Re: Idea for apmd
On Thu, May 31, 2012 at 3:45 AM, Juan Francisco Cantero Hurtado wrote: > Hi. I've been using OpenBSD on my netbook daily for a few months. I was > using apmd with the -C setting. My netbook is slow and the battery life > is important, so 800Mhz (apmd -C) or 1600Mhz (apm -A) is not a big > difference for me. > > Now I have a desktop computer with support for cpu speed scaling. In > this case the options of apmd are very limited. If I use "-A" my cpu is > always at 2700Mhz, wasting energy and heating my room (I live in the > very sunny Extremadura :) ). If I use "-C", apm rarely raises the speed > and the cpu is almost always at 800Mhz. > > This is important because when I open a web page with a lot of > javascript, the browser is very slow. Also when I compile something with > "make -j1", apmd doesn't raise the speed of my CPU, I need use "make > -j4" for raising the cpu speed to 2700Mhz. What shows top, vmstat, systat about %sys, %usr, %idle during that time? Because you can have 800MHz of CPU, but %usr and/or %sys can be eg. only 20% so there's no reason to switch to higher frequency. > > I understand the problem with the limits of apmd. The developers can't > generate a limits for each CPU and workflow. I've been playing with the > values of PERFINCTHRES and PERFDECTHRES on usr.sbin/apmd/apmd.c and > "checking" the changes of speed with "while true; do apm | grep cool; > sleep 1; done". I'm using 20 and 60 respectively right now. Probably > this values aren't the best values but are better than the defaults (for > my CPU and workflow). The performance is very good and I can see the cpu > speed raising and lowering. I've tested various values and 20/60 are a > good compromise "performance vs energy consumption". > > In short, I have a suggestion for apmd. Add one option for to set > PERFINCTHRES and other for to set PERFDECTHRES. Each user could to > configure the behavior of "apm -C" on rc.conf.local. Example: > apmd_flags="-C -I 20 -D 60". Obviously, "apm -C" would use the defaults > if both options aren't used. > > The implementation is simple and it will not break any system. > Unfortunately I can't code the idea (despite I've read the code), so I > wanted share this with you. B Some developer interested? :) > > Cheers. > > -- > Juan Francisco Cantero Hurtado http://juanfra.info
Re: Laptop lid closing script
On May 31 07:37:18, Jan Stary wrote: > On May 30 20:15:42, Robert Connolly wrote: > > Hello. > > > > Is there any way to configure an ACPI event, such as closing the lid of a > > laptop, to run a script, like 'apm -C' and screensaver? > > apm(8) and sensorsd(8) don't seem to do anything like this. > > Not exactly hooked to a lid close but to a suspend > (which happens on lid close if machdep.lidsuspend=1) > - see apm(8) mentioning /etc/apm/suspend. That's apmd(8) of course.
Re: Laptop lid closing script
On May 30 20:15:42, Robert Connolly wrote: > Hello. > > Is there any way to configure an ACPI event, such as closing the lid of a > laptop, to run a script, like 'apm -C' and screensaver? > apm(8) and sensorsd(8) don't seem to do anything like this. Not exactly hooked to a lid close but to a suspend (which happens on lid close if machdep.lidsuspend=1) - see apm(8) mentioning /etc/apm/suspend.
Re: Laptop lid closing script
On Wed, May 30, 2012 at 8:15 PM, Robert Connolly wrote: > Is there any way to configure an ACPI event, such as closing the lid of a > laptop, to run a script, like 'apm -C' and screensaver? > > apm(8) and sensorsd(8) don't seem to do anything like this. acpibtn(4) doesn't provide a sensor for the lid status, so there's no generic support for arbitrary actions on lid close. The machdep.lidsuspend sysctl(8) can be set to enable automatic suspend-on-lid-close, which should work on most ACPI systems. If your box attaches the aps(4) device, it should provide a lid sensor there which you can monitor from userspace, but that's thinkpad-only. Philip Guenther
Laptop lid closing script
Hello. Is there any way to configure an ACPI event, such as closing the lid of a laptop, to run a script, like 'apm -C' and screensaver? apm(8) and sensorsd(8) don't seem to do anything like this. Thanks Robert
Re: Acer 5552-7858 notebook dmesg
Yes, 'zzz' works smoothly, while running X, and closing the lid also suspends the system. It seems to suspend to RAM since it only takes a second or two. The system reports that the webcam/video, usb, and scsibus "detached" during suspend, and then return after resume. On Wed, May 30, 2012 at 2:04 AM, David Scott wrote: > I'm sorry but I do not know enough to answer your questions. > > I did not phrase my question well. What I would like to know is have > you managed to get the laptop to sleep and wake up on closing and then > opening the lid? Does this work when X11 is running?
Idea for apmd
Hi. I've been using OpenBSD on my netbook daily for a few months. I was using apmd with the -C setting. My netbook is slow and the battery life is important, so 800Mhz (apmd -C) or 1600Mhz (apm -A) is not a big difference for me. Now I have a desktop computer with support for cpu speed scaling. In this case the options of apmd are very limited. If I use "-A" my cpu is always at 2700Mhz, wasting energy and heating my room (I live in the very sunny Extremadura :) ). If I use "-C", apm rarely raises the speed and the cpu is almost always at 800Mhz. This is important because when I open a web page with a lot of javascript, the browser is very slow. Also when I compile something with "make -j1", apmd doesn't raise the speed of my CPU, I need use "make -j4" for raising the cpu speed to 2700Mhz. I understand the problem with the limits of apmd. The developers can't generate a limits for each CPU and workflow. I've been playing with the values of PERFINCTHRES and PERFDECTHRES on usr.sbin/apmd/apmd.c and "checking" the changes of speed with "while true; do apm | grep cool; sleep 1; done". I'm using 20 and 60 respectively right now. Probably this values aren't the best values but are better than the defaults (for my CPU and workflow). The performance is very good and I can see the cpu speed raising and lowering. I've tested various values and 20/60 are a good compromise "performance vs energy consumption". In short, I have a suggestion for apmd. Add one option for to set PERFINCTHRES and other for to set PERFDECTHRES. Each user could to configure the behavior of "apm -C" on rc.conf.local. Example: apmd_flags="-C -I 20 -D 60". Obviously, "apm -C" would use the defaults if both options aren't used. The implementation is simple and it will not break any system. Unfortunately I can't code the idea (despite I've read the code), so I wanted share this with you. Some developer interested? :) Cheers. -- Juan Francisco Cantero Hurtado http://juanfra.info
(Kinda O.T.) Digital Millennium Copyright Act used to censor hardware specifications
Hi misc, While looking up motherboard connections on https://en.wikipedia.org/wiki/Peripheral_Component_Interconnect I found this ominous notice: === Pursuant to a rights owner notice under the Digital Millennium Copyright Act (DMCA), the Wikimedia Foundation acted under the law and took down and restricted the content in question. A copy of the received notice can be found here: DMCA takedown notice. For more information, including websites discussing how to file a counter-notice, please see Wikipedia: Office actions and the article's talk page. Do not remove this template from the article until the restrictions are withdrawn. See the protection policy and protection log for more details. If you can edit this page, please discuss all changes and additions on the talk page first. Do not remove protection from this page unless you are authorized by the Wikimedia Foundation to do so. === Reverse engineering necessary to have open source in the brave new world? Brett.
El curso que nadie se debe perder "Ortografía y Redacción para Ejecutivos"
Apreciable Ejecutivo: TIEM de Mixico Empresa Lmder en Capacitacisn y Actualizacisn de Capital Humano Debido al gran ixito obtenido, ponemos nuevamente a su disposicisn este excelente curso denominado: "Ortografma y Redaccisn para Ejecutivos" Ciudad de Mixico, el dma 26 de Junio de 2012 Inscrmbase 5 dmas antes de la fecha del Curso y obtenga un descuento del 15% con Inversisn Inmediata No deje pasar esta oportunidad e Invierta en su Desarrollo Personal y Profesional Una parte importante de la imagen y la personalidad es la facilidad o dificultad con la cual nos expresamos y logramos despertar el interis de nuestro interlocutor o lector. Este importante seminario le ofrece la oportunidad de desarrollar habilidades y ticnicas que le permitiran tener una comunicacisn escrita eficaz para expresarse correctamente con claridad, fluidez y precisisn, en los diferentes tipos de documentos que se requieran en su area de trabajo. Tu participacisn te permitira: Obtener un aprendizaje significativo de los acentos y las letras. Valorar la lectura como el medio para mejorar la ortografma y la redaccisn. Saber csmo desarrollar un estilo de redaccisn. Tips para actualizar y modernizar los escritos administrativos. Aprender a realizar escritos concisos y sencillos. Facilitar la tarea de trasmitir las ideas. Saber csmo utilizar correctamente los diferentes documentos. Evitar la repeticisn o la correccisn de errores. Para mayor informacisn, favor de responder este correo con los siguientes datos: Empresa: Nombre: Ciudad: Telifono: O si lo prefiere comunmquese a los telifonos: Del DF al 5611-0969 con 10 lmneas Interior del Pams Lada sin Costo 01 800 900 TIEM (8436) Aceptamos todas las TDC y Dibito. **Promocisn: 3 meses sin Intereses pagando con American Express **Aplica solo con Inversisn Normal .Todos los Derechos Reservados )2011 TIEM Talento e Innovacisn Empresarial de Mixico Este Mensaje le ha sido enviado como usuario de TIEM de Mixico o bien un usuario le refiris para recibir este boletmn. Como usuario de TIEM de Mixico, en este acto autoriza de manera expresa que TIEM de Mixico le puede contactar vma correo electrsnico u otros medios. Si usted ha recibido este mensaje por error, haga caso omiso de il y reporte su cuenta respondiendo este correo con el subject BAJABD Unsubscribe to this mailing list, reply a blank message with the subject UNSUBSCRIBE BAJABD Tenga en cuenta que la gestisn de nuestras bases de datos es de suma importancia y no es intencisn de la empresa la inconformidad del receptor.
Re: realtek 8188ce "not configured"
> >Lenovo won't let me replace the Realtek 8188CE mini-pci card that came > >with it with another. The hardware refuses to boot with an > >"unauthorized network card detected" or somesuch error (brilliant!). > > > >What are the chances of getting this card working with obsd? :) > > bios-mods.com has high-wire patches to bypass the whitelist, thinkwiki.org a > couple of less risky tricks but I'd just return the laptop. Some Lenovos have > the closed-source "Express Gate" BIOS-level remote desktop, w/ GPU encoding > so your system load won't even blink. Indeed, I think returning such hardware is the best approach. That is the only option a consumer has left.
Re: realtek 8188ce "not configured"
>Lenovo won't let me replace the Realtek 8188CE mini-pci card that came >with it with another. The hardware refuses to boot with an >"unauthorized network card detected" or somesuch error (brilliant!). > >What are the chances of getting this card working with obsd? :) bios-mods.com has high-wire patches to bypass the whitelist, thinkwiki.org a couple of less risky tricks but I'd just return the laptop. Some Lenovos have the closed-source "Express Gate" BIOS-level remote desktop, w/ GPU encoding so your system load won't even blink. -- p
Re: hi, hope you are fine, my Name is Paulina, I will want us to be friends, for something important which I would like to share with u, & we will get to know each other better i am waiting for your r
Re: hi, hope you are fine, my Name is Paulina, I will want us to be friends, for something important which I would like to share with u, & we will get to know each other better i am waiting for your responds, ( distance or colour does not matter ) urs Paul thought you would be interested in the following article:Italian merchants funded England's discovery of North America Evidence that a Florentine merchant house financed the earliest English voyages to North America, has been published on-line in the academic journal Historical Research. Click here to read more on e! Science News
Re: realtek 8188ce "not configured"
> On Wed, May 30, 2012 at 2:52 PM, Fred Crowson wrote: > > On 30 May 2012 21:45, patrick keshishian wrote: > >> Hi misc@, > >> > >> Lenovo won't let me replace the Realtek 8188CE mini-pci card that came > >> with it with another. The hardware refuses to boot with an > >> "unauthorized network card detected" or somesuch error (brilliant!). > >> > >> What are the chances of getting this card working with obsd? :) > >> > >> --patrick > > > > Would the tpwireless package help? > > Interesting! ... thanks for the tip. I'll just have to work around > this with a USB stick install or something: > > $ make extract > ===> tpwireless-0.2 is only for i386, not amd64 . I would be really surprised to see this work on a very modern thinkpad. However, in the past there were generation gaps. It would work one thinkpad, then not work on the next few, then work again on some others later on... Kind of as if their check was added in different places. What they are doing is illegal, yet it is impossible to after the monster companies now.
Re: realtek 8188ce "not configured"
On Wed, May 30, 2012 at 2:52 PM, Fred Crowson wrote: > On 30 May 2012 21:45, patrick keshishian wrote: >> Hi misc@, >> >> Lenovo won't let me replace the Realtek 8188CE mini-pci card that came >> with it with another. The hardware refuses to boot with an >> "unauthorized network card detected" or somesuch error (brilliant!). >> >> What are the chances of getting this card working with obsd? :) >> >> --patrick > > Would the tpwireless package help? Interesting! ... thanks for the tip. I'll just have to work around this with a USB stick install or something: $ make extract ===> tpwireless-0.2 is only for i386, not amd64 . --patrick
Re: realtek 8188ce "not configured"
On 30 May 2012 21:45, patrick keshishian wrote: > Hi misc@, > > Lenovo won't let me replace the Realtek 8188CE mini-pci card that came > with it with another. The hardware refuses to boot with an > "unauthorized network card detected" or somesuch error (brilliant!). > > What are the chances of getting this card working with obsd? :) > > --patrick Would the tpwireless package help? Fred
Re: AMD Zacate E350 (ASUS E35M1-M) dmesg/experiences?
I'm answering to myself here.. I finally got this motherboard and it's been running some services 24/7 for a week now, without problems. With 5.1-RELEASE. It's no server board (non-ECC ram, no IPMI, re(4) ) but I highly recommend it for cheap silent/low-power systems. A bit faster than Atoms, yet still no speed demon. But it has 6 SATA and supports up to 8GB of ram. And no cpu fan. My office is quiet again. # sysctl hw | grep temp hw.sensors.km0.temp0=51.50 degC hw.sensors.lm1.temp0=28.00 degC hw.sensors.lm1.temp1=39.00 degC Here's the dmesg: OpenBSD 5.1 (GENERIC.MP) #207: Sun Feb 12 09:42:14 MST 2012 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8167038976 (7788MB) avail mem = 7935467520 (7567MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xeaf40 (60 entries) bios0: bios0: ASUSTeK COMPUTER INC. E35M1-M acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC MCFG HPET SSDT SSDT acpi0: wakeup devices SBAZ(S4) PS2K(S4) PS2M(S4) UAR1(S4) P0PC(S4) UHC1(S4) UHC2(S4) USB3(S4) UHC4(S4) USB5(S4) UHC6(S4) UHC7(S4) BR14(S4) PE20(S4) PE21(S4) RLAN(S4) PE22(S4) BR23(S4) PE23(S4) PWRB(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD E-350 Processor, 1600.18 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD E-350 Processor, 1599.96 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT cpu1: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 512KB 64b/line 16-way L2 cache cpu1: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative ioapic0 at mainbus0: apid 0 pa 0xfec0, version 21, 24 pins ioapic0: misconfigured as apic 3, remapped to apid 0 acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpihpet0 at acpi0: 14318180 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (BR15) acpiprt2 at acpi0: bus -1 (PCE6) acpiprt3 at acpi0: bus -1 (PCE7) acpiprt4 at acpi0: bus -1 (PCE8) acpiprt5 at acpi0: bus -1 (BR14) acpiprt6 at acpi0: bus 2 (PE20) acpiprt7 at acpi0: bus 3 (PE21) acpiprt8 at acpi0: bus 4 (PE22) acpiprt9 at acpi0: bus 5 (BR23) acpiprt10 at acpi0: bus -1 (PE23) acpicpu0 at acpi0: C2, PSS acpicpu1 at acpi0: C2, PSS acpibtn0 at acpi0: PWRB cpu0: 1599 MHz: speeds: 1600 1280 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "AMD AMD64 14h Host" rev 0x00 vga1 at pci0 dev 1 function 0 "ATI Radeon HD 6310" rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) azalia0 at pci0 dev 1 function 1 "ATI Radeon HD 6310 HD Audio" rev 0x00: msi azalia0: no supported codecs ahci0 at pci0 dev 17 function 0 "ATI SBx00 SATA" rev 0x40: apic 0 int 19, AHCI 1.2 scsibus0 at ahci0: 32 targets sd0 at scsibus0 targ 0 lun 0: SCSI3 0/direct fixed naa.50014ee6561ebf46 sd0: 1907729MB, 512 bytes/sector, 3907029168 sectors sd1 at scsibus0 targ 1 lun 0: SCSI3 0/direct fixed naa.50014ee205874f2b sd1: 1907729MB, 512 bytes/sector, 3907029168 sectors sd2 at scsibus0 targ 2 lun 0: SCSI3 0/direct fixed naa.50014ee205a8d497 sd2: 1907729MB, 512 bytes/sector, 3907029168 sectors ohci0 at pci0 dev 18 function 0 "ATI SB700 USB" rev 0x00: apic 0 int 18, version 1.0, legacy support ehci0 at pci0 dev 18 function 2 "ATI SB700 USB2" rev 0x00: apic 0 int 17 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "ATI EHCI root hub" rev 2.00/1.00 addr 1 ohci1 at pci0 dev 19 function 0 "ATI SB700 USB" rev 0x00: apic 0 int 18, version 1.0, legacy support ehci1 at pci0 dev 19 function 2 "ATI SB700 USB2" rev 0x00: apic 0 int 17 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 "ATI EHCI root hub" rev 2.00/1.00 addr 1 piixpm0 at pci0 dev 20 function 0 "ATI SBx00 SMBus" rev 0x42: polling iic0 at piixpm0 iic0: addr 0x20 01=00 02=00 03=00 04=00 05=00 06=00 07=00 08=00 09=00 0a=10 0b=10 0c=10 0d=10 0e=0b 0f=94 10=00 11=00 12=00 13=00 14=00 15=10 16=0a 17=ae 18=40 19=9a 1a=b3 1b=a8 1c=b6 1d=80 1e=0c 1f=03 20=09 21=09 22=09 23=09 24=03 3e=cf words 00=ff00 01= 02= 03= 04= 05= 06= 07= spdmem0 at iic0 addr 0x50: 4GB DDR3 SDRAM PC3-10600 spdmem1 at iic0 addr 0x52: 4GB DDR3 SDRAM PC3-10600 azalia1 at pci0 dev 20 function 2 "ATI SBx00 HD Audio" rev 0x40: apic 0 int 16 azalia1: codecs: Realtek/0x0887 audio0 at azalia1 pcib0 at pci0 dev 20 function 3 "ATI SB700 ISA" rev 0x40
realtek 8188ce "not configured"
Hi misc@, Lenovo won't let me replace the Realtek 8188CE mini-pci card that came with it with another. The hardware refuses to boot with an "unauthorized network card detected" or somesuch error (brilliant!). What are the chances of getting this card working with obsd? :) --patrick OpenBSD 5.1-current (GENERIC) #242: Sun May 20 10:35:39 MDT 2012 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 3866689536 (3687MB) avail mem = 3741433856 (3568MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xf9ba0 (60 entries) bios0: vendor LENOVO version "8FET32WW (1.16 )" date 11/03/2011 bios0: LENOVO 06112EU acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SLIC HPET APIC MCFG UEFI UEFI SSDT SSDT UEFI acpi0: wakeup devices PB4_(S4) PB5_(S4) PB6_(S4) PB7_(S4) OHC1(S3) OHC2(S3) EHC2(S3) OHC3(S3) EHC3(S3) OHC4(S3) SBAZ(S4) GEC_(S4) P2P_(S5) SPB0(S4) SPB1(S4) SPB2(S4) SPB3(S4) LID_(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpihpet0 at acpi0: 14318180 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD E-350 Processor, 1597.55 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: 8 4MB entries fully associative cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 199MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2 pa 0xfec0, version 21, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpimcfg0 at acpi0 addr 0xf800, bus 0-31 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (PB4_) acpiprt2 at acpi0: bus -1 (PB5_) acpiprt3 at acpi0: bus 1 (PB6_) acpiprt4 at acpi0: bus -1 (PB7_) acpiprt5 at acpi0: bus 2 (P2P_) acpiprt6 at acpi0: bus 3 (SPB0) acpiprt7 at acpi0: bus 4 (SPB1) acpiprt8 at acpi0: bus -1 (SPB2) acpiprt9 at acpi0: bus -1 (SPB3) acpiec0 at acpi0 acpicpu0 at acpi0: C2, PSS acpitz0 at acpi0: critical temperature is 92 degC acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: SLPB acpithinkpad0 at acpi0 acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT1 model "42T4785" serial 3355 type LION oem "SANYO" acpibtn2 at acpi0: LID_ cpu0: 1597 MHz: speeds: 1600 1280 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "AMD AMD64 14h Host" rev 0x00 vga1 at pci0 dev 1 function 0 "ATI Radeon HD 6310" rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) azalia0 at pci0 dev 1 function 1 "ATI Radeon HD 6310 HD Audio" rev 0x00: msi azalia0: no supported codecs ppb0 at pci0 dev 6 function 0 "AMD AMD64 14h PCIE" rev 0x00: msi pci1 at ppb0 bus 1 re0 at pci1 dev 0 function 0 "Realtek 8168" rev 0x03: RTL8168D/8111D (0x2800), apic 2 int 18, address e8:9a:8f:66:06:38 rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2 ahci0 at pci0 dev 17 function 0 "ATI SBx00 SATA" rev 0x00: apic 2 int 19, AHCI 1.2 scsibus0 at ahci0: 32 targets sd0 at scsibus0 targ 0 lun 0: SCSI3 0/direct fixed naa.5391c6887a53 sd0: 238475MB, 512 bytes/sector, 488397168 sectors ohci0 at pci0 dev 18 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ehci0 at pci0 dev 18 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "ATI EHCI root hub" rev 2.00/1.00 addr 1 ohci1 at pci0 dev 19 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ehci1 at pci0 dev 19 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 "ATI EHCI root hub" rev 2.00/1.00 addr 1 piixpm0 at pci0 dev 20 function 0 "ATI SBx00 SMBus" rev 0x42: polling iic0 at piixpm0 spdmem0 at iic0 addr 0x50: 2GB DDR3 SDRAM PC3-10600 SO-DIMM spdmem1 at iic0 addr 0x51: 2GB DDR3 SDRAM PC3-10600 SO-DIMM azalia1 at pci0 dev 20 function 2 "ATI SBx00 HD Audio" rev 0x40: apic 2 int 16 azalia1: codecs: Conexant/0x5066 audio0 at azalia1 pcib0 at pci0 dev 20 function 3 "ATI SB700 ISA" rev 0x40 ppb1 at pci0 dev 20 function 4 "ATI SB600 PCI" rev 0x40 pci2 at ppb1 bus 2 ppb2 at pci0 dev 21 function 0 "ATI SB800 PCIE" rev 0x00 pci3 at ppb2 bus 3 ppb3 at pci0 dev 21 function 1 "ATI SB800 PCIE" rev 0x00: msi pci4 at ppb3 bus 4 "Realtek 8188CE" rev 0x01 at pci4 dev 0 function 0 not configured pchb1 at pci0 dev 24 function 0 "AMD AMD64 14h Link Cfg" rev 0x43 pchb2 at pci0 dev 24 function 1 "AMD AMD64 14h Address Map" rev 0x00 pchb3 at pci0 dev 24 function 2 "AMD AMD64 14h DRAM Cfg" rev 0x00 km0 at pci0 dev 24 function 3 "AMD AMD64 14h Misc Cfg" rev 0x00 pchb4 at pci0 dev 24 function 4 "AMD AMD64 14h CPU Power" rev 0x00 pchb5 at pci0 dev 24 function 5 "AMD AMD64 14h Reserved" rev 0x00 pchb6 at pci0 dev 24 function 6 "AMD AMD64 14h NB Power
Re: Plan 9 to OpenBSD (Was Re: OpenBSD in April's issue of the CACM)
I'm not sure what you mean by social but Plan 9 development from Bell is pretty slow/opaque and the rest of the community scattered and headless. I don't care for Inferno and Rob Pike unfortunately took a job at Google ("why Rob, why??":-). Plan 9's file paradigm is great but their 3-button mouse UI is crap. Security-wise Plan 9 doesn't have any creds, good or bad, but hardware support without source review is worthless, i.e. "you don't know where that code has been". OpenBSD's proactive about security and privacy (f.ex autoconfigprivacy to mask your MAC on ipv6 sockets), pf is unmatched, etc. The only thing I miss is an X-less framebuffer in OpenBSD even it'd support just a console and text editor. IMHO X has to die, it's a huge pile of crap. -- p >Hi, > >Peter Laufenberg wrote on Wed, May 30, 2012 at 07:51:13AM MST: >> Actually it's this kind of slander that brought me to OpenBSD. While looking >> for an OS that didn't embrace "Trusted Computing", I came across Theo's >> wikipedia entry which pounded on him so extensively that it raised a flag. >> Extra points for the stab from Linus >> "no-lube-needed/I-can't-feel-a-thing-by-now". Without the slander I probably >> would have stuck with Plan 9. >I have been using OpenBSD exclusively for the last 6 months and I really do >prefer it (both technically and socially) to Linux (which I had used for the >past 15 years) and FreeBSD (which I used to administer at work). I only >started learning about Plan 9 over the past few months and I really like what >I see so far. The one thing that is keeping me from trying to make more use of >it is the lack of drivers for some of my hardware. I am curious about what led >you to go from Plan 9 to OpenBSD. Were they technical in nature or social, or >a little of both? > >Thanks, > >David
Re: nonexistent tables in pf.conf
> On May 30 12:14:22, Theo de Raadt wrote: > > > There is a difference between an empty table and a nonexistent table, > > > and there is a difference between a table not existing at load time > > > and table being deleted. > > > > Since you have such firm opinions, perhaps you should write your > > own packet filter. > > It's a typo. Come on. > > Writing instead of > (which is my error no doubt) completely broke > greylisting, yet it's detectable at load time. > > I think it would be an improvement if pfctl mentioned that > at load time. (Is that "firm opinion" or what?) So learn to type correctly. You'll need to learn to type correctly when you start work on your own packet filter, of course. But in pf this behaviour is *INTENTIONAL*.
Re: nonexistent tables in pf.conf
On May 30 14:29:01, Tony Abernethy wrote: > Jan Stary wrote: > >There is a difference between an empty table and a nonexistent table, > >and there is a difference between a table not existing at load time > >and table being deleted. > > Exactly what difference in behavior is expected? If a table does not exist at ruleset load time (as opposed to an existing but empty table), mention it. If a table gets deleted from a runing pf, treat it as an empty table from there on. (I'll be glad to hear why this is a bad idea.)
Re: nonexistent tables in pf.conf
On May 30 12:14:22, Theo de Raadt wrote: > > There is a difference between an empty table and a nonexistent table, > > and there is a difference between a table not existing at load time > > and table being deleted. > > Since you have such firm opinions, perhaps you should write your > own packet filter. It's a typo. Come on. Writing instead of (which is my error no doubt) completely broke greylisting, yet it's detectable at load time. I think it would be an improvement if pfctl mentioned that at load time. (Is that "firm opinion" or what?)
Re: nonexistent tables in pf.conf
Jan Stary wrote: >There is a difference between an empty table and a nonexistent table, >and there is a difference between a table not existing at load time >and table being deleted. Exactly what difference in behavior is expected? This seems too much like NULL pointer exceptions in Java, where the value of the expression is a crashed program.
Re: nonexistent tables in pf.conf
> There is a difference between an empty table and a nonexistent table, > and there is a difference between a table not existing at load time > and table being deleted. Since you have such firm opinions, perhaps you should write your own packet filter.
Re: nonexistent tables in pf.conf
> Le 2012-05-30 07:05, Jan Stary a icrit : > >It seems that pf will accept rules in pf.conf that refer > >to a nonexistent. I came to know about his in > >a sadly laughable way, trying to figure out why pf redirects > >even the connections comming "from" to spamd. > >Apparently, this gets treated as an empty table. > > > >This is on > >OpenBSD 5.1-beta (GENERIC) #140: Sat Jan 21 00:40:23 MST 2012 > > dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC > > > >I believe it would be an improvement if pfctl refused > >to load a ruleset that refers to nonexistent tables. > > On May 30 13:25:48, Michel Blais wrote: > And what should happen when you delete a table ? PF should stop > because there a rule that use that table ? I am not saying that. > No, it should only don't match anymore. Agreed. > Ruleset must load even if the're nonexistent tables > for several reason like tables are deleted if empty, etc. There is a difference between an empty table and a nonexistent table, and there is a difference between a table not existing at load time and table being deleted.
Re: nonexistent tables in pf.conf
And what should happen when you delete a table ? PF should stop because there a rule that use that table ? No, it should only don't match anymore. Ruleset must load even if the're nonexistent tables for several reason like tables are deleted if empty, etc. Le 2012-05-30 07:05, Jan Stary a icrit : It seems that pf will accept rules in pf.conf that refer to a nonexistent. I came to know about his in a sadly laughable way, trying to figure out why pf redirects even the connections comming "from" to spamd. Apparently, this gets treated as an empty table. This is on OpenBSD 5.1-beta (GENERIC) #140: Sat Jan 21 00:40:23 MST 2012 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC I believe it would be an improvement if pfctl refused to load a ruleset that refers to nonexistent tables. Jan -- Michel Blais Administrateur riseau / Network administrator Targo Communications www.targo.ca 514-448-0773
Re: spamd nitpicking
Jan Stary wrote: Being a happy new user of spamd and friends (thank you Bob!), I have a few nitpicking questions as I go through the manpages. (1) spamd whitelists a given host by _adding_ it as a whitelist entry; the original GREY entry is left there. Why is is kept around, now that the host is WHITE anyway? Is it because it is just easier to let it expire than to explicitly delete it? Or is it because greytrapping only applies to greylisted connections, and we want to know about even WHITE hosts sending to spamtrap? My understanding is the usual expiration takes care of it. But beyond that, if you are actively troubleshooting, it's nice to see the data from the GREY entry for a bit longer. You can see when they started the process, and how many attempts they made before getting whitelisted. --Kurt
Re: spamd 250 messages
Jan Stary wrote: On May 29 22:22:35, Otto Moerbeek wrote: Yes. Until the host is marked WHITE spamd will handle the connection attempts from that host. Yes, that's understood. But why does spamd talk like that even on the very first connection attempt? (Not that it hurts the greylisting process.) Beyond that, it's actually a feature. Those messages are generally there as informational, only the number code is paid attention to. But spammers often try to be "clever" and give up on tarpits. So leaving it there may weed out more spammers while not impacting legitimate email working through the greylist. That's also why spamd in greylisting stutters for the first 10 seconds. Many spammers disconnect now when stuttered at, so they give up before even starting the greylisting process. --Kurt
[NUEVO] 100 avisos clasificados online para generar ventas, abrir...
Marketing en Internet Servicio de 100 avisos clasificados distribuidos en 5 portales importantes de Argentina Servicio de colocacion de 100 AVISOS CLASIFICADOS ONLINE EN 5 PORTALES El resultado de la publicacisn en estos avisos producria: mas Llamadas Telefsnicas, mas Consultas via Mail y mas Visitas a Su Pagina Web Imagine sus esfuerzos Publicitarios Multiplicado por 100! No es cualquier aviso, con cualquier contenido, sino que cumplen premisas muy valiosas para diferenciarse y atraer al visitante. Contamos con un Servicio por unica vez o mensual de publicacisn de 100 Avisos Clasificados en 5 portales de avisos clasificados online; con trafico en si mismo para generar visitas a la pagina o llamadas telefsnicas. 7 Ademas producira un efecto positivo sobre su posicionamiento web en los buscadores Google, Yahoo y Bing. 7 Puede llevar contactos a un Telefono, Mail, Video, Blog, Pagina web, Local a la calle, etc. 7 El permodo de colocacisn de avisos tiene una duracisn de 30 dmas. 7 Alta en cada portal 7 Le proveeremos todos los links con los avisos clasificados publicados, usuario y contraseqa utilizados. 7 Capturando todo el trafico que generan estos sitios cada dma Contara con una podoerosa exposicisn publicitaria para dar a conocer sus actividades, negocios, productos o servicios a mayor nzmero de personas. 7 Tambien podra acceder al Servicio Mensual de promocion de Su pagina web en avisos clasificados. En caso de que esta propuesta le resulte de interis, escribanos a avi...@promociondigital.com llamenos al telefono 15-3307-7029 de 9 a 19hs. de lunes a viernes y sabados de 9 a 14hs. Por favor, no responda a este mail. Esta direccisn sslo es valida para realizar envmos. Te enviaremos la propuesta y descripcisn desde el mail que lo solicites. Contactar a: Adrian Mansilla Al: 15-3307-7029 O escribir directamente a: avi...@promociondigital.com PD: Conoces un colega que lo necesita, reenviale este mail. Conszltenos por el Servicio Mensual de promocion de Su pagina web en avisos clasificados. Contactar a: Adrian Mansilla 15-3307-7029 O escribir Click aqui Responder con Quitar para poder darlo de baja.
Re: OpenBSD in April's issue of the CACM
>Ad hominem attacks on people they obviously know nothing about Actually it's this kind of slander that brought me to OpenBSD. While looking for an OS that didn't embrace "Trusted Computing", I came across Theo's wikipedia entry which pounded on him so extensively that it raised a flag. Extra points for the stab from Linus "no-lube-needed/I-can't-feel-a-thing-by-now". Without the slander I probably would have stuck with Plan 9. If you care about setting the record straight (or avoid further distortions) I suggest a short "in response to" section on openbsd.org, more reputable publications may pick it up and of course love being able to quote someone else criticising the powerful. Cherry on the cake would be a quip from Berners-Lee on how the Internet would look had he patented HTTP. As for ACM, I dropped my subscription a year ago cause they were wasting my time on the crapper (admittedly quality reading time:) > From: Peter Laufenberg [mailto:pe...@x.com] > Sent: Thursday, August 18, 2011 5:28 PM > To: xx...@acm.org > Subject: Re: Welcome to your second year as an ACM member! > > Hi, > > I would like to unsubscribe from ACM immediately; I understand there may be > remaining months on my last credit card charge. > > My main motive is the wildly uneven quality of CACM articles. F.ex. the one > about home networking explaining what "D-H-C-P" is so it can spawn a dozen > pages. > > Thanks
syslog.conf program tags
On my 5.1-current, the syslog.conf(5) manpage says: If a received message matches the specified facility and is of the specified level (or a higher level), and the first word in the message after the date matches the program, the action specified in the action ^^ field will be taken. That doesn't seem to be quite correct; for example, the spamd output is tagged in my syslog.conf as !!spamd daemon.info /var/log/spamd !* and indeed the action is taken (/var/log/spamd) May 30 16:26:22 www spamd[12575]: 177.40.181.6: connected (1/1), lists: nixspam although the program ("spamd") does not match the first word after the date - it's the first after the date and hostname. Jan
Re: ACPI problems on a W500 thinkpad: software or hardware?
Gesendet: Mittwoch, 30. Mai 2012 um 05:19 Uhr Von: "STeve Andre'" An: "OpenBSD Misc" Betreff: ACPI problems on a W500 thinkpad: software or hardware? So... I just had my trusty Thinkpad W500 repaired, getting a new system board. Things seemed fine, till the machine shut down on me. It was graceful so the filesystems wern't dirty, but still wrong. Today, trying to compile the latest i386-current, it shut down on me three times. Here is what's in messages: May 29 19:15:36 paladin /bsd: acpithinkpad0: unknown event 0x6022 May 29 19:15:36 paladin /bsd: acpitz1: critical temperature exceeded 100C (3732K), shutting down May 29 19:15:39 paladin syslogd: restart May 29 19:15:49 paladin syslogd: exiting on signal 15 I'm trying to get a list of acpi events but that isn't proving easy. I am trying to figure out if I got a 'new' bad system board, or if I'm having other problems. The temperature is not 100C--it's been in the 70's each time this has happened. I think I have the latest bios, but I'll check. Any ideas? Really curious what event 6022 is. Thanks, STeve Andre' Hi there, I have noticed the same issue while compiling something bigger (like userland "make build" or mozilla-firefox) on an old Thinkpad T60. I "solved" it by reducing setperf to 66. In my case it _might_ be dirt in the cooling system. As it occurs only with big compile-jobs I didn't feel the urge to check and clean the system internally. As I am currently not in front of the T60 I cannot add dmesg or other infos. If helpful just drop me a note. BR, STEFAN --- Mail: stefan wollny de GnuPG-Key ID: 0x9C26F1D0
Re: Large scale DNS anycast setup: OpenBSD performance issues
On Tue, May 29, 2012 at 01:44:51PM +0300, Kostas Zorbadelos wrote: > Henning Brauer writes: > > > if it is really thread related and not sth small & stupid - try it. For testing purposes, do you have pf turned off, or a 1 line pf.conf, like: pass ?
Re: ACPI problems on a W500 thinkpad: software or hardware?
On 2012-05-30 05.19, STeve Andre' wrote: > May 29 19:15:36 paladin /bsd: acpithinkpad0: unknown event 0x6022 > May 29 19:15:36 paladin /bsd: acpitz1: critical temperature exceeded > 100C (3732K), shutting down It's probably no help to you, but 100B0 C is not 3732 K. It is however 373.15 K, which if you round it up interestingly enough is 373.2 K, i e the same number, one magnitude off. (Haven't looked at the code, but it isn't inconceivable that the computer suddenly thinks it's being tossed into the sun and is starting to melt - and hurries to shut itself down. So this discrepancy might be worth to investigate anyway.) Regards, /Benny -- internetlabbet.se / work: +46 8 551 124 80 / "Words must Benny Lofgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted." /email: benny -at- internetlabbet.se
Re: ciss(4) write very slow w/o bbwc
Hi! I tested the performance w and w/o the patch. There is no difference. ciss0 at pci3 dev 3 function 0 "Compaq Smart Array 64xx" rev 0x01: apic 10 int 3 ciss0: 2 LDs, HW rev 1, FW 2.84/2.84, 64bit fifo scsibus0 at ciss0: 2 targets sd0 at scsibus0 targ 0 lun 0: SCSI2 0/direct fixed sd0: 69459MB, 512 bytes/sector, 142253280 sectors sd1 at scsibus0 targ 1 lun 0: SCSI2 0/direct fixed sd1: 140006MB, 512 bytes/sector, 286734240 sectors kern.bufcachepercent=20 w/o patch raw device # dd if=/dev/zero of=/dev/rsd1d bs=1m count=1000 1000+0 records in 1000+0 records out 1048576000 bytes transferred in 75.550 secs (13879230 bytes/sec) file # dd if=/dev/zero of=test bs=1m count=1000 1000+0 records in 1000+0 records out 1048576000 bytes transferred in 16.986 secs (61728607 bytes/sec) w patch raw device # dd if=/dev/zero of=/dev/rsd1d bs=1m count=1000 1000+0 records in 1000+0 records out 1048576000 bytes transferred in 75.609 secs (13868396 bytes/sec) file # dd if=/dev/zero of=test bs=1m count=1000 1000+0 records in 1000+0 records out 1048576000 bytes transferred in 16.165 secs (64863961 bytes/sec) In fact, the file test performance is acceptable for me. The raw performace (eg. newfs) is not so important. Thx csszep 2012/5/29 Andreas Bartelt : > Hello, > > > On 05/29/12 17:28, Kenneth R Westerback wrote: >> >> On Tue, May 29, 2012 at 03:48:02PM +0200, csszep wrote: >>> >>> Hi! >>> >>> So i tested the ciss performance with Openbsd 5.1 and Netbsd 5.1.2 and >>> the numbers are the same. :( >>> >>> approx 13Mbyte/s write with dd if=/dev/zero of=/dev/rsd1c bs=1m count=500 >>> >>> But why Linux is four times faster (approx 40Mbyte/s)? >> >> >> Dunno. But the diff below should apply the NetBSD 'fix' for the INQUIRY >> command. >> >> Ken >> >> >> Dunno. But the diff below should apply the NetBSD 'fix' for the INQUIRY >> command. >> > > I also can confirm relatively slow ciss(4) performance on OpenBSD. Enabling > the (not battery backed) cache via BIOS doesn't help significantly. > > I just did some tests on a HP Proliant DL360G7 with RAID1 via ciss(4) with > 2x300GB 6G SAS 1 rpm HDDs (cache disabled on this box): > > # disklabel sd0 > # /dev/rsd0c: > type: SCSI > disk: SCSI disk > label: LOGICAL VOLUME > duid: 410f0efc5a9d86dd > flags: > bytes/sector: 512 > sectors/track: 63 > tracks/cylinder: 255 > sectors/cylinder: 16065 > cylinders: 36468 > total sectors: 585871964 > boundstart: 64 > boundend: 585858420 > drivedata: 0 > > 16 partitions: > #size offset fstype [fsize bsize cpg] > a: 1028096 64 4.2BSD 2048 16384 1 # / > c:5858719640 unused > d: 1028160 1028160 4.2BSD 2048 16384 1 # /var > e:146801952 2056320 4.2BSD 2048 16384 1 # /usr > f: 20964832148858272 4.2BSD 2048 16384 1 # /home > g:416035264169823104 4.2BSD 4096 32768 1 # /log > > # mount > /dev/sd0a on / type ffs (local, noatime, softdep) > /dev/sd0f on /home type ffs (local, noatime, nodev, nosuid, softdep) > /dev/sd0g on /log type ffs (local, noatime, nodev, nosuid, softdep) > /dev/sd0e on /usr type ffs (local, noatime, nodev, softdep) > /dev/sd0d on /var type ffs (local, noatime, nodev, nosuid, softdep) > > > # dmesg|grep ciss > ciss0 at pci1 dev 0 function 0 "Hewlett-Packard Smart Array" rev 0x01: apic > 0 int 4 > ciss0: 2 LDs, HW rev 2, FW 3.66/3.66, 64bit fifo rro > scsibus0 at ciss0: 2 targets > > before applying your patch: > > [/usr] > # dd if=/dev/zero of=testfile bs=1m count=1000 > 1000+0 records in > 1000+0 records out > 1048576000 bytes transferred in 16.428 secs (63825353 bytes/sec) > > [/usr] > # dd if=/dev/zero of=testfile bs=1m count=1 > 1+0 records in > 1+0 records out > 1048576 bytes transferred in 153.910 secs (68128911 bytes/sec) > > [/log] > # dd if=/dev/zero of=testfile bs=1m count=1000 > 1000+0 records in > 1000+0 records out > 1048576000 bytes transferred in 8.122 secs (129087680 bytes/sec) > > [/log] > # dd if=/dev/zero of=testfile bs=1m count=1 > 1+0 records in > 1+0 records out > 1048576 bytes transferred in 87.701 secs (119561580 bytes/sec) > > after applying your patch: > > [/usr] > # dd if=/dev/zero of=testfile bs=1m count=1000 > 1000+0 records in > 1000+0 records out > 1048576000 bytes transferred in 14.113 secs (74296489 bytes/sec) > > [/usr] > # dd if=/dev/zero of=testfile bs=1m count=1 > 1+0 records in > 1+0 records out > 1048576 bytes transferred in 154.600 secs (67824996 bytes/sec) > > [/log] > # dd if=/dev/zero of=testfile bs=1m count=1000 > 1000+0 records in > 1000+0 records out > 1048576000 bytes transferred in 6.836 secs (153379539 bytes/sec) > > [/log] > # dd if=/dev/zero of=testfile bs=1m count=1 > 1+0 records in > 1+0 records out > 1048576 bytes transferred in 82.955 secs (126402027 bytes/sec) > > The larger fsize/bsize of partition sd0g almost seems to double the writing > t
Re: OpenBSD in April's issue of the CACM
On 2012-05-29 19:40, Theo de Raadt wrote: http://www.freebsd.org/news/status/report-2011-10-2011-12.html#The-New-CARP Look at that last entry about talking to IANA! The entry in question is: "4. Work with IANA to get an official protocol number. gnn@ to handle." This shows ignorance about how IANA works. You cannot "work with IANA". IANA is a clerk. It maintains registries. It is a bookkeeping job. It cannot make decisions of its own. The IETF, and its steering group the IESG, are the ones who lay down the rules that IANA must obey. Protocol numbers are maintained at: http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml The important bit is the "Registration Procedures", which are: "IESG Approval or Standards Action" These terms are defined here: http://tools.ietf.org/html/rfc5226#section-4.1 IESG Approval - New assignments may be approved by the IESG. Although there is no requirement that the request be documented in an RFC, the IESG has discretion to request documents or other supporting materials on a case-by-case basis. Standards Action - Values are assigned only for Standards Track RFCs approved by the IESG. See also this RFC which specifically applies to protocol-numbers: http://tools.ietf.org/html/rfc5237 Even though the IESG Approval route may look easier, in practice it is exceptional for registrations to go through this path. There needs to be some justification for not writing an RFC, usually based on urgency. In the present case I don't see how they could present such a justification. Simon
Re: More bgpd problems
On 05/30/2012 04:27 AM, Matt Hamilton wrote: > James Shupe hermetek.com> writes: > >> I've been running it to peer with 3 IPv4 peers and 3 IPv6 peers (full >> views) and another partial IPv4 view with 12k routes (actually: varying >> amounts of peers over the years, but that's the current setup) since 4.5 >> without needing any cron jobs to watch over it. > > It looks like the issue is likely to be bgpd's interaction with ospfd. And/Or > CARP. I have CARP configured on two routers that act as gateways to one > of our upstream providers. They they speak OSPF and BGP to internal > routers and routers that peer with other remote networks. So I think > what happens is a CARP failover happens (they are quite regular for some > reason, but its never bothered me as it just works) and that causes > OSPF to change its metrics which in turn cause routing changes in BGP. > Its this propagating of events that I think is causing issues. > We've always been running OSPFD and, since 4.7/4.8? or so, OSPF6D (that's when it became usable for us), without issue. We also run CARP, because these routers are installed in pairs and also act as default gateways for machines behind directly them... so neither of those are ruled out in our setup. >> nrpe and ifstated run to verify the peers are up and react accordingly, >> but they never trigger unless there is a physical or provider issue. >> OpenBGPD has been rock solid for us. > > I'd be very interested to see your ifstated config and how you use > that to verify peers being up as we could do with some better > monitoring here. I'll get something together when I'm at work later, I'm shooting this email off real quick before I leave the house. > > -Matt > > > Thank you, -- James Shupe [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: spamd 250 messages
On 05/30/12 06:56, Jan Stary wrote: > On May 30 10:34:31, Otto Moerbeek wrote: >> On Wed, May 30, 2012 at 10:25:01AM +0200, Jan Stary wrote: >> >> > On May 29 22:22:35, Otto Moerbeek wrote: >> > > On Tue, May 29, 2012 at 09:53:40PM +0200, Jan Stary wrote: >> > > >> > > > It seems that during the SMTP dialogue, spamd says things like >> > > > "250 Hello spammer, this is gonna hurt you" and similar >> > > > - but it also happens for hosts that are GREY at the time. >> > > > >> > > > Is that right, and is that expected? >> > > > >> > > >Jan >> > > >> > > Yes. Until the host is marked WHITE spamd will handle the connection >> > > attempts from that host. >> > >> > Yes, that's understood. But why does spamd talk like that >> > even on the very first connection attempt? (Not that it hurts >> > the greylisting process.) >> >> Just because the majorty are spammers? > > OK. > >> Why is this relevant? Does the >> sending mta feel offended or so? > > No, it just seemed a bit confusing being greeted as spammer > on the very first contact when I was testing my spamd. It's good to know who you are talking to when diagnosing delivery problems. Could different messages be generated for first contacts vs. later contacts? Probably. But..why? Added complexity, no benefit. The point of spamd is to block a very high percentage of spam at very low CPU load. Feature creep could break this. Nick.
nonexistent tables in pf.conf
It seems that pf will accept rules in pf.conf that refer to a nonexistent . I came to know about his in a sadly laughable way, trying to figure out why pf redirects even the connections comming "from " to spamd. Apparently, this gets treated as an empty table. This is on OpenBSD 5.1-beta (GENERIC) #140: Sat Jan 21 00:40:23 MST 2012 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC I believe it would be an improvement if pfctl refused to load a ruleset that refers to nonexistent tables. Jan
Re: Tuning for pppoe over fibre 30M/1M link
On Tue, May 29, 2012 at 07:23:32PM +1000, David Diggles wrote: [ snip ] > http://bincrow.net/test.log [ snip ] Interesting, this single post got http://bincrow.net added to the Websense blocklist. Category: "This Websense category is filtered: Potentially Damaging Content. Sites in this category may pose a security threat to the Departments network and are blocked as per the Departments 'Use of Internet, Email & Other ICT Facilities & Devices' policy." All it serves is an index.html, basic html no javascript, and the log I posted. I guess this list gets trawled for "bad urls" by content filtering providers.
Re: spamd 250 messages
On May 30 10:34:31, Otto Moerbeek wrote: > On Wed, May 30, 2012 at 10:25:01AM +0200, Jan Stary wrote: > > > On May 29 22:22:35, Otto Moerbeek wrote: > > > On Tue, May 29, 2012 at 09:53:40PM +0200, Jan Stary wrote: > > > > > > > It seems that during the SMTP dialogue, spamd says things like > > > > "250 Hello spammer, this is gonna hurt you" and similar > > > > - but it also happens for hosts that are GREY at the time. > > > > > > > > Is that right, and is that expected? > > > > > > > > Jan > > > > > > Yes. Until the host is marked WHITE spamd will handle the connection > > > attempts from that host. > > > > Yes, that's understood. But why does spamd talk like that > > even on the very first connection attempt? (Not that it hurts > > the greylisting process.) > > Just because the majorty are spammers? OK. > Why is this relevant? Does the > sending mta feel offended or so? No, it just seemed a bit confusing being greeted as spammer on the very first contact when I was testing my spamd.
Re: OpenBSD in April's issue of the CACM
On Wed, May 30, 2012 at 12:10:34PM +0200, Nomen Nescio wrote: > Unfortunately the "A" in ACM should really mean "Academic" instead of > "Association." Heh, I was going to say it reminds me of the efforts of the Unseen University, to eradicate Sourcery from the Discworld.
Re: opensmtpd php_mail /usr/sbin/sendmail
30.05.2012 10:23, Gilles Chehade P?P8QP5Q: You can configure opensmtpd to work with gmail relatively easily: /etc/mail/gmail-credentials.txt: mail.google.com user:password /etc/mail/smtpd.conf: map "gmail" source plain "/etc/mail/gmail-credentials.txt" accept for all relay via "mail.google.com" tls auth gmail To let your chrooted apache communicate with opensmtpd, you can use mini_sendmail from packages, or any smtp client really. However there is no masquerading at the envelope level yet thanks for your reply Gilles. I will try to test it. but while I wait a some answers for my question, I found great how-to and proceed it with good final result: gmail recieve mail from my sendmail. http://theory14.wordpress.com/2009/06/16/openbsd-smtp-authtls-imaps-proxy/
Re: ACPI problems on a W500 thinkpad: software or hardware?
On Tue May 29, 2012 at 11:19:32PM -0400, STeve Andre' wrote: > So... I just had my trusty Thinkpad W500 repaired, getting a new system > board. Things seemed fine, till the machine shut down on me. It was > graceful so the filesystems wern't dirty, but still wrong. > > Today, trying to compile the latest i386-current, it shut down on me > three times. Here is what's in messages: > > May 29 19:15:36 paladin /bsd: acpithinkpad0: unknown event 0x6022 > May 29 19:15:36 paladin /bsd: acpitz1: critical temperature exceeded > 100C (3732K), shutting down > May 29 19:15:39 paladin syslogd: restart > May 29 19:15:49 paladin syslogd: exiting on signal 15 > > I'm trying to get a list of acpi events but that isn't proving easy. I am > trying to figure out if I got a 'new' bad system board, or if I'm having > other problems. The temperature is not 100C--it's been in the 70's > each time this has happened. I think I have the latest bios, but I'll > check. > The same issue with Thinkpad T400s (newest BIOS) on -current amd64 but no event 0x6022 message. See. dmesg: OpenBSD 5.1-current (GENERIC) #236: Thu Apr 26 01:21:20 MDT 2012 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 8474267648 (8081MB) avail mem = 8226365440 (7845MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (80 entries) bios0: vendor LENOVO version "6HET36WW (1.21 )" date 12/19/2011 bios0: LENOVO 2815W14 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET BOOT ASF! SSDT TCPA DMAR SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) PCI1(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiec0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU P9600 @ 2.53GHz, 2527.32 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF cpu0: 6MB 64b/line 16-way L2 cache cpu0: apic clock running at 266MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpimcfg0 at acpi0 addr 0xe000, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus -1 (EXP2) acpiprt5 at acpi0: bus 5 (EXP3) acpiprt6 at acpi0: bus 14 (PCI1) acpicpu0 at acpi0: C3, C2, C1, PSS acpipwrres0 at acpi0: PUBS acpitz0 at acpi0: critical temperature is 127 degC acpitz1 at acpi0: critical temperature is 100 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model "42T4690" serial 8459 type LION oem "Panasonic" acpibat1 at acpi0: BAT1 model "42T4679" serial87 type LiP oem "SONY" acpiac0 at acpi0: AC unit online acpithinkpad0 at acpi0 cpu0: Enhanced SpeedStep 2527 MHz: speeds: 2534, 2533, 1600, 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel GM45 Host" rev 0x07 vga1 at pci0 dev 2 function 0 "Intel GM45 Video" rev 0x07 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 drm0 at inteldrm0 "Intel GM45 Video" rev 0x07 at pci0 dev 2 function 1 not configured "Intel GM45 HECI" rev 0x07 at pci0 dev 3 function 0 not configured puc0 at pci0 dev 3 function 3 "Intel GM45 AMT SOL" rev 0x07: ports: 1 com com2 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo com2: probed fifo depth: 15 bytes em0 at pci0 dev 25 function 0 "Intel ICH9 IGP M AMT" rev 0x03: msi, address 00:24:7e:6d:ff:35 uhci0 at pci0 dev 26 function 0 "Intel 82801I USB" rev 0x03: apic 1 int 20 uhci1 at pci0 dev 26 function 1 "Intel 82801I USB" rev 0x03: apic 1 int 21 uhci2 at pci0 dev 26 function 2 "Intel 82801I USB" rev 0x03: apic 1 int 22 ehci0 at pci0 dev 26 function 7 "Intel 82801I USB" rev 0x03: apic 1 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 "Intel 82801I HD Audio" rev 0x03: msi azalia0: codecs: Conexant/0x5069 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 "Intel 82801I PCIE" rev 0x03: msi pci1 at ppb0 bus 2 ppb1 at pci0 dev 28 function 1 "Intel 82801I PCIE" rev 0x03: msi pci2 at ppb1 bus 3 iwn0 at pci2 dev 0 function 0 "Intel WiFi Link 5300" rev 0x00: msi, MIMO 3T3R, MoW, address 00:21:6a:5f:11:92 ppb2 at pci0 dev 28 function 3 "Intel 82801I PCIE" rev 0x03: msi pci3 at ppb2 bus 5 sdhc0 at pci3 dev 0 function 0 "Ricoh 5U822 SD/MMC" rev 0x01: apic 1 int 19 sdmmc0 at sdhc0 "Ricoh 5U230 Memory Stick" rev 0x01 at pci3 dev 0 function 1 not configured uhci3 at pci0 dev 29 fun
Re: OpenBSD in April's issue of the CACM
Unfortunately the "A" in ACM should really mean "Academic" instead of "Association." The article you quoted is despicable and unbecoming of any serious publication/organization. Because of their academic bent, there is political correctness gone amok. But this went too far. It was mean- spirited, hypocritical, but most of all stupid. The best thing that came out of that inane, poorly-written piece, was Theo's response here. Yes, OpenBSD people can be (usually strive to be?) a pain in the ass, and they are just as childish (or not) as other humans, but when it comes to technical issues, it is a safe bet things were done for the right reasons. You cannot say that about many other projects.
Re: More bgpd problems
Le Wed, 30 May 2012 09:27:23 + (UTC), Matt Hamilton a icrit : Hello, > I'd be very interested to see your ifstated config and how you use > that to verify peers being up as we could do with some better > monitoring here. Here we use "bgpctl show summary terse" with a grep on the peer name and "Established". Simple but it does the job. # bgpctl show summary terse RenaterV6 2200 Established RenaterV4 2200 Established (never see bgpd crashes) Regards.
Re: More bgpd problems
James Shupe hermetek.com> writes: > I've been running it to peer with 3 IPv4 peers and 3 IPv6 peers (full > views) and another partial IPv4 view with 12k routes (actually: varying > amounts of peers over the years, but that's the current setup) since 4.5 > without needing any cron jobs to watch over it. It looks like the issue is likely to be bgpd's interaction with ospfd. And/Or CARP. I have CARP configured on two routers that act as gateways to one of our upstream providers. They they speak OSPF and BGP to internal routers and routers that peer with other remote networks. So I think what happens is a CARP failover happens (they are quite regular for some reason, but its never bothered me as it just works) and that causes OSPF to change its metrics which in turn cause routing changes in BGP. Its this propagating of events that I think is causing issues. > nrpe and ifstated run to verify the peers are up and react accordingly, > but they never trigger unless there is a physical or provider issue. > OpenBGPD has been rock solid for us. I'd be very interested to see your ifstated config and how you use that to verify peers being up as we could do with some better monitoring here. -Matt
Re: Acer 5552-7858 notebook dmesg
I'm sorry but I do not know enough to answer your questions. I did not phrase my question well. What I would like to know is have you managed to get the laptop to sleep and wake up on closing and then opening the lid? Does this work when X11 is running? On 30 May 2012 03:59, Robert Connolly wrote: > I haven't tried suspend yet. I read the apm man page, and the zzz pdf, but I > don't yet understand how it works in OpenBSD. Is system memory moved to swap > while the system is suspended? or am I thinking of hibernation? > > I did try 'apm -C', and CPU stepping is sortof working. apm steps the CPU > clock down to 800mhz, but while using mplayer apm does not increase the > clock speed. I believe this is because mplayer is only using one CPU core, > and therefore the system appears mostly idle. > > I'm not clear on when to use suspended mode. Will the network stay up? > > On Tue, May 29, 2012 at 3:15 AM, David Scott wrote: >> >> Is suspend/resume working well?
spamd nitpicking
Being a happy new user of spamd and friends (thank you Bob!), I have a few nitpicking questions as I go through the manpages. (1) spamd whitelists a given host by _adding_ it as a whitelist entry; the original GREY entry is left there. Why is is kept around, now that the host is WHITE anyway? Is it because it is just easier to let it expire than to explicitly delete it? Or is it because greytrapping only applies to greylisted connections, and we want to know about even WHITE hosts sending to spamtrap? (2) The spamd(8) manpage says "Use crontab(1) to uncomment the entry in root's crontab", which I did, but experienced spamd-setup failures (see the yesterday's post). I was later advised here that having spamd-setup run at precisely '0 * * * *' might clash with all the others doing the same at that exact time. I moved the spamd-setup to a few minutes later and that solved the problem. Would a note to that effect be an appripriate addition to the spamd(8) (or spamd-setup(8)) manpage? (3) If I understand the GREYTRAPPING section right, a host can get spamtrapped even if it is WHITE: if the original GREY entry is still present and he sends to a spamtrap address within greyexp. The pf.conf example of spamd(8) makes all connections from go to the real mailserver. That means a connection from a WHITE host goes to the real mailserver even if the host is simultaneously TRAPPED. Is that correct? Is that intended? It is a political decision of course: do I allow obvious spam from WHITE hosts? (4) You can't "receive a failure": Index: spamd.8 === RCS file: /home/cvsync/openbsd/src/libexec/spamd/spamd.8,v retrieving revision 1.118 diff -u -p -r1.118 spamd.8 --- spamd.8 19 Mar 2011 23:29:45 - 1.118 +++ spamd.8 30 May 2012 08:26:15 - @@ -236,7 +236,7 @@ below. .El .Pp When run in default mode, -connections receive the pleasantly innocuous temporary failure of: +connections receive the pleasantly innocuous temporary failure message of: .Bd -literal -offset 4n 451 Temporary failure, please try again later. .Ed Thanks again for the great tool! Jan
Re: OpenBSD in April's issue of the CACM
Alternatively: KV sides with the corporate actor Using the process to encumber Or: KV sides with the corporate actor Killing the commons to encumber On 30 May 2012 09:36, ropers wrote: > With apologies for the "we" because I don't really speak for the > OpenBSD project, but maybe people will like this: > > Port 112 > > "KV" demands that we atone > When we use ports we do not "own" > But leaves the corporate actors fine > Who take things that are yours and mine > > KV sides with the corporate actor > Using the commons to encumber > And free CARP would a port still lack > Had we not gone and claimed it back > > -- > after a 17th/18th century protest poem, > author anonymous/unknown
Re: spamd 250 messages
On Wed, May 30, 2012 at 10:25:01AM +0200, Jan Stary wrote: > On May 29 22:22:35, Otto Moerbeek wrote: > > On Tue, May 29, 2012 at 09:53:40PM +0200, Jan Stary wrote: > > > > > It seems that during the SMTP dialogue, spamd says things like > > > "250 Hello spammer, this is gonna hurt you" and similar > > > - but it also happens for hosts that are GREY at the time. > > > > > > Is that right, and is that expected? > > > > > > Jan > > > > Yes. Until the host is marked WHITE spamd will handle the connection > > attempts from that host. > > Yes, that's understood. But why does spamd talk like that > even on the very first connection attempt? (Not that it hurts > the greylisting process.) Just because the majorty are spammers? Why is this relevant? Does the sending mta feel offended or so? -Otto
Re: p5-Net-SSLeay or p5-Net_SSLeay
On 2012-05-29, P. Pruett wrote: > Just an FYI for OpenBSD 5.1 > > If someone else runs into this... > I just did cvs for stable 5.1 on a i386 that was updated on May 29,2012 > ...and... > I could not find the port p5-Net-SSLeay > nor could some of the dependencies for spamasssassin... > I did find > /usr/ports/p5-Net_SSLeay > > to which I did the make install > then the other port makes found p5-Net-SSLeay > > Possibly.. the use of the underscore in the path caused confusion... > > Google likes to substitute punctuation like - and _ and a search > did not quickly find another post mentioning this... > .. so I made a common mistake or most sysadmins just knew this... > hope this helps someone else.. > > Was there a problem with just "pkg_add p5-Mail-SpamAssassin"?
Re: nsd name server generates high load during zone update on slave
On 2012-05-29, Imre Oolberg wrote: > Hi! > > Thank you very much for quick answer! Tried it on 5.1 stable in the > spirit on applying bind patch i.e. saying > > # cd /usr/src > # patch -p0 < /usr/src/nsd.patch > # cd usr.sbin/nsd > # make -f Makefile.bsd-wrapper obj > # make -f Makefile.bsd-wrapper depend > # make -f Makefile.bsd-wrapper > # make -f Makefile.bsd-wrapper install > > And restarting nsd. > > I specifically copied zone before and after several times and got > respectivele load and no load. Also checked that zone content is all > right after copying. At the same time i realize that my testing is not > thorough. > > Do you think it is safe for me to start using this patch in production > or your people do some more testing and eventually publish this patch as > 002_nsd.patch for OpenBSD v. 5.1? I think it's safe and would be a good candidate for the 5.1-stable tree, but it's not in the class of bugs for which we usually release separate patches (typically these are just for security/crash fixes).
Re: spamd 250 messages
On May 29 22:22:35, Otto Moerbeek wrote: > On Tue, May 29, 2012 at 09:53:40PM +0200, Jan Stary wrote: > > > It seems that during the SMTP dialogue, spamd says things like > > "250 Hello spammer, this is gonna hurt you" and similar > > - but it also happens for hosts that are GREY at the time. > > > > Is that right, and is that expected? > > > > Jan > > Yes. Until the host is marked WHITE spamd will handle the connection > attempts from that host. Yes, that's understood. But why does spamd talk like that even on the very first connection attempt? (Not that it hurts the greylisting process.)
Re: More bgpd problems
On 2012-05-29, Matt Hamilton wrote: > Otto Moerbeek drijf.net> writes: > >> >> On Tue, May 29, 2012 at 08:57:54AM +, Matt Hamilton wrote: >> >> > Hi all, >> > >> > More bgpd problems last night :( This happened last night on two of our >> > routers. One running an old version of OpenBSD (4.3) and one running >> > 5.1. Is there anyone out there actually using bpgd in production? How >> > do you deal with it quitting everytime something unexpected happens on >> > the network? >> >> Yes, lots of people run it in production. > > That is what I'd expect. I just don't understand how with it keep dropping > out when it has some transient problem. > >> > >> > The first message below seems to indicate unable to allocate >> > memory. I'm running these boxes pretty much stock having not tuned any >> > parameters at all. Both are just running routing daemons (bgpd, ospf) >> > and the 4.3 box is running OpenVPN. There are no applications running >> > and both boxes have plenty of RAM (4GB) and not using any swap or >> > anything. >> > >> > Is there something I should look at tuning in terms >> > of memory allocation in order to stop this happening? >> > >> > OpenBSD 4.3/amd64: >> > >> > May 29 05:53:43 firewall1 bgpd[5090]: imsg_create: buf_open: Cannot >> > allocate memory >> > May 29 05:53:43 firewall1 bgpd[5090]: fatal in RDE: imsg_compose >> > error: Cannot allocate memory >> > May 29 05:53:44 firewall1 bgpd[27053]: Lost child: route decision >> > engine exited >> > May 29 05:53:44 firewall1 bgpd[15204]: fatal in SE: pipe write error: >> > Broken pipe >> >> Only solution: upgrading. You are runing unsupported software, a >> foolish thing to do. > > Alas we don't all live in Utopia ;) This box is due to be upgraded soon, > but that upgrade is predicated on getting a stable routing environment > so that I can do so. At the moment we are mid-way through migrating > away from Cisco kit to OpenBSD routers. Until I can be confident that it > won't all just fall over I can't continue with the migration. I would *not* want to be running ospfd from before 5.1 on a DFZ router. First RTM_DESYNC (route socket overflows) were not dealt with at all in ospfd until 4.8 and from then until 5.1 they tended to result in lots of kernel route table dumps in quick succession to get back into sync, which is pretty hard on the machine, in 5.1 a holdoff timer was introduced for these resyncs. bgpd-wise since 4.3 there have been crashes fixed triggered by bad updates (these affected most BGP implementations not just OpenBSD) and numerous other fixes. If you are upgrading from that version then use bsd.rd to upgrade rather than untarring sets on the live system, and read the upgrade notes for the intermediate versions, I think that time period includes slight incompatible changes to bgpd.conf. > So any insight on why I would be getting the same symptoms on the 5.1 > box? And was getting bgpd dying before under 5.0? I'm finding it hard > to believe that this behaviour would have been tolerated by people > running bgpd in production all the way from the time of 4.3 to now. > Which leads to the only conclusion... I'm doing something stupid. > The question is what. I have ospfd and bgpd running. On the 5.1 box > there is also a CARP interface too (not an interface we are using ospfd on). > > -Matt > > Not sure when I started seeing it as I had various other problems on the network and with hardware back in the 4.3 days (what's that, 4 years ago or so?) Some people don't seem to hit it at all. One of the most common uses of OpenBGP is running as route server with mostly LAN-based connections and I suspect this type of setup is less likely to hit this problem. I usually only hit it on routers connected via wan links (redundant paths with ospf which flap on occasion). Usually hit the memory problem a few times in fairly quick succession, then not again for sometimes as much as a couple of months or even longer. Without having had a way to trigger it in the lab, and in my case not much storage on the routers to save dumps, getting more information to help track it down is challenging.. and of course I am reliant on out-of-band access and needing to get the network back up at that point, and often not fully awake having been woken by a text from icinga, so very limited debug opportunities. If you're better able to try and get some debug information, from what we've worked out more recently I would suggest flapping the ospf links as possibly triggering it.
Re: OpenBSD in April's issue of the CACM
With apologies for the "we" because I don't really speak for the OpenBSD project, but maybe people will like this: Port 112 "KV" demands that we atone When we use ports we do not "own" But leaves the corporate actors fine Who take things that are yours and mine KV sides with the corporate actor Using the commons to encumber And free CARP would a port still lack Had we not gone and claimed it back -- after a 17th/18th century protest poem, author anonymous/unknown
Re: opensmtpd php_mail /usr/sbin/sendmail
On Wed, May 30, 2012 at 09:57:47AM +0300, lilit-aibolit wrote: > Hello misc. Hello, > There are many web applications that used php_mail function, > which points to /usr/sbin/sendmail on localhost. > In some case sendmail used with smart_host+masquerade options > to deliver email via gmail for example. > Configure sendmail to work with gmail (SMTP AUTH/TLS) is hard for me. > The question: it is possible to use opensmtpd instead sendmail to > compose email from php_mail function? > and how point web-application to opensmtpd? > You can configure opensmtpd to work with gmail relatively easily: /etc/mail/gmail-credentials.txt: mail.google.com user:password /etc/mail/smtpd.conf: map "gmail" source plain "/etc/mail/gmail-credentials.txt" accept for all relay via "mail.google.com" tls auth gmail To let your chrooted apache communicate with opensmtpd, you can use mini_sendmail from packages, or any smtp client really. However there is no masquerading at the envelope level yet -- Gilles Chehade https://www.poolp.org | http://pool.ps @poolpOrg