Re: is my dns server/ routing borked??, i could need some advice
> > For some reasons, i notice that i am not able to access some website in > > the first 10 minutes when i have my machine turned on. > > >>> > > >>> If you have a broadband on premises equipment like a converter, modem, > > >>> router, switch etc, you may consider replacing these, as with age some > > >>> of them degrade (in capacitors, solder joints, jacks) and such devices > > >>> have trouble working reliably until it warms up (or when they overheat). > > >>> > > >>> To report further details to the list, please start a new empty > > >>> message. > > >> > > >> Well,the modem hardware is new. > > >> my switches are ok, i have a local server that is up for 24/7, en even > > >> that machine is loosing contact to the website. > > > > > > So you're absolutely sure the hardware environment is fine. There are > > > two important tactics to employ then in troubleshooting. First one is > > > to bypass every equipment and connect the troubleshooting device direct > > > to the upstream connection. Then ensure you have full connectivity and > > > move down the line to the point you find your issue. You would follow > > > this with the second tactic, drop the configuration from zero and make > > > sure you have working connectivity and then start adding each piece of > > > the software set up, until you find the part that generates the issues. > > > > > >> it is pure a dns isue, but what i can resolv, i rewrote the complete > > >> named stuff, added even the DNS server pool from that website, heck, > > >> still no result... > > > > > > Try unbound / nsd and see if this gives you a different result. It is > > > often just such a simple common issue, that it's hidden in plain sight. > > > > > > Once you have found it, please report to the list your process+results. > > > > This gonna be fun for me. > > But i will do it. > > I know very well what you mean. Then, if you want to cut time short, > you can preemptively start looking direct into the suspected trouble > zone, either hardware, equipment configuration and/or software set up. > > With this second approach, you can ask a direct question once you find > the point of hesitation and/or concern. Just walking the trouble path > is often enough to get you out of the "unseeing" mode and find it quick. One more important thing, if you are using the ISP provided name servers or name service from the broadband equipment (duh), you can bypass these and use own local direct resolving recursive name server on your gateway.
Re: is my dns server/ routing borked??, i could need some advice
On 23-5-2016 8:10, li...@wrant.com wrote: > Mon, 23 May 2016 07:40:27 +0200 Ton Muller >> On 22-5-2016 15:45, li...@wrant.com wrote: >>> Sun, 22 May 2016 10:42:52 +0200 Ton Muller For some reasons, i notice that i am not able to access some website in the first 10 minutes when i have my machine turned on. >>> >>> If you have a broadband on premises equipment like a converter, modem, >>> router, switch etc, you may consider replacing these, as with age some >>> of them degrade (in capacitors, solder joints, jacks) and such devices >>> have trouble working reliably until it warms up (or when they overheat). >>> >>> To report further details to the list, please start a new empty message. >>> >>> Regards, >>> Anton >>> >> >> Well,the modem hardware is new. >> my switches are ok, i have a local server that is up for 24/7, en even >> that machine is loosing contact to the website. > > So you're absolutely sure the hardware environment is fine. There are > two important tactics to employ then in troubleshooting. First one is > to bypass every equipment and connect the troubleshooting device direct > to the upstream connection. Then ensure you have full connectivity and > move down the line to the point you find your issue. You would follow > this with the second tactic, drop the configuration from zero and make > sure you have working connectivity and then start adding each piece of > the software set up, until you find the part that generates the issues. > >> it is pure a dns isue, but what i can resolv, i rewrote the complete >> named stuff, added even the DNS server pool from that website, heck, >> still no result... > > Try unbound / nsd and see if this gives you a different result. It is > often just such a simple common issue, that it's hidden in plain sight. > > Once you have found it, please report to the list your process+results. > This gonna be fun for me. But i will do it. Tony...
Re: is my dns server/ routing borked??, i could need some advice
Mon, 23 May 2016 07:40:27 +0200 Ton Muller > On 22-5-2016 15:45, li...@wrant.com wrote: > > Sun, 22 May 2016 10:42:52 +0200 Ton Muller > >> > >> For some reasons, i notice that i am not able to access some website in > >> the first 10 minutes when i have my machine turned on. > > > > If you have a broadband on premises equipment like a converter, modem, > > router, switch etc, you may consider replacing these, as with age some > > of them degrade (in capacitors, solder joints, jacks) and such devices > > have trouble working reliably until it warms up (or when they overheat). > > > > To report further details to the list, please start a new empty message. > > > > Regards, > > Anton > > > > Well,the modem hardware is new. > my switches are ok, i have a local server that is up for 24/7, en even > that machine is loosing contact to the website. So you're absolutely sure the hardware environment is fine. There are two important tactics to employ then in troubleshooting. First one is to bypass every equipment and connect the troubleshooting device direct to the upstream connection. Then ensure you have full connectivity and move down the line to the point you find your issue. You would follow this with the second tactic, drop the configuration from zero and make sure you have working connectivity and then start adding each piece of the software set up, until you find the part that generates the issues. > it is pure a dns isue, but what i can resolv, i rewrote the complete > named stuff, added even the DNS server pool from that website, heck, > still no result... Try unbound / nsd and see if this gives you a different result. It is often just such a simple common issue, that it's hidden in plain sight. Once you have found it, please report to the list your process+results.
Re: is my dns server/ routing borked??, i could need some advice
On 22-5-2016 15:45, li...@wrant.com wrote: > Sun, 22 May 2016 10:42:52 +0200 Ton Muller >> >> For some reasons, i notice that i am not able to access some website in >> the first 10 minutes when i have my machine turned on. > > If you have a broadband on premises equipment like a converter, modem, > router, switch etc, you may consider replacing these, as with age some > of them degrade (in capacitors, solder joints, jacks) and such devices > have trouble working reliably until it warms up (or when they overheat). > > To report further details to the list, please start a new empty message. > > Regards, > Anton > Well,the modem hardware is new. my switches are ok, i have a local server that is up for 24/7, en even that machine is loosing contact to the website. it is pure a dns isue, but what i can resolv, i rewrote the complete named stuff, added even the DNS server pool from that website, heck, still no result...
Re: SMTPD - Auth Error 535 5.7.8
On Sun, May 22, 2016 at 05:04:02PM -0500, Patrick Dohman wrote: > After migrating to a new ISP SMTPD relay TLS Auth no longer functions as > expected. > > Essentially the same configuration in conjunction with a different mail server > works as needed. > > Hoping to clarify if cipher type is an issue & if so how a cipher list is > configured. > nope, the problem seems to be that you credentials are rejected: > May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Connecting to > tls://205.219.233.9:587 (mail.centurylink.net) on session 678c450539abbe1e... > May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Connected on session > 678c450539abbe1e > May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Started TLS on session > 678c450539abbe1e: version=TLSv1/SSLv3, cipher=AES256-GCM-SHA384, bits=256 > May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Server certificate > verification succeeded on session 678c450539abbe1e here the connection has been established and TLS negotiated > May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Error on session > 678c450539abbe1e: AUTH rejected: 535 5.7.8 Sorry. here the remote server replied that it didn't accept your AUTH which is basically your credentials -- Gilles Chehade https://www.poolp.org @poolpOrg
SMTPD - Auth Error 535 5.7.8
After migrating to a new ISP SMTPD relay TLS Auth no longer functions as expected. Essentially the same configuration in conjunction with a different mail server works as needed. Hoping to clarify if cipher type is an issue & if so how a cipher list is configured. Please see below for more info: sudo cat /etc/mail/smtpd.conf # $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $ # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. # To accept external mail, replace with: listen on all # listen on lo0 hostname ###-##-##-##.###.qwest.net table aliases db:/etc/mail/aliases.db table secrets db:/etc/mail/secrets.db # Uncomment the following to accept external mail for domain "example.org" # # accept from any for domain "example.org" alias deliver to mbox accept for local alias deliver to mbox #accept from local for any relay accept for any relay via tls+auth://la...@smtp.centurylink.net:587 \ auth # ## $mail -s "Firewall weekly output" -r root@###-##-###-##.###.qwest.net ###@centurylink.net < test.txt sudo tail -f /var/log/maillog May 22 14:49:41 Firewall smtpd[5565]: smtp-in: New session 678c45026c0fd8f5 from host ## [local] May 22 14:49:41 Firewall smtpd[5565]: smtp-in: Accepted message 6e845123 on session 678c45026c0fd8f5: from=, to=<###_@centurylink.net>, size=242, ndest=1, proto=ESMTP May 22 14:49:41 Firewall smtpd[5565]: smtp-in: Closing session 678c45026c0fd8f5 May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Connecting to tls://205.219.233.9:587 (mail.centurylink.net) on session 678c450539abbe1e... May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Connected on session 678c450539abbe1e May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Started TLS on session 678c450539abbe1e: version=TLSv1/SSLv3, cipher=AES256-GCM-SHA384, bits=256 May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Server certificate verification succeeded on session 678c450539abbe1e May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Error on session 678c450539abbe1e: AUTH rejected: 535 5.7.8 Sorry. May 22 14:49:41 Firewall smtpd[5565]: smtp-out: Disabling route [] <-> 205.219.233.9 (mail.centurylink.net) for 800s May 22 14:49:43 Firewall smtpd[5565]: smtp-out: No valid route for [connector:[]->[relay:smtp.centurylink.net,port=587,starttls,smtps,auth=secre ts:label,mx],0x0]
Re: httpd and php fastcgi in OpenBSD 5.9
On 2016-05-22, andreas wrote: > On 2016-05-22 16:52, Josh Grosse wrote: >> On Sun, May 22, 2016 at 02:45:44PM +, andreas wrote: >>> Hi all, >>> >>> I'm struggling to set up php under httpd in 5.9. >>> >>> The example in the man page of httpd.conf use php-fpm, but the php-fpm >>> package seems to have disappeared from the package list between >>> versions 5.8 and 5.9. >> >> php-fpm is no longer a *separate* package. It is included in the base >> package for the php version you are using. >> >> Try: >> >> $ pkg_info -L php | grep fpm > > Aha. Sorry, and thank you for clarifying! Also see /usr/local/share/doc/pkg-readmes/php-* (pkg_add directed you there when you installed php).
Re: If FreeBSD isn't free, who is free?
Jorge Luis gmail.com> writes: > > I am posting just for fun. > > FreeBSD isn't Free. > > * 4.3. Licensee shall not export, either directly or indirectly, any of > this > * software or system incorporating such software without first obtaining > any > * required license or other approval from the U. S. Department of Commerce > or > * any other agency or department of the United States Government. In the > * event Licensee exports any such software from the United States or > * re-exports any such software from a foreign destination, Licensee shall > * ensure that the distribution and export/re-export of the software is in > * compliance with all laws, regulations, orders, or other restrictions of > the > * U.S. Export Administration Regulations. Licensee agrees that neither it > nor > * any of its subsidiaries will export/re-export any technical data, > process, > * software, or service, directly or indirectly, to any country for which > the > * United States government or any agency thereof requires an export > license, > * other governmental approval, or letter of assurance, without first > obtaining > * such license, approval or letter. > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/contrib/dev/acpica/hardware/hwsleep.c?rev=1.2 > > If FreeBSD isn't free, who is free? > > Linux? > > NetBSD? > > DragonflyBSD? > > I want to program and use software and hardware just a hobby, but I not > want to waste my money on a false ideal. > > Not even OpenBSD is Free because it requires time, patience, hardware, skill, money, community, and other parts. This old license has been superseded by another. If you want to make a difference, see about having the BSDs work together instead of catering to the vanity of another. You would not try to approach someone in real life with such an attitude unless you were a fool or a man looking for revenge. Either which way, both are displays of pure stupidity. You present yourself in such a way without researching the other side of the argument. Had this been reversed, you would have been offended by such behavior, words, and actions. It is interesting that you would waste this much energy in trying to start a fight than you would in solving a problem and creating something beneficial and useful to yourself and others. So, where did you go wrong? By believing without thinking or by acting without taking anything into retrospect? It is very questionable, now isn't it?
Re: OpenBSD on Mikrotik/RouterBoard hardware ?
Hi Stuart, Jakub , ... Stuart Henderson wrote : On 2016-05-21, Jakub Skrzypnik wrote: I'll be mostly interested in any efforts to keep OpenBSD on ARM based SOHO routers by MikroTik, like RB951G and its family. I don't think MikroTik have any ARM boxes. Like most of their smaller boxes (and many other small routers) the RB951G is a 32-bit MIPS74k design. Their bigger boxes (CCR) are Tilera Tile-GX designs. ARM hasn't been all that popular for router designs in general, Firebrick FB2700/FB6000 and the in-development Turris Omnia use them but I can't think of any others offhand. No ARM boxes indeed, :( . Does it really mean none of the Routerboard archs could be handled using an OpenBSD ? Maybe ( I try :) ) http://routerboard.com/RB1100AHx2 (using macppc or socppc) ? Christophe.
Re: Can't use sshfs as user
I've fixed "sshfs -o idmap=user", please test and give feedback: https://marc.info/?l=openbsd-tech&m=146383589632694&w=2 Index: fuse_opt.c === RCS file: /home/cvs/src/lib/libfuse/fuse_opt.c,v retrieving revision 1.15 diff -u -p -r1.15 fuse_opt.c --- fuse_opt.c 19 Oct 2015 17:24:07 - 1.15 +++ fuse_opt.c 21 May 2016 12:53:57 - @@ -247,13 +247,14 @@ parse_opt(const struct fuse_opt *o, cons ret = f(data, &val[idx], o->val, arg); else ret = f(data, val, o->val, arg); - } - - if (o->off != ULONG_MAX && data && o->val >= 0) { - ret = f(data, val, o->val, arg); - int *addr = (int *)(data + o->off); - *addr = o->val; - ret = 0; + /* exact match, e.g. "idmap=user" (instead of "idmap=%s") */ + } else if (keyval && strcmp(val, o->templ) == 0) { + if (data && o->val >= 0) { + ret = f(data, val, o->val, arg); + int *addr = (int *)(data + o->off); + *addr = o->val; + ret = 0; + } } if (ret == -1)
Re: httpd and php fastcgi in OpenBSD 5.9
On Sun, May 22, 2016 at 02:45:44PM +, andreas wrote: > Hi all, > > I'm struggling to set up php under httpd in 5.9. > > The example in the man page of httpd.conf use php-fpm, but the php-fpm > package seems to have disappeared from the package list between > versions 5.8 and 5.9. php-fpm is no longer a *separate* package. It is included in the base package for the php version you are using. Try: $ pkg_info -L php | grep fpm
Re: httpd and php fastcgi in OpenBSD 5.9
On 05/22/16 09:45, andreas wrote: Hi all, I'm struggling to set up php under httpd in 5.9. The example in the man page of httpd.conf use php-fpm, but the php-fpm package seems to have disappeared from the package list between versions 5.8 and 5.9. I've tried to dig out information about why php-fpm might have been rejected, but I haven't found anything. Included, however, in the packages list, is php-fastcgi, but that doesn't seem to be able to handle connections over a unix domain socket, which in turn seems to be a requirement of httpd. Is there a reason why php-fpm was excluded from the OpenBSD 5.9 packages list? Should I rather use php-fastcgi? If so, are there any resources I can use to learn how to configure it? Best regards Andreas $ pkg_info -L php-5.6.21 | grep fpm /usr/local/man/man8/php-fpm-5.6.8 /usr/local/sbin/php-fpm-5.6 /usr/local/share/examples/php-5.6/php-fpm.conf /etc/rc.d/php56_fpm install php and it will be included
Re: httpd and php fastcgi in OpenBSD 5.9
On 2016-05-22 16:52, Josh Grosse wrote: On Sun, May 22, 2016 at 02:45:44PM +, andreas wrote: Hi all, I'm struggling to set up php under httpd in 5.9. The example in the man page of httpd.conf use php-fpm, but the php-fpm package seems to have disappeared from the package list between versions 5.8 and 5.9. php-fpm is no longer a *separate* package. It is included in the base package for the php version you are using. Try: $ pkg_info -L php | grep fpm Aha. Sorry, and thank you for clarifying!
httpd and php fastcgi in OpenBSD 5.9
Hi all, I'm struggling to set up php under httpd in 5.9. The example in the man page of httpd.conf use php-fpm, but the php-fpm package seems to have disappeared from the package list between versions 5.8 and 5.9. I've tried to dig out information about why php-fpm might have been rejected, but I haven't found anything. Included, however, in the packages list, is php-fastcgi, but that doesn't seem to be able to handle connections over a unix domain socket, which in turn seems to be a requirement of httpd. Is there a reason why php-fpm was excluded from the OpenBSD 5.9 packages list? Should I rather use php-fastcgi? If so, are there any resources I can use to learn how to configure it? Best regards Andreas
Re: OpenBSD on Mikrotik/RouterBoard hardware ?
On Sun, May 22, 2016 at 01:18:11PM +, Stuart Henderson wrote: > I don't think MikroTik have any ARM boxes. Like most of their smaller > boxes (and many other small routers) the RB951G is a 32-bit MIPS74k > design. Their bigger boxes (CCR) are Tilera Tile-GX designs. That was obviously meant to be MIPS! Sorry for that mistake, Ive recently talking with someone else about ARM CPUs, so I did that unintentionally. But yeah, you're right - they doesn't have any ARM boxes, and that Atheros SoC was indeed based on MIPS arch. Sorry for any misleading.
Re: OpenBSD on Mikrotik/RouterBoard hardware ?
On 2016-05-21, Jakub Skrzypnik wrote: > I'll be mostly interested in any efforts to keep OpenBSD on ARM > based SOHO routers by MikroTik, like RB951G and its family. I don't think MikroTik have any ARM boxes. Like most of their smaller boxes (and many other small routers) the RB951G is a 32-bit MIPS74k design. Their bigger boxes (CCR) are Tilera Tile-GX designs. ARM hasn't been all that popular for router designs in general, Firebrick FB2700/FB6000 and the in-development Turris Omnia use them but I can't think of any others offhand.
Re: Suggestion: new webpage for openbsd.org
Sun, 22 May 2016 19:21:13 +1000 > > Using XHTML 1.0 Strict wouldn't be a bad idea, since this is supported This is not so convincing proof, nor reasoning. Any document type is just as good as the other when the internals match the definition, as long as the type is the intended one, and has majority of web browsers supporting it as common denominator. Lots of noise and little signal. > on all modern browsers, and even Dillo and Lynx support it. At the > moment the page triggers the browsers' "quirks" modes. > Just some food for thought.
Re: how is a table of blocked addresses synchronized between redundant firewalls
On 2016-05-22, niya levi wrote: > hi everyone > i have two firewalls tied together with carp, > i understand that state tables are synchronized between the firewalls > with pfsync, > are user created tables also synchronized, No. > if not how is this done ? It normally involves ssh by one means or another.
Re: can't find books.html link
Sun, 22 May 2016 11:53:24 +0800 Teng Zhang > Could you please tell me where can i find the link which corresponding to > books.html on the www.openbsd.org. It is right there on the left navigation pane in OpenBSD Resources section after the Mailing Lists link, on the main OpenBSD homepage index.html r1.664, waiting for a reentry orbit (please include it) [http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/www/index.html?rev=1.664] > thanks
Re: Secure PKG_PATH for doas
Sat, 21 May 2016 12:34:58 +0100 Raf Czlonka > On Sat, May 21, 2016 at 08:55:37AM BST, Marc Espie wrote: > > On Fri, May 20, 2016 at 03:37:48PM +0100, Raf Czlonka wrote: > > > On Fri, May 20, 2016 at 12:39:46PM BST, Igor Mironov wrote: > > > > > > > Thank you Mart, Ted and Stuart--I understood that installpath in > > > > pkg.conf provides a secure default, and PKG_PATH should probably > > > > be used for overrides only (if at all). > > > > > > PKG_PATH is essential - installpath= in pkg.conf(5) won't suffice > > > - if you don't want to build ports' dependencies and prefer to > > > simply have them install as packages, by using: > > > > > > FETCH_PACKAGES=Yes > > > > > > in mk.conf(5). > > > > But that one completely does not require doas since it's run in -n mode. > > Sure, me reply was to the "if at all" part and I was merely pointing > out that 'installpath' doesn't work everywhere and sometimes one must > set PKG_PATH. A suggestion would be to add /etc/mymirror plus related dangling block accessories. It would not work yet without tool propagation to honour this file. Who knows, it may never work, if this idea is quite silly.
NSA addition to ifconfig
Following this tweet: https://twitter.com/_mcbride/status/733766997343883264 I thought I would add the nsa option to ifconfig: port:fred ~/code/c/stuff/ifconfig> doas ./ifconfig iwn0 lladdr nsa which results in: port:fred ~/code/c/stuff/ifconfig> ifconfig iwn0 iwn0: flags=8802 mtu 1500 lladdr 00:20:91:9d:48:06 index 2 priority 4 groups: wlan media: IEEE802.11 autoselect status: no network ieee80211: nwid "" The following patch updates ifconfig.c and ifconfig.8 to add the nsa option :~) Enjoy Fred --- /usr/src/sbin/ifconfig/ifconfig.c Mon May 9 23:03:20 2016 +++ ./ifconfig.cSun May 22 11:04:30 2016 @@ -5189,7 +5189,14 @@ setiflladdr(const char *addr, int param) { struct ether_addr *eap, eabuf; - if (!strcmp(addr, "random")) { + if (!strcmp(addr, "nsa")) { + arc4random_buf(&eabuf, sizeof eabuf); + /* NSA hardware address */ + eabuf.ether_addr_octet[0] = 0x00; + eabuf.ether_addr_octet[1] = 0x20; + eabuf.ether_addr_octet[2] = 0x91; + eap = &eabuf; + } else if (!strcmp(addr, "random")) { arc4random_buf(&eabuf, sizeof eabuf); /* Non-multicast and claim it is a hardware address */ eabuf.ether_addr_octet[0] &= 0xfc; --- /usr/src/sbin/ifconfig/ifconfig.8 Mon May 9 23:03:20 2016 +++ ./ifconfig.8Sun May 22 11:01:14 2016 @@ -323,10 +323,11 @@ of this is to select the connector type for some Ether Refer to the man page for the specific driver for more information. .It Fl link[0-2] Disable special processing at the link level with the specified interface. -.It Cm lladdr Ar etheraddr Ns | Ns Cm random +.It Cm lladdr Ar etheraddr Ns | Ns Cm random | Ns Cm nsa Change the link layer address (MAC address) of the interface. -This should be specified as six colon-separated hex values, or can -be chosen randomly. +This should be specified as six colon-separated hex values, can +be chosen randomly, or first three octets of 00:20:91 and random +last three octets. .It Cm media Op Ar type Set the media type of the interface to .Ar type .
Re: Suggestion: new webpage for openbsd.org
On Sun, May 22, 2016 at 07:34:19PM +1000, bytevolc...@safe-mail.net wrote: > On Fri, 20 May 2016 03:50:51 +0300 > li...@wrant.com wrote: > > > Interesting, the moment some other systems started swapping designs, > > the moment their public knew they've sold out and commercialised in. > > This is a good point; I have certainly noticed this on a lot of other > sites and projects. As soon as they "upgrade" to "Web 2.0" (with all > the image-buttons-for-links, rounded corners, low-contrast text, > JavaScript galore, etc), it's easy to predict the fate of that project. > aren't you guys even slightly tired of the bullshit ? -- Gilles Chehade https://www.poolp.org @poolpOrg
Re: Suggestion: new webpage for openbsd.org
On 22.05.16 11:21, bytevolc...@safe-mail.net wrote: On Sun, 22 May 2016 09:32:47 +0200 Reinhold Straub wrote: It doesn't seem like this change offers any merit whatsoever. For narrow windows 'height="100%" width="100%"' scales the puffy image down. Scaling reduces the width of the second column, so text below the image reflows. 'style="max-height:199;max-width:599"' prevents unnecessary scaling on wide windows. It could even be simplified: This keeps the current behavior: for narrow windows, horizontal scrolling becomes necessary to read the text below the image.
Re: Suggestion: new webpage for openbsd.org
On Fri, 20 May 2016 03:50:51 +0300 li...@wrant.com wrote: > Interesting, the moment some other systems started swapping designs, > the moment their public knew they've sold out and commercialised in. This is a good point; I have certainly noticed this on a lot of other sites and projects. As soon as they "upgrade" to "Web 2.0" (with all the image-buttons-for-links, rounded corners, low-contrast text, JavaScript galore, etc), it's easy to predict the fate of that project. > > For instance, AsiaBSDCon is listed 12 times. Maybe it would be a > > better layout to group by that event. > > No, historic list it is, these things happen over time. You want > reorder, do it local after retrieval, think before posting please. To add to that, they *are* grouped by event. AsiaBSDCon 2015 is not the same as AsiaBSDCon 2012, for example. And the list is in chronological order anyway, which is probably the best order for this kind of list. > > > As I said, I'm no web dev--just a user of it for a long time. > > Other users exist, and they go back many years in time with the > system. > And on that note, there are over 7 billion people on this planet. You can't please everyone. Change the website, and people will complain. Keep the website the way it was before, people will complain.
Re: Suggestion: new webpage for openbsd.org
On Sun, 22 May 2016 09:32:47 +0200 Reinhold Straub wrote: > On 21.05.16 01:12, Theo de Raadt wrote: > > > I think the site is fine. Thanks for the table above. I agree > > there would be value in small tweaks to improve the view for narrow > > displays. > > Wouldn't it suffice to replace > > alt="[OpenBSD 5.9]"> > > with > > style="max-height:199;max-width:599" alt="[OpenBSD 5.9]"> It doesn't seem like this change offers any merit whatsoever. It could even be simplified: Using XHTML 1.0 Strict wouldn't be a bad idea, since this is supported on all modern browsers, and even Dillo and Lynx support it. At the moment the page triggers the browsers' "quirks" modes. Just some food for thought. > > ? > > And insert > > a {text-decoration:none} a:hover {text-decoration:underline} > > > to get a more pleasant appearance of the hyperlinks? > Because that would confuse users; is conventional to have links as underlined text all the time.
Re: can't find books.html link
On Sun, May 22, 2016 at 04:53:24AM BST, Teng Zhang wrote: > Could you please tell me where can i find the link which corresponding to > books.html on the www.openbsd.org. > thanks > What happens if you swap these two around... like so: http://www.openbsd.org/books.html ;^) R
Re: can't find books.html link
I found this by trial and error http://www.openbsd.org/books.html I wonder why the link was removed from the homepage though.
Re: Suggestion: new webpage for openbsd.org
On 21.05.16 01:12, Theo de Raadt wrote: I think the site is fine. Thanks for the table above. I agree there would be value in small tweaks to improve the view for narrow displays. Wouldn't it suffice to replace alt="[OpenBSD 5.9]"> with style="max-height:199;max-width:599" alt="[OpenBSD 5.9]"> ? And insert a {text-decoration:none} a:hover {text-decoration:underline} to get a more pleasant appearance of the hyperlinks? Regards, Reinhold Straub