Re: netword's wireless security settings - how to determine
ted.unan...@gmail.com (Ted Unangst), 2011.02.18 (Fri) 01:27 (CET): On Thu, Feb 17, 2011 at 4:52 PM, Dmitrij D. Czarkoff czark...@gmail.com wrote: On Thu, Feb 17, 2011 at 11:46:05AM +, Stuart Henderson wrote: Perhaps we think that the AP supports wpa2 but it is actually broken and only wpa1 works. We shouldn't as far as wpaprotos defaults to wpa1,wpa2, so wpa2 shouldn't be tested if wpa1 succeeds. The man page says the opposite. wpa2 is preferred if both are allowed. A couple of times when access points claimed to do both wpa1 and wpa2 I had no luck with them using wpa2 - but wpa1 worked like a charm.
Re: netword's wireless security settings - how to determine
On Thu, Feb 17, 2011 at 07:27:52PM -0500, Ted Unangst wrote: The man page says the opposite. wpa2 is preferred if both are allowed. Well, this seems to answer the question - OpenBSD sticks with wpa2 unless explicitly told to do otherwise. -- Dmitrij D. Czarkoff
Re: how to set an alias on a carp interface?
Think about it that way may be. You want an alias IP's, not an alias subnet, so how do you enter a single IP? With a /32 subnet. Actually I _do_ want to have alias subnets, as written before: Why? Please note that I would like to have 172.12.96.0/22, but 172.12.101.0/24 and 172.12.126.0/24. These subnets share the same physical line, but they have different netmasks. If I would use inet 172.12.96.5 255.255.252.0 NONE inet alias 172.12.101.5 255.255.255.255 NONE inet alias 172.12.126.5 255.255.255.255 NONE - -inet6 group internal as you suggested, then the netmask information is lost. So, did you try it? See I have for example: # cat hostname.fxp0 inet 66.63.3.250 255.255.255.240 NONE inet alias 66.63.40.19 255.255.255.255 Not in the same subnet at all, but address by the routing in front of it. Alias are enter with /32. Your network card is configure with the IP 172.12.96.5 and you want to have on the same network card the IP 172.12.101.5 and 172.12.126.5 working right? Then enter it with the /32 netmark. Not relevant what subnet it is in really. Make sure your router, or what ever in front of that box point these IP's to your box here. It's possible that I do not understand your question may be, but unless I miss something really stupid here and that may be possible, just try it and you will have these IP's working on your box as long as obviously pf is configure to let that traffic going through right? Alias do not need to be part of the same subnet to work. At the price of making a fool of myself, witch wouldn't be the first time and most likely not the last either! If they need to be, that's news to me and I have been wrong for many years then. Sure possible, but as I said. I never did and I may have been wrong for many years... Why would you need to keep the subnet mark to get them to work as alias on that box really? It is also possible that I really don't understand your question too, but I guess based on what I put above that's what you try to do no? If that's not the case, they simply ignore me and sorry for wasting your time. Just try it. Hope this help you never the less. Daniel
Re: how to set an alias on a carp interface?
* Daniel Ouellet dan...@presscom.net [2011-02-18 11:15]: Alias are enter with /32. huh? hell no. Your network card is configure with the IP 172.12.96.5 and you want to have on the same network card the IP 172.12.101.5 and 172.12.126.5 working right? Then enter it with the /32 netmark. Not relevant what subnet it is in really. Make sure your router, or what ever in front of that box point these IP's to your box here. NO! At the price of making a fool of myself, witch wouldn't be the first time and most likely not the last either! If they need to be, that's news to me and I have been wrong for many years then. Sure possible, but as I said. I never did and I may have been wrong for many years... well, you have been wrong all the time then. one IP per subnet with the real mask so there is a route, all others with all-ones netmask. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: Strange pf match
Thank you all very much for the help. I really appreciate it. BR --- On Wed, 2/16/11, Stuart Henderson s...@spacehopper.org wrote: From: Stuart Henderson s...@spacehopper.org Subject: Re: Strange pf match To: misc@openbsd.org Date: Wednesday, February 16, 2011, 11:39 PM On 2011-02-16, Henning Brauer lists-open...@bsws.de wrote: apparently you're not on tech... it's a bug and it's fixed. dunno wether it has been pulled to -stable yet. Yes, and errata are published for 4.7-4.8. * m mutimir2...@yahoo.com [2011-02-16 13:31]: Hi again, could someone please tell me how it's possible for a rule to match wrong dst address? Under what circumstances woult it match in that way? Do I have to rewrite all IPRange rules? When the addresses were being compared against the range (i.e. = the first address, = the second address), the addresses weren't changed from network to host byte order, so the comparison was incorrect on little-endian CPUs). As a workaround if you don't want to patch/reboot you can rewrite the rules to use single addresses or prefixes. In general I would recommend using an addressing scheme that lets you use prefixes rather than ranges (bitmask simple equality check vs. less-than/greater-than comparisons against two addresses).
Is it worth upping the anty on SSH fingerprints
Various sources on the net say that even though md5 and sha1 are not vulnerable to preimage attacks it would be prudent to raise the hash as collision attacks suggest greater potential for preimage attacks. Are preimage attempts beginning to get closer. http://portal.acm.org/citation.cfm?id=1427259; Fingerprint length and/or ascii representation may add work but is it worth adding it to the todo list?
Re: how to set an alias on a carp interface?
one IP per subnet with the real mask so there is a route, all others with all-ones netmask. Then, It is like this.. # cat /etc/hostname.em0 inet 192.168.9.62 255.255.255.0 inet alias 192.168.9.63 255.255.255.255 inet alias 192.168.5.62 255.255.255.0 inet alias 192.168.5.63 255.255.255.255 inet alias 192.168.6.62 255.255.255.0 inet alias 192.168.6.63 255.255.255.255 your comments? -- Thank you Indunil Jayasooriya
Re: connecting ubt0 to a wireless audio
On Thu, 17 Feb 2011 11:37:34 -0600 Bryan bra...@gmail.com wrote: I have an MW600 from Sony Ericsson, that I can pair to my Droid, and the passcode is . I recently picked up a SparkLAN WPEA-111N which attaches to ral(4) and ubt(4): [...] After following these this: http://marc.info/?l=openbsd-miscm=124085846000680 Just for the record, this no longer works for me. I get a hard lock or a panic very shortly after bringing up the Bluetooth interface and trying to communicate with it. It used to work, though ;-( Cheers, Thomas.
Relayd Questions on past posts
Hi all, Firstly, a past post has indicated that there is no benefit of relayd over pf for external mappings to single machines on the lan. I would have thought a relayed connection to an internal machine would have some security benefit over a pf redirected connection. Is this the case ? Secondly I am trying to use relayd to reverse proxy to multiple rails web sites running on different ports on the local gateway. domain =1 will be on port 3000 domain2 on 3001 etc. I am using multiple domain configurations like these below changing the domain name and the appropriate port number in the relay statement. All requests seem to be being directed to the final relay statement and generating an incomplete request error in the debug log. A past forum post has indicated that this capability is not available however this structure seems made for it. Is it possible ? This server is currently running 4.5 but I can see nothing in the changelog to indicate any change with this. With thanks for any assistance or info. http protocol domain1 { header append $REMOTE_ADDR to X-Forwarded-For header append $SERVER_ADDR:$SERVER_PORT to X-Forwarded-By # header change Connection to close header expect www.domain1.com from Host # Various TCP performance options tcp { nodelay, sack, socket buffer 65536, backlog 128 } } relay domain1 { # Run as a SSL accelerator listen on $ext_addr port 80 protocol domain1 forward to 127.0.0.1 port 3000 }
Re: connecting ubt0 to a wireless audio
On Thu, Feb 17, 2011 at 19:46, Jacob Meuser jake...@sdf.lonestar.org wrote: On Thu, Feb 17, 2011 at 12:33:51PM -0600, Bryan wrote: On Thu, Feb 17, 2011 at 11:37, Bryan bra...@gmail.com wrote: I have an MW600 from Sony Ericsson, that I can pair to my Droid, and the passcode is . B I recently picked up a SparkLAN WPEA-111N which attaches to ral(4) and ubt(4): Well hell, now all I'm getting is kernel panics when I run btconfig ubt0 up don't expect btsco(4) to work reliably, even if the bluetooth layer itself works. B btsco(4) uses audio_hw_if-start_{output,input}. B these can only work with realtime operating systems, since they require that the kernel fills the next audio buffer in an isr. B this means the isr needs to be run within microseconds of interrupt generation. B I've seen delays of over 100 ms between interrupt generation and isr execution with azalia(4) on MP systems. B using uaudio(4) on an MP system will give an idea of how bad this is (and uaudio actually does do some bufferring in the usb layer; btsco would be much worse). Oh, okay, I see now. Even it did work, it would have been awful... I'll just buy an extension cable... @jacob: Did you receive my other e-mail?
Re: connecting ubt0 to a wireless audio
On Fri, Feb 18, 2011 at 3:36 PM, Thomas Pfaff tpf...@tp76.info wrote: Just for the record, this no longer works for me. I get a hard lock or a panic very shortly after bringing up the Bluetooth interface and trying to communicate with it. It used to work, though ;-( http://www.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/conf/GENERIC Disable sbt and ubt devices. The bluetooth code will sometimes sleep while holding locks, this is not allowed, and nobody has stepped up to fix this, so better not lure people into using bluetooth devices. Cheers, David
hibernate function
does it exists?
Re: hibernate function
On Fri, Feb 18, 2011 at 10:51:27AM -0600, Orestes Leal R. wrote: does it exists? Not yet. Joachim -- PotD: converters/wv2 - library functions to access Microsoft Word/Excel files http://www.joachimschipper.nl/
Re: rsu0 problem
On Fri, 18 Feb 2011 13:03:27 +0100 Hans Zimmerman h...@everlasting.be wrote: On Fri, 18 Feb 2011 02:58:52 +0100, Gianluca D'Auri Muscelli g...@email.it wrote: now when i sudo sh /etc/netstart rsu0 rsu0.no link sleeping and in console i look ' rsu0: could not send site survey command' my hostname.rsu0 is: dhcp NONE NONE NONE nwkey my_wep_password_clear_text chan 6 or dhcp NONE NONE NONE nwid my_wii_name nwkey my_pass_cl_text chan 6 ;( Do u know how i can resolve this problem?? tks vvm I think I have the same problem, see pr 6534 http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yesnumbers=6534 I have not found a solution yet. Hans I'v found a solution only to get my network with WAP encryption, this card with WEP doesn't function, I try many many time! -- Gianluca D'Auri Muscelli g...@email.it Fingerprint: 3A277FACD60A3D33388BC371F4548B69078A9A04 ,( ). | \,--_ / | /_ _ ` / /-.,-.`\ _ _ _ \O|O | |/ ___ \ | _ \ / | __ \ (___)`--'_/ / / / /___ ___ | |_) | (___ | | | | `.__/` / / / / / __ \/ _ \/ __ \| _ \___ \| | | | `.__, ,/ / /__/ / /_/ / __/ / / /| |_) |) | |__| | \_/ .___/\___/_/ /_/ |/|_/|_/ ___/ /__ /_/ [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
rsu0 connection lost in one min.
Hi, now i can connect with my usb-wii-card rsu0 with hostname.rsu0: dhcp NONE NONE NONE nwid name_wii chan 6 wpakey my_wpa but my connection be lost in one minutes...why??? thanks very mutch for help... -- Gianluca D'Auri Muscelli g...@email.it Fingerprint: 3A277FACD60A3D33388BC371F4548B69078A9A04 ,( ). | \,--_ / | /_ _ ` / /-.,-.`\ _ _ _ \O|O | |/ ___ \ | _ \ / | __ \ (___)`--'_/ / / / /___ ___ | |_) | (___ | | | | `.__/` / / / / / __ \/ _ \/ __ \| _ \___ \| | | | `.__, ,/ / /__/ / /_/ / __/ / / /| |_) |) | |__| | \_/ .___/\___/_/ /_/ |/|_/|_/ ___/ /__ /_/
Re: Dell R310 - H200 Raid performance problem
On 18.02.2011 07:57, David Gwynne wrote: this diff implements the disk cache ioctl handling in mpii so sd(4) can drive the change rather than have mpii(4) whack everything. modelled on the same functionality in mpi(4) and mikeb's code... could someone test this please? It freezes on my system. Last lines from dmesg are: mpii0 at pci2 dev 0 function 0 Symbios Logic SAS2008 rev 0x02: apic 0 int 16 (irq 15) scsibus0 at mpii0: 42 targets sd0 at scsibus0 targ 1 lun0: Dell, Virtual Disk, 1028 SCSI4 0/direct fixed sd0: 237824MB, 512 bytes/sec, 487063772 sec total Lukasz [demime 1.01d removed an attachment of type image/jpeg which had a name of 20110218281.jpg]
Re: hibernate function
On Fri, 18 Feb 2011 16:17:25 +0100 Joachim Schipper wrote: On Fri, Feb 18, 2011 at 10:51:27AM -0600, Orestes Leal R. wrote: does it exists? Not yet. Joachim Hibernate offers more integrity of user data but it's a lot less secure, discounting the boot virus's like the one mentioned on P. Hansteen's site that may? be hindered by power removal. (Anyone heard more about those or how that one worked.) http://bsdly.blogspot.com/2010/10/if-it-runs-openbsd-it-has-to-be.html; I don't really see how hibernate could be done safely without all systems having a TPM. Maybe a storage file in /var that only root can access, but that's still a compromise.
flush global not killing states in pf
Hi, The flush global directive in the following pf rule does not kill all states of the offending host. table abusive_hosts persist block in quick log on $ext_if from abusive_hosts block in pass in quick on $ext_if proto tcp from 10.0.0.2 to ($ext_if) port 2000:2002 flags S/ SA keep state (tcp.first 15, tcp.closing 30, tcp.finwait 15, tcp.closed 15, max-src-conn 1 , overload abusive_hosts flush global) I'm using nc to do this test server# nc -l 2000 server# nc -l 2001 10.0.0.2# nc server 2000 10.0.0.2# nc server 2001 (connection blocked) host 10.0.0.2 is added in abusive_hosts and rest of the connections are blocked. # pfctl -t abusive_hosts -vT show 10.0.0.2 Cleared: Fri Feb 18 19:17:12 2011 Feb 18 19:17:17.354147 rule 1/(match) block in on fxp0: 10.0.0.2.38283 10.0.0.1.2001: P 2121540353:2121540363(10) ack 1359198395 win 92 nop,nop,timestamp 89238363 4104326239 (DF) However the first connection (to port 2000) remains established and not being flushed. #pfctl -s states | grep 10.0.0.2 all tcp 10.0.0.1:2000 - 10.0.0.2:44923 ESTABLISHED:ESTABLISHED Is it something I misused or don't understand correct? regards, Giannis ps. OpenBSD 4.8 GENERIC#0 i386 [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Booting and radeon problems on ThinkPad SL510
Hi misc@, I am too experiencing the booting problems described a few days ago for the SL410. With the MP kernel, booting would sometines just stop at mtrr: Pentium Pro MTRR support, forcing a hard reset of the machine. Other times it just works fine, not following any apparent pattern. How can I provide more info to debug this? The second problem has already been reported multiple times. (Hardware acceleration not working on some Radeon chips.) The corresponding PR is user/6549, the symptoms are exactly as described there. Maybe (?) related to that: Graphics are not resumed after suspend. Xorg.0.log has lots of: [607691.656] (EE) RADEON(0): Idle timed out, resetting engine... [607691.875] (EE) RADEON(0): RADEONWaitForIdleCP: CP idle 16 [607691.875] (EE) RADEON(0): Idle timed out, resetting engine... [607692.075] (EE) RADEON(0): RADEONWaitForIdleCP: CP idle 16 [607692.075] (EE) RADEON(0): Idle timed out, resetting engine... [607692.275] (EE) RADEON(0): RADEONWaitForIdleCP: CP idle 16 messages after resume: Feb 14 13:50:09 aias apmd: system resumed from APM sleep Feb 14 13:50:09 aias /bsd: iwn0: RF switch: radio enabled Feb 14 13:50:09 aias Tor[2339]: Your system clock just jumped 1436 seconds forward; assuming established circuits no longer work. Feb 14 13:50:09 aias Tor[2339]: Tried for 1470 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit) Feb 14 13:50:09 aias Tor[2339]: Tried for 1470 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit) Feb 14 13:50:10 aias /bsd: video0 detached Feb 14 13:50:10 aias /bsd: uvideo0 detached Feb 14 13:50:11 aias /bsd: uvideo0 at uhub1 Feb 14 13:50:11 aias /bsd: port 6 configuration 1 interface 0 Chicony Electronics Co., Ltd. Integrated Camera rev 2.00/82.54 addr 2 Feb 14 13:50:11 aias /bsd: video0 at uvideo0 Feb 14 13:50:11 aias /bsd: ubt0 detached Feb 14 13:50:11 aias /bsd: radeondrm0: wait idle failed status : 0xA0003028 0x0002 Feb 14 13:50:14 aias last message repeated 14 times Feb 14 13:50:14 aias /bsd: ubt0 at uhub7 Feb 14 13:50:14 aias /bsd: radeondrm0: wait idle failed status : 0xA0003028 0x0002 Feb 14 13:50:15 aias /bsd: port 1 Broadcom Corp Broadcom Bluetooth Device rev2.00/3.60 addr 2 Feb 14 13:50:15 aias /bsd: radeondrm0: wait idle failed status : 0xA0003028 0x0002 Feb 14 13:50:46 aias last message repeated 154 times OpenBSD 4.9-beta (GENERIC.MP) #780: Thu Jan 20 17:21:34 MST 2011 t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3182116864 (3034MB) avail mem = 3083386880 (2940MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe0010 (44 entries) bios0: vendor LENOVO version 6JET85WW (1.43 ) date 12/24/2010 bios0: LENOVO 2847D8G acpi0 at bios0: rev 4 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET MCFG APIC BOOT SLIC SSDT SSDT SSDT acpi0: wakeup devices P0P2(S4) P0P1(S4) USB0(S3) USB1(S3) USB2(S3) USBR(S3) EHC1(S3) USB3(S3) USB4(S3) USB5(S3) EHC2(S3) HDEF(S4) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) RP05(S4) RP06(S4) BLAN(S4) LID_(S3) SLPB(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz, 6803.39 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG cpu0: 2MB 64b/line 8-way L2 cache cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz, 2194.50 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG cpu1: 2MB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P2) acpiprt2 at acpi0: bus 9 (P0P1) acpiprt3 at acpi0: bus 2 (RP01) acpiprt4 at acpi0: bus 3 (RP02) acpiprt5 at acpi0: bus 4 (RP03) acpiprt6 at acpi0: bus 5 (RP04) acpiprt7 at acpi0: bus 6 (RP05) acpiprt8 at acpi0: bus 8 (RP06) acpiec0 at acpi0 acpicpu0 at acpi0: C2, C1, PSS acpicpu1 at acpi0: C2, C1, PSS acpitz0 at acpi0: critical temperature 105 degC acpithinkpad0 at acpi0 acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT1 model 42T4848 serial 55331 type LION oem LGC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: PWRB acpibtn2 at acpi0: SLPB cpu0: Enhanced SpeedStep 2194 MHz: speeds: 2201, 2200, 1600, 1200 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel GM45 Host rev 0x07 ppb0 at pci0 dev 1 function 0 Intel GM45 PCIE rev 0x07: apic 2 int 16 (irq 10) pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Mobility Radeon HD 4500 rev 0x00
Re: hibernate function
there are some patches floating around. On Fri, Feb 18, 2011 at 10:51:27AM -0600, Orestes Leal R. wrote: does it exists?
Re: Dell R310 - H200 Raid performance problem
With following Mike's suggestions it worked. could you please change this line if (mpii_req_cfg_page(sc, addr, 0, hdr, 1, vpg, pagelen) != 0) { to if (mpii_req_cfg_page(sc, addr, MPII_PG_POLL, hdr, 1, vpg, pagelen) != 0) { and one more: this: if (mpii_req_cfg_header(sc, MPII_CONFIG_REQ_PAGE_TYPE_RAID_VOL, 0, addr, 0, hdr) != 0) to: if (mpii_req_cfg_header(sc, MPII_CONFIG_REQ_PAGE_TYPE_RAID_VOL, 0, addr, MPII_PG_POLL, hdr) != 0) mpii0 at pci2 dev 0 function 0 Symbios Logic SAS2008 rev 0x02: apic 0 int 16 (irq 15) scsibus0 at mpii0: 42 targets sd0 at scsibus0 targ 1 lun 0: Dell, Virtual Disk, 1028 SCSI4 0/direct fixed sd0: 237824MB, 512 bytes/sec, 487063552 sec total ses0 at scsibus0 targ 10 lun 0: DP, BACKPLANE, 1.07 SCSI3 13/enclosure services fixed ses0: unable to read enclosure configuration # scsi -f /dev/rsd0c -m 8 IC: 0 ABPF: 0 CAP: 0 DISC: 0 SIZE: 0 WCE: 1 MF: 0 RCD: 0 Demand Retention Priority: 0 Write Retention Priority: 0 Disable Pre-fetch Transfer Length: 65535 Minimum Pre-fetch: 0 Maximum Pre-fetch: 65280 Maximum Pre-fetch Ceiling: 65535 FSW: 0 LBCSS: 0 DRA: 0 Vendor-specific: 0 NV_DIS: 0 Number of Cache Segments: 15 Cache Segment Size: 0 how to manipulate write cache policy? Lukasz
Casa o Depa????
RW Fereli y Asociados Rio Grijalva ote. # 25-C, Col del Valle , Garza Garcia, N.L. Tels. 04481-82521561 En Venta CASA NUEVA con FINOS acabados Y COMODA distribuciC3n. Ubicada en la tranquilidad de La LC!grima a 2 minutos de LC!zaro CC!rdenas Tres RecC!maras, dos y medio BaC1os Dos Plantas, Estudios JardC-n 230m2 construcciC3n, 186 m2 terreno 2,100,000.00 Departamentos DE LUJO con VIGILANCIA Y HERMOSA VISTA PANORAMICA Renta y Venta en San Pedro Amueblados o sin amueblar Dos y tres recC!maras Alberca, Gimnasio, SalC3n de eventos, Sky Lounge Vigilancia 24 horas 7 dC-as de la semana Citas: 0448182521561, e-mail: ldel...@hotmail.com [mailto:ldel...@hotmail.com?subject=Busco%20casa%20o%20depa] [http://corporativomexico.info/send/link.php?M=6510722N=149L=139F=T] Unsubscribe [http://corporativomexico.info/send/link.php?M=6510722N=149L=60F=T]
Re: how to set an alias on a carp interface?
On 2/18/11 5:42 AM, Henning Brauer wrote: * Daniel Ouelletdan...@presscom.net [2011-02-18 11:15]: Alias are enter with /32. huh? hell no. OK, but all examples show it as such in man(5) hostname.if and such. Your network card is configure with the IP 172.12.96.5 and you want to have on the same network card the IP 172.12.101.5 and 172.12.126.5 working right? Then enter it with the /32 netmark. Not relevant what subnet it is in really. Make sure your router, or what ever in front of that box point these IP's to your box here. NO! OK! At the price of making a fool of myself, witch wouldn't be the first time and most likely not the last either! If they need to be, that's news to me and I have been wrong for many years then. Sure possible, but as I said. I never did and I may have been wrong for many years... well, you have been wrong all the time then. yes I have been! And thanks for correcting me on it too! one IP per subnet with the real mask so there is a route, all others with all-ones netmask. That is no where to be find in the FAQ even if that absolutely logical, no question about it. I really read FAQ religeously and never got that understanding from it as as shown I sure didn't do it on many servers for many years too. If I could suggest, just adding to the FAQ exactly your text as above would have eliminate that mistake for me and eliminate that recurring question as well looks like as I am not the only one missing the point here. Would that be possible. Again thanks for taking the time to correct my multi years and recuring errors here. Best, Daniel
Re: how to set an alias on a carp interface?
On 2/18/11 6:10 AM, Indunil Jayasooriya wrote: one IP per subnet with the real mask so there is a route, all others with all-ones netmask. Then, It is like this.. # cat /etc/hostname.em0 inet 192.168.9.62 255.255.255.0 inet alias 192.168.9.63 255.255.255.255 inet alias 192.168.5.62 255.255.255.0 inet alias 192.168.5.63 255.255.255.255 inet alias 192.168.6.62 255.255.255.0 inet alias 192.168.6.63 255.255.255.255 your comments? Then based on the correction from Henning on my previous suggestion, I would say that's exactly how it should be done. Or it could be like this I suppose if your network was actually on the proper boundary. inet 192.168.9.62 255.255.255.0 inet alias 192.168.9.63 255.255.255.255 inet alias 192.168.6.62 255.255.254.0 inet alias 192.168.6.63 255.255.255.255 inet alias 192.168.7.62 255.255.255.255 inet alias 192.168.7.63 255.255.255.255 On the above example 192.168.6.x with /23 would cover both the 6.x and 7.x and if they are both directly connected to that interface chances are that they should be in the router as such, but that's just a suggestion and based on Henning should be good. Best, Daniel PS: I learn something new, but more importantly, I corrected a long lasting mistake today! (; PS2: It would really good if the FAQ could add that simple distinction. I would have found it useful talking just for myself may be, but sure would have eliminated the question from the start.
Re: hibernate function
On 2011-02-18 18.17, Kevin Chadwick wrote: On Fri, 18 Feb 2011 16:17:25 +0100 Joachim Schipper wrote: On Fri, Feb 18, 2011 at 10:51:27AM -0600, Orestes Leal R. wrote: does it exists? Not yet. Hibernate offers more integrity of user data but it's a lot less secure, discounting the boot virus's like the one mentioned on P. Hansteen's site that may? be hindered by power removal. (Anyone heard more about those or how that one worked.) http://bsdly.blogspot.com/2010/10/if-it-runs-openbsd-it-has-to-be.html; I don't really see how hibernate could be done safely without all systems having a TPM. Maybe a storage file in /var that only root can access, but that's still a compromise. I'm sure it's just my too-narrow mind, but I fail to see any particular security implications that are not also implied by having actual physical access to the machine. Could you elaborate? The one problem I see is the risk of being able to read system memory from the hibernation storage if someone unauthorized gains access to the system and boots it into single-user mode or removes the disk and reads it in another computer. But the way I imagine hibernation to be implemented would be to simply swap out all memory to the (by default) encrypted swap space, and then somehow flag the upcoming next boot that the swap contains live hibernation data, and provide the encryption key (which of course becomes the weak point). Then for the really paranoid, the location of that flag and key could perhaps be configurable, and be set to a USB stick or memory card that can be removed and for example travel separately from the laptop itself. Not perfect of course, but then again, if access to the physical hardware is gained all bets are more or less off anyway. Regards, /Benny -- internetlabbet.se / work: +46 8 551 124 80 / Words must Benny LC6fgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted. /email: benny -at- internetlabbet.se
Re: Booting and radeon problems on ThinkPad SL510
On 02/18/11 12:41, Pascal Stumpf wrote: Hi misc@, I am too experiencing the booting problems described a few days ago for the SL410. With the MP kernel, booting would sometines just stop at mtrr: Pentium Pro MTRR support, forcing a hard reset of the machine. Other times it just works fine, not following any apparent pattern. How can I provide more info to debug this? The fix for me on my SL410 was to disable the webcam via BIOS. That was the device for me that was causing it to hang. uvideo0 at uhub1 port 6 configuration 1 interface 0 Bison Integrated Camera rev 2.00/0.06 addr 2 -Bryan
New LA Hotel Fund
My Name is Cayson Metz and im a hard money lender in California and I came across your information on a hotel listing. My partner and I have recently Launched a 250 million hospitality fund to help capitalize select hotels in need of rehab, bridge loans and permanent financing.You will never see an advance fee and will typically close within 3 weeks. Do you have anything in need? I am trying to deploy this money no later than mid March. Here is some press on the fund. www.abfjournal.com/story.asp?id=32412 http://www.abfjournal.com/story.asp?id=32412 andThank you for your time, Truly, Cayson Metz, Gauntlet CREC, LLC. 7154 E. Stetson Drive Ste. 320 Scottsdale, AZ 85251 866.865.6647 ext. 1015 O: 480. 393 0829 (Scottsdale, AZ) D: 310.954.1992 (Beverly Hills, CA) This email was sent to misc@openbsd.org. If you are no longer interested you can unsubscribe instantly: http://gauntletcapital.cmail2.com/t/r/u/yktidhd/oukdljyp/
Re: how to set an alias on a carp interface?
On 2/18/11 3:23 PM, Ted Unangst wrote: On Fri, Feb 18, 2011 at 2:39 PM, Daniel Ouelletdan...@presscom.net wrote: On 2/18/11 5:42 AM, Henning Brauer wrote: * Daniel Ouelletdan...@presscom.net[2011-02-18 11:15]: Alias are enter with /32. huh? hell no. OK, but all examples show it as such in man(5) hostname.if and such. You are apparently reading manpages for a different operating system or the OpenBSD man pages you are reading have been terribly corrupted, because hostname.if on my system has no such nonsense. Nope I am not, see below: http://www.openbsd.org/cgi-bin/man.cgi?query=hostname.ifapropos=0sektion=0manpath=OpenBSD+Currentarch=i386format=html under static section. inet 10.0.1.12 255.255.255.0 10.0.1.255 media 100baseTX description Uplink inet alias 10.0.1.13 255.255.255.255 10.0.1.13 inet alias 10.0.1.14 255.255.255.255 NONE inet alias 10.0.1.15 255.255.255.255 inet alias 10.0.1.16 0x my point only was that there isn't an example of a second subnet and as I said I assume that every cases of alias as shown were always with /32 for the subnet mask. I simply miss understood that for many years obviously. If only a reference in either ifconfig of in hostname.if with what Henning clarify for me as: one IP per subnet with the real mask so there is a route, all others with all-ones netmask. Would have done the trick. That's not really no sense. It's clean in my head now, just wasn't and is not clear for me in the man page.
Re: how to set an alias on a carp interface?
On 2/18/11 3:45 PM, Daniel Ouellet wrote: On 2/18/11 3:23 PM, Ted Unangst wrote: On Fri, Feb 18, 2011 at 2:39 PM, Daniel Ouelletdan...@presscom.net wrote: On 2/18/11 5:42 AM, Henning Brauer wrote: * Daniel Ouelletdan...@presscom.net [2011-02-18 11:15]: Alias are enter with /32. huh? hell no. OK, but all examples show it as such in man(5) hostname.if and such. You are apparently reading manpages for a different operating system or the OpenBSD man pages you are reading have been terribly corrupted, because hostname.if on my system has no such nonsense. Unless you refer at me writing /32 instead of the long way 255.255.255.255? If so, yes you are 100% right. I use the /32 to express the mask in a shorter way. If that's the confusion, I am sorry to have created that. It's an old habit hard to die, I find it much more convenient to always express the IP's in that form oppose to use the long mask. I never tried to enter it into the hostname.if file as a configuration I don't think it support it anyway, I do not know. So, if that's the no sense you are referring at from my part, then my apologies, you are 100% right. I refer at needed to have one instance of the alias to have the proper mask and all additional one part of the same subnet needed the 255.255.255.255 mask oppose to all instance of alias using only the 255.255.255.255 form. That was and isn't clean in the man page. Hope this make sense now. (;
Re: hibernate function
On Fri, Feb 18, 2011 at 11:51 AM, Orestes Leal R. l...@cubacatering.avianet.cu wrote: does it exists? It'll work if it's implemented in hardware like on a Thinkpad X40.
Re: how to set an alias on a carp interface?
On Fri, Feb 18, 2011 at 2:39 PM, Daniel Ouellet dan...@presscom.net wrote: On 2/18/11 5:42 AM, Henning Brauer wrote: * Daniel Ouelletdan...@presscom.net [2011-02-18 11:15]: Alias are enter with /32. huh? hell no. OK, but all examples show it as such in man(5) hostname.if and such. You are apparently reading manpages for a different operating system or the OpenBSD man pages you are reading have been terribly corrupted, because hostname.if on my system has no such nonsense.
Re: security of hibernate (was: hibernate function)
On Fri, Feb 18, 2011 at 05:17:57PM +, Kevin Chadwick wrote: On Fri, 18 Feb 2011 16:17:25 +0100 Joachim Schipper wrote: On Fri, Feb 18, 2011 at 10:51:27AM -0600, Orestes Leal R. wrote: does it exists? Not yet. Hibernate offers more integrity of user data but it's a lot less secure, discounting the boot virus's like the one mentioned on P. Hansteen's site that may? be hindered by power removal. (Anyone heard more about those or how that one worked.) Actually, if one could specify an encryption password for the memory written to disk, a stolen hibernating system would be less dangerous than a running/ACPI-sleeping system because it's suddenly impossible to get interesting data from the system memory. Interesting data like the keys in ssh-agent or a softraid decryption key. Read e.g. http://citp.princeton.edu/pub/coldboot.pdf for a very readable introduction to rip-your-memory-out-of-your-machine attacks (figure 4 is particularly nice); in particular, note that such attacks are quite feasible. Despite the common with physical access, all bets are off wisdom, physical attacks can actually be defended against quite well - *if* the system is turned off when they are carried out and never turned on again. Joachim -- PotD: net/fping - quickly ping N hosts w/o flooding the network http://www.joachimschipper.nl/
Re: Booting and radeon problems on ThinkPad SL510
On Fri, Feb 18, 2011 at 06:41:26PM +0100, Pascal Stumpf wrote: I am too experiencing the booting problems described a few days ago for the SL410. With the MP kernel, booting would sometines just stop at mtrr: Pentium Pro MTRR support, forcing a hard reset of the machine. Other times it just works fine, not following any apparent pattern. How can I provide more info to debug this? My SL510 works if I disable acpitz*. The debugging-only diff at the end of this message can help show that this is indeed the issue (by default, it doesn't do much; use boot -d and 'write acpitz_skip_first_setperfs 10' (if it's N = 0, skip the first N acpitz_cpu_setperf() calls; negative values drop you into ddb at acpitz_cpu_setperf() calls, which allows you to get a backtrace.) That said, I don't have the time or expertise to fix this myself, and I guess it's rather hard to fix it without the hardware... The second problem has already been reported multiple times. (Hardware acceleration not working on some Radeon chips.) The corresponding PR is user/6549, the symptoms are exactly as described there. Sorry, I can't help you with that - I have an Intel card. Joachim Index: acpitz.c === RCS file: /usr/cvs/src/src/sys/dev/acpi/acpitz.c,v retrieving revision 1.39 diff -u -p -r1.39 acpitz.c --- acpitz.c27 Jul 2010 04:28:36 - 1.39 +++ acpitz.c4 Oct 2010 08:37:30 - @@ -88,6 +88,7 @@ void (*acpitz_cpu_setperf)(int); intacpitz_perflevel = -1; extern void(*cpu_setperf)(int); extern int perflevel; +intacpitz_skip_first_setperfs = 0; #define PERFSTEP 10 #define ACPITZ_TRIPS (1L 0) @@ -376,8 +377,21 @@ acpitz_refresh(void *arg) /* Perform CPU setperf */ if (acpitz_cpu_setperf nperf != acpitz_perflevel) { - acpitz_perflevel = nperf; - acpitz_cpu_setperf(nperf); + if (acpitz_skip_first_setperfs 0) { + /* Enter ddb here - and hopefully continue */ + Debugger(); + } else if (acpitz_skip_first_setperfs 0) { + acpitz_skip_first_setperfs--; + printf(%s: skipping %d more setperf() calls\n, + DEVNAME(sc), acpitz_skip_first_setperfs); + } else { + acpitz_perflevel = nperf; + printf(%s: acpitz_cpu_setperf at %p called: acpitz_cpu_setperf(%d)\n, + DEVNAME(sc), (void *) acpitz_cpu_setperf, nperf); + acpitz_cpu_setperf(nperf); + printf(%s: acpitz_cpu_setperf ok\n, + DEVNAME(sc)); + } } } sc-sc_lasttmp = sc-sc_tmp;
Re: security of hibernate (was: hibernate function)
On Fri, Feb 18, 2011 at 3:35 PM, Joachim Schipper joac...@joachimschipper.nl wrote: Actually, if one could specify an encryption password for the memory written to disk, a stolen hibernating system would be less dangerous than a running/ACPI-sleeping system because it's suddenly impossible to get interesting data from the system memory. Interesting data like the keys in ssh-agent or a softraid decryption key. Not really much difference between encrypting memory that's written to disk and memory that's just left in memory.
Re: Booting and radeon problems on ThinkPad SL510
On Fri, Feb 18, 2011 at 09:45:22PM +0100, Joachim Schipper wrote: On Fri, Feb 18, 2011 at 06:41:26PM +0100, Pascal Stumpf wrote: I am too experiencing the booting problems described a few days ago for the SL410. With the MP kernel, booting would sometines just stop at mtrr: Pentium Pro MTRR support, forcing a hard reset of the machine. Other times it just works fine, not following any apparent pattern. How can I provide more info to debug this? My SL510 works if I disable acpitz*. The debugging-only diff at the end of this message can help show that this is indeed the issue (by default, it doesn't do much; use boot -d and 'write acpitz_skip_first_setperfs 10' (if it's N = 0, skip the first N acpitz_cpu_setperf() calls; negative values drop you into ddb at acpitz_cpu_setperf() calls, which allows you to get a backtrace.) That said, I don't have the time or expertise to fix this myself, and I guess it's rather hard to fix it without the hardware... Thanks a lot, but thatbs most likely not the issue in my case. I donbt even seem to be able to get any negative values. Bryanbs suggestion to disable the webcam via BIOS has most likely done the trick. (I havenbt had any hangs since then, but you never knowB b) Still, this solutions seems unsatisfying. Would the info provided by UVIDEO_DEBUG help in tracking down the bug?
Re: usb external disk freezes system [SOLVED ON -CURRENT]
On Wed, 16 Feb 2011, Kenneth R Westerback wrote: On Wed, Feb 16, 2011 at 06:05:59PM +0800, shweg...@gmail.com wrote: I have an external usb drive which freezes the system, especially if I do some cp of scp of big files, but not necessarily, it happens also with small files, here is the error I get: attempting to restore vector in use vecproc 0 veccpu 6boff0 attempting to restore vector in use vecproc 0 veccpu 6boff0 (yes, written to times) umass0: Invalid CSW: sig 0x40f00ee0 shuld be 0x53425355 Please try a -current snapshot. Many, many USB fixes since Aug. and it would be good to know if the problem still exists as 4.9 is about to lock. Ken The problem seems to be gone, thank you very much! Here is the new dmesg: [ using 479744 bytes of bsd ELF symbol table ] console out [ATY,RockHopper2_A]console in [] , no keyboard attached, trying usb anyway using parent ATY,RockHopper2Paren:: memaddr 9800 size 800, : consaddr 9c008000, : ioaddr 9002, size 2: memtag 8000, iotag 8000: width 640 linebytes 768 height 480 depth 8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2011 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.9 (GENERIC) #35: Tue Feb 15 15:34:27 MST 2011 t...@macppc.openbsd.org:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 1073741824 (1024MB) avail mem = 1032323072 (984MB) mainbus0 at root: model PowerMac10,1 cpu0 at mainbus0: 7447A (Revision 0x102): 1249 MHz: 512KB L2 cache mem0 at mainbus0 spdmem0 at mem0: 1GB DDR SDRAM non-parity PC3200CL3.0 memc0 at mainbus0: uni-n hw-clock at memc0 not configured kiic0 at memc0 offset 0xf8001000 iic0 at kiic0 mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 Apple UniNorth AGP rev 0x00 vgafb0 at pci0 dev 16 function 0 ATI Radeon 9200 rev 0x01, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x5 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 Apple UniNorth PCI rev 0x00 macobio0 at pci1 dev 23 function 0 Apple Intrepid rev 0x00 openpic0 at macobio0 offset 0x4: version 0x4614 little endian macgpio0 at macobio0 offset 0x50 modem-reset at macgpio0 offset 0x1d not configured modem-power at macgpio0 offset 0x1c not configured macgpio1 at macgpio0 offset 0x9 irq 47 pgs0 at macgpio0 offset 0x11: irq 55 gpio5 at macgpio0 offset 0x6f not configured gpio6 at macgpio0 offset 0x70 not configured extint-gpio15 at macgpio0 offset 0x67 not configured escc-legacy at macobio0 offset 0x12000 not configured zsc0 at macobio0 offset 0x13000: irq 22,23 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 aoa0 at macobio0 offset 0x1: irq 30,1,2 audio0 at aoa0 timer at macobio0 offset 0x15000 not configured adb0 at macobio0 offset 0x16000 irq 25: via-pmu, 0 targets apm0 at adb0: battery flags 0x0, 0% charged piic0 at adb0 iic1 at piic0 maxtmp0 at iic1 addr 0xc8: max6642 kiic1 at macobio0 offset 0x18000 iic2 at kiic1 wdc0 at macobio0 offset 0x2 irq 24: DMA ohci0 at pci1 dev 24 function 0 Apple Intrepid USB rev 0x00: irq 0, version 1.0, legacy support ohci1 at pci1 dev 25 function 0 Apple Intrepid USB rev 0x00: irq 0, version 1.0, legacy support ohci2 at pci1 dev 26 function 0 Apple Intrepid USB rev 0x00: irq 29, version 1.0, legacy support ohci3 at pci1 dev 27 function 0 NEC USB rev 0x43: irq 63, version 1.0 ohci4 at pci1 dev 27 function 1 NEC USB rev 0x43: irq 63, version 1.0 ehci0 at pci1 dev 27 function 2 NEC USB rev 0x04: irq 63 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 NEC EHCI root hub rev 2.00/1.00 addr 1 usb1 at ohci0: USB revision 1.0 uhub1 at usb1 Apple OHCI root hub rev 1.00/1.00 addr 1 usb2 at ohci1: USB revision 1.0 uhub2 at usb2 Apple OHCI root hub rev 1.00/1.00 addr 1 usb3 at ohci2: USB revision 1.0 uhub3 at usb3 Apple OHCI root hub rev 1.00/1.00 addr 1 usb4 at ohci3: USB revision 1.0 uhub4 at usb4 NEC OHCI root hub rev 1.00/1.00 addr 1 usb5 at ohci4: USB revision 1.0 uhub5 at usb5 NEC OHCI root hub rev 1.00/1.00 addr 1 mpcpcibr2 at mainbus0 pci: uni-north, Revision 0x6 pci2 at mpcpcibr2 bus 0 pchb2 at pci2 dev 11 function 0 Apple UniNorth PCI rev 0x00 kauaiata0 at pci2 dev 13 function 0 Apple Intrepid ATA rev 0x00 wdc1 at kauaiata0 irq 39: DMA wd0 at wdc1 channel 0 drive 0: SAMSUNG HM160HC wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors atapiscsi0 at wdc1 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: MATSHITA, CD-RW CW-8124, DACD ATAPI 5/cdrom removable wd0(wdc1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 cd0(wdc1:0:1): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 Apple UniNorth Firewire rev 0x81 at pci2 dev 14 function 0 not configured gem0 at pci2 dev 15 function 0 Apple Uni-N2 GMAC rev 0x80: irq 41, address 00:0d:93:5e:38:10 bmtphy0 at gem0 phy 0: BCM5221 100baseTX PHY, rev. 4 umass0 at uhub0 port 1 configuration 1
Re: how to set an alias on a carp interface?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi folks, On 02/18/11 03:43, Dan Harnett wrote: IMHO, it would be better to use a new carp device for each alias. The routes will be created and destroyed properly with the status change of each carp device. I tried this together with Henning's suggestion to specify the netmask per subnet only on em1 and use 255.255.255.255 for the rest. This seems to work. Maybe it could be helpful if hostname.if(5) or ifconfig(8) would be more precise about this. Obviously the example in hostname.if(5) is correct, but not sufficient as a reference. Many thanx to all Harri Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1fWHkACgkQUTlbRTxpHjdsOwCfU1s3+6DgVyj7A6ls+GJ21myX F48An2+FbzeJOo/n8+PRJuxz08rNxK1e =RtEN -END PGP SIGNATURE-
Re: how to set an alias on a carp interface?
On Fri, Feb 18, 2011 at 3:58 PM, Daniel Ouellet dan...@presscom.net wrote: On 2/18/11 3:45 PM, Daniel Ouellet wrote: On 2/18/11 3:23 PM, Ted Unangst wrote: Unless you refer at me writing /32 instead of the long way 255.255.255.255? Ah, yes, I thought you somehow meant just writing 10.1.1.1/32, for instance.
Re: how to set an alias on a carp interface?
On 2/19/11 12:51 AM, Ted Unangst wrote: On Fri, Feb 18, 2011 at 3:58 PM, Daniel Ouelletdan...@presscom.net wrote: On 2/18/11 3:45 PM, Daniel Ouellet wrote: On 2/18/11 3:23 PM, Ted Unangst wrote: Unless you refer at me writing /32 instead of the long way 255.255.255.255? Ah, yes, I thought you somehow meant just writing 10.1.1.1/32, for instance. Sorry to have added to the confusion there, My bad! Would be cool to be able to do it however like in the pf.conf and bgpd.conf, etc. (;
Re: how to set an alias on a carp interface?
On Sat, Feb 19, 2011 at 02:01:36AM -0500, Daniel Ouellet wrote: On 2/19/11 12:51 AM, Ted Unangst wrote: On Fri, Feb 18, 2011 at 3:58 PM, Daniel Ouelletdan...@presscom.net wrote: On 2/18/11 3:45 PM, Daniel Ouellet wrote: On 2/18/11 3:23 PM, Ted Unangst wrote: Unless you refer at me writing /32 instead of the long way 255.255.255.255? Ah, yes, I thought you somehow meant just writing 10.1.1.1/32, for instance. Sorry to have added to the confusion there, My bad! Would be cool to be able to do it however like in the pf.conf and bgpd.conf, etc. (; It is possible to that in ifconfig as well. I use it all the time. It works in hostname.if if you skip the inet IIRC. -- :wq Claudio