Re: pgt firmware ...
Thank you Peter. I still get the same error message (error line wrapped): pkg_add ./pgt-firmware-1.2p2.tgz Bad pkg_db: No such file or directory at /usr/libdata/perl5/OpenBSD/PackageInfo.pm line 63. Line 63: opendir(my $dir, $pkg_db) or die Bad pkg_db: $!); Somethings wrong with my environment but what ... On 27/02/2012, Peter Hessler phess...@theapt.org wrote: NO! For the love of everything holy, don't fucking use wget. the built-in ftp(1) client can download from http servers. and, do NOT just extract the files. we have package tools for a reason. EITHER: a) pkg_add http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz OR b) ftp http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz pkg_add ./pgt-firmware-1.2.tgz Anything else is stupid. On 2012 Feb 26 (Sun) at 18:21:31 +0400 (+0400), Wesley M. wrote: :Try this : :add wget package using pkg_add -vi wget :wget http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2p2.tgz :Then extract this in /etc/firmware. :Halt your machine, Remove your network card, and now plug the new card, :boot : :Hope that it will help. : :Wesley. : : :On Mon, 27 Feb 2012 00:02:28 +1030, David Walker :davidianwal...@gmail.com wrote: : Thanks Wesley. : : I forgot about that. : I was going from man pgt which says: : FILES : : A prepackaged version of the firmware, designed to be used with : pkg_add(1), can be found at: : : http://firmware.openbsd.org/firmware/pgt-firmware-1.2.tgz : : The problem I have is that fw_update doesn't accept arguments and I : need the adjacent pcmcia slot for the ethernet card and they are both : bulky cards. : I need to remove the conexant card to insert the ethernet card to : access the network and then fw_update reports there are no devices to : update - the conexant card is no longer attached. : :] : : If you can think of a way to run this locally it'd be great. : : On 26/02/2012, Wesley M. open...@e-solutions.re wrote: : try fw_update (provided in OpenBSD 5.0) : : Wesley. : : On Sun, 26 Feb 2012 17:51:03 +1030, David Walker : davidianwal...@gmail.com wrote: : Hi. : : I'm trying to do: : pkg_add http://firmware.openbsd.olg/firmware/pgt-firmware-1.2.tgz : : I get this: : parsing pgt-firmware-1.2.tgz : Bad pkg_db: No such file or directory at : /usr/libdata/perl5/OpenBSD/PackageInfo. : pm line 63. : : Do I need to add perl manually? : : Best wishes. : -- Cleaning your house while your kids are still growing is like shoveling the walk before it stops snowing. -- Phyllis Diller
Re: pgt firmware ...
2012/2/27 David Walker davidianwal...@gmail.com: Thank you Peter. I still get the same error message (error line wrapped): pkg_add ./pgt-firmware-1.2p2.tgz Bad pkg_db: No such file or directory at [...] Somethings wrong with my environment but what ... Yes, the thing that makes it impossible for you to run exactly what we tell you to, and instead you add ./name-of-package when pkg_add takes URLs directly. Now exactly what in your environment is doing that, I can't really tell. -- To our sweethearts and wives. May they never meet. -- 19th century toast
Novedades
Pila Teleqa Hola, soy Marco Pila, el responsable de la editorial Pila Teleqa. Si te estoy enviando este email es porque de alguna manera estas interesado en la Educacisn Fmsica o el deporte, o en alguna ocasisn hemos cruzado un correo, tal vez por mediacisn de algzn conocido, no lo si. Si no quieres saber nada de la editorial Pila Teleqa, la actividad fmsica, el deporte y la Educacisn Fmsica, date de baja aqum : click aqum y perdona las molestias. Para el resto, espero que la mayorma, los que sm teniis algo que ver con la Educacisn Fmsica o el deporte, ahm va una informacisn que os puede interesar: La editorial Pila Teleqa fue fundada por mi padre en 1972. Il era catedratico. Un dma se encontraba en el INEF de Madrid, cuando era el znico de Espaqa, en el lugar de las fotocopias que estaba en la planta baja. Pero por entonces era una maquina de estarcido, un cacharro realmente grande, redondo, que iba a mano, dando vueltas a una manivela, que se llenaba de tinta y se le pegaba como una hoja medio translzcida... Tras unas cuatro horas dandole a la manivela un servidor, mientras mi padre organizaba (si algzn alumno suyo lee esto lo reconocera...), un bedel que apilaba los folios ya hechos dijo: -Sr. Pila, ?y si en vez de pasarse usted aqum tantas horas los manda a una imprenta y los publica? Y he aqum que nacis la idea de +Metodologma de la enseqanza de la Educacisn Fmsica;, que se publics, inaugurando asm la creacisn de esta editorial. Un negocio familiar. Mucho ha llovido desde entonces y ya son muy pocos en activo que puedan dar fe de la primera edicisn. Una cosa siempre hemos tenido claro en esta editorial a lo largo de estos aqos: la importancia de la Educacisn Fmsica, siempre en mayzsculas, el deporte y la actividad fmsica en general. No nos cansaremos jamas de proclamar que existe un vmnculo vital, intrmnseco, mntimo entre el intelecto, la mente, el cerebro y el cuerpo. Que somos cuerpo fmsico y mente pensante, y que el uno con el otro han de caminar armsnicamente por el bien del propio individuo. Todos nosotros, que compartimos este interis por la actividad fmsica, lo entendemos. El problema estriba en csmo compartir este saber con el resto de la sociedad. !Eh, todos vosotros ahm afuera! Al loro, que la actividad fmsica, el moverse, el deporte, implican...: toma ya, agarrate... salud. Por lo mas sagrado, que no falte mejora de las condiciones fmsicas, mejor riego sangumneo, mejora de la capacidad pulmonar, coordinacisn, flexibilidad, postura, solidaridad, amistad, superacisn, disciplina, compaqerismo, triunfo, fracaso, ilusisn, mas superacisn, sudor, vestuario, higiene, amistad, satisfaccisn... y sigue tz mismo, la lista se hace muy larga. Todo esto y mucho mas significan la actividad fmsica, el deporte y la madre de todos, que es la Educacisn Fmsica, con mayzsculas, como siempre. Haz clic aqum para leer mas. [IMAGE] Para dase de baja hacer click aqum
Re: pgt firmware ...
Hi Magnus. That was the issue - that directory didn't exist. It was my fault - playing with fstab ... Unfortunately it seems there's bigger issue anyway. When I plug the card in there's either no action (no ifconfig, no LEDs, no console message) or I get a panic. It happens invariably (I think) if the card's in at boot, here's one (hand typed) ... cbb0: rbus no bus space panic: io alloc Stopped at Debugger+0x4: popl %ebp ddb I've done 'ps' and 'trace' but they're a bit long to transcribe right now. I did 'boot dump' and can see the dump in /var/crash - when I get sometime I'll try and read some more man pages and see if I can extract anything useful. If anyone's interested and wants me to extract anything, please tell me how, and I'll do it soonest. I'm not sure what I'm looking for. Regardless, I might re-install so I can guarantee any other changes I've made are voided and try again. It's quite possible theres an issue with the card also. I might try it on another OS to verify that. Best wishes. On 27/02/2012, Magnus mag...@tokra.org wrote: Hello, check that you have the path /var/db/pkg Information about the package(s) is recorded in a central repository, by default located in /var/db/pkg/. This will, among other things, prevent the dependencies of a package from being deleted before the package itself has been deleted. This helps ensure that an application cannot be accidentally broken by a careless user f.i. mine looks like this: # ls -Fl /var/db/pkg total 76 drwxr-xr-x 2 root wheel 512 Oct 19 11:29 bacula-client-5.0.2p1/ drwxr-xr-x 2 root wheel 512 Sep 13 10:14 bash-4.1.9p0/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 dnsmasq-2.55/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 gd-2.0.35p0/ drwxr-xr-x 2 root wheel 512 Sep 13 10:14 gettext-0.18.1p0/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 joe-3.7p0/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 jpeg-8b/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 libdnet-1.12p1/ drwxr-xr-x 2 root wheel 512 Sep 13 10:14 libiconv-1.13p2/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 lua-5.1.4p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 nano-2.2.6/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 ngrep-1.45p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 nmap-5.21p3/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 ntop-1.1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 pcre-8.02p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 pfstat-2.3p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 png-1.2.44/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 postfix-2.8.20110113/ drwxr-xr-x 2 root wheel 512 Sep 12 12:56 screen-4.0.3p2/ // Magnus On 2012-02-27 12:58, David Walker wrote: Thank you Peter. I still get the same error message (error line wrapped): pkg_add ./pgt-firmware-1.2p2.tgz Bad pkg_db: No such file or directory at /usr/libdata/perl5/OpenBSD/PackageInfo.pm line 63. Line 63: opendir(my $dir, $pkg_db) or die Bad pkg_db: $!); Somethings wrong with my environment but what ... On 27/02/2012, Peter Hessler phess...@theapt.org wrote: NO! For the love of everything holy, don't fucking use wget. the built-in ftp(1) client can download from http servers. and, do NOT just extract the files. we have package tools for a reason. EITHER: a) pkg_add http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz OR b) ftp http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz pkg_add ./pgt-firmware-1.2.tgz Anything else is stupid. On 2012 Feb 26 (Sun) at 18:21:31 +0400 (+0400), Wesley M. wrote: :Try this : :add wget package using pkg_add -vi wget :wget http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2p2.tgz :Then extract this in /etc/firmware. :Halt your machine, Remove your network card, and now plug the new card, :boot : :Hope that it will help. : :Wesley. : : :On Mon, 27 Feb 2012 00:02:28 +1030, David Walker :davidianwal...@gmail.com wrote: : Thanks Wesley. : : I forgot about that. : I was going from man pgt which says: : FILES : : A prepackaged version of the firmware, designed to be used with : pkg_add(1), can be found at: : : http://firmware.openbsd.org/firmware/pgt-firmware-1.2.tgz : : The problem I have is that fw_update doesn't accept arguments and I : need the adjacent pcmcia slot for the ethernet card and they are both : bulky cards. : I need to remove the conexant card to insert the ethernet card to : access the network and then fw_update reports there are no devices to : update - the conexant card is no longer attached. : :] : : If you can think of a way to run this locally it'd be great. : : On 26/02/2012, Wesley M. open...@e-solutions.re wrote: : try fw_update (provided in OpenBSD 5.0) : : Wesley. : : On Sun, 26 Feb 2012 17:51:03 +1030, David Walker : davidianwal...@gmail.com wrote: : Hi. : : I'm trying to do: : pkg_add http://firmware.openbsd.olg/firmware/pgt-firmware-1.2.tgz : : I get this: : parsing
Re: pgt firmware ...
Why don't you try to install a snapshot version ? Just to see if the problem is resolved for the next release (5.1)... And sorry for the wget advice :-) All the best, Wesley. On Tue, 28 Feb 2012 00:33:06 +1030, David Walker davidianwal...@gmail.com wrote: Hi Magnus. That was the issue - that directory didn't exist. It was my fault - playing with fstab ... Unfortunately it seems there's bigger issue anyway. When I plug the card in there's either no action (no ifconfig, no LEDs, no console message) or I get a panic. It happens invariably (I think) if the card's in at boot, here's one (hand typed) ... cbb0: rbus no bus space panic: io alloc Stopped at Debugger+0x4: popl %ebp ddb I've done 'ps' and 'trace' but they're a bit long to transcribe right now. I did 'boot dump' and can see the dump in /var/crash - when I get sometime I'll try and read some more man pages and see if I can extract anything useful. If anyone's interested and wants me to extract anything, please tell me how, and I'll do it soonest. I'm not sure what I'm looking for. Regardless, I might re-install so I can guarantee any other changes I've made are voided and try again. It's quite possible theres an issue with the card also. I might try it on another OS to verify that. Best wishes. On 27/02/2012, Magnus mag...@tokra.org wrote: Hello, check that you have the path /var/db/pkg Information about the package(s) is recorded in a central repository, by default located in /var/db/pkg/. This will, among other things, prevent the dependencies of a package from being deleted before the package itself has been deleted. This helps ensure that an application cannot be accidentally broken by a careless user f.i. mine looks like this: # ls -Fl /var/db/pkg total 76 drwxr-xr-x 2 root wheel 512 Oct 19 11:29 bacula-client-5.0.2p1/ drwxr-xr-x 2 root wheel 512 Sep 13 10:14 bash-4.1.9p0/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 dnsmasq-2.55/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 gd-2.0.35p0/ drwxr-xr-x 2 root wheel 512 Sep 13 10:14 gettext-0.18.1p0/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 joe-3.7p0/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 jpeg-8b/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 libdnet-1.12p1/ drwxr-xr-x 2 root wheel 512 Sep 13 10:14 libiconv-1.13p2/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 lua-5.1.4p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 nano-2.2.6/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 ngrep-1.45p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 nmap-5.21p3/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 ntop-1.1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 pcre-8.02p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 pfstat-2.3p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 png-1.2.44/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 postfix-2.8.20110113/ drwxr-xr-x 2 root wheel 512 Sep 12 12:56 screen-4.0.3p2/ // Magnus On 2012-02-27 12:58, David Walker wrote: Thank you Peter. I still get the same error message (error line wrapped): pkg_add ./pgt-firmware-1.2p2.tgz Bad pkg_db: No such file or directory at /usr/libdata/perl5/OpenBSD/PackageInfo.pm line 63. Line 63: opendir(my $dir, $pkg_db) or die Bad pkg_db: $!); Somethings wrong with my environment but what ... On 27/02/2012, Peter Hessler phess...@theapt.org wrote: NO! For the love of everything holy, don't fucking use wget. the built-in ftp(1) client can download from http servers. and, do NOT just extract the files. we have package tools for a reason. EITHER: a) pkg_add http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz OR b) ftp http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz pkg_add ./pgt-firmware-1.2.tgz Anything else is stupid. On 2012 Feb 26 (Sun) at 18:21:31 +0400 (+0400), Wesley M. wrote: :Try this : :add wget package using pkg_add -vi wget :wget http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2p2.tgz :Then extract this in /etc/firmware. :Halt your machine, Remove your network card, and now plug the new card, :boot : :Hope that it will help. : :Wesley. : : :On Mon, 27 Feb 2012 00:02:28 +1030, David Walker :davidianwal...@gmail.com wrote: : Thanks Wesley. : : I forgot about that. : I was going from man pgt which says: : FILES : : A prepackaged version of the firmware, designed to be used with : pkg_add(1), can be found at: : : http://firmware.openbsd.org/firmware/pgt-firmware-1.2.tgz : : The problem I have is that fw_update doesn't accept arguments and I : need the adjacent pcmcia slot for the ethernet card and they are both : bulky cards. : I need to remove the conexant card to insert the ethernet card to : access the network and then fw_update reports there are no devices to : update - the conexant card is no longer attached. : :] : : If you can think of a way to run this locally it'd be great. : : On 26/02/2012, Wesley M.
Re: pgt firmware ...
Hi Wesley. On 28/02/2012, Wesley M. open...@e-solutions.re wrote: Why don't you try to install a snapshot version ? Just to see if the problem is resolved for the next release (5.1)... I have some access to ADSL for the time being so I'll try do that. And sorry for the wget advice :-) Thank you for reminding me about fw_update in your initial reply. Besides, I broke my system (rule number one) - it's all on me anyway. All the best, Wesley. On Tue, 28 Feb 2012 00:33:06 +1030, David Walker davidianwal...@gmail.com wrote: Hi Magnus. That was the issue - that directory didn't exist. It was my fault - playing with fstab ... Unfortunately it seems there's bigger issue anyway. When I plug the card in there's either no action (no ifconfig, no LEDs, no console message) or I get a panic. It happens invariably (I think) if the card's in at boot, here's one (hand typed) ... cbb0: rbus no bus space panic: io alloc Stopped at Debugger+0x4: popl %ebp ddb I've done 'ps' and 'trace' but they're a bit long to transcribe right now. I did 'boot dump' and can see the dump in /var/crash - when I get sometime I'll try and read some more man pages and see if I can extract anything useful. If anyone's interested and wants me to extract anything, please tell me how, and I'll do it soonest. I'm not sure what I'm looking for. Regardless, I might re-install so I can guarantee any other changes I've made are voided and try again. It's quite possible theres an issue with the card also. I might try it on another OS to verify that. Best wishes. On 27/02/2012, Magnus mag...@tokra.org wrote: Hello, check that you have the path /var/db/pkg Information about the package(s) is recorded in a central repository, by default located in /var/db/pkg/. This will, among other things, prevent the dependencies of a package from being deleted before the package itself has been deleted. This helps ensure that an application cannot be accidentally broken by a careless user f.i. mine looks like this: # ls -Fl /var/db/pkg total 76 drwxr-xr-x 2 root wheel 512 Oct 19 11:29 bacula-client-5.0.2p1/ drwxr-xr-x 2 root wheel 512 Sep 13 10:14 bash-4.1.9p0/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 dnsmasq-2.55/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 gd-2.0.35p0/ drwxr-xr-x 2 root wheel 512 Sep 13 10:14 gettext-0.18.1p0/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 joe-3.7p0/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 jpeg-8b/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 libdnet-1.12p1/ drwxr-xr-x 2 root wheel 512 Sep 13 10:14 libiconv-1.13p2/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 lua-5.1.4p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 nano-2.2.6/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 ngrep-1.45p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 nmap-5.21p3/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 ntop-1.1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 pcre-8.02p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 pfstat-2.3p1/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 png-1.2.44/ drwxr-xr-x 2 root wheel 512 Jun 15 2011 postfix-2.8.20110113/ drwxr-xr-x 2 root wheel 512 Sep 12 12:56 screen-4.0.3p2/ // Magnus On 2012-02-27 12:58, David Walker wrote: Thank you Peter. I still get the same error message (error line wrapped): pkg_add ./pgt-firmware-1.2p2.tgz Bad pkg_db: No such file or directory at /usr/libdata/perl5/OpenBSD/PackageInfo.pm line 63. Line 63: opendir(my $dir, $pkg_db) or die Bad pkg_db: $!); Somethings wrong with my environment but what ... On 27/02/2012, Peter Hessler phess...@theapt.org wrote: NO! For the love of everything holy, don't fucking use wget. the built-in ftp(1) client can download from http servers. and, do NOT just extract the files. we have package tools for a reason. EITHER: a) pkg_add http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz OR b) ftp http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz pkg_add ./pgt-firmware-1.2.tgz Anything else is stupid. On 2012 Feb 26 (Sun) at 18:21:31 +0400 (+0400), Wesley M. wrote: :Try this : :add wget package using pkg_add -vi wget :wget http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2p2.tgz :Then extract this in /etc/firmware. :Halt your machine, Remove your network card, and now plug the new card, :boot : :Hope that it will help. : :Wesley. : : :On Mon, 27 Feb 2012 00:02:28 +1030, David Walker :davidianwal...@gmail.com wrote: : Thanks Wesley. : : I forgot about that. : I was going from man pgt which says: : FILES : : A prepackaged version of the firmware, designed to be used with : pkg_add(1), can be found at: : : http://firmware.openbsd.org/firmware/pgt-firmware-1.2.tgz : : The problem I have is that fw_update doesn't accept arguments and I : need the adjacent pcmcia slot for the ethernet card and they are both : bulky cards. : I need to remove the conexant
Re: pgt firmware ...
On Mon, Feb 27, 2012 at 10:28:01PM +1030, David Walker wrote: Thank you Peter. I still get the same error message (error line wrapped): pkg_add ./pgt-firmware-1.2p2.tgz Bad pkg_db: No such file or directory at /usr/libdata/perl5/OpenBSD/PackageInfo.pm line 63. Line 63: opendir(my $dir, $pkg_db) or die Bad pkg_db: $!); Somethings wrong with my environment but what ... This smells like a bad install of OpenBSD. Your /var is lacking /var/db/pkg. Maybe rerun mtree to verify your install. On 27/02/2012, Peter Hessler phess...@theapt.org wrote: NO! For the love of everything holy, don't fucking use wget. the built-in ftp(1) client can download from http servers. and, do NOT just extract the files. we have package tools for a reason. EITHER: a) pkg_add http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz OR b) ftp http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz pkg_add ./pgt-firmware-1.2.tgz Anything else is stupid. On 2012 Feb 26 (Sun) at 18:21:31 +0400 (+0400), Wesley M. wrote: :Try this : :add wget package using pkg_add -vi wget :wget http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2p2.tgz :Then extract this in /etc/firmware. :Halt your machine, Remove your network card, and now plug the new card, :boot : :Hope that it will help. : :Wesley. : : :On Mon, 27 Feb 2012 00:02:28 +1030, David Walker :davidianwal...@gmail.com wrote: : Thanks Wesley. : : I forgot about that. : I was going from man pgt which says: : FILES : : A prepackaged version of the firmware, designed to be used with : pkg_add(1), can be found at: : : http://firmware.openbsd.org/firmware/pgt-firmware-1.2.tgz : : The problem I have is that fw_update doesn't accept arguments and I : need the adjacent pcmcia slot for the ethernet card and they are both : bulky cards. : I need to remove the conexant card to insert the ethernet card to : access the network and then fw_update reports there are no devices to : update - the conexant card is no longer attached. : :] : : If you can think of a way to run this locally it'd be great. : : On 26/02/2012, Wesley M. open...@e-solutions.re wrote: : try fw_update (provided in OpenBSD 5.0) : : Wesley. : : On Sun, 26 Feb 2012 17:51:03 +1030, David Walker : davidianwal...@gmail.com wrote: : Hi. : : I'm trying to do: : pkg_add http://firmware.openbsd.olg/firmware/pgt-firmware-1.2.tgz : : I get this: : parsing pgt-firmware-1.2.tgz : Bad pkg_db: No such file or directory at : /usr/libdata/perl5/OpenBSD/PackageInfo. : pm line 63. : : Do I need to add perl manually? : : Best wishes. : -- Cleaning your house while your kids are still growing is like shoveling the walk before it stops snowing. -- Phyllis Diller -- :wq Claudio
!cześć
czeED,misc iphone 4s 16gb 320euro. ipad 2 32gb 336euro Witamy na naszej stronie camera, laptop, moto, zegarek,watch.. cena jest bardzo niEsza, wysyEka jest darmowa s i t e : www. flyd.com 22:45:27
AHCI0 errors with 5.1-current
I recently upgraded an HP dv7-6b63us notebook (dmesg below) to amd64/mp 5.1-current as of about 11:30 EST 25 February 2012 (rebuilt from source several times since installing a 7 February snapshot) and have started seeing ahci0: attempting to idle device ahci0: couldn't recover NCQ error, failing all outstanding commands. messages on the console and in the dmesg buffer; their timing doesn't correlate with anything obvious to me. If anyone has test code to run or other suggestions for how to track this down I'll be happy to help. Dave OpenBSD 5.1-current (GENERIC.MP) #1: Sat Feb 25 23:04:41 EST 2012 r...@minya.daveanderson.com:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 6387134464 (6091MB) avail mem = 6202941440 (5915MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe67b0 (33 entries) bios0: vendor Hewlett-Packard version F.02 date 10/03/2011 bios0: Hewlett-Packard HP Pavilion dv7 Notebook PC acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP ASF! HPET APIC MCFG SLIC SSDT BOOT ASPT SSDT SSDT SSDT SSDT acpi0: wakeup devices P0P1(S3) LID_(S3) GLAN(S4) EHC1(S3) EHC2(S3) HDEF(S0) PXSX(S4) RP01(S4) PXSX(S4) RP02(S3) PXSX(S4) RP03(S3) PXSX(S4) RP04(S3) PXSX(S4) RP05(S3) PXSX(S4) RP06(S3) PXSX(S4) RP07(S3) PXSX(S4) RP08(S3) PEG0(S4) PEGP(S4) PEG1(S4) PEG2(S4) PEG3(S4) PWRB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.75 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,AES,XSAVE,AVX,NXE,LONG,LAHF cpu0: 256KB 64b/line 8-way L2 cache cpu0: apic clock running at 99MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,AES,XSAVE,AVX,NXE,LONG,LAHF cpu1: 256KB 64b/line 8-way L2 cache cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,AES,XSAVE,AVX,NXE,LONG,LAHF cpu2: 256KB 64b/line 8-way L2 cache cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,AES,XSAVE,AVX,NXE,LONG,LAHF cpu3: 256KB 64b/line 8-way L2 cache cpu4 at mainbus0: apid 4 (application processor) cpu4: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu4: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,AES,XSAVE,AVX,NXE,LONG,LAHF cpu4: 256KB 64b/line 8-way L2 cache cpu5 at mainbus0: apid 5 (application processor) cpu5: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu5: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,AES,XSAVE,AVX,NXE,LONG,LAHF cpu5: 256KB 64b/line 8-way L2 cache cpu6 at mainbus0: apid 6 (application processor) cpu6: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu6: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,AES,XSAVE,AVX,NXE,LONG,LAHF cpu6: 256KB 64b/line 8-way L2 cache cpu7 at mainbus0: apid 7 (application processor) cpu7: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu7: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,AES,XSAVE,AVX,NXE,LONG,LAHF cpu7: 256KB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 0 pa 0xfec0, version 20, 24 pins acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (P0P1) acpiprt2 at acpi0: bus 1 (RP01) acpiprt3 at acpi0: bus 7 (RP02) acpiprt4 at acpi0: bus 13 (RP03) acpiprt5 at acpi0: bus 19 (RP04) acpiprt6 at acpi0: bus -1 (RP05) acpiprt7 at acpi0: bus -1 (RP06) acpiprt8 at acpi0: bus -1
Router project on OpenBSD questions
Hi, this is my first posting here :-) I have currently only used OpenBSD as a test vector setup on VirtualBox and 2x Sun Fire V240's as a DNS server (master/slave) using Bind9. So basically in short am an OpenBSD newbee :-) Ok so here goes; I've been using FreeBSD for around 3+ years now and really enjoy it, in comparing OpenBSD to FreeBSD I first would like to get some user experience of the major advantages over it. From my reading it's meant to be more secure, from my (vastly) limited experience it's quite different to work with then FreeBSD. -Could anyone give me any summarized answers to compare the two? Now here comes the major project For the last past 4 years or so I've been hosting various OpenSource projects from home and have a setup similar to the OpenBSD rack pics on the openbsd.org site :-) To fill the role of router I have used till now, a Cisco 857, 877, and 1801 all of who's power I've managed to max out!! :-( As a qualified Cisco engineer but also budding UNIX engineer/enthusiast I've come to understand that Cisco boxes are underpowered and overpriced Graphing the Cisco's using SNMP and RRD tools using Cacti, the CPU's tend to max-out after the TCP/IP flows start reaching 1000+ and so goes the memory too. Then I loose all kind of connectivity as the router either crashes or becomes unstable. So I would like to build a router out of a Quad Core Xeon system. I've selected the hardware for it already and the software barring the base OS. The hardware will run a socket 1366 Xeon using a Supermicro system board. (I'm sure this will be 100% compatible with OpenBSD or FreeBSD whichever I chose) http://www.supermicro.nl/products/motherboard/Xeon3000/X58/X8SAX.cfm Additionally I would like to run a 5.25 LCD in the chassis front to monitor on the fly system output using Lcdproc - this is available on FreeBSD using ports but not sure about OpenBSD though I'm sure can be easily compiled if necessary. Something like the PicoLCD from Mini-Box or Matrix-Orbital displays or similar. --actually I think VFD's are kinda cool but need to find a 5.25 one :-) I also would like to know if anyone knows of any ADSL2+ Annex M standard PCI (/x/) based modem card that I can use to connect to my ISP with instead of using an external device? So far in my search I came across this: http://linitx.com/viewcategory.php?catid=47 Of which manufacturers seem to be: http://www.rocksolidelectronics.com/pages/products.php Are these going to be OpenBSD compatible or are there others??? Does anyone know of a VDSL2 solution like this also? For software I plan to use Quagga/Zebra which should be in the ports or compatible easily coupled with NAT, ACL's, Firewall using PF or so In this case comparing FreeBSD, what's OpenBSD's performance like for Firewall/IDS/IPS systems?? Is OpenBSD compatible with Cisco VTP and STP to trunk VLANs to Cisco switches? I did discover this already: http://fengnet.com/book/icuna/ch05lev1sec5.html so it would seem so, however I do not know if link-aggregation would work?? As in Cisco Etherchannel to multiple ports on the router. There are many more questions I have but will refrain from asking at this phase as most of them can be got round by researching; like Cisco IPSEC/GRE VPN compatibility et el. i think am just worried about the ADSL2 modem card mainly as most of the above can be got over with testing and trying things out :-) It's just a pain that a Cisco 2901 for example as claimed by Cisco can only route at 75Mbps (ok routing uses PPS but wirespeed is not available unless going carrier grade). Especially now that companies are slowly starting to release Residential Fiber networks upto 1Gbps... would render the Cisco's maxed-out power wise. I know there are a lot of questions here but am hoping that some of them can be answered or at least advise given pre-testing :-) Many thanks and best regards, Kaya
Re: Router project on OpenBSD questions
On 27 February 2012 16:38, Kaya Saman kayasa...@gmail.com wrote: Hi, this is my first posting here :-) I have currently only used OpenBSD as a test vector setup on VirtualBox and 2x Sun Fire V240's as a DNS server (master/slave) using Bind9. So basically in short am an OpenBSD newbee :-) Ok so here goes; I've been using FreeBSD for around 3+ years now and really enjoy it, in comparing OpenBSD to FreeBSD I first would like to get some user experience of the major advantages over it. From my reading it's meant to be more secure, from my (vastly) limited experience it's quite different to work with then FreeBSD. -Could anyone give me any summarized answers to compare the two? Now here comes the major project For the last past 4 years or so I've been hosting various OpenSource projects from home and have a setup similar to the OpenBSD rack pics on the openbsd.org site :-) To fill the role of router I have used till now, a Cisco 857, 877, and 1801 all of who's power I've managed to max out!! :-( As a qualified Cisco engineer but also budding UNIX engineer/enthusiast I've come to understand that Cisco boxes are underpowered and overpriced Graphing the Cisco's using SNMP and RRD tools using Cacti, the CPU's tend to max-out after the TCP/IP flows start reaching 1000+ and so goes the memory too. Then I loose all kind of connectivity as the router either crashes or becomes unstable. So I would like to build a router out of a Quad Core Xeon system. I've selected the hardware for it already and the software barring the base OS. You want the highest cache and highest frequency cpu you can find. MP will not help you with routing performance at all. The hardware will run a socket 1366 Xeon using a Supermicro system board. (I'm sure this will be 100% compatible with OpenBSD or FreeBSD whichever I chose) http://www.supermicro.nl/products/motherboard/Xeon3000/X58/X8SAX.cfm Additionally I would like to run a 5.25 LCD in the chassis front to monitor on the fly system output using Lcdproc - this is available on FreeBSD using ports but not sure about OpenBSD though I'm sure can be easily compiled if necessary. Something like the PicoLCD from Mini-Box or Matrix-Orbital displays or similar. --actually I think VFD's are kinda cool but need to find a 5.25 one :-) I also would like to know if anyone knows of any ADSL2+ Annex M standard PCI (/x/) based modem card that I can use to connect to my ISP with instead of using an external device? So far in my search I came across this: http://linitx.com/viewcategory.php?catid=47 Of which manufacturers seem to be: http://www.rocksolidelectronics.com/pages/products.php Are these going to be OpenBSD compatible or are there others??? Does anyone know of a VDSL2 solution like this also? For software I plan to use Quagga/Zebra which should be in the ports or compatible easily coupled with NAT, ACL's, Firewall using PF or so In OpenBSD there are actually usable routing daemons, OpenBGPD, OpenRIPD and OpenOSPFD. In this case comparing FreeBSD, what's OpenBSD's performance like for Firewall/IDS/IPS systems?? That's something only you can test, there are tons of variables in place here. Is OpenBSD compatible with Cisco VTP and STP to trunk VLANs to Cisco switches? I'm not familiar with VTP, the rest will be fine. I did discover this already: http://fengnet.com/book/icuna/ch05lev1sec5.html so it would seem so, however I do not know if link-aggregation would work?? As in Cisco Etherchannel to multiple ports on the router. Yep, trunk will work fine with a cisco. There are many more questions I have but will refrain from asking at this phase as most of them can be got round by researching; like Cisco IPSEC/GRE VPN compatibility et el. i think am just worried about the ADSL2 modem card mainly as most of the above can be got over with testing and trying things out :-) It's just a pain that a Cisco 2901 for example as claimed by Cisco can only route at 75Mbps (ok routing uses PPS but wirespeed is not available unless going carrier grade). Especially now that companies are slowly starting to release Residential Fiber networks upto 1Gbps... would render the Cisco's maxed-out power wise. With a decent hardware, I think you can reach 1mpps (that's million packets per second). I know there are a lot of questions here but am hoping that some of them can be answered or at least advise given pre-testing :-) Many thanks and best regards, Kaya Good luck
Re: Router project on OpenBSD questions
snip Good luck Many thanks Christiano for such a quick and comprehensive response :-) Regards, Kaya
Re: Router project on OpenBSD questions
So I would like to build a router out of a Quad Core Xeon system. I've selected the hardware for it already and the software barring the base OS. You want the highest cache and highest frequency cpu you can find. MP will not help you with routing performance at all. Something like this: http://ark.intel.com/products/53580/Intel-Xeon-Processor-E7-8870-%2830M-Cache-2_40-GHz-6_40-GTs-Intel-QPI%29 30MB cache @ 2.4GHz However this does raise the question, 32bit or 64bit??? And what would be the benefit for having multi CPU sockets or cores??? --I mean for an integrated Firewall/router yes one can offload processes and threads per core or socket With this though I'm betting that a Core2Quad Q8400s CPU (which I currently run on a FreeBSD based Mini-NAS mainframe) will be more powerful then any Cisco SMB based router? - I can see it being more powerful then my 8xx or 18xx series in anycase! Most DIY/Linux router boxes all seem to run Mini-ITX hardware on Intel ATOMs or VIA processors or Vyatta running standard x86 Multi-core architecture for their appliances; how does this relate to the equation? --K
Re: Router project on OpenBSD questions
On 27 February 2012 17:12, Kaya Saman kayasa...@gmail.com wrote: So I would like to build a router out of a Quad Core Xeon system. I've selected the hardware for it already and the software barring the base OS. You want the highest cache and highest frequency cpu you can find. MP will not help you with routing performance at all. Something like this: http://ark.intel.com/products/53580/Intel-Xeon-Processor-E7-8870-%2830M-Cache-2_40-GHz-6_40-GTs-Intel-QPI%29 30MB cache @ 2.4GHz However this does raise the question, 32bit or 64bit??? And what would be amd64, wow I had no idea such cpu was out already, I'm not sure if anyone ever tried running openbsd on such cpu. the benefit for having multi CPU sockets or cores??? Almost none for routing purposes, the kernel is big locked and all interrupts go to cpu0, so this basically means: You'll be routing packets on cpu0 *only*. But you'll get the benefit of of having the userland processes running on multiple cpus, so if you're basically routing/filtering with pf, MP won't make much difference. --I mean for an integrated Firewall/router yes one can offload processes and threads per core or socket Userland process will benefit from MP when running in userland, they'll get the biglock when doing a system call. You only have one process running in kernel land at-a-time. With this though I'm betting that a Core2Quad Q8400s CPU (which I currently run on a FreeBSD based Mini-NAS mainframe) will be more powerful then any Cisco SMB based router? - I can see it being more powerful then my 8xx or 18xx series in anycase! I don't know cisco, it's all about how much data you need to route. But if you were concerned about 75mbps, even my sun ultra 5 400mhz can do more than that. Do the math, I'd guess you can do *at least* 300mpps with any fairly modern cpu. Now do 300mpps * 1500bytes, that's your throughput for full sized packets. You may want to read this: http://www.undeadly.org/cgi?action=articlesid=2011101406 Most DIY/Linux router boxes all seem to run Mini-ITX hardware on Intel ATOMs or VIA processors or Vyatta running standard x86 Multi-core architecture for their appliances; how does this relate to the equation? Those are very weak processors, again, it's all about how much pps you need.
Re: Router project on OpenBSD questions
With this though I'm betting that a Core2Quad Q8400s CPU (which I currently run on a FreeBSD based Mini-NAS mainframe) will be more powerful then any Cisco SMB based router? - I can see it being more powerful then my 8xx or 18xx series in anycase! I don't know cisco, it's all about how much data you need to route. But if you were concerned about 75mbps, even my sun ultra 5 400mhz can do more than that. Do the math, I'd guess you can do *at least* 300mpps with any fairly modern cpu. Now do 300mpps * 1500bytes, that's your throughput for full sized packets. Hmm I think I OD'd and got a bit excited on the CPU mentioned as I don't even think it's out yet at least not in consumer land Something like this: Intel XeonX3680 Six Core 3.33GHz 12MB Cache might be more cost effective and better suited to my needs :-) Sun Ultra 5... you should have said something earlier ;-P I could then just whack OpenBSD onto my E420r lol - to be honest I was considering going for a used Sun Fire V210 but I don't think there are **any** ADSL modem cards available for SPARC! :-( otherwise that would have been an awsome box!! You may want to read this: http://www.undeadly.org/cgi?action=articlesid=2011101406 Thanks, that was interesting. Ok I know now that I'm going down the right road :-) Most DIY/Linux router boxes all seem to run Mini-ITX hardware on Intel ATOMs or VIA processors or Vyatta running standard x86 Multi-core architecture for their appliances; how does this relate to the equation? Those are very weak processors, again, it's all about how much pps you need. for SOHO's not engineers then :-) Thanks for all the support!!! Best regards, Kaya
random nat, ftp clients and 425: Securiy: Bad IP connecting
hello everyone, i'm having problem with ftp communication. when ftp client behind openbsd 5.0 firewall connects to ftp server or servers they see 425: Securiy: Bad IP connecting. openbsd has random nat with pool of /27 public addresess and inside hosts connect through that pool. when ftp-proxy is enabled or nat is configured without random nat option, everything is working like charm. problem is that i need that crazy random stuff :) is there any option to rotate ip adrese per ftp session? thank you. pf.conf: anchor ftp-proxy/* pass in quick on $intif14 inet proto tcp to port ftp divert-to 127.0.0.1 port 8021 match out on $outif proto tcp from 10.10.0.0/16 to port 25 nat-to $outif match out on $outif from nat01 nat-to 11.11.11.224/27 random match out on $outif from nat02 nat-to carp39 block in quick on $outif from bogus block in log on $outif pass in on $outif inet proto icmp icmp-type $icmp_types pass in on $outif from admins pass out anchor relayd/* pass in on $outif inet proto udp to 11.11.11.158 port 1194 pass in on $outif inet proto tcp to webs port www pass in on $outif inet proto tcp to 11.11.11.134 port 8080 rdr-to 10.10.13.20 pass in on $outif inet proto tcp to 11.11.11.136 port rdr-to 10.10.13.12 pass in on $outif inet proto tcp to 11.11.11.136 port { 80 443 } rdr-to 10.10.13.14 pass in on $outif inet proto tcp to 11.11.11.137 port 80 rdr-to 10.10.13.11 port 8000 pass in on $outif inet proto tcp to 11.11.11.137 port 25 rdr-to 10.10.13.25 pass in on $outif inet proto tcp to 11.11.11.138 port { 21 64000:65535 } rdr-to 10.10.13.20 pass in on $outif inet proto tcp from tablica1 to 11.11.11.136 port 25 rdr-to 10.10.13.24 pass in on $outif inet proto tcp from tablica2 to 11.11.11.134 port 1433 rdr-to 10.10.13.20 pass in on $outif inet proto tcp from tablica3 to 11.11.11.134 port 4848 rdr-to 10.10.13.20 log: ftp server: 22.22.22.22 ftp client: 11.11.11.11 [hrvoje@host01 ~]# ftp 22.22.22.22 Connected to ftp.server 220 (vsFTPd 2.3.2) 530 Please login with USER and PASS. 530 Please login with USER and PASS. Name (ftp.server:hrvoje): hrvoje 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp ls 227 Entering Passive Mode (22,22,22,22,195,180). 425 Security: Bad IP connecting. ftp quit tcpdump on ftp server: 21:10:55.108307 IP 11.11.11.247.55299 22.22.22.22.ftp: Flags [S], seq 1823690160, win 5840, options [mss 1460,sackOK,TS val 1372058329 ecr 0,nop,wscale 7], length 0 21:10:55.108376 IP 22.22.22.22.ftp 11.11.11.247.55299: Flags [S.], seq 2763428539, ack 1823690161, win 5792, options [mss 1460,sackOK,TS val 761964500 ecr 1372058329,nop,wscale 7], length 0 21:10:55.109439 IP 11.11.11.247.55299 22.22.22.22.ftp: Flags [.], ack 1, win 46, options [nop,nop,TS val 1372058330 ecr 761964500], length 0 21:10:55.111861 IP 22.22.22.22.ftp 11.11.11.247.55299: Flags [P.], seq 1:21, ack 1, win 46, options [nop,nop,TS val 761964500 ecr 1372058330], length 20 21:10:55.113298 IP 11.11.11.247.55299 22.22.22.22.ftp: Flags [.], ack 21, win 46, options [nop,nop,TS val 1372058334 ecr 761964500], length 0 21:10:55.113323 IP 11.11.11.247.55299 22.22.22.22.ftp: Flags [P.], seq 1:14, ack 21, win 46, options [nop,nop,TS val 1372058334 ecr 761964500], length 13 21:10:55.113337 IP 22.22.22.22.ftp 11.11.11.247.55299: Flags [.], ack 14, win 46, options [nop,nop,TS val 761964501 ecr 1372058334], length 0 21:10:55.113454 IP 22.22.22.22.ftp 11.11.11.247.55299: Flags [P.], seq 21:59, ack 14, win 46, options [nop,nop,TS val 761964501 ecr 1372058334], length 38 21:10:55.114089 IP 11.11.11.247.55299 22.22.22.22.ftp: Flags [P.], seq 14:32, ack 59, win 46, options [nop,nop,TS val 1372058335 ecr 761964501], length 18 21:10:55.114155 IP 22.22.22.22.ftp 11.11.11.247.55299: Flags [P.], seq 59:97, ack 32, win 46, options [nop,nop,TS val 761964501 ecr 1372058335], length 38 21:10:55.155151 IP 11.11.11.247.55299 22.22.22.22.ftp: Flags [.], ack 97, win 46, options [nop,nop,TS val 1372058376 ecr 761964501], length 0 21:10:57.098891 IP 11.11.11.247.55299 22.22.22.22.ftp: Flags [P.], seq 32:45, ack 97, win 46, options [nop,nop,TS val 1372060320 ecr 761964501], length 13 21:10:57.099137 IP 22.22.22.22.ftp 11.11.11.247.55299: Flags [P.], seq 97:131, ack 45, win 46, options [nop,nop,TS val 761964997 ecr 1372060320], length 34 21:10:57.099962 IP 11.11.11.247.55299 22.22.22.22.ftp: Flags [.], ack 131, win 46, options [nop,nop,TS val 1372060321 ecr 761964997], length 0 21:10:59.434184 IP 11.11.11.247.55299 22.22.22.22.ftp: Flags [P.], seq 45:61, ack 131, win 46, options [nop,nop,TS val 1372062655 ecr 761964997], length 16 21:10:59.449204 IP 22.22.22.22.ftp 11.11.11.247.55299: Flags [P.], seq 131:154, ack 61, win 46, options [nop,nop,TS val 761965585 ecr 1372062655], length 23 21:10:59.450565 IP 11.11.11.247.55299 22.22.22.22.ftp: Flags [.], ack 154, win 46, options [nop,nop,TS val 1372062671 ecr
pf doesn't work after changing isp
Hello, I had previously run pf with no problem. Then I switched to comcast, and clients can no longer access the internet. I can access the internet from the server (via ssh BTW) running pf (which, among other things, should indicate that I power cycled the modem to release IP). Clients can still mount nfs drives. I've tried re-writing a new rule-set several times, using pf-faq and book-of-pf for examples to see if I'd missed something in my original rule set. I've even tried using a match/nat-to rule followed by pass all out of desperation, all to no avail. I had a static IP with my previous provider; but comcast is dynamic. However, I don't think that's an issue (see rule set below). After having a good laugh at my ISP selection, I would appreciate if one of you were to help me get back up and running. Below is all the info I think may be necessary; please let me know if there's anything more I can provide. Thank you all. -Scott Here is a schematic of my setup: ---internet---|cable modem|---|nfe0---SERVER---re0|---|switch|---|client1/2/3/etc| # sysctl net.inet.ip.forwarding net.inet.ip.forwarding=1 # ifconfig -a lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33152 priority: 0 groups: lo inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff00 re0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:22:6b:bf:4a:40 priority: 0 media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) status: active inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::222:6bff:febf:4a40%re0 prefixlen 64 scopeid 0x1 nfe0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr xx:xx:xx:xx:xx:xx priority: 0 groups: egress media: Ethernet autoselect (none) status: no carrier # I unplugged the cable to write this email, but it stated active before that inet6 fe80::2e0:81ff:fe5c:3ae3%nfe0 prefixlen 64 scopeid 0x2 inet xx.xxx.xxx.xxx netmask 0xfc00 broadcast xx.xxx.xxx.xxx enc0: flags=0 priority: 0 groups: enc status: active pflog0: flags=141UP,RUNNING,PROMISC mtu 33152 priority: 0 groups: pflog Here is the last working rule set I used before switching ISPs: ### # MACROS/TABLES ext_if = nfe0 # On-board NIC int_if = re0 # Realtek gigabit card table trusted { 68.xxx.xxx.xxx, 24.xxx.xxx.xxx } table forbidden { 10.0.0.0/8, 176.16.0.0/12, 192.168.0.0/16 } tcp_services = { ssh } # OPTIONS set block-policy return set skip on lo # MATCH match out on egress inet from !(egress:network) to any nat-to (egress:0) # FILTER block in log pass in pass out quick antispoof quick for { lo $int_if } # allow my boxes ( no-df and random-id set for linux nfs client) pass in on $int_if scrub (no-df random-id reassemble tcp) pass in on $int_if # allow myself to ssh into server pass in on $ext_if inet proto tcp from trusted to $ext_if port ssh scrub (reassemble tcp) # these addresses don't belong on the internet block in on $ext_if from forbidden ### And finally, because too many times I've wrongly assumed that dmesg didn't apply to my question: OpenBSD 5.0 (GENERIC) #53: Wed Aug 17 10:07:52 MDT 2011 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 2145255424 (2045MB) avail mem = 2074124288 (1978MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf (41 entries) bios0: vendor Sun Microsystems version 2.2.4 date 08/16/2006 bios0: Sun Microsystems Sun Ultra 20 Workstation acpi0 at bios0: rev 0 acpi0: sleep states S0 S1 S3 S4 S5 acpi0: tables DSDT FACP SSDT SRAT MCFG APIC acpi0: wakeup devices HUB0(S5) XVR0(S5) XVR1(S5) XVR2(S5) XVR3(S5) USB0(S3) USB2(S3) MMAC(S5) MMCI(S5) UAR1(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Opteron(tm) Processor 152, 2613.70 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: AMD erratum 89 present, BIOS upgrade may be required cpu0: apic clock running at 201MHz ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (HUB0) acpicpu0 at acpi0: PSS acpibtn0 at acpi0: PWRB cpu0: Cool'n'Quiet K8 2613 MHz: speeds: 2600 2400 2200 2000 1800 1000 MHz pci0 at mainbus0 bus 0 NVIDIA nForce4 DDR rev 0xa3 at pci0 dev 0 function
应对策略与有效调岗调薪、解雇辞退及违纪问题员工处理技巧ji
igc e7%d$d?i)f!dcgd?.f9ec g$dd?i)f3cge:e0og(d::e d= gg(e7%ff,e?g6h?d8f-%fi+oed=e(ef3ge:g!d8 oh'hg(e7%g.!goee0d8 e?hgff,f/e:of/e9?e$'g(d::e d= h?+e(gg+gi.ioef9e ed8h4d8 ee g$dd?i)of/effoege7%d$d:foed=f fe:e/9oef9h?h!g'd:of/eh+f3eh.$e/o e=d8-e-e(e*d:i#i)o --h/7f%iid;6!-- [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of ¡¶ÀͶ¯ºÏͬ·¨¡·¡¢¡¶Éç»á±£ÏÕ·¨¡·¡¢¡¶¹¤É˱£ÏÕÌõÀý¡·Êµ²Ùtdjk26u.15655DEFANGED-xls]
Re: pf doesn't work after changing isp
Hey Scott, I'm no PF guru, been having some of my own problems, thought I'd give yours a look for a change of pace... On Mon, Feb 27, 2012 at 6:00 PM, Scott amorphous.yet@gmail.com wrote: Hello, I had previously run pf with no problem. Then I switched to comcast, and clients can no longer access the internet. I can access the internet from the server (via ssh BTW) running pf (which, among other things, should indicate that I power cycled the modem to release IP). Clients can still mount nfs drives. I've tried re-writing a new rule-set several times, using pf-faq and book-of-pf for examples to see if I'd missed something in my original rule set. I've even tried using a match/nat-to rule followed by pass all out of desperation, all to no avail. I had a static IP with my previous provider; but comcast is dynamic. However, I don't think that's an issue (see rule set below). Is it a non-routable IP? After having a good laugh at my ISP selection, I would appreciate if one of you were to help me get back up and running. Below is all the info I think may be necessary; please let me know if there's anything more I can provide. Thank you all. -Scott Here is a schematic of my setup: ---internet---|cable modem|---|nfe0---SERVER---re0|---|switch|---|client1/2/3/etc| # sysctl net.inet.ip.forwarding net.inet.ip.forwarding=1 # ifconfig -a lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33152 priority: 0 groups: lo inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff00 re0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:22:6b:bf:4a:40 priority: 0 media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) status: active inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::222:6bff:febf:4a40%re0 prefixlen 64 scopeid 0x1 nfe0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr xx:xx:xx:xx:xx:xx priority: 0 groups: egress media: Ethernet autoselect (none) status: no carrier # I unplugged the cable to write this email, but it stated active before that inet6 fe80::2e0:81ff:fe5c:3ae3%nfe0 prefixlen 64 scopeid 0x2 inet xx.xxx.xxx.xxx netmask 0xfc00 broadcast xx.xxx.xxx.xxx enc0: flags=0 priority: 0 groups: enc status: active pflog0: flags=141UP,RUNNING,PROMISC mtu 33152 priority: 0 groups: pflog Here is the last working rule set I used before switching ISPs: ### # MACROS/TABLES ext_if = nfe0 # On-board NIC int_if = re0 # Realtek gigabit card table trusted { 68.xxx.xxx.xxx, 24.xxx.xxx.xxx } table forbidden { 10.0.0.0/8, 176.16.0.0/12, 192.168.0.0/16 } Does nfe0 have an IP in one of these ranges? tcp_services = { ssh } # OPTIONS set block-policy return set skip on lo # MATCH match out on egress inet from !(egress:network) to any nat-to (egress:0) # FILTER block in log pass in I don't think this is right, do you really want to do this? pass out quick antispoof quick for { lo $int_if } # allow my boxes ( no-df and random-id set for linux nfs client) pass in on $int_if scrub (no-df random-id reassemble tcp) pass in on $int_if # allow myself to ssh into server pass in on $ext_if inet proto tcp from trusted to $ext_if port ssh scrub (reassemble tcp) # these addresses don't belong on the internet block in on $ext_if from forbidden I wonder if this is causing your problem with a non-routable IP on nfe0. -Barry
Re: pf doesn't work after changing isp
Thanks for taking a swing. I had a static IP with my previous provider; but comcast is dynamic. However, I don't think that's an issue (see rule set below). Is it a non-routable IP? No; it's 71.xxx.xxx.xxx ext_if = nfe0 # On-board NIC int_if = re0 # Realtek gigabit card table trusted { 68.xxx.xxx.xxx, 24.xxx.xxx.xxx } table forbidden { 10.0.0.0/8, 176.16.0.0/12, 192.168.0.0/16 } Does nfe0 have an IP in one of these ranges? nfe0 IP=71.xxx.xxx.xxx # FILTER block in log pass in I don't think this is right, do you really want to do this? You're right; the pass in was some of yesterday's flailing. I guess I was flustered and forgot to remove this line. It wasn't there before yesterday. # these addresses don't belong on the internet block in on $ext_if from forbidden I wonder if this is causing your problem with a non-routable IP on nfe0. nfe0 IP=71.xxx.xxx.xxx Anyway, thanks for pointing out that glaring mistake about the pass in. Unfortunately, it doesn't address my problem, but the lesson is to experiment with a test file instead of a working rule set :) -Scott
Re: random nat, ftp clients and 425: Securiy: Bad IP connecting
On 27-2-2012 22:22, Hrvoje Popovski wrote: i'm having problem with ftp communication. when ftp client behind openbsd 5.0 firewall connects to ftp server or servers they see 425: Securiy: Bad IP connecting. openbsd has random nat with pool of /27 public addresess and inside hosts connect through that pool. when ftp-proxy is enabled or nat is configured without random nat option, everything is working like charm. problem is that i need that crazy random stuff :) is there any option to rotate ip adrese per ftp session? There is no such option in ftp-proxy. What _might_ work is to run one ftp-proxy per IP (30 in your case) and use random on the divert-to. 5 minutes later I just tried it, and it does not work... divert-to does not support random like rdr-to does. -- Cam