subject:"new"

Re: Older dmesg's retained after new install. Similar to disklabel retension on disk?

2024-09-17 Thread Chris Bennett

On Tue, Sep 17, 2024 at 11:57:44AM +0200, Claudio Jeker wrote:
> On Tue, Sep 17, 2024 at 04:47:13AM -0500, Chris Bennett wrote:
> > I had a major problem that required a fresh install from a current to
> > 7.5 stable.
> > I did find a mention of a "disklabel partition" searching online.
> > I still had it, as expected and just used the n command to restore the
> > mount points.
> > 
> > However, as I mentioned in this thread
> > https://marc.info/?l=openbsd-misc&m=172654509928100&w=4
> > my older dmesg's were also retained which I found in
> > /var/run/dmesg.boot.
> > The dmesg man page says that some systems can retain previous dmesg's
> > after rebooting. I assumed that it was just appending new dmesg to
> > dmesg.boot.
> > Is there also a spot on the drive that stores older dmesg information? I
> > did a fresh install, so this seems like a good explanation.
> > Is that correct or is there a different explanation?
> > 
> 
> The dmesg buffer in memory can hold more then one dmesg. If it is retained
> accross reboots depends on the HW. In most cases the memory is not cleared
> on warm boots. Only on a cold boot the memory contents are lost.
> /var/run/dmesg.boot just holds the contents of this buffer.
> 
> -- 
> :wq Claudio

That then explains it. I only did warm boots. Thanks.

-- 
Regards,
Chris Bennett

Re: Older dmesg's retained after new install. Similar to disklabel retension on disk?

2024-09-17 Thread Claudio Jeker

On Tue, Sep 17, 2024 at 04:47:13AM -0500, Chris Bennett wrote:
> I had a major problem that required a fresh install from a current to
> 7.5 stable.
> I did find a mention of a "disklabel partition" searching online.
> I still had it, as expected and just used the n command to restore the
> mount points.
> 
> However, as I mentioned in this thread
> https://marc.info/?l=openbsd-misc&m=172654509928100&w=4
> my older dmesg's were also retained which I found in
> /var/run/dmesg.boot.
> The dmesg man page says that some systems can retain previous dmesg's
> after rebooting. I assumed that it was just appending new dmesg to
> dmesg.boot.
> Is there also a spot on the drive that stores older dmesg information? I
> did a fresh install, so this seems like a good explanation.
> Is that correct or is there a different explanation?
> 

The dmesg buffer in memory can hold more then one dmesg. If it is retained
accross reboots depends on the HW. In most cases the memory is not cleared
on warm boots. Only on a cold boot the memory contents are lost.
/var/run/dmesg.boot just holds the contents of this buffer.

-- 
:wq Claudio

Older dmesg's retained after new install. Similar to disklabel retension on disk?

2024-09-17 Thread Chris Bennett

I had a major problem that required a fresh install from a current to
7.5 stable.
I did find a mention of a "disklabel partition" searching online.
I still had it, as expected and just used the n command to restore the
mount points.

However, as I mentioned in this thread
https://marc.info/?l=openbsd-misc&m=172654509928100&w=4
my older dmesg's were also retained which I found in
/var/run/dmesg.boot.
The dmesg man page says that some systems can retain previous dmesg's
after rebooting. I assumed that it was just appending new dmesg to
dmesg.boot.
Is there also a spot on the drive that stores older dmesg information? I
did a fresh install, so this seems like a good explanation.
Is that correct or is there a different explanation?


OpenBSD 7.5-current (GENERIC.MP) #228: Sun Aug  4 11:53:42 MDT 2024
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 34288898048 (32700MB)
avail mem = 33226084352 (31686MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.0 @ 0x8f776000 (36 entries)
bios0: vendor American Megatrends Inc. version "2.2a" date 05/24/2019
bios0: Supermicro X11SSD-F
acpi0 at bios0: ACPI 5.0
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP APIC FPDT FIDT SPMI MCFG HPET LPIT SSDT SSDT SSDT DBGP 
DBG2 SSDT PRAD SSDT UEFI SSDT DMAR EINJ ERST BERT HEST
acpi0: wakeup devices PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4) PEG2(S4) PEGP(S4) 
RP09(S4) PXSX(S4) RP10(S4) PXSX(S4) RP11(S4) PXSX(S4) RP12(S4) PXSX(S4) 
RP13(S4) PXSX(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) CPU E3-1270 v6 @ 3.80GHz, 3800.01 MHz, 06-9e-09, patch 
00f8
cpu0: cpuid 1 
edx=bfebfbff
 
ecx=77fafbff
cpu0: cpuid 6 eax=27f7 ecx=9
cpu0: cpuid 7.0 
ebx=29c6fbf
 edx=bc002e00
cpu0: cpuid a vers=4, gp=8, gpwidth=48, ff=3, ffwidth=48
cpu0: cpuid d.1 eax=f
cpu0: cpuid 8001 edx=2c100800 
ecx=121
cpu0: cpuid 8007 edx=100
cpu0: msr 10a=a000c04
cpu0: MELTDOWN
cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB 64b/line 
4-way L2 cache, 8MB 64b/line 16-way L3 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 24MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Xeon(R) CPU E3-1270 v6 @ 3.80GHz, 3800.01 MHz, 06-9e-09, patch 
00f8
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Xeon(R) CPU E3-1270 v6 @ 3.80GHz, 3800.02 MHz, 06-9e-09, patch 
00f8
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Xeon(R) CPU E3-1270 v6 @ 3.80GHz, 3800.02 MHz, 06-9e-09, patch 
00f8
cpu3: smt 0, core 3, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
acpimcfg0 at acpi0
acpimcfg0: addr 0xe000, bus 0-255
acpihpet0 at acpi0: 2399 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (PEG0)
acpiprt2 at acpi0: bus 2 (PEG1)
acpiprt3 at acpi0: bus -1 (PEG2)
acpiprt4 at acpi0: bus 4 (RP09)
acpiprt5 at acpi0: bus -1 (RP10)
acpiprt6 at acpi0: bus 5 (RP11)
acpiprt7 at acpi0: bus 6 (BR52)
acpiprt8 at acpi0: bus -1 (RP12)
acpiprt9 at acpi0: bus -1 (RP13)
acpiprt10 at acpi0: bus 3 (RP01)
acpiprt11 at acpi0: bus -1 (RP02)
acpiprt12 at acpi0: bus -1 (RP03)
acpiprt13 at acpi0: bus -1 (RP04)
acpiprt14 at acpi0: bus -1 (RP05)
acpiprt15 at acpi0: bus -1 (RP06)
acpiprt16 at acpi0: bus -1 (RP07)
acpiprt17 at acpi0: bus -1 (RP08)
acpiprt18 at acpi0: bus -1 (RP17)
acpiprt19 at acpi0: bus -1 (RP18)
acpiprt20 at acpi0: bus -1 (RP19)
acpiprt21 at acpi0: bus -1 (RP20)
acpiprt22 at acpi0: bus -1 (RP14)
acpiprt23 at acpi0: bus -1 (RP15)
acpiprt24 at acpi0: bus -1 (RP16)
acpiec0 at acpi0: not present
acpipci0 at acpi0 PCI0: 0x 0x0011 0x0001
com0 at acpi0 UAR1 addr 0x3f8/0x8 irq 4: ns16550a, 16 byte fifo
com1 at acpi0 UAR2 addr 0x2f8/0x8 irq 3: ns16550a, 16 byte fifo
acpicmos0 at acpi0
"IPI0001" at acpi0 not configured
acpibtn0 at acpi0: SLPB
intelpmc0 at acpi0: PEPD
acpibtn1 at acpi0: PWRB
"ACPI000D" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
acpicpu0 at acpi0: C1(@1 halt!), PSS
acpicpu1 at acpi0: C1(@1 halt!), PSS
acpicpu2 at acpi0: C1(@1 halt!), PSS
acpicpu3 at acpi0: C1(@1 halt!), PSS
acpipwrres0 at acpi0: PG00, resource for PEG0
acpipwrres1 at acpi0: PG01, resource for PEG1
acpipwrres2 at acpi0: PG02, resource for PEG2
acpipwrres3 at acpi0: WRST
acpipwrres4 at acpi0: WRST
acpipwrres5 at acpi0: WRST
acpipwrres6 at acpi0: WRST
acpipwrres7 at acpi0: WRST
acpipwrres8 at acpi0: WRST
ac

support new

2024-06-09 Thread Peter Thurner | Blunix GmbH

0
C Germany
P Berlin
T Berlin
Z 10999
O Blunix GmbH
I 
A Glogauer Straße 21
M i...@blunix.com
U https://www.blunix.com/
B +49 30 / 629 318 76 
X 
N Automated, security-focused, and FOSS customized hosting solutions for 
OpenBSD and Debian Linux. 24/7/365 emergency support with a maximum 60-minute 
response time. Project-based consulting for projects of all sizes. Managed 
hosting on your IaaS provider using our FOSS Ansible stack. OpenBSD is our 
preferred choice for secure hosting environments.

Re: New filters auth and sign

2024-06-01 Thread Kirill A . Korinsky

On Sat, 01 Jun 2024 08:45:00 +0100,
"Corey Hickman"  wrote:
> 
> does it have policy server included? for instance, when DKIM fails, the 
> policy can be set up to deny the message.
> 

Right now it ignores DMARC as if it doesn't exist.

Doing a DMARC lookup for domain and inserting it's results into the header
is possible and not a big deal, but it has some issues.

The first is parsing the From header. It is durable, but different MUA may
follow different logic and parser for this can be quite complicated. And
complicated means bugs.

The second is more ideological. DMARC needs something that aggregates the
results and sends out reports. It shouldn't be a filter for smtpd. But a
filter can write it's decision to log, and something should harvest it to
process and create reports that need to be sent. Anyway, forensic reports,
which should be close to real-time and include a lot of things from the
original email, is a much more complicated story.

All this brings up the question of personal data / GDPR and DMARC. I know of
a very good analysis of DMARC and GDPR in the case of German law [1], which
can be summarized as a quote:

  The reports are fundamentally permitted and justified under data
  protection law. However, the principle of proportionality is to be
  complied with at all times.

Based on this analysis, I assume that only aggregated reports can be used
without legal headaches in the EU.

But implementing only a part of DMARC seems as much worse than not
implementing it at all, and implementing it in its entirety requires a lot
of pieces in place, much more than just a filter.

Thus, DMARC was discussed on the OpenBSD mailing lists a few months ago [2].

As a conclusion, I personally use the p=none policy, because I assume that
my mail should be delivered, and To is not the final destination, it's a
kind of starting direction of the mail's way to the recipient.

Footnotes:
[1]  
https://certified-senders.org/wp-content/uploads/2018/08/Report_DMARC_and_GDPR.pdf

[2]  https://marc.info/?l=openbsd-misc&m=171015367409290&w=2

-- 
wbr, Kirill

Re: New filters auth and sign

2024-06-01 Thread Corey Hickman

June 1, 2024 at 7:34 AM, "Kirill A. Korinsky"  wrote:

> 
> Greetings,
> 
> I'd like to announce a two new filters for OpenSMTD which better to use
> 
> together: auth and sign.
> 

does it have policy server included? for instance, when DKIM fails, the policy 
can be set up to deny the message.

Thanks.

Re: New filters auth and sign

2024-05-31 Thread Kirill A . Korinsky

On Sat, 01 Jun 2024 00:34:41 +0100,
Kirill A. Korinsky  wrote:
> 
> Greetings,
> 
> I'd like to announce a two new filters for OpenSMTD which better to use
> together: auth and sign.
>

Oops, wrong list. It should be m...@opensmtpd.org.

Sorry for nosy.

-- 
wbr, Kirill

New filters auth and sign

2024-05-31 Thread Kirill A . Korinsky

Greetings,

I'd like to announce a two new filters for OpenSMTD which better to use
together: auth and sign.

auth is a filter which verify DKMI, ARC and SPF, and iprev. It adds
Authentication-Results header or ARC-Authentication-Results.

sign is a filter which adds DKMI or ARC signature, or ARC seal.

For example, I run configuration:

  filter "auth" proc-exec "filter-auth"
  listen on egress port smtp ... filter { admdscrub, "auth", dnsbl }

  filter sign_ed25519 proc-exec "filter-sign -a ed25519-sha256 -D 
/etc/mail/domains \
 -s 20240125ed25519 -k /etc/mail/dkim/20240125.ed25519.key" user 
_dkimsign group _dkimsign
  filter sign_rsa proc-exec "filter-sign -a rsa-sha256 -D /etc/mail/domains \
 -s 20240125rsa -k /etc/mail/dkim/20240125.rsa.key" user _dkimsign 
group _dkimsign

  filter arc_auth proc-exec "filter-auth -A"
  filter arc_sign proc-exec "filter-sign -A -a rsa-sha256 -d mx.catap.net \
 -s 20240125rsa -k /etc/mail/dkim/20240125.rsa.key" user _dkimsign 
group _dkimsign
  filter arc_seal proc-exec "filter-sign -S -a rsa-sha256 -d mx.catap.net \
 -s 20240125rsa -k /etc/mail/dkim/20240125.rsa.key" user _dkimsign 
group _dkimsign

  filter sign chain { sign_ed25519 sign_rsa arc_auth arc_sign arc_seal }

  listen on egress port submission ... filter sign

Here all incomming messages is autorised by adding Authentication-Results,
and all outcomming messages:
 - signed by two DKMI signature with correct domain (list in /etc/mail/domains)
 - signed by one ARC signature with domain mx.catap.net
 - seal by one ARC seal with domain mx.catap.net

Yeah, it is possible to use different selectors for ARC signature and seal,
but I haven't tested it.

The code is based on Martijn van Duren's filter-dkimsign, filter-dkimverify
and filter-spf, and I also used some pices from spfwalk.c from OpenSMTPD.

Man pages for both filters are updated.

Thus, sign filter is drop-in replacment for filter-dkimsign.

Code available here:
 - https://github.com/catap/opensmtpd-filter-auth
 - https://github.com/catap/opensmtpd-filter-sign

I also attached ports for OpenBSD which I used to run it.

How stable it is? Well, enough to share and ask for feedback. It may
contains bugs, but it should be fine to use.

Produced signature was tested against gmail, yahoo, icloud.com and dkimpy
and it holds. Anyway, outlook.com fails on ARC signature with errors 35 or
47 (what does it mean?) and produced invalid signature as the next in ARC
chain (tested by dkimpy).

Thus, this email were sent via server which uses that filters, so, headers
from this email a good example.

-- 
wbr, Kirill


filters.tgz
Description: Binary data

support new

2024-04-11 Thread Jeff Moskow


0
C United States
P New York
T Lansing
Z 14882
O Ready-to-Run Software, Inc.
I Jeff Moskow
A 212 Cedar Cove
M open...@rtr.com
U http://www.rtr.com/Ready-to-Run_Software/OpenBSD/
B 607-533-8649
X 607-533-UNIX
N We have been installing, supporting and managing OpenBSD systems for 
over 20 years.  Deploying
them for firewalls, mail servers, DNS servers, monitoring (Nagios 
w/custom plugins), relay/proxy servers,

web servers, bastion hosts, VPN and more.

Re: New asset

2024-03-20 Thread Dan



Just would drop a thank you for the kindness to reply me.

And, to answer, I'm mostly a baby dadder during the day so
spare time and night is for the great work and exclusively under
exposure of tons of positive enthusiasm.. that - beside a good
training to resist tireness - is the true rocknroll. In alternative
cheergirls do not function, neither.

NB: for a general convinience I can't send a private pigeon..
If everything look hilarious is absolutely wanted.

-Dan

Brodey Dover :

> Progress looks great.
>
> Keep up the great work!

Re: New asset

2024-03-20 Thread Brodey Dover

Progress looks great.

Keep up the great work!

Brodey
Sent from my iPhone

> On Mar 20, 2024, at 10:07, dan  wrote:
> 
> Hello,
> 
> We are working.. on/the new asset..
> pointing out the overwhelming importance of the unstructured data.
> Footage attached.
> 
> -Dan
>

support new

2024-03-08 Thread mahmoudElshimi

0
C Egypt
P Cairo
T
Z
O Sysadmin Consulting
I mahmoudElshimi
A Cairo, Egypt
M mahmoudelsh...@protonmail.ch
U
B
X
N OpenBSD, Linux, and Networks consulting, installation, maintenance, and 
support services.

groups new

2024-03-08 Thread mahmoudElshimi

0
C Egypt
P Cairo
T
F Irregular
O ar_OpenBSD
I mahmoudElshimi
M mahmoudelsh...@protonmail.ch
U
N OpenBSD

groups new

2024-03-08 Thread mahmoudElshimi

0
C Egypt
P Cairo
T
F Irregular
O ar_OpenBSD
I mahmoudElshimi
M mahmoudelsh...@protonmail.ch
U
N OpenBSD

Re: OT: Test new email conf

2024-03-05 Thread Daniele B.



Darling, they know me as an ethical guy.
So, my true blogs are usually offline cause the italo-american
meritocracy and their "liberty".., I'm really sorry for the business...

NB: I suggest you to adopt true western names to make your tricks,
indeed, they are so cool

-Dan

Mar 5, 2024 20:20:36 Mizsei Zoltán :

> Please consider to start a blog about your adventures. Thanks.
> 
> Regards,
> -ext

Re: OT: Test new email conf

2024-03-05 Thread Mizsei Zoltán

Please consider to start a blog about your adventures. Thanks.

Regards,
-ext

Daniele B. írta 2024. márc.. 5, K-n 18:58 órakor:
> The past days I was managing to try it
> the admin interface of BookMyName (iliad) and
> sorry for the wanted advertisement.. (it is affordable)
> Suddenly I found myself in front of a
> transliteral (from the French) saying very
> closed to the following:
>
> "Please fill in a backup email address
> (attention by suppling an email address different to
> the registration email you are admitting
> to currently use more than one email address!)".
>
> I personally felt faintened, almost doomed..
>
> -Dan
>
> Mar 2, 2024 07:54:55 Nowarez Market :
>
>> Hello,
>>
>> You can take it like a *curtesy email* to disclose my new email address.
>> Kindly thxs and take care of the pacman..

-- 
--Z--

Re: OT: Test new email conf

2024-03-05 Thread Daniele B.



The past days I was managing to try it
the admin interface of BookMyName (iliad) and
sorry for the wanted advertisement.. (it is affordable)
Suddenly I found myself in front of a
transliteral (from the French) saying very
closed to the following:

"Please fill in a backup email address
(attention by suppling an email address different to
the registration email you are admitting
to currently use more than one email address!)".

I personally felt faintened, almost doomed..

-Dan

Mar 2, 2024 07:54:55 Nowarez Market :

> Hello,
>
> You can take it like a *curtesy email* to disclose my new email address.
> Kindly thxs and take care of the pacman..

OT: Test new email conf

2024-03-01 Thread Nowarez Market

Hello,

You can take it like a *curtesy email* to disclose my new email address.
Kindly thxs and take care of the pacman..


> N0\/\/@r€Z
> --
>    /\/\@rk€T

Re: New (for me,) dmesg warning during system bootup.

2024-02-25 Thread Avon Robertson

On Sun, Feb 25, 2024 at 04:33:13PM -0600, Brian Conway wrote:
> On Sun, Feb 25, 2024, at 4:27 PM, Avon Robertson wrote:
> > I have noticed several posts related to endbr64 in the last week, so I
> > thought this might be of interest to someone.
> >
> > Performed a 'sysupgrade -s' earlier today to:
> > kern.version=OpenBSD 7.5-beta (GENERIC.MP) #25: Sat Feb 24 20:50:14 MST 2024
> > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> >
> > The below was subsequently noticed in the system bootup messages.
> >
> > 
> > pf enabled
> > starting network
> > reordering: ld.sold: warning: _dl_start: missing endbr64 libcld: 
> > warning: __mcount: missing endbr64 libcrypto sshd.
> > 
> >
> > -- 
> > aer
> 
> https://marc.info/?t=17088928881
> 
> "It is unimportant and temporary."
> 
> Brian
> 
Thank you for the above link Brian. I had by chance, already read both
of those posts, as they were in the last set of email that I fetched.

-- 
aer

Re: New (for me,) dmesg warning during system bootup.

2024-02-25 Thread Theo de Raadt

Ignore it.

Artifact of other work.  Temporary.


Brian Conway  wrote:

> On Sun, Feb 25, 2024, at 4:27 PM, Avon Robertson wrote:
> > I have noticed several posts related to endbr64 in the last week, so I
> > thought this might be of interest to someone.
> >
> > Performed a 'sysupgrade -s' earlier today to:
> > kern.version=OpenBSD 7.5-beta (GENERIC.MP) #25: Sat Feb 24 20:50:14 MST 2024
> > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> >
> > The below was subsequently noticed in the system bootup messages.
> >
> > 
> > pf enabled
> > starting network
> > reordering: ld.sold: warning: _dl_start: missing endbr64 libcld: 
> > warning: __mcount: missing endbr64 libcrypto sshd.
> > 
> >
> > -- 
> > aer
> 
> https://marc.info/?t=17088928881
> 
> "It is unimportant and temporary."
> 
> Brian
>

Re: New (for me,) dmesg warning during system bootup.

2024-02-25 Thread Brian Conway

On Sun, Feb 25, 2024, at 4:27 PM, Avon Robertson wrote:
> I have noticed several posts related to endbr64 in the last week, so I
> thought this might be of interest to someone.
>
> Performed a 'sysupgrade -s' earlier today to:
> kern.version=OpenBSD 7.5-beta (GENERIC.MP) #25: Sat Feb 24 20:50:14 MST 2024
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>
> The below was subsequently noticed in the system bootup messages.
>
> 
> pf enabled
> starting network
> reordering: ld.sold: warning: _dl_start: missing endbr64 libcld: 
> warning: __mcount: missing endbr64 libcrypto sshd.
> 
>
> -- 
> aer

https://marc.info/?t=17088928881

"It is unimportant and temporary."

Brian

New (for me,) dmesg warning during system bootup.

2024-02-25 Thread Avon Robertson

I have noticed several posts related to endbr64 in the last week, so I
thought this might be of interest to someone.

Performed a 'sysupgrade -s' earlier today to:
kern.version=OpenBSD 7.5-beta (GENERIC.MP) #25: Sat Feb 24 20:50:14 MST 2024
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

The below was subsequently noticed in the system bootup messages.


pf enabled
starting network
reordering: ld.sold: warning: _dl_start: missing endbr64 libcld: warning: 
__mcount: missing endbr64 libcrypto sshd.


-- 
aer

ACPI kernel panic in first boot after new OpenBSD install

2024-02-18 Thread Shivam Gupta

Hello all,

I have just installed the OpenBSD on a ASUS tuf f15 gaming laptop,
installation went very smooth.

But I soon as I reboot the computer, it put me in ddb shell and there was a
kernel panic related to acpi.

I searched on internet, and tried to update my bios to the latest version
but that did not help. I tried disabling the acpi but that also not worked,
same result.

I followed
https://www.reddit.com/r/openbsd/comments/150jl5y/acpi_error_at_first_boot_on_dell_inspiron_15_3593/
to
get
https://bugzilla.kernel.org/show_bug.cgi?id=202585, here they said it is
bios bug so closed it.

But bios update did not solve the problem, so I am wondering if there is
any work around of this issue.

I have attached one picture of kernel panic and one with show panic and
trace command on ddb.

Images link -

https://postimg.cc/gallery/KYg665H

Regards,
Shivam

Re: Unable to connect to WiFi on new OpenBSD installation

2024-02-03 Thread Sadeep Madurange

On Sat, 3 Feb 2024 11:23:44 +0100, Stefan Sperling  wrote:

> On Sat, Feb 03, 2024 at 10:57:37AM +0100, Stefan Sperling wrote:
> > On Sat, Feb 03, 2024 at 07:26:33AM +0100, Sadeep Madurange wrote:
> > > I installed OpenBSD on a T490. I can't connect to WiFi. I'm not sure if 
> > > it's because the 
> > >device is not supported. In the dmesg I see the following line:
> > > 
> > > "Intel Wi-Fi 6 AX201" rev 0x00 at pci0 dev 20 function 3 not configured
> > > 
> > > I ran fw_update, and I can see the iwx-* files under /etc/firmware. I'm 
> > > not sure what to do
> > > next. The installed OpenBSD version (from uname -a) is 7.4 GENERIC.MP#2 
> > > i386.
> 
> Oh wait, i386? You need amd64.

That worked! Thank you!

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-03 Thread Mark

> 3.7.9 is a newer version than 3.8.20221007

Stuart, thanks very much for this information, I didn't know about that.
Moved to 3.7.9 and it's working fine right now.

Configured my postfix from scratch, though, to prevent any misconfiguration
on my side.

Best wishes,
Mark.



Stuart Henderson , 3 Şub 2024 Cmt, 16:23
tarihinde şunu yazdı:

> On 2024-02-03, Mike Fischer  wrote:
> >
> >> Am 03.02.2024 um 03:44 schrieb Brian Conway :
> >>
> >>> Why do you run such an outdated postfix snapshot?
> >>
> >> That is the latest version that is supported/available in
> packages-stable:
> >>
> >> https://cdn.openbsd.org/pub/OpenBSD/7.4/packages-stable/amd64/
> >
> > While we have not encountered the TLS issue with Gmail (see below) we
> are in the same boat otherwise. postfix-3.8.20221007 seemed like the newest
> version a while back and so we are running that version. Going back to
> 3.7.9 seems like it may be a partial step backwards.
>
> 3.7.9 is a newer version than 3.8.20221007.
>
> --
> Please keep replies on the mailing list.
>
>

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-03 Thread Stuart Henderson

On 2024-02-03, Mike Fischer  wrote:
>
>> Am 03.02.2024 um 03:44 schrieb Brian Conway :
>> 
>>> Why do you run such an outdated postfix snapshot?
>> 
>> That is the latest version that is supported/available in packages-stable:
>> 
>> https://cdn.openbsd.org/pub/OpenBSD/7.4/packages-stable/amd64/
>
> While we have not encountered the TLS issue with Gmail (see below) we are in 
> the same boat otherwise. postfix-3.8.20221007 seemed like the newest version 
> a while back and so we are running that version. Going back to 3.7.9 seems 
> like it may be a partial step backwards.

3.7.9 is a newer version than 3.8.20221007.

-- 
Please keep replies on the mailing list.

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-03 Thread Stuart Henderson

On 2024-02-03, Mark  wrote:
> Hi again,
>
> I completely removed Postfix and installed the official stable package
> "postfix-3.7.9p0-sasl2-mysql", but the problem persists.

There is possibly still some conflict between openssl (required by
newer versions of postfix) and libressl (used by pretty much all of the
rest of the ports tree). I would suggest using a 3.5 version if you're
using one of the non-default flavoured versions of postfix and having
TLS-related problems and see if that helps (from 3.6 they started
requiring features from newer versions of openssl that haven't made it
into libressl yet).

>> https://github.com/openbsd/ports/blob/master/mail/postfix/snapshot/Makefile

the snapshot version of Postfix that is currently in the ports tree is
seriously outdated, I think it should probably be removed.

-- 
Please keep replies on the mailing list.

Re: Unable to connect to WiFi on new OpenBSD installation

2024-02-03 Thread Stefan Sperling

On Sat, Feb 03, 2024 at 10:57:37AM +0100, Stefan Sperling wrote:
> On Sat, Feb 03, 2024 at 07:26:33AM +0100, Sadeep Madurange wrote:
> > Hello,
> > 
> > I installed OpenBSD on a T490. I can't connect to WiFi. I'm not sure if 
> > it's because the device is not supported. In the dmesg I see the following 
> > line:
> > 
> > "Intel Wi-Fi 6 AX201" rev 0x00 at pci0 dev 20 function 3 not configured
> > 
> > I ran fw_update, and I can see the iwx-* files under /etc/firmware. I'm not 
> > sure what to do next. The installed OpenBSD version (from uname -a) is 7.4 
> > GENERIC.MP#2 i386.
> > 
> > 
> 
> Please try a -current snapshot.

Oh wait, i386? You need amd64.

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-03 Thread Mike Fischer



> Am 03.02.2024 um 03:44 schrieb Brian Conway :
> 
>> Why do you run such an outdated postfix snapshot?
> 
> That is the latest version that is supported/available in packages-stable:
> 
> https://cdn.openbsd.org/pub/OpenBSD/7.4/packages-stable/amd64/

While we have not encountered the TLS issue with Gmail (see below) we are in 
the same boat otherwise. postfix-3.8.20221007 seemed like the newest version a 
while back and so we are running that version. Going back to 3.7.9 seems like 
it may be a partial step backwards.

Meanwhile Postfix 3.8.5 (along with versions 3.7.10, 3.6.14, 3.5.24) seem to 
have become a stable releases [1| but alas there are no OpenBSD ports for these 
versions yet.

So instead of directing people to the older stable release version 3.7.9 maybe 
a better plan would be to eventually create a port for 3.8.5?


BTW: On OpenBSD 7.4-stable amd64 using postfix-3.8.20221007p12 I was able to 
send and receive emails to/from Gmail without problems. So maybe Mark has some 
sort of configuration issue? Note however that we are not using the 
-sasl2-mysql flavor of the port so that might make a difference?


Mike

[1] https://www.postfix.org/announcements/postfix-3.8.5.html

Re: Unable to connect to WiFi on new OpenBSD installation

2024-02-03 Thread Stefan Sperling

On Sat, Feb 03, 2024 at 07:26:33AM +0100, Sadeep Madurange wrote:
> Hello,
> 
> I installed OpenBSD on a T490. I can't connect to WiFi. I'm not sure if it's 
> because the device is not supported. In the dmesg I see the following line:
> 
> "Intel Wi-Fi 6 AX201" rev 0x00 at pci0 dev 20 function 3 not configured
> 
> I ran fw_update, and I can see the iwx-* files under /etc/firmware. I'm not 
> sure what to do next. The installed OpenBSD version (from uname -a) is 7.4 
> GENERIC.MP#2 i386.
> 
> 

Please try a -current snapshot.

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-02 Thread Mark

As an additional note; I upgraded my server yesterday from (amd64) OpenBSD
7.3 to 7.4 by sysupgrade tool (remotely - unattended way).

Is it possible that the upgrade process created trouble with TLS, SSL
libraries?

It was completed without any "visible" issue, as far as I can tell.

Regards.


Mark , 3 Şub 2024 Cmt, 10:34 tarihinde şunu
yazdı:

> Hi again,
>
> I completely removed Postfix and installed the official stable package
> "postfix-3.7.9p0-sasl2-mysql", but the problem persists.
>
> P.S.: The issue only happens with incoming mails from Gmail servers.
>
> (Well, I do have the needed lines recommended in smtp-smuggling page, the
> ones for "works with all versions".)
>
>
> Herbert J. Skuhra , 3 Şub 2024 Cmt, 10:28 tarihinde
> şunu yazdı:
>
>> On Sat, Feb 03, 2024 at 09:19:47AM +0300, Mark wrote:
>> > An experimental, unstable package in packages-stable?
>> >
>> > An outdated and potentially vulnerable software in the latest OpenBSD
>> > 7.4-stable?
>> >
>> > I must really have been missing something here...
>>
>> Just a few links:
>>
>>
>> https://github.com/openbsd/ports/blob/master/mail/postfix/snapshot/Makefile
>> http://ftp.porcupine.org/mirrors/postfix-release/index.html#experimental
>> https://www.postfix.org/smtp-smuggling.html
>>
>> --
>> Herbert
>>
>>

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-02 Thread Mark

Hi again,

I completely removed Postfix and installed the official stable package
"postfix-3.7.9p0-sasl2-mysql", but the problem persists.

P.S.: The issue only happens with incoming mails from Gmail servers.

(Well, I do have the needed lines recommended in smtp-smuggling page, the
ones for "works with all versions".)


Herbert J. Skuhra , 3 Şub 2024 Cmt, 10:28 tarihinde şunu
yazdı:

> On Sat, Feb 03, 2024 at 09:19:47AM +0300, Mark wrote:
> > An experimental, unstable package in packages-stable?
> >
> > An outdated and potentially vulnerable software in the latest OpenBSD
> > 7.4-stable?
> >
> > I must really have been missing something here...
>
> Just a few links:
>
> https://github.com/openbsd/ports/blob/master/mail/postfix/snapshot/Makefile
> http://ftp.porcupine.org/mirrors/postfix-release/index.html#experimental
> https://www.postfix.org/smtp-smuggling.html
>
> --
> Herbert
>
>

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-02 Thread Herbert J. Skuhra

On Sat, Feb 03, 2024 at 09:19:47AM +0300, Mark wrote:
> An experimental, unstable package in packages-stable?
> 
> An outdated and potentially vulnerable software in the latest OpenBSD
> 7.4-stable?
> 
> I must really have been missing something here...

Just a few links:

https://github.com/openbsd/ports/blob/master/mail/postfix/snapshot/Makefile
http://ftp.porcupine.org/mirrors/postfix-release/index.html#experimental
https://www.postfix.org/smtp-smuggling.html

-- 
Herbert

Unable to connect to WiFi on new OpenBSD installation

2024-02-02 Thread Sadeep Madurange

Hello,

I installed OpenBSD on a T490. I can't connect to WiFi. I'm not sure if it's 
because the device is not supported. In the dmesg I see the following line:

"Intel Wi-Fi 6 AX201" rev 0x00 at pci0 dev 20 function 3 not configured

I ran fw_update, and I can see the iwx-* files under /etc/firmware. I'm not 
sure what to do next. The installed OpenBSD version (from uname -a) is 7.4 
GENERIC.MP#2 i386.

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-02 Thread Mark

An experimental, unstable package in packages-stable?

An outdated and potentially vulnerable software in the latest OpenBSD
7.4-stable?

I must really have been missing something here...


Herbert J. Skuhra , 3 Şub 2024 Cmt, 09:04 tarihinde şunu
yazdı:

> On Fri, Feb 02, 2024 at 08:44:45PM -0600, Brian Conway wrote:
> > On Fri, Feb 2, 2024, at 6:44 PM, Herbert J. Skuhra wrote:
> > > On Sat, Feb 03, 2024 at 03:00:10AM +0300, Mark wrote:
> > >> Hi.
> > >>
> > >> It seems that the recent Postfix update under 7.4-amd64,
> > >> (package: postfix-3.8.20221007p12-sasl2-mysql) breaks TLS connections,
> > >> coming from Gmail servers, throwing a TLS library problem.
> > >>
> > >> Here's the log output;
> > >>
> > >> postfix/smtpd[32879]: connect from mail-yw1-f178.google.com
> [209.85.128.178]
> > >>
> > >> postfix/smtpd[7374]: Trusted TLS connection established from
> > >> mail-lf1-f45.google.com[209.85.167.45]: TLSv1.3
> > >> with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519
> > >> server-signature ECDSA (prime256v1) server-digest SHA256
> client-signature
> > >> RSA-PSS (2048 bits) client-digest SHA256
> > >>
> > >> postfix/smtpd[7374]: warning: TLS library problem: error:0A000126:SSL
> > >> routines::unexpected eof while reading:ssl/record/rec_layer_s3.c:308:
> > >> postfix/smtpd[7374]: lost connection after STARTTLS from
> > >> mail-lf1-f45.google.com[209.85.167.45]
> > >> postfix/smtpd[7374]: disconnect from mail-lf1-f45.google.com
> [209.85.167.45]
> > >> ehlo=1 starttls=1 commands=2
> > >>
> > >> Before updating the package, I had postfix-3.8.20221007p11, and it
> had no
> > >> such problem.
> > >
> > > Why do you run such an outdated postfix snapshot?
> >
> > That is the latest version that is supported/available in
> packages-stable:
> >
> > https://cdn.openbsd.org/pub/OpenBSD/7.4/packages-stable/amd64/
>
> Yeah, sadly! But no reason to install/run outdated and potentially
> vulnerable server software. :-)
>
> Postfix 3.8.20221007 is an old development snapshot (experimental!). It
> should be either updated or removed. Latest version as of today is
> postfix-3.9-20240129. There are also updates available for postfix35
> (3.5.24) and postfix (3.7.10/3.8.5).
>
> --
> Herbert
>
>

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-02 Thread Herbert J. Skuhra

On Fri, Feb 02, 2024 at 08:44:45PM -0600, Brian Conway wrote:
> On Fri, Feb 2, 2024, at 6:44 PM, Herbert J. Skuhra wrote:
> > On Sat, Feb 03, 2024 at 03:00:10AM +0300, Mark wrote:
> >> Hi.
> >> 
> >> It seems that the recent Postfix update under 7.4-amd64,
> >> (package: postfix-3.8.20221007p12-sasl2-mysql) breaks TLS connections,
> >> coming from Gmail servers, throwing a TLS library problem.
> >> 
> >> Here's the log output;
> >> 
> >> postfix/smtpd[32879]: connect from mail-yw1-f178.google.com[209.85.128.178]
> >> 
> >> postfix/smtpd[7374]: Trusted TLS connection established from
> >> mail-lf1-f45.google.com[209.85.167.45]: TLSv1.3
> >> with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519
> >> server-signature ECDSA (prime256v1) server-digest SHA256 client-signature
> >> RSA-PSS (2048 bits) client-digest SHA256
> >> 
> >> postfix/smtpd[7374]: warning: TLS library problem: error:0A000126:SSL
> >> routines::unexpected eof while reading:ssl/record/rec_layer_s3.c:308:
> >> postfix/smtpd[7374]: lost connection after STARTTLS from
> >> mail-lf1-f45.google.com[209.85.167.45]
> >> postfix/smtpd[7374]: disconnect from mail-lf1-f45.google.com[209.85.167.45]
> >> ehlo=1 starttls=1 commands=2
> >> 
> >> Before updating the package, I had postfix-3.8.20221007p11, and it had no
> >> such problem.
> >
> > Why do you run such an outdated postfix snapshot?
> 
> That is the latest version that is supported/available in packages-stable:
> 
> https://cdn.openbsd.org/pub/OpenBSD/7.4/packages-stable/amd64/

Yeah, sadly! But no reason to install/run outdated and potentially
vulnerable server software. :-)

Postfix 3.8.20221007 is an old development snapshot (experimental!). It
should be either updated or removed. Latest version as of today is
postfix-3.9-20240129. There are also updates available for postfix35
(3.5.24) and postfix (3.7.10/3.8.5).

-- 
Herbert

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-02 Thread Brian Conway

On Fri, Feb 2, 2024, at 6:44 PM, Herbert J. Skuhra wrote:
> On Sat, Feb 03, 2024 at 03:00:10AM +0300, Mark wrote:
>> Hi.
>> 
>> It seems that the recent Postfix update under 7.4-amd64,
>> (package: postfix-3.8.20221007p12-sasl2-mysql) breaks TLS connections,
>> coming from Gmail servers, throwing a TLS library problem.
>> 
>> Here's the log output;
>> 
>> postfix/smtpd[32879]: connect from mail-yw1-f178.google.com[209.85.128.178]
>> 
>> postfix/smtpd[7374]: Trusted TLS connection established from
>> mail-lf1-f45.google.com[209.85.167.45]: TLSv1.3
>> with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519
>> server-signature ECDSA (prime256v1) server-digest SHA256 client-signature
>> RSA-PSS (2048 bits) client-digest SHA256
>> 
>> postfix/smtpd[7374]: warning: TLS library problem: error:0A000126:SSL
>> routines::unexpected eof while reading:ssl/record/rec_layer_s3.c:308:
>> postfix/smtpd[7374]: lost connection after STARTTLS from
>> mail-lf1-f45.google.com[209.85.167.45]
>> postfix/smtpd[7374]: disconnect from mail-lf1-f45.google.com[209.85.167.45]
>> ehlo=1 starttls=1 commands=2
>> 
>> Before updating the package, I had postfix-3.8.20221007p11, and it had no
>> such problem.
>
> Why do you run such an outdated postfix snapshot?

That is the latest version that is supported/available in packages-stable:

https://cdn.openbsd.org/pub/OpenBSD/7.4/packages-stable/amd64/

Brian Conway
Owner
RCE Software, LLC

Re: New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-02 Thread Herbert J. Skuhra

On Sat, Feb 03, 2024 at 03:00:10AM +0300, Mark wrote:
> Hi.
> 
> It seems that the recent Postfix update under 7.4-amd64,
> (package: postfix-3.8.20221007p12-sasl2-mysql) breaks TLS connections,
> coming from Gmail servers, throwing a TLS library problem.
> 
> Here's the log output;
> 
> postfix/smtpd[32879]: connect from mail-yw1-f178.google.com[209.85.128.178]
> 
> postfix/smtpd[7374]: Trusted TLS connection established from
> mail-lf1-f45.google.com[209.85.167.45]: TLSv1.3
> with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519
> server-signature ECDSA (prime256v1) server-digest SHA256 client-signature
> RSA-PSS (2048 bits) client-digest SHA256
> 
> postfix/smtpd[7374]: warning: TLS library problem: error:0A000126:SSL
> routines::unexpected eof while reading:ssl/record/rec_layer_s3.c:308:
> postfix/smtpd[7374]: lost connection after STARTTLS from
> mail-lf1-f45.google.com[209.85.167.45]
> postfix/smtpd[7374]: disconnect from mail-lf1-f45.google.com[209.85.167.45]
> ehlo=1 starttls=1 commands=2
> 
> Before updating the package, I had postfix-3.8.20221007p11, and it had no
> such problem.

Why do you run such an outdated postfix snapshot?

-- 
Herbert

New postfix-3.8.20221007p12 broken TLS for Gmail servers?

2024-02-02 Thread Mark

Hi.

It seems that the recent Postfix update under 7.4-amd64,
(package: postfix-3.8.20221007p12-sasl2-mysql) breaks TLS connections,
coming from Gmail servers, throwing a TLS library problem.

Here's the log output;

postfix/smtpd[32879]: connect from mail-yw1-f178.google.com[209.85.128.178]

postfix/smtpd[7374]: Trusted TLS connection established from
mail-lf1-f45.google.com[209.85.167.45]: TLSv1.3
with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519
server-signature ECDSA (prime256v1) server-digest SHA256 client-signature
RSA-PSS (2048 bits) client-digest SHA256

postfix/smtpd[7374]: warning: TLS library problem: error:0A000126:SSL
routines::unexpected eof while reading:ssl/record/rec_layer_s3.c:308:
postfix/smtpd[7374]: lost connection after STARTTLS from
mail-lf1-f45.google.com[209.85.167.45]
postfix/smtpd[7374]: disconnect from mail-lf1-f45.google.com[209.85.167.45]
ehlo=1 starttls=1 commands=2

Before updating the package, I had postfix-3.8.20221007p11, and it had no
such problem.

Any idea?

Regards.

Mark.

new releases of CPAN smoker for OpenBSD 7.4

2024-01-24 Thread Alceu Rodrigues de Freitas Junior


Hello folks,

I just uploaded the new releases for OpenBSD smoker on version 7.4.

Here are the links:

 * https://app.vagrantup.com/arfreitas/boxes/openbsd-7.4-cpan-smoker-i386
 * https://app.vagrantup.com/arfreitas/boxes/openbsd-7.4-cpan-smoker-amd64

Regards,

Alceu

new versions of Perl smoker

2024-01-14 Thread Alceu Rodrigues de Freitas Junior


Hello folks,

A couple of months late, but I just uploaded the new releases for Perl 
smoker on OpenBSD version 7.3.


I had to fix some issues regarding virtualization (hardware) 
configuration, but at least version 7.4 should come next pretty soon.


Here are the links:

 * https://app.vagrantup.com/arfreitas/boxes/openbsd-7.3-cpan-smoker-amd64
 * https://app.vagrantup.com/arfreitas/boxes/openbsd-7.3-cpan-smoker-i386

Regards,

Alceu

Re: Claws Mail and new call for eu locale

2023-11-15 Thread Ingo Schwarze

Hi,

Daniele B. wrote on Wed, Nov 15, 2023 at 06:17:21PM +0100:

> I just came accross the last little problem regarding the locale of my
> system: in Claws Mail the date in message pane is displayed in %x
> format (result=mm/dd/year) to adapt to the current locale. 
> 
> I started to change locale to my system in all the possible ways
> without luck. If I set it_IT I got yes the right language but the same
> result for the date (in the message pane).
> 
> In the end going in Claws Mail display settings the option allows me
> to specify the parameters for the date format. "man strftime" I found
> something useful (an year/mm/dd), although not exactly a simple
> dd/mm/year format yet.
> 
> Dispite these details and knowing that en_US.UTF-8 with "C" locale
> profile is reccomnded to us, I take the time to gently ask about
> the support for any european date locale profile and any feedback
> about any eventual work-in-progress?

Even if someone would provide libc patches to provide LC_* support
other than LC_CTYPE, i would veto them, even if they were correct and
very simple (they cannot be simple, though).  Reliable and predictable
output is much more important than such quibbles.  The C library is
totally the wrong place for any such functionality.

Yours,
  Ingo

Re: support new

2023-10-24 Thread Wesley MOUEDINE ASSABY

Hello Ingo,

Parfait, merci beaucoup.

Regards,

Wesley

-Message d'origine-
De : Ingo Schwarze  
Envoyé : mardi 24 octobre 2023 15:35
À : Wesley MOUEDINE ASSABY 
Cc : misc@openbsd.org
Objet : Re: support new

Hi Wesley,

Wesley MOUEDINE ASSABY wrote on Tue, Oct 24, 2023 at 02:06:47PM +0400:

> 0
> C France
> P REUNION
> T Sainte Clotilde
> Z 97490
> O Consultant
> I Wesley Mouedine Assaby
> M wes...@mouedine.net <mailto:wes...@mouedine.net> U 
> https://www.mouedine.net N OpenBSD consulting, services like 
> mailserver, web hosting, firewall and vpn.

Committed with s/vpn/VPN/, the spelling familiar from OpenBSD manual pages.
I removed all information from your old entry that you no longer included in
your new entry.

The new entry is now online here, please check:

  https://www.openbsd.org/support.html#France

Yours,
  Ingo

Re: support new

2023-10-24 Thread Ingo Schwarze

Hi Wesley,

Wesley MOUEDINE ASSABY wrote on Tue, Oct 24, 2023 at 02:06:47PM +0400:

> 0
> C France
> P REUNION
> T Sainte Clotilde
> Z 97490
> O Consultant
> I Wesley Mouedine Assaby
> M wes...@mouedine.net <mailto:wes...@mouedine.net> 
> U https://www.mouedine.net
> N OpenBSD consulting, services like mailserver, web hosting, firewall and
> vpn.

Committed with s/vpn/VPN/, the spelling familiar from OpenBSD manual
pages.  I removed all information from your old entry that you no longer
included in your new entry.

The new entry is now online here, please check:

  https://www.openbsd.org/support.html#France

Yours,
  Ingo

support new

2023-10-24 Thread Wesley MOUEDINE ASSABY

0

C France

P REUNION

T Sainte Clotilde

Z 97490

O Consultant

I Wesley Mouedine Assaby

M wes...@mouedine.net  

U https://www.mouedine.net

N OpenBSD consulting, services like mailserver, web hosting, firewall and
vpn.

support new

2023-10-23 Thread Solène Rapenne


0
C France
P Bretagne
T Rennes
Z 35000
O Consultant
I Solène Rapenne
M sol...@lambda-solene.eu
U https://www.lambda-solene.eu/
N OpenBSD/FreeBSD/Linux consulting, support, training and system 
administration. Software packaging.

Re: groups new

2023-10-05 Thread Matti

Okay, thank you for your suggestion.

-M

to 5. lokak. 2023 klo 10.49 Janne Johansson (icepic...@gmail.com) kirjoitti:

> Den tors 5 okt. 2023 kl 09:43 skrev Matti :
>
>> It's not official, and I am trying to gain visibility by having it on the
>> openbsd site. I am the first member.
>>
>
> Perhaps try to help getting the HelBUG restarted again, there should be
> some people there who like BSD.
>
> http://helbug.fi/
> https://twitter.com/helbsdusergroup
>
> --
> May the most significant bit of your life be positive.
>

Re: groups new

2023-10-05 Thread Janne Johansson

Den tors 5 okt. 2023 kl 09:43 skrev Matti :

> It's not official, and I am trying to gain visibility by having it on the
> openbsd site. I am the first member.
>

Perhaps try to help getting the HelBUG restarted again, there should be
some people there who like BSD.

http://helbug.fi/
https://twitter.com/helbsdusergroup

-- 
May the most significant bit of your life be positive.

Re: groups new

2023-10-05 Thread Matti

It's not official, and I am trying to gain visibility by having it on the
openbsd site. I am the first member.

BR,

Matti

pe 22. syysk. 2023 klo 15.29 Ingo Schwarze (schwa...@usta.de) kirjoitti:

> Hi Matti,
>
> Matti wrote on Sun, Sep 17, 2023 at 04:14:55PM +0100:
>
> > 0
> > C Finland
> > P Uusimaa
> > T Helsinki
> > F None
> > O Finnish OpenBSD Users Group
> > I None
> > M membership.f...@gmail.com
> > U None
> > N *BSD
>
> so far, i failed to find any evidence that such a group actually exists.
> Can anybody provide pointers to such evidence?
>
> Thanks,
>   Ingo
>

Re: groups new

2023-09-22 Thread Ingo Schwarze

Hi Matti,

Matti wrote on Sun, Sep 17, 2023 at 04:14:55PM +0100:

> 0
> C Finland
> P Uusimaa
> T Helsinki
> F None
> O Finnish OpenBSD Users Group
> I None
> M membership.f...@gmail.com
> U None
> N *BSD

so far, i failed to find any evidence that such a group actually exists.
Can anybody provide pointers to such evidence?

Thanks,
  Ingo

groups new

2023-09-17 Thread Matti

0
C Finland
P Uusimaa
T Helsinki
F None
O Finnish OpenBSD Users Group
I None
M membership.f...@gmail.com
U None
N *BSD

Re: I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI

2023-07-29 Thread Chris Bennett

On Sat, Jul 29, 2023 at 07:41:18PM +, Philipp Buehler wrote:
> Am 29.07.2023 21:29 schrieb Chris Bennett:
> > The other IP's are randomly missing or give this:
> > 
> > link#2 UHLc   0  450 - 3 em1
> > 

Hi,
I'm happy. I practiced on the other server until I was sure, then I
changed the first server over to the new way. I got one link#2 on the
last IP, so I aliased that one in too and rebooted. Everything is great.

What does link#2 mean in a more literal sense?

Tomorrow all I have to do is new DNS records and swap the IP addresses
for the other server.
Tell them to switch me over to the new IP's and I'm done.

I have no idea what the network problem was, but I leave my desktop on
24/7.
It crashed for the first time ever. Most likely it was the problem.

Thank you for the education. I fully approve of getting little pieces at
a time. Change this. Doesn't work. Study it carefully. Post again. More
problems. Then more help.
I have always liked OpenBSD's policy of not giving information to just
copy/paste.

Now I need to go make a donation.
Have a great day.

-- 
Chris

Re: I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI

2023-07-29 Thread Chris Bennett

On Sat, Jul 29, 2023 at 07:41:18PM +, Philipp Buehler wrote:
> Oh, you need an alias for each IP that should be bound on em1
> so, like:
> # cat /etc/hostname.em1
> inet 103.103.103.170/29
> inet alias 103.103.103.171/32
> inet alias 103.103.103.172/32
> inet alias 103.103.103.173/32
> inet alias 103.103.103.174/32
> 

This seemed to work.
The network is very strange for me.
Not sure if my hotspot is bad or if they are having network problems at
the company. New network, new problems?

I will get back later if this is a real problem or not.

I was reading route manpage. Next is netstart script and manpage.

Thanks. I really appreciate it.

Chris Bennett

> 
> mygate and netstart has a manpage, as there is 'hostname.if' to read :)
> 
> PS: pointless to use '-x'; just a lot of debug noise
> 
> -- 
> pb
> 

--

Re: I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI

2023-07-29 Thread Philipp Buehler


Am 29.07.2023 21:29 schrieb Chris Bennett:

The other IP's are randomly missing or give this:

link#2 UHLc   0  450 - 3 em1

Each route flush;sh -x /etc/nestart   or a reboot changes the result.


Oh, you need an alias for each IP that should be bound on em1
so, like:
# cat /etc/hostname.em1
inet 103.103.103.170/29
inet alias 103.103.103.171/32
inet alias 103.103.103.172/32
inet alias 103.103.103.173/32
inet alias 103.103.103.174/32

# cat /etc/mygate
103.103.103.169

mygate and netstart has a manpage, as there is 'hostname.if' to read :)

PS: pointless to use '-x'; just a lot of debug noise

--
pb

Re: I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI

2023-07-29 Thread Chris Bennett

On Sat, Jul 29, 2023 at 06:18:40PM +, Philipp Buehler wrote:
> Am 29.07.2023 20:04 schrieb Chris Bennett:
> > inet 103.103.103.168/29
> 
> That's wrong, you put the "first" IP-address you want to
> use/have on em1. So that would be 170/29
> 

Well, that half-worked. 
Always get ...170, works.
ssh works. autossh with -M no longer works except with autossh -M 0
...169 is the gateway. ...175 is broadcast.

The other IP's are randomly missing or give this:

link#2 UHLc   0  450 - 3 em1

Each route flush;sh -x /etc/nestart   or a reboot changes the result.

I just tried mygate at ...174. No good.

> (168 is this network's BSD-broadcast or "net address")
> 
> 
> > /etc/mygate is
> > 103.103.103.169
> Cannot forsee what your ISP provides as the gateway, but
> likely that's correct.
> 

Feel free to offer me a good man page to start with. Coffee is working.

-- 
Chris Bennett

Re: I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI

2023-07-29 Thread Philipp Buehler


Am 29.07.2023 20:04 schrieb Chris Bennett:

inet 103.103.103.168/29


That's wrong, you put the "first" IP-address you want to
use/have on em1. So that would be 170/29

(168 is this network's BSD-broadcast or "net address")



/etc/mygate is
103.103.103.169

Cannot forsee what your ISP provides as the gateway, but
likely that's correct.

All names (hosts,myname) is not directly relevant to IP networking.
Do not put names in mygate (just a sidenote).



ifconfig gave 103.103.103.168 as the IP address
route -n show gave 103.103.103.168 as the gateway.

Likely a config from the errornous hostname.if entry, see above.



I did not change or remove what's in /etc/hostname which is at
103.103.103.170. Does that matter?

hosts I assume? That might be relevant to apache, but not the
networking (reachability) itself.

--
pb

Re: I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI

2023-07-29 Thread Chris Bennett

On Sat, Jul 29, 2023 at 04:34:17AM +, Philipp Buehler wrote:
> 
> To save mindboggling counting of 'f' or similar, just write this to
> /etc/hostname.em1
> inet 108.181.26.178/28
> The ifconfig called from netstart will figure it out ;-) That's a headups
> for everybody, so cc misc@.
> 

Hmm, I also have a newer server with the same company that does have a
usable IPMI. I also have to change IP's with it too.
It is running -current from a few weeks ago, so this is a fictional
address except for the last three digits (168)

103.103.103.168/29

Right now, I have my first IP I'm using at 103.103.103.170

I put into /etc/hostname.em1:

inet 103.103.103.168/29

/etc/mygate is
103.103.103.169

/etc/myname is
network-moron.com

I did not change /etc/hosts which just has the addresses from
103.103.103.170 to 103.103.103.175 added.

I rebooted, but couldn't ping the server at any address.

In IPMI, there were no network problems on the boot screen, but apache2
failed to start.

ifconfig gave 103.103.103.168 as the IP address
route -n show gave 103.103.103.168 as the gateway.

For the heck of it, I changed /etc/mygate to 103.103.103.168,
just to see if that provided any useful information.
Same failed outcome, as I expected.

.later

I tried every obvious variation I could think of.
Nothing works except what I used on the other server.

A couple of years ago I tried to do what you suggested with a script to
swap back in the old hostname and reboot. I couldn't ever get it to work
Since what I had worked (not what I really wanted to use with the
aliases), I just blew it off.

I took a good while with my brain in sludge mode last night to change
some essential passwords and shut off imap, etc.
I still lacking enough sleep. Having coffee, going to eat and probably
go back to bed. I just wanted to try this out while I could.
I wanted to post about this and then RTFM's later with a clear head.

I did not change or remove what's in /etc/hostname which is at
103.103.103.170. Does that matter?

-- 
Chris Bennett

Re: I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI 11 Perhaps they just don't have a proper setup or are not using it.

2023-07-28 Thread Chris Bennett

On Sat, Jul 29, 2023 at 04:34:17AM +, Philipp Buehler wrote:
> Moin Chris,
> 
> Am 29.07.2023 04:17 schrieb Chris Bennett:
> > The network is 108.181.26.176/28.
> > 
> > Right now,the first IP is 108.181.26.178 and the last regular address is
> > 108.181.26.190, which might be wrong. I'm too tired to read any more
> > man pages or web pages. I needed more than 2hrs of sleep.
> > I'm super worn out, so forgive my mistakes.
> > 
> > Any help appreciated. I don't want the next syspatch reboot to fail.
> 
> To save mindboggling counting of 'f' or similar, just write this to
> /etc/hostname.em1
> inet 108.181.26.178/28
> The ifconfig called from netstart will figure it out ;-) That's a headups
> for everybody, so cc misc@.
> 

Yes, there was a big delay when he put in one f too few.

Besides changing IP ranges, they also just started pushing a single IP
address that serves as everything, but also a different checkbox for the
same thing for Linux only.
I know essentially nothing about Linux besides the fact that I quickly
tried several, but I didn't like them. I then ran into something
mentioning OpenBSD. After reading the website, I saw that OpenBSD was
and has been an excellent choice. No regrets.
I already know from experience that if I asked them for any details
about that networking change, I would NOT get a useful answer.

After I got to multiple days, my goal had to be getting able to ssh in
and start fixing things.
Security through obscurity does not work. So I think it is well worth it
to show and get help. I am so tired right now, that my Dad had a problem
with sound using YouTube on a Firestick. I couldn't tell him even the
simplest step, so I just had him reboot it.

I'm going to kill everything that has outside access, get a good night's
sleep and then change every password for inside stuff and all emails.
Then I'm going to carefully read every man page, etc. until I understand
everything fully. Now is the right time for this. Until recently, I only
had a laptop stuck at 6.6 and a lousy phone hotspot or an even crappier
access to almost useless wifi in places like libraries. Two used
computers and a really great phone hotspot make everything good now.

Thank you very much.

> The current ifconfig em1 shows a bit wild setup for 108.181.26.179; but that
> 
> is likely unintended and the wrong mask/bc will be gone with the above
> setting.
> 
> The route output shows several hosts in 108.136/108.137 ranges where there
> is no corresponding setup given.
> 
> But to reach the system via 108.181.26.178 again, this looks sound.
> 
> HTH,
> -- 
> pb
> 
> PS:
> tyo# cat /etc/hostname.vlan1
> vlandev vio0
> inet 108.181.26.178/28
> tyo# sh /etc/netstart vlan1
> tyo# ifconfig vlan1
> vlan1: flags=8843 mtu 1500
>   lladdr fe:e1:bb:6e:63:36
>   index 7 priority 0 llprio 3
>   encap: vnetid none parent vio0 txprio packet rxprio outer
>   groups: vlan
>   media: Ethernet autoselect
>   status: active
>   inet 108.181.26.178 netmask 0xfff0 broadcast 108.181.26.191
> PPS: to check quickly on reachability of a gateway directly:
> ping -I 108.181.26.178 -t 1 108.181.26.177
> and check arp table accordingly

I will try this right now and save this email in the mailbox for
important things to keep long term.

-- 
Chris Bennett

Re: I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI

2023-07-28 Thread Chris Bennett

On Sat, Jul 29, 2023 at 03:45:36AM +, All wrote:
> Your network has first usable IP address 108.181.26.177, not
> 108.181.26.178. Also, your broadcast address is 108.181.26.191 and not
> 108.181.26.190
> 

Yes, I had things setup with 108.181.26.177 as the first IP, but they
changed it. It was extremely frustrating to watch someone making changes
that I did not request. They also don't seem to have the capability to
read the support messages I sent them while actually making incorrect
changes.
Perhaps they just don't have a proper setup or are not using it.
I could see what they were doing by refreshing the IPMI preview screen.
But that really is just a poor set of images. It did let me see the
contents of files if I refreshed the image at just the right moment.
Getting them to type sh -x /etc/netstart or reboot despite giving them
detailed instructions beforehand. It took about 1 1/2hrs to get someone
to finally type sh /etc/netstart after doing all of the above.

But I have never worked in that field, so I really don't know what goes
on in their server farms.
There was another issue that I did not know how to deal with. I will
mention that in replying to another in this thread.

-- 
Chris Bennett

Re: I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI

2023-07-28 Thread Philipp Buehler


Moin Chris,

Am 29.07.2023 04:17 schrieb Chris Bennett:

The network is 108.181.26.176/28.

Right now,the first IP is 108.181.26.178 and the last regular address 
is

108.181.26.190, which might be wrong. I'm too tired to read any more
man pages or web pages. I needed more than 2hrs of sleep.
I'm super worn out, so forgive my mistakes.

Any help appreciated. I don't want the next syspatch reboot to fail.


To save mindboggling counting of 'f' or similar, just write this to 
/etc/hostname.em1

inet 108.181.26.178/28
The ifconfig called from netstart will figure it out ;-) That's a 
headups for everybody, so cc misc@.


The current ifconfig em1 shows a bit wild setup for 108.181.26.179; but 
that


is likely unintended and the wrong mask/bc will be gone with the above 
setting.


The route output shows several hosts in 108.136/108.137 ranges where 
there

is no corresponding setup given.

But to reach the system via 108.181.26.178 again, this looks sound.

HTH,
--
pb

PS:
tyo# cat /etc/hostname.vlan1
vlandev vio0
inet 108.181.26.178/28
tyo# sh /etc/netstart vlan1
tyo# ifconfig vlan1
vlan1: flags=8843 mtu 1500
lladdr fe:e1:bb:6e:63:36
index 7 priority 0 llprio 3
encap: vnetid none parent vio0 txprio packet rxprio outer
groups: vlan
media: Ethernet autoselect
status: active
inet 108.181.26.178 netmask 0xfff0 broadcast 108.181.26.191
PPS: to check quickly on reachability of a gateway directly:
ping -I 108.181.26.178 -t 1 108.181.26.177
and check arp table accordingly

Re: I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI

2023-07-28 Thread All

Your network has first usable IP address 108.181.26.177, not
108.181.26.178. Also, your broadcast address is 108.181.26.191 and not
108.181.26.190






On Saturday, July 29, 2023 at 12:17:47 p.m. GMT+9, Chris Bennett 
 wrote: 





Hi.

My server company either was bought by another company or just hooked up
new IP ranges.
I have a super cheap server with 13 IP addresses. This only has ancient
Java KVM which I can't hook up to, but I can use the console preview
only as single refreshable images.

So I had to coach them along. I had to really rush due to the cutoff
date. I made a few mistakes, inet isn't spelled ine, etc.
A power screwup, my fault. Watching someone trying to use ed was
amusing. I had to get /home commented out since it needed manual fsck.

It was a long day and all night and morning today.

Everything is apparently working fine, but a little different than my
previous setup.
I would like some help to know if this setup will work after a reboot.
I really don't want to ask for more help from support.

The network is 108.181.26.176/28.

Right now,the first IP is 108.181.26.178 and the last regular address is
108.181.26.190, which might be wrong. I'm too tired to read any more
man pages or web pages. I needed more than 2hrs of sleep.
I'm super worn out, so forgive my mistakes.

Any help appreciated. I don't want the next syspatch reboot to fail.

Chris Bennett


cat /etc/hostname.em1

inet 108.181.26.178 0xfff0 108.181.26.190
inet alias 108.181.26.179 255.255.255.255
inet alias 108.181.26.180 255.255.255.255
inet alias 108.181.26.181 255.255.255.255
inet alias 108.181.26.182 255.255.255.255
inet alias 108.181.26.183 255.255.255.255
inet alias 108.181.26.184 255.255.255.255
inet alias 108.181.26.185 255.255.255.255
inet alias 108.181.26.186 255.255.255.255
inet alias 108.181.26.187 255.255.255.255
inet alias 108.181.26.188 255.255.255.255
inet alias 108.181.26.189 255.255.255.255
#inet alias 108.181.26.190 255.255.255.255

cat /etc/hosts

127.0.0.1    localhost
::1        localhost

#108.181.26.177  gateway
108.181.26.178    bennettconstruction.us
108.181.26.179    strengthcouragewisdom.rocks
108.181.26.180    mail.strengthcouragewisdom.rocks
108.181.26.181    freedomforlife.rocks
108.181.26.182    mx.freedomforlife.rocks
108.181.26.183    bsd-sec.dev
108.181.26.184    mx.bennettconstruction.us
108.181.26.185    bsd-sec.com
108.181.26.186    mail.bsd-sec.com
108.181.26.187    cowboyup.xyz
108.181.26.188    mail.cowboyup.xyz
108.181.26.189    capuchado.com
108.181.26.190    # Using for development, unassigned

cat /etc/myname

bennettconstruction.us

cat /etc/mygate

108.181.26.177
route -n show
Routing tables

Internet:
Destination        Gateway            Flags  Refs      Use  Mtu  Prio Iface
default            108.181.26.177    UGS      11    25504    -    8 em1  
108/8              108.181.26.179    UCn      11        0    -    4 em1  
108.136.59.3      00:1f:6d:eb:60:00  UHLc      0        4    -    3 em1  
108.136.125.137    00:1f:6d:eb:60:00  UHLc      0        2    -    3 em1  
108.136.179.191    00:1f:6d:eb:60:00  UHLc      0        9    -    3 em1  
108.136.182.161    00:1f:6d:eb:60:00  UHLc      0        9    -    3 em1  
108.136.235.206    00:1f:6d:eb:60:00  UHLc      0        8    -    3 em1  
108.136.238.232    00:1f:6d:eb:60:00  UHLc      0      10    -    3 em1  
108.136.248.92    00:1f:6d:eb:60:00  UHLc      0        9    -    3 em1  
108.137.2.3        00:1f:6d:eb:60:00  UHLc      0        3    -    3 em1  
108.137.73.28      00:1f:6d:eb:60:00  UHLc      0      15    -    3 em1  
108.137.74.160    00:1f:6d:eb:60:00  UHLc      0        4    -    3 em1  
108.137.155.209    00:1f:6d:eb:60:00  UHLc      0        3    -    3 em1  
108.181.26.176/28  108.181.26.178    UCn        1        2    -    4 em1  
108.181.26.177    00:1f:6d:eb:60:00  UHLch      1      44    -    3 em1  
108.181.26.178    00:25:90:6c:43:43  UHLl      0    4741    -    1 em1  
108.181.26.179    00:25:90:6c:43:43  UHLl      0    3443    -    1 em1  
108.181.26.180    00:25:90:6c:43:43  UHLl      0    4510    -    1 em1  
108.181.26.180/32  108.181.26.180    UCn        0        0    -    4 em1  
108.181.26.181    00:25:90:6c:43:43  UHLl      0    3004    -    1 em1  
108.181.26.181/32  108.181.26.181    UCn        0        0    -    4 em1  
108.181.26.182    00:25:90:6c:43:43  UHLl      0    4192    -    1 em1  
108.181.26.182/32  108.181.26.182    UCn        0        0    -    4 em1  
108.181.26.183    00:25:90:6c:43:43  UHLl      0    4767    -    1 em1  
108.181.26.183/32  108.181.26.183    UCn        0        0    -    4 em1  
108.181.26.184    00:25:90:6c:43:43  UHLl      0    8119    -    1 em1  
108.181.26.184/32  108.181.26.184    UCn        0        0    -    4 em1  
108.181.26.185    00:25:90:6c:43:43  UHLl      0    4902    -    1 em1  
108.181.26.185/32  108.181.26.185    UCn        0        0    -    4 em1  
108.181.26.186    00:25:90:6c:43:43  UHLl      0    3049

I need help to see if I can reboot new network OK. Wild misadventures with non-OpenBSD support and bad IPMI

2023-07-28 Thread Chris Bennett

Hi.

My server company either was bought by another company or just hooked up
new IP ranges.
I have a super cheap server with 13 IP addresses. This only has ancient
Java KVM which I can't hook up to, but I can use the console preview
only as single refreshable images.

So I had to coach them along. I had to really rush due to the cutoff
date. I made a few mistakes, inet isn't spelled ine, etc.
A power screwup, my fault. Watching someone trying to use ed was
amusing. I had to get /home commented out since it needed manual fsck.

It was a long day and all night and morning today.

Everything is apparently working fine, but a little different than my
previous setup.
I would like some help to know if this setup will work after a reboot.
I really don't want to ask for more help from support.

The network is 108.181.26.176/28.

Right now,the first IP is 108.181.26.178 and the last regular address is
108.181.26.190, which might be wrong. I'm too tired to read any more
man pages or web pages. I needed more than 2hrs of sleep.
I'm super worn out, so forgive my mistakes.

Any help appreciated. I don't want the next syspatch reboot to fail.

Chris Bennett


cat /etc/hostname.em1

inet 108.181.26.178 0xfff0 108.181.26.190
inet alias 108.181.26.179 255.255.255.255
inet alias 108.181.26.180 255.255.255.255
inet alias 108.181.26.181 255.255.255.255
inet alias 108.181.26.182 255.255.255.255
inet alias 108.181.26.183 255.255.255.255
inet alias 108.181.26.184 255.255.255.255
inet alias 108.181.26.185 255.255.255.255
inet alias 108.181.26.186 255.255.255.255
inet alias 108.181.26.187 255.255.255.255
inet alias 108.181.26.188 255.255.255.255
inet alias 108.181.26.189 255.255.255.255
#inet alias 108.181.26.190 255.255.255.255

cat /etc/hosts

127.0.0.1   localhost
::1 localhost

#108.181.26.177   gateway
108.181.26.178bennettconstruction.us
108.181.26.179strengthcouragewisdom.rocks
108.181.26.180mail.strengthcouragewisdom.rocks
108.181.26.181freedomforlife.rocks
108.181.26.182mx.freedomforlife.rocks
108.181.26.183bsd-sec.dev
108.181.26.184mx.bennettconstruction.us
108.181.26.185bsd-sec.com
108.181.26.186mail.bsd-sec.com
108.181.26.187cowboyup.xyz
108.181.26.188mail.cowboyup.xyz
108.181.26.189capuchado.com
108.181.26.190# Using for development, unassigned

cat /etc/myname

bennettconstruction.us

cat /etc/mygate

108.181.26.177
route -n show
Routing tables

Internet:
DestinationGatewayFlags   Refs  Use   Mtu  Prio Iface
default108.181.26.177 UGS   1125504 - 8 em1  
108/8  108.181.26.179 UCn   110 - 4 em1  
108.136.59.3   00:1f:6d:eb:60:00  UHLc   04 - 3 em1  
108.136.125.13700:1f:6d:eb:60:00  UHLc   02 - 3 em1  
108.136.179.19100:1f:6d:eb:60:00  UHLc   09 - 3 em1  
108.136.182.16100:1f:6d:eb:60:00  UHLc   09 - 3 em1  
108.136.235.20600:1f:6d:eb:60:00  UHLc   08 - 3 em1  
108.136.238.23200:1f:6d:eb:60:00  UHLc   0   10 - 3 em1  
108.136.248.92 00:1f:6d:eb:60:00  UHLc   09 - 3 em1  
108.137.2.300:1f:6d:eb:60:00  UHLc   03 - 3 em1  
108.137.73.28  00:1f:6d:eb:60:00  UHLc   0   15 - 3 em1  
108.137.74.160 00:1f:6d:eb:60:00  UHLc   04 - 3 em1  
108.137.155.20900:1f:6d:eb:60:00  UHLc   03 - 3 em1  
108.181.26.176/28  108.181.26.178 UCn12 - 4 em1  
108.181.26.177 00:1f:6d:eb:60:00  UHLch  1   44 - 3 em1  
108.181.26.178 00:25:90:6c:43:43  UHLl   0 4741 - 1 em1  
108.181.26.179 00:25:90:6c:43:43  UHLl   0 3443 - 1 em1  
108.181.26.180 00:25:90:6c:43:43  UHLl   0 4510 - 1 em1  
108.181.26.180/32  108.181.26.180 UCn00 - 4 em1  
108.181.26.181 00:25:90:6c:43:43  UHLl   0 3004 - 1 em1  
108.181.26.181/32  108.181.26.181 UCn00 - 4 em1  
108.181.26.182 00:25:90:6c:43:43  UHLl   0 4192 - 1 em1  
108.181.26.182/32  108.181.26.182 UCn00 - 4 em1  
108.181.26.183 00:25:90:6c:43:43  UHLl   0 4767 - 1 em1  
108.181.26.183/32  108.181.26.183 UCn00 - 4 em1  
108.181.26.184 00:25:90:6c:43:43  UHLl   0 8119 - 1 em1  
108.181.26.184/32  108.181.26.184 UCn00 - 4 em1  
108.181.26.185 00:25:90:6c:43:43  UHLl   0 4902 - 1 em1  
108.181.26.185/32  108.181.26.185 UCn00 - 4 em1  
108.181.26.186 00:25:90:6c:43:43  UHLl   0 3049 - 1 em1  
108.181.26.186/32  108.181.26.186 UCn00 - 4 em1  
108.181.26.1

New groups

2023-06-24 Thread Kevin Williams

0 
C USA
P Oregon
T Portland
F 3rd Thursday, 7pm
O BSD Pizza Night (group)
U https://bsd.pizza 
N *BSD

groups new

2023-05-31 Thread WATANABE Takeo

0
C Japan
P Niigata (Echigo)
F 4 times a year
O Echigo BSD Users Group
M inqu...@ebug.jp
U https://www.ebug.jp
N *BSD

pkg_add: Can't locate object method "new" via package "OpenBSD::PackingList::Depend"

2023-05-17 Thread Mikhail

Hi,

looks like after recent changes in -current pkg_add become broken:

$ pkg_add -n scapy
quirks-6.130 signed on 2023-05-16T19:13:11Z
scapy-2.4.4p4:py3-cparser-2.21: ok
pkg_add: Can't locate object method "new" via package 
"OpenBSD::PackingList::Depend" (perhaps you forgot to load 
"OpenBSD::PackingList::Depend"?)

Is it known issue?

OpenBSD 7.3-current (GENERIC.MP) #1185: Wed May 17 08:26:47 MDT 2023
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

groups new

2023-04-11 Thread Jan Prunk

0
C Slovenia
P Ljubljana
T Ljubljana
F 1st Thursday, 8:00 PM
O BSD users group Slovenia
I Jan Prunk
M janpr...@gmail.com
U https://bsd.si
N *BSD

groups new

2023-04-11 Thread Jan Prunk

0
C Slovenia
P Ljubljana
T Ljubljana
F 1st Thursday, 8:00 PM
O BSD users group Slovenia
I Jan Prunk
M janpr...@gmail.com
U https://bsd.si
N *BSD.

A new version of fmt enhanced for *roff files

2023-03-06 Thread Walter Alejandro Iglesias

Hello everyone,

I wrote my own version of fmt, with some enhancements and a new feature
to break lines in *roff files.

  https://en.roquesor.com/Downloads/fmtroff.c

In the head comment is explained why I reinvented the wheel. :-)

I guess someone could find it useful.


-- 
Walter

New Groups

2023-02-26 Thread Muhammad Abdullah Khabir


0
C   Pakistan
P   Punjab
T   Islamabad
F   Irregular
O   Pakistan OpenBSD User's Group
I   Muhammad Abdullah Khabir
M   abdullah@abdullah.solutions
U   https://abdullah.solutions
N   OpenBSD

Re: new support entry for vendors page

2023-02-22 Thread Daniele B.

Leah Rowe :

> Thank you in advance for your consideration.
> 
> PS:
> 
> I'm also the founder of the Libreboot project, and I coordinate
> development on it.

Good luck and compliments for Libreboot.

I think we should all call for *open hardware* activism and we can't miss
to congrats to any tangible idea like yours, indeed.



-- Daniele Bonini

new support entry for vendors page

2023-02-22 Thread Leah Rowe



Hello everyone,

I'm wondering if my company can be added to this page:

https://www.openbsd.org/support.html

I provide OpenBSD pre-installation on request, for hardware that I
sell. I quite enjoy doing BSD installs. Huge fan, I use OpenBSD myself
on a few of my machines. I often recommend it to people.

The format as requested on that page, for the proposed entry:

0
C UK
P Essex
T Canvey Island
Z SS8 9QA
O Minifree Ltd
I Leah Rowe
A 19 Hilton Road
M i...@minifree.org
U https://minifree.org/
B no phone; email and irc only
X no phone; email and irc only
N Minifree has experience providing various OpenBSD configurations,
specifically on serviced ThinkPads. On request, a laptop sold will come
with OpenBSD, in a configuration of your choosing; the laptops also
come with Libreboot, based on coreboot which replaces proprietary
BIOS/UEFI firmware. Shipping worldwide.

Thank you in advance for your consideration.

PS:

I'm also the founder of the Libreboot project, and I coordinate
development on it.

-- 
Leah Rowe,
Company Director,
Minifree Ltd

Registered in England, registration No. 9361826
VAT Registration No. GB202190462
Minifree Ltd, 19 Hilton Road, Canvey Island
Essex SS8 9QA, United Kingdom
United Kingdom

support new

2023-02-14 Thread Leah Rowe

0
C UK
P Essex
T Canvey Island
Z SS8 9QA
O Minifree Ltd
I Leah Rowe
A 19 Hilton Road
M i...@minifree.org
U https://minifree.org/
B no phone; email and irc only
X no phone; email and irc only
N Minifree has experience providing various OpenBSD configurations,
specifically on serviced ThinkPads. On request, a laptop sold will come
with OpenBSD, in a configuration of your choosing; the laptops also
come with Libreboot, based on coreboot which replaces proprietary
BIOS/UEFI firmware.

mg: problem with large directory names and open new file

2023-01-25 Thread Harald Dunkel


Hi folks,

If I have opened a file in a subdirectory with a very long path
(larger than the terminal width) and if try to open a new file
using ^x^f, then mg seems to be confused.

The long path is cut off in the Find File dialog. Only the
first chars are shown. The filename I enter is not shown while
typing. I have to use ^a^e in the dialog buffer to refresh it.

Do you think the input string in the Find File dialog could
be scrolled horizontally instead?

Terminal is an xterm 80x24. No UTF-8 or other peculiarities are
involved. Sample session:

mkdir -p 
/tmp/axaxaxaxaxaxax
ls -1a 
>/tmp/axaxaxaxaxaxax/x1.txt
find . -print 
>/tmp/axaxaxaxaxaxax/x2.txt
mg 
/tmp/axaxaxaxaxaxax/x1.txt
# try to open x2.txt using ^x^f


Regards

Harri

Re: bridge(4) question new network setup

2023-01-23 Thread patrick keshishian

On 1/21/23, David Gwynne  wrote:
> On Sat, Jan 21, 2023 at 01:46:34PM -0800, patrick keshishian wrote:
>> On 1/20/23, David Gwynne  wrote:
>> > On Fri, Jan 20, 2023 at 11:09:47AM -0800, patrick keshishian wrote:
>> >> Hello,
>> >>
>> >> I am trying get a new ISP setup working.  The Router is
>> >> causing some pain.  There is a /28 public block assigned.
>> >> The DSL router can't be configured in transparent bridge
>> >> mode (they say).  It holds on to one of the /28 addresses.
>> >
>> > i'm sure they say that, but that doesn't mean it's impossible. this
>> > will be a lot easier and more useful if you can get a dsl modem
>> > into bridge/transparent mode and do all the routing on your own
>> > box.
>>
>> OK. So the situation was a bit worse than I had actually
>> anticipated.  After I got the described setup configured
>> I noticed that the DSL Router/Modem wouldn't send out
>> any traffic unless it had an arp entry for the source.
>> e.g., nat-to an unassigned IP from the /28 wouldn't go out.
>>
>> Again, in my limited networking knowledge, it meant I had
>> to do proxy arp entries for /28 public IPs in the $dmz.
>> This was quite frustrating.
>>
>> So I started poking around in the DSL Router/modem settings
>> (cuing off your "doesn't mean it's impossible") and I
>> have it now acting as a transparent bridge!
>>
>> I spent most of Tues on the phone with their techs, and I
>> was assured that is not possible/unsupported.  Now maybe
>> they actually meant "unsupported" mode as far as their
>> support is concerned.
>>
>> But things seem to running as expect (so far)!  So thanks
>> for the bit of "encouragement"!
>
> Does that mean you have the WAN IP on your router now? And you can do
> whatever you want with the /28?

Yep!  And it made things so much easier to set up.

>> > that would also give you the option to do fun stuff like NOT putting
>> > the /28 onto an ethernet network so you could you use all 16 of the
>> > IPs on dmz hosts instead of losing some to network/broadcast/gateway.
>>
>> I am curious how you would go about doing what you suggest:
>> Using all 16 of /28.
>
> The simple (and currently best supported) way is to set up a tunnel
> interface for every IP in the /28 and connect the tunnel to the server
> providing the service. The router would have a config like this:
>
> ifconfig gif0 create
> ifconfig gif0 tunnel $router_lan_ip $server_lan_ip
> ifconfig gif0 inet $router_gif_ip $server_slash28_ip

A bit above my pay-grade.  I'll need to study this later on.

Thanks again for the hints/help!
--patrick


>>
>> Thanks for your reply,
>> --patrick
>>
>>
>> >> The setup looks something like this:
>> >> (and hopefully the ascii "art" remains intact from gmail)
>> >>
>> >>( internet )
>> >> |
>> >> | [WAN IP]
>> >>   +-o--+
>> >>  / DSL ROUTER / <-- Transparent bridge mode NOT possible
>> >> +-o--+
>> >>   | [ one of /28 Public IPs = $dslgw_ip ]
>> >>   |
>> >>   |
>> >>   | $ext
>> >> +-o--+
>> >> ||
>> >> | OpenBSD/pf o--- ( rest of /28 Public IP network )
>> >> || $dmz  (DMZ: httpd, smtpd, ...)
>> >> +-o--+
>> >>  $lan | [10.x.x.1]
>> >>   |
>> >> ( 10.x.x.x network )
>> >>
>> >>
>> >> As far as networking goes, I need to be spoken to as if I'm
>> >> a fledgling.
>> >>
>> >> I want to do the obvious: use OpenBSD/pf(4) to:
>> >>  - Filter traffic from $ext to $dmz
>> >>  - Filter traffic from $dmz outbound
>> >>  - Filter traffic from $lan (10.x.x.x) to $dmz
>> >>  - NAT traffic from $lan (10.x.x.x) outbound to internet
>> >>
>> >>
>> >> I'm bridge(4)-ing $ext and $dmz.  Which means I must give
>> >> one of the /28 public IP addresses to either $ext or $dmz
>> >> to be able to do:
>> >>
>> >> # route add default $dslgw_ip
>> >>
>> >> (!?)
>> >>
>> >> Am I missing something?
>> >> Is there a better way to configure things?
>> >>
>> >> Thanks,
>> >> --patrick
>> >>
>> >
>

Re: bridge(4) question new network setup

2023-01-23 Thread patrick keshishian

On 1/21/23, David Gwynne  wrote:
> On Sat, Jan 21, 2023 at 01:32:18PM -0800, patrick keshishian wrote:
>> On 1/20/23, Hrvoje Popovski  wrote:
>> > On 20.1.2023. 20:09, patrick keshishian wrote:
>> >> Hello,
>> >>
>> >> I am trying get a new ISP setup working.  The Router is
>> >> causing some pain.  There is a /28 public block assigned.
>> >> The DSL router can't be configured in transparent bridge
>> >> mode (they say).  It holds on to one of the /28 addresses.
>> >>
>> >> The setup looks something like this:
>> >> (and hopefully the ascii "art" remains intact from gmail)
>> >>
>> >>( internet )
>> >> |
>> >> | [WAN IP]
>> >>   +-o--+
>> >>  / DSL ROUTER / <-- Transparent bridge mode NOT possible
>> >> +-o--+
>> >>   | [ one of /28 Public IPs = $dslgw_ip ]
>> >>   |
>> >>   |
>> >>   | $ext
>> >> +-o--+
>> >> ||
>> >> | OpenBSD/pf o--- ( rest of /28 Public IP network )
>> >> || $dmz  (DMZ: httpd, smtpd, ...)
>> >> +-o--+
>> >>  $lan | [10.x.x.1]
>> >>   |
>> >> ( 10.x.x.x network )
>> >>
>> >>
>> >> As far as networking goes, I need to be spoken to as if I'm
>> >> a fledgling.
>> >>
>> >> I want to do the obvious: use OpenBSD/pf(4) to:
>> >>  - Filter traffic from $ext to $dmz
>> >>  - Filter traffic from $dmz outbound
>> >>  - Filter traffic from $lan (10.x.x.x) to $dmz
>> >>  - NAT traffic from $lan (10.x.x.x) outbound to internet
>> >>
>> >>
>> >> I'm bridge(4)-ing $ext and $dmz.  Which means I must give
>> >> one of the /28 public IP addresses to either $ext or $dmz
>> >> to be able to do:
>> >>
>> >> # route add default $dslgw_ip
>> >>
>> >> (!?)
>> >>
>> >> Am I missing something?
>> >> Is there a better way to configure things?
>> >>
>> >> Thanks,
>> >> --patrick
>> >>
>> >
>> > Hi,
>> >
>> > If your ext interface is in same subnet as that /28 from your ISP then
>> > you could:
>> >
>> > - use veb(4) to bridge ext, dmz and vport(4) interface and add default
>> > route to dslgw_ip. vport is ip interface for veb
>>
>> I started out looking at veb(4) but I wasn't confident
>> how I could filter traffic in/out of $dmz.  Also, the
>> description of vport(4) which states "packets traversing
>> vport interfaces appear to travel in the opposite direction
>> to packets travelling over other ports" confused me even
>> more.  So I started using bridge(4).
>
> When you add a port to veb(4), it takes it over completely and by
> default it only uses it to switch traffic at layer 2 (Ethernet).
> In other words, by default veb(4) does not run pf against packets
> on ports.
>
> vport is an exception because it operates as if it is a normal
> ethernet interface plugged into a switchport, it's just that the
> switch in this situation is veb, and the other ports on that switch
> are the non-vport interfaces you added to the veb.

Thanks for taking the time to explain in these two paragraphs.
I definitely have a better sense of veb/vport now.

> So, by default veb lets you build a switch out of other interfaces
> in the system, and vport lets you plug the kernel network stack
> into that virtual switch. Because packets from a normal switch coming
> into a normal physical interface go in to the network stack, that is
> also how it behaves with vport. ie, you write rules in pf like this for
> packets coming from a veb into a vport:
>
>   pass in on vport0 inet tcp from any to port ssh

Nice.

> If you do enable IP filtering on veb (ie, you ifconfig veb0 link1 as per
> the ifconfig manpage), then packets coming from the "wire" into the
> interface are filtered by pf too. This means that if a packet is coming
> from the wire and is destined to your network stack via a vport
> interface, it will be going through pf twice: once when it comes into
> the physical interface and again when it goes over vport.
>
> pf is not designed for a packet to be processed twice. TCP packets in
> particular going through pf twice will confuse the window tracking. If
> you're doing NAT or something like that, it can also get confused.

Re: bridge(4) question new network setup

2023-01-21 Thread David Gwynne




> On 22 Jan 2023, at 10:44, David Gwynne  wrote:
> 
> On Sat, Jan 21, 2023 at 01:46:34PM -0800, patrick keshishian wrote:
>> On 1/20/23, David Gwynne  wrote:
>>> On Fri, Jan 20, 2023 at 11:09:47AM -0800, patrick keshishian wrote:
>>>> Hello,
>>>> 
>>>> I am trying get a new ISP setup working.  The Router is
>>>> causing some pain.  There is a /28 public block assigned.
>>>> The DSL router can't be configured in transparent bridge
>>>> mode (they say).  It holds on to one of the /28 addresses.
>>> 
>>> i'm sure they say that, but that doesn't mean it's impossible. this
>>> will be a lot easier and more useful if you can get a dsl modem
>>> into bridge/transparent mode and do all the routing on your own
>>> box.
>> 
>> OK. So the situation was a bit worse than I had actually
>> anticipated.  After I got the described setup configured
>> I noticed that the DSL Router/Modem wouldn't send out
>> any traffic unless it had an arp entry for the source.
>> e.g., nat-to an unassigned IP from the /28 wouldn't go out.
>> 
>> Again, in my limited networking knowledge, it meant I had
>> to do proxy arp entries for /28 public IPs in the $dmz.
>> This was quite frustrating.
>> 
>> So I started poking around in the DSL Router/modem settings
>> (cuing off your "doesn't mean it's impossible") and I
>> have it now acting as a transparent bridge!
>> 
>> I spent most of Tues on the phone with their techs, and I
>> was assured that is not possible/unsupported.  Now maybe
>> they actually meant "unsupported" mode as far as their
>> support is concerned.
>> 
>> But things seem to running as expect (so far)!  So thanks
>> for the bit of "encouragement"!
> 
> Does that mean you have the WAN IP on your router now? And you can do
> whatever you want with the /28?
> 
>>> that would also give you the option to do fun stuff like NOT putting
>>> the /28 onto an ethernet network so you could you use all 16 of the
>>> IPs on dmz hosts instead of losing some to network/broadcast/gateway.
>> 
>> I am curious how you would go about doing what you suggest:
>> Using all 16 of /28.
> 
> The simple (and currently best supported) way is to set up a tunnel
> interface for every IP in the /28 and connect the tunnel to the server
> providing the service. The router would have a config like this:
> 
> ifconfig gif0 create
> ifconfig gif0 tunnel $router_lan_ip $server_lan_ip
> ifconfig gif0 inet $router_gif_ip $server_slash28_ip

you can also just rdr connections to the /28 IPs to things, they don’t have to 
be real IPs assigned to hosts anywhere.


> 
>> 
>> Thanks for your reply,
>> --patrick
>> 
>> 
>>>> The setup looks something like this:
>>>> (and hopefully the ascii "art" remains intact from gmail)
>>>> 
>>>>   ( internet )
>>>>|
>>>>| [WAN IP]
>>>>  +-o--+
>>>> / DSL ROUTER / <-- Transparent bridge mode NOT possible
>>>> +-o--+
>>>>  | [ one of /28 Public IPs = $dslgw_ip ]
>>>>  |
>>>>  |
>>>>  | $ext
>>>> +-o--+
>>>> ||
>>>> | OpenBSD/pf o--- ( rest of /28 Public IP network )
>>>> || $dmz  (DMZ: httpd, smtpd, ...)
>>>> +-o--+
>>>> $lan | [10.x.x.1]
>>>>  |
>>>> ( 10.x.x.x network )
>>>> 
>>>> 
>>>> As far as networking goes, I need to be spoken to as if I'm
>>>> a fledgling.
>>>> 
>>>> I want to do the obvious: use OpenBSD/pf(4) to:
>>>> - Filter traffic from $ext to $dmz
>>>> - Filter traffic from $dmz outbound
>>>> - Filter traffic from $lan (10.x.x.x) to $dmz
>>>> - NAT traffic from $lan (10.x.x.x) outbound to internet
>>>> 
>>>> 
>>>> I'm bridge(4)-ing $ext and $dmz.  Which means I must give
>>>> one of the /28 public IP addresses to either $ext or $dmz
>>>> to be able to do:
>>>> 
>>>> # route add default $dslgw_ip
>>>> 
>>>> (!?)
>>>> 
>>>> Am I missing something?
>>>> Is there a better way to configure things?
>>>> 
>>>> Thanks,
>>>> --patrick

Re: bridge(4) question new network setup

2023-01-21 Thread David Gwynne

On Sat, Jan 21, 2023 at 01:46:34PM -0800, patrick keshishian wrote:
> On 1/20/23, David Gwynne  wrote:
> > On Fri, Jan 20, 2023 at 11:09:47AM -0800, patrick keshishian wrote:
> >> Hello,
> >>
> >> I am trying get a new ISP setup working.  The Router is
> >> causing some pain.  There is a /28 public block assigned.
> >> The DSL router can't be configured in transparent bridge
> >> mode (they say).  It holds on to one of the /28 addresses.
> >
> > i'm sure they say that, but that doesn't mean it's impossible. this
> > will be a lot easier and more useful if you can get a dsl modem
> > into bridge/transparent mode and do all the routing on your own
> > box.
> 
> OK. So the situation was a bit worse than I had actually
> anticipated.  After I got the described setup configured
> I noticed that the DSL Router/Modem wouldn't send out
> any traffic unless it had an arp entry for the source.
> e.g., nat-to an unassigned IP from the /28 wouldn't go out.
> 
> Again, in my limited networking knowledge, it meant I had
> to do proxy arp entries for /28 public IPs in the $dmz.
> This was quite frustrating.
> 
> So I started poking around in the DSL Router/modem settings
> (cuing off your "doesn't mean it's impossible") and I
> have it now acting as a transparent bridge!
> 
> I spent most of Tues on the phone with their techs, and I
> was assured that is not possible/unsupported.  Now maybe
> they actually meant "unsupported" mode as far as their
> support is concerned.
> 
> But things seem to running as expect (so far)!  So thanks
> for the bit of "encouragement"!

Does that mean you have the WAN IP on your router now? And you can do
whatever you want with the /28?

> > that would also give you the option to do fun stuff like NOT putting
> > the /28 onto an ethernet network so you could you use all 16 of the
> > IPs on dmz hosts instead of losing some to network/broadcast/gateway.
> 
> I am curious how you would go about doing what you suggest:
> Using all 16 of /28.

The simple (and currently best supported) way is to set up a tunnel
interface for every IP in the /28 and connect the tunnel to the server
providing the service. The router would have a config like this:

ifconfig gif0 create
ifconfig gif0 tunnel $router_lan_ip $server_lan_ip
ifconfig gif0 inet $router_gif_ip $server_slash28_ip

> 
> Thanks for your reply,
> --patrick
> 
> 
> >> The setup looks something like this:
> >> (and hopefully the ascii "art" remains intact from gmail)
> >>
> >>( internet )
> >> |
> >> | [WAN IP]
> >>   +-o--+
> >>  / DSL ROUTER / <-- Transparent bridge mode NOT possible
> >> +-o--+
> >>   | [ one of /28 Public IPs = $dslgw_ip ]
> >>   |
> >>   |
> >>   | $ext
> >> +-o--+
> >> ||
> >> | OpenBSD/pf o--- ( rest of /28 Public IP network )
> >> || $dmz  (DMZ: httpd, smtpd, ...)
> >> +-o--+
> >>  $lan | [10.x.x.1]
> >>   |
> >> ( 10.x.x.x network )
> >>
> >>
> >> As far as networking goes, I need to be spoken to as if I'm
> >> a fledgling.
> >>
> >> I want to do the obvious: use OpenBSD/pf(4) to:
> >>  - Filter traffic from $ext to $dmz
> >>  - Filter traffic from $dmz outbound
> >>  - Filter traffic from $lan (10.x.x.x) to $dmz
> >>  - NAT traffic from $lan (10.x.x.x) outbound to internet
> >>
> >>
> >> I'm bridge(4)-ing $ext and $dmz.  Which means I must give
> >> one of the /28 public IP addresses to either $ext or $dmz
> >> to be able to do:
> >>
> >> # route add default $dslgw_ip
> >>
> >> (!?)
> >>
> >> Am I missing something?
> >> Is there a better way to configure things?
> >>
> >> Thanks,
> >> --patrick
> >>
> >

Re: bridge(4) question new network setup

2023-01-21 Thread David Gwynne

On Sat, Jan 21, 2023 at 01:32:18PM -0800, patrick keshishian wrote:
> On 1/20/23, Hrvoje Popovski  wrote:
> > On 20.1.2023. 20:09, patrick keshishian wrote:
> >> Hello,
> >>
> >> I am trying get a new ISP setup working.  The Router is
> >> causing some pain.  There is a /28 public block assigned.
> >> The DSL router can't be configured in transparent bridge
> >> mode (they say).  It holds on to one of the /28 addresses.
> >>
> >> The setup looks something like this:
> >> (and hopefully the ascii "art" remains intact from gmail)
> >>
> >>( internet )
> >> |
> >> | [WAN IP]
> >>   +-o--+
> >>  / DSL ROUTER / <-- Transparent bridge mode NOT possible
> >> +-o--+
> >>   | [ one of /28 Public IPs = $dslgw_ip ]
> >>   |
> >>   |
> >>   | $ext
> >> +-o--+
> >> ||
> >> | OpenBSD/pf o--- ( rest of /28 Public IP network )
> >> || $dmz  (DMZ: httpd, smtpd, ...)
> >> +-o--+
> >>  $lan | [10.x.x.1]
> >>   |
> >> ( 10.x.x.x network )
> >>
> >>
> >> As far as networking goes, I need to be spoken to as if I'm
> >> a fledgling.
> >>
> >> I want to do the obvious: use OpenBSD/pf(4) to:
> >>  - Filter traffic from $ext to $dmz
> >>  - Filter traffic from $dmz outbound
> >>  - Filter traffic from $lan (10.x.x.x) to $dmz
> >>  - NAT traffic from $lan (10.x.x.x) outbound to internet
> >>
> >>
> >> I'm bridge(4)-ing $ext and $dmz.  Which means I must give
> >> one of the /28 public IP addresses to either $ext or $dmz
> >> to be able to do:
> >>
> >> # route add default $dslgw_ip
> >>
> >> (!?)
> >>
> >> Am I missing something?
> >> Is there a better way to configure things?
> >>
> >> Thanks,
> >> --patrick
> >>
> >
> > Hi,
> >
> > If your ext interface is in same subnet as that /28 from your ISP then
> > you could:
> >
> > - use veb(4) to bridge ext, dmz and vport(4) interface and add default
> > route to dslgw_ip. vport is ip interface for veb
> 
> I started out looking at veb(4) but I wasn't confident
> how I could filter traffic in/out of $dmz.  Also, the
> description of vport(4) which states "packets traversing
> vport interfaces appear to travel in the opposite direction
> to packets travelling over other ports" confused me even
> more.  So I started using bridge(4).

When you add a port to veb(4), it takes it over completely and by
default it only uses it to switch traffic at layer 2 (Ethernet).
In other words, by default veb(4) does not run pf against packets
on ports.

vport is an exception because it operates as if it is a normal
ethernet interface plugged into a switchport, it's just that the
switch in this situation is veb, and the other ports on that switch
are the non-vport interfaces you added to the veb.

So, by default veb lets you build a switch out of other interfaces
in the system, and vport lets you plug the kernel network stack
into that virtual switch. Because packets from a normal switch coming
into a normal physical interface go in to the network stack, that is
also how it behaves with vport. ie, you write rules in pf like this for
packets coming from a veb into a vport:

  pass in on vport0 inet tcp from any to port ssh

If you do enable IP filtering on veb (ie, you ifconfig veb0 link1 as per
the ifconfig manpage), then packets coming from the "wire" into the
interface are filtered by pf too. This means that if a packet is coming
from the wire and is destined to your network stack via a vport
interface, it will be going through pf twice: once when it comes into
the physical interface and again when it goes over vport.

pf is not designed for a packet to be processed twice. TCP packets in
particular going through pf twice will confuse the window tracking. If
you're doing NAT or something like that, it can also get confused.

So if you're going to enable link1 on veb(4), you need to either skip pf
on the vport interface, or put the veb and vport into different rdomains
so pf will keep separate the states for them.

It is doable and supported, you just need to be mindful of this
semantic.

I found running pf on bridge(4) to be a nightmare, cos every interface
you add as a port on bridge kind of acts as two ports, one that goes to
the wire and another that goes to the stack, but it's hard to say which
will happen and what the right way to filter it is. veb(4) taking over
interfaces completely and not running pf by default is in large part
because of this pain I had with bridge.

> > - or on ext interface put ip alias with ip addresses from /28 public
> > range and than do binat-to or nat-to in pf to hosts in dmz
> >
> > or maybe i totally misunderstood you  :)
> 
> I think you understood me fine. I'm just not too familiar
> with how networking actually works.

Then on top of the networking theory there's the quirks of how
different systems implement things...

Re: bridge(4) question new network setup

2023-01-21 Thread patrick keshishian

On 1/20/23, David Gwynne  wrote:
> On Fri, Jan 20, 2023 at 11:09:47AM -0800, patrick keshishian wrote:
>> Hello,
>>
>> I am trying get a new ISP setup working.  The Router is
>> causing some pain.  There is a /28 public block assigned.
>> The DSL router can't be configured in transparent bridge
>> mode (they say).  It holds on to one of the /28 addresses.
>
> i'm sure they say that, but that doesn't mean it's impossible. this
> will be a lot easier and more useful if you can get a dsl modem
> into bridge/transparent mode and do all the routing on your own
> box.

OK. So the situation was a bit worse than I had actually
anticipated.  After I got the described setup configured
I noticed that the DSL Router/Modem wouldn't send out
any traffic unless it had an arp entry for the source.
e.g., nat-to an unassigned IP from the /28 wouldn't go out.

Again, in my limited networking knowledge, it meant I had
to do proxy arp entries for /28 public IPs in the $dmz.
This was quite frustrating.

So I started poking around in the DSL Router/modem settings
(cuing off your "doesn't mean it's impossible") and I
have it now acting as a transparent bridge!

I spent most of Tues on the phone with their techs, and I
was assured that is not possible/unsupported.  Now maybe
they actually meant "unsupported" mode as far as their
support is concerned.

But things seem to running as expect (so far)!  So thanks
for the bit of "encouragement"!

> that would also give you the option to do fun stuff like NOT putting
> the /28 onto an ethernet network so you could you use all 16 of the
> IPs on dmz hosts instead of losing some to network/broadcast/gateway.

I am curious how you would go about doing what you suggest:
Using all 16 of /28.

Thanks for your reply,
--patrick

>> The setup looks something like this:
>> (and hopefully the ascii "art" remains intact from gmail)
>>
>>( internet )
>> |
>> | [WAN IP]
>>   +-o--+
>>  / DSL ROUTER / <-- Transparent bridge mode NOT possible
>> +-o--+
>>   | [ one of /28 Public IPs = $dslgw_ip ]
>>   |
>>   |
>>   | $ext
>> +-o--+
>> ||
>> | OpenBSD/pf o--- ( rest of /28 Public IP network )
>> || $dmz  (DMZ: httpd, smtpd, ...)
>> +-o--+
>>  $lan | [10.x.x.1]
>>   |
>> ( 10.x.x.x network )
>>
>>
>> As far as networking goes, I need to be spoken to as if I'm
>> a fledgling.
>>
>> I want to do the obvious: use OpenBSD/pf(4) to:
>>  - Filter traffic from $ext to $dmz
>>  - Filter traffic from $dmz outbound
>>  - Filter traffic from $lan (10.x.x.x) to $dmz
>>  - NAT traffic from $lan (10.x.x.x) outbound to internet
>>
>>
>> I'm bridge(4)-ing $ext and $dmz.  Which means I must give
>> one of the /28 public IP addresses to either $ext or $dmz
>> to be able to do:
>>
>> # route add default $dslgw_ip
>>
>> (!?)
>>
>> Am I missing something?
>> Is there a better way to configure things?
>>
>> Thanks,
>> --patrick
>>
>

Re: bridge(4) question new network setup

2023-01-21 Thread patrick keshishian

On 1/20/23, Hrvoje Popovski  wrote:
> On 20.1.2023. 20:09, patrick keshishian wrote:
>> Hello,
>>
>> I am trying get a new ISP setup working.  The Router is
>> causing some pain.  There is a /28 public block assigned.
>> The DSL router can't be configured in transparent bridge
>> mode (they say).  It holds on to one of the /28 addresses.
>>
>> The setup looks something like this:
>> (and hopefully the ascii "art" remains intact from gmail)
>>
>>( internet )
>> |
>> | [WAN IP]
>>   +-o--+
>>  / DSL ROUTER / <-- Transparent bridge mode NOT possible
>> +-o--+
>>   | [ one of /28 Public IPs = $dslgw_ip ]
>>   |
>>   |
>>   | $ext
>> +-o--+
>> ||
>> | OpenBSD/pf o--- ( rest of /28 Public IP network )
>> || $dmz  (DMZ: httpd, smtpd, ...)
>> +-o--+
>>  $lan | [10.x.x.1]
>>   |
>> ( 10.x.x.x network )
>>
>>
>> As far as networking goes, I need to be spoken to as if I'm
>> a fledgling.
>>
>> I want to do the obvious: use OpenBSD/pf(4) to:
>>  - Filter traffic from $ext to $dmz
>>  - Filter traffic from $dmz outbound
>>  - Filter traffic from $lan (10.x.x.x) to $dmz
>>  - NAT traffic from $lan (10.x.x.x) outbound to internet
>>
>>
>> I'm bridge(4)-ing $ext and $dmz.  Which means I must give
>> one of the /28 public IP addresses to either $ext or $dmz
>> to be able to do:
>>
>> # route add default $dslgw_ip
>>
>> (!?)
>>
>> Am I missing something?
>> Is there a better way to configure things?
>>
>> Thanks,
>> --patrick
>>
>
> Hi,
>
> If your ext interface is in same subnet as that /28 from your ISP then
> you could:
>
> - use veb(4) to bridge ext, dmz and vport(4) interface and add default
> route to dslgw_ip. vport is ip interface for veb

I started out looking at veb(4) but I wasn't confident
how I could filter traffic in/out of $dmz.  Also, the
description of vport(4) which states "packets traversing
vport interfaces appear to travel in the opposite direction
to packets travelling over other ports" confused me even
more.  So I started using bridge(4).

> - or on ext interface put ip alias with ip addresses from /28 public
> range and than do binat-to or nat-to in pf to hosts in dmz
>
> or maybe i totally misunderstood you  :)

I think you understood me fine. I'm just not too familiar
with how networking actually works.

Thanks,
--patrick

Re: bridge(4) question new network setup

2023-01-20 Thread David Gwynne

On Fri, Jan 20, 2023 at 11:09:47AM -0800, patrick keshishian wrote:
> Hello,
> 
> I am trying get a new ISP setup working.  The Router is
> causing some pain.  There is a /28 public block assigned.
> The DSL router can't be configured in transparent bridge
> mode (they say).  It holds on to one of the /28 addresses.

i'm sure they say that, but that doesn't mean it's impossible. this
will be a lot easier and more useful if you can get a dsl modem
into bridge/transparent mode and do all the routing on your own
box.

that would also give you the option to do fun stuff like NOT putting
the /28 onto an ethernet network so you could you use all 16 of the
IPs on dmz hosts instead of losing some to network/broadcast/gateway.

> The setup looks something like this:
> (and hopefully the ascii "art" remains intact from gmail)
> 
>( internet )
> |
> | [WAN IP]
>   +-o--+
>  / DSL ROUTER / <-- Transparent bridge mode NOT possible
> +-o--+
>   | [ one of /28 Public IPs = $dslgw_ip ]
>   |
>   |
>   | $ext
> +-o--+
> ||
> | OpenBSD/pf o--- ( rest of /28 Public IP network )
> || $dmz  (DMZ: httpd, smtpd, ...)
> +-o--+
>  $lan | [10.x.x.1]
>   |
> ( 10.x.x.x network )
> 
> 
> As far as networking goes, I need to be spoken to as if I'm
> a fledgling.
> 
> I want to do the obvious: use OpenBSD/pf(4) to:
>  - Filter traffic from $ext to $dmz
>  - Filter traffic from $dmz outbound
>  - Filter traffic from $lan (10.x.x.x) to $dmz
>  - NAT traffic from $lan (10.x.x.x) outbound to internet
> 
> 
> I'm bridge(4)-ing $ext and $dmz.  Which means I must give
> one of the /28 public IP addresses to either $ext or $dmz
> to be able to do:
> 
> # route add default $dslgw_ip
> 
> (!?)
> 
> Am I missing something?
> Is there a better way to configure things?
> 
> Thanks,
> --patrick
>

Re: bridge(4) question new network setup

2023-01-20 Thread Hrvoje Popovski

On 20.1.2023. 20:09, patrick keshishian wrote:
> Hello,
> 
> I am trying get a new ISP setup working.  The Router is
> causing some pain.  There is a /28 public block assigned.
> The DSL router can't be configured in transparent bridge
> mode (they say).  It holds on to one of the /28 addresses.
> 
> The setup looks something like this:
> (and hopefully the ascii "art" remains intact from gmail)
> 
>( internet )
> |
> | [WAN IP]
>   +-o--+
>  / DSL ROUTER / <-- Transparent bridge mode NOT possible
> +-o--+
>   | [ one of /28 Public IPs = $dslgw_ip ]
>   |
>   |
>   | $ext
> +-o--+
> ||
> | OpenBSD/pf o--- ( rest of /28 Public IP network )
> || $dmz  (DMZ: httpd, smtpd, ...)
> +-o--+
>  $lan | [10.x.x.1]
>   |
> ( 10.x.x.x network )
> 
> 
> As far as networking goes, I need to be spoken to as if I'm
> a fledgling.
> 
> I want to do the obvious: use OpenBSD/pf(4) to:
>  - Filter traffic from $ext to $dmz
>  - Filter traffic from $dmz outbound
>  - Filter traffic from $lan (10.x.x.x) to $dmz
>  - NAT traffic from $lan (10.x.x.x) outbound to internet
> 
> 
> I'm bridge(4)-ing $ext and $dmz.  Which means I must give
> one of the /28 public IP addresses to either $ext or $dmz
> to be able to do:
> 
> # route add default $dslgw_ip
> 
> (!?)
> 
> Am I missing something?
> Is there a better way to configure things?
> 
> Thanks,
> --patrick
> 

Hi,

If your ext interface is in same subnet as that /28 from your ISP then
you could:

- use veb(4) to bridge ext, dmz and vport(4) interface and add default
route to dslgw_ip. vport is ip interface for veb

- or on ext interface put ip alias with ip addresses from /28 public
range and than do binat-to or nat-to in pf to hosts in dmz

or maybe i totally misunderstood you  :)

bridge(4) question new network setup

2023-01-20 Thread patrick keshishian

Hello,

I am trying get a new ISP setup working.  The Router is
causing some pain.  There is a /28 public block assigned.
The DSL router can't be configured in transparent bridge
mode (they say).  It holds on to one of the /28 addresses.

The setup looks something like this:
(and hopefully the ascii "art" remains intact from gmail)

   ( internet )
|
| [WAN IP]
  +-o--+
 / DSL ROUTER / <-- Transparent bridge mode NOT possible
+-o--+
  | [ one of /28 Public IPs = $dslgw_ip ]
  |
  |
  | $ext
+-o--+
||
| OpenBSD/pf o--- ( rest of /28 Public IP network )
|| $dmz  (DMZ: httpd, smtpd, ...)
+-o--+
 $lan | [10.x.x.1]
  |
( 10.x.x.x network )


As far as networking goes, I need to be spoken to as if I'm
a fledgling.

I want to do the obvious: use OpenBSD/pf(4) to:
 - Filter traffic from $ext to $dmz
 - Filter traffic from $dmz outbound
 - Filter traffic from $lan (10.x.x.x) to $dmz
 - NAT traffic from $lan (10.x.x.x) outbound to internet


I'm bridge(4)-ing $ext and $dmz.  Which means I must give
one of the /28 public IP addresses to either $ext or $dmz
to be able to do:

# route add default $dslgw_ip

(!?)

Am I missing something?
Is there a better way to configure things?

Thanks,
--patrick

new release of Perl/CPAN smoker for OpenBSD 7.2

2022-11-07 Thread Alceu Rodrigues de Freitas Junior


Hello guys,

For those that are interested in running CPAN smokers on OpenBSD, I made 
available new Vagrant boxes for the OpenBSD 7.2 release:


https://app.vagrantup.com/arfreitas/boxes/openbsd-7.2-cpan-smoker-amd64
https://app.vagrantup.com/arfreitas/boxes/openbsd-7.2-cpan-smoker-i386

Please let me know if you find any issues.

Best regards,

Alceu

Re: Installing OpenBSD on new Chromebook

2022-10-29 Thread David Coppa

Il Sab 29 Ott 2022, 01:02 Jeff Ross  ha scritto:

> Hi all,
>
> I got a nice new laptop at Costco for under $200.  I did the developer
> mode to get to a linux shell and installed a bunch of programs but I'd
> rather just wipe the whole disk and install OpenBSD.
>
> All of places I'm finding with directions on how to do this are from
> circa 2015 and do not work now.
>
> Anybody have a pointer to a more updated set of directions I can try?
>
> Thanks!
>
> Jeff Ross
>

There's also this detailed howto by jcs@:

https://jcs.org/2016/08/26/openbsd_chromebook

Bye,
David

Re: Installing OpenBSD on new Chromebook

2022-10-29 Thread Chris Eidem

You can't just boot any old USB from a Chromebook. It has a locked down 
BIOS. More information here:


https://mrchromebox.tech/

On 10/28/22 17:59, Jeff Ross wrote:

Hi all,

I got a nice new laptop at Costco for under $200.  I did the developer 
mode to get to a linux shell and installed a bunch of programs but I'd 
rather just wipe the whole disk and install OpenBSD.


All of places I'm finding with directions on how to do this are from 
circa 2015 and do not work now.


Anybody have a pointer to a more updated set of directions I can try?

Thanks!

Jeff Ross

Re: Installing OpenBSD on new Chromebook

2022-10-29 Thread Jeff Ross





On 10/29/22 8:50 AM, Nick Holland wrote:

On 10/29/22 10:11, Jeff Ross wrote:



On 10/29/22 1:29 AM, Stuart Henderson wrote:

On 2022-10-28, Gabriel Busch de Brito  wrote:


All of places I'm finding with directions on how to do this are 
from circa

2015 and do not work now.

Anybody have a pointer to a more updated set of directions I can try?

I suggest that you follow the installation guide at the FAQ section of
the website.


Chromebooks aren't standard computers and usually come with a
locked-down bootloader that will need disabling to install another OS.

Also if it's arm rather than x86 there will be additional challenges
beyond this.

So there's not enough information in the original post to give any kind
of pointer.



Thanks Stuart.

It's an HP Chromebook 14a-na1083d with an Intel Celeron N4500 with 4G
ram and 128 eMMC drive.

Booting up in developer mode it tells me that it is Model LANTIS-MEXL if
that helps.



Just install it, see what happens.  If you want a guarantee, buy me one
exactly like it, and I'll do what I'm suggesting you do. :)  (and then
you will discover why I call model numbers "market position statements",
not "unique HW configuration identification systems")

Or maybe better yet, see if it will boot from an OpenBSD install image
on a USB drive, if it does, set up a full OpenBSD install on a USB drive
and see what happens. I've had pretty good luck with HP PC-like systems
that weren't sold with "standard" operating systems on them, but past
experience is no indicator yada-yada-yada.

Pain points if you get past booting are likely to be wireless and graphics.

If you can get it to boot from a USB drive to test, you are probably good
for an install.  If you can't, probably not worth the effort.  There MAY be
tricks you can do, but you can put a lot of time and effort into forcing
something to install OpenBSD and then find out X doesn't work.  Or there's
no functioning network.  Or both.

Nick.



All good points, Nick.  I have tried booting it from an install USB 
stick with no luck.  Off list I was directed to https://mrchromebox.tech 
 and that tells me that this is at least possible, and includes the 
crucial step I didn't know about to enable booting from an external disk 
and bypassing the check for an official ChromeOS disk.


I'll be noodling around with this over the weekend--hopefully I'll be 
able to report success and, of course, include a dmesg.


Jeff

Re: Installing OpenBSD on new Chromebook

2022-10-29 Thread Nick Holland


On 10/29/22 10:11, Jeff Ross wrote:



On 10/29/22 1:29 AM, Stuart Henderson wrote:

On 2022-10-28, Gabriel Busch de Brito  wrote:



All of places I'm finding with directions on how to do this are from circa
2015 and do not work now.

Anybody have a pointer to a more updated set of directions I can try?

I suggest that you follow the installation guide at the FAQ section of
the website.


Chromebooks aren't standard computers and usually come with a
locked-down bootloader that will need disabling to install another OS.

Also if it's arm rather than x86 there will be additional challenges
beyond this.

So there's not enough information in the original post to give any kind
of pointer.



Thanks Stuart.

It's an HP Chromebook 14a-na1083d with an Intel Celeron N4500 with 4G
ram and 128 eMMC drive.

Booting up in developer mode it tells me that it is Model LANTIS-MEXL if
that helps.



Just install it, see what happens.  If you want a guarantee, buy me one
exactly like it, and I'll do what I'm suggesting you do. :)  (and then
you will discover why I call model numbers "market position statements",
not "unique HW configuration identification systems")

Or maybe better yet, see if it will boot from an OpenBSD install image
on a USB drive, if it does, set up a full OpenBSD install on a USB drive
and see what happens. I've had pretty good luck with HP PC-like systems
that weren't sold with "standard" operating systems on them, but past
experience is no indicator yada-yada-yada.

Pain points if you get past booting are likely to be wireless and graphics.

If you can get it to boot from a USB drive to test, you are probably good
for an install.  If you can't, probably not worth the effort.  There MAY be
tricks you can do, but you can put a lot of time and effort into forcing
something to install OpenBSD and then find out X doesn't work.  Or there's
no functioning network.  Or both.

Nick.

Re: Installing OpenBSD on new Chromebook

2022-10-29 Thread Wolfgang Pfeiffer


As it seems to be an x86_64 machine why not try a fresh OpenBSD
Live system via USB or DVD and and see what happens?
https://fuguita.org/

Wolfgang

On Sat, Oct 29, 2022 at 08:11:15AM -0600, Jeff Ross wrote:



On 10/29/22 1:29 AM, Stuart Henderson wrote:

On 2022-10-28, Gabriel Busch de Brito  wrote:



All of places I'm finding with directions on how to do this are from circa
2015 and do not work now.

Anybody have a pointer to a more updated set of directions I can try?

I suggest that you follow the installation guide at the FAQ section of
the website.


Chromebooks aren't standard computers and usually come with a
locked-down bootloader that will need disabling to install another OS.

Also if it's arm rather than x86 there will be additional challenges
beyond this.

So there's not enough information in the original post to give any kind
of pointer.



Thanks Stuart.

It's an HP Chromebook 14a-na1083d with an Intel Celeron N4500 with 4G
ram and 128 eMMC drive.

Booting up in developer mode it tells me that it is Model LANTIS-MEXL
if that helps.

I can get a linux dmesg from the linux VM if that helps at all.  Not
sure how much the VM would represent the actual hardware though.

Jeff


--
"Altars are burnin' with flames far and wide
 The foe has crossed over from the other side
 They tip their caps from the top of the hill
 You can feel them come, more brave blood to spill"

Bob Dylan: "'Cross The Green Mountain"

Re: Installing OpenBSD on new Chromebook

2022-10-29 Thread Jeff Ross





On 10/29/22 1:29 AM, Stuart Henderson wrote:

On 2022-10-28, Gabriel Busch de Brito  wrote:



All of places I'm finding with directions on how to do this are from circa
2015 and do not work now.

Anybody have a pointer to a more updated set of directions I can try?

I suggest that you follow the installation guide at the FAQ section of
the website.


Chromebooks aren't standard computers and usually come with a
locked-down bootloader that will need disabling to install another OS.

Also if it's arm rather than x86 there will be additional challenges
beyond this.

So there's not enough information in the original post to give any kind
of pointer.



Thanks Stuart.

It's an HP Chromebook 14a-na1083d with an Intel Celeron N4500 with 4G 
ram and 128 eMMC drive.


Booting up in developer mode it tells me that it is Model LANTIS-MEXL if 
that helps.


I can get a linux dmesg from the linux VM if that helps at all.  Not 
sure how much the VM would represent the actual hardware though.


Jeff

Re: Installing OpenBSD on new Chromebook

2022-10-29 Thread Stuart Henderson

On 2022-10-28, Gabriel Busch de Brito  wrote:
>
>> All of places I'm finding with directions on how to do this are from circa
>> 2015 and do not work now.
>> 
>> Anybody have a pointer to a more updated set of directions I can try?
> I suggest that you follow the installation guide at the FAQ section of
> the website.

Chromebooks aren't standard computers and usually come with a
locked-down bootloader that will need disabling to install another OS.

Also if it's arm rather than x86 there will be additional challenges
beyond this.

So there's not enough information in the original post to give any kind
of pointer.

-- 
Please keep replies on the mailing list.

Re: Installing OpenBSD on new Chromebook

2022-10-28 Thread Gabriel Busch de Brito



> All of places I'm finding with directions on how to do this are from circa
> 2015 and do not work now.
> 
> Anybody have a pointer to a more updated set of directions I can try?
I suggest that you follow the installation guide at the FAQ section of
the website.

Best,
G

Re: Installing OpenBSD on new Chromebook

2022-10-28 Thread Jérôme Desquilbet


Hi all,

I got a nice new laptop at Costco for under $200.  I did the developer 
mode to get to a linux shell and installed a bunch of programs but I'd 
rather just wipe the whole disk and install OpenBSD.


All of places I'm finding with directions on how to do this are from 
circa 2015 and do not work now.


Anybody have a pointer to a more updated set of directions I can try?

Thanks!

Jeff Ross


Hi Jeff,
To check your machine:
* <https://www.openbsd.org/plat.html>

To install and everything:
* <https://www.openbsd.org/faq/>
  (this where to always look first)

Also, some up-to-date pages:
* <https://si3t.ch/ah/en/>
  (more for a server, but useful anyway)
* <https://sohcahtoa.org.uk/openbsd.html>

Best,
Jérôme.

Installing OpenBSD on new Chromebook

2022-10-28 Thread Jeff Ross


Hi all,

I got a nice new laptop at Costco for under $200.  I did the developer 
mode to get to a linux shell and installed a bunch of programs but I'd 
rather just wipe the whole disk and install OpenBSD.


All of places I'm finding with directions on how to do this are from 
circa 2015 and do not work now.


Anybody have a pointer to a more updated set of directions I can try?

Thanks!

Jeff Ross

Re: new group

2022-08-10 Thread Ingo Schwarze

Hello Ashish,

ashish rai wrote on Wed, Aug 10, 2022 at 08:27:43PM +0530:

> 0
> C INDIA
> P Uttar Pradesh
> T Varanasi
> F Irregular

To list a new group, there should be at least some evidence that
the group has been holding regular meetings lately.  In this case,
so far, i fail to see any evidence that the group exists.

Note the the intention to found a group is *not* sufficient for
adding a listing.

> O OpenBSD INDIA
> I Ashish Kumar Rai
> M raiashis...@gmail.com
> U https://www.linkedin.com/in/raiashish20/

That isn't the website of a BSD user group.

A personal website where you post a notice that you are personally
in search of a job is not appropriate for a listing as a BSD user
group.

I think i would hesitate to put *any* link to *any* page
on linkedin.com onto openbsd.org because linkedin.com is
notorious for not showing information to users that are not
logged in.

The whole point of advertising a user group is to show the
information to anybody - and not only to users of linkedin.com.
Consequently, such information sould be utterly misplaced on that
site.

Yours,
  Ingo

new group

2022-08-10 Thread ashish rai

0
C INDIA
P Uttar Pradesh
T Varanasi
F Irregular
O OpenBSD INDIA
I Ashish Kumar Rai
M raiashis...@gmail.com
U https://www.linkedin.com/in/raiashish20/
N OpenBSD

Re: support new

2022-08-02 Thread Ingo Schwarze

Hello Jiri,

Jiri Navratil wrote on Sat, Jul 30, 2022 at 07:54:53PM +0200:

> could someone guide me please, what I have to improve in my request
> and/or on my web page to be approved for
> https://www.openbsd.org/support.html ?

Your request is just fine.

You provide all the relevant information in your support.dat record
and you have a website making it clear that you provide OpenBSD-related
services.

Having more details about your skills and experiences on the website,
and maybe have the website provide examples of successfully completed
projects, might be helpful to convince potential customers you are
the right person for their job, but it is not required for a listing.

I'm sorry i let this request slip for so long.
But now i finally committed it about half an hour ago.

Please have a look at

  https://www.openbsd.org/support.html

now to confirm that your data is indeed correct.

> 0
> C Czech Republic
> P
> T Prague
> Z 15800
> O JIRI NAVRATIL (R)

> A Kacirkova 1016/19
> I Jiri Navratil

For these two lines, i used the correct accents.
The UTF-8 encoding is now the default in HTML5,
and i think using it in such a page that is clearly geared
to various national audiences makes some sense, even though
many entries still use US-ASCII only for historical reasons.

Yours,
  Ingo

> M j...@navratil.cz
> U https://nocloud.cz/
> B +420 777 224 245
> X
> N OpenBSD/Linux installation, maintenance and support. Providing on-premise 
> solutions with OpenBSD on physical HW. Teaching Unix operating systems at 
> University of Ostrava with OpenBSD as the Unix-like operating system.

Re: support new

2022-07-30 Thread Jiri Navratil

Hello,

could someone guide me please, what I have to improve in my request
and/or on my web page to be approved for
https://www.openbsd.org/support.html ?

Thank you a lot,
Jiří

On Wed, Jul 27, 2022 at 03:13:52PM +0200, Jiri Navratil wrote:
> 0
> C Czech Republic
> P
> T Prague
> Z 15800
> A Kacirkova 1016/19
> O JIRI NAVRATIL (R)
> I Jiri Navratil
> M j...@navratil.cz
> U https://nocloud.cz/
> B +420 777 224 245
> X
> N OpenBSD/Linux installation, maintenance and support. Providing on-premise 
> solutions with OpenBSD on physical HW. Teaching Unix operating systems at 
> University of Ostrava with OpenBSD as the Unix-like operating system.

-- 
Jiri Navratil, https://nocloud.cz, +420 777 224 245



smime.p7s
Description: S/MIME cryptographic signature

support new

2022-07-27 Thread Jiri Navratil

0
C Czech Republic
P
T Prague
Z 15800
A Kacirkova 1016/19
O JIRI NAVRATIL (R)
I Jiri Navratil
M j...@navratil.cz
U https://nocloud.cz/
B +420 777 224 245
X
N OpenBSD/Linux installation, maintenance and support. Providing on-premise 
solutions with OpenBSD on physical HW. Teaching Unix operating systems at 
University of Ostrava with OpenBSD as the Unix-like operating system.

support new

2022-07-22 Thread Jiri Navratil

0
C Czech Republic
T Prague
Z 15800
A Kacirkova 1016/19
O JIRI NAVRATIL (R)
I Jiri Navratil
M j...@navratil.cz
U https://nocloud.cz/
B +420 777 224 245
N Using OpenBSD on physical i386, amd64 and arm64 hardware.
N Providing on-premise solutions with OpenBSD on physical HW.
N Teaching Unix operating systems at University of Ostrava
N with OpenBSD as the Unix-like operating system.

1 2 3 4 5 6 7 8 9 10 >

1 - 100 of 1174 matches

Mail list logo