anatomy of US military DIA patsi creation
Some victims are chosen as test subjects others because they know too much. There are a variety of reasons. It is not likely that an in depth discussion of the subject will ever be reached by means of the Freedom of information act. Extraordinary means will get the information. I consider myself the beginning of such extraordinary means. My background: Father: served in Viet Nam, 25 years in Air Force Mother: worked for US civil service for 20 years, Me:nbsp; AFGWC (Air Force Global Weather Central) as contractor for Sterling Software at Offut, nbsp;nbsp;nbsp;nbsp; Worked at StratCom as contractor for SAIC. acronym list DIA defense intelligence agency OSI office of security investigations DIS defense investigative service NIS naval investigative service The victim is lured to work as a contractor at a Military installation by DIA officers. He/she fills out a background 398. The DIS begins the background investigation while the OSI or NIS fabricates evidence. This keeps the 2 agencies separate and can claim no knowledge of occurance. The overseeing agency is again the DIA; coordinating effort by the DIS and OSI/NIS. While thenbsp; background investigation is being completed by the DIS the DIA begins a sophisticated psychological and physical torture routine on the victim. Its purpose is for reduction, this renders the victim susceptible to suggestion and hypnotism. After the suggestion stage and all the evidence is fabricated the next stage is finding a corrupt police agency to turn the suspect over to. For me it is California State Police. For some victims the goal is to legitimize the killing of the suspect if faults are detected in the DIA plan. In some cases psychogenic drugs can be used by DIA officers on victim to help make the victim appear unstable thereby legitimizing the killing of victim by helping police agency. These are the same psychogenic drugs used at Guantanamo and Eastern European holding facilities. More to follow...
Re: OpenBSD 4.2 guest on Linux Host, run problem
Maybe VirtualBox-OSE is an option? It explicitly mentions OpenBSD on the list of supported guests: http://www.virtualbox.org/wiki/Guest_OSes . Good luck Harri
Azalia - Realtek/0x0885 - plays, but no sound
Hi, The card is recognized OK and i see that mplayer (with or without -srate 48000) plays the sound, but i can't hear anything. I played with many options in mixerctl but no success at all. Maybe because it's sharing IRQ with other devices? $ vmstat -i interrupt total rate irq0/clock 89681 201 irq0/ipi 10252 irq9/acpi0 910 irq20/uhci0 5002 11 irq21/ehci0 30 irq20/azalia0 10 irq17/mskc0 18084 irq21/uhci4 52157 117 irq20/ehci1 1010 irq18/pciide14745 10 Total 154614 347 Here's my dmesg, mixerctl -a and audioctl -a. http://sacodelixo.com.br/~alemao/dmesg.txt http://sacodelixo.com.br/~alemao/audioctl.txt http://sacodelixo.com.br/~alemao/mixerctl.txt Any help/tip would be nice. Thanks.
Re: OpenBSD 4.2 guest on Linux Host, run problem
It's not option.OpenBSD is not running under VirtualBox due to segfault during install.It's known bug and it's not resolved yet. OpenBSD is running fine under qemu,but you must disable kqemu: $qemu --no-kqemu .. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harald Dunkel Sent: Tuesday, June 10, 2008 9:40 AM To: Boril Boyanov Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; misc@openbsd.org Subject: Re: OpenBSD 4.2 guest on Linux Host, run problem Maybe VirtualBox-OSE is an option? It explicitly mentions OpenBSD on the list of supported guests: http://www.virtualbox.org/wiki/Guest_OSes . Good luck Harri
Re: Azalia - Realtek/0x0885 - plays, but no sound
On Tue, Jun 10, 2008 at 04:41:54AM -0300, alemao wrote: The card is recognized OK and i see that mplayer (with or without -srate 48000) plays the sound, but i can't hear anything. I played with many options in mixerctl but no success at all. Set all output values to 255 and look for volume buttons on the laptop itself. See also: http://marc.info/?l=openbsd-miscm=118400454711032w=2 Pieter Verberne
Re: Azalia - Realtek/0x0885 - plays, but no sound
alemao wrote: Look the output from mixerctl and adjust things like outputs.master=248,248 ( I think this is by default something like 128,128) and few other which are self explanatory. I have the similar audio card and I had the same problem. Best, Predrag Hi, The card is recognized OK and i see that mplayer (with or without -srate 48000) plays the sound, but i can't hear anything. I played with many options in mixerctl but no success at all. Maybe because it's sharing IRQ with other devices? $ vmstat -i interrupt total rate irq0/clock 89681 201 irq0/ipi 10252 irq9/acpi0 910 irq20/uhci0 5002 11 irq21/ehci0 30 irq20/azalia0 10 irq17/mskc0 18084 irq21/uhci4 52157 117 irq20/ehci1 1010 irq18/pciide14745 10 Total 154614 347 Here's my dmesg, mixerctl -a and audioctl -a. http://sacodelixo.com.br/~alemao/dmesg.txt http://sacodelixo.com.br/~alemao/audioctl.txt http://sacodelixo.com.br/~alemao/mixerctl.txt Any help/tip would be nice. Thanks.
Gratis! Diccionario/Traductor para instalar en su Celular
Gratis! para instalar en su Celular: Diccionario/Traductor portatil (Espaqol - Inglis - Aleman) Descargando mas informacisn... alt alt alt alt alt alt alt alt alt alt alt alt Gratis para su Celular! Diccionario/Traductor portatil (Espaqol - Inglis - Aleman) UN OBSEQUIO DE: www.viajesXestudio.com.ar Practique su inglis, mientras viaja y trabaja por el mundo! CLICK aqui para mas info El diccionario traductor es un software que se instala en cualquier celular que posea tecnologma JAVA. Si usted tiene juegos en su celular a color, seguro posee JAVA. Se instala via USB, Bluetooth o Infrarojo. Mas ayuda sobre JAVA y csmo instalarlo, luego de descargarlo. Si no desea recibir mas comunicaciones vma email Click Aqum [IMAGE]Diseqado y enviado por Veloxcom: Nos encargamos de conseguir personas y empresas interesadas en adquirir sus productos y servicios. Conszltenos: click aqum - website:www.veloxcom.com.ar
Re: restricting snmpd access on 4.3 to a single IP
On Jun 9, 2008, at 7:43 PM, Aaron Glenn wrote: On Mon, Jun 9, 2008 at 3:23 PM, Jurvis LaSalle [EMAIL PROTECTED] wrote: Hi, I've read the man page for snmpd.conf, but didn't see mention of a way to restrict snmpd to only respond to gets and sets from one ip address. Is there a way to do this in snmpd.conf or should I look to a pf solution? are you referring to the net-snmp package or the base snmpd daemon? whoops. meant to explicitly say base. I've used the following line in net-snmp's conf file to do this. just wondering if there's a way to do the same in base now. com2sec mynetwork xxx.xxx.xxx.xxxanythingbutpublic
vsftpd [more secure]
*Name* *Version* vsftpd http://vsftpd.beasts.org/ 1.1.3 vsftpd http://vsftpd.beasts.org/ 1.2.2 vsftpd http://vsftpd.beasts.org/ 1.2.2 vsftpd http://vsftpd.beasts.org/ 2.0.1 vsftpd http://vsftpd.beasts.org/ 2.0.4 what version should i use? what is more secure...the last version...2.0.6 or 2.0.4 or 1.3?!
Re: vsftpd [more secure]
Saulo Bozzi wrote: *Name* *Version* vsftpd http://vsftpd.beasts.org/ 1.1.3 vsftpd http://vsftpd.beasts.org/ 1.2.2 vsftpd http://vsftpd.beasts.org/ 1.2.2 vsftpd http://vsftpd.beasts.org/ 2.0.1 vsftpd http://vsftpd.beasts.org/ 2.0.4 what version should i use? what is more secure...the last version...2.0.6 or 2.0.4 or 1.3?! Ask the vsftpd guys?
Re: 4.2 xenocara make build problem [SOLVED]
Matthieu Herrb escribis: On Sun, Jun 8, 2008 at 1:32 PM, Jesus Sanchez [EMAIL PROTECTED] wrote: Hi, using 4.2. Today I downloaded the xenocara.tar.gz from ftp.openbsd.org and it seems to have a problem. I untared the source into /usr/src/xenocara, cleaned the /usr/xobj/* dir and set a DESTDIR. As root, I runed make bootstrap (no problem) make obj (no problem) make build (-- problem --) It have problems when compiling /usr/src/xenocara/lib/freetype You need to have /usr/X11R6/bin in your PATH to build Xenocara, I found that if I set the DESTDIR the build brokes, if I unset it the build works. Thanks for all. -Jesus
Re: libstdc++.so.44.1 missing in latest snapshot
Markus Lude [EMAIL PROTECTED] writes: Ops, snapshot for i386 of jun 8. On Mon, Jun 09, 2008 at 05:34:51PM +0200, fulvio ciriaco wrote: Hi, as mentioned in the title libstdc++.so is not in the iso, nor in comp43. Fulvio $ tar ztf base43.tgz | grep libstdc ./usr/lib/libstdc++.so.44.1 Which snapshot on which arch do you use? Snapshot from June 7th here on sparc64. Regards, Markus
Re: snmp MIB variables
HOST-RESOURCES-MIB was added after the 4.3 release: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/snmpd/mib.c#rev1.20 While not supported, I've had luck building snmpd from -current on 4.3 release. Dustin Lundquist (private) HKS wrote: Hello, Reyk Floeter mentioned in his ONLamp interview (link below) that snmpd currently supports most of the SNMPv1/v2c MIBs, IP-MIB, BRIDGE-MIB, HOST-RESOURCES-MIB, IF-MIB, and the OPENBSD-SENSORS-MIB http://www.onlamp.com/pub/a/bsd/2008/04/29/puffy-and-the-crytonauts-whats-new-in-openbsd-43.html I have a 4.3 installation that lacks the vast majority of these MIBs. The most relevant for me is HOST-RESOURCES-MIB - 1.3.6.1.2.1.25.1. # snmpctl -n show mib | grep 1.3.6.1.2.1.25.1 # Are these MIBs planned releases, or is my installation missing something? Thanks in advance for the help. -HKS
Re: Azalia - Realtek/0x0885 - plays, but no sound
On Tue, Jun 10, 2008 at 01:43:06AM -0700, Predrag Punosevac wrote: alemao wrote: Look the output from mixerctl and adjust things like outputs.master=248,248 ( I think this is by default something like 128,128) and few other which are self explanatory. I have the similar audio card and I had the same problem. Ok, This is crazy. Yesterday, I started composing an email to ask pretty much the same question. (no sound from azalia). Today I have sound, thanks to this list (This time being Peiter and Predrag). I don't know how this list does it, but it is not the first time my questions have been answered as I was getting ready to ask them. Thank you all very much. l8rZ, -- andrew - ICQ# 253198 - Jabber: [EMAIL PROTECTED] BOFH excuse of the day: We had to turn off that service to comply with the CDA Bill.
wpi(4) not working in -CURRENT
I have 3 wireless networks at my house, 2 of them are 2x airport express AP's running WDS 1x ral(4) in my firewall in hostap mode, the laptop connecting to these AP's is a Dell Vostro 1310 running -CURRENT, I've been trying snapshots on a regular basis since I got the laptop (last week of may), the wpi interface fails to find any wireless networks. I hadn't reported it earlier as I thought the problem was to do with my AP's. Running ifconfig shows that the interface is cycling through different media modes not finding anything, specifying the media mode via ifconfig doesn't make any difference. wpi0: flags=8843 mtu 1500 lladdr 00:1f:3c:4f:0x:a9 groups: wlan media: IEEE802.11 autoselect (OFDM36 mode 11g) status: no network ieee80211: nwid chilli chan 1 100dBm inet6 fe80::21f:3cff:fe4f:ec4%wpi0 prefixlen 64 scopeid 0x1 OpenBSD 4.3-current (GENERIC.MP) #0: Tue Jun 10 19:24:57 BST 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2133274624 (2034MB) avail mem = 2071425024 (1975MB) User Kernel Config UKC disb\^H \^Hable re 91 re* disabled UKC exit Continuing... mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xdc010 (38 entries) bios0: vendor Dell Inc. version A06 date 05/05/2008 bios0: Dell Inc. Vostro1310 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC HPET MCFG TCPA TMOR OSFR APIC BOOT SLIC SSDT SSDT SSDT SSDT acpi0: wakeup devices LID0(S3) HDEF(S3) PXSX(S3) PXSX(S5) USB1(S0) USB2(S0) USB3(S0) USB4(S0) USB5(S0) EHC1(S0) EHC2(S0) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU T5670 @ 1.80GHz, 1795.84 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,CX16,xTPR ,NXE,LONG cpu0: 2MB 64b/line 8-way L2 cache cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU T5670 @ 1.80GHz, 1795.50 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,CX16,xTPR ,NXE,LONG cpu1: 2MB 64b/line 8-way L2 cache ioapic0 at mainbus0 apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PEGP) acpiprt2 at acpi0: bus 2 (RP01) acpiprt3 at acpi0: bus 3 (RP02) acpiprt4 at acpi0: bus -1 (RP03) acpiprt5 at acpi0: bus 6 (RP04) acpiprt6 at acpi0: bus 7 (RP05) acpiprt7 at acpi0: bus -1 (RP06) acpiprt8 at acpi0: bus 8 (PCIB) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2 acpicpu1 at acpi0: C3, C2 acpibtn0 at acpi0: LID0 acpibtn1 at acpi0: PWRB acpibtn2 at acpi0: SLPB acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT1 serial 11 type Lion oem Dell cpu0: unknown Enhanced SpeedStep CPU, msr 0x0612092506000925 cpu0: using only highest and lowest power states cpu0: Enhanced SpeedStep 1800 MHz (1292 mV): speeds: 1800, 1200 MHz pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 Intel GM965 Host rev 0x0c ppb0 at pci0 dev 1 function 0 Intel GM965 PCIE rev 0x0c: apic 1 int 16 (irq 5) pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 vendor NVIDIA, unknown product 0x0427 rev 0xa1 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: no integrated graphics uhci0 at pci0 dev 26 function 0 Intel 82801H USB rev 0x03: apic 1 int 16 (irq 5) uhci1 at pci0 dev 26 function 1 Intel 82801H USB rev 0x03: apic 1 int 21 (irq 11) ehci0 at pci0 dev 26 function 7 Intel 82801H USB rev 0x03: apic 1 int 18 (irq 10) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 Intel 82801H HD Audio rev 0x03: apic 1 int 22 (irq 10) azalia0: codec[s]: Realtek/0x0268 audio0 at azalia0 ppb1 at pci0 dev 28 function 0 Intel 82801H PCIE rev 0x03: apic 1 int 17 (irq 11) pci2 at ppb1 bus 2 ppb2 at pci0 dev 28 function 1 Intel 82801H PCIE rev 0x03: apic 1 int 16 (irq 5) pci3 at ppb2 bus 3 ppb3 at pci0 dev 28 function 3 Intel 82801H PCIE rev 0x03: apic 1 int 19 (irq 11) pci4 at ppb3 bus 6 wpi0 at pci4 dev 0 function 0 Intel PRO/Wireless 3945ABG rev 0x02: apic 1 int 19 (irq 11), MoW2, address 00:1f:3c:4f:0x:a9 ppb4 at pci0 dev 28 function 4 Intel 82801H PCIE rev 0x03: apic 1 int 17 (irq 11) pci5 at ppb4 bus 7 Realtek 8168 rev 0x02 at pci5 dev 0 function 0 not configured uhci2 at pci0 dev 29 function 0 Intel 82801H USB rev 0x03: apic 1 int 23 (irq 10) uhci3 at pci0 dev 29 function 1 Intel 82801H USB rev 0x03: apic 1 int 19 (irq 11) uhci4 at pci0 dev 29 function 2 Intel 82801H USB rev 0x03: apic 1 int 18 (irq 10) ehci1 at pci0 dev 29 function 7 Intel 82801H USB rev 0x03: apic 1 int 23 (irq 10) usb1 at ehci1: USB revision 2.0 uhub1 at
Re: vsftpd [more secure]
my question is to the system administrator. that know about vsftpd. thnkz. regardsbye.
Re: vsftpd [more secure]
2008/6/10 Saulo Bozzi [EMAIL PROTECTED]: my question is to the system administrator. that know about vsftpd. thnkz. regardsbye. I only find 2.0.5 in packages, since you are asking about a system that is not included in base and a version thats not in our packages system, as someone else said, maybe you should ask the vsftpd mailing list... -- -Lawrence
Re: wpi(4) not working in -CURRENT
Sevan / Venture37 [EMAIL PROTECTED] writes: I have 3 wireless networks at my house, 2 of them are 2x airport express AP's running WDS 1x ral(4) in my firewall in hostap mode, the laptop connecting to these AP's is a Dell Vostro 1310 running -CURRENT, I've been trying snapshots on a regular basis since I got the laptop (last week of may), the wpi interface fails to find any wireless networks. I too keep wondering if there's something up with the wpi driver recently (except the classically buggy firmware, but that's a known issue). My thinkpad R60 came with one of these built in, and support went from so-so to good and stayed fine for months, but now during the last week or so it's oddly shaky again (running snapshots rougly as they appear on the mirrors). Basically network performance with wpi sucks, plug in my rum (usb wifi dongle), route flush and ifconfig+dhclient, performance is in the useful range again. The change for the worse happened sometime within the last week as far as I can tell. Compared with my rum, the wpi gets worse signal strength if I read the ifconfig output correctly: [EMAIL PROTECTED]:~$ ifconfig lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33204 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:16:d3:27:bd:fd media: Ethernet autoselect (none) status: no carrier inet 194.54.103.97 netmask 0xffc0 broadcast 194.54.103.127 inet6 fe80::216:d3ff:fe27:bdfd%bge0 prefixlen 64 scopeid 0x1 wpi0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:13:02:9c:37:74 groups: wlan egress media: IEEE802.11 autoselect (DS11 mode 11g) status: active ieee80211: nwid kakemonster chan 6 bssid 00:1a:4d:3c:88:76 42dB nwkey not displayed 100dBm inet6 fe80::213:2ff:fe9c:3774%wpi0 prefixlen 64 scopeid 0x2 inet 10.168.103.11 netmask 0xff00 broadcast 10.168.103.255 enc0: flags=0 mtu 1536 rum0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:14:85:d8:de:cf groups: wlan media: IEEE802.11 autoselect (DS11 mode 11g) status: active ieee80211: nwid kakemonster chan 6 bssid 00:1a:4d:3c:88:76 107dB nwkey not displayed 100dBm inet6 fe80::214:85ff:fed8:decf%rum0 prefixlen 64 scopeid 0x6 inet 10.168.103.13 netmask 0xff00 broadcast 10.168.103.255 dmesg, latest snapshot (2008-06-09): OpenBSD 4.3-current (GENERIC.MP) #718: Mon Jun 9 19:11:51 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Genuine Intel(R) CPU T2400 @ 1.83GHz (GenuineIntel 686-class) 1.83 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,VMX,EST,TM2,xTPR real mem = 2145808384 (2046MB) avail mem = 2066739200 (1970MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 05/22/07, BIOS32 rev. 0 @ 0xfd690, SMBIOS rev. 2.4 @ 0xe0010 (68 entries) bios0: vendor LENOVO version 7CETC7WW (2.17 ) date 05/22/2007 bios0: LENOVO 946154G acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SSDT ECDT TCPA APIC MCFG HPET BOOT SSDT SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) LURT(S3) DURT(S3) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) PCI1(S4) USB0(S3) USB1(S3) USB2(S3) USB7(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 166MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Genuine Intel(R) CPU T2400 @ 1.83GHz (GenuineIntel 686-class) 1.83 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,VMX,EST,TM2,xTPR ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: duplicate apic id, remapped to apid 2 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus 4 (EXP2) acpiprt5 at acpi0: bus 12 (EXP3) acpiprt6 at acpi0: bus 21 (PCI1) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2 acpicpu1 at acpi0: C3, C2 acpitz0 at acpi0: critical temperature 127 degC acpitz1 at acpi0: critical temperature 100 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model 92P1137 serial 1116 type LION oem SANYO acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit online acpithinkpad0 at acpi0 acpidock at acpi0 not configured bios0: ROM list: 0xc/0xfe00 0xd/0x1600 0xd1800/0x1000 0xdc000/0x4000! 0xe/0x1! cpu0: unknown Enhanced SpeedStep CPU, msr 0x06130b2c06000b2c cpu0: using only highest and lowest power states cpu0: Enhanced SpeedStep 1833 MHz (1404 mV): speeds: 1833, 1000 MHz pci0 at mainbus0 bus 0:
Re: wpi(4) not working in -CURRENT
I too keep wondering if there's something up with the wpi driver recently (except the classically buggy firmware, but that's a known issue). My thinkpad R60 came with one of these built in, and support went from so-so to good and stayed fine for months, but now during the last week or so it's oddly shaky again (running snapshots rougly as they appear on the mirrors). Basically network performance with wpi sucks, plug in my rum (usb wifi dongle), route flush and ifconfig+dhclient, performance is in the useful range again. The change for the worse happened sometime within the last week as far as I can tell. Compared with my rum, the wpi gets worse signal strength if I read the ifconfig output correctly: Interesting Peter, you're mention of using a usb wifi adapter reminded me that I have d-link dwl-122 somewhere here, I dug it out, attempted to connect to my airport AP's only to find I wasn't able to, I then remembered that the AP's where set to run in 11g mode rather then mixed (11b/g), I made the relevant change using airport utility everything was well, I managed to connect via my usb wifi adapter only to find that the system became on responsive if I ran ifconfig, I switched terminals ran dmesg that terminal hung aswell, I switched to another terminal rebooted, the system went through the shutdown process by never restarted, I power cycled the box when it booted I noticed that the wpi interface managed to connected to one of the airport base stations obtain an ip via dhcp. I'm still unable to connect to the ral interface on my firewall though, I've tried forcing mode 11b with no success. Sevan / Venture37 _ All new Live Search at Live.com http://clk.atdmt.com/UKM/go/msnnkmgl001006ukm/direct/01/
Re: snmp MIB variables
Thanks, that clears up my confusion. -HKS On Tue, Jun 10, 2008 at 1:30 PM, Dustin Lundquist [EMAIL PROTECTED] wrote: HOST-RESOURCES-MIB was added after the 4.3 release: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/snmpd/mib.c#rev1.20 While not supported, I've had luck building snmpd from -current on 4.3 release. Dustin Lundquist (private) HKS wrote: Hello, Reyk Floeter mentioned in his ONLamp interview (link below) that snmpd currently supports most of the SNMPv1/v2c MIBs, IP-MIB, BRIDGE-MIB, HOST-RESOURCES-MIB, IF-MIB, and the OPENBSD-SENSORS-MIB http://www.onlamp.com/pub/a/bsd/2008/04/29/puffy-and-the-crytonauts-whats-new-in-openbsd-43.html I have a 4.3 installation that lacks the vast majority of these MIBs. The most relevant for me is HOST-RESOURCES-MIB - 1.3.6.1.2.1.25.1. # snmpctl -n show mib | grep 1.3.6.1.2.1.25.1 # Are these MIBs planned releases, or is my installation missing something? Thanks in advance for the help. -HKS
relayd - configuration issue
Running 4.3-stable. I am trying to setup relayd as a reverse proxy and have a fail back table. When I enable the fail back table, relayd complains table already specified. # cat /tmp/relay.test.conf ## Macros # relayd_addr=127.0.0.1 relayd_reverse_port=8080 ## Global Options # prefork 10 #interval 10 #timeout 5000 #log updates www1=192.168.200.13 backupwww=127.0.0.1 table webhosts { $www1 } table outoforder disable { $backupwww } relay reverse-proxy { listen on $relayd_addr port $relayd_reverse_port forward to webhosts port 80 mode loadbalance check http / host www.balius.com code 200 forward to outoforder port 80 check http / code 200 } # relayd -vv -n -f /tmp/relay.test.conf /tmp/relay.test.conf:25: table already specified no redirections, nothing to do # cat /tmp/relay.test.conf ## Macros # relayd_addr=127.0.0.1 relayd_reverse_port=8080 ## Global Options # prefork 10 #interval 10 #timeout 5000 #log updates www1=192.168.200.13 backupwww=127.0.0.1 table webhosts { $www1 } table outoforder disable { $backupwww } relay reverse-proxy { listen on $relayd_addr port $relayd_reverse_port forward to webhosts port 80 mode loadbalance check http / host www.balius.com code 200 #forward to outoforder port 80 check http / code 200 } # relayd -vv -n -f /tmp/relay.test.conf configuration OK Did I do something wrong?
OT: good remote mgmt KVM switch
have dug about and not found any KVM switches that do either RDP or VNC that are reasonably priced. any suggestions on equipment of this sort would be appreciated. looking for stuff that works easily with openbsd packages, no java stuff if it can be helped. cheers, jake --
Sloppy states
On Tuesday 10 June 2008 20:40:02 you wrote: * Reyk Floeter [EMAIL PROTECTED] [2008-06-11 01:13]: CVSROOT:/cvs Module name:src Changes by: [EMAIL PROTECTED] 2008/06/10 17:12:36 Modified files: usr.sbin/relayd: pfe_filter.c relayd.conf.5 Log message: set the inactivity timeout of redirections to a shorter timeout of 600 seconds by default (pf's default is 86400s), they can be cranked with the session timeout directive and it is consistent to relay session timeouts. also remove the hack to modify the closing timeout because pf's sloppy state handling is taking care about half connection closing now. can you guess how much reyk was prodding me for the sloppy states? :) I'm looking around and don't quite get sloppy states. Looking at the code isn't quite helping. Anything else I can read? --STeve Andre'
Re: Sloppy states
I'm looking around and don't quite get sloppy states. Looking at the code isn't quite helping. Anything else I can read? --STeve Andre' I also would like some insight on , 1:) exactly what is sloppy states meant to do 2:) what are some specific instances where we should use sloppy states 3:) what is a case where it would be bad to use sloppy states. Sam Fourman Jr.
Re: Sloppy states
* Sam Fourman Jr. [EMAIL PROTECTED] [2008-06-11 04:41]: I also would like some insight on , 1:) exactly what is sloppy states meant to do 2:) what are some specific instances where we should use sloppy states that has just been explained. comes down to don't. 3:) what is a case where it would be bad to use sloppy states. pretty much any. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: Sloppy states
* STeve Andre' [EMAIL PROTECTED] [2008-06-11 04:34]: On Tuesday 10 June 2008 20:40:02 you wrote: * Reyk Floeter [EMAIL PROTECTED] [2008-06-11 01:13]: CVSROOT: /cvs Module name: src Changes by: [EMAIL PROTECTED] 2008/06/10 17:12:36 Modified files: usr.sbin/relayd: pfe_filter.c relayd.conf.5 Log message: set the inactivity timeout of redirections to a shorter timeout of 600 seconds by default (pf's default is 86400s), they can be cranked with the session timeout directive and it is consistent to relay session timeouts. also remove the hack to modify the closing timeout because pf's sloppy state handling is taking care about half connection closing now. can you guess how much reyk was prodding me for the sloppy states? :) I'm looking around and don't quite get sloppy states. Looking at the code isn't quite helping. Anything else I can read? like, pf.conf(5)? sloppy Uses a sloppy TCP connection tracker that does not check sequence numbers at all, which makes insertion and ICMP teardown attacks way easier. This is intended to be used in situations where one does not see all packets of a connection, e.g. in asymmetric routing situations. Cannot be used with modulate or synproxy state. comes down to do not use them. there are some very special circumstances where they make things possible that didn't work before, like relayd setups with that direct server return stuff (where you should run another pf box with real state tracking in front of the relayd box) or cases where you only see half of the connection, and there one stillhas to be very careful. anyone using sloppy statekeeping on regular firewalls deserves more than a spanking. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: Sloppy states
On Tuesday 10 June 2008 22:42:26 Henning Brauer wrote: [snip] I'm looking around and don't quite get sloppy states. Looking at the code isn't quite helping. Anything else I can read? like, pf.conf(5)? sloppy Uses a sloppy TCP connection tracker that does not check sequence numbers at all, which makes insertion and ICMP teardown attacks way easier. This is intended to be used in situations where one does not see all packets of a connection, e.g. in asymmetric routing situations. Cannot be used with modulate or synproxy state. comes down to do not use them. there are some very special circumstances where they make things possible that didn't work before, like relayd setups with that direct server return stuff (where you should run another pf box with real state tracking in front of the relayd box) or cases where you only see half of the connection, and there one stillhas to be very careful. anyone using sloppy statekeeping on regular firewalls deserves more than a spanking. Crud. I did not look there. Sorry for the noise, but perhaps you've warned some folks and they'll listen. --STeve Andre'
Development at the hackathon
Development is really fast right now, because of the hackathon in Edmonton. We are testing as much as we can before we commit, but as always during these hackathon processes we really depend on our user community -- to track our changes and help spot the occasional bug we accidentally introduce. We are developing really fast and hard; please help us by testing really fast and hard too. There are some snapshots being made, of course, but people who are familiar with checking out their own trees can really help us by building and running it immediately.