Re: 4.8 arrival!
On 29 October 2010 12:58, bsdmas...@hushmail.com wrote: Hello, Would you please consider uploading an iso image of your OpenBSD 4.8 to some public tracker such as thepiratebay.org? If you are unfamiliar with the process of making an iso-image out of a CD, or if you need help with the generation and upload of the torrent file, I may be of some help. Just ask. Thanks alot, this will be of great use for poor folks like me who cannot afford the expensive license fees. Yes, I said it, 50CDN$ is very expensive. Maybe the OpenBSD Company could setup something like MSDNAA, for stuents to get access to the software for free? Anyway, I'm getting off topic. PS: please people, stop bottom-posting. It forces me to scroll down to read the latest message, and I don't like that. Show some common sense! No. Buy the CD or wait for it's release. The irony of someone sending me this request, given what I do for a living, is too much to take. Again, no. Last I heard, the CD layout is copyright. Shane
Re: Low power OpenBSD machine
2009/4/17 Marco Peereboom sl...@peereboom.us I work with people that run io tools against flash parts. I still have to see it fail too. Your puny little firewall will never write more to it than a month long stress test. This write fatigue argument is very silly. Hey! My firewall may be puny in stature (Net5501), but he is Puffy hearted and on the Internet he is ten feet tall!
Re: Error updating 4.2 - permission denied
On 22/12/2007, at 12:47 AM, kim wrote: Could anyone offer some help with an upgrading problem with 4.2 - stable? The source tree and ports were installed from the official CD, and upgraded with: Update source tree: cd /usr/src cvs -d [EMAIL PROTECTED]:/cvs -q up -rOPENBSD_4_2 -Pd Update ports tree: cd /usr/ports cvs -d [EMAIL PROTECTED]:/cvs -q up -rOPENBSD_4_2 -Pd Rebuild the kernel: cd /usr/src/sys/arch/i386/conf /usr/sbin/config GENERIC cd /usr/src/sys/arch/i386/compile/GENERIC make clean make depend make Reboot the kernel: cd /usr/src/sys/arch/i386/compile/GENERIC cp /bsd /bsd.old cp bsd /bsd reboot Rebuild system binaries: rm -rf /usr/obj/* cd /usr/src make obj cd /usr/src/etc env DESTDIR=/ make distrib-dirs cd /usr/src make build = When rebuilding system binaries, I get this: /usr/src/gnu/usr.bin/binutils/gdb/observer.sh h /usr/src/gnu/usr.bin/binutils/gdb/doc/observer.texi observer.h /usr/src/gnu/usr.bin/binutils/gdb/observer.sh: Permission denied *** Error code 1 Stop in /usr/src/gnu/usr.bin/binutils/obj/gdb (line 1333 of Makefile). *** Error code 1 Stop in /usr/src/gnu/usr.bin/binutils/obj (line 21479 of Makefile). *** Error code 1 Stop in /usr/src/gnu/usr.bin/binutils (line 81 of /usr/src/gnu/usr.bin/binutils/Makefile.bsd-wrapper). *** Error code 1 Stop in /usr/src/gnu/usr.bin. *** Error code 1 Stop in /usr/src/gnu. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src (line 73 of Makefile). === I have cleared the /usr/src directory and reloaded the tree from the CD, and gone through the whole process again, but get the same error. Is this possibly an error from the CD or the CVS site? Thank you I am also seeing this problem. I am happy to change the perms to fix, however is this something that needs to be fixed at a root server? I installed on various i386 systems, at work and home, from an official OpenBSD 4.2 CD. I have tried various mirrors, with the same errors as above. Shane J Pearson
Re: Real men don't attack straw men
On 06/01/2008, at 9:47 PM, Richard Stallman wrote: Would you be so kind as to tell me the precise URLs where you found those quotes? If not, I will look for someone else who will do that for me. You know that saying, if you want something done right, you do it yourself? I'd be adhering to that, especially in cases where I put forth such controversial opinion in such a public display. Such an outspoken person should be well informed, lest he keeps choking on his own toe jam. Are you too good for Google? http://www.google.com.au/search?q=%22Run+GNOME+in+a+VMWare+Player+in+a+Linux+virtual+machine.+site%3Atorrent.gnome.org If you'd even bothered to go to the front page already quoted to you, you'd notice that that is where it is.
Re: delete deleted data
On 04/01/2008, at 8:19 AM, Brad Tilley wrote: One pass from /dev/zero is more than enough for all cases. I agree that after a single pass of zeroes, getting anything but zeroes from a fully working, unaltered drive is not going to happen. But if you remove the digital logic which masks residual signals via thresholds used to determine at what point a 1 is considered a 1 and a 0 a 0, then perhaps 1's and 0's could be restored from some drives. Through the use of a replacement device that samples each bit with a bit depth greater than 1, allowing analysis to interpret what I would have thought would not be constant uniform samples. I think more importantly, if it is comparatively very cheap to erase a drive in a paranoid manner and the leaking of that data could cost a fortune, then the comparatively small cost of paranoid erasure could be a risk worth taking. Shane
Re: delete deleted data
On 04/01/2008, at 12:21 PM, Harpalus a Como wrote: Myth? Why are you so upset about this? It's not myth. The techniques involved in recovering data in the manner Marco and the NSA, DoD, and many others describe isn't a matter of running a simple software tool. It's a long, slow, annoying process that is also costly. But it is possible. Not every company or person in the forensics industry is a master at their job. If they say it's not possible, perhaps it's just not something their software package does for them? (I'm not trying to be derogatory, but I do know a guy who does computer forensics work, and the software/hardware he uses is about all he knows. He just goes through the motions. Doesn't know all that much about filesystems or disks.) I agree. Most computer forensics people I have worked with, tended to stick to what they considered to be standard procedures with standard forensics software. They were mostly ex-police with computing training. I personally managed to get results which other forensics teams could not (or would not), which I believe was because I was willing to use some creative techniques that they wouldn't dare come to court with. As far as the data recovery industry goes, I think there are more frauds than experts advertising such services. Shane
Re: OT YAG Re: delete deleted data
On 06/01/2008, at 1:57 AM, Diana Eichert wrote: Any EE worth their weight in salt understands signal processing. I do believe a lot of younger engineers have grown up in the 1 0 digital world and forget about analog. I think the first computers I witnessed in a work place, were actually analog computers (Navy). Where a mix of humans, transistors, valves, gears and three-phase motors/sensors, got the job done.;-) Shane
Re: Real men don't attack straw men
On 06/01/2008, at 3:28 AM, Karthik Kumar wrote: On another hand we are not GNU/GPL and we don't mind our users installing non free software if it is what they want. The FAQ is where this needs to be documented for users to get their job done faster. If you don't mind users using non-free software, you shouldn't be putting the 'Free. ' in 'Free. Functional. Secure.' Huh? OpenBSD is built from free software and allows users the freedom to do what they please, even if that means running non-free software. You have a strange idea of free. An OpenBSD user exercising freedom of choice, by choosing to use some non-free software, does not make OpenBSD non or less free. Shane
Re: VPN
On 26/03/2007, at 6:22 PM, Siju George wrote: Most probably you are sufferring from the PPTP problem with OpenBSD and PF. This is an excerpt from his website The last time i talked with him he said he is writing a PPTP proxy for OpenBSD and PF just like the FTP-Proxy. So it should be available soon :-) Frickin works for me on OpenBSD 4.0... http://frickin.sourceforge.net/ Shane J Pearson shanejp netspace net au
Re: Microsoft gets the Most Secure Operating Systems award
On 23/03/2007, at 3:19 AM, Lars D. Noodin wrote: Symantic makes its living selling paper bailing cups in a leaky boat. ;-) The media actively participates in obfuscating the issues, the causes and the solutions by publicizing such crap from Symantic and MS. Yes. Symantec make their money from a long-term open wound. Symantec then provides creative research that makes that open wound look best. Talk about a conflict of interest. Symantec have been trying to demonise OS X for a long while. Shane J Pearson shanejp netspace net au
Re: Important OpenBSD errata
On 18/03/2007, at 4:25 PM, Shawn K. Quinn wrote: On Sat, 2007-03-17 at 19:08 +0100, Karel Kulhavy wrote: I also suggest that the list include the cumulative amount for each donor, sorted so that the biggest donors are at the top. To me, this makes about as much sense as publishing a similar list for penis size (and whatever its female equivalent would be). Money is not the only way to contribute to a project. I agree. The value of a dollar differs a great deal between different people. Shane J Pearson shanejp netspace net au
Re: OpenBSD-Entwickler wollten kritische Lu:cke kleinreden
On 16/03/2007, at 8:56 PM, Lars Hansson wrote: On Fri, 16 Mar 2007 10:08:02 +0100 Karel Kulhavy [EMAIL PROTECTED] wrote: http://www.heise.de/security/news/meldung/86730 And for the majority of the worlds population that doesn't speak German this says exactly what? There is an English version linked from the bottom of that page: http://www.heise-security.co.uk/news/86757 Although this news item looks like the typical over-hyped hysterics I have come to expect from journalists. Shane J Pearson shanejp netspace net au
Re: dmesg and fdisk do not match about usb external disk
On 13/02/2007, at 8:18 PM, frantisek holop wrote: how am i (and fdisk) supposed to make partitions on CHS boundaries if instead of 19457/255/63 fdisk sees the disk as 152627/64/32? What is the point in trying to align to such boundaries, when the physical HDD does not have 255 or 64 heads and those numbers are faked due to working around legacy limitations? Shane J Pearson shanejp netspace net au
Re: seeking hardware for hackathon
On 16/01/2007, at 5:07 PM, Nikolay Sturm wrote: the next OpenBSD Mini Hackathon will be the Filesystem Hackathon - hardware to build a raid with 2 or more TB Wow, this sounds really exciting. Shane J Pearson shanejp netspace net au
Re: Misreporting secondary SATA2 320gb hd size.
Hi, On 26/12/2006, at 4:11 PM, Merp.com Volunteer wrote: Strange problem here, seems only to show up under OpenBSD 4.0 so far (verified not a noticeable problem under Gentoo Linux 2006.1 or Suse Linux 10.1): 2 brand new SATA2 Seagate 320 GB hard drives, completely wiped/ unpartitioned. wd0 reports correctly as: total sectors = 625142448 total free sectors = 625142448 BUT wd1 reports incorrectly as: total free sectors = 16514001 That is a fraction of the drive. I tried re-wiping, partitioning, etc. to no avail. I sometimes see this sort of behaviour on freshly zeroed drives on my systems. Within disklabel, I use D to set default values and then b to set the OpenBSD disk boundaries. Since I dedicate drives for OpenBSD, that's from the beginning, to the end *. This has always fixed that problem for me. Shane J Pearson shanejp netspace net au
Re: Commands don't work after rm -rf /*
On 06/12/2006, at 12:14 PM, Bryan Irvine wrote: It's the anti-unix newbie avoidance system. I propose a source change to rm that *after* it has completed removing / it then displays a dialog that the system would prefer it if you ran windows millennium. ;) Oh man, that's low. I can understand being sentenced to Windows, but ME? That's harsh.
Re: network with pabx
On 30/11/2006, at 10:20 PM, [EMAIL PROTECTED] wrote: guys i want to hear some comments / suggestions from you. we are planning to network a company. using a cat5e, the 2 pairs(4 wires) will be using for LAN and the remaining 2 pairs(4 wires) will be use for pabx. 1000BASE-T requires all 4 pairs. Will this thread be involving OpenBSD? Shane
Re: Which tools the OpenBSD developers are using?
On 29/11/2006, at 11:43 AM, Zoong PHAM wrote: On Tuesday, 28 November 2006 at 18:12:48 -0500, Jim Razmus wrote: * Diana Eichert [EMAIL PROTECTED] [061128 18:09]: I use a soldering iron, dremel tool, sheet metal/plastic nibbler and solder wick. I am low budget developer so I use chopsticks, sushi and tap water. I hope you don't eat fugu! That would be blasphemy! Shane J Pearson shanejp netspace net au
Re: Which tools the OpenBSD developers are using?
On 29/11/2006, at 2:05 PM, Darrin Chandler wrote: C'mon! Stick to the real topic! I love tail, personally. When that doesn't do it, then head usually works. Careful doing that in a public forum. If you get caught, your GF/wife might use split on you. Shane J Pearson shanejp netspace net au
Re: Small patch for faq4.html
On 22/11/2006, at 10:27 PM, Karel Kulhavy wrote: I have ordered, because perceived OpenBSD as cool at that time. Now I don't see OpenBSD as cool anymore. The motivation for buying more is away. I am considering switching back to Gentoo on next major problem because the illusion of friendliness holding me to OpenBSD is away. Cya.
Re: Best nic/driver combination
Hi Pedro, On 16/11/2006, at 11:48 AM, pedro la peu wrote: I can easily get some Realtek 8169 based (not 8139!) re cards, some Intel gbit em (they seem less stable than fxp ?), and probably some sk (SMC 9452TX). I have been using sk(4) as my Gigabit card of choice with great success for some time now. In fact, I don't bother looking for anything else. I pump lots of Gigs through them daily with never a hitch, on old PIII junkware PC's. There are probably alternatives with better maximum performance, I've never needed to find out. The fact that they cost new about the same as two packs of cigarettes (in the UK) is a pretty convincing bonus. Yes, sometimes I feel like I should buy them in bulk. I am afraid that one day the chip-set will disappear for another cheap yet inferior one. And the vendors won't mention anything on the box. I can't get D-Link DGE-530T Rev B1 cards to work in Sun U5's and U10's, yet the Rev A1 cards work fine. I think the move to Rev B1 has caused the cards to only work in PCI 2.2 slots and not older PCI 2.1. Even though the printing on the box of Rev B1 cards still claims that it will work in PCI 2.1 slots. All I seem to be able to source now are the Rev B1 cards (which incidentally work fine in a Blade 150). Since they're so cheap, how long until a vendor like D-Link changes the chipset and then just ship a different Windows driver CD? If I had the money at the moment, I'd buy them in bulk so I have some for myself and my customers. I realise there are other sk options, but since they can be so cheap, I fear they will change. Can anyone recommend a cheap sk which is still capable of working in a PCI 2.1 slot? I was hoping to switch from fxp to sk in my 5 interface Sun U10 firewall at home, but I only have 2 sk's (out of a desired 4) which work in it. Shane J Pearson (hoping to see some affordable 4 interface sk NIC's) shanejp netspace net au
Re: video hardware determination
Hi Michael, On 09/11/2006, at 2:08 PM, Michael Hernandez wrote: Is that expected behavior? Of course not... and for the record, no it doesn't work with the same automagic goodness on the evo at work (I think it's the card in the evo, the monitor is exactly the same as the one I have at home) but if you haven't tried to just run X without any config file... give it a go! You might get a pleasant surprise! For a long time now (many releases ago) I have noticed that often after a fresh install of OpenBSD, I can type startx as the first thing after logging in for the first time... and X just comes up. Shane J Pearson shanejp netspace net au
error in if_em.c building -stable kernel on sparc64
at ebus0 addr 3023f0-3023f7, 706000-70600f, 72-720003 ipl 39 not configured clock1 at ebus0 addr 0-1fff: mk48t59 flashprom at ebus0 addr 0-f not configured audioce0 at ebus0 addr 20-2000ff, 702000-70200f, 704000-70400f, 722000-722003 ipl 35 ipl 36: nvaddrs 0 audio0 at audioce0 hme0 at pci1 dev 1 function 1 Sun HME rev 0x01: ivec 0x7e1, address 08:00:20:ff:b5:f1 nsphy0 at hme0 phy 1: DP83840 10/100 PHY, rev. 1 vgafb0 at pci1 dev 2 function 0 ATI Mach64 GP rev 0x5c wsdisplay0 at vgafb0: console (std, sun emulation), using wskbd0 pciide0 at pci1 dev 3 function 0 CMD Technology PCI0646 rev 0x03: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide0: using ivec 0x7e0 for native-PCI interrupt atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: LITE-ON, LTR-52246S, 6S0F SCSI0 5/ cdrom removable cd0(pciide0:0:0): using PIO mode 4, DMA mode 2 pciide0: channel 1 disabled (no drives) ppb1 at pci0 dev 1 function 0 Sun Simba PCI-PCI rev 0x13 pci2 at ppb1 bus 2 siop0 at pci2 dev 1 function 0 Symbios Logic 53c875 rev 0x14: ivec 0x7d0, using 4K of on-board RAM scsibus1 at siop0: 16 targets sd0 at scsibus1 targ 0 lun 0: FUJITSU, MAU3036NP, 0104 SCSI3 0/ direct fixed sd0: 35068MB, 49158 cyl, 2 head, 730 sec, 512 bytes/sec, 71819496 sec total siop1 at pci2 dev 1 function 1 Symbios Logic 53c875 rev 0x14: ivec 0x7d1, using 4K of on-board RAM scsibus2 at siop1: 16 targets pcons at mainbus0 not configured No counter-timer -- using %tick at 440MHz as system clock. root on sd0a siop0: target 0 now using tagged 16 bit 20.0 MHz 16 REQ/ACK offset xfers rootdev=0x700 rrootdev=0x1100 rawdev=0x1102 Any pointers to where I am going wrong, or how I can fix this, would be very appreciated. Shane J Pearson shanejp netspace net au
Re: error in if_em.c building -stable kernel on sparc64
Hello, On 08/11/2006, at 11:01 AM, Jason LaRiviere wrote: Shane J Pearson wrote: Hello, I am getting an error in if_em.c when trying to build a -stable kernel on sparc64. It stops with this error: /usr/src/sys/dev/pci/if_em.c: In function `em_rxeof': /usr/src/sys/dev/pci/if_em.c:2446: error: structure has no member named `align_buf_len' The correct header file seems to have been committed. You should cvs up and try again. I have updated and the new -stable GENERIC compiles and boots fine. Thanks Theo, Brad and the others who gave me the heads up. Shane J Pearson shanejp netspace net au
Re: How to take two screenshots?
Hi Girish, On 05/11/2006, at 6:39 PM, Girish Venkatachalam wrote: I have setup a multiboot machine with 4 OSes, gentoo,NetBSD,OpenBSD(but of course :-) and FreeBSD on a single hard disk. Now I want to do two things. a) Take a screenshot of the grub splash screen at bootup b) Take a screenshot of the wdm screen Can you guys help out? You could run a setup like this within VMware Workstation and then take screenshots of the VMware window. You can point VMware at a real raw disk (the one you have already installed to), instead of a disk image. If that does not work for you, you might have better luck starting from a clean VMware disk image and re-installing those OS' within it. Since the VMware machine will likely have different hardware. Shane J Pearson shanejp netspace net au
Re: m-o-o-t - some decisions
On 21/10/2006, at 1:38 PM, Peter Fairbrother wrote: [5] stored data.Later I'm too drunk now:) Can't wait. Somehow I think this thing they call a moment of clarity is highly over rated. Shane J Pearson shanejp netspace net au
Re: pppoe slow on openbsd
On 20/10/2006, at 12:59 PM, Chris wrote: So just I am Asking kindly again after 5 years. No you aren't. Regardless of where the pppoe implementation is broken, have you considered DSL MODEM/routers with half-bridge mode? You can get them to take care of the PPPoE/A and then they just pass the IP traffic through to your OpenBSD firewall/router. The MODEMs you have now might already be capable of doing that for you. BTW, the MODEM does not perform NAT, so your firewall will still face the bare Internet. PS, you are really rude. Shane J Pearson shanejp netspace net au
Re: bsdstats.org WOW
On 19/10/2006, at 11:28 AM, Constantine A. Murenin wrote: OpenBSD seems to lead in most sampled countries, though... Although it is a bit strange that the UK, Russia and Japan are missing from Top 10... Yes, I thought Russia would be up there. http://www.google.com/trends?q=OpenBSD Shane J Pearson shanejp netspace net au
Re: update to -stable
Hi Shohrukh, On 19/10/2006, at 1:11 PM, Shohrukh Shoyokubov wrote: I updated to -stable as described in FAQ and everything worked from the first run. I can't believe everything works. Usually this kind of updates make a lot of problems, but not with OBSD. Well done OBSD team! That's what happens when you use a system which is developed well and as a whole. You can get used to that with OpenBSD. Enjoy! Shane J Pearson shanejp netspace net au
Re: pfctl
Alexander, On 13/10/2006, at 9:12 PM, Alexander Belikov wrote: I want to fix a problem on one of my servers. The problem is 2 admins 1 server :( Both of us have a root access to it. It was a will of our Top Managment.. This is not an OpenBSD issue. Management needs to appoint one of you to be senior over the other. This way both of you could even still have root access if need be, but one of you calls the shots as far as policy goes at that level. If management won't do that, you'll need to deal with the problem until you can find a job elsewhere where management have a clue. If you need to spend a lot of time managing management and the problems they create, then it might be better for your career and sanity to move on. Shane J Pearson shanejp netspace net au
Re: RMS vs TdR (WAS: Re: OLPC)
Breen, On 13/10/2006, at 1:20 AM, Breen Ouellette wrote: Hmm. Let's see. Jack's original post is listed in its entirety below. I do not see any quotes around the word interesting. If you read it then you may agree that his meaning is obvious, you may not. I replied to this... http://marc.theaimsgroup.com/?l=openbsd-miscm=116050963816462w=2 So yes, I posted an abrasive message to the list in an attempt to curb such discussion from taking place again. You posted an abrasive message to prevent a flame war? Nice work. Where your particular misunderstanding seems to come into play is where you see Jack reference his earlier message, the one posted below, by quoting the word interesting. He was not implying anything. He can speak for himself, which is why I asked him. He said 'interesting' a few times, so I was intrigued by that. Even Bob Beck asked 'How so?...'. You either missed part of the thread or were fishing for an argument. Actually, you missed part of the thread. The part I was actually replying to. PS - I would avoid bringing up donations as a way of indicating that you are supporting the project. If you dig back in the lists you will find a post I made to another list, ports@ maybe, asking a question with the request that replies be sent to my email as well as the list, as I was not subscribed to that list. I got slammed for not supporting the project by participating in the list. I replied that I participate in misc@ instead because I can actually be useful there (sometimes) and that I donate to the project. I was then accused by several parties of attempting to buy help by bringing up my donations, when I was merely trying to indicate that I *DO* support the project in the ways available to me, as you did above. Two different situations. I am obviously not trying to buy support. I was merely trying to make my honest intentions known. When I make a donation, it is for real. I don't want or expect anything in return for it. That's why it is a donation. Mentioning that I have donated was just to show that I do actually care about OpenBSD and am most likely therefore not trolling for flames. In fact, for the cost of a $300 (.au) SCSI card, I don't feel that would be payment enough for even a single day for a single developer, for what they do with their skills. I wouldn't dare expect anything in return. I am merely grateful for what I get. I hope this is the end of this ridiculous waste of time. A single, pro-OpenBSD, throw away comment should not have come to this. Shane J Pearson shanejp netspace net au
Re: RMS vs TdR (WAS: Re: OLPC)
Breen, I am replying to this in full because I want my intentions known. I'll leave it at this. On 12/10/2006, at 2:58 AM, Breen Ouellette wrote: Jack J. Woehr wrote: On Oct 10, 2006, at 5:38 PM, Shane J Pearson wrote: By interesting, you mean one is well meaning, but a little kooky and not always in touch with reality and the other is focused and committed to maintaining some sanity in the world of computing? No, I didn't mean that. I meant that both gentlemen are personal friends of mine and that the contrast between these two giants of free and open source software could hardly be more striking. Obviously there are elements trying to start an RMS/GNU versus TdR/ BSD holy war. If you are referring to me, you are right off the mark. I never mentioned GNU or BSD and had no intention of starting anything. It was just a throw-away comment in support of the OpenBSD leadership. If you don't find it interesting that two men could take a stand for free and open ideals, and yet interpret those ideals so differently, then fine, it isn't interesting to you. I never said it was not interesting. If you don't like RMS (or TdR for that matter) or his version of free and open ideals, then fine, you have the right to feel that way in most locales. I'm not particularly fond of RMS' views and ideas myself. I very much respect both, but lean towards Theo's ideals and line of practical thinking, which is always very thought provoking for me. But that is just me. I wouldn't waste time trying to start a flame war, because this is just my opinion and I don't want to waste misc@ users time. I do now see that I probably just should have kept my opinion to myself, because it could be misinterpreted and was probably not worth mentioning. But when you reply to the original poster's message feigning that you don't understand his point, well, then you come across as stupid. An inquisitive child could understand the difference between these two mens' views, and understand that some people might find it interesting. Who are you referring to with this? Am I the stupid person for finding a vague comment to be vague? If I don't ask, then I can only make assumptions with something like: '...um... interesting' And my comment was mostly meant in jest. Really, truly stupid. And willing to share it with the rest of the world on a public mailing list, no less! Brilliant! I, when confronted with a vague comment, ask a question for clarification. Which admittedly was meant more of a humorous, rhetorical question. Whereas you, confronted with something also vague (to a lesser extent), choose to read a LOT into it and then go on the attack, publicly with a tirade against a bunch of incorrect assumptions. So which is more stupid? If you want to start a holy war about the merits of these two positions then start a thread, preferably somewhere else, and howl into the wind. Nobody cares. We've all made up our minds about which side of the fence we are on. You aren't going to change my mind, or anyone else's. You are only making yourselves out to be a bunch of idiots. I think you have rather made quite the arse of yourself, Breen. I can now see the danger of a holy war erupting from my oversight, but mostly due to presumptuous people like you, who shoot first then ask questions later. This sure doesn't help the image of the OpenBSD user base at all. When we aren't taken seriously it is, in part, because of childish melodrama like this thread. Frankly, I don't much worry about the perception of the OpenBSD user base, because I think any negative perceptions towards it as a whole would be unfounded. There are idiots in every user camp. However this user camp makes up for them and then some, with some really helpful decent people on the list. I just temporarily put them on my twit list. But in the past 7 years or so, I've only put ONE person from misc@ in my twit list and I've since taken them off, now that they've become more reasonable. PS - Jack, some friendly advice, you are only encouraging them each time you reply. They obviously don't care about why you find interest in this subject. They only want to find a way to link you to RMS and then trash you. You find a lot of things obvious for a guy who is so presumptuous. For the record, I respect the intentions of RMS and I highly respect the intentions and practical thinking of Theo, the OpenBSD project, the developers and much of the user base. I've been enjoying OpenBSD since 2.5 and I try to buy OpenBSD items and donate whenever I am financially able. I tried to donate brand new SCSI disks when Theo asked for them for the older machines and I purchased a brand new SCSI card for an Aussie developer and had it sent to him, while I was mostly unemployed with small funds. My intentions are honourable here. I messed up by touching
Re: OLPC
Hello Jack, On 11/10/2006, at 5:35 AM, Jack J. Woehr wrote: Because they're both very strong personalities, both of whom I've met personally and whom I've interviewed for Dr. Dobb's Journal, and I find the contrast between them ... um ... interesting. By interesting, you mean one is well meaning, but a little kooky and not always in touch with reality and the other is focused and committed to maintaining some sanity in the world of computing? Shane J Pearson shanejp netspace net au
Re: Launching the Internet
James, On 16/09/2006, at 8:32 AM, dilbert wrote: My question is simple- I'm a relative newbie at BSD so please bear with me. I'm trying to launch the internet; so I open a terminal and go percent sign 'Internet' at the prompt ie: %internet and it doesn't work. What gives??!! It appears from my end that you are trying to use the internets in big truck mode. Please remember, the internets big truck mode has been deprecated. You should now be using the internets in series of tubes mode. Your leaf node is currently blocking the internets. As a result, my internets are currently blocked also. Did you remember to prime the percent commands with the appropriate tilde-hash-bang flush commands first? To force the blockage out? /usr/bin/plunger and /dev/caustic- soda might be able to help you also. Please %man afterboot before doing anything else. You are probably also blocking the OpenBSD developers internets, in which case they will not be able to perform CVS commits. Please hurry, as this may push back the release date of OpenBSD 4.0! I hope this DoS vulnerability will be addressed in OpenBSD 4.0. We users are counting on you James. You are our only hope. Shane J Pearson
Re: preferred hardware platform
Hi Joachim, On 09/09/2006, at 10:02 AM, Joachim Schipper wrote: And seriously, how does one manage to fill a TB of data? video, lossless-compressed music, backups from a bunch of machines, none of our business really (-: I'll grant you the latter, but still... well, let's just say that that 40 GB tapedrive I mentioned is plenty for backing up everything I admin. Just imaging my girlfriends Thinkpad comes out to greater than 40GB (compressed image size). Then there are all my machines and files. I like to have both recent user file backups and also relatively recent (monthly) whole disk image backups to quickly recover from a failed disk. Re-installing Windows anything or even Mac OSX to a much lesser extent, is a pain in the bum. Shane J Pearson shanejp netspace net au
Re: Serial Console and /etc/ttys
On 08/09/2006, at 5:21 AM, Woodchuck wrote: I used to do this with an Ohmmeter with a paperclip soldered to each lead. Sometimes I'd bribe a hardware guy with doughnuts to use his oscilloscope. Some people might find that when soldering a wire to a paperclip, that they get a bead of solder *around* the paperclip, with the bead of solder having wet the wire nicely, but then get no connection at all between the wire and paperclip. Between the solder and paperclip, you might just get an insulating tube of cooled, hardened flux, preventing the connection. I'd rather use solid core wire which is thick enough to poke into the holes. Shane J Pearson shanejp netspace net au
Re: ambiguities around burning CD
Hi Karel, On 06/09/2006, at 6:13 AM, Karel Kulhavy wrote: So the possible values for dev= according to this documentation are so far dev=0,0,0 dev=/dev/cd0a:0,0,0 dev=/dev/cd0c:0,0,0 dev=/dev/rcd0a:0,0,0 I use: cdrecord dev=/dev/rcd0c ^ ^ Which works fine for me. Shane
Re: DVD to distribute OpenBSD Packages (Re: about signing OpenBSD packages)
Hi Joachim, On 01/09/2006, at 11:11 PM, Joachim Schipper wrote: Now *that* would suck. Most of my i386 boxes won't read a DVD, and I'm fairly certain that getting a sparc to read a DVD isn't as easy as making a i386 do the same. I have a Lite-On DVD-ROM drive temporarily hanging off a Sun Ultra 5 which is running 3.9-stable as of ~ 25th Aug (while I tinker with making bootable sparc64 CDR's). Intrigued by your comment, I popped a Solaris 9 DVD into the drive and mounted it as -t cd9660. It mounted and I can see files. Same deal for a DVD movie (UDF?). Shane
Re: WPA support / creating a cf image
On 2006.08.03, at 10:41 PM, Ryan Corder wrote: First, get past the notion of secure wireless...it doesn't exist. The best solution for a more secure wireless network is for you to implement a WEP-encrypted environment and establish a VPN over it. What about an open wireless network, which does not allow anything to be routed out of the OpenBSD WAP unless it is authpf authorised. Then only VPN traffic. This couldn't be considered secure enough? Shane
Re: hard drive problem
Travers, On 2006.08.01, at 11:23 AM, Travers Buda wrote: On Mon, 31 Jul 2006 20:10:23 -0400 Chris [EMAIL PROTECTED] wrote: If all is lost, you can wipe the disk with BCWipe (www.jetico.com) then test again with Spinrite. This has recovered several disks for me. Wipe it with dd if=/dev/zero of=/dev/rwd0c count=10 You suggest only wiping the first 5k bytes of a drive?
Re: Using dd(1) to duplicate a hard drive
Hi Chris, On 2006.08.01, at 2:00 PM, Chris Zakelj wrote: Went back about two years in the MARC archives with the terms 'copy drive' (oddly enough, 'dd' itself wouldn't work), and got plenty of linux examples on Google (that pretty much say what I propose anyway) but no luck... I'm hoping to find a faster way to create an image of one drive (a Samsung MP0402H, 40G notebook, to be specific) onto an identical drive than using: # dd if=/dev/rwd0c of=/dev/rwd1c bs=1m Hardware to be used in the copy is an i586/166, Intel 430VX chipset. I vaguely recall hearing that placing the drives on separate IDE channels would help, but any and all other pointers, cluesticks, and proddings are welcome. Do you have lots of drives to clone like this? This thread could take longer than the copying of a drive. I occasionally dd copy my 100GB laptop drive to an external firewire drive, using a FreeBSD install CD [1]. Only takes about 1 hour including compressing with gzip. Backup: dd bs=64k if=/dev/{raw_drive} | gzip | split -b 50m - backup.dd.gz. I split the files into 50m chunks because they fit well on CD's and DVD's and I don't have problems trying to burn or copy the files to something which has file size limits. Restore: gzcat backup.dd.gz.* | dd bs=64k of=/dev/{raw_drive} If you want, you can always substitute the raw_drive for a slice and just backup slices. Shane [1] Only using FreeBSD for this because it supported the new ATA and firewire chipsets on my VAIO. ; )
Re: looking for clue
Why people give life to a thread which starts like this is beyond me... Hi I'm looking for clue. Does anyone have any? Please stop. The most effective response at the beginning would have been silence.
Re: USB keyboards / encryption
Hi Tony, On 2006.07.10, at 12:17 PM, Tony Abernethy wrote: Security is a process Slogan for snake-oil? I would prefer, Security is an ongoing process. Something which you can't just buy and be done with and something which does not end. Shane
Re: hints for scanning msdosfs patters?
Hello Vladas, On 2006.07.06, at 9:56 PM, vladas wrote: I have fd up the first 10Mb of the 3Gb fat disk (not partition, the whole 3Gb disk) full of windoze shit. Then, due to time limits, made some of sort of backup of the mess with dd and put Puffy into that disk (dedicated install). The problem is that management needs some of that stuff back ... I would be grateful if anybody could give any hints on how to grep the 3Gb backup image for any msdosfs patterns so that I could get at least some of the individual files back. Sorry for asking it like that instead of just reading mount_msdos src silently - maybe someone had this before.. I am posting this to misc@ because Puffy is the only OS I run. Do you have access to a Windows machine? The best file recovery applications for FAT file systems I have found, are Windows apps, oddly enough. I have had great success with Get Data Back. It is comparatively very cheap yet was the best I have tried even amongst file recovery apps costing thousands. They sell the FAT and NTFS versions separately. In fact it finds files from multiple old file-systems which even the Forensic Tool Kit does not find. I have used GDB ($ $) to compliment FTK () in the past. Last time I tried GDB, I believe it accepted images as one large image, or images broken up into portions, but with the limitation that the portions must be 688,128,000 bytes in size. If you need to run GDB on a system limited to 2GB files, then use split(1) to break the big dd image into the size GDB needs. The standard suffix split uses is fine for GDB. Run GDB against the files, answer a few simple questions and after a while you might find a file listing of the old files, ready to be copied off. BTW, GDB *can* get data back even if both FAT's are completely gone (it has for me). http://www.runtime.org/gdb.htm BTW, I have no affiliation with Runtime. It just saved my bacon once under a pretty bleak situation (girlfriends data! Yikes). I've since recommended it to others who also found it to get their data back. A friend of mine had a motherboard die, he was using the motherboards built in IDE RAID 0. I told him about GDB, I thought he tried it and it worked for him. But I've since noticed that Runtime now has recovery software specifically for disks used in a RAID, which might have been what he used. Regardless, Runtime even got his files back. Good luck, Shane
Re: hints for scanning msdosfs patters?
Hi Nick, On 2006.07.07, at 2:51 PM, Nick Guenther wrote: I've used R-Studio and it works quite well (and quickly so long as you keep your computer out of screensavers and things). It's somewhat expensive at 100$. It works by just scanning the disk for signatures of files, and is usually able to recover a lot. http://www.r-studio.com/ $100 seems cheap to me for something which works, given the desperation when it's needed. Seems like a small tax on people who don't keep decent backups. Like me, once upon a time. ; ) I've been wanting to try R-Studio, since it has FFS support. I'll switch to it if it's as good as GDB. Shane
Re: Where to start studying OpenBSD networking code
Hi Joakinen, On 2006.06.28, at 11:24 PM, joakinen wrote: Is there any diagram of how every piece of code retales to the others? I don't know how relevant it is to OpenBSD, if at all, but I seem to remember getting a BSD TCP/IP network stack diagram poster with the boxed set of TCP/IP Illustrated (1-3). Shane
Re: lightweight openbsd
Eliah, On 2006.06.27, at 12:08 PM, Eliah Kagan wrote: On 6/26/06, Damien Miller wrote: just please don't bug people on OpenBSD lists about private hacks like this. I, for one, find discussion about private hacks like this to be valuable. And I think it falls under the heading of, Miscellaneous discussion about OpenBSD, which happens to be the official description for this list. Except that a private hacking apart of OpenBSD leaves something which is no longer OpenBSD and thus not pertinent to this list. The resulting discussion is due to the breakage's, not OpenBSD and is just going to waste the time of people interested in the real thing. If there was enough interest in a whittled down OpenBSD, then they could make their own list. Shane
Re: Pulled out an old song..
Hi Jason, On 2006.06.16, at 6:05 PM, Jason Stubbs wrote: Very interesting article. However, I still don't see how ripped audio might change on each ripping. CD audio data was designed to be constantly streamed. Read into a FIFO buffer, which in turn is read from a DAC with quartz precision. The disc spinning speed does not need to be constantly accurate since the FIFO employs low and high watermarks. This causes the disc to be constantly sped up and slowed down with the result being a duty cycle of slower and faster spinning which averages out to the correct spin speed. This is to keep data in the FIFO, but never completely filled or allowed to empty. Without the FIFO, this would not be acceptable since the sound would speed up and slow down and pitch would suffer. As a result CD's would need to spin very accurately and this would be a lot harder and more expensive to do and not be able to match the accuracy allowed with a FIFO. These particular FIFO's can be written to, read from and provide watermark signals independently at differing speeds, without either blocking any other. This constant streaming design is perfect for what CD audio was designed for: to play audio CD's in audio CD players. ; ) CD audio data was not designed to allow stopping and starting with the expectation that the data will marry bit perfect without any redundancy or loss. When you press pause/play on a CD player, it is unlikely that you are going to notice a small portion of data loss or a small portion of music which already played, so the limited addressing (not block perfect) is acceptable in the intended application. However, if you could capture each portion and then play them one after the other without the pause, you are likely to notice a stutter (redundancy occurs) and/or a click/pop (redundancy or loss occurs). Since computers like to work in portions, ripping audio from a CD can cause the requests to start and stop, instead of constantly stream. But the format is not designed to gracefully handle that. This can cause errors (repeated data or lost data) which differ with each rip, due to conditions not necessarily being the same each time (and of course a single bit error will cause a different hash). This is why CD paranoia exists. CD paranoia reads back a little with each new portion of the stream read and then tries to find where the overlapping data at the end of the previous stream matches the beginning of the new stream. It then joins them so that there should hopefully be no repeated or lost data, discarding the redundant data in the process. The use of CD paranoia will increase the chances of getting the same hash from a rip, but it can only do the best with what it is given from the drive under variable conditions. Also, CD audio data has weaker error detection/correction than CDROM data, so marginal reads have a greater chance of giving differing results. Combine the random nature of noise with marginal data and weak error detection and that noise can colour the output in an unpredictable fashion which is not constantly repeatable. It would not surprise me if you could get exact same hashes on subsequent rips, but it also would not surprise me if you did not. Shane
Re: system lock-up - RTFM?
Hi Breen, On 2006.06.07, at 4:39 AM, Breen Ouellette wrote: Of course not. It doesn't even tell you if your memory is bad. It can if you use it to identify a potentially faulty module and then move that module to another slot or machine and the problem follows the module (as reported by memtest86), instead of following the machine or original problem slot. I have a faulty DDR2 SODIMM in my laptop which memtest86 shows to fail in the same place every single time. This machine has 2 SODIMMS. If I swap their positions in the memory slots in my laptop, memtest86 shows the errors follow the module to the other slot, while showing the original potentially faulty slot to be fine. Same deal if I swap the memory between my laptop and my girlfriends. Problem follows module. I take that as memtest86 being able to tell me that my memory is bad. It's the same as with many tools. As you already alluded to, you can get more accurate measurements with more thorough testing process. But as far as I am concerned, memtest86 can be used to identify bad memory. Shane
Re: one drive in a raid 0 failed, can I save any data?
Hi John, On 2006.06.02, at 1:57 AM, John Brahy wrote: For a couple weeks I was running without backups and one of the drives died. Is there a way to recover any of the data from the drives? How dead is the drive and how desperate are you? I have imaged a clients ide drive which was doing the spin-up and keep spinning for a few minutes and then spin-down, thing. The slow disk death where you get excited about copying your data, then it dies mid-copy, you try lots of times to copy, it does the same thing each time and then the drive eventually never spins up again. What I did in that case, was image with Ghost and when the drive spins-down, pull the power plug on the drive alone, then plug it back in to get a few more minutes of copying. Keep doing that until the whole drive is imaged. Thankfully, this worked perfectly for me. I only mention Ghost because I have only tried this with Ghost and Ghost did actually tolerate this abuse and patiently waited for the drive to become responsive again and then continued. I don't know if this would work with other imaging type software. Seems scary, so I suppose if you want to try this you should do it on an expendable PC or perhaps an external enclosure. Ghost has a forensic option where it copies all data regardless of partition types and file-systems, which you'll need in this case since Ghost knows nothing about FFS and even if it did, it's striped. If you manage to get a full image, get an exact same drive and restore the image to it, then you might get lucky. Another thing I have seen successfully done when a drive would not spin-up at all, was a PCB swap from an exact same drive (model/ firmware). If you try this, image the drive and then restore to another disk. Since when I saw this done, the newly fixed drive with different PCB died only days later in the same way. As if something inside the drive killed something on the outer PCB. Good luck, I hope you have some option. Shane
Re: Linksys support... hmm
Hi Lasse, On 2006.04.30, at 8:38 PM, Lasse Bach wrote: I also need to know if v5 of the WMP54G uses a Ralink Technology RT25x0 chip? Are you unable to avoid it? Maybe someone on the mailing list can provide me with an answer to: 2. Why are such information not available to their customers? Because they suck (the company). I wonder if a PCI-minipci card with a minipci RT25x0 based card might be good for you? From RAL(4): The following Mini PCI adapters should work: Amigo AWI-922W. Billionton MIWLGRL. Gigabyte GN-WIKG. MSI MP54G2. MSI MS-6833. Tonze PC-620C. Zinwell ZWX-G360. Shane
Re: pf firewall question
On 2006.04.30, at 11:34 PM, S t i n g r a y wrote: enterprise firewall what is the diffrence between pf MS ISA / cisco pix or checkpoint ? performance ? stability or features ? Marketing which is designed to put a fright into people who have responsibility for systems and data which are not theirs. That marketing then takes the frightened IT manager and gives them the warm fuzzies by talking about enterprise level support, SLA's, industry standards, well chosen (and seemingly bogus) TCO case studies and sometimes horror stories of people who did not choose to use them. It is all bullshit though. Because all that is designed to get your money and the enterprise systems cost in a big way... then they start talking about on-going support. I've worked in some places which had 5 figure (AU) support contracts for firewall, IDS, etc and the systems were flakey (reboot every few days to weeks!), the phone support was shit and the people that came out were clueless. The difference is marketing targeted to the people that matter to the vendor. The easily frightened managers and not the nerdy types who would rather put together a couple of decent quality machines with OpenBSD, pf and CARP, etc. Shane
Re: OU812
On 2006.04.29, at 4:43 PM, Greg Thomas wrote: Wow, I guess we had to be there. Something like that. With only a few sleeps to go, some people are feeling silly for Puffy. It seems that a little silliness helps to fight against the sad seriousness of what OpenBSD is up against... http://www.openbsd.org/lyrics.html
Re: Sun 220R, cdrom problem
For the archives (until Sun moves things around again)... On 2006.02.12, at 7:50 PM, Brad wrote: I just thought I should point out the fact that some Sun systems need firmware updates. The 220R specifically needed an update on the system that was used for the initial OpenBSD/sparc64 port, I do not know the details as to why that was necessary. Unfortunately with the change in licensing of Solaris and the way Sun supports Solaris and their systems you can no longer download these updates from the SunSolve FTP site without a support contract. I do not know if its possible to find these updates elsewhere. It seems that the patches for these machines are still publically available. I patched a U60 recently and found this: ftp://patches.sun.com/patchroot/all_unsigned/ Since it is a large list of patches, here are links to the latest versions available at that ftp for the OpenBSD supported machines: Blade 100/150 79 ftp://patches.sun.com/patchroot/all_unsigned/79-10.zip ftp://patches.sun.com/patchroot/all_unsigned/79-10.README Enterprise 220R 106455 ftp://patches.sun.com/patchroot/all_unsigned/106455-11.tar.Z ftp://patches.sun.com/patchroot/all_unsigned/106455-11.README Enterprise 250 106503 ftp://patches.sun.com/patchroot/all_unsigned/106503-09.tar.Z ftp://patches.sun.com/patchroot/all_unsigned/106503-09.README Enterprise 420R 109082 ftp://patches.sun.com/patchroot/all_unsigned/109082-05.zip ftp://patches.sun.com/patchroot/all_unsigned/109082-05.README Enterprise 450 106122 ftp://patches.sun.com/patchroot/all_unsigned/106122-11.tar.Z ftp://patches.sun.com/patchroot/all_unsigned/106122-11.README Enterprise 3x00/4x00/5x00/6x00 103346 ftp://patches.sun.com/patchroot/all_unsigned/103346-30.tar.Z ftp://patches.sun.com/patchroot/all_unsigned/103346-30.README Netra T1 200111991 ftp://patches.sun.com/patchroot/all_unsigned/111991-07.zip ftp://patches.sun.com/patchroot/all_unsigned/111991-07.README Netra X1111952 ftp://patches.sun.com/patchroot/all_unsigned/111952-03.zip ftp://patches.sun.com/patchroot/all_unsigned/111952-03.README Ultra 1 104881 ftp://patches.sun.com/patchroot/all_unsigned/104881-09.tar.Z ftp://patches.sun.com/patchroot/all_unsigned/104881-09.README Ultra 1E104288 ftp://patches.sun.com/patchroot/all_unsigned/104288-09.tar.Z ftp://patches.sun.com/patchroot/all_unsigned/104288-09.README Ultra 2 104169 ftp://patches.sun.com/patchroot/all_unsigned/104169-08.tar.Z ftp://patches.sun.com/patchroot/all_unsigned/104169-08.README Ultra 5/10 106121 ftp://patches.sun.com/patchroot/all_unsigned/106121-18.zip ftp://patches.sun.com/patchroot/all_unsigned/106121-18.README Ultra 30105930 ftp://patches.sun.com/patchroot/all_unsigned/105930-06.tar.Z ftp://patches.sun.com/patchroot/all_unsigned/105930-06.README Ultra 60106455 ftp://patches.sun.com/patchroot/all_unsigned/106455-11.tar.Z ftp://patches.sun.com/patchroot/all_unsigned/106455-11.README Ultra 80109082 ftp://patches.sun.com/patchroot/all_unsigned/109082-05.zip ftp://patches.sun.com/patchroot/all_unsigned/109082-05.README Shane J Pearson
Re: Port collection missing...
On 2006.04.29, at 2:04 AM, S t i n g r a y wrote: Well i just installed my First OpenBSD BOX :) feels good !!! but to install packages i cannot find ports collection in /usr how can i get them ? i am using 3.7 version. You have chosen to use 3.7 just days before it will be unsupported due to the 3.9 release date coming up (1st May). You might be better off re-installing 3.8 or waiting for 3.9.
Re: OpenBSD 3.9 stable from cvs
On 2006.04.14, at 11:05 PM, Srebrenko Sehic wrote: Well, I wonder how people who pre-orded their CDs, got them, installed 3.9-RELEASE and run Sendmail are going to patch their systems? Use the source code from the CD's themselves and then download the patch from http://www.openbsd.org/errata.html and apply?
Re: PPPoA and OpenBSD
Hi Dave, On 2006.04.09, at 7:03 PM, Dave Harrison wrote: Is it not possible to configure in a way similar to a ppp PPPoE setup ?? I have a modem that I'm connecting to via ethernet, then it plugs into the phone line. Does your MODEM have a half bridge mode? My DSL MODEM/router employs a half bridge mode, but calls it MODEM mode. With that mode, you can have the MODEM log in to your ISP and deal with PPPoE or PPPoA and then the MODEM just passes the IP traffic to its ethernet port. In that mode you can leave the MODEM/routers DHCP server switched on and your connected machine will get the IP assigned from your ISP through the MODEM. I used to use PPPoE with my provider in Australia, but tried PPPoA using this method and it works great. I wanted to try PPPoA because I was having some stability issues with PPPoE, however the problem turned out to be the MODEM. I stuck with PPPoA because I can use an MTU of 1500. The MODEM deals with the logging in and PPPoA and my firewall just sees the IP traffic without any NAT being done in the MODEM. Maybe this a possible solution for you? Shane
Re: laptops needed
Gustavo, On 2006.04.10, at 10:13 AM, Gustavo Rios wrote: Excuse gentleman, but i don't see any rationale behind that tense: one could argue that people who live in such places should not have computers) I believe that's humour. Who wants to code when you've got island life outside? Palm trees, fishing, swimming, bikinis, seafood, etc. I think drinking beer under a palm tree beats drinking beer at a keyboard any day. Also, maybe from Theo's perspective, I've heard tell that it can get pretty cold in Canada.
Re: Music made with OpenBSD
Hi Alexandre, On 2006.04.02, at 8:32 AM, Alexandre Ratchov wrote: for the last step i used another box (pentium III at 550MHz), since the first one died. A PC died in the making of that song? I hope you will dedicate that song to him/her. Great music BTW. Watch out Ty! ; ) Shane
Re: 3Ware 9500S-12
Hi MichaE, On 2006.02.24, at 10:24 PM, MichaE Koc wrote: can someone confirm that 3Ware 9500S-12 does or does not work with OpenBSD ? Based on what I last I heard, I think the most important point is that 3Ware the company, does not work with OpenBSD the project. Shane
Re: openbsd and the money
On 2006.03.24, at 5:23 AM, Theo de Raadt wrote: http://openssh.com/usage/graphs.html Wow, no wonder ssh.com spouts so much FUD. They are quickly converging on extinction.
Re: Reminder about the X Aperture
Hi Theo, On 2006.03.14, at 9:41 PM, Theo de Raadt wrote: Well, recently we have changed our minds, because we still feel that the aperture is too dangerous. And the vendors keep finding creative ways to squeeze more and more evil into their video cards! Please be aware that other operating systems don't even have an aperture device, because they simply let root processes talk to the video cards (via /dev/mem). Their X servers also run entirely as root, while ours is now privilege seperated and running jailed as user _x11. Even so, our privilege seperated X server is talking directly to the IO registers of a video card with much evil in it. And many newer video cards are very smart, capable, and thus dangerous. So we have concerns. Are these new programable cards capable of reading main memory, which OpenBSD would not be able to prevent if machdep.allowaperture were set to something other than 0? Shane
Re: Reminder about the X Aperture
Thanks Theo, On 2006.03.15, at 5:22 AM, Theo de Raadt wrote: Are these new programable cards capable of reading main memory, which OpenBSD would not be able to prevent if machdep.allowaperture were set to something other than 0? Yes, they have DMA engines. If the privilege seperate X server has a bug, it can still wiggle the IO registers of the card to do DMA to physical addresses, entirely bypassing system security. Wow. As if running a binary blob was not bad enough, video card binary blobs are suddenly found to be all-powerful. Shane
Re: Pre-orders for our releases.
On 2006.03.10, at 1:29 AM, Craig wrote: When the new edition of Artymiak's pf book comes out, I'll get that through Wim, also. Anyone heard any news about Jacek's new book? It's supposed to be put out by O'reilly still? I've been eagerly awaiting it. Shane
Re: Sun Ultra 1 and Ultra 5
Hello Gustavo, On 2006.03.04, at 2:51 AM, Gustavo Rios wrote: These machine are very old, and hardware documentation has been lost. It has a serial port, doesn't it? Sun Ultra 1 Service Manual: http://www.sun.com/products-n-solutions/hardware/docs/pdf/ 802-3819-10.pdf Sun Ultra 5/10 Service Manual: http://docs.sun.com/app/docs/doc/805-0423-12?q=Ultra+5 I don't know if these are the latest versions. Shane
Re: SMP process control
On 2006.02.27, at 1:45 PM, Sgt. Stedenko wrote: Also, have there been any efforts into Ethernet device polling in the bge drivers? On a gigabit network the interrupts are eating a large portion of the cpu0 and thought it might help the situation. http://marc.theaimsgroup.com/?l=openbsd-miscm=114064960816689w=2
Re: Utilisation of free memory as disc cache: tweaking is required?
Hi Hannah, On 2006.02.20, at 11:21 PM, Hannah Schroeter wrote: Just one effect you have to care for, on Linux (which *has* a unified VM/buffer cache system) we mkdir many directories (e.g. hashed buckets like squid uses them, just a few more, 256 * 256, to be precise). It was quite long (at least into the Linux 2.4 series) that that worked like this: mkdir completed quite fast until the memory was filled with dirty blocks, then the box *hung* completely until all the dirty blocks were actually written to disk. This isn't acceptable. And it's not acceptable for something like grep foo (a list of names of long files) pages out every program. The Linux UBC doesn't seem to perform very well either. Assuming I tested this correctly, I wrote a simple script to read a large file (larger than half available RAM but less than total available), over and over again (hundreds of times) just to /dev/null. NetBSD and FreeBSD read the file from disk once, as noted from the activity light and then flew through the remaining re-reads super fast from RAM (FreeBSD being the faster of the two). I expected this behaviour from Linux, but instead Linux constantly read the file from disk _extremely_ slowly (found on various Linux distros). Much much slower than OpenBSD which also read the file from disk each time. Is OpenBSD way too different now from NetBSD to port their UBC code? Shane J Pearsonshanejp netspace net au
Re: network distributed storage with windows?
Hi, On 2006.02.16, at 6:58 PM, A Rossi wrote: My apologies to those of you who use console-based mail clients. I'm still trying to figure out how to get Thunderbird to wrap my text at 72 characters. Yes, I know about the setting under Tools Options, but that doesn't seem to be working correctly... I use this marker in my sig and newline manually in Apple Mail because I haven't found out how to make Apple Mail wrap at 72. Shane J Pearsonshanejp netspace net au -|
Re: network distributed storage with windows?
On 2006.02.17, at 1:37 AM, Shane J Pearson wrote: I use this marker in my sig and newline manually in Apple Mail because I haven't found out how to make Apple Mail wrap at 72. For any OSX Mail and OpenBSD users who I might have led astray here, forget I said this. Someone pointed out to me off list that OSX Mail supports x-flow and thus manually wrapping is not needed. Shane
Re: network distributed storage with windows?
Hi, On 2006.02.16, at 12:53 PM, A Rossi wrote: He asked me if I could partition all of his workstation computers (running windows XP Professional SP2) with a windows partition, and a hidden partition which occupies most of the disk, that is accessible over the network to OpenBSD (actually he asked for FreeBSD, but I will change his mind...) to back up his server. Years ago while working for an educational institution, I cobbled together some programs to allow some classroom machines to be brought back to SOE automatically every night after classes, as long as the machines were switched off at the end of the day. I used the automatic power ON feature on the PC's to switch them ON automatically at 11pm, and then Smart Boot Manager, which has boot schedule features which could be configured to automatically boot a hidden DOS partition if the PC's were booted at around that time. That hidden DOS partition would then run Ghost to restore the WinNT partition to SOE. Once that was done I had a small util power the machines OFF. Smart Boot Manager can be configured with a boot delay of zero seconds, so the staff should never see it. One thing you might be able to do, is if those PC's have the auto power ON feature, use smart boot manager to do much the same, but boot OpenBSD instead and maybe run Samba to receive those backups. Then have OpenBSD power those PC's off before work begins the next morning. Maybe rsync or Unison would be better. Having said all that, you really should be convincing him that a real backup scheme should be employed. That is dodgy. The backups could be corrupted through a multitude of ways or copied by a savvy malicious staff member. What if there is a fire? Shane J Pearsonshanejp netspace net au -|
Re: higher resolution on tty
Hi JCR, On 2006.02.13, at 10:27 AM, J.C. Roberts wrote: I know of no hardware query to determine supported character modes and when I think about it, the task might actually be impossible; your system graphics/video/framebuffer card may support some character mode that your monitor/terminal does not support. Since there is no feed back Aren't character modes built into displays a thing of older displays and terminals? I thought that when a modern video card is in a text mode, it is actually rendering bitmapped text characters to a bitmapped frame buffer, which then gets sent to the display like any other image at that given resolution? But this resolution is limited to that which the card uses and going beyond that would require a software controlled text to high-res frame buffer? Shane J Pearsonshanejp netspace net au -|
Re: X11 exploit info
Hi Craig, On 2006.02.13, at 10:31 PM, Craig M wrote: However, it has raised my suspicions to a higher level. The book is copyrighted in 2003, long before I subscribed to this list and maybe even heard of OpenBSD really. Thing is, why would somebody who has assisted in the writing of this excellent book, be posting such troll-like pieces to this list? I've always found Dave to be polite and even in the face of this recent abuse, which seems excessive to me. I don't think Dave intends to be coming off as a troll. He's maybe just feeling a little paranoid at the moment since he has apparently become the victim of a hacker. I wonder if Dave is finding himself torn between asking questions here to people he respects a great deal and not wanting to ask because of the responses he has been getting? Shane J Pearsonshanejp netspace net au -|
Re: PF or BPF
Hi Dave, On 2006.02.14, at 12:53 PM, Dave Feustel wrote: Marco, I would like to add that I appreciate the work you and the rest of the crew are doing to develop OpenBSD. It might be best in the future to first outline what you've done to research your questions and then ask the question. Otherwise people will think you've done nothing and the thread will start with flames. Leaving us hanging with the X vulnerabilities and providing no details is not a good way to start with that either. Persisting with that behaviour after people have asked for details would only fan the flames. If you gave details in the first post, people here qualified to answer could have put that to rest quickly and you would not be building up a reputation. Bye for now, Shane J Pearsonshanejp netspace net au -|
MS Security VP Mike Nash remarks on MS vs OpenBSD security.
What an incredible load of tripe!... From:http://interviews.slashdot.org/article.pl?sid=06/01/26/131246 ~~~ OpenBSD by hahiss How is it that OpenBSD is able to be so secure by design with so few resources and yet all of Microsoft's resources cannot stem the tide of security problems that impact everyone, including those of us who do not use Microsoft programs? Nash: First, I should say that OpenBSD includes a relatively small subset of the functionality that is included in Windows. You could argue that Microsoft should follow the same model for Windows that the OpenBSD Org follows for their OS. The problem is that users really want an OS that includes support for rich media content and for hardware devices, etc. So while OpenBSD has done a good job of hardening their kernel, they don't seem to also audit important software that are used commonly by customers, such as PHP, Perl, etc. for security vulnerabilities. At Microsoft we're focusing on the entire software stack, from the Hardware Abstraction Layer in Windows, all the way through the memory manager, network stack, file systems, UI and shell, Internet Explorer, Internet Information Services, compilers (C/C++, .NET), Microsoft Exchange, Microsoft Office, Microsoft SQL Server and much, much more. If a software company's goal is to secure customers, you have to secure the entire stack. Simply hardening one component, regardless of how important it is, does not solve real customer problems. Second, it is not completely accurate to say that OpenBSD is more secure. If you compare vulnerability counts just from the last 3 months, OpenBSD had 79 for November, December and January compared to 11 for Microsoft (and that includes one each for Office and Exchange - so really 9 for all versions of Windows). I encourage you to look at the numbers reported at the OpenBSD site to verify that this is true. ~~~ Shane J Pearsonshanejp netspace net au -|
IBM admits that Puffy is the best defense!
Howdy, http://www-8.ibm.com/e-business/au/operations/businesses.shtml? ca=auhomepageme=odbmet=051209defence ; ) Shane
Re: OpenBSD VMWare image too popular
Julien, On 09/01/2006, at 1:10 PM, Julien Bonastre wrote: The guy is delusional and has NO basis for his argument. I think your response here (along with the rest) is exaggerated. Don't worry mate, you've got your head screwed on right. This guy Graham still goes to work in a horse and carriage, and whilst I'd love to be back in the ages, unfortunately evolution has caught up with us.. Look again Julien. Graham said: If it's that popular it's worth setting up a torrent! I assume your overly enthusiastic rant was supposed to be directed to Bob? Who I think does not like the thought of running some random, binary only, already installed, take it as it is, disk image of OpenBSD. If someone where to go to the trouble of testing the integrity of every single file in that disk image, they probably would be expending more effort than doing the install itself. Yeah, okay, it is good for the VMware player, which only plays existing images. Some people may get something out of the image and that is great. But like Bob, I'll pass. I don't think anyone should be flamed for not wanting it though. Just because Bittorrent can be used to share data while keeping the integrity of the original file intact, does not mean that you can't share dodgy shit with it. I'm not saying that this VMware image *is* dodgy, BTW. What I am saying is that Bob and others most likely need trust to be earned and that trust does not just come in an instant. I'm not talking about Bittorrent here either, I'm talking about the VMware image. Shane J Pearson
Re: RAID on AAA-131U2
On 29/12/2005, at 8:01 PM, RedShift wrote: I've set up a RAID 0 set on two 9 GB SCSI disks, using an Adaptec AAA-131U2 controller. However, when I want to install OpenBSD on it, I get asked for which disk should be the root disk. Ofcourse, I see two disks, sd0 and sd1. This probably means that the hardware RAID on the AAA-131U2 isn't supported, as I see the same with linux. Will it ever be supported? I think you might be asking the wrong people. Try asking Adaptec if they are confident enough in their own products to back them up with open documentation. Shane
Re: UltraSparc documentation
Craig, On 08/12/2005, at 11:05 AM, Craig Skinner wrote: I'm going to be buying some hardware for offiste colos next year and was thinking of getting some used Netras. The Sparc64 support page: http://www.openbsd.org/sparc64.html Shows various Netra machines as being supported. Shane
Re: openbsd web site design proposals (from HOTO write bad docs)
On 29/11/2005, at 4:47 AM, frantisek holop wrote: hmm, on Mon, Nov 28, 2005 at 05:32:54PM +0100, Otto Moerbeek said that It's even a FAQ: http://www.openbsd.org/faq/faq8.html#wwwnotstd doesn't mean it's right, does it? The OpenBSD project does not fix the broken browsers which visit the site, so they fix the site instead, when required. I think it is just as likely that the site could be made 100% compliant and then a future browser is further broken in some way, requiring another fix to the site. So why not just address an issue when it actually becomes one? Seems practical to me. Shane J Pearson
Re: openbsd web site design proposals (from HOTO write bad docs)
Hi Nick, On 29/11/2005, at 4:36 AM, Nick Holland wrote: Unfortunately, I care about the work I do. I do read (or at least skim) every message (ok, almost every...I've started an ignore list of people who warrent not ever giving a response to) that goes through misc@, looking for a tidbit that might really be significiant. It's funny you should mention this. Just recently, for the first time in about 14 years, I was provoked into starting a Twit List due to some complete fool in this list. It seems I have some updating to do. I mostly read misc@ for the interesting discussions, however there has been an annoying amount of worthless chest beating lately. Like a gorilla, it seems to be all show. Shane J Pearson
Re: OT: Quad Ethernet cards feedback on OpenBSD
Hi Johan, On 17/11/2005, at 9:48 PM, Johan P. Lindstrvm wrote: The D-Link cards are bad and do not work well under OpenBSD (pre 3.8 I haven't used them with 3.8). You should avoid them. the D-Link Card DFE-580TX works under OpenBSD, but their greatest advantage is that they are cheap (around 100 Euro in Germany). Don't expect to much performance. I do not agree, I have 10 or 12 D-Link DGE-530T running 3.7 atleast since CD release time and no issues what so ever, they are attached as sk(4) devices and I couldn't be a happier camper. Though that is most likely due to the chipset, not D-Link as a brand. These cards are very cheap, some 20 euros a pop in here in Sweden. Browse the OpenBSD metastore and/or the manual pages, em(4) and sk(4) should get you started on your quest. He was talking about the 4 port DFE-580TX, which I have seen other people complain about in the past. Completely different to the DGE-530T. Shane J Pearson
Re: timekeeping on Soekris net4801 w/ ntpd. 3.8
J, On 16/11/2005, at 1:20 AM, J Moore wrote: It *is* an inaccurate statement of what ntpd is doing to the system's time. ntpd is your product - if you're happy with this little flaw, then that's fine - leave it as is. But again, The emperor has no clothes! The word adjusting does not imply an instantaneous action or completed action, because the ing on the end implies that the process is still taking place. If the line said adjusted by, then you would have a point. But it doesn't, so you don't. It seems that Henning's English is better than yours. Can this be dropped now? Or do you need to continue making a big deal out of nothing? Shane J Pearson
Re: timekeeping on Soekris net4801 w/ ntpd. 3.8
J, On 15/11/2005, at 9:42 AM, J Moore wrote: Prior discussions notwithstanding, the fact is that the log messages are misleading. I *understand* now... if the log messages were written differently, I never would've had to ask. Reasonable person scenario: o Notice odd ntpd log entries. o #man ntpd o Notice SECOND paragraph says: ntpd uses the adjtime(2) system call to correct the local system time without causing time jumps. Adjustments larger than 128ms are logged using syslog(3). The threshold value is chosen to avoid having local clock drift thrash the log files. o Crisis averted. I don't know who Henning is, and I don't know what he voted no to, but if he voted against a clear log message, then he voted yes to confusion. Come on. You've been haunting these lists for long enough to know who Henning is. Cut the theatrics. Shane J Pearsonshanejp netspace net au -|
Re: OT: Compact Flash Longevity; was Re: dd image file to compact flash takes very long
On 09/11/2005, at 6:38 AM, Alexander Hall wrote: Has anyone else out there been brave enough to go rw on their CF cards? Results? I have been brave (read: lazy) enough to keep my Soekris running with a single root partition mounted r/w on my (home) gateway Soekris box since i got it for my birthday in June (how pleased I was to see 3.7 pre-installed on the CF - thanks Wim :) ). No massive traffic, but I expect it to log stuff quite regularly (i just noticed the pflog adding in general at least one packet per minute). I have a Sandisk Ultra II 1GB in my Sun Ultra 10 firewall which has been r/w for a little more than 6 months now. Nothing special as far as logging goes yet. No problems. Took the plunge after Henning pointed out the Sandisk longevity calculations document. Shane J Pearson
Re: OT: 10 things i hate most on unix
On 07/11/2005, at 1:17 PM, [EMAIL PROTECTED] wrote: Everything is a stream of bytes. Reminds me of that saying which goes something like... How do you eat an elephant? One mouthful at a time. Microsoft tries to put the whole elephant in its mouth all at once, then dies choking on it. Then the elephant it blamed. Shane J Pearson
Re: OT: 10 things i hate most on unix
On 06/11/2005, at 3:32 PM, Damien Miller wrote: Don't bother giving the publication the benefit of the page impressions. If anyone still wants to read it, but wish to avoid the adverts, this is the printer friendly version: http://www.informit.com/articles/printerfriendly.asp?p=424451
Re: OpenBSD CDROM layout definition, Copyright Infringement.
Hi Nick, On 05/11/2005, at 11:09 AM, Nick Holland wrote: If you publish a book, and I duplicate it in every way EXCEPT that I change one character in one location, or the color of the cover, or insert a page with the text, THIS PAGE INTENTIONALLY LEFT (almost) BLANK, I can argue that it is a different book (different md5!), but I suspect you would feel cheated, and the courts would probably agree. I believe a lawyer friend of mine would refer to this situation as the two being substantially similar. However the legal copyright sense of substantially similar can be _ridiculously_ miniscule. Shane J Pearson
Re: preventing OS fingerprint
Hi Damien, On 04/11/2005, at 9:56 AM, Damien Miller wrote: why care? fingerprinting is such a non-issue, and spending effort to avoid it is just security through obscurity. Ignoring whether blocking NMAP scans is effective or not... I agree that it is not good to rely on obscurity. But I don't see anything wrong with obscuring a detail which people don't need to know. What do you have to gain and what do you have to loose from holding that info back? And what do you have to gain and what do you have to loose from advertising it? If someone wants to know what you are running, to ease their attack. Then why not make it a little harder for them? That extra time could help you or a process detect the random attacks and work against the attacker. Not that there is much likelihood of a patched OpenBSD getting rooted though. Conversely, I guess advertising OpenBSD could make them go away. ; ) Shane J Pearson
Re: a truly openbsd day
Hi Uwe, On 01/11/2005, at 10:36 PM, Uwe Dippel wrote: Seconded. I still keep thinking that an initial install isn't sooo difficult. Rather simple, that is. But when I look at our desktops ( 500), who'll ever do the upgrade once per 6 months (or a larger upgrade once per 12 months) ? Are a large chunk of those 500 mostly the same config but with different user data in /home? Let's be realistic, there is no way to ftp... patch... make... pkg_add -u... manually on a larger number of systems. If you have a large number of desktops which are identical in configuration, then would it not be possible to have a staging desktop machine(s) which you bring up to date with patches and then have its binaries served to the appropriate desktops as need be? Perhaps you could even spread the rollout to the desktops out with different machines checking for updates on different days of the week. So as to minimize load on the staging desktop and also minimize potential damage. Or am I missing something which makes this impractical or impossible? Fork is no solution, as far as I can see. Just the opposite is needed. Absolutely. Shane J Pearson
Re: Make a backup
Hello Abel, On 31/10/2005, at 10:23 PM, Abel Talaversn Estevez wrote: If I make the backup with 'dd if=/dev/wd0c of=/image bs=512' the image is a file of about 2 GB because the hard disk is of 40 GB. But with a 'du -sh /' I can see that all files are only 221 MB. The file is probably 2GB because that is the largest a single file can be on the file system you are saving it to. How could I do it to achieve a smaller image? The last option is using 'tar' but I prefer to have an image. Is it possible? To save file system images from BSD's, I use: dd bs=64k if=/dev/ | gzip | split -b 640m - backup.dd.gz. This gives me 640 MByte chunks of a gzip compressed image of /dev/ The files start with the suffix .aa and increment alphabetically like: .ab .ac etc. To restore I use: cat backup.dd.gz.* | gunzip | dd bs=64k of=/dev/ I choose 640 Mbyte chunks, because they seem to be a good compromise for a size which fits well on both CDR's (1) and DVDR's (7), without too much waste. I choose a block size of 64kb because it seems to provide the fastest transfer rates for me. Testing this now, using a 512 byte block size I get about 3Mb/s regardless of whether gzip is being used or not. But using a block size of 64kbyte I get rates which range from 10-36Mb/s, depending on how compressible the data on the disk is. 36MB/s seems to be the fastest rate this disk can sustain. I fill Unix file systems with a big file full of zeroes and then delete that file, so that gzip can do a good job with areas of the file system which held old less-compressible data. For Windows file systems I use Eraser to do the same. http://www.tolvanen.com/eraser/ Shane J Pearson
Re: Sun Ultra 5 as a firewall?
Hey Joe (where are you goin' with that OpenBSD CD in your hand?), ; ) On 10/10/2005, at 11:02 AM, Joe S wrote: After doing my own tests, I found that the Ultra 5 was too slow to perform near wire-speed throughput. TEST 1 - Sun Ultra 5 360MHz dc0 and dc1 are Phobos 430TX quad nic, PCI card [ 4] 0.0-10.0 sec 42.1 MBytes 35.3 Mbits/sec TEST 2 - Supermicro, Intel P4 3GHz em0 and em1 Intel PRO/1000CT (82547EI), onboard nics [ 4] 0.0-10.0 sec 96.1 MBytes 80.7 Mbits/sec Your Ultra 5 iperf results were so far off my 333MHz Ultra 10 firewall, that I decided to do some testing with my 360MHz Ultra 5. I previously thought the 360MHz had 512kbyte of L2 cache, but it's actually 256kbyte in my U5 and it seems there is a 256k 360MHz (for the U5) and also a 2Mbyte 360MHz (for the U10). I thought that maybe that much more L2 would be much better for pf than a few extra MHz. The end point machines running iperf are FreeBSD 5.4 RELEASE. One is a 2.13GHz Pentium M Sony notebook with a GigE Realtek and the other is an AMD XP 2800+ desktop with an fxp. Nothing else changed except for the CPU module. Here are the results: Direct crossover connection: 94.1 Mbits/sec. 360MHz in the Ultra 5: pf OFF: 67.2 Mbits/sec pf ON: 47.3 Mbits/sec. 333MHz in the Ultra 5: pf OFF: 77.0 Mbits/sec pf ON: 74.0 Mbits/sec. Seems like that little 256k L2 in the 360 hurts pf performance badly. According to http://sunsolve.sun.com/handbook_pub/Systems/U5/spec.html you can put a 333MHz or 400MHz CPU with 2Mbyte L2 in the Ultra 5. I've seen these on Ebay. I'm using a U10 for the extra PCI slot allowing me to have the 5 NICS I need for my current desired config. The U10 apparently can also go to 440MHz with 2Mbyte L2. I wonder if the U5 could take this anyway? I currently am only using 1 memory bank in my U10 and U5. I'd be curious to see if these numbers change using both banks interleaved. Shane J Pearson
Re: Sun Ultra 5 as a firewall?
Hi Matthew, On 11/10/2005, at 7:03 AM, Matthew Weigel wrote: Have you considered a multi-port card...? I did. I was hoping to find a quad port fxp, but couldn't find one. I know of the quad port dc's, but I've heard a few times of problems with them. Since I already had an Ultra 10, I just ordered a 5 pack of cheap fxp's (so I have one a spare too). I know I've got an Ultra5's 400MHz processor in my Ultra10, and it works fine. A quick Google turned up http://docs.sun.com/app/docs/doc/805-7763-12/6j7a690su?a=view too. Thanks for that. I looked at a few docs at sun.com which showed conflicting info about the CPU modules the U5 could take. I thought I had seen somewhere once that the U5 could take the 440, but I couldn't seem to find it this time. I will be avoiding the 256k and 512k L2 cache UltraSPARC's from now on. 256k L2 and the awful IDE performance make this little U5 pretty slow as a desktop. I'd like something nice and quick to compile OpenBSD sparc64. My 300MHz macppc is WAY faster than my U10, out of interest. Would people recommend a U60 or U80? Having the decent L2 caches which they can come with? Are they much quicker than Blade 100/150's? Thanks, Shane J Pearson
Re: RAID cards in sparc64 hardware?
Hi Bob, On 11/10/2005, at 7:29 AM, Bob Ababurko wrote: in reading the thread about running pf on an ultra 5, I saw that people were running fxp NICs in them. I started thinking about the possibility of running a Mylex Acceleraid 250 or any other RAID controller that OpenBSD supports in an Ultra5. http://www.openbsd.org/sparc64.html I asked this a few years ago and the most interesting answer I got was to use a supported SCSI card and an external SCSI cage which performs the RAID and setup itself. I have been caught up in thinking that these nics and RAID controllers needed to be run in i386 hardware. So I just tested out my realtek NICs, and they work in the sparc64, what about RAID controllers that I have always associated with PC's? You may find some SCSI cards which come installed in Sun machines actually have the x86 centric built in firmware utilities, which you should find work if you plug them into an x86 PC. Seems they are just re-badged OEM boards. I got an LSI SCSI controller in the U5 I got off Ebay (which was a nice bonus because it was not listed as having it), which has the firmware setup program you expect when using cards in x86 PC's. Shane J Pearson
Re: Sun Ultra 5 as a firewall?
On 11/10/2005, at 7:54 AM, Matthew Weigel wrote: Why not look at quad-port GigE cards? I know for sure em(4) has available quad-port cards. I will for the future. It doesn't make it any faster as a server, either. ;-) I've got an Ultra-Wide or Ultra2 SCSI card in my Ultra 10, and it seems to make a world of difference; the IDE controller is only used for the DVD drive. Yeah I've heard that using SCSI in U5/U10's makes them run like whole new machines. An old PII 300 I had gets about double the transfer rates over the U10 with the same old 20G drive. Both running OpenBSD at the time. I think the U60/80 would be overkill, since you won't get the extra processors... and I'm not sure how much the extra cache will help. Cache isn't always a winning way to go faster; it's only useful while instructions and data that get cached get accessed multiple times. Once your cache gets large enough, adding more doesn't accomplish anything. I'll hold off on that E5500 purchase then. ; ) I had thought that 4Mb L2 would be beneficial for making release. U5's and 10's are so cheap at the moment on Ebay. I picked up the U5 for about $40 Aussie. I've seen U60's go pretty cheap too. I don't mind overkill if the price is right (except when overkill is 25 amps, 3 phase at 3.5kW, putting out more heat than your typical central heating). ; ) Shane J Pearson
Re: dual DVI graphics card
Hi Aaron, On 07/10/2005, at 7:37 AM, Aaron Glenn wrote: I wasn't clear enough in my original post. I'm looking to run 1920x1200 on two DVI monitors; and I'd like some sort of OpenGL hardware acceleration support, however minor. None of the ATi chipsets currently support 1920x1200 on two DVI monitors. My Sony Laptop has an ATI Radeon X600 Mobility which has a 1920x1200 LCD and a DVI on the docking station which I can seemingly set to 1920x1200 (even all the way up to 2048x1536). I would have thought the internal connection to the LCD would be equivalent to DVI at least? Shane
Re: USB to RS232
For anyone who might have a Nokia DKU-5 USB-Phone cable. Mine is a Chinese copy, however is recognised as a Prolific PL2303 USB-Serial adaptor and might be able to be hacked into use as a USB-RS232 cable. I only paid about $20 Aussie and would like to put some 9-pin connectors towards the phone end of the cable to allow dual use. Bear in mind that I don't know if a genuine Nokia DKU-5 cable also works in this fashion, because this cheapo DKU-5 is not a drop-in replacement for the genuine Nokia and requires its own driver in XP distinct from the Nokia driver. In other words, the real DKU-5 might not be recognised as a serial adaptor in any BSD. On 07/10/2005, at 10:23 PM, Rod.. Whitworth wrote: Mine cost $AUD30 inc GST and I got change. Go figure. Shane J Pearson
Re: dual boot XP , Openbsd
Hi Roelof, On 09/10/2005, at 3:02 AM, Roelof Wobben wrote: When install Openbsd after XP i get a problem regarding the install instructions. You need to be specific if you want people to be capable of helping you. But when i first install Openbsd and then XP i think XP is not working well because i heard that XP wants to have the first partition. XP does not have to have the first partition, although it does like to see the partitions numbered sequentially in the partition table in the order the partitions are actually found on the disk. This won't bite you until you run Disk Management in XP, when it will change the partition table numbering to be sequential without even asking you. If you have XP in the first partition (1st on disk and as the 1st in the partition table), then installing OpenBSD to the 2nd should not cause a problem. I use Smart Boot Manager to choose between XP and OpenBSD. If you have XP in the first partition (1st on disk and as the 1st in the partition table), but it is near the end of the disk and you will be installing OpenBSD in free space before that partition, but as partition 2, then XP will no longer be able to find system files at boot time because it is brain dead and counts partitions as where they actually are on the disk, instead of where the partition table says the appropriate partition is. Edit boot.ini to fix this. If you run Disk Management at some stage in the future, Microsoft will ruin your day again and you might wonder what the hell happened (it will re-order the partition table to be reflect what partitions are found on disk in the order that they are found). If you create an unused partition 1 at the beginning of the disk, and then install XP after that in partition 2, you might be able to later install OpenBSD in partition 1 without any further trouble. I can't remember if the XP installer allows installing to a partition other that the first, but it can certainly be changed later. None of my dual boot OpenBSD/XP or FreeBSD/XP machines have XP in the first partition. Shane J Pearson
Re: Sun Ultra 5 as a firewall?
Hi Joe, On 08/10/2005, at 6:28 AM, Joe S wrote: Is anyone on the list running an Ultra 5 as firewall? I would like to move my firewall from an overpowered P4-3GHz box to a Sun Ultra 5 360MHz. My main concern is wondering if the Ultra 5 is slow enough to become a bottleneck from one interface to another interface. However, I know some of you run Soekris boxen and 486's for firewalls, so I may be just fine. My firewall is a Sun Ultra 10, which uses the same mainboard as the Ultra 5. Mine is the 333MHz 2Mb L2 cache model with 128Mb RAM. I have 4 fxp's in addition to the built in hme. Between fxp's, with FreeBSD 5.4-RELEASE i386 at both end points of an iperf test, I get about 66Mbit/s with pf ON and about 76Mbit/s with pf OFF. My ruleset is pretty bare at the moment and I just did an iperf -s at one end and an iperf -c $IP at the other. At one end the NIC is a GigE Realtek. So this was using: fxp---fxp|fxp---realtek GigE I don't know if having an fxp in place of that Realtek would have been better. I've heard the GigE Realteks are actually not too bad as compared with what you could expect from their older rl abominations. I also have an Ultra 5 with I think a 360MHz 512k L2 cache CPU lying around doing nothing at the moment. I might test it too as I'd like to know whether the MHz or cache size matters more here. Shane J Pearson
Re: looking for reliable USB printer
Marc, On 05/10/2005, at 5:39 AM, Daniel Martini wrote: I bought a Kyocera FS-1010 in July 2004 for 249,- EUR. Probably one of the cheapest blackwhite Laser Printers having native PostScript (actually KPDL2, Kyoceras PostScript dialect). Works flawlessly up to now. Plug in I know you are looking for USB, however if you are avoiding printers with a network connection because they tend to be expensive, then... I have not tried the USB functionality, however I have a Kyocera FS-1020DN. My FS-1020DN also does postscript (in the printer), plus duplex, came with an internal 10/100 print server and does 20 A4 ppm. I have always just printed through the network. The duplex functionality half ejects the paper and brings it back through the printer, so the speed is more than halved when doing duplex printing. It is not a dodgy GDI Win printer. It seems cheap to me considering these features. Doing a quick search, I find these brand new at around $630 Australian and 450 Euros at French stores. Shane J Pearson
Re: Something hosing my msdos/FAT32 file system
Hi Jan, On 29/09/2005, at 4:14 PM, Jan Johansson wrote: Let me then tell you how Windows XP flushed my USB drive to bitheaven because i used fdisk to make a normal partition table on it. XP has stuffed me up too on occasion. I try to stay well away from 2000/XP Disk Manager. (Is that what it's called?) From memory, if your partitions are not in sequential order (2,1,3,4 for example) and you then run Disk Manager, it fixes the situation, but what you end up with is Windows partitions that are okay, but any non MS partitions are hosed. Why they can't just leave a working config alone is beyond me. Another thing that has annoyed me in the past, is that the boot loader for XP at least (I think possibly also 2k), does not count partition numbers from what the partition table states, but actually where they appear on disk. If I have a blank area reserved as a future partition 2 at the beginning of the disk and Windows has partition 1 after that, if I later use the blank area say for OpenBSD as partition 2, I think I am safe because the partition number for Windows has not changed. Think again, Windows no longer boots. So I have to fix it by changing the boot.ini entry. Then one day if I accidentally run the disastrous Disk Manager, I am stuffed once again. Also, I always safely remove my USB storage devices and wait for the access light to go out and every now and then I suffer from lost files or sometimes even entire file systems. MS provides some crazy situations with their own systems. I agree that MS is hardly a role model for this sort of stuff. BTW, I have not noticed any problems with -t msdos. Maybe I don't use it often enough. Bye for now, Shane J Pearson