Re: bgpd bug with announcing /24 networks.

[Xavier Beaudouin]

Hi Claudio,


 It looks like the output is not from the same box.
 bgpctl will always include a netmask but other tools try to be smart and
 leave them away if it is obvious. So please try to find out what kind of
 netmask the other bgp router added to his fib.

Btw on my box this seems to be ok.

But on peer router (Foundry...) seems to have not the right netmask...

 Btw it works for me:
 bgpctl network add 10.218.105.0/24
 request sent.

I will try that


 bgpctl show rib 10/8 all
 flags: * = Valid,  = Selected, I = via IBGP, A = Announced
 origin: i = IGP, e = EGP, ? = Incomplete

 flags destination gateway  lpref   med aspath origin
 ...
 *10.218.105.0/24 194.42.48.2100 0 65001 i


rib seems to be ok... since I get the right values... :/

I keep investigating that...
/Xavier

Re: BSD PPPoA Hardware

[Dylan Smith]

On Saturday 27 August 2005 16:36, Simon Morgan wrote:
 On 8/27/05, poncenby [EMAIL PROTECTED] wrote:
  i've been using an Alcatel Speedtouch usb modem with openbsd 3.7 with no
  problems. take a look...http://www.speedtouchdsl.com/prod330.htm

 How stable has it been?

I use the same modem on a Sun Ultra 5 (sparc64) running OpenBSD 3.6 - it is 
very stable, currently my ADSL line's uptime is 160 days without 
interruption.

problem with table directive in pf.conf

[vladone]

Hi!
I want to use table directive in pf.conf, but not work
My pf.conf is:

My pf.conf is: (and with attachament)
ext_if=rl0# replace with actual external interface name i.e., dc0
int_if=fxp0   # replace with actual internal interface name i.e., dc1

table list1 { 192.0.2.0/24 }

I try to load pf.conf:
#pfctl -e -f /etc/pf.conf
pf enabled
#pfctl -T show -t list1
pfctl: Table does not exist.

If i use pfctl to add entry in table, work.
#pfctl -t list1 -T add 192.168.2.0/24
1 table created.
1/1 addresses added.
#pfctl -T show -t list1
192.168.2.0/24

Another observation:
If i make an intentional mistake in pf.conf and then try to load file,
i receive an error. So file is loaded.

Where is the problem?

OpenBox in OpenBSD

[Alari Kask]

I put together some tips, to get openbox up and running quickly in  
openbsd, maybe someone find it helpful :-)


http://php.khk.tartu.ee/~alari/

Re: setting mtu on sis

[Markus Friedl]

it will work in 3.8 and later.

On Tue, Aug 30, 2005 at 12:14:32AM +0200, [EMAIL PROTECTED] wrote:
 Hello!
 
Can you please confirm if it is possible to set the mtu on cards
 using the sis driver (I have a Netgear FA311, based on the DP 83816 
 chip)?
 
I am trying to change the mtu with:
 
 # ifconfig sis1 192.168.0.3 netmask 255.255.255.0 mtu 1444
 
 but keep getting a
 
 SIOCSIFMTU: Invalid argument
 
 error. Thanks in advance for your replies.
 
 ---
 Rob
 
 
 
 
 Libero Flat, sempre a 4 Mega a 19,95 euro al mese! 
 Abbonati subito su http://www.libero.it

Re: Complete disk disaster

[Ramiro Aceves]

 I hope you are not storing any valuable data on a 10 year old hdd...
 

Yes, of course.

I have a ddefinitive answer now. After some days of use, the disk failed
again. I changed the drive to another computer, and after compiling some
ports, some disk read failures came again, causing segfaults. I was
paranoid, and just to confirm , I tried to install debian linux on it. I
  could not even fisnish the install cause some disk read failures lead
to segmentation  faults.
The disk is now disassembled on my desk. The encloruse is removed. I am
looking at the spinning disk, the heads, the control system. If is
indeed an incredible beautiful machine that the man created. Just to
destroy it, I plug the cables with the enclosure opened. I created a ffs
file system on it, I mounted it, I copyied some files on it, some were
copyied, some not, the errors were frecuent. I has been an amazing
experience seeing how heads move to find the data on the disk. The disk
is on the trash now.

2 weeks of free time wasted, but many things learned!

Thank you very much.

Tomorrow I will buy a new HD only for OpenBSD.

Ramiro.

Re: problem with table directive in pf.conf

[vladone]

I use FreeBSD 5.4, not OpenBSD. But i dont think that this is the
problem!
pf.conf have same format.

DELL Latitude D400 without X

[Uwe Dippel]

... a continuation of around a year ago
('Warning: Possible Bug in BIOS DELL Latitude D400_A06 !')
It is still valid for 3.7.
In the meantime, the problem has turned out to be really a problem of
crappy DELL BIOSes; now at A08 it still does the same:
Any activation of X freezes the machine completely with a yellowish screen.

855wrap on http://www.chzsoft.com.ar/855patch.html solves this. On Linux.
There you compile a binary and run it before starting X. On any machine.
Now I tried to do the same on OpenBSD with the expected result:'Abort trap'.
Not quite so expected was, that the source didn't want to compile on
OpenBSD 3.7:
make: don't know how to make %.c.
Stop in ..

I bet quite a few newer DELL notebooks are affected; and I appreciate any
suggestion how to make it work on OpenBSD.
I read the archives here and googled. No result.

Uwe

IBM Thinkpad X41 report?

[Alexander von Gernler]

Dear crowd,

just resumed my work on i386-laptop.html after vacation, and I noticed
we don't have any reports on the IBM/Lenovo Thinkpad X41.

Does anyone out there have this machine running under OpenBSD?
Please report.

Best,
-- 
Alexander grunk von Gernler   PGP key 0xEBC27515
http://www.de.openbsd.org/ -- Free, functional, secure

Re: isakmpd: section has no ID-type tag

[Mitja Muženič]

I don't want to be annoying but I have people breathing down my back.

Does anyone at all have a working [peer-ID] section in isakmpd.conf?

I mean something similar to:

[ABCD-peer]
Phase=1
Transport=udp
Address=aaa.bbb.ccc.ddd
Configuration=ABCD-main-mode
ID=ABCD-ID
Authentication=
 
[ABCD-ID]
ID-type=USER_FQDN
Name=yy

No matter what I put in ID-type tag, I get

001543.959050 Default ipsec_id_size: section ABCD-ID has no ID-type tag

No spaces or other additional characters anywhere. Is this a bug in parser?


i386, on 3.6-stable and -current. 

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
 On Behalf Of Mitja Muenih
 Sent: Tuesday, August 30, 2005 12:31 AM
 To: misc@openbsd.org
 Subject: isakmpd: section has no ID-type tag
 
 I've been working on this for hours after an already long 
 day, so I'm tired.
 What am I missing here?
 
 001543.953108 Misc 95 conf_get_str: [ABCD-peer]:ID-ABCD-ID
 001543.956103 Misc 95 conf_get_str: configuration value not found
 [ABCD-ID]:ID-type
 001543.959050 Default ipsec_id_size: section ABCD-ID has no 
 ID-type tag
 001543.962081 Default exchange_run: doi-initiator (0x8abf3400) failed
 
 # cat isakmpd.conf
 [Phase 1]
 aaa.bbb.ccc.ddd=ABCD-peer
 
 [Phase 2]
 Connections=ABCD-conn
 
 [ABCD-peer]
 Phase=1
 Transport=udp
 Address=aaa.bbb.ccc.ddd
 Configuration=ABCD-main-mode
 ID=ABCD-ID
 Authentication=
 
 [ABCD-ID]
 ID-type=USER_FQDN
 Name=yy
 
 [ABCD-conn]
 Phase=2
 Configuration=ABCD-quick-mode
 ISAKMP-peer=ABCD-peer
 Local-ID=default-route
 Remote-ID=ABCD-net
 
 [default-route]
 ID-type=IPV4_ADDR_SUBNET
 Network=192.168.123.0
 Netmask=255.255.255.0
 
 [KLNR-net]
 ID-type=IPV4_ADDR_SUBNET
 Network=aaa.bbb.eee.0
 Netmask=255.255.255.0
 
 [ABCD-main-mode]
 DOI=IPSEC
 EXCHANGE_TYPE=  AGGRESSIVE
 Transforms= 3DES-SHA
 
 [ABCD-quick-mode]
 DOI=IPSEC
 EXCHANGE_TYPE=  QUICK_MODE
 Suites= QM-ESP-3DES-SHA-SUITE
 
 
 Sorry for the obfuscation, had to. No additional characters 
 at the end of
 the lines in [ABCD-ID] section.
 
 Tried on 3.6-stable and latest snapshot, i386.
 
 
 Regards, Mitja

Re: problem with table directive in pf.conf

[Kiraly Zoltan]

vladone wrote:


Hi!
I want to use table directive in pf.conf, but not work
My pf.conf is:

My pf.conf is: (and with attachament)
ext_if=rl0# replace with actual external interface name i.e., dc0
int_if=fxp0   # replace with actual internal interface name i.e., dc1

table list1 { 192.0.2.0/24 }

I try to load pf.conf:
#pfctl -e -f /etc/pf.conf
pf enabled
#pfctl -T show -t list1
pfctl: Table does not exist.

If i use pfctl to add entry in table, work.
#pfctl -t list1 -T add 192.168.2.0/24
1 table created.
1/1 addresses added.
#pfctl -T show -t list1
192.168.2.0/24

Another observation:
If i make an intentional mistake in pf.conf and then try to load file,
i receive an error. So file is loaded.

Where is the problem?


 


Which OpenBSD version you use?

Re: OpenBox in OpenBSD

[Johan P . Lindström]

On 8/30/05, Alari Kask [EMAIL PROTECTED] wrote:
 I put together some tips, to get openbox up and running quickly in
 openbsd, maybe someone find it helpful :-)
 
 http://php.khk.tartu.ee/~alari/
 
 

That desktop looks very nice, thanks for the hints!

// Johan

trying for days now ... please help, don't know what's wrong with my mail server config

[Didier Wiroth]

Hi,

I'm trying to setup my own mail server with openbsd 3.7, sendmail and
cyrus-sasl-2.1.20p3.

I would like to use this server to send and receive mail with a pocketpc
phone edition (connected via gprs).

I can read mail without problems via pop3s (I'm using
dovecot-0.99.14p0).

BUT I'm not able to send mail. 

I tried two different sendmail configurations (config A + B, see below):
Common Parameters of config A and B:
define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/mycert.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl

CONFIG A:
define(`confAUTH_MECHANISMS',`CRAM-MD5 DIGEST-MD5')dnl
TRUST_AUTH_MECH(`CRAM-MD5 DIGEST-MD5')dnl
define(`confAUTH_OPTIONS', `p,y')dnl

CONFIG B:
define(`confAUTH_MECHANISMS',`PLAIN LOGIN CRAM-MD5 DIGEST-MD5')dnl
TRUST_AUTH_MECH(`PLAIN LOGIN CRAM-MD5 DIGEST-MD5')dnl

When I try to send mail via pocketpc, sendmail give the following
output:
Aug 30 13:51:18 djerba sm-mta[5618]: STARTTLS=server, error: accept
failed=-1, SSL_error=1, timedout=0, errno=0
Aug 30 13:51:18 djerba sm-mta[5618]: STARTTLS=server:
5618:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:/usr/src/lib/libssl/src/ssl/s3_pkt.c:297:
Aug 30 13:51:18 djerba sm-mta[5618]: j7UBo8vd005618: [213.13.53.38] did
not issue MAIL/EXPN/VRFY/ETRN during connection to MTA

Here is part of the tcpflow output between server and gprs client:
server to gprs client:
START OUTPUT---
mytrial.net1^X0^V^F^CU^D^C^S^Omail.mytrial.net1$0^F
*86H86w^M^A [EMAIL PROTECTED]82^A7082^A+^F^G*
86HN8^D^A082^A^^^B8181[EMAIL 
PROTECTED]|E]5|[lgR8ELhlIPzcX]H4^O^UGON!_r^
\9880^N'8ES3^O9A88@JM#:-8^X`ynY'j+,b
9E,D6wOVEv8A^B^T4^^4-q4U+-r98~*}9F*^FN^V^C^A^@;[EMAIL 
PROTECTED]@7^@@ZX^V
Y8589Pd/uoLJ92]Ke38^D{^Om94o9C8AD^C
mWFPSi99[)Wv'kST^Rb^Xt]^LvX^@|[EMAIL PROTECTED]@@^95v GNP6s^Gj3*8C+L^A
^@96^_Cbw\^U38zfBE95z$Q!}9A%)#`y#^A^S^Vs^P
V_97^?)\0S1P^D(M93[EMAIL PROTECTED],^B^Tlg
Wd*8B|{RplK^E^DP^!xB^B^T^C87[EMAIL PROTECTED]92[EMAIL PROTECTED]@[EMAIL 
PROTECTED]
D^C^D^A^B^@
[EMAIL PROTECTED]81!1^K0   ^F^CU^D^F^S^BLU1^S0^Q^F^CU^^S
Test1^S0^Q^F^CU^D^G^S
Test1^S0^Q^F^CU^D
--- END OUTPUT

After 1 minute: gprs client to server:
START OUTPUT---
EHLO eten-m500a
STARTTLS
80[EMAIL PROTECTED]@[EMAIL PROTECTED]@^P^A^@80^C^@80^E^@80^G^@@[EMAIL 
PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]
@
[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL 
PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL 
PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL 
PROTECTED]@4^
@^@:^ZUa9AQYe?^C9EJ^T^?
 IpQUIT
--- END OUPUT

That's it, tcpflow did not capture more traffic, mail session is now
terminated and mail was not send.

I really don't understand what's wrong or what I should try. I have been
searching and googling around for days now.
I would really appreciate some help.
Many thanks
Didier

Re: firewall

[terry tyson]

On 8/29/05, azizan saad [EMAIL PROTECTED] wrote:
 hello i`m z from malaysia.in my office my computer used internet explorer 
 6.so i`m try to used netscape before and everything ok., but now we cannot 
 used the netscape coz block by firewall.so can u help me how to settle this 
 problem.before that i just change the proxy no. and can used.but now 
 cannot.then we are used administrator password to change another program or 
 install something.ok that all tq

http://www.openbsd.org/faq/pf/index.html

Automatic response to your mail

[Sales]

This email has been disabled temporarily.



Please insert a 3 between the sales and the @ sign and 

try again, as sales3 at plbm dot com.



Thank you!

Kurt Dekker

PLBM Games

Re: problem with table directive in pf.conf

[vladone]

I resolv this.
To view tables if no traffic, need to put option persist:
tables list1 persist file /etc/list_addresses

Smart Array 6i RAID controller (ciss)

[Greg Petras]

I've read a few recent posts in the archive about this controller. I'm
wondering what the status of this driver is? I noticed on the
supported hardware list that it is supported, but the manpage for ciss
looks like it's saying it won't be supported until 3.8. Is anyone
actively using the driver in -current? Does it work? Does anyone have
tips for getting it working on a DL 360?

Thanks,

Greg

Re: netstat - how to show PID

[Simon Dassow]

On Tue, Aug 30, 2005 at 03:30:01PM +0200, Miroslav Kubik wrote:
 Is there a way how to show PID which belongs to the socket by netstat 
 command? I searched man pages but I haven't found any useful switch for my 
 need. I searched in Linux man pages for netstat as well and it seems that 
 Linux can do it by p switch.
 
 -p, --program
 Show the PID and name of the program to which each socket belongs.
 
 But what about OpenBSD?

man fstat

Regards,
Simon

P.S.: Missing Xref in netstat?

Re: DELL Latitude D400 without X

[Baldur Sigurðsson]

hi

use this thing:

http://damien.bergamini.free.fr/i855vidctl/

just remember to put the command in /etc/rc.securelevel because on 
openbsd you cannot access some devices you need to, in contrast to linux.


works on my dell inspiron 500m with the 855GM crap:)

Regards, Baldur

Uwe Dippel wrote:

... a continuation of around a year ago
('Warning: Possible Bug in BIOS DELL Latitude D400_A06 !')
It is still valid for 3.7.
In the meantime, the problem has turned out to be really a problem of
crappy DELL BIOSes; now at A08 it still does the same:
Any activation of X freezes the machine completely with a yellowish screen.

855wrap on http://www.chzsoft.com.ar/855patch.html solves this. On Linux.
There you compile a binary and run it before starting X. On any machine.
Now I tried to do the same on OpenBSD with the expected result:'Abort trap'.
Not quite so expected was, that the source didn't want to compile on
OpenBSD 3.7:
make: don't know how to make %.c.
Stop in ..

I bet quite a few newer DELL notebooks are affected; and I appreciate any
suggestion how to make it work on OpenBSD.
I read the archives here and googled. No result.

Uwe

Re: Routing and firewall performance on older machines?

[2ds]

Ray Percival wrote:


On Mon, Aug 29, 2005 at 05:22:13PM -0400, Peter Landry wrote:
 


Hi,

We're going to be doing some network restructuring, splitting our
internal network into 2 separate IP networks (192.168.1.0 and
192.168.2.0). We currently have a Microsoft ISA firewall for our whole
network (since it's just 1 ip network right now, 192.168.0.0). I've
suggested replacing the ISA firewall with an OpenBSD machine with 3
NICs, to handle both routing between the two internet networks, and
firewall out to the internet. It will just be a static route between the
two internal networks, in addition to whatever routing is necessary for
firewall/NAT (I'm not sure on this?).



As far as the firewall is concerned, I don't think it will be a problem
as far as performance goes (our internet connect is 2mbit, which
shouldn't be hard to saturate). For the internal routing though, what
kind of hardware would we need to keep the 2 gigabit networks connected
at a decent speed?
   


Amazing what happens when you bother to read and search just a bit. Almost has 
if you aren't the only person in the world asking this question. 
http://www.openbsd.org/faq/pf/perf.html :)
 



We're looking at a p4 with a gig of ram - does that sound like it'll be
a bottleneck?



I figured that OpenBSD would lower the requirements for our firewall
machine (less bloat) as well as increase security.



Sorry if this is too general or vague a question - I did some searching
on the archives and could only find references to performance of IPSec
implementations, which we won't be using







Thanks, I appreciate any responses/links/feedback,

Peter L.

   



 

Umm, although I have no actual experience with them, many of the people 
on this mailing list who do recommend SK network cards as they are more 
effficient than alot of other models. If you are shifting alot of 
traffic through your internal network this should stop your bus from 
being saturated as easily.(i think)


From reading the faq that was post3ed previously 1g of ram and a p4 is 
overkill depending on how comple your ruleset it. having said that the 
p4 probably has a better bus architecture than an old p3.


-2ds

Re: RAID Configuration

[Sevan / Venture37]

Jaisimharao Besadi wrote:


Hi,

I request you to provide me the material to configure RAID on windows 2003 
server and also linux OS , I'm trying to get the hardware  software 
requirements for configuring RAID ( all levels )


Regards,

Jaisimha Besadi
 

 we require you to provide documentation for the SATA  RAID cards used 
in the IBM systems!

Plant a Tree Today

[Nancy Breeze]

Plant a Tree Today[IMAGE]

Called ashvattha in Sanskrit, the peepal (Ficus religious) is a very
large tree. Its bark is light grey, smooth and peels in patches. Its
heart-shaped leaves have long, tapering tips. The slightest breeze makes
them rustle. The fruit is purple when ripe.

The peepal is the first-known depicted tree in India: a seal discovered
at Mohenjodaro, one of the cities of the Indus Valley Civilisation (c.
3000 BC - 1700 BC), shows the peepal being worshipped. During the Vedic
period, its wood was used to make fire by friction.

The peepal is used extensively in Ayurveda. Its bark yields the tannin
used in treating leather. Its leaves, when heated in ghee, are applied to
cure wounds.

To know more about this tree, click here.

SOLVED: RE: isakmpd: section has no ID-type tag

[Mitja Muženič]

It turns out that I did some copypaste action when I was creating the
[peer-ID] section. And even if there were no extra blank characters anywhere
(I was careful to check that multiple times), somehow something was still
messing with the parser. Brackets or =, something must have looked fine on
screen yet the character code or something was wrong. I didn't follow
through on that.

The solution? Delete the whole section and retype it again exactly the way
it was - by hand. Grrr, wasted 5 hours on this.

Thanks for all suggestions off-list.

Regards, Mitja

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
 On Behalf Of Mitja Muenih
 Sent: Tuesday, August 30, 2005 11:41 AM
 To: misc@openbsd.org
 Subject: Re: isakmpd: section has no ID-type tag
 
 I don't want to be annoying but I have people breathing down my back.
 
 Does anyone at all have a working [peer-ID] section in isakmpd.conf?
 
 I mean something similar to:
 
 [ABCD-peer]
 Phase=1
 Transport=udp
 Address=aaa.bbb.ccc.ddd
 Configuration=ABCD-main-mode
 ID=ABCD-ID
 Authentication=
  
 [ABCD-ID]
 ID-type=USER_FQDN
 Name=yy
 
 No matter what I put in ID-type tag, I get
 
 001543.959050 Default ipsec_id_size: section ABCD-ID has no 
 ID-type tag
 
 No spaces or other additional characters anywhere. Is this a 
 bug in parser?
 
 
 i386, on 3.6-stable and -current. 

Re: netstat - how to show PID

[Spruell, Darren-Perot]

From: Miroslav Kubik [mailto:[EMAIL PROTECTED]
 Is there a way how to show PID which belongs to the socket by netstat 
 command? I searched man pages but I haven't found any useful 
 switch for my 
 need. I searched in Linux man pages for netstat as well and 
 it seems that 
 Linux can do it by p switch.

You can also use lsof from ports.

 sudo lsof -i:514
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
syslogd 30119 _syslogd3u  IPv4 0xd69d8000  0t0  UDP *:syslog

DS

New device sporting OpenBSD

[Johan P . Lindström]

While making friends with my ZyXEL ZyWALL P1 adapters, using tcpdump
-novelf (pf.os as of 3.7-release), I noticed that they are identified
as running OpenBSD.

This gave me that warm fuzzy feeling and I felt a need to share this,
there we are...

Have a nice evening!
 
// Johan

Re: i386 binaries on amd64

[Tony Lambiris]

In reading some mailing lists, I noticed some people pass in the -m32 
flag when compiling to compile 32bit instead of 64bit... I added the 
flag to the Makefile and everything compiles except when I try to link 
all the objects into an executable, I get these errors:


/usr/bin/ld: warning: i386 architecture of input file `some.o' is 
incompatible with i386:x86-64 output


Is compiling this way possible at all?

Ted Unangst wrote:

On Mon, 29 Aug 2005, Stuart Henderson wrote:



--On 29 August 2005 16:34 -0500, Tony Lambiris wrote:



Is there a way to compile something on i386 OpenBSD box to run on
amd64? or is there a sysctl option I am missing?


Cross-compiling between architectures is not supported, see list archives for
reasons why.



that's not the question he was asking, but the answer is no anyway.



--
Tony Lambiris [ [EMAIL PROTECTED] ]
so if it is really hard for you then perhaps you are just
retarded and need treatment w/ electricity and if that does
not help then perhaps should not use computers...

Re: DELL Latitude D400 without X

[Tony Lambiris]

I actually hacked an existing util for NetBSD to run flawlessly on 
OpenBSD (I have a Dell inspiron 700m).


You can get it here:

http://lysergik.com/~tony/openbsd.phtml

Baldur Sigurpsson wrote:

hi

use this thing:

http://damien.bergamini.free.fr/i855vidctl/

just remember to put the command in /etc/rc.securelevel because on 
openbsd you cannot access some devices you need to, in contrast to linux.


works on my dell inspiron 500m with the 855GM crap:)

Regards, Baldur

Uwe Dippel wrote:


... a continuation of around a year ago
('Warning: Possible Bug in BIOS DELL Latitude D400_A06 !')
It is still valid for 3.7.
In the meantime, the problem has turned out to be really a problem of
crappy DELL BIOSes; now at A08 it still does the same:
Any activation of X freezes the machine completely with a yellowish 
screen.


855wrap on http://www.chzsoft.com.ar/855patch.html solves this. On Linux.
There you compile a binary and run it before starting X. On any machine.
Now I tried to do the same on OpenBSD with the expected result:'Abort 
trap'.

Not quite so expected was, that the source didn't want to compile on
OpenBSD 3.7:
make: don't know how to make %.c.
Stop in ..

I bet quite a few newer DELL notebooks are affected; and I appreciate any
suggestion how to make it work on OpenBSD.
I read the archives here and googled. No result.

Uwe





--
Tony Lambiris [ [EMAIL PROTECTED] ]
so if it is really hard for you then perhaps you are just
retarded and need treatment w/ electricity and if that does
not help then perhaps should not use computers...

Re: Hard Disk Password Security Info - Fujitsu-Siemens writeup

[Dave Feustel]

Fujitsu-Siemens writeup on disk password handling:

http://vilpublic.fujitsu-siemens.com/vil/pc/vil/fast_facts/mainboards/pf_hddpassword_e.pdf
 

Moving from 3.7-release to -stable: make build fails (i386)

[Roman Zilka]

My salutations to all,

I'm a new user of OpenBSD, so I made sure to strictly stick to
official instructions. I installed 3.7-release on my Athlon box (dmesg
attached below - pretty typical gear), fetched the -stable branch

# cd /usr
# export [EMAIL PROTECTED]:/cvs
# cvs -d$CVSROOT checkout -rOPENBSD_3_7 -P src

rebuilt the GENERIC kernel (accordingly to the instructions found in
FAQ5) and rebooted the machine. Then I decided to rebuild the userland:

# cd /usr/src
# rm -rf ../obj/*
# make obj
...
# export DESTDIR=/
# export CFLAGS='-O3 -mcpu=athlon-xp -march=athlon-xp -mmmx -msse -m3dnow
-mfpmath=sse'
# export CXXFLAGS=$CFLAGS
# cd etc
# make distrib-dirs
...
# cd ..
# make build
...(all seems to go well until...)
=== libcurses++
c++ -O3 -mcpu=athlon-xp -march=athlon-xp -mmmx -msse -m3dnow -mfpmath=sse
-idirafter //usr/include/g++  -nostdinc -idirafter //usr/include
-c /usr/src/lib/libcurses++/cursesapp.cc -o cursesapp.o
c++ -O3 -mcpu=athlon-xp -march=athlon-xp -mmmx -msse -m3dnow -mfpmath=sse
-idirafter //usr/include/g++  -nostdinc -idirafter //usr/include
-c /usr/src/lib/libcurses++/cursesf.cc -o cursesf.o
In file included from /usr/src/lib/libcurses++/cursesf.h:39,
 from /usr/src/lib/libcurses++/cursesf.cc:34:
//usr/include/g++/cursesp.h:182: error: template with C linkage
*** Error code 1

Stop in /usr/src/lib/libcurses++.
*** Error code 1

Stop in /usr/src/lib.
*** Error code 1

Stop in /usr/src (line 72 of Makefile).

After some unsuccessful attempts to tweak the 'extern C {'
blocks all around the filesystem I decided to
skip building libcurses++ by removing the alike-named item
from /usr/src/lib/Makefile. Wiped /usr/obj clean, 'make build' again. Runs
much longer now, but eventually fails with another error elsewhere.
I figure I need to get past libcurses++ in a regular way. Could you please
give me a pointer as to how shall I accomplish that or what do I
keep doing wrong? (Removing the CFLAGS and
CXXFLAGS environment variables makes no difference.)
My thanks and best regards
- Roman Zilka

---

# pkg_info
ImageMagick-6.0.0-2p4 image processing tools
ORBit2-2.12.0   high-performance CORBA Object Request Broker
Xaw3d-1.5   3D Athena Widget set that looks like Motif
atk-1.8.0   accessibility toolkit used by gtk+
aumix-2.8   full-screen ncurses or GTK-based audio mixer
bash-3.0.16p0   GNU Bourne Again Shell
bzip2-1.0.2 block-sorting file compressor, unencumbered
cdparanoia-3.a9.8   CDDA reading utility with extra data
verification features
cdrtools-2.01   ISO 9660 filesystem and CD creation tools
curl-7.11.2p0   get files from FTP, Gopher, HTTP or HTTPS servers
dvd+rw-tools-5.21.4.10.8 mastering tools for DVD+RW/+R/-R/-RW
esound-0.2.34   sound library for Enlightenment
gconf2-2.8.1p0  configuration database system for GNOME
gettext-0.10.40p2   GNU gettext
ghostscript-7.05p5  GNU PostScript interpreter
ghostscript-fonts-6.0 35 standard PostScript fonts with Adobe name aliases
glib-1.2.10 useful routines for C programming
glib2-2.4.8 general-purpose utility library
gnome-mime-data-2.4.2 MIME and Application database for GNOME
gnome-vfs2-2.8.3p0  GNOME Virtual File System
gqview-1.4.5Gtk-based graphic file viewer
gtk+-1.2.10p1   General Toolkit for X11 GUI
gtk+2-2.4.14multi-platform graphical toolkit
gv-3.5.8p4  PostScript and PDF previewer
hicolor-icon-theme-0.5 high-color icon theme shell for GNOME and KDE
jasper-1.701.0  reference implementation of JPEG-2000
jbigkit-1.5 lossless image compression library
joe-2.9.8pre1p1 joe's own editor
jpeg-6b IJG's JPEG compression utilities
lame-3.96.1 lame ain't an MP3 encoder
lcms-1.12p0 color management library
libIDL-0.8.4IDL parsing library
libaudiofile-0.2.6  SGI audiofile library clone
libbonobo-2.8.0 GNOME component and compound document system
libiconv-1.9.2  character set conversion library
libogg-1.1.2Ogg bitstream library
libungif-4.1.0b1tools and library routines for working with GIF images
libvorbis-1.1.0p0   audio compression codec library
libxml-2.6.16p0 XML parsing library
links+-2.1pre16 graphics and text browser with javascript support
lsof-4.69p0 list information about open files
mc-4.6.1pre1p0  free Norton Commander clone with many useful features
micq-0.5.0.1p0  text-based ICQ implementation
mozilla-1.7.5-gtk2  open source version of the Netscape browser
mplayer-1.0pre6ap0  Movie player supporting MPEG, DivX, AVI, ASF, MOV  more
mutt-1.5.8i tty-based e-mail client, development version
netpbm-9.24p1   toolkit for converting images between different formats
openmotif-2.1.30.5  Motif toolkit
pango-1.6.0 library for layout and rendering of text
png-1.2.7p1 library for manipulating PNG images
popt-1.7getopt(3)-like library with a number of enhancements
shared-mime-info-0.15 

Message (Your message dated Tue, 30 Aug 2005 12:24:28...)

[L-Soft list server at CINECA - Inter University Computing Centre (1.8d)]

Your message  dated Tue, 30 Aug  2005 12:24:28 -0500 with  subject Returned
mail: Data format error has been submitted to the moderator of the HPC-NEWS
list: [EMAIL PROTECTED]

Re: 3.8 beta requests

[Kevin]

On 8/22/05, Theo de Raadt [EMAIL PROTECTED] wrote:
  We are heading towards making the real 3.8 release soonish.  I would
  like to ask the community to do lots of testing over the next week if
  they can.
 
  What is the best way to test?  Should we be downloading snapshots daily?
 
 Install snapshots.  Install snapshot packages.  Try using it as if it
 is the real 3.8.  Tell us if things fail.

By tell us, should we be contacting the port maintainer directly,
using sendbug or both?

I've been testing 3.8 on a couple of i386 systems (soon sparc also),
including installing more of the 3.8 beta packages than I would use
normally.  So far I am impressed by UP/MP performance, and have
only found a couple of X applications (xtacy, xlock) failing on signal 11.

Kevin Kadow

exit serial console on F4

[Roger Neth Jr]

Hello List, I am experimenting with serial consoles and had tty00 open on 
fvwm X windows term. Closed the term and went to ctl-alt-F4 and logged in 
root to cu -l tty00 and connected successfully.
I tried ^C and ^D to disconnect from the serial console without success. 
What I am trying to do is open tty00 back on the fvwm X windows term but 
ports are busy because tty00 is running on F4.

I did a quick FAQ and Google but did not find anything.

Thank you,

rogern
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

Re: exit serial console on F4

[Matt Provost]

On Aug 30 11:07 AM, Roger Neth Jr wrote:
 Hello List, I am experimenting with serial consoles and had tty00 open on 
 fvwm X windows term. Closed the term and went to ctl-alt-F4 and logged in 
 root to cu -l tty00 and connected successfully.
 I tried ^C and ^D to disconnect from the serial console without success. 
 What I am trying to do is open tty00 back on the fvwm X windows term but 
 ports are busy because tty00 is running on F4.
 I did a quick FAQ and Google but did not find anything.
 

To disconnect from cu type enter then ~.

Watch out because ssh also uses that sequence to disconnect - if you're
going through ssh use ~~. so cu gets the disconnect and not ssh.

Matt

Re: Moving from 3.7-release to -stable: make build fails (i386)

[Jason Haag]

Is there any particular reason why you do all these steps:

 # export DESTDIR=/
 # export CFLAGS='-O3 -mcpu=athlon-xp -march=athlon-xp -mmmx 
 -msse -m3dnow
 -mfpmath=sse'
 # export CXXFLAGS=$CFLAGS
 # cd etc
 # make distrib-dirs
 ...
 # cd ..

When the only thing you should need to do is:
 # make build

???

Re: frequency of ports-security mailing list updates?

[Greg Maruszeczka]

Da Man wrote:
 I've been subscribed to the ports-security mailing lists since mid
 June 2005.  Today I received a notice for a security update for
 pcre-4.5p0.  Out of habit I double checked against the 3.7 packages
 errata page and noticed that there were a number of other updates
 applicable to my system(tiff-3.6.1p6, netpbm-9.24p2) that I had not
 received a notice for via ports-security.  It looks like these updates
 were uploaded to ftp.openbsd.org on 8/19 so it seems I should have
 received a mail alert by now if in fact one was issued and barring any
 delivery problems to my mailbox.
 
 As a matter of clarification, will an email alert be sent via the
 ports-security mailing lists for all package errata?  If not, what is
 the recommended method being alerted to relevant changes?  Do I need
 to subscribe to ports-changes?
 


Don't know if you've considered this but you could run both cvsup and
/usr/ports/infrastructure/build/out-of-date as a cronjob and mail
yourself the results. You can usually surmise from the mailed output
whether anything has changed since the last run. This is what I've been
doing. Hope that helps.

G

Re: web server pf problem

[Todd Boyer]

On Tuesday, August 30, 2005, [EMAIL PROTECTED] wrote:  

 So my problem is that i can't access any of my web server via internet
but it works in local

Locate these pf.conf rules:

 block all

 pass in on $ext_if proto tcp from any to $web_srv port 80 flags S/SA
synproxy state
 pass in on $ext_if proto tcp from any to $web1_srv port 81 flags S/SA
synproxy state

Change to:

block log all

pass in on $ext_if proto tcp from any to { $ext_if $web_srv } port 80
flags S/SA synproxy state
pass in on $ext_if proto tcp from any to { $ext_if $web1_srv } port 80
flags S/SA synproxy state

use tcpdump -i pflog0 -qntte for additional troubleshooting

This should do it. -T

---
Todd M. Boyer, CISSP 
President   AutumnTECH, LLC 
[EMAIL PROTECTED]   http://www.AutumnTECH.com

AutumnTECH Manufactures Entire Network Protection Appliances 
that Identify Spam and Sanitize Dangerous E-mail Content  
---

cheap mini-pci ral(4) cards

[Todd C. Miller]

The MSI MP54G4 (aka MSI MS-6833) seems to be readily available in
the US now.  I just picked one up from www.thenerds.net but a cheaper
price can be found at newegg.com.  It seems to work fine in my Sony
SRX77.

The trick is to search for both the model name (MP54G4) and the
part number (MS-6833) since some stores list the card one way and
some the other.

 - todd

Re: New device sporting OpenBSD

[Alexander Farber]

Don't they use ZynOS?

2005/8/30, Johan P. Lindstrvm [EMAIL PROTECTED]:
 While making friends with my ZyXEL ZyWALL P1 adapters, using tcpdump
 -novelf (pf.os as of 3.7-release), I noticed that they are identified
 as running OpenBSD.

MaxDB on 3.6? or just ndb_mgm[d ]?

[John N. Brahy]

I'm trying to build a OpenBSD mysql cluster and I haven't been able to
fully compile the mysql build tools that are required to compile the
MaxDB so I can get ndb_mgmd and ndb_mgm. Does anyone have a patch to
make it work or a package with those two binaries?



Thanks,



John

Re: MaxDB on 3.6? or just ndb_mgm[d ]?

[Spruell, Darren-Perot]

From: John N. Brahy [mailto:[EMAIL PROTECTED]
 I'm trying to build a OpenBSD mysql cluster and I haven't been able to
 fully compile the mysql build tools that are required to compile the
 MaxDB so I can get ndb_mgmd and ndb_mgm. Does anyone have a patch to
 make it work or a package with those two binaries?

John, the mysql cluster stuff is part of the stock mysql-4.1 source
distribution nowadays. At a previous company we used it with 4.1.7 and
higher. You shouldn't need to worry about MaxDB if you are after the cluster
stuff (don't know if you might need it for other reasons, but...)

To my knowledge you should just be able to compile mysql-4.1 with cluster it
like any other app - there should be a configure switch that controls it.

DS

i386 branch on amd64

[Tony Lambiris]

I know this will run fine, but will the dual-core and such be detected 
and setup correctly, or is this an amd64 specific thing?


TIA.

--
Tony Lambiris [ [EMAIL PROTECTED] ]
so if it is really hard for you then perhaps you are just
retarded and need treatment w/ electricity and if that does
not help then perhaps should not use computers...

chroot apache and timezone

[-f]

hi there,

considering that httpd is chrooted by default, would it be
a bad idea to have etcXX.tgz contain /var/www/etc/localtime ?

the install script could also create this file based on the
timezone answer...

or perhaps at least afterboot(8) could mention this...

-f
-- 
excuse me if i sound bitter...  i taste that way too...

Re: Shouldn't OpenBSD X11 come out with -nolisten tcp as default?

[Andrew Daugherity]

I think one major reason other OSes have done '-nolisten tcp' by
default is to encourage people to use X11 forwarding via ssh instead
of xhost/etc, as the xhost way transmits in cleartext.  Of course it
can be argued that the user should be left to decide that themselves,
so there's two sides to every issue

Personally, if it's a workstation behind a pf firewall, I don't care. 
If not (as in my box at work where I don't control the network), then
yes, I'll do the little things that may or may not help but do not
hurt (assuming my usage doesn't require them), like this, turning off
daemons I don't use (which if I have to use RedHat, are legion), and
PermitRootLogin No in sshd_config.  And if this *is* the pf box I'm
talking about, I won't be running xdm.  :-)

-A

OT: phone line 2 ethernet converters

[Gustavo Rios]

Dear friends,

sorry for being off-topic, i am able to rent a pair of twist line (a
circuit) between my home and and friends one. I wonder if there exist
and ethernet extender device that could connect an ethernet cable to a
phone line. It would do no special work, just a raw connection between
2 types of layer, i.e, take bits from one end and put it into the
another and vice-versa.

BTW: i am no engineer (CS Bachelor), so sorry if it sounds too stupid.

Does that exists ?

PS: yes, i am a user of OBSD and i am using this list cause i know no
other best suited for this message, if possible, point me one possible
right mailing list for such subject.

Re: Smart Array 6i RAID controller (ciss)

[Mark Keating]

Greg Petras wrote:

I've read a few recent posts in the archive about this controller. I'm
wondering what the status of this driver is? I noticed on the
supported hardware list that it is supported, but the manpage for ciss
looks like it's saying it won't be supported until 3.8. Is anyone
actively using the driver in -current? Does it work? Does anyone have
tips for getting it working on a DL 360?

Thanks,

Greg

I have installed -current on several systems with 5i, 53xx and 6xxx 
controllers.  I have not installed on a system with a 6i controller.  I 
have not had any problems other than seeing 'ciss0: cmd_stat 2 scsi_stat 
0x0' errors somewhat regularly.  I have been running it on both x86 and 
amd64.  I have not done any performance testing of the driver, but 
casual observation shows the driver performing well.


I have been booting from the cd38.iso and installing without any issues.

Thanks to mickey@ for writing the driver.  It allows me to run on many 
more systems...


mark

Re: OT: phone line 2 ethernet converters

[Gordon Grieder]

On Tue, Aug 30, 2005 at 09:41:44PM -0300, Gustavo Rios wrote:
 Dear friends,
 
 sorry for being off-topic, i am able to rent a pair of twist line (a
 circuit) between my home and and friends one. I wonder if there exist
 and ethernet extender device that could connect an ethernet cable to a
 phone line. It would do no special work, just a raw connection between
 2 types of layer, i.e, take bits from one end and put it into the
 another and vice-versa.
..
 Does that exists ?

I doubt it. Most voice line copper is Cat-3(?) We used to run Apple's
LocalTalk across that type of twisted pair but only at speeds of 230
Kbps.


 Gord

Re: i386 branch on amd64

[Ted Unangst]

On Tue, 30 Aug 2005, Tony Lambiris wrote:

 I know this will run fine, but will the dual-core and such be detected and
 setup correctly, or is this an amd64 specific thing?

it should, but it's hard to tell until somebody tests it.


-- 
And that's why I won't have sex with you.

Re: cheap mini-pci ral(4) cards

[Ben Hooper]

|The MSI MP54G4 (aka MSI MS-6833) seems to be readily available in
|the US now.  I just picked one up from www.thenerds.net but a cheaper
|price can be found at newegg.com.  It seems to work fine in my Sony
|SRX77.
|
|The trick is to search for both the model name (MP54G4) and the
|part number (MS-6833) since some stores list the card one way and
|some the other.

Just be careful which model you pick up. MSI, like many vendors has a habit
of changing chipsets. For instance, the CB54G2 is a RT2500, but the CB54G is
Broadcom.

Regards,

Ben.

Re: OT: phone line 2 ethernet converters

[Michael J. Velasco Jr.]

Depending on the distances and the electrical characteristics, you may want
to consider some of the products that Cisco offers to provide wired
high-speed in hotel rooms, dormitories and the like.  They're specifically
designed to run on lower-quality copper circuits with the corresponding drop
in bandwidth, but if you can be happy with T1 speeds between you and your
friend's house for the cost of a dry pair it might be just the thing for
you.

There's also things like HDSL adapters but then you need T1 CSUs or DSUs and
routers, etc., oh my.

Find out what kind of Nyquist frequencies the dry pair provider is willing
to guarantee over what distances and then you can go from there.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Gordon Grieder
Sent: Tuesday, August 30, 2005 5:51 PM
To: Gustavo Rios
Cc: misc@openbsd.org
Subject: Re: OT: phone line 2 ethernet converters


On Tue, Aug 30, 2005 at 09:41:44PM -0300, Gustavo Rios wrote:
 Dear friends,
 
 sorry for being off-topic, i am able to rent a pair of twist line (a
 circuit) between my home and and friends one. I wonder if there exist 
 and ethernet extender device that could connect an ethernet cable to a 
 phone line. It would do no special work, just a raw connection between 
 2 types of layer, i.e, take bits from one end and put it into the 
 another and vice-versa.
..
 Does that exists ?

I doubt it. Most voice line copper is Cat-3(?) We used to run Apple's
LocalTalk across that type of twisted pair but only at speeds of 230 Kbps.


 Gord

Re: OT: phone line 2 ethernet converters

[Jason George]

Dear friends,

sorry for being off-topic, i am able to rent a pair of twist line (a
circuit) between my home and and friends one. I wonder if there exist
and ethernet extender device that could connect an ethernet cable to a
phone line. It would do no special work, just a raw connection between
2 types of layer, i.e, take bits from one end and put it into the
another and vice-versa.

BTW: i am no engineer (CS Bachelor), so sorry if it sounds too stupid.

Does that exists ?

PS: yes, i am a user of OBSD and i am using this list cause i know no
other best suited for this message, if possible, point me one possible
right mailing list for such subject.




This is the whole point of this:  http://accoom.kd85.com/

Wim, Claudio or Andre Oppermann (FreeBSD dude) may be able to shed more light.
Claudio committed a driver 2 weeks ago (musycc).  

Alternatively, you can take a pair of SDSL modems and run them back-to-back.
This will hand off Ethernet at either end.  The modems are relatively cheap on 
Ebay.

There is a fair amount of info on the web about this type of setup if you 
google around.

--Jason

Re: OT: phone line 2 ethernet converters

[Gordon Grieder]

On Wed, Aug 31, 2005 at 02:34:16AM +, Jason George wrote:
 This is the whole point of this:  http://accoom.kd85.com/

Wow, very neat. Thanks for enlightening me!

Re: New device sporting OpenBSD

[Lars Hansson]

On Tue, 30 Aug 2005 21:26:33 +0200
Alexander Farber [EMAIL PROTECTED] wrote:

 Don't they use ZynOS?

and ZynOS is an oem'd/rebranded/modified what?

---
Lars Hansson

Re: DELL Latitude D400 without X

[Uwe Dippel]

On Tue, 30 Aug 2005 11:44:56 -0500, Tony Lambiris wrote:

 http://lysergik.com/~tony/openbsd.phtml

No, boys, thank you for the effort, but both point me to the
resolution problem that we had earlier; for earlier BIOSes. This one has
been solved by the later BIOSes:
(cited from http://www.chzsoft.com.ar/855patch.html)

Some of these computers don't allocate enough video memory so that
XFree86 is only able to run at low resolutions and/or color depths (e.g.
640x480x16bit). [...]

Some newer models with 855GM chipset (e.g. Dell Inspiron 510m and Dell
Latitude D505) have an updated BIOS which is able to set the memory size
by itself, thus making 855patch obsolete on these systems. Unfortunately
the BIOS introduces a new bug causing XFree86 to freeze (with a green
screen) when using the i810 driver.

On the D400 with BIOS  A05 - like mine ! - we do not need the 855*patch*,
but the 855*wrap* from said site.

So I'm stuck without X on a notebook; not convincing !

Thanks anyway,

Uwe

Re: OT: phone line 2 ethernet converters

[J.C. Roberts]

On Tue, 30 Aug 2005 21:41:44 -0300, Gustavo Rios
[EMAIL PROTECTED] wrote:

Dear friends,

sorry for being off-topic, i am able to rent a pair of twist line (a
circuit) between my home and and friends one. I wonder if there exist
and ethernet extender device that could connect an ethernet cable to a
phone line. It would do no special work, just a raw connection between
2 types of layer, i.e, take bits from one end and put it into the
another and vice-versa.

BTW: i am no engineer (CS Bachelor), so sorry if it sounds too stupid.

Does that exists ?

PS: yes, i am a user of OBSD and i am using this list cause i know no
other best suited for this message, if possible, point me one possible
right mailing list for such subject.

Here in the US, a plain (uncoiled) circuit between two points is
either called an alarm circuit or a dry pair if that's what you
got, and you're within distance requirements (wire feet), you can do a
number of different things; from all/most the various *DSL
technologies, to using CSU/DSU endpoints.

Though I don't think much of Cringely, you might find this
interesting:

http://www.pbs.org/cringely/pulpit/pulpit20010823.html


Good luck,
JCR

Re: using restore command from files?

[Siju George]

On 8/29/05, Matt Singerman [EMAIL PROTECTED] wrote:

  On 8/29/05, scorch [EMAIL PROTECTED] wrote:
   Matt Singerman said the following on 2005-08-29 22:32:
  
   I did the restore, and it actually appears to have worked! however.
   And ugh, this is a however. The drive partitions that I created are
   slightly, er, off. I mapped /usr to /dev/wd0g, but the system is
   looking for it in /dev/wd0f. Obviously, this is not working. How can
   I fix this?!
   
   
   looks like your /etc/fstab doesn't match your disklabel... or is there
   some error message you need to send us?
  
  
   cheers, scorch
  
   --
   out of the frying pan and into the fire

 Argh. So here is what is going on:

 The restore seems to have worked. The system boots, services start,
 it's all hunky-dorey. However, there is no network. No. Network. I
 run ifconfig -a, and device xl0 is started ok. However, dc0 isn't. I
 don't know if it *should* be started, but the system seems to require
 it - there are calls to it in pf.conf, and in snort's config files.

 there is no network because your present network card (xl0) is not
configured.
your previous system used a network card supported by the driver

http://www.openbsd.org/cgi-bin/man.cgi?query=dcsektion=4apropos=0manpath=O
penBSD+Currentarch=i386
 To find out how OpenBSD names Network cards and to set up Networking please
read
 http://www.openbsd.org/faq/faq6.html#Setup
 Your present computer uses the Network card supported by the driver

http://www.openbsd.org/cgi-bin/man.cgi?query=xlapropos=0sektion=0manpath=O
penBSD+Currentarch=i386format=html
 You can enable network in your computer by following these steps.
 1) Create a network configuration file for xl0 interface
 mv /etc/hostname.dc0 /etc/hostname.xl0
 2) Restart your network.
 sh /etc/netstart
 The above script should be explictly run in sh shell.
 3) Change the macro in your pf.conf for dc0 to point to xl0.
 If you did not use a macro then it is a bad practice please read
http://www.openbsd.org/faq/pf/macros.html
 and make necessary changes to your pf.conf
 4) Reload PF ruleset
 pfctl -f /etc/pf.conf
 This should get your network up and running on the new OpenBSD box :-)
 Don't know much about snort now but am in the process of learning! sorry
:-(
 Kind regards
 Siju

If I try and run ifconfig dc0 up, I get an error about the decide
 not being configured. This computer, I should mention, has only one
 networking card. Just one. Always had. Any ideas what could be
 causing this?

 Thanks,

 Matt

Default domain not working

[Bill]

I have a problem, which will probably end up being a stupid mistake.
I have 3.7 running (fresh install) using the stock BIND and DHCP systems

My problem is that I cannot get the default domain to work.

So:
dig www 

does not work, while
dig www.domainname.com

does work fine.

Things I have checked:

resolv.conf
Has the: domain domainname.com
I also tried the search domainname.com entry also

I read that dig gets its default from the hostname, so I checked my
hostname setting: core.domainname.com
(Set in /etc/myname)

I have it running its own named server, without any connections to
forward at this time, which resolves the full domain name fine.

I've tried adding the /etc/defaultdomain file, which I did not think
had anything to do with it, but to no avail.

If I do dig www +domain=domainname.com it works fine (but I would
expect that to)

I tried googling but nothing good... or helpful.  

What am I missing?  Everything I read says this should work...

Thanks for any advice on this