DVDs and T-shirt arrived in New Zealand
Cheers guys, insert is great! Looking forward to upgrading my v215 Gateway over the weekend. https://plus.google.com/u/0/111096521876100491635/posts/ANUtieu3nho -JoelW
Re: OpenBSD and shebang line to a script not supported?
On 1 November 2011 18:21, K. AndrC) Braselmann k...@braselmann.org wrote: Am 01.11.2011 um 01:08 schrieb Mikolaj Kucharski: Linux accepts up to 4 levels of #! nesting according to the references - as of 2008 ( http://lkml.org/lkml/2008/9/6/66 ) Modify your scripts to do 5-10-15 and see what happens?
Re: DST cancellation for Russia
On 31 October 2011 10:41, Constantine A. Murenin muren...@gmail.com wrote: On 30 October 2011 02:39, Dmitry Tigrov ti...@darkstar.spb.ru wrote: Russia has cancelled the move to DST for 2011. Is cancellation DST for Russia added to 5.0 version? Is any patch to cancellation for 4.9 version? http://www.openbsd.org/cgi-bin/cvsweb/src/share/zoneinfo/datfiles/europe#rev1.42 A total mess, if you ask me. Whilst the DST riddance (or, well, a permanent DST) is a welcome move, the way in which it is done is quite absurd. And due to the momentum, and, perhaps, the implicit inconvenience to the neighbour states, Belarus and Ukraine also decided to abandon DST, even giving a correspondingly shorter notice! Blah. AFAIK, ICANN now look after this, and I believe are going to fight any legal qualms. Given ICANN has some mone in it's coffers for this sort thing it is probably for the 'better' in the long run. http://www.iana.org/time-zones NZ a couple of years ago changed the DST boundaries as well - due to political micro-management. Agreed it is a giant PITA. - What happened to internet 'beats'? I quite liked 500 points in the day and being able to use decimal, I even had a phone with beats on it at one point. -JoelW
Re: Volunteer project to implement wireless in a school
Hi Leonard - have you considered openmesh ... you will probably find you will get cost savings and that whole - re-inventing the wheel thing. http://www.open-mesh.com/ -JoelW On 19 October 2011 14:08, leona...@sympatico.ca wrote: I have volunteered to implement a wireless network in a school. I have about 2 months (till January) to do a proof of concept and implementation will be summer of 2012. Initial thoughts: School is L shaped with 20 rooms , each arm of the L is ~ 35 M (~ 110 ft) in length, everything is on one floor.There will be between 40 and 100 clients connected at any one time throughout the school. Clients need to stay connected to the wireless network as they move throughout the school. each arm would have 2 access points at ~ 12M (40 ft) and 24 M (80 ft) from the vertex of the 2 arms, and one in the vertex ( 5 APs total) I hope to use soekris net6501-50: 1 Ghz CPU, 1 Gbyte DDR2-SDRAM, 4 Gigabit Ethernet Ports as the AP host, SparkLAN WMIA-199NI INDUSTRIAL GRADE WLAN 802.11n draft wifi 2.4/5Ghz dual band 3T/3R Module (Atheros AR9001 + AR9160 XSPAN) Wireless miniPCI cardas the wireless cardProof of concept will use OpenBSD 5.0 to set up the wireless network using hostAP to ensure the clients can stay connected to the smae ssid throughout the school.. Production network in 2012 will likely be openbsd 5.1 Before I invest money and time into this, does the plan sound reasonable? Are there better wireless cards to use as access points? Thanks for any advise, in particular on better wireless card choice, if there is one. Len Zaifman
Re: Are there any virtualization solutions for OpenBSD? (!important: no package from ports!)
If you are Going to use linux as your dom0 I STRONGLY recommend against virtual box. Vb is the retarded stillborn twin of kvm. Kvm is twice as fast in mainline and not controlled by oracle sent from android handset. Please mind the brevity. On Sep 20, 2011 12:44 AM, Nico Kadel-Garcia nka...@gmail.com wrote: On Sat, Sep 17, 2011 at 6:17 AM, lancebaynes87 lancebayne...@zoho.com wrote: http://unix.stackexchange.com/questions/20917/are-there-any-virtualization-solutions-for-openbsd-important-no-package-from I'm searching for Virtualization solutions: OpenBSD: host CentOS: guest What are my solutions? I'm searching for one that doesn't use packages from ports. Are there any? Thank you in anticipation. Do it the other way around. RHEL, CentOS, and Scientific Linux 6.x all work well with the VirtualBox and other virtualization servers, though VirtualBox has the best interface for freeware. And OpenBSD runs quite happily in virtualization. I use it for testing OpenBSD tools in a primarily RHEL environment, and even use VirtualBox for easy virtualization in places where I'm only handed a Windows desktop or laptop. You don't get the same vaunted OS security or kernel performance on the serverr, but you do get access to other familiar tools and layouts that may not be available in OpenBSD yet. (I do note the availability of recent tools I care about in 4.9, such as httpd-2.x and libreoffice-3.x and subversion-1.6.x. Good)
Re: Are there any virtualization solutions for OpenBSD? (!important: no package from ports!)
On 20 September 2011 14:08, Corey clinge...@gmail.com wrote: On 09/19/2011 08:04 PM, Joel Wiramu Pauling wrote: If you are Going to use linux as your dom0 I STRONGLY recommend against virtual box. Vb is the retarded stillborn twin of kvm. Kvm is twice as fast in mainline and not controlled by oracle sent from android handset. Please mind the brevity. On Sep 20, 2011 12:44 AM, Nico Kadel-Garcianka...@gmail.com** wrote: Maybe so, but it works fine for me in a workstation environment. Many things work better than in KVM (video, USB passthrough) and I don't see any perceptible speed difference. KVM does seem to use less CPU, and that usage is better balanced amongst cores, than with VirtualBox. I think KVM is closing the gap, and am prepared for Oracle to drop VBox entirely if it suits Ellison's whims. I wouldn't use VirtualBox in a server environment, but then again I don't get the feeling that that is its target environment This is off topic now, but seriously, I use both (Virtualbox has one advantage in that it can host Solaris10 properly). And VB has NO advantages, all of the advantages are to KVM. As for Video use Spice enabled KVM, and USB pass through has been present for yonks. C
Multiple External IP's on an Interface and Forwarding.
Hi all, I am having some problems with the following setup and could use some pointers; OpenBSD router/FW - 3 Interfaces em0 - Public/Internet - Single IP to openbsd em1 - Intranet - 3 IP's on routable range - c - OpenBSD Itself, b - Forward to Internal Host a), c) Forward ot Internal Host b) bge0 - Internal (RFC1918) Internal Host a) - Internal IP Internal Host b) - Internal IP On the intranet interface I can only have host a) forwarding working and the non-forwarded address to the openbsd box itself, however host b) forward fails. Running openbsd 4.9 on sparc64 Any suggests welcome, I can post pf.conf if requested off list. Kind regards -JoelW
Re: I don't get where the load comes from
Load is generally a measure of a single processor core utilization over an kernel dependent time range. Generally as others have pointed out being a very broad (not as in meadow, as in continent). Different OS's report load very differently from each other today. Traditionally you would see a load average of 1-2 on a multicore system (I am talking HP-UX X client servers etc of the early 90's vintage). a Load average of 1 means a single core of the system is being utilized close to 100% of the time. On dual core systems a load average of 1 should be absolutely no cause for concern. Linux has moved away from reporting load average as a percentage of a single core time in recent days for precisely this reason, people see a load of 1 and think there systems are esploding. In the traditional mold todays processors should in theory get loads of 4-7 and still be responsive... On 31 May 2011 19:10, Joel Carnat j...@carnat.net wrote: Le 31 mai 2011 ` 08:10, Tony Abernethy a icrit : Joel Carnat wrote well, compared to my previous box, running NetBSD/xen, the same services and showing about 0.3-0.6 of load ; I thought a load of 1.21 was quite much. Different systems will agree on the spelling of the word load. That is about as much agreement as you can expect. Does the 0.3-0.6 really mean 30-60 percent loaded? As far as I understood the counters on my previous nbsd box, 0.3 meant that the cpu was used at 30% of it's total capacity. Then, looking at the sys/user counters, I'd see what kind of things the system was doing. 1.21 tasks seems kinda low for a multi-tasking system. ok :)
Re: ARM or SPARC ?
Sparc64 is probably the best support non x86 architecture for openbsd at this time. On 30 May 2011 21:41, Daniel Gracia lists.d...@electronicagracia.comwrote: Kinda naive question: either could be more than enough; depends on your hard/soft/bandwith combination. Stick to i386/amd64; usually the best buck for performance ratio. Good luck! El 30/05/2011 11:32, hvom .org escribis: Hi all I need best performance processor, I used firewall and rountig/load-balancing. I look models ARM and SPARC, ARM it's the best SPARC. The machin turned OpenBSD 4.9. Tank you for help Cordialy
Re: firewall virtualization using tagging?
stacking (802.11ah/QinQ) is ok for most situations, however it would be nice to have a SAP style construct (service access port), which essentially is a logical customer interface - most switch/router vendors have such as thing. On 24 May 2011 11:56, Stuart Henderson s...@spacehopper.org wrote: On 2011-05-23, Oeschger Patrick patrick.oesch...@bluewin.ch wrote: the first experiments were using routing domain coupled with different vlans but vlans are limited to 4k+ no, you can stack them. svlan(4) does QinQ with the 802.1AD standard ethertype (0x88a8).
Re: a GOOD idea to harden OpenSSH!
On 30 March 2011 20:22, Alexander Schrijver alexander.schrij...@gmail.com wrote: On Wed, Mar 30, 2011 at 10:06:14AM +0300, Gregory Edigarov wrote: IMHO it is absolutelly useless, objections are: 1. You can limit connections using firewall. 2. You already have the feature by name limiting the number of retries 3. If you really want PROTECTION - you should turn off password authentication completelly and use RSA key with passphrase. On Wed, 30 Mar 2011 09:54:06 +0300 Mihai Militaru mihai.milit...@xmpp.ro wrote: It's a great way to keep someone out of their own system. It still amazes me the people are using tunneled plain-text passwords on internet facing systems. Learn how to use ssh-keygen and .ssh/authorized keys - I would hazard that a better security measure would be to turn off tunneled clear text logins by default.
Upgrading JUST kernel
Hi all, in order to fix a hardware problem with 4.8 release I need to move to the current or 4.9 kernel. Having not played around with openbsd's dev trunk before; what is expected to work/not to work if I just dump in a new bsd kernel and reboot? I quite happily run git built linux kernels willy nilly on older dists which MOST of the time is fine. Am I going to be safe doing this in OpenBSD. Kind regards -JoelW
Re: Upgrading JUST kernel
On 14 March 2011 13:53, Andres Perera andre...@zoho.com wrote: On Sun, Mar 13, 2011 at 6:43 PM, Joel Wiramu Pauling j...@aenertia.net wrote: Hi all, in order to fix a hardware problem with 4.8 release I need to move to the current or 4.9 kernel. ... just after 4.8 was released, ral(4) was patched to work with my card i later ended up using -current just as i do know, but for a while i just identified the patch kindly made by damien@ and applied it to -stable. it was a very small diff so it worked out just fine Thanks for all your suggestions. I went through the CVS commits, there are some additional sparc64 patches that look like they will speed up things a lot, as well as my NE card fix so I think I will just do the full upgrade to 4.9-current rather than piecemeal patch based on these recommendations Kind regards -JoelW
sparc64 - openbsd4.8 bge3: watchdog timeout -- resetting + kernel panic
After around 3-4 days of uptime I start getting watchdog timeouts in my logs - and eventually dhcpd stops responding to requests coming into the interface, and then connectivity drops. I see this dying behaviour on my uplink (bge0) connection as well. Went to report this via sendbug while it was doing this, and got a kernel panic ;-/ Steps to reproduce: boot, provision network, and firewall config - bring up some services, send some traffic, wait a few days for message to appear, run sendbug. Crash. 2 Outcomes: Kernel panic/crash , or no network on interface (reboot solves problem). -- dmesg : console is /ebus@1f,464000/serial@2,80 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2010 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.8 (GENERIC) #86: Mon Aug 16 09:09:34 MDT 2010 dera...@sparc64.openbsd.org:/usr/src/sys/arch/sparc64/compile/GENERIC real mem = 1073741824 (1024MB) avail mem = 1044054016 (995MB) mainbus0 at root: Sun Fire V215 cpu0 at mainbus0: SUNW,UltraSPARC-IIIi (rev 3.4) @ 1504 MHz cpu0: physical 32K instruction (32 b/l), 64K data (32 b/l), 1024K external (64 b/l) memory-controller at mainbus0 not configured pyro0 at mainbus0: Fire, rev 3, ign 780, bus A 2 to 13 pyro0: dvma map c000- pci0 at pyro0 ppb0 at pci0 dev 0 function 0 PLX PEX 8532 rev 0xbb pci1 at ppb0 bus 3 ppb1 at pci1 dev 1 function 0 PLX PEX 8532 rev 0xbb pci2 at ppb1 bus 4 ppb2 at pci2 dev 0 function 0 Acer Labs M5249 PCI-PCI rev 0x00 pci3 at ppb2 bus 5 ohci0 at pci3 dev 28 function 0 Acer Labs M5237 USB rev 0x03: ivec 0x780, version 1.0, legacy support ohci1 at pci3 dev 28 function 1 Acer Labs M5237 USB rev 0x03: ivec 0x780, version 1.0, legacy support ehci0 at pci3 dev 28 function 3 Acer Labs M5239 USB2 rev 0x01: ivec 0x781 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Acer Labs EHCI root hub rev 2.00/1.00 addr 1 ebus0 at pci3 dev 30 function 0 Acer Labs M1575 ISA rev 0x00 rtc0 at ebus0 addr 70-73: m5823 pciide0 at pci3 dev 31 function 0 Acer Labs M5229 UDMA IDE rev 0xc8: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide0: using ivec 0x784 for native-PCI interrupt pciide0: channel 0 disabled (no drives) pciide0: channel 1 disabled (no drives) usb1 at ohci0: USB revision 1.0 uhub1 at usb1 Acer Labs OHCI root hub rev 1.00/1.00 addr 1 usb2 at ohci1: USB revision 1.0 uhub2 at usb2 Acer Labs OHCI root hub rev 1.00/1.00 addr 1 ppb3 at pci1 dev 2 function 0 PLX PEX 8532 rev 0xbb: ivec 0x794 pci4 at ppb3 bus 6 ppb4 at pci1 dev 8 function 0 PLX PEX 8532 rev 0xbb: ivec 0x794 pci5 at ppb4 bus 7 ppb5 at pci1 dev 9 function 0 PLX PEX 8532 rev 0xbb pci6 at ppb5 bus 8 ppb6 at pci6 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xb5 pci7 at ppb6 bus 9 bge0 at pci7 dev 4 function 0 Broadcom BCM5714 rev 0xa3, BCM5715 A3 (0x9003): ivec 0x795, address 00:14:4f:b1:b4:62 brgphy0 at bge0 phy 1: BCM5714 10/100/1000baseT/SX PHY, rev. 0 bge1 at pci7 dev 4 function 1 Broadcom BCM5714 rev 0xa3, BCM5715 A3 (0x9003): ivec 0x796, address 00:14:4f:b1:b4:63 brgphy1 at bge1 phy 1: BCM5714 10/100/1000baseT/SX PHY, rev. 0 ppb7 at pci7 dev 8 function 0 ServerWorks HT-1000 PCIX rev 0xb4 pci8 at ppb7 bus 10 ppb8 at pci1 dev 10 function 0 PLX PEX 8532 rev 0xbb pci9 at ppb8 bus 11 ppb9 at pci9 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xb5 pci10 at ppb9 bus 12 bge2 at pci10 dev 4 function 0 Broadcom BCM5714 rev 0xa3, BCM5715 A3 (0x9003): ivec 0x796, address 00:14:4f:b1:b4:64 brgphy2 at bge2 phy 1: BCM5714 10/100/1000baseT/SX PHY, rev. 0 bge3 at pci10 dev 4 function 1 Broadcom BCM5714 rev 0xa3, BCM5715 A3 (0x9003): ivec 0x797, address 00:14:4f:b1:b4:65 brgphy3 at bge3 phy 1: BCM5714 10/100/1000baseT/SX PHY, rev. 0 ppb10 at pci10 dev 8 function 0 ServerWorks HT-1000 PCIX rev 0xb4 pci11 at ppb10 bus 13 mpi0 at pci11 dev 1 function 0 Symbios Logic SAS1064 rev 0x02: ivec 0x78f scsibus0 at mpi0: 63 targets sd0 at scsibus0 targ 0 lun 0: SEAGATE, ST973402SSUN72G, 0603 SCSI3 0/direct fixed sd0: 70007MB, 512 bytes/sec, 143374738 sec total pyro1 at mainbus0: Fire, rev 3, ign 7c0, bus B 2 to 255 pyro1: dvma map c000- pci12 at pyro1 ebus1 at mainbus0: ign 7c0 flashprom at ebus1 addr 0-1f not configured com0 at ebus1 addr 80-87 ivec 0x8: ns16550a, 16 byte fifo com0: console com1 at ebus1 addr 40-47 ivec 0x9: ns16550a, 16 byte fifo rmc-comm at ebus1 addr 0-7 ivec 0xa not configured gpio at ebus1 addr c0-c0 not configured led0 at ebus1 addr 0-80: rev 0x5a power0 at ebus1 addr 40-c1 ivec 0x3 i2c at mainbus0 not configured softraid0 at root bootpath: /pci@1e,60/pci@0,0/pci@a,0/pci@0,0/pci@8,0/scsi@1,0/disk@0,0 root on sd0a swap on sd0b dump on sd0b bge3: watchdog timeout -- resetting bge3: watchdog timeout -- resetting bge3: watchdog timeout -- resetting bge3: watchdog timeout -- resetting bge3: watchdog timeout -- resetting bge3: watchdog timeout -- resetting bge3: watchdog timeout -- resetting bge3:
Re: nat static-port option
Does the PS3 support ipv6? Are Sony's servers IPv6 compliant. The better option is to acquire IPv6 transit someway (either by terminating a tunnel broker pipe and advertising RA from your openbsd box) or better still switching to an ISP that support native v6 service. Kind regards -JoelW On 1 February 2011 12:13, Chris Cappuccio ch...@nmedia.net wrote: the alternative is UPnP, which you'd need a supporting daemon to add port mappings into pf to support with an obsd gateway Josh Smith [juice...@gmail.com] wrote: misc@, I recently acquired a playstation 3 and have been running into some difficulties playing it online behing my openbsd gateway. B After doing some research and testing I have been able to overcome most of these problems by appending the static-port option to my nat rule. B I understand the concept that this prevents pf from modifying the source port on the packets as they are natted. B But I am curious as to what implications flipping this switch has. B At least I'm guessing there must be something since it is not the default behavior. Thanks, -- Josh Smith KD8HRX email/jabber:B B juice...@gmail.com phone:B B 304.237.9369(c) -- Let food be thy medicine and medicine be thy food - Hippocrates
Re: Please help me decide: OpenWrt vs. OpenBSD
On 20 January 2011 11:18, S Mathias smathias1...@yahoo.com wrote: I have a RouterBoard 450G [680 Mhz cpu, 256 MB ram, 512 MB flash]. I just can't decide what to put on it: Use mikrotik - as they manufacture the product, test and integrate it MikrotikOS (which is linux with a bunch of custom stuff on top) will work best and be the most secure platform.
Re: chrooted browser
yes in exactly the same fashion as you chroot any other application. Find the shared librarys using ldd on the browser binary, copy them to chroot-root/sub directories. Execute from within the chroot. On 17 January 2011 08:43, Jean-Francois jfsimon1...@gmail.com wrote: Hello, Is there a way to chroot the web browser for safer internet surfing ? Regards
Re: [Was: OT - gmail alternatives] PGP web mail anyone?
On 13 December 2010 22:23, Joachim Schipper joac...@joachimschipper.nl wrote: On Sun, Dec 12, 2010 at 09:11:16PM -0700, Travis King wrote: Joel Wiramu Pauling j...@aenertia.net wrote: Marti Martinez ma...@ece.arizona.edu wrote: Ted Unangst ted.unan...@gmail.com wrote: At some point you're going to realize that the javascript that decrypts your mail has to come from someplace. A better alternative would be a PGP browser addon (...) [See] firegpg firegpg is the only way I can get friends and family to communicate with me securely. I don't even know what the interface looks like, but it does work (apparently). It's unmaintained. I would also be surprised if the server can't get at your plaintext (e.g. with Javascript, or even Java/Flash). You may want to look at http://rdist.root.org/2010/11/29/final-post-on-javascript-crypto/ and the comments (in particular, my http://rdist.root.org/2010/11/29/final-post-on-javascript-crypto/#comment-623 9). Summary: it doesn't work, and can't work unless you add a plugin with *many* restrictions. B B B B B B B B Joachim -- PotD: devel/ivy - dependency manager for Java http://www.joachimschipper.nl/ Firegpg was basically just chrome extensions to local(read client) side gpg binaries. It wasn't insecure for the reasons you cite, the author just got sick of having to update it to work with gmail (it's initial target). It is still useful for easy access to gpg functions within firefox.
Re: [Was: OT - gmail alternatives] PGP web mail anyone?
On 13 December 2010 16:13, Marti Martinez ma...@ece.arizona.edu wrote: On Sun, Dec 12, 2010 at 11:32 AM, Ted Unangst ted.unan...@gmail.com wrote: On Sun, Dec 12, 2010 at 1:16 PM, Alexander Shulgin alex.shul...@gmail.com wrote: I know it might sound funny, but what do you guys think about feasibility of massively automatic PGP web mail with all encryption/decryption done through javascript in the client's browser? At some point you're going to realize that the javascript that decrypts your mail has to come from someplace. A better alternative would be a PGP browser addon, which I think already exists (but I'm too lazy to check on). Certainly does: firegpg
Re: Freeze with Western Digital Caviar Green HDD
Hrm, do you have model number of the drives? I have some WD drives in a raid 10 array (LVM2 + EXT4 + linux) for my media PC and it would be useful to figure out if some of the issues I have seen over the last year have been related to the use of drive. On 10 December 2010 08:48, Aaron Suen warr1...@gmail.com wrote: It looks like the IntelliPark feature on a Western Digital Caviar Green HDD can cause issues with OpenBSD, which can be fixed/mitigated by disabling IntelliPark. About 6 months ago, I built myself a new amd64 machine. B I decided to optimize for low wattage--reducing power costs and waste heat, increasing UPS runtime--and so I chose a single Western Digital Caviar Green HDD. B Although these drives are intended/marketed for something more like nearline storage, according to bonnie++, the drive performed roughly as well as the 7200RPM PATA-100 2-drive mirror in my old machine. The machine I built, initially running 4.7/amd64, then 4.8/amd64 (both unmodified -RELEASE) was never stable for more than a couple of days at a time. B The machine would freeze hard, sometimes with the HDD light lit solid, usually not. B I worked around a number of bugs, trying a patched kernel with http://marc.info/?l=openbsd-miscm=128897915014154w=2, and disabling installing an fxp(4) so I could disable the onboard re(4). B I wrote scripts to monitor hw.sensors, SMART, and various stats from systat(1), and graph them using rrdtool. B What I noticed was that my machine would generally crash right before an IO-intensive cronjob started. I also noticed that SMART stat 193 (Load/Unload Cycle Count) was very high, and climbing rapidly. B Doing some research on this stat, I found out that WD Caviar Green drives have a feature called IntelliPark that parks the HDD heads after 8 seconds of inactivity. B This is supposed to make the HDD more efficient, but has been reported not to play well with Linux, and WD provides a workaround: the WDIDLE3 utility, which would allow me to change/disable the IntelliPark 8-second timeout. B I ran WDIDLE3 on my WD Caviar Green HDD, setting the timeout to the maximum allowed (300 seconds). B I have a monitoring process running that writes to disk roughly every 60 seconds, so IntelliPark is effectively disabled for me. B As of now, the system has been up a record 19.5 days without issue. Disabling IntelliPark fixed the major freeze issue I was having. B I don't know exactly what was going on, but it seems like the drive would get stuck in a state in which the head reloading had failed, or had not completed within a certain timespan, and the OS and the drive controller become deadlocked. B Attempting to reproduce the problem is painful, both in terms of how long it can take to cause a freeze, and for the wearing out it did of the drive. B I'm not sure if I should file this as a PR, or consider this a design flaw in the drive (or a consequence of off-label use) and just be content with the fix/workaround that I've found. If anyone has any recommendations, or any experiences with the Caviar Green drives, I'd like to hear them.
Re: How to open PDF that requires Adobe 9
I would be surprised if okular didn't open it. (okular being the KDE viewer) On 7 December 2010 10:42, Clint Pachl pa...@ecentryx.com wrote: Joachim Schipper wrote: On Sat, Dec 04, 2010 at 06:28:04PM -0700, Clint Pachl wrote: When I open [the UPS developer's guide] with xpdf(1) I get a [message] to download the the latest Adobe crapware to view it. This is cheating, but have you tried throwing it into Google docs? B B B B B B B B Joachim Damn Joachim, nice cheat! I can't believe I didn't think of giving this a try. I was hopeful it would work. Unfortunately, I get the same error: For the best experience, open this PDF portfolio in Acrobat 9 or Adobe Reader 9, or later. I'd also like to mention I tried the pdftops and pdf2ps commands without success. Still get a single page PDF stating the above message. I guess it has to do with this PDF being a portfolio, like Anthony Bentley mentioned. Thanks, Clint
clients not receiving dhcp acks from dhcpd on bridge ports
Kia ora, I am having a similar problem as discussed here: http://kerneltrap.org/mailarchive/openbsd-misc/2010/8/24/6489 However I am running latest stable on sunfire v215 OpenBSD ufb-fw.ufb.net.nz 4.8 GENERIC#86 sparc64 I am running double NAT but unfortunately at this point it is the only option for this machine. My interfaces are configured: # cat /etc/hostname.bge0 dhcp up rtsol # cat /etc/hostname.bge1 up # cat /etc/hostname.bge2 up # cat /etc/hostname.bge3 up # cat /etc/hostname.vether0 inet 192.168.1.1 255.255.255.0 NONE description bridge port with ip # cat /etc/hostname.bridge0 description bridge for internal add vether0 add bge1 add bge2 add bge3 up # cat /etc/rc.conf.local ntpd_flags= # enabled during install dhcpd_flags=vether0 # ifconfig lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33160 priority: 0 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:14:4f:b1:b4:62 priority: 0 groups: egress media: Ethernet autoselect (100baseTX full-duplex,rxpause,txpause) status: active inet6 fe80::214:4fff:feb1:b462%bge0 prefixlen 64 scopeid 0x1 inet 10.0.0.10 netmask 0xff00 broadcast 10.0.0.255 bge1: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 lladdr 00:14:4f:b1:b4:63 priority: 0 media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) status: active inet6 fe80::214:4fff:feb1:b463%bge1 prefixlen 64 scopeid 0x2 bge2: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 lladdr 00:14:4f:b1:b4:64 priority: 0 media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) status: active inet6 fe80::214:4fff:feb1:b464%bge2 prefixlen 64 scopeid 0x3 bge3: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 lladdr 00:14:4f:b1:b4:65 priority: 0 media: Ethernet autoselect (none) status: no carrier inet6 fe80::214:4fff:feb1:b465%bge3 prefixlen 64 scopeid 0x4 enc0: flags=0 priority: 0 groups: enc status: active vether0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 lladdr fe:e1:ba:d0:e5:34 description: bridge port with ip priority: 0 groups: vether media: Ethernet autoselect status: active inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::fce1:baff:fed0:e534%vether0 prefixlen 64 scopeid 0x7 bridge0: flags=41UP,RUNNING description: bridge for internal groups: bridge priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp bge3 flags=3LEARNING,DISCOVER port 4 ifpriority 0 ifcost 0 bge2 flags=3LEARNING,DISCOVER port 3 ifpriority 0 ifcost 0 bge1 flags=3LEARNING,DISCOVER port 2 ifpriority 0 ifcost 0 vether0 flags=3LEARNING,DISCOVER port 7 ifpriority 0 ifcost 0 pflog0: flags=141UP,RUNNING,PROMISC mtu 33160 priority: 0 groups: pflog # Bridge is showing that it has learned the various mac addresses: # ifconfig bridge0 bridge0: flags=41UP,RUNNING description: bridge for internal groups: bridge priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp designated: id 00:00:00:00:00:00 priority 0 bge3 flags=3LEARNING,DISCOVER port 4 ifpriority 0 ifcost 0 bge2 flags=3LEARNING,DISCOVER port 3 ifpriority 0 ifcost 0 bge1 flags=3LEARNING,DISCOVER port 2 ifpriority 0 ifcost 0 vether0 flags=3LEARNING,DISCOVER port 7 ifpriority 0 ifcost 0 Addresses (max cache: 100, timeout: 240): 00:27:13:64:e3:df bge2 0 flags=0 08:00:27:5b:9d:b6 bge1 1 flags=0 00:0e:86:15:81:bf bge1 0 flags=0 00:0e:86:15:80:63 bge1 0 flags=0 00:0e:86:16:39:c4 bge1 0 flags=0 00:13:fa:04:ae:44 bge1 1 flags=0 48:5b:39:b5:b4:63 bge1 1 flags=0 d8:5d:4c:e1:d3:16 bge1 1 flags=0 6c:62:6d:7b:c8:05 bge1 1 flags=0 And daemon log is showing that vether0 is receiving dhcprequests and sending acks - but the acks never reach clients. I am able to statically add IP's on client and get them to work: (the .11 host in the routing table for example) # route show Routing tables Internet: DestinationGatewayFlags Refs Use Mtu Prio Iface defaultSpeedTouch.lan UGS 61 4163 - 8 bge0 10.0.0/24 link#1 UC 10 - 4 bge0 ufb-fw.lan localhost UGHS
Re: clients not receiving dhcp acks from dhcpd on bridge ports
ok so I solved the dhcpd ack issue by explicitly allowing pass any on each of the bridge member interfaces and the bridge0 device itself. Still having issues with clients unable to ping between themselves when they situated off the GPON node, back to the drawing board. On 3 December 2010 19:40, Joel Wiramu Pauling j...@aenertia.net wrote: Kia ora, I am having a similar problem as discussed here: http://kerneltrap.org/mailarchive/openbsd-misc/2010/8/24/6489 However I am running latest stable on sunfire v215 OpenBSD ufb-fw.ufb.net.nz 4.8 GENERIC#86 sparc64 I am running double NAT but unfortunately at this point it is the only option for this machine. My interfaces are configured: # cat /etc/hostname.bge0 dhcp up rtsol # cat /etc/hostname.bge1 up # cat /etc/hostname.bge2 up # cat /etc/hostname.bge3 up # cat /etc/hostname.vether0 inet 192.168.1.1 255.255.255.0 NONE description bridge port with ip # cat /etc/hostname.bridge0 description bridge for internal add vether0 add bge1 add bge2 add bge3 up # cat /etc/rc.conf.local ntpd_flags= B B B B B B # enabled during install dhcpd_flags=vether0 # ifconfig lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33160 B B B B priority: 0 B B B B groups: lo B B B B inet 127.0.0.1 netmask 0xff00 B B B B inet6 ::1 prefixlen 128 B B B B inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 B B B B lladdr 00:14:4f:b1:b4:62 B B B B priority: 0 B B B B groups: egress B B B B media: Ethernet autoselect (100baseTX full-duplex,rxpause,txpause) B B B B status: active B B B B inet6 fe80::214:4fff:feb1:b462%bge0 prefixlen 64 scopeid 0x1 B B B B inet 10.0.0.10 netmask 0xff00 broadcast 10.0.0.255 bge1: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 B B B B lladdr 00:14:4f:b1:b4:63 B B B B priority: 0 B B B B media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) B B B B status: active B B B B inet6 fe80::214:4fff:feb1:b463%bge1 prefixlen 64 scopeid 0x2 bge2: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 B B B B lladdr 00:14:4f:b1:b4:64 B B B B priority: 0 B B B B media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) B B B B status: active B B B B inet6 fe80::214:4fff:feb1:b464%bge2 prefixlen 64 scopeid 0x3 bge3: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 B B B B lladdr 00:14:4f:b1:b4:65 B B B B priority: 0 B B B B media: Ethernet autoselect (none) B B B B status: no carrier B B B B inet6 fe80::214:4fff:feb1:b465%bge3 prefixlen 64 scopeid 0x4 enc0: flags=0 B B B B priority: 0 B B B B groups: enc B B B B status: active vether0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 B B B B lladdr fe:e1:ba:d0:e5:34 B B B B description: bridge port with ip B B B B priority: 0 B B B B groups: vether B B B B media: Ethernet autoselect B B B B status: active B B B B inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 B B B B inet6 fe80::fce1:baff:fed0:e534%vether0 prefixlen 64 scopeid 0x7 bridge0: flags=41UP,RUNNING B B B B description: bridge for internal B B B B groups: bridge B B B B priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp B B B B bge3 flags=3LEARNING,DISCOVER B B B B B B B B port 4 ifpriority 0 ifcost 0 B B B B bge2 flags=3LEARNING,DISCOVER B B B B B B B B port 3 ifpriority 0 ifcost 0 B B B B bge1 flags=3LEARNING,DISCOVER B B B B B B B B port 2 ifpriority 0 ifcost 0 B B B B vether0 flags=3LEARNING,DISCOVER B B B B B B B B port 7 ifpriority 0 ifcost 0 pflog0: flags=141UP,RUNNING,PROMISC mtu 33160 B B B B priority: 0 B B B B groups: pflog # Bridge is showing that it has learned the various mac addresses: # ifconfig bridge0 bridge0: flags=41UP,RUNNING B B B B description: bridge for internal B B B B groups: bridge B B B B priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp B B B B designated: id 00:00:00:00:00:00 priority 0 B B B B bge3 flags=3LEARNING,DISCOVER B B B B B B B B port 4 ifpriority 0 ifcost 0 B B B B bge2 flags=3LEARNING,DISCOVER B B B B B B B B port 3 ifpriority 0 ifcost 0 B B B B bge1 flags=3LEARNING,DISCOVER B B B B B B B B port 2 ifpriority 0 ifcost 0 B B B B vether0 flags=3LEARNING,DISCOVER B B B B B B B B port 7 ifpriority 0 ifcost 0 B B B B Addresses (max cache: 100, timeout: 240): B B B B B B B B 00:27:13:64:e3:df bge2 0 flags=0 B B B B B B B B 08:00:27:5b:9d:b6 bge1 1 flags=0 B B B B B B B B 00:0e:86:15:81:bf bge1 0 flags=0 B B B B B B B B 00:0e:86:15:80:63 bge1 0 flags=0 B B B B B B B B 00:0e:86:16:39:c4 bge1 0 flags=0 B B B B B B B B
Re: linux emulation
Have you tried it under wine? http://wiki.winehq.org/OpenBSD On 12 September 2010 16:51, Predrag Punosevac punoseva...@gmail.com wrote: Elmar Bschorer elmar.bschorer () bugconsulting ! de wrote: hi list, i tried to get skype up and running with linux emulation on openbsd 4.7. skype starts up and i can log in but i can't see any contacts or chat with others. looks like i am not really connected. does anyone has skype running? any ideas what the problem might be? Of course. I got Skype running on OpenBSD http://www.daemonforums.org/showthread.php?t=2616highlight=Skype+OpenBSD tia elmar The problem is that you can only use chat. You can NOT use VoIP since OpenBSD does not have enough Linux emulation even for old Skype v 1.2 compiled with static OSS(Linux version) let alone v. 2.xxx which requires Alsa. This is how we do VoIP on OpenBSD http://www.ryanflannery.net/howtos/obsd_voicechat.php You can also get old Skype version 1.2 compiled with static OSS if you look hard enough on the Internet and add the support to Linux emulator layer if you have enough programming skill. I am sure Jake and Alexander will give you their notes about aucat and tell you what needs to be done. Cheers, Predrag
Re: Web hosting, restrict user to access only his folder
lightty does however. So you may want to look into it over apache. On 23/08/2010, Benny LC6fgren bl-li...@lofgren.biz wrote: Chris Cappuccio wrote: Benny L??fgren [bl-li...@lofgren.biz] wrote: (I've long wished for a privsep apache with separate chroot():s for every virtual domain... one of these days I'm gonna have to look into it, but I suppose it's not trivial to implement or someone would have done it by now. :-) ) I think people do this today by just running multiple daemons, one under each uid, binding each one to a different IP (or to a different port and using a reverse proxy on port 80) Of course it would be convenient if the system could multiplex it for you with one master daemon Yes, that's how I currently do things too, but it's an inconvenient solution to the problem, mainly because Apache doesn't lend itself well to be run in multiple instances on the same server (and the hassle of needing a reverse proxy introduces another level of complexity). /B -- internetlabbet.se / work: +46 8 551 124 80 / Words must Benny Lvfgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted. /email: benny -at- internetlabbet.se
Re: [OT] securely sharing documents on OpenBSD?
Any reason why you can't just use https and webserver? On 17 August 2010 22:27, Matt open...@women-at-work.org wrote: Quite possibly more of a 'which software' question: I am looking for a way to have two parties share documents securely through an OpenBSD server. User A can not look into directory B but is allowed in dir C, that sort of thing. Sharing occurs through untrusted / changing networks. Obviously a simple SFTP structure seems to cut it, but would require all users (different platforms) to install sftp clients. Is there anything else (preferably in ports) that could do this better / prettier ? Thanks!
Re: whiteboard over the net
I recommend http://dimdim.com for something platform agnostic and running on a FOSS platform. Openignite server if you are wanting to put something installable in place (xmpp colab suite) -Joel Pauling On 31 March 2010 10:51, patrick keshishian pkesh...@gmail.com wrote: On Tue, Mar 30, 2010 at 2:44 PM, David Vasek va...@fido.cz wrote: On Tue, 30 Mar 2010, Marco Peereboom wrote: Drawing shit with the mouse. B Not typing stuff with the keybored. A drawing app of your choice + a VNC of your choice? I used such a setup several times with various OS's. pencil + paper + web-cam* *inspired by William Boshuck post.
Re: selling bsd in cd for profit??
Let me clear on this. Yes you can. Follow the BSD licence terms (none of which say anything about for profit) and you are fine. There is absolutely zero legal reason you cannot put together a cd of OpenBSD and sell it. The official CD has some further licencing restrictions, so if you were to copy it verbatim it would constitute a breach of these terms. But if you create your own and sell it. No problem. On 27 February 2010 13:44, Citra Cool cc.bel...@gmail.com wrote: Can I selling openBSD in CD for profit??
Re: selling bsd in cd for profit??
I am not saying that it is in the spirit of the project. Just saying that there is nothing wrong nor preventing you from doing so under the BSD licence. Don't like it? fine. Take your time to a project using a different licence.
Re: Refusal to mention OpenBSD in a MSc Advanced Networking course
here's a quick little seminar on professors and academia. it is very advanced and you may not understand it at first: One important point you forgot to mention. The influence on IT syllabus of the various arcane politics involved with Campus IT infrastructure.
Re: routing and pf at 10Gbps
Alcatel-Lucent do a AA-ISA card plugin module for their 7750 range of routers. Which enables you to do filtering at 50GB (and scale it up to 800GB) per 12U router. Having recently investigated this segment for work. Allot, Sonicwall(which is a Linux Variant) and a few others are running FOSS firewalls filtering appliances at 10GB+ and it's not just the router vendors (nortel, cisco, junper,alcatel) that do that sort of speed these days. I can't comment on the hardware blobs that may also be involved in these, as Diana says they will have FPGA's under a freeOS... i.e JunOS is essentially 4.4 BSD with a bunch of Juniper FPGA drivers. -JoelW On 12 February 2010 04:54, Diana Eichert deich...@wrench.com wrote: On Wed, 10 Feb 2010, Mike Williams wrote: Really, nobody firewalls at multi-Gbps? yes, people run firewalls on 10G circuits I am not aware of anyone filtering at 10G who is using off the shelf hardware, with open source O/S. Large enterprises use either commercial firewalls, for example Juniper Netscreens, or build systems using FPGA cards with locally produced code. Either way the filtering is done in hardware. In my experience the Netscreen 5x00 firewalls sold with 10G cards and MGT3 card can not do line rate 10G, though it was marketed as capable of 10G filtering. B The newer, ie more expensive Juniper SRX firewalls supposedly can do it. B They are based on Juniper heavy iron routers. diana
Re: multiple videocards... for console text
Just use USB to RS323 convert cables and have as many heads as you like off of dumb terminals. Or old laptops. ;-) 2009/5/22 Need Coffee need.cof...@gmail.com Hi, I have kind of a weird question. I have two video cards in an amd64/-current machine. Both cards have dual-head capability. At the text console, the same text appears on both ports. Would it be possible to either: - make the ports separate consoles (seems unlikely) - run each card independently (so, more VT's offered on the second video card) Or some variant of these? Thanks in advance.
Re: usb storage device detected as USB1.1
Make sure you are plugging directly into the MOBO connectors. Many cases include crappy USB one hubs which causes degraded performance. 2009/2/9 frantisek holop min...@obiit.org: hmm, on Thu, Feb 05, 2009 at 06:44:25PM +0100, Jesus Sanchez said that On windows, formated as FAT32, the copy of 1,2 GB took about 6 minutes, so it's about 3.41 MB/s, that's more than USB1.1 speed (I think) but in OpenBSD 4.4 I have 1.5 MB/s speed. I will attach dmesg as soon as possible. for many devices 1.5 MB/s is already USB2. e.g. my mp3 player. i am not familiar with the windows caching mechanism but it might be finishing up the copying after the progress bar has already finished. linux plays that ugly game. everything is copied lightningly fast only to discover that umount takes minutes until the caches is written out in the real world. have you clocked the openbsd transfer? it is not in your email 6min windows vs ? min openbsd? -f -- golf is a good walk spoiled.
Re: most secure graphical browser
Well short of building yourself into a faraday cage there is not much you can do to avoid van Eck sniffing. Also while LCD's are immune, I hear that a similar technique can be applied to LCD's. I am guessing sniffing LCD's is probably an order of magnatude more difficult than CRT tho. On 21/01/2008, Joachim Schipper [EMAIL PROTECTED] wrote: On Fri, Jan 18, 2008 at 02:33:30PM +0100, Han Boetes wrote: Most secure goes a long way. I run firefox on a sepperate user account. I doubt it's the most secure solution but it sure is quite a bit more secure, and I'm quite sure you really don't want to the most secure solution. :-) http://www.xs4all.nl/~hanb/documents/firefox_for_paranoid_people That still leaves open a lot of possibilities for mischief [1]. Don't run trusted and untrusted programs on the same X server! Joachim [1] Including, in an otherwise-unsecured X setup, 'sniffing' keystrokes, taking 'screenshots', and the like. Not things that are acceptable for a 'secure' desktop. -- TFMotD: flex (1) - fast lexical analyzer generator
Re: most secure graphical browser
dude, from what your saying, then run a browser, in chroot via ssh. To your remote X server. You may also want to rub a scrubbing proxy in that environ, (i.e dans guardian or somesuch). While a chroot is not ideal, it is a step up from running just plain ol unprivileged. And it's not like chroots are difficult or anything. As for browser choice. In the end I would just choose one with the least amount of lib deps to keep your chroot clean. While chroots are not ideal, they do two things which are going to increase your security, 1) they keep the underlying file system out of the way of your real filesystem, so things that might lead to filesystem exploits can't do shit, and 2) keep standard system crap hidden away and minimise the chances of someone on being able to do anything should they be able to exploit a vulnerability in the browser. but to me sounds like your making a non-issue into a mole hill. Even the most limited of hardware can run decent browsers. Why you are insisting on using your access box, when you have another machine is beyond me. Ideally just run a browser on your shit hardware, it's not that big of a deal really, yes mike take ages to load, but meh who cares.
Re: most secure graphical browser
Dude, you want a proxy with different user ACLs. This is not a browser thing at all. 2 firefox profiles will do the same thing, each having a different proxy user set. Hell have 2 user accounts on your entertainment box, and ssh -X [EMAIL PROTECTED] when you want to bring up your secure account. Keep the browser off the server box, instead put a filtering proxy of it. But hey its your life, do what you want.
Re: most secure graphical browser
One other note, if your planning on doing any internet banking, your pretty much stuck with Firefox or Opera (using binary emulation). Haven't tried ie under wine on openbsd, it may work also. Why? Because a lot of the internet banking sites are useless and while things like konqueror load them, badly hacked together js, and other bits fail a lot, things you won't notice until you go to do something like a funds transfer etc. You might be lucky and your banks website isn't ass. But I would be checking it thoroughly before making a browser decision. As for security, browser settings in such a way as to flush cookies at the end of sessions, clear cache etc and not store passwords is not a difficult thing, but in the end a scrubbing proxy would be a good idea if your uber paranoid.
Re: most secure graphical browser
chroot ;-). It is a pity that the is nothing like linux vservers for openbsd as yet ;-) On 18/01/2008, Joachim Schipper [EMAIL PROTECTED] wrote: On Thu, Jan 17, 2008 at 06:17:54PM -0500, Douglas A. Tutty wrote: On Thu, Jan 17, 2008 at 05:11:53PM -0500, STeve Andre' wrote: On Thursday 17 January 2008 03:42:38 pm Douglas A. Tutty wrote: I have a box that I want to keep as secure as I can but I also need to be able to use a graphical browser from it (I know that this is a trade-off). There is no graphical browser in base. I don't need or want this browser to do javascript or flash (I have a different box for entertainment). Of the browsers in packages, which browser would people think is likely the most secure? [snip] Why not create an OpenBSD live CD with the stuff you want on it? Because this box will also be my main server. For details, see a previous thread (I forget the title) where I'm splitting things between a secure box where anything confidential will be kept, and an entertainment box for regular browsing with javascript and, where required, flash. Also for watching DVDs and listening to music. Have you considered that a) you need to be very careful to properly separate these environments? (No SSH, no shared passwords, no direct access to 'confidential' data, etc.) b) the barrier between different users is pretty strong? Outside of some annoying symlink race conditions, there is very little mischief one account can do to another account that does not require gaining root in the first place. And most insecure software, at least on OpenBSD, will allow you to crack an account but not root c) graphical environments don't really belong on servers? Anyway, good luck. I can't think of any good suggestion except re-iterating what was said above, and noting that w3m can display graphics in an xterm. Joachim -- PotD: x11/gnome/audio - audio files for Gnome
Re: Suggested PF Setup when using BitTorrent?
The main annoyance I have had with bittorrent/p2p apps on openbsd is the relatively low file open limits. Pumping this is easy enough tho. On 06/01/2008, Leonardo Rodrigues [EMAIL PROTECTED] wrote: Maybe those watchdog timeouts have nothing to do with bittorrent, and are probably more related to nic problems. Have you tried running your torrent client with a different network card? On Jan 5, 2008 4:22 PM, Brian [EMAIL PROTECTED] wrote: Is there any suggested PF setup when using BitTorrent? Right now, the biggest problem I have when using BitTorrent is watchdog timeouts. Thanks, Brian Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs -- An OpenBSD user... and that's all you need to know =) Please, send private emails to [EMAIL PROTECTED]
Re: Hard Drive Speed
Actually probably the sata to usb|ide to usb converter chip. Not all are made equal. On 31/12/2007, Joachim Schipper [EMAIL PROTECTED] wrote: On Sat, Dec 29, 2007 at 09:03:49PM -0500, Dave Sorg wrote: I have a 1TB hard drive in an external box. When I use USB 2.0 to write to it, I eventually get read/write errors. When I use USB 1, I don't. I know that my drive has a reported speed of 7200 rpm, but that it is generally advised to only run at 5400 rpm, and I believe that this is the problem. My question is: how do I set it up to use USB 2.0 at 5400 rpm? That is almost certainly drive-specific. Check the manual for your specific model, search Google, and if that doesn't help try posting back. Joachim -- PotD: editors/xemacs21-sumo - complete set of supported XEmacs packages
Re: rouge IPs / user
Tip. Don't allow password challenge. Problem solved. Just use key'd ssh and this problem disappears. On 11/12/2007, Raimo Niskanen [EMAIL PROTECTED] wrote: I have a related problem, but I am not sure if the source IPs are nasty computers or just... # lsof -ni:www shows me lots of connections hanging in state CLOSE_WAIT from some hosts (often in China). These used to eat all sockets for httpd. Now I have a max-src-conn limit so it is not a real problem any more. I now also log hosts that succedes in getting many sockets in CLOSE_WAIT, and they are still there. What do the gurus say? What can I do about these hosts? On Fri, Dec 07, 2007 at 09:51:52AM -0800, badeguruji wrote: I am getting constant hacking attempt into my computer from following IPs. Although, I have configured my ssh config and tcp-wrappers to deny such attempts. But I wish some expert soul in this community 'fix' this rouge hacker for ever, for everyones good. This hacker could be spoofing the IPs, but i have only the IPs in my message logs(and a url)... 218.6.16.30 195.187.33.66 202.29.21.6 60.28.201.57 218.24.162.85 wpc4643.amenworld.com 202.22.251.23 219.143.232.131 220.227.218.21 124.30.42.36 -for community. -BG ~~Kalyan-mastu~~ -- / Raimo Niskanen, Erlang/OTP, Ericsson AB
Re: 5.1 sound card recommendation
**cough** OpenAL ( http://www.openal.org ) On 23/11/2007, Jacob Meuser [EMAIL PROTECTED] wrote: On Thu, Nov 22, 2007 at 12:36:51PM -0800, J.C. Roberts wrote: On Wednesday 21 November 2007, Alexandre Ratchov wrote: On Wed, Nov 21, 2007 at 01:12:38PM -0800, J.C. Roberts wrote: On Wednesday 21 November 2007, Nickolay A. Burkov wrote: Hello everyone! Do somebody have success with 5.1 sound ? If so, please recommend PCI Sound Card to work with OpenBSD 4.2(-CURRENT). I have MARC'ed a bit but similar messages were 1 year ago. I'd like to think that something have been changed.. Thank you for your time. For some strange reason I recall reading about some work being done on the Sound Blaster Audigy cards. Many of those cards are 5.1, 6.1 or 7.1 surround sound. A quick search on openbsd audigy shows we've had support since 3.9 but I'm not sure if this includes the surround sound features, or if it's just two channel? Older audigy cards based on EMU10K1 chips are supposed to work with the emu(4) driver, it's still two channel. Newer cards based on CA0106 will not work because there's no driver for the chip. The last time I've asked creative for documentation they didn't reply; since then, I've lost interest in these cards. -- Alexandre Alexandre, Off-list I was told that some of the older SoundBlaster Live cards will work in 5.1 mode including front/surround/centre/lfe control, but the off-list statement contradicts what you said earlier about no 5.1 (or better) support? I suspect you understand the code far better than most (including me). :-) as far as the hardware, you may be able to control the speakers separately with emu(4), cmpci(4) and possibly others. if `mixerctl -a` shows outputs.center, outputs.lfe, etc, then this could be possible. however, the emu(4) and cmpci(4) low level drivers only support 1 or 2 channel input/output. audio(4) itself does not restrict the number of channels. I think the bigger question is: what applications actually output more than 2 audio channels? none, afaik. please let me know if there is something I do not know about. also, some devices support AC-3 pass-through. that is, the devices themselves decode (2.1, 5.1, 7.1) AC-3 audio streams, but this is not supported in audio(4) nor in the low level drivers. -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
Re: 5.1 sound card recommendation
err Linux / Alsa support 5.1 fine on a number of cards, have done for a long time. On 23/11/2007, Paul Irofti [EMAIL PROTECTED] wrote: On Wed, Nov 21, 2007 at 09:23:52PM +0300, Nickolay A. Burkov wrote: Hello everyone! Do somebody have success with 5.1 sound ? If so, please recommend PCI Sound Card to work with OpenBSD 4.2 (-CURRENT). I have MARC'ed a bit but similar messages were 1 year ago. I'd like to think that something have been changed.. Thank you for your time. Short answer, get another OS. Windows would be best for amateur sound recording/processing/listening. I don't think the BSDs nor Linux we'll see real 5.1 support for a good period of time. ALSA is trying something at the moment but its very specific and broken most of the time, a hassle really.
Re: Mail Server (seeking recommendations)
On 16/04/07, Shane Harbour [EMAIL PROTECTED] wrote: I'm running Postfix/Dovecot with PostgreSQL (for authorization and mail routing) all from the ports. I've got it setup so that in the near future I can do virtual hosting of my wife's domains. It's pretty simple to setup and there is a examples at postfix.org and dovecot.org. It would be easy enough to right a script (pick your language) or setup a GUI application/web page to administer user accounts. My Personal prefferance is exim4 and courier-imapd. I have come to love exim as an MTA because of it's flexibility, and getting it working with the anti malware toolchain is simple. Everything said above is true for courier as for dovecot... my main gripe with dovecot is the poor developer support and documentation. Courier is by no means brilliant but I find it is easier to use than dovecot. my $0.02c
Re: Zydas zd1211(b) support in OpenBSD
On Tuesday 11 July 2006 23:12, Jonathan Gray wrote: On Tue, Jul 11, 2006 at 08:43:05PM +1200, Joel Wiramu Pauling wrote: Hi all, I really need to know if the zd1211 and zd1211(b) code has been intergrated into OpenBSD yet and good and workable. I need to run one in a server. I saw some traffic about prelim driver a while ago... It is not working yet. If you want something that works today, look at the hardware list for ural(4) if you have to use USB. Thanks have dug out an old rev a dlink prism 2 card for the time being. Kind regards JoelW
Re: Eric Raymond about GPL and BSD
On Wed, 2005-06-08 at 02:44 -0700, Richard P. Koett wrote: Alexey E. Suslikov wrote: original article were in portuguese... http://translate.google.com/translate?u=http%3A%2F%2Fwww.myfreebsd.com.b r%2Fmodules.php%3Fname%3DNews%26file%3Darticle%26sid%3D1262langpair=pt% 7Cenhl=ensafe=offie=UTF-8oe=UTF-8prev=%2Flanguage_tools' And what language is that translation in? Portugaulish?