Re: remove sendmail/install postfix
Hi, On Thu, 01.02.2007 at 07:56:00 +0100, Nico Meijer [EMAIL PROTECTED] wrote: Postfix and Sendmail can both be installed on your disk just fine. I dislike the mailwrapper and instead adjust the link in /usr/sbin/sendmail to point to the real sendmail program. But doing the mailwrapper thing is probably the safe(r) way to go. I also don't need (nor get) the mailq etc functionality wrapped... Best, --Toni++
Re: spamd - SPEWS status
I really think spammers don't give a damn about coming back to deliver e-mail properly. The new breed of spammers uses botnets to deliver their crap. And since those systems are not theirs and that bandwidth is not theirs, they write software to act as a proper mail server. That means, they come back when mail isn't properly delivered. Downside is: a) The botnet pc is getting whitelisted b) The system administrator has to manually take it off the whitelist and put it on the blacklist (I have written a shell script to take care of this) c) Your users are bothered with crap Agreed, not all spammers are using botnets, thank god. However, the spammers that do cause most of our and our users' irritation. One solution would be to check if the delivering IP Address has a logical name like: mail. smtp. mx. etcetera But..not all mail servers are setup like that. So, I will get a lot of users complaining e-mail doesn't reach them and it will cost me about the same amount of time to explain it to my users and whitelist the IP Address. A solution I think would be a step in the right direction is providers making international agreements. First rule would be: Home users should NOT have access to port 25 and may only use the provider's mail server. That would block a lot, and I do mean a lot, of the spam. Only on request, port 25 could be opened. Second rule: Those who do send spam should be blocked from sending e-mail until they have cleaned their system. And I know, most people that are infected by a Trojan sending spam, do not know how to get rid of it. Providers should deliver some kind of support to those people. Other upside is; you'll educate users. Well, there you have it my opinion. On Friday, February 2, 2007, 04:02:38, Gregory Edigarov wrote: ... Yeah, greylisting is good, but this is for only short while, I am afraid. My measurements telling me that spamers are adapting quicker then somebody expected. It seems like their soft started analyzing the return codes, and so they are resending their mail after a short while. So I think blacklisting is still in rule. But having to queue, wait, and resend a) cuts down on the crap/hour they can send b) their IP might be on a blacklist the second time they try -- [EMAIL PROTECTED] The avalanche has already started, it is too Rod Dorman late for the pebbles to vote. - Ambassador Kosh
gnome
Hi, I know, gnome is an elephant... but I cannot live without dragging tabs/ tabs in the terminal and this is a feature I am only aware of in konsole and gnome-terminal. I prefer gnome and the current gnome-session binary is as old as 2.10 (they're now by 2.17) whilst the kde binary seems to be only one release behind. Now... I installed gnome (binary, pkg_add gnome-session) and it's very unstable. I don't think I'm the only one having these problems: http://beranger.org/index.php?fullarticle=2269 (forget what he says, it's just simply crap, I just want to point out I'm not the only one having problems with crashes) My questions: 1) Is gnome going to be updated/fixed in the next release? 2) I don't have anything against other wm; but I don't know of any apart from kde and gnome that have tabbed terminals, which is very important for me (I usually have some 10 tabs opened). If you know of any, please tell me thanks, Pau -- Email and shopping with the feelgood factor! 55% of income to good causes. http://www.ippimail.com
Re: spamd - SPEWS status
On 2007/02/03 10:46, [EMAIL PROTECTED] wrote: Second rule: Those who do send spam should be blocked from sending e-mail until they have cleaned their system. And I know, most people that are infected by a Trojan sending spam, do not know how to get rid of it. Providers should deliver some kind of support to those people. Other upside is; you'll educate users. the way this is being done in the wild has certain implications for privacy... http://wesii.econinfosec.org/draft.php?paper_id=47
Re: bandwidth management with ALTQ
On 2007/02/03 12:59, ?? wrote: Hello everyone. I have just started to learn about bandwidth management and I have difficulties with understanding how CBQ scheduler works. To be exact I don't understand how priorities work together with bandwidth allocation. I would be very greatful if you could give clear explanation or links to some documentation on that topic. Thanks in advance. http://www.csl.sony.co.jp/~kjc/software.html is a good starting point.
Re: gnome
h... god bless you, Ico, if there's one he should absolutely bless you I *knew* it is possible somehow to do it with fluxbox, but I never found that page you posted... possibly because I am too lazybones to look it by myself Now xterm with antialiasing + xterm -fa 'Andale Bold' -fs 14 -rightbar is looking just gorgeous thanks! Pau | Dna Sat, Feb 03, 2007 at 11:02:30AM -, [EMAIL PROTECTED] spisal(a) : |2) I don't have anything against other wm; but I don't know of any apart |from kde and gnome that have tabbed terminals, which is very important | for |me (I usually have some 10 tabs opened). If you know of any, please tell |me | | What about fluxbox with his tabbed windows? You can group windows | together, in your case xterm could do :). | | http://fluxbox.sourceforge.net/docbook/en/html/chap-tabs.html | | -- | |ico beke | ico(at)beke.info | | Ico : 14961 dni | Danka: 11536 dni | Ema : 771 dni | Eva : 78 dni | -- Email and shopping with the feelgood factor! 55% of income to good causes. http://www.ippimail.com
Re: msk(4) with SK-9S91: Can not set 1000baseSX Single Mode Fiber Media Type
Can you try the attached diff? It has some debug printf's in there,
so please send me a dmesg.
Regarding the high interrupt load on the v210; try disconnecting the
CD-ROM/DVD-ROM.
Index: mii/eephy.c
===
RCS file: /cvs/src/sys/dev/mii/eephy.c,v
retrieving revision 1.39
diff -u -p -r1.39 eephy.c
--- mii/eephy.c 5 Jan 2007 21:40:45 - 1.39
+++ mii/eephy.c 3 Feb 2007 14:10:36 -
@@ -133,7 +133,7 @@ eephyattach(struct device *parent, struc
struct mii_attach_args *ma = aux;
struct mii_data *mii = ma-mii_data;
const struct mii_phydesc *mpd;
- int reg;
+ int reg, page;
mpd = mii_phy_match(ma, eephys);
printf(: %s, rev. %d\n, mpd-mpd_name, MII_REV(ma-mii_id2));
@@ -147,6 +147,33 @@ eephyattach(struct device *parent, struc
/* XXX No loopback support yet, although the hardware can do it. */
sc-mii_flags |= MIIF_NOLOOP;
+
+ {
+ int i;
+ for (i = 0; i 32; i++)
+ printf(%d: 0x%04x\n, i, PHY_READ(sc, i));
+ }
+
+ /* Switch to fiber-only mode if necessary. */
+ if (sc-mii_model == MII_MODEL_MARVELL_E1112
+ sc-mii_flags MIIF_HAVEFIBER) {
+ page = PHY_READ(sc, E1000_EADR);
+ PHY_WRITE(sc, E1000_EADR, 2);
+ reg = PHY_READ(sc, E1000_SCR);
+ printf(16_2: 0x%04x\n, reg);
+ reg = ~E1000_SCR_MODE_MASK;
+ reg |= E1000_SCR_MODE_1000BX;
+ PHY_WRITE(sc, E1000_SCR, reg);
+ PHY_WRITE(sc, E1000_EADR, page);
+
+ PHY_RESET(sc);
+ }
+
+ {
+ int i;
+ for (i = 0; i 32; i++)
+ printf(%d: 0x%04x\n, i, PHY_READ(sc, i));
+ }
sc-mii_capabilities = PHY_READ(sc, E1000_SR) ma-mii_capmask;
if (sc-mii_capabilities BMSR_EXTSTAT)
Index: pci/if_msk.c
===
RCS file: /cvs/src/sys/dev/pci/if_msk.c,v
retrieving revision 1.43
diff -u -p -r1.43 if_msk.c
--- pci/if_msk.c3 Feb 2007 12:50:26 - 1.43
+++ pci/if_msk.c3 Feb 2007 14:10:37 -
@@ -1071,6 +1071,14 @@ msk_attach(struct device *parent, struct
ifp-if_capabilities = IFCAP_VLAN_MTU;
+ /* GMAC and GPHY Reset */
+ SK_IF_WRITE_4(sc_if, 0, SK_GMAC_CTRL, SK_GMAC_RESET_SET);
+ SK_IF_WRITE_4(sc_if, 0, SK_GPHY_CTRL, SK_GPHY_RESET_SET);
+ DELAY(1000);
+ SK_IF_WRITE_4(sc_if, 0, SK_GPHY_CTRL, SK_GPHY_RESET_CLEAR);
+ SK_IF_WRITE_4(sc_if, 0, SK_GMAC_CTRL, SK_GMAC_LOOP_OFF |
+ SK_GMAC_PAUSE_ON | SK_GMAC_RESET_CLEAR);
+
/*
* Do miibus setup.
*/
@@ -1086,7 +1094,7 @@ msk_attach(struct device *parent, struct
ifmedia_init(sc_if-sk_mii.mii_media, 0,
msk_ifmedia_upd, msk_ifmedia_sts);
mii_attach(self, sc_if-sk_mii, 0x, MII_PHY_ANY,
- MII_OFFSET_ANY, MIIF_DOPAUSE|MIIF_FORCEANEG);
+ MII_OFFSET_ANY, MIIF_DOPAUSE|MIIF_HAVEFIBER);
if (LIST_FIRST(sc_if-sk_mii.mii_phys) == NULL) {
printf(%s: no PHY found!\n, sc_if-sk_dev.dv_xname);
ifmedia_add(sc_if-sk_mii.mii_media, IFM_ETHER|IFM_MANUAL,
@@ -1275,6 +1283,8 @@ mskc_attach(struct device *parent, struc
sc-sk_ramsize, sc-sk_ramsize / 1024,
sc-sk_rboff));
+ printf(pmdtype: %c\n, sk_win_read_1(sc, SK_PMDTYPE));
+
switch (sc-sk_type) {
case SK_YUKON_XL:
sc-sk_name = Yukon-2 XL;
@@ -1838,6 +1848,7 @@ msk_init_yukon(struct sk_if_softc *sc_if
DPRINTFN(6, (msk_init_yukon: 1\n));
+#if 0
/* GMAC and GPHY Reset */
SK_IF_WRITE_4(sc_if, 0, SK_GMAC_CTRL, SK_GMAC_RESET_SET);
SK_IF_WRITE_4(sc_if, 0, SK_GPHY_CTRL, SK_GPHY_RESET_SET);
@@ -1848,6 +1859,7 @@ msk_init_yukon(struct sk_if_softc *sc_if
SK_IF_WRITE_4(sc_if, 0, SK_GPHY_CTRL, SK_GPHY_RESET_CLEAR);
SK_IF_WRITE_4(sc_if, 0, SK_GMAC_CTRL, SK_GMAC_LOOP_OFF |
SK_GMAC_PAUSE_ON | SK_GMAC_RESET_CLEAR);
+#endif
DPRINTFN(3, (msk_init_yukon: gmac_ctrl=%#x\n,
SK_IF_READ_4(sc_if, 0, SK_GMAC_CTRL)));
Re: OT: Domain Name Freedom
On 03/02/07, J.C. Roberts [EMAIL PROTECTED] wrote: Please pardon the off topic post but last month some people on this list were wondering about Friendly Registrars after what happened to Fyodor (of nmap fame) with is seclists.org domain being shut down by godaddy. http://marc.theaimsgroup.com/?t=11688078341r=1w=2 If you're interested in what's going on and possibly friendly registrars, Fyodor has set up a site about it. http://nodaddy.com/ Can't say I'm surprised at all: sometime ago GoDaddy blocked around a thousand domain names of some Russian hosting company named Majordomo.ru, and requested 200 USD for each domain that is to be reactivated, or 50 USD for each domain that is to be unblocked and released for transfer. http://yro.slashdot.org/article.pl?sid=06/06/17/1319233 That story was resolved, but according to Majordomo.ru, it took them 3 days to finally contact GoDaddy and reach an agreement.
Re: OT: Domain Name Freedom
Please pardon the off topic post but last month some people on this list were wondering about Friendly Registrars after what happened to Fyodor (of nmap fame) with is seclists.org domain being shut down by godaddy. godaddy and registerfly have really cheap vale resaler possiblilites, and now you know why... I'd not trust them with anything that can not be replace, for instance I might by a one year ssl cert, but worse case that can be replaced, unlike a domain name in dispute Opensrs/Tucows has been around a long time, but their wholesale cost, $10.25, is more than retail by registerly/godaddys and all those others with questionable terms.. They have been very reputable in how they register and expire domains. (maybe because they are in canada...) But it appears to be worth spending the extra two bucks per year per domain even though with hundereds of domains it can add up, but several screwed customer can cost lots more. I know someone who used register.com which was not cheap, got their name sold to someone else before the expire date, and the domain speculator quoted a price just less than legal action to buy it back. so for even the more expensive registers some of the terms seem to be used to scam! Has anyone heard of excessive evil from opensrs? if not, and if you have a biz and maintain say, fifty or more domains, it may be worth doing all the forms and the $100 deposit to use them wholesale... else I am sure like me, there are many consultants who use openbsd who are also value added resalers for opensrs.
Re: OT: Domain Name Freedom
On Saturday 03 February 2007 07:16, Paul Pruett wrote: Please pardon the off topic post but last month some people on this list were wondering about Friendly Registrars after what happened to Fyodor (of nmap fame) with is seclists.org domain being shut down by godaddy. godaddy and registerfly have really cheap vale resaler possiblilites, and now you know why... I'd not trust them with anything that can not be replace, for instance I might by a one year ssl cert, but worse case that can be replaced, unlike a domain name in dispute Opensrs/Tucows has been around a long time, but their wholesale cost, $10.25, is more than retail by registerly/godaddys and all those others with questionable terms.. They have been very reputable in how they register and expire domains. (maybe because they are in canada...) But it appears to be worth spending the extra two bucks per year per domain even though with hundereds of domains it can add up, but several screwed customer can cost lots more. I know someone who used register.com which was not cheap, got their name sold to someone else before the expire date, and the domain speculator quoted a price just less than legal action to buy it back. so for even the more expensive registers some of the terms seem to be used to scam! Has anyone heard of excessive evil from opensrs? if not, and if you have a biz and maintain say, fifty or more domains, it may be worth doing all the forms and the $100 deposit to use them wholesale... else I am sure like me, there are many consultants who use openbsd who are also value added resalers for opensrs. Personally, I've used OpenSRS/Tucows (through wsmdomains.com) for years and have never had or seen a problem... But then again, I haven't looked very carefully at their license in a long time and since they can change their license at their whim, they may now be able to legally stuff me and everyone else. BTW, after looking at the link Constantine sent, it seems the topic of friendly registrars has hit slashdot again this morning. http://ask.slashdot.org/askslashdot/07/02/03/0353231.shtml -jcr -- cd ~. -Almost Home
mixerctl on M2N-SLI AMD64 system
Good day, I am following the instructions at Nick Holland's website and the FAQ on multimedia to try and get CD's to play on a workstation and convert them to mp3's. I was able to get CD's to play very nicely on my laptop but not on my regular workstation (a M2N-SLI DELUXE motherboard-based system). Basically there is no sound when playing CD's -- KDE System Sounds work, however. I am not able to do a mixerctl inputs.cd.mute=off or commands like that. mixerctl -av does not show me items such as master, cd, etc. Kmix does not show anything under Current Mixer. I tried cdio play -- the CD plays but there is no sound. The FAQ does say that the outputs of the audio device may be labeled differently and that you can easily find the proper name by listing with mixerctl -a. Unfortunately, I can't figure out what is the proper output. If someone can tell me how to make this work or refer me to any documentation on this, I will really appreciate that. TIA, Here is my output from mixerctl -av. $ mixerctl -av | more inputs.dac03=124,124 inputs.dac04=124,124 inputs.dac05=124,124 inputs.dac06=124,124 inputs.dac0a=124,124 inputs.sel0b.source=adc08 [ adc08 adc09 adc0f ] inputs.sel0c.source=sel38 [ sel38 black18 orange24 gray25 sel3d mix20 ] outputs.sel0c.mute=off [ off on ] outputs.sel0c=122,122 inputs.sel0d.source=sel38 [ sel38 black18 orange24 gray25 sel3d mix20 ] outputs.sel0d.mute=off [ off on ] outputs.sel0d=122,122 inputs.sel0e.source=sel38 [ sel38 black18 orange24 gray25 sel3d mix20 ] outputs.sel0e.mute=off [ off on ] outputs.sel0e=122,122 inputs.beep10.mute=off [ off on ] inputs.beep10=119 outputs.green11.mute=off [ off on ] outputs.green11.dir=output [ input output ] outputs.green11.boost=off [ off on ] outputs.green12.mute=off [ off on ] outputs.green12.dir=output [ input output ] outputs.green12.boost=off [ off on ] outputs.black13.mute=off [ off on ] outputs.black13=123 outputs.pink14.mute=off [ off on ] outputs.pink14.dir=input [ input output ] outputs.pink14.boost=off [ off on ] outputs.blue15.mute=off [ off on ] outputs.blue15.dir=input [ input output ] outputs.black16.mute=off [ off on ] outputs.black16.dir=output [ input output ] outputs.pink17.mute=off [ off on ] outputs.pink17.dir=input [ input output ] outputs.pow19.source=mix20 [ mix20 sel21 ] outputs.other1b.mute=off [ off on ] outputs.other1b=124,124 outputs.other1c.mute=off [ off on ] outputs.other1c=123,123 inputs.mix1d.hdaudio.m=off [ off on ] inputs.mix1d.sel0b.mut=off [ off on ] inputs.mix1e.sel36.mut=off [ off on ] inputs.mix1e.sel21.mut=off [ off on ] outputs.volume1f=125 inputs.mix20.sel39.mut=off [ off on ] inputs.mix20.sel33.mut=off [ off on ] inputs.mix20.sel38.mut=off [ off on ] inputs.mix20.sel3d.mut=off [ off on ] inputs.mix20.sel34.mut=off [ off on ] inputs.mix20.sel3b.mut=off [ off on ] inputs.mix20.black18.m=off [ off on ] inputs.mix20.unknown1a=off [ off on ] inputs.mix20.sel39=123,123 inputs.mix20.sel33=123,123 inputs.mix20.sel38=123,123 inputs.mix20.sel3d=123,123 inputs.mix20.sel34=123,123 inputs.mix20.sel3b=123,123 inputs.mix20.black18=123,123 inputs.mix20.unknown1a=123 outputs.sel21.mute=off [ off on ] outputs.sel21=123,123 inputs.mix22.sel37.mut=off [ off on ] inputs.mix22.sel21.mut=off [ off on ] outputs.widget23.source=green11 [ green11 orange24 gray25 sel38 mix20 sel21 ] outputs.orange24.mute=off [ off on ] outputs.orange24.dir=output [ input output ] outputs.gray25.mute=off [ off on ] outputs.gray25.dir=output [ input output ] inputs.mix26.sel32.mut=off [ off on ] inputs.mix26.sel21.mut=off [ off on ] inputs.mix27.dac05.mut=off [ off on ] inputs.mix27.sel21.mut=off [ off on ] inputs.mix28.dac0a.mut=off [ off on ] inputs.mix28.sel21.mut=off [ off on ] inputs.mix29.dac04.mut=off [ off on ] inputs.mix29.sel21.mut=off [ off on ] inputs.mix2a.dac06.mut=off [ off on ] inputs.mix2a.sel21.mut=off [ off on ] inputs.mix2b.sel30.mut=off [ off on ] inputs.mix2b.sel21.mut=off [ off on ] inputs.mix2c.sel31.mut=off [ off on ] inputs.mix2c.sel21.mut=off [ off on ] outputs.widget2f.source=green11 [ green11 green12 pink14 blue15 black16 pink17] inputs.sel30.source=dac03 [ dac03 dac04 dac06 ] inputs.sel31.source=dac04 [ dac04 dac0a ] inputs.sel32.source=dac05 [ dac05 dac04 ] inputs.sel33.source=sel3a [ sel3a gray25 orange24 ] inputs.sel34.source=sel3c [ sel3c gray25 orange24 ] inputs.sel36.source=dac03 [ dac03 dac04 dac06 ] inputs.sel37.source=dac03 [ dac03 dac04 dac06 ] outputs.sel38=85,85 outputs.sel39=85,85 outputs.sel3a=85,85 outputs.sel3b=85,85 outputs.sel3c=85,85 outputs.sel3d=85,85 inputs.usingdac=0405060a [ 0405060a 050403 03 02 ] record.usingadc=07 [ 07 08 09 0f ] Here is the dmesg. I tried this using -current as well as 4.0 from the OpenBSD CD, but got the same results. OpenBSD 4.0-current (GENERIC) #1351: Wed Jan 24 20:29:10 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: AMD Athlon(tm) 64 X2 Dual Core
Option to power off monitor
Is this any option to power off the monitor after x minutes or seconds, kind of like a screen saver. In FreeBSD this can be done in /etc/rc.conf /etc/rc.conf.local by typing the following. blanktime=300 Let me know how I can do this in OpenBSD. Phusion
Re: Option to power off monitor
Phusion wrote: Is this any option to power off the monitor after x minutes or seconds, kind of like a screen saver. In FreeBSD this can be done in [..freebsd lesson snipped...] http://www.openbsd.org/faq/faq7.html#Blanker (personally, I still prefer the power switch on the monitor, however) Nick.
Re: Option to power off monitor
On Sat, 3 Feb 2007, Phusion wrote: Is this any option to power off the monitor after x minutes or seconds, kind of like a screen saver. In FreeBSD this can be done in /etc/rc.conf /etc/rc.conf.local by typing the following. blanktime=300 Let me know how I can do this in OpenBSD. See wsconsctl(8) and wsconsctl.conf(5). Cheers! -- Antoine
Re: gnome
On Sat, Feb 03, 2007 at 12:10:20PM +0100, Jasper Lievisse Adriaanse wrote: [xterm tabs] x11/mrxvt not in ports if you're following 4.0-stable when I looked a few minutes ago. Do you mean ports in current? [but it was in ports on freebsd 6.2-stable, so installed it there, and jolly nice it is too] -- John
Re: OT: Domain Name Freedom
On 2/3/07 2:29 PM, J.C. Roberts wrote: Please pardon the off topic post but last month some people on this list were wondering about Friendly Registrars after what happened to Fyodor (of nmap fame) with is seclists.org domain being shut down by godaddy. Via Politech: http://news.com.com/2100-1025_3-6155614.html Page 4, the other side of the story: Once these people understand thousands of MySpace user names and passwords were exposed on the Internet and that we immediately contacted the customer and resolved the issue--re-enabling the site within one hour--they are not only satisfied with our response, but they THANKED us for what we did. Re-enabled within one hour after a serieous problem I see nothing wrong here. http://marc.theaimsgroup.com/?t=11688078341r=1w=2 If you're interested in what's going on and possibly friendly registrars, Fyodor has set up a site about it. http://nodaddy.com/ As far as I see it Fyodor is just a hot headed asshole, I know lots of people who are very happy with Godaddy. They really have lots of customers and it's easy to find a few that aren't happy and start screaming about it. Besides I remember Godaddy being on this list: http://www.openbsd.org/donations.html And I remember the amount of money involved too. Godaddy is bij far the most OpenBSD frienly big registar +++chefren
Re: OT: Domain Name Freedom
On 2/3/07, chefren [EMAIL PROTECTED] wrote: As far as I see it Fyodor is just a hot headed asshole, I know lots of people who are very happy with Godaddy. They really have lots of customers and it's easy to find a few that aren't happy and start screaming about it. You obviously don't know Fyodor if your opinion of him is hot-headed and asshole. You're right that there are a lot of people satisfied with the registrar. That's irrelevant. Fyodor isn't and he's bringing the heat in the best way he probably could. And remarkably, he's not alone. Besides I remember Godaddy being on this list: http://www.openbsd.org/donations.html And I remember the amount of money involved too. And once again, this is irrelevant to the question of the matter with seclists.org. Because they made a donation they have achieved sainthood and can do no wrong? Godaddy is bij far the most OpenBSD frienly big registar It's obvious you've put a lot of thought into this. I'm sure your conclusion is based off of hard research, merit and facts. I'm thinking GoDaddy doesn't need you in their glee club -- they have lawyers, press people and marketing drones enough to justify their actions without you. DS
reduce power consump. laptop
Hi, apm is not supported on my laptop and this means I cannot suspend etc. But I would like to know which things could be switched off or lowered, so that I can write a script and for instance I can go away from my laptop for half an hour or one hour and I don't have to turn it off totally and at the same time save battery. Say... something like lowering the cpu speed (though I am not sure I can do that if apm is not supported), blank screen and stop/reduce all cpu-hungry processes. Of course, the best would be to find a way to automatically launch the script when I close the lid of the laptop and then vice-versa; i.e. a script that wakes up everything back... Have any suggestion/ ideas/ scripts? thanks Pau -- Email and shopping with the feelgood factor! 55% of income to good causes. http://www.ippimail.com
Re: OT: Domain Name Freedom
On Saturday 03 February 2007 10:36, chefren wrote: If you're interested in what's going on and possibly friendly registrars, Fyodor has set up a site about it. http://nodaddy.com/ As far as I see it Fyodor is just a hot headed asshole, I know lots of people who are very happy with Godaddy. They really have lots of customers and it's easy to find a few that aren't happy and start screaming about it. As always chefren, thanks for taking the time to state the contrarian point of view in spite of the risk such views possibly being unpopular in a public forum. Fyodor is actually quite a level headed and well thought individual. Like you, he isn't afraid to do things which are unpopular or divisive such as releasing nmap as well as other useful tools and information which can easily be misused. If I remember the story correctly, Fyodor was even arrested for releasing nmap because it was used by someone else in attacks on US government sites, so if he seems to have a bit of an edge when it comes to injustice and unfairness, his edge is well justified. BTW, I tend to put his pseudonym in quotes in hopes of stemming the confusion between Fyordor of nmap fame and Fyodor of snort fame. They are different people and the latter is the real name of the author who has helped me out on a few occasions. Needless to say, trying to make a distinction gets tedious. ;-) kind regards, jcr -- cd ~. -Almost Home
Re: reduce power consump. laptop
On Sat, 3 Feb 2007 19:49:17 - (UTC) [EMAIL PROTECTED] wrote: apm is not supported on my laptop and this means I cannot suspend etc. But I would like to know which things could be switched off or lowered, so that I can write a script and for instance I can go away from my laptop for half an hour or one hour and I don't have to turn it off totally and at the same time save battery. Say... something like lowering the cpu speed (though I am not sure I can do that if apm is not supported), blank screen and stop/reduce all cpu-hungry processes. Of course, the best would be to find a way to automatically launch the script when I close the lid of the laptop and then vice-versa; i.e. a script that wakes up everything back... What openbsd version are you running? On 4.0 almost none of the features of my laptop were supported, but on -current I'm hard pressed to find anything that doesn't. I've got apm support and est is working too. // nick
Re: remove sendmail/install postfix
On 2/3/07, Toni Mueller [EMAIL PROTECTED] wrote: Hi. I dislike the mailwrapper and instead adjust the link in /usr/sbin/sendmail to point to the real sendmail program. But doing the mailwrapper thing is probably the safe(r) way to go. I also don't need (nor get) the mailq etc functionality wrapped... This will work too. But the mailwraper provides a more generic way for OpenBSD to use mail without dealing much about the uses mail system. (sendmail,postfix,exim,qmail, ...) Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: MySQL package question (Jan24 snapshot)
At 12:26 PM 2/2/07, Otto Moerbeek wrote: On Fri, 2 Feb 2007, Frank Bax wrote: I installed the Jan24 snapshot package mysql-server-5.0.27p0.tgz; then ran /usr/local/bin/mysql_install_db - which displays: PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER ! To do so, start the server, then issue the following commands: /usr/local/bin/mysqladmin -u root password 'new-password' /usr/local/bin/mysqladmin -u root -h password 'new-password' I started the mysql server, and ran the first command ok; then second command fails. Upon reading mysql docs, it seems a default install creates two rows (accounts) for root in mysql.users - the first for localhost, the second for name returned by hostname. I read that the above two commands are intended to make sure that passwords in both rows/accounts are updated. It seems the OpenBSD package only inserts one row for root user in mysql.user (with localhost); if this is the case, then perhaps the second command above should be removed from package? mysql select host,user from mysql.user; +---+--+ | host | user | +---+--+ | localhost | root | +---+--+ 1 row in set (0.03 sec) Could it be that you named your host localhost? 'hostname' returns the contents of /etc/myname - which is not localhost.
Re: reduce power consump. laptop
Hi Nick, I am using OpenBSD 4.0 as it was released some four months ago. Nice to hear what you're saying but I don't really understand something. From your words I've got the feeling that you say: before my laptop could not work with apm and now yes. I thought apm is a thing that is inherent to the laptop and not to the OS. Could you or somebody else shed a bit of light on this? Is there any hope that my laptop will have apm support in obsd 4.1 if it hasn't now? thanks, Pau -- Email and shopping with the feelgood factor! 55% of income to good causes. http://www.ippimail.com
Re: OT: Domain Name Freedom
Now I understand why Theo calls you an idiot. Bleh. On 2/3/07, chefren [EMAIL PROTECTED] wrote: On 2/3/07 8:10 PM, bofh wrote: I'm not saying godaddy is a thief, but equating the amount of $$ donated to being a good friend is wrong. If a thief steals $30mil and gives you $1mil, is he your best friend? I think the criticisms here have been over gogaddy's business practises, and not the fact that they donated $10k. Godaddy *SHOULD NOT* have taken down fyodor's list no matter how much of an ass you believe he is. Is godaddy the new internet vcensor? I believe he is an ass for his reaction. I have understood thousands of passwords of people were on-line because they were commented on his webpages. Godaddy was in the chain of keeping them on-line and they pulled their plug immediately to deminish the damage, they put the plug back within one hour. Fyodor can be a hero for other reasons, in this case he misused his power to damage Godaddy and we hear nothing about what I presume the fact, that privacy of thousands of people were at risk because of his site sending copies of their logins to anyone who asked for it. Godaddy was in the chain and reacted. I don't maintain websites with free publishing possibilities for unknown people, he did and this is what he risks with it. This is comparable to the firebrigade that ruins your door because they want to stop a fire. +++chefren
Re: reduce power consump. laptop
On Sat, 3 Feb 2007 21:16:03 - (UTC) [EMAIL PROTECTED] wrote: I am using OpenBSD 4.0 as it was released some four months ago. Nice to hear what you're saying but I don't really understand something. From your words I've got the feeling that you say: before my laptop could not work with apm and now yes. I thought apm is a thing that is inherent to the laptop and not to the OS. Could you or somebody else shed a bit of light on this? Is there any hope that my laptop will have apm support in obsd 4.1 if it hasn't now? Newer laptops forgo legacy apm controls and rely an acpi for power management instead. In -current (after 4.0 was released) a massive amount of acpi code was imported which makes apm work through the acpi system calls. Chances are that your laptop will have much better apm support in openbsd 4.1 than it has right now. However, to be sure of that now is the time to help the devs test this new code. If you feel up to it you can always install a snapshot and see how this new code works for you. Should you give it a go, then don't forget to start your apmd with -f /dev/acpi. Good luck. // nick
Re: OT: Domain Name Freedom
On 2/3/07, chefren [EMAIL PROTECTED] wrote: Come on, this is already off topic, why posting something without arguments? Because, using your arguments, all full disclosure lists should be closed down. We should not even talk about vulnerabilities because, damn, it might give those terrorists something to do in their free time. And of course, think of the children.
Re: OT: Domain Name Freedom
On Saturday 03 February 2007 13:36, bofh wrote: On 2/3/07, chefren [EMAIL PROTECTED] wrote: On 2/3/07 8:10 PM, bofh wrote: I'm not saying godaddy is a thief, but equating the amount of $$ donated to being a good friend is wrong. If a thief steals $30mil and gives you $1mil, is he your best friend? I think the criticisms here have been over gogaddy's business practises, and not the fact that they donated $10k. Godaddy *SHOULD NOT* have taken down fyodor's list no matter how much of an ass you believe he is. Is godaddy the new internet vcensor? I believe he is an ass for his reaction. I have understood thousands of passwords of people were on-line because they were commented on his webpages. Godaddy was in the chain of keeping them on-line and they pulled their plug immediately to deminish the damage, they put the plug back within one hour. Fyodor can be a hero for other reasons, in this case he misused his power to damage Godaddy and we hear nothing about what I presume the fact, that privacy of thousands of people were at risk because of his site sending copies of their logins to anyone who asked for it. Godaddy was in the chain and reacted. I don't maintain websites with free publishing possibilities for unknown people, he did and this is what he risks with it. This is comparable to the firebrigade that ruins your door because they want to stop a fire. +++chefren Now I understand why Theo calls you an idiot. Bleh. In the future, please send such personal attacks and logical fallacies (appeal to authority) the new [EMAIL PROTECTED] mailing list. Thank you for your cooperation. JCR
arptables: unable to enter address
Hi guys, I recently switched ISPs, and my new ISP (Time-Warner) gave me a Motorola SBG1000 cable-modem box. My OpenBSD machine, which used to connect directly to my old ISP's servers, is now behind this box. I'm running a GENERIC 4.0 kernel which has never had any problems with my hardware. My problem now is that every fifteen minutes I get the following message on my console as well as in /var/log/messages: Feb 3 15:13:58 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc 24.aaa.bbb.ccc is the SBG1000's WAN address. Its LAN address is 192.168.0.1, and my OpenBSD machine's address on the attached NIC (dc0) is 192.168.0.10. This machine functions as my LAN router and firewall, so it has another NIC (fxp0) whose address is 192.168.1.11. After looking around on misc, I tried the following: arp -s 24.aaa.bbb.ccc 00:11:22:33:44:55 pub where 00:11:22:33:44:55 is the MAC address of the Motorola box's WAN-facing NIC. This gives me: cannot intuit interface index and type for 24.aaa.bbb.ccc I don't really know arp, so I'm wary of poking around any further. I also tried getting the Motorola box not to do NAT, so my machine then gets its IP address directly from the ISP's DHCP server instead of the Motorola box's DHCP server. I still get the same message, but with a different IP address (10.something). Following a post on misc, I tried to set my hostname.dc0 as follows: dhcp inet alias 24.aaa.bbb.ccc 255.255.255.0 24.aaa.bbb.255 Now when I run /etc/netstart I get: duplicate IP address 24.aaa.bbb.ccc sent from ethernet address 00:11:22:33:44:55 where, again, 00:11:22:33:44:55 is one of the Motorola box's MAC addresses. As is probably obvious, I don't know much about networking, so I'm really shooting in the dark here and getting increasingly uncomfortable with it. Any ideas? Thanks, J PS: Please cc me on any replies since I'm not subscribed to misc. Thanks.
Re: OT: Domain Name Freedom
On Sat, 03 Feb 2007 19:36:41 +0100 chefren [EMAIL PROTECTED] wrote: I know lots of people who are very happy with Godaddy. i happen to be one of them for several years now (though i found the representation of Fyodor in that same sentence excessively emotional). reading this thread and the earlier one on MARC regarding registrars, i am contemplating a switch, possibly to gandi who seem to be a really nice group. i just need to rationalize why to pay more than what godaddy charges (one reason might be that the godaddy site has become irritating, irrelevant and icky). while the nodaddy site and several articles have shed considerable light on the situation (some of those horror stories are horrific), i am curious about how godaddy should have acted when thousands of MySpace user names and passwords were exposed on the Internet was speed not of the essence in this situation? or is the point that it is not godaddy's role to intervene in such situations because they are a registrar? -- In friendship, prad ... with you on your journey Towards Freedom http://www.towardsfreedom.com (website) Information, Inspiration, Imagination - truly a site for soaring I's
Re: OT: Domain Name Freedom
On Saturday 03 February 2007 12:38, chefren wrote: On 2/3/07 8:10 PM, bofh wrote: I'm not saying godaddy is a thief, but equating the amount of $$ donated to being a good friend is wrong. If a thief steals $30mil and gives you $1mil, is he your best friend? I think the criticisms here have been over gogaddy's business practises, and not the fact that they donated $10k. Godaddy *SHOULD NOT* have taken down fyodor's list no matter how much of an ass you believe he is. Is godaddy the new internet vcensor? I believe he is an ass for his reaction. I have understood thousands of passwords of people were on-line because they were commented on his webpages. Godaddy was in the chain of keeping them on-line and they pulled their plug immediately to deminish the damage, they put the plug back within one hour. Fyodor can be a hero for other reasons, in this case he misused his power to damage Godaddy and we hear nothing about what I presume the fact, that privacy of thousands of people were at risk because of his site sending copies of their logins to anyone who asked for it. Godaddy was in the chain and reacted. I don't maintain websites with free publishing possibilities for unknown people, he did and this is what he risks with it. This is comparable to the firebrigade that ruins your door because they want to stop a fire. +++chefren chefren, Your understanding is mistaken. The seclist.org domain name is nothing more than a mail list archive like marc.theaimsgroup.com. The MySpace login credentials were posted (multiple times) to a public mailing list (full-disclosure@lists.grok.org.uk) and *one* archive of the mailing list was hosted at the seclists.org domain name. There are *many* other archives of the list around the 'net which still hold the offending information, including marc.theaimsgroup.com https://lists.grok.org.uk/mailman/listinfo/full-disclosure You can find details about what happened, and how long it took to restore service here: http://seclists.org/nmap-hackers/2007/.html Since I have just posted all the information one would need to dig up those compromised MySpace credentials and this post will be archived in lots of different places, do you think it's OK to have the openbsd.org or theaimsgroup.com domains yanked from existence? The real problem was security at MySpace and unfortunately, they tried to fix their security problems by making legal threats against godaddy to yank one of many archives of their embarrassment. Both MySpace and GoDaddy picked the wrong person to screw, and now damaging both companies, in fact possibly putting them out of business for their censorship attempts, seems like well deserved retribution. Though I respect your right to disagree and voice your opinions, companies like MySpace and GoDaddy would try to have you and anyone who archives your opinions shut down by any means possible. Personally, I think denying them as much business as possible seems like a good idea. kind regards, jcr -- cd ~. -Almost Home
Re: OT: Domain Name Freedom
On Saturday 03 February 2007 12:38, chefren wrote: On 2/3/07 8:10 PM, bofh wrote: I'm not saying godaddy is a thief, but equating the amount of $$ donated to being a good friend is wrong. If a thief steals $30mil and gives you $1mil, is he your best friend? I think the criticisms here have been over gogaddy's business practises, and not the fact that they donated $10k. Godaddy *SHOULD NOT* have taken down fyodor's list no matter how much of an ass you believe he is. Is godaddy the new internet vcensor? I believe he is an ass for his reaction. I have understood thousands of passwords of people were on-line because they were commented on his webpages. Godaddy was in the chain of keeping them on-line and they pulled their plug immediately to deminish the damage, they put the plug back within one hour. Fyodor can be a hero for other reasons, in this case he misused his power to damage Godaddy and we hear nothing about what I presume the fact, that privacy of thousands of people were at risk because of his site sending copies of their logins to anyone who asked for it. Godaddy was in the chain and reacted. I don't maintain websites with free publishing possibilities for unknown people, he did and this is what he risks with it. This is comparable to the firebrigade that ruins your door because they want to stop a fire. +++chefren chefren, Your understanding is mistaken. The seclist.org domain name is nothing more than a mail list archive like marc.theaimsgroup.com. The MySpace login credentials were posted (multiple times) to a public mailing list (full-disclosure@lists.grok.org.uk) and *one* archive of the mailing list was hosted at the seclists.org domain name. There are *many* other archives of the list around the 'net which still hold the offending information, including marc.theaimsgroup.com You can find information including sponsors and charter for the full-disclosure mailing list here: https://lists.grok.org.uk/mailman/listinfo/full-disclosure You can find details about what happened, and how long it took to restore service to the mail list archive here: http://seclists.org/nmap-hackers/2007/.html Since I have just posted all the information one would need to dig up those compromised MySpace credentials and this post will be archived in lots of different places, do you think it's OK to have the openbsd.org or theaimsgroup.com domains yanked from existence? The real problem was security at MySpace and unfortunately, they tried to fix their security problems by making legal threats against godaddy to yank one of many archives of their embarrassment. Both MySpace and GoDaddy picked the wrong person to screw, and now damaging both companies, in fact possibly putting them out of business for their censorship attempts, seems like well deserved retribution. Though I respect your right to disagree and voice your opinions, companies like MySpace and GoDaddy would try to have you and anyone who archives your opinions shut down by any means possible. Personally, I think denying them as much business as possible seems like a good idea. kind regards, jcr
Re: OT: Domain Name Freedom
On 2/3/07 10:36 PM, bofh wrote: Now I understand why Theo calls you an idiot. Bleh. OK, I received some additional information off-list and feel I have to apologize for some details. I still do say the posters of the information didn't respect privacy of others and Godaddy at least tried to be responsible. What's against a temporary suspension if something serious seems(!) to be going on where you have some responsibility? Please understand there are enough people who don't know this account information was circulating for some time, that it was posted to multiple lists and don't know what list-archives are and this was about one. What's clear to 95% of the people here is not clear to 99% of the people elsewhere. Some respect is needed to communicate and live together... I do agree Myspace was and is clueless, I'm for full disclosure of bugs but not for freely sending around information with sincere disrespect for the privacy of others and still don't see a serious problem with Godaddy that's obviously =very= OpenBSD friendly. +++chefren (Who with Theo and others has no problem with usage of OpenBSD for baby mulching machines but who also would cut the power for those machines if I =knew= the current was going through lines under my responsibility.)
OT: Cheap Domains/Service was OT: Domain Name Freedom
Hi, can you people sit down and realize that you are turning mice into elephants here ? If you buy a domain from a cheap provider for a $ a month, you can't expect them to have a legal team on call for you 24/7. They have just some person in the noc, skilled enough and trained enough to maintain their stuff and that's it if you are lucky. They get a complaint, they check, the stuff looks illegal, they pull the plug and notify you. Nobody payed them enough money to try and track you down first, contact a lawyer and get legal advice etc. If he looks at his contract he will find out that it was completely legal and to be expected. That you don't have a decent hotline number and it takes 1 hour to get things back online, well, you get what you pay for. If there have been full account names and passwords posted there, they did the right thing btw., from my point of view. There are other ways to do full-disclosure. All this has nothing to do with freedom except his freedom of choice of provider which he still has... -sm
Re: gnome
On Sat, Feb 03, 2007 at 11:02:30AM -, [EMAIL PROTECTED] wrote: Hi, I know, gnome is an elephant... but I cannot live without dragging tabs/ tabs in the terminal and this is a feature I am only aware of in konsole and gnome-terminal. I prefer gnome and the current gnome-session binary is as old as 2.10 (they're now by 2.17) whilst the kde binary seems to be only one release behind. Now... I installed gnome (binary, pkg_add gnome-session) and it's very unstable. I don't think I'm the only one having these problems: http://beranger.org/index.php?fullarticle=2269 (forget what he says, it's just simply crap, I just want to point out I'm not the only one having problems with crashes) My questions: 1) Is gnome going to be updated/fixed in the next release? 2) I don't have anything against other wm; but I don't know of any apart from kde and gnome that have tabbed terminals, which is very important for me (I usually have some 10 tabs opened). If you know of any, please tell me GNOME has already been treated in other replies; as to the second part, I'll just point you at misc/screen. Joachim
Re: OT: Domain Name Freedom
On Sat, Feb 03, 2007 at 05:29:02AM -0800, J.C. Roberts wrote: Please pardon the off topic post but last month some people on this list were wondering about Friendly Registrars after what happened to Fyodor (of nmap fame) with is seclists.org domain being shut down by godaddy. http://marc.theaimsgroup.com/?t=11688078341r=1w=2 If you're interested in what's going on and possibly friendly registrars, Fyodor has set up a site about it. http://nodaddy.com/ I know there's at least one OpenBSD developer, Henning Brauer, who does domain registrations though his company but there may be others. All in all, this only proves that at least one semi-influential handful of people at GoDaddy are idiots. Given its size, that's hardly surprising - one would hope there are also some semi-influential handfuls of bright sparks, and that seems to be the case, too. Still, it's not like it's not archived at the canonical place - http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051792.html - and a couple hundred others, too. Some idiot should probably be familiarized with the concept of a mailing list, and that some people put the messages on the web. Joachim
Passing rootdev to the openbsd kernel
Hi all, question neigher google nor the mailing list archive seems to answer - How can I pass a non-default rootdev to the kernel? Box boots beautifully with -a (and maniually specifying the alternate boot device), but I need to make it non-interactive. Would seem trivial, until one realizes that if it is possible in OpenBSD, nobody every documented or discussed it anywhere. If you're asking yourself what for, I need a box that doesn't support booting from USB to run openbsd off a USB device, with a little assistance (bootloader and kernel) from alternative storage that the BIOS can actually recognize. Thanks Cheers Mik
Re: Passing rootdev to the openbsd kernel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, Feb 04, 2007 at 12:43:12PM +1100, Miki Shapiro wrote: Hi all, question neigher google nor the mailing list archive seems to answer - How can I pass a non-default rootdev to the kernel? In a custom kernel. See config(8), and look for config bsd iD8DBQFFxUHMYi5wNVWLbsURAiFnAJ9b9jvYhv3CG1ArJZYGr7kj403LNQCfaf+U CPyHInYRLGD6Wc3zsmDQKyE= =E9pz -END PGP SIGNATURE-
Re: Passing rootdev to the openbsd kernel
Good enough, I'm using a custom kernel for the box anyway. Thanks! On 2/4/07, Josh Grosse [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, Feb 04, 2007 at 12:43:12PM +1100, Miki Shapiro wrote: Hi all, question neigher google nor the mailing list archive seems to answer - How can I pass a non-default rootdev to the kernel? In a custom kernel. See config(8), and look for config bsd iD8DBQFFxUHMYi5wNVWLbsURAiFnAJ9b9jvYhv3CG1ArJZYGr7kj403LNQCfaf+U CPyHInYRLGD6Wc3zsmDQKyE= =E9pz -END PGP SIGNATURE-
Re: arptables: unable to enter address
On Sat, Feb 03, 2007 at 03:31:08PM -0500, J. Alfred Prufrock wrote: Hi guys, I recently switched ISPs, and my new ISP (Time-Warner) gave me a Motorola SBG1000 cable-modem box. My OpenBSD machine, which used to connect directly to my old ISP's servers, is now behind this box. I'm running a GENERIC 4.0 kernel which has never had any problems with my hardware. Yeah, I've got one of those or similar. I'm using it with openbsd doing firewalling and NAT. My problem now is that every fifteen minutes I get the following message on my console as well as in /var/log/messages: Feb 3 15:13:58 rock /bsd: arplookup: unable to enter address for 24.aaa.bbb.ccc 24.aaa.bbb.ccc is the SBG1000's WAN address. Its LAN address is 192.168.0.1, and my OpenBSD machine's address on the attached NIC (dc0) is 192.168.0.10. This machine functions as my LAN router and firewall, so it has another NIC (fxp0) whose address is 192.168.1.11. After looking around on misc, I tried the following: arp -s 24.aaa.bbb.ccc 00:11:22:33:44:55 pub where 00:11:22:33:44:55 is the MAC address of the Motorola box's WAN-facing NIC. This gives me: cannot intuit interface index and type for 24.aaa.bbb.ccc I don't really know arp, so I'm wary of poking around any further. I also tried getting the Motorola box not to do NAT, so my machine then gets its IP address directly from the ISP's DHCP server instead of the Motorola box's DHCP server. I still get the same message, but with a different IP address (10.something). My setup goes like this: modem -- obsd (xl0) -- LANs (xl1 and xl2) on obsd I have in hostname.xl0 just the following: dhcp none none none I made sure NAT and DHCP was turned off the modem via the web interface. And, as far as getting the obsd box to talk to the modem was concerned, that's it! There is other stuff involved in getting the box to talk to the lan and v/v. I found it useful getting just the box to work with the modem, it's not clear in your message if that is also your situation. -- John
