Re: Counting traffic of one host through an OpenBSD computer
On Thu, Jun 17, 2021 at 10:53 PM Ibsen S Ripsbusker wrote: > > My great and good friends, > > I want to know how much network traffic a Windows computer is > responsible for. The Windows computer is connected to a switch, > the switch is connected to a router running OpenBSD, and the router is > connected eventually to the internet service provider. > > Windows -- Switch OpenBSD ISP > Other computers --/ > > How can I find out how many bytes this Windows computer sent or received > through the router within some time period? > > I'm concerned only about communication with the internet, not > communication between Windows and "other computers", so it suffices > to count all bytes passing through the OpenBSD computer that originate > from or are destined for the Windows computer. I think this simple match rule in /etc/pf.conf does exactly what you need: match out on egress from $windows_host label windows Replace $windows_host with the local IP number of that host or set it in a pf macro. This labels all the traffic matching the pattern. You can look at the statistics using pfctl: # pfctl -s labels windows 11 212902 261910228 174124 259893752 38778 2016476 0 Obviously some scripting and cronjob required if you want this automated in a nice format. man pfctl and pf.conf for more information
mime type not set correctly for webpage
"I'm trying to get rainloop PHP webmail setup on a mail server using
OpenBSD 6.9 httpd
I have the webserver configured however the browser shows the mime
type is not correct for the css style sheet.
>From Firefox console,
"The stylesheet
https://mail.shopnet.com/rainloop/rainloop/v/1.16.0/static/css/app.min.css?standard
was not loaded because its MIME type, “text/html”, is not “text/css”.
I included system mime file types in httpd.conf file as below.
Any pointers are appreciated.
thanks
# $OpenBSD: httpd.conf,v 1.20 2018/06/13 15:08:24 reyk Exp $
types { include "/usr/share/misc/mime.types" }
server "mail.shopnet.com" {
listen on * port 80
location "/.well-known/acme-challenge/*" {
root "/acme"
request strip 2
}
location * {
block return 302 "https://$HTTP_HOST$REQUEST_URI";
}
}
server "mail.shopnet.com" {
listen on * tls port 443
tls {
certificate "/etc/ssl/mail.shopnet.com.fullchain.pem"
key "/etc/ssl/private/mail.shopnet.com.key"
}
location "/pub/*" {
directory auto index
}
location "/.well-known/acme-challenge/*" {
root "/acme"
request strip 2
}
location "/rainloop/*" {
fastcgi param SCRIPT_FILENAME "/htdocs/rainloop/index.php"
fastcgi socket "/run/php-fpm.sock"
# directory index "index.php"
}
# Value below is 25MB in bytes. 1MB = 1048576 bytes
connection max request body 26214400
location "/data*" {
block return 403
}
location "/rainloop/*.php*" {
fastcgi socket "/run/php-fpm.sock"
}
}
Re: Machine age and OpenBSD - Thinkpad R51e
Wow, thanks for all the great responses. I actually found a 2011-ish HP Notebook I had lying around. I cleaned it, new thermal paste and have it running now. The only real issue I am seeing is that the Wifi card is an Atheros (athn0) and while it does connect, I seem to be getting sporadic connection drops. I then have to restart the networking to reset it :(. I tried to put a different wifi card I had lying around in (intel I think), and my BIOS wouldn't accept it. In any case, I will work to get this up and running! Thank you! Il Gio 17 Giu 2021, 7:04 AM Jan Stary ha scritto: > On Jun 15 20:14:14, tomvet...@gmail.com wrote: > > I was looking to get a laptop to run OpenBSD. The one I am looking at in > > particular is the Thinkpad R51e (2005). I like this particular model > > because it does not come with any extra hardware that OpenBSD does not > > support in the first place (bluetooth, camera, etc.) > > Every camera on every Thinkpad I have seen in the last years > was supported by OpenBSD's video(1); meaning raw frames > - you will need ffmpeg for the mjpeg stream. > > > My main concern is the > > longevity that this model would have going forward. I already have a '94 > > You can get a Thinkpad that is 20 years younger for peanuts. > > > Thinkpad that cannot run the latest OpenBSD well because hardware support > > was gradually dropped during code cleanups, etc (i.e. newer versions of > X11 > > removed support for my ancient graphics chip because it just wasn't worth > > the time to maintain the code). > > On Jun 15 21:39:48, n...@holland-consulting.net wrote: > > But the machine you are looking at is 16 years old. Odds are, OpenBSD > > will support that machine longer than you will find the machine useful > > Exactly. As far as this January, OpenBSD ran just fine on my R52 > https://github.com/janstary/dmesg/blob/master/thinkpad-R52.20210123 > but I got rid of it anyway, for reasons others have described here. > > > (assuming it is usable on OpenBSD now. If it is filled with nvidia hw, > > game over). Sounds like it's a fairly limited machine -- with expansion, > > MAYBE just barely enough RAM to run a modern browser, but probably not > > pleasantly. Make sure it's a SATA machine, not an IDE (IDE laptop > > drives are getting hard to find) and make sure you got enough RAM, > > upgrading it might be expensive. I doubt this is going to be a > > long-term machine for you. > > > > And for what it is worth, I have a machine a few years newer than yours > > that I've owned and dual-booted for well over ten years...except that > even > > though it's specs are "sufficient" for what I might want to do with > Windows > > on it, Windows 10 no longer supports the video hw it has. OpenBSD still > > does. Surprise. > > Heh, that's actualy a stable source of Thinkpads for me: > win users get rid of it as it cannot run their win version, > but the machine itself is just fine. > > > Although OpenBSD doesn't support bluetooth, it doesn't get in the > > way of anything. > > Removing the BT card seems to save a bit of battery life. > > > On X220 and maybe others if you particularly don't > > want to have the hardware, you could just remove the daughtercard > > that runs it (some people do this anyway to gain an additional USB > > interface); maybe swap the wifi interface too, as some of them are > > combined wifi+BT. > > Yes; but some Thinkpads' BIOSes contain a whitelist of sanctioned wifi > cards, and will not boot with other cards. So sometimes you are kinda > stuck with the original one, unless you find the exact compatibility > list and get a supported card. Typically, I end up replacing a Broadcom > wifi/bt card with one whitelisted iwn(4) or another. > > Jan > >
Re: Counting traffic of one host through an OpenBSD computer
On Thu, Jun 17, 2021 at 3:01 PM Ibsen S Ripsbusker wrote: > I want to know how much network traffic a Windows computer is > responsible for. The Windows computer is connected to a switch, > the switch is connected to a router running OpenBSD, and the router is > connected eventually to the internet service provider. > > Windows -- Switch OpenBSD ISP > Other computers --/ > > How can I find out how many bytes this Windows computer sent or received > through the router within some time period? > > I'm concerned only about communication with the internet, not > communication between Windows and "other computers", so it suffices > to count all bytes passing through the OpenBSD computer that originate > from or are destined for the Windows computer. If you didn't set up something ahead of time to capture this, you likely can't. Ideally you'd want to export IPFIX/NetFlow data from your switch or router and report on this data.
Counting traffic of one host through an OpenBSD computer
My great and good friends, I want to know how much network traffic a Windows computer is responsible for. The Windows computer is connected to a switch, the switch is connected to a router running OpenBSD, and the router is connected eventually to the internet service provider. Windows -- Switch OpenBSD ISP Other computers --/ How can I find out how many bytes this Windows computer sent or received through the router within some time period? I'm concerned only about communication with the internet, not communication between Windows and "other computers", so it suffices to count all bytes passing through the OpenBSD computer that originate from or are destined for the Windows computer. I avail myself of this opportunity to renew to you the assurances of my highest consideration. Ibsen S Ripsbusker
Re: Color emojis
On Thu, Jun 17, 2021 at 07:30:15AM -, Stuart Henderson wrote: > On 2021-06-17, Francisco Fuentes wrote: > > I have a little issue with my system (OpenBSD 6.9 amd64 with XFCE) and > > that is that emojis aren't showing. I read fonts-conf(5) and created > > with some help one for my own configuration but I haven't had luck so > > far. I installed Noto Emoji font and the powerline ones from packages > > but it didn't cause any effect. > > > > I need to be able to see emojis across the system, some people tend to > > think that I wanna see them only on Firefox and they suggest stuff to do > > in a specific system but I need to i.e. see color emojis in the terminal. > > > > What else do I need to check or is there some kind of incompatibility? > > > > Thanks > > > > > > You will need a terminal that can use fallback fonts, and you'll need > to configure it to use the fonts you want in the priority order you > want. XTerm doesn't allow this. > > You can try at least rxvt-unicode, st, kitty, the various VTE-based > terminals (including gnome-terminal and many others). Some are > configured directly, some use fontconfig for it. I haven't tried using > them for emoji but have had success with fallback for various unicode > symbols and scripts that aren't supported by my usual font. > > There are some terminals that support emojis internally and can display some stuff like rxvt-unicode but they use their own font and don't look really well. I'd like to have the same experience as I have in XFCE in Manjaro. -- ~ffuentes at texto-plano dot] xyz
Re: An OpenBSD Consumer Gateway Launc
Am 11.06.21 16:15 schrieb fern.tje...@aiyja.com: > Hi, > > I am Nan Mel, the marketing director of Aiyja and Etheria group of companies, > nice to meet you all. All of us in the company would like to say a big thank > you! > > We have launched Ayos HCS, (...) >From the homepage: "Ayos uses BSD as its base, so it is naturally hardened, but then we add sprinkles on top to help harden it more." Just out of curiosity: what are these sprinkles?
Re: Machine age and OpenBSD - Thinkpad R51e
On Jun 15 20:14:14, tomvet...@gmail.com wrote: > I was looking to get a laptop to run OpenBSD. The one I am looking at in > particular is the Thinkpad R51e (2005). I like this particular model > because it does not come with any extra hardware that OpenBSD does not > support in the first place (bluetooth, camera, etc.) Every camera on every Thinkpad I have seen in the last years was supported by OpenBSD's video(1); meaning raw frames - you will need ffmpeg for the mjpeg stream. > My main concern is the > longevity that this model would have going forward. I already have a '94 You can get a Thinkpad that is 20 years younger for peanuts. > Thinkpad that cannot run the latest OpenBSD well because hardware support > was gradually dropped during code cleanups, etc (i.e. newer versions of X11 > removed support for my ancient graphics chip because it just wasn't worth > the time to maintain the code). On Jun 15 21:39:48, n...@holland-consulting.net wrote: > But the machine you are looking at is 16 years old. Odds are, OpenBSD > will support that machine longer than you will find the machine useful Exactly. As far as this January, OpenBSD ran just fine on my R52 https://github.com/janstary/dmesg/blob/master/thinkpad-R52.20210123 but I got rid of it anyway, for reasons others have described here. > (assuming it is usable on OpenBSD now. If it is filled with nvidia hw, > game over). Sounds like it's a fairly limited machine -- with expansion, > MAYBE just barely enough RAM to run a modern browser, but probably not > pleasantly. Make sure it's a SATA machine, not an IDE (IDE laptop > drives are getting hard to find) and make sure you got enough RAM, > upgrading it might be expensive. I doubt this is going to be a > long-term machine for you. > > And for what it is worth, I have a machine a few years newer than yours > that I've owned and dual-booted for well over ten years...except that even > though it's specs are "sufficient" for what I might want to do with Windows > on it, Windows 10 no longer supports the video hw it has. OpenBSD still > does. Surprise. Heh, that's actualy a stable source of Thinkpads for me: win users get rid of it as it cannot run their win version, but the machine itself is just fine. > Although OpenBSD doesn't support bluetooth, it doesn't get in the > way of anything. Removing the BT card seems to save a bit of battery life. > On X220 and maybe others if you particularly don't > want to have the hardware, you could just remove the daughtercard > that runs it (some people do this anyway to gain an additional USB > interface); maybe swap the wifi interface too, as some of them are > combined wifi+BT. Yes; but some Thinkpads' BIOSes contain a whitelist of sanctioned wifi cards, and will not boot with other cards. So sometimes you are kinda stuck with the original one, unless you find the exact compatibility list and get a supported card. Typically, I end up replacing a Broadcom wifi/bt card with one whitelisted iwn(4) or another. Jan
Re: Prometheus on OpenBSD - does it work?
On 2021-06-15, Claudio Jeker wrote: > On Tue, Jun 15, 2021 at 04:24:08PM +0200, Julien Pivotto wrote: >> Hello, >> >> I am a Prometheus maintainer and we have received a bug regarding >> Prometheus - prometheus would no longer work on OpenBSD since we >> introduced MMAP: >> >> https://github.com/prometheus/prometheus/issues/8877 >> https://github.com/prometheus/prometheus/issues/8799 >> >> I would like to know if the facts here are accurate and, on the >> opposite, if there are happy openbsd users of Prometheus 2.19+. >> >> I see that Prometheus 2.24 is packaged upstream, so I guess there are >> users. Can you please interact with us so we can better understand the >> situation at play. >> > > Unlike other OS OpenBSD does not automatically sync between mmap-ed memory > of a file with any write() to the same file (OpenBSD has no unified > cache). It requries use of msync(2) to make sure that mappings are > properly updated. The other option is to ensure that i/o is all done through mmap and not use file access at all. For openldap/lmdb we deal with this by enforcing setting MDB_WRITEMAP (based on a suggestion from Howard Chu); there are trade-offs "This is faster and uses fewer mallocs, but loses protection from application bugs like wild pointer writes and other bad updates into the database. Incompatible with nested transactions. Do not mix processes with and without MDB_WRITEMAP on the same environment. This can defeat durability mdb_env_sync etc)." Some other software (dovecot, sqlite) wants to use mmap but has alternative code; where we have noticed this we disable use of mmap. Cyrus imapd had problems with this too, I'm not sure where they ended up, that was handled 10+ years ago. > While prometheus works, it also does not. It is quite likely this is the case for some other software in ports. Adding syncs feels a bit problematic to me. It's what is needed when mixing file/mmap on OpenBSD, but is very difficult to ensure every case is handled, especially in the face of changing code, and the problems from missing them simply don't show up on most other OS. But there is not an alternative without coherent mmap/file access (not *necessarily* UBC, though that's a common way to do it).
Re: Color emojis
On 2021-06-17, Francisco Fuentes wrote: > I have a little issue with my system (OpenBSD 6.9 amd64 with XFCE) and > that is that emojis aren't showing. I read fonts-conf(5) and created > with some help one for my own configuration but I haven't had luck so > far. I installed Noto Emoji font and the powerline ones from packages > but it didn't cause any effect. > > I need to be able to see emojis across the system, some people tend to > think that I wanna see them only on Firefox and they suggest stuff to do > in a specific system but I need to i.e. see color emojis in the terminal. > > What else do I need to check or is there some kind of incompatibility? > > Thanks > > You will need a terminal that can use fallback fonts, and you'll need to configure it to use the fonts you want in the priority order you want. XTerm doesn't allow this. You can try at least rxvt-unicode, st, kitty, the various VTE-based terminals (including gnome-terminal and many others). Some are configured directly, some use fontconfig for it. I haven't tried using them for emoji but have had success with fallback for various unicode symbols and scripts that aren't supported by my usual font.
Re: Color emojis
Am 17.06.21 09:06 schrieb Michael Hekeler: > Am 17.06.21 00:28 schrieb Francisco Fuentes: > > (...) > > I need to be able to see emojis across the system, > > (...) > > Excuse me. > But what are these color emojis that you "need to be able to see across > the system"? > Oh - ha ha... A quick google'ing showed me the emoji. I was reading an article about monitoring some oracle stuff before and so my mind was locked in thoughts of such... - Sorry for the noise!
Re: Color emojis
Am 17.06.21 00:28 schrieb Francisco Fuentes: > (...) > I need to be able to see emojis across the system, > (...) Excuse me. But what are these color emojis that you "need to be able to see across the system"?
