Lenceria Erotica 4Bidden 43% OFF | Paseo en Velero 68% OFF | Parrilla Electrica 58 % OFF | Juguera S/Pulpa 56 % OFF | Fabrica de Helados Nova 51% OFF | Lifting sin cirugía 50% OFF

2012-04-04 Thread Bonus Cupon 
Para visualizar correctamente este newsletter ingresa a
http://news.bonuscupon.com.ar/r.html?uid=1.3d.3dsc.1if.dr2fd7d5l2

Re: similar behaviour to Linux netstat -lpn ?

2012-04-04 Thread Tomas Bodzar 
On Tue, Apr 3, 2012 at 4:21 PM, PP;QQ P(P8P?P8QP8P= chipits...@gmail.com 
wrote:
 Hello!

 I'd like to see every program (with program name) that listen something on
 network. I can achive that on Linux by running netstat -lpn, like that

 server:~# netstat -lpn
 Active Internet connections (only servers)
 Proto Recv-Q Send-Q Local Address B  B  B  B  B  Foreign Address
 State B  B  B  PID/Program name
 tcp B  B  B  B 0 B  B  B 0 0.0.0.0:25 B  B  B  B  B  B  B 0.0.0.0:*
 LISTEN B  B  B 411/master
 tcp B  B  B  B 0 B  B  B 0 0.0.0.0:445 B  B  B  B  B  B  0.0.0.0:*
 LISTEN B  B  B 428/smbd
 tcp B  B  B  B 0 B  B  B 0 0.0.0.0:139 B  B  B  B  B  B  0.0.0.0:*
 LISTEN B  B  B 428/smbd
 tcp B  B  B  B 0 B  B  B 0 0.0.0.0:111 B  B  B  B  B  B  0.0.0.0:*
 LISTEN B  B  B 263/portmap
 tcp B  B  B  B 0 B  B  B 0 127.0.0.1:20209 B  B  B  B  0.0.0.0:*
 LISTEN B  B  B 8547/dkim-filter
 tcp B  B  B  B 0 B  B  B 0 0.0.0.0:22 B  B  B  B  B  B  B 0.0.0.0:*
 LISTEN B  B  B 343/sshd
 tcp6 B  B  B  0 B  B  B 0 :::22 B  B  B  B  B  B  B  B  B  :::*
 LISTEN B  B  B 343/sshd
 udp B  B  B  B 0 B  B  B 0 0.0.0.0:111 B  B  B  B  B  B  0.0.0.0:*
 263/portmap
 udp B  B  B  B 0 B  B  B 0 0.0.0.0:37764 B  B  B  B  B  0.0.0.0:*
 8547/dkim-filter
 udp B  B  B  B 0 B  B  B 0 127.0.0.2:137 B  B  B  B  B  0.0.0.0:*
 421/nmbd
 udp B  B  B  B 0 B  B  B 0 192.168.7.21:137 B  B  B  B 0.0.0.0:*
 421/nmbd
 udp B  B  B  B 0 B  B  B 0 0.0.0.0:137 B  B  B  B  B  B  0.0.0.0:*
 421/nmbd
 udp B  B  B  B 0 B  B  B 0 127.0.0.2:138 B  B  B  B  B  0.0.0.0:*
 421/nmbd
 udp B  B  B  B 0 B  B  B 0 192.168.7.21:138 B  B  B  B 0.0.0.0:*
 421/nmbd
 udp B  B  B  B 0 B  B  B 0 0.0.0.0:138 B  B  B  B  B  B  0.0.0.0:*
 421/nmbd


 is there similar things for OpenBSD ?

http://www.feyrer.de/NetBSD/bx/blosxom.cgi/nb_20101002_2009.html


 Cheers,
 Ilya Shipitsin

Re: Route Target Import / Export in bgpd

2012-04-04 Thread Rémi Philippe 
Hello,
Any hints on how to troubleshoot this issue? I'm looking for some kind
of debug to see what is going from rib to fib in order to understand
why the prefixes are not imported.

Thanks,

Rimi

Le 1 avril 2012 16:24, Rimi Philippe m...@remiphilippe.fr a icrit :
 Hello,
 I'm testing OpenBSD with L3VPN, everything is working fine except from
 the RT import / export side.

 I usually configure my VPN with PE Loopback:identifier, so my config
 looks like this:
 PE1:
 rdomain 20 {
 rd 1.1.1.1:20
 import-target rt 2.2.2.2:20
 export-target rt 1.1.1.1:20
 depend on mpe20
 network inet connected
 }

 PE2:
 rdomain 20 {
 rd 2.2.2.2:20
 import-target rt 1.1.1.1:20
 export-target rt 2.2.2.2:20
 depend on mpe20
 network inet connected
 }

 This kind of configuration works on Cisco devices for example, but here

 PE1:

 # bgpctl show fib table 20
 flags: * = valid, B = BGP, C = Connected, S = Static
N = BGP Nexthop reachable via this route
r = reject route, b = blackhole route

 flags prio destination  gateway
 *C   0 127.0.0.0/8  link#0
 *C   4 172.16.35.0/24   link#2
 *C   0 ::1/128  link#0

 PE2:

 # bgpctl sho fib table 20
 flags: * = valid, B = BGP, C = Connected, S = Static
N = BGP Nexthop reachable via this route
r = reject route, b = blackhole route

 flags prio destination  gateway
 *C   0 127.0.0.0/8  link#0
 *C   4 172.16.39.0/24   link#3
 *C   0 ::1/128  link#0

 It works fine when I set the same RD on both PE, but that's not really
 what I'm looking for.

 I can't find much debug information, any hints on how to tshoot this?

 Thanks for your help,

 Remi

Tost Makinası Yapmak Yerine Bize Satabilirsiniz

2012-04-04 Thread Ebru Özen 
Resimleri gvremiyor musunuz? Resimleri gvsteri segin ya da bu iletiyi
tarayD1cD1nD1zda gvr|nt|leyin.
Bilgilendirme e-postalarD1nD1 almak istemiyorsanD1z l|tfen tD1klayD1n.

[IMAGE]

0212 252 15 75

Eski

Notebookunuzdan

Tost Makinesi

YapmayD1

Deneyebilirsiniz

[IMAGE]

Ya da Bize SatarsD1nD1z!

Onlar Gok DeDerliydiler KD1yamD1yorsunuz... Ama ArtD1k Eskidiler! Onlara
sizin verdiDiniz deDeri biz de veriyoruz...

MarkasD1 ve modeli her ne olursa olsun eski notebook, bilgisayar,
yazD1cD1 ve monitvrlerinizi en uygun fiyata geri alD1yoruz.

[IMAGE]

D0nvn| Caddesi Teknik Han No:38 Kat:3

G|m|Esuyu, Taksim / D0stanbul

0 212 252 15 75

www.bilgisayarhastanesi.com

[IMAGE]

Magistral Curso de La Estrategia del Océano Azul Ultimo dia para Inscribierse

2012-04-04 Thread Elena Medina 
Apreciable Ejecutivo:

TIEM de Mixico
Empresa Lmder en Capacitacisn y Actualizacisn de Capital Humano

Debido al gran ixito de la conferencia, y porque usted lo pidis ahora en
curso:
Estrategia del Ociano Azul
En la Ciudad de Mixico, el dma 18 de Abril

Inscribase antes del 13 de Abril y aprobeche un 15% de descuento.

La estrategia del Ociano Azul, plantea dos escenarios un ociano rojo que
busca superar a la competencia con el fin de obtener una porcisn de un mercado
existente y un  ociano azul, que consiste en buscar un mercado virgen que
nadie haya tocado y que tenga el potencial de crecer.

En los ocianos rojos, la competencia pone las reglas; en los ocianos azules,
la competencia se vuelve irrelevante. Esta estrategia se conoce como
innovacisn de valor y es diferente a la ventaja competitiva, ya que no se
enfoca en vencer a la competencia, sino que se enfoca en hacer a la
competencia irrelevante al ofrecer un valor fundamentalmente nuevo y superior
a sus clientes para crear nueva demanda.

En este Curso con un enfoque muy practico, los participantes aprenderan csmo
desarrollar y pensar en una Estrategia de Ociano Azul..

Objetivo:
Proporcionar la metodologma para desarrollar estrategias y propuestas de valor
para generar demandas latentes y de alto valor y poder competir en nuevos
mercados/segmentos, con diferenciacisn y con una orientacisn a los no clientes
tradicionales.

Para mayor informacisn, favor de responder este correo con los siguientes
datos:
 Empresa:
 Nombre:
 Ciudad:
 Telifono:

O si lo prefiere comunmquese a los telifonos:

Del DF al 5611-0969 con 10 lmneas
Interior del Pams Lada sin Costo
01 800 900 TIEM (8436)
Aceptamos todas las TDC y Dibito.
**Promocisn: 3 meses sin Intereses pagando con American Express
**Aplica solo con Inversisn Normal

.Todos los Derechos Reservados )2011 TIEM Talento e Innovacisn Empresarial
de Mixico
Este Mensaje le ha sido enviado como usuario de TIEM de Mixico o bien un
usuario le refiris para recibir este boletmn.
Como usuario de TIEM de Mixico, en este acto autoriza de manera expresa que
TIEM de Mixico le puede contactar vma correo electrsnico u otros medios.
Si usted ha recibido este mensaje por error, haga caso omiso de il y reporte
su cuenta respondiendo este correo con el subject BAJABD
Unsubscribe to this mailing list, reply a blank message with the subject
UNSUBSCRIBE BAJABD
Tenga en cuenta que la gestisn de nuestras bases de datos es de suma
importancia y no es intencisn de la empresa la inconformidad del receptor.

CMedia 8788 (Asus Xonar D2X)

2012-04-04 Thread Patsy 

Hi list,

I'm wondering if anybody is working on support for the Asus Xonar
D2X (a branded CMedia 8788).

If not, then I was planning on having a look at the OSS driver from
http://developer.opensound.com/sources/ (the page states that the
sources are GPLv2 or CDDL 1, but I think it just hasn't been updated
(there are source tarballs available in a bsd directory that
includes a 2-clause BSD licence.

Is there any reason that this would be a bad place to start? If so,
can anybody suggest a better place?

Thanks,
Patsy

ALTQ and VLAN interfaces

2012-04-04 Thread Peter Farmer 
Hi All,

I have the following OpenBSD multi-tenant firewall setup:

   |
+-+---+++---+---+
| |   vlan10  |||vlan11 |   |
| | 195.188.200.a |--(em0)--| 195.188.201.a |   |
| | 195.188.200.b | | 195.188.201.b |   |
| |   rdomain 1   | |   rdomain 2   |   |
| +---+ +---+   |
|   |
| +---+ +---+   |
| |vlan160| |vlan161|   |
| |  10.1.160.1   |--(em1)--|  10.1.160.1   |   |
| |  rdomain 160  |||  rdomain 161  |   |
+-+---+++---+---+
   |

vlan10 and vlan11 represent the PUBLIC side of the firewall and each
vlan has a separate rdomain. A customer could be assigned IP addresses
from both vlan10 and vlan11. Traffic from vlans 160 and 161 is then
natted out of vlan10 and vlan11 using pf rules (and vice-verse, with
some tagging). vlan160 and vlan161 represent the customer side of the
firewall, ip addresses on this side can only be rfc1918, but can be
the same subnets in each vlan (hence separate rdomains). What I'd like
to be able to do is queue traffic as it leaves the firewall, both
north and south, but I'm unsure as to where to enable altq. Should I
do:

# out being out of em0
altq on em0 cbq bandwidth 300Mb queue { INT_em0, queue1_out, queue2_out }
queue INT_em0 bandwidth 100Mb cbq(default)
queue queue1_out bandwidth 100Mb cbq(ecn)
queue queue2_out bandwidth 100Mb cbq(ecn)

# Using pass in to keep state for packets coming back out of vlan10
pass in on vlan10 from any to 195.188.200.a queue queue1_out
pass in on vlan10 from any to 195.188.200.b queue queue2_out

# in being out of em1
altq on em1 cbq bandwidth 300Mb queue { INT_em1, queue1_in, queue2_in }
queue INT_em1 bandwidth 100Mb cbq(default)
queue queue1_in bandwidth 100Mb cbq(ecn)
queue queue2_in bandwidth 100Mb cbq(ecn)

# Using pass in to keep state for packets coming back out of vlan160 or vlan161
pass in on vlan160 from any to any queue queue1_in
pass in on vlan160 from any to any queue queue2_in



or should I do:

altq on vlan10 cbq bandwidth 300MB queue { INT_vlan10, queue1_out, queue2_out }
queue INT_vlan10 bandwidth 100Mb cbq(default)
queue queue1_out bandwidth 100Mb cbq(ecn)
queue queue2_out bandwidth 100Mb cbq(ecn)

# Using pass in to keep state for packets coming back out of vlan10
pass in on vlan10 from any to 195.188.200.a queue queue1_out
pass in on vlan10 from any to 195.188.200.b queue queue2_out

# in being out of vlan160
altq on vlan160 cbq bandwidth 100Mb queue { INT_vlan160 }
queue INT_vlan160 bandwidth 100Mb cbq(default)

# Using pass in to keep state for packets coming back out of vlan160 or vlan161
pass in on vlan160 from any to any queue queue1_in
pass in on vlan160 from any to any queue queue2_in


With altq statements for each vlan interface.

Ideally I'd want to do altq on the vlan parent interface.


Thanks,

Peter

Re: Route Target Import / Export in bgpd

2012-04-04 Thread Claudio Jeker 
On Wed, Apr 04, 2012 at 10:37:20AM +0200, Rimi Philippe wrote:
 Hello,
 Any hints on how to troubleshoot this issue? I'm looking for some kind
 of debug to see what is going from rib to fib in order to understand
 why the prefixes are not imported.
 

Hmm. Looks like I go t confused by the old BGP MPLS VPN RFC where the RD
was somewhat strangly declared. In other words bgpd filters on the RD as
well. This is a bug and I will fix it ASAP.

-- 
:wq Claudio

 Thanks,
 
 Rimi
 
 Le 1 avril 2012 16:24, Rimi Philippe m...@remiphilippe.fr a icrit :
  Hello,
  I'm testing OpenBSD with L3VPN, everything is working fine except from
  the RT import / export side.
 
  I usually configure my VPN with PE Loopback:identifier, so my config
  looks like this:
  PE1:
  rdomain 20 {
  rd 1.1.1.1:20
  import-target rt 2.2.2.2:20
  export-target rt 1.1.1.1:20
  depend on mpe20
  network inet connected
  }
 
  PE2:
  rdomain 20 {
  rd 2.2.2.2:20
  import-target rt 1.1.1.1:20
  export-target rt 2.2.2.2:20
  depend on mpe20
  network inet connected
  }
 
  This kind of configuration works on Cisco devices for example, but here
 
  PE1:
 
  # bgpctl show fib table 20
  flags: * = valid, B = BGP, C = Connected, S = Static
 N = BGP Nexthop reachable via this route
 r = reject route, b = blackhole route
 
  flags prio destination  gateway
  *C   0 127.0.0.0/8  link#0
  *C   4 172.16.35.0/24   link#2
  *C   0 ::1/128  link#0
 
  PE2:
 
  # bgpctl sho fib table 20
  flags: * = valid, B = BGP, C = Connected, S = Static
 N = BGP Nexthop reachable via this route
 r = reject route, b = blackhole route
 
  flags prio destination  gateway
  *C   0 127.0.0.0/8  link#0
  *C   4 172.16.39.0/24   link#3
  *C   0 ::1/128  link#0
 
  It works fine when I set the same RD on both PE, but that's not really
  what I'm looking for.
 
  I can't find much debug information, any hints on how to tshoot this?
 
  Thanks for your help,
 
  Remi

Re: OpenOSPFD crashes when using mpls traffic-eng on Cisco

2012-04-04 Thread Chris Wopat 
 From: Claudio Jeker cje...@diehard.n-r-g.com

 Thanks for the log and tcpdumps. It seems you're the first person to try
 opaque LSA against ospfd. Can you give the following diff a spin?
 I think this will solve the problems.

Claudio,

Thanks for the patch. I've compiled this in a lab and indeed things
are indeed stable.

lab# ospfctl show neigh | grep  FULL
1.0.0.80200 FULL/DR  00:00:37 10.1.1.80   em0   18:41:01
1.0.0.72100 FULL/BCKUP   00:00:30 10.1.1.72   em0   18:41:0

Out of curiosity, why is the default to terminate instead of ignore
the invalid LSA?

Re: Route Target Import / Export in bgpd

2012-04-04 Thread Rémi Philippe 
Thanks Claudio.
The way I see it is that RD are only local, they identify the VRF (or
rdomain) locally on the router, then the RT import / export handles
the way the routes are distributed. This permits the hub  spoke
approach for example.

If you need help on the testing side feel free to send me the code,
I'll give it a try.

Rimi

Le 4 avril 2012 13:28, Claudio Jeker cje...@diehard.n-r-g.com a icrit :
 On Wed, Apr 04, 2012 at 10:37:20AM +0200, Rimi Philippe wrote:
 Hello,
 Any hints on how to troubleshoot this issue? I'm looking for some kind
 of debug to see what is going from rib to fib in order to understand
 why the prefixes are not imported.


 Hmm. Looks like I go t confused by the old BGP MPLS VPN RFC where the RD
 was somewhat strangly declared. In other words bgpd filters on the RD as
 well. This is a bug and I will fix it ASAP.

 --
 :wq Claudio

 Thanks,

 Rimi

 Le 1 avril 2012 16:24, Rimi Philippe m...@remiphilippe.fr a icrit :
  Hello,
  I'm testing OpenBSD with L3VPN, everything is working fine except from
  the RT import / export side.
 
  I usually configure my VPN with PE Loopback:identifier, so my config
  looks like this:
  PE1:
  rdomain 20 {
  rd 1.1.1.1:20
  import-target rt 2.2.2.2:20
  export-target rt 1.1.1.1:20
  depend on mpe20
  network inet connected
  }
 
  PE2:
  rdomain 20 {
  rd 2.2.2.2:20
  import-target rt 1.1.1.1:20
  export-target rt 2.2.2.2:20
  depend on mpe20
  network inet connected
  }
 
  This kind of configuration works on Cisco devices for example, but here
 
  PE1:
 
  # bgpctl show fib table 20
  flags: * = valid, B = BGP, C = Connected, S = Static
 N = BGP Nexthop reachable via this route
 r = reject route, b = blackhole route
 
  flags prio destination  gateway
  *C   0 127.0.0.0/8  link#0
  *C   4 172.16.35.0/24   link#2
  *C   0 ::1/128  link#0
 
  PE2:
 
  # bgpctl sho fib table 20
  flags: * = valid, B = BGP, C = Connected, S = Static
 N = BGP Nexthop reachable via this route
 r = reject route, b = blackhole route
 
  flags prio destination  gateway
  *C   0 127.0.0.0/8  link#0
  *C   4 172.16.39.0/24   link#3
  *C   0 ::1/128  link#0
 
  It works fine when I set the same RD on both PE, but that's not really
  what I'm looking for.
 
  I can't find much debug information, any hints on how to tshoot this?
 
  Thanks for your help,
 
  Remi

Re: OpenOSPFD crashes when using mpls traffic-eng on Cisco

2012-04-04 Thread Claudio Jeker 
On Wed, Apr 04, 2012 at 07:01:14AM -0500, Chris Wopat wrote:
  From: Claudio Jeker cje...@diehard.n-r-g.com
 
  Thanks for the log and tcpdumps. It seems you're the first person to try
  opaque LSA against ospfd. Can you give the following diff a spin?
  I think this will solve the problems.
 
 Claudio,
 
 Thanks for the patch. I've compiled this in a lab and indeed things
 are indeed stable.
 
 lab# ospfctl show neigh | grep  FULL
 1.0.0.80200 FULL/DR  00:00:37 10.1.1.80   em0   18:41:01
 1.0.0.72100 FULL/BCKUP   00:00:30 10.1.1.72   em0   18:41:0
 
 Out of curiosity, why is the default to terminate instead of ignore
 the invalid LSA?

Invalid LSA should not make it into the LSDB and therefor not into the SPF
calculation. The problem was, that I added the opaque LSA support in opsfd
whithout any way to test them correctly (my bad) and forgot that having
them inside the LSDB will cause the SPF calculation to run into those
nodes when recalculating even though they're not referenced by any other
node. I guess we could ignore these nodes but at the same time it is an
indication of a bigger problem and that should be fixed. So in the end the
fatals are there to generate bug reports in case something unexpected
happens.
-- 
:wq Claudio

Re: CMedia 8788 (Asus Xonar D2X)

2012-04-04 Thread Alexandre Ratchov 
On Wed, Apr 04, 2012 at 09:52:49AM +, Patsy wrote:
 Hi list,
 
 I'm wondering if anybody is working on support for the Asus Xonar
 D2X (a branded CMedia 8788).
 
 If not, then I was planning on having a look at the OSS driver from
 http://developer.opensound.com/sources/ (the page states that the
 sources are GPLv2 or CDDL 1, but I think it just hasn't been updated
 (there are source tarballs available in a bsd directory that
 includes a 2-clause BSD licence.
 
 Is there any reason that this would be a bad place to start? If so,
 can anybody suggest a better place?

IMHO the best place to start is the CMI-8788 datasheet. Note that
this is only the PCI part, and you may have to figure out which
codecs the card uses, how they are wired, and get codecs datasheet
as well. At this stage oss or linux code might be very helpful.

-- Alexandre

Question on LPD and OpenBSD printing

2012-04-04 Thread Girish Venkatachalam 
Dear all,

If this is OT kindly pardon me.

I have a script based on Net::LPR.

#!/usr/bin/perl -w

  use strict;
  use vars '@ARGV';

  use Net::LPR;
  use IO::File;

  die usage: $0 filename printer queue\n if (@ARGV != 3);

  my $lp = new Net::LPR(
StrictRFCPorts = 0,
RemoteServer = $ARGV[1],
RemotePort = 515,
PrintErrors = 0,
RaiseErrors = 0,
  ) or die Can't create print context\n;

  my $fh = new IO::File $ARGV[0], O_RDONLY or die Can't open $ARGV[0]:
$!\n;
  my $size = ($fh-stat())[7]; # Hope file doesn't change while printing

  $lp-connect() or die Can't connect to printer: .$lp-error.\n;
  my $jobkey = $lp-new_job() or die Can't create new job:
.$lp-error.\n;
  $lp-send_jobs('lp') or die Can't send jobs: .$lp-error.\n;
  # Can easily print postscript by changing method to job_mode_postscript
  $lp-job_mode_text($jobkey) or die Can't set job mode to text:
.$lp-error.\n;
  #$lp-job_mode_postscript($jobkey) or die Can't set job mode to
text: .$lp-error.;
  $lp-job_send_control_file($jobkey) or die Can't send control file:
.$lp-error.\n
  $lp-job_send_data($jobkey, '', $size);

  while (my $line = $fh-getline()) {
$lp-job_send_data($jobkey, $line);
  }

  $lp-disconnect();

I try this against a HP Professional m1213ncj printer and it does nothing.

Is there a way to use netcat to print directly to the JetDirect port 9100?

I find this ppd in hpijs package but the printer is on the network.

What to do?

I tried both postscript printing and text printing.

The silence and laziness of the printer is positively boring.

What do you think?

-Girish

--
G3 Tech
Networking appliance company
web: http://g3tech.in  mail: gir...@g3tech.in

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Girish Venkatachalam 
I mean HP m1213nf

On Wed, Apr 4, 2012 at 8:35 PM, Girish Venkatachalam
girishvenkatacha...@gmail.com wrote:
 Dear all,

 If this is OT kindly pardon me.

 I have a script based on Net::LPR.

 #!/usr/bin/perl -w

  use strict;
  use vars '@ARGV';

  use Net::LPR;
  use IO::File;

  die usage: $0 filename printer queue\n if (@ARGV != 3);

  my $lp = new Net::LPR(
StrictRFCPorts = 0,
RemoteServer = $ARGV[1],
RemotePort = 515,
PrintErrors = 0,
RaiseErrors = 0,
  ) or die Can't create print context\n;

  my $fh = new IO::File $ARGV[0], O_RDONLY or die Can't open $ARGV[0]:
$!\n;
  my $size = ($fh-stat())[7]; # Hope file doesn't change while printing

  $lp-connect() or die Can't connect to printer: .$lp-error.\n;
  my $jobkey = $lp-new_job() or die Can't create new job:
.$lp-error.\n;
  $lp-send_jobs('lp') or die Can't send jobs: .$lp-error.\n;
  # Can easily print postscript by changing method to job_mode_postscript
  $lp-job_mode_text($jobkey) or die Can't set job mode to text:
 .$lp-error.\n;
  #$lp-job_mode_postscript($jobkey) or die Can't set job mode to
 text: .$lp-error.;
  $lp-job_send_control_file($jobkey) or die Can't send control file:
 .$lp-error.\n
  $lp-job_send_data($jobkey, '', $size);

  while (my $line = $fh-getline()) {
$lp-job_send_data($jobkey, $line);
  }

  $lp-disconnect();

 I try this against a HP Professional m1213ncj printer and it does nothing.

 Is there a way to use netcat to print directly to the JetDirect port 9100?

 I find this ppd in hpijs package but the printer is on the network.

 What to do?

 I tried both postscript printing and text printing.

 The silence and laziness of the printer is positively boring.

 What do you think?

 -Girish

 --
 G3 Tech
 Networking appliance company
 web: http://g3tech.in  mail: gir...@g3tech.in



--
G3 Tech
Networking appliance company
web: http://g3tech.in  mail: gir...@g3tech.in

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Jan Stary 
On Apr 04 20:35:52, Girish Venkatachalam wrote:
 I have a script based on Net::LPR.
 I try this against a HP Professional m1213ncj printer and it does nothing.

Before using the script, try to get it printing with just lpr.

 Is there a way to use netcat to print directly to the JetDirect port 9100?

Maybe. What other interfaces does the printer have?
What other ways are there to talk to the printer besides port 9100?
Does it listen on the standard lpd port?

 I find this ppd in hpijs package but the printer is on the network.

I must be missign something here: cannot PPD files be used
with remote printers just as with local printers, via foomatic-filters?

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Girish Venkatachalam 
On Wed, Apr 4, 2012 at 8:58 PM, Jan Stary h...@stare.cz wrote:
 I try this against a HP Professional m1213ncj printer and it does nothing.

 Before using the script, try to get it printing with just lpr.


Failed. It is silent.

nmap reports port as open, if I disable LPD script does not work, so
LPD seems sane
 but it refuses to respond.

 Is there a way to use netcat to print directly to the JetDirect port 9100?

 Maybe. What other interfaces does the printer have?
 What other ways are there to talk to the printer besides port 9100?
 Does it listen on the standard lpd port?


I did an nmap scan. Those are the only ports. It does listen on LPD. 515.

 I find this ppd in hpijs package but the printer is on the network.

 I must be missign something here: cannot PPD files be used
 with remote printers just as with local printers, via foomatic-filters?


You are not missing anything here. I want a config an /etc/printcap
 that can print to this fellow remotely. ;)

Thanks.

-Girish

--
G3 Tech
Networking appliance company
web: http://g3tech.in  mail: gir...@g3tech.in

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Jan Stary 
On Apr 04 21:03:11, Girish Venkatachalam wrote:
 On Wed, Apr 4, 2012 at 8:58 PM, Jan Stary h...@stare.cz wrote:
  I try this against a HP Professional m1213ncj printer and it does nothing.
 
  Before using the script, try to get it printing with just lpr.
 
 
 Failed. It is silent.

What failed? How does your /etc/printcap describe the printer?

 nmap reports port as open,

So the printer runs a lpd daemon that listens on 515/tcp?

if I disable LPD script does not work,

Forget the script for now. Before you get it to print via lpr/lpd,
you will not get it to print with Net::LPD.

 so LPD seems sane but it refuses to respond.

What LPD, the printer's LPD daemon?
How do you talk to it that you know it refuses to respond?

 I did an nmap scan. Those are the only ports. It does listen on LPD. 515.

Good. It runs a lpd daemon. There must be a way to talk to it.

  I find this ppd in hpijs package but the printer is on the network.
 
  I must be missign something here: cannot PPD files be used
  with remote printers just as with local printers, via foomatic-filters?
 
 You are not missing anything here. I want a config an /etc/printcap
  that can print to this fellow remotely. ;)

This is your problem. Not that your homegrown Perl script doesn't work.
Why didn't you say so?

If it speaks postcript (glancing at the specs it might),
you set it up just like any other remote printer
and send postcript files to it.

If it doesn't speak postscript, you might need to
preprocces the printing jobs using the PPD file,
using something like

HP:\
:lp=:rm=a.dd.re.ss:rp=name:\
:af=/etc/foomatic/file.ppd:\
:if=/usr/local/bin/foomatic-rip:\
:sd=/var/spool/output:\
:lf=/var/log/lpd-errs:\
:sh:

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Jan Stary 
On Apr 04 21:54:30, Girish Venkatachalam wrote:
 On Wed, Apr 4, 2012 at 9:40 PM, Jan Stary h...@stare.cz wrote:
  Failed. It is silent.
 
  What failed? How does your /etc/printcap describe the printer?
 
 
 I just modified from the default remote printer commented out section.
 
 rm=ip
 
 lpr is from /usr/bin, not LPRng
 
 I tried that as well.
 
 lpq lists the jobs but nothing happens/moves in the printer.
 

Repeat: how does your printcap decribe the printer?
As in: show me your printcap.

 Having used to protocols all my life I was curious why it would not greet me.
 
 That is all. So I wanted a way to see if it was alive.
 
  so LPD seems sane but it refuses to respond.
 
  What LPD, the printer's LPD daemon?
  How do you talk to it that you know it refuses to respond?
 
 
 Printer works. It prints from Mac machine, not from OpenBSD.

So it is alive, and does not refuse to to respond, right?

  If it doesn't speak postscript, you might need to
  preprocces the printing jobs using the PPD file,
  using something like
 
  HP:\
 :lp=:rm=a.dd.re.ss:rp=name:\
 :af=/etc/foomatic/file.ppd:\
 :if=/usr/local/bin/foomatic-rip:\
 :sd=/var/spool/output:\
 :lf=/var/log/lpd-errs:\
 :sh:
 
 
 I will try that and reply. Hold on.
 
 I am wondering whether there is something else I can do.
 
 I am guessing your /etc/foomatic/file.ppd is nothing but
 
 $ gunzip 
 /usr/local/share/foomatic/db/source/PPD/HP/hp-laserjet_professional_m1213nf_mfp-hpijs.ppd.gz


file.ppd is nothing but a made up name for a file that you
need to replace with the right PPD file for that printer.

 OpenBSD has never give me so much trouble before. ;)

It is not OpenBSD that is giving you trouble.

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Girish Venkatachalam 
On 4/4/12, Jan Stary h...@stare.cz wrote:
 On Apr 04 21:54:30, Girish Venkatachalam wrote:
 On Wed, Apr 4, 2012 at 9:40 PM, Jan Stary h...@stare.cz wrote:
  Failed. It is silent.
 
  What failed? How does your /etc/printcap describe the printer?
 

 I just modified from the default remote printer commented out section.

 rm=ip

 lpr is from /usr/bin, not LPRng

 I tried that as well.

 lpq lists the jobs but nothing happens/moves in the printer.


 Repeat: how does your printcap decribe the printer?
 As in: show me your printcap.


ftp://g3tech.in/printcap

# export PRINTER=rp@IP

# lpr /etc/passwd

 Printer works. It prints from Mac machine, not from OpenBSD.

 So it is alive, and does not refuse to to respond, right?


Correct.


 file.ppd is nothing but a made up name for a file that you
 need to replace with the right PPD file for that printer.


Right.

 OpenBSD has never give me so much trouble before. ;)

 It is not OpenBSD that is giving you trouble.



My ignorance. :)

-Girish

-- 
G3 Tech
Networking appliance company
web: http://g3tech.in  mail: gir...@g3tech.in

Bonjour comment sa va ?

2012-04-04 Thread kristine bouchon 
Bonjour ,


Nous voulons faire don de nos chiots cavalier king charles a toutes familles ou 
personnes qui seraient prjt ` leur montrer amour et affection . 
Si l'annonce vous interesse priere de nous contacter a cette adresse ( 
kristine.bouc...@live.fr ).

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Girish Venkatachalam 
I don't want to use CUPS.

I will also avoid LPRng.

Please guide me.

lpr command from Mac is working like a cake. It uses CUPS and IPP.

-Girish
On 4/4/12, Girish Venkatachalam girishvenkatacha...@gmail.com wrote:
 On 4/4/12, Jan Stary h...@stare.cz wrote:
 On Apr 04 21:54:30, Girish Venkatachalam wrote:
 On Wed, Apr 4, 2012 at 9:40 PM, Jan Stary h...@stare.cz wrote:
  Failed. It is silent.
 
  What failed? How does your /etc/printcap describe the printer?
 

 I just modified from the default remote printer commented out section.

 rm=ip

 lpr is from /usr/bin, not LPRng

 I tried that as well.

 lpq lists the jobs but nothing happens/moves in the printer.


 Repeat: how does your printcap decribe the printer?
 As in: show me your printcap.


 ftp://g3tech.in/printcap

 # export PRINTER=rp@IP

 # lpr /etc/passwd

 Printer works. It prints from Mac machine, not from OpenBSD.

 So it is alive, and does not refuse to to respond, right?


 Correct.


 file.ppd is nothing but a made up name for a file that you
 need to replace with the right PPD file for that printer.


 Right.

 OpenBSD has never give me so much trouble before. ;)

 It is not OpenBSD that is giving you trouble.



 My ignorance. :)

 -Girish

 --
 G3 Tech
 Networking appliance company
 web: http://g3tech.in  mail: gir...@g3tech.in



-- 
G3 Tech
Networking appliance company
web: http://g3tech.in  mail: gir...@g3tech.in

Re: Intel E3-1270 and AES-NI

2012-04-04 Thread Tony Sarendal 
On Tue, Apr 3, 2012 at 10:49 PM, mxb m...@alumni.chalmers.se wrote:


 On Apr 3, 2012, at 4:31 PM, Tony Sarendal wrote:

  On Tue, Apr 3, 2012 at 3:41 PM, Jonathan Gray j...@jsg.id.au wrote:
 
  On Tue, Apr 03, 2012 at 03:09:37PM +0200, Tony Sarendal wrote:
  When testing new boxes with Intel E3-1270 cpu I don't see AES on the
  cpu's
  in dmesg.
  Does this mean that the aes-ni stuff isn't used on these ? I was a bit
  curious to see if it had any effect on ipsec performance.
 
  According to
 
 
 http://ark.intel.com/products/52276/Intel-Xeon-Processor-E3-1270-%288M-Cache-3_40-GHz%29
 
  it does support it.  So it sounds like a problem with the bios.  It
 would
  be printing along with the other cpuid flags in the cpu part
  of dmesg were it enabled.  And if the cpuid says it is not present,
  it is not used.
 
 
  You are star. It was disabled in bios.
 
  Cheers.
 

 Sometimes you even need to flash BIOS to have it.


Worked fine here. Performance boost depended a lot on packet size, a full
speed one direction tcp data transfer
got a 30% boost from enabling aes-ni. Small packet size, 200 byte mtu in
sending direction, gave around 5% boost.

The test box has been doing 400Mbps of large frame data transfer for a day
or so now.

One interesting thing was that running with SP kernel two low-latency,
high-speed, tcp tranfers could
starve userland badly enough to drop bgp sessions where as with MP kernel
the box remained responsive
no matter how many tcp sessions I shot through it.

/T

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Jan Stary 
On Apr 04 22:25:18, Girish Venkatachalam wrote:
 ftp://g3tech.in/printcap

Sigh. Next time, please post the six damn lines inline.

rp:HP PRinter:\
:lp=:rm=192.168.1.6:rp=lp:\
:af=/etc/foomatic/hp.ppd:\
:if=/usr/local/bin/foomatic-rip:\
:sd=/var/spool/output:\
:lf=/var/log/lpd-errs:\
:sh:

 # export PRINTER=rp@IP

Does that mean rp@192.168.1.6?

Anyway, I don't think this is correct: it should be simply rp,
i.e. the name of the printer in your printcap.

With the above printcp, an empty lpq, and a correctly running lpd,
what does the following do?

echo test | lpr -Prp

If it doesn't work, what does lpd-errs say?

Participe da Promo��o Fidelidade TAM e Ganhe um Ford Edge!

2012-04-04 Thread TAM - Fidelidade 
4

Atencao voce cliente Tam Linhas Aereas
==

PROMOCAO TAM FIDELIDADE E PONTOS MULTIPLUS

Voce foi convidado para participar da promocao de Vantagens TAM
Fidelidade.

Caso vocj seja um cliente TAM Fidelidade, acesse o link abaixo para
concorrer a um Ford Edge com sua conta fidelidade.

Clique aqui e Participe

Apos o termino da operacao, aguarde o prazo de 48 horas para a
confirmcao.

Estamos a disposicao para esclarecer qualquer duvida.

Esta e uma mensagem totalmente segura.
Mensagem analizada e verificada pelo AVG AntiVirus e  ScanMail

GPIO and rc.securelevel

2012-04-04 Thread Jack Woehr 
gpioctl(8) man page says:  Only pins that have been configured at securelevel 0, typically during system startup, are 
accessible once the securelevel has been raised.


However, /etc/rc.securelevel first says securelevel=1 and only then # Place local 
actions here.

Should I put gpioctl statements before the securelevel=1 statement or is the 
man page in error, please?

--
Jack Woehr   # I'm not lazy, I'm useless.
Box 51, Golden CO 80402  # There's a big difference.
http://www.softwoehr.com # - Wally (Dilbert 20110318)

Re: GPIO and rc.securelevel

2012-04-04 Thread Christopher Zimmermann 
On Wed, 04 Apr 2012 12:24:37 -0600
Jack Woehr jwo...@softwoehr.com wrote:

 gpioctl(8) man page says:  Only pins that have been configured at
 securelevel 0, typically during system startup, are accessible once
 the securelevel has been raised.
 
 However, /etc/rc.securelevel first says securelevel=1 and only then
 # Place local actions here.
 
 Should I put gpioctl statements before the  statement
 or is the man page in error, please?
 

place them after the comment. securelevel=1 is just a variable
assignment, which is used in /etc/rc, which sources /etc/rc.securelevel.

Re: Route Target Import / Export in bgpd

2012-04-04 Thread Claudio Jeker 
On Wed, Apr 04, 2012 at 02:43:04PM +0200, Rimi Philippe wrote:
 Thanks Claudio.
 The way I see it is that RD are only local, they identify the VRF (or
 rdomain) locally on the router, then the RT import / export handles
 the way the routes are distributed. This permits the hub  spoke
 approach for example.
 
 If you need help on the testing side feel free to send me the code,
 I'll give it a try.
 

Give this a try.

-- 
:wq Claudio

Index: bgpd.conf.5
===
RCS file: /cvs/src/usr.sbin/bgpd/bgpd.conf.5,v
retrieving revision 1.116
diff -u -p -r1.116 bgpd.conf.5
--- bgpd.conf.5 17 Sep 2011 16:29:44 -  1.116
+++ bgpd.conf.5 4 Apr 2012 18:46:54 -
@@ -494,13 +494,13 @@ for further information about the argume
 .Pp
 .It Ic rd Ar as-number Ns Li : Ns Ar local
 .It Ic rd Ar IP Ns Li : Ns Ar local
-The Route Distinguishers uniquely identifies a set of VPN prefixes.
-Only prefixes matching the
+The sole purpose of the Route Distinguisher
 .Ic rd
-will be imported into the routing domain.
-The purpose of the
+is to ensure that possible common prefixes are destinct between VPNs.
+The
 .Ic rd
-is solely to allow one to create distinct routes to a common address prefix.
+is neither used to identify the origin of the prefix nor to control into
+which VPNs the prefix is distributed to.
 The
 .Ar as-number
 or
Index: rde.c
===
RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
retrieving revision 1.312
diff -u -p -r1.312 rde.c
--- rde.c   27 Mar 2012 18:22:07 -  1.312
+++ rde.c   4 Apr 2012 15:40:41 -
@@ -2414,8 +2414,6 @@ rde_send_kroute(struct prefix *new, stru
break;
 
SIMPLEQ_FOREACH(rd, rdomains_l, entry) {
-   if (addr.vpn4.rd != rd-rd)
-   continue;
if (!rde_rdomain_import(p-aspath, rd))
continue;
/* must send exit_nexthop so that correct MPLS tunnel

Re: Route Target Import / Export in bgpd

2012-04-04 Thread Rémi Philippe 
Hi Claudio,
It works at 90% thanks.

The last 10% are still not working. On PE1 I have 2 Rdomains (20,30) and PE2 1
rdomain (20). On PE1 I want the rdomain 20 routes to be imported in rdomain 30
(locally), but that doesn't seem to work locally, here are the details.

Rimi

rdomain 20 PE1: 172.16.35.0/24
rdomain 30 PE1: 172.16.33.0/24
rdomain 20 PE2: 172.16.39.0/24

PE1:
rdomain 20 {
rd 1.1.1.1:20
import-target rt 2.2.2.2:20
import-target rt 1.1.1.1:30
export-target rt 1.1.1.1:20
depend on mpe20
network inet connected
}

rdomain 30 {
rd 1.1.1.1:30
import-target rt 2.2.2.2:20
import-target rt 1.1.1.1:20
export-target rt 1.1.1.1:30
depend on mpe20
network inet connected
}

PE2:
rdomain 20 {
rd 2.2.2.2:20
import-target rt 1.1.1.1:20
import-target rt 1.1.1.1:30
export-target rt 2.2.2.2:20
depend on mpe20
network inet connected
}

PE1:
# bgpctl show fib table 20
flags: * = valid, B = BGP, C = Connected, S = Static
   N = BGP Nexthop reachable via this route
   r = reject route, b = blackhole route

flags prio destination  gateway
*C   0 127.0.0.0/8  link#0
*C   4 172.16.35.0/24   link#2
*B  48 172.16.39.0/24   2.2.2.2
*C   0 ::1/128  link#0

# bgpctl show fib table 30
flags: * = valid, B = BGP, C = Connected, S = Static
   N = BGP Nexthop reachable via this route
   r = reject route, b = blackhole route

flags prio destination  gateway
*C   0 127.0.0.0/8  link#0
*C   4 172.16.33.0/24   link#3
*B  48 172.16.39.0/24   2.2.2.2
*C   0 ::1/128  link#0

PE2:
# bgpctl show fib table 20
flags: * = valid, B = BGP, C = Connected, S = Static
   N = BGP Nexthop reachable via this route
   r = reject route, b = blackhole route

flags prio destination  gateway
*C   0 127.0.0.0/8  link#0
*B  48 172.16.33.0/24   1.1.1.1
*B  48 172.16.35.0/24   1.1.1.1
*C   4 172.16.39.0/24   link#3
*C   0 ::1/128  link#0


Le 4 avr. 2012 ` 21:07, Claudio Jeker a icrit :

 On Wed, Apr 04, 2012 at 02:43:04PM +0200, Rimi Philippe wrote:
 Thanks Claudio.
 The way I see it is that RD are only local, they identify the VRF (or
 rdomain) locally on the router, then the RT import / export handles
 the way the routes are distributed. This permits the hub  spoke
 approach for example.

 If you need help on the testing side feel free to send me the code,
 I'll give it a try.


 Give this a try.

 --
 :wq Claudio

 Index: bgpd.conf.5
 ===
 RCS file: /cvs/src/usr.sbin/bgpd/bgpd.conf.5,v
 retrieving revision 1.116
 diff -u -p -r1.116 bgpd.conf.5
 --- bgpd.conf.5   17 Sep 2011 16:29:44 -  1.116
 +++ bgpd.conf.5   4 Apr 2012 18:46:54 -
 @@ -494,13 +494,13 @@ for further information about the argume
 .Pp
 .It Ic rd Ar as-number Ns Li : Ns Ar local
 .It Ic rd Ar IP Ns Li : Ns Ar local
 -The Route Distinguishers uniquely identifies a set of VPN prefixes.
 -Only prefixes matching the
 +The sole purpose of the Route Distinguisher
 .Ic rd
 -will be imported into the routing domain.
 -The purpose of the
 +is to ensure that possible common prefixes are destinct between VPNs.
 +The
 .Ic rd
 -is solely to allow one to create distinct routes to a common address
prefix.
 +is neither used to identify the origin of the prefix nor to control into
 +which VPNs the prefix is distributed to.
 The
 .Ar as-number
 or
 Index: rde.c
 ===
 RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
 retrieving revision 1.312
 diff -u -p -r1.312 rde.c
 --- rde.c 27 Mar 2012 18:22:07 -  1.312
 +++ rde.c 4 Apr 2012 15:40:41 -
 @@ -2414,8 +2414,6 @@ rde_send_kroute(struct prefix *new, stru
   break;

   SIMPLEQ_FOREACH(rd, rdomains_l, entry) {
 - if (addr.vpn4.rd != rd-rd)
 - continue;
   if (!rde_rdomain_import(p-aspath, rd))
   continue;
   /* must send exit_nexthop so that correct MPLS tunnel

Re: GPIO and rc.securelevel

2012-04-04 Thread Jack Woehr 

Christopher Zimmermann wrote:
place them after the comment. securelevel=1 is just a variable assignment, which is used in /etc/rc, which sources 
/etc/rc.securelevel. 

Thanks ... are there also undocumented flags? I have a user who is using the 
invocation

/usr/sbin/gpioctl -q -d /dev/gpio1 -c 4 set out od jp5pin12;

 and it seems to sort of work but I can't find the -c option in the manual.

--
Jack Woehr   # I'm not lazy, I'm useless.
Box 51, Golden CO 80402  # There's a big difference.
http://www.softwoehr.com # - Wally (Dilbert 20110318)

Recent DELL hardware support

2012-04-04 Thread Kostas Zorbadelos 
Hello all,

we are about to engage a procurement procedure of servers. There is a
high probability to purchase DELL hardware. I want OpenBSD to be
supported on the hardware. I have 2 broad options

- Go with PowerEdge R410 
- Go with PowerEdge R620 (latest generation of servers)

The first option has only a single PCIe slot so I cannot have hot
swappable disks AND Intel Ethernet interfaces (preferred from Broadcom
but unfortunately Broadcom is on-board and I cannot get rid of them).

The second option has the disadvantages of recent hardware (= can be
unsupported). My main concerns are the PERC controller, where I saw that
PERC 310 is supported in mfi(4) and the Intel NICs (these servers come
with Intel Ethernet I350, still unsupported from what I saw, they are on
the hardware wanted list).

The machines will be bought and put to use in at least 6 months from
now, one or two OpenBSD releases will have been made. What do you think?
Will the hardware be supported by then?

As you can tell I do not control the procurement procedure, but I can
ask for specific DELL hardware. 

Regards,

Kostas

-- 
Kostas Zorbadelos   
twitter:@kzorbadelos  http://gr.linkedin.com/in/kzorba

()  www.asciiribbon.org - against HTML e-mail  proprietary attachments
/\

Re: Recent DELL hardware support

2012-04-04 Thread Johan Beisser 
Dell has an ugly habit of changing components even within the same
model year of hardware. You can't predict how well supported something
is based on PowerEdge R410 until you have your specific one in front
of you.

On Wed, Apr 4, 2012 at 1:14 PM, Kostas Zorbadelos kzo...@otenet.gr wrote:
 Hello all,

 we are about to engage a procurement procedure of servers. There is a
 high probability to purchase DELL hardware. I want OpenBSD to be
 supported on the hardware. I have 2 broad options

 - Go with PowerEdge R410
 - Go with PowerEdge R620 (latest generation of servers)

 The first option has only a single PCIe slot so I cannot have hot
 swappable disks AND Intel Ethernet interfaces (preferred from Broadcom
 but unfortunately Broadcom is on-board and I cannot get rid of them).

 The second option has the disadvantages of recent hardware (= can be
 unsupported). My main concerns are the PERC controller, where I saw that
 PERC 310 is supported in mfi(4) and the Intel NICs (these servers come
 with Intel Ethernet I350, still unsupported from what I saw, they are on
 the hardware wanted list).

 The machines will be bought and put to use in at least 6 months from
 now, one or two OpenBSD releases will have been made. What do you think?
 Will the hardware be supported by then?

 As you can tell I do not control the procurement procedure, but I can
 ask for specific DELL hardware.

 Regards,

 Kostas

 --
 Kostas Zorbadelos
 twitter:@kzorbadelos  http://gr.linkedin.com/in/kzorba


 ()  www.asciiribbon.org - against HTML e-mail  proprietary attachments
 /\

chroot scp

2012-04-04 Thread Michel Blais 

Hi,

I have create a chroot with scp and needed library for it but when I try 
to copy a file with scp, I always get the error unknown user UID after 
succefully entering the password. I can't find anything for this error 
exept for Linux. There also nothing in authlog, only successful 
connection messages.


Anybody know what missing in the chroot for scp to work ?

ls -R /chroot/
bin  dev  etc  transfer usr

/chroot/bin:
sh

/chroot/dev:
MAKEDEV nullstderr  stdin   stdout  tty zero

/chroot/etc:
passwd

/chroot/transfer:
test

/chroot/usr:
bin lib libexec

/chroot/usr/bin:
scp

/chroot/usr/lib:
libc.so.60.1

/chroot/usr/libexec:
ld.so

Thanks,

Michel

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Girish Venkatachalam 
On Wed, Apr 4, 2012 at 11:36 PM, Jan Stary h...@stare.cz wrote:
 On Apr 04 22:25:18, Girish Venkatachalam wrote:
 ftp://g3tech.in/printcap

 Sigh. Next time, please post the six damn lines inline.

 rp:HP PRinter:\
:lp=:rm=192.168.1.6:rp=lp:\
:af=/etc/foomatic/hp.ppd:\
:if=/usr/local/bin/foomatic-rip:\
:sd=/var/spool/output:\
:lf=/var/log/lpd-errs:\
:sh:

 # export PRINTER=rp@IP

 Does that mean rp@192.168.1.6?


I tried that as well as what you suggest below.

I get on the command line, connecting to localhost...

 Anyway, I don't think this is correct: it should be simply rp,
 i.e. the name of the printer in your printcap.

 With the above printcp, an empty lpq, and a correctly running lpd,
 what does the following do?

echo test | lpr -Prp


Yes empty lpq , lpd runs and the above command does nothing.

 If it doesn't work, what does lpd-errs say?


Nothing.

Okay I am giving up now.

-Girish

--
G3 Tech
Networking appliance company
web: http://g3tech.in  mail: gir...@g3tech.in

Re: chroot scp

2012-04-04 Thread Kevin Chadwick 
On Wed, 04 Apr 2012 18:08:37 -0400
Michel Blais wrote:

 I have create a chroot with scp and needed library for it but when I try 
 to copy a file with scp, I always get the error unknown user UID after 
 succefully entering the password. I can't find anything for this error 
 exept for Linux. There also nothing in authlog, only successful 
 connection messages.

You probably need a shell and maybe a /etc/passwd and a few other
things like /dev/log. If you use sftp instead of scp you shouldn't need
either, nor a tty, allowing read only root too.

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Geoff Steckel 

On 04/04/2012 06:10 PM, Girish Venkatachalam wrote:

Nothing.
Okay I am giving up now.

-Girish

--
G3 Tech
Networking appliance company
web: http://g3tech.in  mail: gir...@g3tech.in

telnetprinter_ip_address  9100

%!PS

(hi\n)

print

flush



What does it do?
If it echoes hi, then postscript works.
end with a controld then close the connection

Another test would be

telnetprinter_ip_address  9100

%!PS

100 300 moveto

/TimesRoman findfont 24 scalefont selectfont

(Testing 1 2 3 4) show

showpage

controld

That should print a page with Testing 1 2 3 4 in the middle.

Does the printer have a built in web server for configuration? Are the 
correct ports and emulations enabled?


This is unlikely to be a problem with lpr if you have configured 
/etc/printcap according to the example included in it.


Are you sending postscript or HPGL to the printer? If you are sending 
plain text it is very unlikely you will see anything useful. Use a2ps 
(for example - there are other programs which do the same) to format 
plain text into postscript.


Geoff Steckel

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Jan Stary 
On Apr 05 03:40:22, Girish Venkatachalam wrote:
 On Wed, Apr 4, 2012 at 11:36 PM, Jan Stary h...@stare.cz wrote:
  On Apr 04 22:25:18, Girish Venkatachalam wrote:
  ftp://g3tech.in/printcap
 
  Sigh. Next time, please post the six damn lines inline.
 
  rp:HP PRinter:\
 :lp=:rm=192.168.1.6:rp=lp:\
 :af=/etc/foomatic/hp.ppd:\
 :if=/usr/local/bin/foomatic-rip:\
 :sd=/var/spool/output:\
 :lf=/var/log/lpd-errs:\
 :sh:
 
  # export PRINTER=rp@IP
 
  Does that mean rp@192.168.1.6?
 
 
 I tried that as well as what you suggest below.
 
 I get on the command line, connecting to localhost...
 
  Anyway, I don't think this is correct: it should be simply rp,
  i.e. the name of the printer in your printcap.
 
  With the above printcp, an empty lpq, and a correctly running lpd,
  what does the following do?
 
 echo test | lpr -Prp
 
 
 Yes empty lpq , lpd runs and the above command does nothing.
 
  If it doesn't work, what does lpd-errs say?
 
 
 Nothing.

Then something else is broken.

Run lpd with -l to make sure that the print job
at least made it to lpd as a request.

You do actually have the foomatic* packages installed, right?
You did not just blindly copy the ':if=/usr/local/bin/foomatic-rip:'
line, right?

Re: Question on LPD and OpenBSD printing

2012-04-04 Thread Girish Venkatachalam 
On Thu, Apr 5, 2012 at 4:46 AM, Jan Stary h...@stare.cz wrote:

 Nothing.

 Then something else is broken.

 Run lpd with -l to make sure that the print job
 at least made it to lpd as a request.


If the queue clears that is what it means right? It does make it.

I will also take a stab at the -l switch.

 You do actually have the foomatic* packages installed, right?
 You did not just blindly copy the ':if=/usr/local/bin/foomatic-rip:'
 line, right?


But of course yes. If you install hpijs it is installed as a dependency.

-Girish

--
G3 Tech
Networking appliance company
web: http://g3tech.in  mail: gir...@g3tech.in

Re: chroot scp

2012-04-04 Thread Michel Blais 
I've already added /bin/sh as shell and also /etc/passwd like you can
see on my recursive ls from my first post.I will try /dev/log but I
was thinking it was maybe that scp need ssh client + lib but just
wanted to make sure since I want a chroot as small as possible.

Thanks

Le 4 avril 2012 18:45, Kevin Chadwick ma1l1i...@yahoo.co.uk a icrit :
 On Wed, 04 Apr 2012 18:08:37 -0400
 Michel Blais wrote:

 I have create a chroot with scp and needed library for it but when I try
 to copy a file with scp, I always get the error unknown user UID after
 succefully entering the password. I can't find anything for this error
 exept for Linux. There also nothing in authlog, only successful
 connection messages.

 You probably need a shell and maybe a /etc/passwd and a few other
 things like /dev/log. If you use sftp instead of scp you shouldn't need
 either, nor a tty, allowing read only root too.

Manual IPsec setup with ipsec.conf

2012-04-04 Thread Girish Venkatachalam 
Dear all,

Such a silly thing is not documented anywhere, no vpn(8) man page and
 not on the Internet.

I am forced to send this mail though it is embarrassing having worked on the
 internals of manual IPsec keying back in 2004. But well here goes.

on peer A:

remoteip=173.167.82.52
remotenet=10.1.23.0/24

flow esp from 59.99.242.167 to $remoteip
flow esp from 192.168.1.0/24 to $remotenet peer $remoteip
esp from 59.99.242.167 to $remoteip spi 0xdeadbeef:0xbeefdead auth
hmac-sha1 \
   authkey
   0xeda8f06463b2d0fed008ccc474216dba8c463a7c:0x91c763de940ce1745215c84b7
535269acaef516d
   \
   enckey
   0xb341aa065c3850edd6a61e150d6a5fd3:0xf7795f6bdd697a43a4d28dcf1b79062d

on peer B:

localnet=192.168.0.0/16
remoteip=59.99.242.167

flow esp from 173.167.82.52 to 59.99.242.167
flow esp from 10.1.23.0/24 to 192.168.1.0/24 peer $remoteip
esp from 173.167.82.52 to 59.99.242.167 spi 0xbeefdead:0xdeadbeef auth
hmac-sha1 \
   authkey
   0x91c763de940ce1745215c84b7535269acaef516d:0xeda8f06463b2d0fed008ccc47
4216dba8c463a7c
   \
   enckey
   0xf7795f6bdd697a43a4d28dcf1b79062d:0xb341aa065c3850edd6a61e150d6a5fd3


It is a test. I don't care about the keys and IP addresses.

pf(4) is disabled both sides and here is the output of

#ipsecctl -sa on peer B

# ipsecctl -sa -v
FLOWS:
flow esp in from 192.168.1.0/24 to 10.1.23.0/24 peer 59.99.242.167 type
require
flow esp out from 10.1.23.0/24 to 192.168.1.0/24 peer 59.99.242.167 type
require
flow esp in from 59.99.242.167 to 173.167.82.52 peer 59.99.242.167 type
require
flow esp out from 173.167.82.52 to 59.99.242.167 peer 59.99.242.167 type
require

SAD:
esp tunnel from 173.167.82.52 to 59.99.242.167 spi 0xbeefdead auth
hmac-sha1 enc aes
sa: spi 0xbeefdead auth hmac-sha1 enc aes
state mature replay 0 flags 4
lifetime_cur: alloc 0 bytes 0 add 1333585323 first 0
address_src: 173.167.82.52
address_dst: 59.99.242.167
esp tunnel from 59.99.242.167 to 173.167.82.52 spi 0xdeadbeef auth
hmac-sha1 enc aes
sa: spi 0xdeadbeef auth hmac-sha1 enc aes
state mature replay 0 flags 4
lifetime_cur: alloc 0 bytes 0 add 1333585323 first 0
address_src: 59.99.242.167
address_dst: 173.167.82.52

And peer A:

# ipsecctl -sa -v
FLOWS:
flow esp in from 10.1.23.0/24 to 192.168.1.0/24 peer 173.167.82.52 type
require
flow esp out from 192.168.1.0/24 to 10.1.23.0/24 peer 173.167.82.52 type
require
flow esp in from 173.167.82.52 to 59.99.242.167 peer 173.167.82.52 type
require
flow esp out from 59.99.242.167 to 173.167.82.52 peer 173.167.82.52 type
require

SAD:
esp tunnel from 173.167.82.52 to 59.99.242.167 spi 0xbeefdead auth
hmac-sha1 enc aes
sa: spi 0xbeefdead auth hmac-sha1 enc aes
state mature replay 0 flags 4
lifetime_cur: alloc 0 bytes 0 add 1333585275 first 0
address_src: 173.167.82.52
address_dst: 59.99.242.167
esp tunnel from 59.99.242.167 to 173.167.82.52 spi 0xdeadbeef auth
hmac-sha1 enc aes
sa: spi 0xdeadbeef auth hmac-sha1 enc aes
state mature replay 0 flags 4
lifetime_cur: alloc 0 bytes 196 add 1333585275 first 1333585277
address_src: 59.99.242.167
address_dst: 173.167.82.52
lifetime_lastuse: alloc 0 bytes 0 add 0 first 1333585277

I cannot ping between 192.168.1.50 and 10.1.23.2

What is going on?

-Girish

--
G3 Tech
Networking appliance company
web: http://g3tech.in  mail: gir...@g3tech.in

Re: chroot scp

2012-04-04 Thread Stuart Henderson 
On 2012-04-04, Kevin Chadwick ma1l1i...@yahoo.co.uk wrote:
 On Wed, 04 Apr 2012 18:08:37 -0400
 Michel Blais wrote:

 I have create a chroot with scp and needed library for it but when I try 
 to copy a file with scp, I always get the error unknown user UID after 
 succefully entering the password. I can't find anything for this error 
 exept for Linux. There also nothing in authlog, only successful 
 connection messages.

Probably need at least pwd.db (and passwd is probably not necessary).
ktrace should tell you more.

 You probably need a shell and maybe a /etc/passwd and a few other
 things like /dev/log. If you use sftp instead of scp you shouldn't need
 either, nor a tty, allowing read only root too.

This is obviously the client not the server. The sftp client needs
more than scp (termcap etc).

Re: Recent DELL hardware support

2012-04-04 Thread Stuart Henderson 
On 2012-04-04, Kostas Zorbadelos kzo...@otenet.gr wrote:
 Hello all,

 we are about to engage a procurement procedure of servers. There is a
 high probability to purchase DELL hardware. I want OpenBSD to be
 supported on the hardware. I have 2 broad options

 - Go with PowerEdge R410 
 - Go with PowerEdge R620 (latest generation of servers)

 The first option has only a single PCIe slot so I cannot have hot
 swappable disks AND Intel Ethernet interfaces (preferred from Broadcom
 but unfortunately Broadcom is on-board and I cannot get rid of them).

I haven't come across any problems with bnx(4). Did you look at
2U boxes at all?

 The second option has the disadvantages of recent hardware (= can be
 unsupported). My main concerns are the PERC controller, where I saw that
 PERC 310 is supported in mfi(4) and the Intel NICs (these servers come
 with Intel Ethernet I350, still unsupported from what I saw, they are on
 the hardware wanted list).

 The machines will be bought and put to use in at least 6 months from
 now, one or two OpenBSD releases will have been made. What do you think?
 Will the hardware be supported by then?

 As you can tell I do not control the procurement procedure, but I can
 ask for specific DELL hardware. 

 Regards,

 Kostas


So your choice is between hardware which should already work in
OpenBSD and hardware which (at least the nics) is known not to
work yet but might work sometime in the future. Nobody here can
make that decision for you :)

Re: GPIO and rc.securelevel

2012-04-04 Thread Stuart Henderson 
On 2012-04-04, Jack Woehr jwo...@softwoehr.com wrote:
 Christopher Zimmermann wrote:
 place them after the comment. securelevel=1 is just a variable assignment, 
 which is used in /etc/rc, which sources 
 /etc/rc.securelevel. 
 Thanks ... are there also undocumented flags? I have a user who is using the 
 invocation

 /usr/sbin/gpioctl -q -d /dev/gpio1 -c 4 set out od jp5pin12;

   and it seems to sort of work but I can't find the -c option in the manual.


They are using code from 2008 or earlier.

Re: chroot scp

2012-04-04 Thread Michel Blais 
Hi Stuart,

You we're right. It's working fine now with pwd.db and passwd was not needed.

Thanks

Michel

Le 4 avril 2012 20:46, Stuart Henderson s...@spacehopper.org a icrit :
 On 2012-04-04, Kevin Chadwick ma1l1i...@yahoo.co.uk wrote:
 On Wed, 04 Apr 2012 18:08:37 -0400
 Michel Blais wrote:

 I have create a chroot with scp and needed library for it but when I try
 to copy a file with scp, I always get the error unknown user UID after
 succefully entering the password. I can't find anything for this error
 exept for Linux. There also nothing in authlog, only successful
 connection messages.

 Probably need at least pwd.db (and passwd is probably not necessary).
 ktrace should tell you more.

 You probably need a shell and maybe a /etc/passwd and a few other
 things like /dev/log. If you use sftp instead of scp you shouldn't need
 either, nor a tty, allowing read only root too.

 This is obviously the client not the server. The sftp client needs
 more than scp (termcap etc).

Re: Recent DELL hardware support

2012-04-04 Thread Theo de Raadt 
 So your choice is between hardware which should already work in
 OpenBSD and hardware which (at least the nics) is known not to
 work yet but might work sometime in the future. Nobody here can
 make that decision for you :)

Last time such issues happened, the people involved made sure we
had the hardware in question.

Such such problems get solved fast, most of the time, anyways.

Re: GPIO and rc.securelevel

2012-04-04 Thread Jack Woehr 

Stuart Henderson wrote:
They are using code from 2008 or earlier. 

My bad. Using three different OBSD machines at different levels, man gpioctl on 
wrong one :(

Thanks, Stuart.

--
Jack Woehr   # I'm not lazy, I'm useless.
Box 51, Golden CO 80402  # There's a big difference.
http://www.softwoehr.com # - Wally (Dilbert 20110318)