Re: pkg_add + httpd...high latency on 6.4

[Mark Patruck]

- http or https doesn't matter

- only pkg_add is affected, ftp download works

- reverting benno@'s change to
  /src/usr.sbin/httpd/{httpd.h,server.c,server_http.c}
  10 days ago makes pkg_add work normally again


On Wed, Oct 10, 2018 at 10:27:11PM +, Stuart Henderson wrote:
> On 2018-10-10, Mark Patruck  wrote:
> > Hi,
> >
> > is anyone else seeing a high latency when running pkg_add with 6.4?
> >
> > - server with httpd (5 hours old 6.4)
> > - client running pkg_add (5 hours old 6.4)
> >
> > $ doas pkg_add -u
> >
> > nothing happens for ~60 seconds
> >
> > $ (done)
> >
> > Everything works normally, if
> >
> > - i replace httpd with nginx for testing
> > - pkg_add against httpd running on a 25 days old -current
> >
> >
> > -Mark
> >
> 
> Can you figure out what's slow? Are plain fetches from that server
> using ftp(1) also slow or is it just with pkg_add?
> 
> Is it using http or https? If https, is http any better?
> 
> Is it possible to try building older httpd from source (e.g.
> "cd /usr/src/usr.sbin/httpd; cvs up -D 2018/09/15; make obj; make;
> doas make install") and see if the problem occurs there too? (i.e
> determine whether it's an httpd change or some other change that
> caused it).
> 
> 

-- 
Mark Patruck ( mark at wrapped.cx )
GPG key 0xF2865E51 / 187F F6D3 EE04 1DCE 1C74  F644 0D3C F66F F286 5E51

http://www.wrapped.cx

Re: ath.c -> dmesg -> bug

[Philip Guenther]

On Wed, Oct 10, 2018 at 3:35 PM NN  wrote:

> I try to analyse my dmesg with:
>
>  # dmesg | grep ath0
>
> and I can see ERROR message:
>
>  > ath0 device timeout ...
>
> I have checked "ath.c" file in "/cvs/src/sys/dev/ic/" on stable branch.
>
> I found this one construction: "--sc->sc_tx_time == 0". Probably it's
> meen "0 == 0",


> I have made this patch (see in attachment) and now it's working without
> any ERROR/WARNING for me.
>
> Please confirm.
>
> If my FIX for "ath.c" is correct, please update cvs in new 6.4 Release.
>
...

> --- ath.c31 Jan 2018 11:27:03 -1.116
> +++ ath.c11 Oct 2018 00:06:54 -
> @@ -930,7 +930,7 @@ ath_watchdog(struct ifnet *ifp)
>   if ((ifp->if_flags & IFF_RUNNING) == 0 || sc->sc_invalid)
>   return;
>   if (sc->sc_tx_timer) {
> -if (--sc->sc_tx_timer == 0) {
> +if (sc->sc_tx_timer == 0) {
>

This diff cannot be correct: the condition right above it is only true if
sc->sc_tx_timer is non-zero, so then testing whether it is _currently_ zero
will never be true.  That's also the only place sc->sc_tx_timer is
decremented, so deleting the '--' disables the timeout.  The existing code
decrements it and then tests whether it's zero, effectively testing whether
sc->sc_tx_timer was exactly 1.

Your work to update the driver in the thread from October 5th is a more
productive way to address the issues you're experiencing.


Philip Guenther

Re: ksh equivalent to shell-expand-line

[Hajime Edakawa]

I send the email once again because missing tab space.
I'm sorry that to send extra email.

Index: emacs.c
===
RCS file: /cvs/src/bin/ksh/emacs.c,v
retrieving revision 1.85
diff -u -p -r1.85 emacs.c
--- emacs.c 18 Jun 2018 17:03:58 -  1.85
+++ emacs.c 10 Oct 2018 23:26:49 -
@@ -201,6 +201,7 @@ static int  x_fold_lower(int);
 static int x_fold_upper(int);
 static int x_set_arg(int);
 static int x_comment(int);
+static int x_expand_alias_sub(int);
 #ifdef DEBUG
 static int x_debug_info(int);
 #endif
@@ -258,6 +259,7 @@ static const struct x_ftab x_ftab[] = {
{ x_fold_upper, "upcase-word",  XF_ARG },
{ x_set_arg,"set-arg",  XF_NOBIND },
{ x_comment,"comment",  0 },
+   { x_expand_alias_sub,   "expand-alias-substitute",  0 },
{ 0, 0, 0 },
 #ifdef DEBUG
{ x_debug_info, "debug-info",   0 },
@@ -1492,6 +1494,7 @@ x_init_emacs(void)
kb_add(x_comp_file, CTRL('['), CTRL('X'), 0);
kb_add(x_comp_list, CTRL('I'), 0);
kb_add(x_comp_list, CTRL('['), '=', 0);
+   kb_add(x_expand_alias_sub,  CTRL('['), CTRL('E'), 0);
kb_add(x_del_back,  CTRL('?'), 0);
kb_add(x_del_back,  CTRL('H'), 0);
kb_add(x_del_char,  CTRL('['), '[', '3', '~', 0);
/* delete */
@@ -1982,6 +1985,73 @@ x_comment(int c)
return KSTD;
 }

+static int
+x_expand_alias_sub(int c)
+{
+   struct tbl *tp;
+   const char *sep = " \t\n";
+   char *cp;
+   char *word, *name;
+   char *buf, *tok, *state;
+   int skip = 0;
+   int size = 0;
+   size_t len = 0;
+
+   if (xep == xbuf)
+   goto fail;
+
+   cp = xbuf;
+   while (cp != xep && is_mfs(*cp))
+   skip += x_size(*cp++);
+
+   word = cp;
+   while (cp != xep && !is_mfs(*cp)) {
+   size += x_size(*cp++);
+   len++;
+   }
+
+   if (len > 0) {
+   name = strndup(word, len);
+   if (!name) {
+   bi_errorf("unable to allocate memory");
+   goto fail;
+   }
+
+   tp = ktsearch(&aliases, name, hash(name));
+   if (tp) {
+   buf = strdup(tp->val.s);
+   if (!buf) {
+   bi_errorf("unable to allocate memory");
+   goto fail;
+   }
+
+   tok = strtok_r(buf, sep, &state);
+   if (!tok) {
+   bi_errorf("strtok_r failed");
+   goto fail;
+   }
+
+   if (strcmp(name, tok)) {
+   x_goto(xbuf + skip);
+   x_delete(size, false);
+   x_ins(tp->val.s);
+   }
+   }
+   }
+
+   size = x_size_str(xbuf);
+   buf = substitute(xbuf, 0);
+
+   x_goto(xbuf);
+   x_delete(size, false);
+   x_ins(buf);
+   x_adjust();
+
+   return KSTD;
+fail:
+   x_e_putc(BEL);
+   return KSTD;
+}

 /* NAME:
  *  x_prev_histword - recover word from prev command

2018年10月11日(木) 10:07 Hajime Edakawa :
>
> Klemens Nanni wrote:
> >Thanks for your work.
>
> I'm the one who should be thanking OpenBSD developers.
> It's a real honor to hear that!
>
> >With `alias ls=ls\ -l' and successive expand-line invocations: will
> >`ls' be expanded over and over again?
>
> Maybe I fixed the problems that you pointed out.
>
> $ type ls
> ls is an alias for 'ls -CF'
> $ alias ll='ls -l'
> $ ll
> $ ls -l
> $ ls -l
> ...
>
> >This looks nice.
>
> I added some more example.
>
> $ path=/foo/bar/file.txt
> $ alias ll='ls -l'
> $ ll "$(echo $$)" $(( 1 + 1 )) ${path##*/} hoge
> $ ls -l "71788" 2 file.txt hoge
>
> >Did you test it in vi mode as well?
>
> Unfortunately, I've never use vi. I'm really sorry.
> I'd like to study vi sometime.
>
> >Your diff does not apply to -CURRENT (written against 6.3) and lacks
> >documentation updates to ksh(1).
>
> I've tried to add the diff of emacs.c and ksh.1 against -CURRENT.
> The name changes from shell-expand-line to expand-alias-substitute.
> And expand-alias-substitute code was modified.
>
> /* Excuse me if you not understand or you feel bad with my poor English */
>
> Best regards,
> Hajime Edakawa
>
> Index: ksh.1
> ===
> RCS file: /cvs/src/bin/ksh/ksh.1,v
> retrieving revision 1.201
> diff -u -p -r1.201 ksh.1
> --- ksh.1 18 Jun 2018 17:03:58 - 1.201
> +++ ksh.1 10 Oct 2018 23:26:57 -
> @@ -4819,6 +4819,10 @@ if alone on a line; otherwise acts as
>  Error (ring the bell

Re: ksh equivalent to shell-expand-line

[Hajime Edakawa]

Klemens Nanni wrote:
>Thanks for your work.

I'm the one who should be thanking OpenBSD developers.
It's a real honor to hear that!

>With `alias ls=ls\ -l' and successive expand-line invocations: will
>`ls' be expanded over and over again?

Maybe I fixed the problems that you pointed out.

$ type ls
ls is an alias for 'ls -CF'
$ alias ll='ls -l'
$ ll
$ ls -l
$ ls -l
...

>This looks nice.

I added some more example.

$ path=/foo/bar/file.txt
$ alias ll='ls -l'
$ ll "$(echo $$)" $(( 1 + 1 )) ${path##*/} hoge
$ ls -l "71788" 2 file.txt hoge

>Did you test it in vi mode as well?

Unfortunately, I've never use vi. I'm really sorry.
I'd like to study vi sometime.

>Your diff does not apply to -CURRENT (written against 6.3) and lacks
>documentation updates to ksh(1).

I've tried to add the diff of emacs.c and ksh.1 against -CURRENT.
The name changes from shell-expand-line to expand-alias-substitute.
And expand-alias-substitute code was modified.

/* Excuse me if you not understand or you feel bad with my poor English */

Best regards,
Hajime Edakawa

Index: ksh.1
===
RCS file: /cvs/src/bin/ksh/ksh.1,v
retrieving revision 1.201
diff -u -p -r1.201 ksh.1
--- ksh.1 18 Jun 2018 17:03:58 - 1.201
+++ ksh.1 10 Oct 2018 23:26:57 -
@@ -4819,6 +4819,10 @@ if alone on a line; otherwise acts as
 Error (ring the bell).
 .It exchange-point-and-mark: ^X^X
 Places the cursor where the mark is and sets the mark to where the cursor was.
+.It expand-alias-substitute: ^[^E
+Automatically expands a command alias and substitute parameter,
command, and arithmetic (see
+.Sx Substitution
+below).
 .It expand-file: ^[*
 Appends a
 .Ql *
Index: emacs.c
===
RCS file: /cvs/src/bin/ksh/emacs.c,v
retrieving revision 1.85
diff -u -p -r1.85 emacs.c
--- emacs.c 18 Jun 2018 17:03:58 - 1.85
+++ emacs.c 10 Oct 2018 23:26:49 -
@@ -201,6 +201,7 @@ static int x_fold_lower(int);
 static int x_fold_upper(int);
 static int x_set_arg(int);
 static int x_comment(int);
+static int x_expand_alias_sub(int);
 #ifdef DEBUG
 static int x_debug_info(int);
 #endif
@@ -258,6 +259,7 @@ static const struct x_ftab x_ftab[] = {
  { x_fold_upper, "upcase-word", XF_ARG },
  { x_set_arg, "set-arg", XF_NOBIND },
  { x_comment, "comment", 0 },
+ { x_expand_alias_sub, "expand-alias-substitute", 0 },
  { 0, 0, 0 },
 #ifdef DEBUG
  { x_debug_info, "debug-info", 0 },
@@ -1492,6 +1494,7 @@ x_init_emacs(void)
  kb_add(x_comp_file, CTRL('['), CTRL('X'), 0);
  kb_add(x_comp_list, CTRL('I'), 0);
  kb_add(x_comp_list, CTRL('['), '=', 0);
+ kb_add(x_expand_alias_sub, CTRL('['), CTRL('E'), 0);
  kb_add(x_del_back, CTRL('?'), 0);
  kb_add(x_del_back, CTRL('H'), 0);
  kb_add(x_del_char, CTRL('['), '[', '3', '~', 0); /* delete */
@@ -1982,6 +1985,73 @@ x_comment(int c)
  return KSTD;
 }

+static int
+x_expand_alias_sub(int c)
+{
+ struct tbl *tp;
+ const char *sep = " \t\n";
+ char *cp;
+ char *word, *name;
+ char *buf, *tok, *state;
+ int skip = 0;
+ int size = 0;
+ size_t len = 0;
+
+ if (xep == xbuf)
+ goto fail;
+
+ cp = xbuf;
+ while (cp != xep && is_mfs(*cp))
+ skip += x_size(*cp++);
+
+ word = cp;
+ while (cp != xep && !is_mfs(*cp)) {
+ size += x_size(*cp++);
+ len++;
+ }
+
+ if (len > 0) {
+ name = strndup(word, len);
+ if (!name) {
+ bi_errorf("unable to allocate memory");
+ goto fail;
+ }
+
+ tp = ktsearch(&aliases, name, hash(name));
+ if (tp) {
+ buf = strdup(tp->val.s);
+ if (!buf) {
+ bi_errorf("unable to allocate memory");
+ goto fail;
+ }
+
+ tok = strtok_r(buf, sep, &state);
+if (!tok) {
+ bi_errorf("strtok_r failed");
+ goto fail;
+ }
+
+ if (strcmp(name, tok)) {
+ x_goto(xbuf + skip);
+ x_delete(size, false);
+ x_ins(tp->val.s);
+ }
+ }
+ }
+
+ size = x_size_str(xbuf);
+ buf = substitute(xbuf, 0);
+
+ x_goto(xbuf);
+ x_delete(size, false);
+ x_ins(buf);
+ x_adjust();
+
+ return KSTD;
+fail:
+ x_e_putc(BEL);
+ return KSTD;
+}

 /* NAME:
  *  x_prev_histword - recover word from prev command
2018年10月11日(木) 2:52 Klemens Nanni :
>
> On Wed, Oct 10, 2018 at 08:58:43AM +0900, Hajime Edakawa wrote:
> > I have challenged to try to make shell_expand_line in ksh.
> > You can check it if you type M-C-e.
> Thanks for your work.
>
> > $ echo "$(echo a b)"
> > $ echo "a b"
> >
> > $ alias ll='ls -l'
> > $ ll $(echo a b) hoge "$(( 1 + 1 ))" ll bar
> > $ ls -l a b hoge "2" ll bar
> This looks nice.
>
> With `alias ls=ls\ -l' and successive expand-line invocations: will
> `ls' be expanded over and over again?
>
> Did you test it in vi mode as well?
>
> > To be honest, I'm not sure if this is correct.
> > I only like OpenBSD, That's why I'm so sorry if they're wrong
> Your diff does not apply to -CURRENT (written against 6.3) and lacks
> documentation updates to ksh(1).

Re: ksh equivalent to shell-expand-line

[Hajime Edakawa]

John Ankarström wrote:
>That sounds fabulous!  Thank you for your initiative!  The code looks
>interesting.

Many thanks for your reply message, it made my day!

>It might be interesting to take a look at the source of mksh[1], another
>ksh implementation, which has a similar binding called evaluate-region.

I appreciate your advice which was all new information for me!

Best regards,
Hajime Edakawa
2018年10月11日(木) 0:47 John Ankarström :
>
> Hajime Edakawa wrote:
> > Hello Mr. Ankarström,
> >
> > I have challenged to try to make shell_expand_line in ksh.
> > You can check it if you type M-C-e.
>
> That sounds fabulous!  Thank you for your initiative!  The code looks
> interesting.
>
> > To be honest, I'm not sure if this is correct.
> > I only like OpenBSD, That's why I'm so sorry if they're wrong
>
> It might be interesting to take a look at the source of mksh[1], another
> ksh implementation, which has a similar binding called evaluate-region.
>
> [1]: https://www.mirbsd.org/mksh.htm
>
> Best regards,
> John
>

Problems with a quad Realtek NIC

[Martin Hanson]

Hi,� I have one of these 4-port Realtek NIC cards:
https://www.ebay.co.uk/itm/PCIe-PCI-Express-to-4x-Gigabit-Card-4-Port-Ethernet-Network-Adapter-10-100-1000M/252484240577?epid=505371101�
 I
am running OpenBSD 6.3 stable.� During boot the card is seen, but it only
works occasionally. When it works I can see all the 4 ports using
"ifconfig" and I can assign IP addresses etc. When it doesn't work
nothing is shown using "ifconfig".� As far as I understand from the "re"
manpage RTL8168E/8111E is supported.� This is my dmesg:� 
http://paste.debian.net/1046756/� When
the card isn't working I also get this:� +ppb1 at pci1 dev 0 function 0
vendor "ASMedia", unknown product 0x1184 rev 0x00
+pci2 at ppb1 bus 2
+ppb2 at pci2 dev 1 function 0 vendor "ASMedia", unknown product 0x1184
rev 0x00: not configured by system firmware
+ppb3 at pci2 dev 3 function 0 vendor "ASMedia", unknown product 0x1184
rev 0x00: not configured by system firmware
+ppb4 at pci2 dev 5 function 0 vendor "ASMedia", unknown product 0x1184
rev 0x00: not configured by system firmware
+ppb5 at pci2 dev 7 function 0 vendor "ASMedia", unknown product 0x1184
rev 0x00: not configured by system firmware
� Is this a driver issue or something else perhaps?� Kindest regards

ath.c -> dmesg -> bug

[NN]

Hi All,

I try to analyse my dmesg with:

    # dmesg | grep ath0

and I can see ERROR message:

    > ath0 device timeout ...

I have checked "ath.c" file in "/cvs/src/sys/dev/ic/" on stable branch.

I found this one construction: "--sc->sc_tx_time == 0". Probably it's 
meen "0 == 0",


I have made this patch (see in attachment) and now it's working without 
any ERROR/WARNING for me.


Please confirm.

If my FIX for "ath.c" is correct, please update cvs in new 6.4 Release.

Many Thanks & Sorry for my English.

Oleg Pahl (München)

Index: ath.c
===
RCS file: /cvs/src/sys/dev/ic/ath.c,v
retrieving revision 1.116
diff -u -p -u -r1.116 ath.c
--- ath.c    31 Jan 2018 11:27:03 -    1.116
+++ ath.c    11 Oct 2018 00:06:54 -
@@ -930,7 +930,7 @@ ath_watchdog(struct ifnet *ifp)
 if ((ifp->if_flags & IFF_RUNNING) == 0 || sc->sc_invalid)
     return;
 if (sc->sc_tx_timer) {
-        if (--sc->sc_tx_timer == 0) {
+        if (sc->sc_tx_timer == 0) {
         printf("%s: device timeout\n", ifp->if_xname);
         ath_reset(sc, 1);
         ifp->if_oerrors++;

Index: ath.c
===
RCS file: /cvs/src/sys/dev/ic/ath.c,v
retrieving revision 1.116
diff -u -p -u -r1.116 ath.c
--- ath.c	31 Jan 2018 11:27:03 -	1.116
+++ ath.c	11 Oct 2018 00:06:54 -
@@ -930,7 +930,7 @@ ath_watchdog(struct ifnet *ifp)
 	if ((ifp->if_flags & IFF_RUNNING) == 0 || sc->sc_invalid)
 		return;
 	if (sc->sc_tx_timer) {
-		if (--sc->sc_tx_timer == 0) {
+		if (sc->sc_tx_timer == 0) {
 			printf("%s: device timeout\n", ifp->if_xname);
 			ath_reset(sc, 1);
 			ifp->if_oerrors++;

Re: pkg_add + httpd...high latency on 6.4

[Stuart Henderson]

On 2018-10-10, Mark Patruck  wrote:
> Hi,
>
> is anyone else seeing a high latency when running pkg_add with 6.4?
>
> - server with httpd (5 hours old 6.4)
> - client running pkg_add (5 hours old 6.4)
>
> $ doas pkg_add -u
>
> nothing happens for ~60 seconds
>
> $ (done)
>
> Everything works normally, if
>
> - i replace httpd with nginx for testing
> - pkg_add against httpd running on a 25 days old -current
>
>
>   -Mark
>

Can you figure out what's slow? Are plain fetches from that server
using ftp(1) also slow or is it just with pkg_add?

Is it using http or https? If https, is http any better?

Is it possible to try building older httpd from source (e.g.
"cd /usr/src/usr.sbin/httpd; cvs up -D 2018/09/15; make obj; make;
doas make install") and see if the problem occurs there too? (i.e
determine whether it's an httpd change or some other change that
caused it).

Re: pkg_add exit status reporting

[Anton Lindqvist]

On Tue, Oct 09, 2018 at 02:12:48PM -0700, Greg Steuck wrote:
> Hi Marc,
> 
> I was trying to automate an installation script around pkg_add
> [0]
> and noticed some cases where error reporting and/or documentation could be
> improved. In particular, I want to have an "unattended" mode with a simple
> way to check that all my package installations were successful. So far I
> can't seem to do better than grepping pkg_add output. E.g.
> 
> ci-openbsd$ doas pkg_add foobar; echo $?
> https://cloudflare.cdn.openbsd.org/pub/OpenBSD/6.4/packages/amd64/: no such
> dir
> Can't find foobar
> 0
> 
> Thanks
> Greg
> 
> 0)
> https://github.com/google/syzkaller/blob/master/tools/create-openbsd-gce-ci.sh#L33

I often use the following idiom when scripting package installation:

  $ doas pkg_add foobar; PKG_PATH= pkg_info foobar || echo fail

pkg_add + httpd...high latency on 6.4

[Mark Patruck]

Hi,

is anyone else seeing a high latency when running pkg_add with 6.4?

- server with httpd (5 hours old 6.4)
- client running pkg_add (5 hours old 6.4)

$ doas pkg_add -u

nothing happens for ~60 seconds

$ (done)

Everything works normally, if

- i replace httpd with nginx for testing
- pkg_add against httpd running on a 25 days old -current


-Mark

-- 
Mark Patruck ( mark at wrapped.cx )
GPG key 0xF2865E51 / 187F F6D3 EE04 1DCE 1C74  F644 0D3C F66F F286 5E51

http://www.wrapped.cx

Re: Microcode guide

[Stuart Henderson]

On 2018-10-10, Zbyszek Żółkiewski  wrote:
> Is there guide somewhere on how to load custom microcode for CPU on OpenBSD?

There isn't.

If it's an intel cpu, you could overwrite the file in /etc/firmware/intel
for your cpu family/model/stepping (taking care with fw_update). On -current
this is shown in the cpu attach line in dmesg, e.g. with

cpu0: Intel(R) Xeon(R) CPU E3-1225 v3 @ 3.20GHz, 3392.62 MHz, 06-3c-03

the bootloader will look for ucode in /etc/firmware/intel/06-3c-03.

Note: there's no ucode loader for non-Intel CPUs yet. And if you have a
bad microcode file you might have some hassle disabling it (booting from
install media and mounting the partition on the disk to move it out the
way is probably the simplest).

Re: pf.conf: identifying a specific user from dhcpd-table

[Stuart Henderson]

On 2018-10-10, Stefan Wollny  wrote:
> I could assign a static address to this laptop and use this address
> setting up a specific rule for this one port. But this is not the way
> I'd prefer to go.

Note that, doing it this way, if the server's dynamic address changes
client connections will need to timeout before they can reconnect and
get redirected to the server's new address.

Would DHCP with fixed-address not work here?

Re: ksh equivalent to shell-expand-line

[Klemens Nanni]

On Wed, Oct 10, 2018 at 08:58:43AM +0900, Hajime Edakawa wrote:
> I have challenged to try to make shell_expand_line in ksh.
> You can check it if you type M-C-e.
Thanks for your work.

> $ echo "$(echo a b)"
> $ echo "a b"
> 
> $ alias ll='ls -l'
> $ ll $(echo a b) hoge "$(( 1 + 1 ))" ll bar
> $ ls -l a b hoge "2" ll bar
This looks nice.

With `alias ls=ls\ -l' and successive expand-line invocations: will
`ls' be expanded over and over again?

Did you test it in vi mode as well?

> To be honest, I'm not sure if this is correct.
> I only like OpenBSD, That's why I'm so sorry if they're wrong
Your diff does not apply to -CURRENT (written against 6.3) and lacks
documentation updates to ksh(1).

Re: pf.conf: identifying a specific user from dhcpd-table

[Edgar Pettijohn]

On Oct 10, 2018 10:23 AM, Paul de Weerd  wrote:
>
> On Wed, Oct 10, 2018 at 10:17:21AM -0500, Edgar Pettijohn wrote:
> | When looking for pf info I generally just Google Peter Hansteen.
>
> So is Peter misnamed, should he be called Peter Fansteen, or is pf(4)
> misnamed, should it be ph(4)?
>

We should let him choose, but Peter fansteen has a nice ring to it.

Edgar
> *confused*
>
> Paul 'WEiRD' de Weerd
>
> SCNR
>
> -- 
> >[<++>-]<+++.>+++[<-->-]<.>+++[<+
> +++>-]<.>++[<>-]<+.--.[-]
>  http://www.weirdnet.nl/ 

Re: ksh equivalent to shell-expand-line

[John Ankarström]

Hajime Edakawa wrote:

Hello Mr. Ankarström,

I have challenged to try to make shell_expand_line in ksh.
You can check it if you type M-C-e.


That sounds fabulous!  Thank you for your initiative!  The code looks 
interesting.



To be honest, I'm not sure if this is correct.
I only like OpenBSD, That's why I'm so sorry if they're wrong


It might be interesting to take a look at the source of mksh[1], another 
ksh implementation, which has a similar binding called evaluate-region.


[1]: https://www.mirbsd.org/mksh.htm

Best regards,
John

Re: pf.conf: identifying a specific user from dhcpd-table

[Paul de Weerd]

On Wed, Oct 10, 2018 at 10:17:21AM -0500, Edgar Pettijohn wrote:
| When looking for pf info I generally just Google Peter Hansteen.

So is Peter misnamed, should he be called Peter Fansteen, or is pf(4)
misnamed, should it be ph(4)?

*confused*

Paul 'WEiRD' de Weerd

SCNR

-- 
>[<++>-]<+++.>+++[<-->-]<.>+++[<+
+++>-]<.>++[<>-]<+.--.[-]
 http://www.weirdnet.nl/ 

Re: pf.conf: identifying a specific user from dhcpd-table

[Bogdan Kulbida]

Edgar,

Sounds like you need to build an adaptive firewall. I would suggest to start 
with The Book of PF
by Peter Hansteen. An excellent resource. That might be a good starting point 
for you as well.
It has some good portion of the information on adaptive firewalls.

P.S. Thank you, Peter for such a great book.

-bogdan

> On Oct 10, 2018, at 8:17 AM, Edgar Pettijohn  wrote:
> 
> 
> On Oct 10, 2018 7:58 AM, "Peter N. M. Hansteen"  wrote:
>> 
>> On Wed, Oct 10, 2018 at 02:48:24PM +0200, Stefan Wollny wrote:
>>> 
>>> I'd like to set up PF to forward this port (25565) without a pre-defined
>>>   IP as macro as the dhcpd.conf has a line defining tables for abandoned
>>> ("-A"), changed ("-C") and present leases ("-L"). According to man
>>> dhcpd(8) those tables may be used with PF. But how??? I couldn't find
>>> examples.
>>> 
>>> Do I have to tell PF about these tables in pf.conf? Or don't I need
>>> these tables at all?
>> 
>> You do need to include the tables in your pf.conf. I'm a bit surprised
>> the example at https://home.nuug.no/~peter/pftutorial/#33 did not show up in 
>> your search.
>> 
>> - P
>> 
>> -- 
>> Peter N. M. Hansteen, member of the first RFC 1149 implementation team
>> http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
>> "Remember to set the evil bit on all malicious network traffic"
>> delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
>> 
> 
> When looking for pf info I generally just Google Peter Hansteen.
> 
> Edgar
> 

Re: pf.conf: identifying a specific user from dhcpd-table

[Edgar Pettijohn]

On Oct 10, 2018 7:58 AM, "Peter N. M. Hansteen"  wrote:
>
> On Wed, Oct 10, 2018 at 02:48:24PM +0200, Stefan Wollny wrote:
> > 
> > I'd like to set up PF to forward this port (25565) without a pre-defined
> >  IP as macro as the dhcpd.conf has a line defining tables for abandoned
> > ("-A"), changed ("-C") and present leases ("-L"). According to man
> > dhcpd(8) those tables may be used with PF. But how??? I couldn't find
> > examples.
> > 
> > Do I have to tell PF about these tables in pf.conf? Or don't I need
> > these tables at all?
>
> You do need to include the tables in your pf.conf. I'm a bit surprised
> the example at https://home.nuug.no/~peter/pftutorial/#33 did not show up in 
> your search.
>
> - P
>
> -- 
> Peter N. M. Hansteen, member of the first RFC 1149 implementation team
> http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
> "Remember to set the evil bit on all malicious network traffic"
> delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
>

When looking for pf info I generally just Google Peter Hansteen.

Edgar

Re: pf.conf: identifying a specific user from dhcpd-table

[Stefan Wollny]

Am 10.10.18 um 14:58 schrieb Peter N. M. Hansteen:
> On Wed, Oct 10, 2018 at 02:48:24PM +0200, Stefan Wollny wrote:
>>
>> I'd like to set up PF to forward this port (25565) without a pre-defined
>>  IP as macro as the dhcpd.conf has a line defining tables for abandoned
>> ("-A"), changed ("-C") and present leases ("-L"). According to man
>> dhcpd(8) those tables may be used with PF. But how??? I couldn't find
>> examples.
>>
>> Do I have to tell PF about these tables in pf.conf? Or don't I need
>> these tables at all?
> 
> You do need to include the tables in your pf.conf. I'm a bit surprised
> the example at https://home.nuug.no/~peter/pftutorial/#33 did not show up in 
> your search.
> 
> - P
> 
YES - this is exactly what I've been looking for!
(I use Google via 'startpage.com' - maybe this makes a difference???)

Thank you very much, Peter. BTW: Am I this blind that I oversaw this in
your book??? I had it with me on the train yesterday but I didn't see
this solution. Will take a 20th look tonight.

'Thank you' again for so much help here on the list, but as well for the
fine book!

Best,
STEFAN

Re: pf.conf: identifying a specific user from dhcpd-table

[Peter N. M. Hansteen]

On Wed, Oct 10, 2018 at 02:48:24PM +0200, Stefan Wollny wrote:
> 
> I'd like to set up PF to forward this port (25565) without a pre-defined
>  IP as macro as the dhcpd.conf has a line defining tables for abandoned
> ("-A"), changed ("-C") and present leases ("-L"). According to man
> dhcpd(8) those tables may be used with PF. But how??? I couldn't find
> examples.
> 
> Do I have to tell PF about these tables in pf.conf? Or don't I need
> these tables at all?

You do need to include the tables in your pf.conf. I'm a bit surprised
the example at https://home.nuug.no/~peter/pftutorial/#33 did not show up in 
your search.

- P

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: pkg_add exit status reporting

[Marc Espie]

On Tue, Oct 09, 2018 at 02:12:48PM -0700, Greg Steuck wrote:
> Hi Marc,
> 
> I was trying to automate an installation script around pkg_add
> [0]
> and noticed some cases where error reporting and/or documentation could be
> improved. In particular, I want to have an "unattended" mode with a simple
> way to check that all my package installations were successful. So far I
> can't seem to do better than grepping pkg_add output. E.g.
> 
> ci-openbsd$ doas pkg_add foobar; echo $?
> https://cloudflare.cdn.openbsd.org/pub/OpenBSD/6.4/packages/amd64/: no such
> dir
> Can't find foobar
> 0
> 
> Thanks
> Greg
> 
> 0)

Known issue.   Will get fixed eventually :(

grep syslog messages instead, pkg_add/delete records everything it 
installs/deletes.

pf.conf: identifying a specific user from dhcpd-table

[Stefan Wollny]

Hi there!

I've google'd quite a while and read the FAQ and many man-pages - but I
didn't find an example for my pf.conf (or simply overlooked it...):

The system is amd64-current. The client is Win7-laptop serving as
Minecraft-server, thus port 25565 needs to be forwarded but IP may change.

I have set up OpenBSD as firewall-router serving additionally as
dhcpd-server plus running a transparent squid. IP-forwarding is set in
/etc/sysctl. Basically everything is running fine, my users surf the net
and send/receive mail. Just that the other kids cannot reach my son's
Minecraft-server on the inside from the outside.

I could assign a static address to this laptop and use this address
setting up a specific rule for this one port. But this is not the way
I'd prefer to go.

I'd like to set up PF to forward this port (25565) without a pre-defined
 IP as macro as the dhcpd.conf has a line defining tables for abandoned
("-A"), changed ("-C") and present leases ("-L"). According to man
dhcpd(8) those tables may be used with PF. But how??? I couldn't find
examples.

Do I have to tell PF about these tables in pf.conf? Or don't I need
these tables at all?

What would the syntax actually be for the dhcpd-client (e.g.'enderman'),
s.th like the following tries?

pass on $ext_if from $int_if:peer to any binat-to $ext_if port 25565

This is not specific to client 'enderman'... another try:

pass out on $ext_if inet from $int_if to any \
 nat-to enderman:peer static-port
pass in on $ext_if inet from any to $int_if rdr-to enderman:peer

This rule is not specific to port 25565, though.

Please help - I am pretty confused...

TIA.

Best,
STEFAN

Microcode guide

[Zbyszek Żółkiewski]

Hi,

Is there guide somewhere on how to load custom microcode for CPU on OpenBSD?

_
Zbyszek Żółkiewski

Re: Clarification about mfs/tmpfs on /tmp

[Otto Moerbeek]

On Wed, Oct 10, 2018 at 12:59:27PM +0200, Eivind Eide wrote:

> I was not able to get correct permissions on my mfs /tmp until I put
> the following in /etc/rc.securelevel, which solved the problem.
> /bin/chmod 1777 /tmp

That is not the right solution. The right one is to unmount /tmp (boot
to single user mode if needed), and then do a chmod 1777 /tmp. That
will make sure any mfs mounted filesystem on top of /tmp gets 1777 as
permissions.


-Otto

Re: Clarification about mfs/tmpfs on /tmp

[Eivind Eide]

I was not able to get correct permissions on my mfs /tmp until I put
the following in /etc/rc.securelevel, which solved the problem.
/bin/chmod 1777 /tmp


-- 



Eivind Eide

"ONLY THOSE WHO ATTEMPT THE IMPOSSIBLE WILL ACHIEVE THE ABSURD"
- Oceania Association of Autonomous Astronauts

Re: Clarification about mfs/tmpfs on /tmp

[Paul de Weerd]

On Wed, Oct 10, 2018 at 10:20:32AM +0200, Felix Maschek wrote:
| 
| On 10/9/18 11:46 PM, Alexander Hall wrote:
| > On a sidenote, 777 is not the proper permissions for /tmp.
| 
| 
| What is the proper permission for /tmp?

1777 (you need to enable the sticky bit on the directory, see
sticky(8) for more information)

Cheers,

Paul 'WEiRD' de Weerd

-- 
>[<++>-]<+++.>+++[<-->-]<.>+++[<+
+++>-]<.>++[<>-]<+.--.[-]
 http://www.weirdnet.nl/ 

Re: Clarification about mfs/tmpfs on /tmp

[Felix Maschek]

On 10/9/18 11:46 PM, Alexander Hall wrote:

On a sidenote, 777 is not the proper permissions for /tmp.



What is the proper permission for /tmp?

~Felix

Re: Clarification about mfs/tmpfs on /tmp

[r.gr]

Alexander wrote:
> When you create and mount an mfs, its root node will "inherit" (or copy) the 
> permissions of the mount point.

> When you mount an ffs filesystem, it already has an existing root node from 
> the time it was newfs'd, which will not be modified based on the underlying 
> mount point.

> On a sidenote, 777 is not the proper permissions for /tmp.

Thank you very much!
With this reply, I consider my questions resolved.

Kind regards,
R.