Necesario: ActualizaciĆ³n de Adquisiciones, Manual y Reglamento 20-21 de Junio 2011
[IMAGE] Pms Capacitacisn Efectiva de Mixico presenta: Actualizacisn Nacional de Adquisiciones, Manual de Aplicacisn y su Reglamento 20-21 de Junio, Mixico D.F. Nos acompaqan 2 Expertos en la materia: Mtro. Gerardo Coronado y Mtro. Alberto Ledesma Empresa Registrada ante la STPS Reg. COLG640205CP30005 Smguenos en Twitter@pmscapacitacion o bien en Facebook PMS de Mixico Solicite Mayores informes responda este correo electrsnico con los siguientes datos. Empresa: Nombre: Telifono: Email: Nzmero de Interesados: Y en breve le haremos llegar la informacisn completa del evento. O bien comunmquense a nuestros telifonos un ejecutivo con gusto le atendera Tels. (33) 8851-2365, (33)8851-2741. Copyright (C) 2010, PMS Capacitacisn Efectiva de Mixico S.C. Derechos Reservados. PMS de Mixico, El logo de PMS de Mixico son marcas registradas. ADVERTENCIA PMS de Mixico no cuenta con alianzas estratigicas de ningzn tipo dentro de la Republica Mexicana. NO SE DEJE ENGAQAR - DIGA NO A LA PIRATERIA. Todos los logotipos, marcas comerciales e imagenes son propiedad de sus respectivas corporaciones y se utilizan con fines informativos solamente. Este Mensaje ha sido enviado a misc@openbsd.org como usuario de Pms de Mixico o bien un usuario le refiris para recibir este boletmn. Como usuario de Pms de Mixico, en este acto autoriza de manera expresa que Pms de Mixico le puede contactar vma correo electrsnico u otros medios. Si usted ha recibido este mensaje por error, haga caso omiso de el y reporte su cuenta respondiendo este correo con el subject BAJAADQUISICION Unsubscribe to this mailing list, reply a blank message with the subject UNSUBSCRIBE BAJAADQUISICION Tenga en cuenta que la gestisn de nuestras bases de datos es de suma importancia y no es intencisn de la empresa la inconformidad del receptor.
Re: Firewall PF with network alias
On 2011-05-25, MArtin Grados Marquina themartin...@yahoo.es wrote: In the past, i configure a virtual machine with firewall PF in FreeBSD 8.1 Wrong mailing list. This list is for OpenBSD.
Re: ospfd/ospf6d causing denial of service(?)
On 2011-05-24, Chris Wopat m...@falz.net wrote: On Tue, May 24, 2011 at 3:11 PM, Claudio Jeker cje...@diehard.n-r-g.com wrote: Are you running 4.9 or -current? Up until the code generating the LSA update packets (and sending them) did not change between 4.8 and 4.9. In -current this code got rewritten to fix a issue. IIRC the problem was that an LS Update got so big that it did not fit into a MTU sized packet. If my memory serves me right then the result was this kind of packet storm. You should try and compile a -current ospfd on your 4.9 system. I think it should run without any problems. I'm running 4.9, not -current. I didn't see anything about people having this issue in the mailing lists. If this is related to sending huge LS updates, I don't think many people currently running ospfd would hit it (you'd need to be announcing quite a lot of networks into ospf), so you probably wouldn't have read about it on the lists. I see that there was a patch applied only about 15 minutes ago to something else related to ospfd, I'm not sure what new issues will occur if I go to -current here since this box is in production. You have a confirmed issue now, so -current isn't likely to make things worse. (With daemons like this I'm usually happier running -current in production than older code). * Can a reliability fix errata be created for this? If compiling -current ospfd on your system fixes the problem, it might be worth picking out the relevant commits and applying them to -stable but that is more risky than just running -current ospfd. * Is the same bug in ospf6d? It looks like this probably is the case.
spamd in blacklist mode 4.8 not working?
Hello Misc, Some months ago I upgraded my firewall to 4.8 -stable form 4.5. Everything went well except my spamd setup. I run it in blacklist mode only. It is running according to logs, netstat, ps ax and top. The table spamd in pf.conf gets populated by spamd-setup but nothing gets to the spamd. I am missing something obvious here but I am lost... Thanks for the help. Here are my configs: ~ # cat /etc/rc.conf.local # PF pf=YES # Packet filter / NAT # SPAMD spamd_flags=-bv # for normal use: spamd_black=YES # set to YES to run spamd without greylisting from pf.conf: pass in log on $ext300 proto tcp from spamd to any port smtp rdr-to 127.0.0.1 port spamd pass in log on $ext300 proto tcp from spamd-black to any port smtp rdr-to 127.0.0.1 port spamd ~ # pfctl -t spamd -T show |wc -l 51302 ~ # netstat -anf inet | grep LISTEN tcp 0 0 127.0.0.1.8026 *.*LISTEN tcp 0 0 *.8025 *.*LISTEN tcp 0 0 127.0.0.1.587 *.*LISTEN tcp 0 0 127.0.0.1.25 *.*LISTEN tcp 0 0 *.37 *.*LISTEN tcp 0 0 *.13 *.*LISTEN tcp 0 0 *.113 *.*LISTEN tcp 0 0 *.22 *.*LISTEN ~ # tail -f /var/log/spamd ~ # tail -f /var/log/spamd Apr 2 18:45:59 core spamd[13791]: listening for incoming connections. Apr 2 18:55:48 core spamd[24760]: listening for incoming connections. Apr 2 19:45:56 core spamd[6987]: listening for incoming connections. May 25 11:21:34 core spamd[25947]: listening for incoming connections.
Re: pkg_add and pkg_delete parse error after upgrade to 4.9
Oliver Rompcik oliver at rompcik.de writes: Hi guys, i got a problem with pkg_add and pkg_delete after release upgrade from 4.8 to 4.9. This is the first problem afer a release upgrade since years (the machine started with 3.8 in 2005). pkg_info: bash-4.1.7p0GNU Bourne Again Shell bzip2-1.0.5 block-sorting file compressor, unencumbered curl-7.20.0 get files from FTP, Gopher, HTTP or HTTPS servers gettext-0.18.1 GNU gettext gnupg-1.4.10p0 GNU privacy guard - a free PGP replacement libiconv-1.13p1 character set conversion library libidn-1.11 internationalized string handling p5-Digest-HMAC-1.02 interface to HMAC Message-Digest Algorithms p5-Digest-SHA1-2.12 module to calculate SHA1 digests p5-Net-DNS-0.65 module to interface the DNS resolver p5-Net-IP-1.25p0perl module for IPv4/IPv6 address parsing pcre-8.02p1 perl-compatible regular expression library postfix-2.7.1 fast, secure sendmail replacement unzip-6.0 extract, list test files in a ZIP archive wget-1.12p0 retrieve files from the web via HTTP, HTTPS and FTP pkg_add -ui: Fatal error: can't parse object version 5.47 does not match bootstrap parameter %_ at /usr/libdata/perl5/i386-openbsd/5.12.2/DynaLoader.pm line 223, $fh line 6. Compilation failed in require at /usr/libdata/perl5/OpenBSD/md5.pm line 114, $fh line 6. BEGIN failed--compilation aborted at /usr/libdata/perl5/OpenBSD/md5.pm line 114, $fh line 6. Compilation failed in require at /usr/libdata/perl5/OpenBSD/PackingElement.pm line 706, $fh line 6, in SCALAR(0x85430780), at /usr/libdata/perl5/OpenBSD/PackingList.pm line 355, $fh line 6. Same with pkg_delete. Help appreciated. Yours, O. Rompcik Hi Oliver, I got the same error after upgrading OpenBSD from 4.8 to 4.9 and I'm a Perl noob so it seemed daunting. Luckily I figured out that the problem is with the Digest:SHA 5.47 binaries. Like I said, I'm a Perl noob so these steps may not be the best or quickest solution but they worked and they don't seem to be too hackish to me. I downloaded Digest::SHA 5.47 from CPAN (http://search.cpan.org/CPAN/authors/id/M/MS/MSHELOR/Digest-SHA-5.47.tar.gz) and compiled it following its instructions. perl Makefile.PL make make test make install This installs into /usr/libdata/perl5/i386-openbsd/5.12.2/auto/Digest/SHA but that didn't solve the problem yet because the key was the next step. Since I don't understand Perl I don't know why this is but it keeps a cache of binaries in /usr/local so those have to be overwritten with the new ones. Go to the directory you extracted the Digest::SHA file. cd blib/arch/auto/Digest/SHA cp * /usr/local/libdata/perl5/site_perl/i386-openbsd/auto/Digest/SHA That did it for me. Good luck! Steve Currie
Affordable SMO (Social Media Optimization) Services
Hello Greetings of the day!!! We are a Noida (India) based and leading web services company well reputable in the market from the last three years, with main proficiency in SMO (Social Media Optimization), working as an outsourced vendor for many reputed SEO agency based in USA, UK, Canada and Australia with a dedicated team of 70 professionals to serve you. 1) We adapt SMO Process/White Hat techniques with Google Guidelines to get the Search Engine best results perform the following activities: * Social Media Website * Social Book marking * Press Releases Creation Submission * Directory Submission * Blog Submission * Video Optimization * One Way Link Building 2) We strictly work on performance basis and can assure you of getting quality work. Our SMO service will help to increase the popularity of your website. 3)We follow a Agency Client Oriented Approach in our process, effective online project management tracking tools, timely and smooth communication etc. We can provide you with the level of service you expect and deserve and that we can establish a solid relationship with you. We pride ourselves as being a solution driven firm. We can confidently say that we will make every effort possible to achieve your timing commitments, budgetary restrictions and other requirements. Please let us know your SMO requirements so that we can serve you at best. We look forward to hearing from you at your convience. Kind Regards, Lavi Noni Online Marketing consultant CONFIDENTIALITY NOTICE: This e-mail transmission and any documents, files, or previous e-mail messages appended or attached to it, may contain information that is confidential or legally privileged. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that you must not read this transmission and that any disclosure, copying, printing, distribution, or use of the information contained or attached to this transmission is STRICTLY PROHIBITED. If you have received this transmission in error, please immediately notify the sender by e-mail message, mailto:lavin...@gmail.com and delete the original transmission, its attachments, and any copies without reading or saving in any manner.
Re: pkg_add and pkg_delete parse error after upgrade to 4.9
p5-Digest-SHA1-2.12 module to calculate SHA1 digests I think that one shouldn't be there anymore since OpenBSD 4.5: http://openbsd.org/faq/upgrade45.html#Pkgup Tas.
Re: pkg_add and pkg_delete parse error after upgrade to 4.9
I think that one shouldn't be there anymore since OpenBSD 4.5: http://openbsd.org/faq/upgrade45.html#Pkgup On the other hand, I might be wrong... p5-Digest-SHA1, not p5-Digest-SHA. Sorry for the noise. Tas.
Re: pkg_add and pkg_delete parse error after upgrade to 4.9
On 2011-05-25, Steve Currie scur...@dccnet.com wrote: This installs into /usr/libdata/perl5/i386-openbsd/5.12.2/auto/Digest/SHA but that didn't solve the problem yet because the key was the next step. Since I don't understand Perl I don't know why this is but it keeps a cache of binaries in /usr/local so those have to be overwritten with the new ones. Perl does not keep a cache of binaries in /usr/local. If you have files there which aren't registered in packages, most likely you've somehow installed them from CPAN rather than using OS packaging tools, this is not recommended. At this point I'd suggest removing perl-related packages and checking the contents of /usr/local/libdata/perl5 as there may be other things that should be removed..
Re: spamd in blacklist mode 4.8 not working?
On 2011-05-25, Ivo Chutkin open...@bgone.net wrote: Hello Misc, Some months ago I upgraded my firewall to 4.8 -stable form 4.5. Everything went well except my spamd setup. I run it in blacklist mode only. It is running according to logs, netstat, ps ax and top. The table spamd in pf.conf gets populated by spamd-setup but nothing gets to the spamd. I am missing something obvious here but I am lost... in /etc/rc look for this line /usr/libexec/spamd-setup -D please add -b to it, see if that helps, and report back.
Re: spamd in blacklist mode 4.8 not working?
* Ivo Chutkin (open...@bgone.net) wrote: from pf.conf: pass in log on $ext300 proto tcp from spamd to any port smtp rdr-to 127.0.0.1 port spamd pass in log on $ext300 proto tcp from spamd-black to any port smtp rdr-to 127.0.0.1 port spamd Hard to tell as you only show parts of the config. It could be a problem related to the changes to pf between 4.6 and 4.7. You should probably take a look at the current spamd(8) man page and update your pf rules for spamd according to the example. And you need to check the pf logs to see what is actually happening. Regards, /Joakim
How to check what traffic falls into default queue?
Hello, I wonder how to check what traffic falls into default queue? best regards, RLW
Re: How to check what traffic falls into default queue?
Hi, On Wed, 25 May 2011 18:09:30 +0700, RLW seran...@o2.pl wrote: Hello, I wonder how to check what traffic falls into default queue? I did this by creating an anchor and put all rules with default queue or without it (which automagically falls to default queue). best regards, RLW Thanks, Insan Praja -- Using Opera's revolutionary email client: http://www.opera.com/mail/
Re: spamd in blacklist mode 4.8 not working?
On 25.5.2011 P3. 15:25 Q., Joakim Aronius wrote: * Ivo Chutkin (open...@bgone.net) wrote: from pf.conf: pass in log on $ext300 proto tcp fromspamd to any port smtp rdr-to 127.0.0.1 port spamd pass in log on $ext300 proto tcp fromspamd-black to any port smtp rdr-to 127.0.0.1 port spamd Hard to tell as you only show parts of the config. It could be a problem related to the changes to pf between 4.6 and 4.7. You should probably take a look at the current spamd(8) man page and update your pf rules for spamd according to the example. And you need to check the pf logs to see what is actually happening. Regards, /Joakim Hi Joakim, You gave me the right hint. I put quick in the rule and it start to work. I have to check which rule lat spammers get in. I did not post my pf.conf because it is very long and a lot altq rules. Thanks for the help, Ivo
Re: spamd in blacklist mode 4.8 not working?
On 25.5.2011 P3. 15:32 Q., Stuart Henderson wrote: On 2011-05-25, Ivo Chutkinopen...@bgone.net wrote: Hello Misc, Some months ago I upgraded my firewall to 4.8 -stable form 4.5. Everything went well except my spamd setup. I run it in blacklist mode only. It is running according to logs, netstat, ps ax and top. The table spamd in pf.conf gets populated by spamd-setup but nothing gets to the spamd. I am missing something obvious here but I am lost... in /etc/rc look for this line /usr/libexec/spamd-setup -D please add -b to it, see if that helps, and report back. I did so, but I am not able to reboot it now. It is production system. When I get it done I will report back for sure. Thanks, Ivo
CASA ANNONCES NUMERO 845
[demime 1.01d removed an attachment of type application/octetstream which had a name of CASA ANNONCES NUMERO 845.pdf] [demime 1.01d removed an attachment of type application/octetstream which had a name of FORMULAIRE DEMANDE INFORMATIONS CASA ANNONCES.pdf]
Re: spamd in blacklist mode 4.8 not working?
Op Wed, 25 May 2011 15:46:01 +0200 schreef Ivo Chutkin open...@bgone.net: On 25.5.2011 P3. 15:32 Q%07., Stuart Henderson wrote: On 2011-05-25, Ivo Chutkinopen...@bgone.net wrote: Hello Misc, Some months ago I upgraded my firewall to 4.8 -stable form 4.5. Everything went well except my spamd setup. I run it in blacklist mode only. It is running according to logs, netstat, ps ax and top. The table spamd in pf.conf gets populated by spamd-setup but nothing gets to the spamd. I am missing something obvious here but I am lost... in /etc/rc look for this line /usr/libexec/spamd-setup -D please add -b to it, see if that helps, and report back. I did so, but I am not able to reboot it now. It is production system. When I get it done I will report back for sure. You can run that as root without rebooting. But, it should also be run periodically from crontab. -- Gemaakt met Opera's revolutionaire e-mailprogramma: http://www.opera.com/mail/ (Remove the obvious prefix to reply.)
Re: Bad frame pointer crash again
On 05/24/11 01:52, Artur Grabowski wrote: There is no such thing as a bad frame pointer crash. That's a diagnostic message from ddb that it can't find anything further up the stack trace, which is correct, since the function sched_sync is on top of the stack. Now, what the kernel tells you is that your kernel didn't panic, so I'm not entirely sure how you end up in ddb, since there is no panic or fault in the traceback. What does the traceback on other cpus show? machine ddbcpu 0 will switch to cpu0, make a trace on each of them. //art Thanks, Art. I was advised to try a current snapshot so if the server crashes again with the same problem I will be sure to get the traceback from the rest of the cpus. Jeff On Mon, May 23, 2011 at 5:42 PM, Jeff Rossjr...@openvistas.net wrote: Hi all, I have a server that I'm trying to get on-line that continues to drop into ddb with a bad frame pointer crash. Right now it is only running an hourly rsync from the server it is to replace on an hourly basis. The server will run for no more than a week without this happening but sometimes it will crash after only a day. I filed a PR 6593 on Apr 26 on this. Right now it is running i386 -current from Apr 27, upgraded after I filed the PR. The message I get at the ddb prompt is virtually identical to the one below. If anyone has any ideas on how I can further debug this, I'd like to know.. I was hoping to use the upcoming 3 day weekend to make the final switch to this new server but I can't see how that will happen if I can't keep it running. Trace, ps and dmesg below. Thanks, Jeff Ross jross@mail:/home/jross $ sudo cu -l /dev/cua00 Password: Connected ddb{2} show panic the kernel did not panic ddb{2} trace handle_workitem_freeblocks(d9d2ee78,e2ac1860,e0352f2c,d03e1c95) at handle_worki tem_freeblocks+0x2b process_worklist_item(0,0,e0352f5c,d03e1eff,e0352f44) at process_worklist_item+ 0x171 softdep_process_worklist(0,28,d08c4bbb,0,d03d2ec3) at softdep_process_worklist+ 0x13f sched_sync(daea43b8) at sched_sync+0xe5 Bad frame pointer: 0xd0ba9e88 !DSPAM:4ddb640413991811913398!
[cwm] cwm misinterprets resize hints larger than screen
Hi, I discovered the following oddity in cwm HEAD: % xterm -g 80x160 # assuming 160 lines is more than your screen height (or use urxvt, or xeyes) Now enter, e.g. find / in the terminal, and you will see the text only goes to the bottom of the screen, not the bottom of the terminal window. Likewise, xeyes will only be sized to the visible potion of the window. (Reproduced with cwm HEAD on Linux/Xorg, in fvwm everything works.) Is this intentional or a bug? -- Christian Neukirchen chneukirc...@gmail.com http://chneukirchen.org
Re: dmesg for notebooks useful?
On Wed, May 25, 2011 at 10:51:14AM +1200, Paul M wrote: [--snip--] I have supplied d...@do-that.com with the dump for the K52F. I would Thanks for feeding the spambots!
Re: Bad frame pointer crash again
There is no such thing as a bad frame pointer crash. That's a diagnostic message from ddb that it can't find anything further up the stack trace, which is correct, since the function sched_sync is on top of the stack. Now, what the kernel tells you is that your kernel didn't panic, so I'm not entirely sure how you end up in ddb, since there is no panic or fault in the traceback. What does the traceback on other cpus show? machine ddbcpu 0 will switch to cpu0, make a trace on each of them. //art Thanks, Art. I was advised to try a current snapshot so if the server crashes again with the same problem I will be sure to get the traceback from the rest of the cpus. I filed a PR 6593 on Apr 26 on this. Right now it is running i386 -current from Apr 27, upgraded after I filed the PR. ariane@ has integrated new vmmap into current, the devs might know if old version of it was in snapshots. So to remove ambiguity, you have to upgrade to current. The vmmap version in current is much stable than what it was a few weeks ago, having shaken out the crashing bugs. I don't have crashes in Firefox4. Just a FYI to those lurkers reluctant to upgrade. I did have a hang which I reported to him, it was a one-off.So many people reported the crashing problems in browsers. If more poeple upgrade their snapshots the devs might have better idea where any remaining showstopper bugs are. thanks
Tecnicas Especializadas en los Procesos de Credito y Cobranza en MONTERREY - 28 de Mayo
CURSO TALLER Tecnicas Especializadas en los Procesos de Credito y Cobranza Duracion: (1 dma) 8 hrs. Inversion: $4,150 pesos mas IVA BENEFICIOS: Reconozca y cimente los principios y metodos que puede aplicar en el otorgamiento de CREDITO, LA PREVENCION y RECUPERACION de la CARTERA por CREDITOS MAL OTORGADOS, asi como las bases necesarias para reconocer el tipo de DEUDOR y tratamiento del mismo. Tambien aprendera las bases para tener una negociacion EXITOSA con los YA DEUDORES MOROSOS. MONTERREY Sede: Hotel Sheraton Ambassador / Ave. Hidalgo 310 Oriente, Centro. Monterrey. 28 de Mayo Solicite Temario de Click Aqui Credito y Cobranza [IMAGE] Curso Taller Desarrollo de Proyectos mediante el ABC del Credito y la Cobranza Mexico / Guadalajara / Monterrey / Cancun [IMAGE] Curso Taller Negociacion en la Cobranza para una Efectiva Recuperacion de la Cartera Mexico / Guadalajara / Monterrey / Merida / Villahermosa [IMAGE] Curso Taller Aprenda a otorgar creditos sanos, prevenga y recupere su cartera vencida Mexico / Guadalajara / Monterrey / Merida [IMAGE] Curso Taller Administracion del Riesgo en el Credito y sus Implicaciones en la Cobranza Mexico / Guadalajara / Monterrey / Merida [IMAGE] Curso Taller Tecnicas especializadas en los procesos de credito y cobranza Mexico / Guadalajara / Monterrey [IMAGE] Curso Taller Herramientas Especializadas para el Control y Recuperacion de la Cartera Vencida Mexico / Guadalajara / Monterrey / Villahermosa / Merida Testimoniales de Participantes Participante: Martha Cecilia Garcia Barbarin Empresa: C.P. Agustin de Iturbide S.C. de A.P. de R.L. de C.V. Antes del Curso: Conocimiento minimo en tecnicas de Cobranza. Despues del Curso: Incremento en uso de herramientas para analizar mejor un credito y tecnicas para recuperar creditos en problemas y/o vencidos. Participante: Esaz Arizmendi Molina Empresa: Intermec Tecnologies de Mexico, S.A. de C.V. Antes del Curso: Desconocia como poder manejar a los clientes. Despues del Curso: Tengo mas nocion de cuando y como hacer la cobranza. Ademas de saber tratar al cliente. Consulte la Programacion por Area: Manufactura y Produccion | Credito y Cobranza | Recursos Humanos | Adquisiciones y Obras Publicas | Entrenamiento Ejecutivo | Seguridad e Higiene | Negociacion y Compras | Alimentos y Bebidas | Economia y Finanzas | Asistentes Ejecutivas | Marketing y Ventas | Si necesita mayor informacion,comuniquese un Asesor lo atendera de inmediato. SIMCA CAPACITACION Entrenamiento Especializado E-MAIL: simca_capacitac...@hotmail.com Messenger: simca_capacitac...@hotmail.com Lada sin costo: 01 800 543 32 30 Servicios de Informacion Mexicana Capacitando America Diseqamos el curso a la medida de sus necesidades..!Impartimos CURSOS de forma PRIVADA en su empresa, envienos un correo especificando el numero de participantes, el lugar donde se impartira, su nombre, cargo, empresa y telefono.SOLICITE COTIZACION de Click Aqui Comentanos ?Que curso necesitas? Envianos un correo Da Click Aqui Solicitala a tu Asesor. Si usted no desea que le enviemos mas invitaciones, de Click Aqui, gracias.
sdtemp/spdmem question
It looks like Brynet's patch to support SB800+ SMbus in piixpm is in snapshots now, which is cool, because I'm now seeing sdtemp and spdmem in my dmesg: sdtemp0 at iic0 addr 0x18: mcp98242 sdtemp1 at iic0 addr 0x19: mcp98242 iic0: addr 0x1a 00=00 01=00 02=00 03=00 04=00 05=c2 06=00 07=21 08=01 09=60 0a=a5 0b=2b 0c=00 0d=00 words 00=00ef 01= 02= 03= 04= 05=c29c 06=0054 07=2101 iic0: addr 0x1b 00=00 01=00 02=00 03=00 04=00 05=c2 06=00 07=21 08=01 09=60 0a=a4 0b=2b 0c=00 0d=00 words 00=00ef 01= 02= 03= 04= 05=c2ac 06=0054 07=2101 spdmem0 at iic0 addr 0x50: 2GB DDR3 SDRAM ECC PC3-10600 with thermal sensor spdmem1 at iic0 addr 0x51: 2GB DDR3 SDRAM ECC PC3-10600 with thermal sensor spdmem2 at iic0 addr 0x52: 2GB DDR3 SDRAM ECC PC3-10600 with thermal sensor spdmem3 at iic0 addr 0x53: 2GB DDR3 SDRAM ECC PC3-10600 with thermal sensor My question is, since I have 4 DIMMs with thermal sensors, should I be seeing sdtemp2 and sdtemp3 as well? Or is it one sdtemp per memory channel? Possible complication: The DIMMs were ordered in two batches, a few months apart. They're the same vendor part number, but it's possible the hardware (and the thermal sensor?) are not identical... vendors like to ship different hardware revisions without updating part numbers. Maybe one set of DIMMs has a different, unsupported thermal sensor chip? Full dmesg: OpenBSD 4.9-current (GENERIC.MP) #7: Mon May 23 21:24:59 MDT 2011 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8588427264 (8190MB) avail mem = 8337600512 (7951MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.5 @ 0x9f000 (66 entries) bios0: vendor American Megatrends Inc. version 1601 date 09/08/2010 bios0: ASUSTeK Computer INC. M4A88TD-V EVO/USB3 acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S3 S4 S5 acpi0: tables DSDT FACP APIC MCFG OEMB SRAT HPET SSDT acpi0: wakeup devices PCE2(S4) PCE3(S4) PCE4(S4) PCE5(S4) PCE6(S4) PCE7(S4) PCE9(S4) PCEA(S4) PCEB(S4) PCEC(S4) SBAZ(S4) P0PC(S4) GEC_(S4) UHC1(S4) UHC2(S4) USB3(S4) UHC4(S4) USB5(S4) UHC6(S4) UHC7(S4) PE20(S4) PE21(S4) RLAN(S4) PE22(S4) PE23(S4) PS2M(S4) PS2K(S4) UAR1(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Athlon(tm) II X4 640 Processor, 3013.69 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DN OW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu0: apic clock running at 200MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD Athlon(tm) II X4 640 Processor, 3013.37 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DN OW cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu2 at mainbus0: apid 2 (application processor) cpu2: AMD Athlon(tm) II X4 640 Processor, 3013.37 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DN OW cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu2: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu2: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu3 at mainbus0: apid 3 (application processor) cpu3: AMD Athlon(tm) II X4 640 Processor, 3013.37 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DN OW cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu3: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu3: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpihpet0 at acpi0: 14318180 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (P0P1) acpiprt2 at acpi0: bus 1 (PCE2) acpiprt3 at acpi0: bus -1 (PCE3) acpiprt4 at acpi0: bus -1 (PCE4) acpiprt5 at acpi0: bus -1 (PCE9) acpiprt6 at acpi0: bus -1 (PCEA) acpiprt7 at acpi0: bus 2 (P0PC) acpiprt8 at acpi0: bus 4 (PE21) acpiec0 at acpi0 acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpicpu2 at acpi0: PSS acpicpu3 at acpi0: PSS aibs0 at acpi0: RTMP RVLT RFAN GGRP GITM SITM acpibtn0 at acpi0: PWRB cpu0: 3013 MHz: speeds: 3000
Re: ospfd/ospf6d causing denial of service(?)
Stuart Henderson wrote: If this is related to sending huge LS updates, I don't think many people currently running ospfd would hit it (you'd need to be announcing quite a lot of networks into ospf), so you probably wouldn't have read about it on the lists. I was able to do some sniffing and can confirm that other routers in this same area do generate full MTU sized LS update packets. Based on this information I suspect that the bug that Claudio mentioned is what I've run in to. You have a confirmed issue now, so -current isn't likely to make things worse. (With daemons like this I'm usually happier running -current in production than older code). This seems to imply that -current typically consists of bugfixes vs new features/enhancements? * Is the same bug in ospf6d? It looks like this probably is the case. Requesting a similar patch makes it into ospf6d if this is true. I'll be doing some OSPF cleanup as well as lab testing with the -current ospfd. Thanks, Chris
Re: ospfd/ospf6d causing denial of service(?)
You have a confirmed issue now, so -current isn't likely to make things worse. (With daemons like this I'm usually happier running -current in production than older code). This seems to imply that -current typically consists of bugfixes vs new features/enhancements? all bugfixes go in current and only serious bugfixes or outright security breaches are backported to the current release and current release-1 branches, this is in the FAQ http://www.openbsd.org/faq/faq5.html#Flavors all new features and enhancements ONLY go in current. The Nick Holland express will be here shortly to correct your perception. :-)
Re: ospfd/ospf6d causing denial of service(?)
On Wed, 25 May 2011 14:26:08 -0500, Amit Kulkarni amitk...@gmail.com wrote: all bugfixes go in current and only serious bugfixes or outright security breaches are backported to the current release and current release-1 branches, this is in the FAQ Is there a reason why an OSPF update larger than 1500 bytes which creates a DoS attack and takes down an entire network with ridiculous amounts of pps is not considered serious? I don't think I understand the logic here. All users of 4.9 (possibly even 4.8) deserve to have this fixed so they don't suffer the same fate. Regards, Mark
Re: em(4) is just 10baseT
Hi, The following diff was just committed to -current which should fix this. thanks. I will test it in a few days and report. finally I got some time to test it. It works. Below is the full dmesg and the ifconfig output. Thanks! Jochen Fabricius jfabric...@web.de dmesg: OpenBSD 4.9-current (GENERIC.MP) #7: Mon May 23 21:24:59 MDT 2011 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 4150788096 (3958MB) avail mem = 4018089984 (3831MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.6 @ 0x9b000 (50 entries) bios0: vendor American Megatrends Inc. version P01-A3 date 12/16/2009 bios0: Acer Aspire X3900 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC MCFG SLIC OEMB HPET GSCI AWMI SSDT acpi0: wakeup devices P0P1(S4) P0P3(S4) P0P4(S4) P0P5(S4) P0P6(S4) BR1E (S4) PS2K(S4) PS2M(S4) GBE_(S4) BR20(S4) BR21(S4) BR22(S4) BR23(S4) BR24 (S4) BR25(S4) BR26(S4) BR27(S4) EUSB(S3) USB0(S3) USB1(S3) USB2(S3) USB3 (S3) USBE(S3) USB4(S3) USB5(S3) USB6(S3) SLPB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz, 3192.39 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,POPCNT,NXE,LONG cpu0: 256KB 64b/line 8-way L2 cache cpu0: apic clock running at 133MHz cpu1 at mainbus0: apid 4 (application processor) cpu1: Intel(R) Core (TM) i5 CPU 650 @ 3.20GHz, 3192.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,POPCNT,NXE,LONG cpu1: 256KB 64b/line 8-way L2 cache cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz, 3192.00 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,POPCNT,NXE,LONG cpu2: 256KB 64b/line 8-way L2 cache cpu3 at mainbus0: apid 5 (application processor) cpu3: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz, 3192.00 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,POPCNT,NXE,LONG cpu3: 256KB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 6 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 1, remapped to apid 6 acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 9 (BR1E) acpiprt2 at acpi0: bus 2 (BR20) acpiprt3 at acpi0: bus 3 (BR21) acpiprt4 at acpi0: bus 4 (BR22) acpiprt5 at acpi0: bus 5 (BR23) acpiprt6 at acpi0: bus 6 (BR24) acpiprt7 at acpi0: bus -1 (BR25) acpiprt8 at acpi0: bus 7 (BR26) acpiprt9 at acpi0: bus 8 (BR27) acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpicpu2 at acpi0: PSS acpicpu3 at acpi0: PSS acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: PWRB cpu0: Enhanced SpeedStep 3192 MHz: speeds: 3201, 3200, 3067, 2933, 2800, 2667, 2533, 2400, 2267, 2133, 2000, 1867, 1733, 1600, 1467, 1333, 1200 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel Core Host rev 0x12 ppb0 at pci0 dev 1 function 0 Intel Core PCIE rev 0x12: apic 6 int 16 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 vendor NVIDIA, unknown product 0x0ca2 rev 0xa2 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) azalia0 at pci1 dev 0 function 1 vendor NVIDIA, unknown product 0x0be4 rev 0xa1: apic 6 int 17 azalia0: no supported codecs Intel 3400 MEI rev 0x06 at pci0 dev 22 function 0 not configured em0 at pci0 dev 25 function 0 Intel 82578DC rev 0x06: apic 6 int 20, address 90:fb:a6:46:db:e1 ehci0 at pci0 dev 26 function 0 Intel 3400 USB rev 0x06: apic 6 int 16 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 azalia1 at pci0 dev 27 function 0 Intel 3400 HD Audio rev 0x06: apic 6 int 22 azalia1: codecs: Realtek ALC888 audio0 at azalia1 ppb1 at pci0 dev 28 function 0 Intel 3400 PCIE rev 0x06: apic 6 int 17 pci2 at ppb1 bus 2 ppb2 at pci0 dev 28 function 1 Intel 3400 PCIE rev 0x06: apic 6 int 16 pci3 at ppb2 bus 3 ppb3 at pci0 dev 28 function 2 Intel 3400 PCIE rev 0x06: apic 6 int 18 pci4 at ppb3 bus 4 ppb4 at pci0 dev 28 function 3 Intel 3400 PCIE rev 0x06: apic 6 int 19 pci5 at ppb4 bus 5 ppb5 at pci0 dev 28 function 4 Intel 3400 PCIE rev 0x06: apic 6 int 17 pci6 at ppb5 bus 6 vendor VIA, unknown product 0x3403 (class serial bus subclass Firewire, rev 0x00) at pci6 dev 0 function 0 not configured ppb6 at pci0 dev 28 function 6 Intel 3400 PCIE rev 0x06: apic 6 int 18 pci7 at ppb6 bus 7 ppb7 at pci0 dev 28
Re: ospfd/ospf6d causing denial of service(?)
On Wed, 25 May 2011 14:26:08 -0500, Amit Kulkarni amitk...@gmail.com wrote: all bugfixes go in current and only serious bugfixes or outright security breaches are backported to the current release and current release-1 branches, this is in the FAQ Is there a reason why an OSPF update larger than 1500 bytes which creates a DoS attack There was a bug. It was in software you got for free. It is hopefully fixed, before the next bug is found and fixed. In the meantime, further advancements will improve that software so that it continues to do neat innovative things. and takes down an entire network with ridiculous amounts of pps is not considered serious? OK, let me call it serious, just for a minute. Do you feel better? Hey, does everyone else feel better? Hell, does anyone feel better? I doubt it. I don't think I understand the logic here. What does logic have to do with calling something serious or not calling it serious? Am I calling it serious in the right places? Do I need to put it on a web page, or a wiki, or is my logic faulty for not broadcasting it enough? Should claudio write it on his chest in permanent marker for you to be satisfied? Because clearly you are only mouthing off because you want to be satisfied. All users of 4.9 (possibly even 4.8) deserve to have this fixed so they don't suffer the same fate. Oh... all users. How about me, on my little laptop having a glass of wine with friends. Do I deserve a fix right now, before I suffer the fate of the ospfd bug? I doubt it. And deserve? Noone deserves anything from us. People get good things, and they are happy. The developers in this project do the best they can writing innovative software, and will not accept preaching from pompous self-entitled American pricks like you. And if there is anyting All users deserve, it is for people like you to start the apologies. I believe you deserve to stop running the software. Right now, ok?
Re: Firewall PF with network alias
On 05/25/11 05:12, MArtin Grados Marquina wrote: In the past, i configure a virtual machine with firewall PF in FreeBSD 8.1 with three network interface (in pf.conf) 1. As sthen@ pointed out, try a FreeBSD list for questions regarding FreeBSD's PF. 2. You posted my private reply to a mailing list. I do not care much for this particular mail, but just don't do that. --- El lun, 23/5/11, Alexander Hall ha...@openbsd.org escribis: 3. Also (please read this again as THIS ANNOYS ME THE MOST): 2. Don't cross-post. Cheers, Alexander
Re: ospfd/ospf6d causing denial of service(?)
Theo, come on man... I really don't understand the hostility here. My goal here is not to get people worked up. I understand you get harassed a lot and people constantly beg for this and that, but I just wanted clarification as I have seen no strict guidelines on what actually becomes Errata. The description in the FAQ is rather vague and that is what prompted me to ask. I apologize if I came off rude, but that was not the intent. Honestly, the thought that this can easily affect other people with lots of network statements in OSPF is pretty scary, and the thought of running -current is equally scary. Most admins prefer not to live out on the edge and I understand the project's strict guidelines should ensure safe and reliable code commits, but nobody is perfect and this is one of those situations where I would like to be as safe as possible. Deciding to run non -release software with what would be described in most projects as being unofficial fixes is a giant leap of faith for most people. What can I say -- old habits die hard. On the other hand, I had this discussion with co-workers today: What makes you trust hotfixes from vendors any more than code from members of the example: OpenBSD project? It doesn't make sense; you don't get responses from their developers directly most of the time, you have no idea what their skills are, and you certainly don't get to see the code! Suddenly you trust a vendor with your life because you were forced to drop a hefty bag of money in front of them? It seems very backwards, and I'd like to get that perception changed: quality open source software is available and it is a wise financial investment. I have great respect for you, Theo, the OpenBSD project, and all of the contributers. The responses to this situation from Claude have instilled great confidence in the use of this software. I just want to point out that the FAQ does indeed say that Most users should be running either -stable or -release, and if there is absolutely no way that the OpenOSPFD fixes can make it into an official errata (even with a paid bounty?) I'll just have to grit my teeth, build some -current boxes, test the living hell out of them, and hope for the best. :-) Cheers, Mark
Re: ospfd/ospf6d causing denial of service(?)
Theo, come on man... I really don't understand the hostility here. My goal here is not to get people worked up. I understand you get harassed a lot and people constantly beg for this and that, but I just wanted clarification as I have seen no strict guidelines on what actually becomes Errata. There are no guidelines, and noone knows if Claudio's commit from yesterday is the final part of the story on this bug. The description in the FAQ is rather vague and that is what prompted me to ask. Bullshit. You did not ask. You yelled at us. The rest of your new email is bullshit, too.
Lunatics deal in certificates not reality whilst burning wheel barrows of money.
A while back someone mentioned they needed certificates like Cisco etc. had to get OpenBSD used by their organisation. Well they're certainly certified now, lunatics that is. I didn't have a great opinion of Cisco but this went from funny to more than a joke. A big thankyou to OpenBSDs no shit attitude and for making the world a better place on so many levels. Begin forwarded message: Date: Wed, 25 May 2011 10:26:13 -0500 Subject: [osvdb] Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities Details === The Cisco RVS4000 and WRVS4400N Gigabit Security Routers deliver high-speed network access and IPsec VPN capabilities for small businesses. They also provides firewall and intrusion prevention capabilities. The Cisco RVS4000 and WRVS4400N Gigabit Security Routers contain three web management interface vulnerabilities: * Retrieval of the configuration file If an administrator of the device has previously created a backup of the configuration, using Administration -- Backup Restore -- Backup, it is possible for a remote unauthenticated user to access the backup configuration file. This file contains all configuration parameters of the device, including the HTTP authentication password and VPN pre-shared-keys (PSKs). * Root operating system arbitrary command injection by an authenticated attacker A user who is authenticated to the device can inject arbitrary commands into the underlying operating system with root privileges, via the ping test and traceroute test parameters. * Retrieval of admin SSL certificate private key The admin SSL certificate private and public keys can be retrieved (used for Quick VPN) by a remote unauthenticated user. ++ |Affected|Availability of First Fixed Release| |Product | | || 2011. | || 2011. | || 2011. | ++
Re: ospfd/ospf6d causing denial of service(?)
Honestly, the thought that this can easily affect other people with lots of network statements in OSPF is pretty scary, and the thought of running -current is equally scary. Most admins prefer not to live out on the edge and I understand the project's strict guidelines should ensure safe and reliable code commits, but nobody is perfect and this is one of those situations where I would like to be as safe as possible. Deciding to run non -release software with what would be described in most projects as being unofficial fixes is a giant leap of faith for most people. What can I say -- old habits die hard. If you run OpenBSD in production, you should subscribe and follow misc@, tech@ and occasionally source-changes@. I am newbie since August'10, and I can now understand somewhat when it is safer to jump to -current and when its safer to hold off from either compiling/installing from snaps. Though, I always run -current as a desktop. On the other hand, I had this discussion with co-workers today: What makes you trust hotfixes from vendors any more than code from members of the example: OpenBSD project? It doesn't make sense; you don't get responses from their developers directly most of the time, you have no idea what their skills are, and you certainly don't get to see the code! Suddenly you trust a vendor with your life because you were forced to drop a hefty bag of money in front of them? It seems very backwards, and I'd like to get that perception changed: quality open source software is available and it is a wise financial investment. Companies can also sit on your RFE or bug because not many people complained and its not prioritized. So there goes your money and your time bugging (or is it begging?) them. I can't blame the companies if its low priority and you shouldn't either. Same with open source. And here's some food for thought, if you were running a commercial ospfd, then you wouldn't even know it was a problem. Ignorance is bliss, huh? You might have gotten a fix in the monthly or quarterly or 6 monthly update. Or just maybe maybe never.
Re: ospfd/ospf6d causing denial of service(?)
On Mon, May 23, 2011 at 09:59:53AM -0500, Chris Wopat wrote: Had a strange issue overnight. In short I had two OpenBSD boxes acting as routers denial of service my network with OSPFv3 multicast packets. The setup is as follows: Two OpenBSD 4.9 amd64 boxes running ospfd and ospf6d. Each box has two NICs, each of which is on a separate subnet. Both of these subnets are used for redundant connections for routers through separate switches (C 6500). There's about 10 OSPF neighbors on both subnets, each of those are generally Cisco devices that are dual homed the same way. The issue was discovered with tcpdump on a 3rd OpenBSD box that's setup with the same config as above. It showed multicast OSPFv3 packets with the above two routers source IP with their router ID's. The rate was extremely high, something like 500k such packets in 10 seconds. Unplugging these two boxes immediately restored connectivity. I'm not understanding why an OSPFv3 packet would have IPv4 source / destination addresses but myself and three others concur that that was what was going on OR something about ipv6 was mentioned in the dump but with v4 addresses. Unfortunately I didn't have the foresight to do a binary tcpdump. The tcpdump data that was on the local console also scrolled back too far for us to get back to to with scroll lock/page up. We're also exploring the possibility of these multicast packets somehow being forwarded or looped through and causing a denial of service. These OpenBSD boxes do have `net.inet.ip.mforwarding=1` but I'm leaning more towards some ospf6d/ospfd bug or issue since OSPF's TTL is 1. Just one note here, OSPF group is not routable (224.0.0.0/24), this is a link local multicast address, so no, it's not being forwarded. And the net.inet.ip.mforwarding=1 makes no sense I suppose. -- Christiano Farina HAESBAERT Do NOT send me html mail.
[Zetta] Z11 mini monitoring camcorder
Dear misc, This is Darwin So from Zetta Systems Limited. We are a manufacturer specializing in mini monitoring camcorder: www.zetta.com.hk Our best sellers currently are: Z11 - 8-hour battery recording, 96-hour circular recording mini DVR Z11EX - 24-hour battery recording, 96-hour circular recording mini DVR for home / shop / car security, car driving recording, meeting minutes and spy use. Attached please find our presentation. Please feel free to let us know if you have any comments. Thank you very much! Regards, Darwin So Zetta Systems Limited Email: darwi...@zetta.com.hk Mobile: (852) 9773 3529 Tel: (852) 3188 4492 Fax: (852) 3755 4181 Address: Unit 513, Lakeside 1, No. 8 Science Park West Avenue, HKSTP, Shatin, N.T., HK Website: www.zetta.com.hk [demime 1.01d removed an attachment of type application/pdf]
Re: ospfd/ospf6d causing denial of service(?)
I have to agree with Theo and I was honestly shocked at your initial email. You don't bite the hand that is trying to help nor do you bite the hand that is giving you something for free. Sent: Wednesday, May 25, 2011 3:22 PM Subject: Re: ospfd/ospf6d causing denial of service(?) Theo, come on man... I really don't understand the hostility here. My goal here is not to get people worked up. I understand you get harassed a lot and people constantly beg for this and that, but I just wanted clarification as I have seen no strict guidelines on what actually becomes Errata. The description in the FAQ is rather vague and that is what prompted me to ask. I apologize if I came off rude, but that was not the intent. Honestly, the thought that this can easily affect other people with lots of network statements in OSPF is pretty scary, and the thought of running -current is equally scary. Most admins prefer not to live out on the edge and I understand the project's strict guidelines should ensure safe and reliable code commits, but nobody is perfect and this is one of those situations where I would like to be as safe as possible. Deciding to run non -release software with what would be described in most projects as being unofficial fixes is a giant leap of faith for most people. What can I say -- old habits die hard. On the other hand, I had this discussion with co-workers today: What makes you trust hotfixes from vendors any more than code from members of the example: OpenBSD project? It doesn't make sense; you don't get responses from their developers directly most of the time, you have no idea what their skills are, and you certainly don't get to see the code! Suddenly you trust a vendor with your life because you were forced to drop a hefty bag of money in front of them? It seems very backwards, and I'd like to get that perception changed: quality open source software is available and it is a wise financial investment. I have great respect for you, Theo, the OpenBSD project, and all of the contributers. The responses to this situation from Claude have instilled great confidence in the use of this software. I just want to point out that the FAQ does indeed say that Most users should be running either -stable or -release, and if there is absolutely no way that the OpenOSPFD fixes can make it into an official errata (even with a paid bounty?) I'll just have to grit my teeth, build some -current boxes, test the living hell out of them, and hope for the best. :-) Cheers, Mark
Re: ospfd/ospf6d causing denial of service(?)
You have a confirmed issue now, so -current isn't likely to make things worse. (With daemons like this I'm usually happier running -current in production than older code). This seems to imply that -current typically consists of bugfixes vs new features/enhancements? -current is what the developers run. If -current has a bug, our eye is on it. Some users might hate it when an official past release has a bug, but their perspective is small and narrow compared to ours. If -current has a bug, that bug will mean the next release will have that bug. Therefore, we focus on -current. The result is that the next release probably has less bugs. It is the best we can do.
de Master Seguridad Y Tecnicos Pc Para misc
Hola misc, si no podes visualizar este correo, podes hacerlo clickeando en este enlace. MASTER SECURITY Y TECNICOS EN PC 2011 Un Pack en DVDs con las ultimas novedades en programas para Hacking Seguridad de Sistemas y Tecnicos en PC. Envio SIN CARGO a todo el Pais !!! Los mismos no tienen limitacion restriccion alguna, son 100% funcionales !! Para visitar la web haga clic aqui ((( Click Aca Arriba Si NO puedes Entrar))) El enlace no funciona? nbs p; Enlace alternativo clic aqui Suprimir su correo del boletin clic aqui ((( Haga Click Aca Para Ver Detalle Completo Y Comprar ))) Este e-mail tiene como unico destinatario: misc Para ser eliminado de nuestras listas envienos un email y en asunto aclarar REMOVER control de envio: dmjojpiqpyxgaguxdkzkvzu