Re: system seems deadlock
On Sat, Oct 19, 2013 at 05:54:22PM +0200, Sébastien Marie wrote:
Hi,
I fall in a system problem using tmux: the system (OpenBSD -current
on i386) freeze (but no panic).
The freeze seems to be a dead-lock, and tmux expose it.
ddb ps
PID PPID PGRPUID S FLAGS WAIT COMMAND
[...]
13243 1 13243 0 3 0 inode tmux
[...]
Here, tmux is waiting inode.
This wait message is set here:
ufs/ext2fs/ext2fs_vfsops.c
831: lockinit(ip-i_lock, PINOD, inode, 0, 0);
ufs/ffs/ffs_vfsops.c
1257:lockinit(ip-i_lock, PINOD, inode, 0, 0);
And if I let the system running, several others process fall in
inode waiting (as cron, or login_passwd if I try login).
With ddb, if I check locked vnodes, there are two on root partition.
ddb show all mounts
flags 5LOCAL,ROOTFS
vnodecovered 0x0 syncer 0xd316aa60 data 0xd108a200
vfsconf: ops 0xd098d7a0 name ffs num 1 ref 3 flags 0x1000
statvfs cache: bsize 800 iosize 4000
blocks 403383 free 375320 avail 355151
files 102910 ffiles 100646 favail 100646
f_fsidx {0x400, 0xc8a5ad54} owner 0 ctime 0x52640b1d
syncwrites 325 asyncwrites = 340
syncreads 8881 asyncreads = 0
fstype ffs mnton / mntfrom /dev/sd0a mntspec ab8fcda4850f14e9.a
locked vnodes:
0xd3165ea8, 0xd316a310
[... others partitions stripped ...]
ddb show vnode 0xd3165ea8
tag UFS(1) type VCHR(4) mount 0xd108b400 typedata 0xd0ffb100
data 0xd3161298 usecount 2 writecount 0 holdcnt 0 numoutput 0
ddb show vnode 0xd316a310
tag UFS(1) type VDIR(2) mount 0xd108b400 typedata 0x0
data 0xd31851ec usecount 1 writecount 0 holdcnt 3 numoutput 0
Does someone have any clue, about what to check or how to debug this ?
I think I will try the option VFSLCKDEBUG in kernel, but what else ?
--
Sébastien Marie
Re: altq on multiple interfaces
* Andy a...@brandwatch.com [2013-10-09 17:14]: After-all the packets egress the physical underlying interface so I wonder if its possible to 'queue' on the physical interface 'on emX' for example underneath the 802.1Q tagging, such that all the traffic for all VLANs on top of that phys interface would go through the same queues! yes, that's supposed to work. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: why icmp timestamping is enabled by default ?
* Илья Шипицин chipits...@gmail.com [2013-10-10 13:31]: I am about to switch icmp timestamps off (security people are afraid of that setting) your security people have no clue regarding security. they probably also block icmp, since it's so dangerous. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: why icmp timestamping is enabled by default ?
I am about to switch icmp timestamps off (security people are afraid of that setting) your security people have no clue regarding security. they probably also block icmp, since it's so dangerous. icmp is only dangerous if you have ip traffic. dangerous ip traffic. indeed, maybe dig to the root of the matter.
Re: why icmp timestamping is enabled by default ?
* Илья Шипицин chipits...@gmail.com [2013-10-11 04:52]: I was just curious why that timestamping is enabled by default. 'cause there is no reason to disable it. why is tcp enabled by default? -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: Best OpenBSD cloud hosting?
On Sun, Oct 20, 2013 at 03:04:37PM -0700, Bryan Vyhmeister wrote: On Sun, Oct 20, 2013 at 11:13:51PM +0200, Antoine Jacoutot wrote: I am often unable to properly shutdown OpenBSD VMs, disks hang. Using virtio or not does not change that. I did not look into it very deeply yet so ... But I never saw this issue in Linux KVM. Thank you for your response. I'll do testing myself and see if that's still a problem or what else might be a factor. Thank you. Bryan Bryan, please put info about your testing public. I suppose more people would be interested. Thank you. jirib
newfs_msdos(8) creates faulty filesystems
While harmless it seesm pointless to create a filesystem that generates
warnings when fsck'd.
So check for -1 (an allowed value) in FSFree and FSNext fields, and
set FSNext to -1 in newfs_msdos, rather than setting it to a
value sure to be not a free cluster.
Anybody know of reasons to not do this?
Ken
Index: fsck_msdos/fat.c
===
RCS file: /cvs/src/sbin/fsck_msdos/fat.c,v
retrieving revision 1.18
diff -u -p -r1.18 fat.c
--- fsck_msdos/fat.c27 Oct 2009 23:59:33 - 1.18
+++ fsck_msdos/fat.c21 Oct 2013 09:53:56 -
@@ -527,7 +527,7 @@ checklost(int dosfs, struct bootblock *b
if (boot-FSInfo) {
ret = 0;
- if (boot-FSFree != boot-NumFree) {
+ if (boot-FSFree != -1 boot-FSFree != boot-NumFree) {
pwarn(Free space in FSInfo block (%d) not correct
(%d)\n,
boot-FSFree, boot-NumFree);
if (ask(1, fix)) {
@@ -535,7 +535,8 @@ checklost(int dosfs, struct bootblock *b
ret = 1;
}
}
- if (boot-NumFree fat[boot-FSNext].next != CLUST_FREE) {
+ if (boot-NumFree boot-FSNext != -1
+ fat[boot-FSNext].next != CLUST_FREE) {
pwarn(Next free cluster in FSInfo block (%u) not
free\n,
boot-FSNext);
if (ask(1, fix))
Index: newfs_msdos/newfs_msdos.c
===
RCS file: /cvs/src/sbin/newfs_msdos/newfs_msdos.c,v
retrieving revision 1.20
diff -u -p -r1.20 newfs_msdos.c
--- newfs_msdos/newfs_msdos.c 18 May 2010 04:41:14 - 1.20
+++ newfs_msdos/newfs_msdos.c 21 Oct 2013 09:48:48 -
@@ -626,7 +626,7 @@ main(int argc, char *argv[])
mk4(img, 0x41615252);
mk4(img + bpb.bps - 28, 0x61417272);
mk4(img + bpb.bps - 24, 0x);
- mk4(img + bpb.bps - 20, bpb.rdcl);
+ mk4(img + bpb.bps - 20, 0x);
mk2(img + bpb.bps - 2, DOSMAGIC);
} else if (lsn = bpb.res lsn dir
!((lsn - bpb.res) %
Re: why icmp timestamping is enabled by default ?
On Mon, Oct 21, 2013 at 11:57:42AM +0200, Henning Brauer wrote: * ?? chipits...@gmail.com [2013-10-11 04:52]: I was just curious why that timestamping is enabled by default. 'cause there is no reason to disable it. why is tcp enabled by default? Because it is used to download porn and hack into other systems. -- :wq Claudio
Re: Adding rules to pf anchors from the commandline fails
* Gregor Best g...@ring0.de [2013-10-15 15:08]: I've upgraded to my laptop to a fresh snapshots a few minutes ago. I noticed that the way I previously changed pf anchor content from the command line does not work any more. pfctl fails with a pfctl: pfctl_get_ticket: assertion failed my fault, fixed some days ago. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: altq on multiple interfaces
On Mon 21 Oct 2013 10:45:41 BST, Henning Brauer wrote: * Andy a...@brandwatch.com [2013-10-09 17:14]: After-all the packets egress the physical underlying interface so I wonder if its possible to 'queue' on the physical interface 'on emX' for example underneath the 802.1Q tagging, such that all the traffic for all VLANs on top of that phys interface would go through the same queues! yes, that's supposed to work. That's fantastic, wonderful news! I will ensure to add that to my testing once I've got the new hardware through. Incidentally, the new hardware we're buying is part of a larger project to scale up our infrastructure and once its in place (Q1 next year) we will have the capacity and bandwidth to be an OpenBSD mirror and maybe host a few other things for the project in our DC racks. Cheers, Andy.
Re: why icmp timestamping is enabled by default ?
On Oct 21, 2013, at 2:57, Henning Brauer lists-open...@bsws.de wrote: * Илья Шипицин chipits...@gmail.com [2013-10-11 04:52]: I was just curious why that timestamping is enabled by default. 'cause there is no reason to disable it. why is tcp enabled by default? Everyone knows that TCP, like IP, and the Internet is just a passing fad.
Re: Best OpenBSD cloud hosting?
On Mon, Oct 21, 2013 at 05:57:32AM -0400, Jiri B wrote: please put info about your testing public. I suppose more people would be interested. I certainly will. I will write everything I find up in an article. Thank you. Bryan
Re: Blocking facebook.com: PF or squid?
Hi Sico! Hi list! [stuff deleted for brevity] I am in a similar situation (squid at home) and I simply have a blacklist with lines like these: doubleclick facebook scorecardresearch Works like a charm for me, and no need to look up IP address blocks or anything like that. And since I am the only user here there's no collateral damage. ;-) Well: I am personally liable for what leaves my network so this kind of 'collateral damage' is what I intentionally try to achieve :-) (see the reply to myself a few minutes ago) Uhm, squid only filters incoming traffice... Doesn't this actually answer my original question: If only incoming traffic is filtered by squid stealth outflows towards FB is not catched by the proxy. Obviously then only PF serves my needs for a reason. May I ask a follow-up question: Did you set up the blacklist within squid.conf or did you reference to a separate file? A bit of both really, I use a seperate file and reference it in squid.conf: sico@siem2:~grep blacklist /etc/squid/squid.conf acl blacklist url_regex /etc/squid/blacklist.acl http_access deny blacklist sico@siem2:~ Thanks for this. This brings an idea to me: I will try this with the full list of 'nasty addresses' from http://winhelp2002.mvps.org/hosts.htm. Shouldn't this then have the same effect on all clients served by the squid-server as if I'd go around and update the individual hosts-files? The url_regex allows me to specify facebook instead of facebook.com etc. That is good to know! CU, Sico. Thanks again and have a nice week, STEFAN
Re: Best OpenBSD cloud hosting?
Hi Antoine. I also have a hang problem when i use a cold stop on libvirt. No problem on VMWare ESX when i click on the shutdown button. On libvirt, when i click on this button the VM hang and then i need to kill the VM. (Archlinux kernel 3.11, but the problem was also present before. OpenBSD 5.3 VMs) -- Best regards, Loïc BLOT, UNIX systems, security and network engineer http://www.unix-experience.fr Le dimanche 20 octobre 2013 à 23:13 +0200, Antoine Jacoutot a écrit : On Sun, Oct 20, 2013 at 12:36:14PM -0700, Bryan Vyhmeister wrote: On Wed, Oct 09, 2013 at 08:45:37PM +0200, Antoine Jacoutot wrote: I personally use SmartOS and while it is an awesome system, OpenBSD does not always behave perfectly well under Solaris KVM. I've had several vdisk related issues. In my experience, Linux KVM is a better container for our OS. Could you elaborate on this? I've run OpenBSD under SmartOS briefly a few months ago and it seemed to run just fine on my own test box. Were you using the virtio(4) drivers? I did have network troubles when I tried them but that was early this year and using the non-virtio network setup seemed to work fine. I don't remember what I did for disk settings. I'll have to look at my backups. I am often unable to properly shutdown OpenBSD VMs, disks hang. Using virtio or not does not change that. I did not look into it very deeply yet so ... But I never saw this issue in Linux KVM. [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: Best OpenBSD cloud hosting?
On Mon, Oct 21, 2013 at 09:29:41PM +0200, Loïc BLOT wrote: Hi Antoine. I also have a hang problem when i use a cold stop on libvirt. No problem on VMWare ESX when i click on the shutdown button. On libvirt, when i click on this button the VM hang and then i need to kill the VM. (Archlinux kernel 3.11, but the problem was also present before. OpenBSD 5.3 VMs) The discussion was about running OpenBSD on SmartOS (Illumos distro). Your problem with libvirt is probably related to libvirt in Archlinux. I haven't seen problem with OpenBSD under RHEL/libvirt (in fact RHEVM). jirib
Re: Best OpenBSD cloud hosting?
On 10/08/13 21:16, openda...@hushmail.com wrote: Hi, Can anyone recommend a decent OpenBSD cloud hosting provider? Digital Ocean looks nice but they don't yet offer OpenBSD (https://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/3232571-support-bsd-os-). There's ARP Networks and TransIP but they don't offer clouds. Thanks. O.D. Hi O.D. Although I haven't tried spinning up a BSD machine, terramark has an option to spin up a blank server, essentially it's supposed to emulate a hardware system with no os. You can then attach a cd (which can be an iso), reboot the system and boot from OpenBSD media. You might give that a look. Aaron
Lanner or Soekris?
Hi I need to replace my crappy, old machine(Master) Futro S400( http://uk.ts.fujitsu.com/rl/servicesupport/techsupport/professionalpc/thinclients/futrosxx/futros400.htm http://cl.ly/image/3C0Z363q0M1O http://cl.ly/image/311f3U260R37 ) for something new. My Backup machine is Alix 2D3( http://cl.ly/image/2M2x1l1V0k1r ), is perfect for that(carp+pfsync, only pf and small things) :) Hmm, Soekris net6501-70( http://soekris.com/products/net6501.html ) or Lanner FW-7541( http://www.lannerinc.com/products/x86-network-appliances/desktop/fw-7541 ). OK, simple question, what's better?:) Price is almost the same. In my opinion Soekris is a little bit obsolete. My requirements: small, home router/server, fanless: pf(altq+hfsc) for ~15 hosts, carp+pfsync, nat, named, www, samba, ftp, UniFi Controller(jre+mongod), pfstat, ipfm, pf logs, SSD(CF is too slow). Hmm, Lanner looks better, 6xNIC, 1xrj45 console port, newer hardware, memory(ddr3) upgradable(i think so?), dual core Atom 64bit, all ports on front. Soekris, maybe more professional product? Any suggestions?
Re: Lanner or Soekris?
On Mon, Oct 21, 2013 at 4:06 PM, emigrant emig...@gmail.com wrote: Hi I need to replace my crappy, old machine(Master) Futro S400( http://uk.ts.fujitsu.com/rl/servicesupport/techsupport/professionalpc/thinclients/futrosxx/futros400.htm http://cl.ly/image/3C0Z363q0M1O http://cl.ly/image/311f3U260R37 ) for something new. My Backup machine is Alix 2D3( http://cl.ly/image/2M2x1l1V0k1r ), is perfect for that(carp+pfsync, only pf and small things) :) Hmm, Soekris net6501-70( http://soekris.com/products/net6501.html ) or Lanner FW-7541( http://www.lannerinc.com/products/x86-network-appliances/desktop/fw-7541). OK, simple question, what's better?:) Price is almost the same. In my opinion Soekris is a little bit obsolete. My requirements: small, home router/server, fanless: pf(altq+hfsc) for ~15 hosts, carp+pfsync, nat, named, www, samba, ftp, UniFi Controller(jre+mongod), pfstat, ipfm, pf logs, SSD(CF is too slow). Hmm, Lanner looks better, 6xNIC, 1xrj45 console port, newer hardware, memory(ddr3) upgradable(i think so?), dual core Atom 64bit, all ports on front. Soekris, maybe more professional product? Any suggestions? For not too much more $$ it looks like the Lanner is the better option. Do you really need that many nic's? You might do just as well with a cheaper supermicro box. Just a thought. http://www.superbiiz.com/detail.php?p=SY-117AMP -noah
Re: Lanner or Soekris?
min. 3xNICs: wan, lan, pfsync. Hmm 6xNIC == WAN 2x aggregation ports+failover+lacp, LAN 2x aggregation ports+failover+lacp and pfsync 1port = 5port use. You know, everything 4fun, btw i have 24G managed switch. Supermicro? no way! :), ugly, audio, video,vga,hdmi, dp. No, no, no ;) On 22 paź 2013, at 01:44, noah pugsley noah.pugs...@gmail.com wrote: On Mon, Oct 21, 2013 at 4:06 PM, emigrant emig...@gmail.com wrote: Hi I need to replace my crappy, old machine(Master) Futro S400( http://uk.ts.fujitsu.com/rl/servicesupport/techsupport/professionalpc/thincli ents/futrosxx/futros400.htm http://cl.ly/image/3C0Z363q0M1O http://cl.ly/image/311f3U260R37 ) for something new. My Backup machine is Alix 2D3( http://cl.ly/image/2M2x1l1V0k1r ), is perfect for that(carp+pfsync, only pf and small things) :) Hmm, Soekris net6501-70( http://soekris.com/products/net6501.html ) or Lanner FW-7541( http://www.lannerinc.com/products/x86-network-appliances/desktop/fw-7541 ). OK, simple question, what's better?:) Price is almost the same. In my opinion Soekris is a little bit obsolete. My requirements: small, home router/server, fanless: pf(altq+hfsc) for ~15 hosts, carp+pfsync, nat, named, www, samba, ftp, UniFi Controller(jre+mongod), pfstat, ipfm, pf logs, SSD(CF is too slow). Hmm, Lanner looks better, 6xNIC, 1xrj45 console port, newer hardware, memory(ddr3) upgradable(i think so?), dual core Atom 64bit, all ports on front. Soekris, maybe more professional product? Any suggestions? For not too much more $$ it looks like the Lanner is the better option. Do you really need that many nic's? You might do just as well with a cheaper supermicro box. Just a thought. http://www.superbiiz.com/detail.php?p=SY-117AMP -noah
Sorry: Facebook again
Hi there! In the last days I had an interesting and educational thread here on misc@ on how to block facebook.com. Knowing that many of the OpenBSD-pros on this list are way more educated on network-related issues than I am, I hope none feels offended with another question related to Facebook: Today I am once more off-site from home, but with access to an iMac running OpenBSD-amd64/current; PF runs out-of-the-box unchanged. I noticed that ping responses for 'facebook.com' are exceptionally faster than e.g. those for 'google.com'. This is what I did to track down on the issue: $ cat /etc/resolv.conf # Generated by nfe0 dhclient nameserver 192.168.1.1 lookup file bind $ cat /etc/hosts | grep facebook 127.0.0.1 facebook.com 127.0.0.1 www.facebook.com 127.0.0.1 facebook.de 127.0.0.1 www.facebook.de 127.0.0.1 de-de.facebook.com 127.0.0.1 ads.ak.facebook.com 127.0.0.1 creative.ak.facebook.com 127.0.0.1 facebookinc.122.2o7.net $ sudo traceroute google.com 1 netgear (192.168.1.1) 0.301 ms 0.232 ms 0.228 ms 2 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 9.933 ms 7.890 ms 11.456 ms 3 ve-cmts.mes-muc-02.de.infra.cablesurf.de (aaa.bbb.ccc.ddd) 9.556 ms 12.199 ms 9.277 ms 4 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 20.649 ms 22.526 ms 17.204 ms 5 google.bcix.de (aaa.bbb.ccc.ddd) 22.794 ms 23.894 ms 26.117 ms 6 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.263 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.457 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 21.597 ms 7 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 26.983 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 25.247 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 35.177 ms 8 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 20.533 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.67 ms 21.929 ms 9 * * * 10 bk-in-f100.1e100.net (aaa.bbb.ccc.ddd) 21.421 ms 23.498 ms 21.952 ms $ sudo traceroute facebook.com 1 localhost (127.0.0.1) 0.57 ms 0.23 ms 0.19 ms $ pkg_info | grep proxy libproxy-0.4.11p3 library handling all the details of proxy configuration libproxy-mozilla-0.4.11p2 pacrunner libproxy plugin for mozilla-based (gecko) browsers $ man libproxy man: no entry for libproxy in the manual. $ apropos libproxy libproxy: nothing appropriate I'd like to mention that I am in the outskirts of Munich and that the system was freshly started into a console (no X, no browser). The netgear-router at 192.168.1.1 also serves a colleague who uses facebook. MY QUESTION: What might have happened that 'facebook.com' is found on localhost at 127.0.0.1 on my machine? Actually 'google.com' is called regularly thus I'd expeced it to be as fast/show as 'facebook.com'. I have no clue and I don't have the slightest idea on how to get rid of this address - can anyone provide some more insight? Other information you need to provide advice? Thank you! Kind regards STEFAN $ dmesg OpenBSD 5.4-current (GENERIC.MP) #73: Tue Oct 15 00:08:48 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP RTC BIOS diagnostic error f7clock_battery,ROM_cksum,config_unit,memory_size,invalid_time real mem = 8279707648 (7896MB) avail mem = 8051179520 (7678MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe (43 entries) bios0: vendor Apple Inc. version IM91.88Z.008D.B08.0904271717 date 04/27/09 bios0: Apple Inc. iMac9,1 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC MCFG ASF! SBST ECDT SSDT SSDT SSDT acpi0: wakeup devices EC__(S3) OHC1(S3) EHC1(S3) OHC2(S3) EHC2(S3) GIGE(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 2500 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU E8135 @ 2.66GHz, 1592.23 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF cpu0: 6MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 cpu0: apic clock running at 265MHz cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU E8135 @ 2.66GHz, 1592.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF cpu1: 6MB 64b/line 16-way L2 cache cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 1 pa 0xfec0, version 11, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 1 acpimcfg0 at acpi0 addr 0xf000, bus 0-255 acpiec0 at acpi0 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 3 (IXVE) acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: SLPB cpu0: Enhanced SpeedStep 1592 MHz: speeds: 2660, 2394, 2128,
Re: Lanner or Soekris?
I have often use Lanner FW-7535 with OpenBSD and like them a lot. Buy them from LEI Technologie in Canada for 375$. Lanner product are good stuff, really professionnal. I also Lanner product for customer PBX, unifi controler, etc. 2013/10/21 emigrant emig...@gmail.com min. 3xNICs: wan, lan, pfsync. Hmm 6xNIC == WAN 2x aggregation ports+failover+lacp, LAN 2x aggregation ports+failover+lacp and pfsync 1port = 5port use. You know, everything 4fun, btw i have 24G managed switch. Supermicro? no way! :), ugly, audio, video,vga,hdmi, dp. No, no, no ;) On 22 paź 2013, at 01:44, noah pugsley noah.pugs...@gmail.com wrote: On Mon, Oct 21, 2013 at 4:06 PM, emigrant emig...@gmail.com wrote: Hi I need to replace my crappy, old machine(Master) Futro S400( http://uk.ts.fujitsu.com/rl/servicesupport/techsupport/professionalpc/thincli ents/futrosxx/futros400.htm http://cl.ly/image/3C0Z363q0M1O http://cl.ly/image/311f3U260R37 ) for something new. My Backup machine is Alix 2D3( http://cl.ly/image/2M2x1l1V0k1r ), is perfect for that(carp+pfsync, only pf and small things) :) Hmm, Soekris net6501-70( http://soekris.com/products/net6501.html ) or Lanner FW-7541( http://www.lannerinc.com/products/x86-network-appliances/desktop/fw-7541). OK, simple question, what's better?:) Price is almost the same. In my opinion Soekris is a little bit obsolete. My requirements: small, home router/server, fanless: pf(altq+hfsc) for ~15 hosts, carp+pfsync, nat, named, www, samba, ftp, UniFi Controller(jre+mongod), pfstat, ipfm, pf logs, SSD(CF is too slow). Hmm, Lanner looks better, 6xNIC, 1xrj45 console port, newer hardware, memory(ddr3) upgradable(i think so?), dual core Atom 64bit, all ports on front. Soekris, maybe more professional product? Any suggestions? For not too much more $$ it looks like the Lanner is the better option. Do you really need that many nic's? You might do just as well with a cheaper supermicro box. Just a thought. http://www.superbiiz.com/detail.php?p=SY-117AMP -noah
Re: Lanner or Soekris?
Ok, Ok, fair enough. Go for it. With a managed switch though you could do all of that with one phy and vlans. On Mon, Oct 21, 2013 at 5:14 PM, emigrant emig...@gmail.com wrote: min. 3xNICs: wan, lan, pfsync. Hmm 6xNIC == WAN 2x aggregation ports+failover+lacp, LAN 2x aggregation ports+failover+lacp and pfsync 1port = 5port use. You know, everything 4fun, btw i have 24G managed switch. Supermicro? no way! :), ugly, audio, video,vga,hdmi, dp. No, no, no ;) On 22 paź 2013, at 01:44, noah pugsley noah.pugs...@gmail.com wrote: On Mon, Oct 21, 2013 at 4:06 PM, emigrant emig...@gmail.com wrote: Hi I need to replace my crappy, old machine(Master) Futro S400( http://uk.ts.fujitsu.com/rl/servicesupport/techsupport/professionalpc/thincli ents/futrosxx/futros400.htm http://cl.ly/image/3C0Z363q0M1O http://cl.ly/image/311f3U260R37 ) for something new. My Backup machine is Alix 2D3( http://cl.ly/image/2M2x1l1V0k1r ), is perfect for that(carp+pfsync, only pf and small things) :) Hmm, Soekris net6501-70( http://soekris.com/products/net6501.html ) or Lanner FW-7541( http://www.lannerinc.com/products/x86-network-appliances/desktop/fw-7541). OK, simple question, what's better?:) Price is almost the same. In my opinion Soekris is a little bit obsolete. My requirements: small, home router/server, fanless: pf(altq+hfsc) for ~15 hosts, carp+pfsync, nat, named, www, samba, ftp, UniFi Controller(jre+mongod), pfstat, ipfm, pf logs, SSD(CF is too slow). Hmm, Lanner looks better, 6xNIC, 1xrj45 console port, newer hardware, memory(ddr3) upgradable(i think so?), dual core Atom 64bit, all ports on front. Soekris, maybe more professional product? Any suggestions? For not too much more $$ it looks like the Lanner is the better option. Do you really need that many nic's? You might do just as well with a cheaper supermicro box. Just a thought. http://www.superbiiz.com/detail.php?p=SY-117AMP -noah
Re: Sorry: Facebook again
On Tue, Oct 22, 2013 at 02:19:00AM +0200, Stefan Wollny wrote: Hi there! In the last days I had an interesting and educational thread here on misc@ on how to block facebook.com. Knowing that many of the OpenBSD-pros on this list are way more educated on network-related issues than I am, I hope none feels offended with another question related to Facebook: Today I am once more off-site from home, but with access to an iMac running OpenBSD-amd64/current; PF runs out-of-the-box unchanged. I noticed that ping responses for 'facebook.com' are exceptionally faster than e.g. those for 'google.com'. This is what I did to track down on the issue: $ cat /etc/resolv.conf # Generated by nfe0 dhclient nameserver 192.168.1.1 lookup file bind $ cat /etc/hosts | grep facebook 127.0.0.1 facebook.com 127.0.0.1 www.facebook.com 127.0.0.1 facebook.de 127.0.0.1 www.facebook.de 127.0.0.1 de-de.facebook.com 127.0.0.1 ads.ak.facebook.com 127.0.0.1 creative.ak.facebook.com 127.0.0.1 facebookinc.122.2o7.net $ sudo traceroute google.com 1 netgear (192.168.1.1) 0.301 ms 0.232 ms 0.228 ms 2 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 9.933 ms 7.890 ms 11.456 ms 3 ve-cmts.mes-muc-02.de.infra.cablesurf.de (aaa.bbb.ccc.ddd) 9.556 ms 12.199 ms 9.277 ms 4 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 20.649 ms 22.526 ms 17.204 ms 5 google.bcix.de (aaa.bbb.ccc.ddd) 22.794 ms 23.894 ms 26.117 ms 6 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.263 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.457 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 21.597 ms 7 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 26.983 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 25.247 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 35.177 ms 8 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 20.533 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.67 ms 21.929 ms 9 * * * 10 bk-in-f100.1e100.net (aaa.bbb.ccc.ddd) 21.421 ms 23.498 ms 21.952 ms $ sudo traceroute facebook.com 1 localhost (127.0.0.1) 0.57 ms 0.23 ms 0.19 ms $ pkg_info | grep proxy libproxy-0.4.11p3 library handling all the details of proxy configuration libproxy-mozilla-0.4.11p2 pacrunner libproxy plugin for mozilla-based (gecko) browsers $ man libproxy man: no entry for libproxy in the manual. $ apropos libproxy libproxy: nothing appropriate I'd like to mention that I am in the outskirts of Munich and that the system was freshly started into a console (no X, no browser). The netgear-router at 192.168.1.1 also serves a colleague who uses facebook. MY QUESTION: What might have happened that 'facebook.com' is found on localhost at 127.0.0.1 on my machine? Actually 'google.com' is called regularly thus I'd expeced it to be as fast/show as 'facebook.com'. I have no clue and I don't have the slightest idea on how to get rid of this address - can anyone provide some more insight? Other information you need to provide advice? Thank you! Kind regards STEFAN The loopback IP 127.0.0.1 is your computer, so of course the ping response is faster than google.com. Unless you have some proxy web server running on your computer, you shouldn't be able to access facebook.com. Of course, if your web browser uses a different DNS resolver or the system resolver is configured to ignore /etc/hosts, it may ignore /etc/hosts and you could navigate to the facebook.com webpage. Can you view the page? The netgear router and your colleague are irrelevant if these settings are on your local computer. As to your question, facebook.com is found on localhost because your set it so in /etc/hosts. If you can still navigate to the webpage, watch your outgoing traffic with tcpdump, and I'm sure you will see connections to their web servers. The frequency with which you access a service and the speed at which you can access it are of course completely unrelated. I'm not sure what you're asking there. - Martin
Re: Sorry: Facebook again
I wrote up a guide for all you fascists to exercise your power with relayd. Here's the early, unedited version: http://www.nmedia.net/chris/url.blacklist.txt Stefan Wollny [stefan.wol...@web.de] wrote: Hi there! In the last days I had an interesting and educational thread here on misc@ on how to block facebook.com. Knowing that many of the OpenBSD-pros on this list are way more educated on network-related issues than I am, I hope none feels offended with another question related to Facebook: Today I am once more off-site from home, but with access to an iMac running OpenBSD-amd64/current; PF runs out-of-the-box unchanged. I noticed that ping responses for 'facebook.com' are exceptionally faster than e.g. those for 'google.com'. This is what I did to track down on the issue: $ cat /etc/resolv.conf # Generated by nfe0 dhclient nameserver 192.168.1.1 lookup file bind $ cat /etc/hosts | grep facebook 127.0.0.1 facebook.com 127.0.0.1 www.facebook.com 127.0.0.1 facebook.de 127.0.0.1 www.facebook.de 127.0.0.1 de-de.facebook.com 127.0.0.1 ads.ak.facebook.com 127.0.0.1 creative.ak.facebook.com 127.0.0.1 facebookinc.122.2o7.net $ sudo traceroute google.com 1 netgear (192.168.1.1) 0.301 ms 0.232 ms 0.228 ms 2 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 9.933 ms 7.890 ms 11.456 ms 3 ve-cmts.mes-muc-02.de.infra.cablesurf.de (aaa.bbb.ccc.ddd) 9.556 ms 12.199 ms 9.277 ms 4 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 20.649 ms 22.526 ms 17.204 ms 5 google.bcix.de (aaa.bbb.ccc.ddd) 22.794 ms 23.894 ms 26.117 ms 6 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.263 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.457 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 21.597 ms 7 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 26.983 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 25.247 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 35.177 ms 8 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 20.533 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.67 ms 21.929 ms 9 * * * 10 bk-in-f100.1e100.net (aaa.bbb.ccc.ddd) 21.421 ms 23.498 ms 21.952 ms $ sudo traceroute facebook.com 1 localhost (127.0.0.1) 0.57 ms 0.23 ms 0.19 ms $ pkg_info | grep proxy libproxy-0.4.11p3 library handling all the details of proxy configuration libproxy-mozilla-0.4.11p2 pacrunner libproxy plugin for mozilla-based (gecko) browsers $ man libproxy man: no entry for libproxy in the manual. $ apropos libproxy libproxy: nothing appropriate I'd like to mention that I am in the outskirts of Munich and that the system was freshly started into a console (no X, no browser). The netgear-router at 192.168.1.1 also serves a colleague who uses facebook. MY QUESTION: What might have happened that 'facebook.com' is found on localhost at 127.0.0.1 on my machine? Actually 'google.com' is called regularly thus I'd expeced it to be as fast/show as 'facebook.com'. I have no clue and I don't have the slightest idea on how to get rid of this address - can anyone provide some more insight? Other information you need to provide advice? Thank you! Kind regards STEFAN $ dmesg OpenBSD 5.4-current (GENERIC.MP) #73: Tue Oct 15 00:08:48 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP RTC BIOS diagnostic error f7clock_battery,ROM_cksum,config_unit,memory_size,invalid_time real mem = 8279707648 (7896MB) avail mem = 8051179520 (7678MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe (43 entries) bios0: vendor Apple Inc. version IM91.88Z.008D.B08.0904271717 date 04/27/09 bios0: Apple Inc. iMac9,1 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC MCFG ASF! SBST ECDT SSDT SSDT SSDT acpi0: wakeup devices EC__(S3) OHC1(S3) EHC1(S3) OHC2(S3) EHC2(S3) GIGE(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 2500 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU E8135 @ 2.66GHz, 1592.23 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF cpu0: 6MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 cpu0: apic clock running at 265MHz cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU E8135 @ 2.66GHz, 1592.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF cpu1: 6MB 64b/line 16-way L2 cache cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 1 pa 0xfec0, version 11, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 1
Re: Sorry: Facebook again
On 10/21/2013 9:08 PM, Chris Cappuccio wrote: I wrote up a guide for all you fascists to exercise your power with relayd. Here's the early, unedited version: http://www.nmedia.net/chris/url.blacklist.txt FYI: 403 forbidden -- James Shupe
Re: Sorry: Facebook again
Thanks, very usefull =) Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/10/21 Chris Cappuccio ch...@nmedia.net I wrote up a guide for all you fascists to exercise your power with relayd. Here's the early, unedited version: http://www.nmedia.net/chris/url.blacklist.txt Stefan Wollny [stefan.wol...@web.de] wrote: Hi there! In the last days I had an interesting and educational thread here on misc@ on how to block facebook.com. Knowing that many of the OpenBSD-pros on this list are way more educated on network-related issues than I am, I hope none feels offended with another question related to Facebook: Today I am once more off-site from home, but with access to an iMac running OpenBSD-amd64/current; PF runs out-of-the-box unchanged. I noticed that ping responses for 'facebook.com' are exceptionally faster than e.g. those for 'google.com'. This is what I did to track down on the issue: $ cat /etc/resolv.conf # Generated by nfe0 dhclient nameserver 192.168.1.1 lookup file bind $ cat /etc/hosts | grep facebook 127.0.0.1 facebook.com 127.0.0.1 www.facebook.com 127.0.0.1 facebook.de 127.0.0.1 www.facebook.de 127.0.0.1 de-de.facebook.com 127.0.0.1 ads.ak.facebook.com 127.0.0.1 creative.ak.facebook.com 127.0.0.1 facebookinc.122.2o7.net $ sudo traceroute google.com 1 netgear (192.168.1.1) 0.301 ms 0.232 ms 0.228 ms 2 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 9.933 ms 7.890 ms 11.456 ms 3 ve-cmts.mes-muc-02.de.infra.cablesurf.de (aaa.bbb.ccc.ddd) 9.556 ms 12.199 ms 9.277 ms 4 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 20.649 ms 22.526 ms 17.204 ms 5 google.bcix.de (aaa.bbb.ccc.ddd) 22.794 ms 23.894 ms 26.117 ms 6 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.263 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.457 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 21.597 ms 7 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 26.983 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 25.247 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 35.177 ms 8 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 20.533 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.67 ms 21.929 ms 9 * * * 10 bk-in-f100.1e100.net (aaa.bbb.ccc.ddd) 21.421 ms 23.498 ms 21.952 ms $ sudo traceroute facebook.com 1 localhost (127.0.0.1) 0.57 ms 0.23 ms 0.19 ms $ pkg_info | grep proxy libproxy-0.4.11p3 library handling all the details of proxy configuration libproxy-mozilla-0.4.11p2 pacrunner libproxy plugin for mozilla-based (gecko) browsers $ man libproxy man: no entry for libproxy in the manual. $ apropos libproxy libproxy: nothing appropriate I'd like to mention that I am in the outskirts of Munich and that the system was freshly started into a console (no X, no browser). The netgear-router at 192.168.1.1 also serves a colleague who uses facebook. MY QUESTION: What might have happened that 'facebook.com' is found on localhost at 127.0.0.1 on my machine? Actually 'google.com' is called regularly thus I'd expeced it to be as fast/show as 'facebook.com'. I have no clue and I don't have the slightest idea on how to get rid of this address - can anyone provide some more insight? Other information you need to provide advice? Thank you! Kind regards STEFAN $ dmesg OpenBSD 5.4-current (GENERIC.MP) #73: Tue Oct 15 00:08:48 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP RTC BIOS diagnostic error f7clock_battery,ROM_cksum,config_unit,memory_size,invalid_time real mem = 8279707648 (7896MB) avail mem = 8051179520 (7678MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe (43 entries) bios0: vendor Apple Inc. version IM91.88Z.008D.B08.0904271717 date 04/27/09 bios0: Apple Inc. iMac9,1 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC MCFG ASF! SBST ECDT SSDT SSDT SSDT acpi0: wakeup devices EC__(S3) OHC1(S3) EHC1(S3) OHC2(S3) EHC2(S3) GIGE(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 2500 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU E8135 @ 2.66GHz, 1592.23 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM 2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF cpu0: 6MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 cpu0: apic clock running at 265MHz cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU E8135 @ 2.66GHz, 1592.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
Re: 5.4 pre-order announcement?
lulz... sound of music?
do { to loop at least one time
regex, to match a chunk of text
main(), the name, by which i'm called
for(), another kind of loop
sem, a way to block a thread
log(), a func to follow sem
t, a place to store the time
} while (we close the block of do)
/* clever. thanks for all your great work! */
On Wednesday, September 18, 2013, Kirill Bychkov wrote:
On Thu, September 19, 2013 00:35, patrick keshishian wrote:
Just out of curiosity, did we miss the 5.4 pre-order announcement
this time around or was I the only one who missed it?
It was silent. See undeadly.
Regardless, my order was placed about a week ago. Thanks for all
your efforts!
Cheers,
--patrick
Re: Sorry: Facebook again
James Shupe [jsh...@hermetek.com] wrote: On 10/21/2013 9:08 PM, Chris Cappuccio wrote: I wrote up a guide for all you fascists to exercise your power with relayd. Here's the early, unedited version: http://www.nmedia.net/chris/url.blacklist.txt FYI: 403 forbidden Yeah I had to do a chmod +r. Damn, you guys are quick. Anyways this also triggers a bug in the URL filtering mode of relayd. The symptom is long HTTP sessions hanging (Youtube, file downloads, ...) It may be fixed in -current. If you are using 5.3 or 5.4, you'll want to grab the current relayd source and install it.
Re: Sorry: Facebook again
Chris Cappuccio [ch...@nmedia.net] wrote: Anyways this also triggers a bug in the URL filtering mode of relayd. The symptom is long HTTP sessions hanging (Youtube, file downloads, ...) It may be fixed in -current. If you are using 5.3 or 5.4, you'll want to grab the current relayd source and install it. Oh also, you may want to use 5.4-current if you are using this in a high traffic environment, as the socket splicing code has been improved. I'm not even sure if the improvements are relevant to this use case. But -current is rather stable, nothing to shy away from IMO.
fold.c -number syntax integer overflow
Hello list!
While looking at the code of usr.bin/fold i noticed that the way
it parses arguments for the (obsolete) -number syntax suffers from an
it loops over each digit in a -x stream of numbers from right to left
and sets a counter = (counter * 10) + (x - '0').
Then it checks for counter (INT_MAX / 10)
integer overflow:
$fold -2147483648 foo
fold: illegal width value, too small
this is MAX_INT on my platform. the way it parses it will produce the
same error if you keep adding digits after the end (since it never gets
to read them) but it will correctly catch the large number error if you
increase any nonlast digits. Looking around i noticed how head.c handles
the -number case and it seems way better so i implemented that in fold.
other programs might suffer from this funky logic in our base like grep.
imo if we want to keep this looping over the digits each time * 10
+ (ch - '0') , then it could be better to just check for 0 to get
the overflow (right?). But in any case i think that leaving the erroring
for strtonum is better.
Index: fold.c
===
RCS file: /cvs/src/usr.bin/fold/fold.c,v
retrieving revision 1.13
diff -u -p -r1.13 fold.c
--- fold.c 22 Oct 2010 14:11:22 - 1.13
+++ fold.c 22 Oct 2013 02:57:34 -
@@ -54,12 +54,20 @@ main(int argc, char *argv[])
{
int ch, lastch, newarg, prevoptind, width;
const char *errstr;
+ char *p = NULL;
width = 0;
lastch = '\0';
prevoptind = 1;
newarg = 1;
- while ((ch = getopt(argc, argv, 0123456789bsw:)) != -1) {
+ /* handle obsolete -number syntax */
+ if (argc 1 argv[1][0] == '-' isdigit(argv[1][1])) {
+ p = argv[1] + 1;
+ argc--;
+ argv++;
+ }
+
+ while ((ch = getopt(argc, argv, bsw:)) != -1) {
switch (ch) {
case 'b':
count_bytes = 1;
@@ -73,18 +81,6 @@ main(int argc, char *argv[])
errx(1, illegal width value, %s: %s, errstr,
optarg);
break;
- case '0': case '1': case '2': case '3': case '4':
- case '5': case '6': case '7': case '8': case '9':
- if (newarg)
- width = 0;
- else if (!isdigit(lastch))
- usage();
- if (width INT_MAX / 10)
- errx(1, illegal width value, too large);
- width = (width * 10) + (ch - '0');
- if (width 1)
- errx(1, illegal width value, too small);
- break;
default:
usage();
}
@@ -94,6 +90,12 @@ main(int argc, char *argv[])
}
argv += optind;
argc -= optind;
+
+ if (p) {
+ width = strtonum(p, 1, INT_MAX, errstr);
+ if (errstr)
+ errx(1, illegal width value %s: %s, errstr, p);
+ }
if (width == 0)
width = DEFLINEWIDTH;
[demime 1.01d removed an attachment of type application/pgp-signature]
Re: Sorry: Facebook again
On Oct 22 02:19:00, stefan.wol...@web.de wrote: $ cat /etc/resolv.conf # Generated by nfe0 dhclient nameserver 192.168.1.1 lookup file bind $ cat /etc/hosts | grep facebook 127.0.0.1 facebook.com 127.0.0.1 www.facebook.com 127.0.0.1 facebook.de 127.0.0.1 www.facebook.de 127.0.0.1 de-de.facebook.com 127.0.0.1 ads.ak.facebook.com 127.0.0.1 creative.ak.facebook.com 127.0.0.1 facebookinc.122.2o7.net $ sudo traceroute facebook.com 1 localhost (127.0.0.1) 0.57 ms 0.23 ms 0.19 ms MY QUESTION: What might have happened that 'facebook.com' is found on localhost at 127.0.0.1 on my machine? You put it there.
