Re: ubnt edgerouter 8

2024-04-30 Thread Marc Peters 
Am Tue, Apr 30, 2024 at 12:03:10PM UTC, schrieb Stuart Henderson:
> Do be aware that they often have less airflow than the original fans.
> 
> Sometimes that is not a problem, but sometimes you might want to think
> twice (especially in, say, the power supply in poe switches, which might
> end up getting a bit too warm).

They have a much higher airflow than the original ones and this particular POE 
switch model has a separate one for its PSU (with the non standard plug, which 
took me a lot longer to cut the shrinking cover and get every 3 wires 
reconnected, than to replace the other two fans)

Re: ubnt edgerouter 8

2024-04-30 Thread Marc Peters 
Am Mon, Apr 29, 2024 at 05:31:14PM UTC, schrieb Daniel Gracia:
>I replaced my 8 Pro fans with Noctua units and I'm pretty happy with
>them; they came with several adapters that allow you to choose the
>speed of the fans.

+1 for the noctua fans from me. I replaced a couple of annoying Juniper ones to 
get a decent noise level and they're really silent, even my wife doesn't 
complain. As already mentioned, the come with a couple of adapter to connect 
and even a wiring solution for non standard pins is in the package. They also 
have photos on their page, eg. https://noctua.at/en/nf-a4x10-flx

hth,
Marc

Re: postfix-pgsql postmap failures after upgrade

2022-11-01 Thread Marc Peters 
On Sun, Oct 30, 2022 at 09:13:19AM +, Stuart Henderson wrote:
> Seems there is still some conflict between Postfix 3.7 (which needs
> OpenSSL) and libraries (like libpq) using LibreSSL, despite the static
> linking. (the upstream developer of TLS code in Postfix is also an
> OpenSSL developer and seems to prefer using OpenSSL APIs which LibreSSL
> doesn't have yet).
> 
> If you have the ports tree on your machine you can unpack the attached
> file under /usr/ports/mail/postfix, pkg_delete postfix, and build a 3.5
> version from /usr/ports/mail/postfix/stable35 with "FLAVOR=pgsql make
> install".

Hi,

i saw the same behaviour on my mailserver but used the excuse to move to 
opensmtpd and reworked the setup in general. Maybe this should be mentioned on 
the upgrade page for users as a heads up?

Best,
Marc

syspatch brought system to 7.1-stable (was Re: Sprurios errors from syspatch -c)

2022-04-23 Thread Marc Peters 
On Fri, Apr 22, 2022 at 08:51:43PM -0600, Theo de Raadt wrote:
> And of course, the syspatch testing procedures will get another step or
> two to make sure this doesn't happen again
> 
> So just wait.

Thank you for explanation and clarification. Two of my systems were already hit 
by that mishap.

Best,
Marc

Re: Does OpenBSD support Carrier Grade Nat?

2020-08-07 Thread Marc Peters 
On Fri, Aug 07, 2020 at 12:46:45PM +, Edward Carver wrote:
> Can you send me sample config please?
> 

What kind of config? There's no special config needed, as the IPv4 you get for 
your external interface is out of the range 100.64.0.0/10. I receive mine via 
dhcp, but some providers may use pppoe for this. Your router will not be 
reachable via v4, of course. It's only available via IPv6.

Best,
Marc

Re: Does OpenBSD support Carrier Grade Nat?

2020-08-07 Thread Marc Peters 
On Fri, Aug 07, 2020 at 12:12:14PM +, Edward Carver wrote:
> Does OpenBSD support Carrier Grade Nat (cg-nat)?
> Thanks for helping..

My router sits behind one, so yes.

hth,
Marc

Re: Warning in the latest net/unifi Makefile commit

2020-07-06 Thread Marc Peters 
On Mon, Jul 06, 2020 at 12:33:09PM +0100, Stuart Henderson wrote:
> If you see the message when you update the unifi package then it is
> using mmapv1. If you do not see the message, it is not.

It didn't show up, while adjusting the Makefile to use the latest 5.13.32 and 
doing pkg_add to update to it, so my installation should be fine, right?

> 
> That readme from upstream is wrong, backup/restore from within unifi
> does work. I will disable installing it in the port.
> 

Thanks, also for the great port and you hard work, very appreciated.

Best,
Marc

Warning in the latest net/unifi Makefile commit

2020-07-06 Thread Marc Peters 
Hi ports@,

sthen@ put a warning into his latest commit for the unifi Makefile:

unifi: warn at update if the database is old and was created using mongodb's
deprecated MMAPV1 engine, doing a config backup + shutdown + remove db files
+ restore will recreate with WiredTiger which has significantly smaller files
and checkpointing (and seems like it maybe a bit more robust..)

I was wondering, what exactly to do? How would i get the engine, mongodb is 
using for the unifi tables? How would i backup, as the readme of the controller 
states, to do backups through tarring up /usr/local/share/unifi/data, which 
acutally includes the mongodb? Backing up over the webinterface, deleting 
/usr/local/share/unifi/data/* and then starting all over until i can upload the 
file (which is not supposed to work with the unix version, according to the 
readme at /usr/local/share/unifi/readme.txt?

Maybe someone or sthen@ could sheld some light on this or points me to the 
right direction?

Best,
Marc

Re: acpithinkpad: a fix for the x260

2019-03-08 Thread Marc Peters 
On Fri, Mar 08, 2019 at 09:00:53AM +0100, Daniel Gracia wrote:
> A T460s looking good over here.
> 
> Regards!

i second that.

Best,
Marc

Re: Boot reboot issue after upgrade to 6.4 on amd64

2018-11-27 Thread Marc Peters 
On Tue, Nov 27, 2018 at 11:48:38AM +0100, Riccardo Mottola wrote:
> Hi all,
> 
> I have a strange and blocking issue after upgrade to 6.4 on my x86-64
> laptop, which was running 6.3 just fine.
> 
> I got the bsd.rd kernel, booted it and installed, quick, easy no issue.
> Now, if I reboot, the kernel will reboot just after having written the first
> line of numbers on the screen.
> 
> The bad news is that both booting the new kernel as well as the bsd.rd
> kernel gives the issue, so the existing bsd.rd which for installation booted
> just fine.
> 
> The only thing I can think is that the boot blocks were updated and that
> they fail to load.
> 
> I also tried making an USB key with 64, I get to the bootloader prompt, but
> everything I try will make the laptop reboot, both booting from hd0a as
> wella s hd1a!
> I also tried making an USB key with 63, but that too fails the same way?
> 
> Windows partition continues to boot fine, or I would almost think of having
> some sort of hardware failure!!!
> 
> I did not make changes to the Bios, UEFI boot is still disabled. I found
> "Intel Anti-Theft" enabled and disabled it.
> 
> And now?

Please check, that you don't use only one big a partition, and if you do,
please backup and rearrange your disklabels. This approach is not
working with 6.4 anymore and was already discussed several times
recently on this very ML.

hth,
Marc

Re: Latest snapshot pkg_add issue

2018-10-06 Thread Marc Peters 
On Sat, Oct 06, 2018 at 09:27:47AM -0400, Ken M wrote:
> I just installed the latest snapshot and when I run a pkg_add it doesn't find
> anything as it is trying to look in 6.4 for packages.
> 
> $ uname -r
> 6.4
> 
> Not sure if this is an issue in the latest snapshot or I stupidly missed some
> information.

It's looking in the not yet there release folder for 6.4. You can use -Dsnap to 
get snapshot packages. 

hth,
Marc

Re: UPDATE: net/openfire to 4.2.3

2018-10-01 Thread Marc Peters 
On Sat, Sep 29, 2018 at 02:00:26PM +0200, Klemens Nanni wrote:
> On Tue, Sep 25, 2018 at 03:50:09PM +0200, Marc Peters wrote:
> >  COMMENT=   XMPP real time collaboration server
> > -V =4.1.5
> > +V =4.2.3
> The space might be removed for consistency.
> 
> > -MASTER_SITES=  
> > http://www.igniterealtime.org/downloadServlet?filename=openfire/
> > +MASTER_SITES=   
> > http://www.igniterealtime.org/downloadServlet?filename=openfire/
> >  
> >  HOMEPAGE=  http://www.igniterealtime.org/projects/openfire/index.jsp
> These have TLS.
> 
> > -MAINTAINER=Marc Peters 
> > +MAINTAINER=The OpenBSD ports mailing-list 
> That's the default so omit it.

Updated diff attached (to avoid mangling).
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.50
diff -u -p -r1.50 Makefile
--- Makefile4 Sep 2018 12:46:18 -   1.50
+++ Makefile1 Oct 2018 09:36:10 -
@@ -1,17 +1,14 @@
 # $OpenBSD: Makefile,v 1.50 2018/09/04 12:46:18 espie Exp $
 
 COMMENT=   XMPP real time collaboration server
-V =4.1.5
+V= 4.2.3
 DISTNAME=  openfire_src_${V:S/./_/g}
 PKGNAME=   openfire-$V
 CATEGORIES=net
-REVISION=  1
 
-MASTER_SITES=  http://www.igniterealtime.org/downloadServlet?filename=openfire/
+MASTER_SITES=  
https://www.igniterealtime.org/downloadServlet?filename=openfire/
 
-HOMEPAGE=      http://www.igniterealtime.org/projects/openfire/index.jsp
-
-MAINTAINER=Marc Peters 
+HOMEPAGE=  https://www.igniterealtime.org/projects/openfire/index.jsp
 
 # ASL 2.0
 PERMIT_PACKAGE_CDROM=  Yes
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.18
diff -u -p -r1.18 distinfo
--- distinfo14 Aug 2017 16:56:40 -  1.18
+++ distinfo1 Oct 2018 09:36:10 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_1_5.tar.gz) = 
8kw07CZz3OD5MhI3U46VTqdnU17X8XoldONEFwVV3ls=
-SIZE (openfire_src_4_1_5.tar.gz) = 103508870
+SHA256 (openfire_src_4_2_3.tar.gz) = 
mpAbzQaSDMtbQXUX2wKaSiC3ddSao52RipltSq9HQww=
+SIZE (openfire_src_4_2_3.tar.gz) = 113557155
Index: pkg/PLIST
===
RCS file: /cvs/ports/net/openfire/pkg/PLIST,v
retrieving revision 1.11
diff -u -p -r1.11 PLIST
--- pkg/PLIST   4 Sep 2018 12:46:18 -   1.11
+++ pkg/PLIST   1 Oct 2018 09:36:10 -
@@ -4,6 +4,7 @@
 @extraunexec rm -rf %D/openfire/conf/*
 @extraunexec rm -rf %D/openfire/embedded-db
 @extraunexec rm -rf %D/openfire/logs/*
+@rcscript ${RCDIR}/openfire
 @mode 775
 @owner root
 @group _openfire
@@ -37,6 +38,8 @@ openfire/plugins/
 openfire/plugins/admin/
 openfire/plugins/admin/plugin.xml
 openfire/plugins/admin/webapp/
+openfire/plugins/admin/webapp/META-INF/
+openfire/plugins/admin/webapp/META-INF/admin.tld
 openfire/plugins/admin/webapp/WEB-INF/
 openfire/plugins/admin/webapp/WEB-INF/admin.tld
 openfire/plugins/admin/webapp/WEB-INF/classes/
@@ -51,10 +54,6 @@ openfire/plugins/admin/webapp/WEB-INF/li
 openfire/plugins/admin/webapp/WEB-INF/lib/readme.txt
 openfire/plugins/admin/webapp/WEB-INF/lib/versions.txt
 openfire/plugins/admin/webapp/WEB-INF/sitemesh.xml
-openfire/plugins/admin/webapp/WEB-INF/tags/
-openfire/plugins/admin/webapp/WEB-INF/tags/admin/
-openfire/plugins/admin/webapp/WEB-INF/tags/admin/contentBox.tagx
-openfire/plugins/admin/webapp/WEB-INF/tags/admin/infoBox.tagx
 openfire/plugins/admin/webapp/WEB-INF/web.xml
 openfire/plugins/admin/webapp/favicon.ico
 openfire/plugins/admin/webapp/images/
@@ -366,6 +365,14 @@ openfire/resources/database/upgrade/25/o
 openfire/resources/database/upgrade/25/openfire_postgresql.sql
 openfire/resources/database/upgrade/25/openfire_sqlserver.sql
 openfire/resources/database/upgrade/25/openfire_sybase.sql
+openfire/resources/database/upgrade/26/
+openfire/resources/database/upgrade/26/openfire_db2.sql
+openfire/resources/database/upgrade/26/openfire_hsqldb.sql
+openfire/resources/database/upgrade/26/openfire_mysql.sql
+openfire/resources/database/upgrade/26/openfire_oracle.sql
+openfire/resources/database/upgrade/26/openfire_postgresql.sql
+openfire/resources/database/upgrade/26/openfire_sqlserver.sql
+openfire/resources/database/upgrade/26/openfire_sybase.sql
 openfire/resources/database/upgrade/4/
 openfire/resources/database/upgrade/4/openfire_db2.sql
 openfire/resources/database/upgrade/4/openfire_hsqldb.sql
@@ -426,6 +433,7 @@ share/doc/openfire/install-guide.html
 share/doc/openfire/ldap-guide.html
 share/doc/openfire/pluggable-roster-support-guide.html
 share/doc/openfire/plugin-dev-guide.html
+share/doc/openfire/separating-admin-users-guide.html
 share/doc/openfire/ssl-guide.html
 share/doc/openfire/translator-guide.html
 share/doc/openfire/upgrade-guide.html
@@ -486,4 +494,3 @

UPDATE: net/openfire to 4.2.3

2018-09-25 Thread Marc Peters 
Hi List,

attached patch (to avoid mangling) updates Openfire to 4.2.3 and drops
my Maintainership, as i am not using Openfire anymore (that's why it
took me so long to send the update). It compiles ok and should work
ok, so further tests would be welcome.

Comments, oks?

Marc
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.50
diff -u -p -r1.50 Makefile
--- Makefile4 Sep 2018 12:46:18 -   1.50
+++ Makefile25 Sep 2018 13:36:10 -
@@ -1,17 +1,16 @@
 # $OpenBSD: Makefile,v 1.50 2018/09/04 12:46:18 espie Exp $
 
 COMMENT=   XMPP real time collaboration server
-V =4.1.5
+V =4.2.3
 DISTNAME=  openfire_src_${V:S/./_/g}
 PKGNAME=   openfire-$V
 CATEGORIES=net
-REVISION=  1
 
-MASTER_SITES=  http://www.igniterealtime.org/downloadServlet?filename=openfire/
+MASTER_SITES=   
http://www.igniterealtime.org/downloadServlet?filename=openfire/
 
 HOMEPAGE=  http://www.igniterealtime.org/projects/openfire/index.jsp
 
-MAINTAINER=Marc Peters 
+MAINTAINER=The OpenBSD ports mailing-list 
 
 # ASL 2.0
 PERMIT_PACKAGE_CDROM=  Yes
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.18
diff -u -p -r1.18 distinfo
--- distinfo14 Aug 2017 16:56:40 -  1.18
+++ distinfo25 Sep 2018 13:36:10 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_1_5.tar.gz) = 
8kw07CZz3OD5MhI3U46VTqdnU17X8XoldONEFwVV3ls=
-SIZE (openfire_src_4_1_5.tar.gz) = 103508870
+SHA256 (openfire_src_4_2_3.tar.gz) = 
mpAbzQaSDMtbQXUX2wKaSiC3ddSao52RipltSq9HQww=
+SIZE (openfire_src_4_2_3.tar.gz) = 113557155
Index: pkg/PLIST
===
RCS file: /cvs/ports/net/openfire/pkg/PLIST,v
retrieving revision 1.11
diff -u -p -r1.11 PLIST
--- pkg/PLIST   4 Sep 2018 12:46:18 -   1.11
+++ pkg/PLIST   25 Sep 2018 13:36:10 -
@@ -4,6 +4,7 @@
 @extraunexec rm -rf %D/openfire/conf/*
 @extraunexec rm -rf %D/openfire/embedded-db
 @extraunexec rm -rf %D/openfire/logs/*
+@rcscript ${RCDIR}/openfire
 @mode 775
 @owner root
 @group _openfire
@@ -37,6 +38,8 @@ openfire/plugins/
 openfire/plugins/admin/
 openfire/plugins/admin/plugin.xml
 openfire/plugins/admin/webapp/
+openfire/plugins/admin/webapp/META-INF/
+openfire/plugins/admin/webapp/META-INF/admin.tld
 openfire/plugins/admin/webapp/WEB-INF/
 openfire/plugins/admin/webapp/WEB-INF/admin.tld
 openfire/plugins/admin/webapp/WEB-INF/classes/
@@ -51,10 +54,6 @@ openfire/plugins/admin/webapp/WEB-INF/li
 openfire/plugins/admin/webapp/WEB-INF/lib/readme.txt
 openfire/plugins/admin/webapp/WEB-INF/lib/versions.txt
 openfire/plugins/admin/webapp/WEB-INF/sitemesh.xml
-openfire/plugins/admin/webapp/WEB-INF/tags/
-openfire/plugins/admin/webapp/WEB-INF/tags/admin/
-openfire/plugins/admin/webapp/WEB-INF/tags/admin/contentBox.tagx
-openfire/plugins/admin/webapp/WEB-INF/tags/admin/infoBox.tagx
 openfire/plugins/admin/webapp/WEB-INF/web.xml
 openfire/plugins/admin/webapp/favicon.ico
 openfire/plugins/admin/webapp/images/
@@ -366,6 +365,14 @@ openfire/resources/database/upgrade/25/o
 openfire/resources/database/upgrade/25/openfire_postgresql.sql
 openfire/resources/database/upgrade/25/openfire_sqlserver.sql
 openfire/resources/database/upgrade/25/openfire_sybase.sql
+openfire/resources/database/upgrade/26/
+openfire/resources/database/upgrade/26/openfire_db2.sql
+openfire/resources/database/upgrade/26/openfire_hsqldb.sql
+openfire/resources/database/upgrade/26/openfire_mysql.sql
+openfire/resources/database/upgrade/26/openfire_oracle.sql
+openfire/resources/database/upgrade/26/openfire_postgresql.sql
+openfire/resources/database/upgrade/26/openfire_sqlserver.sql
+openfire/resources/database/upgrade/26/openfire_sybase.sql
 openfire/resources/database/upgrade/4/
 openfire/resources/database/upgrade/4/openfire_db2.sql
 openfire/resources/database/upgrade/4/openfire_hsqldb.sql
@@ -426,6 +433,7 @@ share/doc/openfire/install-guide.html
 share/doc/openfire/ldap-guide.html
 share/doc/openfire/pluggable-roster-support-guide.html
 share/doc/openfire/plugin-dev-guide.html
+share/doc/openfire/separating-admin-users-guide.html
 share/doc/openfire/ssl-guide.html
 share/doc/openfire/translator-guide.html
 share/doc/openfire/upgrade-guide.html
@@ -486,4 +494,3 @@ share/examples/openfire/security/trustst
 @mode
 @owner
 @group
-@rcscript ${RCDIR}/openfire

Re: PF possibly causing weird SSL issues ?

2018-09-19 Thread Marc Peters 
On Tue, Sep 18, 2018 at 09:02:23PM +, Tim Jones wrote:

> My PF is simple as follows (there is no NAT here, its fully routable) :
> match in all scrub (no-df random-id)
> block drop
> set block-policy drop
> set syncookies always
> pass from  to any flags S/SA modulate state (pflow)
> 

Can you try your setup with a default pf.conf (you can find it in 
/etc/examples). If this works, then try adding the rules you've got one by one 
to see, if and which one is causing your troubles.

hth,
Marc

Re: unix hosting

2018-09-14 Thread Marc Peters 
On Fri, Sep 14, 2018 at 11:00:04PM -0300, Friedrich Locke wrote:
> Dear OBSD friends,
> 
> right now i am hosting my site within geekisp. There i provided with a unix
> shell, using openbsd.
> 
> I am in need to change my hosting provider, may some here suggest an obsd
> hosting service that besides email, web (with php), mysql DBMS and unix
> shell ?
> 
> Of course, i am not looking for free service, just paid.
> 
> Thanks in advance.

There is OpenBSD Amsterdam https://openbsd.amsterdam. They provide
OpenBSD VMs, so you would need to do the configuration of the services
on your own.

hth,
Marc

Re: Downloadable CIDR network calculator

2018-09-12 Thread Marc Peters 
On Tue, Sep 11, 2018 at 11:59:04AM -0600, Andrew wrote:
> 
> FWIW: a small network calculator without a python dependency is already
> in packages.
> 
> $> pkg_info ipcalc
> Information for inst:ipcalc-1.4p0
> 
> Comment:
> small network calculator
> 
> Description: ipcalc is a small tool that operates on IPv4 networks.  It
> can operate in one of four modes: network describing, netmask
> describing, finding or splitting.
> 
> Maintainer: The OpenBSD ports mailing-list 
> 
> WWW: https://github.com/pyr/ipcalc

If you need IPv6 functionality, there's sipcalc in packages without any
extra dependencies.

Re: How to implement CARP master/backup with IPv6 RAs from OpenBSD firewall pair?

2018-07-27 Thread Marc Peters 
On Thu, Jul 26, 2018 at 04:57:09PM -0400, Martin Gignac wrote:
> Hi,
> 
> How does one implement a redundant OpenBSD firewall pair with IPv6?
> 
> With IPv4 I would use CARP to have one of the boxes be the
> master/active while the other one is backup/standby. But with IPv6 I
> want to use Router Advertisements so that hosts on the internal
> network can use SLAAC for IPv6 address autoconfiguration. Therefore
> hosts will receive RAs from both OpenBSD boxes and set both as
> possible default GWs in their routing table.
> 
> In that case, how do I get the internal hosts to send all traffic to
> the "primary" firewall? I've configured the CARP interface on the box
> with IPv6, but the RAs are still sent from both boxes (master and
> backup) so the RA-configured hosts don't end up using the IPv6 CARP
> VIP at all and I seem to end up with possible asymmetric firewall
> flows.
> 
> Thanks,
> -Martin

rtadvd will only start on the master, because the interface has to
be active. With ifstated, you can automate this (starting, stopping).
I don't know, if rad is also dependent on the interface, but once you
have the ifstated in place, you would just need to change the name of
the daemon and restart ifstated.

hth,
Marc

Re: cannot get re(4) to use 1000baseT

2018-07-18 Thread Marc Peters 
On Wed, Jul 18, 2018 at 04:27:45PM +0200, Jan Stary wrote:
> This is 6.3-current on and amd64 PC (dmesg below), using
> 
> re0 at pci2 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E-VL 
> (0x2c80), msi, address 50:e5:49:36:ec:0d
> 
> as the NIC. With a hostname.re0 that says
> 
>   inet 192.168.11.3 255.255.255.0
> 
> it gets configured fine, but only uses 100baseTX.
> Now that I got me this 1000Mbps switch, I would like to have 1000baseT.
> 
> Why is it that the autoselect chooses 100baseT
> when both the NIC and the switch it is connected to
> are capable of 1000Mbps?
> 
> When I change the hostname.re0 to
> 
>   inet 192.168.11.3 255.255.255.0 192.168.11.255 media 1000baseT
> 
> (and run 'doas sh /etc/netstart re0'), it becomes
> 
> re0: flags=8843 mtu 1500
>   lladdr 50:e5:49:36:ec:0d
>   index 1 priority 0 llprio 3
>   groups: egress
>   media: Ethernet 1000baseT (none)
>   status: no carrier
>   inet 192.168.11.3 netmask 0xff00 broadcast 192.168.11.255
> 
> and indeed, I lose all conectivity.
> 
> Is anyone seeing the same?
> Is there something obvious I am missing?
> 
> All I found on this was this old thread:
> http://openbsd-archive.7691.n7.nabble.com/Forcing-re-driver-to-1000baseT-no-connection-4-4-release-td79375.html
> 
>   Jan

Got a similar one running up until 6.2, when i switched to a intel
dualport without any problems.

As the other two said, check the cable. Both devices need to have the
same media settings, ie autoneg turned on or off. If you just turn it
off on the card, the switch maybe doesn't get it right and disables the
port. If you turn out the autoneg on the card, do so on the switchport,
too. The most common error is a broken cable or a "special" cable from a
vendor with only 4 cable cores for 100MBit without pins 4/5 and 7/8.

hth,
marc

Re: Enabling ngx_http_addition_module on OpenBSD?

2018-06-28 Thread Marc Peters 
On Thu, Jun 28, 2018 at 10:26:12AM +0300, Özgür Kazancci wrote:
> I don't want to build Nginx from source. I cannot do that - it's a
> production server.
> 

If this server is that important, that you can't afford the downtime
for a restart (to load the new binaries), you should consider a
loadbalancer and a second nginx, which you can update. If you update the
other, the loadbalancer should recognize and don't forward any traffic.
If you don't have machines for this, you could even do it on the same
machine. Setup a local loadbalancer and two nginx instances to
loadbalance. If the hardware dies, you will have your downtime anyways.
But remember: Every downtime is your maintenance window ;).

hth,
Marc

protection fault trap with OpenBSD 6.3

2018-05-28 Thread Marc Peters 
Hi List,

i am having issues with OpenBSD 6.3, latest patches as of today applied. We are 
using gif-tunnels between our datacenters, transport encryption and OpenBGPD to 
announce the prefixes between the datacenters. The boxes also have isakmpd 
tunnels on a carp interface to AWS and GCP. The setup is working fine with 
existing 6.1 boxes and there's no problem in pushing/receiving several 
100MBit/s (according to observium snmpd data, which gets constantly collected). 
Switching the traffic to the 6.3 hosts, we get a freeze on one of the boxes 
after about 45 minutes of transferring traffic (all IPv4 traffic in our case 
for now):

login: kernel: protection fault trap, code=0
Stopped at  export_sa+0x5c: movl0(%rcx),%ecx
ddb{0}> show panic  
the kernel did not panic
ddb{0}> bt  
export_sa(10,80002240c0b0) at export_sa+0x5c
pfkeyv2_expire(8095c400,8095c400) at pfkeyv2_expire+0x14e
tdb_timeout(80002240c260) at tdb_timeout+0x39
softclock_thread(0) at softclock_thread+0xc6 
end trace frame: 0x0, count: -4
ddb{0}> ps 
   PID TID   PPIDUID  S   FLAGS  WAIT  COMMAND
 72451  269194  73777  0  30x100083  ttyin ksh
 73777  173781  1  0  30x100080  kqreadtmux
 75976  220444  64078  0  30x100083  kqreadtmux
 64078  416346  52315  0  30x10008b  pause ksh 
 52315  192412  90927  0  30x92  selectsshd
 98917  236376  1  0  30x100083  ttyin getty
 88517   86024  1  0  30x100083  ttyin getty
 39458  242138  1  0  30x100083  ttyin getty
 16509  160463  1  0  30x100083  ttyin getty
  5741  397042  1  0  30x100083  ttyin getty
 39044  336292  1  0  30x100083  ttyin getty
 12648  371611  1  0  30x100098  poll  cron 
 64944  488151  1  0  30x90  selectbacula-fd
 64944   93309  1  0  3   0x490  fsleepbacula-fd
 90927  275325  1  0  30x80  selectsshd 
 30069  438532  1556  30x90  selectnrpe
 61921  464479  1 99  30x100090  poll  sndiod
 19307  265996  1110  30x100090  poll  sndiod
 67642   23609  35037 95  30x100092  kqreadsmtpd 
 30995  503192  35037103  30x100092  kqreadsmtpd
 30135  432207  35037 95  30x100092  kqreadsmtpd
 48369   40239  35037 95  30x100092  kqreadsmtpd
 15265   58238  35037 95  30x100092  kqreadsmtpd
 88554  334766  35037 95  30x100092  kqreadsmtpd
 35037  186739  1  0  30x100080  kqreadsmtpd
 96223  160438  58191 75  70x100052bgpd 
 90387   61271  58191 75  30x100092  poll  bgpd
 58191  101172  1  0  30x80  poll  bgpd
 42084  456307  1  0  30x100080  kqreadsnmpd
 18317  107917  1 91  30x100092  kqreadsnmpd
 44555  140946  1 91  30x92  kqreadsnmpd
 24182  166156  1  0  30x80  selectsshd 
 52767  308392  14070 68  70x50isakmpd
 14070   24576  1  0  30x80  netio isakmpd
 57007  139418  35428 83  30x100092  poll  ntpd   
 35428   91196  92310 83  30x100092  poll  ntpd
 92310  242928  1  0  30x100080  poll  ntpd
 77320  412385  65645 74  30x100092  bpf   pflogd
 65645  394793  1  0  30x80  netio pflogd
 30559  279846  77380 73  30x100090  kqreadsyslogd
 77380  496624  1  0  30x100082  netio syslogd
 98706   10022  77669115  30x100092  kqreadslaacd 
 11631   15638  77669115  30x100092  kqreadslaacd
 77669  211051  1  0  30x80  kqreadslaacd
 75393  324227  0  0  3 0x14200  pgzerozerothread
 9  431378  0  0  3 0x14200  aiodoned  aiodoned  
 39050  216833  0  0  3 0x14200  syncerupdate  
 97565  501358  0  0  3 0x14200  cleaner   cleaner
 96696  450450  0  0  3 0x14200  reaperreaper 
 39575  483587  0  0  3 0x14200  pgdaemon  pagedaemon
 67857   79140  0  0  3 0x14200  bored crynlk
 64493  339992  0  0  7 0x14200crypto
 40655  184052  0  0  3 0x14200  usbtskusbtask
 35598  495188  0  0  3 0x14200  usbatsk   usbatsk
 61415  132786  0  0  3  0x40014200  acpi0 acpi0  
 43475  414851  0  0  7  0x40014200idle11
 94572  515090  0  0  7  0x40014200idle10
 45748

protection fault trap with OpenBSD 6.3

2018-05-28 Thread Marc Peters 
Hi List,

i am having issues with OpenBSD 6.3, latest patches as of today applied. We are 
using gif-tunnels between our datacenters, transport encryption and OpenBGPD to 
announce the prefixes between the datacenters. The boxes also have isakmpd 
tunnels on a carp interface to AWS and GCP. The setup is working fine with 
existing 6.1 boxes and there's no problem in pushing/receiving several 
100MBit/s (according to observium snmpd data, which gets constantly collected). 
Switching the traffic to the 6.3 hosts, we get a freeze on one of the boxes 
after about 45 minutes of transferring traffic (all IPv4 traffic in our case 
for now):

login: kernel: protection fault trap, code=0
Stopped at  export_sa+0x5c: movl0(%rcx),%ecx
ddb{0}> show panic  
the kernel did not panic
ddb{0}> bt  
export_sa(10,80002240c0b0) at export_sa+0x5c
pfkeyv2_expire(8095c400,8095c400) at pfkeyv2_expire+0x14e
tdb_timeout(80002240c260) at tdb_timeout+0x39
softclock_thread(0) at softclock_thread+0xc6 
end trace frame: 0x0, count: -4
ddb{0}> ps 
   PID TID   PPIDUID  S   FLAGS  WAIT  COMMAND
 72451  269194  73777  0  30x100083  ttyin ksh
 73777  173781  1  0  30x100080  kqreadtmux
 75976  220444  64078  0  30x100083  kqreadtmux
 64078  416346  52315  0  30x10008b  pause ksh 
 52315  192412  90927  0  30x92  selectsshd
 98917  236376  1  0  30x100083  ttyin getty
 88517   86024  1  0  30x100083  ttyin getty
 39458  242138  1  0  30x100083  ttyin getty
 16509  160463  1  0  30x100083  ttyin getty
  5741  397042  1  0  30x100083  ttyin getty
 39044  336292  1  0  30x100083  ttyin getty
 12648  371611  1  0  30x100098  poll  cron 
 64944  488151  1  0  30x90  selectbacula-fd
 64944   93309  1  0  3   0x490  fsleepbacula-fd
 90927  275325  1  0  30x80  selectsshd 
 30069  438532  1556  30x90  selectnrpe
 61921  464479  1 99  30x100090  poll  sndiod
 19307  265996  1110  30x100090  poll  sndiod
 67642   23609  35037 95  30x100092  kqreadsmtpd 
 30995  503192  35037103  30x100092  kqreadsmtpd
 30135  432207  35037 95  30x100092  kqreadsmtpd
 48369   40239  35037 95  30x100092  kqreadsmtpd
 15265   58238  35037 95  30x100092  kqreadsmtpd
 88554  334766  35037 95  30x100092  kqreadsmtpd
 35037  186739  1  0  30x100080  kqreadsmtpd
 96223  160438  58191 75  70x100052bgpd 
 90387   61271  58191 75  30x100092  poll  bgpd
 58191  101172  1  0  30x80  poll  bgpd
 42084  456307  1  0  30x100080  kqreadsnmpd
 18317  107917  1 91  30x100092  kqreadsnmpd
 44555  140946  1 91  30x92  kqreadsnmpd
 24182  166156  1  0  30x80  selectsshd 
 52767  308392  14070 68  70x50isakmpd
 14070   24576  1  0  30x80  netio isakmpd
 57007  139418  35428 83  30x100092  poll  ntpd   
 35428   91196  92310 83  30x100092  poll  ntpd
 92310  242928  1  0  30x100080  poll  ntpd
 77320  412385  65645 74  30x100092  bpf   pflogd
 65645  394793  1  0  30x80  netio pflogd
 30559  279846  77380 73  30x100090  kqreadsyslogd
 77380  496624  1  0  30x100082  netio syslogd
 98706   10022  77669115  30x100092  kqreadslaacd 
 11631   15638  77669115  30x100092  kqreadslaacd
 77669  211051  1  0  30x80  kqreadslaacd
 75393  324227  0  0  3 0x14200  pgzerozerothread
 9  431378  0  0  3 0x14200  aiodoned  aiodoned  
 39050  216833  0  0  3 0x14200  syncerupdate  
 97565  501358  0  0  3 0x14200  cleaner   cleaner
 96696  450450  0  0  3 0x14200  reaperreaper 
 39575  483587  0  0  3 0x14200  pgdaemon  pagedaemon
 67857   79140  0  0  3 0x14200  bored crynlk
 64493  339992  0  0  7 0x14200crypto
 40655  184052  0  0  3 0x14200  usbtskusbtask
 35598  495188  0  0  3 0x14200  usbatsk   usbatsk
 61415  132786  0  0  3  0x40014200  acpi0 acpi0  
 43475  414851  0  0  7  0x40014200idle11
 94572  515090  0  0  7  0x40014200idle10
 45748

Re: dhclient expects IPv4 address in dhclient.conf

2018-05-03 Thread Marc Peters 
On Thu, May 03, 2018 at 12:05:40PM +0200, Paul de Weerd wrote:
> Stick a v6 recursor in /etc/resolv.conf.tail.  When dhclient updates
> /etc/resolv.conf, it'll append the contents of /etc/resolv.conf.tail
> to it and you will have your v6 resolver availble that way.  You could
> even ignore the v4 nameserver and use your manually configured
> nameservers only.  See resolv.conf(5).
> 
> The only thing I don't think is possible with base tools is having
> your v6 recursor listed *before* the dhcp offered recursor.
> 
> Cheers,
> 
> Paul 'WEiRD' de Weerd

Thank you for your answers. Actually, i would like to keep them as
backup, when doing upgrades or the bind package is not working as
expected. I will take a deeper dive into resolv.conf to have a look. I
thought, that an /etc/resolv.conf.head file would do the trick, but it seems to 
be
ignored on OpenBSD.

Re: dhclient expects IPv4 address in dhclient.conf

2018-05-03 Thread Marc Peters 
On Thu, May 03, 2018 at 10:31:27AM +0200, Janne Johansson wrote:
>Since manpage doesn't mention v6 namespace at all, I'd wager you would
>have to
>run something else to pick up v6 resolvers.

Yeah, that's right. Maybe, i stick to v4 resolvers for now or add it by
hand, when i reboot it.

Re: dhclient expects IPv4 address in dhclient.conf

2018-05-02 Thread Marc Peters 
On Wed, May 02, 2018 at 04:24:50PM +0200, Janne Johansson wrote:
> Seems common on other dhcpd's too:
> https://lists.isc.org/pipermail/dhcp-users/2012-May/015511.html
> 

ah, the option has a different name for IPv6 nameservers. Does the base
dhclient recognize these different options, or do i have to give
isc-dhcp-client a try for this?

Re: dhclient expects IPv4 address in dhclient.conf

2018-05-02 Thread Marc Peters 
Am 2. Mai 2018 16:24:50 MESZ schrieb Janne Johansson <icepic...@gmail.com>:
>2018-05-02 16:06 GMT+02:00 Marc Peters <m...@mpeters.org>:
>
>> Hi misc,
>> dhclient hates me. I would like to prepend an IPv6 nameserver in the
>> dhclient configuration on my router when connecting to my ISP, but
>> dhclient gives me following error:
>>
>> em1: /etc/dhclient.conf line 17: expecting IPv4 address.
>> em1: prepend domain-name-servers "::1"
>> em1: ^
>> dhclient.conf ist plain simple:
>> ~ $ grep -v "#" /etc/dhclient.conf
>>
>> supersede host-name "router";
>>
>> prepend domain-name-servers 127.0.0.1;
>>
>> prepend domain-name-servers "::1";
>>
>> Is this intended?
>>
>>
>Seems common on other dhcpd's too:
>https://lists.isc.org/pipermail/dhcp-users/2012-May/015511.html

This looks like a server issue and fixed in the meantime, otherwise the Windows 
Clients won't get any v6 nameservers, as they don't get it from the RAs.

My issue is with dhclient setting something in /etc/resolve.conf.

-- 
Sent from my cell phone

dhclient expects IPv4 address in dhclient.conf

2018-05-02 Thread Marc Peters 
Hi misc,

dhclient hates me. I would like to prepend an IPv6 nameserver in the
dhclient configuration on my router when connecting to my ISP, but
dhclient gives me following error:

em1: /etc/dhclient.conf line 17: expecting IPv4 address.
em1: prepend domain-name-servers "::1"
em1: ^

dhclient.conf ist plain simple:
~ $ grep -v "#" /etc/dhclient.conf  
  
supersede host-name "router";   
  
prepend domain-name-servers 127.0.0.1;  
  
prepend domain-name-servers "::1";

Is this intended?

Best,
Marc

--
dmesg:
OpenBSD 6.3 (GENERIC.MP) #1: Sat Apr 21 14:26:25 CEST 2018

r...@syspatch-63-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8151306240 (7773MB)
avail mem = 7897186304 (7531MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xeaf40 (52 entries)
bios0: vendor American Megatrends Inc. version "0306" date
08/18/2011
bios0: ASUSTeK Computer INC. E45M1-I DELUXE
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG HPET SSDT SSDT
acpi0: wakeup devices SBAZ(S4) UAR1(S4) P0PC(S4) UHC1(S4) UHC2(S4)
USB3(S4) UHC4(S4) USB5(S4) UHC6(S4) UHC7(S4) PE20(S4) PE21(S4)
RLAN(S4) PE22(S4) PE23(S4) BR14(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD E-450 APU with Radeon(tm) HD Graphics, 1650.41 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC
cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache,
512KB 64b/line 16-way L2 cache
cpu0: 8 4MB entries fully associative
cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully
associative
acpitimer0: recalibrated TSC frequency 1649918204 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 199MHz
cpu0: mwait min=64, max=64, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD E-450 APU with Radeon(tm) HD Graphics, 1649.93 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC
cpu1: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache,
512KB 64b/line 16-way L2 cache
cpu1: 8 4MB entries fully associative
cpu1: DTLB 40 4KB entries fully associative, 8 4MB entries fully
associative
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 0 pa 0xfec0, version 21, 24 pins
, remapped to apid 0
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpihpet0 at acpi0: 14318180 Hz
acpihpet0: recalibrated TSC frequency 1649928660 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 3 (PE20)
acpiprt2 at acpi0: bus 4 (PE21)
acpiprt3 at acpi0: bus -1 (PE22)
acpiprt4 at acpi0: bus -1 (PE23)
acpiprt5 at acpi0: bus -1 (BR15)
acpiprt6 at acpi0: bus -1 (PCE6)
acpiprt7 at acpi0: bus -1 (PCE7)
acpiprt8 at acpi0: bus -1 (PCE8)
acpiprt9 at acpi0: bus 1 (BR14)
acpicpu0 at acpi0: C2(0@100 io@0x1771), C1(@1 halt!), PSS
acpicpu1 at acpi0: C2(0@100 io@0x1771), C1(@1 halt!), PSS
acpibtn0 at acpi0: PWRB
"PNP0C14" at acpi0 not configured
cpu0: 1650 MHz: speeds: 1650 1320 825 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "AMD AMD64 14h Host" rev 0x00
radeondrm0 at pci0 dev 1 function 0 "ATI Radeon HD 6320" rev 0x00
drm0 at radeondrm0
radeondrm0: msi
azalia0 at pci0 dev 1 function 1 "ATI Radeon HD 6310 HD Audio" rev
0x00: msi
azalia0: no supported codecs
ppb0 at pci0 dev 4 function 0 "AMD AMD64 14h PCIE" rev 0x00: msi
pci1 at ppb0 bus 1
em0 at pci1 dev 0 function 0 "Intel 82576" rev 0x01: msi, address
90:e2:ba:e9:1a:3a
em1 at pci1 dev 0 function 1 "Intel 82576" rev 0x01: msi, address
90:e2:ba:e9:1a:3b
ahci0 at pci0 dev 17 function 0 "ATI SBx00 SATA" rev 0x40: apic 0
int 19, AHCI 1.2
ahci0: port 0: 6.0Gb/s
ahci0: port 1: 6.0Gb/s
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 0 lun 0:  SCSI3
0/direct fixed naa.50014ee60409ed8f
sd0: 953869MB, 512 bytes/sector, 1953525168 sectors
sd1 at scsibus1 targ 1 lun 0:  SCSI3
0/direct fixed naa.50014ee604099ed2
sd1: 953869MB, 512 bytes/sector, 1953525168 sectors
ohci0 at pci0 dev 18 function 0 "ATI SB700 USB" rev 0x00: apic 0 int
18, version 1.0, legacy support
ehci0 at pci0 dev 18 function 2 "ATI SB700 USB2" rev 0x00: apic 0
int 17
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "ATI EHCI root hub" rev
2.00/1.00 addr 1
ohci1 at pci0 dev 19 function 0 "ATI SB700 USB" rev 0x00:

Re: high sofnet load with gif(4) and icmp

2018-04-05 Thread Marc Peters 
On Thu, Apr 05, 2018 at 02:38:36PM +0200, Alexander Bluhm wrote:
> OK bluhm@
> 
> On Thu, Apr 05, 2018 at 09:14:32AM +1000, David Gwynne wrote:
> > Index: if_gif.c
> > ===
> > RCS file: /cvs/src/sys/net/if_gif.c,v
> > retrieving revision 1.113
> > diff -u -p -r1.113 if_gif.c
> > --- if_gif.c15 Mar 2018 21:01:18 -  1.113
> > +++ if_gif.c4 Apr 2018 23:12:02 -
> > @@ -403,6 +403,8 @@ gif_output(struct ifnet *ifp, struct mbu
> > error = ENOBUFS;
> > goto drop;
> > }
> > +   memcpy((caddr_t)(mtag + 1), >if_index, sizeof(ifp->if_index));
> > +   m_tag_prepend(m, mtag);
> >  
> > m->m_pkthdr.ph_family = dst->sa_family;
> >  

Is this considered a regression, which is worth an errata? We have quite a
few gif tunnels.

Marc

Re: SunBlade 150 to take at Lyon, France and ideas about 3 T1000 to replace, if possible.

2018-03-21 Thread Marc Peters 
Am 21. März 2018 14:36:31 MEZ schrieb Tinker :
>Did Supermicro release non-AMD64 hardware recently? If I understood the
>OP right he wants non-AMD64.

Ah, missed that part.

-- 
Sent from my cell phone

Re: SunBlade 150 to take at Lyon, France and ideas about 3 T1000 to replace, if possible.

2018-03-21 Thread Marc Peters 
On Tue, Mar 20, 2018 at 04:21:14PM +0100, Sylvain Maurin wrote:
> I am looking for OpenBSD hardware compatible 1/2U racks boxes, redondant PSU,
> with preference for another all but amd64 arch with LOM/RAC/IPMI management
> hardware, in less than 6kEUR budget range. 
> 
> Usually, my T1000 manage tunneling/forwarding for 20 ssh users, with 250Mb/s
> network streams. I suppose that most recent Loonsong or Octeon hardware would
> be able to do it easy, but I am unable to find any local resellers here, in
> France, outside for Ubiquity edgerouter that came without redundant PSU.
> I asked a quote to Rhino Labs for 2 Octeons SDNA boxes, without success. 
> Helas, SPARC with ORACLE offers are not in my budget.
> 

Hi,

you should look for supermicro boxes. They come with redundant power supplies, 
ipmi and should fit your budget (processor dependent). As an EU customer, you 
could also buy them in a different EU country (eg. Netherlands or Germany).

hth,
Marc

Re: ipv6 nd

2018-03-20 Thread Marc Peters 
On Tue, Mar 20, 2018 at 11:27:30AM +0100, Mischa wrote:
> Interesting. So this would replace the dhcpclient in base?
> What is the difference between wide-dhcpv6 and dhcpcd?
> 
> Mischa
> 

I think you could do that, but i use it just for the DHCPv6 stuff and the base 
dhclient for other DHCP. The main difference would be, that dhcpcd is actively 
maintained ;).

Marc

Re: ipv6 nd

2018-03-20 Thread Marc Peters 
On Tue, Mar 20, 2018 at 08:47:26AM +0100, Mischa wrote:
> > On 20 Mar 2018, at 08:41, Marc Peters <m...@mpeters.org> wrote:
> > 
> > I use dhcpcd for on the WAN Interface to receive the prefix delegation. On 
> > the internal network, i use slaac with rtadvd. The README for dhcpcd 
> > provides the necessary information.
> 
> Is dhcpd able to pickup IPv6? I thought this needed to be done with 
> wide-dhcpv6?
> The one thing I don't like about IPv6 at the moment, the trouble you need to 
> go through to get a IPv6 address on a PPPoE interface. :(
> 
> Mischa
> 

Yes, it is:
https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/dhcpcd/pkg/README?rev=1.5=text/plain_with_tag=HEAD

At the moment, i only have a link-local address on the external interface 
configured, which gets it router via slaac and router advertisements. The 
external addresses are only on the internal facing interface and on these hosts.

Re: ipv6 nd

2018-03-20 Thread Marc Peters 
On Mon, Mar 19, 2018 at 11:27:12PM +, Peter van Oord van der Vlies wrote:
> Hello Misc,
> 
> 
> Today i replaced my cisco 881 because it wasn't able to handle the bandwidth 
> anymore.
> 
> 
> I had a working ipv6 setup for years with the following relevant part from my 
> cisco wan interface
> 
> config part:
> 
>   ipv6 address autoconfig
> 
>   ipv6 enable
> 
>   ipv6 nd ra interval 30
> 
>   ipv6 dhcp client pd my_prefix rapid-commit
> 
> On my obsd wan interface i did ifconfig pppoe0 inet6 autoconf but i am not
> getting any global address.
> 
> Anyone here that can set me into the right direction ?

I use dhcpcd for on the WAN Interface to receive the prefix delegation. On the 
internal network, i use slaac with rtadvd. The README for dhcpcd provides the 
necessary information.

hth,
Marc

Re: OSPF over gif on top of IPsec transport -current

2018-03-13 Thread Marc Peters 
On Tue, Mar 13, 2018 at 05:33:11PM +0100, Maxim Bourmistrov wrote:
> I moved over to etherip(4) some time ago. In transition to etherip, combo of 
> etherip on one side and gif on another worked well.
> I also remember announcement of gif(4) to be retired.
> 
> HISTORY
>  The gif device first appeared in WIDE hydrangea IPv6 kit.
> 
>  Previously, gif supported RFC 3378 EtherIP tunnels over bridge(4)
>  interfaces.  This is now handled by etherip(4).
> 

Yeah, gif interfaces as bridge members, but we don't use bridging here.

Re: OSPF over gif on top of IPsec transport -current

2018-03-13 Thread Marc Peters 
On Tue, Mar 13, 2018 at 10:24:43AM +0100, Remi Locherer wrote:
> > and it is harder for traffic inside the tunnel
> > to leak out of ipsec. more specifically, gif handles 3 ip protocols,
> > ipv4, ipv6, and mpls, which are ip protocol numbers 4, 41, and 137
> > respectively. it is likely that people could set up ipsec to protect
> > ipv4, but forget about ipv6 and mpls. if you then configure v6 or mpls
> > on the gif interface, that traffic will leak.
> 
> I don't see the big difference here between gif and gre. To prevent traffic
> leave your box unprotected you have to setup pf rules in both cases.
> 
> > gre on the other hand is a single ip protocol, so more straightforward
> > to protect. there's also a very clear line in the sand between the
> > inner and outer traffic, which esp tunnel and transport mode lack.
> 
> But gre alone does not protect the traffic! You still need esp transport
> for protection.
> 
> My main point about this is:
> The setup described by Atanas used to work. There are setups out there
> (including mine) that are operational for years and rely on OSPF working
> via gif + esp transport. With the current state of gif these setups will
> break.

Our setup relies on gif interfaces and ipsec in transport mode, too. When 
setting this up, we had issues with the gre setup and gre packets itself brings 
in more headers, which would reduce the payload. That's why we are using ipsec 
(in transport mode) protected gif tunnels for ospf and bgp.

Best,
Marc

Roaming Laptop and slaacd

2017-12-19 Thread Marc Peters 
Hi Florian,

i am sending this email also directly to you, as you are the author of slaacd 
and companions.

When roaming with my Laptop between offices/home or just different IPv6 enabled 
networks, i have to delete the remaining IPv6 addresses from the previous 
network by hand to get it working again. Is it possible, to mark the addresses 
not included in solicitations when stateless autoconfiguration for an interface 
is enabled as deprecated addresses (like the kernel did before) to have them 
not used when the location changed in suspend?
Another question is, that i have the line "/usr/sbin/slaacctl send solicitation 
trunk0" in /etc/apm/resume but need to fire this command again to get addresses 
and routers when resuming my laptop. If you would like me to test some code for 
this, just let me know and i will happily do.

Cheers,
Marc

Re: Need an advice about DHCP IPv6 server software

2017-12-09 Thread Marc Peters 
On Sat, Dec 09, 2017 at 01:50:37PM +0300, Denis wrote:
> Can you share IPv6 part of PF.conf you're using for local network SLAAC?

Did you even bother to open the link Claus send? There is everything neatly 
documented you need IPv6 wise to get it up and running with pf.

hth,
Marc

Re: PDF and PS viewers

2017-12-09 Thread Marc Peters 
On Thu, Dec 07, 2017 at 10:30:55PM +0100, Solène Rapenne wrote:
> Hi, mupdf is fine. Why do you want to change ?
> 

What do you use for printing pdfs?

mutools are great. I like especially the "clean" to clean pdfs from known 
passwords.

Re: nobreak powers down openbsd

2017-10-24 Thread Marc Peters 
On Mon, Oct 23, 2017 at 06:08:56PM +, Friedrich Locke wrote:
> When i wrote nobreak, i really meant UPS.
> I don't have a model; may some one  suggest a model that power off openbsd ?
> 
> Thanks.

You can use NUT (network UPS Tools). It's in ports and supports a lot of
different brands.

hth,
Marc

Re: tar: file is too long for ustar

2017-10-09 Thread Marc Peters 
On Mon, Oct 09, 2017 at 10:23:08AM +, Max Power wrote:
> Hi guys.
> OpenBSD never ceases to amaze me...!!
> 
> Solved the problem about maximum compression with bzip2 by tar, there's 
> another...
> while tar run [tar cvvf - directory | bzip2 -9 -v > directory.tbz2], at a 
> certain point, return:
> tar: file is too long for ustar 
> The file that creates the problem is 30GB.
> 
> What happen? 
> How Can I fix this problem...?
> Thanks.

Base tar is only capable to pack files <10GB. You can switch to
archivers/gtar.

Re: the whole greylisting, spam filtering thing

2017-10-04 Thread Marc Peters 
On Mon, Oct 02, 2017 at 07:16:43AM +, rosjat wrote:
> Hi there again,
> 
> so I will try to ask the question about implementing rspam on a dedicated
> machine oder at the mailsystem again because I don't know if it was lost in
> the converstion :).

How is you setup now? Do you do any analysis or antivirus checking at
all?

I would start to put it on the same machine, as it is designed to use
less resources. If the machine bogs down, take another one and implement
it there. Nobody knows your mail volume or your machines or your
actual setup you're running now except from you ;).

hth,
Marc

> 
> Is there some effort in NOT run rspamd on the same machine as the
> mailsystem? I was just wondering because it could make some transitioning a
> little easier but if the amount of "workarounds" to relays mails through
> another instance is not worth it then I will go with spamfilterting on the
> mailsystem.
> 
> regards
> 
> -- 
> Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de
> 
> G+H Webservice GbR Gorzolla, Herrmann
> Königsbrücker Str. 70, 01099 Dresden
> 
> http://www.ghweb.de
> fon: +49 351 8107220   fax: +49 351 8107227
> 
> Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you
> print it, think about your responsibility and commitment to the ENVIRONMENT
>

Re: ncmpcpp core dumps on amd64

2017-09-06 Thread Marc Peters 
On Tue, Sep 05, 2017 at 08:34:53PM +0200, Ingo Schwarze wrote:
> To make sure that i did not break this, i just did that as well
> on amd64-current: i rebuilt ncmpcpp with all its dependencies,
> and i can no longer reproduce the crash.  So it should be good
> when the next complete package snapshot arrives on your mirror.

> (My system is still slightly Frankenstein'ed because i have various
> ports installed that were built against a libc with my xlocale patch
> but without guenther@'s pthread patch.  Those no longer work, but
> i no longer have anything of that kind in what affects ncmpcpp.)
> 
> Yours,
>   Ingo

Thanks a lot for the update and tests on this.

Cheers,
Marc

Re: ncmpcpp core dumps on amd64

2017-09-05 Thread Marc Peters 
On Tue, Sep 05, 2017 at 04:54:24PM +0200, David Coppa wrote:
> Ingo's POSIX xlocale implementation
> (https://marc.info/?l=openbsd-cvs=150458138122317) should fix it.
> 
> I'm about to rebuild ncmpcpp and all its dependencies to check if it
> is true, but I'm pretty confident...
> 

Thanks for the quick reply and the heads up.

ncmpcpp core dumps on amd64

2017-09-05 Thread Marc Peters 
Hi List,

running Sundays snapshot and just reinstalled ncmpcpp and dependencies
with "pkg_add -D installed -u ncmpcpp" ncmpcpp core dumps:

$ ncmpcpp
terminating with uncaught exception of type std::runtime_error:
ctype_byname::ctype_byname failed to construct for C
Abort trap (core dumped)

CC'ing the maintainer.

Does anyone know what the exception means and how to solve it?

Cheers,
Marc


dmesg:
OpenBSD 6.2-beta (GENERIC.MP) #67: Sun Sep  3 09:57:46 MDT 2017 
 
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
 
real mem = 12759285760 (12168MB)
 
avail mem = 12365582336 (11792MB)   
 
mpath0 at root  
 
scsibus0 at mpath0: 256 targets 
 
mainbus0 at root
 
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0x 
 
cpu1: 256KB 64b/line 8-way L2 cache 
 
cpu1: smt 1, core 0, package 0  
 
cpu2 at mainbus0: apid 2 (application processor)
 
cpu2: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz, 2194.93 MHz 
 
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,SENSOR,ARAT
   
cpu2: 256KB 64b/line 8-way L2 cache 
 
cpu2: smt 0, core 1, package 0  
 
cpu3 at mainbus0: apid 3 (application processor)
 
cpu3: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz, 2194.93 MHz 
 
cpu3:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,SENSOR,ARAT
   
cpu3: 256KB 64b/line 8-way L2 cache 
 
cpu3: smt 1, core 1, package 0  
 
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins  
 
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
 
acpiprt0 at acpi0: bus 0 (PCI0) 
 
acpiprt1 at acpi0: bus -1 (PEG_)
 
acpiprt2 at acpi0: bus 2 (EXP1) 
 
acpiprt3 at acpi0: bus 3 (EXP2) 
 
acpiprt4 at acpi0: bus -1 (EXP3)
 
acpicpu0 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148
mwait.1@0x33), C1(1000@1 mwait.1), PSS   
acpicpu1 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148
mwait.1@0x33), C1(1000@1 mwait.1), PSS   
acpicpu2 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148
mwait.1@0x33), C1(1000@1 mwait.1), PSS   
acpicpu3 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148
mwait.1@0x33), C1(1000@1 mwait.1), PSS   
acpipwrres0 at acpi0: PUBS, resource for XHCI, EHC1 
 
acpipwrres1 at acpi0: NVP3, resource for PEG_   
 
acpipwrres2 at acpi0: NVP2, resource for PEG_   
 
acpitz0 at acpi0: critical temperature is 128 degC  
 
acpibtn0 at acpi0: LID_ 
 
ichiic0 at pci0 dev 31 function 3 "Intel 9 Series SMBus" rev 0x03:
apic 2 int 18 
iic0

Re: IPv6 not working before pinging the gateway

2017-07-04 Thread Marc Peters 
Am 07/04/17 um 11:15 schrieb Florian Obser:
> Marc, does this fix your problem?
> 
> Comments, OKs?
> 
> diff --git nd6_nbr.c nd6_nbr.c
> index fa8d3ed1472..086eeef87ba 100644
> --- nd6_nbr.c
> +++ nd6_nbr.c
> @@ -445,7 +445,8 @@ nd6_ns_output(struct ifnet *ifp, struct in6_addr *daddr6,
>* We use the source address for the prompting packet
>* (saddr6), if:
>* - saddr6 is given from the caller (by giving "ln"), and
> -  * - saddr6 belongs to the outgoing interface.
> +  * - saddr6 belongs to the outgoing interface and
> +  * - if taddr is link local saddr6 musst be link local as well
>* Otherwise, we perform the source address selection as usual.
>*/
>   struct ip6_hdr *hip6;   /* hold ip6 */
> @@ -453,9 +454,12 @@ nd6_ns_output(struct ifnet *ifp, struct in6_addr *daddr6,
>  
>   if (ln && ln->ln_hold) {
>   hip6 = mtod(ln->ln_hold, struct ip6_hdr *);
> - if (sizeof(*hip6) <= ln->ln_hold->m_len)
> + if (sizeof(*hip6) <= ln->ln_hold->m_len) {
>   saddr6 = >ip6_src;
> - else
> + if (saddr6 && IN6_IS_ADDR_LINKLOCAL(taddr6) &&
> + !IN6_IS_ADDR_LINKLOCAL(saddr6))
> + saddr6 = NULL;
> + } else
>   saddr6 = NULL;
>   } else
>   saddr6 = NULL;
> 

Hi Florian,

applied the patch to 6.1-STABLE and it fixes my issues.

Thanks a lot.

Cheers,
Marc

Re: IPv6 not working before pinging the gateway

2017-06-26 Thread Marc Peters 
Am 06/26/17 um 10:58 schrieb Martin Pieuchot:
> On 22/06/17(Thu) 17:59, Marc Peters wrote:
>> Am 06/22/17 um 16:51 schrieb Stefan Sperling:
>>> On Thu, Jun 22, 2017 at 04:05:27PM +0200, Marc Peters wrote:
>>>> Is there any way for us to fix it or is it just a misconfiguration at
>>>> Hetzner?
>>>
>>> It might help to look at what is actually going over the wire
>>> while pings are stuck: tcpdump -n -i em0 ip6
>>>
>>
>> right after flushing the ndp and trying to ping google:
> 
> Could you set net.inet6.icmp6.nd6_debug to 1 and redo this? 
> 
> Do you see anything in the log?
> 

Rebooting the box with the sysctl active show following /var/log/messages:

Jun 26 12:25:35 arafel /bsd: nd6_na_input: ND packet from non-neighbor
Jun 26 12:25:35 arafel apmd: battery status: absent. external power
status: not known. estimated battery life 0%
Jun 26 12:25:36 arafel /bsd: nd6_na_input: ND packet from non-neighbor
Jun 26 12:26:07 arafel last message repeated 15 times
Jun 26 12:28:08 arafel last message repeated 61 times


This is, what i did, including the tcpdumps:

~ # sysctl net.inet6.icmp6.nd6_debug

net.inet6.icmp6.nd6_debug=1
root@arafel
~ # ndp -na
Neighbor Linklayer Address   Netif Expire
S Flags
2a01:4f8:212:216c::2 30:85:a9:a4:ce:5e em0 permanent R l
2a01:4f8:212:216c::2530:85:a9:a4:ce:5e em0 permanent R l
2a01:4f8:212:216c::1:443 30:85:a9:a4:ce:5e em0 permanent R l
fe80::1%em0  (incomplete)  em0 expired
I  1
fe80::3285:a9ff:fea4:ce5e%em030:85:a9:a4:ce:5e em0 permanent R l
root@arafel
~ #
I-search:
~ # ndp -na
~ # ndp -d fe80::1%em0
fe80::1%em0 (fe80::1%em0) deleted
root@arafel
~ # ping6 www.google.de
^C
root@arafel
~ # ndp -na
Neighbor Linklayer Address   Netif Expire
S Flags
2a01:4f8:212:216c::2 30:85:a9:a4:ce:5e em0 permanent R l
2a01:4f8:212:216c::2530:85:a9:a4:ce:5e em0 permanent R l
2a01:4f8:212:216c::1:443 30:85:a9:a4:ce:5e em0 permanent R l
fe80::1%em0  (incomplete)  em0 1s
I  2
fe80::3285:a9ff:fea4:ce5e%em030:85:a9:a4:ce:5e em0 permanent R l
root@arafel
~ # ping6 fe80::1%em0
PING fe80::1%em0 (fe80::1%em0): 56 data bytes
64 bytes from fe80::1%em0: icmp_seq=4 hlim=64 time=821.274 ms
64 bytes from fe80::1%em0: icmp_seq=5 hlim=64 time=1.836 ms
64 bytes from fe80::1%em0: icmp_seq=6 hlim=64 time=0.636 ms
64 bytes from fe80::1%em0: icmp_seq=7 hlim=64 time=0.595 ms
64 bytes from fe80::1%em0: icmp_seq=8 hlim=64 time=0.633 ms
64 bytes from fe80::1%em0: icmp_seq=9 hlim=64 time=1.617 ms
^C
--- fe80::1%em0 ping statistics ---
10 packets transmitted, 6 packets received, 40.0% packet loss
round-trip min/avg/max/std-dev = 0.595/137.765/821.274/305.675 ms
root@arafel
~ # ping6 www.google.de
PING www.google.de (2a00:1450:4001:81e::2003): 56 data bytes
64 bytes from 2a00:1450:4001:81e::2003: icmp_seq=0 hlim=56 time=5.073 ms
64 bytes from 2a00:1450:4001:81e::2003: icmp_seq=1 hlim=56 time=5.019 ms
64 bytes from 2a00:1450:4001:81e::2003: icmp_seq=2 hlim=56 time=5.077 ms
^C
--- www.google.de ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 5.019/5.056/5.077/0.027 ms
root@arafel
~ # ndp -na
Neighbor Linklayer Address   Netif Expire
S Flags
2a01:4f8:212:216c::2 30:85:a9:a4:ce:5e em0 permanent R l
2a01:4f8:212:216c::2530:85:a9:a4:ce:5e em0 permanent R l
2a01:4f8:212:216c::1:443 30:85:a9:a4:ce:5e em0 permanent R l
fe80::1%em0  cc:e1:7f:07:e0:88 em0 13s   R R
fe80::3285:a9ff:fea4:ce5e%em030:85:a9:a4:ce:5e em0 permanent R l
root@arafel
~ # ndp -d fe80::1%em0
fe80::1%em0 (fe80::1%em0) deleted
root@arafel
~ # ping6 www.google.de
PING www.google.de (2a00:1450:4001:81e::2003): 56 data bytes
^C
--- www.google.de ping statistics ---
5 packets transmitted, 0 packets received, 100.0% packet loss
root@arafel
~ # ndp -na
Neighbor Linklayer Address   Netif Expire
S Flags
2a01:4f8:212:216c::2 30:85:a9:a4:ce:5e em0 permanent R l
2a01:4f8:212:216c::2530:85:a9:a4:ce:5e em0 permanent R l
2a01:4f8:212:216c::1:443 30:85:a9:a4:ce:5e em0 permanent R l
fe80::1%em0  cc:e1:7f:07:e0:88 em0 expired   I R
fe80::3285:a9ff:fea4:ce5e%em030:85:a9:a4:ce:5e em0 permanent R l
root@arafel
~ # ping6 www.google.de
PING www.google.de (2a00:1450:4001:81e::2003): 56 data bytes
^C
--- www.google.de ping statistics ---
9 packets transmitted, 0 packets received, 100.0% packet loss
root@arafel
~ # ping fe80::1%em0
ping: no address associated with name
root@arafel
~ # ping6 fe80::1%em0
PING fe80::1%em

Re: IPv6 not working before pinging the gateway

2017-06-22 Thread Marc Peters 
Am 06/22/17 um 16:51 schrieb Stefan Sperling:
> On Thu, Jun 22, 2017 at 04:05:27PM +0200, Marc Peters wrote:
>> Is there any way for us to fix it or is it just a misconfiguration at
>> Hetzner?
> 
> It might help to look at what is actually going over the wire
> while pings are stuck: tcpdump -n -i em0 ip6
> 

right after flushing the ndp and trying to ping google:

~ # tcpdump -n -i em0 ip6

tcpdump: listening on em0, link-type EN10MB

17:52:55.907249 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:52:55.908742 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:52:56.901975 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:52:56.902528 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:52:57.901975 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:52:57.902535 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:52:58.911999 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:52:58.914579 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:52:59.911971 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:52:59.914208 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:00.911968 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:00.913858 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:01.912130 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:01.914075 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:02.911972 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:02.913241 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:03.911961 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:03.913586 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:04.912121 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:04.914017 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:05.827118 2a00:15a8:0:100:0:d91f:50aa:1.179 >
2a01:4f8:212:216c::1:443.26066: P 3374201201:3374201220(19) ack
2980031881 wi
n 267 <nop,nop,timestamp 2273063251 659659698>: BGP (KEEPALIVE)
[flowlabel 0x569b1]
17:53:05.911961 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:05.914806 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:06.826922 2a00:15a8:0:100:0:d91f:50aa:1.179 >
2a01:4f8:212:216c::1:443.26066: P 0:19(19) ack 1 win 267
<nop,nop,timestamp 2
273063253 659659698>: BGP (KEEPALIVE) [flowlabel 0x569b1]

17:53:06.911954 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:06.913726 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:07.912113 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:07.913632 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:08.826940 2a00:15a8:0:100:0:d91f:50aa:1.179 >
2a01:4f8:212:216c::1:443.26066: P 0:19(19) ack 1 win 267
<nop,nop,timestamp 2
273063257 659659698>: BGP (KEEPALIVE) [flowlabel 0x569b1]

17:53:08.911949 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:08.913862 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:09.911951 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:09.913609 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:10.912108 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:10.914284 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:11.911942 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:11.913738 2a01:4f8::a:21:b > 2a01:4f8:212:216c::1:443: icmp6:
neighbor adv: tgt is fe80::1 [class 0xc0]
17:53:12.826657 2a00:15a8:0:100:0:d91f:50aa:1.179 >
2a01:4f8:212:216c::1:443.26066: P 0:19(19) ack 1 win 267
<nop,nop,timestamp 2
273063265 659659698>: BGP (KEEPALIVE) [flowlabel 0x569b1]
17:53:12.911941 2a01:4f8:212:216c::1:443 > ff02::1:ff00:1: icmp6:
neighbor sol: who has fe80::1
17:53:

Re: IPv6 not working before pinging the gateway

2017-06-22 Thread Marc Peters 
Am 06/22/17 um 16:49 schrieb Stuart Henderson:
> On 2017/06/22 16:05, Marc Peters wrote:
>> Am 06/22/17 um 15:30 schrieb Stuart Henderson:
>>>
>>> How are your PF rules? Do they allow NDP packets to pass? If you're
>>> unsure, I would try "pass log inet6 proto icmp6" or similar.
>>>
>>> (this might be a bit of a surprise if used to IPv4 where address
>>> resolution is done by a separate protocol that PF doesn't block).
>>>
>>
>> I don't block any icmp6:
>> pass inet6 proto icmp6 all
>>
>> is already present in my /etc/pf.conf
> 
> Are there any other rules which might interfere with this one? This
> issue feels very much like NDP not getting through in some circumstances.

Here is the running set:
~ # pfctl -sr
block drop log all
block drop in log quick from  to any
match in all scrub (no-df random-id)
match log (matches) proto ipv6-icmp all
pass out on egress proto tcp all flags S/SA
pass out on egress proto udp all
pass out on egress proto icmp all
pass in on em0 inet proto tcp from any to 136.243.67.92 port = 22 flags
S/SA keep state (source-track rule, max-src-conn 15
, max-src-conn-rate 2/60, overload  flush global, src.track 60)
pass in on em0 inet6 proto tcp from any to fe80::3285:a9ff:fea4:ce5e
port = 22 flags S/SA keep state (source-track rule, ma
x-src-conn 15, max-src-conn-rate 2/60, overload  flush global,
src.track 60)
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::2 port =
22 flags S/SA keep state (source-track rule, max-src
-conn 15, max-src-conn-rate 2/60, overload  flush global,
src.track 60)
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::25 port =
22 flags S/SA keep state (source-track rule, max-sr
c-conn 15, max-src-conn-rate 2/60, overload  flush global,
src.track 60)
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::1:443 port
= 22 flags S/SA keep state (source-track rule, max
-src-conn 15, max-src-conn-rate 2/60, overload  flush global,
src.track 60)
pass in on em0 inet6 proto tcp from any to fe80::3285:a9ff:fea4:ce5e
port = 587 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::2 port =
587 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::25 port =
587 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::1:443 port
= 587 flags S/SA
pass in on em0 inet6 proto tcp from any to fe80::3285:a9ff:fea4:ce5e
port = 993 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::2 port =
993 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::25 port =
993 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::1:443 port
= 993 flags S/SA
pass in on em0 inet proto tcp from any to 136.243.67.92 port = 587 flags
S/SA
pass in on em0 inet proto tcp from any to 136.243.67.92 port = 993 flags
S/SA
pass in on em0 proto udp from any to any port 33433 >< 33626
pass inet proto icmp all icmp-type echoreq
pass inet6 proto ipv6-icmp all
pass in log on egress inet proto tcp from any to any port = 25 flags
S/SA rdr-to 127.0.0.1 port 8025
pass in log (to pflog1) on egress proto tcp from  to any port =
25 flags S/SA
pass in log (to pflog1) on egress proto tcp from  to any
port = 25 flags S/SA
pass in log (to pflog1) on egress inet6 proto tcp from any to any port =
25 flags S/SA
pass in log (to pflog1) quick on egress proto tcp from
 to any port = 25 flags S/SA
pass out log (to pflog1) on egress proto tcp from any to any port = 25
flags S/SA
pass in on em0 inet6 proto tcp from any to fe80::3285:a9ff:fea4:ce5e
port = 80 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::2 port =
80 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::25 port =
80 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::1:443 port
= 80 flags S/SA
pass in on em0 inet6 proto tcp from any to fe80::3285:a9ff:fea4:ce5e
port = 443 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::2 port =
443 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::25 port =
443 flags S/SA
pass in on em0 inet6 proto tcp from any to 2a01:4f8:212:216c::1:443 port
= 443 flags S/SA
pass in on em0 inet proto tcp from any to 136.243.67.92 port = 80 flags S/SA
pass in on em0 inet proto tcp from any to 136.243.67.92 port = 443 flags
S/SA
block drop in on ! lo0 proto tcp from any to any port 6000:6010
block drop in on ! lo inet6 from ::1 to any
block drop in on ! lo inet from 127.0.0.0/8 to any
block drop in inet6 from ::1 to any
block drop in on lo0 inet6 from fe80::1 to any
block drop in on ! em0 inet6 from 2a01:4f8:212:216c::/64 to any
block drop in on em0 inet6 from fe80::3285:a9ff:fea4:ce5e to any
block drop in inet6 from 2a01:4f8:212:216c::2 to any
block drop in inet6 from 2a01:4f8:212:216c::25 to any
block drop in inet6 from 2a01:4f8:212:216c::1:443 to any
block drop in i

Re: IPv6 not working before pinging the gateway

2017-06-22 Thread Marc Peters 
Am 06/22/17 um 15:30 schrieb Stuart Henderson:
> 
> How are your PF rules? Do they allow NDP packets to pass? If you're
> unsure, I would try "pass log inet6 proto icmp6" or similar.
> 
> (this might be a bit of a surprise if used to IPv4 where address
> resolution is done by a separate protocol that PF doesn't block).
> 

I don't block any icmp6:
pass inet6 proto icmp6 all

is already present in my /etc/pf.conf

Killing the ndp entry brings my connection down, too:

~ # ndp -na
Neighbor Linklayer Address   Netif Expire
S Flags
2a01:4f8:212:216c::2 30:85:a9:a4:ce:5e em0 permanent R l
2a01:4f8:212:216c::2530:85:a9:a4:ce:5e em0 permanent R l
2a01:4f8:212:216c::1:443 30:85:a9:a4:ce:5e em0 permanent R l
fe80::1%em0  cc:e1:7f:07:e0:88 em0 23h59m54s S R
fe80::3285:a9ff:fea4:ce5e%em030:85:a9:a4:ce:5e em0 permanent R l

~ # ndp -d fe80::1%em0

fe80::1%em0 (fe80::1%em0) deleted

~ # ping6 www.google.de

PING www.google.de (2a00:1450:4001:821::2003): 56 data bytes

^C

--- www.google.de ping statistics ---

13 packets transmitted, 0 packets received, 100.0% packet loss

~ # ping6 fe80::1%em0

PING fe80::1%em0 (fe80::1%em0): 56 data bytes

64 bytes from fe80::1%em0: icmp_seq=0 hlim=64 time=9.001 ms

64 bytes from fe80::1%em0: icmp_seq=1 hlim=64 time=0.610 ms

^C

--- fe80::1%em0 ping statistics ---

2 packets transmitted, 2 packets received, 0.0% packet loss

round-trip min/avg/max/std-dev = 0.610/4.806/9.001/4.196 ms

~ # ping6 www.google.de

PING www.google.de (2a00:1450:4001:821::2003): 56 data bytes

64 bytes from 2a00:1450:4001:821::2003: icmp_seq=0 hlim=56 time=5.014 ms

64 bytes from 2a00:1450:4001:821::2003: icmp_seq=1 hlim=56 time=5.045 ms

^C

--- www.google.de ping statistics ---

2 packets transmitted, 2 packets received, 0.0% packet loss

round-trip min/avg/max/std-dev = 5.014/5.029/5.045/0.015 ms

Is there any way for us to fix it or is it just a misconfiguration at
Hetzner?

IPv6 not working before pinging the gateway

2017-06-22 Thread Marc Peters 
Hi,

i have a server at the german hosting provider Hetzner. They provide
IPv6. You get a /64 assigned for your host. The problem is, that IPv6
doesn't work right after a reboot, but you have to ping the gateway
first and after that, everything works as expected. For that i have a
line in roots crontab:

@reboot sleep 10 && ping6 -c 10 fe80::1\%em0 > /dev/null

mpi@ suggested to stop working around this and fixing it. He asked for
the output of the routing table before pinging the gateway without IPv6
access and after pinging the gateway with working IPv6.

Before:
~ $ route -n show
Routing tables

Internet:
DestinationGatewayFlags   Refs  Use   Mtu  Prio
Iface
default136.243.67.65  UGS  107  402 - 8
em0
224/4  127.0.0.1  URS00 32768 8
lo0
127/8  127.0.0.1  UGRS   00 32768 8
lo0
127.0.0.1  127.0.0.1  UHhl  12  409 32768 1
lo0
136.243.67.64/26   136.243.67.92  UCn10 - 4
em0
136.243.67.65  cc:e1:7f:07:e0:88  UHLch  13 - 3
em0
136.243.67.92  30:85:a9:a4:ce:5e  UHLl   0  121 - 1
em0
136.243.67.127 136.243.67.92  UHb00 - 1
em0

Internet6:
DestinationGatewayFlags
 Refs  Use   Mtu  Prio Iface
defaultfe80::1%em0UGS
2  233 - 8 em0
::/96  ::1UGRS
00 32768 8 lo0
::/104 ::1UGRS
00 32768 8 lo0
::1::1UHhl
   15   74 32768 1 lo0
::127.0.0.0/104::1UGRS
00 32768 8 lo0
::224.0.0.0/100::1UGRS
00 32768 8 lo0
::255.0.0.0/104::1UGRS
00 32768 8 lo0
:::0.0.0.0/96  ::1UGRS
00 32768 8 lo0
2002::/24  ::1UGRS
00 32768 8 lo0
2002:7f00::/24 ::1UGRS
00 32768 8 lo0
2002:e000::/20 ::1UGRS
00 32768 8 lo0
2002:ff00::/24 ::1UGRS
00 32768 8 lo0
2a01:4f8:212:216c::/64 2a01:4f8:212:216c::2   UCPn
02 - 4 em0
2a01:4f8:212:216c::/64 2a01:4f8:212:216c::25  UCPn
00 - 4 em0
2a01:4f8:212:216c::/64 2a01:4f8:212:216c::1:443   UCPn
00 - 4 em0
2a01:4f8:212:216c::2   30:85:a9:a4:ce:5e  UHLl
0   23 - 1 em0
2a01:4f8:212:216c::25  30:85:a9:a4:ce:5e  UHLl
04 - 1 em0
2a01:4f8:212:216c::1:443   30:85:a9:a4:ce:5e  UHLl
0   67 - 1 em0
fe80::/10  ::1UGRS
01 32768 8 lo0
fec0::/10  ::1UGRS
00 32768 8 lo0
fe80::%em0/64  fe80::3285:a9ff:fea4:ce5e%em0  UCn
10 - 4 em0
fe80::1%em0link#1 UHLch
12 - 3 em0
fe80::3285:a9ff:fea4:ce5e%em0  30:85:a9:a4:ce:5e  UHLl
00 - 1 em0
fe80::1%lo0fe80::1%lo0UHl
00 32768 1 lo0
ff01::/16  ::1UGRS
01 32768 8 lo0
ff01::%em0/32  fe80::3285:a9ff:fea4:ce5e%em0  Um
03 - 4 em0
ff01::%lo0/32  ::1Um
01 32768 4 lo0
ff02::/16  ::1UGRS
01 32768 8 lo0
ff02::%em0/32  fe80::3285:a9ff:fea4:ce5e%em0  Um
03 - 4 em0
ff02::%lo0/32  ::1Um
01 32768 4 lo0

Output from not working ping6:
~ $ ping6 www.google.de
PING www.google.de (2a00:1450:4001:821::2003): 56 data bytes
ping6: failed to get receiving hop limit
ping6: failed to get receiving hop limit
ping6: failed to get receiving hop limit
ping6: failed to get receiving hop limit
^C
--- www.google.de ping statistics ---
9 packets transmitted, 0 packets received, 100.0% packet loss


now i ping the GW:
~ $ ping6 -c 5 fe80::1%em0
PING fe80::1%em0 (fe80::1%em0): 56 data bytes
64 bytes from fe80::1%em0: icmp_seq=0 hlim=64

Re: No 008 patch on ftp.eu.openbsd.org yet

2017-05-21 Thread Marc Peters 
Am 05/21/17 um 10:28 schrieb Andreas Kusalananda Kähäri:
> Hi,
> 
> I had to switch to ftp.openbsd.org to get the 008 patch for -stable
> since my preferred mirror, ftp.eu.openbsd.org, doesn't seem to be
> updating.  The timestamp file says last update was run on 1495188001
> (Fri May 19 12:00:01 CEST 2017).
> 
> There is no contact address in
> https://ftp.eu.openbsd.org/pub/OpenBSD/README so I'm hoping that someone
> who know someone who knows how the mirroring is performed will spot this
> and get them to fix it.
> 
> I would also be interested in knowing how often this mirror is
> *supposed* to update (usually it's something like every two hours,
> right?).
> 
> 
> 
> Regards,
> Kusalananda
> 

unfortunately, same is true for
https://ftp.halifax.rwth-aachen.de/openbsd

Re: Adding default IPv6 route fails on 6.1

2017-04-19 Thread Marc Peters 
Am 04/19/17 um 08:47 schrieb Harald Dunkel:
> On 04/18/17 17:05, Stuart Henderson wrote:
> 
>> Mine is in the pkg-readme.
> 
> 
> 
> A pkg-readme? Is this included in the binary package?

Try

$ less /usr/local/share/doc/pkg-readmes/dhcpcd-6.11.5



signature.asc
Description: OpenPGP digital signature

Re: Broken ipsecctl validation in 6.1 ("-n -f " flags) - illegal transform aes-256-gcm

2017-04-18 Thread Marc Peters 
Am 04/18/17 um 14:08 schrieb Bob Jones:
> Hi,
> 
> I have the below in my ipsec.conf :
> ike esp from 198.51.100.0/24 to 10.20.30.0/24 \
> local 198.51.100.15 \
> peer 203.0.113.114 \
> main auth hmac-sha2-512 enc aes-256-gcm group modp8192 lifetime 14400 
> \
^^^
This is not supported. Look at ipsec.conf(5):

   aes-256-gcm 288 bits  [phase 2 only, IKE only]

in main, you can only use aes-256. To use aes-256-gcm, you need an
additional line like

 quick auth hmac-sha2-512 enc aes-256-gcm group modp8192 lifetime 14400


hth,
Marc

> srcid 198.51.100.15 dstid 203.0.113.114 \
> psk “MY_SECRET” \
> tag MY_TAG
> 
> Running "doas ipsecctl -nf /etc/ipsec.conf "  (to validate the config)
> yields no errors.
> 
> But running "doas ipsecctl -f /etc/ipsec.conf "  (to load the config) yields:
> 
> ipsecctl: illegal transform aes-256-gcm
> ipsecctl: failed to add ike rule 0
>

Re: pf.conf: best practice for IP address lookup?

2017-04-16 Thread Marc Peters 
Am 04/16/17 um 16:49 schrieb Florian Ermisch:
> But then I couldn't even say if an address change would trigger
> ifstated(8)…

In this case it would, because an IPv6 address change at Deutsche
Telekom is triggered by a reconnect. I use ifstated to trigger an
asterisk and pf reload.

> 
> Regards, Florian
> 
> [1]: https://tools.ietf.org/html/rfc4193
> [2]: https://www.mail-archive.com/misc@openbsd.org/msg142557.html

Fwd: Output of netstat -m shows lower value with higher kern.maxclusters

2017-04-13 Thread Marc Peters 
Forwarding this also to tech@. Any ideas, anyone?


 Weitergeleitete Nachricht 
Betreff: Output of netstat -m shows lower value with higher kern.maxclusters
Datum: Wed, 12 Apr 2017 13:47:15 +0200
Von: Marc Peters <m...@mpeters.org>
An: Openbsd-Misc <m...@openbsd.org>

Hi,

after i updated from 6.0 to 6.1, i saw that kern.maxclusters was raised
and removed our local change to kern.maxclusters.

Although the value is now way higher, the output shows a lower number
than before:

before the upgrade:
~ # sysctl kern.maxclusters
kern.maxclusters=24578

~ # netstat -m
314 mbufs in use:
298 mbufs allocated to data
6 mbufs allocated to packet headers
10 mbufs allocated to socket names and addresses
296/2192/24584 mbuf 2048 byte clusters in use (current/peak/max)
0/8/24584 mbuf 4096 byte clusters in use (current/peak/max)
0/8/24584 mbuf 8192 byte clusters in use (current/peak/max)
0/14/24584 mbuf 9216 byte clusters in use (current/peak/max)
0/10/24580 mbuf 12288 byte clusters in use (current/peak/max)
0/8/24584 mbuf 16384 byte clusters in use (current/peak/max)
0/8/24584 mbuf 65536 byte clusters in use (current/peak/max)
1948 Kbytes allocated to network (34% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines


after the upgrade:
~ # sysctl kern.maxclusters
kern.maxclusters=262144

~ # netstat -m
40 mbufs in use:
24 mbufs allocated to data
5 mbufs allocated to packet headers
11 mbufs allocated to socket names and addresses
21/168/64 mbuf 2048 byte clusters in use (current/peak/max)
0/0/120 mbuf 2112 byte clusters in use (current/peak/max)
0/8/64 mbuf 4096 byte clusters in use (current/peak/max)
0/0/64 mbuf 8192 byte clusters in use (current/peak/max)
0/0/112 mbuf 9216 byte clusters in use (current/peak/max)
0/0/80 mbuf 12288 byte clusters in use (current/peak/max)
0/0/64 mbuf 16384 byte clusters in use (current/peak/max)
0/0/64 mbuf 65536 byte clusters in use (current/peak/max)
420 Kbytes allocated to network (12% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines


Is this just an output issue, or are the numbers now related to other
values?

Cheers,
Marc

dmesg:
OpenBSD 6.1 (GENERIC.MP) #20: Sat Apr  1 13:45:56 MDT 2017
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 25742729216 (24550MB)
avail mem = 24957874176 (23801MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdf7fe000 (127 entries)
bios0: vendor HP version "P68" date 07/02/2013
bios0: HP ProLiant DL360 G7
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP SPCR MCFG HPET  SPMI ERST APIC SRAT 
BERT HEST DMAR SSDT SSDT SSDT SSDT SSDT
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimcfg0 at acpi0 addr 0xe000, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) CPU X5687 @ 3.60GHz, 3600.61 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: TSC frequency 3600606060 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 133MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
cpu1 at mainbus0: apid 32 (application processor)
cpu1: Intel(R) Xeon(R) CPU X5687 @ 3.60GHz, 3600.14 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 0, package 1
cpu2 at mainbus0: apid 20 (application processor)
cpu2: Intel(R) Xeon(R) CPU X5687 @ 3.60GHz, 3600.13 MHz
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 10, package 0
cpu3 at mainbus0: apid 52 (application processor)
cpu3: Intel(R) Xeon(R) CPU X5687 @ 3.60GHz, 3600.13 MHz
cpu3:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 0, c

Output of netstat -m shows lower value with higher kern.maxclusters

2017-04-12 Thread Marc Peters 
Hi,

after i updated from 6.0 to 6.1, i saw that kern.maxclusters was raised
and removed our local change to kern.maxclusters.

Although the value is now way higher, the output shows a lower number
than before:

before the upgrade:
~ # sysctl kern.maxclusters
kern.maxclusters=24578

~ # netstat -m
314 mbufs in use:
298 mbufs allocated to data
6 mbufs allocated to packet headers
10 mbufs allocated to socket names and addresses
296/2192/24584 mbuf 2048 byte clusters in use (current/peak/max)
0/8/24584 mbuf 4096 byte clusters in use (current/peak/max)
0/8/24584 mbuf 8192 byte clusters in use (current/peak/max)
0/14/24584 mbuf 9216 byte clusters in use (current/peak/max)
0/10/24580 mbuf 12288 byte clusters in use (current/peak/max)
0/8/24584 mbuf 16384 byte clusters in use (current/peak/max)
0/8/24584 mbuf 65536 byte clusters in use (current/peak/max)
1948 Kbytes allocated to network (34% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines


after the upgrade:
~ # sysctl kern.maxclusters
kern.maxclusters=262144

~ # netstat -m
40 mbufs in use:
24 mbufs allocated to data
5 mbufs allocated to packet headers
11 mbufs allocated to socket names and addresses
21/168/64 mbuf 2048 byte clusters in use (current/peak/max)
0/0/120 mbuf 2112 byte clusters in use (current/peak/max)
0/8/64 mbuf 4096 byte clusters in use (current/peak/max)
0/0/64 mbuf 8192 byte clusters in use (current/peak/max)
0/0/112 mbuf 9216 byte clusters in use (current/peak/max)
0/0/80 mbuf 12288 byte clusters in use (current/peak/max)
0/0/64 mbuf 16384 byte clusters in use (current/peak/max)
0/0/64 mbuf 65536 byte clusters in use (current/peak/max)
420 Kbytes allocated to network (12% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines


Is this just an output issue, or are the numbers now related to other
values?

Cheers,
Marc

dmesg:
OpenBSD 6.1 (GENERIC.MP) #20: Sat Apr  1 13:45:56 MDT 2017
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 25742729216 (24550MB)
avail mem = 24957874176 (23801MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdf7fe000 (127 entries)
bios0: vendor HP version "P68" date 07/02/2013
bios0: HP ProLiant DL360 G7
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP SPCR MCFG HPET  SPMI ERST APIC SRAT 
BERT HEST DMAR SSDT SSDT SSDT SSDT SSDT
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimcfg0 at acpi0 addr 0xe000, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) CPU X5687 @ 3.60GHz, 3600.61 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: TSC frequency 3600606060 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 133MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
cpu1 at mainbus0: apid 32 (application processor)
cpu1: Intel(R) Xeon(R) CPU X5687 @ 3.60GHz, 3600.14 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 0, package 1
cpu2 at mainbus0: apid 20 (application processor)
cpu2: Intel(R) Xeon(R) CPU X5687 @ 3.60GHz, 3600.13 MHz
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 10, package 0
cpu3 at mainbus0: apid 52 (application processor)
cpu3: Intel(R) Xeon(R) CPU X5687 @ 3.60GHz, 3600.13 MHz
cpu3:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,POPCNT,AES,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 0, core 10, package 1
cpu4 at mainbus0: apid 2 (application processor)
cpu4: Intel(R) Xeon(R) CPU X5687 @ 3.60GHz, 3600.13 MHz
cpu4:

Re: Please: Is there ANY chance that Linux binaries might run again???

2017-03-07 Thread Marc Peters 
Am 03/07/17 um 23:32 schrieb Stefan Wollny:
> at home this is the way I go, too. But I have to travel to my client's
> place (by train!) and when working in the evening in the hotel room like
> tonight (as I have to leave the office building by 8 pm at the latest)
> it is somewhat inconvenient to take a second laptop with me.
> 

Have you considered Office 365? I used it to do my works Travel Expense,
because they are only providing an Excel File with a ton of Macros. Had
to upload it to OneDrive to open it, but it worked quite well.

Marc

Update: net/openfire-4.1.3

2017-02-28 Thread Marc Peters 
Attached diffs brings openfire to version 4.1.3 for -current and -stable.

Changelog can be found here:
http://download.igniterealtime.org/openfire/docs/4.1.3/changelog.html

4.1.2 and 4.1.3 are mostly Bugfix releases.

Comments, ok?

Marc
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.43
diff -u -p -u -p -r1.43 Makefile
--- Makefile	2 Jan 2017 21:44:28 -	1.43
+++ Makefile	28 Feb 2017 11:07:34 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.43 2017/01/02 21:44:28 juanfra Exp $
 
 COMMENT=	XMPP real time collaboration server
-V =		4.1.1
+V =		4.1.3
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.16
diff -u -p -u -p -r1.16 distinfo
--- distinfo	2 Jan 2017 21:44:28 -	1.16
+++ distinfo	28 Feb 2017 11:07:34 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_1_1.tar.gz) = 9zaMOxQb0eSaP8zq3/W83dBsd6+Ppfhf5VuUVHTxVCQ=
-SIZE (openfire_src_4_1_1.tar.gz) = 103449258
+SHA256 (openfire_src_4_1_3.tar.gz) = Ncn1b0cQlgUVeEZzClQjjj1vqr0qXthl7rwno7uzZCM=
+SIZE (openfire_src_4_1_3.tar.gz) = 103450246
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.39.2.2
diff -u -p -u -p -r1.39.2.2 Makefile
--- Makefile	2 Jan 2017 21:56:47 -	1.39.2.2
+++ Makefile	28 Feb 2017 12:54:51 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.39.2.2 2017/01/02 21:56:47 juanfra Exp $
 
 COMMENT=	XMPP real time collaboration server
-V =		4.1.1
+V =		4.1.3
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.13.2.2
diff -u -p -u -p -r1.13.2.2 distinfo
--- distinfo	2 Jan 2017 21:56:47 -	1.13.2.2
+++ distinfo	28 Feb 2017 12:54:51 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_1_1.tar.gz) = 9zaMOxQb0eSaP8zq3/W83dBsd6+Ppfhf5VuUVHTxVCQ=
-SIZE (openfire_src_4_1_1.tar.gz) = 103449258
+SHA256 (openfire_src_4_1_3.tar.gz) = Ncn1b0cQlgUVeEZzClQjjj1vqr0qXthl7rwno7uzZCM=
+SIZE (openfire_src_4_1_3.tar.gz) = 103450246

Re: fix for isc-dhcp-server IPv6

2017-01-23 Thread Marc Peters 
Am 01/23/17 um 09:16 schrieb Jeremie Courreges-Anglas:
> 
> Cc'ing Brad (maintainer),
> 
> Marc Peters <m...@mpeters.org> writes:
> 
>> Am 01/23/17 um 00:34 schrieb Jeremie Courreges-Anglas:
>>> Stuart Henderson <s...@spacehopper.org> writes:
>>>
>>>>
>>>> Here is the upstream code with more context.
>>>>
>>>>  789 /*
>>>>  790  * Set the target address we're sending to.
>>>>  791  * Enforce the scope ID for bogus BSDs.
>>>>  792  */
>>>>  793 memcpy(, to, sizeof(dst));
>>>>  794 m.msg_name = 
>>>>  795 m.msg_namelen = sizeof(dst);
>>>>  796 ifindex = if_nametoindex(interface->name);
>>>>  797 if (no_global_v6_socket)
>>>>  798 dst.sin6_scope_id = ifindex;
>>>>
>>>> So, setting the scope ID is exactly what they are already trying to do.
>>>> I don't really want to spend much time understanding code which they
>>>> have marked as "XXX: this is gross. we need to go back and overhaul the
>>>> API for socket handling". But it looks like they'd be expecting
>>>> no_global_v6_socket to be set on a BSD which needs the scope id.
>>>
>>> Whether no_global_v6_socket is true doesn't seem to depend on the OS: it
>>> appears true when running dhclient, false when running dhcpd/dhcrelay;
>>> see if_register_linklocal6().  This looks more like a lack of testing,
>>> as it appears safe to set sin6_scope_id everywhere.
>>>
>>>> Better if someone who already knows the code looks at it - can you
>>>> bring this up on dhcp-users or somewhere similar?
>>>
>>> I don't volunteer to move this to dhcp-users... yet.  Maybe the actual
>>> fix is in our base system.  It *looks like* our kernel has indeed a bug,
>>> it should use the ifindex in the cmsg.
>>>
>>
>> Ok, i already prepared a mail i was going to send later today, but if
>> the bug is in our base system, it won't do any good.
>>
>> Maybe someone with knowledge of the network stack can have a look? I
>> would help in testing patches.
> 
> I took a look and I feel dirty.
> 
> The patch below works around the issue by always setting sin6_scope_id.
> In the dhclient case, all platforms both set sin6_scope_id and use the
> cmsg API.  So there shouldn't be breakage on other platforms.
> 
> Thoughts?
> 
> 
> Index: Makefile
> ===
> RCS file: /d/cvs/ports/net/isc-dhcp/Makefile,v
> retrieving revision 1.43
> diff -u -p -r1.43 Makefile
> --- Makefile  24 Oct 2016 12:24:13 -  1.43
> +++ Makefile  22 Jan 2017 23:34:03 -
> @@ -5,6 +5,7 @@ COMMENT-client=   ISC DHCP Client
>  COMMENT-omapi=   ISC DHCP OMAPI
>  
>  VERSION= 4.3.5
> +REVISION=0
>  DISTNAME=isc-dhcp-${VERSION}
>  PKGNAME= isc-dhcp-${VERSION:S/-P/./}
>  PKGNAME-main=isc-dhcp-server-${VERSION:S/-P/./}
> Index: patches/patch-common_socket_c
> ===
> RCS file: patches/patch-common_socket_c
> diff -N patches/patch-common_socket_c
> --- /dev/null 1 Jan 1970 00:00:00 -
> +++ patches/patch-common_socket_c 22 Jan 2017 23:16:05 -
> @@ -0,0 +1,13 @@
> +$OpenBSD$
> +--- common/socket.c.orig Mon Jan 23 00:15:45 2017
>  common/socket.c  Mon Jan 23 00:15:51 2017
> +@@ -794,8 +794,7 @@ ssize_t send_packet6(struct interface_info *interface,
> + m.msg_name = 
> + m.msg_namelen = sizeof(dst);
> + ifindex = if_nametoindex(interface->name);
> +-if (no_global_v6_socket)
> +-dst.sin6_scope_id = ifindex;
> ++dst.sin6_scope_id = ifindex;
> + 
> + /*
> +  * Set the data buffer we're sending. (Using this wacky 
> 
> 

Works here (backported to 4.3.4 for -stable, though).

Re: fix for isc-dhcp-server IPv6

2017-01-22 Thread Marc Peters 
Am 01/23/17 um 00:34 schrieb Jeremie Courreges-Anglas:
> Stuart Henderson  writes:
> 
>>
>> Here is the upstream code with more context.
>>
>>  789 /*
>>  790  * Set the target address we're sending to.
>>  791  * Enforce the scope ID for bogus BSDs.
>>  792  */
>>  793 memcpy(, to, sizeof(dst));
>>  794 m.msg_name = 
>>  795 m.msg_namelen = sizeof(dst);
>>  796 ifindex = if_nametoindex(interface->name);
>>  797 if (no_global_v6_socket)
>>  798 dst.sin6_scope_id = ifindex;
>>
>> So, setting the scope ID is exactly what they are already trying to do.
>> I don't really want to spend much time understanding code which they
>> have marked as "XXX: this is gross. we need to go back and overhaul the
>> API for socket handling". But it looks like they'd be expecting
>> no_global_v6_socket to be set on a BSD which needs the scope id.
> 
> Whether no_global_v6_socket is true doesn't seem to depend on the OS: it
> appears true when running dhclient, false when running dhcpd/dhcrelay;
> see if_register_linklocal6().  This looks more like a lack of testing,
> as it appears safe to set sin6_scope_id everywhere.
> 
>> Better if someone who already knows the code looks at it - can you
>> bring this up on dhcp-users or somewhere similar?
> 
> I don't volunteer to move this to dhcp-users... yet.  Maybe the actual
> fix is in our base system.  It *looks like* our kernel has indeed a bug,
> it should use the ifindex in the cmsg.
> 

Ok, i already prepared a mail i was going to send later today, but if
the bug is in our base system, it won't do any good.

Maybe someone with knowledge of the network stack can have a look? I
would help in testing patches.

fix for isc-dhcp-server IPv6

2017-01-20 Thread Marc Peters 
Hi,

the attached patch fixes the interface index for dhcpv6 answers on
OpenBSD. It is based on the patch from
https://marc.info/?l=openbsd-misc=144067760416819=2

Without the patch, every request will create a log entry with no route
to host:
Jan 20 11:05:50 infra1-DG dhcpd: send_packet6: No route to host
Jan 20 11:05:50 infra1-DG dhcpd: dhcpv6: send_packet6() sent -1 of 133 bytes

Comments, oks?


Marc
Index: patches/patch-common_socket_c
===
RCS file: patches/patch-common_socket_c
diff -N patches/patch-common_socket_c
--- /dev/null	1 Jan 1970 00:00:00 -
+++ patches/patch-common_socket_c	20 Jan 2017 09:39:19 -
@@ -0,0 +1,21 @@
+--- common/socket.c.orig	Thu Jan 19 15:55:02 2017
 common/socket.c	Thu Jan 19 15:58:34 2017
+@@ -793,9 +793,18 @@
+ 	memcpy(, to, sizeof(dst));
+ 	m.msg_name = 
+ 	m.msg_namelen = sizeof(dst);
++
++	/*
++	 * For OpenBSD, needing interface index.
++	 * The preprocessor test is added . . .
++	 */
++	#if defined(__OpenBSD__)
++		dst.sin6_scope_id = ifindex = if_nametoindex(interface->name);
++	#else  /* ! defined(__OpenBSD__) */
+ 	ifindex = if_nametoindex(interface->name);
+ 	if (no_global_v6_socket)
+ 		dst.sin6_scope_id = ifindex;
++	#endif /* ! defined(__OpenBSD__) */
+ 
+ 	/*
+ 	 * Set the data buffer we're sending. (Using this wacky

Update: net/openfire-4.1.1

2017-01-02 Thread Marc Peters 
Attached diff updates Openfire to 4.1.1. Mainly a couple of bugs related
to MySQL where fixed.

Included is a patch for stable as well, as juanfra@ updated it because
of security fixes in 4.1.0 (a big thanks, i missed that).

Comments, ok?


Marc
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.42
diff -u -p -u -p -r1.42 Makefile
--- Makefile	28 Dec 2016 19:51:02 -	1.42
+++ Makefile	2 Jan 2017 10:19:46 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.42 2016/12/28 19:51:02 juanfra Exp $
 
 COMMENT=	XMPP real time collaboration server
-V =		4.1.0
+V =		4.1.1
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.15
diff -u -p -u -p -r1.15 distinfo
--- distinfo	28 Dec 2016 19:51:02 -	1.15
+++ distinfo	2 Jan 2017 10:19:46 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_1_0.tar.gz) = PlKyesntWvGstwZehKQWrQdZlERbVU5418lmckYSy/I=
-SIZE (openfire_src_4_1_0.tar.gz) = 103449811
+SHA256 (openfire_src_4_1_1.tar.gz) = 9zaMOxQb0eSaP8zq3/W83dBsd6+Ppfhf5VuUVHTxVCQ=
+SIZE (openfire_src_4_1_1.tar.gz) = 103449258
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.39.2.1
diff -u -p -u -p -r1.39.2.1 Makefile
--- Makefile	28 Dec 2016 19:58:24 -	1.39.2.1
+++ Makefile	2 Jan 2017 11:38:13 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.39.2.1 2016/12/28 19:58:24 juanfra Exp $
 
 COMMENT=	XMPP real time collaboration server
-V =		4.1.0
+V =		4.1.1
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.13.2.1
diff -u -p -u -p -r1.13.2.1 distinfo
--- distinfo	28 Dec 2016 19:58:24 -	1.13.2.1
+++ distinfo	2 Jan 2017 11:38:13 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_1_0.tar.gz) = PlKyesntWvGstwZehKQWrQdZlERbVU5418lmckYSy/I=
-SIZE (openfire_src_4_1_0.tar.gz) = 103449811
+SHA256 (openfire_src_4_1_1.tar.gz) = 9zaMOxQb0eSaP8zq3/W83dBsd6+Ppfhf5VuUVHTxVCQ=
+SIZE (openfire_src_4_1_1.tar.gz) = 103449258

Re: Update: net/openfire

2016-12-28 Thread Marc Peters 
Am 12/22/16 um 09:12 schrieb Marc Peters:
> Hi,
> 
> openfire 4.1.0 was released yesterday.
> 
> Changelog can be found here:
> 
> http://download.igniterealtime.org/openfire/docs/4.1.0/changelog.html
> 
> 
> Marc
> 

Ping.

New diff for the latest revision attached.
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.41
diff -u -p -u -p -r1.41 Makefile
--- Makefile	20 Dec 2016 19:26:32 -	1.41
+++ Makefile	28 Dec 2016 11:19:34 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.41 2016/12/20 19:26:32 ajacoutot Exp $
 
 COMMENT=	XMPP real time collaboration server
-V =		4.0.3
+V =		4.1.0
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.14
diff -u -p -u -p -r1.14 distinfo
--- distinfo	30 Aug 2016 12:01:40 -	1.14
+++ distinfo	28 Dec 2016 11:19:34 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_0_3.tar.gz) = Lq4KxDgm4OCENjyGQPomrG7BNpqjVL0r2yaML4AbLlU=
-SIZE (openfire_src_4_0_3.tar.gz) = 99135040
+SHA256 (openfire_src_4_1_0.tar.gz) = PlKyesntWvGstwZehKQWrQdZlERbVU5418lmckYSy/I=
+SIZE (openfire_src_4_1_0.tar.gz) = 103449811
Index: pkg/PLIST
===
RCS file: /cvs/ports/net/openfire/pkg/PLIST,v
retrieving revision 1.9
diff -u -p -u -p -r1.9 PLIST
--- pkg/PLIST	25 Jan 2016 15:19:09 -	1.9
+++ pkg/PLIST	28 Dec 2016 11:19:35 -
@@ -342,6 +342,30 @@ openfire/resources/database/upgrade/22/o
 openfire/resources/database/upgrade/22/openfire_postgresql.sql
 openfire/resources/database/upgrade/22/openfire_sqlserver.sql
 openfire/resources/database/upgrade/22/openfire_sybase.sql
+openfire/resources/database/upgrade/23/
+openfire/resources/database/upgrade/23/openfire_db2.sql
+openfire/resources/database/upgrade/23/openfire_hsqldb.sql
+openfire/resources/database/upgrade/23/openfire_mysql.sql
+openfire/resources/database/upgrade/23/openfire_oracle.sql
+openfire/resources/database/upgrade/23/openfire_postgresql.sql
+openfire/resources/database/upgrade/23/openfire_sqlserver.sql
+openfire/resources/database/upgrade/23/openfire_sybase.sql
+openfire/resources/database/upgrade/24/
+openfire/resources/database/upgrade/24/openfire_db2.sql
+openfire/resources/database/upgrade/24/openfire_hsqldb.sql
+openfire/resources/database/upgrade/24/openfire_mysql.sql
+openfire/resources/database/upgrade/24/openfire_oracle.sql
+openfire/resources/database/upgrade/24/openfire_postgresql.sql
+openfire/resources/database/upgrade/24/openfire_sqlserver.sql
+openfire/resources/database/upgrade/24/openfire_sybase.sql
+openfire/resources/database/upgrade/25/
+openfire/resources/database/upgrade/25/openfire_db2.sql
+openfire/resources/database/upgrade/25/openfire_hsqldb.sql
+openfire/resources/database/upgrade/25/openfire_mysql.sql
+openfire/resources/database/upgrade/25/openfire_oracle.sql
+openfire/resources/database/upgrade/25/openfire_postgresql.sql
+openfire/resources/database/upgrade/25/openfire_sqlserver.sql
+openfire/resources/database/upgrade/25/openfire_sybase.sql
 openfire/resources/database/upgrade/4/
 openfire/resources/database/upgrade/4/openfire_db2.sql
 openfire/resources/database/upgrade/4/openfire_hsqldb.sql

Update: net/openfire

2016-12-22 Thread Marc Peters 
Hi,

openfire 4.1.0 was released yesterday.

Changelog can be found here:

http://download.igniterealtime.org/openfire/docs/4.1.0/changelog.html


Marc
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.40
diff -u -p -u -p -r1.40 Makefile
--- Makefile	30 Aug 2016 12:01:40 -	1.40
+++ Makefile	22 Dec 2016 08:09:12 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.40 2016/08/30 12:01:40 landry Exp $
 
 COMMENT=	XMPP real time collaboration server
-V =		4.0.3
+V =		4.1.0
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.14
diff -u -p -u -p -r1.14 distinfo
--- distinfo	30 Aug 2016 12:01:40 -	1.14
+++ distinfo	22 Dec 2016 08:09:12 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_0_3.tar.gz) = Lq4KxDgm4OCENjyGQPomrG7BNpqjVL0r2yaML4AbLlU=
-SIZE (openfire_src_4_0_3.tar.gz) = 99135040
+SHA256 (openfire_src_4_1_0.tar.gz) = PlKyesntWvGstwZehKQWrQdZlERbVU5418lmckYSy/I=
+SIZE (openfire_src_4_1_0.tar.gz) = 103449811
Index: pkg/PLIST
===
RCS file: /cvs/ports/net/openfire/pkg/PLIST,v
retrieving revision 1.9
diff -u -p -u -p -r1.9 PLIST
--- pkg/PLIST	25 Jan 2016 15:19:09 -	1.9
+++ pkg/PLIST	22 Dec 2016 08:09:12 -
@@ -342,6 +342,30 @@ openfire/resources/database/upgrade/22/o
 openfire/resources/database/upgrade/22/openfire_postgresql.sql
 openfire/resources/database/upgrade/22/openfire_sqlserver.sql
 openfire/resources/database/upgrade/22/openfire_sybase.sql
+openfire/resources/database/upgrade/23/
+openfire/resources/database/upgrade/23/openfire_db2.sql
+openfire/resources/database/upgrade/23/openfire_hsqldb.sql
+openfire/resources/database/upgrade/23/openfire_mysql.sql
+openfire/resources/database/upgrade/23/openfire_oracle.sql
+openfire/resources/database/upgrade/23/openfire_postgresql.sql
+openfire/resources/database/upgrade/23/openfire_sqlserver.sql
+openfire/resources/database/upgrade/23/openfire_sybase.sql
+openfire/resources/database/upgrade/24/
+openfire/resources/database/upgrade/24/openfire_db2.sql
+openfire/resources/database/upgrade/24/openfire_hsqldb.sql
+openfire/resources/database/upgrade/24/openfire_mysql.sql
+openfire/resources/database/upgrade/24/openfire_oracle.sql
+openfire/resources/database/upgrade/24/openfire_postgresql.sql
+openfire/resources/database/upgrade/24/openfire_sqlserver.sql
+openfire/resources/database/upgrade/24/openfire_sybase.sql
+openfire/resources/database/upgrade/25/
+openfire/resources/database/upgrade/25/openfire_db2.sql
+openfire/resources/database/upgrade/25/openfire_hsqldb.sql
+openfire/resources/database/upgrade/25/openfire_mysql.sql
+openfire/resources/database/upgrade/25/openfire_oracle.sql
+openfire/resources/database/upgrade/25/openfire_postgresql.sql
+openfire/resources/database/upgrade/25/openfire_sqlserver.sql
+openfire/resources/database/upgrade/25/openfire_sybase.sql
 openfire/resources/database/upgrade/4/
 openfire/resources/database/upgrade/4/openfire_db2.sql
 openfire/resources/database/upgrade/4/openfire_hsqldb.sql

Re: Manual update

2016-12-20 Thread Marc Peters 
Am 12/19/16 um 19:01 schrieb Todd Carpenter:
> Hi All,
> 
> I recently installed 6.0 and was struggling to get my softraid0 stripe to
> build properly and or boot.  I went over section 14 carefully and did some
> research.  The part that I found was missing was the creation of a 100 meg
> partition on the A slice and how to successfully create a bootable raid
> stripe. (I'm sure there is something somewhere that I missed, but I thought
> it would be awesome to include step #2 and #3 in the raid setup)

That's not needed anymore. On the page you mention, it states clearly:

"[...] and booting from softraid devices isn't supported on all of them.
It's currently only possible to boot from RAID1, RAID5 and crypto
volumes on i386, amd64 and sparc64."

The same in the manpages:
http://man.openbsd.org/?query=boot=0=8=default=OpenBSD-current

As this already works for me on several systems, i assume that something
with your process is wrong here. Or you messed up your upgrade (yes, i
upgraded some of the machines).

Hth,
Marc

Re: IPv6 Setup not working on Hetzner server

2016-12-05 Thread Marc Peters 
Am 12/02/16 um 13:39 schrieb Leo Unglaub:
> I just found out that since i changed my mygate up to your suggestion
> that i now have to ping6 fe80::1%em0 first and then i am able to
> connecto to other hosts via IPv6. But not before i pinged the
> fe80::1%em0. WTF?

i have the same setup at hetzner and as someone suggested, i am using in
my root crontab:

@reboot sleep 10 && ping6 -c 10 fe80::1\%em0 > /dev/null

works for me, at least.

Re: softraid(4) full-disk encryption on SSD

2016-11-16 Thread Marc Peters 
Am 11/16/16 um 17:07 schrieb Ax0n:
> I'm less concerned about swap, and more concerned about how a fully
> encrypted softraid Solid State Disk is going to act. I can't find a lot
> about FDE on SSD.
> 

It acts as a normal harddisk would, just faster :). I had one in my
worklaptop i used before for about two years and i have one in my
worklaptop. No problems.

Re: 4th nic for pcengines apu2

2016-10-21 Thread Marc Peters 
Am 10/20/16 um 18:26 schrieb Stuart Henderson:
> 
> You should find out if they have IPMI.  Standard config on many Supermicros
> is to have it enabled, sharing the first main network port if you don't have
> anything plugged into the dedicated one, with the same password on every
> machine.  You do not want this.
> 

Yeah, we have a couple of Supermicros, which have IPMI. Actually, the
IPMI will share any connected onboard nic, if the dedicated is not
connected. These machines at least don't have IPMI and i don't know, if
you can buy any equipped with IPMI.

Re: 4th nic for pcengines apu2

2016-10-20 Thread Marc Peters 
Am 10/19/16 um 21:03 schrieb Marko Cupać:
> Hi,
> 
> I have a budget which is a few times the price of single apu2.
> Actually, initially I planned to use a pair of HPE ProLiant DL20 gen9
> for this purpose. Unfortunately, it appears DL20gen9s won't boot
> OpenBSD: [https://marc.info/?l=openbsd-misc=147611237327210=2]
> If someone has good experience with OpenBSD on entry level HPE ProLiant
> servers that are currently being sold new, please let me know.
> 
> One of requirements for this hardware is that it has to be purchased
> from a local distributor in Serbia, in order to avoid hassle with
> customs, import taxes, first import certification, guarantee period
> etc. PC Engines have distributor here, that's one of the reasons I buy
> their gear. The same with HP. I doubt Lanner and Jetway have
> distributor in Serbia, at least web search didn't return anything.
> 

What about Supermicros with four em(4)? We have a pair of

Product Name: X10SLM+-LN4F

in production for a branch office with couple of ipsec tunnels. They
have four copper nics onboard and PCIe expansion slots, if you are in
need of fiber or additional ports.
Afair, they don't have a raid controller onboard, but we use softraid
with RAID1 on them. I don't know if they have an IPMI, but you get they
idea :).

hth,
Marc

[maintainer update] net/openfire 4.0.3

2016-08-30 Thread Marc Peters 
Hi,

here's a trivial diff to update Openfire to 4.0.3 (attached as file to
avoid mangling).

Changelog:
http://www.igniterealtime.org/builds/openfire/docs/latest/changelog.html

Tested on amd64 -stable and -current.

Marc
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.39
diff -u -p -u -p -r1.39 Makefile
--- Makefile	2 Apr 2016 16:06:04 -	1.39
+++ Makefile	30 Aug 2016 09:27:03 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.39 2016/04/02 16:06:04 benoit Exp $
 
 COMMENT=	XMPP real time collaboration server
-V =		4.0.2
+V =		4.0.3
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.13
diff -u -p -u -p -r1.13 distinfo
--- distinfo	2 Apr 2016 16:06:04 -	1.13
+++ distinfo	30 Aug 2016 09:27:03 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_0_2.tar.gz) = YueopzVDHUX1rXKorpYDdDJ3NycC54LqUUMjv9gKTvs=
-SIZE (openfire_src_4_0_2.tar.gz) = 98972324
+SHA256 (openfire_src_4_0_3.tar.gz) = Lq4KxDgm4OCENjyGQPomrG7BNpqjVL0r2yaML4AbLlU=
+SIZE (openfire_src_4_0_3.tar.gz) = 99135040

Re: Install OpenBSD on disks larger than 2TB

2016-08-05 Thread Marc Peters 
Am 08/05/16 um 11:36 schrieb Leo Unglaub:
> Hey,
> 
> did you do anything special during the installation? Or did you simply
> follow the installer?
> 

dropped to a shell, created the raid by hand. followed the installer but
fixed the boundaries for disklabel as mentioned in an earlier version of
the FAQ which discussed installations on bigger disks way back when i
originally installed that box. You can still find it in the attic:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/www/faq/faq14.html?rev=1.295=text/html#LargeDrive

There is also a section for "Disks larger than 2TB".

But you didn't answered the initial question by Alex, if you install on
a BIOS system or on a UEFI system? UEFI systems with GPT layout need
some addtional steps to get it off the ground correctly.

Re: T450s doesn't resume after suspend

2016-08-05 Thread Marc Peters 
Am 08/05/16 um 10:10 schrieb Marc Peters:
> Hi,
> 
> i have a T450s which doesn't resume after suspended. When i close the
> lid, the laptop suspends correctly but doesn't resume at all. Opening
> the lid or pressing the button doesn't bring it back. I have to reset it.
> 
> An acpidump is available at http://www.mpeters.org/T450s_acpidump.tar.gz
> 
> Anything else needed?
> 
> 
> Marc

Disabling TPM as suggested off-list seems to do the trick.

T450s doesn't resume after suspend

2016-08-05 Thread Marc Peters 
Hi,

i have a T450s which doesn't resume after suspended. When i close the
lid, the laptop suspends correctly but doesn't resume at all. Opening
the lid or pressing the button doesn't bring it back. I have to reset it.

An acpidump is available at http://www.mpeters.org/T450s_acpidump.tar.gz

Anything else needed?


Marc

dmesg:

 $ dmesg
OpenBSD 6.0-current (GENERIC.MP) #0: Wed Aug  3 15:01:44 CEST 2016
r...@mapet.home:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 12759285760 (12168MB)
avail mem = 12368117760 (11795MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xccbfd000 (66 entries)
bios0: vendor LENOVO version "JBET60WW (1.24 )" date 05/25/2016
bios0: LENOVO 20BX004DGE
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SLIC ASF! HPET ECDT APIC MCFG SSDT SSDT SSDT
SSDT SSDT SSDT SSDT SSDT SSDT PCCT SSDT TCPA SSDT UEFI MSDM BATB FPDT
UEFI DMAR
acpi0: wakeup devices LID_(S4) SLPB(S3) IGBE(S4) EXP2(S4) XHCI(S3) EHC1(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpiec0 at acpi0
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz, 2095.48 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz, 2095.16 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 1, core 0, package 0
cpu2 at mainbus0: apid 2 (application processor)
cpu2: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz, 2095.16 MHz
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 1, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz, 2095.16 MHz
cpu3:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG_)
acpiprt2 at acpi0: bus 2 (EXP1)
acpiprt3 at acpi0: bus 3 (EXP2)
acpiprt4 at acpi0: bus -1 (EXP3)
acpicpu0 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpicpu2 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpicpu3 at acpi0: C3(200@233 mwait.1@0x40), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpipwrres0 at acpi0: PUBS, resource for XHCI, EHC1
acpipwrres1 at acpi0: NVP3, resource for PEG_
acpipwrres2 at acpi0: NVP2, resource for PEG_
acpitz0 at acpi0: critical temperature is 128 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
"LEN0071" at acpi0 not configured
"LEN200F" at acpi0 not configured
acpibat0 at acpi0: BAT0 model "45N1113" serial   227 type LION oem "LGC"
acpibat1 at acpi0: BAT1 model "45N1775" serial  2450 type LION oem "SANYO"
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0
"SMO1200" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"INT340F" at acpi0 not configured
acpivideo0 at acpi0: VID_
acpivout at acpivideo0 not configured
cpu0: Enhanced SpeedStep 2095 MHz:

Re: Install OpenBSD on disks larger than 2TB

2016-08-04 Thread Marc Peters 
Am 08/04/16 um 12:20 schrieb Leo Unglaub:
> yes, thats true and it works fine. The problem here seams to be the raid
> 1. Booting from an Raid 1 with disks larger than 2 TB seams to be
> broken. Maybe its not intended to work, but i am unable to find a hint
> about that in the bioctl,bio,softraid manual page. (Maybe thats the
> wrong place?)
> 
> Greetings
> Leo
> 

Works for me:

~ $ sudo disklabel -p m sd2
# /dev/rsd2c:
type: SCSI
disk: SCSI disk
label: SR RAID 1
duid: 7e4e73c2d1d85347
flags:
bytes/sector: 512
sectors/track: 255
tracks/cylinder: 511
sectors/cylinder: 130305
cylinders: 44975
total sectors: 5860532576 # total bytes: 2861588.2M
boundstart: 256
boundend: 5860532576
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize  cpg]
  a:  5153.5M  256  4.2BSD   2048 163841 # /
  b:  8144.1M 10554688swap   # none
  c:   2861588.2M0  unused
  d: 15397.4M 27233760  4.2BSD   2048 163841 # /usr
  e:  5090.0M 58767552  4.2BSD   2048 163841 # /tmp
  f: 10180.1M 69191936  4.2BSD   2048 163841 # /home
  g: 51154.9M 90040736  4.2BSD   2048 163841 # /var
  h:921551.5M194806016  4.2BSD   8192 655361 # /var/www
  i:921551.6M   2082143488  4.2BSD   8192 655361 # /mail
  j:923364.9M   3969481088  4.2BSD   8192 655361 # /dumps

hth,
Marc

Not enough inodes on /usr for ports/xenocara

2016-06-14 Thread Marc Peters 
Hi,

i just did an installation of a HP DL360 Gen9 to test UEFI installations
with 5.9. I just accepted most of the defaults and did this for the
disklabels, too. I wanted to checkout the sources to do release builds,
but the autolayout didn't create enough inodes to do so:

[snip]
U xenocara/xserver/composite/Makefile.am
U xenocara/xserver/composite/Makefile.in
U xenocara/xserver/composite/compalloc.c
U xenocara/xserver/composite/compext.c
U xenocara/xserver/composite/compinit.c
U xenocara/xserver/composite/compint.h
U xenocara/xserver/composite/compositeext.h
U xenocara/xserver/composite/compoverlay.c
U xenocara/xserver/composite/compwindow.c

/usr: create/symlink failed, no inodes free
cvs [checkout aborted]: cannot open
xenocara/xserver/config/CVS/Repository: No space left on device

The layout is:

/usr # df -ikl
Filesystem  1K-blocks  Used Avail Capacity iused   ifree  %iused
 Mounted on
/dev/sd0a 1028878 53078924358 5%1767  154135 1%   /
/dev/sd0l   202395708 4 192275920 0%   1 12794877 0%
  /home
/dev/sd0d 412539010   3919112 0%   6  545656 0%
  /tmp
/dev/sd0f 2061054   157808437991881%  285822   0   100%
  /usr
/dev/sd0g 102887821466076277622%9218  146684 6%
  /usr/X11R6
/dev/sd0h10318462 26502   9776038 0%1820 1323362 0%
  /usr/local
/dev/sd0k 2061054 2   1958000 0%   1  285821 0%
  /usr/obj
/dev/sd0j 2061054805962   115204041%  110019  17580338%
  /usr/src
/dev/sd0e36618012  5154  34781958 0% 186 4676932 0%
  /var

The disk is a 300G SAS:
/usr # dmesg | grep sd0
sd0 at scsibus1 targ 0 lun 0:  SCSI3 0/direct
fixed
sd0: 286070MB, 512 bytes/sector, 585871964 sectors
root on sd0a (bd36a419525ca0cb.a) swap on sd0b dump on sd0b

Maybe the caclculation of the autolayout can be adjusted to provide
enough inodes to checkout the sources and build the system.


Marc

dmesg:
OpenBSD 5.9 (GENERIC.MP) #1888: Fri Feb 26 01:20:19 MST 2016
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 34208731136 (32623MB)
avail mem = 33167773696 (31631MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0x788cc000 (216 entries)
bios0: vendor HP version "P89" date 08/26/2014
bios0: HP ProLiant DL360 Gen9
acpi0 at bios0: rev 2
acpi0: sleep states S0 S5
acpi0: tables DSDT FACP UEFI MCEJ SSDT HEST BERT ERST EINJ HPET PMCT
WDDT APIC MCFG SLIT SRAT SPMI RASF SPCR MSCT BDAT PCCT DMAR SSDT SSDT
SSDT BGRT
acpi0: wakeup devices PEX4(S4) BR05(S4) BR03(S4) BR07(S4) BR11(S4)
BR13(S4) BR15(S4) BR17(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz, 2397.53 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,PQM,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz, 2397.23 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,PQM,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: failed to identify
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz, 2397.23 MHz
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,PQM,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: failed to identify
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz, 2397.23 MHz
cpu3:

Re: Random delay on incoming SMTP connection to OpenSMTPD

2016-06-13 Thread Marc Peters 
Am 06/11/16 um 10:47 schrieb ML mail:
> This VM has 2 GB of RAM and 2 vCPUs and does only serve as a mail gateway,
> nothing else really. Does SpamAssassin really need so much resources?

Of course, it perl ;).

You could use something like amavis, which does additionally queueing
and invoking spamassassin or use something less resources consuming and
fast like rspamd, which does the job in C. A port for rspamd is there,
but not for rmilter.

Re: rdomain and dhcrelay

2016-05-09 Thread Marc Peters 
Am 05/09/16 um 08:20 schrieb Holger Glaess:
> hi
> 
> is there an possiblity to forward dhcp request from
> an rdomain X to the runing dhcp server in rdomain 0 ?
> 
> 
> if i start the dhcrelay -i em1 192.168.131.250,
> 
> i see that he forward the request but never reach the server.
> 
> the clients in rdoamin 0 works with the dhcp server.
> 
> or it is need to modify the dhcrelay with an option ,
> 
> route -n -T 2 exec dhcrelay -i em1 -V 0 192.168.131.250
> 
> ?
> em1 is part of rdomain 2.
> 192.168.131.xxx ist part of rdomain 0
> 
> holger
> 

You can shove the packets to the correct rdomain with pf or pair(4)
maybe of help:

"Add pair(4), a vether-based virtual Ethernet driver to interconnect
rdomains and bridges on the local system."

http://www.openbsd.org/plus59.html


HTH,
Marc

[maintainer update] net/openfire 4.0.2

2016-03-24 Thread Marc Peters 
Hi,

here's a diff to update Openfire to 4.0.2 (attached as file to avoid
mangling).

Changelog:
http://www.igniterealtime.org/builds/openfire/docs/latest/changelog.html

Tested on amd64 -stable and -current.

Marc

Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.38
diff -u -p -u -p -r1.38 Makefile
--- Makefile	4 Feb 2016 15:22:47 -	1.38
+++ Makefile	24 Mar 2016 19:52:39 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.38 2016/02/04 15:22:47 benoit Exp $
 
 COMMENT=	XMPP real time collaboration server
-V =		4.0.1
+V =		4.0.2
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.12
diff -u -p -u -p -r1.12 distinfo
--- distinfo	4 Feb 2016 15:22:47 -	1.12
+++ distinfo	24 Mar 2016 19:52:39 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_0_1.tar.gz) = 5nW56qOA8dYoiwYBLkkbfPbHXk1nIANjUWRHsFKjLFM=
-SIZE (openfire_src_4_0_1.tar.gz) = 98970606
+SHA256 (openfire_src_4_0_2.tar.gz) = YueopzVDHUX1rXKorpYDdDJ3NycC54LqUUMjv9gKTvs=
+SIZE (openfire_src_4_0_2.tar.gz) = 98972324

Re: Industrial use of line printers, does/would your company/organization use them with our lpd?

2016-02-18 Thread Marc Peters 
Am 02/18/16 um 06:28 schrieb Andy Bradford:
> 
> Anyway,  just  some  musings.  Is  there anyone  else  out  there  using
> lpr/lpd/lprm from base? Maybe I'm the only one?
> 
> Thanks,
> 
> Andy
> 

I've connected a Kyocera FS-920 to my router and all hosts (*bsd, mac,
win) do their printing on it (just b needed). Done the configuration
years ago with the help of apsfilter:

lp|PS;r=600x600;q=medium;c=gray;p=a4;m=auto:\
:lp=/dev/ulpt0:\
:if=/etc/apsfilter/basedir/bin/apsfilter:\
:sd=/var/spool/lpd/lp:\
:lf=/var/spool/lpd/lp/log:\
:af=/var/spool/lpd/lp/acct:\
:mx#0:\
:sh:

lpd is not very chatty when it comes to errors, though.

Marc

Re: vlan on trunk member not permitted

2016-02-11 Thread Marc Peters 
Am 02/10/16 um 13:54 schrieb Stuart Henderson:
> 
> trunk is normally for interfaces which are completely interchangeable,
> i.e. configured identically from a layer-3 point of view (same
> subnets/vlans/etc).
> 
> If it used to work with em0 being both a vlandev and a trunkport,
> that was probably a bug, I would expect it to be rejected the same
> way that configuring an IP address on a trunkport is rejected.
> 
> For a normal wired-and-wireless setup with different subnets on each,
> you would normally just run dhclient on multiple interfaces.
> 

Thanks for your explanation. Changing vlandev to trunk0 works:

vlan6: flags=208843
mtu 1500
lladdr 3c:97:0e:ea:61:d1
priority: 0
vlan: 6 parent interface: trunk0
groups: vlan egress
status: active
inet6 fe80::3e97:eff:feea:61d1%vlan6 prefixlen 64 scopeid 0x9
inet6 2001:920:1846:1dc0:3e97:eff:feea:61d1 prefixlen 64
autoconf pltime 604797 vltime 2591997
inet6 2001:920:1846:1dc0:78a2:faf1:f165:8ef0 prefixlen 64
autoconf autoconfprivacy pltime 85969 vltime 604797

Re: vlan on trunk member not permitted

2016-02-10 Thread Marc Peters 
Am 02/10/16 um 10:44 schrieb Kapetanakis Giannis:
> Maybe iwn0 does not support vlan?
> 
> I don't see anything relative on it's product brief sheet.
> http://www.intel.com/content/dam/www/public/us/en/documents/product-briefs/centrino-advanced-n-6205-brief.pdf
> 
> 
> Did you try to start vlan 6 on iwn0 (instead of em0) and see if it works.
> If both interfaces support vlan then vlan on top of trunk should not be
> a problem.
> I've used that configuration for both failover and lacp setups.

The vlan device should be em0 only, as this is the only interface i
define in the config and not trunk0. The vlan is only available on the
wire, so i would have no need to use trunk0 oder iwn0 as underlying device.

vlan on trunk member not permitted

2016-02-09 Thread Marc Peters 
Hi list,

for my laptop, i created a trunk(4) interface with em0 and iwn0 as
members. IPv6 is provided on a separate vlan for now. Without trunking
the interfaces, the vlan interface comes up and everything's working fine:

~ $ ifconfig
lo0: flags=8049 mtu 32768
priority: 0
groups: lo
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff00
em0: flags=18843 mtu 1500
lladdr 3c:97:0e:ea:61:d1
priority: 0
groups: egress
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 192.168.45.27 netmask 0xf000 broadcast 192.168.47.255
iwn0: flags=8802 mtu 1500
lladdr e0:9d:31:5f:e0:d4
priority: 4
groups: wlan
media: IEEE802.11 autoselect (HT-MCS7 mode 11n)
status: no network
ieee80211: nwid trvnet wpakey  wpaprotos
wpa1,wpa2 wpaakms psk wpaciphers tkip,ccmp wpagroupcipher tkip
enc0: flags=0<>
priority: 0
groups: enc
status: active
vlan6: flags=0<> mtu 1500
lladdr 00:00:00:00:00:00
priority: 0
groups: vlan
pflog0: flags=141 mtu 33144
priority: 0
groups: pflog

~ $ sudo /bin/sh /etc/netstart vlan6

~ $ ifconfig vlan6
vlan6: flags=208843
mtu 1500
lladdr 3c:97:0e:ea:61:d1
priority: 0
vlan: 6 parent interface: em0
groups: vlan egress
status: active
inet6 fe80::3e97:eff:feea:61d1%vlan6 prefixlen 64 scopeid 0x6
inet6 2001:920:1846:1dc0:3e97:eff:feea:61d1 prefixlen 64
autoconf pltime 604784 vltime 2591984
inet6 2001:920:1846:1dc0:49c:5dec:15c2:dc16 prefixlen 64
autoconf autoconfprivacy pltime 86366 vltime 604784


If the interface em0 is member of the trunk interface, the vlan
interface doesn't get configured:
~ $ ifconfig
lo0: flags=8049 mtu 32768
priority: 0
groups: lo
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff00
em0:
flags=18b43
mtu 1500
lladdr 3c:97:0e:ea:61:d1
priority: 0
trunk: trunkdev trunk0
media: Ethernet autoselect (1000baseT full-duplex)
status: active
iwn0: flags=8943 mtu 1500
lladdr 3c:97:0e:ea:61:d1
priority: 4
trunk: trunkdev trunk0
groups: wlan
media: IEEE802.11 autoselect (HT-MCS0 mode 11n)
status: active
ieee80211: nwid trvnet chan 48 bssid 68:9c:e2:f4:a3:2f -55dBm
wpakey  wpaprotos wpa1,wpa2 wpaakms psk wpaciphers
tkip,ccmp wpagroupcipher tkip
enc0: flags=0<>
priority: 0
groups: enc
status: active
pflog0: flags=141 mtu 33144
priority: 0
groups: pflog
trunk0: flags=208843
mtu 1500
lladdr 3c:97:0e:ea:61:d1
priority: 0
trunk: trunkproto failover
trunkport iwn0
trunkport em0 master,active
groups: trunk egress
media: Ethernet autoselect
status: active
inet6 fe80::3e97:eff:feea:61d1%trunk0 prefixlen 64 scopeid 0x8
inet 192.168.43.160 netmask 0xf000 broadcast 192.168.47.255

~ $ sudo /bin/sh /etc/netstart vlan6
ifconfig: SIOCSETVLAN: Protocol not supported
ifconfig: SIOCIFAFATTACH: Invalid argument
ifconfig: SIOCSIFXFLAGS: Invalid argument

~ $ ifconfig
lo0: flags=8049 mtu 32768
priority: 0
groups: lo
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff00
em0:
flags=18b43
mtu 1500
lladdr 3c:97:0e:ea:61:d1
priority: 0
trunk: trunkdev trunk0
media: Ethernet autoselect (1000baseT full-duplex)
status: active
iwn0: flags=8943 mtu 1500
lladdr 3c:97:0e:ea:61:d1
priority: 4
trunk: trunkdev trunk0
groups: wlan
media: IEEE802.11 autoselect (HT-MCS0 mode 11n)
status: active
ieee80211: nwid trvnet chan 48 bssid 68:9c:e2:f4:a3:2f -54dBm
wpakey  wpaprotos wpa1,wpa2 wpaakms psk wpaciphers
tkip,ccmp wpagroupcipher tkip
enc0: flags=0<>
priority: 0
groups: enc
status: active
pflog0: flags=141 mtu 33144
priority: 0
groups: pflog
trunk0: flags=208843
mtu 1500
lladdr 3c:97:0e:ea:61:d1
priority: 0
trunk: trunkproto failover
trunkport

[maintainer update] net/openfire 4.0.1

2016-02-04 Thread Marc Peters 
Hi,

here's a diff to bring Openfire to 4.0.1 (attached as file to avoid
mangling).

Changelog:
http://www.igniterealtime.org/builds/openfire/docs/latest/changelog.html

Tested on amd64 -current and -stable.

Marc
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.37
diff -u -p -u -p -r1.37 Makefile
--- Makefile	25 Jan 2016 15:19:09 -	1.37
+++ Makefile	4 Feb 2016 14:27:38 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.37 2016/01/25 15:19:09 sthen Exp $
 
 COMMENT=	XMPP real time collaboration server
-V =		4.0.0
+V =		4.0.1
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.11
diff -u -p -u -p -r1.11 distinfo
--- distinfo	25 Jan 2016 15:19:09 -	1.11
+++ distinfo	4 Feb 2016 14:27:38 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_4_0_0.tar.gz) = x+U1iRMmNp9T0l1o5xenWynyeEFgLLt0DZUhx+DoPKo=
-SIZE (openfire_src_4_0_0.tar.gz) = 99006362
+SHA256 (openfire_src_4_0_1.tar.gz) = 5nW56qOA8dYoiwYBLkkbfPbHXk1nIANjUWRHsFKjLFM=
+SIZE (openfire_src_4_0_1.tar.gz) = 98970606

Re: [maintainer update] update to Openfire 4.0.0

2016-01-23 Thread Marc Peters 
Am 01/16/16 um 18:30 schrieb Marc Peters:
> Hi list,
> 
> here's an update to Openfire 4.0.0. The changelog can be found here:
> http://www.igniterealtime.org/builds/openfire/docs/latest/changelog.html
> 
> Attached as patch to avoid mangling.
> 
> Openfire pulls now jdk-1.8 and dependencies.
> 
> Tested on amd64. Comments/OKs?
> 
> 
> Marc
> 

Ping. I would like to have this in 5.9.

[maintainer update] update to Openfire 4.0.0

2016-01-16 Thread Marc Peters 
Hi list,

here's an update to Openfire 4.0.0. The changelog can be found here:
http://www.igniterealtime.org/builds/openfire/docs/latest/changelog.html

Attached as patch to avoid mangling.

Openfire pulls now jdk-1.8 and dependencies.

Tested on amd64. Comments/OKs?


Marc
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.36
diff -u -p -u -p -r1.36 Makefile
--- Makefile	23 Nov 2015 14:17:43 -	1.36
+++ Makefile	16 Jan 2016 12:46:55 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.36 2015/11/23 14:17:43 benoit Exp $
 
 COMMENT=	XMPP real time collaboration server
-V =		3.10.3
+V =		4.0.0
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
@@ -18,7 +18,7 @@ PERMIT_PACKAGE_CDROM=	Yes
 NO_TEST=	yes
 
 MODULES=	java
-MODJAVA_VER=	1.7+
+MODJAVA_VER=	1.8+
 MODJAVA_JRE=	Yes
 MODJAVA_BUILD=	ant
 
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.10
diff -u -p -u -p -r1.10 distinfo
--- distinfo	23 Nov 2015 14:17:43 -	1.10
+++ distinfo	16 Jan 2016 12:46:55 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_3_10_3.tar.gz) = BPzSBcECNruT3dshJ1cE0YpZUJZPV7jGPlI7/FL+Ndg=
-SIZE (openfire_src_3_10_3.tar.gz) = 128443231
+SHA256 (openfire_src_4_0_0.tar.gz) = x+U1iRMmNp9T0l1o5xenWynyeEFgLLt0DZUhx+DoPKo=
+SIZE (openfire_src_4_0_0.tar.gz) = 99006362
Index: pkg/PLIST
===
RCS file: /cvs/ports/net/openfire/pkg/PLIST,v
retrieving revision 1.8
diff -u -p -u -p -r1.8 PLIST
--- pkg/PLIST	15 May 2015 10:48:37 -	1.8
+++ pkg/PLIST	16 Jan 2016 12:46:55 -
@@ -15,13 +15,8 @@ openfire/lib/
 openfire/lib/bcpg-jdk15on.jar
 openfire/lib/bcpkix-jdk15on.jar
 openfire/lib/bcprov-jdk15on.jar
-openfire/lib/commons-el.jar
 openfire/lib/hsqldb.jar
-openfire/lib/jasper-compiler.jar
-openfire/lib/jasper-runtime.jar
 openfire/lib/javax.websocket-api.jar
-openfire/lib/jdic.jar
-openfire/lib/jetty-schemas.jar
 openfire/lib/jtds.jar
 openfire/lib/log4j.xml
 openfire/lib/mail.jar
@@ -29,10 +24,8 @@ openfire/lib/mysql.jar
 openfire/lib/npn-boot.jar
 openfire/lib/openfire.jar
 openfire/lib/postgres.jar
-openfire/lib/servlet-api.jar
 openfire/lib/slf4j-log4j12.jar
 openfire/lib/startup.jar
-openfire/lib/tray.dll
 @mode 770
 @owner root
 @group _openfire
@@ -46,6 +39,8 @@ openfire/plugins/admin/plugin.xml
 openfire/plugins/admin/webapp/
 openfire/plugins/admin/webapp/WEB-INF/
 openfire/plugins/admin/webapp/WEB-INF/admin.tld
+openfire/plugins/admin/webapp/WEB-INF/classes/
+openfire/plugins/admin/webapp/WEB-INF/classes/openfire_init.xml
 openfire/plugins/admin/webapp/WEB-INF/decorators.xml
 openfire/plugins/admin/webapp/WEB-INF/dwr.xml
 openfire/plugins/admin/webapp/WEB-INF/lib/
@@ -53,7 +48,13 @@ openfire/plugins/admin/webapp/WEB-INF/li
 openfire/plugins/admin/webapp/WEB-INF/lib/commons-fileupload.jar
 openfire/plugins/admin/webapp/WEB-INF/lib/commons-io.jar
 openfire/plugins/admin/webapp/WEB-INF/lib/dwr.jar
+openfire/plugins/admin/webapp/WEB-INF/lib/readme.txt
+openfire/plugins/admin/webapp/WEB-INF/lib/versions.txt
 openfire/plugins/admin/webapp/WEB-INF/sitemesh.xml
+openfire/plugins/admin/webapp/WEB-INF/tags/
+openfire/plugins/admin/webapp/WEB-INF/tags/admin/
+openfire/plugins/admin/webapp/WEB-INF/tags/admin/contentBox.tagx
+openfire/plugins/admin/webapp/WEB-INF/tags/admin/infoBox.tagx
 openfire/plugins/admin/webapp/WEB-INF/web.xml
 openfire/plugins/admin/webapp/favicon.ico
 openfire/plugins/admin/webapp/images/
@@ -119,6 +120,7 @@ openfire/plugins/admin/webapp/images/jiv
 openfire/plugins/admin/webapp/images/jive-tertnav-top.gif
 openfire/plugins/admin/webapp/images/language_zh_CN.gif
 openfire/plugins/admin/webapp/images/lock.gif
+openfire/plugins/admin/webapp/images/lock_both.gif
 openfire/plugins/admin/webapp/images/login_background.png
 openfire/plugins/admin/webapp/images/login_boxbg.gif
 openfire/plugins/admin/webapp/images/login_header.gif
@@ -332,6 +334,14 @@ openfire/resources/database/upgrade/21/o
 openfire/resources/database/upgrade/21/openfire_postgresql.sql
 openfire/resources/database/upgrade/21/openfire_sqlserver.sql
 openfire/resources/database/upgrade/21/openfire_sybase.sql
+openfire/resources/database/upgrade/22/
+openfire/resources/database/upgrade/22/openfire_db2.sql
+openfire/resources/database/upgrade/22/openfire_hsqldb.sql
+openfire/resources/database/upgrade/22/openfire_mysql.sql
+openfire/resources/database/upgrade/22/openfire_oracle.sql
+openfire/resources/database/upgrade/22/openfire_postgresql.sql
+openfire/resources/database/upgrade/22/openfire_sqlserver.sql
+openfire/resources/database/upgrade/22/openfire_sybase.sql
 openfire/resources/database/upgrade/4/
 openfire/resources/database/upgrade/4/openfire_db2.sql
 openfire/resources/database/upgrade/4/openfire_hsqldb.sql

Re: [update] abcde 2.5.4 -> 2.7.1; take 3

2015-11-23 Thread Marc Peters 
Am 11/22/15 um 22:11 schrieb Marc Peters:
> 
> Here an updated diff against -current ports.
> 
> Comments/OKs?
> 
> 
> Marc
> 

As spotted offlist, now without REVISION.
? abcde-2.7.1.patch
Index: Makefile
===
RCS file: /cvs/ports/audio/abcde/Makefile,v
retrieving revision 1.23
diff -u -p -u -p -r1.23 Makefile
--- Makefile	24 Aug 2015 23:19:57 -	1.23
+++ Makefile	23 Nov 2015 17:04:16 -
@@ -2,8 +2,7 @@
 
 COMMENT=	command-line utility to rip and encode audio cds
 
-DISTNAME=	abcde-2.5.4
-REVISION=	1
+DISTNAME=	abcde-2.7.1
 CATEGORIES=	audio
 
 HOMEPAGE=	http://abcde.einval.com/
Index: distinfo
===
RCS file: /cvs/ports/audio/abcde/distinfo,v
retrieving revision 1.9
diff -u -p -u -p -r1.9 distinfo
--- distinfo	2 Mar 2013 13:03:17 -	1.9
+++ distinfo	23 Nov 2015 17:04:16 -
@@ -1,2 +1,2 @@
-SHA256 (abcde-2.5.4.tar.gz) = hbZ5uXDnKKmGSHrcv/fFHrDnL5+hDERQUh+OAp+m5ZE=
-SIZE (abcde-2.5.4.tar.gz) = 104229
+SHA256 (abcde-2.7.1.tar.gz) = NAHjl4WyDt7oQ9TYdbR9K1WfdkaBxILESRqMi6YF8lA=
+SIZE (abcde-2.7.1.tar.gz) = 144302
Index: patches/patch-abcde
===
RCS file: /cvs/ports/audio/abcde/patches/patch-abcde,v
retrieving revision 1.7
diff -u -p -u -p -r1.7 patch-abcde
--- patches/patch-abcde	21 Nov 2012 20:38:48 -	1.7
+++ patches/patch-abcde	23 Nov 2015 17:04:16 -
@@ -1,14 +1,13 @@
-$OpenBSD: patch-abcde,v 1.7 2012/11/21 20:38:48 sthen Exp $
 abcde.orig	Tue Sep 18 15:09:31 2012
-+++ abcde	Sat Nov 17 16:09:52 2012
+--- abcde.orig	Sun Oct  4 11:30:28 2015
 abcde	Thu Oct 22 15:51:49 2015
 @@ -1,4 +1,4 @@
 -#!/bin/bash
 +#!${LOCALBASE}/bin/bash
  # Copyright (c) 1998-2001 Robert Woodcock <r...@debian.org>
  # Copyright (c) 2003-2006 Jesus Climent <jesus.clim...@hispalinux.es>
  # Copyright (c) 2009-2012 Colin Tuckley <col...@debian.org>
-@@ -833,6 +833,16 @@ do_tag ()
- 		${TPE2:+--set-text-frame=TPE2:"$TPE2"} \
+@@ -839,6 +839,16 @@
+ 		${TPE2:+--TPE2 "$TPE2"} \
  		"$ABCDETEMPDIR/track$1.$OUTPUT"
  	;;
 +id3tag)
@@ -21,56 +20,55 @@ $OpenBSD: patch-abcde,v 1.7 2012/11/21 2
 +		${TRACKNUM:+-T "$TRACKS"} \
 +		"$ABCDETEMPDIR/track$1.$OUTPUT"
 +	;;
- # FIXME # Still not activated...
- id3ed)
- 	run_command tagtrack-$OUTPUT-$1 nice $ENCNICE \
-@@ -3165,7 +3175,7 @@ VAPLAYLISTFORMAT='${ARTISTFILE}-${ALBUMFILE}.${OUTPUT}
+ eyed3*)
+ 	# FIXME # track numbers in mp3 come with 1/10, so we cannot
+ 	# happily substitute them with $TRACKNUM
+@@ -3471,7 +3481,7 @@
  VAPLAYLISTDATAPREFIX=''
  DOSPLAYLIST=n
  COMMENT=''
--ID3TAGV=2
+-ID3TAGV=id3v2.4
 +ID3TAGV=id3tag
  ENCNICE=10
  READNICE=10
  DISTMP3NICE=10
-@@ -3207,6 +3217,7 @@ AACENC=faac
- 
+@@ -3537,6 +3547,7 @@
  ID3=id3
  ID3V2=id3v2
+ MID3V2=mid3v2
 +ID3TAG=id3tag
  EYED3=eyeD3
  VORBISCOMMENT=vorbiscomment
  METAFLAC=metaflac
-@@ -3259,6 +3270,7 @@ AACENCOPTS=
+@@ -3621,6 +3632,7 @@
+ FFMPEGENCOPTS=
  
  ID3OPTS=
- ID3V2OPTS=
 +ID3TAGOPTS=
+ EYED3OPTS=""
+ ATOMICPARSLEYOPTS=
  CDPARANOIAOPTS=
- CDDA2WAVOPTS=
- DAGRABOPTS=
-@@ -3310,7 +3322,7 @@ elif [ X$(uname) = "XDarwin" ] ; then
- 	NEEDDISKUTIL=y
- 	CDROMREADERSYNTAX=cddafs
+@@ -3683,7 +3695,7 @@
+ 	# We won't find the eject program in OSX, and doing checkexec will fail further below...
+ 	unset EJECT
  elif [ X$(uname) = "XOpenBSD" ] ; then
 -	HTTPGET=wget
 +	HTTPGET=ftp
  	MD5SUM=md5
  	OSFLAVOUR=OBSD
  elif [ X$(uname) = "XNetBSD" ] ; then
-@@ -3875,11 +3887,15 @@ esac
- if [ "$ID3TAGV" = "1" ]; then
- 	TAGGER="$ID3"
- 	TAGGEROPTS="$ID3OPTS"
-+else if [ "$ID3TAGV" = "id3tag" ]; then
-+	TAGGER="$ID3TAG"
-+	TAGGEROPTS="$ID3TAGOPTS"
- else
- 	TAGGER="$EYED3"
- 	TAGGEROPTS="$ID3V2OPTS"
- 	ID3SYNTAX=eyed3
- 	TAGGEROPTS="--set-encoding=utf16-LE $ID3V2OPTS"
-+fi
- fi
- 
- # NOGAP is specific to lame. Other encoders fail ...
+@@ -4427,8 +4439,13 @@
+ 			TAGGEROPTS="--encoding utf16 $EYED3OPTS"
+ 		fi
+ 		;;
++	id3tag)
++		TAGGER="$ID3TAG"
++		ID3SYNTAX=id3tag
++		TAGGEROPTS="$ID3TAGOPTS"
++		;;
+ 	*)
+-		log error "Error: ID3TAGV must be either \"id3v1\", \"id3v2.3\" or \"id3v2.4\""
++		log error "Error: ID3TAGV must be either \"id3v1\", \"id3v2.3\", \"id3v2.4\" or \"id3tag\""
+ 		exit 1
+ 		;;
+ esac

[maintainer update] update to Openfire 3.10.3

2015-11-22 Thread Marc Peters 
Hi list,

here's an update to Openfire 3.10.3. The changelog can be found here:
http://www.igniterealtime.org/builds/openfire/docs/latest/changelog.html

Attached as patch to avoid mangling.

Tested on amd64. Comments/OKs?


Marc
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.35
diff -u -p -u -p -r1.35 Makefile
--- Makefile	26 Jun 2015 07:29:09 -	1.35
+++ Makefile	22 Nov 2015 20:38:38 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.35 2015/06/26 07:29:09 ajacoutot Exp $
 
 COMMENT=	XMPP real time collaboration server
-V=		3.10.2
+V=		3.10.3
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.9
diff -u -p -u -p -r1.9 distinfo
--- distinfo	26 Jun 2015 07:29:09 -	1.9
+++ distinfo	22 Nov 2015 20:38:38 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_3_10_2.tar.gz) = a+IoeycwXBnbbarjYLG4mEKNKJQT6BFKNenOBMbePYA=
-SIZE (openfire_src_3_10_2.tar.gz) = 128442398
+SHA256 (openfire_src_3_10_3.tar.gz) = BPzSBcECNruT3dshJ1cE0YpZUJZPV7jGPlI7/FL+Ndg=
+SIZE (openfire_src_3_10_3.tar.gz) = 128443231

Re: [update] abcde 2.5.4 -> 2.7.1

2015-11-22 Thread Marc Peters 
Am 10/22/15 um 16:05 schrieb Marc Peters:
> Hi,
> 
> here's a diff to bring abcde to the latest release (attached to avoid
> mangling). Working here on amd64, just tested with flac, though.
> 
> Comments/ok?
> 

Here an updated diff against -current ports.

Comments/OKs?


Marc
? abcde-2.7.1.patch
Index: Makefile
===
RCS file: /cvs/ports/audio/abcde/Makefile,v
retrieving revision 1.23
diff -u -p -u -p -r1.23 Makefile
--- Makefile	24 Aug 2015 23:19:57 -	1.23
+++ Makefile	22 Nov 2015 21:09:09 -
@@ -2,7 +2,7 @@
 
 COMMENT=	command-line utility to rip and encode audio cds
 
-DISTNAME=	abcde-2.5.4
+DISTNAME=	abcde-2.7.1
 REVISION=	1
 CATEGORIES=	audio
 
Index: distinfo
===
RCS file: /cvs/ports/audio/abcde/distinfo,v
retrieving revision 1.9
diff -u -p -u -p -r1.9 distinfo
--- distinfo	2 Mar 2013 13:03:17 -	1.9
+++ distinfo	22 Nov 2015 21:09:09 -
@@ -1,2 +1,2 @@
-SHA256 (abcde-2.5.4.tar.gz) = hbZ5uXDnKKmGSHrcv/fFHrDnL5+hDERQUh+OAp+m5ZE=
-SIZE (abcde-2.5.4.tar.gz) = 104229
+SHA256 (abcde-2.7.1.tar.gz) = NAHjl4WyDt7oQ9TYdbR9K1WfdkaBxILESRqMi6YF8lA=
+SIZE (abcde-2.7.1.tar.gz) = 144302
Index: patches/patch-abcde
===
RCS file: /cvs/ports/audio/abcde/patches/patch-abcde,v
retrieving revision 1.7
diff -u -p -u -p -r1.7 patch-abcde
--- patches/patch-abcde	21 Nov 2012 20:38:48 -	1.7
+++ patches/patch-abcde	22 Nov 2015 21:09:09 -
@@ -1,14 +1,13 @@
-$OpenBSD: patch-abcde,v 1.7 2012/11/21 20:38:48 sthen Exp $
 abcde.orig	Tue Sep 18 15:09:31 2012
-+++ abcde	Sat Nov 17 16:09:52 2012
+--- abcde.orig	Sun Oct  4 11:30:28 2015
 abcde	Thu Oct 22 15:51:49 2015
 @@ -1,4 +1,4 @@
 -#!/bin/bash
 +#!${LOCALBASE}/bin/bash
  # Copyright (c) 1998-2001 Robert Woodcock <r...@debian.org>
  # Copyright (c) 2003-2006 Jesus Climent <jesus.clim...@hispalinux.es>
  # Copyright (c) 2009-2012 Colin Tuckley <col...@debian.org>
-@@ -833,6 +833,16 @@ do_tag ()
- 		${TPE2:+--set-text-frame=TPE2:"$TPE2"} \
+@@ -839,6 +839,16 @@
+ 		${TPE2:+--TPE2 "$TPE2"} \
  		"$ABCDETEMPDIR/track$1.$OUTPUT"
  	;;
 +id3tag)
@@ -21,56 +20,55 @@ $OpenBSD: patch-abcde,v 1.7 2012/11/21 2
 +		${TRACKNUM:+-T "$TRACKS"} \
 +		"$ABCDETEMPDIR/track$1.$OUTPUT"
 +	;;
- # FIXME # Still not activated...
- id3ed)
- 	run_command tagtrack-$OUTPUT-$1 nice $ENCNICE \
-@@ -3165,7 +3175,7 @@ VAPLAYLISTFORMAT='${ARTISTFILE}-${ALBUMFILE}.${OUTPUT}
+ eyed3*)
+ 	# FIXME # track numbers in mp3 come with 1/10, so we cannot
+ 	# happily substitute them with $TRACKNUM
+@@ -3471,7 +3481,7 @@
  VAPLAYLISTDATAPREFIX=''
  DOSPLAYLIST=n
  COMMENT=''
--ID3TAGV=2
+-ID3TAGV=id3v2.4
 +ID3TAGV=id3tag
  ENCNICE=10
  READNICE=10
  DISTMP3NICE=10
-@@ -3207,6 +3217,7 @@ AACENC=faac
- 
+@@ -3537,6 +3547,7 @@
  ID3=id3
  ID3V2=id3v2
+ MID3V2=mid3v2
 +ID3TAG=id3tag
  EYED3=eyeD3
  VORBISCOMMENT=vorbiscomment
  METAFLAC=metaflac
-@@ -3259,6 +3270,7 @@ AACENCOPTS=
+@@ -3621,6 +3632,7 @@
+ FFMPEGENCOPTS=
  
  ID3OPTS=
- ID3V2OPTS=
 +ID3TAGOPTS=
+ EYED3OPTS=""
+ ATOMICPARSLEYOPTS=
  CDPARANOIAOPTS=
- CDDA2WAVOPTS=
- DAGRABOPTS=
-@@ -3310,7 +3322,7 @@ elif [ X$(uname) = "XDarwin" ] ; then
- 	NEEDDISKUTIL=y
- 	CDROMREADERSYNTAX=cddafs
+@@ -3683,7 +3695,7 @@
+ 	# We won't find the eject program in OSX, and doing checkexec will fail further below...
+ 	unset EJECT
  elif [ X$(uname) = "XOpenBSD" ] ; then
 -	HTTPGET=wget
 +	HTTPGET=ftp
  	MD5SUM=md5
  	OSFLAVOUR=OBSD
  elif [ X$(uname) = "XNetBSD" ] ; then
-@@ -3875,11 +3887,15 @@ esac
- if [ "$ID3TAGV" = "1" ]; then
- 	TAGGER="$ID3"
- 	TAGGEROPTS="$ID3OPTS"
-+else if [ "$ID3TAGV" = "id3tag" ]; then
-+	TAGGER="$ID3TAG"
-+	TAGGEROPTS="$ID3TAGOPTS"
- else
- 	TAGGER="$EYED3"
- 	TAGGEROPTS="$ID3V2OPTS"
- 	ID3SYNTAX=eyed3
- 	TAGGEROPTS="--set-encoding=utf16-LE $ID3V2OPTS"
-+fi
- fi
- 
- # NOGAP is specific to lame. Other encoders fail ...
+@@ -4427,8 +4439,13 @@
+ 			TAGGEROPTS="--encoding utf16 $EYED3OPTS"
+ 		fi
+ 		;;
++	id3tag)
++		TAGGER="$ID3TAG"
++		ID3SYNTAX=id3tag
++		TAGGEROPTS="$ID3TAGOPTS"
++		;;
+ 	*)
+-		log error "Error: ID3TAGV must be either \"id3v1\", \"id3v2.3\" or \"id3v2.4\""
++		log error "Error: ID3TAGV must be either \"id3v1\", \"id3v2.3\", \"id3v2.4\" or \"id3tag\""
+ 		exit 1
+ 		;;
+ esac

Re: Welcome-Mail

2015-11-16 Thread Marc Peters 
Am 11/16/15 um 12:00 schrieb Stefan Wollny:
> Hi there,
> 
> I may be wrong but I thought usage of ftp to get information and to
> download packages is discouraged. I just noticed (after having done a
> fresh install of amd64-current) reading the welcome mail "Welcome to
> OpenBSD 5.8!" that the ftp-protocol is still given.
> 
> Instead
> ftp://ftp.openbsd.org/pub/OpenBSD/5.8/packages
> shouldn't this rather be
> http://ftp.openbsd.org/pub/OpenBSD/5.8/packages

ftp is still a valid option for packages. The installation via ftp is
not supported anymore.


Marc

[update] abcde 2.5.4 -> 2.7.1

2015-10-22 Thread Marc Peters 
Hi,

here's a diff to bring abcde to the latest release (attached to avoid
mangling). Working here on amd64, just tested with flac, though.

Comments/ok?
Index: Makefile
===
RCS file: /cvs/ports/audio/abcde/Makefile,v
retrieving revision 1.22
diff -u -p -u -p -r1.22 Makefile
--- Makefile	18 Jul 2015 14:33:49 -	1.22
+++ Makefile	22 Oct 2015 13:55:58 -
@@ -2,17 +2,16 @@
 
 COMMENT=	command-line utility to rip and encode audio cds
 
-DISTNAME=	abcde-2.5.4
-REVISION=	0
+DISTNAME=	abcde-2.7.1
 CATEGORIES=	audio
 
-HOMEPAGE=	https://code.google.com/p/abcde/
+HOMEPAGE=	http://abcde.einval.com
 
 # Artistic or GPLv2, but "Copyright for this work is to expire
 # January 1, 2010, after which it shall be public domain."
 PERMIT_PACKAGE_CDROM=	Yes
 
-MASTER_SITES=	https://abcde.googlecode.com/files/
+MASTER_SITES=	http://abcde.einval.com/download/
 MASTER_SITES0=	http://lly.org/~rcw/id3/ \
 		http://lly.org/~rcw/id3/old/
 
Index: distinfo
===
RCS file: /cvs/ports/audio/abcde/distinfo,v
retrieving revision 1.9
diff -u -p -u -p -r1.9 distinfo
--- distinfo	2 Mar 2013 13:03:17 -	1.9
+++ distinfo	22 Oct 2015 13:55:58 -
@@ -1,2 +1,2 @@
-SHA256 (abcde-2.5.4.tar.gz) = hbZ5uXDnKKmGSHrcv/fFHrDnL5+hDERQUh+OAp+m5ZE=
-SIZE (abcde-2.5.4.tar.gz) = 104229
+SHA256 (abcde-2.7.1.tar.gz) = NAHjl4WyDt7oQ9TYdbR9K1WfdkaBxILESRqMi6YF8lA=
+SIZE (abcde-2.7.1.tar.gz) = 144302
Index: patches/patch-abcde
===
RCS file: /cvs/ports/audio/abcde/patches/patch-abcde,v
retrieving revision 1.7
diff -u -p -u -p -r1.7 patch-abcde
--- patches/patch-abcde	21 Nov 2012 20:38:48 -	1.7
+++ patches/patch-abcde	22 Oct 2015 13:55:58 -
@@ -1,14 +1,13 @@
-$OpenBSD: patch-abcde,v 1.7 2012/11/21 20:38:48 sthen Exp $
 abcde.orig	Tue Sep 18 15:09:31 2012
-+++ abcde	Sat Nov 17 16:09:52 2012
+--- abcde.orig	Sun Oct  4 11:30:28 2015
 abcde	Thu Oct 22 15:51:49 2015
 @@ -1,4 +1,4 @@
 -#!/bin/bash
 +#!${LOCALBASE}/bin/bash
  # Copyright (c) 1998-2001 Robert Woodcock 
  # Copyright (c) 2003-2006 Jesus Climent 
  # Copyright (c) 2009-2012 Colin Tuckley 
-@@ -833,6 +833,16 @@ do_tag ()
- 		${TPE2:+--set-text-frame=TPE2:"$TPE2"} \
+@@ -839,6 +839,16 @@
+ 		${TPE2:+--TPE2 "$TPE2"} \
  		"$ABCDETEMPDIR/track$1.$OUTPUT"
  	;;
 +id3tag)
@@ -21,56 +20,55 @@ $OpenBSD: patch-abcde,v 1.7 2012/11/21 2
 +		${TRACKNUM:+-T "$TRACKS"} \
 +		"$ABCDETEMPDIR/track$1.$OUTPUT"
 +	;;
- # FIXME # Still not activated...
- id3ed)
- 	run_command tagtrack-$OUTPUT-$1 nice $ENCNICE \
-@@ -3165,7 +3175,7 @@ VAPLAYLISTFORMAT='${ARTISTFILE}-${ALBUMFILE}.${OUTPUT}
+ eyed3*)
+ 	# FIXME # track numbers in mp3 come with 1/10, so we cannot
+ 	# happily substitute them with $TRACKNUM
+@@ -3471,7 +3481,7 @@
  VAPLAYLISTDATAPREFIX=''
  DOSPLAYLIST=n
  COMMENT=''
--ID3TAGV=2
+-ID3TAGV=id3v2.4
 +ID3TAGV=id3tag
  ENCNICE=10
  READNICE=10
  DISTMP3NICE=10
-@@ -3207,6 +3217,7 @@ AACENC=faac
- 
+@@ -3537,6 +3547,7 @@
  ID3=id3
  ID3V2=id3v2
+ MID3V2=mid3v2
 +ID3TAG=id3tag
  EYED3=eyeD3
  VORBISCOMMENT=vorbiscomment
  METAFLAC=metaflac
-@@ -3259,6 +3270,7 @@ AACENCOPTS=
+@@ -3621,6 +3632,7 @@
+ FFMPEGENCOPTS=
  
  ID3OPTS=
- ID3V2OPTS=
 +ID3TAGOPTS=
+ EYED3OPTS=""
+ ATOMICPARSLEYOPTS=
  CDPARANOIAOPTS=
- CDDA2WAVOPTS=
- DAGRABOPTS=
-@@ -3310,7 +3322,7 @@ elif [ X$(uname) = "XDarwin" ] ; then
- 	NEEDDISKUTIL=y
- 	CDROMREADERSYNTAX=cddafs
+@@ -3683,7 +3695,7 @@
+ 	# We won't find the eject program in OSX, and doing checkexec will fail further below...
+ 	unset EJECT
  elif [ X$(uname) = "XOpenBSD" ] ; then
 -	HTTPGET=wget
 +	HTTPGET=ftp
  	MD5SUM=md5
  	OSFLAVOUR=OBSD
  elif [ X$(uname) = "XNetBSD" ] ; then
-@@ -3875,11 +3887,15 @@ esac
- if [ "$ID3TAGV" = "1" ]; then
- 	TAGGER="$ID3"
- 	TAGGEROPTS="$ID3OPTS"
-+else if [ "$ID3TAGV" = "id3tag" ]; then
-+	TAGGER="$ID3TAG"
-+	TAGGEROPTS="$ID3TAGOPTS"
- else
- 	TAGGER="$EYED3"
- 	TAGGEROPTS="$ID3V2OPTS"
- 	ID3SYNTAX=eyed3
- 	TAGGEROPTS="--set-encoding=utf16-LE $ID3V2OPTS"
-+fi
- fi
- 
- # NOGAP is specific to lame. Other encoders fail ...
+@@ -4427,8 +4439,13 @@
+ 			TAGGEROPTS="--encoding utf16 $EYED3OPTS"
+ 		fi
+ 		;;
++	id3tag)
++		TAGGER="$ID3TAG"
++		ID3SYNTAX=id3tag
++		TAGGEROPTS="$ID3TAGOPTS"
++		;;
+ 	*)
+-		log error "Error: ID3TAGV must be either \"id3v1\", \"id3v2.3\" or \"id3v2.4\""
++		log error "Error: ID3TAGV must be either \"id3v1\", \"id3v2.3\", \"id3v2.4\" or \"id3tag\""
+ 		exit 1
+ 		;;
+ esac

Re: wifi profiles in hostname.if

2015-09-26 Thread Marc Peters 
On 09/26/15 15:44, Chris Lobkowicz wrote:
> Good day, I am curious if there is the possibility of adding/using multiple
> profiles or network entries, much like ~/.ssh/config ?
> 

I use the scripts provided by afresh1@. They're available at
https://gist.github.com/afresh1/7149844


Marc

> eg:
> 
> In /etc/hostname.iwn0
> 
> nwid primary
> wpakey key
> dhcp
> 
> ​nwid ​secondary
> wpakey key
> dhcp
> 
> 
> Is this possible? I would imagine that wrapping some sort of
> identifiers/formatting around the network information would be required,
> much like the ssh/config parameters.
> 
> Net primary {
>   nwid primary
>   wpakey key
>   dhcp
> }
> Net secondary {
>   nwid secondary
>   wpakey key
>   dhcp
> }
> 
> 
> The manpage of hostname.if(5) does not specifically mention/allow for this.
> 
> 
> 
> My work-around for this is to have all my locations/ap's use the same nwid
> where possible. And where not, just use # comments in my hostname.if files
> and just manually edit the appropriate entries in/out, and rerun
> /etc/netstart.
> 
> Is it possible to bake this in, rather than going down the wpa_supplicant
> path as others have done? Or am I getting my hopes up for the sake of being
> lazy?
> 
> Thanks
> Chris

Re: Recommended Industrial PCs?

2015-08-27 Thread Marc Peters 
Am 08/26/15 um 21:11 schrieb Martin Haufschild:
 Hello,
 
 can someone recommend me an Industrial PC (IPC) to use with OpenBSD? I
 would like to have a lot of hardware supported from this IPC by OpenBSD.
 
 Regards
 Martin
 

Soekris are small in form factor and are reliable devices; pretty
expensive, though.

[maintainer update] net/openfire 3.10.2

2015-06-26 Thread Marc Peters 
Hi,

here's a diff to bring Openfire to 3.10.2 (attached as file to avoid
mangling).

Changelog:
http://www.igniterealtime.org/builds/openfire/docs/latest/changelog.html

High CPU should be gone (says the changelog ;)).

Tested on amd64 -current and -stable.

Marc
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.34
diff -u -p -u -p -r1.34 Makefile
--- Makefile	16 May 2015 18:56:55 -	1.34
+++ Makefile	26 Jun 2015 06:49:57 -
@@ -1,10 +1,9 @@
 # $OpenBSD: Makefile,v 1.34 2015/05/16 18:56:55 jasper Exp $
 
 COMMENT=	XMPP real time collaboration server
-V=		3.10.0
+V=		3.10.2
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
-REVISION=	0
 CATEGORIES=	net
 
 MASTER_SITES=	http://www.igniterealtime.org/downloadServlet?filename=openfire/
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.8
diff -u -p -u -p -r1.8 distinfo
--- distinfo	15 May 2015 10:48:36 -	1.8
+++ distinfo	26 Jun 2015 06:49:57 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_3_10_0.tar.gz) = SRHK9TNpA+F6dSw1jE5Qba52sPZq38hXU3623+N5LzM=
-SIZE (openfire_src_3_10_0.tar.gz) = 128475294
+SHA256 (openfire_src_3_10_2.tar.gz) = a+IoeycwXBnbbarjYLG4mEKNKJQT6BFKNenOBMbePYA=
+SIZE (openfire_src_3_10_2.tar.gz) = 128442398

Re: PostgreSQL: security/reliability fixes

2015-05-28 Thread Marc Peters 
On 05/28/15 10:42, Pierre-Emmanuel André wrote:
 Hi,
 
 A new version is available for PostgreSQL (9.4.2).
 This version fixes a data corruption problem and 3 CVE:
 http://www.postgresql.org/about/news/1587/
 
 Tested on @amd64 on -current and 5.7.
 Comments, OK ?

There is an issue with their fsync implementation in this release:

http://marc.info/?l=postgresql-announcem=143267287729079w=2

Re: my experience with openbsdstore.com

2015-04-13 Thread Marc Peters 
On 04/12/15 20:12, Jason Adams wrote:
 On 04/11/2015 06:01 AM, IMAP List Administration wrote:
 The trouble began immediately. I chose electronic wire transfer as the 
 payment
 method, 
 
 Its not 1929 any more. I'm utterly suprised the store still offers wire 
 transfer.
 
 In my day job, we refuse wire transfers.  We would rather lose a customer 
 than deal
 with it unless the invoice is several thousand dollars.  Its too much work 
 (on both ends)
 and one never gets the invoice amount, as the banks charge fees on both ends.

Not in Europe. Actually, the most money transfers here are done by wire
transfer, as it's for free.

 
 What should have been an automated order now requites human intervention on
 both ends, plus any transcription error along the way sends your money to 
 no-man's land.

Not in Europe and the process of matching the payments should be
automated anyway.

 
 Even the store's handling of PayPal is obsolete, requiring two steps, and 
 manual matching
 of orders to payments.

Should be an automated process, too.

 
 There are a dozen other payment methods that could be used on the store, but 
 it seems
 hopelessly stuck in 1996.
 

Yeah, and you go to a bank and throw papers in or send cheques? Where or
when do you live? In the 80's?

Re: Dovecot happy on 5.6?

2014-12-16 Thread Marc Peters 
On 12/16/14 05:48, Rod Whitworth wrote:
 I have been trying out dovecot for some years and it has always had some 
 irritating bug or 
 limitation and I have seen a few gripes from others.
 
 It seems to have been very quiet lately so I thought I'd have another attempt 
 to get it running 
 whilst choosing options that look like ones to suit me.
 
 Any happy users? Absolute haters who have really tried hard? (Description of 
 problem?)
 
 Thanx,

Happy since June '12 (started with a -current and stayed with -stable since)

Marc

dhcpd log issues

2014-11-07 Thread Marc Peters 
Hi misc@,

after upgrading our pair of dhcpd servers to 5.6(-stable), i am seeing
strange DHCPACKs in our logs (in both of them):

Nov  7 09:28:34 dhcpd2 dhcpd[9269]: DHCPINFORM from 192.168.20.251
Nov  7 09:28:34 dhcpd2 dhcpd[9269]: DHCPACK on null address to
5c:51:4f:56:81:c3 via em0
Nov  7 09:28:35 dhcpd2 dhcpd[9269]: DHCPDISCOVER from 60:67:20:a5:2b:3f
via em0
Nov  7 09:28:36 dhcpd2 dhcpd[9269]: DHCPOFFER on 192.168.21.79 to
60:67:20:a5:2b:3f via em0
Nov  7 09:28:37 dhcpd2 dhcpd[9269]: DHCPINFORM from 192.168.19.204
Nov  7 09:28:37 dhcpd2 dhcpd[9269]: DHCPACK on null address to
7c:7a:91:5e:d4:81 via em0
Nov  7 09:28:37 dhcpd2 dhcpd[9269]: DHCPINFORM from 192.168.19.203
Nov  7 09:28:37 dhcpd2 dhcpd[9269]: DHCPACK on null address to
28:d2:44:6a:a7:7b via em0
Nov  7 09:28:37 dhcpd2 dhcpd[9269]: DHCPINFORM from 192.168.19.38
Nov  7 09:28:37 dhcpd2 dhcpd[9269]: DHCPACK on null address to
74:27:ea:e5:68:68 via em0

The entries in the leasesfile are correct and the clients are getting
the right addresses, so this seems merely a logging issue to me.

dmesg dhcpd1 (kvm-host):
OpenBSD 5.6-stable (GENERIC.MP) #0: Thu Nov  6 13:20:20 CET 2014
r...@dhcpd1.trivago.trv:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 1056956416 (1007MB)
avail mem = 1020092416 (972MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xfd970 (11 entries)
bios0: vendor Bochs version Bochs date 01/01/2007
bios0: Bochs Bochs
acpi0 at bios0: rev 0
acpi0: sleep states S3 S4 S5
acpi0: tables DSDT FACP SSDT APIC HPET SSDT
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: QEMU Virtual CPU version 1.1.2, 2667.18 MHz
cpu0:
FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,CX16,POPCNT,NXE,LONG,LAHF
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu0: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 1000MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: QEMU Virtual CPU version 1.1.2, 2666.89 MHz
cpu1:
FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,CX16,POPCNT,NXE,LONG,LAHF
cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu1: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu1: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu1: smt 0, core 0, package 1
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
acpihpet0 at acpi0: 1 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0
acpicpu1 at acpi0
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel 82441FX rev 0x02
pcib0 at pci0 dev 1 function 0 Intel 82371SB ISA rev 0x00
pciide0 at pci0 dev 1 function 1 Intel 82371SB IDE rev 0x00: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 disabled (no drives)
pciide0: channel 1 disabled (no drives)
uhci0 at pci0 dev 1 function 2 Intel 82371SB USB rev 0x01: apic 2 int 11
piixpm0 at pci0 dev 1 function 3 Intel 82371AB Power rev 0x03: apic 2
int 10
iic0 at piixpm0
iic0: addr 0x18 00=00 01=00 02=00 03=00 04=00 05=00 06=00 07=00 08=00
words 00= 01= 02= 03= 04= 05= 06= 07=
iic0: addr 0x1a 00=00 01=00 02=00 03=00 04=00 05=00 06=00 07=00 08=00
words 00= 01= 02= 03= 04= 05= 06= 07=
iic0: addr 0x29 00=00 01=00 02=00 03=00 04=00 05=00 06=00 07=00 08=00
words 00= 01= 02= 03= 04= 05= 06= 07=
iic0: addr 0x2b 00=00 01=00 02=00 03=00 04=00 05=00 06=00 07=00 08=00
words 00= 01= 02= 03= 04= 05= 06= 07=
iic0: addr 0x4c 00=00 01=00 02=00 03=00 04=00 05=00 06=00 07=00 08=00
words 00= 01= 02= 03= 04= 05= 06= 07=
iic0: addr 0x4e 00=00 01=00 02=00 03=00 04=00 05=00 06=00 07=00 08=00
words 00= 01= 02= 03= 04= 05= 06= 07=
vga1 at pci0 dev 2 function 0 Cirrus Logic CL-GD5446 rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
em0 at pci0 dev 3 function 0 Intel 82540EM rev 0x03: apic 2 int 11,
address 52:54:00:03:2b:7d
virtio0 at pci0 dev 4 function 0 Qumranet Virtio Storage rev 0x00:
Virtio Block Device
vioblk0 at virtio0
scsibus1 at vioblk0: 2 targets
sd0 at scsibus1 targ 0 lun 0: VirtIO, Block Device,  SCSI3 0/direct fixed
sd0: 20480MB, 512 bytes/sector, 41943040 sectors
virtio0: apic 2 int 11
virtio1 at pci0 dev 5 function 0 Qumranet Virtio Memory rev 0x00:
Virtio Memory Balloon Device
viomb0

Re: Apache2 config on OpenBSD 5.5

2014-06-02 Thread Marc Peters 
On 06/02/14 10:41, Markus Rosjat wrote:
 Hey there,
 
 its kinda confusing to see config files all over the place. I can find
 files in /etc/apache2 as well as in /var/www/conf. So first thing first.
 As I notices apache 1.3 insnt used in OpenBSD 5.5 right?  So I can asume
 there should be no apache 1.3 running at all. Second I installed the
 apache2 package and got the config files at /etc/apache2 but when I did
 some changes I noticed they are not applied after restarting apache so I
 took a look around and found config files under /var/www/conf too which
 where used by the apachectl script. Beisde this I check my phpinfo() _I
 and  got the info that Im running a apache 1.3 
 
 So what is the deal now, do I have a 1.3 installed by the default when I
 set up the system or is it just some weird mix up that happens because I
 installed the apache2 package? Another question would be the chroot, is
 the apache2 chrooted by the default still ?
 
 Oh and if someone has some helpful links on all this that would be
 extremly helpful.
 
 Regards
 
 Markus
 

Apache 1.3 is still installed. In -current and upcoming 5.6 it will be
substituted by nginx. I never used apache2 on OpenBSD, but i can imagine
that it lives in /usr/local and you should make sure to call apachectl
with an absolute path. The files in /var/www/conf are for the apache 1.3
in base.

Re: Update: net/openfire 3.9.1 - 3.9.3

2014-05-28 Thread Marc Peters 
On 05/11/14 10:44, Stuart Henderson wrote:
 I don't see any advantage to moving the 2 config files into 
 share/examples/openfire/conf rather than just keeping them in 
 share/examples/openfire as they are now.
 

Patch attached to update Openfire to the latest version 3.9.3.
Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.30
diff -u -p -u -p -r1.30 Makefile
--- Makefile	16 Mar 2014 01:34:31 -	1.30
+++ Makefile	28 May 2014 09:06:13 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.30 2014/03/16 01:34:31 sthen Exp $
 
 COMMENT=	XMPP real time collaboration server
-V=		3.9.1
+V=		3.9.3
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
@@ -44,8 +44,11 @@ do-install:
 	${INSTALL_DATA} ${WRKDIST}/documentation/docs/database.html \
 		${PREFIX}/share/doc/openfire
 	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/openfire/security
+	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/openfire/
 	${INSTALL_DATA} ${WRKDIST}/target/openfire/conf/openfire.xml \
-		${PREFIX}/share/examples/openfire
+		${PREFIX}/share/examples/openfire/
+	${INSTALL_DATA} ${WRKDIST}/target/openfire/conf/security.xml \
+		${PREFIX}/share/examples/openfire/
 	${INSTALL_DATA} ${WRKBUILD}/security/* \
 		${PREFIX}/share/examples/openfire/security
 
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.6
diff -u -p -u -p -r1.6 distinfo
--- distinfo	16 Mar 2014 01:34:31 -	1.6
+++ distinfo	28 May 2014 09:06:13 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_3_9_1.tar.gz) = aCV26hahETdHNc+TvV5ET+7m0LcUsQlDaqfgx3XzAg0=
-SIZE (openfire_src_3_9_1.tar.gz) = 123053536
+SHA256 (openfire_src_3_9_3.tar.gz) = NwAYNaMAfxFSFKqD8qSPjDO781dpN/TZZNnrPeOTOtI=
+SIZE (openfire_src_3_9_3.tar.gz) = 80785973
Index: pkg/PLIST
===
RCS file: /cvs/ports/net/openfire/pkg/PLIST,v
retrieving revision 1.6
diff -u -p -u -p -r1.6 PLIST
--- pkg/PLIST	16 Mar 2014 01:34:31 -	1.6
+++ pkg/PLIST	28 May 2014 09:06:13 -
@@ -417,6 +417,7 @@ share/examples/openfire/security/
 @mode
 @owner
 @group
+share/examples/openfire/security.xml
 share/examples/openfire/security/client.truststore
 @mode 660
 @owner root

Re: Update: net/openfire 3.9.1 - 3.9.3

2014-05-28 Thread Marc Peters 
On 05/28/14 12:03, Stuart Henderson wrote:
 diff -u -p -u -p -r1.6 PLIST
 --- pkg/PLIST16 Mar 2014 01:34:31 -  1.6
 +++ pkg/PLIST28 May 2014 09:06:13 -
 @@ -417,6 +417,7 @@ share/examples/openfire/security/
  @mode
  @owner
  @group
 +share/examples/openfire/security.xml
 
 Does this file not want an @sample openfire/conf/security.xml or similar?
 

Of course it does, missed that one. Thanks, Stuart. Updated diff attached.

Index: Makefile
===
RCS file: /cvs/ports/net/openfire/Makefile,v
retrieving revision 1.30
diff -u -p -r1.30 Makefile
--- Makefile	16 Mar 2014 01:34:31 -	1.30
+++ Makefile	28 May 2014 10:52:57 -
@@ -1,7 +1,7 @@
 # $OpenBSD: Makefile,v 1.30 2014/03/16 01:34:31 sthen Exp $
 
 COMMENT=	XMPP real time collaboration server
-V=		3.9.1
+V=		3.9.3
 DISTNAME=	openfire_src_${V:S/./_/g}
 PKGNAME=	openfire-$V
 CATEGORIES=	net
@@ -44,8 +44,11 @@ do-install:
 	${INSTALL_DATA} ${WRKDIST}/documentation/docs/database.html \
 		${PREFIX}/share/doc/openfire
 	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/openfire/security
+	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/openfire/
 	${INSTALL_DATA} ${WRKDIST}/target/openfire/conf/openfire.xml \
-		${PREFIX}/share/examples/openfire
+		${PREFIX}/share/examples/openfire/
+	${INSTALL_DATA} ${WRKDIST}/target/openfire/conf/security.xml \
+		${PREFIX}/share/examples/openfire/
 	${INSTALL_DATA} ${WRKBUILD}/security/* \
 		${PREFIX}/share/examples/openfire/security
 
Index: distinfo
===
RCS file: /cvs/ports/net/openfire/distinfo,v
retrieving revision 1.6
diff -u -p -r1.6 distinfo
--- distinfo	16 Mar 2014 01:34:31 -	1.6
+++ distinfo	28 May 2014 10:52:57 -
@@ -1,2 +1,2 @@
-SHA256 (openfire_src_3_9_1.tar.gz) = aCV26hahETdHNc+TvV5ET+7m0LcUsQlDaqfgx3XzAg0=
-SIZE (openfire_src_3_9_1.tar.gz) = 123053536
+SHA256 (openfire_src_3_9_3.tar.gz) = NwAYNaMAfxFSFKqD8qSPjDO781dpN/TZZNnrPeOTOtI=
+SIZE (openfire_src_3_9_3.tar.gz) = 80785973
Index: pkg/PLIST
===
RCS file: /cvs/ports/net/openfire/pkg/PLIST,v
retrieving revision 1.6
diff -u -p -r1.6 PLIST
--- pkg/PLIST	16 Mar 2014 01:34:31 -	1.6
+++ pkg/PLIST	28 May 2014 10:52:57 -
@@ -417,6 +417,11 @@ share/examples/openfire/security/
 @mode
 @owner
 @group
+share/examples/openfire/security.xml
+@mode 660
+@owner root
+@group _openfire
+@sample openfire/conf/security.xml
 share/examples/openfire/security/client.truststore
 @mode 660
 @owner root

Re: Update: net/openfire 3.9.1 - 3.9.2; advise needed

2014-05-12 Thread Marc Peters 
On 05/11/14 10:44, Stuart Henderson wrote:
 I don't see any advantage to moving the 2 config files into 
 share/examples/openfire/conf rather than just keeping them in 
 share/examples/openfire as they are now.

The second file wasn't copied to examples, so i decided a new
subdirectory would make sense, but i will change that.

Openfire 3.9.3 is already out, i will send a new diff in the next couple
of days with the latest version.

  1   2   3   >