Re: xfreerdp / remmina won't connect to Win11 RDP with NLA
On Wednesday, July 31st, 2024 at 16:11, Stuart Henderson wrote: > > What I also wanted to try was building 2.11.7 linked with OpenSSL on OpenBSD > > but couldn't figure out the magic build option combination, yet. There's a > > -DWITH_LIBRESSL flag in 3.x, but it's 3.x and I'm afraid it works the other > > way around (i.e. forcing LibreSSL instead of disregarding it). > > > I've not tried it with freerdp - in general you'll need something like > [...] Hah, thanks for the hints! Ultimately managed to find the cmake script(?) that searches for OpenSSL. Replaced the pkg-config (.pc) name it searches for. ===8<=== diff --git a/x11/freerdp/Makefile b/x11/freerdp/Makefile index 2fa4551fce3..720c1cc37e9 100644 --- a/x11/freerdp/Makefile +++ b/x11/freerdp/Makefile @@ -35,7 +35,8 @@ COMPILER_LANGS = c MODULES = devel/cmake CFLAGS += -I${X11BASE}/include \ - -I${LOCALBASE}/include + -I${LOCALBASE}/include \ + -I${LOCALBASE}/include/eopenssl33/ BUILD_DEPENDS =security/pcsc-lite \ textproc/xmlto ===8<=== Not even sure if I need *all* of that... And I just turned things off ===8<=== $ cat patches/patch-cmake_FindOpenSSL_cmake --- cmake/FindOpenSSL.cmake.origWed Jul 31 17:21:02 2024 +++ cmake/FindOpenSSL.cmake Wed Jul 31 17:21:17 2024 @@ -26,7 +26,7 @@ if (UNIX AND NOT ANDROID) find_package(PkgConfig QUIET) - pkg_check_modules(_OPENSSL QUIET openssl) + pkg_check_modules(_OPENSSL QUIET eopenssl33) endif (UNIX AND NOT ANDROID) # http://www.slproweb.com/products/Win32OpenSSL.html ===8<=== (Installed OpenSSL 3.3.1 from ports, that goes without saying.) Interestingly enough, NLA works to this Windows 11 machine while using OpenSSL. I bet if I rebuilt remmina linking to OpenSSL it would start working as well. Not sure if this is a surprise or something worth noting in the port's description, though. Daniel
Re: xfreerdp / remmina won't connect to Win11 RDP with NLA
On Wednesday, July 31st, 2024 at 00:43, Stuart Henderson wrote: > On 2024-07-30, Lévai Dániel l...@ecentrum.hu wrote: > > > Hi all, > > > > I'm noticing that xfreerdp and remmina fails to connect to a Windows 11 > > machine while using NLA: [...] > > I'm able to connect to a W2022 DC using "xfreerdp /u:username > /d:somedomain /v:xx.xx.xx.xx:3389 /sec:nla" and typing the password at > the Password: prompt. I'm not sure how to tell if it's really using NLA > but I suspect that non-NLA logins are probably disabled on the Windows > side. Well, a pretty good indication - as far as I know - is freerdp sending the credentials while connecting. Anything else is the legacy logon screen where you're greeted with a Windows logon screen and typing in the user name + password. > Have you tried the same freerdp version on e.g. Linux to see how that > works? I haven't, admittedly. 2.11.7 fails to build here on arch, there's an issue reported for the compilation error but upstream treats 2.x as oldstable and would only provide security fixes. What I also wanted to try was building 2.11.7 linked with OpenSSL on OpenBSD but couldn't figure out the magic build option combination, yet. There's a -DWITH_LIBRESSL flag in 3.x, but it's 3.x and I'm afraid it works the other way around (i.e. forcing LibreSSL instead of disregarding it). > (Better to compare the same version if possible otherwise there is an > extra complication - the old workaround for lack of posix timers is > no longer enough, we cannot update to freerdp 3.x, so maybe missing > upstream fixes - it's possible they may have fixed something for newer > versions of Windows). Got it; noticed this in the Makefile, that's why I didn't even try to update the port. Thanks anyway, will just going to work around it by not using NLA for the time being. Daniel
xfreerdp / remmina won't connect to Win11 RDP with NLA
Hi all, I'm noticing that xfreerdp and remmina fails to connect to a Windows 11 machine while using NLA: $ xfreerdp /v:host /u:u...@example.com /d:MicrosoftAccount /sec:nla [17:04:04:954] [26344:92f3b640] [WARN][com.freerdp.crypto] - Certificate verification failure 'unable to get local issuer certificate (20)' at stack position 0 [17:04:04:954] [26344:92f3b640] [WARN][com.freerdp.crypto] - CN = daniell-kvm-windows11 Password: [17:04:08:675] [26344:92f3b640] [ERROR][com.freerdp.core.transport] - BIO_read returned an error: error:1404C438:SSL routines:ST_OK:tlsv1 alert internal error [17:04:08:675] [26344:92f3b640] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D] [17:04:08:823] [26344:92f3b640] [ERROR][com.freerdp.core.transport] - BIO_read returned an error: error:1404C438:SSL routines:ST_OK:tlsv1 alert internal error [17:04:08:823] [26344:92f3b640] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D] [17:04:08:823] [26344:92f3b640] [ERROR][com.freerdp.core] - freerdp_post_connect failed Remmina just says "Cannot connect to the RDP server" after a couple of seconds. Funny thing is, every attempt results in a successful logon event on Windows. Switching off NLA on the Windows machine and trying /sec:tls with xfreerdp (or switching to TLS security in Remmina) shows the usual graphical logon screen where I can login without a problem. Same clients on other OSes also work (Android, Linux, etc...). Is this something to do with LibreSSL, maybe? Has this ever worked on OpenBSD? Daniel
understanding pf(4) 'in' interface with bridge(4)
Hi all, I have a bridge(4) here in a small router, it has a couple of em(4) interfaces: bridge0: flags=41 mtu 1500 index 7 llprio 3 groups: bridge priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp designated: id 00:00:00:00:00:00 priority 0 em2 flags=3 port 3 ifpriority 0 ifcost 0 em1 flags=3 port 2 ifpriority 0 ifcost 0 em0 flags=3 port 1 ifpriority 0 ifcost 0 em0 has a single IPv4 address, 192.168.0.1/16, this is the default gateway on this network: em0: flags=8b43 mtu 1500 lladdr 00:0d:xx:xx:xx:xx description: Internal LAN index 1 priority 0 llprio 3 media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) status: active inet 192.168.0.1 netmask 0x broadcast 192.168.255.255 inet6 fe80: inet6 fc00: prefixlen 7 inet6 2a01: prefixlen 64 pltime 552833 vltime 552833 em2 has no IP address on the router, it's just a link to little rpi. em2: flags=8b43 mtu 1500 lladdr 00:0d:b9:51:ab:96 description: nvr.localdomain index 3 priority 0 llprio 3 media: Ethernet autoselect (1000baseT full-duplex,master,rxpause,txpause) status: active The rpi itself on this em2 link has an IPv4 address of 192.168.0.3/16, it's part of the internal LAN. The other day I wanted to filter what the rpi (192.168.0.3, linked up on em2) wants to send to my wireguard link (configured on this router) so I cooked up a pf(4) line to match packets coming *in* on em2: pass in on em2 proto tcp from 192.168.0.3 to (wg0:network) port $nvr_wg0_allow_ports |||||| ||| |||||| ^^^ dst where the rpi is sending packets |||^^^ rpi's IPv4 address ^^^ interface where rpi is linked To my surprise, it didn't work, because I had to use em0 as the "in" device: pass in on em0 proto tcp from 192.168.0.3 to (wg0:network) port $nvr_wg0_allow_ports Now I understand that ultimately the rpi at 192.168.0.3 uses its default gateway (192.168.0.1 and its MAC address after an arp lookup) as a destination for these packets, and that destination is in fact em0 on the router - and em0 and em2 is bridged together -, but isn't the first interface where this packet comes *in* actually em2? Is this because of how bridge(4) works internally? Thanks for any insight, Daniel
YubiKey blocked by pcscd(8)
Hi all, I was wondering if it's possible to use a YubiKey 5 a bit more conveniently if trying to use more than one of its features. When I have pcscd(8) running, e.g. gpg signing (SmartCard) works but I can't use e.g. challenge-response. After stopping pcscd(8), I can use e.g. ykchalresp(1) (from ykpers) but e.g. OpenPGP can't find the key when trying to sign. I think on Linux this is somehow managed by systemd with a socket activating pcscd(8) when needed, so it won't hog the device. Am I trying to use this in the wrong way? $ doas rcctl start pcscd pcscd(ok) $ doas ykinfo -a USB error: Other/unknown error $ doas ykchalresp -2 asdasd USB error: Other/unknown error $ doas ykman list WARNING: No OTP HID backend available. OTP protocols will not function. ERROR: Unable to list devices for connection YubiKey 5 NFC (5.2.4) [OTP+FIDO+CCID] Serial: 12354678 $ doas rcctl stop pcscd pcscd(ok) $ doas ykman list WARNING: PC/SC not available. Smart card (CCID) protocols will not function. ERROR: Unable to list devices for connection WARNING: No OTP HID backend available. OTP protocols will not function. ERROR: Unable to list devices for connection YubiKey 5 NFC (5.2.4) [OTP+FIDO+CCID] Serial: 12354678 $ doas ykinfo -a serial: 123456 serial_hex: abcdef serial_modhex: abcdef version: 5.2.4 touch_level: 1287 programming_sequence: 3 slot1_status: 1 slot2_status: 1 vendor_id: 1050 product_id: 407 Daniel
Re: Clock stops working on OpenBSD qemu/kvm guest
Turns out the clock stopped every night at the time when backups were running and thus the VM was paused (saved, or 'managedsaved' if someone uses libvirt) for a minute. Not sure why, though; while I was testing pause/resume the clock didn't stop, it just failed to get synced by ntpd(8). Maybe over time the drift was too much? Anyway, the rather curious thing was ntpd(8) not syncing the clock properly after resume, so I ended up giving the 'trusted' option to the server I'm using here. Strangely, it still took quite some time [1], but in the end it managed to sync - so I guess this should work in the long run. [1] Jan 30 11:50:33 ntpd[83421]: peer 148.6.0.1 now valid Jan 30 11:54:37 ntpd[4758]: adjusting local clock by 23.831836s Jan 30 11:54:37 ntpd[83421]: clock is now synced Jan 30 11:54:37 ntpd[83421]: constraint reply from 9.9.9.9: offset 23.653130 Jan 30 11:57:48 ntpd[4758]: adjusting local clock by 22.879877s Jan 30 11:57:48 ntpd[83421]: clock is now unsynced Jan 30 12:01:34 ntpd[4758]: adjusting local clock by 21.754396s Jan 30 12:04:51 ntpd[4758]: adjusting local clock by 20.774539s Jan 30 12:08:33 ntpd[4758]: adjusting local clock by 19.670413s Jan 30 12:12:43 ntpd[4758]: adjusting local clock by 18.426017s Jan 30 12:17:04 ntpd[4758]: adjusting local clock by 17.127167s Jan 30 12:21:19 ntpd[4758]: adjusting local clock by 15.857846s Jan 30 12:21:53 ntpd[4758]: adjusting local clock by 15.688043s Jan 30 12:25:30 ntpd[4758]: adjusting local clock by 14.613690s Jan 30 12:29:49 ntpd[4758]: adjusting local clock by 13.323883s Jan 30 12:33:32 ntpd[4758]: adjusting local clock by 12.204646s Jan 30 12:34:06 ntpd[4758]: adjusting local clock by 12.036162s Jan 30 12:35:10 ntpd[4758]: adjusting local clock by 11.712658s Jan 30 12:36:13 ntpd[4758]: adjusting local clock by 11.412870s Jan 30 12:39:55 ntpd[4758]: adjusting local clock by 10.308062s Jan 30 12:43:34 ntpd[4758]: adjusting local clock by 9.208613s Jan 30 12:44:07 ntpd[4758]: adjusting local clock by 9.048595s Jan 30 12:47:48 ntpd[4758]: adjusting local clock by 7.950845s Jan 30 12:49:27 ntpd[4758]: adjusting local clock by 7.460912s Jan 30 12:53:08 ntpd[4758]: adjusting local clock by 6.360250s Jan 30 12:56:22 ntpd[4758]: adjusting local clock by 5.385971s Jan 30 12:56:53 ntpd[4758]: adjusting local clock by 5.241883s Jan 30 13:01:13 ntpd[4758]: adjusting local clock by 3.951414s Jan 30 13:04:22 ntpd[4758]: adjusting local clock by 3.009970s Jan 30 13:07:05 ntpd[4758]: adjusting local clock by 2.201024s Jan 30 13:11:18 ntpd[4758]: adjusting local clock by 0.937320s Jan 30 13:12:22 ntpd[4758]: adjusting local clock by 0.613777s Jan 30 13:13:27 ntpd[4758]: adjusting local clock by 0.285335s Jan 30 13:14:32 ntpd[83421]: clock is now synced
Re: Clock stops working on OpenBSD qemu/kvm guest
On Friday, January 26th, 2024 at 13:40, Dave Voutila wrote: > > Lévai, Dániel l...@ecentrum.hu writes: > > > Hi all! > > > > I have this OpenBSD 7.4 qemu/kvm VM managed by libvirt on an Ubuntu 22.04 > > host. [...] > > Anyway, the symptoms are funny, it always involves the clock stopping/not > > working after some period of time. > > What is your Linux kernel version? It's at 6.5.0-15-generic atm, like the upgrade log showed, that was the latest update to date. > > This has been set on the guest, though (defaults): > > kern.timecounter.tick=1 > > kern.timecounter.timestepwarnings=0 > > kern.timecounter.hardware=pvclock0 > > kern.timecounter.choice=i8254(0) pvclock0(1500) acpitimer0(1000) > > > So pvclock should be relying on KVM to properly deal with TSC > paravirtualzation. Do you see this issue with Linux guests using > kvmclock? (Or do your Linux guests decide on a different clocksource?) Nowhere else, and even this has been working fine until I think the beginning of this January. There's a bunch of OSs running there, Fedora, Ubuntu, Arch, all using 'kvm-clock' as their clock source, they work fine. No problem with FreeBSD (using kvmclock0) and Win11 (no clue what it's using) either.
Clock stops working on OpenBSD qemu/kvm guest
Hi all! I have this OpenBSD 7.4 qemu/kvm VM managed by libvirt on an Ubuntu 22.04 host. I started to notice this month that it started to act weird, it seems like the clock stops every night. I couldn't pinpoint exactly what caused the change in behavior, the host had two package updates that raised suspicion: 2024-01-11 06:51:04 upgrade linux-image-generic-hwe-22.04:amd64 6.2.0.39.40~22.04.16 6.5.0.14.14~22.04.7 2024-01-12 09:10:36 upgrade libvirt-daemon:amd64 8.0.0-1ubuntu7.7 8.0.0-1ubuntu7.8 But none of the changelogs /seemed/ relevant. Anyway, the symptoms are funny, it always involves the clock stopping/not working after some period of time. When this happens, I cannot login with SSH. The ssh client connects, it even asks for the private key, but after confirmation it times out. The really funny things happen when I log in on the console - that I can do: When I try to ping anything from the host, it stops after the first successful packets (echo/reply) and then hangs (I can CTRL+C). Interestingly I can ping the VM from the hypervisor host indefinitely, but running tcpdump on the guest doesn't show anything immediately. In fact, looking at tcpdump while doing *anything* network related on the VM or to the VM doesn't result in any output right away. That being said, after a couple of minutes, output from tcpdump starts to flood the screen but I cannot say exactly why or when, it just suddenly happens. Running `sleep 1` just hangs. When I run `date` consecutively it shows: Fri Jan 26 04:20:42 CET 2024 Fri Jan 26 04:20:39 CET 2024 Fri Jan 26 04:20:40 CET 2024 Fri Jan 26 04:20:41 CET 2024 Fri Jan 26 04:20:42 CET 2024 Fri Jan 26 04:20:43 CET 2024 Fri Jan 26 04:20:41 CET 2024 Fri Jan 26 04:20:42 CET 2024 It always works again after a reboot - forced reset, because it cannot shut down gracefully. Originally I was using SP kernel but tried with MP recently too, just out of curiosity - no luck. I found two old posts seemingly related: https://marc.info/?t=15294229612&r=1&w=2 ^^ I don't have that sysctl on the host and that kernel is very old there. https://www.reddit.com/r/openbsd/comments/13c9nh1/clock_issue_with_vmm_guest_on_73/ This is on an OpenBSD host, so I can't try that sysctl either. This has been set on the guest, though (defaults): kern.timecounter.tick=1 kern.timecounter.timestepwarnings=0 kern.timecounter.hardware=pvclock0 kern.timecounter.choice=i8254(0) pvclock0(1500) acpitimer0(1000) Any clues would be appreciated, Daniel dmesg: OpenBSD 7.4 (GENERIC.MP) #1397: Tue Oct 10 09:02:37 MDT 2023 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 519929856 (495MB) avail mem = 484507648 (462MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf5960 (10 entries) bios0: vendor SeaBIOS version "1.15.0-1" date 04/01/2014 bios0: QEMU Standard PC (i440FX + PIIX, 1996) acpi0 at bios0: ACPI 1.0 acpi0: sleep states S5 acpi0: tables DSDT FACP APIC WAET acpi0: wakeup devices acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: 12th Gen Intel(R) Core(TM) i7-12700K, 3609.77 MHz, 06-97-02 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,SSE3,PCLMUL,VMX,SSSE3,FMA3,CX16,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,SHA,UMIP,PKU,WAITPKG,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 4MB 64b/line 16-way L2 cache, 16MB 64b/line 16-way L3 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 1000MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: 12th Gen Intel(R) Core(TM) i7-12700K, 3609.78 MHz, 06-97-02 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,SSE3,PCLMUL,VMX,SSSE3,FMA3,CX16,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,SHA,UMIP,PKU,WAITPKG,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu1: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 4MB 64b/line 16-way L2 cache, 16MB 64b/line 16-way L3 cache cpu1: smt 0, core 0, package 1 ioapic0 at mainbus0: apid 0 pa 0xfec0, version 11, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) "ACPI0006" at acpi0 not configured acpipci0 at acpi0 PCI0 com0 at acpi0 COM1 addr 0x3f8/0x8 irq 4: ns16550a, 16 byte fifo acpicmos0 at acpi0 "PNP0A06" at acpi0 not configured "PNP0A0
Re: Weird network performance with iwn(4)
Thanks for taking a shot at this! I fiddled with the few options this AP has related to the 5GHz mode, nothing special, really (channel width, number, mode). Interestingly enough, the AP says its Country is set to 'EU' (whatever that means) - can't grasp why it would report 'US', though. Anyway, thanks again, I'll just leave it at that and use 2.4GHz. Daniel On Tuesday, January 9th, 2024 at 15:31, Stefan Sperling wrote: > > > On Thu, Dec 21, 2023 at 09:23:42AM +0100, Stefan Sperling wrote: > > > could you send me a pcap of 5GHz beacons from this AP? > > > Nothing in the beacon you sent off-list stands out. > I don't see a reason why things wouldn't work as they should. > > The AP is set to country 'US' -- if this is incorrect then try > setting the contry code to the actual country the AP is located in. > The AP uses an 80MHz channel config in the first channel segment (with > center channel 42), which should work anywhere in the world. So there > is no reason to believe that the country code would cause issues. > However, Intel firmware uses black-box regulatory heuristics which the > driver has little control over. With some luck a wrong country code is > the reason for your trouble. > > Otherwise, I don't know. You could try turning configurable features > of the AP off one-by-one to see if a factor which triggers the issue > can be identified that way.
Re: Weird network performance with iwn(4)
Danel Levai wrote: > Stuart Henderson wrote: > > I checked for openwrt support but your AP has a relatively uncommon > > Realtek SoC and it seems fairly unlikely to happen so you're probably > > stuck with the vendor firmware. > > > > Maybe try forcing "mode 11n" or "mode 11g" with ifconfig and see if > > that's any better. > > Interestingly enough, "mode 11g" won't join the AP. 11n works and it's a > steady > 300KByte/sec, it doesn't go up and down like with 11ac. > > Anyway, I'll see if I can find myself another AP to deploy here, maybe it's > just some > fringe compatibility issue. > > Daniel Just for the record, I totally missed trying the 2.4GHz SSID of this AP (it has a different name). I was only trying 5GHz with all modes - no wonder .11g wouldn't join (brain freeze)... So .11n actually works on 2.4GHz with this AP and iwm(4), and has a download speed of around 1,5-2,0MByte. Daniel
Re: Weird network performance with iwn(4)
Stuart Henderson wrote: > I checked for openwrt support but your AP has a relatively uncommon > Realtek SoC and it seems fairly unlikely to happen so you're probably > stuck with the vendor firmware. > > Maybe try forcing "mode 11n" or "mode 11g" with ifconfig and see if > that's any better. Interestingly enough, "mode 11g" won't join the AP. 11n works and it's a steady 300KByte/sec, it doesn't go up and down like with 11ac. Anyway, I'll see if I can find myself another AP to deploy here, maybe it's just some fringe compatibility issue. Daniel
Re: Weird network performance with iwn(4)
On Thursday, December 7th, 2023 at 19:28, Mihai Popescu > Just a lucky guess, no offense please, are you using ftp2.eu.openbsd.org ? Haha, no problem, it happens with everything, it's not about the mirrors, really, it's really just a frame of reference. Happens with my own mirror, too ¯\_(ツ)_/¯ Daniel
Re: Weird network performance with iwn(4)
On Thursday, December 7th, 2023 at 17:10, Stefan Sperling wrote: > > > On Thu, Dec 07, 2023 at 03:39:33PM +0000, Lévai, Dániel wrote: > > > Hi all! > > > > Recently my trusty T410 died (had iwn(4) in it) and had to switch to an > > E450 - but this has iwm(4). > > Never had any issues with iwn(4) and iwm(4) seems to operate perfectly fine > > in some scenarios, e.g. speedtest.net indicates 100/100Mbit down/up speed. > > > But downloading a base74.tgz set takes little more than 30 minutes - in > > firefox and in console with ftp(1). > > > So you are getting 100/100 Mbit on iwm(4) in a speed test, and only > downloading > base74.tgz is slow? Well, not quite - speedtest.net (whatever it does) seems to report good results, browsing however is generally slow, but I can't really set precise expectations for let's say "opening youtube.com". It's just slow compared to other machines on the same network. The most concrete thing I could think of was to download the base set which was surprisingly slow during the first upgrade after installation. That's why I started to investigate; this I can measure and report. So generally speaking, everything is slow on iwm0 *except* what speedtest.net seems to report. > The speed test being successful would imply that the wifi > layer is working just fine. If so then something else must be messing with > your base74.tgz download attempts. > > What happens when you download base74.tgz over ethernet? No issue, perfect 100Mbit. > Or with iwm(4) via a different AP? > Or with iwm(4) via a different ISP? Thanks for the tips! I went ahead and tried my cell phone's mobile hotspot. Even though speedtest.net only reported 30/15Mbit down/up, the general browsing experience was much better and managed to squeeze out 2-3MByte/sec while downloading the base set from various mirrors. Switching back to my home AP seems to be the issue. It's a Zyxel NBG6615 (end of service by now, no newer firmware). Is there any debug sysctl's I can set on the laptop that could prove useful in troubleshooting this? Maybe different settings for iwm(4) or the AP? Daniel
Weird network performance with iwn(4)
Hi all! Recently my trusty T410 died (had iwn(4) in it) and had to switch to an E450 - but this has iwm(4). Never had any issues with iwn(4) and iwm(4) seems to operate perfectly fine in some scenarios, e.g. speedtest.net indicates 100/100Mbit down/up speed. But downloading a base74.tgz set takes little more than 30 minutes - in firefox and in console with ftp(1). I know mirrors don't have the same bandwidth and connection to me, etc., but regardless, this is too slow even after factoring that in - plus it's the same with every mirror, even my own (not "local" local, but within the country). While looking at `systat ifstat 1` it starts out at 2 Bytes/s, then sometimes it goes up to a couple of 100KBytes, varies between 300-400-500KBytes/sec, then for a second it says 1MByte/s, then drops back to around 300-500KB/s, and this goes on. Meanwhile the same thing on a different machine/OS is 10+MByte/s. Generally speaking, browsing in firefox seems/feels slow - e.g. YouTube takes 10-20 seconds to load completely. I've installed the latest available firmware: iwm-firmware-20230330 Also thought about the disk being the bottleneck, but seems fair enough; it's an older SATA SSD: $ dd if=/dev/zero of=testfile bs=4096 31031+0 records in 31031+0 records out 127102976 bytes transferred in 1.084 secs (117233296 bytes/sec) $ ifconfig iwm0 iwm0: flags=a48843 mtu 1500 lladdr 60:57:xx:xx:xx:xx index 2 priority 4 llprio 3 groups: wlan egress media: IEEE802.11 autoselect (VHT-MCS5 mode 11ac) status: active ieee80211: join apname chan 44 bssid aa:bb:cc:dd:ee:ff 65% wpakey wpaprotos wpa2 wpaakms psk wpaciphers ccmp wpagroupcipher ccmp inet 192.168.x.x netmask 0x broadcast 192.168.255.255 Is this something with .11ac not supported well enough, or this specific hardware? Any thoughts, suggestions are welcome :) Thanks, Daniel dmesg: OpenBSD 7.4-current (GENERIC.MP) #1471: Thu Nov 30 07:57:45 MST 2023 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 17078009856 (16286MB) avail mem = 16540798976 (15774MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0x9cdfd000 (62 entries) bios0: vendor LENOVO version "J5ET64WW (1.35 )" date 10/31/2019 bios0: LENOVO 20DC008DHV efi0 at bios0: UEFI 2.3.1 efi0: Lenovo rev 0x1350 acpi0 at bios0: ACPI 5.0 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP ASF! HPET ECDT APIC MCFG SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT PCCT SSDT TCPA SSDT UEFI POAT BATB FPDT UEFI acpi0: wakeup devices LID_(S3) IGBE(S4) EXP3(S4) XHCI(S3) EHC1(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpiec0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz, 1596.32 MHz, 06-45-01, patch 0026 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SRBDS_CTRL,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB 64b/line 8-way L2 cache, 3MB 64b/line 12-way L3 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz, 1596.32 MHz, 06-45-01, patch 0026 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SRBDS_CTRL,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN cpu1: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB 64b/line 8-way L2 cache, 3MB 64b/line 12-way L3 cache cpu1: smt 1, core 0, package 0 cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz, 1596.34 MHz, 06-45-01, patch 0026 cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SRBDS_CTRL,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,
httpd(8) request rewrite - 500 internal server error
Hi all, I was trying to do a basic path rewrite in httpd(8) on 7.2-stable, and I just can't see what I'm missing: httpd.conf: server "host" { listen on egress port 12345 root "/htdocs" location "/" { request rewrite "/to/" } location "/*" { directory auto index } } Using http://host:12345/ slaps me with 500: server_response: rewrote /? -> /to/? "GET / HTTP/1.1" 500 0 , /to/ (500 Internal Server Error) Accessing http://host:12345/to/ directly works, however: "GET /to/ HTTP/1.1" 200 538 "GET /favicon.ico HTTP/1.1" 404 0 , /favicon.ico (404 Not Found) I though maybe it was iffy because of the location containing only a slash (/), but using anything else like...: location "/from/" { request rewrite "/to/" } ... gives 500 too when accessing http://host:12345/from/ Tried playing around with (adding/removing) the trailing '/' from the paths, but still no luck. I even tried the example at the end of httpd.conf(5) with "location match" and pattern/captures, but still the same. But "request rewrite" must be clearly working somehow, I just can't see what's missing. Any tips would be greatly appreciated! Daniel
Re: pcengines apu{1,4} can't adjust CPU frequency automatically anymore
On Monday, November 28th, 2022 at 08:43, Jan Johansson wrote: > > > > > "Lévai, Dániel" l...@ecentrum.hu wrote: > > > I don't know since when, unfortunately, but it seems > > auto-adjusting CPU frequency doesn't work anymore on my APU1 > > and an APU4 PCEngines boards (I only have these versions at > > hand atm). They're both running an updated fw at v4.17.0.2. > > [...] > > > Hello! > > Since some time auto scaling (by OpenBSD) is disabled while the > system is connected to AC power. This might not be a problem > since many systems seems to handle scaling by themself. Oh, got you [1]. Thanks! [1] - https://marc.info/?l=openbsd-cvs&m=163563630606615&w=2
pcengines apu{1,4} can't adjust CPU frequency automatically anymore
Hi all, I don't know since when, unfortunately, but it seems auto-adjusting CPU frequency doesn't work anymore on my APU1 and an APU4 PCEngines boards (I only have these versions at hand atm). They're both running an updated fw at v4.17.0.2. IIRC `apmd -A' + `sysctl hw.perfpolicy=auto' did the trick earlier, but I'll be honest, I haven't checked this since forever. APU1 has two and the APU4 has three frequencies to set: cpu0: 1000 MHz: speeds: 1000 800 MHz cpu0: 998 MHz: speeds: 1000 800 600 MHz I can manually adjust this with hw.setperf when hw.perfpolicy is 'manual', so setting the frequency actually works, it's just that it can't seems to "detect" load/change when it's set to 'auto'. Daniel ==> APU1: OpenBSD 7.2 (GENERIC.MP) #2: Thu Nov 24 23:54:39 MST 2022 r...@syspatch-72-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2112143360 (2014MB) avail mem = 2030804992 (1936MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.0 @ 0x7ee4e040 (9 entries) bios0: vendor coreboot version "v4.17.0.2" date 07/28/2022 bios0: PC Engines apu1 acpi0 at bios0: ACPI 6.0 acpi0: sleep states S0 S1 S3 S4 S5 acpi0: tables DSDT FACP SSDT MCFG TPM2 APIC HEST SSDT SSDT HPET acpi0: wakeup devices AGPB(S4) HDMI(S4) PBR4(S4) PBR5(S4) PBR6(S4) PBR7(S4) PE20(S4) PE21(S4) PE22(S4) PE23(S4) UOH1(S3) UOH2(S3) UOH3(S3) UOH4(S3) UOH5(S3) UOH6(S3) [...] acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimcfg0 at acpi0 acpimcfg0: addr 0xf800, bus 0-63 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD G-T40E Processor, 1000.08 MHz, 14-02-00 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 2-way I-cache cpu0: 512KB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges cpu0: apic clock running at 200MHz cpu0: mwait min=64, max=64, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD G-T40E Processor, 1000.01 MHz, 14-02-00 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC cpu1: 32KB 64b/line 8-way D-cache, 32KB 64b/line 2-way I-cache cpu1: 512KB 64b/line 16-way L2 cache cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 21, 24 pins acpihpet0 at acpi0: 14318180 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGPB) acpiprt2 at acpi0: bus -1 (HDMI) acpiprt3 at acpi0: bus 1 (PBR4) acpiprt4 at acpi0: bus 2 (PBR5) acpiprt5 at acpi0: bus 3 (PBR6) acpiprt6 at acpi0: bus -1 (PBR7) acpiprt7 at acpi0: bus -1 (PE20) acpiprt8 at acpi0: bus -1 (PE21) acpiprt9 at acpi0: bus -1 (PE22) acpiprt10 at acpi0: bus -1 (PE23) acpiprt11 at acpi0: bus 4 (PIBR) acpicpu0 at acpi0: C2(0@100 io@0x841), C1(@1 halt!), PSS acpicpu1 at acpi0: C2(0@100 io@0x841), C1(@1 halt!), PSS acpipci0 at acpi0 PCI0: 0x 0x0011 0x0001 "PRP0001" at acpi0 not configured "PRP0001" at acpi0 not configured "PRP0001" at acpi0 not configured "PRP0001" at acpi0 not configured "PRP0001" at acpi0 not configured "PRP0001" at acpi0 not configured "PRP0001" at acpi0 not configured acpicmos0 at acpi0 "BOOT" at acpi0 not configured acpitz0 at acpi0: critical temperature is 110 degC cpu0: 1000 MHz: speeds: 1000 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "AMD 14h Host" rev 0x00 ppb0 at pci0 dev 4 function 0 "AMD 14h PCIE" rev 0x00: msi pci1 at ppb0 bus 1 re0 at pci1 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E (0x2c00), msi, address rgephy0 at re0 phy 7: RTL8169S/8110S/8211 PHY, rev. 4 ppb1 at pci0 dev 5 function 0 "AMD 14h PCIE" rev 0x00: msi pci2 at ppb1 bus 2 re1 at pci2 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E (0x2c00), msi, address rgephy1 at re1 phy 7: RTL8169S/8110S/8211 PHY, rev. 4 ppb2 at pci0 dev 6 function 0 "AMD 14h PCIE" rev 0x00: msi pci3 at ppb2 bus 3 re2 at pci3 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E (0x2c00), msi, address rgephy2 at re2 phy 7: RTL8169S/8110S/8211 PHY, rev. 4 ahci0 at pci0 dev 17 function 0 "ATI SBx00 SATA" rev 0x40: apic 2 int 19, AHCI 1.2 ahci0: port 0: 3.0Gb/s scsibus1 at ahci0: 32 targets sd0 at scsibus1 targ 0 lun 0: naa.50026b725701bf6a sd0: 28626MB, 512 bytes/sector, 58626288 sectors, thin ohci0 at pci0 dev 18 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ehci0 at pci0 dev 18 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 configuration 1 interface 0 "ATI EHCI root hub" rev 2.00/1.00 addr 1 oh
Re: Changing sysctl hw.sensors names on a T410
> On 2022-09-07, Lévai Dániel wrote: > > Doesn't hurt anything really, was just wondering if anyone has seen this > > and maybe have a tech tale of an explanation for it. > > Does it depend on cold/warm boot, or whether it's on battery or plugged in? It's almost always unplugged when used, I noticed these while on battery. As for cold/warm boot, I never actually checked but I'll keep an eye on this from now on. Dani
Changing sysctl hw.sensors names on a T410
Hey everyone, I noticed this weirdness here on an old but trusty T410 ThinkPad, in that it sometimes changes its sysctl hw.sensors names for its battery. Sometimes it's watthour/power and other times it's amphour/current: hw.sensors.acpibat0.volt0=10.80 VDC (voltage) hw.sensors.acpibat0.volt1=10.84 VDC (current voltage) hw.sensors.acpibat0.power0=12.31 W (rate) hw.sensors.acpibat0.watthour0=47.52 Wh (last full capacity) hw.sensors.acpibat0.watthour1=2.38 Wh (warning capacity) hw.sensors.acpibat0.watthour2=0.20 Wh (low capacity) hw.sensors.acpibat0.watthour3=26.08 Wh (remaining capacity), OK hw.sensors.acpibat0.watthour4=47.52 Wh (design capacity) hw.sensors.acpibat0.raw0=1 (battery discharging), OK hw.sensors.acpibat0.volt0=10.80 VDC (voltage) hw.sensors.acpibat0.volt1=11.20 VDC (current voltage) hw.sensors.acpibat0.current0=1.19 A (rate) hw.sensors.acpibat0.amphour0=4.75 Ah (last full capacity) hw.sensors.acpibat0.amphour1=0.24 Ah (warning capacity) hw.sensors.acpibat0.amphour2=0.02 Ah (low capacity) hw.sensors.acpibat0.amphour3=3.95 Ah (remaining capacity), OK hw.sensors.acpibat0.amphour4=4.75 Ah (design capacity) hw.sensors.acpibat0.raw0=1 (battery discharging), OK Doesn't hurt anything really, was just wondering if anyone has seen this and maybe have a tech tale of an explanation for it. The two respective dmesgs don't have much difference between them. watthour-dmesg: OpenBSD 7.2-beta (GENERIC.MP) #654: Wed Jul 27 20:10:05 MDT 2022 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 4062691328 (3874MB) avail mem = 3922194432 (3740MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xe0010 (78 entries) bios0: vendor LENOVO version "6IET72WW (1.32 )" date 08/27/2010 bios0: LENOVO 2537EP6 acpi0 at bios0: ACPI 4.0 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET ASF! SLIC BOOT SSDT TCPA DMAR SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) IGBE(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) EXP5(S4) EHC1(S3) EHC2(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiec0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz, 1197.20 MHz, 06-25-05 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,MELTDOWN cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 4-way I-cache, 256KB 64b/line 8-way L2 cache, 3MB 64b/line 12-way L3 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 133MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz, 1197.01 MHz, 06-25-05 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,MELTDOWN cpu1: 32KB 64b/line 8-way D-cache, 32KB 64b/line 4-way I-cache, 256KB 64b/line 8-way L2 cache, 3MB 64b/line 12-way L3 cache cpu1: smt 1, core 0, package 0 cpu2 at mainbus0: apid 4 (application processor) cpu2: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz, 1197.02 MHz, 06-25-05 cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,MELTDOWN cpu2: 32KB 64b/line 8-way D-cache, 32KB 64b/line 4-way I-cache, 256KB 64b/line 8-way L2 cache, 3MB 64b/line 12-way L3 cache cpu2: smt 0, core 2, package 0 cpu3 at mainbus0: apid 5 (application processor) cpu3: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz, 1197.01 MHz, 06-25-05 cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,MELTDOWN cpu3: 32KB 64b/line 8-way D-cache, 32KB 64b/line 4-way I-cache, 256KB 64b/line 8-way L2 cache, 3MB 64b/line 12-way L3 cache cpu3: smt 1, core 2, package 0 ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins, remapped acpimcfg0 at acpi0 acpimcfg0: addr 0xe000, bus 0-255 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (PEG_) acpiprt2 at acpi0: bus 2 (EXP1) acpiprt3 at acpi0: bus 3 (EXP2) acpiprt4 at acpi0: bus -1
how to pledge(2) for Yubikey
Hi all! I'm trying to implement pledge(2) support into kc(1) (in ports) while using it with a Yubikey. So far this is my pledge string: char*pledges = "cpath exec fattr flock proc rpath stdio tty unix wpath"; This covers everything it would do without the Yubikey. But I can't seem to find the proper "promise" that would allow it to use the Yubikey (I've tried adding everything at one point). The application dies with (on -current): Abort trap (core dumped) kc[35302]: pledge "tty", syscall 54 And the trace looks like this: #0 ioctl () at -:3 No locals. #1 0x0fb51385e600 in libusb_interrupt_transfer () from /usr/local/lib/libusb-1.0.so.1.2 No symbol table info available. #2 0x0fb513856864 in libusb_get_device_list () from /usr/local/lib/libusb-1.0.so.1.2 No symbol table info available. #3 0x0fb53bf41e82 in _ykusb_open_device () from /usr/local/lib/libykpers-1.so.0.8 No symbol table info available. #4 0x0fb53bf408ab in yk_open_key_vid_pid () from /usr/local/lib/libykpers-1.so.0.8 No symbol table info available. #5 0x0fb25fdac4d9 in kc_ykchalresp () from /home/daniell/kc/kc No symbol table info available. #6 0x0fb25fd9f293 in main () from /home/daniell/kc/kc No symbol table info available. These are the last couple of line from ktrace: 35302 kc CALL open(0x7f7ee1f0,0x2) 35302 kc NAMI "/dev/usb0" 35302 kc RET open -1 errno 13 Permission denied 35302 kc CALL kbind(0x7f7ede88,24,0x18365a7b5e816bae) 35302 kc RET kbind 0 35302 kc CALL open(0x7f7ee1f0,0x2) 35302 kc NAMI "/dev/usb1" 35302 kc RET open 7 35302 kc CALL kbind(0x7f7ede88,24,0x18365a7b5e816bae) 35302 kc RET kbind 0 35302 kc CALL ioctl(7,USB_DEVICEINFO,0x7f7edf50) 35302 kc PLDG ioctl, "tty", errno 1 Operation not permitted 35302 kc PSIG SIGABRT SIG_DFL 35302 kc NAMI "kc.core" I don't know if this matters, but for even ykinfo(1) (in the ykpers port) to work, I had to: # chmod g+w /dev/usb1 # chmod g+rw /dev/ugen0.00 Could someone hit me with a clue-bat how to pledge for using a Yubikey (or rather, I guess, any USB device?). Thanks in advance, Dani
Re: hostname.pppoe0, !/bin/sh when reconnecting
Thanks everyone for their reply and the pointer to ifstated(8)! For the archives; this simple configuration did the trick: == 8< == state if_up { init { run "/usr/local/sbin/dyndnsupdate.sh" } if pppoe0.link.down { run "/usr/bin/logger -p daemon.warn -i -t ifstated -- pppoe0 link is down" set-state if_down } } state if_down { if pppoe0.link.up { run "/usr/bin/logger -p daemon.warn -i -t ifstated -- pppoe0 link is up with IP: `/sbin/ifconfig pppoe0 |/usr/bin/grep -F -we inet`" set-state if_up } } == 8< == -- Lévai, Dániel ‐‐‐ Original Message ‐‐‐ On Wednesday, June 17, 2020 5:53 PM, Olivier Taïbi wrote: > I am in a similar situation (pppoe sessions restarts, although my IP addresses > do not change), and I needed to re-add the default IPv6 route after completion > of IPv6CP. Note that there are several layers involved (link, IPv4, IPv6), I > would guess that for pppoe "link is up" would mean LCP succeeded, which is > before you get a new IP. For this reason I put together a small ad-hoc tool > that monitors the addition of a new route, which occurs just after IPv6CP > succeeds. See > https://marc.info/?l=openbsd-misc&m=158834859429490&w=2 > You could probably modify it to do what you need, using the monitor option of > route(8) to guess what event you want to trigger the execution of your script. > In fact it should be simpler. > > If you manage to use ifstated(8) reliably, please let me know. > > On Wed, Jun 17, 2020 at 01:08:30PM +, Lévai, Dániel wrote: > > > Hi misc@! > > I'm trying to run a script whenever I get a new IP address from my ISP over > > pppoe0. They disconnect me occasionally and the router reconnects then, eg.: > > /bsd: pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated > > /bsd: pppoe0: received unexpected PADO > > last message repeated 2 times > > I have this as the last line in /etc/hostname.pppoe0: > > !/bin/sh /etc/hostname.pppoe0.script pppoe0 0.0.0.1 > > It doesn't seem to be executed when this happens, only when I reboot the > > router. Is the culprit here something along the lines of not > > (re)configuring the interface with ifconfig up/down (in which case the > > script would run), instead only getting disconnected and reconnecting? > > Daniel
hostname.pppoe0, !/bin/sh when reconnecting
Hi misc@! I'm trying to run a script whenever I get a new IP address from my ISP over pppoe0. They disconnect me occasionally and the router reconnects then, eg.: /bsd: pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated /bsd: pppoe0: received unexpected PADO last message repeated 2 times I have this as the last line in /etc/hostname.pppoe0: !/bin/sh /etc/hostname.pppoe0.script pppoe0 0.0.0.1 It doesn't seem to be executed when this happens, only when I reboot the router. Is the culprit here something along the lines of not (re)configuring the interface with ifconfig up/down (in which case the script would run), instead only getting disconnected and reconnecting? Daniel
collectd graphs
Hi everyone! I noticed facette became broken in 6.7. Do you guys use any neat tool to graph collectd RRDs? Preferrably in ports or at most something git-pullable but with no outside deps (relative to base or ports). Thanks for the input! Dani
Re: RCS file ownership?
Hi all! Years ago, I mean 10+, I was -- strangely -- quite actively using RCS for local configuration file history management, and fell into the same pit myself. I made this [1] off the cuff diff then, and reading this thread thought that I need to see how badly it would apply for today's tree. Well, surprisingly, it succeeded without any rejections, so here it is, maybe someone will find it useful. It's automatic, so no option to enable this when invoking rcs(1). Also, all I did was just regenerating the diff, not compiled or tested now... And I'm pretty sure I have had some troubles with it back then... Anyway, enjoy :) Dani [1] https://gist.github.com/levaidaniel/dfc71d782a6e023459c04a3f30ff5a6e ‐‐‐ Original Message ‐‐‐ > Date: Thu, 30 Apr 2020 10:37:38 +0100 > From: Craig Skinner skin...@britvault.co.uk > To: misc@openbsd.org > Subject: Re: RCS file ownership? > Message-ID: 20200430103738.1f7304f6@fir.internal > > G'day Adam/all, > > On Wed, 29 Apr 2020 12:43:42 -0500 Adam Thompson wrote: > > > When I use co(1) with "-l" to check out a file (and/or "ci -l") is > > there any way to preserve file ownership and not have it reset to > > the user running co(1) or ci(1)? > > Attached is a script I've used for years to work around this issue. > > No licence, do what you want with it. > > Rather rubbish to do this in the shell > > cop = check out, permissions > cip = check in, permissions > > $ ls -ltrhF /usr/local/bin/c* | fgrep ciop > -r-xr-xr-x 1 root bin 1.8K Jun 29 2013 /usr/local/bin/ciop* > lrwxr-xr-x 1 root wheel 4B Apr 13 2015 /usr/local/bin/cop@ -> ciop > lrwxr-xr-x 1 root wheel 4B Apr 13 2015 /usr/local/bin/cip@ -> ciop > > Cheers, > > -- > > Craig Skinner | http://linkd.in/yGqkv7 > > [Attachment of type application/octet-stream removed.]
Re: smtpd accept client certificate only from a specific CA
Sorry, running 6.5-stable. Eredeti üzenet Be 2019. júl. 24. 19:13, Lévai, Dániel írta: > Hi all! > > I have this on my relay host: > > smtpd.conf: > ca myCA cert "/path/to/myCA.pem" > > listen on egress port submission \ > tls-require verify \ > ca myCA > > Now with that I expected that it'll only accept smtp clients that provide a > certificate signed by myCA, but it turns out it accepts any certificate that > is trusted based on the default /etc/ssl/certs.pem file. > Besides (re)moving the stock certs file or any other intrusive/ugly > workaround, is there any way I could force a CA for those connections? > > Thanks for any hints, > Dani publickey - leva@ecentrum.hu - 0x66E1F716.asc Description: application/pgp-keys
smtpd accept client certificate only from a specific CA
Hi all! I have this on my relay host: smtpd.conf: ca myCA cert "/path/to/myCA.pem" listen on egress port submission \ tls-require verify \ ca myCA Now with that I expected that it'll only accept smtp clients that provide a certificate signed by myCA, but it turns out it accepts any certificate that is trusted based on the default /etc/ssl/certs.pem file. Besides (re)moving the stock certs file or any other intrusive/ugly workaround, is there any way I could force a CA for those connections? Thanks for any hints, Dani publickey - leva@ecentrum.hu - 0x66E1F716.asc Description: application/pgp-keys
IPsec redirect to internal LAN
Hi all! I've been trying to figure out how to direct traffic into internal hosts through IPsec (IKEv2, enc0). My client is an Android phone, using strongSwan, connecting to an OpenBSD 6.5 VPN concentrator. The VPN server has two IP addresses on enc0, 172.16.0.1/24 and 172.16.0.21/24. I wanted to use the latter as a 1:1 map to an internal IP address, like 192.168.0.21. Basically everything I would send to 172.16.0.21 to any port from the client/phone, I would want to direct that to 192.168.0.21 to the same dst port. [client/phone] (172.16.0.42/24) <-> (172.16.0.1/24, 172.16.0.21/24) [OpenBSD VPN server] (192.168.0.1/16) <-> (192.168.0.21/16) [internal host] I wanted to test this with icmp first, and build up from there: # ifconfig enc0 enc0: flags=41 index 5 priority 0 llprio 3 groups: enc status: active inet 172.16.0.1 netmask 0xff00 inet 172.16.0.21 netmask 0xff00 /etc/pf.conf: ==8<== match all scrub (no-df random-id)# I tried to remove this, but didn't seem to make any difference [...] pass in on egress proto udp to port {isakmp, ipsec-nat-t} label IKE pass in on egress proto esp label IKE match in on enc inet proto icmp from (enc:network) to 172.16.0.21 \ rdr-to 192.168.0.21 \ tag IPSEC_RDR_PASS pass on enc tagged IPSEC_RDR_PASS ==8<== >From the client/phone I can ping 172.16.0.1, naturally, but when it comes to >172.16.0.21, on the enc0 interface there's this traffic, which seems fine to >me: VPN server# tcpdump -nttti enc0 tcpdump: listening on enc0, link-type ENC Jul 19 22:27:11.842500 (authentic,confidential): SPI 0x9b57d4b8: 172.16.0.42 > 172.16.0.21: icmp: echo request (DF) (encap) Jul 19 22:27:12.861873 (authentic,confidential): SPI 0x9b57d4b8: 172.16.0.42 > 172.16.0.21: icmp: echo request (DF) (encap) Jul 19 22:27:13.921964 (authentic,confidential): SPI 0x9b57d4b8: 172.16.0.42 > 172.16.0.21: icmp: echo request (DF) (encap) So it seems the redirect works, meanwhile on the 192.168.0.21 host: internal host$ sudo tcpdump -ni eth0 icmp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 2019-07-19 22:28:40.243669 IP 172.16.0.42 > 192.168.0.21: ICMP echo request, id 18, seq 1021, length 64 2019-07-19 22:28:40.243705 IP 192.168.0.21 > 172.16.0.42: ICMP echo reply, id 18, seq 1021, length 64 2019-07-19 22:28:40.243974 IP 192.168.0.1 > 192.168.0.21: ICMP 172.16.0.42 unreachable - need to frag, length 36 2019-07-19 22:28:41.283963 IP 172.16.0.42 > 192.168.0.21: ICMP echo request, id 18, seq 1022, length 64 2019-07-19 22:28:41.283999 IP 192.168.0.21 > 172.16.0.42: ICMP echo reply, id 18, seq 1022, length 64 2019-07-19 22:28:41.284335 IP 192.168.0.1 > 192.168.0.21: ICMP 172.16.0.42 unreachable - need to frag, length 36 So icmp gets into the internal network, it just couldn't find its way back. >From 192.168.0.21 I can ping 172.16.0.{1, 21} fine (both IP addresses on enc0 >on the VPN server), but when it comes to .42 (the above IPsec client, the >phone), if I try to ping it, I get the same error: internal host$ ping 172.16.0.42 PING 172.16.0.42 (172.16.0.42) 56(84) bytes of data. >From 192.168.0.1 icmp_seq=1 Frag needed and DF set (mtu = 0) >From 192.168.0.1 icmp_seq=2 Frag needed and DF set (mtu = 0) Is there something fundamentally wrong with this? How would this work ideally? I even tried to setup a NAT rule when coming in from the VPN to the LAN, so everything from 172.16.0/24 would be NATed to 192.168.0.1, the VPN server's internal IP: match out on enc from (enc:network) to (em0:network) \ nat-to 192.168.0.1 Now this didn't do anything, at least from the above tcpdumps' point of view :-\ Thanks for any hints! Dani publickey - leva@ecentrum.hu - 0x66E1F716.asc Description: application/pgp-keys
Re: L2TP/IPSec PSK with Android -- INVALID_ID_INFORMATION
Oh, and one other issue, if anyone gets bitten by this: Don't use the 'any' keyword after the 'from'/'to' attributes. Even though iked.conf(5) says you can, I got an "unsupported address family 0" error from iked. 0.0.0.0/0 works instead. -- Lévai, Dániel ‐‐‐ Original Message ‐‐‐ On Monday, 1 July 2019 21:19, Lévai, Dániel wrote: > Wow, thanks for this... For some reason I always thought that anything VPN > related would require a rooted Android phone to mess with interfaces and > routing, but clearly it doesn't. > It took about 10 minutes to read https://www.openbsd.org/faq/faq17.html and > configure a successful IKEv2 connection from strongSwan on the phone to the > router. > > One more thing, how do I know what IP address my client has gotten? > `ipsecctl(8) -vsa` doesn't show that, and iked(8) output in /var/log/daemon > doesn't either. Right now I'm pinging my router from my phone and tcpdump-ing > the enc0 interface for icmp packets :) > > Dani > > ‐‐‐ Original Message ‐‐‐ > On Monday, 1 July 2019 19:34, Stuart Henderson s...@spacehopper.org wrote: > > > On 2019-06-30, Lévai Dániel l...@ecentrum.hu wrote: > > > > > I know (saw) this has come up numerous times, and someone has been > > > successful, others weren't. I thought I'd try this out myself, and not > > > surprisingly it wasn't successful :) > > > I've been using these howtos [1] -- I know these can be outdated and/or > > > simply wrong, I just wanted to get the general idea on how to tackle this. > > > I've made it through a couple of hurdles but now I'm stuck and thought > > > I'd ask some questions here. > > > > L2TP+IPsec can be made to work, but to be perfectly honest, unless you > > have a special reason (e.g. need to run this on a box which is also > > doing other tunnels which have to be IKEv1), then I would switch to > > IKEv2/iked and strongswan on Android (or the built-in client on Windows > > or iOS), it is fast to connect and generally much more pleasant to use... > > (I still use IKEv1/isakmpd for lan-to-lan tunnels but now try to avoid > > it for standard "roaming client" type connections). publickey - leva@ecentrum.hu - 0x66E1F716.asc Description: application/pgp-keys
Re: L2TP/IPSec PSK with Android -- INVALID_ID_INFORMATION
Wow, thanks for this... For some reason I always thought that anything VPN related would require a rooted Android phone to mess with interfaces and routing, but clearly it doesn't. It took about 10 minutes to read https://www.openbsd.org/faq/faq17.html and configure a successful IKEv2 connection from strongSwan on the phone to the router. One more thing, how do I know what IP address my client has gotten? `ipsecctl(8) -vsa` doesn't show that, and iked(8) output in /var/log/daemon doesn't either. Right now I'm pinging my router from my phone and tcpdump-ing the enc0 interface for icmp packets :) Dani ‐‐‐ Original Message ‐‐‐ On Monday, 1 July 2019 19:34, Stuart Henderson wrote: > On 2019-06-30, Lévai Dániel l...@ecentrum.hu wrote: > > > I know (saw) this has come up numerous times, and someone has been > > successful, others weren't. I thought I'd try this out myself, and not > > surprisingly it wasn't successful :) > > I've been using these howtos [1] -- I know these can be outdated and/or > > simply wrong, I just wanted to get the general idea on how to tackle this. > > I've made it through a couple of hurdles but now I'm stuck and thought I'd > > ask some questions here. > > L2TP+IPsec can be made to work, but to be perfectly honest, unless you > have a special reason (e.g. need to run this on a box which is also > doing other tunnels which have to be IKEv1), then I would switch to > IKEv2/iked and strongswan on Android (or the built-in client on Windows > or iOS), it is fast to connect and generally much more pleasant to use... > > (I still use IKEv1/isakmpd for lan-to-lan tunnels but now try to avoid > it for standard "roaming client" type connections). publickey - leva@ecentrum.hu - 0x66E1F716.asc Description: application/pgp-keys
L2TP/IPSec PSK with Android -- INVALID_ID_INFORMATION
190058.615909 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION 190101.642382 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1 190101.642478 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION 190104.674817 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1 190104.674885 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION 190107.702932 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1 190107.703001 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION 190110.728935 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1 190110.729004 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION 190113.760991 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1 190113.761061 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION 190116.770799 Default responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.5.17, responder id 192.168.0.1 190116.770869 Default dropped message from 192.168.5.17 port 500 due to notification type INVALID_ID_INFORMATION =8<= Now I'm stuck here. I don't really know why it wouldn't accept these "IDs", I thought I've covered all my bases with "from any/to any" in ipsec.conf(5). As for the attribute_unacceptable lines, I've tried to change the 'auth' attributes to "hmac-sha2-384", and I actually got the same messages.. I also tried to set the 'group' option for the 'main' and 'quick' lines to modp3072, no luck there either. What also doesn't help is that every time my phone does an unsuccessful connection, I must restart it, because "something gets stuck there", and every subsequent connection attempt just doesn't do anything -- no packets are coming in from the phone anymore... Anyway. I hope someone has had success with this and could point me in some kind of direction I'm not seeing. Thanks in advance, Dani [1]: http://bluepilltech.blogspot.com/2017/02/openbsd-l2tp-over-ipsec-android-601-ios.html http://blog.fuckingwith.it/2016/04/openbsd-l2tpipsec-vpn-for-android.html http://openbsd-archive.7691.n7.nabble.com/L2TP-IPSec-via-npppd-won-t-work-with-Android-5-x-td290194.html -- Lévai, Dániel publickey - leva@ecentrum.hu - 0x66E1F716.asc Description: application/pgp-keys
Multicast traffic on pflog0
Hi list! I was wondering if someone could explain this, because I've been scratching my head for a while now. I'm seeing multicast traffic logged on pflog0 for some reason -- they are 'igmp nreport' stuff from IPs in my internal network, totally legit by the way, they are supposed to do that, but why pflog0? I'm not logging anything to that interface with pf(4) and I can't find any daemon that would do this. Is this some "default" thing or is it just too late and not enough coffee here? Dani publickey - leva@ecentrum.hu - 0x66E1F716.asc Description: application/pgp-keys
Re: The right way to view the current input layout in X
That's the thing, that doesn't tell you which specific layout is active (from us,ru). I've been using skb for ages for this: https://plhk.ru/ It does the job. Dani ‐‐‐ Original Message ‐‐‐ On Tuesday, 28 May 2019 14:39, Robert Klein wrote: > On Tue, 28 May 2019 14:50:30 +0300 > Максим a23s4a2...@yandex.ru wrote: > > > Hello, > > The following command is run from my .xsession file to allow me to > > switch between english and russian layout: "setxkbmap -layout "us,ru" > > -option grp:alt_space_toggle" > > But how can I view the current input layout? > > “man setxkbmap” says: > > [...] > -query With this option setxkbmap just prints the current rules, > model, layout, variant, and options, then exits. > [...] > > Best regards > Robert > > > -- > > Maksim Rodin publickey - leva@ecentrum.hu - 0x66E1F716.asc Description: application/pgp-keys
Re: athn: device timeout
On Sunday, 19 May 2019 20:42, Stefan Sperling wrote: > On Sun, May 19, 2019 at 05:38:03PM +0000, Lévai, Dániel wrote: > > > And for some reason -- and this is really strange, I know --, sometimes it > > gets into a state where no client can connect/auth to the AP, and nothing > > seems to be able to fix it other than a hard reset of the AP. On a Linux > > client machine with wpa_supplicant(8) these are the log messages when this > > latter happens: > > May 19 19:08:38 serenity kernel: wlan0: authenticate with > > May 19 19:08:38 serenity kernel: wlan0: send auth to (try 1/3) > > May 19 19:08:38 serenity kernel: wlan0: authenticated > > May 19 19:08:38 serenity kernel: wlan0: associate with (try 1/3) > > May 19 19:08:38 serenity kernel: wlan0: RX AssocResp from (capab=0x411 > > status=0 aid=2) > > May 19 19:08:38 serenity kernel: wlan0: associated > > May 19 19:08:39 serenity kernel: wlan0: deauthenticated from (Reason: > > 15=4WAY_HANDSHAKE_TIMEOUT) > > This just goes on and on and on. > > And what do you see with 'ifconfig athn0 debug' on the AP? I get a lot of these: May 19 21:03:02 firefly /bsd: athn0: station purged from node cache May 19 21:03:02 firefly /bsd: athn0: station purged from node cache May 19 21:03:02 firefly /bsd: athn0: station purged from node cache May 19 21:03:13 firefly /bsd: athn0: sending auth to on channel 36 mode 11n May 19 21:03:13 firefly /bsd: athn0: station already authenticated (open) May 19 21:03:13 firefly /bsd: athn0: sending assoc_resp to on channel 36 mode 11n May 19 21:03:13 firefly /bsd: athn0: sending msg 1/4 of the 4-way handshake to May 19 21:03:13 firefly last message repeated 2 times May 19 21:03:13 firefly /bsd: athn0: station deauthenticate (reason 15) May 19 21:03:13 firefly /bsd: athn0: sending deauth to on channel 36 mode 11n May 19 21:03:14 firefly /bsd: athn0: sending auth to on channel 36 mode 11n May 19 21:03:14 firefly /bsd: athn0: station already authenticated (open) May 19 21:03:14 firefly /bsd: athn0: sending assoc_resp to on channel 36 mode 11n May 19 21:03:14 firefly /bsd: athn0: sending msg 1/4 of the 4-way handshake to May 19 21:03:14 firefly last message repeated 2 times May 19 21:03:14 firefly /bsd: athn0: station deauthenticate (reason 15) May 19 21:03:14 firefly /bsd: athn0: sending deauth to on channel 36 mode 11n May 19 21:03:15 firefly /bsd: athn0: sending auth to on channel 36 mode 11n May 19 21:03:15 firefly /bsd: athn0: station already authenticated (open) May 19 21:03:15 firefly /bsd: athn0: sending assoc_resp to on channel 36 mode 11n May 19 21:03:15 firefly /bsd: athn0: sending msg 1/4 of the 4-way handshake to May 19 21:03:16 firefly last message repeated 2 times May 19 21:03:16 firefly /bsd: athn0: station deauthenticate (reason 15) May 19 21:03:16 firefly /bsd: athn0: sending deauth to on channel 36 mode 11n May 19 21:03:17 firefly /bsd: athn0: sending auth to on channel 36 mode 11n May 19 21:03:17 firefly /bsd: athn0: station already authenticated (open) May 19 21:03:17 firefly /bsd: athn0: sending assoc_resp to on channel 36 mode 11n May 19 21:03:17 firefly /bsd: athn0: sending msg 1/4 of the 4-way handshake to May 19 21:03:17 firefly last message repeated 2 times May 19 21:03:17 firefly /bsd: athn0: station deauthenticate (reason 15) May 19 21:03:17 firefly /bsd: athn0: sending deauth to on channel 36 mode 11n May 19 21:03:18 firefly /bsd: athn0: sending auth to on channel 36 mode 11n May 19 21:03:18 firefly /bsd: athn0: station already authenticated (open) May 19 21:03:18 firefly /bsd: athn0: sending assoc_resp to on channel 36 mode 11n May 19 21:03:18 firefly /bsd: athn0: sending msg 1/4 of the 4-way handshake to May 19 21:03:18 firefly last message repeated 2 times May 19 21:03:18 firefly /bsd: athn0: station deauthenticate (reason 15) May 19 21:03:18 firefly /bsd: athn0: sending deauth to on channel 36 mode 11n May 19 21:03:20 firefly /bsd: athn0: sending auth to on channel 36 mode 11n May 19 21:03:20 firefly /bsd: athn0: station already authenticated (open) May 19 21:03:20 firefly /bsd: athn0: sending assoc_resp to on channel 36 mode 11n May 19 21:03:20 firefly /bsd: athn0: sending msg 1/4 of the 4-way handshake to May 19 21:03:20 firefly last message repeated 2 times Both with and Android phone and a Linux (wpa_supplicant) client. Dani publickey - leva@ecentrum.hu - 0x66E1F716.asc Description: application/pgp-keys
Re: athn: device timeout
On Sunday, 19 May 2019 18:48, Stefan Sperling wrote: > On Sun, May 19, 2019 at 02:30:25PM +0000, Lévai, Dániel wrote: > > > Hi everyone! > > I wonder if this 0 particular issue is what I'm experiencing. Judging from > > the fact that the only thing needed for this to happen is a full-bandwidth > > (~1MB/s) throughput via athn0 for about 20 seconds, I'm inclined to say yes. > > I wanted to ask if this 1 commit should've fixed these kind of issues, or > > that "recalibration" is something else. > > What is your reason for asking? > > These timeouts should be infrequent and the driver should recover > without intervention. If that matches your case, there is nothing > critical to fix, though it would of course be nice to understand > and perhaps fix the problem. > > Are these device timeouts causing you actual problems or are you > just curious why these messages are appearing? Well, in my experience here, there are two different kinds of consequences that can happen when these timeouts occur. The first (that happens let's say 90% of the time) can be fixed with a swift: # /sbin/ifconfig athn0 down; sleep 1; /sbin/ifconfig athn0 up It needs to be done, but at least it's fixable -- otherwise no client can connect the AP. And for some reason -- and this is really strange, I know --, sometimes it gets into a state where no client can connect/auth to the AP, and nothing seems to be able to fix it other than a hard reset of the AP. On a Linux client machine with wpa_supplicant(8) these are the log messages when this latter happens: May 19 19:08:38 serenity kernel: wlan0: authenticate with May 19 19:08:38 serenity kernel: wlan0: send auth to (try 1/3) May 19 19:08:38 serenity kernel: wlan0: authenticated May 19 19:08:38 serenity kernel: wlan0: associate with (try 1/3) May 19 19:08:38 serenity kernel: wlan0: RX AssocResp from (capab=0x411 status=0 aid=2) May 19 19:08:38 serenity kernel: wlan0: associated May 19 19:08:39 serenity kernel: wlan0: deauthenticated from (Reason: 15=4WAY_HANDSHAKE_TIMEOUT) This just goes on and on and on. But e.g. Android phones cannot connect to the AP either in this case, and they say "Check password and try again" in the Wi-Fi settings menu, after trying to reconnect quickly a number of times -- these are really rapid, max 1 sec in between the retries. Bear in mind that I didn't not change the password on the AP or the phone. Now I'm gradually trying to lower the allowed bandwidth of the athn(4) devices with pf(4) to see if there's any setting where it wouldn't fail (lowered from around the default/max 1MB/s, in the 800KB/s range this still happened). > The latter is hard to say without sitting in front of your box. > Device timeouts mean the hardware failed to send one frame. > Which can happen for any number of reasons. Hm, is it worth trying to switch around e.g. antennas? Dani
athn: device timeout
pi0: bus 4 (PBR7) acpiprt5 at acpi0: bus 5 (PBR8) acpicpu0 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS acpicpu1 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS acpicpu2 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS acpicpu3 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS acpibtn0 at acpi0: PWRB acpipci0 at acpi0 PCI0: 0x 0x0011 0x0001 acpicmos0 at acpi0 cpu0: 998 MHz: speeds: 1000 800 600 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "AMD AMD64 16h Root Complex" rev 0x00 pchb1 at pci0 dev 2 function 0 "AMD AMD64 16h Host" rev 0x00 ppb0 at pci0 dev 2 function 1 "AMD AMD64 16h PCIE" rev 0x00: msi pci1 at ppb0 bus 1 em0 at pci1 dev 0 function 0 "Intel I211" rev 0x03: msi, address ppb1 at pci0 dev 2 function 2 "AMD AMD64 16h PCIE" rev 0x00: msi pci2 at ppb1 bus 2 em1 at pci2 dev 0 function 0 "Intel I211" rev 0x03: msi, address ppb2 at pci0 dev 2 function 3 "AMD AMD64 16h PCIE" rev 0x00: msi pci3 at ppb2 bus 3 em2 at pci3 dev 0 function 0 "Intel I211" rev 0x03: msi, address ppb3 at pci0 dev 2 function 4 "AMD AMD64 16h PCIE" rev 0x00: msi pci4 at ppb3 bus 4 em3 at pci4 dev 0 function 0 "Intel I211" rev 0x03: msi, address ppb4 at pci0 dev 2 function 5 "AMD AMD64 16h PCIE" rev 0x00: msi pci5 at ppb4 bus 5 athn0 at pci5 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 5 int 16 athn0: AR9280 rev 2 (2T2R), ROM rev 22, address ccp0 at pci0 dev 8 function 0 "AMD Cryptographic Co-processor v3" rev 0x00 xhci0 at pci0 dev 16 function 0 "AMD Bolton xHCI" rev 0x11: msi, xHCI 1.0 usb0 at xhci0: USB revision 3.0 uhub0 at usb0 configuration 1 interface 0 "AMD xHCI root hub" rev 3.00/1.00 addr 1 ahci0 at pci0 dev 17 function 0 "AMD Hudson-2 SATA" rev 0x40: apic 4 int 19, AHCI 1.3 ahci0: port 0: 6.0Gb/s scsibus1 at ahci0: 32 targets sd0 at scsibus1 targ 0 lun 0: SCSI3 0/direct fixed naa. sd0: 57241MB, 512 bytes/sector, 117231408 sectors, thin ehci0 at pci0 dev 18 function 0 "AMD Hudson-2 USB2" rev 0x39: apic 4 int 18 usb1 at ehci0: USB revision 2.0 uhub1 at usb1 configuration 1 interface 0 "AMD EHCI root hub" rev 2.00/1.00 addr 1 ehci1 at pci0 dev 19 function 0 "AMD Hudson-2 USB2" rev 0x39: apic 4 int 18 usb2 at ehci1: USB revision 2.0 uhub2 at usb2 configuration 1 interface 0 "AMD EHCI root hub" rev 2.00/1.00 addr 1 piixpm0 at pci0 dev 20 function 0 "AMD Hudson-2 SMBus" rev 0x42: SMBus disabled pcib0 at pci0 dev 20 function 3 "AMD Hudson-2 LPC" rev 0x11 sdhc0 at pci0 dev 20 function 7 "AMD Bolton SD/MMC" rev 0x01: apic 4 int 16 sdhc0: SDHC 2.0, 50 MHz base clock sdmmc0 at sdhc0: 4-bit, sd high-speed, mmc high-speed, dma pchb2 at pci0 dev 24 function 0 "AMD AMD64 16h Link Cfg" rev 0x00 pchb3 at pci0 dev 24 function 1 "AMD AMD64 16h Address Map" rev 0x00 pchb4 at pci0 dev 24 function 2 "AMD AMD64 16h DRAM Cfg" rev 0x00 km0 at pci0 dev 24 function 3 "AMD AMD64 16h Misc Cfg" rev 0x00 pchb5 at pci0 dev 24 function 4 "AMD AMD64 16h CPU Power" rev 0x00 pchb6 at pci0 dev 24 function 5 "AMD AMD64 16h Misc Cfg" rev 0x00 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo com2 at isa0 port 0x3e8/8 irq 5: ns16550a, 16 byte fifo pcppi0 at isa0 port 0x61 spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 wbsio0 at isa0 port 0x2e/2: NCT5104D rev 0x53 vmm0 at mainbus0: SVM/RVI uhidev0 at uhub0 port 3 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 2 uhidev0: iclass 3/0, 123 report ids upd0 at uhidev0 uhub3 at uhub1 port 1 configuration 1 interface 0 "Advanced Micro Devices product 0x7900" rev 2.00/0.18 addr 2 uhub4 at uhub2 port 1 configuration 1 interface 0 "Advanced Micro Devices product 0x7900" rev 2.00/0.18 addr 2 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets root on sd0a (338ef9ca14372769.a) swap on sd0b dump on sd0b pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: pap failure pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: pap failure pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: pap failure pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated athn0: device timeout athn0: device timeout athn0: device timeout athn0: device timeout athn0: device timeout -- Lévai, Dániel
Re: Trying to find what leaks in 6.4 after a recent network topology change
Stuart Henderson @ 2019-04-15T15:39:30 +0200: > On 2019-04-15, LÉVAI Dániel wrote: > > Hi! > > > > > > After a recent network configuration change (added re(4), vether(4)) I'm > > experiencing this memory leak from somewhere. > > > > How can I check/query how much memory the kernel (or parts of it) is > > using over time, besides running top(1) with system processes shown -- > > I'm also staring at systat(1)'s `malloc' and `pool' views but I'm not > > really sure what I'm (or rather what I should be) looking at. > > > > Sorry I didn't read the whole lot, but from skimming through it's likely > to be kernel not userland (which is why you don't see much detail in top). > There are likely some clues in output from the following: > > netstat -m > vmstat -m > systat -b mbuf No worries, this is perfect, thank you for the tips. I'm already wondering about the `mbufs' output from systat(1) (especially the ALIVE column): After a reboot + 20 minutes: 1 users Load 0.46 0.38 0.33 firefly.ecentrum.hu 16:40:43 IFACE LIVELOCKS SIZE ALIVE LWM HWM CWM System0 256 4100 260 2048 3717 468 211253 7 4096 128 20 921617 12 After two days: 1 users Load 0.14 0.20 0.22 firefly.ecentrum.hu 15:00:00 IFACE LIVELOCKS SIZE ALIVE LWM HWM CWM System0 256 215K 13780 2048 * 26954 211266 9 4096 128 25 921611 11 How does ALIVE: 215k look after two days uptime with mild internet traffic? Is this something that could be a potential culprit or am I just reading things into that? And I'm just guessing but that star either means infinite :) or that it couldn't even write the number into that space. Dani -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Trying to find what leaks in 6.4 after a recent network topology change
sb0 at ehci0: USB revision 2.0 uhub0 at usb0 configuration 1 interface 0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 ppb1 at pci0 dev 28 function 0 "Intel 8 Series PCIE" rev 0xd5: msi pci2 at ppb1 bus 2 ppb2 at pci0 dev 28 function 2 "Intel 8 Series PCIE" rev 0xd5: msi pci3 at ppb2 bus 3 re0 at pci3 dev 0 function 0 "Realtek 8168" rev 0x0c: RTL8168G/8111G (0x4c00), msi, address rgephy0 at re0 phy 7: RTL8251 PHY, rev. 0 ppb3 at pci0 dev 28 function 4 "Intel 8 Series PCIE" rev 0xd5: msi pci4 at ppb3 bus 4 athn0 at pci4 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 8 int 16 athn0: AR9280 rev 2 (2T2R), ROM rev 16, address ppb4 at pci0 dev 28 function 5 "Intel 8 Series PCIE" rev 0xd5: msi pci5 at ppb4 bus 5 athn1 at pci5 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 8 int 17 athn1: AR9280 rev 2 (2T2R), ROM rev 22, address ehci1 at pci0 dev 29 function 0 "Intel 8 Series USB" rev 0x05: apic 8 int 23 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 configuration 1 interface 0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 pcib0 at pci0 dev 31 function 0 "Intel H81 LPC" rev 0x05 ahci0 at pci0 dev 31 function 2 "Intel 8 Series AHCI" rev 0x05: msi, AHCI 1.3 ahci0: port 4: 3.0Gb/s ahci0: port 5: 3.0Gb/s scsibus1 at ahci0: 32 targets sd0 at scsibus1 targ 4 lun 0: SCSI3 0/direct fixed naa.50026b726304fb22 sd0: 114473MB, 512 bytes/sector, 234441648 sectors, thin sd1 at scsibus1 targ 5 lun 0: SCSI3 0/direct fixed naa.50026b726304fbe2 sd1: 114473MB, 512 bytes/sector, 234441648 sectors, thin ichiic0 at pci0 dev 31 function 3 "Intel 8 Series SMBus" rev 0x05: apic 8 int 18 iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 2GB DDR3 SDRAM PC3-10600 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 irq 1 irq 12 pckbd0 at pckbc0 (kbd slot) wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 uhub2 at uhub0 port 1 configuration 1 interface 0 "Intel Rate Matching Hub" rev 2.00/0.05 addr 2 uhub3 at uhub1 port 1 configuration 1 interface 0 "Intel Rate Matching Hub" rev 2.00/0.05 addr 2 uhidev0 at uhub3 port 2 configuration 1 interface 0 "SINO WEALTH USB KEYBOARD" rev 1.10/1.00 addr 3 uhidev0: iclass 3/1 ukbd0 at uhidev0: 8 variable keys, 6 key codes wskbd1 at ukbd0 mux 1 wskbd1: connecting to wsdisplay0 uhidev1 at uhub3 port 2 configuration 1 interface 1 "SINO WEALTH USB KEYBOARD" rev 1.10/1.00 addr 3 uhidev1: iclass 3/0, 5 report ids uhid0 at uhidev1 reportid 2: input=1, output=0, feature=0 uhid1 at uhidev1 reportid 3: input=3, output=0, feature=0 uhid2 at uhidev1 reportid 5: input=0, output=0, feature=5 uhidev2 at uhub3 port 3 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 4 uhidev2: iclass 3/0, 123 report ids upd0 at uhidev2 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets sd2 at scsibus3 targ 1 lun 0: SCSI2 0/direct fixed sd2: 114470MB, 512 bytes/sector, 234435953 sectors root on sd2a (59f8b4a610bc10ff.a) swap on sd2b dump on sd2b pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated wskbd1: disconnecting from wsdisplay0 wskbd1 detached ukbd0 detached uhidev0 detached uhid0 detached uhid1 detached uhid2 detached uhidev1 detached pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: received unexpected PADO upd0 detached uhidev2 detached uhidev0 at uhub3 port 3 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 3 uhidev0: iclass 3/0, 123 report ids upd0 at uhidev0 upd0 detached uhidev0 detached uhidev0 at uhub3 port 3 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 3 uhidev0: iclass 3/0, 123 report ids upd0 at uhidev0 upd0 detached uhidev0 detached uhidev0 at uhub3 port 3 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 3 uhidev0: iclass 3/0, 123 report ids upd0 at uhidev0 upd0 detached uhidev0 detached uhidev0 at uhub3 port 3 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 3 uhidev0: iclass 3/0, 123 report ids upd0 at uhidev0 upd0 detached uhidev0 detached uhub3: device problem, disabling port 3 uhub3: port error, restarting port 3 uhidev0 at uhub3 port 3 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 3 uhidev0: iclass 3/0, 123 report ids upd0 at uhidev0 -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: Nextcloud with httpd(8)
Bruno Flückiger @ 2019-04-10T07:00:04 +0200: [...] > > Hi Dani > > I've tried to reproduce this with my test installation of Nextcloud, but > no luck. Maybe there is something wrong with the Nextcloud app on your > android device. Do you maybe run some old version or beta version? Have > you installed it from another store than the Google one? > > Cheers, > Bruno Hi Bruno! It's definitely the Android application, as this works on an older device with 7.1.1 -- it's just acting up with the app running on Android 9. Also contacted the devs at github and made a test account for them, they found no issues. Now I'll try to somehow get logs from the application, but this is now unrelated to OpenBSD. Thanks for helping out Bruno, much appreciated! Dani -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: RS-232 serial to ethernet
Thank you everyone so much for the information! There are now some interesting alternatives for me to look at! Cheers, Dani LÉVAI Dániel @ 2019-04-08T18:04:37 +0200: > Hi misc@! > > I was wondering if I could use some budget solution to access my OpenBSD > machine via its serial console over the network, and I stumbled upon > this piece of hardware: [1] [2] [3] (the same device "USR-TCP232-302", > I'm just not sure which one will be up at the time someone looks at > them) > > It basically should be able convert the serial port to TCP/IP > networking. Is this something anyone else has used before -- or if you > know something similar, I'm really interested! > > > Thanks, > Dani > > [1] - > https://www.aliexpress.com/item/Q18041-USR-TCP232-302-Tiny-Size-Serial-RS232-to-Ethernet-TCP-IP-Server-Module-Ethernet-Converter/32683105763.html > [2] - > https://www.aliexpress.com/item/USR-TCP232-302-Tiny-Size-Serial-RS232-to-Ethernet-TCP-IP-Server-Module-Ethernet-Converter-Support/32899179930.html > [3] - > https://www.aliexpress.com/item/Q18041-USR-TCP232-302-Tiny-Size-Serial-RS232-to-Ethernet-TCP-IP-Server-Module-Ethernet-Converter/32685599659.html > > -- > LÉVAI Dániel > PGP key ID = 0x83B63A8F > Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
RS-232 serial to ethernet
Hi misc@! I was wondering if I could use some budget solution to access my OpenBSD machine via its serial console over the network, and I stumbled upon this piece of hardware: [1] [2] [3] (the same device "USR-TCP232-302", I'm just not sure which one will be up at the time someone looks at them) It basically should be able convert the serial port to TCP/IP networking. Is this something anyone else has used before -- or if you know something similar, I'm really interested! Thanks, Dani [1] - https://www.aliexpress.com/item/Q18041-USR-TCP232-302-Tiny-Size-Serial-RS232-to-Ethernet-TCP-IP-Server-Module-Ethernet-Converter/32683105763.html [2] - https://www.aliexpress.com/item/USR-TCP232-302-Tiny-Size-Serial-RS232-to-Ethernet-TCP-IP-Server-Module-Ethernet-Converter-Support/32899179930.html [3] - https://www.aliexpress.com/item/Q18041-USR-TCP232-302-Tiny-Size-Serial-RS232-to-Ethernet-TCP-IP-Server-Module-Ethernet-Converter/32685599659.html -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: Nextcloud with httpd(8)
Hi Bruno! Bruno Flückiger @ 2019-04-02T06:58:15 +0200: > On 01.04., LÉVAI Dániel wrote: > > Hey Bruno! > > > > Hi Dani > > > That's the most curious thing, nothing shows up in the logs when the app > > says "Download failed/Could not download ". > > Tailing httpd's errorlog and Nextcloud's data/nextcloud.log yields > > nothing. > > Have you checked the access log of httpd(8) too? If it is a http errror > 4xx it will show up there, not in the error log. Good point! This [1] is the access log with the Android app and this [2] is with chrome -- trying to download the same file: 7FCB0045D6134446B4654308EC246F9C_1_20-00-00-000.pdf. There's that curious UNKNOWN 408 at the end of the log generated when using the app. > > Raising loglevel for Nextcloud to debug only shows some image cache > > misses: > > {"reqId":"Wi7JHnvwCWAwkFbOr49Y","level":0,"time":"2019-04-01T13:06:41+00:00","remoteAddr":"IP","user":"username","app":"no > > app in > > context","method":"GET","url":"\/nextcloud\/ocs\/v2.php\/apps\/activity\/api\/v2\/activity\/filter?format=json&previews=true&sort=desc&object_type=files&object_id=213","message":"No > > cache entry found for \/appdata_ocvxn2n1q9gp\/theming\/images (storage: > > local::\/htdocs\/nextcloud\/data\/, internalPath: > > appdata_ocvxn2n1q9gp\/theming\/images)","userAgent":"Mozilla\/5.0 (Android) > > ownCloud-android\/3.5.1","version":"15.0.5.3"} > > > > I don't believe it's related, though. > > > > Me neither. Do you see at least log entries for the connection from the > app to your Nextcloud? Yes, everything else works besides download. I put the data there with the app that I'm now trying to retrieve :) > > > > I can upload anything from the app, and I can do (even download) > > anything on Nextcloud's web UI. It's just the Android app that can't > > download anything. I thought that maybe this has still something to do > > with httpd(8) -- but it seems not :-\ > > > > How does your setup look like in detail? Any layer 7 proxy in front of > your Nextcloud? Nothing fancy like that. Public IP on an OpenBSD 6.4, pf enabled, for port http/s: pass in on egress proto tcp from any to (egress) port = 80 flags S/SA set (queue http) keep state (source-track rule, max-src-states 200, max-src-conn-rate 200/1, max-src-nodes 500, overload , pflow, src.track 1) pass in on egress proto tcp from any to (egress) port = 443 flags S/SA set (queue http) keep state (source-track rule, max-src-states 200, max-src-conn-rate 200/1, max-src-nodes 500, overload , pflow, src.track 1) [1] Android app "GET /nextcloud/index.php/204 HTTP/1.1" 204 0 "GET /nextcloud/index.php/avatar/username/448 HTTP/1.1" 304 0 "GET /nextcloud/ocs/v1.php/cloud/users/username?format=json HTTP/1.1" 200 0 "GET /nextcloud/ocs/v1.php/cloud/users/username?format=json HTTP/1.1" 200 0 "GET /nextcloud/index.php/204 HTTP/1.1" 204 0 "GET /nextcloud/index.php/204 HTTP/1.1" 204 0 "GET /nextcloud/index.php/204 HTTP/1.1" 204 0 "GET /nextcloud/index.php/204 HTTP/1.1" 204 0 "GET /nextcloud/index.php/204 HTTP/1.1" 204 0 "GET /nextcloud/index.php/204 HTTP/1.1" 204 0 "GET /nextcloud/index.php/avatar/username/448 HTTP/1.1" 304 0 "GET /nextcloud/ocs/v1.php/cloud/users/username?format=json HTTP/1.1" 200 0 "GET /nextcloud/status.php HTTP/1.1" 200 0 "GET /nextcloud/ocs/v1.php/cloud/capabilities?format=json HTTP/1.1" 200 0 "GET /nextcloud/ocs/v1.php/cloud/user?format=json HTTP/1.1" 200 0 "PROPFIND /nextcloud/remote.php/webdav/ HTTP/1.1" 207 0 "PROPFIND /nextcloud/remote.php/webdav/ HTTP/1.1" 207 0 "GET /nextcloud/ocs/v2.php/apps/files_sharing/api/v1/shares?path=%2F&reshares=true&subfiles=true HTTP/1.1" 200 0 "GET /nextcloud/status.php HTTP/1.1" 200 0 "GET /nextcloud/ocs/v1.php/cloud/capabilities?format=json HTTP/1.1" 200 0 "GET /nextcloud/ocs/v1.php/cloud/user?format=json HTTP/1.1" 200 0 "PROPFIND /nextcloud/remote.php/webdav/ HTTP/1.1" 207 0 "PROPFIND /nextcloud/remote.php/webdav/ HTTP/1.1" 207 0 "GET /nextcloud/ocs/v2.php/apps/files_sharing/api/v1/shares?path=%2F&reshares=true&subfiles=true HTTP/1.1" 200 0 "PROPFIND /nextcloud/remote.php/webdav/Zagar/ HTTP/1.1" 207 0 "PROPFIND /nextcloud/remote.php/webdav/Zagar/ HTTP/1.1" 207 0 "GET /nextcloud/remote.php/webdav/Zagar/7FCB0045D6134446B465
Re: Nextcloud with httpd(8)
Hey Bruno! That's the most curious thing, nothing shows up in the logs when the app says "Download failed/Could not download ". Tailing httpd's errorlog and Nextcloud's data/nextcloud.log yields nothing. Raising loglevel for Nextcloud to debug only shows some image cache misses: {"reqId":"Wi7JHnvwCWAwkFbOr49Y","level":0,"time":"2019-04-01T13:06:41+00:00","remoteAddr":"IP","user":"username","app":"no app in context","method":"GET","url":"\/nextcloud\/ocs\/v2.php\/apps\/activity\/api\/v2\/activity\/filter?format=json&previews=true&sort=desc&object_type=files&object_id=213","message":"No cache entry found for \/appdata_ocvxn2n1q9gp\/theming\/images (storage: local::\/htdocs\/nextcloud\/data\/, internalPath: appdata_ocvxn2n1q9gp\/theming\/images)","userAgent":"Mozilla\/5.0 (Android) ownCloud-android\/3.5.1","version":"15.0.5.3"} I don't believe it's related, though. I can upload anything from the app, and I can do (even download) anything on Nextcloud's web UI. It's just the Android app that can't download anything. I thought that maybe this has still something to do with httpd(8) -- but it seems not :-\ Dani Bruno Flückiger @ 2019-04-01T11:11:18 +0200: > On 01.04., LÉVAI Dániel wrote: > > Hi all! > > > > After reading this > > https://marc.info/?l=openbsd-misc&m=149420565311794&w=2 > > .. and this > > https://github.com/nextcloud/android/issues/113#issuecomment-478398248 > > > > I'm still wondering why would my file download with the Android app fail > > with nextcloud 15.0.5 on OpenBSD 6.4-stable. > > > > By any chance, does anyone here use nextcloud from ports on OpenBSD with > > httpd(8) and the infamous Nextcloud Android app? > > > > > > Dani > > > > -- > > LÉVAI Dániel > > PGP key ID = 0x83B63A8F > > Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F > > > > Hi Dani > > I do run Nextcloud on httpd(8) and use the Android app. I don't have > this problem anymore since they fixed it in the Android app. What do you > see in the logs if your download fails? > > Cheers, > Bruno -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Nextcloud with httpd(8)
Hi all! After reading this https://marc.info/?l=openbsd-misc&m=149420565311794&w=2 ... and this https://github.com/nextcloud/android/issues/113#issuecomment-478398248 I'm still wondering why would my file download with the Android app fail with nextcloud 15.0.5 on OpenBSD 6.4-stable. By any chance, does anyone here use nextcloud from ports on OpenBSD with httpd(8) and the infamous Nextcloud Android app? Dani -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: Intel i350 Offloading not working
Adonis Peralta @ 2018-07-18T10:49:57 +0200: > > Maybe this is the culprit? > > > > /usr/src/sys/dev/pci/if_em.c: > > 1893 if (sc->hw.mac_type >= em_82543 && sc->hw.mac_type != > > em_82575 && > > 1894 sc->hw.mac_type != em_82580 && sc->hw.mac_type != > > em_i210 && > > 1895 sc->hw.mac_type != em_i350) > > 1896 ifp->if_capabilities |= IFCAP_CSUM_TCPv4 | > > IFCAP_CSUM_UDPv4; > > > > It seems as if I350 (among a few other) has an exception for these > > features. Maybe it was not tested well enough, or actually it was, and > > was failing in this department. > > Maybe a developer can add some insight, if this catches their eyes :) > > > Exactly! This is a really really nice card and I don’t get why OpenBSD > doesn’t support the offloading features just as you’ve shown for bge and > re0. Definitely awaiting a response from the devs on this. If I'm not mistaken this was introduced with this commit: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/if_em.c.diff?r1=1.269&r2=1.270 Without trying to sound like the chicken [1], if you're adventurous enough, you can always enable it for I350 and 1) recompile 2) try 3) report back / send in diff :) Daniel [1] https://en.wikipedia.org/wiki/The_Chicken_and_the_Pig -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: Intel i350 Offloading not working
LÉVAI Dániel @ 2018-07-18T09:20:15 +0200: > Adonis Peralta @ 2018-07-18T03:47:43 +0200: > > Hi, > > [...] > > ifconfig on my lan port shows: > > > > ``` > > em2: flags=8843 mtu 1500 > > hwfeatures=10 hardmtu 9216 > > lladdr 00:19:99:d7:88:a3 > > index 3 priority 0 llprio 3 > > media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) > > status: active > > inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 > > ``` [...] > # ifconfig em0 hwfeatures > em0: flags=8843 mtu 1500 > hwfeatures=10 hardmtu 9216 > [...] Maybe this is the culprit? /usr/src/sys/dev/pci/if_em.c: 1893 if (sc->hw.mac_type >= em_82543 && sc->hw.mac_type != em_82575 && 1894 sc->hw.mac_type != em_82580 && sc->hw.mac_type != em_i210 && 1895 sc->hw.mac_type != em_i350) 1896 ifp->if_capabilities |= IFCAP_CSUM_TCPv4 | IFCAP_CSUM_UDPv4; It seems as if I350 (among a few other) has an exception for these features. Maybe it was not tested well enough, or actually it was, and was failing in this department. Maybe a developer can add some insight, if this catches their eyes :) Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: Intel i350 Offloading not working
acpi0: bus 2 (RP01) acpiprt2 at acpi0: bus 3 (RP03) acpiprt3 at acpi0: bus 4 (RP05) acpiprt4 at acpi0: bus 5 (RP06) acpiprt5 at acpi0: bus 1 (PEG0) acpiprt6 at acpi0: bus -1 (PEG1) acpiprt7 at acpi0: bus -1 (PEG2) acpiec0 at acpi0: not present acpicpu0 at acpi0: C2(500@67 mwait.1@0x10), C1(1000@1 mwait.1), PSS acpicpu1 at acpi0: C2(500@67 mwait.1@0x10), C1(1000@1 mwait.1), PSS acpipwrres0 at acpi0: FN00, resource for FAN0 acpipwrres1 at acpi0: FN01, resource for FAN1 acpipwrres2 at acpi0: FN02, resource for FAN2 acpipwrres3 at acpi0: FN03, resource for FAN3 acpipwrres4 at acpi0: FN04, resource for FAN4 acpitz0 at acpi0: critical temperature is 105 degC acpitz1 at acpi0: critical temperature is 105 degC "INT3F0D" at acpi0 not configured acpibtn0 at acpi0: PWRB "INT3394" at acpi0 not configured "PNP0C0B" at acpi0 not configured "PNP0C0B" at acpi0 not configured "PNP0C0B" at acpi0 not configured "PNP0C0B" at acpi0 not configured "PNP0C0B" at acpi0 not configured acpivideo0 at acpi0: GFX0 acpivout0 at acpivideo0: DD1F cpu0: Enhanced SpeedStep 2793 MHz: speeds: 2800, 2700, 2500, 2400, 2300, 2100, 2000, 1900, 1700, 1600, 1500, 1300, 1200, 1100, 900, 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel Core 4G Host" rev 0x06 ppb0 at pci0 dev 1 function 0 "Intel Core 4G PCIE" rev 0x06: msi pci1 at ppb0 bus 1 em0 at pci1 dev 0 function 0 "Intel I350" rev 0x01: msi, address em1 at pci1 dev 0 function 1 "Intel I350" rev 0x01: msi, address em2 at pci1 dev 0 function 2 "Intel I350" rev 0x01: msi, address em3 at pci1 dev 0 function 3 "Intel I350" rev 0x01: msi, address inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics" rev 0x06 drm0 at inteldrm0 inteldrm0: msi inteldrm0: 1024x768, 32bpp wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) azalia0 at pci0 dev 3 function 0 "Intel Core 4G HD Audio" rev 0x06: msi "Intel 8 Series MEI" rev 0x04 at pci0 dev 22 function 0 not configured ehci0 at pci0 dev 26 function 0 "Intel 8 Series USB" rev 0x05: apic 8 int 16 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 configuration 1 interface 0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 ppb1 at pci0 dev 28 function 0 "Intel 8 Series PCIE" rev 0xd5: msi pci2 at ppb1 bus 2 ppb2 at pci0 dev 28 function 2 "Intel 8 Series PCIE" rev 0xd5: msi pci3 at ppb2 bus 3 ppb3 at pci0 dev 28 function 4 "Intel 8 Series PCIE" rev 0xd5: msi pci4 at ppb3 bus 4 athn0 at pci4 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 8 int 16 athn0: AR9280 rev 2 (2T2R), ROM rev 16, address ppb4 at pci0 dev 28 function 5 "Intel 8 Series PCIE" rev 0xd5: msi pci5 at ppb4 bus 5 athn1 at pci5 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 8 int 17 athn1: AR9280 rev 2 (2T2R), ROM rev 22, address ehci1 at pci0 dev 29 function 0 "Intel 8 Series USB" rev 0x05: apic 8 int 23 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 configuration 1 interface 0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 pcib0 at pci0 dev 31 function 0 "Intel H81 LPC" rev 0x05 ahci0 at pci0 dev 31 function 2 "Intel 8 Series AHCI" rev 0x05: msi, AHCI 1.3 ahci0: port 4: 3.0Gb/s ahci0: port 5: 3.0Gb/s scsibus1 at ahci0: 32 targets sd0 at scsibus1 targ 4 lun 0: SCSI3 0/direct fixed naa.50026b726304fb22 sd0: 114473MB, 512 bytes/sector, 234441648 sectors, thin sd1 at scsibus1 targ 5 lun 0: SCSI3 0/direct fixed naa.50026b726304fbe2 sd1: 114473MB, 512 bytes/sector, 234441648 sectors, thin ichiic0 at pci0 dev 31 function 3 "Intel 8 Series SMBus" rev 0x05: apic 8 int 18 iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 2GB DDR3 SDRAM PC3-10600 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 irq 1 irq 12 pckbd0 at pckbc0 (kbd slot) wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 uhub2 at uhub0 port 1 configuration 1 interface 0 "Intel Rate Matching Hub" rev 2.00/0.05 addr 2 uhub3 at uhub1 port 1 configuration 1 interface 0 "Intel Rate Matching Hub" rev 2.00/0.05 addr 2 uhidev0 at uhub3 port 1 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 3 uhidev0: iclass 3/0, 123 report ids upd0 at uhidev0 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets sd2 at scsibus3 targ 1 lun 0: SCSI2 0/direct fixed sd2: 114470MB, 512 bytes/sector, 234435953 sectors root on sd2a (59f8b4a610bc10ff.a) swap on sd2b dump on sd2b -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: Rebuilding a degraded RAID5 softraid array
LÉVAI Dániel @ 2017-06-20T10:22:27 +0200: > Joel Sing @ 2017-06-19T18:14:30 +0200: [...] Hit reply too fast. > > > You in fact gave the advice at a so lucky time, that I was about to > > > return the disk for a warranty replacement -- had I done that, I could > > > not have been able to repair the array. So thanks again, and I guess > > > you'll have a beer on me when you're around Budapest ;) > > > > Just to clarify, you're saying that when you plugged all of the original > > disks > > back in the array came up again correctly? And if this is correct, was this > > at > > boot time? > > Yes, when I plugged back the 'broken' disk, the array came up in > degraded state during boot. > > The order of events were the following: > First, one of the disks went offline, then the array became degraded. > Then after numerous reboots it always came back degraded with the > failing disk being Offline, but after the very first reboot (after the > fail) softraid couldn't read eg. the size of the failed disk anymore, > when I ran `bioctl softraid0` it showed something like this: > (sorry, this is not the actual output, I'm just trying to remember this) > > softraid0 1 Degraded9001777889280 sd8 RAID5 > 0 Online 3000592678912 1:0.0 noencl > 1 Online 3000592678912 1:1.0 noencl > 2 Online 3000592678912 1:2.0 noencl > 3 Offline 0 1:3.0 noencl > > Softraid could however still read eg. the serial number of the failed > disk. And then what I did actually was booting into bsd.rd from a USB drive, 5 3TB disks connected (the three original ones, the failing one, and the new/clean disk), kicked off the failed drive with the rebuild (bioctl -R ...), then shutdown the machine (mid-rebuild), removed the failed drive (so the three original and the new one remained), then booted into the system from the system disk(s). Then rebuild resumed and continued at boot time. Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: Rebuilding a degraded RAID5 softraid array
Joel Sing @ 2017-06-19T18:14:30 +0200: > On Friday 16 June 2017 10:11:20 LÉVAI Dániel wrote: > > Karel Gardas @ 2017-06-15T09:07:39 +0200: > > > On Thu, Jun 15, 2017 at 7:04 AM, LEVAI Daniel wrote: > > [...] > > > > > > Strangest thing is, if I boot with the 'bad' (=failing) drive as > > > > part of the array, softraid brings the volume online (albeit > > > > degraded) and I can even decrypt/mount the volume and use it (only > > > > one drive being bad in the array of RAID5). If I remove/replace > > > > said failing drive, I'm not getting a degraded volume, just the > > > > error about the missing chunk and that it refuses to bring it > > > > online. > > > > [...] > > [...] > > > > > So I see you do have two possibilities probably: > > > > > > 1) IMHO more safe. If you do have enough SATA ports, then attach both > > > your failing drive and your new drive to the system. Boot. OpenBSD > > > should detect and attach RAID5 in degraded state and then you will be > > > able to perform your rebuild (if your failing drive is not offline, > > > you can use bioctl to offline it) > > > or > > > > Thanks Karel, this indeed did the trick. I'm still baffled however, that > > the whole purpose of the RAID setup was diminished by a missing disk 8-\ > > This is certainly not expected behaviour - I've only skimmed/picked over > parts > of this thread, however softraid will attempt to bring a degraded array > online > (which it seemed to be doing): > > softraid0: not all chunks were provided; attempting to bring volume 1 online > softraid0: trying to bring up sd7 degraded > softraid0: sd7 is offline, will not be brought online > > For some reason it was unable to bring it up in a degraded state (for > example, > multiple missing disks in a RAID 5 array, different metadata versions, etc) - > obviously the logging does not explain why this is the case and we may not be > able to reproduce the situation now. > For future travellers, using dd to capture the start of each partition (which > contains the softraid metadata), would allow this to be analysed further. Hm, would it help to extract the info now from the three old and the new disk -- just to see if there's any anomaly? How many bytes should one extract in this case? Wouldn't differing metadata also hinder the assembly of the array with four disks in this case (the fourth being the failed one; but also see my answer below for your question about this)? > > You in fact gave the advice at a so lucky time, that I was about to > > return the disk for a warranty replacement -- had I done that, I could > > not have been able to repair the array. So thanks again, and I guess > > you'll have a beer on me when you're around Budapest ;) > > Just to clarify, you're saying that when you plugged all of the original > disks > back in the array came up again correctly? And if this is correct, was this > at > boot time? Yes, when I plugged back the 'broken' disk, the array came up in degraded state during boot. The order of events were the following: First, one of the disks went offline, then the array became degraded. Then after numerous reboots it always came back degraded with the failing disk being Offline, but after the very first reboot (after the fail) softraid couldn't read eg. the size of the failed disk anymore, when I ran `bioctl softraid0` it showed something like this: (sorry, this is not the actual output, I'm just trying to remember this) softraid0 1 Degraded9001777889280 sd8 RAID5 0 Online 3000592678912 1:0.0 noencl 1 Online 3000592678912 1:1.0 noencl 2 Online 3000592678912 1:2.0 noencl 3 Offline 0 1:3.0 noencl Softraid could however still read eg. the serial number of the failed disk. > > (Just a side note: to attach the new disk, I had to remove one of the > > system disks that are in a RAID1 setup, also with softraid. Softraid > > however had no problem bringing up *that* RAID1 volume in a degraded > > state with the missing disk...) > > Right - that is how it should behave. This happened to me once before with that same RAID1, and the replacement and the rebuilding was error free -- just like now, only this time it was an 'artificial' failure. > > > 2) less safe (read completely untested and unverified by reading the > > > code on my side). Use bioctl -c 5 -l > > > to attach the RAID5 array including the new drive. Please do > > > *NOT* force this. See if bioctl complains for ex
Re: Rebuilding a degraded RAID5 softraid array
Karel Gardas @ 2017-06-15T09:07:39 +0200: > On Thu, Jun 15, 2017 at 7:04 AM, LEVAI Daniel wrote: [...] > > Strangest thing is, if I boot with the 'bad' (=failing) drive as > > part of the array, softraid brings the volume online (albeit > > degraded) and I can even decrypt/mount the volume and use it (only > > one drive being bad in the array of RAID5). If I remove/replace > > said failing drive, I'm not getting a degraded volume, just the > > error about the missing chunk and that it refuses to bring it > > online. [...] [...] > So I see you do have two possibilities probably: > > 1) IMHO more safe. If you do have enough SATA ports, then attach both > your failing drive and your new drive to the system. Boot. OpenBSD > should detect and attach RAID5 in degraded state and then you will be > able to perform your rebuild (if your failing drive is not offline, > you can use bioctl to offline it) > or Thanks Karel, this indeed did the trick. I'm still baffled however, that the whole purpose of the RAID setup was diminished by a missing disk 8-\ You in fact gave the advice at a so lucky time, that I was about to return the disk for a warranty replacement -- had I done that, I could not have been able to repair the array. So thanks again, and I guess you'll have a beer on me when you're around Budapest ;) (Just a side note: to attach the new disk, I had to remove one of the system disks that are in a RAID1 setup, also with softraid. Softraid however had no problem bringing up *that* RAID1 volume in a degraded state with the missing disk...) > 2) less safe (read completely untested and unverified by reading the > code on my side). Use bioctl -c 5 -l > to attach the RAID5 array including the new drive. Please do > *NOT* force this. See if bioctl complains for example about missing > metadata or if it automatically detects new drive and start rebuild. > > Generally speaking I'd use (1) since I used this in the past and had > no issue with it. Now this was more interesting. I tried eg. (re)creating the RAID5 array with only the remaining three (out of four) disks, with: # bioctl -c 5 -l /dev/sd2a,/dev/sd3a,/dev/sd4a softraid0 Now the result was a firmly reproducable kernel panic and a ddb console. I tried with 6.1 and 6.0 (and 5.8 :) ), just for kicks, but it seems this is a not supported feature(tm) :). When I specified the remaining three disks plus the new/clean one, softraid complained that 'not all chunks are of the native metadata', whatever this means. But for some reason I liked this idea better, 'cause I wouldn't have keep the failing disk connected. Anyway, all sync'd now, and the rebuild speed was quite good -- around 100MB/s --, so it basically finished overnight. Thanks again, Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: Rebuilding a degraded RAID5 softraid array
Karel Gardas @ 2017-06-15T09:07:39 +0200: > On Thu, Jun 15, 2017 at 7:04 AM, LEVAI Daniel wrote: > > Thanks Karel for pointing this out, you are in fact right, and > > nothing is wrong with the logging, I just forgot that I'm decrypting > > that device 'automatically' in rc.local. And the kernel log was from > > before this, hence the similar device names. I still think that > > nonetheless I should've gotten a degraded array that I can work with > > (eg. rebuild). > > > > As a matter of fact I removed everything from the machine, and left > > just the four drives of the array, then booted into bsd.rd from a > > thumb drive. > > > > Strangest thing is, if I boot with the 'bad' (=failing) drive as > > part of the array, softraid brings the volume online (albeit > > degraded) and I can even decrypt/mount the volume and use it (only > > one drive being bad in the array of RAID5). If I remove/replace > > said failing drive, I'm not getting a degraded volume, just the > > error about the missing chunk and that it refuses to bring it > > online. > > > > Either I completely misunderstood the whole idea about softraid and > > the RAID5 setup (I mean, removing a device - failed or not - > > shouldn't hinder the assembly of the array, right?), or I'm missing > > something really obvious 8-/ > > I'm not sure, but I think that there is somewhat blury line in between > the array creation and array attach. In fact OpenBSD is using the same > command for this bioctl -c . So I see you do have two possibilities > probably: > > 1) IMHO more safe. If you do have enough SATA ports, then attach both > your failing drive and your new drive to the system. Boot. OpenBSD > should detect and attach RAID5 in degraded state and then you will be > able to perform your rebuild (if your failing drive is not offline, > you can use bioctl to offline it) So I'd have the degraded array with four disks, plus the new one not in the array, but lying there in the background. Let's say the failing drive is offline. Then to rebuild the degraded array, I'd run # bioctl -R /dev/newdisk sd8 This way, I basically add a new disk to the array, so I'll have a five disk RAID5 setup (with a failing drive being the 'fourth')? How do you think the behavior -- that now softraid won't assemble the volume with a missing disk -- will change, after I remove the failing drive again, leaving the array then with four but working drives? > or > 2) less safe (read completely untested and unverified by reading the > code on my side). Use bioctl -c 5 -l > to attach the RAID5 array including the new drive. Please do > *NOT* force this. See if bioctl complains for example about missing > metadata or if it automatically detects new drive and start rebuild. I've actually given this some thought before, but I swiftly discarded it, -c being a 'create' option, and I didn't want to 'overwrite' my existing RAID5 array. But to be sure I'm on the same page, this way I won't have five disks attached, only four (one of them being the new and clean one), and I'd basically instruct softraid to 'recreate' the RAID5 array from the 3 original and 1 new drive? The assumption is -- if I'm not mistaken -- that softraid would somehow figure out that 3 of the four disks (specified by option '-l') are parts of a RAID5 array, then it'd essentially 'add' the new disk as the fourth, right? > Generally speaking I'd use (1) since I used this in the past and had > no issue with it. Have you had the same problem, in that softraid wouldn't assemble the RAID volume with a missing disk? How did you "remove" the failed device from the RAID array (ie. you 'add' the new disk with -R during rebuild, but how do you 'remove' the failed/offline drive with eg. bioctl)? Daniel
Rebuilding a degraded RAID5 softraid array
fifo pckbc0 at isa0 port 0x60/5 irq 1 irq 12 pckbd0 at pckbc0 (kbd slot) wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 vmm0 at mainbus0: VMX/EPT umass0 at uhub0 port 18 configuration 1 interface 0 "StoreJet TS512GESD400K" rev 3.00/10.00 addr 2 umass0: using SCSI over Bulk-Only scsibus2 at umass0: 2 targets, initiator 0 sd6 at scsibus2 targ 1 lun 0: SCSI4 0/direct fixed serial.174c07d1B8502108567B sd6: 488386MB, 512 bytes/sector, 1000215216 sectors uhub3 at uhub1 port 1 configuration 1 interface 0 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2 uhub4 at uhub2 port 1 configuration 1 interface 0 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2 vscsi0 at root scsibus3 at vscsi0: 256 targets softraid0 at root scsibus4 at softraid0: 256 targets sd7 at scsibus4 targ 1 lun 0: SCSI2 0/direct fixed sd7: 228933MB, 512 bytes/sector, 468856433 sectors softraid0: not all chunks were provided; attempting to bring volume 1 online softraid0: trying to bring up sd7 degraded softraid0: sd7 is offline, will not be brought online root on sd7a (625bf83321ffc7ea.a) swap on sd7b dump on sd7b sd8 at scsibus4 targ 2 lun 0: SCSI2 0/direct fixed sd8: 155872MB, 512 bytes/sector, 319227056 sectors -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Findig the bad device in a degraded softraid RAID5
Hi! Just got a message from sensorsd that one of my drives failed (softraid0.drive1: pfail, WARN -- I guess pfail means 'p'hysical fail?). Do you know any way of figuring out which actual HDD could be this? There are 4 identical ones in the PC. Is there a utility in eg. ports that could read eg. HW serial number from the HDD (like Linux's hdparm(1))? # bioctl softraid0 Volume Status Size Device softraid0 0 Online 240054493696 sd7 RAID1 0 Online 240054493696 0:0.0 noencl 1 Online 240054493696 0:1.0 noencl softraid0 1 Degraded9001777889280 sd8 RAID5 0 Online 3000592678912 1:0.0 noencl 1 Online 3000592678912 1:1.0 noencl 2 Online 3000592678912 1:2.0 noencl 3 Offline 3000592678912 1:3.0 noencl softraid0 2 Online 163444252672 sd9 CRYPTO 0 Online 163444252672 2:0.0 noencl softraid0 3 Online 9001777487872 sd10CRYPTO 0 Online 9001777487872 3:0.0 noencl softraid0 4 Online 512105629696 sd11CRYPTO 0 Online 512105629696 4:0.0 noencl # disklabel sd5 # /dev/rsd5c: type: SCSI disk: SCSI disk label: WDC WD30EFRX-68E duid: b1340ed27eb30f55 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 364801 total sectors: 5860533168 boundstart: 64 boundend: 5860533168 drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a: 5860533104 64RAID c: 58605331680 unused # fdisk sd5 Disk: sd5 geometry: 267349/255/63 [4294961685 Sectors] Offset: 0 Signature: 0xAA55 Starting Ending LBA Info: #: id C H S - C H S [ start:size ] --- 0: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused *3: A6 0 1 2 - 267348 254 63 [ 64: 4294961621 ] OpenBSD # dmesg |F sd5 sd5 at scsibus1 targ 5 lun 0: SCSI3 0/direct fixed naa.50014ee262ccb1f1 sd5: 2861588MB, 512 bytes/sector, 5860533168 sectors sd5 at scsibus1 targ 5 lun 0: SCSI3 0/direct fixed naa.50014ee262ccb1f1 sd5: 2861588MB, 512 bytes/sector, 5860533168 sectors sd5 at scsibus1 targ 5 lun 0: SCSI3 0/direct fixed naa.50014ee262ccb1f1 sd5: 2861588MB, 512 bytes/sector, 5860533168 sectors sd5 at scsibus1 targ 5 lun 0: SCSI3 0/direct fixed naa.50014ee262ccb1f1 sd5: 2861588MB, 512 bytes/sector, 5860533168 sectors # sysctl hw |F sd5 hw.disknames=sd0:5594e3efd983ae85,sd1:d7b424577286863e,sd2:bc78dffe215ae5d9,sd3:d4945527f3b6f5b6,sd4:2e2a1c57ee8b6dc3, 02a11b61f9,sd11:493bc0dd8d86c23f Thanks, Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: DHCP over vr(4) on bridge(4) through vether(4) no working?
Raimo Niskanen @ 2016-10-07T09:46:06 +0200: > Hello misc@ > > I have a home router where it seems that DHCP over vr(4) on bridge(4) > through vether(4) does not work. > [...] > Any hints on how to procede? Just a shot in the dark, but maybe: http://marc.info/?l=openbsd-misc&m=147462832805431&w=2 http://undeadly.org/cgi?action=article&sid=20160725144108 Daniel
Re: 6.0-stable bridge doesn't "forward"
LÉVAI Dániel @ 2016-09-23T11:50:21 +0200: > Hi! > > Yesterday I've upgraded to 6.0, and my Wi-Fi AP (bridge) kind of stopped > working. > It's a setup like this: [...] > I start dhclient on 'Client', then trace the discover packet to the router's > dhcpd(8), and the offer back. > The DHCPDISCOVER is received on the router, it sends back the DHCPOFFER, which > in turn gets back to the AP, alas I only see it on re0, but not on bridge0 or > athn1 -- The bridge(4) ate the offer! :) [...] Ah... It's the same problem as the first paragraph from this article: http://undeadly.org/cgi?action=article&sid=20160725144108 I *knew* this error was somehow familiar... I indeed have dhclient running on re0 on the AP. Daniel
6.0-stable bridge doesn't "forward"
CI0) acpiprt11 at acpi0: bus 5 (PIBR) acpicpu0 at acpi0: C2(0@100 io@0x841), C1(@1 halt!), PSS acpicpu1 at acpi0: C2(0@100 io@0x841), C1(@1 halt!), PSS acpibtn0 at acpi0: PWRB cpu0: 1000 MHz: speeds: 1000 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "AMD AMD64 14h Host" rev 0x00 ppb0 at pci0 dev 4 function 0 "AMD AMD64 14h PCIE" rev 0x00: msi pci1 at ppb0 bus 1 re0 at pci1 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E (0x2c00), msi, address xx:xx:xx:xd:c0 rgephy0 at re0 phy 7: RTL8169S/8110S/8211 PHY, rev. 4 ppb1 at pci0 dev 5 function 0 "AMD AMD64 14h PCIE" rev 0x00: msi pci2 at ppb1 bus 2 re1 at pci2 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E (0x2c00), msi, address xx:xx:xx:xd:c1 rgephy1 at re1 phy 7: RTL8169S/8110S/8211 PHY, rev. 4 ppb2 at pci0 dev 6 function 0 "AMD AMD64 14h PCIE" rev 0x00: msi pci3 at ppb2 bus 3 re2 at pci3 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E (0x2c00), msi, address xx:xx:xx:xd:c2 rgephy2 at re2 phy 7: RTL8169S/8110S/8211 PHY, rev. 4 ppb3 at pci0 dev 7 function 0 "AMD AMD64 14h PCIE" rev 0x00: msi pci4 at ppb3 bus 4 athn0 at pci4 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 2 int 19 athn0: AR9280 rev 2 (2T2R), ROM rev 22, address xx:xx:xx:x7:8c ahci0 at pci0 dev 17 function 0 "ATI SBx00 SATA" rev 0x40: apic 2 int 19, AHCI 1.2 ahci0: port 0: 6.0Gb/s scsibus1 at ahci0: 32 targets sd0 at scsibus1 targ 0 lun 0: SCSI3 0/direct fixed naa.50026b725701c03c sd0: 28626MB, 512 bytes/sector, 58626288 sectors, thin ohci0 at pci0 dev 18 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ehci0 at pci0 dev 18 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "ATI EHCI root hub" rev 2.00/1.00 addr 1 ohci1 at pci0 dev 19 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ehci1 at pci0 dev 19 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 "ATI EHCI root hub" rev 2.00/1.00 addr 1 piixpm0 at pci0 dev 20 function 0 "ATI SBx00 SMBus" rev 0x42: polling iic0 at piixpm0 pcib0 at pci0 dev 20 function 3 "ATI SB700 ISA" rev 0x40 ppb4 at pci0 dev 20 function 4 "ATI SB600 PCI" rev 0x40 pci5 at ppb4 bus 5 ohci2 at pci0 dev 20 function 5 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ppb5 at pci0 dev 21 function 0 "ATI SB800 PCIE" rev 0x00 pci6 at ppb5 bus 6 athn1 at pci6 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 2 int 16 athn1: AR9280 rev 2 (2T2R), ROM rev 22, address xx:xx:xx:xa:8c ohci3 at pci0 dev 22 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ehci2 at pci0 dev 22 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17 usb2 at ehci2: USB revision 2.0 uhub2 at usb2 "ATI EHCI root hub" rev 2.00/1.00 addr 1 pchb1 at pci0 dev 24 function 0 "AMD AMD64 14h Link Cfg" rev 0x43 pchb2 at pci0 dev 24 function 1 "AMD AMD64 14h Address Map" rev 0x00 pchb3 at pci0 dev 24 function 2 "AMD AMD64 14h DRAM Cfg" rev 0x00 km0 at pci0 dev 24 function 3 "AMD AMD64 14h Misc Cfg" rev 0x00 pchb4 at pci0 dev 24 function 4 "AMD AMD64 14h CPU Power" rev 0x00 pchb5 at pci0 dev 24 function 5 "AMD AMD64 14h Reserved" rev 0x00 pchb6 at pci0 dev 24 function 6 "AMD AMD64 14h NB Power" rev 0x00 pchb7 at pci0 dev 24 function 7 "AMD AMD64 14h Reserved" rev 0x00 usb3 at ohci0: USB revision 1.0 uhub3 at usb3 "ATI OHCI root hub" rev 1.00/1.00 addr 1 usb4 at ohci1: USB revision 1.0 uhub4 at usb4 "ATI OHCI root hub" rev 1.00/1.00 addr 1 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pcppi0 at isa0 port 0x61 spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 wbsio0 at isa0 port 0x2e/2: NCT5104D rev 0x52 usb5 at ohci2: USB revision 1.0 uhub5 at usb5 "ATI OHCI root hub" rev 1.00/1.00 addr 1 usb6 at ohci3: USB revision 1.0 uhub6 at usb6 "ATI OHCI root hub" rev 1.00/1.00 addr 1 umass0 at uhub2 port 1 configuration 1 interface 0 "Generic Flash Card Reader/Writer" rev 2.01/1.00 addr 2 umass0: using SCSI over Bulk-Only scsibus2 at umass0: 2 targets, initiator 0 sd1 at scsibus2 targ 1 lun 0: SCSI2 0/direct removable serial.058f6366058F63666485 vscsi0 at root scsibus3 at vscsi0: 256 targets softraid0 at root scsibus4 at softraid0: 256 targets root on sd0a (523379404f543826.a) swap on sd0b dump on sd0b -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: Two athn devices acting weird
Stuart Henderson @ 2016-05-18T10:23:26 +0200: > On 2016-05-15, Mihai Popescu wrote: > > The other thing is you have managed to obscure the MACs > > They're in the IPv6 addresses. > Allright-allright :D I messed up. Daniel
Re: Two athn devices acting weird
Stefan Sperling @ 2016-05-16T11:36:58 +0200: > On Sun, May 15, 2016 at 09:36:19PM +0200, LÉVAI Dániel wrote: > > hostname.athn0: > > ==8<== > > media autoselect > > mode 11g > > chan 10 > > nwid daniell > > wpakey _ > > wpaprotos wpa2 > > mediaopt hostap > > #nwflag hidenwid > > inet6 eui64 > > up > > > ##!/sbin/ifconfig athn0 media autoselect mode auto mediaopt hostap > > #!/sbin/ifconfig athn0 chan 10 > > #!/sbin/ifconfig athn0 media autoselect mode 11g chan 10 mediaopt hostap > [...] > So try putting all your media settings on a single line in your > hostname.athn0 file, instead of splitting media commands across > several lines with other commands in-between. Like this: > > media autoselect mode 11g chan 10 mediaopt hostap > > Does that help? It has the same effect as this line you wrote: Thank you, perfect! I don't know why I was stuck with the one-option-per-line configuration.. :-/ Daniel
Re: Two athn devices acting weird
Mihai Popescu @ 2016-05-15T22:48:51 +0200: > Can you delete the 'media autoselect' from both configurations? Doesn't make any difference. As I mentioned, if I rerun netstart *with the same* hostname.if file, it sets it up properly. > The other thing is you have managed to obscure the MACs but you put > the wpakey there in the post ... Yes, I overlooked that. Daniel
Two athn devices acting weird
Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 4 uhidev2: iclass 3/0, 123 report ids upd0 at uhidev2 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets sd2 at scsibus3 targ 1 lun 0: SCSI2 0/direct fixed sd2: 114470MB, 512 bytes/sector, 234435953 sectors root on sd2a (59f8b4a610bc10ff.a) swap on sd2b dump on sd2b pppoe0: received unexpected PADO pppoe0: received unexpected PADO uhidev0 at uhub3 port 1 configuration 1 interface 0 "SINO WEALTH USB KEYBOARD" rev 1.10/1.00 addr 3 uhidev0: iclass 3/1 ukbd0 at uhidev0: 8 variable keys, 6 key codes wskbd1 at ukbd0 mux 1 wskbd1: connecting to wsdisplay0 uhidev1 at uhub3 port 1 configuration 1 interface 1 "SINO WEALTH USB KEYBOARD" rev 1.10/1.00 addr 3 uhidev1: iclass 3/0, 5 report ids uhid0 at uhidev1 reportid 2: input=1, output=0, feature=0 uhid1 at uhidev1 reportid 3: input=3, output=0, feature=0 uhid2 at uhidev1 reportid 5: input=0, output=0, feature=5 upd0 detached uhidev2 detached uhidev2 at uhub3 port 3 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 4 uhidev2: iclass 3/0, 123 report ids upd0 at uhidev2 uhub3: illegal enable change, port 3 upd0 detached uhidev2 detached uhub3: device problem, disabling port 3 uhub3: port error, restarting port 3 uhidev2 at uhub3 port 3 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 4 uhidev2: iclass 3/0, 123 report ids upd0 at uhidev2 uhub3: illegal enable change, port 3 -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: assigning ipv6 addresses to interfaces
Stuart Henderson @ 2016-02-01T11:44:49 +0100: > On 2016-02-01, LÉVAI Dániel wrote: > > Interesting. I even tried to specifically request a prefix with > > ia_pd 1/::/64 [...] > > ... but alas it didn't make any difference. > > > > Could it be that this is the error of dhcpcd's implementation of the > > request, and not the ISP's? Before I try the customer services, I just > > want to make sure this is not PEBKAC. > > I think the ISP are probably only handing out one /64, and while I'm > not sure how dhcpcd copes in that situation (you could ask on the dhcpcd > mailing list), it's probably doing the best it can under the conditions > (but not good enough for SLAAC). > > Our tcpdump(8) doesn't decode dhcpv6 but if you use e.g. wireshark > you'll see something like this in the ISP's reply, > > # tshark -i pppoe1 -V port 546 or port 547 > [...] > Identity Association for Prefix Delegation > Option: Identity Association for Prefix Delegation (25) > Length: 41 > Value: 0002001a0019... > IAID: 0002 > T1: infinity > T2: infinity > IA Prefix > Option: IA Prefix (26) > Length: 25 > Value: 302a028011700300... > Preferred lifetime: infinity > Valid lifetime: infinity > Prefix length: 48 > Prefix address: 2a02:8011:7003:: > > And in your case I think it will probably have "Prefix length: 64". > If so, I'd start by asking the ISP if they can configure things to > let you have a /48 or /56. And that is exactly what's happening. However, with dhcpcd 6.10.1, I could get away with configuring `ia_pd 1 em1/0`, and just distributing my /64, upgrading the port to 6.10.2 resulted in this: Issue: http://roy.marples.name/projects/dhcpcd/info/7461677bd0 Patch: http://roy.marples.name/projects/dhcpcd/info/59cdbb6e777c4bec I'm currently using that patch on top of the 6.10.2 port from -current, and getting the same result as before. (Just in case someone will run into this) Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: assigning ipv6 addresses to interfaces
obsd @ 2016-01-31T17:49:04 +0100: > On 31-01-16 17:13, LÉVAI Dániel wrote: [...] > >So turns out, that if I request anything other than sla_id 0 or 1, I get > >another subnet, but with a /72 prefix. Also, using: > >ia_pd 1 re1/1 athn0/2 athn1/3 > >... resulted in the same subnet/prefix sent to me, for all interfaces. > > > >For some reason I had to increment the sla_ids by 4 to get another > >subnet. So: > >ia_pd 1 re1/1 athn0/4 athn1/8 > >... actually worked, and got three different subnets, but all came with > >a /72 prefix. And for some other reason, none of my devices (Linux, > >Android, Chromecast...) would accept a /72 address advertised, so > >although they all got a reply for their rtsol, they ignored it... > A /72 should not work (and indeed does not work as you found out)! The > smallest subnet (with the exception of a /127 /128) is /64. Your ISP is > doing The Wrong Thing (tm). Instead your ISP should provide you with a /56 > (for 256 subnets) or, even better, with a /48, where you would have 65536 > subnets. The latter is the preferred standard although some ISP's do not > understand the sheer size of IPv6, and therefore think that they are wasting > space handing out /48's. NANOG is full of discussions about this. > > See > http://serverfault.com/questions/426183/how-does-ipv6-subnetting-work-and-how-does-it-differ-from-ipv4-subnetting > for example. Interesting. I even tried to specifically request a prefix with ia_pd 1/::/64 [...] ... but alas it didn't make any difference. Could it be that this is the error of dhcpcd's implementation of the request, and not the ISP's? Before I try the customer services, I just want to make sure this is not PEBKAC. Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: assigning ipv6 addresses to interfaces
LÉVAI Dániel @ 2016-01-31T14:10:21 +0100: > Stuart Henderson @ 2016-01-30T23:01:54 +0100: > > On 2016-01-30, LÉVAI Dániel wrote: > > > Hi! > > > > > > My ISP recently enabled ipv6 on their network, and started sending > > > router advertisements (offering a /64 prefix) on their pppoe end. So now > > > I have an autoconf'd v6 address on my pppoe0 device (yay!), and I wish > > > to set my in-home devices a v6 address each. > [...] > > You aren't supposed to have addresses within the same /64 on more than > > one interface. > > > > The normal method is that you get an address for the PPP interface using > > SLAAC autoconf (as you have now), and request one or more *additional* /64s > > using DHCPv6-PD (prefix delegation) - one per interface. The DHCPv6 client > > assigns to "downstream" (client-facing) interfaces from this assignment, > > and you would use rtadvd to advertise the prefix (and possibly other > > information) to clients. > > > > There is no software in OpenBSD base to handle prefix delegation. > > I recommend "dhcpcd" from packages and I've added a pkg-readme with a > > minimal setup to handle just this (it is also a full-featured DHCP client > > for v4, but I'm personally only using it for v6). Unlike some alternatives > > it is actively maintained upstream by a responsive developer. [...] > re1: IAID <> > pppoe0: IAID 00:00:00:01 > pppoe0: IAID 00:00:00:02 > pppoe0: no useable IA found in lease > pppoe0: dhcp6_readlease: /var/db/dhcpcd-pppoe0.lease6: No such process > pppoe0: soliciting a DHCPv6 lease > athn0: IAID <> > athn1: IAID <> > pppoe0: ADV 2a01:36d:300:<>::/64 from fe80::5dd9:bcc7:cbab:8bb8 > pppoe0: REPLY6 received from fe80::5dd9:bcc7:cbab:8bb8 > re1: adding address 2a01:36d:300:<1>::1/72 > athn0: preferring 2a01:36d:300:<1>::1/72 on re1 > athn1: preferring 2a01:36d:300:<1>::1/72 on re1 > pppoe0: renew in 302400 seconds, rebind in 483840 seconds > pppoe0: adding reject route to 2a01:36d:300:<>::/64 via ::1 > athn0: adding route to 2a01:36d:300:<1>::/72 > forked to background, child pid 346 [...] > Do I understand it correctly, that this should delegate each interface a > /72, while leaving pppoe0's autoconf[privacy]'d addresses intact? So turns out, that if I request anything other than sla_id 0 or 1, I get another subnet, but with a /72 prefix. Also, using: ia_pd 1 re1/1 athn0/2 athn1/3 ... resulted in the same subnet/prefix sent to me, for all interfaces. For some reason I had to increment the sla_ids by 4 to get another subnet. So: ia_pd 1 re1/1 athn0/4 athn1/8 ... actually worked, and got three different subnets, but all came with a /72 prefix. And for some other reason, none of my devices (Linux, Android, Chromecast...) would accept a /72 address advertised, so although they all got a reply for their rtsol, they ignored it... I'm now just requesting one PD, with sla_id 0, assigning that to re1, bridging the athns and re1 together, and running rtadvd(8) on re1. Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: assigning ipv6 addresses to interfaces
Stuart Henderson @ 2016-01-30T23:01:54 +0100: > On 2016-01-30, LÉVAI Dániel wrote: > > Hi! > > > > My ISP recently enabled ipv6 on their network, and started sending > > router advertisements (offering a /64 prefix) on their pppoe end. So now > > I have an autoconf'd v6 address on my pppoe0 device (yay!), and I wish > > to set my in-home devices a v6 address each. [...] > You aren't supposed to have addresses within the same /64 on more than > one interface. > > The normal method is that you get an address for the PPP interface using > SLAAC autoconf (as you have now), and request one or more *additional* /64s > using DHCPv6-PD (prefix delegation) - one per interface. The DHCPv6 client > assigns to "downstream" (client-facing) interfaces from this assignment, > and you would use rtadvd to advertise the prefix (and possibly other > information) to clients. > > There is no software in OpenBSD base to handle prefix delegation. > I recommend "dhcpcd" from packages and I've added a pkg-readme with a > minimal setup to handle just this (it is also a full-featured DHCP client > for v4, but I'm personally only using it for v6). Unlike some alternatives > it is actively maintained upstream by a responsive developer. Thanks for the infos! I was trying out wide-dhcpv6 because I read everywhere that that is *the thing!*. So I've installed dhcpcd, rewritten the config. from the pkg-readme, and got this: re1: IAID <> pppoe0: IAID 00:00:00:01 pppoe0: IAID 00:00:00:02 pppoe0: no useable IA found in lease pppoe0: dhcp6_readlease: /var/db/dhcpcd-pppoe0.lease6: No such process pppoe0: soliciting a DHCPv6 lease athn0: IAID <> athn1: IAID <> pppoe0: ADV 2a01:36d:300:<>::/64 from fe80::5dd9:bcc7:cbab:8bb8 pppoe0: REPLY6 received from fe80::5dd9:bcc7:cbab:8bb8 re1: adding address 2a01:36d:300:<1>::1/72 athn0: preferring 2a01:36d:300:<1>::1/72 on re1 athn1: preferring 2a01:36d:300:<1>::1/72 on re1 pppoe0: renew in 302400 seconds, rebind in 483840 seconds pppoe0: adding reject route to 2a01:36d:300:<>::/64 via ::1 athn0: adding route to 2a01:36d:300:<1>::/72 forked to background, child pid 346 '<>' being stuff that I really don't know if they're sensitive... But the <1> parts were the same, and the other ones seems like part of the NIC's MAC addresses. So it has indeed added the prefix to re1, but refused the athns, because re1 had already had the same prefix? I was trying out some combinations of the `ia_pd' option in a futile effort to just see what happens, but it didn't fix it, just broke it in other ways; I only managed to assign addresses to either one of the interfaces, but not all of them. Do I understand it correctly, that this should delegate each interface a /72, while leaving pppoe0's autoconf[privacy]'d addresses intact? BTW, is there a difference between writing 'inet6 autoconf' or 'rtsol' in /etc/hostname.pppoe0? Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
assigning ipv6 addresses to interfaces
Hi! My ISP recently enabled ipv6 on their network, and started sending router advertisements (offering a /64 prefix) on their pppoe end. So now I have an autoconf'd v6 address on my pppoe0 device (yay!), and I wish to set my in-home devices a v6 address each. The router that has the pppoe device also has three other interfaces: re1, athn0, athn1. All of these are LAN. What I do now, is that I have rtadvd(8) running on these three devices (re1, athn*). But I have no idea how to generate those autoconfprivacy addresses for these interfaces, and rtadvd needs something there to advertise, so what I also do (and what is probably not a very good idea) is that I just chop the last group of the autoconf'd address of the pppoe0 device, and assign each LAN interface almost the same IPv6 address by changing the last group and incrementing it (with the same /64 prefix of course). Although this works, and my in-home devices get IPv6 addresses from rtadvd, each of them has this nice autoconfprivacy addresses. What I'm wondering about, is if I can assign my LAN interfaces (on my router) autoconfprivacy addresses (for rtadvd(8)) that are derived from the pppoe0 device's autoconf'd inet6 address. Does this make sense? Is this possible? Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Unable to umount a USB drive without -f
C2(200@117 mwait.1@0x30), C1(1000@1 mwait.1), PSS acpicpu3 at acpi0: C2(200@117 mwait.1@0x30), C1(1000@1 mwait.1), PSS acpipwrres0 at acpi0: PG00, resource for PEG0 acpipwrres1 at acpi0: PG01, resource for PEG1 acpipwrres2 at acpi0: PG02, resource for PEG2 acpipwrres3 at acpi0: FN00, resource for FAN0 acpipwrres4 at acpi0: FN01, resource for FAN1 acpipwrres5 at acpi0: FN02, resource for FAN2 acpipwrres6 at acpi0: FN03, resource for FAN3 acpipwrres7 at acpi0: FN04, resource for FAN4 acpitz0 at acpi0: critical temperature is 97 degC acpitz1 at acpi0: critical temperature is 97 degC acpibat0 at acpi0: BAT0 not present acpibat1 at acpi0: BAT1 not present acpibat2 at acpi0: BAT2 not present acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: SLPB acpibtn2 at acpi0: LID0 acpivideo0 at acpi0: GFX0 acpivout0 at acpivideo0: DD1F cpu0: Enhanced SpeedStep 3900 MHz: speeds: 3201, 3200, 3000, 2900, 2700, 2500, 2300, 2200, 2000, 1800, 1700, 1500, 1300, 1100, 1000, 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel Core 4G Host" rev 0x06 ppb0 at pci0 dev 1 function 0 "Intel Core 4G PCIE" rev 0x06: msi pci1 at ppb0 bus 1 re0 at pci1 dev 0 function 0 "Realtek 8168" rev 0x01: RTL8168 2 (0x3800), msi, address 00:... rgephy0 at re0 phy 7: RTL8169S/8110S/8211 PHY, rev. 2 vga1 at pci0 dev 2 function 0 "Intel HD Graphics 4600" rev 0x06 intagp at vga1 not configured inteldrm0 at vga1 drm0 at inteldrm0 error: [drm:pid0:i915_write32] *ERROR* Unknown unclaimed register before writing to 10 inteldrm0: 1360x768 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) azalia0 at pci0 dev 3 function 0 "Intel Core 4G HD Audio" rev 0x06: msi azalia0: No codecs found xhci0 at pci0 dev 20 function 0 "Intel 9 Series xHCI" rev 0x00: msi usb0 at xhci0: USB revision 3.0 uhub0 at usb0 "Intel xHCI root hub" rev 3.00/1.00 addr 1 "Intel 9 Series MEI" rev 0x00 at pci0 dev 22 function 0 not configured ehci0 at pci0 dev 26 function 0 "Intel 9 Series USB" rev 0x00: apic 8 int 16 usb1 at ehci0: USB revision 2.0 uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1 azalia1 at pci0 dev 27 function 0 "Intel 9 Series HD Audio" rev 0x00: msi azalia1: codecs: Realtek/0x0892 audio0 at azalia1 ppb1 at pci0 dev 28 function 0 "Intel 9 Series PCIE" rev 0xd0 pci2 at ppb1 bus 2 ppb2 at pci0 dev 28 function 2 "Intel 9 Series PCIE" rev 0xd0: msi pci3 at ppb2 bus 3 re1 at pci3 dev 0 function 0 "Realtek 8168" rev 0x0c: RTL8168G/8111G (0x4c00), msi, address fc:... rgephy1 at re1 phy 7: RTL8251 PHY, rev. 0 ppb3 at pci0 dev 28 function 3 "Intel 9 Series PCIE" rev 0xd0: msi pci4 at ppb3 bus 4 ppb4 at pci4 dev 0 function 0 "Intel 82801BA Hub-to-PCI" rev 0x41 pci5 at ppb4 bus 5 ehci1 at pci0 dev 29 function 0 "Intel 9 Series USB" rev 0x00: apic 8 int 23 usb2 at ehci1: USB revision 2.0 uhub2 at usb2 "Intel EHCI root hub" rev 2.00/1.00 addr 1 pcib0 at pci0 dev 31 function 0 "Intel H97 LPC" rev 0x00 ahci0 at pci0 dev 31 function 2 "Intel 9 Series AHCI" rev 0x00: msi, AHCI 1.3 ahci0: port 0: 6.0Gb/s ahci0: port 1: 3.0Gb/s scsibus1 at ahci0: 32 targets sd0 at scsibus1 targ 0 lun 0: SCSI3 0/direct fixed naa.5000c50082500687 sd0: 476940MB, 512 bytes/sector, 976773168 sectors sd1 at scsibus1 targ 1 lun 0: SCSI3 0/direct fixed naa.5000cca7cee339d0 sd1: 476940MB, 512 bytes/sector, 976773168 sectors ichiic0 at pci0 dev 31 function 3 "Intel 9 Series SMBus" rev 0x00: apic 8 int 18 iic0 at ichiic0 spdmem0 at iic0 addr 0x51: 8GB DDR3 SDRAM PC3-12800 spdmem1 at iic0 addr 0x53: 8GB DDR3 SDRAM PC3-12800 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 irq 1 irq 12 pckbd0 at pckbc0 (kbd slot) wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 umass0 at uhub0 port 8 configuration 1 interface 0 "StoreJet TS512GESD400K" rev 2.10/10.00 addr 2 umass0: using SCSI over Bulk-Only scsibus2 at umass0: 2 targets, initiator 0 sd2 at scsibus2 targ 1 lun 0: SCSI4 0/direct fixed serial.174c07d1B8502108567B sd2: 488386MB, 512 bytes/sector, 1000215216 sectors uplcom0 at uhub0 port 9 "Prolific Technology Inc. USB-Serial Controller D" rev 1.10/4.00 addr 3 ucom0 at uplcom0 uhub3 at uhub1 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2 uhub4 at uhub2 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2 vscsi0 at root scsibus3 at vscsi0: 256 targets softraid0 at root scsibus4 at softraid0: 256 targets sd3 at scsibus4 targ 1 lun 0: SCSI2 0/direct fixed sd3: 476936MB, 512 bytes/sector, 976766528 sectors root on sd3a (f4326f22d7495af3.a) swap on sd3b dump on sd3b sd4 at scsibus4 targ 2 lun 0: SCSI2 0/direct fixed sd4: 488381MB, 512 bytes/sector, 1000206308 sectors ### AML PARSE ERROR (0xd514): Undefined name: D1F0 error evaluating: \\_GPE._L09 -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: wle200nx WiFi card on apu2b4 - no link
Kapfhammer, Stefan @ 2015-12-27T22:44:09 +0100: > Good evening, > > I cannot access hotspot with apu2b4's wle200nx wifi card. > > got ath0: device timeout [...] How come it's not athn? Is this the full and only error message? >From athn(4): athn0: device timeout A frame dispatched to the hardware for transmission did not complete in time. The driver will reset the hardware. This should not happen. Can you try the minipcie card in an other board, or switch minipcie slots? [...] > -> athn0 at pci4 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 4 int 16 > -> athn0: AR9280 rev 2 (2T2R), ROM rev 22, address [...] > # ifconfig > > athn0: flags=8843 mtu 1500 > lladdr > priority: 4 > groups: wlan > media: IEEE802.11 autoselect (OFDM6 mode 11a) > status: no network > ieee80211: nwid chan 9 wpakey 0x wpaprotos > wpa2 wpaakms psk wpaciphers ccmp wpagroupcipher tkip > > # cat /etc/hostname.athn0 > > nwid TESTNET > wpakey 'Do!Not-deal+w1th-IT' > dhcp I'm using exactly the same minipcie card, in almost the same board (apu1d), only with -current, and in hostap mode. Just off the top of my head, you could try to set media to autoselect, and make sure that you use the right mode: # ifconfig athn0 media [...] supported media: media autoselect media autoselect mediaopt hostap media autoselect mediaopt monitor media autoselect mode 11a media autoselect mode 11a mediaopt hostap media autoselect mode 11a mediaopt monitor media autoselect mode 11b media autoselect mode 11b mediaopt hostap media autoselect mode 11b mediaopt monitor media autoselect mode 11g media autoselect mode 11g mediaopt hostap media autoselect mode 11g mediaopt monitor The one and only problem with my WLE card was that I set the mode to 11g before setting it to a 5GHz channel, and that combo does not exist, and I could not set it back without a reboot. But other than that, it is performing really well, set to 11a and 5GHz. Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: drops to ddb when disconnecting from serial line
Tati Chevron @ 2015-12-27T22:32:45 +0100: > On Sun, Dec 27, 2015 at 07:04:10PM +, Stuart Henderson wrote: > >On 2015-12-27, Ted Unangst wrote: > >>LÉVAI Dániel wrote: > >>>So I guess it didn't panic, but just dropped to ddb from console, > >>>because ddb.console was set to 1. Is there something sent via the serial > >>>console that induces this? If I set ddb.console to 0 this doesn't > >>>happen, but I'm curious as to what is happening and if I can avoid it. > >> > >>a "break" was sent. or at least received. i've seen extra breaks sent when > >>trying to disconnect too. i mostly solved it by not disconnecting... > > > >"break" is just a signal low for longer than the time taken to send a > >normal character (plus framing), it's not that hard to have one detected > >when it's not intended. First I'd try setting things up to use a > >different port speed, especially if it's currently at a high speed > >then try slowing it down. If that doesn't help then I'd try a > >different usb/rs232 adapter. > > Possibly a shorter or better quality cable may help as well, especially > if it's a long cable run. Ah, I see, thanks! I never cease to learn stuff just by fiddling with this OS :) Daniel
drops to ddb when disconnecting from serial line
68" rev 0x06: RTL8168E/8111E (0x2c00), msi, address 00:0d:b9:3f:ea:e9 rgephy1 at re1 phy 7: RTL8169S/8110S/8211 PHY, rev. 4 ppb2 at pci0 dev 6 function 0 "AMD AMD64 14h PCIE" rev 0x00: msi pci3 at ppb2 bus 3 re2 at pci3 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E (0x2c00), msi, address 00:0d:b9:3f:ea:ea rgephy2 at re2 phy 7: RTL8169S/8110S/8211 PHY, rev. 4 ppb3 at pci0 dev 7 function 0 "AMD AMD64 14h PCIE" rev 0x00: msi pci4 at ppb3 bus 4 athn0 at pci4 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 2 int 19 athn0: AR9280 rev 2 (2T2R), ROM rev 22, address 04:f0:21:14:c7:8c ahci0 at pci0 dev 17 function 0 "ATI SBx00 SATA" rev 0x40: apic 2 int 19, AHCI 1.2 ahci0: port 0: 6.0Gb/s scsibus1 at ahci0: 32 targets sd0 at scsibus1 targ 0 lun 0: SCSI3 0/direct fixed naa.50026b725701c03c sd0: 28626MB, 512 bytes/sector, 58626288 sectors, thin ohci0 at pci0 dev 18 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ehci0 at pci0 dev 18 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "ATI EHCI root hub" rev 2.00/1.00 addr 1 ohci1 at pci0 dev 19 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ehci1 at pci0 dev 19 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 "ATI EHCI root hub" rev 2.00/1.00 addr 1 piixpm0 at pci0 dev 20 function 0 "ATI SBx00 SMBus" rev 0x42: polling iic0 at piixpm0 pcib0 at pci0 dev 20 function 3 "ATI SB700 ISA" rev 0x40 ppb4 at pci0 dev 20 function 4 "ATI SB600 PCI" rev 0x40 pci5 at ppb4 bus 5 ohci2 at pci0 dev 20 function 5 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ppb5 at pci0 dev 21 function 0 "ATI SB800 PCIE" rev 0x00 pci6 at ppb5 bus 6 ohci3 at pci0 dev 22 function 0 "ATI SB700 USB" rev 0x00: apic 2 int 18, version 1.0, legacy support ehci2 at pci0 dev 22 function 2 "ATI SB700 USB2" rev 0x00: apic 2 int 17 usb2 at ehci2: USB revision 2.0 uhub2 at usb2 "ATI EHCI root hub" rev 2.00/1.00 addr 1 pchb1 at pci0 dev 24 function 0 "AMD AMD64 14h Link Cfg" rev 0x43 pchb2 at pci0 dev 24 function 1 "AMD AMD64 14h Address Map" rev 0x00 pchb3 at pci0 dev 24 function 2 "AMD AMD64 14h DRAM Cfg" rev 0x00 km0 at pci0 dev 24 function 3 "AMD AMD64 14h Misc Cfg" rev 0x00 pchb4 at pci0 dev 24 function 4 "AMD AMD64 14h CPU Power" rev 0x00 pchb5 at pci0 dev 24 function 5 "AMD AMD64 14h Reserved" rev 0x00 pchb6 at pci0 dev 24 function 6 "AMD AMD64 14h NB Power" rev 0x00 pchb7 at pci0 dev 24 function 7 "AMD AMD64 14h Reserved" rev 0x00 usb3 at ohci0: USB revision 1.0 uhub3 at usb3 "ATI OHCI root hub" rev 1.00/1.00 addr 1 usb4 at ohci1: USB revision 1.0 uhub4 at usb4 "ATI OHCI root hub" rev 1.00/1.00 addr 1 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pcppi0 at isa0 port 0x61 spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 wbsio0 at isa0 port 0x2e/2: NCT5104D rev 0x52 usb5 at ohci2: USB revision 1.0 uhub5 at usb5 "ATI OHCI root hub" rev 1.00/1.00 addr 1 usb6 at ohci3: USB revision 1.0 uhub6 at usb6 "ATI OHCI root hub" rev 1.00/1.00 addr 1 umass0 at uhub2 port 1 configuration 1 interface 0 "Generic Flash Card Reader/Writer" rev 2.01/1.00 addr 2 umass0: using SCSI over Bulk-Only scsibus2 at umass0: 2 targets, initiator 0 sd1 at scsibus2 targ 1 lun 0: SCSI2 0/direct removable serial.058f6366058F63666485 uhidev0 at uhub3 port 5 configuration 1 interface 0 "American Power Conversion Back-UPS XS 1400U FW:926.T1 .I USB FW:T1" rev 1.10/1.06 addr 2 uhidev0: iclass 3/0, 123 report ids upd0 at uhidev0 vscsi0 at root scsibus3 at vscsi0: 256 targets softraid0 at root scsibus4 at softraid0: 256 targets root on sd0a (c421705bda3156b9.a) swap on sd0b dump on sd0b pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: pap failure pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: pap failure pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: pap failure pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: pap failure pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe: GENERIC ERROR: RP-PPPoE: Child pppd process terminated -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: UPDATE: fonts/terminus
LÉVAI Dániel @ 2015-11-13T10:20:35 +0100: > Hi! > > Update to terminus font: Sorry, wrong list.
UPDATE: fonts/terminus
Hi! Update to terminus font: Index: Makefile === RCS file: /cvs/ports/fonts/terminus-font/Makefile,v retrieving revision 1.9 diff -u -p -p -u -r1.9 Makefile --- Makefile31 Mar 2015 09:45:11 - 1.9 +++ Makefile13 Nov 2015 09:18:02 - @@ -2,7 +2,7 @@ COMMENT = fixed width fonts especially for long hacking sessions -DISTNAME = terminus-font-4.39 +DISTNAME = terminus-font-4.40 CATEGORIES = fonts x11 REVISION = 0 Index: distinfo === RCS file: /cvs/ports/fonts/terminus-font/distinfo,v retrieving revision 1.4 diff -u -p -p -u -r1.4 distinfo --- distinfo8 May 2014 22:18:39 - 1.4 +++ distinfo13 Nov 2015 09:18:02 - @@ -1,2 +1,2 @@ -SHA256 (terminus-font-4.39.tar.gz) = MQg4OYazZaS5zAjDGkGVGW9t6XTSc1139sbvqf6x9b8= -SIZE (terminus-font-4.39.tar.gz) = 324890 +SHA256 (terminus-font-4.40.tar.gz) = ZPUsJNPxweOfIebEMHepvj4h1DhPF29XZsAFWLpnBxE= +SIZE (terminus-font-4.40.tar.gz) = 558440 Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Intel I218-V NIC -- hardware initialization failed
0x003c: Interrupt Pin: 02 Line: ff Min Gnt: 00 Max Lat: 00 0x0080: Capability 0x05: Message Signaled Interrupts (MSI) 0x0070: Capability 0x01: Power Management 0x00a8: Capability 0x12: SATA 0:31:3: Intel 8 Series SMBus 0x: Vendor ID: 8086 Product ID: 9c22 0x0004: Command: 0003 Status: 0280 0x0008: Class: 0c Subclass: 05 Interface: 00 Revision: 04 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 00 0x0010: BAR mem 64bit addr: 0xd0638000/0x0100 0x0018: BAR empty () 0x001c: BAR empty () 0x0020: BAR io addr: 0xefa0/0x0020 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 17aa Product ID: 5020 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 03 Line: ff Min Gnt: 00 Max Lat: 00 0:31:6: Intel unknown 0x: Vendor ID: 8086 Product ID: 9c24 0x0004: Command: 0006 Status: 0010 0x0008: Class: 11 Subclass: 80 Interface: 00 Revision: 04 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 00 0x0010: BAR mem 64bit addr: 0xd063b000/0x1000 0x0018: BAR empty () 0x001c: BAR empty () 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 17aa Product ID: 5020 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 03 Line: ff Min Gnt: 00 Max Lat: 00 0x0050: Capability 0x01: Power Management 0x0080: Capability 0x05: Message Signaled Interrupts (MSI) 4:0:0: Intel Dual Band Wireless AC 7265 0x: Vendor ID: 8086 Product ID: 095b 0x0004: Command: 0006 Status: 0010 0x0008: Class: 02 Subclass: 80 Interface: 00 Revision: 61 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 10 0x0010: BAR mem 64bit addr: 0xd050/0x2000 0x0018: BAR empty () 0x001c: BAR empty () 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 8086 Product ID: 5210 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: ff Min Gnt: 00 Max Lat: 00 0x00c8: Capability 0x01: Power Management 0x00d0: Capability 0x05: Message Signaled Interrupts (MSI) 0x0040: Capability 0x10: PCI Express Link Speed: 2.5 / 2.5 GT/s Link Width: x1 / x1 5:0:0: Realtek RTS5227 Card Reader 0x: Vendor ID: 10ec Product ID: 5227 0x0004: Command: 0006 Status: 0010 0x0008: Class: ff Subclass: 00 Interface: 00 Revision: 01 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 10 0x0010: BAR mem 32bit addr: 0xd040/0x1000 0x0014: BAR empty () 0x0018: BAR empty () 0x001c: BAR empty () 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 17aa Product ID: 5020 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: ff Min Gnt: 00 Max Lat: 00 0x0040: Capability 0x01: Power Management 0x0050: Capability 0x05: Message Signaled Interrupts (MSI) 0x0070: Capability 0x10: PCI Express Link Speed: 2.5 / 2.5 GT/s Link Width: x1 / x1 usbdevs: Controller /dev/usb0: addr 1: super speed, self powered, config 1, xHCI root hub(0x), Intel(0x8086), rev 1.00 uhub0 port 1 addr 9: high speed, power 200 mA, config 1, DT HyperX(0x1626), Kingston(0x0951), rev 1.10, iSerialNumber 0018F30C9FEA5B990117001B umass0 port 2 addr 2: high speed, self powered, config 1, USB2.0 Hub(0x0610), GenesysLogic(0x05e3), rev 4.01 uhub1 port 1 addr 3: low speed, power 98 mA, config 1, USB-PS/2 Optical Mouse(0xc050), Logitech(0x046d), rev 27.20 uhidev0 port 2 addr 4: low speed, power 100 mA, config 1, USB NetVista Full Width Keyboard(0x3025), CHICONY(0x04b3), rev 1.02 uhidev1 port 3 powered port 4 powered port 3 addr 5: full speed, power 500 mA, config 1, USB Sound Device(0x0103), C-Media INC.(0x0d8c), rev 0.10 uaudio0 port 4 disabled port 5 disabled port 6 addr 6: full speed, power 100 mA, config 1, VFS5011 Fingerprint Reader(0x0011), Validity Sensors(0x138a), rev 0.78, iSerialNumber 7a09f8ea7da9 ugen0 port 7 addr 7: full speed, self powered, config 1, product 0x0a2a(0x0a2a), Intel(0x8087), rev 0.01 ugen1 port 8 addr 8: high speed, power 500 mA, config 1, Integrated Camera(0x2c70), J8IF1T0PX(0x1bcf), rev 0.07 uvideo0 port 9 disabled port 10 disabled port 11 enabled port 12 disabled port 13 disabled -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: smtpd.conf.5 relay tls | verify
On sze, aug 05, 2015 at 06:49:42 +, David Dahlberg wrote: > Am Mittwoch, den 05.08.2015, 00:31 +0100 schrieb Jason McIntyre: > > > if this were the case, i'd say we want: > > [tls [verify]] > > Hmm, I think I have heard this proposal before ;-) > https://marc.info/?l=openbsd-misc&m=140196108217209 > > > but the doc currently says: > > > > Note that the tls and verify options are mutually exclusive > and > > should only be used in private networks as they will prevent > > proper relaying on the Internet. > > - Note that the tls and verify options are mutually exclusive > and > + Note that the tls and tls verify options > Got it! How about this: Index: smtpd.conf.5 === RCS file: /cvs/src/usr.sbin/smtpd/smtpd.conf.5,v retrieving revision 1.126 diff -u -p -p -u -r1.126 smtpd.conf.5 --- smtpd.conf.54 Jun 2015 14:23:00 - 1.126 +++ smtpd.conf.58 Aug 2015 08:06:19 - @@ -311,7 +311,7 @@ This parameter may use conversion specif .Op Ic hostname Ar name .Op Ic hostnames No < Ns Ar names Ns > .Op Ic pki Ar pkiname -.Op Ic tls | verify +.Op Ic tls Op verify .Ek .Xc .Pp @@ -389,19 +389,17 @@ is used instead. If .Ic tls is specified, OpenSMTPD will refuse to relay unless the remote host provides -STARTTLS. -.Pp -If +STARTTLS. If .Ic verify -is specified, OpenSMTPD will refuse to relay unless the remote host provides -STARTTLS and the certificate it presented has been verified. +is also specified, OpenSMTPD will also try to verify the certificate of the +host and refuses to relay if it is invalid. .Pp Note that the .Ic tls and -.Ic verify -options are mutually exclusive and should only be used in private networks -as they will prevent proper relaying on the Internet. +.Ic tls verify +options should only be used in private networks as they will prevent proper +relaying on the Internet. .It Xo .Ic relay via .Ar host -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
smtpd.conf.5 relay tls | verify
Hi! I maybe have overlooked something, but this syntax mentioned in the manual didn't work: accept from any for domain "..." relay backup verify expire 30d ... on the other hand, this has been working: accept from any for domain "..." relay backup tls verify expire 30d ... and writing only 'tls' also did work. Index: smtpd.conf.5 === RCS file: /cvs/src/usr.sbin/smtpd/smtpd.conf.5,v retrieving revision 1.126 diff -p -u -r1.126 smtpd.conf.5 --- smtpd.conf.54 Jun 2015 14:23:00 - 1.126 +++ smtpd.conf.54 Aug 2015 13:53:50 - @@ -311,7 +311,7 @@ This parameter may use conversion specif .Op Ic hostname Ar name .Op Ic hostnames No < Ns Ar names Ns > .Op Ic pki Ar pkiname -.Op Ic tls | verify +.Op Ic tls | tls verify .Ek .Xc .Pp Daniel
Extend RAID 5
Hi! I'm planning to replace my OpenBSD media center, and was going to test the new [1] RAID 5 features and functions, but I'm really unexperienced in this field. How does this work; can I create a 4 disks RAID5 array (w/ bioctl(8)) and then later just add another disk, and fdisk+growfs? Can I create a RAID5(4 disks) and a RAID0(2 disks) array and then create another RAID0 from these two former softraids? Thanks, Daniel [1] - http://marc.info/?l=openbsd-tech&m=142877132517229&w=2 -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
tmux move-window behavior changed
Hi! Suddenly I realized that I can not move a window to a non-existing (new) window number? Like if I have windows at [0:mutt 1:ksh], I can not do `move-window -s 1 -t 8' anymore, it just stays at 1. This had to work before. Am I just being silly? Daniel
Re: SIL3114 SATA RAID controller
On p, szept 12, 2014 at 20:58:42 +0200, LÉVAI Dániel wrote: > On p, szept 12, 2014 at 20:47:01 +0200, Robert wrote: > [...] > > Hi Daniel, > > > > regarding this old threat: > > http://marc.info/?l=openbsd-misc&m=134095569417063 > > > > Does your card still show DMA errors with 5.5 or current? > > > > I'm still a bit suspicious of those chips... > > Oh wow.. time goes by :) So it was 5.1 :) > Yes, after those "precautions" [1] (disabled onboard IDE, IRQ settings) > it has been running since! So, maybe this was confusing; no, it doesn't show DMA errors, and yes, it works fine :) Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: SIL3114 SATA RAID controller
On p, szept 12, 2014 at 20:47:01 +0200, Robert wrote: [...] > Hi Daniel, > > regarding this old threat: > http://marc.info/?l=openbsd-misc&m=134095569417063 > > Does your card still show DMA errors with 5.5 or current? > > I'm still a bit suspicious of those chips... Oh wow.. time goes by :) So it was 5.1 :) Yes, after those "precautions" [1] (disabled onboard IDE, IRQ settings) it has been running since! Daniel [1] - http://marc.info/?l=openbsd-misc&m=134138512202896&w=2 -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: SIL3114 SATA RAID controller
On p, szept 12, 2014 at 17:08:58 +0100, Laurence Rochfort wrote: > Hello, > > My 5.5 amd64 system refuses to boot when I have a SIL3114 SATA RAID > PCI controller card installed. > > Is this chipset supported? If not, would somebody please suggest an > inexpensive PCI SATA controller with at least two ports? I have a Silicon Image PCI SATA card, like this: CMD Technology SiI3512 SATA This has been working since 5.3 or 5.4 for me (at least that's when I bought it). I don't use its RAID capabilities either, I only needed the SATA ports; and it was cheap. Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
HP desktop pc network card not recognized
Hi! I got a HP dx7500 desktop PC for testing, and I'm struggling with the network card on OpenBSD -current. Linux's lspci reports it as "Intel Corporation 82567V-2 Gigabit Network Connection". Also its dmesg says "eth0: (PCI Express:2.5GB/s:Width x1)" "eth0: Intel(R) PRO/1000 Network Connection" Is theres anything I can do with it (help/test/try etc...)? If not: it only has PCIE x1 slots for expansion. Can I choose a working PCIE network card which I can use with OpenBSD? Thanks! dmesg attached inline: OpenBSD 4.5-current (GENERIC) #0: Mon Mar 23 11:48:28 MDT 2009 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz ("GenuineIntel" 686-class) 2.51 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,CX16,xTPR real mem = 1037197312 (989MB) avail mem = 994553856 (948MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/16/08, SMBIOS rev. 2.5 @ 0xfa9f0 (27 entries) bios0: vendor American Megatrends Inc. version "5.09" date 12/16/2008 bios0: Hewlett-Packard HP Compaq dx7500 Microtower acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC MCFG OEMB HPET GSCI SSDT acpi0: wakeup devices P0P2(S4) P0P3(S4) P0P1(S4) PS2K(S3) PS2M(S3) USB0(S3) USB2(S3) USB5(S3) EUSB(S3) USB3(S3) USB4(S3) USBE(S3) P0P4(S4) P0P5(S4) P0P6 (S4) P0P7(S4) P0P8(S4) P0P9(S4) GBE_(S4) USB1(S3) USB6(S3) SLPB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 200MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (P0P4) acpiprt2 at acpi0: bus -1 (P0P5) acpiprt3 at acpi0: bus -1 (P0P6) acpiprt4 at acpi0: bus -1 (P0P7) acpiprt5 at acpi0: bus -1 (P0P8) acpiprt6 at acpi0: bus -1 (P0P9) acpicpu0 at acpi0 acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: PWRB bios0: ROM list: 0xc/0xc400! 0xcc800/0x1000 cpu0: unknown Enhanced SpeedStep CPU, msr 0x061a4c1f06004c1f cpu0: using only highest and lowest power states cpu0: Enhanced SpeedStep 15200 MHz (1196 mV): speeds: 15200, 1200 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel G45 Host" rev 0x03 vga1 at pci0 dev 2 function 0 "Intel G45 Video" rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xe000, size 0x1000 inteldrm0 at vga1: apic 2 int 16 (irq 10) drm0 at inteldrm0 "Intel G45 Video" rev 0x03 at pci0 dev 2 function 1 not configured "Intel ICH10 R BM V" rev 0x00 at pci0 dev 25 function 0 not configured uhci0 at pci0 dev 26 function 0 "Intel 82801JI USB" rev 0x00: apic 2 int 16 (irq 10) uhci1 at pci0 dev 26 function 1 "Intel 82801JI USB" rev 0x00: apic 2 int 21 (irq 7) uhci2 at pci0 dev 26 function 2 "Intel 82801JI USB" rev 0x00: apic 2 int 20 (irq 3) ehci0 at pci0 dev 26 function 7 "Intel 82801JI USB" rev 0x00: apic 2 int 18 (irq 11) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 uhci3 at pci0 dev 29 function 0 "Intel 82801JI USB" rev 0x00: apic 2 int 23 (irq 14) uhci4 at pci0 dev 29 function 1 "Intel 82801JI USB" rev 0x00: apic 2 int 20 (irq 3) uhci5 at pci0 dev 29 function 2 "Intel 82801JI USB" rev 0x00: apic 2 int 18 (irq 11) ehci1 at pci0 dev 29 function 7 "Intel 82801JI USB" rev 0x00: apic 2 int 23 (irq 14) usb1 at ehci1: USB revision 2.0 uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1 ppb0 at pci0 dev 30 function 0 "Intel 82801BA Hub-to-PCI" rev 0x90 pci1 at ppb0 bus 1 pcib0 at pci0 dev 31 function 0 "Intel 82801JIR LPC" rev 0x00 ahci0 at pci0 dev 31 function 2 "Intel 82801JI AHCI" rev 0x00: apic 2 int 19 (irq 15), AHCI 1.2 scsibus0 at ahci0: 32 targets sd0 at scsibus0 targ 0 lun 0: SCSI3 0/direct fixed sd0: 238475MB, 512 bytes/sec, 488397168 sec total cd0 at scsibus0 targ 4 lun 0: ATAPI 5/cdrom removable ichiic0 at pci0 dev 31 function 3 "Intel 82801JI SMBus" rev 0x00: apic 2 int 18 (irq 11) iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-6400CL5 usb2 at uhci0: USB revision 1.0 uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb3 at uhci1: USB revision 1.0 uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb4 at uhci2: USB revision 1.0 uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb5 at uhci3: USB revision 1.0 uhub5 at usb5 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb6 at uhci4: USB revision 1.0 uhub6 at usb6 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb7 at uhci5: USB revision 1.0 uhub7 at usb7 "Intel UHCI root hub" rev 1.00/1.00 addr 1 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keybo
pppoe server
Hi! I wish to experiment setting up a PPPoE server (AC) on OpenBSD 4.4. Although I've read the pppoe(8) man page and googled around, it is not clear for me how to set up such configuration. If one could point me to some docs and howtos, especially if it could be done using the kernel ppp driver (to avoid excessive cpu load), I would greatly appreciate that. Thanks! Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: Apache & PHP
On Sunday 08 March 2009 08.13.58 you wrote: > I compile some c code and link it statically. It's the simple 'hello > world' program. I name it 'hello' and put it in /var/www/test/ > > I then try to execute it through php using the shell_exec function > like so: > > $output = shell_exec("/var/www/test/hello"); > echo $output; > > I get no output at all. Same program runs fine via shell_exec on > other Apache PHP setups. Being this is statically linked and ldd > shows no shared libs (the chroot should not impact it, right?) and > the php.ini files does not exclude shell_exec from running... what > else might be wrong? Do you have a shell executable in your chroot? Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
OpenSSL rsa key to use with OpenSSH
Hi! I was wondering if I could get away with using my already working OpenSSL private/public key pair with OpenSSH, so I wouldn't need to create a new one with ssh-keygen (yes, this is just for plain convenience :). But unfortunately I can't get it to work. I've created a public key from my existing OpenSSL rsa key with `openssl rsa -in privkey.key -pubout` and copied it to the ~/.ssh/authorized_key file. When trying to connect with `ssh -l user -i privkey.key host` I'm getting: "Permission denied (publickey)." on the client, and: sshd[6689]: error: buffer_get_string_ret: bad string length 813801264 sshd[6689]: error: key_from_blob: can't read key type sshd[6689]: error: key_read: key_from_blob MIGqGSIb[..."pubkey"...] failed on the server. Is this possible at all? Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
patch for ftpd(8) - option to specify port on command line
Hi! This [1] is a simple diff to ftpd.c. It adds an optional parameter -p. One can specify a port number with -p, and then ftpd(8) will listen on this port instead of the default (which gets looked up from /etc/services). Man page updated too. Would someone look at it, it works fine here. It's against HEAD but applies clean on 4.4 too. Thanks! Daniel [1] - http://leva.ecentrum.hu/patches/ftpd_listen_port_HEAD.diff -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: ftpd(8) is not logging
On Friday 28 November 2008 11.26.55 you wrote: > On 2008-11-28, LIVAI Daniel <[EMAIL PROTECTED]> wrote: > > Hi! > > > > I'm using OpenBSD's ftpd(8), and specified the -l option on the > > command line when starting it, which according to the man page, > > makes ftpd(8) to log to syslog with facility LOG_FTP. > > Well, I've set up syslog.conf to capture that facility to a file: > > LOG_FTP.* /var/log/ftpd > > > > After a `pkill -HUP -x syslogd` unfortunately ftpd(8) won't log > > anything. Even tried the "-ll" and "-d" options with ftpd(8), but > > no luck. Grepping through ftpd's source, it seems that indeed it > > tries to log with facility LOG_FTP. > > /var/log/wtmp gets updated regularly when a login succeeds. > > > > What could be the problem here? > > Thanks in advance! > > > > Daniel > > the relevant entry would be "ftp.*". or if "ftp.info" works for > you, then you don't even need to change syslog.conf. Argh... yes. You are absolutely right. $ fgrep LOG_FTP /usr/include/* /usr/include/syslog.h:#define LOG_FTP (11<<3) /* ftp daemon */ /usr/include/syslog.h: { "ftp",LOG_FTP }, I hope next time I'll be more mindful. Thanks! Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
ftpd(8) is not logging
Hi! I'm using OpenBSD's ftpd(8), and specified the -l option on the command line when starting it, which according to the man page, makes ftpd(8) to log to syslog with facility LOG_FTP. Well, I've set up syslog.conf to capture that facility to a file: LOG_FTP.* /var/log/ftpd After a `pkill -HUP -x syslogd` unfortunately ftpd(8) won't log anything. Even tried the "-ll" and "-d" options with ftpd(8), but no luck. Grepping through ftpd's source, it seems that indeed it tries to log with facility LOG_FTP. /var/log/wtmp gets updated regularly when a login succeeds. What could be the problem here? Thanks in advance! Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: internal-sftp and umask
On Wednesday 26 November 2008 14.39.08 you wrote: > Hi! > > I have a setup: > > OpenBSD 4.4 > > /etc/ssh/sshd_config: > [..] > Match Group sftponly > ChrootDirectory %h > ForceCommand internal-sftp > PasswordAuthentication yes > > But, after login I need to set the umask for the session. > I can not use .ssh/rc because of ForceCommand, and I can not put this > to .ssh/environment (even if I've enabled PermitUserEnvironment), > because there is no such environment variable which would apply here. > > What can I do here? Any suggestions would be appreciated. > Just for the record... I had to create a new class in login.conf(5), eg.: sftponly, and specify the umask= parameter to it, and of course add the user to that class. Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
internal-sftp and umask
Hi! I have a setup: OpenBSD 4.4 /etc/ssh/sshd_config: [..] Match Group sftponly ChrootDirectory %h ForceCommand internal-sftp PasswordAuthentication yes But, after login I need to set the umask for the session. I can not use .ssh/rc because of ForceCommand, and I can not put this to .ssh/environment (even if I've enabled PermitUserEnvironment), because there is no such environment variable which would apply here. What can I do here? Any suggestions would be appreciated. Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: PF + ATLQ on openbsd 4.4
On Monday 24 November 2008 17.24.04 you wrote: > Hi, > > I'm trying to set up a simple packet queueing policy on openbsd 4.4. > These are the PF rules I set up : > > ~# grep -v \# /etc/pf.conf | grep -v ^$ > altq on em1 cbq bandwidth 100Mb queue { ftp,other } > queue ftp on em1 bandwidth 1Mb priority 0 cbq(ecn) > queue other on em1 bandwidth 99Mb priority 1 cbq(ecn,default) > nat on em0 from 192.168.110.2 -> 192.168.100.233 > pass in quick on em0 from 86.55.8.30 flags any queue ftp > pass all > > You specified the queue for em1, and you created the rule for em0. Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: tar(1) bug?
On Wednesday 19 November 2008 14.33.11 Hannah Schroeter wrote: > Hi! > > On Wed, Nov 19, 2008 at 01:55:02PM +0100, LIVAI Daniel wrote: > >$ uname -mrsv > >OpenBSD 4.4 GENERIC#0 i386 > >$ pwd > >/home/daniell > > > >$ tar -C / -cvf test.tar ./home/daniell/.ksh* > >tar: Unable to access ./home/daniell/.ksh*: No such file or > > directory tar: WARNING! These file names were not selected: > >./home/daniell/.ksh* > > > >$ ls -l /home/daniell/.ksh* > >-rw-r- 1 daniell daniell [...] /home/daniell/.ksh_logout > >-rw-r- 1 daniell daniell [...] /home/daniell/.kshrc > > > >Without the wildcard, it is working as expected. Anyone else > >experiencing this? Is this a known problem? > > Wildcards are expanded by the *shell*. The *shell*'s working > directory is *not* changed by *tar*'s option -C. *tar* does *not* > expand wildcards. > I see now, that clarifies all. Thanks! Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: tar(1) bug?
Andris wrote: On Wed, Nov 19, 2008 at 10:06 AM, Andris <[EMAIL PROTECTED]> wrote: If you are at /home/daniell, the tar tries to find the files at /home/daniell/home/daniell. Try: tar -C / -cvf test.tar ./daniell/.ksh* Sorry, try this: tar -C / -cvf test.tar .ksh* According to man 1 tar: -C directory [...] when creating, the specified files will be matched from the directory. So it should read the files from / Anyway, it doesn't work the other way either: $ tar -C / -cvf test.tar .ksh* tar: Unable to access .ksh_logout: No such file or directory tar: Unable to access .kshrc: No such file or directory tar: WARNING! These file names were not selected: .ksh_logout .kshrc Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: tar(1) bug?
LIVAI Daniel wrote: $ tar -C / -cvf test.tar ./home/daniell/.ksh* tar: Unable to access ./home/daniell/.ksh*: No such file or directory tar: WARNING! These file names were not selected: ./home/daniell/.ksh* $ ls -l /home/daniell/.ksh* -rw-r- 1 daniell daniell [...] /home/daniell/.ksh_logout -rw-r- 1 daniell daniell [...] /home/daniell/.kshrc Without the wildcard, it is working as expected. By "Without the wildcard" I don't mean "./home/daniell/.ksh", instead "./home/daniell/.ksh*", but of course: "./home/daniell/.ksh_logout" and "./home/daniell/.kshrc". -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
tar(1) bug?
Hi! $ uname -mrsv OpenBSD 4.4 GENERIC#0 i386 $ pwd /home/daniell $ tar -C / -cvf test.tar ./home/daniell/.ksh* tar: Unable to access ./home/daniell/.ksh*: No such file or directory tar: WARNING! These file names were not selected: ./home/daniell/.ksh* $ ls -l /home/daniell/.ksh* -rw-r- 1 daniell daniell [...] /home/daniell/.ksh_logout -rw-r- 1 daniell daniell [...] /home/daniell/.kshrc Without the wildcard, it is working as expected. Anyone else experiencing this? Is this a known problem? Thanks! Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
/bin/ksh file completion bug
Hi! Can anyone else see this behaviour? I could reproduce it on two different OS: $ mkdir asd[fgh]jkl $ mkdir asd[fg]hjkl $ cd asd <-- now press the completion key, in my case TAB $ cd asd\[fg <-- ksh completed the name partially, so I add another character to narrow my options to exactly one: $ cd asd\[fgh <-- press completion key nothing happens, ksh won't complete it to the full 'asd[fgh]jkl' name. This only happens, when the directory/file has a '[' character in its name. This is on a 4.3 system, but other operating systems' kshs are also affected. Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: Intel D201GLY2 install failure, OpenBSD 4.4
On Thursday 06 November 2008 22.24.49 Ted Unangst wrote: > On Thu, Nov 6, 2008 at 11:49 AM, Jamie Cuesta <[EMAIL PROTECTED]> wrote: > > I was hoping to include a dmesg via serial port capture (my box > > does not include a floppy), but > > Use ftp. On Friday 07 November 2008 17.24.52 Ted Unangst wrote: > Ok, you are having serious interrupt issues. The only thing I can > think of to try is disabling acpi (via boot -c), but that's a long > shot. I have the same board, and can confirm that without disabling acpi, -current OpenBSD can not recognize the network device, the hard drive nor the attached usb devices (disk, keyboard etc...). However, after disabling acpi, -current fires up, and recognizes the hard drives and the network card. That's how I could manage to get a dmesg. So here it is, and also sent to dmesg@: OpenBSD 4.4-current (RAMDISK_CD) #964: Fri Nov 7 03:25:28 MST 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD cpu0: Intel(R) Celeron(R) CPU 220 @ 1.20GHz ("GenuineIntel" 686-class) 1.21 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CX16,xTPR real mem = 1033404416 (985MB) avail mem = 992567296 (946MB) User Kernel Config UKC> disable acpi 241 acpi0 disabled UKC> quit Continuing... mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 01/04/08, SMBIOS rev. 2.4 @ 0xe4da0 (23 entries) bios0: vendor Intel Corp. version "LY66210M.86A.0137.2008.0104.1540" date 01/04/2008 bios0: Intel Corporation D201GLY acpi at bios0 function 0x0 not configured pcibios at bios0 function 0x1a not configured bios0: ROM list: 0xc/0x1 cpu0 at mainbus0: (uniprocessor) pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "SiS 662 PCI" rev 0x01 ppb0 at pci0 dev 1 function 0 "SiS 648FX AGP" rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 "SiS 6330 VGA" rev 0x04 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) pcib0 at pci0 dev 2 function 0 "SiS 964 ISA" rev 0x36 pciide0 at pci0 dev 2 function 5 "SiS 5513 EIDE" rev 0x01: 964: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility atapiscsi0 at pciide0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets, initiator 7 cd0 at scsibus0 targ 0 lun 0: ATAPI 5/cdrom removable cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) "SiS 7012 AC97" rev 0xa0 at pci0 dev 2 function 7 not configured ohci0 at pci0 dev 3 function 0 "SiS 5597/5598 USB" rev 0x0f: irq 11, version 1.0, legacy support ohci1 at pci0 dev 3 function 1 "SiS 5597/5598 USB" rev 0x0f: irq 10, version 1.0, legacy support ohci2 at pci0 dev 3 function 2 "SiS 5597/5598 USB" rev 0x0f: irq 11, version 1.0, legacy support ehci0 at pci0 dev 3 function 3 "SiS 7002 USB" rev 0x00: irq 10 ehci0: timed out waiting for BIOS usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "SiS EHCI root hub" rev 2.00/1.00 addr 1 sis0 at pci0 dev 4 function 0 "SiS 900 10/100BaseTX" rev 0x91: irq 11, address 00:1c:c0:41:23:6b ukphy0 at sis0 phy 1: Generic IEEE 802.3u media interface, rev. 1: OUI 0x0050ef, model 0x0007 pciide1 at pci0 dev 5 function 0 "SiS 181 SATA" rev 0x01: DMA pciide1: using irq 10 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 57226MB, 117199616 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 rl0 at pci0 dev 6 function 0 "Realtek 8139" rev 0x10: irq 10, address 00:30:4f:19:3e:fd rlphy0 at rl0 phy 0: RTL internal PHY ppb1 at pci0 dev 31 function 0 "SiS PCI-PCI" rev 0x00 pci2 at ppb1 bus 2 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 usb1 at ohci0: USB revision 1.0 uhub1 at usb1 "SiS OHCI root hub" rev 1.00/1.00 addr 1 usb2 at ohci1: USB revision 1.0 uhub2 at usb2 "SiS OHCI root hub" rev 1.00/1.00 addr 1 usb3 at ohci2: USB revision 1.0 uhub3 at usb3 "SiS OHCI root hub" rev 1.00/1.00 addr 1 biomask fffd netmask fffd ttymask rd0: fixed, 3800 blocks uhidev0 at uhub1 port 2 configuration 1 interface 0 "Logitech Logitech USB Keyboard" rev 1.10/15.00 addr 2 uhidev0: iclass 3/1 ukbd0 at uhidev0 wskbd1 at ukbd0 mux 1 wskbd1: connecting to wsdisplay0 uhidev1 at uhub1 port 2 configuration 1 interface 1 "Logitech Logitech USB Keyboard" rev 1.10/15.00 addr 2 uhidev1: iclass 3/0, 3 report ids uhid at uhidev1 reportid 1 not configured uhid at uhidev1 reportid 2 not configured uhid at uhidev1 reportid 3 not configured softraid0 at root root on rd0a swap on rd0b dump on rd0b Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
4.3 crashed, but don't know why
Hi! This morning there was a ~short outage on my system, and I didn't know why. I thought that maybe the UPS again... But then suddenly, it came back online again after a minute or so. I realized only when watching last(1)'s output, that it has crashed. $ last -20 [...] reboot~Thu Sep 25 09:40 daniell ttyp1[...].hu Thu Sep 25 08:34 - crash (01:05) daniell ttyp0[...].hu Thu Sep 25 08:29 - crash (01:11) [...] I don't have phisical access to the machine, but I couldn't tell what happened even if I had, because it rebooted(?). I don't have any watchdog devices in the machine, how could it reboot? My /var/crash dir contains only this: # ls -la /var/crash/ total 12 drwxrwx--- 2 root wheel 512 Mar 12 17:28:26 2008 ./ drwxr-xr-x 28 root wheel 512 Jul 18 19:48:21 2008 ../ -rw-r--r-- 1 root wheel5 Mar 2 10:04:42 2006 minfree # cat /var/crash/minfree 4096 Can I tell what happened from one of the log files or from something else, or will this be a mistery forever? Thanks! Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: newer net-snmp ports are not working with mrtg anymore
Stuart Henderson wrote: On 2008/09/22 02:36, Stuart Henderson wrote: seems to work on sparc64, amd64, arm. any i386 testers around? compiling now. Thanks! Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: making man(1) to open a file
On Sunday 21 September 2008 21.51.48 Hannah Schroeter wrote: > No, but in your case, you can use the option -M /usr/local/man (or -m > /usr/local/man) probably. > On Sunday 21 September 2008 21.45.59 Stuart Henderson wrote: > man -M /usr/local/man snmpd Argh, thanks, thanks! Sorry, I knew I read it too fast... Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
making man(1) to open a file
Hi! I think there is a way for this but I can not find it in man's man :) Like in Linux there is a `-l' option to man(1) which opens a Local file, like man -l /usr/local/man/man1/somemanpage.1. I'm in trouble opening net-snmp package's snmpd(8) or snmpd.conf(5) man page, because it conflicts with the base's snmpd's man pages. Now I'm reading it with less, but it is less convenient :) Thanks for the help! Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: Call for testing - uvideo(4)
Hi! I wish to test this, but I need some assistance. If someone would be kind enough to provide me a way to test this without actually installing OpenBSD on my notebook, that would be great. I can't use it yet, because it doesn't support my network card (Marvell 88E8071 PCI-E Gigabit) and I can not do my job without network connection :) But I really think I should try this uvideo(4) with my Acer Crystal Eye camera. So if there is a way to test this without the install procedure, please let me know. Thanks! Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: Intel D201GLY2 and OpenBSD 4.3
On Sunday 25 May 2008 05.28.41 Sergey Aikinkulov wrote: > Hi, > > After upgrade to OpenBSD 4.3 from 4.2 my Intel D201GLY2 based gateway > go to reboot on kernel initializing. Intel D201GLY2 bios was upgrated > to latest but problem was not fixed. > > Any ideas? > Just a confirm. Exactly the same here, with the same board. This is what we are talking about: http://www.intel.com/products/motherboard/D201GLY2/index.htm direct link to technical documentation: http://download.intel.com/products/motherboard/D201GLY2/tps.pdf Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1