at glxpcib0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 glxpcib0: negative ack, flags=0 pciide0 at pci0 dev 15 function 2 "AMD CS5536 IDE" rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: wd0: 1-sector PIO, LBA48, 3815MB, 7813120 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 ignored (disabled) ohci0 at pci0 dev 15 function 4 "AMD CS5536 USB" rev 0x02: irq 12, version 1.0, legacy support ehci0 at pci0 dev 15 function 5 "AMD CS5536 USB" rev 0x02: irq 12 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "AMD EHCI root hub" rev 2.00/1.00 addr 1 isa0 at glxpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pcppi0 at isa0 port 0x61 spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 usb1 at ohci0: USB revision 1.0 uhub1 at usb1 "AMD OHCI root hub" rev 1.00/1.00 addr 1 mtrr: K6-family MTRR support (2 registers) nvram: invalid checksum vscsi0 at root scsibus0 at vscsi0: 256 targets softraid0 at root scsibus1 at softraid0: 256 targets root on wd0a (c8fc559b0e991404.a) swap on wd0b dump on wd0b clock: unknown CMOS layout -- Michal Mazurek
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
> Eh, that's exactly what I described in the mail. > > Anyway, the OP has a problem with this error message > appearing over and over durin an installation. correct, but with the upgrade of ram this problem is resolved or is only a problem to the battery? -- Cardi Francesco alias Il Parente Free Software activist Diaspora*: https://joindiaspora.com/u/ilparente Identi.ca: https://identi.ca/cardifrancesco Jabber: ilpare...@jabber.org
5.0 Stable (amd64) build appears broken.
arrrgh. hit the send b4 that was finished, anyways I install 5.0 AMD64 base.. # uname -a OpenBSD jimg.indx.ca 5.0 GENERIC.MP#63 amd64 then fetch the patchbranch source.. export CVSROOT=anon...@anoncvs1.ca.openbsd.org:/cvs cvs -d$CVSROOT checkout -rOPENBSD_5_0 -P src ports xenocara then do the kernel make # cd /usr/src/sys/arch/amd64/conf # config GENERIC config: symlink(machine -> ../../../../arch/amd64/include): File exists config: symlink(amd64 -> machine): File exists *** Stop. (this is where we start to go sideways, but mebbe file extance is ok..) # cd ../compile/GENERIC # make clean # make cc -Werror -Wall -Wstrict-prototypes -Wmissing-prototypes -Wno-main -Wno-uninitialized -Wno-format -Wstack-larger-than-2047 -mcmodel=kernel -mno-red-zone -mno-sse2 -mno-sse -mno-3dnow -mno-mmx -msoft-float -fno-omit-frame-pointer -fno-builtin-printf -fno-builtin-snprintf -fno-builtin-vsnprintf -fno-builtin-log -fno-builtin-log2 -fno-builtin-malloc -O2 -pipe -nostdinc -I. -I../../../.. -I../../../../arch -DDDB -DDIAGNOSTIC -DKTRACE -DACCOUNTING -DKMEMSTATS -DPTRACE -DCRYPTO -DSYSVMSG -DSYSVSEM -DSYSVSHM -DUVM_SWAP_ENCRYPT -DCOMPAT_43 -DCOMPAT_O48 -DLKM -DFFS -DFFS2 -DFFS_SOFTUPDATES -DUFS_DIRHASH -DQUOTA -DEXT2FS -DMFS -DNFSCLIENT -DNFSSERVER -DCD9660 -DUDF -DMSDOSFS -DFIFO -DSOCKET_SPLICE -DTCP_SACK -DTCP_ECN -DTCP_SIGNATURE -DINET -DALTQ -DINET6 -DIPSEC -DPPP_BSDCOMP -DPPP_DEFLATE -DPIPEX -DMROUTING -DMPLS -DBOOT_CONFIG -DUSER_PCICONF -DAPERTURE -DMTRR -DNTFS -DPCIVERBOSE -DUSBVERBOSE -DWSDISPLAY_COMPAT_USL -DWSDISPLAY_COMPAT_RAWKBD -DWSDISPLAY_DEFAULTSCREENS="6" -DWS! DISPLAY_COMPAT_PCVT -DX86EMU -DONEWIREVERBOSE -DMAXUSERS=80 -D_KERNEL -MD -MP -c ioconf.c cc1: warnings being treated as errors ioconf.c:803: warning: excess elements in struct initializer ioconf.c:803: warning: (near initialization for 'cfdata[0]') ioconf.c:805: warning: excess elements in struct initializer ioconf.c:1521: warning: (near initialization for 'cfdata[359]') ioconf.c:1523: warning: excess elements in struct initializer ioconf.c:1523: warning: (near initialization for 'cfdata[360]') *** Error code 1 Stop in /usr/src/sys/arch/amd64/compile/GENERIC (line 735 of Makefile). # And thats all. Same thing happens trying to build 5.0stable on a 4.9 system... Any help would be appreciated, Thanks, Dhu -- Duncan Patton a Campbell is Dhu >>> Ne obliviscaris, vix ea nostro voco.
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
On Feb 20 07:38:47, Carson Chittom wrote: > Stuart Henderson writes: > > > On 2012-02-20, Jan Stary wrote: > >> I have seen this message after power-cycling an ALIX. > >> If completely switched off (take the power cord out), > >> the message appears on the next boot. On subsequent soft > >> reboots (without taking the power cord out) the message > >> does not appear. That makes me speculate that the battery > >> does not really work: it only keeps a charge when AC > >> is plugged in. > > > > Most models of Alix do not have a battery > > I figure Jan has already thought of this, but for my own edification: > wouldn't putting ntpd_flags="-s" in /etc/rc.conf.local--well, not fix, > but hide the problem (provided there is network connectivity) once the > system actually comes up? Or would that Be Bad? Eh, that's exactly what I described in the mail. Anyway, the OP has a problem with this error message appearing over and over durin an installation.
5.0 Stable (amd64) build appears broken.
I install 5.0 AMD64 base.. # uname -a OpenBSD jimg.indx.ca 5.0 GENERIC.MP#63 amd64 -- Duncan Patton a Campbell is Dhu >>> Ne obliviscaris, vix ea nostro voco.
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
Stuart Henderson writes: > On 2012-02-20, Jan Stary wrote: >> I have seen this message after power-cycling an ALIX. >> If completely switched off (take the power cord out), >> the message appears on the next boot. On subsequent soft >> reboots (without taking the power cord out) the message >> does not appear. That makes me speculate that the battery >> does not really work: it only keeps a charge when AC >> is plugged in. > > Most models of Alix do not have a battery I figure Jan has already thought of this, but for my own edification: wouldn't putting ntpd_flags="-s" in /etc/rc.conf.local--well, not fix, but hide the problem (provided there is network connectivity) once the system actually comes up? Or would that Be Bad?
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
> I was responding to a followup mail, not directly about your problem ah ok ;) >> The problem that is annoying the bios, maybe > > Normally the 'CHECK AND RESET THE DATE' message is non-fatal > and only prints once. > > Did you read Nick's message about memory? Yes I read everything, so the problem is that OpenBSD requires minimum 32 MB RAM? -- Cardi Francesco alias Il Parente Free Software activist Diaspora*: https://joindiaspora.com/u/ilparente Identi.ca: https://identi.ca/cardifrancesco Jabber: ilpare...@jabber.org
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
On 2012/02/20 14:02, Francesco Cardi wrote: > > Most models of Alix do not have a battery > > > > The computer is a MITAC 6133 has a battery that is discharged permanently. I was responding to a followup mail, not directly about your problem > The problem that is annoying the bios, maybe Normally the 'CHECK AND RESET THE DATE' message is non-fatal and only prints once. Did you read Nick's message about memory?
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
On 2012-02-20, Jan Stary wrote: > I have seen this message after power-cycling an ALIX. > If completely switched off (take the power cord out), > the message appears on the next boot. On subsequent soft > reboots (without taking the power cord out) the message > does not appear. That makes me speculate that the battery > does not really work: it only keeps a charge when AC > is plugged in. Most models of Alix do not have a battery
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
On Feb 20 11:03:34, Francesco Cardi wrote: > Unfortunately there is no way forward is blocked at that time, in > moemnto where there is loading and the first phase of installation. > 16 mb ram does not go well with OpenBSD? > > > I have seen this message after power-cycling an ALIX. > > If completely switched off (take the power cord out), > > the message appears on the next boot. On subsequent soft > > reboots (without taking the power cord out) the message > > does not appear. That makes me speculate that the battery > > does not really work: it only keeps a charge when AC > > is plugged in. > > > > >> You may have other problems with the machine you are using -- normally > >> the clock time error is not fatal...just a "hey, your RTclock is hosed > >> and as time is pretty important to a unix machine, you might want to > >> know this" type warning and move on. > > > > Indeed, the clock gets 'ntpd -s'd on boot and I don't > > experience any time-related problems. > > > > The battery does not work, I use the notebook to connect the AC cord. > I want to install OpenBSD without buying a new battery, do not want to > spend money on a very old notebook. > There is a possibility to load a parameter from the boot to eliminate > this problem? Boot the machine, go to the BIOS, set the date. Then reboot, and only go to the bsd install with this second boot, when time is already set. Does it still complain?
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
Unfortunately there is no way forward is blocked at that time, in moemnto where there is loading and the first phase of installation. 16 mb ram does not go well with OpenBSD? > I have seen this message after power-cycling an ALIX. > If completely switched off (take the power cord out), > the message appears on the next boot. On subsequent soft > reboots (without taking the power cord out) the message > does not appear. That makes me speculate that the battery > does not really work: it only keeps a charge when AC > is plugged in. > >> You may have other problems with the machine you are using -- normally >> the clock time error is not fatal...just a "hey, your RTclock is hosed >> and as time is pretty important to a unix machine, you might want to >> know this" type warning and move on. > > Indeed, the clock gets 'ntpd -s'd on boot and I don't > experience any time-related problems. > The battery does not work, I use the notebook to connect the AC cord. I want to install OpenBSD without buying a new battery, do not want to spend money on a very old notebook. There is a possibility to load a parameter from the boot to eliminate this problem? -- Cardi Francesco alias Il Parente Free Software activist Diaspora*: https://joindiaspora.com/u/ilparente Identi.ca: https://identi.ca/cardifrancesco Jabber: ilpare...@jabber.org
Re: WARNING: CHECK AND RESET THE DATE! [not installation]
> On 02/19/12 20:41, Francesco Cardi wrote: > > Hello, I want to install OpenBSD 5.0 on a very old laptop with 16 mb > > ram and a 500mhz celeron processor. I start the boot from the cd > > starts to load but then appears on the screen a writing that is > > repeated ad infinitum "WARNING: CHECK AND RESET THE DATE! clock time > > much less time than file sytem using file system time " I set the > > clock from the bios, but do not solve the problem. There's one thing > > to point out, the battery does not work then when you turn off the > > time you just saved. I have seen this message after power-cycling an ALIX. If completely switched off (take the power cord out), the message appears on the next boot. On subsequent soft reboots (without taking the power cord out) the message does not appear. That makes me speculate that the battery does not really work: it only keeps a charge when AC is plugged in. On Feb 19 22:54:29, Nick Holland wrote: > You may have other problems with the machine you are using -- normally > the clock time error is not fatal...just a "hey, your RTclock is hosed > and as time is pretty important to a unix machine, you might want to > know this" type warning and move on. Indeed, the clock gets 'ntpd -s'd on boot and I don't experience any time-related problems.
Re: smartphones and managing openbsd servers
Nokia 5230 Software 51.0.002 SSH client: PuTTY for Symbian OS http://s2putty.sourceforge.net/ http://s2putty.sourceforge.net/download.html putty_s60v3_1.5.2.zip putty_s60v3_1.5.2.sisx no fun but works. Mode: Input a line, send. bye, Marcus h...@osvaldobarrera.com.ar (Hugo Osvaldo Barrera), 2012.02.20 (Mon) 06:00 (CET): > On 2012-02-18 20:06, Marcos Ariel Laufer wrote: > > Hello list, > > This might not be OpenBSD specific, but maybe users can share their > > experiences with smartphones an managing OpenBSD servers. > > So far, my smartphone has been a very usefull tool to manage my OpenBSD > > servers. Currently i am using a Palm Treo 680 with some lousy ssh > > application to access my servers, it is usefull, but this is getting > > pretty ancient, doesn't have wifi for exaple, and i would like that > > feature on a smartphone. I also love the touch screen. > > What newer smartphones do you recommend for using also as a tool for > > managing OpenBSD servers (maybe windogs too) ? What experiences had you > > had with smartphones and OpenBSD managing? > > > > Best regards, > > Marcos > > > > I use a Nokia N900 for this. It's a real GNU/Linux, so you you get ssh > out-of-the-box, and there's other stuff you might occasionally use (like > rsync). > It also has a pretty good hardware keyboard, which I feel is a must in > order to use ssh comfortably, and makes the real difference. > I log into OpenBSD servers on a daily basis (well, just two servers > actually), and it's pretty good. > > -- > Hugo Osvaldo Barrera