Re: Can't install OpenBSD 6.6 on apu4d4

[mabi]

‐‐‐ Original Message ‐‐‐
On Thursday, February 6, 2020 8:25 AM, Mischa  wrote:

> Before you boot do at boot> do:
>
> stty com0 115200
> set tty com0

Thanks Mischa! I should have thought about that but I couldn't remember having 
done this with previous APU models and OpenBSD versions.

Re: Can't install OpenBSD 6.6 on apu4d4

[Mischa]

Before you boot do at boot> do:

stty com0 115200
set tty com0

After that boot as normal.

Mischa

> On 6 Feb 2020, at 08:13, mabi  wrote:
> 
> Hi there,
> 
> I am trying to install OpenBSD 6.6 (install66.fs) from a USB key on a PC 
> Engines apu4d4 box. Unfortunately the installer does not seem to start as it 
> reboots after loading a few seconds of the bsd.rd image as you can see from 
> my output below:
> 
> SeaBIOS (version rel-1.12.1.3-0-g300e8b7)
> 
> Press F10 key now for boot menu
> 
> Booting from Hard Disk...
> Using drive 0, partition 3.
> Loading..
> probing: pc0 com0 com1 com2 com3 mem[639K 3325M 752M a20=on]
> disk: hd0+ hd1+*
>>> OpenBSD/amd64 BOOT 3.45
> boot>
> 
> cannot open hd0a:/etc/random.seed: No such file or directory
> booting hd0a:/6.6/amd64/bsd.rd: 3732171+1537024+3885432+0+598016 
> [376562+128+455
> 544+303577]=0xa648d0
> entry point at 0x8100100
> 
> PC Engines apu4
> coreboot build 20202901
> BIOS version v4.11.0.3
> 
> 
> I upgraded the BIOS from v4.11.0.2 to v4.11.0.3 and tried another USB key but 
> still the same happens.
> 
> Am I missing something here?
> 
> Regards,
> Mabi
> 
> 
> 
> 

Can't install OpenBSD 6.6 on apu4d4

[mabi]

Hi there,

I am trying to install OpenBSD 6.6 (install66.fs) from a USB key on a PC 
Engines apu4d4 box. Unfortunately the installer does not seem to start as it 
reboots after loading a few seconds of the bsd.rd image as you can see from my 
output below:

SeaBIOS (version rel-1.12.1.3-0-g300e8b7)

Press F10 key now for boot menu

Booting from Hard Disk...
Using drive 0, partition 3.
Loading..
probing: pc0 com0 com1 com2 com3 mem[639K 3325M 752M a20=on]
disk: hd0+ hd1+*
>> OpenBSD/amd64 BOOT 3.45
boot>

cannot open hd0a:/etc/random.seed: No such file or directory
booting hd0a:/6.6/amd64/bsd.rd: 3732171+1537024+3885432+0+598016 [376562+128+455
544+303577]=0xa648d0
entry point at 0x8100100

PC Engines apu4
coreboot build 20202901
BIOS version v4.11.0.3


I upgraded the BIOS from v4.11.0.2 to v4.11.0.3 and tried another USB key but 
still the same happens.

Am I missing something here?

Regards,
Mabi

Re: bad ip cksum 0! -> in enc interface

[Janne Johansson]

Den ons 5 feb. 2020 kl 21:01 skrev Riccardo Giuntoli :

> If i sniff traffic over enc0 interface I found a strange error about ip
> chksum:
>
>  (DF) (ttl 63, id 43164, len 52) (DF) (ttl 64, id 18753, len 72, bad ip
> cksum 0! -> c48a)
> This is the error as you can review.
>
> I cannot find solution in Internet and the real think is that in many
> others post people copy and paste packets and this error is visible but no
> one think that is in effect an error or do not speak about.
>

You often see 0 in packet checksum fields if the packet is heading out on a
device
which claims to do ipv4 checksum offloading in hardware. In such cases, the
OS will
not spend time doing software checksums, but the hardware will do it just
before the
packet leaves for the network, so that is why the software sniffer will see
0 there, but
the remote end (you do look for errors from both ends, right?) will see
something else
there.

-- 
May the most significant bit of your life be positive.

Re: is there a 2GB limit on amd64 link?

[Philip Guenther]

On Wed, Feb 5, 2020 at 7:38 PM  wrote:

> I am encountering a linker error when compiling with ports-gcc Fortran:
>
> ld: error: lbug2.f90:(function MAIN__: .text+0x80): relocation
> R_X86_64_PC32 out o
> f range: 2456507324 is not in [-2147483648, 2147483647]
>
> The code has several large arrays, the total size of which exceeds 2GB.
>
> Is this a linker issue, a gcc fortran issue, or a pebkac?
>

It's at least a gnu fortran issue: it needs to generate object code in a
larger "model" than it currently is.  I've never used gnu fortran, but it
might accept the -mcmodel=medium option like gcc and generate code
sequences for data symbols that don't limit them to the bottom 2GB (or to
within 2GB of the involved code, depending on gcc's choices in implementing
the model).

If it doesn't accept that option, then you'll need to work with the the
docs, mailling lists, etc of the upstream gnu fortran project about how to
have it generate code for the medium or large data models per the amd64 ABI.


Philip Guenther

is there a 2GB limit on amd64 link?

[j]

I am encountering a linker error when compiling with ports-gcc Fortran:

ld: error: lbug2.f90:(function MAIN__: .text+0x80): relocation R_X86_64_PC32 
out o
f range: 2456507324 is not in [-2147483648, 2147483647]

The code has several large arrays, the total size of which exceeds 2GB.

Is this a linker issue, a gcc fortran issue, or a pebkac?

$ cat lbug1.f90
program lbug
  implicit none
  save

realr3(ng,ng,ng)

  print *,'hello bug'
  ! essential:
  call someexternal(r3,3)
  print *,r3(3,3,3)
endprogram

$ cat lbuge.f90
subroutine someexternal(a,b)
endsubroutine

$ echo $(( 4* 850*850*850 ))
245650
$# the memory use of array r3 exceeds 2^31 bytes
$ egfortran -cpp -Dng=850 lbug1.f90 -c
$ egfortran -c lbuge.f90
$ egfortran lbug1.o lbuge.o
o66$ ./a.out
 hello bug
   0.

The object files are linked into separate files so we can examine with

$ objdump --syms lbug1.o | grep -B 1 -A 2 r3
 l F .text  0116 MAIN__
 l O .bss   926b3720 r3.3768
0030 l O .rodata001c options.2.3777
 ld  .eh_frame   .eh_frame

$ cat lbug2.f90
program lbug
  implicit none
  save

realr3(ng,ng,ng)
complex c3(ng/2,ng,ng)

  print *,'hello bug'
  ! essential:
  call someexternal(r3,c3)
  print *,r3(3,3,3), ubound(r3)
endprogram

$ egfortran -cpp -Dng=850 lbug2.f90 -c
$ egfortran -cpp -Dng=850 lbuge.f90 -c
$ egfortran lbug2.o lbuge.o
ld: error: lbug2.f90:(function MAIN__: .text+0x80): relocation R_X86_64_PC32 
out of range: 2456507324 is not in [-2147483648, 2147483647]

$ objdump --syms lbug2.o | grep -B 1 -A 2 r3
926b3720 l O .bss   926b3720 c3.3768
 l O .bss   926b3720 r3.3770
0028 l O .rodata000c A.2.3775
0040 l O .rodata001c options.4.3783

It seems the compiler generates 64-bit offsets but the linker limits itself
to 32-bit offsets.  Is this correct? Is there a fix?

John

Environment:

$ sysctl kern.version
kern.version=OpenBSD 6.6 (GENERIC.MP) #0: Sat Oct 26 08:08:07 MDT 2019

r...@syspatch-66-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

$ sysctl hw
hw.machine=amd64
hw.model=Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz
hw.ncpu=2

$ pkg_info | grep g95
g95-8.3.0p4 GNU compiler collection: f95 compiler

Re: [drm] *ERROR* [CRTC:41:pipe ] flip_done timed out

[Aaron Mason]

Hi Kris

On Thu, Feb 6, 2020 at 5:22 AM krishh61  wrote:
>
> HI,
>
> I can give mine:
>
>
>  cut --
> OpenBSD 6.6 (GENERIC.MP) #4: Wed Jan 15 08:56:09 MST 2020
>
> r...@syspatch-66-i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
> real mem  = 3210944512 (3062MB)
> avail mem = 3136659456 (2991MB)
> [SNIP]
> root on sd0a (d3d7274cd817feba.a) swap on sd0b dump on sd0b
> [drm] *ERROR* CPU pipe B FIFO underrun
> [drm] *ERROR* [CRTC:34:pipe ] flip_done timed out
> vblank wait timed out on crtc 0
> [drm] *ERROR* [CRTC:34:pipe ] flip_done timed out
> [drm] *ERROR* [CONNECTOR:54:SVIDEO-] flip_done timed out
> inteldrm0: 1024x768, 32bpp
> wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation), using wskbd0
> wsdisplay0: screen 1-5 added (std, vt100 emulation)
> [drm] *ERROR* [CRTC:41:pipe ] flip_done timed out
> vblank wait timed out on crtc 1
> [drm] *ERROR* [CRTC:41:pipe ] flip_done timed out
> [drm] *ERROR* [CONNECTOR:54:SVIDEO-] flip_done timed out
>
> --- cut ---
>
> ThinkPad R61i
>
> regards
>
> Kris
>
>
>
> --
> Sent from: http://openbsd-archive.7691.n7.nabble.com/openbsd-user-misc-f3.html
>

Thanks, that's very helpful.  For shits and giggles, say we disable inteldrm:

boot> boot -c
[...]
UKC> disable inteldrm
UKC> quit

Can you give this a try and report back please.

-- 
Aaron Mason - Programmer, open source addict
I've taken my software vows - for beta or for worse

Re: suggestions for USB printer (maybe even with scanner)?

[Chris Bennett]

A lot of people are mentioning the need to deal with the new lpr tools
being at /usr/local/bin.
I found that adding a symmlink from /usr/bin/lpr to /usr/local/bin/lpr,
etc. to help with programs that expect to find lpr at that exact
location.

Using a symlink will make life much easier with a few programs, since
everything finds what it needs at either location. You will need to
refresh the symlink after each upgrade. Backup the /usr/bin files just
in case you really do need them later.

Good luck! Printing is so damned easy or so brutally hard. ;-{)>

--
Chris

Re: suggestions for USB printer (maybe even with scanner)?

[Jonathan Drews]

Hi Claus:
 
 USB printers are kind of difficult to set up on OpenBSD. You can read the 
instructions on USB setup in /usr/local/share/doc/pkg-readmes/cups. I never
get USB printing to work on my OpenBSD 6.6. Instead I used a wireless Xerox
Laser printer. Here is how I did it for a Xerox 6022 laser printer. I paid 
$150.00 USD for my Xerox 6022 Phasor

To get this laser printer running over WiFi do:
0) Connect the Xerox Phaser 6022 to your wireless access point. I did
this using a spare windows computer. I suppose you can do this
through the little setup screen, on top of the laser printer.
1) Install the CUPS package.
2) Add the following line to your /etc/rc.conf.local file:
pkg_scripts=cupsd. Reboot the computer to make sure CUPS is
running. See man (8) rc.conf.local
3) From the CD that came with my Phaser 6022, I removed the file
xerox-phaser-6022_1.0-22_all.deb.
4) This is an archive file. It contains your *.ppd. Do
$ ar x xerox-phaser-6022_1.0-22_all.deb
(See man (1) ar)
5) After extraction you will see data.tar.gz. That tarball contains
the Xerox_Phaser_6022.ppd. Get the *.ppd with
$ tar zxvf data.tar.gz
6) Move Xerox_Phaser_6022.ppd to /root.
7) Start a web browser and point it to "http://localhost:631";.
8) Select add a printer and login. I had to use my user account to
login. Logging in as root would not work. You CUPS will probe
your wireless network and you should see an address like
192.168.1.X, where X can be any number. It will also identify the
printer as Xerox Phaser 6022.
9) Since there is no entry for Xerox, load the
Xerox_Phaser_6022.ppd.
10) Complete the CUPS setup and you are ready to print

You have to use the absolute path name
/usr/local/bin/lpr, /usr/local/bin/lprm, /usr/local/bin/lpq and
/usr/local/bin/lp to print with CUPS.

LibreOffice prints with out modification.
You can print photos and graphics (*jpeg, *.png , etc) with
Firefox

xpdf reguires the following line in the .xpdfrc:


# Set the default PostScript file or command.

psFile "|/usr/local/bin/lpr"

# Set the default PostScript paper size -- this can be letter, legal,
# A4, or A3. You can also specify a paper size as width and height
# (in points).
 
 

Sent: Wednesday, February 05, 2020 at 12:56 PM
From: "Claus Assmann" 
To: misc@openbsd.org
Subject: suggestions for USB printer (maybe even with scanner)?
I need to buy a printer to connect to one of my OpenBSD machines
and I prefer a USB connection (as I don't control the network at
my current place). Can I just buy any USB printer or are there
printers which do not work with OpenBSD? If so, what do I need
to check / avoid?

Any suggestion for something "cheap" (to print just a few documents
as needed)? I never had to buy a printer before, so I'm not familiar
with this area -- if possible I would like to get a printer/scanner
but I have no idea what I can buy locally :-(
A HP laserjet (which was a gift but broke today) worked only with
one of my OpenBSD machines which seemingly was related to the USB
HW, using a printcap entry like this:
usb:lp=/dev/ulpt0:sd=/var/spool/output/usb:sf:sh:tr=^D:

--
Address is valid for this mailing list only, please do not reply
to it direcly, but to the list.
 

Where to submitt artwork?

[Michael Stupka]

Hi all

My younger sister made some Puffy-related artwork for a private project of 
mine...
Could anybody please point me to the right email to submit & share them with 
the OpenBSD project?

Regards

Prokhor

Sent with [ProtonMail](https://protonmail.com) Secure Email.

Re: suggestions for USB printer (maybe even with scanner)?

[Adam Thompson]

On 2020-02-05 13:56, Claus Assmann wrote:

I need to buy a printer to connect to one of my OpenBSD machines
and I prefer a USB connection (as I don't control the network at
my current place).  Can I just buy any USB printer or are there
printers which do not work with OpenBSD? If so, what do I need
to check / avoid?

Any suggestion for something "cheap" (to print just a few documents
as needed)? I never had to buy a printer before, so I'm not familiar
with this area -- if possible I would like to get a printer/scanner
but I have no idea what I can buy locally :-(
A HP laserjet (which was a gift but broke today) worked only with
one of my OpenBSD machines which seemingly was related to the USB
HW, using a printcap entry like this:
usb:lp=/dev/ulpt0:sd=/var/spool/output/usb:sf:sh:tr=^D:


I don't know what you need in a printer, and I don't know what you mean 
by cheap, so... YMMV.


However, I've found Brother **LASER** printers to be very good, and most 
of them support PCL6 and/or PS3.
For example, the HL-L2370DW can only connect via USB, and supports PCL6, 
and currently sells for ~C$150-160.


Just don't try to use their MFC-* line of color printers under UNIX 
(except MacOS).  FWIW, if you're in a situation where you have a spare 
Mac, the Mac can bridge from CUPS/PDF format to Brother proprietary 
format... bit pf a pain but it works.


-Adam

Re: VLAN or aliases or? best way to isolate untrustable hosts in a small network

[Brian Brombacher]

The OP’s hostname.vlan* files never specify a vnetid.  I get an error trying 
to configure and bring up the second vlan interface the same way without vnetid 
specified.  Regardless of my error, the ifconfig(8) man page says without 
vnetid specified, vlan tag 0 will be used.  You need to specify two different 
vlan tags.

All of that aside: VLANs don’t give you any more security.  If the client host 
is on the same physical network as your two VLANs, the only thing stopping them 
from jumping between VLANs would be physical devices (switches, etc.) 
configured to prevent that.  From what I gathered, you don’t have this level of 
control.  Therefore, you gain nothing by segmenting the networks with VLANs.

-Brian

> On Feb 5, 2020, at 11:58 AM, Christian Weisgerber  wrote:
> 
> On 2020-02-05, Janne Johansson  wrote:
> 
>>> # /etc/hostname.vlan101
>>> description 'WLAN attached untrusted hosts'
>>> inet 192.168.156.0/24 255.255.255.0 vlandev run0
>> VLANs and wifi sounds like a non-starter.
> 
> Yep, if you're building your access point with OpenBSD.
> 
> More generally, though, any AP in the business segment has support
> for multiple SSIDs that can be assigned to different VLANs on the
> Ethernet side.
> 
> -- 
> Christian "naddy" Weisgerber  na...@mips.inka.de

Re: suggestions for USB printer (maybe even with scanner)?

[Ian Darwin]

On Wed, Feb 05, 2020 at 01:50:41PM -0700, Raymond, David wrote:
> I have had good luck on OpenBSD with a variety of HP printers using
> the hplip package and cups.  (To use the latter, put /usr/local/bin
> before /usr/bin in your PATH to avoid confusion with lpr programs.)
> The xsane package does scanning on HP printers that have this
> function.  I have connected them mainly via the network, but I don't
> see why direct usb connections wouldn't work as well.

If you go that route see the note in the readme about disabling ulpt
in the kernel as cups wants to work with ugen.

Re: suggestions for USB printer (maybe even with scanner)?

[Raymond, David]

I have had good luck on OpenBSD with a variety of HP printers using
the hplip package and cups.  (To use the latter, put /usr/local/bin
before /usr/bin in your PATH to avoid confusion with lpr programs.)
The xsane package does scanning on HP printers that have this
function.  I have connected them mainly via the network, but I don't
see why direct usb connections wouldn't work as well.

Dave Raymond

On 2/5/20, Claus Assmann  wrote:
> I need to buy a printer to connect to one of my OpenBSD machines
> and I prefer a USB connection (as I don't control the network at
> my current place).  Can I just buy any USB printer or are there
> printers which do not work with OpenBSD? If so, what do I need
> to check / avoid?
>
> Any suggestion for something "cheap" (to print just a few documents
> as needed)? I never had to buy a printer before, so I'm not familiar
> with this area -- if possible I would like to get a printer/scanner
> but I have no idea what I can buy locally :-(
> A HP laserjet (which was a gift but broke today) worked only with
> one of my OpenBSD machines which seemingly was related to the USB
> HW, using a printcap entry like this:
> usb:lp=/dev/ulpt0:sd=/var/spool/output/usb:sf:sh:tr=^D:
>
> --
> Address is valid for this mailing list only, please do not reply
> to it direcly, but to the list.
>
>


-- 
David J. Raymond
david.raym...@nmt.edu
http://physics.nmt.edu/~raymond

bad ip cksum 0! -> in enc interface

[Riccardo Giuntoli]

Hello nice people! Hello there from the Spanish neural control network!

I'm setting up a roadwarrior type ikev2 secure connection from .es to .uk.

All go fine but my head that is full of voice to skull. But I'm a unix
lover so I go up with my personal, but not only, battle.
So I've done some configuration and here you are:

1) RESPONDER:

root@ganesha:/etc# cat hostname.enc0



inet 172.16.44.1/32
up
root@ganesha:/etc# cat iked.conf



set fragmentation
ikev2 'vpnc' passive esp \
from 0.0.0.0/0 to 172.16.44.2 \
from 0.0.0.0/0 to 10.1.11.0/24 \
from 0.0.0.0/0 to 10.2.22.0/24 \
from 0.0.0.0/0 to 10.3.30.0/24 \
from 0.0.0.0/0 to 10.3.33.0/24 \
local 78.141.201.0 \
srcid vpnc.telecomlobby.com.fqdn dstid cat-01.telecomlobby.com.fqdn \
tag "$name-$id"

root@ganesha:/etc# cat pf.conf



#PACKET NORMALIZE

match out on enc scrub (max-mss 1360, no-df)
#NAT

pass out on egress from { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 } \
to { ! 10.0.0.0/8, ! 172.16.0.0/12, ! 192.168.0.0/16 } nat-to (egress)
root@ganesha:/etc#

Next is the client another little OpenBSD guy with a Raspberry Pi3 with
VLAN+PPPOE+IPSEC:

root@smigol:/etc# cat pf.conf



match out on enc scrub (max-mss 1360 , no-df)
match out on pppoe scrub (max-mss 1440 , no-df)
root@smigol:/etc# cat iked.conf



ikev2 'cat-01' active esp \
from 172.16.44.2 to 0.0.0.0/0  \
from 10.3.30.0/24 to 0.0.0.0/0 \
from 10.1.11.10/24 to 0.0.0.0/0 \
from 10.2.22.0/24 to 0.0.0.0/0 \
from 10.3.33.0/24 to 0.0.0.0/0 \
peer 78.141.201.0 \
srcid cat-01.telecomlobby.com.fqdn dstid vpnc.telecomlobby.com.fqdn\
tag "$name-$id"
root@smigol:/etc# cat ipsec.conf



flow from 127.0.0.1/32 to 127.0.0.1/32 type bypass
flow esp in from {10.1.11.0/24 , 10.2.22.0/24 , 10.3.30.0/24 , 10.3.33.0/24}
to {10.1.11.31/32 , 10.2.22.31/32 , 10.3.30.31/32 , 10.3.33.31/32 ,
172.16.44.2/32 , 192.168.144.1/32} type bypass
flow esp out from {10.1.11.31/32 , 10.2.22.31/32 , 10.3.30.31/32 ,
10.3.33.31/32 , 172.16.44.2/32 , 192.168.144.1/32} to {10.1.11.0/24 ,
10.2.22.0/24 , 10.3.30.0/24 , 10.3.33.0/24} type bypass
flow from {10.1.11.0/24 , 10.2.22.0/24 , 10.3.30.0/24 , 10.3.33.0/24} to {
10.1.11.0/24 , 10.2.22.0/24 , 10.3.30.0/24 , 10.3.33.0/24} type bypass

root@smigol:/etc# cat hostname.enc0



inet 172.16.44.2/32
up

If i sniff traffic over enc0 interface I found a strange error about ip
chksum:

 (DF) (ttl 63, id 43164, len 52) (DF) (ttl 64, id 18753, len 72, bad ip
cksum 0! -> c48a)

This is the error as you can review.

I cannot find solution in Internet and the real think is that in many
others post people copy and paste packets and this error is visible but no
one think that is in effect an error or do not speak about.

I try some value on sysctl but no results.

Nice regards and thank you,



-- 
Name: Riccardo Giuntoli
Email: tag...@gmail.com
Location: Canyelles, BCN, España
PGP Key: 0x67123739
PGP Fingerprint: CE75 16B5 D855 842FAB54 FB5C DDC6 4640 6712 3739
Key server: hkp://wwwkeys.eu.pgp.net

suggestions for USB printer (maybe even with scanner)?

[Claus Assmann]

I need to buy a printer to connect to one of my OpenBSD machines
and I prefer a USB connection (as I don't control the network at
my current place).  Can I just buy any USB printer or are there
printers which do not work with OpenBSD? If so, what do I need
to check / avoid?

Any suggestion for something "cheap" (to print just a few documents
as needed)? I never had to buy a printer before, so I'm not familiar
with this area -- if possible I would like to get a printer/scanner
but I have no idea what I can buy locally :-(
A HP laserjet (which was a gift but broke today) worked only with
one of my OpenBSD machines which seemingly was related to the USB
HW, using a printcap entry like this:
usb:lp=/dev/ulpt0:sd=/var/spool/output/usb:sf:sh:tr=^D:

-- 
Address is valid for this mailing list only, please do not reply
to it direcly, but to the list.

Re: [drm] *ERROR* [CRTC:41:pipe ] flip_done timed out

[krishh61]

HI,

I can give mine:


 cut --
OpenBSD 6.6 (GENERIC.MP) #4: Wed Jan 15 08:56:09 MST 2020
   
r...@syspatch-66-i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
real mem  = 3210944512 (3062MB)
avail mem = 3136659456 (2991MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: date 11/21/07, BIOS32 rev. 0 @ 0xfdc80, SMBIOS rev. 2.4 @
0xe0010 (70 entries)
bios0: vendor LENOVO version "7QET28WW (1.10 )" date 11/21/2007
bios0: LENOVO 8943DTG
acpi0 at bios0: ACPI 3.0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT ECDT TCPA APIC MCFG HPET SLIC BOOT SSDT SSDT
SSDT SSDT
acpi0: wakeup devices LID_(S3) SLPB(S3) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4)
EXP4(S4) PCI1(S4) USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) EHC0(S3)
EHC1(S3) HDEF(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiec0 at acpi0
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz ("GenuineIntel" 686-class)
1.83 GHz, 06-0f-0d
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF,SENSOR,MELTDOWN
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 166MHz
cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz ("GenuineIntel" 686-class)
1.83 GHz, 06-0f-0d
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF,SENSOR,MELTDOWN
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins, remapped
acpimcfg0 at acpi0
acpimcfg0: addr 0xf000, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (AGP_)
acpiprt2 at acpi0: bus 2 (EXP0)
acpiprt3 at acpi0: bus 3 (EXP1)
acpiprt4 at acpi0: bus 4 (EXP2)
acpiprt5 at acpi0: bus 5 (EXP3)
acpiprt6 at acpi0: bus 13 (EXP4)
acpiprt7 at acpi0: bus 21 (PCI1)
acpicpu0 at acpi0: !C3(250@17 mwait.3@0x20), !C2(500@1 mwait.1@0x10),
C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: !C3(250@17 mwait.3@0x20), !C2(500@1 mwait.1@0x10),
C1(1000@1 mwait.1), PSS
acpipwrres0 at acpi0: PUBS, resource for USB0, USB2, USB4, EHC0, EHC1
acpitz0 at acpi0: critical temperature is 127 degC
acpitz1 at acpi0: critical temperature is 100 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
"PNP0A08" at acpi0 not configured
acpicmos0 at acpi0
"ATM1200" at acpi0 not configured
acpibat0 at acpi0: BAT0 model "92P1137" serial  8820 type LION oem "SANYO"
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0
acpidock0 at acpi0: GDCK not docked (0)
acpivideo0 at acpi0: VID_
acpivout0 at acpivideo0: LCD0
acpivideo1 at acpi0: VID_
bios0: ROM list: 0xc/0x1! 0xd/0x1a00 0xd1a00/0x1000
0xe/0x1!
cpu0: Enhanced SpeedStep 1829 MHz: speeds: 1833, 1333, 1000 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel GM965 Host" rev 0x0c
inteldrm0 at pci0 dev 2 function 0 "Intel GM965 Video" rev 0x0c
drm0 at inteldrm0
intagp0 at inteldrm0
agp0 at intagp0: aperture at 0xe000, size 0x1000
inteldrm0: apic 1 int 16
"Intel GM965 Video" rev 0x0c at pci0 dev 2 function 1 not configured
uhci0 at pci0 dev 26 function 0 "Intel 82801H USB" rev 0x03: apic 1 int 20
uhci1 at pci0 dev 26 function 1 "Intel 82801H USB" rev 0x03: apic 1 int 21
ehci0 at pci0 dev 26 function 7 "Intel 82801H USB" rev 0x03: apic 1 int 22
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Intel EHCI root hub" rev
2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 82801H HD Audio" rev 0x03: msi
azalia0: codecs: Analog Devices AD1984, Conexant/0x2bfa, using Analog
Devices AD1984
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 82801H PCIE" rev 0x03: apic 1 int 20
pci1 at ppb0 bus 2
ppb1 at pci0 dev 28 function 1 "Intel 82801H PCIE" rev 0x03: apic 1 int 21
pci2 at ppb1 bus 3
wpi0 at pci2 dev 0 function 0 "Intel PRO/Wireless 3945ABG" rev 0x02: msi,
MoW2, address 00:1c:bf:d5:c3:2e
ppb2 at pci0 dev 28 function 2 "Intel 82801H PCIE" rev 0x03: apic 1 int 22
pci3 at ppb2 bus 4
bge0 at pci3 dev 0 function 0 "Broadcom BCM5787M" rev 0x02, BCM5754/5787 A2
(0xb002): msi, address 00:0a:e4:c9:a2:bc
brgphy0 at bge0 phy 1: BCM5787 10/100/1000baseT PHY, rev. 0
ppb3 at pci0 dev 28 function 3 "Intel 82801H PCIE" rev 0x03: apic 1 int 23
pci4 at ppb3 bus 5
ppb4 at pci0 dev 28 function 4 "Intel 82801H PCIE" rev 0x03: apic 1 int 20
pci5 at ppb4 bus 13
uhci2 at pci0 dev 29 function 0 "Intel 82801H USB" rev 0x03: apic 1 int 16
uhci3 at pci0 dev 29 function 1 "Intel 82801H USB" rev 0x03: apic 1 int 17
uhci4 at pci0 dev 29 function 2 "Intel 82801H USB" rev 0x03: apic 1 int 18

Re: VLAN or aliases or? best way to isolate untrustable hosts in a small network

[Christian Weisgerber]

On 2020-02-05, Janne Johansson  wrote:

>> # /etc/hostname.vlan101
>> description 'WLAN attached untrusted hosts'
>> inet 192.168.156.0/24 255.255.255.0 vlandev run0
>
> VLANs and wifi sounds like a non-starter.

Yep, if you're building your access point with OpenBSD.

More generally, though, any AP in the business segment has support
for multiple SSIDs that can be assigned to different VLANs on the
Ethernet side.

-- 
Christian "naddy" Weisgerber  na...@mips.inka.de

Re: VLAN or aliases or? best way to isolate untrustable hosts in a small network

[Janne Johansson]

Den ons 5 feb. 2020 kl 13:07 skrev Denis :

> I've made two VLANs to automatically assign random IPs from a pool by
> dhcpd:
>

[...]


> # /etc/hostname.vlan101
> description 'WLAN attached untrusted hosts'
> inet 192.168.156.0/24 255.255.255.0 vlandev run0
>

VLANs and wifi sounds like a non-starter.

-- 
May the most significant bit of your life be positive.

rtbuf 0.2.2

[Thomas de Grivel]

rtbuf is a minimalistic real time modular synthesis framework in pure C99.

it supports OpenBSD sndio and now Linux too through Portaudio.

to run
./rtbuf test_synth

please contact me if you are interested in developing high quality
real time applications under a BSD license.

https://github.com/kmx-io/rtbuf

-- 
 Thomas de Grivel
 kmx.io

Re: VLAN or aliases or? best way to isolate untrustable hosts in a small network

[Christian Weisgerber]

Denis, I suspect the fundamental problem is that you don't understand
what VLANs are.  There should be a lot of articles about this topic
on the net; maybe somebody here can recommend a good one.

-- 
Christian "naddy" Weisgerber  na...@mips.inka.de

Re: sndio programming question

[Peter J. Philipp]

Hi,

I originally wrote this program around 5 years ago and didn't know it was in
this bad state.  So disregard debugging this for now, I'm fixing it up.  I 
think I'm very close to getting it to work.  For the size of the program, I 
wasn't thinking at the time, maybe I'll better post just an URL to the 
program next time.

Best Regards,
-peter

Re: VLAN or aliases or? best way to isolate untrustable hosts in a small network

[Denis]

Hi Christian,

I've made two VLANs to automatically assign random IPs from a pool by dhcpd:

# /etc/hostname.vlan100
description 'LAN attached untrusted hosts'
inet 192.168.155.0/24 255.255.255.0 vlandev em0

# /etc/hostname.vlan101
description 'WLAN attached untrusted hosts'
inet 192.168.156.0/24 255.255.255.0 vlandev run0

Going to filter access from these VLANs by PF.

My 'real' LAN and WLAN _trusted_ devices get IPs from preregistered MACs
in /etc/dchpd.conf. No free IP registration is available for _trusted_
devices.

For _untrusted_ devices I'd like to set IPs by dhcpd from address pools
vlan100 192.168.155.2 192.168.155.200, and
vlan101 192.168.156.2 192.168.156.200

# echo 'dhcpd_flags="em0 run0 vlan100 vlan101' >> rcctl.conf.local
# . rc.conf.local

Added address ranges for vlan100 and vlan101 to /etc/dhcpd.conf and
restarted daemon.

DHCPd tries to assign address for _untrusted_ from real subnet with no
free leases available instead from vlan100 or vlan101 pool provided.

How do you set IPs for your trusted/untrusted devices using dhcpd?

Could you share your dhcpd.conf setup for vlans you're using?

Thanks,
Denis

On 2/4/2020 8:03 PM, Christian Weisgerber wrote:
> On 2020-02-03, Denis  wrote:
> 
>> Some hosts should be limited in internet access and/or local access or
>> simply be restricted in some way because they are untrusted.
>>
>> I'm looking for a possibility to isolate untrusted inside LAN using any
>> approach applicable. How do people isolate undesirable hosts in their
>> networks?
> 
> Put hosts with different trust requirements into different networks
> at the IP level, connected to a central gateway where you can easily
> permit/deny traffic between them.  Use VLANs to separate the IP
> networks.
> 
> For example, my home network is split into three networks:
> 
> * Trusted hosts.  These are allowed to initiate traffic to the
>   Internet and to the other networks.
> 
> * Untrusted hosts with outside access.  These are allowed to initiate
>   traffic to the Internet at large, but not to the other networks.
>   This is mostly my wi-fi.  Also a RIPE Atlas probe.
> 
> * Untrusted hosts without outside access.  These cannot initiate
>   traffic to any destination outside their network.  Includes my
>   printer and the SIP phone[1] for my "landline".
> 
> That's three vlan(4) interfaces on my gateway, which provides basic
> DHCP/SLAAC, DNS, NTP services on all of them and has a small pf(4)
> ruleset to enforce the restrictions above about who can start talking
> to whom.
> 
> 
> [1] A SIP phone that is not allowed to talk to the outside may seem
> surprising, but it only needs to talk to siproxd on the gateway,
> and siproxd is required for NAT traversal anyway.
> 

accessing fe80::%if inet6 in browser - small success

[mailinglists]

Hello,

I recently managed to find an ISP that could provide IPv6 for my company, 
unfortunately this was a custom config = expensive and they have no 
implementation expernence = bad idea.

Long story short they delivered a /56 on their router port (local ethernet 
segment), no way to firewall/route the traffic. If you are getting inet6 
pay more attention than I did to how your connectivity will be delivered. If 
you need to firewall/route the traffic make sure you get an interconnection 
network global unicast or link-local in between their router and yours.

A week after this I got a new network printer that does not need internet 
access and that should only be accessible on the local ethernet segment.

Simple: I just use the printer's default link-local fe80:: address.
Problems: Most software such as Firefox or CUPS do not accept the %if 
link-scope specifier.
I tried to somehow deliver it using unbound, create a route without %if, try to 
manually insert the address without %if using ndp, url encode the %if,
all failed.

After about 3 hours I also tried the following:

echo 'fe80::aced:bead:beef:code%em0 printer.local' >> /etc/hosts

and now I can access the config page using printer.local using Firefox.

Hope this is helpful, Dimitrios

sndio programming question

[Peter J. Philipp]

Hi,

I have made a small program to read out MIDI commands for my Numark iDJLive II,
DJ mixer (USB).  I got rid of all my Apple software on Apple Hardware and there
I had used Algoriddim DJ Pro software to take commands from this mixer.

I pretty well made a crossfader and menu out of curses to make something like
it and did some reverse engineering to get the controls for the MIDI output
of the iDJLive II equipment.  Granted not everyone has this hardware so I'm
trying my best to explain what I'm doing by giving the source code of this.

Basically the program works with 2 childs, where one child is the foreground
and does the curses and input output to the mixer and the other child waits
for commands passed to it via a shared memory (mmap).  I can't manage to
get it to make a sound when I select a song on the right play pad (#2), the
worst I hear is just a small pop of the speakers and then silence so I'm
doing something wrong.  Let me explain the program lines and then I'll paste
the program itself maybe someone who is experienced with music and sndio can
help me a little?

lines
263-282 - set up the mmap's for 100 MB each (this is both sides of the cross
fader)
283 - is where it forks and the child continues on to waiting instructions to
play what's in the mmap

299 - indicates where I'M having some problems feeding data to sio_setpar()
the data stems from data gotten through getheader() which parses
WAV files and placed at offset 2 on the mmap.

The action at this point is really in the child and I don't know what I'm
doing wrong so lines 283 through 340 which is in a continuous loop.  Obviously
the program isn't finished but I was hoping I'd pad out the rest when I'd get
something playing on #2 at least.

If you do have this equipment and start it, wiggle the crossfader a little for
it to flash the leds for a while and then it will list any .WAV's to be selected
with the "push" button, the "browse" buttons will select the songs of which 
only #2 is currently programmed to do anything.

If I get this equipment working, I have another DJ mixer which is more portable
that has different MIDI commands that I still need to sit down on and figure
out.  But I figured I'd make one work first before working on the other.

Thanks for any hints regarding the playing of the WAV, the program follows, it
gets built with:

cc -g -o numark numark.c -lsndio -lcurses

Regards,
-peter

 1  /* 
 2   * Copyright (c) 2020 Peter J. Philipp
 3   * All rights reserved.
 4   *
 5   * Redistribution and use in source and binary forms, with or without
 6   * modification, are permitted provided that the following conditions
 7   * are met:
 8   * 1. Redistributions of source code must retain the above copyright
 9   *notice, this list of conditions and the following disclaimer.
10   * 2. Redistributions in binary form must reproduce the above copyright
11   *notice, this list of conditions and the following disclaimer in 
the
12   *documentation and/or other materials provided with the 
distribution.
13   * 3. The name of the author may not be used to endorse or promote 
products
14   *derived from this software without specific prior written 
permission
15   *
16   * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17   * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 
WARRANTIES
18   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 
DISCLAIMED.
19   * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20   * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 
BUT
21   * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 
USE,
22   * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23   * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24   * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 
USE OF
25   * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26   * 
27   */
28  
29  #include 
30  #include 
31  #include 
32  
33  #include 
34  #include 
35  #include 
36  #include 
37  #include 
38  #include 
39  
40  #include 
41  #include 
42  #include 
43  
44  
45  
46  
47  
48  #define INQUIRESTRING   "\xF0\x7E\x00\x06\x01\xF7" /* MMC device 
enquiry */
49  #define INQUIRESTRINGLEN6
50  
51  #define HUNDREDMB   (100 * 1024 * 1024)
52  
53  #define MIDI_NOTEON 0x90
54  #define MIDI_NOTEOFF0x80
55  
56  #define BUTTON_DOWN 0x90
57  #define BUTTON_UP   0x80
58  #define FADER   0xb0
59  
60  #define NUMARK_DEVICE_2E_LEFTVOLUME 0x8
61  #define NUMARK_DEVICE_2E_RIGHTVOLUME0x9
62  #define NUMARK_DEVICE_2E_CRO