Re: X app 'cant open display', In X as reg. user launching xapp from su xterm.
On Tue, Nov 27, 2012 at 7:29 PM, John Doe wrote: > In X as normal user, trying to launch xapp from an xterm that I have su'ed to > root in. > I get a 'Cant open display' error. > > Please help. If you want to understand what is happening, then read the Xsecurity(7) and xauth(1) manpages. Philip Guenther
Re: Recommended ANSI C language coding standard compliance checker
I read someone mention 'man style' the other day and I'm glad I did. It's not a standard of any kind but it helped me understand OpenBSD source better. Seems like a lot of it conforms to most of these rules if not all. Justin Mayes Infrastructure Solution Architect Career Education Corporation Office: 847.783.8150 x38150 | jma...@careered.com -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Gleydson Soares Sent: Tuesday, November 27, 2012 8:54 PM To: Philip Guenther Cc: Tito Mari Francis Escaño; misc@openbsd.org Subject: Re: Recommended ANSI C language coding standard compliance checker +1. On Wed, Nov 28, 2012 at 12:46 AM, Philip Guenther wrote: > On Mon, Nov 26, 2012 at 8:10 PM, Tito Mari Francis Escaño > wrote: >> I'm trying to re-learn ANSI C as part of the effort to write a book >> for beginners or intermediate level. I'm thinking of including the >> use of ANSI C code compliance checker, similar to PHP CodeSniffer, >> that detects whether a given C program file complies with a coding >> standard. Can you please give me pointers what tools OpenBSD >> developers use for this purpose? I understand that indent is used to >> format a given program file, but how about detecting whether a given file is coding standard compliant? > > The only tool *this* OpenBSD developer uses for checking *coding > standard* compliance is his brain. For KNF stuff (c.f. style(9)) you > just read enough of it and the stuff that's wrong starts to stick out. > But really, that's just the bottom level: syntax is important only > because it can obscure the semantics. It's like when reading a book: > the font it was printed in doesn't matter unless it distracts you from > the *words*. > > What's important in coding style are things like clarity, portability, > and efficiency. While a few aspects of portability can be checked > mechanically, those mostly have to be checked *and balanced* by a > brain. > > > I recommend the book "The Practice of Programming", by Brian W. > Kernighan and Rob Pike, for those interested in these sorts of > considerations. > > > Philip Guenther [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
X app 'cant open display', In X as reg. user launching xapp from su xterm.
In X as normal user, trying to launch xapp from an xterm that I have su'ed to root in. I get a 'Cant open display' error. Please help.
Re: OpenBSD Cloud Offerings
> For "reputable" providers with nodes in the US, arpnetworks.com, > vr.org, ramhost.us, nqhost.com and edis.at are just some of the > options to consider; and, before you ask, linode.com won't work (it's > strictly Xen PV, which would require a modified Xen DomU kernel from > your Guest OS). IMHO, RootBSD.net pricing is always out of line from > the realm of the market. Just FYI, ARP Networks still requires you to disable mpibios. If you don't, you get nothing but network timeouts and pain on their VPS'. Small price to pay, though - ARP is fantastic and I've had nothing but good experiences with them. Benny -- "Unless you're a lawyer, you don't understand Oracle licensing. That applies equally to Oracle employees as well as customers." -- Me, 2012-05-10
Re: Recommended ANSI C language coding standard compliance checker
+1. On Wed, Nov 28, 2012 at 12:46 AM, Philip Guenther wrote: > On Mon, Nov 26, 2012 at 8:10 PM, Tito Mari Francis Escaño > wrote: >> I'm trying to re-learn ANSI C as part of the effort to write a book for >> beginners or intermediate level. I'm thinking of including the use of ANSI >> C code compliance checker, similar to PHP CodeSniffer, that detects whether >> a given C program file complies with a coding standard. Can you please give >> me pointers what tools OpenBSD developers use for this purpose? I >> understand that indent is used to format a given program file, but how >> about detecting whether a given file is coding standard compliant? > > The only tool *this* OpenBSD developer uses for checking *coding > standard* compliance is his brain. For KNF stuff (c.f. style(9)) you > just read enough of it and the stuff that's wrong starts to stick out. > But really, that's just the bottom level: syntax is important only > because it can obscure the semantics. It's like when reading a book: > the font it was printed in doesn't matter unless it distracts you from > the *words*. > > What's important in coding style are things like clarity, portability, > and efficiency. While a few aspects of portability can be checked > mechanically, those mostly have to be checked *and balanced* by a > brain. > > > I recommend the book "The Practice of Programming", by Brian W. > Kernighan and Rob Pike, for those interested in these sorts of > considerations. > > > Philip Guenther
Re: Recommended ANSI C language coding standard compliance checker
On Mon, Nov 26, 2012 at 8:10 PM, Tito Mari Francis Escaño wrote: > I'm trying to re-learn ANSI C as part of the effort to write a book for > beginners or intermediate level. I'm thinking of including the use of ANSI > C code compliance checker, similar to PHP CodeSniffer, that detects whether > a given C program file complies with a coding standard. Can you please give > me pointers what tools OpenBSD developers use for this purpose? I > understand that indent is used to format a given program file, but how > about detecting whether a given file is coding standard compliant? The only tool *this* OpenBSD developer uses for checking *coding standard* compliance is his brain. For KNF stuff (c.f. style(9)) you just read enough of it and the stuff that's wrong starts to stick out. But really, that's just the bottom level: syntax is important only because it can obscure the semantics. It's like when reading a book: the font it was printed in doesn't matter unless it distracts you from the *words*. What's important in coding style are things like clarity, portability, and efficiency. While a few aspects of portability can be checked mechanically, those mostly have to be checked *and balanced* by a brain. I recommend the book "The Practice of Programming", by Brian W. Kernighan and Rob Pike, for those interested in these sorts of considerations. Philip Guenther
ftps?
Having some issues with a client system attempting to use a product called MoveItFreely to connect to server via FTPS (FTP with TLS). The firewall is running a snapshot from April, 3 2011 of version 4.9. I have added a pass rule for the additional (to port 21) requested ports of 989, 990, and 5:52000 but still having connection problems. Just wondering if the ftp-proxy would be interfering this. Also wonder why anyone in their right mind would use FTPS!? Thanks, Chris
Re: Recommended ANSI C language coding standard compliance checker
More than just using GCC, since my idea is to also consider LLVM and PCC. Thanks for the advise. Looking forward for other options, especially what the OpenBSD dev team does to ensure every file complies with the coding standard. On Tue, Nov 27, 2012 at 7:51 PM, Rares Aioanei wrote: > On Tue, 27 Nov 2012 12:10:27 +0800 > Tito Mari Francis Escaño wrote: > > > Good day, > > I'm trying to re-learn ANSI C as part of the effort to write a book > > for beginners or intermediate level. I'm thinking of including the > > use of ANSI C code compliance checker, similar to PHP CodeSniffer, > > that detects whether a given C program file complies with a coding > > standard. Can you please give me pointers what tools OpenBSD > > developers use for this purpose? I understand that indent is used to > > format a given program file, but how about detecting whether a given > > file is coding standard compliant? I hope you can advise me on this. > > Thanks. > > > > If I understand your request correctly, why not use gcc's -ansi and > -pedantic when compiling your code? > > -- > > Rares Aioanei
Re: [obsd] Re: ral(4) hard locks on 5.2
On 2012-11-26, Jeremie Le Hen wrote: > On Mon, Nov 26, 2012 at 11:57:16AM +0100, Alexander Hall wrote: >> >> You might get away with /var/run/dmesg.boot > > No there unfortunately. I will look at this this evening. > > But the problem seems to have been lurking since at leat 4.4 from my > searching in the archives. Besides, I use the adapter as a client > without any freeze. Does the AP mode use really more power? > If you're going to search the archives, please look at source-changes too, there have been quite a few hostap fixes in the last couple of releases.
Re: bsd cloud
> i have seen, some minutes ago, a message about cloud with BSD! > I have seen announcements on cloud computing every where. What is the > difference between a BSD cloud and a linux cloud ? A windows cloud and a > linux cloud ? > Isn't all that the new buzz word in the market ? It's bullshit marketing blah-blah if the "cloud" cannot be automated, i.e. it must be possible to provision new RAM and CPU resources with an API. In fact, it's all about APIs ... the OS defines the APIs available to access those RAM and CPU resources (most significant difference would be Windows vs Unix). It's all about abstraction of the infrastructure, and automation. As a user, I don't care if my API calls manage virtual machines or force an intern to timely do everything manually on bare metal for me, using jolts of electricity. That's also what makes it potentially interesting -- just not from a security point of view. In case of virtualization, the guest OS (possibly OpenBSD) can never be any more secure than the host OS (usually Linux), and the whole setup is more risky overall due to added complexity and additional attack vectors. On the plus side, the things one can build with an infrastructure that can be 100% automated are quite cool, at the very least in terms of auto-repair (covering most types of failures) and the hyped auto-scaling. > So what would a BSD cloud be different in the context of cloud (not openbsd > features) ? Different long- and short-term maintenance, I would say (in my experience with OpenBSD, better + cheaper than Linux). And, with OpenBSD as the guest, I would also expect significant benefit wrt security: due to its nature in general, and lack of unnecessary complexity in particular. From a dogmatic point of view, however, OpenBSD "in the cloud" is not desired (due to the security issues wrt virtualization). IOW, I'd also be very much interested in a proper compute cloud offering OpenBSD instances, ideally with an EC2-compatible API ... it would be an improvement. > So in essence what is it really cloud we have not doing since networks have > been in the game ? > Don't take this as an offense, i just cannot understand all this frenesy > about clouds ... Automation. 42. Many people seem to mix up cloud computing with plain virtual servers, grid computing, clustering, whatever ... but those are just possible components, and what it boils down to is abstraction and automation -- at least from an engineering point of view. Moritz
Re: OpenBSD Cloud Offerings
On 27 November 2012 08:47, Research wrote: > Hello, > > I was wondering if anyone had any experience with reputable cloud providers > that currently offer OpenBSD 5.2. > > I was able to find out some information based on the OpenBSD Journal posting > from Sunday, February 13, 2011 titled "OpenBSD Private Cloud Computing". The > two vendors mentioned included ARP Networks and RootBSD. > > Since this time period (preferably over 2012), has anyone used any other > cloud service offerings hosting OpenBSD ? I am hoping to hear some positive > reviews for a provider I can go with. > > Stipulations > > - Preferable a North American provider for geography > - OpenBSD 5.2 > > Thanks To run OpenBSD in the cloud, you can go with pretty much any provider that offers VPS solutions based on Linux-KVM, Xen HVM or VMware -- with all of these three technologies, you can run the regular unmodified i386 and amd64 kernels. Avoid Xen PV (it requires guest OS to be modified to specifically support Xen, i.e. a DomU kernel etc), and, obviously, also avoid OpenVZ, VDSmanager-FreeBSD etc. Don't necessarily look at the OpenBSD version numbers that are offered, or whether OpenBSD is specifically supported; at least with KVM and Xen HVM, it's almost always possible to get console-based access and install whichever version of OpenBSD you please. Some providers offer ssh-based serial console access; some offer VNC-based access; installing OpenBSD yourself is a breeze! For "reputable" providers with nodes in the US, arpnetworks.com, vr.org, ramhost.us, nqhost.com and edis.at are just some of the options to consider; and, before you ask, linode.com won't work (it's strictly Xen PV, which would require a modified Xen DomU kernel from your Guest OS). IMHO, RootBSD.net pricing is always out of line from the realm of the market. If you're looking for something extra cheap and not necessarily one bit reliable/secure/dependable, then you might also find some other interesting offers from come-and-go providers at sites like LowEndBox.com (they have tags for KVM and VMware, plus most "Xen" providers over there either already offer Xen HVM or are flexible enough to provide either Xen PV or Xen HVM). Cheers, Constantine.
Re: OpenBSD Cloud Offerings
These guy's are pretty good. Currently offering 5.2. http://www.stratusrack.com/virtual.php On Tue, Nov 27, 2012 at 8:47 AM, Research wrote: > Hello, > > I was wondering if anyone had any experience with reputable cloud > providers that currently offer OpenBSD 5.2. > > I was able to find out some information based on the OpenBSD Journal > posting from Sunday, February 13, 2011 titled "OpenBSD Private Cloud > Computing". The two vendors mentioned included ARP Networks and RootBSD. > > Since this time period (preferably over 2012), has anyone used any other > cloud service offerings hosting OpenBSD ? I am hoping to hear some > positive reviews for a provider I can go with. > > Stipulations > > - Preferable a North American provider for geography > - OpenBSD 5.2 > > Thanks
Re: bsd cloud
That would be great! KVM on openbsd. The joyent folks did it with illumos/opensolaris based smartos. I would think a port to OpenBSD would be possible. Sent from my Android phone using TouchDown (www.nitrodesk.com) -Original Message- From: Jiri B [ji...@devio.us] Received: Tuesday, 27 Nov 2012, 2:20pm To: Friedrich Locke [friedrich.lo...@gmail.com] CC: openbsd-misc [misc@openbsd.org] Subject: Re: bsd cloud On Tue, Nov 27, 2012 at 04:13:47PM -0200, Friedrich Locke wrote: > Hi folks, > > i have seen, some minutes ago, a message about cloud with BSD! > I have seen announcements on cloud computing every where. What is the > difference between a BSD cloud and a linux cloud ? A windows cloud and a > linux cloud ? > Isn't all that the new buzz word in the market ? > > So what would a BSD cloud be different in the context of cloud (not openbsd > features) ? > > So in essence what is it really cloud we have not doing since networks have > been in the game ? > Don't take this as an offense, i just cannot understand all this frenesy > about clouds ... As now qemu has direct support for glusterfs (a distributed filesystem) and glusterfs daemon[1] should run on any Unix-like OS you can have OpenBSD-based cloud too :D For glusterfs is that you won't be able to mount it on OpenBSD as other posix filesystem as there's neither support nor FUSE-like workaround. You can of course try to "port" KVM to OpenBSD, hehe. jirib [1] http://community.gluster.org/q/does-glusterfs-support-freebsd/
Re: bsd cloud
On Tue, Nov 27, 2012 at 04:13:47PM -0200, Friedrich Locke wrote: > Hi folks, > > i have seen, some minutes ago, a message about cloud with BSD! > I have seen announcements on cloud computing every where. What is the > difference between a BSD cloud and a linux cloud ? A windows cloud and a > linux cloud ? > Isn't all that the new buzz word in the market ? > > So what would a BSD cloud be different in the context of cloud (not openbsd > features) ? > > So in essence what is it really cloud we have not doing since networks have > been in the game ? > Don't take this as an offense, i just cannot understand all this frenesy > about clouds ... As now qemu has direct support for glusterfs (a distributed filesystem) and glusterfs daemon[1] should run on any Unix-like OS you can have OpenBSD-based cloud too :D For glusterfs is that you won't be able to mount it on OpenBSD as other posix filesystem as there's neither support nor FUSE-like workaround. You can of course try to "port" KVM to OpenBSD, hehe. jirib [1] http://community.gluster.org/q/does-glusterfs-support-freebsd/
Re: "No route to host"
Here is my rules (without macro & table definitions which are before,
sensible rules are hidden, but are in the same template as shown rules
and same place)
##
## Options
##
set skip on lo0
set block-policy drop
set limit { states 5, frags 2, src-nodes 4, table-entries
60 }
##
## NAT /!\ toujours avant le filtrage ! /!\
##
pass out quick proto tcp from $iogspriv_addr to !$priv_addr port
{ $smtp_ports $mail_ports $ldap_ports 16286 16287 22745 22734 49157 }
nat-to $natto_iface
pass out quick proto tcp from $priv_addr to !$priv_addr port { ssh }
nat-to $natto_iface
pass out quick proto tcp from to !$priv_addr port
{ $tse_port } nat-to $natto_iface
pass out quick proto { tcp udp } from to
port { https $jabber_ports 16384 16385 16386 16387 } nat-to
$natto_iface
pass out quick proto icmp to { !$priv_addr } nat-to $natto_iface
pass out quick proto tcp from $administration to nat-to
$natto_iface
##
## Filtrage
##
#
# Regles par defaut (entrees bloquees et loguees, sorties autorisees)
#
block in log all
pass out quick all
pass in quick on $internet_iface
pass in quick on $internet_carp_iface
pass in quick on $proxy_iface
pass in quick on $lan_iface
pass in quick proto carp
pass in quick on $lan_iface proto pfsync
# antispoofing, for hackers
#antispoof log for $clientlan_ifaces
block in quick from $poubelle
pass in quick proto icmp
pass in quick proto tcp to $proxy_addr
pass in quick proto tcp to { $proxy_addr1 $proxy_addr2 } port { 3128
http }
pass in quick from { $srv_gw1 $srv_gw2 }
pass in quick from to { $lan_addrs $toip_srv }
pass in quick from { $lan_addrs $toip_srv } to
pass in quick proto udp to port { bootps bootpc domain ntp }
pass in quick proto tcp from $srv_monitor
pass in quick proto tcp to $srv_monitor
pass in quick proto { tcp udp } from { $srv_logs $srv_ads } to
{ $srv_gw1 $srv_gw2 $priv_addr }
pass in quick proto { tcp udp } from { $srv_gw1 $srv_gw2 $priv_addr } to
{ $srv_logs $srv_ads }
# Serveurs accessibles a tout le LAN en TCP
pass in quick proto tcp from { $srv_debian_repo $srv_ftp $srv_cloud } to
$priv_addr
pass in quick proto tcp from $priv_addr to { $srv_debian_repo $srv_ftp
$srv_cloud }
# Serveurs accessibles a tout le LAN en UDP
pass in quick proto udp from { $srv_logs $srv_serveurmac } to $priv_addr
pass in quick proto udp from $priv_addr to { $srv_logs $srv_serveurmac }
# serveurs de fichiers & partages windows (Zeus/Hera)
pass in quick from $srv_fichiers_adm to { }
pass in quick from { } to $srv_fichiers_adm
pass in quick from $srv_fichiers_ecole to { }
pass in quick from { } to $srv_fichiers_ecole
# view + physique
pass in quick from { } to { $view}
pass in quick from { $view } to { }
pass in proto { tcp udp } from to port
{ https 5223 16384 16385 16386 16387 }
pass in proto { tcp udp } from port { https 5223 16384 16385
16386 16387 } to
pass in proto tcp from $priv_addr to port { ssh $ldap_ports $smtp_ports
$mail_ports $pcoip_ports $tse_port }
pass in proto tcp from port { ssh $ldap_ports $smtp_ports $mail_ports
$pcoip_ports $tse_port } to $priv_addr
pass in proto tcp from $priv_addr to { $kms }
pass in proto tcp from { $kms } to $priv_addr
##
## RDR web
##
pass in quick proto tcp from !$proxy_addr to any port 80 rdr-to
$proxy_addr port 3128
--
Cordialement,
Loïc BLOT, expertise en systèmes UNIX, sécurité et réseaux
Frost Sapphire Studios
Le mardi 27 novembre 2012 Ã 08:45 +0100, Laurent Caron (Mobile) a
écrit :
> "Loïc BLOT" a écrit :
>
> >Hello to OpenBSD users,
> >
> >i have a little problem, i think it's linked with PF, but i have no
> >proofs. System is OpenBSD 5.1 but OpenBSD 5.2 get the same things (with
> >different card, 5.1 uses bnx and 5.2 use em)
> >I have a router with squid proxy, named and isc-dhcpd. The problem is,
> >sometimes i get "no route to host" for some transmissions (often on the
> >proxy), but randomly. Our connexion is perfectly stable (Renater 1Gbit
> >fiber connection), and the routes are static and right.
> >When squid says no route to host and i refresh the page, it works. I
> >think it's a packet filter problem. Nmap has sometimes the same problem
> >and says no route to host when i try to scan. Example:
> >
> >Starting Nmap 5.51 ( http://nmap.org ) at 2012-11-26 23:56 CET
> >sendto in send_ip_packet_sd: sendto(4, packet, 44, 0, aaa.bbb.ccc.20,
> >16) => No route to host
> >Offending packet: TCP xxx.yyy.zzz.1:42282 > aaa.bbb.ccc.20:5200 S
> >ttl=37
> >id=32702 iplen=44 seq=2453102157 win=2048
> >Sleeping 15 seconds then retrying
> >
> >This scan was realized in two differents networks, but in this capture,
> >this is the same networks
> >
> >Starting Nmap 5.51 ( http://nmap.org ) at 2012-11-26 23:58 CET
> >sendto in send_ip_packet_sd: sendto(4, packet, 44, 0, xxx.yyy.zzz.50,
> >16) => No route to host
> >Offending packet: TCP xxx.yyy.zzz.1:49053 > xxx.yyy.zzz.50:161 S ttl=52
> >id=62248 iplen=44 seq=3073961720 win=1024
> >Sleeping 15 seconds then retrying
> >
> >if
Re: bsd cloud
On Tue, Nov 27, 2012 at 04:13:47PM -0200, Friedrich Locke wrote: > Hi folks, > > i have seen, some minutes ago, a message about cloud with BSD! > I have seen announcements on cloud computing every where. What is the > difference between a BSD cloud and a linux cloud ? A windows cloud and a > linux cloud ? > Isn't all that the new buzz word in the market ? > > So what would a BSD cloud be different in the context of cloud (not openbsd > features) ? The "cloud computing" of Amazon EC2, Rackspace, GoGrid, etc merely describes a VPS farm where images can be installed, managed, and migrated from a web service the vendor provides. Fundamentally, nothing exotic of the OS is required beyond the typical Xen/VMWare/KVM support and related disk and network drivers. Also, the vendors may install packages which communicate with their "cloud" controller, and in those cases it's rare that non-Linux systems will be supported. It really depends on the services provided by the vendor's web application, and the storage infrastructure (i.e. the possibly specialized disk drivers). > So in essence what is it really cloud we have not doing since networks > have been in the game ? Don't take this as an offense, i just cannot > understand all this frenesy about clouds ... It's just a marketing term. Also, cloud vendors very intentionally hide the ball from people. Why? "Cloud compute time" is typically measued in hours that your VM is provisioned in the farm--i.e. the image running inside a VM instance, whether or not your image is halted. If you price out one month of "cloud compute time" (i.e. 24 hours * 30 days) and factor in your bandwidth usage, for moderate and heavy utilization a co-located or leased server will be cheaper, often times significantly. For low-end usage a dedicated VPS instance will be comparable or cheaper. Vendors don't want people comparing prices between "cloud computing" and regular leasing or VPS hosting. "Cloud computing" really only makes sense 1) for very low utilization; 2) for very high utilization, where you need to provision many images dynamically throughout the day, week, or month; 3) when you value the redundancy and failsafe provided by being able to snapshot and migrate instances in "the cloud"--i.e. across the vendor's VPS farm. I co-locate my own servers, and maintain some cloud images on Rackspace as a failsafe. I'm only charged a nominal fee for storage of the images, until I provision a server instance from one of the backup images, which ideally should happen rarely, and only for short periods of time.
bsd cloud
Hi folks, i have seen, some minutes ago, a message about cloud with BSD! I have seen announcements on cloud computing every where. What is the difference between a BSD cloud and a linux cloud ? A windows cloud and a linux cloud ? Isn't all that the new buzz word in the market ? So what would a BSD cloud be different in the context of cloud (not openbsd features) ? So in essence what is it really cloud we have not doing since networks have been in the game ? Don't take this as an offense, i just cannot understand all this frenesy about clouds ... thanks in advance.
Re: OpenBSD Cloud Offerings
| -Original Message- | Subject: OpenBSD Cloud Offerings | | I was wondering if anyone had any experience with reputable cloud | providers that currently offer OpenBSD 5.2. | | I was able to find out some information based on the OpenBSD Journal | posting from Sunday, February 13, 2011 titled "OpenBSD Private Cloud | Computing". The two vendors mentioned included ARP Networks and | RootBSD. Do you mean VPS? I didn't know that ARP offered cloud services. However, if you are interested in VPS providers, I'll start with the usual warning: OpenBSD's security is subject to the security of the VPS host, which it is generally safe to say is not as secure as an OpenBSD default install. That said, I've been happy with my results from corgitech.com. I've got a couple VPS containers with them. They have multiple available datacenters, VMWare ESXi 5.1 performs well with OpenBSD, good bandwidth, fast support response times, and their prices are great. They recently had a ecoupon for 50% of their services: "CORGI50". If it still works you are getting one hell of a deal. I've also happily used bsdvm.com, with my only complaints being that they [1] use older VMware software, and [2] default to placing their VPS containers behind virtualized NAT (but you can request bridging, if you know to ask for it). Otherwise the service is comparable to corgitech.com, with the exception that bsdvm.com only uses one datacenter - Hurricane Electric. I'd really like to recommend amerinoc.com because they have excellent plans and service, but they use Xen on Linux, which performs poorly with OpenBSD because there are no PV drivers. I tried but couldn't convince them to offer an ESXi service. If someone - with skills beyond mine - gets motivated to complete Xen PV drivers for OpenBSD I will definitely go back to hosting OpenBSD with them. All that said, if you can afford $100 per month you should look into a dedicated server rather than VPS or cloud. You'll have to search and may need to wait for a special to be offered, but reliable dedicated providers can be found at that price point. The reason I stick with VPS is two-fold: [1] I'm a poor law student, and [2] it offers me the ability to host with several providers for redundancy. At my budget an OpenBSD VPS beats Linux shared hosting in every way. Breen
Re: OpenBSD Cloud Offerings
On Tue, Nov 27, 2012 at 9:47 AM, Research wrote: > Hello, > > I was wondering if anyone had any experience with reputable cloud > providers that currently offer OpenBSD 5.2. > > I was able to find out some information based on the OpenBSD Journal > posting from Sunday, February 13, 2011 titled "OpenBSD Private Cloud > Computing". The two vendors mentioned included ARP Networks and RootBSD. > > Since this time period (preferably over 2012), has anyone used any other > cloud service offerings hosting OpenBSD ? I am hoping to hear some > positive reviews for a provider I can go with. > > Stipulations > > - Preferable a North American provider for geography > - OpenBSD 5.2 > I have been using ARP for almost a year now, they are awesome. I have 5.2 and -current boxes running ( north america ). > > Thanks
OpenBSD Cloud Offerings
Hello, I was wondering if anyone had any experience with reputable cloud providers that currently offer OpenBSD 5.2. I was able to find out some information based on the OpenBSD Journal posting from Sunday, February 13, 2011 titled "OpenBSD Private Cloud Computing". The two vendors mentioned included ARP Networks and RootBSD. Since this time period (preferably over 2012), has anyone used any other cloud service offerings hosting OpenBSD ? I am hoping to hear some positive reviews for a provider I can go with. Stipulations - Preferable a North American provider for geography - OpenBSD 5.2 Thanks
Strangle behaviour for pfctl -T show on kern.securelevel=2
Hello all, in pf.conf: table persist with kern.securelevel=2: # pfctl -t bruteforce -T add 1.2.3.4 1/1 addresses added. # pfctl -t bruteforce -T del 1.2.3.4 1/1 addresses deleted. # pfctl -t bruteforce -T show pfctl: Operation not permitted. Is there a good reason for forbidding '-T show' ? -- Manolis Tzanidakis http://mtzanidakis.com/ mtzanidakis[at]gmail[dot]com
Re: ../../../../arch/i386/i386/locore.s:1755: Error: no such instruction: `stac'
Thanks for the clarification. I now understand that I have got things messed up. I have been on -current ( as of 25. Sep ) , at least I strongly believe this but cannot prove because I have overwritten the system in the meantime. Then I run into problems rebuilding the kernel after a cvs update. I figured that I should update the binaries and pick the wrong ones, as you have pointed out. I fixed that and now all is fine again. Thanks Christoph PS: I should work on my googling abilities. I search for locore.s and thus missed the message you referred to. > -Ursprüngliche Nachricht- > Von: Philip Guenther [mailto:guent...@gmail.com] > Gesendet: Montag, 26. November 2012 21:44 > An: Christoph Leser > Cc: 'misc@openbsd.org' (misc@openbsd.org) > Betreff: Re: ../../../../arch/i386/i386/locore.s:1755: Error: no such > instruction: > `stac' > > On Mon, Nov 26, 2012 at 10:42 AM, Christoph Leser > wrote: > > I'm trying to build the kernel for -current I updated the binaries > > first, then updated the source tree and then did > ... > > ../../../../arch/i386/i386/locore.s:1755: Error: no such instruction: `stac' > > ../../../../arch/i386/i386/locore.s:1759: Error: no such instruction: `clac' > > *** Error code 1 > > This question was asked and answered 3 weeks ago: >http://comments.gmane.org/gmane.os.openbsd.misc/200525 > > > Alternatively, you're thinking about -stable when you say -current. > Note the start of your dmesg: > > > OpenBSD 5.2 (GENERIC) #278: Wed Aug 1 10:04:16 MDT 2012 > > That sure looks like *stable* and not *current*. Indeed, the -current > i386 snapshot right now says: > > OpenBSD 5.2-current (GENERIC) #89: Mon Nov 19 12:49:11 MST 2012 > > If you want -stable, you'll need to change your cvs checkout to the branch > instead of the trunk. > > > Philip Guenther
Re: "No route to host"
Look for states of pf the default is 1 if the maximum is reached pf will block # systat pf If needed increase this 2012/11/27 Laurent Caron (Mobile) > "Loïc BLOT" a écrit : > > >Hello to OpenBSD users, > > > >i have a little problem, i think it's linked with PF, but i have no > >proofs. System is OpenBSD 5.1 but OpenBSD 5.2 get the same things (with > >different card, 5.1 uses bnx and 5.2 use em) > >I have a router with squid proxy, named and isc-dhcpd. The problem is, > >sometimes i get "no route to host" for some transmissions (often on the > >proxy), but randomly. Our connexion is perfectly stable (Renater 1Gbit > >fiber connection), and the routes are static and right. > >When squid says no route to host and i refresh the page, it works. I > >think it's a packet filter problem. Nmap has sometimes the same problem > >and says no route to host when i try to scan. Example: > > > >Starting Nmap 5.51 ( http://nmap.org ) at 2012-11-26 23:56 CET > >sendto in send_ip_packet_sd: sendto(4, packet, 44, 0, aaa.bbb.ccc.20, > >16) => No route to host > >Offending packet: TCP xxx.yyy.zzz.1:42282 > aaa.bbb.ccc.20:5200 S > >ttl=37 > >id=32702 iplen=44 seq=2453102157 win=2048 > >Sleeping 15 seconds then retrying > > > >This scan was realized in two differents networks, but in this capture, > >this is the same networks > > > >Starting Nmap 5.51 ( http://nmap.org ) at 2012-11-26 23:58 CET > >sendto in send_ip_packet_sd: sendto(4, packet, 44, 0, xxx.yyy.zzz.50, > >16) => No route to host > >Offending packet: TCP xxx.yyy.zzz.1:49053 > xxx.yyy.zzz.50:161 S ttl=52 > >id=62248 iplen=44 seq=3073961720 win=1024 > >Sleeping 15 seconds then retrying > > > >if don't have the problem with pf disabled. > > > >All my outgoing packets are allowed and somes are nated. > > > >Where do you think the problem comes ? > > > >Thanks for Advance. > > > >Lo��c Blot, > >UNIX systems engineer. > > Hello Loïc > > What does your ruleset look like ? > > Do.you have à .log of rejected packets (tcpdump on pflog 0)?
Re: Recommended ANSI C language coding standard compliance checker
On Tue, 27 Nov 2012 12:10:27 +0800 Tito Mari Francis Escaño wrote: > Good day, > I'm trying to re-learn ANSI C as part of the effort to write a book > for beginners or intermediate level. I'm thinking of including the > use of ANSI C code compliance checker, similar to PHP CodeSniffer, > that detects whether a given C program file complies with a coding > standard. Can you please give me pointers what tools OpenBSD > developers use for this purpose? I understand that indent is used to > format a given program file, but how about detecting whether a given > file is coding standard compliant? I hope you can advise me on this. > Thanks. > If I understand your request correctly, why not use gcc's -ansi and -pedantic when compiling your code? -- Rares Aioanei
Re: [obsd] Re: ral(4) hard locks on 5.2
On Mon, Nov 26, 2012 at 03:14:07PM +0100, Jeremie Le Hen wrote: > But the problem seems to have been lurking since at leat 4.4 from my > searching in the archives. When making such claims please give others an opportunity to verify your sources. Otherwise it's impossible to tell whether you're pointing out a long-standing genuine problem with the driver or whether you've misinterpreted what you were reading. Or perhaps the problem you came across in the archives is a different one that's already been fixed? Impossible to tell without links to the sources.
Re: trunk(4) and non-standard MTU
Yes, it's not working. I might have mixed up with fbsd. My bad, sorry //mxb On 23 nov 2012, at 15:33, Janne Johansson wrote: > Can you show the output of "ifconfig trunk0" after you have run this? > And uname -a since a moderately recent -current wont allow mtus >1500 > when I test. > > 2012/9/18 mxb : >> /etc/hostname.em0: >> up mtu 9000 >> >> /etc/hostname.em1 >> up mtu 9000 >> >> /etc/hostname.trunk0 >> trunkproto lacp trunkport em0 trunkport em1 10.10.10.10 netmask >> 255.255.255.0 -inet6 mtu 9000 >> >> "mtu 9000" in hostname.trunk0 probably not needed as it will get its' >> correct mtu from em0. >> >> //mxb >> >> On 09/18/2012 10:04 AM, Scott wrote: >>> On 18 September 2012 03:47, mxb wrote: Yes you can, but the real hw has to support it as well. On 09/18/2012 02:34 AM, S. Scott wrote: > Is it possible to use non-standard (1500) MTU on a trunk(4) > pseudo-interface or on the real em(4) interfaces that comprise the > trunk0 interface, or on the VLANs carried therein. We'd like to use > jumbo frames on the link-aggregate between a Cisco catalyst switch > (port group) and the openBSD router and firewall. > > $ uname -a > 5.1 GENERIC.MP#207 amd64 > > With thanks, > > — > iThing: Big thumbs & little keys. Please excuse typo, spelling and > grammar errors • Good planets are hard to find – think before you > print • My desire to be well-informed is currently at odds with my > desire to remain sane. • Last night I played a blank CD at full blast. > The Mime next door went nuts. >>> >>> Could you please explain how. >>> >>> ifconfig trunk0 mtu , where > 1500 results in the error, >>> >>> ifconfig: SIOCSIFMTU: Invalid argument >>> >>> em(4) hardware does support jumbo's ( > 1500) >> > > > > -- > To our sweethearts and wives. May they never meet. -- 19th century toast
really good blog post about testing
Chromatics is well-known in the perl community, but this post is fairly general and explains the issue nicely: http://www.modernperlbooks.com/mt/2012/11/how-bugs-get-fixed.html if you don't report bugs, they don't get fixed. Don't assume someone else is doing the same thing and will see the same issues that you do.
