Humppa Validation
Humppa Validation While testing out the ami.c patch for dlg@, I once again needed validate files are being written correctly. Keeping with the OpenBSD theme, I used the MP3 files created from my Elakelaiset Werbung Baby CD for testing out the 480GB RAID5 volume. Once you've got your humppa on a BSD box cksum(1) and friends can take care of creating message digests (cksum, sum, sysvsum, md4, md5, rmd160, sha1, sha256, sha384. sha512), storing them into a text file and then validating the original files were written correctly. $ md5 *.mp3 bsdmd5.md5 You end up with a file in the standard format we all know and love: MD5 (01-Hump.mp3) = 1ecc9c0165043bda9ac07ae35a627cc4 MD5 (02-Humppakonehumppa.mp3) = 0c1cb2e6347b541830125dfcc41a6f00 MD5 (03-Humppamedia.mp3) = d0ee034280d835894e859258a5df4d8f MD5 (04-Punakka_Humppa.mp3) = b768d3491261f1b256ba2d0d70167b3d MD5 (05-Peljatty_Humppa.mp3) = a789d1f7ad6b979f9dd6d4d07e5f6849 Of course the above command is the same thing as: $ cksum -a MD5 *.mp3 cksum.md5 The problems start if you're dumb enough to keep the original copy of your humppa on something other than a BSD system... Since you can install OpenSSL on a number of different types of systems, my first thought was to use OpenSSL to generate the checksum files. $ find . -type f -name '*.mp3' -print0 | xargs -0 openssl md5 -out ossl.md5 That get's you fairly close but the resulting format is wrong. MD5(./01-Hump.mp3)= 1ecc9c0165043bda9ac07ae35a627cc4 MD5(./02-Humppakonehumppa.mp3)= 0c1cb2e6347b541830125dfcc41a6f00 MD5(./03-Humppamedia.mp3)= d0ee034280d835894e859258a5df4d8f MD5(./04-Punakka_Humppa.mp3)= b768d3491261f1b256ba2d0d70167b3d MD5(./05-Peljatty_Humppa.mp3)= a789d1f7ad6b979f9dd6d4d07e5f6849 Notice we're missing two of the required spaces as per cksum(1) Sure, you can edit the above rather easily to produce the correct format for BSD md5/cksum but why should we be doing that all of the time. The GNU has their own incomplete and incompatible file format for MD5 checksums which is used with their ``md5sum'' tool. $ md5sum *.mp3 md5sum.md5 Which results in: 1ecc9c0165043bda9ac07ae35a627cc4 *01-Hump.mp3 0c1cb2e6347b541830125dfcc41a6f00 *02-Humppakonehumppa.mp3 d0ee034280d835894e859258a5df4d8f *03-Humppamedia.mp3 b768d3491261f1b256ba2d0d70167b3d *04-Punakka_Humppa.mp3 a789d1f7ad6b979f9dd6d4d07e5f6849 *05-Peljatty_Humppa.mp3 The gnu md5sum tool lacks designation of the message digest used. Would it be worthwhile to add a format switch (maybe -f) to cksum so we can handle different file formats? $ cksum -f openssl -c ossl.md5 $ cksum -f md5sum -c md5sum.md5 Is there some unstated reasoning why we don't support the other formats? Since the format we use in OpenBSD quite nice: Would it be better to fix/augment the output of OpenSSL? Would it be better to fix/augment the output of md5sum? Is there a better way to handle cross-os file validation? And lastly NO, I don't actually believe my liver would survive listening to 480GB of Humppa MP3's but the experiment might be, well, intoxicating. (; Thanks, JCR -- Free, Open Source CAD, CAM and EDA Tools http://www.DesignTools.org
Re: ssh attacks
Why? You say that you block SSH on 1,2,3 and then that you want to do something MORE on 4? You probably already have 'block all' and then allow ssh on one of your boxes, thats it. Maybe you want an IDS system or a SSH tarpit, but this is not the job for pf. Tobias Ulmer made some good points in his mail, including 'this is stupid'. Cheers, /jkm * Peter Fraser ([EMAIL PROTECTED]) wrote: Expect I was not clear. Someone is attacking address 1, address 2, address 3, those address are all blocked with respect to ssh. , but because he is attacking those addresses, I want to stop an expected attack on address 4. I never want to pass ssh on address 1, address 2 or address 3 ever, I want to use the information that someone was trying to ssh to those address to identify person as an attacker. -Original Message- From: Matthias Kilian [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 31, 2006 3:02 PM To: Peter Fraser Cc: misc@openbsd.org Subject: Re: ssh attacks On Wed, May 31, 2006 at 02:54:16PM -0400, Peter Fraser wrote: block in on Outsize proto tcp port ssh flags S/SA state (max-src-conn-rate 100/10, overload bad_hosts flush global) This does not work. One gets a message that keeping state on a blocked run makes no sense. See the example on overload at http://www.openbsd.org/faq/pf/filter.html#stateopts Basically, you pass and just block verything from bad_hosts in a separate rule. Ciao, Kili
Re: ssh attacks
Matthias Kilian wrote: On Wed, May 31, 2006 at 03:15:34PM -0400, Peter Fraser wrote: Expect I was not clear. Someone is attacking address 1, address 2, address 3, those address are all blocked with respect to ssh. , but because he is attacking those addresses, I want to stop an expected attack on address 4. I never want to pass ssh on address 1, address 2 or address 3 ever, I want to use the information that someone was trying to ssh to those address to identify person as an attacker. Oh, sorry for not reading exactly. So your problem is that you want to get state for ssh connection attempts to addresses 1, 2 and 3 but at the same time want to block those connections. This isn't possible (no connection - no state). (QUICK HACK ALERT) But it may be possible to redirect those connections to some unused port on localhost (i.e. the firewall) let something listen on this port, accept everything but immediately closing the connection. Then use a simple pass rule with overload and max-src-conn options to add offending addresses to your table. Ciao, Kili ps: I didn't test the above, so if it's complete nonsense, feel free to flame me. I've done this and it works quite well. Source is as follows. My first attempt at POSIX network programming so feel free to correct/shoot me. -- #include string.h #include stdlib.h #include unistd.h #include sys/types.h #include sys/socket.h #include netinet/in.h int main() { int s; struct sockaddr_in sa; s = socket(AF_INET, SOCK_STREAM, 0); bzero(sa, sizeof(struct sockaddr_in)); sa.sin_family = AF_INET; sa.sin_port = htons(2048); if (bind(s, (struct sockaddr*)sa, sizeof(struct sockaddr)) != 0 || listen(s, 64) != 0 || daemon(0, 0) != 0) { exit(1); } int c; struct sockaddr_in ca; int csize; while (1) { bzero(ca, sizeof(struct sockaddr_in)); csize = sizeof(struct sockaddr_in); c = accept(s, (struct sockaddr*)ca, csize); if (c = 0) { sleep(1); } else { close(c); } } return 0; } -- Jason Stubbs
Re: Libpcap library version
On Wed, May 31, 2006 at 06:29:13PM -0400, Bryan Chapman wrote: I was trying working with ettercap today, and found out the only version 0.6.bp3 is in the ports tree. This version is described as deprecated on the ettercap webpage. I downloaded the most recent version (0.7.3) and tried to install it. When I run the configure script included in I get the following output: $ ./configure --with-libpcap=/usr/src/lib/libpcap ... checking for libpcap... /usr/src/lib/libpcap checking for pcap_datalink_val_to_description in -lpcap... no configure: error: Incorrect libpcap version. libpcap = 0.8.1 required I was told on the #openbsd irc channel that openbsd maintains its own versions of the libraries. Is this just due to an old library version, or am I missing something else? libpcap has been updated quite a bit, but this happened post-3.9 IIRC. Joachim
Re: ssh attacks
Tobias Ulmer wrote: This topic comes up in regular intervals of 6 month on every *nix mailinglist i'm on. It's stupid (sorry, but it is): Gained security = 0% Leave it just as it is. You don't have anything to fear anything if you use decent passwords. Otherwise don't offer a ssh service! I keep the following setup in my pf.conf for bandwidth/cpu, not security, reasons: - [...] table ssh-white persist { 127.0.0.1, ... } [...] # Hosts in whitelist are always allowed to connect unlimited # Non-whitelisted Linux hosts are blocked # Allow other ssh connections with limited connection rate pass in quick on $ext_if proto tcp from ssh-white to ($ext_if:0) \ port ssh keep state label ssh-white block in quick on $ext_if proto tcp from any os Linux to ($ext_if:0) \ port ssh label ssh-linux pass in quick on $ext_if proto tcp from any to ($ext_if) \ port ssh flags S/SA keep state (max-src-conn-rate 1/30) \ label ssh-other [...] - /Alexander
long - pf trunk vlan questions
Hello list I have the following configuration +--- vlan0| --- em0 ---+ +--- vlan1| +--- trunk0 +--- vlan2| OpenBSD 3.8 --- em1 ---+ +--- vlan3| +--- vlan4| And I have the following question. I can set higher MTU on em0, em1 an the vlans and it was ok before I configured the trunk. The vlans were assigned to physical interfaces separately before. Now I'm unable to set higher MTU on trunk0 and also I get: vlan0: initialized with non-standard mtu 1496 (parent trunk0) vlan1: initialized with non-standard mtu 1496 (parent trunk0) vlan2: initialized with non-standard mtu 1496 (parent trunk0) vlan3: initialized with non-standard mtu 1496 (parent trunk0) vlan4: initialized with non-standard mtu 1496 (parent trunk0) every time I initialize my network. However, it is still working. Is there a problem of setting higher MTUs on trunk interfaces? * Another question. I was wondering how should I configure PF. I am filtering traffic now on vlan interfaces and trunk0 interface, because if I don't pass packets on the trunk interface, all traffic will be blocked although I pass it on vlan ifs. I don't have any rule regarding the physical ifs (em0 em1) in pf.conf. If I set skip on trunk0, is it still possible to filter on vlans? Or do you have any other suggestion? I need to filter only on the vlan interfaces. Thank you Peter Huncar
Re: long - pf trunk vlan questions
Sorry for the picture ;o) simpler one gigabit switch with tagged vlans | trunk0 | em0+em1 | tagged vlans on OpenBSD 3.8 ;o) Peter Huncar wrote / napmsal(a): Hello list I have the following configuration +--- vlan0| --- em0 ---++--- vlan1| +--- trunk0 +--- vlan2| OpenBSD 3.8 --- em1 ---+ +--- vlan3| +--- vlan4| And I have the following question. I can set higher MTU on em0, em1 an the vlans and it was ok before I configured the trunk. The vlans were assigned to physical interfaces separately before. Now I'm unable to set higher MTU on trunk0 and also I get: vlan0: initialized with non-standard mtu 1496 (parent trunk0) vlan1: initialized with non-standard mtu 1496 (parent trunk0) vlan2: initialized with non-standard mtu 1496 (parent trunk0) vlan3: initialized with non-standard mtu 1496 (parent trunk0) vlan4: initialized with non-standard mtu 1496 (parent trunk0) every time I initialize my network. However, it is still working. Is there a problem of setting higher MTUs on trunk interfaces? * Another question. I was wondering how should I configure PF. I am filtering traffic now on vlan interfaces and trunk0 interface, because if I don't pass packets on the trunk interface, all traffic will be blocked although I pass it on vlan ifs. I don't have any rule regarding the physical ifs (em0 em1) in pf.conf. If I set skip on trunk0, is it still possible to filter on vlans? Or do you have any other suggestion? I need to filter only on the vlan interfaces. Thank you Peter Huncar
A joke
High school/Junior high --- 10 PRINT HELLO WORLD 20 END First year in college - program Hello(input, output); begin writeln ('Hello world'); end. Senior year in college -- (defun hello () (print (list 'HELLO 'WORLD))) New professional #include stdio.h main (argc,argv) int argc; char **argv; { printf (Hello World!\n); } 216 C++ Seasoned pro #include stream.h const int MAXLEN = 80; class outstring; class outstring { private: int size; char str[MAXLEN]; public: outstring() { size=0; } ~outstring() {size=0;} void print(); void assign(char *chrs); }; void outstring::print() { int i; for (i=0 ; i size ; i++) cout str[i]; cout \n; } void outstring::assign(char *chrs) { int i; for (i=0; chrs[i] != '\0';i++) str[i] = chrs[i]; size=i; } main (int argc, char **argv) { outstring string; string.assign(Hello World!); string.print(); } Manager: George, I need a program to output the string Hello World! Hilarious! Best and kind regards, Rico
Problems mounting a usb disk
Hi, i've installed OpenBSD 3.9 on a IBM T20 notebook. Everything is working fine. Bit I'm not able to mount a usb disk. dmesg output ist: - sd0 at scsibus1 targ 1 lun 0... sd0: 76319MN, 76319 cyl, ... -- and that's my disk. The Problem is, that there is no sd0 in /dev and when I try to mount sd0a (mount /dev/sd0a /mnt/usb) I get a note, that the device is not configured. Does anybody have a clue, what the Problem might be? Thanks! David Burau
Re: CARP
After the change in pf.conf you suggested, nat on hme0 from rl0:network to any - carp0 I must do ifconfig down on both carp0 and carp1 at MASTERhost to make BACKUPhost taking control. If I only do ifconfig carp1 down on the master the CARP1 iface on BACKUPhost will become MASTER but the CARP0 will still be BACKUP. And no traffic gets through. When I have: nat on hme0 from rl0:network to any - hme0 I can do ifconfig carp1 down on MASTERhost and the BACKUP will take control. And I still have the problem that my IRC,aim-client and radiostreaming disconnects with both tries. I forgot to mention that the MASTERhost is on OpenBSD sunshine-2 3.9 GENERIC#759 sparc64 and BACKUPhost OpenBSD sunbird 3.8 GENERIC#607 sparc64 The problem with disconnections from various services (IRC,aim and radio) still exist :/ /bkw On 01/06/06, Dag Richards [EMAIL PROTECTED] wrote: Bachman Kharazmi wrote: I finally got CARP _working_ :) I've a problem when I do ifconfig carp1 down on the MASTER host to test if BACKUP takes over the traffic.. It does work so far. But the problem is that if I'm streaming Internet radio or are connected to IRC the radio will get stalled when I do ifconfig carp1 down on MASTER, and the IRC disconnects and then tries to reconnect which of course works. I think something is wrong, since it shouldn't affect the traffic flow at all when MASTER interrupt. I have three interfaces in each host. and my setup looks like (here is a diff link http://pastebin.com/pastebin.php?diff=749904) MASTER HOST: # ifconfig lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33192 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7 hme0: flags=8b63UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 lladdr 08:00:20:9e:7c:60 groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet6 fe80::a00:20ff:fe9e:7c60%hme0 prefixlen 64 scopeid 0x1 inet 192.168.1.10 netmask 0xff00 broadcast 192.168.1.255 rl0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 lladdr 00:08:a1:8e:64:70 media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.10.100 netmask 0xff00 broadcast 192.168.10.255 inet6 fe80::208:a1ff:fe8e:6470%rl0 prefixlen 64 scopeid 0x2 fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:8b:0e:30:02 media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.254.254 netmask 0xff00 broadcast 192.168.254.255 inet6 fe80::250:8bff:fe0e:3002%fxp0 prefixlen 64 scopeid 0x3 pflog0: flags=141UP,RUNNING,PROMISC mtu 33192 pfsync0: flags=41UP,RUNNING mtu 1460 pfsync: syncdev: fxp0 maxupd: 128 enc0: flags=0 mtu 1536 carp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 carp: MASTER carpdev hme0 vhid 1 advbase 1 advskew 0 groups: carp inet 192.168.1.100 netmask 0xff00 broadcast 192.168.1.255 carp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 carp: MASTER carpdev rl0 vhid 2 advbase 1 advskew 0 groups: carp inet 192.168.10.50 netmask 0xff00 broadcast 192.168.10.255 # cat /etc/hostname.* inet 192.168.1.100 255.255.255.0 192.168.1.255 vhid 1 pass foo inet 192.168.10.50 255.255.255.0 192.168.10.255 vhid 2 pass bar inet 192.168.254.254 255.255.255.0 NONE dhcp NONE NONE NONE up syncif fxp0 inet 192.168.10.100 255.255.255.0 NONE BACKUP HOST: # ifconfig lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33192 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7 hme0: flags=8b63UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 lladdr 08:00:20:9c:5d:3a groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet6 fe80::a00:20ff:fe9c:5d3a%hme0 prefixlen 64 scopeid 0x1 inet 192.168.1.7 netmask 0xff00 broadcast 192.168.1.255 rl0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 lladdr 00:c0:26:6d:ff:6c media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.10.200 netmask 0xff00 broadcast 192.168.10.255 inet6 fe80::2c0:26ff:fe6d:ff6c%rl0 prefixlen 64 scopeid 0x2 fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:8b:0e:7d:7d media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.254.253 netmask 0xff00 broadcast 192.168.254.255 inet6 fe80::250:8bff:fe0e:7d7d%fxp0 prefixlen 64 scopeid 0x3 pflog0: flags=141UP,RUNNING,PROMISC mtu 33192 pfsync0: flags=41UP,RUNNING mtu 1348 pfsync: syncdev: fxp0
Re: Humppa Validation
On Wed, May 31, 2006 at 10:58:42PM -0700, J.C. Roberts wrote: The problems start if you're dumb enough to keep the original copy of your humppa on something other than a BSD system... Since you can install OpenSSL on a number of different types of systems, my first thought was to use OpenSSL to generate the checksum files. $ find . -type f -name '*.mp3' -print0 | xargs -0 openssl md5 -out ossl.md5 That get's you fairly close but the resulting format is wrong. why not use openssl on both platforms? jmc
Des offres gratuites Championnes du Monde !
Si vous ne lisez pas correctement cet email, cliquez ici OFFRES GRATUITES Spiciales Coupe du Monde : Cliquez ici [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] Cette offre n'est valide que jusqu'au 30 juin 2006. Prix affichis HT. Les frais de port et de traitement, les options de produits et photo/logo tilichargis ne sont pas compris ` moins de n'jtre explicitement inclus dans l'offre. L'offre de cartes de visite gratuites n'a pas de date d'expiration pour l'instant. Offre non valide sur des commandes dij` passies. Pour plus de ditails, consultez notre site web. VistaPrint offre le meilleur rapport qualiti prix pour l'impression en couleur. VistaPrint est utilisi par plus de 6 millions de clients dans le monde. Les produits et services dicrits dans ce message sont fournis par VistaPrint Limited, le leader mondial pour le graphisme et l'impression en ligne. Conformiment ` la loi informatique et liberti du 06/01/1978 (art.27), vous disposez d'un droit d'acchs et de rectification des donnies vous concernant. Si vous souhaitez modifier vos coordonnies ou si vous ne disirez plus recevoir de messages ilectroniques de la part de cet annonceur, cliquez ici[IMAGE]
Re: PF load balance problem
On Wednesday 31 May 2006 19:03, Diego Linke wrote: Alexey, A network prefix length of 0 can be used as a wildcard. To kill all states with the target ``host2'': # pfctl -k 0.0.0.0/0 -k host2 so why don't you kill all states to dead pool member right after removing it from the lb table? This is not work! The problem is that this command to erase the STATES, however the SOURCE keeps. previously, you have referred to this quote from pfctl.conf(5)) Additionally, the sticky-address option can be specified to help ensure that multiple connections from the same source are mapped to the same redirection address. This option can be used with the random and round- robin pool options. Note that by default these associations are de- stroyed as soon as there are no longer states which refer to them; in or- der to make the mappings last beyond the lifetime of the states, increase the global options with set timeout source-track See STATEFUL TRACKING OPTIONS for more ways to control the source tracking. so I think you broke pfctl -k by explicitly specifying src.track. why do you need src.track?
Re: Humppa Validation
On Thu, 1 Jun 2006 10:11:07 +0100, Jason McIntyre [EMAIL PROTECTED] wrote: On Wed, May 31, 2006 at 10:58:42PM -0700, J.C. Roberts wrote: The problems start if you're dumb enough to keep the original copy of your humppa on something other than a BSD system... Since you can install OpenSSL on a number of different types of systems, my first thought was to use OpenSSL to generate the checksum files. $ find . -type f -name '*.mp3' -print0 | xargs -0 openssl md5 -out ossl.md5 That get's you fairly close but the resulting format is wrong. why not use openssl on both platforms? jmc I've read through the openssl man page more than a few times looking for the required magic to input such a text file and get openssl to validate the listed files but no such luck. As far as I know, openssl is only able to produce the output file but is unable to accept said file as input. To make sure the files were transferred correctly to the openbsd box, I resorted to editing the openssl output file so it could be used with cksum/md5. jcr -- Free, Open Source CAD, CAM and EDA Tools http://www.DesignTools.org
Re: Humppa Validation
J.C. Roberts 1-Jun-06 06:58 : Sure, you can edit the above rather easily to produce the correct format for BSD md5/cksum but why should we be doing that all of the time. Don't edit it manually, use a one-line sed, awk or perl script. Would it be worthwhile to add a format switch (maybe -f) to cksum so we can handle different file formats? $ cksum -f openssl -c ossl.md5 $ cksum -f md5sum -c md5sum.md5 Is there some unstated reasoning why we don't support the other formats? Yes. Each tool should do one thing, and do it well. cksum does. Having multiple different formats in the program, particularly those that can be generated from each other by simple sed scripts, is insane. Sorry. Tom (If you really want this, you could write a shell script that does exactly that - even taking your suggested -f option.)
Re: CARP | panic when I did tcpdump on MASTERhost
oops, I guess something bad happend # tcpdump -nvi hme0 -c3 proto 112 panic: psycho0: uncorrectable DMA error AFAR 1362448 (pa=0 tte=0/572012) AFSR 4b00ff002080 kdb breakpoint at 132d700 Stopped at Debugger+0x4: nop RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! ddb trace psycho_ue(1fd3f24, 7, e0017348, e0017460, 12ff320, e0017310) at psycho_ue+0x7c sparc_interrupt(186be00, 7461c10, 2000, 74f4150, 3f, 74fc3c0) at sparc_interrup t+0x20c m_freem(7461c10, 2000, 2046b80, 0, 5ea, 8) at m_freem+0xb0 rl_txeof(2071000, 1fcfd00, 2046b80, 0, 5ea, fff0) at rl_txeof+0xf4 rl_intr(2071000, 1, e0017770, dddcf460, 1053260, 1d) at rl_intr+0xe0 sparc_interrupt(2071098, 745e00e, , 53ecc58, 70, 745e008) at sp arc_interrupt+0x20c ether_output(0, 7420f40, 745e008, e0017978, a363, ) at ether_output+0x330 ip_output(7420f40, 745e010, 186dd60, 0, 14, 0) at ip_output+0x90c ip_forward(7421340, 1, 0, 0, 0, 0) at ip_forward+0x1b8 ipv4_input(7420f40, 7415802, 0, 0, , 14) at ipv4_input+0x2dc ipintr(1, 10101, 21ffbec732, 8000, 21ffbec732, 1800) at ipintr+0x70 softnet(4, 0, e0017ec8, 0, 131ede0, 0) at softnet+0xd0 sparc_interrupt(0, 0, 137fb78, 0, , d6d80) at sparc_interrupt+0 x20c microuptime(743f310, 0, 0, 0, 0, 0) at microuptime+0x4 mi_switch(139bdf8, 1000, 0, 0, 0, 0) at mi_switch+0x1b4 ltsleep(1d6c8c0, 204, 0, 0, 72f4600, 0) at ltsleep+0x1c0 uvm_vnp_terminate(72f4600, 3a000, e11bbf8, e11bc04, 0, 1) at uvm_vnp_terminate+ 0xc94 uvm_fault(244000, 3a000, , 1, 0, 1) at uvm_fault+0xeb4 data_access_fault(e11bed0, 30, 4ed1867c, 23a0a3, 23b5b8, 0) at data_access_faul t+0xe0 trapbase(0, , 4c, 0, 0, 0) at trapbase+0x87ac ddb ps PID PPID PGRPUID S FLAGS WAIT COMMAND 18874 3313 3313 0 3 0x6 uvn_gettcpdump 3313 12225 3313 0 3 0x4006 biowaittcpdump 12225 1 12225 0 3 0x4086 pause ksh 18751 1 18751 0 30x84 select cron 11109 1 11109 0 30x84 select sshd 6608 1 6608 0 3 0x40184 select sendmail 12486 1 12486 0 3 0x184 select inetd 12916 27305 27305 74 3 0x184 bpfpflogd 27305 1 27305 0 30x84 netio pflogd 16386 19125 19125 73 3 0x184 poll syslogd 19125 1 19125 0 30x84 netio syslogd 31118 1 31118 77 3 0x184 poll dhclient 21085 1 11480 0 30x86 poll dhclient 9 0 0 0 30x100204 crypto_wa crypto 8 0 0 0 30x100204 aiodoned aiodoned 7 0 0 0 30x100204 syncer update 6 0 0 0 30x100204 cleanercleaner 5 0 0 0 30x100204 reaper reaper 4 0 0 0 30x100204 pgdaemon pagedaemon 3 0 0 0 30x100204 pftm pfpurge 2 0 0 0 30x100204 kmallockmthread 1 0 1 0 3 0x4084 wait init 0 -1 0 0 3 0x80204 scheduler swapper ddb and dmesg of that box: # dmesg console is /[EMAIL PROTECTED],0/[EMAIL PROTECTED],1/[EMAIL PROTECTED]/[EMAIL PROTECTED],40:b Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2006 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 3.9 (GENERIC) #759: Wed Mar 1 01:32:54 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/sparc64/compile/GENERIC total memory = 268435456 avail memory = 234807296 using 1638 buffers containing 13418496 bytes of memory bootpath: /[EMAIL PROTECTED],0/[EMAIL PROTECTED],1/[EMAIL PROTECTED],0/[EMAIL PROTECTED],0 mainbus0 (root): Sun Ultra 5/10 UPA/PCI (UltraSPARC-IIi 300MHz) cpu0 at mainbus0: SUNW,UltraSPARC-IIi @ 299.790 MHz, version 0 FPU cpu0: physical 32K instruction (32 b/l), 16K data (32 b/l), 512K external (64 b/l) psycho0 at mainbus0 addr 0xfffc4000 SUNW,sabre: impl 0, version 0: ign 7c0 bus range 0 to 2; PCI bus 0 DVMA map: c000 to e000 IOTDB: 1362000 to 13e2000 pci0 at psycho0 ppb0 at pci0 dev 1 function 1 Sun Simba PCI-PCI rev 0x11 pci1 at ppb0 bus 1 ebus0 at pci1 dev 1 function 0 Sun PCIO Ebus2 rev 0x01 auxio0 at ebus0 addr 726000-726003, 728000-728003, 72a000-72a003, 72c000-72c003, 72f000-72f003 power at ebus0 addr 724000-724003 ipl 37 not configured SUNW,pll at ebus0 addr 504000-504002 not configured sab0 at ebus0 addr 40-40007f ipl 43: rev 3.2 sabtty0 at sab0 port 0 sabtty1 at sab0 port 1: console i/o comkbd0 at ebus0 addr 3083f8-3083ff ipl 41: no keyboard com0 at ebus0 addr 3062f8-3062ff ipl 42: mouse: ns16550a, 16 byte fifo lpt0 at ebus0 addr 3043bc-3043cb, 30015c-30015d, 70-7f ipl 34: polled fdthree at ebus0 addr
Re: Problems mounting a usb disk
Original message from David Burau [EMAIL PROTECTED]: Hi, i've installed OpenBSD 3.9 on a IBM T20 notebook. Everything is working fine. Bit I'm not able to mount a usb disk. dmesg output ist: - sd0 at scsibus1 targ 1 lun 0... sd0: 76319MN, 76319 cyl, ... -- and that's my disk. The Problem is, that there is no sd0 in /dev and when I try to mount sd0a (mount /dev/sd0a /mnt/usb) I get a note, that the device is not configured. You didn't mention which filesystem is on your USB drive; I'll assume DOS. If so, then look at the disk's disklabel to determine which slice is the DOS partition; most likely, it is in sd0i or above. That is the slice to be mounted, not sd0a. Look at section 14.17 of the FAQ. Jim
Re: Humppa Validation
On Thu, 1 Jun 2006 10:59:56 +0100 (BST), Tom Cosgrove [EMAIL PROTECTED] wrote: Sure, you can edit the above rather easily to produce the correct format for BSD md5/cksum but why should we be doing that all of the time. Don't edit it manually, use a one-line sed, awk or perl script. yep, exactly what I did. Would it be worthwhile to add a format switch (maybe -f) to cksum so we can handle different file formats? $ cksum -f openssl -c ossl.md5 $ cksum -f md5sum -c md5sum.md5 Is there some unstated reasoning why we don't support the other formats? Yes. Each tool should do one thing, and do it well. cksum does. Having multiple different formats in the program, particularly those that can be generated from each other by simple sed scripts, is insane. Sorry. Tom (If you really want this, you could write a shell script that does exactly that - even taking your suggested -f option.) I see you point. My suggestion kind of seems like feature creep. jcr -- Free, Open Source CAD, CAM and EDA Tools http://www.DesignTools.org
Re: Humppa Validation
On Thu, 1 Jun 2006 11:19:43 +0059, Jason McIntyre [EMAIL PROTECTED] wrote: On Thu, Jun 01, 2006 at 10:59:56AM +0100, Tom Cosgrove wrote: Is there some unstated reasoning why we don't support the other formats? Yes. Each tool should do one thing, and do it well. cksum does. Having multiple different formats in the program, particularly those that can be generated from each other by simple sed scripts, is insane. Sorry. still, it's odd that openssl appears to have no way to do something similar...(the checklist bit, i mean). jmc The interesting thought is since openssl is unable to accept as input the checksum/digest output file it created, it almost makes some sense to alter the format of openssl output (-out) file so it can be used with cksum and friends. The unanswerable question is how many things count on the current openssl output format and would the addition of missing two spaces break them? jcr -- Free, Open Source CAD, CAM and EDA Tools http://www.DesignTools.org
Re: ??????????: other languages support?
On Wed, May 31, 2006 at 04:16:12PM -0700, Spruell, Darren-Perot wrote: huh? bedroom? is this a joke? KOMHATA. Not that I'd really consider this multi-language support... :) actually that'd be CnA^bH9! cu -- paranoic mickey (my employers have changed but, the name has remained)
Re: PF load balance problem
Hi Alexey, so I think you broke pfctl -k by explicitly specifying src.track. why do you need src.track? I have many customers who have applications that they do not share session, and I need src.track to keep more time the same customer in the same serving of what the time of expiration of state. This is very common in load balances, of layer3. Thanks! -- Diego Linke Public Key: http://www.gamk.com.br/gamk.asc
Re: CARP
the problem is solved with disconnection! :) I'm sorry that I missed pfsync(4) has changed format, so it can not keep state between a 3.8 and a 3.9 box. Mismatched systems will lose all connections when you switch which box is master, as states will not be transfered between systems. You can minimize the impact of this by upgrading your backup boxes first, so there is only one loss of active states. directly from http://www.openbsd.org/faq/upgrade39.html thanks for all replies! /bkw On 31/05/06, Bachman Kharazmi [EMAIL PROTECTED] wrote: I finally got CARP _working_ :) I've a problem when I do ifconfig carp1 down on the MASTER host to test if BACKUP takes over the traffic.. It does work so far. But the problem is that if I'm streaming Internet radio or are connected to IRC the radio will get stalled when I do ifconfig carp1 down on MASTER, and the IRC disconnects and then tries to reconnect which of course works. I think something is wrong, since it shouldn't affect the traffic flow at all when MASTER interrupt. I have three interfaces in each host. and my setup looks like (here is a diff link http://pastebin.com/pastebin.php?diff=749904) MASTER HOST: # ifconfig lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33192 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7 hme0: flags=8b63UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 lladdr 08:00:20:9e:7c:60 groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet6 fe80::a00:20ff:fe9e:7c60%hme0 prefixlen 64 scopeid 0x1 inet 192.168.1.10 netmask 0xff00 broadcast 192.168.1.255 rl0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 lladdr 00:08:a1:8e:64:70 media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.10.100 netmask 0xff00 broadcast 192.168.10.255 inet6 fe80::208:a1ff:fe8e:6470%rl0 prefixlen 64 scopeid 0x2 fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:8b:0e:30:02 media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.254.254 netmask 0xff00 broadcast 192.168.254.255 inet6 fe80::250:8bff:fe0e:3002%fxp0 prefixlen 64 scopeid 0x3 pflog0: flags=141UP,RUNNING,PROMISC mtu 33192 pfsync0: flags=41UP,RUNNING mtu 1460 pfsync: syncdev: fxp0 maxupd: 128 enc0: flags=0 mtu 1536 carp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 carp: MASTER carpdev hme0 vhid 1 advbase 1 advskew 0 groups: carp inet 192.168.1.100 netmask 0xff00 broadcast 192.168.1.255 carp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 carp: MASTER carpdev rl0 vhid 2 advbase 1 advskew 0 groups: carp inet 192.168.10.50 netmask 0xff00 broadcast 192.168.10.255 # cat /etc/hostname.* inet 192.168.1.100 255.255.255.0 192.168.1.255 vhid 1 pass foo inet 192.168.10.50 255.255.255.0 192.168.10.255 vhid 2 pass bar inet 192.168.254.254 255.255.255.0 NONE dhcp NONE NONE NONE up syncif fxp0 inet 192.168.10.100 255.255.255.0 NONE BACKUP HOST: # ifconfig lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33192 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7 hme0: flags=8b63UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 lladdr 08:00:20:9c:5d:3a groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet6 fe80::a00:20ff:fe9c:5d3a%hme0 prefixlen 64 scopeid 0x1 inet 192.168.1.7 netmask 0xff00 broadcast 192.168.1.255 rl0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 lladdr 00:c0:26:6d:ff:6c media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.10.200 netmask 0xff00 broadcast 192.168.10.255 inet6 fe80::2c0:26ff:fe6d:ff6c%rl0 prefixlen 64 scopeid 0x2 fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:8b:0e:7d:7d media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.254.253 netmask 0xff00 broadcast 192.168.254.255 inet6 fe80::250:8bff:fe0e:7d7d%fxp0 prefixlen 64 scopeid 0x3 pflog0: flags=141UP,RUNNING,PROMISC mtu 33192 pfsync0: flags=41UP,RUNNING mtu 1348 pfsync: syncdev: fxp0 maxupd: 128 enc0: flags=0 mtu 1536 carp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 carp: BACKUP carpdev hme0 vhid 1 advbase 1 advskew 50 groups: carp inet 192.168.1.100 netmask 0xff00 broadcast 192.168.1.255 carp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 carp: BACKUP carpdev rl0 vhid 2 advbase 1 advskew 50
Re: long - pf trunk vlan questions
On 2006/06/01 10:10, Peter Huncar wrote: +--- trunk0 +--- vlan2| OpenBSD 3.8 Is there a problem of setting higher MTUs on trunk interfaces? It's time to upgrade, reyk added this last September: ...support the smallest common interface capabilities. ie., this adds support for VLAN MTUs if all attached ports have this capability... If I set skip on trunk0, is it still possible to filter on vlans? Yes.
Solved Re: Problems mounting a usb disk
Andreas Maus schrieb: Hi. Does it contain a (V)FAT file system? Try mounting /dev/sd0i That is the solution. Thank you all! David Burau
Re: PF load balance problem
On Thursday 01 June 2006 14:15, Diego Linke wrote: Hi Alexey, so I think you broke pfctl -k by explicitly specifying src.track. why do you need src.track? I have many customers who have applications that they do not share session, and I need src.track to keep more time the same customer in the same serving of what the time of expiration of state. This is very common in load balances, of layer3. Thanks! have you tried source-hash option instead of source tracking?
Re: PF load balance problem
Alexey, have you tried source-hash option instead of source tracking? The option source-hash, would not function therefore goes to have problem the same Source expirations. -- Diego Linke Public Key: http://www.gamk.com.br/gamk.asc
Re: Libpcap library version
On Thu, Jun 01, 2006 at 09:10:41AM +0200, Joachim Schipper wrote: On Wed, May 31, 2006 at 06:29:13PM -0400, Bryan Chapman wrote: $ ./configure --with-libpcap=/usr/src/lib/libpcap ... checking for libpcap... /usr/src/lib/libpcap checking for pcap_datalink_val_to_description in -lpcap... no configure: error: Incorrect libpcap version. libpcap = 0.8.1 required I was told on the #openbsd irc channel that openbsd maintains its own versions of the libraries. Is this just due to an old library version, or am I missing something else? libpcap has been updated quite a bit, but this happened post-3.9 IIRC. Trying to build ettercap 'NG' 0.7.3 on i386-current also fails (and for the same reason), even though usr/lib/libpcap has (AFAICT) most or all of the necessary stuff. ./configure fails while checking for pcap_datalink_val_to_description. I didn't have more time to look at it last night, but that appears to be the first stumbling block. -- o--{ Will Maier }--o | jabber:[EMAIL PROTECTED] | [EMAIL PROTECTED] | | freenode:..lt_kije | freenode:#madlug,#wilug | *--[ BSD Unix: Live Free or Die ]--*
Re: PF load balance problem
Alexey, is here do not share session means originate each session from different IP address? Not! The problem is when I erase a server of mine load I balance and it continues sending connection in this server. -- Diego Linke Public Key: http://www.gamk.com.br/gamk.asc
Re: sound card woes
On Thu, Jun 01, 2006 at 03:23:59PM +0300, laurent FANIS wrote: Did you try http://www.openbsd.org/i386.html I have a cmpci cheap card (6/7 USD).Works fine. Of course. But that only gives a list of chipsets and doesn't actually tell you what cards use them which is the information I am looking for. I understand that idiotic vendors have a habit of randomly changing their chipsets so I don't expect this kind of information to be listed there. Only 1 other person has replied since I posted my request but luckily I found: http://www.arch.cam.ac.uk/~dir21/OpenBSD/sound.html I've since bought that card and although it works the sound quality is pretty poor, there is a lot of hissing which I don't get in Linux. On top of that mplayer is still unusably slow for playing DVDs (Athlon XP 2000+), this was also the case when I installed OpenBSD 3.8 on an AMD64 3200 last year. I have to note that this was a completely different system to the one I'm using now and yet it had the exact same problem, does nobody watch DVDs using OpenBSD or something? I will try again to find a solution to these problems on the mailing list but I don't hold up much hope given my experiences and will probably switch back. Thanks anyway. -- Conscience is the inner voice that warns us somebody is looking. -- H. L. Mencken, A Mencken Chrestomathy
Problems trying to log on squirrelmail - part 2.
Hi all, Thank you very much for the tips you sent me. I could finally put squirrelmail to work. Now everything is almost fine, but there is still a little problem: I can send and receive e-mail through squirrelmail, but when it comes to receive an e-mail, it arrives at my mailbox (/var/spool/username) but it doesn't appear at my INBOX. But when I send an e-mail it appears at my sent items folder. Does anyone know what's happening? Just to remember: OpenBSD 3.9 postfix procmail cyrus-imapd Squirrelmail folders are placed at /var/spool/imap/user/myusername/Sent, Drafts, Trash Thanks. -- Joco Salvatti Undergraduating in Computer Science Federal University of Para - UFPA web: http://www.openbsd-pa.org e-mail: [EMAIL PROTECTED]
Re: PF load balance problem
Alexey, ok :) assume you have 5 session from given client which originated from one client's IP. assume you specified sticky-address so all 5 session gets redirected to one of lb. correct? it's ok!! when this one of lb is dead, all sessions from given client are dead. so why do you need src.track longer than connections' states exist? Then I need to guarantee that exactly a XXX time after finishes state to exist it the same client continues being redirected for same serving. This because the customer can effect login in the system, to be a time without making nothing (time sucifiente for state to be extinguished) and later reusing the system. PS: This happens with some applications of my customers. Thanks! -- Diego Linke Public Key: http://www.gamk.com.br/gamk.asc
Re: Humppa Validation
J.C. Roberts wrote: MD5 (01-Hump.mp3) = 1ecc9c0165043bda9ac07ae35a627cc4 MD5 (02-Humppakonehumppa.mp3) = 0c1cb2e6347b541830125dfcc41a6f00 MD5 (03-Humppamedia.mp3) = d0ee034280d835894e859258a5df4d8f MD5 (04-Punakka_Humppa.mp3) = b768d3491261f1b256ba2d0d70167b3d MD5 (05-Peljatty_Humppa.mp3) = a789d1f7ad6b979f9dd6d4d07e5f6849 [snip] The problems start if you're dumb enough to keep the original copy of your humppa on something other than a BSD system... [snip] Is there a better way to handle cross-os file validation? Check out Perl's Digest::MD5 module, specifically the addfile/hexdigest methods and associated example code. You could use that to generate or validate bsd-style /bin/md5 output on other platforms, including Win32. -- Stephen Takacs [EMAIL PROTECTED] http://perlguru.net/ 4149 FD56 D078 C988 9027 1EB4 04CC F80F 72CB 09DA
Re: Problems trying to log on squirrelmail - part 2.
On Thursday 01 June 2006 15:44, Joco Salvatti wrote: Hi all, Thank you very much for the tips you sent me. I could finally put squirrelmail to work. Now everything is almost fine, but there is still a little problem: I can send and receive e-mail through squirrelmail, but when it comes to receive an e-mail, it arrives at my mailbox (/var/spool/username) but it doesn't appear at my INBOX. But when I send an e-mail it appears at my sent items folder. Does anyone know what's happening? Just to remember: OpenBSD 3.9 postfix procmail cyrus-imapd Squirrelmail folders are placed at /var/spool/imap/user/myusername/Sent, Drafts, Trash Thanks. Cyrus is a sealed server. And you have to deliver incoming mail directly to Cyrus from your MTA or its helper program. You can switch to sendmail and use its cyrus mailer to deliver to the cyrus process. Or you can make procmail (that you seems to use) write directly to your Cyrus maildir store. It would have been easier for you if you had used the built in sendmail and just enabled the cyrus mailer in it. Regards /Per-Olov -- GPG keyID: 4DB283CE GPG fingerprint: 45E8 3D0E DE05 B714 D549 45BC CFB4 BBE9 4DB2 83CE
Re: ??????????: other languages support?
On Thu, 1 Jun 2006 13:12:59 +0200, mickey [EMAIL PROTECTED] wrote: On Wed, May 31, 2006 at 04:16:12PM -0700, Spruell, Darren-Perot wrote: huh? bedroom? is this a joke? KOMHATA. Not that I'd really consider this multi-language support... :) actually that'd be CnA^bH9! cu Natasha! First we make multi-language support, then we go after moose and squirrel. -Boris (; -- jcr -- Free, Open Source CAD, CAM and EDA Tools http://www.DesignTools.org
Re: Problems trying to log on squirrelmail - part 2.
On Thu, Jun 01, 2006 at 04:11:49PM +0200, Per-Olov Sjoholm wrote: On Thursday 01 June 2006 15:44, Joco Salvatti wrote: Hi all, Thank you very much for the tips you sent me. I could finally put squirrelmail to work. Now everything is almost fine, but there is still a little problem: I can send and receive e-mail through squirrelmail, but when it comes to receive an e-mail, it arrives at my mailbox (/var/spool/username) but it doesn't appear at my INBOX. But when I send an e-mail it appears at my sent items folder. Does anyone know what's happening? Just to remember: OpenBSD 3.9 postfix procmail cyrus-imapd Squirrelmail folders are placed at /var/spool/imap/user/myusername/Sent, Drafts, Trash Thanks. Cyrus is a sealed server. And you have to deliver incoming mail directly to Cyrus from your MTA or its helper program. You can switch to sendmail and use its cyrus mailer to deliver to the cyrus process. Or you can make procmail (that you seems to use) write directly to your Cyrus maildir store. It would have been easier for you if you had used the built in sendmail and just enabled the cyrus mailer in it. That being said, the postfix configuration files - not to mention documentation - include a sample Cyrus transport, so it's not like you actually *need* Sendmail. (See /etc/postfix/master.cf for details.) Joachim
Re: PF load balance problem
Alexey, $ sudo pfctl -sa | grep tcp.established tcp.established 86400s I work with firewalls with high traffic and have that to work with parameters well more aggressive of timeouts. -- Diego Linke Public Key: http://www.gamk.com.br/gamk.asc
Re: Problems trying to log on squirrelmail - part 2.
On 1 June 2006, Joco Salvatti [EMAIL PROTECTED] wrote: Hi all, Thank you very much for the tips you sent me. I could finally put squirrelmail to work. Now everything is almost fine, but there is still a little problem: I can send and receive e-mail through squirrelmail, but when it comes to receive an e-mail, it arrives at my mailbox (/var/spool/username) but it doesn't appear at my INBOX. But when I send an e-mail it appears at my sent items folder. Does anyone know what's happening? Just to remember: OpenBSD 3.9 postfix procmail cyrus-imapd Squirrelmail folders are placed at /var/spool/imap/user/myusername/Sent, Drafts, Trash Leave SquirrelMail out of the picture for now. The problem is Cyrus imapd uses it's own backend storage rather than the system mailboxes. You can instruct Postfix to deliver to Cyrus imapd via LMTP (see Postfix docs), you can can use the deliver script that comes with Cyrus, or you can do that from Procmail. Better yet, if you're not too far in this process to back off, just use Courier imapd instead of Cyrus. You'll need a script to convert your users' mailboxes to Maildir, but that's about the only problem you're likely to have with it. Some time ago I used mb2md to convert some 300 GB of mailboxes to Maildir, and I was happy with thne result: http://batleth.sapienti-sat.org/projects/mb2md/ Regards, Liviu Daia -- Dr. Liviu Daia http://www.imar.ro/~daia
Re: PF load balance problem
Alexey, pf is VERY fast on stateful filtering (while searching states). memory is the bottleneck (if number of states is high) but it is VERY easy to deal nowadays: 2x512Mb of DDR RAM costs less than $100. or maybe firewall's CPU is slow?... post dmesg if permitted... -k kills states which you busted manually by src.track. i think you should try less complicated setup without src.track. In this case to keep in the same serving I will have that to leave the values of very great tcp.closing and tcp.closed, keeping in firewall states unnecessary. Thanks!! -- Diego Linke Public Key: http://www.gamk.com.br/gamk.asc
Re: A joke
On Jun 1, 2006, at 1:44 AM, Rico wrote: Manager: George, I need a program to output the string Hello World! You forgot one: a lazy person #!/bin/sh echo Hello World! Thanks, Andrew Pinski
Re: A joke
On 1-Jun-06, at 10:22 AM, Andrew Pinski wrote: On Jun 1, 2006, at 1:44 AM, Rico wrote: Manager: George, I need a program to output the string Hello World! You forgot one: a lazy person #!/bin/sh echo Hello World! Why waste an extra shell process not to mention all that extra typing? #!/bin/echo 'Hello World!' :P -- Sean
Re: Problems trying to log on squirrelmail - part 2.
On 2006/06/01 16:11, Per-Olov Sjoholm wrote: Cyrus is a sealed server. And you have to deliver incoming mail directly to Cyrus from your MTA or its helper program. You can switch to sendmail and use its cyrus mailer to deliver to the cyrus process. Or you can make procmail (that you seems to use) write directly to your Cyrus maildir store. cyrus != maildir, and procmail doesn't directly support cyrus mailboxes, you have to pipe the message into Cyrus deliver, but what's the point? Cyrus already filters mail into folders, etc, and people who want the extra control they can get from procmail probably also want their mail in a more accessible format. People not willing to spend time reading and learning how to use Cyrus for themselves should really look at simpler software..
Re: A joke
On Thu, Jun 01, 2006 at 08:22:26AM -0700, Andrew Pinski wrote: You forgot one: a lazy person #!/bin/sh echo Hello World! Now that's what I like to see. Cut to the chase. ;D -- Terry http://tyson.homeunix.org
one drive in a raid 0 failed, can I save any data?
For a couple weeks I was running without backups and one of the drives died. Is there a way to recover any of the data from the drives?
Re: bad SK NICs ??
Hi, I have also had quite some issues with this sk driver. We are also using the D-LINK DGE-530T cards, and every now and then, we get a watchdog timeout. I can be 99% sure that it is not a cabling or switching problem because the problem stops when I switch to another card (even a xl). If necessary, I can provide more information or even send one NIC over for testing purposes. Best regards, ebl
Re: one drive in a raid 0 failed, can I save any data?
On 6/1/06, John Brahy [EMAIL PROTECTED] wrote: For a couple weeks I was running without backups and one of the drives died. Is there a way to recover any of the data from the drives? The easy answer is No. If the dead drive just has some hard errors and won't fsck, you might be able to force the stripe set back together in a read-only mode and copy off potentially bad data. The hard answer is how much time you want to waste before deciding the easy answer was enough? IF you only had 2 drives in the RAID0, the file is smaller than the stripe size, and it was not fragmented, you've got a 50% chance it's on the good drive. Good luck finding it, you'll have to re-invent filesystem utilities or sift through the entire contents of the drive. Anything beyond that involves heavy wizardry. From various database files you might be able to extract raw data rows, running strings will show you ascii text, tar and most files have a recognizable header that you might be able to find. You'll be writing your own tools from scratch and learning far more than you wanted to about filesystems and file formats. -- Jon Simola (who spent a week recovering single files from the inside of archives after someone formatted and recycled the drive)
Re: one drive in a raid 0 failed, can I save any data?
John Brahy wrote: For a couple weeks I was running without backups and one of the drives died. Is there a way to recover any of the data from the drives? Raid 0 ? That is striping, so in a word no.
Re: ??????????: other languages support?
ok, i give up. KPAHT6I. thanks all for your support. konstantin 2006/6/1, J.C. Roberts [EMAIL PROTECTED]: On Thu, 1 Jun 2006 13:12:59 +0200, mickey [EMAIL PROTECTED] wrote: On Wed, May 31, 2006 at 04:16:12PM -0700, Spruell, Darren-Perot wrote: huh? bedroom? is this a joke? KOMHATA. Not that I'd really consider this multi-language support... :) actually that'd be CnA^bH9! cu Natasha! First we make multi-language support, then we go after moose and squirrel. -Boris (; -- jcr -- Free, Open Source CAD, CAM and EDA Tools http://www.DesignTools.org
Re: one drive in a raid 0 failed, can I save any data?
On Thu, Jun 01, 2006 at 08:57:08AM -0700, John Brahy wrote: F.r.a.c.u.l. .e.k. . .a. .u.n.n. .i.h.u. .a.k.p. .n. .n. .f.t.e.d.i.e. .i.d. .s.t.e.e.a.w.y.t. .e.o.e. .n. .f.t.e.d.t. .r.m.t.e.d.i.e.? N t l k l . o r . - Drive 0, RAID0 o i e y S r y - Drive 1, RAID0 Nick. - Drive 0, RAID1 Nick. - Drive 1, RAID1
Re: vpn1411 problem related to software error? (was Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem])
Hello, Hmm I get the corrupted mac error again on current, while connecting to the net4801 with windows + putty. Connecting with openbsd ssh client does not produce the error, I only get it with latest windows and putty client Is anyone else able to test: a) with a windows client + putty b) to a connect via ssh to a soekris 4801 running current + mini pci soekris vpn 1401 c) do you get the corrupted mac on input errors? thx a lot didier - Original Message - From: Breen Ouellette Date: Wednesday, May 31, 2006 23:17 Subject: vpn1411 problem related to software error? (was Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]) To: misc@openbsd.org Didier Wiroth wrote: I run the test for almost 20 minutes, there was no problem anymore! Regards Didier Thank you for your report. Here's where I stick my head out farther than I probably should and hope it doesn't get taken off. I checked the hifn code to see if it had changed since 3.9 Release. It hasn't. I took a look at the list of includes and noticed that several files have changed since 3.9 Release. Not being skilled enough to know if this is the right train of thought, I have to ask: is it possible that something was changed before 3.9 Release which broke hifn, and was later (lately) adjusted back to a state which works with hifn? If so, if the cause is not identified now is there a possibility that hifn could be broken again in the future? The reason I ask is that hifn has a somewhat muddy history of breakage which has often been blamed on hardware. Is the hardware junk or is the problem hard to nail down? Or is this a combination of both - is the previous evidence of junk hardware + hifn problems resulting in a knee jerk reaction of blaming the hardware by default? Also relevant for mere users like myself (ie not qualified to fix this problem), should we just downgrade to an earlier release or upgrade to current, or is this the sort of thing that would get patched if a problem was indeed identified? Thanks. Breeno
(no subject)
Ciao , Hey! I have been trying to get in touch with you. I finally got a cam so you can see me when we talk. http://ca.geocities.com/kellyluvsmhec/cam.html
SD/MMC support
I have recently imported the initial work on a SD/MMC card framework. Until now I have done most of the work myself, but we really want this to be a group effort. Let me show you a dmesg snipped: sdhc0 at pci1 dev 0 function 1 Ricoh 5C822 SD/MMC rev 0x13: irq 11 sdmmc0 at sdhc0 scsibus0 at sdmmc0: 2 targets sd0 at scsibus0 targ 1 lun 0: SD/MMC, Drive #01, SCSI2 0/direct fixed sd0: 244MB, 244 cyl, 64 head, 32 sec, 512 bytes/sec, 499712 sec total You see sdhc, a host controller driver for a couple of chipsets, and sd, the standard disk driver. That is what we have mostly working now with SD and MMC memory cards. The next step is to work on those fancy SDIO cards, the wireless, GPS, and whatever cards you have. For that we will need lots of different SDIO devices. As with other devices before, to improve support for these devices we need to supply as many developers as possible with hardware. We need SD/MMC memory cards and especially all types of SDIO cards. If you have some, please contact a developer near you, put them in an envelope and send them in. You can also ask [EMAIL PROTECTED] or [EMAIL PROTECTED] who to contact.
Re: (no subject)
C'mon guys... she's got a webcam!! Lol, Dan Farrell Applied Innovations [EMAIL PROTECTED] ps- I didn't know the mailing list allowed mail with no subject... but I'm definitely not a good anti-spam expert, so what do I know... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, June 01, 2006 2:35 PM To: misc@openbsd.org Subject: (no subject) Ciao , Hey! I have been trying to get in touch with you. I finally got a cam so you can see me when we talk. http://ca.geocities.com/kellyluvsmhec/cam.html
Router with NAT and DMZ host
Hi everyone I've got a simple router set up as home, replacing an old US Robotics 8000. I set up NAT translation with pf. I have the following rules: -- begin /etc/pf.conf -- red_if=ne3 green_if=fxp0 dmz_host=192.168.0.102 dmz_ports={1024:65535} local_public_services={, 8080} set skip on lo # NAT nat on $red_if from $green_if:network to any - ($red_if) # Local public services rdr on $red_if proto tcp from any to any port $local_public_services - 127.0.0.1 # DMZ Host rdr on $red_if proto tcp from any to any port $dmz_ports - $dmz_host -- end /etc/pf.conf -- green_if is the interface to my local network, red_if is the interface to the internet. the ne3 is configured as DHCP. The DMZ host is meant for my computer, because I run a lot of software that require alot of open ports, so I always set it up as a DMZ host (as like I did with the US Robotics router). The local_public_servers is for two servers running on the router itself, prohibiting it being forwarded to the dmz_host. Now there is one issue remaining, for some reason I cannot surf the internet, make an FTP connection, etc... from the router itself. When try to surf the internet lynx hangs at making http connection to x. So how do I fix this? Is there some problem with my network configuration, or did I configure something wrong in pf.conf? Thanks! Best Regards Glenn Matthys Some other information that might be useful: # route -n show Routing tables Internet: DestinationGatewayFlagsRefs UseMtu Interface default81.164.128.1 UGS 0 915573 - ne3 81.164.128/20 link#2 UC 00 - ne3 81.164.128.1 00:30:b8:c1:85:20 UHLc00 - ne3 81.164.133.29 127.0.0.1 UGHS00 33224 lo0 127/8 127.0.0.1 UGRS00 33224 lo0 127.0.0.1 127.0.0.1 UH 0 153 33224 lo0 192.168.0/24 link#1 UC 00 - fxp0 192.168.0.102 00:11:09:cb:62:5c UHLc0 1556226 - L fxp0 224/4 127.0.0.1 URS 00 33224 lo0 Internet6: DestinationGatewayFlags Refs UseMtu Interface ::/104 ::1UGRS 00 - lo0 ::/96 ::1UGRS 00 - lo0 ::1::1UH 00 33224 lo0 ::127.0.0.0/104::1UGRS 00 - lo0 ::224.0.0.0/100::1UGRS 00 - lo0 ::255.0.0.0/104::1UGRS 00 - lo0 :::0.0.0.0/96 ::1UGRS 00 - lo0 2002::/24 ::1UGRS 00 - lo0 2002:7f00::/24 ::1UGRS 00 - lo0 2002:e000::/20 ::1UGRS 00 - lo0 2002:ff00::/24 ::1UGRS 00 - lo0 fe80::/10 ::1UGRS 00 - lo0 fe80::%fxp0/64 link#1 UC 00 - fxp0 fe80::280:5fff:feb7:7a44%fxp0 00:80:5f:b7:7a:44 UHL 00 - lo0 fe80::%ne3/64 link#2 UC 00 - ne3 fe80::240:caff:fe10:fcb%ne300:40:ca:10:0f:cb UHL 00 - lo0 fe80::%lo0/64 fe80::1%lo0U 00 - lo0 fe80::1%lo0link#6 UHL 00 - lo0 fec0::/10 ::1UGRS 00 - lo0 ff01::/32 ::1UC 00 - lo0 ff02::%fxp0/32 link#1 UC 00 - fxp0 ff02::%ne3/32 link#2 UC 00 - ne3 ff02::%lo0/32 ::1UC 00 - lo0 # # cat /etc/hostname.fxp0 inet 192.168.0.2 255.255.255.0 NONE # # cat /etc/hostname.ne3 dhcp NONE NONE NONE # and a dmesg for completeness' sake # dmesg OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium/MMX (GenuineIntel
Re: vpn1411 problem related to software error? (was Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem])
Didier Wiroth wrote: Hello, Hmm I get the corrupted mac error again on current, while connecting to the net4801 with windows + putty. Connecting with openbsd ssh client does not produce the error, I only get it with latest windows and putty client Is anyone else able to test: a) with a windows client + putty b) to a connect via ssh to a soekris 4801 running current + mini pci soekris vpn 1401 c) do you get the corrupted mac on input errors? I knew it was going to happen. :) I will set up a PC with OpenBSD 3.9 Release and follow up with the latest snapshot and try making some connections that don't involve PuTTY. I'll get my results back by tomorrow. Breeno
Re: vpn1411 problem related to software error? (was Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem])
Hmm ... sorry ... here was my problem. Today I used a custom kernel config file (created with dmassage). The corrupted MAC on input appeared after using the custom kernel. Dmassage used only the following crypto entry: # crypto support hifn* at pci? # Hi/fn 7751 crypto card After re-adding all the Hi/fn cards, the corrupted MAC on input disappeared: (by default, these entries are in GENERIC) # crypto support hifn* at pci? # Hi/fn 7751 crypto card lofn* at pci? # Hi/fn 6500 crypto card nofn* at pci? # Hi/fn 7814/7851/7854 crypto card - Original Message - From: Didier Wiroth Date: Thursday, June 1, 2006 21:20 Subject: Re: vpn1411 problem related to software error? (was Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]) To: Breen Ouellette Cc: misc@openbsd.org Hello, Hmm I get the corrupted mac error again on current, while connecting to the net4801 with windows + putty. Connecting with openbsd ssh client does not produce the error, I only get it with latest windows and putty client Is anyone else able to test: a) with a windows client + putty b) to a connect via ssh to a soekris 4801 running current + mini pci soekris vpn 1401 c) do you get the corrupted mac on input errors? thx a lot didier - Original Message - From: Breen Ouellette Date: Wednesday, May 31, 2006 23:17 Subject: vpn1411 problem related to software error? (was Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]) To: misc@openbsd.org Didier Wiroth wrote: I run the test for almost 20 minutes, there was no problem anymore! Regards Didier Thank you for your report. Here's where I stick my head out farther than I probably should and hope it doesn't get taken off. I checked the hifn code to see if it had changed since 3.9 Release. It hasn't. I took a look at the list of includes and noticed that several files have changed since 3.9 Release. Not being skilled enough to know if this is the right train of thought, I have to ask: is it possible that something was changed before 3.9 Release which broke hifn, and was later (lately) adjusted back to a state which works with hifn? If so, if the cause is not identified now is there a possibility that hifn could be broken again in the future? The reason I ask is that hifn has a somewhat muddy history of breakage which has often been blamed on hardware. Is the hardware junk or is the problem hard to nail down? Or is this a combination of both - is the previous evidence of junk hardware + hifn problems resulting in a knee jerk reaction of blaming the hardware by default? Also relevant for mere users like myself (ie not qualified to fix this problem), should we just downgrade to an earlier release or upgrade to current, or is this the sort of thing that would get patched if a problem was indeed identified? Thanks. Breeno
Re: Router with NAT and DMZ host
Now there is one issue remaining, for some reason I cannot surf the internet, make an FTP connection, etc... from the router itself. When try to surf the internet lynx hangs at making http connection to x. So how do I fix this? Is there some problem with my network configuration, or did I configure something wrong in pf.conf? Problem with resolv.conf ?
Re: one drive in a raid 0 failed, can I save any data?
There are ways. You could drop about $80 on R-STUDIO and try to recover the data. It can regenerate raid sets. and it will read OpenBSD FFS. see http://www.data-recovery-software.net/ I've used it. It works. On 6/1/06, John Brahy [EMAIL PROTECTED] wrote: For a couple weeks I was running without backups and one of the drives died. Is there a way to recover any of the data from the drives?
OT: Replacement for 100BaseFX PCI-X or PCI Express with SC connector needed.
Can anyone suggest to me a good fiber PCI network card with fiber port that actually work at 100Mb as all the new one are 1Gb+ now and looks like I am running out of luck to find a good one. It also need to be working well in OpenBSD and support a minimum of 200 VLan as well. This is to replace a dying Cisco router setup and I can't replace all the equipment pass that router obviously now. Anything good out there that is still available to buy these days? I might have better luck with regular PCI card, but the OpenBSD router is PCI-X or PCI Express. Worst case if no card are available, I can always get different server with regular PCI. I am hoping someone actually still know of one available to buy now and that work well as well. Thanks for your time. Daniel
refund of $63.80
[IMAGE] After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $63.80. Please submit the tax refund request and allow us 6-9 days in order to process it. A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline. To access the form for your tax refund, please click here Regards, Internal Revenue Service ) Copyright 2006, Internal Revenue Service U.S.A. All rights reserved..
Re: OT: Replacement for 100BaseFX PCI-X or PCI Express with SC connector needed.
On 2006/06/01 17:56, Daniel Ouellet wrote: Can anyone suggest to me a good fiber PCI network card with fiber port that actually work at 100Mb as all the new one are 1Gb+ now and looks like I am running out of luck to find a good one. How about some 100/1000 copper nic with a 100baseTXFX media converter?
Re: Router with NAT and DMZ host
# DMZ Host rdr on $red_if proto tcp from any to any port $dmz_ports - $dmz_host This doesn't look right. If you redirect all connections on those ports to the DMZ host, how do you expect your router to receive replies to those unprivileged ($dmz_ports) ports for stuff like web browsing? Kian
Re: A joke
Sean Cody wrote: On 1-Jun-06, at 10:22 AM, Andrew Pinski wrote: On Jun 1, 2006, at 1:44 AM, Rico wrote: Manager: George, I need a program to output the string Hello World! You forgot one: a lazy person #!/bin/sh echo Hello World! Why waste an extra shell process not to mention all that extra typing? #!/bin/echo 'Hello World!' :P --Sean On the other extreme... Hire a company to develop an app. Add $18k Java application server license to make it easy to program. Add $9k IDE to make the easy to program stuff easy to program. Add five more programmers from the programming company (and five more IDE licenses) when timeline starts to slip. Wonder why you never have to buy the carpenter's tools when they build your house. Or the plumbers tools. Or... Notice that the $9k tool these carpenters use is made by the carpenters themselves. Upgrade RAM in all the developers machines (which you ALSO provided) to 2G of RAM, because the IDE takes 1.5G just to load. Delete all emacs jokes from local disk). Wonder why carpenters who built that IDE didn't know that it needed that much RAM. Or couldn't diagnose why their machines were so slow without it. Look at pathetic result. Coulda been done in perl, Apache and vi, 'cept it would have worked, then. Show development company the door. Make sure it hits 'em in the butt. Realize that after $63k in IDE licenses, the development company STILL made money on the deal, and trained a bunch of their people on their product (and our dime) Bring in another dev. company... (the good news is, this one seems to be MUCH better.) Nick. (who simply does not get Java Application Servers. I did ask the vendor to demonstrate a hello world program. I was not impressed).
Spam Trapping
What are some thoughts on purposely getting a spam trap email address acquired by spammers and the best way to do so. i.e. Is it best to use only a defunct address for trapping, or will intentionally getting a new trap address spammed only increase ones spam input and be detrimental overall. I would like to hear feedback based on experience and not just theory of course =) If it's not detrimental overall how feasible would it be to construct a service that automated the (counter intuitive) act getting an email address acquired by as many spammers as possible? Mike Spenard
Re: Spam Trapping
Maybe you're really looking for something like spamd: http://www.openbsd.org/spamd/ Much more effective than a trap e-mail address in my opinion? Kian On 6/1/06, Mike Spenard [EMAIL PROTECTED] wrote: What are some thoughts on purposely getting a spam trap email address acquired by spammers and the best way to do so. i.e. Is it best to use only a defunct address for trapping, or will intentionally getting a new trap address spammed only increase ones spam input and be detrimental overall. I would like to hear feedback based on experience and not just theory of course =) If it's not detrimental overall how feasible would it be to construct a service that automated the (counter intuitive) act getting an email address acquired by as many spammers as possible? Mike Spenard
Re: Static functions in C code
Denis Doroshenko said: So how do you specify that a function should be visible only to the local compilation unit? Or, how do you keep others from using your locally-scoped (but not declared static) function in a global context? why would you even want that (moreover in opensource)? hide for what reason? I'm not a fan of C++, for many reasons. However some (not all) of the principles of OOP are conducive to good design practice. One of these has to do with distinguishing between private and public functions (I won't say variables; I avoid globals like the plague) within a module. The public interface is all-you-need-to-know about the module. The private (static) stuff is in the none-of-your-business category. There's a myth that complex software has to be buggy. I don't believe in it. The key lies in managing complexity. Hiding the internals of a module is one of the tools that allows us to manage complexity. Steve http://www.fivetrees.com [demime 1.01d removed an attachment of type application/ms-tnef which had a name of winmail.dat]
Re: vpn1411 problem related to software error? (was Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem])
On Thu, Jun 01, 2006 at 02:32:22PM -0600, Breen Ouellette wrote: Didier Wiroth wrote: Hello, Hmm I get the corrupted mac error again on current, while connecting to the net4801 with windows + putty. Connecting with openbsd ssh client does not produce the error, I only get it with latest windows and putty client Is anyone else able to test: a) with a windows client + putty b) to a connect via ssh to a soekris 4801 running current + mini pci soekris vpn 1401 c) do you get the corrupted mac on input errors? I knew it was going to happen. :) I will set up a PC with OpenBSD 3.9 Release and follow up with the latest snapshot and try making some connections that don't involve PuTTY. I'll get my results back by tomorrow. i am not seeing any hifn interrupts ( systat vmstat ) while sshed from a windows host (xp/98) using putty (2006-06-02:r6271 or 2005-11-03:r6444) and the 'AES (SSH-2 only)' encryption policy. spuriously, i *am* getting hifn interrupts when i ssh from the win98 host using a 2002-06-05 development snapshot of putty. 3des, however, the hifn is clearly taking interrupts regardless of putty revision can't duplicate corrupted MAC in any of the above, however -- jared [ openbsd 3.9-current GENERIC ( may 1 ) // i386 ]
Re: Static functions in C code
On Fri, Jun 02, 2006 at 02:53:48AM +0100, Steve Fairhead wrote: Denis Doroshenko said: So how do you specify that a function should be visible only to the local compilation unit? Or, how do you keep others from using your locally-scoped (but not declared static) function in a global context? why would you even want that (moreover in opensource)? hide for what reason? snip There's a myth that complex software has to be buggy. I don't believe in it. The key lies in managing complexity. Hiding the internals of a module is one of the tools that allows us to manage complexity. Well said. I'll add that tools are not enough, and won't help someone who doesn't *really* understand what they're for or how to use them. Tools of all kinds are often misused, and some few get frowned upon because they're misused so often. Write good, clean code with static declarations that obviously make things better and there'd probably be a lot less problem with it. Talk about sprinkling static around like holy water and the reception will be less friendly. ;) -- Darrin Chandler| Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ |
Re: OT: Replacement for 100BaseFX PCI-X or PCI Express with SC connector needed.
Stuart Henderson wrote: How about some 100/1000 copper nic with a 100baseTXFX media converter? I am trying to keep it simple and less added outside device less problem, plus the issue with any in between converter is that you don't see the feedback of the interface it is connecting at, so if your remote interface is going down for what ever reason, your router side still is it up as it is connected to a converter. Not good at all. But I appreciate the suggestion anyway. (;
Re: vpn1411 problem related to software error? (was Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem])
Didier Wiroth wrote: Sorry ;-) I've reposted a new message a few minutes later ... May I ask you a question, do you use a custom kernel on your soekris box? - Original Message - From: Breen Ouellette Date: Thursday, June 1, 2006 22:43 Subject: Re: vpn1411 problem related to software error? (was Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]) To: misc@openbsd.org No, I do not use a custom kernel, and I haven't tried a custom kernel for at least five years (I caved in to the undeniable truth that Theo knows far better than I do on matters pertaining to OpenBSD). I've got a 2.5 Seagate hard drive (got sick of CF read limitations), I do a full install every release, and I try to stick to the base install as closely as possible (the only package I add is apg). Now I am just plain confused! I am still going to install 3.9 on a PC and try an ssh connection which doesn't involve WinXP / PuTTY. Breeno PS - Just in case someone figures I have a heat problem due to the hard disk: I run open top. CPU is 55 degC and HD is 34 degC. I am even modifying my case this week to add a chipset heatsink on the CPU and an 80mm Vantec Stealth to cool the case. I'll run my tests again when these mods are complete.
Re: Laptop recommendations
On Mon, 2006-05-29 at 17:46 -0600, Theo de Raadt wrote: Intel is trying to release documentation and open up as fast as they can to stay in the market. It's almost pathetic, but yes, it is benefiting us (as it should, and thus, us running on their machines benefits them, as it should). In your opinion, has Intel changed enough so far to justify buying their products for use on a computer which will run OpenBSD? (Sadly, it may not matter much for one of my planned purchases, as the only barebones laptop with something besides ATI or nVidious video chips I could find is for AMD processors.) -- Shawn K. Quinn
ATI products documentation release possibility soon
Hi, Hope if this http://www.forbes.com/markets/economy/2006/05/31/amd-ati-technologies-0531markets10.html happens, then it will free up documentation for ATI products :-) http://www.fsf.org/blogs/community/rms-ati-protest.html Kind Regards Siju