Re: CVS problems OpenBSD 4.5
On Mon, Nov 16, 2009 at 08:23:40PM -0600, alv...@dydnetworks.com wrote: 1) with cvsroot=anon...@anga.funkfeuer.at:/cvs # cvs -d$CVSROOT up -rOPENBSD_4_5 -Pd ssh_exchange_identification: Connection closed by remote host cvs [update aborted]: end of file from server (consult above messages if any) Remote host closed the connection for whatever reason. 2) with cvsroot=anon...@anoncvs.de.openbsd.org:/cvs Since version 1.303 of the anoncvs.html file (2009/08/19 12:47:10), this server is not listed anymore. So pick up another one from http://www.openbsd.org/anoncvs.html#CVSROOT -- Olivier Cherrier mailto:o...@symacx.com
Re: help please, my real memory is disappearing
MK pub...@kubikcz.net writes: 1. Is it normal that memory is not freed after I kill ftpd daemon? yes. because the ftp daemon didn't allocate it. 2. Is it normal ftpd can take about 800MB of real memory while serving GET requests? (only 1 client is able to consume that portion of memory) If you serve 800MB of file data through ftpd then yes. 3. Is it normal that this memory seems to be lost from the system? yes. The keyword here is seems. The memory is used for caching the file contents in case you decide to read those files again. It's reused for more useful things when it's needed. //art
YENİ HOBİNİZİ KEŞFEDİN
Yeni Sayfa 1 Ana Sayfa Mapazam}z Yeni \r|nler Markalar}m}z Hakk}m}zda Bize Ula~}n KATAGOR]LER Haval} Silahlar PaintBall Silahlar Tabanca T|fek Harbileri Optikler Fener ve Projektvrler Metal Temizleme ve Bak}m Yaplar} AirSoft amp; PaintBall Av B}gaklar} Diana Yedek Parga Elektronik Gak}lar Yandan Paralaksl} D|rb|nler Kampg}l}k PCP T|fekler Vnden Paralaksl} D|rb|nler B}gaklar Pistonlu T|fekler Holosight PCP Silahlar CO2 Tabancalar Dampa Ayaklar Pistonlu Silahlar Multipump Tabancalar ]ki Pargal} Ayaklar CO2 Silahlar PCP ve Diper Pompalar PaintBall Tabancalar} Multipump Silahlar PCP Dolum Aparatlar} Sabit Av B}gaklar} Silah Aksesuarlar} Markaya Vzel Aksesuarlar Set B}gaklar Sagmalar (Pelletler) Silah ^arjvrleri Haval} silah Sagmalar} (misket) Silah Teknik Yedek Parga Silah D|rb|nleri Silah D|rb|n Ayaklar} Temizlik ve Bak}m \r|nleri Haval} silah Peletleri (para~|t) Namlu ucu Moderatvrler MARKALAR AirArms Beretta Diana Haendler amp; Natermann Rvhm Square Tasco Bauer Bushnell FX airguns Smith amp; Wesson Jansen Tippmann Walther Benjamin Crosman Gamo Megaline Sprayway Weihrauch Zeiss Katresu Av ve Spor Malzemeleri San. Tic. A.^. Vi~ne1 Mah. Garantikoza gar~}s} H1 Blok No:2 Zekeriyakvy - Sar}yer / ]stanbul T|rkiye Telefon : +90 212 202 99 30 Fax : +90 212 202 97 93 Ana Sayfa Mapazam}z Yeni \r|nler Markalar}m}z Hakk}m}zda Bize Ula~}n Listeden G}kmak igin b...@listedencikar.com adresine quot;G}karquot; ba~l}kl} Bo~ bir e-posta gvnderiniz
Re: help please, my real memory is disappearing
alternatively you could run/spawn ftpd from inetd, which will presumably mean that all the resources will be 'returned' as soon as the connection closes. However significant performance hit on a busy ftp server. /Pete On 17. nov.. 2009, at 10.25, Artur Grabowski wrote: MK pub...@kubikcz.net writes: 1. Is it normal that memory is not freed after I kill ftpd daemon? yes. because the ftp daemon didn't allocate it. 2. Is it normal ftpd can take about 800MB of real memory while serving GET requests? (only 1 client is able to consume that portion of memory) If you serve 800MB of file data through ftpd then yes. 3. Is it normal that this memory seems to be lost from the system? yes. The keyword here is seems. The memory is used for caching the file contents in case you decide to read those files again. It's reused for more useful things when it's needed. //art Pete Vickers p...@systemnet.no | +47 48 17 91 00 SystemNet AS
Re: CVS problems OpenBSD 4.5
Alvaro Mantilla Gimenez wrote: Hi, Today I was trying to update my /usr/src files (as usual) and I got this errors: 1) with cvsroot=anon...@anga.funkfeuer.at:/cvs Me too I had intermittent problem with that server in the last weeks 2) with cvsroot=anon...@anoncvs.de.openbsd.org:/cvs The authenticity of host 'anoncvs.de.openbsd.org (131.188.40.91)' can't be established. RSA key fingerprint is bc:8e:dd:84:2d:6a:ed:6d:33:e7:46:d9:83:00:1b:ff. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'anoncvs.de.openbsd.org,131.188.40.91' (RSA) to the list of known hosts. anon...@anoncvs.de.openbsd.org's password: That server went down, was removed from the list, then they are in the process of putting it up again, they have changed their RSA fingerprint probably because they reinstalled the OS. Since the stoppage was notified on the list, when the server will be back again you will see it on the web page and on the list. To me, in Italy, the nearest after anga.funkeuer.at is ftp.wu-wien.ac.at... -- Mauro Rezzonico ma...@ch23.org, Como, Italia Maybe this world is another planet's hell - H.Huxley
Программа Quick Cash Secret Banking System (QCSBS)
Opncp`ll` Quick Cash Secret Banking System (QCSBS) nrjpner B`l j`j kec`k|mn onksw`r| dnund nr l`knhgbeqrmni bmsrpemmei qk`anqrh a`mjnbqjni qhqrel{, opnqrn nrjp{b Qoevh`k|m{i Qwer H OPNBND_ EFEDMEBMN nd...@qnbs^ k...@k\ms^ a...@mjnbqjs^ r...@mg@JVH^, m...@und_q\ B K^ANI RNWJE GELMNCN x...@p@ , B{ qlnfere g`p`a`r{b`r| $1000 b medek~! Ondpnamnqrh b bknfemm{u t`ik`u. G`j`g{ nrop`bkr| m` cashbank...@ukr.net This material and its codes are protected by copyright 1999/2000. Any unauthorized reproduction in any form is expressly forbidden unless permission is granted in writing by Maychic Corp., New York, NY and Media Dynamics Group, Portland, Oregon D`mmne ohq|ln q...@lnl me bkerq! Nok`wem` p`qq{kj`. [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of =?WINDOWS-1251?Q?=CA=C0=CA_=CB=C5=C3=C0=CB=DC=CD=CE_=DD=CA=D1=CF...Q?=C8=D1=D2=C5=CC=DB.12620DEFANGED-doc?=] [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of =?WINDOWS-1251?Q?=CA=C0=CA_=CE=D2=CA=D0=DB=D2=DC_=D1=CF=C5=D6=C8...-1251?Q?=DE_=CD=C5=C4=C5=CB=DE.12620DEFANGED-doc?=] [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of =?WINDOWS-1251?Q?=CF=F0=E5=E8=EC=F3=F9=E5=F1=F2=E2=E0.12620DEFANGED-doc?=] [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of =?WINDOWS-1251?Q?=D3=F1=EB=EE=E2=E8=FF_=EF=F0=EE=E4=E0=E6=E8.12620DEFANGED-doc?=] [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of =?WINDOWS-1251?Q?=C7=C0=CC=C5=D7=C0=CD=C8=C5.12620DEFANGED-doc?=] [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of FAQ.12620DEFANGED-doc]
Re: help please, my real memory is disappearing
On Tue, Nov 17, 2009 at 12:28 PM, Pete Vickers p...@systemnet.no wrote: alternatively you could run/spawn ftpd from inetd, which will presumably mean that all the resources will be 'returned' as soon as the connection closes. However significant performance hit on a busy ftp server. this is not what art@'s said. this memory has not been allocated by ftpd.
Re: help please, my real memory is disappearing
No. It will not solve any problem (ignoring that there was no problem in the first place). //art Pete Vickers p...@systemnet.no writes: alternatively you could run/spawn ftpd from inetd, which will presumably mean that all the resources will be 'returned' as soon as the connection closes. However significant performance hit on a busy ftp server. /Pete On 17. nov.. 2009, at 10.25, Artur Grabowski wrote: MK pub...@kubikcz.net writes: 1. Is it normal that memory is not freed after I kill ftpd daemon? yes. because the ftp daemon didn't allocate it. 2. Is it normal ftpd can take about 800MB of real memory while serving GET requests? (only 1 client is able to consume that portion of memory) If you serve 800MB of file data through ftpd then yes. 3. Is it normal that this memory seems to be lost from the system? yes. The keyword here is seems. The memory is used for caching the file contents in case you decide to read those files again. It's reused for more useful things when it's needed. //art Pete Vickers p...@systemnet.no | +47 48 17 91 00 SystemNet AS
Please use this to convert people to OpenBSD
Dear friends, People have the mistaken idea that OpenBSD is meant for the creme de la creme or the privileged crowd. That is absolutely and patently false. OpenBSD has all the elements of true UNIX. We are very friendly but we are choosy about who our friends are. ;) Anyway jokes aside, kindly download this image http://liveusb-openbsd.sf.net and read this article. http://linuxjournal.com/article/9787 I have configured mplayer OSD menus in the stick image. You can run this and show to disbelieving Linux or *buntu enthusiasts. Guess what? You can even convert Windoze folks. Mplayer is that sexy. Try it. -Girish -- Gayatri Hitech web: http://gayatri-hitech.com SpamCheetah Spam filter: http://spam-cheetah.com
Demande De Virement De Solde Sur Votre Compte Bancaire
Bonjour Dans le cadre de nos mesures de sC)curitC), nous contrC4lons rC)guliC(rement les activitC)s en cours dans le systC(me PayPal. Nous vous avons rC)cemment contactC) C la suite d'un problC(me sur votre compte PayPal Des informations vous ont C)tC) demandC)es pour le motif suivant : Notre systC(me a dC)tectC) des dC)bits inhabituels sur une carte de crC)dit associC)e C votre compte PayPal. Dossier n? : PP-8451-854-784 Ceci est un dernier rappel vous invitant C vous connecter C PayPal dC(s que possible. Veuillez rC)tablir l'accC(s C votre compte. Veuillez ne pas rC)pondre C cet email. Les messages reC'us C cette adresse ne sont pas lus et ne reC'oivent donc aucune rC)ponse. Pour obtenir de l'aide, connectez-vous C votre compte PayPal et cliquez sur le lien Aide dans le coin supC)rieur droit de chaque page PayPal. Pour recevoir des notifications par email au format texte et non en HTML, mettez vos prC)fC)rences C jour Copyright B) 1999-2009 PayPal. Tous droits rC)servC)s. PayPal (Europe) S.C r.l. Cie, S.C.A. SociC)tC) en Commandite par Actions SiC(ge social : 5C(me C)tage 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118 349 Email PayPal nB0 PP1008
Re: help please, my real memory is disappearing
fail. doesn't change a thing. art's message was clear wasn't it? there is no problem to be solved. * Pete Vickers p...@systemnet.no [2009-11-17 12:37]: alternatively you could run/spawn ftpd from inetd, which will presumably mean that all the resources will be 'returned' as soon as the connection closes. However significant performance hit on a busy ftp server. /Pete On 17. nov.. 2009, at 10.25, Artur Grabowski wrote: MK pub...@kubikcz.net writes: 1. Is it normal that memory is not freed after I kill ftpd daemon? yes. because the ftp daemon didn't allocate it. 2. Is it normal ftpd can take about 800MB of real memory while serving GET requests? (only 1 client is able to consume that portion of memory) If you serve 800MB of file data through ftpd then yes. 3. Is it normal that this memory seems to be lost from the system? yes. The keyword here is seems. The memory is used for caching the file contents in case you decide to read those files again. It's reused for more useful things when it's needed. //art Pete Vickers p...@systemnet.no | +47 48 17 91 00 SystemNet AS -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: Please use this to convert people to OpenBSD
On Tue, Nov 17, 2009 at 05:46:00PM +0530, Girish Venkatachalam wrote: Dear friends, Please stop spamming the list about your project. I'm happy to see it exists, but I think it's inappropriate (and annoying) to email misc@ on a daily basis (4 days now). A more appropriate venue would be the OpenBSD Journal. Why don't you submit a story? P.S. Today's promotion of liveusb-openbsd is bordering on zealotry. Zealotry is stupid and attracts users we don't want in the first place. P.P.S. I think I need to go blog about this now. http://blogsum.obfuscurity.com/ ;) -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
Re: Please use this to convert people to OpenBSD
On Tue, 17 Nov 2009 17:46:00 +0530 Girish Venkatachalam girishvenkatacha...@gmail.com wrote: You can even convert Windoze folks. Mplayer is that sexy. I think you're talking to the wrong crowd. Before anyone else says it; take your religion elsewhere ;-) Most people here don't give a shit what other people use.
OpenBSD 4.6 pfsync kernel panic
Hi We get kernel panics when we reboot either one of our two OpenBSD 4.6 servers running pf. It seems that the kernel panic always happens at the point where the pf sync state import happens. Sometimes we can reboot the servers, one at the time, a number of times in a row without any problems. We have tried to understand why this occurs but to no avail, is there anyone who could advise us what to do to try and resolve this? The error message say: fatal page fault (6) in supervisor mode trap type 6 code 0 eip d031baf5 cs 50 eflags 10297 cr2 2c4 cpl 40 panic: trap type 6, code=0, pc=d031baf5 . . . --- trap (number 6) --- pfsync_state_import(d899e83a,2,2d0,de1b4bc8) at pfsync_state_import+0x75 We have two identical servers running OpenBSD 4.6 and pf, they are build on the Supermicro X7SBT motherboard: http://www.supermicro.com/products/motherboard/Xeon3000/X48/X7SBT.cfm They have a totalt of six nic; two internal Intel PRO/1000MT (82573E) and (82573L) and four Intel PRO/1000 QP (82571EB). The pfsync interface uses em4 (that is the first of the two internal network cards - Intel PRO/1000MT (82573E)); pfsync0: flags=41UP,RUNNING mtu 1500 priority: 0 pfsync: syncdev: em4 maxupd: 128 defer: off groups: carp pfsync And we have a simple rule pass quick on { em4 } proto pfsync ps -N /var/crash/bsd.0 -M /var/crash/bsd.0.core -O paddr gives; PID PADDR TT STAT TIME COMMAND 12176 d89f216c p0 Is+ 0:00.00 (ksh) 28044 d8ae82c4 C0- R/0 0:01.00 (snortsam) 18169 d8b9e2c0 C0 Is+ 0:00.00 (ksh) 3045 d8ae8834 C1 Is+ 0:10.00 (getty) 10861 d8ae8aec C2 Is+ 0:09.00 (getty) 3111 d8ae8c48 C3 Is+ 0:09.00 (getty) 5674 d8ae8da4 C5 Is+ 0:09.00 (getty) I have attached the dmesg output from one of the machines at the end of this email, Best regards Anders Mainloop Anders Pettersson and...@mainloop.se Stora Nygatan 5, 2tr 111 27 Stockholm Sweden mobile: +46 (70) 634 5818 OpenBSD 4.6-stable (GENERIC.MP) #0: Fri Nov 6 10:18:43 CET 2009 r...@puffy46.intranet.mainloop.net:/usr/src/sys/arch/i386/compile/GENERIC .MP cpu0: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR real mem = 2145402880 (2046MB) avail mem = 2065686528 (1969MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/19/08, BIOS32 rev. 0 @ 0xfdbc0, SMBIOS rev. 2.5 @ 0x7fedf000 (34 entries) bios0: vendor Phoenix Technologies LTD version 1.2a date 12/19/2008 bios0: Supermicro X7SBT acpi0 at bios0: rev 2 acpi0: tables DSDT FACP _MAR MCFG APIC BOOT SPCR ERST HEST BERT EINJ SLIC SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT acpi0: wakeup devices PEG_(S5) PEX_(S5) LAN_(S5) USB4(S5) USB5(S5) USB7(S5) ESB2(S5) EXP1(S5) EXP5(S5) EXP6(S5) USB1(S5) USB2(S5) USB3(S5) USB6(S5) ESB1(S5) PCIB(S5) KBC0(S1) MSE0(S1) COM1(S5) COM2(S5) PWRB(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu2: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu3: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PEG_) acpiprt2 at acpi0: bus -1 (PEX_) acpiprt3 at acpi0: bus 5 (EXP1) acpiprt4 at acpi0: bus 13 (EXP5) acpiprt5 at acpi0: bus 15 (EXP6) acpiprt6 at acpi0: bus 17 (PCIB) acpicpu0 at acpi0: C3, PSS acpicpu1 at acpi0: C3, PSS acpicpu2 at acpi0: C3, PSS acpicpu3 at acpi0: C3, PSS acpibtn0 at acpi0: PWRB acpivideo0 at acpi0: IGD0 bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xc9000/0x1000 0xca000/0x1000 ipmi at mainbus0 not configured cpu0: Enhanced SpeedStep 2401 MHz: speeds: 2400, 1600 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82X38 Host rev 0x01 ppb0 at pci0 dev 1 function 0 Intel 82X38 PCIE rev 0x01: apic 4 int 16 (irq 5) pci1 at ppb0 bus 1 ppb1 at pci1 dev 0 function 0 IDT 89HPES12N3A rev 0x0e pci2 at ppb1 bus 2
spamd.conf chinakorea
Hi These 2 files do not seem to be there anymore. I couldn't find any info about this facts anywhere. www.openbsd.org/spamd/koreacidr.txt.gz www.openbsd.org/spamd/chinacidr.txt.gz I guess, I will have to get them directly and reformat them to feed spamd myself if I want to still use them? Thanks cmb PS: They generate 404 error since some time now when spamd-setup runs from cron
isakmpd will not initiate connection to Cisco ASA
We have many tunnels and for some reason I just set up a tunnel with a Cisco ASA and we can not initiate the connection from the OpenBSD side. If the Cisco side pings a device on the OpenBSD side the tunnel comes up. On the Cisco side they have bidirectional enabled, and they are not seeing the OpenBSD try to initiate the tunnel. Any help would be appreciated, Regards, Chris Bullock
Re: why is pf reseting this ssh connection?
I'm still having this reset problem. Looking at the logs below, the reset seems to coming from the session being blocked (the last log), but why would PF block the session when it accepted the session about 70 seconds before (the first 2 logs)? Since Ethereal shows that the SSH client is not trying to establish a new session, it seems that PF must have lost-track that it had already accepted this session... What is really weird is that it only happens when SSH-ing to this host (10.0.1.24), connections to a host (10.0.1.22) right next to it on the same subnet stay up all the time Again, this is with OBSD 4.2 Any ideas? Thanks, Kent Kent Watsen wrote: I'm consistently getting a RST packet, but I can't figure out why? # tcpdump -nettti pflog0 tcpdump: listening on pflog0, link-type PFLOG Nov 14 11:42:20.408301 rule 62/(match) pass in on vlan4: 10.0.4.6.53255 10.0.1.24.22: [|tcp] (DF) Nov 14 11:42:20.408407 rule 34/(match) pass out on vlan1: 10.0.4.6.53255 10.0.1.24.22: [|tcp] (DF) Nov 14 11:42:20.550409 rule 43/(match) pass in on vlan1: 10.0.1.24.36875 10.0.2.2.53:[|domain] (DF) Nov 14 11:42:20.550514 rule 47/(match) pass out on vlan2: 10.0.1.24.36875 10.0.2.2.53:[|domain] (DF) Nov 14 11:42:21.754224 rule 57/(match) pass in on vlan3: 10.0.3.104.123 17.151.16.21.123: v4 client strat 3 poll 6 prec -20 Nov 14 11:42:53.614950 rule 47/(match) pass out on vlan2: 96.253.91.225.4814 10.0.2.2.53:[|domain] Nov 14 11:42:57.672970 rule 0/(match) block in on vlan1: 10.0.1.20.2001 255.255.255.255.37: udp 0 Nov 14 11:43:06.344155 rule 0/(match) block in on vlan3: [|ip6] Nov 14 11:43:25.756063 rule 57/(match) pass in on vlan3: 10.0.3.104.123 17.151.16.21.123: v4 client strat 3 poll 6 prec -20 Nov 14 11:43:38.740956 rule 0/(match) block in on vlan4: 10.0.4.6.53255 10.0.1.24.22: [|tcp] (DF) [tos 0x10] ^C Note: I pressed return in the SSH shell at 11:43:38 Running Ethereal on 10.0.4.6, I can see the SSH packet from 10.0.4.6:53255 -- 10.0.1.24:22 followed immediately by a RST packet from 10.0.1.24:22 -- 10.0.4.6:53255 The thing that confuses me is that: - 10.0.4.6 has no trouble maintaining SSH connection to another hosts in the 10.0.1.0\24 network - other hosts in the 10.0.1.0\24 network have no trouble maintaining SSH connection with 10.0.1.24 # pfctl -vvs rules @0 scrub in on gem0 all fragment reassemble [ Evaluations: 1893945 Packets: 22091 Bytes: 10427870 States: 0 ] [ Inserted: uid 0 pid 26797 ] @0 block return log all [ Evaluations: 5467 Packets: 946 Bytes: 67688 States: 0 ] [ Inserted: uid 0 pid 26797 ] snip @34 pass out log quick on vlan1 inet proto tcp from 10.0.4.6 to 10.0.1.0/24 port = ssh flags S/SA keep state [ Evaluations: 82 Packets: 1430 Bytes: 193425 States: 1 ] [ Inserted: uid 0 pid 26797 ] snip @62 pass in log quick on vlan4 inet from 10.0.4.0/24 to any flags S/SA keep state [ Evaluations: 635 Packets: 22817 Bytes: 13187743 States: 4 ] [ Inserted: uid 0 pid 26797 ] snip Any ideas? PS: I'm running OpenBSD 4.2 - CARP is configured, but the other machine is powered down Thanks, Kent
Re: isakmpd will not initiate connection to Cisco ASA
Are you sure that obsd does not try to initiate the connection at least once? I have noticed the following problem with cisco: Some Cisco models delete the security association after an inactivity timeout, they call it Cisco IPSec Security Association Idle Timers. When this happens, openBSDs drop the information for this tunnel and is unable to recreate it. Cisco keeps the information and can reestablish the connection when someone pings or otherwise addresses the remote end. I had a short conversation about this with Hans-Jvrg Hvxer, but cannot say whether this behaviour is desired or considered a bug. I would try to delete the tunnel complete and configure it again while running tcpdump on the external interface ( or enable isakmpd packet capture, see the -L switch of isakmpd ). This will at least answer the question, whether openBSD attempts to establish the connection when the tunnel is defined for the first time. Regards Christoph -Urspr|ngliche Nachricht- Von: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] Im Auftrag von Chris Bullock Gesendet: Dienstag, 17. November 2009 15:45 An: misc@openbsd.org Betreff: isakmpd will not initiate connection to Cisco ASA We have many tunnels and for some reason I just set up a tunnel with a Cisco ASA and we can not initiate the connection from the OpenBSD side. If the Cisco side pings a device on the OpenBSD side the tunnel comes up. On the Cisco side they have bidirectional enabled, and they are not seeing the OpenBSD try to initiate the tunnel. Any help would be appreciated, Regards, Chris Bullock
OpenBSD blog software
A friend on misc@ brought it to my attention that I never formally announced Blogsum. Enjoy at your own peril. Blogsum is a very basic blogging application. It was written from scratch with a focus on simplicity and security. The author was frustrated with the lack of small blog applications that were written well and would reside in OpenBSD's httpd(8) chroot without too much pain. Blogsum addresses these needs while providing the most popular features that the typical blogger might require (tags, rss, basic authoring tools). Currently it requires a VirtualHost configuration due to some absolute paths and shit. It's on my roadmap for 1.1 to make this more flexible for it to run as a URI instead (e.g. Directory). Users running -current can pkg_add -i blogsum. Otherwise you can track svn. Full instructions here: http://trac.obfuscurity.com/blogsum/wiki/InstallOpenBSD My personal blog has been running Blogsum since day zero. The CapBUG site was nicely ported over to it by Mike Erdely. There is a migration script that imports WordPress xml. It's not perfect but works pretty well. http://obfuscurity.com/ http://capbug.org/ P.S. And this will be the last you hear about it from me. ;) -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
softraid init at startup
Hi! I have a crypto softraid device and now I set it up at every boot in rc.local with a bioctl fsck mount combination. Is there any standard way of setting up softraid0 devices at boot, or everyone use their own implementation (eg. in /etc/rc.local)? Thanks, Daniel -- LIVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
authpf per user rules
Hi Folks, I am about to introduce OpenBSD as an authentication layer in our company. While I read the manpage and did some initial testing with authpf, I'm not quite sure wether I can achieve what I need to. Let me describe the setup briefly: network1 connects via ssh to $ext_if of the OpenBSD box. network2 is behind $int_if of my openbsd box. User1 should be able to access box 1, 2 and 3 via ssh (these being behind $int_if). User2 should be able to access just box 2, 3, and 4 (again via ssh). It seems like the way to go via authpf would be a rules file for user1 like that: (/etc/authpf/users/User1/authpf.rules) rdr on $ext_if proto tcp from $user_ip to $ext_if port 10122 - 10.0.0.1 port 22 rdr on $ext_if proto tcp from $user_ip to $ext_if port 10222 - 10.0.0.2 port 22 rdr on $ext_if proto tcp from $user_ip to $ext_if port 10322 - 10.0.0.3 port 22 And User2, accordingly in his User2/authpf.rules file rdr on $ext_if proto tcp from $user_ip to $ext_if port 10222 - 10.0.0.2 port 22 rdr on $ext_if proto tcp from $user_ip to $ext_if port 10322 - 10.0.0.3 port 22 rdr on $ext_if proto tcp from $user_ip to $ext_if port 10422 - 10.0.0.4 port 22 And yes, 10.0.0.x being hosts in network2 which are not directly accessable from network2. That should work, right? However, to make thinks more complicated, outgoing connections from network1 are only possible with destination tcp/22. So that config wouldn't suite my environment. And while on the topic of a bit more complicated, the source IP of network2 is always the same, which makes the usage of $user_ip impossible (right?!). Problem 2 seems to be solvable by using $user_id and packet tagging. I'm not quite sure how to solve problem 1 (outgoing connections only to dest 22). Would it be possible to give that user a real login shell in combination with authpf loading $user_id based rules? Did anybody do a setup like that before? Any hints are greatly appreciated. A quick no, that doesn't seem to be possible is fine too ;) I'm going back to my test setup now and play around with authpf. Cheers, Marian PS.: Please keep me CC'ed, I'm (still) not subscribed to the list.
Re: why is pf reseting this ssh connection?
On Tue, Nov 17, 2009 at 9:47 AM, Kent Watsen k...@watsen.net wrote: I'm still having this reset problem. Looking at the logs below, the reset seems to coming from the session being blocked (the last log), but why would PF block the session when it accepted the session about 70 seconds before (the first 2 logs)? Since Ethereal shows that the SSH client is not trying to establish a new session, it seems that PF must have lost-track that it had already accepted this session... What is really weird is that it only happens when SSH-ing to this host (10.0.1.24), connections to a host (10.0.1.22) right next to it on the same subnet stay up all the time Again, this is with OBSD 4.2 Any ideas? This only happens with SSH connections? Are the rulesets identical between the two machines? Also, why are you still running 4.2? As I'm sure you know, there have been many improvements to pf since that release. Todd P.S. Maybe send your dmesg(s) and ruleset(s) with your next reply. Just a thought. P.P.S. Part of my brain keeps thinking, Flaky NIC?
Demande De Virement De Solde Sur Votre Compte Bancaire ?
PayPal PayPal Cher client Attention! Votre compte PayPal a ete limite! Dans le cadre de nos mesures de securite, nous verifions l activite reguliere des comptes PayPal. Pour eviter la continuite de certains comptes inactifs. Nous voudrions obtenir certaines informations relatives a votre compte afin d assurer la securite de celui-ci: Actuellement, notre systeme a detecte des charges inhabituelles executant de nombreuses transactions effectuees a partir d une carte de credit liee e votre compte PayPal. Numero de Reference: PP-59-57-91 Afin d evite tout probleme relatif a ces nombreuses transactions, votre compte a ete momentanement ferme. Pour vous connecter de nouveau a PayPal, il vous suffit de cliquer sur le lien si dessous et de suivre les directives relatives a la reouverture et a l acces libre de votre compte. activer Nous vous remercions de votre comprehension et nous vous assurons qu il ne s agit que de simples mesures visant a la securite de nos membres et de leurs renseignements personnels relatifs a leur compte. Et nous vous prions d'agreer nos plus plates excuses pour tous inconve nients que cela pourrait vous occasionner Tarifs standards 3.4% + commission fixe Pour chaque transaction nationale ou effectuee dans l'U.E. en Euros. 3.9% + commission fixe Pour chaque transation transfrontiere en dehors de l'U.E. Tarifs Marchands (bases sur le volume de transaction mensuel et une demande unique) 1.4% - 2.9% + commission fixe Pour chaque transaction nationale ou effectuee dans l'U.E. en Euros 1.9% - 3.4% + commission fixe Pour chaque transaction transfrontiere en dehors de l'U.E. Les niveaux de volumes mensuels applicables a ces tarifications degressives sont disponibles dans l'article tarifs accessibles a partir de n'importe quelle page du site PayPal. La commision fixe est, selon la devise de paiement: 0.20 GBP 40.0 JPY $1.35 PLN 0.35 EUR 0.40 AUD $90.0 HUF 0.30 USD 0.55 CHF $10.00 CZK 0.55 CAD 2.80 NOK $0.50 SGD 40.0 JPY 3.25 SEK $2.85 HKD 0.40 AUD 2.60 DKK $0.45 NZD Les utilisateurs qui envoient un Paiement Personnel approvisionne par une carte pourront choisir de payer la commission applicable a ce paiement. La clause 15 inclura les nouvelles definitions suivantes : * Paiement Commercial designe un paiement qui n'est pas un Paiment Personnel (y compris, mais sans limitation, un paiement effectue pour l'achat d'un objet sur eBay ou d'autres biens et services). * Paiement Personnel designe un transfert d'argent destine a un autre particulier, dans le cadre de son environnement personnel, familial et/ou dans le cadre de son menage Aucune action n'est requise de votre part et vous pourrez continuer a utiliser PayPal comme vous le faisiez. Cordialement, PayPal [IMAGE] [IMAGE]Mot de passe oublie ? [IMAGE]Aide [IMAGE]Votre securite [IMAGE]Conditions d'utilisation Copyright 1999-2008 PayPal. All rights reserved. PayPal S.e.r.l. et Cie, S.C.A., Societe en Commandite par Actions. Registered office: 22-24 Boulevard Royal, L-2449, Luxembourg, R.C.S. Luxembourg B 118 349.
Re: isakmpd will not initiate connection to Cisco ASA
I recently had a problem that looked similar. I would try to bring up the tunnels configured in ipsec.conf. No Phase 2 A dump on the external iface revealed that we were sending Phase 1 initiation. Their end was configured for a different encryption scheme, than ours ( even though we had agreed on one ). Since they were showing up with a vlaid PSK we accepted the values they proposed, whereas they rejected our proposal's. tcpdump -nvs1400 port 500 Christoph Leser wrote: Are you sure that obsd does not try to initiate the connection at least once? I have noticed the following problem with cisco: Some Cisco models delete the security association after an inactivity timeout, they call it Cisco IPSec Security Association Idle Timers. When this happens, openBSDs drop the information for this tunnel and is unable to recreate it. Cisco keeps the information and can reestablish the connection when someone pings or otherwise addresses the remote end. I had a short conversation about this with Hans-Jvrg Hvxer, but cannot say whether this behaviour is desired or considered a bug. I would try to delete the tunnel complete and configure it again while running tcpdump on the external interface ( or enable isakmpd packet capture, see the -L switch of isakmpd ). This will at least answer the question, whether openBSD attempts to establish the connection when the tunnel is defined for the first time. Regards Christoph -Urspr|ngliche Nachricht- Von: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] Im Auftrag von Chris Bullock Gesendet: Dienstag, 17. November 2009 15:45 An: misc@openbsd.org Betreff: isakmpd will not initiate connection to Cisco ASA We have many tunnels and for some reason I just set up a tunnel with a Cisco ASA and we can not initiate the connection from the OpenBSD side. If the Cisco side pings a device on the OpenBSD side the tunnel comes up. On the Cisco side they have bidirectional enabled, and they are not seeing the OpenBSD try to initiate the tunnel. Any help would be appreciated, Regards, Chris Bullock
OpenSSH and Certificate based
Hi Everyone, I am new to this emailing list, so please excuse me if I am asking you the question that has been asked many times... We use OpenSSH for secure remote access, and we are wondering if we can use x.509 certificate for authentication. I have found the Roumen Petrov's patch that provides x.509 support (http://roumenpetrov.info/openssh/), and I was wondering if Openbsd development team plan on incorporating the patch into a future release. I think this should be a great additional feature for OpenSSH and OpenBSD. Could please tell me if you plan on incorporating this batch? If not, could you please tell me why not? Thank you, BR - John
Je sur comptable a la banque BCB je vais virée $6.million a la etranger
You're invited to Je sur comptable a la banque BCB je vais virie $6.million a la etranger. By your host Ashraf Cotu: Date: Tuesday November 17, 2009 Time: 6:00 pm - 7:00 pm (GMT +00:00) Location: Cher Ami Salut, Je suis MR, Ashraf Cotu comptable a la BANQUE COMERCIALE DU BURKINA (BCB), je vais virie $6.million (usd) a la etranger si vous pour vais me aide et ci ga vous intersse je vous enverrons tous les ditails sur la fagon dont on va fait le demache et igalement noter que vous aurez 30% du montant indiqui .si vous jtes d'accord pour m'aider ` exicuter cette transaction. reponne moi rapidement et s.v.p ces un propossition confidentielle merci Guests: * milady-b...@hotmail.fr * milarep...@yahoo.fr * milla_...@yahoo.fr * million.e...@club-internet.fr * mima9...@hotmail.com * mimicharleb...@hotmail.com * mimidragonl...@hotmail.com * mimitt...@hotmail.com * minco.gov.aoquimg...@yahoo.com.brrepcomangola * mind.and.free...@hotmail.com * minda...@yahoo.com.mx * minetmarcel...@hotmail.com * minettogabrie...@hotmail.fr * mingsh...@hotmail.com * mini...@hotmail.fr * miniblonde...@hotmail.com * minima...@hotmail.com * minimidiv...@hotmaill.com * minui...@hotmail.fr * miou...@yahoo.fr * mira0...@hotmail.com * miramondt...@yahoo.fr * mireille_simar...@hotmail.com * mireill...@9online.fr * mirelad...@hotmail.com * mirjanaras...@hotmail.com * misc@openbsd.org * miss-blonde...@hotmail.fr * miss-el...@hotmail.fr * miss06...@hotmail.fr * missb2...@yahoo.fr * missionsprok...@kapuziner.org * missivecommunicat...@hotmail.fr * mi...@fpi-no.com * mistervi...@yahoo.fr * mistral17frie...@hotmail.fr * mitch_tah...@hotmail.com * mitourn...@yahoo.fr * mjapan2...@hotmail.com * mjcdie...@wanadoo.fr * mjcrosend...@yahoo.fr * mjcvolmera...@hotmail.com * mjlalibert...@hotmail.com * mjp...@yahoo.fr * mjudi2...@yahoo.fr * mkci...@hotmail.com * mlabid...@yahoo.fr. * mlip...@yahoo.com.mx * mlkasnie...@hotmail.fr * mm...@hotamil.fr * mmale...@thefrenchgourmet.com * mmarti...@live.ca * mmaster...@hotmail.com * mme@hotmail.fr * mme_sarah_r...@yahoo.fr * mmontesde...@segob.gob.mx * mnksa...@yahoo.fr * moana_initiat...@yahoo.fr * m...@hotmail.fr * mobilesaleinc...@yahoo.com * moby-delta-cr...@yahoo.fr * mocel...@hotmail.fr * moeorgd...@yahoo.com * mogador.1...@hotmail.fr * mogw...@hotmail.com * moh-m...@hotmail.fr * mohadebb...@yahoo.fr * mohamed.ca...@yahoo.fr * mohamed_mig...@hotmail.com * moi_li...@hotmail.com * moigaby...@hotmail.fr * moignetgault...@hotmail.com * moijevous-w...@yahoo.fr * moimickae...@hotmail.fr * mois...@yahoo.fr * moison.m...@hotmail.fr * molb...@hotmail.com * mollysip...@yahoo.fr * mo...@wanadoo.fr * momnougui_robert_al...@yahoo.com invitation_add_to_your_yahoo_calendar: http://ca.calendar.yahoo.com/?v=60ST=20091117T18%2BTITLE=Je+sur+comptable+a+la+banque+BCB+je+vais+vir%c3%a9e+$6.million+a+la+etrangerDUR=0100VIEW=din_loc=Cher+Ami+Salut,+Je+suis+MR,+Ashraf+Cotu+comptable+a+la+BANQUE+COMERCIALE+DU+BURKINA+(BCB),+je+vais+vir%c3%a9e+$6.million+(usd)+a+la+etranger+si+vous+pour+vais+me+aide+et+ci+%c3%a7a+vous+intersse+je+vous+enverrons+tous+les+d%c3%a9tails+sur+la+fa%c3%a7on+dont+on+va+fait+le+demache+et+%c3%a9galement+noter+que+vous+aurez+30%25+du+montant+indiqu%c3%a9+.si+vous+%c3%aates+d%27accord+pour+m%27aider+%c3%a0+ex%c3%a9cuter+cette+transaction.+reponne+moi+rapidement+et+s.v.p+ces+un+propossition+confidentielle+merciTYPE=10 Copyright ) 2009 All Rights Reserved www.yahoo.ca Privacy Policy: http://privacy.yahoo.com/privacy/ca Terms of Service: http://ca.docs.yahoo.com/info/terms/
problem compiling kde4
Hi, i'm having trouble compiling kde4 on OpenBSD 4.6 . I've updated src via cvs and i've managed to get it start compiling until i get this error: Maybe someone can point me in some direction. pc03:/u/data/ports/x11/kde4{1}# make === x11/kde4/accessibility === x11/kde4/admin === x11/kde4/artwork === x11/kde4/base === x11/kde4/base-runtime === x11/kde4/base-workspace === x11/kde4/edu === Building for kdeedu-4.0.1p2 /usr/local/bin/cmake -H/usr/ports/obj/kdeedu-4.0.1p2/kdeedu-4.0.1 -B/u/data/ports/obj/kdeedu-4.0.1p2/build-i386 --check-build-system CMakeFiles/Makefile.cmake 0 /usr/local/bin/cmake -E cmake_progress_start /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles 99 make -f CMakeFiles/Makefile2 all make -f libkdeedu/keduvocdocument/CMakeFiles/keduvocdocument.dir/build.make libkdeedu/keduvocdocument/CMakeFiles/keduvocdocument.dir/depend make -f libkdeedu/keduvocdocument/CMakeFiles/keduvocdocument.dir/build.make libkdeedu/keduvocdocument/CMakeFiles/keduvocdocument.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles 1 2 [ 2%] Built target keduvocdocument make -f libkdeedu/keduvocdocument/tests/CMakeFiles/converter.dir/build.make libkdeedu/keduvocdocument/tests/CMakeFiles/converter.dir/depend make -f libkdeedu/keduvocdocument/tests/CMakeFiles/converter.dir/build.make libkdeedu/keduvocdocument/tests/CMakeFiles/converter.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles [ 2%] Built target converter make -f libkdeedu/kdeeduui/CMakeFiles/kdeeduui.dir/build.make libkdeedu/kdeeduui/CMakeFiles/kdeeduui.dir/depend make -f libkdeedu/kdeeduui/CMakeFiles/kdeeduui.dir/build.make libkdeedu/kdeeduui/CMakeFiles/kdeeduui.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles 3 [ 3%] Built target kdeeduui make -f libkdeedu/libscience/CMakeFiles/science.dir/build.make libkdeedu/libscience/CMakeFiles/science.dir/depend make -f libkdeedu/libscience/CMakeFiles/science.dir/build.make libkdeedu/libscience/CMakeFiles/science.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles 4 [ 4%] Built target science make -f blinken/src/CMakeFiles/blinken.dir/build.make blinken/src/CMakeFiles/blinken.dir/depend make -f blinken/src/CMakeFiles/blinken.dir/build.make blinken/src/CMakeFiles/blinken.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles 5 [ 5%] Built target blinken make -f doc/blinken/CMakeFiles/handbook.dir/build.make doc/blinken/CMakeFiles/handbook.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles [ 5%] Built target handbook make -f doc/kalzium/CMakeFiles/handbook.dir/build.make doc/kalzium/CMakeFiles/handbook.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles [ 5%] Built target handbook make -f doc/kanagram/CMakeFiles/handbook.dir/build.make doc/kanagram/CMakeFiles/handbook.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles 6 [ 6%] Built target handbook make -f doc/kbruch/CMakeFiles/handbook.dir/build.make doc/kbruch/CMakeFiles/handbook.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles [ 6%] Built target handbook make -f doc/kgeography/CMakeFiles/handbook.dir/build.make doc/kgeography/CMakeFiles/handbook.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles [ 6%] Built target handbook make -f doc/khangman/CMakeFiles/handbook.dir/build.make doc/khangman/CMakeFiles/handbook.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles [ 6%] Built target handbook make -f doc/kig/CMakeFiles/handbook.dir/build.make doc/kig/CMakeFiles/handbook.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles [ 6%] Built target handbook make -f doc/kiten/CMakeFiles/handbook.dir/build.make doc/kiten/CMakeFiles/handbook.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles [ 6%] Built target handbook make -f doc/klettres/CMakeFiles/handbook.dir/build.make doc/klettres/CMakeFiles/handbook.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles [ 6%] Built target handbook make -f doc/kmplot/CMakeFiles/handbook.dir/build.make doc/kmplot/CMakeFiles/handbook.dir/build /usr/local/bin/cmake -E cmake_progress_report /u/data/ports/obj/kdeedu-4.0.1p2/build-i386/CMakeFiles [ 6%] Built target handbook make -f doc/kpercentage/CMakeFiles/handbook.dir/build.make
Re: problem compiling kde4
On Tue, 17 Nov 2009 15:36:43 -0300, Marcos Laufer wrote Hi, i'm having trouble compiling kde4 on OpenBSD 4.6 . I've updated src via cvs and i've managed to get it start compiling until i get this error: Maybe someone can point me in some direction. You missed /usr/ports/x11/kde4/README
New document: A mail server with OpenSMTPD
Hi list, I wrote a document about how to install a complete mail server using OpenSMTPD (TLS, SSL, dovecot, roundcube, etc). It's just in spanish (sorry), if You want to download the .odt or the .pdf file go to: http://groups.google.com/group/openbsd-colombia/files?hl=es and search the: SERVIDOR_DE_CORREO_OPENSMTPD.xxx file Please enjoy it, Thank You. -- -- Fernando Quintero http://nonroot.blogspot.com/ http://www.openbsdcolombia.org/ *Just a nonroot User*
Dmitry Seaman Kuzmitsky har laggt till dig som vän på webbplatsen VK.com
Hej, Dmitry Seaman Kuzmitsky har laggt till dig som vC$n pC% webbplatsen VK.com Du kan logga in och se dina vC$nner sidor med din E-post och detautomatiskt skapade lC6senordet: LZIrkhT1 VK.com C$r en webbplats som hjC$lper att tiotals miljoner mC$nniskor hittar sina gamla vC$nner, delar bilder och hC$ndelser och alltid kan hC%lla kontakten. FC6r att logga in, fC6lj denna lC$nk: http://vk.com/login.php?regemail=m...@openbsd.org#lzirkht1 Du kan C$ndra ditt lC6senord i InstC$llningar Observera: Om du ignorerar denna inbjudan, sC% vill din registrering inte bli aktiverad. Lycka till!
OpenBSD 4.6 pfsync kernel panic
Hi We get kernel panics when we reboot either one of our two OpenBSD 4.6 servers running pf. It seems that the kernel panic always happens at the point where the pf sync state import happens. Sometimes we can reboot the servers, one at the time, a number of times in a row without any problems. We have tried to understand why this occurs but to no avail, is there anyone who could advise us what to do to try and resolve this? The error message say: fatal page fault (6) in supervisor mode trap type 6 code 0 eip d031baf5 cs 50 eflags 10297 cr2 2c4 cpl 40 panic: trap type 6, code=0, pc=d031baf5 . . . --- trap (number 6) --- pfsync_state_import(d899e83a,2,2d0,de1b4bc8) at pfsync_state_import+0x75 We have two identical servers running OpenBSD 4.6 and pf, they are build on the Supermicro X7SBT motherboard: http://www.supermicro.com/products/motherboard/Xeon3000/X48/X7SBT.cfm They have a totalt of six nic; two internal Intel PRO/1000MT (82573E) and (82573L) and four Intel PRO/1000 QP (82571EB). The pfsync interface uses em4 (that is the first of the two internal network cards - Intel PRO/1000MT (82573E)); pfsync0: flags=41UP,RUNNING mtu 1500 priority: 0 pfsync: syncdev: em4 maxupd: 128 defer: off groups: carp pfsync And we have a simple rule pass quick on { em4 } proto pfsync ps -N /var/crash/bsd.0 -M /var/crash/bsd.0.core -O paddr gives; PID PADDR TT STAT TIME COMMAND 12176 d89f216c p0 Is+ 0:00.00 (ksh) 28044 d8ae82c4 C0- R/0 0:01.00 (snortsam) 18169 d8b9e2c0 C0 Is+ 0:00.00 (ksh) 3045 d8ae8834 C1 Is+ 0:10.00 (getty) 10861 d8ae8aec C2 Is+ 0:09.00 (getty) 3111 d8ae8c48 C3 Is+ 0:09.00 (getty) 5674 d8ae8da4 C5 Is+ 0:09.00 (getty) I have attached the dmesg output from one of the machines at the end of this email, Best regards Anders Mainloop Anders Pettersson and...@mainloop.semailto:and...@mainloop.se Stora Nygatan 5, 2tr 111 27 Stockholm Sweden mobile: +46 (70) 634 5818 OpenBSD 4.6-stable (GENERIC.MP) #0: Fri Nov 6 10:18:43 CET 2009 r...@puffy46.intranet.mainloop.net:/usr/src/sys/arch/i386/compile/GENERIC .MPmailto:r...@puffy46.intranet.mainloop.net:/usr/src/sys/arch/i386/compile/ GENERIC.MP cpu0: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR real mem = 2145402880 (2046MB) avail mem = 2065686528 (1969MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/19/08, BIOS32 rev. 0 @ 0xfdbc0, SMBIOS rev. 2.5 @ 0x7fedf000 (34 entries) bios0: vendor Phoenix Technologies LTD version 1.2a date 12/19/2008 bios0: Supermicro X7SBT acpi0 at bios0: rev 2 acpi0: tables DSDT FACP _MAR MCFG APIC BOOT SPCR ERST HEST BERT EINJ SLIC SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT acpi0: wakeup devices PEG_(S5) PEX_(S5) LAN_(S5) USB4(S5) USB5(S5) USB7(S5) ESB2(S5) EXP1(S5) EXP5(S5) EXP6(S5) USB1(S5) USB2(S5) USB3(S5) USB6(S5) ESB1(S5) PCIB(S5) KBC0(S1) MSE0(S1) COM1(S5) COM2(S5) PWRB(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu2: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu3: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PEG_) acpiprt2 at acpi0: bus -1 (PEX_) acpiprt3 at acpi0: bus 5 (EXP1) acpiprt4 at acpi0: bus 13 (EXP5) acpiprt5 at acpi0: bus 15 (EXP6) acpiprt6 at acpi0: bus 17 (PCIB) acpicpu0 at acpi0: C3, PSS acpicpu1 at acpi0: C3, PSS acpicpu2 at acpi0: C3, PSS acpicpu3 at acpi0: C3, PSS acpibtn0 at acpi0: PWRB acpivideo0 at acpi0: IGD0 bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xc9000/0x1000 0xca000/0x1000 ipmi at mainbus0 not configured cpu0: Enhanced SpeedStep 2401 MHz: speeds: 2400, 1600 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0
Re: New document: A mail server with OpenSMTPD
On Tue, Nov 17, 2009 at 02:53:37PM -0500, Fernando Quintero wrote: Hi list, I wrote a document about how to install a complete mail server using OpenSMTPD (TLS, SSL, dovecot, roundcube, etc). It's just in spanish (sorry), if You want to download the .odt or the .pdf file go to: http://groups.google.com/group/openbsd-colombia/files?hl=es and search the: SERVIDOR_DE_CORREO_OPENSMTPD.xxx file Please enjoy it, Thank You. muy bien :-) Gilles -- Gilles Chehade freelance developer/sysadmin/consultant http://www.poolp.org
unable to delete bioctl-dev...
Hello! i've still got some problems with the crypto on my external hard-drive. the automatic powermanagement of my external Western Digital Desktop Drive makes some problems in combination with bioctl i think, at least i can't access the bioctl-device after the hd had been in sleep-mode... (even if i wake it up before trying to access the bioctl-dev.) but that's not really bad, because i just included a the bioctl -cC -l /dev/sd2a -p passphrasefile softraid0 - command at the beginning and the bioctl -d sd3 at the end of my backup-scripts. but, right now i'am in a state where i can't unmount my backup-directory, i can't delete the bioctl-volume, and it will not reattach after reattaching the usb-disk: # umount /mnt/backup umount: /mnt/backup: Input/output error # umount -f /mnt/backup umount: /mnt/backup: Input/output error # bioctl -d sd3 bioctl: Can't open sd3: Device busy # bioctl -cC -l/dev/sd2a -p /var/passphrase.key softraid0 bioctl: ioctl: Invalid argument is it possible to force a volume deletion or unmount without rebooting? greetings, elias PS: (i know, i shouldn't have unplugged the usb-disk while mounted, but it got stuck because of the powermanagement of the disk again, and it isn't in productive use, anyways...)
Re: softraid init at startup
Am 11/17/2009 05:08 PM, schrieb LEVAI Daniel: Hi! I have a crypto softraid device and now I set it up at every boot in rc.local with a bioctl fsck mount combination. Is there any standard way of setting up softraid0 devices at boot, or everyone use their own implementation (eg. in /etc/rc.local)? Thanks, Daniel -- LIVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1 Hi, as far as I know, this is the way to do it. greetings, elias
Re: Problems with bwi0 - drops packets and stops responding
Is there anything new with respect to this driver? I experience the same problem (practically unusable connection, deteriorating fast under load with up to 80% packet loss). I'm using an Apple iBook G4 with it's built-in wireless card and WPA. dmesg says: bwi0 at pci1 dev 18 function 0 Broadcom BCM4306 rev 0x03: irq 52, address 00:11:24:2b:db:88 ifconfig says: bwi0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:11:24:2b:db:88 priority: 4 groups: wlan egress media: IEEE802.11 autoselect (OFDM36 mode 11g) status: active ieee80211: nwid Schroeder chan 13 bssid 00:11:24:0d:17:89 45dB wpapsk not displayed wpaprotos wpa1,wpa2 wpaakms psk wpaciphers tkip,ccmp wpagroupcipher tkip inet6 fe80::211:24ff:fe2b:db88%bwi0 prefixlen 64 scopeid 0x1 inet 10.0.1.5 netmask 0xff00 broadcast 255.255.255.255
VMware and OpenBSD
Under VMware ESX, which NIC works better with OpenBSD, E1000, pcn or vic?
Re: VMware and OpenBSD
2009/11/17 Steve Shockley steve.shock...@shockley.net: Under VMware ESX, which NIC works better with OpenBSD, E1000, pcn or vic? In my experience, e1000 has been the way to go. kmw -- Beware the leader who bangs the drums of war in order to whip the citizenry into a patriotic fervor, for patriotism is indeed a double-edged sword. It both emboldens the blood, just as it narrows the mind. And when the drums of war have reached a fever pitch and the blood boils with hate and the mind has closed, the leader will have no need in seizing the rights of the citizenry. Rather, the citizenry, infused with fear and blinded by patriotism, will offer up all of their rights unto the leader and gladly so - Unattributed, post 9/11
DHCPD and WPAD
I have a problem with DHCPD and WPAD. The OpenBSD version is 4.4. The error message is (in /var/log/messages): Nov 17 13:14:35 gw dhcpd[5096]: /etc/dhcpd.conf line 12: no option named option-252 Nov 17 13:14:35 gw dhcpd[5096]: option option-252 http://wpad.domain.local/wpad.dat * In older versions of OpenBSD the same line works fine * The problem seems to be with the option-252. If I change the number to 251 or 253, there is no error. Rgds Marcello
Re: help please, my real memory is disappearing
You're right, I should have read the email more carefully / drank more coffee. /Pete On 17. nov.. 2009, at 13.11, Artur Grabowski wrote: No. It will not solve any problem (ignoring that there was no problem in the first place). //art Pete Vickers p...@systemnet.no writes: alternatively you could run/spawn ftpd from inetd, which will presumably mean that all the resources will be 'returned' as soon as the connection closes. However significant performance hit on a busy ftp server. /Pete On 17. nov.. 2009, at 10.25, Artur Grabowski wrote: MK pub...@kubikcz.net writes: 1. Is it normal that memory is not freed after I kill ftpd daemon? yes. because the ftp daemon didn't allocate it. 2. Is it normal ftpd can take about 800MB of real memory while serving GET requests? (only 1 client is able to consume that portion of memory) If you serve 800MB of file data through ftpd then yes. 3. Is it normal that this memory seems to be lost from the system? yes. The keyword here is seems. The memory is used for caching the file contents in case you decide to read those files again. It's reused for more useful things when it's needed. //art Pete Vickers p...@systemnet.no | +47 48 17 91 00 SystemNet AS
Re: DHCPD and WPAD
On Tue, Nov 17, 2009 at 08:03:59PM -0200, Marcello Cruz wrote: I have a problem with DHCPD and WPAD. The OpenBSD version is 4.4. The error message is (in /var/log/messages): Nov 17 13:14:35 gw dhcpd[5096]: /etc/dhcpd.conf line 12: no option named option-252 Nov 17 13:14:35 gw dhcpd[5096]: option option-252 http://wpad.domain.local/wpad.dat * In older versions of OpenBSD the same line works fine * The problem seems to be with the option-252. If I change the number to 251 or 253, there is no error. http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/tables.c.diff?r1=1.5r2=1.6 -- jake...@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
Re: hardware
On Tue, Nov 17, 2009 at 2:21 PM, igor denisov denisovigor1...@rambler.ru wrote: Hello there, I always have problems with zywall p1, and decided to install openbsd OS to it, and have no idea how, for now this is not the case. I would like to know if the OS runs on the following hardware: Platform Frequency Intel IXP422 @266 MHz Flash 8MB (Intel TE28F640) RAM 32MB (2 x Winbond W981216DH-75) -- igor denisov. You might have better luck trying to run OpenWrt on it TBH. http://wiki.openwrt.org/oldwiki/openwrtdocs/hardware/zyxel/zywall_p1 -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
Re: DRM/DRI is very slow on Radeon 9200 SE, =1 FPS on glxgears.
Hi, After receiving an email from oga@, I checked if the issue was related to APIC on this system.. it seems so, disabling ioapic+mpbios+acpimadt fixed the issue (..so did disabling APIC from the BIOS). I can now get over 1000 FPS from glxgears, even if it isn't a valid benchmark. Sorry for the noise. -Bryan.
Re: unable to delete bioctl-dev...
This is a bug in softraid. When the bottom disk disappears, it should make its disk disappear. That's what we do for normal mount points, autounmount on unplug. On Nov 17, 2009, at 12:45 PM, elias r. obs...@crudp.ath.cx wrote: Hello! i've still got some problems with the crypto on my external hard- drive. the automatic powermanagement of my external Western Digital Desktop Drive makes some problems in combination with bioctl i think, at least i can't access the bioctl-device after the hd had been in sleep-mode... (even if i wake it up before trying to access the bioctl-dev.) but that's not really bad, because i just included a the bioctl -cC -l /dev/sd2a -p passphrasefile softraid0 - command at the beginning and the bioctl -d sd3 at the end of my backup-scripts. but, right now i'am in a state where i can't unmount my backup- directory, i can't delete the bioctl-volume, and it will not reattach after reattaching the usb-disk: # umount /mnt/backup umount: /mnt/backup: Input/output error # umount -f /mnt/backup umount: /mnt/backup: Input/output error # bioctl -d sd3 bioctl: Can't open sd3: Device busy # bioctl -cC -l/dev/sd2a -p /var/passphrase.key softraid0 bioctl: ioctl: Invalid argument is it possible to force a volume deletion or unmount without rebooting? greetings, elias PS: (i know, i shouldn't have unplugged the usb-disk while mounted, but it got stuck because of the powermanagement of the disk again, and it isn't in productive use, anyways...)
Re: unable to delete bioctl-dev...
ok, as i can't find it in the bug tracker, i assume i should file a bug report? Am 11/18/2009 12:00 AM, schrieb Ted Unangst: This is a bug in softraid. When the bottom disk disappears, it should make its disk disappear. That's what we do for normal mount points, autounmount on unplug. On Nov 17, 2009, at 12:45 PM, elias r. obs...@crudp.ath.cx wrote: Hello! i've still got some problems with the crypto on my external hard-drive. the automatic powermanagement of my external Western Digital Desktop Drive makes some problems in combination with bioctl i think, at least i can't access the bioctl-device after the hd had been in sleep-mode... (even if i wake it up before trying to access the bioctl-dev.) but that's not really bad, because i just included a the bioctl -cC -l /dev/sd2a -p passphrasefile softraid0 - command at the beginning and the bioctl -d sd3 at the end of my backup-scripts. but, right now i'am in a state where i can't unmount my backup-directory, i can't delete the bioctl-volume, and it will not reattach after reattaching the usb-disk: # umount /mnt/backup umount: /mnt/backup: Input/output error # umount -f /mnt/backup umount: /mnt/backup: Input/output error # bioctl -d sd3 bioctl: Can't open sd3: Device busy # bioctl -cC -l/dev/sd2a -p /var/passphrase.key softraid0 bioctl: ioctl: Invalid argument is it possible to force a volume deletion or unmount without rebooting? greetings, elias PS: (i know, i shouldn't have unplugged the usb-disk while mounted, but it got stuck because of the powermanagement of the disk again, and it isn't in productive use, anyways...)
Re: unable to delete bioctl-dev...
no i know about this On Wed, Nov 18, 2009 at 12:10:41AM +0100, elias r. wrote: ok, as i can't find it in the bug tracker, i assume i should file a bug report? Am 11/18/2009 12:00 AM, schrieb Ted Unangst: This is a bug in softraid. When the bottom disk disappears, it should make its disk disappear. That's what we do for normal mount points, autounmount on unplug. On Nov 17, 2009, at 12:45 PM, elias r. obs...@crudp.ath.cx wrote: Hello! i've still got some problems with the crypto on my external hard-drive. the automatic powermanagement of my external Western Digital Desktop Drive makes some problems in combination with bioctl i think, at least i can't access the bioctl-device after the hd had been in sleep-mode... (even if i wake it up before trying to access the bioctl-dev.) but that's not really bad, because i just included a the bioctl -cC -l /dev/sd2a -p passphrasefile softraid0 - command at the beginning and the bioctl -d sd3 at the end of my backup-scripts. but, right now i'am in a state where i can't unmount my backup-directory, i can't delete the bioctl-volume, and it will not reattach after reattaching the usb-disk: # umount /mnt/backup umount: /mnt/backup: Input/output error # umount -f /mnt/backup umount: /mnt/backup: Input/output error # bioctl -d sd3 bioctl: Can't open sd3: Device busy # bioctl -cC -l/dev/sd2a -p /var/passphrase.key softraid0 bioctl: ioctl: Invalid argument is it possible to force a volume deletion or unmount without rebooting? greetings, elias PS: (i know, i shouldn't have unplugged the usb-disk while mounted, but it got stuck because of the powermanagement of the disk again, and it isn't in productive use, anyways...)
Re: isakmpd will not initiate connection to Cisco ASA
I have seen this same behaviour with a configured Cisco ASA endpoint. The Cisco end needs to ping our network to initiate the connection, and from watching the IPSEC negotiations from the isakmpd capture files, the Cisco end rejects our proposal, but we accept their proposal. As Dag says, both ends are supposedly configured for the same encryption scheme, although the Cisco rejects our proposal. Cam Dag Richards wrote: I recently had a problem that looked similar. I would try to bring up the tunnels configured in ipsec.conf. No Phase 2 A dump on the external iface revealed that we were sending Phase 1 initiation. Their end was configured for a different encryption scheme, than ours ( even though we had agreed on one ). Since they were showing up with a vlaid PSK we accepted the values they proposed, whereas they rejected our proposal's. tcpdump -nvs1400 port 500 Christoph Leser wrote: Are you sure that obsd does not try to initiate the connection at least once? I have noticed the following problem with cisco: Some Cisco models delete the security association after an inactivity timeout, they call it Cisco IPSec Security Association Idle Timers. When this happens, openBSDs drop the information for this tunnel and is unable to recreate it. Cisco keeps the information and can reestablish the connection when someone pings or otherwise addresses the remote end. I had a short conversation about this with Hans-Jvrg Hvxer, but cannot say whether this behaviour is desired or considered a bug. I would try to delete the tunnel complete and configure it again while running tcpdump on the external interface ( or enable isakmpd packet capture, see the -L switch of isakmpd ). This will at least answer the question, whether openBSD attempts to establish the connection when the tunnel is defined for the first time. Regards Christoph -Urspr|ngliche Nachricht- Von: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] Im Auftrag von Chris Bullock Gesendet: Dienstag, 17. November 2009 15:45 An: misc@openbsd.org Betreff: isakmpd will not initiate connection to Cisco ASA We have many tunnels and for some reason I just set up a tunnel with a Cisco ASA and we can not initiate the connection from the OpenBSD side. If the Cisco side pings a device on the OpenBSD side the tunnel comes up. On the Cisco side they have bidirectional enabled, and they are not seeing the OpenBSD try to initiate the tunnel. Any help would be appreciated, Regards, Chris Bullock
Re: unable to delete bioctl-dev...
ah, ok, sorry! Am 11/18/2009 12:38 AM, schrieb Marco Peereboom: no i know about this On Wed, Nov 18, 2009 at 12:10:41AM +0100, elias r. wrote: ok, as i can't find it in the bug tracker, i assume i should file a bug report? Am 11/18/2009 12:00 AM, schrieb Ted Unangst: This is a bug in softraid. When the bottom disk disappears, it should make its disk disappear. That's what we do for normal mount points, autounmount on unplug. On Nov 17, 2009, at 12:45 PM, elias r.obs...@crudp.ath.cx wrote: Hello! i've still got some problems with the crypto on my external hard-drive. the automatic powermanagement of my external Western Digital Desktop Drive makes some problems in combination with bioctl i think, at least i can't access the bioctl-device after the hd had been in sleep-mode... (even if i wake it up before trying to access the bioctl-dev.) but that's not really bad, because i just included a the bioctl -cC -l /dev/sd2a -p passphrasefile softraid0 - command at the beginning and the bioctl -d sd3 at the end of my backup-scripts. but, right now i'am in a state where i can't unmount my backup-directory, i can't delete the bioctl-volume, and it will not reattach after reattaching the usb-disk: # umount /mnt/backup umount: /mnt/backup: Input/output error # umount -f /mnt/backup umount: /mnt/backup: Input/output error # bioctl -d sd3 bioctl: Can't open sd3: Device busy # bioctl -cC -l/dev/sd2a -p /var/passphrase.key softraid0 bioctl: ioctl: Invalid argument is it possible to force a volume deletion or unmount without rebooting? greetings, elias PS: (i know, i shouldn't have unplugged the usb-disk while mounted, but it got stuck because of the powermanagement of the disk again, and it isn't in productive use, anyways...)
Re: OpenBSD 4.6 pfsync kernel panic
hi anders, could you get me a full trace from ddb when the fault occurs? id also like the output of 'cvs info if_pfsync.?' in src/sys/net in the tree you built this kernel from? cheers, dlg On 17/11/2009, at 11:07 PM, Anders Pettersson wrote: Hi We get kernel panics when we reboot either one of our two OpenBSD 4.6 servers running pf. It seems that the kernel panic always happens at the point where the pf sync state import happens. Sometimes we can reboot the servers, one at the time, a number of times in a row without any problems. We have tried to understand why this occurs but to no avail, is there anyone who could advise us what to do to try and resolve this? The error message say: fatal page fault (6) in supervisor mode trap type 6 code 0 eip d031baf5 cs 50 eflags 10297 cr2 2c4 cpl 40 panic: trap type 6, code=0, pc=d031baf5 . . . --- trap (number 6) --- pfsync_state_import(d899e83a,2,2d0,de1b4bc8) at pfsync_state_import+0x75 We have two identical servers running OpenBSD 4.6 and pf, they are build on the Supermicro X7SBT motherboard: http://www.supermicro.com/products/motherboard/Xeon3000/X48/X7SBT.cfm They have a totalt of six nic; two internal Intel PRO/1000MT (82573E) and (82573L) and four Intel PRO/1000 QP (82571EB). The pfsync interface uses em4 (that is the first of the two internal network cards - Intel PRO/1000MT (82573E)); pfsync0: flags=41UP,RUNNING mtu 1500 priority: 0 pfsync: syncdev: em4 maxupd: 128 defer: off groups: carp pfsync And we have a simple rule pass quick on { em4 } proto pfsync ps -N /var/crash/bsd.0 -M /var/crash/bsd.0.core -O paddr gives; PID PADDR TT STAT TIME COMMAND 12176 d89f216c p0 Is+ 0:00.00 (ksh) 28044 d8ae82c4 C0- R/0 0:01.00 (snortsam) 18169 d8b9e2c0 C0 Is+ 0:00.00 (ksh) 3045 d8ae8834 C1 Is+ 0:10.00 (getty) 10861 d8ae8aec C2 Is+ 0:09.00 (getty) 3111 d8ae8c48 C3 Is+ 0:09.00 (getty) 5674 d8ae8da4 C5 Is+ 0:09.00 (getty) I have attached the dmesg output from one of the machines at the end of this email, Best regards Anders Mainloop Anders Pettersson and...@mainloop.se Stora Nygatan 5, 2tr 111 27 Stockholm Sweden mobile: +46 (70) 634 5818 OpenBSD 4.6-stable (GENERIC.MP) #0: Fri Nov 6 10:18:43 CET 2009 r...@puffy46.intranet.mainloop.net:/usr/src/sys/arch/i386/compile/GENERIC .MP cpu0: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR real mem = 2145402880 (2046MB) avail mem = 2065686528 (1969MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/19/08, BIOS32 rev. 0 @ 0xfdbc0, SMBIOS rev. 2.5 @ 0x7fedf000 (34 entries) bios0: vendor Phoenix Technologies LTD version 1.2a date 12/19/2008 bios0: Supermicro X7SBT acpi0 at bios0: rev 2 acpi0: tables DSDT FACP _MAR MCFG APIC BOOT SPCR ERST HEST BERT EINJ SLIC SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT acpi0: wakeup devices PEG_(S5) PEX_(S5) LAN_(S5) USB4(S5) USB5(S5) USB7(S5) ESB2(S5) EXP1(S5) EXP5(S5) EXP6(S5) USB1(S5) USB2(S5) USB3(S5) USB6(S5) ESB1(S5) PCIB(S5) KBC0(S1) MSE0(S1) COM1(S5) COM2(S5) PWRB(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu2: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Xeon(R) CPU X3220 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu3: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PEG_) acpiprt2 at acpi0: bus -1 (PEX_) acpiprt3 at acpi0: bus 5 (EXP1) acpiprt4 at acpi0: bus 13 (EXP5) acpiprt5 at acpi0: bus 15 (EXP6) acpiprt6 at acpi0: bus 17 (PCIB) acpicpu0 at acpi0: C3, PSS acpicpu1 at acpi0: C3, PSS acpicpu2 at acpi0: C3, PSS acpicpu3 at acpi0: C3, PSS acpibtn0 at acpi0: PWRB acpivideo0 at acpi0: IGD0 bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xc9000/0x1000 0xca000/0x1000 ipmi at mainbus0 not
Lord
Watch this video The Lord of the World
Re: Spanish language resources for OpenBSD
I'm not aware of many spanish resources... AFAIK, the only big resource centre was the Mexican community, but now it seems to be gone with all their translated and own documents. I'd never been a big advocate of translating efforts, but as a native spanish speaker, I should help whenever possible :) Regards, Dani Chris Bennett escribis: I am now going to be setting up occasionally but regularly OpenBSD machines for people who only speak Spanish. I have already found the language packs for kde, openoffice, firefox and thunderbird. I just accidentally figured out that that www.openbsd.org has a couple a pages in Spanish, but no links to them from site that I could find. Is there anyone actively maintaining Spanish translations? Most of what I found was several releases old or even older. Is there a particular site that has got it all? I also saw a while back on ports that scrotwm was adding man pages in some additional languages, but I don't see any signs of that. Was that just for non-OpenBSD versions? Thanks, Chris Bennett
Re: Spanish language resources for OpenBSD
I also don't like too much translating... but can help whenever possible (native spanish speaker). It's just that all the people that I know that can use (thoroughly) OpenBSD in my city can also read english very well (at least)... On Tue, Nov 17, 2009 at 08:24:54AM +0100, Daniel Gracia Garallar wrote: I'm not aware of many spanish resources... AFAIK, the only big resource centre was the Mexican community, but now it seems to be gone with all their translated and own documents. I'd never been a big advocate of translating efforts, but as a native spanish speaker, I should help whenever possible :) Regards, Dani Chris Bennett escribis: I am now going to be setting up occasionally but regularly OpenBSD machines for people who only speak Spanish. I have already found the language packs for kde, openoffice, firefox and thunderbird. I just accidentally figured out that that www.openbsd.org has a couple a pages in Spanish, but no links to them from site that I could find. Is there anyone actively maintaining Spanish translations? Most of what I found was several releases old or even older. Is there a particular site that has got it all? I also saw a while back on ports that scrotwm was adding man pages in some additional languages, but I don't see any signs of that. Was that just for non-OpenBSD versions? Thanks, Chris Bennett -- DISCLAIMER: http://goldmark.org/jeff/stupid-disclaimers/ This message will self-destruct in 3 seconds.
Re: midwest US mirror
First, I must apologize for the rather hasty OP (copied below . . . as well as the appreciated dev endorsement). Second, after setting up the ftp mirror, I did some further hacking and would like to make avaliable not just the ftp mirror, but also an http and rsync mirror as well. Thus, the following are avaliable to the public and a mention on the ftp page would be nice/appropriate/helpful. ftp://ftp.lambdaserver.com/pub/OpenBSD http://ftp.lambdaserver.com/pub/OpenBSD rsync://ftp.lambdaserver.com/ I should mention things that I didn't before and reiterate others . . . 1) I am committed to maintaining this service 2) At the moment, I have a ~300G hard drive devoted to it (and willing to devotre more, in the future) 3) I have a DSL (high-speed) connection 4) now I'm just kissing ass Thanks! -Neal On Sat, Nov 14, 2009 at 07:27:03AM -0700, Bob Beck wrote: Well neal, hopefully my partners in crime will get you on the ftp page - as for second level, we usually reserve that for sites with two special properties: 1) They need to be able to reach the Univesity of Alberta where the primary fanout site is over Internet 2 - this ensures releases get there fast and don't cost the university more money on their commercial internet link. 2) We need an openbsd developer involved in the mirror, so we have a nearby throat to choke if something goes awry.. Having said that just another decent mirror still does us good service - what with the new mirror picking stuff in 4.6 we expect more load on the mirrors, so it's nice to have more of them. 2009/11/14 neal hogan n...@lambdaserver.com: I am maintaining (and intend to continue to maintain) a full oBSD mirror in Chicago. I have a ~300G hard drive devoted to it. At the moment, I have 4.5, 4.6, snaps, and the non-release/snaps stuff. ftp://lambdaserver.com/pub/OpenBSD I'd like to support oBSD by making the availability of this mirror more widely known on the ftp page. Also, I am willing and able to be a 2nd Level mirror, if that is something you guys would be interested in (I would happily devote more hardware, if such a request were made). Thanks, -Neal
Re: Problem installing 4.6 on Toshiba Libretto 70CT
All tests ended with kernel: integer divide fault trap, code=0 Stopped at cpu_switchto+0x76: popl%ebx When softraid disabled ddbtrace cpu_switchto(d073cfa0,a26000,d0a20f18,d0a20ef8,d0202f41) at cpu_switchto+0x76 (null)(d020241,0,d0a20f18,d037cab8,d0854018) at 0 end(d0746c60,d073cfa0,0,d073cf57,0) at 0xd0a20ef8 config_rootfound(d073cfa0,0,d0a20fa0,d0360adf,2) at config_rootfound+0x3c main(0,0,0,0,0) at main+0x4b8 When acpi disabled/apm disabled/apm acpi disabled ddbtrace cpu_switchto(d0851534,d0c17800,d0a20f18,d03763c9,d0c17800) at cpu_switchto+0x76 cfdata(d0c17800,0c17800,0,0,d15ca984) at cfdata+0x44e8 config_attach(0,d084a0a4,0,0,d073cf57) at config_attach+0xfd config_rootfound(d073cfa0,0,d0a20fa0,d0360adf,2) at config_rootfound+0x27 main(0,0,0,0,0) at main+0x4b3 Regards, Marco Peereboom wrote: Nothing pops out at me. Can you try booting with several things disabled: * disable softraid * disable acpi * disable apm * disable apm acpi so those are 4 different tests. Thanks, /marco On Mon, Nov 16, 2009 at 06:34:46PM +0800, Hou Ruoyu wrote: As I upgraded to #377 Nov 15 kernel snapshot, the problem recurred. OpenBSD 4.6-current (GENERIC) #377: Sun Nov 15 00:38:03 MST 2009 (same as before) biomask edc5 netmask efc5 ttymask vscsi0 at root scsibus0 at vscsi0:256 targets softraid0 at root kernel: integer divide fault trap, code=0 Stopped at cpu_switchto+0x76 popl %ebx ddbtrace cpu_switchto(d0851534,d0c17800,d0a20f18,d03763c9,d0c17800) at cpu_switchto+0x76 cfdata(d0c17800,0c17800,0,0,d15ca984) at cfdata+0x44e8 config_attach(0,d084a0a4,0,0,d073cf57) at config_attach+0xfd config_rootfound(d073cfa0,0,d0a20fa0,d0360adf,2) at config_rootfound+0x27 main(0,0,0,0,0) at main+0x4b3 Regards, On Sun, Nov 15, 2009 at 11:45 PM, Marco Peereboom sl...@peereboom.us wrote: I think we fixed that in -current. ??Can you try the latest kernel? On Sun, Nov 15, 2009 at 01:12:13PM +0800, Hou, Ruoyu wrote: Thanks for the reply. Here are return info from trace and ps: ddbtrace cpu_switchto(d081f394,d0be5000,d09e9f18,d035f36d,d0be5000) at cpu_switchto+0x76 cfdata(d0be5000,d0be5000,0,d09e9f20,100) at cfdata+0x4434 config_attach(0,d0818080,0,0,d0821a38) at config_attach+0xfd config_rootfound(d070b6f7,0,d09e9fa0,d0349ad9,2) at config_rootfound+0x27 main(0,0,0,0,0) at main+0x4af ddbps ?? ??PID ?? PPID ?? PGRP ?? UID ??S ?? ?? ?? FLAGS ??WAIT ?? ?? ?? COMMAND ?? ?? ??8 ?? ?? ??0 ?? ?? ??0 ?? ?? 0 ??2 ?? ??0x100200 ?? ?? ?? ?? ?? ?? pfpurge ?? ?? ??7 ?? ?? ??0 ?? ?? ??0 ?? ?? 0 ??2 ?? ??0x100200 ?? ?? ?? ?? ?? ?? pcic0,0,1 ?? ?? ??6 ?? ?? ??0 ?? ?? ??0 ?? ?? 0 ??2 ?? ??0x100200 ?? ?? ?? ?? ?? ?? pcic0,0,0 ?? ?? ??5 ?? ?? ??0 ?? ?? ??0 ?? ?? 0 ??2 ?? ??0x100200 ?? ?? ?? ?? ?? ?? apm0 ?? ?? ??4 ?? ?? ??0 ?? ?? ??0 ?? ?? 0 ??2 ?? ??0x100200 ?? ?? ?? ?? ?? ?? syswq ?? ?? ??3 ?? ?? ??0 ?? ?? ??0 ?? ?? 0 ??2 ?? ??0x100200 ?? ?? ?? ?? ?? ?? idle0 ?? ?? ??2 ?? ?? ??0 ?? ?? ??0 ?? ?? 0 ??2 ?? ??0x100200 ?? ?? ?? ?? ?? ?? kmthread * ?? ??1 ?? ?? ??0 ?? ?? ??0 ?? ?? 0 ??7 ?? ?? ?? ?? ?? 0 ?? ?? ?? ?? ?? ?? swapper ?? ?? ??0 ?? ?? ??0 ?? ?? ??0 ?? ?? 0 ??3 ?? ?? 0x80200 ??wdccmd ?? ?? swapper My disk was partioned as follows: 1120MB as / and set bootable 80MB as swap remaining 340+MB was FAT32 and mounted as /MSDOS. Regards, Marco Peereboom wrote: type trace please On Sun, Nov 15, 2009 at 11:55:27AM +0800, Hou, Ruoyu wrote: I am trying to install OpenBSD 4.6 on a old Libretto 70CT. The installation was finished without error but stuck at rebooting. Since no PCMCIA-floppy or PCMCIA-CD-ROM on hand, I booted the boot cdimage file by Grub4DOS and performed net install. Reboot run into kernel fault. dmesg as follows: OpenBSD 4.6 (GENERIC) #58: Thu Jul 9 21:24:42 MDT 2009 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium/MMX (GenuineIntel 586-class) 121 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,MMX real mem = 33255424 (31MB) avail mem = 21803008 (20MB) mainbus0 (root) bios0 at mainbus0: AT/286+ BIOS, date 02/10/99 apm0 at bios0: Power Management spec V1.2 apm0: battery life expectancy 100% apm0: AC on, battery charge high, charging pcibios at bios0 function 0x1a not configured bios0: ROM list: 0xe4000/0xc000 cpu0 at mainbus0: (uniprocessor) cpu0: F00F bug workaround installed isa0 at mainbus0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 vga0 at isa0 port 0x3b0/48 iomem 0xa/131072 wsdisplay0 at vga0 mux 1: console (80x25, vt100 emulation), using wskbd0 wsdisplay0: screen 1-5 added (80x25, vt100 emulation) wdc0 at isa0 port 0x1f0/8 irq 14 wd0 at wdc0 channel 0 drive 0:
NFS problems in 4.5
Hi all, apologies if this mail shows up twice - I've sent it last Sunday, but it never showed up on the list, so I assume that it got swallowed by the unscheduled server maintenance. I think I need someone to hit me with a clue-by-four - or at least a hint as to what I may be missing here: Three weeks back, the system drive of my home server (DNS, NFS, mail, NTP, web and firewall) crashed and as I needed to reinstall anyway, I decided to finally upgrade from the 4.2 it was running. As I had 4.5 on the shelf, I used that version. The problem is: Ever since the new installation I am having problems with NFS. On the clients (at the moment all Linux/x86), I'm getting slow responses and long waiting times on all accounts that have a NFS $HOME (local accounts are fine). On the server, I'm getting tons of messages like this (/var/log/daemon): [...] Nov 15 18:03:19 SERVER rpc.lockd: no matching entry for CLIENT1 Nov 15 18:03:19 SERVER rpc.lockd: duplicate lock from CLIENT1.135 Nov 15 18:03:19 SERVER rpc.lockd: no matching entry for CLIENT1 Nov 15 18:03:24 SERVER rpc.lockd: duplicate lock from CLIENT1.135 Nov 15 18:03:24 SERVER last message repeated 3 times [...] (rpc.lockd is running with -d4 and rpc.statd with -d). On the clients, I have not seen any unusual messages. The client configuration has not changed since the re-install of the server. The server configuration has - as far as I remember/if my notes are correct - also not changed, with the exception of the firewall configuration. To rule that out, I've also tried with a rule set pass in all pass out all (i.e. just pass everything), but that did not change anything. From the announces, I've seen that (unless I missed something) the main difference between 4.5 and 4.2 with regard to NFS is the introduction of rpc.statd - is that right? I've been through the rpc.statd man page, the rpc.lockd man page and tried googling the error messages, but came up empty. With 4.2 and earlier, I never had any NFS problems, hence the feeling that I might be missing something stupid. If anybody could point me in the right direction (TFM, docs, debugging ideas,... ), I'd really appreciate it! Thanks in advance, Thomas -- - Thomas Ribbrockhttp://www.ribbrock.org You have to live on the edge of reality - to make your dreams come true! - End forwarded message - -- - Thomas Ribbrockhttp://www.ribbrock.org You have to live on the edge of reality - to make your dreams come true!
Re: softraid init at startup
On Tuesday 17 November 2009 21.53.11 you wrote: Am 11/17/2009 05:08 PM, schrieb LEVAI Daniel: I have a crypto softraid device and now I set it up at every boot in rc.local with a bioctl fsck mount combination. Is there any standard way of setting up softraid0 devices at boot, or everyone use their own implementation (eg. in /etc/rc.local)? Hi, as far as I know, this is the way to do it. Thanks, then I'll just stick with it. Daniel -- LIVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1