Re: Configuring nut for USB
On 2007/02/22 19:23, James Blasius wrote: I have not been able to figure out (for months) how to attach configure NUT to find an UPS on a USB port. The dmesg shows it to be on uhidev0. Thanks. It needs to be on ugen0 for most UPS software. In -current, uhid no longer claims some common UPS types. If it still shows as uhidev in a snapshot, send dmesg and usbdevs -v
Re: Configuring nut for USB
James Blasius wrote: I have not been able to figure out (for months) how to attach configure NUT to find an UPS on a USB port. The dmesg shows it to be on uhidev0. Thanks. Hi, I have the same problem http://archives.neohapsis.com/archives/openbsd/2006-11/2133.html but unfortunely never received an answer, I am also very interested in a solution. thanks, guido
Lancement du site annuaire-entreprises.com
Bonjour, Lancement officiel le 2 Mars 2007 du site annuaire-entreprises.com du groupe Viaduc.. Inscrivez-vous gratuitement dhs maintenant afin de rifirencer votre sociiti sur l'annuaire des entreprises. Tous les itablissements proposant un service didii aux TPE-PME sont acceptis sur le site annuaire-entreprises.com. L'iquipe Annuaire-entreprises.com www.annuaire-entreprises.com Offre riservie exclusivement aux entreprises. Conformiment ` la Loi Informatique et Libertis parue au Journal Officiel du 6 janvier 1978, vous disposez d'un droit d'acchs, de rectification, et d'opposition aux donnies personnelles vous concernant. Pour ne plus recevoir d'informations de notre part, Cliquez ici
Re: Request: Dedicated OpenBSD (root) Server for a company...
On 2/23/07, Sebastian Rother [EMAIL PROTECTED] wrote: Hello everybody, I`m asking this for a friend who wanna set up a company and needs a dedicated Webserver (wich does run OpenBSD of course..). It`s kinda hard to find companies wich do provide such services OR do even just reply (or reply in a accaptable amount of time (wich is NOT 14days and more..)). So if anybody is working for such a company or knows such a company please do read this public request and do let me know. Wanted: My friend is looking for a Server wich has nearly those specifications: - Celeron 2.8ghz (or better of course) - 1GB RAM - 80GB HDD space - OpenBSD 4.0 as OS! (or Linux rescue-system wich allows him to install it) - No fBSD,, no nBSD... OPENBSD... it is CLEARLY a demand! So the Hardware must be supported 100% by OpenBSD - ~200-400gb Traffic - Serval IPs - Tech. contact who do know what they do (!= STRATO for example..) -- Propably the possibility to get special offers - Configurations for other servers - More/less Bandwith on demand to accaptable prices He would be able to pay ~100-150 USD, by Creditcard of his company. Also it would be great if the connection (speed, peering) would be good and not as lousy as at the most providers My friend did send out a request to m5hosting because I told him this company is what he`s looking for. Unfortunaly m5hosting did replied after more then 14 days and now he`s again waiting already for 72 hours and more. This is simply unaccaptable and it is a shame (yeah, sorry) that the company is listed at a openbsd website. I think there`s no need to explain that this is unaccaptable if you wanna open a business and propably do already have customers... It just SUCKS (sorry Mike...) So I would be happy to get such offers or offers with different configurations. if you`re working for such a company this is propably your chance ot get not just one customer. Also m5hosting is allowed to provide a offer. They just would have to write or answer a mail IN TIME (less then 72hrs...). He needs to make some business and not to play a waiting game... [snip] Search the fine misc mailing archives for tthe thread titled OpenBSD dedicated hosting, it started on September 17, 2006 ;) ==Adriaan==
Re: OpenOSPFd and kernel routing table
Claudio Jeker schrieb: Hmm. For some reasons the carp route is not cleared correctly. I'll have a look at it. Do you have any news on this topic? I like to run OpenOSPFd on my routers, but since the bugfix there isn't any redundancy. Hope to hear some good news :) Thanks! Falk
Re: Request: Dedicated OpenBSD (root) Server for a company...
assuming your friend is located in germany. Send him to strato. They have a remote console which will enable him to install openbsd on the server. Otherwise he'll either have to expect a high but reasonable price or consider housing/colocation. cheers sebastian Am Freitag, den 23.02.2007, 00:08 +0100 schrieb Sebastian Rother: Hello everybody, I`m asking this for a friend who wanna set up a company and needs a dedicated Webserver (wich does run OpenBSD of course..). It`s kinda hard to find companies wich do provide such services OR do even just reply (or reply in a accaptable amount of time (wich is NOT 14days and more..)). So if anybody is working for such a company or knows such a company please do read this public request and do let me know. Wanted: My friend is looking for a Server wich has nearly those specifications: - Celeron 2.8ghz (or better of course) - 1GB RAM - 80GB HDD space - OpenBSD 4.0 as OS! (or Linux rescue-system wich allows him to install it) - No fBSD,, no nBSD... OPENBSD... it is CLEARLY a demand! So the Hardware must be supported 100% by OpenBSD - ~200-400gb Traffic - Serval IPs - Tech. contact who do know what they do (!= STRATO for example..) -- Propably the possibility to get special offers - Configurations for other servers - More/less Bandwith on demand to accaptable prices He would be able to pay ~100-150 USD, by Creditcard of his company. Also it would be great if the connection (speed, peering) would be good and not as lousy as at the most providers My friend did send out a request to m5hosting because I told him this company is what he`s looking for. Unfortunaly m5hosting did replied after more then 14 days and now he`s again waiting already for 72 hours and more. This is simply unaccaptable and it is a shame (yeah, sorry) that the company is listed at a openbsd website. I think there`s no need to explain that this is unaccaptable if you wanna open a business and propably do already have customers... It just SUCKS (sorry Mike...) So I would be happy to get such offers or offers with different configurations. if you`re working for such a company this is propably your chance ot get not just one customer. Also m5hosting is allowed to provide a offer. They just would have to write or answer a mail IN TIME (less then 72hrs...). He needs to make some business and not to play a waiting game... Thanks for all offers or sugesstions! Please do cc me because I`m not subscriped to [EMAIL PROTECTED] Kind regards, Sebastian
Re: ldap authentication troubles
On 2/21/07, Vijay Sankar [EMAIL PROTECTED] wrote: On Wednesday 21 February 2007 10:22, Rogier Krieger wrote: Personally, I'm having trouble using login-ldap with my local(host) LDAP server using SSL. snip ftl2# more /etc/openldap/ldap.conf snip TLS_CACERT /etc/ssl/certs/ca.crt The TLS_CACERT setting did the trick for me. Things work just fine now. Thank you for that pointer. I knew I was missing something :) Cheers, Rogier -- If you don't know where you're going, any road will get you there.
pfctl: Cannot allocate memory
Follow-up. I googled previously and read a bunch of posts relating to 3.6, 3.7 3.8. More info. - all:\ :bobbeck1:white:spews1:white:china:white:korea:white: # Bob Beck's traplist mirrored at OpenBSD bobbeck1:\ :black:\ :msg=SPAM. Go forth and multiply !!!:\ :method=http:\ :file=www.openbsd.org/spamd/traplist.gz: # Mirrored from http://www.spews.org/spews_list_level1.txt spews1:\ :black:\ :msg=SPAM. Your address %A is in the spews level 1 database\n\ See http://www.spews.org/ask.cgi?x=%A for more details:\ :method=http:\ :file=www.openbsd.org/spamd/spews_list_level1.txt.gz: # Mirrored from http://www.spews.org/spews_list_level2.txt #spews2:\ # :black:\ # :msg=SPAM. Your address %A is in the spews level 2 database\n\ # See http://www.spews.org/ask.cgi?x=%A for more details:\ # :method=http:\ # :file=www.openbsd.org/spamd/spews_list_level2.txt.gz: # Mirrored from http://www.okean.com/chinacidr.txt china:\ :black:\ :msg=SPAM. Your address %A appears to be from China\n\ See http://www.okean.com/asianspamblocks.html for more details:\ :method=http:\ :file=www.openbsd.org/spamd/chinacidr.txt.gz: # Mirrored from http://www.okean.com/koreacidr.txt korea:\ :black:\ :msg=SPAM. Your address %A appears to be from Korea\n\ See http://www.okean.com/asianspamblocks.html for more details:\ :method=http:\ :file=www.openbsd.org/spamd/koreacidr.txt.gz: relaydb-black:\ :black:\ :msg=SPAM. Your address %A is in my relaydb list.:\ :method=exec:\ :file=/usr/local/bin/relaydb -4lb: relaydb-white:\ :white:\ :method=exec:\ :file=/usr/local/bin/relaydb -4lw: # Whitelists are done like this, and must be added to all after each # blacklist from which you want the addresses in the whitelist removed. # white:\ :white:\ :method=file:\ :file=/var/db/whitelist.txt: # # ls -l /var/db/whitelist.txt -rw-r--r-- 1 _spamd _spamd 10593 Feb 21 12:11 /var/db/whitelist.txt Never miss an email again! Yahoo! Toolbar alerts you the instant new Mail arrives. http://tools.search.yahoo.com/toolbar/features/mail/
Re: problem booting Supermicro PDSMA
Jean-Yves Boisiaud wrote: hello, We've just bought a Supermicro PDSMA motherboard and we would like to install OBSD 4.0. Specific hardware is a SATA II RAID controler, an Areca 1110. North bridge : Mukilteo E7230 South bridge : ICH7R 2 GB lan controlers on the motherboard, an Intel PRO/1000MT and a 1000PT. Here is the end of the boot sequence (the Areca seems to be ok) : pci5 at ppb4 bus13 em0 at pci5 dev 0 function 0 Intel PRO/1000MT (82573E) rev 0x03 : irq 11, address ... vendor Intel, unknown product 0x108f (class communications subclass serial, rev 0x03) at pci 5 dev 0 function 3 not configured em1 at pci5 dev 0 function 4 Intel PRO/100PT (82573E) rev 0x03 : irq ^^ That looks weird (Intel PRO/*100*PT). Can you try with disabling those onboard NICs? 11uvm_fault(0xd067a780, 0xe8f4F000, 0, 1) - e fatal page fault (6) in supervisor mode trap type 6 code0 eip ... panic: trap type 6, code 0, pc=d0391733 Thanks for your answer.
Re: pfctl: Cannot allocate memory
Hi, try adding the following lines to your /etc/pf.conf and reload with pfctl -f /etc/pf.conf set limit tables 5000 # default 1000 set limit table-entries 500 # default 10 Guess this should solve your problem... - Florian -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of M... Sent: Friday, February 23, 2007 2:12 PM To: misc@openbsd.org Subject: pfctl: Cannot allocate memory Hello. I've been running spamd with greylisting for a few weeks. Today, I am getting 'pfctl: Cannot allocate memory' notifications. OpenBSD 4.0 GENERIC#1107 i386 load averages: 0.18, 0.23, 0.24 08:04:24 62 processes: 61 idle, 1 on processor CPU states: 0.3% user, 0.0% nice, 0.0% system, 0.0% interrupt, 99.7% idle Memory: Real: 23M/69M act/tot Free: 168M Swap: 0K/102M used/tot # vmstat -m Memory statistics by bucket size Size In Use Free Requests HighWater Couldfree 16 4988 1037225844521280 792 32 290 11181672745 640 93 64 1211133 148714 320 0 128 757 75 69589 160 0 256 186 38 48794 80 0 512 161 31 48241 40 1 1024 628 60 65101 20 15049 2048 78 12 560411 10 323719 4096 31 4314 5 0 81927 0 7 5 0 163842 0 2 5 0 327684 0 4 5 0 Memory usage type by bucket size Size Type(s) 16 devbuf, pcb, routetbl, ifaddr, sysctl, vnodes, UFS mount, sem, dirhash, in_multi, exec, xform_data, VM swap, UVM amap, UVM aobj, USB, temp 32 devbuf, pcb, routetbl, ifaddr, vnodes, UFS mount, sem, dirhash, proc, VFS cluster, ether_multi, xform_data, VM swap, UVM amap, USB, packet tags, temp 64 devbuf, pcb, routetbl, ifaddr, sem, dirhash, in_multi, pfkey data, UVM amap, USB, NDP, temp 128 devbuf, routetbl, ifaddr, sysctl, vnodes, dirhash, ttys, exec, UVM amap, USB, USB device, NDP 256 devbuf, routetbl, ifaddr, ioctlops, vnodes, shm, VM map, dirhash, file desc, proc, NFS srvsock, NFS daemon, newblk, UVM amap, USB, temp 512 devbuf, pcb, ifaddr, ioctlops, mount, UFS mount, shm, dirhash, ttys, exec, UVM amap, USB device, temp 1024 devbuf, ioctlops, namecache, proc, ttys, exec, UVM amap, UVM aobj, crypto data, temp 2048 devbuf, ifaddr, ioctlops, UFS mount, pagedep, VM swap, UVM amap, temp 4096 devbuf, ioctlops, UFS mount, MSDOSFS mount, VM swap, UVM amap, temp 8192 devbuf, NFS node, namecache, UFS quota, UFS mount, ISOFS mount, inodedep 16384 devbuf, namecache 32768 devbuf Memory statistics by type Type Kern Type InUse MemUse HighUse Limit Requests Limit Limit Size(s) devbuf 1016 691K703K 38031K 554212 0 0 16,32,64,128,256,512,1024,2048,4096,8192,16384,32768 pcb79 7K 7K 38031K14608 0 0 16,32,64,512 routetbl 80419K 20K 38031K10554 0 0 16,32,64,128,256 ifaddr7414K 14K 38031K 76 0 0 16,32,64,128,256,512,2048 sysctl 2 1K 1K 38031K2 0 0 16,128 ioctlops 0 0K 4K 38031K10006 0 0 256,512,1024,2048,4096 mount 5 3K 3K 38031K5 0 0 512 NFS node 1 8K 8K 38031K1 0 0 8192 vnodes82 8K 44K 38031K 9323 0 0 16,32,128,256 namecache 325K 25K 38031K3 0 0 1024,8192,16384 UFS quota 1 8K 8K 38031K1 0 0 8192 UFS mount2141K 41K 38031K 21 0 0 16,32,512,2048,4096,8192 shm 2 1K 1K 38031K2 0 0 256,512 VM map 3 1K 1K 38031K3 0 0 256 sem 3 1K 1K 38031K3 0 0 16,32,64 dirhash 10520K 20K 38031K 384 0 0 16,32,64,128,256,512 file desc 1 1K 1K 38031K2 0 0 256 proc19 3K 3K 38031K 19 0 0 32,256,1024 VFS cluster 0 0K 1K 38031K 4963 0 0 32 NFS srvsock 2 1K 1K 38031K2 0 0 256 NFS daemon 1 1K 1K 38031K1 0 0 256 in_multi22 1K 1K 38031K 22 0 0 16,64 ether_multi 4 1K 1K 38031K4
Re: problem booting Supermicro PDSMA
On 2007/02/23 14:54, RedShift wrote: vendor Intel, unknown product 0x108f (class communications subclass serial, rev 0x03) at pci 5 dev 0 function 3 not configured Intel AMT, serial-over-lan port. Source: http://216.239.59.104/search?q=cache:www.zept.co.jp/services/NEXXUS4800PT_Motherboard_TPS_rev_1_0.pdf Already in pcidevs in -current. em1 at pci5 dev 0 function 4 Intel PRO/100PT (82573E) rev 0x03 : irq ^^ That looks weird (Intel PRO/*100*PT). dropped char over serial port, perhaps? I can't see where else it's likely to come from. Can you try with disabling those onboard NICs? or a snapshot, perhaps?
Re: spamd unnecessarily abrasive?
On Ter, 2007-02-20 at 17:56 -0700, Darren Spruell wrote: The fact remains that after 3 and a half years spammers as a whole have not outwitted greylisting. The facts speak for themselves; those who actually implement spamd see a sharp reduction in spam deliveries. I think they're gradually moving to do so, I periodically have to check out the auto-white lists, since sometimes a damn spammer get's through. Rui -- + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...? [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
IPsec intermittent failure
We have an IPsec tunnel setup between two OpenBSD firewalls and normally it just works (thanks developers!) Over the past day or so the tunnel breaks. ipsecctl -sa shows no flows or SADB entries. The log entries at the Sydney end show lines like: Feb 24 05:59:21 pps35001 isakmpd[9204]: rsa_sig_decode_hash: no public key found Feb 24 05:59:21 pps35001 isakmpd[9204]: dropped message from xyz.101.222.1 port 56858 due to notification type INVALID_ID_INFORMATION Feb 24 05:59:32 pps35001 isakmpd[9204]: rsa_sig_decode_hash: no public key found Feb 24 05:59:32 pps35001 isakmpd[9204]: dropped message from xyz.101.222.1 port 56858 due to notification type INVALID_ID_INFORMATION There are batches of such messages, some quite short (1 or 2) but some go on for long periods. The batch including the above sample started at 05:10:57 and is still (06:13) going. The Melbourne end log looks like: Feb 24 06:13:04 PPS35004 isakmpd[23508]: transport_send_messages: giving up on exchange peer-abc.228.107.202, no response from peer abc.228.107.202:500 Feb 24 06:13:32 PPS35004 isakmpd[23508]: transport_send_messages: giving up on exchange peer-abc.228.107.202, no response from peer abc.228.107.202:4500 The pubkey for Melbourne is in place and readable at /etc/isakmpd/pubkeys/ipv4/ Any clues? Any other pertinent info needed? Please reply on list. The sender address is filtered to allow connections only from the list server. The spammers know it well enough. ;( Rod/ From the land down under: Australia. Do we look umop apisdn from up over?
Re: Request: Dedicated OpenBSD (root) Server for a company...
we do openbsd hosting. feel free to contact me. Thomas On Friday, 23. February 2007 12:03, Sebastian Schmitzdorff wrote: assuming your friend is located in germany. Send him to strato. They have a remote console which will enable him to install openbsd on the server. Otherwise he'll either have to expect a high but reasonable price or consider housing/colocation. cheers sebastian Am Freitag, den 23.02.2007, 00:08 +0100 schrieb Sebastian Rother: Hello everybody, I`m asking this for a friend who wanna set up a company and needs a dedicated Webserver (wich does run OpenBSD of course..). It`s kinda hard to find companies wich do provide such services OR do even just reply (or reply in a accaptable amount of time (wich is NOT 14days and more..)). So if anybody is working for such a company or knows such a company please do read this public request and do let me know. Wanted: My friend is looking for a Server wich has nearly those specifications: - Celeron 2.8ghz (or better of course) - 1GB RAM - 80GB HDD space - OpenBSD 4.0 as OS! (or Linux rescue-system wich allows him to install it) - No fBSD,, no nBSD... OPENBSD... it is CLEARLY a demand! So the Hardware must be supported 100% by OpenBSD - ~200-400gb Traffic - Serval IPs - Tech. contact who do know what they do (!= STRATO for example..) -- Propably the possibility to get special offers - Configurations for other servers - More/less Bandwith on demand to accaptable prices He would be able to pay ~100-150 USD, by Creditcard of his company. Also it would be great if the connection (speed, peering) would be good and not as lousy as at the most providers My friend did send out a request to m5hosting because I told him this company is what he`s looking for. Unfortunaly m5hosting did replied after more then 14 days and now he`s again waiting already for 72 hours and more. This is simply unaccaptable and it is a shame (yeah, sorry) that the company is listed at a openbsd website. I think there`s no need to explain that this is unaccaptable if you wanna open a business and propably do already have customers... It just SUCKS (sorry Mike...) So I would be happy to get such offers or offers with different configurations. if you`re working for such a company this is propably your chance ot get not just one customer. Also m5hosting is allowed to provide a offer. They just would have to write or answer a mail IN TIME (less then 72hrs...). He needs to make some business and not to play a waiting game... Thanks for all offers or sugesstions! Please do cc me because I`m not subscriped to [EMAIL PROTECTED] Kind regards, Sebastian
Relative Firewall Performance: 3.7 and 4.0
I recently upgraded a Soekris 4801 firewall from OpenBSD 3.7 to 4.0. The configuration for firewalling (pf.conf) is unchanged. On 3.7, at peak throughput I normally saw maybe 65% - 76% interrupt mode and little or no congestion. However, on 4.0 with similar traffic levels I see 85% - 95% interrupt mode and the congestion counter increments fairly rapidly. Of course, one cannot expect best performance from a Soekris due to the Ethernet chipsets, but it was -adequate- on 3.7. I've spent a little time google'ing for any observations on a difference in performance between 3.7 and 4.0 and have found nothing useful so far. Have other list members had this experience or know of anyone else who has? If so, has anyone had any favorable performance tuning experiences that might help me out? So far, the only tuning change I've made for 4.0 was to increase net.inet.ip.ifq.maxlen from 50 to 150, but this appears to have had negligible impact. Bill -- William Bloom| Snr Systems Engineer|M P H A S I S Architecting Value | MphasiS Healthcare Solutions 5353 North 16th Street, Suite 400 Phoenix, Az 85016 | Direct: +11-602-604-3100 | Fax: +11-602-604-3115| http://www.eldocomp.com -- CONFIDENTIALITY NOTICE -- Information transmitted by thisB e-mail is proprietary to MphasiS and/or its Customers and is intended for use only by the individual or entity to which it is addressed, and may contain information that isB privileged, confidential or exempt from disclosure under applicable law. If you are not the intended recipient or it appears that this e-mail has been forwarded to you without proper authority, you are notified that any use or dissemination of this information in any manner is strictly prohibited. In such cases, please notify us immediately at [EMAIL PROTECTED] and delete this mail from your records.
Re: Relative Firewall Performance: 3.7 and 4.0
On 2007/02/23 16:27, William Bloom wrote: I recently upgraded a Soekris 4801 firewall from OpenBSD 3.7 to 4.0. The configuration for firewalling (pf.conf) is unchanged. On 3.7, at peak throughput I normally saw maybe 65% - 76% interrupt mode and little or no congestion. However, on 4.0 with similar traffic levels I see 85% - 95% interrupt mode and the congestion counter increments fairly rapidly. you might get a small improvement if you optimize the pf ruleset. Of course, one cannot expect best performance from a Soekris due to the Ethernet chipsets, but it was -adequate- on 3.7. ethernet chipsets make little difference, plug an em(4) in and you'll see pretty much the same. it's the PCI controller (or lack thereof) that's the problem. fwiw, WRAP manage about a 1/3 more throughput from a similar processor, but I'm not quite sure how.