Re: BSD Documentation License?
Ted Walther wrote: [snip] (The 2/3-term BSD license meant to do basically the same, but it used more words to do the same. The old 4-term BSD license included some terms to make University of California benefit from advertising, if there was going to be any.) I have been generating midi, ogg, pdf, and mp3 files of some old, out-of-copyright music. I have been releasing them and the source that generates them under the Creative Commons license. Do you recommend the 3 term BSD license for this particular use instead? Or would the 2 term one be better? The BSD license is about using copyright, for which I believe you have no claim in the media files you mention.
Re: BSD Documentation License?
(The 2/3-term BSD license meant to do basically the same, but it used more words to do the same. The old 4-term BSD license included some terms to make University of California benefit from advertising, if there was going to be any.) I have been generating midi, ogg, pdf, and mp3 files of some old, out-of-copyright music. I have been releasing them and the source that generates them under the Creative Commons license. Do you recommend the 3 term BSD license for this particular use instead? Or would the 2 term one be better? You can't do that. You added nothing of value, so you don't deserve copyright, since your conversions do not count as being substantial. Conversions of files remain under their existing rights, which means, they are free, since the copyright expired. Adding a copyright to them is a lie.
amd64 -current kernel hang
I have experienced kernel hangs w/ -current snapshots on Athlon 64 X2 and Sempron boxes. Both GENERIC and GENERIC.MP snapshots exhibit the hang. Once hung, the boxes don't respond to pings; however, keyboard LEDs toggle as expected and I can enter ddb from the keyboard. kernel/5777 [1] has the full problem report including dmesgs and ddb logs. The hang is reproducible by building the eclipse-sdk port. This problem has developed fairly recently (within the past month or so). A similar box (w/ Opteron 165) runs -current i386 GENERIC.MP snapshots and is able to do the same port builds without hanging. It seems the forementioned kernel hang doesn't affect the i386 variant. I would be happy to provide additional information that would help analyze and resolve the problem. [1] http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yestextonly=yesnumbers=5777
Re: BSD Documentation License?
There were no files. I made up my own music file format. I took some hundred year old sheet music, and based on how I interpet it, I composed my particular music files. From my music files, I automatically generate PDF sheet music, midi, ogg, and mp3. The PDF sheet music is not identical to the original sheet music. The music itself is out of copyright. But in the legal field, there are cases that have established that copyright on public domain material can apply to things like page numbers. The classic example if the Findlaw company. They index publicly available court rulings. The court rulings themselves cannot be copyrighted, as they are public property. But when a competitor copied Findlaws product, they got smacked for copyright violation. The court found that the content was copyright-free, but the page numbers were added by Findlaw, and constituted their copyrighted property. This is like someone copyrighting Strong's numbers, which are a sort of index to the Bible. My source for this information is Amicus Curia, a pro se lawyer and paralegal operating in the state of Washington. He has had running battles with Findlaw, who periodically clobber their own legal software to force you to buy upgrades. Their product is the best in the field, so all lawyers end up using it, fueling a monopoly in the field of legal research. In todays music industry, performers claim copyright when they record themselves playing a piece of music, even if the music itself is out of copyright. I may not be a musician, but it took a certain amount of skill to read the music, and enter it into the computer, and then make the computer play it. That is, it took skill and effort to create a performance. As for substantial changes to the source; I separated tenor, soprano, alta, and bass parts so they could all be listened to separately. There was no such separation in the original sheet music. This sort of change is at least on par with adding page numbers and an index. You call that bullshit? Ok. I won't disagree. But there is a whole legal industry out there with their own peculiar ideas. I'm a believer in freedom. I don't want to restrict anyone from using my newly formatted renditions of old, out of copyright music. I want to let people know that I renounce any copyright claims to the material on the website. So the options are: 1) public domain 2) creative commons license 3) BSD license If I do not state this renunciation of copyright somehow, people, especially legal people, may assume some sort of copyright exists. What do you recommend? Ted On Thu, Mar 27, 2008 at 01:57:32AM -0600, Theo de Raadt wrote: (The 2/3-term BSD license meant to do basically the same, but it used more words to do the same. The old 4-term BSD license included some terms to make University of California benefit from advertising, if there was going to be any.) I have been generating midi, ogg, pdf, and mp3 files of some old, out-of-copyright music. I have been releasing them and the source that generates them under the Creative Commons license. Do you recommend the 3 term BSD license for this particular use instead? Or would the 2 term one be better? You can't do that. You added nothing of value, so you don't deserve copyright, since your conversions do not count as being substantial. Conversions of files remain under their existing rights, which means, they are free, since the copyright expired. Adding a copyright to them is a lie. -- There's a party in your skull. And you're invited! Name:Ted Walther Phone: 604-435-5787 Email: [EMAIL PROTECTED] Skype: tederific Address: 3422 Euclid Ave basement, Vancouver, BC V5R4G4 (Canada)
Re: pfstatd crash?
Thanks Daniel, I'll give that a go!
I'm surprised no-one has come across this before, is pfstatd not widely
used? I'm looking at using custom snmp traps to gather this information
instead, but that also looks like a non-standard method. What do most
people use for pf performance monitoring?
Cliff.
Daniel Hartmeier wrote:
When the process tries to write to the socket after the connection has
been closed, it gets a SIGPIPE signal. Without custom signal handling,
the default action is to terminate the process, see signal(3).
signal(3).
Basic socket programming issue, the author sucks. Try the patch below ;)
Daniel
Index: pfstatd.c
===
RCS file: /var/cvs/pfstat/pfstatd/pfstatd.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 pfstatd.c
--- pfstatd.c 11 Jan 2007 16:01:58 - 1.1.1.1
+++ pfstatd.c 26 Mar 2008 17:58:05 -
@@ -39,6 +39,7 @@
#include errno.h
#include fcntl.h
#include pwd.h
+#include signal.h
#include stdio.h
#include stdlib.h
#include string.h
@@ -97,6 +98,7 @@
}
if (argc != optind)
usage();
+ signal(SIGPIPE, SIG_IGN);
if ((fdp = open(/dev/pf, O_RDONLY)) 0) {
fprintf(stderr, open: /dev/pf: %s\n, strerror(errno));
return (1);
Re: pfstatd crash?
On 2008-03-27, clifford bailey [EMAIL PROTECTED] wrote: Thanks Daniel, I'll give that a go! I'm surprised no-one has come across this before, is pfstatd not widely used? I'm looking at using custom snmp traps to gather this information instead, but that also looks like a non-standard method. What do most people use for pf performance monitoring? symon is reasonably popular. I don't think OpenBSD's snmpd supports a PF MIB yet, but now we have it, that's an obvious place to add this, much more useful than custom work in net-snmp.
Re: Problems with (em) on Nexcom NSA 1180
I now know the reason for the intel network cards failing to initalise on OpenBSD. OpenBSD doesn't have a driver for the bridge chipset (PLX) therefore cannot utilise the LAN ports on board. I have checked the PLX website and their doesn't appear to be any support for OpenBSD. Jules Desforges wrote: I have recently acquired, 3 * Nexcom NSA 1108 units - with the intention of using them as OpenBSD routers. Information about the unit can be found here :- http://www.nexcomuk.co.uk/product/productshow.jsp?iid=13pid=692 The unit has the following onboard LAN chips :- PCI-E GbE: Intel. 82571EB PCI-32 GbE: Intel. 82541PI both of which are listed as being supported in the em manual page - despite this OpenBSD is having problems recognising 8 of the nic ports. The 2 fiber ports always detect fine, the remaining 8 copper ports issue errors in the dmesg. I have tried various things including 1) Updating to most recent bios 2) Disabling acpi, apm, usb 3) Disabling hyperthreading in the bios Whilst I get slightly different results on each test, the 8 copper nics still do not work. As the dmesg output is quite long I have put links to them here. The dmesg was carried out on an OpenBSD snapshot from two days ago. http://www.kgb.org.ru/nexcom/ Interestingly, all ports work fine in freebsd. I know a hardware developer at Nexcom in Taiwan who is keep to help and would be willing to assist OpenBSD developers with hardware documentation. I have used other Nexcom units with OpenBSD, including the NSA1086 and DNA840 - both make ideal routing platforms when used with bgp/ospf/ carp. Thanks, Jules
RAMdisk, not for boot, how?
I don't know if this makes a lot of sense or any, but I was thinking that flash memory doesn't like too many writes. So I was thinking of creating one or two RAMdisks, for all those temporary reads and writes that I need, and only store the final result on the flash. The whole system will run from flash, true, but the directory with plenty of writes and processing should run in RAM. So I'd like to create a drive in RAM and then mount this drive as for the busy directory. Does this make sense? If yes, how to do it? Uwe
File System Corrupted Due to didn't Umount cause by power failure
Hello all expect openbsd user, i have encountered this incident before where previously i can solve it easily but not this time. My openbsd is running for 24 X 7 but my mother going off the power and i didn't know about that for few times. After that, file is not properly unmount. OpeBSD asked me to check fschk_ffs manually but i cannot read man pages anymore but before i can. It just stop scrolling at 13%. Enter shell path name or return to sh : I press enter Terminal type ? i enter tty220 Return me unknow terminal type, i tried it with tty00 and others No use. Then i ctrl + c to force it to terminal. After that, i try ffschk_ffs and ffschk but still cannot solve it. OpenBSD drop me to single user and kernel security level is . I think is just for read and not for write. I need your help. Your help is greatly appreciated by me and others. A billion thanks for your help. -- View this message in context: http://www.nabble.com/File-System-Corrupted-Due-to-didn%27t-Umount-cause-by-power-failure-tp16323986p16323986.html Sent from the openbsd user - misc mailing list archive at Nabble.com.
Re: RAMdisk, not for boot, how?
On 18:09:37 Mar 27, Uwe Dippel wrote: I don't know if this makes a lot of sense or any, but I was thinking that flash memory doesn't like too many writes. So I was thinking of creating one or two RAMdisks, for all those temporary reads and writes that I need, and only store the final result on the flash. The whole system will run from flash, true, but the directory with plenty of writes and processing should run in RAM. So I'd like to create a drive in RAM and then mount this drive as for the busy directory. Does this make sense? If yes, how to do it? You need memory file systems for that. It is very easy under OpenBSD. man mount_mfs You have examples in Andreas Bihlmaier's liveCD writeup here. http://openbsd-wiki.org/index.php?title=LiveCD You typically have to create a tar zip of the mount file system and untar it in the RAM disk and you are set. It is a good idea to mount /tmp and /var on RAM disks. -Girish
Re: OpenBSD !GSoC
On Thu, Mar 27, 2008 at 02:15:22AM +0100, raven wrote: Hi, like subject, i would to know why OpenBSD do not partecipate to Google Summer of Code. Exist a reasonable reason? I already search on FAQ but no answer about this :) [raven] The OpenBSD Foundation applied, but it was a last minute thing when someone proposed a project they wanted to do. And we did not get accepted. Perhaps next year. Ken
Wrong console speed in amd64 kernel
Hello misc, I am just in the process of moving one of my servers from i386 to amd64. My webhoster provides me with a serial console over a ssh connection with the speed set to 57600 baud. The following boot.conf works for the bootloader: set tty com0 stty com0 57600 But after the -current kernel is loaded and the main func is executed the serial speed is reset to 9600 baud, which gives me output like this: ` com0: 57600 baud boot booting hd0a:/bsd: 4415664+1071036+748152+0+557208 [80+390168+243800]=0xb16058 entry point at 0x1001e0 [7205c766, 3404, 24448b12, cba0a304] m``` (The last line starts right behind the closing bracket in the line below, my mailer will break the line, so I can't show that in the right way here). The com_speed variable is set to 57600 at the point where the kernel is started. Those accented 'a's show up if I set the console speed to 9600 and have any output on the console, so I am pretty sure that the com port is reset to 9600 baud after the kernel starts. Is there any way to get a readable output on the serial console at 57600 baud? I can change /etc/rc to set the console back to 57600 but that won't help if I got a kernel problem or if I would like to use the -s boot option. In fact I am expiriencing exactly this problem at the moment... dmesg is below is from an install kernel for i386 4.2-stable. The i386-4.2 kernel does not show the behaviour described above. Kind regards, Markus dmesg i386: Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2007 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.2-stable (RAMDISK_YAIFO) #0: Thu Mar 27 11:08:54 CET 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_YAIFO cpu0: AMD Athlon(tm) 64 Processor 3200+ (AuthenticAMD 686-class, 512KB L2 cache) 2.01 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3 cpu0: AMD erratum 89 present, BIOS upgrade may be required real mem = 535261184 (510MB) avail mem = 508964864 (485MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 07/27/05, BIOS32 rev. 0 @ 0xfa760, SMBIOS rev. 2.2 @ 0xf (39 entries) bios0: vendor Phoenix Technologies, LTD version 6.00 PG date 07/27/2005 apm0 at bios0: Power Management spec V1.2 apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 3.0 @ 0xf/0xcc34 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfcb00/240 (13 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 17 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 3 5 7 10 11 pcibios0: no compatible PCI ICU found pcibios0: Warning, unable to fix up PCI interrupt routing pcibios0: PCI bus #5 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x1600 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) NVIDIA nForce4 DDR rev 0xa3 at pci0 dev 0 function 0 not configured pcib0 at pci0 dev 1 function 0 NVIDIA nForce4 ISA rev 0xa3 NVIDIA nForce4 SMBus rev 0xa2 at pci0 dev 1 function 1 not configured ohci0 at pci0 dev 2 function 0 NVIDIA nForce4 USB rev 0xa2: irq 7, version 1.0, legacy support ehci0 at pci0 dev 2 function 1 NVIDIA nForce4 USB rev 0xa3: irq 5 usb0 at ehci0: USB revision 2.0 uhub0 at usb0: NVIDIA EHCI root hub, rev 2.00/1.00, addr 1 pciide0 at pci0 dev 6 function 0 NVIDIA nForce4 IDE rev 0xf2: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: HDS728080PLAT20 wd0: 16-sector PIO, LBA48, 78533MB, 160836480 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6 wd1 at pciide0 channel 1 drive 0: HDS728080PLAT20 wd1: 16-sector PIO, LBA48, 78533MB, 160836480 sectors wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 6 ppb0 at pci0 dev 9 function 0 NVIDIA nForce4 PCI-PCI rev 0xa2 pci1 at ppb0 bus 1 vga1 at pci1 dev 5 function 0 ATI Rage XL rev 0x27 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) ppb1 at pci0 dev 11 function 0 NVIDIA nForce4 PCIE rev 0xa3 pci2 at ppb1 bus 2 ppb2 at pci0 dev 12 function 0 NVIDIA nForce4 PCIE rev 0xa3 pci3 at ppb2 bus 3 ppb3 at pci0 dev 13 function 0 NVIDIA nForce4 PCIE rev 0xa3 pci4 at ppb3 bus 4 bge0 at pci4 dev 0 function 0 Broadcom BCM5721 rev 0x11, BCM5750 B1 (0x4101): irq 11, address 00:e0:81:55:09:c0 brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 ppb4 at pci0 dev 14 function 0 NVIDIA nForce4 PCIE rev 0xa3 pci5 at ppb4 bus 5 pchb0 at pci0 dev 24 function 0 AMD AMD64 HyperTransport rev 0x00 pchb1 at pci0 dev 24 function 1 AMD AMD64 Address Map rev 0x00 pchb2 at pci0 dev 24 function 2 AMD AMD64 DRAM Cfg rev 0x00 pchb3 at pci0 dev 24 function 3 AMD AMD64 Misc Cfg rev 0x00 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using
Re: BSD Documentation License?
Ted Walther [EMAIL PROTECTED] wrote: There were no files. I made up my own music file format. I took some hundred year old sheet music, and based on how I interpet it, I composed my particular music files. From my music files, I automatically generate PDF sheet music, midi, ogg, and mp3. The PDF sheet music is not identical to the original sheet music. Printed sheet music of public domain content is indeed copyrightable. The copyright does not apply to the content, but to the presentation. This makes sense, because (at least with classical music) a lot of effort goes into transcribing, researching the original manuscripts, adding performance hints and typesetting [1]. I think that the above is also valid if you transcribe from old sheet music instead of the original manuscripts, so I'd say that you could copyright the PDF. Since the midi, ogg and mp3 files reflect the pure content without any human interpretation, I doubt that they are copyrightable. I would publish the PDF with a preface, citing the original sources and outlining the changes that were made. This is common practice. If you then choose the standard copyright, people will still be able to make their own compilations from your work. If you want to encourage direct reuse, why not put the PDF into the public domain and ask people to credit you if they make modifications? I wouldn't use any of the documentation licenses. Those licenses are for works where you are the original creator, not for transcriptions. Stefan Krah [1] Unfortunately, the art of typesetting is on a steady decline, but that is another topic.
Re: File System Corrupted Due to didn't Umount cause by power failure
On Thu, Mar 27, 2008 at 03:31:45AM -0700, Peter_APIIT wrote: Hello all expect openbsd user, i have encountered this incident before where previously i can solve it easily but not this time. My openbsd is running for 24 X 7 but my mother going off the power and i didn't know about that for few times. After that, file is not properly unmount. OpeBSD asked me to check fschk_ffs manually but i cannot read man pages anymore but before i can. It just stop scrolling at 13%. Enter shell path name or return to sh : I press enter Terminal type ? i enter tty220 vt220 Return me unknow terminal type, i tried it with tty00 and others No use. Then i ctrl + c to force it to terminal. After that, i try ffschk_ffs and ffschk but still cannot solve it. fsck -y OpenBSD drop me to single user and kernel security level is . I think is just for read and not for write. I need your help. Your help is greatly appreciated by me and others. A billion thanks for your help. -- View this message in context: http://www.nabble.com/File-System-Corrupted-Due-to-didn%27t-Umount-cause-by-power-failure-tp16323986p16323986.html Sent from the openbsd user - misc mailing list archive at Nabble.com. -- / Raimo Niskanen, Erlang/OTP, Ericsson AB
Re: File System Corrupted Due to didn't Umount cause by power failure
Peter_APIIT wrote: Hello all expect openbsd user, i have encountered this incident before where previously i can solve it easily but not this time. My openbsd is running for 24 X 7 but my mother going off the power and i didn't know about that for few times. After that, file is not properly unmount. OpeBSD asked me to check fschk_ffs manually but i cannot read man pages anymore but before i can. It just stop scrolling at 13%. man pages are available on-line, see front page of website. Enter shell path name or return to sh : I press enter Terminal type ? i enter tty220 what did you do to change that? It should prompt you with a default thatworks. Return me unknow terminal type, i tried it with tty00 and others No use. Then i ctrl + c to force it to terminal. you can't type random things there, at least the wrong random things. Assuming it is an i386 or amd64 with a monitor attached, it would be vt220 After that, i try ffschk_ffs and ffschk but still cannot solve it. (no error message, but we can pretty well guess what it would be) AGAIN, typing random stuff isn't how you solve computer problems. The command is fsck or fsck_ffs (either will work), and that command was told to you in the error message (which was probably scrolled off the screen due to your bumbling the terminal type question). OpenBSD drop me to single user and kernel security level is . I think is just for read and not for write. I need your help. Your help is greatly appreciated by me and others. A billion thanks for your help. If things are really messed up, you may prefer (or need) to boot from bsd.rd, either from your disk or from a CD or floppy, then fsck all your partitions. Easiest way to proceed would be to look at the error message you get at boot, it will be complaining about a particular partition, let's assume it is /dev/wd0d. You will enter in the following command: fsck /dev/wd0d When it finds errors, it will ask you if you want to fix them, say y. If it starts irritating you with how many things it is asking you to fix, hit F (upper case!), and it will just assume y for all remaining questions. Once this fsck is done, it may ask you if you want to write the fixes to disk. If so, DO SO! Otherwise, you just wasted your time. :) (I'm drawing a blank at the moment if OpenBSD is one of the OSs I've worked with that asks that question). Now, do a mount -a. The system may now report another partition needs to be cleaned, so repeat the process with the next partition, and so on, until your system comes up with a mount -a. Note, this mount -a trick attempts to mount everything in your /etc/fstab file, so if you booted from bsd.rd, this doesn't work. In that case, you need to look at your disklabel or the etc/fstab file on your disk. Nick.
Re: File System Corrupted Due to didn't Umount cause by power failure
Hi, I didn't get this right.. Have you got to the shell prompt after the crash? If so, did you tried to run fsck /dev/rwd0a? Try it, it may show some problems, or in the boot after the crash the system will show you what partition have been compromised. Just run the fsck /dev/rwd0X for all partitions, if there's many errors and you wanna to take some risks, try fsck -y /dev/rwd0a or any other dev, this will answer yes on all question on fsck, but be careful. Send more information so we can help you, Regards, Vinicius Peter_APIIT wrote: Hello all expect openbsd user, i have encountered this incident before where previously i can solve it easily but not this time. My openbsd is running for 24 X 7 but my mother going off the power and i didn't know about that for few times. After that, file is not properly unmount. OpeBSD asked me to check fschk_ffs manually but i cannot read man pages anymore but before i can. It just stop scrolling at 13%. Enter shell path name or return to sh : I press enter Terminal type ? i enter tty220 Return me unknow terminal type, i tried it with tty00 and others No use. Then i ctrl + c to force it to terminal. After that, i try ffschk_ffs and ffschk but still cannot solve it. OpenBSD drop me to single user and kernel security level is . I think is just for read and not for write. I need your help. Your help is greatly appreciated by me and others. A billion thanks for your help.
Sudden file system oversize / out of space (corruption) . RAID5 on 4.3-current MP with Dell PERC3/DC, Poweredge 1550
I was happily building a butt-load of 'ports', on my new 4.3 MP system and then BAM! No space. Here's where it went in the woods: --- . . building, and building, and building... . . Link to /usr/ports/packages/i386/cdrom/python-expat-2.4.4p6.tgz === Verifying specs: ssl panel m crypto c util z readline pthread ncurses stdc++ === found ssl.11.0 panel.3.0 m.2.3 crypto.13.0 c.43.0 util.11.0 z.4.1 readline.3.0 pthread.9.0 ncurses.10.0 stdc++.44.0 === Installing python-2.4.4p6 from /usr/ports/packages/i386/all/ Error: /dev/sd0a is not large enough (/var/db/pkg/python-2.4.4p6/+DESC) Error: /dev/sd0a is not large enough (/var/db/pkg/python-2.4.4p6/+DISPLAY) Error: /dev/sd0a is not large enough (/var/db/pkg/python-2.4.4p6/+UNDISPLAY) Error: ... more files do not fit on /dev/sd0a /dev/sd0a: 19414100 bytes (missing 9.12805682554186e+18 blocks) - WHAT ?? /usr/sbin/pkg_add: fatal issues in installing python-2.4.4p6 *** Error code 1 . --- I checked, just to be sure: --- Stop in /usr/ports/devel/bzr (line 1422 of /usr/ports/infrastructure/mk/bsd.port.mk). srv0e# df Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/sd0a 34597155706896682 523203028984004608 -8567816068771348469 6%/ srv0e# reboot . . On reboot, ran fsck (multiple times) with no real issues or joy... --- srv0e# reboot Last login: Wed Mar 26 19:45:16 2008 OpenBSD 4.3-current (GENERIC.MP) #0: Wed Mar 26 19:32:09 EDT 2008 Welcome to OpenBSD: The proactively secure Unix-like operating system. Please use the sendbug(1) utility to report bugs in the system. Before reporting a bug, please try to reproduce it with the latest version of the code. With bug reports, please try to ensure that enough information to reproduce the problem is enclosed, and if a known fix for it exists, include that as well. Terminal type? [vt220] # df Filesystem 512-blocks Used Avail Capacity Mounted on /dev/sd0a 69154144879641172 1046446224502161408 -9097604751498936309 6%/ # disklabel sd0 # Inside MBR partition 3: type A6 start 63 size 286213977 # /dev/rsd0c: type: SCSI disk: SCSI disk label: Host drive #00 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 17816 total sectors: 286220288 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a:277812045 8401995 4.2BSD 2048 163841 b: 8401932 63swap c:2862202880 unused 0 0 # ---NOTE to all: The above logical disk is made up of three (3) 73GB Ultra-160 SCSI drives mounted, configured with the AMI RAID BIOS, formatted and OpenBSD installed / working great for many weeks. It is a RAID5 array, hence the one partition + swap. There was NEVER a hint of anything wrong until this failure. . At the worst, I can see these kinds of (seemingly minor) error on the file system, but cannot understand the HUGE space being used/lost... . No label changes. # df Filesystem 512-blocks Used Avail Capacity Mounted on /dev/sd0a 69154144879641172 1046446224502161408 -8557419086819098613 6%/ # fsck ** /dev/rsd0a (NO WRITE) ** Last Mounted on / ** Root file system ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts UNREF FILE I=2000769 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Mar 27 07:24 2008 CLEAR? no UNREF FILE I=2000770 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Mar 27 07:24 2008 CLEAR? no UNREF FILE I=2000945 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Mar 27 07:24 2008 CLEAR? no UNREF FILE I=2000949 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Mar 27 07:24 2008 CLEAR? no UNREF FILE I=2001365 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Mar 27 07:24 2008 CLEAR? no ** Phase 5 - Check Cyl groups 436029 files, 4025301 used, 64328896 free (8304 frags, 8040074 blocks, 0.0% fragmentation) # Any Ideas what could have gone wrong? Randy -- DMESG or completely rebuilt from sources (just to be sure kernel userland are in synch), of course, follows: --- # dmesg OpenBSD 4.3-current (GENERIC.MP) #0: Wed Mar 26 19:32:09 EDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel Pentium III (GenuineIntel 686-class) 1 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,SER,MMX,FXSR,SSE real mem = 1073250304 (1023MB) avail mem = 1029685248 (981MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 08/17/01, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xfb100 (55 entries) bios0: vendor Dell Computer Corporation version A06 date 08/17/2001 bios0: Dell
rackmount servers: seeking green compromise
have a number of rackmount machines of various sorts in service at the moment and, based on the relatively low load on them, am interested in finding equipment that is more optimal from the environmental / consumption point of view. machines that are currently in use are a smattering of dell, hp, sun and via c3 / c7 rigs. it is hard not to notice the substantial noise, power draw and heat that comes from the dell and hp rackmount systems and i would like to see if better rackmount server choices exist that satisfy the following criteria: - fast disks with hardware raid, i.e. u320 or sas, that are hotswappable; am willing to accept SATAII if other criteria work - non-i386 architecture; expect amd64 is the next best for cost - decent processor speed and single core; these will be mailservers, webservers, asterisk servers, etc, that aren't sufficiently loaded to make processor speed a serious performance bottleneck - low power draw / heat signature - low noise - 1U or 2U size the via c3 / c7 systems definitely do the trick for simple stuff like firewalls that don't require quick or redundant disks. my experience also indicates that you can certainly fully load the processor of a via c3 system and lag it pretty badly. i look forward to suggestions :) cheers, jake
Re: RAMdisk, not for boot, how?
Speaking of RAMdisks, have you checked out Gigabyte i-RAM? Might be the right stuff for your need. On Thu, Mar 27, 2008 at 11:36 AM, Girish Venkatachalam [EMAIL PROTECTED] wrote: On 18:09:37 Mar 27, Uwe Dippel wrote: [snip] -Girish
Re: Sudden file system oversize / out of space (corruption) . RAID5 on 4.3-current MP with Dell PERC3/DC, Poweredge 1550
On Thu, Mar 27, 2008 at 08:06:02AM -0400, K.R. (Randy) Lewis wrote: I was happily building a butt-load of 'ports', on my new 4.3 MP system and then BAM! No space. Here's where it went in the woods: --- . . building, and building, and building... . . Link to /usr/ports/packages/i386/cdrom/python-expat-2.4.4p6.tgz === Verifying specs: ssl panel m crypto c util z readline pthread ncurses stdc++ === found ssl.11.0 panel.3.0 m.2.3 crypto.13.0 c.43.0 util.11.0 z.4.1 readline.3.0 pthread.9.0 ncurses.10.0 stdc++.44.0 === Installing python-2.4.4p6 from /usr/ports/packages/i386/all/ Error: /dev/sd0a is not large enough (/var/db/pkg/python-2.4.4p6/+DESC) Error: /dev/sd0a is not large enough (/var/db/pkg/python-2.4.4p6/+DISPLAY) Error: /dev/sd0a is not large enough (/var/db/pkg/python-2.4.4p6/+UNDISPLAY) Error: ... more files do not fit on /dev/sd0a /dev/sd0a: 19414100 bytes (missing 9.12805682554186e+18 blocks) - WHAT ?? /usr/sbin/pkg_add: fatal issues in installing python-2.4.4p6 *** Error code 1 . --- I checked, just to be sure: --- Stop in /usr/ports/devel/bzr (line 1422 of /usr/ports/infrastructure/mk/bsd.port.mk). srv0e# df Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/sd0a 34597155706896682 523203028984004608 -8567816068771348469 6%/ srv0e# reboot . . Too be more precise, since some include files changed, you MUST use the proper rebuiling steps: 1. clean your kernel build dir. 2. run config 3. make depend make 4. reboot 5. clean /usr/obj 6. make obj and make build Or use s snap to save you the trouble. -Otto
Issue compiling a program on OpenBSD
Hi there all,... I used to maintain a small semi-embedded GNU/Linux system at my previous employer and I really enjoyed that. But now I'd like to try my had at building a dedicated OSPF/BGP route/firewall appliance based on OpenBSD. I have a particular liking for the pkgutils package manager written by Per Linden and would like to build my own OpenBSD using this package manager (yeah I'm bored). 'Cept I'm having an issue compiling it,... I've installed OpenBSD 4.2-release with no updates as yet (I'm behind an ISA proxy :( and they block just about the whole planet lol) On top of that I've installed: gmake-3.80p1.tgz libiconv-1.9.2p3.tgz gettext-0.14.6p0.tgz And installed libarchive-2.4.14 from source (couldn't find a binary package) When I try compile the package (pkgutils-5.32.0) I get the following output: # gmake g++ -DNDEBUG -O2 -Wall -pedantic -D_GNU_SOURCE -DVERSION=\5.32.0\ -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -MM main.cc pkgutil.cc pkgadd.cc pkgrm.cc pkginfo.cc .depend g++ -DNDEBUG -O2 -Wall -pedantic -D_GNU_SOURCE -DVERSION=\5.32.0\ -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -c -o main.o main.cc g++ -DNDEBUG -O2 -Wall -pedantic -D_GNU_SOURCE -DVERSION=\5.32.0\ -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -c -o pkgutil.o pkgutil.cc pkgutil.cc: In member function `void pkgutil::db_open(const std::string)': pkgutil.cc:75: error: no matching function for call to ` __gnu_cxx::stdio_filebufchar, std::char_traitschar ::stdio_filebuf(int, const std::_Ios_Openmode, int)' /usr/include/g++/ext/stdio_filebuf.h:53: error: candidates are: __gnu_cxx::stdio_filebufchar, std::char_traitschar ::stdio_filebuf(const __gnu_cxx::stdio_filebufchar, std::char_traitschar ) /usr/include/g++/ext/stdio_filebuf.h:147: error: __gnu_cxx::stdio_filebuf_CharT, _Traits::stdio_filebuf(std::__c_file*, std::_Ios_Openmode, long unsigned int) [with _CharT = char, _Traits = std::char_traitschar] near match /usr/include/g++/ext/stdio_filebuf.h:122: error: __gnu_cxx::stdio_filebuf_CharT, _Traits::stdio_filebuf(int, std::_Ios_Openmode, bool, long unsigned int) [with _CharT = char, _Traits = std::char_traitschar] pkgutil.cc: In member function `void pkgutil::db_commit()': pkgutil.cc:119: error: no matching function for call to ` __gnu_cxx::stdio_filebufchar, std::char_traitschar ::stdio_filebuf(int, const std::_Ios_Openmode, int)' /usr/include/g++/ext/stdio_filebuf.h:53: error: candidates are: __gnu_cxx::stdio_filebufchar, std::char_traitschar ::stdio_filebuf(const __gnu_cxx::stdio_filebufchar, std::char_traitschar ) /usr/include/g++/ext/stdio_filebuf.h:147: error: __gnu_cxx::stdio_filebuf_CharT, _Traits::stdio_filebuf(std::__c_file*, std::_Ios_Openmode, long unsigned int) [with _CharT = char, _Traits = std::char_traitschar] near match /usr/include/g++/ext/stdio_filebuf.h:122: error: __gnu_cxx::stdio_filebuf_CharT, _Traits::stdio_filebuf(int, std::_Ios_Openmode, bool, long unsigned int) [with _CharT = char, _Traits = std::char_traitschar] gmake: *** [pkgutil.o] Error 1 # -- I have heard there are troubles of more than one kind. Some come from ahead and some from behind. But I've bought a big bat. I'm all ready you see. Now my troubles are going to have toubles with me! -- Dr. Seuss
Re: Sudden file system oversize / out of space (corruption) . RAID5 on 4.3-current MP with Dell PERC3/DC, Poweredge 1550
On Thu, Mar 27, 2008 at 08:06:02AM -0400, K.R. (Randy) Lewis wrote: I was happily building a butt-load of 'ports', on my new 4.3 MP system and then BAM! No space. Here's where it went in the woods: --- . . building, and building, and building... . . Link to /usr/ports/packages/i386/cdrom/python-expat-2.4.4p6.tgz === Verifying specs: ssl panel m crypto c util z readline pthread ncurses stdc++ === found ssl.11.0 panel.3.0 m.2.3 crypto.13.0 c.43.0 util.11.0 z.4.1 readline.3.0 pthread.9.0 ncurses.10.0 stdc++.44.0 === Installing python-2.4.4p6 from /usr/ports/packages/i386/all/ Error: /dev/sd0a is not large enough (/var/db/pkg/python-2.4.4p6/+DESC) Error: /dev/sd0a is not large enough (/var/db/pkg/python-2.4.4p6/+DISPLAY) Error: /dev/sd0a is not large enough (/var/db/pkg/python-2.4.4p6/+UNDISPLAY) Error: ... more files do not fit on /dev/sd0a /dev/sd0a: 19414100 bytes (missing 9.12805682554186e+18 blocks) - WHAT ?? /usr/sbin/pkg_add: fatal issues in installing python-2.4.4p6 *** Error code 1 . --- I checked, just to be sure: --- Stop in /usr/ports/devel/bzr (line 1422 of /usr/ports/infrastructure/mk/bsd.port.mk). srv0e# df Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/sd0a 34597155706896682 523203028984004608 -8567816068771348469 6%/ srv0e# reboot . . On reboot, ran fsck (multiple times) with no real issues or joy... Looks like your userland is out of sync. -Otto --- srv0e# reboot Last login: Wed Mar 26 19:45:16 2008 OpenBSD 4.3-current (GENERIC.MP) #0: Wed Mar 26 19:32:09 EDT 2008 Welcome to OpenBSD: The proactively secure Unix-like operating system. Please use the sendbug(1) utility to report bugs in the system. Before reporting a bug, please try to reproduce it with the latest version of the code. With bug reports, please try to ensure that enough information to reproduce the problem is enclosed, and if a known fix for it exists, include that as well. Terminal type? [vt220] # df Filesystem 512-blocks Used Avail Capacity Mounted on /dev/sd0a 69154144879641172 1046446224502161408 -9097604751498936309 6%/ # disklabel sd0 # Inside MBR partition 3: type A6 start 63 size 286213977 # /dev/rsd0c: type: SCSI disk: SCSI disk label: Host drive #00 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 17816 total sectors: 286220288 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a:277812045 8401995 4.2BSD 2048 163841 b: 8401932 63swap c:2862202880 unused 0 0 # ---NOTE to all: The above logical disk is made up of three (3) 73GB Ultra-160 SCSI drives mounted, configured with the AMI RAID BIOS, formatted and OpenBSD installed / working great for many weeks. It is a RAID5 array, hence the one partition + swap. There was NEVER a hint of anything wrong until this failure. . At the worst, I can see these kinds of (seemingly minor) error on the file system, but cannot understand the HUGE space being used/lost... . No label changes. # df Filesystem 512-blocks Used Avail Capacity Mounted on /dev/sd0a 69154144879641172 1046446224502161408 -8557419086819098613 6%/ # fsck ** /dev/rsd0a (NO WRITE) ** Last Mounted on / ** Root file system ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts UNREF FILE I=2000769 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Mar 27 07:24 2008 CLEAR? no UNREF FILE I=2000770 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Mar 27 07:24 2008 CLEAR? no UNREF FILE I=2000945 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Mar 27 07:24 2008 CLEAR? no UNREF FILE I=2000949 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Mar 27 07:24 2008 CLEAR? no UNREF FILE I=2001365 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Mar 27 07:24 2008 CLEAR? no ** Phase 5 - Check Cyl groups 436029 files, 4025301 used, 64328896 free (8304 frags, 8040074 blocks, 0.0% fragmentation) # Any Ideas what could have gone wrong? Randy -- DMESG or completely rebuilt from sources (just to be sure kernel userland are in synch), of course, follows: --- # dmesg OpenBSD 4.3-current (GENERIC.MP) #0: Wed Mar 26 19:32:09 EDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel Pentium III (GenuineIntel 686-class) 1 GHz cpu0:
Re: rackmount servers: seeking green compromise
Hi Jake, have a number of rackmount machines of various sorts in service at the moment and, based on the relatively low load on them, am interested in finding equipment that is more optimal from the environmental / consumption point of view. A shop in Belgium offers this machine: http://www.ahead-it.be/shop/index.asp?LANG=GBcat=serversNR=SCS213 Perhaps it may inspire you. Bye... Nico
Re: BSD Documentation License?
On Thu, Mar 27, 2008 at 01:26:09AM -0700, Ted Walther wrote: There were no files. I made up my own music file format. I took some hundred year old sheet music, and based on how I interpet it, I composed my particular music files. From my music files, I automatically generate PDF sheet music, midi, ogg, and mp3. The PDF sheet music is not identical to the original sheet music. Then as I understand it your interpretation is correct: the original works are in the public domain, and your performance and derived works are copyright by you. I'm a believer in freedom. I don't want to restrict anyone from using my newly formatted renditions of old, out of copyright music. I want to let people know that I renounce any copyright claims to the material on the website. So the options are: 1) public domain 2) creative commons license 3) BSD license If I do not state this renunciation of copyright somehow, people, especially legal people, may assume some sort of copyright exists. If you truly wish to relinquish ALL rights then public domain is exactly that. This is obviously the most free. If additionally you wish to retain attribution only then /usr/src/share/misc/license.template is a great choice. This is probably the most free except for public domain. If it bothers you if Microsoft uses your performance in a Vista ad then you must pick something else. But now you are in a sticky place where you want to share except when you don't. The available licenses are tricky legalese, and finding one to match your motives is difficult and the license may have consequences you don't anticipate. -- Darrin Chandler| Phoenix BSD User Group | MetaBUG [EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
Re: Issue compiling a program on OpenBSD
Basically I want to strip the system down as much as possible, practically nothing would be good. My GNU/Linux appliances ran on a 4MB system image. On Thu, Mar 27, 2008 at 4:16 PM, Stephano Zanzin [EMAIL PROTECTED] wrote: Hi Ross, Well, OpenBSD don't need to be recompiled, because the generic kernel is very small and have a great performance. Now if you gonna to add new features to kernel, I support your decision. Other thing that I recommends kernel recompilation, It's to aprove performance on old 386 systems. Stephano Zanzin
Re: rackmount servers: seeking green compromise
Jacob Yocom-Piatt wrote: - fast disks with hardware raid, i.e. u320 or sas, that are hotswappable; am willing to accept SATAII if other criteria work Fast disks are usually hot. Usually heat goes up with spindle speed. - low power draw / heat signature - low noise - 1U or 2U size The first two are almost mutually exclusive with the third. 1U/2U servers have to move enough air to cool the expected maximum disk/CPU/RAM combination running at 100% 24/7. That means lots of small fans, and small fans are noisy. If you require 1U and performance isn't a primary requirement, an old HP DL320 G1 may work. They're substantially quieter than a DL360 (or modern 1U boxes) and have a single P3 socket 370. Newer DL1xx servers may be quiet as well, but I don't see many of those.
Separate traffic go over certain interfaces gateways?
With multiple gateways specified, how can one go about executing programs while explicitly specifying only a certain subnet be used by said program? Example: two DSL lines, have all bit torrent traffic go through the first interface to the first DSL line and all other traffic to the other.
problem with ipsec
Hi,
in /etc/ipsec.conf I have the following configured:
ike active esp from 192.168.14.12/24 to 172.22.34.0/16 \
local $our_gw peer $remote1_gw \
main auth hmac-sha2-256 enc 3des group grp2 \
quick auth hmac-sha2-256 enc aes group modp1024 \
psk AKey
ike active esp from { 192.168.10.0/23 } to { 111.173.28.0/20,
10.128.22.0/23 } \
local $our_gw peer $remote2_gw \
main auth hmac-md5 enc 3des group grp2 \
quick auth hmac-md5 enc aes group none \
psk Anotherkey
when I start
isakmpd -K -c /etc/isakmpd/isakmpd.conf
then the first tunnel is established, but for the second, I see the
following in the logs:
180727.337795 SA 60 sa_create: sa 0x89e9e600 phase 1 added to exchange
0x89e9e100 (Default-phase-1)
180727.337805 Mesg 50 message_parse_payloads: offset 40 payload PROPOSAL
180727.337814 Mesg 50 message_parse_payloads: offset 48 payload TRANSFORM
180727.337823 Mesg 50 Transform 1's attributes
180727.337833 Mesg 50 Attribute ENCRYPTION_ALGORITHM value 5
180727.337842 Mesg 50 Attribute HASH_ALGORITHM value 1
180727.337850 Mesg 50 Attribute AUTHENTICATION_METHOD value 1
180727.337858 Mesg 50 Attribute GROUP_DESCRIPTION value 2
180727.337867 Mesg 50 Attribute LIFE_TYPE value 1
180727.337876 Mesg 50 Attribute LIFE_DURATION value 28800
180727.337915 Mesg 60 message_validate_payloads: payload PROPOSAL at
0x82e87ca8 of message 0x82e87700
180727.337927 Mesg 70 NO: 1
180727.337936 Mesg 70 PROTO: ISAKMP
180727.337947 Mesg 70 SPI_SZ: 0
180727.337958 Mesg 70 NTRANSFORMS: 1
180727.337967 Mesg 70 SPI:
180727.337977 Mesg 60 message_validate_payloads: payload TRANSFORM at
0x82e87cb0 of message 0x82e87700
180727.337987 Mesg 70 NO: 1
180727.337997 Mesg 70 ID: 1
180727.338005 Mesg 70 SA_ATTRS:
180727.338017 Mesg 60 message_validate_payloads: payload VENDOR at
0x82e87cd4 of message 0x82e87700
180727.338026 Mesg 70 ID:
180727.338036 Exch 50 nat_t_check_vendor_payload: bad size 40 != 16
180727.338046 Exch 50 nat_t_check_vendor_payload: bad size 40 != 16
180727.338055 Exch 50 nat_t_check_vendor_payload: bad size 40 != 16
180727.338064 Mesg 40 message_validate_vendor: vendor ID seen
180727.338075 Misc 30 ipsec_responder: phase 1 exchange 2 step 0
180727.338087 Cryp 60 hash_get: requested algorithm 0
180727.338155 Negt 30 message_negotiate_sa: transform 1 proto 1 proposal 1
ok
180727.338179 Negt 70 attribute_unacceptable: HASH_ALGORITHM: got MD5,
expected SHA
180727.338190 Negt 20 ike_phase_1_validate_prop: failure
180727.338201 Negt 30 message_negotiate_sa: proposal 1 failed
180727.338210 Default message_negotiate_sa: no compatible proposal found
When I switch the statements in /etc/ipsec.conf then both tunnels get
established and are working fine. Is there any explanation for this
behaviour? I have OpenBSD 4.1 running.
kind regards
Sebastian
Issue compiling a program on OpenBSD
I'm quite well aware of that,... I've been building embedded UNIX-like systems for 10years now. The main reason I want to use the OpenBSD kernel is I'm interested in using OpenBGP/OpenOSPF and really don't fancy porting both to GNU/Linux and also brokering a truce between Theo and Linus, so that I can do this port without license conflicts. (M wonder what the chances are that I could get that right in the first place???) It appears that the error I was experiencing earlier is due to GNU extensions to libc being called that are not present in the OpenBSD libc. Can someone confirm this? On Thu, Mar 27, 2008 at 5:04 PM, Stephano Zanzin [EMAIL PROTECTED] wrote: OpenBSD kernel is not Linux. -rw-r--r-- 1 root wheel 5.9M Feb 22 10:56 bsd You only have to remove the tools that you don't need. Stephano Zanzin -- I have heard there are troubles of more than one kind. Some come from ahead and some from behind. But I've bought a big bat. I'm all ready you see. Now my troubles are going to have toubles with me! -- Dr. Seuss
Re: Separate traffic go over certain interfaces gateways?
Here is an excerpt from a pf.conf I have doing exactly what you're asking. Use
this as a base. You will need to add more and adjust some to your setup,
bittorrent_tcp_ports is obviously not defined here. And some of the options
for the rules may not really be needed, but they remained after I set it up
and have not tried to remove them yet. Just remember that for incoming
traffic you do allow on a given interface, you need a
reply-to ($dsl_X_if $dsl_X_gw) after the interface name to let the traffic
go back out the way it came and not the boxes default gateway.
lan_net = 192.168.1.0/24
int_if = sis0
dsl_1_if = sis1
dsl_2_if = sis2
dsl_1_gw = 45.123.223.65
dsl_2_gw = 24.23.134.1
scrub in on {$dsl_1_if, $dsl_2_if} all fragment reassemble
scrub out on {$dsl_1_if, $dsl_2_if} all random-id fragment reassemble
block in on $int_if from any to any
block out on $int_if from any to any
block in on $dsl_1_if from any to any
block out on $dsl_1_if from any to any
block in on $dsl_2_if from any to any
block out on $dsl_2_if from any to any
pass in quick on $int_if from $lan_net to $int_if
pass in quick on $int_if from $lan_net to lo0
pass in on $int_if route-to { ($dsl_1_if $dsl_1_gw) } proto tcp from {
$users } to any port $bittorrent_tcp_ports flags S/SA modulate state
pass in on $int_if route-to { ($dsl_2_if $dsl_2_gw) } proto tcp from {
$users } to any flags S/SA modulate state
pass out on $dsl_1_if proto tcp from any to any flags S/SA modulate state
pass out on $dsl_1_if proto { udp, icmp } from any to any keep state
pass out on $dsl_2_if proto tcp from any to any flags S/SA modulate state
pass out on $dsl_2_if proto { udp, icmp } from any to any keep state
---
On Thursday 27 March 2008 09:30:31 am Jon wrote:
With multiple gateways specified, how can one go about executing
programs while explicitly specifying only a certain subnet be used by
said program?
Example:
two DSL lines, have all bit torrent traffic go through the first
interface to the first DSL line and all other traffic to the other.
Re: Issue compiling a program on OpenBSD
On 16:30:50 Mar 27, Ross Cameron wrote: Basically I want to strip the system down as much as possible, practically nothing would be good. My GNU/Linux appliances ran on a 4MB system image. Please don't insult OpenBSD by comparing with linux. ;) Have you ever seen the source code of OpenBSD kernel? Have you considered how the kernel build system is organized? Have you seen the linux kernel source? What do you mean by practically nothing would be good? And oh by the way OpenBSD is not a kernel, it is an operating system and many people still dunno the difference between the two. You have the choice of putting practically nothing by choosing only those distributions you want in the install stage. Another thing you could do is take a look at crunchgen(1). # cd /usr/src/distrib/crunch # make # make install man crunchgen It is only because linux kernel is so modular (laugh) that people want to build their own kernel. And to tell you honestly I still dunno how to compile and install a linux kernel. And it varies between distros to make things worse. And it is easier to compile an OpenBSD kernel than to compile a linux userland app. Please don't retrofit OpenBSD to fit into the linux mould. It is unfortunate that such garbage like linux is so popular. I guess people do not read the kernel source. But the world always had more fools than smart people... -Girish
Re: Internship (Summer,Chicago,Paid)
We have two summer internships, one of which is specifically available
even if you do not have the specific Data Security skills called for,
just a willingness to learn and the ability to commute to downtown Chicago.
Kevin
(P.S. Details below.)
--
M3W5R($1A=[EMAIL PROTECTED])I='[EMAIL
PROTECTED]5A;2!H87,@='=O('!OVET:6]NR!L:7-T
M960@;[EMAIL PROTECTED];1EBYC;VTL2`@G-E87)C:!F;W(@3W!E;D)3
M1`O($-H:6-A9V\N(!9;W4@;6%Y(%PQY(]N('1H92!W96)S:71E+!O
MB`@(`)(`*9F]R('!R:6]R:71Y(-O;G-I95R871I;VXL('1HF]U9V@@
M=AE(%L=5R;F%T92!E;6%I;!S=%T960@:5R92X@(`)(`@B`@(`@
M2`)(`@(`D@(`@(`)(`)(`)(`@2`@(`D)(`I;W(@8F]T:!P;W-I
M=EO;G,L('=E(%R92!W:6QL:6YG('1O()E(9L97AI8FQE(]N('1H92!S
M=%R=!D871E+`D@(`ID=7)A=EO;BP@;V9F:6-E(AO=7)S+!A;[EMAIL PROTECTED]
M=6YT(]F('-T=7!I9!S='5F9B!W92!AVL@6]U('1O(1O+B`)(`H@(`)
M(`)(`@(`)(`@2`@(`@(`D@(`@(`)(`@(`)(`)(`@2`@(`I+
M979I;B!+861O=R`@(`@2`)(`@(`)(`@(`D)2`@(`@(`)(`*(`@
M(`D@(`@(`D@(`@(`@2`@(`)0D@(`)(`@(`)(`@(`)(`@(`*
M(`@(`@2`@(`@(`D)(`)(`@2`@2`@(`)(`@(`)(`@(`@(`D@
M(`@(`*(`@(`)(`@2`@2`@(`@2`@(`@2`@2`@(`D@(`@2`@
M(`@CT]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]
M/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T)(`@B,Q.B!)1,@,3,V
M.#=4B!P87D@V-A;4@W1AG1S(%T(0Q,]H;W5R+B`@(`@(`)(`@
M(`)(`@2`@(`*5AIR!);G1EFYS:EP(ES([EMAIL PROTECTED][EMAIL
PROTECTED]2H@
M8V]L;5G92!S='5D96YT(EN([EMAIL PROTECTED]5GF5E(`@(`D@G!R;V=R86T@V]M
M97=H870@F5L871E9!T;[EMAIL PROTECTED]('=I;[EMAIL PROTECTED]@:[EMAIL
PROTECTED];R!T
M:ES('-U;6UEBP@(`D@(`@(`*86YD('=I;QI;F@=\@;5A[EMAIL PROTECTED]@
M9]I;FL()O=@@F5A;!W;W)K(%N9!G96YEF%L(]F9FEC92!T87-K
MRX)(`@(`*0D@(`@(`)(`@(`D@(`)(`@2`@(`D@(`@(`D@2`@
M(`*66]U('-H;W5L9!A'!L2!F;W(@=AIR!P;W-I=EO;B!E=F5N('1H
M;W5G:!Y;[EMAIL PROTECTED]\@;F]T([EMAIL
PROTECTED](`@(`@G-P96-I9FEC(5X5R
M:65N8V4@;6%T8VAI;F@=AE(IO8B!P;W-T:6YG+!J=7-T('1O(=O(]N
M(QU;F-H(`)(`*G5NR!T;R!GF5E:R!D:6YEG,@F5C;VUM96YD960@
[EMAIL PROTECTED]F%N='IE;B!A;F0@5R:%PR!M;W)E(`@2`@(`II;7!O
MG1A;G1L2P@(AA=F4@V]M971H:6YG(EM')E[EMAIL PROTECTED]\@'5T(]N
M('EO=7(@[EMAIL PROTECTED]@(`@(`D@(`*(`@(`@0D@(`)(`@2`@(`@
M(`)(`@(`)(`@(`)(`@(`)(`@(`H)2`@(`@(`)(`@(`@2`@
M(`@2`@(`@2`@(`)(`@(`@2`@(`@CT]/3T]/3T]/3T]/3T]/3T]
M/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]/3T]
M/3T]/3T]/3T)(`@B,R.B!)1`Q,S8X.$)2('!A2!S8V%L92!S=%R=',@
M870@)#$U+VAO=7(N(`D)(`D)(`@(`@E1H:7,@]S:71I;VX@:7,@W!E
M8VEF:6-A;QY(EN=5N95D(9OB!A(=R861U871E('-T=61E;G0@2`@
M(`D@(`@(`@G=I=@@F5L979A;[EMAIL PROTECTED])I96YC92!A;F0O;W(@')O
M9W)A;6UI;F@VMI;[EMAIL PROTECTED]'5R871I;[EMAIL
PROTECTED](`)(`@(`*%Y(')A
M=[EMAIL PROTECTED];!D97!E;F0@;VX@6]UB!A8FEL:71Y('1O($%1$DN(`D@(`D@
M(`@(`)(`)(`H@(`)(`)(`@(`)(`D@(`@(`)(`@(`@2`@(`@
M0D@(`I;W(@=AIR!P;W-I=EO;B!W92!S965K(%N($E3(=R861U871E
M('-T=61E;[EMAIL PROTECTED][EMAIL
PROTECTED]:R!O;B!A('9AFEE='D)F]F(-H86QL96YG:6YG
M('!R;VIE8W1S+B!!F5AR!O9B!I;G1EF5S=!I;F-L=61E('-E8W5R:71Y
M(5V96YT2`*=FES=6%L:7IA=EO;BP@;]G(%N86QYVES+!UV5R+6-E
M;G1R:6,@:61E;G1I='DL(AO;F5Y;F5T+V1AFMN970L(`@(`@(`IA;F0@
M=')A9F9I8R!A;F]M86QY(1E=5C=EO;B`M+2!S5C:69I8R!PF]J96-T
MR!W:6QL(1E5N9!I;B!P87)T(`@(`@F]N('[EMAIL PROTECTED]@87)E
M(EN=5R97-T960@:[EMAIL PROTECTED]AA=!M:6=H=!H879E('9A;'5E('1O(IURHN
M(`D@(`)(`@B`@(`@(`)(`@(`D@(`@(`D@(`@(`@2`@(`@(`D@
M(`@(`D@(`)(`)(`@(`@2`*(`D)(`@(`@2`@(`@0D@(`)(`@
M(`@(`D@2`*7U]?7U]?7U]?7U]?7U]?7U]?7U]?7U]?7U]?7U]?7U]?7U]?
M7U]?7U]?7U]?7U]?7U]?7U]?7U]?7U]?7U]?7U]?7U]?7PD@(`@(`*06QL
M(]F('1H92!A8F]V92!IR!E;G1IF5L2!M2!I;G1E')E=%T:6]N+!F
M;W)M86P@:F]B(1EV-R:7!T:6]NPD@(`IA;F0@;W1H97(@W5C:!D971A
M:6QS(-A;B!B92!F;W5N9!O;B!C87)E97)B=6EL95R+B`@(`@(`)2`@
M(`*(`@0D@(`@(`)(`@(`@0D@(`@(`@2`)(`D@(`@(`D@(`*
`
end
Re: Issue compiling a program on OpenBSD
Linux fanbois are annoying. So are OpenBSD fanbois. On Thu, Mar 27, 2008 at 6:20 PM, Girish Venkatachalam [EMAIL PROTECTED] wrote: On 16:30:50 Mar 27, Ross Cameron wrote: Basically I want to strip the system down as much as possible, practically nothing would be good. My GNU/Linux appliances ran on a 4MB system image. Please don't insult OpenBSD by comparing with linux. ;) Have you ever seen the source code of OpenBSD kernel? Have you considered how the kernel build system is organized? Have you seen the linux kernel source? What do you mean by practically nothing would be good? And oh by the way OpenBSD is not a kernel, it is an operating system and many people still dunno the difference between the two. You have the choice of putting practically nothing by choosing only those distributions you want in the install stage. Another thing you could do is take a look at crunchgen(1). # cd /usr/src/distrib/crunch # make # make install man crunchgen It is only because linux kernel is so modular (laugh) that people want to build their own kernel. And to tell you honestly I still dunno how to compile and install a linux kernel. And it varies between distros to make things worse. And it is easier to compile an OpenBSD kernel than to compile a linux userland app. Please don't retrofit OpenBSD to fit into the linux mould. It is unfortunate that such garbage like linux is so popular. I guess people do not read the kernel source. But the world always had more fools than smart people... -Girish -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk This officer's men seem to follow him merely out of idle curiosity. -- Sandhurst officer cadet evaluation. Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted. -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0feature=related
Re: RAMdisk, not for boot, how?
On Thu, 27 Mar 2008 18:09:37 +0800, Uwe Dippel wrote: I don't know if this makes a lot of sense or any, but I was thinking that flash memory doesn't like too many writes. So I was thinking of creating one or two RAMdisks, for all those temporary reads and writes that I need, and only store the final result on the flash. The whole system will run from flash, true, but the directory with plenty of writes and processing should run in RAM. So I'd like to create a drive in RAM and then mount this drive as for the busy directory. Does this make sense? If yes, how to do it? Not really. The legend of CF wearing out should also be worn out by now for all practical purposes. When I first worked with the earliest nvram the life was very short (in write cycles) now I cannot deliberately wear out CF in any reasonable time. Running an OpenBSD firewall on a Soekris using Apacer 256MB CF I used the most verbose logging I could set up including for spamd handling 2 domains. After an install and two version installs (well over a year) I moved spamd onto the mailserver it protects but I'm still using the same old CF. If you want to be really really conservative buy a good brand, much larger than you need (= more spare cells) and replace it annually. Send your cast offs to any developer who would like to have them and he will get years of service out of most of them. Fiddle-arsing around doing fancy installs and using up limited RAM to be pretend disks ain't worth the effort. Generic installs Just Work (TM) and I've never lost a CF on client machines either and some of those are really busy little firewalls handling roadwarrior VPNs for a financial services company of considerable repute. The CF wearout meme needs to die. On-list replies will suffice. Private replies only to the reply-to: thanks. Uwe Rod/ /earth: write failed, file system is full cp: /earth/creatures: No space left on device
Dangers to upgrading without install kernel
Hello, The online upgrade documentation [1] is fairly vehement about its recommendation regarding the use of the install kernel when upgrading. I was wondering why? What dangers await someone going down the remote upgrade path? /juan [1] http://www.openbsd.org/faq/upgrade42.html#upgrade __ Looking for the perfect gift? Give the gift of Flickr! http://www.flickr.com/gift/
Re: wrong files on ftp://ftp.openbsd.org/pub/OpenBSD/4.2/ ?
On Thu, Mar 27, 2008 at 08:55:15PM -0400, Juan Miscaro wrote: --- Jacob Meuser [EMAIL PROTECTED] wrote: On Sat, Mar 22, 2008 at 03:55:20PM -0400, Juan Miscaro wrote: Seems like something a lot of people get bitten by. How does one stay informed on this snapshot libc/packages synchronization issue? subscribe to [EMAIL PROTECTED] to see when libc bumps happen, then check the dates of the snapshots and packages. The subject titles of the messages to that list are non-informative. Do you mean that I should read every one that says: CVS: cvs.openbsd.org: src ? you could use procmail or some other mail filter to make it a little easier I suppose. but, this is only a problem in -current. if you are running -current, you should be paying attention to the changes that are happening. and the easiest way to do that is to read the mail from source-changes. -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
Re: wrong files on ftp://ftp.openbsd.org/pub/OpenBSD/4.2/ ?
On Fri, Mar 28, 2008 at 01:00:03AM +, Jacob Meuser wrote: On Thu, Mar 27, 2008 at 08:55:15PM -0400, Juan Miscaro wrote: --- Jacob Meuser [EMAIL PROTECTED] wrote: On Sat, Mar 22, 2008 at 03:55:20PM -0400, Juan Miscaro wrote: Seems like something a lot of people get bitten by. How does one stay informed on this snapshot libc/packages synchronization issue? subscribe to [EMAIL PROTECTED] to see when libc bumps happen, then check the dates of the snapshots and packages. The subject titles of the messages to that list are non-informative. Do you mean that I should read every one that says: CVS: cvs.openbsd.org: src ? you could use procmail or some other mail filter to make it a little easier I suppose. but, this is only a problem in -current. if you are running -current, you should be paying attention to the changes that are happening. and the easiest way to do that is to read the mail from source-changes. or of course, you could just check cvs instead of mailing lists of cvs changes. src/lib/libc/shlib_version. other libraries use similar files. -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
Re: RAMdisk, not for boot, how?
On 3/28/08 1:20 AM, Rod Whitworth wrote: The CF wearout meme needs to die. Specs, it's all about specs, it seems a fact to me that standard CF cards, as used in camera's, often without any technical specification other than size, cannot be written as often as ordinary harddisks. The foreseeable future people need to be really careful while choosing memory cards as hard disk replacements. +++chefren
Re: RAMdisk, not for boot, how?
On Fri, 28 Mar 2008 02:51:33 +0100, chefren wrote: On 3/28/08 1:20 AM, Rod Whitworth wrote: The CF wearout meme needs to die. Specs, it's all about specs, it seems a fact to me that standard CF cards, as used in camera's, often without any technical specification other than size, cannot be written as often as ordinary harddisks. The Apacer cards I use are PhotoSteno III made for camera use and I cannot kill one. Maybe you can wear one out in several years but you will never have a head crash or motor failure. SanDisk gives a five year warranty with no mention of write cycle limitations and I did see a data sheet somewhere that showed you could shoot a CF full of pix every day and erase them every night for 27 years and still not reach the write cycle limit. I cannot remember what brand that was. I have lost cout of failed HDDs around here and never lost a byte on CF. There are nearly as many CFs here as HDDs now and if you have a look at new laptops you'll see more and more SSHD and hybrids every time a new model comes out. Practically speaking if you buy a decent brand of CF or spend the extra on an industrial model you can expect years of service out of it. I'm sure that Bamboo Charlie makes cheapies in CF as well as mobos and other junk, don't buy from him The foreseeable future people need to be really careful while choosing memory cards as hard disk replacements. Bought any Seagate drives lately? ;) +++chefren Rod/ /earth: write failed, file system is full cp: /earth/creatures: No space left on device
Re: Dangers to upgrading without install kernel
Juan Miscaro wrote: Hello, The online upgrade documentation [1] is fairly vehement about its recommendation regarding the use of the install kernel when upgrading. I was wondering why? What dangers await someone going down the remote upgrade path? /juan [1] http://www.openbsd.org/faq/upgrade42.html#upgrade IF you follow the remote upgrade process properly, it works. When I write it, I test first on a machine in my lab, then one in my basement, then one across town that is my mail and web server, and then a bunch of other machines. So, by the time I remove the warning notes from the new version of the file, it's ready for use. I don't recall anyone reporting that they followed the upgradeXX.html and their system died because of it. However, I don't get a lot of test reports for the process, a lot more testing goes on for the install kernel process. HOWEVER, there is stuff that can happen. If you are in front of the machine running the install kernel, you have a much better chance of dealing with it. The number of ways things can go right is very finite, typically. The number of ways things can go bad is...big. Really big. Here are just a few things that could go wrong: IF you were doing 4.1 - 4.2 upgrade and your machine happened to be one of the five that someone estimated might be impacted by the ahci driver change, you would be really unhappy if you had no serial console on the system, as your machine would suddenly refuse to boot, because your HD became sd(4) devices instead of wd(4) devices. Same goes if you were any of the twenty or so people who guessed their machines would do that, and didn't. If your hard disk developed a bad spot that didn't impact operation and yet prevented booting, you will be unhappy when you reboot (been there, done that. In my case, I saw the warning signs in dmesg, and knew the machine would probably not come back up. You might not be so lucky or observant). You could easily fat-finger something, installing (say) the new kernel in the wrong place and finding out the old kernel doesn't support the new userland. You could be trying to install i386 file sets on your sparc64 system. (been there, done that, too. Works great, until you hit reboot) Your system will be semi-functional during the upgrade, this may be bad, or may be good, or may be completely indifferent. When you use the install kernel, the system is in a known state: it is DOWN, and it will stay that way until you reboot it AFTER the upgrade. However, there are several interesting time periods on the live system upgrade -- early on, you are running with the new kernel and old userland. PF doesn't always come up in that situation...so you may be running without any filters for any apps on the machine. Those apps may be running or maybe not. Those apps may start out running, then blow up once you start unpacking the userland files (hello, Sendmail!). Maybe your machine is involved in a CARP set, during the upgrade maybe it is, maybe it isn't, and maybe it shouldn't be while mid-upgrade but maybe it is anyway. In other words, you will get to your destination, but the states in the between start and finish may not be fully understood by you, and you may not be happy with the impact of that interim time. Again, this is not intended to be a complete list of what could go wrong for you. The remote upgrade process is here because a lot of people who understand their systems need it, and I need it, so I spend the time working on it. However, it's not officially recommended process, rebuilding a live system remotely is just not quite as error tolerant as using an install kernel locally. We'd be nuts to try to tell you otherwise. Nick.
i have lost /etc
Hi list, Please someone help me I have deleted my /etc dir (rm -rf /etc), is there any way to recover it, or there is a way to recover my data stored in /home ??? Rergards !Capacidad ilimitada de almacenamiento en tu correo! No te preocupes mas por el espacio de tu cuenta con Correo Yahoo!: http://correo.yahoo.com.mx/
Re: RAMdisk, not for boot, how?
chefren wrote: On 3/28/08 1:20 AM, Rod Whitworth wrote: The CF wearout meme needs to die. Specs, it's all about specs, it seems a fact to me that standard CF cards, as used in camera's, often without any technical specification other than size, cannot be written as often as ordinary harddisks. maybe, maybe not. Rod's right, though... I've never seen a flash media die from write fatigue. I have seen and heard of a fair number die for other reasons. There are reasons to use flash media. Reliability is not one of them in my mind. They are small, they are quiet, they are low power, they are vibration resistant. They last a long time...usually. But they can fail. The foreseeable future people need to be really careful while choosing memory cards as hard disk replacements. I agree, but not for the reasons usually given. If you are using a flash drive to avoid worrying about failures, you are fooling yourself..even if the flash drives were PERFECT, there are other parts of the computer that fail, and there are user errors. SO, you still need the EXACT SAME recovery processes in place for flash drives as you do for disks. Using flash doesn't let you dodge recovery and backup needs. If you try to shoe-horn a big system into a small flash drive and make something you don't properly maintain (key issue is DO YOU maintain it, not COULD you maintain it. Doesn't matter what you could do if you don't), the system will be less reliable. If you have an app where you need or want low power, quiet or small, go ahead, use flash media, but for goodness sake, don't screw up a really good OS by trying to meet some goal that is completely bogus. Just use it as normal, and maintain it as normal. Odds are, something else will take your system down long before write fatigue does, most likely, it will be your butchery of a working solution. It's the unexpected downtime that counts, not the reason. Who the frick cares that you tried to avoid a one-in-five-year hypothetical failure if you caused several days of very non-hypothetical downtime as a result? A simple, standard install will out-perform your hacked up mess every time. Someone posted an article recently about people liking to use Linux because they like tweaking and adjusting and working with the system. I've worked with people like that -- they are smart and clever and will cause hours of downtime to avoid a totally non-problem (or on really cool technology. This don't write to flash is a perfect example. If you wish to set a goal for yourself of I don't wish to ever write to this disk, great. BUT don't tell yourself or anyone else this frankensystem is better than the normal installation. So, if your goal is a reliable system, keep it simple. If your goal is to have fun, do so. But don't confuse having fun with doing good work. Yes, you learn more by breaking things, but you impress people more if you break 'em off-line, and use that knowledge to keep your production stuff running and repaired quickly when it breaks. Nick.
Re: i have lost /etc
On Thu, Mar 27, 2008 at 08:56:41PM -0500, Rafael Morales wrote: Please someone help me I have deleted my /etc dir (rm -rf /etc), is there any way to recover it, or there is a way to recover my data stored in /home ??? For /etc look in /var/backups/ (for /home you're on your own).
Re: i have lost /etc
Rafael Morales wrote: Hi list, Please someone help me I have deleted my /etc dir (rm -rf /etc), is there any way to recover it, or there is a way to recover my data stored in /home ??? Rergards restore from backup? :) something tells me this is not an option. Actually, even if it is an option, you probably need to get the system up enough to do your restore... Several ways. Easiest might just be to reinstall OpenBSD from scratch, but don't touch your /home partition (when it asks where to mount it, say none), then add it to /etc/fstab after reboot. You did put /home in a separate partition, right? :) You could also boot bsd.rd, and do something like: mount /dev/wd0a /mnt cd /mnt tar xzpf /path/etc.tgz then go through and re-customize it. You will be worried about hostname.if, hosts, myname, mygate, resolv.conf, but also other files, too. (now you can restore from your backup. :) Once you get the system gimping along, take a look in /var/backups. Now, vow to kiss the feet of the person who did that person should you ever meet them. Or buy them a beer, which they will probably prefer anyway. This doesn't apply if you reloaded the whole system and blew away your /var partition. You did have /var in a separate partition, right? Nick.
Re: i have lost /etc
forgot something: Nick Holland wrote: ... You could also boot bsd.rd, and do something like: mount /dev/wd0a /mnt cd /mnt tar xzpf /path/etc.tgz er.. one potential problem with that: it will overwrite parts of your /var partition, which may or may not be a problem for you (i.e., if you have a really complex httpd configuration, it is will get overwritten with the default). Again, /var/backups is your friend. Nick.
Re: pfstatd crash?
On Thu, Mar 27, 2008 at 08:43:56AM +, clifford bailey wrote: Thanks Daniel, I'll give that a go! I'm surprised no-one has come across this before, is pfstatd not widely used? I'm looking at using custom snmp traps to gather this information instead, but that also looks like a non-standard method. What do most people use for pf performance monitoring? Cliff. -snip In our environment we parse the pfctl -vv -s Interfaces -i interface output with a simpe 20+-line Perl script and feed that to rrdtool running on another machine through ssh. No need for a daemon to run on the firewall and Perl is already included in the base install. -- Egbert Krook System/Network Engineer Amarin Printing and Publishing Public Co., Ltd.
