INDEKS A.S. ÜRÜN GRUPLARI HAKKINDA

[İdol İnşaat ve Malzemeleri San . Tic . Ltd . Şti .]

[IMAGE]

Bu e-posta size BultenYonetim.com'dan onaylı olarak gvnderilmiştir.
B|ltenYonetim'den e-posta almak istemiyorsanız des...@bultenyonetim.com
'a boş bir mail gvnderebilirsiniz.
Rahatsizlik verdigimiz igin vz|r dileriz.
B|lten Yvnetimi bir Netport hizmetidir.

 T\RK SANAY]S]N]N D]NAM]ZM]...

 \r|nlerimiz, kampanyalar}m}z ve sektvr|m|z ile ilgili detayl} bilgi ve
haberlere ula~mak  igin l|tfen yenilenen web sayfam}z} ziyaret ediniz;
www.indeks.com.tr

JENERATOR
2 KVA - 3.500 KVA G|gleri aras}nda Jeneratvr, Ses ]zolasyon Kabinleri,
Rvmorklar ve Ayd}nlatma Setleri \retimleri, Sat}~ ve Servis Hizmetleri.

FORKLIFT]^ MAK]NELER]
INDEKS Marka forklift, ]~ Makinalar} ve Depolama Ekipmanlar} \retimleri,
Sat}~ ve Servis Hizmetleri. 
Ayr}ca;
D\NYADA ]LK VE TEK;
2.El Forklift Gruplar}nda gok uygun fiyatlarla, 2 y}l garantili Sat}~lar
!

AK\
Alman HOPPECKE ]~birlipi ]le; Traksiyoner ve Stasyoner Ak| \retimleri,
Sat}~ ve Servis Hizmetleri.

MAR]NE GRUP
5 - 33 Metre Motor Yat ve Tekne \retimi.

SAVUNMA SANAY]
Kara - Deniz ve Hava Kuvvetleri'ne Yvnelik \retim ve Projeler.

VZEL PROJELER
Elektrik Projeleri, Enerji Nakil Hatlar}, At}k Su Ar}tma Tesisleri, At}k
ve Gvp S}k}~t}rma Sistemleri, Ters Osmoz Sistemleri.

INDEKS A.S.

Adres

:

10037 Sok. A.O.S.B. 35580  Gigli/Izmir

Telefon

:

+90.232.328 19 80

Fax

:

+90.232.328 19 01

E-Posta

:

i...@indeks.com.tr

Web

:

www.indeks.com.tr

Re: VMWare vSphere with OpenBSD and carp

[Vadim Korschok]

 Marco Pfatschbacher m...@mailq.de 27.07.2009 19:02 
On Mon, Jul 27, 2009 at 04:01:39PM +0200, Vadim Korschok wrote:
  Marco Pfatschbacher m...@mailq.de 27.07.2009 11:35 
 Hmm,

 are you sure this is happening with OpenBSD?
 We solved that problem almost two years ago.
 Dunno if FreeBSD merged any of these changes...
 
 
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ip_carp.c?f=h#rev1.152

 The patch from Matthew is working under FreeBSD, but after the installation
from FreeBSD we found out that load balancing / carpnodes are not supported.
So we can not test same scenario under  FreeBSD. I've also tried to patch
OpenBSD without luck.

 The patch is not necessary for OpenBSD. We already detect such a
 loopback condition. So, to repeat my question: Are you seeing the same
 problems as you had with FreeBSD under OpenBSD?

I don't have any problemes in active/passive scenario.
So this problemes does not occur on OpenBSD.

Sorry and thanks.

 I don't know VMWare too well, but I remember that their multicast
 handling was somehow funny.
 I would start without using load balancing.
 Only if everything works as expected without, you can try turning it on.

 However, there's no guarantee that ``balancing ip'' will work
 with that virtual vmware switch. But I'm too lazy to explain why :)
 Carp IP-Balancing has some known limitations (which I really should've
 added to the manpage): It was meant to balance servers, not pf(4)
 firewalls. Although it works for pf(4), the performance you gain isn't
 that high and there are issues if you're using any kind of NAT.

 HTH,

Marco

Tron

[Tom Van Looy]

Hi

Most of you have probably seen this getting posted on slashdot:
http://kingofgng.com/eng/2009/07/26/tron-legacy-exposed/

That's cool :-)

Kind regards,

tvl

Mimi UM-740 touchscreen for OpenBSD

[Edd Barrett]

Hello,

My friend is looking to use this small touchscreen for a project he is
doing. The model is: Mimo UM-740, which he was hoping would be attaching
to the udl(4) driver. Does anyone know if this screen is based on the
dl-120/dl-160 chipset?

I have attached a dmesg, the screen was plugged in to my thinkpad. As
you can see, the mouse and camera are happy, the display itself is not.

Thanks
-- 

Best Regards

Edd Barrett
(Freelance software developer / technical writer / open-source developer)

http://students.dec.bmth.ac.uk/ebarrett
OpenBSD 4.6 (GENERIC) #58: Thu Jul  9 21:24:42 MDT 2009
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) M processor 1700MHz (GenuineIntel 686-class) 1.70 
GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2
real mem  = 1072656384 (1022MB)
avail mem = 1028411392 (980MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/22/05, BIOS32 rev. 0 @ 0xfd750, SMBIOS 
rev. 2.33 @ 0xe0010 (57 entries)
bios0: vendor IBM version 1QET97WW (3.02 ) date 09/22/2005
bios0: IBM 2673W7Z
apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 100%
apm0: AC on, battery charge high
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdea0/272 (15 entries)
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00)
pcibios0: PCI bus #6 is the last bus
bios0: ROM list: 0xc/0x1 0xd/0x1000 0xd1000/0x1000 0xdc000/0x4000! 
0xe/0x1
cpu0 at mainbus0: (uniprocessor)
cpu0: Enhanced SpeedStep 1699 MHz: speeds: 1700, 1400, 1200, 1000, 800, 600 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
io address conflict 0x5800/0x8
io address conflict 0x5808/0x4
io address conflict 0x5810/0x8
io address conflict 0x580c/0x4
pchb0 at pci0 dev 0 function 0 Intel 82855PM Host rev 0x03
intelagp0 at pchb0
agp0 at intelagp0: aperture at 0xd000, size 0x1000
ppb0 at pci0 dev 1 function 0 Intel 82855PM AGP rev 0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M6 rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
radeondrm0 at vga1: irq 11
drm0 at radeondrm0
uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x01: irq 11
uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x01: irq 11
uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x01: irq 11
ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x01: irq 11
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x81
pci2 at ppb1 bus 2
mem address conflict 0xb000/0x1000
mem address conflict 0xb100/0x1000
cbb0 at pci2 dev 0 function 0 Ricoh 5C476 CardBus rev 0xaa: irq 11
cbb1 at pci2 dev 0 function 1 Ricoh 5C476 CardBus rev 0xaa: irq 11
Ricoh 5C552 Firewire rev 0x02 at pci2 dev 0 function 2 not configured
em0 at pci2 dev 1 function 0 Intel PRO/1000MT (82540EP) rev 0x03: irq 11, 
address 00:11:25:b1:32:43
ral0 at pci2 dev 2 function 0 Ralink RT2561S rev 0x00: irq 11, address 
00:12:0e:61:5b:74
ral0: MAC/BBP RT2561C, RF RT5225
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 3 device 0 cacheline 0x0, lattimer 0xb0
pcmcia0 at cardslot0
cardslot1 at cbb1 slot 1 flags 0
cardbus1 at cardslot1: bus 6 device 0 cacheline 0x0, lattimer 0xb0
pcmcia1 at cardslot1
ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x01: 24-bit timer 
at 3579545Hz
pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x01: DMA, channel 0 
configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: HTS726060M9AT00
wd0: 16-sector PIO, LBA, 57231MB, 117210240 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
pciide0: channel 1 disabled (no drives)
ichiic0 at pci0 dev 31 function 3 Intel 82801DB SMBus rev 0x01: irq 11
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 512MB DDR SDRAM non-parity PC2700CL2.5
spdmem1 at iic0 addr 0x51: 512MB DDR SDRAM non-parity PC2700CL2.5
auich0 at pci0 dev 31 function 5 Intel 82801DB AC97 rev 0x01: irq 11, ICH4 
AC97
ac97: codec id 0x41445374 (Analog Devices AD1981B)
ac97: codec features headphone, 20 bit DAC, No 3D Stereo
audio0 at auich0
Intel 82801DB Modem rev 0x01 at pci0 dev 31 function 6 not configured
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC 

Re: man pages conflict or clarification for mount_vnd, newfs and man 5 disklabel

[Marco Peereboom]

I tried reading this but after the 3rd empty sentence my brain stopped.
You are just way too awesome for me to be able to cope.

Now if you'll excuse I am going to write some code instead of having
meaningless debates.

Re: Microsoft mouse, ums and wsmouse

[Luis Useche]

So, What can I do to make this work? :)

Luis Useche
use...@gmail.com

On Sun, Jul 26, 2009 at 5:51 PM, Miod Vallatm...@online.fr wrote:
 Hello,

 I am new to OpenBSD and I was giving it a try by installing in my laptop. My
 problem is that my usb wireless mouse does not work on X or with wsmoused.
 From a message standpoint, everything seem normal. I got from dmesg:

 uhidev0 at uhub4 port 2 configuration 1 interface 0 Microsoft Microsoft
 Wireless Optical Mouse\M-. 1.00 rev 2.00/0.07 addr 2
 uhidev0: iclass 3/1, 23 report ids
 ums0 at uhidev0 reportid 17: 3 buttons, Z dir
 wsmouse1 at ums0 mux 0
 uhid0 at uhidev0 reportid 18: input=0, output=0, feature=1
 uhid1 at uhidev0 reportid 19: input=1, output=0, feature=0
 uhid2 at uhidev0 reportid 20: input=1, output=0, feature=0
 uhid3 at uhidev0 reportid 21: input=3, output=0, feature=0
 uhid4 at uhidev0 reportid 23: input=0, output=0, feature=1

 Which means that the mouse is detected and attached to the wsmouse driver as
 wsmouse1. However, it does not work at all. I have been looking all day
 for a solution with no success. At this point I am clueless.


 Sigh. Yet another Microsoft mouse with a botched report descriptor
 layout.

 I'm afraid that this device will not work under OpenBSD until enough
 information is found to make it work.

 Miod

Re: sensorsd strange tokens values

[Federico Giannici]

Constantine A. Murenin wrote:

On 27/07/2009, Federico Giannici giann...@neomedia.it wrote:

I'm using for the first time sensorsd to monitor RAID controller status and
motherboard temperature. A script of mine is called that sends me an email.
System is OpenBSD 4.4 amd64.

 The problem is the value of the %2 %3 and %4 tokens passed as arguments to
the command. I thought that they should be (in the same order): current
temperature, low limit and high limit as set in the sensorsd.conf file.

 Indeed here are the values I get:

 %2: 46.00
 %3: degC
 %4: 9223372036581.62

 The command I use is command=/path/scriptname %x %n %l %2 %3 %4.

 Is there some bug or I'm missing something?


%2 can never return 46.00 alone, what it must be returning is 46.00
degC.  Same goes for the rest of the tokens.

So perhaps the invocation of the script has to have some quotes around these.


You got it!!!

Thank you.


P.S.
Maybe the example in the man page could use the quotes so no other idiot 
like me spend time looking for whats wrong  :-)



--
___
__
   |-  giann...@neomedia.it
   |ederico Giannici  http://www.neomedia.it
___

Re: do newcomers need inspiration?

[Atle Kristensen]

 So now we can, perhaps, get back (if at all) to the man pages and what
 they are implying wrt original question.
 
 Leon.

Let me post this as a inspiration to others newcomers:
Feel free to add a patch/diff if you really feel that the manpages are not 
clear enought,
let me help you on that way: 

* download the src.tar.gz/sys.tar.gz (or the pages of their online source)
* look around and feel the code
* ask yourself why. what's your goal? what is your problem? what do you want it 
to do?
* buy books. I love books, and everbody should have The Design and 
  Implementation of the 4.4 BSD Operating System - including your grandmother.
  some of it is old and outdated and that's why it's important.
* pick out the files you want to change
* learn the basic stuff about groff/troff if you only want to edit manpages.
* it's always easy!, it's fun! and why aren't I sleeping?
* edit the file with your favorite editor
* diff -ruN 
* post it here and see the comments or be ignored.
* if it's necessary to change the code do all of it again.

I have readed the manpages several times and have never baffled at the wording. 


 'c' is a special partition that the kernel freely changes as the 
  
 mood hits it. A slight exaggeration. 
  
-- Kenneth R Westerback 26 July 2009 

OH MY GOD, NOW I UNDERSTAND WHY!!!

  I am, at this stage of conversation (if one can call it such), noting
  the difference (in my opinion) between implementation and definition

There is ALWAYS a difference while dealing with two languages:
code - specification/documentation. 

I you don't understand that difference clearly, I recommend you'll try code in 
Java
following a specification who are too restricted to help you 
choose the BEST way to reach your goal. ;)

-- 
# Atle Kristensen
Sono stati 50 anni di intensa attivita e di successi... 
Non si e mai finito di imparare e creare per dar corpo ai sogni.
 -- Ernesto Colnago

Re: Microsoft mouse, ums and wsmouse

[Miod Vallat]

  Sigh. Yet another Microsoft mouse with a botched report descriptor
  layout.
 
  I'm afraid that this device will not work under OpenBSD until enough
  information is found to make it work.
 
 This is weird. What do you mean by more information? I think I have
 been able to use this mouse under freebsd, netbsd and Linux. I am
 guessing all these OSes have code for this mouse.

Not exactly. All these systems have various workarounds to try and
support the various Microsoft mice. Unfortunately, every time they
introduce a new mouse model, the workarounds don't apply. Now that's
creative people, for sure: they always find new ways to be incompatible
with  the specification they contributed to.

Anyways, FreeBSD seems to have a new heuristic since a few month, which
might help. I'll try to give it a try soon.

In the meantime your mouse will not work under OpenBSD.

Miod

pkg_add update problem

[Jeremy Chase]

Is anyone else getting this? I updated to the latest snapshot and
tried to update my packages.

Snapshot:
OpenBSD 4.6-current (GENERIC) #85: Mon Jul 27 19:10:16 MDT 2009

I get this output for *many* packages I am trying to update:

stdc++.48.0: partial match in /usr/lib: major=49, minor=0 (bad major)
stdc++.48.0: partial match in /usr/lib: major=47, minor=0 (bad major)
Can't install enchant-1.4.2p1: lib not found stdc++.48.0


--
Jeremy Chase, N1JER
http://weatherfinder.info/

Re: pkg_add update problem

[Theo de Raadt]

 Is anyone else getting this? I updated to the latest snapshot and
 tried to update my packages.
 
 Snapshot:
 OpenBSD 4.6-current (GENERIC) #85: Mon Jul 27 19:10:16 MDT 2009
 
 I get this output for *many* packages I am trying to update:
 
 stdc++.48.0: partial match in /usr/lib: major=49, minor=0 (bad major)
 stdc++.48.0: partial match in /usr/lib: major=47, minor=0 (bad major)
 Can't install enchant-1.4.2p1: lib not found stdc++.48.0

Yeah, and you'll get that until the next generation of snapshot
packages come out.

Re: pkg_add update problem

[Robert]

On Tue, 28 Jul 2009 12:37:46 -0400
Jeremy Chase jeremych...@gmail.com wrote:

 Is anyone else getting this? I updated to the latest snapshot and
 tried to update my packages.
 
 Snapshot:
 OpenBSD 4.6-current (GENERIC) #85: Mon Jul 27 19:10:16 MDT 2009
 
 I get this output for *many* packages I am trying to update:
 
 stdc++.48.0: partial match in /usr/lib: major=49, minor=0 (bad major)
 stdc++.48.0: partial match in /usr/lib: major=47, minor=0 (bad major)
 Can't install enchant-1.4.2p1: lib not found stdc++.48.0
 
 
 --
 Jeremy Chase, N1JER
 http://weatherfinder.info/

Uhm, you are missing the 48 version for that lib.
Snapshots are newer than the available package build.
In this case the snapshot comes with 49.
The snap you had installed before came with 47.
So you missed 48.

The clean way is to wait for a new bulk package build or compile from
ports.
Following is bad advise because it might break stuff.
Lib bumps happen for a reason:
If you dont mind risking your luck link/copy 49 or 47 to 48.
This way the available packages will install.
(Worked for me a lot of times when i didn't have the lib on another
system. Just count me lucky.)

- Robert

Recreating lost+found directory ?

[stan]

I have a machine that had a hardware failure, and as a result the /var
partition got pretty trashed. I am in the process of building a newer machine
to replace this one, but I need to get this one to hobble along for a week
or 2.

Mostly I think I have done what I need to get things back working, but in
checking things over, I discovered that the /var/lost+found directory is
missing. I thought I remembered (perhaps from earlier *NIX'es) that there
was a shell script to create this directory, which, if memory serves,
should have lot's of empty slots in it's directory structure.

Or is this all old knowledge. Do modern filesystems not need a special way
of creating this directory?

-- 
One of the main causes of the fall of the roman empire was that, lacking
zero, they had no way to indicate successful termination of their C
programs.

No audio : did I miss something basic ?

[Jean-François SIMON]

Hi,

I am runing VLC under fvwm but could not have any sound.

Are things working by default or there might be something to tune in
general, or in my case ?

Thanks for help.

dmesg | grep audio
audio0 at emu0

$ audioctl
name=SB Live!
version=0x00
config=emuxki
encodings=ulinear:8,mulaw:8*,alaw:8*,slinear:8*,slinear_le:16,ulinear_le:16*,slinear_be:16*,ulinear_be:16*
properties=full_duplex,mmap,independent
full_duplex=0
fullduplex=0
blocksize=8192
hiwat=8
lowat=1
output_muted=0
monitor_gain=0
mode=
play.rate=48000
play.channels=2
play.precision=16
play.encoding=slinear_le
play.gain=255
play.balance=32
play.port=0x0
play.avail_ports=0x0
play.seek=0
play.samples=0
play.eof=0
play.pause=0
play.error=0
play.waiting=0
play.open=0
play.active=0
play.buffer_size=65536
play.block_size=8192
play.errors=0
record.rate=48000
record.channels=2
record.precision=16
record.encoding=slinear_le
record.gain=255
record.balance=32
record.port=0x1
record.avail_ports=0x7
record.seek=0
record.samples=0
record.eof=0
record.pause=0
record.error=0
record.waiting=0
record.open=0
record.active=0
record.buffer_size=65536
record.block_size=8192
record.errors=0

$
mixerctl

outputs.master=255,255
outputs.master.mute=off
outputs.mono=255
outputs.mono.mute=off
outputs.mono.source=mixerout
outputs.headphones=255,255
outputs.headphones.mute=on
inputs.speaker=255
inputs.speaker.mute=off
inputs.phone=191
inputs.phone.mute=on
inputs.mic=255
inputs.mic.mute=on
inputs.mic.preamp=off
inputs.mic.source=mic0
inputs.line=255,255
inputs.line.mute=on
inputs.cd=255,255
inputs.cd.mute=on
inputs.video=191,191
inputs.video.mute=on
inputs.aux=255,255
inputs.aux.mute=on
inputs.dac=255,255
inputs.dac.mute=off
record.source=mic
record.volume=255,255
record.volume.mute=off
outputs.spatial=off
outputs.spatial.center=0
outputs.spatial.depth=0
outputs.extamp=off

Re: spamdb: is it my eyes or do TRAPPED addresses still manage to get through?

[Peter N. M. Hansteen]

Renaud Allard ren...@allard.it writes:

 It happened to me also with servers with huge white/black lists. If
 it's happening for new connections, ensure that pf is configured with
 enough maximum table entries (set limit table-entries).

That's interesting.  Hitting table size limits would explain the
symptoms.  The blacklists we used were uatraps, nixspam and bsdly --
at the time we observed this, size about 60,000, 40,000 and 3000ish
respectively -- for a total of just over 100,000.  IIRC the greylist
had just grown to somewhat more than 100,000 too.  This with no
non-default settings with respect to tables.

All the best,
Peter
-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: spamdb: is it my eyes or do TRAPPED addresses still manage to get through?

[Renaud Allard]

On 7/24/09 3:03 PM, Peter N. M. Hansteen wrote:

setting up a new spamd plus various content filtering at a client site
we were kind of baffled to see that apparently manually setting an
address to TRAPPED with spamdb, ie

spamdb -a -t 211.49.57.32

for some reason seems porous, in that messages received from that IP
address still hits the content filter a few minutes after the manual
intervention.  I just wonder what it is I'm seeing here - spamdb
lookups cached or something?



It happened to me also with servers with huge white/black lists. If it's 
happening for new connections, ensure that pf is configured with enough 
maximum table entries (set limit table-entries).

Re: PF: 3 NICS. 1 WAN, 2 LAN. How to manage each LAN open ports individually?

[Andres Salazar]

Hello Jason,

Thank you for assisting me getting this together..

I do understand that translation happens before filtering (at least
think i do), what I dont understand is why the filtering is done with
pass in if traffic is actually going from within the int_if2 network
to the outside? Where is the traffic actually going in?

 pass in on $int_if2 inet proto udp from $int_if2:network to any \
   port 53

Thank you.

Andres

On Sun, Jul 26, 2009 at 6:36 PM, Jason Dixonja...@dixongroup.net wrote:
 On Sun, Jul 26, 2009 at 01:16:02PM -0500, Andres Salazar wrote:
 Hello Jason,

 I understood the purpose of allowing internet access for the firewall
 itself. However this is exactly where Iam still stuck.

 By doing this after our default block all:

 pass out on $ext_if inet proto { tcp udp } from ($ext_if) to any \
 port { 53 80 22 443 }

 Iam actually allowing it for both $int_if and $int_if2 , thus the
following
 port restriction rules are not getting evaluated.

 In an effort to simplify your ruleset I was guilty of forgetting that
 translation happens before filtering.  Here is a new version that
 filters on the internal interfaces.  Let me know if you have any
 questions.


 ext_if = re1
 int_if = re0
 int_if2 = re2

 set skip on lo

 scrub in

 nat on $ext_if inet proto { tcp udp } from $int_if:network to any \
   - ($ext_if)
 nat on $ext_if inet proto { tcp udp } from $int_if2:network to any \
   - ($ext_if)

 block all
 pass out on $ext_if

 pass in on $int_if inet proto tcp from $int_if:network to any \
   port { 53 80 }
 pass in on $int_if inet proto udp from $int_if:network to any \
   port 53
 pass in on $int_if2 inet proto tcp from $int_if2:network to any \
   port { 22 53 80 443 }
 pass in on $int_if2 inet proto udp from $int_if2:network to any \
   port 53


 --
 Jason Dixon
 DixonGroup Consulting
 http://www.dixongroup.net/

Re: PF: 3 NICS. 1 WAN, 2 LAN. How to manage each LAN open ports individually?

[Jason Dixon]

On Tue, Jul 28, 2009 at 06:10:26PM -0500, Andres Salazar wrote:
 Hello Jason,
 
 Thank you for assisting me getting this together..
 
 I do understand that translation happens before filtering (at least
 think i do), what I dont understand is why the filtering is done with
 pass in if traffic is actually going from within the int_if2 network
 to the outside? Where is the traffic actually going in?

PF filtering is done from the perspective of the firewall.  If you
imagine yourself as an inanimate object with a couple interfaces
allowing traffic inbound and outbound, you're there.  ;)

-- 
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net/

Re: PF: 3 NICS. 1 WAN, 2 LAN. How to manage each LAN open ports individually?

[James Records]

Andres,

I think the best way to understand it is to draw it out, lets say you have 2
interfaces em0 and em1,

Think of this (rough example of a really simple router setup):

Traffic  em1  em0  internet

Like this:
Traffic  (heading into em1) em1 (heading out of em1)  (heading into em0) 
em0 (heading out of em0)  internet

Does that make sense?

Or you can think of it as a room with two doors, entry and exit, you can
lock none/either/both of them if you want.


J

On Tue, Jul 28, 2009 at 4:19 PM, Jason Dixon ja...@dixongroup.net wrote:

 On Tue, Jul 28, 2009 at 06:10:26PM -0500, Andres Salazar wrote:
  Hello Jason,
 
  Thank you for assisting me getting this together..
 
  I do understand that translation happens before filtering (at least
  think i do), what I dont understand is why the filtering is done with
  pass in if traffic is actually going from within the int_if2 network
  to the outside? Where is the traffic actually going in?

 PF filtering is done from the perspective of the firewall.  If you
 imagine yourself as an inanimate object with a couple interfaces
 allowing traffic inbound and outbound, you're there.  ;)

 --
 Jason Dixon
 DixonGroup Consulting
 http://www.dixongroup.net/

bind 9.x DoS

[frantisek holop]

morning,

https://www.isc.org/node/474
http://www.kb.cert.org/vuls/id/725188

-f
-- 
if its stupid and it works - its not stupid

pf feature request

[irix]

Hello Misc,

  Maybe the public interested in the idea to add in the pf function
  query at slowing the transfer of data to tcp protocol ?
  To attempt to reduce the speed of the incoming flow without altq.
  This function is designed exclusively for the tcp protocol, and must work 
under the rfc.

  Can I suggest an example of rule

  pass in on $ ext_if proto tcp from $ inetrnet to any port ftp keep state 
tcprequester 5Mb

  When an incoming tcp stream reach in 5Mbit, pf starts to ask the remote side 
to reduce speed.
  But at the same time, no queues are not being built, and no packets are 
discarded.
  pf only generates requests to reduce the speed of the sending party.

-- 
Best regards,
 irix  mailto:i...@ukr.net

Re: bind 9.x DoS

[Brian Keefer]

On Jul 28, 2009, at 7:57 PM, frantisek holop wrote:


morning,

https://www.isc.org/node/474
http://www.kb.cert.org/vuls/id/725188

-f
--  
if its stupid and it works - its not stupid




Works great vs. this snapshot:
OpenBSD 4.6-current (GENERIC) #46: Wed Jul 15 20:15:31 MDT 2009
dera...@sparc64.openbsd.org:/usr/src/sys/arch/sparc64/compile/ 
GENERIC


It looks like none of the local patches mitigate it.

--
bk

Re: bind 9.x DoS

[Robert]

On Wed, 29 Jul 2009 04:57:29 +0200
frantisek holop min...@obiit.org wrote:

 morning,
 
 https://www.isc.org/node/474
 http://www.kb.cert.org/vuls/id/725188
 
 -f

Hi,

it's late/early so the following comes without warranty.
Compiles, install and works for me on -current amd64/i386 both on master
and slave servers. (Haven't gotten around to the 4.5 case yet, but
should apply there, too.)

- Robert

# cd /usr/src
# patch -p0  patch-file-found-below
# cd usr.sbin/bind
# make -f Makefile.bsd-wrapper
# make -f Makefile.bsd-warpper install

Index: usr.sbin/bind/bin/named/update.c
===
RCS file: /cvs/src/usr.sbin/bind/bin/named/update.c,v
retrieving revision 1.7
diff -u -p -r1.7 update.c
--- usr.sbin/bind/bin/named/update.c9 Dec 2007 13:39:42 -   1.7
+++ usr.sbin/bind/bin/named/update.c29 Jul 2009 02:34:11 -
@@ -861,7 +861,11 @@ temp_check(isc_mem_t *mctx, dns_diff_t *
if (type == dns_rdatatype_rrsig ||
type == dns_rdatatype_sig)
covers = dns_rdata_covers(t-rdata);
-   else
+   else if (type == dns_rdatatype_any) {
+   dns_db_detachnode(db, node);
+   dns_diff_clear(trash);
+   return (DNS_R_NXRRSET);
+   } else
covers = 0;
 
/*

Re: No audio : did I miss something basic ?

[Chris Bennett]

What are you trying to get sound from?
Try turning off the mutes that are on.

mixerctl inputs.cd.mute=off   for example.

also, try   cdio cdplay, with a music cd (This is pure digital and 
gives better quality than cdio play)


also, add to .profile:
pgrep -x aucat || aucat -l  (someone please correct this for me if 
it has changed more recently)


If this isn't enough, please post a full dmesg, if you have another 
sound system that is integrated into motherboard, you can also have problems



inputs.cd.mute=onJean-Frangois SIMON wrote:


Hi,

I am runing VLC under fvwm but could not have any sound.

Are things working by default or there might be something to tune in
general, or in my case ?

Thanks for help.

dmesg | grep audio
audio0 at emu0

$ audioctl
name=SB Live!
version=0x00
config=emuxki
encodings=ulinear:8,mulaw:8*,alaw:8*,slinear:8*,slinear_le:16,ulinear_le:16*,slinear_be:16*,ulinear_be:16*
properties=full_duplex,mmap,independent
full_duplex=0
fullduplex=0
blocksize=8192
hiwat=8
lowat=1
output_muted=0
monitor_gain=0
mode=
play.rate=48000
play.channels=2
play.precision=16
play.encoding=slinear_le
play.gain=255
play.balance=32
play.port=0x0
play.avail_ports=0x0
play.seek=0
play.samples=0
play.eof=0
play.pause=0
play.error=0
play.waiting=0
play.open=0
play.active=0
play.buffer_size=65536
play.block_size=8192
play.errors=0
record.rate=48000
record.channels=2
record.precision=16
record.encoding=slinear_le
record.gain=255
record.balance=32
record.port=0x1
record.avail_ports=0x7
record.seek=0
record.samples=0
record.eof=0
record.pause=0
record.error=0
record.waiting=0
record.open=0
record.active=0
record.buffer_size=65536
record.block_size=8192
record.errors=0

$
mixerctl

outputs.master=255,255
outputs.master.mute=off
outputs.mono=255
outputs.mono.mute=off
outputs.mono.source=mixerout
outputs.headphones=255,255
outputs.headphones.mute=on
inputs.speaker=255
inputs.speaker.mute=off
inputs.phone=191
inputs.phone.mute=on
inputs.mic=255
inputs.mic.mute=on
inputs.mic.preamp=off
inputs.mic.source=mic0
inputs.line=255,255
inputs.line.mute=on
inputs.cd=255,255
inputs.cd.mute=on
inputs.video=191,191
inputs.video.mute=on
inputs.aux=255,255
inputs.aux.mute=on
inputs.dac=255,255
inputs.dac.mute=off
record.source=mic
record.volume=255,255
record.volume.mute=off
outputs.spatial=off
outputs.spatial.center=0
outputs.spatial.depth=0
outputs.extamp=off

mount point busy, can't find process holding it

[frantisek holop]

hi there,

amaaq$ uname -a
OpenBSD amaaq 4.6 GENERIC#29 i386

amaaq$ sudo fstat /adata
USER CMD  PID   FD MOUNTINUM MODE   R/WSZ|DV NAME

amaaq$ sudo umount /adata/
umount: /adata: Device busy

what are my other choices hunting down the process that makes
the mount point busy?

-f
-- 
doubt is the beginning of wisdom

Re: mount point busy, can't find process holding it

[patrick keshishian]

On Tue, Jul 28, 2009 at 9:06 PM, frantisek holopmin...@obiit.org wrote:
 hi there,

 amaaq$ uname -a
 OpenBSD amaaq 4.6 GENERIC#29 i386

 amaaq$ sudo fstat /adata
 USER CMD  PID   FD MOUNTINUM MODE   R/WSZ|DV
NAME

 amaaq$ sudo umount /adata/
 umount: /adata: Device busy

 what are my other choices hunting down the process that makes
 the mount point busy?

you are not sitting in that directory? pwd?

--patrick

IBM 8183 thinkcentre Compact flash

[Steve]

Hi All,

Trying to install 4.5 release onto a compact flash on one of these machines.
After a clean install and reboot the message

ERR R is displayed and no further progress.

I hold down the shift key while booting to force CHS mode. Everything works
fine.

I can find no option in the bios to assist with this problem. The bios has
been upgraded and is up to date.

Is there a way to force this setting by default.

I found reference to a force_chs flag but can't find how to change it.

Thanks



  

Access Yahoo!7 Mail on your mobile. Anytime. Anywhere.
Show
me how: http://au.mobile.yahoo.com/mail

Re: mount point busy, can't find process holding it

[Aaron Mason]

Type pwd, make sure you're not in it.  Do the same for any terminals
you have accessing that machine.

On 7/29/09, frantisek holop min...@obiit.org wrote:
 hi there,

 amaaq$ uname -a
 OpenBSD amaaq 4.6 GENERIC#29 i386

 amaaq$ sudo fstat /adata
 USER CMD  PID   FD MOUNTINUM MODE   R/WSZ|DV NAME

 amaaq$ sudo umount /adata/
 umount: /adata: Device busy

 what are my other choices hunting down the process that makes
 the mount point busy?

 -f
 --
 doubt is the beginning of wisdom




-- 
Aaron Mason - Programmer, open source addict
- Oh, why does everything I whip leave me?

Re: mount point busy, can't find process holding it

[frantisek holop]

hmm, on Wed, Jul 29, 2009 at 02:18:56PM +1000, Aaron Mason said that
 Type pwd, make sure you're not in it.  Do the same for any terminals
 you have accessing that machine.

no, i am not there.  i closed all the shells too.

but that would show up in fstat anyway:

amaaq$ cd /adata/
amaaq$ fstat /adata/
USER CMD  PID   FD MOUNTINUM MODE   R/WSZ|DV NAME
ffstat   3434   wd /adata  2 drwxr-xr-x   r  512 /adata/
fksh31362   wd /adata  2 drwxr-xr-x   r  512 /adata/

btw. /adata is a usb flash device:

umass0 at uhub0 port 2 configuration 1 interface 0 USB 2.0 USB Flash Drive 
rev 2.00/1.00 addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: USB 2.0, USB Flash Drive, 0.00 SCSI2 0/direct 
removable
sd0: 15424MB, 512 bytes/sec, 31588352 sec total

-f
-- 
senility means never having to drink just to forget.

Re: bind 9.x DoS

[Brian Keefer]

On Jul 28, 2009, at 8:40 PM, Robert wrote:


On Wed, 29 Jul 2009 04:57:29 +0200
frantisek holop min...@obiit.org wrote:


morning,

https://www.isc.org/node/474
http://www.kb.cert.org/vuls/id/725188

-f


Hi,

it's late/early so the following comes without warranty.
Compiles, install and works for me on -current amd64/i386 both on  
master

and slave servers. (Haven't gotten around to the 4.5 case yet, but
should apply there, too.)

- Robert


Confirmed working on -current/sparc64

Jul 28 21:35:15 imhotep named[12351]: client 172.22.2.26#36681: view  
int: updating zone '0.0.127.in-addr.arpa/IN': update unsuccessful:  
1.0.0.127.in-addr.arpa/ANY: 'RRset exists (value dependent)'  
prerequisite not satisfied (NXRRSET)




--
bk

Re: do newcomers need inspiration?

[leon zadorin]

On 7/29/09, Atle Kristensen a...@bluezone.no wrote:

  I am, at this stage of conversation (if one can call it such), noting
  the difference (in my opinion) between implementation and definition

 There is ALWAYS a difference while dealing with two languages:
 code - specification/documentation.

Sure, I agree.

But that does not mean that:

1) there is such a thing as specification/documentation and it is
not always the code itself (otherwise you would not be able to even
have a statement of 'code - spec' differences).

2) having a difference between the code - standard does not imply
an abandonment of further attempts towards a greater alignment with
the aforementioned standard.

In fact, I think all would agree on that (and this is why I was trying
to reiterate that we are speaking of pretty much the same stuff, only
differing in terms).

leon.

Re: do newcomers need inspiration?

[leon zadorin]

On 7/29/09, leon zadorin leonleo...@gmail.com wrote:
 On 7/29/09, Atle Kristensen a...@bluezone.no wrote:

  I am, at this stage of conversation (if one can call it such), noting
  the difference (in my opinion) between implementation and definition

 There is ALWAYS a difference while dealing with two languages:
 code - specification/documentation.

 Sure, I agree.

 But that does not mean that:

my bad -- typo,  the above line meant to be:

But it does mean that:


 1) there is such a thing as specification/documentation and it is
 not always the code itself (otherwise you would not be able to even
 have a statement of 'code - spec' differences).

 2) having a difference between the code - standard does not imply
 an abandonment of further attempts towards a greater alignment with
 the aforementioned standard.

 In fact, I think all would agree on that (and this is why I was trying
 to reiterate that we are speaking of pretty much the same stuff, only
 differing in terms).

 leon.

Re: bind 9.x DoS

[Robert]

Short followup:

Theo has commited an identical diff to -current.

Looking at the cvs tags for update.c rev 1.7,
this patch applies to 4.6, 4.5, 4.4 and 4.3.

Because i was asked offlist before:
You can wait for the errata, apply the unofficial patch from my
previous mail or get the updated file from the cvs server.
# /usr/src/usr.sbin/bind/bin/named
# opencvs -d anon...@anoncvs.openbsd.org:/cvs up update.c
Jut omit the -r tag for this file you would usually use if you are not
running -current.
Using your favorite mirror make sure it has synced the file already.
# sha1 update.c
SHA1 (update.c) = f201a39077a0c304f04f81461f70fe8a06a54c87

- Robert

Re: mount point busy, can't find process holding it

[Brynet]

Hi,

I've never had this problem before.. but according to the man page,
you can forcefully remove the mount using.. your signature.. '-f'.

If this fails, unplug the USB cable or power down the drive..
detaching it from the system.

HTH.

-Brynet

Re: do newcomers need inspiration?

[Rod Whitworth]

On Wed, 29 Jul 2009 14:44:55 +1000, leon zadorin wrote:

Heaps of crap.
--

You should have read http://www.openbsd.org/mail.html
where it says:Do not cross-post or repeat post 
Posting the same message to multiple lists and/or multiple times does
not increase the likelihood of getting a useful response, but is likely
to irritate the people you want to help you. If you didn't get a
satisfactory response the first time you posted to an appropriate list,
it is usually because you provided insufficient or unclear information.
Don't simply repost the same message.

Now stop cross-posting you ignorant weed.
Further mail from you /dev/null

*** NOTE *** Please DO NOT CC me. I am subscribed to the list.
Mail to the sender address that does not originate at the list server is 
tarpitted. The reply-to: address is provided for those who feel compelled to 
reply off list. Thankyou.

Rod/
/earth: write failed, file system is full
cp: /earth/creatures: No space left on device

Re: No audio : did I miss something basic ?

[Jean-François SIMON]

Yes I have a sound card on the MB but seems not to be discovered.
Sound out from VLC and mplayer, which do not show any error about sound,
however I tried any jack of the MB and Sound Blaster card but no sound at
all ?

Full dmesg :

$ dmesg
OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: AMD Sempron(tm) Processor LE-1200 (AuthenticAMD 686-class, 512KB L2
cache) 2.01 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,MMX,FXSR,SSE,SSE2,SSE3,CX16
real mem  = 1039429632 (991MB)
avail mem = 996581376 (950MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/11/08, BIOS32 rev. 0 @ 0xf0010,
SMBIOS rev. 2.5 @ 0xfc520 (22 entries)
bios0: vendor American Megatrends Inc. version P1.00 date 09/11/2008
apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 0%
apm0: AC off, battery charge unknown, estimated 0:00 hours
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 3.0 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf44b0/400 (23 entries)
pcibios0: no compatible PCI ICU found: ICU vendor 0x10de product 0x0548
pcibios0: PCI bus #8 is the last bus
bios0: ROM list: 0xc/0xea00
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
NVIDIA MCP67 Memory rev 0xa2 at pci0 dev 0 function 0 not configured
pcib0 at pci0 dev 1 function 0 NVIDIA MCP67 Host rev 0xa2
nviic0 at pci0 dev 1 function 1 NVIDIA MCP67 SMBus rev 0xa2
iic0 at nviic0
spdmem0 at iic0 addr 0x51: 1GB DDR2 SDRAM non-parity PC2-5300CL5
iic1 at nviic0
vendor NVIDIA, unknown product 0x0543 (class processor subclass
Co-processor, rev 0xa2) at pci0 dev 1 function 3 not configured
ohci0 at pci0 dev 2 function 0 NVIDIA MCP67 USB rev 0xa2: irq 11, version
1.0, legacy support
ehci0 at pci0 dev 2 function 1 NVIDIA MCP67 USB rev 0xa2: irq 10
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 NVIDIA EHCI root hub rev 2.00/1.00 addr 1
ohci1 at pci0 dev 4 function 0 NVIDIA MCP67 USB rev 0xa2: irq 10, version
1.0, legacy support
ehci1 at pci0 dev 4 function 1 NVIDIA MCP67 USB rev 0xa2: irq 10
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 NVIDIA EHCI root hub rev 2.00/1.00 addr 1
pciide0 at pci0 dev 6 function 0 NVIDIA MCP67 IDE rev 0xa1: DMA, channel 0
configured to compatibility, channel 1 configured to compatibility
pciide0: channel 0 disabled (no drives)
pciide0: channel 1 ignored (disabled)
ppb0 at pci0 dev 8 function 0 NVIDIA MCP67 PCI rev 0xa2
pci1 at ppb0 bus 1
re0 at pci1 dev 8 function 0 D-Link Systems DGE-528T rev 0x10:
RTL8169/8110SB (0x1000), irq 10, address 00:22:b0:bd:32:61
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 3
emu0 at pci1 dev 10 function 0 Creative Labs SoundBlaster Audigy 2 rev
0x00: irq 10
ac97: codec id 0x83847650 (SigmaTel STAC9750/51)
ac97: codec features headphone, 20 bit DAC, 20 bit ADC, SigmaTel 3D
audio0 at emu0
pciide1 at pci0 dev 9 function 0 NVIDIA MCP67 SATA rev 0xa2: DMA
pciide1: using irq 15 for native-PCI interrupt
wd0 at pciide1 channel 0 drive 0: Veritech SSD 2009-01
wd0: 1-sector PIO, LBA48, 30800MB, 63078400 sectors
wd1 at pciide1 channel 0 drive 1: SAMSUNG HD103UJ
wd1: 16-sector PIO, LBA48, 953869MB, 1953525168 sectors
wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5
wd1(pciide1:0:1): using PIO mode 4, Ultra-DMA mode 5
wd2 at pciide1 channel 1 drive 1: MAXTOR STM3160215AS
wd2: 16-sector PIO, LBA48, 152627MB, 312581808 sectors
wd2(pciide1:1:1): using PIO mode 4, Ultra-DMA mode 5
nfe0 at pci0 dev 10 function 0 NVIDIA MCP67 LAN rev 0xa2: irq 10, address
00:19:66:97:0d:31
rgephy1 at nfe0 phy 3: RTL8169S/8110S PHY, rev. 2
ppb1 at pci0 dev 11 function 0 vendor NVIDIA, unknown product 0x0562 rev
0xa2
pci2 at ppb1 bus 2
ppb2 at pci0 dev 12 function 0 NVIDIA MCP67 PCIE rev 0xa2
pci3 at ppb2 bus 3
ppb3 at pci0 dev 13 function 0 NVIDIA MCP67 PCIE rev 0xa2
pci4 at ppb3 bus 4
ppb4 at pci0 dev 14 function 0 NVIDIA MCP67 PCIE rev 0xa2
pci5 at ppb4 bus 5
ppb5 at pci0 dev 15 function 0 NVIDIA MCP67 PCIE rev 0xa2
pci6 at ppb5 bus 6
ppb6 at pci0 dev 16 function 0 NVIDIA MCP67 PCIE rev 0xa2
pci7 at ppb6 bus 7
ppb7 at pci0 dev 17 function 0 NVIDIA MCP67 PCIE rev 0xa2
pci8 at ppb7 bus 8
vga1 at pci0 dev 18 function 0 vendor NVIDIA, unknown product 0x053b rev
0xa2
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
drm at vga1 unsupported
pchb0 at pci0 dev 24 function 0 AMD AMD64 0Fh HyperTransport rev 0x00
pchb1 at pci0 dev 24 function 1 AMD AMD64 0Fh Address Map rev 0x00
pchb2 at pci0 dev 24 function 2 AMD AMD64 0Fh DRAM Cfg rev 0x00
kate0 at pci0 dev 24 function 3 AMD AMD64 0Fh Misc Cfg rev 0x00: core rev
DH-G1
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0