Re: -CURRENT, VLANs, NAT
--- On Tue, 2/2/10, David Gwynne l...@animata.net wrote: match out on vlan301 from vlan303:network nat-to vlan301 all the cool kids are going: match out on vlan301 nat-to vlan301 received-on vlan303 You've got to be kidding me. This makes me all giddy inside! Woot! Woot! --- James A. Peltier james_a_pelt...@yahoo.ca __ Make your browsing faster, safer, and easier with the new Internet Explorer. 8. Optimized for Yahoo! Get it Now for Free! at http://downloads.yahoo.com/ca/internetexplorer/
Re: MFM disk geometry
Results 1 - 10 of about 25,100 for Seagate ST225, possibly the most common 20MB 1/2 height MFM drive. Google is my friend. It could be your friend, too. I seem to recall that LBA and fake geometry and related stunts could be done on the controller. At least I recall a Promise IDE controller like that. Inspect the controller card. There will be a mfg name. Maybe a model. Try google. With luck you'll find out what the jumpers mean, and you could begin making progress, rather than poking around with a stick at it. Good luck. Dave On Tue, Feb 2, 2010 at 12:23 AM, Daniel Malament b...@anonix.net wrote: holy cow. of all the times NOT to post a dmesg! (and fdisk output). It snip -- In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.
Re: MFM disk geometry
On Tue, Feb 2, 2010 at 4:23 PM, Daniel Malament b...@anonix.net wrote: holy cow. of all the times NOT to post a dmesg! (and fdisk output). It probably wouldn't help diagnose the problem, but it would be cool to see. :) Obviously, you got a PIII machine with ISA slots, not the most common of beasts (though they certainly exist). (actually, the dmesg would probably just show wdc0 at ... , but it would be kinda cool to know that it was REALLY a wdc, not a low-end IDE interface pretending it was an AT controller). Heh. It does. I'll have to remember to save copies when I finally get all this working. :) And the machine is a Dell Dimension with one PCI/ISA shared slot. I think you need to go back to a P1 (or maybe some PII?) system before you will find one with manual drive parameter selections. That will lead to another problem, very, very very few of those will allow you to directly boot from the secondary controller. HOWEVER, you may be able to set the primary controller to the IDE, and put your MFM controller as secondary (many of the original ones had such a jumper) and be set, or install a SCSI controller and drive and use a boot floppy to boot from hd1a:/bsd... Yeah, I found it rather odd that it would do that in the first place. I think what's happening is the BIOS can tell there's a controller there, but then it doesn't recognize the drive as something bootable, so it goes to the next hd. The 90 MHz Pentium I tried was, well, highly bizarre. For example, the IDE jumpers were labeled 'PCI IDE' and 'ISA IDE'... and even with the IDE turned off in the BIOS, and a drive attached to the 'ISA IDE', it attempted to boot from that drive, which gave me a dmesg including wdc0 @ pci0. Oh, and I have no docs on the controller, and haven't found any online, and the (many) jumpers are unlabeled. So unfortunately... Yeah. Plus, the controller is physically HUGE (lengthwise). Not all of the machines I've tried can even get it into a slot. Try looking for Total Hardware '99 - your controller might be documented in there. (Just found this... Looks pretty similar. http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItemitem=250157575469 ) As you have probably (re)discovered, the OS takes its cues on the drive geometry from the BIOS. On modern IDE drives, it just doesn't matter, but on an MFM drive, head 3 was really head 3, cylinder 138 was really cylinder 138, and there were 17 sectors on each track, and where the OS requested is where the controller placed the drive and Yes. 615/4/17, although I've also seen 616 mentioned (it's an ST225 with no values on the label). The partition ends at 613 (i.e. 614th cyl), and I think the last track is the landing zone, so I'm going to go with 615 if I can get to that point... where the data came off, so yes, it really needs to be right. Yes, source could probably be modified to hard-code this in the OS, but getting it right would be interesting...and very much in untested code paths, I suspect. Well, on the one hand this seems like something you should be able to shoot yourself in the foot with if you really want, not to mention another way to be BIOS-agnostic. On the other, this is about the only time it would ever matter, so I guess the kernel doesn't need the added complexity of a way to change it... good luck, I'm curious how it all works out... Well, I can post the dmesg and fdisk when I get there. :) Thanks. -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
Re: way to help: laptops and weekly
Hi, On Tue, Feb 2, 2010 at 1:08 AM, Ingo Schwarze schwa...@usta.de wrote: [...] Some time ago, we discussed a potential maintenance(8) utility and decided to postpone the idea until we find more uses. Right here, maintenance(8) might help: 1. At 1:30 AM daily, run maintenance without any arguments, which will - run daily(8) unless it ran today - run security(8) in any case - run weekly(8)unless it ran this week - run monthly(8) unless it ran this month I very like the idea of your maintenance, just wanted to add a thought: for all the people that don't use their pcs so many hours every day, how about counting the uptime (and saving its value at shutdown) so that daily is run every 24 hours _of_use_, and so on for the others? One doesn't need a locate rebuild every week if he didn't use the system, right? My 2 eurocents. :-) Ciao, D.
Изменения в оплате труда и в отчетности по ней
+Ook`r` rpsd` b Skp`hme oo-mobols. Hglememh b ook`re rpsd` h m`kocooakofemhh b{ok`r b 2010 cods, bkk~w` oqoaemmoqrh oph oow`qoboi ook`re rpsd`. Doo.boopoq: Oepqomhthk`vh oo-mobols sfe q orwer` g` mb`p|. Whqkob{e ophlep{ g`ookmemh mob{u topl b oqoa{u qksw`u (aok|mhwm{e, org{b hg orosqk`, dekperm{e, orosqk g` qboi qwer h dp.); 9 tebp`k 2010 c. c. Kheb a-p R. Xebwemko 4 orek| +Q`mkr-Oerepaspc; Oo okomw`mhh - qeprhthk`r o oob{xemhh kb`khthk`vhh. (qrohloqr| odmodmebmoco kspq` 420 cpm) (044) 223-25-71 Hglememh b ook`re rpsd` b 2010 cods. Mob{i oopdok m`whqkemh +dekperm{u;. Ophlememhe dk p`qwer` k`kemd`pm{u dmei bleqro p`aowhu, swer qsll orosqkm{u h dpschu b{ok`r oo qpedmels g`p`aorks, p`qopedekemhe odmop`gob{u b{ok`r, mob{i oopdok p`qwer` oph orqsrqrbhh g`p`aork`. Oepeuod m` ophlememhe ook`g`rek qpedmew`qoboi g`pok`r{ bleqre qpedmedmebmoi dk p`qwer` aok|mhwm{u oph p`aore m` sqkobhu meookmoco p`aoweco dm. Oopdok odmobpelemmoco ophlememh leqwmoi h oow`qoboi lhmhl`k|moi g`pok`r{. Hglememhe opodokfhrek|moqrh doookmhrek|moco qovh`k|moco orosqk` m` derei h p`glep` m`kocoboi qovh`k|moi k|cor{. K`k ophlemr| mob{e p`glep{ opofhrowmoco lhmhlsl` h lhmhl`k|moi g`pok`r{. Mob{e op`bhk` opedqr`bkemh orwermoqrh b Oemqhomm{i tomd: - oepeuod k efeleqwmoi oepqomhthk`vhh q 1 mb`p 2010 cod`; - kro, b k`kol bhde (}kekrpommol hkh asl`fmol) h b k`khe qpokh qd`er orwermoqr|; - mob{e topl{ orwermoqrh h oopdok hu g`ookmemh; - k`k orp`f`r| oepeuodyhe orosqkm{e h aok|mhwm{e; - oqoaemmoqrh swer` b{ok`r, opeb{x`~yhu l`kqhl`k|ms~ bekhwhms; - hqop`bkemhe oxhaowmo m`whqkemm{u qsll; - oqoaemmoqrh qd`wh orwermoqrh b 1 kb`pr`ke 2010 cod`; - orberqrbemmoqr| g` m`psxemhe op`bhk opedqr`bkemh orwermoqrh. Orwermoqr| b tomd{ qovqrp`uob`mh: oopdok hqop`bkemh oxhaok, p`qwer bgmoqob q swerol oephodob m`whqkemh h l`kqhl`k|moi bekhwhm{. Hglememhe ooghvhh c...@s oo ormoxemh~ k m`kocooakofemh~ g`pok`r{ mepeghdemrob. K`k qoorberqrbob`r| rpeaob`mhl rpsdoboco, m`kocoboco h qrp`uoboco g`komod`rek|qrb` b sqkobhu thm`mqoboco kphghq`. Oqoaemmoqrh m`whqkemh qpedmei g`pok`r{ oph p`aore b sqkobhu meookmoco p`aoweco bpelemh q swerol p`gzqmemhi tomdob qovqrp`u`. Koppekrhpobk` qpedmeco g`p`aork` oph hglememhh g`pok`r{ b p`qwermol oephode q swerol lmemh Lhmrpsd`. Ook`r` rpsd` b sqkobhu ophlememh p`gkhwm{u qooqoaob qoup`memh k`dpob: +b{msfdemm{e orosqk`;; bbedemhe meookmoco p`aoweco bpelemh; orlem` hkh qokp`yemhe doookmhrek|m{u c`p`mrhim{u h koloemq`vhomm{u b{ok`r; hglememhe sqkobhi ook`r{ rpsd` h dp. Oopdok oepeqlorp` sqkobhi ook`r{ rpsd` b kokdocobope hkh ookofemhh oa ook`re rpsd` q swerol rpeaob`mhi g`komod`rek|qrb`. Oag`rek|m{e op`bob{e c`p`mrhh. Qock`qob`mhe, srbepfdemhe h dokslemr`k|moe otoplkemhe hglememhi. Opehlsyeqrb` h medoqr`rkh p`gkhwm{u topl ophbkewemh p`aowei qhk{: rpsdoboi docobop (xr`rmo hkh oo qobleqrhrek|qrbs), cp`fd`mqko-op`boboi docobop o b{ookmemhh p`aor hkh ok`g`mhh sqksc. P`gkhwh b oopdke m`kocooakofemh. Qorpsdmhweqrbo q w`qrm{lh opedophmhl`reklh, p`aor`~yhlh m` edhmol m`koce hkh m` oayei qhqrele. Rpeaob`mh k otoplkemh~, oqoaemmoqrh m`kocooakofemh, opoakel{ oph opobepke. Oqoaemmoqrh ophlememh b{ok`r, slem|x`~yhu m`kocoboe d`bkemhe, b bhde: - doookmhrek|m{u ak`c (ook`r` fhk|, ood`pkh, qkhdkh, ook|gob`mhe `brorp`mqooprol); - ook`r{ oaswemh, qrp`uob`mh h kewemh p`aormhkob; - aeqopovemrm{u qqsd (b r.w. mebogbp`y`el{u); - +qbepub{qokoi; g`pok`r{; - l`reph`k|moi ooloyh; - `pemdm{u ok`refei; - koloemq`vhh g` hqook|gob`mhe hlsyeqrb` p`aormhkob; - p`qwer` g` corob{i opodskr; - meoepqomhthvhpob`mm{u douodob; - m`kocob{u qovh`k|m{u k|cor (b r.w. m` derei) h dp. Oqoaemmoqrh p`qwerob q p`aormhk`lh, sbokemm{lh: oo qoaqrbemmols fek`mh~ hkh oo qock`xemh~ qropom; oo qokp`yemh~ k`dpob; oo oepebods k dpscols p`aorod`rek~; b qbgh q m`psxemhel qo qropom{ p`aorod`rek rpsdoboco g`komod`rek|qrb`; b qbgh q hglememhel qsyeqrbemm{u sqkobhi p`aor{. P`qwer h m`kocooakofemhe b{ok`r oph sbok|memhh: b{uodmoe ooqoahe (oo g`komod`rek|qrbs h/hkh oo hmhvh`rhbe opedophrh), koloemq`vh g` mehqook|gob`mm{i orosqk hkh sdepf`mhe g` hgkhxme hqook|gob`mm{e dmh orosqk`, qsll{ l`reph`k|moco syepa`, meooc`xemm{e qqsd{. B{ok`r{, m`whqkemm{e ooqke sbok|memh p`aormhk`, h hu m`kocooakofemhe. Oopdok m`whqkemh h m`kocooakofemh b{ok`r p`aormhk`l, boqqr`mobkemm{l m` p`aore oo pexemh~ qsd`, g` b{msfdemm{i opocsk. Rpeaob`mh k rpsdosqrpoiqrbs hmb`khdob. Hglememh b oopdke opobedemh opobepok. Oob{xemhe p`glepob xrp`tm{u q`mkvhi g` m`psxemh b qtepe ook`r{ rpsd`. Orber{ m` boopoq{ qksx`rekei, hmdhbhds`k|moe komqsk|rhpob`mhe, b rol whqke oo boopoq`l ook`r{ rpsd`, me boxedxhl b opocp`lls. OPOBODHR ce...@p Pesrob` m...@. - bedsyhi qoevh`khqr b oak`qrh m`kocoboco h asuc`krepqkoco swer`. Qeprhthvhpob`mm{i `sdhrop, komqsk|r`mr oo m`kocob{l qoop`l, `brop lmocowhqkemm{u osakhk`vhi
Re: MFM disk geometry
Try looking for Total Hardware '99 - your controller might be documented in there. Nice! Thanks. http://th99.dyndns.org/c/C-D/20069.htm Unfortunately, it doesn't look like it's actually all that configurable. Although I don't know what some of those settings actually mean. Does anyone else see ways this can help, or care to explain the settings? :) [Ports I understand. Rate I understand but I don't know why you'd need to set it unless maybe it was a question of really really old controllers/CPUs being slower? The others...] [P.S. The controller and drive were pulled from a Wyse 286. Which I have, but seems not to want to boot ATM. The last time I got it to boot, it didn't seem to see the HD. And anyway, I'd like to avoid having to move 20 megs of data on floppies if possible. I'm guessing that that and serial cables would be the only workable choices, given driver difficulties with DOS 3.3 and the fact that the BIOS setup program was apparently originally on a disk which I don't have...]
Re: MFM disk geometry
From: Daniel Malament b...@anonix.net Subject: Re: MFM disk geometry Try looking for Total Hardware '99 - your controller might be documented in there. Nice! Thanks. http://th99.dyndns.org/c/C-D/20069.htm Unfortunately, it doesn't look like it's actually all that configurable. Although I don't know what some of those settings actually mean. Does anyone else see ways this can help, or care to explain the settings? :) I think my first course of action would be to use DOS, or possibly OS/2, to override the disk geometry, unless the disk has data on it that can only be accessed from OpenBSD. Yes, I know it's intellectually more fun to get OpenBSD to do it, but for a one off with little practical future use I think I'd use something else. DOS, OS/2 and OpenBSD can of course all be booted from floppy, thus avoiding any early initialisation nastiness. I'm curious as to exactly what the difference between 'driven to interface' and 'intercepted by controller' is. Is this a standard interface vs INT13 thing? I wouldn't call a P3 system with ISA particularly unusual - by the time the P4 came out they were rare (although, readily available especially if needed for industrial applications). PK
multiple qemu hosts
Hello list I am trying to get multiple qemu guests on host machine running. Host and guests are running openbsd 4.6 in sync with the patch brunch. The Host IP is: 192.168.102.110 The guest should have: 192.168.102.111, 192.168.102.112 .. and so on. All in the same network, using the same DNS server and gateway. I have read /usr/local/share/doc/qemu/README.OpenBSD and tried the samples in the tap section. This works fine for one host. For example, this is working well for one host: ifconfig tun0 link0 ifconfig bridge0 create brconfig bridge0 add tun0 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 \ -name Host1 \ -no-fd-bootchk \ -hda Host1/system.img 3/dev/tun0 Then, I'd like to doing this: ifconfig tun1 link0 ifconfig bridge1 create brconfig bridge1 add tun1 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:11 \ ## MAC changed -net tap,fd=4 \ ## fd changed -name Host1 \ -no-fd-bootchk \ -hda Host2/system.img 4/dev/tun1 ## tun interface changed But this fails. Is there a way to do something like this without adding a real NIC? Thanks in advance! Matthias
iMac G3 500Mhz
Hi all, a succesfull install of openbsd 4.6 on an iMac G3 500 Mhz running openvpn server. Best regards -- Matteo Filippetto Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2009 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.6 (GENERIC) #43: Thu Jul 9 21:29:23 MDT 2009 dera...@macppc.openbsd.org:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 134217728 (128MB) avail mem = 116981760 (111MB) mainbus0 at root: model PowerMac4,1 cpu0 at mainbus0: 750 (Revision 0x3311): 500 MHz: 256KB backside cache mem0 at mainbus0 spdmem0 at mem0: 128MB SDRAM non-parity PC133CL2 memc0 at mainbus0: uni-n kiic0 at memc0 offset 0xf8001000 iic0 at kiic0 mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 Apple Pangea AGP rev 0x00 vgafb0 at pci0 dev 16 function 0 ATI Rage 128 Pro rev 0x00, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x0 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 Apple Pangea rev 0x00 macobio0 at pci1 dev 23 function 0 Apple Pangea Macio rev 0x00 openpic0 at macobio0 offset 0x4: version 0x4614 little endian macgpio0 at macobio0 offset 0x50 macgpio1 at macgpio0 irq 47 programmer-switch at macgpio0 not configured escc-legacy at macobio0 offset 0x12000 not configured zsc0 at macobio0 offset 0x13000: irq 22,50 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 awacs0 at macobio0 offset 0x14000: irq 24,9,10 speaker audio0 at awacs0 timer at macobio0 offset 0x15000 not configured adb0 at macobio0 offset 0x16000 irq 25: via-pmu, 0 targets apm0 at adb0: battery flags 0x9, 0% charged kiic1 at macobio0 offset 0x18000 iic1 at kiic1 wdc0 at macobio0 offset 0x1f000 irq 19: DMA wd0 at wdc0 channel 0 drive 0: ST320410A wd0: 16-sector PIO, LBA, 19536MB, 40011300 sectors atapiscsi0 at wdc0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: LG, CD-ROM CRN-8242B, LASF ATAPI 5/cdrom removable wd0(wdc0:0:0): using PIO mode 4, DMA mode 2 cd0(wdc0:0:1): using PIO mode 4, DMA mode 2 ohci0 at pci1 dev 24 function 0 Apple Pangea USB rev 0x00: irq 27, version 1.0 ohci1 at pci1 dev 25 function 0 Apple Pangea USB rev 0x00: irq 28, version 1.0 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 Apple OHCI root hub rev 1.00/1.00 addr 1 usb1 at ohci1: USB revision 1.0 uhub1 at usb1 Apple OHCI root hub rev 1.00/1.00 addr 1 mpcpcibr2 at mainbus0 pci: uni-north, Revision 0x16 pci2 at mpcpcibr2 bus 0 pchb2 at pci2 dev 11 function 0 Apple Pangea PCI rev 0x00 Apple Pangea FireWire rev 0x00 at pci2 dev 14 function 0 not configured gem0 at pci2 dev 15 function 0 Apple Pangea GMAC rev 0x00: irq 41, address 00:03:93:8d:2b:9c bmtphy0 at gem0 phy 0: BCM5201 10/100 PHY, rev. 2 softraid0 at root bootpath: /p...@f200/mac...@17/at...@1f000/d...@0:/bsd root on wd0a swap on wd0b dump on wd0b arp info overwritten for 192.168.1.205 by 00:14:c1:2b:38:ca on gem0 arp info overwritten for 192.168.1.205 by 00:14:c1:2b:37:d3 on gem0 arp info overwritten for 192.168.1.205 by 00:19:db:fe:64:19 on gem0 syncing disks... done rebooting [ using 437516 bytes of bsd ELF symbol table ] console out [ATY,Rage128P2ks]console in [keyboard] , no keyboard attached, trying usb anyway : memaddr 9400 size 400, : consaddr 96008000, : ioaddr 9002, size 2: memtag 8000, iotag 8000: width 800 linebytes 1024 height 600 depth 8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2009 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.6 (GENERIC) #43: Thu Jul 9 21:29:23 MDT 2009 dera...@macppc.openbsd.org:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 134217728 (128MB) avail mem = 116981760 (111MB) mainbus0 at root: model PowerMac4,1 cpu0 at mainbus0: 750 (Revision 0x3311): 500 MHz: 256KB backside cache mem0 at mainbus0 spdmem0 at mem0: 128MB SDRAM non-parity PC133CL2 memc0 at mainbus0: uni-n kiic0 at memc0 offset 0xf8001000 iic0 at kiic0 mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 Apple Pangea AGP rev 0x00 vgafb0 at pci0 dev 16 function 0 ATI Rage 128 Pro rev 0x00, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x0 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 Apple Pangea rev 0x00 macobio0 at pci1 dev 23 function 0 Apple Pangea Macio rev 0x00 openpic0 at macobio0 offset 0x4: version 0x4614 little endian macgpio0 at macobio0 offset 0x50 macgpio1 at macgpio0 irq 47 programmer-switch at macgpio0 not configured escc-legacy at macobio0 offset 0x12000 not configured zsc0 at macobio0 offset 0x13000: irq 22,50 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 awacs0 at macobio0 offset 0x14000: irq 24,9,10 speaker audio0 at awacs0 timer at macobio0 offset
Re: MFM disk geometry
I think my first course of action would be to use DOS, or possibly OS/2, to override the disk geometry, unless the disk has data on it that can only be accessed from OpenBSD. Yes, I know it's intellectually more fun to get OpenBSD to do it, but for a one off with little practical future use I think I'd use something else. DOS, OS/2 and OpenBSD can of course all be booted from floppy, thus avoiding any early initialisation nastiness. I'm not sure what you're describing here. Also, accessing the data from DOS still leaves the problem of moving it. Or perhaps I didn't make it sufficiently clear that the goal was to copy the data off the drive...
Re: multiple qemu hosts
Matthias Pfeifer wrote: Hello list I am trying to get multiple qemu guests on host machine running. Host and guests are running openbsd 4.6 in sync with the patch brunch. The Host IP is: 192.168.102.110 The guest should have: 192.168.102.111, 192.168.102.112 .. and so on. All in the same network, using the same DNS server and gateway. I have read /usr/local/share/doc/qemu/README.OpenBSD and tried the samples in the tap section. This works fine for one host. For example, this is working well for one host: ifconfig tun0 link0 ifconfig bridge0 create brconfig bridge0 add tun0 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 \ -name Host1 \ -no-fd-bootchk \ -hda Host1/system.img 3/dev/tun0 Then, I'd like to doing this: ifconfig tun1 link0 ifconfig bridge1 create brconfig bridge1 add tun1 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:11 \ ## MAC changed -net tap,fd=4 \ ## fd changed -name Host1 \ -no-fd-bootchk \ -hda Host2/system.img 4/dev/tun1 ## tun interface changed But this fails. Is there a way to do something like this without adding a real NIC? Thanks in advance! Matthias NOTE: sudo calls closefrom(2). In order to have more than one fd passed tap interface, a line to sudoers akin to: Defaults closefrom_override then calling sudo via 'sudo -C 5 -u $USER qemu ..' is required. See sudoers(5) and sudo(8) for details. -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca
Re: MFM disk geometry
From: Daniel Malament b...@anonix.net To: Peter Kay (Syllopsium) syllops...@syllopsium.com I think my first course of action would be to use DOS, or possibly OS/2, to override the disk geometry, unless the disk has data on it that can only be accessed from OpenBSD. Yes, I know it's intellectually more fun to get OpenBSD to do it, but for a one off with little practical future use I think I'd use something else. DOS, OS/2 and OpenBSD can of course all be booted from floppy, thus avoiding any early initialisation nastiness. I'm not sure what you're describing here. Also, accessing the data from DOS still leaves the problem of moving it. Or perhaps I didn't make it sufficiently clear that the goal was to copy the data off the drive... I'm just saying that some operating systems more of the era that the drive was created in are able to specify (override) disk geometries. Obviously moving the data off the drive requires another hard drive, floppies, a network etc exactly the same as under OpenBSD. Alternatively, can disktab be used? The documentation is not entirely transparent on this, but it does appear that disktab might be able to override BIOS parameters. PK
Re: cvs using ssh an intermediary machine
Aioanei Rares wrote: I've been trying a method to use CVS with SSH using a middle machine as a stepping stone to cvs.eu.openbsd.org. can't create temporary directory /tmp/cvs-serv29515 No space left on device Try another CVS server, eu.openbsd.org gave me the same problems, although it looks like a local quirk at first. .fr.openbsd.org suits me just fine. Thanks .. for the report. Old stale checkouts ate my mfs. Cron and rm will keep it clean from now on.
Re: pf and apache: to stop a scripter
Jacob Yocom-Piatt wrote: there is a website protected by pf and running apache on a recent openbsd snapshot that needs to be protected against scripting attacks. i can configure both pf and apache to help block this behavior but am not familiar with the best practices for such configurations. the situation is that a user who authenticates to apache via htpasswd has run a script a number of times in an attempt to mine a database. all of the user activity is already logged by apache and it is crystal clear that scripting is going on. i would like to stop this scripting in its tracks and here is what i am already looking at: Jacob, what was their response when you spoke with them in person (or on the phone) about the scripting? How, exactly, did you word your request for them to stop? /Lars
Re: Dell Studio 1558
Hi, ... | - Network wired and wireless both work. ... | iwn0 at pci3 dev 0 function 0 Intel WiFi Link 6000 rev 0x35: apic 2 | int 17 (irq 7), MIMO 2T2R, MoW, address 00:23:14:13:b8:00 It is the first time I see a dmesg with a Centrino Advanced-N 6200 :-) Have you tried to associate with an access point and transfer data over it, or are you saying that it works just because it is detected? If it really works, then that's great news! Damien
Re: Dell Studio 1558
On Tue, Feb 2, 2010 at 1:20 PM, damien.bergam...@free.fr wrote: Hi, ... | - Network wired and wireless both work. ... | iwn0 at pci3 dev 0 function 0 Intel WiFi Link 6000 rev 0x35: apic 2 | int 17 (irq 7), MIMO 2T2R, MoW, address 00:23:14:13:b8:00 It is the first time I see a dmesg with a Centrino Advanced-N 6200 :-) I chose _specifically_ this type of wireless network, as the default Dell 13xx was too nebulous to bet on. Have you tried to associate with an access point and transfer data over it, or are you saying that it works just because it is detected? No, no, it works! I use it every time at home; so far no problem, but I couldn't say I have done so many transfers. If it really works, then that's great news! Thanks to you and to the other developers. Making these things work based on simple (!) documentation is amazing! Ciao, D.
Re: MFM disk geometry
Alternatively, can disktab be used? The documentation is not entirely transparent on this, but it does appear that disktab might be able to override BIOS parameters. Apparently not. disktab looks like it's mostly used by disklabel. It turns out disklabel with -e will let you edit the geometry, but the kernel doesn't actually change the values it uses for drive access, even though the disklabel remains correct/consistent upon reload.
Re: multiple qemu hosts
Hello On Tue, 02 Feb 2010 05:35:28 -0600 Vijay Sankar vsan...@foretell.ca wrote: Matthias Pfeifer wrote: Hello list I am trying to get multiple qemu guests on host machine running. Host and guests are running openbsd 4.6 in sync with the patch brunch. The Host IP is: 192.168.102.110 The guest should have: 192.168.102.111, 192.168.102.112 .. and so on. All in the same network, using the same DNS server and gateway. I have read /usr/local/share/doc/qemu/README.OpenBSD and tried the samples in the tap section. This works fine for one host. For example, this is working well for one host: ifconfig tun0 link0 ifconfig bridge0 create brconfig bridge0 add tun0 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 \ -name Host1 \ -no-fd-bootchk \ -hda Host1/system.img 3/dev/tun0 Then, I'd like to doing this: ifconfig tun1 link0 ifconfig bridge1 create brconfig bridge1 add tun1 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:11 \ ## MAC changed -net tap,fd=4 \ ## fd changed -name Host1 \ -no-fd-bootchk \ -hda Host2/system.img 4/dev/tun1 ## tun interface changed But this fails. Is there a way to do something like this without adding a real NIC? Thanks in advance! Matthias NOTE: sudo calls closefrom(2). In order to have more than one fd passed tap interface, a line to sudoers akin to: Defaults closefrom_override then calling sudo via 'sudo -C 5 -u $USER qemu ..' is required. See sudoers(5) and sudo(8) for details. -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca I have added Defaults closefrom_override to /etc/sudoers. So i am using the tun0 for the second qemu host: sudo sh -c sudo -C 5 -u qemu qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 -name DSB -no-fd-bootchk -hda host1/system.img 3/dev/tun0 Working fine. Then the second: sudo sh -c sudo -C 5 -u qemu qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=4 -name DSB -no-fd-bootchk -hda host1/system.img 4/dev/tun0 this gives me a cannot create /dev/tun0: Device busy
Re: iMac G3 500Mhz
COOL!! Keep puffying 2010/2/2 matteo filippetto matteo.filippe...@gmail.com Hi all, a succesfull install of openbsd 4.6 on an iMac G3 500 Mhz running openvpn server. Best regards -- Matteo Filippetto Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2009 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.6 (GENERIC) #43: Thu Jul 9 21:29:23 MDT 2009 dera...@macppc.openbsd.org:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 134217728 (128MB) avail mem = 116981760 (111MB) mainbus0 at root: model PowerMac4,1 cpu0 at mainbus0: 750 (Revision 0x3311): 500 MHz: 256KB backside cache mem0 at mainbus0 spdmem0 at mem0: 128MB SDRAM non-parity PC133CL2 memc0 at mainbus0: uni-n kiic0 at memc0 offset 0xf8001000 iic0 at kiic0 mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 Apple Pangea AGP rev 0x00 vgafb0 at pci0 dev 16 function 0 ATI Rage 128 Pro rev 0x00, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x0 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 Apple Pangea rev 0x00 macobio0 at pci1 dev 23 function 0 Apple Pangea Macio rev 0x00 openpic0 at macobio0 offset 0x4: version 0x4614 little endian macgpio0 at macobio0 offset 0x50 macgpio1 at macgpio0 irq 47 programmer-switch at macgpio0 not configured escc-legacy at macobio0 offset 0x12000 not configured zsc0 at macobio0 offset 0x13000: irq 22,50 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 awacs0 at macobio0 offset 0x14000: irq 24,9,10 speaker audio0 at awacs0 timer at macobio0 offset 0x15000 not configured adb0 at macobio0 offset 0x16000 irq 25: via-pmu, 0 targets apm0 at adb0: battery flags 0x9, 0% charged kiic1 at macobio0 offset 0x18000 iic1 at kiic1 wdc0 at macobio0 offset 0x1f000 irq 19: DMA wd0 at wdc0 channel 0 drive 0: ST320410A wd0: 16-sector PIO, LBA, 19536MB, 40011300 sectors atapiscsi0 at wdc0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: LG, CD-ROM CRN-8242B, LASF ATAPI 5/cdrom removable wd0(wdc0:0:0): using PIO mode 4, DMA mode 2 cd0(wdc0:0:1): using PIO mode 4, DMA mode 2 ohci0 at pci1 dev 24 function 0 Apple Pangea USB rev 0x00: irq 27, version 1.0 ohci1 at pci1 dev 25 function 0 Apple Pangea USB rev 0x00: irq 28, version 1.0 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 Apple OHCI root hub rev 1.00/1.00 addr 1 usb1 at ohci1: USB revision 1.0 uhub1 at usb1 Apple OHCI root hub rev 1.00/1.00 addr 1 mpcpcibr2 at mainbus0 pci: uni-north, Revision 0x16 pci2 at mpcpcibr2 bus 0 pchb2 at pci2 dev 11 function 0 Apple Pangea PCI rev 0x00 Apple Pangea FireWire rev 0x00 at pci2 dev 14 function 0 not configured gem0 at pci2 dev 15 function 0 Apple Pangea GMAC rev 0x00: irq 41, address 00:03:93:8d:2b:9c bmtphy0 at gem0 phy 0: BCM5201 10/100 PHY, rev. 2 softraid0 at root bootpath: /p...@f200/mac...@17/at...@1f000/d...@0:/bsd root on wd0a swap on wd0b dump on wd0b arp info overwritten for 192.168.1.205 by 00:14:c1:2b:38:ca on gem0 arp info overwritten for 192.168.1.205 by 00:14:c1:2b:37:d3 on gem0 arp info overwritten for 192.168.1.205 by 00:19:db:fe:64:19 on gem0 syncing disks... done rebooting [ using 437516 bytes of bsd ELF symbol table ] console out [ATY,Rage128P2ks]console in [keyboard] , no keyboard attached, trying usb anyway : memaddr 9400 size 400, : consaddr 96008000, : ioaddr 9002, size 2: memtag 8000, iotag 8000: width 800 linebytes 1024 height 600 depth 8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2009 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.6 (GENERIC) #43: Thu Jul 9 21:29:23 MDT 2009 dera...@macppc.openbsd.org:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 134217728 (128MB) avail mem = 116981760 (111MB) mainbus0 at root: model PowerMac4,1 cpu0 at mainbus0: 750 (Revision 0x3311): 500 MHz: 256KB backside cache mem0 at mainbus0 spdmem0 at mem0: 128MB SDRAM non-parity PC133CL2 memc0 at mainbus0: uni-n kiic0 at memc0 offset 0xf8001000 iic0 at kiic0 mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 Apple Pangea AGP rev 0x00 vgafb0 at pci0 dev 16 function 0 ATI Rage 128 Pro rev 0x00, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x0 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 Apple Pangea rev 0x00 macobio0 at pci1 dev 23 function 0 Apple Pangea Macio rev 0x00 openpic0 at macobio0 offset 0x4: version 0x4614 little endian macgpio0 at macobio0 offset 0x50 macgpio1 at macgpio0 irq 47 programmer-switch at macgpio0 not configured escc-legacy at macobio0 offset 0x12000 not configured zsc0
Re: multiple qemu hosts
Matthias Pfeifer wrote: Hello On Tue, 02 Feb 2010 05:35:28 -0600 Vijay Sankar vsan...@foretell.ca wrote: Matthias Pfeifer wrote: Hello list I am trying to get multiple qemu guests on host machine running. Host and guests are running openbsd 4.6 in sync with the patch brunch. The Host IP is: 192.168.102.110 The guest should have: 192.168.102.111, 192.168.102.112 .. and so on. All in the same network, using the same DNS server and gateway. I have read /usr/local/share/doc/qemu/README.OpenBSD and tried the samples in the tap section. This works fine for one host. For example, this is working well for one host: ifconfig tun0 link0 ifconfig bridge0 create brconfig bridge0 add tun0 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 \ -name Host1 \ -no-fd-bootchk \ -hda Host1/system.img 3/dev/tun0 Then, I'd like to doing this: ifconfig tun1 link0 ifconfig bridge1 create brconfig bridge1 add tun1 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:11 \ ## MAC changed -net tap,fd=4 \ ## fd changed -name Host1 \ -no-fd-bootchk \ -hda Host2/system.img 4/dev/tun1 ## tun interface changed But this fails. Is there a way to do something like this without adding a real NIC? Thanks in advance! Matthias NOTE: sudo calls closefrom(2). In order to have more than one fd passed tap interface, a line to sudoers akin to: Defaults closefrom_override then calling sudo via 'sudo -C 5 -u $USER qemu ..' is required. See sudoers(5) and sudo(8) for details. -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca I have added Defaults closefrom_override to /etc/sudoers. So i am using the tun0 for the second qemu host: sudo sh -c sudo -C 5 -u qemu qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 -name DSB -no-fd-bootchk -hda host1/system.img 3/dev/tun0 Working fine. Then the second: sudo sh -c sudo -C 5 -u qemu qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=4 -name DSB -no-fd-bootchk -hda host1/system.img 4/dev/tun0 this gives me a cannot create /dev/tun0: Device busy Looks like you have the same MAC. I am not able to test this right now but will try to see if I can repeat this error. -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca
openoffice abort trap
running 4.6 release I need to open some .doc files with some complex graphics in them, and abiword doesn't seem to handle them very well. So I thought openoffice might help. I installed it, but cannot open it, the flash screen comes up, and then crashes right away: ~ $ soffice /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt23__codecvt_abstract_baseIcc11__mbstate_tE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt23__codecvt_abstract_baseIwc11__mbstate_tE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt5ctypeIcE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt21__ctype_abstract_baseIcE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt21__ctype_abstract_baseIwE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt14basic_iostreamIwSt11char_traitsIwEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt13basic_istreamIwSt11char_traitsIwEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt13basic_ostreamIwSt11char_traitsIwEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISd) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISi) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISo) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt9basic_iosIwSt11char_traitsIwEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt9basic_iosIcSt11char_traitsIcEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt8time_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt8time_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt7num_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt7num_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt8time_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt8time_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt7num_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt7num_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt8messagesIwE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING:
Chupa Chups te presenta a Chuck
Para editar su perfil vaya a la direccion http://www.tusemails.com/index.php?seccion=suscriptores y pida su contrasena antes de iniciar sesion.Si deseas darte de baja, no responda a este e-mail, vaya a la direccion: http://www.tusemails.com/index.php?seccion=suscriptores y siga las instrucciones.
Re: openoffice abort trap
Are you running -current packages? If so, running -release base is unsupported. I'm running -release base with -release packages. This is one of the addresses from my .profile: export PKG_PATH=:ftp://ftp.jaist.ac.jp/pub/OpenBSD/4.6/packages/i386/
Snapshot 4.7: LSI SAS 1078 controller on Intel S5520UR - No disks found!
Hi, I try to install the current snapshot on a Intel S5520UR board with LSI SAS 1078 controller. Install failed, because no disks found. If I not wrong, normaly the controller is supported since 4.3. by the mfi driver. The board has the latest available firmware installed. Does anyone have some hints for me, or are additional infos necessary? regard, Thomas
Re: openoffice abort trap
On Tue, Feb 02, 2010 at 10:45:14PM +0800, shweg...@gmail.com wrote: running 4.6 release Are you running -current packages? If so, running -release base is unsupported. I need to open some .doc files with some complex graphics in them, and abiword doesn't seem to handle them very well. So I thought openoffice might help. I installed it, but cannot open it, the flash screen comes up, and then crashes right away: ~ $ soffice /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt23__codecvt_abstract_baseIcc11__mbstate_tE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt23__codecvt_abstract_baseIwc11__mbstate_tE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt5ctypeIcE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt21__ctype_abstract_baseIcE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt21__ctype_abstract_baseIwE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt14basic_iostreamIwSt11char_traitsIwEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt13basic_istreamIwSt11char_traitsIwEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt13basic_ostreamIwSt11char_traitsIwEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISd) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISi) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISo) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt9basic_iosIwSt11char_traitsIwEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt9basic_iosIcSt11char_traitsIcEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt8time_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt8time_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt7num_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt7num_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt8time_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt8time_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt7num_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING: symbol(_ZTISt7num_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE) size mismatch, relink your program /usr/local/openoffice.org3/program/soffice.bin:/usr/lib/libstdc++.so.47.0: /usr/local/lib/libestdc++.so.11.0 : WARNING:
Re: way to help: laptops and weekly
Maybe this can be an idea: http://xyne.archlinux.ca/manpages/cronwhip cheers -dav
Re: multiple qemu hosts, typo
On Tue, 2 Feb 2010 15:10:24 +0100 Matthias Pfeifer cont...@snarfu.de wrote: Hello On Tue, 02 Feb 2010 05:35:28 -0600 Vijay Sankar vsan...@foretell.ca wrote: Matthias Pfeifer wrote: Hello list I am trying to get multiple qemu guests on host machine running. Host and guests are running openbsd 4.6 in sync with the patch brunch. The Host IP is: 192.168.102.110 The guest should have: 192.168.102.111, 192.168.102.112 .. and so on. All in the same network, using the same DNS server and gateway. I have read /usr/local/share/doc/qemu/README.OpenBSD and tried the samples in the tap section. This works fine for one host. For example, this is working well for one host: ifconfig tun0 link0 ifconfig bridge0 create brconfig bridge0 add tun0 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 \ -name Host1 \ -no-fd-bootchk \ -hda Host1/system.img 3/dev/tun0 Then, I'd like to doing this: ifconfig tun1 link0 ifconfig bridge1 create brconfig bridge1 add tun1 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:11 \ ## MAC changed -net tap,fd=4 \ ## fd changed -name Host1 \ -no-fd-bootchk \ -hda Host2/system.img 4/dev/tun1 ## tun interface changed But this fails. Is there a way to do something like this without adding a real NIC? Thanks in advance! Matthias NOTE: sudo calls closefrom(2). In order to have more than one fd passed tap interface, a line to sudoers akin to: Defaults closefrom_override then calling sudo via 'sudo -C 5 -u $USER qemu ..' is required. See sudoers(5) and sudo(8) for details. -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca Sorry, this is what i mean :) I have added Defaults closefrom_override to /etc/sudoers. So i am using the tun0 for the second qemu host: sudo sh -c sudo -C 5 -u qemu qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 -name DSB -no-fd-bootchk -hda host1/system.img 3/dev/tun0 Working fine. Then the second: sudo sh -c sudo -C 5 -u qemu qemu -net nic,macaddr=52:54:00:12:35:11 \ -net tap,fd=4 -no-fd-bootchk -hda host2/system.img 4/dev/tun0 this gives me a cannot create /dev/tun0: Device busy -- -- Matthias Pfeifer m...@finance-circle.de - Technik - Finance Circle GmbH Burgstrasse 3 31582 Nienburg / Weser Tel. 05021-92196-25 // Fax. 05021-92196-99 HRB 106525 // AG Hamburg //USt.ID: de204840463 Geschdftsf|hrer: Axel Schwiersch
Bgp ospf conditional redistribute default
Hi, I'm trying to distribute a default route to my intern network thought ospf, but still searching the way to do this with the short path... (openbsd with openbgpd and openospfd) Code: BGP Provider A BGP Provider B | | | | BGP A BGP B | | ... | | | | | | GW 1 GW 3GW 4 All BGP server have the full table of internet routing. The BGP A and BGP B have a iBGP configured, and announce the x.y.0.0/20 network to providers. The GWs and BGP A and BGP B have ospf daemon installed. Gws announce the x.y.z.0/24 networks to all servers in the ospf. In the beginning no default route was set for GWs. I use the !route add -reject default 127.0.0.1 command for the BGPA and BGPB. So now a have two default route for the GWs. Now if i cut down the bgp session between the BGPs A, the default gateway of the GW still is the BGPA. I means the transit is: GW1 - BGP A - BGP B - BGP provider B I would like what the ospf announce the default route only if the bgp session is active. I miss something ? Anyone know how to do what ? Best Regards. -- i l i m i t . . . *Vincent Tamet*
Re: multiple qemu hosts, typo
On Tue, Feb 2, 2010 at 15:27, Matthias Pfeifer m...@finance-circle.de wrote: [...] Then the second: snip this gives me a cannot create /dev/tun0: Device busy If I'm not mistaken, you need separate tun(4) devices per qemu instance. The reason for that lies in the device being ready for simultaneous use only by a single process. To quote tun(4): Each device has the exclusive open property; it cannot be opened if it is already open and in use by another process. If I misunderstood, feel free to correct me. Regards, Rogier
Re: way to help: laptops and weekly
David Coppa wrote on Tue, Feb 02, 2010 at 04:19:07PM +0100: Maybe this can be an idea: http://xyne.archlinux.ca/manpages/cronwhip Citing from that page: :: DESCRIPTION :: Cronwhip runs cronjobs that would have been run in the time since the :: last system shutdown. Cronwhip can be run at startup on systems that :: are not constantly up to make sure that all cronjobs get run regularly. I think that solves the wrong part of the problem. Running jobs at boot time (or half an hour later) has been proposed before, and the problem with that is: it might overload the system exactly when you want to use it for some real work. The maintenance(8) proposal solves this by only running the cheap parts half an hour after boot, such that maintenance doesn't seriously slow down your work. In that scenario, skipping the cheap part in case it ran the day before is hardly worth the effort.
Re: pf and apache: to stop a scripter
--- On Tue, 2/2/10, Lars Nooden lars.cura...@gmail.com wrote: From: Lars Nooden lars.cura...@gmail.com Subject: Re: pf and apache: to stop a scripter To: Cc: Jacob Yocom-Piatt j...@fixedpointgroup.com, OpenBSD general usage list misc@openbsd.org Received: Tuesday, February 2, 2010, 6:58 AM Jacob Yocom-Piatt wrote: there is a website protected by pf and running apache on a recent openbsd snapshot that needs to be protected against scripting attacks. i can configure both pf and apache to help block this behavior but am not familiar with the best practices for such configurations. the situation is that a user who authenticates to apache via htpasswd has run a script a number of times in an attempt to mine a database. all of the user activity is already logged by apache and it is crystal clear that scripting is going on. i would like to stop this scripting in its tracks and here is what i am already looking at: Jacob, what was their response when you spoke with them in person (or on the phone) about the scripting? How, exactly, did you word your request for them to stop? /Lars Stop! Or I'll say stop again! :) __ Looking for the perfect gift? Give the gift of Flickr! http://www.flickr.com/gift/
Re: multiple qemu hosts, typo
You need a tun(4) device per qemu '-net tap' argument, sometimes multiple per qemu instance, sometimes none per qemu instance.. Thanks, Penned by Rogier Krieger on 20100202 16:51.31, we have: | On Tue, Feb 2, 2010 at 15:27, Matthias Pfeifer m...@finance-circle.de wrote: | [...] Then the second: | snip | this gives me a cannot create /dev/tun0: Device busy | | If I'm not mistaken, you need separate tun(4) devices per qemu | instance. The reason for that lies in the device being ready for | simultaneous use only by a single process. | | To quote tun(4): | Each device has the exclusive open property; it cannot be opened if it is | already open and in use by another process. | | If I misunderstood, feel free to correct me. | | Regards, | | Rogier -- Todd Fries .. t...@fries.net _ | \ 1.636.410.0632 (voice) | Free Daemon Consulting, LLC \ 1.405.227.9094 (voice) | http://FreeDaemonConsulting.com \ 1.866.792.3418 (FAX) | 2525 NW Expy #525, Oklahoma City, OK 73112 \ sip:freedae...@ekiga.net | ..in support of free software solutions. \ sip:4052279...@ekiga.net \\ 37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A http://todd.fries.net/pgp.txt
Re: way to help: laptops and weekly
Ingo Schwarze wrote: David Coppa wrote on Tue, Feb 02, 2010 at 04:19:07PM +0100: Maybe this can be an idea: http://xyne.archlinux.ca/manpages/cronwhip Citing from that page: :: DESCRIPTION :: Cronwhip runs cronjobs that would have been run in the time since the :: last system shutdown. Cronwhip can be run at startup on systems that :: are not constantly up to make sure that all cronjobs get run regularly. I think that solves the wrong part of the problem. at, which is already in base, also runs overdue jobs upon startup. Running jobs at boot time (or half an hour later) has been proposed before, and the problem with that is: it might overload the system exactly when you want to use it for some real work. That's well recognized. Some have first hand experience of the problem, too. The maintenance(8) proposal solves this by only running the cheap parts half an hour after boot, such that maintenance doesn't seriously slow down your work. In that scenario, skipping the cheap part in case it ran the day before is hardly worth the effort. Running at any fixed interval after boot, 30 min above there, risks shifting the problem a bit later. Even with the random interval from an earlier message, there is the risk of the administrative load coming at a bad time or too much at the same time. /Lars
Re: multiple qemu hosts, typo
Matthias Pfeifer wrote: On Tue, 2 Feb 2010 15:10:24 +0100 Matthias Pfeifer cont...@snarfu.de wrote: Hello On Tue, 02 Feb 2010 05:35:28 -0600 Vijay Sankar vsan...@foretell.ca wrote: Matthias Pfeifer wrote: Hello list I am trying to get multiple qemu guests on host machine running. Host and guests are running openbsd 4.6 in sync with the patch brunch. The Host IP is: 192.168.102.110 The guest should have: 192.168.102.111, 192.168.102.112 .. and so on. All in the same network, using the same DNS server and gateway. I have read /usr/local/share/doc/qemu/README.OpenBSD and tried the samples in the tap section. This works fine for one host. For example, this is working well for one host: ifconfig tun0 link0 ifconfig bridge0 create brconfig bridge0 add tun0 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 \ -name Host1 \ -no-fd-bootchk \ -hda Host1/system.img 3/dev/tun0 Then, I'd like to doing this: ifconfig tun1 link0 ifconfig bridge1 create brconfig bridge1 add tun1 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:11 \ ## MAC changed -net tap,fd=4 \ ## fd changed -name Host1 \ -no-fd-bootchk \ -hda Host2/system.img 4/dev/tun1 ## tun interface changed But this fails. Is there a way to do something like this without adding a real NIC? Thanks in advance! Matthias NOTE: sudo calls closefrom(2). In order to have more than one fd passed tap interface, a line to sudoers akin to: Defaults closefrom_override then calling sudo via 'sudo -C 5 -u $USER qemu ..' is required. See sudoers(5) and sudo(8) for details. -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca Sorry, this is what i mean :) I have added Defaults closefrom_override to /etc/sudoers. So i am using the tun0 for the second qemu host: sudo sh -c sudo -C 5 -u qemu qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 -name DSB -no-fd-bootchk -hda host1/system.img 3/dev/tun0 Working fine. Then the second: sudo sh -c sudo -C 5 -u qemu qemu -net nic,macaddr=52:54:00:12:35:11 \ -net tap,fd=4 -no-fd-bootchk -hda host2/system.img 4/dev/tun0 this gives me a cannot create /dev/tun0: Device busy -- -- Matthias Pfeifer m...@finance-circle.de - Technik - Finance Circle GmbH Burgstrasse 3 31582 Nienburg / Weser Tel. 05021-92196-25 // Fax. 05021-92196-99 HRB 106525 // AG Hamburg //USt.ID: de204840463 Geschdftsf|hrer: Axel Schwiersch I was running three instances of Windows 2000 Server and one Windows 2003 server on a Dell 2900 -- two IIS servers, and two SQL Servers for testing purposes a while ago. Here is some info on how I was doing it at that time -- 9:55AM up 106 days, 23:56, 6 users, load averages: 0.18, 0.17, 0.16 USERTTY FROM LOGIN@ IDLE WHAT vsankar C0 -21Sep09106days xinit /etc/X11/xinit/xinitrc -- /usr/X11R6/bin/X :0 -auth /home/vsankar/.serverauth.21200 vsankar p0 :0.0 21Sep09106days qemu -net nic,vlan=0,model=rtl8139,macaddr=AA:BB:CC:DD:EE:F1 -net tap,vlan=0 -m 448 -no-fd-bootchk -localtime -hda w2k3.img -nographic vsankar p2 :0.0 21Sep09106days qemu -net nic,vlan=0,model=rtl8139,macaddr=AA:BB:CC:DD:EE:F2 -net tap,vlan=0 -m 384 -no-fd-bootchk -localtime -hda w2k.img -nographic vsankar p3 :0.0 21Sep09106days qemu -net nic,vlan=0,model=rtl8139,macaddr=AA:BB:CC:DD:EE:F3 -net tap,vlan=0 -m 384 -localtime -no-fd-bootchk -nographic -hda appint.img vsankar p4 :0.0 21Sep09106days qemu -net nic,vlan=0,model=rtl8139,macaddr=AA:BB:CC:DD:EE:F4 -net tap,vlan=0 -m 384 -no-fd-bootchk -localtime -hda appext.img -nographic Each vm guest was started with a command similar to the following: sudo env ETHER=bnx1 qemu \ -net nic,vlan=0,model=rtl8139,macaddr=AA:BB:CC:DD:EE:XX \ -net tap,vlan=0 -m 384 -no-fd-bootchk -localtime \ -hda whatever.img -nographic XX was F1, F2, F3, and F4 w2k3, w2k, appint and appext images respectively I used nographic because it was easier to use rdesktop and rdp from other systems to access the vm guests instead of being at the console. hope this helps, Vijay -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca
Re: iMac G3 500Mhz
From: matteo filippetto matteo.filippe...@gmail.com Subject: iMac G3 500Mhz To: misc misc@openbsd.org, d...@openbsd.org Date: Tuesday, February 2, 2010, 11:10 AM Hi all, a succesfull install of openbsd 4.6 on an iMac G3 500 Mhz running openvpn server. Best regards -- Matteo Filippetto I'm thoroughly jealous. My MacBook Pro is incompatible in so many ways :(
Re: ATI Device Documentation - Evergreen
On Mon, Feb 01, 2010 at 08:19:42PM -0600, Axton wrote: If these docs are in line with what is needed to develop a usable driver and there are any developers @openbsd.org out there interested in developing a driver for this card and in need of a hardware donation, let me know. http://developer.amd.com/gpu/ATIStreamSDK/assets/AMD_Evergreen-Family_ISA_Instructions_and_Microcode.pdf - Axton Grams That's an ISA manual, basically describes which instructions the GPU understands and what effect they have. This is very useful for people who want to write accelerated drivers etc, but not for integration in an operating system. There's probably another manual that describes the registers, initialisation, memory etc. GPU driver development is usually done by Xorg. The Xorg mailinglist is probably a better place to ask. If you do, include more information about your actual hardware. Btw. all the relevant developers are aware that ATI publishes these documents. The real issue is the lack of time or money. If you can help them on that front, that would be great...
Re: Is OpenBSD + PF accredited or certified in any way ?
Formal evaluation just means that the features judged relevant to the evaluation can be minimally verified. On the flip side, there's David Litchfield's observation in the introduction to The Oracle Hacker's Handbook: The Oracle RDBMS was evaluated under Common Criteria to EAL4... However, the first few versions of Oracle that gained EAL4 had a buffer overflow in the authentication mechanism. He goes on to that standards are necessary to some extent but not fully indicative. You'll find summary arguments and starting links off the Common Criteria's Wikipedia entry. Given such limitations, perhaps you might propose a more open evaluation and make code access for audit, including by escrow access for an established third-party authority, as a major criteria? Am 1 Feb 2010 um 23:06 schrieb Keith: I've used OpenBSD PF for a number of years without issue and am now in the position that I want to create a dmz between the Internet and my organisations WAN. Our security people are asking if the firewall that we use is accreditated by ITSEC and I am pretty sure it isn't but it turns out that our security people will be happy is the firewall is accredited for use by another government ! I am very happy with my PF firewalls and their reliability and don't want to be forced into purchasing some cisco / forenet comercial firewall that I've never used before so am desperate to find some details of any foreign governments that are using OpenBSD / PF as a firewall or any details of any certification of the PF firewall. Can anyone help me out ? Thanks Keith __ Information from ESET NOD32 Antivirus, version of virus signature database 4825 (20100201) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
Re: openoffice abort trap
On 2010-02-02, shweg...@gmail.com shweg...@gmail.com wrote: running 4.6 release I need to open some .doc files with some complex graphics in them, and abiword doesn't seem to handle them very well. So I thought openoffice might help. I installed it, but cannot open it, the flash screen comes up, and then crashes right away: If you've got openoffice-kde or openoffice-java installed, try removing them
Re: Snapshot 4.7: LSI SAS 1078 controller on Intel S5520UR - No disks found!
Hmm - it seems the my attached file is romoved - ok, here is the complete dmesg: OpenBSD 4.6 (GENERIC.MP) #81: Thu Jul 9 21:26:19 MDT 2009 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2352320512 (2243MB) avail mem = 2264096768 (2159MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.5 @ 0x8f602000 (58 entries) bios0: vendor Intel Corp. version S5500.86B.01.00.0046.121720091524 date 12/17/2009 bios0: Intel Corporation S5520UR acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC MCFG HPET SLIT SPCR WDDT SSDT SSDT HEST BERT ERST EINJ acpi0: wakeup devices MRP1(S5) ZOR1(S4) ZOR2(S4) MRP3(S4) MRP4(S4) MRP5(S4) MRP6(S4) MRP7(S4) MRP8(S4) MRP9(S4) GOR1(S4) GOR5(S4) GOR2(S4) GOR3(S4) GOR4(S4) GOR6(S4) MRPA(S4) UHC4(S1) UHC5(S1) UHC6(S1) EHC2(S1) ALZA(S5) PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5) PEX4(S5) PEX5(S5) UHC1(S1) UHC2(S1) UHC3(S1) UHCI(S1) EHC1(S1) IP2P(S5) SLPB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Xeon(R) CPU E5506 @ 2.13GHz, 2128.55 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLU SH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX1 6,xTPR,NXE,LONG cpu0: 256KB 64b/line 8-way L2 cache cpu0: apic clock running at 133MHz cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Xeon(R) CPU E5506 @ 2.13GHz, 2128.24 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLU SH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX1 6,xTPR,NXE,LONG cpu1: 256KB 64b/line 8-way L2 cache cpu2 at mainbus0: apid 4 (application processor) cpu2: Intel(R) Xeon(R) CPU E5506 @ 2.13GHz, 2128.24 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLU SH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX1 6,xTPR,NXE,LONG cpu2: 256KB 64b/line 8-way L2 cache cpu3 at mainbus0: apid 6 (application processor) cpu3: Intel(R) Xeon(R) CPU E5506 @ 2.13GHz, 2128.24 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLU SH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX1 6,xTPR,NXE,LONG cpu3: 256KB 64b/line 8-way L2 cache ioapic0 at mainbus0 apid 8 pa 0xfec0, version 20, 24 pins ioapic1 at mainbus0 apid 9 pa 0xfec9, version 20, 24 pins acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (MRP1) acpiprt2 at acpi0: bus 2 (MRP3) acpiprt3 at acpi0: bus -1 (MRP4) acpiprt4 at acpi0: bus 6 (MRP5) acpiprt5 at acpi0: bus 10 (MRP7) acpiprt6 at acpi0: bus -1 (MRP8) acpiprt7 at acpi0: bus 20 (MRP9) acpiprt8 at acpi0: bus 21 (MRPA) acpiprt9 at acpi0: bus 22 (PEX0) acpiprt10 at acpi0: bus 23 (PEX4) acpicpu0 at acpi0: C1, PSS acpicpu1 at acpi0: C1, PSS acpicpu2 at acpi0: C1, PSS acpicpu3 at acpi0: C1, PSS acpibtn0 at acpi0: SLPB ipmi at mainbus0 not configured cpu0: unknown i686 model 0x1a, can't get bus clock cpu0: EST: unknown system bus clock pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 vendor Intel, unknown product 0x3406 rev 0x13 ppb0 at pci0 dev 1 function 0 Intel X58 PCIE rev 0x13 pci1 at ppb0 bus 1 em0 at pci1 dev 0 function 0 Intel PRO/1000 PT (82575EB) rev 0x02: apic 9 int 16 (irq 10), address 00:15:17:b4:d2:00 em1 at pci1 dev 0 function 1 Intel PRO/1000 PT (82575EB) rev 0x02: apic 9 int 4 (irq 11), address 00:15:17:b4:d2:01 ppb1 at pci0 dev 3 function 0 Intel X58 PCIE rev 0x13 pci2 at ppb1 bus 2 ppb2 at pci2 dev 0 function 0 IDT 89HPES12N3A rev 0x0e pci3 at ppb2 bus 3 ppb3 at pci3 dev 2 function 0 IDT 89HPES12N3A rev 0x0e pci4 at ppb3 bus 4 em2 at pci4 dev 0 function 0 Intel PRO/1000 QP (82571EB) rev 0x06: apic 9 int 12 (irq 9), address 00:15:17:d3:05:15 em3 at pci4 dev 0 function 1 Intel PRO/1000 QP (82571EB) rev 0x06: apic 9 int 11 (irq 5), address 00:15:17:d3:05:14 ppb4 at pci3 dev 4 function 0 IDT 89HPES12N3A rev 0x0e pci5 at ppb4 bus 5 em4 at pci5 dev 0 function 0 Intel PRO/1000 QP (82571EB) rev 0x06: apic 9 int 10 (irq 10), address 00:15:17:d3:05:17 em5 at pci5 dev 0 function 1 Intel PRO/1000 QP (82571EB) rev 0x06: apic 9 int 0 (irq 11), address 00:15:17:d3:05:16 ppb5 at pci0 dev 5 function 0 Intel X58 PCIE rev 0x13 pci6 at ppb5 bus 6 ppb6 at pci6 dev 0 function 0 vendor IDT, unknown product 0x806a rev 0x02 pci7 at ppb6 bus 7 ppb7 at pci7 dev 2 function 0 vendor IDT, unknown product 0x806a rev 0x02 pci8 at ppb7 bus 8 ppb8 at pci7 dev 4 function 0 vendor IDT, unknown product 0x806a rev 0x02 pci9 at ppb8 bus 9 ppb9 at pci0 dev 7 function 0 Intel X58 PCIE rev 0x13 pci10 at ppb9 bus 10 ppb10 at pci10 dev 0 function 0 vendor IDT, unknown product 0x806a rev 0x02 pci11 at ppb10 bus 11 ppb11 at pci11 dev 2 function 0 vendor IDT, unknown product 0x806a rev 0x02 pci12 at ppb11 bus 12 ppb12 at pci12 dev 0 function 0 IDT 89HPES12N3A rev 0x0e pci13 at ppb12 bus 13 ppb13 at pci13 dev 2 function 0 IDT 89HPES12N3A rev 0x0e pci14
Re: redundant recursive name servers with carp and ifstated?
On 2010-02-01, Matthieu Herrb mhe...@gmail.com wrote: I'm using net/unbound to implement the server, but still I don't trust it enough to consider that as long the interface on one machine running unbound is up and getting carp advertisements the name server is answering. So I'm considering to use ifstated to monitor the unbound process and demote the interface if something goes wrong. Does this look sane ? In my experience, it's enough to just restart unbound if the process has died, that has happened to me once or twice (I've been running it since it was added to ports) but not often. I haven't yet seen it still running but failing to answer. I'm happier about doing that than running ifstated and tweaking carp state. Hint if someone wants to do the same: in unbound.conf you have to explicitly set 'interface:' to the IP of your carp group (setting outgoing-interface is not enough) , otherwise unbound will answer from the IP of the carpdev interface. Right; outgoing-interface is used for queries only. (If you have multiple addresses you can source queries from, list them all in outgoing-interface, it will improve randomness). There is an 'interface-automatic' feature but I've never checked to see if it works on OpenBSD. And a hint from me :) setup unbound-control (it's easy: run unbound-control-setup, set 'control-enable: yes' in config, restart). It gives you stats, the ability to flush individual records from the cache, etc.
Re: MFM disk geometry
On Tue, Feb 2, 2010 at 12:19 PM, Daniel Malament b...@anonix.net wrote: I think my first course of action would be to use DOS, or possibly OS/2, to override the disk geometry, unless the disk has data on it that can only be accessed from OpenBSD. Yes, I know it's intellectually more fun to get OpenBSD to do it, but for a one off with little practical future use I think I'd use something else. DOS, OS/2 and OpenBSD can of course all be booted from floppy, thus avoiding any early initialisation nastiness. I'm not sure what you're describing here. Also, accessing the data from DOS still leaves the problem of moving it. Or perhaps I didn't make it sufficiently clear that the goal was to copy the data off the drive... You can install the Microsoft Network Client software for DOS. I still have it on a 386 box and used to use it to connect to an OpenBSD samba box. Download from ftp://ftp.microsoft.com/bussys/Clients/MSCLIENT the DSK3-1.EXE and DSK3-2.EXE files. Run these self extracting executables in a temp dir, and read the README. IIRC there is a setup program, which is a little bit confusing, and you have to edit protocol.ini and another *ini file. And you need a driver for your NIC. NIC's from that time came with a floppy with drivers for Microsoft Client or Lan Manager. Adriaan Adriaan IIRC these are self extracting
Re: Snapshot 4.7: LSI SAS 1078 controller on Intel S5520UR - No disks found!
On 2010-02-02, Koenig, Thomas tkoe...@tradegate.de wrote: Hi, I try to install the current snapshot on a Intel S5520UR board with LSI SAS 1078 controller. Install failed, because no disks found. If I not wrong, normaly the controller is supported since 4.3. by the mfi driver. The board has the latest available firmware installed. Does anyone have some hints for me, or are additional infos necessary? ^C into the shell from the installer, dmesg | grep 'not configured', copy any likely-looking lines (by hand if necessary). Also see http://www.openbsd.org/faq/faq4.html#getdmesg - the 'floppy disk' method will work for a USB drive, typically on device /dev/sd0i (or sd1i, etc) rather than /dev/fd0a.
Re: USB voltmeter or DAQ module, small, inexpensive, with OpenBSD support
Also if you can go with serial, there are loads of cheap digital voltmeters with serial interfaces. A while back I got a bunch of Metex ME-11 meters for our workshop, which have a DB9 connector. They come with windows/DOS software but I suspect the interface is reasonably universal (or at least basic). There are a lot of utilities around to talk to these (eg http://home.arcor.de/magnos/linux/metex/metex.html) which would probably build ok on OpenBSD. Of course you did say you needed to measure a few voltages, so with this you'd be limited by number of serial ports. Don't know if it would work for you, but it seemed like a possible option... On Fri, Jan 29, 2010 at 05:00:33PM +0100, Daniel Gracia Garallar wrote: With a proto board and some skills, you could build a serial system with a total cost around US$30, small enough to not even need a rail support. You could also try to hang on the I2C iface of your mainboard and add you own devices, but if you're not so much into electronics... Go the Arduino way; readily available, cheap as chips and infinite expansion boards. Ralph Becker-Szendy escribis: For one of my OpenBSD machines, I need to be able to measure a few analog voltages, and act on them in a control process. The requirements are quite simple compared to typical data acquisition: I absolutely need two voltage inputs, either 0-20V or 0-100mV; doesn't have to be differential, acquisition can be slow (1s is fine), and resolution can be as small as 10-12 bits (1% accuracy is more than good enough). A few extra input channels, more accuracy/resolution, and a few digital IOs wouldn't hurt, but are not necessary. DIN rail mounting and connection breakout would be nice, but can be improvised. On the software side, there will be OpenBSD, with ad-hoc monitoring and control scripts. With a little programming and script-writing, I can adapt anything that the OS can reasonably access. Now come the issues: I can't use PCI cards, only external units, most likely connected via USB (as Ethernet and serial are expensive or rare). And it needs to have some software support under OpenBSD - a Windows- or Linux-only solution doesn't work. And this application is not worth spending thousands of $$$. For Windows and LabView, solutions are easy to find (for example EMant300, DAQPodMX, a variety of Omega products). Does anyone now of a solution that would work with OpenBSD? -- - Graham Allan - I.T. Manager - al...@physics.umn.edu - (612) 624-5040 School of Physics and Astronomy - University of Minnesota -
Re: multiple qemu hosts, typo
I have some of this left over from s similar project i was doing a while back, I was setting up router images in a carp setup: This builds the harness: #!/bin/sh # # stupid script to start multiple qemus on a single box SUDO=/usr/bin/sudo USER=xx MODE=ENABLE usage() { echo usage: $0 [-h harnesstype] [-d] 12 exit 2 } start() { echo MODE: $MODE if [ $MODE = DISABLE ]; then echo DeConfiguring ${HARNESS} Harness echo DeConfiguring tun0: echo ${SUDO} ifconfig tun0 destroy ${SUDO} ifconfig tun0 destroy echo DeConfiguring tun1: echo ${SUDO} ifconfig tun1 destroy ${SUDO} ifconfig tun1 destroy echo DeConfiguring tun2: echo ${SUDO} ifconfig tun2 destroy ${SUDO} ifconfig tun2 destroy else # make sure a tun interface is available echo Configuring ${HARNESS} Harness echo Configuring tun0: echo ${SUDO} ifconfig tun0 192.168.254.254 link0 ${SUDO} ifconfig tun0 192.168.254.254 link0 echo Configuring tun1: echo ${SUDO} ifconfig tun1 192.168.1.254 link0 ${SUDO} ifconfig tun1 192.168.1.254 link0 echo Configuring tun2: echo ${SUDO} ifconfig tun2 192.168.253.254 link0 ${SUDO} ifconfig tun2 192.168.253.254 link0 fi } args=`getopt d $*` if [ $? -ne 0 ]; then usage fi set -- $args while [ $# -gt 0 ]; do case $1 in -d) MODE=DISABLE echo Disable Mode ;; --) shift; break ;; esac shift done if [ $# -ne 1 ]; then usage fi start $1 And this brings up the image 3 times: #!/bin/sh # # stupid script to start multiple qemus on a single box SUDO=/usr/bin/sudo USER=jrecords # qemu args IMAGE=$1 MEMORY=128 FLAGS= -nographic -serial telnet:127.0.0.1:1010,server,nowait -no-fd-bootchk NICFLAGS=-net nic,vlan=\$id -net tap,vlan=\$id,ifname=\$id,fd=\$fd start() { for id in 0 1 2; do fd=$(($id + 3)) tun=tun$(($id)) eval nics=\$nics $NICFLAGS\ fds=$fds $fd /dev/$tun done cmd=${SUDO} -C 5 qemu -m ${MEMORY} -hda ${IMAGE}${FLAGS}$nics$fds echo Running: ${SUDO} sh -c $cmd ${SUDO} sh -c $cmd } start $1 You may have to do some tweaking its been months since I looked at this stuff, the telnet won't work, you'll need to change the port that its listening on dynamically, but this should help get you going in the right direction, my intention was to scale this out so I could test 24 or 32 firewalls in a cluster on one box. J On Tue, Feb 2, 2010 at 9:09 AM, Vijay Sankar vsan...@foretell.ca wrote: Matthias Pfeifer wrote: On Tue, 2 Feb 2010 15:10:24 +0100 Matthias Pfeifer cont...@snarfu.de wrote: Hello On Tue, 02 Feb 2010 05:35:28 -0600 Vijay Sankar vsan...@foretell.ca wrote: Matthias Pfeifer wrote: Hello list I am trying to get multiple qemu guests on host machine running. Host and guests are running openbsd 4.6 in sync with the patch brunch. The Host IP is: 192.168.102.110 The guest should have: 192.168.102.111, 192.168.102.112 .. and so on. All in the same network, using the same DNS server and gateway. I have read /usr/local/share/doc/qemu/README.OpenBSD and tried the samples in the tap section. This works fine for one host. For example, this is working well for one host: ifconfig tun0 link0 ifconfig bridge0 create brconfig bridge0 add tun0 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 \ -name Host1 \ -no-fd-bootchk \ -hda Host1/system.img 3/dev/tun0 Then, I'd like to doing this: ifconfig tun1 link0 ifconfig bridge1 create brconfig bridge1 add tun1 add rl0 up qemu -net nic,macaddr=52:54:00:12:35:11 \ ## MAC changed -net tap,fd=4 \ ## fd changed -name Host1 \ -no-fd-bootchk \ -hda Host2/system.img 4/dev/tun1 ## tun interface changed But this fails. Is there a way to do something like this without adding a real NIC? Thanks in advance! Matthias NOTE: sudo calls closefrom(2). In order to have more than one fd passed tap interface, a line to sudoers akin to: Defaults closefrom_override then calling sudo via 'sudo -C 5 -u $USER qemu ..' is required. See sudoers(5) and sudo(8) for details. -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca Sorry, this is what i mean :) I have added Defaults closefrom_override to /etc/sudoers. So i am using the tun0 for the second qemu host: sudo sh -c sudo -C 5 -u qemu qemu -net nic,macaddr=52:54:00:12:35:10 \ -net tap,fd=3 -name DSB -no-fd-bootchk -hda host1/system.img 3/dev/tun0 Working fine. Then the second: sudo sh -c sudo -C 5 -u qemu qemu -net nic,macaddr=52:54:00:12:35:11 \
Re: Snapshot 4.7: LSI SAS 1078 controller on Intel S5520UR - No disks found!
Here are the not configured grep: l...@bsdanywhere:~$ dmesg | grep 'not configured' ipmi at mainbus0 not configured Intel X58 QuickPath rev 0x13 at pci0 dev 16 function 0 not configured Intel X58 QuickPath rev 0x13 at pci0 dev 16 function 1 not configured Intel X58 QuickPath rev 0x13 at pci0 dev 17 function 0 not configured Intel X58 QuickPath rev 0x13 at pci0 dev 17 function 1 not configured Intel X58 IOxAPIC rev 0x13 at pci0 dev 19 function 0 not configured Intel X58 Misc rev 0x13 at pci0 dev 20 function 0 not configured Intel X58 GPIO rev 0x13 at pci0 dev 20 function 1 not configured Intel X58 RAS rev 0x13 at pci0 dev 20 function 2 not configured Intel X58 Throttle rev 0x13 at pci0 dev 20 function 3 not configured vendor Intel, unknown product 0x342f (class system subclass interrupt, rev 0x13) at pci0 dev 21 function 0 not configured vendor Intel, unknown product 0x3430 (class system subclass miscellaneous, rev 0x13) at pci0 dev 22 function 0 not configured vendor Intel, unknown product 0x3431 (class system subclass miscellaneous, rev 0x13) at pci0 dev 22 function 1 not configured vendor Intel, unknown product 0x3432 (class system subclass miscellaneous, rev 0x13) at pci0 dev 22 function 2 not configured vendor Intel, unknown product 0x3433 (class system subclass miscellaneous, rev 0x13) at pci0 dev 22 function 3 not configured vendor Intel, unknown product 0x3429 (class system subclass miscellaneous, rev 0x13) at pci0 dev 22 function 4 not configured vendor Intel, unknown product 0x342a (class system subclass miscellaneous, rev 0x13) at pci0 dev 22 function 5 not configured vendor Intel, unknown product 0x342b (class system subclass miscellaneous, rev 0x13) at pci0 dev 22 function 6 not configured vendor Intel, unknown product 0x342c (class system subclass miscellaneous, rev 0x13) at pci0 dev 22 function 7 not configured Symbios Logic SAS1078 rev 0x04 at pci22 dev 0 function 0 not configured hopefully now without add. linebreaks. :) regards, tom -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Stuart Henderson Sent: Tuesday, February 02, 2010 7:26 PM To: misc@openbsd.org Subject: Re: Snapshot 4.7: LSI SAS 1078 controller on Intel S5520UR - No disks found! On 2010-02-02, Koenig, Thomas tkoe...@tradegate.de wrote: Hi, I try to install the current snapshot on a Intel S5520UR board with LSI SAS 1078 controller. Install failed, because no disks found. If I not wrong, normaly the controller is supported since 4.3. by the mfi driver. The board has the latest available firmware installed. Does anyone have some hints for me, or are additional infos necessary? ^C into the shell from the installer, dmesg | grep 'not configured', copy any likely-looking lines (by hand if necessary). Also see http://www.openbsd.org/faq/faq4.html#getdmesg - the 'floppy disk' method will work for a USB drive, typically on device /dev/sd0i (or sd1i, etc) rather than /dev/fd0a. [demime 1.01d removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
OT: performance (was Re: multiple qemu hosts, typo)
On Tue, Feb 2, 2010 at 11:09, Vijay Sankar vsan...@foretell.ca wrote: I was running three instances of Windows 2000 Server and one Windows 2003 server on a Dell 2900 -- two IIS servers, and two SQL Servers for testing purposes a while ago. Here is some info on how I was doing it at that time -- Each vm guest was started with a command similar to the following: sudo env ETHER=bnx1 qemu \ -net nic,vlan=0,model=rtl8139,macaddr=AA:BB:CC:DD:EE:XX \ -net tap,vlan=0 -m 384 -no-fd-bootchk -localtime \ -hda whatever.img -nographic XX was F1, F2, F3, and F4 w2k3, w2k, appint and appext images respectively I used nographic because it was easier to use rdesktop and rdp from other systems to access the vm guests instead of being at the console. Do you notice any performance gains by running them like this? I'm running one instance of XP on a dual-core box with 4GB of RAM, and it's slow as hell. I'd try running Windows 7, but the ACPI fails, and I can't allocate 1GB of RAM with the version we have in ports to do the initial install.
Re: OT: performance (was Re: multiple qemu hosts, typo)
Oh, Qemu performance is horrible, I don't know if there is any work being done to make kqemu work, but I just use it more as a proof of concept, if your wanting to run VM's for performance, this is not the route to go, IMO... J On Tue, Feb 2, 2010 at 10:48 AM, Bryan bra...@gmail.com wrote: On Tue, Feb 2, 2010 at 11:09, Vijay Sankar vsan...@foretell.ca wrote: I was running three instances of Windows 2000 Server and one Windows 2003 server on a Dell 2900 -- two IIS servers, and two SQL Servers for testing purposes a while ago. Here is some info on how I was doing it at that time -- Each vm guest was started with a command similar to the following: sudo env ETHER=bnx1 qemu \ -net nic,vlan=0,model=rtl8139,macaddr=AA:BB:CC:DD:EE:XX \ -net tap,vlan=0 -m 384 -no-fd-bootchk -localtime \ -hda whatever.img -nographic XX was F1, F2, F3, and F4 w2k3, w2k, appint and appext images respectively I used nographic because it was easier to use rdesktop and rdp from other systems to access the vm guests instead of being at the console. Do you notice any performance gains by running them like this? I'm running one instance of XP on a dual-core box with 4GB of RAM, and it's slow as hell. I'd try running Windows 7, but the ACPI fails, and I can't allocate 1GB of RAM with the version we have in ports to do the initial install.
Re: Is OpenBSD + PF accredited or certified in any way ?
On Tue, 02 Feb 2010 18:09 +, Bayard Bell buffer.g.overf...@googlemail.com wrote: Formal evaluation just means that the features judged relevant to the evaluation can be minimally verified. On the flip side, there's David Litchfield's observation in the introduction to The Oracle Hacker's Handbook: The Oracle RDBMS was evaluated under Common Criteria to EAL4... However, the first few versions of Oracle that gained EAL4 had a buffer overflow in the authentication mechanism. He goes on to that standards are necessary to some extent but not fully indicative. You'll find summary arguments and starting links off the Common Criteria's Wikipedia entry. Given such limitations, perhaps you might propose a more open evaluation and make code access for audit, including by escrow access for an established third-party authority, as a major criteria? Common Criteria - http://www.iso15408.net - has largely replaced ITSEC and others. Like some other ISO standards, you may have to purchase a copy. I would say that CC makes some people feel good, but does little in the way of real Security. Microsoft Windows XP is EAL4 certified when configured certain ways. I think the certification process can be very narrowly focused on a few parts of the system so the vendor can say, Look at this component of our OS, but not those or Certify our OS when configured a certain way. It's a costly process too and takes awhile to complete. I'm not sure any open source OS is certified. For proft, vendor backed Linux distributions (RHEL) may be as they have the time and money to waste on it and TrustedBSD makes reference to CC, but I don't think it's certified. Brad Am 1 Feb 2010 um 23:06 schrieb Keith: I've used OpenBSD PF for a number of years without issue and am now in the position that I want to create a dmz between the Internet and my organisations WAN. Our security people are asking if the firewall that we use is accreditated by ITSEC and I am pretty sure it isn't but it turns out that our security people will be happy is the firewall is accredited for use by another government ! I am very happy with my PF firewalls and their reliability and don't want to be forced into purchasing some cisco / forenet comercial firewall that I've never used before so am desperate to find some details of any foreign governments that are using OpenBSD / PF as a firewall or any details of any certification of the PF firewall. Can anyone help me out ? Thanks Keith __ Information from ESET NOD32 Antivirus, version of virus signature database 4825 (20100201) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
Re: Is OpenBSD + PF accredited or certified in any way ?
On Mon, Feb 1, 2010 at 18:06, Keith ke...@scott-land.net wrote: I am very happy with my PF firewalls and their reliability and don't want to be forced into purchasing some cisco / forenet comercial firewall that I've never used before so am desperate to find some details of any foreign governments that are using OpenBSD / PF as a firewall or any details of any certification of the PF firewall. It is my opinion that its use at Defcon should be more than adequate to certify it for your needs.
Re: Is OpenBSD + PF accredited or certified in any way ?
2010/2/2 Keith ke...@scott-land.net: Can anyone help me out ? If you need professional services: http://www.genua.de/produkte/firewall/genugate/index.en.html Their firewalls are OpenBSD based. Best Martin
Re: OT: performance (was Re: multiple qemu hosts, typo)
Bryan wrote: On Tue, Feb 2, 2010 at 11:09, Vijay Sankar vsan...@foretell.ca wrote: I was running three instances of Windows 2000 Server and one Windows 2003 server on a Dell 2900 -- two IIS servers, and two SQL Servers for testing purposes a while ago. Here is some info on how I was doing it at that time -- Each vm guest was started with a command similar to the following: sudo env ETHER=bnx1 qemu \ -net nic,vlan=0,model=rtl8139,macaddr=AA:BB:CC:DD:EE:XX \ -net tap,vlan=0 -m 384 -no-fd-bootchk -localtime \ -hda whatever.img -nographic XX was F1, F2, F3, and F4 w2k3, w2k, appint and appext images respectively I used nographic because it was easier to use rdesktop and rdp from other systems to access the vm guests instead of being at the console. Do you notice any performance gains by running them like this? I'm running one instance of XP on a dual-core box with 4GB of RAM, and it's slow as hell. I'd try running Windows 7, but the ACPI fails, and I can't allocate 1GB of RAM with the version we have in ports to do the initial install. I don't use kqemu but have had satisfactory performance with Windows XP running on top of qemu. For me default settings have worked very well and I have not tried to allocate 1GB etc. to a process or done anything fancy. I may have changed login.conf modestly so that I got higher ulimits but that would have been the extent of my tweaking. At that time, Windows 2000 and XP performed quite well with -m 384 (W2K was running SQL Server and IIS). Windows 2003 did not perform well with -m 384 but was OK for testing purposes with -m 448. In all cases, at that time I found invoking qemu with -nographic and accessing through RDP or rdesktop to be better for usability and performance. I am not sure but may be there was a correlation with running multiple versions of Windows using qemu. I am saying this because I use OpenBSD 4.6 -stable AMD64 as my main desktop machine and here I have qemu with a copy of Windows XP. This is mainly for my wife so that she can run the one Windows program she uses. XP is definitely not slow on this system (whether accessed through rdesktop or through KDE) and so far have not had any complaints/problems. HTH, Vijay -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca
Re: Is OpenBSD + PF accredited or certified in any way ?
Oh come on. Security certification is a laughably stupid concept. Giving it any sort of lip service is disingenuous. On Tue, Feb 02, 2010 at 02:15:00PM -0500, Brad Tilley wrote: On Tue, 02 Feb 2010 18:09 +, Bayard Bell buffer.g.overf...@googlemail.com wrote: Formal evaluation just means that the features judged relevant to the evaluation can be minimally verified. On the flip side, there's David Litchfield's observation in the introduction to The Oracle Hacker's Handbook: The Oracle RDBMS was evaluated under Common Criteria to EAL4... However, the first few versions of Oracle that gained EAL4 had a buffer overflow in the authentication mechanism. He goes on to that standards are necessary to some extent but not fully indicative. You'll find summary arguments and starting links off the Common Criteria's Wikipedia entry. Given such limitations, perhaps you might propose a more open evaluation and make code access for audit, including by escrow access for an established third-party authority, as a major criteria? Common Criteria - http://www.iso15408.net - has largely replaced ITSEC and others. Like some other ISO standards, you may have to purchase a copy. I would say that CC makes some people feel good, but does little in the way of real Security. Microsoft Windows XP is EAL4 certified when configured certain ways. I think the certification process can be very narrowly focused on a few parts of the system so the vendor can say, Look at this component of our OS, but not those or Certify our OS when configured a certain way. It's a costly process too and takes awhile to complete. I'm not sure any open source OS is certified. For proft, vendor backed Linux distributions (RHEL) may be as they have the time and money to waste on it and TrustedBSD makes reference to CC, but I don't think it's certified. Brad Am 1 Feb 2010 um 23:06 schrieb Keith: I've used OpenBSD PF for a number of years without issue and am now in the position that I want to create a dmz between the Internet and my organisations WAN. Our security people are asking if the firewall that we use is accreditated by ITSEC and I am pretty sure it isn't but it turns out that our security people will be happy is the firewall is accredited for use by another government ! I am very happy with my PF firewalls and their reliability and don't want to be forced into purchasing some cisco / forenet comercial firewall that I've never used before so am desperate to find some details of any foreign governments that are using OpenBSD / PF as a firewall or any details of any certification of the PF firewall. Can anyone help me out ? Thanks Keith __ Information from ESET NOD32 Antivirus, version of virus signature database 4825 (20100201) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
Re: OT: performance (was Re: multiple qemu hosts, typo)
I don't use kqemu but have had satisfactory performance with Windows XP running on top of qemu. For me default settings have worked very well and I have not tried to allocate 1GB etc. to a process or done anything fancy. I may have changed login.conf modestly so that I got higher ulimits but that would have been the extent of my tweaking. At that time, Windows 2000 and XP performed quite well with -m 384 (W2K was running SQL Server and IIS). Windows 2003 did not perform well with -m 384 but was OK for testing purposes with -m 448. No, our version (0.9.1p1) cannot allocate 1GB of memory to install Windows 7. And for some reason, Windows 7 requires a minimum of 1gb of RAM to install. After you install it, you can run windows 7 with much less memory In all cases, at that time I found invoking qemu with -nographic and accessing through RDP or rdesktop to be better for B usability and performance. I was wondering because XP's mouse was a little slow and click was ex (click wait, wait, wait... action) I am not sure but may be there was a correlation with running multiple versions of Windows using qemu. I am saying this because I use OpenBSD 4.6 -stable AMD64 as my main desktop machine and here I have qemu with a copy of Windows XP. This is mainly for my wife so that she can run the one Windows program she uses. XP is definitely not slow on this system (whether accessed through rdesktop or through KDE) and so far have not had any complaints/problems. Well, I was taking stock and the only real reason I might need windows would be to play flash tower defense games, like at www.towerdefence.net (spelled correctly... if Linux can play flash games, then I really don't need to install windows.
Re: way to help: laptops and weekly
Lars Nooden wrote: Ingo Schwarze wrote: David Coppa wrote on Tue, Feb 02, 2010 at 04:19:07PM +0100: Maybe this can be an idea: http://xyne.archlinux.ca/manpages/cronwhip Citing from that page: :: DESCRIPTION :: Cronwhip runs cronjobs that would have been run in the time since the :: last system shutdown. Cronwhip can be run at startup on systems that :: are not constantly up to make sure that all cronjobs get run regularly. I think that solves the wrong part of the problem. at, which is already in base, also runs overdue jobs upon startup. Running jobs at boot time (or half an hour later) has been proposed before, and the problem with that is: it might overload the system exactly when you want to use it for some real work. That's well recognized. Some have first hand experience of the problem, too. The maintenance(8) proposal solves this by only running the cheap parts half an hour after boot, such that maintenance doesn't seriously slow down your work. In that scenario, skipping the cheap part in case it ran the day before is hardly worth the effort. Running at any fixed interval after boot, 30 min above there, risks shifting the problem a bit later. Even with the random interval from an earlier message, there is the risk of the administrative load coming at a bad time or too much at the same time. /Lars Well, it seems clear that everyone agrees on two things 1. These scripts need to be run. 2. Pretty much anytime they are run, the will cause problems for the users. Therefore , we need a new solution to correct problem #2 I propose a new function be added: $ sleepuser This new command will temporarily sleep all users until scripts complete. This will prevent any apparent loss of productivity for the users -- A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyze a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly. Specialization is for insects. -- Robert Heinlein
Re: -CURRENT, VLANs, NAT
On 2010-02-02, Scott Learmonth sc...@moosepile.net wrote: Yes, the syntax has changed. I only briefly looked, but the faq seems dated. The man page is correct. The main FAQ always relates to the last release, 4.6. Any changes since then should be noted in faq/current.html, if you're running -current you must at least follow that (though it's recommended to also read source-changes or odc/owc).
Re: Snapshot 4.7: LSI SAS 1078 controller on Intel S5520UR - No disks found!
On 2010-02-02, Koenig, Thomas tkoe...@tradegate.de wrote: l...@bsdanywhere:~$ dmesg | grep 'not configured' ahh, livecd dmesg aren't really much help, because we don't know what drivers they were built with, but now I see your GENERIC.MP dmesg which you must have sent while I was reading mail ;-) it's still not entirely illuminating as to why it didn't attach though; pcidump -vxx may give a clue.
Re: -CURRENT, VLANs, NAT
On Tue, Feb 02, 2010 at 08:18:33PM +, Stuart Henderson wrote: On 2010-02-02, Scott Learmonth sc...@moosepile.net wrote: Yes, the syntax has changed. I only briefly looked, but the faq seems dated. The man page is correct. The main FAQ always relates to the last release, 4.6. Any changes since then should be noted in faq/current.html, if you're running -current you must at least follow that (though it's recommended to also read source-changes or odc/owc). Thanks, that was my bad. I remembered (maybe incorrectly) the syntax change happening in November and screwed up the mental math on release dates. Sorry for the noise, keep up the good work, and looking forward to pre-orders.
Re: way to help: laptops and weekly
On Sun, 24 Jan 2010 14:48:35 -0500 Ted Unangst ted.unan...@gmail.com wrote: Are you sitting around feeling bored because you don't know how to help out OpenBSD? Did your requests for info on where to start come back with unhelpful responses? I've got just the thing for you: an idea! Cron runs the weekly update script every Saturday at 3:30am. If you use a laptop or other desktop, your computer probably isn't on then. So the locate and whatis databases never get updated unless you run it by hand. So somebody should figure out a way to handle this for desktop machines. Script called from cron via @reboot or rc.shutdown . By default commented out. Mentioned in afterboot. Check if daily, weekly or monthly need to be executed. If nessasary the script asks if it should do its stuff, warns it might take some time. Default answer No, so a quick Enter resumes shutdown/reboot. If no button has been pressed after $timeout (knob in script), resume shutdown/reboot. If user wants to do stuff, do what needs to be done and resume shutdown/reboot. Should take care of all the on shutdown/reboot scenarios; like battery low or the mentioned unmount crytpo-fs clean now. Impact can be minimized by lowering $timeout. Default timeout should be long enough to read and understand the message. Problem: Shutdown on systems where powerdown doesn't work and the user would have to wait for the script to finish, to turn his system off. Thoughts? - Robert
Re: way to help: laptops and weekly
yeah, leave your laptop on overnight. I do it... On Tue, Feb 02, 2010 at 09:40:17PM +0100, Robert wrote: On Sun, 24 Jan 2010 14:48:35 -0500 Ted Unangst ted.unan...@gmail.com wrote: Are you sitting around feeling bored because you don't know how to help out OpenBSD? Did your requests for info on where to start come back with unhelpful responses? I've got just the thing for you: an idea! Cron runs the weekly update script every Saturday at 3:30am. If you use a laptop or other desktop, your computer probably isn't on then. So the locate and whatis databases never get updated unless you run it by hand. So somebody should figure out a way to handle this for desktop machines. Script called from cron via @reboot or rc.shutdown . By default commented out. Mentioned in afterboot. Check if daily, weekly or monthly need to be executed. If nessasary the script asks if it should do its stuff, warns it might take some time. Default answer No, so a quick Enter resumes shutdown/reboot. If no button has been pressed after $timeout (knob in script), resume shutdown/reboot. If user wants to do stuff, do what needs to be done and resume shutdown/reboot. Should take care of all the on shutdown/reboot scenarios; like battery low or the mentioned unmount crytpo-fs clean now. Impact can be minimized by lowering $timeout. Default timeout should be long enough to read and understand the message. Problem: Shutdown on systems where powerdown doesn't work and the user would have to wait for the script to finish, to turn his system off. Thoughts? - Robert
Re: USB voltmeter or DAQ module, small, inexpensive, with OpenBSD support
+1 for ~US$40-50 you should be able to get a usb adapter and a couple of sensor IC's to play with. Never measured the voltage of something but the hobby boards temp/solar/humidity uses it for the humidity part (differential voltage I believe). man owsbm. The DS2438 it supports should be what you need. Oh, and of course, the most important part, it's supported by the sensors framework sa2 # sysctl hw.sensors|grep ow hw.sensors.owtemp0.temp0=21.50 degC (sn 0008014d1f8f) hw.sensors.owid0.raw0=2632185 (sn 002829f9) hw.sensors.owsbm0.temp0=21.09 degC (sn 00a8b940) hw.sensors.owsbm0.volt0=4.51 VDC (VDD) hw.sensors.owsbm0.volt1=1.43 VDC (VAD) hw.sensors.owsbm0.volt2=0.00 VDC (CR) noah P.S. I have no stake in hobby-boards but have ordered before from them. Good shop. Paul M wrote: OpenBSD has a driver for the Dallas OneWire protocol. man(4) onewire Dallas make adapters for USB and RS232, such as the DS9490R - google can find you a supplier, for example: http://www.hobby-boards.com/catalog/product_info.php?products_id=1503 There are all manner of 1wire chips avalable - hobby boards can help here if you dont want to build something from scratch. I havn't used these adapters, nor used 1wire on OpenBSD, nor dealt with hobby-boards.com, but I have used a 1wire A-D to read input multiple voltages on a dedicated system and it works very well. It should work very well on OpenBSD too. paulm On 29/01/2010, at 9:27 AM, Ralph Becker-Szendy wrote: For one of my OpenBSD machines, I need to be able to measure a few analog voltages, and act on them in a control process. The requirements are quite simple compared to typical data acquisition: I absolutely need two voltage inputs, either 0-20V or 0-100mV; doesn't have to be differential, acquisition can be slow (1s is fine), and resolution can be as small as 10-12 bits (1% accuracy is more than good enough). A few extra input channels, more accuracy/resolution, and a few digital IOs wouldn't hurt, but are not necessary. DIN rail mounting and connection breakout would be nice, but can be improvised. On the software side, there will be OpenBSD, with ad-hoc monitoring and control scripts. With a little programming and script-writing, I can adapt anything that the OS can reasonably access. Now come the issues: I can't use PCI cards, only external units, most likely connected via USB (as Ethernet and serial are expensive or rare). And it needs to have some software support under OpenBSD - a Windows- or Linux-only solution doesn't work. And this application is not worth spending thousands of $$$. For Windows and LabView, solutions are easy to find (for example EMant300, DAQPodMX, a variety of Omega products). Does anyone now of a solution that would work with OpenBSD? -- Ralph Becker-Szendyra...@lr.los-gatos.ca.us(408)395-1435 735 Sunset Ridge Road; Los Gatos, CA 95033
Re: way to help: laptops and weekly
On Tue, Feb 2, 2010 at 3:04 PM, Chris Bennett ch...@bennettconstruction.biz wrote: Well, it seems clear that everyone agrees on two things 1. These scripts need to be run. 2. Pretty much anytime they are run, the will cause problems for the users. Therefore , we need a new solution to correct problem #2 Indeed. I'm actually about halfway through solving this problem. There's no requirement that updatedb cripple system performance while it's running. I'm going to totally ignore the problem of omg, you can't run updatedb, I routinely give presentations to the TSA in the security line with no battery left exactly 45 minutes after booting by running it all the time. :)
Re: way to help: laptops and weekly
On Tue, 2 Feb 2010 14:53:23 -0600 Marco Peereboom sl...@peereboom.us wrote: yeah, leave your laptop on overnight. I do it... Duh, so the way it is now works fine for you. I don't have it on that late every night, but have changed the times in crontab... So we are both not really affected, yippy ki yay. On Tue, Feb 02, 2010 at 09:40:17PM +0100, Robert wrote: On Sun, 24 Jan 2010 14:48:35 -0500 Ted Unangst ted.unan...@gmail.com wrote: Are you sitting around feeling bored because you don't know how to help out OpenBSD? Did your requests for info on where to start come back with unhelpful responses? I've got just the thing for you: an idea! Cron runs the weekly update script every Saturday at 3:30am. If you use a laptop or other desktop, your computer probably isn't on then. So the locate and whatis databases never get updated unless you run it by hand. So somebody should figure out a way to handle this for desktop machines. Script called from cron via @reboot or rc.shutdown . By default commented out. Mentioned in afterboot. Check if daily, weekly or monthly need to be executed. If nessasary the script asks if it should do its stuff, warns it might take some time. Default answer No, so a quick Enter resumes shutdown/reboot. If no button has been pressed after $timeout (knob in script), resume shutdown/reboot. If user wants to do stuff, do what needs to be done and resume shutdown/reboot. Should take care of all the on shutdown/reboot scenarios; like battery low or the mentioned unmount crytpo-fs clean now. Impact can be minimized by lowering $timeout. Default timeout should be long enough to read and understand the message. Problem: Shutdown on systems where powerdown doesn't work and the user would have to wait for the script to finish, to turn his system off. Thoughts? - Robert
Disk architecture during install
Hi All, I am looking for a way to easily identify the various names given by OpenBSD to the disks before install, in order to be able to correctly make the slides and mount points during an install on a complicated system with several hard disks. Falling back to (S)hell during install process in a first step, second step identifying hardware : interfaces and hard disk. For the first, ifconfig, for the latter, I don't know. Regards.
Re: Disk architecture during install
Jean-Francois wrote on Tue, Feb 02, 2010 at 10:38:59PM +0100: I am looking for a way to easily identify the various names given by OpenBSD to the disks before install, in order to be able to correctly make the slides and mount points during an install on a complicated system with several hard disks. Falling back to (S)hell during install process in a first step, second step identifying hardware : interfaces and hard disk. For the first, ifconfig, for the latter, I don't know. sysctl hw.disknames
Re: way to help: laptops and weekly
On 3/02/2010, at 9:40 AM, Robert wrote: On Sun, 24 Jan 2010 14:48:35 -0500 Ted Unangst ted.unan...@gmail.com wrote: Are you sitting around feeling bored because you don't know how to help out OpenBSD? Did your requests for info on where to start come back with unhelpful responses? I've got just the thing for you: an idea! Cron runs the weekly update script every Saturday at 3:30am. If you use a laptop or other desktop, your computer probably isn't on then. So the locate and whatis databases never get updated unless you run it by hand. So somebody should figure out a way to handle this for desktop machines. Script called from cron via @reboot or rc.shutdown . By default commented out. Mentioned in afterboot. Check if daily, weekly or monthly need to be executed. If nessasary the script asks if it should do its stuff, warns it might take some time. Default answer No, so a quick Enter resumes shutdown/reboot. If no button has been pressed after $timeout (knob in script), resume shutdown/reboot. If user wants to do stuff, do what needs to be done and resume shutdown/reboot. Should take care of all the on shutdown/reboot scenarios; like battery low or the mentioned unmount crytpo-fs clean now. Impact can be minimized by lowering $timeout. Default timeout should be long enough to read and understand the message. Problem: Shutdown on systems where powerdown doesn't work and the user would have to wait for the script to finish, to turn his system off. Thoughts? - Robert This senario could easily be implimented by those that need/want it. My view is that anything added to base as the default setup should be: 1) pretty much invisible 2) Just Works 3) doesnt interfere with work in any pracical way I realize this is a very tall ask and will require some effort - hence the problem, but I do believe if it's going to be fixed, it should be fixed properly. That is the OpenBSD philosophy after all. Ingos' suggestions have been pretty close. paulm
pf questions (just to be sure)
Hi openbsd people, My PF firewall says: tcp_services = { ftp, ssh, domain, www, auth, https } udp_services = { ftp, domain, ntp } icmp_types = { echoreq, unreach } set skip on lo scrub in all no-df random-id block all pass in quick on lo0 pass out quick on lo0 table bruteforce persist block quick from bruteforce pass inet proto icmp all icmp-type $icmp_types keep state pass in proto tcp from any to any port ssh keep state (max-src-conn 3, max-src-conn-rate 2/30, overload bruteforce flush global) pass out proto tcp to any port $tcp_services keep state pass out proto tcp to any port 5999 keep state pass out proto udp to any port $udp_services pfctl -sr gives: pass in proto tcp from any to any port = ssh flags S/SA keep state (source-track rule, max-src-conn 3, max-src-conn-rate 2/30, overload bruteforce flush global, src.track 30) However I see a few strange logs in my log: Feb 2 12:59:36 dual sshd[12862]: Did not receive identification string from 60.190.60.78 Feb 2 13:02:04 dual sshd[12879]: Invalid user PlcmSpIp from 60.190.60.78 Feb 2 13:02:08 dual sshd[12881]: Invalid user plcmspip from 60.190.60.78 Feb 2 15:36:42 dual sshd[13139]: reverse mapping checking getaddrinfo for 121.242.15.135.static-kolkata.vsnl.net.in [121.242.15.135] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 2 15:36:42 dual sshd[13139]: User root from 121.242.15.135 not allowed because not listed in AllowUsers Feb 2 15:36:45 dual sshd[13141]: reverse mapping checking getaddrinfo for 121.242.15.135.static-kolkata.vsnl.net.in [121.242.15.135] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 2 15:36:45 dual sshd[13141]: User root from 121.242.15.135 not allowed because not listed in AllowUsers Feb 2 22:57:55 dual sshd[13910]: Did not receive identification string from 63.119.11.119 Feb 2 23:01:13 dual sshd[13929]: Invalid user gamefiles from 63.119.11.119 Feb 2 23:01:14 dual sshd[13931]: Invalid user ts from 63.119.11.119 What should I change in my pf.conf file to also gt rid of those lines? Feb 2 12:59:36 dual sshd[12862]: Did not receive identification string from 60.190.60.78 Feb 2 13:02:04 dual sshd[12879]: Invalid user PlcmSpIp from 60.190.60.78 Feb 2 13:02:08 dual sshd[12881]: Invalid user plcmspip from 60.190.60.78 or to get rid of these lines? Feb 2 15:36:42 dual sshd[13139]: reverse mapping checking getaddrinfo for 121.242.15.135.static-kolkata.vsnl.net.in [121.242.15.135] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 2 15:36:42 dual sshd[13139]: User root from 121.242.15.135 not allowed because not listed in AllowUsers Feb 2 15:36:45 dual sshd[13141]: reverse mapping checking getaddrinfo for 121.242.15.135.static-kolkata.vsnl.net.in [121.242.15.135] failed - POSSIBLE BREAK-IN ATTEMPT! or to get rid of these lines? Feb 2 22:57:55 dual sshd[13910]: Did not receive identification string from 63.119.11.119 Feb 2 23:01:13 dual sshd[13929]: Invalid user gamefiles from 63.119.11.119 Feb 2 23:01:14 dual sshd[13931]: Invalid user ts from 63.119.11.119 1) Will max-src-conn 1 be a better value? 2) Why are those ip-address not added to the bruteforce table? My max-src-conn-rate 2/30 implies 1 in 15 seconds and the rate for ip 60.190.60.78 is already 2 in 4 seconds, so I would guess that this ip-address would go into bruteforce. Thanks in advanced, Robert
Re: OT: performance (was Re: multiple qemu hosts, typo)
On Wed, Feb 3, 2010 at 6:01 AM, James Records james.reco...@gmail.com wrote: Oh, Qemu performance is horrible, I don't know if there is any work being done to make kqemu work, but I just use it more as a proof of concept, if your wanting to run VM's for performance, this is not the route to go, IMO... J On Tue, Feb 2, 2010 at 10:48 AM, Bryan bra...@gmail.com wrote: On Tue, Feb 2, 2010 at 11:09, Vijay Sankar vsan...@foretell.ca wrote: I was running three instances of Windows 2000 Server and one Windows 2003 server on a Dell 2900 -- two IIS servers, and two SQL Servers for testing purposes a while ago. Here is some info on how I was doing it at that time -- Each vm guest was started with a command similar to the following: sudo env ETHER=bnx1 qemu \ -net nic,vlan=0,model=rtl8139,macaddr=AA:BB:CC:DD:EE:XX \ -net tap,vlan=0 -m 384 -no-fd-bootchk -localtime \ -hda whatever.img -nographic XX was F1, F2, F3, and F4 w2k3, w2k, appint and appext images respectively I used nographic because it was easier to use rdesktop and rdp from other systems to access the vm guests instead of being at the console. Do you notice any performance gains by running them like this? I'm running one instance of XP on a dual-core box with 4GB of RAM, and it's slow as hell. I'd try running Windows 7, but the ACPI fails, and I can't allocate 1GB of RAM with the version we have in ports to do the initial install. kqemu is in ports and packages. I believe running OpenBSD as a guest has problems, but in my experience it doesn't really need it when you run it under OpenBSD itself. -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
SOLVED pf questions (just to be sure)
Dear OpenBSD people, Please ignore my previous post. pfctl -t bruteforce -T show gives 60.190.60.78 63.119.11.119 119.147.106.248 121.242.15.135 200.195.127.215 So I don' t know what I was thinking. I'm tired after a long day and will go to bed and sleep well knowing pf takes care of the bad guys:-) Thanks Robert
Re: Disk architecture during install
On Tue, Feb 2, 2010 at 10:38 PM, Jean-Francois jfsimon1...@gmail.com wrote: Hi All, I am looking for a way to easily identify the various names given by OpenBSD to the disks before install, in order to be able to correctly make the slides and mount points during an install on a complicated system with several hard disks. Falling back to (S)hell during install process in a first step, second step identifying hardware : interfaces and hard disk. For the first, ifconfig, for the latter, I don't know. Follow the OpenBSD faq for setting up a serial console. If you then run cu or tip within an xterm you can easily scroll up and down through the dmesg. =Adriaan=
Re: MFM disk geometry
On Tue, 02 Feb 2010 08:01:41 -0500 Daniel Malament b...@anonix.net wrote: Alternatively, can disktab be used? The documentation is not entirely transparent on this, but it does appear that disktab might be able to override BIOS parameters. Apparently not. disktab looks like it's mostly used by disklabel. It turns out disklabel with -e will let you edit the geometry, but the kernel doesn't actually change the values it uses for drive access, even though the disklabel remains correct/consistent upon reload. If you know these MFM disks use MS file systems, then your best bet is using hardware/system of similar vintage along with another operating system such as MS-DOS or better FreeDOS. http://www.freedos.org/ If you can find a working network interface card, then your problem is solved. The trouble with OpenBSD is it lacks support for the 80386 (and lower). http://www.openbsd.org/i386.html except for the 80386 itself Your best bet is to try finding a 286/386/486 system that either does not have a built-in disk controller, or has a MFM disk controller built-in. If you cannot find anything locally, I might have what you need sitting someplace in my garage, so feel free to contact me off-list. -jon
Re: openoffice abort trap
On Tue, 2 Feb 2010, Stuart Henderson wrote: On 2010-02-02, shweg...@gmail.com shweg...@gmail.com wrote: running 4.6 release I need to open some .doc files with some complex graphics in them, and abiword doesn't seem to handle them very well. So I thought openoffice might help. I installed it, but cannot open it, the flash screen comes up, and then crashes right away: If you've got openoffice-kde or openoffice-java installed, try removing them no kde, I'm using dwm, the only openoffice package installed is openoffice-3.1.0p6
We have contact data for the medical community
Special Package Doctors Dentist Both $ 289.00 each one $269.00 US Medical Database Updated Records 2009 (reg$999) Complete Physician Database 788,800 doctors available for direct mail Physician Email 48,500 (17,441Unique) Physician Fax Database 202,466 First name* Last name* Title* Specialty* Address (city, state, zip, county)*Medical School Attended* Residency Training* Phone/Fax * Email* Website* Primary Specialty* Secondary Specialty* (PHYSICIANS DATABASE COMES SORTED BY STATE AND BY SPECIALTIES) US Dentists Database Updated Records 2009 This database includes only licensed dentists: New for this Year: Database of Dentists in America (reg$599) 192,003 Dentists with City, State, Zip 189,050 Addresses 191,033hone Numbers 95,226 Fax #'s 51,440 E-Mail Addresses Last-named* title* address1* city* state* zip* county* phone** Email Address* Fax Number* Website (DENTIST DATABASE COMES SORTED BY STATE AND BY SPECIALTIES) send and email to: mor...@easylistbuy.net To be erased from our list please send an email to rem...@easylistbuy.net
bgpd log message
I sometimes see a bgpd message in /var/log/messages saying: /bsd: cannot forward from :: to 2zzz:z000::0005 nxt 17 received on vr2 (I snipped the datestamp and hostname to stop linewrap) It is not common and nothing bad seems to be happening but I'm puzzled as to what it means. Any clues? Thanx, *** NOTE *** Please DO NOT CC me. I am subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
You have a new Greeting
Hello friend ! You have just recieved a postcard Greeting from your friend. Click here if you want to download your Animated Greeting ! Thank you for using www.Greetings.com services. Please take this opportunity to let your friends hear about us by sending them a postcard from our collection !
Re: [RESOLVED] Jan 28 snapshot - em0 disappeared
Steve Williams wrote: Hi, I upgraded my system today. I'm not sure if it was previously a snapshot or actually 4.6. Regardless, I upgraded it to the snapshot from January 28. I booted the snapshot iso and did an upgrade. Ran sysmerge slowly working my way through all the ports. I went from: OpenBSD 4.6 (GENERIC) #58: Thu Jul 9 21:24:42 MDT 2009 to OpenBSD 4.7-beta (GENERIC.MP) #402: Wed Jan 27 19:29:54 MST 2010 I am getting an error in the dmesg, and em0 no longer appears in ifconfig: em0 at pci0 dev 25 function 0 Intel ICH9 IGP AMT rev 0x02: apic 8 int 21 (irq 3)em0: The EEPROM Checksum Is Not Valid em0: Unable to initialize the hardware This is an onboard NIC, so it's not like I can replace it. I booted the 4.6 install CD and went into the shell to confirm that it could still see the em0 post upgrade, and it was there no problem I have included the following files: 1) dmesg from January 28 snapshot 2) dmesg from 4.6 3) pcidump -v from January 28 snapshot Does anyone have any ideas? This isn't life threatening as I have already have another NIC in one of the slots and additional slots available, but I would like to know what the problem is and how to go about fixing it. I haven't been able to find the magic google incantation to provide guidance :-( Thanks, Steve Williams Snapshot dmesg -- OpenBSD 4.7-beta (GENERIC.MP) #402: Wed Jan 27 19:29:54 MST 2010 t...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP RTC BIOS diagnostic error 11memory_size cpu0: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz (GenuineIntel 686-class) 2.40 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR real mem = 2101956608 (2004MB) avail mem = 2027941888 (1933MB) RTC BIOS diagnostic error 11memory_size mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 11/05/07, BIOS32 rev. 0 @ 0xffea0, SMBIOS rev. 2.5 @ 0xf0450 (80 entries) bios0: vendor Dell Inc. version A04 date 11/05/2007 bios0: Dell Inc. OptiPlex 755 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SSDT APIC BOOT ASF! MCFG HPET SLIC acpi0: wakeup devices VBTN(S4) PCI0(S5) PCI4(S5) PCI2(S5) PCI3(S5) PCI1(S5) PCI5(S5) PCI6(S5) MOU_(S3) USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 265MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz (GenuineIntel 686-class) 2.40 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz (GenuineIntel 686-class) 2.40 GHz cpu2: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz (GenuineIntel 686-class) 2.40 GHz cpu3: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR ioapic0 at mainbus0: apid 8 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 8 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 3 (PCI4) acpiprt1 at acpi0: bus 2 (PCI2) acpiprt2 at acpi0: bus -1 (PCI3) acpiprt3 at acpi0: bus 1 (PCI1) acpiprt4 at acpi0: bus -1 (PCI5) acpiprt5 at acpi0: bus -1 (PCI6) acpiprt6 at acpi0: bus 0 (PCI0) acpicpu0 at acpi0 acpicpu1 at acpi0 acpicpu2 at acpi0 acpicpu3 at acpi0 acpibtn0 at acpi0: VBTN bios0: ROM list: 0xc/0xb800! 0xcb800/0x2000! 0xcd800/0x2800! cpu0: Enhanced SpeedStep disabled by BIOS pci0 at mainbus0 bus 0: configuration mode 1 (bios) bridge mem address conflict 0xfe80/0x10 mem address conflict 0xfea0/0x8 mem address conflict 0xfeb0/0x10 mem address conflict 0xfea8/0x8 mem address conflict 0xfe9da000/0x1000 mem address conflict 0xfe9e/0x2 mem address conflict 0xfe9db000/0x1000 mem address conflict 0xfe9d9c00/0x400 mem address conflict 0xfe9dc000/0x4000 bridge mem address conflict 0xfe70/0x10 bridge mem address conflict 0xfe50/0x20 mem address conflict 0xfe9d9b00/0x100 pchb0 at pci0 dev 0 function 0 Intel 82Q35 Host rev 0x02 ppb0 at pci0 dev 1 function 0 Intel 82Q35 PCIE rev 0x02: apic 8 int 16 (irq 11) pci1 at ppb0 bus 1 vga1 at pci0 dev 2 function 0 Intel 82Q35 Video rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 8 int 16 (irq 11)
Re: -CURRENT, VLANs, NAT
--- On Tue, 2/2/10, David Gwynne l...@animata.net wrote: all the cool kids are going: match out on vlan301 nat-to vlan301 received-on vlan303 I just got around to testing this rule and it didn't work for me as I would have expected. The output of pfctl -nv -f /etc/pf.conf expanded to the inet6 address of VLAN 301 interface by default. When I changed the line to read match out on vlan301 inet nat-to vlan301 received-on vlan303 it expanded to the inet address I would have expected to see by default. Is this intended or a bug? I would assume that you would want to expand to inet by default and not inet6. This is of course just a matter of opinion. --- James A. Peltier james_a_pelt...@yahoo.ca