Re: duo core mac mini, bluetooth keyboard?
On Thu, Sep 03, 2009 at 12:42:03AM -0400, Jeff Quast wrote: does a usb keyboard work in GENERIC on intel duo core mac mini? or is it still necessary to pair a bluetooth keyboard in osx before starting the install? 4.4 or 4.5 snapshots would not detected due to USB problems, but I can happily report that a 4.6 snapshot worked perfectly fine. I haven't seen the installer in quite a while, have been doing upgrades all this time--kudos, the improvements are quite pleasant!
duo core mac mini, bluetooth keyboard?
does a usb keyboard work in GENERIC on intel duo core mac mini? or is it still necessary to pair a bluetooth keyboard in osx before starting the install?
Re: IPSec tunnel problem
On Sat, Feb 23, 2008 at 05:47:18PM +0200, Alexey Vatchenko wrote: Hi guys! I'm trying to configure IPSec tunnel between home gateway and office gateway. Home gateway has dynamic IP, office gateway has static IP. The problem is when home gateway establishes IPSec tunnel with office gateway, computers from office network cannot connect to office gateway (but they still can get Internet through the gateway). Here is what i do: Office network: 192.168.0.0/24 ipsec.conf: ike passive esp from 192.168.0.0/24 to any local egress dstid [EMAIL PROTECTED] psk xxx Home ipsec.conf: ike dynamic esp from any to 192.168.0.0/24 peer OFFICE_EXTERNAL_IP srcid [EMAIL PROTECTED] psk xxx So, please, shed some light on what i do wrong. you need to declare a bypass flow on the side of the network where the router, presumably on 192.168.0.0/24 requires communication to the local network segment also on 192.168.0.0/24. It is probobly trying to send this across the tunneled wire, which won't reach its destination. Create a bypass for flows from 192.168 to 192.168, like so: flow esp from 192.168.0.0/24 to 192.168.0.0/24 type bypass
Re: Using CVS to back up /etc
Currently I back up /etc on these machines using variants on rsync and rsnapshot, and it works OK. However, I've got it into my head to shift to using CVS to back up /etc on these machines. Advantages I think I see: http://www.infrastructures.org/papers/bootstrap/bootstrap.html might help in your research, i have not yet seein it mentioned here
Re: mc problem under 4.2
On Tue, Nov 27, 2007 at 08:02:46PM +0100, Bambero wrote: Hello I have a strange problem with mc (MidnightCommander). After install OpenBSD 4.2 mc doesn't work properly. fresh install or upgrade from say, 4.1? When i type: mc I have to wait 5 min to see the Midnight Commander. After comannd it hangs and it's ready to work after 5 minutes. It doesnt matter I use bsd or bsd.mp kernel. It doesn't matter which terminal I use. I tried to instal mc using ports but it won't help. You built mc from source? used a binary package? stale package from before the upgrade? This feels like a dns resolution issue, maybe a missing entry in /etc/hosts if you just did an upgrade, maybe you blew away your hosts or resolv.conf ? I don't use mc, but doesn't it do some sort of ftp or remote file transfer, and may like to know its' hostname/address? Does it maybe take long to ping $(hostname)? you can use ktrace(1) to examine what mc is busy waiting for from the system, if thats the case.
Re: confused on openssl....
On Thu, Nov 22, 2007 at 06:58:11PM -0800, badeguruji wrote: Hello all, I am sorry to ask this dumb question here. but after going thru several web-pages. i am not able to figure start with mapages, man 8 ssl where should i build my base directories to start creating certificates for CA and http/imap server? ssl(8) says: The certificates reside in the /etc/ssl directory, with the keys in the /etc/ssl/private directory.
Re: uvm_fault crash on fresh 4.2
On Nov 12, 2007 7:25 PM, Nick Guenther [EMAIL PROTECTED] wrote: I just installed an old compaq desktop that I intend to use as a Stopped at pmap_enter+0xaf:movl0(%edx,%eax,4),%eax ddb trace pmap_enter(d69c7a2c, 1c022000, 2353000,5,20,1c027000,da433ea4,0) at pmap_enter+0xaf uvm_fault(d687875c,1c023000,0,1,da3efea0) at uvm_fault+0xd0c trap() at trap+0x269 every fault i've had in the area of pmap on i386 has been due to bad ram, at least 6 or more times in my experience with garbage resecued machines.
Re: Non-x86
On 10/26/07, Matthew Szudzik [EMAIL PROTECTED] wrote: Where are the choices for non-x86? The only remaining alternative is Sparc. Everything else is either old (macppc) or expensive unsupported (IA64). If anyone is looking for a non-x86 laptop, there aren't many choices. Is there any information about OpenBSD on the following Sparc laptop? http://www.tadpolecomputer.com/products/notebooks/viper.asp ppc ibooks are pretty cheap, but not very upgradeable. You can get most for about $200 USD. ppc powerbooks are nice (cardbus slots, gigabit, better video cards), but more costly. You can also upgrade the cpu in old powerbooks and put big sticks of ram in them (also costly)
Re: About Xen: maybe a reiterative question but ..
On 10/22/07, Nick Guenther [EMAIL PROTECTED] wrote: On 10/22/07, ropers [EMAIL PROTECTED] wrote: On 22/10/2007, carlopmart [EMAIL PROTECTED] wrote: Hi all, I know that time to time somebody do the same question, but I need to know it: is it planned at some point to release a paravirtualized xen kernel for OpenBSD 4.3 or 4.4??? yum It already exists. You can run OpenBSD DomUs (ie. run OpenBSD as a Xen guest**), but AFAIK you still can't run OpenBSD Dom0s (ie. run OpenBSD as a Xen host**). See http://www.ropersonline.com/openbsd/xen/ true But you need at least one Dom0 (which when I last looked into this still could not be OpenBSD) and you can install OpenBSD as a DomU. Only recently using HVM, not paravirtualization So that means that OpenBSD has code in it right now that detects if it's running under Xen and paravirtualizes itself? no I would like to vouch for openbsd working great as a guest, but my guest has crashed a dozen times. However I think this is due to the debian linux dom0 having broken sata code for the controller in use. dom0's dmesg is filled with debug statements from sata related places in the kernel that should never be printed. We're in a messy de-centralized linux development world trying to get a stable dom0 patched together. It sucks. The paravirtualization port appears dead to me. I've tried to keep up on it, but the guy's blog no longer mentions it, his repository is often down, and when it is up the commits do not appear to be very frequent. Also his blog hasn't mentioned it in a year or more. http://hg.recoil.org/openbsd-xen-sys.hg http://anil.recoil.org/blog/
Re: Seeking info for RAID 1 on OpenBSD
On 7/28/07, Lars Noodin [EMAIL PROTECTED] wrote: I have two spare SATA drives on an OpenBSD 4.1 box and would like to set up RAID level 1. I'm a big fan of using the ROOTBACKUP=1 option in /etc/daily, and modifying it to also include /var and /usr . It is documented in the manpage for daily. I prefer this over instant raid1, because you can make a big bobo, and revert to last night. Losing one day's work isn't so bad. Saved me three or four times over the years.
Re: ppp logging - solved?
On 7/27/07, J.D. Bronson [EMAIL PROTECTED] wrote: At 11:34 AM 07/27/2007, you wrote: I'm sorry -- could you clarify, where were you starting ppp before, when it syslogd was not logging? I can't find this in your last email either? You are saying it works fine under rc.local, and fine under hostname.tun0, where else would you start it? the issue is that syslogd comes up AFTER /etc/rc.network is ran so since I am using PPP (via hostname.tun0 to start) ppp does not log. i wanted to ask again because i start ppp from hostname.tun0 without any syslog issues. you don't connect() to syslog or open a channel like a tcp/ip socket. it just kinda throws it. syslogd can catch, it if it wants. probobly the reason for udp over the network my setup is for evdo modem, not pppoe, and im a release behind. thats the only thing i can think of. maybe you missed something. $ cat /etc/hostname.tun0 inet 99.0.0.1 255.255.255.0 99.0.0.2 up !ppp -ddial -nat $ grep -A 2 ppp /etc/syslog.conf !ppp *.* /var/log/ppp $ cat /etc/ppp/ppp.conf default: set log Phase Chat Warning set device /dev/cuaU0 set speed 230400 set dial ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \ \\ AT OK-AT-OK ATE1Q0s7=60 OK \\dATDT\\T TIMEOUT 40 CONNECT set phone #777 set login set authname [EMAIL PROTECTED] set authkey lies set timeout 0 add! default HISADDR add! 192.168.0/24 HISADDR set resolv readonly disable vjcomp deflate add! default HISADDR6 $ uname -a OpenBSD gateway.1984.ws 4.0 GENERIC#1107 i386 $ sudo reboot (time passes, we login after its done rebooting...) $ tail -n 10 /var/log/ppp Jul 15 08:58:54 gateway ppp[14386]: Phase: deflink: login - lcp Jul 15 08:58:54 gateway ppp[14386]: Phase: deflink: lcp - open Jul 15 08:59:01 gateway ppp[14386]: Phase: bundle: Network Jul 15 08:59:01 gateway ppp[14386]: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jul 15 08:59:01 gateway ppp[14386]: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jul 15 08:59:01 gateway ppp[14386]: Error: rt_Set: Cannot add a route with gateway 0.0.0.0 Jul 15 08:59:01 gateway ppp[14386]: Warning: 0.0.0.0/0: Change route failed: errno: No such process Jul 15 08:59:01 gateway ppp[14386]: Warning: ff02:9::/32: Change route failed: errno: Network is unreachable Jul 15 08:59:04 gateway ppp[14386]: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jul 15 08:59:13 gateway last message repeated 3 times $ date Sat Jul 15 09:00:00 EDT 2034 so nobody tells me or asks -- I know the date is wrong, i need a new battery, and sprint routes to reachable machines in the 192.168.0/24 range, i thought it was neat so i checked it out. i show you mine, now you show me yours?
Re: TV tuner that works
On 6/22/07, Diana Eichert [EMAIL PROTECTED] wrote: On Fri, 22 Jun 2007, Timo Schoeler wrote: Hi misc@, surely I checked http://openbsd.org/amd64.html#hardware, but I'd like to know if any of you can really *recommend* a TV tuner card. thanks, Timo I'm using a BT878 based tuner, the video works fine with fxtv. It can pass through the audio to a separate sound card, but I don't have a supported audio chip on the system with the BT878 card. Not a big problem as all I used it for was to verify signal was coming down the cable when I installed cable to a couple more rooms in the house. I've had really great experiences with BT8x8 cards. Well priced, too
Re: About BSD Certification
On 6/11/07, Karsten McMinn [EMAIL PROTECTED] wrote: On 6/10/07, Adam [EMAIL PROTECTED] wrote: That's just as stupid as requiring people have a cert. Lots of people have certs because so many places toss your resume if you don't have MCSE or CCNA listed on it. Just because they have a cert doesn't mean they don't know what they're doing. alot of anti-cert sentiment. borderline misinformation in some cases. I've interviewed folks with and without certs. I don't know why some people insist on arguing that book != cover[1] with regard to certs. silly. here's a couple points for consideration: You lightly touched on it, but there is a very crucial need for this certification that happily employed IT people can't begin to understand. There are many young unemployables who freely code dozens of languages, but work at gas stations because they have a blank resume. I know a very good kernel hacker in Flint, MI who does roofing. I met another C programmer at a small factory where we both made -less- than minimum wage. Some young people live in areas with very high unemployment rates. In these places, it is not so easy to gain even minimal experience under high competition. With a resume that contains no related work history or any education, a certification is a cheap way to prove a small amount of equivalent real-world experience to get a foot in the door. I support the BSD certification, and will be recommending it to all students who would like to find work in the field before they graduate (or if they can't afford to graduate). I think we should all be used to the idea that many college students also work full time. An equivalent linux certification, LPI, costs less than a single college course. I have been tracking BSDCG's progress in detail, including their psychometrics, and this may possibly become the best real-world experience equivalency IT certification yet, and set an example for others. They're not trying to make this certification any more than it is, no more than the equivalent of a few months experience. Lastly, though I think it's already been said, If you don't like or need the certification, don't take it. If you think it's equivalency is shit, then don't consider it when making hiring decisions. If neither of these apply, go shit in somebody else's bed. Don't ruin it for those who could really use it.
Re: OT: Michigan BSD user group
On 6/5/07, James Turner [EMAIL PROTECTED] wrote: I was wondering if anyone knows of any BSD user groups located in Michigan? I'm pretty sure the Southeast Michigan group is no longer meeting. Also would anyone in the Detroit/Ann Arbor area be interested in getting a BSD user group started? Feel free to contact me off list if you might be interested. I tried to contact you off-list but your mailserver is rejecting it... I've been interested in starting a Flint area unix users group. I can round up a good handful of people to make it to BUG's in the Detroit area.
Re: support for Sun Fire
On 5/29/07, Stuart Henderson [EMAIL PROTECTED] wrote: an amd64 box boot without it. and hooray: the bios *defaults* to using serial console, so you don't lose access if the CMOS battery dies. other vendors would do well to copy that idea. here, here.
Re: question to Zaurus owners
On 5/25/07, Maxim Belooussov [EMAIL PROTECTED] wrote: Is it indeed possible to run TomTom navigation software on Zaurus? In Linux emulation mode? Linux emulation only works for i386. zaurus is arm.
Re: dual g4 needed for hackathon
On 5/11/07, Mark Kettenis [EMAIL PROTECTED] wrote: On this years hackathon I'd like to hack more on macppc smp support. For obvious reasons I cannot bring my own machine. Is there anyone in the Calgary or Edmonton area that can loan us a dual g4 machine end may/early june? Mark If somebody in the area has any old G4, I have a Dual 533Mhz G4 CPU I can ship from Flint, MI
Re: safe PF start / restart
On 4/11/07, christian johansson [EMAIL PROTECTED] wrote: I had to set up a linux firewall the other day, and I used the iptables script generating program shorewall. While pulling my hair over how ugly the iptables stuff (even via shorewall) is compared to OpenBSDs nice clean PF syntax, I did find one very nice feature in shorewall - safe restart. When safe restarting, shorewall will implement all rules in the iptables config files, then give the user a prompt: keep rules y/n? If 'yes' the rules are kept and everyone is happy. If 'no', iptables are disabled and all traffic let in. If no answer then default to answer 'no' after 60 seconds. Very useful, even if just for the added peace of mind when applying new changes. Is there a ready made script accomplishing this for openbsd / pf? Or any plans of building such functionality? Christian I think I get what you're asking here... like switching monitor resolutions and asking you to confirm that it worked by clicking a button? If you can't see the button, you don't click it, and the old resolution is reverted after 15 seconds. Right? I've done this with pf. I used at(1) like anybody would. You can load a new rule using pfctl -f /etc/pf.conf/new, with an at(1) job to load /etc/pf.conf at 60 seconds. If you want some fancy prompt, wrap it with /bin/sh. Personaly I'd hate to see this as an actual 'feature' anywhere. If everything this trivial was implemented into pfctl I would stop reading manuals top to bottom. You should look at the command prompt like a live programming enviroment. I recommend reading The UNIX Programming Environment by Brian W. Kernighan and Rob Pike.
Re: how to configure bridge interface [WAS: snort any interface]
On 4/9/07, Soner Tari [EMAIL PROTECTED] wrote: My physical interfaces are already configured and have their own IP addresses. I need to assign different IPs to all 3 cards (LAN, WAN1, WAN2). And here is what I run on the command line to create a bridge interface (to use as a pseudo interface on snort command line for monitoring): ifconfig bridge0 create brconfig bridge0 add vr0 add rl0 add nfe0 up Am I not supposed to see the traffic on all of the physical interfaces (vr0, fxp0, nfe0) using tcpdump on bridge0? (I've tried with pf disabled too.) It is my understanding that only one or none may have an IP. Give vr0 or any single iface an ip address. For each other nic, only activate it using 'up': ifconfig vr0 192.168.0.1 netmask 255.255.255.0 up # this is the primary NIC ifconfig rl0 up # this could be what you are missing ifconfig nfe0 up ifconfig bridge0 create brconfig bridge0 add vr0 add rl0 add nfe0 up also maybe ifconfig bridge0 up -- 'up' goes in brconfig or ifconfig or both? Not sure. At this point, if you tcpdump on vr0, you should see the traffic on rl0 and nfe0 as well. Any endpoint can connect to any NIC and see the same 192.168.0.1 address, and reach any other PC connected to any of the other two NIC's. I do this with my router, because the switch ran out of ports :) Perhaps this is not possible at all with bridge intefaces? If so, how do I achieve such a monitoring interface? Any comments please? Does each port on a switch have an IP, for instance? Are you trying to make a transparent bridge? You have three NIC's here, and you seem to have to need of an IP address.. ? You should be able to assign no IP at all to vr0, and accomplish a transparent bridge without pf involved, where as you can split a cable in half, crimp each end, put them into each NIC, and you can see everything inbetween. pf can start to block at this point. I know nothing at all about the Snorter... Does it need to bind to an IP? It shouldn't.
Re: Problem on installing new packages
On 3/26/07, Lawrence Teo [EMAIL PROTECTED] wrote: PKG_PATH=ftp://ftp.it.net.au/mirrors/OpenBSD/4.0/packages/amd64 \ pkg_add -v nano-1.2.5.tgz Make sure to add a trailing / PKG_PATH=ftp://ftp.it.net.au/mirrors/OpenBSD/4.0/packages/amd64/ \ pkg_add -v nano-1.2.5.tgz This has gotten me more than once, documented in pkg_add(1) Since a few URL schemes contain colons, pkg_add relies on each directory ending in a / to split the path correctly.
umsm(4) SprintPCS users -- Merlin PC720 anyone?
I've been happily using a umsm(4) sierra wireless aircard 580[1]. It literally took less than 5 minutes to get this card moving in OpenBSD with the ppp.conf example in umsm(4). Highly recommend this card, its about $60 on ebay these days. EVDO rev a was deployed to my area, and I was happy with the sierra model (though not ecstatic over the latency), so I purchased a 'Sierra wireless aircard 595' [2]. Somebody reported success in linux[3] with this card, and umsm(4) listed this device as a maybe. I forked out the $262, and Unfortunately this was not the 5-minute success story as I had hoped for. Although it attached to ucom0, if I used cu -l /dev/cuaU0 -s 230400, I was not able to input an at (and receive OK, such as on the 580). I wondered if the 168Mhz laptop I was using it with was too old (pcmcia type II? what? it fit...), so I built a fresh 1.2Ghz i386 and used a pci-pcmcia card with similar deadlock serial. This also failed the same way on macppc. There is a 30 day return limit on these, so I've re-activated the 580 (effectively disabling the new card) and returned this product. So my question: I am using sprintpcs as my provider. Can anybody report success with the 'Merlin PC720' [4]? 1. http://www.sierrawireless.com/product/ac580.aspx 2. http://www.sierrawireless.com/product/ac595.aspx 3. http://www.pbandjelly.org/2006/12/sierra-wireless-aircard-595-configuration-sprintpcs/ 4. http://www.novatelwireless.com/products/merlin/merlin-pc720.html Thanks, jdq
Re: zaurus bootstrapping
On 3/23/07, Theo de Raadt [EMAIL PROTECTED] wrote: zaurus is quite brittle and depends on some of the stuff on the disk. I really don't agree. That was mostly in the past. These days I always install a zaurus without any Linux on the drive. That linux stuff is not neccessary anymore. This is good to hear, with only a few gb, it'll be nice to take back the ~500mb the linux filesystem is holding on my device. Also, if I understand correctly, the HD can be blown away completely (or even removed), and we can still boot linux off the embedded flash?
Re: compile faster?
On 3/21/07, chuckr [EMAIL PROTECTED] wrote: I am going into doing a bit of compiling on my Zaurus. I have both a Linux and a FreeBSD server, both pretty fast Intel boxes, sitting right besides them, and in fact, all of my source directories (sources for /usr/src and /usr/ports) are remotely mounted from my FreeBSD box (sept is my Zaurus, april my FreeBSD, and june my Linux box). What am I getting on about? Well, compilation, as I now do it, ssh'd into sept from april (the FreeBSD box). Is there anything that anyone else is doing, that they're actually gotten to work? I'm wondering about doing maybe a cross-compiler. I'm not sure about the spec of the floating point work, you need to get that precisely right. If anyone is doing this successfukky, I sure would like to hear a report about it. It takes me about 2 days to do a /usr/src build. Shouldn't take two days. NFS mount your /usr/src and /usr/obj and it will go much faster. The CF card is something like 5MB/s on mine. Don't cross compile, you'll spend more time finding bugs that were snuck in than you will have saved. Buy a more powerful arm computer, like a Thecus :)
usb0: root hub problem error=13 on macppc -current
Here is a diff of dmesg's between snapshot when I compile my own kernel for -current (yes, my clock is off by a year): 1c1 [ using 364116 bytes of bsd ELF symbol table ] --- [ using 364200 bytes of bsd ELF symbol table ] 8,9c8,9 OpenBSD 4.1 (GENERIC) #1209: Sat Mar 10 19:12:02 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC --- OpenBSD 4.1-current (GENERIC) #2: Sun Sep 17 09:16:52 EDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC 67,77c67 ohci0 at pci1 dev 24 function 0 Apple USB rev 0x00: irq 27, version 1.0 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: Apple OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered ohci1 at pci1 dev 25 function 0 Apple USB rev 0x00: irq 28, version 1.0 usb1 at ohci1: USB revision 1.0 uhub1 at usb1 uhub1: Apple OHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered cardslot0 at cbb0 slot 0 flags 0 --- ohci0 at pci1 dev 24 function 0 Apple USB rev 0x00: irq 27ohci1 at pci1 dev 25 function 0 Apple USB rev 0x00: irq 28cardslot0 at cbb0 slot 0 flags 0 79a70,75 , version 1.0 usb0 at ohci0: USB revision 1.0 usb0: root hub problem, error=13 , version 1.0 usb1 at ohci1: USB revision 1.0 usb1: root hub problem, error=13 86,105c82 uhub2 at uhub1 port 1 uhub2: Mitsumi Electric Hub in Apple Extended USB Keyboard, rev 1.10/4.20, addr 2 uhub2: 3 ports with 2 removable, bus powered uhidev0 at uhub2 port 1 configuration 1 interface 0 uhidev0: Mitsumi Electric Apple Optical USB Mouse, rev 1.10/1.10, addr 3, iclass 3/1 ums0 at uhidev0: 4 buttons and Z dir. wsmouse0 at ums0 mux 0 uftdi0 at uhub2 port 2 uftdi0: FTDI USB - Serial, rev 1.10/4.00, addr 4 ucom0 at uftdi0 portno 1 uhidev1 at uhub2 port 3 configuration 1 interface 0 uhidev1: Mitsumi Electric Apple Extended USB Keyboard, rev 1.10/4.20, addr 5, iclass 3/1 ukbd0 at uhidev1: 8 modifier keys, 6 key codes wskbd0 at ukbd0: console keyboard, using wsdisplay0 uhidev2 at uhub2 port 3 configuration 1 interface 1 uhidev2: Mitsumi Electric Apple Extended USB Keyboard, rev 1.10/4.20, addr 5, iclass 3/0 uhidev2: 3 report ids uhid0 at uhidev2 reportid 2: input=1, output=0, feature=0 uhid1 at uhidev2 reportid 3: input=3, output=0, feature=0 bootpath: '/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/bsd' --- bootpath: '/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/bsd.new' 109d85 Here is what I've done on of a fresh install from CD, then an upgrade to snapshot: cd /usr cvs -d [EMAIL PROTECTED]:/cvs co src cd /usr/src/sys/arch/macppc/config config GENERIC cd ../compile/GENERIC make depend make bsd cp bsd /bsd.new from openfirmware: boot hd:,ofwboot /bsd.new What am I doing something wrong? Why does my usb bork out when I compile my own kernel? I've also removed the cbb0 card with no luck. This is a G4 Power Mac Digital Audio. Full dmesg: [ using 364116 bytes of bsd ELF symbol table ] console out [ATY,Rage128Pd]console in [keyboard] USB found : memaddr b400 size 400, : consaddr b6008000, : ioaddr b002, size 2: memtag 8000, iotag 8000: width 640 linebytes 768 height 480 depth 8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2007 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.1 (GENERIC) #1209: Sat Mar 10 19:12:02 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 268435456 (262144K) avail mem = 234254336 (228764K) using 1254 buffers containing 13418496 bytes (13104K) of memory mainbus0 (root): model PowerMac3,4 cpu0 at mainbus0: 7400 (Revision 0x209): 466 MHz: 1MB backside cache memc0 at mainbus0: uni-n ki2c0 at memc0 offset 0xf8001000 iic0 at ki2c0 mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 Apple Uni-N2 AGP rev 0x00 vgafb0 at pci0 dev 16 function 0 ATI Rage Fury rev 0x00, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x0 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 Apple Uni-N2 Host rev 0x00 re0 at pci1 dev 18 function 0 Realtek 8169 rev 0x10: RTL8169S (0x0400), irq 52, address 00:09:5b:bd:c0:a7 rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 0 cbb0 at pci1 dev 21 function 0 Ricoh 5C475 CardBus rev 0x81: irq 58 macobio0 at pci1 dev 23 function 0 Apple Keylargo rev 0x03 openpic0 at macobio0 offset 0x4: version 0x4614 macgpio0 at macobio0 offset 0x50 macgpio1 at macgpio0 irq 47 programmer-switch at macgpio0 not configured gpio5 at macgpio0 not configured gpio6 at macgpio0 not configured gpio11 at macgpio0 not configured extint-gpio15 at macgpio0 not configured extint-gpio16 at macgpio0 not configured escc-legacy at macobio0 offset 0x12000 not configured zsc0 at macobio0 offset 0x13000: irq 22,50 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1
Re: usb0: root hub problem error=13 on macppc -current
On 3/18/07, Jeff Quast [EMAIL PROTECTED] wrote: Here is what I've done on of a fresh install from CD, then an upgrade to snapshot: cd /usr cvs -d [EMAIL PROTECTED]:/cvs co src What am I doing something wrong? Why does my usb bork out when I compile my own kernel? I've also removed the cbb0 card with no luck. My apologizes, this has been resolved with: cd /usr/src cvs up -Pd of about 100 files patched, one of them was ohci.c. After rebuild, this has been fixed. ?? Sorry for the noise!
Re: Slightly OT: i386 Sound Card Recommendation
On 3/16/07, JT Croteau [EMAIL PROTECTED] wrote: I need to add a sound card to my OpenBSD desktop box for basic audio playback from .mp3's and cd's and to do some basic recording. What would be a good PCI based card to go with? ess(4)'s have always treated me well.
Re: server crash: ccd + fsck - data loss?
On 3/12/07, Sebastian Rother [EMAIL PROTECTED] wrote: Hello everybody, I`ve a ccd wich contains sensetiv data. The Server crashed for technical reasons. After it booted up again it told me to do a fsck. I did and the data is gone now. I think I shouldn`t have done it is there ANY way to restore this file? I didn`t exspected that the fsck would be responseable for any dataloss so does somebody know a method to restore this big file? Came home and my X windows was frozen? This never happens. Tried to ssh in and it seems dead. So I reboot, and fsck. Hundreds of errors... fix 'em all! Programs begin segfaulting, another reboot, another fsck, hundreds of more errors for fsck to fix. fsck segaults! sh segfaults! Kernel panics! It was bad ram. Replaced it. Booted bsd.rd, mounted the partitions, tar xp'd from a recent tape backup and was back in business in less than 1 hour. Story is, fsck corrupted my data. Each pass corrupted more and more data. Massive data loss! Lesson is, with a tape backup I was back in business in less than an hour. On 3/12/07, Sebastian Rother [EMAIL PROTECTED] wrote: And I forgot to say: It`s a private Server but even privat can have some value sometimes (and it was too big to backup. bigger HDDs are planed to replace the CCD (later..)). Maybe instead of buying bigger disks you should look into a backup solution. Or does somebody know a extraction methode to reassemble the file? You can restore these by using hexedit on the raw disk. http://archives.neohapsis.com/archives/openbsd/2005-01/1717.html If you can see it with hexdump, you can probobly go out of your way with a calculator to use dd with offsets etc. hexedit is user friendly though.
Re: OpenBSD speed on desktops
On 2/17/07, R. Fumione [EMAIL PROTECTED] wrote: Hello, I am using OpenBSD on server since few years now, and I am very happy with it's easy maintenance and it's stability. I want to try on desktop, and I am having trouble. Everything is much slower than existing Linux system. For example, Firefox takes 3-5 seconds to start on Linux but ~10 seconds on OpenBSD on same machine! I tried compiler optimizations but those didn't help. Any suggestions? Please cc replies to me also as I am not on misc. Thanks. Fumione (Note: please do not tell me change to lighter window manager. I would like to use same environment or stay with Linux. Thanks.) You can just stay with linux. Really, we won't mind. Take care, jdq
Re: nullconsole?
On 1/17/07, Joachim Schipper [EMAIL PROTECTED] wrote: On Wed, Jan 17, 2007 at 06:32:33PM +0800, Lars Hansson wrote: If the WRAP is using console redirection this wont help. there is no such thing, as wrap is headless anyway. Why not? If you set the system console device to some non-existent com1, as you state above, and disable most everything in /etc/ttys, wouldn't you be able to make sure the system doesn't use the vga port? Joachim there is no vga port on the wrap http://www.pcengines.ch
Re: openbsd3.9 i386 generic kernel crash
On 1/10/07, Marcos Laufer [EMAIL PROTECTED] wrote: Hello, I had strange crash twice in 30 minutes today on a server running OpenBSD 3.9 stable with generic kernel. The machine rebooted inmediately, and i am not locally on the datacenter I have no clue on where too look at. Any ideas? man crash
Re: nice book about code auditing
On 12/20/06, Otto Moerbeek [EMAIL PROTECTED] wrote: Hi, Every once in a while the question how can I learn how to audit software comes up here. I just received The Art of Software Security Assesment by Mark Dowd et. al. I ordered it because another OpenBSd developer recommended it. Browsing through it it really seems a nice book. So I think I can recommend it to anybody wanting to learn code auditing. -Otto I just recieved this book yesterday myself. I've only thumbed through it, but this is the best book on the subject out there. It's been placed on the top of my stack and will probobly stay there. Highly recommended.
Re: Unconfigure Raid
On 11/17/06, Julian Labuschagne [EMAIL PROTECTED] wrote: Hi everyone I created a Raid setup on OpenBSD 4.0 And it worked fine... 2 disks striped together... But now I want to add 2 more disks to the array but it seems I cant because I already gave the Raid device a serial number. raidframe does not have the ability to grow columns of a raid level 0. For a redundant raid level such as 5, you can use raidctl -a to add disks as hot spares. This still would not grow the size, it just gives raidframe some extra spares for reconstruction. raidctl -I 2006111501 Can I undo the previous command? You could re-label them with the serial number it used to be. That would 'undo' this much. What did you do? Is your raid unusable? Did you break it with -I, and now you want it back? And is it really necessary to fill all the drives with zero's again? Examle: dd if=/dev/zero of=/dev/rwd1c bs=1024000 dd if=/dev/zero of=/dev/rwd2c bs=1024000 dd if=/dev/zero of=/dev/rwd3c bs=1024000 dd if=/dev/zero of=/dev/rwd4c bs=1024000 Well now you're really not getting it back.. This is my first time I have worked with Raidframe so I'm still a bit confused... But the man page is slowly starting to make sense after each read. I highly recommend that if you use raid for redundancy, take out some drives and do some pretend failure runs. Recovering from a failure is a bad time to learn how to use raidctl. Any help would be appreciated. Kind Regards Julian To make it easy: mv /etc/raid0.conf to raid0.conf.disabled, and reboot. This will unconfigure your current raid, if it is configured at all. raidctl -u does this as well but what the hell. Change the number of columns in raid0.conf.disabled from 2 to 4, add the two new disks under the 'START disks' section, rename it to raid0.conf. Configure this raid: raidctl -C /etc/raid0.conf raid0 Give all of the disks a serial number: raidctl -I 123456 raid0 Initialize it: raidctl -iv raid0 Then restore your media onto your new striped raid from backup. This is a stripe raid, expect it completely fail at ANY TIME. I hope this answers your question.
Re: laptop mini-pci wifi card replacement rec.
On 11/17/06, Rick Aliwalas [EMAIL PROTECTED] wrote: broadcom wireless device. It appears that I am able to add a mini-pci card to replace what is already in the laptop (correct me if i'm wrong its been a while since I bought a laptop). I am almost always on a 'b' network so would like to ask the list for recommendations on the most likely to work out of the box / least problematic replacement I use a Netgate mini-pci (2511 MP) in my Soekris and also Netgate PCMCIA card (2511CD PLUS EXT2) in a laptop. Both are 802.11b and both work wonderfully. More costly than the ones at newegg but they just work. See http://www.netgate.com/ I second this. This is the best wifi card I have ever used. I also got mine from netgate. For this type of card (wi(4)), you need to make sure the firmware is 2.5, but not 3.0, or not 2.0, etc. netgate ensures this, other resellers do not always specify this.
Re: java on openbsd
On 11/14/06, Marc Ravensbergen [EMAIL PROTECTED] wrote: I am having a hard time getting java to work on openbsd. I'll bet. difference. I've googled for hours trying to find a solution, but can't seem to fix it. Lucky for you! My google works: http://www.google.com/search?q=openbsd+java I really don't want to download the source for java and compile... I am on dialup so every byte counts. I am sorry for this, as this is a very involved process that requires I agree several times through the build. I beleive it took me two days work on a fast machine on broadband. Only because of Sun's web pages (which are very hard to navigate using lynx, of course). netbsd and got it working through linux emulation as well. I had problems with netbsd so it didn't stick around, but I believe that java on bsd through emulation should be possible; probably just an oversight somwhere on my part. If anybody can give me some tips or tricks I would really appreciate it. I would, but I would just be (poorly) repeating information that developers have painstakingly documented. http://www.openbsd.org/faq/faq8.html#Programming Thanks for your time, Marc If you're just asking for somebody to provide you with a complete binary package of the completed build, then you are asking us to break the law. Sun wants you to build it yourself, so that is what you will have to do. Sorry, but this just sounds like you are complaining. You should really send your grievences to sun, not openbsd misc. OpenBSD can't change Sun's licensing policies -- they can only abide by them. Maybe all of this hoop jumping will make you realize that using this language is a bad career move? jdq
Re: Nintendo Wifi Connector and Nintendo DS (WEP)
On 11/3/06, Sam Fourman Jr. [EMAIL PROTECTED] wrote: I guess i was mistaken , I had thought that the OpenBSD support for armish http://www.openbsd.org/armish.html would also include devices like the Nintendo DS I think the DS is too armmy for armish. Sam Fourman Jr.
Re: dhclient does not get lease after reboot
On 10/25/06, Matt Bettinger [EMAIL PROTECTED] wrote: I can do dhclient xl0 at the console and grab an lease just fine from the cable modem. NOW, if I reboot the machine it will not get an lease. I have to manually do it from the console. The # more /etc/hostname.xl0---outside interface connected to cable modem # more /etc/hostname.xl1 # more /etc/hostname.xl2 /etc/dhclient.conf file exists and all values are commented out so we My /var/log/daemon shows many of these Matt what about: sh -x /etc/netstart xl0 ?
Re: Fast Xorg Performance
On 10/17/06, Karsten McMinn [EMAIL PROTECTED] wrote: I'm trying to figure out what needs to be done in order to get fast 2d xorg (and friends) performance. I term fast as not having to wait for window operations, with most every application and xorg opertation taking no longer than 100ms. if anyone experiences this kind of performance in any xorg environment, please share your hardware/app/config setup and any non-standard xorg config options, thanks ladies and gents. _Karsten Documentation is key! http://dri.freedesktop.org/wiki/CategoryHardwareChipset http://www.xfree86.org/current/manindex4.html It took me about 30 minutes to find a $30 ati card that is well supported. The 9200 looks promising. I was able to find a card based on this series with a dvi port. mga is also promising.
Re: UPS just delivered the 4.0 release CD-set
On 10/13/06, Sideris Michael [EMAIL PROTECTED] wrote: On Fri, Oct 13, 2006 at 02:35:35PM +0200, Joris Van Herzele wrote: It's true this is hardly relevant for a discussion forum, but I hope you will all forgive me ... I just felt the need to voice my joy. We all agree it's great software, but other than that just look at it : The packaging in itself is already enough to put me in a festive mood :) Probably I am missing something here, but, isn't the release date 20061101? If so, why the early shipping? Just out of curiosity. It has always been this way. Nico forgot to add your question in his very short explanation of 'the way it is'. Pressing, Printing, Packaging, Shipping -- these are all done early as necessary to ensure that the pre-ordered CD's arrive BEFORE the release date. So, If the CD's have been printed and packaged earlier than expected and are sitting around in somebody's living room -- why not begin shipping them off? Consequently, Those who make pre-orders are often rewarded specialy, getting the release earlier than those who did not pre-order. This is not WHY, this is just a consequence of good time management. I can't wait to see this post next release, too :) (only because I always enjoy releases)
Re: armish fdisk/disklabel free sectors
Hi Stuart, On 10/13/06, Stuart Henderson [EMAIL PROTECTED] wrote: installing OpenBSD/armish on an n2100 I had to manually fdisk INSTALL.armish in the fdisk section says Write some good explaination here..., so maybe this is known -- but nobody has written a good section for this. (12V 5A made by Seasonic) draws approx 15W (39VA) at idle, 18W (43VA) compiling. (and the soldering's pretty easy). This machine looks really fun though! Thanks for the power stats, too! obio0 at mainbus0 com0 at obio0 addr 0xfe80 intr 28: ns16550a, 16 byte fifo com0: console I don't mind soldering -- but soldering what? Is this for com0? Thanks!!
Re: armish fdisk/disklabel free sectors
On 10/13/06, Stuart Henderson [EMAIL PROTECTED] wrote: On 2006/10/13 16:50, Jeff Quast wrote: On 10/13/06, Stuart Henderson [EMAIL PROTECTED] wrote: installing OpenBSD/armish on an n2100 I had to manually fdisk (12V 5A made by Seasonic) draws approx 15W (39VA) at idle, 18W (43VA) compiling. (and the soldering's pretty easy). This machine looks really fun though! Thanks for the power stats, too! obio0 at mainbus0 com0 at obio0 addr 0xfe80 intr 28: ns16550a, 16 byte fifo com0: console I don't mind soldering -- but soldering what? Is this for com0? yes, you need to attach a .1 2x5-pin header (minus one pin) to the space conveniently located on the drive backplane away from anything that's too easy to damage. you need the serial console to install the OpenBSD boot loader onto flash, or to netboot, but not to actually run it (though it helps). I moved j3 to j4 as well (irq for serial port, info on http://www.debonaras.org/wiki/Info/ThecusN2100 internals page) much nicer for port-building than a zaurus :-) Speaking of zaurus -- any way to get a com0 on this thing? I notice a funny port under a rubber pad on the back of the 3100 -- I don't know of any cable for the port on the back, but my dmesg indicates theres at least one comport logically... Would be nice to plug into a conserver for debugging and bug posts, I've had a few panics... If soldering is required on this zaurus board, count me out! thanks to all involved with porting to this arch... second this! -- Though a few panics, my zaurus is as stable as I imagine a mobile i386 would be under the kind of abuse it gets...
Re: internal modem
On 10/4/06, ivorob [EMAIL PROTECTED] wrote: Dimitry Andric wrote: ivorob wrote: The chance of getting these modems working on any non-Windows platform is almost zero. Please complain to your vendor(s). :) Are you sure? I agree in theory, but I heard about ltmodem project for linux. Your comments ANGER ME May be some ports of this project exist for OpenBSD? What do you think? I think not!!! See the ltmodem webpage http://www.physcip.uni-stuttgart.de/heby/ltmodem/#sources , under Sources(ironic!) unpack ltmodem-8.26a.tar.gz , then unpack source.tar.gz found in this. you will find source/ltmobj.o -- this is the actual driver. a BLOB ( see http://www.openbsd.org/lyrics.html#39 ). The rest is just garbage wrappers. If you have a problem with openbsd not supporting BLOBS, then by all means, use linux!!
Re: RAIDFrame parity rebuild: why so slow?
On 10/3/06, Joerg Zinke [EMAIL PROTECTED] wrote: On Mon, 02 Oct 2006 20:11:36 +0200 nothingness [EMAIL PROTECTED] wrote: Hi all, I've been using RAIDFrame on OpenBSD since 3.1 and in 4 years I've never seen any performance improvement in getting the system to work any faster at rebuilding parity after a hard shutdown. I've tried RAID1, RAID5, SCSI drives, IDE drives, processors from PentiumII 400s to Athlon64 3200+ and it has *always* been ridiculously slow at rebuilding. Just a 9G RAID5 partition takes over 2 hours. A 60G RAID1 takes 11 hours. 11!!! Before flaming me to say, just go and edit the code, it's never been out of beta or whatever, explain why compared to other OSes it's always so slow, even to build the first time around. Linux's code in particular comes to mind. maybe this is one of the reasons why raidframe is not officially supported and not enabled in stable kernel. i think another reason is or that it doubles the size of a kernel for a function 5% of openbsd users use. that the actual raidframe implementation is not the best - citation of a developer: the code is crap... but hey its open source, go, go, go: You really shouldn't speak hearsay when it comes to source code. Its open source, look yourself and make a judgement. It should only take about two minutes to make a basic judement call rewrite it :) i use a 250 gb raid 1 and tooks 3h to rebuild parity on an athlon 2600 (32-bit). regards, joerg If you really hate it so much, ^c it. Its just ensuring your parity. Skip it if you don't like it. I occasionaly do. If you want speed, and not reliability, then skip it and use stripe. This is like complaining fsck_ffs is too slow. Don't complain when data is lost during a power failure because you never bothered to ensure parity (or do not use backups, use battery backups, or just keep trying to use emulated opera with macromedia flash player) I find tests with iozone to prove that a stripe of two 55MB/s disks perform at 110MB/s almost to do the decimal, showing that raidframe does a fantastic job. Raidframe was originaly a simulator. A simulator. It was never meant to be a kernel driver. It is not meant to ensure speed. It is not meant to actualy be used to store real data. You're lucky you have it. You should thank the author for making it a kernel driver. rough parity consitancy check estimates of my own: 4-disk + spare raid5. U160 scsi, 15k rpm drives @ 20GB: ~3 minutes 2-disk raid0. U160 scsi, 15k rpm drives @ 8gb: ~2 minutes or less 3-disk raid5. 1 sata, 2 ide, (desktop-class disks) @ 260GB: ~50 minutes raidframe is a theorm in action. It is old. I'm sure alot of functions (including parity check) could be rewritten to perform much better with modern processor designs in mind. That is your job. If you can't handle it, then spend money on a true hardware raid card. * (Don't get an adaptec onboard like me, or you'll still be using raidframe :) * PS: You're post included no dmesg or patch. You are just complaining. WHAaa :(
Re: Serial control of LCD display
On 10/2/06, Peter Bako [EMAIL PROTECTED] wrote: I am trying to get a CrystalFontz 632 serial display to work with an OpenBSD box. Under Windows I can just connect the display to a com port, run Hyperterminal and send text directly to it, so I assumed that I could just send a data stream to /dev/tty00 under OpenBSD and make it work as well. Unfortunately it is not turning out to be anywhere that simple. So far, neither OS does any more than the other. If I use cu or tip and connect to /dev/tty00 and 19200 then I can send data to the display, but eventually I need to be able to send data to it from a shell script. Any attempt I make to send data to it (such as cat test /dev/tty00) results in an error of sh: Cannot create /dev/tty00: Interrupted system call. I've tried to mess with the stty command to setup the serial port (open it up, set the speed, etc), but no luck, that error always comes up. Can anyone point me to the right direction on this? Thanks, Peter Peter, I would write what you need in C. I can help you along or start you out with ~30 lines to do the job if necessary. It is very simple if you are even just partly familiar with C. After 5 or so lines of initializing the device, its just basic file i/o operations. If you are more comfortable with python or perl, these can probobly handle the job as well. as for being able to use stty, then echo to it, I don't think its possible. Anyone?
Re: overwritten file recovery - how ?
On 10/1/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Sat, Sep 30, 2006 at 07:24:43PM +0200, Bambero wrote: Hello I need to recovery overwritten txt file. Ex. echo my data testfile.txt echo testfile.txt I have partition image file creted using dd. Is it possible to dump it and search using grep for example ? Is it possible to recover overwritten data ? Well, let this teach you about the values of good backups. amrecover (AMANDA) is considerably friendlier than what you're about to go through... (and I can attest to both from personal experience. Ouch.) I only backup my large repositories and media once a month. 29 days of work is worth hunting for. You're quite lucky, though, to have deleted a plain text file. Provided you still know a couple of words, you could search for them. grep -A would work, but be careful to redirect it or it'll mess up your terminal. (I dont see how grep would help here) Tools like TCT (The Coroner's Toolkit, by Wietse Venema c) or The Sleuth Kit (more modern; apparently, Autopsy is something of a GUI for it) could help a lot, if you're desparate. Joachim hexedit works just fine for this purpose imo. http://archives.neohapsis.com/archives/openbsd/2005-01/1717.html It is very safe to use, and free (as in COST, it is probobly gnu, not meeting my own concept of 'free').
Re: webbased authpf ?
On 9/15/06, Joachim Schipper [EMAIL PROTECTED] wrote: It would probably be best to let a daemon or cronjob outside the chroot read it; a socket or even a simple pipe in the chroot is sufficient to signal a daemon, or even send the whole IP address. Of course, this does result in a two-part script, but the seperation is likely to be a good thing from a security standpoint. Joachim This design is mentioned alot. I understand it, and it would probobly be best solution. Does anybody have a simple two-bin C app that communicates over a pipe that functions for this purpose? I suppose I could pull out my richard stevens AUP... I see this recommended alot. So somebody had to actualy sat down and do this at some point. Care to share?
Re: broadcom
On 9/11/06, Tom Bombadil [EMAIL PROTECTED] wrote: mm... I thought it was to save ~500K in the kernel: http://openbsd.org/faq/faq14.html#Optraid Is there any other reason? Cheers (top posting is the suck) Marco Peereboom wrote: RAIDFrame is disabled in GENERIC for a reason you know. http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/raidframe/ it hasn't been updated in 7 years? Bug fixes, reliability improvements, and features have not been ported from greg's -current implementation in netbsd since its initial merge into the tree 7 years ago. It apears as though just enough to get by since then... If its 500k to add to a binary kernel, sit back and think of how many lines of code that amounts to maintaining. Did someone mention the need of merging raidframe, bioctl and friends into one someday? What a beautiful friendship that would be, an all encompassing raidctl for all types of raid, software or hardware
Re: sharing ffs filesystems between NetBSD and OpenBSD
On 9/5/06, Igor Sobrado [EMAIL PROTECTED] wrote: Hello! I am trying to understand an odd behaviour in the Berkeley Fast File System as implemented in both NetBSD and OpenBSD. My main concern [...] Can it be a problem when sharing these drives with non-i386 architectures? Guessing that you are sharing files between big-endian and non-endian machines? You can't do that with ffs. NetBSD apears to have the option FFS_EI. That may help. A quick search indicates that nfs vnd trickery may be required. Good luck.
Re: pf + os detection - How to block a Host if it does a nmap scan?!
On 8/29/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hello everybody, OpenBSDs PF is able to block Packets by the passiv OS fingerprint. For example you can block packets from nmap. I4ve a little problem witht hat: How to block a host if it does/did a nmap-Scan?! I can block the nmap-scan but not automaticly the host because the overload-rule does not know about blocking by OSs. I know of only a means to block nmap scans if used with the -i parameter. It continaully connects to your ident port for each open port discovered to attempt to identify the owner of the service. (Does the webserver run as root?) You could do a 3/30 overload rule on port 113 and add to a table to drop and log. Let them scan, what are you worried about? If you have something you are worried about nmap discovering, blocking an nmap scan isn't going to help. If I were a cracker and scanned your netblock, and your host is the only one that stopped responding half-way through a scan, I would use other means to begin looking at yours immediatly. (Or you may be a winbox I just crashed...) Block drop as a default policy may be better for your needs. It annoys inpatient nmap scanners to give up quickly. nmap is getting quicker at scanning hosts that drop blocked packets, especialy when options are fine-tuned for it. Also by default nmap skips hosts that don't reply to icmp pings. Whatever.
Re: OpenBSD/Networking noobie: home micro-server setup?
On 8/28/06, Joachim Schipper [EMAIL PROTECTED] wrote: Of course, localhost is a very nice place to start a brute-force attack, so choose a good password or just disable password authentication in sshd. After all, you'll want to use a serial cable anyway. I've disabled sshd on my wrap router, and the only secure login is via serial cable. I only login as root on my router, as there is nothing I would do on a router that doesn't require root. Usualy just ifconfig, pfctl, dhclient, etc. I just giggle every time I login to my router -- I have no root password set! *dodges*... its just a home network, whatever. It is convenient, though: sudo tip -38400 tty00crrootcrcrcr If I could only get my Informer[1] to work properly, I might add a local user and use it to ssh out through the router and play nethack or something. A dumb terminal being the only form of login would be ideal :) [1] http://www.ba23.org/page0291.html
Re: pf queue monitoring
On 8/21/06, Lawrence Horvath [EMAIL PROTECTED] wrote: Is there a way to monitor how much traffic is passing through a queue in bps? Im using 'pfctl -s queue -v' but it seems to only show a running total of packets and bits that have passed through it, and i want to be able to see it in bps anyone know of a way to do this? # uname -a OpenBSD localhost.localdomain 3.9 GENERIC.MP#598 i386 thanks -- -Lawrence did you try adding a second -v? pfctl -vvs queue
Re: current kernel cvs up from 3.9
On 8/17/06, Marten [EMAIL PROTECTED] wrote: Hi all I am trying to upgrade to current but building a kernel after cvs up didn't work. Upgrade with snapshots first. # make cc1: error: unrecognized option `-Wstack-larger-than-2047' Am I doing some wrong here? Yea, not reading the faq. http://www.openbsd.org/faq/current.html Always wanting to compile from scratch, its like masturbation, but without the release.
Re: pxeboot
On 8/15/06, Marten [EMAIL PROTECTED] wrote: quote Ethereal showed that only the 1st block of 512 bytes was being sent from the server and being acknowkedged. Block 2 was sent, but never acked. (It didn't acknowledge because it already started booting!) Given that the file pxeboot was 200KB, something was wrong. if you had used tcpdump -Xs 99 you would have seen in the first few packets of the negotiation, the wrap netboot client sent a request for changing the packet length. This was silently ignored by the OpenBSD tftpd, because it is not supported. When the wrap recieved a packet smaller than the packetlength it asked for, it assumed EOF and began executing If i remember right the packetlength for the send buffer on tftpd is implemented as a global variable in netbsd's implementation that is modified by this command from the client. I havn't used it, but from code it looks like it would work for wrap. Netbsd's method is not so easy to port over, as they extended the server/client command framework to something very different (and kindof scary). dump what the wrap is requesting (i beleive the command sent to server is packetlength ?) and hardcode as the sendbuffer in tftpd and recompile for a quick workaround.
Re: Replacing a failed HD in a raidframe array
On 8/4/06, Jason Murray [EMAIL PROTECTED] wrote: I previously had a bit of trouble with my raid array. That is now cleared up and I need to replace one HD of the mirrored set. Never having done this I thought I'd check here to see if there was any advice on HD selection. Natrually the replacement HD will have to be at least the same size as the original. But are there any restrictions on HD geometry? Sector size is all that matters. Must be greater than or equal. The unused space is truncated. I don't beleive the other geometries matter -- except that your partitions must lie on cylinder boundries. Different geometries will mean you will end up wasting a few sectors. Example below. It naively makes sense to me to try match things as closely as possible. Or am I way off base here? You're fine. When I run out of spares i do a lot of research and buy bulk of new disks, and begin transitioning as they die, or more commonly (as i did in example below) just transition my data to a new raid (using backups!!), and use the old disks as spares again. With most raid levels, you're only as efficient as your weakest link, so theres no point in buying an exceptionaly faster disk of the same geometry unless you replace them both. Here is an example of a disk partition of the wrong geometry (sd2 is a spare): raid1 (root)raid2: Component /dev/sd0p being configured at row: 0 col: 0 Row: 0 Column: 0 Num Rows: 1 Num Columns: 4 Version: 2 Serial Number: 20060601 Mod Counter: 964 Clean: Yes Status: 0 raid2: Component /dev/sd1p being configured at row: 0 col: 1 Row: 0 Column: 1 Num Rows: 1 Num Columns: 4 Version: 2 Serial Number: 20060601 Mod Counter: 964 Clean: Yes Status: 0 raid2: Component /dev/sd2p being configured at row: 0 col: 2 Row: 0 Column: 2 Num Rows: 1 Num Columns: 4 Version: 2 Serial Number: 20060601 Mod Counter: 964 Clean: Yes Status: 0 raid2: Component /dev/sd3p being configured at row: 0 col: 3 Row: 0 Column: 3 Num Rows: 1 Num Columns: 4 Version: 2 Serial Number: 20060601 Mod Counter: 964 Clean: Yes Status: 0 WARNING: truncating disk at r 0 c 2 to 17767763 blocks.
Re: firefox 1.5.0.6 for openbsd
On 8/3/06, riwanlky [EMAIL PROTECTED] wrote: hi all, i don't have any experience with how to use source or other *nix tar.gz for openbsd. i need to have firefox 1.5.0.6. do anyone know how do i get the firefox in my openbsd 3.9 thanks, and best regards, riwan The instructions with an example are clearly printed on the insert inside your CD-ROM.
Re: Using dd(1) to duplicate a hard drive
On 8/1/06, Chris Zakelj [EMAIL PROTECTED] wrote: but no luck... I'm hoping to find a faster way to create an image of one drive (a Samsung MP0402H, 40G notebook, to be specific) onto an identical drive than using: Unless you are using this multiple times, I don't think there is anything faster than just doing it. dd really has no overhead... its the most simplest form of read and write. There is no magic behind it. C code to perform this exact task could be written in less than 20 lines. # dd if=/dev/rwd0c of=/dev/rwd1c bs=1m I vaguely recall hearing that placing the drives on separate IDE channels would help It would. considering this (notebook) disk probably does 10MB/s or so, it probably wouldn't, either. If the disk you are copying from is of a native file system, it would be much quicker to just newfs and copy the files and re-execute installboot. presumably your original disk is not 99% full, so you'd be copying a lot of unused data with dd. Anecdotally, When I worked as a tutor, I helped a student achieve an A+ certificate that landed him a job at a computer repair shop. His first day at work, he was given this task. Using one of the manufacturer-supplied floppy tools, he performed this operation... ...except that he got the input and output backwards, zeroing out the customers data and losing his job. Last I knew he was going back to school to work for the telecommunications industry...
Re: Run script on cd insertion
On 8/1/06, andrew fresh [EMAIL PROTECTED] wrote: I am in need the ability to run a script when a cd is inserted. I am not finding any way of getting notified when that happens, so I am asking here. If not, I can just loop cdio info and check for a disk. Is there something that will run a script when I insert a CD? I never checked for CD's, but hotplugd might say something when it is inserted, I know it works for USB disks. If it doesn't, and you write a patch to make it say something, it might be appreciated. Of course, I would never do anything with it. But for headless systems, it might be nice 'feature' for very certain situations. Never mentioned what you need it for..
Re: How to implement PF tables
On 7/30/06, jared r r spiegel [EMAIL PROTECTED] wrote: anywhere you can put a comma, you can also leave it out; pfctl(8) parses the rule the same. -- I had commas give me problems around 3.7. But you're right, it shouldn't give problems anymore.
Re: TI-PCI1130 Cardbus ignored
On 7/25/06, Paul Maurer [EMAIL PROTECTED] wrote: Do these floppy images just not have the right drivers enabled? Do I need to install from the bootable CD? Or will that not work either, because my hardware is unsupported? Let me know if you have any ideas for me to try or need any more information. The shell works fine and I can execute commands, just no netowrk (can transfer data via ext2 floppy). I should note that this particular laptop cannot have the floppy drive and cd drive in at the same time: they use the same atapi slot. In these cases, I recommend removing the hard disk from the laptop, place it in a desktop machine, installing openbsd onto it, and put it back in the laptop. A $5 dongle can be had at most computer shops for plugging in a standard IDE ribbon and a power cable to a laptop hard drive. I can provide a link if needed. I think there are probobly USB carriers for laptop drives as well, though proboboly more expensive than the $5 IDE dongles I know of. Also I think you need somebody to answer wether: Texas Instruments PCI1130 CardBus rev 0x04 is supported in the full GENERIC kernel good luck.
Re: Why ksh?
On 7/23/06, Arnaud Bergeron [EMAIL PROTECTED] wrote: On 7/21/06, Damien Miller [EMAIL PROTECTED] wrote: Pedro TimC3teo wrote: Thanks, but all the solutions presented in that thread can't clear the screen when you're typing something AND keep what you've already typed. Why don't you add support for ^L yourself then? -d There's also the point that ksh does not do multi-line commands like bash does (not a statement of superiority, just a fact) so clearing the screen to have it all to enter a command is pretty useless. sigh... does _nobody_ use vi input mode? you're one letter away in command mode to bring your entire edit buffer into a full fledged and very powerful text editor! Multi-line indeed!! Really, if you're going to use emacs input mode, then you are just asking for a kludgy, confusing, and feature-limited line editor.
Re: looking for clue
On 7/19/06, Peter Philipp [EMAIL PROTECTED] wrote: Hi I'm looking for clue. Does anyone have any? -p too funny!
Re: CD Creation question
On 7/18/06, Rob Baldassano [EMAIL PROTECTED] wrote: So, Is there anyone out there that could provide me with the instructions on how to create a bootable CD from Windows, so that I can boot from the CD, and have the install media on the CD itself as well? You can burn cd39.iso from most any cd burning software in windows. Unfortunately, a brand new $200 version of microsoft windows does not offer this most simple of task by default. (Welcome to 1993) I only know of commercial software that supports this. However, some of these come with free 30 day trials that may meet your needs. I would start at one of those massive shareware sites and start downloading software in the 'cd burning' software category. Hopefully the windows partition you are using to burn the CD is the one you will delete and install OpenBSD over, as it will probably become flooded with privacy-invasive software (ad-ware)...
Re: raidctl on a live raid array, and the kernel debugger
On 7/17/06, Jason Murray [EMAIL PROTECTED] wrote: I've tried, again, to fix my raid array with raidctl -R. I did it on the console port this time so I could capture the output from ddb Here is some output: yay! I then use raidctl -S to monitor the reconstruction. Things go well until the 48% mark. Then I get: wd1d: uncorrectable data error reading fsbn 111722176 of 11722176-111722303 (wd1 bn 114343984; cn 113436 tn 7 sn 55), retrying /wd1: transfer error, downgrading to Ultra-DMA mode 4 wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4 wd1d: uncorrectable data error reading fsbn 111722176 of 111722176-111722303 (wd1 bn 114343984; cn 113436 tn 7 sn 55), retrying wd1d: uncorrectable data error reading fsbn 111722248 of 111722176-111722303 (wd1 bn 114344056; cn 113436 tn 9 sn 1), retrying wd1d: uncorrectable data error reading fsbn 111722248 of 111722176-111722303 (wd1 bn 114344056; cn 113436 tn 9 sn 1) raid0: IO Error. Marking /dev/wd1d as failed. Recon read failed ! panic: RAIDframe error at line 1518 file /usr/src/sys/dev/raidframe/rf_reconstruct.c Stopped at Debugger+0x4: leave In case the output is not clear enough, there is an error reading block numbers 11722176 through 111722303 on wd1. This is not an issue with raidframe. This is an issue with your IDE disk. (or ide controller, etc...) Test the disk thoroughly using badblocks from the e2fstools port and I am sure it will reproduce the exact same console output. and panic, though a different backtrace. That OpenbSD crashes when an ide disk fails to communicate properly is not the fault of OpenBSD, and definitly not raidframe. OpenBSD actualy tried to do you a favor and step down the communication speed ( /wd1: transfer error, downgrading to Ultra-DMA mode 4 ), in case it were the fault of the ide controller or what have you. I think I can easily guess that this is why raidframe marked the disk bad in the first place. You need to replace the disk with a fresh disk of similar or greater geometry size, copy the disklabel onto the new disk, and reconstruct. This is what raid is for. Unfortunatly for you, your raid is both software and ide. This is why the kernel panics.
Re: Which WLAN mini PCI card to use?
On 7/17/06, Melameth, Daniel D. [EMAIL PROTECTED] wrote: Heinrich Rebehn wrote: I want to build a WLAN router using a WRAP board running OpenBSD. I am still unsure which wlan interface to use. I considered the CM9 (ath(4)). Or are there better choices? It appears, at this time, ral is the best choice on OpenBSD. However, Do you know any miniPCI wireless card models that use a ral chipset? I beleive also have some restrictive power requirements as well, from their documentation: J5, J6 miniPCI sockets These sockets implement the miniPCI interface. Please note that the current available from the +5V supply is very limited, and generated very inefficiently (linear regulator from input supply). +5V should be used as a bias voltage only, not to power a wireless radio ! I am not sure exactly what to read from that, I am not an electrical engineer. I have been holding back on purchasing a wifi card for WRAP for a long time. I do not wish to financially support vendors who choose to use the atheros chipset. I would be happy to hear of any non-atheros experiences on WRAP. ( on a side note, it apears the use of linux + windows driver wrappers (madwifi?) on WRAP and soekris is very popular -- the very thought makes me vomit a little bit in my mouth )
Re: PF queueing
On 7/14/06, Bernd Schoeller [EMAIL PROTECTED] wrote: On Thu, Jul 13, 2006 at 08:53:31PM -0400, Jeff Quast wrote: You cannot control the speed at which packets arrive on an interface. Are you sure? I am sure. If it sounds unreasonable, get a live firehose, and see if you can control the amount of water received in your mouth. I don't think your question is entirely clear.. Please note there is also a pf mailing list http://www.benzedrine.cx/mailinglist.html . You state you want to control the download speed on a LAN, implying all incoming and outgoing packets are on this LAN. If this is the case put pf+altq on each machine, and queue outgoing packets. Seems simple enough to me. From the faq: PF will record the queue in the state table entry so that packets traveling back out fxp0 that match the stateful connection will end up in the ssh queue. Note that even though the queue keyword is being used on a rule filtering incoming traffic, the goal is to specify a queue for the corresponding outgoing traffic; the above rule does not queue incoming packets.
Re: PF queueing
On 7/13/06, Der Engel [EMAIL PROTECTED] wrote: Hi! I have try for several days to achieve the following goal with PF but failed repeatedly, have read all the docs also, especially this http://www.openbsd.org/faq/pf/queueing.html The goal is: To be able to set dowload/upload speeds to PC's on the lan, so far i have succed in setting dowload speeds for PC's but no luck with upload. #pass in on $ext_if from $pc to any queue pcout -- I know, wrong ;) You cannot control the speed at which packets arrive on an interface. Think about it. It may not be documented because its pretty much a duh.
Re: Installboot on linux ?
On 7/12/06, Jirtme Loyet [EMAIL PROTECTED] wrote: This an extreme case: It's on a remote server on which I have only access to a rescue linux. So from this linux, I want to create an customm installer, to pack it and install it on the disk so that after reboot openbsd would install itselft automatically. I've find equivalent for many utilities from openbsd to linux but the last operation (install the openbsd bootloader on the image which is localy mounted) need more work. I'll try to use grub instead of the openbsd bootloader and if it's not working, I'll have to port installboot to linux. That's why I was looking for a port for installboot. Not renewing the contract or switching providers, and making their management aware of the reason is a great way to provide awareness of *BSD and the need for their customers to have the choice to use alternate OS's, or something so standard as serial console access. This can help the OpenBSD project in the long run, as indirect as it may be. This is similar to hounding a hardware vendor to provide exact chipset names and revisions of the hardware they try to sell you, and not accepting It is supported in linux as an answer. Sometimes you have to be square with these companies that think they are hip to open source solutions. They're full of smoke. Just my two cents.
Re: raidctl on a live raid array, and the kernel debugger
On 7/11/06, Jason Murray [EMAIL PROTECTED] wrote: Is it standard practice to use raidctl on a raid set while your system is running from that raid set? I'm just curious as to what best practice might be? Last night I booted to a different disk so I could run raidctl -R against the array while it was not being used. That caused a kernel panic and dumped me to a debugger. I think I'm going to need to use it to send information to the list. What is the best way to go about getting output from the kernel debugger to a disk so I don't have to copy it by hand? null modem serial cables are typicaly $6. See http://www.openbsd.org/faq/faq7.html#SerCon you can debug post-reboot if you send 'boot crash' as well. Make sure /var has the room for savecore. Thanks in advance. My first few months with raidframe caused many kernel panics. With 30 minutes of parity checking, this was a difficult learning experience. I was initialy led to beleive that raidframe was hardly stable (and therfor disabled in GENERIC). However, as I gained experience with raidctl and raidframe, and traced the panics to code level, I almost always found the panics were caused by my misuse or misinterpretation of raidctl(8). A small book could probobly be written on the many different situations you can find yourself in with raidframe. I havn't had a kernel panic for a long time, and have had 3 disks fail since on a level 5 raid without issue reconstructing, changing geometry, etc. If memory serves me, I may have reconstructed a mounted raidset, though given the choice, I certainly wouldn't. All in all, I find kernel panics with raidframe is just its way of saying Bad choice of arguments :)
Re: IPv6 kindergarten
On 7/11/06, Peter Philipp [EMAIL PROTECTED] wrote: On Tue, Jul 11, 2006 at 10:22:09AM +0200, Claudio Jeker wrote: As you may realize I'm a big fan of IPv6. I'm sure you're not the only one! ;) Van Hauser is a big fan of ipv6, http://events.ccc.de/congress/2005/fahrplan/events/772.en.html He does a great job of introducing ipv6 at an OS implementation level in a short period of time. Worth a watch if you are unfamiliar with ipv6, but familiar with ipv4.
Re: Installboot on linux ?
On 7/11/06, Nick Guenther [EMAIL PROTECTED] wrote: On 7/11/06, Jirtme Loyet [EMAIL PROTECTED] wrote: Hello, I want to use the installboot (from openbsd) to linux to install a bootstrap on a FFS openbsd disk from linux. Is there an equivalent to installboot on linux? Has this application ever been ported to linux ? I'll port it to linux if nothing as already been done. Pardon? Remember that BSDs use a disklabel(8) while Linux doesn't. I think you might want to read this: ftp://ftp.openbsd.org/pub/OpenBSD/3.9/i386/INSTALL.linux In any case, wouldn't it be simpler to just boot into an OpenBSD install disk and work from there, rather than using installboot(8) from within Linux? -Nick It sounds like you are in an extreme case, such as: A laptop with no floppy disk, a broken cd-rom drive, no network to netboot with, and you are too poor to purchase the hardware necessary to install openbsd in the proper manner. In these very rare cases: dd the floppy image to your swap partition. Point grub or lilo to boot from this partition. Install openbsd over existing linux partition. Otherwise you must be looking for time to waste. As much as I would like to see 500 lines of code wrapped with 20,000 lines of gnu/linux makefile/configure automagic wrappers, I think you could probobly use your programming skills to help the project in more important ways. If you do decide to port it anyway, please make sure to include at least sparc and amd64 support in your port. Looking forward to your sourceforge project page! Keep us updated!
Re: pf + altq syntax check plz
On 7/2/06, S t i n g r a y [EMAIL PROTECTED] wrote: I am configuring altq pf for the first time , have a few problems here .. well i need to traffic shape between diffrent protocols as you can see in my pf.conf now i am stuck confused what to do next as i have built this file with diffrent ref from web. the im is the most common Instant messengers protocoles can you tell me how to make it right ? also when running hte file as it is i get pfctl: SIOCGIFMTU: Device not configured error. what does this mean ? thanks extad=192.168.0.6/32 chadd=10.0.0.6/32 scrub in all altq on extif hfsc bandwidth 500Kb \ altq on $extif hfsc bandwidth 500Kb queue { www, dns, im, mail, other} queue www bandwidth (linkshare 35%) queue dns bandwidth (linkshare 10%) queue im bandwidth (linkshare 25%) queue mail bandwidth (linkshare 10%) queue other hfsc (default) rdr on $intif proto tcp from $intad to any port 80 - $chadd port 8080 nat on $extif inet from $intad - $extad pass out on $extif inet proto { icmp, udp, tcp } keep state regards *B:B$., B8B8,.B$B:*B(B(B(*B$ Stingray *B:B$., B8B8,.B$B:*B(B(*B$ That's your immediate answer for the immediate problem at hand. There is probably a lot more problems. Maybe you should start with priq and cbq first.
Re: ssh login screen blank problem
On 6/27/06, Denny White [EMAIL PROTECTED] wrote: [snip] okay while in xwindows from xterm. But, when I try to ssh in from either obsd box to the windows box from a regular terminal window, I get in, but after that, the screen is blank. Only way to get the terminal window back is to exit [snip] am coming up blank. Just trying to find out if anyone else has encountered this problem what they did to solve it. I have this problem with a freebsd shell provider. I fixed it intermidently by starting screen before sshing out. This filters out the garbage they output to my display. Explicitly exporting TERM as vt220 or wsvt25 before you ssh to the box may help as well. It didn't for me. My best guess is the cgywin box has one of those super-cool-eleet colored bash prompts. touch ~/.hushlogin and set PS1=$ in the winbox .profile. Setting PS1=$ and .hushlogin did not work for me, I requested the shell provider to add an if statement in the global profile to honor .hushlogin before printing out the stupid ansi colored news/motd/whatever it was they were doing. Had another box running FreeBSD 5.4 with identical ttys set up and was able to login to the windows box from a terminal window okay. Thanks for any help. As Stuart pointed out, the term code is different. Denny White jdq
Fwd: lightweight openbsd
On 6/25/06, Josh Tolley [EMAIL PROTECTED] wrote: On 6/24/06, Rogier Krieger [EMAIL PROTECTED] wrote: If you want to install to a 128M CF, I suppose you're limiting yourself to base39.tgz, etc39.tgz and a few bytes or spare space. I wonder whether flashdist (as is rather popular on Soekris devices) would be an easier tool for you. Citing Google for flashdist OpenBSD: http://www.nmedia.net/~chris/soekris/ My limited experience has taught me that by default, flashdist not only removes things you probably won't run on the firewall/NAT boxes for which it is intended (such as httpd, presumably), but also removes some stuff that would be very nice for general system administration. If memory serves, this includes things like passwd(1) and cron(8). In other words, pay some attention to what flashdist includes and excludes should you choose to use it. All that said, it was quite simple to use, and certainly fast. The fact that the boxes I was setting up when I used flashdist would have benefited more from careful and considered installation than from fast installation was a lesson I learned later, and not a shortcoming of flashdist ;) -Josh I second that. I re-burned about 10 times as I ran into the most simple of utilities that I needed. I've reworked flashdist.sh quite a bit since and use an exclusive re list, such as '/usr/lib/*.a', instead of an inclusive list. Also simplified it to use an overlay/ directory to copy over the target media when finished with base sets, instead of the complications of propriatary etc/files hard-coded in script I think what I'm getting at is its easier to *identify what you do Not need*, than to try to remember everything that you do need. exclusive not inclusive. I have a feeling the first poster does not understand 90% of the software in base. Just do a ls -sR | sort -nr or whatever and start from the bottom, reading manual pages.
Re: cruxports for OpenBSD
On 6/18/06, Han Boetes [EMAIL PROTECTED] wrote: Nick Guenther wrote: You are angry, understandably. Why do you assume I am angry? I am not. Don't you know how uncivil it is to make assumptions on other peoples emotions? You've put a lot of work into your system and now you're being told it's useless. I don't care if he thinks that. On the other hand, realize that no one asked you in the first place, you provided your list voluntarily (without even being prompted by a single 'so?'). No one asked you to defend your opinion. False, he just asked me to explain again what I just had explained. Anyway, you should care why Joachim doesn't like it because he is a developer so probably has good insights about OpenBSD-related things. If he says what you're making is missing things that pkg_* already has then he is probably correct. Thanks for telling what I should care about, I really appreciate it. I don't care if he likes pkg_* better for his usage, that's entirely up to him. I just showed people what I use and like, to offer them an alternative. Anyone is free to take it or leave it. Joachim was very civil in his message, and gave each of your points a fair evaluation. He was not civil, he asked me to explain again what I had already explained. And his personal evaluation is personal yet he makes it look like he speaks for the rest of the world, which is also not civil. What if he had taken your completely new ports system as an insult to all the work that has been done on pkg_*? Anybody can take anything as an insult. That's their business. I bet for instance you take my reply as an insult, while in reality I merely point out how uncivil it is what you wrote. Lack of uncivil words do not make something civilized. You should realize this. Thank you for telling me what to realize. I really appreciate it. # Han you're an ass.
Re: Hifn policy on documentation
On 6/15/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Oh well ... I have to admit that I find it quite amusing how some people that do restrict access to documentation are the same that do take advantage of other people's free documentation ... http://marc.theaimsgroup.com/?l=openssl-usersm=114832209207203w=2 Oh ... wait ... no. I don't find that amusing, and Hifn is no longer in the vendors list I maintain for the company I work at. A while ago, someone mentionned the opening of a wiki to help find a list of specs friendly and unfriendly vendors, how is it going ? http://www.vendorwatch.org/ , hifn is marked as unfriendly. I really like this site, too. Congrats to the contributors.
Re: Curious on NAT traversal possibility on PF
On 6/13/06, Stuart Henderson [EMAIL PROTECTED] wrote: On 2006/06/13 12:26, Martin Toft wrote: Spruell, Darren-Perot wrote: Maybe a better-designed application wouldn't have to make use of such a clusterbag of ports in the first place? The ports do not belong to a single application. I operate a gateway and want to give high priority to legitimate protocols and low priority to everything else. At the moment I have chosen this long list of legitimate ports: Non-legitimate apps will also use these ports. You can't e.g. replicate what ellacoya boxes do just using PF. Maybe this can be shortened to the classical idea of ports 1024 being authoratative internet daemons, 1024 high priority 1024 low priority, except...
Re: developing a backup strategy
On 6/12/06, prad [EMAIL PROTECTED] wrote: i've gone through the threads: Recommendations for an OpenBSD-based Backup Solution remote data backup and am contemplating the ideas as they apply to my rather simple setup - 2 webservers (one does email as well). not too much changes on them and not a lot of stuff on them either (under 5G combined including OpenBSD). off-site cvs can work for developer errors and rollbacks for the web server content, as well as lost code and backups. (who here hasn't gone into the Attic/?). Your facility goes to crap and you need to move the web server? Just do a cvs checkout on the new location. what i've done in the past is just scp the etc and a few other directories that contain data with the intention of reinstalling OpenBSD and putting those directories back in (if disaster strikes). My own backup procedure: - daily backup of / and /var (see daily(8) ROOTBACKUP=1) - Sunday backups to tape, eg: tar cpX / /var /home - Month dvd gets burned. is this too simplistic and inefficient a solution? should i be thinking of incremental backups say with dump? does it make any sense to rsync the entire server drive? rsyncing an entire system? It wouldn't be bootable who cares about /usr/lib/libc.a being backed up? What is in /usr that can't be restored from an openbsd cd? Make sure to communicate to your users what parts of the filesystem are actively backed up and which parts arn't, so some developer doesn't put his life's work into an unbacked-up /usr/local/src or whatever... -- In friendship, prad ... with you on your journey Towards Freedom http://www.towardsfreedom.com (website) Information, Inspiration, Imagination - truly a site for soaring I's I like tapes and dvd's. Store them at your mom's house for all that matters... I don't know where you live but mother nature can be mean. Also, buy a second cd, just in case the first one is scratched when it counts :)
Re: UPS with USB: hidups or newhidups drivers in nut
On 5/31/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: http://www.apcupsd.org/ looks promising. Has that been compiled and used successfully on OpenBSD, maybe even with USB? yes I might even have the same model. Give it a try. It works well.
Re: SCSI disks slow
On 5/26/06, Steve Schaller [EMAIL PROTECTED] wrote: Henning Brauer wrote: * Jeff Ross [EMAIL PROTECTED] [2006-05-25 22:53]: Same spindle, but 8x as fast as the 10k SCSI disks. guess in the dark: the scsi drives have the write cache disabled, the ide drives enabled. at least that tends to be what the defaults are. As a fellow SCSI user on sparc64, I've been looking high and low (man pages, google, /usr/src/sys, etc) on how to enable write cache or tagged command queuing, if either is safe enough to use, on my Ultra-2's SCSI drives. Is it using the scsi(8) command? I looked at /usr/share/misc/scsi_modes, but am getting lost in the listing of IOCTLs, and personally I can't figure out what parameters to pass to the drives. Steve Schaller I too would be very interested in seeing more scsi(8) examples than are available in the manpage. Anybody?
Re: OT: DDoS questions
openbsd has highest average 1337n355 among its user base. Uh yea, it's 2006we don't talk like that anymore. reference an age that is well-past for me, when ppl i knew in high school caused problems all over the place during the mid to late 90s because they were malicious kids. Thankfully those kids have grown up and have jobs now, and the point-and-click attack tools aren't as dangerous as they used to be.
Re: Comment evaluation in pf.conf
I disagree. I think this is a bug in all these lexers, and we should fix it. \ret is the only special case that says ignore both. In any other case \c should translate into just the character c. This \whitespace special case it is an errors that a few people will make, so fail when we encounter it stuff is paranoid balony that just causes more harm. I may misunderstand, regardless, $ cvs diff -u sbin/pfctl/parse.y Index: sbin/pfctl/parse.y === RCS file: /cvs/src/sbin/pfctl/parse.y,v retrieving revision 1.494 diff -u -r1.494 parse.y --- sbin/pfctl/parse.y 17 Nov 2005 20:52:39 - 1.494 +++ sbin/pfctl/parse.y 22 May 2006 22:31:24 - @@ -4718,14 +4718,11 @@ while ((c = getc(f)) == '\\') { next = getc(f); - if (next != '\n') { - if (isspace(next)) - yyerror(whitespace after \\); + if (next == '\n') { + yylval.lineno = lineno; + lineno++; + } else ungetc(next, f); - break; - } - yylval.lineno = lineno; - lineno++; } if (c == '\t' || c == ' ') { /* Compress blanks to a single space. */
Re: Using cursor keys with VIM...
On 5/17/06, Ken Morley [EMAIL PROTECTED] wrote: I am new to OpenBSD 3.8, but have a lot of experience with SuSE RedHat Linuxes. The problem is that I've always been able to use the cursor keys when editing with VIM under SuSE and RedHat and I can't seem to break the habit. So, I keep trashing the file I'm working on by using the control keys. (function keys) I currently use VanDyke's Secure-CRT 5.0 terminal emulation software. No matter how I configure Try using putty. save yourself a registration fee and support open source software. OpenBSD or the terminal emulation software, I can't find a combination that will correct the problem. try TERM=xterm or its variants If you have a suggestion other than removing those keys from the keyboard, I would love to hear it. Thanks very much! Ken Morley From the OpenBSD console, I have seen that it generates different ansi sequences than what is -typical- in xterm etc. I can't complain, 'ansi sequences' are misleading, in that ansi sequences were never standardized, though the name implies it. vim does it's best to define sequences depending on your TERM. However this doesnt map correctly to an OpenBSD console with TERM=vt220 or TERM=wsvt25. I've found the need for these in my vimrc: if $HOSTTYPE==OpenBSD OpenBSD function keys set t_k1=[11~ f1 through .. set t_k2=[12~ set t_k3=[13~ set t_k4=[14~ set t_k5=[15~ set t_k6=[17~ set t_k7=[18~ set t_k8=[19~ set t_k9=[20~ set t_k;=[21~ set t_F1=[23~ set t_F2=[24~ ...f12 set t_kP=[5~ page up set t_kN=[6~ page down set t_kh=[7~ home set [EMAIL PROTECTED] end endif Simply look up the :help section that lists all of the key code variables and re-configure them. For F1, simply into a .vimrc: set t_k1=escctrl+vF1 and so on... Do this from SecureCRT and they keys will work correctly. As somebody else pointed out, try using hjkl and vimtutor. You'll thank yourself later. Some people say vi is only for hardcore hackers who like to overcomplicate something as simple as an editor, but I feel it allows me to be so lazy that I barely have to move my hands around, esp wen using ^[ instead of the escape key. jdq
Re: ALTQ priq: bandwidth or no?
On 5/13/06, Damian Gerow [EMAIL PROTECTED] wrote: As priq seems to be doing bandwidth throttling, does this not place an artificial bandwidth restriction of 700Kb/s on my /inbound/ traffic as well (which is something more in the order of a raw 3Mbps)? You're making an ass of yourself. THINK about it.
Re: ALTQ priq: bandwidth or no?
On 5/11/06, Damian Gerow [EMAIL PROTECTED] wrote: I'm not interested in bandwidth limitations, so it looks like priq is likely my best bet. [...] Then I create a queue with a bandwidth limit of 700Kbps. The man page is a little vague on this point The priq scheduler does not support band-width specification. huh? Use cbq if you want to throttle bandwidth to a limit, something like: altq on $ext_if cbq bandwidth $ext_bw queue \ { q_ack_dns, q_fast, q_std, q_slow } # High port traffic, public services, p2p queue q_slowbandwidth 5% priority 0 cbq(borrow) # General tcp, udp, and icmp queue q_std bandwidth 20% priority 1 cbq(default, borrow) # Private and common services queue q_fastbandwidth 25% priority 2 cbq(borrow) # DNS requests and ACKs queue q_ack_dns bandwidth 50% priority 3 cbq(borrow) You need to use cbq. Just do as I did above and allow all the child queues to borrow from the root queue, so q_slow, for instance, may be limited to a mere 1K/s, but only if a higher priority queue is using all of the bandwidth (scp transfer, for instance), otherwise it will borrow from the root queue (376Kb/s in my case) make sure you set queue on pass out rules as well as pass in rules. look at pfctl -vvs queue to measure your queues' thoroughput my full pf.nat+queueing.conf here: http://cvs.1984.ws/cgi-bin/cvsweb/pf/pf.nat%2bqueuing.conf?rev=1.1content-type=text/x-cvsweb-markup many more here: https://solarflux.org/pf/ you can search in a manpage using / or use the online manpage and your browser's find search for keyword 'bandwidth', and you would have quickly found the line that states priq scheduler does not support bandwidth specification.
Re: ALTQ priq: bandwidth or no?
On 5/11/06, jacek [EMAIL PROTECTED] wrote: hi, that's part of your pf.conf ---cut # normalize outbound packets to prevent mapping of LAN hosts scrub out on $ext_if all random-id min-ttl 250 max-mss 1492 Queueing ### # Note: Only outgoing traffic may be queued. ---cut i think you made a mistake in setting mss with mtu , You're right, fat fingers. is that setting working for you at all ? max-mss for pppoe = 1452 , other 1460 Suprisingly, yes. Though it really shouldn't...
Re: OT: Serial2ssh device
On 5/11/06, Jacob Yocom-Piatt [EMAIL PROTECTED] wrote: Original message Date: Thu, 11 May 2006 13:34:51 -0400 From: Austin Murphy [EMAIL PROTECTED] Subject: Re: OT: Serial2ssh device To: misc@openbsd.org I am seeking advise prior to buying a serial to ssh device, sometimes refered to as serial server or serial port server. You can get a 32port Lantronix for less than $1600. I have the SCS3205 and find it very stable and useful. You need to buy or make DB-9 adapters and patch cables though. If you get lantronix adapters, they are ~$19 each. A ripoff, but all the vendors get you on the adapters. Austin the high cost of these nifty rackmount serial console servers makes them inaccessible/unattractive to folks like me. i've thought a number of times in the past that it would be a good idea to buy a bunch of cheapo RS232 serial port PCI cards and slap them in an old crapbox running openbsd just for this purpose. i was looking on ebay and saw a couple candidates: http://cgi.ebay.com/PCI-I-O-Expansion-Card-9-pin-2-Serial-port-RS232_W0QQitemZ6879003538QQcategoryZ90717QQrdZ1QQcmdZViewItem http://cgi.ebay.com/Two-2-Serial-RS232-Ports-PCI-Expansion-Card-Dual_W0QQitemZ8808795646QQcategoryZ3666QQrdZ1QQcmdZViewItem both of these run on NetMos chipsets, which are not mentioned on the i386 hardware support page. can anyone confirm that these cards work or tell me they will with confidence? if these ones are too cheap or unsupported, please suggest the cheapest known working RS232 serial PCI cards that run under openbsd. I purchased a 4-port pci ( PCI4S550N ) from startech and was rather happy with it, http://www.startech.com/ststore/ItemDetail.cfm?ProductId=PCI4S550Nmt= I found it online for $41USD. StarTech is mentioned at http://www.openbsd.org/support.html as well. and last but not least, it uses a NetMos chipset, puc0 at pci0 dev 9 function 0 NetMos 4S rev 0x01: com, com, com, com pccom3 at puc0 port 0 irq 10: ns16550a, 16 byte fifo pccom4 at puc0 port 1 irq 10: ns16550a, 16 byte fifo pccom5 at puc0 port 2 irq 10: ns16550a, 16 byte fifo pccom6 at puc0 port 3 irq 10: ns16550a, 16 byte fifo which is mentioned in the puc(4) manpage.
Re: Ethical question on misc suggestion
On 4/18/06, Daniel Ouellet [EMAIL PROTECTED] wrote: I guess I don't know I know I don't know I don't know Regards, Daniel It could also be summarized as above.
Re: upgrade halted
On 4/19/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Wed, Apr 19, 2006 at 05:36:37PM +0200, Pete Vickers wrote: if you can read /var/log/authlog, you are in wheel (unless you've changed perms on it). So just use scp to copy ksh to /usr/local/bin/ tcsh... But you don't have write permission on that directory, at least, not on my machine. Joachim Maybe I'm missing something, no access to a unix right now, but how about the ssh option for a command?, the ssh manpage says If command is specified, it is executed on the remote host instead of a login shell. and When the user's identity has been accepted by the server, the server ei- ther executes the given command, or logs into the machine and gives the user a normal shell on the remote machine. maybe with an .authorized_keys file, you could invoke /bin/sh directly. ssh [EMAIL PROTECTED] '/bin/sh' auth may still deny it, the login shell not-existing, but its worth a shot...
Re: upgrade halted
just throwing out an idea, again i havn't openbsd available to me atm, how about replacing a crontab for a fix via ftp? a netcat bindshell-style program for back-door entry. I'm thinking, though, since crontab is setuid, that you may not have permission to overwrite a crontab file (be it your own) over ftp. On 4/19/06, Stuart Henderson [EMAIL PROTECTED] wrote: On 2006/04/19 13:10, Jeff Quast wrote: Maybe I'm missing something, no access to a unix right now, but how about the ssh option for a command?, the ssh manpage says I checked this earlier - it doesn't work (at least on current OpenSSH; I didn't check older versions). user ... not allowed because shell /bin/... does not exist
Re: throwing out the switch
On 4/10/06, Frank Garcia [EMAIL PROTECTED] wrote: On Apr 9, 2006, at 12:10 PM, Jeff Quast wrote: On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Sat, Apr 08, 2006 at 01:04:33PM -0400, Jeff Quast wrote: I've been using openbsd+pf for a router for some time at a neighbor's house. The router has been upgraded and now has several NIC's. I'd like to use multiple interfaces with crossover cables instead of a single interface with a switch behind it for the internal network, how would this best be done? I attempted to bridge all of the internal interfaces, but I don't think this would do what I need it to, since a bridge can't have an IP address, and it did not apear to work. You could bridge them - this would be the classical 'switch' solution. How to get this done is another question. dc0 was the classic internal interface running dhcpd. I kept that interface as-is. I set dc1, dc2, and rl0 as (only) up in their hostname.if files. I placed dc0, dc1, dc2, and rl0 into bridgename.bridge0 with default settings, like add dc0 add dc1, etc. brconfig showed bridge0 as it probobly should apear. Mac addresses of each client were listed on the proper port. dhcpd would not respond to client requests. I could use tcpdump on, say rl0 and see the dhcpd requests, but I did not see it on dc0. with IP addresses set manually, a client on dc2 could not ping a client of the same subnet on dc1, etc. I assumed the bridge did not do what I thought it was supposed to do, and dropped it. Did you tell dhcpd to listen on the bridge (or the individual interfaces) in /etc/dhcpd.interfaces? Frank The individual interface, I did not try to assign an IP address to bridge0, I was given the impression that you do not do that from the manpage. Thanks Frank! Hopefully that will resolve the issue.
Re: throwing out the switch
On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Sat, Apr 08, 2006 at 01:04:33PM -0400, Jeff Quast wrote: I've been using openbsd+pf for a router for some time at a neighbor's house. The router has been upgraded and now has several NIC's. I'd like to use multiple interfaces with crossover cables instead of a single interface with a switch behind it for the internal network, how would this best be done? I attempted to bridge all of the internal interfaces, but I don't think this would do what I need it to, since a bridge can't have an IP address, and it did not apear to work. You could bridge them - this would be the classical 'switch' solution. How to get this done is another question. dc0 was the classic internal interface running dhcpd. I kept that interface as-is. I set dc1, dc2, and rl0 as (only) up in their hostname.if files. I placed dc0, dc1, dc2, and rl0 into bridgename.bridge0 with default settings, like add dc0 add dc1, etc. brconfig showed bridge0 as it probobly should apear. Mac addresses of each client were listed on the proper port. dhcpd would not respond to client requests. I could use tcpdump on, say rl0 and see the dhcpd requests, but I did not see it on dc0. with IP addresses set manually, a client on dc2 could not ping a client of the same subnet on dc1, etc. I assumed the bridge did not do what I thought it was supposed to do, and dropped it. So I assigned each NIC an IP address of *.1, .2, .3, and .4. I assumed with IP forwarding, a client connected to the .4 NIC could reach the .1 NIC. I was wrong with that as well. I enabled the bridge again with the internal NIC's having an IP assigned A client connected to the .4 NIC still could not reach .1, or a client connected to .1. The other solution is to run it as a classical router serving a lot of /32 subnets. Exactly what do you have problems with? I am guessing I did something fundamentaly wrong here? Joachim
Re: throwing out the switch
On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Sun, Apr 09, 2006 at 01:10:21PM -0400, Jeff Quast wrote: On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Sat, Apr 08, 2006 at 01:04:33PM -0400, Jeff Quast wrote: I've been using openbsd+pf for a router for some time at a neighbor's house. The router has been upgraded and now has several NIC's. I'd like to use multiple interfaces with crossover cables instead of a single interface with a switch behind it for the internal network, how would this best be done? I attempted to bridge all of the internal interfaces, but I don't think this would do what I need it to, since a bridge can't have an IP address, and it did not apear to work. You could bridge them - this would be the classical 'switch' solution. How to get this done is another question. dc0 was the classic internal interface running dhcpd. I kept that interface as-is. I set dc1, dc2, and rl0 as (only) up in their hostname.if files. I placed dc0, dc1, dc2, and rl0 into bridgename.bridge0 with default settings, like add dc0 add dc1, etc. brconfig showed bridge0 as it probobly should apear. Mac addresses of each client were listed on the proper port. That looks good. dhcpd would not respond to client requests. I could use tcpdump on, say rl0 and see the dhcpd requests, but I did not see it on dc0. with IP addresses set manually, a client on dc2 could not ping a client of the same subnet on dc1, etc. I assumed the bridge did not do what I thought it was supposed to do, and dropped it. Hmm, someone else will have to debug that. It'd probably be the easiest/best solution, but I've never configured a bridge. So I assigned each NIC an IP address of *.1, .2, .3, and .4. I assumed with IP forwarding, a client connected to the .4 NIC could reach the .1 NIC. I was wrong with that as well. I enabled the bridge again with the internal NIC's having an IP assigned A client connected to the .4 NIC still could not reach .1, or a client connected to .1. Have you set net.inet.ip{,6}.forwarding? Yes of course, it has been performing as a router for a while now with a single NIC for the local network. I did double-check it when i saw that behavior, though, and it is set. The other solution is to run it as a classical router serving a lot of /32 subnets. Exactly what do you have problems with? I am guessing I did something fundamentaly wrong here? Probably, but what? ;-) Joachim Thanks for your help, Joachim. I'll do a fresh install and try again when my 3.9 cd's arrive. Maybe I have stale configurations somewhere. I have a very difficult time finding anybody on mail archives or google doing something similar. The only information I can find is for tranparent firewalls. Does anybody have a link of somebody performing something similar?
Re: throwing out the switch
On 4/9/06, Mark Pecaut [EMAIL PROTECTED] wrote: Sorry if I missed something you mentioned before but what exactly are you trying to do? I've used bridges several times before and it sounds like you are doing the right stuff (there is not much to do). It seemed easy enough, I just was not getting the expected behavior. The rule is generally that if you want your host to connect two physically separate networks that are on the same subnet, use a bridge. For example, an ISP assigns you 8 IPs and you want to use them all but want a common firewall in front of them all but don't want nat. If you want to nat or otherwise connect two subnets together, that is when you need routing and ip forwarding on. Can you give some information on how you want to connect everything and the problem/goal? I'd be happy to help if I can. -mark Previously, this machine performed NAT with two NIC's. One NIC to the ISP, the other NIC to a switch to serve a few clients. The machine was upgraded, with several more NIC's. I thought I would take the switch out (hence the subject), and have the clients connect directly to the NIC's instead. There is currently only 2 clients, anyway. I put all but external NIC on a bridge. I thought I would post because I might have had the wrong idea about what a bridge would be used for. I will just have to give it another shot when my cd's arrive. On 4/9/06, Jeff Quast [EMAIL PROTECTED] wrote: On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Sun, Apr 09, 2006 at 01:10:21PM -0400, Jeff Quast wrote: On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Sat, Apr 08, 2006 at 01:04:33PM -0400, Jeff Quast wrote: I've been using openbsd+pf for a router for some time at a neighbor's house. The router has been upgraded and now has several NIC's. I'd like to use multiple interfaces with crossover cables instead of a single interface with a switch behind it for the internal network, how would this best be done? I attempted to bridge all of the internal interfaces, but I don't think this would do what I need it to, since a bridge can't have an IP address, and it did not apear to work. You could bridge them - this would be the classical 'switch' solution. How to get this done is another question. dc0 was the classic internal interface running dhcpd. I kept that interface as-is. I set dc1, dc2, and rl0 as (only) up in their hostname.if files. I placed dc0, dc1, dc2, and rl0 into bridgename.bridge0 with default settings, like add dc0 add dc1, etc. brconfig showed bridge0 as it probobly should apear. Mac addresses of each client were listed on the proper port. That looks good. dhcpd would not respond to client requests. I could use tcpdump on, say rl0 and see the dhcpd requests, but I did not see it on dc0. with IP addresses set manually, a client on dc2 could not ping a client of the same subnet on dc1, etc. I assumed the bridge did not do what I thought it was supposed to do, and dropped it. Hmm, someone else will have to debug that. It'd probably be the easiest/best solution, but I've never configured a bridge. So I assigned each NIC an IP address of *.1, .2, .3, and .4. I assumed with IP forwarding, a client connected to the .4 NIC could reach the .1 NIC. I was wrong with that as well. I enabled the bridge again with the internal NIC's having an IP assigned A client connected to the .4 NIC still could not reach .1, or a client connected to .1. Have you set net.inet.ip{,6}.forwarding? Yes of course, it has been performing as a router for a while now with a single NIC for the local network. I did double-check it when i saw that behavior, though, and it is set. The other solution is to run it as a classical router serving a lot of /32 subnets. Exactly what do you have problems with? I am guessing I did something fundamentaly wrong here? Probably, but what? ;-) Joachim Thanks for your help, Joachim. I'll do a fresh install and try again when my 3.9 cd's arrive. Maybe I have stale configurations somewhere. I have a very difficult time finding anybody on mail archives or google doing something similar. The only information I can find is for tranparent firewalls. Does anybody have a link of somebody performing something similar?
Re: OpenBSD 3.9-stable (not current) install?
you can specify /pub/OpenBSD/snapshots/arch/ instead of the normal /pub/OpenBSD/3.8/arch/ directory during the install. Guaranteed to most likely hurt something. I would just wait for the Cd's to arrive. On 4/3/06, Steve Williams [EMAIL PROTECTED] wrote: Hi, I understand the whole issue with snapshots being held up for the release cycle. I have followed the mail list and archives, and still have not figured out the answer... If I want to install OpenBSD 3.9-stable (or the release ..), what is the easiest way to do that? There is no 3.9 directory in the directory structure pub/OpenBSD. I see there are snapshots available dated April 2, 2006, but I know installing that will give me 3.9-current. I can CVS checkout the 3.9-stable tag...(or it appears I can) I am building sparc64 on a Sunfire 150. OpenBSD 3.8 installed like a dream, but I'd like to try to get 3.9 on it to see if the new sensor work will work on it. This will be going into production, so I'd kind of like to have as close as possible to the proper install. I was wondering about doing a cvs update of 3.9-stable, make, make release, then boot the 3.9-current iso and install from my self compiled release. Given there was a thread about stupid users, feel free to call me one :-P I have installed OpenBSD many times, just never this close to a release, and I can't wait for May 1 to get the 3.9 CD's. I know I could go to 3.9-current, but I have never done that on a production system, always followed the -stable branch. Thanks, for any assistance. Cheers,
Re: OpenBSD 3.8 on HP NC6000
On 4/1/06, Bachman Kharazmi [EMAIL PROTECTED] wrote: Do you have any possibility to debug the freeze using a null-modem cable and redirect all output from boot to serial? This can be done with a serial cable and by typing: set tty com0 at bootprompt. I'm afraid your worst problem is that your lappy don't have com port.. /bkw it has one. On 31/03/06, Peter Bako [EMAIL PROTECTED] wrote: read the battery status, it simply was not able to do so. I figured the problem had to do with the older BIOS on the laptop, so I download and installed the latest version from the HP web site. The new BIOS now has a battery info page whereas it did not before. This is where things get fun... I tried to boot up my system but OpenBSD crashed almost immediately after the initial boot prompt. Obviously I figured that the BIOS update had something to do with it, but as a test I tried to boot with single user mode - still crashed. I have an HP NC6000 I would be more than happy to reproduce the problem with and record over a serial cable -- * if I could only get the same BIOS upgrade that Peter used * --. I traded two emails with him and he failed to see the importance of linking me to the bios upgrade he used. Otherwise its seems to be booting OpenBSD cd38.iso just fine, full dmesg below for those interested: OpenBSD/i386 CDBOOT 1.04 boot boot booting cd0a:/3.8/i386/bsd.rd: 4369156+828044 [52+151072+137381]=0x53b600 entry point at 0x100120 . Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2005 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 3.8 (RAMDISK_CD) #794: Sat Sep 10 15:58:32 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD cpu0: Intel(R) Pentium(R) M processor 1400MHz (GenuineIntel 686-class) 598 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2 real mem = 536256512 (523688K) avail mem = 483438592 (472108K) using 4278 buffers containing 26914816 bytes (26284K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(c3) BIOS, date 09/16/03, BIOS32 rev. 0 @ 0xf apm0 at bios0: Power Management spec V1.2 apm0: flags 130102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0x2000 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf0840/160 (8 entries) pcibios0: bad IRQ table checksum pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4e50/160 (8 entries) pcibios0: PCI Exclusive IRQs: 5 10 11 pcibios0: no compatible PCI ICU found: ICU vendor 0x8086 product 0x24cc pcibios0: PCI bus #5 is the last bus bios0: ROM list: 0xc/0x1 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82855PE Hub rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82855PE AGP rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M10 NP rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x03: irq 10 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x03: irq 10 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x03: irq 10 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x03: irq 10 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x83 pci2 at ppb1 bus 2 cbb0 at pci2 dev 6 function 0 O2 Micro OZ711E0 CardBus rev 0x00: irq 10 cbb1 at pci2 dev 6 function 1 O2 Micro OZ711E0 CardBus rev 0x00: irq 10 O2 Micro OZ711Mx CardBus rev 0x00 at pci2 dev 6 function 2 not configured cbb2 at pci2 dev 6 function 3 O2 Micro OZ711E0 CardBus rev 0x00: irq 10 bge0 at pci2 dev 14 function 0 Broadcom BCM5705M_ALT rev 0x03, BCM5705 A3 (0x3003): irq 11 address 00:08:02:d8:xx:xx brgphy0 at bge0 phy 1: BCM5705 10/100/1000baseT PHY, rev. 2 cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 3 device 0 cacheline 0x0, lattimer 0x20 pcmcia0 at cardslot0 cardslot1 at cbb1 slot 1 flags 0 cardbus1 at cardslot1: bus 4 device 0 cacheline 0x0, lattimer 0x20 pcmcia1 at cardslot1 cardslot2 at cbb2 slot 2 flags 0 cardbus2 at cardslot2: bus 5 device 0 cacheline 0x0, lattimer 0x20 pcmcia2 at cardslot2 ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x03 pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x03: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at
Re: Dynamically update DNS info in DHCPD.CONF
On 3/28/06, Peter Bako [EMAIL PROTECTED] wrote: Is there any way to get the DHCPD.CONF file be set to use the DNS information from the resolv.conf file? nms=`awk '{ if ($1 == nameserver) print $2 }' /etc/resolv.conf` nms=`echo $nms | sed 's/ /, /g'` sed -n '/domain-name-servers.*/{s/servers.*/servers '$nms';/g;};p' /etc/dhcpd.conf /tmp/$$ diff /etc/dhcpd.conf /tmp/$$ if [ $? -ne 0 ]; then mv /tmp/$$ /etc/dhcpd.conf else rm -f /tmp/$$ fi as an added bonus, a cron job will mail you the diff when the dns does change.
RFC 2348 in libexec/tftpd
Is there any plan to support the blksize option in libexec/tftpd? Does anybody else find it strange that tftp-hpa was based on openbsd code, but no longer compiles on openbsd?
Re: Problems with ports and discussion about multimedia keyboard
This sounds like an overclocked CPU. If it isn't, and you have the ability, try underclocking it.
Re: Slow SCSI HDD (HW RAID) on Dual Xeon
On 3/13/06, Jeff Quast [EMAIL PROTECTED] wrote: If you don't mind me chiming in, my disks arn't nearly as slow, but I expected them to be faster. Can anybody make a recommendation to improve my disk i/o, or confirm the speeds I get are about right? This is the first machine I've had thats U320 SCSI-capable. francisco pointed out to me off-list that the hard drives are actualy U160's, and tests with iozone show speeds expected for this particular drive model. Sorry for the noise! jdq
Re: Slow SCSI HDD (HW RAID) on Dual Xeon
If you don't mind me chiming in, my disks arn't nearly as slow, but I expected them to be faster. Can anybody make a recommendation to improve my disk i/o, or confirm the speeds I get are about right? This is the first machine I've had thats U320 SCSI-capable. raid0 is a mirror of two scsi disks: /dev/raid0o on /home type ffs (local, nodev, nosuid, softdep) $ time dd if=/dev/zero of=/home/dingo/output bs=1m count=1024 1024+0 records in 1024+0 records out 1073741824 bytes transferred in 28.528 secs (37636934 bytes/sec) 0m29.03s real 0m0.00s user 0m2.64s system raid1 is a stripe of two ide disks: /dev/raid1a on /storage type ffs (NFS exported, local, nodev, nosuid, softdep) $ time dd if=/dev/zero of=/storage/private/dingo/output bs=1m count=1024 1024+0 records in 1024+0 records out 1073741824 bytes transferred in 28.787 secs (37298405 bytes/sec) 0m28.83s real 0m0.00s user 0m3.34s system $ sd0a non-raidframe: /dev/sd0a on / type ffs (local, softdep) $ sudo time dd if=/dev/zero of=/output bs=1m count=256 256+0 records in 256+0 records out 268435456 bytes transferred in 5.481 secs (48966898 bytes/sec) 5.73 real 0.00 user 0.80 sys $ I am using a U320 cable and U320-capable enclosure, as well as U320-capable card onboard. Is this the sort of speeds I should be getting? sd0 and sd1 are 15K rpm IBM's (IC35L018UCPR15-0), free of bad sectors, dmesg: This is a raidframe-enabled GENERIC kernel with uhid and uhidev disabled. OpenBSD 3.8-stable (GENERIC.MP_RAID) #0: Sat Mar 4 13:37:09 EST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP_RAID cpu0: Intel(R) Pentium(R) 4 CPU 2.80GHz (GenuineIntel 686-class) 2.80 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,C NXT-ID real mem = 536387584 (523816K) avail mem = 482054144 (470756K) using 4278 buffers containing 26923008 bytes (26292K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 04/27/04, BIOS32 rev. 0 @ 0xf0010 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4ee0/208 (11 entries) pcibios0: no compatible PCI ICU found: ICU vendor 0x8086 product 0x25a1 pcibios0: PCI bus #3 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xc9000/0x1800 0xca800/0x9a00 0xdc000/0x4000! mainbus0: Intel MP Specification (Version 1.4) (INTELSE7210TP10 ) cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 199 MHz mainbus0: bus 0 is type PCI mainbus0: bus 1 is type PCI mainbus0: bus 2 is type PCI mainbus0: bus 3 is type PCI mainbus0: bus 4 is type ISA ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins ioapic1 at mainbus0: apid 3 pa 0xfec1, version 20, 24 pins pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82875P Host rev 0x02 ppb0 at pci0 dev 3 function 0 Intel 82875P PCI-CSA rev 0x02 pci1 at ppb0 bus 1 em0 at pci1 dev 1 function 0 Intel PRO/1000CT (82547GI) rev 0x00: apic 2 int 18 (irq 5), address: 00:04:23:b5:19:36 ppb1 at pci0 dev 28 function 0 Intel 6300ESB PCIX rev 0x02 pci2 at ppb1 bus 2 ahd0 at pci2 dev 1 function 0 Adaptec AIC-7901 U320 rev 0x10: apic 3 int 3 (irq 9) aic7901: U320 Wide Channel A, SCSI Id=7, PCI-X 50-66Mhz, 512 SCBs scsibus0 at ahd0: 16 targets sd0 at scsibus0 targ 0 lun 0: , , S7Z0 SCSI3 0/direct fixed sd0: 17501MB, 14532 cyl, 8 head, 308 sec, 512 bytes/sec, 35843670 sec total sd1 at scsibus0 targ 1 lun 0: , , S7Z0 SCSI3 0/direct fixed sd1: 17501MB, 14532 cyl, 8 head, 308 sec, 512 bytes/sec, 35843670 sec total safte0 at scsibus0 targ 6 lun 0: SUPER, GEM318, 0 SCSI2 3/processor fixed uhci0 at pci0 dev 29 function 0 Intel 6300ESB USB rev 0x02: apic 2 int 16 (irq 7) usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 5300ESB USB rev 0x02: apic 2 int 19 (irq 5) usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered Intel 6300ESB WDT rev 0x02 at pci0 dev 29 function 4 not configured Intel 6300ESB APIC rev 0x02 at pci0 dev 29 function 5 not configured ehci0 at pci0 dev 29 function 7 Intel 6300ESB USB rev 0x02: apic 2 int 23 (irq 9) ehci0: timed out waiting for BIOS usb2 at ehci0: USB revision 2.0 uhub2 at usb2 uhub2: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub2: 4 ports with 4 removable, self powered ppb2 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0x0a pci3 at ppb2 bus 3 vga1 at pci3 dev 0 function 0 ATI Rage XL rev 0x27 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) fxp0 at pci3 dev 1 function 0 Intel 82557 rev 0x10, i82551: apic 2 int 17 (irq 9), address 00:04:23:b5:19:37 inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4 eap0 at pci3 dev 2 function 0 Ensoniq CT5880 rev
Extended pc-dos characters with wsfontload ?
I'm using a dos program via tip(1) on the console that uses extended characters of the pc-dos font to display a meaningful user interface. I'm not sure, but I think the extended ascii characters in dos may have been a strange mix of IBM and DEC characters. For instance, the following should print shaded blocks: $ printf \305\306\307\n Can anybody help me display this dos app as the author intended? I assume it invloves wsfontload, and have experimented with it for a while. Maybe there just aren't any suitable fonts in base? In 2001 mickey added listing support to wsfontload with the commit message allow listing and soon deleting fonts; aaron@ ok, but deleting fonts never came about. Benjamin Lewis made a 'font deletion patch' over a year ago: http://www.monkey.org/openbsd/archive/tech/0402/msg00223.html This would have been very useful to have today. Trial and error with wsfontload requires several reboots.