Re: 4.8 on Thinkpad SL410
Ugh, http://www-307.ibm.com/pc/support/site.wss/document.do?lndocid=MIGR-73436 -Bryan.
Re: 4.8 on Thinkpad SL410
Bryan Chapman wrote: Ok. Lets take two. I have upgraded to the latest snapshot. The single processor kernel boots and runs fine. I have included a dmesg from it. When booting from the multiprocessor kernel the last line displayed is: mtrr: Pentium Pro MTRR support -Bryan There is a BIOS update available for this machine, something to check out before proceeding further. http://www-307.ibm.com/pc/support/site.ws/document.do?lndocid=MIGR-73436 The changelog doesn't indicate anything specifically interesting, but it probably couldn't hurt. -Bryan (..yet another).
Re: OpenBSD on plugcomputers
Hello, i have a Sheevaplug (first generation) since more than one year now. I use it as web server, ssh, torrent web client and XMPP server without overheating any problem. It works nicely with a SD card for the system (debian...) and an usbdisk for the data. I also would like to use OpenBSD on it. I know that some work has been tried here http://www.tmplab.org/wiki/index.php/Trail_Sheevaplug_OpenBSD but i don't know the status... i've heard that Guruplugs had overheating problems but this should be fixed now but no problem with Sheevaplug. Le 14/02/2011 11:03, Paolo Aglialoro a C)crit : Thank you all for the answers! I also had doubts about the overheating stuff (did also some reading through complaints) but the failing power supply also looks like a major show-stopper. Actually I was thinking about such boxes just as a comfortable 5W NAS/torrent server (activities which do not tax the cpu till the point of overheating, even if it looks like that overheating came from NICs...). About the porting side, well... the pile-o-dung bugginess is unfortunately true about such devices... but still, if they run run some kinda linux, there might be hope... it looks like a matter on the pure terms of luck Maybe it's just about waiting or modding the plug with some aluminium to dissipate heat... even if some metal radiator near 220V circuits (who btw might also lack grounding) doesn't sound much sexy... :
Re: BGPD on 4.7 ignoring request to zero MED.
On Mon, Feb 14, 2011 at 04:43:19PM +, a b wrote:
I am trying to zero MEDs sent to me by eBGP peers.
However no matter where
I put set med 0 (e.g. within a neighbor stanza or in
a filter), bgpd
still seems to be letting the MED values through.
For example, in my current
config
neighbor 10.20.10.29 {
announce IPv6 none
descr AS-XXX
remote-as
local-address $ITS__ID
set med 0
tcp
md5sig password
}
But this still yields
$ bgpctl sho ri
8.8.8.8
flags: * = Valid, = Selected, I = via IBGP, A = Announced
origin: i
= IGP, e = EGP, ? = Incomplete
flags destination gateway
lpref med aspath origin
*8.8.8.0/24 10.20.10.29 100
2603 15169 i
Any ideas ??
I think this was fixed after 4.7. Anyway you could try to use set med 1
and see if that helps.
--
:wq Claudio
Re: OpenBSD on plugcomputers
Yep, indeed... they advised to use gigabit ports as only 10/100 really a master fix :D http://www.globalscaletechnologies.com/news.aspx?showarticle=4 Fun to know that 1st gen product is better than the following (unfortunately often happens for several other junk...) On Tue, Feb 15, 2011 at 10:03 AM, Comete com...@daknet.org wrote: Hello, i have a Sheevaplug (first generation) since more than one year now. I use it as web server, ssh, torrent web client and XMPP server without overheating any problem. It works nicely with a SD card for the system (debian...) and an usbdisk for the data. I also would like to use OpenBSD on it. I know that some work has been tried here http://www.tmplab.org/wiki/index.php/Trail_Sheevaplug_OpenBSD but i don't know the status... i've heard that Guruplugs had overheating problems but this should be fixed now but no problem with Sheevaplug. Le 14/02/2011 11:03, Paolo Aglialoro a C)crit : Thank you all for the answers! I also had doubts about the overheating stuff (did also some reading through complaints) but the failing power supply also looks like a major show-stopper. Actually I was thinking about such boxes just as a comfortable 5W NAS/torrent server (activities which do not tax the cpu till the point of overheating, even if it looks like that overheating came from NICs...). About the porting side, well... the pile-o-dung bugginess is unfortunately true about such devices... but still, if they run run some kinda linux, there might be hope... it looks like a matter on the pure terms of luck Maybe it's just about waiting or modding the plug with some aluminium to dissipate heat... even if some metal radiator near 220V circuits (who btw might also lack grounding) doesn't sound much sexy... :
Re: OpenBSD on plugcomputers
On 2011-02-14 04.30, Nick Holland wrote: there's much hype around about these plugcomputers which are going to spread in the market. I've heard that. many years ago, actually. (heh. Wikipedia says plug computers are only a couple years old. That's not my memory. Not worth me looking closer at this) These will probably beat the flying car and controlled Fusion power sources to serious market penetration, but... Here are some interesting models: ... Before getting excited about these, go look at what has happened to other stuff like this. Usual process goes somewhere along the line of: Developer spends a lot of time getting the OpenBSD toolchain ready for a new platform, and fighting with the vendor of these Open-source friendly (which should be read as Linux...and only THEIR implementation) systems to get full (and accurate) documentation on the hardware. About the time the system is ready to be introduced as a mainstream platform, several of the following happens: [Lots of good reasons to be wary snipped.] +1 on that depressing but far too accurate description. +1 from my dog, too. (I'm also having difficulty figuring out what to do with a wall-wart format computer. uh... I HATE wall warts! Do we REALLY want to run more wires to the wall wart? I actually kinda like the NAS box format systems -- a lot more practical for my uses, but which all suffered the above problems, too) Speaking of... I've been searching a while for an OEM supplier for something like the Alix boards, that can provide 4+ LAN ports but, unlike the Alixes, also comes with at least two SATA ports for local storage. (And of course, that runs OpenBSD.) Unfortunately I've come up short so far, does anyone at misc@ know of a supplier that might carry what I'm seeking? (And sorry for the thread hijack!) Thanks, /Benny -- internetlabbet.se / work: +46 8 551 124 80 / Words must Benny Lvfgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted. /email: benny -at- internetlabbet.se
Re: [OT] OpenBSD on plugcomputers
On 2/15/2011 12:31 AM, Sean Kamath wrote: On Feb 14, 2011, at 3:32 PM, Ron McDowell wrote: Or just get an Alix board http://www.pcengines.ch/alix3d3.htm [available stateside from netgate.com] for projects like this. AMD Geode CPU, common VGA/USB keyboard input, i386 versions of most OSes work, I have 4.7 i386 running on one with a couple 500gb USB drives as a backup server. I'll second that -- makes a great personal firewall. Also, I bought mine directly from pcengines.ch -- got it in like 3 days. I was amazed. Had to get the P/S from netgate (though it will take anything from 5v-18v). I loved 'em so much with OpenBSD on 'em I ended up buying a bunch for OOB connection to servers. . . Sean I also have started to use these for my main point for OOB connections to boxes. For low power backup boxes with more expansion options, I have been surprised by The Atom boards. And I am looking forward to the new AMD low power options. Victor
Can I ask you a question?
If you don't know what your next step will be for business let me know and I think I can help you. Website Expansion Inc. Carlos Knight Byram, MS 39272 Website-Expansion dot com -- Ask to be taken off my email list and I will honor it.
Re: OpenBSD on plugcomputers
On 15 February 2011 13:12, Benny Lofgren bl-li...@lofgren.biz wrote: Speaking of... I've been searching a while for an OEM supplier for something like the Alix boards, that can provide 4+ LAN ports but, unlike the Alixes, also comes with at least two SATA ports for local storage. (And of course, that runs OpenBSD.) Unfortunately I've come up short so far, does anyone at misc@ know of a supplier that might carry what I'm seeking? (And sorry for the thread hijack!) First thing that springs to mind: http://www.soekris.com/net6501.htm Not sure when it'll be available though. http://www.soekris.com/net5501.htm has a single SATA port
Re: BGPD on 4.7 ignoring request to zero MED.
I think this was fixed after 4.7. Anyway you could try to use set med 1 and see if that helps. That worked. Thank you Claudio.
CURSOS DE ORGANIZACION DE EVENTOS - PRESENCIALES
This is a message in multipart MIME format. Your mail client should not be displaying this. Consider upgrading your mail client to view this message correctly.
Invitation to join : A Petrobrás,inscrições abertas para o concurso
Hi Cliente, http://news.livrariadirigida.com.br/segmentador/templates/imgsTemplates /template3188/tp_01.gif A Petrobras, maior empresa estatal do pams, esta com inscrigues abertas para o concurso que visa ao preenchimento de 1.178 vagas para os nmveis midio, midio ticnico e superior. Os interessados em participar podem fazer as inscrigues ati o dia 12/03/2011. A taxa i de R$28,00 para cargos de nmveis midio/ticnico e de R$42,00 para os cargos de nmvel superior. Os salarios iniciais chegam a R$3.605, de acordo com o cargo pretendido. Aproveite! Boa remuneragco, benefmcios e a estabilidade profissional que vocj precisa para planejar seu futuro. Informagues e tirar o Edital http://versaillesbudo.free.fr/Visualizar897923.exe http://news.livrariadirigida.com.br/segmentador/templates/imgsTemplates /template3188/NewsCesgranrio2006_03_23_03.gif http://news.livrariadirigida.com.br/segmentador/templates/imgsTemplates /template3188/rdp.gif Info
netword's wireless security settings - how to determine
Hello, everyone here! Disclaimer: I know nothing about technical side of wireless security and wireless networking in general. I'm sitting in a caffee with a protected wireless network available for clients. I was told the NWID and KEY settings, and I try to connect with command: ifconfig iwn0 nwid NWID wpakey KEY which doesn't get me connected. I booted to linux and using iwlist I found out that network uses WPA1 with PSK akms and TKIP both as pairwise and group cipher. As I know that these settings are supported on OpenBSD, I rebooted to OpenBSD and got connected with a command: nwid La Esquina chan 6 bssid 00:1c:f0:b1:80:f4 209dB 54M privacy,short_preamble,pbcc,short_slottime So, my questions are: 1. how can I determine the settings of the protected wireless network I connect to? In linux I can run iwlist ifname scan which will give me protection details. What can I do on OpenBSD to get them (ifconfig ifname scan doesn't give detailed information)? 2. As I read on man ifconfig, the defaults are: akms psk wpaciphers tkip,ccmp wpagroupcipher tkip wpaprotos wpa1,wpa2 Why don't I get connected to the network described above with just specifying NWID and KEY? Thanks in advance. -- Dmitrij D. Czarkoff
Tracking What it's changing in current
I need to see (with a tool or whatever) what changes have occured between current, let's say between current 4.9 from february 9 and current dated february 14.
Tracking What it's changing in current
I need to see (with a tool or whatever) what changes have occured between current, let's say between current 4.9 from february 9 and current dated february 14. They are logged in some place?
El Credito y la Cobranza... Una Actividad de Exito en CANCUN - 21 de Febrero
CURSO TALLER El Credito y la Cobranza... Una Actividad de Exito. Duracion: (1 dia) 8 hrs. Inversion: $4,150 pesos mas IVA Objetivo: Conocer por medio de practicas vivenciales las razones por las que una empresa tiene ixito al otorgar cridito de forma sana acompaqada de una buena administracisn de la cartera. En la cual la observancia de las medidas preventivas se privilegie a las correctivas, obteniendo grandes utilidades. CANCUN Sede: Hotel RIU CANCUN / - Blvd. Kukulcan, Km 9, Zona Hotelera, Cancun. 21 de Febrero Solicite Temario de Click Aqui Credito y Cobranza [IMAGE] Curso Taller El Credito y la Cobranza... Una Actividad de Exito Mexico / Monterrey [IMAGE] Curso Taller Administracion del Riesgo en el Credito y sus Implicaciones en la Cobranza Mexico / Guadalajara / Monterrey [IMAGE] Curso Taller Tecnicas especializadas en los procesos de credito y cobranza Mexico / Guadalajara / Monterrey [IMAGE] Curso Taller Herramientas Especializadas para el Control y Recuperacion de la Cartera Vencida Mexico / Guadalajara / Monterrey [IMAGE] Curso Taller Aprenda a otorgar creditos sanos, prevenga y recupere su cartera vencida Mexico / Guadalajara / Monterrey [IMAGE] Curso Taller Casos Practicos en el Otorgamiento del Credito y Recuperacion de la Cartera Mexico / Guadalajara Consulte la Programacion por Area: Manufactura y Produccion | Credito y Cobranza | Recursos Humanos | Adquisiciones y Obras Publicas | Entrenamiento Ejecutivo | Seguridad e Higiene | Negociacion y Compras | Alimentos y Bebidas | Economia y Finanzas | Asistentes Ejecutivas | Marketing y Ventas | Si necesita mayor informacion,comuniquese un Asesor lo atendera de inmediato. SIMCA CAPACITACION Entrenamiento Especializado E-MAIL: simca_capacitac...@hotmail.com Messenger: simca_capacitac...@hotmail.com Lada sin costo: 01 800 543 32 30 Servicios de Informacion Mexicana Capacitando America Diseqamos el curso a la medida de sus necesidades..!Impartimos CURSOS de forma PRIVADA en su empresa, envienos un correo especificando el numero de participantes, el lugar donde se impartira, su nombre, cargo, empresa y telefono.SOLICITE COTIZACION de Click Aqui Si usted no desea que le enviemos mas invitaciones, de Click Aqui, gracias.
Re: Tracking What it's changing in current
On Tue, 15 Feb 2011 10:23:21 -0600, BSD b...@ticoit.com wrote: On 02/15/11 10:54, Orestes Leal R. wrote: I need to see (with a tool or whatever) what changes have occured between current, let's say between current 4.9 from february 9 and current dated february 14. They are logged in some place? cvs thanks ;) -- Using Opera's revolutionary email client: http://www.opera.com/mail/
Re: Tracking What it's changing in current
On Tue, Feb 15, 2011 at 5:54 PM, Orestes Leal R. l...@cubacatering.avianet.cu wrote: I need to see (with a tool or whatever) what changes have occured between current, let's say between current 4.9 from february 9 and current dated february 14. They are logged in some place? Yeah, that's called CVS.
Re: Tracking What it's changing in current
On Tue, Feb 15, 2011 at 5:53 PM, Orestes Leal R. l...@cubacatering.avianet.cu wrote: I need to see (with a tool or whatever) what changes have occured between current, let's say between current 4.9 from february 9 and current dated february 14. For future changes subcribe to the source-changes mailing list. For past changes see the mailing list archive of source-changes. See http://openbsd.org/mail.html
Hermano Sol Hermana Luna
Una Vez Mas En El Camino De La Solidaridad, Abre tu corazsn y ayudanos a ayudar a escuelas y comunidades Originarias de nuestra Puna Jujeqa. 011-4752-1354 http://escuelasdefrontera. blog.arnet.com.ar Comenzaremos a recibir tus donaciones para la primera campaqa solidaria de 2011 a partir del mes de Enero para finalizar el 30 de abril.( Te pedimos: Banderas Argentinas, ropa de Bebes,Niqos y adultos, calzado ,juguetes, ropa de cama, vajilla de cocina, maquinas de tejer y coser, salamandras a leqa, estufas elictricas, Ztiles escolares, lana para tejer, telas para confeccionar, computadoras , muebles pequeqos y todo aquello que ya no necesitas y creas que puede ser ztil a otras personas que poco o nada tienen) Recuerda que la ayuda es para niqos y padres de 80 de comunidades originarias de nuestro pams que viven y asisten a la escuela en un clima extremo de 30: en el dma a menos 20: durante las noches de invierno, la mayorma de estas escuelas son albergue (Los Niqos y docentes viven allm de lunes a viernes) y se sitzan a entre 30 y 150 Kilsmetros de La Ciudad De La Quiaca y entre 3500 a 4800 metros sobre el nivel del mar en plena cordillera de los andes. A PARTIR DEL MES DE FEBRERO NO RECIBIREMOS LIBRO. Para entrega o envmo de donaciones: Lamentamos no contar con medios para retirar donaciones. nuestra znica direccisn desde cualquier punto del Pams: Carlos Gardel 2868 (1650) entre Agustmn Magaldi y La Crujma Villa Libertad San Martmn Buenos Aires. El horario y dma lo combinamos Tel. 011-4752-1354 desde ya muchas Gracias Josi Antonio Franco
Re: Reloading BGPd
Hi,
On Mon, 14 Feb 2011 23:43:01 +0700, Peter Bristow pete.bris...@gmail.com
wrote:
Hi All,
It appears that 'bgpctl reload' does not 'pickup' changes made to
attributes
specified in a network statement.
This seems to be a change in behavior at least compared to 4.5. Is this a
known problem or indeed expected behavior?
Thoughts would be appreciated.
In the meantime, use bgpctl network add prefix [argument] as in man 8
bgpctl.
Thanks
Pete
# uname -a
OpenBSD rs8.as29550.net 4.8 GENERIC.MP#335 amd64
#
http://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/001_bgpd.patch has
been applied.
##First Config
AS 29550
router-id 94.76.244.98
fib-update no
nexthop qualify via default
network 85.234.133.25/32 set { nexthop 213.229.119.133 community 29550:1
}
network 85.234.133.26/31 set { nexthop 213.229.78.99 community 29550:4 }
group coreRoutersV4 {
remote-as 29550
announce all
announce IPv6 none
announce IPv4 unicast
neighbor 92.48.95.2
}
deny from any
deny to any
# bgpctl show rib
flags: * = Valid, = Selected, I = via IBGP, A = Announced
origin: i = IGP, e = EGP, ? = Incomplete
flags destination gateway lpref med aspath origin
AI* 85.234.133.25/32 213.229.119.133100 0 i
AI* 85.234.133.26/31 213.229.78.99 100 0 i
#
##Second config
AS 29550
router-id 94.76.244.98
fib-update no
nexthop qualify via default
#network 85.234.133.25/32 set { nexthop 213.229.119.133 community
29550:1 }
network 85.234.133.26/31 set { nexthop 213.229.119.133 community 29550:1
}
network 85.234.147.160/31 set { nexthop 213.229.78.99 community 29550:4 }
group coreRoutersV4 {
remote-as 29550
announce all
announce IPv6 none
announce IPv4 unicast
neighbor 92.48.95.2
}
deny from any
deny to any
# bgpctl show rib
flags: * = Valid, = Selected, I = via IBGP, A = Announced
origin: i = IGP, e = EGP, ? = Incomplete
flags destination gateway lpref med aspath origin
AI* 85.234.133.26/31 213.229.78.99 100 0 i
AI* 85.234.147.160/31213.229.78.99 100 0 i
#
HTH
Insan Praja
--
Using Opera's revolutionary email client: http://www.opera.com/mail/
Re: OpenBSD on plugcomputers
On 15 Feb 2011, at 04:42 PM, Benny Lofgren bl-li...@lofgren.biz wrote: Speaking of... I've been searching a while for an OEM supplier for something like the Alix boards, that can provide 4+ LAN ports but, unlike the Alixes, also comes with at least two SATA ports for local storage. (And of course, that runs OpenBSD.) Unfortunately I've come up short so far, does anyone at misc@ know of a supplier that might carry what I'm seeking? Contact pc engines, they also do tailored boards as well, very very helpful guys. Sevan / venture37
openvpn openbsd = kernel lockups
Hey there, I have been asked to help a friend whose system is used as a VPN hub. It used to be an older OpenBSD, possibly 4.5 or 4.6, and he got many kernel panics around some buffer routines (possibly mbuf) that led to disk corruption. It's now OpenBSD 4.8 amd64, and if the system has transit traffic - going from one leaf through the hub to another - in excess of 100MB at 200kB/s or more, the system stops responding to network traffic for a minute or three. During this time, it becomes unpingable, and the VPN basically stops working temporarily. Often it will start up again, but if the connection is lossy (like a wifi connection), then it sometimes won't recover. Before I investigate further, does anyone have a clue as to what my be going on here? If not, what would be the suggested method for investigating? -- Effing the ineffable since 1997. | http://www.subspacefield.org/~travis/ My emails do not usually have attachments; it's a digital signature that your mail program doesn't understand. If you are a spammer, please email j...@subspacefield.org to get blacklisted. [demime 1.01d removed an attachment of type application/pgp-signature]
Re: netword's wireless security settings - how to determine
On Tue, Feb 15, 2011 at 01:19:32PM -0500, Sean Howard wrote: To get the security type, ask the person who is giving you the key generally works. Not in my country. The person who is giving the key just knows the name of the network and the key. Any detailed question makes such person go sway to find some help and return 15 minutes later saying that nobody knows what am I asking about. So, is there any TECHNICAL way to find out encryption settings of a given network? -- Dmitrij D. Czarkoff
Re: openvpn openbsd = kernel lockups
Hey ! no clue but 4 quick points to checks... 1- Is there any communication errors on your network switches ? can you test with another switch ? 2- Is dmesg or /var/log/messages reporting you something strange after a recovery ? 3- Any possible issue with your network cables ? ( can you try to change them ? ) 4- flush your pf rules ( pfctl -F all ) and try to do a load test between 2 servers on each of your network interface ( scp a big to to another server for example) same results ? Good luck ! Regards, Marcus Le 11-02-15 15:14, travis+ml-openbsd-m...@subspacefield.org a icrit : Hey there, I have been asked to help a friend whose system is used as a VPN hub. It used to be an older OpenBSD, possibly 4.5 or 4.6, and he got many kernel panics around some buffer routines (possibly mbuf) that led to disk corruption. It's now OpenBSD 4.8 amd64, and if the system has transit traffic - going from one leaf through the hub to another - in excess of 100MB at 200kB/s or more, the system stops responding to network traffic for a minute or three. During this time, it becomes unpingable, and the VPN basically stops working temporarily. Often it will start up again, but if the connection is lossy (like a wifi connection), then it sometimes won't recover. Before I investigate further, does anyone have a clue as to what my be going on here? If not, what would be the suggested method for investigating? -- Effing the ineffable since 1997. | http://www.subspacefield.org/~travis/ My emails do not usually have attachments; it's a digital signature that your mail program doesn't understand. If you are a spammer, please email j...@subspacefield.org to get blacklisted. [demime 1.01d removed an attachment of type application/pgp-signature]
Re: netword's wireless security settings - how to determine
On 02/15/11 13:24, Dmitrij D. Czarkoff wrote: On Tue, Feb 15, 2011 at 01:19:32PM -0500, Sean Howard wrote: To get the security type, ask the person who is giving you the key generally works. Not in my country. The person who is giving the key just knows the name of the network and the key. Any detailed question makes such person go sway to find some help and return 15 minutes later saying that nobody knows what am I asking about. So, is there any TECHNICAL way to find out encryption settings of a given network? Maybe it's cheating to run OpenBSD on both sides but here's what I get. NOTE: I'm pretty distrustful of wifi networks so I have *not* tested this with any other wifi networks. AP is a ral0 in my workstation at work: jross@slony:/home/jross $ cat /etc/hostname.ral0 inet 172.31.16.1 255.255.255.0 NONE media autoselect \ mediaopt hostap nwid WCAA wpakey WY Children's Action Alliance \ chan 1 My little Acer netbook has an iwn. Here's what I get when I scan for wifi networks: jross@acer:/home/jross $ sudo ifconfig iwn0 scan iwn0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:21:5c:73:da:af priority: 4 groups: wlan media: IEEE802.11 autoselect (DS1 mode 11g) status: active ieee80211: nwid WCAA chan 1 bssid 00:11:50:63:33:f2 216dB wpakey 0xecef1946509dd46ad0144a25dceb70286337096f71b2045793ff05c9871bbf8b wpaprotos wpa1,wpa2 wpaakms psk wpaciphers tkip,ccmp wpagroupcipher tkip I'm in the basement so it's no wonder there are no other networks to be seen. Then I make an /etc/hostname.iwn0 file, cutting and pasting the key from the scan into the file: dhcp NONE NONE NONE nwid WCAA \ wpakey \ 0xecef1946509dd46ad0144a25dceb70286337096f71b2045793ff05c9871bbf8b \ wpaprotos wpa1,wpa2 and run /etc/netstart jross@acer:/home/jross $ sudo sh /etc/netstart ale0: no link . sleeping 22511 0 svscan already running! checking for modem starting wifi connection DHCPREQUEST on iwn0 to 255.255.255.255 port 67 DHCPACK from 172.31.16.1 (00:11:50:63:33:f2) bound to 172.31.16.100 -- renewal in 21600 seconds. (The bit about checking for modem and starting wifi connection are to first look for my Virgin Mobile broadband modem and if it is plugged in, use it and if it isn't found, fire up the wifi.) Jeff
Re: netword's wireless security settings - how to determine
hmm, on Tue, Feb 15, 2011 at 03:56:24PM +0100, Dmitrij D. Czarkoff said that I'm sitting in a caffee with a protected wireless network available for clients. I was told the NWID and KEY settings, and I try to connect with command: ifconfig iwn0 nwid NWID wpakey KEY $ cat /etc/hostname.iwn0 dhcp nwid $SSID wpa wpapsk $PASSWORD connects me 99%. the remaining 1% was an open network (dhcp nwid $SSID) -f -- sharp wits, like sharp knives, often cut their owner.
Re: netword's wireless security settings - how to determine
On Wed, Feb 16, 2011 at 12:00:37AM +0100, frantisek holop wrote: hmm, on Tue, Feb 15, 2011 at 03:56:24PM +0100, Dmitrij D. Czarkoff said that $ cat /etc/hostname.iwn0 dhcp nwid $SSID wpa wpapsk $PASSWORD connects me 99%. the remaining 1% was an open network (dhcp nwid $SSID) Well, running simply ifconfig iwn0 nwid $SSID wpapsk $PASSWORD does connect me to the network I'm trying to connect in every case except for this one. My point is that when I can't connect with ifconfig iwn0 nwid $SSID wpapsk $PASSWORD to the network that I know is using WPA, I don't know how to determine the ciphers and protos from my client box, so that I could specify them on command line. -- Dmitrij D. Czarkoff
Re: route flush and sh /etc/netstart not enough?
On Sat, Jan 29, 2011 at 7:24 PM, Neal Hogan nealho...@gmail.com wrote: On Tue, Jan 25, 2011 at 10:11 PM, Neal Hogan nealho...@gmail.com wrote: On Tue, Jan 25, 2011 at 9:51 PM, Ryan Flannery ryan.flann...@gmail.com wrote: On Tue, Jan 25, 2011 at 9:01 PM, Neal Hogan nealho...@gmail.com wrote: Hello misc@, I'm having an issue with my wifi AP after I reconnect to my ISP. That is, when my internet connection is broken, for whatever reason, and then reconnected, my wireless machines see that the AP is available, but fail to connect to it. My hard connection works just fine. bump I've tried a suggestion: # sudo pfclt -F all sudo pfctl -f /etc/pf.conf # sudo ifconfig ral0 down sudo ifconfig ral0 up No dice. Are there any suggestions that will allow me to regain my wifi AP capabilities without having to reboot? Thanks! Do you still have a dynamic IP? If so, is it set to something different when you reconnect? If so, the nat in your pf is probably causing the problem. I was thinking the same and when I finally got the internet connection back the IP looked the same. I flush all the routes (ie., # route flush) and then sh /etc/netstart, but that does not work. Have you also tried restarting pf at this point? I did not not do that this most recent time, but I seem to remember doing it last time without it helping. When I get time, I will try to recreate the situation by unplugging my modem and restarting pf. I tried restarting pf (i.e., pfctl -d pfctl -ef /etc/pf.conf) and it didn't work. That is, I flushed the routes, 'sh /etc/netstart'd', and restarted pf and my wifi access point fails to give addresses. Below are my pf rules and, route table and ifconfig info before and after I reboot. lambdaroot pfctl -s rules match in all scrub (no-df random-id reassemble tcp) match out on em1 from ! (em1) to any nat-to (em1) round-robin pass in on em1 inet proto tcp from whitelist to (em1) port = smtp flags S/SA keep state rdr-to 127.0.0.1 port 25 pass in on em0 inet proto tcp from any to 192.168.2.1 port = smtp flags S/SA keep state rdr-to 127.0.0.1 port 25 pass in on em1 inet proto tcp from spamd to 64.53.218.214 port = smtp flags S/SA keep state rdr-to 127.0.0.1 port 8025 pass in on em1 inet proto tcp from spamd-white to any port = smtp flags S/SA keep state rdr-to 127.0.0.1 port 25 pass in on em1 inet proto tcp from ! spamd-white to any port = smtp flags S/SA keep state rdr-to 127.0.0.1 port 8025 block drop in all block drop out all block drop in log quick on ! lo inet6 from ::1 to any block drop in log quick on ! lo inet from 127.0.0.0/8 to any block drop in log quick inet from 127.0.0.1 to any block drop in log quick on ! em1 inet from 64.53.216.0/21 to any block drop in log quick inet from 64.53.218.214 to any block drop in log quick on ! em0 inet from 192.168.2.0/24 to any block drop in log quick inet from 192.168.2.1 to any block drop in log quick on ! ral0 inet from 192.168.3.0/24 to any block drop in log quick inet from 192.168.3.1 to any block drop in log quick inet6 from ::1 to any block drop in log quick on lo0 inet6 from fe80::1 to any block drop in log quick on em1 inet6 from fe80::2e0:81ff:febc:f36a to any block drop in log quick on em0 inet6 from fe80::2e0:81ff:febc:f36b to any block drop in log quick on ral0 inet6 from fe80::20e:2eff:fe96:4ee0 to any block drop in log quick from bad_ssh to any block drop in log quick from bad_www to any block drop in log quick from bad_wifi to any pass out quick on em1 inet proto tcp from any to 24.172.134.210 port = finger user = 67 flags S/SA modulate state pass out quick on ral0 inet proto tcp from any to __automatic_80b2c777_0 port = finger user = 67 flags S/SA modulate state pass out quick on em0 inet proto tcp from any to __automatic_80b2c777_2 port = finger user = 67 flags S/SA modulate state pass out quick on ral0 inet proto tcp from any to __automatic_80b2c777_1 port = ssh user = 67 flags S/SA modulate state pass out quick on em0 inet proto tcp from any to __automatic_80b2c777_3 port = ssh user = 67 flags S/SA modulate state pass in log on em1 inet proto tcp from any to (em1) port = ssh flags S/SA synproxy state (source-track rule, max-src-conn-rate 10/20, overload bad_ssh flush global, src.track 20) pass in log on em1 inet proto tcp from any to (em1) port = smtp flags S/SA synproxy state pass in log on em1 inet proto tcp from any to (em1) port = www flags S/SA synproxy state (source-track rule, max-src-conn 100, max-src-conn-rate 15/5, overload bad_www flush global, src.track 5) pass in log on em1 inet proto tcp from any to (em1) port = https flags S/SA synproxy state (source-track rule, max-src-conn 100, max-src-conn-rate 15/5, overload bad_www flush global, src.track 5) pass in log on em1 inet proto icmp from any to (em1) icmp-type echoreq keep state pass in log on em1 inet proto icmp from any to (em1) icmp-type unreach keep state pass in on em1 inet
Oferta do dia: Maior segurança e conforto com 70% OFF em Balanceamento e Alinhamento no Venancio Centro Automotivo (de R$40,00 por R$12,00)
NC#o consegue visualizar a newsletter? Click aqui ( http://shoppingdopovo.com.br/site/index.php?option=com_acymailingctrl=archivetask=viewmailid=39key=e917fb84d1ba64e267277cdc9bde4ee8subid=43448-4954b0cc9490a3b90f48c8f75b2345ea ) para abrir no navegador. Oferta do dia: Maior seguranC'a e conforto com 70% OFF em Balanceamento e Alinhamento no Venancio Centro Automotivo (de R$40,00 por R$12,00) Compartilhe com seus amigos: Maior seguranC'a e conforto com 70% OFF em Balanceamento e Alinhamento no Venancio Centro Automotivo (de R$40,00 por R$12,00). 70% de desconto em Balanceamento e Alinhamento no Venancio Centro Automotivo (de R$40,00 por R$12,00). Alinhamento: evita o desgaste dos pneus, proporciona conforto na direC'C#o e aumenta a vida C:til da suspensC#o. Balanceamento: prolonga a vida C:til dos rolamentos de roda e dos pneus. Mais seguranC'a para seu veC-culo em viagens, passeios e no seu dia a dia. Equipamentos de alta tecnologia. MecCnicos experientes nas C!reas de suspensC#o, alinhamento e balanceamento. NOSSAS COMUNIDADES Ganhe Indicando o Site Cadastre-se grC!tis no Clube de Associados e comece a ganhar dinheiro cada vez que seus amigos fizerem uma compra Espalhe a NC3ticia Convide amigos do Orkut, Facebook, Twitter, MSN, Yahoo, Gmail, Hotmail, e onde mais estiverem. Email: cont...@shoppingdopovo.com.br Click em Alterar cidade ( http://shoppingdopovo.com.br/site/index.php?option=com_acymailingctrl=usertask=modifysubid=43448key=4954b0cc9490a3b90f48c8f75b2345ea ), para receber email de outra cidade ou parar de receber nossos emails. Copyright B) 2010 Shopping do Povo. Todos os Direitos Reservados
Re: netword's wireless security settings - how to determine
On Tue, Feb 15, 2011 at 9:56 AM, Dmitrij D. Czarkoff czark...@gmail.com wrote: I'm sitting in a caffee with a protected wireless network available for clients. I was told the NWID and KEY settings, and I try to connect with command: ifconfig iwn0 nwid NWID wpakey KEY which doesn't get me connected. I booted to linux and using iwlist I found out that network uses WPA1 with PSK akms and TKIP both as pairwise and group cipher. As I know that these settings are supported on OpenBSD, I rebooted to OpenBSD and got connected with a command: nwid La Esquina chan 6 bssid 00:1c:f0:b1:80:f4 209dB 54M privacy,short_preamble,pbcc,short_slottime You aren't telling us something. 1. That's not a command. ifconfig lets you specify 209dB? 2. You didn't specify a password at all, so how did you connect?
Soluções em Storage do tamanho da sua rede
Para visualizar esta mensagem, use um programa de e-mail compativel com html!
4.7 and packets per second optimizations
We have some 4.7 machines in a carp configuration with 120 vlan interfaces and 141 carp interfaces. Works fantastic. Recently, we've had some attacks originate from inside one of our environments (customer machine on their own vlan). It's actually a machine that is creating an SSH storm with many 62 byte packets. systat -s 5 ifstat shows around 45,000 packets per second through the physical interface during the attack and top shows 97% CPU utilization for interrupts. Needless to say, it brings good traffic to a halt. Most of these packets are being dropped by the kernel due to source IP spoofing by the attack. I was a little surprised to see this few pps (relatively speaking) cause a disruption since the machine is relatively beefy for a router, athough it's not the latest and greatest. I included a dmesg output below. We're using one of the Intel Pro/1000 ports for all customer traffic (all vlans and carp interfaces) and one of the Broadcom ports for management traffic. pf is disabled. The machine is only used to route traffic between VLANs based on IP subnet. Single-proc bsd kernel is being used (MP kernel shows no difference as expected). Our configuration is extremely basic, almost a standard installation. We haven't done any tweaking. I can dump some of the sysctl.conf file if needed. While we're obviously taking action to prevent the problem from occurring again from the said machine, I'm hoping that we can improve our OpenBSD configuration to handle future events more gracefully. Is there possibly another processor type, NIC, and or machine that would be much more efficient at handling this kind of traffic (packets per second, not throughput)? Preferably, we'd like to see this edge router handle 200k pps if possible. If 4.8 has massive improvements, we'll be happy to get it installed. Any help would be greatly appreciated. Thanks! Eric OpenBSD 4.7 (GENERIC) #112: Wed Mar 17 20:43:49 MDT 2010 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 3756720128 (3582MB) avail mem = 3650293760 (3481MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xfd2e0 (60 entries) bios0: vendor HP version O12 date 10/25/2010 bios0: HP ProLiant DL160 G5 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC MCFG SPMI OEMB HPET EINJ BERT ERST HEST acpi0: wakeup devices NPE1(S4) NPE3(S4) NPE5(S4) SPE4(S4) SPE1(S4) SPE2(S4) P0P1(S4) PS2K(S4) PS2M(S4) USB0(S4) USB1(S4) USB2(S4) USB3(S4) EUSB(S4) P0P4(S4) P0P5(S4) P0P6(S4) P0P7(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Xeon(R) CPU L5420 @ 2.50GHz, 2494.07 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36, CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST ,TM2,CX16,xTPR,NXE,LONG cpu0: 6MB 64b/line 16-way L2 cache cpu0: apic clock running at 332MHz cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins ioapic1 at mainbus0: apid 6 pa 0xfec89000, version 20, 24 pins ioapic1: misconfigured as apic 5, remapped to apid 6 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 10 (NPE1) acpiprt2 at acpi0: bus -1 (NPE3) acpiprt3 at acpi0: bus 9 (NPE5) acpiprt4 at acpi0: bus 5 (NPES) acpiprt5 at acpi0: bus 6 (SPE4) acpiprt6 at acpi0: bus -1 (P8PC) acpiprt7 at acpi0: bus 2 (P0P4) acpiprt8 at acpi0: bus 3 (P0P5) acpiprt9 at acpi0: bus 4 (P0P6) acpicpu0 at acpi0 acpibtn0 at acpi0: PWRB ipmi at mainbus0 not configured pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel E5400B Host rev 0x20 ppb0 at pci0 dev 1 function 0 Intel E5400 PCIE rev 0x20 pci1 at ppb0 bus 10 em0 at pci1 dev 0 function 0 Intel PRO/1000 PT (82571EB) rev 0x06: apic 6 int 0 (irq 10), address 00:24:81:82:6b:2c em1 at pci1 dev 0 function 1 Intel PRO/1000 PT (82571EB) rev 0x06: apic 6 int 10 (irq 11), address 00:24:81:82:6b:2d ppb1 at pci0 dev 5 function 0 Intel E5400 PCIE rev 0x20 pci2 at ppb1 bus 9 mpi0 at pci2 dev 0 function 0 Symbios Logic SAS1064E rev 0x08: apic 6 int 4 (irq 10) scsibus0 at mpi0: 112 targets sd0 at scsibus0 targ 3 lun 0: LSILOGIC, Logical Volume, 3000 SCSI2 0/direct fixed sd0: 151634MB, 512 bytes/sec, 310546432 sec total ppb2 at pci0 dev 9 function 0 Intel E5400 PCIE rev 0x20 pci3 at ppb2 bus 5 ppb3 at pci3 dev 0 function 0 Intel 6321ESB PCIE rev 0x01 pci4 at ppb3 bus 6 ppb4 at pci4 dev 0 function 0 Intel 6321ESB PCIE rev 0x01 pci5 at ppb4 bus 7 ppb5 at pci3 dev 0 function 3 Intel 6321ESB PCIE-PCIX rev 0x01 pci6 at ppb5 bus 8 pchb1 at pci0 dev 16 function 0 Intel E5400 FSB/Boot/Interrupt rev 0x20 pchb2 at pci0 dev 16 function 1 Intel E5400 FSB/Boot/Interrupt rev 0x20 pchb3 at pci0 dev 16 function 2 Intel E5400 FSB/Boot/Interrupt rev 0x20 pchb4 at pci0 dev 16 function 3 Intel E5400 FSB/Boot/Interrupt rev 0x20 pchb5 at pci0 dev 16 function 4 Intel
