Re: Building libav/ffmpeg x264 on 5.4
Since ffmpeg is linked against x264 you could just use it to read and encode stuff to mp4. There is a guide[1] about how to do 2 pass, use presets and the rest. You can also use -x264opts to pass options directly to libx264 (but it doesn't support everything). [1] https://trac.ffmpeg.org/wiki/x264EncodingGuide 2014-03-27 4:17 GMT-04:00 Stuart Henderson s...@spacehopper.org: On 2014-03-26, Michael Lackner michael.lack...@unileoben.ac.at wrote: As for the other posts: Installing ffmpeg as a package can be done, but x264 would refuse to link against it. Could that be something as simple as needing to include -L/usr/local/lib in LDFLAGS when configuring x264?
Re: snapshots total freeze
This makes me think about a problem I had with an Eeepc a while back. I never reported it because I tracked that down to a faulty SSD that would just hang the machine when accessing certain sectors. The way I verified this was to run dd if=/dev/rwd0c of=/dev/null bs=1m (with the appropriate device node for your drive) and see if it completes. Do this for all your mounted drives and you may find the culprit. 2012/12/25 Philip Guenther guent...@gmail.com On Tue, Dec 25, 2012 at 2:57 PM, frantisek holop min...@obiit.org wrote: hmm, on Tue, Dec 25, 2012 at 11:31:43PM +0100, Marc Espie said that On Tue, Dec 25, 2012 at 11:23:06PM +0100, frantisek holop wrote: (difficult to believe no people see this, every notebook i had since 2008 could not shutdown cleanly 50-70% of the time) I don't know what you do with your machines, or what specific hw you have that causes this. My machines shutdown gracefully most of the time. I'll second that. When mine hang it's because I have a bug in whatever diff I'm working on... (the dmesgs of all my current and previous notebooks can be found in the misc archive). thinkpad, ideapad, eeepc, all of them showed this behaviour. i use these machines for simple daily use. browsing, some development work, etc. as every day as it gets for unix users. So start eliminating differences. Does it hang over night if you never login? If not, then it's something you're running that does it. So login and logout and see whether it's some daemon started by your .xsession (dbus? that gkrellm thing that caused a 1+ load?) that causes it. If it does hang even if you don't login, then start checking off the system daemons. What if X is never started? Heck, boot to single user and leave it there over night. You were seeing ACPI taking more and more memory before; is that still happening? Is there a correlation between that and the hangs? Make a hypothesis (it's caused by something in my .xsession), come up with a way to test it (see if it happens if I don't login) then do so. You have a problem; do SCIENCE on it. there are normally 2 ways of unclean shutdown: either syncing now and never done, or (on this ideapad) simply black screen, presumably still part of X, and never going to the console. i made this script to minimize damage: $ cat bin/ha.sh #!/bin/sh sudo sync sudo mount -u -r /data sudo halt -p Does the hang in sync happen if you're not running any processes as you? Only happens if certain filesystems are mounted? What are the prerequisites on it hanging? Since this doesn't seem to affect developers, you're going to have to do the science. Philip Guenther -- La brigade SnW veut vous recruter - http://www.brigadesnw.ca
Re: Hardware Spec Search Engine?
2010/7/16 jwesleycoo...@cox.net: This is the output of lspci on my current OpenSuSE partition: 00:00.0 Host bridge: Intel Corporation Mobile 4 Series Chipset Memory Controller Hub (rev 07) 00:02.0 VGA compatible controller: Intel Corporation Mobile 4 Series Chipset Integrated Graphics Controller (rev 07) 00:02.1 Display controller: Intel Corporation Mobile 4 Series Chipset Integrated Graphics Controller (rev 07) 00:1a.0 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #4 (rev 03) 00:1a.1 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #5 (rev 03) 00:1a.2 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #6 (rev 03) 00:1a.7 USB Controller: Intel Corporation 82801I (ICH9 Family) USB2 EHCI Controller #2 (rev 03) -00:1b.0 Audio device: Intel Corporation 82801I (ICH9 Family) HD Audio Controller (rev 03) 00:1c.0 PCI bridge: Intel Corporation 82801I (ICH9 Family) PCI Express Port 1 (rev 03) 00:1c.1 PCI bridge: Intel Corporation 82801I (ICH9 Family) PCI Express Port 2 (rev 03) 00:1c.2 PCI bridge: Intel Corporation 82801I (ICH9 Family) PCI Express Port 3 (rev 03) 00:1c.3 PCI bridge: Intel Corporation 82801I (ICH9 Family) PCI Express Port 4 (rev 03) 00:1c.4 PCI bridge: Intel Corporation 82801I (ICH9 Family) PCI Express Port 5 (rev 03) 00:1c.5 PCI bridge: Intel Corporation 82801I (ICH9 Family) PCI Express Port 6 (rev 03) 00:1d.0 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #1 (rev 03) 00:1d.1 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #2 (rev 03) 00:1d.2 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #3 (rev 03) 00:1d.7 USB Controller: Intel Corporation 82801I (ICH9 Family) USB2 EHCI Controller #1 (rev 03) 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev 93) -00:1f.0 ISA bridge: Intel Corporation ICH9M LPC Interface Controller (rev 03) -00:1f.2 SATA controller: Intel Corporation ICH9M/M-E SATA AHCI Controller (rev 03) -00:1f.3 SMBus: Intel Corporation 82801I (ICH9 Family) SMBus Controller (rev 03) -08:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 03) -0e:00.0 Network controller: Broadcom Corporation BCM4312 802.11b/g LP-PHY (rev 01) -1a:00.0 FireWire (IEEE 1394): O2 Micro, Inc. Device 10f7 (rev 01) 1a:00.1 SD Host controller: O2 Micro, Inc. Device 8120 (rev 01) 1a:00.2 Mass storage controller: O2 Micro, Inc. Device 8130 (rev 01) The ones I marked with a dash are those I can't seem to find on the amd64 compatibility list... so will they not work, and/or what must I do to make them work after or during the install? I really doubt that the ISA bus and the SATA controller will not be supported. For the wired network card, check the rl(4) and/or re(4) man page for it. Or just boot a kernel and see. On the other and I'm pretty sure that Broadcom card is not supported (since they won't give docs), and firewire is also not supported. To make the broadcom card work (if it doesn't, try it) you would have to either convince Broadcom to release the docs to write a driver or reverse-engineer it. As for Firewire, it was supported at one point and then taken out. I can't remember why and I don't care enough to search the archives. Anyway, what's really getting me is that no matter what I do, I can't seem to figure out how on Earth one determines what exactly will work and what won't? B What search or analysis techniques are used to figure this out? B I just can't seem to locate this kind of info on my own, and it's driving me *nuts*, so please, tell me how on earth you guys actually figure this stuff out in the first place... As said before, the simplest way (if you actually have the hardware) is to boot an install image and see what shows up as not configured. That is what is unsupported. ~John Wesley Cooper Dmitrij D. Czarkoff czark...@gmail.com wrote: jwesleycoo...@cox.net wrote: but once again I find myself beating my head against the proverbial brick wall trying to find the *actual* specifications for my hardware. B Is there, by any chance, a search engine that will accomplish this particular purpose? Well, what OS are You running right now? If Linux, Your primary sources of informations should be `lspci', `lsusb', `lsmod' and `zgrep /proc/config.gz'. If windows, device manager would somehow help, but the rest of data should be still found on internet. If You have a laptop or a barebone system, the query [modelname] linux should give You reasonable results in google. If You have a desktop, You can just use the data printed on hardware to determine details. Effectively, if You just want to get an idea of the degree of Your hardware support in OpenBSD, You may just boot the install medium and read dmesg without actually installing anything - You'll get the idea. -- Dmitrij D. Czarkoff -- La brigade
Re: updating packages with ports binaries
Disclaimer: I am not a pkg tools expert, so if somebody comes along and correct me (especially espie@) then they are right. 2010/4/10 Andreas Gerdd kryptos...@gmail.com: I follow stable tree, OPENBSD_4_6 branch. I'd like to update some of my packages. As an example, # pkg_add -unvi tiff gives the following message; 'No need to update tiff-3.8.2p4' This message is pkg_add searching for package matches in $PKG_PATH and not finding any that are newer than the one installed. Note that once a match for the package stem is found (the tiff- part) then the search stops at that point and it won't look for matches in the rest of the $PKG_PATH. So if you want to put your -stable ports along with a -release mirror you need to put /usr/ports/packages/i386/all first in the $PKG_PATH. but my /usr/ports (OPENBSD_4_6) has tiff-3.8.2p5. After running 'make package' inside ./graphics/tiff, i got the binary file tiff-3.8.2p5.tgz from /usr/ports/packages/i386/all and i replaced the old tiff package with that one by doing pkg_add -rvi ./tiff-3.8.2p5.tgz I wonder if that would create any problem. As the system says 'No need to update tiff-3.8.2p4'. (I know that its already the latest one from packages) but i still update them to higher versions with my stable ports binaries. I had to do the same for my php5 package too, (from php5-core-5.2.10 to php5-core-5.2.12) Because i was getting httpd segfault crashes (suhosin?) with the latest stable php5 package. (php5-core-5.2.10) Is this a mistake? Is it ok to replace an installed package with a higher version of it from the ports? Normally, as long as you do not use -F something as an option to pkg_add, everything you do with it is safe. (caveat: sometimes there are major upgrades, like for postgresql that require extra actions, but those are when you change releases) Thanks. Arnaud
Re: Growing a /dev/svnd
2010/3/9 Tor Houghton t...@bogus.net: List, If one wanted to increase the size of an existing device configured with vnconfig, I presume that one could use disklabel and growfs on this partition. To do so, however, one would need to increase the size of the file which vnconfig uses as the device (I presume). What is the best way of increasing the size of this container file? Create the extension using dd and then 'cat extension containerfile'? Or by using dd directly with a (skip? seek?)? I understand that best is rather subjective; any and all suggestions appreciated. Many thanks! I had a script once that did the 'cat ' version. I don't have it anymore but the steps were: unconfig vnd copy diskfile to diskfile.bak dd if=/dev/zero size=some size | cat diskfile config vnd growfs vnd fsck vnd mount vnd and if any of the last five step fails, revert to diskfile.bak Apart from that I don't think you will have an 'official' or even 'recommended' way to do this (apart from the backup steps). Arnaud Tor
Re: How to verify ports.tar.gz in mirrors - and similarly packages?
2009/5/11 Cem Kayali cemkay...@eticaret.com.tr: Actually, i read through those messages, and in biref it is said that we think it's worse to sign packages than not to sign them if you don't have a fairly strict process that ensures you have a correct chain of trust. Without that, signatures provide a false sense of security that doesn't match anything... If someone use checksum on mirrror, it does not make sense but if someone uses checksums from either CD or ssh'ed anonCVS server, i think it is fine (_not?_) Lets forget about packages... then is it (below) the best way to have almost ideal system? - Buy CD rom, since it is original. Install original packages. - If a packages is not on CD then get ports.tgz through anoncvs server and built by compiling. ports.tar.gz is on the CD. As is src.tar.gz. (look on CD3 if you have them) Patience is a virtue, and helping too, and i thank you for your reply. Really. Regards, Cem Jasper Valentijn, 05/11/09 18:41: 2009/5/11 Cem Kayali cemkay...@eticaret.com.tr: If someone (who knows) reply, i would appreciate... Patience is a virtue... If i would download packages through a mirror server, how could i validate their checksum? Please note, i'm NOT mentioning about using checksum on mirror server, which is not valid if B the packages are already compromised... Shouldn't these checksums exist on openbsd.org main web site at least? http://marc.info/?l=openbsd-miscw=2r=1s=packages+checksumq=b And read. If you've downloaded ports.tar.gz, untared it and done a cvs up -C -Pd you can be sure it's in sync with the cvs server... since i couldn't see a list of md5/sha256(512) sums of those in main www.openbsd.org website ---nor somebody mentions they are in cdroms? Maybe i can get ports via anoncvs but not packages. Well, ordering cd-rom is not a problem, but it does not contain all the software i wish -probably. It does support the project and does contain a clean ports tarbal. I'm sorry if this looks like 101 OpenBSD question, this is just how NetBSD (that i use) handles. You're not the first to ask and not the first who didn't search the archives before asking... -- B We spend the first twelve months of our children's lives teaching them to walk and talk and the next twelve telling them to sit down and shut up. -- La brigade SnW veut vous recruter - http://brigade.snw.googlepages.com
Re: bsd-airtools and Ralink
2009/5/10 Kaltashkin Eugene zhe...@gmail.com: Nenhum_de_Nos wrote: somebody generate wrong packets on my wifi channel and block access to my ap. i need dump some info from air packets for detect this intruder and block it by mac. you should not use /dev/ral0. use just ral0 instead. dstumbler always print error message :( You are missing: - dmesg - (in this case) output of ifconfig -a Without these everything you hear is just a shot in the dark. (Or completely useless).
Re: Can't scp, ssh is slow to authenticate.
2008/7/21 Nuno MagalhC#es [EMAIL PROTECTED]: I'm trying to scp from Debian to OpenBSD on two local machines but it's obviously not working. They're connected through a router and i can scp to another local Debian machine. Here's the output: [EMAIL PROTECTED]:~ scp -vr ~/folder/folder/ 192.168.2.80:~ Executing: program /usr/bin/ssh host 192.168.2.80, marksandman (unspecified), command scp -v -r -t ~ OpenSSH_4.7p1 Debian-12, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.2.80 [192.168.2.80] port 22. debug1: Connection established. debug1: identity file /home/marksandman/.ssh/id_rsa type -1 debug1: identity file /home/marksandman/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.8 debug1: match: OpenSSH_4.8 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-12 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server-client aes128-cbc hmac-md5 none debug1: kex: client-server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '192.168.2.80' is known and matches the RSA host key. debug1: Found key in /home/marksandman/.ssh/known_hosts:6 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received Then it hangs for about a minute or so... the same delay happens if i run ssh 192.168.2.80 (only ssh works without a problem). debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /home/marksandman/.ssh/id_rsa debug1: Trying private key: /home/marksandman/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: password [EMAIL PROTECTED]'s password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug1: Sending command: scp -v -r -t ~ 6:52PM up 4 days, 56 mins, 0 marksandmans, load averages: 0.11, 0.09, 0.08 Am I the only one noting this line in the output. I don't think scp wants to have load averages. It think it is a problem with the shell non-interactive initialization script. [EMAIL PROTECTED]:~ debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: channel 0: free: client-session, nchannels 1 debug1: fd 0 clearing O_NONBLOCK debug1: fd 1 clearing O_NONBLOCK debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.8 seconds debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0 debug1: Exit status 0 And i get my local prompt again, no files copied. I've also tried scp -vr -o User marksandman ~/folder/folder/ 192.168.2.80:~ with the same results. Yes, it's the same username on both machines. I can scp to my college account and to a friend's server without issues. I can also scp to my college from OpenBSD. Any suggestions to this? Quite obviously the scp manpage doesn't really give a solution to this. I've also tried forcing ssh protocol 2 as well as IPv4. -- Nuno MagalhC#es -- La brigade SnW veut vous recruter - http://brigade.snw.googlepages.com
Bug in pfctl parser?
I just did an upgrade to 4.3 on my home firewall and upon reboot pfctl
found syntax errors in my pf.conf.
I have narrowed down the problem to this:
ssh = 22
list = { $ssh }
So basically it seems that the syntax for creating lists with macros
is not supported anymore. However, reading the man page yields one
example of such syntax. Reviewing the changes between 4.2 and 4.3
and the cvs log for the pfctl parse.yy did not yield any clues as to
whether the syntax was dropped or modified
The temporary fix I used is to just replace the variables by their
value like for the above example:
list = { 22 }
If there was a change of which I am not aware in the syntax then
please apply cluestick, otherwise, I am ashamed none of the users (me
included) found this before the release.
Arnaud
Re: when was a pkg installed !!!
2007/11/7, STeve Andre' [EMAIL PROTECTED]: On Wednesday 07 November 2007 17:51:09 Matthias Kilian wrote: On Wed, Nov 07, 2007 at 05:16:53PM -0500, Josh Grosse wrote: i ran pkg_info with all common options but none tell me when was the pkg installed!!! $ ls -l /var/db/pkg/your package here No. Those files and directories are also touched when depending packages are installed or updated. OK, that makes sense. So can the addition date of a package be determined? stat -f%Sc /var/db/pkg/pacakge name should give you the change time of the inode. I am not exactly certain if this will always correspond to the install time, but on my machine, it does. --STeve Andre' -- La brigade SnW veut vous recruter - http://brigade.snw.googlepages.com
Re: Questions: Upgrade + Port Tree
2007/8/26, Sean Darby [EMAIL PROTECTED]: Basically, can I just download the 4.1/ports.tar.gz and tar it into /usr (after I finish my 4.1 upgrade and /etc upgrade)? (Overwrite or remove the old port tree?) Yes Sean -- La brigade SnW est une spC)cialitC)
Re: 4.1 upgrade problem
For the archives: After a lot of head scratching, I discovered that symlinking /var/www to somewhere else using an absolute path causes problems such as what I was seeing during install. It is normal since the root location changes. Use relative symlinks.
Re: Interface traffic counters
On 6/21/07, Claudio Jeker [EMAIL PROTECTED] wrote: On Wed, Jun 20, 2007 at 09:24:16PM -0400, Arnaud Bergeron wrote: I have a problem where I need to know how much traffic has passed on a given interface. I don't need it broken down by IPs, protocols or whatever of the sort. After a bit of research I discovered the SIOCGIFDATA ioctl that seems to do what I want. I built myself a little test application to try it out (see at the end of the mail for the code). The number it reports for my egress interface are weird though: $ ./ifbw pppoe0 bandwidth: 802865637b up 1907983523b down reduced: 765.67MiB up 1.78GiB down I am certain I downloaded at least 2.6GB in the last few days and uploaded at least 3.2GB. Also, for the outbound traffic shaping queue I have over this interface pftop reports 33Gb of traffic. So I have questions for the network gurus. Am I doing something incorrectly with my code below? If not, are the counters just out of whack and it's normal? Also, if anybody knows a better way to do this, please tell me. The if_data counters are defined as u_long which wrap at around 4.5GB. You need to use your own absolute counter and poll if_data from time to time. Switching to 64bit counters is not trivial but it will happen. Thanks, that explains why. -- :wq Claudio Arnaud
Interface traffic counters
I have a problem where I need to know how much traffic has passed on a
given interface. I don't need it broken down by IPs, protocols or
whatever of the sort.
After a bit of research I discovered the SIOCGIFDATA ioctl that seems
to do what I want.
I built myself a little test application to try it out (see at the end
of the mail for the code). The number it reports for my egress
interface are weird though:
$ ./ifbw pppoe0
bandwidth: 802865637b up 1907983523b down
reduced: 765.67MiB up 1.78GiB down
I am certain I downloaded at least 2.6GB in the last few days and
uploaded at least 3.2GB. Also, for the outbound traffic shaping queue
I have over this interface pftop reports 33Gb of traffic.
So I have questions for the network gurus. Am I doing something
incorrectly with my code below?
If not, are the counters just out of whack and it's normal?
Also, if anybody knows a better way to do this, please tell me.
Arnaud
The test code:
#include sys/types.h
#include sys/ioctl.h
#include sys/socket.h
#include net/if.h
#include err.h
#include stdio.h
#include stdlib.h
static struct if_data data;
int sd;
#define MAX_UNIT 9
static const char *sizes[MAX_UNIT] =
{ B, KiB, MiB, GiB, TiB, PiB, EiB, ZiB, YiB };
void reduce_size(double size, float *res, const char **unit) {
unsigned short unit_idx = 0;
while (size = 1024 unit_idx MAX_UNIT) {
size /= 1024.0;
unit_idx++;
}
*res = size;
*unit = sizes[unit_idx];
}
static struct if_data *get_if_data(char *name) {
struct ifreq ifr;
strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
ifr.ifr_data = (caddr_t) data;
if (ioctl(sd, SIOCGIFDATA, (char *) ifr) 0) return NULL;
return data;
}
int main(int argc, char **argv) {
float val;
const char *unit;
if (argc != 2) {
fprintf(stderr, usage:\n);
fprintf(stderr, \tifbw ifname\n);
exit(2);
}
sd = socket(AF_INET, SOCK_DGRAM, 0);
if (sd == -1) err(1, socket);
if (get_if_data(argv[1]) == NULL) err(1, ioctl);
printf(bandwidth: %lub up %lub down\n, data.ifi_obytes, data.ifi_ibytes);
reduce_size(data.ifi_obytes, val, unit);
printf(reduced: %.2f%s up, val, unit);
reduce_size(data.ifi_ibytes, val, unit);
printf( %.2f%s down\n, val, unit);
return 0;
}
--
No, we're keeping them for 4.2 Ultimate Edition which will be
available for the low low price of $595.00. -- dlg@, talking about the
hackaton network changes.
Re: new openbsd 4.0 server, panic on ufsdirhash
[snip] OK, now I'm clueless why this happens. I didn't see in your verbose dmesg at all any obvious PCI busses or devices. Yet the normal dmesg lists your PCI devices. I could be reading the devices wrong, but I read in your verbose dmesg that it found: 1: Audio 2: Realtek Ethernet (probably a PCI device??) 3: isa0 bus 4: Keyboard/mouse ports (which I really think they are attached on the ISA bus, internally on the motherboard) 5: speaker (again, same as #4, on the ISA bus in the motherboard) 6: parallel (ditto) 7: npx0 (I think this is your coprocessor, and I don't know what bus it is on) 8: COM/Serial ports (ditto as #4) 9: Floppy drive (I would think this is on the ISA bus, but I am not sure) Aside from #2, the realtek ethernet, I am not seeing any signs of PCI detection. But how can it boot off the drive, which is on pciide0 (from original, normal dmesg in digest #783). That device sure looks like it's on the PCI bus. I'm lost on this one, I totally expected to see anything, SOMETHING about the pci bus (wouldn't it be pci0?). I think we are missing the top of the dmesg (notice how you don't see the copyright notice) This must be because all the verbosity overflow the 4k buffer for the dmesg. Aside from that, I'm sorry I can't help much. John did state he has another version, and if *THIS* thing fails horribly bad on trying to get more information, I would try the other version. I'm not sure if the 4.1-RELEASE (at least the sparc32 one) was done correctly, I have a simple 64MB sparcstation5 that after I came home from work one day, the box was at the 4th prompt (for ya i386 folks, that's similar to the BIOS/SETUP program). A day or two later the same box, same config, same everything was waiting on a ddb prompt with what seemed to be a runaway application (smbd, ddb's ps command just kept endlessly returning smbd as processes running on the box). The only change to this box was an addon SBUS 4-port ethernet board. Anyway, I got sidetracked in the basic statement that there may be something wrong with the comp41.tgz set? bad press? bad release process on OpenBSD? I can't pin it down, but I didn't have *ANY* problem with 4.0, in any of it's platforms. The above paragraph may start flaming, and I want to defuse it right now. The problem I have above may not at all be related to John's original problem, but I've also seen other people having trouble installing 4.1 on this mailing list and wonder if it has something related/linked that we can use. Heck, my 4.1 i386 CD I burned locks up my keyboard/kvm so bad that I have to push the buttons on the front to reboot. It gets to the install, upgrade, shell and then locks up. John, please try 4.0 and then doing a source upgrade to 4.1, if this verbose dmesg doesn't help anybody. Sorry for bringing it up :( Good luck. If opportunity doesn't knock, build a door. I can is a way of life. More and Bigger is not always Better. The road to success is always uphill.
Re: Do you *need* to build -stable userland with a -stable kernel?
On 3/10/07, Sunnz [EMAIL PROTECTED] wrote: Please correct me if I am wrong... but I thought that if the same source and make file etc. was used, the kernel that was used to build it is irrelevant, i.e. the same version of gcc running or newer and older version of kernel should ultimately 'spit out' the same binary, given the same source, makefile, etc.?? No? BTW, `make build` has been completed, on the new kernel, new userland, without errors. [...] I think there is a bit of misunderstanding here. The rules STeve stated apply if you track -current, which is not what you do. There are never any flag days on -stable and no snapshots. If your system crashed (as in kernel panic) while building -stable on a -release system I would start to investigate the hardware (depending on the exact nature of the crash). If you get compilation errors then most likely you did something bad. At this point since we have no details on the error you obtained (or even which arch you are on), I can not help you further. As for having a stable system, if you sucessfully build the userland and the kernel from the same sources without rebooting or voodoo in between, you should be fine. -- I'm trying to launch the internet; so I open a terminal and go percent sign 'Internet' at the prompt and it doesn't work. What gives??!! -- random troll
Re: Patching and/or updating
On 3/10/07, Lars D. NoodC)n [EMAIL PROTECTED] wrote: Thanks. On Sat, 10 Mar 2007, Nico Meijer wrote: Read release(8) and follow that procedure. Build once, deploy at will. Building my own release looks useful when I deal with more machines later. I didn't this time so, so there is no /usr/src directory to work with. ie. The first step in that document fails: cd /usr/src cvs up -r OPENBSD_4_0 ksh: cd: /usr/src - No such file or directory How about mkdir /usr/src and then going on with the rest? This should be obvious. However, it looks like the only way: Patches for the OpenBSD Operating System are ... NOT distributed in binary form. This means that to patch your system you must have the source code from the RELEASE version of OpenBSD readily available. In general, you should have the entire source tree available - http://www.openbsd.org/faq/faq10.html#Patches If it's not in the stable branch, you don't want it. Stick to -stable. Works for me. :) IIRC from a thread earlier this week, 4.6 will probably be merged with 4.0-stable, but you'll have to check the archives. Very nice. -Lars Lars NoodC)n ([EMAIL PROTECTED]) Ensure access to your data now and in the future http://opendocumentfellowship.org/about_us/contribute -- I'm trying to launch the internet; so I open a terminal and go percent sign 'Internet' at the prompt and it doesn't work. What gives??!! -- random troll
Re: ld segfaults in OpenBSD 3.9
On 12/1/06, Karel Kulhavy [EMAIL PROTECTED] wrote:
The default linker in OpenBSD 3.9 segfaults reproducibly:
[EMAIL PROTECTED]:~$ gcc -o -Wall wav2bin wav2bin.c
Try
$ gcc -Wall -o wav2bin wav2bin.c
But there is still a problem. If you link a source file with its
resulting binary, it segfaults ld:
[EMAIL PROTECTED]:/home/anakha/dev/c/tmp$ cat test.c
int main() {
return 0;
}
[EMAIL PROTECTED]:/home/anakha/dev/c/tmp$ gcc -o test test.c
[EMAIL PROTECTED]:/home/anakha/dev/c/tmp$ gcc -o -Wall test test.c
collect2: ld terminated with signal 11 [Segmentation fault], core dumped
test(.init+0x0): In function `__init':
: multiple definition of `__init'
/usr/lib/crtbegin.o(.init+0x0): first defined here
test(.text+0x0): In function `_start':
: multiple definition of `__start'
/usr/lib/crt0.o(.text+0x0): first defined here
test(.data+0x0): multiple definition of `__progname'
/usr/lib/crt0.o(.data+0x0): first defined here
test(.text+0x0): In function `_start':
: multiple definition of `_start'
/usr/lib/crt0.o(.text+0x0): first defined here
test(.fini+0x0): In function `__fini':
: multiple definition of `__fini'
/usr/lib/crtbegin.o(.fini+0x0): first defined here
test(.text+0x18): In function `___start':
: multiple definition of `___start'
/usr/lib/crt0.o(.text+0x18): first defined here
/tmp//ccK15620.o(.text+0x0): In function `main':
: multiple definition of `main'
test(.text+0x1b8): first defined here
/usr/lib/crt0.o(.dynamic+0x0): multiple definition of `_DYNAMIC'
/usr/lib/crt0.o(.got.plt+0x0): multiple definition of `_GLOBAL_OFFSET_TABLE_'
--
I'm trying to launch the internet; so I open a terminal and go
percent sign 'Internet' at the prompt and it doesn't work. What
gives??!! -- random troll
Re: Assistance with kernel pppoe
On 11/23/06, Alden Pierre [EMAIL PROTECTED] wrote: Hello all, I'm able to get userland pppoe working, but I'm having a hard time getting kernel pppoe to work properly. Here are my config files. Is there anything I'm doing wrong, I believe my config file follows what man 4 pppoe states. # file /etc/hostname.pppoe0 inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev xl0 \ authproto pap authname 'username' \ authkey 'password' up !/sbin/route add default 0.0.0.1 The only thing I can tell you is that I don't have the final 'up' and it work for me. # file /etc/hostname.xl0 up Post the ouput of the 'dmesg' and the 'ifconfig -a' command (watch out for the username printed in the output for pppoe if you are paranoid) and I'll try to figure it out. Regards, Alden
Re: Assistance with kernel pppoe
On 11/23/06, Andreas Bihlmaier [EMAIL PROTECTED] wrote: On Thu, Nov 23, 2006 at 12:24:21PM -0500, Alden Pierre wrote: Hello all, I'm able to get userland pppoe working, but I'm having a hard time getting kernel pppoe to work properly. Here are my config files. Is there anything I'm doing wrong, I believe my config file follows what man 4 pppoe states. # file /etc/hostname.pppoe0 inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev xl0 \ authproto pap authname 'username' \ ^^-- NEEDED? authkey 'password' up ^^-- NEEDED? !/sbin/route add default 0.0.0.1 I did not verify whether it matters, but I do not use `'` in my hostname.pppoe0. This ends up getting run by /bin/sh so it is a matter of interpretation by the shell: $ echo foo foo $ echo 'foo' foo And since the command receives the same string there is no problem. If the username/password are purely alphanumeric it is not needed, but if they contain special characters for the shell, they should be between single quotes so that ifconfig gets them right. # file /etc/hostname.xl0 up Regards, Alden Regards, ahb -- I'm trying to launch the internet; so I open a terminal and go percent sign 'Internet' at the prompt and it doesn't work. What gives??!! -- random troll
Re: Nintendo Wifi Connector and Nintendo DS (WEP)
On 11/3/06, Sam Fourman Jr. [EMAIL PROTECTED] wrote: Does OpenBSD accually run on a Nintendo DS? No, unless someone has a hidden port. is it a i386? or ARM? ARM. Sam Fourman Jr. -- I'm trying to launch the internet; so I open a terminal and go percent sign 'Internet' at the prompt and it doesn't work. What gives??!! -- random troll
Re: pppoe connects but not traffic is passing
On 9/12/06, Marc Peters [EMAIL PROTECTED] wrote: [snip] /etc/hostname.pppoe0: inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev rl0 authproto pap authname myname authkey secret up You still need the !/sbin/route add default 0.0.0.1 in the new hostname.pppoe0. [snip] -- What is your function in life? - Killer
Re: preferred hardware platform
On 9/10/06, Will Maier [EMAIL PROTECTED] wrote:
On Sun, Sep 10, 2006 at 11:39:57AM +0530, Raja Subramanian wrote:
rdiff-backup however, does not suffer from this problem.
And it's a bit more space efficient than rsnapshot as
well. Give it a shot and I doubt you'll be disappointed.
I've had an experimental port of rdiff-backup 1.0.4 and librsync
(upon which it depends) available[0] for a month or two. I haven't
looked at it much since the ports tree locked, but it's working well
on several systems running -current.
I also have as a local port, because I needed a quick and dirty backup
solution. However, before I trust my system backup to this, I would
have to go through the librsync code and clean it up a lot. It's
scary.
Feel free to give it a try; I'd be glad to get feedback on it, but
it won't be a priority until after the thaw.
[0]http://www.lfod.us/openbsd/ports.html#rdiff-backup
http://www.lfod.us/openbsd/ports.html#librsync
--
o--{ Will Maier }--o
| web:...http://www.lfod.us/ | [EMAIL PROTECTED] |
*--[ BSD Unix: Live Free or Die ]--*
--
What is your function in life? - Killer
Re: Kernel panic in openssl on fresh minimal install
On 8/24/06, Jeff Bromberger [EMAIL PROTECTED] wrote: I'm a new openbsd user (or I should say I'm attempting to be) and I'm not having a ton of luck here. I bought the cd set (i386) and it arrived yesterday. During the install, the base39.tgz file seemed to be corrupt and the install would crash, the kernel would panic and the machine would reboot. This happened while processing the perl files in the archive FWIW. Anyway, I then switched over to doing an ftp install and that seemed to make it through the packages ok. I only did the base packages and no X stuff. I did select sshd and ntpd to run by default. After completing the install and rebooting, openssl appears to crash . I was going to boot off the cd and change the config to skip sshd from starting, but I wanted to post this to the list first in case anybody else wants me to run an additional debugger command. I'm still sitting at the ddb prompt at the moment. This seems like bad hardware to me. Most likely the memory but it may be something else. Thanks, Jeff ps. the hardware is a basic desktop w/750MHz AMD duron, 256MB ram, 30GB IDE disk, realtek ethernet, ide cdrom and not much else... - [snip] -- What is your function in life? - Killer
Re: G5 panic on boot from install media
I tried with -current (22/08) this morning and it does not panic. It hangs after this message: WARNING: unable to get date/time -- CHECK AND RESET THE DATE! Just after the rootdev= line. Also for Miod, It show the same message 'uhub0: device problem, disabling port 2'. I tried other ports as well as other usb keyboards (all apple though) and still no luck. Also, maybe worth mentioning: someone made that appropriate remark that the PowerMac G5 Dual-cores are marked as unsupported in the hardware compatibility pages (In the INSTALL file it says PowerMac G5 are supported, but I assume that's for the other models.) I am willing to work toward support for this machine so if any developper has something they want to test on it, send it to me.
G5 panic on boot from install media
I recently bought a G5 and tried to install 3.9 on it (from the official CD). It is an PowerMac G5 Dual-core 2Ghz. It panic'd with this message while booting bsd.rd (re-typed so some typos may creep in): WARNING: unable to get date/timepanic: lockmgr: locking against myself Stopped at Debugger+0x10: lwz r0,20(r1) I cannot give trace and ps output because apparently the usb keyboard is not supported (or does not work in ddb) It is worth mentioning that this panic occured just after a complete boot of the kernel. (Meaning it the line just before what I wrote was the rootdev=...) Does anybody have an idea what can I do to get trace/ps output. Should I try -current?
Re: Sigaltstack and pthreads (again)
On 8/20/06, Anthony Howe [EMAIL PROTECTED] wrote: I too am having problems using sigaltstack() in pthreads application. Otto's quote earlier this year of the Single Unix Specification http://www.sigmasoft.com/~openbsd/archives/html/openbsd-bugs/2006-03/msg00129.html Use of this function by library threads that are not bound to kernel-scheduled entities results in undefined behavior. Note that it says library threads. http://www.unix.org/single_unix_specification/ does not make sense to me. Reading from the man 3 pthreads: Thread stacks Each thread has (or should have) a different stack, whether it be provided by a user attribute, or provided automatically by the system. If a thread overflows its stack, unpredictable results may occur. System-allocated stacks (including that of the initial thread) are typically allocated in such a way that a SIGSEGV signal is delivered to the process when a stack overflows. Signals handlers are normally run on the stack of the currently executing thread. Hence, if you want to handle the SIGSEGV signal, you should make use of sigaltstack(2) or sigprocmask(2). How are you suppose to handle SIGSEGV when a thread blows its stack, if you cannot set the alternate stack for the SIGSEGV handler in the first place? I don't what happens when a thread other than the main blows its stack. But anyway, if you setup the alternate stack from the ain thread you should have no problems. (It may be true for other threads but I don't know.) There appears to be a contradiction here in the documentation. Are pthreads not kernel scheduled entities? The current pthreads implementation is all in userland. -- Anthony C Howe Skype: SirWumpusSnertSoft +33 6 11 89 73 78 AIM: SirWumpusSendmail Milter Solutions http://www.snert.com/ ICQ: 7116561 http://www.snertsoft.com/ -- What is your function in life? - Killer
Re: mirroring packages without much bandwidth overhead
On 8/15/06, Marc Espie [EMAIL PROTECTED] wrote: On Tue, Aug 15, 2006 at 11:40:18AM -0400, Arnaud Bergeron wrote: On 8/14/06, Stuart Henderson [EMAIL PROTECTED] wrote: On 2006/08/14 17:59, Arnaud Bergeron wrote: In which case, the patchlevel needs to be bumped (eg. foo-1.0.tgz - foo-1.0p0.tgz). No boom here, unless the maintaner was lazy. No, /usr/lib changes don't bump patchlevels of every package. You are right, but I was thinking about a dependancy in terms of other packages. You're still wrong, we would bump package names all the time otherwise. And we don't. There's a concept of package signature, built from the package name itself, and a freeze-dried version of every dependency used to build the package. That's what pkg_add uses to decide to update packages. As far as pkg names bumps go, we change pkgnames every time something *in the package directory itself* changes. Say, if we have to adjust WANTLIB, or DESCR, or something like that, then the package changes. That's the kind of thing the PLIST_DB database catches, since it will refuse to record distinct plists with the same package name (carefully dropping some information, like package signatures, for instance). This is done so that pkg_add can decide when to update: the pkg names, plus the pkg names of dependencies, are just enough to decide whether something is up-to-date or not. In fact, I need to write a patch so that messages like: Updating gimp-2.2.10 - gimp-2.2.10 appear less confusing. If you say so I'll admit I'm wrong. I tought I had read something that said package updates could be determined by package name only. Perhaps it was for an older version of the package tools. -- What is your function in life? - Killer
Re: mirroring packages without much bandwidth overhead
On 8/14/06, Stuart Henderson [EMAIL PROTECTED] wrote: On 2006/08/14 17:59, Arnaud Bergeron wrote: In which case, the patchlevel needs to be bumped (eg. foo-1.0.tgz - foo-1.0p0.tgz). No boom here, unless the maintaner was lazy. No, /usr/lib changes don't bump patchlevels of every package. You are right, but I was thinking about a dependancy in terms of other packages. -- What is your function in life? - Killer
Re: mirroring packages without much bandwidth overhead
On 8/14/06, Tobias Ulmer [EMAIL PROTECTED] wrote: On Mon, Aug 14, 2006 at 03:47:07PM +0200, Andreas Bartelt wrote: Hi, is there a simple way to efficiently mirror packages solely based on package filenames in order to reduce bandwidth overhead? I've tried to do this with rsync but as packages are constantly rebuilt, file size of packages changes regularly, and, therefore, the rsync option '--size-only' (which ignores timestamps) is insufficient for my purposes. I'd like to sync packages solely based on their file name. Is there a way to do this with rsync or with another tool? regards, Andreas Bad idea A package may need to be updated because a dependency changed - BOOM :) In which case, the patchlevel needs to be bumped (eg. foo-1.0.tgz - foo-1.0p0.tgz). No boom here, unless the maintaner was lazy. Tobias -- What is your function in life? - Killer
Re: Why ksh?
On 7/21/06, Damien Miller [EMAIL PROTECTED] wrote: Pedro TimC3teo wrote: Thanks, but all the solutions presented in that thread can't clear the screen when you're typing something AND keep what you've already typed. Why don't you add support for ^L yourself then? -d There's also the point that ksh does not do multi-line commands like bash does (not a statement of superiority, just a fact) so clearing the screen to have it all to enter a command is pretty useless. -- i think we should rewrite the kernel in java since it has good support for threads. - Ted Unangst
head.c usage function
On 5/30/06, Peter Blair [EMAIL PROTECTED] wrote: Be careful -- if you have an application say /usr/local/whatever/foo that is linked from /usr/local/bin/bar then when you call /usr/local/bin/bar it will populate bar as the argv[0] element. Wrong, argv[0] will be whatever was passed to execvp as the first element of the second argument. (If that is not clear remember that the second argument is a NULL-terminated array of char pointers.) Although in most cases it will be set to the name of the application or a path to it. This may be what you want, but then again, perhaps you want to know that foo is the application being called. __progname *should* ensure that foo is is being used when doing things like opening app-name specific logs etc. Wrong again, __progname is derived from argv[0]. That's what enable things like crunchgen to work by altering the function of the program based on its name. On 5/30/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I usually write a usage function to take a single argument, i.e. usage(const char *progname). When I call usage(), which is always from main(), I just pass in argv[0]. I'm under the impression that argv[0] being set to the name of the program is standard (could be wrong though). __progname is filled in at program initialisation time (in ___start) with everything after the last / in argv[0]. It has nothing to do with the compiler. If you don't trust me, trust the sources: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/csu/i386/crt0.c?rev=1.13content-type=text/x-cvsweb-markup -- i think we should rewrite the kernel in java since it has good support for threads. - Ted Unangst
Re: pppoe
On 4/19/06, Brendan Grossman [EMAIL PROTECTED] wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Arnaud Bergeron Sent: Wednesday, 19 April 2006 9:57 AM To: misc@openbsd.org Cc: Brendan Grossman Subject: Re: pppoe On Tue, Apr 18, 2006 at 11:52:47AM +0930, Brendan Grossman wrote: Hi everyone To bring up a pppoe connection, I use ppp -ddial provider But how do I take it down? Also how do I remove old tunx devices? # ifconfig tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1492 inet 219.90.xxx.xxx -- 203.2.124.224 netmask 0x Opened by PID 71830 tun1: flags=8010POINTOPOINT,MULTICAST mtu 1500 tun2: flags=8010POINTOPOINT,MULTICAST mtu 1500 inet 219.90.xxx.xxx -- 219.90.174.215 netmask 0x What the? How do I get rid of the others? tun0 seems to be only in use there. It seems strange to me that you have this problem because I once had a setup similar to yours (under 3.4-3.5-3.6) and never had this problem. Maybe you did not do something right, maybe it's a bug but without showing more info one can only guess. The info required here would be the version you are running, your ppp.conf file (sanitized to remove passwords, of course) and your linkup and linkdown script if they contain anything. On another topic, if you are running 3.7 or higher, you could give the in-kernel pppoe a try, unless, of course, you have already tried and some wierd thing your provider is doing prevents it from working. Hi Arnaud, Running 3.8-stable # linkup MYADDR: ! sh -c /sbin/pfctl -e -F all -f /etc/pf.conf No linkdown # ppp.conf default: set log Phase Chat IPCP CCP tun command set redial 15 0 set reconnect 15 1 This not needed when using -ddial mode. Trust the defaults. isp: set device !/usr/sbin/pppoe -i bce0 disable acfcomp protocomp deny acfcomp set mtu max 1492 set speed sync This looks good. enable lqr set lqrperiod 5 set cd 5 Why set the default explicitly? set dial set login Those are not needed with pppoe. set timeout 0 This is useless with -ddial, it's ignored. set authname [EMAIL PROTECTED] set authkey add! default HISADDR #enable dns enable mssfixup Cheers Brendan From what I know, it is probably set redial and set reconnect that is causing ppp to attempt a reconnect before the previous connection is completly closed. Try removing these and it -MAY- work. Also, simple is better, trust the default and specify the minimum configuration needed for it to work (see my comments above). Just to nag you a bit more, since your are running 3.8, why don't you try the in-kernel pppoe, it works great! (unless, you have tried it and it doesn't or you absolutly want something ppp does) Arnaud -- i think we should rewrite the kernel in java since it has good support for threads. - Ted Unangst
Re: Mounting remote filesystems from OpenBSD to OS X
On 4/20/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Thu, Apr 20, 2006 at 02:11:36PM +0100, Constantine A. Murenin wrote: Hi, I have an OpenBSD (file-)server at a remote location on the internet that is around 137ms away from an OS X 10.4 laptop. Is there a way to securely mount OpenBSD's filesystems from OS X in such a setting? Is using ssh port forwarding along with samba or nfs over tcp my only solution here? Which is likely to be faster -- nfs over tcp or samba? The first thing I don't like about smbfs clients is that they always use port 139, and there is no way to specify a different port, which is really annoying... Whilst looking at this topic now, I found sshfs.org, but there doesn't seem to be any activity around it since late 2003. As others pointed out, some VPN might be useful. If you can get both sides to talk AFS, performance might be a little better, due to extensive caching. Or not. Joachim If we are talking OS X here, you might consider using afpd (in the netatalk package) which is an implementation o the native Mac filesharing protocol AFP. For your security concerns, OS X supports tunnelling AFP connections over SSH. If you are really considering this, ask me for a netatalk-2.0.3 package because the 1.6.3 version has some annoying limitations. The only thing I'm not certain about is how it will fare in the performance departement compared to AFS. -- i think we should rewrite the kernel in java since it has good support for threads. - Ted Unangst
Re: pppoe
On Tue, Apr 18, 2006 at 11:52:47AM +0930, Brendan Grossman wrote: Hi everyone To bring up a pppoe connection, I use ppp -ddial provider But how do I take it down? Also how do I remove old tunx devices? # ifconfig tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1492 inet 219.90.xxx.xxx -- 203.2.124.224 netmask 0x Opened by PID 71830 tun1: flags=8010POINTOPOINT,MULTICAST mtu 1500 tun2: flags=8010POINTOPOINT,MULTICAST mtu 1500 inet 219.90.xxx.xxx -- 219.90.174.215 netmask 0x What the? How do I get rid of the others? tun0 seems to be only in use there. It seems strange to me that you have this problem because I once had a setup similar to yours (under 3.4-3.5-3.6) and never had this problem. Maybe you did not do something right, maybe it's a bug but without showing more info one can only guess. The info required here would be the version you are running, your ppp.conf file (sanitized to remove passwords, of course) and your linkup and linkdown script if they contain anything. On another topic, if you are running 3.7 or higher, you could give the in-kernel pppoe a try, unless, of course, you have already tried and some wierd thing your provider is doing prevents it from working. Arnaud -- i think we should rewrite the kernel in java since it has good support for threads. - Ted Unangst
Re: 'set skip on' being inconsistent
On 4/13/06, Chris Cameron [EMAIL PROTECTED] wrote:
In my pf.conf I have:
set skip on tun0
set skip on enc0
set skip on lo0
tun0 is for OpenVPN. If I run pfctl -f /etc/pf.conf, I can connect with
OpenVPN and telnet to a server.
If I disconnect OpenVPN, wait for a couple of minutes, then try
connecting with telnet again, pf blocks the connection. If I run pfctl
-f /etc/pf.conf, I can connect again.
OpenVPN connects fine, it's just the telnet after that doesn't work.
tcpdump -i tun0 shows the packets coming in.
The connection attempt in my pflog:
Apr 13 14:03:37.157867 rule 0/(match) block in on tun0:
192.168.123.6.1160 192.168.120.50.23: S 648098994:648098994(0) win
16384 mss 1368,nop,nop,sackOK (DF)
Apr 13 14:03:43.092857 rule 0/(match) block in on tun0:
192.168.123.6.1160 192.168.120.50.23: S 648098994:648098994(0) win
16384 mss 1368,nop,nop,sackOK (DF)
Anyone know what's going on? This is a patched Sparc64/3.8 in a carp
setup.
I think, after reading the manpage, that this behavior is because you
can 'set skip on' only one time. If you want to specify more than one
interface, the proper way to do it is : 'set skip on { tun0, enc0, lo0
}'
If anybody knows better correct me.
Chris
Arnaud
--
i think we should rewrite the kernel in java since it has good
support for threads. - Ted Unangst
Re: GNU license files rules replacement guidelines with BSD one
On 4/5/06, Andrew Smith [EMAIL PROTECTED] wrote: http://www.openbsd.org/policy.html Scroll down to the section 'Permissions - the flip side' and consider the consequences of the statements in paragraph 4. This section is probably the biggest one that supports my view that GPL cannot be recinded and after initiation and that all GPL code should be carefully considered with regard to future use in GPL environments even by the original author. This section specifies that someone elsemay alter the copyright notices on files but that won't change who owns the copyright. It is the same with the license, someone else may change the written licensing terms but the original license still applies. However according to international copyright law, the author (or more specifically the copyright holder) of any work may change the distribution terms at his whim. In the case of the GPL, this means the author of GPL program X may decide to remove the source from the internet and sell it binary-only for 5K$. The only thing the GPL will do in this case is that people who obtained the source before it was pulled can continue to use and distribute it under the GPL as the author cannot revoke this license from them. No license can restrict the freedom of the copyright holder to do as he please with his work. However, with most GNU/GPL projects, there are hundreds or thousands of contributors and each one of them would need to agree to a license change to change the license of the whole project. That is why most big projects can't change their liccense. Back to the original topic, If the project you are talking about is yours (meaning you wrote it), ga ahead, change the license, you can. If not, you must ask each person who has the copyright to a part of the project if they agree to change the license. If what you are talking about is rather if you can replace some GPL file by an equivalent one but BSD licensed file, the answer is yes (as long as you don't copy-paste). The only caveat is that as long as there is even ONE GPL file in the project, the project has to be redistributed under the GPL as a whole. As for your second question, a file that is comprised of only an '#include shit.h' satement should be easy enough to replace (see Ted's suggestion) and you don't have to change the name of the file (at least with the GPL). I am open to having that view changed if you have a more definitive source of reference, however, it may well be the case that some of the flexibility that may be present in under one regional boundary isn't present in another region. To this end many licenses state that the licensing terms are in accordance with 'California state law..' or whatever, by accepting the terms you are therefore reducing ambiguity on the use of the license. -Andy [snip] Arnaud -- i think we should rewrite the kernel in java since it has good support for threads. - Ted Unangst
Re: GNU license files rules replacement guidelines with BSD one
On 4/5/06, Daniel Ouellet [EMAIL PROTECTED] wrote: Back to the original topic, If what you are talking about is rather if you can replace some GPL file by an equivalent one but BSD licensed file, the answer is yes (as long as you don't copy-paste). But what does that really mean. It sure is NOT that I can sit there and retype a printed copy of the software and then release it BSD for sure! That is copy-paste for practical purposes. That's really the part I am having problem with. I am not a layers, I don't want layers discussions, etc. In practical term, how can this be done and what's the line here that makes it either BSD or GNU for stuff you write that are inspired may be from GNU? Is code, meaning moving of data, processing of data is it, but that you can still use the same data structure because it make sense and reeds to be compatible? I don't know and I am trying to find out. If you retype the same structure does it then make it GNU? The idea is to see what it does and then do the same with your own ideas. For example, if you have a function that takes a string argument and reverse the characters in it under GPL. You take what it does (reverse character in a string) and re-implement it with your own code. You can keep the same interface to the function (meaning name and parameters) as long as you impelment the functionality yourself. As for data structures, I am not certain but I tend to agree with Ted meaning they are not copyrightable and you can copy them. (I know I did with some) I don't know, what's the rules, how can it be done if even possible. Like many times we see people say inspired from GNU code, but it's BSD code. What's the inspired is define at. How far does it goes? Inspired means you see a good idea and you do the same general idea without using the exact same lines of code. That's my question. The only caveat is that as long as there is even ONE GPL file in the project, the project has to be redistributed under the GPL as a whole. That I understand very well. But as stated below As for your second question, a file that is comprised of only an '#include shit.h' satement should be easy enough to replace (see Ted's suggestion) and you don't have to change the name of the file (at least with the GPL). So what this really mean? It means that a file with only #include statements is hardly copyrightable and can be copied at will. Also file names are not copyrightable and you are not requiered to use new names. The copyright (and consequently the license) applies to the code and only the code. Sorry guys, I also have some difficulty at time to understand the nuance of the language, so I may look think at times, not my fault. I try however. I need to understand this if only for myself, but I guess it may be useful for someone else as well. Thanks and I am very sorry for the subject, I know this is a very sensitive subject but I really don't want this to be a battle of merit on the licenses, etc. Don't worry this topic has not even been approched yet, and I intend to keep it that way. I am only interested on how a GNU project can become a BSD project and the process and step in getting there, if that's even possible. In your case it is not really changing a GNU project to a BSD one but rather rewriting a GNU one under a BSD license. Correct me if i'm wrong. Thanks Daniel Arnaud -- i think we should rewrite the kernel in java since it has good support for threads. - Ted Unangst
Re: disable listen on ports
On 4/3/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Mon, Apr 03, 2006 at 11:11:22AM +0530, Niklaus wrote: On 4/2/06, Chris Kuethe [EMAIL PROTECTED] wrote: On 4/2/06, Niklaus [EMAIL PROTECTED] wrote: what problem are you really trying to solve? really, what problem are you trying to solve? the fact that you have untrusted users? I understand the tunnelling through ssh part. Can you explain what reverse telnet is . I don't get it. Users here on my system are running proxy servers like socks proxy and downloading stuff which is banned on squid proxy. This is a mail and devel server, so all of the users have ssh and gcc accounts .They compile the proxies they get on sourceforge and i really can't kill all the processes because there are too many users. They are just like a redirectors. I don't want any user other than root to listen on any port. I'd be inclined to both say 'let them' and 'filtering is best done at the firewall' (and yes, that's a separate machine). However, telling pf to block all outgoing traffic is enough. What you want to do - 'stop listeners', though, would require filtering the lo0 device as well. That should work, but is likely to be far from trivial. And, as Chris pointed out below, filtering for listeners doesn't really help. Really, the proper solution is to tell pf to block all outgoing traffic, then whitelist what you need. This shouldn't be too much - you could whitelist Squid by user, and the rest is likely to be simple (domain, possibly ssh, possibly imap(s)/pop(s), smtp if you are feeling lucky). Or you could block all traffic to and from ports 1024. That would stop any proxies they might run. The ports below 1024 do require to be root to open a listen socket to them. assume have an http proxy listening on 127.0.0.1 on your machine. assume you've disabled port forwarding in sshd_config so i can't tunnel to my proxy. i then change my proxy program to i connect back to a listener (netcat?) on my remote machine at which point i have a tcp connection through which i can forward my http requests to make them look like they're coming from your box. this sort of trick is easy to whack together... probably 10 or 15 minutes if you're ripping code straight out of learning perl without knowing what you're doing. no doubt there's stuff in ports that can be used too. CK -- i think we should rewrite the kernel in java since it has good support for threads. - Ted Unangst
Re: Possible bug in ksh tab completion
On 11/19/05, Matthias Kilian [EMAIL PROTECTED] wrote:
On Fri, Nov 18, 2005 at 09:55:26PM -0500, Arnaud Bergeron wrote:
I reported it precisely because the characters you mentionned (and all
other 'special' chars i know) are working perfectly. '[' and ']' are
the only chars I have problems with even if they are properly escaped.
Oops, you're right, at least '@' seems to work. But as naddy pointed
out, there are still other problematic characters. For example,
$ mkdir -p aaa:bbb/{foo,fee,bar,baz}
$ ls aa^I^I^I
Now if you still think it would take more than one or two days, I
think I'll try to code myself a little interactive-only shell.
Is it really worth it? How many often do you run into those completion
bugs, i.e. how much file and directories with funny characters do
you have?
About 4 new per week. Current total: about 650
It's because I download anime and all groups put their names in the
filename inside []. That's why it's bugging me. Anyway enough noise
for now.
Ciao,
Kili
--
If your program isn't worth documenting,
it probably isn't worth running.
-- Nagler
--
B+ De toutes les machines que j'ai vues, le Macintosh est la seule qui
apporte une certaine originalitC) B; Bill Gates
Possible bug in ksh tab completion
I noticed that, using ksh, if you try to tab-complete any filename that has a '[' in it while there are more than one file in the directory will fail. Simple example: $ mkdir test $ cd test $ touch [a] [b] $ pico \[a at the last line, if you type tab, the system beeps and nothing else happens. It is not such a big deal for files with small names like the ones in the example but can get annoying if you have to type in verbatim a 60-caracter filename. So this leads to my question. Is it a design feature, a POSIX requierment, or simply something that has gone unnoticed? -- They allowed us to set up a separate division almost, that is physically, geographically, psychologically and spiritually different from what Bill himself calls the Borg - Peter Moore, V.P. in charge of Xbox 360 marketing at Microsoft.
Re: Possible bug in ksh tab completion
On 11/18/05, Matthias Kilian [EMAIL PROTECTED] wrote:
On Fri, Nov 18, 2005 at 03:53:38PM -0500, Arnaud Bergeron wrote:
I noticed that, using ksh, if you try to tab-complete any filename
that has a '[' in it while there are more than one file in the
directory will fail. Simple example:
[...]
So this leads to my question. Is it a design feature, a POSIX
requierment, or simply something that has gone unnoticed?
ksh would need some kind of incremental parser for both parsing
scripts as well for doing tab-completion. Unfortunately, using a
common parser for normal use (parse a script) and for special
interactive use (completion) isn't trivial. The edit implementations
(both emacs and vi) use lots of ad-hoc stuff.
I'd the idea of using a common parser implemented with yacc(1), but
Otto pointed out that this wouldn't help much but also bloat ksh.
So, for now, completion won't work for some pathological cases ('{',
'@', and other unusual characters).
I reported it precisely because the characters you mentionned (and all
other 'special' chars i know) are working perfectly. '[' and ']' are
the only chars I have problems with even if they are properly escaped.
Fixing this would be more than one or two days of work. But have a
look at att ksh -- it even sucks more if it comes to completion.
Now if you still think it would take more than one or two days, I
think I'll try to code myself a little interactive-only shell.
Ciao,
Kili
--
They allowed us to set up a separate division almost, that is physically,
geographically, psychologically and spiritually different from what Bill
himself calls the Borg
- Peter Moore, V.P. in charge of Xbox 360 marketing at Microsoft.
Re: Dual Head Graphic Card
On 11/6/05, Gustavo Rios [EMAIL PROTECTED] wrote: I was thinking about something like that: http://disjunkt.com/dualhead/ http://cambuca.ldhs.cetuc.puc-rio.br/multiuser/ http://www.ltn.lv/~aivils/ http://www.itsopen.net/projects/x-hack/ http://www.google.com/search?hl=enlr=safe=offq=Linux+multi+local+X... These are about running two instances of X on two monitors which should be already possible (I have not tried!) with base system + base X. What you are asking is to run ttys on both monitors which is not possible (for the moment at least). What i need is not to proliferate desktop around. 2005/11/6, Nick Holland [EMAIL PROTECTED]: Gustavo Rios wrote: Dear friends, mo desktop box's graphic card has support for two monitor. I have two sets containing each: 1 monitor, 1 mouse and 1 keyboard. The mouse and keyboard are connected to the monitor via USB. I wonder if i could have a configuration like that: I would like to have the first 5 ttys connected to the one set of devices, and the second set holding the seconds 5 ttys. The ideia is to be able to have two users connected independently to a single desktop. Could i made my self clear about my goal? Is that possible to achieve? Thanks in advance for your time and cooperation. Best regards. Of course it is possible. Just write enough code. Don't waste your time. Add an old, second computer pulled out of the trash to the puzzle, run X on it, and use it as an X terminal for the first. You have accomplished your stated goal using tools the way they were intended to be used, rather than twisting them in ways they were not intended. Plus, you have much greater scalablity -- what do you do for the THIRD, fourth, or twentieth user on your system? With my recommendation, just add more junk computers. Your idea? Not going to happen. Nick. -- They allowed us to set up a separate division almost, that is physically, geographically, psychologically and spiritually different from what Bill himself calls the Borg - Peter Moore, V.P. in charge of Xbox 360 marketing at Microsoft.
Re: iTunes5 support for mt-daapd
On 9/22/05, Jonathan Gray [EMAIL PROTECTED] wrote: On Thu, Sep 22, 2005 at 11:48:15AM -0700, James Wright wrote: based on the patch at http://nightlies.mt-daapd.org/, patch-daap_c goes into /usr/ports/audio/mt-daapd/patches and patch-Makefile to be applied in /usr/ports/audio/mt-daapd (just updates it to p0). This updates iTunes support to version 5. Works as advertised. I think it would make more sense to update the port to 0.2.3 which includes this... I'm working on it now. The base port is finished, I'm adding some sprintf() replacements. -- They allowed us to set up a separate division almost, that is physically, geographically, psychologically and spiritually different from what Bill himself calls the Borg - Peter Moore, V.P. in charge of Xbox 360 marketing at Microsoft
Re: [0dS] vulnerability in theo's asshole
[snipped stupid message] This should be reported to hushmail. As it was not directed toward me I did not do it. However I took the time to find the right place to do it. Here is the link : https://www.hushmail.com/contact/index.php?PHPSESSID=e784385b72dd436bb2affa3a4e020419 Try this one if the above doesn't work: https://www.hushmail.com/contact/?area=Abuse%20and%20Spam -- They allowed us to set up a separate division almost, that is physically, geographically, psychologically and spiritually different from what Bill himself calls the Borg - Peter Moore, V.P. in charge of Xbox 360 marketing at Microsoft.
Re: ntpd could not parse pool.ntp.org
On 8/16/05, Mike Henker [EMAIL PROTECTED] wrote: Ok Nick, ckecking all what you said step by step: Can you put your /etc/resolv.conf file back to the one with the ISP's dns servers in it first. Changed to: lookup file bind name server 194.224.52.6 name server 194.224.52.4 Can you confirm if you've got pf enabled or not and if you do can you send a copy of your pf.conf file. I dont have pf enabled (all inside pf.conf file has a # at the begining of each line). Can you confirm the contents of your /etc/mygate file. 192.168.0.1 Can you confirm the contents of your /etc/hostname.rl1 and /etc/hostname.rl0 files. hostname.rl0 inet 192.168.1.3 255.255.255.0 NONE hostname.rl1 inet 192.168.0.9 255.255.255.0 NONE Can you also confirm the subnet mask on your adsl router's 192.168.0.1 address ( it'll probably be something like 255.255.255.0) Yes I can confirm you the subnet mask is 255.255.255.0 From the firewall with these setting I can ping 192.168.0.1 but cannot ping for example http://www.google.com Just something that has been bugging me: are you trying to ping http://www.google.com; or www.google.com. It's just because the frist one will never work. If it can help the past message that appears the past days saying: ntpd could not parse pool.ntp.org doesnt appear now. Please Nick if need more info letme know thanks. Salutes, Mike _ Nick escribis: It's definitely a DNS issue, although it should be working as your resolv.conf file looks good. Can you check a few things please? Can you put your /etc/resolv.conf file back to the one with the ISP's dns servers in it first. Can you confirm if you've got pf enabled or not and if you do can you send a copy of your pf.conf file. Can you confirm the contents of your /etc/mygate file. Can you confirm the contents of your /etc/hostname.rl1 and /etc/hostname.rl0 files. Can you also confirm the subnet mask on your adsl router's 192.168.0.1 address ( it'll probably be something like 255.255.255.0) What I'm trying to do is troubleshoot a few things such as if you've got firewall rules that will interfere with dns lookups and your network settings to see if there's a misstype in there as it should be working at the moment. Once we've the internet working properly on your openbsd box we'll then work on getting machines behind it to access through it properly. Ta - Nick Mike Henker wrote: Hi Nick Greg I was testing all the steps but the problem (and remember I m a newbie and perhaps I m wrong) I think is because the firewall can t see Internet (exactly the rl1 card with ip 192.168.0.9). I tried differents options in resolv.conf 1) The one you said (192.168.0.1 is the gateway on the router) lookup file bind nameserver 192.168.0.1 Having that in resolv.conf I can ping to 192.168.0.1, to 192.168.0.9, and also to 192.198.1.3 but dont work DNS lookups or pings to machines on Internet: lynx news.bbc.co.uk or nslookup news.bbc.co.uk (said connection time out; no servers could be reached) or ping http://www.google.com (said ping: unkown host http://www.google.com) 2) Another option I tried is to put into resolv.conf the DNS of my ISP (as I saw it in the faqs) lookup file bind nameserver 194.224.52.6 nameserver 194.224.52.4 And happens the same I can ping to 192.168.0.1, to 192.168.0.9, and also to 192.198.1.3 but dont work DNS lookups or pings to machines on Internet: lynx news.bbc.co.uk or nslookup news.bbc.co.uk (said connection time out; no servers could be reached) or ping http://www.google.com (said ping: unkown host http://www.google.com) I called to my ISP, a nice girl answer the phone and at first said Open...what ?? She said for to be connected to Internet in any OS I ll need always 3 parameters: The gateway: 192.1668.0.1 The primary DNS: 194.224.52.6 The secondary DNS: 194.224.52.4 If it can help if I connect my wife's PC (with windows) with the 3 parameters the ISP said me (the gateway and the two DNS) she can surf on Internet without probs. I hope all of this info can help you for to detect what s the problem. Regards, Mike _ Greg Thomas escribis: It looks like Nick's reply has everything covered, most importantly the requirement of a new route on your router to your 192.168.1.x network. Greg On 8/15/05, Mike Henker [EMAIL PROTECTED] wrote: You re right, Im sorry I wrote an error instead of 192.169.1.x I mean 192.168.1.x I know what I want to do, the problem is I don t know how to configurate the firewall: For to ilustrate better the structure is: Router-OpenBSDFirewall-Hub-Intranet Lan (with some machines connected) Looking nearly:
Re: A problem internal to GDB has been detected
On 8/10/05, Reitenbach Sebastian [EMAIL PROTECTED] wrote: Hi, I think you adressed the problem. but after setting ulimit -d a bit higher I get a bit more ahead, so the memory is later exhausted. This does not helped that much. ulimit -m was alrady at the maximum. $ ulimit -m 708879 sh: ulimit: exceeds allowable limit is there a way to exceed the allowable limit? how is the maximum determined? The maximum limit is determined by your login class and how it is configured in /etc/login.conf. look at login.conf(5) for starters. Problem is that gdb ran out of memory: apparently your GNUStep app is a bit bloated and contains lots of debugging information. That debug information doesn't fit into the memory you've allowed for gdb. Try to increase the amount of memory using ulimit -d and/or ulimit -m. Mark so I think it is a problem of the application because I am able to debug other objc applications. thanks sebastian -- They allowed us to set up a separate division almost, that is physically, geographically, psychologically and spiritually different from what Bill himself calls the Borg - Peter Moore, V.P. in charge of Xbox 360 marketing at Microsoft.
Re: Output of top - CPU% weirdness?
On 7/3/05, Oliver J. Morais [EMAIL PROTECTED] wrote: * Arnaud Bergeron [EMAIL PROTECTED] [050703 03:09]: All it takes to find that out is a little bit of observation and deduction. From the second output you provided you should see md5's CPU usage go up rapidly. No. md5's CPU doesn't go up. If I try john -t it slowly goes up. Let's stick with john -t 'cause it's real CPU hog. top(1) output show a CPU-Usage going up slowly, showing different numbers than ps(1). load averages: 1.80, 1.15, 0.68 09:25:13 51 processes: 1 running, 49 idle, 1 on processor CPU states: 97.0% user, 0.0% nice, 2.5% system, 0.5% interrupt, 0.0% idle Memory: Real: 45M/116M act/tot Free: 374M Swap: 0K/1024M used/tot PID USERNAME PRI NICE SIZE RES STATEWAIT TIMECPU COMMAND 7399 moo 640 3208K 952K run -0:10 36.47% john 13289 moo20 18M 22M sleepselect 0:21 0.05% Xorg 16577 moo20 2924K 3588K sleepselect 0:08 0.00% xterm 13376 moo 100 4332K 2832K idle wait 0:00 0.00% mutt 26326 moo20 3000K 3600K sleepselect 0:00 0.00% xterm $ while true; do ps -ax -opcpu -ocommand | grep john | grep -v grep ; sleep 1; done 45.0 john -t 71.8 john -t 80.9 john -t 85.0 john -t 87.8 john -t 89.6 john -t 90.7 john -t 91.7 john -t 92.1 john -t 92.6 john -t 93.1 john -t 93.5 john -t 93.9 john -t And these numbers were taken parallel in two xterm, so 36.47% from top(1) showed up wile ps(1) was reporting 90+ percent CPU. Was it always showing 36.47% in top or did it go up? Aside from that, from what I can gather top uses sysctl(3) to get its values while ps uses kvm(3). I understand that kvm is old heritage and is to be replaced. More importantly, does this issue affects your system stability or security? Do you loose sleep over it? If not, maybe its not that important. Now, if you're not happy with that, you're welcome to fix it yourself As always... Too bad I'm not a developer. -- They allowed us to set up a separate division almost, that is physically, geographically, psychologically and spiritually different from what Bill himself calls the Borg - Peter Moore, V.P. in charge of Xbox 360 marketing at Microsoft.
Re: Output of top - CPU% weirdness?
On 7/2/05, Oliver J. Morais [EMAIL PROTECTED] wrote: OpenBSD 3.7-current (GENERIC) #212: Mon Jun 27 21:48:43 MDT 2005 on i386 Compiling xpdf I see the following top-output (top -S -ocpu 10) load averages: 1.97, 1.55, 0.97 16:16:04 65 processes: 2 running, 62 idle, 1 on processor CPU states: 88.5% user, 0.0% nice, 10.0% system, 0.3% interrupt, 1.2% idle Memory: Real: 62M/124M act/tot Free: 366M Swap: 0K/1024M used/tot PID USERNAME PRI NICE SIZE RES STATEWAIT TIMECPU COMMAND 16836 moo20 19M 23M sleepselect 0:18 0.00% Xorg 11 root -1800K 26M sleepreaper 0:03 0.00% reaper 10255 moo20 3504K 4280K sleepselect 0:01 0.00% xterm 23656 root 100 8956K 2748K sleepwait 0:00 0.00% make 25307 root 640 19M 11M run -0:00 0.00% cc1 15256 moo20 7216K 7660K sleeppoll 0:00 0.00% xscreensaver 21127 moo20 3516K 4232K run -0:00 0.00% xterm 13 root 1800K 26M sleepsyncer 0:00 0.00% update 4698 root 20 660K 392K idle kqread 0:00 0.00% apmd 3048 root 20 1484K 1020K sleepselect 0:00 0.00% sendmail So: 88.5% User, 10.0% System looks OK, but where are the CPU-consuming processes in the list? ,[ man top - bugs ]- | As with ps(1), things can change while ttp is collecting information for | an update. The picture it gives is only a close approximation to reality. ` I don't think an approximation of this scale is correct ;-) Another try: ,[ md5 -t ]- | while true; do md5 -t; done | | top output: | | load averages: 1.81, 1.72, 1.48 16:28:13 | 52 processes: 2 running, 49 idle, 1 on processor | CPU states: 100% user, 0.0% nice, 0.0% system, 0.0% interrupt, 0.0% idle | Memory: Real: 48M/109M act/tot Free: 381M Swap: 0K/1024M used/tot | | PID USERNAME PRI NICE SIZE RES STATEWAIT TIMECPU COMMAND | 32635 moo 560 2904K 172K run -0:00 1.71% md5 | 17994 moo20 3148K 3748K sleepselect 0:00 0.05% xterm | 16836 moo20 19M 23M sleepselect 0:21 0.00% Xorg ` 100% User but md5 only showing up with 1,71%? Either I don't see the obvious or there's something broken. The percent displayed in the process list is an average on the process' lifetime (or something like that). The numbers at the top about the CPU usage are live numbers directly reported by the kernel. All it takes to find that out is a little bit of observation and deduction. From the second output you provided you should see md5's CPU usage go up rapidly. Now, if you're not happy with that, you're welcome to fix it yourself -- They allowed us to set up a separate division almost, that is physically, geographically, psychologically and spiritually different from what Bill himself calls the Borg - Peter Moore, V.P. in charge of Xbox 360 marketing at Microsoft.
Re: Sad boot problem (boot.conf: invalid argument)
On 6/9/05, Luciano ES [EMAIL PROTECTED] wrote: Hello, Stuart. The answers to your latest questions: On 09/06/05 at 12:11, Stuart Henderson wrote in 7K: How does 'fdisk wd0' look? - The second slice (offset 63) was marked as unknown. Then I fixed it with OpenBSD's fdisk. Now it is marked as OpenBSD. The problem is that I have done that many times. The OpenBSD gets lost mysteriously. Often, between two reboots of OpenBSD (without booting any other system). Have you used any disk tools on the drive from another OS which might have changed the MBR? - After, and only after I had the problem, I tried using Linux's fdisk a couple of times. But it didn't work, so I gave up. But I hadn't got anywhere near the MBR until the problem occurred for the first time. And, like I said, the slice also loses its OpenBSD ID mysteriously between two reboots of OpenBSD. Are you loading the OpenBSD boot directly from MBR, or is there some other bootmanager in the way? Any chance some program might have decided that the OpenBSD partition is bogus because it doesn't know the type, and decides to change it? - I am using Grub with these options: rootnoverify (hd0,1) makeactive chainloader +1 From what I know of grub (don't remember what version, It was like 6 months ago), you need to put rootnoverify (hd0,1a) (assuming you boot from the 'a' slice). I have absolutely no idea if this causes the problem but maybe it can help. Always worked fine with Windows, Linux, FreeBSD and NetBSD. Thank you again for your attention. -- Luciano ES Santos, SP - Brasil -- They allowed us to set up a separate division almost, that is physically, geographically, psychologically and spiritually different from what Bill himself calls the Borg - Peter Moore, V.P. in charge of Xbox 360 marketing at Microsoft.
pthreads question
For a threaded network application I'm developping, I have to watch
the number of concurrent connections. I currently use this code:
if (curconns maxconns) {
curconns++;
}
else {
pthread_cond_wait(conns_is_at_max, useless_mutex);
continue;
}
curconns is decremented by other threads each time a connection is
finished and is only incremented in the main thread.
I use a condition variable to know when it is decremented so that I
can restart the loop and accept the connection.
I don't need a mutex but it seem the pthread code requires one. The
manpages on pthreads are very scarce. Is there a better/simpler way
to do this?
Help is apreciated (pointers to documentation, plain answers, or just
anything useful)
--
They allowed us to set up a separate division almost, that is physically,
geographically, psychologically and spiritually different from what Bill
himself calls the Borg
- Peter Moore, V.P. in charge of Xbox 360 marketing at Microsoft.
Re: error messages
On 5/16/05, Ryan Corder [EMAIL PROTECTED] wrote: On Mon, 2005-05-16 at 18:45 +0300, Kaj Mdkinen wrote: I connect to my firewall with putty. How can I get rid of messages like these from appearing in my ssh terminal session? check your /etc/syslog.conf to see if errors, etc are being sent to specific users. by default, *.errors, *.notice, auth.debug, and *.alert are sent to root and *.emerg syslog entries are sent to everyone. ryanc Or you could try working from another terminal, if you are not logged in as root. -- Fourth law of programming: Anything that can go wrong wi sendmail: segmentation violation - core dumped
Re: exposing an internal server to the Internet
On 5/14/05, GV [EMAIL PROTECTED] wrote: no, I don't need any port of that machine to be exposed to the Internet. Only a certain range. I tried the following: -- nat on $ext_if from $int_if:network to any - $ext_if rdr on $int_if proto tcp from any to any port 21 - 127.0.0.1 port 8021 rdr pass on $ext_if proto tcp from any to any port 8000 - $cam1 port 80 rdr pass on $int_if proto tcp from $cam1 to any - $ext_if -- The last rule is the culprit. Traffic simply gets blocked by the ISP's router because cam1 haves an internal IP adress. The nat rule should take care of the traffic from cam1 (if it is on $int_if:network) If you want certain ports to be redirected to an internal machine: rdr on $ext_if from any to any port $ports_to_redirect - $internal_machine does the job. I do get access to the internal ($cam1) port 80 but no response back from the other ports this machine is using! Is like an one-way communication! If you say that I will need to alias another ip to your obsd box and binat traffic destined to that address you mean a public IP address? Thanks On Sunday 15 May 2005 00:05, Abraham Al-Saleh wrote: Do you need every port on the mail server to be exposed to the internet? that's how I originally interpreted your question. If you only need mail server ports, then use the rdr statement, which you can again read about in the pf.conf man page. Otherwise, you will need to alias another ip to your obsd box and binat traffic destined to that address to your mail server. On 5/14/05, GV [EMAIL PROTECTED] wrote: thanks for your prompt reply. I do agree with you but when reading the manual concerning binat it says: ..Connections from the Internet to the external address will be translated to the internal address.. which means that ANY connection from the Internet will be translated/redirected to this specific server which actually discharges my whole LAN? To be more specific, I first tried the following configuration: -- binat on $ext_if from $cam1 to any - $ext_if nat on $ext_if from $int_if:network to any - $ext_if -- and couldn't ssh my server any more cause my connection was automatically redirected to port 22 of the internal machine where no sshd was running!!! I think that I misunderstood binat but couldn't find any detailed docs or examples how to use it. If you have time to provide me some directions to this? Thanks for your support George On Saturday 14 May 2005 23:46, Abraham Al-Saleh wrote: Use binat. From man (5) pf.conf: binat A binat rule specifies a bidirectional mapping between an external IP netblock and an internal IP netblock. read the pf.conf manual page for more information. On 5/14/05, GV [EMAIL PROTECTED] wrote: Hi, I have a situation where an internal (located in a LAN and behind a OpenBSD firewall/NAT) has to be fully exposed to the Internet! What's the best way to acieve that? Thanks George -- Fourth law of programming: Anything that can go wrong wi sendmail: segmentation violation - core dumped
Re: cf encoding and a question
Ok enough I get it now... On 5/6/05, John L. Scarfone [EMAIL PROTECTED] wrote: On Fri, May 06, 2005 at 04:27:11PM -0400, Arnaud Bergeron said: 10x! Sorry, I do not understand this... http://www.urbandictionary.com/define.php?term=10xr=f (basically thank you) -- ajBAY294Lm5ldA== -- Fourth law of programming: Anything that can go wrong wi sendmail: segmentation violation - core dumped
Viewing socket owner
I have been playing around with netstat and found lots of strange (read uknown ports) udp connections. I wanted to know what processes where doing these connections. After reading the netstat man page I concluded that it can't do it. Google provided no useful information. So I wonder if there is a way to view the pid (or pgid) of the owner of a socket other than writing my own program to read kernel memory with kvm_*. Arnaud Bergeron -- Fourth law of programming: Anything that can go wrong wi sendmail: segmentation violation - core dumped
