Very high interrupt load with rl(4)
Hi, I am using a machine with only a 500Mhz VIA cpu as NAT/IPSEC gateway here at the har2009.org camp. Sometimes the internet is hardly usable, loadavg spikes up to 14. When investigating I see 80-90% of the CPU time is because of interupts. Almost all interrupts are for the rl0 and rl1 interface. The interrupt load is not coupled to bandwith usage, we can use 60Mbit without any problems. I know rl(4) cards are crappy but I am wondering what could cause these strange spikes? It must be because of packets per second, but I can't find a offender. Are there any tweaks to mitigate the effects? Right after the load spikes (normally these last for 15 minutes) the IPSEC tunnels are not in a usable state anymore. Does anyone have a workaround for this? Kind regards, Wijnand
Re: Very high interrupt load with rl(4)
Op 13 aug 2009, om 11:38 heeft Robert Blacquiere het volgende geschreven: Hi Wijnand, Having fun @ HAR? :) Hell yeah! ;-) You could try using polling(4) for the rl cards. This could ease interrupts a bit. There is no polling(4). # man polling man: no entry for polling in the manual. Wijnand
Re: Passenger?
Op 11 aug 2009, om 23:49 heeft Jeremy Evans het volgende geschreven: On Tue, Aug 11, 2009 at 12:35 PM, L. V. Lammertl...@omnitec.net wrote: Can seem to find anything in the archives, .. I just finished setting up a Rails app under Passenger on a Linux box - pretty nice! We have a Rails app running with Mongrel on 4.5, but I would really like to use an Apache SSL session; never could get that working with mod_rewrite, however, when we were trying last yeat. Are other folks using Passenger w/apache2, or is there another option for Apache 1.3? I've tried out passenger on nginx, seems to work from my limited testing. The work in progress ports are at: Great, I will test this next month when I return from my holiday! I would love to run this combination on OpenBSD. Wijnand
ypldap, NULL domain !
Hi, I am trying to get ypldap working on a very recent snapshot and I can't figure out what I am doing wrong. It seems ypldap is working just fine: # ypldap -dv startup [debug mode] configuration starting applying configuration connecting to directories starting directory update updates are over, cleaning up trees now flattening trees The domainname is set at startup, portmap runs, ypbind has run (/var/ yp/binding/`domainname`.2 is there). When doing a query: # ypcat passwd No such map passwd.byname. Reason: YP server error the ypldap server says: ypproc_all NULL domain ! Why does it think the domainname isn't set? Did I completely forget to enable something or is this a bug? Kind regards, Wijnand
Re: Someone has working setup of sound in rdesktop?
Op 7 mei 2009, om 08:58 heeft Jacob Meuser het volgende geschreven: On Thu, May 07, 2009 at 08:25:59AM +0200, Tom?? Bod??r wrote: Hi all, I'm trying to bring sound up in connection with Windows XP trough rdesktop(1),but still no success.Googling recommend solutions which I tryied yet and no special info in man page. Here is my script for connection : #!/bin/sh /usr/local/bin/rdesktop -u myname -d domain -g 1440x900 -a 16 -0 -r sound:remote remoteIP Thanks for points I don't expect the audio support (rdpsnd_sun.c) in rdesktop to work for at least two reasons: 1) full-duplex mode must be set explicitely, opening the device O_RDWR is not enough. 2) the 'samples' in struct audio_prinfo is a sample count on Sun OSs but byte counts on BSD OSs. It worked for me 2 years ago. But you should use sound:local as far as I remember. Wijnand
pcn(4) only works in bsd.rd
Hi, I upgraded to the April 14 snapshot (coming from a old august snapshot) and I am not able to get any networking, except when I boot with bsd.rd. I managed to get at least the needed service running by doing: /mnt/usr/sbin/chroot /mnt sh /etc/rc But that is not something I want to continue doing off course. This host is virtualized inside Virtualbox. I know that is not recommended but I cannot change this on the currently used virtualisation grid. I think this is where song45 comes in, could this be caused by ACPI? I just want to be sure it is worth trying to disable it before creating any more downtime. I hope anyone can answer that for me. Kind regards, Wijnand
Re: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly?
Richard Daemon schreef: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly and if so, how? Same problems as reported here: http://www.virtualbox.org/ticket/192 When you enable vt-x it works pretty stable for me, with the 1.5.x series at least. I did not try 1.6 with OpenBSD yet. It is running a public jabber server for months now and everything is used a lot: CPU, Memory and Disks. However, I still think the Virtualbox way of virtualisation is wrong. Wijnand
Re: IPv6 LAN - IPv4 Internet
Jonathan Schleifer schreef: My RIPE handle had an old e-mail and my MNT wasn't reachable, so I told them that. They responded me very quickly and said I should talk to RIPE directly and get the mail changed. Hmm, I have that same issue (need it just for my SixXS account), I should talk to RIPE too I guess :-( Wijnand
Re: the death of the oldest OpenBSD system on the net...
raven schreef: I still use an Pentium 166 with 64 Mb with FreeBSD 5.2 that handle 400 email accounts without problem :) a pic of my beast http://raven.lilik.it/foto/im000785.jpg (it's an old pic) Doesn't matter that much in case of machine pictures, it get's worse with people when the pics are old. Machines get prettier over time. ;-) Wijnand
Re: problems with hoststated and relayd
Sebastian Reitenbach wrote: cut Also a http redirect did not work. I get a timeout in the browser. With tcpdump I see incoming SYN packets to port 80, but they are not answered: cut I am having the same problem with Feb 25 snapshot. It seems no rdr rules are getting loaded into PF. And I was just about to showcase and brag about a very hip setup ;-) Wijnand
Re: problems with hoststated and relayd
Hi Reyk,
thank you for your reply.
Reyk Floeter schreef:
On Mon, Mar 03, 2008 at 10:29:30AM +0100, Wijnand Wiersma wrote:
Sebastian Reitenbach wrote:
cut
Also a http redirect did not work. I get a timeout in the browser. With
tcpdump I see incoming SYN packets to port 80, but they are not answered:
cut
I am having the same problem with Feb 25 snapshot.
It seems no rdr rules are getting loaded into PF.
? the previous bug report was about relays only, it does not load any
rdr rules into PF.
I quoted the part where Sebastian mentioned ordinary redirects failing
too. Maybe I cut too much. Correct Sebastian?
in your case, have you added the relayd anchor to pf.conf?
rdr-anchor relayd/*
Yes, sure I did.
Here is the full config:
# grep -v ^# /etc/relayd.conf
ext_addr=85.158.207.27
webhost1=10.10.11.36
webhost2=10.10.11.37
table webhosts { $webhost1 $webhost2 }
table fallback { 127.0.0.1 }
redirect www {
listen on $ext_addr port http interface carp0
# tag every packet that goes thru the rdr rule with RELAYD
tag RELAYD
forward to webhosts timeout 200 check http / code 200
forward to fallback check icmp
}
# grep -v ^# /etc/pf.conf
ext_if=pcn0
int_if=pcn1
set skip on lo
scrub in
rdr-anchor relayd/*
nat on $ext_if from (carp1:network) - (carp0:0)
block in log
pass out
pass quick on $int_if
pass quick on carp1
antispoof quick for { lo $int_if carp1}
pass quick proto carp
pass quick proto icmp
pass in on $ext_if proto tcp to ($ext_if) port ssh
pass quick proto tcp from any to any port http
I am using the 1 March snapshot now.
Wijnand
Re: relayd http check connection failures; hoststated operates correctly
Armin Wolfermann wrote: If you need a quick workaround duplicate your global timeout in every forward statement. That is indeed a working workaround. However, it seems that nothing is actually loaded. pfctl -a relayd -s Tables returns nothing for example. So maybe there are more things broken in the parser? Wijnand
Re: avoid logging useless ssh brute force attempts
I don't think bogons are able to complete the TCP handshake since you don't know how to route back. Filtering those will not make sure there are less log messages about ssh logins Wijnand
Re: Real men don't attack straw men
On Jan 8, 2008 6:47 PM, Andris [EMAIL PROTECTED] wrote: But you _do_ recommend _Linux_ even when Torvalds' version of Linux is not free software! And let me put this perfectly clear to you: Linus Torvalds develops _Linux_. Period. GNU/Linux means GNU (http://gnu.org/ packages, free software) and Linux (http://kernel.org/, non-free software). GNU promotes itself with a non-free software kernel, they don't even change one letter of it. Because _Linux_, is popular. Yeah, RMS likes to bitch about calling Linux GNU/Linux but it should really be BSD/GNU/Linux. How about that Richard? Wijnand
Re: Bottleneck in httpd. I need help to address capacity issues on max parallel and rate connections
Daniel, Maybe I am about to say something really stupid, but ok, here I go: are you testing from one location only? Maybe that host is the bottleneck itself. Wijnand
Re: Bottleneck in httpd. I need help to address capacity issues on max parallel and rate connections
Daniel Ouellet tried to tell me: Wijnand Wiersma wrote: Daniel, Maybe I am about to say something really stupid, but ok, here I go: are you testing from one location only? Maybe that host is the bottleneck itself. Nothing is stupid for me right now. I am looking for any ideas that can help. Even if that look stupid, I am welling to test it. As for the setup for the test, all servers and client are connected to the same Cisco switch directly. I meant the client being the bottleneck ;-) Sorry for not being clear. Wijnand
Re: 4.1 !
Or even more important: how is the song? Wijnand
Re: wireless ethernet adapters (seeking recommendations)
2007/4/12, Darrin Chandler [EMAIL PROTECTED]: On Thu, Apr 12, 2007 at 02:18:28AM +0200, Maxime DERCHE wrote: A recent thread (04/04/2007) on this list showed that the ralink chipsets are well supported by OpenBSD. If I recall, there was also talk about lower signal strength with ralink. For an access point this is important, but could be mitigated or overcome by a high gain antenna. I have that problem with ural. One stairs up and the signal already goes bad. Both my laptop and AP are using ural. If there are developers who whould like to have more information I am sure willing to provide it. Wijnand
Re: Almost success: OpenBSD on Xen
2007/3/7, Luca Corti [EMAIL PROTECTED]: On Wed, 2007-03-07 at 17:40 +0100, Christoph Peus wrote: BTW: Though XenEnterprise is a commercial product, there's a free version with limited features available too. HVM is not good for non-Windows guests. Without accelerated guest drivers disk and network I/O is very limited. Xen Enterprise ships with optimized guest drivers for Windows. Then it is a useless feature in my opinion. Paravirtualization is probably the way to go for OpenBSD, but I found no info on the status of the Dom0/DomU ports to Xen. That is indeed high on my wish list, I hope there will be big news soon. Wijnand
Re: Quick n Easy template system?
2007/3/1, Subcommander l0r3zz [EMAIL PROTECTED]: All, I'm making a Vmware Virtual Appliance using OpenBSD so one can leverage goodies like pf, bgpd, ipsec, carp, etc in the VM universe. What should I use to create the few config web pages (these can be easily turned off once configuration is complete. I'd like to use something that works with the installed Perl and Apache. The pages don't have to be beautiful but I have a lot to make so I want to be able to layout a lot of forms quickly. Any suggestions? As I said, this is NOT an interface that will be used all the time, just in setting up the VM, after that, the user can disable it if they so desire to alleviate any security concerns. If I understand you correctly template toolkit might be the way to go. Wijnand
Almost success: OpenBSD on Xen
Hi All, I don't know if many of you already tried to run OpenBSD on Xen as a HVM guest, but here is a small report of my attempts this evening. The virtual server runs on a debian sarge with xen packages from the backports debian repository. Hardware is a dell 2950 with cpu virtualisation enabled in BIOS. I had to use Paul's boot iso image (http://www.weirdnet.nl/openbsd/serial/ ) to boot and use the serial console. I could have used the VNC option but all text was too scrambled to be really usefull. At first I attempted to use a physical LVM volume as disk but the installer failed, I think it was wrong about the disk geometry. I will take a look at this later. Second problem: I had to tell xen to emulate a ne2k-pci NIC instead of a rtl8139 (re(4)) NIC. The re(4) card only gave me lots of watchdog timeouts and no packets. Even though lots of those were fixed on current, I still have those errors that's why I am still on ne(4). Due to a strange bug in xen I have to shutdown the virtual machine and start it again to have networking work. When I do a reboot I get re(4) again. If re(4) would work ok this host might actually get very usefull ;-) As you can see in the dmesg the kernel tells me the clock has a unknown CMOS layout but don't worry, the clock works ok ;-) I hope this information is usefull to some of you. here is my dmesg: OpenBSD 4.1-beta (GENERIC) #1400: Thu Feb 22 03:18:10 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Xeon(R) CPU 5130 @ 2.00GHz (GenuineIntel 686-class) 2 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,MMX,FXSR,SSE,SSE2,SS,SBF,SSE3,DS-CPL,CX16,xTPR real mem = 133722112 (130588K) avail mem = 114614272 (111928K) using 1663 buffers containing 6811648 bytes (6652K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+ BIOS, date 06/23/99, BIOS32 rev. 0 @ 0xf9e80, SMBIOS rev. 2.4 @ 0x9f01f (10 entries) bios0: Xen HVM domU apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0x0 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfa120/128 (6 entries) pcibios0: PCI Interrupt Router at 000:01:0 (Intel 82371SB ISA rev 0x00) pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xc/0x8000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82441FX rev 0x02 pcib0 at pci0 dev 1 function 0 Intel 82371SB ISA rev 0x00 pciide0 at pci0 dev 1 function 1 Intel 82371SB IDE rev 0x00: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: QEMU HARDDISK wd0: 16-sector PIO, LBA48, 4027MB, 8248792 sectors wd0(pciide0:0:0): using PIO mode 0, DMA mode 2 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: QEMU, QEMU CD-ROM, 0.8. SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 0, DMA mode 1 Cirrus Logic CL-GD5446 rev 0x00 at pci0 dev 2 function 0 not configured unknown vendor 0x5853 product 0x0001 (class undefined unknown subclass 0x80, rev 0x01) at pci0 dev 3 function 0 not configured re0 at pci0 dev 4 function 0 Realtek 8139 rev 0x20, RTL8139C+ (0x7480): irq 11, address 00:16:3e:23:af:69 rlphy0 at re0 phy 0: RTL internal PHY isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard pmsi0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pmsi0 mux 0 pcdisplay0 at isa0 port 0x3d0/16 iomem 0xb8000/32768 wsdisplay0 at pcdisplay0 mux 1: console (80x25, vt100 emulation), using wskbd0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16450, no fifo pccom0: console fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: density unknown fd1 at fdc0 drive 1: density unknown biomask e76d netmask ef6d ttymask ffef pctr: 686-class user-level performance counters enabled mtrr: Pentium Pro MTRR support nvram: invalid checksum dkcsum: wd0 matches BIOS drive 0x80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 clock: unknown CMOS layout re0: watchdog timeout re0: watchdog timeout re0: watchdog timeout re0: watchdog timeout Regards, Wijnand
Re: dhclient clobbers default route, even though configured not to
What release are you running? I don't have supersede rules in my config but my request line is the same. It works for a firewall with 3 dsl lines with 2 dhcp interfaces. I had it working on 3.9 and 4.0. Regards, Wijnand
Re: [4.0] apmd on toshiba satellite A30
2006/11/6, atstake atstake [EMAIL PROTECTED]: I am running OBSD 4.0-release (i386) on Toshiba Satellite A30. I started apmd and here's my ps output root 10023 0.0 0.1 240 316 ?? Ss 5:57AM0:00.00 apmd But when I do apm it says Battery state: unknown, 0% remaining, unknown life estimate A/C adapter state: not known Performance adjustment mode: manual (3200 MHz) Also, halt -p doesn't work and I need to hard-shutdown. I got powerdown=YES in /etc/rc.shutdown. I have the same thing, but I try to help with acpi testing. http://undeadly.org/cgi?action=articlesid=20061012191523 Running -CURRENT with apmd -f /dev/acpi (and some other flags) I get at least information about the A/C adapter and sometimes a percentage of the battery state. It is not working ok yet (percentage is wrong), but it is more then one month ago. Things are improving and if you like to see more improvements: help with testing at least. Wijnand
Re: Boost OpenBSD security - Zophie for 3.9
2006/7/2, Tomasz Zielinski [EMAIL PROTECTED]: Hello, Zophie is patch that contains new security features for OpenBSD 3.9. BSD license. I have not tested it personaly, but probably it's worth to analyze it and maybe even incorporate. More info: http://www.0penbsd.com/zophie.html, http://akcja.0penbsd.com/zosia/ Development cycle of OpenBSD4.0 support starts tomorrow and will be finished when 4.1 releases?
Re: OpenBSD AJAX
2006/10/24, Marc Espie [EMAIL PROTECTED]: There are two perl frameworks, for instance. And ruby-on-rail is known to rely on java. Ruby on Rails has AJAX features, it includes some javascript libraries (if desired). It does not rely on java.. Wijnand
Re: Happy Birthday OpenBSD!
Congrats OpenBSD. Nice, on Opencon they are still celebrating 10 years of OpenBSD: http://www.opencon.org/program.php Does this mean we get two parties?
make multiple adsl lines reachable
Hi all, I am currently setting up a firewall with multiple adsl lines. I have 2 interfaces configured now and the box can reach the internet. When I ping the second adsl line (without the default route) the packets go back via the first line. I thought I could solve this with: pass in quick on $CAMBRIUMIF tag CAMBRIUM_IN keep state pass out quick route-to $CAMBRIUMGW tagged CAMBRIUM_IN in my pf.conf, but it does not work. So can anyone help me with the right way to do this? Thanks, Wijnand
Re: make multiple adsl lines reachable
Sorry for the noise, it was: pass in quick on $CAMBRIUMIF reply-to ( $CAMBRIUMIF $CAMBRIUMGW ) keep state Wijnand
Re: Letter to OLPC
Good job Theo, now we as a community should start spread the word again. Thank you for being the leader of Openness! Wijnand
Re: XEN
2006/9/8, Will Maier [EMAIL PROTECTED]: On Fri, Sep 08, 2006 at 11:08:49PM +0200, openbsd misc wrote: I wasn't able to figure out if it is possible to run openbsd as xen guest system. Does anyone know? Short answer: not yet, really. Longer answer: people are working on it. The blog post from Anil looks good! I can't wait for OpenBSD to run on xen since I love both. In the most perfect setup OpenBSD would be the dom0 Operating System too. Wijnad
sendmail with milter support by default?
Hi all, I am getting sick and tired of all the crap I'm receiving so I decided to do some spamfiltering on my OpenBSD mailserver. I checked the ports and see several nice milters so I start installing. Later I find out that I need to recompile sendmail with milter support, something I don't like to do. I want to keep my OpenBSD installation as much as the default install as possible. If I do a make build later I don't want to have a broken mail system when I forget to set WANT_LIBMILTER. What are main the reasons this is not enabled by default? Most mailservers could use some filtering options by default. And no, I don't want to replace sendmail with postfix, I always stick to the default on the used operating system. If this was a stupid question, go ahead, flame. A quick archive search did not reveal usefull information to me. Wijnand
Re: sendmail with milter support by default?
2006/8/5, Matthias Kilian [EMAIL PROTECTED]: On Sat, Aug 05, 2006 at 08:22:47PM +0200, Wijnand Wiersma wrote: What are main the reasons this is not enabled by default? Most mailservers could use some filtering options by default. It's enabled for more than two years. Thanks for your answer, Jasper is updating the port descriptions as we speak :-) Wijnand
Re: Nagios check_bioctl available
2006/7/29, andrew fresh [EMAIL PROTECTED]: One thing I ran into is that bioctl needs to run as root to get access to /dev/bio, even for read only access. Is there a way to query bioctl without needing root? Well, I think you only need the status of the drives and that is availlable using sysctl hw.sensors in current (you already mentioned sysctl). A monitoring system should not use the capabilities of bioctl, it just needs to know the status and report that. Now that I think of it, I should add support to the upwatch monitoring system too, but I am not that lucky to have hardware to actually test it :-) Wijnand
Re: BOB is dying.
2006/7/17, Han Boetes [EMAIL PROTECTED]: Tim Donahue wrote: I swear, spam keeps getting wierder and wierder I know a very peculiar fellow named Bob, his health is failing, but I don't think it's that bad. It would be better if Blobs health would be failing.
Re: Hifn policy on documentation
2006/6/13, Hank Cohen [EMAIL PROTECTED]: Folks, There has been some discussion of late on this list about Hifn's policy with respect to releasing documentation to the general public. That discussion lead to a great deal of uninformed speculation and unflattering statement's about Hifn's unfriendliness towards the open source community. I would like to set the record straight. If you guys would stop talking out of your ass and spend your time usefull (read: releasing FREE docs) you would see a increase of sales. Wijnand
using hw.sensors in own software
Hi all,
for a monitoring system I am reading the hw.sensors sysctls using
sysctl(3). To know what that sensor is trying to say to me I check
sensor.desc to see what that sensor is measuring.
lm0 tells me:
hw.sensors.8=lm0, Temp1, temp, 33.00 degC / 91.40 degF
hw.sensors.9=lm0, Temp2, temp, 53.50 degC / 128.30 degF
Admtemp (Japsers machine):
jasper hw.sensors.0=admtemp0, External Temp, 63.00 degC
jasper hw.sensors.1=admtemp0, Internal Temp, 34.00 degC
The description is different, Temp1 vs Internal Temp. Now I am not
quite sure how I should map the sysctls to the values I hope to get,
trying to fill following struct:
typedef struct {
float temp1;
float temp2;
float temp3;
float vc0;
float vc1;
float v33;
float v50p;
float v12p;
float v12n;
float v50n;
int rot1;
int rot2;
int rot3;
} hwstats_t;
Is reading the sensor.desc the right way to do this, and if so, is the
information in sensor.desc consistent across all drivers?
Wijnand
Re: using hw.sensors in own software
2006/6/5, Theo de Raadt [EMAIL PROTECTED]: Is reading the sensor.desc the right way to do this, and if so, is the information in sensor.desc consistent across all drivers? When it comes to i2c devices, we have no idea what is a particular pin on the measuring chip is wired to. There is just no information at all. Only the vendor knows. Sorry. Ok, thank you. I was just wondering about the strings placed in sensors.desc. If they are consistent among all drivers I can use that reliably. Wijnand
Re: using hw.sensors in own software
2006/6/5, Theo de Raadt [EMAIL PROTECTED]: Ok, thank you. I was just wondering about the strings placed in sensors.desc. If they are consistent among all drivers I can use that reliably. We are trying to be somewhat consistant. But don't rely on that. You can't. And you will see what we mean the first time you see an ipmi(4) esm(4), or other such sensor coming from a non-i2c device, where the machine gives us the name. Those are more inconsistant than what we have. If you think you can just do it from the name, then don't -- do it from the sensor type. Ok, best way is trial and error. :-) Thank you for your responses, and the nice sensors framework. Wijnand
Re: Empty root password
On 5/8/06, Lars Hansson [EMAIL PROTECTED] wrote: On Sunday 07 May 2006 18:41, Jonathan Glaschke wrote: If administrators are so dump to use an emtpy password on internet servers, it wouldn't be usefull to force a password. That's not necessarily dumb. If your location is physically secure and you dont allow remote root logins there is no problem with having a blank root password, especially on a router or firewall that only runs a minimal number of services. As far as I know: by default only ssh is a possible way in and guess what: PermitEmptyPasswords When password authentication is allowed, it specifies whether the server allows login to accounts with empty password strings. The default is ``no''. So you don't need to disable remote root logins. Wijnand
Re: install sets as packages
Maybe the installer can stay as is but record the components in de base system as packages in /var/db/pkg so upgrades later on can be performed with pkg_add, in smaller portions. But, I have nothing to complain about the current situation, it works great now. Doing this, and doing it right will take too much developer time. Wijnand
Re: When would you NOT use OpenBSD?
On 4/5/06, Henning Brauer [EMAIL PROTECTED] wrote: I'm sick and tired of this OpenBSD doesn't perform well FUD. It is nothing but FUD or over-generalization. Well, I don't entirely agree. At some tasks OpenBSD feels sluggish, X performs much slower for example then on *sigh* Linux *sigh*. But I was really surprised and happy to see a webserver to be faster then FreeBSD after switching :-) It all depends on the right tool for the job I guess. Wijnand
Re: why is there . [dot] in default PATH?
On 4/3/06, Josh Caster [EMAIL PROTECTED] wrote: That is not a . in the sense of the current directory. .profile is a hidden directory and the . prefix denotes this... What did you smoke? .profile is not a directory and that line DOES add . to your PATH. And I always learned that was a unsafe thing to do. Wijnand -- OpenBSD needs your help improving the softwareworld, please donate: http://openbsd.org/donations.html Yes big code using companies, that includes you!
Re: Jail() vs. chroot()
On 3/26/06, A Rossi [EMAIL PROTECTED] wrote: I've been comparing FreeBSD with OpenBSD as of late for the role of web server. I generally prefer OpenBSD because I find it easier to use (I like finding the configs for my installed applications in /etc not /usr/local/etc among other things) however, jail()-from what I've read-seems to be superior to chroot(), which leads me to my question: why isn't jail() implemented in OpenBSD? It does look like a massive undertaking would be needed to implement it, but code auditing is also a big undertaking as well(unless I am mistaken). I've checked the man pages and the archives and I didn't find the answers there (it's possible that I overlooked them too). Jail really is nice, but you can accomplish the same thing when using chroot + systrace if you just want a single running service per virtual jail. You can make it even tighter then a jail. But ok, it is a lot of work, jails make it easy to implement virtual servers. It is a nice feature, but I don't miss it on OpenBSD. Wijnand -- OpenBSD needs your help improving the softwareworld, please donate: http://openbsd.org/donations.html Yes big code using companies, that includes you!
Re: copying software from the official iso
On 3/24/06, Gabriel George POPA [EMAIL PROTECTED] wrote: It seems to me quite a dangerous discussion. Why not security updates for money? SuSE has made a lot of money... I know you already discussed this, but this feature will make OpenBSD VERY popular. No, that would decrease popularity. Wijnand -- OpenBSD needs your help improving the softwareworld, please donate: http://openbsd.org/donations.html Yes big code using companies, that includes you!
Re: OpenBSD 3.8 ports quality?
On 3/12/06, Ramiro Aceves [EMAIL PROTECTED] wrote: GNOME-PANEL. It crashes very often, so GNOME is not usable. I had the same problem on 3.8 too, I was hoping this was fixed in 3.9. I am sure it is not a hardware error, maybe the malloc changes have something to do with it? Wijnand
Re: OpenBSD 3.8 ports quality?
On 3/12/06, Michael Erdely [EMAIL PROTECTED] wrote: On 3/12/06, Wijnand Wiersma [EMAIL PROTECTED] wrote: On 3/12/06, Michael Erdely [EMAIL PROTECTED] wrote: Gnome is too bloated anyway... try out icewm. Much better. I don't care what you think. You almost sound like some linux kiddo: hey, don't use windows, linux is teh best. Fuck off, I use what I want. Holy cow! You're bitching about Gnome not working and I offered an alternate solution. I _definitely_ deserved to have my head taken off for that (note the sarcasm). icewm is light and fast. If you don't like it, don't use it. Or, better yet, cuss someone out. That will solve all of your problems. No, you were advocating something else I don't want to use. But ok, I should have been friendlier, I apologize. I just hate that kinda behaviour. I have a problem with gnome and the gnome guys should just fix it. Switching is NOT the solution. Wijnand
Re: OpenBSD 3.8 ports quality?
On 3/12/06, Michael Erdely [EMAIL PROTECTED] wrote: On 3/12/06, Greg Thomas [EMAIL PROTECTED] wrote: On 3/12/06, Michael Erdely [EMAIL PROTECTED] wrote: Gnome is too bloated anyway... try out icewm. Much better. If we're getting into religious wars here WindowMaker works great for me. Greg Wow! I'm not trying to start a religious war. Who cares what window manager their using as long as they can conveniently get to the real applications they want to use. I take it back. Trying to help people sucks. No, that doesn't suck. It just wasn't helpfull. I know what other options are around, but I actually like gnome. But they have a broken panel, it will get fixed, no big deal. I was just hoping for someone that actually knows the current status of gnome-panel to respond. And no Micheal, I don't have too much hate in me and if you would know me you wouldn't say that. I just know what I want to run and I hope to see a particular problem solved, I don't need anyone else to tell me to run something entirely different, that is just annoying. I hope you understand my point. Wijnand
Re: OpenBSD 3.8 ports quality?
On 3/12/06, Tobias Weingartner [EMAIL PROTECTED] wrote: On Sunday, March 12, Wijnand Wiersma wrote: I have a problem with gnome and the gnome guys should just fix it. So, go bug the gnome guys. Yes, I know. I didn't bug the OpenBSD guys about this, it is gnome's fault. Wijnand -- OpenBSD needs your help improving the softwareworld, please donate: http://openbsd.org/donations.html Yes big code using companies, that includes you!
Re: How can I delete apache included in the base system?
On 3/10/06, Diogin [EMAIL PROTECTED] wrote: Hello, every one: I am sorry to ask thus stupid question. I have read the FAQ, but I couldn't find any way to delete apache totally. Now I want to use apache 2.0.55, but I'm worry about conflict. Can some one help me? Thans very much! You promise you never post a question on this list again? I don't think you will get much help with this stupid demolition. Don't mess with the base system unless you know what you are doing, and reading your post, you clearly don't. Wijnand -- No virus was found in this outgoing message as I didn't bother looking. This is not an automated signature. I type this in to the bottom of every message.
Re: Pre-orders for our releases.
On 3/10/06, Theo de Raadt [EMAIL PROTECTED] wrote: But financially we are under strain, and it is not letting us grow any of our bigger plans. It sounds like you really have big plans. Maybe it is a good idea to tell about them, maybe that will make the big companies interested in sponsoring some of that work. And what... they'll help us out like they helped us with OpenSSH? Maybe I think too good about people/companies, but maybe if you want to create and a company really likes that they maybe sponsor. If you have big plans and need money for that and that company really needs feature they might think hey let's sponsor this. But I am just guessing, maybe the world we live in is worse than I have in mind. Anyway, keep up the good work. Wijnand
Re: Pre-orders for our releases.
On 3/10/06, Ted Unangst [EMAIL PROTECTED] wrote: On 3/10/06, Wijnand Wiersma [EMAIL PROTECTED] wrote: Maybe I think too good about people/companies, but maybe if you want to create and a company really likes that they maybe sponsor. If you have big plans and need money for that and that company really needs feature they might think hey let's sponsor this. or they could start paying for the features they are already using today. You are very right, but in this sad world that aint gonna happen. If there are big plans, and the companies could benefit from those big plans it might actually make them donate if those plans need real donations. It all depends on how big is the plan and how it will affect the usefullness of OpenBSD. When I read Theo's words in the first post I know for sure he really has big plans. But ok, I will shut up and go on in my little nasty dreamworld. Wijnand
Re: OpenBSD hardware router
I am using a openbrick-e for years now as a home firewall, runs smooth with openbsd. http://shopping.hacom.net/catalog/index.php?cPath=22_45 -- No virus was found in this outgoing message as I didn't bother looking. This is not an automated signature. I type this in to the bottom of every message.
Re: Anonymous sftp
2006/2/3, Joachim Schipper [EMAIL PROTECTED]: On Fri, Feb 03, 2006 at 04:37:12PM -0500, Peter Fraser wrote: Since I believe that everyone agrees that ftp is horrible, particularly for firewalls. How come there is no equivalent to an anonymous sftp. Isn't there? Anonymous ftp is just username/password authentication using a well-known username and any password. Publish the username and the password somewhere, and you have anonymous sftp. And use scponly as login shell of course.
Re: OpenBSD hardware router
While we are at this, are there any small devices like this that can firewall at 1000mbit? I am looking for some nice options for transparant bridges but I don't like to add 1u servers for this in the racks. Wijnand -- No virus was found in this outgoing message as I didn't bother looking. This is not an automated signature. I type this in to the bottom of every message.
Re: /etc default dir and file permissions.
2006/1/28, Anon Y. Mous [EMAIL PROTECTED]: How do I restore the default permissions for /etc $ ls -ald /etc/ drwxr-xr-x 22 root wheel 2560 Dec 12 13:58 /etc/ And I don't think this question needed a dmesg ;-) -- No virus was found in this outgoing message as I didn't bother looking. This is not an automated signature. I type this in to the bottom of every message.
Re: OpenBSD MetaStore: Distributed hosting?
2005/10/22, Jurvis LaSalle [EMAIL PROTECTED]: snip I totally agree!
Re: OpenBSD's 10th birthday
2005/10/18, Jared Solomon [EMAIL PROTECTED]: Happy Birthday, Openbsd. When is someone going to post a Humppa version of Happy Birthday? Humppa Birthday to you! Congratulations Theo and the rest of the gang. You guys do a fine job. Wijnand
Re: scponly vs. vsftpd
2005/10/15, [EMAIL PROTECTED] [EMAIL PROTECTED]: 1. Continue using scponly but with chroot and then linking the directories inside their home directories. I thought scponly has chroot functionality builtin.
Re: Nmap -O... will it be fixed some day?
I have seen this too, but that was a long time ago, I never actually run nmap anymore :-) Maybe it has something to do with some nics? Wijnand
Re: RAID management support coming in OpenBSD 3.8
Theo, this is cool stuff! Very elegant solution. In Linux you have to hope your vendor has some kind of management tool, and if there is one, you have to hope it works. I hope more devices will be supported soon. Wijnand
Re: DBMail on openBSD
I am using it on OpenBSD. I really like it, but performance is poor. Wijnand
Re: 3.8 beta requests
2005/8/23, imEnsion [EMAIL PROTECTED]: snip I wonder what the theme for this release will be... /snip hopefully not something political *cough* the 3.4 release https://https.openbsd.org/images/poster10.jpg I really really liked that one.
Re: phpsysinfo on OpenBSD 3.7 is very (un)informative
Chroot apache?
Re: Major Surprise with xdm on 3.7
I never tried it in OpenBSD, but usually when I already have logged in graphically I can go to a console, type X :1 -query localhost and get another xdm login screen. Wijnand
Re: OpenCVS interview
2005/8/3, Matthias Kilian [EMAIL PROTECTED]: On Wed, Aug 03, 2005 at 11:01:48PM +0200, Wijnand Wiersma wrote: The interview is at http://nedbsd.nl/modules/static/page/JorisVinkInterview | Anything you want to add to this interview? | | Humppa! I wonder wether the 3.8 song will be Humppa style. Seems to be some kind of hype nowadays. That would be nice :-)
altq, not really clear (yet!)
Hi List, In my network I use a adsl line with 8Mbit down, and 512 Kbit up. Therefore the www.benzedrine.cx/ackpri.html trick is handy. But I also have split my network into two different sections: a UNIXnet, and a Windowsnet. I want the UNIXnet to have 60% of the availlable bandwidth to the internet. Rest is for Windowsnet. The two nets are physically separated, the gateway has a interface for both of them. Packets between the both networks should use the full bandwidth. Is this setup doable? And if so, somebody has any pointers to a nice example? Regards, Wijnand
Re: Eric Raymond talks about GPL and BSD licenses on MyFreeBSD.com
2005/6/16, Jasper Lievisse Adriaanse [EMAIL PROTECTED]: Eric Raymond gave an interview on MyFreeBSD.com about the GPL and the BSD licenses. Though on MyFreeBSD.com, it ain't a FreeBSD specific article. Nothing to see there, are you sure about the domainname? Could you provide us with a direct link? Wijnand
Re: perl -MCPAN checksum mismatch on anything
This morning I noticed the exact same problems. Funny, I was trying to install Net::Jabber too. But all modules will fail in the exact same way. Wijnand
Re: Summer of Code ?
2005/6/3, Bob Beck [EMAIL PROTECTED]: For example, let's say you have a particular ethernet card, for which there is support in say, linux, or netbsd, but not in OpenBSD. Find a card for which there is support in both. Now read the source code for both device drivers, and compare how both OS's do things slightly differently. Now use the device driver code from the other OS, and start bringing it over into OpenBSD. Well, don't use the Linux code, it contains a virus called GPL. But reading and comparing is good. Wijnand
Re: OpenCVS vs subversion
I think OpenCVS will deal with several limitations of CVS. I think the OpenBSD folks are the right persons to deal with this. Wijnand
Re: OBSD 3.7 ports -- mysql [offtopic!]
2005/5/25, [EMAIL PROTECTED] [EMAIL PROTECTED]: [installed pSQL from ports so: aggro offtopic] That's nice for MySQL.. I'm still waiting until dataloss will be accapted as DoS-Case so that the PostgreSQL would be updated up to 7.4.8 (but a update to 8.0.3 would be better anyway) http://www.openbsd.org/cgi-bin/cvsweb/ports/databases/postgresql/
Re: How to debug something like this?
It seems that increasing openfiles-cur to infinity works the best in this situation, so I guess this is solved. Gerardo, I will try your updated port soon. Regards, Wijnand
Re: How to debug something like this?
2005/5/24, Gerardo Santana Gsmez Garrido [EMAIL PROTECTED]: Well, never really looked at it. But I was dissapointed 2.0s4 was in ports. My fault. I had been away from the computer for a while for strong reasons, ...hard times. We all forgive you. And that port only had mysql support and I don't want mysql on my server. If you could add a postgresql flavor :-) Done. See patch in ports@ It needs someone to test it though : I will test it on my workstation as soon as I can. It's very straightforward. I'm running it with MySQL. I can help you with PostgreSQL. Thanks. Wijnand
Re: How to debug something like this?
2005/5/23, jared r r spiegel [EMAIL PROTECTED]: On Sun, May 22, 2005 at 06:00:14PM +0200, Wijnand Wiersma wrote: It really hurts my server performance every 15 minutes or so, and my statistics aren't very good either: just a shot in the dark, but are you using apmd? Nope. But for some reason the problems stopped after 10 PM last night. But to be honest, I suspect the xl card. Wijnand
Re: How to debug something like this?
It just happened again, so I was wrong about the nic. Here is a part of the ktrace of jabberd at a busy moment. Not much to see, this scrolls over my screen very fast. 9519 jabberd RET select 0 9519 jabberd CALL sigprocmask(0x3,0xfffefeff) 9519 jabberd RET sigprocmask -2147483648/0x8000 9519 jabberd CALL gettimeofday(0x3c04f144,0) 9519 jabberd RET gettimeofday 0 9519 jabberd CALL sigprocmask(0x1,0) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL sigprocmask(0x3,0) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL sigprocmask(0x1,0) 9519 jabberd RET sigprocmask 0 9519 jabberd CALL sigprocmask(0x3,0xfffefeff) 9519 jabberd RET sigprocmask 0 9519 jabberd CALL gettimeofday(0x3c032e80,0) 9519 jabberd RET gettimeofday 0 9519 jabberd CALL sigpending 9519 jabberd RET sigpending 0 9519 jabberd CALL read(0x4,0x3c032d90,0x80) 9519 jabberd RET read -1 errno 35 Resource temporarily unavailable 9519 jabberd CALL sigprocmask(0x3,0x8000) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL select(0x1b,0x3c032d10,0x3c032c90,0x3c032c10,0x3c032a58) 9519 jabberd RET select 0 9519 jabberd CALL sigprocmask(0x3,0xfffefeff) 9519 jabberd RET sigprocmask -2147483648/0x8000 9519 jabberd CALL gettimeofday(0x3c04f144,0) 9519 jabberd RET gettimeofday 0 9519 jabberd CALL sigprocmask(0x1,0) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL sigprocmask(0x3,0) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL sigprocmask(0x1,0) 9519 jabberd RET sigprocmask 0 9519 jabberd CALL sigprocmask(0x3,0xfffefeff) 9519 jabberd RET sigprocmask 0 9519 jabberd CALL gettimeofday(0x3c032e80,0) 9519 jabberd RET gettimeofday 0 9519 jabberd CALL sigpending 9519 jabberd RET sigpending 0 9519 jabberd CALL read(0x4,0x3c032d90,0x80) 9519 jabberd RET read -1 errno 35 Resource temporarily unavailable 9519 jabberd CALL sigprocmask(0x3,0x8000) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL select(0x1b,0x3c032d10,0x3c032c90,0x3c032c10,0x3c032a58) 9519 jabberd RET select 0 9519 jabberd CALL sigprocmask(0x3,0xfffefeff) 9519 jabberd RET sigprocmask -2147483648/0x8000 9519 jabberd CALL gettimeofday(0x3c04f144,0) 9519 jabberd RET gettimeofday 0 9519 jabberd CALL sigprocmask(0x1,0) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL sigprocmask(0x3,0) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL sigprocmask(0x1,0) 9519 jabberd RET sigprocmask 0 9519 jabberd CALL sigprocmask(0x3,0xfffefeff) 9519 jabberd RET sigprocmask 0 9519 jabberd CALL gettimeofday(0x3c032e80,0) 9519 jabberd RET gettimeofday 0 9519 jabberd CALL sigpending 9519 jabberd RET sigpending 0 9519 jabberd CALL read(0x4,0x3c032d90,0x80) 9519 jabberd RET read -1 errno 35 Resource temporarily unavailable 9519 jabberd CALL sigprocmask(0x3,0x8000) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL select(0x1b,0x3c032d10,0x3c032c90,0x3c032c10,0x3c032a58) 9519 jabberd RET select 0 9519 jabberd CALL sigprocmask(0x3,0xfffefeff) 9519 jabberd RET sigprocmask -2147483648/0x8000 9519 jabberd CALL gettimeofday(0x3c04f144,0) 9519 jabberd RET gettimeofday 0 9519 jabberd CALL sigprocmask(0x1,0) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL sigprocmask(0x3,0) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL sigprocmask(0x1,0) 9519 jabberd RET sigprocmask 0 9519 jabberd CALL sigprocmask(0x3,0xfffefeff) 9519 jabberd RET sigprocmask 0 9519 jabberd CALL gettimeofday(0x3c032e80,0) 9519 jabberd RET gettimeofday 0 9519 jabberd CALL sigpending 9519 jabberd RET sigpending 0 9519 jabberd CALL read(0x4,0x3c032d90,0x80) 9519 jabberd RET read -1 errno 35 Resource temporarily unavailable 9519 jabberd CALL sigprocmask(0x3,0x8000) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL select(0x1b,0x3c032d10,0x3c032c90,0x3c032c10,0x3c032a58) 9519 jabberd RET select 0 9519 jabberd CALL sigprocmask(0x3,0xfffefeff) 9519 jabberd RET sigprocmask -2147483648/0x8000 9519 jabberd CALL gettimeofday(0x3c04f144,0) 9519 jabberd RET gettimeofday 0 9519 jabberd CALL sigprocmask(0x1,0) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL sigprocmask(0x3,0) 9519 jabberd RET sigprocmask -65793/0xfffefeff 9519 jabberd CALL sigprocmask(0x1,0) 9519 jabberd RET sigprocmask 0 9519 jabberd CALL sigprocmask(0x3,0xfffefeff) 9519 jabberd RET sigprocmask 0 9519 jabberd CALL gettimeofday(0x3c032e80,0) 9519 jabberd RET gettimeofday 0 9519 jabberd CALL sigpending 9519 jabberd RET
Re: How to debug something like this?
Hi Stefan, thanks for your reply. 2005/5/23, Stefan Kell [EMAIL PROTECTED]: [...snip...] 9519 jabberd CALL select(0x1b,0x3c032d10,0x3c032c90,0x3c032c10,0x3c032a58) 9519 jabberd RET select 0 [...snip...] 9519 jabberd CALL read(0x4,0x3c032d90,0x80) 9519 jabberd RET read -1 errno 35 Resource temporarily unavailable that's an easy one: jabberd makes an select call, which returns 0 (timeout) and starts a read on a file descriptor which has probably been used in the read-fd-set for select. And this read gives error 35 which is correct as the select has timed out. Details are in man 2 select, man read and man 2 intro. This is a programming error. For you this is easy :-) Should I raise the openfiles-cur for jabber? Now the difficult part: jabberd does not make the select call by itself but uses GNU-pth also called portable-threads. Somewhere inside this beast there must be the culprit but I don't have the time or patience to look into this unless I know the version of pth which you have been using. pth-1.4.1 from the 3.7-RELEASE ports. Wijnand
Re: How to debug something like this?
2005/5/23, Stefan Kell [EMAIL PROTECTED]: Should I raise the openfiles-cur for jabber? Don't know, I am not the specialist for jabber :-( Well, just raised it to test. pth-1.4.1 from the 3.7-RELEASE ports. ports or packages? Ports. I have looked at the pth-code and it seems to me that jabberd might loop if it has absolutely nothing to do. Than pth might start to simply poll which is cpu intensive. But someone else with better knowledge about the changes between OpenBSD 3.5 and 3.7 should have a look at it. Well, it looks like it occures at times when you expect to be more online users. Sorry for not more help Your help was great, thank you. Wijnand
Re: IMAP servers
I use DBmail with postgresql, and I like it :-) Too bad sieve is not supported yet, I also like sieve. Wijnand
How to debug something like this?
Hi all, this maybe offtopic, but I am almost desparate. Last night I migrated the nedbsd.nl 3.5 server to a other machine running 3.7. The specs are the same, except for the network card. On 3.5 I used fxp0, now I use xl0. Everything works fine (well, I do miss nullfs but use loopback nfs as a substitute now), except for the jabber services. I use jabberd 1.4.3.1 and switched the aim/icq/msn transports to python based transports. Jabberd itself is compiled exactly the same way and uses the same configuration. For some reason jabberd sometimes eats 50% CPU and the loadavg goes up to 16. ktrace did not reveal something usefull, systat and top did not tell me much either. How can I find what is causing this? It really hurts my server performance every 15 minutes or so, and my statistics aren't very good either: http://public.jabbernet.dk/mrtg/nedbsd.nl.html I am obviously unreachable sometimes. Regards, Wijnand
Re: IMAP servers
2005/5/22, Frank Denis (Jedi/Sector One) [EMAIL PROTECTED]: On Sun, May 22, 2005 at 05:49:04PM +0200, Wijnand Wiersma wrote: I use DBmail with postgresql, and I like it :-) Too bad sieve is not supported yet, I also like sieve. DBMail supports sieve, but this is still experimental. It is in the tree, but not supported :-) (sounds like nullfs in OpenBSD) However with IMAP, client-side filtering is quite fast. True, but I like server side filtering.
Re: OpenBSD 3.7 Torrents are now available
Lots of mirrors are missing the same files! Wijnand
