Re: [DIFF] New Year's calendar

2016-01-04 Thread Mark Carroll 
On 04 Jan 2016, Jason McIntyre wrote:

> traditionally the 2nd was described as a bank holiday. now banks are
> open on this day. some businesses shut.

It still is a bank holiday, see
https://www.gov.uk/bank-holidays#scotland

Neither my Dundee employer nor my bank (Clydesdale) were open for it.

> let's just leave it that for people on this calendar, 31st is hogmany
> and the 1st is new year's day. days off are no longer inviolate/

The calendar does list others though, like St Andrew's Day.

-- Mark

Re: [DIFF] New Year's calendar

2016-01-04 Thread Jason McIntyre 
On Mon, Jan 04, 2016 at 06:11:58PM +, Jason McIntyre wrote:
> On Mon, Jan 04, 2016 at 03:46:53PM +, Craig Skinner wrote:
> > Happy Hogmanay/New Year!
> > 
> > Scotland & New Zealand have an additional New Year's celebrations
> > hangover recovery public holiday.
> > 
> > In Scotland, Hogmanay is THE most significant winter festival, with
> > internationally popular street parties of 400,000 people dancing.
> > 
> > (Xmas was banned in Scotland for over 400 years, until recently.)
> > 
> 
> i diasgree with this. it's true some of us in scotland get the 2nd off,
> but i'm not sure it's helpful to describe the 2nd as a new year's
> festival.
> 
> really we have hogmany and new year's day. depending on your job, you'll
> get some combination of these off. i worked 31/1 and had the second off.
> lots of people have two weeks...
> 
> traditionally the 2nd was described as a bank holiday. now banks are
> open on this day. some businesses shut.
> 
> let's just leave it that for people on this calendar, 31st is hogmany
> and the 1st is new year's day. days off are no longer inviolate/
> 
> jmc
> 
> ps xmas banned in scotland till recently: how old are you exactly, craig ;)
> 

i just spotted that for some reason calendar lists the 3rd as a holiday
in scotland. i've no idea why. i think we should just remove that entry.

i'm reluctant to add an entry for hogmany as it's just what we (scots)
call new year's eve. i'm not sure there's justification for listing it
separately. i mean, the poles call it sylwester but we don;t add an
entry for that, or any other variant.

i guess you could propose a calendar.scotland addition. i'd be up for
that ;)

jmc

> > 
> > Index: calendar.holiday
> > ===
> > RCS file: /cvs/src/usr.bin/calendar/calendars/calendar.holiday,v
> > retrieving revision 1.32
> > diff -u -p -r1.32 calendar.holiday
> > --- calendar.holiday12 Oct 2015 06:33:21 -  1.32
> > +++ calendar.holiday4 Jan 2016 15:44:21 -
> > @@ -12,7 +12,7 @@
> >  01/01  Universal Fraternity Day in Mozambique
> >  01/02  Ancestry Day in Haiti
> >  01/02  St. Berchtold's Day in Switzerland
> > -01/03  New Year's Holiday in Scotland
> > +01/02  New Year's Holiday in Scotland and New Zealand
> >  01/03  Revolution Day in Upper Volta
> >  01/04  Independence Day in Burma
> >  01/04  Martyrs Day in Zaire
> > @@ -580,5 +580,6 @@
> >  12/29  His Majesty, the King's Birthday in Nepal
> >  12/30  Anniversary of the Democratic Republic of Madagascar in 
> > Madagascar
> >  12/31  Proclamation of the Republic in Congo
> > +12/31  Hogmanay - 3 day year transition festival in Scotland
> >  
> >  #endif /* !_calendar_holiday_ */
> > 
> > 
> > -- 
> > http://www.Scotland.org/features/hogmanay-top-facts/
> > http://www.RampantScotland.com/know/blknow12.htm
> > http://www.EdinburghsHogmanay.com/
> > http://www.EdinburghFestivalCity.com/festivals/edinburghs-hogmanay
> > http://en.wikipedia.org/wiki/Hogmanay

Re: difficulties with ext2 drives

2016-01-04 Thread Matej Nanut 
Hey again;

I know this is an old issue, but I tried resizing my partition to 500
G (was 2 TB) with resize2fs and it started working.

I tried putting some print statements in the ext2fs kernel driver and
noticed the block numbers being huge numbers, so I assumed some sort
of integer overflow. The function bounds_check_with_label consistently
returns EINVAL.

Re: Autoinstall via netboot over VLAN interface

2016-01-04 Thread Robert Peichaer 
On Mon, Jan 04, 2016 at 09:35:04AM -0700, Darren S. wrote:
> I have a router on the end of a 802.1q trunk port that I'd like to
> netboot for install, but this is only possible if I can PXE boot using
> the correct VLAN to reach the PXE server. Some PXE boot ROMs support
> this (mine does not currently) and I was going to try it from a booted
> bsd.rd on the host, but looks like I only have options for physical
> interfaces to select from on an Autoinstall:
> 
> Welcome to the OpenBSD/amd64 5.8 installation program.
> (I)nstall, (U)pgrade, (A)utoinstall or (S)hell? a
> Available network interfaces are: re0 re1 re2 athn0.
> Which network interface should be used for the initial DHCP request?
> (or 'done') [re0]
> DHCPDISCOVER on re0 - interval 3
> DHCPDISCOVER on re0 - interval 5
> DHCPDISCOVER on re0 - interval 13
> DHCPDISCOVER on re0 - interval 19
> DHCPDISCOVER on re0 - interval 13
> DHCPDISCOVER on re0 - interval 8
> No acceptable DHCPOFFERS received.
> No working leases in persistent database - sleeping.
> Could not determine next-server.
> Could not determine auto mode.
> Response file location?
> 
> With additional work I may be able to switch around network
> configurations to support a native VLAN (and then reconfigure
> post-install) but this isn't ideal. Is it feasible for the autoinstall
> support to handle the same VLAN features for booting as is available
> later in the installation for network configuration?
> 
>   Which network interface do you wish to configure = vlan0
>   Which interface:tag should vlan0 be on = re0:100
>   IPv4 address for vlan0 = 10.0.1.1
>   Netmask for vlan0 = 255.255.255.0
> 
> -- 
> Darren Spruell
> phatbuck...@gmail.com

You can put the response file into the bsd.rd as /auto_upgrade.conf or
/auto_install.conf. This way you can avoid the fetching of the response file.

https://marc.info/?l=openbsd-misc=141552533922277=2

Re: [DIFF] New Year's calendar

2016-01-04 Thread Jason McIntyre 
On Mon, Jan 04, 2016 at 06:40:13PM +, Mark Carroll wrote:
> On 04 Jan 2016, Jason McIntyre wrote:
> 
> > traditionally the 2nd was described as a bank holiday. now banks are
> > open on this day. some businesses shut.
> 
> It still is a bank holiday, see
> https://www.gov.uk/bank-holidays#scotland
> 
> Neither my Dundee employer nor my bank (Clydesdale) were open for it.
> 

well i did say it depends who you work for.

> > let's just leave it that for people on this calendar, 31st is hogmany
> > and the 1st is new year's day. days off are no longer inviolate/
> 
> The calendar does list others though, like St Andrew's Day.
> 
> -- Mark
> 

yes, fair point.

since the extra day is already listed (albeit on the wrong day) i guess
craig's diff is probably ok for the first hunk. i don;t really like it
though - it looks as if we celebrate new year's day on the second, not
the first. it is a holiday for some, but calendar is not so much
concerned about designated days off (please no one mail me exceptions).

i'd rather just zap it to be honest.

jmc

Re: [DIFF] New Year's calendar

2016-01-04 Thread Raf Czlonka 
On Mon, Jan 04, 2016 at 06:11:58PM GMT, Jason McIntyre wrote:
> On Mon, Jan 04, 2016 at 03:46:53PM +, Craig Skinner wrote:
> > Happy Hogmanay/New Year!
> > 
> > Scotland & New Zealand have an additional New Year's celebrations
> > hangover recovery public holiday.
> > 
> > In Scotland, Hogmanay is THE most significant winter festival, with
> > internationally popular street parties of 400,000 people dancing.
> > 
> > (Xmas was banned in Scotland for over 400 years, until recently.)
> > 
> 
> i diasgree with this. it's true some of us in scotland get the 2nd off,
> but i'm not sure it's helpful to describe the 2nd as a new year's
> festival.
> 
> really we have hogmany and new year's day. depending on your job, you'll
> get some combination of these off. i worked 31/1 and had the second off.
> lots of people have two weeks...
> 
> traditionally the 2nd was described as a bank holiday. now banks are
> open on this day. some businesses shut.
> 
> let's just leave it that for people on this calendar, 31st is hogmany
> and the 1st is new year's day. days off are no longer inviolate/
> 
> jmc
> 
> ps xmas banned in scotland till recently: how old are you exactly, craig ;)
> 
> > 
> > Index: calendar.holiday
> > ===
> > RCS file: /cvs/src/usr.bin/calendar/calendars/calendar.holiday,v
> > retrieving revision 1.32
> > diff -u -p -r1.32 calendar.holiday
> > --- calendar.holiday12 Oct 2015 06:33:21 -  1.32
> > +++ calendar.holiday4 Jan 2016 15:44:21 -
> > @@ -12,7 +12,7 @@
> >  01/01  Universal Fraternity Day in Mozambique
> >  01/02  Ancestry Day in Haiti
> >  01/02  St. Berchtold's Day in Switzerland
> > -01/03  New Year's Holiday in Scotland
> > +01/02  New Year's Holiday in Scotland and New Zealand
> >  01/03  Revolution Day in Upper Volta
> >  01/04  Independence Day in Burma
> >  01/04  Martyrs Day in Zaire
> > @@ -580,5 +580,6 @@
> >  12/29  His Majesty, the King's Birthday in Nepal
> >  12/30  Anniversary of the Democratic Republic of Madagascar in 
> > Madagascar
> >  12/31  Proclamation of the Republic in Congo
> > +12/31  Hogmanay - 3 day year transition festival in Scotland
> >  
> >  #endif /* !_calendar_holiday_ */
> > 
> > 
> > -- 
> > http://www.Scotland.org/features/hogmanay-top-facts/
> > http://www.RampantScotland.com/know/blknow12.htm
> > http://www.EdinburghsHogmanay.com/
> > http://www.EdinburghFestivalCity.com/festivals/edinburghs-hogmanay
> > http://en.wikipedia.org/wiki/Hogmanay

Hi all,

However you call it, the fact is the date seems to be wrong (unless
we're talking about some other holiday) - 2nd January bank holiday is,
as the name suggests, on the 2nd of January[0]. Unless, of course, the
calendar should show the date when the holiday is celebrated, rather
than when it occurs - i.e. 2nd January bank holiday in Scotland is in
fact today (4th January), a substitute day.

Regards,

Raf

[0] https://www.gov.uk/bank-holidays#scotland

Re: Newbie question: Proxy for appearing in Sweden for on demand streaming?

2016-01-04 Thread Christoph R. Murauer 
> Hi all!
>
> My mom lives in Sweden but spends loads of time in Spain. She likes
> the
> public service online TV streaming service, which cannot be watched
> abroad
> for various reasons. I thought I'd try to setup a proxy of some sort
> that
> she could turn her iPad to, and appear as if in Sweden while in fact
> in
> Spain. I live in Sweden and have a 5.8-stable box handy.
>
> How would I do that? Can relayd help here? What do I need in terms of
> network setup etc?
>
> Any pointers would be appreciated (except flames).
>
> Happy new year!
> Andreas
>
>

Hello !

Keep in mind, that it is not legal in the EU to bypass geolocation
limitations (but, that is your problem). Basically to your question
(you don't write something about your internet connection in Sweden
and, the internet connection in spain), you need in Sweden a public
IP. Setup on your box in Sweden a VPN server and connect from the iPad
using one of the VPN clients out there ... or, pay a commercial VPN
provider.

Re: High interrupt load using 5.8 Release GENERIC i386 on Acer Aspire 3630 laptop

2016-01-04 Thread Sonic 
No clue if it's related but I recently built a new firewall with a
Supermicro SYS-5018A-MLTN4 and see an unusually high interrupt load
(none of my other systems have exhibited this issue).

load averages:  0.08,  0.12,  0.10
   firewall.example.com 14:59:42
38 processes: 37 idle, 1 on processor
   up 22 days,  1:30
CPU0 states:  0.0% user,  0.0% nice,  0.4% system, 61.1% interrupt, 38.5% idle
CPU1 states:  0.0% user,  0.0% nice,  0.0% system,  0.0% interrupt,  100% idle
CPU2 states:  0.0% user,  0.0% nice,  0.0% system,  0.0% interrupt,  100% idle
CPU3 states:  0.0% user,  0.0% nice,  0.0% system,  0.0% interrupt,  100% idle
Memory: Real: 66M/467M act/tot Free: 15G Cache: 295M Swap: 0K/11G

OpenBSD 5.8-current (GENERIC.MP) #0: Sat Dec 12 18:43:09 EST 2015
   r...@firewall.example.com:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 17148784640 (16354MB)
avail mem = 16624930816 (15854MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0x7f4ce000 (57 entries)
bios0: vendor American Megatrends Inc. version "1.2a" date 04/14/2015
bios0: Supermicro A1SAM-2550F
acpi0 at bios0: rev 2
acpi0: sleep states S0 S5
acpi0: tables DSDT FACP FPDT SPMI MCFG WDAT UEFI APIC BDAT HPET SSDT
HEST BERT ERST EINJ
acpi0: wakeup devices PEX1(S0) PEX2(S0) PEX3(S0) PEX4(S0) EHC1(S0)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) CPU C2550 @ 2.40GHz, 2400.44 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL
,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP
,ERMS,SENSOR,ARAT
cpu0: 1MB 64b/line 16-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 100MHz
cpu0: mwait min=64, max=64, C-substates=0.2.0.0.0.0.3, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Atom(TM) CPU C2550 @ 2.40GHz, 2400.01 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL
,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP
,ERMS,SENSOR,ARAT
cpu1: 1MB 64b/line 16-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Atom(TM) CPU C2550 @ 2.40GHz, 2400.01 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL
,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP
,ERMS,SENSOR,ARAT
cpu2: 1MB 64b/line 16-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Atom(TM) CPU C2550 @ 2.40GHz, 2400.01 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL
,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP
,ERMS,SENSOR,ARAT
cpu3: 1MB 64b/line 16-way L2 cache
cpu3: smt 0, core 3, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (PEX1)
acpiprt2 at acpi0: bus 2 (BR18)
acpiprt3 at acpi0: bus 3 (PEX2)
acpiprt4 at acpi0: bus -1 (BR1A)
acpiprt5 at acpi0: bus 4 (PEX3)
acpiprt6 at acpi0: bus -1 (PEX4)
acpicpu0 at acpi0: C2(350@41 mwait.3@0x51), C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: C2(350@41 mwait.3@0x51), C1(1000@1 mwait.1), PSS
acpicpu2 at acpi0: C2(350@41 mwait.3@0x51), C1(1000@1 mwait.1), PSS
acpicpu3 at acpi0: C2(350@41 mwait.3@0x51), C1(1000@1 mwait.1), PSS
ipmi at mainbus0 not configured
cpu0: Enhanced SpeedStep 2400 MHz: speeds: 2401, 2400, 2300, 2200,
2100, 2000, 1900, 1800, 1700, 1600, 1500, 1400, 1300, 1200 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Atom C2000 Host" rev 0x02
ppb0 at pci0 dev 1 function 0 "Intel Atom C2000 PCIE" rev 0x02: msi
pci1 at ppb0 bus 1
ppb1 at pci1 dev 0 function 0 "ASPEED Technology AST1150 PCI" rev 0x03
pci2 at ppb1 bus 2
vga1 at pci2 dev 0 function 0 "ASPEED Technology AST2000" rev 0x30
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb2 at pci0 dev 2 function 0 "Intel Atom C2000 PCIE" rev 0x02: msi
pci3 at ppb2 bus 3
ppb3 at pci0 dev 3 function 0 "Intel Atom C2000 PCIE" rev 0x02: msi
pci4 at ppb3 bus 4
pchb1 at pci0 dev 14 function 0 "Intel Atom C2000 RAS" rev 0x02
"Intel Atom

Newbie question: Proxy for appearing in Sweden for on demand streaming?

2016-01-04 Thread Andreas Thulin 
Hi all!

My mom lives in Sweden but spends loads of time in Spain. She likes the
public service online TV streaming service, which cannot be watched abroad
for various reasons. I thought I'd try to setup a proxy of some sort that
she could turn her iPad to, and appear as if in Sweden while in fact in
Spain. I live in Sweden and have a 5.8-stable box handy.

How would I do that? Can relayd help here? What do I need in terms of
network setup etc?

Any pointers would be appreciated (except flames).

Happy new year!
Andreas

Re: Newbie question: Proxy for appearing in Sweden for on demand streaming?

2016-01-04 Thread torsten 
Hi all!

My mom lives in Sweden but spends loads of time in Spain. She likes the
public service online TV streaming service, which cannot be watched abroad
for various reasons. I thought I'd try to setup a proxy of some sort that
she could turn her iPad to, and appear as if in Sweden while in fact in
Spain. I live in Sweden and have a 5.8-stable box handy.

How would I do that? Can relayd help here? What do I need in terms of
network setup etc?

Any pointers would be appreciated (except flames).

Happy new year!
Andreas

Hi Andreas
I have the same problem while going abroad a lot for work and sometimes with
the kids who a hooked on CBBC
and I've setup dynDNS and PPTP/sslVPN. It's easy to use from ipads and
windoze /other mac clients.
I found PPTP give the leased problems and CPU overheads on both ends while
ignoring the flaws in encryption.

Regards
Torsten

Re: if I were to make a pkg-add diff

2016-01-04 Thread Kamil Cholewiński 
On Mon, 04 Jan 2016, Janne Johansson  wrote:
> What you meant was thousands of users sending handful of pings across
> the world to a lot of the mirrors each time they (re)restart pkg_add?

http://packages.debian.org/unstable/net/netselect-apt
http://http.debian.net/

Re: if I were to make a pkg-add diff

2016-01-04 Thread Luke Small 
I am realistically thinking more along the lines of less than once a
release cycle. More like whenever it comes upon a user that their mirror of
choice chooses to no longer be a mirror. I had that happen to me. It would
be convenient to have a program that can easily compare mirror latencies
and download speeds. I was hoping that maybe pkg_add could be modified to
have a timeout and accept input from the program I am making if that
occurs, or there is no mirror setup for the machine. If it is implemented,
more generous bandwidth and lesser burdened mirrors would have more
equitably distributed traffic.

> What you meant was thousands of users sending handful of pings across the
world to a lot of the mirrors each time they (re)restart pkg_add?

Re: if I were to make a pkg-add diff

2016-01-04 Thread Luke Small 
Miniroot isn't available after install is it? I suspect mirrors choose to
change mid-cycle too and should a user have to put in the install disk to
find a more convenient mirror selection method? I want to be able to offer
statistics about the mirrors maybe piped to 'more', so the user can choose
from a small subset of the total choices. Maybe the closest local mirror
isn't the best choice. And do it in a way that doesn't introduce new
unaudited networking code, beyond inter-thread plaintext character pipes.
On Jan 4, 2016 04:11, "Peter Hessler"  wrote:

> All of the functionality you are requesting is already provided.
>
> look at finish_up() in src/distrib/miniroot/install.sub.
>
> There is no reason at all to modify pkg_add.  Just setup /etc/pkg.conf.
>
>
> On 2016 Jan 04 (Mon) at 04:02:07 -0600 (-0600), Luke Small wrote:
> :I am realistically thinking more along the lines of less than once a
> :release cycle. More like whenever it comes upon a user that their mirror
> of
> :choice chooses to no longer be a mirror. I had that happen to me. It would
> :be convenient to have a program that can easily compare mirror latencies
> :and download speeds. I was hoping that maybe pkg_add could be modified to
> :have a timeout and accept input from the program I am making if that
> :occurs, or there is no mirror setup for the machine. If it is implemented,
> :more generous bandwidth and lesser burdened mirrors would have more
> :equitably distributed traffic.
> :
> :> What you meant was thousands of users sending handful of pings across
> the
> :world to a lot of the mirrors each time they (re)restart pkg_add?
> :
>
> --
> You can't underestimate the power of fear.
> -- Tricia Nixon

Re: if I were to make a pkg-add diff

2016-01-04 Thread Peter Hessler 
All of the functionality you are requesting is already provided.

look at finish_up() in src/distrib/miniroot/install.sub.

There is no reason at all to modify pkg_add.  Just setup /etc/pkg.conf.


On 2016 Jan 04 (Mon) at 04:02:07 -0600 (-0600), Luke Small wrote:
:I am realistically thinking more along the lines of less than once a
:release cycle. More like whenever it comes upon a user that their mirror of
:choice chooses to no longer be a mirror. I had that happen to me. It would
:be convenient to have a program that can easily compare mirror latencies
:and download speeds. I was hoping that maybe pkg_add could be modified to
:have a timeout and accept input from the program I am making if that
:occurs, or there is no mirror setup for the machine. If it is implemented,
:more generous bandwidth and lesser burdened mirrors would have more
:equitably distributed traffic.
:
:> What you meant was thousands of users sending handful of pings across the
:world to a lot of the mirrors each time they (re)restart pkg_add?
:

-- 
You can't underestimate the power of fear.
-- Tricia Nixon

Re: if I were to make a pkg-add diff

2016-01-04 Thread Stuart Henderson 
On 2016-01-04, Luke Small  wrote:
> What I meant is, if a program sends a handful of pings to each mirror,
> would it think it is being spammed and shutdown any further connections. I
> didn't mean to say that I want to connect the pkg_ping program to a of
> anchor. I tried an initial localhost pinging,  pkg_ping program in
> virtualbox using 32 MB RAM and it worked; while it froze trying to open
> pico in the console. It wouldn't need to use much resources and would use
> kqueue, which isn't available in any other language other than C, in the
> base as far as I'm aware. I use kqueue to easily store a custom struct with
> the pipe() values, list pointers and such in *udata. It intermittently
> reads from pipes from all the spawned ping threads to conserve memory,
> reads the individual lantency output and stores the ping time value in a
> single linked list to be transferred to an array to be sorted by qsort so
> that the median value is determined by its position in the sorted array. It
> actually doesn't directly call any sockets or anything that hasn't been
> audited in the base it just reads individual characters from pipes until
> EOF so far.

ping doesn't tell you which is the best mirror. Some mirrors are on OS
which rate-limit icmp by default. Some might prioritise pings over real
traffic, or be overloaded and dropping packets rather than having high pings
(which you can't distinguish from the "rate-limited icmp" case). And, unless
you do some pre-selection (from a geolocation database or similar) to cut
the list down, you're going to generate useless traffic to mirrors around
the world, some of which have good regional bandwidth but very limited
international bandwidth and don't really want unrelated ping traffic from
someone who is never going to use that mirror anyway..

Re: if I were to make a pkg-add diff

2016-01-04 Thread Janne Johansson 
2016-01-04 4:22 GMT+01:00 Luke Small :

> What I meant is, if a program sends a handful of pings to each mirror,
> would it think it is being spammed and shutdown any further connections.
>
>
What you meant was thousands of users sending handful of pings across
the world to a lot of the mirrors each time they (re)restart pkg_add?


-- 
May the most significant bit of your life be positive.

Re: Xorg crash

2016-01-04 Thread Sébastien Morand 
I,

Solved the problem by creating a xorg.conf file with the following:

Section "Device"
Identifier  "Card0"
Driver  "intel"
BusID  "PCI:0:2:0"
EndSection

That's make me confortable to work, but when watching movie I can get some
trouble (black screen in mplayer) and then the display has issues for
instance no more writing in shell session and I got the following error
message in dmesg:

error: [drm:pid25803:intel_dp_set_idle_link_train] *ERROR* Timed out
waiting for DP idle patterns

Thanks and Happy new year and best wished to all the OpenBSD community.
Regards,
Sebastien


On Thu, Dec 31, 2015 at 1:35 PM, Sébastien Morand 
wrote:

> I everybody,
>
> Xorg does not crash anymore for a few weeks, but I'm back in VESA mode for
> Intel 5500 HD (which is quite slow) when the intel driver was fully
> functionnal in october/november in the snapshots version.
>
> Anything I missed?
>
> dmesg and Xorg.0.log beelow:
>
> Dmesg:
> ED,ADX,SMAP,PT,SENSOR,ARAT
> cpu0: 256KB 64b/line 8-way L2 cache
> cpu0: smt 0, core 0, package 0
> mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
> cpu0: apic clock running at 99MHz
> cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
> cpu1 at mainbus0: apid 1 (application processor)
> cpu1: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz, 798.15 MHz
> cpu1:
>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX
,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEA
DLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FS
GSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,SENSOR,ARAT
> cpu1: 256KB 64b/line 8-way L2 cache
> cpu1: smt 1, core 0, package 0
> cpu2 at mainbus0: apid 2 (application processor)
> cpu2: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz, 798.15 MHz
> cpu2:
>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX
,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEA
DLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FS
GSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,SENSOR,ARAT
> cpu2: 256KB 64b/line 8-way L2 cache
> cpu2: smt 0, core 1, package 0
> cpu3 at mainbus0: apid 3 (application processor)
> cpu3: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz, 798.15 MHz
> cpu3:
>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX
,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEA
DLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FS
GSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,SENSOR,ARAT
> cpu3: 256KB 64b/line 8-way L2 cache
> cpu3: smt 1, core 1, package 0
> ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins
> acpimcfg0 at acpi0 addr 0xf800, bus 0-63
> acpiprt0 at acpi0: bus 0 (PCI0)
> acpiprt1 at acpi0: bus 5 (PEG_)
> acpiprt2 at acpi0: bus 2 (EXP1)
> acpiprt3 at acpi0: bus 4 (EXP3)
> acpiprt4 at acpi0: bus 6 (EXP6)
> acpicpu0 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148 mwait.1@0x33),
> C1(1000@1 mwait.1), PSS
> acpicpu1 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148 mwait.1@0x33),
> C1(1000@1 mwait.1), PSS
> acpicpu2 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148 mwait.1@0x33),
> C1(1000@1 mwait.1), PSS
> acpicpu3 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148 mwait.1@0x33),
> C1(1000@1 mwait.1), PSS
> acpipwrres0 at acpi0: PUBS, resource for XHCI, EHC1
> acpipwrres1 at acpi0: AMD3, resource for PEG_
> acpipwrres2 at acpi0: AMD2, resource for PEG_
> acpitz0 at acpi0: critical temperature is 127 degC
> acpibtn0 at acpi0: LID_
> acpibat0 at acpi0: BAT0 model "LNV-45N1" serial  2079 type LION oem "SANYO"
> acpiac0 at acpi0: AC unit offline
> acpithinkpad0 at acpi0
> cpu0: Enhanced SpeedStep 798 MHz: speeds: 2401, 2400, 2300, 2100, 2000,
> 1900, 1700, 1600, 1400, 1300, 1200, 1000, 900, 800, 600, 500 MHz
> pci0 at mainbus0 bus 0
> pchb0 at pci0 dev 0 function 0 "Intel Core 5G Host" rev 0x09
> inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics 5500" rev 0x09
> drm0 at inteldrm0
> inteldrm0: msi
> inteldrm0: 1920x1080
> wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
> wsdisplay0: screen 1-5 added (std, vt100 emulation)
> azalia0 at pci0 dev 3 function 0 "Intel Core 5G HD Audio" rev 0x09: msi
> xhci0 at pci0 dev 20 function 0 "Intel 9 Series xHCI" rev 0x03: msi
> usb0 at xhci0: USB revision 3.0
> uhub0 at usb0 "Intel xHCI root hub" rev 3.00/1.00 addr 1
> "Intel 9 Series MEI" rev 0x03 at pci0 dev 22 function 0 not configured
> em0 at pci0 dev 25 function 0 "Intel I218-V" rev 0x03: msi, address
> 68:f7:28:a8:09:7c
> azalia1 at pci0 dev 27 function 0 "Intel 9 Series HD Audio" rev 0x03: msi
> azalia1: codecs: Conexant/0x510f
>

Re: Newbie question: Proxy for appearing in Sweden for on demand streaming?

2016-01-04 Thread Pedro Tender 
I would suggest a VPN. See which protocols or clients are available in the
iPad and work for that.
On Jan 4, 2016 20:15, "Andreas Thulin"  wrote:

> Hi all!
>
> My mom lives in Sweden but spends loads of time in Spain. She likes the
> public service online TV streaming service, which cannot be watched abroad
> for various reasons. I thought I'd try to setup a proxy of some sort that
> she could turn her iPad to, and appear as if in Sweden while in fact in
> Spain. I live in Sweden and have a 5.8-stable box handy.
>
> How would I do that? Can relayd help here? What do I need in terms of
> network setup etc?
>
> Any pointers would be appreciated (except flames).
>
> Happy new year!
> Andreas

Re: segfault with stripped lib, works fine when non-stripped

2016-01-04 Thread Joel Rees 
On Tue, Jan 5, 2016 at 6:54 AM, Jeremie Le Hen  wrote:
> Hi,
>
> Yeah... when you read that subject you probably had this weird gaze ô_Ò
> like I did when I came to that conclusion.

Theo will probably get after me for responding when I don't know what
I'm talking about, and I don't have specific experience with this
package, but it's not unusual, in general.

Stripping symbols can reveal lots of things where prorammers have cut
corners or just made mistakes -- pointer issues are especially
prominent but not the only problems. However, in this case, I'm
guessing it would probably not be pointer issues so much as something
like allocation class issues that are hidden when the symbols are left
in, but exposed when the symbols are stripped.

That said, you may not want to think too hard about that just yet.

> I've been experiencing segfaults in milter-greylist on one of my MX
> running OpenBSD for a while.  I contacted Stuart (cc'ed) about 6 months
> ago about this, but gave up because I couldn't manage to compile
> everything with the debugging symbols.  This time after much struggle to
> compile the ports chain with them, I finally managed to run
> milter-greylist in gdb(1) with the hope to witness the live crash and
> get a detailed stacktrace...
>
> Except that even after tinkling Postfix, it never happened.  This simply
> worked fine.  So after some more tinkering I came to the following
> conclusion: if I run strip(1) on /usr/local/lib/libbind/libbind.so.5.0
> to remove the debugging symbols, then it will crash with the stacktrace
> below.
>
> Has anyone of you seen such a behavior in the past?
>
> #0  0x1cc53e386d40 in memcpy (dst0=0x1cc5c48b7000, src0=Variable "src0"
is not available.

Do you have any idea why "src0" isn't available here?

That might be a good place to start.

> ) at /usr/src/lib/libc/string/memcpy.c:94
> #1  0x1cc4f4d496d8 in __res_vinit () from
/usr/local/lib/libbind/libbind.so.5.0
> #2  0x1cc4f4d48bda in __res_ninit () from
/usr/local/lib/libbind/libbind.so.5.0
> #3  0x1cc50b181905 in SPF_dns_resolv_lookup
(spf_dns_server=0x1cc5c48ab780, domain=0x1cc55122c1d0 "mydomain.org",
rr_type=ns_t_spf, should_cache=1) at spf_dns_resolv.c:261
> #4  0x1cc50b180117 in SPF_dns_lookup (spf_dns_server=0x1cc5c48ab780,
domain=0x1cc55122c1d0 "mydomain.org", rr_type=ns_t_spf, should_cache=1) at
spf_dns.c:141
> #5  0x1cc50b180b16 in SPF_dns_cache_lookup
(spf_dns_server=0x1cc5c48abc80, domain=0x1cc55122c1d0 "mydomain.org",
rr_type=ns_t_spf, should_cache=1) at spf_dns_cache.c:408
> #6  0x1cc50b180117 in SPF_dns_lookup (spf_dns_server=0x1cc5c48abc80,
domain=0x1cc55122c1d0 "mydomain.org", rr_type=ns_t_spf, should_cache=1) at
spf_dns.c:141
> #7  0x1cc50b18e4e3 in SPF_server_get_record (spf_server=0x1cc5eb4154c0,
spf_request=0x1cc5c48aeb00, spf_response=0x1cc5eb41b400,
spf_recordp=0x1cc54f7c8700) at spf_server.c:351
> #8  0x1cc50b18c959 in SPF_request_query_mailfrom
(spf_request=0x1cc5c48aeb00, spf_responsep=0x1cc54f7c87a0) at
spf_request.c:291
> #9  0x1cc2ee1207ca in spf_check_internal (ad=0x1cc4f4c65948, as=AS_RCPT,
ap=0x1cc54f7c8cd0, priv=0x1cc5c48af000) at spf.c:388
> #10 0x1cc2ee120c17 in spf_check (ad=0x1cc4f4c65948, as=AS_RCPT,
ap=0x1cc54f7c8cd0, priv=0x1cc5c48af000) at spf.c:524
> #11 0x1cc2ee123a0d in acl_filter (stage=AS_RCPT, ctx=0x1cc5c48b2000,
priv=0x1cc5c48af000) at acl.c:1902
> #12 0x1cc2ee1069ae in real_envrcpt (ctx=0x1cc5c48b2000,
envrcpt=0x1cc5eb41c280) at milter-greylist.c:601
> #13 0x1cc2ee105de0 in mlfi_envrcpt (ctx=0x1cc5c48b2000,
envrcpt=0x1cc5eb41c280) at milter-greylist.c:213
> #14 0x1cc52bfaa46e in st_rcpt () from /usr/local/lib/libmilter.so.4.0
> #15 0x1cc52bfab557 in mi_engine () from /usr/local/lib/libmilter.so.4.0
> #16 0x1cc52bfaca10 in mi_handle_session () from
/usr/local/lib/libmilter.so.4.0
> #17 0x1cc52bfab7d9 in mi_thread_handle_wrapper () from
/usr/local/lib/libmilter.so.4.0
> #18 0x1cc5a247d90e in _rthread_start (v=Variable "v" is not available.
> ) at /usr/src/lib/librthread/rthread.c:145
> #19 0x1cc53e33649b in __tfork_thread () at
/usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:75
> #20 0x in ?? ()
>
>
> --
> Jeremie Le Hen
> j...@freebsd.org
>



--
Joel Rees

Be careful when you look at conspiracy.
Arm yourself with knowledge of yourself, as well:
http://reiisi.blogspot.jp/2011/10/conspiracy-theories.html

segfault with stripped lib, works fine when non-stripped

2016-01-04 Thread Jeremie Le Hen 
Hi,

Yeah... when you read that subject you probably had this weird gaze ô_Ò 
like I did when I came to that conclusion.

I've been experiencing segfaults in milter-greylist on one of my MX
running OpenBSD for a while.  I contacted Stuart (cc'ed) about 6 months
ago about this, but gave up because I couldn't manage to compile
everything with the debugging symbols.  This time after much struggle to
compile the ports chain with them, I finally managed to run
milter-greylist in gdb(1) with the hope to witness the live crash and
get a detailed stacktrace...

Except that even after tinkling Postfix, it never happened.  This simply 
worked fine.  So after some more tinkering I came to the following
conclusion: if I run strip(1) on /usr/local/lib/libbind/libbind.so.5.0
to remove the debugging symbols, then it will crash with the stacktrace
below.

Has anyone of you seen such a behavior in the past?

#0  0x1cc53e386d40 in memcpy (dst0=0x1cc5c48b7000, src0=Variable "src0" is 
not available.
) at /usr/src/lib/libc/string/memcpy.c:94
#1  0x1cc4f4d496d8 in __res_vinit () from 
/usr/local/lib/libbind/libbind.so.5.0
#2  0x1cc4f4d48bda in __res_ninit () from 
/usr/local/lib/libbind/libbind.so.5.0
#3  0x1cc50b181905 in SPF_dns_resolv_lookup (spf_dns_server=0x1cc5c48ab780, 
domain=0x1cc55122c1d0 "mydomain.org", rr_type=ns_t_spf, should_cache=1) at 
spf_dns_resolv.c:261
#4  0x1cc50b180117 in SPF_dns_lookup (spf_dns_server=0x1cc5c48ab780, 
domain=0x1cc55122c1d0 "mydomain.org", rr_type=ns_t_spf, should_cache=1) at 
spf_dns.c:141
#5  0x1cc50b180b16 in SPF_dns_cache_lookup (spf_dns_server=0x1cc5c48abc80, 
domain=0x1cc55122c1d0 "mydomain.org", rr_type=ns_t_spf, should_cache=1) at 
spf_dns_cache.c:408
#6  0x1cc50b180117 in SPF_dns_lookup (spf_dns_server=0x1cc5c48abc80, 
domain=0x1cc55122c1d0 "mydomain.org", rr_type=ns_t_spf, should_cache=1) at 
spf_dns.c:141
#7  0x1cc50b18e4e3 in SPF_server_get_record (spf_server=0x1cc5eb4154c0, 
spf_request=0x1cc5c48aeb00, spf_response=0x1cc5eb41b400, 
spf_recordp=0x1cc54f7c8700) at spf_server.c:351
#8  0x1cc50b18c959 in SPF_request_query_mailfrom 
(spf_request=0x1cc5c48aeb00, spf_responsep=0x1cc54f7c87a0) at spf_request.c:291
#9  0x1cc2ee1207ca in spf_check_internal (ad=0x1cc4f4c65948, as=AS_RCPT, 
ap=0x1cc54f7c8cd0, priv=0x1cc5c48af000) at spf.c:388
#10 0x1cc2ee120c17 in spf_check (ad=0x1cc4f4c65948, as=AS_RCPT, 
ap=0x1cc54f7c8cd0, priv=0x1cc5c48af000) at spf.c:524
#11 0x1cc2ee123a0d in acl_filter (stage=AS_RCPT, ctx=0x1cc5c48b2000, 
priv=0x1cc5c48af000) at acl.c:1902
#12 0x1cc2ee1069ae in real_envrcpt (ctx=0x1cc5c48b2000, 
envrcpt=0x1cc5eb41c280) at milter-greylist.c:601
#13 0x1cc2ee105de0 in mlfi_envrcpt (ctx=0x1cc5c48b2000, 
envrcpt=0x1cc5eb41c280) at milter-greylist.c:213
#14 0x1cc52bfaa46e in st_rcpt () from /usr/local/lib/libmilter.so.4.0
#15 0x1cc52bfab557 in mi_engine () from /usr/local/lib/libmilter.so.4.0
#16 0x1cc52bfaca10 in mi_handle_session () from 
/usr/local/lib/libmilter.so.4.0
#17 0x1cc52bfab7d9 in mi_thread_handle_wrapper () from 
/usr/local/lib/libmilter.so.4.0
#18 0x1cc5a247d90e in _rthread_start (v=Variable "v" is not available.
) at /usr/src/lib/librthread/rthread.c:145
#19 0x1cc53e33649b in __tfork_thread () at 
/usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:75
#20 0x in ?? ()


-- 
Jeremie Le Hen
j...@freebsd.org

Leftover formatted man pages

2016-01-04 Thread Brendan Shanks 
Starting with OpenBSD 5.0, formatted man pages (/usr/share/man/catX) were no
longer installed (as mentioned at
http://permalink.gmane.org/gmane.os.openbsd.misc/189931).
However, the upgrade instructions never said to remove them, and the default
man.conf still searches the cat directories.

My (i386) system started with 4.9 initially, and I have updated through every
release up to 5.8. My system still has these out-of-date formatted pages
installed, including pages that have long been deleted:

$ man -w ccdconfig rtsol
/usr/share/man/cat8/ccdconfig.0
/usr/share/man/cat8/rtsol.0

Did I miss a step in the upgrade instructions where these were removed?
Is there any reason not to just 'rm -rf /usr/share/man/cat*’? And also ‘rm
-rf /usr/share/man/ps*’, those directories are all empty for me.

Brendan Shanks

Re: System hangs at setting tty flags

2016-01-04 Thread Mik J 
Hello,
I might have found the problem from my previous post.
In the dmesg I had thisinteldrm0 at vga1
drm0 at inteldrm0
error: [drm:pid0:i915_write32] *ERROR* Unknown unclaimed register before
writing to 10
inteldrm0: 1280x720


I could hardly boot my system before but since I have disabled drm0 in the
kernel, it seems to boot without any problem (I tried 3 reboots)


Le Lundi 28 décembre 2015 23h15, Mik J  a écrit :



 Hello,
I just did a fresh install with OpenBSD 5.8 and an ASUS motherboard Z97-P
The installation went fine but then from the first boot it hangs at "setting
tty flags" this is just after the partitions are fsck'edI searched on search
engines and found that people running Openbsd as a VM disable the mpbios
I did that but no luck, I'm not using Openbsd as a VM, it's running on a
physical hardware.
Do you have any idea on how to debug this situation ?
Thanks

Trouble with Courier-authlib - won't connect to MySQL/MariaDB (X-post to misc from ports)

2016-01-04 Thread Implausibility 
Hi.

I'm rather new to OpenBSD, but I've hit a wall while doing a 'dry-run' to work
out the bugs (and get familiar with OpenBSD) and build a new mail server on
OpenBSD with Postfix, MySQL/MariaDB, and Courier-authlib.  Any assistance
would be greatly appreciated.

I've been following this tutorial, and while dated, I've found it closely
matches the features I want in a mail server:
http://www.kernel-panic.it/openbsd/mail/

This is OpenBSD 5.8 on i386 in a VMware partition.

In short, I can't seem to authenticate through Courier-authlib.  The messages
I get consistently are:

Jan  2 19:31:18 mail pop3d-ssl: LOGIN FAILED, user=open...@hottub.ca,
ip=[:::10.0.1.162]
Jan  2 19:31:18 mail pop3d-ssl: authentication error: Input/output error
Jan  2 19:31:18 mail authdaemond: stopping authdaemond children
Jan  2 19:31:18 mail authdaemond: restarting authdaemond children
Jan  2 19:31:18 mail authdaemond: modules="authmysql", daemons=10
Jan  2 19:31:18 mail authdaemond: Uninstalling authmysql
Jan  2 19:31:18 mail authdaemond: Installing libauthmysql
Jan  2 19:31:18 mail authdaemond: Installation complete: authmysql

My best guess is that authdaemond can't connect to MySQL/MariaDB, despite the
fact that I've triple-checked the configuration files, tested the connectivity
from the command line, etc.  I found one article that documented similar
output, but I'm not advanced enough to recompile the entire build tree (it ran
for an hour, errored out, and didn't want to head down that bottomless hole).

My second guess relates to the fact that I'm storing the passwords as MD5
hashes in the database table, but that it's expecting something else.

Here's the article:
https://serverfault.com/questions/638245/courier-imap-pop3d-auth-over-mysql

So, I'm going to try and add as much detail as I can think of:

Here are the running processes:

# Courier
root  8986  0.0  0.1   252   716 ??  I  3:56PM0:00.00
/usr/local/sbin/courierlogger -pid=/var/run/courier/pop3d.pid -start
-name=pop3d /usr/local/libexec/couriertcpd -address=0 -maxprocs=40 -maxperip=4
-nodnslookup -noidentlookup 110 /usr/local/sbin/pop3login /usr/local/bin/pop3d
Maildir
root 27307  0.0  0.1   348  1140 ??  I  3:56PM0:00.01
/usr/local/libexec/couriertcpd -address=0 -maxprocs=40 -maxperip=4
-nodnslookup -noidentlookup 110 /usr/local/sbin/pop3login /usr/local/bin/pop3d
Maildir
root 23006  0.0  0.3   428  2784 ??  I  6:06PM0:00.54
/usr/local/libexec/courier-authlib/authdaemond
root 31281  0.0  0.1   384   868 ??  I  6:06PM0:00.01
/usr/local/sbin/courierlogger -pid=/var/run/courier-auth/pid -start
/usr/local/libexec/courier-authlib/authdaemond
root 14519  0.0  0.1   388   860 ??  I  6:06PM0:00.01
/usr/local/sbin/courierlogger -pid=/var/run/courier/pop3d-ssl.pid -start
-name=pop3d-ssl /usr/local/libexec/couriertcpd -address=0 -maxprocs=40
-maxperip=4 -nodnslookup -noidentlookup 995 /usr/local/bin/couriertls -server
-tcpd /usr/local/sbin/pop3login /usr/local/bin/pop3d Maildir
root 18844  0.0  0.1   336  1160 ??  I  6:06PM0:00.03
/usr/local/libexec/couriertcpd -address=0 -maxprocs=40 -maxperip=4
-nodnslookup -noidentlookup 995 /usr/local/bin/couriertls -server -tcpd
/usr/local/sbin/pop3login /usr/local/bin/pop3d Maildir
root 10725  0.0  0.0   428   324 ??  I  7:37PM0:00.01
/usr/local/libexec/courier-authlib/authdaemond
root 27621  0.0  0.0   428   324 ??  I  7:37PM0:00.01
/usr/local/libexec/courier-authlib/authdaemond
root  5037  0.0  0.0   428   324 ??  I  7:37PM0:00.01
/usr/local/libexec/courier-authlib/authdaemond
root  1429  0.0  0.0   428   324 ??  I  7:37PM0:00.01
/usr/local/libexec/courier-authlib/authdaemond
root 21358  0.0  0.0   428   324 ??  I  7:37PM0:00.01
/usr/local/libexec/courier-authlib/authdaemond
root 25048  0.0  0.0   428   324 ??  I  7:37PM0:00.01
/usr/local/libexec/courier-authlib/authdaemond
root 26293  0.0  0.0   428   324 ??  I  7:37PM0:00.01
/usr/local/libexec/courier-authlib/authdaemond
root 24357  0.0  0.0   428   324 ??  I  7:37PM0:00.01
/usr/local/libexec/courier-authlib/authdaemond
root  3976  0.0  0.0   428   324 ??  I  7:37PM0:00.00
/usr/local/libexec/courier-authlib/authdaemond
root 32228  0.0  0.0   428   324 ??  I  7:37PM0:00.00
/usr/local/libexec/courier-authlib/authdaemond

#MySQL/MariaDB
root  2410  0.0  0.1   688   728 00- I  3:44PM0:00.04 /bin/sh
/usr/local/bin/mysqld_safe
_mysql   24080  0.0  4.6 326968 48612 00- I  3:44PM0:03.94
/usr/local/libexec/mysqld --basedir=/usr/local --datadir=/var/mysql
--plugin-dir=/usr/local/lib/mysql/plugin --user=_mysql
--log-error=/var/mysql/mail.hottub.ca.err --pid-file=mail.hottub.ca.pid
--socket=/var/run/mysql/mysql.sock --port=3306

#Postfix
root 30588  0.0  0.2   744  2128 ??  Is 3:44PM0:00.15
/usr/local/libexec/postfix/master -w


There are the relevant courier config

Re: segfault with stripped lib, works fine when non-stripped

2016-01-04 Thread Gregor Best 
Hi Jeremie,

On Mon, Jan 04, 2016 at 10:54:24PM +0100, Jeremie Le Hen wrote:
> [...]
> Has anyone of you seen such a behavior in the past?
> [...]

Haven't seen something like that but my next step would be to build it
with CFLAGS="-g -O0" and without stripping for maximum debuggability and
run it in valgrind to see if there are weird memory access patterns.

-- 
Gregor

Re: Leftover formatted man pages

2016-01-04 Thread Ingo Schwarze 
Hi Brendan,

Brendan Shanks wrote on Mon, Jan 04, 2016 at 04:16:14PM -0800:

> Starting with OpenBSD 5.0, formatted man pages (/usr/share/man/catX)
> were no longer installed (as mentioned at
> http://permalink.gmane.org/gmane.os.openbsd.misc/189931).
> However, the upgrade instructions never said to remove them, and the
> default man.conf still searches the cat directories.
> 
> My (i386) system started with 4.9 initially, and I have updated through
> every release up to 5.8. My system still has these out-of-date formatted
> pages installed, including pages that have long been deleted:
> 
> $ man -w ccdconfig rtsol
> /usr/share/man/cat8/ccdconfig.0
> /usr/share/man/cat8/rtsol.0
> 
> Did I miss a step in the upgrade instructions where these were removed?

No.  The upgrade instructions are carefully prepared to remind you to
delete stuff that is likely to get in the way.  Sometimes, they also
suggest to delete stuff that becomes useless even it it isn't harmful.
But there is no effort to make an upgraded system identical to a freshly
installed one.  So harmless stuff is often left behind.

> Is there any reason not to just 'rm -rf /usr/share/man/cat*'

No, deleting them seems reasonable to me.  I did that on my
systems long ago.

> And also 'rm -rf /usr/share/man/ps*', those directories are all
> empty for me.

Nothing wrong with that, either.  Populating these directories
was always optional and is no longer supported.  If you want to
read a manual in PostScript format, you can simply say

  $ man -Tps ls | gv -

nowadays.

Yours,
  Ingo

Installing RackTables

2016-01-04 Thread Jordon 
I’ve been trying to get RackTables running and my lack of web server
experience is not making this easy.

I started with a fresh install of 5.8 and added the racktables package.  I
then copy/pasted the ‘ln’ commands that were shown after the package
install.

At this point, the packages are installed but nothing works - I think I need
to get httpd running.  I found some basic httpd.conf examples and enabled
httpd in rc.conf.local (httpd_flags=“”) and got it to the point where it
would serve a .html file from /var/www/htdocs, so I think that is good.

Next, I think I need to get php working.  This is where I get stuck.  An email
posted here last month mentioned getting php_fpm running, but that package is
not installed on my machine.  If that is a requirement for racktables,
shouldn't pkg_add install it?

I did some searching for getting php running on httpd in openbsd and found a
lot of info on apache and nginx, but not much on the new httpd.

Am I on the right track?  Is there some obvious documentation I am missing or
is there a lot of assumed knowledge that I simply do not have?

Jordon

ftp-proxy man page out of date?

2016-01-04 Thread Harald Dunkel 
Hi folks,

Would it be possible to update ftp-proxy(8) wrt "divert-to"?
I had the impression that rdr-to is out of date in this
context; see http://www.openbsd.org/faq/upgrade50.html.

Thanx very much. Best season's greetings
Harri

Re: segfault with stripped lib, works fine when non-stripped

2016-01-04 Thread Stuart Henderson 
On 2016-01-04, Jeremie Le Hen  wrote:
> Hi,
>
> Yeah... when you read that subject you probably had this weird gaze ô_Ò 
> like I did when I came to that conclusion.
>
> I've been experiencing segfaults in milter-greylist on one of my MX
> running OpenBSD for a while.  I contacted Stuart (cc'ed) about 6 months
> ago about this, but gave up because I couldn't manage to compile
> everything with the debugging symbols.  This time after much struggle to
> compile the ports chain with them, I finally managed to run
> milter-greylist in gdb(1) with the hope to witness the live crash and
> get a detailed stacktrace...
>
> Except that even after tinkling Postfix, it never happened.  This simply 
> worked fine.  So after some more tinkering I came to the following
> conclusion: if I run strip(1) on /usr/local/lib/libbind/libbind.so.5.0
> to remove the debugging symbols, then it will crash with the stacktrace
> below.

libbind in the package isn't stripped either, it's just that it isn't built
with debug symbols. So I'm not sure what's going on there.

Note for anyone else looking: this is all rather dirty because there are
conflicts between symbols in libc and libbind. It works well enough for net/mtr
and for the test program spf_example in libspf2's distribution, but I suspect
using it as a milter in the address space of an MTA that's using the libc
resolver is pushing our luck too far.


> #0  0x1cc53e386d40 in memcpy (dst0=0x1cc5c48b7000, src0=Variable "src0" 
> is not available.
> ) at /usr/src/lib/libc/string/memcpy.c:94
> #1  0x1cc4f4d496d8 in __res_vinit () from 
> /usr/local/lib/libbind/libbind.so.5.0
> #2  0x1cc4f4d48bda in __res_ninit () from 
> /usr/local/lib/libbind/libbind.so.5.0
> #3  0x1cc50b181905 in SPF_dns_resolv_lookup 
> (spf_dns_server=0x1cc5c48ab780, domain=0x1cc55122c1d0 "mydomain.org", 
> rr_type=ns_t_spf, should_cache=1) at spf_dns_resolv.c:261
> #4  0x1cc50b180117 in SPF_dns_lookup (spf_dns_server=0x1cc5c48ab780, 
> domain=0x1cc55122c1d0 "mydomain.org", rr_type=ns_t_spf, should_cache=1) at 
> spf_dns.c:141
> #5  0x1cc50b180b16 in SPF_dns_cache_lookup 
> (spf_dns_server=0x1cc5c48abc80, domain=0x1cc55122c1d0 "mydomain.org", 
> rr_type=ns_t_spf, should_cache=1) at spf_dns_cache.c:408
> #6  0x1cc50b180117 in SPF_dns_lookup (spf_dns_server=0x1cc5c48abc80, 
> domain=0x1cc55122c1d0 "mydomain.org", rr_type=ns_t_spf, should_cache=1) at 
> spf_dns.c:141
> #7  0x1cc50b18e4e3 in SPF_server_get_record (spf_server=0x1cc5eb4154c0, 
> spf_request=0x1cc5c48aeb00, spf_response=0x1cc5eb41b400, 
> spf_recordp=0x1cc54f7c8700) at spf_server.c:351
> #8  0x1cc50b18c959 in SPF_request_query_mailfrom 
> (spf_request=0x1cc5c48aeb00, spf_responsep=0x1cc54f7c87a0) at 
> spf_request.c:291
> #9  0x1cc2ee1207ca in spf_check_internal (ad=0x1cc4f4c65948, as=AS_RCPT, 
> ap=0x1cc54f7c8cd0, priv=0x1cc5c48af000) at spf.c:388
> #10 0x1cc2ee120c17 in spf_check (ad=0x1cc4f4c65948, as=AS_RCPT, 
> ap=0x1cc54f7c8cd0, priv=0x1cc5c48af000) at spf.c:524
> #11 0x1cc2ee123a0d in acl_filter (stage=AS_RCPT, ctx=0x1cc5c48b2000, 
> priv=0x1cc5c48af000) at acl.c:1902
> #12 0x1cc2ee1069ae in real_envrcpt (ctx=0x1cc5c48b2000, 
> envrcpt=0x1cc5eb41c280) at milter-greylist.c:601
> #13 0x1cc2ee105de0 in mlfi_envrcpt (ctx=0x1cc5c48b2000, 
> envrcpt=0x1cc5eb41c280) at milter-greylist.c:213
> #14 0x1cc52bfaa46e in st_rcpt () from /usr/local/lib/libmilter.so.4.0
> #15 0x1cc52bfab557 in mi_engine () from /usr/local/lib/libmilter.so.4.0
> #16 0x1cc52bfaca10 in mi_handle_session () from 
> /usr/local/lib/libmilter.so.4.0
> #17 0x1cc52bfab7d9 in mi_thread_handle_wrapper () from 
> /usr/local/lib/libmilter.so.4.0
> #18 0x1cc5a247d90e in _rthread_start (v=Variable "v" is not available.
> ) at /usr/src/lib/librthread/rthread.c:145
> #19 0x1cc53e33649b in __tfork_thread () at 
> /usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:75
> #20 0x in ?? ()

Re: syscall 5 "cpath" continues with octeon

2016-01-04 Thread Fung 
---
(OpenBSD 5.8-current (GENERIC) #1: Thu Nov 26 15:01:01 CET 2015)
Octeon ubnt_e100# version
U-Boot 1.1.1 (UBNT Build ID: 4670715-gbd7e2d7) (Build time: May 27 2014 - 
11:16:22)


1. same installation problem repeated message syscall 5 "cpath" 
but we can pass with a trick.

dd if=miniroot58.fs of=/dev/ to 16G new usb flash

installation process...
Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout? [a]   (direct 
enter here)

disklabel(32382): syscall 5 "cpath"
Abort trap
Disk: sd0   geometry: 1966/255/63 [31586304 Sectors]
Offset: 0   Signature: 0xAA55
Starting Ending LBA Info:
 #: id  C   H   S -  C   H   S [   start:size ]
---
*0: 0C  0   1   2 -  2  11   9 [  64:   32768 ] Win95 FAT32L
 1: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
 2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
 3: A6  2  11  10 -   1966  39  57 [   32832:31553472 ] OpenBSD
...
...
loop back to
...

Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout? [a]e(this 
time we input e here)
Do nothing but simply input "q"   (save and exit)!

install smoothly now


2. hint for EdgeRouter USB disk auto boot to OpenBSD, please add this line to 
INSTALL.octeon.

setenv bootcmd 'fatload usb 0 $loadaddr bsd;bootoctlinux rootdev=/dev/sd0'



3. some messages from /var/log/messages

a) repeated messages:

Jan  5 10:53:06 oct sendsyslog: dropped 11 messages, error 57
Jan  5 10:53:24 oct savecore: /bsd: kvm_read: version misread

b) double same lines
Jan  5 10:53:05 oct /bsd: Copyright (c) 1995-2015 OpenBSD. All rights reserved. 
 http://www.OpenBSD.org
Jan  5 10:53:05 oct /bsd: Copyright (c) 1995-2015 OpenBSD. All rights reserved. 
 http://www.OpenBSD.org

-/var/log/messages
Jan  5 10:52:11 oct reboot: rebooted by root
Jan  5 10:52:12 oct syslogd: exiting on signal 15
Jan  5 10:53:05 oct syslogd: start
Jan  5 10:53:05 oct /bsd: Copyright (c) 1982, 1986, 1989, 1991, 1993
Jan  5 10:53:05 oct /bsd:   The Regents of the University of California.  
All rights reserved.
Jan  5 10:53:05 oct /bsd: Copyright (c) 1995-2015 OpenBSD. All rights reserved. 
 http://www.OpenBSD.org
Jan  5 10:53:05 oct /bsd: Copyright (c) 1995-2015 OpenBSD. All rights reserved. 
 http://www.OpenBSD.org
Jan  5 10:53:05 oct /bsd: OpenBSD 5.8-current (GENERIC) #1: Thu Nov 26 15:01:01 
CET 2015
Jan  5 10:53:05 oct /bsd: 
jas...@erl-2.jasper.la:/usr/src/sys/arch/octeon/compile/GENERIC
Jan  5 10:53:05 oct /bsd: real mem = 247463936 (236MB)
Jan  5 10:53:05 oct /bsd: avail mem = 245170176 (233MB)
Jan  5 10:53:05 oct /bsd: warning: no entropy supplied by boot loader
Jan  5 10:53:05 oct /bsd: mainbus0 at root
Jan  5 10:53:05 oct /bsd: cpu0 at mainbus0: Cavium OCTEON CPU rev 0.1 500 MHz, 
Software FP emulation
Jan  5 10:53:05 oct /bsd: cpu0: cache L1-I 32KB 4 way D 8KB 64 way, L2 128KB 8 
way
Jan  5 10:53:05 oct /bsd: clock0 at mainbus0: int 5
Jan  5 10:53:05 oct /bsd: iobus0 at mainbus0
Jan  5 10:53:05 oct /bsd: dwctwo0 at iobus0 base 0x118006800 irq 56
Jan  5 10:53:05 oct /bsd: usb0 at dwctwo0: USB revision 2.0
Jan  5 10:53:05 oct /bsd: uhub0 at usb0 "Octeon DWC2 root hub" rev 2.00/1.00 
addr 1
Jan  5 10:53:05 oct /bsd: octrng0 at iobus0 base 0x14000 irq 0
Jan  5 10:53:05 oct /bsd: cn30xxgmx0 at iobus0 base 0x118000800 irq 48
Jan  5 10:53:05 oct /bsd: cnmac0 at cn30xxgmx0: RGMII, address 44:d9:e7:9b:87:e7
Jan  5 10:53:05 oct /bsd: atphy0 at cnmac0 phy 7: F1 10/100/1000 PHY, rev. 2
Jan  5 10:53:05 oct /bsd: cnmac1 at cn30xxgmx0: RGMII, address 44:d9:e7:9b:87:e8
Jan  5 10:53:05 oct /bsd: atphy1 at cnmac1 phy 6: F1 10/100/1000 PHY, rev. 2
Jan  5 10:53:05 oct /bsd: cnmac2 at cn30xxgmx0: RGMII, address 44:d9:e7:9b:87:e9
Jan  5 10:53:05 oct /bsd: atphy2 at cnmac2 phy 5: F1 10/100/1000 PHY, rev. 2
Jan  5 10:53:05 oct /bsd: uartbus0 at mainbus0
Jan  5 10:53:05 oct /bsd: com0 at uartbus0 base 0x118000800 irq 34: 
ns16550, no working fifo
Jan  5 10:53:05 oct /bsd: com0: console
Jan  5 10:53:05 oct /bsd: com1 at uartbus0 base 0x118000c00 irq 35: 
ns16550, no working fifo
Jan  5 10:53:05 oct /bsd: /dev/ksyms: Symbol table not valid.
Jan  5 10:53:05 oct /bsd: umass0 at uhub0 port 1 configuration 1 interface 0 
"Generic USB Storage" rev 2.00/2.72 addr 2
Jan  5 10:53:05 oct /bsd: umass0: using SCSI over Bulk-Only
Jan  5 10:53:05 oct /bsd: scsibus0 at umass0: 2 targets, initiator 0
Jan  5 10:53:05 oct /bsd: sd0 at scsibus0 targ 1 lun 0:  SCSI0 0/direct removable serial.05e307360272
Jan  5 10:53:05 oct /bsd: sd0: 15423MB, 512 bytes/sector, 31586304 sectors
Jan  5 10:53:05 oct /bsd: vscsi0 at root
Jan  5 10:53:05 oct /bsd: scsibus1 at vscsi0: 256 targets
Jan  5 10:53:05 oct /bsd: softraid0 at root
Jan  5 10:53:05 oct /bsd: scsibus2 at

Re: Installing RackTables

2016-01-04 Thread Stuart Henderson 
On 2016-01-05, Jordon  wrote:
> Next, I think I need to get php working.  This is where I get stuck.  An email
> posted here last month mentioned getting php_fpm running, but that package is
> not installed on my machine.  If that is a requirement for racktables,
> shouldn't pkg_add install it?

Whether or not php-fpm is a requirement depends on which webserver software
you use. It's needed for nginx and the httpd from base, but isn't needed for
Apache httpd.

> I did some searching for getting php running on httpd in openbsd and found a
> lot of info on apache and nginx, but not much on the new httpd.

There isn't very much information around for it; very roughly you need to 
install
and run php-fpm, and there's a sample config block in /etc/examples/httpd.conf.
I've only tested racktables with nginx but I don't have anything special in the
config for it so I don't see why it wouldn't work with httpd from base.

Re: Leftover formatted man pages

2016-01-04 Thread Brendan Shanks 
> On Jan 4, 2016, at 4:47 PM, Ingo Schwarze  wrote:
>
> Hi Brendan,
>
> Brendan Shanks wrote on Mon, Jan 04, 2016 at 04:16:14PM -0800:
>
>> Did I miss a step in the upgrade instructions where these were removed?
>
> No.  The upgrade instructions are carefully prepared to remind you to
> delete stuff that is likely to get in the way.  Sometimes, they also
> suggest to delete stuff that becomes useless even it it isn't harmful.
> But there is no effort to make an upgraded system identical to a freshly
> installed one.  So harmless stuff is often left behind.

Ingo,

Thanks for the quick reply, I deleted the cat* directories and everything is
good after a quick makewhatis -Q. The reasoning behind the upgrade
instructions is sound, although I think leftover man pages are not exactly
harmless. For example, my system still had the rtsold man page installed and I
was confused when I couldn’t find the binary.
Hopefully anyone who runs into this problem in the future will find this
post.

Brendan

Re: syscall 5 "cpath" continues with octeon

2016-01-04 Thread Janne Johansson 
2016-01-05 4:45 GMT+01:00 Fung :

> ---
> (OpenBSD 5.8-current (GENERIC) #1: Thu Nov 26 15:01:01 CET 2015)
> Octeon ubnt_e100# version
> U-Boot 1.1.1 (UBNT Build ID: 4670715-gbd7e2d7) (Build time: May 27 2014 -
> 11:16:22)
>
>
>
> 6. via http://www.tedunangst.com/flak/post/OpenBSD-on-ERL
> There’s no onboard clock, so you’ll need ntpd to keep the time straght.
> OpenBSD support is limited to 256MB RAM and a single CPU at this time.
>
>
I think you only need to set the coremask in the boot environment to 0x3
(instead of 0x1 which mine defaulted to) and point it to a bsd.mp
to get both CPUs. Worked for me at least on my ERL.

--
May the most significant bit of your life be positive.

[DIFF] New Year's calendar

2016-01-04 Thread Craig Skinner 
Happy Hogmanay/New Year!

Scotland & New Zealand have an additional New Year's celebrations
hangover recovery public holiday.

In Scotland, Hogmanay is THE most significant winter festival, with
internationally popular street parties of 400,000 people dancing.

(Xmas was banned in Scotland for over 400 years, until recently.)


Index: calendar.holiday
===
RCS file: /cvs/src/usr.bin/calendar/calendars/calendar.holiday,v
retrieving revision 1.32
diff -u -p -r1.32 calendar.holiday
--- calendar.holiday12 Oct 2015 06:33:21 -  1.32
+++ calendar.holiday4 Jan 2016 15:44:21 -
@@ -12,7 +12,7 @@
 01/01  Universal Fraternity Day in Mozambique
 01/02  Ancestry Day in Haiti
 01/02  St. Berchtold's Day in Switzerland
-01/03  New Year's Holiday in Scotland
+01/02  New Year's Holiday in Scotland and New Zealand
 01/03  Revolution Day in Upper Volta
 01/04  Independence Day in Burma
 01/04  Martyrs Day in Zaire
@@ -580,5 +580,6 @@
 12/29  His Majesty, the King's Birthday in Nepal
 12/30  Anniversary of the Democratic Republic of Madagascar in Madagascar
 12/31  Proclamation of the Republic in Congo
+12/31  Hogmanay - 3 day year transition festival in Scotland
 
 #endif /* !_calendar_holiday_ */


-- 
http://www.Scotland.org/features/hogmanay-top-facts/
http://www.RampantScotland.com/know/blknow12.htm
http://www.EdinburghsHogmanay.com/
http://www.EdinburghFestivalCity.com/festivals/edinburghs-hogmanay
http://en.wikipedia.org/wiki/Hogmanay

Problems using squid as transparent proxy for SSL/TLS

2016-01-04 Thread C.L. Martinez 

Hi all,

 I have configured squid in an OpenBSD host acting as a transparent 
proxy. Actually all works OK for all traffic except for SSL/TLS, ex: 
port 443.


 My pf rules are:


pass in inet proto tcp from $prod_network to ! port 
$proxy_tcp_svcs divert-to localhost \
port 3129 label "Allow access to Internet via Proxy on 
port $dstport/$proto"


pass in inet proto tcp from $prod_network to ! port 
https divert-to localhost \
port 3130 label "Allow access to Internet via Proxy on 
port $dstport/$proto"



 In my squid.conf:

# Squid normally listens to port 3128
http_port 127.0.0.1:3128
http_port 127.0.0.1:3129 intercept
http_port 127.0.0.1:3130 intercept ssl-bump 
cert=/etc/squid/ssl_cert/uxdom.org.cert 
key=/etc/squid/ssl_cert/uxdom.org.private \
generate-host-certificates=on version=1 
options=NO_SSLv2,NO_SSLv3,SINGLE_DH_USE


 When some internal client tries to connect to, for example, 
https://www.google.com:


tcpdump: WARNING: snaplen raised from 116 to 160
tcpdump: listening on pflog0, link-type PFLOG
Jan 04 16:34:10.750926 rule 16/(match) [uid 0, pid 1374] block out on 
vio0: 216.58.210.131.443 > 172.21.55.3.53694: R [bad tcp cksum 7aa1! -> 
5af5] 157608502:157608502(0) win 0 (DF) (ttl 64, id 61853, len 40, bad 
ip cksum 7b96! -> bb5b)
Jan 04 16:34:10.750956 rule 16/(match) [uid 0, pid 1374] block in on 
vio0: 172.21.55.3.53694 > 216.58.210.131.443: F [tcp sum ok] 
2332161592:2332161592(0) ack 157608502 win 256 (ttl 128, id 12637, len 40)
Jan 04 16:34:10.751003 rule 16/(match) [uid 0, pid 1374] block in on 
vio0: 172.21.55.3.53694 > 216.58.210.131.443: R [tcp sum ok] 1:1(0) ack 
1274 win 0 (ttl 128, id 12639, len 40)
Jan 04 16:34:10.751027 rule 16/(match) [uid 0, pid 1374] block in on 
vio0: 172.21.55.3.53694 > 216.58.210.131.443: R [tcp sum ok] 
2332161585:2332161585(0) win 0 (DF) (ttl 128, id 12640, len 40)
Jan 04 16:34:10.751047 rule 16/(match) [uid 0, pid 1374] block in on 
vio0: 172.21.55.3.53694 > 216.58.210.131.443: R [tcp sum ok] 
2332161585:2332161585(0) win 0 (DF) (ttl 128, id 12641, len 40)
Jan 04 16:34:10.752913 rule 16/(match) [uid 0, pid 1374] block out on 
vio0: 216.58.210.131.443 > 172.21.55.3.53695: R [bad tcp cksum b923! -> 
b16] 3886046168:3886046168(0) win 0 (DF) (ttl 64, id 24204, len 40, bad 
ip cksum 7b8f! -> 4e6d)
Jan 04 16:34:10.752937 rule 16/(match) [uid 0, pid 1374] block in on 
vio0: 172.21.55.3.53695 > 216.58.210.131.443: . [tcp sum ok] ack 
3886047652 win 256 (ttl 128, id 12644, len 40)


 I have tried to add a divert-reply rule:

pass out on vio0 inet from $prod_network divert-reply

 .. but it doesn't works.

 What am I doing wrong??

Thanks.

Re: Autoinstall via netboot over VLAN interface

2016-01-04 Thread Jiri B 
On Mon, Jan 04, 2016 at 09:35:04AM -0700, Darren S. wrote:
> I have a router on the end of a 802.1q trunk port that I'd like to
> netboot for install, but this is only possible if I can PXE boot using
> the correct VLAN to reach the PXE server. Some PXE boot ROMs support
> this (mine does not currently) and I was going to try it from a booted
> bsd.rd on the host, but looks like I only have options for physical
> interfaces to select from on an Autoinstall:

Try IPXE rom, iirc it does support vlan, even trunk/bond.

> Welcome to the OpenBSD/amd64 5.8 installation program.
> (I)nstall, (U)pgrade, (A)utoinstall or (S)hell? a
> Available network interfaces are: re0 re1 re2 athn0.
> Which network interface should be used for the initial DHCP request?
> (or 'done') [re0]
> DHCPDISCOVER on re0 - interval 3
> DHCPDISCOVER on re0 - interval 5
> DHCPDISCOVER on re0 - interval 13
> DHCPDISCOVER on re0 - interval 19
> DHCPDISCOVER on re0 - interval 13
> DHCPDISCOVER on re0 - interval 8
> No acceptable DHCPOFFERS received.
> No working leases in persistent database - sleeping.
> Could not determine next-server.
> Could not determine auto mode.
> Response file location?
> 
> With additional work I may be able to switch around network
> configurations to support a native VLAN (and then reconfigure
> post-install) but this isn't ideal. Is it feasible for the autoinstall
> support to handle the same VLAN features for booting as is available
> later in the installation for network configuration?

IIUC install has no way to know you want to use tagged vlan.
You need to dedicate separate iface for booting or use custom
install script inside ramdisk.

I would redesign your network to have dedicated port based vlan
for netbooting...

j.

Autoinstall via netboot over VLAN interface

2016-01-04 Thread Darren S. 
I have a router on the end of a 802.1q trunk port that I'd like to
netboot for install, but this is only possible if I can PXE boot using
the correct VLAN to reach the PXE server. Some PXE boot ROMs support
this (mine does not currently) and I was going to try it from a booted
bsd.rd on the host, but looks like I only have options for physical
interfaces to select from on an Autoinstall:

Welcome to the OpenBSD/amd64 5.8 installation program.
(I)nstall, (U)pgrade, (A)utoinstall or (S)hell? a
Available network interfaces are: re0 re1 re2 athn0.
Which network interface should be used for the initial DHCP request?
(or 'done') [re0]
DHCPDISCOVER on re0 - interval 3
DHCPDISCOVER on re0 - interval 5
DHCPDISCOVER on re0 - interval 13
DHCPDISCOVER on re0 - interval 19
DHCPDISCOVER on re0 - interval 13
DHCPDISCOVER on re0 - interval 8
No acceptable DHCPOFFERS received.
No working leases in persistent database - sleeping.
Could not determine next-server.
Could not determine auto mode.
Response file location?

With additional work I may be able to switch around network
configurations to support a native VLAN (and then reconfigure
post-install) but this isn't ideal. Is it feasible for the autoinstall
support to handle the same VLAN features for booting as is available
later in the installation for network configuration?

  Which network interface do you wish to configure = vlan0
  Which interface:tag should vlan0 be on = re0:100
  IPv4 address for vlan0 = 10.0.1.1
  Netmask for vlan0 = 255.255.255.0

-- 
Darren Spruell
phatbuck...@gmail.com

Re: ftp-proxy man page out of date?

2016-01-04 Thread Jason McIntyre 
On Mon, Jan 04, 2016 at 02:35:43PM +0100, Harald Dunkel wrote:
> Hi folks,
> 
> Would it be possible to update ftp-proxy(8) wrt "divert-to"?
> I had the impression that rdr-to is out of date in this
> context; see http://www.openbsd.org/faq/upgrade50.html.
> 
> Thanx very much. Best season's greetings
> Harri
> 

hi. i'll quote mikeb:

these are dynamically inserted rules.  and they must be
redirects.  so you don't have to change them.  divert-to
would be incorrect.

so no change needed.

jmc

Re: [DIFF] New Year's calendar

2016-01-04 Thread Jason McIntyre 
On Mon, Jan 04, 2016 at 03:46:53PM +, Craig Skinner wrote:
> Happy Hogmanay/New Year!
> 
> Scotland & New Zealand have an additional New Year's celebrations
> hangover recovery public holiday.
> 
> In Scotland, Hogmanay is THE most significant winter festival, with
> internationally popular street parties of 400,000 people dancing.
> 
> (Xmas was banned in Scotland for over 400 years, until recently.)
> 

i diasgree with this. it's true some of us in scotland get the 2nd off,
but i'm not sure it's helpful to describe the 2nd as a new year's
festival.

really we have hogmany and new year's day. depending on your job, you'll
get some combination of these off. i worked 31/1 and had the second off.
lots of people have two weeks...

traditionally the 2nd was described as a bank holiday. now banks are
open on this day. some businesses shut.

let's just leave it that for people on this calendar, 31st is hogmany
and the 1st is new year's day. days off are no longer inviolate/

jmc

ps xmas banned in scotland till recently: how old are you exactly, craig ;)

> 
> Index: calendar.holiday
> ===
> RCS file: /cvs/src/usr.bin/calendar/calendars/calendar.holiday,v
> retrieving revision 1.32
> diff -u -p -r1.32 calendar.holiday
> --- calendar.holiday  12 Oct 2015 06:33:21 -  1.32
> +++ calendar.holiday  4 Jan 2016 15:44:21 -
> @@ -12,7 +12,7 @@
>  01/01Universal Fraternity Day in Mozambique
>  01/02Ancestry Day in Haiti
>  01/02St. Berchtold's Day in Switzerland
> -01/03New Year's Holiday in Scotland
> +01/02New Year's Holiday in Scotland and New Zealand
>  01/03Revolution Day in Upper Volta
>  01/04Independence Day in Burma
>  01/04Martyrs Day in Zaire
> @@ -580,5 +580,6 @@
>  12/29His Majesty, the King's Birthday in Nepal
>  12/30Anniversary of the Democratic Republic of Madagascar in 
> Madagascar
>  12/31Proclamation of the Republic in Congo
> +12/31Hogmanay - 3 day year transition festival in Scotland
>  
>  #endif /* !_calendar_holiday_ */
> 
> 
> -- 
> http://www.Scotland.org/features/hogmanay-top-facts/
> http://www.RampantScotland.com/know/blknow12.htm
> http://www.EdinburghsHogmanay.com/
> http://www.EdinburghFestivalCity.com/festivals/edinburghs-hogmanay
> http://en.wikipedia.org/wiki/Hogmanay