Re: OpenBSD 6.7 and ffs2 FAQs
On Thu, May 28, 2020 at 07:48:57AM +0200, Matthias wrote: > On a fresh 6.7 installation, mount(8) shows 'type ffs'. Is there any way > to figure out the version number? dumpfs /dev/rsdXY | head -1 -Otto > > > On 2020-05-27 22:54, Otto Moerbeek wrote: > > I got some questions on ffs2 in 6.7. This is to set the record > > straight, feel free to share on forums like reddit that I do not read, > > let alone post on. > > > > 1. Using 6.7, the *installer* defaults to ffs2 for new filesystems for > > almost all platforms. > > > > 2. Using 6.7, a newfs "by hand" still gets you ffs1, unless you use the > > -O2 flag or the partition > 1TB. > > > > 3. In -current, newfs defaults to ffs2 for all platforms. > > > > 4. ffs2 is faster than ffs2 when creating filesystems and almost always when > > fscking them. > > > > 5. ffs2 uses 64-bit timestamps and block numbers. So it handles dates > > after 2038 and much larger partitions. This does not mean that super > > large partitions are always a good idea, there are still drawbacks: > > e.g. they do need lots of memory to fsck, especially when many inodes > > are in use. > > > > 6. I have no plans for writing a conversion tool. You can convert an > > ffs1 filesystem to ffs2 using single user mode: umount; dump; newfs > > -O2; restore; mount. Or see it as an opportunity to reinstall and > >get a nice clean system without cruft collected over the years. > > > > Hope this help in clearing up some of questions people have, > > > > -Otto > > > > > > > > >
Re: OpenBSD 6.7 and ffs2 FAQs
Den tors 28 maj 2020 kl 07:51 skrev Matthias : > On a fresh 6.7 installation, mount(8) shows 'type ffs'. Is there any way > to figure out the version number? > > https://undeadly.org/cgi?action=article;sid=20200326083657 -- May the most significant bit of your life be positive.
Re: OpenBSD 6.7 and ffs2 FAQs
On a fresh 6.7 installation, mount(8) shows 'type ffs'. Is there any way to figure out the version number? On 2020-05-27 22:54, Otto Moerbeek wrote: I got some questions on ffs2 in 6.7. This is to set the record straight, feel free to share on forums like reddit that I do not read, let alone post on. 1. Using 6.7, the *installer* defaults to ffs2 for new filesystems for almost all platforms. 2. Using 6.7, a newfs "by hand" still gets you ffs1, unless you use the -O2 flag or the partition > 1TB. 3. In -current, newfs defaults to ffs2 for all platforms. 4. ffs2 is faster than ffs2 when creating filesystems and almost always when fscking them. 5. ffs2 uses 64-bit timestamps and block numbers. So it handles dates after 2038 and much larger partitions. This does not mean that super large partitions are always a good idea, there are still drawbacks: e.g. they do need lots of memory to fsck, especially when many inodes are in use. 6. I have no plans for writing a conversion tool. You can convert an ffs1 filesystem to ffs2 using single user mode: umount; dump; newfs -O2; restore; mount. Or see it as an opportunity to reinstall and get a nice clean system without cruft collected over the years. Hope this help in clearing up some of questions people have, -Otto
Re: Article OpenBSD: Not Free Not Fuctional and Definetly Not Secure and BSD, the truth blog
On Thu, May 28, 2020 at 2:21 PM Aaron Mason wrote: > > On Thu, May 28, 2020 at 2:20 PM Quantum Robin > wrote: > > > > Hi, > > > > While surfing on the Google to learn more about OpenBSD, I encountered this > > one: "OpenBSD: Not Free Not Fuctional and Definetly Not Secure ( > > https://aboutthebsds.wordpress.com/2013/01/25/20/) > > > > Is the author telling the truth? Or just yet another anti-BSD thing? > > If it has to tell you it's "the truth" in its title, it probably isn't. > > -- > Aaron Mason - Programmer, open source addict > I've taken my software vows - for beta or for worse It's also difficult to take someone seriously when they can't spell the words they're using, like "functional" and "definitely" -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
Re: Article OpenBSD: Not Free Not Fuctional and Definetly Not Secure and BSD, the truth blog
On Thu, May 28, 2020 at 2:20 PM Quantum Robin wrote: > > Hi, > > While surfing on the Google to learn more about OpenBSD, I encountered this > one: "OpenBSD: Not Free Not Fuctional and Definetly Not Secure ( > https://aboutthebsds.wordpress.com/2013/01/25/20/) > > Is the author telling the truth? Or just yet another anti-BSD thing? If it has to tell you it's "the truth" in its title, it probably isn't. -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
Article OpenBSD: Not Free Not Fuctional and Definetly Not Secure and BSD, the truth blog
Hi, While surfing on the Google to learn more about OpenBSD, I encountered this one: "OpenBSD: Not Free Not Fuctional and Definetly Not Secure ( https://aboutthebsds.wordpress.com/2013/01/25/20/) Is the author telling the truth? Or just yet another anti-BSD thing?
DNS and rdomains
Hi all, How can I allow different rdomains to use separate DNS nameservers? Thanks
Re: About pf max-src-conn-rate
Keep in mind operations using pfctl such as reloading rule set or table from
file, any IP’s caught in the smtp table by the max-src-conn-rate will be
flushed depending on your command line.
> On May 27, 2020, at 4:29 PM, Walter Alejandro Iglesias
> wrote:
>
> Hello Brian,
>
>> On Wed, May 27, 2020 at 02:35:46PM -0400, Brian Brombacher wrote:
>> What do you do with table in other rules? If you’re doing nothing,
>> you need to do something like block additional connections, or adjust the
>> pass rule to include from !
>
> You're right. I forgot to mention I have these lines before:
>
> table persist file "/path/to/smtp.txt"
> block in log quick inet proto tcp from to any port { smtp smtps }
>
>>
>> Run: pfctl -t smtp -T show
>>
>> Does it show the offending IP? If so, the rule worked as you defined it.
>>
>>
>
> I run a cron script that parses my log files and also add the offending
> IPs to that table. To be sure the max-src-conn-rate adds those IPs to
> the table I'll have to create an alternative table just to test.
>
>
Re: DNS and rdomains
oh yeah you will have to adjust the flags for each daemon (to accept a different config file for each dns server in each Rdomain... hope this helps... On Wed, 27 May 2020 at 23:35, Tom Smyth wrote: > howdy, > > you can use symbolic links for /etc/rc.d/nsd to /etc/rc.d/nsd1 > and to/etc/rc.d/nsd2 to /etc/rc.d/nsdn where 1,2 n are your r > domains for your > dns servers (authoritive) or you can use unbound instead of nsd > if it is just a forwarding dns server > > then use for a dns server for rdomain1 > rcctl enable nsd1 > rcctl set nsd1 rtable=1 > > repeat the procedure for each domain configured > rcctl enable nsd2 > rcctl set nsd2 rtable=2 > > then go back to rdomain0 > route -T0 exec ksh > and then run the following to start each of your daemons > > rcctl start nsd1 > rcctl start nsd2 > > and so on and so fourth... > > I used to have issues starting and stopping daemons if I was not in > the correct domain when running the rcctl command, > I saw a diff by ajacoutot a few months / (years ago that might have > fixed the rcctl starting domains from a shell in a different > Rdomain... > I just got into the habit... of going to the correct rdomain of the > daemon or rdomain0 before running the rcctl command to start / stop or > restart the daemon > > Hope this helps, > > Tom Smyth > > > On Wed, 27 May 2020 at 23:24, James wrote: > > > > Hi all, > > > > How can I allow different rdomains to use separate DNS nameservers? > > > > Thanks > > > > > -- > Kindest regards, > Tom Smyth. > -- Kindest regards, Tom Smyth.
Re: DNS and rdomains
howdy, you can use symbolic links for /etc/rc.d/nsd to /etc/rc.d/nsd1 and to/etc/rc.d/nsd2 to /etc/rc.d/nsdn where 1,2 n are your r domains for your dns servers (authoritive) or you can use unbound instead of nsd if it is just a forwarding dns server then use for a dns server for rdomain1 rcctl enable nsd1 rcctl set nsd1 rtable=1 repeat the procedure for each domain configured rcctl enable nsd2 rcctl set nsd2 rtable=2 then go back to rdomain0 route -T0 exec ksh and then run the following to start each of your daemons rcctl start nsd1 rcctl start nsd2 and so on and so fourth... I used to have issues starting and stopping daemons if I was not in the correct domain when running the rcctl command, I saw a diff by ajacoutot a few months / (years ago that might have fixed the rcctl starting domains from a shell in a different Rdomain... I just got into the habit... of going to the correct rdomain of the daemon or rdomain0 before running the rcctl command to start / stop or restart the daemon Hope this helps, Tom Smyth On Wed, 27 May 2020 at 23:24, James wrote: > > Hi all, > > How can I allow different rdomains to use separate DNS nameservers? > > Thanks > -- Kindest regards, Tom Smyth.
OpenBSD 6.7 and ffs2 FAQs
I got some questions on ffs2 in 6.7. This is to set the record straight, feel free to share on forums like reddit that I do not read, let alone post on. 1. Using 6.7, the *installer* defaults to ffs2 for new filesystems for almost all platforms. 2. Using 6.7, a newfs "by hand" still gets you ffs1, unless you use the -O2 flag or the partition > 1TB. 3. In -current, newfs defaults to ffs2 for all platforms. 4. ffs2 is faster than ffs2 when creating filesystems and almost always when fscking them. 5. ffs2 uses 64-bit timestamps and block numbers. So it handles dates after 2038 and much larger partitions. This does not mean that super large partitions are always a good idea, there are still drawbacks: e.g. they do need lots of memory to fsck, especially when many inodes are in use. 6. I have no plans for writing a conversion tool. You can convert an ffs1 filesystem to ffs2 using single user mode: umount; dump; newfs -O2; restore; mount. Or see it as an opportunity to reinstall and get a nice clean system without cruft collected over the years. Hope this help in clearing up some of questions people have, -Otto
Re: About pf max-src-conn-rate
Hello Brian,
On Wed, May 27, 2020 at 02:35:46PM -0400, Brian Brombacher wrote:
> What do you do with table in other rules? If you’re doing nothing,
> you need to do something like block additional connections, or adjust the
> pass rule to include from !
You're right. I forgot to mention I have these lines before:
table persist file "/path/to/smtp.txt"
block in log quick inet proto tcp from to any port { smtp smtps }
>
> Run: pfctl -t smtp -T show
>
> Does it show the offending IP? If so, the rule worked as you defined it.
>
>
I run a cron script that parses my log files and also add the offending
IPs to that table. To be sure the max-src-conn-rate adds those IPs to
the table I'll have to create an alternative table just to test.
Re: About pf max-src-conn-rate
What do you do with table in other rules? If you’re doing nothing, you
need to do something like block additional connections, or adjust the pass rule
to include from !
Run: pfctl -t smtp -T show
Does it show the offending IP? If so, the rule worked as you defined it.
> On May 27, 2020, at 8:30 AM, Walter Alejandro Iglesias
> wrote:
>
> Another question about pf.
>
> Perhaps I don't fully understand how connection rate is calculated.
>
> The following line in /etc/pf.conf:
>
> pass in log inet proto tcp to any port { smtp smtps } synproxy state \
>(max-src-conn-rate 5/30, overload flush global)
>
> Shouldn't avoid this happen?
>
> In /var/log/maillog
>
> May 27 10:55:05 server smtpd[30272]: 1a931fba4746f485 smtp connected
> address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
> May 27 10:55:06 server smtpd[30272]: 1a931fba4746f485 smtp failed-command
> command="RCPT TO:" result="550 Invalid recipient:
> "
> May 27 10:55:06 server smtpd[30272]: 1a931fba4746f485 smtp disconnected
> reason=disconnect
> May 27 10:55:06 server smtpd[30272]: 1a931fbbc5c841e4 smtp connected
> address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
> May 27 10:55:06 server smtpd[30272]: 1a931fbbc5c841e4 smtp failed-command
> command="RCPT TO:" result="550 Invalid recipient:
> "
> May 27 10:55:07 server smtpd[30272]: 1a931fbbc5c841e4 smtp disconnected
> reason=disconnect
> May 27 10:55:07 server smtpd[30272]: 1a931fbc9f586ee6 smtp connected
> address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
> May 27 10:55:07 server smtpd[30272]: 1a931fbc9f586ee6 smtp failed-command
> command="RCPT TO:" result="550 Invalid recipient:
> "
> May 27 10:55:07 server smtpd[30272]: 1a931fbc9f586ee6 smtp disconnected
> reason=disconnect
> May 27 10:55:07 server smtpd[30272]: 1a931fbdf6b23f59 smtp connected
> address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
>
> [...] Complete here with 311 entries with the same time interval.
>
> May 27 10:59:11 server smtpd[30272]: 1a9320f8f8726fab smtp disconnected
> reason=disconnect
> May 27 10:59:11 server smtpd[30272]: 1a9320f9e3e281ab smtp connected
> address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
> May 27 10:59:11 server smtpd[30272]: 1a9320f9e3e281ab smtp failed-command
> command="RCPT TO:" result="550 Invalid recipient:
> "
> May 27 10:59:12 server smtpd[30272]: 1a9320f9e3e281ab smtp disconnected
> reason=disconnect
> May 27 10:59:12 server smtpd[30272]: 1a9320fa851b3e31 smtp connected
> address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
> May 27 10:59:12 server smtpd[30272]: 1a9320fa851b3e31 smtp failed-command
> command="RCPT TO:" result="550 Invalid recipient:
> "
> May 27 10:59:12 server smtpd[30272]: 1a9320fa851b3e31 smtp disconnected
> reason=disconnect
> May 27 10:59:13 server smtpd[30272]: 1a9320fbe3f04434 smtp connected
> address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
> May 27 10:59:13 server smtpd[30272]: 1a9320fbe3f04434 smtp failed-command
> command="RCPT TO:" result="550 Invalid recipient:
> "
> May 27 10:59:13 server smtpd[30272]: 1a9320fbe3f04434 smtp disconnected
> reason=disconnect
> May 27 10:59:13 server smtpd[30272]: 1a9320fc4f172f88 smtp connected
> address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
> May 27 10:59:14 server smtpd[30272]: 1a9320fc4f172f88 smtp failed-command
> command="RCPT TO:" result="550 Invalid recipient:
> "
> --
>
> A total of *323* connections from the same IP at less than a 1/4 second
> interval during more than four minutes.
>
Re: sysctl for meltdown and mds mitigations
Thank you Stuart. On Wed, May 27, 2020, 2:07 AM Stuart Henderson wrote: > On 2020-05-27, Elias Carter wrote: > > I will look at doing some profiling to figure out what the routing > > bottleneck is instead of going off a hunch. > > The good news is we have dt(4) now so profiling got a bit easier to deal > with. > See https://marc.info/?l=openbsd-bugs=158583371404603=2 for quick > information > about using it with btrace(8) to produce nice flamegraphs to get a picture. > >
TLSv1.3 no SNI for relayd?
Using the protocol defaults (tlsv1.3 and tlsv1.2) in latest relayd has
regressed to not supporting SNI?
While server side TLSv1.3 did not make it into 6.7 release, it was supposedly
added in -current. According to relayd.conf(5) manpage:
no tlsv1.3
Disable the TLSv1.3 protocol. The default is to enable
TLSv1.3.
A user on IRC reported that this SNI issue is also apparent when using tlsv1.3
in httpd.
Disabling TLSv1.3 by adding `tls no tlsv1.3` relayd.conf works around the
issue.
6.7-current OpenBSD localhost 6.7 GENERIC#216 amd64
My relayd.conf:
ext_v4 = "1.2.3.4"
http protocol "http" {
match request header set "X-Forwarded-For" value "$REMOTE_ADDR"
match request header set "X-Forwarded-By" value "$SERVER_ADDR:
$SERVER_PORT"
tcp { nodelay, socket buffer 65536, backlog 100 }
}
http protocol "https" {
match request header set "X-Forwarded-For" value "$REMOTE_ADDR"
match request header set "X-Forwarded-By" value "$SERVER_ADDR:
$SERVER_PORT"
tcp { nodelay, socket buffer 65536, backlog 100 }
tls keypair example1.com
tls keypair example2.com
http websockets
}
relay "v4_http_relay" {
listen on $ext_v4 port 80
protocol "http"
forward to 127.0.0.1 port 8081
}
relay "v4_https_relay" {
listen on $ext_v4 port 443 tls
protocol "https"
forward to 127.0.0.1 port 8080
}
Attempting to curl example2.com gets example1.com's cert. This behavior is
similar in httpd, according to aforementioned IRC conversation. (The first
occurance of `tls keypair` in relayd.conf determines which cert gets sent no
matter what)
localhost% curl -v https://example2.com
* Trying 1.2.3.4:443...
* Connected to example2.com (1.2.3.4) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using unknown / AEAD-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=example1.com
* start date: May 9 21:55:12 2020 GMT
* expire date: Aug 7 21:55:12 2020 GMT
* subjectAltName does not match example2.com
* SSL: no alternative certificate subject name matches target host name
'example2.com'
* Closing connection 0
curl: (60) SSL: no alternative certificate subject name matches target host
name 'example2.com'
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
localhost% curl -v https://example1.com
* Trying 1.2.3.4:443...
* Connected to example1.com (1.2.3.4) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using unknown / AEAD-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=example1.com
* start date: May 9 21:55:12 2020 GMT
* expire date: Aug 7 21:55:12 2020 GMT
* subjectAltName: host "example1.com" matched cert's "example1.com"
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: example1.com
> User-Agent: curl/7.70.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Connection: keep-alive
< Content-Length: 0
< Content-Type: text/html
< Date: Wed, 27 May 2020 12:56:31 GMT
< Last-Modified: Sun, 10 May 2020 20:14:27 GMT
<
* Connection #0 to host example1.com left intact
About pf max-src-conn-rate
Another question about pf.
Perhaps I don't fully understand how connection rate is calculated.
The following line in /etc/pf.conf:
pass in log inet proto tcp to any port { smtp smtps } synproxy state \
(max-src-conn-rate 5/30, overload flush global)
Shouldn't avoid this happen?
In /var/log/maillog
May 27 10:55:05 server smtpd[30272]: 1a931fba4746f485 smtp connected
address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
May 27 10:55:06 server smtpd[30272]: 1a931fba4746f485 smtp failed-command
command="RCPT TO:" result="550 Invalid recipient:
"
May 27 10:55:06 server smtpd[30272]: 1a931fba4746f485 smtp disconnected
reason=disconnect
May 27 10:55:06 server smtpd[30272]: 1a931fbbc5c841e4 smtp connected
address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
May 27 10:55:06 server smtpd[30272]: 1a931fbbc5c841e4 smtp failed-command
command="RCPT TO:" result="550 Invalid recipient:
"
May 27 10:55:07 server smtpd[30272]: 1a931fbbc5c841e4 smtp disconnected
reason=disconnect
May 27 10:55:07 server smtpd[30272]: 1a931fbc9f586ee6 smtp connected
address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
May 27 10:55:07 server smtpd[30272]: 1a931fbc9f586ee6 smtp failed-command
command="RCPT TO:" result="550 Invalid recipient:
"
May 27 10:55:07 server smtpd[30272]: 1a931fbc9f586ee6 smtp disconnected
reason=disconnect
May 27 10:55:07 server smtpd[30272]: 1a931fbdf6b23f59 smtp connected
address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
[...] Complete here with 311 entries with the same time interval.
May 27 10:59:11 server smtpd[30272]: 1a9320f8f8726fab smtp disconnected
reason=disconnect
May 27 10:59:11 server smtpd[30272]: 1a9320f9e3e281ab smtp connected
address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
May 27 10:59:11 server smtpd[30272]: 1a9320f9e3e281ab smtp failed-command
command="RCPT TO:" result="550 Invalid recipient:
"
May 27 10:59:12 server smtpd[30272]: 1a9320f9e3e281ab smtp disconnected
reason=disconnect
May 27 10:59:12 server smtpd[30272]: 1a9320fa851b3e31 smtp connected
address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
May 27 10:59:12 server smtpd[30272]: 1a9320fa851b3e31 smtp failed-command
command="RCPT TO:" result="550 Invalid recipient:
"
May 27 10:59:12 server smtpd[30272]: 1a9320fa851b3e31 smtp disconnected
reason=disconnect
May 27 10:59:13 server smtpd[30272]: 1a9320fbe3f04434 smtp connected
address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
May 27 10:59:13 server smtpd[30272]: 1a9320fbe3f04434 smtp failed-command
command="RCPT TO:" result="550 Invalid recipient:
"
May 27 10:59:13 server smtpd[30272]: 1a9320fbe3f04434 smtp disconnected
reason=disconnect
May 27 10:59:13 server smtpd[30272]: 1a9320fc4f172f88 smtp connected
address=192.119.68.113 host=hwsrv-733438.hostwindsdns.com
May 27 10:59:14 server smtpd[30272]: 1a9320fc4f172f88 smtp failed-command
command="RCPT TO:" result="550 Invalid recipient:
"
--
A total of *323* connections from the same IP at less than a 1/4 second
interval during more than four minutes.
Liksys pci wireless card
Hello, I tried to setup my Linksys WLAN (Ralink RT2560) as access point with mediaopt hostap nwid mynwid wpakey mywpakey inet 192.168.2.1 255.255.255.0 When I ifconfig ral0, I got status: no network. Did I missing something to make it work or this card cannot config as hostap ? any idea ? Thanks. Clarence
Re: sysctl for meltdown and mds mitigations
On 2020-05-27, Elias Carter wrote: > I will look at doing some profiling to figure out what the routing > bottleneck is instead of going off a hunch. The good news is we have dt(4) now so profiling got a bit easier to deal with. See https://marc.info/?l=openbsd-bugs=158583371404603=2 for quick information about using it with btrace(8) to produce nice flamegraphs to get a picture.
Re: Liksys pci wireless card
On Wed, May 27, 2020 at 08:09:29AM +, man Chan wrote: > Hello, > I tried to setup my Linksys WLAN (Ralink RT2560) as access point with > > mediaopt hostap > nwid mynwid wpakey mywpakey > inet 192.168.2.1 255.255.255.0 > > When I ifconfig ral0, I got status: no network. Did I missing something to > make it work or this card cannot config as hostap ? any idea ? > > Thanks. > > Clarence > > > Try setting the channel explicitly: mediaopt hostap mode 11g chan 1 nwid mynwid wpakey mywpakey inet 192.168.2.1 255.255.255.0 This avoids an automatic search for a channel to use. The interface will not come up before a channel is set.
Re: rc.conf.local sorted?
On Wed, May 27, 2020 at 1:16 AM Antoine Jacoutot wrote: > > On Tue, May 26, 2020 at 05:16:44PM +0200, Why 42? The lists account. wrote: > > > > On Mon, May 25, 2020 at 04:51:51PM +0200, Antoine Jacoutot wrote: > > > > ... > > > > It looks as if the file has been sorted e.g. > > > Did you use rcctl(8) ? > > > > Hi Antoine, > > > > You are correct, that does it. I checked the history and after the > > upgrade I had run rcctl to enable sensorsd. Just tested it again and > > running an rcctl enable or disable command causes all the lines of > > /etc/rc.conf.local to be alphabetically sorted. > > > > That seems like a defect to me, what do you think? > > That's what you get when mixing helper tools and manuals edits. > They can work together but only up to a certain point... and in this case, > comments don't fly. > As long as everything works functionnaly, then I'd say we're good and can live > with it. I think it warrants a short note in the manpage of rcctl or rc.conf though. Although I have personally not had this happen to me, I did not expect the behaviour and would have been equally surprised.
