Re: duo core mac mini, bluetooth keyboard?

[Jeff Quast]

On Thu, Sep 03, 2009 at 12:42:03AM -0400, Jeff Quast wrote:
 does a usb keyboard work in GENERIC on intel duo core mac mini? or is it 
 still necessary to pair a bluetooth keyboard in osx before starting the 
 install?

4.4 or 4.5 snapshots would not detected due to USB problems, but I can happily 
report that a 4.6 snapshot worked perfectly fine. 

I haven't seen the installer in quite a while, have been doing upgrades all 
this time--kudos, the improvements are quite pleasant!

duo core mac mini, bluetooth keyboard?

[Jeff Quast]

does a usb keyboard work in GENERIC on intel duo core mac mini? or is it still 
necessary to pair a bluetooth keyboard in osx before starting the install?

Re: IPSec tunnel problem

[Jeff Quast]

On Sat, Feb 23, 2008 at 05:47:18PM +0200, Alexey Vatchenko wrote:
 Hi guys!
 
 I'm trying to configure IPSec tunnel between home gateway and office 
 gateway. Home gateway has dynamic IP, office gateway has static IP.
 
 The problem is when home gateway establishes IPSec tunnel with office 
 gateway, computers from office network cannot connect to office gateway 
 (but they still can get Internet through the gateway).
 
 Here is what i do:
 
 Office network: 192.168.0.0/24
 ipsec.conf: ike passive esp from 192.168.0.0/24 to any local egress 
 dstid [EMAIL PROTECTED] psk xxx
 
 Home
 ipsec.conf: ike dynamic esp from any to 192.168.0.0/24 peer 
 OFFICE_EXTERNAL_IP srcid [EMAIL PROTECTED] psk xxx
 
 So, please, shed some light on what i do wrong.

you need to declare a bypass flow on the side of the network where the router, 
presumably on 192.168.0.0/24 requires communication to the local network 
segment also on 192.168.0.0/24. It is probobly trying to send this across the 
tunneled wire, which won't reach its destination.
Create a bypass for flows from 192.168 to 192.168, like so:

flow esp from 192.168.0.0/24 to 192.168.0.0/24 type bypass

Re: Using CVS to back up /etc

[Jeff Quast]

 Currently I back up /etc on these machines using variants on rsync and
 rsnapshot, and it works OK. However, I've got it into my head to shift
 to using CVS to back up /etc on these machines. Advantages I think I see:

http://www.infrastructures.org/papers/bootstrap/bootstrap.html

might help in your research, i have not yet seein it mentioned here

Re: mc problem under 4.2

[Jeff Quast]

On Tue, Nov 27, 2007 at 08:02:46PM +0100, Bambero wrote:
 Hello
 
 I have a strange problem with mc (MidnightCommander).
 After install OpenBSD 4.2 mc doesn't work properly.

fresh install or upgrade from say, 4.1?

 When i type:
 
 mc
 
 I have to wait 5 min to see the Midnight Commander. After comannd it
 hangs and it's ready to work after 5 minutes.
 It doesnt matter I use bsd or bsd.mp kernel. It doesn't matter which
 terminal I use.
 I tried to instal mc using ports but it won't help.

You built mc from source? used a binary package? stale package from before
the upgrade?

This feels like a dns resolution issue, maybe a missing entry in /etc/hosts

if you just did an upgrade, maybe you blew away your hosts or resolv.conf ?

I don't use mc, but doesn't it do some sort of ftp or remote file
transfer, and may like to know its' hostname/address? Does it maybe
take long to ping $(hostname)?

you can use ktrace(1) to examine what mc is busy waiting for from
the system, if thats the case.

Re: confused on openssl....

[Jeff Quast]

On Thu, Nov 22, 2007 at 06:58:11PM -0800, badeguruji wrote:
 Hello all,
 
 I am sorry to ask this dumb question here. but after
 going thru several web-pages. i am not able to figure

start with mapages, man 8 ssl
 
 where should i build my base directories to start
 creating certificates for CA and http/imap server?

ssl(8) says: The certificates reside in the /etc/ssl directory, with the keys 
in the /etc/ssl/private directory.

Re: uvm_fault crash on fresh 4.2

[Jeff Quast]

On Nov 12, 2007 7:25 PM, Nick Guenther [EMAIL PROTECTED] wrote:
 I just installed an old compaq desktop that I intend to use as a
 Stopped at  pmap_enter+0xaf:movl0(%edx,%eax,4),%eax
 ddb trace
 pmap_enter(d69c7a2c, 1c022000, 2353000,5,20,1c027000,da433ea4,0) at
 pmap_enter+0xaf
 uvm_fault(d687875c,1c023000,0,1,da3efea0) at uvm_fault+0xd0c
 trap() at trap+0x269

every fault i've had in the area of pmap on i386 has been due to bad
ram, at least 6 or more times in my experience with garbage resecued
machines.

Re: Non-x86

[Jeff Quast]

On 10/26/07, Matthew Szudzik [EMAIL PROTECTED] wrote:
   Where are the choices for non-x86?
 
  The only remaining alternative is Sparc. Everything else is either old
  (macppc) or expensive  unsupported (IA64).

 If anyone is looking for a non-x86 laptop, there aren't many choices.  Is
 there any information about OpenBSD on the following Sparc laptop?

  http://www.tadpolecomputer.com/products/notebooks/viper.asp



ppc ibooks are pretty cheap, but not very upgradeable. You can get
most for about $200 USD.

ppc powerbooks are nice (cardbus slots, gigabit, better video cards),
but more costly. You can also upgrade the cpu in old powerbooks and
put big sticks of ram in them (also costly)

Re: About Xen: maybe a reiterative question but ..

[Jeff Quast]

On 10/22/07, Nick Guenther [EMAIL PROTECTED] wrote:
 On 10/22/07, ropers [EMAIL PROTECTED] wrote:
  On 22/10/2007, carlopmart [EMAIL PROTECTED] wrote:
   Hi all,
  
 I know that time to time somebody do the same question, but I need to 
   know it:
   is it planned at some point to release a paravirtualized xen kernel for 
   OpenBSD
   4.3 or 4.4???

yum

  It already exists. You can run OpenBSD DomUs (ie. run OpenBSD as a Xen
  guest**), but AFAIK you still can't run OpenBSD Dom0s (ie. run
  OpenBSD as a Xen host**).
 
  See http://www.ropersonline.com/openbsd/xen/
 

true

  But you need at least one Dom0 (which when I last looked into this
  still could not be OpenBSD) and you can install OpenBSD as a DomU.

Only recently using HVM, not paravirtualization

 So that means that OpenBSD has code in it right now that detects if
 it's running under Xen and paravirtualizes itself?


no

I would like to vouch for openbsd working great as a guest, but my
guest has crashed a dozen times. However I think this is due to the
debian linux dom0 having broken sata code for the controller in use.
dom0's dmesg is filled with debug statements from sata related places
in the kernel that should never be printed. We're in a messy
de-centralized linux development world trying to get a stable dom0
patched together. It sucks.

The paravirtualization port appears dead to me. I've tried to keep up
on it, but the guy's blog no longer mentions it, his repository is
often down, and when it is up the commits do not appear to be very
frequent. Also his blog hasn't mentioned it in a year or more.

http://hg.recoil.org/openbsd-xen-sys.hg
http://anil.recoil.org/blog/

Re: Seeking info for RAID 1 on OpenBSD

[Jeff Quast]

On 7/28/07, Lars Noodin [EMAIL PROTECTED] wrote:
 I have two spare SATA drives on an OpenBSD 4.1 box and would like to set
 up RAID level 1.


I'm a big fan of using the ROOTBACKUP=1 option in /etc/daily, and
modifying it to also include /var and /usr . It is documented in the
manpage for daily. I prefer this over instant raid1, because you can
make a big bobo, and revert to last night.

 Losing one day's work isn't so bad. Saved me three or four times over
the years.

Re: ppp logging - solved?

[Jeff Quast]

On 7/27/07, J.D. Bronson [EMAIL PROTECTED] wrote:
 At 11:34 AM 07/27/2007, you wrote:
 I'm sorry -- could you clarify, where were you starting ppp before,
 when it syslogd was not logging? I can't find this in your last email
 either?
 
 You are saying it works fine under rc.local, and fine under
 hostname.tun0, where else would you start it?

 the issue is that syslogd comes up AFTER /etc/rc.network is ran
 so since I am using PPP (via hostname.tun0 to start) ppp does not
 log.

i wanted to ask again because i start ppp from hostname.tun0 without
any syslog issues.

you don't connect() to syslog or open a channel like a tcp/ip socket.
it just kinda throws it. syslogd can catch, it if it wants. probobly
the reason for udp over the network

my setup is for evdo modem, not pppoe, and im a release behind. thats
the only thing i can think of.

maybe you missed something.

$ cat /etc/hostname.tun0
inet 99.0.0.1 255.255.255.0 99.0.0.2
up
!ppp -ddial -nat
$ grep -A 2 ppp /etc/syslog.conf
!ppp
*.* /var/log/ppp
$ cat /etc/ppp/ppp.conf
default:
set log Phase Chat Warning
set device /dev/cuaU0
set speed 230400
set dial ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \
\\ AT OK-AT-OK ATE1Q0s7=60 OK \\dATDT\\T TIMEOUT 40 CONNECT
set phone #777
set login
set authname [EMAIL PROTECTED]
set authkey lies
set timeout 0
add! default HISADDR
add! 192.168.0/24 HISADDR
set resolv readonly
disable vjcomp deflate
add! default HISADDR6
$ uname -a
OpenBSD gateway.1984.ws 4.0 GENERIC#1107 i386
$ sudo reboot

(time passes, we login after its done rebooting...)

$ tail -n 10 /var/log/ppp
Jul 15 08:58:54 gateway ppp[14386]: Phase: deflink: login - lcp
Jul 15 08:58:54 gateway ppp[14386]: Phase: deflink: lcp - open
Jul 15 08:59:01 gateway ppp[14386]: Phase: bundle: Network
Jul 15 08:59:01 gateway ppp[14386]: Phase: deflink: IPV6CP protocol
reject closes IPV6CP !
Jul 15 08:59:01 gateway ppp[14386]: Phase: deflink: IPV6CP protocol
reject closes IPV6CP !
Jul 15 08:59:01 gateway ppp[14386]: Error: rt_Set: Cannot add a route
with gateway 0.0.0.0
Jul 15 08:59:01 gateway ppp[14386]: Warning: 0.0.0.0/0: Change route
failed: errno: No such process
Jul 15 08:59:01 gateway ppp[14386]: Warning: ff02:9::/32: Change route
failed: errno: Network is unreachable
Jul 15 08:59:04 gateway ppp[14386]: Phase: deflink: IPV6CP protocol
reject closes IPV6CP !
Jul 15 08:59:13 gateway last message repeated 3 times

$ date
Sat Jul 15 09:00:00 EDT 2034

so nobody tells me or asks -- I know the date is wrong, i need a new
battery, and sprint routes to reachable machines in the 192.168.0/24
range, i thought it was neat so i checked it out.

i show you mine, now you show me yours?

Re: TV tuner that works

[Jeff Quast]

On 6/22/07, Diana Eichert [EMAIL PROTECTED] wrote:

On Fri, 22 Jun 2007, Timo Schoeler wrote:

 Hi misc@,

 surely I checked http://openbsd.org/amd64.html#hardware, but I'd like
 to know if any of you can really *recommend* a TV tuner card.

 thanks,

 Timo

I'm using a BT878 based tuner, the video works fine with fxtv.  It can
pass through the audio to a separate sound card, but I don't have a
supported audio chip on the system with the BT878 card.  Not a big
problem as all I used it for was to verify signal was coming down the
cable when I installed cable to a couple more rooms in the house.



I've had really great experiences with BT8x8 cards. Well priced, too

Re: About BSD Certification

[Jeff Quast]

On 6/11/07, Karsten McMinn [EMAIL PROTECTED] wrote:

On 6/10/07, Adam [EMAIL PROTECTED] wrote:
 That's just as stupid as requiring people have a cert.  Lots of people have
 certs because so many places toss your resume if you don't have MCSE or
 CCNA listed on it.  Just because they have a cert doesn't mean they don't
 know what they're doing.

alot of anti-cert sentiment. borderline misinformation in
some cases. I've interviewed folks with and without certs.
I don't know why some people insist on arguing
that book != cover[1] with regard to certs. silly.

here's a couple points for consideration:


You lightly touched on it, but there is a very crucial need for this
certification that happily employed IT people can't begin to
understand.

There are many young unemployables who freely code dozens of
languages, but work at gas stations because they have a blank resume.
I know a very good kernel hacker in Flint, MI who does roofing. I met
another C programmer at a small factory where we both made -less- than
minimum wage.

Some young people live in areas with very high unemployment rates. In
these places, it is not so easy to gain even minimal experience under
high competition. With a resume that contains no related work history
or any education, a certification is a cheap way to prove a small
amount of equivalent real-world experience to get a foot in the door.

I support the BSD certification, and will be recommending it to all
students who would like to find work in the field before they graduate
(or if they can't afford to graduate). I think we should all be used
to the idea that many college students also work full time. An
equivalent linux certification, LPI, costs less than a single college
course.

I have been tracking BSDCG's progress in detail, including their
psychometrics, and this may possibly become the best real-world
experience equivalency IT certification yet, and set an example for
others. They're not trying to make this certification any more than it
is, no more than the equivalent of a few months experience.

Lastly, though I think it's already been said, If you don't like or
need the certification, don't take it. If you think it's equivalency
is shit, then don't consider it when making hiring decisions. If
neither of these apply, go shit in somebody else's bed. Don't ruin it
for those who could really use it.

Re: OT: Michigan BSD user group

[Jeff Quast]

On 6/5/07, James Turner [EMAIL PROTECTED] wrote:

I was wondering if anyone knows of any BSD user groups located in
Michigan?  I'm pretty sure the Southeast Michigan group is no longer
meeting.  Also would anyone in the Detroit/Ann Arbor area be interested
in getting a BSD user group started?  Feel free to contact me off list
if you might be interested.


I tried to contact you off-list but your mailserver is rejecting it...

I've been interested in starting a Flint area unix users group.

I can round up a good handful of people to make it to BUG's in the Detroit area.

Re: support for Sun Fire

[Jeff Quast]

On 5/29/07, Stuart Henderson [EMAIL PROTECTED] wrote:


an amd64 box boot without it. and hooray: the bios *defaults* to using
serial console, so you don't lose access if the CMOS battery dies.
other vendors would do well to copy that idea.


here, here.

Re: question to Zaurus owners

[Jeff Quast]

On 5/25/07, Maxim Belooussov [EMAIL PROTECTED] wrote:

Is it indeed possible to run TomTom navigation software on Zaurus? In
Linux emulation mode?


Linux emulation only works for i386. zaurus is arm.

Re: dual g4 needed for hackathon

[Jeff Quast]

On 5/11/07, Mark Kettenis [EMAIL PROTECTED] wrote:

 On this years hackathon I'd like to hack more on macppc smp support.
 For obvious reasons I cannot bring my own machine.  Is there anyone in
 the Calgary or Edmonton area that can loan us a dual g4 machine end
 may/early june?

 Mark


If somebody in the area has any old G4, I have a
Dual 533Mhz G4 CPU I can ship from Flint, MI

Re: safe PF start / restart

[Jeff Quast]

On 4/11/07, christian johansson [EMAIL PROTECTED] wrote:

I had to set up a linux firewall the other day, and I used the iptables
script generating program shorewall.
While pulling my hair over how ugly the iptables stuff (even via shorewall)
is compared to OpenBSDs nice clean PF syntax, I did find one very nice
feature in shorewall - safe restart.

When safe restarting, shorewall will implement all rules in the iptables
config files, then give the user a prompt: keep rules y/n?

If 'yes' the rules are kept and everyone is happy. If 'no', iptables are
disabled and all traffic let in. If no answer then default to answer 'no'
after 60 seconds.
Very useful, even if just for the added peace of mind when applying new
changes.

Is there a ready made script accomplishing this for openbsd / pf?  Or any
plans of building such functionality?

Christian




I think I get what you're asking here... like switching monitor
resolutions and asking you to confirm that it worked by clicking a
button? If you can't see the button, you don't click it, and the old
resolution is reverted after 15 seconds. Right?

I've done this with pf. I used at(1) like anybody would. You can load
a new rule using pfctl -f /etc/pf.conf/new,  with an at(1) job to load
/etc/pf.conf at 60 seconds. If you want some fancy prompt, wrap it
with /bin/sh.

Personaly I'd hate to see this as an actual 'feature' anywhere. If
everything this trivial was implemented into pfctl I would stop
reading manuals top to bottom. You should look at the command prompt
like a live programming enviroment. I recommend reading The UNIX
Programming Environment by Brian W. Kernighan and Rob Pike.

Re: how to configure bridge interface [WAS: snort any interface]

[Jeff Quast]

On 4/9/07, Soner Tari [EMAIL PROTECTED] wrote:


My physical interfaces are already configured and have their own IP
addresses. I need to assign different IPs to all 3 cards (LAN, WAN1,
WAN2). And here is what I run on the command line to create a bridge
interface (to use as a pseudo interface on snort command line for
monitoring):

ifconfig bridge0 create
brconfig bridge0 add vr0 add rl0 add nfe0 up

Am I not supposed to see the traffic on all of the physical interfaces
(vr0, fxp0, nfe0) using tcpdump on bridge0? (I've tried with pf disabled
too.)


It is my understanding that only one or none may have an IP. Give vr0
or any single iface an ip address. For each other nic, only activate
it using 'up':

ifconfig vr0 192.168.0.1 netmask 255.255.255.0 up # this is the primary NIC
ifconfig rl0 up # this could be what you are missing
ifconfig nfe0 up
ifconfig bridge0 create
brconfig bridge0 add vr0 add rl0 add nfe0 up

also maybe ifconfig bridge0 up -- 'up' goes in brconfig or ifconfig
or both? Not sure.

At this point, if you tcpdump on vr0, you should see the traffic on
rl0 and nfe0 as well. Any endpoint can connect to any NIC and see the
same 192.168.0.1 address, and reach any other PC connected to any of
the other two NIC's. I do this with my router, because the switch ran
out of ports :)


Perhaps this is not possible at all with bridge intefaces? If so, how do
I achieve such a monitoring interface? Any comments please?

Does each port on a switch have an IP, for instance?

Are you trying to make a transparent bridge? You have three NIC's
here, and you seem to have to need of an IP address.. ?

You should be able to assign no IP at all to vr0, and accomplish a
transparent bridge without pf involved, where as you can split a cable
in half, crimp each end, put them into each NIC, and you can see
everything inbetween. pf can start to block at this point.

I know nothing at all about the Snorter... Does it need to bind to an
IP? It shouldn't.

Re: Problem on installing new packages

[Jeff Quast]

On 3/26/07, Lawrence Teo [EMAIL PROTECTED] wrote:


PKG_PATH=ftp://ftp.it.net.au/mirrors/OpenBSD/4.0/packages/amd64 \
pkg_add -v nano-1.2.5.tgz



Make sure to add a trailing /

PKG_PATH=ftp://ftp.it.net.au/mirrors/OpenBSD/4.0/packages/amd64/ \
pkg_add -v nano-1.2.5.tgz

This has gotten me more than once, documented in pkg_add(1)

Since a few URL schemes contain colons, pkg_add relies on each
directory ending in a / to split the path correctly.

umsm(4) SprintPCS users -- Merlin PC720 anyone?

[Jeff Quast]

I've been happily using a umsm(4) sierra wireless aircard 580[1]. It
literally took less than 5 minutes to get this card moving in OpenBSD
with the ppp.conf example in umsm(4). Highly recommend this card, its
about $60 on ebay these days.

EVDO rev a was deployed to my area, and I was happy with the sierra
model (though not ecstatic over the latency), so I purchased a 'Sierra
wireless aircard 595' [2]. Somebody reported success in linux[3] with
this card, and umsm(4) listed this device as a maybe.

I forked out the $262, and Unfortunately this was not the 5-minute
success story as I had hoped for.

Although it attached to ucom0, if I used cu -l /dev/cuaU0 -s 230400, I
was not able to input an at (and receive OK, such as on the 580).
I wondered if the 168Mhz laptop I was using it with was too old
(pcmcia type II? what? it fit...), so I built a fresh 1.2Ghz i386 and
used a pci-pcmcia card with similar deadlock serial. This also
failed the same way on macppc.

There is a 30 day return limit on these, so I've re-activated the 580
(effectively disabling the new card) and returned this product. So my
question:

I am using sprintpcs as my provider. Can anybody report success with
the 'Merlin PC720' [4]?

1. http://www.sierrawireless.com/product/ac580.aspx
2. http://www.sierrawireless.com/product/ac595.aspx
3. 
http://www.pbandjelly.org/2006/12/sierra-wireless-aircard-595-configuration-sprintpcs/
4. http://www.novatelwireless.com/products/merlin/merlin-pc720.html

Thanks,
jdq

Re: zaurus bootstrapping

[Jeff Quast]

On 3/23/07, Theo de Raadt [EMAIL PROTECTED] wrote:

 zaurus is quite brittle and depends on some of the stuff on the disk.

I really don't agree.  That was mostly in the past.  These days I
always install a zaurus without any Linux on the drive.  That linux
stuff is not neccessary anymore.


This is good to hear, with only a few gb, it'll be nice to take back
the ~500mb the linux filesystem is holding on my device.

Also, if I understand correctly, the HD can be blown away completely
(or even removed), and we can still boot linux off the embedded flash?

Re: compile faster?

[Jeff Quast]

On 3/21/07, chuckr [EMAIL PROTECTED] wrote:

I am going into doing a bit of compiling on my Zaurus.  I have both a
Linux and a FreeBSD server, both pretty fast Intel boxes, sitting right
besides them, and in fact, all of my source directories (sources for
/usr/src and /usr/ports) are remotely mounted from my FreeBSD box (sept
is my Zaurus, april my FreeBSD, and june my Linux box).

What am I getting on about?  Well, compilation, as I now do it, ssh'd
into sept from april (the FreeBSD box).  Is there anything that anyone
else is doing, that they're actually gotten to work?

I'm wondering about doing maybe a cross-compiler.  I'm not sure about
the spec of the floating point work, you need to get that precisely
right.  If anyone is doing this successfukky, I sure would like to hear
a report about it.  It takes me about 2 days to do a /usr/src build.


Shouldn't take two days. NFS mount your /usr/src and /usr/obj and it
will go much faster.

The CF card is something like 5MB/s on mine.

Don't cross compile, you'll spend more time finding bugs that were
snuck in than you will have saved. Buy a more powerful arm computer,
like a Thecus :)

usb0: root hub problem error=13 on macppc -current

[Jeff Quast]

Here is a diff of dmesg's between snapshot when I compile my own
kernel for -current (yes, my clock is off by a year):

1c1
 [ using 364116 bytes of bsd ELF symbol table ]
---

[ using 364200 bytes of bsd ELF symbol table ]

8,9c8,9
 OpenBSD 4.1 (GENERIC) #1209: Sat Mar 10 19:12:02 MST 2007
 [EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC
---

OpenBSD 4.1-current (GENERIC) #2: Sun Sep 17 09:16:52 EDT 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC

67,77c67
 ohci0 at pci1 dev 24 function 0 Apple USB rev 0x00: irq 27, version 1.0
 usb0 at ohci0: USB revision 1.0
 uhub0 at usb0
 uhub0: Apple OHCI root hub, rev 1.00/1.00, addr 1
 uhub0: 2 ports with 2 removable, self powered
 ohci1 at pci1 dev 25 function 0 Apple USB rev 0x00: irq 28, version 1.0
 usb1 at ohci1: USB revision 1.0
 uhub1 at usb1
 uhub1: Apple OHCI root hub, rev 1.00/1.00, addr 1
 uhub1: 2 ports with 2 removable, self powered
 cardslot0 at cbb0 slot 0 flags 0
---

ohci0 at pci1 dev 24 function 0 Apple USB rev 0x00: irq 27ohci1 at pci1 dev 25 function 
0 Apple USB rev 0x00: irq 28cardslot0 at cbb0 slot 0 flags 0

79a70,75

, version 1.0
usb0 at ohci0: USB revision 1.0
usb0: root hub problem, error=13
, version 1.0
usb1 at ohci1: USB revision 1.0
usb1: root hub problem, error=13

86,105c82
 uhub2 at uhub1 port 1
 uhub2: Mitsumi Electric Hub in Apple Extended USB Keyboard, rev
1.10/4.20, addr 2
 uhub2: 3 ports with 2 removable, bus powered
 uhidev0 at uhub2 port 1 configuration 1 interface 0
 uhidev0: Mitsumi Electric Apple Optical USB Mouse, rev 1.10/1.10,
addr 3, iclass 3/1
 ums0 at uhidev0: 4 buttons and Z dir.
 wsmouse0 at ums0 mux 0
 uftdi0 at uhub2 port 2
 uftdi0: FTDI USB - Serial, rev 1.10/4.00, addr 4
 ucom0 at uftdi0 portno 1
 uhidev1 at uhub2 port 3 configuration 1 interface 0
 uhidev1: Mitsumi Electric Apple Extended USB Keyboard, rev
1.10/4.20, addr 5, iclass 3/1
 ukbd0 at uhidev1: 8 modifier keys, 6 key codes
 wskbd0 at ukbd0: console keyboard, using wsdisplay0
 uhidev2 at uhub2 port 3 configuration 1 interface 1
 uhidev2: Mitsumi Electric Apple Extended USB Keyboard, rev
1.10/4.20, addr 5, iclass 3/0
 uhidev2: 3 report ids
 uhid0 at uhidev2 reportid 2: input=1, output=0, feature=0
 uhid1 at uhidev2 reportid 3: input=3, output=0, feature=0
 bootpath: '/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL 
PROTECTED]/bsd'
---

bootpath: '/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL 
PROTECTED]/bsd.new'

109d85

Here is what I've done on of a fresh install from CD, then an upgrade
to snapshot:

cd /usr
cvs -d [EMAIL PROTECTED]:/cvs co src
cd /usr/src/sys/arch/macppc/config
config GENERIC
cd ../compile/GENERIC
make depend  make bsd
cp bsd /bsd.new

from openfirmware: boot hd:,ofwboot /bsd.new

What am I doing something wrong? Why does my usb bork out when I
compile my own kernel? I've also removed the cbb0 card with no luck.

This is a G4 Power Mac Digital Audio. Full dmesg:

[ using 364116 bytes of bsd ELF symbol table ]
console out [ATY,Rage128Pd]console in [keyboard] USB found
: memaddr b400 size 400, : consaddr b6008000, : ioaddr
b002, size 2: memtag 8000, iotag 8000: width 640 linebytes 768
height 480 depth 8
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2007 OpenBSD. All rights reserved.  http://www.OpenBSD.org

OpenBSD 4.1 (GENERIC) #1209: Sat Mar 10 19:12:02 MST 2007
   [EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC
real mem = 268435456 (262144K)
avail mem = 234254336 (228764K)
using 1254 buffers containing 13418496 bytes (13104K) of memory
mainbus0 (root): model PowerMac3,4
cpu0 at mainbus0: 7400 (Revision 0x209): 466 MHz: 1MB backside cache
memc0 at mainbus0: uni-n
ki2c0 at memc0 offset 0xf8001000
iic0 at ki2c0
mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff
pci0 at mpcpcibr0 bus 0
pchb0 at pci0 dev 11 function 0 Apple Uni-N2 AGP rev 0x00
vgafb0 at pci0 dev 16 function 0 ATI Rage Fury rev 0x00, mmio
wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation)
mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x0
pci1 at mpcpcibr1 bus 0
pchb1 at pci1 dev 11 function 0 Apple Uni-N2 Host rev 0x00
re0 at pci1 dev 18 function 0 Realtek 8169 rev 0x10: RTL8169S
(0x0400), irq 52, address 00:09:5b:bd:c0:a7
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 0
cbb0 at pci1 dev 21 function 0 Ricoh 5C475 CardBus rev 0x81: irq 58
macobio0 at pci1 dev 23 function 0 Apple Keylargo rev 0x03
openpic0 at macobio0 offset 0x4: version 0x4614
macgpio0 at macobio0 offset 0x50
macgpio1 at macgpio0 irq 47
programmer-switch at macgpio0 not configured
gpio5 at macgpio0 not configured
gpio6 at macgpio0 not configured
gpio11 at macgpio0 not configured
extint-gpio15 at macgpio0 not configured
extint-gpio16 at macgpio0 not configured
escc-legacy at macobio0 offset 0x12000 not configured
zsc0 at macobio0 offset 0x13000: irq 22,50
zstty0 at zsc0 channel 0
zstty1 at zsc0 channel 1

Re: usb0: root hub problem error=13 on macppc -current

[Jeff Quast]

On 3/18/07, Jeff Quast [EMAIL PROTECTED] wrote:

Here is what I've done on of a fresh install from CD, then an upgrade
to snapshot:

cd /usr
cvs -d [EMAIL PROTECTED]:/cvs co src



What am I doing something wrong? Why does my usb bork out when I
compile my own kernel? I've also removed the cbb0 card with no luck.


My apologizes, this has been resolved with:

cd /usr/src
cvs up -Pd

of about 100 files patched, one of them was ohci.c. After rebuild,
this has been fixed. ??

Sorry for the noise!

Re: Slightly OT: i386 Sound Card Recommendation

[Jeff Quast]

On 3/16/07, JT Croteau [EMAIL PROTECTED] wrote:

 I need to add a sound card to my OpenBSD desktop box for basic audio
playback from .mp3's and cd's and to do some basic recording.  What
would be a good PCI based card to go with?


ess(4)'s have always treated me well.

Re: server crash: ccd + fsck - data loss?

[Jeff Quast]

On 3/12/07, Sebastian Rother [EMAIL PROTECTED] wrote:

Hello everybody,

I`ve a ccd wich contains sensetiv data.
The Server crashed for technical reasons.
After it booted up again it told me to do a fsck.
I did and the data is gone now.



I think I shouldn`t have done it is there ANY way to restore this
file? I didn`t exspected that the fsck would be responseable for any
dataloss so does somebody know a method to restore this big file?


Came home and my X windows was frozen? This never happens. Tried to
ssh in and it seems dead. So I reboot, and fsck. Hundreds of errors...
fix 'em all! Programs begin segfaulting, another reboot, another fsck,
hundreds of more errors for fsck to fix. fsck segaults! sh
segfaults! Kernel panics!

It was bad ram. Replaced it. Booted bsd.rd, mounted the partitions,
tar xp'd from a recent tape backup and was back in business in less
than 1 hour.

Story is, fsck corrupted my data. Each pass corrupted more and more
data. Massive data loss! Lesson is, with a tape backup I was back in
business in less than an hour.

On 3/12/07, Sebastian Rother [EMAIL PROTECTED] wrote:

And I forgot to say: It`s a private Server but even privat can have
some value sometimes (and it was too big to backup. bigger HDDs are
planed to replace the CCD (later..)).


Maybe instead of buying bigger disks you should look into a backup solution.


Or does somebody know a extraction methode to reassemble the file?


You can restore these by using hexedit on the raw disk.
http://archives.neohapsis.com/archives/openbsd/2005-01/1717.html

If you can see it with hexdump, you can probobly go out of your way
with a calculator to use dd with offsets etc. hexedit is user friendly
though.

Re: OpenBSD speed on desktops

[Jeff Quast]

On 2/17/07, R. Fumione [EMAIL PROTECTED] wrote:

Hello,

I am using OpenBSD on server since few years now, and I am very happy
with it's easy maintenance and it's stability. I want to try on
desktop, and I am having trouble.

Everything is much slower than existing Linux system. For example,
Firefox takes 3-5 seconds to start on Linux but ~10 seconds on
OpenBSD on same machine!

I tried compiler optimizations but those didn't help. Any suggestions?
Please cc replies to me also as I am not on misc. Thanks.

Fumione

(Note: please do not tell me change to lighter window manager. I
would like to use same environment or stay with Linux. Thanks.)




You can just stay with linux. Really, we won't mind.

Take care,
jdq

Re: nullconsole?

[Jeff Quast]

On 1/17/07, Joachim Schipper [EMAIL PROTECTED] wrote:

On Wed, Jan 17, 2007 at 06:32:33PM +0800, Lars Hansson wrote:
 If the WRAP is using console redirection this wont help.


there is no such thing, as wrap is headless anyway.



Why not? If you set the system console device to some non-existent com1,
as you state above, and disable most everything in /etc/ttys, wouldn't
you be able to make sure the system doesn't use the vga port?

   Joachim




there is no vga port on the wrap

http://www.pcengines.ch

Re: openbsd3.9 i386 generic kernel crash

[Jeff Quast]

On 1/10/07, Marcos Laufer [EMAIL PROTECTED] wrote:

Hello,

I had strange crash twice in 30 minutes today on a server
running OpenBSD 3.9 stable with generic kernel. The machine
rebooted inmediately, and i am not locally on the datacenter

I have no clue on where too look at. Any ideas?



man crash

Re: nice book about code auditing

[Jeff Quast]

On 12/20/06, Otto Moerbeek [EMAIL PROTECTED] wrote:

Hi,

Every once in a while the question how can I learn how to audit
software comes up here.

I just received The Art of Software Security Assesment by Mark Dowd
et. al. I ordered it because another OpenBSd developer recommended it.

Browsing through it it really seems a nice book. So I think I can
recommend it to anybody wanting to learn code auditing.

   -Otto




I just recieved this book yesterday myself.

I've only thumbed through it, but this is the best book on the subject
out there. It's been placed on the top of my stack and will probobly
stay there.

Highly recommended.

Re: Unconfigure Raid

[Jeff Quast]

On 11/17/06, Julian Labuschagne [EMAIL PROTECTED] wrote:

Hi everyone

I created a Raid setup on OpenBSD 4.0

And it worked fine... 2 disks striped together...

But now I want to add 2 more disks to the array but it seems I cant
because I already gave the Raid device a serial number.


raidframe does not have the ability to grow columns of a raid level 0.

For a redundant raid level such as 5, you can use raidctl -a to add
disks as hot spares. This still would not grow the size, it just
gives raidframe some extra spares for reconstruction.



raidctl -I 2006111501

Can I undo the previous command?


You could re-label them with the serial number it used to be. That
would 'undo' this much. What did you do? Is your raid unusable? Did
you break it with -I, and now you want it back?


And is it really necessary to fill all the drives with zero's again?
Examle:
dd if=/dev/zero of=/dev/rwd1c bs=1024000
dd if=/dev/zero of=/dev/rwd2c bs=1024000
dd if=/dev/zero of=/dev/rwd3c bs=1024000
dd if=/dev/zero of=/dev/rwd4c bs=1024000


Well now you're really not getting it back..


This is my first time I have worked with Raidframe so I'm still a bit
confused... But the man page is slowly starting to make sense after each
read.


I highly recommend that if you use raid for redundancy, take out some
drives and do some pretend failure runs.  Recovering from a failure is
a bad time to learn how to use raidctl.


Any help would be appreciated.

Kind Regards Julian


To make it easy:

mv /etc/raid0.conf to raid0.conf.disabled, and reboot. This will
unconfigure your current raid, if it is configured at all. raidctl -u
does this as well but what the hell.

Change the number of columns in raid0.conf.disabled from 2 to 4, add
the two new disks under the 'START disks' section, rename it to
raid0.conf.

Configure this raid:

raidctl -C /etc/raid0.conf raid0

Give all of the disks a serial number:

raidctl -I 123456 raid0

Initialize it:

raidctl -iv raid0

Then restore your media onto your new striped raid from backup.

This is a stripe raid, expect it completely fail at ANY TIME.

I hope this answers your question.

Re: laptop mini-pci wifi card replacement rec.

[Jeff Quast]

On 11/17/06, Rick Aliwalas [EMAIL PROTECTED] wrote:


 broadcom wireless device.  It appears that I am able
 to add a mini-pci card to replace what is already in
 the laptop (correct me if i'm wrong its been a while
 since I bought a laptop).

 I am almost always on a 'b' network so would like to
 ask the list for recommendations on the most likely
 to work out of the box / least problematic replacement

I use a Netgate mini-pci (2511 MP) in my Soekris and also Netgate
PCMCIA card (2511CD PLUS EXT2) in a laptop.  Both are 802.11b and
both work wonderfully.  More costly than the ones at newegg but
they just work.  See http://www.netgate.com/



I second this. This is the best wifi card I have ever used. I also got
mine from netgate. For this type of card (wi(4)), you need to make
sure the firmware is 2.5, but not 3.0, or not 2.0, etc. netgate
ensures this, other resellers do not always specify this.

Re: java on openbsd

[Jeff Quast]

On 11/14/06, Marc Ravensbergen [EMAIL PROTECTED] wrote:


I am having a hard time getting java to work on openbsd.


I'll bet.


difference. I've googled for hours trying to find a solution, but can't
seem to fix it.


Lucky for you! My google works: http://www.google.com/search?q=openbsd+java


I really don't want to download the source for java and compile... I am
on dialup so every byte counts.


I am sorry for this, as this is a very involved process that requires
I agree several times through the build. I beleive it took me two
days work on a fast machine on broadband. Only because of Sun's web
pages (which are very hard to navigate using lynx, of course).


netbsd and got it working through linux emulation as well. I had
problems with netbsd so it didn't stick around, but I believe that java
on bsd through emulation should be possible; probably just an oversight
somwhere on my part.

If anybody can give me some tips or tricks I would really appreciate it.


I would, but I would just be (poorly) repeating information that
developers have painstakingly documented.
http://www.openbsd.org/faq/faq8.html#Programming


Thanks for your time,
Marc


If you're just asking for somebody to provide you with a complete
binary package of the completed build, then you are asking us to break
the law. Sun wants you to build it yourself, so that is what you will
have to do.

Sorry, but this just sounds like you are complaining. You should
really send your grievences to sun, not openbsd misc. OpenBSD can't
change Sun's licensing policies -- they can only abide by them. Maybe
all of this hoop jumping will make you realize that using this
language is a bad career move?

jdq

Re: Nintendo Wifi Connector and Nintendo DS (WEP)

[Jeff Quast]

On 11/3/06, Sam Fourman Jr. [EMAIL PROTECTED] wrote:

I guess i was mistaken , I had thought that the OpenBSD support for armish
http://www.openbsd.org/armish.html

would also include devices like the Nintendo DS



I think the DS is too armmy for armish.



Sam Fourman Jr.

Re: dhclient does not get lease after reboot

[Jeff Quast]

On 10/25/06, Matt Bettinger [EMAIL PROTECTED] wrote:

I can do dhclient xl0 at the console and grab an lease just fine from
the cable modem.  NOW,  if I reboot the machine it will not get an
lease.  I have to manually  do it from the console.  The



# more /etc/hostname.xl0---outside interface connected to cable modem
# more /etc/hostname.xl1
# more /etc/hostname.xl2
/etc/dhclient.conf file exists and all values are commented out so we
My /var/log/daemon shows many of these
Matt


what about:

sh -x /etc/netstart xl0

?

Re: Fast Xorg Performance

[Jeff Quast]

On 10/17/06, Karsten McMinn [EMAIL PROTECTED] wrote:

I'm trying to figure out what needs to be done in order to
get fast 2d xorg (and friends) performance. I term
fast as not having to wait for window operations, with
most every application and xorg opertation taking no longer
than 100ms. if anyone experiences this kind of
performance in any xorg environment, please share your
hardware/app/config setup and any non-standard xorg config
options, thanks ladies and gents.

_Karsten




Documentation is key!

http://dri.freedesktop.org/wiki/CategoryHardwareChipset
http://www.xfree86.org/current/manindex4.html

It took me about 30 minutes to find a $30 ati card that is well
supported. The 9200 looks promising. I was able to find a card based
on this series with a dvi port.

mga is also promising.

Re: UPS just delivered the 4.0 release CD-set

[Jeff Quast]

On 10/13/06, Sideris Michael [EMAIL PROTECTED] wrote:

On Fri, Oct 13, 2006 at 02:35:35PM +0200, Joris Van Herzele wrote:
 It's true this is hardly relevant for a discussion forum, but I hope you
 will all forgive me ... I just felt the need to voice my joy.

 We all agree it's great software, but other than that just look at it :
 The packaging in itself is already enough to put me in a festive mood :)

Probably I am missing something here, but, isn't the release date
20061101? If so, why the early shipping? Just out of curiosity.


It has always been this way. Nico forgot to add your question in his
very short explanation of 'the way it is'.

Pressing, Printing, Packaging, Shipping -- these are all done early as
necessary to ensure that the pre-ordered CD's arrive BEFORE the
release date.

So,
If the CD's have been printed and packaged earlier than expected and
are sitting around in somebody's living room -- why not begin shipping
them off?

Consequently,
Those who make pre-orders are often rewarded specialy, getting the
release earlier than those who did not pre-order. This is not WHY,
this is just a consequence of good time management.

I can't wait to see this post next release, too :) (only because I
always enjoy releases)

Re: armish fdisk/disklabel free sectors

[Jeff Quast]

Hi Stuart,

On 10/13/06, Stuart Henderson [EMAIL PROTECTED] wrote:

installing OpenBSD/armish on an n2100 I had to manually fdisk


INSTALL.armish in the fdisk section says Write some good explaination
here..., so maybe this is known -- but nobody has written a good
section for this.


(12V 5A made by Seasonic) draws approx 15W (39VA) at idle,
18W (43VA) compiling. (and the soldering's pretty easy).


This machine looks really fun though! Thanks for the power stats, too!


obio0 at mainbus0
com0 at obio0 addr 0xfe80 intr 28: ns16550a, 16 byte fifo
com0: console


I don't mind soldering -- but soldering what? Is this for com0?

Thanks!!

Re: armish fdisk/disklabel free sectors

[Jeff Quast]

On 10/13/06, Stuart Henderson [EMAIL PROTECTED] wrote:

On 2006/10/13 16:50, Jeff Quast wrote:
 On 10/13/06, Stuart Henderson [EMAIL PROTECTED] wrote:
 installing OpenBSD/armish on an n2100 I had to manually fdisk

 (12V 5A made by Seasonic) draws approx 15W (39VA) at idle,
 18W (43VA) compiling. (and the soldering's pretty easy).

 This machine looks really fun though! Thanks for the power stats, too!

 obio0 at mainbus0
 com0 at obio0 addr 0xfe80 intr 28: ns16550a, 16 byte fifo
 com0: console

 I don't mind soldering -- but soldering what? Is this for com0?

yes, you need to attach a .1 2x5-pin header (minus one pin)
to the space conveniently located on the drive backplane away
from anything that's too easy to damage.



you need
the serial console to install the OpenBSD boot loader onto
flash, or to netboot, but not to actually run it (though it helps).

I moved j3 to j4 as well (irq for serial port, info on
http://www.debonaras.org/wiki/Info/ThecusN2100 internals page)



much nicer for port-building
than a zaurus :-)


Speaking of zaurus -- any way to get a com0 on this thing? I notice a
funny port under a rubber pad on the back of the 3100 -- I don't know
of any cable for the port on the back, but my dmesg indicates theres
at least one comport logically...

Would be nice to plug into a conserver for debugging and bug posts,
I've had a few panics... If soldering is required on this zaurus
board, count me out!


thanks to all involved with porting to this arch...


second this! -- Though a few panics, my zaurus is as stable as I
imagine a mobile i386 would be under the kind of abuse it gets...

Re: internal modem

[Jeff Quast]

On 10/4/06, ivorob [EMAIL PROTECTED] wrote:

 Dimitry Andric wrote:

 ivorob wrote:
  The chance of getting these modems working on any non-Windows platform
 is almost zero.  Please complain to your vendor(s). :)

Are you sure? I agree in theory, but I heard about ltmodem project for
linux.


Your comments ANGER ME


May be some ports of this project exist for OpenBSD? What do you
think?



I think not!!!

See the ltmodem webpage
http://www.physcip.uni-stuttgart.de/heby/ltmodem/#sources , under
Sources(ironic!) unpack ltmodem-8.26a.tar.gz , then unpack
source.tar.gz found in this. you will find source/ltmobj.o -- this is
the actual driver. a BLOB ( see http://www.openbsd.org/lyrics.html#39
). The rest is just garbage wrappers.

If you have a problem with openbsd not supporting BLOBS, then by all
means, use linux!!

Re: RAIDFrame parity rebuild: why so slow?

[Jeff Quast]

On 10/3/06, Joerg Zinke [EMAIL PROTECTED] wrote:

On Mon, 02 Oct 2006 20:11:36 +0200
nothingness [EMAIL PROTECTED] wrote:

 Hi all,

   I've been using RAIDFrame on OpenBSD since 3.1 and in 4 years I've
 never seen any performance improvement in getting the system to work
 any faster at rebuilding parity after a hard shutdown. I've tried
 RAID1, RAID5, SCSI drives, IDE drives, processors from PentiumII 400s
 to Athlon64 3200+ and it has *always* been ridiculously slow at
 rebuilding. Just a 9G RAID5 partition takes over 2 hours. A 60G RAID1
 takes 11 hours. 11!!! Before flaming me to say, just go and edit the
 code, it's never been out of beta or whatever, explain why compared
 to other OSes it's always so slow, even to build the first time
 around. Linux's code in particular comes to mind.

maybe this is one of the reasons why raidframe is not officially
supported and not enabled in stable kernel. i think another reason is


or that it doubles the size of a kernel for a function 5% of openbsd users use.


that the actual raidframe implementation is not the best - citation of a
developer: the code is crap... but hey its open source, go, go, go:


You really shouldn't speak hearsay when it comes to source code. Its
open source, look yourself and make a judgement. It should only take
about two minutes to make a basic judement call


rewrite it :)

i use a 250 gb raid 1 and tooks 3h to rebuild parity on an athlon 2600
(32-bit).

regards,

joerg



If you really hate it so much, ^c it. Its just ensuring your parity.
Skip it if you don't like it. I occasionaly do. If you want speed, and
not reliability, then skip it and use stripe. This is like complaining
fsck_ffs is too slow. Don't complain when data is lost during a power
failure because you never bothered to ensure parity (or do not use
backups, use battery backups, or just keep trying to use emulated
opera with macromedia flash player)

I find tests with iozone to prove that a stripe of two 55MB/s disks
perform at 110MB/s almost to do the decimal, showing that raidframe
does a fantastic job.

Raidframe was originaly a simulator. A simulator. It was never meant
to be a kernel driver. It is not meant to ensure speed. It is not
meant to actualy be used to store real data. You're lucky you have it.
You should thank the author for making it a kernel driver.

rough parity consitancy check estimates of my own:
4-disk + spare raid5. U160 scsi, 15k rpm drives @ 20GB: ~3 minutes
2-disk raid0. U160 scsi, 15k rpm drives @ 8gb: ~2 minutes or less
3-disk raid5. 1 sata, 2 ide, (desktop-class disks) @ 260GB: ~50 minutes

raidframe is a theorm in action. It is old. I'm sure alot of functions
(including parity check) could be rewritten to perform much better
with modern processor designs in mind. That is your job. If you can't
handle it, then spend money on a true hardware raid card.

* (Don't get an adaptec onboard like me, or you'll still be using raidframe :) *

PS: You're post included no dmesg or patch.
You are just complaining. WHAaa :(

Re: Serial control of LCD display

[Jeff Quast]

On 10/2/06, Peter Bako [EMAIL PROTECTED] wrote:

I am trying to get a CrystalFontz 632 serial display to work with an OpenBSD
box.  Under Windows I can just connect the display to a com port, run
Hyperterminal and send text directly to it, so I assumed that I could just
send a data stream to /dev/tty00 under OpenBSD and make it work as well.
Unfortunately it is not turning out to be anywhere that simple.


So far, neither OS does any more than the other.


If I use cu or tip and connect to /dev/tty00 and 19200 then I can send data
to the display, but eventually I need to be able to send data to it from a
shell script.  Any attempt I make to send data to it (such as cat test 
/dev/tty00) results in an error of sh: Cannot create /dev/tty00:
Interrupted system call.

I've tried to mess with the stty command to setup the serial port (open it
up, set the speed, etc), but no luck, that error always comes up.  Can
anyone point me to the right direction on this?

Thanks,
Peter


Peter,

I would write what you need in C. I can help you along or start you
out with ~30 lines to do the job if necessary. It is very simple if
you are even just partly familiar with C. After 5 or so lines of
initializing the device, its just basic file i/o operations.

If you are more comfortable with python or perl, these can probobly
handle the job as well.

as for being able to use stty, then echo to it, I don't think its
possible. Anyone?

Re: overwritten file recovery - how ?

[Jeff Quast]

On 10/1/06, Joachim Schipper [EMAIL PROTECTED] wrote:

On Sat, Sep 30, 2006 at 07:24:43PM +0200, Bambero wrote:
 Hello

 I need to recovery overwritten txt file.

 Ex.
 echo my data  testfile.txt
 echo   testfile.txt

 I have partition image file creted using dd.
 Is it possible to dump it and search using grep for example ?
 Is it possible to recover overwritten data ?

Well, let this teach you about the values of good backups. amrecover
(AMANDA) is considerably friendlier than what you're about to go
through... (and I can attest to both from personal experience. Ouch.)


I only backup my large repositories and media once a month. 29 days of
work is worth hunting for.


You're quite lucky, though, to have deleted a plain text file. Provided
you still know a couple of words, you could search for them. grep -A
would work, but be careful to redirect it or it'll mess up your
terminal.


(I dont see how grep would help here)


Tools like TCT (The Coroner's Toolkit, by Wietse Venema c) or The
Sleuth Kit (more modern; apparently, Autopsy is something of a GUI for
it) could help a lot, if you're desparate.

   Joachim


hexedit works just fine for this purpose imo.

http://archives.neohapsis.com/archives/openbsd/2005-01/1717.html

It is very safe to use, and free (as in COST, it is probobly gnu, not
meeting my own concept of 'free').

Re: webbased authpf ?

[Jeff Quast]

On 9/15/06, Joachim Schipper [EMAIL PROTECTED] wrote:

It would probably be best to let a daemon or cronjob outside the chroot
read it; a socket or even a simple pipe in the chroot is sufficient to
signal a daemon, or even send the whole IP address.

Of course, this does result in a two-part script, but the seperation is
likely to be a good thing from a security standpoint.

   Joachim


This design is mentioned alot. I understand it, and it would probobly
be best solution.

Does anybody have a simple two-bin C app that communicates over a pipe
that functions for this purpose? I suppose I could pull out my richard
stevens AUP...

I see this recommended alot. So somebody had to actualy sat down and
do this at some point. Care to share?

Re: broadcom

[Jeff Quast]

On 9/11/06, Tom Bombadil [EMAIL PROTECTED] wrote:

mm... I thought it was to save ~500K in the kernel:
http://openbsd.org/faq/faq14.html#Optraid

Is there any other reason?

Cheers


(top posting is the suck)


Marco Peereboom wrote:
 RAIDFrame is disabled in GENERIC for a reason you know.



http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/raidframe/

it hasn't been updated in 7 years?

Bug fixes, reliability improvements, and features have not been ported
from greg's -current implementation in netbsd since its initial merge
into the tree 7 years ago. It apears as though just enough to get by
since then...

If its 500k to add to a binary kernel, sit back and think of how many
lines of code that amounts to maintaining.

Did someone mention the need of merging raidframe, bioctl and friends
into one someday? What a beautiful friendship that would be, an all
encompassing raidctl for all types of raid, software or hardware

Re: sharing ffs filesystems between NetBSD and OpenBSD

[Jeff Quast]

On 9/5/06, Igor Sobrado [EMAIL PROTECTED] wrote:

Hello!

I am trying to understand an odd behaviour in the Berkeley Fast File
System as implemented in both NetBSD and OpenBSD.  My main concern



[...]  Can it be
a problem when sharing these drives with non-i386 architectures?


Guessing that you are sharing files between big-endian and non-endian machines?

You can't do that with ffs.

NetBSD apears to have the option FFS_EI. That may help. A quick search
indicates that nfs  vnd trickery may be required.

Good luck.

Re: pf + os detection - How to block a Host if it does a nmap scan?!

[Jeff Quast]

On 8/29/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:

Hello everybody,

OpenBSDs PF is able to block Packets by the passiv OS fingerprint.
For example you can block packets from nmap.

I4ve a little problem witht hat: How to block a host if it does/did a
nmap-Scan?!
I can block the nmap-scan but not automaticly the host because the
overload-rule does not know about blocking by OSs.



I know of only a means to block nmap scans if used with the -i
parameter. It continaully connects to your ident port for each open
port discovered to attempt to identify the owner of the service.
(Does the webserver run as root?)

You could do a 3/30 overload rule on port 113 and add to a table to
drop and log.

Let them scan, what are you worried about? If you have something you
are worried about nmap discovering, blocking an nmap scan isn't going
to help.

If I were a cracker and scanned your netblock, and your host is the
only one that stopped responding half-way through a scan, I would use
other means to begin looking at yours immediatly. (Or you may be a
winbox I just crashed...)

Block drop as a default policy may be better for your needs. It annoys
inpatient nmap scanners to give up quickly. nmap is getting quicker at
scanning hosts that drop blocked packets, especialy when options are
fine-tuned for it.

Also by default nmap skips hosts that don't reply to icmp pings.

Whatever.

Re: OpenBSD/Networking noobie: home micro-server setup?

[Jeff Quast]

On 8/28/06, Joachim Schipper [EMAIL PROTECTED] wrote:

Of course, localhost is a very nice place to start a brute-force attack,
so choose a good password or just disable password authentication in
sshd. After all, you'll want to use a serial cable anyway.


I've disabled sshd on my wrap router, and the only secure login is via
serial cable. I only login as root on my router, as there is nothing I
would do on a router that doesn't require root. Usualy just ifconfig,
pfctl, dhclient, etc. I just giggle every time I login to my router --
I have no root password set! *dodges*... its just a home network,
whatever. It is convenient, though:

sudo tip -38400 tty00crrootcrcrcr

If I could only get my Informer[1] to work properly, I might add a
local user and use it to ssh out through the router and play nethack
or something. A dumb terminal being the only form of login would be
ideal :)

[1] http://www.ba23.org/page0291.html

Re: pf queue monitoring

[Jeff Quast]

On 8/21/06, Lawrence Horvath [EMAIL PROTECTED] wrote:

Is there a way to monitor how much traffic is passing through a queue in bps?
Im using 'pfctl -s queue -v' but it seems to only show a running total
of packets and bits that have passed through it, and i want to be able
to see it in bps anyone know of a way to do this?

# uname -a
OpenBSD localhost.localdomain 3.9 GENERIC.MP#598 i386

thanks

--
-Lawrence



did you try adding a second -v?

pfctl -vvs queue

Re: current kernel cvs up from 3.9

[Jeff Quast]

On 8/17/06, Marten [EMAIL PROTECTED] wrote:

Hi all

I am trying to upgrade to current
but building a kernel after cvs up didn't work.


Upgrade with snapshots first.


# make



cc1: error: unrecognized option `-Wstack-larger-than-2047'



Am I doing some wrong here?


Yea, not reading the faq.

http://www.openbsd.org/faq/current.html

Always wanting to compile from scratch, its like masturbation, but
without the release.

Re: pxeboot

[Jeff Quast]

On 8/15/06, Marten [EMAIL PROTECTED] wrote:


quote
Ethereal showed that only the 1st block of 512 bytes was being sent from
the server and being acknowkedged. Block 2 was sent, but never acked.

(It didn't acknowledge because it already started booting!)

Given that the file pxeboot was 200KB, something was wrong.



if you had used tcpdump -Xs 99 you would have seen in the first few
packets of the negotiation, the wrap netboot client sent a request for
changing the packet length. This was silently ignored by the OpenBSD
tftpd, because it is not supported. When the wrap recieved a packet
smaller than the packetlength it asked for, it assumed EOF and began
executing

If i remember right the packetlength for the send buffer on tftpd is
implemented as a global variable in netbsd's implementation that is
modified by this command from the client. I havn't used it, but from
code it looks like it would work for wrap.  Netbsd's method is not so
easy to port over, as they extended the server/client command
framework to something very different (and kindof scary).

dump what the wrap is requesting (i beleive the command sent to server
is packetlength ?) and hardcode  as the sendbuffer in tftpd
and recompile for a quick workaround.

Re: Replacing a failed HD in a raidframe array

[Jeff Quast]

On 8/4/06, Jason Murray [EMAIL PROTECTED] wrote:

I previously had a bit of trouble with my raid array. That is now cleared
up and I need to replace one HD of the mirrored set. Never having done
this I thought I'd check here to see if there was any advice on HD selection.

Natrually the replacement HD will have to be at least the same size as the
original. But are there any restrictions on HD geometry?



Sector size is all that matters. Must be greater than or equal. The
unused space is truncated. I don't beleive the other geometries matter
-- except that your partitions must lie on cylinder boundries.
Different geometries will mean you will end up wasting a few sectors.
Example below.


It naively makes sense to me to try match things as closely as possible.
Or am I way off base here?


You're fine. When I run out of spares i do a lot of research and buy
bulk of new disks, and begin transitioning as they die, or more
commonly (as i did in example below) just transition my data to a new
raid (using backups!!), and use the old disks as spares again.

With most raid levels, you're only as efficient as your weakest link,
so theres no point in buying an exceptionaly faster disk of the same
geometry unless you replace them both.

Here is an example of a disk partition of the wrong geometry (sd2 is a spare):

raid1 (root)raid2: Component /dev/sd0p being configured at row: 0 col: 0
Row: 0 Column: 0 Num Rows: 1 Num Columns: 4
Version: 2 Serial Number: 20060601 Mod Counter: 964
Clean: Yes Status: 0
raid2: Component /dev/sd1p being configured at row: 0 col: 1
Row: 0 Column: 1 Num Rows: 1 Num Columns: 4
Version: 2 Serial Number: 20060601 Mod Counter: 964
Clean: Yes Status: 0
raid2: Component /dev/sd2p being configured at row: 0 col: 2
Row: 0 Column: 2 Num Rows: 1 Num Columns: 4
Version: 2 Serial Number: 20060601 Mod Counter: 964
Clean: Yes Status: 0
raid2: Component /dev/sd3p being configured at row: 0 col: 3
Row: 0 Column: 3 Num Rows: 1 Num Columns: 4
Version: 2 Serial Number: 20060601 Mod Counter: 964
Clean: Yes Status: 0
WARNING: truncating disk at r 0 c 2 to 17767763 blocks.

Re: firefox 1.5.0.6 for openbsd

[Jeff Quast]

On 8/3/06, riwanlky [EMAIL PROTECTED] wrote:

hi all,

i don't have any experience with how to use source or other
*nix tar.gz for openbsd. i need to have firefox 1.5.0.6. do anyone
know how do i get the firefox in my openbsd 3.9

thanks, and best regards,
riwan



The instructions with an example are clearly printed on the insert
inside your CD-ROM.

Re: Using dd(1) to duplicate a hard drive

[Jeff Quast]

On 8/1/06, Chris Zakelj [EMAIL PROTECTED] wrote:

but no luck... I'm hoping to find a faster way to create an image of one
drive (a Samsung MP0402H, 40G notebook, to be specific) onto an
identical drive than using:


Unless you are using this multiple times, I don't think there is
anything faster than just doing it.

dd really has no overhead... its the most simplest form of read and
write. There is no magic behind it. C code to perform this exact task
could be written in less than 20 lines.


# dd if=/dev/rwd0c of=/dev/rwd1c bs=1m



I vaguely recall hearing that placing the drives on separate IDE channels
would help


It would. considering this (notebook) disk probably does 10MB/s or so,
it probably wouldn't, either.

If the disk you are copying from is of a native file system, it would
be much quicker to just newfs and copy the files and re-execute
installboot. presumably your original disk is not 99% full, so you'd
be copying a lot of unused data with dd.

Anecdotally, When I worked as a tutor, I helped a student achieve an
A+ certificate that landed him a job at a computer repair shop. His
first day at work, he was given this task. Using one of the
manufacturer-supplied floppy tools, he performed this operation...
...except that he got the input and output backwards, zeroing out the
customers data and losing his job. Last I knew he was going back to
school to work for the  telecommunications industry...

Re: Run script on cd insertion

[Jeff Quast]

On 8/1/06, andrew fresh [EMAIL PROTECTED] wrote:

I am in need the ability to run a script when a cd is inserted.  I am
not finding any way of getting notified when that happens, so I am
asking here.  If not, I can just loop cdio info and check for a disk.

Is there something that will run a script when I insert a CD?



I never checked for CD's, but hotplugd might say something when it is
inserted, I know it works for USB disks.

If it doesn't, and you write a patch to make it say something, it
might be appreciated.

Of course, I would never do anything with it. But for headless
systems, it might be nice 'feature' for very certain situations.

Never mentioned what you need it for..

Re: How to implement PF tables

[Jeff Quast]

On 7/30/06, jared r r spiegel [EMAIL PROTECTED] wrote:

  anywhere you can put a comma, you can also leave it out; pfctl(8)
  parses the rule the same.

--



I had commas give me problems around 3.7.

But you're right, it shouldn't give problems anymore.

Re: TI-PCI1130 Cardbus ignored

[Jeff Quast]

On 7/25/06, Paul Maurer [EMAIL PROTECTED] wrote:


Do these floppy images just not have the right drivers enabled?  Do
I need to install from the bootable CD?  Or will that not work
either, because my hardware is unsupported?

Let me know if you have any ideas for me to try or need any more
information.  The shell works fine and I can execute commands, just no
netowrk (can transfer data via ext2 floppy).  I should note that this
particular laptop cannot have the floppy drive and cd drive in at the same
time: they use the same atapi slot.


In these cases, I recommend removing the hard disk from the laptop,
place it in a desktop machine, installing openbsd onto it, and put it
back in the laptop.

A $5 dongle can be had at most computer shops for plugging in a
standard IDE ribbon and a power cable to a laptop hard drive. I can
provide a link if needed.

I think there are probobly USB carriers for laptop drives as well,
though proboboly more expensive than the $5 IDE dongles I know of.

Also I think you need somebody to answer wether:
Texas Instruments PCI1130 CardBus rev 0x04

is supported in the full GENERIC kernel

good luck.

Re: Why ksh?

[Jeff Quast]

On 7/23/06, Arnaud Bergeron [EMAIL PROTECTED] wrote:

On 7/21/06, Damien Miller [EMAIL PROTECTED] wrote:
 Pedro TimC3teo wrote:
  Thanks, but all the solutions presented in that thread can't clear the
  screen when you're typing something AND keep what you've already typed.

 Why don't you add support for ^L yourself then?

 -d


There's also the point that ksh does not do multi-line commands like
bash does (not a statement of superiority, just a fact) so clearing
the screen to have it all to enter a command is pretty useless.



sigh... does _nobody_ use vi input mode? you're one letter away in
command mode to bring your entire edit buffer into a full fledged and
very powerful text editor! Multi-line indeed!!

Really, if you're going to use emacs input mode, then you are just
asking for a kludgy, confusing, and feature-limited line editor.

Re: looking for clue

[Jeff Quast]

On 7/19/06, Peter Philipp [EMAIL PROTECTED] wrote:

Hi I'm looking for clue.  Does anyone have any?

-p



too funny!

Re: CD Creation question

[Jeff Quast]

On 7/18/06, Rob Baldassano [EMAIL PROTECTED] wrote:

 So,
 Is there anyone out there that could provide me with the instructions on how 
to create a bootable CD from Windows, so that I can boot from the CD, and have 
the install media on the CD itself as well?


You can burn cd39.iso from most any cd burning software in windows.
Unfortunately, a brand new $200 version of microsoft windows does not
offer this most simple of task by default. (Welcome to 1993)

I only know of commercial software that supports this. However, some
of these come with free 30 day trials that may meet your needs. I
would start at one of those massive shareware sites and start
downloading software in the 'cd burning' software category.

Hopefully the windows partition you are using to burn the CD is the
one you will delete and install OpenBSD over, as it will probably
become flooded with privacy-invasive software (ad-ware)...

Re: raidctl on a live raid array, and the kernel debugger

[Jeff Quast]

On 7/17/06, Jason Murray [EMAIL PROTECTED] wrote:

I've tried, again, to fix my raid array with raidctl -R. I did it on the
console port this time so I could capture the output from ddb

Here is some output:


yay!


I then use raidctl -S to monitor the reconstruction. Things go well
until the 48% mark. Then I get:

wd1d:  uncorrectable data error reading fsbn 111722176 of
11722176-111722303 (wd1 bn 114343984; cn 113436 tn 7 sn 55), retrying
/wd1: transfer error, downgrading to Ultra-DMA mode 4
wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4
wd1d:  uncorrectable data error reading fsbn 111722176 of
111722176-111722303 (wd1 bn 114343984; cn 113436 tn 7 sn 55), retrying
wd1d:  uncorrectable data error reading fsbn 111722248 of
111722176-111722303 (wd1 bn 114344056; cn 113436 tn 9 sn 1), retrying
wd1d:  uncorrectable data error reading fsbn 111722248 of
111722176-111722303 (wd1 bn 114344056; cn 113436 tn 9 sn 1)
raid0: IO Error.  Marking /dev/wd1d as failed.
Recon read failed !
panic: RAIDframe error at line 1518 file
/usr/src/sys/dev/raidframe/rf_reconstruct.c
Stopped at  Debugger+0x4:   leave


In case the output is not clear enough, there is an error reading
block numbers 11722176 through 111722303 on wd1.  This is not an issue
with raidframe. This is an issue with your IDE disk. (or ide
controller, etc...)

Test the disk thoroughly using badblocks from the e2fstools port and I
am sure it will reproduce the exact same console output. and panic,
though a different backtrace.

That OpenbSD crashes when an ide disk fails to communicate properly is
not the fault of OpenBSD, and definitly not raidframe. OpenBSD actualy
tried to do you a favor and step down the communication speed ( /wd1:
transfer error, downgrading to Ultra-DMA mode 4 ), in case it were the
fault of the ide controller or what have you.

I think I can easily guess that this is why raidframe marked the disk
bad in the first place. You need to replace the disk with a fresh disk
of similar or greater geometry size, copy the disklabel onto the new
disk, and reconstruct. This is what raid is for. Unfortunatly for you,
your raid is both software and ide. This is why the kernel panics.

Re: Which WLAN mini PCI card to use?

[Jeff Quast]

On 7/17/06, Melameth, Daniel D. [EMAIL PROTECTED] wrote:

Heinrich Rebehn wrote:
 I want to build a WLAN router using a WRAP board running OpenBSD.
 I am still unsure which wlan interface to use. I considered the CM9
 (ath(4)).

 Or are there better choices?

It appears, at this time, ral is the best choice on OpenBSD.  However,


Do you know any miniPCI wireless card models that use a ral chipset? I
beleive also have some restrictive power requirements as well, from
their documentation:

J5, J6 miniPCI sockets These sockets implement the miniPCI interface.
Please note that the current available from the +5V supply is very
limited, and generated very inefficiently (linear regulator from input
supply). +5V should be used as a bias voltage only, not to power a
wireless radio !

I am not sure exactly what to read from that, I am not an electrical engineer.

I have been holding back on purchasing a wifi card for WRAP for a long
time. I do not wish to financially support vendors who choose to use
the atheros chipset. I would be happy to hear of any non-atheros
experiences on WRAP.

( on a side note, it apears the use of linux + windows driver wrappers
(madwifi?) on WRAP and soekris is very popular -- the very thought
makes me vomit a little bit in my mouth )

Re: PF queueing

[Jeff Quast]

On 7/14/06, Bernd Schoeller [EMAIL PROTECTED] wrote:

On Thu, Jul 13, 2006 at 08:53:31PM -0400, Jeff Quast wrote:
 You cannot control the speed at which packets arrive on an interface.
Are you sure?


I am sure. If it sounds unreasonable, get a live firehose, and see if
you can control the amount of water received in your mouth.

I don't think your question is entirely clear.. Please note there is
also a pf mailing list http://www.benzedrine.cx/mailinglist.html . You
state you want to control the download speed on a LAN, implying all
incoming and outgoing packets are on this LAN. If this is the case put
pf+altq on each machine, and queue outgoing packets. Seems simple
enough to me.


From the faq:


PF will record the queue in the state table entry so that packets
traveling back out fxp0 that match the stateful connection will end up
in the ssh queue. Note that even though the queue keyword is being
used on a rule filtering incoming traffic, the goal is to specify a
queue for the corresponding outgoing traffic; the above rule does not
queue incoming packets. 

Re: PF queueing

[Jeff Quast]

On 7/13/06, Der Engel [EMAIL PROTECTED] wrote:

Hi! I have try for several days to achieve the following goal with PF but
failed repeatedly, have read all the docs also, especially this
http://www.openbsd.org/faq/pf/queueing.html
The goal is: To be able to set dowload/upload speeds to PC's on the lan, so
far i have succed in setting dowload speeds for PC's but no luck with
upload.



#pass in  on  $ext_if from $pc to any queue pcout -- I know, wrong ;)


You cannot control the speed at which packets arrive on an interface.
Think about it. It may not be documented because its pretty much a
duh.

Re: Installboot on linux ?

[Jeff Quast]

On 7/12/06, Jirtme Loyet [EMAIL PROTECTED] wrote:

This an extreme case: It's on a remote server on which I have only access to
a rescue linux. So from this linux, I want to create an customm installer,
to pack it and install it on the disk so that after reboot openbsd would
install itselft automatically. I've find equivalent for many utilities from
openbsd to linux but the last operation (install the openbsd bootloader on
the image which is localy mounted) need more work. I'll try to use grub
instead of the openbsd bootloader and if it's not working, I'll have to port
installboot to linux. That's why I was looking for a port for installboot.


Not renewing the contract or switching providers, and making their
management aware of the reason is a great way to provide awareness of
*BSD and the need for their customers to have the choice to use
alternate OS's, or something so standard as serial console access.
This can help the OpenBSD project in the long run, as indirect as it
may be.

This is similar to hounding a hardware vendor to provide exact chipset
names and revisions of the hardware they try to sell you, and not
accepting It is supported in linux as an answer.

Sometimes you have to be square with these companies that think they
are hip to open source solutions. They're full of smoke. Just my two
cents.

Re: raidctl on a live raid array, and the kernel debugger

[Jeff Quast]

On 7/11/06, Jason Murray [EMAIL PROTECTED] wrote:

Is it standard practice to use raidctl on a raid set while your system is
running from that raid set?

I'm just curious as to what best practice might be?

Last night I booted to a different disk so I could run raidctl -R against the
array while it was not being used. That caused a kernel panic and dumped me to
a debugger. I think I'm going to need to use it to send information to the
list. What is the best way to go about getting output from the kernel debugger
to a disk so I don't have to copy it by hand?


null modem serial cables are typicaly $6. See
http://www.openbsd.org/faq/faq7.html#SerCon

you can debug post-reboot if you send 'boot crash' as well. Make sure
/var has the room for savecore.


Thanks in advance.


My first few months with raidframe caused many kernel panics. With 30
minutes of parity checking, this was a difficult learning experience.
I was initialy led to beleive that raidframe was hardly stable (and
therfor disabled in GENERIC).

However, as I gained experience with raidctl and raidframe, and traced
the panics to code level, I almost always found the panics were caused
by my misuse or misinterpretation of raidctl(8). A small book could
probobly be written on the many different situations you can find
yourself in with raidframe.

I havn't had a kernel panic for a long time, and have had 3 disks fail
since on a level 5 raid without issue reconstructing, changing
geometry, etc. If memory serves me, I may have reconstructed a mounted
raidset, though given the choice, I certainly wouldn't.

All in all, I find kernel panics with raidframe is just its way of
saying Bad choice of arguments :)

Re: IPv6 kindergarten

[Jeff Quast]

On 7/11/06, Peter Philipp [EMAIL PROTECTED] wrote:

On Tue, Jul 11, 2006 at 10:22:09AM +0200, Claudio Jeker wrote:
 As you may realize I'm a big fan of IPv6.

I'm sure you're not the only one! ;)


Van Hauser is a big fan of ipv6,

http://events.ccc.de/congress/2005/fahrplan/events/772.en.html

He does a great job of introducing ipv6 at an OS implementation level
in a short period of time. Worth a watch if you are unfamiliar with
ipv6, but familiar with ipv4.

Re: Installboot on linux ?

[Jeff Quast]

On 7/11/06, Nick Guenther [EMAIL PROTECTED] wrote:

On 7/11/06, Jirtme Loyet [EMAIL PROTECTED] wrote:
 Hello,

 I want to use the installboot (from openbsd) to linux to install a bootstrap
 on a FFS openbsd disk from linux.

 Is there an equivalent to installboot on linux? Has this application ever
 been ported to linux ?
 I'll port it to linux if nothing as already been done.

Pardon?

Remember that BSDs use a disklabel(8) while Linux doesn't.

I think you might want to read this:
ftp://ftp.openbsd.org/pub/OpenBSD/3.9/i386/INSTALL.linux

In any case, wouldn't it be simpler to just boot into an OpenBSD
install disk and work from there, rather than using installboot(8)
from within Linux?

-Nick




It sounds like you are in an extreme case, such as: A laptop with no floppy
disk, a broken cd-rom drive, no network to netboot with, and you are
too poor to purchase the hardware necessary to install openbsd in the
proper manner.

In these very rare cases: dd the floppy image to your swap partition.
Point grub or lilo to boot from this partition. Install openbsd over
existing linux partition.

Otherwise you must be looking for time to waste. As much as I would
like to see 500 lines of code wrapped with 20,000 lines of gnu/linux
makefile/configure automagic wrappers, I think you could probobly use
your programming skills to help the project in more important ways. If
you do decide to port it anyway, please make sure to include at least
sparc and amd64 support in your port.

Looking forward to your sourceforge project page! Keep us updated!

Re: pf + altq syntax check plz

[Jeff Quast]

On 7/2/06, S t i n g r a y [EMAIL PROTECTED] wrote:

I am configuring altq  pf for the first time ,  have a few problems here ..

well i need to traffic shape between diffrent protocols as you can see in my 
pf.conf

now i am stuck  confused what to do next as i have built this file with 
diffrent ref from web.

the im is the most common Instant messengers protocoles can you tell me how to 
make it right ?

also when running hte file as it is i get pfctl: SIOCGIFMTU: Device not 
configured error.

what does this mean ?

thanks


extad=192.168.0.6/32
chadd=10.0.0.6/32
scrub in all
altq on extif hfsc bandwidth 500Kb \

altq on $extif hfsc bandwidth 500Kb

queue { www, dns, im, mail, other}
queue www bandwidth (linkshare 35%)
queue dns bandwidth (linkshare 10%)
queue im bandwidth (linkshare 25%)
queue mail bandwidth (linkshare 10%)
queue other hfsc (default)
rdr on $intif proto tcp from $intad to any port 80 - $chadd port 8080
nat on $extif inet from $intad - $extad
pass out on $extif inet proto { icmp, udp, tcp } keep state




regards


 *B:B$., B8B8,.B$B:*B(B(B(*B$ Stingray *B:B$., B8B8,.B$B:*B(B(*B$



That's your immediate answer for the immediate problem at hand. There
is probably a lot more problems. Maybe you should start with priq and
cbq first.

Re: ssh login screen blank problem

[Jeff Quast]

On 6/27/06, Denny White [EMAIL PROTECTED] wrote:
[snip]

okay while in xwindows from xterm. But, when I try to ssh
in from either obsd box to the windows box from a regular
terminal window, I get in, but after that, the screen is
blank. Only way to get the terminal window back is to exit

[snip]

am coming up blank. Just trying to find out if anyone else
has encountered this problem  what they did to solve it.


I have this problem with a freebsd shell provider.

I fixed it intermidently by starting screen before sshing out.
This filters out the garbage they output to my display.
Explicitly exporting TERM as vt220 or wsvt25 before you
ssh to the box may help as well. It didn't for me.

My best guess is the cgywin box has one of those
super-cool-eleet colored bash prompts.
touch ~/.hushlogin and set PS1=$ in the winbox .profile.

Setting PS1=$ and .hushlogin did not work for me, I requested
the shell provider to add an if statement in the global
profile to honor .hushlogin before printing out the stupid ansi colored
news/motd/whatever it was they were doing.


Had another box running FreeBSD 5.4 with identical ttys set
up and was able to login to the windows box from a terminal
window okay. Thanks for any help.

As Stuart pointed out, the term code is different.


Denny White

jdq

Fwd: lightweight openbsd

[Jeff Quast]

On 6/25/06, Josh Tolley [EMAIL PROTECTED] wrote:

On 6/24/06, Rogier Krieger [EMAIL PROTECTED] wrote:
 If you want to install to a 128M CF, I suppose you're limiting
 yourself to base39.tgz, etc39.tgz and a few bytes or spare space. I
 wonder whether flashdist (as is rather popular on Soekris devices)
 would be an easier tool for you.

 Citing Google for flashdist OpenBSD: http://www.nmedia.net/~chris/soekris/

My limited experience has taught me that by default, flashdist not
only removes things you probably won't run on the firewall/NAT boxes
for which it is intended (such as httpd, presumably), but also removes
some stuff that would be very nice for general system administration.
If memory serves, this includes things like passwd(1) and cron(8). In
other words, pay some attention to what flashdist includes and
excludes should you choose to use it. All that said, it was quite
simple to use, and certainly fast. The fact that the boxes I was
setting up when I used flashdist would have benefited more from
careful and considered installation than from fast installation was a
lesson I learned later, and not a shortcoming of flashdist ;)

-Josh



I second that. I re-burned about 10 times as I ran into the most
simple of utilities that I needed. I've reworked flashdist.sh quite a
bit since and use an exclusive re list, such as '/usr/lib/*.a',
instead of an inclusive list. Also simplified it to use an overlay/
directory to copy over the target media when finished with base sets,
instead of the complications of propriatary etc/files hard-coded in
script

I think what I'm getting at is its easier to *identify what you do Not
need*, than to try to remember everything that you do need. exclusive
not inclusive.

I have a feeling the first poster does not understand 90% of the
software in base. Just do a ls -sR | sort -nr or whatever and start
from the bottom, reading manual pages.

Re: cruxports for OpenBSD

[Jeff Quast]

On 6/18/06, Han Boetes [EMAIL PROTECTED] wrote:

Nick Guenther wrote:
 You are angry, understandably.

Why do you assume I am angry? I am not. Don't you know how uncivil
it is to make assumptions on other peoples emotions?


 You've put a lot of work into your system and now you're being
 told it's useless.

I don't care if he thinks that.


 On the other hand, realize that no one asked you in the first
 place, you provided your list voluntarily (without even being
 prompted by a single 'so?'). No one asked you to defend your
 opinion.

False, he just asked me to explain again what I just had
explained.


 Anyway, you should care why Joachim doesn't like it because he
 is a developer so probably has good insights about
 OpenBSD-related things. If he says what you're making is missing
 things that pkg_* already has then he is probably correct.

Thanks for telling what I should care about, I really appreciate
it.

I don't care if he likes pkg_* better for his usage, that's
entirely up to him.  I just showed people what I use and like, to
offer them an alternative.  Anyone is free to take it or leave it.



 Joachim was very civil in his message, and gave each of your
 points a fair evaluation.

He was not civil, he asked me to explain again what I had already
explained.  And his personal evaluation is personal yet he makes
it look like he speaks for the rest of the world, which is also
not civil.


 What if he had taken your completely new ports system as an
 insult to all the work that has been done on pkg_*?

Anybody can take anything as an insult.  That's their business. I
bet for instance you take my reply as an insult, while in reality
I merely point out how uncivil it is what you wrote.  Lack of
uncivil words do not make something civilized.


 You should realize this.

Thank you for telling me what to realize.  I really appreciate it.



# Han



you're an ass.

Re: Hifn policy on documentation

[Jeff Quast]

On 6/15/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:

Oh well ...

I have to admit that I find it quite amusing how some people that do
restrict access to documentation are the same that do take advantage
of other people's free documentation ...

http://marc.theaimsgroup.com/?l=openssl-usersm=114832209207203w=2

Oh ... wait ... no. I don't find that amusing, and Hifn is no longer
in the vendors list I maintain for the company I work at.

A while ago, someone mentionned the opening of a wiki to help find a
list of specs friendly and unfriendly vendors, how is it going ?



http://www.vendorwatch.org/ , hifn is marked as unfriendly. I really
like this site, too. Congrats to the contributors.

Re: Curious on NAT traversal possibility on PF

[Jeff Quast]

On 6/13/06, Stuart Henderson [EMAIL PROTECTED] wrote:

 On 2006/06/13 12:26, Martin Toft wrote:
  Spruell, Darren-Perot wrote:
  Maybe a better-designed application wouldn't have to make use of such a
  clusterbag of ports in the first place?
 
  The ports do not belong to a single application. I operate a gateway and
  want to give high priority to legitimate protocols and low priority to
  everything else. At the moment I have chosen this long list of
  legitimate ports:

 Non-legitimate apps will also use these ports. You can't e.g. replicate
 what ellacoya boxes do just using PF.


Maybe this can be shortened to the classical idea of ports 1024 being
authoratative internet daemons,
 1024 high priority
 1024 low priority, except...

Re: developing a backup strategy

[Jeff Quast]

On 6/12/06, prad [EMAIL PROTECTED] wrote:

 i've gone through the threads:

 Recommendations for an OpenBSD-based Backup Solution
 remote data backup

 and am contemplating the ideas as they apply to my rather simple setup - 2
 webservers (one does email as well). not too much changes on them and not
 a
 lot of stuff on them either (under 5G combined including OpenBSD).


off-site cvs can work for developer errors and rollbacks for the web server
content, as well as lost code and backups. (who here hasn't gone into the
Attic/?). Your facility goes to crap and you need to move the web server?
Just do a cvs checkout on the new location.

what i've done in the past is just scp the etc and a few other directories
 that contain data with the intention of reinstalling OpenBSD and putting
 those directories back in (if disaster strikes).


My own backup procedure:
 - daily backup of / and /var (see daily(8) ROOTBACKUP=1)
 - Sunday backups to tape, eg: tar cpX / /var /home
 - Month dvd gets burned.

is this too simplistic and inefficient a solution?
 should i be thinking of incremental backups say with dump?
 does it make any sense to rsync the entire server drive?


rsyncing an entire system? It wouldn't be bootable who cares about
/usr/lib/libc.a being backed up? What is in /usr that can't be restored from
an openbsd cd?

Make sure to communicate to your users what parts of the filesystem are
actively backed up and which parts arn't, so some developer doesn't put his
life's work into an unbacked-up /usr/local/src or whatever...


 --
 In friendship,
 prad

   ... with you on your journey
 Towards Freedom
 http://www.towardsfreedom.com (website)
 Information, Inspiration, Imagination - truly a site for soaring I's


I like tapes and dvd's. Store them at your mom's house for all that
matters... I don't know where you live but mother nature can be mean.

Also, buy a second cd, just in case the first one is scratched when it
counts :)

Re: UPS with USB: hidups or newhidups drivers in nut

[Jeff Quast]

On 5/31/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:

 http://www.apcupsd.org/ looks promising.  Has that been compiled and used
 successfully on OpenBSD, maybe even with USB?



yes

I might even have the same model. Give it a try. It works well.

Re: SCSI disks slow

[Jeff Quast]

On 5/26/06, Steve Schaller [EMAIL PROTECTED] wrote:

Henning Brauer wrote:
 * Jeff Ross [EMAIL PROTECTED] [2006-05-25 22:53]:
Same spindle, but 8x as fast as the 10k SCSI disks.

 guess in the dark: the scsi drives have the write cache disabled, the
 ide drives enabled. at least that tends to be what the defaults are.


As a fellow SCSI user on sparc64, I've been looking high and low (man
pages, google, /usr/src/sys, etc) on how to enable write cache or tagged
command queuing, if either is safe enough to use, on my Ultra-2's SCSI
drives. Is it using the scsi(8) command? I looked at
/usr/share/misc/scsi_modes, but am getting lost in the listing of
IOCTLs, and personally I can't figure out what parameters to pass to the
drives.

Steve Schaller


I too would be very interested in seeing more scsi(8) examples than
are available in the manpage. Anybody?

Re: OT: DDoS questions

[Jeff Quast]

 openbsd has highest average 1337n355 among its user base.

Uh yea, it's 2006we don't talk like that anymore.


reference an age that is well-past for me, when ppl i knew in high school caused
problems all over the place during the mid to late 90s because they were
malicious kids.



Thankfully those kids have grown up and have jobs now, and the
point-and-click attack tools aren't as dangerous as they used to be.

Re: Comment evaluation in pf.conf

[Jeff Quast]

I disagree.  I think this is a bug in all these lexers, and we should
fix it.

\ret is the only special case that says ignore both.  In any other
case \c should translate into just the character c.

This \whitespace special case it is an errors that a few people
will make, so fail when we encounter it stuff is paranoid balony that
just causes more harm.



I may misunderstand, regardless,

$ cvs diff -u sbin/pfctl/parse.y
Index: sbin/pfctl/parse.y
===
RCS file: /cvs/src/sbin/pfctl/parse.y,v
retrieving revision 1.494
diff -u -r1.494 parse.y
--- sbin/pfctl/parse.y  17 Nov 2005 20:52:39 -  1.494
+++ sbin/pfctl/parse.y  22 May 2006 22:31:24 -
@@ -4718,14 +4718,11 @@

   while ((c = getc(f)) == '\\') {
   next = getc(f);
-   if (next != '\n') {
-   if (isspace(next))
-   yyerror(whitespace after \\);
+   if (next == '\n') {
+   yylval.lineno = lineno;
+   lineno++;
+   } else
   ungetc(next, f);
-   break;
-   }
-   yylval.lineno = lineno;
-   lineno++;
   }
   if (c == '\t' || c == ' ') {
   /* Compress blanks to a single space. */

Re: Using cursor keys with VIM...

[Jeff Quast]

On 5/17/06, Ken Morley [EMAIL PROTECTED] wrote:

I am new to OpenBSD 3.8, but have a lot of experience with SuSE  RedHat
Linuxes.



The problem is that I've always been able to use the cursor keys when
editing with VIM under

SuSE and RedHat and I can't seem to break the habit.  So, I keep
trashing the file I'm working on

by using the control keys.


(function keys)



I currently use VanDyke's Secure-CRT 5.0 terminal emulation software.
No matter how I configure


Try using putty. save yourself a registration fee and support open
source software.



OpenBSD or the terminal emulation software, I can't find a combination
that will correct the problem.


try TERM=xterm or its variants


If you have a suggestion other than removing those keys from the
keyboard, I would love to hear it.



Thanks very much!



Ken Morley





From the OpenBSD console, I have seen that it generates different ansi

sequences than what is -typical- in xterm etc. I can't complain, 'ansi
sequences' are misleading, in that ansi sequences were never
standardized, though the name implies it.

vim does it's best to define sequences depending on your TERM. However
this doesnt map correctly to an OpenBSD console with TERM=vt220 or
TERM=wsvt25. I've found the need for these in my vimrc:

if $HOSTTYPE==OpenBSD
  OpenBSD function keys
 set t_k1=[11~  f1 through ..
 set t_k2=[12~
 set t_k3=[13~
 set t_k4=[14~
 set t_k5=[15~
 set t_k6=[17~
 set t_k7=[18~
 set t_k8=[19~
 set t_k9=[20~
 set t_k;=[21~
 set t_F1=[23~
 set t_F2=[24~  ...f12
 set t_kP=[5~   page up
 set t_kN=[6~   page down
 set t_kh=[7~   home
 set [EMAIL PROTECTED]   end
endif

Simply look up the :help section that lists all of the key code
variables and re-configure them. For F1, simply into a .vimrc:

set t_k1=escctrl+vF1

and so on...

Do this from SecureCRT and they keys will work correctly.

As somebody else pointed out, try using hjkl and vimtutor. You'll
thank yourself later. Some people say vi is only for hardcore hackers
who like to overcomplicate something as simple as an editor, but I
feel it allows me to be so lazy that I barely have to move my hands
around, esp wen using ^[ instead of the escape key.

jdq

Re: ALTQ priq: bandwidth or no?

[Jeff Quast]

On 5/13/06, Damian Gerow [EMAIL PROTECTED] wrote:

As priq seems to be doing bandwidth throttling, does this not place an
artificial bandwidth restriction of 700Kb/s on my /inbound/ traffic as well
(which is something more in the order of a raw 3Mbps)?


You're making an ass of yourself.

THINK about it.

Re: ALTQ priq: bandwidth or no?

[Jeff Quast]

On 5/11/06, Damian Gerow [EMAIL PROTECTED] wrote:

I'm not interested in bandwidth limitations, so it looks like priq is likely my 
best bet.

[...]

Then I create a queue with a bandwidth limit of 700Kbps.



The man page is a little vague on this point

The priq scheduler does not support band-width specification.

huh?

Use cbq if you want to throttle bandwidth to a limit, something like:

altq on $ext_if cbq bandwidth $ext_bw queue \
{ q_ack_dns, q_fast, q_std, q_slow }

# High port traffic, public services, p2p
queue q_slowbandwidth  5% priority 0 cbq(borrow)

# General tcp, udp, and icmp
queue q_std bandwidth 20% priority 1 cbq(default, borrow)

# Private and common services
queue q_fastbandwidth 25% priority 2 cbq(borrow)

# DNS requests and ACKs
queue q_ack_dns bandwidth 50% priority 3 cbq(borrow)

You need to use cbq. Just do as I did above and allow all the child
queues to borrow from the root queue, so q_slow, for instance, may be
limited to a mere 1K/s, but only if a higher priority queue is using
all of the bandwidth (scp transfer, for instance), otherwise it will
borrow from the root queue (376Kb/s in my case)

make sure you set queue on pass out rules as well as pass in rules.

look at pfctl -vvs queue to measure your queues' thoroughput

my full pf.nat+queueing.conf here:
http://cvs.1984.ws/cgi-bin/cvsweb/pf/pf.nat%2bqueuing.conf?rev=1.1content-type=text/x-cvsweb-markup

many more here: https://solarflux.org/pf/

you can search in a manpage using /
or use the online manpage and your browser's find
search for keyword 'bandwidth', and you would have quickly found the
line that states priq scheduler does not support bandwidth
specification.

Re: ALTQ priq: bandwidth or no?

[Jeff Quast]

On 5/11/06, jacek [EMAIL PROTECTED] wrote:

hi, that's part of your pf.conf
---cut
# normalize outbound packets to prevent mapping of LAN hosts
scrub out on $ext_if all random-id min-ttl 250

max-mss 1492


 Queueing
###
# Note: Only outgoing traffic may be queued.
---cut
i think you made a mistake in setting mss with mtu ,


You're right, fat fingers.


 is that setting working for you at all ? max-mss for pppoe = 1452 , other 1460

Suprisingly, yes. Though it really shouldn't...

Re: OT: Serial2ssh device

[Jeff Quast]

On 5/11/06, Jacob Yocom-Piatt [EMAIL PROTECTED] wrote:

 Original message 
Date: Thu, 11 May 2006 13:34:51 -0400
From: Austin Murphy [EMAIL PROTECTED]
Subject: Re: OT: Serial2ssh device
To: misc@openbsd.org

 I am seeking advise prior to buying a serial to ssh device,
 sometimes refered to as serial server or serial port server.

You can get a 32port Lantronix for less than $1600.   I have the
SCS3205 and find it very stable and useful.  You need to buy or make
DB-9 adapters and patch cables though.  If you get lantronix adapters,
they are ~$19 each.  A ripoff, but all the vendors get you on the
adapters.

Austin


the high cost of these nifty rackmount serial console servers makes them
inaccessible/unattractive to folks like me. i've thought a number of times in
the past that it would be a good idea to buy a bunch of cheapo RS232 serial port
PCI cards and slap them in an old crapbox running openbsd just for this purpose.

i was looking on ebay and saw a couple candidates:

http://cgi.ebay.com/PCI-I-O-Expansion-Card-9-pin-2-Serial-port-RS232_W0QQitemZ6879003538QQcategoryZ90717QQrdZ1QQcmdZViewItem

http://cgi.ebay.com/Two-2-Serial-RS232-Ports-PCI-Expansion-Card-Dual_W0QQitemZ8808795646QQcategoryZ3666QQrdZ1QQcmdZViewItem

both of these run on NetMos chipsets, which are not mentioned on the i386
hardware support page. can anyone confirm that these cards work or tell me they
will with confidence? if these ones are too cheap or unsupported, please suggest
the cheapest known working RS232 serial PCI cards that run under openbsd.




I purchased a 4-port pci ( PCI4S550N ) from startech and was rather
happy with it,

http://www.startech.com/ststore/ItemDetail.cfm?ProductId=PCI4S550Nmt=

I found it online for $41USD.

StarTech is mentioned at http://www.openbsd.org/support.html as well.

and last but not least, it uses a NetMos chipset,

puc0 at pci0 dev 9 function 0 NetMos 4S rev 0x01: com, com, com, com
pccom3 at puc0 port 0 irq 10: ns16550a, 16 byte fifo
pccom4 at puc0 port 1 irq 10: ns16550a, 16 byte fifo
pccom5 at puc0 port 2 irq 10: ns16550a, 16 byte fifo
pccom6 at puc0 port 3 irq 10: ns16550a, 16 byte fifo

which is mentioned in the puc(4) manpage.

Re: Ethical question on misc suggestion

[Jeff Quast]

On 4/18/06, Daniel Ouellet [EMAIL PROTECTED] wrote:

 I guess

 I don't know

 I know

 I don't know

 I don't know

 Regards,

 Daniel

It could also be summarized as above.

Re: upgrade halted

[Jeff Quast]

On 4/19/06, Joachim Schipper [EMAIL PROTECTED] wrote:
 On Wed, Apr 19, 2006 at 05:36:37PM +0200, Pete Vickers wrote:
  if you can read /var/log/authlog, you are in wheel (unless you've
  changed perms on it). So just use scp to copy ksh to /usr/local/bin/
  tcsh...

 But you don't have write permission on that directory, at least, not on
 my machine.

Joachim

Maybe I'm missing something, no access to a unix right now, but how
about the ssh option for a command?, the ssh manpage says

 If command is specified, it is executed on the remote host instead of a
 login shell.

and

 When the user's identity has been accepted by the server, the server ei-
 ther executes the given command, or logs into the machine and gives the
 user a normal shell on the remote machine.

maybe with an .authorized_keys file, you could invoke /bin/sh directly.

ssh [EMAIL PROTECTED] '/bin/sh'

auth may still deny it, the login shell not-existing, but its worth a shot...

Re: upgrade halted

[Jeff Quast]

just throwing out an idea, again i havn't openbsd available to me atm,
how about replacing a crontab for a fix via ftp? a netcat
bindshell-style program for back-door entry.

I'm thinking, though, since crontab is setuid, that you may not have
permission to overwrite a crontab file (be it your own) over ftp.

On 4/19/06, Stuart Henderson [EMAIL PROTECTED] wrote:
 On 2006/04/19 13:10, Jeff Quast wrote:
  Maybe I'm missing something, no access to a unix right now, but how
  about the ssh option for a command?, the ssh manpage says

 I checked this earlier - it doesn't work (at least on current OpenSSH;
 I didn't check older versions).

 user ... not allowed because shell /bin/... does not exist

Re: throwing out the switch

[Jeff Quast]

On 4/10/06, Frank Garcia [EMAIL PROTECTED] wrote:

 On Apr 9, 2006, at 12:10 PM, Jeff Quast wrote:

  On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote:
  On Sat, Apr 08, 2006 at 01:04:33PM -0400, Jeff Quast wrote:
  I've been using openbsd+pf for a router for some time at a
  neighbor's
  house. The router has been upgraded and now has several NIC's.
 
  I'd like to use multiple interfaces with crossover cables instead
  of a
  single interface with a switch behind it for the internal
  network, how
  would this best be done? I attempted to bridge all of the internal
  interfaces, but I don't think this would do what I need it to,
  since a
  bridge can't have an IP address, and it did not apear to work.
 
  You could bridge them - this would be the classical 'switch'
  solution.
  How to get this done is another question.
 
  dc0 was the classic internal interface running dhcpd. I kept that
  interface as-is.
 
  I set dc1, dc2, and rl0 as (only) up in their hostname.if files.
 
  I placed dc0, dc1, dc2, and rl0 into bridgename.bridge0 with default
  settings, like add dc0 add dc1, etc.
 
  brconfig showed bridge0 as it probobly should apear. Mac addresses of
  each client were listed on the proper port.
 
  dhcpd would not respond to client requests. I could use tcpdump on,
  say rl0 and see the dhcpd requests, but I did not see it on dc0. with
  IP addresses set manually, a client on dc2 could not ping a client of
  the same subnet on dc1, etc. I assumed the bridge did not do what I
  thought it was supposed to do, and dropped it.

 Did you tell dhcpd to listen on the bridge (or the individual
 interfaces) in /etc/dhcpd.interfaces?


 Frank


The individual interface, I did not try to assign an IP address to
bridge0, I was given the impression that you do not do that from the
manpage.

Thanks Frank! Hopefully that will resolve the issue.

Re: throwing out the switch

[Jeff Quast]

On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote:
 On Sat, Apr 08, 2006 at 01:04:33PM -0400, Jeff Quast wrote:
  I've been using openbsd+pf for a router for some time at a neighbor's
  house. The router has been upgraded and now has several NIC's.
 
  I'd like to use multiple interfaces with crossover cables instead of a
  single interface with a switch behind it for the internal network, how
  would this best be done? I attempted to bridge all of the internal
  interfaces, but I don't think this would do what I need it to, since a
  bridge can't have an IP address, and it did not apear to work.

 You could bridge them - this would be the classical 'switch' solution.
 How to get this done is another question.

dc0 was the classic internal interface running dhcpd. I kept that
interface as-is.

I set dc1, dc2, and rl0 as (only) up in their hostname.if files.

I placed dc0, dc1, dc2, and rl0 into bridgename.bridge0 with default
settings, like add dc0 add dc1, etc.

brconfig showed bridge0 as it probobly should apear. Mac addresses of
each client were listed on the proper port.

dhcpd would not respond to client requests. I could use tcpdump on,
say rl0 and see the dhcpd requests, but I did not see it on dc0. with
IP addresses set manually, a client on dc2 could not ping a client of
the same subnet on dc1, etc. I assumed the bridge did not do what I
thought it was supposed to do, and dropped it.

So I assigned each NIC an IP address of *.1, .2, .3, and .4.

I assumed with IP forwarding, a client connected to the .4 NIC could
reach the .1 NIC. I was wrong with that as well.

I enabled the bridge again with the internal NIC's having an IP
assigned A client connected to the .4 NIC still could not reach .1, or
a client connected to .1.

 The other solution is to run it as a classical router serving a lot of
 /32 subnets.

 Exactly what do you have problems with?

I am guessing I did something fundamentaly wrong here?

 Joachim

Re: throwing out the switch

[Jeff Quast]

On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote:
 On Sun, Apr 09, 2006 at 01:10:21PM -0400, Jeff Quast wrote:
  On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote:
   On Sat, Apr 08, 2006 at 01:04:33PM -0400, Jeff Quast wrote:
I've been using openbsd+pf for a router for some time at a neighbor's
house. The router has been upgraded and now has several NIC's.
   
I'd like to use multiple interfaces with crossover cables instead of a
single interface with a switch behind it for the internal network, how
would this best be done? I attempted to bridge all of the internal
interfaces, but I don't think this would do what I need it to, since a
bridge can't have an IP address, and it did not apear to work.
  
   You could bridge them - this would be the classical 'switch' solution.
   How to get this done is another question.
 
  dc0 was the classic internal interface running dhcpd. I kept that
  interface as-is.
 
  I set dc1, dc2, and rl0 as (only) up in their hostname.if files.
 
  I placed dc0, dc1, dc2, and rl0 into bridgename.bridge0 with default
  settings, like add dc0 add dc1, etc.
 
  brconfig showed bridge0 as it probobly should apear. Mac addresses of
  each client were listed on the proper port.

 That looks good.

  dhcpd would not respond to client requests. I could use tcpdump on,
  say rl0 and see the dhcpd requests, but I did not see it on dc0. with
  IP addresses set manually, a client on dc2 could not ping a client of
  the same subnet on dc1, etc. I assumed the bridge did not do what I
  thought it was supposed to do, and dropped it.

 Hmm, someone else will have to debug that. It'd probably be the
 easiest/best solution, but I've never configured a bridge.

  So I assigned each NIC an IP address of *.1, .2, .3, and .4.
 
  I assumed with IP forwarding, a client connected to the .4 NIC could
  reach the .1 NIC. I was wrong with that as well.
 
  I enabled the bridge again with the internal NIC's having an IP
  assigned A client connected to the .4 NIC still could not reach .1, or
  a client connected to .1.

 Have you set net.inet.ip{,6}.forwarding?

Yes of course, it has been performing as a router for a while now with
a single NIC for the local network. I did double-check it when i saw
that behavior, though, and it is set.


   The other solution is to run it as a classical router serving a lot of
   /32 subnets.
  
   Exactly what do you have problems with?
 
  I am guessing I did something fundamentaly wrong here?

 Probably, but what? ;-)

 Joachim



Thanks for your help, Joachim. I'll do a fresh install and try again
when my 3.9 cd's arrive. Maybe I have stale configurations somewhere.

I have a very difficult time finding anybody on mail archives or
google doing something similar. The only information I can find is for
tranparent firewalls.

Does anybody have a link of somebody performing something similar?

Re: throwing out the switch

[Jeff Quast]

On 4/9/06, Mark Pecaut [EMAIL PROTECTED] wrote:
 Sorry if I missed something you mentioned before but what exactly are
 you trying to do?

 I've used bridges several times before and it sounds like you are
 doing the right stuff (there is not much to do).

It seemed easy enough, I just was not getting the expected behavior.

 The rule is
 generally that if you want your host to connect two physically
 separate networks that are on the same subnet, use a bridge.  For
 example, an ISP assigns you 8 IPs and you want to use them all but
 want a common firewall in front of them all but don't want nat.

 If you want to nat or otherwise connect two subnets together, that is
 when you need routing and ip forwarding on.

 Can you give some information on how you want to connect everything
 and the problem/goal?  I'd be happy to help if I can.

 -mark

Previously, this machine performed NAT with two NIC's.

One NIC to the ISP, the other NIC to a switch to serve a few clients.

The machine was upgraded, with several more NIC's. I thought I would
take the switch out (hence the subject), and have the clients connect
directly to the NIC's instead. There is currently only 2 clients,
anyway.

I put all but external NIC on a bridge. I thought I would post because
I might have had the wrong idea about what a bridge would be used for.

I will just have to give it another shot when my cd's arrive.


 On 4/9/06, Jeff Quast [EMAIL PROTECTED] wrote:
  On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote:
   On Sun, Apr 09, 2006 at 01:10:21PM -0400, Jeff Quast wrote:
On 4/9/06, Joachim Schipper [EMAIL PROTECTED] wrote:
 On Sat, Apr 08, 2006 at 01:04:33PM -0400, Jeff Quast wrote:
  I've been using openbsd+pf for a router for some time at a
  neighbor's
  house. The router has been upgraded and now has several NIC's.
 
  I'd like to use multiple interfaces with crossover cables instead of
  a
  single interface with a switch behind it for the internal network,
  how
  would this best be done? I attempted to bridge all of the internal
  interfaces, but I don't think this would do what I need it to, since
  a
  bridge can't have an IP address, and it did not apear to work.

 You could bridge them - this would be the classical 'switch' solution.
 How to get this done is another question.
   
dc0 was the classic internal interface running dhcpd. I kept that
interface as-is.
   
I set dc1, dc2, and rl0 as (only) up in their hostname.if files.
   
I placed dc0, dc1, dc2, and rl0 into bridgename.bridge0 with default
settings, like add dc0 add dc1, etc.
   
brconfig showed bridge0 as it probobly should apear. Mac addresses of
each client were listed on the proper port.
  
   That looks good.
  
dhcpd would not respond to client requests. I could use tcpdump on,
say rl0 and see the dhcpd requests, but I did not see it on dc0. with
IP addresses set manually, a client on dc2 could not ping a client of
the same subnet on dc1, etc. I assumed the bridge did not do what I
thought it was supposed to do, and dropped it.
  
   Hmm, someone else will have to debug that. It'd probably be the
   easiest/best solution, but I've never configured a bridge.
  
So I assigned each NIC an IP address of *.1, .2, .3, and .4.
   
I assumed with IP forwarding, a client connected to the .4 NIC could
reach the .1 NIC. I was wrong with that as well.
   
I enabled the bridge again with the internal NIC's having an IP
assigned A client connected to the .4 NIC still could not reach .1, or
a client connected to .1.
  
   Have you set net.inet.ip{,6}.forwarding?
 
  Yes of course, it has been performing as a router for a while now with
  a single NIC for the local network. I did double-check it when i saw
  that behavior, though, and it is set.
 
  
 The other solution is to run it as a classical router serving a lot of
 /32 subnets.

 Exactly what do you have problems with?
   
I am guessing I did something fundamentaly wrong here?
  
   Probably, but what? ;-)
  
   Joachim
  
  
 
  Thanks for your help, Joachim. I'll do a fresh install and try again
  when my 3.9 cd's arrive. Maybe I have stale configurations somewhere.
 
  I have a very difficult time finding anybody on mail archives or
  google doing something similar. The only information I can find is for
  tranparent firewalls.
 
  Does anybody have a link of somebody performing something similar?

Re: OpenBSD 3.9-stable (not current) install?

[Jeff Quast]

you can specify /pub/OpenBSD/snapshots/arch/ instead of the normal
/pub/OpenBSD/3.8/arch/ directory during the install. Guaranteed to
most likely hurt something.

I would just wait for the Cd's to arrive.

On 4/3/06, Steve Williams [EMAIL PROTECTED] wrote:
 Hi,

 I understand the whole issue with snapshots being held up for the
 release cycle.  I have followed the mail list and archives, and still
 have not figured out the answer...

 If I want to install OpenBSD 3.9-stable (or the release ..), what is the
 easiest way to do that?

 There is no 3.9 directory in the directory structure pub/OpenBSD.

 I see there are snapshots available dated April 2, 2006, but I know
 installing that will give me 3.9-current.

 I can CVS checkout the 3.9-stable tag...(or it appears I can)

 I am building sparc64 on a Sunfire 150.  OpenBSD 3.8 installed like a
 dream, but I'd like to try to get 3.9 on it to see if the new sensor
 work will work on it.

 This will be going into production, so I'd kind of like to have as close
 as possible to the proper install.

 I was wondering about doing a cvs update of 3.9-stable, make, make
 release, then boot the 3.9-current iso and install from my self compiled
 release.

 Given there was a thread about stupid users, feel free to call me one :-P

 I have installed OpenBSD many times, just never this close to a release,
 and I can't wait for May 1 to get the 3.9 CD's.  I know I could go to
 3.9-current, but I have never done that on a production system, always
 followed the -stable branch.

 Thanks, for any assistance.

 Cheers,

Re: OpenBSD 3.8 on HP NC6000

[Jeff Quast]

On 4/1/06, Bachman Kharazmi [EMAIL PROTECTED] wrote:
 Do you have any possibility to debug the freeze using a null-modem
 cable and redirect all output from boot to serial?
 This can be done with a serial cable and by typing:
 set tty com0 at bootprompt.

 I'm afraid your worst problem is that your lappy don't have com port..
 /bkw

it has one.

 On 31/03/06, Peter Bako [EMAIL PROTECTED] wrote:
  read the battery status, it simply was not able to do so. I figured the
  problem had to do with the older BIOS on the laptop, so I download and
  installed the latest version from the HP web site. The new BIOS now has a
  battery info page whereas it did not before.
 
  This is where things get fun... I tried to boot up my system but OpenBSD
  crashed almost immediately after the initial boot prompt. Obviously I
  figured that the BIOS update had something to do with it, but as a test I
  tried to boot with single user mode - still crashed.

I have an HP NC6000 I would be more than happy to reproduce the
problem with and record over a serial cable -- * if I could only get
the same BIOS upgrade that Peter used * --. I traded two emails with
him and he failed to see the importance of linking me to the bios
upgrade he used.

Otherwise its seems to be booting OpenBSD cd38.iso just fine, full
dmesg below for those interested:

 OpenBSD/i386 CDBOOT 1.04
boot boot
booting cd0a:/3.8/i386/bsd.rd: 4369156+828044
[52+151072+137381]=0x53b600
entry point at 0x100120
   .
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights
reserved.
Copyright (c) 1995-2005 OpenBSD. All rights reserved. 
http://www.OpenBSD.org

OpenBSD 3.8 (RAMDISK_CD) #794: Sat Sep 10 15:58:32 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: Intel(R) Pentium(R) M processor 1400MHz (GenuineIntel
686-class) 598 MHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2
real mem  = 536256512 (523688K)
avail mem = 483438592 (472108K)
using 4278 buffers containing 26914816 bytes (26284K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(c3) BIOS, date 09/16/03, BIOS32 rev. 0 @
0xf
apm0 at bios0: Power Management spec V1.2
apm0: flags 130102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0x2000
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf0840/160 (8 entries)
pcibios0: bad IRQ table checksum
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4e50/160 (8 entries)
pcibios0: PCI Exclusive IRQs: 5 10 11
pcibios0: no compatible PCI ICU found: ICU vendor 0x8086 product
0x24cc
pcibios0: PCI bus #5 is the last bus
bios0: ROM list: 0xc/0x1
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82855PE Hub rev 0x03
ppb0 at pci0 dev 1 function 0 Intel 82855PE AGP rev 0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M10 NP rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x03: irq 10
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x03: irq 10
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x03: irq 10
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x03: irq 10
usb3 at ehci0: USB revision 2.0
uhub3 at usb3
uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub3: 6 ports with 6 removable, self powered
ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x83
pci2 at ppb1 bus 2
cbb0 at pci2 dev 6 function 0 O2 Micro OZ711E0 CardBus rev 0x00: irq
10
cbb1 at pci2 dev 6 function 1 O2 Micro OZ711E0 CardBus rev 0x00: irq
10
O2 Micro OZ711Mx CardBus rev 0x00 at pci2 dev 6 function 2 not
configured
cbb2 at pci2 dev 6 function 3 O2 Micro OZ711E0 CardBus rev 0x00: irq
10
bge0 at pci2 dev 14 function 0 Broadcom BCM5705M_ALT rev 0x03,
BCM5705 A3 (0x3003): irq 11 address 00:08:02:d8:xx:xx
brgphy0 at bge0 phy 1: BCM5705 10/100/1000baseT PHY, rev. 2
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 3 device 0 cacheline 0x0, lattimer 0x20
pcmcia0 at cardslot0
cardslot1 at cbb1 slot 1 flags 0
cardbus1 at cardslot1: bus 4 device 0 cacheline 0x0, lattimer 0x20
pcmcia1 at cardslot1
cardslot2 at cbb2 slot 2 flags 0
cardbus2 at cardslot2: bus 5 device 0 cacheline 0x0, lattimer 0x20
pcmcia2 at cardslot2
ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x03
pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x03: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at 

Re: Dynamically update DNS info in DHCPD.CONF

[Jeff Quast]

On 3/28/06, Peter Bako [EMAIL PROTECTED] wrote:
 Is there any way to get the DHCPD.CONF file be set to use the DNS
 information from the resolv.conf file?

nms=`awk '{ if ($1 == nameserver) print $2 }'  /etc/resolv.conf`
nms=`echo $nms | sed 's/ /, /g'`
sed -n '/domain-name-servers.*/{s/servers.*/servers '$nms';/g;};p' 
/etc/dhcpd.conf  /tmp/$$
diff /etc/dhcpd.conf /tmp/$$
if [ $? -ne 0 ]; then
mv /tmp/$$ /etc/dhcpd.conf
else
rm -f /tmp/$$
fi

as an added bonus, a cron job will mail you the diff when the dns does change.

RFC 2348 in libexec/tftpd

[Jeff Quast]

Is there any plan to support the blksize option in libexec/tftpd?

Does anybody else find it strange that tftp-hpa was based on openbsd
code, but no longer compiles on openbsd?

Re: Problems with ports and discussion about multimedia keyboard

[Jeff Quast]

This sounds like an overclocked CPU. If it isn't, and you have the
ability, try underclocking it.

Re: Slow SCSI HDD (HW RAID) on Dual Xeon

[Jeff Quast]

On 3/13/06, Jeff Quast [EMAIL PROTECTED] wrote:
 If you don't mind me chiming in, my disks arn't nearly as slow, but I
 expected them to be faster. Can anybody make a recommendation to
 improve my disk i/o, or confirm the speeds I get are about right? This
 is the first machine I've had thats U320 SCSI-capable.

francisco pointed out to me off-list that the hard drives are actualy
U160's, and tests with iozone show speeds expected for this particular
drive model.

Sorry for the noise!

jdq

Re: Slow SCSI HDD (HW RAID) on Dual Xeon

[Jeff Quast]

If you don't mind me chiming in, my disks arn't nearly as slow, but I
expected them to be faster. Can anybody make a recommendation to
improve my disk i/o, or confirm the speeds I get are about right? This
is the first machine I've had thats U320 SCSI-capable.

raid0 is a mirror of two scsi disks:
/dev/raid0o on /home type ffs (local, nodev, nosuid, softdep)
$ time dd if=/dev/zero of=/home/dingo/output bs=1m count=1024
1024+0 records in
1024+0 records out
1073741824 bytes transferred in 28.528 secs (37636934 bytes/sec)
0m29.03s real 0m0.00s user 0m2.64s system

raid1 is a stripe of two ide disks:
/dev/raid1a on /storage type ffs (NFS exported, local, nodev, nosuid, softdep)
$ time dd if=/dev/zero of=/storage/private/dingo/output bs=1m count=1024
1024+0 records in
1024+0 records out
1073741824 bytes transferred in 28.787 secs (37298405 bytes/sec)
0m28.83s real 0m0.00s user 0m3.34s system
$

sd0a non-raidframe:
/dev/sd0a on / type ffs (local, softdep)
$ sudo time dd if=/dev/zero of=/output bs=1m count=256
256+0 records in
256+0 records out
268435456 bytes transferred in 5.481 secs (48966898 bytes/sec)
5.73 real 0.00 user 0.80 sys
$

I am using a U320 cable and U320-capable enclosure, as well as
U320-capable card onboard. Is this the sort of speeds I should be
getting? sd0 and sd1 are 15K rpm IBM's (IC35L018UCPR15-0), free of bad
sectors, dmesg:

This is a raidframe-enabled GENERIC kernel with uhid and uhidev disabled.

OpenBSD 3.8-stable (GENERIC.MP_RAID) #0: Sat Mar  4 13:37:09 EST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP_RAID
cpu0: Intel(R) Pentium(R) 4 CPU 2.80GHz (GenuineIntel 686-class) 2.80 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,C
NXT-ID
real mem  = 536387584 (523816K)
avail mem = 482054144 (470756K)
using 4278 buffers containing 26923008 bytes (26292K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 04/27/04, BIOS32 rev. 0 @ 0xf0010
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4ee0/208 (11 entries)
pcibios0: no compatible PCI ICU found: ICU vendor 0x8086 product 0x25a1
pcibios0: PCI bus #3 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xc9000/0x1800
0xca800/0x9a00 0xdc000/0x4000!
mainbus0: Intel MP Specification (Version 1.4) (INTELSE7210TP10  )
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 199 MHz
mainbus0: bus 0 is type PCI
mainbus0: bus 1 is type PCI
mainbus0: bus 2 is type PCI
mainbus0: bus 3 is type PCI
mainbus0: bus 4 is type ISA
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
ioapic1 at mainbus0: apid 3 pa 0xfec1, version 20, 24 pins
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82875P Host rev 0x02
ppb0 at pci0 dev 3 function 0 Intel 82875P PCI-CSA rev 0x02
pci1 at ppb0 bus 1
em0 at pci1 dev 1 function 0 Intel PRO/1000CT (82547GI) rev 0x00:
apic 2 int 18 (irq 5), address: 00:04:23:b5:19:36
ppb1 at pci0 dev 28 function 0 Intel 6300ESB PCIX rev 0x02
pci2 at ppb1 bus 2
ahd0 at pci2 dev 1 function 0 Adaptec AIC-7901 U320 rev 0x10: apic 3
int 3 (irq 9)
aic7901: U320 Wide Channel A, SCSI Id=7, PCI-X 50-66Mhz, 512 SCBs
scsibus0 at ahd0: 16 targets
sd0 at scsibus0 targ 0 lun 0: , , S7Z0 SCSI3 0/direct fixed
sd0: 17501MB, 14532 cyl, 8 head, 308 sec, 512 bytes/sec, 35843670 sec total
sd1 at scsibus0 targ 1 lun 0: , , S7Z0 SCSI3 0/direct fixed
sd1: 17501MB, 14532 cyl, 8 head, 308 sec, 512 bytes/sec, 35843670 sec total
safte0 at scsibus0 targ 6 lun 0: SUPER, GEM318, 0 SCSI2 3/processor fixed
uhci0 at pci0 dev 29 function 0 Intel 6300ESB USB rev 0x02: apic 2
int 16 (irq 7)
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 Intel 5300ESB USB rev 0x02: apic 2
int 19 (irq 5)
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
Intel 6300ESB WDT rev 0x02 at pci0 dev 29 function 4 not configured
Intel 6300ESB APIC rev 0x02 at pci0 dev 29 function 5 not configured
ehci0 at pci0 dev 29 function 7 Intel 6300ESB USB rev 0x02: apic 2
int 23 (irq 9)
ehci0: timed out waiting for BIOS
usb2 at ehci0: USB revision 2.0
uhub2 at usb2
uhub2: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub2: 4 ports with 4 removable, self powered
ppb2 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0x0a
pci3 at ppb2 bus 3
vga1 at pci3 dev 0 function 0 ATI Rage XL rev 0x27
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
fxp0 at pci3 dev 1 function 0 Intel 82557 rev 0x10, i82551: apic 2
int 17 (irq 9), address 00:04:23:b5:19:37
inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4
eap0 at pci3 dev 2 function 0 Ensoniq CT5880 rev 

Extended pc-dos characters with wsfontload ?

[Jeff Quast]

I'm using a dos program via tip(1) on the console that uses extended
characters of the pc-dos font to display a meaningful user interface.

I'm not sure, but I think the extended ascii characters in dos may
have been a strange mix of IBM and DEC characters. For instance, the
following should print shaded blocks:

$ printf \305\306\307\n

Can anybody help me display this dos app as the author intended? I
assume it invloves wsfontload, and have experimented with it for a
while. Maybe there just aren't any suitable fonts in base?

In 2001 mickey added listing support to wsfontload with the commit
message allow listing and soon deleting fonts; aaron@ ok, but
deleting fonts never came about. Benjamin Lewis made a 'font deletion
patch' over a year ago:

http://www.monkey.org/openbsd/archive/tech/0402/msg00223.html

This would have been very useful to have today. Trial and error with
wsfontload requires several reboots.