Re: ARP and libpcap
On Apr 05 19:06:40, Alessandro Baggi wrote: Ok, but my app must take those packet from the net for other operation. Huh? tpcdump/pcap also takes those packet from the net of course. For this purpose I can also build my own structure to see arp parameter, but I'm trying to know how to use arphdr structure. Why exactly do you need to write your own code for this, replicating the functionality that already is in base? Someone has experience about it? Yes, libpcap does it somehow. Look at its source. What is it that yo actually want to do?
Re: new upper limit with BIGMEM
Tell the Voyager 1; it's about trespassing even that limit xDDD El 05/04/2011 23:02, James A. Peltier escribiC3: - Original Message - |real mem = 137428045824 (131061MB) |avail mem = 133755703296 (127559MB) | |seems to work ok... | | But have you hit the limit? | | The sky is the limit, but his is not a flying machine. | | Miod Umm, we conquered the skies a while ago. Really the solar system is the limit currently.
pf rule
Hi everyone, I never had to deal with pf, but if possible i have a question: on my OpenBSD now block all outcoming connection to ssh and telnet to internet with: block out on re0 proto { tcp } from any to any port { ssh telnet } but now with this rule i can't connect with ssh to my lan 192.168.1.0/24 , there is any rule for this question? Thanks vm and sorry for my bad english!
Re: pf rule
i try with: pass out on re0 from any to { 192.168.1.9, 192.168.1.10 } there is ok for you? Il giorno 06/apr/2011, alle ore 10.19, Gianluca D'Auri Muscelli ha scritto: Hi everyone, I never had to deal with pf, but if possible i have a question: on my OpenBSD now block all outcoming connection to ssh and telnet to internet with: block out on re0 proto { tcp } from any to any port { ssh telnet } but now with this rule i can't connect with ssh to my lan 192.168.1.0/24 , there is any rule for this question? Thanks vm and sorry for my bad english!
Invito ad evento: AFFIDABILITA' E TECNOLOGIA 2011
logo AT AFFIDABILITA' E TECONLOGIE Torino 13-14 Aprile 2011 Saremo presenti nell' AREA BLU, SOFTWARE E PROGETTAZIONE - Stand 119 per informazini su come raggiungerci clicca qui Spett. Azienda Elabora Srl h lieta di invitarLa ad: AFFIDABILITA' E TECNOLOGIE 2011. La manifestazione italiana dedicata all'innovazione ed alla tecnologia che si terr` a Torino, presso l'ente Fiera Lingotto il 13 e 14 aprile 2011. Presenteremo i-Man Interactive Manufacturing, il sistema che sta rivoluzionando la fabbrica, permettendo di interagire con gli addetti in modo altamente efficiente: * controlli qualit`: iniziali e finali, capacit` macchina e di processo. Controllo in accettazione, tutti completamente integrati nella logistica e nei flussi produttivi. * terminale touchscreen per l'interscambio d'informazioni: lavorazioni da eseguire, attrezzaggi, utensili, manutenzioni * completa tracciabilit` dei lotti e stato di avanzamento * trasmissione e ricezione programmi macchina * acquisizione stati macchina, segnali e contapezzi * articoli, schede tecniche, disegni e documenti gestiti per indice di revisione Venga a visitarci, avremo piacere di illustrarLe le nostre soluzioni per gestire la produzione, la qualit`, lâassistenza post vendita, lâintera azienda. Cordiali saluti Lo staff di Elabora i-Man i-Man in funzione Logo Prodware Disclaimer: Questa comunicazione e' stata inviata in conformita' alle norme vigenti in materia di tutela della privacy, d.lgs. 196/2003. Se desidera cancellare il suo nominativo, puo' rispondere a questa mail indicando nell'oggetto la parola rimuovi. Elabora S.r.l. Software solutions consulting for enterprise management Tel. 02-90.93.11 mail: elab...@prodware.it sito web: www.prodware.it Powerd by: Elabora Srl
Re: Wildest Africa Tour
Am 04.04.2011 19:09, schrieb Stuart VanZee: Don't be silly. While Lions do provide excelent physical security they don't provide any data security at all. # sudo pkg_add -v lion results in Can't find lion What am i doing wrong?
Re: Wildest Africa Tour
On Wed, 06 Apr 2011 11:34:23 +0200 Marcus M|lb|sch muelbue...@as-infodienste.de wrote: # sudo pkg_add -v lion results in Can't find lion What am i doing wrong? They are in ports, not packages: $ grep -R lion /usr/ports/ /usr/ports/games/falconseye/pkg/PLIST:${GAMEDIR}/sound/lion.raw /usr/ports/net/gajim/pkg/PLIST:share/gajim/data/emoticons/static/lion.png ... regards, Robert
Email Marketing - Publicidad por Correo - Aceptamos tarjetas de crédito, Paypal, cheque o efectivo.
No puede ver la imagen correctamente? Si quiere ver una versiC3n online de este anuncio haga clic en el siguiente link: http://www.panamacorreo.com/mail/display.php?M=176375C=45ce1208ba75b76cbc4c66d66bf5a405S=17L=1N=2 Abril - 2011 PROMOCICN PARA EL MES DE ABRIL Tres envC-os de email marketing en fechas diferentes por sC3lo us$129.95. Llegue a nuestra base de datos de 400,000 contactos en PanamC! en tres ocasiones diferentes. Si necesita que le hagamos el diseC1o del arte que quiere enviar, al tomar nuestro paquete promocional, pague sC3lo us$19.95 por el diseC1o de su arte publicitario para email. B?CC3mo estC! compuesta nuestra base de datos? MicroKey Group verifica diariamente sus bases de datos, entre ellas la base de PanamC!. Nuestra base cuenta con 400,000 contactos verificados de PanamC!. La base incluye correos empresas y personales. En promedio 55% correos empresariales y 45% correos personales. Son personas de 25 a 50 aC1os, con su correo electrC3nico activo. B?CC3mo MicroKey me muestra una prueba del envC-o? El C:nico con detalle exhaustivo. MicroKey le harC! llegar una prueba completa del envC-o realizado. Una semana despuC)s de realizado su envC-o recibirC! un reporte completo con la cantidad de correos leC-dos, rebotados, desuscritos. RecibirC! en ese reporte tambiC)n una lista de correos de hasta 500 contactos - los mC!s representativos en dicha campaC1a - que hayan leC-dos su correo o hayan hecho clic en alguno de los enlaces colocados en la campaC1a publicitaria. Usted contarC! con 500 contactos de feedback para comprobar que nuestro envC-o fue realizado. Es una lista de clientes interesados en su producto o servicio y que usted podrC! contactar directamente. Una lista de potenciales clientes, de clientes objetivo. B?Por quC) recibo el reporte una semana despuC)s? En promedio se ha establecido que la base total lee su correo en una semana. Basado en que los usuarios revisan su correo como mC-nimo una vez a la semana, el reporte se generarC! pasado ese tiempo. Esto sucede debido a la base de datos que le brindamos - los 500 contactos de feedback - por cada envC-o. El sistema necesita establecer cuales son los contactos mC!s representativos de la base de datos - es decir mC!s interesados - y se establecerC! por el usuario que ademC!s de leer el correo, haya hecho clic en su link, o el usuario que haya leC-do el mensaje en dos ocasiones diferentes a lo largo de la semana. B?Por quC) hacer Marketing por Correo / Email Marketing? El internet se mueve alrededor del correo electrC3nico. Es la principal herramienta utilizada por los cibernautas, y es la que primero miran cuando ingresan a la red. Aunque hayan aparecido redes sociales, el correo electrC3nico no ha perdido su posiciC3n relevante en el marketing. B?En quC) paC-ses MicroKey hace mail marketing? En toda AmC)rica, Europa y Asia. Contamos con bases de datos verificadas semana tras semana. Si quiere mayor informaciC3n de nuestras bases de datos, no dude en contactarnos vC-a telefC3nica. B?Ventajas para mi negocio? Las campaC1as de correo electrC3nico le dan acceso instantC!neo a resultados y mediciones, y empieza a recibir informaciC3n sC3lo unos segundos despuC)s de haber enviado los e-mails. Obtiene un nivel de detalle imposible de conseguir a travC)s de otros medios. Haga clic aquC- para contactarnos o leer mC!s sobre nuestras ofertas TambiC)n ofrecemos bases de datos de muchos paC-ses, clic aquC- Recuerde que aceptamos pagos por tarjetas de crC)dito, PayPal, Cheque, Transferencia bancarias, Western Union o pago en efectivo. MicroKey Group VC-a Ricardo J. Alfaro, The Century Tower, Piso #4 Tel. (507) 360-5858 Usted ha recibido este correo porque en algC:n momento nos indicC3 su interC)s en recibir promociones o nos fue recomendado por otro de nuestros usuarios o web sites aliados.Respetamos su derecho de privacidad y le invitamos a darse de baja de nuestra lista de correos si no desea recibir promociones, favor hacer clic aquC- para eliminar permanentemente su suscripciC3n You have received this email because at some point we indicated interest in us promoting or recommended by other users or our partners web sites. We respect your right and invite you to unsubscribe from our mailing list if you want to receive promotions, Unsubscribe me from this list MicroKey IT maneja un estricto y seguro mail marketing en internet, cumpliendo con todas las polC-ticas Anti-Spam internacionales. http://www.panamacorreo.com/mail/unsubscribe.php?M=176375C=45ce1208ba75b76cbc4c66d66bf5a405L=1N=17
Re: pf rule
On Wed, Apr 6, 2011 at 1:49 PM, Gianluca D'Auri Muscelli g...@email.it wrote: Hi everyone, I never had to deal with pf, but if possible i have a question: on my OpenBSD now block all outcoming connection to ssh and telnet to internet with: block out on re0 proto { tcp } from any to any port { ssh telnet } do you have one interface? re0 may be your external interface. What is your internal interface -- Thank you Indunil Jayasooriya
Re: Wildest Africa Tour
Am 06.04.2011 11:52, schrieb Robert: On Wed, 06 Apr 2011 11:34:23 +0200 Marcus M|lb|schmuelbue...@as-infodienste.de wrote: # sudo pkg_add -v lion results in Can't find lion What am i doing wrong? They are in ports, not packages: $ grep -R lion /usr/ports/ /usr/ports/games/falconseye/pkg/PLIST:${GAMEDIR}/sound/lion.raw /usr/ports/net/gajim/pkg/PLIST:share/gajim/data/emoticons/static/lion.png ... So, to actually increase physical security I also need a speaker connected to my pf-Firewall? Okay, a really big speaker with a corresponding big amplifier will probably do the trick!
Re: Performance degradation after upgrade
On 2011-04-05 14:35, Claudio Jeker wrote: Can you give the following diff a spin and see if that makes the card act faster. This disables the ppb hotplug interrupt which is shared with the em2 and em3 interrupts. -- :wq Claudio Ok, that did the trick. I made the changes to the 4.8 source and ppb hotplug was disabled. I then tested the dual port cards and got close to 1 Gbit/s but without the high CPU usage (only about 30% intr). So my question now is: Do we need the ppb hotplug? What is it good for? //Peter
Re: ARP and libpcap
Il 06/04/2011 08:25, Jan Stary ha scritto: On Apr 05 19:06:40, Alessandro Baggi wrote: Ok, but my app must take those packet from the net for other operation. Huh? tpcdump/pcap also takes those packet from the net of course. For this purpose I can also build my own structure to see arp parameter, but I'm trying to know how to use arphdr structure. Why exactly do you need to write your own code for this, replicating the functionality that already is in base? Someone has experience about it? Yes, libpcap does it somehow. Look at its source. What is it that yo actually want to do? Hi jan, i'm trying to make a program that map a specified MAC address to a specified IP, and then get information by getting arp packets for the specified nic to see if some host changes its IP. I can do this getting tcp/upd packets on a specified nic, and query with arp each hosts, but it can take more resources.
Re: Wildest Africa Tour
On Tue, 05 Apr 2011 16:28:31 -0700 Mehma Sarja wrote: On 4/5/11 9:07 AM, Stuart Henderson wrote: On 2011-04-04, Stuart VanZeestua...@datalinesys.com wrote: Don't be silly. While Lions do provide excelent physical security they don't provide any data security at all. I love animals: I'm always talking about animals, I love 'em. But the thing is that, you know, whenever you see animals on the telly, it's always the show-off animals. Yeah? It's always the leopards and panthers and crocodiles. Lions milling about, going Oh, I'm very good, I'm on everything, and it really makes me annoyed, you know? Because what about the English animals, you know? The British mammals, yeah? Hah, what about the muskrat, or the tiny northern root-vole, with his little banjo and hat made of elastic bands, yeah? Who's representing them, eh? No-one, that's who. You had a good buildup and even some suspense. Oh what a letdown! What British animals? You've got to be kidding. Isn't everybody over there all civilized an stuff? Take your little poodle and pony show and move it along down the road. Mehma Well if you didn't get the sarcasm, then there's meant to be a big black cat around. Otherwise you'd have to go back thousands of years to get Lions. Aside from wiping out the bears I don't see what civilisaton has to do with it.
Avviso importante.
[IMAGE] Comunicazione di servizio per i clienti Cariparma Credito Agricole. Si prega di recarsi urgentemente negli uffici della Cariparma Credito Agricole oppure collegarsi online, per accertarsi della propria identit`. Negli ultimi giorni, la Cariparma Credito Agricole, ha avuto comunicazioni dagli Addetti alla sicurezza informatica riguardo continui ed aggravati furti di ident`, e furti di codici a danno dei clienti Cariparma Credito Agricole. La Cariparma Credito Agricole si scusa per il disagio ed invita i clienti a verificare l`esatta ident` recandosi in filiale oppure accedendo online al proprio conto: qui Copyright ) 2011 Cariparma Gruppo Credit Agricole
Re: ARP and libpcap
On Wed, 06 Apr 2011 12:30:56 +0200 Alessandro Baggi alessandro.ba...@gmail.com wrote: Hi jan, i'm trying to make a program that map a specified MAC address to a specified IP, and then get information by getting arp packets for the specified nic to see if some host changes its IP. I can do this getting tcp/upd packets on a specified nic, and query with arp each hosts, but it can take more resources. Maybe you find something in the source of Arpwatch. regards, Robert
Re: ARP and libpcap
On Apr 06 12:30:56, Alessandro Baggi wrote: Il 06/04/2011 08:25, Jan Stary ha scritto: On Apr 05 19:06:40, Alessandro Baggi wrote: Ok, but my app must take those packet from the net for other operation. Huh? tpcdump/pcap also takes those packet from the net of course. For this purpose I can also build my own structure to see arp parameter, but I'm trying to know how to use arphdr structure. Why exactly do you need to write your own code for this, replicating the functionality that already is in base? Someone has experience about it? Yes, libpcap does it somehow. Look at its source. What is it that yo actually want to do? Hi jan, i'm trying to make a program that map a specified MAC address to a specified IP, and then get information by getting arp packets for the specified nic to see if some host changes its IP. You should have said that in your original post. Step by step we are getting to what you really want. So: why do you want to know that someone's IP address has changed? Also, there is 'arp -a' of of course.
Re: Free heroin shipping!
I guess this explains so many bad attitudes on here; people are having withdrawals. --- On Wed, 4/6/11, Cornell Bruce w...@daedae.org wrote: From: Cornell Bruce w...@daedae.org Subject: Free heroin shipping! To: misc@openbsd.org Date: Wednesday, April 6, 2011, 12:41 AM FREE HEROIN SHIPPING! 1. Heroin, in liquid and crystal form. 2. Rocket fuel and Tomohawk rockets (serious enquiries only). 4. New shipment of cocaine has arrived, buy 9 grams and get 10th for free. Everebody welcome, but not US citizens, sorry. ATTENTION. Clearance offer. Buy 30 grams of heroin, get 5 free. Please contact: debbie...@gmail.com PHONE 0093(0)4765481 FAX 0093(0)4485291 Afghanistan
Re: Performance degradation after upgrade
On Wed, Apr 06, 2011 at 01:22:41PM +0200, Peter Hallin wrote: On 2011-04-05 14:35, Claudio Jeker wrote: Can you give the following diff a spin and see if that makes the card act faster. This disables the ppb hotplug interrupt which is shared with the em2 and em3 interrupts. -- :wq Claudio Ok, that did the trick. I made the changes to the 4.8 source and ppb hotplug was disabled. I then tested the dual port cards and got close to 1 Gbit/s but without the high CPU usage (only about 30% intr). So my question now is: Do we need the ppb hotplug? What is it good for? It is needed for handling hotplug events especially on the expresscard slots on modern laptops. Here is a better version that may get commited if it works for you. Currently only amd64 is fixed, we're looking into i386 to do the same dance with the interrupt return values. So the idea is to establish the interrupt handler for the ppb as last and jump out of interrupt processing if the handler returns 1 (HW was the source of interrupt). So we should not end up in the slow ppb interrupt handler unless it is actually a hotplug interrupt. -- :wq Claudio Index: arch/amd64/amd64/vector.S === RCS file: /cvs/src/sys/arch/amd64/amd64/vector.S,v retrieving revision 1.28 diff -u -p -r1.28 vector.S --- arch/amd64/amd64/vector.S 1 Apr 2011 22:51:45 - 1.28 +++ arch/amd64/amd64/vector.S 6 Apr 2011 13:18:45 - @@ -484,7 +484,9 @@ IDTVEC(intr_##name##num) ;\ call*IH_FUN(%rbx) /* call it */ ;\ orq %rax,%rax /* should it be counted? */ ;\ jz 4f ;\ - incqIH_COUNT(%rbx) ;\ + incqIH_COUNT(%rbx) /* -1 or 1 */ ;\ + orq %rax,%rax ;\ + jns 5f ;\ 4: movqIH_NEXT(%rbx),%rbx /* next handler in chain */ ;\ testq %rbx,%rbx ;\ jnz 6b ;\ Index: dev/pci/ppb.c === RCS file: /cvs/src/sys/dev/pci/ppb.c,v retrieving revision 1.47 diff -u -p -r1.47 ppb.c --- dev/pci/ppb.c 30 Dec 2010 00:58:22 - 1.47 +++ dev/pci/ppb.c 6 Apr 2011 12:50:33 - @@ -142,7 +142,7 @@ ppbattach(struct device *parent, struct pci_intr_handle_t ih; pcireg_t busdata, reg, blr; char *name; - int pin; + int pin, has_hotplug = 0; sc-sc_pc = pc; sc-sc_tag = pa-pa_tag; @@ -169,21 +169,9 @@ ppbattach(struct device *parent, struct /* Check for PCI Express capabilities and setup hotplug support. */ if (pci_get_capability(pc, pa-pa_tag, PCI_CAP_PCIEXPRESS, sc-sc_cap_off, reg) (reg PCI_PCIE_XCAP_SI)) { - if (pci_intr_map(pa, ih) == 0) - sc-sc_intrhand = pci_intr_establish(pc, ih, IPL_TTY, - ppb_intr, sc, self-dv_xname); - - if (sc-sc_intrhand) { + if (pci_intr_map(pa, ih) == 0) { printf(: %s, pci_intr_string(pc, ih)); - - /* Enable hotplug interrupt. */ - reg = pci_conf_read(pc, pa-pa_tag, - sc-sc_cap_off + PCI_PCIE_SLCSR); - reg |= (PCI_PCIE_SLCSR_HPE | PCI_PCIE_SLCSR_PDE); - pci_conf_write(pc, pa-pa_tag, - sc-sc_cap_off + PCI_PCIE_SLCSR, reg); - - timeout_set(sc-sc_to, ppb_hotplug_insert_finish, sc); + has_hotplug = 1; } } @@ -305,6 +293,22 @@ ppbattach(struct device *parent, struct pba.pba_intrtag = pa-pa_intrtag; sc-sc_psc = config_found(self, pba, ppbprint); + + if (has_hotplug) { + sc-sc_intrhand = pci_intr_establish(pc, ih, IPL_TTY, + ppb_intr, sc, self-dv_xname); + if (sc-sc_intrhand) { + + /* Enable hotplug interrupt. */ + reg = pci_conf_read(pc, pa-pa_tag, + sc-sc_cap_off + PCI_PCIE_SLCSR); + reg |= (PCI_PCIE_SLCSR_HPE | PCI_PCIE_SLCSR_PDE); + pci_conf_write(pc, pa-pa_tag, + sc-sc_cap_off + PCI_PCIE_SLCSR, reg); + + timeout_set(sc-sc_to, ppb_hotplug_insert_finish, sc); + } + } } int
Can't get multipath working correctly
Hello all, please forgive if my question turns out to be very hazy and unclear. If I could myself clearer I could probably understand what happens ;) I have set up a pf firewall with two external NICs and CARP on that external IPs. (I think) I followed http://www.openbsd.org/faq/faq6.html#Multipath Now, for example if I sent a ping to 8.8.8.8, I see that the pf rule makes a pass out on em1: *WAN_IP_1* 8.8.8.8: icmp: echo request however, the first request sometimes goes out on em0, while the echo replies and all other echo requests use em1. Sometimes something similar happens when a connection comes in through an external interface: the first return packet goes out through the wrong interface, and is thus blocked (duh!) - though I'm pretty sure (and can see it through tcpdump) that I've set a pass in rule with reply-to *ROUTER_IP*@em1. Now I see that netstat -rn shows me Destination Gateway Flags Refs Use Mtu Prio Iface default ROUTER_IP_0 UGSP 2 83 - 8 em0 default ROUTER_IP_1 UGSP 2 92 - 8 em1 *WAN_NET_0*/29 link#1 UC 20 - 4 em0 some other IPs in that net *WAN_NET_1*/29 link#4 UC 30 - 4 em2 some other IPs in that net other IPs in DMZ and lo0 If I understand correctly, something for WAN_NET_1 is pointing wrong. After a reboot I have even seen once that *both* links pointed wrong, the *WAN_NET_0* on em0 to the *ROUTER_IP* on em1. Now I have three questions: 1) Is this really the error? 2) What can I do to correct it manually? 3) What mistake did I do in the first place in my hostname.em and hostname.carp files? Marcus
Re: Performance degradation after upgrade
On Wed, Apr 06, 2011 at 03:55:03PM +0200, Claudio Jeker wrote: On Wed, Apr 06, 2011 at 01:22:41PM +0200, Peter Hallin wrote: On 2011-04-05 14:35, Claudio Jeker wrote: Can you give the following diff a spin and see if that makes the card act faster. This disables the ppb hotplug interrupt which is shared with the em2 and em3 interrupts. -- :wq Claudio Ok, that did the trick. I made the changes to the 4.8 source and ppb hotplug was disabled. I then tested the dual port cards and got close to 1 Gbit/s but without the high CPU usage (only about 30% intr). So my question now is: Do we need the ppb hotplug? What is it good for? It is needed for handling hotplug events especially on the expresscard slots on modern laptops. Here is a better version that may get commited if it works for you. Currently only amd64 is fixed, we're looking into i386 to do the same dance with the interrupt return values. So the idea is to establish the interrupt handler for the ppb as last and jump out of interrupt processing if the handler returns 1 (HW was the source of interrupt). So we should not end up in the slow ppb interrupt handler unless it is actually a hotplug interrupt. Wait. It seems more is needed. Will come back when we have a better solution. -- :wq Claudio Index: arch/amd64/amd64/vector.S === RCS file: /cvs/src/sys/arch/amd64/amd64/vector.S,v retrieving revision 1.28 diff -u -p -r1.28 vector.S --- arch/amd64/amd64/vector.S 1 Apr 2011 22:51:45 - 1.28 +++ arch/amd64/amd64/vector.S 6 Apr 2011 13:18:45 - @@ -484,7 +484,9 @@ IDTVEC(intr_##name##num) ;\ call*IH_FUN(%rbx) /* call it */ ;\ orq %rax,%rax /* should it be counted? */ ;\ jz 4f ;\ - incqIH_COUNT(%rbx) ;\ + incqIH_COUNT(%rbx) /* -1 or 1 */ ;\ + orq %rax,%rax ;\ + jns 5f ;\ 4: movqIH_NEXT(%rbx),%rbx /* next handler in chain */ ;\ testq %rbx,%rbx ;\ jnz 6b ;\ Index: dev/pci/ppb.c === RCS file: /cvs/src/sys/dev/pci/ppb.c,v retrieving revision 1.47 diff -u -p -r1.47 ppb.c --- dev/pci/ppb.c 30 Dec 2010 00:58:22 - 1.47 +++ dev/pci/ppb.c 6 Apr 2011 12:50:33 - @@ -142,7 +142,7 @@ ppbattach(struct device *parent, struct pci_intr_handle_t ih; pcireg_t busdata, reg, blr; char *name; - int pin; + int pin, has_hotplug = 0; sc-sc_pc = pc; sc-sc_tag = pa-pa_tag; @@ -169,21 +169,9 @@ ppbattach(struct device *parent, struct /* Check for PCI Express capabilities and setup hotplug support. */ if (pci_get_capability(pc, pa-pa_tag, PCI_CAP_PCIEXPRESS, sc-sc_cap_off, reg) (reg PCI_PCIE_XCAP_SI)) { - if (pci_intr_map(pa, ih) == 0) - sc-sc_intrhand = pci_intr_establish(pc, ih, IPL_TTY, - ppb_intr, sc, self-dv_xname); - - if (sc-sc_intrhand) { + if (pci_intr_map(pa, ih) == 0) { printf(: %s, pci_intr_string(pc, ih)); - - /* Enable hotplug interrupt. */ - reg = pci_conf_read(pc, pa-pa_tag, - sc-sc_cap_off + PCI_PCIE_SLCSR); - reg |= (PCI_PCIE_SLCSR_HPE | PCI_PCIE_SLCSR_PDE); - pci_conf_write(pc, pa-pa_tag, - sc-sc_cap_off + PCI_PCIE_SLCSR, reg); - - timeout_set(sc-sc_to, ppb_hotplug_insert_finish, sc); + has_hotplug = 1; } } @@ -305,6 +293,22 @@ ppbattach(struct device *parent, struct pba.pba_intrtag = pa-pa_intrtag; sc-sc_psc = config_found(self, pba, ppbprint); + + if (has_hotplug) { + sc-sc_intrhand = pci_intr_establish(pc, ih, IPL_TTY, + ppb_intr, sc, self-dv_xname); + if (sc-sc_intrhand) { + + /* Enable hotplug interrupt. */ + reg = pci_conf_read(pc, pa-pa_tag, + sc-sc_cap_off + PCI_PCIE_SLCSR); + reg |= (PCI_PCIE_SLCSR_HPE | PCI_PCIE_SLCSR_PDE); + pci_conf_write(pc, pa-pa_tag, + sc-sc_cap_off + PCI_PCIE_SLCSR, reg); + + timeout_set(sc-sc_to, ppb_hotplug_insert_finish, sc); + } + } } int -- :wq Claudio
Re: Performance degradation after upgrade
On Wed, Apr 6, 2011 at 9:55 AM, Claudio Jeker cje...@diehard.n-r-g.com wrote: Here is a better version that may get commited if it works for you. Currently only amd64 is fixed, we're looking into i386 to do the same dance with the interrupt return values. So the idea is to establish the interrupt handler for the ppb as last and jump out of interrupt processing if the handler returns 1 (HW was the source of interrupt). So we should not end up in the slow ppb interrupt handler unless it is actually a hotplug interrupt. I think this is a very bad idea. Not running ppb sounds like a good idea, but jumping out is bad. If you have two devices sharing, and the first one is busy, the second will be starved. Drivers don't even return 1 accurately, wi is a good example of one that doesn't. There are many more.
Re: ARP and libpcap
Il 06/04/2011 15:26, Jan Stary ha scritto: of of course For some obscure reason :D, not really, to avoid problem as poisoning for insecure services.
Re: Performance degradation after upgrade
On 2011-04-06 16:43, Claudio Jeker wrote: Wait. It seems more is needed. Will come back when we have a better solution. Alright. Your first quick fix is good enough for us, we don't use expresscards in our firewalls.. ;) I actually tested it on an older 4.4 fw that has been under heavy load despite low traffic, and it was a drastic improvement. When you are ready with a new diff against -current, I'll be happy to test it with our stuff. Until then, we are satisfied with disabling ppb hotplug completely. //Peter
Re: network bandwith with em(4)
On 2011-02-28, Manuel Guesdon ml+openbsd.m...@oxymium.net wrote: OK. Anyway NIC buffers restrict buffered packets number. But the problem remain: why a (for exemple) dual Xeon E5520@2.27GHz with Intel PRO/1000 (82576) can't route 150kpps without Ierr :-) http://www.oxymium.net/tmp/core3-dmesg So looking at this dmesg you have ppb and em sharing ints; it wouldn't be a total surprise if the Performance degradation after upgrade thread was relevant: http://comments.gmane.org/gmane.os.openbsd.misc/184121
Re: Anyone using IPcomp and/or PPP-deflate?
On Fri, Apr 1, 2011 at 11:01 AM, Matthew Dempsky matt...@dempsky.org wrote: For the time being, I'd suggest anyone concerned ensure ipcomp processing is disabled; i.e., make sure sysctl net.inet.ipcomp.enable is set to 0. (And like I said, it's disabled by default.) If there are any IPComp users out there, markus@ has just committed the following diff to prevent IPComp-induced workq loops: http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_input.c.diff? r1=1.101;r2=1.102;f=h I also suggest that if you're configuring IPComp on a host with IP forwarding enabled (on any platform, not just OpenBSD), that you should only use IPComp in conjunction with IPsec (i.e., ESP or AH). Otherwise there's a risk of routing loops.
Upgrade i386 to amd64
I ran the upgrade from CD. I want to be sure that packages are OK. Is pkg_add -u sufficient? (It looks like nothing changed.) Should I try pkg_add -u -D update or something else? Thanks, Steven
Re: Upgrade i386 to amd64
On 04/06/11 18:46, Steven R. Gerber wrote: I ran the upgrade from CD. from i386 to amd64? No. Don't do this. Boot off the CD again, and this time pick install. You can save your /home directory and config files. amd64 and i386, for OpenBSD, are totally different platforms. You can't upgrade from one platform to another safely, you have to reinstall. I want to be sure that packages are OK. Is pkg_add -u sufficient? (It looks like nothing changed.) Should I try pkg_add -u -D update or something else? nuke from orbit, only way to be sure. Sure, you might be able to get away with this, but one left over library or binary will really ruin your day at some point. Nick.
¿Necesita un diseñador Gráfico? sólo us$300.00 por mes
No puede ver la imagen correctamente? Si quiere ver una versiC3n online de este anuncio haga clic en el siguiente link: http://www.panamacorreo.com/mail/display.php?M=176375C=45ce1208ba75b76cbc4c66d66bf5a405S=18L=1N=16 Marzo - 2011 CONFIRMAR SUSCRIPCICN ELIMINAR SUSCRIPCICN PROMOCICN PARA EL MES DE MARZO MicroKey Group le ofrece el servicio de diseC1ador grC!fico mensual, un plan pensado para empresas que necesitan de estos servicios a un precio competitivo. ObtendrC! un diseC1ador grC!fico con experiencia colaborando en sus proyectos de negocios. Este plan abarca el diseC1o de: banners, vallas, logos, artes para revistas y periC3dicos, tapas de libros, tarjetas (cumpleaC1os, fechas especiales, fiestas decembrinas), membretes, calendarios, mailers, volantes, artes para muppies, tarjetas de presentaciC3n, afiches, sobres, carC!tulas de CD, retoque fotogrC!fico, gigantografC-as, etc.Le ofrecemos este servicio por sC3lo $300 mensuales. Haga clic aquC- para contactarnos o leer mC!s sobre nuestras ofertas Recuerde que aceptamos pagos por Tarjetas de CrC)dito, PayPal, Cheque, Transferencia bancarias, Western Union o pago en efectivo. Otros Servicios que Ofrece MicroKey Group - Email Marketing en AmC)rica Latina, Europa, EE.UU. y CanadC!. - Servicio de Hospedaje Web, Hosting Reseller y Servidores Dedicados. - Registros de Dominios .com .net .org .biz .info .us .eu .com.pa .cc .es it - Servidores Dedicados para Email Marketing (Su propio sistema de marketing por correo) - AdministraciC3n de CampaC1as en Facebook, Google, Yahoo y Messenger Ads. - Entre otros. MicroKey Group VC-a Ricardo J. Alfaro, The Century Tower, Piso #4 Tel. (507) 360-5858 Usted ha recibido este correo porque en algC:n momento nos indicC3 su interC)s en recibir promociones o nos fue recomendado por otro de nuestros usuarios o web sites aliados.Respetamos su derecho de privacidad y le invitamos a darse de baja de nuestra lista de correos si no desea recibir promociones, favor hacer clic aquC- para eliminar permanentemente su suscripciC3n You have received this email because at some point we indicated interest in us promoting or recommended by other users or our partners web sites. We respect your right and invite you to unsubscribe from our mailing list if you want to receive promotions, Unsubscribe me from this list MicroKey IT maneja un estricto y seguro mail marketing en internet, cumpliendo con todas las polC-ticas Anti-Spam internacionales. Click this link to unsubscribe: http://www.panamacorreo.com/mail/unsubscribe.php?M=176375C=45ce1208ba75b76cbc4c66d66bf5a405L=1N=18
Re: svnserve and SASL
Hello I have nearly identical setup and my problem is the same: SASL(-13): user not found: no secret in database. My file locations and permissions seem to be correct, however svnserve dtill doesn't work. What did you do to solve it? Best regards, Maxim Nazarenko On 5 August 2010 00:38, m...@umaxx.net wrote: Hi, just for the archives I'm answering to my own questions below: I found the solution to that problem via ktrace/kdump. Starting svnserve with ktrace revealed that the process tries to read: /usr/local/lib/sasl2/svn.conf Furthermore the .db extension is not required in this file and no special flags are required to create the password file. Regards, JC6rg On Sun, 25 Jul 2010 12:45:50 +0200 umaxx um...@oleco.net wrote: Hi, I'm having trouble to get svnserve + SASL to work under OpenBSD 4.7 stable. When I try to checkout I always get: svn: Authentication error from server: SASL(-13): user not found: no secret in database Here is my config: # cat /var/svn/myrepo/conf/svnserve.conf [general] # anon-access = read # auth-access = write # password-db = passwd # authz-db = authz realm = myrepo [sasl] use-sasl = true # min-encryption = 0 # max-encryption = 256 # cat /usr/local/lib/sasl2/subversion.conf pwcheck_method: auxprop auxprop_plugin: sasldb sasldb_path: /etc/svn-sasldb2 mech_list: ANONYMOUS DIGEST-MD5 This is how I create the user: # saslpasswd2 -c -f /etc/svn-sasldb2 -u myrepo username Some questions which might help me to debug/solve the problem: - can I get SASL to log somewhere on the server (I tried log_level: 7 in subversion.conf without success already)? - what is the correct name for SASL app config file: /usr/local/lib/sasl2/svn.conf or /usr/local/lib/sasl2/subversion.conf or what? - what is the correct sasldb_path in this file: with or without .db extension (saslpasswd2 seems to append .db automatically)? - do I need to add some special flags or something to use saslpasswd2 with DIGEST-MD5 or should I create the svn-sasldb2 in a different way? Any hints are welcome. Thanks in advance, Regards, JC6rg
Re: Upgrade i386 to amd64
Is this in the FAQ? Never thought I would read such a question. On Wed, Apr 6, 2011 at 7:06 PM, Nick Holland n...@holland-consulting.net wrote: On 04/06/11 18:46, Steven R. Gerber wrote: I ran the upgrade from CD. from i386 to amd64? No. Don't do this. Boot off the CD again, and this time pick install. You can save your /home directory and config files. amd64 and i386, for OpenBSD, are totally different platforms. You can't upgrade from one platform to another safely, you have to reinstall. I want to be sure that packages are OK. Is pkg_add -u sufficient? (It looks like nothing changed.) Should I try pkg_add -u -D update or something else? nuke from orbit, only way to be sure. Sure, you might be able to get away with this, but one left over library or binary will really ruin your day at some point. Nick.
Re: Upgrade i386 to amd64
On 4/6/2011 8:57 PM, Amit Kulkarni wrote: Is this in the FAQ? Never thought I would read such a question. On Wed, Apr 6, 2011 at 7:06 PM, Nick Holland n...@holland-consulting.net wrote: On 04/06/11 18:46, Steven R. Gerber wrote: I ran the upgrade from CD. from i386 to amd64? No. Don't do this. Boot off the CD again, and this time pick install. You can save your /home directory and config files. amd64 and i386, for OpenBSD, are totally different platforms. You can't upgrade from one platform to another safely, you have to reinstall. I want to be sure that packages are OK. Is pkg_add -u sufficient? (It looks like nothing changed.) Should I try pkg_add -u -D update or something else? nuke from orbit, only way to be sure. Sure, you might be able to get away with this, but one left over library or binary will really ruin your day at some point. Nick. Sorry for the stupid question? But, this is a real scenario. Testing for bug system/6586: rdist (file larger than 2GB) times out but will not die. I need(ed) one of my configured/development machines to go from i386 to amd64. I did not want to lose my configuration in /etc nor /home nor /root ... In the bigger picture, many users/admins will probably be doing similar things as we can use more physical memory. An appropriate FAQ entry would be terrific. I did save my /etc, /home, /root, etc. to an array and did a full reinstall. Some thoughts: Having to redo partitions/mounts was a pain. Going through /etc manually or by sysmerge is tedious. Thanks, Steven
atheros ar5b95 (toss it or keep it?)
my netbook came with atheros ar5b95 which doesn't seem to be supported. it shows up as athn0 but running `ifconfig athn0 scan` hangs the netbook. my question is whether there is any hope that this half mini pcie(?) card will ever work with openbsd? Or am i better off tossing it and getting something like an Intel 622AN.HMWWB Mini PCI Express 6200 Centrino? I am assuming the Intel one will work with iwn driver. --patrick
Re: Upgrade i386 to amd64
On 4/7/2011 1:01 AM, Abel Abraham Camarillo Ojeda wrote: On Wed, Apr 6, 2011 at 11:37 PM, Steven R. Gerber sger...@gerber-systems.com wrote: Going through /etc manually or by sysmerge is tedious. I wish we had some kind of super-black-magic-mind-reading-hyper-sysmerge tool... Dear Abel, That was unnecessary. My point was that migrating from 4.8/i386 to 4.8/amd64 requires virtually no changes to main /etc. But, a fresh install (not an upgrade) makes me (re)verify all of /etc. The upgrade FAQ 4.7 - 4.8 was fairly clear about what parts of /etc were touched and needed special attention. Thanks, Steven