Re: Voice-Chat Software (maybe even a Client wich works on openBSD? ;) ) ?
Hi, On Thursday, 13. July 2006 04:16, Sebastian Rother wrote: Hello everybody, I`m looking for a Voice-Chat/VoIP Solution. Requirements: Peoples with different OSs should be able to talk to each other (maybe even some little meetings). The peoples I know use mainly: Linux, OpenBSD, rare FreeBSD and Windows. I'd use open standards and Open Source software whereever possible. Don't go for Skype, Teamspeak... Probably a good solution would be the use of the SIP protocoll. There are many applications that support this. For OpenBSD I'd recommend KCall, which integrates with Kontact in KDE. I don't know if it's in the ports but it compiles fine on my i386 3.9 box if you compile it from source. Other SIP clients work fine also probably if you rather prefer something from the GNOME universe. You also need some server setup to route calls from the Internet to ordinary landlines. Asterisk is the way to go these days, I guess. If you don't want to setup your own server, you could investigate the use of the services of GMX, 11 and so on. kind regards, Tobias W.
Re: Samba
So, if anyone has a copy of that sync script, I'd be glad to have a copy too! Please e-mail me.
Re: D-Link DUB-E100 new Revision does not work
ello, I have searched the net and what I found isn't that good. From the linux people I found that AX88772 L should be supported by their usbnet driver. On the other side I found a guy (using linux) having the same device (and thus the same problem as I have) At asix I found the following site http://www.asix.com.tw/products.php?op=pItemdetailPItemID=86;71;101PLine=71 They say that their chip is supported under linux with the usbnet driver. The only difference I see between what I have and what I found in the net is the name of the chipset: everyone talks about AX88772 L and I have AX88772 LF (you see the F? ) I think, I write a email to D-LINK and Asix, cheers guido The letters are probably package sizes of the chip rather than revisions. More likely something like the gpio twiddling needs to be improved in the driver if the diff I sent is not working. Hello Jonathan, I must admit, I don't know what you exactly are talking about (gpio twiddling :-) I got an answer from axis, I think I can post it here: Dear Guido: Thank you for your question. AX88772 L and AX88772 LF are all support Linux driver. D-Link can't support Linux driver because they has different PID and VID at their new device. You should find out their PID and VID so that you can add it to Linux driver. As often, they only talk about linux. I think, that is exactly what your diff has done. The guy from axis included the source code of the usbnet.c driver, which contains a lot of functions with ax88772 in their names. If it helps, I can forward it to you. One thing, if you don't have the time to improve the driver: I really don't need it, better use your time for important things ;-) Nevertheless, thanks for your help guido
Re: Dhcpd Bizarre!!!!!!!!!!!!!!!!
/*$OpenBSD: db.c,v 1.10 2004/09/16 18:35:42 deraadt Exp $*/
/*
* Persistent database management routines for DHCPD.
*/
/*
* Copyright (c) 1995, 1996 The Internet Software Consortium.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
*notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
*notice, this list of conditions and the following disclaimer in the
*documentation and/or other materials provided with the distribution.
* 3. Neither the name of The Internet Software Consortium nor the names
*of its contributors may be used to endorse or promote products derived
*from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND
* CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* This software has been written for the Internet Software Consortium
* by Ted Lemon [EMAIL PROTECTED] in cooperation with Vixie
* Enterprises. To learn more about the Internet Software Consortium,
* see ``http://www.vix.com/isc''. To learn more about Vixie
* Enterprises, see ``http://www.vix.com''.
*/
#include dhcpd.h
FILE *db_file;
FILE *abc;
static int counting = 0;
static int count = 0;
time_t write_time;
/*
* Write the specified lease to the current lease database file.
*/
int
write_lease(struct lease *lease)
{
struct tm *t;
char tbuf[64];
int errors = 0;
int i;
if (counting)
++count;
errno = 0;
fprintf(db_file, lease %s {\n, piaddr(lease-ip_addr));
fprintf(abc,%s\t,piaddr(lease-ip_addr));
if (errno)
++errors;
t = gmtime(lease-starts);
snprintf(tbuf, sizeof(tbuf), %d %d/%02d/%02d %02d:%02d:%02d;,
t-tm_wday, t-tm_year + 1900, t-tm_mon + 1, t-tm_mday,
t-tm_hour, t-tm_min, t-tm_sec);
errno = 0;
fprintf(db_file, \tstarts %s\n, tbuf);
fprintf(abc, %s\t, tbuf);
if (errno)
++errors;
t = gmtime(lease-ends);
snprintf(tbuf, sizeof(tbuf), %d %d/%02d/%02d %02d:%02d:%02d;,
t-tm_wday, t-tm_year + 1900, t-tm_mon + 1, t-tm_mday,
t-tm_hour, t-tm_min, t-tm_sec);
errno = 0;
fprintf(db_file, \tends %s, tbuf);
fprintf(abc, %s\t, tbuf);
if (errno)
++errors;
if (lease-hardware_addr.hlen) {
errno = 0;
fprintf(db_file, \n\thardware %s %s;,
hardware_types[lease-hardware_addr.htype],
print_hw_addr(lease-hardware_addr.htype,
lease-hardware_addr.hlen,
lease-hardware_addr.haddr));
fprintf(abc,%s\n,
print_hw_addr(lease-hardware_addr.htype,
lease-hardware_addr.hlen,
lease-hardware_addr.haddr));
if (errno)
++errors;
}
if (lease-uid_len) {
int j;
errno = 0;
fprintf(db_file, \n\tuid %2.2x, lease-uid[0]);
if (errno)
++errors;
for (j = 1; j lease-uid_len; j++) {
errno = 0;
fprintf(db_file, :%2.2x, lease-uid[j]);
if (errno)
++errors;
}
putc(';', db_file);
}
if (lease-flags BOOTP_LEASE) {
errno = 0;
fprintf(db_file, \n\tdynamic-bootp;);
if (errno)
++errors;
}
if (lease-flags ABANDONED_LEASE) {
errno = 0;
fprintf(db_file, \n\tabandoned;);
if (errno)
++errors;
}
if (lease-client_hostname) {
for (i = 0; lease-client_hostname[i]; i++)
if (lease-client_hostname[i] 33 ||
lease-client_hostname[i] 126)
goto bad_client_hostname;
errno = 0;
fprintf(db_file, \n\tclient-hostname \%s\;,
lease-client_hostname);
if (errno)
++errors;
}
bad_client_hostname:
if (lease-hostname) {
for (i = 0; lease-hostname[i]; i++)
if (lease-hostname[i] 33 ||
lease-hostname[i] 126)
goto bad_hostname;
errno = 0;
ohci0: unrecoverable error, controller halted
Is disabling ohci likely to be enough to prevent this recurring? Any other suggestions? Jul 12 23:58:39 gr1 /bsd: ohci0: unrecoverable error, controller halted Jul 12 23:58:39 gr1 /bsd: ohci0: blocking intrs 0x10 Jul 12 23:58:39 gr1 /bsd: ohci1: unrecoverable error, controller halted Jul 12 23:58:39 gr1 /bsd: ohci1: blocking intrs 0x10 Jul 12 23:58:39 gr1 /bsd: ehci0: unrecoverable error, controller halted Jul 12 23:58:39 gr1 /bsd: ehci0: blocking intrs 0x10 Jul 12 23:58:39 gr1 /bsd: fxp1: warning: SCB timed out I'm not sure if it panicked at this point, I haven't had chance to put a conserver box up at that colo yet. OpenBSD 3.9-current (GENERIC.MP) #821: Thu Jul 6 11:34:21 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: AMD Opteron(tm) Processor 146 (AuthenticAMD 686-class, 1024KB L2 cache) 2 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3 real mem = 1073246208 (1048092K) avail mem = 975052800 (952200K) using 4256 buffers containing 53764096 bytes (52504K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 11/17/05, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.3 @ 0xf8dc0 (60 entries) bios0: Supermicro H8SSL pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4f50/160 (8 entries) pcibios0: no compatible PCI ICU found: ICU vendor 0x1166 product 0x0205 pcibios0: PCI bus #3 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x1800 0xc9800/0x1800 0xcb000/0x1000 mainbus0: Intel MP Specification (Version 1.4) (RCC Blast ) cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 199 MHz mainbus0: bus 0 is type PCI mainbus0: bus 1 is type PCI mainbus0: bus 2 is type PCI mainbus0: bus 3 is type PCI mainbus0: bus 4 is type ISA ioapic0 at mainbus0: apid 1 pa 0xfec0, version 11, 16 pins ioapic1 at mainbus0: apid 2 pa 0xfec01000, version 11, 16 pins ioapic2 at mainbus0: apid 3 pa 0xfec02000, version 11, 16 pins pci0 at mainbus0 bus 0: configuration mode 1 (no bios) ppb0 at pci0 dev 1 function 0 ServerWorks HT-1000 PCI rev 0x00 pci1 at ppb0 bus 1 ppb1 at pci1 dev 13 function 0 ServerWorks HT-1000 PCIX rev 0xb2 pci2 at ppb1 bus 2 ppb2 at pci2 dev 1 function 0 Intel S21154AE/BE PCI-PCI rev 0x00 pci3 at ppb2 bus 3 fxp0 at pci3 dev 4 function 0 Intel 8255x rev 0x0d, i82550: apic 2 int 4 (irq 10), address 00:02:b3:c8:0d:c3 inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4 fxp1 at pci3 dev 5 function 0 Intel 8255x rev 0x0d, i82550: apic 2 int 5 (irq 10), address 00:02:b3:c8:0d:c4 inphy1 at fxp1 phy 1: i82555 10/100 PHY, rev. 4 bge0 at pci2 dev 3 function 0 Broadcom BCM5704C rev 0x10, BCM5704 B0 (0x2100): apic 2 int 8 (irq 10), address 00:30:48:56:6b:76 brgphy0 at bge0 phy 1: BCM5704 10/100/1000baseT PHY, rev. 0 bge1 at pci2 dev 3 function 1 Broadcom BCM5704C rev 0x10, BCM5704 B0 (0x2100): apic 2 int 9 (irq 10), address 00:30:48:56:6b:77 brgphy1 at bge1 phy 1: BCM5704 10/100/1000baseT PHY, rev. 0 pciide0 at pci1 dev 14 function 0 ServerWorks SATA rev 0x00: DMA pciide0: using apic 1 int 11 (irq 11) for native-PCI interrupt pciide0: port 0: PHY offline pciide0: port 1: PHY offline pciide0: port 2: PHY offline pciide0: port 3: PHY offline pciide1 at pci1 dev 14 function 1 ServerWorks SATA rev 0x00 piixpm0 at pci0 dev 2 function 0 ServerWorks HT-1000 rev 0x00: polling iic0 at piixpm0 admcts0 at iic0 addr 0x2c pciide2 at pci0 dev 2 function 1 ServerWorks HT-1000 IDE rev 0x00: DMA wd0 at pciide2 channel 0 drive 0: TRANSCEND DOM512M wd0: 1-sector PIO, LBA, 488MB, 1000944 sectors wd0(pciide2:0:0): using PIO mode 4 pcib0 at pci0 dev 2 function 2 ServerWorks HT-1000 LPC rev 0x00 ohci0 at pci0 dev 3 function 0 ServerWorks HT-1000 USB rev 0x01: apic 1 int 10 (irq 10), version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: ServerWorks OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered ohci1 at pci0 dev 3 function 1 ServerWorks HT-1000 USB rev 0x01: apic 1 int 10 (irq 10), version 1.0, legacy support usb1 at ohci1: USB revision 1.0 uhub1 at usb1 uhub1: ServerWorks OHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered ehci0 at pci0 dev 3 function 2 ServerWorks HT-1000 USB rev 0x01: apic 1 int 10 (irq 10) usb2 at ehci0: USB revision 2.0 uhub2 at usb2 uhub2: ServerWorks EHCI root hub, rev 2.00/1.00, addr 1 uhub2: 4 ports with 4 removable, self powered vga1 at pci0 dev 5 function 0 ATI Rage XL rev 0x27 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pchb0 at pci0 dev 24 function 0 AMD AMD64 HyperTransport rev 0x00 pchb1 at pci0 dev 24 function 1 AMD AMD64 Address Map rev 0x00 pchb2 at pci0 dev 24 function 2 AMD AMD64 DRAM Cfg rev 0x00 pchb3 at pci0 dev 24 function 3 AMD AMD64 Misc Cfg rev 0x00 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using
Re: Voice-Chat Software (maybe even a Client wich works on openBSD? ;) ) ?
On Wednesday 12 July 2006 21:16, Sebastian Rother wrote: Hello everybody, I`m looking for a Voice-Chat/VoIP Solution. Take a look at http://arsenalproject.org/
kernel panic
Any ideas what can be a wrong? on -Current (3.8, 3.9, 3.9STABLE too) ahd0: target 0 using asynchronous transfers ahd0: SCB = 508 Not Active! panic: Waiting list traversal Stopped ad Debugger+0x4:popl %ebp after some seconds it freezes No newer BIOS available And SMP kernel is not working too. HW: HP ML 150 G2 DMESG HERE: OpenBSD 3.9-current (SMTP-PROXY) #2: Tue Jun 27 14:28:24 EEST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/SMTP-PROXY cpu0: Intel(R) Xeon(TM) CPU 3.00GHz (GenuineIntel 686-class) 3 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16 real mem = 535834624 (523276K) avail mem = 486215680 (474820K) using 4256 buffers containing 26894336 bytes (26264K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(8b) BIOS, date 12/31/99, BIOS32 rev. 0 @ 0xfd88f, SMBIOS rev. 2.33 @ 0xdc010 (48 entries) bios0: HP ProLiant ML150 G2 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xfd4b0/0xb50 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfded0/272 (15 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #4 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x1800 0xc9800/0x8c00 0xdc000/0x4000! ipmi0 at mainbus0ipmi0: bmc_io_wait_cold fails : *v=ff m=02 b=00 write_cmd kcs_sendmsg: 18 01 : unable to send get device id command cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel E7320 MCH rev 0x0c ppb0 at pci0 dev 2 function 0 Intel MCH PCIE rev 0x0c pci1 at ppb0 bus 1 ppb1 at pci0 dev 3 function 0 Intel MCH PCIE rev 0x0c pci2 at ppb1 bus 2 bge0 at pci2 dev 0 function 0 Broadcom BCM5721 rev 0x11, BCM5750 B1 (0x4101): irq 10, address 00:16:35:b1:b4:5a brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 ppb2 at pci0 dev 28 function 0 Intel 6300ESB PCIX rev 0x02 pci3 at ppb2 bus 3 ahd0 at pci3 dev 4 function 0 Adaptec AIC-7901 U320 rev 0x10: irq 9 ahd0: aic7901, U320 Wide Channel A, SCSI Id=7, PCI-X 50-66Mhz, 512 SCBs scsibus0 at ahd0: 16 targets sd0 at scsibus0 targ 0 lun 0: COMPAQ, BF03688284, HPB3 SCSI3 0/direct fixed sd0: 34732MB, 50824 cyl, 2 head, 699 sec, 512 bytes/sec, 71132000 sec total safte0 at scsibus0 targ 8 lun 0: SDR, GEM318P, 1 SCSI2 3/processor fixed Intel 6300ESB USB rev 0x02 at pci0 dev 29 function 0 not configured Intel 5300ESB USB rev 0x02 at pci0 dev 29 function 1 not configured ichwdt0 at pci0 dev 29 function 4 Intel 6300ESB WDT rev 0x02: 1kHz clock Intel 6300ESB APIC rev 0x02 at pci0 dev 29 function 5 not configured Intel 6300ESB USB rev 0x02 at pci0 dev 29 function 7 not configured ppb3 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0x0a pci4 at ppb3 bus 4 vga1 at pci4 dev 4 function 0 ATI Rage XL rev 0x27 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) ichpcib0 at pci0 dev 31 function 0 Intel 6300ESB LPC rev 0x02 pciide0 at pci0 dev 31 function 1 Intel 6300ESB IDE rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility drive at pciide0 channel 0 drive 0 not configured pciide0: channel 0 disabled (no drives) pciide0: channel 1 disabled (no drives) ichiic0 at pci0 dev 31 function 3 Intel 6300ESB SMBus rev 0x02: irq 10 iic0 at ichiic0 lm3 at iic0 addr 0x2c: W83792D rev B isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 lm0 at isa0 port 0x290/8: W83627THF npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask ffed netmask ffed ttymask ffef pctr: user-level cycle counter enabled ahd0: target 0 synchronous with period = 0x8, offset = 0x3f(DT|IU|RTI|QAS) dkcsum: sd0 matches BIOS drive 0x80 root on sd0a rootdev=0x400 rrootdev=0xd00 rawdev=0xd02 WARNING: / was not properly unmounted
Re: Kernel Panic with 3.9-current MP
Stuart Henderson wrote: On 2006/07/12 11:59, Federico Giannici wrote: Probably you already know it: the i386 snapshot of Jul 4 (both MP and SP) made our system to freeze (usually after a few hours, sometime after a few minutes) and a couple of time made the system crash with a page fault. We downgraded to 3.9 and the problems disappeared. When I had a bad cpu in May I hardly saw the problem with April 24 kernel (still available in snapshots/i386/non-pae) - I had to run `stress' and `make build' together and wait a while to see it, whereas the May 7 snapshot failed very quickly when compiling, and after not too long with any operation. OK, but I changed both CPU and RAM and the problem remained. Then I changed the entire hardware (but the discs) and the problem remained. Then I downgraded to 3.9-release and the problem disappeared! Bye. -- ___ __ |- [EMAIL PROTECTED] |ederico Giannici http://www.neomedia.it Presidente del CDA - Neomedia S.r.l. ___
unsuscribe
unsuscribe
Re: Kernel Panic with 3.9-current MP
On 2006/07/13 10:09, Federico Giannici wrote: When I had a bad cpu in May I hardly saw the problem with April 24 kernel (still available in snapshots/i386/non-pae) - I had to run `stress' and `make build' together and wait a while to see it, whereas the May 7 snapshot failed very quickly when compiling, and after not too long with any operation. OK, but I changed both CPU and RAM and the problem remained. Then I changed the entire hardware (but the discs) and the problem remained. Then I downgraded to 3.9-release and the problem disappeared! What I'm trying to say is - are you sure it's fixed? because I had to really stress my faulty machine with older kernels before they would crash, but they still crashed sometimes.
Re: Kernel Panic with 3.9-current MP
Stuart Henderson wrote: On 2006/07/13 10:09, Federico Giannici wrote: When I had a bad cpu in May I hardly saw the problem with April 24 kernel (still available in snapshots/i386/non-pae) - I had to run `stress' and `make build' together and wait a while to see it, whereas the May 7 snapshot failed very quickly when compiling, and after not too long with any operation. OK, but I changed both CPU and RAM and the problem remained. Then I changed the entire hardware (but the discs) and the problem remained. Then I downgraded to 3.9-release and the problem disappeared! What I'm trying to say is - are you sure it's fixed? because I had to really stress my faulty machine with older kernels before they would crash, but they still crashed sometimes. No, I'm not sure it's fixed. I upgraded to -current because I had some occasional problem with MP kernel (now I'm using an SP one). But what I'm trying to say is: I'm sure it is NOT a problem of the specific CPU (or hardware in general) because I changed it. Thanks. -- ___ __ |- [EMAIL PROTECTED] |ederico Giannici http://www.neomedia.it ___
GDBM_File (GDBM::File)
ello How can I install GDBM::File into the stock Perl in OpenBSD? I don't understand why it's not there when it comes automatically with Perl. Was it stripped out from the Perl due to license reason? I tried to download it and installed but it complained about unresolved library something in some *.so file. CL
Re: Zydas zd1211(b) support in OpenBSD
On Tuesday 11 July 2006 23:12, Jonathan Gray wrote: On Tue, Jul 11, 2006 at 08:43:05PM +1200, Joel Wiramu Pauling wrote: Hi all, I really need to know if the zd1211 and zd1211(b) code has been intergrated into OpenBSD yet and good and workable. I need to run one in a server. I saw some traffic about prelim driver a while ago... It is not working yet. If you want something that works today, look at the hardware list for ural(4) if you have to use USB. Thanks have dug out an old rev a dlink prism 2 card for the time being. Kind regards JoelW
OpenBSD/Dependencies.pm
Hello Is it possible to get official OpenBSD/Dependencies.pm somewhere? I searched in CPAN for openbsd::dependencies, openbsd-dependencies and openbsd_dependencies but it didn't find anything. I found that by installing a fresh new perl from sources the GDBM_File gets installed too, but then the pkg_add stops working. CL
uhci1: host controller process error
Hello, I am running gnokii apllication (http://www.gnokii.org/) version 0.6.12 to get SMS messages from a Nokia mobile phone connected to USB. From time to time the uhci1 host controller stops responding. The error message is: uhci1: host controller process error uhci1: host controller halted uhci_freex: xfer=0xd1e83900 not busy, 0x4f4e5155 uhci_freex: xfer=0xd1e1d900 not busy, 0x4f4e5155 uhci_freex: xfer=0xd1ea8f00 not busy, 0x4f4e5155 Any hints? Dmesg: = OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) 4 CPU 2.40GHz (GenuineIntel 686-class) 2.40 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID real mem = 1073258496 (1048104K) avail mem = 972615680 (949820K) using 4278 buffers containing 53764096 bytes (52504K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(e2) BIOS, date 08/03/04, BIOS32 rev. 0 @ 0xfbb30 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xdf64 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfde90/208 (11 entries) pcibios0: PCI Exclusive IRQs: 5 9 11 pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801EB/ER LPC rev 0x00) pcibios0: PCI bus #2 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82865G/PE/P CPU-I/0-1 rev 0x02 ppb0 at pci0 dev 1 function 0 Intel 82865G/PE/P CPU-AGP rev 0x02 pci1 at ppb0 bus 1 uhci0 at pci0 dev 29 function 0 Intel 82801EB/ER USB rev 0x02: irq 5 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801EB/ER USB rev 0x02: irq 5 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801EB/ER USB rev 0x02: irq 11 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 29 function 3 Intel 82801EB/ER USB rev 0x02: irq 5 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 Intel 82801EB/ER USB2 rev 0x02: irq 9 usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports with 8 removable, self powered ppb1 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0xc2 pci2 at ppb1 bus 2 vga1 at pci2 dev 0 function 0 S3 Trio64V2/DX rev 0x16 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) em0 at pci2 dev 2 function 0 Intel PRO/1000MT (82541GI) rev 0x00: irq 5, address 00:0e:0c:37:bf:52 rl0 at pci2 dev 5 function 0 Realtek 8139 rev 0x10: irq 9, address 00:04:61:4b:0c:e4 rlphy0 at rl0 phy 0: RTL internal PHY ichpcib0 at pci0 dev 31 function 0 Intel 82801EB/ER LPC rev 0x02 pciide0 at pci0 dev 31 function 1 Intel 82801EB/ER IDE rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: HDS722525VLAT80 wd0: 16-sector PIO, LBA48, 238475MB, 488397168 sectors wd1 at pciide0 channel 0 drive 1: Maxtor 6Y120P0 wd1: 16-sector PIO, LBA, 117246MB, 240121728 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 5 pciide0: channel 1 disabled (no drives) pciide1 at pci0 dev 31 function 2 Intel 82801EB SATA rev 0x02: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using irq 11 for native-PCI interrupt wd2 at pciide1 channel 0 drive 0: WDC WD2500SD-01KCB0 wd2: 16-sector PIO, LBA48, 238475MB, 488397168 sectors wd2(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 wd3 at pciide1 channel 1 drive 0: WDC WD2500SD-01KCB0 wd3: 16-sector PIO, LBA48, 238475MB, 488397168 sectors wd3(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 5 ichiic0 at pci0 dev 31 function 3 Intel 82801EB/ER SMBus rev 0x02: irq 11 iic0 at ichiic0 auich0 at pci0 dev 31 function 5 Intel 82801EB/ER AC97 rev 0x02: irq 11, ICH5 AC97 ac97: codec id 0x414c4720 (Avance Logic ALC650) ac97: codec features 20 bit DAC, 18 bit ADC, Realtek 3D audio0 at auich0 isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pmsi0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pmsi0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 lm0 at isa0 port
Re: OpenBSD/Dependencies.pm
* Karel Kulhavy [EMAIL PROTECTED] [060713 06:45]: Hello Is it possible to get official OpenBSD/Dependencies.pm somewhere? I searched in CPAN for openbsd::dependencies, openbsd-dependencies and openbsd_dependencies but it didn't find anything. I found that by installing a fresh new perl from sources the GDBM_File gets installed too, but then the pkg_add stops working. CL Look here: /usr/libdata/perl5/OpenBSD/Dependencies.pm Jim
Re: Voice-Chat Software (maybe even a Client wich works on openBSD? ;) ) ?
I`m looking for a Voice-Chat/VoIP Solution. sebastian's post reminded me that it would be nice to have encrypted voice-chatting capabilities without the complexity of asterisk+vpn or using weakly audited/unaudited code. it would be sweet to have encrypted voice chat capability in the base openbsd install, although i understand that it merely being sweet is insufficient to make it appear there. are there any reasons that something like this couldn't make it into the default install, assuming the code is solid? cheers, jake
[no subject]
I work with safe wireless network. For registering to this network I should use 2 certificates. Also I should use username and password. How I can register to this wireless network? Where can I find information about wireless network configuration?
Re: Voice-Chat Software (maybe even a Client wich works on openBSD? ;) ) ?
On 7/13/06, Sebastian Rother [EMAIL PROTECTED] wrote: Hello everybody, I`m looking for a Voice-Chat/VoIP Solution. You could take a look at shtoom. http://divmod.org/trac/wiki/ShtoomProject I think it has already been mentioned on this list (or ports?). Eric.
Re: SATA RAID card: the cheapest
All LSI megaraid cards fit the pci envelope. If you add the type of internal SCSI cable which are easy (possible?) to buy, the 320-1 no longer fits MD2. If anyone has a suggestion on an internal cable that might work with 320-1 and allow the lid of a 2U (low-profile) case to be closed, please could they let me know, bonus marks for any vendors that will ship to UK... N.B. to anyone thinking about using these in 2U low-profile systems, if you want to use the internal connector, you want the 320-1LP not the 320-1...although 320-1 comes with the right bracket for low-profile systems, you need the SCSI connector rotated through 90 degrees as it is on 320-1LP.
Logging failed console login attempts
Is my memory fuzzy? The console on OpenBSD 3.9 release doesn't seem to log unknown username or failed login attempts anywhere. It does keep a count of failed logins for an existing account, which is displayed upon successful login. Somehow I remember the console being more verbose in previous releases.
Re: Voice-Chat Software (maybe even a Client wich works on openBSD? ;) ) ?
On 7/13/06, Jacob Yocom-Piatt [EMAIL PROTECTED] wrote: I`m looking for a Voice-Chat/VoIP Solution. sebastian's post reminded me that it would be nice to have encrypted voice-chatting capabilities without the complexity of asterisk+vpn or using weakly audited/unaudited code. it would be sweet to have encrypted voice chat capability in the base openbsd install, although i understand that it merely being sweet is insufficient to make it appear there. are there any reasons that something like this couldn't make it into the default install, assuming the code is solid? Why would you need voice chat in the base install? There isn't even IM in the base install. OpenSIP would be helpful to a lot of people, I'm sure, but I doubt the developers have time for it. -Nick
Password escrow
Is anyone using or know of an open source password escrow package? thanks roland
Re: D-Link DUB-E100 new Revision does not work
Guido Tschakert schrieb: ello, I have searched the net and what I found isn't that good. From the linux people I found that AX88772 L should be supported by their usbnet driver. On the other side I found a guy (using linux) having the same device (and thus the same problem as I have) At asix I found the following site http://www.asix.com.tw/products.php?op=pItemdetailPItemID=86;71;101PLine=71 They say that their chip is supported under linux with the usbnet driver. The only difference I see between what I have and what I found in the net is the name of the chipset: everyone talks about AX88772 L and I have AX88772 LF (you see the F? ) I think, I write a email to D-LINK and Asix, cheers guido The letters are probably package sizes of the chip rather than revisions. More likely something like the gpio twiddling needs to be improved in the driver if the diff I sent is not working. Hello Jonathan, I must admit, I don't know what you exactly are talking about (gpio twiddling :-) I got an answer from axis, I think I can post it here: Dear Guido: Thank you for your question. AX88772 L and AX88772 LF are all support Linux driver. D-Link can't support Linux driver because they has different PID and VID at their new device. You should find out their PID and VID so that you can add it to Linux driver. As often, they only talk about linux. I think, that is exactly what your diff has done. The guy from axis included the source code of the usbnet.c driver, which contains a lot of functions with ax88772 in their names. If it helps, I can forward it to you. One thing, if you don't have the time to improve the driver: I really don't need it, better use your time for important things ;-) Nevertheless, thanks for your help guido Ok, now i got an answer from dlink telling that the DUB-E100 contains the following: Asix AX88172 (as we already now) IC+ IP101 (the PHY what we can see from the dmesg) If someone is able to use this data... guido
Re: Logging failed console login attempts
On 2006/07/13 09:39, Will H. Backman wrote: The console on OpenBSD 3.9 release doesn't seem to log unknown username or failed login attempts anywhere. Somehow I remember the console being more verbose in previous releases. syslog.conf defaults changed. See the commented-out /dev/console line.
Re: Voice-Chat Software (maybe even a Client wich works on openBSD? ;) ) ?
On 2006/07/13 09:41, Nick Guenther wrote: There isn't even IM in the base install. ah, but there is! talk
Re: Logging failed console login attempts
Will H. Backman wrote: The console on OpenBSD 3.9 release doesn't seem to log unknown username or failed login attempts anywhere. See this commit: http://www.openbsd.org/cgi-bin/cvsweb/src/etc/syslog.conf#rev1.14 Make the default syslog.conf not make the console and root logins unusable when problems occur. Provide commented out examples showing people how to direct output to /dev/console or as messages to root, for situations where such output might acutally be useful, rather than something that keeps you from fixing a problem due to the screen getting spewed at.
Re: Voice-Chat Software (maybe even a Client wich works on openBSD? ;) ) ?
Why would you need voice chat in the base install? There isn't even IM in the base install. good point about the IM. i see voice as pretty important since the gross majority of ppl have a phone (whether VOIP or otherwise) in their home. on the other hand, not everyone uses text chat programs. OpenSIP would be helpful to a lot of people, I'm sure, but I doubt the developers have time for it. i recognize the devs are busy folks and don't have time to code out features that people wish for on [EMAIL PROTECTED] note that my previous message did not suggest someone else should do this, it only asked if such a thing were done, could it get in tree. i surmise the answer is no, likely for the reason you cite above. i wanted to check because i've thought about working on such a thing myself for a year now. -Nick
Re: Logging failed console login attempts
Dimitry Andric wrote: Will H. Backman wrote: The console on OpenBSD 3.9 release doesn't seem to log unknown username or failed login attempts anywhere. See this commit: http://www.openbsd.org/cgi-bin/cvsweb/src/etc/syslog.conf#rev1.14 Make the default syslog.conf not make the console and root logins unusable when problems occur. Provide commented out examples showing people how to direct output to /dev/console or as messages to root, for situations where such output might acutally be useful, rather than something that keeps you from fixing a problem due to the screen getting spewed at. I guess I was expecting more to show up in /var/log/secure or authlog, or messages. I tried some random wrong password for the root account, and also tried accounts like rott, and all I got was: /var/log/secure Jul 13 09:30:30 star login: 1 LOGIN FAILURE ON ttyC0, root /var/log/messages Jul 13 09:30:30 star login: 1 LOGIN FAILURE ON ttyC0
Re: Logging failed console login attempts
Will H. Backman wrote: Dimitry Andric wrote: Will H. Backman wrote: The console on OpenBSD 3.9 release doesn't seem to log unknown username or failed login attempts anywhere. See this commit: http://www.openbsd.org/cgi-bin/cvsweb/src/etc/syslog.conf#rev1.14 Make the default syslog.conf not make the console and root logins unusable when problems occur. Provide commented out examples showing people how to direct output to /dev/console or as messages to root, for situations where such output might acutally be useful, rather than something that keeps you from fixing a problem due to the screen getting spewed at. I guess I was expecting more to show up in /var/log/secure or authlog, or messages. I tried some random wrong password for the root account, and also tried accounts like rott, and all I got was: /var/log/secure Jul 13 09:30:30 star login: 1 LOGIN FAILURE ON ttyC0, root /var/log/messages Jul 13 09:30:30 star login: 1 LOGIN FAILURE ON ttyC0 Automated failed login attempts make an excellent Denial Of Service attack. (if the logs cooperate by using up all available disk space)
Re: problem with spamd
Hi, The -g flag is not neccesary in rc.conf, when the system receive the proccess add it: _spamd 25447 0.0 0.4 9172 4268 ?? S 9:07AM 0:00.04 /usr/libexec/spamd -v -G 8:4:864 -g The spamd log include two different entries, the spamassassin daemon (spamd) and spamd openbsd: Jul 13 09:32:56 www2 spamd[25447]: (GREY) 200.xxx.xxx.xxx: [EMAIL PROTECTED] - [EMAIL PROTECTED] Jul 13 09:32:56 www2 spamd[25447]: 200.xxx.xxx.xxx: disconnected after 11 seconds. Jul 13 09:33:55 www2 spamd[10775]: whitelisting 200.xxx.xxx.xxx in /var/db/spamd But the messages are not delivered to sendmail after spamd (openbsd) check it. I have a develop machine in my network (without nat to public ip) with a local domain and works like a charm How spamd (openbsd) deliver messages to MTA (sendmail)? only by pf rules? Thanks, On Wed, 2006-07-12 at 20:37 -0400, jared r r spiegel wrote: On Wed, Jul 12, 2006 at 01:44:34PM -0500, Polkan Garcia wrote: The original idea is, the mail sent to openbsd server is checked by spamd and next is sent to sendmail to process it. Now, send messages to openbsd's box and works fine (using spamdb output) but does not delivered to sendmail (none showing in maillog) keep in mind that spamd never acts as an intermediary for the mail transaction. if traffic is redirected to spamd, it talks to spamd forever. if you use greylisting and something ascends through greylisting, spamd puts the IP into the spamd-white table so that those hosts will *not* be redirected to spamd in pf ( by virtue of the host existing in 'spamd' == false, and the host being not listed in 'spamd-white' also being == false (because it *is* in spamd-white if it made it through greylisting)) and thus can fall through to the MTA as allowed by the rest of the pf ruleset I have only one NIC (em0) and this is my pf rules: table spamd persist table spamd-white persist rdr pass on !lo0 proto tcp from spamd to !lo0 port smtp - lo0 port spamd rdr pass on !lo0 proto tcp from !spamd-white to !lo0 port smtp - lo0 port spamd You have any idea? if the above suggestion is not your problem, maybe you forgot to pass '-g' to spamd? eg: you have 'spamd_grey=YES' in /etc/rc.conf.local but have since restarted spamd commandline with only the parameters in 'spamd_flags=' which didn't have '-g' in them because you saw 'spamd_grey=YES' and didn't remember that all that does is cause /etc/rc to tack on the '-g' after 'spamd_flags' and doesn't automatically just make greylisting _happen_ ? not like that is anything i have ever personally had happen to me... :/ if that's not it, i guess add '-v' to spamd, make a /var/log/spamd file, add: --- !!spamd *.* /var/log/spamd !* --- to /etc/syslog.conf; hup syslogd, and see if you get anything else from the spamd log ( given that you mention nothing in maillog )
Re: 3.9 freeze
Hi, the server freeze again, I can break into ddb # dmesg -N bsd.0 -M bsd.0.core 0 0 20x100604 usb1 5 0 0 0 30x100204 usbtsk usbtask 4 0 0 0 20x100604 usb0 3 0 0 0 20x100204 apm0 2 0 0 0 30x100204 kmallockmthread 1 0 1 0 3 0x4084 wait init 0 -1 0 0 3 0x80204 scheduler swapper ddb Debugger(ebe50e18,d0102541,a0,d27d7800,1) at Debugger+0x4 internal_command(d27d7800,ebe50e80,f420,1b,d05a6868) at internal_command+0x195 wskbd_translate(d05d9be0,2,1,0) at wskbd_translate+0x72 wskbd_input(d27d7800,2,1,1) at wskbd_input+0x42 pckbd_input(d27c6300,1,d05e2080,7fff) at pckbd_input+0x53 pckbcintr(d27c6380) at pckbcintr+0x9f Xrecurse_legacy1() at Xrecurse_legacy1+0xb2 --- interrupt --- Xspllower(da2cb004) at Xspllower+0xe Bad frame pointer: 0xd070ced8 ddbPID PPID PGRPUID S FLAGS WAIT COMMAND 26386 21216 28306 0 3 0x4004 fltamapco php 5118 15711 15711 0 2 0x4004 perl 21216 28306 28306 0 3 0x4084 pause ksh 2109 3683 3683 0 2 0x4004 perl 28306 5019 28306 0 3 0x4084 pause sh 3683 4656 3683 0 3 0x4084 pause sh 15711 21903 15711 0 3 0x4084 pause sh 5019 8936 8936 0 30x84 piperd cron 4656 8936 8936 0 30x84 piperd cron 21903 8936 8936 0 30x84 piperd cron 8607 24927 26378 0 30x84 netio pure-ftpd 2457 6496 26378 0 30x84 netio pure-ftpd 3885 21760 26378 0 30x84 netio pure-ftpd 6496 31335 26378 0 2 0x185 pure-ftpd 21760 31335 26378 0 2 0x185 pure-ftpd 24927 31335 26378 0 2 0x185 pure-ftpd 8561 7644 26378 1010 2 0x4584 dnscache 31223 21583 26378 1008 2 0x4484 qmail-smtpd 13507 22183 26378 0 30x84 netio pure-ftpd 22183 31335 26378 0 2 0x185 pure-ftpd 32700 18095 18095506 2 0x584 perl 32660 9091 9091513 2 0x185 vsftpd 9091 12326 9091 0 3 0x4185 netio vsftpd 14047 18095 18095506 2 0x584 perl 25543 4524 25543 0 3 0x4086 ttyin ksh 4524 26868 4524 0 2 0x4084 sshd 23057 20933 26378 1008 2 0x4484 imapd 26008 1605 26378 1008 2 0x4484 imapd 1605 19250 26378 0 2 0x4084 couriertls 20933 19250 26378 0 2 0x4084 couriertls 26192 16052 26378 1008 2 0x4484 imapd 31649 17159 26378 1008 2 0x4484 imapd 17159 19250 26378 0 2 0x4084 couriertls 16052 19250 26378 0 2 0x4084 couriertls 6047 19668 19668 1012 2 0x184 httpd 31259 19668 19668 1012 2 0x184 httpd 9931 19668 19668 1012 2 0x184 httpd 16070 30184 30184 67 3 0x184 semwaithttpd 3104 30184 30184 67 3 0x184 semwaithttpd 28808 30184 30184 67 3 0x184 semwaithttpd 3954 30184 30184 67 3 0x184 semwaithttpd 11838 30184 30184 67 3 0x184 semwaithttpd 12898 30184 30184 67 3 0x184 semwaithttpd 31996 30184 30184 67 2 0x184 httpd 25989 30184 30184 67 3 0x184 semwaithttpd 12089 30184 30184 67 3 0x184 semwaithttpd 25211 30184 30184 67 3 0x184 semwaithttpd 24199 30184 30184 67 3 0x184 semwaithttpd 10041 30184 30184 67 3 0x184 netio httpd 10404 30184 30184 67 3 0x184 semwaithttpd 25391 30184 30184 67 3 0x184 semwaithttpd 20911 30184 30184 67 3 0x184 netio httpd 17075 30184 30184 67 3 0x184 semwaithttpd 24988 30184 30184 67 3 0x184 semwaithttpd 23649 30184 30184 67 3 0x184 semwaithttpd 8441 30184 30184 67 3 0x184 semwaithttpd 1142 30184 30184 67 3 0x184 semwaithttpd 15612 30184 30184 67 3 0x184 semwaithttpd 6674 30184 30184 67 3 0x184 semwaithttpd 16961 30184 30184 67 3 0x184 semwaithttpd 28316 30184 30184 67 3 0x184 semwaithttpd 4648 30184 30184 67 3 0x184 semwaithttpd 11789 30184 30184 67 3 0x184 semwaithttpd 2002 30184 30184 67 3 0x184 semwaithttpd 4222 30184
Re: 3.9 freeze
The next time it freezes, break into ddb and get the output of 'show uvmexp'. -p.
Re: Password escrow
On Thursday 13 July 2006 09:50, Roland Dominguez wrote: Is anyone using or know of an open source password escrow package? thanks roland Ugh. If you are talking about a way to hold passwords in case someone gets hit by a truck, nothing beats writing it down, stuffing it in an envelope and putting in an administrative persons secure area. I question using a PDA to do this. I know of a place that used one for a password store area, and guess what--it got lost. It was lost for two+ days before folks noticed. I leave it to the reader to imagine the hysteria that ensued, realizing that systems with really sensitive data were in that PDA... --STeve Andre'
Re: problem with spamd
The spamd log include two different entries, the spamassassin daemon (spamd) and spamd openbsd: Jul 13 09:32:56 www2 spamd[25447]: (GREY) 200.xxx.xxx.xxx: [EMAIL PROTECTED] - [EMAIL PROTECTED] Jul 13 09:32:56 www2 spamd[25447]: 200.xxx.xxx.xxx: disconnected after 11 seconds. Jul 13 09:33:55 www2 spamd[10775]: whitelisting 200.xxx.xxx.xxx in /var/db/spamd But the messages are not delivered to sendmail after spamd (openbsd) check it. I have a develop machine in my network (without nat to public ip) with a local domain and works like a charm How spamd (openbsd) deliver messages to MTA (sendmail)? only by pf rules? These logs indicate that the machien above successfully retried and was whitelisted. All that means is that the *next* time it retries it will get through. This attempt was still given a 450 at 09:32. the next retry after 09:33 should be sent to the real server, assuming you have your pf rules set up correctly. OpenBSD spamd does not deliver ANY messages to an MTA - it only manipulates pf. You appear to think that spamd will pass the message on. It does not. -Bob
Re: Logging failed console login attempts
I guess I was expecting more to show up in /var/log/secure or authlog, or messages. What like, the username? That would be risky, you'd be likely to end up with plain passwords in the logs then.
Re: 3.9 freeze
diego wrote: UVM amap201783 39322K 39322K 39322K12379757100 0 16,32,64,128,256,512,1024,2048,4096,8192,16384,32768,65536 I have noticed that the above UVM amap HighUse value is equal to the Limit value. As I have already said, the PC of mine that occasional freezes has high values of VM amap too. So I'm asking again: what happens when the Limit value is reached? Can it make the pc to freeze? What can we do to avoid this? Thanks. -- ___ __ |- [EMAIL PROTECTED] |ederico Giannici http://www.neomedia.it ___
Re: 3.9 freeze
On Thu, Jul 13, 2006 at 05:39:40PM +0200, Federico Giannici wrote: I have noticed that the above UVM amap HighUse value is equal to the Limit value. Indeed it looks suspicious. Not my area, though, so I'd have to look at the code to know the exact consequences. But yes, it's a possibility. Perhaps Mickey or Ted can enlighten us? -p.
Re: problem with spamd
These logs indicate that the machien above successfully retried and was whitelisted. All that means is that the *next* time it retries it will get through. This attempt was still given a 450 at 09:32. the next retry after 09:33 should be sent to the real server, assuming you have your pf rules set up correctly. OpenBSD spamd does not deliver ANY messages to an MTA - it only manipulates pf. You appear to think that spamd will pass the message on. It does not. OK. After spamd check mail, ?how it known where proccess or where deliver? by example, make a MX query and sent it to apropiate mail server? -Polkan -Bob
kernelpppoe and nmap?
Since I switched to the kernel pppoe I receive a lot errors with nmap. Cannot determine route to %FOO. For example with a bank-website: lynx www.cc-bank.de works perfectly nmap -P0 -sSV -p80 www.cc-bank.de does not work. nslookup www.cc-bank.de does work so it`s realy a neat routing issue. Another example with www.heise.de: sudo nmap -P0 -sS -sV -vvv www.heise.de Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2006-07-13 17:52 CEST WARNING: Unable to find appropriate interface for system route to 0.0.0.1 WARNING: Unable to find appropriate interface for system route to 0.0.0.0 nexthost: failed to determine route to 193.99.144.85 QUITTING! Please don`t get me wrong I just needed some Servers where I`m sure they where working. I tried it also with -e pppoe0 and later with fxp0 (wich failed, no Adress). godfather $ sudo nmap -e pppoe0 -P0 -sSV -p22,80 -vvv www.heise.de Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2006-07-13 17:58 CEST WARNING: Unable to find appropriate interface for system route to 0.0.0.1 WARNING: Unable to find appropriate interface for system route to 0.0.0.0 DNS resolution of 1 IPs took 0.04s. Initiating SYN Stealth Scan against www.heise.de (193.99.144.85) [2 ports] at 17:58 The SYN Stealth Scan took 3.02s to scan 2 total ports. Host www.heise.de (193.99.144.85) appears to be up ... good. Interesting ports on www.heise.de (193.99.144.85): PORT STATESERVICE VERSION 22/tcp filtered ssh 80/tcp filtered http Nmap finished: 1 IP address (1 host up) scanned in 3.127 seconds Raw packets sent: 4 (176B) | Rcvd: 0 (0B) godfather $ As you can see nmap displays everythign as filtered. It doesn`t matter wich IP I scan even if I would scan www.hotmail.com with Port 80 it would tell me it`s filtered. I`ve NO active pf and the only stuff I made was switching from userland pppd to Kernel pppd. Any hints to make nmap working? Kind regards, Sebastian p.s. OpenBSD AMD64/3.9-Stable with a current nmap-Port. (same result with 3.95 so doesn`t matter)
Installation of a disk image using PXE and bsd.rd
Soekris boxes are pretty damn cool. I've got a couple of the 4801 boards and I'm loving them to bits. I decided that having changed my router to OpenBSD using a 4801 running on a 320M microdrive, the time had come to do a similar thing for my wireless needs. Enter a Soekris 4826, courtesy of www.kd85.com. By the way Wim, if you see this, the unit you sent me seems to have been used for a demo at fosdem, the hostname is soekris.fosdem.org. You don't need the image do you? Anyway, I've got myself a nice little box sitting on my desk: http://www.soekris.com/net4826.htm It has 128M RAM, 64M flash soldered on, and uses POE. With the addition of a ral wifi card in one of the two mini-PCI slots, I think it will make a great AP. Now to make it worthy of a little pufferfish sticker. But how? www.opensoekris.com provided the means of creating a small, optimised image suitable for doing exactly what I want, so much thanks to them. (Unfortunately this unit is new enough that no-one seems to have a config file for the 4826 yet, so I used NET4801... Hopefully they're close enough.) The problem is getting the disk image on the flash. There is no USB slot, no disk connectors, all I have is an ethernet jack and an OpenBSD server. I was hoping to PXE bsd.rd and then do ftp, dd, happiness, but no such luck. I get bsd.rd up fine, drop to a shell, I have an ftp binary, a dd binary, all is well, but I have nowhere to ftp to. I can't find mount_mfs, and I the image I want to write is exactly the same size as the flash I have available. I'm a bit stuck really. Suggestions anyone? I'm thinking I should be able to do it, but I'm clearly missing something obvious. The only other thing I can think of is to make my own base.tgz and etc.tgz, and point the installer at them, but it shouldn't be that hard. Should it? Richard W
ftp-proxy problem on firewall
hello all,
I set up my firewall as described in ftp-proxy(8) in order to make ftp work.
my setup:
[comp 1]-[gateway/firewall]-Internet
The problem is that ftp (both active and passive mode) only works on
comp 1. When I try to connect to a ftp server from my firewall machine
I can log in normally but when I try to transfer some data pf blocks
it.
I think the problem might be that ftp traffic from my firewall machine
doesn't go through the proxy at all, so ftp-proxy doesn't create any
rules for it.
For example if I open a ftp connection from comp 1 I get:
[EMAIL PROTECTED] ~$ pfctl -sA -v
ftp-proxy
ftp-proxy/26261.5
but if I do the exacted same thing from my firewall machine I only get:
[EMAIL PROTECTED] ~$ pfctl -sA -v
ftp-proxy
So can someone please tell me how to make the proper corrections to
make ftp work from the firewall as well.
some useful information:
[EMAIL PROTECTED] ~$ uname -a
OpenBSD pika.zbontar.org 3.9 GENERIC#617 i386
[EMAIL PROTECTED] ~$ cat /etc/pf.conf
# macros
ext_if = tun0
int_if = we0
lan = $int_if:network
proxy = ( $ext_if )
# nat
nat on $ext_if from $int_if to any - ($ext_if)
# ftp-proxy (from man page)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $int_if proto tcp from $lan to any port 21 - \
127.0.0.1 port 8021
# default deny
block all
# more ftp-proxy related rules
anchor ftp-proxy/*
pass out proto tcp from $proxy to any port 21 keep state
# allow name resolution
pass out on $ext_if proto { tcp udp } to port domain keep state
# allow traffic on $int_if
pass on $int_if
[EMAIL PROTECTED] ~$ ifconfig
lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33224
groups: lo
inet 127.0.0.1 netmask 0xff00
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
xl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:60:97:2d:dd:dd
media: Ethernet 10baseT (10baseT half-duplex)
status: active
inet6 fe80::260:97ff:fe2d:%xl0 prefixlen 64 scopeid 0x1
we0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:00:c0:e6:27:94
media: Ethernet 10base2
inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255
inet6 fe80::200:c0ff:fee6:2794%we0 prefixlen 64 scopeid 0x2
pflog0: flags=141UP,RUNNING,PROMISC mtu 33224
pfsync0: flags=0 mtu 1460
enc0: flags=0 mtu 1536
tun0: flags=8011UP,POINTOPOINT,MULTICAST mtu 1492
groups: tun egress
inet 213.250.22.254 -- 213.250.19.90 netmask 0x
[EMAIL PROTECTED] ~$ cat /etc/rc.conf.local
pf=YES
ftpproxy_flags=
regards,
Jure
sensorsd configuration
Hello. I have not used sensorsd on OpenBSD before, but am trying to learn. I have read sensorsd(8) and sensorsd.conf(5) from OpenBSD 3.9 and the configuration looks very simple. However, i have a couple quick questions: The lines in sensorsd.conf start with hw.sensors.N (where N is a small natural number). How do i determine N for each sensor? Is there a list somewhere that tells what is what? Or is there a command i can run to generate a list? Secondly, is it possible to read the current values of sensors? For example, say i have configured a sensor to monitor the CPU temperature. Is there a way to find out what the current temperature is? Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Installation of a disk image using PXE and bsd.rd
On 7/13/06, Richard Wilson [EMAIL PROTECTED] wrote: Soekris boxes are pretty damn cool. I've got a couple of the 4801 boards and I'm loving them to bits. I decided that having changed my router to OpenBSD using a 4801 running on a 320M microdrive, the time had come to do a similar thing for my wireless needs. Enter a Soekris 4826, courtesy of www.kd85.com. By the way Wim, if you see this, the unit you sent me seems to have been used for a demo at fosdem, the hostname is soekris.fosdem.org. You don't need the image do you? Anyway, I've got myself a nice little box sitting on my desk: http://www.soekris.com/net4826.htm It has 128M RAM, 64M flash soldered on, and uses POE. With the addition of a ral wifi card in one of the two mini-PCI slots, I think it will make a great AP. Now to make it worthy of a little pufferfish sticker. But how? www.opensoekris.com provided the means of creating a small, optimised image suitable for doing exactly what I want, so much thanks to them. (Unfortunately this unit is new enough that no-one seems to have a config file for the 4826 yet, so I used NET4801... Hopefully they're close enough.) The problem is getting the disk image on the flash. There is no USB slot, no disk connectors, all I have is an ethernet jack and an OpenBSD server. I was hoping to PXE bsd.rd and then do ftp, dd, happiness, but no such luck. I get bsd.rd up fine, drop to a shell, I have an ftp binary, a dd binary, all is well, but I have nowhere to ftp to. I can't find mount_mfs, and I the image I want to write is exactly the same size as the flash I have available. I'm a bit stuck really. Suggestions anyone? I'm thinking I should be able to do it, but I'm clearly missing something obvious. The only other thing I can think of is to make my own base.tgz and etc.tgz, and point the installer at them, but it shouldn't be that hard. Should it? Richard W There are many sites that document installing OpenBSD onto a CF Card based device such as the Soekris/WRAP boards. Check google: http://www.google.com/bsd?hl=enlr=q=openbsd+soekris+installbtnG=Search I installed on a normal PC to the CF Card in a USB Card reader (wd0). I then booted my WRAP, set the correct cylinders/heads/sectors and had a full OpenBSD install (without X). I followed the info on Jonathan Weiss' blog: http://blog.innerewut.de/articles/2005/05/14/openbsd-3-7-on-wrap Cheers z0mbix
Re: sensorsd configuration
On Thu, 13 Jul 2006, Daniel A. Ramaley wrote: The lines in sensorsd.conf start with hw.sensors.N (where N is a small natural number). How do i determine N for each sensor? Is there a list You can retrieve sensors information using the sysctl command: $ sysctl hw.sensors hw.sensors.0=viaenv0, TSENS1, temp, 50.50 degC / 122.90 degF hw.sensors.1=viaenv0, TSENS2, temp, 52.00 degC / 125.60 degF hw.sensors.2=viaenv0, TSENS3, temp, 26.82 degC / 80.28 degF hw.sensors.3=viaenv0, FAN1, fanrpm, 0 RPM hw.sensors.4=viaenv0, FAN2, fanrpm, 0 RPM hw.sensors.5=viaenv0, VSENS1, volts_dc, 1.20 V hw.sensors.6=viaenv0, VSENS2, volts_dc, 2.51 V hw.sensors.7=viaenv0, Vcore, volts_dc, 3.26 V hw.sensors.8=viaenv0, VSENS3, volts_dc, 4.95 V hw.sensors.9=viaenv0, VSENS4, volts_dc, 11.83 V Now, to know what hw.sensors.0 is, you have a loot at the man page corresponding to your sensor (here viaenv): $ man viaenv (...) The device has 10 sensors: SensorUnitsTypical Use TSENS1uK CPU temperature TSENS2uK System temperature TSENS3uK Unknown FAN1 RPM CPU fan FAN2 RPM System fan VSENS1uV DCCPU core voltage (2.0V) VSENS2uV DCNorth Bridge core voltage (2.5V) Vcore uV DCInternal core voltage (3.3V) VSENS3uV DC+5V VSENS4uV DC+12V (...) Let's say you want to monitor your CPU temperature, in your /etc/sensorsd.conf file, you could put something like: hw.sensors.0:high=60C:\ :command=echo %2 \(high=%4\) | mail -s [`hostname`] sensorsd WARNING \(CPU Temp.\) root Regards, -- Antoine
Re: sensorsd configuration
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Daniel A. Ramaley wrote:
The lines in sensorsd.conf start with hw.sensors.N (where N is a small
natural number). How do i determine N for each sensor? Is there a list
somewhere that tells what is what? Or is there a command i can run to
generate a list?
`sysctl hw.sensors` will show you the list of all the sensors and their
appropriate number (and current value). As I found out a couple of days
ago, sysctl(8) does this by just trying all possible N's for 1 to 256
and then checks what each sensor is. AFAICT, that's the only facility
the kernel offers to find them.
Secondly, is it possible to read the current values of sensors? For
example, say i have configured a sensor to monitor the CPU temperature.
Is there a way to find out what the current temperature is?
sysctl(8), again. If CPU temp is hw.sensors.4, then sysctl hw.sensors.4
will tell you. Sensorsd is more for watching for threshholds and
boundary readings, rather than a real-time display of the current reading.
If you're programming, you can also use sysctl(3); it would be something
like sysctl({CTL_HW, HW_SENSORS, 4}, 3, some_allocated_buffer,
length_of_that_buffer, NULL, 0);
some_allocated_buffer will then hold the struct sensor containing its
current state.
Weldon Goree
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEtnuvixcispFzVm8RAttkAJ95eFTvJaaqn4R1Tkf1Kpo9c1KtuwCfS5aG
0ET6NQe4/KoC6iUw2w6qipk=
=PTNG
-END PGP SIGNATURE-
Re: GDBM_File (GDBM::File)
On Thu, Jul 13, 2006 at 12:12:58PM +0200, Karel Kulhavy wrote: ello How can I install GDBM::File into the stock Perl in OpenBSD? I don't understand why it's not there when it comes automatically with Perl. Was it stripped out from the Perl due to license reason? I tried to download it and installed but it complained about unresolved library something in some *.so file. What does the 'G' stand for? What is the OpenBSD policy on 'G' programs? This particular Perl module is not in ports; you must likely can use cpan to add it after installing dependencies, notably gdbm. Joachim
Re: Installation of a disk image using PXE and bsd.rd
On 2006/07/13 17:15, Richard Wilson wrote: no such luck. I get bsd.rd up fine, drop to a shell, I have an ftp binary, a dd binary, all is well, but I have nowhere to ftp to. I can't find mount_mfs, and I the image I want to write is exactly the same size as the flash I have available. I'm a bit stuck really. ftp -o- http://foo | gzcat | dd of=/dev/rwd0c bs=8k
Question
Hi all, I'm hoping I'm wording this correctly. Is there any software available for OpenBSD that will permit me to redirect a packet based on a certain string in the packet?. For example if someone where to telnet to my server (userid foo), server should redirect that packet based on the string foo to a syslog server. Sort of like patch-o-matic for linux. BSD Networking, Microsoft Notworking
Re: Password escrow
On Thu, Jul 13, 2006 at 10:14:31AM -0400, STeve Andre' wrote: On Thursday 13 July 2006 09:50, Roland Dominguez wrote: Is anyone using or know of an open source password escrow package? Ugh. If you are talking about a way to hold passwords in case someone gets hit by a truck, nothing beats writing it down, stuffing it in an envelope and putting in an administrative persons secure area. I question using a PDA to do this. I know of a place that used one for a password store area, and guess what--it got lost. It was lost for two+ days before folks noticed. I leave it to the reader to imagine the hysteria that ensued, realizing that systems with really sensitive data were in that PDA... Also, a little crypto goes a long way: if you want good security, use two or more pieces which will only provide the password if XOR'ed together. (More elaborate schemes are doubtlessly possible, including a scheme in which, say, any two people can access all systems but no single person can - in fact, I recall seeing such a system in Schneier[1].) However, such a project would be quite impeded over the typical freedom-loving attitude in the open source movement - it tends to stretch to a profound, and not always unfounded, distrust of those with power. See Stallman's documentation for su(1) for a particularly well-known example. Joachim [1] You'll have to make do with this incomplete cite, because I forgot if I borrowed Practical or Applied Cryptography; I am fairly certain it was the former, though.
Re: Question
On Thu, Jul 13, 2006 at 02:06:53PM -0400, Monah Baki wrote: Hi all, I'm hoping I'm wording this correctly. Is there any software available for OpenBSD that will permit me to redirect a packet based on a certain string in the packet?. For example if someone where to telnet to my server (userid foo), server should redirect that packet based on the string foo to a syslog server. Sort of like patch-o-matic for linux. This cannot be done in pf(4) - or rather, it could be done, but hasn't and probably shouldn't. There are, however, quite a few userland proxies in OpenBSD - ftp-proxy is the canonical example, but ports contains a lot of HTTP proxy, BIND works fine as a DNS proxy, and the difference between an SMTP proxy and an MTA is not big enough that the latter cannot be used as the former. What do you want to do? If it's a matter as simple as matching 'foo' to host 'bar', well, that should be possible in an easy-ish C program... Joachim
Re: sensorsd configuration
Thank you to those who responded! I can figure out sensorsd.conf now. Also thank you to the developers who created such a simple way to monitor the sensors. I've configured sensors on other operating systems that have been a much greater hassle. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Sensors setup
I've looked, I've read, and, maybe I'm just blind, but after enabling sensors via sysctl, I still get no sensors found. I expect the answer is obvious and staring me in the face, but I'm asking anyway... What am I missing here? Nick
Re: Sensors setup
Nick Shank wrote: after enabling sensors via sysctl, I still get no sensors found. Do you have any supported sensors in your dmesg, such as lm? See iic(4).
VoIP
Hey folks, have anyone deployed VoIP using exclusively OpenBSD? I would be interested hearing your reports. Thanks a lot for your time and cooperation. Best regards.
libraries in /usr/local/lib
Hi I am maintaining links browser. People complain to me that they can't compile it in graphics mode on OpenBSD because it can't find libraries that are placed in /usr/local/lib and includes in /usr/local/include. The problem with libpng can be solved by using pkg-config, problem with libjpeg and libtiff can't be solved because you do not distribute .pc files for them. I'd like to know: Why does your distribution place libraries and includes to a place where compiler can't find them? What's the correct standard solution for a software developer to find libraries? I thought that if gcc -llibrary works, library is presend and if gcc -llibrary doesn't work, library isn't present. It is possible to add -I/usr/local/include -L/usr/local/lib to compiler flags, I even distributed links with that for some time, and it turned out that on other unix systems -L/usr/local/lib reversed search (first /usr/local/lib and then /usr/lib, while it used to be /usr/lib first) and caused linking failures. Mikulas
Re: Sensors setup
Steve, Here is what dmesg says... Nick piixpm0 at pci0 dev 7 function 3 Intel 82371AB Power rev 0x08: SMBus disabled Steve Shockley wrote: Nick Shank wrote: after enabling sensors via sysctl, I still get no sensors found. Do you have any supported sensors in your dmesg, such as lm? See iic(4).
Re: Password escrow
On 7/13/06, Joachim Schipper [EMAIL PROTECTED] wrote: Also, a little crypto goes a long way: if you want good security, use two or more pieces which will only provide the password if XOR'ed together. (More elaborate schemes are doubtlessly possible, including a scheme in which, say, any two people can access all systems but no single person can - in fact, I recall seeing such a system in Schneier[1].) However, such a project would be quite impeded over the typical freedom-loving attitude in the open source movement - it tends to stretch to a profound, and not always unfounded, distrust of those with power. See Stallman's documentation for su(1) for a particularly well-known example. Secret Sharing schemes. http://freshmeat.net/projects/sharesecret/ http://freshmeat.net/projects/shsecret/ Enjoy. -- GDB has a 'break' feature; why doesn't it have 'fix' too?
Re: VoIP
On Thu, Jul 13, 2006 at 06:19:57PM -0300, Gustavo Rios wrote: | Hey folks, | | have anyone deployed VoIP using exclusively OpenBSD? I would be | interested hearing your reports. | | Thanks a lot for your time and cooperation. I'm running a PBX with OpenBSD 3.9 and asterisk 1.2.9.1 (port) on a sparc64 (Sun Netra T1 105, 440MHz UltraSparc II). I use hardware SIP clients and a softphone on MacOSX (loudhush). Works perfectly, what is it specifically you'd like to know ? Cheers, Paul 'WEiRD' de Weerd -- [++-]+++.+++[---].+++[+ +++-].++[-]+.--.[-] http://www.weirdnet.nl/ [demime 1.01d removed an attachment of type application/pgp-signature]
Re: Password escrow
On Thu, 13 Jul 2006, Chris Kuethe wrote: Secret Sharing schemes. http://freshmeat.net/projects/sharesecret/ http://freshmeat.net/projects/shsecret/ also http://freshmeat.net/projects// -- [-] mkdir /nonexistent
Re: VoIP
Performance and reliability. On 7/13/06, Paul de Weerd [EMAIL PROTECTED] wrote: On Thu, Jul 13, 2006 at 06:19:57PM -0300, Gustavo Rios wrote: | Hey folks, | | have anyone deployed VoIP using exclusively OpenBSD? I would be | interested hearing your reports. | | Thanks a lot for your time and cooperation. I'm running a PBX with OpenBSD 3.9 and asterisk 1.2.9.1 (port) on a sparc64 (Sun Netra T1 105, 440MHz UltraSparc II). I use hardware SIP clients and a softphone on MacOSX (loudhush). Works perfectly, what is it specifically you'd like to know ? Cheers, Paul 'WEiRD' de Weerd -- [++-]+++.+++[---].+++[+ +++-].++[-]+.--.[-] http://www.weirdnet.nl/
PF queueing
Hi! I have try for several days to achieve the following goal with PF but
failed repeatedly, have read all the docs also, especially this
http://www.openbsd.org/faq/pf/queueing.html
The goal is: To be able to set dowload/upload speeds to PC's on the lan, so
far i have succed in setting dowload speeds for PC's but no luck with
upload.
In the above example i'm trying to set the dowload/upload speed to 64Kb to
pc 192.168.100.106.
Any hints, help on how to get the upload thing going?
The box runs 3.9, two interfaces, one for internet, second for lan. doing
basic natting.
Thanks.
# macros
ext_if=dc0 =
int_if=vr1
tcp_services={ 22, 113 }
icmp_types=echoreq
pc=192.168.100.106
# options
set block-policy return
set loginterface $ext_if
set skip on lo
# scrub
scrub in
# queue
altq on $ext_if cbq bandwidth 256Kb queue { stdout pcout }
queue stdout bandwidth 192Kb cbq(default)
queue pcout bandwidth 64Kb cbq
altq on $int_if cbq bandwidth 100% queue { stdin pcin }
queue stdin bandwidth 192Kb cbq(default)
queue pcin bandwidth 64Kb cbq
# nat/rdr
nat on $ext_if from !($ext_if) - ($ext_if:0)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021
rdr on $ext_if proto tcp from any to any port 80 - $comp3
# filter rules
block in
pass out keep state
anchor ftp-proxy/*
antispoof quick for { lo $int_if }
pass in on $ext_if inet proto tcp from any to ($ext_if) \
port $tcp_services flags S/SA keep state
pass in on $ext_if inet proto tcp from any to $comp3 port 80 \
flags S/SA synproxy state
pass in inet proto icmp all icmp-type $icmp_types keep state
pass on $int_if
pass out on $int_if from any to $pc queue pcin
#pass in on $ext_if from $pc to any queue pcout -- I know, wrong ;)
Re: libraries in /usr/local/lib
Mikulas Patocka wrote: It is possible to add -I/usr/local/include -L/usr/local/lib to compiler flags, I even distributed links with that for some time, and it turned out that on other unix systems -L/usr/local/lib reversed search (first /usr/local/lib and then /usr/lib, while it used to be /usr/lib first) and caused linking failures. export CPPFLAGS='-I/usr/local/include' LIBS='-L/usr/local/lib' # Han
Re: VoIP
On Thu, Jul 13, 2006 at 07:46:00PM -0300, Gustavo Rios wrote: | Performance and reliability. Reliability is fine, didn't have a single issue with it. Upgrading to 1.2.9.1 went smooth enough. Performance is fine, but this machine isn't handling a lot of calls. It's also not the fastest box on the block, but it doesn't introduce any noticeable latencies. I suggest you try it, estimate your load, simulate it and see what happens. My PBX is mostly idling by, your situation may differ ;) Cheersm Paul 'WEiRD' de Weerd -- [++-]+++.+++[---].+++[+ +++-].++[-]+.--.[-] http://www.weirdnet.nl/ [demime 1.01d removed an attachment of type application/pgp-signature]
Re: VoIP
I have 1.2.9.1 installed from ports on 3.9 with a Cisco 7940 hardware based phone. Hardware is an Epox board, 1Ghz AMD, 64MB RAM. Certainly not the best rig, but I've been using it reliably for about a month. The load on the box is low enough that Asterisk has not taxed it yet. On 7/13/06, Gustavo Rios [EMAIL PROTECTED] wrote: Hey folks, have anyone deployed VoIP using exclusively OpenBSD? I would be interested hearing your reports. Thanks a lot for your time and cooperation. Best regards.
Re: VoIP
Works great I have several boxes using kernel pppoe to connect to the web pf to prioritise sip rtp and iax traffic and asterisk as the pbx. It just works Steve Gustavo Rios wrote: Hey folks, have anyone deployed VoIP using exclusively OpenBSD? I would be interested hearing your reports. Thanks a lot for your time and cooperation. Best regards.
Re: VoIP
On 2006/07/13 19:46, Gustavo Rios wrote: Performance and reliability. If you just want to route calls between SIP phones, SER/OpenSER are faster and less resource-hungry (but the important part of the configuration file is written in a programming language for routing SIP messages, /not/ calls as with Asterisk extensions.conf, so it requires more in-depth knowledge of the protocol). If you need more PBX/IVR features and/or codec translation, look at the more complicated software e.g. Asterisk, sipx. With a lot of the voip software and hardware, expect patchy documentation in places... voip-info.org wiki is often the most useful doc but is frequently slow or down - for Asterisk bugs.digium.com is pretty useful too, especially when it does odd things). Interoperability with voip hardware from various vendors isn't always fantastic (take dtmf, for example). Traditionally Asterisk has not been the most portable software, it has improved between 1.0 and 1.2 releases, and it's getting better, but developers are mainly using Fedora Core and the further away from that the harder some things become. The development (to-be-1.4) code should fix a number of problems with 1.2 but oh joy, they have changed the build system for some menu-driven download-and-build thing which I haven't summoned the enthusiasm to look at properly yet...
Re: PF queueing
On 7/13/06, Der Engel [EMAIL PROTECTED] wrote: Hi! I have try for several days to achieve the following goal with PF but failed repeatedly, have read all the docs also, especially this http://www.openbsd.org/faq/pf/queueing.html The goal is: To be able to set dowload/upload speeds to PC's on the lan, so far i have succed in setting dowload speeds for PC's but no luck with upload. #pass in on $ext_if from $pc to any queue pcout -- I know, wrong ;) You cannot control the speed at which packets arrive on an interface. Think about it. It may not be documented because its pretty much a duh.
Re: PF queueing
On 7/13/06, Jeff Quast [EMAIL PROTECTED] wrote: You cannot control the speed at which packets arrive on an interface. Think about it. It may not be documented because its pretty much a duh. Yesterday I desperately tried to teach someone that burning the 1kb shortcut to a program that is on your desktop to a disk does not save any of that programs data. By the end of it she was still saying so I backup from there [the desktop] or do I do from My Documents? Maybe it should be mentioned in the docs somewhere. It comes up on misc@ so much that it certain counts as a FAQ by now. -Nick
Re: libraries in /usr/local/lib
try if '-isystem/usr/local/include' works first, -I is bad Han Boetes wrote: Mikulas Patocka wrote: It is possible to add -I/usr/local/include -L/usr/local/lib to compiler flags, I even distributed links with that for some time, and it turned out that on other unix systems -L/usr/local/lib reversed search (first /usr/local/lib and then /usr/lib, while it used to be /usr/lib first) and caused linking failures. export CPPFLAGS='-I/usr/local/include' LIBS='-L/usr/local/lib' # Han
Re: PF queueing
But isn't there some config or trick to do between the two interfaces to achieve this? On 7/13/06, Jeff Quast [EMAIL PROTECTED] wrote: On 7/13/06, Der Engel [EMAIL PROTECTED] wrote: Hi! I have try for several days to achieve the following goal with PF but failed repeatedly, have read all the docs also, especially this http://www.openbsd.org/faq/pf/queueing.html The goal is: To be able to set dowload/upload speeds to PC's on the lan, so far i have succed in setting dowload speeds for PC's but no luck with upload. #pass in on $ext_if from $pc to any queue pcout -- I know, wrong ;) You cannot control the speed at which packets arrive on an interface. Think about it. It may not be documented because its pretty much a duh.
spamd greylisting
Hi All, I just configure my first spamd -g, I have a collegue in Korea who is sending me a message, however it did not get through. I tried to whitelist it, however it still did not get through. This is the spamdb WHITE|61.78.36.103|||1152841491|1152841518|1155951918|1|0 WHITE|61.78.36.104|||1152842688|1152842688|1155953088|1|0 I had to spamdb -a 61.78.36.103 -T spamdb -a 61.78.36.103 to get it whitelist, because it is not showing in my spamdb this is my /var/log/daemon Jul 14 09:15:03 puff spamd[3732]: 61.78.36.103: connected (1/1), lists: korea Jul 14 09:15:08 puff spamd[3732]: 61.78.36.103: connected (2/2), lists: korea Jul 14 09:21:37 puff spamd[3732]: 61.78.36.103: disconnected after 394 seconds. lists: korea Jul 14 09:21:41 puff spamd[3732]: 61.78.36.103: disconnected after 393 seconds. lists: korea in my spamd using pfctl -t spamd -Tshow |grep 61.78 # pfctl -t spamd -Tshow |grep 61.78 61.78.51.0/25 61.78.59.35 61.78.59.36 61.78.90.8 and spamd-white # pfctl -t spamd-white -Tshow |grep 61.78 61.78.36.103 61.78.36.104 So the mail should go through. Something missing? Thanks and looking forward for your help. Brgds, Riwan
Re: spamd greylisting
You haven't showed your pf rules. If your friend is blocked because you are using the korea blacklist un-greylisting him won't help. Using the standard example from the man page: rdr pass inet proto tcp from spamd to any \ port smtp - 127.0.0.1 port spamd rdr pass inet proto tcp from !spamd-white to any \ port smtp - 127.0.0.1 port spamd The first rdr line picks up anything in blacklists. If you aren't blacklisted then the second line picks up anything that the greylist hasn't passed, and rdr is first match. If you're in the korea blacklist, and your friends address is, using spamdb -a to have it pass the greylist will not help. If you correspond with people in korea, using the korea list is probably a bad idea. -Bob * riwanlky [EMAIL PROTECTED] [2006-07-13 19:29]: Hi All, I just configure my first spamd -g, I have a collegue in Korea who is sending me a message, however it did not get through. I tried to whitelist it, however it still did not get through. This is the spamdb WHITE|61.78.36.103|||1152841491|1152841518|1155951918|1|0 WHITE|61.78.36.104|||1152842688|1152842688|1155953088|1|0 I had to spamdb -a 61.78.36.103 -T spamdb -a 61.78.36.103 to get it whitelist, because it is not showing in my spamdb this is my /var/log/daemon Jul 14 09:15:03 puff spamd[3732]: 61.78.36.103: connected (1/1), lists: korea Jul 14 09:15:08 puff spamd[3732]: 61.78.36.103: connected (2/2), lists: korea Jul 14 09:21:37 puff spamd[3732]: 61.78.36.103: disconnected after 394 seconds. lists: korea Jul 14 09:21:41 puff spamd[3732]: 61.78.36.103: disconnected after 393 seconds. lists: korea in my spamd using pfctl -t spamd -Tshow |grep 61.78 # pfctl -t spamd -Tshow |grep 61.78 61.78.51.0/25 61.78.59.35 61.78.59.36 61.78.90.8 and spamd-white # pfctl -t spamd-white -Tshow |grep 61.78 61.78.36.103 61.78.36.104 So the mail should go through. Something missing? Thanks and looking forward for your help. Brgds, Riwan -- | | | The ASCII Fork Campaign \|/ against gratuitous use of threads. |
Re: spamd greylisting
check your /etc/spamd.conf have you added your whitelist to the check list? http://www.openbsd.org/cgi-bin/man.cgi?query=spamd.confsektion=5arch=i386apropos=0manpath=OpenBSD+3.9 Venture37 -- The truth, the half-truth, and nothing like the truth. - Mark Brandon Read
