Re: Dell PowerEdge 1950 III / R200

2008-01-31 Thread Reza Muhammad 
Great, thanks for the info.  This is my first time to get a rackmount server, 
and I just wanna make sure
it is supported by OpenBSD ;)

As Juan Miscaro described on Wed, Jan 30, 2008 at 02:48:19PM -0500:
 
 --- Reza Muhammad [EMAIL PROTECTED] wrote:
 
  Hi all,
  
  I'm looking to buy a server that supports OpenBSD and I'm looking at
  either Dell PowerEdge 1950 III
  or Dell PowerEdge R200.  I noticed Marco (marco@)'s message about
  Dell PERC 6i that exists on 
  PowerEdge 1950 III and R2000. But, if I'm not going to use RAID and
  only use Serial ATA hard drive, would I be
  able to install OpenBSD on it?
 
 I just did a test install of a new PowerEdge R200 [1].  4.2 Release
 would not install on it.  I achieved an install only with a very recent
 snapshot (28-01-08).  So far, everything is working.  I do not have any
 RAID card but one that can be purchased with the R200, the LSI/SAS5iR,
 is listed as supported by mpi [2] on the i386 page.
 
 [1]
 http://www.nycbug.org/?NAV=dmesgd;f_dmesg=;f_bsd=;f_nick=;f_descr=;dmesgid=1929#1929
 
 [2]
 http://www.openbsd.org/cgi-bin/man.cgi?query=mpiarch=i386sektion=4
 
 /juan
 
 
   Be smarter than spam. See how smart SpamGuard is at giving junk email 
 the boot with the All-new Yahoo! Mail.  Click on Options in Mail and switch 
 to New Mail today or register for free at http://mail.yahoo.ca

Dell PowerEdge 1950 III / R200

2008-01-29 Thread Reza Muhammad 
Hi all,

I'm looking to buy a server that supports OpenBSD and I'm looking at either 
Dell PowerEdge 1950 III
or Dell PowerEdge R200.  I noticed Marco (marco@)'s message about Dell PERC 6i 
that exists on 
PowerEdge 1950 III and R2000. But, if I'm not going to use RAID and only use 
Serial ATA hard drive, would I be
able to install OpenBSD on it? 

Also, what about the network card? I noticed on 
http://www.openbsd.org/i386.html Intel Pro 1000PT 
is not supported, but Broadcom NetXtreme 5708 is.  On the OpenBSD page, it 
listed that the Broadcom 5708 is supported through PCI, but the one that's sold 
on Dell is using PCIe.  Does OpenBSD support this?

Or should I buy from another brand, that fully supports OpenBSD?  Is there any 
recommendations? 
I'm planning to buy a few servers for Gateway, Web, Mail, and LDAP 
authentication.

Thanks in advance ;)


-Reza

Re: looking for openbsd friendly server vendor

2008-01-28 Thread Reza Muhammad 
anyone knows about IBM xSeries 3550? I checked on 
http://www.openbsd.org/i386.html and I saw that IBM xSeries 3550 were listed a 
few times.  

I am also looking to buy a U1 server, and I'm looking at either IBM xSeries 
3550 or a Dell PowerEdge 1950. Anyone has any experience with these machines?

As Allie Daneman described on Sun, Jan 27, 2008 at 12:43:41PM -0800:
 Netra T1 (like a 105) or a Dell...the Netras are cheap on Ebay.

 Lord Sporkton wrote:
 Im about to buy a small server, mostly for personal use
 looking for a 1u

 was hoping to find some vendors that are openbsd friendly
 if they offer more than just i386 that is a plus as im investigating
 other archs as a possiblilty, any suggestions welcome

 this server will be doing mostly webhosting, dns, mail, small
 firewalling, and a vpn or 2

 thanks

Installing the latest snapshot freezes on i386

2007-10-23 Thread Reza Muhammad 
Hi all,

I just recently purchased a brand new HP Pavilion
G3035L Desktop PC (spec:
http://www.anugrahpratama.com/product/21/1092/HP-Pavilion-G3035L-Desktop-PC).
 It's using Intel Core Duo processor.  I tried to
install OpenBSD's latest snapshot to this machine last
night.  The thing is it freezes and it wouldn't
install.   Here's the messages I got from my screen:

pcibios0 at bios0: rev 3.0 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf5590/192
(10 entries)
pcibios0: PCI  Interrupt Router at 000:31:0 (Intel
82801GH LPC rev 0x00)
pcibios0: PCI bus #2 is the last bus
bios0: ROM list: 0xc/0xae00!
cpu0 at mainbus0
pci0 at mainbus0 bus0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82945GP rev
0x02: rng active, 800Kb/sec
vga1 at pci0 dev 2 function 0 Intel 82945G Video rev
0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100
emulation)
Intel 82801GB HD Audio rev 0x01 at pci0 dev 27
function 0 not configured
ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE
rev 0x01
pci1 at ppb0 bus 1
re0 at pci1 dev 0 function 0 Realtek 8101E rev 0x01:
RTL8101E (0x3400), irq 19, address 00:1b:b9:85:6c:b8
rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev 1
uhci0 at pci0 dev 29 function 0 Intel 82801GB USB
rev 0x01: irq 11
uhci1 at pci0 dev 29 function 1 Intel 82801GB USB
rev 0x01: irq 5
uhci2 at pci0 dev 29 function 2 Intel 82801GB USB
rev 0x01: irq 3
uhci3 at pci0 dev 29 function 3 Intel 82801GB USB
rev 0x01: irq 10
ehci0 at pci0 dev 29 function 7 Intel 82801GB USB
rev 0x01: irq 11
ehci0: timed out waiting for BIOS
usb0 at ehci0: USB revision 2.0

Does anyone know what the problem is?  Are some of the
hardware aren't supported by OpenBSD? What should I do
so this machine can run OpenBSD?

Thanks for the help.  I appreciate it. 

-Reza
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Re: Internet slowdown when pf is enabled? Running on i386 -current

2007-09-27 Thread Reza Muhammad 
thanks alot.  I've created a new rulesets for my pf.conf, and it improves so 
much. :)


On Thu, 27 Sep 2007 06:04:49 +0100, Stuart Henderson [EMAIL PROTECTED] wrote:
 On 2007/09/27 11:51, Reza Muhammad wrote:
  On Wed, 26 Sep 2007 11:37:28 -0700, Can E. Acar
 [EMAIL PROTECTED]
  wrote:
  Reza Muhammad wrote:
 ...
  also
 
  There is a lot of external broadcast traffic they are probably the
 cause
  of
  the large number of state insertions/deletions. They are either a
 badly
  designed
  p2p/broadcast/whatever protocol, or the result of the worm/malware of
  the month.
 
  Can you add
 
  block drop in quick on sis0 all
 
  at the start of your ruleset? This way the external traffic does not
  create states at all.
 
  Can
 
 

 Actually I've been noticing that my ISP has been broadcasting a lot of
 things since I've been using them.
 For example, I would get this type of message in /var/log/message all
 the
 time:
 Sep 27 10:10:25 blowfish /bsd: arp: attempt to overwrite entry for
 192.168.1.1 on lo0 by 00:02:6f:3e:14:59 on sis0

 Anyway, about the ruleset, since I'm also running a web server, and mail
 server on this box, I shouldn't use block quick right?
 
 Ok, in that case,
 
 block in on sis0
 pass in on sis0 to port {http, smtp}
 
 etc.

Re: Internet slowdown when pf is enabled? Running on i386 -current

2007-09-26 Thread Reza Muhammad 
I know it's weird that's why I posted this in the first place :P

anyway, the OpenBSD gateway is running web server (apache+php), and mail server 
(postfix+dovecot).
The thing is, it doesn't seem there are alot of connections from those daemons. 
and like i said before,
if i tried to connect to the Internet directly from my laptop, the connection 
is fine.  Would a tcpdump log be
any helpful at this point?

Thanks for replying though.

On Wed, 26 Sep 2007 15:55:21 +0200, knitti [EMAIL PROTECTED] wrote:
 On 9/22/07, Reza Muhammad [EMAIL PROTECTED] wrote:
 I'm having a problem with my Internet connection in my home network. I
 noticed that my Internet connection has been very slow since I upgraded to
 -current a week ago.  First, I thought it was just my ISP problem.  Then, I
 tried to connect to the Internet directly from my laptop, it worked fine.
 

 I noticed that the Internet is slowing down when pf is enabled.  I
 changed my pf.conf to only do nat, and scrub incoming packets, but it is
 still slow.
 State Table  Total Rate
   current entries  698
   searches 448763619511.5/s
   inserts   280924 1221.4/s
   removals  280226 1218.4/s
 
 I don't know what kind of traffic you have on your box, but these
 numbers look strange.
 I see on various firewalls between 0.1 and 5% of that with some simple
 rulesets and
 NAT. These are DSL links, both asymmetric and symmetric.
 
 If you are really only doing NAT, something is strange.
 
 greetings,
 knitti

Re: Internet slowdown when pf is enabled? Running on i386 -current

2007-09-26 Thread Reza Muhammad 
Here's the log:

10:12:28.738263 UPD ST:
all 6 122.200.52.134:22 - 125.160.128.35:60387
   ESTABLISHED:ESTABLISHED
   [1381080430 + 65535] wscale 0  [3262031687 + 17040] wscale 0
   age 3812101632:33:20, expires in 00:00:00, 482:293 pkts, 38584:35992 bytes
   id: 46facdc5804b creatorid: 2a435432 updates: 3
10:12:28.902894 INS ST:
all 17 255.255.255.255:5678 - 122.200.54.146:5678   NO_TRAFFIC:SINGLE
   age 00:00:00, expires in 00:00:00, 0:0 pkts, 0:0 bytes, rule 13
   id: 46facdc581a9 creatorid: 257e0ae9
10:12:29.458559 UPD ST:
all 17 255.255.255.255:3259 - 122.200.50.65:1129   NO_TRAFFIC:SINGLE
   age 3571779072:45:52, expires in 00:00:00, 5:0 pkts, 270:0 bytes, rule 13
   id: 46facdc580f5 creatorid: 257e0ae9 updates: 0
10:12:29.648865 INS ST:
all 17 255.255.255.255:5678 - 192.168.140.248:5678   NO_TRAFFIC:SINGLE
   age 00:00:00, expires in 00:00:00, 0:0 pkts, 0:0 bytes, rule 13
   id: 46facdc581aa creatorid: 257e0ae9
all 17 255.255.255.255:5678 - 192.168.125.120:5678   NO_TRAFFIC:SINGLE
   age 00:00:00, expires in 00:00:00, 0:0 pkts, 0:0 bytes, rule 13
   id: 46facdc581ab creatorid: 257e0ae9
10:12:30.173882 UPD ST:
all 17 239.255.255.250:1900 - 192.168.0.1:1900   NO_TRAFFIC:SINGLE
   age 494275328:34:56, expires in 00:00:00, 7181:0 pkts, 2279289:0 bytes
   id: 46facdc537f4 creatorid: 2a435432 updates: 12
10:12:30.173947 DEL ST:
all 6 122.200.52.134:80 - 125.160.128.35:49548
   FIN_WAIT_2:FIN_WAIT_2
   [2274342568 + 65535] wscale 0  [2570619505 + 17040] wscale 0
   age 1024067328:26:24, expires in 00:00:00, 6:5 pkts, 1653:645 bytes, rule 15
   id: 46facdc580f6 creatorid: 257e0ae9
all 17 255.255.255.255:5678 - 192.168.157.58:5678   NO_TRAFFIC:SINGLE
   age 1024067328:26:24, expires in 00:00:00, 2:0 pkts, 230:0 bytes, rule 13
   id: 46facdc580f8 creatorid: 257e0ae9
all 17 255.255.255.255:5678 - 192.168.93.10:5678   NO_TRAFFIC:SINGLE
   age 167249408:06:08, expires in 00:00:00, 2:0 pkts, 224:0 bytes, rule 13
   id: 46facdc580f9 creatorid: 257e0ae9
all 17 255.255.255.255:5678 - 192.168.157.52:5678   NO_TRAFFIC:SINGLE
   age 167249408:06:08, expires in 00:00:00, 2:0 pkts, 210:0 bytes, rule 13
   id: 46facdc580fa creatorid: 257e0ae9
10:12:30.173983 DEL ST:
all 17 122.200.51.255:138 - 122.200.51.219:138   NO_TRAFFIC:SINGLE
   age 60622336:24:48, expires in 00:00:00, 2:0 pkts, 471:0 bytes, rule 13
   id: 46facdc580fe creatorid: 257e0ae9
all 17 255.255.255.255:5678 - 192.168.157.74:5678   NO_TRAFFIC:SINGLE
   age 60622336:24:48, expires in 00:00:00, 2:0 pkts, 230:0 bytes, rule 13
   id: 46facdc580ff creatorid: 257e0ae9

and there's still more.  I noticed that the traffic coming in from 192.168.*.* 
aren't from my local network.


On Wed, 26 Sep 2007 17:19:05 +0100, Stuart Henderson [EMAIL PROTECTED] wrote:
 On 2007/09/26 22:32, Reza Muhammad wrote:
 Would a tcpdump log be any helpful at this point?
 
 maybe; try ifconfig pfsync0 create and tcpdump -nipfsync0 -vvs1000
 
inserts   280924 1221.4/s
removals  280226 1218.4/s
 
 expect it to scroll pretty damn fast...

Re: Internet slowdown when pf is enabled? Running on i386 -current

2007-09-26 Thread Reza Muhammad 
 On Wed, 26 Sep 2007 11:37:28 -0700, Can E. Acar [EMAIL PROTECTED]
 wrote:
 Reza Muhammad wrote:
...
 also

 There is a lot of external broadcast traffic they are probably the cause
 of
 the large number of state insertions/deletions. They are either a badly
 designed
 p2p/broadcast/whatever protocol, or the result of the worm/malware of
 the month.

 Can you add

 block drop in quick on sis0 all

 at the start of your ruleset? This way the external traffic does not
 create states at all.

 Can



Actually I've been noticing that my ISP has been broadcasting a lot of
things since I've been using them.
For example, I would get this type of message in /var/log/message all the
time:
Sep 27 10:10:25 blowfish /bsd: arp: attempt to overwrite entry for
192.168.1.1 on lo0 by 00:02:6f:3e:14:59 on sis0

Anyway, about the ruleset, since I'm also running a web server, and mail
server on this box, I shouldn't use block quick right?
Rather block in quick on sis0 all, then open up the ports that I need to
use? Or am I missing the point?

Thanks.

problem on setting up ntpd

2007-04-08 Thread Reza Muhammad 
Hi all,

I was just trying to setup an ntpd server for my home network so it could sync 
with each other.  So here's what I have in my /etc/ntpd.conf:

# $OpenBSD: ntpd.conf,v 1.7 2004/07/20 17:38:35 henning Exp $
# sample ntpd configuration file, see ntpd.conf(5)

# Addresses to listen on (ntpd does not listen by default)
listen on 192.168.1.1

# sync to a single server
#server ntp.example.org

# use a random selection of 8 public stratum 2 servers
# see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers
servers asia.pool.ntp.org

and here's the log from /var/log/daemon after I run the service:
Apr  8 21:09:32 blowfish ntpd[14921]: listening on 192.168.1.1
Apr  8 21:09:32 blowfish ntpd[14921]: ntp engine ready
Apr  8 21:09:51 blowfish ntpd[14921]: peer 203.123.49.3 now valid
Apr  8 21:09:51 blowfish ntpd[14921]: peer 202.155.248.218 now valid
Apr  8 21:09:51 blowfish ntpd[14921]: peer 61.129.66.79 now valid
Apr  8 21:09:53 blowfish ntpd[14921]: peer 202.71.97.92 now valid
Apr  8 21:09:53 blowfish ntpd[14921]: peer 60.56.119.79 now valid
Apr  8 21:09:55 blowfish ntpd[14921]: peer 218.75.4.130 now valid
Apr  8 21:09:56 blowfish ntpd[14921]: peer 61.129.90.164 now valid

Even though it seems to be working, I still can't get the date to sync from 
clients.  When I try to telnet to 192.168.1.1 on port 123, it says Connection 
Refused.  But the daemon is running on the server:
% ps auxw | grep ntpd
root 24933  0.0  0.2   428   600 ??  Is 9:09PM0:00.00 ntpd: [priv] 
(ntpd)
_ntp 14921  0.0  0.2   388   648 ??  S  9:09PM0:00.02 ntpd: ntp 
engine (ntpd)

Can anyone pleae help me out? 
Thanks in advance.

Re: PF keep state does'nt like Mandriva2007

2007-01-29 Thread Reza Muhammad 
--- Stuart Henderson [EMAIL PROTECTED] wrote:

 On 2007/01/28 19:56, Reza Muhammad wrote:
  and few  new install Mandriva2007 (linux kernel)
 that
  couldn not browse the web (the other protocol work
 OK)
  if the rules keep state in PF machine is
 activated.
 
 use 'flags S/SA keep state'
 
thanks for nice replay.. but it still doesnt work.
I believe that problem in mandriva2007 hosts rather
than PF.

regards
reza
Reza



 

Need a quick answer? Get one in minutes from people who know.
Ask your question on www.Answers.yahoo.com

PF keep state does'nt like Mandriva2007

2007-01-28 Thread Reza Muhammad 
Dear Lists.

I have one bridge PF machine for packet queue and
prio,
and few  new install Mandriva2007 (linux kernel) that
couldn not browse the web (the other protocol work OK)
if the rules keep state in PF machine is activated.
but the others hosts (WinXP, BSD, Mac, Others Linux)
work fine.
Why PF (OpenBSD-3.9) doesnt like Mandriva2007 
Plese help

regards
Reza


 

Never Miss an Email
Stay connected with Yahoo! Mail on your mobile.  Get started!
http://mobile.yahoo.com/services?promote=mail

Re: 2 gateway in OBSD 4.0

2007-01-24 Thread Reza Muhammad 
--- Greg Thomas [EMAIL PROTECTED] wrote:

 On 1/23/07, sonjaya [EMAIL PROTECTED] wrote:
  Dear All
 
  Any posible way to using 2 gateway in n out
 without  using routed
  protcol such as bgp/osf
  Because i have two connection to Internet
  basic  diagram
|-gw01---|
   internet   | obsd 4.0 |---Lan
|---gw02--|
 
  - 2 Ip public
  - 1 server obsd  4.0 with 3 Networkcard
   - 2 box gw
 
  I plan obsd 4.0 for :
 
  1. ns server who have 2 ip public from 2 isp
 
  question  iwant ask , how to set 2 gw without 
 have bgp/osf  access ?
 
 
 I'm surprised no one has asked this question before.
  Oh, wait, me
 checks the archives, oh, yeah, someone just
 discussed that scenario
 this week.
 
 http://www.openbsd.org/faq/pf/pools.html#outgoing
 
 Greg
 

What about -mpath in route(8) ??
is it doing ok now in 4.0 ?


regards
Reza



 

Bored stiff? Loosen up... 
Download and play hundreds of games for free on Yahoo! Games.
http://games.yahoo.com/games/front

bridge very slow after RTSP update

2006-12-27 Thread Reza Muhammad 
Hey guys,

Im having a problem with my bridge at home (running 4.0-current).  I noticed 
that after the RTSP update on cvs, the bridge connection that transferring data 
in local network can only go up to 60 KB/s.  I didn't change any of my settings 
though.  Is this an expected behaviour?  Btw, here's my bridge configuration:

% cat /etc/bridgename.bridge0 
add fxp0
add ral0
up

% cat /etc/hostname.fxp0 
inet 192.168.1.1 255.255.255.0 NONE

% cat /etc/hostname.ral0 
up media autoselect mediaopt hostap mode 11g nwid blowfish -nwkey chan 3

% brconfig
bridge0: flags=41UP,RUNNING
priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp
ral0 flags=3LEARNING,DISCOVER
port 3 ifpriority 0 ifcost 0
fxp0 flags=3LEARNING,DISCOVER
port 2 ifpriority 0 ifcost 0
Addresses (max cache: 100, timeout: 240):
00:11:2f:39:51:ae fxp0 1 flags=0


Can someone point me out where my problem is?
Thanks alot.

-Reza




 

Any questions? Get answers on any topic at www.Answers.yahoo.com.  Try it now.

problem with bridging, cannot ping other hosts

2006-11-22 Thread Reza Muhammad 

Hi guys,

I have an OpenBSD router at home and the clients are connected  
through a wired interface (fxp0) as well as wireless interface (ral0  
running in HostAP mode).  Previously, wired network has a different  
network then the wireless network, wired network has the address of  
192.168.1.0/24 and the wireless network is on 192.168.2.0/24.  The  
thing is, I've been trying to to put both interfaces in the same  
network (192.168.1.0/24).  I tried using trunk with roundrobin  
between fxp0 and ral0 but it's so slow, and it misses some icmp_seq  
when I try to ping other hosts.  So I tried bridge the connection  
instead.  Here's the configuration I have:


[EMAIL PROTECTED]:~% cat /etc/hostname.fxp0
inet 192.168.1.1 255.255.255.0 NONE description Local Network
[EMAIL PROTECTED]:~% cat /etc/hostname.ral0
	up media autoselect mediaopt hostap mode 11g nwid blowfish -nwkey  
chan 3

[EMAIL PROTECTED]:~% cat /etc/bridgename.bridge0
add fxp0
add ral0
up

The connection seems to work.  Both clients that are connecting from  
wired interfaces and wireless interface can get IP address (using  
DHCP) with the network address of 192.168.1.0/24.  The clients can  
ping to the OpenBSD router, and the router can ping to all the  
clients.  However, pinging to other clients wont work.  Can anyone  
suggest me what I'm doing wrong? If the bridging works perfectly, any  
clients should be able to ping/communicate to other clients right?  
Btw I'm running OpenBSD 4.0-current on i386.  Also, here's the output  
of brconfig:


[EMAIL PROTECTED]:~% brconfig
bridge0: flags=41UP,RUNNING
Configuration:
priority 32768 hellotime 2 fwddelay 15 maxage 20
Interfaces:
ral0 flags=3LEARNING,DISCOVER
port 3 ifpriority 128 ifcost 55
pass in on ral0
fxp0 flags=3LEARNING,DISCOVER
port 2 ifpriority 128 ifcost 55
pass in on fxp0
Addresses (max cache: 100, timeout: 240):
00:11:2f:39:51:ae fxp0 1 flags=0
00:16:cb:05:d8:11 ral0 1 flags=0

Any help will be greatly appreciated.

Thank you.

Re: problem with bridging, cannot ping other hosts

2006-11-22 Thread Reza Muhammad 
Actually I do.  Clients are able to connect to the router, as well as  
the Internet (I use NAT).  However, clients cannot communicate to  
other clients.  For example, ip 192.168.1.2 (connected through wired  
interface) and ip 192.168.1.3 (connected through wireless interface)  
are the clients. When I tried to ping from 192.168.1.2 to  
192.168.1.3, I ran tcpdump from 192.168.1.3, and I got:


	20. 383217 00:11:2f:39:51:ae  ff:ff:ff:ff:ff:ff, ethertype ARP  
(0x0806), length 60: arp who-has 192.168.1.3 tell 192.168.1.2
	58 00:16:cb:05:d8:11  00:11:2f:39:51:ae, ethertype ARP  
(0x0806), length 42: arp reply 192.168.1.3 is-at 00:16:cb:05:d8:11
	000513 00:11:2f:39:51:ae  00:16:cb:05:d8:11, ethertype IPv4  
(0x0800), length 98: 192.168.1.2  192.168.1.3: ICMP echo request, id  
23887, seq 1, length 64
	42 00:16:cb:05:d8:11  00:11:2f:39:51:ae, ethertype IPv4  
(0x0800), length 98: 192.168.1.3  192.168.1.2: ICMP echo reply, id  
23887, seq 1, length 64
	1. 006677 00:11:2f:39:51:ae  00:16:cb:05:d8:11, ethertype IPv4  
(0x0800), length 98: 192.168.1.2  192.168.1.3: ICMP echo request, id  
23887, seq 2, length 64
	66 00:16:cb:05:d8:11  00:11:2f:39:51:ae, ethertype IPv4  
(0x0800), length 98: 192.168.1.3  192.168.1.2: ICMP echo reply, id  
23887, seq 2, length 64
	05 00:11:2f:39:51:ae  00:16:cb:05:d8:11, ethertype IPv4  
(0x0800), length 98: 192.168.1.2  192.168.1.3: ICMP echo request, id  
23887, seq 3, length 64
	66 00:16:cb:05:d8:11  00:11:2f:39:51:ae, ethertype IPv4  
(0x0800), length 98: 192.168.1.3  192.168.1.2: ICMP echo reply, id  
23887, seq 3, length 64
	19 00:11:2f:39:51:ae  00:16:cb:05:d8:11, ethertype IPv4  
(0x0800), length 98: 192.168.1.2  192.168.1.3: ICMP echo request, id  
23887, seq 4, length 64
	69 00:16:cb:05:d8:11  00:11:2f:39:51:ae, ethertype IPv4  
(0x0800), length 98: 192.168.1.3  192.168.1.2: ICMP echo reply, id  
23887, seq 4, length 64
	1. 57 00:11:2f:39:51:ae  00:16:cb:05:d8:11, ethertype IPv4  
(0x0800), length 98: 192.168.1.2  192.168.1.3: ICMP echo request, id  
23887, seq 5, length 64
	65 00:16:cb:05:d8:11  00:11:2f:39:51:ae, ethertype IPv4  
(0x0800), length 98: 192.168.1.3  192.168.1.2: ICMP echo reply, id  
23887, seq 5, length 64



It looks like there are requests and replies back and forth, but the  
output from 192.168.1.2 is:


PING 192.168.1.3 (192.168.1.3) 56(84) bytes of data.

--- 192.168.1.3 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4009ms

Hope this gives more idea on the problem

Thanks,
Reza

On Nov 22, 2006, at 9:47 PM, Michael wrote:


You probably don't have IP forwarding activated.

sysctl -w net.inet.ip.forwarding=1

To set it permanently edit /etc/sysctl.conf

Michael

altq on 2 interface

2006-11-08 Thread Reza Muhammad 
Hi list..


My rule set still not working, as i'm expected to
limit outgoing and incoming traffic pass to my pf
machine act as an bridge .

altq on xl1 bandwidth 100% cbq queue
{int_out,dflt_out}
queue int_out   bandwidth 3Mb
queue dflt_out  bandwidth  16Kb cbq (default)

altq on xl2 bandwidth 100% cbq queue {int_in,dflt_in}
queue int_in   bandwidth 3Mb
queue dflt_in  bandwidth 16Kb cbq (default)

pass out log on xl1 from 172.16.0.228 to 202.57.14.1
keep  state flags S/SA queue (int_out)
pass out log on xl2 from 202.57.14.1 to 172.16.0.228
keep state flags S/SA queue (int_in)

if i only enabled altq on in one interface only (xl1
or xl2) , traffic limitation that i want is can be
done.

Is there something that can be done with ALTQ and PF
or my rule is bad ???

please.

Reza 



 
__
Sponsored Link

Talk more and pay less. Vonage can save you up to $300 a year on your phone 
bill. 
Sign up now. http://www.vonage.com/startsavingnow/

pf.conf + altq more problem..

2006-11-06 Thread Reza Muhammad 
Dear All.

I start with the simple rule set in my pf bridge
machine to limit
bandwidth 3Mbps  from my server on lan to internet and
from internet to
my server on lan 

my_server_on_lan=172.16.0.228
internet=202.x.x.x
lan = 172.16.0.0/16
altq on xl1 bandwidth 100% cbq queue \
{int_out,dflt_out}
queue int_out   bandwidth 3Mb
queue dflt_out  bandwidth  16Kb cbq (default)

altq on xl2 bandwidth 100% cbq queue {int_in,dflt_in}

queue int_inbandwidth   3Mb
queue dflt_in   bandwidth  16Kb cbq (default)

pass in on xl1  from any to $lan
pass out on xl1 from $lan to any

pass out  on xl1 from $my_server_on_lan to $internet \
keep state queue
(int_out)

pass in on xl2 from $lan to any keep state
pass out on xl2  from any to $lan  keep state

pass  out  on xl2 from $internet to $my_server_on_lan
\ keep state queue
(int_in)

I have done some test with iperf with no luck.
Is there something wrong with this rule set to
acompilished my need ?
Please help..

regards
Reza




 

Access over 1 million songs - Yahoo! Music Unlimited 
(http://music.yahoo.com/unlimited)

pf+altq problem

2006-10-11 Thread Reza Muhammad 
Dear list. 

My pf.conf  not working.
I have pf in bridge machine with xl2 to internet
firewall and xl1 to
internal switch. Bridging is ok.

This my simple pf.conf

me=172.16.0.228
altq on xl1 bandwidth 100% cbq queue {me,dflt}

queue mebandwidth 8Kb
queue dflt  bandwidth 16Kb cbq  (default)


block log on {xl1,xl2} all

pass out log on xl1 from $me to any  keep state
pass log on xl2 from $me to any keep state queue (me)


This rule is match when i try to connect to iperf
server 

# tcpdump -nett -i pflog0 | grep 172.16.0.228
tcpdump: WARNING: pflog0: no IPv4 address assigned
tcpdump: listening on pflog0, link-type PFLOG
1160655756.150048 rule 3/(match) pass in on xl2:
172.16.0.228.44405 
128.6.231.102.5001: [|tcp] (DF)
1160655756.150059 rule 2/(match) pass out on xl1:
172.16.0.228.44405 
128.6.231.102.5001: [|tcp] (DF)

But iperf tell me that this connection is 24.4
Kbits/Sec. (more than 8Kbps)

[EMAIL PROTECTED] beastie]# iperf -c lss.rutgers.edu

Client connecting to lss.rutgers.edu, TCP port 5001
TCP window size: 16.0 KByte (default)

[  3] local 172.16.0.228 port 44408 connected with
128.6.231.102 port
5001
[  3]  0.0-16.1 sec  48.0 KBytes  24.4 Kbits/sec


I'm expecting that iperf report it equal with the
bandwidth that i assign to (me) queue pipe.
Is there any thing wrong or i missed something here
???
Please help me

regards
Reza
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

make build error on 3.9 (-current) i386

2006-03-01 Thread Reza Muhammad 

Hi guys,

I was just updating my source tree through cvsup, and I've been  
following -current for a while.  There hadn't been any problems  
before.  But today, make build returned errors.  The last time I  
cvsup'd was today around 10pm (GMT +7), and here's some of the log:


 Edit src/sys/arch/sparc/include/param.h
  Add delta 1.35 2006.02.28.18.24.18 miod
Edit src/sys/dev/ic/atw.c
  Add delta 1.43 2006.02.28.06.52.35 jsg
Edit src/sys/dev/mii/ciphy.c
  Add delta 1.10 2006.02.28.08.13.47 jsg
  Add delta 1.11 2006.02.28.12.37.15 jsg
Edit src/sys/dev/mii/ciphyreg.h
  Add delta 1.2 2006.02.28.08.13.47 jsg
Edit src/sys/kern/uipc_usrreq.c
  Add delta 1.31 2006.02.27.23.38.11 miod
Edit src/usr.bin/ssh/session.c
  Add delta 1.197 2006.02.28.01.10.21 djm

Now, after reinstalling a new kernel, I did a make build, and got  
these errors:


nroff -Tascii -mandoc -/usr/src/usr.sbin/httpd/src/support/apxs.8   
src/support/apxs.cat8
nroff -Tascii -mandoc -/usr/src/usr.sbin/httpd/src/support/suexec.8   
src/support/suexec.cat8

make: no target to make
*** Error code 2

Stop in /usr/src/usr.sbin/httpd (line 628 of /usr/src/usr.sbin/httpd/ 
Makefile.bsd-wrapper).

*** Error code 1

Stop in /usr/src/usr.sbin.
*** Error code 1

Stop in /usr/src (line 73 of Makefile).

Can anyone help me with it?
Thanks for the help.

-Reza

ral0 bugs on openbsd 3.8 i386?

2006-01-16 Thread Reza Muhammad 
Hey guys, I'm having problem with ral0 running in hostap mode on my  
openbsd box (i386, running 3.8-stable).


At the moment, the ral0 device acts as an access point and only using  
mac address filtering to be able to go on the internet.  So I don't  
use the WEP, or IPSec, or anything like that.  This is already the  
second time I got the integer divide fault trap and then I got into  
the ddb  prompt (I attached the output as well as dmesg below).  Is  
this an known issue? Can someone help me out with this, so that I can  
have my ral0 device runs in hostap mode flawlessly?


If there's anymore info needed, please let me know.

Thanks in advance,
Reza



ral0: device timeout
kernel: integer divide fault trap, code=0
Stopped at  ral_setup_tx_desc+0xae: idivl   %ebx,%eax
ddb trace
ral_setup_tx_desc(d0c89000, e6c38000,200,5fc,0) at ral_setup_tx_desc 
+0xae

ral_tx_data(d0c89000,d6192e00,d0d662200,0) at ral_tx_data+0x552
ral_start(d0c89030,d6192ef6,6,5aa1274) at ral_start+0x16c
ether_output(d0c89030,d6380c00,d05d3be8,d62193d0,30) at ether_output 
+0x35b

ip_output(d6380c00,0,d05d3be4,1,0,0,0,0) at ip_output+0x930
ip_forward(d6380c00,1,0,50,d6138900) at ip_forward+0x159
ipv4_input(d6380c00,d0c8c140,0,d06f) at ipv4_input+0x25a
ipintr(d0c50058,10,d06f0010,14e90010,d06f) at ipintr+0x67
Bad frame pointer: 0xd06f1e44
ddb ps
PID PPIDPGRPUID S   FLAGS   WAITCOMMAND
24709   995924709   10003   0x4086  pause   screen
20661   790320661   10013   0x4086  pollirssi
79031   790310013   0x84select  screen
995929511   995910003   0x4086  pause   ksh
29511   29827   29827   10003   0x184   select  sshd
29827   281329827   0   3   0x4084  netio   sshd
30612   24484   30612   10003   0x4086  pollirssi
24488   1   24484   10003   0x84select  screen
20303   1   20303   0   3   0x4086  ttyin   
getty
13008   1   13008   0   3   0x84select  rtadvd
16081   16080   3   0x4086  ttyin   
getty
15017   1   15017   0   3   0x4086  ttyin   
getty
31978   1   31978   0   3   0x4086  ttyin   
getty
92891   92890   3   0x4086  ttyin   
getty
14226   1   14226   0   3   0x84select  cron
16627   1   16627   0   3   0x84nanosleep   
tspc
28131   28130   3   0x84select  sshd
24316   1   24316   0   3   0x184   select  inetd
79951   799577  3   0x184   poll
dhcpd
28113   4646464674  3   0x184   bfp pflogd
46461   46460   3   0x84netio   pflogd
20294   27009   27009   73  3   0x184   pollsyslogd
27009   1   27009   0   3   0x84netio   syslogd
27208   1   27208   77  3   0x184   poll
dhclient
19447   1   21831   0   3   0x86poll
dhclient
11  0   0   0   3   0x10024 
crypto_wa   crypto
10  0   0   0   3   0x10024 
aiodonedaiodoned
9   0   0   0   3   0x10024 
syncer  update
8   0   0   0   3   0x10024 
cleaner cleaner
7   0   0   0   3   0x10024 
reaper  reaper
6   0   0   0   3   0x10024 
pgdaemonpgdaemon
5   0   0   0   3   0x10024 
pftmpfpurge
4   0   0   0   3   0x10024 
usbtsk  usbtask
3   0   0   0   3   0x10024 
usbevt  usb0
2   0   0   0   3   0x10024 
kmalloc kmthread
1   0   1   0   3   0x4084  
waitinit
0   -1  0   0   3   0x80204 
scheduler   swapper
ddb show registers
ds  0xd0330010  in6_init_prefix_ltimes+0x80
es  0xd06f0010  end+0x759c0
fs  0xd0c50058  end+0x5d5a08
gs  0xd6190010  end+0x5b159c0
edi 0xd0c89030  end+0x60e9e0
esi 0xe6c38000  
ebp 0xd06f1a84

Re: C Compiler cannot create executable

2005-12-21 Thread Reza Muhammad 
--- Stuart Henderson [EMAIL PROTECTED] wrote:

  C Compiler cannot create executable ?
  what does it mean ? 
  My system is OpenBSD-3.8 Generic Kernel at Intel
  Pentium M Proc 1600 Mhz (IBM Think Pad T41)
 
 You should repost, including this information:
 
 what you were trying to do when you received the
 error.
 complete dmesg output.
 
oke this is my dmesg output==snip cause i think only
this line will be necessary==

OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT
2005
   
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) M processor 1600MHz
(GenuineIntel 686-class) 1.60 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2
cpu0: Enhanced SpeedStep 1600 MHz (1484 mV): speeds:
1600, 1400, 1200, 1000, 800, 600 MHz
real mem  = 535797760 (523240K)
avail mem = 482000896 (470704K)
using 4278 buffers containing 26894336 bytes (26264K)
of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(2a) BIOS, date 10/30/03,
BIOS32 rev. 0 @ 0xfd750
apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 97%
apm0: AC on, battery charge high, charging
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdea0/272
(15 entries)
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 823

that error output show when compiling any software
with gcc requirement, event install from port it shows
too.
Now install gcc-4.0 from package repository and link
to /usr/bin/gcc.. is that correct move ?
One more.. how should i do to change to securelevel=0
? i change it via rc.securelevel but have no luck..
I need securelevel=0 so my sea.c can work..

any help apprc.

regards
reza
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Re: C Compiler cannot create executable

2005-12-21 Thread Reza Muhammad 
--- Jens Teglhus Mxller [EMAIL PROTECTED] wrote:

 On Wed, December 21, 2005 12:06, Reza Muhammad said:
  Dear All
 
  C Compiler cannot create executable ?
  what does it mean ?
  My system is OpenBSD-3.8 Generic Kernel at Intel
  Pentium M Proc 1600 Mhz (IBM Think Pad T41)
 
  Please help ...
 
  regards
  reza
 
 http://www.openbsd.org/mail.html
 
 /jtm
 
sorry all, i tought there is short answer for my
problem so i didnt attach detailed..

# dmesg
OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT
2005
   
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) M processor 1600MHz
(GenuineIntel 686-class) 1.60 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2
cpu0: Enhanced SpeedStep 1600 MHz (1484 mV): speeds:
1600, 1400, 1200, 1000, 800, 600 MHz
real mem  = 535797760 (523240K)
avail mem = 482000896 (470704K)
using 4278 buffers containing 26894336 bytes (26264K)
of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(9c) BIOS, date 10/30/03,
BIOS32 rev. 0 @ 0xfd750
apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 100%
apm0: AC on, battery charge high
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdea0/272
(15 entries)
pcibios0: PCI Interrupt Router at 000:31:0 (Intel
82371FB ISA rev 0x00)
pcibios0: PCI bus #4 is the last bus
bios0: ROM list: 0xc/0x1 0xd/0x1000
0xd1000/0x1000 0xdc000/0x4000! 0xe/0x1
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82855PE Hub rev
0x03
ppb0 at pci0 dev 1 function 0 Intel 82855PE AGP rev
0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M7
LW rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100
emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
uhci0 at pci0 dev 29 function 0 Intel 82801DB USB
rev 0x01: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 Intel 82801DB USB
rev 0x01: irq 11
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 Intel 82801DB USB
rev 0x01: irq 11
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 Intel 82801DB USB
rev 0x01: irq 11
usb3 at ehci0: USB revision 2.0
uhub3 at usb3
uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub3: 6 ports with 6 removable, self powered
ppb1 at pci0 dev 30 function 0 Intel 82801BAM
Hub-to-PCI rev 0x81
pci2 at ppb1 bus 2
cbb0 at pci2 dev 0 function 0 Texas Instruments
PCI4520 CardBus rev 0x01: irq 11
cbb1 at pci2 dev 0 function 1 Texas Instruments
PCI4520 CardBus rev 0x01: irq 11
em0 at pci2 dev 1 function 0 Intel PRO/1000MT
(82540EP) rev 0x03: irq 11, address:
00:0d:60:11:de:9e
ipw0 at pci2 dev 2 function 0 Intel PRO/Wireless
2100 rev 0x04: irq 11, address 00:04:23:90:fc:6b
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 3 device 0 cacheline 0x8,
lattimer 0xb0
pcmcia0 at cardslot0
cardslot1 at cbb1 slot 1 flags 0
cardbus1 at cardslot1: bus 4 device 0 cacheline 0x8,
lattimer 0xb0
pcmcia1 at cardslot1
ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM
LPC rev 0x01
pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE
rev 0x01: DMA, channel 0 configured to compatibility,
channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: IC25N040ATCS05-0
wd0: 16-sector PIO, LBA, 34797MB, 71265266 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: TOSHIBA, DVD-ROM
SD-R9012, 1121 SCSI0 5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
Intel 82801DB SMBus rev 0x01 at pci0 dev 31 function
3 not configured
auich0 at pci0 dev 31 function 5 Intel 82801DB AC97
rev 0x01: irq 11, ICH4 AC97
ac97: codec id 0x41445374 (Analog Devices AD1981B)
ac97: codec features headphone, 20 bit DAC, No 3D
Stereo
audio0 at auich0
Intel 82801DB Modem rev 0x01 at pci0 dev 31 function
6 not configured
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
sysbeep0 at pcppi0
lpt2 at isa0 port 0x3bc/4: polled
aps0 at isa0 port 0x1600/31
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte
fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
biomask efed netmask efed ttymask ffef
pctr: 686-class user-level performance counters

Re: selecting a wireless networking card

2005-11-12 Thread Reza Muhammad 
Thanks for the help.  I guess I'll have to check the store myself. 
It'll be too risky buying online.  If I still can't get it right, I
might as well order from kd85.

Thanks again :)

 When I bought mine the version was on the box. It's not obvious, but
 it's located on a small sticker along with serial number, etc.

 --
 Darrin Chandler
 [EMAIL PROTECTED]
 http://www.stilyagin.com/

diskd problem

2005-07-20 Thread Reza Muhammad 
I problem with squid diskd in 3.7 GENERIC.
diskd process seem hang, when i restart squid. with
this error:

assertion failed:
/usr/ports/www/squid/w-squid-2.5.STABLE9/squid-2.5.STABLE9/src/fs/diskd/store_io_diskd.c:494:
++send_errors  100

should i  recompile new kernel to tunning message
queue.

Please be advice.

regards
reza
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

static route files

2005-07-15 Thread Reza Muhammad 
dear All,

In which file should i put my static route entry ?

regards
reza




Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs

Optimizing SQUID

2005-07-07 Thread Reza Muhammad 
Dear All,

Is there any trick to optimize squid in OpenBSD ?
please give me hint.

regards
reza




Sell on Yahoo! Auctions  no fees. Bid on great items.  
http://auctions.yahoo.com/