Ellipitc Curves: off-topic
Does anybody know a tutorial on implementing such curves in ANSI C? Thank in advance.
ypldap
Dear list members, i am reading What's new for OpenBSD 4.4. It is stated about the initial import of ypldap(8). But, i cannot locate the ypldap daemon. Do you know where is it? Thanks a lot.
Strange behavior in OBSD 4.3 default kernel
Dear lis member, i am running into a problem with rwhod. Although rwhod is enables in rc.conf.local, when i run rwho and ruptime i got nothing: [EMAIL PROTECTED] rwho rwho: no hosts in /var/rwho. [EMAIL PROTECTED] ruptime ruptime: no hosts in /var/rwho. [EMAIL PROTECTED] But, when i run rup and rusers, i get: [EMAIL PROTECTED] rusers siouxgw.my.domain:ttyp0 Nov 02 21:45 (10.0.0.16) siouxlion.my.domain:ttyp0 Nov 02 21:45 (10.0.0.16) [EMAIL PROTECTED] [EMAIL PROTECTED] rup gw.my.domain 9:48pm up 3 mins, load average: 0.29 0.37 0.18 lion.my.domain 9:48pm up 6 mins, load average: 0.17 0.26 0.15 [EMAIL PROTECTED] What am i doing wrong ? Thanks for your support. jn.
Re: OpenBSD on IBM System X3550 7879
I have tried on an IBM server, but could not get it working. If you succed, let me know. I believe raid controller is not supported. Regards, Gustavo. On Thu, Oct 23, 2008 at 3:49 PM, Ricardo Augusto de Souza [EMAIL PROTECTED] wrote: Hi, I am trying to install openBSD 4.3 -stable in a IBM System X3550 7879 (https://www-304.ibm.com/systems/support/supportsite.wss/docdisplay?lndocid=M IGR-64315brandind=508 ) but install didn4t found hard disks. I used IBM Server Guide to create array. My server has 4GB RAM. HD is SATA 15000 RPM. Anyone already run openBSD in a server like this? Suggestions? Thanks
OpenLDAP
Dear members list, i would like to know if openldap (in ports collection) will be shipped with suport for BDB in openbsd 4.4 ports infra structure? Thanks a lot for your time and cooperation. Best regards, John.
OT: elliptic curve crypto
Dear list members, i am searching for a tutorial on this regards that explain howto implement it using ANSI C (I don't really care about the math background abot this subject). May some one point me the URL for a tutorial on this regard? Thanks a lot for your time and cooperation. Best regards.
problem running some admin tools
Dear list, i am trying to get some network information by usage of rup, ruptime, rusers, rwho. Some applications simple starve others given an error message. Does anybody have any ideia about what my mistaken is? [EMAIL PROTECTED] ps axwwu | grep rwho root 24599 0.0 0.1 264 592 ?? Ss 4:40PM0:00.11 rwhod [EMAIL PROTECTED] rup ^C [EMAIL PROTECTED] ruptime ruptime: no hosts in /var/rwho. [EMAIL PROTECTED] rwho rwho: no hosts in /var/rwho. [EMAIL PROTECTED] rusers ^C [EMAIL PROTECTED] -p localhost program vers proto port 102 tcp111 portmapper 102 udp111 portmapper 132 udp 2049 nfs 133 udp 2049 nfs 132 tcp 2049 nfs 151 udp820 mountd 133 tcp 2049 nfs 153 udp820 mountd 151 tcp800 mountd 153 tcp800 mountd 111 udp695 rstatd 112 udp695 rstatd 113 udp695 rstatd 121 udp848 rusersd 122 udp848 rusersd 123 udp848 rusersd 181 udp606 walld 1000121 udp875 sprayd 1000111 udp663 rquotad [EMAIL PROTECTED] The line with ^C is because the process did not returned information for a long period. Thanks a lot for your time and cooperation.
OpenLDAP
Hi, is there any chance the next openbsd release holds an unbroken OpenLDAP? Thanks in advance.
Re: OpenLDAP
I am in need for performance. Is replacing bdb with ldbm a good ideia? Thanks once more. On Wed, Sep 3, 2008 at 10:28 AM, Henning Brauer [EMAIL PROTECTED] wrote: * John Nietzsche [EMAIL PROTECTED] [2008-09-03 13:22]: is there any chance the next openbsd release holds an unbroken OpenLDAP? I'd say the chance of ever having an unbroken OpenLDAP release on any OS is pretty damn low. that said, openldap works as well on openbsd as it does on other oses. the only thing that does not work in 4.4 is the bdb backend. but then, the bdb backend has almost ever been terrible, so you are better off using another one anyway. i recommend ldbm. you will have to use slapcat and slapadd to convert your database. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
OpenLDAP and BDB: i am desperated
Hi list, i have just installed OpenBSD and i would like to use it (the server with OpenBSD) as a directory services. When i try to install openldap from ports i am prevented with the following message: === openldap-client-2.3.39 is marked as broken: OpenLDAP 2.3 is incompatible with Berkeley DB 4.6. I have installed all possible combinations fo bdb version, one each time and both version at the same time. What's my error ? Thanks in advance and best regards, JN.
Changing password in kerberized environment is not working.
Hi folks, i have configured my openbsd kerberos server. It is serving two other computer in my home network. One of this client is running openbsd the other is Windows XP. I am able to login into any of these 2 client and authentication goes through kerberos 100% successful. I can log in to the server 100% ok. After logged in any given machine, i can reach another through obtaining a service ticket, what gives me a SSO enviroment. The problem is that i cannot change password from any of those machine, i got the following: [EMAIL PROTECTED] passwd -K [EMAIL PROTECTED]'s Password: New password: Verifying password - New password: Reply from server: Authentication failed [EMAIL PROTECTED] [EMAIL PROTECTED] passwd -K [EMAIL PROTECTED]'s Password: New password: Verifying password - New password: Reply from server: Authentication failed [EMAIL PROTECTED] And on windows i get a screen witht he following: 1326: Logon failure: unknow user or bad password. What i cannot understand is why i can login on any of the machine, but cannot change password. What am i doing wrong? OpenBSD machine is 4.3 stable and the other, Windows XP. Kerberos(heimdal) is the standard that comes with OpenBSD 4.3
openbsd web server failure
Hi, i am migrating a web application from a linux server to an openbsd one. I am having a hard time trying to execute a cgi program, the only thing i get on the browser is: Software error: Can't locate Bio/SearchIO.pm in @INC (@INC contains: /usr/libdata/perl5/amd64-openbsd/5.8.8 /usr/local/libdata/perl5/amd64-openbsd/5.8.8 /usr/libdata/perl5 /usr/local/libdata/perl5 /usr/local/libdata/perl5/site_perl/amd64-openbsd /usr/libdata/perl5/site_perl/amd64-openbsd /usr/local/libdata/perl5/site_perl /usr/libdata/perl5/site_perl /usr/local/lib/perl5/site_perl .) at /asd/var/data/html/cgi-bin/blastXtract.cgi line 9. BEGIN failed--compilation aborted at /asd/var/data/html/cgi-bin/blastXtract.cgi line 9. For help, please send mail to the webmaster ([EMAIL PROTECTED]), giving this error message and the time and date of the error Does anybody know the path to the right portage for installation? Thanks in advance.
Re: openbsd web server failure
Thank you Peter! I installed bioperl and it worked. On Mon, Aug 4, 2008 at 10:20 AM, Peter N. M. Hansteen [EMAIL PROTECTED] wrote: John Nietzsche [EMAIL PROTECTED] writes: Software error: Can't locate Bio/SearchIO.pm in @INC (@INC contains: [**snippage** ] Does anybody know the path to the right portage for installation? I wouldn't claim to *know*, but the last time I had a similar problem, I did a web search on OpenBSD path/Filename.pm and it gave me enough information to figure out which packages I needed to install. In this specific case, searching for OpenBSD Bio/SearchIO.pm gave me exactly one reference, but enough to conclude that the port /usr/ports/biology/bioperl or the matching package is a likely solution (after a locate) Hope this helps, -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
bioctl output
Dear users, i have just installed openbsd 4.3 in my dell server and everything went ok except for on stuff that is teasing me up. It's the bioctl output: robigo# bioctl mfi0 Volume Status Size Device mfi0 0 Online 299439751168 sd0 RAID1 0 Online 3000 1:0.0 noencl SEAGATE ST3300655SS S527 1 Online 3000 1:1.0 noencl SEAGATE ST3300655SS S527 mfi0 1 Online 898319253504 sd1 RAID5 0 Online 3000 1:2.0 noencl SEAGATE ST3300655SS S527 1 Online 3000 1:3.0 noencl SEAGATE ST3300655SS S527 2 Online 3000 1:4.0 noencl SEAGATE ST3300655SS S527 3 Online 3000 1:5.0 noencl SEAGATE ST3300655SS S527 mfi0 2 Hot spare 292968750 1:6.0 noencl SEAGATE ST3300655SS S527 robigo# Below the RAIDX type column i am seeing noencl. How can i change that? BTW: i am running on a Dell PowerEdge 2900. Thanks in advance.
Trouble trying to install texlive
Dear friends, i am trying to get texlive installed in my computer. Inside the directory i saw: robigo# pwd;ls -l /usr/ports/print/texlive total 28 drwxr-xr-x 2 root wheel 512 Mar 7 20:59 CVS -rwxrwxr-x 1 root wheel 173 Nov 2 2007 Makefile -rw-rw-r-- 1 root wheel 388 Sep 7 2007 Makefile.inc drwxr-xr-x 5 root wheel 512 Jul 24 15:03 base drwxr-xr-x 4 root wheel 512 Nov 2 2007 texmf-docs drwxr-xr-x 4 root wheel 512 Jul 24 15:01 texmf-full drwxr-xr-x 5 root wheel 512 Jul 24 15:02 texmf-minimal robigo# I would like to install texmf-full and base. But i realized that base depends on texmf-minimal. I am obligated to install texmf-mininall and ended up with the following packages: base, texmf-full and texmf-minimal and base What is the diference between texmf-full and textmf-minimal? Thanks a lot for your time and cooperation. best regards.
Re: bioctl output
at pci1 dev 0 function 0 Intel 6321ESB PCIE rev 0x01 pci2 at ppb1 bus 5 ppb2 at pci2 dev 0 function 0 Intel 6321ESB PCIE rev 0x01 pci3 at ppb2 bus 6 ppb3 at pci3 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc3 pci4 at ppb3 bus 7 bnx0 at pci4 dev 0 function 0 Broadcom BCM5708 rev 0x12: apic 8 int 16 (irq 10) ppb4 at pci2 dev 1 function 0 Intel 6321ESB PCIE rev 0x01: apic 8 int 16 (irq 0) pci5 at ppb4 bus 8 ppb5 at pci1 dev 0 function 3 Intel 6321ESB PCIE-PCIX rev 0x01 pci6 at ppb5 bus 9 ppb6 at pci0 dev 3 function 0 Intel 5000 PCIE rev 0x12: apic 8 int 16 (irq 0) pci7 at ppb6 bus 10 ppb7 at pci0 dev 4 function 0 Intel 5000 PCIE rev 0x12: apic 8 int 16 (irq 0) pci8 at ppb7 bus 11 ppb8 at pci0 dev 5 function 0 Intel 5000 PCIE rev 0x12 pci9 at ppb8 bus 1 mfi0 at pci9 dev 0 function 0 Symbios Logic SAS1078 rev 0x04: apic 8 int 16 (irq 10), Dell PERC 6/i integrated mfi0: logical drives 2, version 6.0.2-0002, 256MB RAM scsibus0 at mfi0: 2 targets sd0 at scsibus0 targ 0 lun 0: DELL, PERC 6/i, 1.11 SCSI3 0/direct fixed sd0: 285568MB, 36404 cyl, 255 head, 63 sec, 512 bytes/sec, 584843264 sec total sd1 at scsibus0 targ 1 lun 0: DELL, PERC 6/i, 1.11 SCSI3 0/direct fixed sd1: 856704MB, 109214 cyl, 255 head, 63 sec, 512 bytes/sec, 1754529792 sec total ppb9 at pci0 dev 6 function 0 Intel 5000 PCIE x8 rev 0x12: apic 8 int 16 (irq 0) pci10 at ppb9 bus 12 ppb10 at pci0 dev 7 function 0 Intel 5000 PCIE rev 0x12 pci11 at ppb10 bus 13 pchb1 at pci0 dev 16 function 0 Intel 5000 Error Reporting rev 0x12 pchb2 at pci0 dev 16 function 1 Intel 5000 Error Reporting rev 0x12 pchb3 at pci0 dev 16 function 2 Intel 5000 Error Reporting rev 0x12 pchb4 at pci0 dev 17 function 0 Intel 5000 Reserved rev 0x12 pchb5 at pci0 dev 19 function 0 Intel 5000 Reserved rev 0x12 pchb6 at pci0 dev 21 function 0 Intel 5000 FBD rev 0x12 pchb7 at pci0 dev 22 function 0 Intel 5000 FBD rev 0x12 ppb11 at pci0 dev 28 function 0 Intel 6321ESB PCIE rev 0x09 pci12 at ppb11 bus 2 ppb12 at pci12 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc3 pci13 at ppb12 bus 3 bnx1 at pci13 dev 0 function 0 Broadcom BCM5708 rev 0x12: apic 8 int 16 (irq 10) uhci0 at pci0 dev 29 function 0 Intel 6321ESB USB rev 0x09: apic 8 int 21 (irq 15) uhci1 at pci0 dev 29 function 1 Intel 6321ESB USB rev 0x09: apic 8 int 20 (irq 14) uhci2 at pci0 dev 29 function 2 Intel 6321ESB USB rev 0x09: apic 8 int 21 (irq 15) uhci3 at pci0 dev 29 function 3 Intel 6321ESB USB rev 0x09: apic 8 int 20 (irq 14) ehci0 at pci0 dev 29 function 7 Intel 6321ESB USB rev 0x09: apic 8 int 21 (irq 15) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb13 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xd9 pci14 at ppb13 bus 14 vga0 at pci14 dev 13 function 0 ATI ES1000 rev 0x02 wsdisplay0 at vga0 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pcib0 at pci0 dev 31 function 0 Intel 6321ESB LPC rev 0x09 pciide0 at pci0 dev 31 function 2 Intel 6321ESB SATA rev 0x09: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide0: using apic 8 int 23 (irq 11) for native-PCI interrupt atapiscsi0 at pciide0 channel 1 drive 0 scsibus1 at atapiscsi0: 2 targets cd0 at scsibus1 targ 0 lun 0: HL-DT-ST, DVD-ROM GDRH20N, 0D04 SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 5 usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 midi0 at pcppi0: PC speaker uhub5 at uhub0 port 7 Cypress Semiconductor USB2 Hub rev 2.00/0.0b addr 2 uhidev0 at uhub3 port 1 configuration 1 interface 0 Dell Dell USB Optical Mouse rev 2.00/43.01 addr 2 uhidev0: iclass 3/1 ums0 at uhidev0: 3 buttons and Z dir. wsmouse0 at ums0 mux 0 uhidev1 at uhub3 port 2 configuration 1 interface 0 Dell Dell USB Keyboard rev 1.10/3.06 addr 3 uhidev1: iclass 3/1 ukbd0 at uhidev1: 8 modifier keys, 6 key codes wskbd1 at ukbd0 mux 1 wskbd1: connecting to wsdisplay0 softraid0 at root root on sd0a swap on sd0b dump on sd0b bnx1: address 00:1e:4f:37:27:39 brgphy0 at bnx1 phy 1: BCM5708C 10/100/1000baseT PHY, rev. 6 bnx0: address 00:1e:4f:37:27:3b brgphy1 at bnx0 phy 1: BCM5708C 10/100/1000baseT PHY, rev. 6 On Thu, Jul 24, 2008 at 4:51 PM, Frangois Chambaud [EMAIL PROTECTED] wrote: John Nietzsche [EMAIL PROTECTED] writes: Dear users, i have just installed openbsd 4.3 in my dell server and everything went ok except for on stuff
FFS2
Dear OpenBSD friends, how may i format a slice with FFS2? and what to put into /etc/fstab Thanks.
Memory not detected
Dear OpenBSD user, i am installing openbsd 4.3 on a dell poweredge 2900 hardware. It has 8GB RAM but openbsd seems to detect only 4 GB. Any suggestions on this matter (i would like to have openbsd detecting 8 GB)? Thanks for your time and cooperation. Best regards.
Dell PowerEdge 2900
Dear users, i have just finnished installing OpenBSD on my server. I am not familiar with bioctl, but here i my bioctl output: robigo# bioctl mfi0 Volume Status Size Device mfi0 0 Online 299439751168 sd0 RAID1 0 Online 3000 1:0.0 noencl SEAGATE ST3300655SS S527 1 Online 3000 1:1.0 noencl SEAGATE ST3300655SS S527 mfi0 1 Scrubbing598879502336 sd1 RAID10 0% done 0 Online 3000 1:2.0 noencl SEAGATE ST3300655SS S527 1 Online 3000 1:3.0 noencl SEAGATE ST3300655SS S527 2 Online 3000 1:4.0 noencl SEAGATE ST3300655SS S527 3 Online 3000 1:5.0 noencl SEAGATE ST3300655SS S527 robigo# What does Scrubbing mean? Thanks in advance
bioctl commands sequence
Dear OpenBSD community, I have installed openbsd 4.3 on a dell poweredge server. It holds 7 hard disk, 6 of them were grouped together into two virtual disks. I would like the 6th disk to works as a step, but i don't know how to do it. A bioctl command output is here: robigo# bioctl -i mfi0 Volume Status Size Device mfi0 0 Online 299439751168 sd0 RAID1 0 Online 3000 1:0.0 noencl SEAGATE ST3300655SS S527 1 Online 3000 1:1.0 noencl SEAGATE ST3300655SS S527 mfi0 1 Scrubbing598879502336 sd1 RAID10 0% done 0 Online 3000 1:2.0 noencl SEAGATE ST3300655SS S527 1 Online 3000 1:3.0 noencl SEAGATE ST3300655SS S527 2 Online 3000 1:4.0 noencl SEAGATE ST3300655SS S527 3 Online 3000 1:5.0 noencl SEAGATE ST3300655SS S527 robigo# Only 6 disks are used, by the 6th is not even show, why ? I would like to emulate a disk failure, is that possible? Thanks in advance.
Re: Memory not detected
i am running amd64! Thanks On Wed, Jul 23, 2008 at 2:37 PM, Zamri Besar [EMAIL PROTECTED] wrote: On Wed, Jul 23, 2008 at 10:59 PM, John Nietzsche [EMAIL PROTECTED] wrote: Dear OpenBSD user, i am installing openbsd 4.3 on a dell poweredge 2900 hardware. It has 8GB RAM but openbsd seems to detect only 4 GB. Any suggestions on this matter (i would like to have openbsd detecting 8 GB)? Thanks for your time and cooperation. Best regards. Are you running amd64 or i386 or else? -- Thank you. Zamri Besar
Intel Xeon 64 Bit
Dear gentleman, i am planning to install openbsd on a 64 bit intel dual core server. But, i believe that openbsd plataform i386 runs only on 32 bit mode. Which plataform should i choose from http://www.openbsd.org/plat.html ? Thanks in advance.
Re: Lastet supported jdk on OpenBSD
Does it mean web browser plugin availability too? On Fri, May 16, 2008 at 10:34 PM, Matthew Szudzik [EMAIL PROTECTED] wrote: On Fri, May 16, 2008 at 09:03:17PM -0300, John Nietzsche wrote: i would like to add support for java on my 4.3 openbsd desktop. Has anybody already done so? May you point a url where i could download the package(s) from? As the previous posters have pointed out, there are no JDK binary packages available for OpenBSD 4.3--you have to fetch and build the JDK from source yourself. But in OpenBSD 4.4 (which will be released in November), that situation will change, and binary packages for Java will be available. See http://www.undeadly.org/cgi?action=articlesid=20080321023803
Lastet supported jdk on OpenBSD
Dear users, i would like to add support for java on my 4.3 openbsd desktop. Has anybody already done so? May you point a url where i could download the package(s) from? Thanks in advance.
Re: Window Manager
Does anybody knows how to get multiple workspace in openmotif that comes with openbsd 4.3 ? Thanks in advance. On Sun, May 4, 2008 at 9:29 PM, Gonzalo Lionel Rodriguez [EMAIL PROTECTED] wrote: I dont know if it is the place to ask it, but that window manager uses? And why? Regards
Re: Editing C with...
for me, vi and vim are the ones. Would you mind explaining me i am just learning C applied in networking area ? On Sat, May 3, 2008 at 2:56 PM, Jordi Espasa Clofent [EMAIL PROTECTED] wrote: Yes, I know, it's completely a dumb question; but I'm curious about it. I'm just learning C applied in networking area and I wonder what editor is preferred by OpenBSD developers. At present moment I use vim. -- Thanks, Jordi Espasa Clofent
OT: ibm x3550 on dell rack 4210 model
I am building my openbsd farm and i were given a set of ibm x3550 server. I wonder if they can be organized inside a dell rack model 4210? Have anyone already accomplished that? Or is anyone aware if it is possible? thanks in advance.
Dell RAID controller
Dear gentleman, i am setting a dell server to run openbsd 4.3. I am aware dell perc 6i and 6e are supported, what about dell perc SAS 6e? Thank in advance.
openbsd hosting services
Hello, i am in need to host my web application on third party web hosting services, but i have had no luck searching one. My trivial need is common: php, MySQL, web server, ASP with support to MySQL. But i do need a shell server that supports building and compiling programs in C with support for MySQL. I need a shell access to an openbsd that support cron services and allows me to code and compile and build ANSI C code that will handle database work by connect to an MySQL Server. Does anybody suggest anything ? Thanks in advance.
Re: openbsd hosting services
Because shell access is supposed to be on openbsd. On Mon, Mar 17, 2008 at 3:34 PM, L. V. Lammert [EMAIL PROTECTED] wrote: At 03:14 PM 3/17/2008 -0300, John Nietzsche wrote: Hello, i am in need to host my web application on third party web hosting services, but i have had no luck searching one. My trivial need is common: php, MySQL, web server, ASP with support to MySQL. Why would you be asking a BSD list for Windoze hosting? Lee
something like LTSP for openbsd
Dear gentleman, is there a version of LTSP for openbsd? I mean: OpenBSD Terminal Server Project! thanks in advance.
OT: fully interconnect switches: interesting problem
Dear gentleman/madam, i was given 4 2724 dell powerconnect switches and only 6 patch cords. Besides that, i was given a challenge to connect them each other having a full interconnection schema (thanks my classes on graph theory, i could do it using only 6 patch cords). So, given any two switches there is a direct path between them. Instead of cascading, this approach avoid a single point of failure and allows, for instance, a uplink of 3 Gb/s between any given two switches and reduces patch cords usage (my graph edges in this scenario). The problem raises when i turn them on: After some time (from seconds to 1 or even 2 minutes) the switches go crazy. I cannot even ping the ip assigned to the switch i am connected directly not to mention a desktop located on another switch. Is there any configuration that could be done to allow such interconnection shema ? thanks in advance. PS: please, forgive me my OT message, but i am really desperated. Could some one point me a better list to place my message?
Re: What is our ultimate goal??
Hey folks, i have been writing software about 6 year since i finnished my university course. OpenBSD has always been impressive to my eyes. Since correctness/security is conditio sine qua non, i disagree as a group of developer has it as goal. Goal should be performance, portability usability. But correctness/security should be a requirement. I am very confident about software i wrote. But in order to obtain paramount performance i am taking a totally different approach. Since process and even thread are not a good ideia. i am working now to learn a little bit more about SDL (specification and description language). Not only my systems became faster, a lot faster but also, very, very, very modular. I am not in kernel design/implementation, so i would like to hear from you all about an approach driven by this method. I was thinking about the advantages of having very modular part of a OS, being executed on each processor (of a SMP system), and like. It sounds very interesting to me. thanks. On Feb 17, 2008 9:03 AM, Mayuresh Kathe [EMAIL PROTECTED] wrote: Hi, NOTE: No intention to behave like a troll. I've been following the multi-threaded ssh/scp thread and read Ted's comment that he's stopped working on the kernel threads code because he doesn't have the time for it nor does he need it any more. Also that multi-threaded ssh/scp would weaken security features within the OS. It just led me to ponder, what is OpenBSD's ultimate goal? Is it just to become the worlds most secure OS with as few remote holes in the default install? Shouldn't it also be our goal to be the best UNIX-like operating system which is in tune with the current needs of users? It would have been great to have a threaded kernel, there are developer's I'm gathering around who wanted to change the TCP/IP stack to make it higher performance, more like Project FireEngine under Solaris 10. OpenBSD is an OS with amazing security and stability, but it has too few modern features. It would be great if developers also start working on improving the features currently offered by OpenBSD. Else, we would end up becoming the world's most secure OS which is used by just a handful of us faithful users. You might ask what right do I have for this rant, what am I doing for OpenBSD? Well I can't donate code directly as I'm a Java programmer and my C is quite rusty (haven't coded in it in over 7 years). But, yes, I do donate my time and money, indirectly, by recruiting good C developers to the cause as well as buying stuff for core developers off their wish lists. Hope newer features get added, not that I'm unhappy with the OS (it does almost everything I need an OS to do for me), but it would be great if we had *more* smart developers and a wider base of good users who get attracted to the OS for its robustness as well as feature-set. Best, ~Mayuresh
multiple amd files served by nis
Hello, i am planning a network whose desktop will be contacting a set o NFS server. The NFS exported directories will be mounted using amd. Looking at NIS i realized it supports only a single amd description file. I would like to suggest a variable be added to NIS make file in order to allow a sysadmin to handle more than a single file, in current scenario: amd.home. What you think of this suggestion? Thanks in advance.
OFF-TOPIC: xdm/gdm linux + openbsd 4.2 Kerberos KDC (i am losing my hairs)
Dear folks, i am losing my hear. I am in need to get a gentoo linux desktop (note: running garbage stuff like linux is not my choice but a user requirement) to authenticate through kerberos. For now i could do it only on console tty and sshd server. But when i try to auth in the local xdm/gdm they fails to do so. Does anybody have any idea on how to handle such? The only thing necessary to have console tty and sshd working was: [EMAIL PROTECTED] /etc/pam.d $ cat system-auth #%PAM-1.0 auth required pam_env.so auth sufficient pam_unix.so try_first_pass likeauth nullok auth sufficient pam_krb5.so use_first_pass debug auth required pam_deny.so accountrequired pam_unix.so password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 try_first_pass retry=3 password sufficient pam_unix.so try_first_pass use_authtok nullok md5 shadow password required pam_deny.so sessionrequired pam_limits.so sessionrequired pam_unix.so How to get xdm/gdm ? Thanks a lot for your time and cooperation. Best regards.
vlan configuration: off-topic
Dear gentleman, i am starting with vlan topic right now. I am in need to get two dell powerconnect 2724 switches to implement 3 vlan. I know how to configure the ports for desktops, but i am having a hard time configuring the port(s) that should interconnect the switches itself. Since the traffic in the ports (one in each switch) can handle traffic for every 3 vlan (once there are desktops of the 3 vlan on each switch), how should i configure those uplink ports? Thanks a lot for your time and cooperation. Best regards. PS: Does anybody suggest a more specific mailing list on this regards.
Pretty hard times with openbsd yp server
Dear gentleman, i am trying to get nis server working with my 4.1 openbsd server, but until up to now. I am having problems related to two things: First, suppose i update a given user entry in the input file for the server build procedure. After issuing a make inside /var/yp/`domainname` everything is built ok, but ypserv continues to serve old data. Important to realize that makedbm -u show the new data as expected. Second, i have a netgroup file under my nis server, but after adding some entry for netgroup wihtin passwd (using vipw), only the first user of the member list for a given netgroup name is used. When i try to finger a user listed into the second list member and so on, it is show as username not found, or something like that. But, when i use ypatch sysop netgroup every list member is returned. Any ideia? Thanks in advance.
nis is not updating
Dear gentleman, i am facing a strange nis behavior after i update my domain database. After i change the input data for the domain by means of issueing make ypserv stills serves the older data set. Some debuging stuff: lion# ypcat netgroup (,dnscache,),(,dnslog,),(,tinydns,) (,alias,),(,qmaild,),(,qmaill,),(,qmailp,),(,qmailq,),(,qmailr,),(,qmails,) (,sioux,) lion# makedbm -u netgroup YP_LAST_MODIFIED 1189006343 YP_MASTER_NAME lion.my.domain djbdns (,dnscache,),(,dnslog,),(,tinydns,) qmail (,alias,),(,qmaild,),(,qmaill,),(,qmailp,),(,qmailq,),(,qmailr,),(,qmails,) sysop (,sioux,),(,grios,) lion# I am having a hard with all that. Thanks in advance for your time and cooperation. best regards.
Centralized ports collection server
Dear gentleman, i would like to set a single box in my network to keep syncronized to the ports collection infra structure. My ideia is to export the directory /usr/ports to all my local connected machines. So, there would be no need to sync them all. I would like to be able to build the utilities/lib/etc once and be able to install them every machine with the same hardware/OS version. Is that possible? How show be my /etc/exports control configuration file? Thanks in advance. PS: Is this an elegant way to achieve low stress environment?
YP server: i am desperated.
Dear gentleman, i have setted my NIS server using openbsd 4.1. In order to get things easier to manage, i decide the have a directory a part for my input file for nis database building process. So, i change the /var/yp/`domainname`/Makefile variables the point to the amd directory and etc directory from /etc/amd and /etc to /asd/etc/amd and /asd/etc. I have written and common input file for nis on those new directories, like hosts, netgroup, etc More specially, the master.passwd and group files. I have populated the last two too. When i issue make inside /var/yp/`domainname`. The databases are built ok, no problem. But things get strange, when i try to login into a client nis on my network. Although i have setted a password for a nis user in /asd/etc/master.passwd. That password is not allowed neither on the client not the server box. But if after typing the login, i hit return and return i am able to login without a password; what is the equivalent of a password of . Does anybody have any ideia where i am mistaken?
Re: NIS: how to fetch input files from another directory than /etc (please, i am desperated)
Let's go for a detailed report: My files are: lion# cat /asd/etc/master.passwd sioux:$2a$08$B8PLPgdw18I.TlnZC8RnZezg1Ed8gQL8WU/4rpxdyGdOk/PO/9Ude:1000:1000:mojave:0:0::/home/sioux:/bin/sh mysql:*:1001:1002:mojave:0:0::/home/mysql:/usr/bin/false oldap:*:1002:1002:mojave:0:0::/home/oldap:/usr/bin/false dnscache:*:1003:1005:mojave:0:0::/home/dnscache:/usr/bin/false dnslog:*:1004:1005:mojave:0:0::/home/dnslog:/usr/bin/false tinydns:*:1005:1005:mojave:0:0::/home/tinydns:/usr/bin/false ftp:*:1006:1008:mojave:0:0::/asd/var/ftp:/sbin/nologin alias:*:1007:1006:mojave:0:0::/var/qmail/alias:/usr/bin/true qmaild:*:1008:1006:mojave:0:0::/var/qmail:/usr/bin/true qmaill:*:1009:1006:mojave:0:0::/var/qmail:/usr/bin/true qmailp:*:1010:1006:mojave:0:0::/var/qmail:/usr/bin/true qmailq:*:1011:1007:mojave:0:0::/var/qmail:/usr/bin/true qmailr:*:1012:1007:mojave:0:0::/var/qmail:/usr/bin/true qmails:*:1013:1007:mojave:0:0::/var/qmail:/usr/bin/true grios:*:2002:2000:ordinary:0:0::/home/grios:/bin/sh lion# cat /asd/etc/passwd sioux:*:1000:1000::/home/sioux:/bin/sh mysql:*:1001:1002::/home/mysql:/usr/bin/false oldap:*:1002:1002::/home/oldap:/usr/bin/false dnscache:*:1003:1005::/home/dnscache:/usr/bin/false dnslog:*:1004:1005::/home/dnslog:/usr/bin/false tinydns:*:1005:1005::/home/tinydns:/usr/bin/false ftp:*:1006:1008::/asd/var/ftp:/sbin/nologin alias:*:1007:1006::/var/qmail/alias:/usr/bin/true qmaild:*:1008:1006::/var/qmail:/usr/bin/true qmaill:*:1009:1006::/var/qmail:/usr/bin/true qmailp:*:1010:1006::/var/qmail:/usr/bin/true qmailq:*:1011:1007::/var/qmail:/usr/bin/true qmailr:*:1012:1007::/var/qmail:/usr/bin/true qmails:*:1013:1007::/var/qmail:/usr/bin/true grios:*:2002:2000::/home/grios:/bin/sh lion# ypcat passwd alias:*:1007:1006::/var/qmail/alias:/usr/bin/true dnscache:*:1003:1005::/home/dnscache:/usr/bin/false dnslog:*:1004:1005::/home/dnslog:/usr/bin/false ftp:*:1006:1008::/asd/var/ftp:/sbin/nologin grios:*:2002:2000::/home/grios:/bin/sh mysql:*:1001:1002::/home/mysql:/usr/bin/false oldap:*:1002:1002::/home/oldap:/usr/bin/false qmaild:*:1008:1006::/var/qmail:/usr/bin/true qmaill:*:1009:1006::/var/qmail:/usr/bin/true qmailp:*:1010:1006::/var/qmail:/usr/bin/true qmailq:*:1011:1007::/var/qmail:/usr/bin/true qmailr:*:1012:1007::/var/qmail:/usr/bin/true qmails:*:1013:1007::/var/qmail:/usr/bin/true sioux:*:1000:1000::/home/sioux:/bin/sh tinydns:*:1005:1005::/home/tinydns:/usr/bin/false lion# ypcat master.passwd alias:*:1007:1006:mojave:0:0::/var/qmail/alias:/usr/bin/true dnscache:*:1003:1005:mojave:0:0::/home/dnscache:/usr/bin/false dnslog:*:1004:1005:mojave:0:0::/home/dnslog:/usr/bin/false ftp:*:1006:1008:mojave:0:0::/asd/var/ftp:/sbin/nologin grios:*:2002:2000:ordinary:0:0::/home/grios:/bin/sh mysql:*:1001:1002:mojave:0:0::/home/mysql:/usr/bin/false oldap:*:1002:1002:mojave:0:0::/home/oldap:/usr/bin/false qmaild:*:1008:1006:mojave:0:0::/var/qmail:/usr/bin/true qmaill:*:1009:1006:mojave:0:0::/var/qmail:/usr/bin/true qmailp:*:1010:1006:mojave:0:0::/var/qmail:/usr/bin/true qmailq:*:1011:1007:mojave:0:0::/var/qmail:/usr/bin/true qmailr:*:1012:1007:mojave:0:0::/var/qmail:/usr/bin/true qmails:*:1013:1007:mojave:0:0::/var/qmail:/usr/bin/true sioux:$2a$08$B8PLPgdw18I.TlnZC8RnZezg1Ed8gQL8WU/4rpxdyGdOk/PO/9Ude:1000:1000:mojave:0:0::/home/sioux:/bin/sh tinydns:*:1005:1005:mojave:0:0::/home/tinydns:/usr/bin/false lion# ypwhich -x Use passwd for passwd.byname Use group for group.byname Use networks for networks.byaddr Use hosts for hosts.byaddr Use protocols for protocols.bynumber Use services for services.byname Use aliases for mail.aliases Use ethers for ethers.byname lion# ypwhich localhost.my.domain lion# makedbm -u master.passwd.byname YP_LAST_MODIFIED 1188681297 YP_MASTER_NAME lion.my.domain YP_SECURE alias alias:*:1007:1006:mojave:0:0::/var/qmail/alias:/usr/bin/true dnscache dnscache:*:1003:1005:mojave:0:0::/home/dnscache:/usr/bin/false dnslog dnslog:*:1004:1005:mojave:0:0::/home/dnslog:/usr/bin/false ftp ftp:*:1006:1008:mojave:0:0::/asd/var/ftp:/sbin/nologin grios grios:*:2002:2000:ordinary:0:0::/home/grios:/bin/sh mysql mysql:*:1001:1002:mojave:0:0::/home/mysql:/usr/bin/false oldap oldap:*:1002:1002:mojave:0:0::/home/oldap:/usr/bin/false qmaild qmaild:*:1008:1006:mojave:0:0::/var/qmail:/usr/bin/true qmaill qmaill:*:1009:1006:mojave:0:0::/var/qmail:/usr/bin/true qmailp qmailp:*:1010:1006:mojave:0:0::/var/qmail:/usr/bin/true qmailq qmailq:*:1011:1007:mojave:0:0::/var/qmail:/usr/bin/true qmailr qmailr:*:1012:1007:mojave:0:0::/var/qmail:/usr/bin/true qmails qmails:*:1013:1007:mojave:0:0::/var/qmail:/usr/bin/true sioux sioux:$2a$08$B8PLPgdw18I.TlnZC8RnZezg1Ed8gQL8WU/4rpxdyGdOk/PO/9Ude:1000:1000:mojave:0:0::/home/sioux:/bin/sh tinydns tinydns:*:1005:1005:mojave:0:0::/home/tinydns:/usr/bin/false lion# makedbm -u master.passwd.byuid 1000 sioux:$2a$08$B8PLPgdw18I.TlnZC8RnZezg1Ed8gQL8WU/4rpxdyGdOk/PO/9Ude:1000:1000:mojave:0:0::/home/sioux:/bin/sh 1001 mysql:*:1001:1002:mojave:0:0::/home/mysql:/usr/bin/false 1002
Re: 10G cards for 4.2
I have a simple doubt: Can openbsd sustain I/O at 10 Gb/s (or even close to that) on a network card ? On 8/21/07, ACP [EMAIL PROTECTED] wrote: On Mon, 20 Aug 2007, Chris Cappuccio wrote: These cards are in the $5000 range and if you are lighting up fiber then you need some xenpaks that start around $1000 to $15000 ea. (If you want to light up strands from, say, Lansing to Ann Arbor, you would be using the $15000 part at each end, one with a 60 mile rating anyways) Before you go out and buy some, you might want to make sure that openbsd can handle the packet per second load that you expect to have. You may find that you have to use commercial switching gear to get what you really want. Stephan Andre' [EMAIL PROTECTED] wrote: I'm looking at the possibility of helping get a 10G speed network running. This is new territory to me--for OpenBSD purposes, are there more solid drivers out there? I'm told that the machine would want to exchange a lot of data, constantly (video stuff). Part of my consideration would also be what 10G companies have been open source friendly with hardware, etc. If I can I'd like to spend money somewhere that deserves it. Ideas? Thanks, STeve Andre' Stephan Chris is spot on with the handle the packet per second load that you expect to have comment. 10G driver support is relatively nascent on OpenBSD. The pricing however is a little high, especially if you look at other O/S besides OpenBSD. The Myricom's are very price competitive, even with the optics. I know OpenBSD developers have Myri cards, and support is on the horizon. reyk and loki have been doing the 10G work, perhaps one or the other will chime in. my devalued US$.02 worth diana
ftp-proxy
Dear gentleman, i have just setted up a new natted firewall server after some period of inactivity. I got surprised with the new ftp-proxy utility! Now, it writes new pf rules, the prior one did not! I feel like unconfortable by the current ftp-proxy approach, since i cannot understand the rationale behind it. thanks a lot for your time and cooperation. best regards.
resolv.conf.save
Does anybody know what is this file about? Why is it there? May i remove it ? Thanks in advance.
Disk array controller
Does openbsd support any disk array controller for usage in DELL SAN solutions? Is anyone using any? Thanks in advance.
Multi terabyte filesystems
Dear list members, is there plans for openbsd to support multi terabyte filesystems? Which release should i expect to see such support? Thanks in advance.
Re: Only one core of an amd X2 4600 is in use
I believed when openbsd kernel took control, it did not matter the bios stuff. On 6/26/07, Jeroen Massar [EMAIL PROTECTED] wrote: Stephan Andreas wrote: See my dmesg.txt Multicoreprocessor support is enabled in BIOS and I boot the bsd.mp. I have upgraded my system from 4.1 to a current snapshot of OpenBSD 4.1, but the problem is the same. [..] acpi at mainbus0 not configured Is ACPI disabled on your box? - check your BIOS that it is on. cpu0 at mainbus0: (uniprocessor) It only sees one CPU, most likely due to missing ACPI. [..] WARNING: NVRAM century is 32 but RTC year is 2007 Clearly something is wrong with the config of the BIOS. try resetting it or turning some knobs. Greets, Jeroen [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
OpenBSD 4.1 and Dell PowerEdge 2900
Dear gentleman, i am trying to install openbsd 4.1 on dell poweredge 2900. Everything from turnning on the machine to cd booting was ok, but when i get to the point of installing it (that part when i am given the options: Upgrade, Install and Shell? ) its usb keyboard is not working. I left with the only option to manually poweroff the machine. Does anybody have any ideia ? Thanks in advance.
APC UPSD
Dear gentleman, i realized apc-upsd port in 4.1 does not support USB UPS devices. Is anyone here aware of a patch for it? Thanks in advance. Best regards.
Re: APC UPSD
I would like to try nut! Does anybody have it working with APC USB UPS ? Could you send me you configuration file? Thanks in advance. On 5/20/07, Patrick Cummings [EMAIL PROTECTED] wrote: Date: Sat, 19 May 2007 13:11:39 -0300 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: APC UPSD What about USB support? Is there any in ports collection supoprting USB? Thanks in advance. On 5/19/07, Patrick Cummings [EMAIL PROTECTED] wrote: Date: Sat, 19 May 2007 03:48:49 -0300 From: [EMAIL PROTECTED] To: misc@openbsd.org Subject: APC UPSD Dear gentleman, i realized apc-upsd port in 4.1 does not support USB UPS devices. Is anyone here aware of a patch for it? Thanks in advance. Best regards. Hi, the apcupsd port is very old, so it should not be used. You can try the latest source from their website, which seems to work well for most people, if you follow their instructions carefully. I personnally use it with an USB SmartUPS 1500. Soyez parmi les premiers ` essayer Windows Live Mail. Not for apc-upsd. Your can try nut, available as a package. It will work with usb since the port is up-to-date. However, as I said, apc-upsd works perfectly for me with usb, using the version from their official website that I compiled from source. There is also upsd that you can try, also not available as a package, you must compile from source. Soyez parmi les premiers ` essayer Windows Live Mail.
Mysql POrts installation
Dear gentleman, i am trying to install mysql on my openbsd 4.1 server. But i would like to change the user and group names from _mysql, _mysql to mysql, dba. I have change a set of files: pkg/PLIST-server:@newgroup dba:1002 pkg/PLIST-server:@newuser mysql:1001:dba:daemon:MySQL Account:/nonexistent:/sbin/nologin patches/patch-scripts_mysql_install_db_sh:+user=mysql patches/patch-scripts_mysqld_safe_sh:+user=mysql patches/patch-scripts_mysql_install_db_sh:+group=dba patches/patch-scripts_mysqld_safe_sh:+group=dba ./Makefile: --with-mysqld-user=mysql \ But it does not seem to be enough? Is there anything i forgot? Thank you a lot for your time and cooperation. Best regards.
extenal storage and backup
Dear gentleman, i am searching a dell 1u rack server for usage with openbsd 4.1 as a storage (nfs) device. I wonder which external backup option have you been using since? Thanks in advance.
Re: extenal storage and backup
On 5/16/07, Jason Dixon [EMAIL PROTECTED] wrote: On Wed, 16 May 2007 11:10:06 -0300, John Nietzsche [EMAIL PROTECTED] wrote: Dear gentleman, i am searching a dell 1u rack server for usage with openbsd 4.1 as a storage (nfs) device. I wonder which external backup option have you been using since? Talk about your generic questions. Do you want a direct-attached SCSI backup drive? A direct-attached SCSI library w/robot? A usb drive? A NetApp SAN with hot snapshots? Dump-over-ssh to a network server? What's your budget? What is your restore plan? I am considering a dell solution for rack infra-structure. A standard library approach. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net
Re: Troubleshooting NFS/SFU
Dear folks, i am trying to get my windows boxes access nfs directly by means of SFU, too! I would like to have a global mount, say drive g: to mount from my home directories. Is it possible? How have you been doing in order to get a global drive mapping? Thanks in advance. On 5/14/07, David Higgs [EMAIL PROTECTED] wrote: I've tried to configure NFS and am nearly all the way there, but it seems like I've hit a pretty big stumbling block. I've got OpenBSD 4.1-stable (10.0.0.1) with an NFS export of my home directory. I also have a Windows XP machine (10.0.0.2) and installed the SFU 3.5 NFS client. [/etc/exports] /home/david -mapall=david:guest -network=10.0.0.0 -mask=255.255.255.0 I can successfully mount this share locally and perform both reads and writes. Without any of SFU's User Name Mapping configured, I can mount the share with uid/gid of -2/-2 as advertised. Appropriately, I cannot access any files or directories that are not world-readable. However, inside a chmod-777 directory, I cannot create files or directories (which might be as expected). After configuring User Name Mapping to map my Windows account to the UNIX account, I can mount the share with the expected uid/gid. Although I can read user-only files and directories, I still cannot create any files or directories. Windows keeps reporting that the drive has write-protection enabled. I know this isn't a SFU help forum, but any ideas to try or tips on troubleshooting the NFS side is more than welcome. Thanks in advance. --david P.S. On an unrelated sidenote, does mountd always bind to the same ports by default? If not, is there a way to fix them at certain values, so that PF rules can be written to match? Linux rpc.mountd(8) supposedly has a -p option that can be used for this purpose.
openbsd and dell PE 860 1u rack server
Dear gentleman, i am considering a Dell PE 860 1u rack server for usage as my network storage server (nfs). I wonder about reports from the openbsd comunity using it with openbsd 4.0/4.1 on stability and performance. What you guys/girls have to report? It is worth its price? Another question: I am familiar with SAS raid controller. Formerly, U320 SCSI one were required to have dual/quad channels (internal/external) if more discs were required to be supported. Is the channels (internal/external) ideia sound within SAS RAID world ? thanks in advance.
ftp and pf (nat)
Dear gentleman/madam, i have installed my openbsd firewall and i am trying to get ftp client behind working. It is working nicely. But, when i try to lookup and the nat rules inserted by ftp-proxy, i get nothing : [EMAIL PROTECTED] pfctl -sn -a '*' nat-anchor ftp-proxy/* all nat-anchor neif on pppoe0 all nat-anchor niif_0 on sis0 all rdr-anchor ftp-proxy/* all rdr-anchor reif on pppoe0 all rdr-anchor riif_0 on sis0 all [EMAIL PROTECTED] pfctl -sn -a 'ftp-proxy/*' I am very confused on why it is not showed anything. Thanks in advance.
Re: ftp and pf (nat)
According to pf FAQ: With passive mode FTP (the default mode with OpenBSD's ftp(1) client), the client requests that the server pick a random port to listen on for the data connection. The server informs the client of the port it has chosen, and the client connects to this port to transfer the data. Unfortunately, this is not always possible or desirable because of the possibility of a firewall in front of the FTP server blocking the incoming data connection. OpenBSD's ftp(1) uses passive mode by default; to force active mode FTP, use the -A flag to ftp, or set passive mode to off by issuing the command passive off at the ftp prompt. ok! I am really having a bad time with this issue! Not to get it working but to understand it. If ftp-proxy does not insert rules how does the outgoing traffic is permitted across the firewall for a dynamic port choosen by the server? Thanks once more. On 5/14/07, Joachim Schipper [EMAIL PROTECTED] wrote: On Mon, May 14, 2007 at 01:24:07PM -0300, John Nietzsche wrote: Dear gentleman/madam, i have installed my openbsd firewall and i am trying to get ftp client behind working. It is working nicely. But, when i try to lookup and the nat rules inserted by ftp-proxy, i get nothing : [EMAIL PROTECTED] pfctl -sn -a '*' nat-anchor ftp-proxy/* all nat-anchor neif on pppoe0 all nat-anchor niif_0 on sis0 all rdr-anchor ftp-proxy/* all rdr-anchor reif on pppoe0 all rdr-anchor riif_0 on sis0 all [EMAIL PROTECTED] pfctl -sn -a 'ftp-proxy/*' I am very confused on why it is not showed anything. I'm fairly certain ftp-proxy only inserts rules for active FTP sessions, and removes them as soon as they are no longer active. Joachim -- TFMotD: vgrind (1) - grind nice listings of programs
Re: ftp and pf (nat)
Yes, i was receiving file. But a look as ftp-proxy (8) : In case of active mode (PORT or EPRT): rdr from $server to $proxy port $port - $client pass quick inet proto tcp \ from $server to $client port $port In case of passive mode (PASV or EPSV): nat from $client to $server port $port - $proxy pass in quick inet proto tcp \ from $client to $server port $port pass out quick inet proto tcp \ from $proxy to $server port $port So i understand ftp-proxy injects rules for both connection type. What am i missing ? On 5/14/07, Joachim Schipper [EMAIL PROTECTED] wrote: On Mon, May 14, 2007 at 02:43:34PM -0300, John Nietzsche wrote: On 5/14/07, Joachim Schipper [EMAIL PROTECTED] wrote: On Mon, May 14, 2007 at 01:24:07PM -0300, John Nietzsche wrote: Dear gentleman/madam, i have installed my openbsd firewall and i am trying to get ftp client behind working. It is working nicely. But, when i try to lookup and the nat rules inserted by ftp-proxy, i get nothing : [EMAIL PROTECTED] pfctl -sn -a '*' nat-anchor ftp-proxy/* all nat-anchor neif on pppoe0 all nat-anchor niif_0 on sis0 all rdr-anchor ftp-proxy/* all rdr-anchor reif on pppoe0 all rdr-anchor riif_0 on sis0 all [EMAIL PROTECTED] pfctl -sn -a 'ftp-proxy/*' I am very confused on why it is not showed anything. I'm fairly certain ftp-proxy only inserts rules for active FTP sessions, and removes them as soon as they are no longer active. According to pf FAQ: With passive mode FTP (the default mode with OpenBSD's ftp(1) client), (...) ok! I am really having a bad time with this issue! Not to get it working but to understand it. If ftp-proxy does not insert rules how does the outgoing traffic is permitted across the firewall for a dynamic port choosen by the server? Oops, poor word choice. 'Active FTP sessions' was not intended to mean 'sessions using active FTP' (as opposed to passive FTP), but 'FTP sessions that are active' (i.e., connected). ftp-proxy does insert rules in anchrors, but only for sessions that are connected at that time. In other words, were you actually sending FTP data across your firewall when you looked in the table? Joachim -- TFMotD: systrace (4) - enforce and generate policies for system calls
Re: ftp and pf (nat)
Ok! I am really having a bad times playing with ftp-proxy!
It is working, but rules inserted are not showed, like in:
[EMAIL PROTECTED] pfctl -sn -a 'ftp-proxy/*'
[EMAIL PROTECTED] pfctl -sr -a 'ftp-proxy/*'
[EMAIL PROTECTED] pfctl -sr -a '*'
scrub out on pppoe0 all max-mss 1452 fragment reassemble
block return log all
anchor * all {
pfctl: DIOCGETRULES: Invalid argument
}
anchor feif on pppoe0 all {
pass in log from any to (pppoe0) flags S/SA keep state (if-bound)
pass out log from (pppoe0) to any flags S/SA keep state (if-bound) !
tagged NAT
pass out log proto tcp from (pppoe0) to any port = www flags S/SA keep state (
if-bound) tagged NAT
pass out log proto tcp from (pppoe0) to any port = https flags S/SA
keep state (if-bound) tagged NAT
pass out log proto tcp from (pppoe0) to any port = 5999 flags S/SA
keep state (if-bound) tagged NAT
}
anchor fiif_0 on sis0 all {
pass in log from (sis0:network) to (sis0) flags S/SA keep state (if-bound)
pass in log from (sis0:network) to (sis0:broadcast) flags S/SA keep
state (if-bound)
pass out log from (sis0) to (sis0:network) flags S/SA keep state (if-bound)
pass in log proto tcp from (sis0:network) to ! (sis0) port = www
flags S/SA keep state (if-bound)
pass in log proto tcp from (sis0:network) to ! (sis0) port = https
flags S/SA keep state (if-bound)
pass in log proto tcp from (sis0:network) to ! (sis0) port = 5999
flags S/SA keep state (if-bound)
pass in log proto tcp from (sis0:network) to (lo0:0) port = 8021
flags S/SA keep state (if-bound) tagged RDR_0
}
block return in log on ! lo0 from (lo0:network) to any
block return in log on sis0 from (sis0:broadcast) to any
block return in log on ! sis0 from (sis0:network) to any
block return in log on ! sis0 from any to (sis0:broadcast)
block return in log on sis0 inet from any to 127.0.0.0/8 ! tagged RDR_0
block return in log on ! pppoe0 from (pppoe0) to any
block return in log on pppoe0 from any to net ! tagged RDR
block return in log inet from 255.255.255.255 to any
block return in log inet from any to 0.0.0.0/8
Does anybody have any ideia why? (i tried during passive/active data transfer).
I really thank you for your time and cooperation.
Very best regards.
On 5/14/07, Joachim Schipper [EMAIL PROTECTED] wrote:
On Mon, May 14, 2007 at 02:43:34PM -0300, John Nietzsche wrote:
On 5/14/07, Joachim Schipper [EMAIL PROTECTED] wrote:
On Mon, May 14, 2007 at 01:24:07PM -0300, John Nietzsche wrote:
Dear gentleman/madam,
i have installed my openbsd firewall and i am trying to get ftp client
behind working.
It is working nicely. But, when i try to lookup and the nat rules
inserted by ftp-proxy, i get nothing :
[EMAIL PROTECTED] pfctl -sn -a '*'
nat-anchor ftp-proxy/* all
nat-anchor neif on pppoe0 all
nat-anchor niif_0 on sis0 all
rdr-anchor ftp-proxy/* all
rdr-anchor reif on pppoe0 all
rdr-anchor riif_0 on sis0 all
[EMAIL PROTECTED] pfctl -sn -a 'ftp-proxy/*'
I am very confused on why it is not showed anything.
I'm fairly certain ftp-proxy only inserts rules for active FTP sessions,
and removes them as soon as they are no longer active.
According to pf FAQ:
With passive mode FTP (the default mode with OpenBSD's ftp(1)
client), (...)
ok! I am really having a bad time with this issue! Not to get it
working but to understand it. If ftp-proxy does not insert rules how
does the outgoing traffic is permitted across the firewall for a
dynamic port choosen by the server?
Oops, poor word choice. 'Active FTP sessions' was not intended to mean
'sessions using active FTP' (as opposed to passive FTP), but 'FTP
sessions that are active' (i.e., connected).
ftp-proxy does insert rules in anchrors, but only for sessions that are
connected at that time. In other words, were you actually sending FTP
data across your firewall when you looked in the table?
Joachim
--
TFMotD: systrace (4) - enforce and generate policies for system calls
OT: unix/openbsd printer support
Dear gentleman/madam, some time ago, i reached an internet site on printing information for unix deployment. There there was information for hundreds of printer from lots of manufacturers. Including information on how-well was a given printer supported. Now i have lost such reference (i mean the site url) and to the best of my recollections i can't recollect. I wonder if some here has already deployed such in openbsd environment and knows the site i am talking about. Thanks a lot for your time and cooperation. best regards.
rdate issue
Dear gentleman/madam, i have a home network composed of 1 gateway and two boxes. All of them running openbsd 4.1 of course. I decided to get the time syncronization for all those boxes. In the gateway machine, i managed to get the following in crontab: */5 * * * * /usr/sbin/rdate -4ncva ptbtime1.ptb.de | /usr/bin/logger -t NTP In the other two boxes (lion and etosha) i have: */5 * * * * /usr/sbin/rdate -4cva gw | /usr/bin/logger -t NTP Everything is working ok except because of those two boxes always have a time about 20/22 seconds after my gateway time, like in the output for date command: [EMAIL PROTECTED] date Sun May 13 23:04:35 BRT 2007 [EMAIL PROTECTED] date Sun May 13 23:04:59 BRT 2007 [EMAIL PROTECTED] date Sun May 13 23:04:59 BRT 2007 Does anybody have any ideia about why it is happening ? Thanks in advance. best regards.
Unfamiliar (to me only) ports behavior
Dear gentleman/madam, i have just installed openbsd 4.1. I am very happy with it, but something i was not expecting is happening: As an ordinary user (belonging to the group wheel) i switched to the ports collection directory (/usr/ports/x11/openmotif) and issued i make fetch. I got surprised when the tarball started to be dowloaded in /usr/ports/distfiles although its sticky bit is not on. May someone here explain me how it is possible? Thanks in advance.
Re: Unfamiliar (to me only) ports behavior
I am not playing with sudoers file! This just a bare install. $ ls -ld /usr/ports /usr/src drwxrwxr-x 46 root wheel 1024 May 10 03:21 /usr/ports drwxrwxr-x 18 root wsrc512 Mar 11 16:19 /usr/src Isn't it strange that the ports/src directories have write bit group permission on? $ cd /usr/ports/distfiles/ $ ls -ld . openmotif drwxr-xr-x 3 sioux wheel 1536 May 10 06:01 . drwxr-xr-x 2 sioux wheel 512 May 10 03:17 openmotif $ cat /etc/mk.conf cat: /etc/mk.conf: No such file or directory $ Thanks in advance. On 5/10/07, Clint Pachl [EMAIL PROTECTED] wrote: John Nietzsche wrote: Dear gentleman/madam, i have just installed openbsd 4.1. I am very happy with it, but something i was not expecting is happening: As an ordinary user (belonging to the group wheel) i switched to the ports collection directory (/usr/ports/x11/openmotif) and issued i make fetch. I got surprised when the tarball started to be dowloaded in /usr/ports/distfiles although its sticky bit is not on. May someone here explain me how it is possible? Please provide some more info: $ cd /usr/ports/distfiles $ ls -ld . openmotif* $ cat /etc/mk.conf Did you grant yourself permission in the sudoers file? Disclaimer: I am not running 4.1
Re: Unfamiliar (to me only) ports behavior
Dear users, just one more question: which umask directive should my cvsup files (for src and ports collection) should have? Now, i am using umask=0002. Thanks once more. On 5/10/07, Marc Espie [EMAIL PROTECTED] wrote: On Thu, May 10, 2007 at 06:11:49AM -0300, John Nietzsche wrote: I am not playing with sudoers file! This just a bare install. $ ls -ld /usr/ports /usr/src drwxrwxr-x 46 root wheel 1024 May 10 03:21 /usr/ports drwxrwxr-x 18 root wsrc512 Mar 11 16:19 /usr/src Isn't it strange that the ports/src directories have write bit group permission on? No.
Re: order
I am facing the same scenario. On 5/8/07, Paolo Supino [EMAIL PROTECTED] wrote: Hi Does anyone know how I can contact Austin@ except emails? My CDs and book have yet to arrive (preorderd on the day orders were opened) and I'm not getting any feedback/reaction via email :-( TIA Paolo
Re: Dell 1950 under OpenBSD
Dear Schoeler,
Is it possible to attached serially one to other PERC 5/i and have the
server storage capacity extended ?
Thanks in advance.
On 4/2/07, Timo Schoeler [EMAIL PROTECTED] wrote:
On Mon, 02 Apr 2007 12:36:48 +0200
carlopmart [EMAIL PROTECTED] wrote:
Hi all,
Somebody have test it this Dell server under OpenBSD 4.0? this server use
SAS
or SATA disk with PERC 5/i controller, are they supported under OpenBSD 4.0?
Many thanks.
--
CL Martinez
carlopmart {at} gmail {d0t} com
yep,
works for me like a charm; however, i tested with 4.1 snapshots. if you like i
can verify it with 4.0.
best,
timo
