Re: Dell PowerEdge 1950 III / R200
Great, thanks for the info. This is my first time to get a rackmount server, and I just wanna make sure it is supported by OpenBSD ;) As Juan Miscaro described on Wed, Jan 30, 2008 at 02:48:19PM -0500: --- Reza Muhammad [EMAIL PROTECTED] wrote: Hi all, I'm looking to buy a server that supports OpenBSD and I'm looking at either Dell PowerEdge 1950 III or Dell PowerEdge R200. I noticed Marco (marco@)'s message about Dell PERC 6i that exists on PowerEdge 1950 III and R2000. But, if I'm not going to use RAID and only use Serial ATA hard drive, would I be able to install OpenBSD on it? I just did a test install of a new PowerEdge R200 [1]. 4.2 Release would not install on it. I achieved an install only with a very recent snapshot (28-01-08). So far, everything is working. I do not have any RAID card but one that can be purchased with the R200, the LSI/SAS5iR, is listed as supported by mpi [2] on the i386 page. [1] http://www.nycbug.org/?NAV=dmesgd;f_dmesg=;f_bsd=;f_nick=;f_descr=;dmesgid=1929#1929 [2] http://www.openbsd.org/cgi-bin/man.cgi?query=mpiarch=i386sektion=4 /juan Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail. Click on Options in Mail and switch to New Mail today or register for free at http://mail.yahoo.ca
Dell PowerEdge 1950 III / R200
Hi all, I'm looking to buy a server that supports OpenBSD and I'm looking at either Dell PowerEdge 1950 III or Dell PowerEdge R200. I noticed Marco (marco@)'s message about Dell PERC 6i that exists on PowerEdge 1950 III and R2000. But, if I'm not going to use RAID and only use Serial ATA hard drive, would I be able to install OpenBSD on it? Also, what about the network card? I noticed on http://www.openbsd.org/i386.html Intel Pro 1000PT is not supported, but Broadcom NetXtreme 5708 is. On the OpenBSD page, it listed that the Broadcom 5708 is supported through PCI, but the one that's sold on Dell is using PCIe. Does OpenBSD support this? Or should I buy from another brand, that fully supports OpenBSD? Is there any recommendations? I'm planning to buy a few servers for Gateway, Web, Mail, and LDAP authentication. Thanks in advance ;) -Reza
Re: looking for openbsd friendly server vendor
anyone knows about IBM xSeries 3550? I checked on http://www.openbsd.org/i386.html and I saw that IBM xSeries 3550 were listed a few times. I am also looking to buy a U1 server, and I'm looking at either IBM xSeries 3550 or a Dell PowerEdge 1950. Anyone has any experience with these machines? As Allie Daneman described on Sun, Jan 27, 2008 at 12:43:41PM -0800: Netra T1 (like a 105) or a Dell...the Netras are cheap on Ebay. Lord Sporkton wrote: Im about to buy a small server, mostly for personal use looking for a 1u was hoping to find some vendors that are openbsd friendly if they offer more than just i386 that is a plus as im investigating other archs as a possiblilty, any suggestions welcome this server will be doing mostly webhosting, dns, mail, small firewalling, and a vpn or 2 thanks
Installing the latest snapshot freezes on i386
Hi all, I just recently purchased a brand new HP Pavilion G3035L Desktop PC (spec: http://www.anugrahpratama.com/product/21/1092/HP-Pavilion-G3035L-Desktop-PC). It's using Intel Core Duo processor. I tried to install OpenBSD's latest snapshot to this machine last night. The thing is it freezes and it wouldn't install. Here's the messages I got from my screen: pcibios0 at bios0: rev 3.0 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf5590/192 (10 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801GH LPC rev 0x00) pcibios0: PCI bus #2 is the last bus bios0: ROM list: 0xc/0xae00! cpu0 at mainbus0 pci0 at mainbus0 bus0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82945GP rev 0x02: rng active, 800Kb/sec vga1 at pci0 dev 2 function 0 Intel 82945G Video rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) Intel 82801GB HD Audio rev 0x01 at pci0 dev 27 function 0 not configured ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01 pci1 at ppb0 bus 1 re0 at pci1 dev 0 function 0 Realtek 8101E rev 0x01: RTL8101E (0x3400), irq 19, address 00:1b:b9:85:6c:b8 rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev 1 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: irq 11 uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: irq 5 uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: irq 3 uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: irq 10 ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: irq 11 ehci0: timed out waiting for BIOS usb0 at ehci0: USB revision 2.0 Does anyone know what the problem is? Are some of the hardware aren't supported by OpenBSD? What should I do so this machine can run OpenBSD? Thanks for the help. I appreciate it. -Reza Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: Internet slowdown when pf is enabled? Running on i386 -current
thanks alot. I've created a new rulesets for my pf.conf, and it improves so much. :) On Thu, 27 Sep 2007 06:04:49 +0100, Stuart Henderson [EMAIL PROTECTED] wrote: On 2007/09/27 11:51, Reza Muhammad wrote: On Wed, 26 Sep 2007 11:37:28 -0700, Can E. Acar [EMAIL PROTECTED] wrote: Reza Muhammad wrote: ... also There is a lot of external broadcast traffic they are probably the cause of the large number of state insertions/deletions. They are either a badly designed p2p/broadcast/whatever protocol, or the result of the worm/malware of the month. Can you add block drop in quick on sis0 all at the start of your ruleset? This way the external traffic does not create states at all. Can Actually I've been noticing that my ISP has been broadcasting a lot of things since I've been using them. For example, I would get this type of message in /var/log/message all the time: Sep 27 10:10:25 blowfish /bsd: arp: attempt to overwrite entry for 192.168.1.1 on lo0 by 00:02:6f:3e:14:59 on sis0 Anyway, about the ruleset, since I'm also running a web server, and mail server on this box, I shouldn't use block quick right? Ok, in that case, block in on sis0 pass in on sis0 to port {http, smtp} etc.
Re: Internet slowdown when pf is enabled? Running on i386 -current
I know it's weird that's why I posted this in the first place :P anyway, the OpenBSD gateway is running web server (apache+php), and mail server (postfix+dovecot). The thing is, it doesn't seem there are alot of connections from those daemons. and like i said before, if i tried to connect to the Internet directly from my laptop, the connection is fine. Would a tcpdump log be any helpful at this point? Thanks for replying though. On Wed, 26 Sep 2007 15:55:21 +0200, knitti [EMAIL PROTECTED] wrote: On 9/22/07, Reza Muhammad [EMAIL PROTECTED] wrote: I'm having a problem with my Internet connection in my home network. I noticed that my Internet connection has been very slow since I upgraded to -current a week ago. First, I thought it was just my ISP problem. Then, I tried to connect to the Internet directly from my laptop, it worked fine. I noticed that the Internet is slowing down when pf is enabled. I changed my pf.conf to only do nat, and scrub incoming packets, but it is still slow. State Table Total Rate current entries 698 searches 448763619511.5/s inserts 280924 1221.4/s removals 280226 1218.4/s I don't know what kind of traffic you have on your box, but these numbers look strange. I see on various firewalls between 0.1 and 5% of that with some simple rulesets and NAT. These are DSL links, both asymmetric and symmetric. If you are really only doing NAT, something is strange. greetings, knitti
Re: Internet slowdown when pf is enabled? Running on i386 -current
Here's the log: 10:12:28.738263 UPD ST: all 6 122.200.52.134:22 - 125.160.128.35:60387 ESTABLISHED:ESTABLISHED [1381080430 + 65535] wscale 0 [3262031687 + 17040] wscale 0 age 3812101632:33:20, expires in 00:00:00, 482:293 pkts, 38584:35992 bytes id: 46facdc5804b creatorid: 2a435432 updates: 3 10:12:28.902894 INS ST: all 17 255.255.255.255:5678 - 122.200.54.146:5678 NO_TRAFFIC:SINGLE age 00:00:00, expires in 00:00:00, 0:0 pkts, 0:0 bytes, rule 13 id: 46facdc581a9 creatorid: 257e0ae9 10:12:29.458559 UPD ST: all 17 255.255.255.255:3259 - 122.200.50.65:1129 NO_TRAFFIC:SINGLE age 3571779072:45:52, expires in 00:00:00, 5:0 pkts, 270:0 bytes, rule 13 id: 46facdc580f5 creatorid: 257e0ae9 updates: 0 10:12:29.648865 INS ST: all 17 255.255.255.255:5678 - 192.168.140.248:5678 NO_TRAFFIC:SINGLE age 00:00:00, expires in 00:00:00, 0:0 pkts, 0:0 bytes, rule 13 id: 46facdc581aa creatorid: 257e0ae9 all 17 255.255.255.255:5678 - 192.168.125.120:5678 NO_TRAFFIC:SINGLE age 00:00:00, expires in 00:00:00, 0:0 pkts, 0:0 bytes, rule 13 id: 46facdc581ab creatorid: 257e0ae9 10:12:30.173882 UPD ST: all 17 239.255.255.250:1900 - 192.168.0.1:1900 NO_TRAFFIC:SINGLE age 494275328:34:56, expires in 00:00:00, 7181:0 pkts, 2279289:0 bytes id: 46facdc537f4 creatorid: 2a435432 updates: 12 10:12:30.173947 DEL ST: all 6 122.200.52.134:80 - 125.160.128.35:49548 FIN_WAIT_2:FIN_WAIT_2 [2274342568 + 65535] wscale 0 [2570619505 + 17040] wscale 0 age 1024067328:26:24, expires in 00:00:00, 6:5 pkts, 1653:645 bytes, rule 15 id: 46facdc580f6 creatorid: 257e0ae9 all 17 255.255.255.255:5678 - 192.168.157.58:5678 NO_TRAFFIC:SINGLE age 1024067328:26:24, expires in 00:00:00, 2:0 pkts, 230:0 bytes, rule 13 id: 46facdc580f8 creatorid: 257e0ae9 all 17 255.255.255.255:5678 - 192.168.93.10:5678 NO_TRAFFIC:SINGLE age 167249408:06:08, expires in 00:00:00, 2:0 pkts, 224:0 bytes, rule 13 id: 46facdc580f9 creatorid: 257e0ae9 all 17 255.255.255.255:5678 - 192.168.157.52:5678 NO_TRAFFIC:SINGLE age 167249408:06:08, expires in 00:00:00, 2:0 pkts, 210:0 bytes, rule 13 id: 46facdc580fa creatorid: 257e0ae9 10:12:30.173983 DEL ST: all 17 122.200.51.255:138 - 122.200.51.219:138 NO_TRAFFIC:SINGLE age 60622336:24:48, expires in 00:00:00, 2:0 pkts, 471:0 bytes, rule 13 id: 46facdc580fe creatorid: 257e0ae9 all 17 255.255.255.255:5678 - 192.168.157.74:5678 NO_TRAFFIC:SINGLE age 60622336:24:48, expires in 00:00:00, 2:0 pkts, 230:0 bytes, rule 13 id: 46facdc580ff creatorid: 257e0ae9 and there's still more. I noticed that the traffic coming in from 192.168.*.* aren't from my local network. On Wed, 26 Sep 2007 17:19:05 +0100, Stuart Henderson [EMAIL PROTECTED] wrote: On 2007/09/26 22:32, Reza Muhammad wrote: Would a tcpdump log be any helpful at this point? maybe; try ifconfig pfsync0 create and tcpdump -nipfsync0 -vvs1000 inserts 280924 1221.4/s removals 280226 1218.4/s expect it to scroll pretty damn fast...
Re: Internet slowdown when pf is enabled? Running on i386 -current
On Wed, 26 Sep 2007 11:37:28 -0700, Can E. Acar [EMAIL PROTECTED] wrote: Reza Muhammad wrote: ... also There is a lot of external broadcast traffic they are probably the cause of the large number of state insertions/deletions. They are either a badly designed p2p/broadcast/whatever protocol, or the result of the worm/malware of the month. Can you add block drop in quick on sis0 all at the start of your ruleset? This way the external traffic does not create states at all. Can Actually I've been noticing that my ISP has been broadcasting a lot of things since I've been using them. For example, I would get this type of message in /var/log/message all the time: Sep 27 10:10:25 blowfish /bsd: arp: attempt to overwrite entry for 192.168.1.1 on lo0 by 00:02:6f:3e:14:59 on sis0 Anyway, about the ruleset, since I'm also running a web server, and mail server on this box, I shouldn't use block quick right? Rather block in quick on sis0 all, then open up the ports that I need to use? Or am I missing the point? Thanks.
problem on setting up ntpd
Hi all, I was just trying to setup an ntpd server for my home network so it could sync with each other. So here's what I have in my /etc/ntpd.conf: # $OpenBSD: ntpd.conf,v 1.7 2004/07/20 17:38:35 henning Exp $ # sample ntpd configuration file, see ntpd.conf(5) # Addresses to listen on (ntpd does not listen by default) listen on 192.168.1.1 # sync to a single server #server ntp.example.org # use a random selection of 8 public stratum 2 servers # see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers servers asia.pool.ntp.org and here's the log from /var/log/daemon after I run the service: Apr 8 21:09:32 blowfish ntpd[14921]: listening on 192.168.1.1 Apr 8 21:09:32 blowfish ntpd[14921]: ntp engine ready Apr 8 21:09:51 blowfish ntpd[14921]: peer 203.123.49.3 now valid Apr 8 21:09:51 blowfish ntpd[14921]: peer 202.155.248.218 now valid Apr 8 21:09:51 blowfish ntpd[14921]: peer 61.129.66.79 now valid Apr 8 21:09:53 blowfish ntpd[14921]: peer 202.71.97.92 now valid Apr 8 21:09:53 blowfish ntpd[14921]: peer 60.56.119.79 now valid Apr 8 21:09:55 blowfish ntpd[14921]: peer 218.75.4.130 now valid Apr 8 21:09:56 blowfish ntpd[14921]: peer 61.129.90.164 now valid Even though it seems to be working, I still can't get the date to sync from clients. When I try to telnet to 192.168.1.1 on port 123, it says Connection Refused. But the daemon is running on the server: % ps auxw | grep ntpd root 24933 0.0 0.2 428 600 ?? Is 9:09PM0:00.00 ntpd: [priv] (ntpd) _ntp 14921 0.0 0.2 388 648 ?? S 9:09PM0:00.02 ntpd: ntp engine (ntpd) Can anyone pleae help me out? Thanks in advance.
Re: PF keep state does'nt like Mandriva2007
--- Stuart Henderson [EMAIL PROTECTED] wrote: On 2007/01/28 19:56, Reza Muhammad wrote: and few new install Mandriva2007 (linux kernel) that couldn not browse the web (the other protocol work OK) if the rules keep state in PF machine is activated. use 'flags S/SA keep state' thanks for nice replay.. but it still doesnt work. I believe that problem in mandriva2007 hosts rather than PF. regards reza Reza Need a quick answer? Get one in minutes from people who know. Ask your question on www.Answers.yahoo.com
PF keep state does'nt like Mandriva2007
Dear Lists. I have one bridge PF machine for packet queue and prio, and few new install Mandriva2007 (linux kernel) that couldn not browse the web (the other protocol work OK) if the rules keep state in PF machine is activated. but the others hosts (WinXP, BSD, Mac, Others Linux) work fine. Why PF (OpenBSD-3.9) doesnt like Mandriva2007 Plese help regards Reza Never Miss an Email Stay connected with Yahoo! Mail on your mobile. Get started! http://mobile.yahoo.com/services?promote=mail
Re: 2 gateway in OBSD 4.0
--- Greg Thomas [EMAIL PROTECTED] wrote: On 1/23/07, sonjaya [EMAIL PROTECTED] wrote: Dear All Any posible way to using 2 gateway in n out without using routed protcol such as bgp/osf Because i have two connection to Internet basic diagram |-gw01---| internet | obsd 4.0 |---Lan |---gw02--| - 2 Ip public - 1 server obsd 4.0 with 3 Networkcard - 2 box gw I plan obsd 4.0 for : 1. ns server who have 2 ip public from 2 isp question iwant ask , how to set 2 gw without have bgp/osf access ? I'm surprised no one has asked this question before. Oh, wait, me checks the archives, oh, yeah, someone just discussed that scenario this week. http://www.openbsd.org/faq/pf/pools.html#outgoing Greg What about -mpath in route(8) ?? is it doing ok now in 4.0 ? regards Reza Bored stiff? Loosen up... Download and play hundreds of games for free on Yahoo! Games. http://games.yahoo.com/games/front
bridge very slow after RTSP update
Hey guys, Im having a problem with my bridge at home (running 4.0-current). I noticed that after the RTSP update on cvs, the bridge connection that transferring data in local network can only go up to 60 KB/s. I didn't change any of my settings though. Is this an expected behaviour? Btw, here's my bridge configuration: % cat /etc/bridgename.bridge0 add fxp0 add ral0 up % cat /etc/hostname.fxp0 inet 192.168.1.1 255.255.255.0 NONE % cat /etc/hostname.ral0 up media autoselect mediaopt hostap mode 11g nwid blowfish -nwkey chan 3 % brconfig bridge0: flags=41UP,RUNNING priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp ral0 flags=3LEARNING,DISCOVER port 3 ifpriority 0 ifcost 0 fxp0 flags=3LEARNING,DISCOVER port 2 ifpriority 0 ifcost 0 Addresses (max cache: 100, timeout: 240): 00:11:2f:39:51:ae fxp0 1 flags=0 Can someone point me out where my problem is? Thanks alot. -Reza Any questions? Get answers on any topic at www.Answers.yahoo.com. Try it now.
problem with bridging, cannot ping other hosts
Hi guys, I have an OpenBSD router at home and the clients are connected through a wired interface (fxp0) as well as wireless interface (ral0 running in HostAP mode). Previously, wired network has a different network then the wireless network, wired network has the address of 192.168.1.0/24 and the wireless network is on 192.168.2.0/24. The thing is, I've been trying to to put both interfaces in the same network (192.168.1.0/24). I tried using trunk with roundrobin between fxp0 and ral0 but it's so slow, and it misses some icmp_seq when I try to ping other hosts. So I tried bridge the connection instead. Here's the configuration I have: [EMAIL PROTECTED]:~% cat /etc/hostname.fxp0 inet 192.168.1.1 255.255.255.0 NONE description Local Network [EMAIL PROTECTED]:~% cat /etc/hostname.ral0 up media autoselect mediaopt hostap mode 11g nwid blowfish -nwkey chan 3 [EMAIL PROTECTED]:~% cat /etc/bridgename.bridge0 add fxp0 add ral0 up The connection seems to work. Both clients that are connecting from wired interfaces and wireless interface can get IP address (using DHCP) with the network address of 192.168.1.0/24. The clients can ping to the OpenBSD router, and the router can ping to all the clients. However, pinging to other clients wont work. Can anyone suggest me what I'm doing wrong? If the bridging works perfectly, any clients should be able to ping/communicate to other clients right? Btw I'm running OpenBSD 4.0-current on i386. Also, here's the output of brconfig: [EMAIL PROTECTED]:~% brconfig bridge0: flags=41UP,RUNNING Configuration: priority 32768 hellotime 2 fwddelay 15 maxage 20 Interfaces: ral0 flags=3LEARNING,DISCOVER port 3 ifpriority 128 ifcost 55 pass in on ral0 fxp0 flags=3LEARNING,DISCOVER port 2 ifpriority 128 ifcost 55 pass in on fxp0 Addresses (max cache: 100, timeout: 240): 00:11:2f:39:51:ae fxp0 1 flags=0 00:16:cb:05:d8:11 ral0 1 flags=0 Any help will be greatly appreciated. Thank you.
Re: problem with bridging, cannot ping other hosts
Actually I do. Clients are able to connect to the router, as well as the Internet (I use NAT). However, clients cannot communicate to other clients. For example, ip 192.168.1.2 (connected through wired interface) and ip 192.168.1.3 (connected through wireless interface) are the clients. When I tried to ping from 192.168.1.2 to 192.168.1.3, I ran tcpdump from 192.168.1.3, and I got: 20. 383217 00:11:2f:39:51:ae ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: arp who-has 192.168.1.3 tell 192.168.1.2 58 00:16:cb:05:d8:11 00:11:2f:39:51:ae, ethertype ARP (0x0806), length 42: arp reply 192.168.1.3 is-at 00:16:cb:05:d8:11 000513 00:11:2f:39:51:ae 00:16:cb:05:d8:11, ethertype IPv4 (0x0800), length 98: 192.168.1.2 192.168.1.3: ICMP echo request, id 23887, seq 1, length 64 42 00:16:cb:05:d8:11 00:11:2f:39:51:ae, ethertype IPv4 (0x0800), length 98: 192.168.1.3 192.168.1.2: ICMP echo reply, id 23887, seq 1, length 64 1. 006677 00:11:2f:39:51:ae 00:16:cb:05:d8:11, ethertype IPv4 (0x0800), length 98: 192.168.1.2 192.168.1.3: ICMP echo request, id 23887, seq 2, length 64 66 00:16:cb:05:d8:11 00:11:2f:39:51:ae, ethertype IPv4 (0x0800), length 98: 192.168.1.3 192.168.1.2: ICMP echo reply, id 23887, seq 2, length 64 05 00:11:2f:39:51:ae 00:16:cb:05:d8:11, ethertype IPv4 (0x0800), length 98: 192.168.1.2 192.168.1.3: ICMP echo request, id 23887, seq 3, length 64 66 00:16:cb:05:d8:11 00:11:2f:39:51:ae, ethertype IPv4 (0x0800), length 98: 192.168.1.3 192.168.1.2: ICMP echo reply, id 23887, seq 3, length 64 19 00:11:2f:39:51:ae 00:16:cb:05:d8:11, ethertype IPv4 (0x0800), length 98: 192.168.1.2 192.168.1.3: ICMP echo request, id 23887, seq 4, length 64 69 00:16:cb:05:d8:11 00:11:2f:39:51:ae, ethertype IPv4 (0x0800), length 98: 192.168.1.3 192.168.1.2: ICMP echo reply, id 23887, seq 4, length 64 1. 57 00:11:2f:39:51:ae 00:16:cb:05:d8:11, ethertype IPv4 (0x0800), length 98: 192.168.1.2 192.168.1.3: ICMP echo request, id 23887, seq 5, length 64 65 00:16:cb:05:d8:11 00:11:2f:39:51:ae, ethertype IPv4 (0x0800), length 98: 192.168.1.3 192.168.1.2: ICMP echo reply, id 23887, seq 5, length 64 It looks like there are requests and replies back and forth, but the output from 192.168.1.2 is: PING 192.168.1.3 (192.168.1.3) 56(84) bytes of data. --- 192.168.1.3 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4009ms Hope this gives more idea on the problem Thanks, Reza On Nov 22, 2006, at 9:47 PM, Michael wrote: You probably don't have IP forwarding activated. sysctl -w net.inet.ip.forwarding=1 To set it permanently edit /etc/sysctl.conf Michael
altq on 2 interface
Hi list.. My rule set still not working, as i'm expected to limit outgoing and incoming traffic pass to my pf machine act as an bridge . altq on xl1 bandwidth 100% cbq queue {int_out,dflt_out} queue int_out bandwidth 3Mb queue dflt_out bandwidth 16Kb cbq (default) altq on xl2 bandwidth 100% cbq queue {int_in,dflt_in} queue int_in bandwidth 3Mb queue dflt_in bandwidth 16Kb cbq (default) pass out log on xl1 from 172.16.0.228 to 202.57.14.1 keep state flags S/SA queue (int_out) pass out log on xl2 from 202.57.14.1 to 172.16.0.228 keep state flags S/SA queue (int_in) if i only enabled altq on in one interface only (xl1 or xl2) , traffic limitation that i want is can be done. Is there something that can be done with ALTQ and PF or my rule is bad ??? please. Reza __ Sponsored Link Talk more and pay less. Vonage can save you up to $300 a year on your phone bill. Sign up now. http://www.vonage.com/startsavingnow/
pf.conf + altq more problem..
Dear All. I start with the simple rule set in my pf bridge machine to limit bandwidth 3Mbps from my server on lan to internet and from internet to my server on lan my_server_on_lan=172.16.0.228 internet=202.x.x.x lan = 172.16.0.0/16 altq on xl1 bandwidth 100% cbq queue \ {int_out,dflt_out} queue int_out bandwidth 3Mb queue dflt_out bandwidth 16Kb cbq (default) altq on xl2 bandwidth 100% cbq queue {int_in,dflt_in} queue int_inbandwidth 3Mb queue dflt_in bandwidth 16Kb cbq (default) pass in on xl1 from any to $lan pass out on xl1 from $lan to any pass out on xl1 from $my_server_on_lan to $internet \ keep state queue (int_out) pass in on xl2 from $lan to any keep state pass out on xl2 from any to $lan keep state pass out on xl2 from $internet to $my_server_on_lan \ keep state queue (int_in) I have done some test with iperf with no luck. Is there something wrong with this rule set to acompilished my need ? Please help.. regards Reza Access over 1 million songs - Yahoo! Music Unlimited (http://music.yahoo.com/unlimited)
pf+altq problem
Dear list. My pf.conf not working. I have pf in bridge machine with xl2 to internet firewall and xl1 to internal switch. Bridging is ok. This my simple pf.conf me=172.16.0.228 altq on xl1 bandwidth 100% cbq queue {me,dflt} queue mebandwidth 8Kb queue dflt bandwidth 16Kb cbq (default) block log on {xl1,xl2} all pass out log on xl1 from $me to any keep state pass log on xl2 from $me to any keep state queue (me) This rule is match when i try to connect to iperf server # tcpdump -nett -i pflog0 | grep 172.16.0.228 tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: listening on pflog0, link-type PFLOG 1160655756.150048 rule 3/(match) pass in on xl2: 172.16.0.228.44405 128.6.231.102.5001: [|tcp] (DF) 1160655756.150059 rule 2/(match) pass out on xl1: 172.16.0.228.44405 128.6.231.102.5001: [|tcp] (DF) But iperf tell me that this connection is 24.4 Kbits/Sec. (more than 8Kbps) [EMAIL PROTECTED] beastie]# iperf -c lss.rutgers.edu Client connecting to lss.rutgers.edu, TCP port 5001 TCP window size: 16.0 KByte (default) [ 3] local 172.16.0.228 port 44408 connected with 128.6.231.102 port 5001 [ 3] 0.0-16.1 sec 48.0 KBytes 24.4 Kbits/sec I'm expecting that iperf report it equal with the bandwidth that i assign to (me) queue pipe. Is there any thing wrong or i missed something here ??? Please help me regards Reza Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
make build error on 3.9 (-current) i386
Hi guys, I was just updating my source tree through cvsup, and I've been following -current for a while. There hadn't been any problems before. But today, make build returned errors. The last time I cvsup'd was today around 10pm (GMT +7), and here's some of the log: Edit src/sys/arch/sparc/include/param.h Add delta 1.35 2006.02.28.18.24.18 miod Edit src/sys/dev/ic/atw.c Add delta 1.43 2006.02.28.06.52.35 jsg Edit src/sys/dev/mii/ciphy.c Add delta 1.10 2006.02.28.08.13.47 jsg Add delta 1.11 2006.02.28.12.37.15 jsg Edit src/sys/dev/mii/ciphyreg.h Add delta 1.2 2006.02.28.08.13.47 jsg Edit src/sys/kern/uipc_usrreq.c Add delta 1.31 2006.02.27.23.38.11 miod Edit src/usr.bin/ssh/session.c Add delta 1.197 2006.02.28.01.10.21 djm Now, after reinstalling a new kernel, I did a make build, and got these errors: nroff -Tascii -mandoc -/usr/src/usr.sbin/httpd/src/support/apxs.8 src/support/apxs.cat8 nroff -Tascii -mandoc -/usr/src/usr.sbin/httpd/src/support/suexec.8 src/support/suexec.cat8 make: no target to make *** Error code 2 Stop in /usr/src/usr.sbin/httpd (line 628 of /usr/src/usr.sbin/httpd/ Makefile.bsd-wrapper). *** Error code 1 Stop in /usr/src/usr.sbin. *** Error code 1 Stop in /usr/src (line 73 of Makefile). Can anyone help me with it? Thanks for the help. -Reza
ral0 bugs on openbsd 3.8 i386?
Hey guys, I'm having problem with ral0 running in hostap mode on my openbsd box (i386, running 3.8-stable). At the moment, the ral0 device acts as an access point and only using mac address filtering to be able to go on the internet. So I don't use the WEP, or IPSec, or anything like that. This is already the second time I got the integer divide fault trap and then I got into the ddb prompt (I attached the output as well as dmesg below). Is this an known issue? Can someone help me out with this, so that I can have my ral0 device runs in hostap mode flawlessly? If there's anymore info needed, please let me know. Thanks in advance, Reza ral0: device timeout kernel: integer divide fault trap, code=0 Stopped at ral_setup_tx_desc+0xae: idivl %ebx,%eax ddb trace ral_setup_tx_desc(d0c89000, e6c38000,200,5fc,0) at ral_setup_tx_desc +0xae ral_tx_data(d0c89000,d6192e00,d0d662200,0) at ral_tx_data+0x552 ral_start(d0c89030,d6192ef6,6,5aa1274) at ral_start+0x16c ether_output(d0c89030,d6380c00,d05d3be8,d62193d0,30) at ether_output +0x35b ip_output(d6380c00,0,d05d3be4,1,0,0,0,0) at ip_output+0x930 ip_forward(d6380c00,1,0,50,d6138900) at ip_forward+0x159 ipv4_input(d6380c00,d0c8c140,0,d06f) at ipv4_input+0x25a ipintr(d0c50058,10,d06f0010,14e90010,d06f) at ipintr+0x67 Bad frame pointer: 0xd06f1e44 ddb ps PID PPIDPGRPUID S FLAGS WAITCOMMAND 24709 995924709 10003 0x4086 pause screen 20661 790320661 10013 0x4086 pollirssi 79031 790310013 0x84select screen 995929511 995910003 0x4086 pause ksh 29511 29827 29827 10003 0x184 select sshd 29827 281329827 0 3 0x4084 netio sshd 30612 24484 30612 10003 0x4086 pollirssi 24488 1 24484 10003 0x84select screen 20303 1 20303 0 3 0x4086 ttyin getty 13008 1 13008 0 3 0x84select rtadvd 16081 16080 3 0x4086 ttyin getty 15017 1 15017 0 3 0x4086 ttyin getty 31978 1 31978 0 3 0x4086 ttyin getty 92891 92890 3 0x4086 ttyin getty 14226 1 14226 0 3 0x84select cron 16627 1 16627 0 3 0x84nanosleep tspc 28131 28130 3 0x84select sshd 24316 1 24316 0 3 0x184 select inetd 79951 799577 3 0x184 poll dhcpd 28113 4646464674 3 0x184 bfp pflogd 46461 46460 3 0x84netio pflogd 20294 27009 27009 73 3 0x184 pollsyslogd 27009 1 27009 0 3 0x84netio syslogd 27208 1 27208 77 3 0x184 poll dhclient 19447 1 21831 0 3 0x86poll dhclient 11 0 0 0 3 0x10024 crypto_wa crypto 10 0 0 0 3 0x10024 aiodonedaiodoned 9 0 0 0 3 0x10024 syncer update 8 0 0 0 3 0x10024 cleaner cleaner 7 0 0 0 3 0x10024 reaper reaper 6 0 0 0 3 0x10024 pgdaemonpgdaemon 5 0 0 0 3 0x10024 pftmpfpurge 4 0 0 0 3 0x10024 usbtsk usbtask 3 0 0 0 3 0x10024 usbevt usb0 2 0 0 0 3 0x10024 kmalloc kmthread 1 0 1 0 3 0x4084 waitinit 0 -1 0 0 3 0x80204 scheduler swapper ddb show registers ds 0xd0330010 in6_init_prefix_ltimes+0x80 es 0xd06f0010 end+0x759c0 fs 0xd0c50058 end+0x5d5a08 gs 0xd6190010 end+0x5b159c0 edi 0xd0c89030 end+0x60e9e0 esi 0xe6c38000 ebp 0xd06f1a84
Re: C Compiler cannot create executable
--- Stuart Henderson [EMAIL PROTECTED] wrote: C Compiler cannot create executable ? what does it mean ? My system is OpenBSD-3.8 Generic Kernel at Intel Pentium M Proc 1600 Mhz (IBM Think Pad T41) You should repost, including this information: what you were trying to do when you received the error. complete dmesg output. oke this is my dmesg output==snip cause i think only this line will be necessary== OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1600MHz (GenuineIntel 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2 cpu0: Enhanced SpeedStep 1600 MHz (1484 mV): speeds: 1600, 1400, 1200, 1000, 800, 600 MHz real mem = 535797760 (523240K) avail mem = 482000896 (470704K) using 4278 buffers containing 26894336 bytes (26264K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(2a) BIOS, date 10/30/03, BIOS32 rev. 0 @ 0xfd750 apm0 at bios0: Power Management spec V1.2 apm0: battery life expectancy 97% apm0: AC on, battery charge high, charging apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdea0/272 (15 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 823 that error output show when compiling any software with gcc requirement, event install from port it shows too. Now install gcc-4.0 from package repository and link to /usr/bin/gcc.. is that correct move ? One more.. how should i do to change to securelevel=0 ? i change it via rc.securelevel but have no luck.. I need securelevel=0 so my sea.c can work.. any help apprc. regards reza Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: C Compiler cannot create executable
--- Jens Teglhus Mxller [EMAIL PROTECTED] wrote: On Wed, December 21, 2005 12:06, Reza Muhammad said: Dear All C Compiler cannot create executable ? what does it mean ? My system is OpenBSD-3.8 Generic Kernel at Intel Pentium M Proc 1600 Mhz (IBM Think Pad T41) Please help ... regards reza http://www.openbsd.org/mail.html /jtm sorry all, i tought there is short answer for my problem so i didnt attach detailed.. # dmesg OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1600MHz (GenuineIntel 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2 cpu0: Enhanced SpeedStep 1600 MHz (1484 mV): speeds: 1600, 1400, 1200, 1000, 800, 600 MHz real mem = 535797760 (523240K) avail mem = 482000896 (470704K) using 4278 buffers containing 26894336 bytes (26264K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(9c) BIOS, date 10/30/03, BIOS32 rev. 0 @ 0xfd750 apm0 at bios0: Power Management spec V1.2 apm0: battery life expectancy 100% apm0: AC on, battery charge high apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdea0/272 (15 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #4 is the last bus bios0: ROM list: 0xc/0x1 0xd/0x1000 0xd1000/0x1000 0xdc000/0x4000! 0xe/0x1 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82855PE Hub rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82855PE AGP rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M7 LW rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x01: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x01: irq 11 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x01: irq 11 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x01: irq 11 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x81 pci2 at ppb1 bus 2 cbb0 at pci2 dev 0 function 0 Texas Instruments PCI4520 CardBus rev 0x01: irq 11 cbb1 at pci2 dev 0 function 1 Texas Instruments PCI4520 CardBus rev 0x01: irq 11 em0 at pci2 dev 1 function 0 Intel PRO/1000MT (82540EP) rev 0x03: irq 11, address: 00:0d:60:11:de:9e ipw0 at pci2 dev 2 function 0 Intel PRO/Wireless 2100 rev 0x04: irq 11, address 00:04:23:90:fc:6b cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 3 device 0 cacheline 0x8, lattimer 0xb0 pcmcia0 at cardslot0 cardslot1 at cbb1 slot 1 flags 0 cardbus1 at cardslot1: bus 4 device 0 cacheline 0x8, lattimer 0xb0 pcmcia1 at cardslot1 ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x01 pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: IC25N040ATCS05-0 wd0: 16-sector PIO, LBA, 34797MB, 71265266 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TOSHIBA, DVD-ROM SD-R9012, 1121 SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 Intel 82801DB SMBus rev 0x01 at pci0 dev 31 function 3 not configured auich0 at pci0 dev 31 function 5 Intel 82801DB AC97 rev 0x01: irq 11, ICH4 AC97 ac97: codec id 0x41445374 (Analog Devices AD1981B) ac97: codec features headphone, 20 bit DAC, No 3D Stereo audio0 at auich0 Intel 82801DB Modem rev 0x01 at pci0 dev 31 function 6 not configured isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 sysbeep0 at pcppi0 lpt2 at isa0 port 0x3bc/4: polled aps0 at isa0 port 0x1600/31 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 biomask efed netmask efed ttymask ffef pctr: 686-class user-level performance counters
Re: selecting a wireless networking card
Thanks for the help. I guess I'll have to check the store myself. It'll be too risky buying online. If I still can't get it right, I might as well order from kd85. Thanks again :) When I bought mine the version was on the box. It's not obvious, but it's located on a small sticker along with serial number, etc. -- Darrin Chandler [EMAIL PROTECTED] http://www.stilyagin.com/
diskd problem
I problem with squid diskd in 3.7 GENERIC. diskd process seem hang, when i restart squid. with this error: assertion failed: /usr/ports/www/squid/w-squid-2.5.STABLE9/squid-2.5.STABLE9/src/fs/diskd/store_io_diskd.c:494: ++send_errors 100 should i recompile new kernel to tunning message queue. Please be advice. regards reza Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
static route files
dear All, In which file should i put my static route entry ? regards reza Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
Optimizing SQUID
Dear All, Is there any trick to optimize squid in OpenBSD ? please give me hint. regards reza Sell on Yahoo! Auctions no fees. Bid on great items. http://auctions.yahoo.com/