Re: BackupPC
Peter Fraser p...@thinkage.ca writes: For years I have a had Debian system that ran BackupPC. The system was used to back up a bunch of Windows workstations and servers. The Debian system self-destructed when doing a update. I must admit this is the first I heard of BackupPC, but since this sounds like at time when some grunt work is to be expected anyway, I thought it may not be totally useless to recommend looking at a different backup product. The only backup system I've actually ever enjoyed working with is Bacula (in packages, and it supports a wide range of systems, including the Seattle-area ones). More complicated than tar or rsync for sure, but it scales and is in my experience at least a very admin-friendly solution. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: DNS problem
Chris Smith obsd_m...@chrissmith.org writes: Basically, four of my networks are not getting an answer for a specific mx query from dyn.com's DNS server. but, say $ dig @216.146.35.35 bsdly.net mx works? Or do you get no answer for any queries? - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: uvm_wait_pla() infinite loop
I wish I had a dmesg for you but I didn't save one offline from this vps. I can tell you this much. It's virtualbox'ed, has 2 cpu's and since yesterday has some memory intensive application that may cause some things to be moved to swap. I'm gonna have to see to reduce the memory on that I guess. Here then is the dmesg: OpenBSD 5.4-stable (GENERIC.MP) #0: Sat Nov 23 04:37:53 EST 2013 p...@namericas.centroid.eu:/home/src/sys/arch/amd64/compile/GENERIC.MP real mem = 788463616 (751MB) avail mem = 759803904 (724MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe1000 (9 entries) bios0: vendor innotek GmbH version VirtualBox date 12/01/2006 bios0: innotek GmbH VirtualBox acpi0 at bios0: rev 2 acpi0: sleep states S0 S5 acpi0: tables DSDT FACP APIC SSDT acpi0: wakeup devices acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Xeon(R) CPU E5410 @ 2.33GHz, 2442.54 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,SSSE3,NXE,LONG,LAHF,PERF cpu0: 6MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 cpu0: apic clock running at 999MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Xeon(R) CPU E5410 @ 2.33GHz, 2442.38 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,SSSE3,NXE,LONG,LAHF,PERF cpu1: 6MB 64b/line 16-way L2 cache cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpicpu0 at acpi0 acpicpu1 at acpi0 acpibat0 at acpi0: BAT0 not present acpiac0 at acpi0: AC unit online pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel 82441FX rev 0x02 pcib0 at pci0 dev 1 function 0 Intel 82371SB ISA rev 0x00 pciide0 at pci0 dev 1 function 1 Intel 82371AB IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: VBOX, CD-ROM, 1.0 ATAPI 5/cdrom removable cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) vga1 at pci0 dev 2 function 0 InnoTek VirtualBox Graphics Adapter rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) em0 at pci0 dev 3 function 0 Intel 82540EM rev 0x02: apic 2 int 19, address 08:00:27:af:35:d3 InnoTek VirtualBox Guest Service rev 0x00 at pci0 dev 4 function 0 not configured piixpm0 at pci0 dev 7 function 0 Intel 82371AB Power rev 0x08: SMBus disabled ahci0 at pci0 dev 13 function 0 Intel 82801HBM AHCI rev 0x02: apic 2 int 21, AHCI 1.1 ahci0: device on port 0 didn't come ready, TFD: 0x171ERR scsibus1 at ahci0: 32 targets sd0 at scsibus1 targ 0 lun 0: ATA, VBOX HARDDISK, 1.0 SCSI3 0/direct fixed t10.ATA_VBOX_HARDDISK_VBc2bb66cd-51092c1b_ sd0: 10240MB, 512 bytes/sector, 20971520 sectors isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 mtrr: CPU supports MTRRs but not enabled vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets root on sd0a (2dcea048a32f887d.a) swap on sd0b dump on sd0b WARNING: / was not properly unmounted Regards, -peter
Re: queueing/hfsc question
Andy a...@brandwatch.com writes: Read through the whole of this; http://harrykar.blogspot.co.uk/2010/07/openbsd-packet-filteringpf.html After a very superficial look, he mentions a lot of useful stuff but unfortunately he's not up to date with then-latest release (OpenBSD 4.7, when the NAT syntax changed) which was released about two months before the date he posted. A post that long takes a while to write, of course, but the 4.7 changes were a big deal at the time and it's a little odd that he hadn't noticed.. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: OpenBSD and NetFlow
Alexis VACHETTE avache...@sisteer.com writes: Here is the network interfaces configuration : After a too-quick look there's nothing that immediately screams out at me as very wrong here, but another point - can you verify that any and all firewalls in the signal path (starting with the local one) actually passes UDP on the relevant ports and in the relevant directions? It's easy to forget that the 'default to block' rule sets we commonly advocate will in fact block anything we don't explicitly allow. One anecdote I probably should write up properly some time involves a netflow setup I had where something we did not manage was an intermediate hop between one sensor and the collector, so we resorted to a pflow export to udp port 22 on the collector site's internet-visible interface and little rdr-to trickery to get it all there (22/udp is reserved for ssh, but none of the widely used implementations actually rely on it). - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
samba and e2fsprogs packages -- 5.4
samba required the e2fsprogs package. The problem occurs when trying to use samba's net command. The net command requires libuuid. It was not easy to find where libuuid was located.
uvm_wait_pla() infinite loop
Hi, My brand new sparkling OpenBSD VPS is currently in crisis. Unfortunately there is no reset function to it and I forgot to set the break to ddb function. The vps admin staff is probably already asleep so I'll have to wait a few hours. On console it says repeatedly: pagedaemon: wait_pla deadlock detected! I have tracked it down to this function in uvm/uvm_pmemrange.c - int uvm_wait_pla(paddr_t low, paddr_t high, paddr_t size, int failok) { struct uvm_pmalloc pma; const char *wmsg = pmrwait; if (curproc == uvm.pagedaemon_proc) { /* * XXX detect pagedaemon deadlock - see comment in * uvm_wait(), as this is exactly the same issue. */ printf(pagedaemon: wait_pla deadlock detected!\n); msleep(uvmexp.free, uvm.fpageqlock, PVM, wmsg, hz 3); #if defined(DEBUG) /* DEBUG: panic so we can debug it */ panic(wait_pla pagedaemon deadlock); #endif return 0; } - Now while the opportunist in me says we should really panic here instead of having a DEBUG kernel, the realist in me says to hold on and think of others. The question for me then is is the wait_pla pagedaemon deadlock situation recoverable, or is this really a bug? Hoping some kernel developers will pick this up and move it to tech@ if that's appropriate! I wish I had a dmesg for you but I didn't save one offline from this vps. I can tell you this much. It's virtualbox'ed, has 2 cpu's and since yesterday has some memory intensive application that may cause some things to be moved to swap. I'm gonna have to see to reduce the memory on that I guess. Regards, -peter
Re: OpenBSD and NetFlow
Alexis VACHETTE avache...@sisteer.com writes: - uname -a OpenBSD casa-vpn01.my.domain 4.8 GENERIC.MP#335 amd6 It's been a while since 4.8. It's not guaranteed that running outdated software is your problem, but it's easier for everyone trying to help if you're reasonably up to date (which these days means 5.3 or better). - dmesg output wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 wbsio0 at isa0 port 0x2e/2: W83627HF rev 0x41 lm2 at wbsio0 port 0xa00/8: W83627HF mtrr: Pentium Pro MTRR support softraid0 at root root on wd0a swap on wd0b dump on wd0b WARNING: / was not properly unmounted That is *not* complete dmesg output, but then again I suspect the problem is not really hardware related. # ifconfig pflow0 pflow0: flags=41UP,RUNNING mtu 1492 priority: 0 pflow: sender: 192.168.1.251 receiver: 192.168.1.19:9995 groups: pflow Looks reasonable, but what's the netmask? What does your routing table look like? And what is the configuration of any other network interfaces? - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: OT: OpenBSD website scores high in Google PageSpeed Insight
Erling Westenvik erling.westen...@gmail.com writes: I'd love to see LaTeX support BLINK though. I always wondered how the development of flashing ink was going, back in the day -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
time_t
double (or even better long double) would be a better underlying type for time_t than long long. Programs that are using time_t properly would not notice the difference. Programs that very incorrect would get complete garbage for a result, and thus be easier to notice and correct. Using double for time_t would allow a time_t value to be used as a time stamp for events separated by milliseconds. Using long double for time_t would allow time_t to be used as time stamps to record time starts and finish crossing an atom. I am sure the CERN would like it. It time_t is a double. It also makes sense for clock_t to be a double in the same units.
Re: Is Soekris OpenBSD friendly?
for sure it’s a good device with openbsd, only price is sometimes an issue. I have been using it for more then 8 years now and works great, never had an hardware failure. Even the oldest devices are still up and running but are getting to slow.. On 16 Nov 2013, at 01:03, SmithS smit...@hush.ai wrote: Greetings misc@. After coming across a link[1] to make an OpenBSD router using a Soekris device, I think I will make one. Does anyone else have this hardware and can verify all the components work? I think Intel NICs are good, but everything else? I have never heard of this brand before so I want to be safe before buying. The model number[2] is 6501-30 [1] http://www.bsdnow.tv/tutorials/openbsd-router [2] https://soekris.com/products/net6501/net6501-30-board-case.html greetz, SmithS
Re: Dual booting OpenBSD and Windows 8.1
On 2013 Nov 15 (Fri) at 07:01:35 +0100 (+0100), Dmitrij D. Czarkoff wrote: :I see no way to defend OP against lack of proper research allegation. It would be nice though, if people would stop actively being dicks. -- Anybody who doesn't cut his speed at the sight of a police car is probably parked.
Re: GM45 gpu hung error
Please try a most recent snapshot. There have been massive fixes added since 5.4, and some especially important fixes added very recently. On 2013 Nov 13 (Wed) at 10:51:45 +0200 (+0200), ja...@cieti.lv wrote: :Hello dear OpenBSD people, : :does anyone of the developers have time to look at this issue? It is :the same problem I reported here: :http://marc.info/?l=openbsd-bugsm=137388801502300w=2 but :unfortunately it was not fixed. : :After Mesa 9.x it got worse, now additionaly there are visual :artifacts in mplayer -vo gl, :in Firefox images are corrupted, in chromium everything (scroll bars, :images) becomes corrupted, openarena now runs, but, for example, :neverball does not. GL output in mplayer has become much slower, the :computer is not able to play 1080p videos in native resolution :anymore. All of this is very sad. : :I waited for 5.4 to be released so more people report this. :Personally I can reproduce this on 2 computers with GM45 as I :reported earlier. : -- All syllogisms have three parts; therefore this is not a syllogism.
Re: GM45 gpu hung error
On 2013 Nov 13 (Wed) at 12:33:00 +0200 (+0200), ja...@cieti.lv wrote: :I am talking about recent snapshot. I use -current from 7/30/13 and I Recent as in the last 4 days. The recent fixes are *very* *very* recent. -- I often quote myself; it adds spice to my conversation. -- G. B. Shaw
Re: QEMU CPU cores not showing up
On 11/13/13 22:13, Mike Larkin wrote: On Wed, Nov 13, 2013 at 09:44:11PM +0100, Otto Moerbeek wrote: On Wed, Nov 13, 2013 at 08:26:57PM +, Bruno Delbono wrote: Hi Otto, http://pastebin.com/zfkEUxX8 This is generic.mp with flags of apm and acpi disable Why would you start trying to disable random devices in the kernel and expect things to get any better? For the past several years, acpi is needed on most machines to do anything useful with those machines. That includes VMs. He took the advice from me on IRC. I had googled and found a similar mail from someone who could not see 2 cpu's but only 1, people told that person to disable apm, but granted the mails were a little dated. So I was giving the bad advice. I'll keep the acpi thing in mind for next time. Cheers, -peter http://pastebin.com/PEjCr2vY Generic.MP boot. I am not sure what is wrong and why this works with all the other OS's... From your output, there are no APs being presented to the VM. Talk to your cloud provider. -ml No clue then. Maybe some kernel hacker can guess. -Otto -- Bruno Delbono | Cognitive Researcher - Human Behavioural Project | Real Sociedad Espa??ola De Antropolog??a | ???: +1 855 253 5436 ???: +1 424 354 4700 From: Otto Moerbeek o...@drijf.net Sent: Wednesday, November 13, 2013 3:11 PM To: Bruno Delbono Cc: misc@openbsd.org Subject: Re: QEMU CPU cores not showing up On Wed, Nov 13, 2013 at 07:36:58PM +, Bruno Delbono wrote: Hello, I have a QEMU instance that works perfectly fine at detecting cpu cores on NetBSD/FreeBSD/Linux. All except OpenBSD 5.4 - I have tried the GENERIC amd64 and i386 bsd.mp kernel and the bsd.mp snapshot kernel. Use the GENERIC.MP kernel. - I have tried disabling apm and acpi* during boot config I am completely lost as to why this may be happening. You can see the NetBSD boot 6.1.2 on the same machine here: http://pastebin.com/FJeiRp9t You can see OpenBSD snapshot boot (please ignore disable acpi vs acpiprt* - I tried both) here: http://pastebin.com/v9XWv4XY I am using BlueVM (www.BlueVM.comhttp://www.BlueVM.com) as my KVM provider. Can anyone guide me on what I should do or try next? Is it a QEMU issue with the Cloud Services Provider? Thanks, -Bruno
Re: Ivy Bridge-EP Xeon (E5-2637v2) and Intel C602 Patsburg-A Chipset support
On 2013 Nov 08 (Fri) at 10:31:56 + (+), Andy wrote: :On Thu 07 Nov 2013 20:54:20 GMT, Chris Cappuccio wrote: :Andy Lemin [a...@brandwatch.com] wrote: :Hi, sadly OpenBSD does not boot with the latest Ivy Bridge EP (E5-2637v2) with 'Power Technology' in the supermicro BIOS set to 'Max Performance', on both 5.4 release and the snapshot dated Nov 3rd; : : :This is a bug that needs to be fixed. : : :So enabling the 'Power Technology' results in trace; :kernel: integer divide fault trap, code=0 :Stopped atest_init+0xc3: idivl %ebx,%ea% :est_init() at est_init+0xc3 :mainbus_attach() at mainbus_attach+0xd5 :config_attach() at config_attach+0x1d4 :cpu_configure() at cpu_configure+0x17 :main() at main+0x3f5 :end trace frame: 0x0, count: 6 :ddb{0} : Please include the full dmesg from this machine. It will have important information for us to look at this problem. :However even with the BIOS set to defaults I still see these errors though during boot; : :Those aren't errors. There is nothing wrong here. : : :I understand that these are not errors but are warnings for found :devices which OpenBSD has no drivers for etc.. However their are a :/lot/ of missing devices which is worrying and makes me wonder what :on the motherboard is not working... The chipset is Intel and these :are all missing Intel drivers. : :vendor Intel unknown product 0x0e80 (class system subclass :miscellaneous, rev 0x04) at pci14 dev 8 function 0 not configured This is 100% not a problem. Feel free to ignore them. Or, if they do bother you, patches are welcome :). -- Procrastinators do it tomorrow.
does this patch make sense?
Just for extra paranoia's sake? Against 5.4 sources. -peter diff -u -p -u -r1.82 traceroute.c --- traceroute.c10 Feb 2012 23:05:54 - 1.82 +++ traceroute.c7 Nov 2013 14:36:44 - @@ -310,6 +310,7 @@ main(int argc, char *argv[]) const char *errstr; long l; uid_t uid; + gid_t gid; u_int rtableid; if ((s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)) 0) @@ -319,6 +320,14 @@ main(int argc, char *argv[]) /* revoke privs */ uid = getuid(); + gid = getgid(); + + if (setgroups(1, gid) == -1) + err(1, setgroups); + + if (setresgid(gid, gid, gid) == -1) + err(1, setresgid); + if (setresuid(uid, uid, uid) == -1) err(1, setresuid);
Re: does this patch make sense?
On 11/07/13 15:41, Peter J. Philipp wrote: Just for extra paranoia's sake? Against 5.4 sources. -peter diff -u -p -u -r1.82 traceroute.c --- traceroute.c10 Feb 2012 23:05:54 - 1.82 +++ traceroute.c7 Nov 2013 14:36:44 - @@ -310,6 +310,7 @@ main(int argc, char *argv[]) const char *errstr; long l; uid_t uid; + gid_t gid; u_int rtableid; if ((s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)) 0) @@ -319,6 +320,14 @@ main(int argc, char *argv[]) /* revoke privs */ uid = getuid(); + gid = getgid(); + + if (setgroups(1, gid) == -1) + err(1, setgroups); + + if (setresgid(gid, gid, gid) == -1) + err(1, setresgid); + if (setresuid(uid, uid, uid) == -1) err(1, setresuid); I thought about it and thought my patch didn't really do anything. So then I added another piece that doesn't really do anything but saves CPU cycles. I tested this with tcpdump and it seems to update the TOS accordingly. -peter === RCS file: /cvs/src/usr.sbin/traceroute/traceroute.c,v retrieving revision 1.82 diff -u -p -u -r1.82 traceroute.c --- traceroute.c10 Feb 2012 23:05:54 - 1.82 +++ traceroute.c7 Nov 2013 16:13:54 - @@ -310,6 +310,7 @@ main(int argc, char *argv[]) const char *errstr; long l; uid_t uid; + gid_t gid; u_int rtableid; if ((s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)) 0) @@ -319,6 +320,14 @@ main(int argc, char *argv[]) /* revoke privs */ uid = getuid(); + gid = getgid(); + + if (setgroups(1, gid) == -1) + err(1, setgroups); + + if (setresgid(gid, gid, gid) == -1) + err(1, setresgid); + if (setresuid(uid, uid, uid) == -1) err(1, setresuid); @@ -1224,6 +1233,7 @@ int map_tos(char *s, int *val) { /* DiffServ Codepoints and other TOS mappings */ + /* KEEP SORTED */ const struct toskeywords { const char *keyword; int val; @@ -1258,14 +1268,13 @@ map_tos(char *s, int *val) { NULL, -1 }, }; - for (t = toskeywords; t-keyword != NULL; t++) { - if (strcmp(s, t-keyword) == 0) { - *val = t-val; - return (1); - } - } + t = bsearch(s, toskeywords, nitems(toskeywords), sizeof(struct toskeywords), (int (*)(const void *, const void *))strcmp); + if (t == NULL) + return (0); - return (0); + *val = t-val; + + return (1); } void
Re: does this patch make sense?
On 11/07/13 17:32, Ted Unangst wrote: On Thu, Nov 07, 2013 at 17:19, Peter J. Philipp wrote: + gid = getgid(); + + if (setgroups(1, gid) == -1) + err(1, setgroups); + + if (setresgid(gid, gid, gid) == -1) + err(1, setresgid); + if (setresuid(uid, uid, uid) == -1) err(1, setresuid); I thought about it and thought my patch didn't really do anything. So Right. This doesn't do anything. traceroute isn't setgid, it has no group privileges to revoke. /* DiffServ Codepoints and other TOS mappings */ + /* KEEP SORTED */ const struct toskeywords { const char *keyword; int val; @@ -1258,14 +1268,13 @@ map_tos(char *s, int *val) { NULL, -1 }, }; - for (t = toskeywords; t-keyword != NULL; t++) { - if (strcmp(s, t-keyword) == 0) { - *val = t-val; - return (1); - } - } + t = bsearch(s, toskeywords, nitems(toskeywords), sizeof(struct toskeywords), (int (*)(const void *, const void *))strcmp); I don't like the way this is abusing types. In fact, I don't think this even works. Did you test it? A pointer to a struct toskeyword will not have the same value as the keyword member. OK I'll stop abusing. Here is my reasoning for the setgid change. Pretend there is a way to break into the binary by means of the socket, then I thought it'd be neat if it was disallowed to write into groups that a user was in at the moment this binary was executed. I think this is paranoid enough. And yes I tested it. I used reliability keyword and throughput keyword and a notused keyword, they matched in tcpdump with the #defined values and bailed on the third keyword. # traceroute -t throughput venus traceroute to venus.centroid.eu (192.168.60.1), 64 hops max, 40 byte packets 1 uranus (192.168.34.1) 0.211 ms 0.188 ms 0.248 ms # 17:10:48.701844 192.168.34.4.52757 192.168.60.1.33435: [no cksum] udp 12 [tos 0x8] [ttl 1] (id 52758, len 40) To be honest I'm not at a high level as you so I don't understand what the last sentence means. I had the bsearch manpage to guide me and it was surprising to me this even worked so well. I'm gonna leave this the way it is now. -peter
Re: does this patch make sense?
On 11/07/13 17:48, Otto Moerbeek wrote: On Thu, Nov 07, 2013 at 11:32:48AM -0500, Ted Unangst wrote: On Thu, Nov 07, 2013 at 17:19, Peter J. Philipp wrote: + gid = getgid(); + + if (setgroups(1, gid) == -1) + err(1, setgroups); + + if (setresgid(gid, gid, gid) == -1) + err(1, setresgid); + if (setresuid(uid, uid, uid) == -1) err(1, setresuid); I thought about it and thought my patch didn't really do anything. So Right. This doesn't do anything. traceroute isn't setgid, it has no group privileges to revoke. /* DiffServ Codepoints and other TOS mappings */ + /* KEEP SORTED */ const struct toskeywords { const char *keyword; int val; @@ -1258,14 +1268,13 @@ map_tos(char *s, int *val) { NULL, -1 }, }; - for (t = toskeywords; t-keyword != NULL; t++) { - if (strcmp(s, t-keyword) == 0) { - *val = t-val; - return (1); - } - } + t = bsearch(s, toskeywords, nitems(toskeywords), sizeof(struct toskeywords), (int (*)(const void *, const void *))strcmp); I don't like the way this is abusing types. In fact, I don't think this even works. Did you test it? A pointer to a struct toskeyword will not have the same value as the keyword member. The first field of a struct has the same address as the the struct itself. Still I consider this bad form and overkill. -Otto Hi, while I don't want to persue this patch further, I'd like to say that I finished it on my own, thanks to your input I understand what base in bsearch() is supposed to be now. I had something in mind from qsort() which also has a variable called base in the manpages and that had confused me. I have taken a look how bsearch() in other programs and I have noticed that some are doing it like me but wrap strcmp inside another *cmp where there is a bit of casting being done. I'm wondering if that is the right way? Or if it can be cleaned up? Thanks! -peter
Re: does this patch make sense?
On 11/07/13 20:33, Peter J. Philipp wrote: On 11/07/13 17:48, Otto Moerbeek wrote: On Thu, Nov 07, 2013 at 11:32:48AM -0500, Ted Unangst wrote: On Thu, Nov 07, 2013 at 17:19, Peter J. Philipp wrote: + gid = getgid(); + + if (setgroups(1, gid) == -1) + err(1, setgroups); + + if (setresgid(gid, gid, gid) == -1) + err(1, setresgid); + if (setresuid(uid, uid, uid) == -1) err(1, setresuid); I thought about it and thought my patch didn't really do anything. So Right. This doesn't do anything. traceroute isn't setgid, it has no group privileges to revoke. /* DiffServ Codepoints and other TOS mappings */ + /* KEEP SORTED */ const struct toskeywords { const char *keyword; int val; @@ -1258,14 +1268,13 @@ map_tos(char *s, int *val) { NULL, -1 }, }; - for (t = toskeywords; t-keyword != NULL; t++) { - if (strcmp(s, t-keyword) == 0) { - *val = t-val; - return (1); - } - } + t = bsearch(s, toskeywords, nitems(toskeywords), sizeof(struct toskeywords), (int (*)(const void *, const void *))strcmp); I don't like the way this is abusing types. In fact, I don't think this even works. Did you test it? A pointer to a struct toskeyword will not have the same value as the keyword member. The first field of a struct has the same address as the the struct itself. Still I consider this bad form and overkill. -Otto Hi, while I don't want to persue this patch further, I'd like to say that I finished it on my own, thanks to your input I understand what base in bsearch() is supposed to be now. I had something in mind from qsort() which also has a variable called base in the manpages and that had confused me. I have taken a look how bsearch() in other programs and I have noticed that some are doing it like me but wrap strcmp inside another *cmp where there is a bit of casting being done. I'm wondering if that is the right way? Or if it can be cleaned up? Thanks! -peter Ahh never mind, I didn't test it. It did compile very cleanly though. Sorry, I'll shut up now. -peter
Re: UEFI
On Wed, Nov 06, 2013 at 09:49:44AM -0500, Mayuresh Kathe wrote: just install another 'os' like ubuntu-desktop on your laptop first. openbsd will install on it flawlessly after that, it did on mine. and yes, there was no need to change any options anywhere. On my daughter's brand spanking new Lenovo Ideapad $something Touch, we needed to set the BIOS to 'legacy mode' in order to have it boot into the Ubuntu installer and then choose some obscure linux kernel parameter for it to switch to a usable graphics mode for the installer to complete. For some reason she wanted her laptop on Ubuntu and to use it herself from that point on. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: UEFI
sven falempin sven.falem...@gmail.com writes: The goal is to boot over usb, i had linux/windows/openbsd and more 10 years ago on a computer i do not want to have this madness again. Multibooting always has carried with it its own very special brand of pain, and more likely than not always will, to be liberally distributed to all comers. And of course with new and exciting varieties turning up every few weeks to keep our heroic developers busy and provide new thrills for all you other gluttons for punishment. The world has not turned into a saner place during the last decade, and even less so in that particular corner you seem to insist on seeking out. Despite your most determined efforts to the contrary, numerous bits of valuable and useful information have been offered to you, for free. Now please do yourself and everybody else a favor and try following some of that advice. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: RJ11 on Alix 2d13 with OpenBSD
pardon all, no cannot, pls spent no more. is electronically different. apple(adsl) can't taste(talk) like(to) orange(ethernet). and pontetially, adsl voltage will damage ethernet card/port. -- Regards, Peter
Re: Autoinstall
On 2013 Nov 04 (Mon) at 17:14:57 -0500 (-0500), Predrag Punosevac wrote: :I was driving last night so I have not had much sleep. I just want to :make sure that I am not hallucinating. Then minutes ago when I installed :the latest snapshot I was presented with an additional installation option : :Autoinstall [A] : :I picked out of curiosity but since I have not provided configuration :file I was dropped to the shell. : :I think I can see where is this going and I would like to thank you :everyone involved. : :Cheers, :Predrag : Yes, Autoinstall needs some configuration to work. Documentation is in progress. -- Anything worth doing is worth overdoing.
Re: UEFI
sven falempin sven.falem...@gmail.com writes: My laptop has no BIOS. What do you recommend to get openBSD on it ? It's not entirely uncommon to have a (sometimes quite well hidden) option to choose 'legacy mode' or similar over UEFI mode. But you should be prepared to dig out the long form user or service manual for your device to track down just how to enable it. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: nvidia driver what do you recommend
On 10/28/13 11:44, Brett Mahar wrote: On Mon, 28 Oct 2013 11:20:32 +0100 Peter J. Philipp p...@centroid.eu wrote: | I remember someone else writing to this list before saying the nvidia | driver is really slow. I just upgraded my main workstation from 5.3 to | 5.4 and it indeed is. | | So I'm wondering what driver I should use because the choppyness of | moving windows is laughable, a sad kind of laugh. | | Do you recommend I get an ATI/AMD card? What sorts of models would you | recommend? | The ATI Radeon HD 5450 works great with the recently added radeon KMS code, I got one for A$30 a few weeks ago, no problems seen, definitely no chopppyness using mplayer -vo xv in fullscreen 1080p, did have problems with a 96fps 4096x2304 video I tried out, however:-) Brett. Hi Brett, Well I took your advice and bought this card. I'm not a high performance freak when it comes to monitor so I think it'll be alright. I paid 27 euros on amazon.de for it. It does match my MSI N250GTS Twin Frozr 1G in DDR3 1 GB RAM but not sure about performance, I'll have to see. :-) Cheers, -peter
Re: Request to OpenBSD Dev's - Beer on offer
On 2013 Oct 29 (Tue) at 17:44:51 +0200 (+0200), Gregory Edigarov wrote: :On 10/28/2013 06:54 PM, Andy wrote: :Hi all, : :Would any of the esteemed OpenBSD developers be interested in adding support for BFD (Bidirectional Forward Detection) to OpenBSD. : :The protocol itself seems pretty simple and provides a sub-second keep-alive mechanism to monitor links for routes. E.g. Upon BFD failure BGP or OSPF can be torn down etc thus allowing for sub-second re-convergence of i/eBGP! : :I can only offer a crate of beer to anyone who has the skills and is willing :) : :'+1's welcome from others who would be interested to show signs of support/interest.. : :I still don't see how is this different from ifstated? :You can use it to ping your neighbour then issue bgpctl neighbor $your_fallen_neighbour down command. : : :-- :With best regards, : Gregory Edigarov : A) It's at the router level B) *they* also run it C) This is at ultra-tiny MS resolution D) Somebody got paid a bonus for the RFC -- A little inaccuracy sometimes saves tons of explanation. -- H. H. Munroe, Saki
nvidia driver what do you recommend
I remember someone else writing to this list before saying the nvidia driver is really slow. I just upgraded my main workstation from 5.3 to 5.4 and it indeed is. So I'm wondering what driver I should use because the choppyness of moving windows is laughable, a sad kind of laugh. Do you recommend I get an ATI/AMD card? What sorts of models would you recommend? Thanks for any clue, -peter
Boot OpenBSD on Utilite
Hello from Vienna, I tried to boot OpenBSD on my Utilite pro and got the following result. 1. Downloaded miniroot http://ftp.uio.no/OpenBSD/snapshots/armv7/miniroot-imx-54.fs 2. Because booting from ext filesystem did not work for me I Put the contents on a FAT formatted SD card and renamed the bootscript to boot.scr 3. modified boot.scr, just removed the entry to try boot from sata 4. tried a boot: mmc2 is current device reading boot.scr 362 bytes read Running bootscript from mmc ... ## Executing script at 1080 Bad data crc My u-boot version is: 2009.08-cm-fx6-0.85+tools (Aug 08 2013) What could I try next ? What image could I try for a TFTP boot ? I am new to U-boot, so if you can pass me some info how to boot via TFTP (u-boot syntax). I noticed the first line of the boot script looks a bit garbled when viewing it with an editor like nano or gedit. 'V2\8E\D5RS\AC\E9\00\00/\00\00\00\00\00\00\00\00\CC\F9\9C\00boot \00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00 \00\00\00\00\00\00'\00\00\00\00; setenv loadaddr 0x1880 ; setenv bootargs sd0i:/bsd.umg ; for dtype in sata mmc ; do for disk in 0 1 ; do ${dtype} dev ${disk} ; for fs in fat ext2 ; do if ${fs}load ${dtype} ${disk}:1 ${loadaddr} bsd.umg ; then bootm ${loadaddr} ; fi ; done; done; done; echo; echo failed to load bsd.umg Attached you can find the current Utilite boot environment. Best Regards, Peter Bauer http://bitkistl.blogspot.com [demime 1.01d removed an attachment of type application/pdf which had a name of utilite.u-boot.environment.pdf]
iked with rdomain getting an error
I've been trying to set up a second gif tunnel that's encrypted with ipsec (iked for key management), but I'm stuck on an error with iked. Here is what I see and have: # route -T 1 exec iked -f /etc/iked.conf2 # Oct 25 17:59:44 uranus iked[32297]: pfkey_reply: message: Network is unreachable Oct 25 17:59:44 uranus iked[32297]: fatal: pfkey_init: failed to block IPv6 traffic: Network is unreachable Oct 25 17:59:44 uranus iked[21552]: ikev1 exiting # netstat -nrfinet -T1 Routing tables Internet: DestinationGatewayFlags Refs Use Mtu Prio Iface 127/8 127.0.0.1 UGRS 00 33196 8 lo1 127.0.0.1 127.0.0.1 UH 10 33196 4 lo1 192.168.178/24 link#11UC 20 - 4 urtwn0 192.168.178.1 24:65:11:b8:ed:5e UHLc 03 - 4 urtwn0 192.168.178.64 00:00:24:d0:1e:a4 UHLc 0 568 - 4 urtwn0 # pfctl -srules |grep rdomain pass out on rdomain 1 all flags S/SA pass in on rdomain 1 all flags S/SA Can anyone spot what I'm doing wrong? This is OpenBSD version 5.3 (still waiting for 5.4 to arrive in mail). -peter
Re: iked with rdomain getting an error
On 10/25/13 20:40, Reyk Floeter wrote: On 25.10.2013, at 12:08, Peter J. Philipp p...@centroid.eu wrote: I've been trying to set up a second gif tunnel that's encrypted with ipsec (iked for key management), but I'm stuck on an error with iked. Here is what I see and have: # route -T 1 exec iked -f /etc/iked.conf2 # Oct 25 17:59:44 uranus iked[32297]: pfkey_reply: message: Network is unreachable Oct 25 17:59:44 uranus iked[32297]: fatal: pfkey_init: failed to block IPv6 traffic: Network is unreachable Oct 25 17:59:44 uranus iked[21552]: ikev1 exiting Can you try to run it with the command line option “-6 to disable the IPv6 filter? Reyk Reyk, Thanks for replying/trying on my vaguely described problem. I did try -6 and it got stuck on inserting the SA flow with the same Network is unreachable error. What I've done in the meanwhile is add a 'V' flag to iked that takes the argument of an rdomain, I setsockopt this to only the udp sockets and it seems to be working. Problem now is that I can't run 2 iked together as one will wipe the others SA's and flows, and I'm trying to look at what I can do so it doesn't wipe it all at startup. I think the way I'm doing it is likely wrong but I can't write a config file addition to add rdomains just for the sockets on port 500 and 4500. Cheers, -peter # netstat -nrfinet -T1 Routing tables Internet: DestinationGatewayFlags Refs Use Mtu Prio Iface 127/8 127.0.0.1 UGRS 00 33196 8 lo1 127.0.0.1 127.0.0.1 UH 10 33196 4 lo1 192.168.178/24 link#11UC 20 - 4 urtwn0 192.168.178.1 24:65:11:b8:ed:5e UHLc 03 - 4 urtwn0 192.168.178.64 00:00:24:d0:1e:a4 UHLc 0 568 - 4 urtwn0 # pfctl -srules |grep rdomain pass out on rdomain 1 all flags S/SA pass in on rdomain 1 all flags S/SA Can anyone spot what I'm doing wrong? This is OpenBSD version 5.3 (still waiting for 5.4 to arrive in mail). -peter
Re: Sorry OpenBSD people, been a bit busy
Please stop.
Re: new queueing subsystem
Boris Goldberg bo...@twopoint.com writes: The changes in the pf queueing subsystem (for some reason not mentioned in the http://openbsd.org/faq/upgrade54.html) are getting me worried. The new queueing system was only committed on October 12th 2013, well after 5.4 was cut and sent off to the CD printers. But it will be in 5.5. As will altq 'for a transition period'. See the commits starting with http://marc.info/?l=openbsd-cvsm=138160448112859w=2. If you want to help test the new queues, the easiest way to get started is to install recent snapshot and take it from there. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Routedomains are not working with ipv6
It doesn't work at all. I am working on it, have some things working (but not enough to commit and enable everything). On 2013 Oct 11 (Fri) at 09:54:51 +0200 (+0200), Olivier PELERIN wrote: :Hello Openbsd mailing list : :I like very much the implementation of VRF in openbsd. It works great with :ipv4. It seems buggy with ipv6. : :cat /etc/hostname.vlan425 :rdomain 30 172.18.25.1/24 vlan 425 vlandev xl0 :inet6 2001::2/64 : :IPV6 address is configured but routing is broken. [ since it seems we dont :use the right routing domain] : :vlan425: trying to send packet on wrong domain. if 30 vs. mbuf 0, AF 24 : :If I try to configure the routing domain, then I get an inet6: bad value after :few minutes [ the prompt hangs for a while] : :[root@carolo olpeleri]# ifconfig rdomain 30 inet6 2001::2/64 vlan 425 vlandev :xl0 :ifconfig: inet6: bad value :[root@carolo olpeleri]# : :Bug? : -- Physicists do it with charm.
Re: Routedomains are not working with ipv6
No timeframe as of yet. I plan on committing some pieces of it, and when it's ready we'll enable it. On 2013 Oct 11 (Fri) at 12:34:41 +0200 (+0200), Olivier PELERIN wrote: :Thanks Peter, : :Good to know. Do we have a timeframe? : :Regards : :Olivier : : : Date: Fri, 11 Oct 2013 10:44:39 +0200 : From: phess...@openbsd.org : To: olivier_pele...@hotmail.com : CC: misc@openbsd.org : Subject: Re: Routedomains are not working with ipv6 : : It doesn't work at all. : : I am working on it, have some things working (but not enough to commit : and enable everything). : : : : On 2013 Oct 11 (Fri) at 09:54:51 +0200 (+0200), Olivier PELERIN wrote: : :Hello Openbsd mailing list : : : :I like very much the implementation of VRF in openbsd. It works great with : :ipv4. It seems buggy with ipv6. : : : :cat /etc/hostname.vlan425 : :rdomain 30 172.18.25.1/24 vlan 425 vlandev xl0 : :inet6 2001::2/64 : : : :IPV6 address is configured but routing is broken. [ since it seems we dont : :use the right routing domain] : : : :vlan425: trying to send packet on wrong domain. if 30 vs. mbuf 0, AF 24 : : : :If I try to configure the routing domain, then I get an inet6: bad value after : :few minutes [ the prompt hangs for a while] : : : :[root@carolo olpeleri]# ifconfig rdomain 30 inet6 2001::2/64 vlan 425 vlandev : :xl0 : :ifconfig: inet6: bad value : :[root@carolo olpeleri]# : : : :Bug? : : : : -- : Physicists do it with charm. : : -- Tonight's the night: Sleep in a eucalyptus tree.
Re: Sorry OpenBSD people, been a bit busy
This has gotten massively off topic. Can we please let the thread end here?
Re: Sorry OpenBSD people, been a bit busy
Please stop -- There are people so addicted to exaggeration that they can't tell the truth without lying. -- Josh Billings
Re: open bsd router
Jan Stary h...@stare.cz writes: AFAIK there are currently no plans to port OpenBSD to Raspberry, as the hardware is not really documented. Judging by some recent threads here (findable via the obvious keywords), not really documented is something of an understatement. And there is real info here and there in these threads, I promise. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Verified OS concerns
josef.win...@email.de writes: Does OpenBSD plan to varify its (main) components, to reach the level of zero-bug software? If not, isn't there any concern that (future) varified OS will render OBSD redundant one day? I remain unconvinced that it's possible to formally verify non-trivial code to be bug free. You remain free to convince me otherwise or point me to available verified non-trivial software roughly on par with a complete operating system. Then again, I'm not a core OpenBSD developer, so you're free to ignore me too. And yes, September is like that isn't it? - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Verified OS concerns
josef.win...@email.de writes: Right, a varified full flaged OS is still future. But there is nevertheless progress and affort. Thanks for the pointeres, but anytime this comes up, an old AI witticism turns up at the back of my head, If our mind were so simple we could actually understand it fully, we almost certainly couldn't be bothered to try (original source lost or not within reach of my puny attempts at web search). The point is, formal verification is *hard*, and any flaws in your formal verification procedure will put you back at essentially square one, every time. Which will happen a lot when exposed to systems that have developed in response to real-world needs and formal standards specifications that at least in some cases more likely than not were in any way verified even to be internally consistent. My money is still on the OpenBSD-style source code audits (aka 'reading the code like the devil reads the bible' for real-world results. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Verified OS concerns
pe...@bsdly.net (Peter N. M. Hansteen) writes: systems that have developed in response to real-world needs and formal standards specifications that at least in some cases more likely than not were in any way verified even to be internally consistent. missing a 'never' in there. clearer? -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Ivy Bridge-EP Xeon (E5-2637v2) and Intel C602 Patsburg-A Chipset support
On 2013 Sep 16 (Mon) at 16:42:26 +0100 (+0100), Andy wrote: :I know that OpenBSD runs on any CPU which is based on the AMD64 :architecture, however someone has worried me and said that this CPU and :chipset is different somehow and might not boot with BSD!? Does Windows work with it? Does it claim it is x86 compatible? Then, yes it Just Works(tm). -- Goto, n.: A programming tool that exists to allow structured programmers to complain about unstructured programmers. -- Ray Simard
Re: pms0: not in sync yet, discard input (state 3)
On Sun, Sep 15, 2013 at 02:05:00AM +0200, frantisek holop wrote: after upgrading to the september 10 snapshot, i am not able to use the touchpad. What were you running before upgrading to that snapshot? aug 18 snapshot pms0: not in sync yet, discard input (state 1) pms0: not in sync yet, discard input (state 2) pms0: not in sync yet, discard input (state 3) pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pms0: Elantech Touchpad, version 2 Hi, I too have/had problems with a supposed version 2 of elantech touchpad. I too got these not in sync messages, but have worked around the problem by going back 2 versions of /sys/dev/pckbc/pms.c to version 1.45, both 1.46 and 1.47 don't work right. I'm now able to enjoy X again. However if there is patches to test, let me know them. dmesg below with the rv. 1.45. Cheers, -peter Did you ever see the Elantech Touchpad, version 2 message before, and did the mouse work with it? $ grep Elantech dmesg* dmesg.boot-2013-05-11:pms0: Elantech Touchpad, version 2 dmesg.boot-2013-06-21:pms0: Elantech Touchpad, version 2 dmesg.boot-2013-07-01:pms0: Elantech Touchpad, version 2 dmesg.boot-2013-08-21:pms0: Elantech Touchpad, version 2 dmesg.boot-2013-09-14:pms0: Elantech Touchpad, version 2 OpenBSD 5.4-current (SATURN) #35: Sat Sep 14 17:42:48 CEST 2013 p...@saturn.centroid.eu:/usr/src/sys/arch/amd64/compile/SATURN RTC BIOS diagnostic error 80clock_battery real mem = 3987992576 (3803MB) avail mem = 3873722368 (3694MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe3e70 (51 entries) bios0: vendor Acer version V1.08 date 12/06/2011 bios0: Acer AO722 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC MCFG BOOT SLIC SSDT SSDT acpi0: wakeup devices SPB2(S4) GEC_(S4) USB0(S3) USB4(S3) P2P_(S5) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpihpet0 at acpi0: 14318180 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD C-60 APU with Radeon(tm) HD Graphics, 998.01 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: 8 4MB entries fully associative cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative cpu0: smt 0, core 0, package 0 cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD C-60 APU with Radeon(tm) HD Graphics, 997.51 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC cpu1: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 512KB 64b/line 16-way L2 cache cpu1: 8 4MB entries fully associative cpu1: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 4 acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (PB2_) acpiprt2 at acpi0: bus -1 (PB3_) acpiprt3 at acpi0: bus -1 (PB4_) acpiprt4 at acpi0: bus -1 (PB5_) acpiprt5 at acpi0: bus -1 (PB6_) acpiprt6 at acpi0: bus -1 (PB7_) acpiprt7 at acpi0: bus 2 (SPB0) acpiprt8 at acpi0: bus -1 (SPB1) acpiprt9 at acpi0: bus 6 (SPB2) acpiprt10 at acpi0: bus 7 (SPB3) acpiprt11 at acpi0: bus 1 (P2P_) acpiec0 at acpi0 acpicpu0 at acpi0: C2, PSS acpicpu1 at acpi0: C2, PSS acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT1 model 13848633228217409 serial 417d type Lion oem Sanyo acpiac0 at acpi0: AC unit online acpibtn2 at acpi0: LID_ acpivideo0 at acpi0: VGA_ acpivout0 at acpivideo0: LCD_ acpivideo1 at acpi0: VGA_ acpivideo2 at acpi0: VGA_ cpu0: 998 MHz: speeds: 1000 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 AMD AMD64 14h Host rev 0x00 radeondrm0 at pci0 dev 1 function 0 ATI Radeon HD 6290 rev 0x00: apic 4 int 18 drm0 at radeondrm0 azalia0 at pci0 dev 1 function 1 ATI Radeon HD 6310 HD Audio rev 0x00: msi azalia0: no supported codecs ahci0 at pci0 dev 17 function 0 ATI SBx00 SATA rev 0x00: apic 4 int 19, AHCI 1.2 scsibus0 at ahci0: 32 targets sd0 at scsibus0 targ 0 lun 0: ATA, WDC WD3200BPVT-2, 01.0 SCSI3 0/direct fixed naa.50014ee25be3a7df sd0: 305245MB, 512 bytes/sector, 625142448 sectors ohci0 at pci0 dev 18 function 0 ATI SB700 USB rev 0x00: apic 4 int 18, version 1.0, legacy support ehci0 at pci0 dev 18 function 2 ATI SB700 USB2 rev 0x00: apic 4 int 17 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 ATI EHCI root hub rev 2.00/1.00 addr 1 ohci1 at pci0 dev 19 function 0 ATI SB700 USB
Re: Creating Mobile Apps ..
Pallavi seo.salesmanage...@gmail.com writes: Note: We are not spammers and are against spamming of any kind. If you are not interested then you can reply with a simple \NO\,We will never contact you again. I assume you paid somebody for a list that includes addresses likely to produce negative reactions. I'll give you this much better list for free, with a total of 25083 adresses: http://www.bsdly.net/~peter/sortlist Please make sure any future mailings of yours are sent to those addresses first. Yours sincerely Peter N. M. Hansteen -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: OpenBSD crypto and NSA/Bruce Schneier
On Wed, Sep 11, 2013 at 03:26:07AM -0400, Jiri B wrote: I don't understand very much technical details of this topic, neither I want to troll, but my curiousity is if OpenBSD devs follow Bruce Schneier arguments and whole topic and if they have done, do or will do some re-evaluation of crypto in OpenBSD to minimalize being vulnerable to describe attacks. http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html Re-evaluation and auditing is very much a part of the general OpenBSD development process (see eg http://www.openbsd.org/goals.html and http://www.openbsd.org/security.html, with links therein) already, but I wouldn't be surprised if recent revelations lead to more activity on that front. On a related note, I quite enjoyed reading FreeBSD developer Colin Percival's take on the various revelations and claims: http://www.daemonology.net/blog/2013-09-10-I-might-be-a-spook.html - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: pf set prio
On Tue, Sep 10, 2013 at 11:17:58AM +0400, ?? ?? wrote: where can I read more about set prio in pf? man pf.conf tends to be the best source, you could also browse http://home.nuug.no/~peter/pf/newest/ for mentions, http://bulabula.org/papers/2012/eurobsdcon/ has quite a bit of detail about the implementation and some work that will hopefully hit the tree soonish. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: pf set prio
On Tue, Sep 10, 2013 at 10:37:17AM +0100, Andy wrote: PS; Thanks for your great work Henning (and others of course). Hoping and keeping fingers crossed the new subsystem will make it into 5.4 :) it did not make it into 5.4, 5.5 is still a possibility but the commit hasn't happened yet. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: sshd unsupported option kerberosauthentication on current
On Mon, Sep 02, 2013 at 11:59:34PM -0700, Erich Beyer wrote: I am running current. For a few snapshots, sshd has been putting errors in my authlog: Sep 2 23:33:56 openbsd sshd[22922]: Server listening on 0.0.0.0 port 22. Sep 2 23:33:56 openbsd sshd[22922]: Server listening on :: port 22. Sep 2 23:34:01 openbsd sshd[28174]: rexec line 76: Unsupported option KerberosAuthentication Sep 2 23:34:01 openbsd sshd[28174]: rexec line 82: Unsupported option GSSAPIAuthentication Sep 2 23:34:01 openbsd sshd[28174]: reprocess config line 76: Unsupported option KerberosAuthentication Sep 2 23:34:01 openbsd sshd[28174]: reprocess config line 82: Unsupported option GSSAPIAuthentication Sep 2 23:34:09 openbsd sshd[28174]: Accepted password for badboybeyer from 10.12.12.24 port 2162 ssh2 Commenting the corresponding lines in sshd_config removes the errors: KerberosAuthentication yes GSSAPIAuthentication yes These lines are the only diff from etc54.tgz. Why are these authentication methods not throwing error messages? What did I overlook? It's possible it wasn't discussed too much in public fora, but start with http://marc.info/?l=openbsd-cvsm=137161966011552w=2 and read the various followups as well as several notes in http://www.openbsd.org/faq/current.html. My favorite here is http://marc.info/?l=openbsd-cvsm=137162163212109w=2 - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: In some man pages Mb means MB, in others it means Mb/s
On 2013 Aug 26 (Mon) at 16:55:33 +0200 (+0200), Erling Westenvik wrote: :I guess all it boils down to is the question why OpenBSD shouldn't use :standard unit names, that is GiB for gigabytes and GB for gibibytes? We *are* using the standard unit names. Marketting droids aren't allowed to create standards, especially when they are utterly stupid. -- In Devon, Connecticut, it is unlawful to walk backwards after sunset.
EuroBSDCon 2013 early bird rates through August 31
EuroBSDCon 2013, set in sunny Malta, is only a month away. The main program is at http://2013.eurobsdcon.org/eurobsdcon-2013/talks-and-schedule/ Register via http://2013.eurobsdcon.org/eurobsdcon-2013/registration/, early bird rates apply through August 31. See you in Malta! - Peter (Program committee member and speaker) -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: relayd crash
On 2013 Aug 21 (Wed) at 02:16:32 -0700 (-0700), Bogdan Andu wrote: : : From: Alexey E. Suslikov alexey.susli...@gmail.com :To: misc@openbsd.org :Sent: Wednesday, August 21, 2013 11:40 AM :Subject: Re: relayd crash : : :Bogdan Andu bog09 at yahoo.com writes: : : machine is OpenBSD 5.3/amd64 GENERIC.MP : :relayd on 5.3 is buggy. you either need newer version, :or backport a fix. : :so, between the following two options what is the best (given the fact the machine is OpenBSD 5.3)? : :1. checkout in 5.3 from current, compile and install on 5.3; :2. checkout in 5.3 relayd with tag OPENBSD_5_2, compile and install in 5.3 : :Bogdan : Checkout the stable branch on OPENBSD_5_3 as it already has a fix for relayd. http://www.openbsd.org/stable.html -- A long-forgotten loved one will appear soon. Buy the negatives at any price.
Re: Updating past 5.4-current flag day w/ SSH only (amd64, maybe others)
On 2013 Aug 21 (Wed) at 17:12:56 +0200 (+0200), Paul de Weerd wrote: :On Wed, Aug 21, 2013 at 12:55:26PM +, Stuart Henderson wrote: :| On 2013-08-19, Paul de Weerd we...@weirdnet.nl wrote: :| | :| | 12. Re-add packages as per current.html: :| | :| | # pkg_add -z -l /root/pkg_list_manual :| | # pkg_add -za -l /root/pkg_list_full :| :| I don't really understand why you're doing the -za dance with the full :| pkg list. For all those dependencies that were required for the :| manually installed packages ? Or for all the dependencies of manually :| added packages that you've since deleted ? :| :| It maintains the auto-installed / manually-installed status of packages, :| rather than putting them all in as manually installed. : :Wouldn't all dependencies be automatically installed with the first :command anyway ? Thereby maintaining the auto-installed / :manually-installed status of packages as you suggest ? : autoconf-* cmake etc, etc -- Isn't it interesting that the same people who laugh at science fiction listen to weather forecasts and economists? -- Kelvin Throop III
Re: snapshot mirror t32 directory
On 2013 Aug 19 (Mon) at 11:33:41 +0100 (+0100), James Griffin wrote: :Sorry for repeating the information on the website, I just like to be :absolutely clear. How can we make the website be absolutely more clear? It is pretty specific about things already. -- A witty saying proves nothing. -- Voltaire
Re: remove entry from spamdb greylist
On Wed, Aug 14, 2013 at 06:38:50AM -0700, ML mail wrote: This mail server has been somehow wrongly marked as grey and would stay stuck like in this state not allowing mails flowing in. Somehow after 3 attempts it should have whitelisted this IP so it didn't. What I now did is to manually add this IP my PF spamd whitelist. The final goal being simply to allow mail coming in from this mail server. spamdb -a 207.126.144.121 should set it to state WHITE, and the GREY entry (which will be overridden by the WHITE) will expire sooner or later. If it doesn't behave that way, I'd think reporting a bug would be in order, if you have sufficient logging going on at least. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: OpenBSD pxe automated install
On 2013 Aug 13 (Tue) at 14:27:40 +0200 (+0200), Marian Hettwer wrote: :Looks like it's time to do this. And maybe I can sync up with some :others in this thread and we could work together. I'm looking at the diffs originally from Nick Bender (links are earlier in the thread), and will try to review and work this in. I and some other developers want this for our own projects as well. -- Admiration, n.: Our polite recognition of another's resemblance to ourselves. -- Ambrose Bierce, The Devil's Dictionary
Re: Install drivers
this isn't a lesser operating system. all such drivers are included out of the box. the only thing that may be missing, is the various firmware files. Check out how fw_update(8) works to fetch those. On 2013 Aug 11 (Sun) at 17:35:24 +0200 (+0200), josef.win...@email.de wrote: :How can I force OBSD to install drivers, that are not needed :on the running hardware? : :This may sound strange on a first sight, but in my situation I :have OBSD on a flash drive that runs via flashrd from RAM and :this RAM can be located in various (i386/ARM64) systems. : :I want to support as much hardware as possible 'out of the box' :and since a network can't be assumed, I need to preinstall the :drivers. : : :--Josef : -- Bank error in your favor. Collect $200.
Intel I210 ethernet card support
Hello! Does OpenBSD support the recently released Intel I210 card? I have searched the net but have not come up with a satisfying answer to this. Thanks, Peter
Re: Two questions.
This has been asked and answered numerous times, with generous helpings of shitheadery that serves to mask any real information offered. Check the archives for the obvious keywords. There's nothing to add since the last iteration. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: /etc/mail/spamd.key permissions/ownership?
On Fri, Aug 09, 2013 at 01:05:34PM +0100, Craig R. Skinner wrote: On a multi-user box, what are the recommended permissions/ownership of /etc/mail/spamd.key? I checked the nearest couple of spamd equipped boxes, and it tends to be [Fri Aug 09 14:21:47] peter@skapet:~/www_sider$ ls -l /etc/mail/spamd.key -rw-r--r-- 1 root wheel 2048 Nov 1 2009 /etc/mail/spamd.key (much on par with the rest of the files in that directory). - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: ifconfig(8) --frontend
Mirco Richter mirco.rich...@email.de writes: Is there some GUI-front-end for (at least) the wlan related functionality of ifconfig? http://www.undeadly.org/cgi?action=articlesid=20110420080633 hints that M:tier (http://www.mtier.org/) has something of that sort, but I can't specifically remember whether they've made it available to the general public. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: spamd: sync init: Device not configured
You need to change those to the correct IPs or hostnames for your configuration. On 2013 Jul 31 (Wed) at 13:10:40 +0100 (+0100), Craig R. Skinner wrote: :When attempting to sync spamd between 2 hosts via unicast, I see this :error when starting spamd: : :spamd: sync init: Device not configured : :Web searching with this phrase didn't yeild useful pointers. : :In /etc/rc.conf.local I have: :spamd_flags=-y smtp.example.com -Y mx-backup.example.com : :I'm not using CARP or pfsync, and have a default block in/out pf policy. : :After looking at the spamd man page source, I'm not seeing clues of :where to look next. Do I need to add some parameter to /etc/hostname.if? : :Cheers, :-- :Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7 : -- Bumper sticker: All the parts falling off this car are of the very finest British manufacture
Re: OpenBSD ipsec performance on modern HW
On 2013 Jul 21 (Sun) at 14:16:32 +0300 (+0300), Evgeniy Sudyr wrote: :All, : :during my tests I seen that CPU on all cores and memory usage was very low. :Just interesting if there are any bottlenecks and how to fix them. Lots of bottlenecks. They can only be fixed in code, and others are working on them. :1) Does anybody care tcp stack tuning for high speed IPSEC ? the only thing you can do is select the modes that work best for your cpus. Others in this thread have done that already. :2) Can I run IPSEC (that's isakmpd ?) on other cores? No. : : :Pierre, :can you share your ipsec config to check same on my side. : -- Schwiggle, n.: The amusing rotation of one's bottom while sharpening a pencil. -- Rich Hall, Sniglets
Re: 4k-sector drives
On 2013 Jul 21 (Sun) at 18:44:11 +0200 (+0200), David Vasek wrote: :Detailed question once again: :Does it makes sense to report bugs YES. -- Patageometry, n.: The study of those mathematical properties that are invariant under brain transplants.
Re: pflow all traffic in a queue
Andy a...@brandwatch.com writes: I have an issue where one of my 'real-time' queues is much busier than it should be. I suspect that someone is running something on the network and setting the diffserv bits (or something else funky..) and so the firewall is placing the traffic into the higher priority queue which is screwing with our VoIP traffic :( Does anyone know of how I can view the pflow or even just the states for /all/ traffic in just one queue? If you're only interested in the traffic that hits one queue, my suggestion would be that you temporarily alter your rule set so only the rule that assigns traffic to that queue exports pflow data. Then set up collection (I like nfsen/nfdump, but there are others) and mine the data. On a busy network finding the offending traffic can still take a bit of work, but with proper flow data collection at least you get a haystack ;) - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Boning the Troll
Responding to any of their emails feeds the troll. Ignore them. -- Meeting, n.: An assembly of people coming together to decide what person or department not represented in the room must solve a problem.
Re: ACPI support on HP laptop
On 2013 Jul 08 (Mon) at 15:57:36 +0200 (+0200), Riccardo Mottola wrote: :Life estimate is always missing, I suppose the whole capacity is not :reported. Is there a convenient human-readable equivalent of apm :for acpi? acpidump isn't it. apm and sysctl hw apm(8) will only give you life estimate when it is on battery, and has had a chance to measure your actual power consumption. Give it 30 seconds or so. -- Excellent day for putting Slinkies on an escalator.
Hylafax and iaxmodem.
After much frustration I did manage to get HylaFax to send and receive faxes. The first problem I ran into was faxsetup failing when it was configuring the iaxmodem, and leaving a half setup system that had to be manual configured. I believe that there are fixes for the problem. They were sent to me but I didn't try them since by then I had gotten around the problem, by manually doing the setup. The next class of problem was missing the Adobe Font Metrics package (afm). To test fax I tried to use HylaFax's sendfax command which gave and error message saying it needed ghostscript, but made no mention of needed the Adobe Font Metrics and sendfax generated misleading error messages as a result. Once I had added the Adobe Font Metrics. I could now generate a fax and was able to trace down the rest of my problems from the log files. Currently I have nohup /usr/local/bin/iaxmodem ttyIAX0 /var/log/iaxmodem/daemon.log 21 nohup /usr/local/sbin/faxgetty ttyIAX0 in my /etc/rc.local And I can receive and send faxes, but iaxmodem stops working randomly All the log shows is iax.c line 2617 in iax_header_to_event: Cancelling transmission of packet 0 iax.c line 2617 in iax_header_to_event: Cancelling transmission of packet 1 these two lines repeating over and over again. I know using /etc/rc.local to start faxgetty is not the correct method and that it should be started using an entry in /etc/ttys. I haven't been able to get that that to work. I don't understand the interplay between /etc/ttys, /etc/gettytab and /var/spool/hylafax/etc/config.ttyIAX0. I suspect the problem is with the value for GettyArgs in /var/spool/hylafax/etc/config.ttyIAX0 any help would be appreciated.
FW: tftpd loop
at uhci1: USB revision 1.0 uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 wbsio0 at isa0 port 0x2e/2: W83627HF rev 0x41 lm3 at wbsio0 port 0x290/8: W83627HF npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 mtrr: Pentium Pro MTRR support lm1: disabling sensors due to alias with lm3 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets root on sd0a (f62682a713d28825.a) swap on sd0b dump on sd0b phone:~ # tftpd -l -c xxx phone:~ # # I have to break out of the look -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Philip Guenther Sent: Friday, June 28, 2013 6:42 PM To: Stuart Henderson Cc: misc@openbsd.org Subject: Re: tftpd loop On Fri, Jun 28, 2013 at 3:21 PM, Stuart Henderson s...@spacehopper.org wrote: On 2013-06-28, Peter Fraser p...@thinkage.ca wrote: tftpd -l -c xxx resulting from a mistyping causes tftpd to into a loop Any more information? I just get, tftpd: -c:tftp: no address associated with name No dmesg. For all we know, the original poster is running 5.2 and the pre-dlg tftpd. Philip Guenther
Re: Performance limits with OpenBSD, ToE, offloading, Intel ET2 cards
On 2013 Jun 26 (Wed) at 17:06:09 +0100 (+0100), Andy wrote: :Someone did previously (and very helpfully) indicate that the :~400,000pps we are getting on our HP DL160 G6's is pretty good. Because Yes, and that is pretty much the best you will get until you start making the kernel MP-safe. :I like OBSD so much I have managed to convince my manager to invest in :faster hardware with the fastest single CPU speeds I can get my hands :on, but I believe this is a poor approach to the problem (for the long :term anyway). This is your only real solution to the problem *right now*. Work is being done to make OpenBSD faster for networking, but it is not ready for prime time. -- New systems generate new problems.
tftpd loop
tftpd -l -c xxx resulting from a mistyping causes tftpd to into a loop
Re: www.openbsd.org down?
http://www.isup.me/www.openbsd.org it's down ( also from the netherlands ) On Jun 25, 2013, at 1:17 PM, Killman BOFH kill...@dkcorp.ec wrote: http://www.isup.me/openbsd.org *Enterprise Networks* Blog: unixlegion.com GPG Key: *0xBBDC0CDE* OpenNIC Project: opennic.sle.ec *IT Security - ISO 27000 - Packet Core* Phone: +593 995 956811 | +593 07 2952-763 This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. On Tue, Jun 25, 2013 at 6:13 AM, Killman BOFH kill...@dkcorp.ec wrote: Apparently a problem with DNS A record www.openbsd.org is down but openbsd.org is up! *Enterprise Networks* Blog: unixlegion.com GPG Key: *0xBBDC0CDE* OpenNIC Project: opennic.sle.ec *IT Security - ISO 27000 - Packet Core* Phone: +593 995 956811 | +593 07 2952-763 This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. On Tue, Jun 25, 2013 at 6:05 AM, Johan Mellberg johan.mellb...@gmail.comwrote: 25 jun 2013 kl. 12:53 skrev Nenhum_de_Nos math...@eternamente.info: On Tue, June 25, 2013 06:56, Yusof Khalid - FreeBSD / OpenBSD wrote: Yeah can't access from here (Kuala Lumpur, MY) Can't access from Brazil. matheus -- Ok, now it's down from Sweden too.
Re: Snapshot shasum mismatch
On 2013 Jun 25 (Tue) at 17:44:11 +0200 (+0200), Charles RAPENNE wrote: :On 06/25/13 16:25, toby wrote: :Hi there, : :I just wondered if anyone else had found that the shasums on the latest :(24/06/13) snapshots are wrong. I've just tried upgrading from all the :different mirrors here in the UK got shasum errors for all the non X :parts from the Oxford mirror, the Bytemark mirror and the mirrorservice :one... : This happens from time-to-time with Snapshots. It usually does not mean there is a problem, but that a partial snap went out. Wait a while for the mirrors to catch up. -- I don't know anything about music. In my line you don't have to. -- Elvis Presley
floods in Calgary, is the project affected?
It's all over the news (BBC, ARD) that there is floods in Calgary. And I'm wondering if the OpenBSD servers are affected since they are in a basement afaik. Is the physical location secure from these floods? Regards, -peter
Re: Squid3 in intercept mode
On 06/19/13 15:08, Lars Noodén wrote: I'm running into some difficulty with access denied in squid3 when I switch it to act as an intercepting proxy. It works as normal when I use it as a regular proxy but when turning on intercepting (formerly transparent proxying) the web browser shows this error: ...Access Denied. Access control vconfiguration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect ... and the access log shows this kind of message in intercept mode but not as a normal proxy: 1371640231.979 3 192.168.2.33 TCP_DENIED/403 4014 GET http://blogs.hbr.org/cs/2013/06/you_have_no_control_over_s.html - HIER_NONE/- text/html 1371640232.045 3 192.168.2.33 TCP_DENIED/403 3922 GET http://www.squid-cache.org/Artwork/SN.png - HIER_NONE/- text/html So I can see that PF is properly forwarding the connection and that the browser is actually reaching squid3. However even completely removing any access limitations in squid.conf does not let the browser through. The following should be open but still produces the TCP_DENIED message: http_access allow all ... http_port 127.0.0.1:3128 intercept This occurs with in 5.3-stable on i386 with both squid/3.2.11 from ports and with squid/3.2.7p0 from the CD, so what should I look at changing? Regards, /Lars Hello, I have a setup of squid on 5.3 (not -stable though) with intercept, here is my squid.conf file: - acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl localnet src 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow localhost manager http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access allow localhost http_access deny all http_port 127.0.0.1:3128 intercept icp_port 0 htcp_port 0 snmp_port 0 cache_mem 512 MB cache_dir ufs /var/squid/cache 100 16 256 access_log syslog:daemon.debug max_filedesc 1024 coredump_dir /var/squid/cache refresh_pattern ^ftp: 144020% 10080 refresh_pattern ^gopher:14400% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 - And the pf rule to make this work looks like this: pass in on gif0 inet proto tcp from any to any port = 80 flags S/SA keep state (sloppy) divert-to 127.0.0.1 port 3128 It works for me. -peter
libfaac in ffmpeg on OpenBSD
I made a patch to /usr/ports/graphics/ffmpeg but it needs fixing up to integrate it into the ports. However my patch works, which is awesome. The patch is uuencoded here: http://emea.centroid.eu/blog/index.php?article=1370984565 Perhaps we can see this in OpenBSD 5.4? Then I don't have to recompile ffmpeg. -peter
Re: libfaac in ffmpeg on OpenBSD
On 06/12/13 12:38, Jérémie Courrèges-Anglas wrote: Peter J. Philipp p...@centroid.eu writes: I made a patch to /usr/ports/graphics/ffmpeg but it needs fixing up to integrate it into the ports. However my patch works, which is awesome. The patch is uuencoded here: http://emea.centroid.eu/blog/index.php?article=1370984565 Perhaps we can see this in OpenBSD 5.4? Then I don't have to recompile ffmpeg. OK, the legal issue has already been dealt with by Stuart. I hesitated replying to you privately, but I think proposals like this one should be avoided. On the technical side, your patch should have added audio/faac to LIB_DEPENDS. But about the method... - your mail should probably have been sent to ports@, not misc@ - your mail could easily include an inlined diff (an attachment is also possible on ports@). Instead here one should go to a website, copy/paste some text, uudecode it... wait - your diff is not based on -current, patching fails - any explanation other than I need this or go to ShitOverflow for the details? As a side not I don't even know what the heck is an Apple TV and I don't really care about that... Since there was a legal thing the issue is closed. However you're just nagging. I enhanced the OpenBSD port and thought I'd share, your response will make me keep these things secret in the future. -peter
FW: hylafax, sendfax, textfmt
Found the problem with sendfax and textfmt that cause the error message: Font metrics file not found: .afmFont Courier: /usr/local/share/ghostscript/fonts/.afm: Can not open font metrics file; using fixed widths. textfmt requires the package afm-1.0 Adobe Font Metrics to be installed. Which was not installed when I installed hylafax PS hylafax also required ghostscript-9.06p1 GNU PostScript interpreter ghostscript-fonts-8.11p2 35 standard PostScript fonts with Adobe name aliases Which also are not automatically installed. I can see why the choice was made not to install them by default, but a hint that they would be needed to use sendfax would have been nice. Once the packages are installed then faxsetup configures textfmt correctly.
Re: hylafax, sendfax, txtfmt
I installed hylafax and IAXModem from packages. And I should have added that I tried to manually configure hylafax using the files in /var/spool/hylafax after I could not get faxsetup/faxaddmodem to run. -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of MERIGHI Marcus Sent: Tuesday, June 11, 2013 3:32 AM To: Peter Fraser Cc: misc@openbsd.org Subject: Re: hylafax, sendfax, txtfmt Hello Peter, there are so many differences in paths that I wonder: did you install from packages? 1) I do not even have a hyla.conf 2) I never touched anything outside /var/spool/hylafax 3) this is on: OpenBSD 5.3-current (GENERIC) #146: Thu Apr 25 16:55:16 MDT 2013 t...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC If you installed from ports/packages possibly take this to ports@. Bye, Marcus p...@thinkage.ca (Peter Fraser), 2013.06.10 (Mon) 19:52 (CEST): I am trying set up HylaFax and for a simple test I ran sendfax -d 5198951860 ~/.profile results in: /usr/local/sbin/textfmt: No font metric information found for Courier-Bold. Usage: /usr/local/sbin/textfmt [-1] [-2] [-B] [-c] [-D] [-f fontname] [-F fontdir(s)] [-m N] [-o #] [-p #] [-r] [-U] [-Ml=#,r=#,t=#,b=#] [-V #] files... out.ps Default options: -f Courier -1 -p 11bp -o 0 Error converting document; command was /usr/local/sbin/textfmt -B -f Courier-Bold-Ml=0.4in -p 11 -s default '/tmp//sndfaxYXDutu' '/home/pjf/.profile' The error is a result of textfmt failing A simple use of textfmt A simple use of textfmt /local/sbin/textfmt ~/.profile Gives the error Font metrics file not found: .afmFont Courier: /usr/local/share/ghostscript/fonts/fonts.dir/.afm: Can not open font metrics file; using fixed widths. I assume the error is caused by a misconfigured hyla.conf located at /usr/local/libdata/hylafax/etc/hyla.conf which I currently have as FontMap:/usr/local/share/ghostscript/fonts/fonts.alias:/usr/local/shar e/ghostscript/fonts/fonts.alias-gs FontPath:/usr/local/share/ghostscript/fonts/fonts.dir TextFont:Courier I have tried all sorts of variations in hyla.conf but so far none has worked. Can anyone give me some hints in what to try next. PS Other problems that I have had. These are not resolved but I haven't worked that hard on them yet I first tried with t38modem, compiling it with the 323 Plus Library. Every time I tried to run it, my system locked up and I had to use the reset button. Since the machine I was working on is a car trip away. I didn't try hard to debug the problem. I switched to IAXmodem which doesn't lockup the machine, and I am in the process of trying to Configuring HylaFax. To set up HylaFax you run faxsetup Which gives the following dialog, asking a log of questions I am not sure of the correct answer. Eventually I get stuck at the question This modem looks to have support for Class 1.0 and 1. How should it be configured [1.0]? There seems to be no correct answer. The whole dialog follows. faxsetup Setup program for HylaFAX (tm) 6.0.6. Created for i386-unknown-openbsd5.3 on Tue Feb 26 08:12:39 MST 2013. Reading cached parameters from /var/spool/hylafax/etc/setup.cache. Found base64 encoder: /usr/local/bin/mimencode Found Quoted-Printable encoder: /usr/local/bin/mimencode -q Found mimencode for compatibilty: /usr/local/bin/mimencode Checking system for proper client configuration. Checking system for proper server configuration. Warning: /bin/vgetty does not exist or is not an executable program! The file: /bin/vgetty does not exist or this file is not an executable program. The HylaFAX software optionally uses this program and the fact that it does not exist on the system is not a fatal error. If the program resides in a different location and you do not want to install a symbolic link for /bin/vgetty that points to your program then you must reconfigure and rebuild HylaFAX from source code. Warning: /bin/egetty does not exist or is not an executable program! The file: /bin/egetty does not exist or this file is not an executable program. The HylaFAX software optionally uses this program and the fact that it does not exist on the system is not a fatal error. If the program resides in a different location and you do not want to install a symbolic link for /bin/egetty that points to your program then you must reconfigure and rebuild HylaFAX from source code. Searching for a default font. Generating Fontmap /usr/local/libdata/hylafax/etc/Fontmap.HylaFAX. Searching for a default font. Searching for a default font. Searching for a default font. Found n022003l to use as default font. Setting font configuration in /usr/local/libdata/hylafax/etc/hyla.conf. Make /var/spool/hylafax/bin/ps2fax a link to /var/spool/hylafax/bin/ps2fax.gs. Make /var/spool/hylafax/bin
hylafax, sendfax, txtfmt
I am trying set up HylaFax and for a simple test I ran sendfax -d 5198951860 ~/.profile results in: /usr/local/sbin/textfmt: No font metric information found for Courier-Bold. Usage: /usr/local/sbin/textfmt [-1] [-2] [-B] [-c] [-D] [-f fontname] [-F fontdir(s)] [-m N] [-o #] [-p #] [-r] [-U] [-Ml=#,r=#,t=#,b=#] [-V #] files... out.ps Default options: -f Courier -1 -p 11bp -o 0 Error converting document; command was /usr/local/sbin/textfmt -B -f Courier-Bold -Ml=0.4in -p 11 -s default '/tmp//sndfaxYXDutu' '/home/pjf/.profile' The error is a result of textfmt failing A simple use of textfmt A simple use of textfmt /local/sbin/textfmt ~/.profile Gives the error Font metrics file not found: .afmFont Courier: /usr/local/share/ghostscript/fonts/fonts.dir/.afm: Can not open font metrics file; using fixed widths. I assume the error is caused by a misconfigured hyla.conf located at /usr/local/libdata/hylafax/etc/hyla.conf which I currently have as FontMap:/usr/local/share/ghostscript/fonts/fonts.alias:/usr/local/share/ghostscript/fonts/fonts.alias-gs FontPath:/usr/local/share/ghostscript/fonts/fonts.dir TextFont:Courier I have tried all sorts of variations in hyla.conf but so far none has worked. Can anyone give me some hints in what to try next. PS Other problems that I have had. These are not resolved but I haven't worked that hard on them yet I first tried with t38modem, compiling it with the 323 Plus Library. Every time I tried to run it, my system locked up and I had to use the reset button. Since the machine I was working on is a car trip away. I didn't try hard to debug the problem. I switched to IAXmodem which doesn't lockup the machine, and I am in the process of trying to Configuring HylaFax. To set up HylaFax you run faxsetup Which gives the following dialog, asking a log of questions I am not sure of the correct answer. Eventually I get stuck at the question This modem looks to have support for Class 1.0 and 1. How should it be configured [1.0]? There seems to be no correct answer. The whole dialog follows. faxsetup Setup program for HylaFAX (tm) 6.0.6. Created for i386-unknown-openbsd5.3 on Tue Feb 26 08:12:39 MST 2013. Reading cached parameters from /var/spool/hylafax/etc/setup.cache. Found base64 encoder: /usr/local/bin/mimencode Found Quoted-Printable encoder: /usr/local/bin/mimencode -q Found mimencode for compatibilty: /usr/local/bin/mimencode Checking system for proper client configuration. Checking system for proper server configuration. Warning: /bin/vgetty does not exist or is not an executable program! The file: /bin/vgetty does not exist or this file is not an executable program. The HylaFAX software optionally uses this program and the fact that it does not exist on the system is not a fatal error. If the program resides in a different location and you do not want to install a symbolic link for /bin/vgetty that points to your program then you must reconfigure and rebuild HylaFAX from source code. Warning: /bin/egetty does not exist or is not an executable program! The file: /bin/egetty does not exist or this file is not an executable program. The HylaFAX software optionally uses this program and the fact that it does not exist on the system is not a fatal error. If the program resides in a different location and you do not want to install a symbolic link for /bin/egetty that points to your program then you must reconfigure and rebuild HylaFAX from source code. Searching for a default font. Generating Fontmap /usr/local/libdata/hylafax/etc/Fontmap.HylaFAX. Searching for a default font. Searching for a default font. Searching for a default font. Found n022003l to use as default font. Setting font configuration in /usr/local/libdata/hylafax/etc/hyla.conf. Make /var/spool/hylafax/bin/ps2fax a link to /var/spool/hylafax/bin/ps2fax.gs. Make /var/spool/hylafax/bin/pdf2fax a link to /var/spool/hylafax/bin/pdf2fax.gs. Update /var/spool/hylafax/status/any.info. HylaFAX configuration parameters are: [1] Init script starts faxq:yes [2] Init script starts hfaxdyes [3] Start paging protocol: no Are these ok [yes]? Beware, I am guessing the tty naming conventions for your system. Modem support functions written to /var/spool/hylafax/etc/setup.modem. Configuration parameters written to /var/spool/hylafax/etc/setup.cache. Restarting HylaFAX server processes. You seem to be running FlexFAX (there are faxd processes). Is it ok to terminate these processes (4499) [yes]? Sent a SIGTERM to processes 4499. You have a HylaFAX scheduler process running. faxq will be restarted shortly, as soon as some other work has been completed. Can I terminate this faxq process (6231) [yes]? Should I restart the HylaFAX server processes [yes]? /usr/local/sbin/faxq You do not appear to have any modems configured for use. Modems are configured for use
Re: Disable inteldrm
On 2013 Jun 06 (Thu) at 21:06:02 -0300 (-0300), Daniel Bolgheroni wrote: :On Thu, Jun 06, 2013 at 02:37:54PM +0200, Gregor Best wrote: : : Just for the record, that URL links to a post about IPSEC. I'm quite : confident you meant another post :) : :Sorry. This is the thread: : :http://marc.info/?l=openbsd-miscm=136689079009585w=2 : : Might I ask why you want to disable inteldrm? A bug report that leads to : an actual fix for your problem might be more useful than sidestepping : the issue. : :I explained in the link above (now the correct one). : :The hardware is pretty generic, and only one person signaled to have the :same issue, so I thought it was pretty specific to my configuration. : :Thank you. : Update, and report again if it is still happening with a brand new snapshot. Many things have changed there since April. We'd need a new dmesg and Xorg.0.log. -- Stop searching. Happiness is right next to you. Now, if they'd only take a bath ...
Re: Why is there no pkg_find(1)?
On 2013 Jun 07 (Fri) at 09:59:43 + (+), openda...@hushmail.com wrote: :There's [cut]/pkg_find.html -- what do you guys think of that? You can really tell that the author of that script has no idea what they are doing. It won't run without a 3rd party package, and requires a second 3rd party package to bootstrap itself. -- Cloning is the sincerest form of flattery.
A type in the man page for re_format
[[::]] Anchors the single character regular expression or subexpression immediately following it to the end of a word. Should say [[::]] Anchors the single character regular expression or subexpression immediately preceding it to the end of a word.
Re: ALTQ(32bit)
On Mon, Jun 03, 2013 at 03:34:47PM +0200, emigrant wrote: Hi ALTQ can't use 10Gb NIC? altq support max 4,3Gb bandwidth, because altq is a 32bit. It's true? ALTQ is old code (perhaps move obviously so to German speakers than others ;)), a replacement is in the pipeline but not immediately ready, unfortunately. http://bsdly.blogspot.ca/2011/07/anticipating-post-altq-world.html gives some background, diffs are being tested by various people now, and the commit of the new queueing system *must* be moving closer by the minute. But no definite ETA just yet. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: init disappeared on my OpenBSD VPS
at pms0 mux 0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: density unknown fd1 at fdc0 drive 1: density unknown usb0 at uhci0: USB revision 1.0 uhub0 at usb0 Intel UHCI root hub rev 1.00/1.00 addr 1 mtrr: Pentium Pro MTRR support nvram: invalid checksum vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets root on wd0a swap on wd0b dump on wd0b clock: unknown CMOS layout exec /sbin/init: error 8 init: not found panic: no init Stopped at Debugger+0x4: popl%ebp RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! ddb trace Debugger(d08fd27c,f53b6f18,d08d83d7,f53b6f18,d09e6f94) at Debugger+0x4 panic(d08d83d7,f53b6f58,f53b6f64,0,) at panic+0x5d start_init(d658c000) at start_init+0x251 Bad frame pointer: 0xd0bc9ea8 ddb ps PID PPID PGRPUID S FLAGS WAIT COMMAND 15 0 0 0 30x100200 aiodoned aiodoned 14 0 0 0 30x100200 syncerupdate 13 0 0 0 30x100200 cleaner cleaner 12 0 0 0 30x100200 reaperreaper 11 0 0 0 30x100200 pgdaemon pagedaemon 10 0 0 0 30x100200 bored crypto 9 0 0 0 30x100200 pftm pfpurge 8 0 0 0 30x100200 usbtskusbtask 7 0 0 0 30x100200 usbatsk usbatsk 6 0 0 0 30x100200 bored viomb 5 0 0 0 30x100200 acpi0 acpi0 4 0 0 0 30x100200 bored syswq 3 0 0 0 3 0x40100200idle0 2 0 0 0 30x100200 kmalloc kmthread *1 0 0 0 7 0swapper 0 -1 0 0 3 0x200 scheduler swapper I'm really not sure how this can happen, it's like init vanished. Hi, I'm guessing you got an amd64 userland and an i386 kernel. Your bootloader seems to think it's amd64, yet your kernel says it's i386. Error 8 is ENOEXEC, go do a man errno to read what it says. Best to probably go back to bsd.rd and copy the amd64 kernel to /bsd, is my best advice. -peter
how long should CD orders take?
I ordered my CD through a german bookstore that is listed at www.openbsd.org/orders.html. Only it's now the 21st of May and my computers have all been upgraded via FTP around the 1st of May. And I still have no CD (and no stickers). Last year they were slow as well, which leads me to believe that the store is sloppy in its orders. Can someone confirm that the CD's have all been sent out from Calgary? It's really a shame that I must use resources of OpenBSD when not needed, my order went in around the end of March 2013 and there was lots of time to deliver this as a pre-order. -peter
Re: how long should CD orders take?
On 05/21/13 19:31, noah pugsley wrote: On Tue, May 21, 2013 at 10:26 AM, Peter J. Philipp p...@centroid.eu mailto:p...@centroid.eu wrote: I ordered my CD through a german bookstore that is listed at www.openbsd.org/orders.html http://www.openbsd.org/orders.html. Only it's now the 21st of May and my computers have all been upgraded via FTP around the 1st of May. And I still have no CD (and no stickers). Last year they were slow as well, which leads me to believe that the store is sloppy in its orders. Can someone confirm that the CD's have all been sent out from Calgary? It's really a shame that I must use resources of OpenBSD when not needed, my order went in around the end of March 2013 and there was lots of time to deliver this as a pre-order. -peter What does the bookstore say the problem is? I just mailed them before this. Since it's 7:30PM I think they won't reply until tomorrow morning. -peter
Re: Performance limits with OpenBSD, ToE, offloading, Intel ET2 cards
On 2013 May 15 (Wed) at 10:29:24 +0100 (+0100), andy wrote: :I have tunned the boxes as much as possible using information from :calomel XXX etc and overall we have been extremely happy with them, expect :for the performance limits. Do Not Use Any Information From This Site(tm). It is wrong and bad. :Can you please tell me when ToE support will be added for the Intel series Never. There are many security issues with running ToE, and we do need the per-packet information for the session tracking in PF. -- Left to themselves, things tend to go from bad to worse.
Re: Performance limits with OpenBSD, ToE, offloading, Intel ET2 cards
On 2013 May 15 (Wed) at 10:29:24 +0100 (+0100), andy wrote: :I run 12 OpenBSD firewalls, and I have an issue on my highest throughput :boxes. I have HP DL160 G6 boxes with Intel ET2 4 port NIC's. :I have a problem where I cannot run traffic any faster than ~700Mbit as I :am hitting 100% utilisation on the first core due to the giant big lock :trying to process the MSI interrupts. For performance, you can try running the UP kernel, or upgrading the underlying server. For firewall performance, the memory speed is one of the most important aspects. Single CPU GHz, QPI, etc, etc. Make sure to disable pool_debug: kern.pool_debug=0 From memory, the performance you are describing is around the maximum that a DL160 can handle. The DL360s will give you far better pps performance. As you have seen, there is some work being done to improve the speed of network processing, but this is taking some time. -- Never underestimate the power of a small tactical nuclear weapon.
inotify for BSD?
Hi, This is a question for devs really. An inotify for BSD would be useful for me. The URL for inotify explanation is at wikipedia: http://en.wikipedia.org/wiki/Inotify , would you say something like this being added to /sys/kern/vfs_vops.c would be the right place for it? If it's finished would something like this be included in OpenBSD, or would one have to maintain external patches across releases? Thanks, -peter
Re: inotify for BSD?
On 05/15/13 13:41, Jérémie Courrèges-Anglas wrote: Doesn't kqueue() fit your needs? Thank you for your reply, I've never used kqueue before, does this only report events on descriptors that have been opened? I'm wondering if an implementation is done to recurseively watch directories in inotify (as written about in the limitations), then it would require a lot less filedescriptors even for kqueue correct? And thus make monitoring a filesystem's events a lot more efficient? -peter
Re: inotify for BSD?
On 05/15/13 14:20, Jérémie Courrèges-Anglas wrote: Peter J. Philipp p...@centroid.eu writes: On 05/15/13 13:41, Jérémie Courrèges-Anglas wrote: Doesn't kqueue() fit your needs? Thank you for your reply, I've never used kqueue before, does this only report events on descriptors that have been opened? I think so. Ok, hmm. My box has 162,000 directories as found with a find / -type d -print | wc -l, I'd like to monitor the entire tree and I don't want to open 162,000 descriptors to see if someone opened a file in some remote corner of my system. Do you think kqueue can be reworked to look at entire directory trees? I'm almost a believer in what it can do now that you pointed it out to me and I read the manpage a little. I just know too little about it to judge whether the code allows modifications to look at entire directory trees. I'm wondering if an implementation is done to recurseively watch directories in inotify (as written about in the limitations), then it would require a lot less filedescriptors even for kqueue correct? And thus make monitoring a filesystem's events a lot more efficient? As is, kqueue() won't monitor a directory tree recursively. But there are examples of kqueue() use; see for example the sysutils/gamin ports (also devel/glib2 uses it for GIOs, I think). Thanks, I'll take a look. -peter
Re: Failure to upgrade 5.2 to 5.3 with softraid
On 05/15/13 15:56, tichodr...@free.fr wrote: Hello everyone. I failed to upgrade my server from 5.2 to 5.3, probably because of a bad answer to the 'Root filesystem?' question. Setup: - HP ProLiant MicroServer N40L server, amd64, GENERIC kernel - Two disks (sd0, sd1) in softraid (sd2) - I followed the 'Upgrading by install kernel' process, with the 5.3 version of bsd.rd which I placed in /. - at the 'Root filesystem? [sd0]' question, instead of accepting the first physical disk detected, I answered 'sd2', thinking that I shouldn't indicate a particular disk among the two physical ones. I followed a similar advice found on a couple of blog pages [1, 2]. Hi, I upgraded a system with a softraid from 5.2 to 5.3 where the softraid consisted of wd0 and wd1 and the softraid was sd0, I chose sd0 here. Result: - At the end of the upgrade process, following message : Failed to install bootblocks. You will not be able to boot OpenBSD from sd2 When I got that message I did not reboot but went into /dev and did sh MAKEDEV wd1 which was missing, in your case you likely had missing /dev/[r]sd1* perhaps? I then repeated the install process but instead of installing the tarballs I typed done and it then wrote a bootblock to both wd0 and wd1 and was nice after. I could reboot and everything went well. - Indeed, can't boot anymore, boot process stalled with the following message: Using drive 0, partition 3 Loading... - Powered off the server. Questions : - did I break things irremediably, hense will have to reinstall everything from scratch and backups? - alternatively, should I try something else like removing one disk or the other, then try to rebuild the RAID? I don't think you did anything bad. You just need to go back to the bsd.rd and escape to shell with S then cd /dev; sh MAKEDEV sd1 sd2 and exit the shell, then install on sd2, you can skip installing like I did by going directly to done because you did it before. That's my theory, practice always is different, why don't you give it a try? Thanks in advance. I must confess that the first softraid building and 5.2 install was a real pain for me, and I still do not fully grasp softraid, and the way it may interact with the upgrade process. I don't fully grasp it either I don't think, but I sticked to my installation guide found online somewhere and it worked out so far. I guess I'm lucky. I wish you luck too! -peter Olivier Debre Refs. [1] http://spiritedblowfish.wordpress.com/2012/07/19/installing-openbsd-5-1-amd64-using-softraid/ [2] http://blog.cochard.me/2012/03/openbsd-51-installation-on-sofraid4.html
Re: out-of-order TCP
On Tue, May 14, 2013 at 4:55 AM, Stuart Henderson s...@spacehopper.org wrote: Anyone have any ideas about how to improve TCP performance with huge numbers of out-of-order packets? 62653661 packets received 25373283 acks (for 43239433893 bytes) 2225419 duplicate acks 20139430 packets (21139432159 bytes) received in-sequence 989606 completely duplicate packets (299125194 bytes) 51753 old duplicate packets 362 packets with some duplicate data (144255 bytes duplicated) 15927761 out-of-order packets (19170915512 bytes) 28812 packets (28812 bytes) of data after window 28812 window probes 259673 window update packets 38231 packets received after close 21 discarded for bad checksums 26790492 packets hardware-checksummed Hi Stuart, Out of curiosity, what kind of link are you getting this on? What kind of hardware? I ask because I had something similar with a few of my Debian boxes. The problem was related to non-pegged interrupts on the E5-2600 Xeons. Cheers, --peter
Re: Asterisk Music on Hold
I will admit that sometimes I am stupid. The URL does stream. It plays quite happily with VLC on a Windows Box. None of my OpenBSD boxed have audio (or more likely audio drivers) on them. So I had nothing to test with. -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Shawn K. Quinn Sent: Tuesday, May 14, 2013 3:22 PM To: misc@openbsd.org Subject: Re: Asterisk Music on Hold On Tue, 2013-05-14 at 19:04 +, Peter Fraser wrote: Does anyone know how to use CBC streaming music for music on hold for Asterisk. I tried the obvious in musiconhold.conf (after installing mpg123) [mp3stream] mode=custom format=SLIN directory=/usr/local/share/asterisk/moh-empty application=/usr/local/bin/mpg123 -q -r 8000 -f 8192 -s --mono http://playerservices.streamtheworld.com/pls/CBC_BAROQU_H.pls I can't even get this URL or the URLs in the playlist to work properly in an actual music player (mpg123 and Banshee on Ubuntu). If I were you, I would first make sure the stream you are using is actually playable somewhere before fooling with Asterisk. -- Shawn K. Quinn skqu...@rushpost.com
Re: out-of-order TCP
On Wed, May 15, 2013 at 2:25 PM, Stuart Henderson s...@spacehopper.org wrote: Two pairs of per-packet load balanced (slow) ADSLs, round robinning connections between the pairs to avoid *too* many problems. Thanks. Than my case was very different and would not apply here. Sorry. Maybe I am missing something but how come there are so many out of order packets?
Asterisk Music on Hold
Does anyone know how to use CBC streaming music for music on hold for Asterisk. I tried the obvious in musiconhold.conf (after installing mpg123) [mp3stream] mode=custom format=SLIN directory=/usr/local/share/asterisk/moh-empty application=/usr/local/bin/mpg123 -q -r 8000 -f 8192 -s --mono http://playerservices.streamtheworld.com/pls/CBC_BAROQU_H.pls and my Asterisk system died (it was live and in use, whoops), put back the old default and restarted I wanted to give people the ability to use phone more than I wanted to analysis the problem. I did play with calling /usr/local/bin/mpg123 -r 8000 -f 8192 -s --mono http://playerservices.streamtheworld.com/pls/CBC_BAROQU_H.pls directly and it complained about the -@ option and lack of audio on the machine.
Re: Thinkpad X230t convertible and openbsd
On 2013 May 08 (Wed) at 11:07:31 +0100 (+0100), Edd Barrett wrote: :misc/tpwireless ;) does *not* work on the x230 and related newer thinkpads. -- The herd instinct among economists makes sheep look like independent thinkers.
Re: ML 310 G8
HP usually includes 3 years next-business-day, but you can contact them for faster response times. On 2013 May 05 (Sun) at 03:16:33 -0700 (-0700), Steve wrote: :Hi, : :Is anyone running 5.3 on one of these. : :Just hoping to get an an idea of :support before we purchase. : :Thanks : -- Whistler's Law: You never know who is right, but you always know who is in charge.
Re: OT: term hackathon trademarked in Germany
A bit late to the party, but here's my take on the situation - http://bsdly.blogspot.ca/2013/05/the-term-hackathon-has-been-trademarked.html - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.