Re: VPN between OpenBSD Gateway and a mac
Bryan Irvine wrote on 23/04/10 17:49: I use poptop (ports) with great success on built-in mac VPN client. with which release of macos/openbsd/poptop ? I'm interested to your complete configuration. I tried some openbsd vpn with macos and iphone and have not managed to it (not much time to work it either) few thread on this http://marc.info/?l=openbsd-miscm=122702887819130w=2 http://marc.info/?l=openbsd-miscm=127201138316305w=2 (third-party software VPN Tracker on Macos) http://marc.info/?l=openbsd-miscm=119835036017217w=2 http://sourceforge.net/projects/poptop/forums/forum/146880/topic/3104778 Thanks for feedback Cheers, Julien
Re: Sed and GNU-like
I want to add a small extra difference which annoys me between bsd and GNU sed $ echo Foo | sed 's/foo/fuu/i' sed: 1: s/foo/fuu/i: bad flag in substitute command: 'i' it seems bsd sed has no support for case-insenstive flag. right ? Best regards, Jul
problem with dhcpd on a bridge ?
I have setup a bridge following the faq http://www.openbsd.org/faq/faq6.html#Bridge (no filtering) $ cat /etc/bridgename.bridge0 add sis0 add sis2 up $ cat /etc/hostname.sis0 192.168.x.x 255.255.255.0 192.168.1.255 description LAN $ cat /etc/hostname.sis2 up $ brconfig bridge0 bridge0: flags=41UP,RUNNING priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp designated: id 00:00:00:00:00:00 priority 0 sis2 flags=3LEARNING,DISCOVER port 3 ifpriority 0 ifcost 0 sis0 flags=3LEARNING,DISCOVER port 1 ifpriority 0 ifcost 0 Addresses (max cache: 100, timeout: 240): 00:21:70:d6:76:5a sis2 1 flags=0 00:23:32:d9:56:d8 sis0 1 flags=0 I start dhcpd with: # /usr/sbin/dhcpd sis0 ral0 if started with bridge0 and/or sis2, /var/log/daemon returns Dec 5 08:32:54 soekris4801 dhcpd[20667]: Can't listen on bridge0 - it has no IP address. Dec 5 08:33:41 soekris4801 dhcpd[6656]: Can't listen on sis2 - it has no IP address. And I believe it's not needed (one interface of the bridge equals all of them) Dhcpd is working on sis0 with another system but doesn't answer to the box on sis2. tcpdump can see arp and bootp request from the station but there is no response from dhcpd. Don't know why. Hints ? If I configure static IP configuration, network access is good. really seems limited to dhcpd. thanks a lot. Best regards, Julien dmesg (note: update to 4.6 planned) OpenBSD 4.4-stable (GENERIC) #0: Thu Apr 30 01:03:28 CEST 2009 r...@soekris4801.vpn.www:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Geode(TM) Integrated Processor by National Semi (Geode by NSC 586-class) 267 MHz cpu0: FPU,TSC,MSR,CX8,CMOV,MMX cpu0: TSC disabled real mem = 133787648 (127MB) avail mem = 120946688 (115MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 20/80/03, BIOS32 rev. 0 @ 0xf7840 pcibios0 at bios0: rev 2.0 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xc8000/0x9000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Cyrix GXm PCI rev 0x00 sis0 at pci0 dev 6 function 0 NS DP83815 10/100 rev 0x00, DP83816A: irq 10, address 00:00:24:c3:58:cc nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1 sis1 at pci0 dev 7 function 0 NS DP83815 10/100 rev 0x00, DP83816A: irq 10, address 00:00:24:c3:58:cd nsphyter1 at sis1 phy 0: DP83815 10/100 PHY, rev. 1 sis2 at pci0 dev 8 function 0 NS DP83815 10/100 rev 0x00, DP83816A: irq 10, address 00:00:24:c3:58:ce nsphyter2 at sis2 phy 0: DP83815 10/100 PHY, rev. 1 ral0 at pci0 dev 14 function 0 Ralink RT2561S rev 0x00: irq 11, address 00:12:0e:61:7f:c0 ral0: MAC/BBP RT2561C, RF RT5225 gscpcib0 at pci0 dev 18 function 0 NS SC1100 ISA rev 0x00 gpio0 at gscpcib0: 64 pins NS SC1100 SMI rev 0x00 at pci0 dev 18 function 1 not configured pciide0 at pci0 dev 18 function 2 NS SCx200 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to co mpatibility wd0 at pciide0 channel 0 drive 0: WDC WD1600BEVE-00UYT0 wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 geodesc0 at pci0 dev 18 function 5 NS SC1100 X-Bus rev 0x00: iid 6 revision 3 wdstatus 0 ohci0 at pci0 dev 19 function 0 Compaq USB OpenHost rev 0x08: irq 5, version 1.0, legacy support isa0 at gscpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 nsclpcsio0 at isa0 port 0x2e/2: NSC PC87366 rev 9: GPIO VLM TMS gpio1 at nsclpcsio0: 29 pins gscsio0 at isa0 port 0x15c/2: SC1100 SIO rev 1: npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 Compaq OHCI root hub rev 1.00/1.00 addr 1 biomask f3e5 netmask ffe5 ttymask softraid0 at root root on wd0a swap on wd0b dump on wd0b
Re: managing authorized_keys
bofh wrote on 18/09/09 16:29: There's 400+ unix boxes. I know we can stick keys into authorized_keys, but managing it for a bunch of automated processes seems a bit unwieldy. Is there any way of pointing to an external source, say, ldap? one solution is to have a central ssh host which acts as a proxy before logging to others you have this solution: http://sshproxy-project.org/ I'm not sure, it is still maintained but code is GPL2 so you could use it or sort of. i don't know if there is any other alternatives. Cheers Julien
Re: verbose sftp per user ?
anyone ? jul wrote on 5/04/09 14:50: i'm using chroot sftp with the following command: #Subsystem sftpinternal-sftp -l VERBOSE -f AUTH Subsystem sftpinternal-sftp -l INFO -f AUTH from http://marc.info/?l=openssh-unix-devm=120969706821519w=2 but is there any way to restrict verbose/info logging to some users ? or trap to /dev/null log of some others ? for example: Match user user1 Logging VERBOSE
sshkey: display comments in authlog ?
Hello when using sshkey, is there a way to have ssh comments section in the server authlog ? (the one in server ~/.ssh/authorized_keys) It would be useful to manage which key is used to log on which accounts. thanks a lot Best regards Julien
verbose sftp per user ?
Hello i'm using chroot sftp with the following command: #Subsystem sftpinternal-sftp -l VERBOSE -f AUTH Subsystem sftpinternal-sftp -l INFO -f AUTH from http://marc.info/?l=openssh-unix-devm=120969706821519w=2 but is there any way to restrict verbose/info logging to some users ? or trap to /dev/null log of some others ? for example: Match user user1 Logging VERBOSE thanks a lot Best regards Julien
Re: verify installed packages' binaries integrity ?
Stuart Henderson wrote on 18/12/08 21:14: On 2008-12-18, jul jul_...@yahoo.fr wrote: a small question, is there any way to check integrity of installed packages'binaries ? yes, by (ab)using pkg_create: for i in `find /var/db/pkg -name +CONTENTS`; do pkg_create -nf $i /dev/null done exactly, what i want. thanks a lot stuart for archives, seriously and as said before, it's only one step in investigation. it doesn't replace a dd + forensic analysis for a compromised host. But when you are suspicious and there is no mtree/samhain/aide/else, it helps.
verify installed packages' binaries integrity ?
(Note: it is not related to packages integrity when installing) a small question, is there any way to check integrity of installed packages'binaries ? i explain: in the case, i fear my host is compromised and i forgot or have corrupted mtree files, can i ask pkg manager to say if any referenced file has a different checksums than recorded. (+CONTENTS file has md5 and size) i know, this does not concern any base binaries which are the stuff that matter the most, but else ... If no mtree, i think the last option is comparing with binaries from CD hoping they didn't changed. thanks Regards
Re: verify installed packages' binaries integrity ?
Guillermo Bernaldo de Quiros Maraver wrote on 18/12/08 20:30: i think, that, you can use chkrootkit for this, you can see more about this software in their home page or in google. thanks, but that's not what i am looking for. chkrootkit checks only a known list of binaries (mostly base i think) to see if there is a trace of infection. i'm looking to check if stuff installed on the machine has been changed. it's really about a local step on packages' binaries integrity to confirm or not suspicion of compromission. after you can compare to distant referenced packages, dd disk and forensic it. Regards
[OT] soekris4801: CF and hard disk ?
Hello is it possible to have both Compact Flash and Hard disk in this soekris at the same time? when i do, i have most of the time, errors from disk/controller or else like: * pciide0:0:0: setmulti error (4) wd0c: aborted command reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying pciide0:0:0: setmulti error (4) wd0c: aborted command reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying pciide0:0:0: setmulti error (4) wd0c: aborted command reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying pciide0:0:0: setmulti error (4) wd0c: aborted command reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying pciide0:0:0: setmulti error (4) wd0c: aborted command reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying pciide0:0:0: setmulti error (4) wd0c: aborted command reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0) pciide0:0:0: setmulti error (4) wd0c: aborted command reading fsbn 64 of 64-67 (wd0 bn 64; cn 0 tn 1 sn 1), retrying pciide0:0:0: setmulti error (4) (non-blocking errors when launching bsd.rd though pxe) * boot 800^H ^H Using drive 0, partition 3. Loading... ERR M * or some others variants. i try by letting soekris choose where to boot or asking `boot 80` or `boot 81`. In my case (sandisk 2G), CF seems to be 81 (not found when both installed) and hard disk (wd1600beve [1]) seems to be 80 (freeze or previous boot error) If i only use one disk, it's ok to install and used. Please note, i have updated bios to latest 1.33 Please confirm me, it's not possible. Else ,i would think i have a problem with the soekris :( thanks Regards [1] http://wdc-fr.custhelp.com/cgi-bin/wdc.cfg/php/enduser/std_adp.php?p_faqid=1281
soekris4801: CF errors ?
Hello i'm looking for advices as i have recently a lot of errors messages about CF in my soekris (dmesg at the end) i reinstall my box and get the following during install (1: Crucial Tech CF 1GB) The next step *DESTROYS* all existing data on these partitions! Are you really sure that you're ready to proceed? [no] yes /dev/rwd0a: 967.6MB in 1981664 sectors of 512 bytes 5 cylinder groups of 202.47MB, 12958 blocks, 25984 inodes each wd0(pciide0:0:1): timeout type: ata c_bcount: 8192 c_skip: 0 pciide0:0:1: bus-master DMA error: missing interrupt, status=0x41 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout writing fsbn 16 of 16-31 (wd0 bn 79; cn 0 tn 1 sn 16), retrying pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout writing fsbn 16 of 16-31 (wd0 bn 79; cn 0 tn 1 sn 16), retrying pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout writing fsbn 16 of 16-31 (wd0 bn 79; cn 0 tn 1 sn 16), retrying pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout writing fsbn 16 of 16-31 (wd0 bn 79; cn 0 tn 1 sn 16), retrying pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout writing fsbn 16 of 16-31 (wd0 bn 79; cn 0 tn 1 sn 16), retrying pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout writing fsbn 16 of 16-31 (wd0 bn 79; cn 0 tn 1 sn 16) newfs: wtfs: write error on block 16: Input/output error pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout reading fsbn 128 of 128-143 (wd0 bn 191; cn 0 tn 3 sn 2), retrying pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout reading fsbn 128 of 128-143 (wd0 bn 191; cn 0 tn 3 sn 2), retrying pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout reading fsbn 128 of 128-143 (wd0 bn 191; cn 0 tn 3 sn 2), retrying pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout reading fsbn 128 of 128-143 (wd0 bn 191; cn 0 tn 3 sn 2), retrying pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout reading fsbn 128 of 128-143 (wd0 bn 191; cn 0 tn 3 sn 2), retrying pciide0:0:1: not ready, st=0x80BSY, err=0x00 pciide0 channel 0: reset failed for drive 1 wd0a: device timeout reading fsbn 128 of 128-143 (wd0 bn 191; cn 0 tn 3 sn 2) mount_ffs: /dev/wd0a on /mnt: Input/output error FATAL ERROR:Cannot mount filesystems. Double-check your configuration and restart the install. # i also repeat this with (2: Sandisk 256MB) install goes to end with a few warnings: The next step *DESTROYS* all existing data on these partitions! Are you really sure that you're ready to proceed? [no] yes /dev/rwd0a: 244.7MB in 501216 sectors of 512 bytes 5 cylinder groups of 50.05MB, 6406 blocks, 12864 inodes each wd0(pciide0:0:0): timeout type: ata c_bcount: 8192 c_skip: 0 pciide0:0:0: bus-master DMA error: missing interrupt, status=0x21 wd0a: device timeout writing fsbn 16 of 16-31 (wd0 bn 48; cn 0 tn 1 sn 16), retrying wd0(pciide0:0:0): timeout type: ata c_bcount: 8192 c_skip: 0 pciide0:0:0: bus-master DMA error: missing interrupt, status=0x21 wd0: transfer error, downgrading to PIO mode 4 wd0(pciide0:0:0): using PIO mode 4 wd0a: device timeout writing fsbn 16 of 16-31 (wd0 bn 48; cn 0 tn 1 sn 16), retrying wd0: soft error (corrected) /dev/wd0a on /mnt type ffs (rw, asynchronous, local, ctime=Mon Nov 24 06:36:02 2008) System hostname? (short form, e.g. 'foo') do you think CF are too old (too much write) ? or is there a problem with my motherboard ? thanks Regards Julien dmesg: OpenBSD 4.4 (RAMDISK_CD) #857: Tue Aug 12 17:31:49 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD cpu0: Geode(TM) Integrated Processor by National Semi (Geode by NSC 586-class) 267 MHz cpu0: FPU,TSC,MSR,CX8,CMOV,MMX cpu0: TSC disabled real mem = 133787648 (127MB) avail mem = 122793984 (117MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 20/40/21, BIOS32 rev. 0 @ 0xf7840 pcibios0 at bios0: rev 2.0 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xc8000/0x9000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Cyrix GXm PCI rev 0x00 sis0 at pci0 dev 6 function 0 NS DP83815 10/100 rev 0x00, DP83816A: irq 10, address 00:00:24:c3:58:cc nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1 sis1 at pci0 dev 7 function 0 NS DP83815 10/100 rev 0x00,
Re: soekris4801: CF errors ?
Jussi Peltola wrote on 24/11/08 10:34: Use UKC to disable IDE DMA. Cards other than SanDisk seem not to honor the reset line, so the normal downgrade to PIO modes won't work. It's more or less a feature. thanks but how i do this with bsd.rd on install ? from faq http://www.openbsd.org/faq/faq14.html#pciideErr http://www.openbsd.org/cgi-bin/man.cgi?query=wdsektion=4 i suppose i need to do something like that at boot boot -c UKC change wd1 (flag 0x1f to disable dma) but with pxeboot and bsd.rd, i only have /etc/boot.conf options. does it support the ukc commands ? i believe not. else sandisk errors (which also downgrades to PIO4) is not from a CF defect ? thanks Regards
Re: soekris4801: CF errors ?
Stuart Henderson wrote on 24/11/08 13:09: from faq http://www.openbsd.org/faq/faq14.html#pciideErr http://www.openbsd.org/cgi-bin/man.cgi?query=wdsektion=4 i suppose i need to do something like that at boot boot -c UKC change wd1 (flag 0x1f to disable dma) but with pxeboot and bsd.rd, i only have /etc/boot.conf options. does it support the ukc commands ? i believe not. don't believe, test. ok. sorry, it does. putting boot tftp:bsd.rc -c in my tftp /etc/boot.conf works but i did not manage to disable dma ... UKC change wd0 UKC find wd0 UKC which is the right command ? else sandisk errors (which also downgrades to PIO4) is not from a CF defect ? the connection between your CF card and your IDE controller does not include the interrupt lines you need for DMA. sandisk does honour the reset command. many (most?) other CF cards do not. so it is probably better to take a new CF, right ? thanks Regards
vpn with an iphone
Hello has someone setup a vpn tunnel between openbsd and an iphone ? it seems ipsec part is strictly limited to cisco ipsec with a user account/password so not good for us. Else there is pptp and l2tp but i'm not sure there is anything in base to do this. Ports seems to only have pptp as a client and i'm looking for server. any informations ? thanks a lot Cheers
4.4: crash in uvm_aiodone_daemon
after a new install of 4.4 and while i restored my apps, i get an expected crash ddb trace Debugger(14,6,d98d8e5c,d0dbfd00,d26) at Debugger+0x4 panic(d06f90c0,d06c121d,d0712040,d07138a0,23d) at panic+0x55 tablefull(d06c121d,d07138a0,23d,d0712040,d0201f42) at tablefull uvm_aiodone_daemon(d085c7e8,fe5,d98d8f6c,d0478579) at uvm_aiodone_daemon+0x2e5 uvm_aiodone_daemon(d98d7000,6b67,191b5,d67c8004,d0477a48) at uvm_aiodone_daemon +0x9fd uvm_pageout(d67c8004) at uvm_pageout+0xd5 Bad frame pointer: 0xd098ceb8 see dmesg below. other informations on demand (ps, show registers, show all pools) also i have asked boot dump, i have nothing in /var/crash, so no dump. Except previous command, is there anything else than ps trace which could be useful to report ? thanks Regards [ using 622804 bytes of bsd ELF symbol table ] Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2008 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.4 (GENERIC) #0: Sun Nov 9 16:44:46 CET 2008 [EMAIL PROTECTED]:/share2/ob/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium II (GenuineIntel 686-class, 512KB L2 cache) 351 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR real mem = 435761152 (415MB) avail mem = 412725248 (393MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/03/00, BIOS32 rev. 0 @ 0xf0520 apm0 at bios0: Power Management spec V1.2 (BIOS management disabled) apm0: APM power management enable: unrecognized device ID (9) apm0: APM engage (device 1): power management disabled (1) apm0: AC on, battery charge unknown pcibios0 at bios0: rev 2.1 @ 0xf/0xd92 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf0d10/128 (6 entries) pcibios0: PCI Interrupt Router at 000:04:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x800 0xcc000/0x1800 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 SiS 6326 VGA rev 0x0b wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: aperture at 0xe400, size 0x400 drm at vga1 unsupported piixpcib0 at pci0 dev 4 function 0 Intel 82371AB PIIX4 ISA rev 0x02 pciide0 at pci0 dev 4 function 1 Intel 82371AB IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: QUANTUM FIREBALL EX6.4A wd0: 16-sector PIO, LBA, 6149MB, 12594960 sectors atapiscsi0 at pciide0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets, initiator 7 cd0 at scsibus0 targ 0 lun 0: LG, CD-ROM CRD-8322B, 1.10 ATAPI 5/cdrom removable wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 cd0(pciide0:0:1): using PIO mode 4, DMA mode 2 pciide0: channel 1 disabled (no drives) uhci0 at pci0 dev 4 function 2 Intel 82371AB USB rev 0x01: irq 5 piixpm0 at pci0 dev 4 function 3 Intel 82371AB Power rev 0x02: SMI iic0 at piixpm0 lm1 at iic0 addr 0x2d: W83781D spdmem0 at iic0 addr 0x50: 256MB SDRAM non-parity PC133CL2 spdmem1 at iic0 addr 0x51: 128MB SDRAM non-parity PC133CL3 spdmem2 at iic0 addr 0x52: 32MB SDRAM non-parity PC66CL2 emu0 at pci0 dev 9 function 0 Creative Labs SoundBlaster Live rev 0x07: irq 5 ac97: codec id 0x83847608 (SigmaTel STAC9708/11) ac97: codec features 18 bit DAC, 18 bit ADC, SigmaTel 3D audio0 at emu0 Creative Labs PCI Gameport Joystick rev 0x07 at pci0 dev 9 function 1 not configured xl0 at pci0 dev 10 function 0 3Com 3c905C 100Base-TX rev 0x78: irq 12, address 00:04:76:24:cd:fa exphy0 at xl0 phy 24: 3Com internal media interface uhci1 at pci0 dev 11 function 0 VIA VT83C572 USB rev 0x61: irq 10 uhci2 at pci0 dev 11 function 1 VIA VT83C572 USB rev 0x61: irq 12 ehci0 at pci0 dev 11 function 2 VIA VT6202 USB rev 0x63: irq 5 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 VIA EHCI root hub rev 2.00/1.00 addr 1 VIA VT6306 FireWire rev 0x46 at pci0 dev 11 function 3 not configured pciide1 at pci0 dev 12 function 0 Promise PDC20262 rev 0x01: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using irq 11 for native-PCI interrupt wd1 at pciide1 channel 0 drive 0: ST3120026A wd1: 16-sector PIO, LBA48, 114473MB, 234441648 sectors wd1(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 4 pciide1: channel 1 disabled (no drives) isa0 at piixpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 lm0 at isa0 port 0x290/8: W83781D lm1 detached npx0 at isa0
Re: 4.4: crash in uvm_aiodone_daemon
Pedro Martelletto wrote on 11/11/08 18:56: What was the actual panic message? sorry but the serial console was connected after crash, so i don't have initial message. This information is not in trace ? is there a command to recover it ? thanks Regards
ns openbsd.org
Hello it seems one of the nameserver of openbsd.org has not been updated http://recursive.iana.org/?query=openbsd.org has someone contact ns.appli.se admins ? regards
soekris perf + uvideo
Hello do you think a soekris 4801 or 5501 can handle 2 to 4 usb video cameras with the new uvideo driver ? handle, in a way, get it on the box and record on a local hard disk or stream it (with vlc server for example) resolution and ips could be restricted but could it be possible ? thanks
Re: lacrossetechnology weather station + openbsd = getrusage ?
with a bit more analyzing of ktrace output and comparing with a working setup of someone else (thanks !), i observe my release have about 5 lines of getrusage like this: CALL getrusage(0, 0x...) RET getrusage 0 not sure it is useful, but there is no getrusage in *.[ch] so it seems external. i've checked manpage but can't explain why it does this. else my version use ioctl with TIOCMGET/TIOCMSET against TIOCDRAIN/TIOCFLUSH. i suppose it corresponds to openbsd evolution. comments on these points ? thanks
uath as access point ?
Hello after reading man uath, i'm not sure. can uath driver be used as access point ? else which usb adapters supported by openbsd could ? thanks Cheers
strange crash after kernel update ?
i juste get a strange crash after updating my kernel on a soekris4501 kernel is built with source updated from cvs. Maybe source are corrupted ? others ideas ? thanks regards ddb trace strncmp(d074674c0c4) at strncmp+0x14 identifycpu(d083c3e0d069ef45100d0750044) at identifycpu+0x77 cpu_startup(d067cb0ad067b9e0d08c8fa0d03222832) at cpu_startup+0x94 main(0) at main+0x5d ddb ps PID PPID PGRPUID S FLAGS WAIT COMMAND ddb show registers ds0x0010APTmap+0x3f0010 es 0x10 fs 0x58 gs 0 edi0 esi0 ebp 0xd08c8e78end+0x8c5c8 ebx 0xd074674ccpu_vendor edx0 ecx 0xc eax 0x4 eip 0xd064abc4strncmp+0x14 cs0x0008APTmap+0x3f0008 eflags 0x10006 esp 0xd08c8e70end+0x8c5c0 ss0xd08c0010end+0x83760 strncmp+0x14: b 0(%esi%al ddb show map No such command ddb boot reboot rebooting... POST: 0123456789bcefghipajklnoq,,,tvwxy [...] comBIOS ver. 1.26a 20040819 Copyright (C) 2000-2004 Soekris Engineering. net45xx 0064 Mbyte MemoryCPU 80486 133 Mhz Pri Mas SanDisk SDCFH-512 LBA 993-16-63 500 Mbyte Slot Vend Dev ClassRev Cmd Stat CL LT HT Base1Base2 Int --- 0:00:0 1022 3000 0600 0006 2280 00 00 00 0:18:0 100B 0020 0200 0107 0290 00 3F 00 E001 A000 10 0:19:0 100B 0020 0200 0107 0290 00 3F 00 E101 A0001000 11 0:20:0 100B 0020 0200 0107 0290 00 3F 00 E201 A0002000 05 4 Seconds to automatic boot. Press Ctrl-P for entering Monitor. Using drive 0, partition 3. Loading... probing: pc0 com0 com1 pci mem[639K 63M a20=on] disk: hd0+ OpenBSD/i386 BOOT 3.01 - com0: 19200 baud switching console to com0 OpenBSD/i386 BOOT 3.01 boot booting hd0a:/bsd: 5667092+872060 [52+291168+272312]=0x6c6250 entry point at 0x200120 [ using 563904 bytes of bsd ELF symbol table ] Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2007 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.2-stable (GENERIC) #0: Sat Jan 26 13:36:40 CET 2008 [EMAIL PROTECTED]:/share2/ob/usr/src/sys/arch/i386/compile/GENERIC kernel: trap, code=0 Stopped at strncmp+0x14: b 0(%esi%al strncmp(d074674c0c4) at strncmp+0x14 identifycpu(d083c3e0d069ef45100d0750044) at identifycpu+0x77 cpu_startup(d067cb0ad067b9e0d08c8fa0d03222832) at cpu_startup+0x94 main(0) at main+0x5d ddb trace strncmp(d074674c0c4) at strncmp+0x14 identifycpu(d083c3e0d069ef45100d0750044) at identifycpu+0x77 cpu_startup(d067cb0ad067b9e0d08c8fa0d03222832) at cpu_startup+0x94 main(0) at main+0x5d ddb ps PID PPID PGRPUID S FLAGS WAIT COMMAND ddb show registers ds0x0010APTmap+0x3f0010 es 0x10 fs 0x58 gs 0 edi0 esi0 ebp 0xd08c8e78end+0x8c5c8 ebx 0xd074674ccpu_vendor edx0 ecx 0xc eax 0x4 eip 0xd064abc4strncmp+0x14 cs0x0008APTmap+0x3f0008 eflags 0x10006 esp 0xd08c8e70end+0x8c5c0 ss0xd08c0010end+0x83760 strncmp+0x14: b 0(%esi%al ddb
lacrossetechnology weather station + openbsd
Hello i'm trying to use openbsd (4.2-stable) with a lacrosse weather station (ws8610). there are multiple software to handle them depending on models open (open2300, open3600, open8610, ...) Sadly, if i can compile software, running them doesn't output anything. a ktrace shows it stalls (or mostly) on $ ./dump3600 /dev/null start end [...] 20658 dump3600 CALL getrusage(0,0xcfbe0fa0)// mostly [...] 20658 dump3600 CALL ioctl(0x4,TIOCMSET,0xcfbdd09c) OR $ ./dump8610 test 0 1FFF [...] 4525 dump8610 CALL getrusage(0,0xcfbdff50) // mostly [...] 4525 dump8610 CALL ioctl(0x4,TIOCMGET,0xcfbdffd4) [...] 4525 dump8610 CALL ioctl(0x4,TIOCMSET,0xcfbdbfec) 4525 dump8610 RET ioctl 0 4525 dump8610 CALL ioctl(0x4,TIOCMGET,0xcfbdbf9c) 4525 dump8610 RET ioctl 0 4525 dump8610 CALL ioctl(0x4,TIOCMSET,0xcfbdbf9c) 4525 dump8610 RET ioctl 0 4525 dump8610 PSIG SIGINT SIG_DFL code 0 // ^C Has anyone some of these stations working with openbsd ? thanks Cheers note: some links http://tech.groups.yahoo.com/group/Lacrosse_weather_stations/ http://www.lavrsen.dk/twiki/bin/view/Open2300/WebHome http://open3600.fast-mail.nl/tiki-index.php http://www.lacrossetechnology.com/
[OT] password aging/expiry
i want to make a little survey to see how many people use password aging and if yes, how long ? why ? (of course, depending on sensitivity of your box) a few +/- (+) * As passwords age, the probability that they are compromised grows. = but how much age ? 1 month ? 1 year ? * if compromised, limit usefulness = when you have a pass, you use it now, not next year ... and install a backdoor so you use it only once. * limit password sharing = not really, better explain users to avoid sharing (-) * can put a lot of strain on helpdesk depending on the computer level of your users (forgotten password, locked accounts, don't understand, ...) * if too short, only minor changes are done to the password ex: xx1, xx2, xx3, ... (number, date, ...) * alone, does not enforce good passphrase = does not replace a good policy and user explanation * if too much restrictions on passphrase, they will go on post-it, PDA or else which are, in general, less secure. * doesn't help common user to get and keep a strong passphrase * doesn't replace good accounts management (when someone quit, disable the account and else) a few policy on the net: http://www.uncfsu.edu/itts/networking/passwords.htm 180d http://west.wwu.edu/atus/web/pwordaging.shtml regularly http://www.pasteur.fr/infosci/utilinfo/HOWTO/passwd.html1y http://www.columbia.edu/acis/sy/unixdev/policy/password-aging.html http://security.georgetown.edu/passwords.html no aging rule http://www.int-evry.fr/s2ia/unix/mode-d-emploi/change-passwd.htm 6m thanks Regards
Re: MS Exchange to MBOX
Joshua Gimer wrote on 9/08/07 20:58: We are planning on moving a large amount of Exchange mailboxes to UNIX mbox format. My question is, does anyone know of any projects out there or of any tools that can assist in this conversion? please, cross posting is very bad. Avoid it. read http://www.openbsd.org/mail.html second, your subject has nothing to do with openbsd, so ... Else, first do your homework and search the web ... At the end, you'll know there is no such a tool. Best you can do is using imap exchange connector to move message to another imap server.