Leia nesta Páscoa
NOSSOS SANTOS E BEATOS E OUTROS QUE PORTUGAL ADOROU, OS Alberto Julio Silva +Esta obra sobre os Santos i ja, de certo modo, resposta `s indicagues pastorais para o Ano da Fi, dada, atravis da Congregagco para a Doutrina da Fi, pelo Santo Padre Bento XVI `s Conferjncias Episcopais, ao dizer: Os Santos e os Beatos sco autjnticas testemunhas da fi, portanto sera oportuno que as Conferjncias Episcopais se empenhem em difundir o conhecimento dos Santos do prsprio territsrio; in Prefacio ... 21.00 - 18.90 CONTOS DE PASCOA Joao Cesar Das Neves Do Mesmo autor: Autos de Natal, Contos de Natal e Parabolas sobre Jesus. +Deus escreve continuamente pequenos artigos []. Depois, toma cada uma dessas gemas e parte-a delicadamente em pedagos mais pequenos. Algumas deixa ficar intactas, mas a muitas divide em secgues, varias ligadas umas `s outras por fios. Como as conchas no mar, algumas estco inteiras e completas, ... 9.95 - 8.96 TEMPO DA MUSICA MUSICA DO TEMPO Eduardo Lourenco Novo livro da colecgco +Obras de Eduardo Lourengo; que a Gradiva tem vindo a editar em estreita colaboragco com o autor. Desta feita, trata-se de textos iniditos, retirados das paginas diarmsticas do ensamsta um conjunto de reflexues +ocasionais; suscitadas pela audigco de pegas musicais, seja em salas de concertos, em casa ou durante as suas numerosas deslocagues. Aqui, o filssofo revela a sua sensibilidade aos estados de alma dos trechos musicais e a sua imensa erudigco, que torna possmvel o ... 13.50 - 12.15 MACONARIA UNIVERSAL Miguel Martin Albo Fensmeno associativo singular, a magonaria, na sua expressco mais ancestral - as lojas operativas - surge, sobretudo de construtores (arquitectos, canteiros e pedreiros) da Europa medieval, mas i a partir do siculo XVIII que, com o novo modelo de lojas especulativas - cujo papel nas revolugues liberais foi fundamental -, comega a desfrutar de grande reconhecimento social e polmtico. Com efeito, devido ` capacidade de antecipar as mais significativas transformagues sociais e polmticas, a Magonaria soube, ... 22.15 - 19.94 PORTUGAL A PE Nuno Ferreira Em Fevereiro de 2008, o jornalista Nuno Ferreira (ex-Expresso e ex-Pzblico) inicia a pi um longo e demorado piriplo pelo que i habitualmente designado "Portugal profundo". Ao longo da viagem, enquanto passa por vagabundo, contrabandista ou peregrino a Fatima, redescobre um pams esquecido, muitas vezes entregue a si prsprio, que luta desesperadamente contra a desertificagco. A caminhar do Algarve ao Minho ptde ir observando Portugal com a cadjncia de uma cbmera lenta e atenta aos ... 19.80 - 17.82 EXTREMAMENTE ALTO E INCRIVELMENTE PERTO Jonathan Safran Foer Oskar Schell tem nove anos e i inventor, francsfilo, tocador de tamborim, ator shakesperiano, joalheiro, pacifista. Alim disso, esta a empreender uma busca urgente e secreta atravis das cinco zonas de Nova Iorque a fim de encontrar a fechadura onde entra uma chave misteriosa que pertencera ao pai, morto no atentado contra o World Trade Center. Oskar, uma inspirada criagco do autor, i encantador, exasperante e inesquecmvel. 16.50 - 14.85 Para deixar de receber a newsletter por favor clique Aqui ---
rthreads enabled in -current
http://marc.info/?l=openbsd-cvs&m=132928856921225&w=2 I'm not sure how I missed this news until now, but it's really great to see things like this being moved along. Congratulations to everyone who has helped make this possible, and know that your work is appreciated - I've been patiently looking forward to OpenBSD's solution to such a complex problem.
Re: Havege entropy gathering
Janne Johansson wrote: > OpenBSD will use RNGs on CPU:s that have them, like the VIA C7 series. To be more precise, OpenBSD adds hardware RNGs to its sources of unpredictable external events. See the comment block at the top of /sys/dev/rnd.c for an explanation of the whole system. With Bull Mountain, Intel would like you to stop bothering with a system RNG altogether and get all your random numbers directly with the RDRAND instruction. Unfortunately, RDRAND can fail, so you have to deal with error handling. Inconvenient. When/if OpenBSD is going to get support for Bull Mountain, it will just be as another entropy source that ends up feeding arc4random(). -- Christian "naddy" Weisgerber na...@mips.inka.de
A little trouble using altq and cbq to do QoS.
Hello everybody! Pleased to meet you, my name is Alex, I am a network analyst who lives in Brazil and I'm new here in the list of OpenBSD. I started working recently with the system and I must say I am very pleased with the performance and simplicity to perform configuration and system resources. Congratulations to the development team for the excellent work! =D Well, do not know if this problem has already gone through the list and if anyone can help me: I am setting up a laboratory in OpenBSD 4.6 and my desire is to apply a QoS policy to control the consumption of bandwidth on a LAN. I set up a simple scenario using VMWare to test: Internal Network -Internet (NAT VMware) - WebServer (NAT VMWare) 192.168.20.0/24 -192.168.86.130/24 - 192.168.86.132/24 Unfortunately I am struggling to limit the bandwidth by up to a maximum of 128 Kbps for the local network as a whole and restrict the use of HTTP connections by 20%. I read the OpenBSD documentation found at this link (http://www.openbsd.org/faq/pf/queueing.html) and set the PF firewall to work with the CBQ as follows: # NAT (vic0 is my external network interface card and vic1 is my internal network interface card) nat on vic0 from vic1:network to any -> vic0:0 # Qos Rules # I want to deliver only 16 kbytes per second to my internal network, divided in two groups on this test: # 20% to use of http (25,6 Kbps or 3.2 Kbytes per second) # 80% to all of another services (102,4 Kbps or 12.8 kbytes per second) # Eu nco quero que uma fila filha pegue a largura de banda disponmvel na rede para ela. altq on vic0 cbq bandwidth 128Kb queue {std, http} queue std bandwidth 80% cbq(default, red) queue http bandwidth 20% cbq(red) # First, i've released the access to internet on all ports from my internal network: pass in on vic1 inet proto tcp from vic1:network to any keep state # Second, applied the rule with quick rule to make sure this will apply the queue http to limit traffic to 3.2 kbytes on port 80. pass out quick on vic0 inet proto tcp from any to any port 80 keep state queue http # Third, i've released all traffic. Is just to test. pass# to establish keep-state The problem is that even applying the rule I notice that I can make downloads via http at rates of 500 kilobytes per second (5 Mbps), even notifying them they should not take the band borrowed from the main queue. Also, notice that he is exceeding the stipulated limit of 128 Kbps. I tried to monitor traffic queues with the command pfctl -sq -vvv in debug mode and it is actually falling in the rule: queue root_vic0 on vic0 bandwidth 128Kb priority 0 cbq( wrr root ) {std, http} [ pkts: 69477 bytes:4349645 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 borrows: 0 suspends: 0 ] [ measured:39.8 packets/s, 17.19Kb/s ] queue std on vic0 bandwidth 102.40Kb cbq( red default ) [ pkts: 2215 bytes: 382255 dropped pkts:245 bytes: 24762 ] [ qlength: 0/ 50 borrows: 0 suspends: 47 ] [ measured: 0.0 packets/s, 0 b/s ] queue http on vic0 bandwidth 25.60Kb cbq( red ) [ pkts: 67262 bytes:3967390 dropped pkts: 538162 bytes: 29273235 ] [ qlength: 26/ 50 borrows: 0 suspends: 2221 ] [ measured:39.8 packets/s, 17.19Kb/s ] Has anyone experienced this problem and can give me a hand? ^^'' Best wishes to all!
Re: Havege entropy gathering
Kevin Chadwick wrote: > I was looking at this entropy gatherer (havege) and was wondering if > OpenBSD uses any similar techniques? > > www.irisa.fr/caps/projects/hipsor/ Broadly speaking, yes. "HAVEGE combines on-the-fly hardware volatile entropy gathering with pseudo-random number generation." This is the way all practical random number generators now work, including OpenBSD's kernel one, Yarrow as implemented e.g. by FreeBSD, or even Intel's on-chip Bull Mountain. I don't want to sound too disparaging of the HAVEGE people, but once you cut through the bluster, what remains is that they use the processor cycle counter as their sole source of entropy, which they then feed into their own deterministic pseudo-random number generator. I suspect their choice of entropy source will not find general approval *cough, cough*, and rather than designing your own PRNG to stretch the randomness, you can do what OpenBSD and Intel did and just use an off-the-shelf cryptographic stream cipher. -- Christian "naddy" Weisgerber na...@mips.inka.de
Re: Havege entropy gathering
OpenBSD will use RNGs on CPU:s that have them, like the VIA C7 series. 2012/4/6 Kevin Chadwick : > I was looking at this entropy gatherer (havege) and was wondering if > OpenBSD uses any similar techniques? > > www.irisa.fr/caps/projects/hipsor/ > -- To our sweethearts and wives. May they never meet. -- 19th century toast
Re: Havege entropy gathering
On Fri, Apr 06, 2012, Kevin Chadwick wrote: > I was looking at this entropy gatherer (havege) and was wondering if > OpenBSD uses any similar techniques? > > www.irisa.fr/caps/projects/hipsor/ No. We don't think limiting entropy to being used as a seed for a random number generator is a limitation.
Re: fork failed: resource temporarily unavailable
On Thu, Apr 05, 2012 at 04:10:36PM +0200, Otto Moerbeek wrote: > On Thu, Apr 05, 2012 at 03:11:20PM +0200, David Coppa wrote: > > > On Thu, Apr 5, 2012 at 3:01 PM, Mattieu Baptiste > > wrote: > > > Hi all, > > > > > > Since the switch to rthreads, and the new snapshot packages, I see a > > > lot of these errors after some time using my desktop machine: > > > fork failed: resource temporarily unavailable > > > > > > Then, I cannot start any process, and the machine starts to become > > > unusable, till the next reboot. I'm using a lot firefox, thunderbird > > > and XFCE. > > > > > > Do you see these errors? How could I track this? > > > > As a workaround, modify the staff class (which your user should be > > part of) with these values: > > > > openfiles-cur=1024 > > openfiles-max=2048 > > maxproc-cur=512 > > maxproc-max=1024 > > > > And increase maxproc to 1024 in your .xsession (ulimit -Sp 1024). > > > > Cheers, > > David > > Hmm, didn't a diff go in that made the limits per-process again? > > -Otto Actuyally, no. This was a case of wishful thinking. Though something is in the works. The above workaround wil do until something is actually commited. -Otto
Re: LiveUSB OpenBSD and LiveCD-OpenBSD site updated
Hi, Sorry for the newbe question, but what is wrong with what he is doing? Best regards, Dan On Mon, Apr 2, 2012 at 8:56 AM, Jan Stary wrote: > On Apr 01 21:30:58, Girish Venkatachalam wrote: > > After a long long time. Sigh. > > Please stop spreading this. All it does is give wrong > instruction and diverts people who should instead read > http://www.openbsd.org/faq/faq14.html#flashmemLive
Havege entropy gathering
I was looking at this entropy gatherer (havege) and was wondering if OpenBSD uses any similar techniques? www.irisa.fr/caps/projects/hipsor/
Re: LiveUSB OpenBSD and LiveCD-OpenBSD site updated
On Fri, Apr 6, 2012 at 2:17 AM, Mihai Popescu wrote: >> Andres Perera > >> if you cant install through network because you only got one machine > > So you can't install OpenBSD but you CAN download the pre-made OpenBSD images? need another machine for bootp > >>and feel that guerrilla overwriting your mbr after installing the locks >>within another os in >> order to do a hdd boot is too risky, you're left with this > > I've used OpenBSD in a multiboot and it was working perfectly fine, no > guerilla there. can't install in the first place if your only bootable media can be usb sticks. the alternative to downloading premade images is making them in qemu, which is more work for little gain > >> the page you linked does not provide that > > It does not, since the page is for a specific purpose. If you take > your time and go back to the root of FAQ you may find what you are > looking for. But I guess is nicer for you to spread crazy thing on the > list.
Re: LiveUSB OpenBSD and LiveCD-OpenBSD site updated
On Apr 06 09:47:01, Mihai Popescu wrote: > > Andres Perera > > > if you cant install through network because you only got one machine > > So you can't install OpenBSD but you CAN download the pre-made OpenBSD images? > > >and feel that guerrilla overwriting your mbr after installing the locks > >within another os in > > order to do a hdd boot is too risky, you're left with this > > I've used OpenBSD in a multiboot and it was working perfectly fine, no > guerilla there. > > > the page you linked does not provide that > > It does not, since the page is for a specific purpose. If you take > your time and go back to the root of FAQ you may find what you are > looking for. But I guess is nicer for you to spread crazy thing on the > list. Please, don't feed this. This project brings nothing, and its page spreads disinformation. Just follow http://www.openbsd.org/faq/faq14.html#flashmemLive