Re: Firewall setup
May I suggest relaying these more basic questions to @rookies mail-list? I think it would be great if we could have this channel reactivated, dedicated to help folks like Karel learn how to navigate more basic stuff, and keep misc@ for intermediary / advanced users inquiries. On Wed, 17 Apr 2024 at 1:30 AM Daniel Ouellet wrote: > > On 4/16/24 10:27 AM, Karel Lucas wrote: > > First and most importantly, I would like to apologize to anyone who was > > disturbed by my conversation. It is not my intention to offend people. I > > may be curt, but that's not because it's in my character. In daily life > > I work with electronics and computers and am much less familiar with > > networks. I don't need this knowledge for what I do in daily life. It is > > therefore difficult for me to estimate what is important to link back to > > this mailing list. So if I am curt, please try to remember that it is > > not intentional, but a matter of lack of knowledge. Again, I don't want > > to hurt anyone. > > Hi Karel, > > I think you may be missing the point that everyone try to explained to > you. OpenBSD is a mailing list that have very think skin compare to any > others. You need to be very rude to offend people here unless you are > one that fell you have rights to other people free times. > > You got some VERY knowledgeable people answering you. If I was you I > would fell lucky for their time, believe me. I have been on this list > from OpenBSD 2.7. A few decades ago... > > Now you say you don't have the network know how to do this, sure > everyone start somewhere. You say you don't needs this either in your > daily job and keep asking others to point you at the page in the PF > book, etc. > > Remember they are NOT the one in needs to know, you are, so make the > effort please. Many will hold your hands gladly IF you show willingness > to do your share. > > Even the site have basic start example here: > > https://www.openbsd.org/faq/pf/index.html > > And even some of them could be simple too, but they are provided as > example to show what's possible. Up to the reader to start there and go > where they want too... > > Now to the point, it was told to you to start simple and explained what > you want to do. > > Here you say you have no special needs, etc. > > So why in gods name would you want to do a bridge setup? > > KISS principle apply! > > And it was asked as well to explained your setup. NOT what you think it > should be or how it is connected, what interface does what, etc. > > What do you want to do, plain and simple. > > Here you say that "The internal network consists mainly of regular > clients, so no email, web or name servers", so no needs for bridge, or > DMZ, etc. > > Also looks like you use private IP's so yes NAT is needed obviously. > > Now if you want multiple networks, WHY? > > Any reason for it? I see none if you don't have hosting services. > > You say it could be possible, sure it can, I can have multiple vlan and > domains routing, configure a specific IPMI DMZ for my servers > configuration, add ssh keys for wireless access with time base access > and limit, and kids restrictions, etc. But I wouldn't do that until I > get my basin system going and know why. > > Amy be I don't have kids so why do that part of the setup, but may be I > have wireless and friends coming over and they obviously all/may be want > fast internet access on my wireless, but I don't what them to have > access to ANY of my devices from their phones that might compromise my > network, so I would have a guess wireless access to to outside world > ONLY. But if I have no friends, then why would I want that? Etc... > > Sure may be you have wireless that you want to isolate from others hard > wire computers, etc. You have NAS, may be you want to isolate it form > wireless, or some specific computers, kids access restricted may be, etc. > > But no where did you ever describe what is it that you want... > > May be before you start building a house, you need to know what you want > in it, etc. > > Same thing here. > > Start small and then go from there. > > Why? Doing incremental setup help understand your setup and why you do it. > > Then down the line when you make changes or want to add something to it, > when your pf configuration is clean, you will know where to add it and > what it does. > > Look to me that if your setup have NO special needs, no hosting services > that needs to be reach form the Internet, then only thing you need is a > VERY simple NAT setup, on two interfaces and that's it. > > It's not because you have 4 interfaces that you need to use 4 interfaces... > > Start be defining what is it that you want and FORGET ABOUT interface 1, > and then 2 for admin, and 3 for nas, etc. > > What is it that you want to do and go from there. > > Define your needs and then address them ONE by ONE. > > Fix one, test and then go to the next one. > > And FORGET ABOUT BRIDGE SETUP PLEASE!!! > > You have absolutely
WireGuard, worked 7.5Release, not working snapshot
Hi all - hope you guys are doing great. I've been struggling to config WireGuard for a while (roadwarrior on my end, VPN service subscription on server side). Mostly due to my own limitations, really. Yesterday I finally managed to make it work, after upgrading to 7.5 RELEASE, through a lot of trial and error. Main reference on the setup was [1] and [2]. Setup that worked: - */etc/resolvd.conf* nameserver 10.2.0.1 # VPN server config */etc/hostname.wg0* wgkey$WG_MY_PRIV_KEY wgpeer $WG_PEER_PUBKEY inet 192.168.1.2/24 wgrtable 1 up !route add -net default 192.168.1.1 */etc/hostname.iwx0* join $MY_WIFI wpakey $MY_WIFI_PWD rdomain 1 up autoconf */etc/pf.conf* set skip on lo block return ext_if = "iwx0" vpn_if = "wg0" pass in on $ext_if from $ext_if:network rtable 1 pass out on $ext_if from self match out on $vpn_if from $ext_if:network to any nat-to $vpn_if pass out on $vpn_if - Then I decided to sysupgrade to SNAPSHOT, which is what I used to do in the past, and the setup stopped working. I tried using tcpdump to understand what is happening, and my guess is that it has to do with DNS, but I couldn't figure out exactly... I'm sure I'm missing a lot of details, if anyone can point me to the right directions (eg, what to check, possible issues) that would be much appreciated. I don't want to use wireguard-tools. If additional info is needed please let me know. Regards, Michel [1] https://dataswamp.org/~solene/2021-10-09-openbsd-wireguard-exit.html [2] https://blog.lambda.cx/posts/openbsd-wireguard-vpn-gateway/
panic when xenodm is enabled (uvm_fault, pool_do_get), -current #75
Hi I just installed -current #75 and I can't enable xenodm because the system panics 90% of the time. I'm including below basic info and pictures of messages - any pointing to the right direction would be welcomed. Images of error messages: https://1drv.ms/u/s!Al64DwRfhnFCas821xILYsNzEuk?e=XKUC3H dmesg; usbdevs; pcidump OpenBSD 6.9-current (GENERIC.MP) #75: Mon Jun 14 08:51:05 MDT 2021 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 34111942656 (32531MB) avail mem = 33062649856 (31531MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.3 @ 0x429e1000 (54 entries) bios0: vendor INSYDE Corp. version "1.07.01LS1" date 09/07/2020 bios0: Notebook NV4XMZ acpi0 at bios0: ACPI 6.1 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP UEFI SSDT SSDT SSDT SSDT SSDT TPM2 SSDT NHLT SSDT LPIT WSMT SSDT SSDT DBGP DBG2 HPET APIC MCFG SSDT DMAR SSDT FPDT PTDT BGRT acpi0: wakeup devices PEG0(S4) PEGP(S4) PEGP(S4) PEGP(S4) XHCI(S3) XDCI(S4) HDAS(S4) RP01(S4) PXSX(S3) RP02(S4) PXSX(S3) RP03(S4) PXSX(S3) RP04(S4) PXSX(S3) RP05(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 1920 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz, 29492.48 MHz, 06-8c-01 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,AVX512F,AVX512DQ,RDSEED,ADX,SMAP,AVX512IFMA,CLFLUSHOPT,CLWB,PT,AVX512CD,SHA,AVX512BW,AVX512VL,AVX512VBMI,UMIP,PKU,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu0: 256KB 64b/line disabled L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 38MHz cpu0: mwait min=64, max=64, C-substates=0.2.0.1.2.1.1.1, IBE cpu1 at mainbus0: apid 2 (application processor) cpu1: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz, 4190.36 MHz, 06-8c-01 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,AVX512F,AVX512DQ,RDSEED,ADX,SMAP,AVX512IFMA,CLFLUSHOPT,CLWB,PT,AVX512CD,SHA,AVX512BW,AVX512VL,AVX512VBMI,UMIP,PKU,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu1: 256KB 64b/line disabled L2 cache cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 4 (application processor) cpu2: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz, 3791.27 MHz, 06-8c-01 cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,AVX512F,AVX512DQ,RDSEED,ADX,SMAP,AVX512IFMA,CLFLUSHOPT,CLWB,PT,AVX512CD,SHA,AVX512BW,AVX512VL,AVX512VBMI,UMIP,PKU,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu2: 256KB 64b/line disabled L2 cache cpu2: smt 0, core 2, package 0 cpu3 at mainbus0: apid 6 (application processor) cpu3: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz, 3791.27 MHz, 06-8c-01 cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,AVX512F,AVX512DQ,RDSEED,ADX,SMAP,AVX512IFMA,CLFLUSHOPT,CLWB,PT,AVX512CD,SHA,AVX512BW,AVX512VL,AVX512VBMI,UMIP,PKU,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu3: 256KB 64b/line disabled L2 cache cpu3: smt 0, core 3, package 0 cpu4 at mainbus0: apid 1 (application processor) cpu4: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz, 3791.26 MHz, 06-8c-01 cpu4:
Re: Does intel(4) support Iris Xe Graphics?
Thank you for the reply, Jonathan - FWIW I was able to run Ubuntu on the machine just now. I still would like to try and install OpenBSD, if anyone can help me diagnose/fix the problem I’m willing to try. Regards, Michel On Wed, 7 Apr 2021 at 2:33 AM Jonathan Gray wrote: > On Tue, Apr 06, 2021 at 11:09:07AM +0400, Michel von Behr wrote: > > Hi - (not a dev, just trying to use OpenBSD snapshot) whenever I try to > > launch Xorg, either via xenodm or startx, I'm getting a kernel panic, > > like "pool_do_get: > > drmobj : page empty" (I already sent an e-mail [1] to b...@openbsd.org > with > > dmesg and all). > > The pool should already be initialised via > i915_global_objects_init() > i915_globals_init() > inteldrm_attachhook() > > > > > I'm wondering if the problem could be with my video card, Intel Iris Xe? > > Even though dmesg shows that is was detected and should (?) be working. > But > > I can't find a reason why my laptop would not run Xorg. > > > > inteldrm0 at pci0 dev 2 function 0 "Intel Xe Graphics" rev 0x01 > > drm0 at inteldrm0 > > inteldrm0: msi, TIGERLAKE, gen 12 > > > > jcs@ has/had a tiger lake machine which could run Xorg with the > linux 5.7 based drm in -current. I'm not sure what is different here. > > > > > Any pointing to the right direction would be appreciated. (If this > problem > > relates to Xorg specifically and not to OpenBSD please let me know). > > > > [1] https://marc.info/?l=openbsd-bugs=161754767328009=2 > > > > Regards, > > > > Michel > > >
Does intel(4) support Iris Xe Graphics?
Hi - (not a dev, just trying to use OpenBSD snapshot) whenever I try to launch Xorg, either via xenodm or startx, I'm getting a kernel panic, like "pool_do_get: drmobj : page empty" (I already sent an e-mail [1] to b...@openbsd.org with dmesg and all). I'm wondering if the problem could be with my video card, Intel Iris Xe? Even though dmesg shows that is was detected and should (?) be working. But I can't find a reason why my laptop would not run Xorg. inteldrm0 at pci0 dev 2 function 0 "Intel Xe Graphics" rev 0x01 drm0 at inteldrm0 inteldrm0: msi, TIGERLAKE, gen 12 Any pointing to the right direction would be appreciated. (If this problem relates to Xorg specifically and not to OpenBSD please let me know). [1] https://marc.info/?l=openbsd-bugs=161754767328009=2 Regards, Michel
Re: Internal Microphone on Thinkpad X1 Carbon 7th gen not working
Check sysctl(8) - kern.audio.record (turned off by default)
On Fri, 4 Dec 2020 at 1:41 PM Tom Smyth
wrote:
> Hello Stefan,
>
> have you checked the Bios is it disabled (for Privacy ) / (security)
>
>
>
> On Fri, 4 Dec 2020 at 09:20, Stefan Hagen wrote:
>
> > Hello,
> >
> > I'm struggling to get the internal microphone working on my Thinkpad
> > X1 Carbon 7th Gen.
> >
> > I can record from an external USB microphone on OpenBSD. It is only the
> > internal microphone I'm struggling with.
> >
> > To rule out a hardware fault, I booted windows from a USB drive and the
> > microphone works fine in this OS. While being there, I also updated the
> > bios and thunderbolt firmware to the latest version.
> >
> > Is anyone here that got it working on this machine?
> >
> > dmesg:
> > azalia0 at pci0 dev 31 function 3 "Intel 300 Series HD Audio" rev 0x11:
> msi
> > azalia0: codecs: Realtek ALC285, Intel/0x280b, using Realtek ALC285
> > audio0 at azalia0
> >
> > $ sysctl kern.audio.record
> > kern.audio.record=1
> >
> > $ mixerctl -v
> > inputs.dac-2:3=174,174
> > inputs.dac-0:1=174,174
> > record.adc-0:1_mute=off [ off on ]
> > record.adc-0:1=124,124
> > record.adc-2:3_mute=off [ off on ]
> > record.adc-2:3=124,124
> > outputs.spkr_source=dac-2:3 [ dac-2:3 ]
> > outputs.spkr_mute=off [ off on ]
> > outputs.spkr_eapd=on [ off on ]
> > outputs.spkr2_source=dac-0:1 [ dac-2:3 dac-0:1 ]
> > outputs.spkr2_mute=off [ off on ]
> > outputs.spkr2_boost=off [ off on ]
> > inputs.mic=85,85
> > outputs.mic_dir=input-vr80 [ none input input-vr0 input-vr50 input-vr80
> > input-vr100 ]
> > outputs.hp_source=dac-0:1 [ dac-2:3 dac-0:1 ]
> > outputs.hp_mute=off [ off on ]
> > outputs.hp_boost=off [ off on ]
> > outputs.hp_eapd=on [ off on ]
> > record.adc-2:3_source=mic { mic }
> > record.adc-0:1_source=mic { mic }
> > outputs.mic_sense=unplugged [ unplugged plugged ]
> > outputs.hp_sense=unplugged [ unplugged plugged ]
> > outputs.spkr_muters=hp { hp }
> > outputs.master=255,255
> > outputs.master.mute=off [ off on ]
> > outputs.master.slaves=dac-2:3,dac-0:1,spkr,spkr2,hp { dac-2:3 dac-0:1
> > spkr spkr2 hp }
> > record.volume=124,124
> > record.volume.mute=off [ off on ]
> > record.volume.slaves=adc-0:1,adc-2:3 { adc-0:1 adc-2:3 mic }
> > record.enable=sysctl [ off on sysctl ]
> >
> > I also cranked inputs.mic and record.volume up to 255,255 - no
> > difference.
> >
> > $ sndiod -ddd -f rsnd/0 -m play,rec # while aucat -o test.wav
> > snd0 pst=cfg.default: rec=0:1 play=0:1 vol=23170 dup
> > helper(helper|ini): created
> > worker(worker|ini): created
> > listen(/tmp/sndio/sock0|ini): created
> > sock(sock|ini): created
> > helper: recv: cmd = 0, num = 0, idx = 0, mode = 3, fd = -1
> > helper: send: cmd = 3, num = 0, idx = 0, mode = 0, fd = 3
> > helper: recv: cmd = 2, num = 0, idx = 0, mode = 768, fd = -1
> > helper: send: cmd = 3, num = 0, idx = 0, mode = 0, fd = 3
> > sock,rmsg,widl: AUTH message
> > sock,rmsg,widl: HELLO message
> > sock,rmsg,widl: hello from , mode = 2, ver 7
> > snd0 pst=cfg: device requested
> > worker: send: cmd = 0, num = 0, idx = 0, mode = 3, fd = -1
> > worker: recv: cmd = 3, num = 0, idx = 0, mode = 0, fd = 6
> > snd0 pst=cfg: using rsnd/0
> > worker: send: cmd = 2, num = 0, idx = 0, mode = 768, fd = -1
> > worker: recv: cmd = 3, num = 0, idx = 0, mode = 0, fd = 7
> > sio(dev|ini): created
> > sioctl(mix|ini): created
> > snd0 pst=cfg: adding output0.level=255 at 25
> > snd0 pst=cfg: adding output1.level=255 at 26
> > snd0 pst=cfg: adding output0.mute=0 at 57
> > snd0 pst=cfg: adding output1.mute=0 at 58
> > snd0 pst=cfg: adding input0.level=124 at 89
> > snd0 pst=cfg: adding input1.level=124 at 90
> > snd0 pst=cfg: adding input0.mute=0 at 121
> > snd0 pst=cfg: adding input1.mute=0 at 122
> > snd0 pst=cfg: 48000Hz, s16le, play 0:1, rec 0:1, 16 blocks of 480 frames
> > snd0 pst=cfg: adding app/aucat0.level=127 at 0
> > aucat0 vol=127,pst=ini: using snd0 pst=ini.default, mode = 2
> > aucat0 vol=127,pst=ini,rmsg,widl: SETPAR message
> > aucat0 vol=127,pst=ini,rmsg,widl: recording channels 0:1 ->0:1
> > aucat0 vol=127,pst=ini,rmsg,widl: 48000Hz sample rate, 480 frame blocks
> > aucat0 vol=127,pst=ini,rmsg,widl: 9600 frame buffer
> > aucat0 vol=127,pst=ini,rmsg,widl: GETPAR message
> > aucat0 vol=127,pst=ini,rmsg,widl: GETPAR message
> > aucat0 vol=127,pst=ini,rmsg,widl: START message
> > aucat0 vol=127,pst=ini: recording s16le <- s16le
> > cmap: nch = 2, ostart = 0, onext = 0, istart = 0, inext = 0
> > aucat0 vol=127,pst=ini: allocated 9600/17280 fr buffers
> > snd0 pst=ini: device started
> > snd0 pst=run: started
> > aucat0 vol=127,pst=run: attached at -7680, delta = 0
> > aucat0 vol=127,pst=run: 48000Hz, s16le, rec 0:1, 20 blocks of 480 frames
> > aucat0 vol=127,pst=run,rmsg,widl: building SETVOL message, vol = 127
> > aucat0 vol=127,pst=run: prime = 16
> > aucat0 vol=127,pst=run: prime = 15
> > aucat0 vol=127,pst=run: prime = 14
> > aucat0 vol=127,pst=run: prime = 13
> > aucat0
Re: Snapshot crash on boot, "entry point at: 0x1001000" (Intel Gemini Lake)
output=19, feature=0 uvideo0 at uhub0 port 7 configuration 1 interface 0 "Sonix Technology Co., Ltd. USB 2.0 Camera" rev 2.00/1.00 addr 4 video0 at uvideo0 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets root on sd0a (80f2e3dafc09765d.a) swap on sd0b dump on sd0b drm:pid0:rc6_supported *NOTICE* RC6 and powersaving disabled by BIOS inteldrm0: 1920x1080, 32bpp wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation), using wskbd0 wsdisplay0: screen 1-5 added (std, vt100 emulation) iwm0: hw rev 0x210, fw ver 17.3216344376.0, address b8:9a:2a:3f:b6:6e hw.sensors.cpu0.temp0=44.00 degC hw.sensors.acpiac0.indicator0=Off (power supply) hw.sensors.acpibat0.volt0=unknown (voltage), UNKNOWN hw.sensors.acpibat0.volt1=7.60 VDC (current voltage) hw.sensors.acpibat0.power0=5.45 W (rate) hw.sensors.acpibat0.watthour0=36.46 Wh (last full capacity) hw.sensors.acpibat0.watthour1=4.80 Wh (warning capacity) hw.sensors.acpibat0.watthour2=1.46 Wh (low capacity) hw.sensors.acpibat0.watthour3=9.81 Wh (remaining capacity), OK hw.sensors.acpibat0.watthour4=38.00 Wh (design capacity) hw.sensors.acpibat0.raw0=1 (battery discharging), OK hw.sensors.acpibtn0.indicator0=On (lid open) hw.sensors.acpitz0.temp0=46.00 degC (zone temperature) On Wed, Oct 28, 2020 at 8:34 PM Theo de Raadt wrote: > This particular diff is in snapshots. That's a shortcut which will let > more people try it quicker, and report back. > > > thanks to the fix from Mark, see > > https://marc.info/?l=openbsd-tech=160383074317608=2 the problem is > > solved for my machine. > > > > Best regards, > > Sven > > > > On 10/10/20 11:56 AM, Sven Wolf wrote: > > > Hi, > > > > > > on my Lenovo V130 I've to build a custom kernel without radeondrm and > > > amdgpu. > > > > > > https://marc.info/?l=openbsd-misc=159276382718317=2 > > > > > > The modified efiboot.c, see > > > https://marc.info/?l=openbsd-misc=159401011632149=2, doesnt work > on > > > this machine. > > > > > > Best regards, > > > Sven > > > > > > On 10/9/20 9:32 PM, Kastus Shchuka wrote: > > >> On Fri, Oct 09, 2020 at 03:37:37PM +0400, Michel von Behr wrote: > > >>> Hi all, > > >>> I'm trying to run snapshot on a Chuwi Lapbook laptop (Intel Gemini > > >>> Lake), > > >>> but I get stuck at boot time with the message "entry point at: > > >>> 0x1001000". > > >>> Based on previous discussions [1] it looks like the problem is with > > >>> BOOTX64.EFI > > >>> For now I'll be running -stable, but I would like to follow > -current. Is > > >>> there a way to run -current with an old version of BOOTX64.EFI for > > >>> example? > > >>> (i.e., the only alternatives I'm seeing is either 1) compiling a > GENERIC > > >>> kernel with the older version of BOOTX64.EFI src, or 2) (try to) > > >>> compile a > > >>> custom/smaller kernel to avoid the issue). > > >>> > > >>> [1] https://marc.info/?l=openbsd-misc=159147446008114=2 > > >>> > > >>> Any pointing to the right direction is welcome. > > >> > > >> I had the same problem with EFI on ASRock J4105M system, essentially > > >> failing > > >> to boot a kernel larger than certain size. I posted my solution here: > > >> > > >> https://marc.info/?l=openbsd-misc=159401011632149=2 > > >> > > >> I guess the patch requires more testing before asking for it to be > > >> committed. > > >> > > >> Thanks, > > >> > > >> Kastus > > >> > > > >
Re: Snapshot crash on boot, "entry point at: 0x1001000" (Intel Gemini Lake)
OK, so if I understand this correctly, in theory I should be able to go with both kernel and binaries from snapshot, and use installboot(8) to load primary and secondary bootstrap files from previous releases... right? Regarding the mismatched kernel and binaries, thanks, now I understand - should be temporary, no problem. On Sun, 18 Oct 2020 at 2:33 PM Stuart Henderson wrote: > On 2020-10-17, Michel von Behr wrote: > > @stuart Thank for the suggestion - unfortunately after following the > steps > > in that link the same error occurred (entry point at: 0x1001000); I > > reverted to the obsd kernel (i.e., at boot time, “b obsd”), it’s booting > > and the system seems to be working OK, but without dmesg - when I try to > > run dmesg, I get: > > > > dmesg: sysctl: KERN_MSGBUF: Cannot allocate memory > > You have mismatched kernel and binaries. > > > $ uname -a > > OpenBSD chuwi.mabvb.pro 6.7 GENERIC.MP#6 amd64 > > You were trying to run snapshots, I think, so you'll need a snapshot > kernel. The only thing you want to hold back is the boot loader. > >
Re: Snapshot crash on boot, "entry point at: 0x1001000" (Intel Gemini Lake)
@stuart Thank for the suggestion - unfortunately after following the steps in that link the same error occurred (entry point at: 0x1001000); I reverted to the obsd kernel (i.e., at boot time, “b obsd”), it’s booting and the system seems to be working OK, but without dmesg - when I try to run dmesg, I get: dmesg: sysctl: KERN_MSGBUF: Cannot allocate memory $ uname -a OpenBSD chuwi.mabvb.pro 6.7 GENERIC.MP#6 amd64 Not sure if there’s anything else I can do, if there is I’d be happy try it out. Regards Michel *Subject:Re: Snapshot crash on boot, "entry point at: 0x1001000" (Intel Gemini Lake) <https://marc.info/?t=16022440102=1=2> From: Stuart Henderson <https://marc.info/?a=10397134052=1=2> Date: 2020-10-10 10:51:45 <https://marc.info/?l=openbsd-misc=1=202010=2> Message-ID: slrnro34i1.2d2i.stu () naiad ! spacehopper ! org <https://marc.info/?i=slrnro34i1.2d2i.stu%20()%20naiad%20!%20spacehopper%20!%20org> [Download RAW message <https://marc.info/?l=openbsd-misc=160232725921508=mbox> or body <https://marc.info/?l=openbsd-misc=160232725921508=raw>]* On 2020-10-09, Michel von Behr wrote: > I'm trying to run snapshot on a Chuwi Lapbook laptop (Intel Gemini Lake), > but I get stuck at boot time with the message "entry point at: 0x1001000". > Based on previous discussions [1] > <https://marc.info/?l=openbsd-misc=160232725921508=2#1> it looks like the > problem is with > BOOTX64.EFI > For now I'll be running -stable, but I would like to follow -current. Is > there a way to run -current with an old version of BOOTX64.EFI for example? If you upgrade by downloading and untarring sets on the running system, you can avoid updating the bootloader, the basic method is described inhttp://www.openbsd.org/faq/upgrade67.html#NoInstKern (obviously skip the "update the bootloader" step). Note that newer versions of the bootloader read the seed for early RNG use in the kernel, I'm not sure when it was added but you might miss out on that with a 6.7 bootloader. On Fri, 9 Oct 2020 at 3:37 PM Michel von Behr wrote: > Hi all, > I'm trying to run snapshot on a Chuwi Lapbook laptop (Intel Gemini Lake), > but I get stuck at boot time with the message "entry point at: 0x1001000". > Based on previous discussions [1] it looks like the problem is with > BOOTX64.EFI > For now I'll be running -stable, but I would like to follow -current. Is > there a way to run -current with an old version of BOOTX64.EFI for example? > (i.e., the only alternatives I'm seeing is either 1) compiling a GENERIC > kernel with the older version of BOOTX64.EFI src, or 2) (try to) compile a > custom/smaller kernel to avoid the issue). > > [1] https://marc.info/?l=openbsd-misc=159147446008114=2 > > Any pointing to the right direction is welcome. > > Regards, > > Michel >
Snapshot crash on boot, "entry point at: 0x1001000" (Intel Gemini Lake)
Hi all, I'm trying to run snapshot on a Chuwi Lapbook laptop (Intel Gemini Lake), but I get stuck at boot time with the message "entry point at: 0x1001000". Based on previous discussions [1] it looks like the problem is with BOOTX64.EFI For now I'll be running -stable, but I would like to follow -current. Is there a way to run -current with an old version of BOOTX64.EFI for example? (i.e., the only alternatives I'm seeing is either 1) compiling a GENERIC kernel with the older version of BOOTX64.EFI src, or 2) (try to) compile a custom/smaller kernel to avoid the issue). [1] https://marc.info/?l=openbsd-misc=159147446008114=2 Any pointing to the right direction is welcome. Regards, Michel
Re: Trying to use OpenBSD as webserver, inside home network (ADSL internet connection)
Thank you! I received several answers, mostly in private. I was able to
solve the issue, but it had nothing to do with the OpenBSD machine. Some
brief comments:
1) About DMZ (Demilitarised Zone), I tried configuring the router with and
without putting my OpenBSD laptop in DMZ (unfortunately it didn't change
the results).
2) I'm including PF config here - no change from defaults. I'm assuming for
now I shouldn't bother with PF config in this context, but please let me
know if I'm wrong.
3) What I did was to reset the cheap modem/router to factory settings
(because at a certain point the whole thing was a bit of a chaotic tweaked
mess!), put it in bridge mode, and disabled DHCP. I then connected the
cheap modem to the TP-Link WAN input, and configured PPPoE using the same
config that was being used in the cheap modem/router. It worked like a
charm! :-)
Thanks for the tips anyway!
On Fri, Jan 19, 2018 at 2:29 PM, Oliver Marugg <quand...@gmail.com> wrote:
> hi
>
> check: which device does nat for you. On that device configure
> portforwarding from external to internal, eg external ip:port to your
> internal host:port. test it from outside.
>
> ip forwarding on your OpenBSD laptop isnt necessary here, your laptop
> doesnt act as a router in your homesetup.
>
> -om
>
>
>
> On 19 Jan 2018, at 15:55, Michel von Behr wrote:
>
> Hi - rookie question: I have ADSL internet at home, distributed to local
>> hosts via a cheap modem/router provided by the ISP. And connected as one
>> of
>> the network nodes is an old laptop running OpenBSD. I want to use that
>> laptop as a webserver, ftp server, etc. I can connect to the laptop
>> internally, from within the local network (192.168.15.11) via http, ssh,
>> ftp, etc, but I can't see it from external hosts. I already tried
>> different
>> configurations in the router/modem related to port forwarding, NAT, but
>> without success, so I'm starting to think that it might be something I'm
>> missing on OpenBSD network config (PF maybe?).
>>
>> I tried enabling ip forwarding in sysctl but I still can't see it from
>> outside hosts.
>>
>> Specifically, my question would be this: if I can see my laptop from
>> within
>> the local network, would that be enough to guarantee that I should be able
>> to detect it externally? If not, what configuration should I be looking to
>> adjust?
>>
>> httpd.conf is accepting connections from any IP address, as far as I
>> understand this:
>>
>> # $OpenBSD: httpd.conf,v 1.17 2017/04/16 08:50:49 ajacoutot Exp $
>>
>> #
>> # Macros
>> #
>> ext_addr="*"
>>
>> #
>> # Global Options
>> #
>> # prefork 3
>>
>>
>> #
>> # Servers
>> #
>>
>> # A minimal default server
>> server "default" {
>> listen on $ext_addr port 80
>> listen on $ext_addr port 8080
>> listen on $ext_addr port 50080
>> root "/htdocs/"
>> directory {
>> no index
>> }
>>
>> location "*.php" {
>> fastcgi socket "/run/php-fpm.sock"
>> }
>> }
>>
>> As for ssh_config the only change I made to the default config file was to
>> include port 50022 (trying to avoid any blocking to port 22 that my ISP
>> might be enforcing).
>>
>> Any pointing to the right direction would be appreciated...
>>
>> Kind regards,
>>
>> Michel
>>
>
Trying to use OpenBSD as webserver, inside home network (ADSL internet connection)
Hi - rookie question: I have ADSL internet at home, distributed to local
hosts via a cheap modem/router provided by the ISP. And connected as one of
the network nodes is an old laptop running OpenBSD. I want to use that
laptop as a webserver, ftp server, etc. I can connect to the laptop
internally, from within the local network (192.168.15.11) via http, ssh,
ftp, etc, but I can't see it from external hosts. I already tried different
configurations in the router/modem related to port forwarding, NAT, but
without success, so I'm starting to think that it might be something I'm
missing on OpenBSD network config (PF maybe?).
I tried enabling ip forwarding in sysctl but I still can't see it from
outside hosts.
Specifically, my question would be this: if I can see my laptop from within
the local network, would that be enough to guarantee that I should be able
to detect it externally? If not, what configuration should I be looking to
adjust?
httpd.conf is accepting connections from any IP address, as far as I
understand this:
# $OpenBSD: httpd.conf,v 1.17 2017/04/16 08:50:49 ajacoutot Exp $
#
# Macros
#
ext_addr="*"
#
# Global Options
#
# prefork 3
#
# Servers
#
# A minimal default server
server "default" {
listen on $ext_addr port 80
listen on $ext_addr port 8080
listen on $ext_addr port 50080
root "/htdocs/"
directory {
no index
}
location "*.php" {
fastcgi socket "/run/php-fpm.sock"
}
}
As for ssh_config the only change I made to the default config file was to
include port 50022 (trying to avoid any blocking to port 22 that my ISP
might be enforcing).
Any pointing to the right direction would be appreciated...
Kind regards,
Michel
