Re: pf firewall bridge0 vether0 blocks DHCP for bridge interfaces connected to Windows
On Wed, Mar 10, 2021 at 08:40:55PM +0100, da...@hajes.org wrote: > Hi, > > I did set up OpenBSD router/firewall on PC Engines APU4d4 box. > > First interface is WAN that connects to Internet. > > Remaining three interfaces are bridged with bridge0 via vether0. > > firewall doesn't block LAN/bridge traffic on vether0. > > DHCPD runs on bridge. > > Two Linux hosts (connected to em2 and em3) connect without problem but > Windows host DHCP requests are blocked on em1. > > I didn't find any info regarding pf and bridging. Please check bridge(4) manpage, especially the NOTES section. > set skip on lo0 > set skip on bridge0 This line is useless. Packets never show up on bridge0. You need to add the physical interfaces and vether0 to your ruleset. > So far I have found a kludge for Windows "set skip on em1" > > Once, above by line is present in pf.conf, Win 10 host is allowed to acquire > IP address. Interesting is that Linux has no issues to acquire IP addresses > via DHCP. > > Any suggestions, please? You need to fix your pf.conf. > Is it something screwed up in Windows such as short 3-way-handshake? I doubt it. Your ruleset is most probably not allowing packets to pass properly over the bridge. Since you did not share your pf.conf file it is impossible to give you a better answer. -- :wq Claudio
Re: pf firewall bridge0 vether0 blocks DHCP for bridge interfaces connected to Windows
On 10.3.2021. 20:40, da...@hajes.org wrote: > Hi, > > I did set up OpenBSD router/firewall on PC Engines APU4d4 box. > > First interface is WAN that connects to Internet. > > Remaining three interfaces are bridged with bridge0 via vether0. > > firewall doesn't block LAN/bridge traffic on vether0. > > DHCPD runs on bridge. > > Two Linux hosts (connected to em2 and em3) connect without problem but > Windows host DHCP requests are blocked on em1. > > I didn't find any info regarding pf and bridging. > > set skip on lo0 > set skip on bridge0 > > So far I have found a kludge for Windows "set skip on em1" > > Once, above by line is present in pf.conf, Win 10 host is allowed to > acquire IP address. Interesting is that Linux has no issues to acquire > IP addresses via DHCP. > > Any suggestions, please? > > Is it something screwed up in Windows such as short 3-way-handshake? > > > Regards > > Hajes > maybe to try veb(4) instead bridge(4) ... in that case use vport instead vether ..
Re: vmm/vmd disk issue
So to conclude. I have done four parallel dd, cp, cmp on the host without any error showing up. Ian Darwin wrote: > Depending on where the error is, you might get away with > dd'ing with conv=noerror,sync, changing vm.conf to point > to the new copy, and run fsck in the vm. After this the vm would no longer freeze but an important config file was missing so I would not trust the state of the machine for anything else than maybe keeping it alive a few days until there is a better time to reinstall. Dave Voutila wrote: > Have you run fsck(8) on your host? Complere fsck of the host in single user mode showed no problem at all. > I'd say maybe make sure you have backups of anything important > first if you're purposely going to break things. :-) Always! :) So for now I will just let it be and see what time gives. Thank you all for your input!
Re: pf firewall bridge0 vether0 blocks DHCP for bridge interfaces connected to Windows
Physical interfaces suppose to be transparent and in listening mode. Bridge0>vether0 suppose to handle it. It looks like Win vs OpenBSD doesn't cooperate very well. I wonder if I should report it as a bug.On Mar 10, 2021 22:57, Pascal Huisman wrote: > > Dear David, > > I encountered the same problem. Somehow the em? interfaces are behind > egress after bridging. Just add a rule to udp 67, 68. > -- > Met vriendelijke groet, > > Pascal Huisman > > > Two can Live as Cheaply as One for Half as Long. > -- Howard Kandel > > >
Re: pf firewall bridge0 vether0 blocks DHCP for bridge interfaces connected to Windows
Dear David, I encountered the same problem. Somehow the em? interfaces are behind egress after bridging. Just add a rule to udp 67, 68. -- Met vriendelijke groet, Pascal Huisman Two can Live as Cheaply as One for Half as Long. -- Howard Kandel
pf firewall bridge0 vether0 blocks DHCP for bridge interfaces connected to Windows
Hi, I did set up OpenBSD router/firewall on PC Engines APU4d4 box. First interface is WAN that connects to Internet. Remaining three interfaces are bridged with bridge0 via vether0. firewall doesn't block LAN/bridge traffic on vether0. DHCPD runs on bridge. Two Linux hosts (connected to em2 and em3) connect without problem but Windows host DHCP requests are blocked on em1. I didn't find any info regarding pf and bridging. set skip on lo0 set skip on bridge0 So far I have found a kludge for Windows "set skip on em1" Once, above by line is present in pf.conf, Win 10 host is allowed to acquire IP address. Interesting is that Linux has no issues to acquire IP addresses via DHCP. Any suggestions, please? Is it something screwed up in Windows such as short 3-way-handshake? Regards Hajes
Re: 6.8 with gnome boots to xterm after upgrade
Sivan, On the boot problem I would suggest you check your BIOS settings for legacy boot and UEFI options in the boot or disk settings. The manual for your system / motherboard should explain. These can have several names like compatibility mode or CSM. I would expect to either use legacy BIOS / CSM boot or UEFI not both but I don't know how well it is supported on OpenBSD. Regards Ed Gray On Wed, 10 Mar 2021, 1:53 am Sivan !, wrote: > Thank you. Please see inline: > > On Tue, 9 Mar 2021 at 13:03, Stuart Henderson wrote: > > > > On 2021-03-08, Sivan ! wrote: > > > Thank you. One unresolved issue. While running fetch, there was an > > > error pop up that said /usr directory is out of space, though an > > > entire 250 GB nvme is for OpenBSD, almost with no user files, except > > > for the ports tree that was being downloaded b the fetch command. > > > When installing OpenBSD in a 250 GB nvme, I chose GPT and let the > > > installer decide on partitions. But something went wrong. > > > > The disk is split into partitions. Run df -h to see what's free. > > This is what I see: > > bash-5.0$ df -h > Filesystem SizeUsed Avail Capacity Mounted on > /dev/sd2a 986M128M809M14%/ > /dev/sd2l 168G5.2G155G 3%/home > /dev/sd2d 3.9G324M3.4G 9%/tmp > /dev/sd2f 5.8G5.1G432M92%/usr > /dev/sd2g 986M239M697M26%/usr/X11R6 > /dev/sd2h 19.4G4.9G 13.5G26%/usr/local > /dev/sd2k 5.8G116M5.4G 2%/usr/obj > /dev/sd2j 1.9G2.0K1.8G 0%/usr/src > /dev/sd2e 15.3G 36.5M 14.5G 0%/var > > > > > > To convert "marketing capacity" for a drive (given in "decimal GB") into > > usable capacity in binary GB (some people call this GiB), use this > > calculation: > > > > (97696368+(1953504*(capacity-50)))/2048 > > > > (The formula is from IDEMA LBA1-03 plus a conversion from 512-byte LBA > > blocks to GB) > > > > So for 250GB > > > > (97696368+(1953504*(250-50)))/2048 = 238475.1796875 > > Thank you. The issue is that in the bios I see two entries, the entry > that is listed as > "Samsung SSD 970 EVO Plus 250 GB (238476 MB)" is sometimes > automatically selected to boot, the boot process halts with a one line > "No active partition error. Then I have to get into bios to choose the line > that says "line No 1: UEFI OS (samsung SSD EVO 970 Plus 250 GB)" This > is why I raised the 30 blocks / GB-MB issue. > > > > > Then there's a little extra used for filesystem structures. > > > > > > > It started with the warning: Not all of the space available to > > > /dev/nvme0n1 appears to be used, you can fix the GPT to use all the > > > space (an extra 30 blocks) or > > > continue with the current setting? > > > > 30 blocks is nothing. Leave this alone. > > Yes, I will leave the 30 blocks alone. > > > > > Does this imply that the 232.89 GiB is OpenBSD area, but somehow with > > > "no active partition" which is perhaps the reason why there was an > > > error message during fetch that said /usr directory is low on disk > > > space ? > > > > You filled the partition holding /usr when you ran "make" in > > /usr/ports/x11/gnome. Remove the build files with "rm -r /usr/ports/pobj" > > (or remove /usr/ports completely if you don't need it). > > Before removing I looked for "pobj" under /usr/ports but did not find it: > > bash-5.0$ cd /usr/ports/ > bash-5.0$ ls > CVS cad games mathprint > Makefilechinese geo meta > productivity > README comms graphicsmiscsecurity > archivers converters infrastructure multimedia shells > astro databases inputmethodsnet sysutils > audio devel japanesenewstelephony > benchmarks editors javaplan9 tests > biology education korean plist textproc > books emulators langports.pub www > bulkfonts mailports.sec x11 > > Is there a way of expanding the space in the /usr directory? > > > > > The default auto-partitioning sizes do not give enough space to place > > ports under /usr and build anything other than the smallest ports. > > > > > >
Re: sometimes graphics is slow, with high Xorg CPU usage
On Wed, 2021-03-10 at 07:54 +, Stuart Henderson wrote: > On 2021-03-09, Aaron Miller wrote: > > For some time now, my -CURRENT system will occasionally get > > into a > > state where graphics is slow to refresh and the Xorg uses ~50% > > of > > CPU. I notice this in Firefox or GVim when repeatedly pressing > > PgDn on a long site/file, and in Evolution (emails are slow to > > load, and text input is laggy when composing a message). > > > > OpenBSD 6.9-beta (GENERIC.MP) #366: Sun Feb 28 07:15:39 MST > > 2021 > > Update your snapshot and see how it goes. It seems to be fixed now. I followed these steps in order: 1) test ===> not fixed 2) set "machdep.allowaperture=1" in /etc/sysctl.conf and reboot 3) test ===> not fixed 4) upgrade snapshot and reboot 5) realize I'm behind on openbsd.org/faq/current.html so I run this: cd /dev && ./MAKEDEV dri 6) reboot 7) test ===> fixed Thanks for the help! --Aaron
Re: 6.8 with gnome boots to xterm after upgrade
On 2021-03-10, Sivan ! wrote: > Thank you. Please see inline: > > On Tue, 9 Mar 2021 at 13:03, Stuart Henderson wrote: >> >> On 2021-03-08, Sivan ! wrote: >> > Thank you. One unresolved issue. While running fetch, there was an >> > error pop up that said /usr directory is out of space, though an >> > entire 250 GB nvme is for OpenBSD, almost with no user files, except >> > for the ports tree that was being downloaded b the fetch command. >> > When installing OpenBSD in a 250 GB nvme, I chose GPT and let the >> > installer decide on partitions. But something went wrong. >> >> The disk is split into partitions. Run df -h to see what's free. > > This is what I see: > > bash-5.0$ df -h > Filesystem SizeUsed Avail Capacity Mounted on > /dev/sd2a 986M128M809M14%/ > /dev/sd2l 168G5.2G155G 3%/home > /dev/sd2d 3.9G324M3.4G 9%/tmp > /dev/sd2f 5.8G5.1G432M92%/usr > /dev/sd2g 986M239M697M26%/usr/X11R6 > /dev/sd2h 19.4G4.9G 13.5G26%/usr/local > /dev/sd2k 5.8G116M5.4G 2%/usr/obj > /dev/sd2j 1.9G2.0K1.8G 0%/usr/src > /dev/sd2e 15.3G 36.5M 14.5G 0%/var > > >> >> To convert "marketing capacity" for a drive (given in "decimal GB") into >> usable capacity in binary GB (some people call this GiB), use this >> calculation: >> >> (97696368+(1953504*(capacity-50)))/2048 >> >> (The formula is from IDEMA LBA1-03 plus a conversion from 512-byte LBA >> blocks to GB) >> >> So for 250GB >> >> (97696368+(1953504*(250-50)))/2048 = 238475.1796875 > > Thank you. The issue is that in the bios I see two entries, the entry > that is listed as > "Samsung SSD 970 EVO Plus 250 GB (238476 MB)" is sometimes > automatically selected to boot, the boot process halts with a one line > "No active partition error. Then I have to get into bios to choose the line > that says "line No 1: UEFI OS (samsung SSD EVO 970 Plus 250 GB)" This > is why I raised the 30 blocks / GB-MB issue. > >> >> Then there's a little extra used for filesystem structures. >> >> >> > It started with the warning: Not all of the space available to >> > /dev/nvme0n1 appears to be used, you can fix the GPT to use all the >> > space (an extra 30 blocks) or >> > continue with the current setting? >> >> 30 blocks is nothing. Leave this alone. > > Yes, I will leave the 30 blocks alone. >> >> > Does this imply that the 232.89 GiB is OpenBSD area, but somehow with >> > "no active partition" which is perhaps the reason why there was an >> > error message during fetch that said /usr directory is low on disk >> > space ? >> >> You filled the partition holding /usr when you ran "make" in >> /usr/ports/x11/gnome. Remove the build files with "rm -r /usr/ports/pobj" >> (or remove /usr/ports completely if you don't need it). > > Before removing I looked for "pobj" under /usr/ports but did not find it: > > bash-5.0$ cd /usr/ports/ > bash-5.0$ ls > CVS cad games mathprint > Makefilechinese geo metaproductivity > README comms graphicsmiscsecurity > archivers converters infrastructure multimedia shells > astro databases inputmethodsnet sysutils > audio devel japanesenewstelephony > benchmarks editors javaplan9 tests > biology education korean plist textproc > books emulators langports.pub www > bulkfonts mailports.sec x11 Not sure what's in ports.pub and ports.sec but those aren't part of the normal ports tree.. I think you just need to rm -r /usr/ports then, or move it to another partition (e.g. you could move it to /home/ports and set PORTSDIR=/home/ports in /etc/mk.conf; do not use a symlink). > Is there a way of expanding the space in the /usr directory? If you want that, I can only really suggest reinstalling with different partition sizes and restore from backups. It's *possible* to do some rearranging of partitions but it's delicate and I think you would need to be more familiar enough with OpenBSD to do that without breaking things. >> The default auto-partitioning sizes do not give enough space to place >> ports under /usr and build anything other than the smallest ports. Normally I create an extra partition for /usr/ports when installing, probably wants to be at least 10G, or more if you expect to build large things from ports. But I only do that on machines where I do ports development, otherwise I just use packages.
