Re: routing domain limit (128)
On Thu, May 26 2011 at 48:23, Oeschger Patrick wrote: hi all obsd 4.9 seems to support 128 routing domains is this a hard limit or is it configurable? how about 512/1024/2048 routing domains? (silly idea?) ...i want to consolidate more than 128 small firewalls on one hardware and routing domains would be nice to prevent data leaking between the FWs... Hi, The max rdomain value is controled with a define sys/socket.h:#defineRT_TABLEID_MAX 255 If you think the limit is 128, maybe you were encoutering a bug where 128 is hardcoded. I found one in ifconfig configuring gif, reported to devs, and now it's fixed in current. Try current and report the bug if it's still present. As I didn't try more than 200 rdomains in a test machine, I could not tell if 512/1024/2048 is a silly idea or not. Claer
Re: routing domain limit (128)
On Fri, May 27, 2011 at 09:18:48AM +0200, Claer wrote: On Thu, May 26 2011 at 48:23, Oeschger Patrick wrote: hi all obsd 4.9 seems to support 128 routing domains is this a hard limit or is it configurable? how about 512/1024/2048 routing domains? (silly idea?) ...i want to consolidate more than 128 small firewalls on one hardware and routing domains would be nice to prevent data leaking between the FWs... Hi, The max rdomain value is controled with a define sys/socket.h:#defineRT_TABLEID_MAX 255 Yes, it should be enough to change this value and rebuild the system. If you think the limit is 128, maybe you were encoutering a bug where 128 is hardcoded. I found one in ifconfig configuring gif, reported to devs, and now it's fixed in current. Try current and report the bug if it's still present. As I didn't try more than 200 rdomains in a test machine, I could not tell if 512/1024/2048 is a silly idea or not. 2000 and more should work. The memory usage will increase and a certain slowdown will happen (because 2000 rdomains need a lot of interfaces, etc). -- :wq Claudio
de Master Seguridad Y Tecnicos Pc Para misc
Hola misc, si no podes visualizar este correo, podes hacerlo clickeando en este enlace. MASTER SECURITY Y TECNICOS EN PC 2011 Un Pack en DVDs con las ultimas novedades en programas para Hacking Seguridad de Sistemas y Tecnicos en PC. Envio SIN CARGO a todo el Pais !!! Los mismos no tienen limitacion restriccion alguna, son 100% funcionales !! Para visitar la web haga clic aqui ((( Click Aca Arriba Si NO puedes Entrar))) El enlace no funciona? nbs p; Enlace alternativo clic aqui Suprimir su correo del boletin clic aqui ((( Haga Click Aca Para Ver Detalle Completo Y Comprar ))) Este e-mail tiene como unico destinatario: misc Para ser eliminado de nuestras listas envienos un email y en asunto aclarar REMOVER control de envio: wckwkuwkeotxmuxqdbwvstn
opencvs problem fetching current source
Hi, For some months now, I have exactly the same problem than: http://marc.info/?t=12985968427r=1w=2 and I carefully read the post of Philip. I have a local repo (synced through cvsync) and it seems that updating sources with a local repo triggers a problem. I checked out /usr/src this way: cd /usr opencvs -d /home/OpenBSD_cvsync co src -P and I used this command to update: cd /usr/src opencvs up -CAPd /home/OpenBSD_cvsync is my local OpenBSD repo: $ ls -l /home/OpenBSD_cvsync/ total 72 drwxr-xr-x 4 oc wsrc 2048 May 26 14:09 CVSROOT drwxr-xr-x 6 oc wsrc 512 Sep 22 2009 X11 drwxr-xr-x 7 oc wsrc 512 Sep 22 2009 XF4 drwxr-xr-x 2 oc wsrc 512 Sep 22 2009 cvsync drwxr-xr-x 61 oc wsrc 1536 May 16 14:09 ports drwxr-xr-x 19 oc wsrc 512 Apr 25 14:10 src drwxr-xr-x 46 oc wsrc 5632 May 26 14:13 www drwxr-xr-x 16 oc wsrc 512 May 8 14:12 xenocara $ pwd /usr/src/lib/libssl/src/crypto/pqueue $ cat CVS/Root /home/OpenBSD_cvsync $ rm pqueue.h $ opencvs up pqueue.h opencvs update: warning: pqueue.h was lost U pqueue.h opencvs update: failed to open history file $ grep compat pqueue.h #include openssl/pq_compat.h $ md5 pqueue.h MD5 (pqueue.h) = a1fd3f944a2777bb249d0e420d965c7f $ rm pqueue.h $ cvs -d :ext:anon...@anoncvs.fr.openbsd.org:/cvs up pqueue.h U pqueue.h $ grep compat pqueue.h $ md5 pqueue.h MD5 (pqueue.h) = 08e291548d9a920f534ea0717ee3ed88 As you see, using remote (:ext:) mode gives me the right version of the file but not using local mode. However, it says it is fetching version 1.1.1.2 : $ rm pqueue.h $ opencvs -t up pqueue.h C- cvs_parse_configfile() C- cvs_parse_modules() C- cvs_file_walklist: element 'pqueue.h' C- cvs_repository_lock(/home/OpenBSD_cvsync/src/lib/libssl/src/crypto/pqueue, 0) C- cvs_update_local(pqueue.h) C- cvs_file_classify(pqueue.h, none) C- cvs_ent_open(.) opencvs update: warning: pqueue.h was lost C- cvs_checkout_file(pqueue.h, 1.1.1.2, 0) - to disk C- cvs_ent_open(.) C- cvs_ent_remove(./CVS/Entries, pqueue.h) C- cvs_ent_add(./CVS/Entries, /pqueue.h/1.1.1.2/Fri May 27 08:05:19 2011//) U pqueue.h C- cvs_history_add(`U', `pqueue.h', `(null)') opencvs update: failed to open history file C- cvs_cleanup: removing locks C- cvs_cleanup: removing temp files C- cvs_ent_close(./CVS/Entries.Backup, 1) $ but it doesn't get the content of the version 1.1.1.2: Any idea ? Thanks, -- Olivier Cherrier - Symacx.com mailto:o...@symacx.com
Nuestros Eventos Junio 2011
Si no puede ver esta informacisn haga click aqum [IMAGE] [IMAGE] [IMAGE] [IMAGE] Junio [IMAGE] [IMAGE] [IMAGE] Viernes 03 Jun.2011 [IMAGE] DICTAMEN LOCAL 2010 PARA EL DF INCLUYE REFORMAS 2011 AL CSDIGO FISCAL DF [IMAGE] [IMAGE] [IMAGE] C.P.C. Vicente Velazquez Melindez Inicio: 09 Hrs | Duracisn: 05 hrs. | [IMAGE] [IMAGE] Miircoles 08 Jun.2011 [IMAGE] NUEVA PLATAFORMA ELECTRSNICA DEL SAT DE PAGOS Y DECLARACIONES PARA OBLIGADOS A DICTAMINARSE (A PARTIR DE ABRIL PARA PAGAR EN MAYO) [IMAGE] [IMAGE] [IMAGE] C.P.C. y E.F. Gadiel Aragsn Peralta Inicio: 09 Hrs | Duracisn: 05 hrs. | [IMAGE] [IMAGE] Jueves 09 Jun.2011 [IMAGE] SIPRED 2010 INCLUYE ANALISIS INTEGRAL DE PARTES RELACIONADAS [IMAGE] [IMAGE] [IMAGE] C.P. Roberto Gsmez Ledezma Y C.P. Manuel Miranda De Santiago Inicio: 09 Hrs | Duracisn: 08 hrs. | [IMAGE] [IMAGE] Viernes 10 Jun.2011 [IMAGE] NUEVOS SISTEMAS AUTOMATIZADOS DE DEVOLUCIONES Y COMPENSACIONES [IMAGE] [IMAGE] [IMAGE] C.P.C. y E.F. Gadiel Aragsn Peralta Inicio: 09 Hrs | Duracisn: 05 hrs. | [IMAGE] [IMAGE] Viernes 10 Jun.2011 [IMAGE] NIF B-7 Y B-8 ADQUISICISN DE NEGOCIOS Y CONSOLIDACISN DE ESTADOS FINANCIEROS [IMAGE] [IMAGE] [IMAGE] L.C. y M.I. Jorge Zzqiga Carrasco Inicio: 09 Hrs | Duracisn: 08 hrs. | [IMAGE] [IMAGE] Viernes 10 Jun.2011 [IMAGE] AFILIACIONES DE LA LEY DEL SEGURO SOCIAL (OBLIGACIONES ADMINISTRATIVAS) [IMAGE] [IMAGE] [IMAGE] C.P. Arturo Hernandez Lopez Inicio: 15 Hrs | Duracisn: 05 hrs. | [IMAGE] [IMAGE] Sabado 11 Jun.2011 [IMAGE] SALARIO BASE DE COTIZACISN CON ANALISIS Y RECOMENDACIONES SOBRE PRESTACIONES ADECUADAS QUE NO INCREMENTEN LA CARGA SOCIAL [IMAGE] [IMAGE] [IMAGE] C.P. Marma Guadalupe de la Fuente Arteaga Inicio: 09 Hrs | Duracisn: 05 hrs. | [IMAGE] [IMAGE] Martes 14 Jun.2011 [IMAGE] PRECIOS DE TRANSFERENCIA: ANALISIS JURMDICO, FINANCIERO Y PRACTICO (INCLUYE LLENADO DE CUESTIONARIOS Y ANEXOS DE SIPRED) [IMAGE] [IMAGE] [IMAGE] C.P.C. y E.F. Josi Manuel Miranda de Santiago Inicio: 09 Hrs | Duracisn: 09 hrs. | [IMAGE] [IMAGE] Jueves 16 Jun.2011 [IMAGE] POWER POINT, (MANEJO DE PRESENTACIONES EXITOSAS) [IMAGE] [IMAGE] [IMAGE] Ing. Hugo Rodolfo Gonzalez Maldonado Inicio: 09 Hrs | Duracisn: 06 hrs. | [IMAGE] [IMAGE] Jueves 16 Jun.2011 [IMAGE] TRATAMIENTO FISCAL DE PERSONAS FMSICAS EMPRESARIAS BAJO EL RIGIMEN DE INTERMEDIOS [IMAGE] [IMAGE] [IMAGE] C.P.C. Y E.F. Luis Guillermo Delgado Pedroza Inicio: 15 Hrs | Duracisn: 05 hrs. | [IMAGE] [IMAGE] Sabado 18 Jun.2011 [IMAGE] ANEXO 21 TODO SOBRE LA INFORMACISN A PRESENTAR PARA OBLIGADOS A DICTAMINARSE QUE OPTEN POR NO PRESENTAR EL DICTAMEN [IMAGE] [IMAGE] [IMAGE] C.P.C. Roberto Gsmez Ledezma Inicio: 09 Hrs | Duracisn: 05 hrs. | [IMAGE] [IMAGE] Sabado 18 Jun.2011 [IMAGE] NUEVA RESOLUCISN MISCELANEA 2011-2012 (SUJETO A PUBLICACISN) [IMAGE] [IMAGE] [IMAGE] C.P.C. Y E.F. Luis Guillermo Delgado Pedroza Inicio: 09 Hrs | Duracisn: 06 hrs. | [IMAGE] [IMAGE] Viernes 24 Jun.2011 [IMAGE] LEY DEL IMSS: ADMINISTRACISN, CLASIFICACISN Y CALCULO DEL RIESGO DE TRABAJO [IMAGE] [IMAGE] [IMAGE] C.P. Arturo Hernandez Lopez Inicio: 15 Hrs | Duracisn: 05 hrs. | [IMAGE] [IMAGE] Sabado 25 Jun.2011 [IMAGE] TALLER PRACTICO: DETERMINACISN DE CIDULAS DE LIQUIDACISN MENSUAL Y BIMESTRAL (IMSS) [IMAGE] [IMAGE] [IMAGE] C.P. Marma Guadalupe de la Fuente Arteaga Inicio: 09 Hrs | Duracisn: 05 hrs. | [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] POLMTICAS DE CANCELACISN Corporativo Fiscal Dicada, S.C. posee una rmgida polmtica contra el SPAMming, por lo que respetamos su privacidad. Por favor, si usted no desea recibir mas informacisn y comunicados sobre Corporativo Fiscal Dicada, S.C. o considera que recibis por error este e-mail, le suplicamos haga click aqum, escriba su nombre y lo daremos de baja inmediatamente de nuestra base de datos. PROGRAMACION COFIDE JUNIO 2011 VIERNES 03 DE JUNIO DICTAMEN LOCAL 2010 PARA EL D.F. INCLUYE REFORMAS 2011 AL CSDIGO FISCAL D.F. Duracisn: 5 Hrs. De: 09:00 A 14:00 Hrs. DESAYUNO: 08:00 A 09:00 Hrs. Expositor: C.P.C. VICENTE VELAZQUEZ MELENDEZ Inversisn: $1,400.00 mas IVA MIERCOLES 08 DE JUNIO NUEVA PLATAFORMA ELECTRSNICA DEL SAT DE PAGOS Y DECLARACIONES PARA OBLIGADOS A DICTAMINARSE (a partir de Abril para pagar en Mayo) Duracisn: 5 hrs. De: 09:00 A 14:00 hrs. DESAYUNO DE 08:00 A 09:00 hrs. Expositor: C.P.C. Y E.F. GADIEL ARAGON PERALTA Inversisn: $1,450.00 mas IVA JUEVES 09 DE JUNIO RESOLUCISN MISCELANEA 2011-2012 (SUJETO A PUBLICACISN) Duracisn: 6 Hrs. De: 09:00 A 15:00 Hrs. DESAYUNO: 08:00 A 09:00 Hrs. Expositor: C.P.C. Y E.F. LUIS GUILLERMO DELGADO PEDROZA Inversisn: $1,680.00 mas IVA VIERNES 10 DE JUNIO SIPRED 2010 INCLUYE ANALISIS INTEGRAL DE PARTES RELACIONADAS
SOL console, Dell PE T310, iDRAC6 embedded BMC
I tried to build a sol console connection on Dell PE T310/OpenBSD 4.8/ iDRAC6 embedded BMC using ipmitool (downloaded from ports' webpage). Enabling IPMI in kernel (using config) gives an access to sensors, but I cannot establish any remote sol console connection to this machine even from computers in the same LAN. I googled the web and found no solution (in april 2010 there was a similar question posted here - no answer). Did anyone solve the problem? It's possible to establish something like that? BTW The analoguous solution worked on FreeBSD 8.1 on the same machine I used the same BIOS settings to both systems. Under FreeBSD i set the asf flag, installed ipmitool and it worked. Under OpenBSD i enabled ipmi, installed ipmitool and it didnn't work. MC Marek Czubenko Uczelniane Centrum Information Communication Informatyczne Technology Centre Uniwersytet Miko3aja Kopernika Nicolaus Copernicus University Pl. Rapackiego 1, 87-100 Toruq Pl. Rapackiego 1, 87-100 Torun tel: +48 56 611-27-38 phone: +48 56 611-27-38 PGP: http://www.umk.pl/~mc10/pgp_public_key
Re: Firewall PF with network alias
Re: Firewall PF WITH NETWORK ALIAS Sorry, but PF does not run well on openbsd? then do not understand why I have to go alone to the freebsd lists. you understand when someone needs help with a problem and need some idea for solution? I am sorry to have bothered anyone, but my only intention was to ask for help because I thought that that the list had been created. IDEXBSD. --- El mii, 25/5/11, Alexander Hall ha...@openbsd.org escribis: De: Alexander Hall ha...@openbsd.org Asunto: Re: Firewall PF with network alias Para: MArtin Grados Marquina themartin...@yahoo.es CC: openbsd-mex...@googlegroups.com, openbsd-newb...@sfobug.org, misc@openbsd.org, usuar...@listas.bsd.cl, bsd-v...@bsd.org.ve, bsd-p...@listas.bsd-peru.org, openbsd-colom...@googlegroups.com Fecha: miircoles, 25 de mayo, 2011 16:28 On 05/25/11 05:12, MArtin Grados Marquina wrote: In the past, i configure a virtual machine with firewall PF in FreeBSD 8.1 with three network interface (in pf.conf) 1. As sthen@ pointed out, try a FreeBSD list for questions regarding FreeBSD's PF. 2. You posted my private reply to a mailing list. I do not care much for this particular mail, but just don't do that. --- El lun, 23/5/11, Alexander Hall ha...@openbsd.org escribis: 3. Also (please read this again as THIS ANNOYS ME THE MOST): 2. Don't cross-post. Cheers, Alexander
multicast routing and PIM-SM
Hi, I'm trying to forward multicast traffic through my firewalls using PIM-SM. Are there any alternatives to XORP? Is multicast_router=YES enough in rc.conf.local? regards, Giannis [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
pid file for ldapd(8)
Hi, Is there a way to tell ldapd(8) to write it's PID in /var/run ? TIA, Jo
Re: Firewall PF with network alias
MArtin Grados Marquina themartin...@yahoo.es writes: Sorry, but PF does not run well on openbsd? then do not understand why I have to go alone to the freebsd lists. There are significant differences between the PF in FreeBSD (equivalent to OpenBSD 4.1, roughly) and recent OpenBSD versions, meaning that the correct answer for OpenBSD may not be the correct one for FreeBSD in quite a few cases i can think of. In this specifici case, at first blush I think your problem is that you're mixing rc.conf shellscript-isms into your pf.conf, which is not a shell script. Your rc.conf environment variables are not directly accessible to the pf.conf parser. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: multicast routing and PIM-SM
Hi, On Fri, 27 May 2011 19:53:15 +0700, Kapetanakis Giannis bil...@edu.physics.uoc.gr wrote: Hi, I'm trying to forward multicast traffic through my firewalls using PIM-SM. Only DVMRP Are there any alternatives to XORP? Yes. dvmrpd (8). Is multicast_router=YES enough in rc.conf.local? regards, Giannis [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s] Regards, Insan Praja -- Using Opera's revolutionary email client: http://www.opera.com/mail/
Re: pid file for ldapd(8)
27 maj 2011 kl. 14.55 skrev Joel Carnat: Hi, Is there a way to tell ldapd(8) to write it's PID in /var/run ? No. You can use 'pgrep ldapd' instead. .martin TIA, Jo
Re: SOL console, Dell PE T310, iDRAC6 embedded BMC
On 2011-05-27, Marek Czubenko marek.czube...@umk.pl wrote: Under FreeBSD i set the asf flag, installed ipmitool and it worked. Under OpenBSD i enabled ipmi, installed ipmitool and it didnn't work. Shared NIC or dedicated? OpenBSD doesn't support IPMI with shared NIC.
Re: multicast routing and PIM-SM
On Fri, May 27, 2011 at 03:53:15PM +0300, Kapetanakis Giannis wrote: Hi, I'm trying to forward multicast traffic through my firewalls using PIM-SM. Are there any alternatives to XORP? Is multicast_router=YES enough in rc.conf.local? regards, Giannis [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s] Give this a try: https://github.com/troglobit/pimd -- Christiano Farina HAESBAERT Do NOT send me html mail.
ipsec vpn 'colouring'
*hmmm* i did a test using ipsec vpn colouring aka. tagging ipsec.conf offers the option to tag the vpn traffic for further PF filtering using these tags i can instruct PF to use different public NAT addresses (outgoing to internet) for each VPN but when you have overlapping subnets behind the VPNs then it it difficult to get the reply traffic into the right VPN maybe i am missing something here... i expected some feature so tagged traffic will be routed into the VPN carrying the same tag (...somehow...) did some tests using 'reply-to' in pf rules but that did not work... - an a default route will not help because i have many VPN all overlapping in worst case any ideas? an important option i missed? thank you /pat
Re: pid file for ldapd(8)
On 05/27/2011 08:55 AM, Joel Carnat wrote: Hi, Is there a way to tell ldapd(8) to write it's PID in /var/run ? why? OpenBSD isn't too fond of PID files... Nick.
Re: ipsec vpn 'colouring'
On Fri, May 27 2011 at 07:16, Oeschger Patrick wrote: *hmmm* *hmmm*, i did a test using ipsec vpn colouring aka. tagging ipsec.conf offers the option to tag the vpn traffic for further PF filtering using these tags i can instruct PF to use different public NAT addresses (outgoing to internet) for each VPN but when you have overlapping subnets behind the VPNs then it it difficult to get the reply traffic into the right VPN maybe i am missing something here... Why not using the local keyword of ipsec.conf for outgoing address instead of NAT ? I expected some feature so tagged traffic will be routed into the VPN carrying the same tag (...somehow...) did some tests using 'reply-to' in pf rules but that did not work... - an a default route will not help because i have many VPN all overlapping in worst case any ideas? an important option i missed? Using ipsec tunnels in different rdomains to manage overlapping easily? (Thanks to Reyk to clarify the usage of ipsec+rdomain) Claer
Re: Xorg sucking CPU
I just realized I am having exactly the same problem described in this thread: http://marc.info/?l=openbsd-miscm=127601909229979w=2 In my case, I also see an error: mtrr set failled: invalid argument According to the thread, this was solved in current. Previous versions of current worked fine for me. This problem showed up in recent versions. Any suggestion? Thanks, Luis. On Thu, May 26, 2011 at 8:38 PM, Luis Useche use...@gmail.com wrote: Hi Guys, Recently, after my last update with bluesnapper on amd64, I have been seeing a high CPU utilization of the Xorg process. I don't know if it is normal, but top report Xorg to be constantly on 30 or 40% and some times it can go up to even 70 or 80%. I was wondering if this is normal. What are normal CPU utilization? This is my current top Xorg line: PID USERNAME PRI NICE SIZE RES STATE WAIT TIMECPU COMMAND 31683 _x11 20 38M 20M sleep/0 select4:08 39.55% Xorg Below is my dmesg. Thanks, Luis. OpenBSD 4.9-current (GENERIC.MP) #1: Fri May 20 20:28:10 EDT 2011 l...@meg.my.domain:/home/luis/develop/openbsd/openbsd-src/sys/arch/amd64/com pile/GENERIC.MP real mem = 4251635712 (4054MB) avail mem = 4124409856 (3933MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf70c0 (43 entries) bios0: vendor Dell Inc. version A00 date 01/06/2010 bios0: Dell Inc. Latitude 13 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC ASF! MCFG TCPA SLIC SSDT acpi0: wakeup devices PCI0(S5) PCIE(S4) USB1(S0) USB2(S0) USB3(S0) USB4(S0) USB5(S0) USB6(S0) EHC2(S0) EHCI(S0) AZAL(S3) RP01(S3) RP02(S1) RP03(S3) RP04(S3) RP05(S3) RP06(S5) LID_(S3) PBTN(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Genuine Intel(R) CPU U7300 @ 1.30GHz, 1297.14 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3 ,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG cpu0: 3MB 64b/line 8-way L2 cache cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Genuine Intel(R) CPU U7300 @ 1.30GHz, 1296.90 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3 ,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG cpu1: 3MB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpiprt0 at acpi0: bus 2 (PCIE) acpiprt1 at acpi0: bus 11 (RP01) acpiprt2 at acpi0: bus 12 (RP02) acpiprt3 at acpi0: bus -1 (RP03) acpiprt4 at acpi0: bus 13 (RP04) acpiprt5 at acpi0: bus -1 (RP05) acpiprt6 at acpi0: bus 9 (RP06) acpiprt7 at acpi0: bus 0 (PCI0) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpitz0 at acpi0: critical temperature 107 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: PBTN acpibtn2 at acpi0: SBTN acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT0 model DELL NTG4J0B serial 409 type LION oem SMP acpivideo0 at acpi0: VID_ acpivout0 at acpivideo0: LCD_ acpivideo1 at acpi0: VID2 cpu0: Enhanced SpeedStep 1296 MHz: speeds: 1300, 1200, 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel GM45 Host rev 0x07 vga1 at pci0 dev 2 function 0 Intel GM45 Video rev 0x07 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xe000, size 0x1000 inteldrm0 at vga1: apic 2 int 16 drm0 at inteldrm0 Intel GM45 Video rev 0x07 at pci0 dev 2 function 1 not configured uhci0 at pci0 dev 26 function 0 Intel 82801I USB rev 0x02: apic 2 int 20 uhci1 at pci0 dev 26 function 1 Intel 82801I USB rev 0x02: apic 2 int 21 uhci2 at pci0 dev 26 function 2 Intel 82801I USB rev 0x02: apic 2 int 22 ehci0 at pci0 dev 26 function 7 Intel 82801I USB rev 0x02: apic 2 int 22 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 Intel 82801I HD Audio rev 0x02: apic 2 int 21 azalia0: codecs: Realtek ALC269 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801I PCIE rev 0x02: apic 2 int 16 pci1 at ppb0 bus 11 ppb1 at pci0 dev 28 function 1 Intel 82801I PCIE rev 0x02: apic 2 int 17 pci2 at ppb1 bus 12 iwn0 at pci2 dev 0 function 0 Intel WiFi Link 5100 rev 0x00: apic 2 int 17, MIMO 1T2R, MoW, address 00:24:d6:ad:e7:a8 ppb2 at pci0 dev 28 function 3 Intel 82801I PCIE rev 0x02: apic 2 int 19 pci3 at ppb2 bus 13 ppb3 at pci0 dev 28 function 5 Intel 82801I PCIE rev 0x02: apic 2 int 17 pci4 at ppb3 bus 9 bge0 at pci4 dev 0 function 0 Broadcom BCM5761E rev 0x10, BCM5761 A1
OpenBGP bgpctl(8) asdot / 4byte-asn
Is there a way bgpctl will produce run-time information not using asdot format? I am trying to convert my OpenBGP conf to RPSL but the later is old enough that wont accept as-dot format, therefore I need it in 4-byte ASN notation. Thanks. -- === Eduardo Meyer pessoal: dudu.me...@gmail.com profissional: ddm.farmac...@saude.gov.br
Re: ospfd/ospf6d causing denial of service(?)
I was able to lab it up and confirm and recreate the bug. I realize that this subject has been beaten to death now but I wanted to chime in saying: * Yes, it's definitely fixed in -current. This isn't new information but good info for my organization. * There's a simple way to reliable reproduce it for anyone who's curious. Here's how to create the issue with just two devices- openbsd and any other ospf capable device- I just used an old C2600. I took it to the extreme and created ~500 loopback interfaces so my updates and database would be large. The easy way to do it was: --- start --- #!/bin/sh CONF=/etc/ospfd-bad.conf echo area 0.0.0.0 { $CONF echo interface em0 {} $CONF for S in 1 2 do for I in `jot 254` do echo inet 10.1$S.$I.1 255.255.255.0 /etc/hostname.lo$S$I echo interface lo$S$I { passive } $CONF done done echo } $CONF --- end --- As soon as it gets an LS request from its neighbor (.254) you get the flood from ospfd (.1): http://falz.net/static/openbsd/lab-ospfd-bug-screenshot.png --Chris
Re: Xorg sucking CPU
I just realized I am having exactly the same problem described in this thread: http://marc.info/?l=openbsd-miscm=127601909229979w=2 In my case, I also see an error: mtrr set failled: invalid argument I also see it daily on amd64 but there is no problem with X for me. IMHO that's not relevant at all. Check your /var/log/Xorg.0.log for error messages and post your /etc/X11/xorg.conf (if any). If you don't have a xorg.conf, there is a default one created for you, bits and pieces of which is visible in the /var/log/Xorg.0.log (and /var/log/Xorg.0.log.old) file. Make sure everything is current including kernel, userland, and xenocara to eliminate other variables. Sometimes you have upgraded kernel and userland but not xenocara.
Re: OpenBGP bgpctl(8) asdot / 4byte-asn
On 2011-05-27, Eduardo Meyer dudu.me...@gmail.com wrote: Is there a way bgpctl will produce run-time information not using asdot format? Not at present, OpenBGP only accepts as-plain for input, it always outputs as-dot. I think we should probably change this, rfc5396 came out a couple of years ago and pretty much everyone is using as-plain now. (Even though 3.10 looks far nicer than 196618 ;)
Re: Xorg sucking CPU
Hi Amit, Thanks for the response. On Fri, May 27, 2011 at 11:15 AM, Amit Kulkarni amitk...@gmail.com wrote: I just realized I am having exactly the same problem described in this thread: http://marc.info/?l=openbsd-miscm=127601909229979w=2 In my case, I also see an error: mtrr set failled: invalid argument I also see it daily on amd64 but there is no problem with X for me. IMHO that's not relevant at all. Well, in my case, after a while, X gets slow and unresponsive. Moreover, I didn't see this behavior before. This also makes the battery goes down quickly. Check your /var/log/Xorg.0.log for error messages and post your /etc/X11/xorg.conf (if any). If you don't have a xorg.conf, there is a default one created for you, bits and pieces of which is visible in the /var/log/Xorg.0.log (and /var/log/Xorg.0.log.old) file. Make sure everything is current including kernel, userland, and xenocara to eliminate other variables. Sometimes you have upgraded kernel and userland but not xenocara. I upgraded everything with bluesnapper except the kernel. I updated the kernel from CVS and compile. Given the message: mtrr set failed: Invalid argument I am starting to think there is some API problems. Somehow my kernel is not the right one for the userland in bluesnapper. Thanks, Luis.
Re: OpenBGP bgpctl(8) asdot / 4byte-asn
On Fri, May 27, 2011 at 3:28 PM, Stuart Henderson s...@spacehopper.org wrote: On 2011-05-27, Eduardo Meyer dudu.me...@gmail.com wrote: Is there a way bgpctl will produce run-time information not using asdot format? Not at present, OpenBGP only accepts as-plain for input, it always outputs as-dot. I think we should probably change this, rfc5396 came out a couple of years ago and pretty much everyone is using as-plain now. (Even though 3.10 looks far nicer than 196618 ;) Yeah, I agree, but the world seems to prefer plain 4byte (maybe they can read). BTW I have read in many Cisco[1] documents that asdot is made up of (PART1 * 65535) + PART2 However OpenBGP does the math as ((PART1 * 65535) + PART2) + PART1. How can Cisco be wrong again? lol [1]http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/white_paper_c11_516829.html Thanks, Ill do some shell scripting to convert. -- === Eduardo Meyer pessoal: dudu.me...@gmail.com profissional: ddm.farmac...@saude.gov.br
Re: OpenBGP bgpctl(8) asdot / 4byte-asn
On 2011-05-27, Eduardo Meyer dudu.me...@gmail.com wrote: On Fri, May 27, 2011 at 3:28 PM, Stuart Henderson s...@spacehopper.org wrote: On 2011-05-27, Eduardo Meyer dudu.me...@gmail.com wrote: Is there a way bgpctl will produce run-time information not using asdot format? Not at present, OpenBGP only accepts as-plain for input, it always outputs as-dot. Re-reading this sentence I see it's badly written; I meant it as the only place OpenBGP accepts as-plain is for input but I'll rephrase to make it totally clear: Currently OpenBGP accepts either format for input, but it always outputs as-dot. I think we should probably change this, rfc5396 came out a couple of years ago and pretty much everyone is using as-plain now. (Even though 3.10 looks far nicer than 196618 ;) Yeah, I agree, but the world seems to prefer plain 4byte (maybe they can read). I think it's largely because a lot of people are using regular expressions over AS paths to set routing policy and the .'s are going to mess things up there. BTW I have read in many Cisco[1] documents that asdot is made up of [1]http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/white_paper_c11_516829.html (PART1 * 65535) + PART2 [1 * 65535] + 10 = 65546 err...wow. However OpenBGP does the math as ((PART1 * 65535) + PART2) + PART1. Or, put another way, part1*65536 + part2 (though it's actually written as the more efficient `$$ = uval | (uvalh 16)' in the parser).
Re: OpenBGP bgpctl(8) asdot / 4byte-asn
On Fri, May 27, 2011 at 08:54:25PM +, Stuart Henderson wrote: On 2011-05-27, Eduardo Meyer dudu.me...@gmail.com wrote: On Fri, May 27, 2011 at 3:28 PM, Stuart Henderson s...@spacehopper.org wrote: On 2011-05-27, Eduardo Meyer dudu.me...@gmail.com wrote: Is there a way bgpctl will produce run-time information not using asdot format? Not at present, OpenBGP only accepts as-plain for input, it always outputs as-dot. Re-reading this sentence I see it's badly written; I meant it as the only place OpenBGP accepts as-plain is for input but I'll rephrase to make it totally clear: Currently OpenBGP accepts either format for input, but it always outputs as-dot. I think we should probably change this, rfc5396 came out a couple of years ago and pretty much everyone is using as-plain now. (Even though 3.10 looks far nicer than 196618 ;) I still prefer 3.10. At least it tells me quickly from which RIR the AS is from. And it looks nicer. Yeah, I agree, but the world seems to prefer plain 4byte (maybe they can read). I think it's largely because a lot of people are using regular expressions over AS paths to set routing policy and the .'s are going to mess things up there. Yes, network admins seem to be unable to write correct regular expressions. No T-Shirt from them. Or maybe we should make on: move out of the way, I don't know regular expressions BTW I have read in many Cisco[1] documents that asdot is made up of [1]http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/white_paper_c11_516829.html (PART1 * 65535) + PART2 [1 * 65535] + 10 = 65546 err...wow. However OpenBGP does the math as ((PART1 * 65535) + PART2) + PART1. Or, put another way, part1*65536 + part2 (though it's actually written as the more efficient `$$ = uval | (uvalh 16)' in the parser). Yep. All the multiplication is way to complex. -- :wq Claudio
tun(4) and mpls
Hello all: Purely for curiosity, is is possible to enable mpls on the tun(4) interface? Thanks, Matt
tun(4) and mpls
Hello list: Purely for curiosity, is it possible to enable mpls on a tun(4) interface? Thanks, Matt
Re: putty or ssh, screen $cmd
On 05/27/11 14:53, Helmut Schneider wrote: Hi, I'd like to supply a command to screen. Unfortunatly when using putty or ssh nothing seems to happen: screen? screen? I dimly recall a program called screen. Archaic piece of sh**, as I recall. [helmut@OBSDHelmut ~]$ screen ls -la [screen is terminating] [helmut@OBSDHelmut ~]$ [helmut@BSDHelmut ~]$ ssh -t obsdhelmut screen ls -la Enter passphrase for key '/home/helmut/.ssh/id_dsa': [screen is terminating] Connection to obsdhelmut closed. [helmut@BSDHelmut ~]$ When doing this on a console it works fine. dunno what works fine means, but today, we use a program called tmux, which is part of base OpenBSD. n...@fluffy.in.nickh.org /home/nick $ ssh backup tmux -c 'ls -la /' nick@backup's password: total 65500 drwxr-xr-x 17 root wheel 512 May 23 20:14 . drwxr-xr-x 17 root wheel 512 May 23 20:14 .. -rw-r--r-- 1 root wheel 578 Feb 28 2009 .cshrc -rw-r--r-- 1 root wheel 468 May 23 20:14 .profile drwxr-xr-x 2 root wheel 512 Mar 2 08:51 altroot drwxr-xr-x 2 root wheel 1024 Mar 2 08:53 bin ... Seems to do something more than you show. Not sure what you are trying to accomplish, and since you didn't explain, I'm not going to worry about it. :) Whatever you wish to do with screen, you can probably accomplish with tmux...most likely better, and if you can't figure out how to make it dance as you want, as it is part of OpenBSD, ask right here. http://www.openbsd.org/faq/faq7.html#tmux man tmux Introduce your Linux and other BSD users to tmux, they'll love it, other than the ones that love screen only because it hasn't changed in years... (several of my coworkers are absolutely going ga-ga over tmux and now pushing it more obnoxiously than me). Nick.
Re: putty or ssh, screen $cmd
On Fri, May 27, 2011 at 10:27:59PM -0400, Nick Holland wrote: On 05/27/11 14:53, Helmut Schneider wrote: Hi, I'd like to supply a command to screen. Unfortunatly when using putty or ssh nothing seems to happen: screen? screen? I dimly recall a program called screen. Archaic piece of sh**, as I recall. http://www.openbsd.org/faq/faq7.html#tmux man tmux Has tmux been fixed to work on 150 MHz computers since it has moved to libevent? It was so bad I would compile a pre-libevent version on those computers. (Will need to check. It was probably more a libevent issue than tmux.) Just saying that at least, screen has been working for decades properly. Even if it was archaic. But it's not like tty are anything new themselves (the 8bit version ones).
Re: putty or ssh, screen $cmd
Just saying that at least, screen has been working for decades properly. Even if it was archaic. But it's not like tty are anything new themselves (the 8bit version ones). Go read the source code some time. bye bye.
Re: putty or ssh, screen $cmd
On Fri, May 27, 2011 at 11:15 PM, Hugo Villeneuve harpa...@jwales.eintr.net wrote: Has tmux been fixed to work on 150 MHz computers since it has moved to libevent? Has anyone reported what doesn't work?