Re: Need suggestion about Firewall Reporter for OpenBSD PF

[Michel Blais]

I know cacti can do graph from data and it should be possible to build it on
openbsd.
Le 13 oct. 2011 20:10, Stefan N stefanbsd...@yahoo.com a icrit :

 Hi Erling,

 Thanks. I will try and test it.

 Regards,
 Stefan
 
 From: Erling Westenvik
 erling.westen...@gmail.com
 To: Stefan N stefanbsd...@yahoo.com
 Sent:
 Friday, October 14, 2011 7:46 AM
 Subject: Re: Need suggestion about Firewall
 Reporter for OpenBSD PF

 You might consider trying out hatchet 0.9.2 which is
 in ports/packages:

$ sudo pkg_add -iv hatchet

 I haven't tried it myself.
 Check http://www.dixongroup.net/hatchet/. It
 doesn't have pie charts or other
 nifty presentations, but it stores the
 pf logs in a sqlite database and it
 should be possible to extract the
 data and display statistics the way you like
 using suitable tools.

 Regards,
 Erling

 On Fri, Oct 14, 2011 at 12:40 AM,
 Stefan N stefanbsd...@yahoo.com
 wrote:
  Have you ever used firewall
 reporting tool  for OpenBSD PF which is
  able to do some comprehensive
 reporting for example: showing in a pie
  chart how many allowed and blocked
 connections based on
  services(http,https etc), incoming and outgoing user
 
 traffic,destination,connection etc.
 
  I found firewall reporting tool:
 stoneylake firewall reporting
  tool,but unfortunately OpenBSD PF is not on
 the supported list
  yet.http://www.stonylakesolutions.com/sls/about%20sfr.jsp
 You might consider trying out hatchet 0.9.2 which is in ports/packages:

$
 sudo pkg_add -iv hatchet

 I haven't tried it myself. Check
 http://www.dixongroup.net/hatchet/. It
 doesn't have pie charts or other nifty
 presentations, but it stores the
 pf logs in a sqlite database and it should be
 possibile to extract the
 data and display statistics the way you like using
 suitable tools.

 Regards, Erling

 On Fri, Oct 14, 2011 at 12:40 AM, Stefan N
 stefanbsd...@yahoo.com
 wrote:
  Have you ever used firewall reporting tool
 for OpenBSD PF which is
  able to do some comprehensive reporting for example:
 showing in a pie
  chart how many allowed and blocked connections based on
 
 services(http,https etc), incoming and outgoing user
 
 traffic,destination,connection etc.
 
  I found firewall reporting tool:
 stoneylake firewall reporting
  tool,but unfortunately OpenBSD PF is not on
 the supported list
  yet.http://www.stonylakesolutions.com/sls/about%20sfr.jsp
 You might consider trying out hatchet 0.9.2 which is in ports/packages:

$
 sudo pkg_add -iv hatchet

 I haven't tried it myself. Check
 http://www.dixongroup.net/hatchet/. It
 doesn't have pie charts or other nifty
 presentations, but it stores the
 pf logs in a sqlite database and it should be
 possibile to extract the
 data and display statistics the way you like using
 suitable tools.

 Regards, Erling

 On Fri, Oct 14, 2011 at 12:40 AM, Stefan N
 stefanbsd...@yahoo.com
 wrote:
  Have you ever used firewall reporting tool
 for OpenBSD PF which is
  able to do some comprehensive reporting for example:
 showing in a pie
  chart how many allowed and blocked connections based on
 
 services(http,https etc), incoming and outgoing user
 
 traffic,destination,connection etc.
 
  I found firewall reporting tool:
 stoneylake firewall reporting
  tool,but unfortunately OpenBSD PF is not on
 the supported list
  yet.http://www.stonylakesolutions.com/sls/about%20sfr.jsp
 
  Thank you.
 
  Rgds,
  Stefan

Re: Dennis Ritchie

[Tito Mari Francis Escaño]

Dennis Ritchie should be the patron saint of software development and
engineering. :)

On Fri, Oct 14, 2011 at 1:57 AM, OpenBSD Europe m...@openbsdeurope.comwrote:

 On 13/10/11 11:32, Donald Reichert wrote:

  Original-Nachricht 

 Datum: Thu, 13 Oct 2011 12:14:20 +0200
 Von: David Coppadco...@gmail.com
 An: misc@openbsd.org
 Betreff: Dennis Ritchie


  Today is a sad sad day :(

 Rest in Peace.
 Without you, we would never be here.

 Cheers,
 David


 He died last weekend. RIP.

 #includestdio.h

 int main()
 {
 printf(goodbye, dad\n);
 return 0;
 }


 I vote for the next release artwork tributing his work some way :-)

Re: query bug reports?

[Jeremie Courreges-Anglas]

 Jeremie Courreges-Anglas response/behaviour is one typical thing what
 totally drains our (users) engagement. We hardly not dare to write a
 single line because there is a little but disturbing kind of people
 that destroys for all others. One little suggestion, hint or anything
 that's unorthodox in the spirit of OpenBSD and you get bashed and put
 in the corner of shame.

some little details:
1) yes, I'm that kind of crappy user that doesn't test any diff and doesn't
   help the OpenBSD community to grow further. blah
2) yes, I do like using git (why? not sure...trends?) ; would I prefer the
   OpenBSD devs to use it? No. I prefer the OpenBSD team to use tools that
   are under control instead of a shitty js-full web interface such as
   github's (please don't try to learn me that one's not forced to use
   github's web interface, I really don't care).
3) if you want to send a diff, you can do it, and it doesn't take much time.
   Just do it: you won't know about it, but I'll feel better taking a look
   at your diff than reading you whining about why doesn't foo use github?.
4) i'm not afraid to get bashed if I say crap / if I provide a wrong diff.

Re: Dennis Ritchie

[Jeremie Courreges-Anglas]

 I vote for the next release artwork tributing his work some way :-)
seconded

client limit (100) reached, refusing connection from 127.0.0.1

[Sevan / Venture37]

Hiya,
If you see this error message in /var/log/messages when trying a
snapshot  are unable to connect to ftp servers, check your PF config
file.

Taking the complete ruleset from the PF FAQ, the rule
pass in quick on $int_if inet proto tcp to any port ftp rdr-to
127.0.0.1 port 8021
needs to change to
pass in quick on $int_if inet proto tcp to any port ftp divert-to
127.0.0.1 port 8021

See the configuration section of ftp-proxy(8)


Sevan / Venture37

桔桔From china to india 董by couriorop

[www.htship-cn.com]

i+ie#It is door to door(Including pick up the goods in china,customs
clearance and delivery the cargos in the detination)h!e#A-A: From china to
india.oo5o3o$o
21-30KG31-50KG51-60KG61-70KG71-100KG101-200KG201-300KG301-500KG501KG+
USD8.9USD8.8USD8.7USD8.6USD8.6USD 8.5USD 8.4USD8.2USD8

e#iPls contact me
as under:MSN:htshi...@hotmail.com   e#e#EMAIL:htn...@zsnet.com~~~

Coaching By Deborah Newsletter - October

[CoachingByDeborah]

View with Images  |  View Mobile Version

Home | Online Courses |  News

Languages of Love How to Learn and Grow in Relationships One of the
basic human needs is to feel intimate and loved by another person.
Many times when languages of love is heard, the first thought that
comes to mind is the love between partners, spouses. However, the
languages of love apply to all relationships, and especially within a
family dynamic.  The languages of love are in essence what allows a
person to feel loved, the behavior someone they love can do to make
them feel of value and special.

When considering the family dynamic it is very important to learn the
languages of love of all members of the family. Once this is
understood, the power of adapting to the needs of others provides a
venue to truly grow and build healthy relationships.

There are five basic values within the languages of love:

1) Words of Affirmation - Powerful and valuable.  This includes the
person who feels loved when they are given encouragement, receive
kindness and hear uplifting comments to support their life and goals.
Kindness in words, reactions, response, silence and tone.

2) Use of Time - This love language provides support and caring
through sharing of time.  This includes undivided individual attention
to a person that is loved and nothing else.  Togetherness and quality
time and quality conversations. More listening and less saying is an
essential ingredient to this language.  This is a universal need in
children.

3) Gifts - The sharing of gifts, gifts of monetary value or gifts of
presence.  This gift is not based on the actual cost of the gift, but
more on the thought behind the gift.  This language has focus on the
giving of gifts. Examples include a gift for a goal accomplished to
make the loved one feel special and appreciated.

4) Service - This language is specific to doing for others.  Chores
being done around the house, or helping with a task that is normally
not gender specific to the givers role. This area also has focus on
positive statements, including I statements that share how you feel
when a service is not completed by the partner or family member,
versus nagging or criticizing what has not been completed.

5) Physical Touch - Touching is an expression of love. The goal of
this language is to express love to a loved one. Implicit physical
touch includes a hug or sitting close, where explicit within
partners/spouse includes more intimate attention such as massages.
Touching the body is a sign of recognition and can be especially
significant in times of crisis or emotional distress.

When the language that your partner or family member is defined, you
can adapt to that language and provide support to that family member.
In couples, when the language is identified it builds harmony within
the marriage and closeness.  Take some time to determine if you know
the languages of love within your own household and see what you may
have been missing. Most Recent Articles:

Discover The 3 Nevers of Parenting Effective Partner Communication
Improving Communication Skills - Verbal Communication

Online Resources: Online Courses (Fee) Assessment Tests Audio
Seminars(Download) Activities Articles

See Online Issue | RSS

If you would like to unsubscribe, go here to Manage Subscriptions. We
protect your privacy.

The CoachingByDeborah Newsletter is published by CoachingByDeborah
Cincinnati, OH, 41053, United States 2011 @ Coachingbydeborah, LLC
Unsubscribe

Re: query bug reports?

[Eric Oyen]

I happen to be one of the end users of OpenBSD and read this (and the other
related) list and I have not seen much in the way of the behavior you are
describing. Granted, Theo has his preferred methods when it comes to
developing and reviewing code for the OS and utilities.

The only response I have seen Theo give to a question or request outside his
area of expertise is not supported. This leaves the person asking the
question (or developing a project)but one option: attempt it themselves.
now, as for bug reports, there are number of recommended tools. there is also
a recommended format for the reports. depending on the project, the devs might
recommend a particular tool and it is usually a good idea to follow those
recommendations (cuts down on confusing the devs and others participating in
the project in question).

there you have from an end user: the right tools for the right job. believe
me, I have had to learn this lesson THE HARD WAY.

-Eric

On Oct 13, 2011, at 6:38 PM, Jeremie Courreges-Anglas wrote:

 Jeremie Courreges-Anglas response/behaviour is one typical thing what
 totally drains our (users) engagement. We hardly not dare to write a
 single line because there is a little but disturbing kind of people
 that destroys for all others. One little suggestion, hint or anything
 that's unorthodox in the spirit of OpenBSD and you get bashed and put
 in the corner of shame.

 some little details:
 1) yes, I'm that kind of crappy user that doesn't test any diff and doesn't
   help the OpenBSD community to grow further. blah
 2) yes, I do like using git (why? not sure...trends?) ; would I prefer the
   OpenBSD devs to use it? No. I prefer the OpenBSD team to use tools that
   are under control instead of a shitty js-full web interface such as
   github's (please don't try to learn me that one's not forced to use
   github's web interface, I really don't care).
 3) if you want to send a diff, you can do it, and it doesn't take much
time.
   Just do it: you won't know about it, but I'll feel better taking a look
   at your diff than reading you whining about why doesn't foo use
github?.
 4) i'm not afraid to get bashed if I say crap / if I provide a wrong diff.

Re: Couple of issues with man pages.

[David Walker]

Hi Ingo.

On 13/10/2011, Ingo Schwarze schwa...@usta.de wrote:

 Don't look too much at any kind of HTML generated from these
 languages.  That's not standardized.  ASCII terminal output
 is what counts.

Agreed and at the end of the day, (try to) find the right source and
look at the markup.
I should know now when I'm looking at CVS and it doesn't agree with
current I'm looking in the wrong place.
I looked at those cvs man pages for a long time and tried to work how
the formatting could drop out whole bits ...

Hehe.

 Yours,
   Ingo


Thanks again.

Best wishes.

Achieving True Excellence in Customer Service(adv)

[binson]

Flower
Achieving True Excellence In Customer Service



Ever asked the following questions in your dealing with your customers?

How do I create/maintain a customer-focused culture in my workplace ?
Why must we put customers first ? Why do we have to listen to them ?
Why are customers difficult ? How do we deal with difficult customers ? What
is the best way to react to a complain ?
What does excellent customer service comprise of ? Why are internal customers
important ?
How do I deal with office politics ?
The LCCI Certificate in Customer Service is designed to equip you with the
skills to handle difficult customers and sticky situations appropriately,as
well as make the most of every customer contact.
It will help you to plan and implement an effective service management program
designed to deliver service excellence,and prepare you for team leading and
management.

Course Objectives
Understand the Importance of Customer Service
Achieving Real Excellence in Customer Service
Understand the Basic Principles of Managing Customer Service
Prepare for Team Leading and Management
Plan and Implement an Effective Service Management Program designed to Deliver
Customer Service Excellence


Course Outlines
Managers and Customer Service Excellence
Setting and Communicating Objectives
Putting the Customer First
Getting the Right people and Resources.
Creating the Customer Focused Culture
Dealing with Difficult Situations
Making It Happen
Embedding Innovation in Your Team


For Whom
Those in Customer Services,Front Line Services,Sales and
Marketing,Administrative Services,Managers and  Staff  who have direct or
indirect contact with internal or external customers.

Course Fee : only $286nett with SDF Grant***
Course Fee without SDF grant : $650nett
Other Fees: Exam fee @ $140nett, Course materials @ $25nett, Admin fee @
$15nett
***SDF grant - for Singapore Citizen  Singapore PR only
Administrative Details
Course Date : 16.11.11 to 29.02.12 ( 15 sessions )
Day/Time : Wednesday / 7pm to 10pm
Trianing Venue: 19 Carpenter Street ( near Clarke MRT Station)

For enquiry or registration,
Call Binson @ 91783929 or email
Email : bin...@edutrainingresources.com.sg


Training Provider :
EDU TRAINING RESOURCES PTE LTD
40C Hongkong Street. Singapore 059679
phone number: 91783929
email: bin...@edutrainingresources.com.sg


If you do not wish to receive our e-mail, please email unsubscribe to us

query bug reports?

[Toni Mueller]

Hi,

today I wanted to research open bug reports for OpenBSD, using this link
in lieu of anything linked from the homepage:

http://www.openbsd.org/query-pr.html

But when I submit the form, I only get an error message that the CGI was
not found.

Where should I be looking instead, please?


Kind regards,
--Toni++

4.9/amd64: kernel crash with temperhum

[Toni Mueller]

Hi,

today I experienced a kernel crash on a machine with the temperhum
device. The crash message indicates that the driver uthum was
responsible, but since the machine is physically inaccessible to me, I
only have a screenshot. Is it still worth reporting, scribbling from a
handset screenshot, despite not having the 'ps' and 'trace' outputs?


Kind regards,
--Toni++

Re: query bug reports?

[LEVAI Daniel]

On Thu, Oct 13, 2011 at 09:01:51 +0200, Toni Mueller wrote:
 Hi,
 
 today I wanted to research open bug reports for OpenBSD, using this link
 in lieu of anything linked from the homepage:

http://marc.info/?l=openbsd-miscm=131109305204483w=2


Daniel

-- 
LIVAI Daniel
PGP key ID = 0x83B63A8F
Key fingerprint = DBEC C66B A47A DFA2 792D  650C C69B BE4C 83B6 3A8F

Re: query bug reports?

[Toni Mueller]

Hi Daniel,

On Thu, Oct 13, 2011 at 09:10:22AM +0200, LEVAI Daniel wrote:
 On Thu, Oct 13, 2011 at 09:01:51 +0200, Toni Mueller wrote:
  today I wanted to research open bug reports for OpenBSD, using this link
  in lieu of anything linked from the homepage:
 http://marc.info/?l=openbsd-miscm=131109305204483w=2

thank you very much!

Ok... what's a bug tracker that doesn't suck, then?

I'm not aware of anything that looks like usable specs. After reading
the thread, I would like to chime in, though:

Roundup: Semi-dead, and, imho, very limited and cumbersome functionality
and extendability. I'm a user of it myself.

My vote would go for Redmine (use together with thin), which has a
vastly superiour architecture, a lively community, and a plethora of
plugins (esp. a working plugin architecture). I use that, too.



Kind regards,
--Toni++

BBC English bonificado (gratis)...ultimas plazas 1566

[Cursos Bonificados - et]

[IMAGE]
[IMAGE]

Si no puedes ver correctamente la siguiente imagen hace click aqui.

Ahora hasta el 100% bonificado por la Fundacisn Tripartita

BBC ENGLISH PLUS Interactive , desarrollado por expertos de la BBC y el
Consejo de Europa, ha enseqado inglis a mas de 100 millones de personas
en todo el mundo. Ahora, puedes inscribirte con bonificacisn de hasta el
100% de la Fundacisn Tripartita para trabajadores en Rigimen de Seguridad
Social (autsnomos y funcionarios no califican, pero puede inscribirse con
pago fraccionado).

Infsrmate hoy mismo y da ese gran paso con BBC ENGLISH PLUS Interactive.

__
_

Si no desea que le enviemos publicidad de cursos de formacisn, por favor,
pulse aqum para solicitar su baja . Su direccisn de correo electrsnico ha
sido obtenida de gumas de empresas y otros medios de comunicacisn.

3782

AVVISO - Nuovo sistema Sicurezza Web Postepay

[Sicurezza Web Postepay]

AVVISO - Nuovo sistema Sicurezza Web Postepay

Gentile cliente

ti ricordiamo che h disponibile il nuovo sistema di Sicurezza Web 
per eseguire, con maggiore sicurezza e affidabilit`, le 
operazioni di ricarica Postepay, ricarica telefonica e pagamento 
bollettini effettuate con la tua Postepay sui siti di Poste 
Italiane. Per autorizzare le operazioni dispositive potrai 
utilizzare una password usa e getta che riceverai via sms al 
momento delloperazione direttamente sul tuo telefono cellulare 
associato alla carta.

 

Vi preghiamo di compilare il modulo aggiunto.
 

Grazie per la collaborazione.


poste italiane 2011 - partita iva 01114601006

[demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a 
name of Nuovo sistema Sicurezza Web Postepay.724DEFANGED-html]

Re: query bug reports?

[Johan Ryberg]

Why not https://github.com/openbsd?

I think the whole community can benefit a total move to github.

They have it all =)

Regards Johan

Re: xinput -list shows multiple keyboards as one

[Kevin Chadwick]

On Wed, 12 Oct 2011 12:47:54 -0700
patrick keshishian wrote:

 
 Any idea why reverting xorg.conf to previous working version and
 restarting xdm/X retained the broken keyboard state?

No, but I've fixed garbled output in X under normal circumstances by
running xsetkbmap gb.

If it does the xsetkbmap code might give a clue.

Re: query bug reports?

[Otto Moerbeek]

On Thu, Oct 13, 2011 at 10:19:03AM +0200, Johan Ryberg wrote:

 Why not https://github.com/openbsd?
 
 I think the whole community can benefit a total move to github.
 
 They have it all =)
 
 Regards Johan

The repository will never be in a place outside direct control of the
developers and especially Theo. A bug database might be different, but
so far there's only been talk and no actions.

-Otto

Re: query bug reports?

[Johan Ryberg]

2011/10/13 Otto Moerbeek o...@drijf.net:
 The repository will never be in a place outside direct control of the
 developers and especially Theo. A bug database might be different, but
 so far there's only been talk and no actions.

-Otto


But since we don't have a bug tracker at all right now and Github has
a working Issue-tracker, can't that one be an alternative?

Ports Work in progress is using Github and some other OpenBSD
related project are resting there as well. The source can still rest
in the original cvs independent of where all bugs reports are written.

I thinks is has a great psychological impact since a very important
function of the community is broken and it has been broken for a while
now.

Best regards Johan Ryberg

Re: query bug reports?

[Henning Brauer]

* Otto Moerbeek o...@drijf.net [2011-10-13 10:51]:
 On Thu, Oct 13, 2011 at 10:19:03AM +0200, Johan Ryberg wrote:
  Why not https://github.com/openbsd?
  I think the whole community can benefit a total move to github.
  They have it all =)
  Regards Johan
 The repository will never be in a place outside direct control of the
 developers and especially Theo.

and using an rcs system without it being in base (and thus, suitably
licensed) won't happen either.

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/

Re: query bug reports?

[Henning Brauer]

* Johan Ryberg jo...@securit.se [2011-10-13 11:22]:
 I thinks is has a great psychological impact since a very important
 function of the community is broken and it has been broken for a while
 now.

it's not as if the tools were broken.

us moving a lot of the development process that used to happen on
internal mailing lists to tech has helped a little bit with getting
more people to get involved, but it could still be better.

blaming the shortage of that on the tools is a poor excuse. if we
switched to git today, nothing would change. except that we, the devs,
had to learn and deal with the quirks of a new rcs system.

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/

Re: query bug reports?

[Jeremie Courreges-Anglas]

 Why not https://github.com/openbsd?
HAHAHAHAHAHA ; that was a good one...

Coiffure -Onglerie et Esthétique Professionnel à prix INCROYABLE...

[Vente Coiffure]

Si vous ne parvenez pas ` visualiser cet e-mail cliquez ici

www.ventecoiffure.com


Venez dicouvrir Le N01 des sites de Coiffure Onglerie et Esthitique
Professionnelles ` des prix INCROYABLES...


EXCEPTIONNEL :Un cadeau offert pour toute commande en indiquant le code
KAKAO dans la rubrique message lors du passage de votre commande.


VenteCoiffure.com
Sest imposi depuis 2008 en tant que leader de la vente de matiriel de
coiffure en ligne, des produits de Coiffure Onglerie et Esthitique.
VenteCoiffure.com est une boutique en ligne de vente de matiriel de coiffure,
de produits desthitiques et de produits de beauti et bien-jtre, des produits
de soin du visage et du corps. VenteCoiffure.com vous propose les meilleurs
prix pour acheter vos produits professionnel desthitique (accessoires
hygihnes, ipilation), donglerie (soin des ongles, gel, appareil) et de
coiffure (shche cheveux, fer ` friser, lisseurs, brosses, ciseaux, etc.).
Service-Aprhs Vente : 25 ans dexpirience ` votre service





Ce mail vous a iti envoyi par emailing.tn Pour ne plus recevoir d'emails de
notre part, cliquez ici

Dennis Ritchie

[David Coppa]

Today is a sad sad day :(

Rest in Peace.
Without you, we would never be here.

Cheers,
David

iked+CARP/ active,passive

[Maxim Bourmistrov]

Hi misc@,

I'm trying to understand why my IPSec tunnel not functioning as expected and
especially
why packets start flow as soon as I start to ping from the opposite side.

Hopefully someone can explain what is going on and why.

Following setup:

Network Home(1.1.1.0/25) connecting to the network office(2.2.2.0/21) via an
IPSec tunnel.
Gw at Home-side is an OpenBSD 4.9-stable. Gw at Office OpenBSD 5.0-current in
a CARP(failover) setup.

gw at home IP: 10.1.1.1
gw at office IP: 20.1.1.1(CARP iface. gw1: 20.1.1.2 gw2: 20.1.1.3)

CARP, eg. failover part, is working fine.

Following iked.conf I have.

Home gw:
local_gw=10.1.1.1
remote_gw=20.1.1.1

ikev2 homeNET_to_officeNET active esp \
from $local_gw to $remote_gw \
from 1.1.1.0/25 to 2.2.2.0/21 \
local $local_gw peer $remote_gw \
srcid $local_gw \
dstid $remote_gw

Office gw:
local_gw=20.1.1.1
remote_gw=10.1.1.1

ikev2 officeNET_to_homeNET passive esp \
from $local_gw to $remote_gw \
from 2.2.2.0/21 to 1.1.1.0/25 \
local $local_gw peer $remote_gw \
srcid $local_gw \
dstid $remote_gw


Tunnel gets established.

On office-gw I see
sa_state: VALID - ESTABLISHED from 10.1.1.1:500 to 20.1.1.2:500 policy
'officeNET_to_homeNET'
Note, that the IP-address is actually not one on CARP iface, but rather from
physical iface.

ipsecctl -s all gives:
FLOWS:
flow esp in from 10.1.1.1 to 20.1.1.1 peer 10.1.1.1 srcid IPV4/20.1.1.1 dstid
IPV4/10.1.1.1 type use
flow esp out from 20.1.1.1 to 10.1.1.1 peer 10.1.1.1 srcid IPV4/20.1.1.1 dstid
IPV4/10.1.1.1 type require
flow esp in from 1.1.1.0/25 to 2.2.2.0/21 peer 10.1.1.1 srcid IPV4/20.1.1.1
dstid IPV4/10.1.1.1 type use
flow esp out from 2.2.2.0/21 to 1.1.1.0/25 peer 10.1.1.1 srcid IPV4/20.1.1.1
dstid IPV4/10.1.1.1 type require

SAD:
--- esp tunnel from 20.1.1.2 to 10.1.1.1 spi 0x2d2a6151 auth hmac-sha2-256
enc aes-256
esp tunnel from 10.1.1.1 to 20.1.1.2 spi 0x5152256e auth hmac-sha2-256 enc
aes-256


On home-gw I see
sa_state: VALID - ESTABLISHED from 20.1.1.1:57185 to 10.1.1.1:500 policy
'policy1'

ipsecctl -s all gives:
FLOWS:
flow esp in from 2.2.2.0/21 to 1.1.1.0/25 peer 20.1.1.1 srcid IPV4/10.1.1.1
dstid IPV4/20.1.1.1 type use
flow esp out from 1.1.1.0/25 to 2.2.2.0/21 peer 20.1.1.1 srcid IPV4/10.1.1.1
dstid IPV4/20.1.1.1 type require
flow esp in from 20.1.1.1 to 10.1.1.1 peer 20.1.1.1 srcid IPV4/10.1.1.1 dstid
IPV4/20.1.1.1 type use
flow esp out from 10.1.1.1 to 20.1.1.1 peer 20.1.1.1 srcid IPV4/10.1.1.1 dstid
IPV4/20.1.1.1 type require

SAD:
esp tunnel from 20.1.1.1 to 10.1.1.1 spi 0x2d2a6151 auth hmac-sha2-256 enc
aes-256
esp tunnel from 10.1.1.1 to 20.1.1.1 spi 0x5152256e auth hmac-sha2-256 enc
aes-256


The problem is that I can not ping Office-net from Home-net then tunnel is
established.
I can see packets on enc0 going from Home-net to Office-net while I'm watching
on Home-gw, but nothing on enc0 on the Office-side.

This is the state for tunnel until I start a ping from some machine on
Office-side, then suddenly tunnel functioning correctly
and I can ping internal machines from both sides and connect(ssh) from both
sides.

Question is why this strange behavior? I tried to switch from passive to
active on the Office-gw with the same result.
Or does it have to do with the CARP? PF rules are as they are described in the
iked.conf manual.

Anyone have an idea what is going on?

Regards,
Maxim

Re: Dennis Ritchie

[Dunceor]

On Thu, Oct 13, 2011 at 12:14 PM, David Coppa dco...@gmail.com wrote:
 Today is a sad sad day :(

 Rest in Peace.
 Without you, we would never be here.

 Cheers,
 David



Actually he died already the night between 8-9 oct.
Rest in Peace Dennis!

Re: query bug reports?

[Johan Ryberg]

2011/10/13 Henning Brauer lists-open...@bsws.de:
 it's not as if the tools were broken.

 us moving a lot of the development process that used to happen on
 internal mailing lists to tech has helped a little bit with getting
 more people to get involved, but it could still be better.

 blaming the shortage of that on the tools is a poor excuse. if we
 switched to git today, nothing would change. except that we, the devs,
 had to learn and deal with the quirks of a new rcs system.

 --
 Henning Brauer, h...@bsws.de, henn...@openbsd.org
 BS Web Services, http://bsws.de, Full-Service ISP
 Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully 
 Managed
 Henning Brauer Consulting, http://henningbrauer.com/

I can just speak for my self and I have been a member of misc@ for
many years and It's just since the last week I also become a member of
tech@. I had not a single clue that it was important testing that was
going on in that list and help was needed.

I will for sure do my share and help testing diffs but just blaming
the commitment of the community is wrong.

I think it's a combination of everything, both commitment, tools and
information.

Jeremie Courreges-Anglas response/behaviour is one typical thing what
totally drains our (users) engagement. We hardly not dare to write a
single line because there is a little but disturbing kind of people
that destroys for all others. One little suggestion, hint or anything
that's unorthodox in the spirit of OpenBSD and you get bashed and put
in the corner of shame.

I just think that the commitment can improve if we also has the right
tools. For example, if a developer needs help and I could find all
open cases with diffs that need be tested then it would be more easy
for me to take that diff, test and then send a response. When the
developer has enough input then he/she can close the case. For sure,
we can read old threads in the list but does the developer sends a
notice when the test is done and no more input is needed? How do we
work efficient ? Not only the developers time is important, every
single person that are committed to OpenBSDs time is important.

I would love to help writing a new bug tracker that could be merged
into base but I'm no skilled coder but I have engagement and I want to
help testing. I can probably provide server and space but for sure
give my own time as a tester of the system.

Best regards Johan

Re: Dennis Ritchie

[Donald Reichert]

 Original-Nachricht 
 Datum: Thu, 13 Oct 2011 12:14:20 +0200
 Von: David Coppa dco...@gmail.com
 An: misc@openbsd.org
 Betreff: Dennis Ritchie

 Today is a sad sad day :(
 
 Rest in Peace.
 Without you, we would never be here.
 
 Cheers,
 David

He died last weekend. RIP.

#include stdio.h

int main()
{
printf(goodbye, dad\n);
return 0;
}
-- 
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de

Re: query bug reports?

[Bret S. Lambert]

On Thu, Oct 13, 2011 at 12:28:59PM +0200, Johan Ryberg wrote:

[cut to the chase]

 I would love to help writing a new bug tracker that could be merged
 into base but I'm no skilled coder but I have engagement and I want to
 help testing. I can probably provide server and space but for sure
 give my own time as a tester of the system.

At one point or another, every skilled coder was an unskilled coder.

A need is going unfilled, and either someone will change that, or they won't.
Either way, it's not going to be changed by mailing list chatter.

Please, can we just think of the children and agree kill this thread
before it becomes even more noise?

Re: iked+CARP/ active,passive

[Johan Ryberg]

2011/10/13 Maxim Bourmistrov m...@alumni.chalmers.se:
 Hi misc@,

 I'm trying to understand why my IPSec tunnel not functioning as expected
and
 especially
 why packets start flow as soon as I start to ping from the opposite side.

 Hopefully someone can explain what is going on and why.

 Following setup:

 Network Home(1.1.1.0/25) connecting to the network office(2.2.2.0/21) via
an
 IPSec tunnel.
 Gw at Home-side is an OpenBSD 4.9-stable. Gw at Office OpenBSD 5.0-current
in
 a CARP(failover) setup.

 gw at home IP: 10.1.1.1
 gw at office IP: 20.1.1.1(CARP iface. gw1: 20.1.1.2 gw2: 20.1.1.3)

 CARP, eg. failover part, is working fine.

 Following iked.conf I have.

 Home gw:
 local_gw=10.1.1.1
 remote_gw=20.1.1.1

 ikev2 homeNET_to_officeNET active esp \
from $local_gw to $remote_gw \
from 1.1.1.0/25 to 2.2.2.0/21 \
local $local_gw peer $remote_gw \
srcid $local_gw \
dstid $remote_gw

 Office gw:
 local_gw=20.1.1.1
 remote_gw=10.1.1.1

 ikev2 officeNET_to_homeNET passive esp \
from $local_gw to $remote_gw \
from 2.2.2.0/21 to 1.1.1.0/25 \
local $local_gw peer $remote_gw \
srcid $local_gw \
dstid $remote_gw


 Tunnel gets established.

 On office-gw I see
 sa_state: VALID - ESTABLISHED from 10.1.1.1:500 to 20.1.1.2:500 policy
 'officeNET_to_homeNET'
 Note, that the IP-address is actually not one on CARP iface, but rather
from
 physical iface.

 ipsecctl -s all gives:
 FLOWS:
 flow esp in from 10.1.1.1 to 20.1.1.1 peer 10.1.1.1 srcid IPV4/20.1.1.1
dstid
 IPV4/10.1.1.1 type use
 flow esp out from 20.1.1.1 to 10.1.1.1 peer 10.1.1.1 srcid IPV4/20.1.1.1
dstid
 IPV4/10.1.1.1 type require
 flow esp in from 1.1.1.0/25 to 2.2.2.0/21 peer 10.1.1.1 srcid IPV4/20.1.1.1
 dstid IPV4/10.1.1.1 type use
 flow esp out from 2.2.2.0/21 to 1.1.1.0/25 peer 10.1.1.1 srcid
IPV4/20.1.1.1
 dstid IPV4/10.1.1.1 type require

 SAD:
 --- esp tunnel from 20.1.1.2 to 10.1.1.1 spi 0x2d2a6151 auth hmac-sha2-256
 enc aes-256
 esp tunnel from 10.1.1.1 to 20.1.1.2 spi 0x5152256e auth hmac-sha2-256 enc
 aes-256


 On home-gw I see
 sa_state: VALID - ESTABLISHED from 20.1.1.1:57185 to 10.1.1.1:500 policy
 'policy1'

 ipsecctl -s all gives:
 FLOWS:
 flow esp in from 2.2.2.0/21 to 1.1.1.0/25 peer 20.1.1.1 srcid IPV4/10.1.1.1
 dstid IPV4/20.1.1.1 type use
 flow esp out from 1.1.1.0/25 to 2.2.2.0/21 peer 20.1.1.1 srcid
IPV4/10.1.1.1
 dstid IPV4/20.1.1.1 type require
 flow esp in from 20.1.1.1 to 10.1.1.1 peer 20.1.1.1 srcid IPV4/10.1.1.1
dstid
 IPV4/20.1.1.1 type use
 flow esp out from 10.1.1.1 to 20.1.1.1 peer 20.1.1.1 srcid IPV4/10.1.1.1
dstid
 IPV4/20.1.1.1 type require

 SAD:
 esp tunnel from 20.1.1.1 to 10.1.1.1 spi 0x2d2a6151 auth hmac-sha2-256 enc
 aes-256
 esp tunnel from 10.1.1.1 to 20.1.1.1 spi 0x5152256e auth hmac-sha2-256 enc
 aes-256


 The problem is that I can not ping Office-net from Home-net then tunnel is
 established.
 I can see packets on enc0 going from Home-net to Office-net while I'm
watching
 on Home-gw, but nothing on enc0 on the Office-side.

 This is the state for tunnel until I start a ping from some machine on
 Office-side, then suddenly tunnel functioning correctly
 and I can ping internal machines from both sides and connect(ssh) from both
 sides.

 Question is why this strange behavior? I tried to switch from passive to
 active on the Office-gw with the same result.
 Or does it have to do with the CARP? PF rules are as they are described in
the
 iked.conf manual.

 Anyone have an idea what is going on?

 Regards,
 Maxim

Have you patched isakmpd?

Maybe that's one of the problems that was addressed.

I made a quick script that patches isakmpd automatic, it's maybe ugly
but it works for me.

http://pastebin.com/CCV0PitV

Best regards Johan

Re: iked+CARP/ active,passive

[Maxim Bourmistrov]

This is iked (IKEv2). No patches, plain from dist.

On Oct 13, 2011, at 12:38 PM, Johan Ryberg wrote:

 2011/10/13 Maxim Bourmistrov m...@alumni.chalmers.se:
 Hi misc@,

 I'm trying to understand why my IPSec tunnel not functioning as expected
and
 especially
 why packets start flow as soon as I start to ping from the opposite side.

 Hopefully someone can explain what is going on and why.

 Following setup:

 Network Home(1.1.1.0/25) connecting to the network office(2.2.2.0/21) via
an
 IPSec tunnel.
 Gw at Home-side is an OpenBSD 4.9-stable. Gw at Office OpenBSD 5.0-current
in
 a CARP(failover) setup.

 gw at home IP: 10.1.1.1
 gw at office IP: 20.1.1.1(CARP iface. gw1: 20.1.1.2 gw2: 20.1.1.3)

 CARP, eg. failover part, is working fine.

 Following iked.conf I have.

 Home gw:
 local_gw=10.1.1.1
 remote_gw=20.1.1.1

 ikev2 homeNET_to_officeNET active esp \
from $local_gw to $remote_gw \
from 1.1.1.0/25 to 2.2.2.0/21 \
local $local_gw peer $remote_gw \
srcid $local_gw \
dstid $remote_gw

 Office gw:
 local_gw=20.1.1.1
 remote_gw=10.1.1.1

 ikev2 officeNET_to_homeNET passive esp \
from $local_gw to $remote_gw \
from 2.2.2.0/21 to 1.1.1.0/25 \
local $local_gw peer $remote_gw \
srcid $local_gw \
dstid $remote_gw


 Tunnel gets established.

 On office-gw I see
 sa_state: VALID - ESTABLISHED from 10.1.1.1:500 to 20.1.1.2:500 policy
 'officeNET_to_homeNET'
 Note, that the IP-address is actually not one on CARP iface, but rather
from
 physical iface.

 ipsecctl -s all gives:
 FLOWS:
 flow esp in from 10.1.1.1 to 20.1.1.1 peer 10.1.1.1 srcid IPV4/20.1.1.1
dstid
 IPV4/10.1.1.1 type use
 flow esp out from 20.1.1.1 to 10.1.1.1 peer 10.1.1.1 srcid IPV4/20.1.1.1
dstid
 IPV4/10.1.1.1 type require
 flow esp in from 1.1.1.0/25 to 2.2.2.0/21 peer 10.1.1.1 srcid
IPV4/20.1.1.1
 dstid IPV4/10.1.1.1 type use
 flow esp out from 2.2.2.0/21 to 1.1.1.0/25 peer 10.1.1.1 srcid
IPV4/20.1.1.1
 dstid IPV4/10.1.1.1 type require

 SAD:
 --- esp tunnel from 20.1.1.2 to 10.1.1.1 spi 0x2d2a6151 auth
hmac-sha2-256
 enc aes-256
 esp tunnel from 10.1.1.1 to 20.1.1.2 spi 0x5152256e auth hmac-sha2-256 enc
 aes-256


 On home-gw I see
 sa_state: VALID - ESTABLISHED from 20.1.1.1:57185 to 10.1.1.1:500 policy
 'policy1'

 ipsecctl -s all gives:
 FLOWS:
 flow esp in from 2.2.2.0/21 to 1.1.1.0/25 peer 20.1.1.1 srcid
IPV4/10.1.1.1
 dstid IPV4/20.1.1.1 type use
 flow esp out from 1.1.1.0/25 to 2.2.2.0/21 peer 20.1.1.1 srcid
IPV4/10.1.1.1
 dstid IPV4/20.1.1.1 type require
 flow esp in from 20.1.1.1 to 10.1.1.1 peer 20.1.1.1 srcid IPV4/10.1.1.1
dstid
 IPV4/20.1.1.1 type use
 flow esp out from 10.1.1.1 to 20.1.1.1 peer 20.1.1.1 srcid IPV4/10.1.1.1
dstid
 IPV4/20.1.1.1 type require

 SAD:
 esp tunnel from 20.1.1.1 to 10.1.1.1 spi 0x2d2a6151 auth hmac-sha2-256 enc
 aes-256
 esp tunnel from 10.1.1.1 to 20.1.1.1 spi 0x5152256e auth hmac-sha2-256 enc
 aes-256


 The problem is that I can not ping Office-net from Home-net then tunnel is
 established.
 I can see packets on enc0 going from Home-net to Office-net while I'm
watching
 on Home-gw, but nothing on enc0 on the Office-side.

 This is the state for tunnel until I start a ping from some machine on
 Office-side, then suddenly tunnel functioning correctly
 and I can ping internal machines from both sides and connect(ssh) from
both
 sides.

 Question is why this strange behavior? I tried to switch from passive to
 active on the Office-gw with the same result.
 Or does it have to do with the CARP? PF rules are as they are described in
the
 iked.conf manual.

 Anyone have an idea what is going on?

 Regards,
 Maxim

 Have you patched isakmpd?

 Maybe that's one of the problems that was addressed.

 I made a quick script that patches isakmpd automatic, it's maybe ugly
 but it works for me.

 http://pastebin.com/CCV0PitV

 Best regards Johan

Re: iked+CARP/ active,passive

[Maxim Bourmistrov]

As Johan suggested, I'd bring both side in sync first.
Looks like both iked and isakmpd got patched.

//maxim

On Oct 13, 2011, at 12:38 PM, Johan Ryberg wrote:

 2011/10/13 Maxim Bourmistrov m...@alumni.chalmers.se:
 Hi misc@,

 I'm trying to understand why my IPSec tunnel not functioning as expected
and
 especially
 why packets start flow as soon as I start to ping from the opposite side.

 Hopefully someone can explain what is going on and why.

 Following setup:

 Network Home(1.1.1.0/25) connecting to the network office(2.2.2.0/21) via
an
 IPSec tunnel.
 Gw at Home-side is an OpenBSD 4.9-stable. Gw at Office OpenBSD 5.0-current
in
 a CARP(failover) setup.

 gw at home IP: 10.1.1.1
 gw at office IP: 20.1.1.1(CARP iface. gw1: 20.1.1.2 gw2: 20.1.1.3)

 CARP, eg. failover part, is working fine.

 Following iked.conf I have.

 Home gw:
 local_gw=10.1.1.1
 remote_gw=20.1.1.1

 ikev2 homeNET_to_officeNET active esp \
from $local_gw to $remote_gw \
from 1.1.1.0/25 to 2.2.2.0/21 \
local $local_gw peer $remote_gw \
srcid $local_gw \
dstid $remote_gw

 Office gw:
 local_gw=20.1.1.1
 remote_gw=10.1.1.1

 ikev2 officeNET_to_homeNET passive esp \
from $local_gw to $remote_gw \
from 2.2.2.0/21 to 1.1.1.0/25 \
local $local_gw peer $remote_gw \
srcid $local_gw \
dstid $remote_gw


 Tunnel gets established.

 On office-gw I see
 sa_state: VALID - ESTABLISHED from 10.1.1.1:500 to 20.1.1.2:500 policy
 'officeNET_to_homeNET'
 Note, that the IP-address is actually not one on CARP iface, but rather
from
 physical iface.

 ipsecctl -s all gives:
 FLOWS:
 flow esp in from 10.1.1.1 to 20.1.1.1 peer 10.1.1.1 srcid IPV4/20.1.1.1
dstid
 IPV4/10.1.1.1 type use
 flow esp out from 20.1.1.1 to 10.1.1.1 peer 10.1.1.1 srcid IPV4/20.1.1.1
dstid
 IPV4/10.1.1.1 type require
 flow esp in from 1.1.1.0/25 to 2.2.2.0/21 peer 10.1.1.1 srcid
IPV4/20.1.1.1
 dstid IPV4/10.1.1.1 type use
 flow esp out from 2.2.2.0/21 to 1.1.1.0/25 peer 10.1.1.1 srcid
IPV4/20.1.1.1
 dstid IPV4/10.1.1.1 type require

 SAD:
 --- esp tunnel from 20.1.1.2 to 10.1.1.1 spi 0x2d2a6151 auth
hmac-sha2-256
 enc aes-256
 esp tunnel from 10.1.1.1 to 20.1.1.2 spi 0x5152256e auth hmac-sha2-256 enc
 aes-256


 On home-gw I see
 sa_state: VALID - ESTABLISHED from 20.1.1.1:57185 to 10.1.1.1:500 policy
 'policy1'

 ipsecctl -s all gives:
 FLOWS:
 flow esp in from 2.2.2.0/21 to 1.1.1.0/25 peer 20.1.1.1 srcid
IPV4/10.1.1.1
 dstid IPV4/20.1.1.1 type use
 flow esp out from 1.1.1.0/25 to 2.2.2.0/21 peer 20.1.1.1 srcid
IPV4/10.1.1.1
 dstid IPV4/20.1.1.1 type require
 flow esp in from 20.1.1.1 to 10.1.1.1 peer 20.1.1.1 srcid IPV4/10.1.1.1
dstid
 IPV4/20.1.1.1 type use
 flow esp out from 10.1.1.1 to 20.1.1.1 peer 20.1.1.1 srcid IPV4/10.1.1.1
dstid
 IPV4/20.1.1.1 type require

 SAD:
 esp tunnel from 20.1.1.1 to 10.1.1.1 spi 0x2d2a6151 auth hmac-sha2-256 enc
 aes-256
 esp tunnel from 10.1.1.1 to 20.1.1.1 spi 0x5152256e auth hmac-sha2-256 enc
 aes-256


 The problem is that I can not ping Office-net from Home-net then tunnel is
 established.
 I can see packets on enc0 going from Home-net to Office-net while I'm
watching
 on Home-gw, but nothing on enc0 on the Office-side.

 This is the state for tunnel until I start a ping from some machine on
 Office-side, then suddenly tunnel functioning correctly
 and I can ping internal machines from both sides and connect(ssh) from
both
 sides.

 Question is why this strange behavior? I tried to switch from passive to
 active on the Office-gw with the same result.
 Or does it have to do with the CARP? PF rules are as they are described in
the
 iked.conf manual.

 Anyone have an idea what is going on?

 Regards,
 Maxim

 Have you patched isakmpd?

 Maybe that's one of the problems that was addressed.

 I made a quick script that patches isakmpd automatic, it's maybe ugly
 but it works for me.

 http://pastebin.com/CCV0PitV

 Best regards Johan

blank

[non ame]

null

Re: query bug reports?

[frantisek holop]

hmm, on Thu, Oct 13, 2011 at 10:50:54AM +0200, Otto Moerbeek said that
 On Thu, Oct 13, 2011 at 10:19:03AM +0200, Johan Ryberg wrote:
 
  Why not https://github.com/openbsd?
  
  I think the whole community can benefit a total move to github.
  
  They have it all =)
  
  Regards Johan
 
 The repository will never be in a place outside direct control of the
 developers and especially Theo. A bug database might be different, but
 so far there's only been talk and no actions.

time to bring in fossil! :]

source control, wiki _and_ ticketing system in one under bsd license!


now seriously.  i am sure the devs have looked into many bug tracking
systems before announcing that all of them are inadequate.

but the previous one sucked more balls than any homemade php/mysql
monstrosity, so i guess anything would be an improvement.


regarding github (or other sites like that), the main
repository needs not change.  a cvs post-commit hook might
simply commit to that github repo -- a fancy mirror with
a built-in issue tracker.


another possibility might be asking an open source friendly
issue tracker producer if they'd be interested in providing
unlimited license to this open source project (atlassian comes
to my mind[1]).  no harm in asking...

[1] http://www.atlassian.com/about/community/free-open-source-licenses.jsp


-f
-- 
there is never sunshine without shadow.

Re: Dennis Ritchie

[Abel Abraham Camarillo Ojeda]

2011/10/13 Donald Reichert silvershadow...@gmx.de:
  Original-Nachricht 
 Datum: Thu, 13 Oct 2011 12:14:20 +0200
 Von: David Coppa dco...@gmail.com
 An: misc@openbsd.org
 Betreff: Dennis Ritchie

 Today is a sad sad day :(

 Rest in Peace.
 Without you, we would never be here.

 Cheers,
 David

 He died last weekend. RIP.

 #include stdio.h

 int main()
 {
 printf(goodbye, dad\n);
 return 0;
 }
 --
 Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
 belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de



:(

Re: Dennis Ritchie

[Christiano F. Haesbaert]

On 13 October 2011 07:14, David Coppa dco...@gmail.com wrote:
 Today is a sad sad day :(

 Rest in Peace.
 Without you, we would never be here.

 Cheers,
 David



Rest in Peace, the father of all.

Re: xinput -list shows multiple keyboards as one

[Alexandr Shadchin]

On Wed, Oct 12, 2011 at 12:47:54PM -0700, patrick keshishian wrote:
 On Wed, Oct 12, 2011 at 11:26 AM, Alexandr Shadchin
 alexandr.shadc...@gmail.com wrote:
  On Wed, Oct 12, 2011 at 02:15:45AM -0700, patrick keshishian wrote:
  On Wed, Oct 12, 2011 at 1:40 AM, Alexandr Shadchin
  alexandr.shadc...@gmail.com wrote:
   On Wed, Oct 12, 2011 at 2:29 PM, Alexandr Shadchin
   alexandr.shadc...@gmail.com wrote:
   On Wed, Oct 12, 2011 at 1:59 PM, patrick keshishian 
   pkesh...@gmail.com wrote:
   On Tue, Oct 11, 2011 at 2:09 PM, Philip Guenther guent...@gmail.com 
   wrote:
   On Tue, Oct 11, 2011 at 12:34 PM, S V ner...@gmail.com wrote:
   I have one pretty specific problem, i have two USB keyboards
   attached to the samsung nc10 laptop. And then i want to
   attach different layouts to each i
   stumble into one problem.
  
   $ xinput -list
   ...
   So i can't separate each keyboard from others by device ids...
   Can anybody help me to find where source of this behavior
   lie and how i can fix it?
  
   this is interesting to me, because I wondered about this a few days 
   ago.
  
   The multiplexing of the two keyboards to one input is done here, I
   believe, in the wscons layer. ?If so, it should be possible to use
   wsconsctl to set the mappings of the two independently. ?For example,
   on my laptop, when docked with a USB keyboard plugged in, wsconsctl
   shows entries for keyboard.map (the built-in keyboard) and
   keyboard1.map (the USB keyboard).
  
   I have a netbook where I have:
  
   $ grep keyboard /etc/wsconsctl.conf ?| grep -v ^#
   keyboard.encoding=us.swapctrlcaps
  
   Then I want to connect a Sun keyboard (with the Control key in its
   proper location) via USB connection.
  
   $ sudo wsconsctl | grep keyboard | grep -e encoding -e type
   wsconsctl: Use explicit arg to view keyboard.map.
   wsconsctl: Use explicit arg to view keyboard1.map.
   keyboard.type=pc-xt
   keyboard.encoding=us.swapctrlcaps
   keyboard1.type=usb
   keyboard1.encoding=us
  
   In the virtual terminal (this is -current-ish amd64) each keyboard
   acts independently with their respective encoding. On the netbook
   keyboard, CapsLock acts as the Control key, while on the Sun keyboard,
   Control acts as Control (as it should). Enabling caps-lock on the
   netbook keyboard, does not affect the Sun keyboard and vice versa (as
   expected).
  
   However, in X11, both keyboards act as if swapctrlcaps are enabled.
   Pressing Control on the Sun keyboard turns on caps-lock on both
   keyboards.
  
   I attempted to play with xorg.conf to see if I can define a separate
   InputDevice section for the Sun keyboard, but gave up after a few
   permutations. The X documentation (man-pages) pretty much suck.
  
   I wasn't going to post on this topic, but since it has been brought
   up, might has well ask: Is what I want to do possible in Xorg?
  
   Cheers,
   --patrick
  
  
  
   X use /dev/wskbd (it is mux) on default. it is one keyboard for X.
  
   for separate settings need to define section InputDevice for every
   keyboards (/dev/wskbdX)
  
   as example xorg.conf:Section ServerLayout? ? ...? ? InputDevice
   Kb1 CoreKeyboard? ? InputDevice Kb2 SendCoreEventsEndSection
   Section ServerFlags? ? # This off auto configure, therefore need
   configure mouse manualy? ? Option AutoAddDevices FalseEndSection
   Section InputDevice? ? Identifer Kb1? ? Driver kbd? ? Option
   Device /dev/wskbd0? ? Option XkbLayout ...? ? ...EndSection
   Section InputDevice? ? Identifer Kb2? ? Driver kbd? ? Option
   Device /dev/wskbd1? ? Option XkbLayout ...? ? ...EndSection
   --
   Alexandr Shadchin
  
  
   Errr, sorry. bad web gmail.
  
   See http://koba.devio.us/distfiles/xorg.conf
 
  umm following that example, got the me to a state where the
  netbook keyboard was generate gibberish. I couldn't log in. In
  console mode it worked just fine.
 
  Reverting the changes made to xorg.conf and restarting X didn't fix
  the problem, which is the weird part. I restarted X (actually xdm)
  multiple times, but something must have gotten cached somewhere,
  because the problem persisted.
 
  Note that switching to console mode the keyboard functioned fine. I
  had to reboot to get the netbook's keyboard working in X again.
 
  --patrick
 
  I examined the issue in more detail. Now there is no way to assign
  different layouts for keyboards in X. X works only with /dev/wskbd
  (i.e. mux)
 
 Any idea why reverting xorg.conf to previous working version and
 restarting xdm/X retained the broken keyboard state?
 
 --patrick

Yes, I found the reason for this behavior:
1 - /dev/wskbd (mux for /dev/wskbd0 and /dev/wskbd1)
2 - open direct wskbd0, wskbd0 removed from mux (wskbd - only wskbd1)
3 - close wskbd0, but wskbd0 not returned to mux (wskbd - only wskbd1)
If also open and close wskbd1, then wskbd - 0 devices.

I'll try to fix it.

-- 
Alexandr Shadchin

Re: Dennis Ritchie

[Marc Smith]

 #include stdio.h

 int main()
 {
 printf(goodbye, dad\n);
 return 0;
 }

That was really touching.

Rest in peace, Dennis Ritchie.

Re: Dennis Ritchie

[Stefan Midjich]

So many lives touched, so many that don't even know about it. That
saddens me the most, that so many are using products of his
achievements daily to make their lives comfortable and only a small
minority know what it took to get here.

2011/10/13 Marc Smith marc_sm...@gmx.com:
 #include stdio.h

 int main()
 {
 printf(goodbye, dad\n);
 return 0;
 }

 That was really touching.

 Rest in peace, Dennis Ritchie.





--


Med vdnliga hdlsningar / With kind regards

Stefan Midjich

Re: Dennis Ritchie

[Marc Smith]

That's true. However, I don't think we should feel upset about it. I'm 
sure Mr Ritchie just wanted to contribute to the world, as many hackers 
of that time and he did it. This is his greatest achievement. Great 
people don't wait for an admiration. They just do whatever they can to 
make their dreams come true.
I truly admire all individuals and genuses who make our world even 
little less problematic.

Regards,
 
  - Marc

Dnia czw, 13 paE: 2011, 19:38:11 Stefan Midjich pisze:
 So many lives touched, so many that don't even know about it. That
 saddens me the most, that so many are using products of his
 achievements daily to make their lives comfortable and only a small
 minority know what it took to get here.

 2011/10/13 Marc Smith marc_sm...@gmx.com:
 #include stdio.h

 int main()
 {
 printf(goodbye, dad\n);
 return 0;
 }

 That was really touching.

 Rest in peace, Dennis Ritchie.

Re: Dennis Ritchie

[Johan Beisser]

I pointed out that Dennis Ritchie did something we all should admire:

Got to watch what he created blossom, and change the world.
Remarkably, for the better.

We should all be so lucky.


On Thu, Oct 13, 2011 at 10:38 AM, Stefan Midjich sweh...@gmail.com wrote:
 So many lives touched, so many that don't even know about it. That
 saddens me the most, that so many are using products of his
 achievements daily to make their lives comfortable and only a small
 minority know what it took to get here.

 2011/10/13 Marc Smith marc_sm...@gmx.com:
 #include stdio.h

 int main()
 {
 printf(goodbye, dad\n);
 return 0;
 }

 That was really touching.

 Rest in peace, Dennis Ritchie.





 --


 Med vdnliga hdlsningar / With kind regards

 Stefan Midjich

Re: Dennis Ritchie

[OpenBSD Europe]

On 13/10/11 11:32, Donald Reichert wrote:

 Original-Nachricht 

Datum: Thu, 13 Oct 2011 12:14:20 +0200
Von: David Coppadco...@gmail.com
An: misc@openbsd.org
Betreff: Dennis Ritchie



Today is a sad sad day :(

Rest in Peace.
Without you, we would never be here.

Cheers,
David


He died last weekend. RIP.

#includestdio.h

int main()
{
printf(goodbye, dad\n);
return 0;
}


I vote for the next release artwork tributing his work some way :-)

Re: Dennis Ritchie

[Andres Genovez]

2011/10/13 David Coppa dco...@gmail.com

 Today is a sad sad day :(

 Rest in Peace.
 Without you, we would never be here.

 Cheers,
 David


People who change the world, unfortunately do not last forever, forever
missed, but his legacy will last forever

Andres.


--
Atentamente

Andris Genovez Tobar / Tecnico
Elastix ECE - Linux  LPI-1 - Novell CLA - Apple ACMT
http://www.puntonet.ec

Re: Dennis Ritchie

[Robert Musial]

Like Theo has said The world doesn't live off jam and fancy perfumes - it
lives off bread and meat and potatoes. Den was a bread guy.

It's worth noting too, that Steve Jobs (deservedly) has quite the memorial
going on TV and the internet. But some of his biggest innovations (OS X,
NEXT, iOS) were UNIX based, and without Den, most people might not know
Steve Jobs.

Long live the bread meat and potatoes guys.

 So many lives touched, so many that don't even know about it. That
 saddens me the most, that so many are using products of his
 achievements daily to make their lives comfortable and only a small
 minority know what it took to get here.

 2011/10/13 Marc Smith marc_sm...@gmx.com:
 #include stdio.h

 int main()
 {
 printf(goodbye, dad\n);
 return 0;
 }

 That was really touching.

 Rest in peace, Dennis Ritchie.





 --


 Med vdnliga hdlsningar / With kind regards

 Stefan Midjich




mus...@sdf.org
SDF Public Access UNIX System - http://sdf.org
tel. +1-206-299-2120 ext. 1392

Re: Dennis Ritchie

[Christiano F. Haesbaert]

On 13 October 2011 14:57, OpenBSD Europe m...@openbsdeurope.com wrote:
 On 13/10/11 11:32, Donald Reichert wrote:

  Original-Nachricht 

 Datum: Thu, 13 Oct 2011 12:14:20 +0200
 Von: David Coppadco...@gmail.com
 An: misc@openbsd.org
 Betreff: Dennis Ritchie

 Today is a sad sad day :(

 Rest in Peace.
 Without you, we would never be here.

 Cheers,
 David

 He died last weekend. RIP.

 #includestdio.h

 int main()
 {
 printf(goodbye, dad\n);
 return 0;
 }

 I vote for the next release artwork tributing his work some way :-)


That is a great idea !

Re: Dennis Ritchie

[David Coppa]

On Thu, Oct 13, 2011 at 7:57 PM, OpenBSD Europe m...@openbsdeurope.com wrote:

 I vote for the next release artwork tributing his work some way :-)

I like the idea.

ciao,
David

OpenBSD's mailing list fail (?)

[non ame]

Hello Folks,

you can read this e-mail, but this e-mail is not subscribed/registered at
misc. Why can I send e-mails from this unsubscribed address to the mailing
list? It is not normal.

Regards.

Re: OpenBSD's mailing list fail (?)

[patrick keshishian]

On Thu, Oct 13, 2011 at 12:15 PM, non ame 6ekak...@googlemail.com wrote:
 Hello Folks,

 you can read this e-mail, but this e-mail is not subscribed/registered at
 misc. Why can I send e-mails from this unsubscribed address to the mailing
 list? It is not normal.

Must have found the security hole NSA and CIA put in OpenBSD!

Re: SATA RAID card suggestions?

[Christiano F. Haesbaert]

On 10 October 2011 22:57, Richard Johnson rd...@river.com wrote:
 On Mon, 10 Oct 2011 14:50:45 -0700, Ryan Corder wrote:
 On Mon, Oct 10, 2011 at 02:16:47PM -0600, Richard Johnson wrote:
 I've had great success with the Areca ARC-1210.

   http://www.areca.com.tw/products/pcie.htm

 Wups, I was apparently too tired last night to find the Areca cards, though
 I could have sworn I'd studied the arc(4) man page.  That is, until I
 reviewed it again this evening after receiving your response.

 Thanks for getting me pointed in the right direction.

 Now to find one in stock.



Did you find another alternative ?
I like this areca cards, but they are way to expensive for me, if you
find a cheaper solution please let me know.
I need a pci-e raid 5 card.

Re: SATA RAID card suggestions?

[Timothy Baldock]

I'd recommend the Areca cards, they are expensive but worth the money IMO

On 13 Oct 2011, at 21:23, Christiano F. Haesbaert haesba...@haesbaert.org
wrote:

 On 10 October 2011 22:57, Richard Johnson rd...@river.com wrote:
 On Mon, 10 Oct 2011 14:50:45 -0700, Ryan Corder wrote:
 On Mon, Oct 10, 2011 at 02:16:47PM -0600, Richard Johnson wrote:
 I've had great success with the Areca ARC-1210.

  http://www.areca.com.tw/products/pcie.htm

 Wups, I was apparently too tired last night to find the Areca cards,
though
 I could have sworn I'd studied the arc(4) man page.  That is, until I
 reviewed it again this evening after receiving your response.

 Thanks for getting me pointed in the right direction.

 Now to find one in stock.



 Did you find another alternative ?
 I like this areca cards, but they are way to expensive for me, if you
 find a cheaper solution please let me know.
 I need a pci-e raid 5 card.

Re: OpenBSD's mailing list fail (?)

[Stuart Henderson]

On 2011-10-13, non ame 6ekak...@googlemail.com wrote:
 Hello Folks,

 you can read this e-mail, but this e-mail is not subscribed/registered at
 misc. Why can I send e-mails from this unsubscribed address to the mailing
 list? It is not normal.

 Regards.



It is normal for this list.

Re: SATA RAID card suggestions?

[Christiano F. Haesbaert]

On 13 October 2011 17:45, Timothy Baldock t...@entropy.me.uk wrote:
 I'd recommend the Areca cards, they are expensive but worth the money IMO


I see, and I agree, but have in mind I pay around 100% taxes :(.

Re: Dennis Ritchie

[Benny Lofgren]

On 2011-10-13 20.31, David Coppa wrote:
 On Thu, Oct 13, 2011 at 7:57 PM, OpenBSD Europe m...@openbsdeurope.com 
 wrote:
 
 I vote for the next release artwork tributing his work some way :-)
 
 I like the idea.

+1

I mean,

i=0; i++;


Regards,
/Benny

La Asistente Indispensable

[Marines Feiix]

LA ASISTENTE INDISPENSABLE

Mixico D.F. - 27 de Octubre de 2011
Monterrey - 31 de Octubre de 2011

No deje pasar la oportunidad de asistir a este seminario en el que
obtendra las habilidades practicas que la haran mas productiva y mas
valiosa que nunca. Aprenda mejores maneras de organizarse, mantenerse
motivada, manejar mzltiples proyectos, trabajar independientemente y
manejar la presisn que ejerce el tener diversas tareas, fechas de
vencimiento y jefes.

En este seminario usted aprendera...

  * Csmo el hacer dos tareas al final de cada dma Le ahorrara horas (y
dolores de cabeza) al dma siguiente.

  * Csmo la regla 80/20 le ayudara a identificar las tareas mas
importantes.

  * Csmo organizar su area de trabajo y mejorar su eficacia.

Estrategias para delegar con ixito - Azn cuando usted piensa que ya no
hay a quiin delegarle.

!NO DEJE PASAR LA OPORTUNIDAD!  !Inscrmbase HOY MISMO !

Para obtener informacisn detallada
Responda este correo con los siguientes datos o llame a nuestra lada sin
costo: 01-800-25010-20
-Empresa:
-Nombre:
-Ciudad:
-Telifono:

Cordialmente,

Lic. Marines Felix
Lider de Proyectos

ESTE CORREO NO PUEDE SER CONSIDERADO INTRUSIVO YA QUE CUMPLE CON LAS
POLMTICAS ANTISPAM INTERNACIONALES Y LOCALES: Responda este correo con el
SUBJECT des-suscribir y automaticamente quedara fuera de nuestras listas.
Este correo ha sido enviado a: misc@openbsd.org

Re: Dennis Ritchie

[Carlo Borelli]

2011/10/13 Benny Lofgren bl-li...@lofgren.biz

 On 2011-10-13 20.31, David Coppa wrote:
  On Thu, Oct 13, 2011 at 7:57 PM, OpenBSD Europe m...@openbsdeurope.com
 wrote:
 
  I vote for the next release artwork tributing his work some way :-)
 
  I like the idea.

 +1

 I mean,

 i=0; i++;


i++

Ad astra per aspera

Need suggestion about Firewall Reporter for OpenBSD PF

[Stefan N]

Hi guys,

Have you ever used firewall reporting tool  for OpenBSD PF which is
able to do some comprehensive reporting for example:
showing in a pie chart
how many allowed and blocked connections based on services(http,https etc),
incoming and outgoing user traffic,destination,connection etc.

I found
firewall reporting tool: stoneylake firewall reporting tool,but unfortunately
OpenBSD PF is not on the supported list
yet.http://www.stonylakesolutions.com/sls/about%20sfr.jsp

Thank you.

Rgds,
Stefan

Re: Need suggestion about Firewall Reporter for OpenBSD PF

[Stefan N]

Hi Erling,

Thanks. I will try and test it.

Regards,
Stefan

From: Erling Westenvik
erling.westen...@gmail.com
To: Stefan N stefanbsd...@yahoo.com
Sent:
Friday, October 14, 2011 7:46 AM
Subject: Re: Need suggestion about Firewall
Reporter for OpenBSD PF

You might consider trying out hatchet 0.9.2 which is
in ports/packages:

$ sudo pkg_add -iv hatchet

I haven't tried it myself.
Check http://www.dixongroup.net/hatchet/. It
doesn't have pie charts or other
nifty presentations, but it stores the
pf logs in a sqlite database and it
should be possible to extract the
data and display statistics the way you like
using suitable tools.

Regards,
Erling

On Fri, Oct 14, 2011 at 12:40 AM,
Stefan N stefanbsd...@yahoo.com
wrote:
 Have you ever used firewall
reporting tool  for OpenBSD PF which is
 able to do some comprehensive
reporting for example: showing in a pie
 chart how many allowed and blocked
connections based on
 services(http,https etc), incoming and outgoing user

traffic,destination,connection etc.

 I found firewall reporting tool:
stoneylake firewall reporting
 tool,but unfortunately OpenBSD PF is not on
the supported list
 yet.http://www.stonylakesolutions.com/sls/about%20sfr.jsp
You might consider trying out hatchet 0.9.2 which is in ports/packages:

$
sudo pkg_add -iv hatchet

I haven't tried it myself. Check
http://www.dixongroup.net/hatchet/. It
doesn't have pie charts or other nifty
presentations, but it stores the
pf logs in a sqlite database and it should be
possibile to extract the
data and display statistics the way you like using
suitable tools.

Regards, Erling

On Fri, Oct 14, 2011 at 12:40 AM, Stefan N
stefanbsd...@yahoo.com
wrote:
 Have you ever used firewall reporting tool 
for OpenBSD PF which is
 able to do some comprehensive reporting for example:
showing in a pie
 chart how many allowed and blocked connections based on

services(http,https etc), incoming and outgoing user

traffic,destination,connection etc.

 I found firewall reporting tool:
stoneylake firewall reporting
 tool,but unfortunately OpenBSD PF is not on
the supported list
 yet.http://www.stonylakesolutions.com/sls/about%20sfr.jsp
You might consider trying out hatchet 0.9.2 which is in ports/packages:

$
sudo pkg_add -iv hatchet

I haven't tried it myself. Check
http://www.dixongroup.net/hatchet/. It
doesn't have pie charts or other nifty
presentations, but it stores the
pf logs in a sqlite database and it should be
possibile to extract the
data and display statistics the way you like using
suitable tools.

Regards, Erling

On Fri, Oct 14, 2011 at 12:40 AM, Stefan N
stefanbsd...@yahoo.com
wrote:
 Have you ever used firewall reporting tool 
for OpenBSD PF which is
 able to do some comprehensive reporting for example:
showing in a pie
 chart how many allowed and blocked connections based on

services(http,https etc), incoming and outgoing user

traffic,destination,connection etc.

 I found firewall reporting tool:
stoneylake firewall reporting
 tool,but unfortunately OpenBSD PF is not on
the supported list
 yet.http://www.stonylakesolutions.com/sls/about%20sfr.jsp

 Thank you.

 Rgds,
 Stefan

Re: OpenBSD's mailing list fail (?)

[Eric Furman]

Normally I wouldn't send this to the list,
but this is probably a spammer trying to
harvest emails from anyone who responds.


On Thursday, October 13, 2011 9:15 PM, non ame
6ekak...@googlemail.com wrote:
 Hello Folks,
 
 you can read this e-mail, but this e-mail is not subscribed/registered at
 misc. Why can I send e-mails from this unsubscribed address to the
 mailing
 list? It is not normal.
 
 Regards.

Tecnicas Super Efectivas de Cobranza

[Cristina Torres]

TECNICAS SUPER EFECTIVAS DE COBRANZA
Mixico D.F.

28 de Octubre de 2011
Monterrey 31 de Octubre de 2011

!Descubra el modo rapido, facil y legal de recuperar su dinero de cuentas
atrasadas! Usted conocera docenas de secretos que las empresas mas
efectivas usan para que los deudores paguen rapido, convierta el telifono
en su instrumento mas poderoso, csmo manejar cada excusa, csmo tratar con
gente enojada y abusiva y aprenda a escribir cartas que le faciliten el
trabajo.

Entre los puntos a tratar se incluyen:

  * Csmo manejar excusas, mentiras y quejas de los deudores. 

  * Calme a clientes furiosos e irracionales con ticnicas que trabajan
como un encanto.

  * Mantenga su organizacisn fuera de problemas, sabiendo exactamente
cuales ?son sus derechos y lmmites legales.

Haga que ingrese mas dinero con sus cartas de cobranza.

!NO DEJE PASAR LA OPORTUNIDAD! !Inscrmbase HOY MISMO !

Para obtener informacisn detallada

Responda este correo con los siguientes datos o llame a nuestra lada sin
costo: 01-800-25010-20
-Empresa:
-Nombre:
-Ciudad:
-Telifono:

Cordialmente,

Lic. Cristina Torres
Lider de Proyectos

ESTE CORREO NO PUEDE SER CONSIDERADO INTRUSIVO YA QUE CUMPLE CON LAS
POLMTICAS ANTISPAM INTERNACIONALES Y LOCALES: Responda este correo con el
SUBJECT des-suscribir y automaticamente quedara fuera de nuestras listas.
?Este correo ha sido enviado a: misc@openbsd.org