Re: Bug OpenBGPD, IPv6 peer gets cleared, never gets up again

On Tue, Mar 10, 2009 at 02:46:56PM +0100, Arnoud Vermeer wrote: Hi, Elisa and I were looking at the production-pilot logs last night and noticed the following: I finally found some time to look into this and your dumps. The problem is actually with withdraws that are still totaly fucked

Re: halt -p does not powerdown ThinkPad X200 under 4.5beta

Linux Windows halts successfully on HP Pavilion dv6312, while FreeBSD sometimes fails the same as OpenBSD. OpenSolaris rarely fails. On Tue, Mar 10, 2009 at 7:09 PM, Thomas Pfaff tpf...@tp76.info wrote: On Tue, 10 Mar 2009 17:49:52 +0100 Thomas Pfaff tpf...@tp76.info wrote: On Tue, 10 Mar

Nginx: filedescriptors, users and login.conf confusion

Hello, I've been running Nginx with php-fastcgi and am sometimes experiencing the 'too many files open' error messages. Investigating the solution I am confused about which user (or userclass in login.conf) I should give more filedescriptors. Setup (single machine) - Nginx deamon running

Re: OpenBSD 4.4 amd64 bsd.mp can't detect 16GB memory

Prakshep Dineshchandra Patel wrote: Hi every one, I have installed OpenBSD 4.4 amd64 on Dell PowerEdge 1950 which contain 16GB of ram. As in that kernel 'BigMem' is already set to 1. But during boot time I can see 4GB instead of 16GB ram. When I use 'Top' command it will shows

mismatch output net-snmp -current

i found mismatch output from snmpwalk in -current net-snmp, sample bellow r...@cadangan[patches]# snmpwalk -v 1 -c public localhost .1.3.6.1.2.1.4.20.1.2 IP-MIB::ipAdEntIfIndex.10.100.0.1 = INTEGER: 1 IP-MIB::ipAdEntIfIndex.10.100.66.1 = INTEGER: 5 IP-MIB::ipAdEntIfIndex.10.100.67.1 = INTEGER: 6

Re: x11 problems with lenovo w500

pcidump -xx output for both cases. normally the more interesting result anyway. oh, and the data you're passing on not to be MIME attached, the list strips those. Ok, here we are: http://www.wiroth.net/error/x11/pcidump-xx.working http://www.wiroth.net/error/x11/pcidump-xx.NOT.working

OpenSSH release CDS

I've repeatedly been in a position where we weren't making direct use of OpenBSD, but were using OpenSSH, and if there were a recurring cost associated with it (like purchasing a semi-annual CD) it would have been relatively painless to get a rubber stamp approval of such a cost, whereas

Re: Bug OpenBGPD, IPv6 peer gets cleared, never gets up again

Hi, The patch is working. I have patched both the local testing setup and the production pilot. I tcpdumped the interface and got a nice IPv6 withdraw-packet: No. TimeSourceDestination Protocol Info 101 27.955719 2001:db8:1::a500:6777:1

might be slightly OT: `probability in PF'

i say this might be slightly OT because i am asking more of a philosophical question, not a technical one. the excellent documentation has given me all i need to know about the probability directive. thanks, devs, for that. quick story: i have a couple dozen websites spread across two

Re: OpenSSH release CDS

2009/3/11 patric conant mirage.comput...@gmail.com: I've repeatedly been in a position where we weren't making direct use of OpenBSD, but were using OpenSSH, and if there were a recurring cost associated with it (like purchasing a semi-annual CD) it would have been relatively painless to get

Re: Quick question about an PF user's guide example

On Tue, Mar 10, 2009 at 9:16 PM, Leonardo Rodrigues leonardov...@gmail.com wrote: Hi everyone, I'm trying to build a PF / ALTQ ruleset that handles traffic between 3 internal interfaces and 1 external, so that the internal interfaces can have different priorities on the available bandwidth

Re: might be slightly OT: `probability in PF'

On Wed, Mar 11, 2009 at 10:01 PM, jmc j...@cosmicnetworks.net wrote: i say this might be slightly OT because i am asking more of a philosophical question, not a technical one. the excellent documentation has given me all i need to know about the probability directive. thanks, devs, for that.

Re: might be slightly OT: `probability in PF'

--- Jeffrey 'jf' Lim [Wed, Mar 11, 2009 at 10:09:19PM +0800]: --- On Wed, Mar 11, 2009 at 10:01 PM, jmc j...@cosmicnetworks.net wrote: i say this might be slightly OT because i am asking more of a philosophical question, not a technical one. the excellent documentation has given me all i

Re: Nginx: filedescriptors, users and login.conf confusion

Matt, On Wed, Mar 11, 2009 at 11:42:54AM +0100, Matt wrote: I've been running Nginx with php-fastcgi and am sometimes experiencing the 'too many files open' error messages. Investigating the solution I am confused about which user (or userclass in login.conf) I should give more

Ramifications of blocking SYN+FIN TCP packets

I understand that this might annoy a few of you, If it does please accept my apologies. The place I work is required to have an external security scan from time to time and the latest scan says that we have failed because the firewall responded to a TCP packet that has the SYN and FIN flags set.

Re: How to break the httpd's 4G file size limit?

On 2009-03-10 at 14:34:30, you wrote: I want to set up the web server to share file, but i know apache-1.3.x (which is openbsd default httpd) had the 4G file size limit, can i break this limit? I don't know the correct answer to this question, but i thought of a possible work-around in the

Re: Ramifications of blocking SYN+FIN TCP packets

On Wed, Mar 11, 2009 at 10:42:38AM -0400, Stuart VanZee wrote: I understand that this might annoy a few of you, If it does please accept my apologies. The place I work is required to have an external security scan from time to time and the latest scan says that we have failed because the

Re: Ramifications of blocking SYN+FIN TCP packets

On Wed, Mar 11, 2009 at 10:54:18AM -0400, Jason Dixon wrote: On Wed, Mar 11, 2009 at 10:42:38AM -0400, Stuart VanZee wrote: I understand that this might annoy a few of you, If it does please accept my apologies. The place I work is required to have an external security scan from time

Re: How to break the httpd's 4G file size limit?

Daniel A. Ramaley wrote: On 2009-03-10 at 14:34:30, you wrote: I want to set up the web server to share file, but i know apache-1.3.x (which is openbsd default httpd) had the 4G file size limit, can i break this limit? I don't know the correct answer to this question, but i thought of a

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 05:37:14PM +0200, Alexey Suslikov wrote: The limitation is 2Gb on 32-bit platforms because of off_t (man lseek). huh? [gra...@nohead tmp]$ cat x.c #include sys/types.h #include stdio.h int main(void) { printf(size of off_t is %u bits\n, 8 * sizeof(off_t)); }

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 05:37:14PM +0200, Alexey Suslikov wrote: Daniel A. Ramaley wrote: On 2009-03-10 at 14:34:30, you wrote: I want to set up the web server to share file, but i know apache-1.3.x (which is openbsd default httpd) had the 4G file size limit, can i break this limit?

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 11:37 AM, Alexey Suslikov alexey.susli...@gmail.com wrote: The limitation is 2Gb on 32-bit platforms because of off_t (man lseek). off_t is always 64-bit. Stock ftpd also has mentioned limitation (try to REST a file beyond 2Gb offset). Using any 64-bit platform will

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 17:56, Ted Unangst ted.unan...@gmail.com wrote: On Wed, Mar 11, 2009 at 11:37 AM, Alexey Suslikov alexey.susli...@gmail.com wrote: The limitation is 2Gb on 32-bit platforms because of off_t (man lseek). off_t is always 64-bit. Stock ftpd also has mentioned limitation

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 06:48:49PM +0300, Alexander Yurchenko wrote: On Wed, Mar 11, 2009 at 05:37:14PM +0200, Alexey Suslikov wrote: The limitation is 2Gb on 32-bit platforms because of off_t (man lseek). huh? [gra...@nohead tmp]$ cat x.c #include sys/types.h #include stdio.h int

Re: How long it should take for a fsck to check a 300GB hdd?

dmesg as promised: OpenBSD 4.4-stable (SQUID_DISKD) #9: Sat Jan 10 19:27:35 CET 2009 r...@pegasus.plan9.homeunix.net:/usr/src/sys/arch/i386/compile/SQUID_DISK D cpu0: AMD Sempron(tm) Processor LE-1150 (AuthenticAMD 686-class, 256KB L2 cach e) 2.01 GHz cpu0:

Re: mouse cursor is gone after running xorgconfig with nv driver

On Tue, 10 Mar 2009, microlaser wrote: Hi, I am running openbsd 4.4 on an amd64 with the nv driver, with an nvidia gforce 6200. I used xorgconfig to reconfigure x and now the mouse cursor is gone. anyone have any idea how to get it back? Thanks I don't know how your mouse gone. As you

Re: Nginx: filedescriptors, users and login.conf confusion

If nginx is running as 'www' then you're building your own nginx rather than using the package? If so, then nginx is starting however you tell it, and without details it's impossible to say. It's installed through package and I use a startup as adviced in /etc/rc.local. However the 'user'

Re: Ramifications of blocking SYN+FIN TCP packets

On Wed, Mar 11, 2009 at 01:04:34PM -0400, David Goldsmith wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jason Dixon wrote: S/SAFR I just had to deal with this on our customer's PCI scan. Don't argue with the logic, just do it. :) Let me guess -- TrustKeeper? We just

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 12:01 PM, Alexey Suslikov alexey.susli...@gmail.com wrote: On Wed, Mar 11, 2009 at 17:56, Ted Unangst ted.unan...@gmail.com wrote: If using a 64-bit machine fixes it, then the type in question is not off_t. Maybe you should try to transfer (using stock httpd) at least

Re: Nginx: filedescriptors, users and login.conf confusion

On Wed, Mar 11, 2009 at 06:01:31PM +0100, Matt wrote: If nginx is running as 'www' then you're building your own nginx rather than using the package? If so, then nginx is starting however you tell it, and without details it's impossible to say. It's installed through package and I use a

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 19:11, Ted Unangst ted.unan...@gmail.com wrote: On Wed, Mar 11, 2009 at 12:01 PM, Alexey Suslikov alexey.susli...@gmail.com wrote: On Wed, Mar 11, 2009 at 17:56, Ted Unangst ted.unan...@gmail.com wrote: If using a 64-bit machine fixes it, then the type in question is

openbsd - microsoft vpn interoperability

Hi everyone. A web search only picked up antiquated information on this one. I'm talking about setting up a network to network VPN between Microsoft and OpenBSD gateways. I'm here asking for comments on what people are actually doing and hopefully with pros and cons included. So which

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 1:21 PM, Alexey Suslikov alexey.susli...@gmail.com wrote: I can't recall exact code from httpd, but how about libexec/ftpd: ... extern off_t restart_point; ... you're looking at the wrong code. ftpcmd.y: restart_point = $4; /* XXX $4 is only int */

Re: vic(4) on amd64

I see that the vic(4) driver is still not in amd64/conf/GENERIC. Has anyone any recent experience with this driver+platform, or know whether its absence reflects a known problem or just lack of testing? For the record, it works fine for me on an i386 guest on ESXi 3.5 U3, with adaptor type

Re: openbsd - microsoft vpn interoperability

Juan Miscaro wrote: ... I'm here asking for comments on what people are actually doing and hopefully with pros and cons included. So which solution? OpenVPN or native IPSEC (isakmpd)? ... MS products are not really designed for interoperability, rather the opposite. So you may wish to

4.4 on ESXi 3.5 (was: vic(4) on amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Josh Archambault wrote: I'm fairly confident that using anything other than the default e1000 network device with 64-bit guests is discouraged by VMWare. It would appear that you're correct. Though the documentation does not make that clear, I

Re: openbsd - microsoft vpn interoperability

2009/3/11 Lars NoodC)n l...@umich.edu: Juan Miscaro wrote: ... I'm here asking for comments on what people are actually doing and hopefully with pros and cons included. B So which solution? B OpenVPN or native IPSEC (isakmpd)? B ... MS products are not really designed for interoperability,

Re: openbsd - microsoft vpn interoperability

Juan Miscaro wrote: Thanks. Yeah, I am going to push to have an OpenBSD portal installed on the remote end. Thing is, how am I going to get it installed? http://openvpn.net/index.php/downloads.html http://openvpn.net/howto.html#startup

Re: NFS or SAMBA ?

2009/3/9 Henning Brauer lists-open...@bsws.de * Guillermo Bernaldo de Quiros Maraver debug...@gmail.com [2009-02-13 21:06]: if you have a shared network between WINDOWS and OpenBSD i recommend Samba if not, NFS NFS = Insecure SAMBA = Have a problems, but, it's more secure.

How to mount samba shares in OpenBSD?

'running 4.4-RELEASE here. I've got SAMBA running on my Chuck Norris/kick-ass OpenWrt file server but I want to mount those shares onto my OpenBSD laptop. I've read the smbclient man page and I've googled. Is sharity-light the only (client) option?

Re: Nginx: filedescriptors, users and login.conf confusion

Matt wrote: If nginx is running as 'www' then you're building your own nginx rather than using the package? If so, then nginx is starting however you tell it, and without details it's impossible to say. It's installed through package and I use a startup as adviced in /etc/rc.local.

Re: openbsd - microsoft vpn interoperability

2009/3/11 Lars NoodC)n l...@umich.edu: Juan Miscaro wrote: Thanks. B Yeah, I am going to push to have an OpenBSD portal installed on the remote end. B Thing is, how am I going to get it installed? http://openvpn.net/index.php/downloads.html http://openvpn.net/howto.html#startup

Re: How to mount samba shares in OpenBSD?

On Wed, 11 Mar 2009, Shagbag OpenBSD wrote: 'running 4.4-RELEASE here. I've got SAMBA running on my Chuck Norris/kick-ass OpenWrt file server but I want to mount those shares onto my OpenBSD laptop. I've read the smbclient man page and I've googled. Is sharity-light the only (client) option?

Re: IP aliases: how many in one server with OpenBSD 4.4? Is it possible to change the limit?

* Alvaro Mantilla Gimenez alv...@dydnetworks.com [2009-02-19 02:52]: Anyways, the question is still valid: how many IP aliases we can reach in an OpenBSD system? which is the limit? in theory, there is none but memory. in practice, it is a simple linked list, so things get slower at some

strange load values

Hey there! I have a Compaq DL580 G1 with 4x700Mhz PIII, 2GB RAM, 2x36GB U320 SCSI on a HP SmartArray 5300 with 64MB BBU. It's a general purpose 'hobby' server. The average concurrent connections are 20-30, mostly resolv queries for bind. The load is always aroun 1.0 and frequenlty jumps up to 2.

Re: 4.4 on ESXi 3.5 (was: vic(4) on amd64)

On Wed, Mar 11, 2009 at 4:02 PM, dt...@drizzle.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Josh Archambault wrote: I'm fairly confident that using anything other than the default e1000 network device with 64-bit guests is discouraged by VMWare. It would appear that you're

Re: gem0 on Sun V120 goes dead in a few minutes with gem0: device timeout error on bsd 4.5, but works without issue on bsd.mp 4.5.

Daniel Ouellet wrote: Hi, With the 4.5 kernel on Sun V120, the Ethernet interface will go dead after a few minutes. May be 5 to 15 minutes. No consistence yet that I can see. When this happened, all access to the server is gone and no ping reply as well. The only way is to log via the

label rule on pf

Hello, Is possible 'label' the matched rule in pf log? Im having this: Mar 11 20:50:57.307005 rule 0/(match) rdr in on fxp1: 209.85.220.166.57173 127.0.0.1.25: [|tcp] (DF) Mar 11 20:54:13.568475 rule 0/(match) rdr in on fxp1: 81.92.222.103.52011 127.0.0.1.25: [|tcp] (DF) I need (if exist)

Re: Quick question about an PF user's guide example

2009/3/11 Leonardo Rodrigues leonardov...@gmail.com: Hi everyone, I'm trying to build a PF / ALTQ ruleset that handles traffic between 3 internal interfaces and 1 external, so that the internal interfaces can have different priorities on the available bandwidth they can get from the external

Re: OpenBGP 4.3/4.4 Gotchas

* Dan Carley dan.car...@gmail.com [2009-02-20 14:47]: This behaviour was thankfully not replicated with 4.4 in the lab, so we'll be upgrading promptly. But we were having issues with our 4.4 peers keeping sessions open to each other. This was resolved with r1.13 of bgpd/timer.c. I'm curious

Un site internet pour votre bien immobilier pour misc de openbsd.org

Content-Transfer-Encoding: 8bit Bonjour, Vendre ou louer un bien immobilier nest pas facile et peut couter rapidement tres cher en petites annonces qui ne restent visibles quune ou deux semaines avant de devoir payer a nouveau. Mais comment se distinguer de la masse dannonces en 4 ou 5

Re: IP aliases: how many in one server with OpenBSD 4.4? Is it possible to change the limit?

On Wed, Mar 11, 2009 at 08:54:42PM +0100, Henning Brauer wrote: * Alvaro Mantilla Gimenez alv...@dydnetworks.com [2009-02-19 02:52]: Anyways, the question is still valid: how many IP aliases we can reach in an OpenBSD system? which is the limit? in theory, there is none but memory. in

Re: Cardbus stops working after repeated card insertions

As a note, this is running on a Thinkpad X31.

compaq sun drive caddies / sleds / trays for developers

Hello developers... I have several SCSI drive carriers/trays/caddys/caddies/sleds (whatever else you'd like to call 'em) I'd like to offer up for any developer who wants 'em for the bargain price of free if anyone has a need for such creatures. There are: 6 x 104663-001 80-pin SCSI Compaq

Setting up a bidirectional (1:1) firewall

In my small company, we already have a SonicWALL firewall that handles all the workstation traffic to the Internet. We have an block of public IP Addresses, but the SonicWALL only allows us to make use of two of them. I am trying to setup a OpenBSD machine as a firewall for the rest of the IP

Re: Quick question about an PF user's guide example

Note that only the pf.conf directives that apply directly to the above policy are present; nat, rdr, options, etc., are not shown. Yeah, I noticed that too =) But I don't know if that setup would work without NAT enabled. But then, I'm no network expert... Bear in mind that while a queue is

Re: 4.4 on ESXi 3.5 (was: vic(4) on amd64)

2009/3/12 dt...@drizzle.com: I discovered a severe performance problem, wherein an OpenBSD guest would run fine for some period of hours, and then become horribly bogged down during disk operations, to the point of unusability. This was true even when the guest was nearly idle and the VM

Re: PF Seems To Reload Its Default Rules Unexpectedly

It happened again... 2009/3/9 J.C. Roberts list-...@designtools.org: As for whether or not the assigned IP address you get from your ISP via DHCP will become a problem really depends on the netmask and default route they give you along with the IP. If your internal network is 192.168.151.*

Re: OpenSSH release CDS

Well i think it is not a bad Idea; purchasing a superb remote administration software on a CD for 25USD or whatever sounds easy to sell; though i think its true, it will be a lot of work and trouble to get those CD's and Packaging Artwork and everything in low enough Quantities, and then turn it