SOLVED Re: rsyncing -current packages -- pattern matching problems
RW wrote: thanks - that was it - & natch the order of rsync includes/excludes is mentioned in the cryptic man page. so, you need to: exclude the more specific entry, and then finally include the required one last as a generic entry: - cyrus-sasl-*mysql* - cyrus-sasl-*db4* - cyrus-sasl-*postgres* - cyrus-sasl-*ldap* cyrus-sasl-* achieves the required result. yes it was a bit off topic but i was hoping to see how others did this. a+ scorch i am rsyncing -current packages & taking advantage of rsync's pattern matching to avoid specifying the package versions, to make a local repository for upgrades. there are several packages that i _don't_ want to retrieve flavours for, e.g. cyrus-sasl as an example. but i haven't been able to force just the base package, without specifying identically the filename - which defeats the purpose of what i was trying to achieve. here's my current go, trimmed to show the specific problem: $ cat snapshot.inc # include file for rsync cvsync-* cyrus-sasl-* - cyrus-sasl-*db* - cyrus-sasl-*mysql* - cyrus-sasl-*ldap* db-4* - *.tgz $ rsync -thrivz --stats --del -n rsync://rsync.de.openbsd.org/OpenBSD/snapshots/packages/i386 /var/tmp/packages/ --include-from=snapshot.inc [...] f+++ i386/cvsync-0.24.19.tgz f+++ i386/cyrus-sasl-2.1.21p2-db4.tgz f+++ i386/cyrus-sasl-2.1.21p2-ldap.tgz f+++ i386/cyrus-sasl-2.1.21p2-mysql.tgz f+++ i386/cyrus-sasl-2.1.21p2.tgz f+++ i386/db-4.2.52p11.tgz f+++ i386/index.txt [...] but I _don't_ want to retrieve all the{db4,ldap,mysql} flavors - just the base one. can anybody help? I don't have a chance to check (no rsync file or man page to check) but: Maybe in the rules you constructed first match wins. Once a match happens no further rules are evaluated? Otherwise you might go ask on an rsync list - I'd guess the folk there wouldn't have to go look at the manpages It really is OT here.
Re: Serial console not working for IBM Aptiva
Damon McMahon wrote: > Greetings, > > I've installed OBSD 3.9 on an old (circa 2000) IBM Aptiva > successfully, but I'm having trouble configuring a serial console for > it. ... > # cat /etc/boot.conf > stty com0 9600 > set tty com0 > > After connecting a known working null modem cable to COM2 [yes, COM2 > not COM1] on the Aptiva we make progress attempting to connect a > serial console from another OBSD 3.9 machine and then booting the > Aptiva, but not much: > > # tip tty00 > connected > > boot> 10 > > boting hd0a:10: open hd0a:10: No such file or directory > > > failed(2). will try /obsd > > boot> > > boot> > > > boot> > > ...[snip really ugly stuff that looks painfully familiar]... Been there, seen that, kicked self in butt once I realized the port I was trying to use as a serial terminal was also configured as a serial console for the terminal machine (D'oh!). Basically, the two machines start bouncing back and forth off each other, and nothing works as desired. HOWEVER... ... > and I get the same results. dmesg of the Aptiva follows, can anyone > advise? Here's why even when you don't think the dmesg matters, it can matter. > # dmesg ... > uhci0 at pci0 dev 7 function 2 "Intel 82371AB USB" rev 0x01: irq 3 check out this device's IRQ: 3... ... > eso0 at pci0 dev 11 function 0 "ESS SOLO-1 AudioDrive" rev 0x01: > ES1946, irq 5 and the sound card is on IRQ 5... > eso0: mapping Audio 1 DMA using VC I/O space at 0x8cc0 > audio0 at eso0 > opl0 at eso0: model OPL3 > midi0 at opl0: > "Conexant 56k Winmodem" rev 0x08 at pci0 dev 13 function 0 not > configured > sis0 at pci0 dev 14 function 0 "NS DP83815 10/100" rev 0x00, > DP83815C: irq 5, address 00:a0:cc:74:48:46 and again, irq 5. > nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1 > rl0 at pci0 dev 16 function 0 "Accton MPX 5030/5038" rev 0x10: irq 9, > address 00:10:b5:08:5c:32 > rlphy0 at rl0 phy 0: RTL internal PHY > isa0 at pcib0 > isadma0 at isa0 > pckbc0 at isa0 port 0x60/5 > pckbd0 at pckbc0 (kbd slot) > pckbc0: using irq 1 for kbd slot > wskbd0 at pckbd0: console keyboard, using wsdisplay0 > pcppi0 at isa0 port 0x61 > midi1 at pcppi0: > spkr0 at pcppi0 > lpt0 at isa0 port 0x378/4 irq 7 > npx0 at isa0 port 0xf0/16: using exception 16 > pccom1: irq 3 already in use > pccom2: irq 5 already in use And that tells us more. Note that it's pccom1 and pccom2, but no pccom0... pccom devices are ISA devices, so they can't share IRQs with PCI devices (though, of course, PCI devices can share IRQs with each other). So that's why com0 didn't work, and the IRQ conflict won't make com1 and com2 work very well... Take a close look at your machine config (most likely, the BIOS setup program), you will probably find non-standard configs for the two serial ports. You might need to "tag" IRQ 3 as "Reserved for ISA" or similar. Nick.
Re: rsyncing -current packages -- pattern matching problems
On Sun, 18 Feb 2007 16:30:36 +1300, [EMAIL PROTECTED] wrote: >hi, > >i am rsyncing -current packages & taking advantage of rsync's pattern >matching to avoid specifying the package versions, to make a local >repository for upgrades. > >there are several packages that i _don't_ want to retrieve flavours for, >e.g. cyrus-sasl as an example. but i haven't been able to force just the >base package, without specifying identically the filename - which >defeats the purpose of what i was trying to achieve. > >here's my current go, trimmed to show the specific problem: > >$ cat snapshot.inc ># include file for rsync >cvsync-* >cyrus-sasl-* >- cyrus-sasl-*db* >- cyrus-sasl-*mysql* >- cyrus-sasl-*ldap* >db-4* >- *.tgz > >$ rsync -thrivz --stats --del -n >rsync://rsync.de.openbsd.org/OpenBSD/snapshots/packages/i386 >/var/tmp/packages/ --include-from=snapshot.inc > >[...] > > >f+++ i386/cvsync-0.24.19.tgz > >f+++ i386/cyrus-sasl-2.1.21p2-db4.tgz > >f+++ i386/cyrus-sasl-2.1.21p2-ldap.tgz > >f+++ i386/cyrus-sasl-2.1.21p2-mysql.tgz > >f+++ i386/cyrus-sasl-2.1.21p2.tgz > >f+++ i386/db-4.2.52p11.tgz > >f+++ i386/index.txt > >[...] > >but I _don't_ want to retrieve all the{db4,ldap,mysql} flavors - just >the base one. can anybody help? I don't have a chance to check (no rsync file or man page to check) but: Maybe in the rules you constructed first match wins. Once a match happens no further rules are evaluated? Otherwise you might go ask on an rsync list - I'd guess the folk there wouldn't have to go look at the manpages It really is OT here. Please reply to the list only. Due to the nicely open list (which I heartily approve of) being archived with unmasked addresses, all mail to the sender address is >/dev/null In the beginning was The Word and The Word was Content-type: text/plain The Word of Rod.
Re: missing isakmpd.fifo
On 2/17/07, Matthew Closson <[EMAIL PROTECTED]> wrote: Anyone know if there would be a negative affect on isakmpd if the immutable flag was set on the file /var/run/isakmpd.fifo ? You mean, other than making isakmpd fail during startup? It removes and recreates the fifo when it starts. It also removes it when it exits. Leaving the fifo there when there's no process listening on it does not help things at all. You need to figure out why isakmpd is exitting and fix that and the fifo will take care of itself. ... > I have isakmpd enabled in /etc/rc.conf with flags -K. Even though I do not > specify a location on the command line of isakmpd for the fifo to occur, it > does exist in fact when the process is launched and sometime later dies off. What is isakmpd logging when it "sometime later dies off"? Philip Guenther
rsyncing -current packages -- pattern matching problems
hi, i am rsyncing -current packages & taking advantage of rsync's pattern matching to avoid specifying the package versions, to make a local repository for upgrades. there are several packages that i _don't_ want to retrieve flavours for, e.g. cyrus-sasl as an example. but i haven't been able to force just the base package, without specifying identically the filename - which defeats the purpose of what i was trying to achieve. here's my current go, trimmed to show the specific problem: $ cat snapshot.inc # include file for rsync cvsync-* cyrus-sasl-* - cyrus-sasl-*db* - cyrus-sasl-*mysql* - cyrus-sasl-*ldap* db-4* - *.tgz $ rsync -thrivz --stats --del -n rsync://rsync.de.openbsd.org/OpenBSD/snapshots/packages/i386 /var/tmp/packages/ --include-from=snapshot.inc [...] >f+++ i386/cvsync-0.24.19.tgz >f+++ i386/cyrus-sasl-2.1.21p2-db4.tgz >f+++ i386/cyrus-sasl-2.1.21p2-ldap.tgz >f+++ i386/cyrus-sasl-2.1.21p2-mysql.tgz >f+++ i386/cyrus-sasl-2.1.21p2.tgz >f+++ i386/db-4.2.52p11.tgz >f+++ i386/index.txt [...] but I _don't_ want to retrieve all the{db4,ldap,mysql} flavors - just the base one. can anybody help? a+ scorch out of the frying pan & into the fire
Serial console not working for IBM Aptiva
Greetings, I've installed OBSD 3.9 on an old (circa 2000) IBM Aptiva successfully, but I'm having trouble configuring a serial console for it. Firstly, selecting a serial console at installation produced an incorrect boot.conf as follows: # cat /etc/boot.conf stty com 9600 set tty com Unsurprisingly this didn't boot with boot(8) reporting the device "com" was not a proper console device. boot(8) did find pc0, com0 and com1 however, so I changed boot.conf: # cat /etc/boot.conf stty com0 9600 set tty com0 After connecting a known working null modem cable to COM2 [yes, COM2 not COM1] on the Aptiva we make progress attempting to connect a serial console from another OBSD 3.9 machine and then booting the Aptiva, but not much: # tip tty00 connected boot> 10 boting hd0a:10: open hd0a:10: No such file or directory failed(2). will try /obsd boot> boot> > boot> > > boot> > > > boot> > > > > boot> > > > > > boot> > > > > > > boot> > > > > > > > boot> > > > > > > > > boot> > > > > > > > > > boot> > > > > > > > > > > boot> > > > > > > > > > > > boot> > > > > > > > > > > > > boot> > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > boot> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
Re: missing isakmpd.fifo
Anyone know if there would be a negative affect on isakmpd if the immutable flag was set on the file /var/run/isakmpd.fifo ? On Sat, 17 Feb 2007, Matthew Closson wrote: Hello, I am experiencing the same problem. I am testing it to see if I can find what is causing it. I am running OpenBSD 4.0-stable and I went to add a new tunnel today and was greeted with a message the isakmpd.fifo did not exist. I have isakmpd enabled in /etc/rc.conf with flags -K. Even though I do not specify a location on the command line of isakmpd for the fifo to occur, it does exist in fact when the process is launched and sometime later dies off. This is what I found today: # echo ike esp from 172.31.33.0/24 to 10.9.9.0/24 peer aaa.bbb.ccc.ddd psk "" | ipsecctl -f - ipsecctl: ike_ipsec_establish: open(/var/run/isakmpd.fifo): No such file or directory Where as before the exact same command has worked fine. Thanks, -Matt- On Wed, 7 Feb 2007, Dag Richards wrote: Toni Mueller wrote: Hi Dag, On Thu, 01.02.2007 at 08:37:01 -0800, Dag Richards <[EMAIL PROTECTED]> wrote: locations. Yesterday I needed to add a tunnel, there was no /var/run/isakmpd.fifo ... odd says I. isakmpd had been running since mid The fifo was recreated, I could use it to control isakmpd. OK. Today I look for isakmpd.fifo, it has disappeared again. and nothing I do not expect to see. I am not running out of disk space ... anybody seen this before? please check again using -i in order to find out whether you have enough disk space. Best, --Toni++ hsdcert0:root:/root #df -i Filesystem 1K-blocks Used Avail Capacity iused ifree %iused Mounted on /dev/sd0a 4126462 35180 3884960 1%2204 533602 0% / /dev/sd0e 103030244978744 0% 16 144238 0% /home /dev/sd0d 1030302 2978786 0% 1 144253 0% /tmp /dev/sd0f10318830391228 9411662 4% 13887 1305023 1% /usr /dev/sd0g16423486 1080606 14521706 7%3564 2077842 0% /var Nope plenty inodes too.
Resume of Steve Snow : Database SQL Applications Programmer
Please forward this resume to your Database and software development, MIS/IT/Software Department for review. -- Resume of Steve Snow -- Phone: 970-300-4770 -- [EMAIL PROTECTED] -- Work Experience: * 20 Years Database and Software Application developer * References available on request. * Create/Fix/Change/Convert Databases. * Display your data on your website, any number of pages in html/PHP/ASP. * Graphs, Maps, Charts, Diagrams, Pictures, Photos, and Graphics in Database and Reports. * Mail Merge of Databases/Information/Spreadsheets/Programs. * Create reports from Data such as PDF, Spreadsheet or HTML. * Sales leads for clients using Internet Resources. * Solving almost any job any data from any program source. * Fill out Website Forms automatically, or gather intelligence from them. * Exchange data from any number of programs, including websites. * Create inter office communication between cities/locations using Internet. * Inventory, Sales Lead, Accounting, Statistical Database Creation. * Meetings with employees to understand their needs/solution they wanted. * Training of personnel in all above systems. * Write software to perform the above jobs. * Problem solve any data question/problem you may have. * Transfer data between any number of unrelated programs, including websites. * Merge Data from unrelated programs and databases. * Test your entire website for errors by automatically filling in all your webforms on all your webpages. * Screenscrape, Webscraping, and Datamining from the internet straight to your custom databases. * Chief Developer and programmer for above with 30 years experience. -- Skills: * All VB/VBA,COM/ActiveX,DOM,SOAP, .NET * All SQL programming, Oracle (incl. PL/SQL),MS Access,SQL Server,Sybase * XML,HTML * All database access methods, ADO (ActiveX Data Objects),DAO (Data Access Objects),Microsoft Jet, ODBC * Operating systems, Windows NT 4.0 / 2000 / XP,Windows 95 / 98,ndows 3.1 / 3.11 -- Availability: * By the job or task/requirement (bid). * Contract or Independent Consultant * Full or part time Employee. * Can fly in and be available for "Live" meetings on short notice. * Remote desktop (anywhere in the world, using XP Pro and above). -- Bondable/References * SECRET Clearance (US Government) * Fully bondable * Non-disclosure/Confidentiality Agreements. -- Education * US Military, includes "SECRET" Clearance, University, Trade Schools and Certifications. -- Citizenship * Us Citizen. -- Vehicle/License * Class "A" License -- Special Mention * Can sign a waiver to not use your Company's Medical Insurance Policy (Already covered by US Veteran's Administration Medical Insurance)
Re: OpenBSD speed on desktops
On Sat, Feb 17, 2007 at 05:09:26PM -0700, Theo de Raadt wrote: > > Most modern Linux distributions optimize dynamic library load using > > prelinking; 4.0 and later have a comparable idea implemented > > ('prebind'), but in a way that does not interfere with OpenBSD's > > security features. This is not enabled by default (I'm not sure why not, > > and would be very grateful if anybody would tell me, BTW), > > The pkg tree is not yet ready to do the right thing for this, heck, > even the base is not fully prepared for this to be on by default. > Prebind appends an information block to the end of libraries, and > there are some more details which need to be considered, and handled. > > Furthermore, anytime you did a 'make build' of your system, the prebind > information changes in that information block, and when any of it is > invalid, it ignored, and you are right back in the un-optimized mode. > That's safe, and fine, but there are issues. > > Like everything else in OpenBSD, we make it available early, and then > we turn it on when we are confident. You don't even need to know the > above details -- just trust we are making the right decisions. Okay, that's about what I expected. Thanks! And, frankly, if I didn't have a lot of confidence in you guys making the right decisions, I wouldn't be running OpenBSD. I *do* like understanding how stuff works, though. Joachim
Re: missing isakmpd.fifo
Hello, I am experiencing the same problem. I am testing it to see if I can find what is causing it. I am running OpenBSD 4.0-stable and I went to add a new tunnel today and was greeted with a message the isakmpd.fifo did not exist. I have isakmpd enabled in /etc/rc.conf with flags -K. Even though I do not specify a location on the command line of isakmpd for the fifo to occur, it does exist in fact when the process is launched and sometime later dies off. This is what I found today: # echo ike esp from 172.31.33.0/24 to 10.9.9.0/24 peer aaa.bbb.ccc.ddd psk "" | ipsecctl -f - ipsecctl: ike_ipsec_establish: open(/var/run/isakmpd.fifo): No such file or directory Where as before the exact same command has worked fine. Thanks, -Matt- On Wed, 7 Feb 2007, Dag Richards wrote: Toni Mueller wrote: Hi Dag, On Thu, 01.02.2007 at 08:37:01 -0800, Dag Richards <[EMAIL PROTECTED]> wrote: locations. Yesterday I needed to add a tunnel, there was no /var/run/isakmpd.fifo ... odd says I. isakmpd had been running since mid The fifo was recreated, I could use it to control isakmpd. OK. Today I look for isakmpd.fifo, it has disappeared again. and nothing I do not expect to see. I am not running out of disk space ... anybody seen this before? please check again using -i in order to find out whether you have enough disk space. Best, --Toni++ hsdcert0:root:/root #df -i Filesystem 1K-blocks Used Avail Capacity iused ifree %iused Mounted on /dev/sd0a 4126462 35180 3884960 1%2204 533602 0% / /dev/sd0e 103030244978744 0% 16 144238 0% /home /dev/sd0d 1030302 2978786 0% 1 144253 0% /tmp /dev/sd0f10318830391228 9411662 4% 13887 1305023 1% /usr /dev/sd0g16423486 1080606 14521706 7%3564 2077842 0% /var Nope plenty inodes too.
Re: OpenBSD speed on desktops
On 2/17/07, Jeff Rollin <[EMAIL PROTECTED]> wrote: On 17/02/07, Greg Thomas <[EMAIL PROTECTED]> wrote: > On 2/17/07, Jeff Rollin <[EMAIL PROTECTED]> wrote: > > > > > > What's stopping YOU? And even if something is stopping you, why do you feel > > it necessary or wise to tell that user to use Linux instead of working to > > improve OBSD and/or help him with his problem? > > > > Because in general it's a waste of time to help a user to get his > OpenBSD install to work just like his Linux install, performance-wise, > looks-wise, functionality-wise, etc. If the guy had given any > concrete info beyond "oooh, Firefox is slow to start up on OpenBSD" he > would probably receive some good suggestions on figuring out what the > problem is, if any. > > Personally my attitude is he can stick with Linux, not because he's > looking for a similar experience on OpenBSD but because he doesn't > seem to be able to formulate a reasonable request for help. > > Greg > > None of you seem the slightest bit interested in telling him HOW to "formulate a reasonable request for help". Damn, you're right. I forgot how hard it is to see this: http://www.openbsd.org/mail.html when looking for the mailing lists. But, here, I'll cc him with this message since it appears he didn't read the above: "Do your homework before you post If you have an installation question, make sure that you have read the relevant documents such as the INSTALL.* text files in the FTP installation directories, the FAQ and the relevant man pages (start with afterboot(8)), and check the mailing list archives. We want to help, but we wouldn't want to deprive you of a valuable learning experience, and no one wants to see the same question on the lists for the fifth time in a month." "Include important information Don't waste everyone's time with a hopelessly incomplete question. No one other than you has the information needed to resolve your problem, it is better to provide more information than needed than one detail too little. Any question should include at least the version of OpenBSD (i.e., "3.2-stable", "3.3-current as of July 20, 2003"). Any hardware related questions should mention the platform (i.e., sparc, alpha, etc.), and provide a full dmesg(8). Hardware model numbers, unfortunately, don't indicate much about the actual content of a particular machine or accessory, and are useless to anyone who doesn't have that exact machine sitting where they can easily recognize it. The dmesg(8) tells us exactly what is IN your machine, not what stickers are on the outside." HTH, Greg
Re: OpenBSD speed on desktops
> Most modern Linux distributions optimize dynamic library load using > prelinking; 4.0 and later have a comparable idea implemented > ('prebind'), but in a way that does not interfere with OpenBSD's > security features. This is not enabled by default (I'm not sure why not, > and would be very grateful if anybody would tell me, BTW), The pkg tree is not yet ready to do the right thing for this, heck, even the base is not fully prepared for this to be on by default. Prebind appends an information block to the end of libraries, and there are some more details which need to be considered, and handled. Furthermore, anytime you did a 'make build' of your system, the prebind information changes in that information block, and when any of it is invalid, it ignored, and you are right back in the un-optimized mode. That's safe, and fine, but there are issues. Like everything else in OpenBSD, we make it available early, and then we turn it on when we are confident. You don't even need to know the above details -- just trust we are making the right decisions.
Re: OpenBGPd won't receive prefix
On 2007/02/17 23:41, Falk Brockerhoff wrote: > I will play with localpref later, but before I want to ask if my planned > setup is the right solution for my needs. I want to run two bgp-routers > and connect several eBGP sessions to the two routers. > To the inside I want to provide a failover-tolerant default gateway for > my vlans, that's why I'm using carp. If you run PF on the same routers as well, take care with stateful rules, stateless is the easy way, or arrange so that the CARP master is a better route (maybe prepend on the backup). you are unlikely to get states sync'd quickly enough to avoid problems if you have things too asymmetric. > want to do this for the "internal" networks, too. I would normally use OSPF for this, using iBGP to carry internal routes is possible but I think mostly something done on larger networks. ospfd has a nice feature; when you use "interface carpXX { passive }", the network is only announced via OSPF when CARP is master. This works really well.
Re: OpenBSD speed on desktops
On 2/18/07 12:05 AM, Greg Thomas wrote: Personally my attitude is he can stick with Linux, not because he's looking for a similar experience on OpenBSD but because he doesn't seem to be able to formulate a reasonable request for help. That's negative. The call itself is positive and you can help him with formulating the request. Or, like Joachim, do a serious effort to help/educate him =and= lots of others. Fun to read. +++chefren
Re: OpenBSD speed on desktops
On 2/17/07, Jeff Rollin <[EMAIL PROTECTED]> wrote: What's stopping YOU? And even if something is stopping you, why do you feel it necessary or wise to tell that user to use Linux instead of working to improve OBSD and/or help him with his problem? Because in general it's a waste of time to help a user to get his OpenBSD install to work just like his Linux install, performance-wise, looks-wise, functionality-wise, etc. If the guy had given any concrete info beyond "oooh, Firefox is slow to start up on OpenBSD" he would probably receive some good suggestions on figuring out what the problem is, if any. Personally my attitude is he can stick with Linux, not because he's looking for a similar experience on OpenBSD but because he doesn't seem to be able to formulate a reasonable request for help. Greg
Re: OpenBGPd won't receive prefix
Claudio Jeker wrote: bgpd only sends the selected routes to the neighbors and the announced network from 194.9.86.1 has higher precedence and so only 194.9.86.2 has both networks in the table. If you remove the network on 194.9.86.1, 194.9.86.2 would announce the network to 194.9.86.1. Ah, ok. I follow this behavior; I just take down the carp- and vlan interfaces on 194.9.86.1 and it works as you described it. I will play with localpref later, but before I want to ask if my planned setup is the right solution for my needs. I want to run two bgp-routers and connect several eBGP sessions to the two routers. To the inside I want to provide a failover-tolerant default gateway for my vlans, that's why I'm using carp. If some or all eBGP sessions on one router fails I would like to route the packets over the other one, that's why I think iBGP is a fine way to do this. Ok, for this iBGP should redistribute the via eBGP learned routes. But I want to do this for the "internal" networks, too. If a link to my local switch fails, is this the right way to route the incoming packet over to the other router, which has a functional link to the local switch? I hope my explanation is not to confusing :-) Regards, Falk
Re: OpenBSD speed on desktops
On 17/02/07, Joachim Schipper <[EMAIL PROTECTED]> wrote: > > On Sat, Feb 17, 2007 at 12:36:00PM -0500, R. Fumione wrote: > > Hello, > > > > I am using OpenBSD on server since few years now, and I am very happy > > with it's easy maintenance and it's stability. I want to try on > > desktop, and I am having trouble. > > > > Everything is much slower than existing Linux system. For example, > > Firefox takes 3-5 seconds to start on Linux but ~10 seconds on > > OpenBSD on same machine! > > > > I tried compiler optimizations but those didn't help. Any suggestions? > > Please cc replies to me also as I am not on misc. Thanks. > > > > Fumione > > > > (Note: please do not tell me change to lighter window manager. I > > would like to use same environment or stay with Linux. Thanks.) > > I believe the standard response to any comparison "use Linux if you're > happy with it". Since you've already received that, here is an attempt > to do the question a little more justice. (However, it boils down to 'it > doesn't matter if FF loads a little slower, as long as it runs equally > fast'). > > Most modern Linux distributions optimize dynamic library load using > prelinking; 4.0 and later have a comparable idea implemented > ('prebind'), but in a way that does not interfere with OpenBSD's > security features. This is not enabled by default (I'm not sure why not, > and would be very grateful if anybody would tell me, BTW), but can be > enabled using `ldconfig -P /usr/bin /usr/sbin /usr/local/bin > /usr/local/sbin /usr/X11R6/bin'. This should result in a noticeable > speed increase, especially on programs with lots of loaded libraries - > and look in /usr/local/mozilla-firefox to see that FF does have 'lots of > loaded libraries'! > Of course, it would be a good idea to know why it's not the default > first. Also note that, if I remember correctly, prebind won't help if > you use a nonstandard LD_LIBRARY_PATH, as FF does... so the command > listed before is likely to work for just about every *other* program. > > Another aspect is that Linux is much more aggressive in caching data > from disk; if the amount of data read, the amount of work done in > between, and the amount of RAM is such that Linux can get most data from > its memory cache while OpenBSD has to read most of it from disk, Linux > will be a *lot* faster. Of course, you would only see this effect if you > started Firefox twice without doing much in between. > > Both of those could explain why FF loads slower. If either of those is > the big culprit, though, FF should run just as fast (slow) as it ever > did, and since you're not likely to start it that often, I'd be inclined > to say it isn't that big an issue. > > If a comparable slowdown is found in running FF, that would be a > problem. There are many variables there, of course... a dmesg might be > helpful, for instance. > > Aggressive compiler optimizations are not generally a good idea. The > developers believe they are an unnecessary source of bugs, and since > many optimizations are not enabled by default, there is not quite as > much opportunity to find bugs in them. Plus, no amount of fiddling is > likely to double speed. > > Since you didn't mention what you are using at the moment, I can't very > well tell you to switch to a lighter window manager, can I? Ion *is* > nice, though... ;-) > > Joachim > > Now that's what I call a helpful answer Jeff
Re: OpenBSD speed on desktops
On 17/02/07, Jeff Quast <[EMAIL PROTECTED]> wrote: > > On 2/17/07, Jeff Rollin <[EMAIL PROTECTED]> wrote: > > > > > > > > On 17/02/07, Jeff Quast <[EMAIL PROTECTED]> wrote: > > > On 2/17/07, Jeff Rollin <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > > > On 17/02/07, Jeff Quast <[EMAIL PROTECTED] > wrote: > > > > > On 2/17/07, R. Fumione <[EMAIL PROTECTED]> wrote: > > > > > > Hello, > > > > > > > > > > > > I am using OpenBSD on server since few years now, and I am very > > happy > > > > > > with it's easy maintenance and it's stability. I want to try on > > > > > > desktop, and I am having trouble. > > > > > > > > > > > > Everything is much slower than existing Linux system. For > example, > > > > > > Firefox takes 3-5 seconds to start on Linux but ~10 seconds on > > > > > > OpenBSD on same machine! > > > > > > > > > > > > I tried compiler optimizations but those didn't help. Any > > suggestions? > > > > > > Please cc replies to me also as I am not on misc. Thanks. > > > > > > > > > > > > Fumione > > > > > > > > > > > > (Note: please do not tell me change to lighter window manager. I > > > > > > would like to use same environment or stay with Linux. Thanks.) > > > > > > > > > > > > > > > > > > > > > > You can just stay with linux. Really, we won't mind. > > > > > > > > Why not try optimizing OBSD for desktop use? > > > > > > > > Jeff > > > > > > > > > I am porting x86-linux games to work on more architectures and more > > > operating systems: > > > > > http://www.flickr.com/photos/jquast/335431160/in/set-72157594443198409/ > > > > > > what are you doing? > > > > > > this person clearly didn't care to take the time(1) to back his > > > opinion, or provide any sort of information that we could help him on. > > > He just wanted to complain, and threaten us that he'll move to linux > > > unless we help him find a mysterious magical fine-tuning knob that > > > will make his firefox load faster? > > > > Strange, you had the time to explain that to me, but not to him? > > > > > For all we know he's no longer using his accellerated binary nvidia > > driver. > > > > > > I havn't got the fucking time. fuck him, let him use linux. > > > > > > > Agreed. It's not the lawsuit that makes people use Linux instead of the > > BSD's; it's the holier-than-thou, > > fuck-'em-if-they-dare-question-our-judgement attitude. > > This sentance doesn't make any sense. What lawsuits? question my > judgement? Who questioned my judgement? > > > Jeff > > Is it or is it not the case that some people feel the ATT vs USL lawsuit is what scares people off BSD? And as to questioning your judgement, why couldn't you give the user who started this thread the information you gave me? Why bother writing good documentation when we can just complain about > our experiences and help each other out instead? You are more than > welcome to hold that user's hand. > > I won't stop you. > What's stopping YOU? And even if something is stopping you, why do you feel it necessary or wise to tell that user to use Linux instead of working to improve OBSD and/or help him with his problem? Jeff
Re: OpenBSD speed on desktops
Agreed. It's not the lawsuit that makes people use Linux instead of the BSD's; it's the holier-than-thou, fuck-'em-if-they-dare-question-our-judgement attitude. Jeff indeed... actually, I was curious to see what answers fumione would get Mine is: I have been using GNU/Linux for years and I have also noticed that o'bsd is a _bit_ slower on the desktop, sometimes. But no that slower. In any case, I'd recommend you that you try to think in a different way. Don't try to make OpenBSD be like your linux, because it isn't (it's much better ;) ) Look for other possibilities. For instance: Have you tried to go back to mozilla? In my case firefox was behaving very buggy and consuming too much cpu. It's supposed to be a light-weight version of mozilla but I find that mozilla itself is much faster than firefox and doesn't consume almost anything (and the fonts are looking better too) Let us (at least me) know Cheers, Pau
Re: OpenBSD speed on desktops
On Sat, Feb 17, 2007 at 12:36:00PM -0500, R. Fumione wrote: > Hello, > > I am using OpenBSD on server since few years now, and I am very happy > with it's easy maintenance and it's stability. I want to try on > desktop, and I am having trouble. > > Everything is much slower than existing Linux system. For example, > Firefox takes 3-5 seconds to start on Linux but ~10 seconds on > OpenBSD on same machine! > > I tried compiler optimizations but those didn't help. Any suggestions? > Please cc replies to me also as I am not on misc. Thanks. > > Fumione > > (Note: please do not tell me change to lighter window manager. I > would like to use same environment or stay with Linux. Thanks.) I believe the standard response to any comparison "use Linux if you're happy with it". Since you've already received that, here is an attempt to do the question a little more justice. (However, it boils down to 'it doesn't matter if FF loads a little slower, as long as it runs equally fast'). Most modern Linux distributions optimize dynamic library load using prelinking; 4.0 and later have a comparable idea implemented ('prebind'), but in a way that does not interfere with OpenBSD's security features. This is not enabled by default (I'm not sure why not, and would be very grateful if anybody would tell me, BTW), but can be enabled using `ldconfig -P /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /usr/X11R6/bin'. This should result in a noticeable speed increase, especially on programs with lots of loaded libraries - and look in /usr/local/mozilla-firefox to see that FF does have 'lots of loaded libraries'! Of course, it would be a good idea to know why it's not the default first. Also note that, if I remember correctly, prebind won't help if you use a nonstandard LD_LIBRARY_PATH, as FF does... so the command listed before is likely to work for just about every *other* program. Another aspect is that Linux is much more aggressive in caching data from disk; if the amount of data read, the amount of work done in between, and the amount of RAM is such that Linux can get most data from its memory cache while OpenBSD has to read most of it from disk, Linux will be a *lot* faster. Of course, you would only see this effect if you started Firefox twice without doing much in between. Both of those could explain why FF loads slower. If either of those is the big culprit, though, FF should run just as fast (slow) as it ever did, and since you're not likely to start it that often, I'd be inclined to say it isn't that big an issue. If a comparable slowdown is found in running FF, that would be a problem. There are many variables there, of course... a dmesg might be helpful, for instance. Aggressive compiler optimizations are not generally a good idea. The developers believe they are an unnecessary source of bugs, and since many optimizations are not enabled by default, there is not quite as much opportunity to find bugs in them. Plus, no amount of fiddling is likely to double speed. Since you didn't mention what you are using at the moment, I can't very well tell you to switch to a lighter window manager, can I? Ion *is* nice, though... ;-) Joachim
Re: OpenBSD speed on desktops
On 17/02/07, Jeff Quast <[EMAIL PROTECTED]> wrote: > > On 2/17/07, Jeff Rollin <[EMAIL PROTECTED]> wrote: > > > > > > > > On 17/02/07, Jeff Quast <[EMAIL PROTECTED]> wrote: > > > On 2/17/07, R. Fumione <[EMAIL PROTECTED]> wrote: > > > > Hello, > > > > > > > > I am using OpenBSD on server since few years now, and I am very > happy > > > > with it's easy maintenance and it's stability. I want to try on > > > > desktop, and I am having trouble. > > > > > > > > Everything is much slower than existing Linux system. For example, > > > > Firefox takes 3-5 seconds to start on Linux but ~10 seconds on > > > > OpenBSD on same machine! > > > > > > > > I tried compiler optimizations but those didn't help. Any > suggestions? > > > > Please cc replies to me also as I am not on misc. Thanks. > > > > > > > > Fumione > > > > > > > > (Note: please do not tell me change to lighter window manager. I > > > > would like to use same environment or stay with Linux. Thanks.) > > > > > > > > > > > > > > You can just stay with linux. Really, we won't mind. > > > > Why not try optimizing OBSD for desktop use? > > > > Jeff > > > I am porting x86-linux games to work on more architectures and more > operating systems: > http://www.flickr.com/photos/jquast/335431160/in/set-72157594443198409/ > > what are you doing? > > this person clearly didn't care to take the time(1) to back his > opinion, or provide any sort of information that we could help him on. > He just wanted to complain, and threaten us that he'll move to linux > unless we help him find a mysterious magical fine-tuning knob that > will make his firefox load faster? Strange, you had the time to explain that to me, but not to him? For all we know he's no longer using his accellerated binary nvidia driver. > > I havn't got the fucking time. fuck him, let him use linux. > Agreed. It's not the lawsuit that makes people use Linux instead of the BSD's; it's the holier-than-thou, fuck-'em-if-they-dare-question-our-judgement attitude. Jeff
Re: pf three-legged vpn pass through question(s)
On 2/17/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: I am building a three-legged firewall to protect a Windoze based network. This is my first three-legged race. Easy stuff, don't sweat it. In the pf-faq, under the Packet Tagging section (Policy Filtering), there is an example which passes traffic onto a DMZ network. However, If I am starting to understand this, it would seem that the example is missing an rdr statement to redirect the web and mail into the DMZ. There are "pass" statements for the web and mail - but I don't think that they would actually take care of getting that traffic to the specified servers. Am I wrong? Depends on if the DMZ address space can be routed to directly from the Internet (as many/most DMZs are, on their only publicly-routable addresses). If you've got them sitting on RFC1918 address space behind the firewall, you'd need to rdr traffic accordingly. The other thing that sort of confuses me right now is that there appear to be tags in use before they are assigned. This is probably the way it works, but it seems counter intuitive to me. I'm not understanding the program flow - I guess I would have to put my "C" hat on and dive into the code to really understand it (or thoroughly confuse myself). But in short - I think my question regarding that would be: is it ok to have a "tagged" line in the pf.conf prior to having a matching "tag" created? There's no mention anywhere I can find of having to predeclare tags first. If a rule matches, it gets the tag you specify. Don't overcomplicate it. ;) DS
Re: Is atheros AR5213 fully supported on OpenBSD 4.0?
On 2/18/07, Siju George <[EMAIL PROTECTED]> wrote: full dmesg is at the end of the mail. sorry it is here :-) == OpenBSD 4.0 (GENERIC) #690: Sat Sep 16 20:26:25 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 469037056 (458044K) avail mem = 389718016 (380584K) using 11502 buffers containing 47112192 bytes (46008K) of memory mainbus0 (root) bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf0730 (54 entries) bios0: ASUSTeK Computer INC. A8V-VM cpu0 at mainbus0: (uniprocessor) cpu0: AMD Athlon(tm) 64 Processor 3500+, 2200.40 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 vendor "VIA", unknown product 0x0336 rev 0x00 pchb1 at pci0 dev 0 function 1 vendor "VIA", unknown product 0x1336 rev 0x00 pchb2 at pci0 dev 0 function 2 vendor "VIA", unknown product 0x2336 rev 0x00 pchb3 at pci0 dev 0 function 3 vendor "VIA", unknown product 0x3336 rev 0x00 pchb4 at pci0 dev 0 function 4 vendor "VIA", unknown product 0x4336 rev 0x00 vendor "VIA", unknown product 0x5336 (class system subclass interrupt, rev 0x00) at pci0 dev 0 function 5 not configured pchb5 at pci0 dev 0 function 6 vendor "VIA", unknown product 0x6290 rev 0x00 pchb6 at pci0 dev 0 function 7 vendor "VIA", unknown product 0x7336 rev 0x00 ppb0 at pci0 dev 1 function 0 "VIA K8HTB AGP" rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 vendor "VIA", unknown product 0x3230 rev 0x01 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pciide0 at pci0 dev 15 function 0 "VIA VT8251 SATA" rev 0x00: DMA pciide0: using irq 5 for native-PCI interrupt pciide1 at pci0 dev 15 function 1 "VIA VT82C571 IDE" rev 0x07: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide1 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 38166MB, 78165360 sectors wd0(pciide1:0:0): using PIO mode 4, DMA mode 2 atapiscsi0 at pciide1 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable cd0(pciide1:1:0): using PIO mode 4, DMA mode 2 uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x90: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x90: irq 4 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x90: irq 5 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 16 function 3 "VIA VT83C572 USB" rev 0x90: irq 5 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x90: irq 4 usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: VIA EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports with 8 removable, self powered pcib0 at pci0 dev 17 function 0 "VIA VT8251 ISA" rev 0x00 pchb7 at pci0 dev 17 function 7 "VIA VT8251 VLINK" rev 0x00 vr0 at pci0 dev 18 function 0 "VIA RhineII-2" rev 0x7c: irq 11, address 00:18:f3:a7:74:73 rlphy0 at vr0 phy 1: RTL8201L 10/100 PHY, rev. 1 ppb1 at pci0 dev 19 function 0 "VIA VT8251 PCIE" rev 0x00 pci2 at ppb1 bus 4 azalia0 at pci2 dev 1 function 0 "VIA HD Audio" rev 0x00: irq 5 azalia0: host: High Definition Audio rev. 1.0 azalia0: codec: 0x04x/0x11d4 (rev. 5.0), HDA version 1.0 audio0 at azalia0 ppb2 at pci0 dev 19 function 1 "VIA VT8251 PCI" rev 0x00 pci3 at ppb2 bus 5 ath0 at pci3 dev 8 function 0 "Atheros AR5212" rev 0x01: irq 11 ath0: AR5213 5.9 phy 4.3 rf5112a 3.6, FCC2A*, address 00:13:46:9a:27:31 skc0 at pci3 dev 9 function 0 "D-Link Systems DGE-530T A1" rev 0x11, Marvell Yukon (0x1): irq 5 sk0 at skc0 port A, address 00:0f:3d:f4:89:61 eephy0 at sk0 phy 0: Marvell 88E1011 Gigabit PHY, rev. 3 pchb8 at pci0 dev 24 function 0 "AMD AMD64 HyperTransport" rev 0x00 pchb9 at pci0 dev 24 function 1 "AMD AMD64 Address Map" rev 0x00 pchb10 at pci0 dev 24 function 2 "AMD AMD64 DRAM Cfg" rev 0x00 pchb11 at pci0 dev 24 function 3 "AMD AMD64 Misc Cfg" rev 0x00 isa0 at pcib0 isadma0 at isa0 com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using
pf three-legged vpn pass through question(s)
Qick backgroud to solicit examples: I am building a three-legged firewall to protect a Windoze based network. This is my first three-legged race. Sitting in my DMZ is a Windows VPN server, which needs to send/receive PPTP and GRE traffic. I am working through the pf-faq.pdf right now. I'm either starting to understand the way the flow of pf works - or I'm totally lost. In the pf-faq, under the Packet Tagging section (Policy Filtering), there is an example which passes traffic onto a DMZ network. However, If I am starting to understand this, it would seem that the example is missing an rdr statement to redirect the web and mail into the DMZ. There are "pass" statements for the web and mail - but I don't think that they would actually take care of getting that traffic to the specified servers. Am I wrong? The other thing that sort of confuses me right now is that there appear to be tags in use before they are assigned. This is probably the way it works, but it seems counter intuitive to me. I'm not understanding the program flow - I guess I would have to put my "C" hat on and dive into the code to really understand it (or thoroughly confuse myself). But in short - I think my question regarding that would be: is it ok to have a "tagged" line in the pf.conf prior to having a matching "tag" created? thanks to anyone who assists me with this - example pf.conf files of similar three-legged or VPN pass through configurations are very welcome! -- 010101010101010101010101010101010 010101010101010101010101010101010 0101010101 Meta Junkie 101010101010 010101010101010101010101010101010 010101010101010101010101010100101
Is atheros AR5213 fully supported on OpenBSD 4.0?
Hi, I got a wireless NIC to play with for a few days. Hope to learn OpenBSD wireless networking techniques in that time :-) It is a D-Link DWL-AG530 Wireless 108AG Desktop Adapter. I fixed it in one of the PCI slots of my OpenBSD 4.0 on amd64. It appears in the dmesg as the following. === $ dmesg |grep ath ath0 at pci3 dev 8 function 0 "Atheros AR5212" rev 0x01: irq 11 ath0: AR5213 5.9 phy 4.3 rf5112a 3.6, FCC2A*, address 00:13:46:9a:27:31 ath0 at pci3 dev 8 function 0 "Atheros AR5212" rev 0x01: irq 11 ath0: AR5213 5.9 phy 4.3 rf5112a 3.6, FCC2A*, address 00:13:46:9a:27:31 ath0 at pci3 dev 8 function 0 "Atheros AR5212" rev 0x01: irq 11 ath0: AR5213 5.9 phy 4.3 rf5112a 3.6, FCC2A*, address 00:13:46:9a:27:31 = full dmesg is at the end of the mail. how ever the man page ath(4) only lists The ath driver provides support for wireless network devices based on the Atheros AR5210, AR5211, and AR5212 chips. and not AR5213. I did configure it in with the file. $ cat /etc/hostname.ath0 inet 192.168.5.5 255.255.255.0 NONE media autoselect mediaopt hostap mode 11g nwid my_secure_wlan chan 11 and it appears in the ifconfig as === ath0: flags=8863 mtu 1500 lladdr 00:13:46:9a:27:31 media: IEEE802.11 autoselect mode 11g hostap status: active ieee80211: nwid my_secure_wlan chan 11 bssid 00:13:46:9a:27:31 inet 192.168.5.5 netmask 0xff00 broadcast 192.168.5.255 inet6 fe80::213:46ff:fe9a:2731%ath0 prefixlen 64 scopeid 0x2 === The status is active :-) is this suffucient to know if it will work right? I am a bit apprehensive since it is not listed on the man page. Are there people out there successfully using this model? Please let me know :-) Thankyou so much Kind Regards Siju
Re: OpenBSD speed on desktops
On 2/17/07, R. Fumione <[EMAIL PROTECTED]> wrote: Hello, I am using OpenBSD on server since few years now, and I am very happy with it's easy maintenance and it's stability. I want to try on desktop, and I am having trouble. Everything is much slower than existing Linux system. For example, Firefox takes 3-5 seconds to start on Linux but ~10 seconds on OpenBSD on same machine! I tried compiler optimizations but those didn't help. Any suggestions? Please cc replies to me also as I am not on misc. Thanks. Fumione (Note: please do not tell me change to lighter window manager. I would like to use same environment or stay with Linux. Thanks.) You can just stay with linux. Really, we won't mind. Take care, jdq
OpenBSD speed on desktops
Hello, I am using OpenBSD on server since few years now, and I am very happy with it's easy maintenance and it's stability. I want to try on desktop, and I am having trouble. Everything is much slower than existing Linux system. For example, Firefox takes 3-5 seconds to start on Linux but ~10 seconds on OpenBSD on same machine! I tried compiler optimizations but those didn't help. Any suggestions? Please cc replies to me also as I am not on misc. Thanks. Fumione (Note: please do not tell me change to lighter window manager. I would like to use same environment or stay with Linux. Thanks.)
Re: OpenBGPd won't receive prefix
On Sat, Feb 17, 2007 at 04:02:22PM +0100, Falk Brockerhoff - smartTERRA GmbH wrote: > Hello, > > I just set up two identical machines to make some tests with vlan, carp > and openbgpd to replace my cisco routers in the next couple of months. > VLAN- and carp-configuratin is quite easy, it works out of the box and > without any problems. OpenBGPd runs fine, too. Err, nearly fine. > > I named my two boxes Pinky and Brain :) On both I configured the same > VLAN and CARP - this should be the local gateways for the other boxes > connected using a normale cisco switch. I pasted the output of the > ifconfig command to the bottom of this mail. > > To reach some kind of redundancy I set up an iBGP-Session between Pinky > and Brain. It is a very simple configuration and has only minor > differences - you can find the complete configuration file at the bottom > of the mail: > > < router-id 194.9.86.1 > > router-id 194.9.86.2 > > < neighbor 194.9.86.2 { > > neighbor 194.9.86.1 { > > < local-address 194.9.86.1 > > local-address 194.9.86.2 > > I expect to receive the specifed network-prefix from Pinky on Brain via > iBGP and vice versa. But on Brain I can't find any advertised prefix > from Pinky: > > Pinky# bgpctl sh > > > Neighbor ASMsgRcvdMsgSentOutQ Up/Down > State/PrefixRcvd > Brain35548 8 7 0 00:04:23 0 > > The other side works fine, Brain is receiving the prefix from Pinky. > Brain# bgpctl sh > > > Neighbor ASMsgRcvdMsgSentOutQ Up/Down > State/PrefixRcvd > Pinky35548 6 7 0 00:03:11 1 > > Both sides advertises the prefix, I can't find any misconfiguration on > this. Brain advertises the prefix as you can see here: > > Brain# bgpctl sh rib > > > flags: * = Valid, > = Selected, I = via IBGP, A = Announced > origin: i = IGP, e = EGP, ? = Incomplete > > flags destination gateway lpref med aspath origin > I*> 195.140.212.0/23194.9.86.1 100 0 i > AI* 195.140.212.0/230.0.0.0100 0 i > > > But I don't received it on Pinky (as you can see above): > > Pinky# bgpctl sh rib > flags: * = Valid, > = Selected, I = via IBGP, A = Announced > origin: i = IGP, e = EGP, ? = Incomplete > > flags destination gateway lpref med aspath origin > AI*> 195.140.212.0/230.0.0.0100 0 i > > > Does anybody has an explanation for this behaviour? I tried without any > vlan and carp interface only with "normal" configured interfaces - the > same. I'm at a loss. You are my last hope :-)) > > bgpd only sends the selected routes to the neighbors and the announced network from 194.9.86.1 has higher precedence and so only 194.9.86.2 has both networks in the table. If you remove the network on 194.9.86.1, 194.9.86.2 would announce the network to 194.9.86.1. You can play with "network 195.140.212.0/23 set localpref x" to see this effect in both directions. > Regards, > > Falk > > --snipp-- > Output of the ifconfig command: > > ##Pinky: > vlan212: flags=8943 mtu 1500 > lladdr 00:06:5b:ec:48:c5 > vlan: 212 priority: 0 parent interface: em1 > groups: vlan > inet6 fe80::206:5bff:feec:48c5%vlan212 prefixlen 64 scopeid 0x9 > inet 195.140.212.2 netmask 0x broadcast 195.140.212.2 > carp212: flags=8843 mtu 1500 > lladdr 00:00:5e:00:01:d4 > carp: MASTER carpdev vlan212 vhid 212 advbase 1 advskew 0 > groups: carp > inet6 fe80::200:5eff:fe00:1d4%carp212 prefixlen 64 scopeid 0xe > inet 195.140.212.1 netmask 0xff00 broadcast 195.140.212.255 > > ##Brain: > vlan212: flags=8943 mtu 1500 > lladdr 00:0f:1f:66:3f:d3 > vlan: 212 priority: 0 parent interface: em1 > groups: vlan > inet6 fe80::20f:1fff:fe66:3fd3%vlan212 prefixlen 64 scopeid 0x9 > inet 195.140.212.3 netmask 0x broadcast 195.140.212.3 > carp212: flags=8843 mtu 1500 > lladdr 00:00:5e:00:01:d4 > carp: BACKUP carpdev vlan212 vhid 212 advbase 1 advskew 0 > groups: carp > inet6 fe80::200:5eff:fe00:1d4%carp212 prefixlen 64 scopeid 0xf > inet 195.140.212.1 netmask 0xff00 broadcast 195.140.212.255 > > > --snipp-- > The complete configuration file: > > ##Pinky: > # global configuration > AS 35548 > router-id 194.9.86.1 > network 195.140.212.0/23 > > holdtime180 > holdtime min3 > > neighbor 194.9.86.2 { > remote-as 35548 > descr Brain > local-address 194.9.86.1 > announceall > tcp md5sig key foobar > } > > # filter out prefixes longer than 24 or shorter than 8 bits > deny from any > allow from any prefixlen 8 - 24 > > # do not accept a default route > deny from any prefix 0.0.0.0/0 > > # filte
Emergency outage at ualberta.ca - may impact ftp and www
Hi everyone. We have an emergency outage this weekend starting at 1700h GMT - main power to the building where ftp.openbsd.org and www.openbsd.org live is being cut for a four hours. We do have UPSes and I'm told the backup generator will keep everything going, but just in case we go off the air for a while, it's because of our outage. Sorry for the short notice. CK -- GDB has a 'break' feature; why doesn't it have 'fix' too?
Re: is there [EMAIL PROTECTED] archive?
On Sat, Feb 17, 2007 at 09:35:19AM +0100, Dunceor wrote: > Well it was just an idea, maybe i'll just hack together a online dmesg > tool and let the people who wants to send it be able to send it. Or just use the one at nycbug[1], which already has dmesgs, is already coded up, and has a nice interface. The more dmesgs in one place, the better. Another alternative for the project would be to have public-dmesg@ in addition to [EMAIL PROTECTED] Everything sent to public-dmesg@ would get processed the same as dmesg@, plus it would be made available publicly. dmesg@ would be the same as always... [1] http://www.nycbug.org/?NAV=dmesgd -- Darrin Chandler | Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/darrin/ |
OpenBGPd won't receive prefix
Hello, I just set up two identical machines to make some tests with vlan, carp and openbgpd to replace my cisco routers in the next couple of months. VLAN- and carp-configuratin is quite easy, it works out of the box and without any problems. OpenBGPd runs fine, too. Err, nearly fine. I named my two boxes Pinky and Brain :) On both I configured the same VLAN and CARP - this should be the local gateways for the other boxes connected using a normale cisco switch. I pasted the output of the ifconfig command to the bottom of this mail. To reach some kind of redundancy I set up an iBGP-Session between Pinky and Brain. It is a very simple configuration and has only minor differences - you can find the complete configuration file at the bottom of the mail: < router-id 194.9.86.1 > router-id 194.9.86.2 < neighbor 194.9.86.2 { > neighbor 194.9.86.1 { < local-address 194.9.86.1 > local-address 194.9.86.2 I expect to receive the specifed network-prefix from Pinky on Brain via iBGP and vice versa. But on Brain I can't find any advertised prefix from Pinky: Pinky# bgpctl sh Neighbor ASMsgRcvdMsgSentOutQ Up/Down State/PrefixRcvd Brain35548 8 7 0 00:04:23 0 The other side works fine, Brain is receiving the prefix from Pinky. Brain# bgpctl sh Neighbor ASMsgRcvdMsgSentOutQ Up/Down State/PrefixRcvd Pinky35548 6 7 0 00:03:11 1 Both sides advertises the prefix, I can't find any misconfiguration on this. Brain advertises the prefix as you can see here: Brain# bgpctl sh rib flags: * = Valid, > = Selected, I = via IBGP, A = Announced origin: i = IGP, e = EGP, ? = Incomplete flags destination gateway lpref med aspath origin I*> 195.140.212.0/23194.9.86.1 100 0 i AI* 195.140.212.0/230.0.0.0100 0 i But I don't received it on Pinky (as you can see above): Pinky# bgpctl sh rib flags: * = Valid, > = Selected, I = via IBGP, A = Announced origin: i = IGP, e = EGP, ? = Incomplete flags destination gateway lpref med aspath origin AI*> 195.140.212.0/230.0.0.0100 0 i Does anybody has an explanation for this behaviour? I tried without any vlan and carp interface only with "normal" configured interfaces - the same. I'm at a loss. You are my last hope :-)) Regards, Falk --snipp-- Output of the ifconfig command: ##Pinky: vlan212: flags=8943 mtu 1500 lladdr 00:06:5b:ec:48:c5 vlan: 212 priority: 0 parent interface: em1 groups: vlan inet6 fe80::206:5bff:feec:48c5%vlan212 prefixlen 64 scopeid 0x9 inet 195.140.212.2 netmask 0x broadcast 195.140.212.2 carp212: flags=8843 mtu 1500 lladdr 00:00:5e:00:01:d4 carp: MASTER carpdev vlan212 vhid 212 advbase 1 advskew 0 groups: carp inet6 fe80::200:5eff:fe00:1d4%carp212 prefixlen 64 scopeid 0xe inet 195.140.212.1 netmask 0xff00 broadcast 195.140.212.255 ##Brain: vlan212: flags=8943 mtu 1500 lladdr 00:0f:1f:66:3f:d3 vlan: 212 priority: 0 parent interface: em1 groups: vlan inet6 fe80::20f:1fff:fe66:3fd3%vlan212 prefixlen 64 scopeid 0x9 inet 195.140.212.3 netmask 0x broadcast 195.140.212.3 carp212: flags=8843 mtu 1500 lladdr 00:00:5e:00:01:d4 carp: BACKUP carpdev vlan212 vhid 212 advbase 1 advskew 0 groups: carp inet6 fe80::200:5eff:fe00:1d4%carp212 prefixlen 64 scopeid 0xf inet 195.140.212.1 netmask 0xff00 broadcast 195.140.212.255 --snipp-- The complete configuration file: ##Pinky: # global configuration AS 35548 router-id 194.9.86.1 network 195.140.212.0/23 holdtime180 holdtime min3 neighbor 194.9.86.2 { remote-as 35548 descr Brain local-address 194.9.86.1 announceall tcp md5sig key foobar } # filter out prefixes longer than 24 or shorter than 8 bits deny from any allow from any prefixlen 8 - 24 # do not accept a default route deny from any prefix 0.0.0.0/0 # filter bogus networks deny from any prefix 10.0.0.0/8 prefixlen >= 8 deny from any prefix 172.16.0.0/12 prefixlen >= 12 deny from any prefix 192.168.0.0/16 prefixlen >= 16 deny from any prefix 169.254.0.0/16 prefixlen >= 16 deny from any prefix 192.0.2.0/24 prefixlen >= 24 deny from any prefix 224.0.0.0/4 prefixlen >= 4 deny from any prefix 240.0.0.0/4 prefixlen >= 4 ##Brain: # global configuration AS 35548 router-id 194.9.86.2 network 195.140.212.0/23 holdtime180 holdtime min3 neighbor 194.9.86.1 { remote-as 35548 descr Pinky local-address 194.9.86.2 announceall tcp md5sig key foobar }
Re: ftp-proxy problem using active ftp
Camiel, Thanks for all your help. It looks like it is something upstream, because all your hints check out. Today I tried to ssh externally to the OpenBSD firewall and what do you think; no packets arrive at the external interface. So it must be that damn IAS modem that is blocking everything. How on earth can they setup something like that? Cost me a day to find out (partially my fault of course). Thanks again. Nils -Original Message- From: Camiel Dobbelaar [mailto:[EMAIL PROTECTED] Sent: vrijdag 16 februari 2007 19:24 To: Reuvers, Nils Cc: misc@openbsd.org Subject: Re: ftp-proxy problem using active ftp On Fri, 16 Feb 2007, [EMAIL PROTECTED] wrote: > #1 client: PORT 192,168,1,56,9,96\r\n > #1 proxy: PORT 193,172,163,50,235,99\r\n 193.172.163.50 is the correct external IP ? Does the firewall have more then one external IP? > #1 server: 200 PORT command successful - not using PASV eh?\r\n > #1 active: server to client port 2400 via port 60259 > #1 client: NLST\r\n This looks fine. At the point where it says "active" it has inserted the rules. You can check those like this: # pfctl -sA -v ftp-proxy ftp-proxy/27568.13 # pfctl -a ftp-proxy/27568.13 -sr pass in quick inet proto tcp from 129.128.5.191 to 192.168.28.28 port = 58202 flags S/SA keep state (max 1) rtable 0 pass out quick inet proto tcp from 129.128.5.191 to 192.168.28.28 port = 58202 flags S/SA keep state (max 1) rtable 0 and with -sn for the nat rules. Do those look correct? > My PF log isn't showing anything useful regarding ftp. Make sure all the rules have the log option set, especially the block rules. You can also try tcpdump on the external interface to check if the SYN packets of the active connection are coming in. If nothing comes in, someone upstream may be blocking. -- Cam = A disclaimer applies to this email and any attachments. Refer to http://www.sparkholland.com/emaildisclaimer for the full text of this disclaimer.
Re: PowerEdge 2950 "sd0: not queued: error 5"
On 2/17/07, Alejandro <[EMAIL PROTECTED]> wrote: UPDATE: It might not have any relation, one of our PowerEdges 2850 on the US (the 2950 one was in... Argentina) just went kaboom almost the same way... It stopped accesing the disk, it was responsive but you couldnt do anything, the console (IP KVM) showed: "ami0: timeout ccb" several times. This is an older system with other LSI card and OpenBSD 3.9 with RAID10. This one went even further with the problem, on reboot (IP PowerStrips :P), during the RAID card initialization it said "TBBU cache data is invalid" and then: Hi Alejandro, About three months ago, a friend of mine had problems with a SAS disk on a PE2950. Dell said there was a critical update of the firmware disks to apply. Unfortunately his server runs Windows and I don't know if this can be related. I eventually updated my 2950 with the dell upgrade. It's a cdrom iso you can download on a dell ftp site. You should ask Dell for the exact location. Hope this can help. Mattieu DRAM/NVRAM cfg match Disks have good cfg but they do not match DRAM cfg Firmware cannot flush cache After resaving RAID configuration it started OK and everything seems nominal... Nothing on the logs. It was very alike to the other problem, but both could have been crappy Dell hardware, just mentioning this for if anyone gets any idea... Something funny to mention, this machine was carped but it was sending advertises over the carp interface, even thought it had no disk, so the other never took the MASTER Thanks, Alejandro. dmesg: OpenBSD 3.9-stable (GENERIC) #5: Thu Jan 4 19:36:23 GMT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Xeon(TM) CPU 2.80GHz ("GenuineIntel" 686-class) 2.80 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,CNXT-ID real mem = 2146807808 (2096492K) avail mem = 1952804864 (1907036K) using 4278 buffers containing 107442176 bytes (104924K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 01/09/06, BIOS32 rev. 0 @ 0xffe90 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfb600/320 (18 entries) pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801EB/ER LPC" rev 0x00) pcibios0: PCI bus #9 is the last bus bios0: ROM list: 0xc/0xb000! 0xcb000/0x1000 0xcc000/0x800 0xcc800/0x1000 0xcd800/0x2600 0xec000/0x4000! ipmi0 at mainbus0: version 1.5 interface KCS iobase 0xca8/8 spacing 4 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 "Intel E7520 MCH" rev 0x09 ppb0 at pci0 dev 2 function 0 "Intel MCH PCIE" rev 0x09 pci1 at ppb0 bus 1 ppb1 at pci1 dev 0 function 0 "Intel IOP331 Channel 0" rev 0x06 pci2 at ppb1 bus 2 mpt0 at pci2 dev 5 function 0 "Symbios Logic 53c1030" rev 0x08: irq 7 scsibus0 at mpt0: 16 targets mpt1 at pci2 dev 5 function 1 "Symbios Logic 53c1030" rev 0x08: irq 3 scsibus1 at mpt1: 16 targets ppb2 at pci1 dev 0 function 2 "Intel IOP331 Channel 1" rev 0x06 pci3 at ppb2 bus 3 ami0 at pci3 dev 11 function 0 "Symbios Logic MegaRAID" rev 0x01: irq 3 Dell 518 64b/lhc ami0: FW 352A, BIOS v1.10, 128MB RAM ami0: 2 channels, 0 FC loops, 1 logical drives scsibus2 at ami0: 40 targets sd0 at scsibus2 targ 0 lun 0: SCSI2 0/direct fixed sd0: 279800MB, 279800 cyl, 64 head, 32 sec, 512 bytes/sec, 573030400 sec total scsibus3 at ami0: 16 targets safte0 at scsibus3 targ 6 lun 0: SCSI2 3/processor fixed scsibus4 at ami0: 16 targets ppb3 at pci0 dev 4 function 0 "Intel MCH PCIE" rev 0x09 pci4 at ppb3 bus 4 ppb4 at pci0 dev 5 function 0 "Intel MCH PCIE" rev 0x09 pci5 at ppb4 bus 5 ppb5 at pci5 dev 0 function 0 "Intel PCIE-PCIE" rev 0x09 pci6 at ppb5 bus 6 em0 at pci6 dev 7 function 0 "Intel PRO/1000MT (82541GI)" rev 0x05: irq 11, address 00:18:8b:34:86:bd ppb6 at pci5 dev 0 function 2 "Intel PCIE-PCIE" rev 0x09 pci7 at ppb6 bus 7 em1 at pci7 dev 8 function 0 "Intel PRO/1000MT (82541GI)" rev 0x05: irq 3, address 00:18:8b:34:86:be ppb7 at pci0 dev 6 function 0 "Intel MCH PCIE" rev 0x09 pci8 at ppb7 bus 8 uhci0 at pci0 dev 29 function 0 "Intel 82801EB/ER USB" rev 0x02: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 "Intel 82801EB/ER USB" rev 0x02: irq 10 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 "Intel 82801EB/ER USB" rev 0x02: irq 7 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 "Intel 82801EB/ER USB2" rev 0x02: irq 5 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered ppb8 at pci0 dev 30 function
sftp logins
Hello misc@ Is there a way to quickly show current and historical sftp logins in a format like the command 'last'? I've looked at ac (doesn't record sftp) and sa (way too much data, and the wrong sort) so far. cheers -- John
Re: is there [EMAIL PROTECTED] archive?
On 2/17/07, Otto Moerbeek <[EMAIL PROTECTED]> wrote: On Sat, 17 Feb 2007, Dunceor wrote: > > The dmesgs submitted to [EMAIL PROTECTED] are not publicly accessible. > > At some point in time this was discussed, but we can't do that, since > > we never told people that they would be published. So they remain > > accessible to developers only. They are consulted very often, so keep > > them coming in! > > > > -Otto > > > > > > It's understandable that old dmesg can't be shown but isn't it > possible to start on a new archive and inform user that all dmesg they > will send in from this point will be accesible online for everybody? I > have also thought the idea to have it public before and it would be > great. > > Then the old archive could still be used by dev's but a new archive > could easily be built up. On the other hand, we'd hate it (and the project would suffer) if people would become reluctant to send in their dmesg. Publishing dmesgs could mean less dmesgs would be submitted. -Otto Sorry, only sent private... If that would be the case, yes then there is no reason for it. But I don't see the reason why people would be more reluctant to send in their dmesg? It does not provide any private information. Well it was just an idea, maybe i'll just hack together a online dmesg tool and let the people who wants to send it be able to send it. BR Dunceor
Re: is there [EMAIL PROTECTED] archive?
On Sat, 17 Feb 2007, Dunceor wrote: > > The dmesgs submitted to [EMAIL PROTECTED] are not publicly accessible. > > At some point in time this was discussed, but we can't do that, since > > we never told people that they would be published. So they remain > > accessible to developers only. They are consulted very often, so keep > > them coming in! > > > > -Otto > > > > > > It's understandable that old dmesg can't be shown but isn't it > possible to start on a new archive and inform user that all dmesg they > will send in from this point will be accesible online for everybody? I > have also thought the idea to have it public before and it would be > great. > > Then the old archive could still be used by dev's but a new archive > could easily be built up. On the other hand, we'd hate it (and the project would suffer) if people would become reluctant to send in their dmesg. Publishing dmesgs could mean less dmesgs would be submitted. -Otto
Re: SIP on OpenBSD
On Fri, Feb 16, 2007 at 06:01:53PM +, Stuart Henderson wrote: > On 2007/02/16 17:07, Karel Kulhavy wrote: > > WARNING[32174]: chan_oss.c:470 soundcard_init: Unable to open /dev/dsp: No > > such > > file or directory This was an excerpt from the book - not an actual error message I got. I found in the OpenBSD installation, chan_oss.so is completely missing. Consequently, Asterisk cannot work with the console under OpenBSD :( CL<
Re: is there [EMAIL PROTECTED] archive?
On 2/17/07, Otto Moerbeek <[EMAIL PROTECTED]> wrote: On Sat, 17 Feb 2007, [EMAIL PROTECTED] wrote: > i'm looking for new mobos (both embedded & "normal") & wondered if there's any > way to search through sumbitted [EMAIL PROTECTED] (you do all send in your > dmesg don't you?) to see what people ran into previously. gmane & marc have > proved reasonably light on > > the only thing i found was http://www.nycbug.org/?NAV=dmesgd;f_bsd=OpenBSD > which was not extensive enough - but a nice interface! The dmesgs submitted to [EMAIL PROTECTED] are not publicly accessible. At some point in time this was discussed, but we can't do that, since we never told people that they would be published. So they remain accessible to developers only. They are consulted very often, so keep them coming in! -Otto It's understandable that old dmesg can't be shown but isn't it possible to start on a new archive and inform user that all dmesg they will send in from this point will be accesible online for everybody? I have also thought the idea to have it public before and it would be great. Then the old archive could still be used by dev's but a new archive could easily be built up. Just an idea. Thanks. BR Dunceor