Re: hardware issues on sparc64

[Edd Barrett]

 [EMAIL PROTECTED]:/usr/src/sys/arch/sparc64/stand/ofwboot/obj
 open /[EMAIL PROTECTED],0/SUNW,[EMAIL PROTECTED],880/[EMAIL 
 PROTECTED],0:f/kernel/sparcv9/unix: No such
 file or
   directory
 

The above path is to a solrais kernel. If you want to rid of it then
hit stop-a and type help. You need to change the boot-file parameter
(i think). But if it isnt stopping you from working, then dont fix it.
(right?)

Regards

Edd

Regarding pthread_init

[Vanamala.V]

Hello,

I'm compiling MPI on 64 bit AIX-5.3L(power 5). After successful
compilation, simple MPI program fails to execute. It gives segmentation
fault in pthread_init().

I'm using xcl_r, xlf_r and xlC_r(native AIX compilers). I've compiled the
code with -q64 option and building shared libraries(ex. libmpi.so). Now,
when I execute a simple MPI program, it fails in pthread_init() before
entering main().

But when i make my library static(libmpi.a), program executes properly.

Could you please suggest me what could be the problem? 

Regards,
Vanamala. V

IBM Developer Works article on FreeBSD why not OpenBSD?

[Roger Neth Jr]

Hello List,

Just read this article on FreeBSD and a little history on BSD. 
http://www-128.ibm.com/developerworks/opensource/library/os-freebsd/?ca=dgr-lnxw01FreeBSD


I tried FreeBSD and NetBSD before but after trying OpenBSD they were just 
ugly to work with IMO.


I find OpenBSD clean and enjoyable to install and work with and this is 
someone that is coming from pure Windows and very little Linux use.


And warm fuzzy feeling to boot!

Thanks OpenBSD devs and community!

Best regards,

rogern

_
On the road to retirement? Check out MSN Life Events for advice on how to 
get there! http://lifeevents.msn.com/category.aspx?cid=Retirement

Regarding pthread_init

[Vanamala Reddy]

__
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
Received: from [203.200.36.253]
by web52408.mail.yahoo.com via HTTP; Tue, 16 Aug 2005 23:28:27 PDT
Date: Tue, 16 Aug 2005 23:28:26 -0700 (PDT)
From: Vanamala Reddy [EMAIL PROTECTED]
Subject: Regarding pthread_init
To: [EMAIL PROTECTED]
MIME-Version: 1.0
X-Security: message sanitized on shear.ucar.edu See 
http://www.impsec.org/email-tools/sanitizer-intro.html for details. $Revision: 
1.147 $Date: 2004-10-02 11:16:26-07 
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
Content-Length: 645
X-Converted-To-Plain-Text: from multipart/alternative by demime 1.01d
X-Converted-To-Plain-Text: Alternative section used was text/plain

Hello,
 
I'm compiling MPI on 64 bit AIX-5.3L(power 5). After successful
compilation, simple MPI program fails to execute. It gives segmentation
fault in pthread_init().
 
I'm using xcl_r, xlf_r and xlC_r(native AIX compilers). I've compiled the
code with -q64 option and building shared libraries(ex. libmpi.so). Now,
when I execute a simple MPI program, it fails in pthread_init() before
entering main().
 
But when i make my library static(libmpi.a), program executes properly.
 
Could you please suggest me what could be the problem?
 
Regards,
Vanamala. V
 


-
 Start your day with Yahoo! - make it your home page 

Re: Regarding pthread_init

[Simon Farnsworth]

On Wednesday 17 August 2005 07:02, Vanamala.V wrote:
 Hello,

 I'm compiling MPI on 64 bit AIX-5.3L(power 5). After successful
 compilation, simple MPI program fails to execute. It gives segmentation
 fault in pthread_init().

This list is about OpenBSD, not AIX; you're unlikely to get much help with
your problem here.

 Could you please suggest me what could be the problem?

I can recommend that you contact IBM India and ask them for help with AIX;
their contact details are at http://www.ibm.com/contact/in/
--
Simon Farnsworth

[demime 1.01d removed an attachment of type application/pgp-signature]

Keyboard issue

[Carlos Zumajo]

Hi all.

I have installed OpenBSD 3.7 on SparcStation 4. The installation process 
finished successfully.


But I have a issue with keyboard. My keyboard is type5 spanish.  In the 
login field, X or console, I can write the Q letter. After I login 
with normal user this key don4t work, only beep. When I4m root this key 
work as spected, but arrows  keys don4t work


From normal user I tried wsconsctl to turn to spanish encoding and I 
have no errors, but this key Q, only beep. I do the same with kbd but 
I have no differences.


In a X, I tried XKeycaps, and the keyboard detected is a PC with 104 
keys. When I change this by  keyboard Sun Microsystems Type 5 
OpenWindows Spanish layout and write changes, there are no working keys. 
All the keys are mapping different that I can see in Xkeycaps. For 
example, if I press H the key obtained by xkeycaps is 7.


Where is the problem?

This is my first post and I hope to help you in a few time. Thank you 
very much.


Carlos.

This is my dmesg result:

OpenBSD 3.7 (GENERIC) #312: Mon Mar 21 00:14:33 MST 2005
   [EMAIL PROTECTED]:/usr/src/sys/arch/sparc/compile/GENERIC
real mem = 33214464
avail mem = 25190400
using 200 buffers containing 1658880 bytes of memory
bootpath: 
/[EMAIL PROTECTED],1000/[EMAIL PROTECTED],10001000/[EMAIL PROTECTED],840/[EMAIL PROTECTED],880/[EMAIL PROTECTED],0

mainbus0 (root): SUNW,SPARCstation-4
cpu0 at mainbus0: MB86904 @ 110 MHz, on-chip FPU
cpu0: 16K instruction (32 b/l), 8K data (16 b/l) cache enabled
obio0 at mainbus0
clock0 at obio0 addr 0x7120: mk48t08 (eeprom)
timer0 at obio0 addr 0x71d0 delay constant 52
zs0 at obio0 addr 0x7110 pri 12, softpri 6
zstty0 at zs0 channel 0
zstty1 at zs0 channel 1
zs1 at obio0 addr 0x7100 pri 12, softpri 6
zskbd0 at zs1 channel 0: keyboard, type 5, layout 0x2a
wskbd0 at zskbd0: console keyboard
zstty2 at zs1 channel 1: mouse
slavioconfig at obio0 addr 0x7180 not configured
auxreg0 at obio0 addr 0x7190
power0 at obio0 addr 0x7191
fdc0 at obio0 addr 0x7140 pri 11, softpri 4: chip 82077
iommu0 at mainbus0 addr 0x1000: version 0x4/0x0, page-size 4096, 
range 64MB

sbus0 at iommu0: clock = 22 MHz
dma0 at sbus0 slot 4 offset 0x840: rev 2
esp0 at dma0 offset 0x880 pri 4: ESP200, 40MHz, SCSI ID 7
scsibus0 at esp0: 8 targets
sd0 at scsibus0 targ 3 lun 0: FUJITSU, MAN3184MC, 5508 SCSI3 0/direct 
fixed

sd0: 17366MB, 29694 cyl, 2 head, 598 sec, 512 bytes/sec, 35566478 sec total
cd0 at scsibus0 targ 6 lun 0: TOSHIBA, XM-4101TASUNSLCD, 1755 SCSI2 
5/cdrom removable

bpp0 at sbus0 slot 4 offset 0xc80: DMA2
ledma0 at sbus0 slot 4 offset 0x8400010: rev 2
le0 at ledma0 offset 0x8c0 pri 6: address 08:00:20:7b:13:e6
le0: 16 receive buffers, 4 transmit buffers
tcx0 at sbus0 slot 2 offset 0x80: 1152x900, id 0, rev 2, sense 0
wsdisplay0 at tcx0: console (std, sun emulation), using wskbd0
power-management at sbus0 slot 3 offset 0xa00 not configured
root on sd0a
rootdev=0x700 rrootdev=0x1100 rawdev=0x1102

Re: Keyboard issue

[Vladislav Belogrudov]

do you have problem in bash, ksh, csh, emacs ?
Each of the apps has its own tricks for 8 bit or uft-8
handling. 

--- Carlos Zumajo [EMAIL PROTECTED] wrote:

 Hi all.
 
 I have installed OpenBSD 3.7 on SparcStation 4. The
 installation process 
 finished successfully.
 
 But I have a issue with keyboard. My keyboard is
 type5 spanish.  In the 
 login field, X or console, I can write the Q
 letter. After I login 
 with normal user this key don4t work, only beep.
 When I4m root this key 
 work as spected, but arrows  keys don4t work
 
  From normal user I tried wsconsctl to turn to
 spanish encoding and I 
 have no errors, but this key Q, only beep. I do
 the same with kbd but 
 I have no differences.
 
 In a X, I tried XKeycaps, and the keyboard detected
 is a PC with 104 
 keys. When I change this by  keyboard Sun
 Microsystems Type 5 
 OpenWindows Spanish layout and write changes, there
 are no working keys. 
 All the keys are mapping different that I can see in
 Xkeycaps. For 
 example, if I press H the key obtained by xkeycaps
 is 7.
 
 Where is the problem?
 
 This is my first post and I hope to help you in a
 few time. Thank you 
 very much.
 
 Carlos.
 
 This is my dmesg result:
 
 OpenBSD 3.7 (GENERIC) #312: Mon Mar 21 00:14:33 MST
 2005


[EMAIL PROTECTED]:/usr/src/sys/arch/sparc/compile/GENERIC
 real mem = 33214464
 avail mem = 25190400
 using 200 buffers containing 1658880 bytes of memory
 bootpath: 

/[EMAIL PROTECTED],1000/[EMAIL PROTECTED],10001000/[EMAIL 
PROTECTED],840/[EMAIL PROTECTED],880/[EMAIL PROTECTED],0
 mainbus0 (root): SUNW,SPARCstation-4
 cpu0 at mainbus0: MB86904 @ 110 MHz, on-chip FPU
 cpu0: 16K instruction (32 b/l), 8K data (16 b/l)
 cache enabled
 obio0 at mainbus0
 clock0 at obio0 addr 0x7120: mk48t08 (eeprom)
 timer0 at obio0 addr 0x71d0 delay constant 52
 zs0 at obio0 addr 0x7110 pri 12, softpri 6
 zstty0 at zs0 channel 0
 zstty1 at zs0 channel 1
 zs1 at obio0 addr 0x7100 pri 12, softpri 6
 zskbd0 at zs1 channel 0: keyboard, type 5, layout
 0x2a
 wskbd0 at zskbd0: console keyboard
 zstty2 at zs1 channel 1: mouse
 slavioconfig at obio0 addr 0x7180 not configured
 auxreg0 at obio0 addr 0x7190
 power0 at obio0 addr 0x7191
 fdc0 at obio0 addr 0x7140 pri 11, softpri 4:
 chip 82077
 iommu0 at mainbus0 addr 0x1000: version 0x4/0x0,
 page-size 4096, 
 range 64MB
 sbus0 at iommu0: clock = 22 MHz
 dma0 at sbus0 slot 4 offset 0x840: rev 2
 esp0 at dma0 offset 0x880 pri 4: ESP200, 40MHz,
 SCSI ID 7
 scsibus0 at esp0: 8 targets
 sd0 at scsibus0 targ 3 lun 0: FUJITSU, MAN3184MC,
 5508 SCSI3 0/direct 
 fixed
 sd0: 17366MB, 29694 cyl, 2 head, 598 sec, 512
 bytes/sec, 35566478 sec total
 cd0 at scsibus0 targ 6 lun 0: TOSHIBA,
 XM-4101TASUNSLCD, 1755 SCSI2 
 5/cdrom removable
 bpp0 at sbus0 slot 4 offset 0xc80: DMA2
 ledma0 at sbus0 slot 4 offset 0x8400010: rev 2
 le0 at ledma0 offset 0x8c0 pri 6: address
 08:00:20:7b:13:e6
 le0: 16 receive buffers, 4 transmit buffers
 tcx0 at sbus0 slot 2 offset 0x80: 1152x900, id
 0, rev 2, sense 0
 wsdisplay0 at tcx0: console (std, sun emulation),
 using wskbd0
 power-management at sbus0 slot 3 offset 0xa00
 not configured
 root on sd0a
 rootdev=0x700 rrootdev=0x1100 rawdev=0x1102
 
 





Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs 

Re: The Care and Feeding of OpenBSD

[Artur Grabowski]

Will H. Backman [EMAIL PROTECTED] writes:

   4. Version Upgrades: This will usually happen once a year given the
 life
   cycle of OpenBSD.  As far as I can tell, the best practice is to
 read
   the upgrade FAQ that comes out with each release, and in general
 fresh
   install with hand merging of old config files is preferred.
  
  FAQ 1.7. - The OpenBSD team makes a new release every six months,
 with
  target
  release dates in May and November. 
  
 
 Sorry, I should have been more specific.  Yes, OpenBSD produces a new
 release more often, but many people don't want to upgrade until support
 ends for their release.  Given the length of support for any particular
 release, one can expect to be at least upgrading every year.

You should upgrade as often as you can. small steps often hurt much less
than big steps rarely.

//art

Re: OpenBSD on Dell Dimension 2400 or 3000?

[Johan P . Lindström]

On 8/17/05, Chris Zakelj [EMAIL PROTECTED] wrote:
 Kevin wrote:
 
 A friend needs to order a basic computer with a good warranty,
 to run as a very basic OpenBSD 3.7 firewall for a cablemodem.
 I'd put one together from parts, but I don't relish doing won't boot
 hardware support from 1600 miles away.
 
 Looking at the Dell Dimension line (probably the 2400 or 3000)
 one concern is that I don't see *any* reports, success or failure,
 running OpenBSD on this particular product?
 
 One reason to choose the Dell (with a CPU that is way overkill) is
 that the box may be eventually repurposed as an XP desktop...
 
 
 Alternately, any other suggestions for a US mail order PC
 vendor with fair prices, quick turnaround, a hardware warranty
 and a pre-built small tower which will reliably run OpenBSD?
 
 This is just going to get shoved under a desk, so rackmount
 is not a consideration, and it doesn't need to be perfectly quiet.
 
 
 Thanks,
 
 Kevin
 
 I used one of the Dell Optiplex line about 2 years ago to build a
 firewall at a chemical plant.  I specifically asked my boss to get me
 the bloody cheapest thing he could that had a PCI slot, and that's what
 I ended up with.  As long as you stick to the hardware compatibility
 list, you shouldn't have any trouble.  I will note that when I built
 that firewall, the embedded NIC was an xl, which of course threw out all
 sorts of Command not completed errors.  Whether or not that is still a
 problem on current kernels (this was built in the 3.3 days), I couldn't
 tell you, as my current home firewall has an rl and an fxp in it.
 
 

I still use (in 3.7-release) several 3Com 3C905B-TX fast etherlink PCI
boards and I don't see any errs as far as I can tell.

Downloading Theo's Video

[Siju George]

Hi,

The Link

http://video.hackinthebox.org/

refferred to at

http://undeadly.org/cgi?action=articlesid=20050308040714

seems to be non-existant could some one please tell me where else I
can download the video??

Thankyou so much

kind Regards

Siju

Re: Keyboard issue

[Carlos Zumajo]

Well, in csh, the key Q (n tilde) work fine, but don4t arrow keys.

In sh, the key Q (n tilde) don4t work but ok with arrow keys.

It seems that the problem is the one that you say, at least each shell 
behaves with the keyboard of different form, but none of them works well 
absolutely.


Now I need how to configure this. I am going to search information about 
this, because I don4t know doing it.


Thanks.

Carlos.


Vladislav Belogrudov wrote:


do you have problem in bash, ksh, csh, emacs ?
Each of the apps has its own tricks for 8 bit or uft-8
handling. 


--- Carlos Zumajo [EMAIL PROTECTED] wrote:



Hi all.

I have installed OpenBSD 3.7 on SparcStation 4. The
installation process 
finished successfully.


But I have a issue with keyboard. My keyboard is
type5 spanish.  In the 
login field, X or console, I can write the Q
letter. After I login 
with normal user this key don4t work, only beep.
When I4m root this key 
work as spected, but arrows  keys don4t work


From normal user I tried wsconsctl to turn to
spanish encoding and I 
have no errors, but this key Q, only beep. I do
the same with kbd but 
I have no differences.


In a X, I tried XKeycaps, and the keyboard detected
is a PC with 104 
keys. When I change this by  keyboard Sun
Microsystems Type 5 
OpenWindows Spanish layout and write changes, there
are no working keys. 
All the keys are mapping different that I can see in
Xkeycaps. For 
example, if I press H the key obtained by xkeycaps

is 7.

Where is the problem?

This is my first post and I hope to help you in a
few time. Thank you 
very much.


Carlos.

This is my dmesg result:

OpenBSD 3.7 (GENERIC) #312: Mon Mar 21 00:14:33 MST
2005
  



[EMAIL PROTECTED]:/usr/src/sys/arch/sparc/compile/GENERIC


real mem = 33214464
avail mem = 25190400
using 200 buffers containing 1658880 bytes of memory
bootpath: 



/[EMAIL PROTECTED],1000/[EMAIL PROTECTED],10001000/[EMAIL 
PROTECTED],840/[EMAIL PROTECTED],880/[EMAIL PROTECTED],0


mainbus0 (root): SUNW,SPARCstation-4
cpu0 at mainbus0: MB86904 @ 110 MHz, on-chip FPU
cpu0: 16K instruction (32 b/l), 8K data (16 b/l)
cache enabled
obio0 at mainbus0
clock0 at obio0 addr 0x7120: mk48t08 (eeprom)
timer0 at obio0 addr 0x71d0 delay constant 52
zs0 at obio0 addr 0x7110 pri 12, softpri 6
zstty0 at zs0 channel 0
zstty1 at zs0 channel 1
zs1 at obio0 addr 0x7100 pri 12, softpri 6
zskbd0 at zs1 channel 0: keyboard, type 5, layout
0x2a
wskbd0 at zskbd0: console keyboard
zstty2 at zs1 channel 1: mouse
slavioconfig at obio0 addr 0x7180 not configured
auxreg0 at obio0 addr 0x7190
power0 at obio0 addr 0x7191
fdc0 at obio0 addr 0x7140 pri 11, softpri 4:
chip 82077
iommu0 at mainbus0 addr 0x1000: version 0x4/0x0,
page-size 4096, 
range 64MB

sbus0 at iommu0: clock = 22 MHz
dma0 at sbus0 slot 4 offset 0x840: rev 2
esp0 at dma0 offset 0x880 pri 4: ESP200, 40MHz,
SCSI ID 7
scsibus0 at esp0: 8 targets
sd0 at scsibus0 targ 3 lun 0: FUJITSU, MAN3184MC,
5508 SCSI3 0/direct 
fixed

sd0: 17366MB, 29694 cyl, 2 head, 598 sec, 512
bytes/sec, 35566478 sec total
cd0 at scsibus0 targ 6 lun 0: TOSHIBA,
XM-4101TASUNSLCD, 1755 SCSI2 
5/cdrom removable

bpp0 at sbus0 slot 4 offset 0xc80: DMA2
ledma0 at sbus0 slot 4 offset 0x8400010: rev 2
le0 at ledma0 offset 0x8c0 pri 6: address
08:00:20:7b:13:e6
le0: 16 receive buffers, 4 transmit buffers
tcx0 at sbus0 slot 2 offset 0x80: 1152x900, id
0, rev 2, sense 0
wsdisplay0 at tcx0: console (std, sun emulation),
using wskbd0
power-management at sbus0 slot 3 offset 0xa00
not configured
root on sd0a
rootdev=0x700 rrootdev=0x1100 rawdev=0x1102









Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs 

Re: Keyboard issue

[Vladislav Belogrudov]

If you want internationalization, start your xterm
with -en UTF-8 and 
-fn
-misc-fixed-medium-r-normal--15-140-75-75-c-90-iso10646-1

Then install bash from packages.

type in bash

   set meta-flag on
   set output-meta on
   set convert-meta off

And enjoy :)
csh does not allow editing so arrows and tab will not
work,
but tildas and umlauts will do,
tcsh and ksh have lousy support for UTF-8, all of them
just good for  8-bit encodings and need special
settings to use 8th bit.

PS: these settings can go to .Xdefaults and .inputrc .
Utf-8 fonts for xterm can be grepped with 
xlsfonts | grep 10646


--- Carlos Zumajo [EMAIL PROTECTED] wrote:

 Well, in csh, the key Q (n tilde) work fine, but
 don4t arrow keys.
 
 In sh, the key Q (n tilde) don4t work but ok with
 arrow keys.
 
 It seems that the problem is the one that you say,
 at least each shell 
 behaves with the keyboard of different form, but
 none of them works well 
 absolutely.
 
 Now I need how to configure this. I am going to
 search information about 
 this, because I don4t know doing it.
 
 Thanks.
 
 Carlos.
 
 
 Vladislav Belogrudov wrote:
 
  do you have problem in bash, ksh, csh, emacs ?
  Each of the apps has its own tricks for 8 bit or
 uft-8
  handling. 
  
  --- Carlos Zumajo [EMAIL PROTECTED] wrote:
  
  
 Hi all.
 
 I have installed OpenBSD 3.7 on SparcStation 4.
 The
 installation process 
 finished successfully.
 
 But I have a issue with keyboard. My keyboard is
 type5 spanish.  In the 
 login field, X or console, I can write the Q
 letter. After I login 
 with normal user this key don4t work, only beep.
 When I4m root this key 
 work as spected, but arrows  keys don4t work
 
  From normal user I tried wsconsctl to turn to
 spanish encoding and I 
 have no errors, but this key Q, only beep. I do
 the same with kbd but 
 I have no differences.
 
 In a X, I tried XKeycaps, and the keyboard
 detected
 is a PC with 104 
 keys. When I change this by  keyboard Sun
 Microsystems Type 5 
 OpenWindows Spanish layout and write changes,
 there
 are no working keys. 
 All the keys are mapping different that I can see
 in
 Xkeycaps. For 
 example, if I press H the key obtained by
 xkeycaps
 is 7.
 
 Where is the problem?
 
 This is my first post and I hope to help you in a
 few time. Thank you 
 very much.
 
 Carlos.
 
 This is my dmesg result:
 
 OpenBSD 3.7 (GENERIC) #312: Mon Mar 21 00:14:33
 MST
 2005

 
  
 

[EMAIL PROTECTED]:/usr/src/sys/arch/sparc/compile/GENERIC
  
 real mem = 33214464
 avail mem = 25190400
 using 200 buffers containing 1658880 bytes of
 memory
 bootpath: 
 
  
 

/[EMAIL PROTECTED],1000/[EMAIL PROTECTED],10001000/[EMAIL 
PROTECTED],840/[EMAIL PROTECTED],880/[EMAIL PROTECTED],0
  
 mainbus0 (root): SUNW,SPARCstation-4
 cpu0 at mainbus0: MB86904 @ 110 MHz, on-chip FPU
 cpu0: 16K instruction (32 b/l), 8K data (16 b/l)
 cache enabled
 obio0 at mainbus0
 clock0 at obio0 addr 0x7120: mk48t08 (eeprom)
 timer0 at obio0 addr 0x71d0 delay constant 52
 zs0 at obio0 addr 0x7110 pri 12, softpri 6
 zstty0 at zs0 channel 0
 zstty1 at zs0 channel 1
 zs1 at obio0 addr 0x7100 pri 12, softpri 6
 zskbd0 at zs1 channel 0: keyboard, type 5, layout
 0x2a
 wskbd0 at zskbd0: console keyboard
 zstty2 at zs1 channel 1: mouse
 slavioconfig at obio0 addr 0x7180 not
 configured
 auxreg0 at obio0 addr 0x7190
 power0 at obio0 addr 0x7191
 fdc0 at obio0 addr 0x7140 pri 11, softpri 4:
 chip 82077
 iommu0 at mainbus0 addr 0x1000: version
 0x4/0x0,
 page-size 4096, 
 range 64MB
 sbus0 at iommu0: clock = 22 MHz
 dma0 at sbus0 slot 4 offset 0x840: rev 2
 esp0 at dma0 offset 0x880 pri 4: ESP200,
 40MHz,
 SCSI ID 7
 scsibus0 at esp0: 8 targets
 sd0 at scsibus0 targ 3 lun 0: FUJITSU, MAN3184MC,
 5508 SCSI3 0/direct 
 fixed
 sd0: 17366MB, 29694 cyl, 2 head, 598 sec, 512
 bytes/sec, 35566478 sec total
 cd0 at scsibus0 targ 6 lun 0: TOSHIBA,
 XM-4101TASUNSLCD, 1755 SCSI2 
 5/cdrom removable
 bpp0 at sbus0 slot 4 offset 0xc80: DMA2
 ledma0 at sbus0 slot 4 offset 0x8400010: rev 2
 le0 at ledma0 offset 0x8c0 pri 6: address
 08:00:20:7b:13:e6
 le0: 16 receive buffers, 4 transmit buffers
 tcx0 at sbus0 slot 2 offset 0x80: 1152x900, id
 0, rev 2, sense 0
 wsdisplay0 at tcx0: console (std, sun emulation),
 using wskbd0
 power-management at sbus0 slot 3 offset 0xa00
 not configured
 root on sd0a
 rootdev=0x700 rrootdev=0x1100 rawdev=0x1102
 
 
  
  
  
  
  
 
 
  Start your day with Yahoo! - make it your home
 page 
  http://www.yahoo.com/r/hs 
 
 





Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs 

Re: [OpenBSD 3.7] Wireless - D-Link and Netgear WG 511T (dmesg + ifconfig -A)

[Henning Brauer]

* Z L [EMAIL PROTECTED] [2005-08-17 12:11]:
 I tried Netgear WG 511T adapter today in one laptop (old Compaq
 Prosignia 150) and the card gets detected on the fly.
 
 I tried it in a new Toshiba Satellite laptop, which has built-in
 Aetheros driver, and it does not get detected on the fly!

 How will I know that this card will work in this laptop? Why it
 doesn't get detected on the fly? What script or configuration file
 should I look at?

cbb0 at pci2 dev 4 function 0 ENE CB-1410 CardBus rev
0x01pci_intr_map: no mapping for pin A
: couldn't map interrupt

cardbus doesn't work in that machine.

-- 
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: The Care and Feeding of OpenBSD

[Will H. Backman]

 I have the following line in my crontab '(/usr/src/  cvs -q update
-PAd
 -rOPENBSD_3_7)'  If there are any updates, cron will email them to you
 (cron
 automattically emails any output to the user that owns the cron job,
so
 setup
 your aliases and optionally your .forward file)
 

I'm curious about the cvs options, specifically the -A.  The FAQ's don't
use it in their examples.  Is the -A flag preferred?  I can see why it
might be according to the cvs man page.

Re: OpenBSD on Dell Dimension 2400 or 3000?

[Matt Bettinger]

Hi.


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
 Behalf Of Kevin
 Sent: Tuesday, August 16, 2005 9:59 PM
 To: OpenBSD Misc
 Subject: OpenBSD on Dell Dimension 2400 or 3000?
 
 A friend needs to order a basic computer with a good warranty,
 to run as a very basic OpenBSD 3.7 firewall for a cablemodem.
 I'd put one together from parts, but I don't relish doing won't
 boot
 hardware support from 1600 miles away.
 
 Looking at the Dell Dimension line (probably the 2400 or 3000)
 one concern is that I don't see *any* reports, success or failure,
 running OpenBSD on this particular product?
 
 One reason to choose the Dell (with a CPU that is way overkill) is
 that the box may be eventually repurposed as an XP desktop...
 
 
 Alternately, any other suggestions for a US mail order PC
 vendor with fair prices, quick turnaround, a hardware warranty
 and a pre-built small tower which will reliably run OpenBSD?
 
 This is just going to get shoved under a desk, so rackmount
 is not a consideration, and it doesn't need to be perfectly quiet.
 

Here is a dmesg from an Dimension 3000.  Snapshot was from today taken
off of rt.fm.


OpenBSD 3.8-beta (GENERIC) #95: Tue Aug 16 18:44:40 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 2.80GHz (GenuineIntel 686-class) 2.80
GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
CF
LUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,PNI,MWAIT,CNXT-ID
real mem  = 534818816 (522284K)
avail mem = 481087488 (469812K)
using 4278 buffers containing 26845184 bytes (26216K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 11/08/04, BIOS32 rev. 0 @
0xffe90
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfeae0/160 (8 entries)
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801EB/ER LPC rev
0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xa800 0xca800/0x1800!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82865G/PE/P CPU-I/0-1 rev 0x02
vga1 at pci0 dev 2 function 0 Intel 82865G Video rev 0x02: aperture at
0xe8000
000, size 0x800
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
uhci0 at pci0 dev 29 function 0 Intel 82801EB/ER USB rev 0x02: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 Intel 82801EB/ER USB rev 0x02: irq 10
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 3 Intel 82801EB/ER USB rev 0x02: irq 11
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 Intel 82801EB/ER USB rev 0x02: irq 9
usb3 at ehci0: USB revision 2.0
uhub3 at usb3
uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub3: 8 ports with 8 removable, self powered
ppb0 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0xc2
pci1 at ppb0 bus 1
fxp0 at pci1 dev 8 function 0 Intel PRO/100 VE rev 0x02: irq 10,
address 00:13
:20:53:4e:bd
inphy0 at fxp0 phy 1: i82562ET 10/100 PHY, rev. 0
ichpcib0 at pci0 dev 31 function 0 Intel 82801EB/ER LPC rev 0x02
pciide0 at pci0 dev 31 function 1 Intel 82801EB/ER IDE rev 0x02: DMA,
channel
0 configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: ST340014A
wd0: 16-sector PIO, LBA48, 38146MB, 78125000 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: HL-DT-ST, CD-ROM GCR-8485B, 1.05 SCSI0
5/cdrom r
emovable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
Intel 82801EB/ER SMBus rev 0x02 at pci0 dev 31 function 3 not
configured
auich0 at pci0 dev 31 function 5 Intel 82801EB/ER AC97 rev 0x02: irq
3, ICH5 A
C97
ac97: codec id 0x41445370 (Analog Devices AD1980)
ac97: codec features headphone, 20 bit DAC, No 3D Stereo
audio0 at auich0
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
sysbeep0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
biomask ef65 netmask ef65 ttymask ffe7
pctr: user-level cycle counter enabled
dkcsum: wd0 matches BIOS drive 0x80
root on 

isakmp vpn configuration

[Daniel Eyholzer]

Hi there


I have an OpenBSD box that is configured as firewall and vpn gateway. The
box has two physical interfaces. One interface is the WAN interface that
connects to the internet. The other interface connects to the LAN switch
and has defined several virtual VLAN interfaces for different LAN subnets.

The basic vpn configuration works. I can connect with the Greenbow vpn
client from Windows host and reach the hosts on the LAN interfaces. In the
Greenbow vpn client configuration I can define the subnet to which I want
to tunnel to. So if I define the subnet of the vlan 2 interface in the
Greenbow vpn client, I can reach the hosts that are in the vlan 2 subnet,
if I define the subnet of the vlan 3 interface, I can reach the hosts that
are in the vlan 3 subnet. I have no control to which subnet the vpn client
has access.


My isakmpd.conf looks like thist:
# 
# Defaults section
# 

[General]
Default-phase-1-lifetime=   3600,60:86400
Default-phase-2-lifetime=   1200,60:86400

# ---
# Connections
# ---

[Phase 1]
Default=ISAKMP-clients

[Phase 2]
Passive-Connections=IPsec-clients

# -
# Phase 1 peer sections
# -

[ISAKMP-clients]
Phase=  1
Transport=  udp
Configuration=  default-main-mode
Authentication= mekmitasdigoat

# 
# Phase 2 sections
# 

[IPsec-clients]
Phase=  2
Configuration=  default-quick-mode
Local-ID=   default-route
Remote-ID=  dummy-remote

# --
# Client ID sections
# --

[default-route]
ID-type=IPV4_ADDR_SUBNET
Network=0.0.0.0
Netmask=0.0.0.0

[dummy-remote]
ID-type=IPV4_ADDR
Address=0.0.0.0


[default-main-mode]
DOI=IPSEC
EXCHANGE_TYPE=  ID_PROT
Transforms= AES-SHA-GRP2

[default-quick-mode]
DOI=IPSEC
EXCHANGE_TYPE=  QUICK_MODE
Suites= QM-ESP-AES-SHA-PFS-GR2-SUITE 


I have tried to change Network and Netmask in the [default-route] section
from 0.0.0.0 to the network and netmask of one of the vlan subnetworks, but
it does not help. I can still connect to the other subnet if I define them
in the client. Anyone knows how I can restrict access to only one of the
vlan subnets?


Thanks, Daniel

Re: The Care and Feeding of OpenBSD

[Timothy Donahue]

On Wednesday 17 August 2005 09:48 am, Will H. Backman wrote:
  I have the following line in my crontab '(/usr/src/  cvs -q update

 -PAd

  -rOPENBSD_3_7)'  If there are any updates, cron will email them to you
  (cron
  automattically emails any output to the user that owns the cron job,

 so

  setup
  your aliases and optionally your .forward file)

 I'm curious about the cvs options, specifically the -A.  The FAQ's don't
 use it in their examples.  Is the -A flag preferred?  I can see why it
 might be according to the cvs man page.

The -A option resets any tags, so you have to remember to specify the revision 
each time you run CVS.  It is found in the section for the update command.

Tim Donahue

Re: bgpd and two CARPed routers

[Manon Goo]

Thanks for clarifying this to me

Manon

--On 16. August 2005 11:12:03 +0200 Henning Brauer [EMAIL PROTECTED]
wrote:

 * Manon Goo [EMAIL PROTECTED] [2005-08-16 05:53]:

 
  instead, on your backup, use something like
   # we're the inactive one, do prepend
   match to group uplinks set prepend-self 1
  to make the AS path for routes announced by your backup router worse.
  Or use MED, that is actualy intended for these situations.
 


 Perhaps I have not understood the Implementation correctly but this
 looks  like a bug to me:

 network XX.XX.64.0/22 set med +10

 this applies to your announcements

neighbor $ISP1_ROUTER1 {
descr  Peer ISP1 R1
local-address XX.XX.213.27
announce self
tcp md5sig password XX
depend on sk0
holdtime 25
set med +10

 and this applies to the routes received from that peer.

}


 will not result in a med of 20 but  only in a med of 10

 of course, see above :)

 --
 BS Web Services, http://www.bsws.de/
 OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
 Unix is very simple, but it takes a genius to understand the simplicity.
 (Dennis Ritchie)

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: The Care and Feeding of OpenBSD

[Will H. Backman]

 -Original Message-
 From: Timothy Donahue [mailto:[EMAIL PROTECTED]
 Sent: Wednesday, August 17, 2005 10:08 AM
 To: Will H. Backman
 Cc: misc@openbsd.org
 Subject: Re: The Care and Feeding of OpenBSD
 
 On Wednesday 17 August 2005 09:48 am, Will H. Backman wrote:
   I have the following line in my crontab '(/usr/src/  cvs -q
update
 
  -PAd
 
   -rOPENBSD_3_7)'  If there are any updates, cron will email them to
you
   (cron
   automattically emails any output to the user that owns the cron
job,
 
  so
 
   setup
   your aliases and optionally your .forward file)
 
  I'm curious about the cvs options, specifically the -A.  The FAQ's
don't
  use it in their examples.  Is the -A flag preferred?  I can see why
it
  might be according to the cvs man page.
 
 The -A option resets any tags, so you have to remember to specify the
 revision
 each time you run CVS.  It is found in the section for the update
command.
 
 Tim Donahue

Ok.  I was looking at http://www.openbsd.org/anoncvs.html#EXAMPLE

Re: BSD PPPoA Hardware

[Siegbert Marschall]

Hi,

 You beat me to the post.  Unfortunately for me it doesn't support ADSL
 over ISDN.  I'm one of those poor souls that uses iDSL to connect to the
 Big-I, to far away from the CO, then I could ditch my ancient iDSL
 router.
you could give this one a try.

http://accoom.kd85.com/

iDSL is very similar to SDSL at 144kbit/s, physical layer is identical,
the differences are at the protocol layer.

there is no guarantee there, but one could experiment...


bye, Siggi.

Re: 8/13 snapshot and DHCP

[Emmett Pate]

Nuzaihan Kamalluddin wrote:


Maybe you should try a workaround, like manual setup of the ip address and
routing,

ifconfig wi0 192.168.1.x netmask 255.255.255.0
route add default 192.168.1.1

Should work, maybe there is something blocking the dhcpoffer packets from
your router, or maybe since it works in openbsd 3.7, the one that you
downloaded and comes with dhclient is probably buggy.

Regards,
Zaihan


 

I successfully installed the 8/16 snapshot at the office (which uses a 
different DHCP server) and dhclient acquires a lease with no problem. 
However, at home (using a Linksys router as the DHCP server), dhclient 
fails to get a lease.  As noted earlier, dhclient from 3.7 works fine at 
both locations.


There's nothing suspicious in /etc/dhclient.conf or 
/var/db/dhclient.leases.wi0.  I'm at a loss as to how to help debug this.


Any suggestions?

Thanks,
Emmett Buddy Pate

extracting new login.conf from /usr/src/etc in -current

[Moritz Grimm]

Hello,


since the switch to generate login.conf, things became quite a bit less 
comfortable for those following -current manually... well, at least 
for me. Since I stick to defaults whenever possible, /etc updates used 
to be quite hassle-free -- I'd simply copy over the updated file and be 
done with it, when possible. That accounts for pretty much everything, 
except for the user database, rc.local and maybe one or two other 
things. I was hoping to politely convince TPTB to provide pre-generated 
login.conf files in /usr/src/etc/etc.arch in CVS, similar to the 
MAKEDEV script.



Thanks,

Moritz

Re: 8/13 snapshot and DHCP

[Will H. Backman]

 I successfully installed the 8/16 snapshot at the office (which uses a
 different DHCP server) and dhclient acquires a lease with no problem.
 However, at home (using a Linksys router as the DHCP server), dhclient
 fails to get a lease.  As noted earlier, dhclient from 3.7 works fine
at
 both locations.
 
 There's nothing suspicious in /etc/dhclient.conf or
 /var/db/dhclient.leases.wi0.  I'm at a loss as to how to help debug
this.
 
 Any suggestions?
 
 Thanks,
 Emmett Buddy Pate

Maybe tcpdump -X -iem0 on the interface during dhcp requests. Change
the em0 to whatever your interface is.

Re: ntpd could not parse pool.ntp.org

[Mike Henker]

Before try the solution of Nick I tried what you said:

 - There is a typo in one of the nameserver ip's posted here.
 194.22_5_.52.4 does not exist.

Yes correct, are
194.224.52.6 and 194.224.52.4

 --8--
 nameserver 194.224.52.4
 nameserver 192.94.163.152
 --8--
 Please try to do a nslookup www.google.com. Does it work?

Doesn t work

 If it doesn't, first make sure your router is up and then try with any
 of the IPs above:
 $ nslookup
server IP

 www.google.com
 Doesn t work.

Really I don t understand what s happenning

Salutes,
Mike


Tobias Ulmer escribis:

Hmmm imho the dns problem should be solved before routing :)

- Mikes internet connection is up and running. He confirmed he can
traceroute one of googles ips from the openbsd box.

- There is a typo in one of the nameserver ip's posted here.
194.22_5_.52.4 does not exist.

- These are the nameservers of telefonica gathered per dig, their ips
and the result of a www.google.com lookup:

esifw3.tsai.es 194.224.52.26 OK
artemis.ttd.net 213.0.184.69 *** Can't find www.google.com: No answer
cpi-telefonica.telefonica.es 194.179.42.12 OK
ineco.nic.es 194.69.254.2 *** Can't find www.google.com: No answer
Mikes second: esifw1.tsai.es 194.224.52.4 OK
Mikes first: esifw2.tsai.es 194.224.52.6 ;; connection timed out; no
servers could be reached

I can't really test what is going on and I'm not inside the telefonica
network, but Mikes first nameserver seems to be firewalled (as nmap
tells) and does not always respond.

Mike can you please edit your /etc/resolv.conf that it looks like this:

--8--
nameserver 194.224.52.4
nameserver 192.94.163.152
--8--

The second nameserver is an open nameserver in Barcelona witch works for me.

Please try to do a nslookup www.google.com. Does it work?

If it doesn't, first make sure your router is up and then try with any
of the IPs above:

$ nslookup


server IP


www.google.com

If you find a working one put it in your resolv.conf and try
nslookup www.google.com again until it works :)

Tobias

Re: ksh + utf-8

[Christian Weisgerber]

Vladislav Belogrudov [EMAIL PROTECTED] wrote:

 I use xterm with utf-8 support and ksh.
 Whenever I start typing fast or editing in some
 non-latin
 language I get randomly squares instead of characters.
 Is utf-8 and pdksh compatible enough?

pdksh's command line editor isn't aware of UTF-8 and assumes that
each byte corresponds to exactly one character.  Yes, it will screw
up and show garbage if you write text that doesn't fit this assumption.

-- 
Christian naddy Weisgerber  [EMAIL PROTECTED]

Re: make breakage in /usr/src

[J. Lievisse Adriaanse]

On Wed, 17 Aug 2005 11:43:42 -0400
 Timothy Donahue [EMAIL PROTECTED] wrote:
 
  On Wednesday 17 August 2005 11:06 am, Dave Feustel wrote:
   I just updated via cvs(sudo cvs -q -d $CVSROOT up -r OPENBSD_3_7),
   did a 'cd /ports/src;sudo make' and got the following error:
  [snip]
  
  Ummm... you mean cd /usr/src; sudo make build right?
 Have you done an make obj?
 
  
  Anyway, your tree is borked I get no errors in /usr/src/sbin/wsconsctl after 
  running a cvs update.  I would start by dumping your cvs tree and cvs get it 
  again.
 Same here, so re-fetch the tree and you should be out of probs.
 
  
  Tim Donahue
 
 Jasper 
 
 
 -- 
 Security is decided by quality -- Theo de Raadt

Re: ntpd could not parse pool.ntp.org

[Steve Williams]

Mike Henker wrote:


Before try the solution of Nick I tried what you said:

 - There is a typo in one of the nameserver ip's posted here.
 194.22_5_.52.4 does not exist.

Yes correct, are
194.224.52.6 and 194.224.52.4

 --8--
 nameserver 194.224.52.4
 nameserver 192.94.163.152
 --8--
 Please try to do a nslookup www.google.com. Does it work?

Doesn t work

 If it doesn't, first make sure your router is up and then try with any
 of the IPs above:
 $ nslookup
server IP

 www.google.com
 Doesn t work.

Really I don t understand what s happenning

Salutes,
Mike


Tobias Ulmer escribis:


Hmmm imho the dns problem should be solved before routing :)

- Mikes internet connection is up and running. He confirmed he can
traceroute one of googles ips from the openbsd box.

- There is a typo in one of the nameserver ip's posted here.
194.22_5_.52.4 does not exist.

- These are the nameservers of telefonica gathered per dig, their ips
and the result of a www.google.com lookup:

esifw3.tsai.es 194.224.52.26 OK
artemis.ttd.net 213.0.184.69 *** Can't find www.google.com: No answer
cpi-telefonica.telefonica.es 194.179.42.12 OK
ineco.nic.es 194.69.254.2 *** Can't find www.google.com: No answer
Mikes second: esifw1.tsai.es 194.224.52.4 OK
Mikes first: esifw2.tsai.es 194.224.52.6 ;; connection timed out; no
servers could be reached

I can't really test what is going on and I'm not inside the telefonica
network, but Mikes first nameserver seems to be firewalled (as nmap
tells) and does not always respond.

Mike can you please edit your /etc/resolv.conf that it looks like this:

--8--
nameserver 194.224.52.4
nameserver 192.94.163.152
--8--

The second nameserver is an open nameserver in Barcelona witch works 
for me.


Please try to do a nslookup www.google.com. Does it work?

If it doesn't, first make sure your router is up and then try with any
of the IPs above:

$ nslookup


server IP



www.google.com

If you find a working one put it in your resolv.conf and try
nslookup www.google.com again until it works :)

Tobias



Hi,

When you type nslookupenter
does it truly say...

server IP on the screen??

That really should be something like:
# nslookup
Default Server:  somenameserver.com
Address: a.b.c.d



If it does not look like this, then you have a very fundamental problem, 
unless your particular OS does something strange...


I would recommend the following...

# nslookup
Default Server:  somenameserver.com
Address: a.b.c.d

 server ip_from_resolv.conf
www.google.com

and see what happens

Cheers,
Steve

Shtoom

[Rafael Coninck Teigão]

Hi, pp.

Has anyone tried running Shtoom (http://divmod.org/projects/shtoom) on OpenBSD?
Any success/failure story?

[]'s,
Rafael.

Re: ntpd could not parse pool.ntp.org

[Mike Henker]

Forget the last message I can add to the router the static address and 
also allow to specify a gateway. I ll do what you said Nick:


192.168.1.0 netmask 255.255.255.0 gateway 192.168.0.9

Salutes,
Mike

Nick Ryan escribis:
The static route you'll need to add will be for your internal lan eg: 
192.168.1.0 netmask 255.255.255.0 gateway 192.168.0.9
This'll tell your adsl router that to get to the 192.168.1. network it 
needs to go through the 192.168.0.9 interface of your openbsd box. Note 
this is outside interface IP address. A quick basic networking 
explanation - routers aren't too intelligent. They cannot find devices 
with IP addresses outside their ip and subnet mask range - eg your adsl 
router will automatically find devices with IP addresses 192.168.0.1 to 
254 but to find any other devices with an IP address outside this range 
it needs help - this is where static routes and gateways come in. The 
gateway address is effectively a default place that the router can go to 
to find other IP addresses  devices, but it can be overridden by a 
static route. In your case the router doesn't know where the 
192.168.1.0/24 network is so it goes to your ISP's router but as it's an 
reserved internal range, plus the fact that your ISP doesn't know your 
lan - the packets just get timed/dropped out as the ISP's router doesn't 
know what to do with them. The static route will point the adsl router 
to your openbsd box which as the internal interface is on the 
192.168.1.0/24 network it knows where to route the packets.


(Hopefully that makes sense - for a proper in depth explanation, google 
terms like mac addresses, arp packets, broadcasts) If it doesn't make 
sense let me know and I'll explain it again.


This should allow your adsl router to return packets destined for your 
internal lan to the right place.


I've just seen your reply to Diana so we know that pf isn't used. Once 
you add this static route to your adsl router your internal PC's should 
be able to access the internet.


We've still got the dns resolving issue though. It's all a bit odd and 
I'm a bit stumped.


Try the static route on the adsl router  test with a machine on your 
internal lan while I try to think what to do next.


Your internal lan pc will need to have a gateway of the 192.168.1.3 
address of your openbsd box. Note this is the internal ip address. The 
PC will need the DNS addresses from your ISP.


This is how I understand it should be:

ADSL Router
192.168.0.1 subnet 255.255.255.0 Static route 192.168.1.0 255.255.255.0 
gateway 192.168.0.9

  |  |   DMZ
  |
OpenBSD box
external interface 192.168.0.9 subnet 255.255.255.0
Default gateway in /etc/mygate of 192.168.0.1
DNS servers in /etc/resolv.conf of 194.224.52.6 and 194.225.52.4
internal interface 192.168.1.3 subnet 255.255.255.0
  |
  |  INTERNAL LAN
  |
Your PC's 192.168.1.x addresses subnet 255.255.255.0
DNS servers of 194.224.52.6 and 194.225.52.4
Default gateway of 192.168.1.3


Cheers.



Mike Henker wrote:


Answering all the points:
 Just type nslookup www.google.com and see what response you get.

connection timed out; no servers could be reached

 One of google's IPs is 66.102.7.99 if you want to test a traceroute.

Traceroute works fine with google's IPs (66.102.7.99) but if I do a 
traceroute www.google.com says connection timed out; no servers 
could be reached


 Just type nslookup www.google.com and see what response you get.
says: connection timed out; no servers could be reached

 Can you see if you can add static routes on your adsl router?

Yes I can add static routes, I suppose then I must to add 192.168.1.3?

Your internal PC's will need to be configured with a 192.168.1.x 
address (255.255.255.0 subnet) and a gateway of 192.168.1.3, and dns 
server IP's of 194.224.52.6 and 194.225.52.4

They should then be able to connect to the internet.

Actually doesn t work I suppose when I add the static route to the 
router (192.168.1.3) will work right?


Salutes,
Mike

Nick escribis:


That all looks fine.

Ping isn't really a great test of network connectivity outside of 
your own lan anymore. Most sites tend to block ping nowadays as a 
matter of course.
What you can do is usually ping your ISP's router and you can find 
this from a traceroute www.google.com command - the first hop past 
your adsl router will tend to be your isps router. You can then use 
this as a ping test.


One of google's IPs is 66.102.7.99 if you want to test a traceroute.

Can you test your dns lookups now from your openbsd box please? I 
think it'll work as you're not getting the ntpd errors any longer.


Just type nslookup www.google.com and see what response you get.

To get your machines behind the openbsd box routing through it we'll 
either need to use nat'ing or get your adsl router to static route 
all 192.168.1.x traffic through the openbsd server.


Can you see if you can add static routes on your adsl router? There's 
usually a configuration 

Re: extracting new login.conf from /usr/src/etc in -current

[Todd C. Miller]

Is it really so difficult to run mklogin.conf?

 - todd

interface groups and altq

[Jason Crawford]

Do interface groups support altq? It would appear that they do not,
but I might have a borked kernel/pfctl utility, so wanted to ask the
list to make sure. When I try to put altq on an interface group, i get
the following when parsing my pf.conf:

$ sudo pfctl -f /etc/pf.conf -n
pfctl: SIOCGIFDATA: Device not configured
$ 

However if I change the altq line to use the actual interface, it works:

$ sudo pfctl -f /etc/pf.conf -n 
$ 

here is my pf.conf and dmesg, although the simple answer will probably
be either, yes or no.

### MACROS ###
ext_if=egress
int_if=intnet

ext_ip=( $ext_if )
int_ip=( $int_if )
kyle=172.17.101.7/32
terrance=172.17.101.1/32
kenny=192.168.17.5/32
tweak=192.168.17.62/32
craig=192.168.17.61/32
wendy=192.168.17.60/32
table high_hosts { $kyle, $kenny }
table low_hosts { $tweak, $craig, $wendy }

ext_net=$ext_if:network
int_net=$int_if:network

unpriv== 1024

### OPTIONS ###
set limit states 2
set optimization aggressive
set block-policy drop
set skip on lo0

### TRAFFIC NORMALIZATION ###
scrub in all no-df random-id fragment reassemble

### QUEUEING ###
# external interface queue list
#altq on $ext_if priq queue { std_ext, high_ext, low_ext }
#queue std_ext on $ext_if priq( default, red )
#queue high_ext on $ext_if priority 10 priq( red )
#queue low_ext on $ext_if priority 0 priq( red )

# internal interface queue list
altq on le2 priq queue { std_int, high_int, low_int }
queue std_int on le2 priq( default, red )
queue high_int on le2 priority 10 priq( red )
queue low_int on le2 priority 0 priq( red )

### TRANSLATION ###

### PACKET FILTERING ###
block in log all
block out log all

pass in quick on $ext_if inet proto tcp from high_hosts port $unpriv
to $ext_ip port ssh flags S/FSRPA modulate state queue high_ext
pass in quick on $ext_if inet proto tcp from low_hosts port $unpriv
to $ext_ip port ssh flags S/FSRPA modulate state queue low_ext
pass in quick on $ext_if inet proto tcp from any port $unpriv to
$ext_ip port ssh flags S/FSRPA modulate state queue std_ext
pass in quick on $int_if inet proto tcp from high_hosts port $unpriv
to $int_ip port ssh flags S/FSRPA modulate state queue high_int
pass in quick on $int_if inet proto tcp from low_hosts port $unpriv
to $int_ip port ssh flags S/FSRPA modulate state queue low_int
pass out quick on $ext_if inet proto udp from $ext_ip to $kyle port
ntp modulate state queue high_ext
pass out quick on $ext_if inet proto udp from $ext_ip to $terrance
port domain modulate state queue high_ext
pass out quick on $ext_if inet proto tcp from $ext_ip port $unpriv to
anoncvs_hosts port 5999 flags S/FSRPA modulate state queue high_ext
pass out quick on $ext_if inet proto tcp from $ext_ip port $unpriv to
any port www flags S/FSRPA modulate state queue std_ext

OpenBSD 3.8-beta (GENERIC) #85: Sun Aug 14 13:55:19 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 3.20GHz (GenuineIntel 686-class) 3.20 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,PNI
real mem  = 133734400 (130600K)
avail mem = 115433472 (112728K)
using 1658 buffers containing 6791168 bytes (6632K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(77) BIOS, date 04/21/04, BIOS32 rev. 0 @ 0xfd880
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xfd880/0x780
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf30/176 (9 entries)
pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371FB ISA rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x1a00! 0xca000/0x1000
0xcb000/0x1000 0xdc000/0x4000! 0xe4000/0x4000!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x01
ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x01
pci1 at ppb0 bus 1
pcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x08
pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
pciide0: channel 0 ignored (disabled)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: NECVMWar, VMware IDE CDR10, 1.00 SCSI0
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
Intel 82371AB Power rev 0x08 at pci0 dev 7 function 3 not configured
vga1 at pci0 dev 15 function 0 VMware Virtual SVGA II rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
bha3 at pci0 dev 16 function 0 BusLogic MultiMaster rev 0x01: irq
11, BusLogic 9xxC SCSI
bha3: model BT-958, firmware 5.07B
bha3: sync, parity
scsibus1 at bha3: 8 targets
sd0 at scsibus1 targ 0 lun 0: VMware,, VMware Virtual S, 1.0 SCSI2
0/direct fixed
sd0: 2048MB, 261 cyl, 255 head, 63 sec, 512 bytes/sec, 4194304 sec total
sd1 at scsibus1 targ 

Re: extracting new login.conf from /usr/src/etc in -current

[Moritz Grimm]

Todd C. Miller wrote:

Is it really so difficult to run mklogin.conf?


Actually, it isn't... Sorry, I managed to actively ignore mklogin.conf 
somehow. Thanks for the pointer.



Moritz

Re: SCSI stuff

[K WESTERBACK]

Solved in the sense that 'the stuff is in the mail'.
Not yet in the sense 'hey, it's here and working!'.
:-).

 Ken

--- J.C. Roberts [EMAIL PROTECTED] wrote:

 Ken,
 
 Did the needed eclosure/carrier stuff get solved?
 
 JCR

Re: The Care and Feeding of OpenBSD

[Will H. Backman]

  2. Disaster Recovery:  Dump and Restore, or make a tar file for use
as
  an install set?
 
 make a release for every upgrade (-stable) you do, add your packages
 to sitexx.tgz. backup your data and config files regularly.
 
 
OK.  Looking at the release(8) man page...yikes!  Is this really the
best way to start backing up an OpenBSD system?

Re: OpenBSD on Dell Dimension 2400 or 3000?

[Emilio Perea]

On Tue, Aug 16, 2005 at 11:32:49PM -0500, Emilio Perea wrote:
 I've run OpenBSD on a Dimension 2400 for a short time without problems.
 
 Will send you a dmesg if I find one available in the morning.

Unfortunately, I was not able to find an unused one to install OpenBSD
on, but this is the dmesg from the 3.7 boot CD:

OpenBSD 3.7 (RAMDISK_CD) #573: Sun Mar 20 00:27:05 MST 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: Intel(R) Celeron(R) CPU 2.40GHz (GenuineIntel 686-class) 2.40 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID
real mem  = 266399744 (260156K)
avail mem = 237285376 (231724K)
using 3277 buffers containing 13422592 bytes (13108K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 12/02/03, BIOS32 rev. 0 @ 0xffe90
apm0 at bios0: Power Management spec V1.2
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfeae0/144 (7 entries)
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801DB LPC rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xb800 0xcb800/0x1800! 0xcd000/0x3000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82845G/GL rev 0x01
vga1 at pci0 dev 2 function 0 Intel 82845G/GL Video rev 0x01
wsdisplay0 at vga1: console (80x25, vt100 emulation)
uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x01: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x01: irq 10
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x01: irq 9
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x01: irq 5
ehci0: EHCI version 1.0
ehci0: companion controllers, 2 ports each: uhci0 uhci1 uhci2
usb3 at ehci0: USB revision 2.0
uhub3 at usb3
uhub3: Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
uhub3: single transaction translator
uhub3: 6 ports with 6 removable, self powered
ppb0 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0x81
pci1 at ppb0 bus 1
bce0 at pci1 dev 9 function 0 Broadcom BCM4401 rev 0x01: irq 3, address 
00:0d:56:62:3b:67
bmtphy0 at bce0 phy 1: BCM4401 10/100baseTX PHY, rev. 0
ichpcib0 at pci0 dev 31 function 0 Intel 82801DB LPC rev 0x01
pciide0 at pci0 dev 31 function 1 Intel 82801DB IDE rev 0x01: DMA, channel 0 
configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: ST380011A
wd0: 16-sector PIO, LBA48, 76293MB, 15625 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: SAMSUNG, CD-ROM SC-148A, B402 SCSI0 5/cdrom 
removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
Intel 82801DB SMBus rev 0x01 at pci0 dev 31 function 3 not configured
Intel 82801DB AC97 rev 0x01 at pci0 dev 31 function 5 not configured
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using wsdisplay0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask ffe5 netmask ffed ttymask ffef
rd0: fixed, 3800 blocks
wd0: no disk label
root on rd0a
rootdev=0x1100 rrootdev=0x2f00 rawdev=0x2f02

GMT / BST Question

[Gerald Davies]

hi all,

i've noticed my obsd box hasn't altered it's time (BST).  I'm linked using:

ln -fs /usr/share/zoneinfo/GMT /etc/localtime

and i'm using the uk pool of ntp servers.

but that's an hour behind.  Is there a recommended way to get this to
BST (I've noticed the date -dst option and the kernel options, but
I've not used them).  ideally, i would like it to automatically adjust
itself when BST ends, etc.

apologies if i've missed something and thanks in advance.

cheers,

g

Success with LinksysWPC11 v4 PCMCIA Wireless

[Will H. Backman]

Just wanted to write in about success with the Linksys WPC11 v4 PCMCIA
Wireless B card.  These were on sale at Staples for $5 USD.
Plugged it in to a 3.7 release i386 laptop.  Detected as rtw0.
Set it for dhcp to connect to an unsecured network.
Worked like a charm.
Thanks OpenBSD.

--
Will Backman - Network Administrator
Coastal Enterprises, Inc.
http://www.ceimaine.org

Re: The Care and Feeding of OpenBSD

[Timothy Donahue]

On Wednesday 17 August 2005 12:59 pm, Will H. Backman wrote:
   2. Disaster Recovery:  Dump and Restore, or make a tar file for use

 as

   an install set?
 
  make a release for every upgrade (-stable) you do, add your packages
  to sitexx.tgz. backup your data and config files regularly.

 OK.  Looking at the release(8) man page...yikes!  Is this really the
 best way to start backing up an OpenBSD system?

Best Who quantifies what makes the best backup system.  I gave you one 
option which will rapidly get your system running after something like a HD 
failure or a fat-fingered 'rm -rf /*' instead of 'rm -rf ./*'.  You need to 
decide which method works best for you, for me it was the sitexx.tgz with 
the newly installed system and tar archives of the latest and greatest 
configuration.  For you, you might want to keep a DLT tape with the packages 
you install, the release you installed, and a cpio archive of the 
configs/data.  Or you may not even care about the installed system/packages 
and may just want to keep the configs/data that you need should disaster 
strike.  This is all subjective and needs to be reviewed based upon your 
company's requirements or personal need.

Tim Donahue

Re: GMT / BST Question

[Jason Crawford]

Well, I know when I set /etc/localtime to
/usr/share/zoneinfo/US/Eastern, it automatically compensates for
daylight savings time, so I imagine if you set /etc/localtime to
/usr/share/zoneinfo/GB it would do the same, unless I'm completely
misunderstanding how the time zone files work (or that GB is Great
Britain).

Jason

On 8/17/05, Gerald Davies [EMAIL PROTECTED] wrote:
 hi all,
 
 i've noticed my obsd box hasn't altered it's time (BST).  I'm linked using:
 
 ln -fs /usr/share/zoneinfo/GMT /etc/localtime
 
 and i'm using the uk pool of ntp servers.
 
 but that's an hour behind.  Is there a recommended way to get this to
 BST (I've noticed the date -dst option and the kernel options, but
 I've not used them).  ideally, i would like it to automatically adjust
 itself when BST ends, etc.
 
 apologies if i've missed something and thanks in advance.
 
 cheers,
 
 g

Re: GMT / BST Question

[Frank Bax]

At 01:21 PM 8/17/05, Gerald Davies wrote:

i've noticed my obsd box hasn't altered it's time (BST).  I'm linked using:

ln -fs /usr/share/zoneinfo/GMT /etc/localtime



Last time I checked BST  GMT.
Didn't someone ask this same question last week?
Try looking at alternatives in  /usr/share/zoneinfo/
Like GB or Europe/London perhaps? 

Sample PF Rulesets for three interface network (cable modem, wireless, wired)

[Mark Maxey]

Does anyone have a sample ruleset for PF for a network that looks like this

A wired internal network that is nat'd to the outside world on one range 
(192.168.4.10-20) and another range that is unrouteable and can only go 
out through squid/dante (20-50).


A wireless network interface that actually can't route at all by default 
and connects through software SSL-VPN and then goes out. I'm actually 
using a netgear access point plugged straight into the interface. DHCP 
gives out ip addresses via wireless, but does not allow an end-user to 
actually route without hitting the SSL-VPN first.


An external interface connected to a cable modem using dhcp.

Re: The Care and Feeding of OpenBSD

[Will H. Backman]

 Best Who quantifies what makes the best backup system.  I gave
you
 one
 option which will rapidly get your system running after something like
a
 HD
 failure or a fat-fingered 'rm -rf /*' instead of 'rm -rf ./*'.

Sorry.  I shouldn't have used the word Best.  What I am looking to do
with this thread is to bring out some working options from the OpenBSD
community and perhaps find some consensus around a simple and robust way
to maintain OpenBSD systems.  In the end, I'd like to produce a simple
list of steps that anyone can follow, based on tools in the base system.

Matrikon Open Letter: Subscription Verification

[Randy Kondor - VP of Marketing]

To Our Valued Readers and Clients,

The problem of unsolicited email has become more than just an
annoyance to individuals and industry. To combat this issue,
we have integrated a new Email Verification Process so only
those who want to receive and download our software, industry
resources, multimedia tutorials and documents are able to so.

[Email verification link below]
 
Matrikon's resources are designed for engineers, IT personnel, 
maintenance  operations managers, project supervisors, executives
and others working in power, petrochemical, oil  gas, pulp  paper,
mining and other industries.
 
Our new mandate is to allow only those who verify their email 
address access to:

 - Industrial connectivity software
 - Troubleshooting and testing utilities
 - Process control trending and reporting software
 - Demonstration software
 - Multimedia tutorials
 - Whitepapers  datasheets
 
With the primary focus on:
 
 - Alarm management
 - Advanced process control
 - Industrial connectivity
 - Asset management
 - IT security
 - Process monitoring and data analysis
 


Email Verification Process

You are currently subscribed as [EMAIL PROTECTED]

To continue to access Matrikon software, resources, and technical
documents, automatically verify your email address by sending us
an email using the following link:

Link: mailto:[EMAIL PROTECTED] 
(Do not modify the subject line. If you are unable to use this 
link, please send an email to [EMAIL PROTECTED] and type 
'Subscribe' in the subject.)

Please Note: If you do NOT click on this link, you will NOT 
receive any further mailings from Matrikon.


 
This new Email Verification Process illustrates Matrikon's continued
commitment to ensure you only receive information that is important
to you.  Please contact me directly if you have any questions.

Kind regards,
 
Randy Kondor
Vice President of Marketing
Matrikon Inc.
Tel: (780) 448-1010
[EMAIL PROTECTED]

***

This open letter is a one-time request to verify that you wish to
receive access to Matrikon resources.
 
Matrikon, Inc. 10405 Jasper Avenue
Edmonton, Alberta, Canada, T5J 3N4
We protect your privacy:
http://www.matrikon.com/main/privacy.asp

No Sound with IBM Thinkpad 600e

[Enno Lenze]

Hi!
I am using an IBM Thinkpad 600e (2645-4AU) with a cs4610 soundchip,
running a OpenBSD 3.7 (nothing special, default installation).

(Before 3.7 i installed a 3.6 which shows the same errors as above while
booting, but the sound works, till i rebooted the first time (the
strangest part of the story).)

While booting i get a lot of errors, sound does not work. If i start a
player (mpg123) i dont get any errors, it just do not start.

I Also did not get the sound running with any linux, with windows it
works fine.

here is my dmesg:

OpenBSD 3.7-current (GENERIC) #66: Mon Aug  8 00:04:30 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Celeron (GenuineIntel 686-class, 256KB L2 cache) 364 MHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR
real mem  = 200712192 (196008K)
avail mem = 176291840 (172160K)
using 2475 buffers containing 10137600 bytes (9900K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(95) BIOS, date 11/20/99, BIOS32 rev. 0 @ 0xfd820
apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 97%
apm0: AC on, battery charge high
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xfd880/0x800
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf9e20/112 (5 entries)
pcibios0: PCI Exclusive IRQs: 11
pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371AB PIIX4 ISA
rev 0x00)
pcibios0: PCI bus #3 is the last bus
bios0: ROM list: 0xc/0xc000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x03
ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 Neomagic Magicgraph NM2200 rev 0x20
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
cbb0 at pci0 dev 2 function 0 Texas Instruments PCI1251 CardBus rev
0x00: irq 11
cbb1 at pci0 dev 2 function 1 Texas Instruments PCI1251 CardBus rev
0x00: irq 11
clcs0 at pci0 dev 6 function 0 Cirrus Logic CS4610 SoundFusion rev
0x01: irq 11
reset_codec: AC97 inputs slot ready timeout
clcs0: AC97 write fail (DCV!=0) for add=0x26 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x00 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x00 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x00 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x00 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x02 data=0x8000
clcs0: AC97 write fail (DCV!=0) for add=0x06 data=0x8000
clcs0: AC97 write fail (DCV!=0) for add=0x20 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x04 data=0x8000
clcs0: AC97 write fail (DCV!=0) for add=0x08 data=0x0f0f
clcs0: AC97 write fail (DCV!=0) for add=0x08 data=0x0f0f
clcs0: AC97 write fail (DCV!=0) for add=0x0a data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x0c data=0x8008
clcs0: AC97 write fail (DCV!=0) for add=0x0e data=0x8008
clcs0: AC97 write fail (DCV!=0) for add=0x0e data=0x8008
clcs0: AC97 write fail (DCV!=0) for add=0x20 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x10 data=0x8808
clcs0: AC97 write fail (DCV!=0) for add=0x12 data=0x8808
clcs0: AC97 write fail (DCV!=0) for add=0x14 data=0x8808
clcs0: AC97 write fail (DCV!=0) for add=0x16 data=0x8808
clcs0: AC97 write fail (DCV!=0) for add=0x18 data=0x8808
clcs0: AC97 write fail (DCV!=0) for add=0x1a data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x1c data=0x8000
clcs0: AC97 write fail (DCV!=0) for add=0x1e data=0x8000
clcs0: AC97 write fail (DCV!=0) for add=0x20 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x20 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x22 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x22 data=0x
clcs0: AC97 write fail (DCV!=0) for add=0x38 data=0x8080
clcs0: AC97 write fail (DCV!=0) for add=0x36 data=0x8080
clcs0: AC97 write fail (DCV!=0) for add=0x36 data=0x8080
clcs0: AC97 read prob. (DCV!=0) for add=0x7c
clcs0: AC97 read prob. (DCV!=0) for add=0x7e
clcs0: AC97 read prob. (DCV!=0) for add=0x00
ac97: codec id not read
clcs0: AC97 read prob. (DCV!=0) for add=0x28
clcs0: AC97 read prob. (DCV!=0) for add=0x02
clcs0: AC97 write fail (DCV!=0) for add=0x02 data=0x
clcs0: AC97 read prob. (DCV!=0) for add=0x18
clcs0: AC97 write fail (DCV!=0) for add=0x18 data=0x0808
clcs0: AC97 read prob. (DCV!=0) for add=0x1c
clcs0: AC97 write fail (DCV!=0) for add=0x1c data=0x
clcs0: AC97 read prob. (DCV!=0) for add=0x1a
clcs0: AC97 write fail (DCV!=0) for add=0x1a data=0x
pcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x02
pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: IBM-DJSA-220
wd0: 16-sector PIO, LBA, 19077MB, 39070080 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: TOSHIBA, DVD-ROM SD-C2102, 

Re: Success with LinksysWPC11 v4 PCMCIA Wireless

[psi0nik]

Will H. Backman wrote:

Just wanted to write in about success with the Linksys WPC11 v4 PCMCIA
Wireless B card.  These were on sale at Staples for $5 USD.
Plugged it in to a 3.7 release i386 laptop.  Detected as rtw0.
Set it for dhcp to connect to an unsecured network.
Worked like a charm.
Thanks OpenBSD.


Does anyone know off-hand if these work on sparc64? I don't see that 
driver specifically mentioned at http://www.openbsd.org/sparc64.html 
although I do see previous versions of the same Linksys product. I've 
got an Ultra5 doing firewall duties; it'd be nice to add WAP 
functionality for $5.


--psi0nik

Re: Need Opinion

[Carlos A. Garcia G.]

Stuart Henderson wrote:


--On 16 August 2005 16:56 +, Carlos A. Garcia G. wrote:


i have users internal with private ip and others internal with public
ip addresses lets say:

 public net usr private net usr
148.233.82.0/24   10.1.0.0/16
 |   |
internal segment
  |
  int_if
   10.1.0.1
  OpenBSD
   148.233.82.2
ext_if
|
GATEWAY===INTERNET



I think you'll want to have two internal network interfaces, one for 
each network. Then bridge the network with public addresses to ext_if, 
and NAT the private addresses. These two internal interfaces can 
either be physical, or (if you have a suitable switch) they can be vlan.



in the int_if and port redirection to have an transparent squid here



rdr on a bridge can be difficult (I never managed to find the correct 
way to use ftp-proxy on a bridging firewall and ended up using 
ftpsesame instead) - you'll make life a lot simpler by not using 
transparent proxy on the network with private addresses, if that's 
possible.



do i need to set up routing daemons?



No, not for this.



ok what i have done is this

private users 
172.16.0.0/16  +=== int_ifPRIVATE 172.16.0.1/32
public users
switch += 
ext_if 148.233.81.2==ROUTER

148.233.82.0/24=== +===int_ifPUBLIC 148.233.82.254/32

now from the internal i can do everithign private ping and get to 
internet, but the public ip get to te int_ifPUBLIC and even to ext_if 
but can not reach to internet not mention the ROUTER so what can be the 
problem?

Re: problem with fxp and half-duplex

[Adam]

On Wed, 17 Aug 2005 17:11:08 +0200 Ulrich Kahl [EMAIL PROTECTED]
wrote:

 Hello,
 
 I have tried to configure an intel PRO/100 S nic (intel 82550) to use
 10baseT (works) and half-duplex (don't work).
 
 I use the following command line:
 
 $ ifconfig fxp0 media 10baseT mediaopt half-duplex
 
 and get the message:
 
   ifconfig: SIOCSIFMEDIA: Invalid argument
 
 If I use full-duplex instead, no error message appears.
 It doesn't make a difference, if the interface is put down first or
 settings added to /etc/hostname.fxp0. Do I miss here anything or is it
 a bug or my system?

If you don't set full-duplex, then it is half-duplex.  Just do:
ifconfig fxp0 media 10baseT

Adam

Re: The Care and Feeding of OpenBSD

[Henning Brauer]

* Will H. Backman [EMAIL PROTECTED] [2005-08-17 20:18]:
  Best Who quantifies what makes the best backup system.  I gave
 you
  one
  option which will rapidly get your system running after something like
 a
  HD
  failure or a fat-fingered 'rm -rf /*' instead of 'rm -rf ./*'.
 
 Sorry.  I shouldn't have used the word Best.  What I am looking to do
 with this thread is to bring out some working options from the OpenBSD
 community and perhaps find some consensus around a simple and robust way
 to maintain OpenBSD systems.  In the end, I'd like to produce a simple
 list of steps that anyone can follow, based on tools in the base system.

like, reading the dump and restore manpages?

-- 
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: interface groups and altq

[Henning Brauer]

* Jason Crawford [EMAIL PROTECTED] [2005-08-17 18:47]:
 Do interface groups support altq?

in the sense of queuing on interface groups, no, not really.

-- 
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: tinyproxy on soekris

[Henning Brauer]

* Bolke de Bruin [EMAIL PROTECTED] [2005-08-17 20:12]:
 I have been trying to get 'tinyproxy' working on a soekris box
 Now as this works on the GENERIC kernel on a standard install

well, then just use a GENERIC kernel and a standard install on the 
soekris and stop masturbating over a few saved bytes


-- 
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: ntpd could not parse pool.ntp.org

[Nick Ryan]

Congratulations!!

I don't know what else we can try with getting dns lookups to work on 
your openbsd box.


We've:

Checked /etc/resolv.conf   --this should have been the likely cause
Checked /etc/hostname.rl1 and rl0   --subnets are ok
Checked /etc/mygate   --this is the adsl router IP
Checked that pf isn't running  --proved by running pfctl -vvsall

We've not looked in /etc/hosts but its really unlikely this'd be a 
problem as we've been testing with different hosts.


Is there anyone else on the mailing list with any suggestions?

We know that the network is routing properly and that the dnsservers 
work as other machines are working both through the openbsd and without it.



Cheers - Nick



Mike Henker wrote:


Something begin to work! Nick after add the static route:
 192.168.1.0 netmask 255.255.255.0 gateway 192.168.0.9

And put my wife PC with the config you said:
 Your PC's 192.168.1.x addresses subnet 255.255.255.0
 DNS servers of 194.224.52.6 and 194.225.52.4
 Default gateway of 192.168.1.3

It works!!


I m trying what Steve Williams said about to try nslookup from the 
firewall but doesn t work. I had an idea, I have a linux machine and 
used 2 different IPs and the nslookup works without probs, for this 
reason I suppose must to be a  problem from the firewall, exactly what 
I did was:


With the PC with Linux installed:

- I used the IP 192.168.0.50  (conecting the PC directly to the router)
- I used the IP 192.168.1.50 (conecting the PC directly to the hub 
-the internal LAN where is also connected my wife's PC)


And with both IP the nslookup works correctly, I can t understand why 
if I do the nslookup from the firewall says all the time connection 
timed out; no servers could be reached.


Regards,
Mike


Nick Ryan escribis:

The static route you'll need to add will be for your internal lan eg: 
192.168.1.0 netmask 255.255.255.0 gateway 192.168.0.9
This'll tell your adsl router that to get to the 192.168.1. network 
it needs to go through the 192.168.0.9 interface of your openbsd box. 
Note this is outside interface IP address. A quick basic networking 
explanation - routers aren't too intelligent. They cannot find 
devices with IP addresses outside their ip and subnet mask range - eg 
your adsl router will automatically find devices with IP addresses 
192.168.0.1 to 254 but to find any other devices with an IP address 
outside this range it needs help - this is where static routes and 
gateways come in. The gateway address is effectively a default place 
that the router can go to to find other IP addresses  devices, but 
it can be overridden by a static route. In your case the router 
doesn't know where the 192.168.1.0/24 network is so it goes to your 
ISP's router but as it's an reserved internal range, plus the fact 
that your ISP doesn't know your lan - the packets just get 
timed/dropped out as the ISP's router doesn't know what to do with 
them. The static route will point the adsl router to your openbsd box 
which as the internal interface is on the 192.168.1.0/24 network it 
knows where to route the packets.


(Hopefully that makes sense - for a proper in depth explanation, 
google terms like mac addresses, arp packets, broadcasts) If it 
doesn't make sense let me know and I'll explain it again.


This should allow your adsl router to return packets destined for 
your internal lan to the right place.


I've just seen your reply to Diana so we know that pf isn't used. 
Once you add this static route to your adsl router your internal PC's 
should be able to access the internet.


We've still got the dns resolving issue though. It's all a bit odd 
and I'm a bit stumped.


Try the static route on the adsl router  test with a machine on your 
internal lan while I try to think what to do next.


Your internal lan pc will need to have a gateway of the 192.168.1.3 
address of your openbsd box. Note this is the internal ip address. 
The PC will need the DNS addresses from your ISP.


This is how I understand it should be:

ADSL Router
192.168.0.1 subnet 255.255.255.0 Static route 192.168.1.0 
255.255.255.0 gateway 192.168.0.9

  |  |   DMZ
  |
OpenBSD box
external interface 192.168.0.9 subnet 255.255.255.0
Default gateway in /etc/mygate of 192.168.0.1
DNS servers in /etc/resolv.conf of 194.224.52.6 and 194.225.52.4
internal interface 192.168.1.3 subnet 255.255.255.0
  |
  |  INTERNAL LAN
  |
Your PC's 192.168.1.x addresses subnet 255.255.255.0
DNS servers of 194.224.52.6 and 194.225.52.4
Default gateway of 192.168.1.3


Cheers.



Mike Henker wrote:


Answering all the points:
 Just type nslookup www.google.com and see what response you get.

connection timed out; no servers could be reached

 One of google's IPs is 66.102.7.99 if you want to test a traceroute.

Traceroute works fine with google's IPs (66.102.7.99) but if I do a 
traceroute www.google.com says connection timed out; no servers 
could be reached


 Just type nslookup www.google.com and see 

Re: interface groups and altq

[Jason Crawford]

On 8/17/05, Henning Brauer [EMAIL PROTECTED] wrote:
 * Jason Crawford [EMAIL PROTECTED] [2005-08-17 18:47]:
  Do interface groups support altq?
 
 in the sense of queuing on interface groups, no, not really.
 
Is this a work in progress? Planned but after 3.8? Or is this not possible?

Thanks,
Jason

Re: The Care and Feeding of OpenBSD

[Will H. Backman]

  list of steps that anyone can follow, based on tools in the base
system.
 
 like, reading the dump and restore manpages?
 

Do you use dump and restore, or are you just giving and example?

What about partition table backup?

Re: The Care and Feeding of OpenBSD

[knitti]

On 8/17/05, Will H. Backman [EMAIL PROTECTED] wrote:
 OK.  Looking at the release(8) man page...yikes!  Is this really the
 best way to start backing up an OpenBSD system?
 

it is not _that_ hard. do it once, and you'll know how.


--knitti

Re: The Care and Feeding of OpenBSD

[knitti]

On 8/17/05, Will H. Backman [EMAIL PROTECTED] wrote:
   list of steps that anyone can follow, based on tools in the base
 system.
 
  like, reading the dump and restore manpages?
 
 Do you use dump and restore, or are you just giving and example?
 
 What about partition table backup?

well, this also depends. I use pax with cpio. you can dump, you can rsync,
whatever. i don't worry about the partition table, the installer takes care of
making a new one. obviously, I don't need to have the exact same layout.


--knitti

Re: extracting new login.conf from /usr/src/etc in -current

[Christian Weisgerber]

Moritz Grimm [EMAIL PROTECTED] wrote:

 since the switch to generate login.conf, things became quite a bit less 
 comfortable for those following -current manually... well, at least 
 for me. Since I stick to defaults whenever possible, /etc updates used 
 to be quite hassle-free -- I'd simply copy over the updated file and be 
 done with it, when possible.

# cd /usr/src/etc
# export DESTDIR=/var/tmp/temproot
# mkdir $DESTDIR
# make distribution-etc-root-var
# unset DESTDIR

... and compare /etc vs $DESTDIR/etc.
Or use ports/sysutils/mergemaster, which does all that.

-- 
Christian naddy Weisgerber  [EMAIL PROTECTED]

altq on multiple interfaces

[Fridtjof Busse]

Hi
I'm currently trying to enhance my altq-rules and I apologize in
advance if this is a FAQ, but I definitly googled:
So far, I used priq on my internal and external interface to prioritize
VoIP over SSH over mail over everything else. But now I have a third
interface that sometimes consumes a lot of traffic and is thus killing
VoIP. Is there a simple way to basically say everything that enters my
router, no matter which internal interface it uses, has to follow these
rules? The two internal interfaces are different Class-C nets and they
have to stay this way. And traffic that comes from the router but not
from the internet should be able to use the full FastEthernet bandwidth
and not just the SDSL-speed configured in altq.
Is there any way to do this without having to use two sets
of rules for incoming traffic? 
The FAQ only lists a CBQ example for a system with more than 2
interfaces and I'd really like to stay with priq. Or do I have to
switch to CBQ? 
Thanks :) 
-- 
Fridtjof Busse

Re: GMT / BST Question

[Andy Hayward]

 i've noticed my obsd box hasn't altered it's time (BST).  I'm linked using:
 
 ln -fs /usr/share/zoneinfo/GMT /etc/localtime

Try /usr/share/zoneinfo/GB instead.

-- ach

Re: The Care and Feeding of OpenBSD

[Matthias Kilian]

On Wed, Aug 17, 2005 at 03:25:56PM -0400, Will H. Backman wrote:
  like, reading the dump and restore manpages?
  
 
 Do you use dump and restore, or are you just giving and example?

Can't speak for Henning, but I use dump(8) and restore(8) at home,
on a server I rented from Strato, and for some boxes at our customer
(the latter running linux).

Depending on hardware and infrastructure, you can dump(8) to tape,
to a separate disk (that's not very safe, though), to a remote
machine via ssh, or to an ftp server. I do this all day from
/etc/daily.local or via a separate cronjob, and I never had any
problems, even when dumping mounted filesystems.

IMHO, one of the neat things in dump(8) and restore(8) is that you
get an file listing really fast in contrast to backups based on
tar(1), where you have to read the *complete* archive.


 What about partition table backup?

Why? If you have some files removed or destroyed by accident, you
don't need the partition table for a restore. If one of your disks
is damaged, you get a new one and have to use fdisk(8) and disklabel(8)
anyways, and the labels of all mounted disks are in /var/backups,
i.e. at least on the archive of your last full dump.

Ciao,
Kili

Re: The Care and Feeding of OpenBSD

[scorch]

Will H. Backman said the following on 2005-08-17 21:25:


Do you use dump and restore, or are you just giving and example?

What about partition table backup?
 

I do it using this script below. its proved to be sufficient for a 
restore, except for re-creating the mysql.sock on recovery. I recall 
somebody else had a bootable CD with an embedded SSH server, that would 
actually be pretty handy too...


_*DRP method:*_
boot from official CD. don't install but drop to shell.
use files in $dump/configuration to create disklabel
then, to recover each filesystem, I do:
   newfs /dev/wd0x
   mount /dev/wd0x /mnt
   cd /mnt
   /sbin/restore -vrf 20050626.full.partition.dump
 that was enough.

YMMV but at least you can get started.

cheers, scorch
--
out of the frying pan and into the fire



#/bin/sh
echo full dump of var root home usr
echo ===

dump=/tmp/backup/`hostname -s`
today=`/bin/date +%Y%m%d`
rm -rf $dump
mkdir -p $dump/configuration
/sbin/chown -R root:wheel $dump
/bin/chmod -R g+rw $dump
cd $dump

echo backing up configuration
echo ===
/sbin/disklabel wd0  configuration/disklabel 21
/bin/cp /etc/fstab configuration/
/bin/cp /etc/host* configuration/
/bin/cp /etc/my* configuration/
/bin/cp /etc/resolv.conf configuration/
/bin/cp /var/run/dmesg.boot configuration/
/bin/df -ih  configuration/df
/bin/tar cpf - /etc configuration | bzip2 -c9  $today.configuration.tar.bz2

echo backing up mysql
echo ===
mysqldump --user root --password='your_pwd_here' --all-databases 
--verbose --single-transaction --flush-logs=TRUE --compress=TRUE | bzip2 
-c9  $today.full.mysql.bz2


echo backing up core filesystems
echo ===

/sbin/dump -0uaf  - /var  | bzip2  $today.full.var.dump.bz2
/sbin/dump -0uaf  - / | bzip2  $today.full.root.dump.bz2
/sbin/dump -0uaf  - /home | bzip2  $today.full.home.dump.bz2
/sbin/dump -0uaf  - /usr  | bzip2  $today.full.usr.dump.bz2

echo ===
echo dump completed

Re: The Care and Feeding of OpenBSD

[Will H. Backman]

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
 Matthias Kilian
 Sent: Wednesday, August 17, 2005 4:18 PM
 To: misc@openbsd.org
 Subject: Re: The Care and Feeding of OpenBSD
 
 On Wed, Aug 17, 2005 at 03:25:56PM -0400, Will H. Backman wrote:
   like, reading the dump and restore manpages?
  
 
  Do you use dump and restore, or are you just giving and example?
 
 Can't speak for Henning, but I use dump(8) and restore(8) at home,
 on a server I rented from Strato, and for some boxes at our customer
 (the latter running linux).
 
 Depending on hardware and infrastructure, you can dump(8) to tape,
 to a separate disk (that's not very safe, though), to a remote
 machine via ssh, or to an ftp server. I do this all day from
 /etc/daily.local or via a separate cronjob, and I never had any
 problems, even when dumping mounted filesystems.
 
 IMHO, one of the neat things in dump(8) and restore(8) is that you
 get an file listing really fast in contrast to backups based on
 tar(1), where you have to read the *complete* archive.
 
 
  What about partition table backup?
 
 Why? If you have some files removed or destroyed by accident, you
 don't need the partition table for a restore. If one of your disks
 is damaged, you get a new one and have to use fdisk(8) and
disklabel(8)
 anyways, and the labels of all mounted disks are in /var/backups,
 i.e. at least on the archive of your last full dump.
 
 Ciao,
   Kili

I want to thank people for their input so far.  Here is what I have so
far:

Seems like the FAQ http://www.openbsd.org/faq/faq14.html#Backup gives a
good script for basic system backup and restore.

As for change management, it looks like adding files to /etc/changelist
might work fairly well for starters.

Tracking stable seems to be a matter of unpacking the source and then
keeping up to date using cron job to fetch through anoncvs.  Because
there might be some confusion about the need to reboot after building
updates, reboot just in case.  A generic plan would assume that src,
XF4, and ports are all part of the picture.  Packages can now be updated
instead of removed and re-installed thanks to new pkg_add options,
although config files might still need hand merging.

Release upgrades should be done at every release through the upgrade
option during the install, merge config files by hand.  Special cases
may require fresh install, so read the release notes first.

Re: The Care and Feeding of OpenBSD

[Henning Brauer]

* Will H. Backman [EMAIL PROTECTED] [2005-08-17 21:50]:
   list of steps that anyone can follow, based on tools in the base
 system.
  like, reading the dump and restore manpages?
 Do you use dump and restore

of course

 What about partition table backup?

there is a copy of the disklabel in /var/backups and thus in the backup

-- 
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: Major Surprise with xdm on 3.7

[Baldur Sigurðsson]

Henning Brauer wrote:

* Matthias Kilian [EMAIL PROTECTED] [2005-08-16 22:58]:


On Tue, Aug 16, 2005 at 07:26:38PM +, Baldur Sigurpsson wrote:
[...]


Clever. A password-protected power switch...



Actually, I have configured the bios on my laptop to ask for a password 
before even loading any kernel or doing anything, and it was quite 
simple actually. not only is it good for security reasons, but it also 
gives me time to hit f12 or f2 to choose the boot-device or enter 
bios-setup;)


Indeed, very secure. If I've physical access to your laptop, all I
need is a screwdriver to open it, pull out the disk and connect it
to another machine.


hmm... I have to say, you got me there :/

/me opens his head with a screwdriver

at least it is good for the timing thing, and one could not do this 
without some time alone with the laptop, anonther computer, and, 
ofcourse, a screwdriver;)
this hack would be easy if the someone would steel the laptop, but if 
someone would want a short look into it behind my back in a sneaky 
manner, _that_ would become quite hard;)



why the hassle, there are master passwords for those biosses, and 
they're not that hard to find out.




Didn't I make it clear that I choose the password myself, or am I 
misunderstanding something?


Regards, Baldur

Re: Major Surprise with xdm on 3.7

[Peter Hessler]

:why the hassle, there are master passwords for those biosses, and 
:they're not that hard to find out.
:
:
:Didn't I make it clear that I choose the password myself, or am I 
:misunderstanding something?
:
:Regards, Baldur
:

The master password is in addition to the password that you chose.  
Either/or will allow you access.

Re: GMT / BST Question

[Gerald Davies]

On 8/17/05, Jason Crawford [EMAIL PROTECTED] wrote:
 Well, I know when I set /etc/localtime to
 /usr/share/zoneinfo/US/Eastern, it automatically compensates for
 daylight savings time, so I imagine if you set /etc/localtime to
 /usr/share/zoneinfo/GB it would do the same, unless I'm completely
 misunderstanding how the time zone files work (or that GB is Great
 Britain).
 
 Jason
 

doh, ta.  my mistake :D

Re: The Care and Feeding of OpenBSD

[Henning Brauer]

* Matthias Kilian [EMAIL PROTECTED] [2005-08-17 22:42]:
 Depending on hardware and infrastructure, you can dump(8) to tape,
 to a separate disk (that's not very safe, though), to a remote
 machine via ssh, or to an ftp server.

for larger scale, I am still (after years) happy with what we do:
get a backup machine with a decent raid system, and have it fetch dumps 
from the individual machines daily, written to the raid. we do this 
over ssh pipes, ymmv. It basically boils down to

system(ssh -c $cipher -l $login $sshopt -i /path/to/key $host  .
\$dump - . $level . uf -  . $partition .
 \ | gzip -9 -f -v  /backup/$host/$dumpfile 2$statsfile);

works with openbsd, solaris and linux hosts here.
the gzips eat CPU for breakfast, i get acceptable backup times using an 
amd64 on the backup host, an SMP amd64 could lower them further - 
boils down to what backup times are acceptable versus what you're 
willing to invest.

when this is done backup the raid to tape.

gives fast access to last night's backup (it is still on the raid, 
after all), and only for the rare case where you need an older dump 
you have to dig out the right tape.
we also store the monthly tapes at our bank, just in case.

-- 
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: interface groups and altq

[Henning Brauer]

* Jason Crawford [EMAIL PROTECTED] [2005-08-17 21:55]:
 On 8/17/05, Henning Brauer [EMAIL PROTECTED] wrote:
  * Jason Crawford [EMAIL PROTECTED] [2005-08-17 18:47]:
   Do interface groups support altq?
  in the sense of queuing on interface groups, no, not really.
 Is this a work in progress? Planned but after 3.8? Or is this not possible?

in theory it should be possible, but it is everything but trivial. I 
have no plans in that direction myself currently.

-- 
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

rxvt-2.7.10

[Gustavo Rios]

Hey folks,

i have obsd 3.7 installed with X i got from the official CD distro.
I have installed openmotiff in my desktop. Everything would be ok
except for the fact that rxvt does not log to utmp the user when i
invoke it from the mwm .mwmrc configuration file or from the .xession.

Example:

When i :

$ rxvt +ut

Everything work ok,

but if i do the same from .xsession, the user is not show when i issue
the w command.

Did anybody already face such a problem?

thanks.

Re: Major Surprise with xdm on 3.7

[Rod Dorman]

On Wednesday, August 17, 2005, 17:15:37, Baldur Sigurpsson wrote:
  ...
 Didn't I make it clear that I choose the password myself, or am I
 misunderstanding something?

Google for bios master password


-- 
[EMAIL PROTECTED] The avalanche has already started, it is too
Rod Dorman  late for the pebbles to vote.  Ambassador Kosh

Re: Major Surprise with xdm on 3.7

[Dave Feustel]

On Wednesday 17 August 2005 16:15, Baldur Sigurpsson wrote:
 Indeed, very secure. If I've physical access to your laptop, all I
 need is a screwdriver to open it, pull out the disk and connect it
 to another machine.

The disk password is part of the ATA interface spec. I would like you to
actually try your thought experiment of setting the password on a laptop
drive, then moving the drive to another laptop, and then trying to read
the contents of the drive without supplying the password. Let me know
if it works.

Re: tinyproxy on soekris

[Bolke de Bruin]

Henning Brauer wrote:


* Bolke de Bruin [EMAIL PROTECTED] [2005-08-17 20:12]:
 


I have been trying to get 'tinyproxy' working on a soekris box
Now as this works on the GENERIC kernel on a standard install
   



well, then just use a GENERIC kernel and a standard install on the 
soekris and stop masturbating over a few saved bytes
 


Haha, nah it wouldn't be able to handle MY size ;-)

Hard Disk Password Security Info

[Dave Feustel]

c't 8/2005, S. 172: Hard Disk Security

At Your Disservice
How ATA security functions jeopardize your data

With most notebooks it is possible to secure the hard disk against 
unauthorized access with the aid of a password. Without the latter 
the disk, even when inserted into another computer, won't divulge 
its data. In the meantime this security function has become a feature 
of all 3.5 ATA hard disks and can hence be used - and abused - on desktop PCs!

http://www.heise.de/ct/english/05/08/172/

Re: Major Surprise with xdm on 3.7

[Dave Feustel]

On Wednesday 17 August 2005 16:15, Baldur Sigurpsson wrote:
 Indeed, very secure. If I've physical access to your laptop, all I
 need is a screwdriver to open it, pull out the disk and connect it
 to another machine.

excerpted from http://www.rockbox.org/lock.html
===
Still locked?


If the above suggestions don't work, here's some background info about the disk 
lock feature: 


The disk lock is a built-in security feature in the disk. It is part of the ATA 
specification, 
and thus not specific to any brand or device. 


A disk always has two passwords: A User password and a Master password. 
Most disks support a Master Password Revision Code, which can tell you if the 
Master password has been changed, or it it still the factory default. The 
revision 
code is word 92 in the IDENTIFY response. A value of 0xFFFE means the Master 
password is unchanged. 


A disk can be locked in two modes: High security mode or Maximum security 
mode. Bit 8 in word 128 of the IDENTIFY response tell you which mode your 
disk is in: 0 = High, 1 = Maximum. 


In High security mode, you can unlock the disk with either the user or master 
password, using the SECURITY UNLOCK DEVICE ATA command. There is an 
attempt limit, normally set to 5, after which you must power cycle or 
hard-reset 
the disk before you can attempt again. 


In Maximum security mode, you cannot unlock the disk! The only way to get the 
disk back to a usable state is to issue the SECURITY ERASE PREPARE command, 
immediately followed by SECURITY ERASE UNIT. The SECURITY ERASE UNIT 
command requires the Master password and will completely erase all data on the 
disk. The operation is rather slow, expect half an hour or more for big disks. 
(Word 89 in the IDENTIFY response indicates how long the operation will take.)

Re: binpatch

[Gerardo Santana Gómez Garrido]

2005/8/16, Ingo Schwarze [EMAIL PROTECTED]:
 Hi Gerardo, hi Gaby,
 
 Gerardo Santana Gsmez Garrido wrote on Tue, Aug 16, 2005 at 08:56:39AM -0500:
  On 8/16/05, Gaby vanhegan [EMAIL PROTECTED] wrote:
 
  http://www.openbsd.org.mx/pub/binpatch/
  Has not built any patches for 3.7, despite there being 4 security
  advisories published about it.
 
  I stop to build them [ironically] because of lack of resources.
  I lost them some months ago when I was unemployed (in January).
  But you can always donate to help me buy a new hard disk/PC and
  pay my Internet bill :)
 
  Are there any other binpatch providers out there the people use?
 
 Not yet.  But recently, i ported binpatch to OpenBSD 3.7 for my
 own use.  Gerardo, would you think it useful if i put the result
 public on www.studis.de?  Would you be willing to cross-check
 in order to identify possible bugs?

It's ok for me. I think it would be useful for many people. I already
got your changes, but I haven't had the time to check them. From the
summary, they look very important.

I'm looking forward to rethink binpatch, since I built it the first
time for a more complex scenario that is not relevant. Coincidentally,
I was studying the great pkgtools by Marc Espie and it has given me
some ideas to create the patchtools ;-)

With a framework like that, users would be able to install/uninstall
patches, track the patches installed and automate updates easily,
things I have been asked for many times.

 
 We do have fast Ethernet (100 Mb/s) access to the german
 Wissenschaftsnetz and are allowed to use it for research 
 study puposes - which should in this case apply, imho.
 Of course, i cannot guarantee that our server will stand
 the load if *very* many people start using that - but i doubt
 it will generate more traffic than the several dozen mailing
 lists we are already running...

Great. It's a pitty I'm too far from Germany to benefit from it
(uploading the binary patches). But if you can afford serving the
binary patches, it would be nice to have a mirror.

I'm ordering a new hard disk right now.

Thanks Ingo.


 
 Yours,
   Ingo
 
 --
 Ingo Schwarze [EMAIL PROTECTED]
 University of Karlsruhe student organisation
 
 


-- 
Gerardo Santana

Re: Success with LinksysWPC11 v4 PCMCIA Wireless

[Jonathan Gray]

On Wed, Aug 17, 2005 at 02:05:05PM -0400, psi0nik wrote:
 Will H. Backman wrote:
 Just wanted to write in about success with the Linksys WPC11 v4 PCMCIA
 Wireless B card.  These were on sale at Staples for $5 USD.
 Plugged it in to a 3.7 release i386 laptop.  Detected as rtw0.
 Set it for dhcp to connect to an unsecured network.
 Worked like a charm.
 Thanks OpenBSD.
 
 Does anyone know off-hand if these work on sparc64? I don't see that 
 driver specifically mentioned at http://www.openbsd.org/sparc64.html 
 although I do see previous versions of the same Linksys product. I've 
 got an Ultra5 doing firewall duties; it'd be nice to add WAP 
 functionality for $5.

CardBus doesn't work on sparc64 as far as I know.

Re: 8/13 snapshot and DHCP

[Christian Jones]

On 8/17/05, Emmett Pate [EMAIL PROTECTED] wrote:
 I successfully installed the 8/16 snapshot at the office (which uses a
 different DHCP server) and dhclient acquires a lease with no problem.
 However, at home (using a Linksys router as the DHCP server), dhclient
 fails to get a lease.  As noted earlier, dhclient from 3.7 works fine at
 both locations.
 
I had similar (nearly identical) problems about a month ago using a
then-current snapshot, also with a Linksys router, with a wi(4) card,
a problem I didn't see in 3.7.  I further would recieve a console
message Discarding packet with invalid hlen at each (I think)
DHCPOFFER.

It's been a while, but I switched to static addressing and didn't
follow up (though it's on my list of bugs to report/ask about after
I have the time to put together a real report).  There's been
discussion before that some features of Linksys routers/access points
are fairly broken, and more than likely the OS won't be changed to
work with something nonstandard and unfriendly.

I'll try to get to a tcpdump and a real bug report this weekend, if
anyone else will find it helpful.
CDJ

-- 
Christian Jones
[EMAIL PROTECTED]
http://www.aleph0.com/~chjones

Re: [OpenBSD 3.7] Wireless - D-Link and Netgear WG 511T

[Z L]

 cbb0 at pci2 dev 4 function 0 ENE CB-1410 CardBus rev
 0x01pci_intr_map: no mapping for pin A
 : couldn't map interrupt
 
 cardbus doesn't work in that machine.

What do you suggest I should do? Any tips, recommendation?

Two Weird Isakmpd Issues

[Harford, Colin]

Tiamat -- Brutus -- Finance

Tiamat: OpenBSD 3.7 i386
Brutus: OpenBSD 3.7 AMD64
Finance: SonicWall

Issues are with Brutus

First Issue:

Isakmpd unexpectly exits without any error, however, sometimes the VPN
session between brutus and tiamat keeps working but no isakmpd process.
No core dump is generated...  See
http://www.ualberta.ca/~charford/debug.txt for the debug (isakmpd -d -D
A=99).  Tiamat has clients behind on nat.  Other times it does not, I
just get the following error message:

Aug 17 20:52:35 brutus isakmpd[25209]: exchange_run: doi-initiator
(0x45367200) failed

ps -aux | grep isa = blank

A quick check via tcpdump  http://www.ualberta.ca/~charford/tcpdump.txt
From netstat -rn


Encap:
Source Port  DestinationPort  Proto
SA(Address/Proto/Type/Direction)
192.168.1/24   0 XXX.xXX.XXX/24  0 0
XXX.XXX.XXX.XXX/50/use/in
XXX.XXX.XXX/24  0 192.168.1/24   0 0
XXX.XXX.XXX.XXX/50/require/out




Second Issue is setting up a VPN session between Brutus and Finance:

Isakmpd.conf and isakmpd.policy are bellow, screen shot of Finance
config see http://www.ualberta.ca/~charford/sonicwall.jpg

See the debug file (http://www.ualberta.ca/~charford/debug.txt for its
transacation as well...

# cat isakmpd.conf
#   $OpenBSD: VPN-3way-template.conf,v 1.11 2004/02/11 08:55:22 jmc
Exp $
#   $EOM: VPN-3way-template.conf,v 1.8 2000/10/09 22:08:30 angelos
Exp $
#
# A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon.
#
# This is a template file of a VPN setup between three nodes in
# a fully meshed 'three-way' configuration. Suggested use is to copy
# this file to all three nodes and then edit them accordingly.
#
# These nodes are initially called XXX, YYY and ZZZ.
#
# In pseudographics:   XXX --- YYY
# \   /
#  ZZZ
#
# In cases where IP/network addresses should be defined values like
# 192.168.XXX.nnn have been used.
#

# Incoming phase 1 negotiations are multiplexed on the source IP
# address. In the three-way VPN, we have two possible peers.

[Phase 1]
Xxx.xxx.xxx.xxx=  ISAKMP-peer-node-tiamat
Xxx.xxx.xxx.xxx=   ISAKMP-peer-node-finance

# These connections are walked over after config file parsing and
# told to the application layer so that it will inform us when
# traffic wants to pass over them.  This means we can do on-demand
# keying. In the three-way VPN, each node knows two connections.

[Phase 2]
Connections=IPsec-Conn-TIAMAT,IPsec-Conn-Finance


# ISAKMP Phase 1 peer sections
##

[ISAKMP-peer-node-tiamat]
Phase=  1
Transport=  udp
Address=xxx.xxx.xxx.xxx
Configuration=  Default-main-mode
Authentication= keyhere

[ISAKMP-peer-node-finance]
Phase=  1
Transport=  udp
Address=xxx.xxx.xxx.xxx
Configuration=  Finance-main-mode
Authentication= keyhere

# IPsec Phase 2 sections



[IPsec-Conn-Finance]
Phase=  2
ISAKMP-peer=ISAKMP-peer-node-finance
Configuration=  Finance-quick-mode
Local-ID=   BRUTUS
Remote-ID=  FINANCE

[IPsec-Conn-TIAMAT]
Phase=  2
ISAKMP-peer=ISAKMP-peer-node-tiamat
Configuration=  Default-quick-mode
Local-ID=   BRUTUS
Remote-ID=  TIAMAT


# Client ID sections


[BRUTUS]
ID-type=IPV4_ADDR_SUBNET
Network=XXX.XXX.XXX.1
Netmask=255.255.255.0

[FINANCE]
ID-type=IPV4_ADDR_SUBNET
Network=XXX.XXX.XXX.1
Netmask=255.255.255.0

[TIAMAT]
ID-type=IPV4_ADDR_SUBNET
Network=192.168.1.0
Netmask=255.255.255.0


#
# There is no more node-specific configuration below this point.
#

# Main mode descriptions

[Default-main-mode]
DOI=IPSEC
EXCHANGE_TYPE=  ID_PROT
Transforms= 3DES-SHA,3DES-MD5

[Finance-main-mode]
DOI=IPSEC
EXCHANGE_TYPE=  ID_PROT
Transforms= 3DES-MD5


# Quick mode description


[Default-quick-mode]
DOI=IPSEC
EXCHANGE_TYPE=  QUICK_MODE
Suites= QM-ESP-AES-SHA-PFS-SUITE

[Finance-quick-mode]
DOI=IPSEC
EXCHANGE_TYPE=  QUICK_MODE
Suites= QM-ESP-3DES-MD5-GRP2


# cat isakmpd.policy
Keynote-version: 2
Authorizer: POLICY
Conditions: app_domain == IPsec policy 
esp_present == yes 
esp_enc_alg != null - true;

Re: No Sound with IBM Thinkpad 600e

[Marc Wilson]

On Wed, Aug 17, 2005 at 08:17:29PM +0200, Enno Lenze wrote:
 I am using an IBM Thinkpad 600e (2645-4AU) with a cs4610 soundchip,
 running a OpenBSD 3.7 (nothing special, default installation).

No, you're not.  The 600e doesn't have a cs4610 in it.

 clcs0 at pci0 dev 6 function 0 Cirrus Logic CS4610 SoundFusion rev

Disable this device and your sound will work correctly.  It is an incorrect
hardware detection on the part of the kernel.

A minimal amount of Google would have told you this.

-- 
 Marc Wilson | How come everyone's going so slow if it's called
 [EMAIL PROTECTED] | rush hour?