Re: uvideo trouble with snapshot of 20080717
Hi, Maxim Belooussov wrote: Hi all, Lenovo X300, snapshot for i386, from 20080717 (also 20080716) dumps into dbb on boot on uvideo: uvm_fault(0xd0814b20, 0x0, 0, 1) - e kernel: page fault trap, code=0 Stopped at uvideo_vs_negotiation+0x81: mov10x15(%eax),%eax ddb{0} //no console to capture output, made some photos// last line of output from trace: Bad frame pointer: 0xd09555e78 Previous snapshot of a week ago was booting just fine, I sent in the dmesg to [EMAIL PROTECTED] few days back. snippet from previous dmesg: uvideo0 at uhub6 port 1 configuration 1 interface 0 Chicony Electronics Co., Ltd. product 0x4807 rev 2.00/31.25 addr 2 video0 at uvideo0 Disabling uvideo* on ukc allows kernel to boot. (the machine has 4G of ram, sounds like a problem already reported) Should I file a bug for this one? Any cluesticks/patches to try are appreciated. I can send the pictures of trace/ps if contacted off-list. Maxim Recently I've got several reports from users showing an uvm_fault crash in uvideo_vs_negotiation() and uvideo_vs_parse_desc_frame_uncompressed() Since I can't reproduce this crash here with my two cams at all, I would be glad if somebody could give me temporary access to such a machine, so we can fix this bug and move on. If you can do that please drop me a private mail. Thanks, Marcus -- [ Marcus Glocker, [EMAIL PROTECTED], [EMAIL PROTECTED] ]
OpenBSD 4.3 FAQ in PDF?
i don't have 24 hours connection at home, and want read FAQ OpenBSD 4.3 in PDF format. in this address i can read 4.3 FAQ http://openbsd.org/faq/index.html but when i try to download from pub/OpenBSD/doc at FTP mirrors, this FAQ for 4.2 version not for 4.3 where i can download 4.3 FAQ in PDF format? thx
Re: Can't scp, ssh is slow to authenticate.
On Mon, 21 Jul 2008 16:04:59 -0600 Theo de Raadt [EMAIL PROTECTED] wrote: These are both local machines, why would DNS be required? Because in the modern world DNS -- or any other kind of reliable name-address + address-name mapping -- is required. You might as well get used to it. Yes, but why does DNS need to talk to God above? Dhu
Dell D600 reporting wrong CPU speed on -current?
My Dell Latitude D600 seems to be reporting wrong cpu-speed. The dmesg says acpicpu0 at acpi0: C3, C3, C2, C1, FVS, 1600, 1600, 1400, 1200, 1000, 800, 600 M Hz which I believe to be correct. But this is what I get from sysctl hw.cpuspeed=600 hw.setperf=100 Changing hw.setperf makes no difference hw.cpuspeed=600 hw.setperf=50 Any ideas what might be wrong here? /Markus $ sysctl hw hw.machine=i386 hw.model=Intel(R) Pentium(R) M processor 1600MHz (GenuineIntel 686- class) hw.ncpu=1 hw.byteorder=1234 hw.pagesize=4096 hw.disknames=wd0,cd0 hw.diskcount=2 hw.sensors.acpitz0.temp0=33.55 degC (zone temperature) hw.sensors.acpiac0.indicator0=On (power supply) hw.cpuspeed=600 hw.setperf=100 hw.vendor=Dell Computer Corporation hw.product=Latitude D600 hw.serialno=1T8W01J hw.uuid=44454c4c-5400-1038-8057-b1c04f30314a hw.physmem=536104960 hw.usermem=536092672 OpenBSD 4.4-beta (GENERIC) #1: Mon Jul 21 20:21:23 CEST 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1600MHz (GenuineIntel 686- class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH, DS,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2 real mem = 536104960 (511MB) avail mem = 510164992 (486MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/15/03, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf8cc0 (62 entries) bios0: vendor Dell Computer Corporation version A09 date 12/15/2003 bios0: Dell Computer Corporation Latitude D600 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP ASF! acpi0: wakeup devices LID_(S3) PBTN(S4) PCI0(S3) USB0(S1) USB1(S1) USB2 (S1) USB3(S1) MODM(S3) PCIE(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (AGP_) acpiprt2 at acpi0: bus 2 (PCIE) acpicpu0 at acpi0: C3, C3, C2, C1, FVS, 1600, 1600, 1400, 1200, 1000, 800, 600 MHz acpitz0 at acpi0: critical temperature 102 degC acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT0 not present acpibat1 at acpi0: BAT1 not present acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: PBTN acpibtn2 at acpi0: SBTN acpidock at acpi0 not configured acpivideo at acpi0 not configured bios0: ROM list: 0xc/0x1 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82855PM Host rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82855PM AGP rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M9 Lf rev 0x01 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: aperture at 0xe000, size 0x800 uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x01: irq 11 uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x01: irq 11 uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x01: irq 11 ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x01: irq 11 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x81 pci2 at ppb1 bus 2 bge0 at pci2 dev 0 function 0 Broadcom BCM5702X rev 0x02, BCM5703 A2 (0x1002): irq 11, address 00:0d:56:df:f9:b0 brgphy0 at bge0 phy 1: BCM5703 10/100/1000baseT PHY, rev. 2 cbb0 at pci2 dev 1 function 0 O2 Micro OZ711EC1 SmartCardBus rev 0x20: irq 11, CardBus support disabled cbb1 at pci2 dev 1 function 1 O2 Micro OZ711EC1 SmartCardBus rev 0x20: irq 11, CardBus support disabled ipw0 at pci2 dev 3 function 0 Intel PRO/Wireless 2100 rev 0x04: irq 11, address 00:04:23:a3:30:07 cardslot0 at cbb0 slot 0 flags 0 pcmcia0 at cardslot0 cardslot1 at cbb1 slot 1 flags 0 pcmcia1 at cardslot1 ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x01 pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: HTS548040M9AT00 wd0: 16-sector PIO, LBA48, 38154MB, 78140160 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets, initiator 7 cd0 at scsibus0 targ 0 lun 0: QSI, CDRW/DVD SBW-242, UD30 ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 auich0 at pci0 dev 31 function 5 Intel 82801DB AC97 rev 0x01: irq 11, ICH4 AC97 ac97: codec id 0x83847650 (SigmaTel STAC9750/51) ac97: codec features headphone, 20 bit DAC, 20 bit ADC, SigmaTel 3D audio0 at auich0 usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq
Re: clock on alic3 board
Hai, Sorry to bother you again, however doing ntpd -s I got # tail -f /var/log/daemon Jul 21 15:04:29 pceng4 ntpd[8943]: listening on 192.168.1.200 Jul 21 15:04:29 pceng4 ntpd[8943]: listening on fe80:1::20d:b9ff:fe14:ef48 Jul 21 15:04:29 pceng4 ntpd[8943]: listening on 192.168.10.200 Jul 21 15:04:29 pceng4 ntpd[8943]: listening on fe80:2::20d:b9ff:fe14:ef49 Jul 21 15:04:29 pceng4 ntpd[8943]: listening on 192.168.3.200 Jul 21 15:04:29 pceng4 ntpd[8943]: listening on fe80:4::20b:6bff:fe87:6739 Jul 21 15:04:29 pceng4 ntpd[8943]: ntp engine ready Jul 22 15:13:13 pceng4 ntpd[4869]: set local clock to Tue Jul 22 15:13:13 WIT 2008 (offset 86923.596141s) Jul 22 15:13:13 pceng4 ntpd[8943]: 0 out of 1 peers valid Jul 22 15:13:13 pceng4 ntpd[8943]: bad peer 10.10.10.33 (10.10.10.33) # ps auxw |grep ntp _ntp 8943 0.0 0.3 368 796 ?? IsMon03PM0:00.02 ntpd: ntp engine (ntpd) root 31795 0.0 0.2 368 508 ?? Is 3:13PM0:00.00 ntpd: [priv] (ntpd) root 9797 0.0 0.3 244 732 p0 S+ 3:13PM0:00.01 grep ntp my ntpd.conf # cat /etc/ntpd.conf # $OpenBSD: ntpd.conf,v 1.8 2007/07/13 09:05:52 henning Exp $ # sample ntpd configuration file, see ntpd.conf(5) # Addresses to listen on (ntpd does not listen by default) listen on * # sync to a single server server 10.10.10.33 #sensor nmea0 Thanks and best regards, Riwan Marc Balmer wrote: * Alexander Hall wrote: [...] True. A little addition for the archives (since it's been a while now): $ date -r 86908 Fri Jan 2 01:08:28 CET 1970 Oops. My bad. A better approach (combined with correct reading): $ date -ur 0 Thu Jan 1 00:00:00 UTC 1970 $ date -ur 86908 Fri Jan 2 00:08:28 UTC 1970 So that would mean a little more than _one_day_ and eight minutes... No wonder it would take a few months (I was surprised and not at all convinced by my calculations). :-) Remember that the ALIX.2/3 boards usually do not have a battery to backup a realtime clock. Their clocks always start at 0 when powered up, and 0 is the epoch, Jan. 1 1970. A mechanism like ntpd -s is needed for those boards. The ALIX.1B/C do have a battery, btw. - Marc Balmer
Re: clock on alic3 board
On 2008-07-19, Marc Balmer [EMAIL PROTECTED] wrote: Remember that the ALIX.2/3 boards usually do not have a battery to backup a realtime clock. 3c3 does. I think it's basically all the ones with a VGA bios.
Re: Can't scp, ssh is slow to authenticate.
On 2008-07-22, Duncan Patton a Campbell [EMAIL PROTECTED] wrote: On Mon, 21 Jul 2008 16:04:59 -0600 Theo de Raadt [EMAIL PROTECTED] wrote: These are both local machines, why would DNS be required? Because in the modern world DNS -- or any other kind of reliable name-address + address-name mapping -- is required. You might as well get used to it. Yes, but why does DNS need to talk to God above? I guess you mean why does DNS need to talk externally to look up an internal address? (in the case of this thread, an rfc1918 address). If that is what you mean, it's because the DNS server is misconfigured, it should not be sending requests for 168.192.in-addr.arpa and others externally, sometimes it will work, sometimes not, depends on how AS112 is on your part of the net (but you shouldn't rely on them anyway).
Re: clock on alic3 board
* Stuart Henderson wrote: On 2008-07-19, Marc Balmer [EMAIL PROTECTED] wrote: Remember that the ALIX.2/3 boards usually do not have a battery to backup a realtime clock. 3c3 does. I think it's basically all the ones with a VGA bios. Yes. the 1b, 1c, and 3c3
sparc64 cas0 error
Hi, sometimes I get this on my SUN Fire v440 when there is some traffic: cas0: status=7889090RXDONE,RX_COMP_FULL,RXMAC cas0 stops working then. Using ifconfig cas0 down/up only helps for a very short time. Only way to get it to work again for some time is a full reboot. This is using the latest snapshot: console is /[EMAIL PROTECTED],60/[EMAIL PROTECTED]/[EMAIL PROTECTED],3f8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2008 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.4-beta (GENERIC.MP) #364: Sun Jul 20 17:33:03 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/sparc64/compile/GENERIC.MP real mem = 8589934592 (8192MB) avail mem = 8369397760 (7981MB) mainbus0 at root: Sun Fire V440 cpu0 at mainbus0: SUNW,UltraSPARC-IIIi (rev 2.4) @ 1062 MHz cpu0: physical 32K instruction (32 b/l), 64K data (32 b/l), 1024K external (64 b/l) cpu1 at mainbus0: SUNW,UltraSPARC-IIIi (rev 2.4) @ 1062 MHz cpu1: physical 32K instruction (32 b/l), 64K data (32 b/l), 1024K external (64 b/l) cpu2 at mainbus0: SUNW,UltraSPARC-IIIi (rev 2.4) @ 1062 MHz cpu2: physical 32K instruction (32 b/l), 64K data (32 b/l), 1024K external (64 b/l) cpu3 at mainbus0: SUNW,UltraSPARC-IIIi (rev 2.4) @ 1062 MHz cpu3: physical 32K instruction (32 b/l), 64K data (32 b/l), 1024K external (64 b/l) memory-controller at mainbus0 not configured memory-controller at mainbus0 not configured memory-controller at mainbus0 not configured memory-controller at mainbus0 not configured schizo0 at mainbus0: Tomatillo, version 4, ign 700, bus A 0 to 0 schizo0: dvma map c000-dfff, iotdb 5174000-51f4000 pci0 at schizo0 cas0 at pci0 dev 2 function 0 Sun Cassini rev 0x20: ivec 0x718, address 00:03:ba:66:75:d1 brgphy0 at cas0 phy 1: BCM5421 10/100/1000baseT PHY, rev. 1 ppm at mainbus0 not configured schizo1 at mainbus0: Tomatillo, version 4, ign 740, bus B 0 to 0 schizo1: dvma map c000-dfff, iotdb 552c000-55ac000 pci1 at schizo1 mpi0 at pci1 dev 2 function 0 Symbios Logic 53c1030 rev 0x08: ivec 0x740 scsibus0 at mpi0: 16 targets, initiator 7 schizo2 at mainbus0: Tomatillo, version 4, ign 780, bus A 0 to 0 schizo2: dvma map c000-dfff, iotdb 5694000-5714000 pci2 at schizo2 ebus0 at pci2 dev 7 function 0 Acer Labs M1533 ISA rev 0x00 flashprom at ebus0 addr 0-f, 290-290 not configured rtc0 at ebus0 addr 70-71: m5819p pcfiic0 at ebus0 addr 320-321 ivec 0x1b iic0 at pcfiic0 SUNW,i2c-imax at iic0 addr 0xb not configured SUNW,i2c-imax at iic0 addr 0xc not configured admtemp0 at iic0 addr 0x18: max1617, cannot get control register pca9555 at iic0 addr 0x21 not configured pca9555 at iic0 addr 0x22 not configured pca9555 at iic0 addr 0x23 not configured pca9555 at iic0 addr 0x24 not configured adm1026 at iic0 addr 0x2e not configured admtemp1 at iic0 addr 0x32: max1617, cannot get control register admtemp2 at iic0 addr 0x40: max1617, cannot get control register admtemp3 at iic0 addr 0x48: max1617, cannot get control register lmtemp0 at iic0 addr 0x4e: lm75, fails to respond spd at iic0 addr 0x5b not configured spd at iic0 addr 0x5c not configured spd at iic0 addr 0x5d not configured spd at iic0 addr 0x5e not configured spd at iic0 addr 0x63 not configured spd at iic0 addr 0x64 not configured spd at iic0 addr 0x65 not configured spd at iic0 addr 0x66 not configured spd at iic0 addr 0x6b not configured spd at iic0 addr 0x6c not configured spd at iic0 addr 0x6d not configured spd at iic0 addr 0x6e not configured spd at iic0 addr 0x73 not configured spd at iic0 addr 0x74 not configured spd at iic0 addr 0x75 not configured spd at iic0 addr 0x76 not configured ics951601 at iic0 addr 0x69 not configured power0 at ebus0 addr 800-82f ivec 0x1a com0 at ebus0 addr 3f8-3ff ivec 0x22: ns16550a, 16 byte fifo com0: console com1 at ebus0 addr 2e8-2ef ivec 0x22: ns16550a, 16 byte fifo rmc-comm at ebus0 addr 3e8-3ef ivec 0x22 not configured cas1 at pci2 dev 2 function 0 NS Saturn rev 0x30: ivec 0x78c, address 00:14:4f:1e:d6:b4 gentbi0 at cas1 phy 0: Generic ten-bit interface, rev. 0 ATI Rage XL rev 0x27 at pci2 dev 4 function 0 not configured alipm0 at pci2 dev 6 function 0 Acer Labs M7101 Power rev 0x00: 223KHz clock iic1 at alipm0 ohci0 at pci2 dev 10 function 0 Acer Labs M5237 USB rev 0x03: ivec 0x7a1, version 1.0, legacy support ohci1 at pci2 dev 11 function 0 Acer Labs M5237 USB rev 0x03: ivec 0x7a5, version 1.0, legacy support pciide0 at pci2 dev 13 function 0 Acer Labs M5229 UDMA IDE rev 0xc4: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide0: using ivec 0x7a6 for native-PCI interrupt atapiscsi0 at pciide0 channel 0 drive 0 scsibus1 at atapiscsi0: 2 targets, initiator 7 cd0 at scsibus1 targ 0 lun 0: TOSHIBA, DVD-ROM SD-C2612, 1011 ATAPI 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) usb0 at ohci0: USB revision 1.0 uhub0 at usb0
Re: ping: sendto: No buffer space available when using bittorrent or another p2p
On Mon, Jul 21, 2008 at 10:53:23AM -0600, Daniel Melameth wrote: On Mon, Jul 21, 2008 at 10:39 AM, Joe Warren-Meeks [EMAIL PROTECTED] wrote: The default limit for number of states is quite low. Try adding the following to pf.conf and running pfctl -vf /etc/pf.conf set limit { states 5000, frags 5000, src-nodes 5000 } You can up the values if they are too low. Use pfctl -s info to view how many entries there are in the state table beforehand and compare it to afterwards. FWIW, the default state and src-nodes limit is twice what you have above. Oops you are right :-) That was meant to be 5, not 5000. I have mine set to 500,000, as we have loads of ram and a load of busy sites. -- joe. It'll cost you many a shilling.
Re: [ landisk ] - install w/o the serial console
hello, https://tiifp.org/landisk.html maybe this helps. thomas On Thu, Jul 17, 2008 at 03:43:34PM +0200, Joel CARNAT wrote: Hello, I have a serial console on my Plextor PX-EH40L which seems to be broken now (no RX available). After quite a few testings of various OSes, the disk is now blanked. Until I get a new serial console, I'd like to try OpenBSD 4.4 on that disk. I couldn't find the procedure to manually install OpenBSD on it. I'm not talking about the disklabel/fdisk/newfs/tar part :) I can probably manage that one. I'm more concerned about making the installation bootable. Is the INSTALLBOOT(8) command enough to prepare the disk to boot the system ? Let's say I boot OpenBSD/i386 on my laptop. Prepare and untar /landisk binaries onto /mnt ; the disk being pluggued via an IDE/USB adapter and recognised as /dev/sd0. Would the following commands make the disk bootable ? # cp -p /mnt/usr/mdec/boot /mnt/boot # /usr/mdec/installboot -v /mnt/boot /mnt/usr/mdec/biosboot sd0 TIA, Jo
Re: Can't scp, ssh is slow to authenticate.
Nuno MagalhC#es escreveu: Your DNS is setup wrong. Too vague. Try setting UseDNS no on the server in /etc/ssh/sshd_config. That solved the slowness, thanks. I tried -HUP ing the sshd processes but that didn't solve it at once (it only killed my connections fo course); reboting the machine did, now it logs in fast. Is there another way that doesn't involve rebooting or did i do something wrong? What happens if you use a target path scp -vr ~/folder/folder/ 192.168.2.80:/path/path You mean an absolute path? Like /home/user/folder or something? No effect, same results (i.e. no transfer is done). I tried both in the source and in the destination. What does your UseDNS line look like? It was comented out, now is UseDNS no according to Michael Lechtermann's suggestion. check if you can execute the scp binary on both machines As i said, i can. some checks on permisssions on both hosts Everything's normal. try to see if the subsystem sftp-server is enable on the ssh server, It was, i comented it out. I've installed and tried to configure vsftpd without success but it's not running (neither by default). These are both local machines, why would DNS be required? I added the IP adress to the /etc/hosts file but i'm not sure if i did it right and i'm using DHCP so that wouldn't be a permanent solution. I'm probably missing something really simple... I think that someone forgot to reply-to all and some messages went in private. Also, copying and pasting messages of various persons to answer them all in one mail isn't polite. DNS is the heart of everything today. Why do you think that everybody went nuts when a supposedly dns vulnerability appeared? And, when IPv6 become a standard (i hope it will be soon), do you expect to remember a 128-bit address? DNS *is* very important. And, as you are seeing, it is important even on a local net. I do have a little guess that might be right. I had some problems on older versions of ubuntu with GSSAPI authentication. I had to comment it out on the ssh_config file. You can do this in /etc/ssh/ssh_config. Check if you have this line: GSSAPIAuthentication yes If it is yes (which isn't the ssh default), change it to no, then try again. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Heron 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
Re: OpenBSD 4.3 FAQ in PDF?
On Tue, Jul 22, 2008 at 4:18 AM, my mail [EMAIL PROTECTED] wrote: i don't have 24 hours connection at home, and want read FAQ OpenBSD 4.3 in PDF format. in this address i can read 4.3 FAQ http://openbsd.org/faq/index.html but when i try to download from pub/OpenBSD/doc at FTP mirrors, this FAQ for 4.2 version not for 4.3 where i can download 4.3 FAQ in PDF format? thx It looks like it doesn't exist right now. Why don't you just download all the FAQ pages? for i in 1 2 3 4 5 6 7 8 9; do ftp http://openbsd.org/faq/faq0${i}.html done for i in 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq${i}.html done
Re: OpenBSD 4.3 FAQ in PDF?
It looks like it doesn't exist right now. Why don't you just download all the FAQ pages? for i in 1 2 3 4 5 6 7 8 9; do ftp http://openbsd.org/faq/faq0${i}.html done for i in 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq${i}.html done Wouldn't it be simpler to be done in one loop? for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq${i}.html done ftp http://openbsd.org/faq/index.html But I'm just thinking about tools like wget or curl?! Though they are AFAIK not in the base-system. BTW: Cc-ing to the list messes up some MUAs reply-to-list functionality. Thank you for not doing this anymore. --Julian -- Fortune of the hour: To be or not to be. -- Shakespeare To do is to be. -- Nietzsche To be is to do. -- Sartre Do be do be do. -- Sinatra
Re: OpenBSD 4.3 FAQ in PDF?
On Tuesday July 22 2008 09:04, you wrote: for i in 1 2 3 4 5 6 7 8 9; do ftp http://openbsd.org/faq/faq0${i}.html done for i in 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq${i}.html done Wouldn't it be simpler to be done in one loop? for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq${i}.html done ftp http://openbsd.org/faq/index.html Note that the 2 loops are not the same. You'd need: for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq`printf %02d $i`.html done The number list could be collapsed into `seq 1 15` on a system with seq installed. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Xft font rendering extremely slow
I recently configured urxvt to use an Xft font, specifically LucidaTypewriter. I noticed after doing so that font rendering is extremely slow -- Page-Down'ing a manpage takes 25% of the CPU, whereas using the Fixed font uses 0% of the CPU. Also, when conky is configured to use an Xft font, it uses about 4% of the CPU (0% when using the Fixed font). Navigating a web-page that uses an Xft font gives major lag. Why is this? I'm using OpenBSD 4.3. I can provide a dmesg by request.
Re: OpenBSD 4.3 FAQ in PDF?
Wouldn't it be simpler to be done in one loop? Oh, yes it would. I was thinking about fixed width fields. I have so many nightmares about them and shell scripts since I don't know how to deal with them there that I didn't notice the FAQ isn't numbered with them. Tell me about it. ;-) But I'm just thinking about tools like wget or curl?! Though they are AFAIK not in the base-system. yeah, I had wget there at first until I remembered. :) BTW: Cc-ing to the list messes up some MUAs reply-to-list functionality. Thank you for not doing this anymore. Or: Thank you for fixing your buggy mailer. Sorry for that, someone was stepping on my nerves before and I must have projected it on to you. You know how that sometimes is. BTW: I fixed that mailer now. --Julian -- Fortune of the hour: You teach best what you most need to learn.
Re: OpenBSD 4.3 FAQ in PDF?
Note that the 2 loops are not the same. You'd need: for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq`printf %02d $i`.html done No you don't. Check the actual files. It's faq1.html to faq15.html The number list could be collapsed into `seq 1 15` on a system with seq installed. Wright. But if we had something installed. We could have used wget. --Julian -- Fortune of the hour: You teach best what you most need to learn.
Re: Can't scp, ssh is slow to authenticate.
I'll just skip the part where you egotrip. Check if you have this line: GSSAPIAuthentication yes If it is yes (which isn't the ssh default), change it to no, then try again. It was yes, became no, still doesn't work. So far all of your suggestions amounted to nothing useful, much like your rants but hey, if the Theo guy can act like an ass i guess you can too, i mean, he's the boss and all... In the meantime, i'll do something useful, like trying suggestions other (nice) posters provided. Stay tuned :) -- Nuno MagalhC#es
Re: OpenBSD 4.3 FAQ in PDF?
On Tue, Jul 22, 2008 at 09:32:15AM -0500, Daniel A. Ramaley wrote: The number list could be collapsed into `seq 1 15` on a system with seq installed. Have you met jot(1)? -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: OpenBSD 4.3 FAQ in PDF?
Hi! On Tue, Jul 22, 2008 at 09:32:15AM -0500, Daniel A. Ramaley wrote: On Tuesday July 22 2008 09:04, you wrote: for i in 1 2 3 4 5 6 7 8 9; do ftp http://openbsd.org/faq/faq0${i}.html done for i in 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq${i}.html done Wouldn't it be simpler to be done in one loop? for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq${i}.html done ftp http://openbsd.org/faq/index.html Note that the 2 loops are not the same. You'd need: for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq`printf %02d $i`.html done The number list could be collapsed into `seq 1 15` on a system with seq installed. jot(1) helps. $ jot 15 1 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 $ jot -w%02d 15 1 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 $ Kind regards, Hannah.
bsd panic: bad frame pointer
OpenBSD 4.4.-beta i386 (dmesg at the bottom) This is the same system that I reported a bsd.mp panic on last night. Sometime over night the single processor generic bsd kernel panicked as well. As you'll see below, when I got my trace and ps I entered a boot reboot at the ddb prompt. The system did not reboot. Instead, it panicked again. The second trace and ps are for this second panic, and the ps shows a lot of processes that should not yet be on a rebooted system. I had someone at the shelter power cycle the server and it successfully rebooted. [EMAIL PROTECTED] bounces sendbug e-mail: Connected to 192.43.244.163 but sender was rejected. Remote host said: 553 5.1.8 [EMAIL PROTECTED]... Domain of sender address [EMAIL PROTECTED] does not exist Thanks, Jeff Connected ddb trace Debugger(d06e2120,d2a2f0b8,5,d981ecfc,4000) at Debugger+0x4 panic(d06e20e0,5,df00ad40,d037d8ec,50) at panic+0x55 softdep_deallocate_dependencies(d981ecfc,d981ecfc,df00ad60,d0378850) at softdep _deallocate_dependencies+0x1e brelse(d981ecfc,d2a25800,4180,d2a064b8,d2a06640) at brelse+0x1cf ahc_done(d29ec400,d2a064b8,1,d29ec400,0) at ahc_done+0x1cd ahc_abort_scbs(d29ec400,3,41,,ff) at ahc_abort_scbs+0x292 ahc_scb_devinfo(d29ec400,df00ae98,8,d0698077,1,d2a06448,d2a06448,0) at ahc_scb_ devinfo+0x2203 ahc_handle_scsiint(d29ec400,4,df00af20,180) at ahc_handle_scsiint+0x735 ahc_adapter_req_set_xfer_mode(d29ec400) at ahc_adapter_req_set_xfer_mode+0x641 Xrecurse_legacy9() at Xrecurse_legacy9+0xb1 --- interrupt --- cpu_idle_cycle(d08be1a0) at cpu_idle_cycle+0xf Bad frame pointer: 0xd0956e78 ddb ps PID PPID PGRPUID S FLAGS WAIT COMMAND 31076 16649 31552 0 3 0x4080 selectssh 16649 17926 31552 0 3 0x4008 biowait rsync 13145 31552 31552 0 3 0x4080 piperdmail 8994 31552 31552 0 3 0x4080 piperdtee 17926 31552 31552 0 3 0x4080 pause sh 31552 31372 31552 0 3 0x4080 pause sh 31372 20946 20946 0 30x80 piperdcron 23944 30887 30887 0 3 0x181 selectsmbd 3848 30887 30887 0 3 0x181 selectsmbd 17268 1 17268 0 3 0x4082 ttyin getty 2231 30887 30887 1063 3 0x181 selectsmbd 11120 1 11120 0 3 0x4082 ttyin getty 9529 1 9529 0 3 0x4082 ttyin getty 3462 1 3462 0 3 0x4082 ttyin getty 31835 1 31835 0 3 0x4082 ttyin getty 8756 1 8756 0 3 0x4082 ttyin getty 21402 1 21402 0 30x80 poll wsmoused 20946 1 20946 0 30x80 selectcron 6925 1 6925 0 3 0x80080 nanosleep sensorsd 24178 1 24178 0 30x80 selectsshd 17037 30462 30462 67 3 0x180 netconhttpd 11604 30462 30462 67 3 0x180 netconhttpd 32033 30462 30462 67 3 0x180 netconhttpd 30221 30462 30462 67 3 0x180 netconhttpd 26198 30462 30462 67 3 0x180 netconhttpd 8325 1 8325 0 3 0x180 selectinetd 20687 1 20687 0 30x80 poll ftpd 19820 26169 19820503 30x88 poll postgres 11008 26169 11008503 30x88 selectpostgres 30462 1 30462 67 3 0x180 selecthttpd 30314 18521 18521 0 30x80 piperdnmbd 18521 16174 18521 0 3 0x4081 selectnmbd 25006 30887 30887 0 3 0x181 pause smbd 29315 27189 27189 83 3 0x180 poll ntpd 27189 1 27189 0 30x80 poll ntpd 8256 31823 9966 73 3 0x4082 piperdmultilog 19281 5223 9966 0 2 0x4082socklog 4071 7570 9966 73 3 0x4082 piperdmultilog 12651 30628 9966 0 3 0x4082 piperdmultilog 23740 9687 9966 73 3 0x4082 piperdmultilog 3822 7193 9966 73 3 0x4082 piperdmultilog 24758 30414 9966 1001 3 0x4182 poll dnscache 26169 2353 9966503 3 0x408a selectpostgres 4650 28759 9966 7794 3 0x4082 piperdqmail-clean 26230 28759 9966 7795 3 0x4082 selectqmail-rspawn 22708 28759 9966 0 3 0x4082 selectqmail-lspawn 30887 5282 30887 0 3 0x4181 selectsmbd 30180 10543 9966 1002 3 0x4082 piperdmultilog 9533 4968 9966 73 3 0x4082 piperdmultilog 19900 13195 9966 77 3 0x4182 poll dhcpd 5284 28171 9966 73 3 0x4182 netio socklog 113 2194 9966 1001 3 0x4182 netio
Re: OpenBSD 4.3 FAQ in PDF?
On Tue, Jul 22, 2008 at 10:58 AM, Hannah Schroeter [EMAIL PROTECTED] wrote: Hi! jot(1) helps. $ jot 15 1 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 $ jot -w%02d 15 1 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 $ Kind regards, ! magic Thank you so much. I had no idea this existed. -Nick
Re: Can't scp, ssh is slow to authenticate.
On Mon, Jul 21, 2008 at 11:04:17PM -0400, Arnaud Bergeron wrote: debug1: Sending command: scp -v -r -t ~ 6:52PM up 4 days, 56 mins, 0 marksandmans, load averages: 0.11, 0.09, 0.08 Am I the only one noting this line in the output. I don't think scp wants to have load averages. It think it is a problem with the shell non-interactive initialization script. He's probably starting screen with top(1) in one of the windows directly from .bashrc.
1000BaseSX recommended card
Dear *, I would like to buy a pair of 1000BaseSX cards up to 200EUR each from Germany for an OpenBSD-based gateway. Does anybody have experience or tips on Allied Telesis' Broadcom BCM5703S-based AT-2916SX and AT-2931SX or the Marvell 88E8022-based AT-2971SX /all priced around 90EUR/ ? I see { PCI_VENDOR_BROADCOM, PCI_PRODUCT_BROADCOM_BCM5703 } in the if_bge.c, but no support for the BCM5703S, is that true? The data sheet is at http://www.alliedtelesyn.com/products/line.aspx?pid=50 The other one I found within that price range is 3Com's 3C996-SX,priced 165EUR at Amazon.de, any experience with that one? The data sheet is at http://www.3com.com/products/en_US/detail.jsp?tab=prodspecsku=3C996-SXpathtype=purchase I also found IBM NetXtreme 1000 SX+ at http://www.amazon.de/IBM-NetXtreme-Ethernet-Adapter-1000BSX/dp/B0008ENE6K/ref=pd_rhf_p_t_3?ie=UTF8qid=1216730673sr=1-1, any idea what that is and weather it is supported ? :) Any ideas and recommendations on these or any other cards available for purchase within Germany are more than welcome! Best regards, Vlado
Re: Actual BIND error - Patching OpenBSD 4.3 named ?
I don't think this actually accomplishes much. It still lets poisoned replies back in on the previous port number. hm... I don't think it does. BIND would, but it's going through PF. Without an additional rule to pass in to user named, the UDP reply has to be to the new NATed port. That's the only thing the state associated with the pass out on egress rule is going to be aware of. Eg, I applied the PF rule to one of my machines and checked, here's one of the states: all udp x.y.z.201:42001 - x.y.z.201:60538 - 68.142.196.63:53 MULTIPLE:MULTIPLE I don't care that someone can forge a packet from 68.142.196.63:53 to x.y.z.201:60538, the goal of the NAT rule in this case is to prevent the attacker from finding out what local port I'm using with anyone else. Without that NAT rule, everyone sees 42001. With that NAT rule, the attacker won't discover what local port I'm using for other DNS servers like google or yahoo or whatever. The lookup they get me to do against their domain doesn't have the same local port as the others. If the local port is known, there's apparently some other attacks that can build on that.
Re: Can't scp, ssh is slow to authenticate.
Nuno MagalhC#es escreveu: It was yes, became no, still doesn't work. So far all of your suggestions amounted to nothing useful, much like your rants but hey, if the Theo guy can act like an ass i guess you can too, i mean, he's the boss and all... In the meantime, i'll do something useful, like trying suggestions other (nice) posters provided. Stay tuned :) If you think we are egotrippers, pain in the ass, and things like that, why you're questioning here first of all? We tried to answer your questions directly, but it looks like you don't want to hear. It's simpler to oh, i'll question, and i want to hear the solution prompt and ready to be used. If you do not like our suggestions, then your place isn't on this mail list. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Heron 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
1000BaseSX recommended card
Dear *, I would like to buy a pair of 1000BaseSX cards up to 200EUR each from Germany for an OpenBSD-based gateway. Does anybody have experience or tips on Allied Telesis' Broadcom BCM5703S-based AT-2916SX and AT-2931SX or the Marvell 88E8022-based AT-2971SX /all priced around 90EUR/ ? I see { PCI_VENDOR_BROADCOM, PCI_PRODUCT_BROADCOM_BCM5703 } in the if_bge.c, but no support for the BCM5703S, is that true? The data sheet is at http://www.alliedtelesyn.com/products/line.aspx?pid=50 The other one I found within that price range is 3Com's 3C996-SX,priced 165EUR at Amazon.de, any experience with that one? The data sheet is at http://www.3com.com/products/en_US/detail.jsp?tab=prodspecsku=3C996-SXpathtype=purchase I also found IBM NetXtreme 1000 SX+ at http://www.amazon.de/IBM-NetXtreme-Ethernet-Adapter-1000BSX/dp/B0008ENE6K/ref=pd_rhf_p_t_3?ie=UTF8qid=1216730673sr=1-1, any idea what that is and weather it is supported ? :) Any ideas and recommendations on these or any other cards available for purchase within Germany are more than welcome! Best regards, Vlado [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of vladislav_stoyanov.31295DEFANGED-vcf]
Re: stunnel won't start with zlib compression
I hope it isn't bad form to reply to my own message, but I still can't get this working and would love some help... So far I've followed the learning curve and recompiled my OBSD to -stable. That didn't help, although it didn't hurt either. I've compiled the latest openSSL with the ZLIB option (I think that it is included by default anyway). That made no difference. I can start stunnel if I replace the zlib option with rle, but that doesn't help me. I need zlib. I tried compiling the latest stunnel but got a lot of errors which seemed to be due to missing functions. I added a #include or two to the source and got rid of some of the errors, but not all. I'm not that hot on this stuff so I'm getting a bit stuck on this route. I really would like to get stunnel working with zlib. Is there an easy way to tell if zlib has been compiled into openSSL and is working? At this point I still don't know where the problem lies. Cheers, Rick.
Re: Can't scp, ssh is slow to authenticate.
On Tue, Jul 22, 2008 at 6:50 PM, Giancarlo Razzolini [EMAIL PROTECTED] wrote: Nuno MagalhC#es escreveu: It was yes, became no, still doesn't work. So far all of your suggestions amounted to nothing useful, much like your rants but hey, if the Theo guy can act like an ass i guess you can too, i mean, he's the boss and all... In the meantime, i'll do something useful, like trying suggestions other (nice) posters provided. Stay tuned :) If you think we are egotrippers, pain in the ass, and things like that, why you're questioning here first of all? We tried to answer your questions directly, but it looks like you don't want to hear. It's simpler to oh, i'll question, and i want to hear the solution prompt and ready to be used. If you do not like our suggestions, then your place isn't on this mail list. I wasn't adessing the list, i was adressing you, Giancarlo :) Slight difference. I thought the other posters would give it away... I don't expect answers on the fly and i'm actually surprised people are responding positively (well except you), i've had many (good) suggestions and i've tried most of them already. And then i had two guys getting offended because i fail to see the almighty importance of DNS. Since i think it's a waste to send one message for every reply i have, no, i don't have top running from .bashrc (i think... i've just added alliases) but i'll look into why that line shows up. thanks for the tip. In fact, the only relevant content of this message is the previous sentence. -- Nuno MagalhC#es
Re: Can't scp, ssh is slow to authenticate.
On Tue, Jul 22, 2008 at 6:50 PM, Giancarlo Razzolini [EMAIL PROTECTED] wrote: Nuno MagalhC#es escreveu: It was yes, became no, still doesn't work. So far all of your suggestions amounted to nothing useful, much like your rants but hey, if the Theo guy can act like an ass i guess you can too, i mean, he's the boss and all... In the meantime, i'll do something useful, like trying suggestions other (nice) posters provided. Stay tuned :) If you think we are egotrippers, pain in the ass, and things like that, why you're questioning here first of all? We tried to answer your questions directly, but it looks like you don't want to hear. It's simpler to oh, i'll question, and i want to hear the solution prompt and ready to be used. If you do not like our suggestions, then your place isn't on this mail list. I wasn't adessing the list, i was adressing you, Giancarlo :) Slight difference. I thought the other posters would give it away... I don't expect answers on the fly and i'm actually surprised people are responding positively (well except you), i've had many (good) suggestions and i've tried most of them already. Nuno, I didn't think his responses to you were negative. Hey, most troubleshooting efforts are process of elimination anyway. Keep trying things till you figure it out. I've spent weeks working on issues before. Jay And then i had two guys getting offended because i fail to see the almighty importance of DNS. Since i think it's a waste to send one message for every reply i have, no, i don't have top running from .bashrc (i think... i've just added alliases) but i'll look into why that line shows up. thanks for the tip. In fact, the only relevant content of this message is the previous sentence. -- Nuno MagalhC#es
failed make on openssh 5.1
I have been asked to upgrade OpenSSH on an OpenBSD 4.1 server from 4.6 to 5.1. I have followed the instructions at http://www.openssh.org/openbsd.html and am getting the error below during 'make'. I have downloaded the source and the patch as instructed and followed these instructions to the letter: # cd /usr/src/usr.bin # tar xvfz .../openssh-5.1.tgz # cd ssh # patch -p0 /path/to/openssh43_5.1.patch # make obj # make cleandir # make depend # make Here are the results. I don't know what the 'arc4random_uniform' error indicates, if someone can point me in the right direction, I'd appreciate the help. === cc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect1.o sshconnect2.o mux.o -L/usr/src/usr.bin/ssh/ssh/../lib/obj -lssh -lgssapi -lkrb5 -lcrypto -lz -ldes /usr/src/usr.bin/ssh/ssh/../lib/obj/libssh.a(dh.o)(.text+0x438): In function `choose_dh': /usr/src/usr.bin/ssh/dh.c:166: undefined reference to `arc4random_uniform' collect2: ld returned 1 exit status *** Error code 1 Stop in /usr/src/usr.bin/ssh/ssh (line 95 of /usr/share/mk/bsd.prog.mk). *** Error code 1 === thanks, --charlie -- Charles Farinella Appropriate Solutions, Inc. (www.AppropriateSolutions.com) [EMAIL PROTECTED] voice: 603.924.6079 fax: 603.924.8668
Re: stunnel won't start with zlib compression
Hi, Is there an easy way to tell if zlib has been compiled into openSSL and is working? At this point I still don't know where the problem lies. Sorry if my question is silly, but: a) are you running stunnel in chroot? b) have you tried running 'ldd'? (might miss some package) Maxim Thanks for the reply. It's not chroot'ed (at least not by me) ldd gives: # ldd /usr/local/sbin/stunnel /usr/local/sbin/stunnel: StartEnd Type Open Ref GrpRef Name exe 10 0 /usr/local/sbin/stunnel 0af44000 2af4c000 rlib 01 0 /usr/lib/libz.so.4.1 0bfec000 2bff rlib 01 0 /usr/lib/libutil.so.11.0 0f68a000 2f693000 rlib 01 0 /usr/lib/libpthread.so.9.0 0bb57000 2bb62000 rlib 01 0 /usr/lib/libssl.so.11.0 07305000 27334000 rlib 01 0 /usr/lib/libcrypto.so.13.0 0e646000 2e64b000 rlib 01 0 /usr/lib/libwrap.so.4.0 04abe000 24af2000 rlib 01 0 /usr/lib/libc.so.43.0 072fd000 072fd000 rtld 01 0 /usr/libexec/ld.so # ldd /usr/sbin/openssl /usr/sbin/openssl: StartEnd Type Open Ref GrpRef Name exe 10 0 /usr/sbin/openssl 0631e000 26326000 rlib 01 0 /usr/lib/libz.so.4.1 009cb000 209d4000 rlib 01 0 /usr/lib/libpthread.so.9.0 07901000 27935000 rlib 01 0 /usr/lib/libc.so.43.0 0dd2c000 0dd2c000 rtld 01 0 /usr/libexec/ld.so All the given libraries are in place. Nothing is missing. Rick.
Re: failed make on openssh 5.1
On Tuesday 22 July 2008, Charlie Farinella wrote: I have been asked to upgrade OpenSSH on an OpenBSD 4.1 server from 4.6 to 5.1. I have followed the instructions at http://www.openssh.org/openbsd.html and am getting the error below during 'make'. I have downloaded the source and the patch as instructed and followed these instructions to the letter: To answer my own question, no sooner had I hit 'send' than I noticed the patch number indicated 4.3. I have downloaded OpenSSH 5.0, the appropriate 4.1 - 5.0 patch and all is well. Sorry for the noise. --charlie # cd /usr/src/usr.bin # tar xvfz .../openssh-5.1.tgz # cd ssh # patch -p0 /path/to/openssh43_5.1.patch # make obj # make cleandir # make depend # make Here are the results. I don't know what the 'arc4random_uniform' error indicates, if someone can point me in the right direction, I'd appreciate the help. === cc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect1.o sshconnect2.o mux.o -L/usr/src/usr.bin/ssh/ssh/../lib/obj -lssh -lgssapi -lkrb5 -lcrypto -lz -ldes /usr/src/usr.bin/ssh/ssh/../lib/obj/libssh.a(dh.o)(.text+0x438): In function `choose_dh': /usr/src/usr.bin/ssh/dh.c:166: undefined reference to `arc4random_uniform' collect2: ld returned 1 exit status *** Error code 1 Stop in /usr/src/usr.bin/ssh/ssh (line 95 of /usr/share/mk/bsd.prog.mk). *** Error code 1 === thanks, --charlie -- Charles Farinella Appropriate Solutions, Inc. (www.AppropriateSolutions.com) [EMAIL PROTECTED] voice: 603.924.6079 fax: 603.924.8668 -- Charles Farinella Appropriate Solutions, Inc. (www.AppropriateSolutions.com) [EMAIL PROTECTED] voice: 603.924.6079 fax: 603.924.8668
Re: 4.3 i386 MP kernel w/Raidframe - throws a: splassert: uvm_map_p: want –1 have 1
K.R. (Randy) Lewis, We were able to confirm (today) that it is the /MP kernel that has the issue defined below. The single CPU build ran the huge file copy just fine. R Re-post in misc@ (sorry for posting wrongly before) - Encountered the following: 4.3 i386 MP kernel w/Raidframe - throws a: splassert: uvm_map_p: want 1 have 1 Here's what was going on... We took a USB 250GB drive and wiped it (unallocated partition) using partition magic on one of those, what do you call it.. ..oh yeah...WindowsXP thingys...(expedient, ok?) Then plugged it into a 4.3 OpenBSD MacMini, did a disklabel and established a partition sd0i of type MSDOS. Then did a newfs t msdos sd0i. All of this works great, each time we do it. Then mounted it on the MacMini 4.3 OpenBSD with no problems, so we were fairly sure it was OK. We unmounted it from the 4.3 OpenBSD MacMini and cruised on over to a Dell PowerEdge 1550 Dual-P3, 512MB with 2 QLogic Fibre channel boards with two arrays, all set up nicely with Raidframe - each array as RAID5 and both arrays mirrored as a RAID1. This configuration has been in use for quite some time and works quite well (although a recent disk replacement requires some attention..) We mounted the USB drive (configured as above) without issue. Kicked off a cp /big_file_of_4GB to /usb_drive_mount_point job and it ran for about an hour before issuing a kernal error... splassert: uvm_map_p: want 1 have 1 ... to the console. The 'cp' was wedged, but the system seemed to be running. We were able to ssh into the system and look around, but issuing a 'reboot' from the ssh session caused the system to hang completely after the shutdown messages to the console - and somewhere in the 'syncing' before halt portion. So, before we go poking around in this MP system and perhaps retrace well worn steps ... has anyone seen this on an MP configuration (with or without Raidframe) ? Randy -- Here is the current DMESG, but please realize it's just now recovering from our 'force crash / reset' so there is some noise from the Raid stuff at the end. Also, note that the sd7 sd8 disks are NOT part of any array. They are the boot / swap and /usr/src /usr/ports drives on this puppy. And, finally, this raidframe setup, with these disks have been working for over a year on a 4.1 version system. Just so you know. wally:randy {103} ssh [EMAIL PROTECTED] [EMAIL PROTECTED]'s password: Last login: Wed Jul 16 16:09:56 2008 from 10.1.0.170 OpenBSD 4.3 (GENERIC.MP) #2: Tue Jul 1 13:45:45 EDT 2008 Welcome to OpenBSD: The proactively secure Unix-like operating system. Please use the sendbug(1) utility to report bugs in the system. Before reporting a bug, please try to reproduce it with the latest version of the code. With bug reports, please try to ensure that enough information to reproduce the problem is enclosed, and if a known fix for it exists, include that as well. Terminal type? [vt220] # dmesg OpenBSD 4.3 (GENERIC.MP) #2: Tue Jul 1 13:45:45 EDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel Pentium III (GenuineIntel 686-class) 994 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE real mem = 536379392 (511MB) avail mem = 510132224 (486MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/10/04, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xfb060 (55 entries) bios0: vendor Dell Computer Corporation version A09 date 12/10/2004 bios0: Dell Computer Corporation PowerEdge 1550/1000 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC acpi0: wakeup devices PCI0(S5) PCI2(S5) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 1 (boot processor) cpu0: apic clock running at 132MHz cpu1 at mainbus0: apid 0 (application processor) cpu1: Intel Pentium III (GenuineIntel 686-class) 994 MHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 16 pins ioapic0: misconfigured as apic 0, remapped to apid 2 ioapic1 at mainbus0: apid 3 pa 0xfec01000, version 11, 16 pins ioapic1: misconfigured as apic 0, remapped to apid 3 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PCI1) acpiprt2 at acpi0: bus 2 (PCI2) acpicpu0 at acpi0 acpicpu1 at acpi0 bios0: ROM list: 0xc/0x8000 0xc8000/0x6000 0xce000/0x2800 0xd0800/0x800 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 ServerWorks CNB20HE Host rev 0x23 pci1 at pchb0 bus 1 isp0 at pci1 dev 4 function 0 QLogic ISP2100 rev 0x03: apic 3 int 9 (irq 5) scsibus0 at isp0: 256 targets sd0 at scsibus0 targ 0 lun 0: CSC 36GB, 15K REFURBISHED, 0026 SCSI3 0/direct fixed sd0: 35003MB, 50824 cyl, 2 head, 705 sec, 512 bytes/sec, 71687372 sec
Re: 1000BaseSX recommended card
2008/7/22 Vladislav Stoyanov [EMAIL PROTECTED]: I would like to buy a pair of 1000BaseSX cards up to 200EUR each from Germany for an OpenBSD-based gateway. [..] Any ideas and recommendations on these or any other cards available for purchase within Germany are more than welcome! Hi Vladimir, I have a very good experience with Intel PRO/1000 XF (SC connectors were required, hence the XF model). Two of them have been running happily for over 18 months so far. Not sure if you can still buy these cards, though. -- Regards, Marcin
Re: stunnel won't start with zlib compression
On Tue, Jul 22, 2008 at 12:12 PM, The Foxes [EMAIL PROTECTED] wrote: ... I've compiled the latest openSSL with the ZLIB option (I think that it is included by default anyway). That made no difference. Are you sure you linked stunnel against the libssl *and* the libcrypto from that? Remember that ld prefers shared library to static ones, so if you only compiled a static libssl and libcrypto then you'll only get them if you explicitly tell ld to use them, either by including the full paths to the lib*.a files in the link or by putting -Wl,-Bstatic and -Wl,-Bdynamic around the -lssl -lcrypto. (Other solutions are possible; please show your work for full credit.) I tried compiling the latest stunnel but got a lot of errors which seemed to be due to missing functions. I added a #include or two to the source and got rid of some of the errors, but not all. I'm not that hot on this stuff so I'm getting a bit stuck on this route. There are patches in /usr/ports/security/stunnel/patches/, did you try applying them or seeing what issues they work around? Is there an easy way to tell if zlib has been compiled into openSSL and is working? The libcrypto in OpenBSD-current (and presumably earlier, I haven't checked) does not include the zlib compression method: $ nm /usr/lib/libcrypto.so.13.0 | grep zlib_method 2001cda0 d zlib_method_nozlib $ If zlib compression was included, it wouldn't have the _nozlib suffix. Philip Guenther
Re: failed make on openssh 5.1
To answer my own question, no sooner had I hit 'send' than I noticed the patch number indicated 4.3. I have downloaded OpenSSH 5.0, the appropriate 4.1 - 5.0 patch and all is well. Well I am getting the exact same compilation error as you, on a fresh OpenBSD 4.3 box, when tying to compile OpenSSH 5.1 with the patch for 4.3. cc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect1.o sshconnect2.o mux.o -L/usr/src/usr.bin/ssh/ssh/../lib/obj -lssh -lgssapi -lkrb5 -lcrypto -lz -ldes /usr/src/usr.bin/ssh/ssh/../lib/obj/libssh.a(dh.o)(.text+0x438): In function `choose_dh': /usr/src/usr.bin/ssh/dh.c:166: undefined reference to `arc4random_uniform' collect2: ld returned 1 exit status *** Error code 1 Stop in /usr/src/usr.bin/ssh/ssh (line 95 of /usr/share/mk/bsd.prog.mk). *** Error code 1 Stop in /usr/src/usr.bin/ssh (line 48 of /usr/share/mk/bsd.subdir.mk). Anyone else has been experiencing this?
Re: OpenBSD 4.3 FAQ in PDF?
--- On Tue, 7/22/08, Nick Guenther [EMAIL PROTECTED] wrote: From: Nick Guenther [EMAIL PROTECTED] Subject: Re: OpenBSD 4.3 FAQ in PDF? It looks like it doesn't exist right now. Why don't you just download all the FAQ pages? for i in 1 2 3 4 5 6 7 8 9; do ftp http://openbsd.org/faq/faq0${i}.html done for i in 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq${i}.html done hi all thx for help but it's litle mistake from this command, it must be ftp http://openbsd.org/faq/faq${i}.html not ftp http://openbsd.org/faq/faq0${i}.html because the full link is http://openbsd.org/faq/faq1.html not http://openbsd.org/faq/faq01.html thanks, i have been able to download this html for offline viewer :) regards
Re: failed make on openssh 5.1
On Tue, 22 Jul 2008, Joel Dinel wrote: To answer my own question, no sooner had I hit 'send' than I noticed the patch number indicated 4.3. I have downloaded OpenSSH 5.0, the appropriate 4.1 - 5.0 patch and all is well. Well I am getting the exact same compilation error as you, on a fresh OpenBSD 4.3 box, when tying to compile OpenSSH 5.1 with the patch for 4.3. cc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect1.o sshconnect2.o mux.o -L/usr/src/usr.bin/ssh/ssh/../lib/obj -lssh -lgssapi -lkrb5 -lcrypto -lz -ldes /usr/src/usr.bin/ssh/ssh/../lib/obj/libssh.a(dh.o)(.text+0x438): In function `choose_dh': /usr/src/usr.bin/ssh/dh.c:166: undefined reference to `arc4random_uniform' collect2: ld returned 1 exit status *** Error code 1 Oops, I'll prepare a new openssh43_5.1.patch shortly. -d
altq rules not matching
Currently i am trying to limit the bandwidth of one computer .113, however there is almost nothing matching and going into the queue. .113 is currently running BT, chat messengers, and a multiple of web browsing instances right now my rules are not as pretty as they might otherwise be, i am trying to make them as general and short as possible for this troubleshooting. Can someone please hit me with the cluestick, much appreciated. thank you fire# pfctl -vs queue queue root_xl1 on xl1 bandwidth 100Mb priority 0 cbq( wrr root ) {wow_in, main_in} [ pkts: 5316 bytes:4864528 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 borrows: 0 suspends: 0 ] queue wow_in on xl1 bandwidth 50Kb cbq( red ) [ pkts: 1 bytes:233 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 borrows: 0 suspends: 0 ] queue main_in on xl1 bandwidth 90Mb cbq( default ) [ pkts: 5315 bytes:4864295 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 borrows: 0 suspends: 0 ] fire# cat /etc/pf.conf.test #Tables ext_if=xl0 int_if=xl1 table private const { 10/8, 172.16/12, 192.168/16 } set block-policy drop set skip on {enc0, lo0} altq on $int_if cbq bandwidth 100Mb queue { main_in, wow_in } queue wow_inbandwidth 50Kb cbq(red) queue main_in bandwidth 90% cbq(default) nat on $ext_if from private to any - ($ext_if:0) pass out from any to 10.0.0.113 queue wow_in fire# uname -a OpenBSD fire.sporkton.com 4.3 GENERIC#698 i386 -- -Lawrence
[SOLVED]OpenBSD 4.3 FAQ in PDF (Download html and convert using pisa)
From: Nick Guenther [EMAIL PROTECTED] Subject: Re: OpenBSD 4.3 FAQ in PDF? It looks like it doesn't exist right now. Why don't you just download all the FAQ pages? for i in 1 2 3 4 5 6 7 8 9; do ftp http://openbsd.org/faq/faq0${i}.html done for i in 10 11 12 13 14 15; do ftp http://openbsd.org/faq/faq${i}.html done hi all thx for help but it's litle mistake from this command, it must be ftp http://openbsd.org/faq/faq${i}.html not ftp http://openbsd.org/faq/faq0${i}.html because the full link is http://openbsd.org/faq/faq1.html not http://openbsd.org/faq/faq01.html thanks, i have been able to download this html for offline viewer :) regards after search with keywords html to pdf i got this http://www.htmltopdf.org/download.html, using pisa i have been able build from faq1.html-faq15.html into .pdf format with internal links, so if you convert this html with pisa, i open pdf with xpdf, and i can using internal link in pdf document. but i got a weird result for index.html from faq, after convert, index.pdf has nothing, only blank page. regards
pf localhost sevices
Howdy List? Following is a modification of the ruleset at http://www.openbsd.org/faq/pf/pools.html . It works to allow routing of client services service_ports on an internal network onto one external gateway while other services from the internal network default to another path. This works without a default route on the firewall. But if I want to run a client on the firewall itself, I need to have a default route on it. How is it possible to avoid this default route and have clients running on the firewall use the same pf pathways as those running on machines out on the internal network? Is this possible? Dhu int_net = 192.168.1.0/24 int_if = bge0 ext_if1 = vr0 ext_if2 = axe0 ext_gw1 = ext_gw2 = service_ports = { 22 } set skip on lo scrub in all # nat outgoing connections on each internet interface nat on $ext_if1 from $int_net to any - ($ext_if1) nat on $ext_if2 from $int_net to any - ($ext_if2) # default deny block in from any to any block out from any to any # pass all outgoing packets on internal interface pass out on $int_if from any to $int_net # pass in quick any packets destined for the gateway itself pass in quick on $int_if from $int_net to $int_if # outgoing tcp traffic from internal network to ext_gw2 pass in on $int_if route-to { ($ext_if2 $ext_gw2) } proto tcp from $int_net to any flags S/SA modulate state # outgoing tcp ssh traffic from internal network to ext_gw1 pass in on $int_if route-to { ($ext_if1 $ext_gw1) } proto tcp from $int_net to any port $service_ports flags S/SA modulate state # outgoing udp and icmp traffic from internal network to ext_gw2 pass in on $int_if route-to { ($ext_if2 $ext_gw2) } proto { udp, icmp } from $int_net to any keep state # general pass out rules for external interfaces pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state pass out on $ext_if1 proto { udp, icmp } from any to any keep state pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state pass out on $ext_if2 proto { udp, icmp } from any to any keep state # route packets from any IPs on $ext_if1 to $ext_gw1 and the same for # $ext_if2 and $ext_gw2 pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any