Re: Source Overview

[Pete Vickers]

In keeping with your 'lets get something up on there to point the whiners at',
how about adding this:

* Add support for RFC5837 to OpenBSD's IP stack.

This could be suitable task since it presumably has 'cool factor'  is an
easily definable task, and is not trivial to write.


/Pete




On 22. apr. 2010, at 01.51, Daniel Ouellet wrote:

 I simply requested the account on that persons system because I offered to
 help maintain the task list.  I've not been contacted so I assume they're
 not interested.

 You are not the only one with limited time. Sorry for the late reply, but
also I wanted to provide details as to why.

 Your text was:

 If you provide me an account and if everyone is OK sending me minimally
 formatted TODO lists I will gladly be the point of contact and maintain
that
 list.

 What qualifies as minimally formatted?

 1) Each item on a separate line prepended with a *.
 2) (OPTIONAL) If you want, order them by importance.

 I will attempt to clean-up grammar and spelling.
 

 The short of it is that in it if you look at it. It add more work to the
developers by asking them to send in stuff. They already have it done for
some. So, why duplicate the list. It will just get out of sync and obsolete
very soon. Plus they have a list, so I think the most logical and efficient
way to do it would be just like this:

 1. Name

 2. Very short blurb for area the todo cover

 3. URL to the developers list.

 And that's it.

 Nothing more is needed. Frankly if a developer spend time making a todo list
and publish it, then it must be some what maintain when ever they have time.
Asking to add more management to track it and maintain yet an additional list
is wrong in my book. Plus I am still not convince it's helpful, but never the
less I would sure be welcome to be proven wrong.

 The only think that this gives me as an idea that may have some merit is
that a list of user group might be good to have and I can add that to the
site. But again, that should be as minimal as possible.

 City, state or province, country, language and URL to the site for the
group. If no URL, then some details could be added and that may actually get
some usage may be.

 But keeping the time needed to maintain anything like this is a plus and not
required any more from the developers have to be the goal. But again, I am not
sure it's even good, but like I said, I am not oppose to. Like everyone else I
have very little time and I didn't reply before, nor this morning to your
email at 5:32AM when I saw it at 7:30 AM EST as I just finish an other project
and I do need to get some sleep sometime as little as it might be and I have
some kind of a life too and kids to take care of as well.

 So, sorry for the delay.

 Like I said, I am not doing a perfect job and I will admit that, but I try.
Better then most anyway that asked and do nothing.

 I will continue off list for the rest as there is no point on doing it
here.

 I already saved the email from Alexandre Ratchov for his list that he sent
to m...@. Just didn't have time to post it yet, but it will.

 Now I need to go feed the kids, so more delay on my part.

 Best,

 Daniel

Re: maia in openbsd 4.6

[Richard Toohey]

On 22/04/2010, at 5:02 PM, sonjaya wrote:

 hi all ...

 i have problem installed maia in openbsd 4.6 , problem module perl file(1).

 Application/Module  Version   Status
 
 Perl :   5.10.0 : OK
 file(1)  :  N/A : NOT INSTALLED (required by Maia
Mailguard)
 Archive::Tar : 1.58 : OK

 # file  -v
 file-4.24
 magic file from /etc/magic
 # whereis file
 /usr/bin/file
 # ln -s  /usr/bin/file /usr/local/bin/

 any clue how to solved this  ,
Never used it myself, have you tried Google?

Where is the error message coming from?  configtest.pl?

http://www.purplehat.org/?page_id=16

quoteNote:

There is a known issue with the file() utility in the configtest check.
Dont worry about this as Maia will still find and use  file() even if the
configtest says it is not installed. This will be fixed in the next Maia
release. Otherwise, PLEASE let me know if something in the port is not working
correctly./quote

HTH

 --
 sonjaya
 http://sicute.blogspot.com
 http://www.pojokdomain.com(sell  buy domain with free )

Re: USB stick 4GB Kingston not working

[Richard Toohey]

On 20/04/2010, at 4:05 PM, STeve Andre' wrote:

 On Monday 19 April 2010 23:51:21 Sean Howard wrote:
 I have a Kingston, it has behaved very erratically (and currently lost its
 partition, leaving the drive unformatted). I've done no research into
this,
 but a similar problem is there. I found formatting it would work for a few
 days (but didn't want to try harder than that for just a USB drive).

 Somebody claiming to be Girish Venkatachalam wrote:
 Dear friends,

 Though I find that with each OpenBSD release an increasing array of
 exotic USB devices are supported, I got the shock
 of my life with my newly purchased USB stick.

 This is what I get from USB probing.
 [snip]

 Do not discount a bad usb stick.  I've seen a few brands which were (or,
 are) pretty bad.  One particular 1G/2G batch of pny sticks had about 50%
 not working on OpenBSD.  I got them to test because they were flaky on
 Windows, too.  I know there are incompatible sticks out there, but I've
 crashed into just plain badly made hardware, too.


I'll second that on PNY mem sticks - got an 8Gb one and it's hopeless!

Yer pays yer money and yer takes your choice!

 --STeve Andre'

Re: usb modem ADU-500A

[Duncan Patton a Campbell]

On Wed, 21 Apr 2010 10:54:07 + (UTC)
Stuart Henderson s...@spacehopper.org wrote:

 On 2010-04-21, Duncan Patton a Campbell campb...@neotext.ca wrote:
 
  I looked at the support site and found that there's a 
  substantial driver to download that only supports recent
  MS products.  
 
 same for many other devices that OpenBSD supports...
 
  I have an older cdma modem from AnyDATA and found it useless
  for most OS including OBSD.  I was only able to get 
  limited tty connections and any crypto bombed it.
 
 that sounds more like a problem with MTU or handshaking.
 

The behaviour seemed to me to resemble that of packed data
on a compressed channel.  More like MTU than handshake stuff.

Dhu

Re: Premature end of archive

[sonjaya]

i get solusion why this happent.

me using sonicwall ass gateway  ...
here i capture log in server and sonicwall
# wget
ftp://anga.funkfeuer.at/pub/OpenBSD/4.6/packages/i386/clamav-0.95.2.tgz
--2010-04-22 17:53:03--
ftp://anga.funkfeuer.at/pub/OpenBSD/4.6/packages/i386/clamav-0.95.2.tgz
   = `clamav-0.95.2.tgz.1'
Resolving anga.funkfeuer.at... 78.41.115.130, 2a02:60:1:1::9
Connecting to anga.funkfeuer.at|78.41.115.130|:21... connected.
Logging in as anonymous ... Logged in!
== SYST ... done.== PWD ... done.
== TYPE I ... done.  == CWD /pub/OpenBSD/4.6/packages/i386 ... done.
== SIZE clamav-0.95.2.tgz ... 1516336
== PASV ... done.== RETR clamav-0.95.2.tgz ... done.
Length: 1516336 (1.4M)

24% [
] 376,480 40.4K/s   in 9.6s

2010-04-22 17:53:18 (38.2 KB/s) - Data connection: Connection reset by
peer; Control connection closed.
Retrying.

--2010-04-22 17:53:19--
ftp://anga.funkfeuer.at/pub/OpenBSD/4.6/packages/i386/clamav-0.95.2.tgz
  (try: 2) = `clamav-0.95.2.tgz.1'
Connecting to anga.funkfeuer.at|78.41.115.130|:21... connected.
Logging in as anonymous ... Logged in!
== SYST ... done.== PWD ... done.
== TYPE I ... done.  == CWD /pub/OpenBSD/4.6/packages/i386 ... done.
== SIZE clamav-0.95.2.tgz ... 1516336
== PASV ... done.== REST 376480 ...
REST failed, starting from scratch.

== RETR clamav-0.95.2.tgz ... done.
Length: 1516336 (1.4M), 1139856 (1.1M) remaining

24% [
] 376,480 38.8K/s   in 9.6s

2010-04-22 17:53:34 (38.1 KB/s) - Data connection: Connection reset by
peer; Control connection closed.
Retrying.


then i check in sonicwall

12  UTC 04/22/2010 10:52:56.032 Alert Security Services Gateway
Anti-Virus Alert: Mytob.Crypter (Worm) blocked 78.41.115.130, 51671,
X3 192.168.xxx.10, 13305, X5

ha ha so the trouble maker is sonicwall 

On Thu, Nov 5, 2009 at 4:54 PM, J.C. Roberts list-...@designtools.org
wrote:
 On Wed, 4 Nov 2009 17:49:55 +0700 sonjaya sonj...@gmail.com wrote:

 Dear all
 i try install clamav from packages but  get error like this , how to
 solved ?
 - i try another mirror still same
 - try donwload to local pc still same

 # export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/4.6/packages/i386/
 # pkg_add -i clamav
 Premature end of archive
 clamav-0.95.2: complete
 Adjusting sha for /usr/local/lib/libclamav.a from
 k3C2K5oQcz5KJ1wrU0uLgN9h6iZ1w6MYh5gIYM02On4= to
 orCLZWKfCRHFq1lVJcXljBP3QjUq2trZIlRJ49Np5zk=
 /usr/sbin/pkg_add: Installation of clamav-0.95.2 failed, partial
 installation recorded as partial-clamav-0.95.2
   ^

 You need to delete the *PARTIALLY* installed package. As for why this
 does not happen by default on all failed installation attempts, I don't
 know, but that fact that failed installation attempts leave non-working
 junk on the system can cause problems.

 $ sudo pkg_delete partial-clamav-0.95.2



 --
 J.C. Roberts




--
sonjaya
http://www.sharenupload.com
http://www.farmproxy.com

Re: Source Overview

[Daniel Ouellet]

On 4/22/10 2:05 AM, Pete Vickers wrote:

In keeping with your 'lets get something up on there to point the whiners at',
how about adding this:

* Add support for RFC5837 to OpenBSD's IP stack.

This could be suitable task since it presumably has 'cool factor'  is an
easily definable task, and is not trivial to write.


/Pete


Hi Pete,

With all due respect. May be I didn't read the list right, but I didn't 
see your name here:


http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/geo/openbsd-developers/files/OpenBSD?rev=1.53;content-type=text%2Fplain

Meaning you are not a developers. May be I am wrong. That list is for 
what the developers fell they have on their todo list, not a list of 
users request. So, that may be they can get help, not for them to take 
requests!


If you want it, may be you could start it right?

I sure have no intention of starting a list of users requests at all.

Sorry not my intentions what so ever. I fell grateful to even get what 
they gracefully share with me and that's a gift in itself. For what 
was/is important to me, I pay them to do it, if they are interested in 
what I may need, or try to do it myself when time allow me to do so.


Best regards,

Daniel

Re: maia in openbsd 4.6

[Steve Shockley]

On 4/22/2010 1:02 AM, sonjaya wrote:

i have problem installed maia in openbsd 4.6 , problem module perl file(1).


http://marc.info/?m=126887732124225

Please test and let me know how it goes.  I fixed this by just removing 
the check.  Now that I'm actually looking at it more, I think maybe that 
regex (\-([0-9\.]+)) is looking for X.Y rather than X.YY, but I'm 
terrible with regex so I could be mistaken.


There are some other dependencies that aren't in the tree, you should be 
able to find most at http://conveyor.shockley.net/ports/.

Re: Source Overview

[Claudio Jeker]

On Thu, Apr 22, 2010 at 07:14:31AM -0400, Daniel Ouellet wrote:
 On 4/22/10 2:05 AM, Pete Vickers wrote:
 In keeping with your 'lets get something up on there to point the whiners 
 at',
 how about adding this:
 
 * Add support for RFC5837 to OpenBSD's IP stack.
 
 This could be suitable task since it presumably has 'cool factor'  is an
 easily definable task, and is not trivial to write.
 
 
 /Pete
 
 Hi Pete,
 
 With all due respect. May be I didn't read the list right, but I
 didn't see your name here:
 
 http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/geo/openbsd-developers/files/OpenBSD?rev=1.53;content-type=text%2Fplain
 

Neither are you, so why does that matter?

 Meaning you are not a developers. May be I am wrong. That list is
 for what the developers fell they have on their todo list, not a
 list of users request. So, that may be they can get help, not for
 them to take requests!
 

I think one thing should have been mostly clear by now, todo lists are a
waste of time. In the end most items will be fixed by the person doing the
list.

 If you want it, may be you could start it right?
 
 I sure have no intention of starting a list of users requests at all.
 
 Sorry not my intentions what so ever. I fell grateful to even get
 what they gracefully share with me and that's a gift in itself. For
 what was/is important to me, I pay them to do it, if they are
 interested in what I may need, or try to do it myself when time
 allow me to do so.
 

In the end all that matters is that someone gets up from his comfy couch,
hacks something up and sends a diff around and the only way that is going
to happen is because of egoistical reasons. Nobody will move a finger
unless there is an itch to scratch. So other people's todo lists are
totaly useless.

-- 
:wq Claudio

Re: Source Overview

[Owain Ainsworth]

On Thu, Apr 22, 2010 at 01:40:42PM +0200, Claudio Jeker wrote:
 In the end all that matters is that someone gets up from his comfy couch,
 hacks something up and sends a diff around and the only way that is going
 to happen is because of egoistical reasons. Nobody will move a finger
 unless there is an itch to scratch. So other people's todo lists are
 totaly useless.

Who are you to say I can't hack from my couch?

-0-
-- 
Kansas state law requires pedestrians crossing the highways at night to
wear tail lights.

Re: Source Overview

[Lars Nooden]

On 4/22/10 2:44 PM, Owain Ainsworth wrote:

On Thu, Apr 22, 2010 at 01:40:42PM +0200, Claudio Jeker wrote:

In the end all that matters is that someone gets up from his comfy couch,
hacks something up and sends a diff around and the only way that is going
to happen is because of egoistical reasons. Nobody will move a finger
unless there is an itch to scratch. So other people's todo lists are
totaly useless.


Who are you to say I can't hack from my couch?


No other list member can claim more hand-to-hand, zero-G combat matches 
than Claudio and he has not been defeated in even one bout.


/Lars

Re: Source Overview

[Chris Bennett]

On 04/22/10 06:44, Owain Ainsworth wrote:

On Thu, Apr 22, 2010 at 01:40:42PM +0200, Claudio Jeker wrote:

In the end all that matters is that someone gets up from his comfy couch,
hacks something up and sends a diff around and the only way that is going
to happen is because of egoistical reasons. Nobody will move a finger
unless there is an itch to scratch. So other people's todo lists are
totaly useless.


Who are you to say I can't hack from my couch?

-0-


I only hack from an office chair. That way all of my hacks are official!

Plus the added bonus of being able to spin in place rapidly to clear the 
dust off the top of my head during really long hacks!

Re: [ot] xmpp server (was 'can't do suitable block in firewall')

[Leonardo Carneiro - Veltrac]

Lars Nooden wrote:

On 04/19/2010 09:12 PM, Leonardo Carneiro - Veltrac wrote:

... the gateway features does not work 100% yet (at least in the 
server that i use)


There are additional solutions.  One is to work with the contacts to 
get them set up with XMPP clients, since the gateway function is there 
only to deal with legacy protocols as a means to phase them out 
through various means.


Do you have a link to the bug report or discussion about the 
shortcomings of the gateway ? (e.g. Openfire, Kraken, or others)


/Lars
I can't force my clients (real clients, not host clients) to work with 
XMPP (they still use MSN), but there are thousand of solutions. I did 
not upgrade to kraken yet ( i'm still using the Gateway IM plugin ), but 
openfire development seems to have stopped. It's such a waste, cause it 
have the best management interface of all the xmpp servers that i have 
seen. I do not have a bug ticket, but i'm sure there is one open. The 
openfire brazilian users community is pretty active, and some users, 
like Marcelo Terres, keep in touch with some developers, and all point 
that the openfire development have stopped for real. =(

Re: trouble installing on t2000

[Wagstaff, Jason]

I have two spare t2000 machines that I am setting up load  balancing on.
Is there anything I can test to confirm this?  I tried the snapshot
dated 2010-04-20.



Jason Wagstaff
System Administrator - Specialist
Information Technology Services (ITS)
University of Missouri St.Louis
One University Blvd., Suite 441 CCB
St.Louis, MO 63121
(314) 516-4067


-Original Message-
From: Theo de Raadt [mailto:dera...@cvs.openbsd.org]
Sent: Tuesday, April 20, 2010 1:51 PM
To: Wagstaff, Jason
Cc: misc@openbsd.org
Subject: Re: trouble installing on t2000

 I am trying to install the version sparc64 4.7 openBSD on a T2000
Enterprise.
 It will let me get all the way through to installingn sets.  I have
tried to
 install the sets from cd, ftp, http, rsync and it never finishes.
Does
 anyone have any ideas why this might be?   It usually gets about 90%
through
 before freezing up.

A possible fix for this has been commited recently.

RCS file: /cvs/src/sys/arch/sparc64/sparc64/intr.c,v
revision 1.35
date: 2010/04/16 22:35:24;  author: kettenis;  state: Exp;  lines: +11
-3
Fix handling of shared interrupts.  Make sure we use the lowest priority
of
all the interrupt handles when reprioritizing the interrupt on
reception,
but always run the handler at the desired priority.  Make sure
ci_handled_intr_level is set correctly.  Gets rid of splassert warnings
seem on many of the PCIe systems with mpi(4).

tested by deraadt@, jbg@

It seems to only affect some machines, and none of us had a T2000...

Re: can't do suitable block in firewall

[Leonardo Carneiro - Veltrac]

Shane Lazarus wrote:

Heya

Seems to me that you should probably allow traffic out to the $proxy 
via the $dmz_if at some point...
For that matter, allow from the $proxy back in through the $dmz_if and 
out...


Something like:

# tables
table msn_rdr persist const file /etc/pf.conf.d/msn-rdr
table msn_allow persist const file /etc/pf.conf.d/msn-allow

# msn proxy
rdr on { $lan1_if, $lan2_if } proto tcp from msn_rdr to any port { 
1863 25000:3 } - $proxy

# msn filter
block all

pass in on { $lan1_if $lan2_if } inet proto tcp from msn_rdr to 
$proxy port { 1863 25000:3 }
pass out on { $dmz_if } inet proto tcp from msn_rdr to $proxy port { 
1863 25000:3 }


pass in on { $lan1_if $lan2_if $dmz_if } inet proto tcp from 
msn_allow to any port { 1863 25000:3 }
pass out on { $inet_if } inet proto tcp from msn_allow to any port { 
1863 25000:3 }



Note that Hypens are not recommended for user defined names inside 
pf.conf , being Macros, Table Names et al.

( man pf.conf for allowed characters )
So your table names msn-allow and msn-rdr have been altered above 
to conform to recommendations.


Also you have not mentioned any NAT rules here so these rules would 
only work with Public IP Addresses throughout.


Lastly, try to group the rules together to get a better idea of packet 
flow when building rules like these.
It was obvious to me from the first that you were missing rules, which 
you would likely have been able to see yourself if you had grouped the 
rules by expected packet flow.


For example:
Internal Network Redirects -- Proxy Server
Proxy Server -- Internet

Internal Network Direct -- Internet


Shane
Hi Shane and others. Tks for the tips. With it, i finally manage to get 
working. I did not paste all my firewall script, that's why it didn't 
have any NAT rule.


I only did a small change in your sugestion to get to work.
First, i switched the 'block all' to 'block in on ! $inet_iface inet 
proto tcp from any to any port 1863' since i allow all traffic between 
internal interfaces and all traffic going out through inet_iface by default.
I also changed the second pass rule; from 'pass out on { $dmz_if } inet 
proto tcp from msn_rdr to $proxy port { 1863 25000:3 }' to 'pass 
out on { $dmz_iface } inet proto tcp from $proxy to msn-rdr port { 
1863 25000:3 }' (inverted the 'from' and 'to' statements).


I'll follow your tips regading the hypens stuff. Tks for your help.

Novatel MC760 Virgin Mobile Broadband2Go

[Ted Roby]

Novatel (0x1410) makes an MC760 (0x6002) used by
Virgin Mobile in their BroadBand2Go card.

This card advertises itself as incompatible with
linux at this time.

After adding the device to usbdevs, rebuilding
usbdevs.h and usbdevs_data.h, and adding to
umsm.c it was finally recognized and mounted
as such:

(FYI, this part of the dmesg is the same regardless
of addition to usbdevs. See further dmesg after
performing 'eject cd1' for the successful output
after adding to sys/dev/usb files.)

umass1 at uhub7 port 1 configuration 1 interface 0 Novatel Wireless Inc.
Novatel Wireless CDMA rev 1.10/0.00 addr
 3
umass1: using SCSI over Bulk-Only
scsibus2 at umass1: 2 targets, initiator 0
cd1 at scsibus2 targ 1 lun 0: Novatel, Mass Storage, 1.00 SCSI2 5/cdrom
removable
umass2 at uhub7 port 1 configuration 1 interface 1 Novatel Wireless Inc.
Novatel Wireless CDMA rev 1.10/0.00 addr
 3
umass2: using SCSI over Bulk-Only
scsibus4 at umass2: 2 targets, initiator 0
sd1 at scsibus4 targ 1 lun 0: Novatel, MMC Storage, 2.31 SCSI2 0/direct
removable
sd1: drive offline


This device mounts a CD image when inserted.
After ejecting with 'eject cd1' I get the following:


cd1 detached
scsibus2 detached
umass1 detached
sd1 detached
scsibus4 detached
umass2 detached
umsm0 at uhub7 port 1 configuration 1 interface 0 Novatel Wireless Inc.
Novatel Wireless CDMA rev 1.10/0.00 addr
3
ucom0 at umsm0
umsm1 at uhub7 port 1 configuration 1 interface 1 Novatel Wireless Inc.
Novatel Wireless CDMA rev 1.10/0.00 addr
3
ucom1 at umsm1
umsm2 at uhub7 port 1 configuration 1 interface 2 Novatel Wireless Inc.
Novatel Wireless CDMA rev 1.10/0.00 addr
3
ucom2 at umsm2
umsm3 at uhub7 port 1 configuration 1 interface 4 Novatel Wireless Inc.
Novatel Wireless CDMA rev 1.10/0.00 addr
3


Still, I have no success yet in initiating ppp.
I consider this as my own error, and suspect
the device will operate as expected. My
ppp script skills have diminished since the
advent of DSL.

First, here's my /usr/src/sys/dev/usb diffs:

Index: sys/dev/usb/usbdevs
===
RCS file: /cvs/src/sys/dev/usb/usbdevs,v
retrieving revision 1.493
diff -u sys/dev/usb/usbdevs
--- sys/dev/usb/usbdevs 17 Apr 2010 15:05:59 -  1.493
+++ sys/dev/usb/usbdevs 22 Apr 2010 13:29:21 -
@@ -2741,6 +2741,7 @@
 product NOVATEL MERLINX950D0x5010  X950D
 product NOVATEL ZEROCD20x5030  ZeroCD
 product NOVATEL U760   0x6000  U760
+product NOVATEL MC760  0x6002  MC760

 /* Novatel Wireless(1) products */
 product NOVATEL1 FLEXPACKGPS   0x0100  NovAtel FlexPack GPS

Index: sys/dev/usb/umsm.c
===
RCS file: /cvs/src/sys/dev/usb/umsm.c,v
retrieving revision 1.61
diff -u sys/dev/usb/umsm.c
--- sys/dev/usb/umsm.c  14 Apr 2010 02:47:58 -  1.61
+++ sys/dev/usb/umsm.c  22 Apr 2010 13:29:45 -
@@ -172,6 +172,7 @@
{{ USB_VENDOR_NOVATEL, USB_PRODUCT_NOVATEL_MERLINX950D },
DEV_UMASS4},
{{ USB_VENDOR_NOVATEL, USB_PRODUCT_NOVATEL_ZEROCD2 }, DEV_UMASS4},
{{ USB_VENDOR_NOVATEL, USB_PRODUCT_NOVATEL_U760 }, DEV_UMASS4},
+   {{ USB_VENDOR_NOVATEL, USB_PRODUCT_NOVATEL_MC760 }, DEV_UMASS4},

{{ USB_VENDOR_NOVATEL1, USB_PRODUCT_NOVATEL1_FLEXPACKGPS }, 0},


Here's /etc/ppp/ppp.conf
default:
   set device /dev/cuaU1
   set speed 460800
   set dial ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \\ AT OK-AT-OK
ATE1Q0s7=60 OK \\dATDT\\T TIMEOUT 40 CONNECT
   set login
   set authname guest
   set authkey guest
   set timeout 120
   enable dns

Here's /etc/ppp/peers/virgin:
/dev/cuaU0
460800
lock
crtscts
modem
noauth
defaultroute
user guest
connect /usr/sbin/chat -V -f /etc/ppp/chat-virgin
noipdefault


And here's /etc/ppp/chat-virgin:
TIMEOUT 10
REPORT CONNECT
ABORT BUSY
ABORT 'NO CARRIER'
ABORT ERROR
 ATZ
OK ATF
OK AT_OPSYS=1
OK 'AT+CGDCONT=1,IP,virginbroadban d'
SAY Calling...\n
TIMEOUT 120
OK ATD*99***1#
CONNECT \c


When negotiating manually (at the ppp prompt with 'term')
I get as far as the ATF sequence. Any command after
that produces ERROR.

Here's some usbdevs info:
 port 2 addr 2: high speed, self powered, config 1, USB2.0 Hub(0x0606),
Genesys Logic(0x05e3), rev 7.02
  port 1 addr 3: full speed, power 500 mA, config 1, Novatel Wireless
CDMA(0x6002), Novatel Wireless Inc.(0x1410), rev 0.00, iSerialNumber
091116569131000

Note, the above usbdevs shows the device attached to
an external hub. This was ONLY done for obtaining this
output. During testing the device was inserted into
a built-in usb port, and typically mounted on /dev/usb4

Subscription a Descuentos en Salud

[lina reyes carmona]

You have been invited to join lina susana alvarez carmona's email list(s). 
Click the link(s) to confirm your subscription:

Tratamiento 100% natural para el control de la diabetes y la eliminacisn de las 
neuropatmas.

 

Uso: 4 meses y  en dosis de 2 capsulas  en cada comida

el tratamiento Kit 4 es  de $1000 pesos su costo, ya incluye el envis.

 

El neem funciona en pacientes diabiticos con altos niveles  de glucosa , lo que 
hace neem es normalizar al paciente diabitico sin efectos secundarios adversos. 
ya que corrige el alta de glucosa, colesterol, acido zrico a niveles normales. 
evitando asm mas complicaciones y el uso de insulina. Tambiin previene al 
paciente del glaucoma, protege al organismo y la piel de infecciones de 
cualquier tipo, mejora la circulacisn general, ayuda a pacientes hipertensos. 
En la gran mayorma de los casos tambiin se logra recuperar su vigor sexual.

 

Si todavma no utiliza insulina es preferible que tome el tratamiento Kit 4 de 
diabetes para pacientes con diabetes tipo 2. en dosis moderada .

 

Ya que en el  paquete van las instrucciones de uso y su dosis segzn los niveles 
que presente de glucosa. 

 

Todos los envmos a domicilio son prepagados en banco y la mensajerma corre por 
nuestra cuenta ya que es mas econsmica.

 

El Tratamiento  incluye:

 

10 frascos de corteza verde de neem

Cd-rom con la informacisn de la dieta

Cuidados del diabitico

Forma de Alimentacisn

Y el envis gratis a todo Mixico.

 

Bondades de este tratamiento:

 

La revitalizacisn del paciente, evitar llegar a la dialisis y restablecer el 
buen funcionamiento de los riqones, reactiva la actividad sexual y controla el 
nivel de azzcar en la sangre asm mismo evita el daqo vascular provocado por la 
diabetes y el abuso de farmacos como por ultimo la eliminacisn de problemas en 
la piel, vista , cansancio y resequedad en la boca .

 

Neem no solo ayuda al diabitico a normalizar su vida sexual sino tambien le  
garantiza la rehabilitacisn completa.

 

No se deje engaqar por productos de calidad herbolaria nuestros tratamientos 
tienen nivel farmaciutico. son importados de la India.

 

Diabetes

Dado que el neem es un tsnico y una revitalizador, funciona de manera efectiva 
en el tratamiento de la diabetes, como asm. 

 

Mas de una enfermedad que requiere el cambio de la dieta, la diabetes es la 
principal causa de ceguera en las personas edades veinticinco y setenta y 
cuatro, que tambiin los daqos nervios, los riqones, el escuchar y de los vasos 
sangumneos, que pueden incluso resultar en la pirdida de extremidades. 
Incurable, que puede ser tratada en una variedad de maneras. 

 

Algunos estudios han demostrado que la aplicacisn oral de  extractos de hoja de 
nim una reducida necesidad de insulina del paciente por entre 30 y 50 por 
ciento para nonkeytonic, la insulina rapida y sensible a la insulina la 
diabetes. dado que el neem se ha encontrado para reducir las necesidades de 
insulina hasta por el 50 por ciento, sin alterar los niveles de glucosa en la 
sangre, el gobierno de la india ha aprobado la venta de nim capsulas y 
comprimidos a travis de las farmacias y clmnicas para este fin. muchas de estas 
pmldoras estan hechas de pura esencia, hojas de nim en polvo. 

 

Estos tratamientos estan indicados con dosis y dieta alimentarma segzn cada 
caso. por favor detallar su padecimiento y sintomatologma para dar el mas 
adecuado de ellos.

 

Todos nuestros tratamientos estas aprobados y testados con mas de 1000 
pacientes diabiticos de mas de 3 aqos de padecer la enfermedad.

 

Lo mas interesante sobre el neem es que se ha demostrado que la corteza verde 
da bienestar eliminado las neuropatmas y malestares provocados por la diabetes 
de forma directa. asm lo demuestran pruebas en laboratorios alemanes los cuales 
hoy en dma estan formulando medicamentos en base a esta sustancia activa a 
costos altmsimos he inalcanzables para econommas emergentes.

 

El envis cuanto me cuesta y tiempo de entrega?

 

El costo de la mensajerma es total mente gratuita y el tiempo de entre 
dependiendo de la plaza o ciudad varia desde 48 a 24 hrs y la mensajerma que 
usamos son varias: dhl, estafeta, multipack y aeroflash. Con todas tenemos 
convenios.

 

Enviamos via email o telefsnica el nzmero de guma para que los pacientes puedan 
rastrear sus envmos.

 

Como uso el tratamiento?

Diabetes

4 capsulas. corteza neem diarias 5 meses maximo 6 capsulas 

dosis: 2 desayuno , 2 comida y 2 cena como maximo en otro caso se ser 4 
capsulas al dma 2 comida y 2 cena

nota: la posologma esta basada en una persona adulta,

 

Agregamos los datos de forma de pedido pago y envio.

--

 

Forma de pedidos

Envmenos sus datos completos:

- Nombre completo

- Direccisn de envio

- Telifono

- Celular

- Email

- Pedido

- Forma de pago

- Envio ocurre o a domicilio

 

Re: Novatel MC760 Virgin Mobile Broadband2Go

[David Coppa]

On Thu, Apr 22, 2010 at 3:44 PM, Ted Roby ted.r...@gmail.com wrote:
 Novatel (0x1410) makes an MC760 (0x6002) used by
 Virgin Mobile in their BroadBand2Go card.

...

 Still, I have no success yet in initiating ppp.
 I consider this as my own error, and suspect
 the device will operate as expected. My
 ppp script skills have diminished since the
 advent of DSL.

 First, here's my /usr/src/sys/dev/usb diffs:

The diff is ok.

Regarding your problem:
have you tried all ports?
Usually it can be /dev/cuaU0 or /dev/cuaU2

cheers,
David

Re: Novatel MC760 Virgin Mobile Broadband2Go

[Ted Roby]

On Thu, Apr 22, 2010 at 8:57 AM, David Coppa dco...@gmail.com wrote:


 The diff is ok.

 Regarding your problem:
 have you tried all ports?
 Usually it can be /dev/cuaU0 or /dev/cuaU2


Yes. But thank you for the confirmation.
I will continue troubleshooting my ppp syntax.

My pasting of ppp.conf and peers/virgin show
different devices because I failed to clean it
all up from testing, before I pasted here.

One LAN, two ISPs, route-to and sticky-address

[Gabriel Linder]

Hi,

I have two ISPs and a LAN. I need to load balance outgoing connections
from the LAN between the ISPs.

My router is running OpenBSD 4.6-stable, up-to-date.

  -
  |   |
ISP 1 ---(isp1 box)---+-ext1_if   |
  |   |
  |int_if-+--- LAN
  |   |
ISP 2 ---(isp2 box)---+-ext2_if   |
  |   |
  -
   OpenBSD 

int_if - interface to LAN
int_net - 192.168.0.0/24

ext1_if - interface to ISP 1 (192.168.1.2)
ext1_gw - ISP 1 gateway (192.168.1.1)

ext2_if - interface to ISP 2 (192.168.2.2)
ext2_gw - ISP 2 gateway (192.168.2.1)

There is no default route (empty /etc/mygate).

Following http://www.openbsd.org/faq/pf/pools.html#outgoing I ended up
with the following :

---sysctl.conf---
net.inet.ip.forwarding=1
---sysctl.conf---

---pf.conf---
set debug loud
set block-policy return
#set optimization aggressive
#set timeout src.track 300
set skip on lo

nat log on $ext1_if from $int_net - ($ext1_if)
nat log on $ext2_if from $int_net - ($ext2_if)

block log 

pass in log on $int_if route-to \
{ ($ext1_if $ext1_gw), ($ext2_if $ext2_gw) } \
from $int_net

pass in log on $int_if from $int_net to $int_if

pass out log 
pass out log on $ext1_if route-to ($ext2_if $ext2_gw) from $ext2_if
pass out log on $ext2_if route-to ($ext1_if $ext1_gw) from $ext1_if
---pf.conf---

Everything works fine with this setup but https and some ftp servers are
very sensitive to IP changes, so I did add sticky-address to bind a
connection to an ISP and fix this issue :

pass in log on $int_if route-to \
{ ($ext1_if $ext1_gw), ($ext2_if $ext2_gw) } sticky-address \
from $int_net

This works when only one PC open a connection. When another PC open
a connection the first one has no longer access to the internet. After
some time in tcpdump and /var/log/messages, it seems because packets
are routed to the wrong interface.

/var/log/messages analysis :

192.168.0.78 tries a connection :
/bsd: pf_map_addr: selected address 192.168.2.1
/bsd: pf_map_addr: selected address 192.168.2.2
/bsd: pf_map_addr: src tracking maps 192.168.0.78 to 192.168.2.1
/bsd: pf_map_addr: src tracking maps 192.168.0.78 to 192.168.2.2
/bsd: pf_map_addr: src tracking maps 192.168.0.78 to 192.168.2.1
/bsd: pf_map_addr: src tracking maps 192.168.0.78 to 192.168.2.2

Looks ok, now 192.168.0.29 tries a connection too :
/bsd: pf_map_addr: selected address 192.168.1.1
/bsd: pf_map_addr: selected address 192.168.1.2
/bsd: pf_map_addr: src tracking maps 192.168.0.29 to 192.168.1.1
/bsd: pf_map_addr: src tracking maps 192.168.0.29 to 192.168.1.2
/bsd: pf_map_addr: src tracking maps 192.168.0.29 to 192.168.1.1
/bsd: pf_map_addr: src tracking maps 192.168.0.29 to 192.168.1.2

Looks good, now 192.168.0.78 retries a connection :
/bsd: pf_map_addr: src tracking maps 192.168.0.78 to 192.168.2.1
/bsd: pf_map_addr: selected address 192.168.1.2
[and that's all]

This is confirmed by tcpdump (on pflog0, bge0, em0 and em1) : the
packets are routed to the wrong interface. Three SYN are sent, then
client bail out. Tests were quickly done, so there is no state/track
timeout here.

Is there something I am doing wrong ?

Re: newbie help with PF. block all, then allowing port 22 doesnt work.

[Andres Salazar]

Hello,

Yes it loaded properly. Yes I had missied the macro for the external
NIC it is included in the original ruleset. t_externa = fxp0


This is the result for pfctl -sr:

match in all scrub (no-df)
block drop all
pass out all flags S/SA keep state
pass out quick on fxp0 inet proto tcp from (fxp0) to 208.67.222.220
port = domain flags S/SA keep state
pass out quick on fxp0 inet proto tcp from (fxp0) to 208.67.222.222
port = domain flags S/SA keep state
pass out quick on fxp0 inet proto tcp from (fxp0) to 4.2.2.1 port =
domain flags S/SA keep state
pass out quick on fxp0 inet proto tcp from (fxp0) to 4.2.2.2 port =
domain flags S/SA keep state
pass out quick on fxp0 inet proto udp from (fxp0) to 208.67.222.220
port = domain keep state
pass out quick on fxp0 inet proto udp from (fxp0) to 208.67.222.222
port = domain keep state
pass out quick on fxp0 inet proto udp from (fxp0) to 4.2.2.1 port =
domain keep state
pass out quick on fxp0 inet proto udp from (fxp0) to 4.2.2.2 port =
domain keep state
pass in quick on fxp0 inet proto tcp from any to (fxp0) port = ssh
flags S/SA keep state
pass in quick on fxp0 inet proto tcp from any to (fxp0) port = 8080
flags S/SA keep state
pass in quick on fxp0 inet proto udp from any to (fxp0) port = ssh keep state
pass in quick on fxp0 inet proto udp from any to (fxp0) port = 8080 keep
state
pass out quick on fxp0 inet proto tcp from (fxp0) to any port = www
flags S/SA modulate state
pass out quick on fxp0 inet proto tcp from (fxp0) to any port = https
flags S/SA modulate state
pass out inet proto icmp all icmp-type echoreq keep state
pass out inet proto icmp all icmp-type unreach keep state



As soon as I hit pfctl -f /etc/pf.conf and pfctl -e iam locked and I
cannot SSH in from the outside.

Where am I blocking port SSH in? :(

Andres


On Wed, Apr 21, 2010 at 9:45 PM, Daniel Ouellet dan...@presscom.net wrote:
   ## Traffic IN
   pass in log quick on $t_externa inet proto { tcp, udp } from any
 to ($t_externa) \
  port { 22  8080 } keep state

 In your pf configuration it doesn't show where you actually define the
macro
 for your interface $t_externa.

 Are you sure the rules you run are what you think they are.

 Did it load properly and may be you want to check the rules as active with

 pfctl -sr

 And check that display. I think you may find what you are looking for.

 Compare your pf.conf with what you actually see in pfctl -sr and you will
 work your issue out.

 Best,

 Daniel

Re: newbie help with PF. block all, then allowing port 22 doesnt work.

[Allie Daneman]

Why are you doing from any to (fxp0) ? That's your problem. Change all 
the rules like that to from any to any since you're already putting 
the rule on that interface and it should fix you up. As long as you're 
not redirecting you can turn logging on specific rules and see why 
they're blocking as well if that doesn't fix your issue.


Andres Salazar wrote:

Hello,

Yes it loaded properly. Yes I had missied the macro for the external
NIC it is included in the original ruleset. t_externa = fxp0


This is the result for pfctl -sr:

match in all scrub (no-df)
block drop all
pass out all flags S/SA keep state
pass out quick on fxp0 inet proto tcp from (fxp0) to 208.67.222.220
port = domain flags S/SA keep state
pass out quick on fxp0 inet proto tcp from (fxp0) to 208.67.222.222
port = domain flags S/SA keep state
pass out quick on fxp0 inet proto tcp from (fxp0) to 4.2.2.1 port =
domain flags S/SA keep state
pass out quick on fxp0 inet proto tcp from (fxp0) to 4.2.2.2 port =
domain flags S/SA keep state
pass out quick on fxp0 inet proto udp from (fxp0) to 208.67.222.220
port = domain keep state
pass out quick on fxp0 inet proto udp from (fxp0) to 208.67.222.222
port = domain keep state
pass out quick on fxp0 inet proto udp from (fxp0) to 4.2.2.1 port =
domain keep state
pass out quick on fxp0 inet proto udp from (fxp0) to 4.2.2.2 port =
domain keep state
pass in quick on fxp0 inet proto tcp from any to (fxp0) port = ssh
flags S/SA keep state
pass in quick on fxp0 inet proto tcp from any to (fxp0) port = 8080
flags S/SA keep state
pass in quick on fxp0 inet proto udp from any to (fxp0) port = ssh keep state
pass in quick on fxp0 inet proto udp from any to (fxp0) port = 8080 keep
state
pass out quick on fxp0 inet proto tcp from (fxp0) to any port = www
flags S/SA modulate state
pass out quick on fxp0 inet proto tcp from (fxp0) to any port = https
flags S/SA modulate state
pass out inet proto icmp all icmp-type echoreq keep state
pass out inet proto icmp all icmp-type unreach keep state



As soon as I hit pfctl -f /etc/pf.conf and pfctl -e iam locked and I
cannot SSH in from the outside.

Where am I blocking port SSH in? :(

Andres


On Wed, Apr 21, 2010 at 9:45 PM, Daniel Ouellet dan...@presscom.net wrote:
  

  ## Traffic IN
  pass in log quick on $t_externa inet proto { tcp, udp } from any
to ($t_externa) \
 port { 22  8080 } keep state
  

In your pf configuration it doesn't show where you actually define the


macro
  

for your interface $t_externa.

Are you sure the rules you run are what you think they are.

Did it load properly and may be you want to check the rules as active with

pfctl -sr

And check that display. I think you may find what you are looking for.

Compare your pf.conf with what you actually see in pfctl -sr and you will
work your issue out.

Best,

Daniel

Re: Novatel MC760 Virgin Mobile Broadband2Go

[Stuart Henderson]

On 2010-04-22, Ted Roby ted.r...@gmail.com wrote:
 On Thu, Apr 22, 2010 at 8:57 AM, David Coppa dco...@gmail.com wrote:


 The diff is ok.

 Regarding your problem:
 have you tried all ports?
 Usually it can be /dev/cuaU0 or /dev/cuaU2


 Yes. But thank you for the confirmation.
 I will continue troubleshooting my ppp syntax.

 My pasting of ppp.conf and peers/virgin show
 different devices because I failed to clean it
 all up from testing, before I pasted here.



Take it step by step.

Typically one or more ports are only for monitoring the connection
and you cannot connect or send active commands.

So connect to each port in turn.

See if you can find one which doesn't respond to your commands
with an error response.

Ideally you're looking for being able to do something like this:

# cu -l /dev/cuaU2
AT+CGDCONT=1,IP,ap name
OK
ATD*99***1#
CONNECT ...

Don't bother attempting PPP until you see CONNECT.

If possible try connecting from Windows too. Sometimes doing
this once can clear things for connecting from other OS.

Re: Source Overview

[Daniel Ouellet]

Neither are you, so why does that matter?


Never said on imply I was.

If you got a different feeling, my deepest apology to you Claudio!

Best,

Daniel

Este mayo...

[Claudia Enriquez]

http://larosa.com.mx/catalogo/promocion-mayo-p-273.html

[demime 1.01d removed an attachment of type application/octet-stream which had 
a name of MAYOPROMO2.jpg]

Εξοφλήστε τα αεροπορικά σας εισιτήρια σε έως 6 άτοκες δόσεις

[Cosmos-GRS newsletter]

 NN5 VISA card ON5 3 N,ON?N:N5O N4OON5N9O
 NN5 MASTER card ON5 3 N,ON?N:N5O N4OON5N9O
 NN5 AMERICAN EXPRESS ON5 6 N,ON?N:N5O N4OON5N9O

** **

**NN9 NNON?O
N9N:N-O N5ON1N9O
N5N/N5O NON?O
N?O
N= N=N1
ON;N7O
ON=N?ON= N:N1N9 NN5 3/4NN7N=N5O N5ON9ON1N3N-O**

**NN1N9 N5ON/ ON;N-N?N=,OON?N9 N1N3N?O
N,N6N?ON= N1ON?
N5NN,O,N1N=N,N;N?N3N1 NN5 ON?N= N5ON.ON9N?
N$N1NN9N4N9O   ON9N:O ON?OO ON6N/O
N? ON1N/O
N=N?ON= N:N1N9
ON1 N1N:ON;N?ON8N1 NN)N!N**

***NNN?N4N1 N$N1NN9N4N/O N= 1.000-2.000 b, ON?N= OO
ON=N?***

* *

 1 NN)N!NNN NN5O
N?ON?O
N9N:O N5N9ON9ON.O
N9N?
N5OO   ON5O
N9N:N?O
 NN5 N5ON9OOO
N?ON.
 NON9OOO
N?ON. 1% ON?O ON6N/O
N?O ON5 NN5OO
N7ON,

NN7ON.OON5 NN1O ON? N1N=N,N;N?N3N? NNNN)N$NNN
N#N%NNN)NNN$NNN OON? 210 9226930

***NNN?N4N1 N$N1NN9N4N/O N= 2.000-5.000 b, ON?N= OO
ON=N?***

 2 NN)N!NNN NN5O
N?ON?O
N9N:N, N5N9ON9ON.O
N9N1
N5OO   ON5O
N9N:N?O
 NN5 N5ON9OOO
N?ON.
 NON9OOO
N?ON. 1% ON?O ON6N/O
N?O ON5 NN5OO
N7ON,

NN7ON.OON5 NN1O ON? N1N=N,N;N?N3N? NNNN)N$NNN
N#N%NNN)NNN$NNN N1ON? 210 9226930

***NNN?N4N1 N$N1NN9N4N/O N= 5.000-10.000 b, ON?N= OO
ON=N?***

* * 

 3 NN)N!NNN NN5O
N?ON?O
N9N:N, N5N9ON9ON.O
N9N1
N5OO   ON5O
N9N:N?O
 NN5 N5ON9OOO
N?ON. N. 2 N5N9ON9ON.O
N9N1
NOO
OON7O 
 NON9OOO
N?ON. 1% ON?O ON6N/O
N?O ON5 NN5OO
N7ON,

NN7ON.OON5 NN1O ON? N1N=N,N;N?N3N? NNNN)N$NNN
N#N%NNN)NNN$NNN OON? 210 9226930

***NNN?N4N1 N$N1NN9N4N/O N= 10.000-30.000 b, ON?N= OO
ON=N?***

 4 NN)N!NNN NN5O
N?ON?O
N9N:N, N5OO   ON5O
N9N:N?O
 NN5
N5ON9OOO
N?ON. N. 2 N5N9ON9ON.O
N9N1 NOO
OON7O +1
N5OO   ON5O
N9N:N?O
 
 NON9OOO
N?ON. 1,2% ON?O ON6N/O
N?O OON? ON-N;N?O ON?O
OO
ON=N?O ON5 NN5OO
N7ON,

NN7ON.OON5 NN1O ON? N1N=N,N;N?N3N? NNNN)N$NNN
N#N%NNN)NNN$NNN OON? 210 9226930

***NNN?N4N1 N$N1NN9N4N/O N= 30.000-70.000 b, ON?N= OO
ON=N?***

* * 

 5 NN)N!NNN NN5O
N?ON?O
N9N:N, N5N9ON9ON.O
N9N1 NN5
N5ON9OOO
N?ON. N. 2 N5N9ON9ON.O
N9N1 NOO
OON7O +1
N5OO   ON5O
N9N:N?O

 NON9OOO
N?ON. 1,2% ON?O ON6N/O
N?O OON? ON-N;N?O ON?O
OO
ON=N?O ON5 NN5OO
N7ON,

NN7ON.OON5 NN1O ON? N1N=N,N;N?N3N? NNNN)N$NNN
N#N%NNN)NNN$NNN OON? 210 9226930

***NNN?N4N1 N$N1NN9N4N/O N= 70.000-120.000 b, ON?N=
OO
ON=N?***

* * 

 6 NN)N!NNN NN5O
N?ON?O
N9N:N, N5OO   ON5O
N9N:N?O
 NN5
N5ON9OOO
N?ON. N. 3 N5N9ON9ON.O
N9N1 NOO
OON7O
 1 NN)N!NNN N%ON5O
N1ON;N1N=ON9N:O N5N9ON9ON.O
N9N?
 1 NN)N!NNN N$N!NNNNN!N OON7N=
NOO
OON7(N1N5O
N?ON?O
N9N:N,
N5N9ON9ON.O
N9N1+NN5N=N?N4N?ON5N/N?)
 NON9OOO
N?ON. 1,5% ON?O ON6N/O
N?O OON? ON-N;N?O ON?O
OO
ON=N?O ON5 NN5OO
N7ON,

NN7ON.OON5 NN1O ON? N1N=N,N;N?N3N? NNNN)N$NNN
N#N%NNN)NNN$NNN OON? 210 9226930
* *

***NNN?N4N1 N$N1NN9N4N/O N= 120.000-300.000 b, ON?N=
OO
ON=N?***

* * 

 7 NN)N!NNN NN5O
N?ON?O
N9N:N, N5OO   ON5O
N9N:N?O
 NN5
N5ON9OOO
N?ON. N. 3 N5N9ON9ON.O
N9N1 NOO
OON7O
 2 NN)N!NNN N%ON5O
N1ON;N1N=ON9N:N, N5N9ON9ON.O
N9N1
 2 NN)N!NNN N$N!NNNNN!N OON7N=
NOO
OON7(N1N5O
N?ON?O
N9N:N, N5N9ON9ON.O
N9N1 +
NN5N=N?N4N?ON5N/N?)
 NON9OOO
N?ON. 1,8% ON?O ON6N/O
N?O OON? ON-N;N?O ON?O
OO
ON=N?O ON5 NN5OO
N7ON,

NN7ON.OON5 NN1O ON? N1N=N,N;N?N3N? NNNN)N$NNN
N#N%NNN)NNN$NNN OON? 210 9226930

**COSMOS ONLINE**

**3,N#ON3N3O
N?O
 11743 NN8N.N=N1

**

**tel 210 9249200-5

**

**fax 210 9249206

**

**e-mail:cosm...@otenet.gr 

**

**www.taxidepse.gr **



NN9N1 N1OOONN1ON7 N4N9N1N3O
N1ON. N1OO ON7 N;N/OON1
ON1O
N1N;N7OOON=, ON1ON.OON5 
http://mailer2.cosmosonline.gr/?p=unsubscribeuid=90fa2e6478760fb0b553ef5a6c432cb2


--
Powered by PHPlist, www.phplist.com --

Re: newbie help with PF. block all, then allowing port 22 doesnt work.

[Alexander Hall]

On 04/22/10 18:22, Allie Daneman wrote:
 Why are you doing from any to (fxp0) ? That's your problem. Change all

I fail to see why that would cause any issues. Care to elaborate?

/Alexander

 the rules like that to from any to any since you're already putting
 the rule on that interface and it should fix you up. As long as you're
 not redirecting you can turn logging on specific rules and see why
 they're blocking as well if that doesn't fix your issue.
 
 Andres Salazar wrote:
 Hello,

 Yes it loaded properly. Yes I had missied the macro for the external
 NIC it is included in the original ruleset. t_externa = fxp0


 This is the result for pfctl -sr:

 match in all scrub (no-df)
 block drop all
 pass out all flags S/SA keep state
 pass out quick on fxp0 inet proto tcp from (fxp0) to 208.67.222.220
 port = domain flags S/SA keep state
 pass out quick on fxp0 inet proto tcp from (fxp0) to 208.67.222.222
 port = domain flags S/SA keep state
 pass out quick on fxp0 inet proto tcp from (fxp0) to 4.2.2.1 port =
 domain flags S/SA keep state
 pass out quick on fxp0 inet proto tcp from (fxp0) to 4.2.2.2 port =
 domain flags S/SA keep state
 pass out quick on fxp0 inet proto udp from (fxp0) to 208.67.222.220
 port = domain keep state
 pass out quick on fxp0 inet proto udp from (fxp0) to 208.67.222.222
 port = domain keep state
 pass out quick on fxp0 inet proto udp from (fxp0) to 4.2.2.1 port =
 domain keep state
 pass out quick on fxp0 inet proto udp from (fxp0) to 4.2.2.2 port =
 domain keep state
 pass in quick on fxp0 inet proto tcp from any to (fxp0) port = ssh
 flags S/SA keep state
 pass in quick on fxp0 inet proto tcp from any to (fxp0) port = 8080
 flags S/SA keep state
 pass in quick on fxp0 inet proto udp from any to (fxp0) port = ssh
 keep state
 pass in quick on fxp0 inet proto udp from any to (fxp0) port = 8080 keep
 state
 pass out quick on fxp0 inet proto tcp from (fxp0) to any port = www
 flags S/SA modulate state
 pass out quick on fxp0 inet proto tcp from (fxp0) to any port = https
 flags S/SA modulate state
 pass out inet proto icmp all icmp-type echoreq keep state
 pass out inet proto icmp all icmp-type unreach keep state



 As soon as I hit pfctl -f /etc/pf.conf and pfctl -e iam locked and I
 cannot SSH in from the outside.

 Where am I blocking port SSH in? :(

 Andres


 On Wed, Apr 21, 2010 at 9:45 PM, Daniel Ouellet dan...@presscom.net
 wrote:
  
   ## Traffic IN
   pass in log quick on $t_externa inet proto { tcp, udp } from any
 to ($t_externa) \
  port { 22  8080 } keep state
   
 In your pf configuration it doesn't show where you actually define the
 
 macro
  
 for your interface $t_externa.

 Are you sure the rules you run are what you think they are.

 Did it load properly and may be you want to check the rules as active
 with

 pfctl -sr

 And check that display. I think you may find what you are looking for.

 Compare your pf.conf with what you actually see in pfctl -sr and you
 will
 work your issue out.

 Best,

 Daniel

Re: maia in openbsd 4.6

[Helmut Schneider]

Steve Shockley wrote:

 On 4/22/2010 1:02 AM, sonjaya wrote:
  i have problem installed maia in openbsd 4.6 , problem module perl
  file(1).
 
 http://marc.info/?m=126887732124225
 
 Please test and let me know how it goes.  I fixed this by just
 removing the check.  Now that I'm actually looking at it more, I
 think maybe that regex (\-([0-9\.]+)) is looking for X.Y rather
 than X.YY, but I'm terrible with regex so I could be mistaken.

Actually it matches any string containing a minus followed by 1 or more
digits or dots, e.g. file-4.24 but also file-..

I'd use -(\d+\.)+\d+.

Helmut

-- 
No Swen today, my love has gone away
My mailbox stands for lorn, a symbol of the dawn

cwm: cycle in group

[Alexander Polakov]

Hi there!

 I think it's very convenient to cycle through windows in a group.
 So I made a quick patch to demonstrate this feature [1].
 If you think it's nice and useful, I can rewrite client_cycleingroup()
 to use a flag for client_cycle(), make documentation and so.

 [1] http://plhk.ru/static/misc/cwm-cycle-in-a-group.diff

-- 
Alexander Polakov | plhk.ru

Re: carp(4) on top of trunk(4) with IP balancing causes MASTER-MASTER

[Tomoyuki Sakurai]

On Tue, Apr 20, 2010 at 8:17 AM, Tomoyuki Sakurai
tomoyu...@reallyenglish.com wrote:

 Failover works, IP balancing doesn't.

Trying to make it work, tweaking every possible options.
Then, you set wrong advskew in the process... #fail

Failover works.
IP balancing DOES work.

Sorry for the noise
-- 
Tomoyuki Sakurai

Re: maia in openbsd 4.6

[Steve Shockley]

On 4/22/2010 6:38 PM, Helmut Schneider wrote:

Actually it matches any string containing a minus followed by 1 or more
digits or dots, e.g. file-4.24 but also file-..

I'd use -(\d+\.)+\d+.


Thanks.  It appears it's not the regex that's the problem, apparently 
file changed the output of file -v from stdout to stderr between 4.21 
and 4.24:


@@ -279,9 +257,9 @@ main(int argc, char *argv[])
flags |= MAGIC_DEVICES;
break;
case 'v':
-   (void)fprintf(stdout, %s-%d.%.2d\n, __progname,
+   (void)fprintf(stderr, %s-%d.%.2d\n, __progname,
   FILE_VERSION_MAJOR, patchlevel);
-   (void)fprintf(stdout, magic file from %s\n,
+   (void)fprintf(stderr, magic file from %s\n,
   magicfile);
return 1;
case 'z':

Pointer from a comment in 
http://www.rasyid.net/2008/04/02/file1-na-not-installed-required-by-maia-mailguard/.

PARA EL AFEITADO CLASICO...

[Contacto Juveness]

Hola Mi nombre es Pilar Zanella, directora general de Juveness Mexicana.
Me pongo en contacto contigo para hacerte llegar un nuevo concepto en
cosmitica masculina. El concepto de belleza masculina ha sufrido un cambio
asombroso en los zltimos aqos, consciente de aquellos factores que afectan de
forma negativa la piel masculina -contaminacisn ambiental, falta de ejercicio
fmsico, exceso de trabajo, estris y consumo inadecuado de tabaco y alcohol-
asume la importancia de cremas faciales propias para hombres y elabora
Juveness Homme crema facial y como complemento para una rutina completa de
belleza ponemos a tus ordenes jabones para el afeitado clasico de azufre y
menta.
Solicita una muestra sin costo o vismtanos en nuestro comercio electrsnico 
http://juveness.com/sales aceptamos todas las tarjetas de cridito, durante el
mes de mayo en la compra de una crema de hombre, te obsequiamos un jabsn
artesanal.
Espero tus comentarios,

Saludos Cordiales,
Pilar Zanella Bretrn
www.juveness.com
pilarzane...@msn.com
pilarzane...@juveness.com
01800-50-69-855
22.22.60.60.53
52*243788*5


MAILS ANTI SPAM Usted recibe este correo porque realizs algzn evento con
nosotros o fue recomendado por un cliente que se ha beneficiado con alguno de
nuestros productos  y ha pensado en Ud. para compartir esta informacisn. Si
desea ser removido definitivamente de nuestra lista de contactos, reenvme este
correo con el asunto: ELIMINAR MI CONTACTO y su solicitud sera procesada en
breve. Por el contrario, si desea recibir una muestra gratis s mas
informacisn, actualice sus datos, y reenvme este correo con el asunto: DATOS
ACTUALIZADOS. Este mensaje se envma con la complacencia de la nueva
legislacisn sobre correo electrsnico: Por seccisn 301, parrafo (a)(2)(C) de
S.1618 Bajo el decreto S.1618 titulo 3ro. Aprobado por el 105 congreso base de
las normativas internacionales sobre SPAM, este E-mail no podra ser
considerado SPAM mientras incluya una forma de ser removido.

Re: newbie help with PF. block all, then allowing port 22 doesnt work.

[Andres Salazar]

Hello,

THat solved the issue but I have about 20 rulesets that have the same
syntax. I dont see anything yet also about this.

Please elaborate.

Andres

On Thu, Apr 22, 2010 at 3:59 PM, Alexander Hall alexan...@beard.se wrote:
 On 04/22/10 18:22, Allie Daneman wrote:
 Why are you doing from any to (fxp0) ? That's your problem. Change all

 I fail to see why that would cause any issues. Care to elaborate?

 /Alexander

 the rules like that to from any to any since you're already putting
 the rule on that interface and it should fix you up. As long as you're
 not redirecting you can turn logging on specific rules and see why
 they're blocking as well if that doesn't fix your issue.

 Andres Salazar wrote:
 Hello,

 Yes it loaded properly. Yes I had missied the macro for the external
 NIC it is included in the original ruleset. t_externa = fxp0


 This is the result for pfctl -sr:

 match in all scrub (no-df)
 block drop all
 pass out all flags S/SA keep state
 pass out quick on fxp0 inet proto tcp from (fxp0) to 208.67.222.220
 port = domain flags S/SA keep state
 pass out quick on fxp0 inet proto tcp from (fxp0) to 208.67.222.222
 port = domain flags S/SA keep state
 pass out quick on fxp0 inet proto tcp from (fxp0) to 4.2.2.1 port =
 domain flags S/SA keep state
 pass out quick on fxp0 inet proto tcp from (fxp0) to 4.2.2.2 port =
 domain flags S/SA keep state
 pass out quick on fxp0 inet proto udp from (fxp0) to 208.67.222.220
 port = domain keep state
 pass out quick on fxp0 inet proto udp from (fxp0) to 208.67.222.222
 port = domain keep state
 pass out quick on fxp0 inet proto udp from (fxp0) to 4.2.2.1 port =
 domain keep state
 pass out quick on fxp0 inet proto udp from (fxp0) to 4.2.2.2 port =
 domain keep state
 pass in quick on fxp0 inet proto tcp from any to (fxp0) port = ssh
 flags S/SA keep state
 pass in quick on fxp0 inet proto tcp from any to (fxp0) port = 8080
 flags S/SA keep state
 pass in quick on fxp0 inet proto udp from any to (fxp0) port = ssh
 keep state
 pass in quick on fxp0 inet proto udp from any to (fxp0) port = 8080 keep
 state
 pass out quick on fxp0 inet proto tcp from (fxp0) to any port = www
 flags S/SA modulate state
 pass out quick on fxp0 inet proto tcp from (fxp0) to any port = https
 flags S/SA modulate state
 pass out inet proto icmp all icmp-type echoreq keep state
 pass out inet proto icmp all icmp-type unreach keep state



 As soon as I hit pfctl -f /etc/pf.conf and pfctl -e iam locked and I
 cannot SSH in from the outside.

 Where am I blocking port SSH in? :(

 Andres


 On Wed, Apr 21, 2010 at 9:45 PM, Daniel Ouellet dan...@presscom.net
 wrote:

   ## Traffic IN
   pass in log quick on $t_externa inet proto { tcp, udp } from any
 to ($t_externa) \
  port { 22  8080 } keep state

 In your pf configuration it doesn't show where you actually define the

 macro

 for your interface $t_externa.

 Are you sure the rules you run are what you think they are.

 Did it load properly and may be you want to check the rules as active
 with

 pfctl -sr

 And check that display. I think you may find what you are looking for.

 Compare your pf.conf with what you actually see in pfctl -sr and you
 will
 work your issue out.

 Best,

 Daniel

VPN between OpenBSD Gateway and a mac

[openbsd]

Hi,

At work, we use OpenBSD as a gateway (PF for firewalling, and Vpn using
(ipsec.conf file and isakmpd -K).
We have 2 companies connected in vpn with our OpenBSD Box. All works fine.

Now, i wish to connect at work from my home using a Mac (MAC OS 10.6), but
i don't know how to configure it.
On mac os, i can connect me on a vpn using : 
- pptp
- L2TP using ipsec
- cisco ipsec

If someone can help me. Or perhaps i need to use ssh -w ? But how it works
?
Thank's

Any CD's shown up?

[André]

Any CD's shown up? Especially in Europe?

Andri
--