multi-path routing, ifstated, nat issue

2015-05-30 Thread Brad DeMorrow 
Hi all

I'm hoping someone will help me understand and resolve an issue I'm
experiencing while trying to do outbound load-balancing.

Here is the set up:
I have 3 WAN connections:
 -em0 (192.168.10.1) is LAN interface.
 -em1 (192.168.130.10) (gateway: 192.168.130.1) is satellite interface.
 -em2 (192.168.140.10) (gateway: 192.168.140.1) is wifi interface.
 -em3 (192.168.120.10) (gateway: 192.168.120.1) is cellular interface.

I've got multi-path routing working on the gateway.
I can start a ping on the gateway and drop any connection and it will just
switch to another one that's up.  It's great.
I need to be able to do the same thing for a PC behind the gateway, but I
cannot seem to make that happen.
I'm following http://openbsd.das.ufsc.br/faq/pf/pools.html, the bottom
guide for setting up load balancing outgoing traffic.

My test is pretty simple:


Start ifstated in debug mode with *only* em0 and em3 online.
--
$ sudo ifstated -d
initial state: auto
changing state to auto
running /usr/local/bin/unmetered > /dev/null
changing state to cellular-only
running pfctl -a optimal_route -F rules
rules cleared
running echo "pass in on em0 from (em0:network) route-to (em3
192.168.120.1)" | pfctl -a optimal_route -f -
started

Start pinging from the lan PC behind the gateway and monitor the external
gateway machines for icmp packets with tcpdump.
The em3 logs show these:
21:24:23.547251 192.168.140.10 > resolver2.opendns.com: icmp: echo request
21:24:23.564112 resolver2.opendns.com > 192.168.140.10: icmp: echo reply
And we are good.

--
Then turn on em2.

ifstated logs:
changing state to auto
running /usr/local/bin/unmetered > /dev/null
changing state to cellular-and-wifi
running pfctl -a optimal_route -F rules
rules cleared
running echo "pass in on em0 from (em0:network) route-to { (em2
192.168.140.1), (em3 192.168.120.1) } round-robin" | pfctl -a optimal_route
-f -

Now both em2 and em3 are available.  Traffic is still pinging through the
em3 interface, which is fine - I would expect that.


--
Then turn OFF em3.

ifstated logs:
changing state to auto
running /usr/local/bin/unmetered > /dev/null
changing state to wifi-only
running pfctl -a optimal_route -F rules
rules cleared
running echo "pass in on em0 from em0:network route-to (em2 192.168.140.1)"
| pfctl -a optimal_route -f -


Now here's where the problem comes.
When I turn off the em3 interface, pings do in fact start going through the
em2 interface.

Here is the tcpdump from the gateway on the em3 interface before it went
down:
21:37:17.958682 192.168.140.10 > resolver2.opendns.com: icmp: echo request
21:37:17.978438 resolver2.opendns.com > 192.168.140.10: icmp: echo reply

Here is the tcpdump from the gateway on the em2 interface after em3 went
down:
21:37:19.530809 192.168.140.10 > resolver2.opendns.com: icmp: echo request
21:37:20.541179 192.168.140.10 > resolver2.opendns.com: icmp: echo request


As you can see, it started routing traffic out em2, but for whatever reason
it's still trying to NAT the traffic to my em3 interface instead of the em2
interface - which makes the packets not reach the pc behind the gateway.

If I stop the ping session and start it again without  making any changes,
it now goes through the em3 and things seem to be working fine.

I'm assuming that I'm doing something ignorant, but I'm not entirely sure
where to look.
Do you have any ideas?

---
/etc/pf.conf
---
lan_net= "192.168.10.0/24"
int_if="em0"
sat_if="em1"
wif_if="em2"
cel_if="em3"

sat_gw="192.168.130.1"
wif_gw="192.168.140.1"
cel_gw="192.168.120.1"

tcp_services="{ 22, 113 }"
icmp_types="echoreq"

#Options
set block-policy return
#set loginterface egress
set skip on lo


#Block everything by default
block

#FTP Proxy
anchor "ftp-proxy/*"
pass in quick on $int_if inet proto tcp to any port ftp \
divert-to 127.0.0.1 port 8021

#NATs
match out on $wif_if from $lan_net nat-to ($wif_if)
match out on $sat_if from $lan_net nat-to ($sat_if)
match out on $cel_if from $lan_net nat-to ($cel_if)

#Allow all lan traffic
pass out on $int_if to $lan_net

#Allow from lan to gateway
pass in quick on $int_if from $lan_net to $int_if

#Dynamically load the rules that dictate which route we take.
#Influenced by ifstated
anchor optimal_route

#do our filtering inbound from the lan.
#allow all outbound
pass out on $sat_if
pass out on $wif_if
pass out on $cel_if


#If an IP is from neighbor router networks, send it back through that
interface.
#pass out on { $sat_if $cel_if } from $wif_if route-to ($wif_if $wif_gw)
#pass out on { $wif_if $cel_if } from $sat_if route-to ($sat_if $sat_gw)
#pass out on { $sat_if $wif_if } from $cel_if route-to ($cel_if $cel_gw)
pass out on { $sat_if $cel_if } from ($wif_if:network) rou

How to route squid traffic over a particular interface transparently

2015-06-05 Thread Brad DeMorrow 
I'm currently running squid on my gateway - working well.
I've got the standard couple of lines that they recommend putting into
pf.conf

pass in quick on inet proto tcp from 192.0.2.0/24 to port www divert-to
127.0.0.1 port 3129
pass out quick inet from 192.0.2.0/24 divert-reply


My situation is that I need to route traffic coming from different sources
out different WAN ports..
I'm not sure how to approach this - does anyone have any suggestions?

Any tips appreciated.

Thanks.

Hard Lock on Lenovo Thinkpad T60(Video Related - radeon)

2011-05-05 Thread Brad DeMorrow 
Just loaded current (as of 2011-05-03) onto my new(to me) T60 and am
very pleased with how well openbsd runs on it.

I ran into a problem when I started scorched3d.
The machine became unresponsive(Couldn't drop back to console, acpi
power off did not function, and the audio it started to play began
looping repeatedly).

I'd like to help troubleshoot my problem, as I assume other people may
be experiencing the same issue - but to be honest I'm not sure how to
go about troubleshooting such an issue.  I am assuming it's related to
the 3d acceleration, because I had been using the laptop for several
other tasks(I compiled a lot of ports including most of gnome) without
any hiccups whatsoever.

My card is a Radeon Mobility X1300 - and judging from the man page, I
believe it should be well supported and even have 3d acceleration.

Below is my dmesg, please let me know if there is any other
information I could provide that would be useful.
PS: It looks like  my dmesg is also indicating an issue with wpi
firmware as well - although I haven't had any problems using it.


OpenBSD 4.9-current (GENERIC.MP) #104: Sun May  1 13:54:25 MDT 2011
t...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz ("GenuineIntel" 686-class) 2 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM
real mem  = 2145775616 (2046MB)
avail mem = 2100494336 (2003MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 03/21/11, BIOS32 rev. 0 @
0xfd6b0, SMBIOS rev. 2.4 @ 0xe0010 (68 entries)
bios0: vendor LENOVO version "79ETE7WW (2.27 )" date 03/21/2011
bios0: LENOVO 2007GCU
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT ECDT TCPA APIC MCFG HPET SLIC BOOT SSDT
SSDT SSDT SSDT
acpi0: wakeup devices LID_(S3) SLPB(S3) LURT(S3) DURT(S3) EXP0(S4)
EXP1(S4) EXP2(S4) EXP3(S4) PCI1(S4) USB0(S3) USB1(S3) USB2(S3)
USB7(S3) HDEF(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiec0 at acpi0
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 166MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz ("GenuineIntel" 686-class) 2 GHz
cpu1: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 2, remapped to apid 1
acpimcfg0 at acpi0 addr 0xf000, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (AGP_)
acpiprt2 at acpi0: bus 2 (EXP0)
acpiprt3 at acpi0: bus 3 (EXP1)
acpiprt4 at acpi0: bus 4 (EXP2)
acpiprt5 at acpi0: bus 12 (EXP3)
acpiprt6 at acpi0: bus 21 (PCI1)
acpicpu0 at acpi0: C3, C2, C1, PSS
acpicpu1 at acpi0: C3, C2, C1, PSS
acpipwrres0 at acpi0: PUBS
acpitz0 at acpi0: critical temperature 127 degC
acpitz1 at acpi0: critical temperature 99 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpibat0 at acpi0: BAT0 model "42T4511" serial 22159 type LION oem "SANYO"
acpibat1 at acpi0: BAT1 not present
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0
acpidock0 at acpi0: GDCK not docked (0)
bios0: ROM list: 0xc/0xfe00 0xd/0x1000 0xd1000/0x1000
0xdc000/0x4000! 0xe/0x1!
cpu0: Enhanced SpeedStep 1995 MHz: speeds: 2000, 1667, 1333, 1000 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82945GM Host" rev 0x03
ppb0 at pci0 dev 1 function 0 "Intel 82945GM PCIE" rev 0x03: apic 1 int 16
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Radeon Mobility X1300 M52-64" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
radeondrm0 at vga1: apic 1 int 16
drm0 at radeondrm0
azalia0 at pci0 dev 27 function 0 "Intel 82801GB HD Audio" rev 0x02:
apic 1 int 17
azalia0: codecs: Analog Devices AD1981HD, Conexant/0x2bfa, using
Analog Devices AD1981HD
audio0 at azalia0
ppb1 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x02: apic 1 int 20
pci2 at ppb1 bus 2
em0 at pci2 dev 0 function 0 "Intel PRO/1000MT (82573L)" rev 0x00:
apic 1 int 16, address 00:15:58:c3:cb:9f
ppb2 at pci0 dev 28 function 1 "Intel 82801GB PCIE" rev 0x02: apic 1 int 21
pci3 at ppb2 bus 3
wpi0 at pci3 dev 0 function 0 "Intel PRO/Wireless 3945ABG" rev 0x02:
apic 1 int 17, MoW1, address 00:1b:77:06:82:ef
ppb3 at pci0 dev 28 function 2 "Intel 82801GB PCIE" rev 0x02: apic 1 int 22
pci4 at ppb3 bus 4
ppb4 at pci0 dev 28 function 3 "Intel 82801GB PCIE" rev 0x02: apic 1 int 23
pci5 at ppb4 bus 12
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x02: apic 1 int 16
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x02: apic 1 int 17
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB"

Extra key-presses in X

2010-04-04 Thread Brad DeMorrow 
t pcppi0: 
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
biomask efed netmask efed ttymask 
mtrr: Pentium Pro MTRR support
wi0 at pcmcia0 function 0 "TOSHIBA, Wireless LAN Card, Version 01.01" port
0xd000/64
wi0: Firmware 8.10 variant 1, address 00:02:2d:82:42:63
softraid0 at root
root on wd0a swap on wd0b dump on wd0b

-- 
Brad DeMorrow

---
Blogging is enjoyable, especially when people click on an ad and make me $$$
http://bdemorrow.blogspot.com
---

Re: Extra key-presses in X

2010-04-04 Thread Brad DeMorrow 
No, it isn't the autorepeat feature causing issues... I did 'xset -r'
and did some more typing to be sure.

Its not like I'm holding down a key for too long, its just when I type
at a relatively fast speed that the problem happens.

Any other ideas though?

On 4/4/10, Anthony J. Bentley  wrote:
> On Sun, Apr 04, 2010 at 07:35:45AM -0500, Brad DeMorrow wrote:
>> I have an interesting problem with my laptop...
>> When I start X, a lot of the keys that I press are duplicated.. ex, if I
>> type 'ls' in xterm for example - I will most of the time get 'lls'
>> instead..
>> It appears to only happen when the keys that I press overlap... when I
>> start
>> typing at any decent rate..
>> Issue doesn't happen when not running X.
> xset -r?
>
> Anthony J. Bentley
>


--
Brad DeMorrow

---
Blogging is enjoyable, especially when people click on an ad and make me $$$
http://bdemorrow.blogspot.com
---

Inside Out Networks Edgeport USB Serial Adapters

2009-12-14 Thread Brad DeMorrow 
Hello all.

I was wondering if anyone has worked on or is working a driver for the USB
Serial Adapters made by the company Inside Out Networks called Edgeports?

I see the device(s) listed under /usr/src/sys/dev/usb/usbdevs file, but I
see no reference to them anywhere else...

I'd like to attempt to get this device working under openbsd if it's
possible, and was looking into what it would take to do so - I just wanted
to make sure that nobody else was doing the same thing so as not to
duplicate work.


P.S. If anyone is willing and has the time, could you please contact me
off-list about potentially being a sort of 'mentor' while I try to get this
device working?  I've read through some of the similar device drivers
(uticom, uchcom, ex..), but truth be told I'd feel better off if somone else
could provide some sort of guidance..

P.P.S I couldn't find support for the device in freebsd or netbsd, but linux
appears to have a driver for it.  The device also requires firmware be sent
to it for it to work, which appears to be GPL licensed from the manufacturer
- is this a problem?

Thank you all.
--Brad

Re: Inside Out Networks Edgeport USB Serial Adapters

2009-12-14 Thread Brad DeMorrow 
I could have qualified the product(s) I am talking about better, I'm sorry.

The device that I am referring to is
http://www.digi.com/products/usb/edgeport.jsp

There are several variations of the product, but the ones that I am
interested in are the Edgeport/2+2i and the Edgeport/8 devices..
The first one listed as follows from openbsd -current (It detects nothing
really..)

ugen0 at uhub2 port 2 "Inside Out Networks Edgeport/2+2i" rev 1.00/1.00 addr
3

Again - Thank you all for your time.

--Brad

Re: Inside Out Networks Edgeport USB Serial Adapters

2009-12-16 Thread Brad DeMorrow 
Hey guys, I need a bit of help if you don't mind.

I've been trying to hack up a basic driver to communicate with my Edgeport
device..
It started out decent enough, I got a new driver I named uep(for no
particular reason besides it looked available) to attach to my device just
fine..
So at this time I have an extremely simple driver with just these
functions..
-uep_match
-uep_attach
-uep_detach

..

Anyway, to get to my point, I read about lkm and thought man that sure would
be nice if I didn't have to reboot my machine every time I make a change to
my sources...

Anyway, I was getting
modload: entry point _uep_lkmentry not found in uep.o

every time I tried to load my module, and I thought for sure I was doing
something stupid, but it turns out that even the examples inside
/usr/share/lkm give the same error when I try to load them.

I can't find very much documentation on this, so I was hoping someone could
point me in the right direction..

FYI - I am of course running -current kernel and userland(as of maybe 2 days
ago).

Thanks,

Re: Inside Out Networks Edgeport USB Serial Adapters

2009-12-29 Thread Brad DeMorrow 
On Mon, Dec 14, 2009 at 9:05 PM, Theo de Raadt wrote:

>
>
> I don't know what that site means either.  Get it working, and get back
> to us.
>
>
Hey all, I ran into a snag I haven't been able to take care of yet while
trying to get a driver made for my edgeport device.
I am hoping for some guidance, so I'll do my best to post what I've read and
done to make it easier to help me.(Plus I don't want anyone thinking I am
posting here blindly without some extensive code and google reading)...

I haven't been able to get my hands on any documentation for the device.
I've tried to contact the author of the linux driver, but he said he didn't
have any documentation and he only worked on the older models that didn't
have the TI chipset.. So I attempted to contact the other names listed in
the sources in the linux driver, but nobody else responded...

To make a long story somewhat short, here is a link to the sources I have
been looking at while trying to write my OpenBSD driver:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=drivers/usb/serial/io_ti.c;h=d4cc0f7af400d0133653e4e0515b25a131e2a37f;hb=HEAD

Here is a link to my main file uep.c:
http://pastebin.ca/1730689

Here is a link to uep.h:
http://pastebin.ca/1730690

Here is a link to a dmesg after connecting my device and attaching my new
driver:
http://pastebin.ca/1730693

I've added a section to the files.usb file in /usr/src/sys/dev/usb for my
new driver as follows:
# Inside Out Edgeport
deviceuep
attachuep at uhub
filedev/usb/uep.cuep

I do not know for a fact this is correct, I may be wanting to use ucom(I'm
hoping I can) later..

To finally get to my problem.. I am trying to read the manufacturing
information off of the device.. but every time I call usbd_do_request I get
error 11 returned back to me meaning 'NO POWER'..

I don't quite understand why I'm getting this message.. The other devices
I've looked at don't do anything special before trying to read memory from
the device, nor does the linux driver as far as I can tell.
I've been reading uberry.c, umsm.c, and uvideo.c trying to find out the
order in which the usbd_* functions are called, but it doesn't appear that I
am doing anything special or different in my driver that would make it not
work..

furthermore.. I've read through the usbd_do_request_flags_pipe function
inside usbdi.c, and I can't see anywhere in the function where it returns
USBD_NO_POWER.. so I am confused as to why i'm getting that message.. the
only function that has a possibility of returning NO_POWER as far as I can
tell is the usbd_set_config_index function.

I hope this email has provided enough correct information to allow someone
smarter than myself to tell me what I am not doing correctly..

If there's anything that I left off, please let me know and I will get
whatever information is necessary.

Thank you all for your time, I appreciate it.

Thinkpad T420

2011-04-22 Thread Brad DeMorrow 
Anyone running one of these?
About to order one, was curious if I'm going to have to do any hacking
to get openbsd to play nicely with it...
Search of misc didn't return much, neither did a google..

Thanks in advance.