Re: Ral0, WPA2 and ASCII keys?
. ifconfig: wpapsk: bad pre-shared key length ral0: no link . sleeping ifconfig: wpa-psk blahrg SECRET: bad value I have found this in wpa-psk(1): The passphrase must be a sequence of between 8 and 63 ASCII-encoded characters. The length of the SSID must be between 1 and 32 octets. If the error message isn't just here because of the SECRET-placeholder, maybe you might want to check the lenght of your passphrase. My passphrase is only 16 characters long which should be within the limits. s//un -- Since love and fear can hardly exist together, if we must choose between them, it is far safer to be feared than loved. -Niccolo Machiavelli
Re: Letting FTP out through PF with a default block all
Andres Salazar wrote: ... based on that this is my PF config: ... set block-policy drop Something to consider regarding drop versus reject: http://www.chiark.greenend.org.uk/~peterb/network/drop-vs-reject Regards -Lars
Re: active ftp over IPv6 to OpenBSD's ftpd not working
On Tue, May 26, 2009 at 08:50:32PM +, Stuart Henderson wrote: On 2009-05-25, Maurice Janssen maur...@z74.net wrote: I have an FTP-server (running OpenBSD 4.5-stable) that is only reachable over IPv6. Passive FTP works fine, but active FTP doesn't seem to work. I run ftpd from rc.conf.local (-DAS6), not through inetd. This fixes it, but I'm not sure whether it's correct. Thanks for fixing it, Stuart. I hope someone can confirm that it's correct. If so, do you think this can be commited to 4.5-stable as well? Thanks. Maurice
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
Bob Beck wrote: * Chris Harries ch...@sharescope.co.uk [2009-05-26 10:48]: it sure beats everyone moaning at me as they cannot read e-mails clearly marked IMPORTANT, DO THIS OR YOUR E-MAIL WONT WORK, then moaning when their email doesn't work IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK We are refreshing our openbsd mailing lists to ensure that the list memberships correctly match our business process and security roles. In order to ensure your list memberships and email continue to work without interruption, please reply to this email with the following information: Name : ___ Email ID: Password: Thanks for helping to ensure the integrity of our email system. Pardon? I do not understand what is this for -- With best regards, Gregory Edigarov
HFSC AltQ
sys/altq/altq_hfsc.h set to support #define HFSC_MAX_CLASSES 64 what is the maximum value you can use there? kernel did compile with 1024, not sure yet will it work thou, what is the maximum value you have used ? would it be safe to use something like 2048? -- Georg Kahest ge...@viatel.ee ProGroup Holding
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
On Wed, May 27, 2009 at 10:29:10AM +0300, Gregory Edigarov wrote: Bob Beck wrote: * Chris Harries ch...@sharescope.co.uk [2009-05-26 10:48]: it sure beats everyone moaning at me as they cannot read e-mails clearly marked IMPORTANT, DO THIS OR YOUR E-MAIL WONT WORK, then moaning when their email doesn't work IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK We are refreshing our openbsd mailing lists to ensure that the list memberships correctly match our business process and security roles. In order to ensure your list memberships and email continue to work without interruption, please reply to this email with the following information: Name : ___ Email ID: Password: Thanks for helping to ensure the integrity of our email system. Pardon? I do not understand what is this for explanation will follow once you provide the neccesary provide of authentication. -Otto
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
On Wed, May 27, 2009 at 12:29 AM, Gregory Edigarov g...@bestnet.kharkov.ua wrote: Bob Beck wrote: * Chris Harries ch...@sharescope.co.uk [2009-05-26 10:48]: it sure beats everyone moaning at me as they cannot read e-mails clearly marked IMPORTANT, DO THIS OR YOUR E-MAIL WONT WORK, then moaning when their email doesn't work IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK We are refreshing our openbsd mailing lists to ensure that the list memberships correctly match our business process and security roles. In order to ensure your list memberships and email continue to work without interruption, please reply to this email with the following information: Name : ___ Email ID: Password: Thanks for helping to ensure the integrity of our email system. Pardon? I do not understand what is this for it is from another thread on this mailing list. --patrick
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
On Wed, May 27, 2009 at 09:43:18AM +0200, Otto Moerbeek wrote: On Wed, May 27, 2009 at 10:29:10AM +0300, Gregory Edigarov wrote: Bob Beck wrote: * Chris Harries ch...@sharescope.co.uk [2009-05-26 10:48]: it sure beats everyone moaning at me as they cannot read e-mails clearly marked IMPORTANT, DO THIS OR YOUR E-MAIL WONT WORK, then moaning when their email doesn't work IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK We are refreshing our openbsd mailing lists to ensure that the list memberships correctly match our business process and security roles. In order to ensure your list memberships and email continue to work without interruption, please reply to this email with the following information: Name : ___ Email ID: Password: Thanks for helping to ensure the integrity of our email system. Pardon? I do not understand what is this for explanation will follow once you provide the neccesary provide of ehhh s/provide/proof authentication. -Otto
Re: pf, altq, packet rate
* irix i...@ukr.net [2009-05-27 06:14]: May be someone better to write in a kind of pseudo device ifb may be someone better to do my laundry -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
On Wed, May 27, 2009 at 1:01 AM, Otto Moerbeek o...@drijf.net wrote: On Wed, May 27, 2009 at 09:43:18AM +0200, Otto Moerbeek wrote: On Wed, May 27, 2009 at 10:29:10AM +0300, Gregory Edigarov wrote: Bob Beck wrote: * Chris Harries ch...@sharescope.co.uk [2009-05-26 10:48]: it sure beats everyone moaning at me as they cannot read e-mails clearly marked IMPORTANT, DO THIS OR YOUR E-MAIL WONT WORK, then moaning when their email doesn't work IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK We are refreshing our openbsd mailing lists to ensure that the list memberships correctly match our business process and security roles. In order to ensure your list memberships and email continue to work without interruption, please reply to this email with the following information: Name : ___ Email ID: Password: Thanks for helping to ensure the integrity of our email system. Pardon? I do not understand what is this for explanation will follow once you provide the neccesary provide of ehhh s/provide/proof huh? sed: 1: s/provide/proof: unterminated substitute in regular expression besides, that makes for: explanation will follow once you proof the neccesary provide of ^ --patrick authentication. B B B -Otto
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
On Wed, May 27, 2009 at 01:13:26AM -0700, patrick keshishian wrote: explanation will follow once you provide the neccesary provide of ehhh s/provide/proof huh? sed: 1: s/provide/proof: unterminated substitute in regular expression who said I was using sed? vi allows that. besides, that makes for: explanation will follow once you proof the neccesary provide of that's because i had to little coffee. I'll shut up now. -Otto
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
On 27 May 2009, at 10:01, Otto Moerbeek wrote: On Wed, May 27, 2009 at 09:43:18AM +0200, Otto Moerbeek wrote: On Wed, May 27, 2009 at 10:29:10AM +0300, Gregory Edigarov wrote: Bob Beck wrote: * Chris Harries ch...@sharescope.co.uk [2009-05-26 10:48]: it sure beats everyone moaning at me as they cannot read e-mails clearly marked IMPORTANT, DO THIS OR YOUR E-MAIL WONT WORK, then moaning when their email doesn't work IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK We are refreshing our openbsd mailing lists to ensure that the list memberships correctly match our business process and security roles. In order to ensure your list memberships and email continue to work without interruption, please reply to this email with the following information: Name : ___ Email ID: Password: Thanks for helping to ensure the integrity of our email system. Pardon? I do not understand what is this for explanation will follow once you provide the neccesary provide of ehhh s/provide/proof authentication. -Otto I seriously thought you'd done the typo deliberately to mimic the poor english typically found in such fraud emails. LoL. /Pete
Re: pf, altq, packet rate
2009/5/27, Henning Brauer lists-open...@bsws.de: may be someone better to do my laundry you mean you don't have a laundromat yet?
Re: OpenBSD router stops functioning but still send CARP advertisements
Le 27/05/2009 01:52, Samiuela LV Taufa a icrit : Simon Morvan wrote the following on 27/05/2009 2:28 AM:Hello all, I've set up two OpenBSD boxes to act as redundant firewalls in front of our network and I experience a strange behavior : After a couple of hours/days one of the box stop functioning properly : no ping, no more SSH access but I still capture CARP avertisement on the network segments (when it occurs on the master). As a result, when it happens on the master, the slave does not take over. When it happens on the slave, the switch sees intermittently the virtual CARP mac on the slave port so it disturb the master routing operations. When I hook up a screen on the machine, I get back the login screen but everything is frozen. I really don't know where I should start looking at to troubleshoot the issue. Here's the dmesg, the two boxes are identical. I do VLAN routing on em0 and pfsync on re0 (@ 100BaseFD to be sure there's no issue with the re(4) driver) : OpenBSD 4.5 (GENERIC) #1749: Sat Feb 28 14:51:18 MST 2009 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC RTC BIOS diagnostic error 80clock_battery cpu0: Intel(R) Atom(TM) CPU 330 @ 1.60GHz (GenuineIntel 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CX16,xTPR real mem = 213588 (2036MB) avail mem = 2056806400 (1961MB) RTC BIOS diagnostic error 80clock_battery mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/31/08, SMBIOS rev. 2.4 @ 0xe3590 (23 entries) bios0: vendor Intel Corp. version LF94510J.86A.0140.2008.1231.0012 date 12/31/2008 bios0: Intel Corporation D945GCLF2 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC WDDT MCFG ASF! acpi0: wakeup devices SLPB(S4) P32_(S4) UAR1(S4) UAR2(S4) PEX0(S4) PEX1(S4) PEX2(S4) PEX3(S4) PEX4(S4) PEX5(S4) UHC1(S3) UHC2(S3) UHC3(S3) UHC4(S3) EHCI(S3) AC9M(S4) AZAL(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 134MHz cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 4 (P32_) acpiprt2 at acpi0: bus 1 (PEX0) acpiprt3 at acpi0: bus -1 (PEX1) acpiprt4 at acpi0: bus 2 (PEX2) acpiprt5 at acpi0: bus 3 (PEX3) acpiprt6 at acpi0: bus -1 (PEX4) acpiprt7 at acpi0: bus -1 (PEX5) acpicpu0 at acpi0 acpibtn0 at acpi0: SLPB bios0: ROM list: 0xc/0xae00! 0xcb000/0x1000 0xcc000/0x1000 pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82945G Host rev 0x02 vga1 at pci0 dev 2 function 0 Intel 82945G Video rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0x8000, size 0x1000 inteldrm0 at vga1: apic 2 int 16 (irq 11) drm0 at inteldrm0 azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x01: apic 2 int 22 (irq 9) azalia0: codecs: Realtek ALC662 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01: apic 2 int 17 (irq 255) pci1 at ppb0 bus 1 re0 at pci1 dev 0 function 0 Realtek 8168 rev 0x02: RTL8168C/8111C (0x3c00), apic 2 int 16 (irq 11), address 00:1c:c0:c3:40:fa rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2 ppb1 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x01: apic 2 int 18 (irq 255) pci2 at ppb1 bus 2 ppb2 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x01: apic 2 int 19 (irq 255) pci3 at ppb2 bus 3 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: apic 2 int 23 (irq 10) uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: apic 2 int 19 (irq 11) uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: apic 2 int 18 (irq 9) uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: apic 2 int 16 (irq 11) ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: apic 2 int 23 (irq 10) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb3 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xe1 pci4 at ppb3 bus 4 em0 at pci4 dev 0 function 0 Intel PRO/1000GT (82541GI) rev 0x05: apic 2 int 21 (irq 10), address 00:1b:21:38:77:25 ichpcib0 at pci0 dev 31 function 0 Intel 82801GB LPC rev 0x01: PM disabled pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide0: channel 0 disabled (no drives) pciide0: channel 1 ignored (disabled) pciide1 at pci0 dev 31 function 2 Intel 82801GB SATA rev 0x01: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using apic 2 int 19 (irq 11) for native-PCI interrupt wd0 at pciide1 channel 0 drive 0:TS32GSSD25S-M wd0: 1-sector
Re: OpenNTPD warning
On Friday 22 May 2009 18:05:16 Jordi Espasa wrote: Looks like you do not think at all. The reason was told to you, and you didn't ever tried to do something. You prefer to think instead of doing, aren't you? I've fixed the commented conf error already, but it seems that the FIRST warning I've commented in my INITIAL post is not related to this configuration mistake. Looks like do you not read at all. Check the complete thread and think some seconds about your impoliteness. And.. speaking about doing something Then you should try and say so. I think that... means that you want someone do your work for you. ?do you provide a public NTP server in your country? Yes. ?do you provide a public OpenBSD mirror in your country? Not yet, it's on the way. Shame on you. As you wish, I don't care. -- Best wishes, Vadim Zhukov A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail?
Re: OpenBSD router stops functioning but still send CARP advertisements
I'd rather run pfsync in its own vlan than over a realtek card. It's probably not any slower (what could be slower than a realtek...) and it's not really any less reliable (what use is pfsync if your business network goes down?)
Re: OpenBSD router stops functioning but still send CARP advertisements
* Jussi Peltola pe...@pelzi.net [2009-05-27 12:11]: I'd rather run pfsync in its own vlan than over a realtek card. It's probably not any slower (what could be slower than a realtek...) and it's not really any less reliable (what use is pfsync if your business network goes down?) oh cut the crap. re(4) cards are ok. I would not exactly run my performance critical core routers on them, but that is not their purpose. re is not rl. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: OpenBSD router stops functioning but still send CARP advertisements
Le 27/05/2009 12:08, Jussi Peltola a icrit : I'd rather run pfsync in its own vlan than over a realtek card. It's probably not any slower (what could be slower than a realtek...) and it's not really any less reliable (what use is pfsync if your business network goes down?) I tought I'd better run pfsync over a direct connection rather that through the switches. In case of failure of a switch, the sync has a chance to be complete and the failover cleaner, but maybe I'm wrong...
Re: QEMU, tun, and tap.
2009/5/27 Christopher J. Gibbons cgibb...@dragonfire.dyndns.org: I found this in the README.OpenBSD for QEMU to be most helpful when doing a similar sort of thing (plus you get the bonus of not having to run QEMU as root): $ sudo sh -c sudo -u $USER qemu -nographic -net nic -net tap,fd=3 \ B B B B B B -no-fd-bootchk -hda virtual.img 3/dev/tun0 B B B B B B B B B B B B B B B B B B B B B B B B ^ Make that your tunX device. Tried and worked like a charm!! :D README.OpenBSD for QEMU have changed a lot, 4.3 here was a lot shorter and didn't have anything like that, I guess I should upgrade soon!! Thanks for the tip!! :D
Re: binding services on carp
On Tue, 2009-05-26 at 16:18 -0400, uday wrote: Hey guys, A quick question, is there a way to bind services to the carp interface ? You see I have an ftp-proxy running and I wanted to use carp since I'm already doing fail-over with PF. FTP client -- Redundant Firewall w/ftp-proxy -- Internal FTP-SERVER man ftp-proxy, see -a flag.
OpenBSD and Realtek rtl8187: 8187B wireless chipset
Hello list, Are there any plans to support the realtek rtl8187: 8187B wireless chipset? Is it available in -current? thanks -- John
Re: OpenBSD and Realtek rtl8187: 8187B wireless chipset
From owner-misc+m85945=martynas=altroot@openbsd.org Wed May 27 15:35:42 2009 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=RA6cQajsF2p3OE8CRfq2htuu0VNFsPsNnjBm5yZrWlU=; b=Jo1v5KC2mrwmcwnk1Mcw6mBBFuWF6Xc3eUdvnA+q4NWlyuqgjOPS+CQIPuvwppkoro nGIBf3++IgFyhHbQ1bYQp6CHrUxFn52n9zRE//Hars43Q+SzlOMzQQN8tzTSX31ttj0A acE1t2G809VL7gYzFRrteE7CiB06VkTDDIbKY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=Qs1f494Ddrz3q3yaPHwgRvLdOAmj6WYGAtLvFaC9tnl4aPBCg5FaxCLhMYFgpZd4JD 2RGpc4m8fJttEn8kBAE7mLkjjx/0CKMLvbKkyLW60FmGnxzma3dmPHSUdS+CdNOzmOuW D17rS6/v0zQE9wAOxtuvJ1MZQQmQ7p23VQa8E= MIME-Version: 1.0 Subject: OpenBSD and Realtek rtl8187: 8187B wireless chipset From: John . comp.j...@googlemail.com To: misc@openbsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Loop: misc@openbsd.org Precedence: list Sender: owner-m...@openbsd.org Hello list, Are there any plans to support the realtek rtl8187: 8187B wireless chipset? Is it available in -current? yup; i am writing this email from one. ;-) got it working couple of months ago but was slac^H^H^H^Hbusy and did not clean it up yet; which one do you have? usbdevs -v?
Re: spamd question
On Fri, 2009-05-22 at 15:53 -0400, Jim Razmus wrote: beck@ created the greyscanner Perl script to address the issues you've highlighted. It does deeper inspection of grey listed senders before they are white listed. It validates the DNS setup of the sending server, the validity of the recipient address, and more. You can add your own checks to it as well. I find it an effective addition to spamd. http://www.ualberta.ca/~beck/greyscanner/ And remember to populate spamd.alloweddomains with all accounts you really have on your backend.
Re: OpenBSD router stops functioning but still send CARP advertisements
Simon Morvan gar...@zone84.net wrote: After a couple of hours/days one of the box stop functioning properly : no ping, no more SSH access but I still capture CARP avertisement on the network segments (when it occurs on the master). As a result, when it happens on the master, the slave does not take over. A few ideas... Do you have any different hardware you can try instead to rule out some incompatibility with the machines? Have you checked for BIOS updates etc that might help? Can you break into DDB when this happens? (You'll need to set ddb.console=1 in sysctl.conf and reboot if it's not already set). If you can, trace/ps might be useful. If not it's a useful data point. (make sure you can trigger it correctly while the system is running normally; ctrl+alt+esc on glass console, or BREAK on serial console; then you can 'c'ontinue). Le 27/05/2009 12:08, Jussi Peltola a icrit : I'd rather run pfsync in its own vlan than over a realtek card. It's probably not any slower (what could be slower than a realtek...) and Plenty of 100Mb only cards are slower than a realtek. re(4) here is good for about 550Mb/s of large packets (via tcpbench on a Core2 system), or about 50Mb/s of small-ish datagrams before it starts dropping too many on the floor. it's not really any less reliable (what use is pfsync if your business network goes down?) I tought I'd better run pfsync over a direct connection rather that through the switches. In case of failure of a switch, the sync has a chance to be complete and the failover cleaner, but maybe I'm wrong... If your firewalls are connected to different switches, that does make sense (unless your CPUs are saturated, in which case em(4) might indeed be a bit better).
Re: pf, altq, packet rate
On 2009-05-27, irix i...@ukr.net wrote: Hello Misc, Or may be remove from altq distinguish incoming traffic or outgoing. What could box up to the queue as incoming and outgoing. since queueing only happens at output, that's going to be totally useless. it's not just a question of how altq distinguishes traffic, you're asking to totally change how altq works. if you have some requirement for features that altq+pf doesn't have at the moment, you have a few choices: - use different software that already does what you want. - pay someone to code the features. - code the features yourself. (if you don't code, this will require learning how to do that first, obviously). but, unless you want to use altq on a server (rather than a router), there isn't really a problem with the queuing happening only on output. just give the queues on both interfaces the same name, then you can assign in both directions with a single rule. stupid example ruleset. not actually tested, but I have others like it, and it should be enough to give you the general idea. -- -- -- -- -- altq on bge0 cbq bandwidth 4000Kb queue { normal, slow, fast } altq on vlan5 cbq bandwidth 2Kb queue { normal, slow, fast } altq on vlan9 cbq bandwidth 1000Kb queue { normal, slow, fast } queue normal bandwidth 40% priority 4 cbq(default borrow) queue slow bandwidth 10% priority 1 queue fast bandwidth 50% priority 7 pass pass in proto icmp queue (slow) pass in proto tcp to port 22 queue (fast) -- -- -- -- -- (I think some people just look at a couple of example configs which use different queue names on interfaces and assume that it's necessary, but it isn't).
Re: OpenBSD and Realtek rtl8187: 8187B wireless chipset
yup; i am writing this email from one. ;-) got it working couple of months ago but was slac^H^H^H^Hbusy and did not clean it up yet; which one do you have? usbdevs -v? oh wow that's great news! I don't have openbsd installed on (the machine) yet - lack of support for this device was a show-stopper as it is a laptop. Linux shows this in the dmesg: [ 105.708047] rtl8187: Invalid hwaddr! Using randomly generated MAC address [ 214.908048] rtl8187: 8187B chip detected. Support is EXPERIMENTAL, and could damage your [ 214.908050] hardware, use at your own risk [ 214.909768] phy0: Selected rate control algorithm 'pid' [ 218.447469] phy0: hwaddr 6e:72:7b:10:73:c6, RTL8187BvB V1 + rtl8225z2 [ 218.447515] usbcore: registered new interface driver rtl8187 (rest of dmesg is at http://www.growveg.org/laptop/kubuntu/kubuntu-8_dmesg.txt) I managed to get it actually working under ubuntu-9.04 but have no lspci output for it yet. the last time I tried freebsd-current back in November, I got: no...@pci0:4:0:0: class=0x02 card=0xff501179 chip=0x436c11ab rev=0x16 hdr=0x00 vendor = 'Marvell Semiconductor (Was: Galileo Technology Ltd)' class = network subclass = ethernet cap 01[48] = powerspec 3 supports D0 D1 D2 D3 current D0 cap 05[5c] = MSI supports 1 message, 64 bit cap 10[c0] = PCI-Express 2 legacy endpoint I need to install the latest openbsd now. Can you post your usbdevs -v ifconfig -a and relevant bit of dmesg? I'll be really interested in seeing those. What's performance like? My laptop is a toshiba satellite A300 -- John
Re: OpenBSD and Realtek rtl8187: 8187B wireless chipset
2009/5/27, Martynas Venckus marty...@altroot.org: snip From: John . comp.j...@googlemail.com snip Hello list, Are there any plans to support the realtek rtl8187: 8187B wireless chipset? Is it available in -current? yup; i am writing this email from one. ;-) got it working couple of months ago but was slac^H^H^H^Hbusy and did not clean it up yet; which one do you have? usbdevs -v? I don't have an OpenBSD cd or partition at hand for that machine so I'm sorry I can't give you the output of 'usbdevs -v'. If desired I will produce that for you later. The ID of my card is, according to Linux's lsusb: ID 0bda:8197 Realtek Semiconductor Corp. RTL8187B Wireless Adapter. Can you confirm this specific instance of this card to (at least partly) work.
Re: OpenBSD router stops functioning but still send CARP advertisements
Le 27/05/2009 15:38, Stuart Henderson a icrit : I tought I'd better run pfsync over a direct connection rather that through the switches. In case of failure of a switch, the sync has a chance to be complete and the failover cleaner, but maybe I'm wrong... If your firewalls are connected to different switches, that does make sense (unless your CPUs are saturated, in which case em(4) might indeed be a bit better). Does the pfsync traffic lead to CPU overload before the business traffic do ?
Re: OpenBSD router stops functioning but still send CARP advertisements
On 2009/05/27 16:09, Simon Morvan wrote: Le 27/05/2009 15:38, Stuart Henderson a icrit : I tought I'd better run pfsync over a direct connection rather that through the switches. In case of failure of a switch, the sync has a chance to be complete and the failover cleaner, but maybe I'm wrong... If your firewalls are connected to different switches, that does make sense (unless your CPUs are saturated, in which case em(4) might indeed be a bit better). Does the pfsync traffic lead to CPU overload before the business traffic do ? I think that would depend on the specific interfaces and the traffic characteristics. In your case, since you're limiting pfsync to 100 Mb/s by hardcoding the port speed, I don't think you'll max out the cpu with pfsync traffic even on an Atom.
Re: OpenBSD and Realtek rtl8187: 8187B wireless chipset
2009/5/27 Nido n...@foxserver.be: 2009/5/27, Martynas Venckus marty...@altroot.org: snip From: John . comp.j...@googlemail.com snip Hello list, Are there any plans to support the realtek rtl8187: 8187B wireless chipset? Is it available in -current? yup; i am writing this email from one. ;-) got it working couple of months ago but was slac^H^H^H^Hbusy and did not clean it up yet; which one do you have? usbdevs -v? I don't have an OpenBSD cd or partition at hand for that machine so I'm sorry I can't give you the output of 'usbdevs -v'. If desired I will produce that for you later. The ID of my card is, according to Linux's lsusb: ID 0bda:8197 Realtek Semiconductor Corp. RTL8187B Wireless Adapter. Can you confirm this specific instance of this card to (at least partly) work. Hello, Yes I will do as soon as i get home (about 3 hrs from now). Many thanks! -- John
Re: OpenBSD and Realtek rtl8187: 8187B wireless chipset
From owner-misc+m85949=martynas=altroot@openbsd.org Wed May 27 16:51:34 2009 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=wBO6VgpS2nKToOqkxdaMJ8I8QInHw7IeusTsef/Ja34=; b=rCCZOZ78kxyFMGM56KdPtbUY3dS3dTT7qZvjDDbC0YY8RdJfgttQGTlKB4g3Y4yLhO t769DcCdn6O9vy+wbK4BXkIApo+5mEzmKQST6D4BnsVXPAyQBWgHy9UveSMExNGoC24y EMmgKLdzzL4BpFWxVUmMnVhVISS3+plDkvlts= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=JIKDlvlm5j3rts8gGV/6XekNkDz6BHJCPa24SCrsGcnVxKyKu/Jc3NnoNbqBVqA3j7 GD2xrFJ1mxwvs2CJ7kzEPe0puK/9XOt/rz+xHgDhwyxfDHPfhF3WBIKyi428jv37f+vK wUejlZIu/ykvd+QqfLJ3IedTTrSFyKjOJIeE4= MIME-Version: 1.0 References: 200905271303.n4rd3gvw031...@landisk.altroot.org abc784790905270644y3689d358ib5096052948d5...@mail.gmail.com Subject: Re: OpenBSD and Realtek rtl8187: 8187B wireless chipset From: John . comp.j...@googlemail.com To: misc@openbsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Loop: misc@openbsd.org Precedence: list Sender: owner-m...@openbsd.org yup; i am writing this email from one. ;-) got it working couple of months ago but was slac^H^H^H^Hbusy and did not clean it up yet; which one do you have? usbdevs -v? oh wow that's great news! I don't have openbsd installed on (the machine) yet - lack of support for this device was a show-stopper as it is a laptop. Linux shows this in the dmesg: [ 105.708047] rtl8187: Invalid hwaddr! Using randomly generated MAC address [ 214.908048] rtl8187: 8187B chip detected. Support is EXPERIMENTAL, and could damage your [ 214.908050] hardware, use at your own risk [ 214.909768] phy0: Selected rate control algorithm 'pid' [ 218.447469] phy0: hwaddr 6e:72:7b:10:73:c6, RTL8187BvB V1 + rtl8225z2 [ 218.447515] usbcore: registered new interface driver rtl8187 (rest of dmesg is at http://www.growveg.org/laptop/kubuntu/kubuntu-8_dmesg.txt) I managed to get it actually working under ubuntu-9.04 but have no lspci output for it yet. the last time I tried freebsd-current back in November, I got: no...@pci0:4:0:0: class=0x02 card=0xff501179 chip=0x436c11ab rev=0x16 hdr=0x00 vendor = 'Marvell Semiconductor (Was: Galileo Technology Ltd)' class = network subclass = ethernet cap 01[48] = powerspec 3 supports D0 D1 D2 D3 current D0 cap 05[5c] = MSI supports 1 message, 64 bit cap 10[c0] = PCI-Express 2 legacy endpoint I need to install the latest openbsd now. Can you post your usbdevs -v port 6 addr 2: high speed, power 100 mA, unconfigured, WG111v3(0x4260), BayNETG EAR(0x0846), rev 2.00, iSerialNumber 001B2F32CAA0 ifconfig -a urtw0: flags=8a43UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST mtu 1500 lladdr 00:1b:2f:32:ca:a0 priority: 0 groups: wlan media: IEEE802.11 autoselect (DS1 mode 11g) status: active ieee80211: nwid chan 1 bssid 00:15:e9:f7:5a:9e 143dB 100dBm inet 192.168.2.22 netmask 0xff00 broadcast 192.168.2.255 inet6 fe80::21b:2fff:fe32:caa0%urtw0 prefixlen 64 scopeid 0x4 and relevant bit of dmesg? urtw0 at uhub0 port 5 BayNETGEAR WG111v3 rev 2.00/2.00 addr 2 urtw0: RTL8187B rev. E, address 00:1b:2f:32:ca:a0 I'll be really interested in seeing those. What's performance like? it is oki My laptop is a toshiba satellite A300
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
* Chris Harries ch...@sharescope.co.uk [2009-05-26 10:48]: it sure beats everyone moaning at me as they cannot read e-mails clearly marked IMPORTANT, DO THIS OR YOUR E-MAIL WONT WORK, then moaning when their email doesn't work Bob Beck wrote: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK We are refreshing our openbsd mailing lists to ensure that the list memberships correctly match our business process and security roles. In order to ensure your list memberships and email continue to work without interruption, please reply to this email with the following information: Name : ___ Email ID: Password: Thanks for helping to ensure the integrity of our email system. 2009/5/27 Gregory Edigarov g...@bestnet.kharkov.ua: Pardon? I do not understand what is this for -- With best regards, Gregory Edigarov joke accessory=can-opener Original thread: http://marc.info/?t=12428629293r=1w=2 Message that Bob replied to, starting a new thread (at least as far as Gmail is concerned): http://marc.info/?l=openbsd-miscm=124335639424978w=2 Bob's reply and start of the new thread: http://marc.info/?l=openbsd-miscm=124335717826716w=2 New and current thread: http://marc.info/?t=12433572768r=1w=2 Fair enough? /joke regards, --ropers
Re: Get Top 10 Search Engine Ranking at Low Cost
snip spam email 2009/5/27 Anton Parol anton.pa...@sun.com: How does one take advantage of such a good offer, when theres no URL? The spammer almost certainly did include a URL in his HTML-format email, but misc's MTA piped the message through demime, and demime's conversion of the HTML message to plain text removed those clickable links the spammer probably counted on. Evidence of this is in the email headers of the spam message: X-Converted-To-Plain-Text: from multipart/alternative by demime 1.01d X-Converted-To-Plain-Text: Alternative section used was text/plain regards, --ropers
8 526 Case per le vacanze, Appartamenti per le vacanze, Hotel
Ferienunterkunft vacation rentals worldwide * secondcasa.com * vacation rentals worldwide * Reuchlinstrasse 23 * 72800 Eningen unter Achalm * Germania * Telefono/Telefax +49 (0)7123 2846889/2846892 * E-Mail i...@secondcasa.com * Greece Gentili signore ed egregi signori, e con piacere che vi presentiamo personalmente secondcasa, il portale per le vacanze unico nel suo genere, ed e con altrettanto piacere che saremmo lieti di darvi il nostro caloroso benvenuto come nuovo inserzionista secondcasa e una piattaforma plurilingue in funzione di intermediario per alloggi di villeggiatura. Se avete altri quesiti il nostro servizio assistenza e a vostra completa disposizione per rispondervi. * Traduzione automatica del vostro annuncio in 20 lingue * Elaborazione sicura e facile gestione degli affitti per le vacanze * Sviluppo sicuro delle richieste di prenotazione * Organizzazione online dell'anagrafica clienti * Ed inoltre avrete a disposizione un sito Internet aggiornabile e dotato di un libro degli ospiti * Statistiche e newsletter * Presentazione dettagliata dei vostri immobili compreso il piano delle prenotazioni e la galleria fotografica * Oltre 8.500 alloggi di villeggiatura in 92 paesi * 949.000 ospiti al mese Approfittate di questa occasione e registratevi oggi stesso: Maggiori informazioni / secondcasa.com ; Distinti saluti, Maik Schmidt Mallorca Toscana New York If you wish to unsubscribe from the Publisher Email Notifications, simply click on this unsubscribe-link.
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
joke accessory=can-opener Original thread: http://marc.info/?t=12428629293r=1w=2 Message that Bob replied to, starting a new thread (at least as far as Gmail is concerned): The in-reply-to header was correct, just because the subject line changes doesn't make it a new thread. Mutt seems to understand it's the same thread just fine. So Gmail doesn't get it right eh? Here's a nickel kid - Get yourself a real email address. http://marc.info/?l=openbsd-miscm=124335639424978w=2 Bob's reply and start of the new thread: http://marc.info/?l=openbsd-miscm=124335717826716w=2 New and current thread: http://marc.info/?t=12433572768r=1w=2 Fair enough? /joke regards, --ropers
[no subject]
Hi this is bob. really. I can haz Ur Passwordz plz? ohai, and Ur bank accountz and sinz too?
Re: pf, altq, packet rate
Hello Misc, since queueing only happens at output, that's going to be totally useless. it's not just a question of how altq distinguishes traffic, you're asking to totally change how altq works. Okey, i see. But I can not understand why you are sure that traffic can only outlet Shape , You can say that's silly to try to Shape traffic that came, but if it works it's worse than outgoing (if only for tcp) it is not stupid ? Assume that you are right and the traffic can Shape only outlet for what purpose then in other projects (freebsd, linux, netbsd) including the original altqd opportunity for shaping incoming traffic via CDNR has been included? This is not the presentation of claims or something else, I want to understand why you uperlis and do not want to see nothing else. if you have some requirement for features that altq+pf doesn't have at the moment, you have a few choices: - use different software that already does what you want. - pay someone to code the features. - code the features yourself. (if you don't code, this will require learning how to do that first, obviously). I did. But it pains me to see the obvious defects in my favorite system, and complete indifference on the part of developers to the obvious defects. but, unless you want to use altq on a server (rather than a router), there isn't really a problem with the queuing happening only on output. just give the queues on both interfaces the same name, then you can assign in both directions with a single rule. stupid example ruleset. not actually tested, but I have others like it, and it should be enough to give you the general idea. -- -- -- -- -- altq on bge0 cbq bandwidth 4000Kb queue { normal, slow, fast } altq on vlan5 cbq bandwidth 2Kb queue { normal, slow, fast } altq on vlan9 cbq bandwidth 1000Kb queue { normal, slow, fast } queue normal bandwidth 40% priority 4 cbq(default borrow) queue slow bandwidth 10% priority 1 queue fast bandwidth 50% priority 7 pass pass in proto icmp queue (slow) pass in proto tcp to port 22 queue (fast) -- -- -- -- -- (I think some people just look at a couple of example configs which use different queue names on interfaces and assume that it's necessary, but it isn't). Thanks, for this example. I did not know this. But under dynamic queues, I understand, the creation of a large number of dynamic patterns. For example creates template for the queue with an indication of the speed such as 512Kbit / s, and then creates template for the filter of which you can specify a subnet like 192.168.1.0/24 and this pattern break this subnet to the desired number of rules in this case, to 254, and under each This rule will create a dynamic part of the dynamic pattern of 512Kbit / s for each rule. -- Best regards, irix mailto:i...@ukr.net
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
That's not *just* funny...it makes my sides hurt. To others thinking about responding: Check the OP's email address. Note that it doesn't end with openbsd.org or similar. Oh please. like the address coming from openbsd.org matters... It's *email*... $ dig openbsd.org mx ; DiG 9.4.2-P2 openbsd.org mx ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 65183 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 8, ADDITIONAL: 9 ;; QUESTION SECTION: ;openbsd.org. IN MX ;; ANSWER SECTION: openbsd.org.50966 IN MX 6 shear.ucar.edu. openbsd.org.50966 IN MX 10 cvs.openbsd.org. $ hostname big.evil.nobob.org $ telnet shear.ucar.edu 25 Trying 192.43.244.163... Connected to shear.ucar.edu. Escape character is '^]'. 220 openbsd.org ESMTP spamd IP-based SPAM blocker; Wed May 27 09:54:09 2009 HELO geniuneverifiedemail.openbsd.org 250 shear.ucar.edu Hello big.evil.notbob.org [129.128.11.10], pleased to meet you MAIL FROM:b...@openbsd.org 250 2.1.0 b...@openbsd.org... Sender ok RCPT TO:misc@openbsd.org 250 2.1.5 misc@openbsd.org... Recipient ok DATA 354 Enter mail, end with . on a line by itself From: Bob Beck Via Secure Email b...@openbsd.org To: misc@openbsd.org X-Security-Verified: Trusted Email. Always Watch for this Hi this is bob. really. I can haz Ur Passwordz plz? ohai, and Ur bank accountz and sinz too? . 250 2.0.0 n4RFs9K8004500 Message accepted for delivery QUIT 221 2.0.0 shear.ucar.edu closing connection Connection closed by foreign host. $ Kids these days. -Bob
Re:
Hi this is bob. really. I can haz Ur Passwordz plz? ohai, and Ur bank accountz and sinz too? Hi sure why not. Here are mine: Username: lowboot Password: oten Bank Account: xxx-007
Re:
On 27 May 2009, at 16:54, Bob Beck Via Secure Email wrote: Hi this is bob. really. I can haz Ur Passwordz plz? Yes, my passwords are: god, sex and please. ohai, and Ur bank accountz and sinz too? Account no. 7337h4x0r5, my SIN is one of omission. I'm trusting you with these so don't do anything stupid like post them on a mailing list or something. -- Being drunk is feeling sophisticated without being able to say it. http://www.playr.co.uk/
4.5 on Thinkpad 600x issue
I'm an experienced hand with Linux (Gentoo, more recently Arch) and with FreeBSD. I've recently become interested in OpenBSD and have just done a test install of 4.5 on an old Thinkpad 600x (650 mhz, .5 Gb, 20 Gb 5400 rpm disk, 3com Megahertz pcmcia ethernet adapter) for purposes of evaluation. Using the system to download and install packages and doing general setup tasks, it behaves normally, no problems. But today, I am attempting to rsync (I've arranged for the rsync daemon to be started at boot time) the contents of my home directory from a FreeBSD system (something I do all the time with other targets, for backup purposes, and to allow me to use different machines as appropriate). I've twice had the rsync fail, with the client complaining that it could not write to its output pipe. The OpenBSD system was sitting at its login prompt, and attempting to login proved impossible. Characters got echoed extremely slowly, if at all, and when they did, they got echoed multiple times. I could not ping the system, though it was up, but obviously in distress. As an a very experienced systems programmer (though I haven't done any OS-level work in years), I'd offer the guess, and its only a guess, that the system was being flooded with interrupts. Unable to ssh in, I finally just turned the power off and rebooted. After the fscks, the system came up normally. I checked /var/log/message and found nothing unusual. I resumed the rsync and ran into the same problem again after a relatively short time. I am now on my third attempt, this time running 'top' on the OpenBSD machine, and in the spirit of Heisenberg, the rsync is proceeding normally, almost finished. I normally run Arch Linux on this machine (different disk) and have had no problems with it (I did the same rsync from the same source machine uneventfully), so I'm not too inclined to suspect the hardware, old as it is, except perhaps the disk, which is different hardware than when I run Linux. Here's my question: should I be able to provoke this problem again, can the collective you suggest things I should be doing, log files I ought to be looking at, perhaps running with a kernel debugger available, etc., to have a chance of debugging this problem? It's possible that this old machine or the disk that's been gathering dust for some time has decided to malfunction. But since I'm evaluating OpenBSD, I'd like to either exonerate it or confirm that it's a bug in the system. Any help would be appreciated. /Don Allen
Re: 4.5 works on ALIX.1C - power management options?
Jan Stary [h...@stare.cz] wrote: Does disabling the unused devices (audio, lpt, ...) make any difference in power consumption? GENERIC doesn't mention any acpi* so I guess I need to use APM. Given that there is no hw.setperf, what are my options? What, 1 watt usage from that CPU is too much? If you want to save power, stop using hard drives... Each one uses many multiples of the power that the CPU uses at max load. sd1 at scsibus1 targ 1 lun 0: SAMSUNG, HM251JJ, SCSI2 0/direct fixed sd1: 238475MB, 512 bytes/sec, 488397168 sec total sd1 detached scsibus1 detached umass1 detached umass1 at uhub0 port 4 configuration 1 interface 0 Prolific Technology Inc. Mass Storage Device rev 2.00/1.00 addr 3 umass1: using SCSI over Bulk-Only scsibus1 at umass1: 2 targets, initiator 0 sd1 at scsibus1 targ 1 lun 0: ST980815, A, 3.AL SCSI0 0/direct fixed sd1: 76319MB, 512 bytes/sec, 156301488 sec total
Re:
You laugh, but I actually had a senior manager (of HR no less) whose passwords were sex, sexygirl and various permutations of that. On a post it in her drawer (and no, I will not be drawn into a discussion of the possible meanings of drawer in the .us vs .uk versions). On 5/27/09, Gaby Vanhegan g...@vanhegan.net wrote: On 27 May 2009, at 16:54, Bob Beck Via Secure Email wrote: Hi this is bob. really. I can haz Ur Passwordz plz? Yes, my passwords are: god, sex and please. ohai, and Ur bank accountz and sinz too? Account no. 7337h4x0r5, my SIN is one of omission. I'm trusting you with these so don't do anything stupid like post them on a mailing list or something. -- Being drunk is feeling sophisticated without being able to say it. http://www.playr.co.uk/ -- Sent from my mobile device http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk This officer's men seem to follow him merely out of idle curiosity. -- Sandhurst officer cadet evaluation. Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted. -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0feature=related
Re:
On 27 May 2009, at 17:38, bofh wrote: On a post it in her drawer (and no, I will not be drawn into a discussion of the possible meanings of drawer in the .us vs .uk versions). benny-hill Something about rifling through her drawers /benny-hill -- When I die I want to go peacefully in my sleep like my Grandfather, not screaming in terror like his passengers. http://playr.co.uk/
Re: IMPORTANT, DO THIS OR YOUR E-MAIL WON'T WORK
On Wed, May 27, 2009 at 10:58 AM, Bob Beck b...@obtuse.com wrote: Oh please. like the address coming from openbsd.org matters... It's *email*... You seem to have misunderstood my comment. If e-mail address A is in the set {legit, potentially spoofed}, then you have to have additional measures to determine which set it's in. If e-mail address B is not in the set {legit, potentially spoofed}, then you certainly shouldn't assume it's legit. The quoted e-mail wasn't from openbsd.org. Assuming it's legit is nonsense. -- Computers are like air conditioners... They quit working when you open Windows.
Re: 4.5 on Thinkpad 600x issue
Update: rsync completed. I brought up X, Firefox, emacs and was downloading packages when the curse struck again. Little or no response to the mouse. ctrl-alt F2 got me to a fresh login prompt, but every character I type is repeated 7 times, so login is impossible. No response to ping and, not surprisingly, I can't ssh in. It occurs to me that I'm using a pcmcia 3com ethernet card that I haven't used in years and that I don't use when I run Linux on this machine (I use a wireless card in that case, but wasn't ready to tackle wireless vs. OpenBSD just yet), so that's another hardware difference. I suspect that this is just crufty old hardware acting up. I think to debug this I will install OpenBSD on another machine I have that is - newer - there will be no hardware variation and it is all known to be good (Linux and FreeBSD have both run reliably on that machine). /Don On Wed, May 27, 2009 at 12:27 PM, Donald Allen donaldcal...@gmail.comwrote: I'm an experienced hand with Linux (Gentoo, more recently Arch) and with FreeBSD. I've recently become interested in OpenBSD and have just done a test install of 4.5 on an old Thinkpad 600x (650 mhz, .5 Gb, 20 Gb 5400 rpm disk, 3com Megahertz pcmcia ethernet adapter) for purposes of evaluation. Using the system to download and install packages and doing general setup tasks, it behaves normally, no problems. But today, I am attempting to rsync (I've arranged for the rsync daemon to be started at boot time) the contents of my home directory from a FreeBSD system (something I do all the time with other targets, for backup purposes, and to allow me to use different machines as appropriate). I've twice had the rsync fail, with the client complaining that it could not write to its output pipe. The OpenBSD system was sitting at its login prompt, and attempting to login proved impossible. Characters got echoed extremely slowly, if at all, and when they did, they got echoed multiple times. I could not ping the system, though it was up, but obviously in distress. As an a very experienced systems programmer (though I haven't done any OS-level work in years), I'd offer the guess, and its only a guess, that the system was being flooded with interrupts. Unable to ssh in, I finally just turned the power off and rebooted. After the fscks, the system came up normally. I checked /var/log/message and found nothing unusual. I resumed the rsync and ran into the same problem again after a relatively short time. I am now on my third attempt, this time running 'top' on the OpenBSD machine, and in the spirit of Heisenberg, the rsync is proceeding normally, almost finished. I normally run Arch Linux on this machine (different disk) and have had no problems with it (I did the same rsync from the same source machine uneventfully), so I'm not too inclined to suspect the hardware, old as it is, except perhaps the disk, which is different hardware than when I run Linux. Here's my question: should I be able to provoke this problem again, can the collective you suggest things I should be doing, log files I ought to be looking at, perhaps running with a kernel debugger available, etc., to have a chance of debugging this problem? It's possible that this old machine or the disk that's been gathering dust for some time has decided to malfunction. But since I'm evaluating OpenBSD, I'd like to either exonerate it or confirm that it's a bug in the system. Any help would be appreciated. /Don Allen
Re: pf, altq, packet rate
* irix i...@ukr.net [2009-05-27 18:12]: But I can not understand why you are sure that traffic can only outlet Shape i can not understand why you want to shape outlets. you don't understand that inbound shaping doesn't work because you have obviously no idea how the network stack works. there is no suitable queue inbound to do any queueing on. the ipintrq is way too early. so to do any inbound shaping you had to insert another queueing step, which is as clever as drinking water from the dead sea when you're thirsty. or maybe one could rape the ipintrq somehow. but i don't and won't rape. But it pains me to see the obvious defects in my favorite system, interestingly, in the 6 years since I did the altq/pf merge, you're the only one to see that obvious defect and complete indifference on the part of developers to the obvious defects. obviously the developers have no clue about what they are doing, and the milestones they have to meet by the contract they have with you But under dynamic queues, I understand, the creation of a large number of dynamic patterns. For example creates template for the queue with an indication of the speed such as 512Kbit / s, and then creates template for the filter of which you can specify a subnet like 192.168.1.0/24 and this pattern break this subnet to the desired number of rules in this case, to 254, and under each This rule will create a dynamic part of the dynamic pattern of 512Kbit / s for each rule. i might be willing to review your code once you submit it -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: pf, altq, packet rate
2009/5/28 irix i...@ukr.net: Okey, i see. But I can not understand why you are sure that traffic can only outlet Shape , You can say that's silly to try to Shape traffic that came, but if it works it's worse than outgoing (if only for tcp) it is not stupid ? How do you shape traffic that you have already received? Or to put it another way, how do you alter the past?
Re: pf, altq, packet rate
SJP Lists wrote: 2009/5/28 irix i...@ukr.net: Okey, i see. But I can not understand why you are sure that traffic can only outlet Shape , You can say that's silly to try to Shape traffic that came, but if it works it's worse than outgoing (if only for tcp) it is not stupid ? How do you shape traffic that you have already received? ... redirect ingress to a gif or br interface and then throttle the outbound portion of that? ;)
Re: 4.5 on Thinkpad 600x issue
On Wednesday 27 May 2009 13:12:26 you wrote: Update: rsync completed. I brought up X, Firefox, emacs and was downloading packages when the curse struck again. Little or no response to the mouse. ctrl-alt F2 got me to a fresh login prompt, but every character I type is repeated 7 times, so login is impossible. No response to ping and, not surprisingly, I can't ssh in. It occurs to me that I'm using a pcmcia 3com ethernet card that I haven't used in years and that I don't use when I run Linux on this machine (I use a wireless card in that case, but wasn't ready to tackle wireless vs. OpenBSD just yet), so that's another hardware difference. I suspect that this is just crufty old hardware acting up. I think to debug this I will install OpenBSD on another machine I have that is - newer - there will be no hardware variation and it is all known to be good (Linux and FreeBSD have both run reliably on that machine). /Don I've never tried installing OpenBSD on a 600x but I'm a little surprised that it isn't working fine. Since you are new to OpenBSD, how did you get OpenBSD, and also how (where) did you get the packages? You MUST get the packages that match the version of OpenBSD. More than one person has gotten a release CD and then gotten the packages in snapshots/packages/i386 which is -current, the wip stuff that will be a part of the next release. Also, it would be good to post the contents of /var/run/dmesg.boot, to see what the kernel thinks of the hardware. Thats a start. --STeve Andre'
Re: pf, altq, packet rate
On Wed, May 27, 2009 at 11:04 AM, SJP Lists sjp.li...@flashbsd.net wrote: How do you shape traffic that you have already received? Or to put it another way, how do you alter the past? I've always just assigned inbound traffic to the existing outbound queues. My assumption is that the responding traffic would use the queues appropriately, and the results (watched via pftop) seem to bear this out. Then again I'm just using priq at home.
Re: 4.5 on Thinkpad 600x issue
On Wed, May 27, 2009 at 1:26 PM, STeve Andre' and...@msu.edu wrote: On Wednesday 27 May 2009 13:12:26 you wrote: Update: rsync completed. I brought up X, Firefox, emacs and was downloading packages when the curse struck again. Little or no response to the mouse. ctrl-alt F2 got me to a fresh login prompt, but every character I type is repeated 7 times, so login is impossible. No response to ping and, not surprisingly, I can't ssh in. It occurs to me that I'm using a pcmcia 3com ethernet card that I haven't used in years and that I don't use when I run Linux on this machine (I use a wireless card in that case, but wasn't ready to tackle wireless vs. OpenBSD just yet), so that's another hardware difference. I suspect that this is just crufty old hardware acting up. I think to debug this I will install OpenBSD on another machine I have that is - newer - there will be no hardware variation and it is all known to be good (Linux and FreeBSD have both run reliably on that machine). /Don I've never tried installing OpenBSD on a 600x but I'm a little surprised that it isn't working fine. Since you are new to OpenBSD, how did you get OpenBSD, and also how (where) did you get the packages? ftp://ftp.cse.buffalo.edu/pub/OpenBSD/4.5/i386/ Downloaded cd45.iso and burned that to a cd. Downloaded bsd plus *45.tgz (except for the games) and wrote them to a cd (4.5/i386 directory). I probably should have included INSTALL.i386, since the installer noticed that it was missing from the cd, but other than making it grumpy, it seemed to do no harm. You MUST get the packages that match the version of OpenBSD. More than one person has gotten a release CD and then gotten the packages in snapshots/packages/i386 which is -current, the wip stuff that will be a part of the next release. Also, it would be good to post the contents of /var/run/dmesg.boot, to see what the kernel thinks of the hardware. Thats a start. Ok, will do in a separate msg. /Don --STeve Andre'
Re: pf, altq, packet rate
Hello , * irix i...@ukr.net [2009-05-27 18:12]: But I can not understand why you are sure that traffic can only outlet Shape i can not understand why you want to shape outlets. you don't understand that inbound shaping doesn't work because you have obviously no idea how the network stack works. there is no suitable queue inbound to do any queueing on. the ipintrq is way too early. so to do any inbound shaping you had to insert another queueing step, which is as clever as drinking water from the dead sea when you're thirsty. or maybe one could rape the ipintrq somehow. but i don't and won't rape. by shaping the incoming traffic, I mean simple dropper without constructing queues. All that the above specified speed dropped until the flow becomes less than or equal to specified speed. That actually makes CDNR, which arrears. But it pains me to see the obvious defects in my favorite system, interestingly, in the 6 years since I did the altq/pf merge, you're the only one to see that obvious defect and complete indifference on the part of developers to the obvious defects. obviously the developers have no clue about what they are doing, and the milestones they have to meet by the contract they have with you understood the joke. Funny -- Best regards, irix mailto:i...@ukr.net
Re: pf, altq, packet rate
2009/5/28 Johan Beisser j...@caustic.org: On Wed, May 27, 2009 at 11:04 AM, SJP Lists sjp.li...@flashbsd.net wrote: How do you shape traffic that you have already received? Or to put it another way, how do you alter the past? I've always just assigned inbound traffic to the existing outbound queues. My assumption is that the responding traffic would use the queues appropriately, and the results (watched via pftop) seem to bear this out. Thanks Lars and Johan, I was trying to highlight to irix that once traffic is received, it is too late to alter the bandwidth it already used coming in. In other words, doing it on the incoming is pointless. Thus, as in your examples, the logic behind shaping only on the outbound. i.e.You can easily delay sending something you have, but you have little to no control over the ingress traffic of a link where only the local host you have control of. Shane
Re: ral(4) driver and RT2860 + RT2850 chips
I thought I would update the list with some new info I have now that I am running a PC engines alix2d2 and OpenBSD 4.5-stable. When I received the alix board I just swapped the CF card out of my Soekris net4501 and put it in the alix board. At that time I was running OpenBSD 4.4-stable. After making the swap the ral card was still behaving the same as it was before, so I decided to upgrade to 4.5 as I was planning to do this anyhow. After upgrading to 4.5 the ral card (SparkLan WMIR-200N) started working just fine. I decided to check the changelog to see what had changed since 4.4 and noticed: Fix HW crypto on ral(4) devices. Because my card has a RT2860 chip and the driver supports offloading of encryption decryption to the hardware, I suspect this could have been the isse. The ral card is running in host-ap mode and has been working flawlessly ever since. See dmesg below. Cheers, -Chris OpenBSD 4.5 (GENERIC) #0: Wed Mar 18 13:35:27 MDT 2009 r...@obsd45.localdomain:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Geode(TM) Integrated Processor by AMD PCS (AuthenticAMD 586-class) 499 MHz cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX real mem = 268009472 (255MB) avail mem = 250859520 (239MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 11/05/08, BIOS32 rev. 0 @ 0xfd088 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xe/0xa800 cpu0 at mainbus0: (uniprocessor) pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 1 function 0 AMD Geode LX rev 0x33 AMD Geode LX Crypto rev 0x00 at pci0 dev 1 function 2 not configured vr0 at pci0 dev 9 function 0 VIA VT6105M RhineIII rev 0x96: irq 10, address 00:0d:b9:17:7b:b8 ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr1 at pci0 dev 11 function 0 VIA VT6105M RhineIII rev 0x96: irq 15, address 00:0d:b9:17:7b:b9 ukphy1 at vr1 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 ral0 at pci0 dev 12 function 0 Ralink RT2860 rev 0x00: irq 9, address 00:0e:8e:20:84:94 ral0: MAC/BBP RT2860 (rev 0x0102), RF RT2850 (MIMO 2T3R) hifn0 at pci0 dev 14 function 0 Hifn 7955/7954 rev 0x00: LZS 3DES ARC4 MD5 SHA1 RNG AES PK, 32KB dram, irq 11 glxpcib0 at pci0 dev 15 function 0 AMD CS5536 ISA rev 0x03: rev 0, 32-bit 3579545Hz timer, watchdog, gpio gpio0 at glxpcib0: 32 pins pciide0 at pci0 dev 15 function 2 AMD CS5536 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: SILICONSYSTEMS INC 1GB wd0: 1-sector PIO, LBA, 999MB, 2046240 sectors wd0(pciide0:0:0): using PIO mode 4, DMA mode 2 pciide0: channel 1 ignored (disabled) ohci0 at pci0 dev 15 function 4 AMD CS5536 USB rev 0x02: irq 12, version 1.0, legacy support ehci0 at pci0 dev 15 function 5 AMD CS5536 USB rev 0x02: irq 12 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 AMD EHCI root hub rev 2.00/1.00 addr 1 isa0 at glxpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 usb1 at ohci0: USB revision 1.0 uhub1 at usb1 AMD OHCI root hub rev 1.00/1.00 addr 1 biomask 71e7 netmask ffe7 ttymask mtrr: K6-family MTRR support (2 registers) nvram: invalid checksum softraid0 at root root on wd0a swap on wd0b dump on wd0b clock: unknown CMOS layout Chris Jones wrote: Good evening, I just picked up a SparkLan WMIR-200N which I've put in my Soekris net4501. The ral(4) driver says it supports the Ralink RT2860 and RT2850 chips on this card. OpenBSD detects the card however when I configure it in hostap mode with WPA2-PSK, my Macbook or any wifi capable computer will connect momentarily and then disconnects. Has anyone had any experience with this card running under OpenBSD? Also, how can I debug the ral(4) driver? Here is my dmesg output as well as my hostname.if configuration. Thanks, -Chris dmesg - OpenBSD 4.4 (GENERIC) #0: Sat Nov 15 07:42:40 PST 2008 r...@ob44dev.localdomain:/usr/src/sys/arch/i386/compile/GENERIC cpu0: AMD Am5x86 W/B 133/160 (AuthenticAMD 486-class) cpu0: FPU real mem = 66678784 (63MB) avail mem = 55017472 (52MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 20/80/03, BIOS32 rev. 0 @ 0xf7840 pcibios0 at bios0: rev 2.0 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xc8000/0x9000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (bios) elansc0 at pci0 dev 0 function 0 AMD ElanSC520 PCI rev 0x00: product 0 stepping 1.1, CPU clock 133MHz, reset 40SCP gpio0 at
Re: 4.5 on Thinkpad 600x issue
On Wed, May 27, 2009 at 10:26 AM, STeve Andre' and...@msu.edu wrote: I've never tried installing OpenBSD on a 600x but I'm a little surprised that it isn't working fine. You're in for a few surprises when you do then. It should work fine, but there's some ACPI issues that have never been addressed. Since you are new to OpenBSD, how did you get OpenBSD, and also how (where) did you get the packages? You MUST get the packages that match the version of OpenBSD. More than one person has gotten a release CD and then gotten the packages in snapshots/packages/i386 which is -current, the wip stuff that will be a part of the next release. The 600x has a CDRom/DVD drive in it. It comes standard. Also, it would be good to post the contents of /var/run/dmesg.boot, to see what the kernel thinks of the hardware. Thats a start. I'll include something I sent to Donald Allen, edited to make things a little more contextually relevant: The key problem would keep happening [the freezing/slowdown]. Mostly due to IRQ 11 being shared between USB, keyboard and PCMCIA. Large amounts of traffic through that IRQ would cause locking issues in the kernel. It really is a hardware issue with that specific model of laptop; I had them with FreeBSD [5.2], OpenBSD [4.1, 4.2, and 4.3], and Linux [2.6.10]. It's a problem I presumed was just with my 600x, but some of my research has shown it's a model issue, related to IRQ assignment in kernel. The only OS that hasn't had a problem with the hardware is Windows XP. Whether that's due to the OS masking it or knowing something more intimately about the odd hybrid of ACPI and APM the BIOS presents, I can't say. I'm just not surprised the problem still exists in 4.5.
xdm xinerama
I have an OpenBSD-current machine running xdm, xdmcp enabled. If I try to connect to it from a Solaris 9 machine with Xinerama enabled, I get this in /var/log/xdm.log: X Error of failed request: BadPixmap (invalid Pixmap parameter) Major opcode of failed request: 129 (XINERAMA) Minor opcode of failed request: 4 (XINERAMAIsActive) Resource id in failed request: 0x18000c Serial number of failed request: 59 Current serial number in output stream: 59 select returns -1. Rescan: 0 ChildReady: 1 Without xinerama, it works. Is there a way to allow this to work? I see that xdm has some knowledge of xinerama, so I'm assuming this is a Solaris issue? Thanks in advance for any help.
Re: OpenBSD and Realtek rtl8187: 8187B wireless chipset
2009/5/27 Nido n...@foxserver.be: 2009/5/27, Martynas Venckus marty...@altroot.org: snip From: John . comp.j...@googlemail.com snip Hello list, Are there any plans to support the realtek rtl8187: 8187B wireless chipset? Is it available in -current? yup; i am writing this email from one. ;-) got it working couple of months ago but was slac^H^H^H^Hbusy and did not clean it up yet; which one do you have? usbdevs -v? I don't have an OpenBSD cd or partition at hand for that machine so I'm sorry I can't give you the output of 'usbdevs -v'. If desired I will produce that for you later. The ID of my card is, according to Linux's lsusb: ID 0bda:8197 Realtek Semiconductor Corp. RTL8187B Wireless Adapter. Can you confirm this specific instance of this card to (at least partly) work. Hi, machine: j...@john-desktop:~$ uname -a Linux john-desktop 2.6.28-11-generic #42-Ubuntu SMP Fri Apr 17 01:58:03 UTC 2009 x86_64 GNU/Linux Output of lsusb: j...@john-desktop:~$ lsusb Bus 001 Device 002: ID 04f2:b064 Chicony Electronics Co., Ltd Bus 001 Device 003: ID 0bda:8197 Realtek Semiconductor Corp. RTL8187B Wireless Adapter Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 006 Device 002: ID 0930:0508 Toshiba Corp. Integrated Bluetooth HCI Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub It works, I'm using it now. Oddly, I have to use recovery mode in the boot menu, recover nothing, then wifi is seen. I think the reason for this is because it pauses probing, maybe it needs time to wake up. If I just boot ubuntu normally, it never initializes (it times out) and it never re-initializes I want this laptop to be multi-boot vista/openbsd. All serious work being done on openbsd. I need to keep the vista part for work reasons. i'd be completely grateful if you could tell me what you did to get this wifi to work under openbsd. Many thanks, -- John
Re: pf, altq, packet rate
On Wed, May 27, 2009 at 12:02 PM, SJP Lists sjp.li...@flashbsd.net wrote: Thanks Lars and Johan, I was trying to highlight to irix that once traffic is received, it is too late to alter the bandwidth it already used coming in. In other words, doing it on the incoming is pointless. Thus, as in your examples, the logic behind shaping only on the outbound. You can always inform the other end that your window is smaller than it is (pf.conf(5) red/rio/ecn on the queue). Or, simply randomly drop some incoming packets for that protocol to force retransmission (see pf.conf(5) probability flag for a given line) which should cause the remote end renegotiate its link to you as unreliable, and retransmit. A probability of 5% would prevent inbound connections from fully saturating. i.e.You can easily delay sending something you have, but you have little to no control over the ingress traffic of a link where only the local host you have control of. Bingo.
Re: pf, altq, packet rate
2009/5/27 irix i...@ukr.net: Hello Misc, since queueing only happens at output, that's going to be totally useless. it's not just a question of how altq distinguishes traffic, you're asking to totally change how altq works. Okey, i see. But I can not understand why you are sure that traffic can only outlet Shape , You can say that's silly to try to Shape traffic that came, but if it works it's worse than outgoing (if only for tcp) it is not stupid ? Assume that you are right and the traffic can Shape only outlet for what purpose then in other projects (freebsd, linux, netbsd) including the original altqd opportunity for shaping incoming traffic via CDNR has been included? This is not the presentation of claims or something else, I want to understand why you uperlis and do not want to see nothing else. What is uperlis? if you have some requirement for features that altq+pf doesn't have at the moment, you have a few choices: - use different software that already does what you want. - pay someone to code the features. - code the features yourself. (if you don't code, this will require learning how to do that first, obviously). I did. You did what? But it pains me to see the obvious defects in my favorite system, and complete indifference on the part of developers to the obvious defects. This is not a defect. Throttling inbound traffic is meaningless. The point of throttling traffic is to reduce load on network elements (links, routers, etc) and possibly enforce accounting policies. The traffic has already arrived at your router so it has already traversed the link and been processed by the network stack. You throttle what you can control - like the rate at which traffic from the world egresses the internal interface on your router on its way to the host you want throttled. but, unless you want to use altq on a server (rather than a router), there isn't really a problem with the queuing happening only on output. just give the queues on both interfaces the same name, then you can assign in both directions with a single rule. stupid example ruleset. not actually tested, but I have others like it, and it should be enough to give you the general idea. -- -- -- -- -- altq on bge0 cbq bandwidth 4000Kb queue { normal, slow, fast } altq on vlan5 cbq bandwidth 2Kb queue { normal, slow, fast } altq on vlan9 cbq bandwidth 1000Kb queue { normal, slow, fast } queue normal bandwidth 40% priority 4 cbq(default borrow) queue slow bandwidth 10% priority 1 queue fast bandwidth 50% priority 7 pass pass in proto icmp queue (slow) pass in proto tcp to port 22 queue (fast) -- -- -- -- -- (I think some people just look at a couple of example configs which use different queue names on interfaces and assume that it's necessary, but it isn't). Thanks, for this example. I did not know this. But under dynamic queues, I understand, the creation of a large number of dynamic patterns. For example creates template for the queue with an indication of the speed such as 512Kbit / s, and then creates template for the filter of which you can specify a subnet like 192.168.1.0/24 and this pattern break this subnet to the desired number of rules in this case, to 254, and under each This rule will create a dynamic part of the dynamic pattern of 512Kbit / s for each rule. What? -HKS -- Best regards, irix mailto:i...@ukr.net
Re: OpenBSD and Realtek rtl8187: 8187B wireless chipset
2009/5/27, John . comp.j...@googlemail.com: 2009/5/27 Nido n...@foxserver.be: 2009/5/27, Martynas Venckus marty...@altroot.org: snip From: John . comp.j...@googlemail.com snip Hello list, Are there any plans to support the realtek rtl8187: 8187B wireless chipset? Is it available in -current? yup; i am writing this email from one. ;-) got it working couple of months ago but was slac^H^H^H^Hbusy and did not clean it up yet; which one do you have? usbdevs -v? I don't have an OpenBSD cd or partition at hand for that machine so I'm sorry I can't give you the output of 'usbdevs -v'. If desired I will produce that for you later. The ID of my card is, according to Linux's lsusb: ID 0bda:8197 Realtek Semiconductor Corp. RTL8187B Wireless Adapter. Can you confirm this specific instance of this card to (at least partly) work. Hi, machine: j...@john-desktop:~$ uname -a Linux john-desktop 2.6.28-11-generic #42-Ubuntu SMP Fri Apr 17 01:58:03 UTC 2009 x86_64 GNU/Linux Output of lsusb: j...@john-desktop:~$ lsusb Bus 001 Device 002: ID 04f2:b064 Chicony Electronics Co., Ltd Bus 001 Device 003: ID 0bda:8197 Realtek Semiconductor Corp. RTL8187B Wireless Adapter Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 006 Device 002: ID 0930:0508 Toshiba Corp. Integrated Bluetooth HCI Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub It works, I'm using it now. Oddly, I have to use recovery mode in the boot menu, recover nothing, then wifi is seen. I think the reason for this is because it pauses probing, maybe it needs time to wake up. If I just boot ubuntu normally, it never initializes (it times out) and it never re-initializes I want this laptop to be multi-boot vista/openbsd. All serious work being done on openbsd. I need to keep the vista part for work reasons. i'd be completely grateful if you could tell me what you did to get this wifi to work under openbsd. Many thanks, -- John I think you may have mistaken my post. We do have the same wireless chip but I have not gotten it to work with OpenBSD yet. In fact; I haven't got OpenBSD running on this particular laptop now. I am thinking of installing the OpenBSD soon and switching it to -current for the first time and see what happens. Unfortunately; my few experiences with the BSDs, and my cumbersome internet situation make it so I can not really tell whether a failing configuration would be because the driver is having issues with the hardware; or (more likely) PEBKaC. So I am, just as you, looking for confirmation of someone more experienced having gotten the driver to work. On Linux; modinfo states that even with only the Realtek VendorID; the productID 8198, 8197, 8189 and 8187 are working with that driver. However; from experience when the driver was first released into the kernel; I learnt that the 8197 does work a bit different then the 8187 and 8189 ones. As such; I suspect it could work a bit different on the 0846:4260 card Martynas has. Can anyone confirm success with Realtek 8187B cards other then the BayNETGEAR WG111v3 one?
multilink VPN
Hi All Here is my situation and I am hoping for a little guidance on this one I have 2 locations, both with 2 fiber internet connections I need to setup redundant VPN's between these locations without the use of BGP. So, my setup would be something like this Location A Firewall 1 Connection to ISP1 Wan IP 24.22.22.1 Firewall 2 Connection to ISP2 Wan IP 33.33.33.1 Internal Interfaces are in a carp setup Internal IP range is 192.168.0.0/24 Location B Firewall 1 Connection to ISP1 Wan IP 24.22.21.1 Firewall 2 Connection to ISP2 Wan IP 33.33.32.1 Internal Interfaces are in a carp setup Internal IP Range is 192.168.1.0/24 I have used sasync in the past, pfsync etc however, I have not tried to setup a VPN where 2 ISPs are used without the ISPs setup with BGP. Because BGP convergance can take a bit of time, and the network in this case not being able to drop for 1 second, I need to determine what option is best. I have spoke with a cisco guy today and they can do multilink VPN's on cisco for this, however, being a bit of a OpenBSD fan and prefer to use Openbsd over cisco any time I can, I would really like to accomplish this task using OpenBSD. Thoughts or direction would be great james
Re: pf, altq, packet rate
On 2009-05-27, irix i...@ukr.net wrote: Assume that you are right and the traffic can Shape only outlet for what purpose then in other projects (freebsd, linux, netbsd) including the original altqd opportunity for shaping incoming traffic via CDNR has been included? so, let's look at FreeBSD's manpage. ALTQ_CDNR Build the traffic conditioner. This option is meaningless at the moment as the conditioner is not used by any of the available disciplines or consumers. or a fairly recent NetBSD list post: The input limiter absolutely doesn't work under NetBSD-3, it seems, and I've found some other posts on the web that seem to confirm this. [...] I have a NetBSD-4 build of this box, which is an embeded system, which I could deploy in this application, but it's not a trivial exercise to do so. So, I'm wondering if anyone has used and can report whether the input traffic conditioner actually works to limit traffic on input traffic under NetBSD-4. ... But under dynamic queues, I understand, the creation of a large number of dynamic patterns. For example creates template for the queue with an indication of the speed such as 512Kbit / s, and then creates template for the filter of which you can specify a subnet like 192.168.1.0/24 and this pattern break this subnet to the desired number of rules in this case, to 254, and under each This rule will create a dynamic part of the dynamic pattern of 512Kbit / s for each rule. On 2009-05-27, (private) HKS hks.priv...@gmail.com wrote: What? If you want to throttle all your clients to, say, 512Kb/sec, you need a stack of separate queues, and a stack of match rules for them. You can set them up individually via pfctl/pf.conf but it's a bit messy, you'd probably want to do part of it via some script or preprocessor. (I think using a shell script to generate a file to include would be viable though). Real dynamic queues would be created and destroyed on-the-fly which could help it scale a bit further, but I don't know how useful it would be, the first thing that comes to mind is memory use, but each extra queue doesn't use _all_ that much from the pool unless it's actively in-use. There might be problems other than memory when using a huge number of queues, I don't know, never used more than a handful here... something for someone who has a big setup to look at and profile, really.
Re: pf, altq, packet rate
I was trying to highlight to irix that once traffic is received, it is too late to alter the bandwidth it already used coming in. Dropping packets you've already received can have the impact of causing well-behaved hosts to back off when sending future packets. That's a useful result in itself, even though it's not as powerful as what you can do in the outbound direction. -Anthony
Re: pf, altq, packet rate
2009/5/28 Johan Beisser j...@caustic.org: I was trying to highlight to irix that once traffic is received, it is too late to alter the bandwidth it already used coming in. In other words, doing it on the incoming is pointless. Thus, as in your examples, the logic behind shaping only on the outbound. You can always inform the other end that your window is smaller than it is (pf.conf(5) red/rio/ecn on the queue). Or, simply randomly drop some incoming packets for that protocol to force retransmission (see pf.conf(5) probability flag for a given line) which should cause the remote end renegotiate its link to you as unreliable, and retransmit. A probability of 5% would prevent inbound connections from fully saturating. I know this is an option, but forcing the resending of traffic doesn't seem to be the most efficient method to me, when I could instead just shape that same traffic when it leaves another interface.
Re: pf, altq, packet rate
On Wed, May 27, 2009 at 10:44 PM, SJP Lists sjp.li...@flashbsd.net wrote: I know this is an option, but forcing the resending of traffic doesn't seem to be the most efficient method to me, when I could instead just shape that same traffic when it leaves another interface. It's a horrible option, but it's what was being requested. You're better off assigning inbound traffic to your normal outbound queues and using ECN/RIO/RED to handle your congestion and notification instead. Combined with HFSC or CBQ, it's a powerful tool for shaping the behavior of the remote end sending you data. Properly, if you're getting saturated, you should send ICMP type 4 (squench) to notify that your sender should back off on how fast they're transmitting traffic, instead of forcing retransmits of the missing packets during the window.