match rules and priorities

2015-10-08 Thread Christer Solskogen 
Hi!

I'm having a bit trouble understanding match rules and priorities. I
have a lot of traffic on other ports than http and https, but I want
to have top priority on them instead of the others.

So I have these rules:
match proto tcp to port { ftp, http, https, 3129 } set prio 7
match proto tcp from port { ftp, http, https, 3129 } set prio 7

Do I need them both? And where in pf.conf should they be? I've tried
having them on top, and on bottom, but still I get very low speeds for
downloads on http.

OpenBSD 5.8-current (GENERIC.MP) #1419: Sun Oct  4 12:28:54 MDT 2015

-- 
chs

verification spamd and traffic

2015-10-08 Thread Markus Rosjat 

Hi there,

I have a spamd running in greylisting mode and maintain my own blacklist 
that I update manually. So far so good yesterday I just did a quite 
radical adding to my blacklist :) and I noticed my outgoing traffic 
jumped from around 500mb per day to 3,2gb per day. I checked the traffic 
with tcpdump and it was no strange traffic going on just my mailports 
and the 25 for the spamd. So my question is, could the radical adding of 
IPs cause this (and yeah its a lot because I added some ranges)?  As far 
as I understand it when some IP is on a blacklist it get redirected to 
spamd right away by pf and then I get some traffic going on. If a IP is 
not on the blacklist and not known Greylisting jumps in an sends the 
server away to come back later to decide if it goes through or on the 
blacklist. So by adding a lot of possible spammer on a black list in the 
first place I generate traffic with them.


Could someone confirm this ?

Regards

--
Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de

G+H Webservice GbR Gorzolla, Herrmann
Königsbrücker Str. 70, 01099 Dresden

http://www.ghweb.de
fon: +49 351 8107220   fax: +49 351 8107227

Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you 
print it, think about your responsibility and commitment to the ENVIRONMENT

Re: match rules and priorities

2015-10-08 Thread Ville Valkonen 
On 8 October 2015 at 11:36, Christer Solskogen  wrote:

> Hi!
>
> I'm having a bit trouble understanding match rules and priorities. I
> have a lot of traffic on other ports than http and https, but I want
> to have top priority on them instead of the others.
>
> So I have these rules:
> match proto tcp to port { ftp, http, https, 3129 } set prio 7
> match proto tcp from port { ftp, http, https, 3129 } set prio 7
>
> Do I need them both? And where in pf.conf should they be? I've tried
> having them on top, and on bottom, but still I get very low speeds for
> downloads on http.
>
> OpenBSD 5.8-current (GENERIC.MP) #1419: Sun Oct  4 12:28:54 MDT 2015
>
> --
> chs
>

Hello Christer,

you can only queue outgoing traffic. Once you think about it, that makes
sense.

--
Regards,
Ville

Re: "dd if=/dev/srandom of=/dev/wd0e bs=1024 count=1" WIPES my wd0 disklabel. Is this intended, bug, how come, how workaround ??? Incl reproduction script+console output+dmesg

2015-10-08 Thread Raimo Niskanen 
On Thu, Oct 08, 2015 at 12:50:59AM +0800, Mikael wrote:
:
> *Impression:*
> Based on what Benny and I think someone else said, I got an approximative
> impression something like that the whole disklabelling system is actually
> designed with the intention that every disklabel is required to
> 
> 1) Have an "a" partition that
> 2) Starts on sector 64 and continues at least up to and including sector 79
> and

You are assuming in your example that the OpenBSD part of the disk starts at
sector 64 on a 512-byte sector disk.  That does not have to be true.
For an i386 or amd64 system it is where the OpenBSD fdisk partition starts
that is important.  And from that point it is 8 kByte that is reserved
for e.g boot code and BSD disklabel.

> 2) Be of the 4.2BSD or RAID type,

The utilities using these avoids using the first 8 kByte so that is just
fine.

In another contemporary thread it was linked to a document about softraid
key disks and there it was clearly stated that to back up and restore a
such a key partition you should avoid the first 8 kByte of the partition
e.g by using dd bs=8192 skip=1 for backup and dd bs=8192 seek=1 for restore.

-- 

/ Raimo Niskanen, Erlang/OTP, Ericsson AB

Re: unbreak trunk(4)

2015-10-08 Thread Stefan Wollny 
Am 10/07/15 um 21:14 schrieb Daniel Jakots:
> On Wed, 7 Oct 2015 15:59:21 +0200, Stefan Wollny 
> wrote:
> 
>> Am 10/07/15 um 15:47 schrieb Mike Belopuhov:
>>> On Wed, Oct 07, 2015 at 15:41 +0200, Mike Belopuhov wrote:  
 Hi,

 If you have noticed recent problems with trunk(4) please try the
 diff below as it fixes a subtle issue (not introduced by my
 changes!) with setting lladdr on non primary trunk ports:
 trunk_port_ioctl needs to be able to lookup the trunk port, but we
 didn't put it on the list yet, doh!

>>> boo hoo, it clashes with some uncommitted changes, here's a rebased
>>> version.
>>>
>>>
> 
> Hi,
> 
> I applied the second patch and it fixes my problem, thanks!
> 
>> Hi Mike,
>>
>> I am sorry to report, but still no connection on startup, but after
>> login 'doas sh /etc/netstart' is doing fine.
> 
> Stefan,
> 
> Sometimes my iwn0 can't connect at boot (I've never reported it because
> it's scarce, random and easily solvable with # sh /etc/netstart)
> so if you've already seen this, maybe give it another reboot to
> try?
> 
> Cheers,
> Daniel
> 

Hi Daniel,

I agree that the practical solution is easy. Yet (as I have reported
privately to Mike due to some attachments) for the last 2~3 weeks with
i386-current (GENERIC.MP) this behaviour is _not_ randomly but without
exception at every startup. This happens with the internal antenna
(wpi0) as well with an external one (rsu0). Connecting to the LAN (em0)
with trunk0 is done at startup without any delay.

The patches Mike kindly provided (a big THANK YOU!) did not change that
behaviour.

As this is just a minor nuissance I guess ressources presently are
better allocated on tame(2)'ing OpenBSD, right?

Best,
STEFAN

Re: softraid(4)/bioctl(8) vs. non-512-byte sectors disks

2015-10-08 Thread Marcus MERIGHI 
kwesterb...@gmail.com (Kenneth Westerback), 2014.03.19 (Wed) 17:09 (CET):
> Alas, softraid only supports 512 byte block devices at the moment.
>  Ken

Any news on this one? No answer as always means 'no'. 

I saw plus58.html:
* Use DEV_BSIZE instead of 512 where appropriate in the kernel. This
  starts laying the groundwork to allow disks with other sector sizes.


Just asking because some time has gone by and krw@ thought it was a
pitty [0]: 

[0] http://dictionary.reference.com/browse/alas
used as an exclamation to express sorrow, grief, pity, concern, or
apprehension of evil.

Thanks+Bye, Marcus

> On Mar 19, 2014 11:36 AM, "Marcus MERIGHI"  wrote:
> 
> > Reference:
> > ``Softraid 3TB Problems''
> > http://marc.info/?l=openbsd-misc=136225193931620
> >
> > Difference:
> > My HDDs show up as 4096 bytes/sector in dmesg.
> >
> > Short:
> > Are there any options for disks that come with 4096 bytes/sector to use
> > with softraid(4)/bioctl(8)?
> >
> > Long:
> >
> > So I got these lovely large disks:
> >
> > DMESG (full one at the end):
> >
> > umass4 at uhub5 port 4 configuration 1 interface 0 "Intenso USB 3.0
> >   Device" rev 2.10/1.00 addr 9
> > umass4: using SCSI over Bulk-Only
> > scsibus5 at umass4: 2 targets, initiator 0
> > sd5 at scsibus5 targ 1 lun 0:  SCSI4
> >   0/direct fixed serial.174c55aa22DF
> > sd5: 2861588MB, 4096 bytes/sector, 732566646 sectors
> > 
> > I suppose right above is my problem?
> >
> > FDISK:
> >
> > Disk: sd5   geometry: 45600/255/63 [732566646 4096-byte Sectors]
> > Offset: 0   Signature: 0xAA55
> > Starting Ending LBA Info:
> >  #: id  C   H   S -  C   H   S [   start:size ]
> >
> >
> -
> --
> >  0: 00  0   0   0 -  0   0   0 [   0:   0 ]
> >   unused
> >  1: 00  0   0   0 -  0   0   0 [   0:   0 ]
> >   unused
> >  2: 00  0   0   0 -  0   0   0 [   0:   0 ]
> >   unused
> > *3: A6  0   1   2 -  45599 254  63 [  64:   732563936 ]
> >   OpenBSD
> >
> > DISKLABEL:
> >
> > # /dev/rsd5c:
> > type: SCSI
> > disk: SCSI disk
> > label: whoknows
> > duid: 470974d3647801b8
> > flags:
> > bytes/sector: 4096
> > sectors/track: 63
> > tracks/cylinder: 255
> > sectors/cylinder: 16065
> > cylinders: 45600
> > total sectors: 732566646
> > boundstart: 64
> > boundend: 732564000
> > drivedata: 0
> >
> > 16 partitions:
> > #size   offset  fstype [fsize bsize  cpg]
> >   a:732563936   64RAID
> >   c:7325666460  unused
> >
> > BIOCTL output
> >
> > $ sudo bioctl -h -v -c C -l /dev/sd3a softraid0
> > softraid0: sd3a has unsupported sector size (4096)
> > softraid0: invalid metadata format
> >
> > Thanks in advance, Marcus
> >
> > DMESG FULL:
> > This is -current with a patch from brad@ to get the NICs (re) working.
> >
> > OpenBSD 5.5-current (GENERIC.MP) #3: Tue Mar 11 14:18:33 CET 2014
> > r...@fofo.fifi.at:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> > real mem = 4161052672 (3968MB)
> > avail mem = 4041580544 (3854MB)
> > mainbus0 at root
> > bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xeb530 (73 entries)
> > bios0: vendor American Megatrends Inc. version "1.03" date 08/09/2013
> > bios0: Shuttle Inc. DS47D
> > acpi0 at bios0: rev 2
> > acpi0: sleep states S0 S3 S4 S5
> > acpi0: tables DSDT FACP APIC FPDT MCFG SLIC HPET SSDT SSDT SSDT
> > acpi0: wakeup devices P0P1(S4) USB1(S3) USB2(S3) USB3(S3) USB4(S3)
> > USB5(S3) USB6(S3) USB7(S3) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4)
> > RP03(S4) PXSX(S4) RP04(S4) [...]
> > acpitimer0 at acpi0: 3579545 Hz, 24 bits
> > acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> > cpu0 at mainbus0: apid 0 (boot processor)
> > cpu0: Intel(R) Celeron(R) CPU 847 @ 1.10GHz, 1097.67 MHz
> > cpu0:
> >
> >
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
> H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX
> ,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE
> ,NXE,LONG,LAHF,PERF,ITSC
> > cpu0: 256KB 64b/line 8-way L2 cache
> > cpu0: smt 0, core 0, package 0
> > mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
> > cpu0: apic clock running at 99MHz
> > cpu0: mwait min=64, max=64, C-substates=0.2.1.1.2, IBE
> > cpu1 at mainbus0: apid 2 (application processor)
> > cpu1: Intel(R) Celeron(R) CPU 847 @ 1.10GHz, 1097.51 MHz
> > cpu1:
> >
> >
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
> H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX
> ,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE
> ,NXE,LONG,LAHF,PERF,ITSC
> > cpu1: 256KB 64b/line 8-way L2 cache
> > cpu1: smt 0, core 1, package 0
> > ioapic0 at mainbus0: apid 2 pa

Re: softraid(4)/bioctl(8) vs. non-512-byte sectors disks

2015-10-08 Thread Marcus MERIGHI 
mcmer-open...@tor.at (Marcus MERIGHI), 2015.10.08 (Thu) 12:26 (CEST):
> kwesterb...@gmail.com (Kenneth Westerback), 2014.03.19 (Wed) 17:09 (CET):
> > Alas, softraid only supports 512 byte block devices at the moment.
> >  Ken
> 
> Any news on this one? No answer as always means 'no'. 

After reading the commit log for softraid I am pretty sure the answer
is 'no'. Therefore I have a) a patch for softraid(4) and b) another
question. 

Question: searching for large (>1TB) HDDs I found there's '512e' [1]. Is
this enough for softraid to work? The wikipedia article reads good, just
to make sure.

Index: softraid.4
===
RCS file: /cvs/src/share/man/man4/softraid.4,v
retrieving revision 1.41
diff -u -p -u -r1.41 softraid.4
--- softraid.4  14 Apr 2015 19:10:13 -  1.41
+++ softraid.4  8 Oct 2015 10:53:25 -
@@ -208,3 +208,5 @@ due to component failure.
 RAID is
 .Em not
 a substitute for good backup practices.
+.Pp
+Only disks with 512 bytes per sector are supported.

[1] https://en.wikipedia.org/wiki/Advanced_Format#512e

Bye, Marcus

> I saw plus58.html:
> * Use DEV_BSIZE instead of 512 where appropriate in the kernel. This
>   starts laying the groundwork to allow disks with other sector sizes.
> 
> 
> Just asking because some time has gone by and krw@ thought it was a
> pitty [0]: 
> 
> [0] http://dictionary.reference.com/browse/alas
> used as an exclamation to express sorrow, grief, pity, concern, or
> apprehension of evil.
> 
> Thanks+Bye, Marcus
> 
> > On Mar 19, 2014 11:36 AM, "Marcus MERIGHI"  wrote:
> > 
> > > Reference:
> > > ``Softraid 3TB Problems''
> > > http://marc.info/?l=openbsd-misc=136225193931620
> > >
> > > Difference:
> > > My HDDs show up as 4096 bytes/sector in dmesg.
> > >
> > > Short:
> > > Are there any options for disks that come with 4096 bytes/sector to use
> > > with softraid(4)/bioctl(8)?
> > >
> > > Long:
> > >
> > > So I got these lovely large disks:
> > >
> > > DMESG (full one at the end):
> > >
> > > umass4 at uhub5 port 4 configuration 1 interface 0 "Intenso USB 3.0
> > >   Device" rev 2.10/1.00 addr 9
> > > umass4: using SCSI over Bulk-Only
> > > scsibus5 at umass4: 2 targets, initiator 0
> > > sd5 at scsibus5 targ 1 lun 0:  SCSI4
> > >   0/direct fixed serial.174c55aa22DF
> > > sd5: 2861588MB, 4096 bytes/sector, 732566646 sectors
> > > 
> > > I suppose right above is my problem?
> > >
> > > FDISK:
> > >
> > > Disk: sd5   geometry: 45600/255/63 [732566646 4096-byte Sectors]
> > > Offset: 0   Signature: 0xAA55
> > > Starting Ending LBA Info:
> > >  #: id  C   H   S -  C   H   S [   start:size ]
> > >
> > >
> > -
> > --
> > >  0: 00  0   0   0 -  0   0   0 [   0:   0 ]
> > >   unused
> > >  1: 00  0   0   0 -  0   0   0 [   0:   0 ]
> > >   unused
> > >  2: 00  0   0   0 -  0   0   0 [   0:   0 ]
> > >   unused
> > > *3: A6  0   1   2 -  45599 254  63 [  64:   732563936 ]
> > >   OpenBSD
> > >
> > > DISKLABEL:
> > >
> > > # /dev/rsd5c:
> > > type: SCSI
> > > disk: SCSI disk
> > > label: whoknows
> > > duid: 470974d3647801b8
> > > flags:
> > > bytes/sector: 4096
> > > sectors/track: 63
> > > tracks/cylinder: 255
> > > sectors/cylinder: 16065
> > > cylinders: 45600
> > > total sectors: 732566646
> > > boundstart: 64
> > > boundend: 732564000
> > > drivedata: 0
> > >
> > > 16 partitions:
> > > #size   offset  fstype [fsize bsize  cpg]
> > >   a:732563936   64RAID
> > >   c:7325666460  unused
> > >
> > > BIOCTL output
> > >
> > > $ sudo bioctl -h -v -c C -l /dev/sd3a softraid0
> > > softraid0: sd3a has unsupported sector size (4096)
> > > softraid0: invalid metadata format
> > >
> > > Thanks in advance, Marcus
> > >
> > > DMESG FULL:
> > > This is -current with a patch from brad@ to get the NICs (re) working.
> > >
> > > OpenBSD 5.5-current (GENERIC.MP) #3: Tue Mar 11 14:18:33 CET 2014
> > > r...@fofo.fifi.at:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> > > real mem = 4161052672 (3968MB)
> > > avail mem = 4041580544 (3854MB)
> > > mainbus0 at root
> > > bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xeb530 (73 entries)
> > > bios0: vendor American Megatrends Inc. version "1.03" date 08/09/2013
> > > bios0: Shuttle Inc. DS47D
> > > acpi0 at bios0: rev 2
> > > acpi0: sleep states S0 S3 S4 S5
> > > acpi0: tables DSDT FACP APIC FPDT MCFG SLIC HPET SSDT SSDT SSDT
> > > acpi0: wakeup devices P0P1(S4) USB1(S3) USB2(S3) USB3(S3) USB4(S3)
> > > USB5(S3) USB6(S3) USB7(S3) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4)
> > > RP03(S4) PXSX(S4) RP04(S4) [...]
> > > acpitimer0 at acpi0: 3579545 Hz, 24 bits
> > > acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> > >

Re: match rules and priorities

2015-10-08 Thread Christer Solskogen 
On Thu, Oct 8, 2015 at 10:57 AM, Ville Valkonen  wrote:
>
> you can only queue outgoing traffic. Once you think about it, that makes
> sense.
>

I boiled the rule down to this:
match proto tcp to port { http https } set prio 7

But I still can't see that it does anything useful, as I don't see any
better speed on http with or without that rule.
What have I missed? :(

-- 
chs

Re: softraid(4)/bioctl(8) vs. non-512-byte sectors disks

2015-10-08 Thread Kenneth R Westerback 
On 10/08, Marcus MERIGHI wrote:
> kwesterb...@gmail.com (Kenneth Westerback), 2014.03.19 (Wed) 17:09 (CET):
> > Alas, softraid only supports 512 byte block devices at the moment.
> >  Ken
> 
> Any news on this one? No answer as always means 'no'. 
> 
> I saw plus58.html:
> * Use DEV_BSIZE instead of 512 where appropriate in the kernel. This
>   starts laying the groundwork to allow disks with other sector sizes.
> 
> 
> Just asking because some time has gone by and krw@ thought it was a
> pitty [0]: 
> 
> [0] http://dictionary.reference.com/browse/alas
> used as an exclamation to express sorrow, grief, pity, concern, or
> apprehension of evil.
> 
> Thanks+Bye, Marcus
> 

The 4K problem was 'solved' at c2k15 but unfortunately has not been
committed yet. The most likey diff is below. More expressions of
interest in getting it committed (especially if accompanied by test
reports) would help. Of course finding bugs would be good too!

 Ken

> > On Mar 19, 2014 11:36 AM, "Marcus MERIGHI"  wrote:
> > 
> > > Reference:
> > > ``Softraid 3TB Problems''
> > > http://marc.info/?l=openbsd-misc=136225193931620
> > >
> > > Difference:
> > > My HDDs show up as 4096 bytes/sector in dmesg.
> > >
> > > Short:
> > > Are there any options for disks that come with 4096 bytes/sector to use
> > > with softraid(4)/bioctl(8)?
> > >
> > > Long:
> > >
> > > So I got these lovely large disks:
> > >
> > > DMESG (full one at the end):
> > >
> > > umass4 at uhub5 port 4 configuration 1 interface 0 "Intenso USB 3.0
> > >   Device" rev 2.10/1.00 addr 9
> > > umass4: using SCSI over Bulk-Only
> > > scsibus5 at umass4: 2 targets, initiator 0
> > > sd5 at scsibus5 targ 1 lun 0:  SCSI4
> > >   0/direct fixed serial.174c55aa22DF
> > > sd5: 2861588MB, 4096 bytes/sector, 732566646 sectors
> > > 
> > > I suppose right above is my problem?
> > >
> > > FDISK:
> > >
> > > Disk: sd5   geometry: 45600/255/63 [732566646 4096-byte Sectors]
> > > Offset: 0   Signature: 0xAA55
> > > Starting Ending LBA Info:
> > >  #: id  C   H   S -  C   H   S [   start:size ]
> > >
> > >
> > -
> > --
> > >  0: 00  0   0   0 -  0   0   0 [   0:   0 ]
> > >   unused
> > >  1: 00  0   0   0 -  0   0   0 [   0:   0 ]
> > >   unused
> > >  2: 00  0   0   0 -  0   0   0 [   0:   0 ]
> > >   unused
> > > *3: A6  0   1   2 -  45599 254  63 [  64:   732563936 ]
> > >   OpenBSD
> > >
> > > DISKLABEL:
> > >
> > > # /dev/rsd5c:
> > > type: SCSI
> > > disk: SCSI disk
> > > label: whoknows
> > > duid: 470974d3647801b8
> > > flags:
> > > bytes/sector: 4096
> > > sectors/track: 63
> > > tracks/cylinder: 255
> > > sectors/cylinder: 16065
> > > cylinders: 45600
> > > total sectors: 732566646
> > > boundstart: 64
> > > boundend: 732564000
> > > drivedata: 0
> > >
> > > 16 partitions:
> > > #size   offset  fstype [fsize bsize  cpg]
> > >   a:732563936   64RAID
> > >   c:7325666460  unused
> > >
> > > BIOCTL output
> > >
> > > $ sudo bioctl -h -v -c C -l /dev/sd3a softraid0
> > > softraid0: sd3a has unsupported sector size (4096)
> > > softraid0: invalid metadata format
> > >
> > > Thanks in advance, Marcus
> > >

This is the diff that makes softraid of all kinds work on disks
with non-512-byte-sector disks. In fact it allows softraid volumes
to be constructed out of disks with different sector sizes. It will
present the constructed volume as having a sector size equal to the
largest sector of the devices used to contruct the softraid volume.

Test would be appreciated! As would ok's.

I manage to install a snap on a 4K device with an encrypted disk.
Couldn't boot it but if anybody has a BIOS that will boot a 4K drive
that would be an excellent test.

Index: softraid.c
===
RCS file: /cvs/src/sys/dev/softraid.c,v
retrieving revision 1.360
diff -u -p -r1.360 softraid.c
--- softraid.c  21 Jul 2015 03:30:51 -  1.360
+++ softraid.c  21 Jul 2015 04:02:14 -
@@ -944,6 +944,7 @@ sr_meta_validate(struct sr_discipline *s
 */
if (sm->ssd_data_blkno == 0)
sm->ssd_data_blkno = SR_META_V3_DATA_OFFSET;
+   sm->ssdi.ssd_secsize = DEV_BSIZE;
 
} else if (sm->ssdi.ssd_version == 4) {
 
@@ -953,14 +954,22 @@ sr_meta_validate(struct sr_discipline *s
 */
if (sm->ssd_data_blkno == 0)
sm->ssd_data_blkno = SR_DATA_OFFSET;
+   sm->ssdi.ssd_secsize = DEV_BSIZE;
 
-   } else if (sm->ssdi.ssd_version == SR_META_VERSION) {
+   } else if (sm->ssdi.ssd_version == 5) {
 
/*
 * Version 5 - variable

Re: match rules and priorities

2015-10-08 Thread David Dahlberg 
Am Donnerstag, den 08.10.2015, 15:26 +0200 schrieb Christer Solskogen:
> I boiled the rule down to this:
> match proto tcp to port { http https } set prio 7
> 
> But I still can't see that it does anything useful, as I don't see any
> better speed on http with or without that rule.
> What have I missed? :(

You missed to identify the bottleneck. 

Effectively, traffic shaping does only have an impact on the bottleneck
link. If this happens not to be the priority queue that you just
configured, then you basically added just another fast lane to an empty
motorway.

Re: softraid(4)/bioctl(8) vs. non-512-byte sectors disks

2015-10-08 Thread Kenneth Westerback 
On 8 October 2015 at 07:13, Marcus MERIGHI  wrote:
> mcmer-open...@tor.at (Marcus MERIGHI), 2015.10.08 (Thu) 12:26 (CEST):
>> kwesterb...@gmail.com (Kenneth Westerback), 2014.03.19 (Wed) 17:09 (CET):
>> > Alas, softraid only supports 512 byte block devices at the moment.
>> >  Ken
>>
>> Any news on this one? No answer as always means 'no'.
>
> After reading the commit log for softraid I am pretty sure the answer
> is 'no'. Therefore I have a) a patch for softraid(4) and b) another
> question.
>
> Question: searching for large (>1TB) HDDs I found there's '512e' [1]. Is
> this enough for softraid to work? The wikipedia article reads good, just
> to make sure.

Yes, disks that are 4K internally but present as 512-byte devices work fine.

 Ken

>
> Index: softraid.4
> ===
> RCS file: /cvs/src/share/man/man4/softraid.4,v
> retrieving revision 1.41
> diff -u -p -u -r1.41 softraid.4
> --- softraid.4  14 Apr 2015 19:10:13 -  1.41
> +++ softraid.4  8 Oct 2015 10:53:25 -
> @@ -208,3 +208,5 @@ due to component failure.
>  RAID is
>  .Em not
>  a substitute for good backup practices.
> +.Pp
> +Only disks with 512 bytes per sector are supported.
>
> [1] https://en.wikipedia.org/wiki/Advanced_Format#512e
>
> Bye, Marcus
>
>> I saw plus58.html:
>> * Use DEV_BSIZE instead of 512 where appropriate in the kernel. This
>>   starts laying the groundwork to allow disks with other sector sizes.
>>
>>
>> Just asking because some time has gone by and krw@ thought it was a
>> pitty [0]:
>>
>> [0] http://dictionary.reference.com/browse/alas
>> used as an exclamation to express sorrow, grief, pity, concern, or
>> apprehension of evil.
>>
>> Thanks+Bye, Marcus
>>
>> > On Mar 19, 2014 11:36 AM, "Marcus MERIGHI"  wrote:
>> >
>> > > Reference:
>> > > ``Softraid 3TB Problems''
>> > > http://marc.info/?l=openbsd-misc=136225193931620
>> > >
>> > > Difference:
>> > > My HDDs show up as 4096 bytes/sector in dmesg.
>> > >
>> > > Short:
>> > > Are there any options for disks that come with 4096 bytes/sector to use
>> > > with softraid(4)/bioctl(8)?
>> > >
>> > > Long:
>> > >
>> > > So I got these lovely large disks:
>> > >
>> > > DMESG (full one at the end):
>> > >
>> > > umass4 at uhub5 port 4 configuration 1 interface 0 "Intenso USB 3.0
>> > >   Device" rev 2.10/1.00 addr 9
>> > > umass4: using SCSI over Bulk-Only
>> > > scsibus5 at umass4: 2 targets, initiator 0
>> > > sd5 at scsibus5 targ 1 lun 0:  SCSI4
>> > >   0/direct fixed serial.174c55aa22DF
>> > > sd5: 2861588MB, 4096 bytes/sector, 732566646 sectors
>> > > 
>> > > I suppose right above is my problem?
>> > >
>> > > FDISK:
>> > >
>> > > Disk: sd5   geometry: 45600/255/63 [732566646 4096-byte Sectors]
>> > > Offset: 0   Signature: 0xAA55
>> > > Starting Ending LBA Info:
>> > >  #: id  C   H   S -  C   H   S [   start:size ]
>> > >
>> > >
>> > -
>> > --
>> > >  0: 00  0   0   0 -  0   0   0 [   0:   0 ]
>> > >   unused
>> > >  1: 00  0   0   0 -  0   0   0 [   0:   0 ]
>> > >   unused
>> > >  2: 00  0   0   0 -  0   0   0 [   0:   0 ]
>> > >   unused
>> > > *3: A6  0   1   2 -  45599 254  63 [  64:   732563936 ]
>> > >   OpenBSD
>> > >
>> > > DISKLABEL:
>> > >
>> > > # /dev/rsd5c:
>> > > type: SCSI
>> > > disk: SCSI disk
>> > > label: whoknows
>> > > duid: 470974d3647801b8
>> > > flags:
>> > > bytes/sector: 4096
>> > > sectors/track: 63
>> > > tracks/cylinder: 255
>> > > sectors/cylinder: 16065
>> > > cylinders: 45600
>> > > total sectors: 732566646
>> > > boundstart: 64
>> > > boundend: 732564000
>> > > drivedata: 0
>> > >
>> > > 16 partitions:
>> > > #size   offset  fstype [fsize bsize  cpg]
>> > >   a:732563936   64RAID
>> > >   c:7325666460  unused
>> > >
>> > > BIOCTL output
>> > >
>> > > $ sudo bioctl -h -v -c C -l /dev/sd3a softraid0
>> > > softraid0: sd3a has unsupported sector size (4096)
>> > > softraid0: invalid metadata format
>> > >
>> > > Thanks in advance, Marcus
>> > >
>> > > DMESG FULL:
>> > > This is -current with a patch from brad@ to get the NICs (re) working.
>> > >
>> > > OpenBSD 5.5-current (GENERIC.MP) #3: Tue Mar 11 14:18:33 CET 2014
>> > > r...@fofo.fifi.at:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>> > > real mem = 4161052672 (3968MB)
>> > > avail mem = 4041580544 (3854MB)
>> > > mainbus0 at root
>> > > bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xeb530 (73 entries)
>> > > bios0: vendor American Megatrends Inc. version "1.03" date 08/09/2013
>> > > bios0: Shuttle Inc. DS47D
>> > > acpi0 at bios0: rev 2
>> > > acpi0: sleep states S0 S3 S4 S5
>> > > acpi0: tables DSDT FACP APIC FPDT MCFG SLIC HPET

Re: match rules and priorities

2015-10-08 Thread Giancarlo Razzolini 
Em 08-10-2015 05:36, Christer Solskogen escreveu:
> I'm having a bit trouble understanding match rules and priorities. I
> have a lot of traffic on other ports than http and https, but I want
> to have top priority on them instead of the others.
>
> So I have these rules:
> match proto tcp to port { ftp, http, https, 3129 } set prio 7
> match proto tcp from port { ftp, http, https, 3129 } set prio 7
>
> Do I need them both? And where in pf.conf should they be? I've tried
> having them on top, and on bottom, but still I get very low speeds for
> downloads on http.
You are mixing things. First of all, ftp goes through OpenBSD's
ftp-proxy. So you should prioritize packets leaving it, not coming from
the machines. Fortunately, ftp-proxy can apply a tag to its packets, so
it should be easy to set a priority on them. Port 3129 is some proxy,
I'm betting on squid, right? Same issue as the ftp-proxy, you should
prioritize the packets leaving it. Perhaps by using the user directive
of pf?

As for direct http and https connections, you can prioritize them,
but keep in mind that you can only queue on the outgoing. Also, you can
set the priority passing two of them, so packets with lowdelay TOS and
empty acks can go to a higher priority, hence improving your interactive
browsing and your downloads.

Cheers,
Giancarlo Razzolini

Re: CD's arrived

2015-10-08 Thread Richard Thornton 
I am in NJ. Have not received anything yet.

RT

Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
  Original Message  
From: Raf Czlonka
Sent: Wednesday, October 7, 2015 2:38 PM
To: misc@openbsd.org
Subject: Re: CD's arrived

On Wed, Oct 07, 2015 at 03:51:28PM BST, M Wheeler wrote:

> CD's arrived today UK. Thanks again.

Got mine today, too :^)

Raf

Re: requesting help working around boot failures with supermicro atom board

2015-10-08 Thread Mike Larkin 
On Wed, Oct 07, 2015 at 11:17:25PM -0400, Dewey Hylton wrote:
> you missed my update which followed that post. it did not survive the night
> - even with lm disabled in the kernel, some number of reboots later i
> encountered the same failure. that update is on the list, but i'll include
> the copy/paste below.
> 
> meanwhile, is there still hope for answers relating to acpi?
> 

I doubt it. I took a look at your AML and it seemed reasonable.

-ml

> -- Forwarded message --
> From: Dewey Hylton 
> To: misc@openbsd.org
> Cc:
> Date: Tue, 15 Sep 2015 19:19:10 + (UTC)
> Subject: Re: requesting help working around boot failures with supermicro
> atom board
> Dewey Hylton  gmail.com> writes:
> 
> >
> > Mark Kettenis  xs4all.nl> writes:
> 
> > > Oh that is interesting.  Can you try disabling the lm(4) driver in
> > > your kernel?  You can do:
> > >
> > > # config -ef /bsd
> > > ...
> > > ukc> disable lm
> > > 254 lm0 disabled
> > > 255 lm* disabled
> > > 256 lm* disabled
> > > ukc> quit
> > > Saving modified kernel.
> > > # reboot
> > >
> > > That reboot will probably still hang.  But it'd be interesting to see
> > > if any subsequent reboots work better.
> >
> 
> 
> sadly, the first thing i heard when entering the lab this morning was
> BEP!
> 
> so disabling the sensor drivers in the kernel did not do the trick. without
> other ideas, i'm down to providing acpidump output and hoping someone can
> tell me where to go next ...
> 
> 
> On Wed, Oct 7, 2015 at 12:41 AM, Mike Larkin  wrote:
> 
> > On Tue, Sep 15, 2015 at 02:45:02AM +, Dewey Hylton wrote:
> > > Mark Kettenis  xs4all.nl> writes:
> > >
> > > >
> > > > > # sysctl -a|grep 'sensors.*temp'
> > > > > hw.sensors.cpu0.temp0=30.00 degC
> > > > > hw.sensors.lm1.temp0=0.00 degC
> > > > > hw.sensors.lm1.temp1=14.00 degC
> > > > > hw.sensors.lm1.temp2=14.00 degC
> > > > > # reboot
> > > > >
> > > > > BEEEP!
> > > >
> > > > Oh that is interesting.  Can you try disabling the lm(4) driver in
> > > > your kernel?  You can do:
> > > >
> > > > # config -ef /bsd
> > > > ...
> > > > ukc> disable lm
> > > > 254 lm0 disabled
> > > > 255 lm* disabled
> > > > 256 lm* disabled
> > > > ukc> quit
> > > > Saving modified kernel.
> > > > # reboot
> > > >
> > > > That reboot will probably still hang.  But it'd be interesting to see
> > > > if any subsequent reboots work better.
> > >
> > > *this* interests me, and was basically what i was asking in the original
> > > post - except i had no idea what might need to be disabled. one step at a
> > > time, it's been interesting the things that have popped up.
> > >
> > > still no idea whether this has anything to do with the seemingly
> > > openbsd-only issue, but ...
> > >
> > > i made this change, booted the new kernel, ran 'cksum /dev/mem' a bunch
> > of
> > > times in hopes of raising the temperature somewhat (did get to 36C,
> > which is
> > > higher than in my previous tests). then i rebooted, and the box came
> > back up
> > > without incident.
> > >
> > > so i'm going to run through this several times with reboots in every 20
> > > minutes or so and see if it survives the night.
> > >
> >
> > Based on this and my previous email, my recommendation would be to disable
> > lm(4) on this particular machine.

Re: CD's arrived

2015-10-08 Thread ian kremlin 
Hello

Syracuse, NY -- no CD, but poster has arrived. looks great!

http://ce.gl/openbsd-5.8-poster.jpg

ian

On Wed, Oct 7, 2015 at 10:51 AM, M Wheeler <6f84c...@refn.co.uk> wrote:
> CD's arrived today UK. Thanks again.

Re: Captive portal with OpenBSD as a hostap

2015-10-08 Thread Kapetanakis Giannis 

On 08/10/15 23:17, Predrag Punosevac wrote:

Somebody will correct me if I am wrong but the way that Authpf works (I
have configured it in the past) is to load a new set of PF rules after
successful ssh login. My understanding is that by default the traffic
remains unencrypted unless we use more PF magic to force HTTP traffic
(HTTPS should be encrypted itself) through some kind VPN over SSH. That
way this chapter of the Book of PF was always such a mystery to me.

http://home.nuug.no/~peter/pf/en/vegard.authpf.html


authpf indeed loads rules per user, and also adds the user's IP in 
authpf_users table.
This is done to allow further traffic to be routed through the ssh 
gateway (from authenticated users).


It does not encrypt traffic. Usually you're doing this on the same LAN 
(client/server).
The http redirect on the book is mostly a redirect to an informations 
page (and maybe ssh download location).




as my understanding is that wpa2 will encrypt entire traffic (I am not
discussing how securely).

Installing ssh clients on various tablets/smart phones is non-trivial
thing for uneducated user. Since I don't want to disturb bad spirits and
bring back old flame wars fought over web interface for AuthPF I would
like to suggest something else.

Namely OpenBSD includes npppd and IPSec and setting and L2TP over IPsec
VPN is a breeze as I found out by setting it up.

http://marc.info/?l=openbsd-misc=142791463307903=2

In my experience most Android/Kindel/Smart phone devices have a client
for L2TP via IPSec and it is very easy to use it. What I am trying to
say is that one could set an "unprotected" WiFi network allowing only
L2TP/IPSec authentication. Once a device is authenticated PF rules would
allow HTTP, HTTPS and what not through L2TP/IPSec VPN tunnel. The
devices will have Internet connection. Whole traffic will be inside an
encrypted tunnel and no special software will be required on
Android/Smart phone devices.

Best,
Predrag


Have in mind that the traffic is encrypted only from client to the vpn 
server and not up to the final destination.
VPN is usually used to get in the network from remote locations or 
remotely use local network resources to get out.

Nevertheless it's an option :)

Another option would be 802.1x but the OP asked for a captive portal and 
we're getting off topic...


regards,

G

Re: requesting help working around boot failures with supermicro atom board

2015-10-08 Thread Dewey Hylton 
ah, well thanks for taking a look.

On Thu, Oct 8, 2015 at 3:09 PM, Mike Larkin  wrote:

> On Wed, Oct 07, 2015 at 11:17:25PM -0400, Dewey Hylton wrote:
> > you missed my update which followed that post. it did not survive the
> night
> > - even with lm disabled in the kernel, some number of reboots later i
> > encountered the same failure. that update is on the list, but i'll
> include
> > the copy/paste below.
> >
> > meanwhile, is there still hope for answers relating to acpi?
> >
>
> I doubt it. I took a look at your AML and it seemed reasonable.
>
> -ml
>
> > -- Forwarded message --
> > From: Dewey Hylton 
> > To: misc@openbsd.org
> > Cc:
> > Date: Tue, 15 Sep 2015 19:19:10 + (UTC)
> > Subject: Re: requesting help working around boot failures with supermicro
> > atom board
> > Dewey Hylton  gmail.com> writes:
> >
> > >
> > > Mark Kettenis  xs4all.nl> writes:
> >
> > > > Oh that is interesting.  Can you try disabling the lm(4) driver in
> > > > your kernel?  You can do:
> > > >
> > > > # config -ef /bsd
> > > > ...
> > > > ukc> disable lm
> > > > 254 lm0 disabled
> > > > 255 lm* disabled
> > > > 256 lm* disabled
> > > > ukc> quit
> > > > Saving modified kernel.
> > > > # reboot
> > > >
> > > > That reboot will probably still hang.  But it'd be interesting to see
> > > > if any subsequent reboots work better.
> > >
> >
> >
> > sadly, the first thing i heard when entering the lab this morning was
> > BEP!
> >
> > so disabling the sensor drivers in the kernel did not do the trick.
> without
> > other ideas, i'm down to providing acpidump output and hoping someone can
> > tell me where to go next ...
> >
> >
> > On Wed, Oct 7, 2015 at 12:41 AM, Mike Larkin 
> wrote:
> >
> > > On Tue, Sep 15, 2015 at 02:45:02AM +, Dewey Hylton wrote:
> > > > Mark Kettenis  xs4all.nl> writes:
> > > >
> > > > >
> > > > > > # sysctl -a|grep 'sensors.*temp'
> > > > > > hw.sensors.cpu0.temp0=30.00 degC
> > > > > > hw.sensors.lm1.temp0=0.00 degC
> > > > > > hw.sensors.lm1.temp1=14.00 degC
> > > > > > hw.sensors.lm1.temp2=14.00 degC
> > > > > > # reboot
> > > > > >
> > > > > > BEEEP!
> > > > >
> > > > > Oh that is interesting.  Can you try disabling the lm(4) driver in
> > > > > your kernel?  You can do:
> > > > >
> > > > > # config -ef /bsd
> > > > > ...
> > > > > ukc> disable lm
> > > > > 254 lm0 disabled
> > > > > 255 lm* disabled
> > > > > 256 lm* disabled
> > > > > ukc> quit
> > > > > Saving modified kernel.
> > > > > # reboot
> > > > >
> > > > > That reboot will probably still hang.  But it'd be interesting to
> see
> > > > > if any subsequent reboots work better.
> > > >
> > > > *this* interests me, and was basically what i was asking in the
> original
> > > > post - except i had no idea what might need to be disabled. one step
> at a
> > > > time, it's been interesting the things that have popped up.
> > > >
> > > > still no idea whether this has anything to do with the seemingly
> > > > openbsd-only issue, but ...
> > > >
> > > > i made this change, booted the new kernel, ran 'cksum /dev/mem' a
> bunch
> > > of
> > > > times in hopes of raising the temperature somewhat (did get to 36C,
> > > which is
> > > > higher than in my previous tests). then i rebooted, and the box came
> > > back up
> > > > without incident.
> > > >
> > > > so i'm going to run through this several times with reboots in every
> 20
> > > > minutes or so and see if it survives the night.
> > > >
> > >
> > > Based on this and my previous email, my recommendation would be to
> disable
> > > lm(4) on this particular machine.

Re: Captive portal with OpenBSD as a hostap

2015-10-08 Thread Predrag Punosevac 
Kapetanakia Giannis wrote:

> 
> On 05/10/15 14:35, David Coppa wrote:
> > On Mon, Oct 5, 2015 at 1:18 PM, C.L. Martinez 
> wrote:
> >> Hi all,
> >>
> >>   I have installed an openbsd vm to works as a hostap for tablets and
> >> smartphones (android and iOS).
> >>
> >>   All it is working ok: pf, hostapd and dhcpd server. All tablets and
> >> smartphones that I have tested works ok, connects and surfs Internet.
> >>
> >>   But now I am thinking to use some type of auth (user/pass using a
> SSL/TLS
> >> channel) instead to use wpa/wpa2 keys.
> >>
> >>   Sometime ago exists this project: Chillispot
> (http://www.chillispot.org/)
> >> but it seems discontinued.
> >>
> >>   Someone knows any type of project/software to accomplish?? I would
> like to
> >> keep simple as much as I can.
> >>
> >> Thanks.
> >>
> > You could try CoovaChilli.
> >
> > https://github.com/sevan/coova-chilli/
> >
> > http://coova.github.io/
> >
> > Ciao
> > David
> 
> Another option you could look is authpf(8) which is in base.
> Not web based captive portal, but similar setup with ssh.
> 
> G

Somebody will correct me if I am wrong but the way that Authpf works (I
have configured it in the past) is to load a new set of PF rules after
successful ssh login. My understanding is that by default the traffic
remains unencrypted unless we use more PF magic to force HTTP traffic
(HTTPS should be encrypted itself) through some kind VPN over SSH. That
way this chapter of the Book of PF was always such a mystery to me.

http://home.nuug.no/~peter/pf/en/vegard.authpf.html

as my understanding is that wpa2 will encrypt entire traffic (I am not
discussing how securely).  

Installing ssh clients on various tablets/smart phones is non-trivial
thing for uneducated user. Since I don't want to disturb bad spirits and
bring back old flame wars fought over web interface for AuthPF I would
like to suggest something else.

Namely OpenBSD includes npppd and IPSec and setting and L2TP over IPsec
VPN is a breeze as I found out by setting it up.

http://marc.info/?l=openbsd-misc=142791463307903=2

In my experience most Android/Kindel/Smart phone devices have a client
for L2TP via IPSec and it is very easy to use it. What I am trying to
say is that one could set an "unprotected" WiFi network allowing only
L2TP/IPSec authentication. Once a device is authenticated PF rules would
allow HTTP, HTTPS and what not through L2TP/IPSec VPN tunnel. The
devices will have Internet connection. Whole traffic will be inside an
encrypted tunnel and no special software will be required on
Android/Smart phone devices.

Best,
Predrag

Re: CD's arrived

2015-10-08 Thread Aaron Poffenberger 

On 10/08/15 16:13, ian kremlin wrote:

Hello

Syracuse, NY -- no CD, but poster has arrived. looks great!

http://ce.gl/openbsd-5.8-poster.jpg

ian

On Wed, Oct 7, 2015 at 10:51 AM, M Wheeler <6f84c...@refn.co.uk> wrote:

CD's arrived today UK. Thanks again.



Bonus points for effective use of Symbolics keyboard, manual and panel!

kernel panic

2015-10-08 Thread Holger Glaess 

hi

what kind of information you need more ?

holger


Stopped at  0:ehci0: unrecoverable error, controller halted
panic: kernel diagnostic assertion "ci->ci_fpcurproc == p" failed: file 
"../../../../arch/i386/isa/npx.c", line 881

  Stopped at  Debugger+0x7:   leave
   TIDPIDUID PRFLAGS PFLAGS  CPU  COMMAND
Debugger(d09fe02c,f51cfdd4,d09d8f30,f51cfdd4,d709bfc8) at Debugger+0x7
panic(d09d8f30,d0957746,d0b0522f,d0b0532c,371) at panic+0x71
__assert(d0957746,d0b0532c,371,d0b0522f,d0bbb160) at __assert+0x2e
npxsave_proc(d7216744,0,f51cfe58,d03b9029,40) at npxsave_proc+0x5a
cpu_exit(d7216744,d7215000,d709b00c,0,1) at cpu_exit+0x2a
exit1(d7216744,4,1,d03b3844,40,4,1,0) at exit1+0x22c
sigexit(d7216744,4,0,0,21fc000) at sigexit+0x76
postsig(4,0,808f05d0,63,21de800) at postsig+0x28a
userret(d7216744) at userret+0x49
alltraps(,,,,) at alltraps+0x2e
uvm_fault(0xd0bbb0a0, 0xd000, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at  trap+0x18:  movl0x2c(%esi),%edi
   TIDPIDUID PRFLAGS PFLAGS  CPU  COMMAND
trap() at trap+0x18
--- trap (number 32) ---
0:
http://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb>


OpenBSD 5.8-current (GENERIC) #1219: Thu Oct  8 07:55:22 MDT 2015
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Genuine Intel(R) processor 1.20GHz ("GenuineIntel" 686-class) 1.21 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,PBE,PERF

real mem  = 1072041984 (1022MB)
avail mem = 1038999552 (990MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: date 07/06/09, BIOS32 rev. 0 @ 0xfa530, SMBIOS rev. 
2.2 @ 0xf0800 (39 entries)
bios0: vendor Phoenix Technologies, LTD version "ANSA 3020 R01  
Jul,2,2009" date 07/06/2009

acpi0 at bios0: rev 0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP MCFG APIC
acpi0: wakeup devices EPA0(S3) EPA1(S3) PEX0(S5) PEX1(S5) PEX2(S5) 
PEX3(S5) HUB0(S5) PCI0(S5)

acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 133MHz
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 2 (EPA1)
acpiprt2 at acpi0: bus -1 (BR10)
acpiprt3 at acpi0: bus -1 (BR11)
acpiprt4 at acpi0: bus -1 (BR12)
acpiprt5 at acpi0: bus -1 (BR13)
acpiprt6 at acpi0: bus -1 (BR14)
acpiprt7 at acpi0: bus 3 (P0P1)
acpiprt8 at acpi0: bus -1 (PEX0)
acpiprt9 at acpi0: bus -1 (PEX1)
acpiprt10 at acpi0: bus -1 (PEX2)
acpiprt11 at acpi0: bus -1 (PEX3)
acpiprt12 at acpi0: bus -1 (HUB0)
acpicpu0 at acpi0: C1(@1 halt!)
acpitz0 at acpi0: critical temperature is 75 degC
acpibtn0 at acpi0: PWRB
bios0: ROM list: 0xc8000/0x4000! 0xcc000/0x2200! 0xef000/0x1000!
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel EP80579 Host" rev 0x01
"Intel EP80579 Memory" rev 0x01 at pci0 dev 0 function 1 not configured
"Intel EP80579 EDMA" rev 0x01 at pci0 dev 1 function 0 not configured
ppb0 at pci0 dev 2 function 0 "Intel EP80579 PCIE" rev 0x01: apic 2 int 16
pci1 at ppb0 bus 1
em0 at pci1 dev 0 function 0 "Intel 82574L" rev 0x00: msi, address 
00:14:b7:00:61:63

ppb1 at pci0 dev 3 function 0 "Intel EP80579 PCIE" rev 0x01: apic 2 int 16
pci2 at ppb1 bus 2
ppb2 at pci0 dev 4 function 0 "Intel EP80579" rev 0x01
pci3 at ppb2 bus 3
em1 at pci3 dev 0 function 0 "Intel EP80579 LAN" rev 0x01: apic 2 int 
16, address 00:14:b7:00:61:65
em2 at pci3 dev 1 function 0 "Intel EP80579 LAN" rev 0x01: apic 2 int 
17, address 00:14:b7:00:61:66
em3 at pci3 dev 2 function 0 "Intel EP80579 LAN" rev 0x01: apic 2 int 
18, address ff:ff:ff:ff:ff:ff

gcu0 at pci3 dev 3 function 0 "Intel EP80579 GCU" rev 0x01
"Intel EP80579 CANbus" rev 0x01 at pci3 dev 4 function 0 not configured
"Intel EP80579 CANbus" rev 0x01 at pci3 dev 5 function 0 not configured
"Intel EP80579 Serial" rev 0x01 at pci3 dev 6 function 0 not configured
"Intel EP80579 1588" rev 0x01 at pci3 dev 7 function 0 not configured
"Intel EP80579 LEB" rev 0x01 at pci3 dev 8 function 0 not configured
vendor "Intel", unknown product 0x502d (class processor subclass 
Co-processor, rev 0x01) at pci3 dev 9 function 0 not configured

"Intel EP80579 Reserved" rev 0x01 at pci3 dev 10 function 0 not configured
vendor "Intel", unknown product 0x504c (class processor subclass 
Co-processor, rev 0x01) at pci3 dev 11 function 0 not configured

"Intel EP80579 Reserved" rev 0x01 at pci3 dev 12 function 0 not configured
uhci0 at pci0 dev 29 function 0 "Intel EP80579 USB" rev 0x01: apic 2 int 23
ehci0 at pci0 dev 29 function 7 "Intel EP80579 USB" rev 0x01: apic 2 int 23
usb0 at ehci0: USB

Re: match rules and priorities

2015-10-08 Thread Kimmo Paasiala 
On Thu, Oct 8, 2015 at 4:26 PM, Christer Solskogen
 wrote:
> On Thu, Oct 8, 2015 at 10:57 AM, Ville Valkonen  wrote:
>>
>> you can only queue outgoing traffic. Once you think about it, that makes
>> sense.
>>
>
> I boiled the rule down to this:
> match proto tcp to port { http https } set prio 7
>
> But I still can't see that it does anything useful, as I don't see any
> better speed on http with or without that rule.
> What have I missed? :(
>
> --
> chs
>

As others have pointed out you can set priorities only on traffic
leaving out via an interface. Your downloads from the internet are
incoming traffic on your internet facing network interface and can not
be prioritized.

-Kimmo

Re: kernel panic

2015-10-08 Thread Mike Larkin 
On Fri, Oct 09, 2015 at 06:22:53AM +0200, Holger Glaess wrote:
> hi
> 
> what kind of information you need more ?
> 

uhm. this machine is very very strange. It has devices I've never
seen before and many other devices not even recognized. Without access
to the hardware there's not much we can do here.

You've posted about this machine in the past, and we've done our best
to help you but I think this may be a losing battle.

> holger
> 
> 
> Stopped at  0:ehci0: unrecoverable error, controller halted
> panic: kernel diagnostic assertion "ci->ci_fpcurproc == p" failed: file
> "../../../../arch/i386/isa/npx.c", line 881
>   Stopped at  Debugger+0x7:   leave
>TIDPIDUID PRFLAGS PFLAGS  CPU  COMMAND
> Debugger(d09fe02c,f51cfdd4,d09d8f30,f51cfdd4,d709bfc8) at Debugger+0x7
> panic(d09d8f30,d0957746,d0b0522f,d0b0532c,371) at panic+0x71
> __assert(d0957746,d0b0532c,371,d0b0522f,d0bbb160) at __assert+0x2e
> npxsave_proc(d7216744,0,f51cfe58,d03b9029,40) at npxsave_proc+0x5a
> cpu_exit(d7216744,d7215000,d709b00c,0,1) at cpu_exit+0x2a
> exit1(d7216744,4,1,d03b3844,40,4,1,0) at exit1+0x22c
> sigexit(d7216744,4,0,0,21fc000) at sigexit+0x76
> postsig(4,0,808f05d0,63,21de800) at postsig+0x28a
> userret(d7216744) at userret+0x49
> alltraps(,,,,) at alltraps+0x2e
> uvm_fault(0xd0bbb0a0, 0xd000, 0, 1) -> e
> kernel: page fault trap, code=0
> Stopped at  trap+0x18:  movl0x2c(%esi),%edi
>TIDPIDUID PRFLAGS PFLAGS  CPU  COMMAND
> trap() at trap+0x18
> --- trap (number 32) ---
> 0:
> http://www.openbsd.org/ddb.html describes the minimum info required in bug
> reports.  Insufficient info makes it difficult to find and fix bugs.
> ddb>
> 
> 
> OpenBSD 5.8-current (GENERIC) #1219: Thu Oct  8 07:55:22 MDT 2015
> dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
> cpu0: Genuine Intel(R) processor 1.20GHz ("GenuineIntel" 686-class) 1.21 GHz
> cpu0: 
> FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,PBE,PERF
> real mem  = 1072041984 (1022MB)
> avail mem = 1038999552 (990MB)
> mpath0 at root
> scsibus0 at mpath0: 256 targets
> mainbus0 at root
> bios0 at mainbus0: date 07/06/09, BIOS32 rev. 0 @ 0xfa530, SMBIOS rev. 2.2 @
> 0xf0800 (39 entries)
> bios0: vendor Phoenix Technologies, LTD version "ANSA 3020 R01
> Jul,2,2009" date 07/06/2009
> acpi0 at bios0: rev 0
> acpi0: sleep states S0 S3 S4 S5
> acpi0: tables DSDT FACP MCFG APIC
> acpi0: wakeup devices EPA0(S3) EPA1(S3) PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5)
> HUB0(S5) PCI0(S5)
> acpitimer0 at acpi0: 3579545 Hz, 24 bits
> acpimcfg0 at acpi0 addr 0xe000, bus 0-255
> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> cpu0 at mainbus0: apid 0 (boot processor)
> mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
> cpu0: apic clock running at 133MHz
> ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins
> acpiprt0 at acpi0: bus 0 (PCI0)
> acpiprt1 at acpi0: bus 2 (EPA1)
> acpiprt2 at acpi0: bus -1 (BR10)
> acpiprt3 at acpi0: bus -1 (BR11)
> acpiprt4 at acpi0: bus -1 (BR12)
> acpiprt5 at acpi0: bus -1 (BR13)
> acpiprt6 at acpi0: bus -1 (BR14)
> acpiprt7 at acpi0: bus 3 (P0P1)
> acpiprt8 at acpi0: bus -1 (PEX0)
> acpiprt9 at acpi0: bus -1 (PEX1)
> acpiprt10 at acpi0: bus -1 (PEX2)
> acpiprt11 at acpi0: bus -1 (PEX3)
> acpiprt12 at acpi0: bus -1 (HUB0)
> acpicpu0 at acpi0: C1(@1 halt!)
> acpitz0 at acpi0: critical temperature is 75 degC
> acpibtn0 at acpi0: PWRB
> bios0: ROM list: 0xc8000/0x4000! 0xcc000/0x2200! 0xef000/0x1000!
> pci0 at mainbus0 bus 0: configuration mode 1 (bios)
> pchb0 at pci0 dev 0 function 0 "Intel EP80579 Host" rev 0x01
> "Intel EP80579 Memory" rev 0x01 at pci0 dev 0 function 1 not configured
> "Intel EP80579 EDMA" rev 0x01 at pci0 dev 1 function 0 not configured
> ppb0 at pci0 dev 2 function 0 "Intel EP80579 PCIE" rev 0x01: apic 2 int 16
> pci1 at ppb0 bus 1
> em0 at pci1 dev 0 function 0 "Intel 82574L" rev 0x00: msi, address
> 00:14:b7:00:61:63
> ppb1 at pci0 dev 3 function 0 "Intel EP80579 PCIE" rev 0x01: apic 2 int 16
> pci2 at ppb1 bus 2
> ppb2 at pci0 dev 4 function 0 "Intel EP80579" rev 0x01
> pci3 at ppb2 bus 3
> em1 at pci3 dev 0 function 0 "Intel EP80579 LAN" rev 0x01: apic 2 int 16,
> address 00:14:b7:00:61:65
> em2 at pci3 dev 1 function 0 "Intel EP80579 LAN" rev 0x01: apic 2 int 17,
> address 00:14:b7:00:61:66
> em3 at pci3 dev 2 function 0 "Intel EP80579 LAN" rev 0x01: apic 2 int 18,
> address ff:ff:ff:ff:ff:ff
> gcu0 at pci3 dev 3 function 0 "Intel EP80579 GCU" rev 0x01
> "Intel EP80579 CANbus" rev 0x01 at pci3 dev 4 function 0 not configured
> "Intel EP80579 CANbus" rev 0x01 at pci3 dev 5 function 0 not configured
> "Intel EP80579 Serial" rev 0x01 at pci3 dev 6 function 0 not configured
> "Intel EP80579 1588" rev 0x01 at pci3 dev 7 function 0 not configured
> "Intel EP80579 LEB" rev 0x01 at pci3 dev 8 function 0 not configured
> vendor "Intel", unknown product