Re: European orders

[Artur Grabowski]

Lazarus Wasbeim lazarus.wasb...@googlemail.com writes:

 Surely I know something You perhaps don't.

Says the guy whose only existence on the net is in this thread. Go
away, astroturfer.

It's very interesting when one side of the conflict is only supported
by throwaway gmail accounts, don't you think?

//art

WAN links failover

[Yuri Spirin]

Hello, misc@

I have OpenBSD internet gateway for medium company and 2 WAN lines from
different providers. First (line A) is flat rate 512K, second (line B)
is charged per megabyte. I want to setup this two links to work in
failover, i.e. to use Line A all the time (with Line B being idle),
automatically switch to Line B when Line A is down and switch back when
Line A is up again. All I found so far is to have some script pinging
some host outside and switching default route, pf.conf and so on, but I
want advice from OpenBSD gurus if there is some PF magic to accomplish
this. Success stories on similar cases are welcome too.

Thanx in advance.

--
Yuri A. Spirin

increase virtual memory for a user

[Alexander Bubnov]

Hello!
I have compiled sources with gcc. That gcc was build as Linux binary,
so I have used linux emulation.
During compilation I have got an error:
virtual memory exhausted: Cannot allocate memory
Surfing the Internet tell me that root cause is a call to mmap using
MAP_ANONYMOUS returned
MAP_FAILED with errno set to ENOMEM, from the man page of mmap can be seen that
 can happen when the process's has reached the maximum number of
mappings. So, I need to increase virtual memory for the user under
which compilation is run.
But, I cannot do it with limit, tcsh command:
~ limit datasize 1048576
limit: datasize: Can't set limit (Operation not permitted)

So, a question how can I do it?

-- 
/BR, Alexander

Re: ral(4) driver and RT2860 + RT2850 chips

[Dorian Büttner]

Chris Jones schrieb:

Has anyone had any experience with this card running under OpenBSD?

ral0 at pci0 dev 17 function 0 Ralink RT2860 rev 0x00: irq 11, address
00:0e:8e:20:84:94
ral0: MAC/BBP RT2860 (rev 0x0102), RF RT2850 (2T3R)
sis0 at pci0 dev 18 function 0 NS DP83815 10/100 rev 0x00, DP83815D:
irq 5, address 00:00:24:c0:7a:ac

  
ral0 at pci0 dev 17 function 0 Ralink RT2860 rev 0x00: irq 15, address 
00:08:54:86:5e:6e

ral0: MAC/BBP RT2860 (rev 0x0101), RF RT2820 (MIMO 2T3R)

different supplier, with a slight lower rev# (Longshine(R)  LCS-8231N


hostname.ral0
-

up media autoselect mode 11g mediaopt hostap \
nwid MYNWID wpa wpaprotos wpa2 \
wpapsk MYPRESHAREDKEY \
chan 7
  


inet 192.168.168.62 255.255.255.224 192.168.168.63 media autoselect mode 
11g \

chan 6 mediaopt hostap nwid dr.poop wpa wpaakms psk wpaciphers ccmp \
wpagroupcipher ccmp wpaprotos wpa2 wpapsk $(wpa-psk dr.poop PRESHAREDKEY)

Some time ago we had a thread here with net5501s randomly going 
unresponsive with those cards inserted. My actual observation is, that 
it does not have anything to with the card itself. More likely, I can 
wait for the box to hangup seemingly by itself for like two or four 
days, or I can ftp or sftp into it grabbing a large file, it will hang 
within a few seconds then. The soekris clock will make a sprint then, it 
skews forward some days within the few seconds reaching the reset 
button. Unfortuanately, I have no idea how to nail this down, any 
instruction welcome.

Curious, what you will encounter here.

Regards,
Dorian

Re: azalia - I don't get SPDIF working

[Dirk Mast]

Jacob Meuser wrote:

 On Tue, Apr 07, 2009 at 07:30:52PM +0200, Dirk Mast wrote:
 Christian Weisgerber wrote:
 
  Dirk Mast condo...@gmail.com wrote:
  
  perhaps this is just some stupid where is the unmute button thing,
  but I don't get it working (no sound with aucat started or the other
  way).
  
  azalia0 at pci0 dev 27 function 0 Intel 82801I HD Audio rev 0x02:
  apic 2 int 22 (irq 14)
  azalia0: codecs: Realtek ALC885
  
  inputs.usingdac=0203040525  [ 0203040525 06 ]
  
  You need to switch to the digital DAC group:
  inputs.usingdac=06
  
  (No, this is not obvious unless you are sitting there with the codec
  datasheet and the driver source.)
  
 
 Hi thank you, this works perfectly.
 
 Perhaps this should be documented somewhere, since it's really not
 obvious. Maybe in azalia(4) caveats, or in a more obvious mixerctl knob.
 
 yeah, 'inputs.usingdac' is rather undescriptive.  at least now there
 are only two choices though (basically, analog or digital), as opposed
 to having basically arbitrary dac groups, which often meant each
 dac in a separate group.
 
 I'll get around to this, eventually.  just too busy with real life
 atm.
 


Yeah, thank you.

Auvia has this boolean outputs.spdif on/off. 
If (I'm not sure about this) all azalias would have a structure like this:

several mixers for analog out and one mixer for digital out,
maybe azalia.c

/* if the codec has multiple DAC groups, create inputs.usingdac */
if (this-dacs.ngroups  1) {
MIXER_REG_PROLOG;
strlcpy(d-label.name, usingdac, sizeof(d-label.name));

could be changed in a way that this doesn't create two groups of DACs
but more an on/off state. 

But I guess this would only work if dacs.ngroups = 2.
(Seeing that i goes up to 32 I doubt that is the case...)


I think another way would be if azalia could sense a plugged cable,
like it can do with headphones, that signal could then be used to 
toggle on/off.

Re: azalia - I don't get SPDIF working

[Jacob Meuser]

On Thu, Apr 09, 2009 at 10:33:09AM +0200, Dirk Mast wrote:
 Jacob Meuser wrote:
 
  On Tue, Apr 07, 2009 at 07:30:52PM +0200, Dirk Mast wrote:
  Christian Weisgerber wrote:
  
   Dirk Mast condo...@gmail.com wrote:
   
   perhaps this is just some stupid where is the unmute button thing,
   but I don't get it working (no sound with aucat started or the other
   way).
   
   azalia0 at pci0 dev 27 function 0 Intel 82801I HD Audio rev 0x02:
   apic 2 int 22 (irq 14)
   azalia0: codecs: Realtek ALC885
   
   inputs.usingdac=0203040525  [ 0203040525 06 ]
   
   You need to switch to the digital DAC group:
   inputs.usingdac=06
   
   (No, this is not obvious unless you are sitting there with the codec
   datasheet and the driver source.)
   
  
  Hi thank you, this works perfectly.
  
  Perhaps this should be documented somewhere, since it's really not
  obvious. Maybe in azalia(4) caveats, or in a more obvious mixerctl knob.
  
  yeah, 'inputs.usingdac' is rather undescriptive.  at least now there
  are only two choices though (basically, analog or digital), as opposed
  to having basically arbitrary dac groups, which often meant each
  dac in a separate group.
  
  I'll get around to this, eventually.  just too busy with real life
  atm.
  
 
 
 Yeah, thank you.
 
 Auvia has this boolean outputs.spdif on/off. 
 If (I'm not sure about this) all azalias would have a structure like this:
 
 several mixers for analog out and one mixer for digital out,
 maybe azalia.c
 
 /* if the codec has multiple DAC groups, create inputs.usingdac */
 if (this-dacs.ngroups  1) {
 MIXER_REG_PROLOG;
 strlcpy(d-label.name, usingdac, sizeof(d-label.name));
 
 could be changed in a way that this doesn't create two groups of DACs
 but more an on/off state. 
 
 But I guess this would only work if dacs.ngroups = 2.
 (Seeing that i goes up to 32 I doubt that is the case...)

there are now at most 2 choices.  analog or digital.  and yes, there
are some codecs that only do analog and some that only to digital.

I *think* digital will always be s/pdif when both analog and digital
are supported, but all we know about the dacs is whether they are
real dacs or digital tranceivers.  we then have to check the i/o
pins to know what kind of connection is supported.

 
 I think another way would be if azalia could sense a plugged cable,
 like it can do with headphones, that signal could then be used to 
 toggle on/off.

jack sense capability isn't a mandatory feature, so it's not a
reliable method.

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: azalia - I don't get SPDIF working

[Dirk Mast]

 there are now at most 2 choices.  analog or digital.  and yes, there
 are some codecs that only do analog and some that only to digital.

Yeah, that makes it more complicated. 

Is the following if-construction too vague?

if (dacs.ngroups = 1) {
-- create the normal inputs.usingdac as it's done now
-- we don't care if it's analog or digital
elsif (dacs.ngroups = 2) {
-- create a knob outputs.spdif (or something similar)
-- problem is how to wire it:
-- clean choice would of course to check the i/o pins
-- maybe some other rules would apply?

-- like first dac is always analog and second one digital?
-- or maybe the longer dac group is analog and the shorter digital?
-- I doubt there are azalia devices with more digital sections
-- than analog sections
}


Personally I think reading the i/o pins would be much safer,
but if it's really the case that those upper assumptions are 
always right, perhaps that would be another solution.

(Otherwise this could bring big problems if there would be a
non-standard azalia device sometimes...)


Note: I can't code C this is why I try to describe my thoughts..

 I think another way would be if azalia could sense a plugged cable,
 like it can do with headphones, that signal could then be used to
 toggle on/off.
 
 jack sense capability isn't a mandatory feature, so it's not a
 reliable method.
 

Ok.

Re: increase virtual memory for a user

[Markus Hennecke]

Alexander Bubnov wrote:

Hello!
I have compiled sources with gcc. That gcc was build as Linux binary,
so I have used linux emulation.
During compilation I have got an error:
virtual memory exhausted: Cannot allocate memory
Surfing the Internet tell me that root cause is a call to mmap using
MAP_ANONYMOUS returned
MAP_FAILED with errno set to ENOMEM, from the man page of mmap can be seen that
 can happen when the process's has reached the maximum number of
mappings. So, I need to increase virtual memory for the user under
which compilation is run.
But, I cannot do it with limit, tcsh command:
~ limit datasize 1048576
limit: datasize: Can't set limit (Operation not permitted)

So, a question how can I do it?


Take a look at login.conf(5).

Kind regards,
  Markus

Re: WAN links failover

[Jim Razmus]

* Yuri Spirin english.voo...@rambler.ru [090409 03:11]:
 Hello, misc@
 
 I have OpenBSD internet gateway for medium company and 2 WAN lines from
 different providers. First (line A) is flat rate 512K, second (line B)
 is charged per megabyte. I want to setup this two links to work in
 failover, i.e. to use Line A all the time (with Line B being idle),
 automatically switch to Line B when Line A is down and switch back when
 Line A is up again. All I found so far is to have some script pinging
 some host outside and switching default route, pf.conf and so on, but I
 want advice from OpenBSD gurus if there is some PF magic to accomplish
 this. Success stories on similar cases are welcome too.
 
 Thanx in advance.
 
 --
 Yuri A. Spirin
 

man 4 trunk

HTH,
Jim

Re: screen(1) on boot

[Paul de Weerd]

Hi Nick,

you've gotten some good advice already, so maybe this is overkill, but
here's how I do it (added to /etc/rc.local on my machine at work) :

/usr/bin/su pawe -c cd /home/pawe; ksh -lic '/usr/local/bin/screen -d -m 
/usr/local/bin/irssi'

Starting a shell to start your screen ensures your environment is set
up correctly (using the -l and -i options). This means you'll have a
proper PATH etc when starting.

On Wed, Apr 08, 2009 at 04:58:38PM -0400, Nick Guenther wrote:
| I'd still like to know what's going on here. Running things from boot
| scripts appearently works on Linux, and a guy I asked last night
| seemed to think my method should work on FreeBSD, so what is OpenBSD
| doing that's upsetting screen?

I think OpenBSD is doing the sane thing here, not processing your
login scripts when you're not asking for a login shell. If that is
what you want, that's what you should configure. My 0.02 cents says
FreeBSD acts the same as OpenBSD in this regard.

Cheers,

Paul 'WEiRD' de Weerd

-- 
[++-]+++.+++[---].+++[+
+++-].++[-]+.--.[-]
 http://www.weirdnet.nl/ 

Re: Intel D945GCNL with OpenBSD 4.4 Hangs

[Louis V. Lambrecht]

Marcello Cruz wrote:

Dear all,

I have an Intel D945GCNL board and when I try to enable a second NIC the
system hangs. I really don't know where to search for a clue.

I took some steps before posting this message:
* replaced the HD with another one
* replaced the NIC (D-Link DFE-530, 3COM Etherlink, generic NIC with Relatek
chipset)
* replaced memory

Also, I have installed the same periferals on another motherboard (Asus) and
had no problem. So I think the problem is with the motherboard. The BIOS
doesn't seem to have any configuration regarding PCI slots (where the NIC is
installed).

Now, I'm trying to update the BIOS in order to see some new implementation not
supported by the OpenBSD.

Please, I really need a help and I don4t know how to feed you with
information. Below is the DMESG.

Rgds,
Marcello

OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
RTC BIOS diagnostic error 80clock_battery
cpu0: Intel(R) Celeron(R) CPU 430 @ 1.80GHz (GenuineIntel 686-class) 1.80
GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CX16,xTPR
real mem  = 1062424576 (1013MB)
avail mem = 1018863616 (971MB)
RTC BIOS diagnostic error 80clock_battery
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 08/28/07, SMBIOS rev. 2.4 @ 0xe44d0 (28
entries)
bios0: vendor Intel Corp. version NL94510J.86A.0017.2007.0828.1137 date
08/28/2007
bios0: Intel Corporation D945GCNL
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown, estimated 0:00 hours
acpi at bios0 function 0x0 not configured
pcibios at bios0 function 0x1a not configured
bios0: ROM list: 0xc/0xae00!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82945G Host rev 0x02
vga1 at pci0 dev 2 function 0 Intel 82945G Video rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
agp0 at vga1: aperture at 0x4000, size 0x1000
drm at vga1 unsupported
azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x01: irq 9
azalia0: codec[s]: Realtek/0x0888
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01
pci1 at ppb0 bus 1
ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x01
pci2 at ppb1 bus 2
re0 at pci2 dev 0 function 0 Realtek 8168 rev 0x01: RTL8168 2 (0x3800), irq
10, address 00:1c:c0:7b:06:d9
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2
ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x01
pci3 at ppb2 bus 3
ppb3 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x01
pci4 at ppb3 bus 4
uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: irq 11
uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: irq 9
uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: irq 10
uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: irq 11
ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: irq 11
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb4 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xe1
pci5 at ppb4 bus 5
xl0 at pci5 dev 5 function 0 3Com 3c905B 100Base-TX rev 0x24: irq 11,
address 00:10:4b:6c:69:53
exphy0 at xl0 phy 24: 3Com internal media interface
ichpcib0 at pci0 dev 31 function 0 Intel 82801GB LPC rev 0x01: PM disabled
pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x01: DMA, channel 0
configured to compatibility, channel 1 configured to compatibility
pciide0: channel 0 disabled (no drives)
pciide0: channel 1 ignored (disabled)
pciide1 at pci0 dev 31 function 2 Intel 82801GB SATA rev 0x01: DMA, channel
0 configured to native-PCI, channel 1 configured to native-PCI
pciide1: using irq 9 for native-PCI interrupt
atapiscsi0 at pciide1 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets, initiator 7
cd0 at scsibus0 targ 0 lun 0: HL-DT-ST, DVDRAM GH20NS15, IL00 ATAPI 5/cdrom
removable
cd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5
wd0 at pciide1 channel 1 drive 0: SAMSUNG HD161HJ
wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors
wd0(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 5
ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x01: irq 9
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at 

Re: ral(4) driver and RT2860 + RT2850 chips

[Stuart Henderson]

On 2009-04-09, Chris Jones cjo...@gdisoftware.com wrote:
 I just picked up a SparkLan WMIR-200N which I've put in my Soekris
 net4501. The ral(4) driver says it supports the Ralink RT2860 and RT2850
 chips on this card. OpenBSD detects the card however when I configure it
 in hostap mode with WPA2-PSK, my Macbook or any wifi capable computer
 will connect momentarily and then disconnects.

 Has anyone had any experience with this card running under OpenBSD?
 Also, how can I debug the ral(4) driver? Here is my dmesg output as
 well as my hostname.if configuration.

those cards mostly work well for me. try simplifying your configuration
(start by removing WPA) and see if you can narrow down the problem.

I'm using them on Geode based hardware though (pcengines alix),
haven't tried in a 4501 (and I note the last caveat in the ral(4)
manual).

Re: ral(4) driver and RT2860 + RT2850 chips

[David Higgs]

On Thu, Apr 9, 2009 at 1:40 AM, Chris Jones cjo...@gdisoftware.com wrote:
 Good evening,

 I just picked up a SparkLan WMIR-200N which I've put in my Soekris
 net4501. The ral(4) driver says it supports the Ralink RT2860 and RT2850
 chips on this card. OpenBSD detects the card however when I configure it
 in hostap mode with WPA2-PSK, my Macbook or any wifi capable computer
 will connect momentarily and then disconnects.

 Has anyone had any experience with this card running under OpenBSD?
 Also, how can I debug the ral(4) driver? Here is my dmesg output as
 well as my hostname.if configuration.

 Thanks,
 -Chris

 dmesg
 -

 OpenBSD 4.4 (GENERIC) #0: Sat Nov 15 07:42:40 PST 2008
r...@ob44dev.localdomain:/usr/src/sys/arch/i386/compile/GENERIC
 cpu0: AMD Am5x86 W/B 133/160 (AuthenticAMD 486-class)
 cpu0: FPU
 real mem  = 66678784 (63MB)
 avail mem = 55017472 (52MB)
 mainbus0 at root
 bios0 at mainbus0: AT/286+ BIOS, date 20/80/03, BIOS32 rev. 0 @ 0xf7840
 pcibios0 at bios0: rev 2.0 @ 0xf/0x1
 pcibios0: pcibios_get_intr_routing - function not supported
 pcibios0: PCI IRQ Routing information unavailable.
 pcibios0: PCI bus #0 is the last bus
 bios0: ROM list: 0xc8000/0x9000
 cpu0 at mainbus0
 pci0 at mainbus0 bus 0: configuration mode 1 (bios)
 elansc0 at pci0 dev 0 function 0 AMD ElanSC520 PCI rev 0x00: product 0
 stepping 1.1, CPU clock 133MHz, reset 40SCP
 gpio0 at elansc0: 32 pins
 hifn0 at pci0 dev 16 function 0 Hifn 7951 rev 0x01: LZS 3DES ARC4 MD5
 SHA1 RNG PK, 128KB sram, irq 10
 ral0 at pci0 dev 17 function 0 Ralink RT2860 rev 0x00: irq 11, address
 00:0e:8e:20:84:94
 ral0: MAC/BBP RT2860 (rev 0x0102), RF RT2850 (2T3R)
 sis0 at pci0 dev 18 function 0 NS DP83815 10/100 rev 0x00, DP83815D:
 irq 5, address 00:00:24:c0:7a:ac
 nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1
 sis1 at pci0 dev 19 function 0 NS DP83815 10/100 rev 0x00, DP83815D:
 irq 9, address 00:00:24:c0:7a:ad
 nsphyter1 at sis1 phy 0: DP83815 10/100 PHY, rev. 1
 sis2 at pci0 dev 20 function 0 NS DP83815 10/100 rev 0x00, DP83815D:
 irq 12, address 00:00:24:c0:7a:ae
 nsphyter2 at sis2 phy 0: DP83815 10/100 PHY, rev. 1
 isa0 at mainbus0
 isadma0 at isa0
 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
 com0: console
 com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
 pckbc0 at isa0 port 0x60/5
 pckbd0 at pckbc0 (kbd slot)
 pckbc0: using irq 1 for kbd slot
 wskbd0 at pckbd0: console keyboard
 wdc0 at isa0 port 0x1f0/8 irq 14
 wd0 at wdc0 channel 0 drive 0: SILICONSYSTEMS INC 1GB
 wd0: 1-sector PIO, LBA, 999MB, 2046240 sectors
 wd0(wdc0:0:0): using BIOS timings
 pcppi0 at isa0 port 0x61
 midi0 at pcppi0: PC speaker
 spkr0 at pcppi0
 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
 biomask e1c5 netmask ffe5 ttymask 
 softraid0 at root
 root on wd0a swap on wd0b dump on wd0b


 hostname.ral0
 -

 up media autoselect mode 11g mediaopt hostap \
nwid MYNWID wpa wpaprotos wpa2 \
wpapsk MYPRESHAREDKEY \
chan 7



$ dmesg | grep ral
ral0 at pci0 dev 15 function 0 Ralink RT2561S rev 0x00: irq 10,
address 00:1d:7d:34:0e:ec
ral0: MAC/BBP RT2561C, RF RT2527

$ sudo cat /etc/hostname.ral0
inet 10.0.128.1 255.255.255.0 NONE media autoselect mediaopt hostap
mode 11g nwid NWID wpa wpaakms psk wpaprotos wpa2 wpapsk PSK

Works great for me (4.4-stable) when connecting from my MacBookPro,
though it occasionally locks up and needs a quick ifconfig down/up.
Supposedly things are much improved in -current, but I haven't tested
to confirm.

--david

Re: screen(1) on boot

[Markus Hennecke]

Nick Guenther wrote:

Yeah, it's there, that's why I said I don't have to bother with sudo
-u to switch from root to my user.

I still want to know what's killing screen.


With that I can't help you either, but I run it with the following 
syntax successfully from rc.local:

su -l $USER -c '/usr/local/bin/screen -l -d -m /usr/local/bin/rtorrent'

Note that the -c already is parsed as the shell argument.
Took me some time to figure it out, the crontab @reboot entry is much 
cleaner and less error prone.


Kind regards,
  Markus

Re: Games

[Aapo Lehtinen]

Matthew Szudzik wrote:

On Wed, Apr 08, 2009 at 09:19:00PM +0200, Matthias Kilian wrote:

The new release song is really catchy. Many thanks to Jonathan,


I'm in complete agreement.  It's probably the best OpenBSD song yet, and
has the potential to appeal to frustrated computer users outside the
OpenBSD community (e.g. the slashdot crowd) with lyrics like I love to
hate my PC, Just wanna get this job done, and Lost my mind, it's
such a waste of time.



Very good song! Is there original available somewhere? I presume it is 
somehow connected to this Tron but i'm unfamiliar with it. (..oh, i'll 
google it myself)


I find it very similar with 11 1010101, which is probably my 
favorite. Let's all make our own TOP-16 lists!


Aapo
--
http://zenitisti.dy.fi

Re: increase virtual memory for a user

[Alexander Bubnov]

Thank you for help! It is exactly what I want.

2009/4/9 Markus Hennecke markus-henne...@markus-hennecke.de:
 Alexander Bubnov wrote:

 Hello!
 I have compiled sources with gcc. That gcc was build as Linux binary,
 so I have used linux emulation.
 During compilation I have got an error:
 virtual memory exhausted: Cannot allocate memory
 Surfing the Internet tell me that root cause is a call to mmap using
 MAP_ANONYMOUS returned
 MAP_FAILED with errno set to ENOMEM, from the man page of mmap can be seen
 that
  can happen when the process's has reached the maximum number of
 mappings. So, I need to increase virtual memory for the user under
 which compilation is run.
 But, I cannot do it with limit, tcsh command:
 ~ limit datasize 1048576
 limit: datasize: Can't set limit (Operation not permitted)

 So, a question how can I do it?

 Take a look at login.conf(5).

 Kind regards,
  Markus






-- 
/BR, Alexander

No buffer space available.

[Piotrek Kapczuk]

Hi

I have a problem. Lately I start seeing No buffer space available
errors. Server worked flawlessly for a few months and now it drops
packets. Hardware is PCENGINES ALIX Geode CPU.

More information you may find here
http://89.161.133.197/pub/x/problem.txt

It doesn't seem like it's over utilised. I can't narrow it down.
Please advise , where else should I look. What can cause that
behaviour ?


-- 
Regards
Piotrek

Re: No buffer space available.

[ropers]

2009/4/9 Piotrek Kapczuk piotr.kapc...@gmail.com:

 More information you may find here
 http://89.161.133.197/pub/x/problem.txt

No I can't. I'm getting a HTTP 404 on that link.

Re: Odd problem, may be related to relayd

[ropers]

 I only have one small question left if I may. I do see plenty of changes
 from Henning and others on this and still plenty going in pf in CVS.
 I am not sure I follow it all yet and may be it's because it's not all
 finish, but scrub isn't going to be remove all together from pf is it?

 I am not clear as to what part of scrub is changing or being removed.

 Can just a quick summary, or even one line answer provide some details as
 to what is actually being removed, or changed  from it?

 I can wait until the man page is changed too, but I wonder what is it
 actually really going on there if I may?

 Theo de Raadt wrote:

 I don't understand the question.

 If you don't like change, don't ever upgrade.

 Theo,

2009/4/9 Daniel Ouellet dan...@presscom.net:

 I don't know where you go that Idea? I NEVER say here I didn't like
 change??? I simply asked what it was so that I can understand it better.

 I said I didn't follow it fully yet.

 I wanted to understand it better before I upgrade some servers to current
as
 I do regularly.

 I like to fully understand what I do before I do it.

 You definitely miss understood my question here big time!

 Relax men. I sure can understand your threshold is pretty low these days,
 but I am not the one that cheated on money with you and the project, that's
 Win! So, don't take your frustration that I sure understand to well on me,
 or if that actually helps you, then please do so. I can take it.

 It's a simple question as I am not sure I fully understand the changes it
 does yet, that's all. Like I said, I sure can wait for the man page changes
 too.

 Hope this help you revise your thinking on this one.

 Sorry it give you grief however.

Daniel,

That was a bit of a dick move.

To recap:
- Dirk hinted that scrub was about to change:
  http://marc.info/?l=openbsd-miscm=123910267606671w=2

- In response, Stuart posted two links which should have given you and
me and everybody paying attention all the explanation needed about
what was about to change:
http://marc.info/?l=openbsd-miscm=123917995320021w=2

- Joe and Henning even posted working examples:
  http://marc.info/?l=openbsd-miscm=12391969146w=2
  http://marc.info/?l=openbsd-miscm=123919875714273w=2

- Then you posted the message quoted at the top, which seemed to say
that you either were seriously not getting what was quite clearly and
unambiguously explained in the aforesaid links and examples, or that
you were resistant to change.

- Probably giving you the benefit of the doubt, Theo probably assumed
the latter and wrote that he was baffled by it.

There is nothing strange or overly emotional about that. Theo gave a
perfectly reasonable reply to an unreasonable question, given that you
already had two good answers right under your nose, and with added
examples to boot. You then making insinuations about Theo's state of
mind and stirring the Wim affair shitpot was just uncalled for. I know
you've probably been around here much longer than me, and unlike me
aren't broke and are probably giving back, and are possibly generally
much more competent than me, but I still feel that that was uncalled
for. And since you were talking about frustration: Reading your
message frustrated ME.

/venting

regards,
--ropers

Re: ral(4) driver and RT2860 + RT2850 chips

[bofh]

On Thu, Apr 9, 2009 at 8:05 AM, David Higgs hig...@gmail.com wrote:

 $ dmesg | grep ral
 ral0 at pci0 dev 15 function 0 Ralink RT2561S rev 0x00: irq 10,
 address 00:1d:7d:34:0e:ec
 ral0: MAC/BBP RT2561C, RF RT2527

 $ sudo cat /etc/hostname.ral0
 inet 10.0.128.1 255.255.255.0 NONE media autoselect mediaopt hostap
 mode 11g nwid NWID wpa wpaakms psk wpaprotos wpa2 wpapsk PSK

 Works great for me (4.4-stable) when connecting from my MacBookPro,
 though it occasionally locks up and needs a quick ifconfig down/up.
 Supposedly things are much improved in -current, but I haven't tested
 to confirm.

ral0 at pci0 dev 8 function 0 Ralink RT2561S rev 0x00: irq 11,
address 00:1d:7d:76:b5:17
ral0: MAC/BBP RT2561C, RF RT2527

It locks up every now and then (no rhyme or reason) with that out of
buffer message.  Looking through the archives, it appears that this
particular chip/chipset sometimes has that hardware issue.  I had to
reboot to fix it, but if a quick ifconfig works (network goes down,
but server itself is still responsive at console), I'll have to give
that a try.


-- 
http://www.glumbert.com/media/shift
http://www.youtube.com/watch?v=tGvHNNOLnCk
This officer's men seem to follow him merely out of idle curiosity.
-- Sandhurst officer cadet evaluation.
Securing an environment of Windows platforms from abuse - external or
internal - is akin to trying to install sprinklers in a fireworks
factory where smoking on the job is permitted.  -- Gene Spafford
learn french:  http://www.youtube.com/watch?v=j1G-3laJJP0feature=related

Re: Games

[Matthew Szudzik]

On Thu, Apr 09, 2009 at 02:34:20PM +0300, Aapo Lehtinen wrote:
 Very good song! Is there original available somewhere? I presume it is  
 somehow connected to this Tron but i'm unfamiliar with it. (..oh, i'll

The song Only solutions by Journey was featured in the movie Tron.
 http://www.youtube.com/watch?v=ZVlB6KJT2xo
Games is very similar in style to Only solutions, by the lyrics and
melody are quite different.

Re: No buffer space available.

[Piotrek Kapczuk]

2009/4/9 ropers rop...@gmail.com:
 2009/4/9 Piotrek Kapczuk piotr.kapc...@gmail.com:

 More information you may find here
 http://89.161.133.197/pub/x/problem.txt

 No I can't. I'm getting a HTTP 404 on that link.

Yeah sorry. Forget about it. I think I figured this out. I think it is
a queuing problem.

Sorry and thanks for you interest.

-- 
Regards
Piotr

Re: European orders

[Ed Ahlsen-Girard (TYBRIN Corp.)]

 -Original Message-
 From: Damien Miller [mailto:d...@mindrot.org]
 Sent: Wednesday, April 08, 2009 6:14 PM
 To: ropers
 Cc: Lazarus Wasbeim; Artur Grabowski; misc@openbsd.org
 Subject: Re: European orders

 On Thu, 9 Apr 2009, ropers wrote:

 [citation needed]

 http://bit.ly/3dMFBs


Best message on this thread in days.

And probably the last one worth reading. Including this one.  All are invited
to join me in a nice hot cup of STFU.
--

Ed Ahlsen-Girard

Re: European orders

[David Walker]

 [citation needed]
 http://bit.ly/3dMFBs
Best message on this thread in days.

Agreed.
Several gems in a row.

And probably the last one worth reading. Including this one.  All are invited
to join me in a nice hot cup of STFU.

Subscribed to show my appreciation ...
Thanks for the roflcopters.
Now to unsubscribe.

Best wishes.

Re: ral(4) driver and RT2860 + RT2850 chips

[Chris Jones]

Stuart Henderson wrote:
 On 2009-04-09, Chris Jones cjo...@gdisoftware.com wrote:
 I just picked up a SparkLan WMIR-200N which I've put in my Soekris
 net4501. The ral(4) driver says it supports the Ralink RT2860 and RT2850
 chips on this card. OpenBSD detects the card however when I configure it
 in hostap mode with WPA2-PSK, my Macbook or any wifi capable computer
 will connect momentarily and then disconnects.

 Has anyone had any experience with this card running under OpenBSD?
 Also, how can I debug the ral(4) driver? Here is my dmesg output as
 well as my hostname.if configuration.
 
 those cards mostly work well for me. try simplifying your configuration
 (start by removing WPA) and see if you can narrow down the problem.

I used a basic config as you suggested and I was able to connect for
much longer, however my Macbook eventually disconnected. This is the
config I used.

hostname.ral0
-

up media autoselect mode 11g mediaopt hostap \
nwid MYNWID chan 7

I'm wondering if it's a power issue with the net4501? Do you know of a
way to put the driver in debug mode? TIA

 
 I'm using them on Geode based hardware though (pcengines alix),
 haven't tried in a 4501 (and I note the last caveat in the ral(4)
 manual).
 

-- 
Chris Jones

Re: ral(4) driver and RT2860 + RT2850 chips

[Stuart Henderson]

On 2009-04-09, Chris Jones cjo...@gdisoftware.com wrote:
 Stuart Henderson wrote:
 On 2009-04-09, Chris Jones cjo...@gdisoftware.com wrote:
 I just picked up a SparkLan WMIR-200N which I've put in my Soekris
 net4501. The ral(4) driver says it supports the Ralink RT2860 and RT2850
 chips on this card. OpenBSD detects the card however when I configure it
 in hostap mode with WPA2-PSK, my Macbook or any wifi capable computer
 will connect momentarily and then disconnects.

 Has anyone had any experience with this card running under OpenBSD?
 Also, how can I debug the ral(4) driver? Here is my dmesg output as
 well as my hostname.if configuration.
 
 those cards mostly work well for me. try simplifying your configuration
 (start by removing WPA) and see if you can narrow down the problem.

 I used a basic config as you suggested and I was able to connect for
 much longer, however my Macbook eventually disconnected. This is the
 config I used.

 hostname.ral0
 -

 up media autoselect mode 11g mediaopt hostap \
 nwid MYNWID chan 7

 I'm wondering if it's a power issue with the net4501? Do you know of a
 way to put the driver in debug mode? TIA

ifconfig ral0 debug

make sure your Mac wireless adapter is not in power-saving mode.

Re: azalia - I don't get SPDIF working

[Jacob Meuser]

On Thu, Apr 09, 2009 at 12:07:37PM +0200, Dirk Mast wrote:
  there are now at most 2 choices.  analog or digital.  and yes, there
  are some codecs that only do analog and some that only to digital.
 
 Yeah, that makes it more complicated. 
 
 Is the following if-construction too vague?
 
 if (dacs.ngroups = 1) {
 -- create the normal inputs.usingdac as it's done now
 -- we don't care if it's analog or digital

actually in this case we don't create any knob, since it wouldn't
do anything.

 elsif (dacs.ngroups = 2) {
 -- create a knob outputs.spdif (or something similar)
 -- problem is how to wire it:
 -- clean choice would of course to check the i/o pins
 -- maybe some other rules would apply?
 
 -- like first dac is always analog and second one digital?
 -- or maybe the longer dac group is analog and the shorter digital?
 -- I doubt there are azalia devices with more digital sections
 -- than analog sections
 }
 
 
 Personally I think reading the i/o pins would be much safer,
 but if it's really the case that those upper assumptions are 
 always right, perhaps that would be another solution.

I haven't yet seen multiple digital output transmitters in a single
codec.  but that doesn't mean there aren't/won't be such codecs, though.

 (Otherwise this could bring big problems if there would be a
 non-standard azalia device sometimes...)

heh.  they all follow the standard, which allows many things.

probably the best would be something more like:

$ mixerctl -v outputs.mode
outputs.mode=analog  [ analog digital ]

the problem with checking i/o pins and/or using 'spdif' is that there
may be both hdmi and s/pdif connections.  this control only affects
which dac group is currently being used.  it really has nothing to
do with the i/o pins.

 
 Note: I can't code C this is why I try to describe my thoughts..
 
  I think another way would be if azalia could sense a plugged cable,
  like it can do with headphones, that signal could then be used to
  toggle on/off.
  
  jack sense capability isn't a mandatory feature, so it's not a
  reliable method.
  
 
 Ok.
 

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Le marche des associations pour developper vos affaires pour misc

[jo-association.eu]

Content-Transfer-Encoding: 8bit

Bonjour,

Les associations representent un marche tres important et souvent mal exploite 
par les societes commerciales : profitez des opportunites grace a une 
information precise et pertinente.

Avec plus de 2 millions dassociations deja repertoriees et toutes les 
nouvelles creations, vous disposez dun vivier de prospection commerciale 
extraordinaire

Une source fiable, exhaustive et regulierement mise a jour

Toute association qui se cree, qui modifie ses statuts ou qui disparait fait 
obligatoirement une declaration a la prefecture, qui publie un avis dans le 
journal officiel. Cest ce point de passage oblige quutilise JO Association 
pour constituer et mettre a jour vos fichiers de prospection. Vous avez donc la 
garantie que les informations que vous collectez proviennent dune source 
fiable, exhaustive et mise a jour regulierement

Economique

JO Association est un outil de prospection economique car il ne necessite ni 
abonnement, ni mise a jour. Une fois le logiciel achete, vous avez la garantie 
de ne pas etre contraint de repayer tous les trois ou six mois un nouveau CD 
destine a mettre a jour la base de donnees 

Sans limite dutilisation

Avec JO Association, vous pouvez realiser autant dextractions que vous le 
desirez, sans avoir a payer a chaque adresse collectee. Vous pouvez utiliser et 
reutiliser les informations collectees sans limitation ni redevance pour chaque 
campagne

Efficace

Une prospection efficace passe toujours par une bonne connaissance de vos 
clients. Avec 13 informations specifiques, JO Association vous apporte toutes 
les donnees importantes pour cibler votre clientele dassociations. Vous 
obtenez ainsi les informations qualifiees dont vous avez besoin pour bien 
vendre 

Simple

JO Association est un outil tres simple demploi, vous remplissez le formulaire 
de recherche du site du Journal Officiel et vous obtenez un fichier de 
prospection au format texte. Celui-ci peut etre ouvert dans nimporte quel 
logiciel de prospection ou dans Excel 

Decouvrez JO Association sur http://www.jo-association.eu




Pierre Mensat
 
Ps : pour ne plus recevoir dinformation de notre part, cliquez sur 
www.location-vacance.net/scripts/desinscrire.php?client=misc*openbsd.orgsourcemail=qhftgfksosff

Re: ral(4) driver and RT2860 + RT2850 chips

[Lars Kotthoff]

 I just picked up a SparkLan WMIR-200N which I've put in my Soekris
 net4501. The ral(4) driver says it supports the Ralink RT2860 and RT2850
 chips on this card. OpenBSD detects the card however when I configure it
 in hostap mode with WPA2-PSK, my Macbook or any wifi capable computer
 will connect momentarily and then disconnects.

ral0 at pci0 dev 21 function 0 Ralink RT2860 rev 0x00: irq 11, address 
00:0e:8e:1d:f2:12
ral0: MAC/BBP RT2860 (rev 0x0101), RF RT2820 (2T3R)
with WPA2 PSK

It occasionally drops the connection for a couple of seconds, but then continues
happily without any manual interference. The more annoying bit is that the box
locks up completely after a couple of days and I have to reboot. Tried without
WPA and with the interface down, if anything at all it made it worse by having
to reboot earlier.

Lars

Re: WAN links failover

[Steven Surdock]

 -Original Message-
 From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf
Of
 Jim Razmus
 Sent: Thursday, April 09, 2009 7:58 AM
 To: misc@openbsd.org
 Subject: Re: WAN links failover

 * Yuri Spirin english.voo...@rambler.ru [090409 03:11]:
  Hello, misc@
 
  I have OpenBSD internet gateway for medium company and 2 WAN lines
from
  different providers. First (line A) is flat rate 512K, second (line
B)

 man 4 trunk


I don't think that will help from ...different providers.

-Steve S.

Re: ral(4) driver and RT2860 + RT2850 chips

[Daniel Melameth]

On Wed, Apr 8, 2009 at 11:40 PM, Chris Jones cjo...@gdisoftware.com wrote:
 I just picked up a SparkLan WMIR-200N which I've put in my Soekris
 net4501. The ral(4) driver says it supports the Ralink RT2860 and RT2850
 chips on this card. OpenBSD detects the card however when I configure it
 in hostap mode with WPA2-PSK, my Macbook or any wifi capable computer
 will connect momentarily and then disconnects.

 Has anyone had any experience with this card running under OpenBSD?

For years I tried to get OpenBSD to function as a RELIABLE AP for
wireless clients and I was never successful--regardless of what driver
and hardware combination I used.  Unless you are able to debug
alongside a willing developer, I highly recommend looked elsewhere for
an AP.  On the other hand, I've had good success with several driver
and hardware combinations when OpenBSD is functioning as a wireless
client.

Re: Odd problem, may be related to relayd

[Daniel Ouellet]

ropers wrote:

Daniel,

That was a bit of a dick move.


Happy for you that you have a bigger dick then me then. (;

I saw the various cvs changes commit and did read the different one on 
misc@ as well. I asked the question because it wasn't clear to me. May 
be I tumble on words meaning or may be you are just better then me. I 
don't really care what you think. I just didn't understand it and as to 
risk of being call a dick, I still wanted to clarify it for myself.


There is nothing wrong saying someone do not understand something and 
asked for more details.


As for the rest of your post, again I didn't say I am oppose to change, 
never did I say that and as far as Theo is concern, believe me, he sure 
can speak of himself and sure don't need you for that. Theo has a quick 
temper and I do to, doesn't mean we can't communicate and we did. I had 
exchange with Theo on this and previous subject before as well and I am 
sure in the future too. I explain our miss understanding and I apologies 
to him for my reaction to his temper as well, end of story.


Henning provided me with more details that did clarified it more for me. 
Sometime I get things quickly, some other time I don't, such is life.


I am glad for you that you got it right away. Not everyone does and yes 
at time, I do not fully understand what appear to be clear to others in 
English, but excuse me to give it my best shut. Nor do I always express 
it well either, but hey. I am very glad for you that life is so clear 
and that you have no comprehension problem what so ever on any subject. 
I am not that gifted and when something is not clear for me after I read 
it, I do asked for more at the price to may be look stupid to you and 
that's fine by me. I don't care so much about how it look, but I do care 
about understanding it however.


Have a great day, and I am sure your girlfriend will be happy that you 
will not need any viagra anytime soon.


Best,

Daniel

Re: verbose sftp per user ?

[jul]

anyone ?

jul wrote on 5/04/09 14:50:
 i'm using chroot sftp with the following command:
 #Subsystem   sftpinternal-sftp -l VERBOSE -f AUTH
 Subsystem   sftpinternal-sftp -l INFO -f AUTH
 
 from http://marc.info/?l=openssh-unix-devm=120969706821519w=2
 
 but is there any way to restrict verbose/info logging to some users ? or
 trap to /dev/null log of some others ?
 
 for example:
 Match user user1
   Logging VERBOSE

sshkey: display comments in authlog ?

[jul]

Hello

when using sshkey, is there a way to have ssh comments section in the
server authlog ?
(the one in server ~/.ssh/authorized_keys)
It would be useful to manage which key is used to log on which accounts.

thanks a lot
Best regards

Julien

Re: Odd problem, may be related to relayd

[ropers]

Alright, alright. I vented, you vented. Fair enough.

No hard feelings.

regards,
--ropers

2009/4/9 Daniel Ouellet dan...@presscom.net:
 ropers wrote:

 Daniel,

 That was a bit of a dick move.

 Happy for you that you have a bigger dick then me then. (;

 I saw the various cvs changes commit and did read the different one on misc@
 as well. I asked the question because it wasn't clear to me. May be I tumble
 on words meaning or may be you are just better then me. I don't really care
 what you think. I just didn't understand it and as to risk of being call a
 dick, I still wanted to clarify it for myself.

 There is nothing wrong saying someone do not understand something and asked
 for more details.

 As for the rest of your post, again I didn't say I am oppose to change,
 never did I say that and as far as Theo is concern, believe me, he sure can
 speak of himself and sure don't need you for that. Theo has a quick temper
 and I do to, doesn't mean we can't communicate and we did. I had exchange
 with Theo on this and previous subject before as well and I am sure in the
 future too. I explain our miss understanding and I apologies to him for my
 reaction to his temper as well, end of story.

 Henning provided me with more details that did clarified it more for me.
 Sometime I get things quickly, some other time I don't, such is life.

 I am glad for you that you got it right away. Not everyone does and yes at
 time, I do not fully understand what appear to be clear to others in
 English, but excuse me to give it my best shut. Nor do I always express it
 well either, but hey. I am very glad for you that life is so clear and that
 you have no comprehension problem what so ever on any subject. I am not that
 gifted and when something is not clear for me after I read it, I do asked
 for more at the price to may be look stupid to you and that's fine by me. I
 don't care so much about how it look, but I do care about understanding it
 however.

 Have a great day, and I am sure your girlfriend will be happy that you will
 not need any viagra anytime soon.

 Best,

 Daniel

Re: sshkey: display comments in authlog ?

[FRLinux]

On Thu, Apr 9, 2009 at 7:00 PM, jul jul_...@yahoo.fr wrote:
 Hello

 when using sshkey, is there a way to have ssh comments section in the
 server authlog ?
 (the one in server ~/.ssh/authorized_keys)
 It would be useful to manage which key is used to log on which accounts.

Maybe this is close to what you'd like to achieve (although granted
not quite what you want):
http://stackoverflow.com/questions/440427/ssh-login-monitor-for-linux

Cheers,
Steph

Re: verbose sftp per user ?

[Alexander Hall]

jul wrote:
 anyone ?
 
 jul wrote on 5/04/09 14:50:
 i'm using chroot sftp with the following command:
 #Subsystem   sftpinternal-sftp -l VERBOSE -f AUTH
 Subsystem   sftpinternal-sftp -l INFO -f AUTH

 from http://marc.info/?l=openssh-unix-devm=120969706821519w=2

 but is there any way to restrict verbose/info logging to some users ? or
 trap to /dev/null log of some others ?

 for example:
 Match user user1
  Logging VERBOSE
 

from sshd_config(5):

  Only a subset of keywords may be used on the lines following a
  Match keyword.  Available keywords are AllowAgentForwarding,
  AllowTcpForwarding, Banner, ChrootDirectory, ForceCommand,
  GatewayPorts, GSSAPIAuthentication, HostbasedAuthentication,
  KbdInteractiveAuthentication, KerberosAuthentication,
  MaxAuthTries, MaxSessions, PasswordAuthentication,
  PermitEmptyPasswords, PermitOpen, PermitRootLogin,
  RhostsRSAAuthentication, RSAAuthentication, X11DisplayOffset,
  X11Forwarding and X11UseLocalHost.

So it seems not.

/Alexander

Re: Can you subscribe to the PF mailing list? I can't

[Cezary Morga]

Nick Guenther wrote:
 On Wed, Apr 8, 2009 at 12:31 PM, Bryan Irvine sparcta...@gmail.com wrote:
  The problem is that you can't use the pf mailing list from gmail.
 
  -Bryan

 Because people who use gmail aren't smart enough for PF? Because it's
 a free webmail provider and so a source of spam?

Because gmail doesn't resend e-mails from the same host the first delivery 
attempt was made from. It fucks up spamd and every other greylisting app out 
there. Of course it can be worked around, but it seems not everyone is willing 
to do so.
-- 
Cezary Morga
Research is the process of going up alleys to see if they are blind. 
(Marston Bates)

Who runs OpenBSD with Adaptec ?

[Ricardo Augusto de Souza]

Hi,



I AM trying to install openBSD 4.4 on a IBM 3550 7978 B1U but OpenBSD didn4t
recognize Adaptec ServeRaid 8k.



I4d like to know if someone run it on a server with this raid controller.



I installed a custom openbsd kernel ( with aac* support)  on  a USB stick ,
boot it on IBM 3550 and this is the dmesg:

I also tried disabling acpi.



OpenBSD 4.4 (rox) #0: Wed Apr  8 16:27:08 BRT 2009

r...@tux:/usr/sys/arch/i386/compile/rox

cpu0: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz (GenuineIntel 686-class) 2
GHz

cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,
xTPR

real mem  = 2137350144 (2038MB)

avail mem = 2058268672 (1962MB)

mainbus0 at root

bios0 at mainbus0: AT/286+ BIOS, date 07/25/08, BIOS32 rev. 0 @ 0xffa10,
SMBIOS rev. 2.4 @ 0xf6be0 (62 entries)

bios0: vendor Dell Inc. version A07 date 07/25/2008

bios0: Dell Inc. Latitude D530

acpi0 at bios0: rev 2

acpi0: tables DSDT FACP HPET APIC ASF! MCFG TCPA SLIC SSDT

acpi0: wakeup devices PCI0(S5) PCIE(S4) USB1(S0) USB2(S0) USB3(S0) USB4(S0)
USB5(S0) EHC2(S0) EHCI(S0) AZAL(S3) RP01(S3) RP02(S4) RP03(S3) RP04(S3)
RP05(S3) RP06(S5) LID_(S3) PBTN(S4)

acpitimer0 at acpi0: 3579545 Hz, 24 bits

acpihpet0 at acpi0: 14318179 Hz

acpiprt0 at acpi0: bus 3 (PCIE)

acpiprt1 at acpi0: bus -1 (AGP_)

acpiprt2 at acpi0: bus 11 (RP01)

acpiprt3 at acpi0: bus 12 (RP02)

acpiprt4 at acpi0: bus -1 (RP03)

acpiprt5 at acpi0: bus -1 (RP04)

acpiprt6 at acpi0: bus -1 (RP05)

acpiprt7 at acpi0: bus 9 (RP06)

acpiprt8 at acpi0: bus 0 (PCI0)

acpicpu0 at acpi0: C3

acpitz0 at acpi0: critical temperature 99 degC

acpibtn0 at acpi0: LID_

acpibtn1 at acpi0: PBTN

acpibtn2 at acpi0: SBTN

acpiac0 at acpi0: AC unit offline

acpibat0 at acpi0: BAT0 model DELL TT7108 serial 4001 type LION oem Sanyo

acpibat1 at acpi0: BAT1 not present

acpidock at acpi0 not configured

acpivideo at acpi0 not configured

acpivideo at acpi0 not configured

acpivideo at acpi0 not configured

bios0: ROM list: 0xc/0xf000! 0xcf000/0x1000

cpu0 at mainbus0

cpu0: unknown Enhanced SpeedStep CPU, msr 0x06170b2d06000a25

cpu0: using only highest, current and lowest power states

cpu0: Enhanced SpeedStep 2000 MHz (1292 mV): speeds: 2200, 2000, 1200 MHz

pci0 at mainbus0 bus 0: configuration mode 1 (no bios)

pchb0 at pci0 dev 0 function 0 Intel GM965 Host rev 0x0c

vga1 at pci0 dev 2 function 0 Intel GM965 Video rev 0x0c

wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)

wsdisplay0: screen 1-5 added (80x25, vt100 emulation)

agp0 at vga1: aperture at 0xe000, size 0x1000

drm at vga1 unsupported

Intel GM965 Video rev 0x0c at pci0 dev 2 function 1 not configured

uhci0 at pci0 dev 26 function 0 Intel 82801H USB rev 0x02: irq 10

uhci1 at pci0 dev 26 function 1 Intel 82801H USB rev 0x02: irq 9

ehci0 at pci0 dev 26 function 7 Intel 82801H USB rev 0x02: irq 5

usb0 at ehci0: USB revision 2.0

uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1

azalia0 at pci0 dev 27 function 0 Intel 82801H HD Audio rev 0x02: irq 9

azalia0: codec[s]: Sigmatel/0x76a0, Conexant/0x2c06, using Sigmatel/0x76a0

audio0 at azalia0

ppb0 at pci0 dev 28 function 0 Intel 82801H PCIE rev 0x02: irq 11

pci1 at ppb0 bus 11

ppb1 at pci0 dev 28 function 1 Intel 82801H PCIE rev 0x02: irq 3

pci2 at ppb1 bus 12

wpi0 at pci2 dev 0 function 0 Intel PRO/Wireless 3945ABG rev 0x02: irq 3,
MoW2, address 00:1f:3c:bf:c0:9d

ppb2 at pci0 dev 28 function 5 Intel 82801H PCIE rev 0x02: irq 3

pci3 at ppb2 bus 9

bge0 at pci3 dev 0 function 0 Broadcom BCM5755M rev 0x02, BCM5755 A2
(0xa002): irq 3, address 00:1e:c9:23:04:f0

brgphy0 at bge0 phy 1: BCM5755 10/100/1000baseT PHY, rev. 0

uhci2 at pci0 dev 29 function 0 Intel 82801H USB rev 0x02: irq 10

uhci3 at pci0 dev 29 function 1 Intel 82801H USB rev 0x02: irq 9

uhci4 at pci0 dev 29 function 2 Intel 82801H USB rev 0x02: irq 5

ehci1 at pci0 dev 29 function 7 Intel 82801H USB rev 0x02: irq 10

usb1 at ehci1: USB revision 2.0

uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1

ppb3 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xf2

pci4 at ppb3 bus 3

cbb0 at pci4 dev 1 function 0 vendor O2 Micro, unknown product 0x7135 rev
0x21: irq 11

O2 Micro Firewire rev 0x02 at pci4 dev 1 function 4 not configured

cardslot0 at cbb0 slot 0 flags 0

cardbus0 at cardslot0: bus 4 device 0 cacheline 0x0, lattimer 0x20

pcmcia0 at cardslot0

ichpcib0 at pci0 dev 31 function 0 Intel 82801HBM LPC rev 0x02: PM disabled

pciide0 at pci0 dev 31 function 1 Intel 82801HBM IDE rev 0x02: DMA, channel
0 configured to compatibility, channel 1 configured to compatibility

atapiscsi0 at pciide0 channel 0 drive 0

scsibus0 at atapiscsi0: 2 targets, initiator 7

cd0 at scsibus0 targ 0 lun 0: HL-DT-ST, DVD+-RW GSA-T21N, A1R1 ATAPI 5/cdrom
removable

cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2

pciide0: channel 1 ignored (disabled)

pciide1 at pci0 dev 31 function 2 

Re: Can you subscribe to the PF mailing list? I can't

[Bob Beck]

* Cezary Morga c...@therek.net [2009-04-09 15:14]:
 Nick Guenther wrote:
  On Wed, Apr 8, 2009 at 12:31 PM, Bryan Irvine sparcta...@gmail.com wrote:
   The problem is that you can't use the pf mailing list from gmail.
  
   -Bryan
 
  Because people who use gmail aren't smart enough for PF? Because it's
  a free webmail provider and so a source of spam?

Don't think I've actually ever seen an honest to goodness *spam* sourced
from gmail.. Seen lots of stupid people...

 
 Because gmail doesn't resend e-mails from the same host the first delivery 
 attempt was made from. It fucks up spamd and every other greylisting app out 
 there. Of course it can be worked around, but it seems not everyone is 
 willing 
 to do so.


It's easy to work around if you put google's outbound mx blocks in 
nospamd table - 
which is what I do here. 

Not everyone is willing to try to find what those are of course.. 
google doesn't
make is easy.

-Bob

RES: Who runs OpenBSD with Adaptec ?

[Ricardo Augusto de Souza]

I sent dmesg of my notebook. Sorry.

OpenBSD 4.4 (rox) #0: Wed Apr  8 16:27:08 BRT 2009
r...@tux:/usr/sys/arch/i386/compile/rox
cpu0: Intel(R) Xeon(R) CPU E5405 @ 2.00GHz (GenuineIntel 686-class) 2
GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2
,CX16,xTPR
real mem  = 2952105984 (2815MB)
avail mem = 2856112128 (2723MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 01/29/09, BIOS32 rev. 0 @ 0xfd841,
SMBIOS rev. 2.4 @ 0xaffcee80 (86 entries)
bios0: vendor IBM version -[GFE143AUS-1.13]- date 01/29/2009
bios0: IBM IBM System x3550 -[7978B1U]-
acpi0 at bios0: rev 2
acpi0: tables DSDT FACP APIC SRAT HPET MCFG ERST
acpi0: wakeup devices PCI0(S5)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 19 (PCI6)
acpiprt1 at acpi0: bus 23 (PCIA)
acpiprt2 at acpi0: bus 1 (PCIS)
acpiprt3 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0
bios0: ROM list: 0xc/0xb000 0xcb000/0x1800 0xcc800/0x1800
0xce000/0x5000!
ipmi at mainbus0 not configured
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 5000X Host rev 0x31
ppb0 at pci0 dev 2 function 0 Intel 5000 PCIE x8 rev 0x31
pci1 at ppb0 bus 16
ppb1 at pci1 dev 0 function 0 Intel 6321ESB PCIE rev 0x01
pci2 at ppb1 bus 17
ppb2 at pci2 dev 0 function 0 Intel 6321ESB PCIE rev 0x01
pci3 at ppb2 bus 19
ppb3 at pci3 dev 0 function 0 vendor IDT, unknown product 0x8018 rev
0x04
pci4 at ppb3 bus 20
ppb4 at pci4 dev 0 function 0 vendor IDT, unknown product 0x8018 rev
0x04
pci5 at ppb4 bus 21
em0 at pci5 dev 0 function 0 Intel PRO/1000 QP (82571EB) rev 0x06: irq
3, address 00:15:17:7b:9a:b0
em1 at pci5 dev 0 function 1 Intel PRO/1000 QP (82571EB) rev 0x06: irq
10, address 00:15:17:7b:9a:b1
ppb5 at pci4 dev 1 function 0 vendor IDT, unknown product 0x8018 rev
0x04
pci6 at ppb5 bus 22
em2 at pci6 dev 0 function 0 Intel PRO/1000 QP (82571EB) rev 0x06: irq
10, address 00:15:17:7b:9a:b2
em3 at pci6 dev 0 function 1 Intel PRO/1000 QP (82571EB) rev 0x06: irq
7, address 00:15:17:7b:9a:b3
ppb6 at pci2 dev 1 function 0 Intel 6321ESB PCIE rev 0x01
pci7 at ppb6 bus 18
ppb7 at pci1 dev 0 function 3 Intel 6321ESB PCIE-PCIX rev 0x01
pci8 at ppb7 bus 23
ppb8 at pci0 dev 3 function 0 Intel 5000 PCIE rev 0x31
pci9 at ppb8 bus 35
ppb9 at pci0 dev 4 function 0 Intel 5000 PCIE x8 rev 0x31
pci10 at ppb9 bus 7
ppb10 at pci10 dev 0 function 0 vendor IDT, unknown product 0x8018 rev
0x04
pci11 at ppb10 bus 8
ppb11 at pci11 dev 0 function 0 vendor IDT, unknown product 0x8018 rev
0x04
pci12 at ppb11 bus 9
em4 at pci12 dev 0 function 0 Intel PRO/1000 QP (82571EB) rev 0x06:
irq 7, address 00:15:17:7b:be:f0
em5 at pci12 dev 0 function 1 Intel PRO/1000 QP (82571EB) rev 0x06:
irq 3, address 00:15:17:7b:be:f1
ppb12 at pci11 dev 1 function 0 vendor IDT, unknown product 0x8018 rev
0x04
pci13 at ppb12 bus 10
em6 at pci13 dev 0 function 0 Intel PRO/1000 QP (82571EB) rev 0x06:
irq 3, address 00:15:17:7b:be:f2
em7 at pci13 dev 0 function 1 Intel PRO/1000 QP (82571EB) rev 0x06:
irq 10, address 00:15:17:7b:be:f3
ppb13 at pci0 dev 5 function 0 Intel 5000 PCIE rev 0x31
pci14 at ppb13 bus 34
ppb14 at pci0 dev 6 function 0 Intel 5000 PCIE rev 0x31
pci15 at ppb14 bus 3
ppb15 at pci15 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc3
pci16 at ppb15 bus 4
bnx0 at pci16 dev 0 function 0 Broadcom BCM5708 rev 0x12: irq 7
ppb16 at pci0 dev 7 function 0 Intel 5000 PCIE rev 0x31
pci17 at ppb16 bus 2
Adaptec ASR-2120S rev 0x02 at pci17 dev 0 function 0 not configured
Intel I/OAT rev 0x31 at pci0 dev 8 function 0 not configured
pchb1 at pci0 dev 16 function 0 Intel 5000 Error Reporting rev 0x31
pchb2 at pci0 dev 16 function 1 Intel 5000 Error Reporting rev 0x31
pchb3 at pci0 dev 16 function 2 Intel 5000 Error Reporting rev 0x31
pchb4 at pci0 dev 17 function 0 Intel 5000 Reserved rev 0x31
pchb5 at pci0 dev 19 function 0 Intel 5000 Reserved rev 0x31
pchb6 at pci0 dev 21 function 0 Intel 5000 FBD rev 0x31
pchb7 at pci0 dev 22 function 0 Intel 5000 FBD rev 0x31
ppb17 at pci0 dev 28 function 0 Intel 6321ESB PCIE rev 0x09
pci18 at ppb17 bus 5
ppb18 at pci18 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc3
pci19 at ppb18 bus 6
bnx1 at pci19 dev 0 function 0 Broadcom BCM5708 rev 0x12: irq 3
uhci0 at pci0 dev 29 function 0 Intel 6321ESB USB rev 0x09: irq 5
uhci1 at pci0 dev 29 function 1 Intel 6321ESB USB rev 0x09: irq 11
uhci2 at pci0 dev 29 function 2 Intel 6321ESB USB rev 0x09: irq 5
ehci0 at pci0 dev 29 function 7 Intel 6321ESB USB rev 0x09: irq 5
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb19 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xd9
pci20 at ppb19 bus 1
vga1 at pci20 dev 1 function 0 ATI ES1000 rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
drm at vga1 unsupported
ichpcib0 at pci0 dev 31 function 0 

Re: Can you subscribe to the PF mailing list? I can't

[Matthew Dempsky]

On Thu, Apr 9, 2009 at 2:35 PM, Bob Beck b...@obtuse.com wrote:
It's easy to work around if you put google's outbound mx blocks in
nospamd table -
 which is what I do here.

Not everyone is willing to try to find what those are of course..
google doesn't
 make is easy.

Is this not a complete list?

$ host -t txt _spf.google.com | tr ' ' '\012' | sed -n 's/^ip4://p'
216.239.32.0/19
64.233.160.0/19
66.249.80.0/20
72.14.192.0/18
209.85.128.0/17
66.102.0.0/20
74.125.0.0/16
64.18.0.0/20
207.126.144.0/20

Re: donation

[Ingo Schwarze]

Hi misc@,

some days ago, i publicly asked Wim to tell me what he did with the
donation i sent him via IBAN for the OpenBSD project, whether he kept
it or whether he passed it on to the project, see the posting included
below.  On his website
  http://accounting.kd85.com/
you can still read, at the time of the present posting:

 Now Theo claims *I* kept donation money while all of it was
 transferred to his German IBAN account.  [...]
 All donations that came in (IBAN transfer and credit card)
 were transferred to Theo and I have all the transaction receipts. 

The posting cited below started a private communication involving Wim
and myself and consisting of several mails.  Since it was a private
communication, i'm not going to publish any details, but i feel that i
should provide a rough summary to the list, regarding the central
question where the particular donation money went that i sent via IBAN
to Belgium in October 2007.

Wim first told me that he still kept those 2.000 EUR on one of his bank
accounts in Belgium; later he claimed that he had already sent those
2.000 EUR to Theo; and finally, he sent 2.120 EUR back to me, that is the
full amount of the donation plus 4% interest for one and a half years.
Those 2.120 EUR arrived on my bank account today.  I have already
forwarded those 2.120 EUR to the official OpenBSD donations account
in Munich, where they belong, even though they're now 18 months late
to fund the p2k7 hackathon in Hungary.

Even though i repeatedly asked for bank statements of the donations
account, the only bank statement Wim has shown to me is the bank
statement regarding the refund of the 2.120 EUR on April 7, 2009.
By the way, even though i sent the donation to a private, non-business
donations account, account holder OpenBSD, the refund arrived from a
business account, account holder kd85.com, actually the very account i
have been paying my OpenBSD CDs and T-Shirts to during the last few years.
One can only speculate what this might mean, but two possible explanations
could perhaps be:
 - Wim might have mixed donation money into his kd85.com business money.
   or
 - Wim might have kept the donation money privately and might now pay
   the refunds out of company money in order to force bankruptcy
   of kd85.com.  That might seem useful in order to avoid paying
   company debts.
Again, this is purely speculative, there could as well be different,
harmless explanations.  Unfortunately, i am forced to speculate because
Wim so far refuses to show anybody any bank statements of the donations
account.  To understand better whether kd85.com is flourishing or
whether he is rather trying to run the business into the ground, it
might help to study the kd85.com balance sheets published on the web.

The only thing i definitely know is that the web site says he sent all
donations to the project, that he then switched his explanations three
times in a row and finally sent my donation back to me.  As i have seen
no bank statements, i'm not sure about donations given by other people,
but i see little evidence that anybody else, including Wim, fully
understands what happened to all those donations he collected.

Thus, everybody who ever gave or sent Wim any donation to be transferred
to the OpenBSD project, whether by bank transfer or whether given in
cash, for example at a booth on a conference, should consider asking Wim
for a refund plus interest, and then transfer the total amount either to
the official OpenBSD donations account in Munich, run by Theo de Raadt,
see www.openbsd.org, or to the OpenBSD Foundation,
see www.openbsdfoundation.org.  Given the way Wim is currently handling
the donations, this appears to be the only way to quickly get your
donation to the project right now.  At least it worked for me.

Please do not ask for refunds of credit card donations.  Those have
always been processed in a completely transparent way by The Computer
Shop of Calgary and passed to Theo, who has been spending them on the
OpenBSD project, as no doubt you hoped when you gave them.

When asking Wim for a refund, be sure to Cc: dera...@openbsd.org
such that Theo knows what's being discussed.  When transferring
the refund to the donations account in Munich, state in the
reference text when and by which means the original donation
had been transferred to Wim, and when and by which means it was
refunded.

Yours,
  Ingo

- Forwarded message from Ingo Schwarze schwa...@usta.de -

From: Ingo Schwarze schwa...@usta.de
Sender: owner-m...@openbsd.org
Date: Sat, 4 Apr 2009 00:35:54 +0200
To: Wim Vandeputte w...@kd85.com
Cc: misc@openbsd.org, wim.vandepu...@gmail.com
Subject: Re: donation

Hello Wim,

on October 4, 2007, i sent a substantial donation to your former OpenBSD
donations bank account

  BIC:KREDBEBB
  IBAN:   BE93 7370 1774 3767
  Account holder: OpenBSD  (not kd85.com)
  Reference text: Donation to OpenBSD; Keep up the good work...

Four days later, i received your 

Re: Can you subscribe to the PF mailing list? I can't

[Alexander Hall]

Bob Beck wrote:
 Because gmail doesn't resend e-mails from the same host the first delivery 
 attempt was made from. It fucks up spamd and every other greylisting app out 
 there. Of course it can be worked around, but it seems not everyone is 
 willing 
 to do so.
 
 
   It's easy to work around if you put google's outbound mx blocks in 
 nospamd table - 
 which is what I do here. 
 
   Not everyone is willing to try to find what those are of course.. 
 google doesn't
 make is easy.

Well they do have spf dns records that I use to whitelist them...
Updated daily in case things change.

Currently:

$ spf_white google.com
### google.com ###
216.239.32.0/19
64.233.160.0/19
66.249.80.0/20
72.14.192.0/18
209.85.128.0/17
66.102.0.0/20
74.125.0.0/16
64.18.0.0/20
207.126.144.0/20

/Alexander

Re: Can you subscribe to the PF mailing list? I can't

[jmc]

--- Bob Beck [Thu, Apr 09, 2009 at 03:35:36PM -0600]: --- 
 * Cezary Morga c...@therek.net [2009-04-09 15:14]:
  Nick Guenther wrote:
   On Wed, Apr 8, 2009 at 12:31 PM, Bryan Irvine sparcta...@gmail.com 
   wrote:
The problem is that you can't use the pf mailing list from gmail.
   
-Bryan
  
   Because people who use gmail aren't smart enough for PF? Because it's
   a free webmail provider and so a source of spam?
 
   Don't think I've actually ever seen an honest to goodness *spam* sourced
 from gmail.. Seen lots of stupid people...
 
  
  Because gmail doesn't resend e-mails from the same host the first delivery 
  attempt was made from. It fucks up spamd and every other greylisting app 
  out 
  there. Of course it can be worked around, but it seems not everyone is 
  willing 
  to do so.
 
 
   It's easy to work around if you put google's outbound mx blocks in 
 nospamd table - 
 which is what I do here. 

this is exactly what i have done as well. it's been talked about before,
there's some good scripts to crib from in the archives to assist you.

one could also use the info at http://www.dnswl.org/ (someone here
pointed me to that recently). i think it's rather a shotgun approach to
apply it blindly, but there are good data there to start from.

one could also use the info at http://www.dnswl.org/ (someone here
pointed me to that recently). i think it's rather a shotgun approach to
apply it blindly, but there are good data there to start from.

[semi-OT] was: Re: I can't connect to Internet

[ropers]

2009/4/6 Mark - obsd list m...@nerdish.us:
 I sure hope this is just a troll. He has written OpenBSD in just about
 every way that won't work and is ignoring everyone telling him repeatedly
 that he has to capitalize BSD.

I'm actually a little bit sympathetic towards people not copping on to
the fact that capitalization matters with the URL's path here. Why,
you ask?

OT-rant
Because URL design is just not very self-consistent:

- The host name part is case-insensitive.
- The path and/or rest of a URL is frequently case-sensitive.

Ouch!

- The host name notation is least-significant-part first.
- The path notation is most-significant-part first.

Argh!

Throw in a ? and  and  and almost everything goes -- and the URL has
gotten too long for many users to remember and reliably retype.

FAIL!

Oh, and the #anchors are probably case-sensitive again.

*sadtrombone*

Ironically, one of the few ways to sort of fix this is to be very
rich and use Windows. No, really. You'd burn a huge pile of cash and
apply for your own tld ( and I do mean *T*ld, cf.
http://tech.slashdot.org/tech/08/06/26/1814205.shtml ), and then you'd
use a web server with a case-insensitive file system. AFAIK the most
common one of those is IIS (and if that doesn't scare you...)
The result: http://oneworddomainname/case/insensitive/path/

Ha-ha-only-serious. ;-/

/OT-rant

regards,
--ropers

PS: Yes, yes, I know, there's Apache's mod_speling.c; don't tell me.
And yes, contrary to what is says in this FAQ [
http://httpd.apache.org/docs/1.3/misc/FAQ-H.html#rewrite-nocase ],
Unix *can* deal with case-insensitive file systems, and you probably
*could* mount one of those on /var/www, but anyway, the first step is
admitting that you have a problem.

Hi, I'm ropers, and I'm a webmaster.

PPS: On a less OT note: Just out of curiosity and for shits and
giggles: Can anyone suggest a decent and fast case-insensitive file
system for such and/or similar uses? Is there a way to make FFS
partitions case-insensitive? I'm not talking about partitions that the
OS would be installed on; I'm just asking about partitions that could
be mounted at /var/www or wherever.

Re: Who runs OpenBSD with Adaptec ?

[Eduardo Alvarenga]

you have to use aac driver from 4.5+ for you controller to work.

http://www.openbsd.org/plus.html
(look for aac)


Regards,

2009/4/9 Ricardo Augusto de Souza ricardo.so...@cmtsp.com.br

 I sent dmesg of my notebook. Sorry.

 OpenBSD 4.4 (rox) #0: Wed Apr  8 16:27:08 BRT 2009
r...@tux:/usr/sys/arch/i386/compile/rox
 cpu0: Intel(R) Xeon(R) CPU E5405 @ 2.00GHz (GenuineIntel 686-class) 2
 GHz
 cpu0:
 FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
 CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2
 ,CX16,xTPR
 real mem  = 2952105984 (2815MB)
 avail mem = 2856112128 (2723MB)
 mainbus0 at root
 bios0 at mainbus0: AT/286+ BIOS, date 01/29/09, BIOS32 rev. 0 @ 0xfd841,
 SMBIOS rev. 2.4 @ 0xaffcee80 (86 entries)
 bios0: vendor IBM version -[GFE143AUS-1.13]- date 01/29/2009
 bios0: IBM IBM System x3550 -[7978B1U]-
 acpi0 at bios0: rev 2
 acpi0: tables DSDT FACP APIC SRAT HPET MCFG ERST
 acpi0: wakeup devices PCI0(S5)
 acpitimer0 at acpi0: 3579545 Hz, 24 bits
 acpihpet0 at acpi0: 14318179 Hz
 acpiprt0 at acpi0: bus 19 (PCI6)
 acpiprt1 at acpi0: bus 23 (PCIA)
 acpiprt2 at acpi0: bus 1 (PCIS)
 acpiprt3 at acpi0: bus 0 (PCI0)
 acpicpu0 at acpi0
 bios0: ROM list: 0xc/0xb000 0xcb000/0x1800 0xcc800/0x1800
 0xce000/0x5000!
 ipmi at mainbus0 not configured
 cpu0 at mainbus0
 pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
 pchb0 at pci0 dev 0 function 0 Intel 5000X Host rev 0x31
 ppb0 at pci0 dev 2 function 0 Intel 5000 PCIE x8 rev 0x31
 pci1 at ppb0 bus 16
 ppb1 at pci1 dev 0 function 0 Intel 6321ESB PCIE rev 0x01
 pci2 at ppb1 bus 17
 ppb2 at pci2 dev 0 function 0 Intel 6321ESB PCIE rev 0x01
 pci3 at ppb2 bus 19
 ppb3 at pci3 dev 0 function 0 vendor IDT, unknown product 0x8018 rev
 0x04
 pci4 at ppb3 bus 20
 ppb4 at pci4 dev 0 function 0 vendor IDT, unknown product 0x8018 rev
 0x04
 pci5 at ppb4 bus 21
 em0 at pci5 dev 0 function 0 Intel PRO/1000 QP (82571EB) rev 0x06: irq
 3, address 00:15:17:7b:9a:b0
 em1 at pci5 dev 0 function 1 Intel PRO/1000 QP (82571EB) rev 0x06: irq
 10, address 00:15:17:7b:9a:b1
 ppb5 at pci4 dev 1 function 0 vendor IDT, unknown product 0x8018 rev
 0x04
 pci6 at ppb5 bus 22
 em2 at pci6 dev 0 function 0 Intel PRO/1000 QP (82571EB) rev 0x06: irq
 10, address 00:15:17:7b:9a:b2
 em3 at pci6 dev 0 function 1 Intel PRO/1000 QP (82571EB) rev 0x06: irq
 7, address 00:15:17:7b:9a:b3
 ppb6 at pci2 dev 1 function 0 Intel 6321ESB PCIE rev 0x01
 pci7 at ppb6 bus 18
 ppb7 at pci1 dev 0 function 3 Intel 6321ESB PCIE-PCIX rev 0x01
 pci8 at ppb7 bus 23
 ppb8 at pci0 dev 3 function 0 Intel 5000 PCIE rev 0x31
 pci9 at ppb8 bus 35
 ppb9 at pci0 dev 4 function 0 Intel 5000 PCIE x8 rev 0x31
 pci10 at ppb9 bus 7
 ppb10 at pci10 dev 0 function 0 vendor IDT, unknown product 0x8018 rev
 0x04
 pci11 at ppb10 bus 8
 ppb11 at pci11 dev 0 function 0 vendor IDT, unknown product 0x8018 rev
 0x04
 pci12 at ppb11 bus 9
 em4 at pci12 dev 0 function 0 Intel PRO/1000 QP (82571EB) rev 0x06:
 irq 7, address 00:15:17:7b:be:f0
 em5 at pci12 dev 0 function 1 Intel PRO/1000 QP (82571EB) rev 0x06:
 irq 3, address 00:15:17:7b:be:f1
 ppb12 at pci11 dev 1 function 0 vendor IDT, unknown product 0x8018 rev
 0x04
 pci13 at ppb12 bus 10
 em6 at pci13 dev 0 function 0 Intel PRO/1000 QP (82571EB) rev 0x06:
 irq 3, address 00:15:17:7b:be:f2
 em7 at pci13 dev 0 function 1 Intel PRO/1000 QP (82571EB) rev 0x06:
 irq 10, address 00:15:17:7b:be:f3
 ppb13 at pci0 dev 5 function 0 Intel 5000 PCIE rev 0x31
 pci14 at ppb13 bus 34
 ppb14 at pci0 dev 6 function 0 Intel 5000 PCIE rev 0x31
 pci15 at ppb14 bus 3
 ppb15 at pci15 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc3
 pci16 at ppb15 bus 4
 bnx0 at pci16 dev 0 function 0 Broadcom BCM5708 rev 0x12: irq 7
 ppb16 at pci0 dev 7 function 0 Intel 5000 PCIE rev 0x31
 pci17 at ppb16 bus 2
 Adaptec ASR-2120S rev 0x02 at pci17 dev 0 function 0 not configured
 Intel I/OAT rev 0x31 at pci0 dev 8 function 0 not configured
 pchb1 at pci0 dev 16 function 0 Intel 5000 Error Reporting rev 0x31
 pchb2 at pci0 dev 16 function 1 Intel 5000 Error Reporting rev 0x31
 pchb3 at pci0 dev 16 function 2 Intel 5000 Error Reporting rev 0x31
 pchb4 at pci0 dev 17 function 0 Intel 5000 Reserved rev 0x31
 pchb5 at pci0 dev 19 function 0 Intel 5000 Reserved rev 0x31
 pchb6 at pci0 dev 21 function 0 Intel 5000 FBD rev 0x31
 pchb7 at pci0 dev 22 function 0 Intel 5000 FBD rev 0x31
 ppb17 at pci0 dev 28 function 0 Intel 6321ESB PCIE rev 0x09
 pci18 at ppb17 bus 5
 ppb18 at pci18 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc3
 pci19 at ppb18 bus 6
 bnx1 at pci19 dev 0 function 0 Broadcom BCM5708 rev 0x12: irq 3
 uhci0 at pci0 dev 29 function 0 Intel 6321ESB USB rev 0x09: irq 5
 uhci1 at pci0 dev 29 function 1 Intel 6321ESB USB rev 0x09: irq 11
 uhci2 at pci0 dev 29 function 2 Intel 6321ESB USB rev 0x09: irq 5
 ehci0 at pci0 dev 29 function 7 Intel 6321ESB USB rev 0x09: irq 5
 usb0 at ehci0: USB revision 2.0
 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
 ppb19 at pci0 

Re: donation

[Michiel van Baak]

On 23:54, Thu 09 Apr 09, Ingo Schwarze wrote:
 Hi misc@,
 
 some days ago, i publicly asked Wim to tell me what he did with the
 donation i sent him via IBAN for the OpenBSD project, whether he kept
 it or whether he passed it on to the project, see the posting included
 below.  On his website
   http://accounting.kd85.com/
 you can still read, at the time of the present posting:
 
  Now Theo claims *I* kept donation money while all of it was
  transferred to his German IBAN account.  [...]
  All donations that came in (IBAN transfer and credit card)
  were transferred to Theo and I have all the transaction receipts. 
 
 The posting cited below started a private communication involving Wim
 and myself and consisting of several mails.  Since it was a private
 communication, i'm not going to publish any details, but i feel that i
 should provide a rough summary to the list, regarding the central
 question where the particular donation money went that i sent via IBAN
 to Belgium in October 2007.
 
 Wim first told me that he still kept those 2.000 EUR on one of his bank
 accounts in Belgium; later he claimed that he had already sent those
 2.000 EUR to Theo; and finally, he sent 2.120 EUR back to me, that is the
 full amount of the donation plus 4% interest for one and a half years.
 Those 2.120 EUR arrived on my bank account today.  I have already
 forwarded those 2.120 EUR to the official OpenBSD donations account
 in Munich, where they belong, even though they're now 18 months late
 to fund the p2k7 hackathon in Hungary.
 
 Even though i repeatedly asked for bank statements of the donations
 account, the only bank statement Wim has shown to me is the bank
 statement regarding the refund of the 2.120 EUR on April 7, 2009.
 By the way, even though i sent the donation to a private, non-business
 donations account, account holder OpenBSD, the refund arrived from a
 business account, account holder kd85.com, actually the very account i
 have been paying my OpenBSD CDs and T-Shirts to during the last few years.
 One can only speculate what this might mean, but two possible explanations
 could perhaps be:
  - Wim might have mixed donation money into his kd85.com business money.
or
  - Wim might have kept the donation money privately and might now pay
the refunds out of company money in order to force bankruptcy
of kd85.com.  That might seem useful in order to avoid paying
company debts.
 Again, this is purely speculative, there could as well be different,
 harmless explanations.  Unfortunately, i am forced to speculate because
 Wim so far refuses to show anybody any bank statements of the donations
 account.  To understand better whether kd85.com is flourishing or
 whether he is rather trying to run the business into the ground, it
 might help to study the kd85.com balance sheets published on the web.
 
 The only thing i definitely know is that the web site says he sent all
 donations to the project, that he then switched his explanations three
 times in a row and finally sent my donation back to me.  As i have seen
 no bank statements, i'm not sure about donations given by other people,
 but i see little evidence that anybody else, including Wim, fully
 understands what happened to all those donations he collected.
 
 Thus, everybody who ever gave or sent Wim any donation to be transferred
 to the OpenBSD project, whether by bank transfer or whether given in
 cash, for example at a booth on a conference, should consider asking Wim
 for a refund plus interest, and then transfer the total amount either to
 the official OpenBSD donations account in Munich, run by Theo de Raadt,
 see www.openbsd.org, or to the OpenBSD Foundation,
 see www.openbsdfoundation.org.  Given the way Wim is currently handling
 the donations, this appears to be the only way to quickly get your
 donation to the project right now.  At least it worked for me.
 
 Please do not ask for refunds of credit card donations.  Those have
 always been processed in a completely transparent way by The Computer
 Shop of Calgary and passed to Theo, who has been spending them on the
 OpenBSD project, as no doubt you hoped when you gave them.
 
 When asking Wim for a refund, be sure to Cc: dera...@openbsd.org
 such that Theo knows what's being discussed.  When transferring
 the refund to the donations account in Munich, state in the
 reference text when and by which means the original donation
 had been transferred to Wim, and when and by which means it was
 refunded.

while this might be true for you, I have a totally different experience.
I also saw some info about donation money and some receipts that show
very clearly the money went to theo.

My main problem is that I can see money flowing from the middle-man to
theo, but dont see where the money is spent from there.
I know it's none of my business because donations go to the project and
theo is the one to decide but I cannot tell if it went into a bigass car
for theo or into hardware for 

Re: Can you subscribe to the PF mailing list? I can't

[Daniel Ouellet]

jmc wrote:
--- Bob Beck [Thu, Apr 09, 2009 at 03:35:36PM -0600]: --- 

* Cezary Morga c...@therek.net [2009-04-09 15:14]:

Nick Guenther wrote:

On Wed, Apr 8, 2009 at 12:31 PM, Bryan Irvine sparcta...@gmail.com wrote:

The problem is that you can't use the pf mailing list from gmail.

-Bryan

Because people who use gmail aren't smart enough for PF? Because it's
a free webmail provider and so a source of spam?

Don't think I've actually ever seen an honest to goodness *spam* sourced
from gmail.. Seen lots of stupid people...

Because gmail doesn't resend e-mails from the same host the first delivery 
attempt was made from. It fucks up spamd and every other greylisting app out 
there. Of course it can be worked around, but it seems not everyone is willing 
to do so.


	It's easy to work around if you put google's outbound mx blocks in nospamd table - 
which is what I do here. 


this is exactly what i have done as well. it's been talked about before,
there's some good scripts to crib from in the archives to assist you.

one could also use the info at http://www.dnswl.org/ (someone here
pointed me to that recently). i think it's rather a shotgun approach to
apply it blindly, but there are good data there to start from.

one could also use the info at http://www.dnswl.org/ (someone here
pointed me to that recently). i think it's rather a shotgun approach to
apply it blindly, but there are good data there to start from.



Here is something that might help you.

I use it in a cronjob and update PF with it.

Not perfect and it could be improve, but it work as long as spf records 
are provided obviously.


It's really easy to use, just add the spf records in the list and run 
it. That's all there is to it and obviously, load it into your pf table 
as well when it's done.


You can change the $FILE path for what you setup, I use to keep it into 
/var/db, but then with a few changes that the project is doing, I may 
move the file to /etc/mail, witch most likely might be more logical ther 
in the first place.


After you ran it, you will get a nice looking file with what you need to 
just plug it into pf.


Hope it help you some anyway.

Best.

Daniel

===
#!/bin/sh
FILE=spamd-spf.txt

rm -f $FILE
touch $FILE

for domain in \
 aol.com \
 apple.com \
 amazon.com \
 gmx.net \
 _spf.google.com \
 spf-a.hotmail.com \
 spf-b.hotmail.com \
 spf-c.hotmail.com \
 spf-d.hotmail.com \
 _spf-a.microsoft.com \
 _spf-b.microsoft.com \
 _spf-c.microsoft.com \
 mynethost.com \
spf.postini.com

do
echo \#$domain  $FILE;
dig $domain TXT +short | tr \  \n | grep ^ip4: | cut -d: -f2  $FILE;
done

Re: donation

[Jacob Meuser]

On Fri, Apr 10, 2009 at 12:31:00AM +0200, Michiel van Baak wrote:

 My main problem is that I can see money flowing from the middle-man to
 theo, but dont see where the money is spent from there.
 I know it's none of my business because donations go to the project and
 theo is the one to decide but I cannot tell if it went into a bigass car
 for theo or into hardware for developers (replace car with
 house/food/bike/laptop/whatever)
 
 damn you, you made me make a statement like this in public.

I really don't understand.  people giving donations to OpenBSD presumably
use, or most likely, rely on OpenBSD.  OpenBSD comes out of Theo's
basement, literally.  do you read every line of code?  do you dissasemble
the binaries?  what I'm getting at is, you trust in Theo, or do you?
and if you care about what happens with the money once Theo gets it,
don't you care that Theo actually gets it?

 I'm very happy how stuff went with kd85 and I got info about what
 happened with my money and it's exactly as it was advertised on both the
 official openbsd website as on wim's website.
 
 Why send theo a CC if you have trouble with kd85 ?
 Are you also cc-ing theo if you have trouble with your local pizza joint
 because it takes you some time to get in touch with them personally so
 you cant spend that time on openbsd development ?

poor example.  here's a better, similar example.

in my city there is a restaurant delivery service.  they advertise
with the names, logos, and menus of local restaurants.  you place
an order with them, they forward it to the restaurant, pick it up
and deliver it to you.  now, if they would take your order and your
money, but never deliver your food, don't you think the restaurant
would want to know that a) they lost business and b) someone is using
their name to defraud people?

 If you have trouble with kd85 it's an issue between them and you, and
 noone cares cept you and kd85. 

huh?  the are donations are for OpenBSD, not kd85.  why is this hard
to understand?

 btw, did you call Wim ? Everytime I dail his number I get him on the
 phone and he's willing to explain stuff. Maybe you should try that as
 well. His number is listed on his website.

from what Ingo wrote, I think it would be a good idea to record those
calls.

 -- 
 
 Michiel van Baak
 mich...@vanbaak.eu
 http://michiel.vanbaak.eu
 GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x71C946BD
 
 Why is it drug addicts and computer aficionados are both called users?
 

-- 
jake...@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: donation

[Theo de Raadt]

 while this might be true for you, I have a totally different experience.
 I also saw some info about donation money and some receipts that show
 very clearly the money went to theo.

Then you must be really good friends with Wim, since I do not have any
of the information you claim to have seen.  He has not shown me the
books for donations coming in, or donation money going out.  He has
not provided a transaction log.  The donations are not visible.

What I have seen, though, is a list of about a hundred transactions
(with receipts) which he has invoiced to the Computer Shop as credit
against his debt for past CD bulk purchases by KD85.

This means that those expenses cannot be billed against something
else, like donation money.

If he is now charging every single European expense which I authorized
to the Computer Shop, then where is the donation money which was
received from Europeans?

Do you understand basic accounting?  If he is asking the Computer Shop
to pay for those things, then obviously the donations did not pay for
them.  Do you understand?

His web page mentions his car and the kilometers it drove and the gas
it burned and the hotels he stayed in.  All of which was his choice --
to go to events to sell things.  None of those expenses were
authorized against the Computer Shop's component of the CD sales, or
against the OpenBSD donations.  He sold Soekris hardware at those
events.  That was his business, his choice to go, on margins we made
very sweet compared to what other sellers get.  He has no email which
shows me approving those expenses against OpenBSD donations; nor does
he have email which shows the Computer Shop approving those expenses
against money owed for bulk CD purchasing.


 My main problem is that I can see money flowing from the middle-man to
 theo, but dont see where the money is spent from there.

I only have two transfers out of all European donations ever made.

They are 1000 EUR and 2402.48 EUR (this latter is said to be a closing
of the donation account).  Both these transactions also came out of
the main KD85 corporate account, not out of the personal account that
contributions were made into.

There were also two 5000 EUR transactions mistakenly made by KD85 to
me for CDs he purchased from the Computer Shop -- and that money was
given to the Computer Shop, and thus paid in part against KD85's debt.
Computer Shop could give this back to me, but it would simply increase
KD85's debt to the Computer Shop since it means KD85 never paid for
OpenBSD 4.0 (or 4.1, I would need to check which it is).

So 3402.48 EUR for 10 years of European donations.  Does this seem
like it is reasonable to anyone here?  Over ten years, all of Europe
only donated an average of 28 EUR per month.  Does that seem even
possible?

And what happened to the donations Wim collected at the events he
attended?  Were those donations to OpenBSD as he said, or were they
donations to him?

So I don't see the money flowing to theo at all.  And that is why on
a regular basis we have to go to the mailing lists and ask for
additional donations to buy replacement hardware or what not.  I bet
enough money is missing that we would never have had to ask.

I have made it very clear what I have done with the donation money
over the years.  I've used it to pay for hackathons and other
development resources.


 I know it's none of my business because donations go to the project and
 theo is the one to decide but I cannot tell if it went into a bigass car
 for theo or into hardware for developers (replace car with
 house/food/bike/laptop/whatever)

You are right.  It is none of your business.

And certainly everyone knows that I don't drive around a top of the
line car like Wim does, heck, why do I need to drive at all when my
commute to work is 10 meters.  I also don't need to buy a house with
OpenBSD money since DARPA paid me enough back about 10 years ago so
that I could entirely pay off the 2 bedroom place.  Of course I nearly
ate cardboard at the time to make ends meet, but this because I knew I
was in for the long haul writing of software and giving it away and
probably not living a rich future so I wanted to get the mortgage out
of the way.

But you are right -- it really is none of your business what I do with
contributions given my way by people who want to see the project do well.


 I'm very happy how stuff went with kd85 and I got info about what
 happened with my money and it's exactly as it was advertised on both the
 official openbsd website as on wim's website.

You must be very good friends with Wim to believe that.

 btw, did you call Wim ? Everytime I dail his number I get him on the
 phone and he's willing to explain stuff. Maybe you should try that as
 well. His number is listed on his website.

Why should I phone Wim?  Noone needs trickly explanations.  We need to
see the books.

Re: Can you subscribe to the PF mailing list? I can't

[Ted Unangst]

On Thu, Apr 9, 2009 at 5:09 PM, Cezary Morga c...@therek.net wrote:
 Nick Guenther wrote:
 On Wed, Apr 8, 2009 at 12:31 PM, Bryan Irvine sparcta...@gmail.com wrote:
  The problem is that you can't use the pf mailing list from gmail.
 
  -Bryan

 Because people who use gmail aren't smart enough for PF? Because it's
 a free webmail provider and so a source of spam?

 Because gmail doesn't resend e-mails from the same host the first delivery
 attempt was made from. It fucks up spamd and every other greylisting app out
 there. Of course it can be worked around, but it seems not everyone is willing
 to do so.

That's not the problem here.

Re: donation

[William Chivers]

Theo,

You do not need to respond to these trolls. Sorry, TROLLS, I forgot, case 
sensitive.
Ignore them. Get on with hacking.
Most of us do not see any problem with you controlling the finances of obsd.

Bill


-
William J. Chivers
Lecturer in Information Technology
School of DCIT
Faculty of Science and Information Technology
University of Newcastle---Ourimbah Campus
PO Box 127, Ourimbah, NSW 2259
Australia
CRICOS Provider Number: 00109J 

phone:   +61 2 4349 4473
fax: +61 2 4349 4565
email:  william.chiv...@newcastle.edu.au
-
 Theo de Raadt dera...@cvs.openbsd.org 04/10/09 9:29 AM 
 while this might be true for you, I have a totally different experience.
 I also saw some info about donation money and some receipts that show
 very clearly the money went to theo.

Then you must be really good friends with Wim, since I do not have any
of the information you claim to have seen.  He has not shown me the
books for donations coming in, or donation money going out.  He has
not provided a transaction log.  The donations are not visible.

What I have seen, though, is a list of about a hundred transactions
(with receipts) which he has invoiced to the Computer Shop as credit
against his debt for past CD bulk purchases by KD85.

This means that those expenses cannot be billed against something
else, like donation money.

If he is now charging every single European expense which I authorized
to the Computer Shop, then where is the donation money which was
received from Europeans?

Do you understand basic accounting?  If he is asking the Computer Shop
to pay for those things, then obviously the donations did not pay for
them.  Do you understand?

His web page mentions his car and the kilometers it drove and the gas
it burned and the hotels he stayed in.  All of which was his choice --
to go to events to sell things.  None of those expenses were
authorized against the Computer Shop's component of the CD sales, or
against the OpenBSD donations.  He sold Soekris hardware at those
events.  That was his business, his choice to go, on margins we made
very sweet compared to what other sellers get.  He has no email which
shows me approving those expenses against OpenBSD donations; nor does
he have email which shows the Computer Shop approving those expenses
against money owed for bulk CD purchasing.


 My main problem is that I can see money flowing from the middle-man to
 theo, but dont see where the money is spent from there.

I only have two transfers out of all European donations ever made.

They are 1000 EUR and 2402.48 EUR (this latter is said to be a closing
of the donation account).  Both these transactions also came out of
the main KD85 corporate account, not out of the personal account that
contributions were made into.

There were also two 5000 EUR transactions mistakenly made by KD85 to
me for CDs he purchased from the Computer Shop -- and that money was
given to the Computer Shop, and thus paid in part against KD85's debt.
Computer Shop could give this back to me, but it would simply increase
KD85's debt to the Computer Shop since it means KD85 never paid for
OpenBSD 4.0 (or 4.1, I would need to check which it is).

So 3402.48 EUR for 10 years of European donations.  Does this seem
like it is reasonable to anyone here?  Over ten years, all of Europe
only donated an average of 28 EUR per month.  Does that seem even
possible?

And what happened to the donations Wim collected at the events he
attended?  Were those donations to OpenBSD as he said, or were they
donations to him?

So I don't see the money flowing to theo at all.  And that is why on
a regular basis we have to go to the mailing lists and ask for
additional donations to buy replacement hardware or what not.  I bet
enough money is missing that we would never have had to ask.

I have made it very clear what I have done with the donation money
over the years.  I've used it to pay for hackathons and other
development resources.


 I know it's none of my business because donations go to the project and
 theo is the one to decide but I cannot tell if it went into a bigass car
 for theo or into hardware for developers (replace car with
 house/food/bike/laptop/whatever)

You are right.  It is none of your business.

And certainly everyone knows that I don't drive around a top of the
line car like Wim does, heck, why do I need to drive at all when my
commute to work is 10 meters.  I also don't need to buy a house with
OpenBSD money since DARPA paid me enough back about 10 years ago so
that I could entirely pay off the 2 bedroom place.  Of course I nearly
ate cardboard at the time to make ends meet, but this because I knew I
was in for the long haul writing of software and giving it away and
probably not living a rich future so I wanted to get the mortgage out
of the way.

But you are right -- it really is none of your business what I do with
contributions given my way by 

friend check this out.

[eyclimited]

Hi friend, it's me, kathy. I just visited this web page,
and I wanted to share it with you.
Please click on this link below to see it:

https://paydotcom.com/r/10031/eyclimited/2374/

 - kathy

spam from chrooted CMSes

[Uwe Dippel]

I'm running postfix as MTA on a machine with several CMS, on a chrooted 
Apache.  Recently, there is a huge number of spam being sent from there, 
alas. When I scan the postfix-logs, all those come from 'root', meaning 
they don't come through port 25. I run OpenBSD with mini-sendmail, and 
now I wonder how I could find out from which CMS they are sent. Is there 
any chance to find out from which CMS they are sent?


Thanks,

Uwe

Re: spam from chrooted CMSes

[Todd T. Fries]

When dealing with web based submission, the best thing I have found is
to make sure the web based submission adds its own headers like what it
is and where the user came from and such so when diagnosing the problem
one can easily block based on that information. If there is an account
involved, you should include that info as well.

If you're really cracking this nut properly, you'd include heuristics
to temporarily block if too many messages are sent in a given time period,
and permanently block pending review if too many temporary blocks occur
within a given time period.

Thanks,
-- 
Todd Fries .. t...@fries.net

 _
| \  1.636.410.0632 (voice)
| Free Daemon Consulting, LLC \  1.405.227.9094 (voice)
| http://FreeDaemonConsulting.com \  1.866.792.3418 (FAX)
| ..in support of free software solutions.  \  250797 (FWD)
| \
 \\
 
  37E7 D3EB 74D0 8D66 A68D  B866 0326 204E 3F42 004A
http://todd.fries.net/pgp.txt

Penned by Uwe Dippel on 20090410  9:42.21, we have:
 I'm running postfix as MTA on a machine with several CMS, on a chrooted 
 Apache.  Recently, there is a huge number of spam being sent from there, 
 alas. When I scan the postfix-logs, all those come from 'root', meaning 
 they don't come through port 25. I run OpenBSD with mini-sendmail, and now 
 I wonder how I could find out from which CMS they are sent. Is there any 
 chance to find out from which CMS they are sent?

 Thanks,

 Uwe

Re: WAN links failover

[Yuri Spirin]

Jim Razmus wrote:
 * Yuri Spirin english.voo...@rambler.ru [090409 03:11]:
   
 I want to setup this two links to work in
 failover, i.e. to use Line A all the time (with Line B being idle),
 automatically switch to Line B when Line A is down and switch back when
 Line A is up again.
 

 man 4 trunk

   
I think it's definitely not trunk, because of two interfaces are
connected to two different subnets, i.e. em0 is 213.x.x.x and sk1 is
85.y.y.y. They are not connected to the same switch.

Actually, after some research I think about pf.conf with proper
route-to/reply-to statements plus ifstated(8) monitoring link status and
switching pf.conf files or reloading pf tables.

--
Yuri A. Spirin