Re: managed switches and carp

[tony sarendal]

 My issue is that the managed switches we currently use (chosen before
 I arrived...) suppress traffic from 'duplicate' MAC addresses, clamped
 for a minimum of 300s.  Both fw* think they're master.

 Which managed switch brands behave right with carp, allowing traffic from
 carp source addresses on multiple ports without duplicate suppression?

duplicate suppression, makes the lack of per-vlan mac-address tables
sound like a feature.

Get switches with per-vlan mac-address tables, even old cisco 3500 has this.

/Tony

--
Tony Sarendal - [EMAIL PROTECTED]
IP/Unix
   -= The scorpion replied,
   I couldn't help it, it's my nature =-

Annoying echoes in console DRAC III/XT on DELL Poweredge

[Xavier Milliès-Lacroix]

Hello,

I 'm trying to install OBSD 3.8 on a Dell Poweredge 750 server using the Card
DRAC III/XT (provides remote console/screen).
But each time a ket is pushed I have the letter repetead on the console.
I have put the last firmware for the DRAC Card.

I have search by didn't find any answer 

I can't install remotely OBSD !

Do you have already met this issue ?

Is it a java problem (the remote access is done via http and a java virtual
machine) ?

Xavier.

Re: ipsec question

[Hans-Joerg Hoexer]

yes, you can.  You need to encrypt traffic from/to your laptop to
0.0.0.0/0.  So instead of using your gw address, use 0.0.0.0/0.

HJ.

On Thu, Dec 01, 2005 at 08:00:38AM +0100, raff wrote:
 Hi,
 I have wireless connection between my machine and router/gateway.
 I can set up ipsec connection betwen them if i'm connecting directly to
 gw machine, but is it possible to encrypt traffic between those when i'm
 connecting to internet via gw ?
 
 host--gw--internet
 |   |
 '---|---'
   ipsec
 
 thanks in advance.

Re: managed switches and carp

[Christopher Vance]

On Thu, Dec 01, 2005 at 08:08:27AM +, tony sarendal wrote:

Which managed switch brands behave right with carp, allowing traffic from
carp source addresses on multiple ports without duplicate suppression?


duplicate suppression, makes the lack of per-vlan mac-address tables
sound like a feature.

Get switches with per-vlan mac-address tables, even old cisco 3500 has this.


Both firewalls are on all vlans, and I want both firewalls to be able
use the same source MAC address (a separate address per vlan, but
shared by both firewalls) and see each other's carp multicasts.

Even with per-vlan tables, I need CARP source addresses to be an
exception (although Cisco will think they are V*RP).

--
Christopher Vance

Re: managed switches and carp

[tony sarendal]

On 01/12/05, Christopher Vance [EMAIL PROTECTED] wrote:
 On Thu, Dec 01, 2005 at 08:08:27AM +, tony sarendal wrote:
  Which managed switch brands behave right with carp, allowing traffic from
  carp source addresses on multiple ports without duplicate suppression?
 
 duplicate suppression, makes the lack of per-vlan mac-address tables
 sound like a feature.
 
 Get switches with per-vlan mac-address tables, even old cisco 3500 has this.

 Both firewalls are on all vlans, and I want both firewalls to be able
 use the same source MAC address (a separate address per vlan, but
 shared by both firewalls) and see each other's carp multicasts.

 Even with per-vlan tables, I need CARP source addresses to be an
 exception (although Cisco will think they are V*RP).


I use carp, hsrp, routers with same mac-address on all vlan interfaces,
cases where the same mac-address goes different ways in the network
depending on which vlan it is on.

Even on old 3500 it works.

/Tony

--
Tony Sarendal - [EMAIL PROTECTED]
IP/Unix
   -= The scorpion replied,
   I couldn't help it, it's my nature =-

Weird traffic

[Tomaz Markelj]

Hello all,

I just put OpenBSD 3.8 (fresh install) on my IBM Netfinity 3000 server, and
I'm experiencing some funny things.

When the connection is idle (no torrent traffic, no msn,ftp and so on),
pings from my country servers are ok:


From a Windows workstation behind NAT:

Reply from 193.2.1.66: bytes=32 time=12ms TTL=57
Reply from 193.2.1.66: bytes=32 time=12ms TTL=57
Reply from 193.2.1.66: bytes=32 time=11ms TTL=57


When there is some traffic (torrent - seeding some OSS), but the line is not
full l, I get from a Winbox (dl: 30kb/s, ul: 40kb/s -on a 4mbit/512kbit ADSL
line):

Reply from 193.2.1.66: bytes=32 time=182ms TTL=57
Reply from 193.2.1.66: bytes=32 time=84ms TTL=57
Reply from 193.2.1.66: bytes=32 time=188ms TTL=57
Reply from 193.2.1.66: bytes=32 time=73ms TTL=57
Reply from 193.2.1.66: bytes=32 time=11ms TTL=57
Reply from 193.2.1.66: bytes=32 time=15ms TTL=57
Reply from 193.2.1.66: bytes=32 time=107ms TTL=57

Pings get even higher if there are more connection even up to 2000ms (like
some hick-ups), It doesn't matter what kind of transfer speed it is.
Occasionaly I even get a request timed out. When I use MSN voice conference,
voice signal gets broken and so on...

I didn't change any major settings on the OpenBSD 3.8 Generic box, just set
up pf.conf for a nat and ip.forwarding=1 in sysctl.

# netstat -m
136 mbufs in use:
127 mbufs allocated to data
3 mbufs allocated to packet headers
6 mbufs allocated to socket names and addresses
65/142/6144 mbuf clusters in use (current/peak/max)
352 Kbytes allocated to network (46% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines

What should I do? I didn't experience this on a previous Linux box.

Thank you for your answers!

Re: Weird traffic

[Tomaz Markelj]

Just addon:

From OpenBSD box i get (when traffic)


64 bytes from 193.2.1.66: icmp_seq=12 ttl=58 time=34.828 ms
64 bytes from 193.2.1.66: icmp_seq=13 ttl=58 time=60.581 ms
ping: sendto: No buffer space available
ping: wrote 193.2.1.66 64 chars, ret=-1
ping: sendto: No buffer space available
ping: wrote 193.2.1.66 64 chars, ret=-1
64 bytes from 193.2.1.66: icmp_seq=14 ttl=58 time=3221.489 ms
64 bytes from 193.2.1.66: icmp_seq=17 ttl=58 time=705.169 ms


-Original Message-
From: Tomaz Markelj [mailto:[EMAIL PROTECTED] 
Sent: Thursday, December 01, 2005 12:15 PM
To: 'misc@openbsd.org'
Subject: Weird traffic

Hello all,

I just put OpenBSD 3.8 (fresh install) on my IBM Netfinity 3000 server, and
I'm experiencing some funny things.

When the connection is idle (no torrent traffic, no msn,ftp and so on),
pings from my country servers are ok:


From a Windows workstation behind NAT:

Reply from 193.2.1.66: bytes=32 time=12ms TTL=57
Reply from 193.2.1.66: bytes=32 time=12ms TTL=57
Reply from 193.2.1.66: bytes=32 time=11ms TTL=57


When there is some traffic (torrent - seeding some OSS), but the line is not
full l, I get from a Winbox (dl: 30kb/s, ul: 40kb/s -on a 4mbit/512kbit ADSL
line):

Reply from 193.2.1.66: bytes=32 time=182ms TTL=57
Reply from 193.2.1.66: bytes=32 time=84ms TTL=57
Reply from 193.2.1.66: bytes=32 time=188ms TTL=57
Reply from 193.2.1.66: bytes=32 time=73ms TTL=57
Reply from 193.2.1.66: bytes=32 time=11ms TTL=57
Reply from 193.2.1.66: bytes=32 time=15ms TTL=57
Reply from 193.2.1.66: bytes=32 time=107ms TTL=57

Pings get even higher if there are more connection even up to 2000ms (like
some hick-ups), It doesn't matter what kind of transfer speed it is.
Occasionaly I even get a request timed out. When I use MSN voice conference,
voice signal gets broken and so on...

I didn't change any major settings on the OpenBSD 3.8 Generic box, just set
up pf.conf for a nat and ip.forwarding=1 in sysctl.

# netstat -m
136 mbufs in use:
127 mbufs allocated to data
3 mbufs allocated to packet headers
6 mbufs allocated to socket names and addresses
65/142/6144 mbuf clusters in use (current/peak/max)
352 Kbytes allocated to network (46% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines

What should I do? I didn't experience this on a previous Linux box.

Thank you for your answers!

Re: Weird traffic

[Tomaz Markelj]

I connect my OpenBSD box to the internet wia PPPoE

# ifconfig -a
lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33224
groups: lo
inet 127.0.0.1 netmask 0xff00
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:06:29:73:4e:0d
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.0.1 netmask 0xff00 broadcast 192.168.0.255
inet6 fe80::206:29ff:fe73:4e0d%fxp0 prefixlen 64 scopeid 0x1
rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:30:4f:22:fe:aa
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 193.77.34.220 netmask 0x broadcast 193.77.34.220
inet6 fe80::230:4fff:fe22:feaa%rl0 prefixlen 64 scopeid 0x2
pflog0: flags=0 mtu 33224
pfsync0: flags=0 mtu 1348
enc0: flags=0 mtu 1536
tun0: flags=8011UP,POINTOPOINT,MULTICAST mtu 1492
groups: egress
inet 193.77.34.220 -- 213.250.19.90 netmask 0x
gif0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1280
groups: gif
physical address inet 193.77.34.220 -- 212.18.63.73
inet6 fe80::206:29ff:fe73:4e0d%gif0 -  prefixlen 64 scopeid 0x9
inet6 2001:15c0:65ff:2::2 - 2001:15c0:65ff:2::1 prefixlen 128
inet6 2001:15c0:6600::1 -  prefixlen 64

# dmesg
OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III (GenuineIntel 686-class) 697 MHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,
SSE
real mem  = 536453120 (523880K)
avail mem = 482594816 (471284K)
using 4278 buffers containing 26927104 bytes (26296K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 05/10/00, BIOS32 rev. 0 @ 0xfd801
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf1c60/176 (9 entries)
pcibios0: PCI Interrupt Router at 000:02:0 (Intel 82371FB ISA rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x5800
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x03
ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 1 function 0 S3 Trio3D AGP rev 0x01
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 2 function 0 Intel 82371AB PIIX4 ISA rev 0x02
pciide0 at pci0 dev 2 function 1 Intel 82371AB IDE rev 0x01: DMA, channel
0 wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 ignored (disabled)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: LITEON, CD-ROM LTN403, DU26 SCSI0 5/cdrom
removable
atapiscsi1 at pciide0 channel 1 drive 1
scsibus1 at atapiscsi1: 2 targets
cd1 at scsibus1 targ 0 lun 0: HL-DT-ST, CD-RW GCE-8526B, 1.00 SCSI0
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
cd1(pciide0:1:1): using PIO mode 4, Ultra-DMA mode 2
uhci0 at pci0 dev 2 function 2 Intel 82371AB USB rev 0x01: irq 14
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
Intel 82371AB Power rev 0x02 at pci0 dev 2 function 3 not configured
fxp0 at pci0 dev 3 function 0 Intel 82557 rev 0x05, i82558: irq 14,
address 00:06:29:73:4e:0d
inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 0
rl0 at pci0 dev 16 function 0 Realtek 8139 rev 0x10: irq 10 address
00:30:4f:22:fe:aa
rlphy0 at rl0 phy 0: RTL internal phy
ahc1 at pci0 dev 20 function 0 Adaptec AHA-2940U2 U2 rev 0x00: irq 9
scsibus2 at ahc1: 16 targets
sd0 at scsibus2 targ 5 lun 0: IBM-PSG, DNES-309170W !#, SAHR SCSI3
0/direct fixed
sd0: 8678MB, 11474 cyl, 5 head, 309 sec, 512 bytes/sec, 17774160 sec total
ahc1: target 6 using 8bit transfers
ahc1: target 6 using asynchronous transfers
sd1 at scsibus2 targ 6 lun 0: IBM-PSG, KATANA 9 WLS!#, 08J8 SCSI3 0/direct
fixed
sd1: 8678MB, 13816 cyl, 4 head, 321 sec, 512 bytes/sec, 17774160 sec total
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
sysbeep0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask fbe5 netmask ffe5 ttymask ffe7
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
ahc1: target 5 using 16bit transfers
ahc1: target 5 synchronous at 40.0MHz, offset = 0x1e
dkcsum: sd0 

Re: Weird traffic

[Stuart Henderson]

--On 01 December 2005 12:45 +0100, Tomaz Markelj wrote:


I connect my OpenBSD box to the internet wia PPPoE

rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
inet 193.77.34.220 netmask 0x broadcast 193.77.34.220
tun0: flags=8011UP,POINTOPOINT,MULTICAST mtu 1492
inet 193.77.34.220 -- 213.250.19.90 netmask 0x


I don't use pppoe so I'm not sure, but I think pppoe runs on a nic 
which doesn't have an address assigned. Certainly you have the same 
address on two interfaces (tun0 and rl0) which will cause problems. Try 
echo up  /etc/hostname.rl0.

Re: Weird traffic

[Stuart Henderson]

..also you might want to look at pppoe(4) man 4 pppoe which is 
kernel-ppp, which has less overhead than pppoe(8).

Sendmail X License, is it free enough?

[Paul Covello]

I was wondering what the powers-that-be think of the new sendmail X license, 
now that it has been released.


Is it free enough that it may be supported in a future version of OpenBSD?  
Or should I look to an alternative?


Thanks

--- Paul.

Re: Weird traffic

[Tomaz Markelj]

I changed the rl0 inet ip to 10.0.0.1 so it's not the same, but:


64 bytes from 193.2.1.66: icmp_seq=10 ttl=58 time=107.013 ms
ping: sendto: No buffer space available
ping: wrote 193.2.1.66 64 chars, ret=-1
ping: sendto: No buffer space available
ping: wrote 193.2.1.66 64 chars, ret=-1
64 bytes from 193.2.1.66: icmp_seq=11 ttl=58 time=2558.682 ms
64 bytes from 193.2.1.66: icmp_seq=14 ttl=58 time=707.560 ms
64 bytes from 193.2.1.66: icmp_seq=15 ttl=58 time=791.174 ms
64 bytes from 193.2.1.66: icmp_seq=16 ttl=58 time=494.244 ms
64 bytes from 193.2.1.66: icmp_seq=17 ttl=58 time=443.673 ms
64 bytes from 193.2.1.66: icmp_seq=18 ttl=58 time=211.206 ms
64 bytes from 193.2.1.66: icmp_seq=19 ttl=58 time=333.058 ms
64 bytes from 193.2.1.66: icmp_seq=20 ttl=58 time=217.886 ms
--- 193.2.1.66 ping statistics ---
21 packets transmitted, 19 packets received, 9.5% packet loss


193.2.1.66 is a very very stable box...

This still happens

Lep pozdrav,
Markelj Toma

-Original Message-
From: Stuart Henderson [mailto:[EMAIL PROTECTED] 
Sent: Thursday, December 01, 2005 12:56 PM
To: Tomaz Markelj
Cc: misc@openbsd.org
Subject: Re: Weird traffic

..also you might want to look at pppoe(4) man 4 pppoe which is 
kernel-ppp, which has less overhead than pppoe(8).

Endpoint security solution for Windows Systems based in OpenBSD

[Diego Fernando Nieto Moreno]

Hello,

Greetings from Colombia

in 
http://force.coresecurity.com/index.php?module=articlesfunc=displayptid=10catid=39aid=16

I found an Interesting Article about a Endpoint security solution for Windows 
where their Firewall is Based in OpenBSD PF.

It's can be a reference for the Products Based in OpenBSD page in 
http://www.openbsd.org/products.html

Sincerely,


Diego Fernando Nieto Moreno
---
www.compumundohypermegared.org

pfctl cannot allocate memory for using spamd w/ Table for CBL

[Paul Pruett]

suggestions?

since upgrading to openbsd 3.8
I noted my spamd was not blocking, looked closer and with me
using the CBL table (huge) trying
spamd-setup gave this response:
  pfctl Cannot allocate memory

The spamd is loading okay so long as I don't use a whopper
table like the CBL,
rsync://rsync.cbl.abuseat.org/cbl/list.txt

I have a gig of memory on the server in question, and it was the
generic i386 kernel



True on 3.6 and 3.7 I used a kernel compiled with options,
so it could be just the generic kernel...

I'm going to compile a custom kernel on platform and see if it fares 
better.   any suggestions on kernel options for large pf Tables?


typically i have added these options to the generic.

OPTION   GATEWAY
OPTION   DUMMY_NOPS

Re: Endpoint security solution for Windows Systems based in OpenBSD

[Stuart Henderson]

--On 01 December 2005 05:02 -0800, Diego Fernando Nieto Moreno wrote:


http://force.coresecurity.com/index.php?module=articlesfunc=display;
ptid=10catid=39aid=16


The firewall is a Windows port of OpenBSD's Packet Filter (PF)
that's just sick..!

Re: disk encryption on login

[wtf]

 a. what is svnd? (srry :x)

The Vnode disk driver. See man vnd.


 2. what fs is mountable and dynamic in size?
your suggesting mounting each seperate users home on login, though this
 would (based on all of my knowledge of current filesystems) that it
 would have to be of a static size.  for quotas this would be fine, but
 id imagine a lot of people wont like this.

Its not dynamic. You have to decide on a fixed size. You can probably
resize it with growfs on demand. As for some time, the size limit was on
8,2G, but according to a documentation that was posted at undeadly.org,
this limitation doesn't exist anymore. I haven't verified it myself,
though.

http://www.backwatcher.org/writing/howtos/obsd-encrypted-filesystem.html
http://geektechnique.org/index.php?id=84

I don't know of any way to keep stuff encrypted transparently and using
the filesystem as usual without leaking information.


 c. your going to make a passwd change transparent as well?  not many do,
 but i for one do change my password every 90 days, and having the key for
 my home re-keyed/re-encrypted im not going to remember.

The idea is to use a random 16 byte key for the disk encryption, which is
itself encrypted with your login password. Thus you can pass your password
on login and have your $HOME mounted without issuing any additional
commands. You can change your password anytime, just don't forget to do
that for your disk key as well. Nobody will modify passwd because of that
stuff.


 4. must ensure not to umount if im still logged in?  BUT i for one do not
 want my home to remain mounted if someone has su'd as me.  and how will
 this work if someone sets utmp/wtmp o-rwx.

su uses login_cap, thus it should be handled like any other login for this
kind of users. As of utmp: root is looking it up, so this should be no
problem at all.


 ... i disavowed any questions of root access, as per the theory of; if
 homes are encrypted, root should not require access to homes, and thus
 will never be used on *public* boxes (shell companies in particular)

Disk encryption will make most sense on notebooks and backup machines,
where you want protection in case the device is stolen. As long as you're
logged in, everybody can access the directories due to the  permissions
set.


 oh, where is the code you have 'now' that you said? id really like to view

By now, I only have the binary for key-creation, key-encryption and
password changing on the key. I'd like to wait for some more feedback
before I do more. Be patient.




 On Thu, 1 Dec 2005 01:48:12 +0100 (CET), [EMAIL PROTECTED] wrote:
 Hi guys,

 I thought about a way of de-/encrypting home-directories transparently
 to
 users. I've got a vague idea how to realize this in a reasonable way:

 * Generate a key, associate it with a new svnd-image, prepare the image
 * Encrypt the key with the users login password, store it in /home
 * On login, decrypt the key with the password
 * Pass the decrypted key to vnconfig and mount the image on $HOME

 This has some consequences, like
 - creating a new login facility login_decrypt (or sth. similar)
 - writing a program for keyfile/image generation and password changing
 - modify vnconfig to read keys from other sources than stdin

 Since I already got some code, it might be smart to ask now for some
 feedback before heading into a completely wrong direction.
 There are probably better ways to accomplish this, so generally opinions
 regarding the issue would be cool.

Re: Endpoint security solution for Windows Systems based in OpenBSD

[Murali Raju]

I agree. This falls under the philosophy the more secure the machines
out there in the wild (even if it is a ghastly thing known as
Windows), the better off I we are. If they use OpenBSD based
technologies to help with security more power to them.

_Raju

On 12/1/05, Nick Holland [EMAIL PROTECTED] wrote:
 On Thu, Dec 01, 2005 at 01:18:41PM +, Stuart Henderson wrote:
  --On 01 December 2005 05:02 -0800, Diego Fernando Nieto Moreno wrote:
 
  http://force.coresecurity.com/index.php?module=articlesfunc=display;
  ptid=10catid=39aid=16
 
  The firewall is a Windows port of OpenBSD's Packet Filter (PF)
  that's just sick..!

 sick, perhaps, but that is the purpose of the BSD license.
 Would you rather they reinvent the wheel badly, or base it on something
 well written?  Hopefully, the more platforms PF gets ported to
 (somehow, I think in the case of Windows, ported should go in quotes),
 probably the better off the world is...

 Nick.




--
May the packets be with you.

Re: Endpoint security solution for Windows Systems based in OpenBSD

[Theo de Raadt]

http://force.coresecurity.com/index.php?module=articlesfunc=display;
ptid=10catid=39aid=16
 
  The firewall is a Windows port of OpenBSD's Packet Filter (PF)
  that's just sick..!

I wanted to make one point about this.

pf is a small part of the whole system they are making available, or
of the effort they went through.  After all they had to write a heck
of a lot of code to interface to undocumented guts of Windows.

In the end, it is not a PF for Windows.  It is a much more complicated
thing than that, so you have to read more about it.

Re: RELEASE BUG - ami0: timeout ccb 1

[J.C. Roberts]

On Wed, 30 Nov 2005 23:06:18 -0500, Alex Kirk [EMAIL PROTECTED] wrote:

 The first thing I need to do is test patches for Marco. After we know
 things work correctly with normal hardware and firmware, then I can
 satisfy my curiosity and go mucking about with the firmware to see what
 happens. If you see a puff of blue smoke coming from my place, cross
 your fingers and hope that I still have a few more lives left. ;-)

I realize it's only been three days, but have you had any interesting 
results so far? 

*usually* I'm a bit quicker when it comes to testing but I got slowed
down by the OpenBSD CVS server outage. None the less, I tested the 11/29
snapshot yesterday and sent the results to Marco off list. -I've
appended that message below if you're curious.

My MegaRAID i4 card just came in the mail today, and given 
the contents of this thread, I'm a bit concerned about installing it in a 
production environment (i.e. the server that's sending this mail). Normally 
I would just wait and see, but unfortunately, I'm between a rock and a hard 
place here, as the disk my /home partition lives on started to fail on me 
yesterday (uncorrectable data error messages during fsck after a power 
outage).

I'm hoping that, since my setup is not identical to yours, I'll be OK for 
the time being. Given the following configuration:

Unlike you, I'm not in a rush and I've got the hardware to test stuff
safely and completely.

If something goes dreadfully wrong on your box, you can always use 3.7
with the i4 for the time being and later upgrade to 3.8 -stable when
this issue gets resolved.

Kind Regards,
JCR



---Message-Sent-To-Marco-Yesterday---

Well, I got the 11/29 snapshot downloaded and burnt to CD but no luck on
getting the i4 machine to boot.

There are two significant changes in the dmesg. (1) The geometry of the
LOGICAL drive on the MegaRAID i4 card, sd0,  is now showing up
differently than before. 

3.8-RELEASE
sd0: 718113MB, 91546 cyl, 255 head, 63 sec, 512 bytes/sec, 1470695424
sec total

SNAPSHOT
sd0: 718113MB, 718113 cyl, 64 head, 32 sec, 512 bytes/sec, 1470695424
sec total

(2) The second major change is timeout ccb code reported has changed
from 1 to 126 i.e.

3.8-RELEASE
ami0: timeout ccb 1

SNAPSHOT
ami0: timeout ccb 126

There are two bits of weirdness I've encountered. The first is the
floppy drive just refuses to be used as a boot device anymore. BIOS
settings for it are fine and I tried three different drives and cables.
I also tried multiple boot diskettes which worked fine on other systems
(oth OpenBSD floppyB38.fs and DOS 6.22).

The other weird thing I noticed is when Quick Boot is disabled in the
BIOS and the system actually counts the RAM, only 512MB of RAM shows up.
The system has 2GB RAM installed. The board (SuperMicro P6DGE) supports
2GB but I'm not sure if the BIOS was written to actually test/count that
high since it would take quite a while. -Or of course, the other
possibility is I've got bad ram. I kinda doubt it but still...

Anyhow, dmesg's are below. If there's something more I can do to help
with debugging this, please let me know.

Thanks for all the help.

JCR

p.s. I've got what may turn out to be a cheap source for these cards
(new). Would you like one?

- * - * - * - * - * - * - * - * - * - * - * - *- * - * - *
First DMESG with Quick Boot disabled.

Z# tip unix9600
connected
 OpenBSD/i386 BOOT 2.10
boot
booting fd0a:/bsd: 4416996+740044=0x4eb1f8
entry point at 0x100120

Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights
reserved.
Copyright (c) 1995-2005 OpenBSD. All rights reserved.
http://www.OpenBSD.org

OpenBSD 3.8-current (RAMDISK_CD) #908: Tue Nov 29 02:42:52 MST 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: Intel Pentium III (GenuineIntel 686-class) 1.01 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem  = 547397632 (534568K)
avail mem = 493662208 (482092K)
using 4278 buffers containing 27471872 bytes (26828K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 01/15/99, BIOS32 rev. 0 @
0xfdb60
apm0 at bios0: Power Management spec V1.2
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI BIOS has 9 Interrupt Routing table entries
pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371AB PIIX4 ISA
rev 0x00)
pcibios0: PCI bus #2 is the last bus
WARNING: can't reserve area for BIOS PROM.
bios0: ROM list: 0xc/0x8800 0xcc000/0x1200
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82440BX AGP rev 0x00
ppb0 at pci0 dev 1 function 0 Intel 82440BX AGP rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 Matrox MGA G400/G450 AGP rev 0x82
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
pcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x02
pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 

Re: esm(4) support

[Marco Peereboom]

No that was a weird one out that uses i2c instead.

On Dec 1, 2005, at 12:31 AM, Lars Hansson wrote:


On Wed, 30 Nov 2005 14:53:04 -0600
Marco Peereboom [EMAIL PROTECTED] wrote:


I am talking stuff like PowerEdge 2100, 2200, 4100, 4200 etc.


Does 1550 count?

---
Lars Hansson

Multiple IP's thru DHCP on a single NIC

[turha turha]

Hi!

I'm trying to find out if it's possible to get multiple IP's using DHCP to a
single NIC.

The reason for this is that I have a small network, which I want to connect
to Internet thru an ADSL, the IP's on this ISP are dynamic, so DHCP must be
used. Reason for getting multiple IP's is so that I could use one IP for the
OBSD box itself and for NATting most of the traffic, and getting the extra
IP's for doing binat to some of the PC's in the local LAN.

I did find a few questions like this in some archives, but they lacked a
response, so I was hoping someone here might be able to help me out.

Also, related to this, OBSD doesn't create an additional virtual interface
when using aliases for an IP, is it possible to create an extra interface ?
The reason for this is so that in pf.conf I could use the interface name in
parenthesis, so when the DHCP changes one of the IP's pf configuration
updates automatically.

Does anybody know the reasoning behind not creating a virtual interface ?

Any answers would help, even if they are incomplete, it might steer me into
the right direction, so thanks in advance to anybody willing to help.

Re: Endpoint security solution for Windows Systems based in OpenBSD

[eric]

On Thu, 2005-12-01 at 13:18:41 +, Stuart Henderson proclaimed...

 The firewall is a Windows port of OpenBSD's Packet Filter (PF)
 that's just sick..!

Why is that sick? Are you some open source evangelist who can't see the
benefits of bringing the technology in OpenBSD to the masses?

Re: RELEASE BUG - ami0: timeout ccb 1

[J.C. Roberts]

On Wed, 30 Nov 2005 23:28:53 -0600, Marco Peereboom [EMAIL PROTECTED]
wrote:

Please try this kernel and report back to me.
http://www.peereboom.us/bsd.ami

This is a backport of the pass-through work around for older cards  
based on 3.8-stable..

I added a temporary IDE disk to the system and did a simple install of
3.8-Release on it while the MegaRAID i4 card was unplugged.

Using the new kernel above did not solve i4 the problem (dmesg over
serial below).

Would moving the i4 card and drives to an entirely different machine be
a worthwhile test? 

Thanks,
JCR


--dmesg--

Z# tip unix9600
connected
 OpenBSD/i386 BOOT 2.10
boot
booting hd0a:/bsd: 4805248+939504 [52+247280+228802]=0x5eedcc
entry point at 0x100120

[ using 476508 bytes of bsd ELF symbol table ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights
reserved.
Copyright (c) 1995-2005 OpenBSD. All rights reserved.
http://www.OpenBSD.org

OpenBSD 3.8-stable (GENERIC) #1: Wed Nov 30 23:24:56 CST 2005
[EMAIL PROTECTED]:/usr/src/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III (GenuineIntel 686-class) 1.01 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem  = 2147065856 (2096744K)
avail mem = 1953157120 (1907380K)
using 4278 buffers containing 107454464 bytes (104936K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 01/15/99, BIOS32 rev. 0 @
0xfdb60
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI BIOS has 9 Interrupt Routing table entries
pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371AB PIIX4 ISA
rev 0x00)
pcibios0: PCI bus #2 is the last bus
WARNING: can't reserve area for BIOS PROM.
bios0: ROM list: 0xc/0x8800 0xcc000/0x1200
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82440BX AGP rev 0x00
ppb0 at pci0 dev 1 function 0 Intel 82440BX AGP rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 Matrox MGA G400/G450 AGP rev 0x82
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x02
pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: WDC AC26400B
wd0: 16-sector PIO, LBA, 6149MB, 12594960 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 disabled (no drives)
uhci0 at pci0 dev 7 function 2 Intel 82371AB USB rev 0x01: irq 10
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
Intel 82371AB Power rev 0x02 at pci0 dev 7 function 3 not configured
emu0 at pci0 dev 13 function 0 Creative Labs SoundBlaster Live rev
0x04: irq 9
ac97: codec id 0x54524103 (TriTech Microelectronics TR28023)
audio0 at emu0
Creative Labs PCI Gameport Joystick rev 0x01 at pci0 dev 13 function 1
not configured
em0 at pci0 dev 15 function 0 Intel PRO/1000T (82544GC) rev 0x02: irq
5, address: 00:02:b3:96:0c:df
ami0 at pci0 dev 16 function 0 AMI MegaRAID rev 0x02: irq 11 AMI
511/64b/lhc
ami0: FW N661, BIOS v1.01, 16MB RAM
ami0: 4 channels, 0 FC loops, 1 logical drives
scsibus0 at ami0: 40 targets
sd0 at scsibus0 targ 0 lun 0: AMI, Host drive #00,  SCSI2 0/direct
fixed
sd0: 718113MB, 91546 cyl, 255 head, 63 sec, 512 bytes/sec, 1470695424
sec total
scsibus1 at ami0: 16 targets
ami0: command not accepted, polling disabled
scsibus2 at ami0: 16 targets
scsibus3 at ami0: 16 targets
scsibus4 at ami0: 16 targets
ppb1 at pci0 dev 20 function 0 vendor Hint, unknown product 0x0021 rev
0x13
pci2 at ppb1 bus 2
Matrox MGA G400/G450 AGP rev 0x85 at pci2 dev 0 function 0 not
configured
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
sysbeep0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
lm0 at isa0 port 0x290/8: W83781D
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom0: console
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask ed45 netmask ed65 ttymask fde7
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
dkcsum: wd0 matches BIOS drive 0x80
ami0: timeout ccb 1
ami0: timeout ccb 1
ami0: timeout ccb 1
ami0: timeout ccb 1
ami0: timeout ccb 1
~
[EOT]
Z#

Re: disk encryption on login

[Alexander Farber]

On 12/1/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
 As for some time, the size limit was on
 8,2G, but according to a documentation that was posted at undeadly.org,
 this limitation doesn't exist anymore. I haven't verified it myself,
 though.

A 140 gig file seems to work fine here:

gate:afarber {387} df
Filesystem  1K-blocks  Used Avail Capacity  Mounted on
...
/dev/svnd0c 137742452  36681848  9417348228%/home/samba

Re: RELEASE BUG - ami0: timeout ccb 1

[J.C. Roberts]

On Wed, 30 Nov 2005 23:28:53 -0600, Marco Peereboom [EMAIL PROTECTED]
wrote:

Please try this kernel and report back to me.
http://www.peereboom.us/bsd.ami

This is a backport of the pass-through work around for older cards  
based on 3.8-stable..

Now this is very strange... As you can see in the dmesg I just posted
after waiting five minutes or so to at least get five of the ami0:
timeout ccb 1 messages, I terminated the serial tip session used to
capture the dmesg.

After posting the dmesg, I looked over at the monitor actually attached
to the system and sure enough, it was sitting at a login prompt?

I can log into the system just fine?

Intentionally logging in as root, results in no further timeout
messages.

Though there is a single logical volume defined via the i4 bios, the
volume has never actually been used. Is there any particular tests I can
run for you?

jcr

Re: #define failure opportunity

[Bruno S. Delbono]

Lars Hansson wrote:

On Wed, 30 Nov 2005 19:37:48 -0500
Steve Shockley [EMAIL PROTECTED] wrote:



Like HP?  Of course, I wouldn't pay for their level of OpenSSH support.



The level of support, or lack thereof, is not issue. It's not really about
getting any kind of support at all.
It's all about (middle) management covering their backs and making sure
there's someone outside the company to blame when the shit hits the fan.
You pay someone to be your scapegoat.
It's a sad state of affairs but that's how it often is.


I do not mean to insult anyone but I just want to chime in here and say 
that even though I am very grateful to have OpenSSH, SSH.com's product 
is not bad.


The commercial version supports a lot of different complex environments, 
does more and therefore costs more. For example, there might be many 
here who may not want X.509 certs in LDAP/OCSP for network 
authentication but there are sites that do. Overall, SSH.coms' support 
is good and their product rock solid (the same for OpenSSH).


My 2 cents.

-Bruno

Re: managed switches and carp

[Henning Brauer]

* Christopher Vance [EMAIL PROTECTED] [2005-12-01 06:50]:
 My issue is that the managed switches we currently use (chosen before
 I arrived...) suppress traffic from 'duplicate' MAC addresses, clamped
 for a minimum of 300s.  Both fw* think they're master.

wow. what fucked up equipment is that? tell us so we can avoid it :)

 Which managed switch brands behave right with carp, allowing traffic from
 carp source addresses on multiple ports without duplicate suppression?

I am using pretty much the setup you describe with extreme summits 
without problems. there's even a few older cisco crappies in the mix.

-- 
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: Running dhclient on carp if

[Julian Smith]

On Thu, 01 Dec 2005 00:23:27 -0500
Jean-Christophe Sicard [EMAIL PROTECTED] wrote:

 Hi misc,
 
 I'm trying to setup a pair of carp'ed firewalls on a cablemodem 
 connection with a single dhcp'ed IP.
 The carp setup was a breeze on the internal interfaces where I have free 
 reing on IPs, but, not unexpectedly, the dhcp IP is proving a to be 
 challenge!
 Searching around the archives, man pages and google turned up pretty 
 much only one other such attempt with no conclusiv solution...
 
 My plan is/was to basically setup carp on my external interfaces with 
 carpdev, and then just run dhclient on the external carp interfaces on 
 both firewalls, which should give them the same IPs as they are 
 requesting for the same virtual MAC...

Just in case anyone responds to this, could they reply to the list? I'd
like to know of a way to do this too.

- Julian

-- 
http://www.op59.net/

Re: RELEASE BUG - ami0: timeout ccb 1

[Marco Peereboom]

Let's take this of misc@ since it s generating too much noise.

If there are other folks that are interested in progress on this send me an
email off list.

On Thu, Dec 01, 2005 at 08:27:04AM -0800, J.C. Roberts wrote:
 On Wed, 30 Nov 2005 23:28:53 -0600, Marco Peereboom [EMAIL PROTECTED]
 wrote:
 
 Please try this kernel and report back to me.
 http://www.peereboom.us/bsd.ami
 
 This is a backport of the pass-through work around for older cards  
 based on 3.8-stable..
 
 Now this is very strange... As you can see in the dmesg I just posted
 after waiting five minutes or so to at least get five of the ami0:
 timeout ccb 1 messages, I terminated the serial tip session used to
 capture the dmesg.
 
 After posting the dmesg, I looked over at the monitor actually attached
 to the system and sure enough, it was sitting at a login prompt?
 
 I can log into the system just fine?
 
 Intentionally logging in as root, results in no further timeout
 messages.
 
 Though there is a single logical volume defined via the i4 bios, the
 volume has never actually been used. Is there any particular tests I can
 run for you?
 
 jcr

install 3.8 on hppa using lif38.fs

[Jimmy Scott]

Hello,

I tried to install a few machines with OpenBSD/hppa 3.8 without success.

In the past I installed them with OpenBSD 3.6, switched them the hard
way to use the serial console (using machine) and threw away the
horrible big and noisy (and compatible :/) screens.

When I boot the lif38.fs image, the boot prompt appears (where I can
still enter some commands), the kernel boots, ask me to install or
upgrade, and this is where I got stuck. I could not enter anything. I
tried booting with a keyboard attached to the HIL or PS/2 (depending on
machine) without success (still using rs232 as console).

I tried using lif36.fs to verify if this ever worked, and it did.
Is there something new not mentioned in the INSTALL file I should know
about? or any solutions to fix the netboot? Maybe I overlooked
something.

The machines I've tried:
9000/715/64
9000/712/80
9000/712/100

Kind regards,
Jimmy Scott

console/dmesg log from a 9000/712/80:

BOOT_ADMIN Information

Processor revision 2.4100MHz
Instruction Cache Size:  131072
Data Cache Size: 131072
Memory Size:  128 MB
Built in floating point coprocessor
Board Serial Number 401105L1MV

BootRom Version2.2

auto boot on
auto search off
fastboot off

Primary boot path:scsi.6.0
Alternate boot path:  lan.00-00.0.0
Console path: rs232.9600.8.none

LAN Station Addresses: 080009-7DFA86
   080009-FF


BOOT_ADMIN boot lan isl

Booting


 OpenBSD/hppa BOOT 0.8
boot
booting lf0a:/bsd: 2084864+454656+2666496+389120=0x6d9148
SPID bits: 0x0, error = -2
pdc_coproc: 0xc0, 0xc0; model d rev 1
[ bsd ELF symbol table not valid: symtab unaligned ]
[ no symbol table formats found ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights
reserved.
Copyright (c) 1995-2005 OpenBSD. All rights reserved.
http://www.OpenBSD.org

OpenBSD 3.8 (RAMDISK) #275: Sat Sep 10 17:22:17 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/hppa/compile/RAMDISK
HP 9000/712/100 (King Gecko) PA-RISC 1.1c
real mem = 134217728 (524288 reserved for PROM, 8785920 used by OpenBSD)
avail mem = 108199936
using 8421 buffers containing 13393920 bytes of memory
mainbus0 (root) [flex fff8]
pdc0 at mainbus0
power0 at mainbus0: DR25
mem0 at mainbus0 offset ffbf000: viper rev 0, size 128MB
cpu0 at mainbus0 offset ffbe000 irq 31: PCXL L1-A 100MHz, FPU PCXL
(CMOS-26B) rev 1
cpu0: 128K(32b/l) Icache, 128K(32b/l) wr-back Dcache, 64 coherent TLB, 8
BTLB
lasi1 at mainbus0 offset 50 irq 27: rev 3.0
lasi0 at mainbus0 offset 10 irq 28: rev 3.0
gsc0 at lasi0
gsckbc0 at gsc0 offset 8100 irq 26
gsckbc1 at gsc0 offset 8000 irq 26
floppy controller at gsc0 (type a sv 83 mod 1 hv d0) offset a000 not
configured
Advanced audio (ext.) at gsc0 (type a sv 7b mod 1 hv d0) offset 4000
not configured
lpt0 at gsc0 offset 2000 irq 7
com0 at gsc0 offset 5000 irq 5: ns16550a, 16 byte fifo
ie0 at gsc0 offset 7000 irq 8: LASI/i82596CA v1.0, address
08:00:09:7d:fa:86
osiop0 at gsc0 offset 6000 irq 9: NCR53C710 rev 2, 40MHz, SCSI ID 7
scsibus0 at osiop0: 8 targets
osiop0: target 6 now using 8 bit 10 MHz 8 REQ/ACK offset xfers
sd0 at scsibus0 targ 6 lun 0: QUANTUM, EMPIRE_1080S, 1242 SCSI2
0/direct fixed
sd0: 1029MB, 2874 cyl, 8 head, 91 sec, 512 bytes/sec, 2109376 sec total
sti0 at mainbus0 offset 800 irq 11: HPA208LC1280 rev 8.04;7, ID
0x2B4DED6D40A00499
sti0: 2048x1024 frame buffer, 1280x1024x8 display, offset 0x0
sti0: 8x16 font type 1, 16 bpc, charset 0-255
gsc1 at lasi1
com1 at gsc1 offset 5000 irq 5: ns16550a, 16 byte fifo
biomask 0xb netmask 0x2b ttymask 0x3f
boot path: 2/0/2.1.be8a0050.8dd1dd7b.74ee3403.ac15.ac100128
class=4098 flags=0 hpa=0xf0107000 spa=0x0 io=0x84ec
rd0: fixed, 5120 blocks
wsdisplay0 at sti0 mux 1
wsdisplay0: screen 0 added (default, vt100 emulation)
rootdev=0x300 rrootdev=0x900 rawdev=0x902
WARNING: clock gained 81 days -- CHECK AND RESET THE DATE!
erase ^?, werase ^W, kill ^U, intr ^C, status ^T
(I)nstall, (U)pgrade or (S)hell?

--
The Four Horsemen of the Apocalypse: Death, Famine, War, and SNMP

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: Booting very slow when using CompactFlash adapters

[Martín Coco]

Nick,

First of all, thanks for all your input!

My comments below:

Nick Holland escribis:

Martmn Coco wrote:


Hi there,

We are beginning to do some tests with Compact Flash IDE adapters and 
OpenBSD 3.8.


We installed the OpenBSD 3.8 using a SanDisk 1.0GB CompactFlash on a 
Pentium 4 (dmesg at the end of this message). The installation finished 
flawlessly. But when booting, it seems to take ages to boot. The last 
time we checked, it took about 55 minutes for it to finish booting. Once 
it has booted, all the speed issues seem to disappear.



whoa.
Flash isn't as fast as disk...but..not 55 minutes!

Where is it spending its time?


We went through the BIOS to find anything related to PIO or DMA, but 
found nothing suitable.



Nah.  I run OpenBSD on lots of machines without DMA, boot time is hardly
any different.


We tried the very same card with a VIA Chipset and it worked like a 
charm, we couldn't tell the difference from booting from a normal HD.



ok, good media, good install.  Good test. :)



Any input on this will be greatly appreciated :)

Thanks,
Martmn.

I attach the dmesg of the machine that seems to be having problems when 
booting:


OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 2.40GHz (GenuineIntel 686-class) 2.42 GHz


...

pciide0 at pci0 dev 31 function 1 Intel 82801EB/ER IDE rev 0x02: DMA, 
channel 0 configured to compatibility, channel 1 configured to compatibility

pciide0: channel 0 disabled (no drives)


   ^


wd0 at pciide0 channel 1 drive 0: SanDisk SDCFB-1024
wd0: 1-sector PIO, LBA, 977MB, 2001888 sectors
wd0(pciide0:1:0): using PIO mode 4, DMA mode 2


...

I see one oddity and another POSSIBLE explanation...

The oddity is you have the flash on the SECOND disk channel.  That
should work, but a buggy BIOS might get in the way.



I tried to move it to the first channel, but the speed problem was still 
there when booting:


...

wd0 at pciide0 channel 0 drive 0: SanDisk SDCFB-1024
wd0: 1-sector PIO, LBA, 977MB, 2001888 sectors
wd0(pciide0:0:0): using PIO mode 4, DMA mode 2
pciide0: channel 1 disabled (no drives)

...


The other POSSIBLE explanation is really a stretch, but it is so good
and explains things so well (fortunately, you didn't give details of
what part of the boot process took the time :), I gotta mention it:

I see you have a P4.  Could the heat sink have fallen off/not been
mounted properly?  Supposedly, the P4 will slow itself down when it
overheats.  IF the heat sink were not on at all (or a tiny air gap
existed), the thing would probably reach critical temp within a couple
seconds of power-on, and slow to an absolute crawl.  The kernel is
loaded by the BIOS, so until the kernel was completely loaded.  At that
point, OpenBSD would be halting the processor when it was idle, and it
would probably stay cool enough to keep running at respectable speed.

Yeah, that's a wacko explanation, but it fits the facts so far (I think.
 I live in a P4-free house, so I can't test this theory).  I fixed a P3
machine over the phone that did the P3 version of the same problem
(started to boot, then froze, as P3's hang, rather than go glacial).
Blew a good service call by doing that. :)



It is a really good theory :), but as I mentioned before, the install on 
this machine went flawlessy, this meaning that when we boot from the 
floppy, no speed issues were encountered. We only get slow speeds when 
booting from the CompactFlash.




Assuming those two ideas are not worth they electrons they were written
on, next test would be to try an ordinary HD in this machine.

Next thing I'd like to see is a running commentary on what's on the
screen at, say, every five or ten minute intervals, so we can get some
idea where the slow-down is, and what is going on in the machine at each
point.  Booting is fairly complicated, a combination of ROM, boot
loaders, OS and hardware...lots of places for things to go wrong.
However, never heard of this one before...



I'm not sure of what you mean by this. When you boot the box, first the 
boot prompt takes a while to appear. Even the part that says using 
disk 0 partition 3 (or something like that) is slow. When you get to 
the boot prompt, and you hit enter, you start to get the /-\|... 
progress indicator, going rally slow, but one can tell that some 
progress is being done, and that is why we left it to see how much it 
took to boot. For 55, 56 minutes, it's the same thing, and then the 
kernel is load and everything seems to start to work fine. The speed 
issue seems to disappear, so it's definitely a BIOS thing or something 
like that.


I will use this CompactFlash in the VIA System to move on with the 
upgrade, and will try to do some more tests, but I really don't know how 
could I continue testing, other than upgrading the mobo's firmware (it's 
a Gigabyte board), but I really don't 

Re: disk encryption on login

[dreamwvr]

I thought about a way of de-/encrypting home-directories transparently to
users. I've got a vague idea how to realize this in a reasonable way:

* Generate a key, associate it with a new svnd-image, prepare the image
* Encrypt the key with the users login password, store it in /home
* On login, decrypt the key with the password
* Pass the decrypted key to vnconfig and mount the image on $HOME
This has some consequences, like
- creating a new login facility login_decrypt (or sth. similar)
- writing a program for keyfile/image generation and password changing
- modify vnconfig to read keys from other sources than stdin

Since I already got some code, it might be smart to ask now for some
feedback before heading into a completely wrong direction.
There are probably better ways to accomplish this, so generally opinions
regarding the issue would be cool.
  
All the best,

/Markus
Markus,
If the key used to decrypt some $USER is their password. It might be
useful to centralize via the master.passwd db. No extra file
needed in the $USER $HOME. eg: .hushlogin like scenario.
Then we add a switch in 'passwd' switches to enable this feature
something like -K is used with kerberos. Say --encrhome whatever..
So it uses say getpwent() to get pwd for comparison. Then
if there is a exact_match we decrypt the user's $HOME image.
otherwise it does not bother doing anything like that..
(I might be missing something as well since it was a late night..)
Since if they know the password they are in anyhow.
It would definately be a nice to have ability.

Best Regards,
[EMAIL PROTECTED]

Re: Booting very slow when using CompactFlash adapters

[Ted Unangst]

On 11/30/05, Martmn Coco [EMAIL PROTECTED] wrote:
 We installed the OpenBSD 3.8 using a SanDisk 1.0GB CompactFlash on a
 Pentium 4 (dmesg at the end of this message). The installation finished
 flawlessly. But when booting, it seems to take ages to boot. The last
 time we checked, it took about 55 minutes for it to finish booting. Once
 it has booted, all the speed issues seem to disappear.

 We went through the BIOS to find anything related to PIO or DMA, but
 found nothing suitable.

 We tried the very same card with a VIA Chipset and it worked like a
 charm, we couldn't tell the difference from booting from a normal HD.

only from what i've read, i recall reading about flash cards that
didn't like being accessed in certain ways (too small or too large
reads) that resulted in very slow performance.  the bootloader uses
bios calls to work its magic, and maybe some bioses work a little
differently.  just speculation.

Re: disk encryption on login

[Ted Unangst]

On 12/1/05, dreamwvr [EMAIL PROTECTED] wrote:
  I thought about a way of de-/encrypting home-directories transparently to
  users. I've got a vague idea how to realize this in a reasonable way:
  
  * Generate a key, associate it with a new svnd-image, prepare the image
  * Encrypt the key with the users login password, store it in /home
  * On login, decrypt the key with the password
  * Pass the decrypted key to vnconfig and mount the image on $HOME
  This has some consequences, like
  - creating a new login facility login_decrypt (or sth. similar)
  - writing a program for keyfile/image generation and password changing
  - modify vnconfig to read keys from other sources than stdin
  
  Since I already got some code, it might be smart to ask now for some
  feedback before heading into a completely wrong direction.
  There are probably better ways to accomplish this, so generally opinions
  regarding the issue would be cool.
  
  All the best,
  /Markus
 Markus,
 If the key used to decrypt some $USER is their password. It might be
 useful to centralize via the master.passwd db. No extra file
 needed in the $USER $HOME. eg: .hushlogin like scenario.

you want a different key for the disk and the user, otherwise the user
can never change their password.

Re: disk encryption on login

[Zachery Hostens]

he is saying use a random key for the disk.  and encrypt this key with your 
password.  so changing your account password you just have to re-encrypt the 
disk key.

kind of like your passwd protected gpg private key.

- Zac


On Thu, 1 Dec 2005 11:14:59 -0800, Ted Unangst [EMAIL PROTECTED] wrote:
 On 12/1/05, dreamwvr [EMAIL PROTECTED] wrote:
  I thought about a way of de-/encrypting home-directories transparently
 to
  users. I've got a vague idea how to realize this in a reasonable way:
  
  * Generate a key, associate it with a new svnd-image, prepare the
 image
  * Encrypt the key with the users login password, store it in /home
  * On login, decrypt the key with the password
  * Pass the decrypted key to vnconfig and mount the image on $HOME
  This has some consequences, like
  - creating a new login facility login_decrypt (or sth. similar)
  - writing a program for keyfile/image generation and password changing
  - modify vnconfig to read keys from other sources than stdin
  
  Since I already got some code, it might be smart to ask now for some
  feedback before heading into a completely wrong direction.
  There are probably better ways to accomplish this, so generally
 opinions
  regarding the issue would be cool.
  
  All the best,
  /Markus
 Markus,
 If the key used to decrypt some $USER is their password. It might be
 useful to centralize via the master.passwd db. No extra file
 needed in the $USER $HOME. eg: .hushlogin like scenario.
 
 you want a different key for the disk and the user, otherwise the user
 can never change their password.

Re: Problem with Realtek 8139 in very old machine

[Ted Unangst]

put it in a different slot.

On 12/1/05, Giancarlo Razzolini [EMAIL PROTECTED] wrote:
 Hi Folks,

First of all, i would like to congratulate all the openbsd developers,
 because it's a very good OS. I'm a newcomer, from the Linux world,
 precisely slackware. I haven't found much problem adapting myself to
 OpenBSD, thankful to the excelent man pages, FAQ's, HOWTO's and mailing
 list archives, like this.

Now, to the problem:
I'm building a firewall solution to my home network on top of OpenBSD.
 The machine that i'm using is a very old Pentium 133Mhz, with only 40MB
 of RAM (EDO), 4 PCI ports and 5 ISA ports. I do have my VGA card (a
 trident TGUI) on one PCI, and a Realtek 8139 os other PCI port. The
 problem that i'm having is that i managed to install openbsd correctly,
 and it detects my ethernet card correctly, but it can initializate the
 device. As i don't have network, i can't put a full dmesg here, but it
 is something like this that shows to me:

 rl0 XXX no interrupt for pin A
 : couldn't map interrupt

The rl(4) man page only says that it is A fatal initialization error
 has occurred. I did some homework and found some guys saying to
 deactivate plug and play (my BIOS don't have this, instead i deactivated
 auto irq mappings), other guys saying to deactivate the serial ports.
 I've done these both, with no success. I've even replaced the card for
 one that i was sure that was working, with no success. If any of you
 gurus have some hint for this, i would be vary glad. Perhaps, deactivate
 the automatic detection, and passing some arguments to the kernel. I
 don't know. A, by the way, my BIOS only let me to assign IRQ's 14 or 15
 to the PCI port where the Realtek is. 14 is currently used for my IDE
 controller. I know that the ethernet card can share the same IRQ with
 the IDE controller, but i don't know if the other way arround is true.
 And if i force some IRQ, my machine doesn't even pass the BIOS checks,
 and freezes.

 Thanks in advance,
 --
 Giancarlo Razzolini
 Linux User 172199
 Moleque Sem Conteudo Numero #002
 Slackware Current
 Snike Tecnologia em Informatica
 4386 2A6F FFD4 4D5F 5842  6EA0 7ABE BBAB 9C0E 6B85

Re: Endpoint security solution for Windows Systems based in OpenBSD

[Sean Comeau]

On Thu, Dec 01, 2005 at 01:18:41PM +, Stuart Henderson wrote:
 --On 01 December 2005 05:02 -0800, Diego Fernando Nieto Moreno wrote:
 
 http://force.coresecurity.com/index.php?module=articlesfunc=display;
 ptid=10catid=39aid=16
 
 The firewall is a Windows port of OpenBSD's Packet Filter (PF)
 that's just sick..!
 

agreed, if by 'sick' you mean 'really awesome'

Re: disk encryption on login

[Ted Unangst]

On 12/1/05, Zachery Hostens [EMAIL PROTECTED] wrote:
 he is saying use a random key for the disk.  and encrypt this key with your 
 password.  so changing your account password you just have to re-encrypt the 
 disk key.

oh, like putting it in the gecos field?  that'd be kinda cool.

Re: disk encryption on login

[aktivists]

  I thought about a way of de-/encrypting home-directories transparently to
  users. I've got a vague idea how to realize this in a reasonable way:
Excally I would like to see it in way, that when OpenBSD boots up, you must
enter encryption password, and then everything mounts etc.
Of course there are
dirty hack's but this should be `out of box`.

This would be the coolest thing
to se in OpenBSD.

Advertisement:

Jauna SkodaOctavia
LABAKIE LEMUMI TEVI IEPRIECINA!
Cena sakot no 12650 eiro
http://www.skoda.lv/

Newsletter della 48� settimana 2005

[Borghi Toscani News]

[IMAGE]

[IMAGE]

Borghi Toscani | E - mail | Registrati | Inserisci un locale | Meteo |
News

[IMAGE]

NUOVI
INSERIMENTI

Newsletter della 48B0 settimana 2005

LINK
CONSIGLIATI

Borgo Dolciano

LAST MINUTE IN TOSCANA

OFFERTE SOGGIORNI IN TOSCANA

LAST MINUTE FIRENZE

NEW WEB SITE ABETONE.COM

MULTIPASS ABETONE

[IMAGE]

Cottage Vecoli

Offerte Last minute Abetone

SCARICA I DESKTOP DI DICEMBRE

abetone.com
[IMAGE]

borghitoscani.com
[IMAGE]

Sanvincenzo.com
[IMAGE]

Arcipelagotoscano.com
[IMAGE]

News, eventi e manifestazioni in Toscana questa settimana

Data

Evento

Tipologia

30/11/2005

Olio novo e gusti d'autunno IMPRUNETA

(Sagre e Fiere)

30/11/2005

Fiera di S. Andrea CARRARA

(Sagre e Fiere)

01/12/2005

Porretta Cinema PORRETTA TERME

(Cinema)

01/12/2005

Impruneta Natale

(Sagre e Fiere)

02/12/2005

Mercatino dell'avvento ABETONE

(Mercatini)

02/12/2005

Festa dell'olio novo CASTELNUOVO B.GA

(Sagre e Fiere)

03/12/2005

Festa dellolio 2005 S.QUIRICO D'ORCIA

(Feste Paesane)

03/12/2005

Bagni a natale BAGNI DI LUCCA

(Mercatini)

03/12/2005

Mercatino di via Montebuoni IMPRUNETA

(Mercatini)

03/12/2005

Premio Poesia CittC  di Fucecchio

(Mostre)

04/12/2005

Collezionisti in piazza SCARPERIA

(Mercatini)

04/12/2005

Mastro Geppetto al Giardino degli Agrumi PESCIA

(Mostre)

04/12/2005

Sagra Castagnaccio CANTAGALLO

(Sagre e Fiere)

04/12/2005

Fiera alla stazione CHIUSI

(Sagre e Fiere)

05/12/2005

Suoni e sapori dalla Fortezza da Basso FIRENZE

(Mostre)

06/12/2005

Fiera di natale AREZZO

(Feste Paesane)

06/12/2005

Antica fiera di Carmignano

(Folklore)

07/12/2005

Festa di Suvereto e Sagra del cinghiale SUVERETO

(Feste Paesane)

08/12/2005

Festa dell' olio 2005 S.QUIRICO D'ORCIA

(Feste Paesane)

08/12/2005

Frittella dolce CANTAGALLO

(Feste Paesane)

08/12/2005

Bruschettata di Belforte RADICONDOLI

(Feste Paesane)

08/12/2005

Bagni a natale BAGNI DI LUCCA

(Mercatini)

08/12/2005

Mercatino di artigianato Arti e mestieri FUCECCHIO

(Mercatini)

08/12/2005

Mercatini di Natale PALAZZUOLO SUL SENIO

(Mercatini)

08/12/2005

Artigianando FUCECCHIO

(Mercatini)

08/12/2005

Mercatino dell'avvento FIUMALBO

(Mercatini)

09/12/2005

Mercatino dell'avvento ABETONE

(Mercatini)

escursioni toscana

FESTA DELL' OLIO 2005

Settembre lucchesePROGRAMMA FESTA DELLbOLIO 2005 (SAN QUIRICO DbORCIA
SIENA)

Sabato 3 dicembre
Ore 10.00 apertura stand
16.00 Centro storico- Spettacolo

Festa dell' olio 2005

Raccolta delle informazioni e Registrazione ai servizi
Piramedia srl, in qualitC  di titolare del trattamento, Ti informa che i
dati personali che ci avrai fornito, volontariamente o automaticamente
attraverso i nostri portali, saranno trattati, con il tuo consenso allo
scopo di trasmetterti i servizi da te richiesti. In particolare ti
verranno inviate tramite posta elettronica o sms, informative o offerte a
carattere commerciale o pubblicitario, inerenti al Turismo. Ti verranno
inviate inoltre comunicazioni circa modifiche, miglioramenti, o
cambiamenti dei servizi da noi proposti. In coda ad ognuno di questi
messaggi sarC  sempre presente il modo perchC) tu possa rimuovere i tuoi
dati dal nostro archivio.
Piramedia srl, non raccoglierC  in nessun modo dati ritenuti sensibili e
si impegna a non utilizzare i tuoi dati, o cederli a terzi, per finalitC 
che siano diverse da quelle qui sopra elencate.
Formula di acquisizione del consenso dell'interessato.
Il/la sottoscritto/a, acquisite le informazioni fornite dal titolare del
trattamento ai sensi dell'articolo 13 del D.Lgs. 196/2003, l'interessato:
- presta il suo consenso al trattamento dei dati personali per i fini
indicati nella suddetta informativa.
- presta il suo consenso per la comunicazione dei dati personali per le
finalitC  ed ai soggetti indicati nell'informativa.
- presta il suo consenso per la diffusione dei dati personali per le
finalitC  e nell'ambito indicato nell'informativa.

DISDETTA
Se non vuoi piC9 ricevere l'edizione gratuita di BorghiToscani.com
clicca su questo link:disdetta

Vecoli

Cottage Vecoli

Tenuta il Cicalino

Centro Velico Naregno

Centro Velico Naregno

Centro Velico Naregno

Tirrenia Ferries

Tirrenia
Ferries

Hotel Le Acacie

Hotel Le Acacie

Hotel Tornese

Madrugada
Travel

Locanda dei Guelfi

Villino Il Magnifico

Villa Elea

Fontecastello

Hotel Massimo

Hotel Alex

A casa di Dante

BB Gilda

Podere Giarlinga

Fonte del Cieco

Ninna Nanna

Campo di Carlo

Hotel La Pergola

Podere Saliciaia

Hotel Galli

Villa Conti

Albergo La Scogliera

Valle Santa Maria

Hotel Fontalleccio

Hotel Il Ponte

Casa del Golfo

Il Viottolo

Hotel Riva del Sole

Hotel Montecristo

Villa Cristina

Ideamare

Agriturismo Rebua

Enoteca Il Salotto

Villa Volpi

Hotel Rex

Belvedere

Domotourist

Casa Mazzoni

Residence L'Oasis

Agriturismo Bonello

La Meridiana

Al Mercato

Abitare In

Villa Parisi

Hotel Corallo

La Concia

Alba Chiara

Cuor di Lupo

Le Vigne di Caldana

Guida ambientale Maddalena Zuddas

MTB Adventure

La 

Re: disk encryption on login

[Alexander Farber]

On 12/1/05, Zachery Hostens [EMAIL PROTECTED] wrote:
 he is saying use a random key for the disk.  and encrypt this key with your 
 password.  so changing your account password you just have to re-encrypt the 
 disk key.

Where will that random disk key be kept?

And isn't user password encrypted one way,
so you won't be able to decrypt the disk key
when changing the user password?

Fully configurable UPS daemon

[Tomaz Markelj]

Hello all!

I've been having problems with setting a NUT ups daemon up, it always says
On Battery (manualy configured the power/line flags, RTS,DCD... - dumb
signaling)

Now i ask the community, is there maybe a fully configurable UPS daemon for
openbsd?


Regards,

Nic problems

[L. V. Lammert]

Had a NIC fail last Monday at a remote site, after a local storm. We have 
had problems with this site before - apparently the building was built on 
the 'cheap' and they didn't do a lot of nice electrical stuff like 
grounding the structure!


When I got there and looked at the server, I found this type of message at 
the start:


Nov 25 16:57:07 Mainserver /bsd: WARNING: mclpool limit reached; increase 
kern.m

axclusters
Nov 25 16:57:07 Mainserver /bsd: dc0: no memory for tx list
Nov 25 16:57:07 Mainserver /bsd: dc0: no memory for tx listdc0:

and finally:

Nov 25 16:59:07 Mainserver /bsd: WARNING: mclpool limit reached; increase 
kern.maxclusters


[Yeah, I know it's a cheap NIC, but we've been using them for years and had 
no problems.]


 Since swapping the NIC fixed the problem, does it make sense this was a 
hardware problem?


 If so, can anyone recommend a NIC available here in the states that 
might be opto-isolated?


Thanks!

Lee

DMESG
==
-bash-3.00$ cat dmesg.boot
OpenBSD 3.6 (SITE-Mainserver) #0: Thu Dec  9 10:10:48 CST 2004
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/SITE-Mainserver
cpu0: AMD Athlon(tm) MP 2100+ (AuthenticAMD 686-class) 1.75 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE

real mem  = 53588 (523112K)
avail mem = 481300480 (470020K)
using 4278 buffers containing 26886144 bytes (26256K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 05/07/04, BIOS32 rev. 0 @ 0xf0010
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf47b0/224 (12 entries)
pcibios0: no compatible PCI ICU found: ICU vendor 0x1106 product 0x3227
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xc000 0xcc000/0x4400!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 vendor VIA, unknown product 0x269 rev 0x80
pchb1 at pci0 dev 0 function 1 vendor VIA, unknown product 0x1269 rev 0x00
pchb2 at pci0 dev 0 function 2 vendor VIA, unknown product 0x2269 rev 0x00
pchb3 at pci0 dev 0 function 3 vendor VIA, unknown product 0x3269 rev 0x00
pchb4 at pci0 dev 0 function 4 vendor VIA, unknown product 0x4269 rev 0x00
pchb5 at pci0 dev 0 function 7 vendor VIA, unknown product 0x7269 rev 0x00
ppb0 at pci0 dev 1 function 0 VIA VT8377 AGP rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 ATI Radeon VE QY rev 0x00
wsdisplay0 at vga1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
dc0 at pci0 dev 14 function 0 Davicom DM9102 rev 0x40: irq 3, address 
00:08:a1:75:83:74

amphy0 at dc0 phy 1: Am79C873 10/100 media interface, rev. 1
pciide0 at pci0 dev 15 function 0 VIA VT8237 SATA rev 0x80: DMA
pciide0: using irq 10 for native-PCI interrupt
wd0 at pciide0 channel 0 drive 0: ST380013AS
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
wd1 at pciide0 channel 1 drive 0: ST380013AS
wd1: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 5
pciide1 at pci0 dev 15 function 1 VIA VT82C571 IDE rev 0x06: ATA133, 
channel 0 configured to compatibility, channel 1 configured to compatibility

atapiscsi0 at pciide1 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: ATAPI, DVD DUAL 8X4X12, B3BC SCSI0 5/cdrom 
removable

cd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide1: channel 1 disabled (no drives)
uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x81: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x81: irq 11
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x81: irq 3
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 16 function 3 VIA VT83C572 USB rev 0x81: irq 3
usb3 at uhci3: USB revision 1.0
uhub3 at usb3
uhub3: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 16 function 4 VIA VT6202 USB 2.0 rev 0x86: irq 10
ehci0: EHCI version 1.0
ehci0: companion controllers, 2 ports each: uhci0 uhci1 uhci2 uhci3
usb4 at ehci0: USB revision 2.0
uhub4 at usb4
uhub4: VIA EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
pcib0 at pci0 dev 17 function 0 VIA VT8237 ISA rev 0x00
auvia0 at pci0 dev 17 function 5 VIA VT8233 AC97 rev 0x60: irq 10
ac97: codec id 0x41445368 (Analog Devices 68)
ac97: codec features headphone, 20 bit DAC, No 3D Stereo
audio0 at auvia0
isa0 

Re: disk encryption on login

[dreamwvr]

On 12/1/05, Zachery Hostens [EMAIL PROTECTED] wrote:
 he is saying use a random key for the disk.  and encrypt this key 
with your
+password.  so changing your account password you just have to 
re-encrypt the

+disk key.

oh, like putting it in the gecos field?  that'd be kinda cool.
Yes, that is the train of thought here..
Markus, by using master.passwd db everything would at
least appear centralized:)
Then add a special class which if the user belongs to gets
te special treatment? (maybe not too complicated..)

 Since master.passwd has 10 fields and that is intentional here is a 
thought. Maybe using  a special pointer like '+' is used for yp in 
master.passwd.

Then have it point to the password/homekey pairing. otherwise
nothing special this way occurs.

 Another thought, add another ':' separated field into master.passwd.
This with the cur key on a per $USER $HOME basis. If it is unpopulated
of does not exist then ignore it for that $USER?

Best Regards,
[EMAIL PROTECTED]

Re: cvsup of OpenBSD-src is old

[Jeremy C. Reed]

Now I tried rt.fm and it is up-to-date. I now have new files.

Maybe someone can go through http://www.openbsd.org/cvsup.html and check 
which servers are up-to-date and either remove or add notes indicating 
this.


 Jeremy C. Reed

 Media Relations and Publishing Services
 http://www.reedmedia.net/

cvsup of OpenBSD-src is old

[Jeremy C. Reed]

I am trying to get the latest OpenBSD HEAD (-current) of the CVS 
repository (RCS ,v files) using cvsup. But it is old.


My retrieved CVSROOT/ChangeLog goes up to 2005/05/03 23:12:53

CVSROOT/config and CVSROOT/options has:

tag=OpenBSD
umask=002
dlimit=49152

Have tried cvsup.jp.OpenBSD.org and cvsup.de.openbsd.org.

cvsup config is:

*default host=cvsup.de.openbsd.org
*default base=/usr
*default prefix=/archive/OpenBSD-CVS
*default release=cvs
*default delete use-rel-suffix
*default compress

#OpenBSD-all
OpenBSD-src
#OpenBSD-www
#OpenBSD-ports
#OpenBSD-x11
#OpenBSD-xf4

How or where can I get the latest?

I have looked at http://www.openbsd.org/cvsup.html and a few examples and 
docs from the mirrors.


Note that I am not using the OpenBSD-provided cvsup client. I am not doing 
this on OpenBSD.


Please carbon-copy me on replies.

 Jeremy C. Reed

 BSD News, BSD tutorials, BSD links
 http://www.bsdnewsletter.com/

Re: Problem with Realtek 8139 in very old machine

[Giancarlo Razzolini]

[EMAIL PROTECTED] wrote:
 A stab in the dark.
 Which card in which slot does matter sometimes
 Possible that the video and the nic do not like each other.
 A firewall implies at least 2 nics. Do you see both?
 Which order?
 
 

In any slot, i have the same problems. I didn't changed the vga card
slot yet, i'll try that. I didn't putted the other nic yet, because i
didn't made one work. It will be another realtek 8139, so, if one works,
the other will be a walk in the park to configure (i hope so).

Thanks,

-- 
Giancarlo Razzolini
Linux User 172199
Moleque Sem Conteudo Numero #002
Slackware Current
Snike Tecnologia em Informatica
4386 2A6F FFD4 4D5F 5842  6EA0 7ABE BBAB 9C0E 6B85

Re: disk encryption on login

[Tobias Ulmer]

On Thu, Dec 01, 2005 at 10:07:28PM +0100, Alexander Farber wrote:
 On 12/1/05, Zachery Hostens [EMAIL PROTECTED] wrote:
  he is saying use a random key for the disk.  and encrypt this key with your 
  password.  so changing your account password you just have to re-encrypt 
  the disk key.
 
 Where will that random disk key be kept?
 
 And isn't user password encrypted one way,
 so you won't be able to decrypt the disk key
 when changing the user password?
 


I have a bit similar setup on my notebook. The key is encrypted to 
myself using gnupg and after sucessful decryption piped to a modified 
version of vnconfig (reads key from stdin, the original version does not 
do this).

Tobias

Re: cvsup of OpenBSD-src is old

[Jason Crawford]

On 12/1/05, Jeremy C. Reed [EMAIL PROTECTED] wrote:
 I am trying to get the latest OpenBSD HEAD (-current) of the CVS
 repository (RCS ,v files) using cvsup. But it is old.

 My retrieved CVSROOT/ChangeLog goes up to 2005/05/03 23:12:53

 CVSROOT/config and CVSROOT/options has:

 tag=OpenBSD
 umask=002
 dlimit=49152

 Have tried cvsup.jp.OpenBSD.org and cvsup.de.openbsd.org.

 cvsup config is:

 *default host=cvsup.de.openbsd.org
 *default base=/usr
 *default prefix=/archive/OpenBSD-CVS
 *default release=cvs
 *default delete use-rel-suffix
 *default compress

 #OpenBSD-all
 OpenBSD-src

Unless I'm mistaken, OpenBSD-src means the actual source code, not the
CVS repository. You want to use OpenBSD-all which will mirror the CVS
repository (the whole thing, not just src).

 #OpenBSD-www
 #OpenBSD-ports
 #OpenBSD-x11
 #OpenBSD-xf4

 How or where can I get the latest?

 I have looked at http://www.openbsd.org/cvsup.html and a few examples and
 docs from the mirrors.

 Note that I am not using the OpenBSD-provided cvsup client. I am not doing
 this on OpenBSD.

 Please carbon-copy me on replies.


Once you change OpenBSD-src to OpenBSD-all, it should work just fine
(but get the 2.5GB CVS repository as a whole).

jason

Re: cvsup of OpenBSD-src is old

[Jason Crawford]

On 12/1/05, Jason Crawford [EMAIL PROTECTED] wrote:
 On 12/1/05, Jeremy C. Reed [EMAIL PROTECTED] wrote:
  I am trying to get the latest OpenBSD HEAD (-current) of the CVS
  repository (RCS ,v files) using cvsup. But it is old.
 
  My retrieved CVSROOT/ChangeLog goes up to 2005/05/03 23:12:53
 
  CVSROOT/config and CVSROOT/options has:
 
  tag=OpenBSD
  umask=002
  dlimit=49152
 
  Have tried cvsup.jp.OpenBSD.org and cvsup.de.openbsd.org.
 
  cvsup config is:
 
  *default host=cvsup.de.openbsd.org
  *default base=/usr
  *default prefix=/archive/OpenBSD-CVS
  *default release=cvs
  *default delete use-rel-suffix
  *default compress
 
  #OpenBSD-all
  OpenBSD-src

 Unless I'm mistaken, OpenBSD-src means the actual source code, not the
 CVS repository. You want to use OpenBSD-all which will mirror the CVS
 repository (the whole thing, not just src).

Oops, I am mistaken, silly little tag keyword changes quite a bit. I
guess it's been a while since I've used anything other than
OpenBSD-all with cvsup

  #OpenBSD-www
  #OpenBSD-ports
  #OpenBSD-x11
  #OpenBSD-xf4
 
  How or where can I get the latest?
 
  I have looked at http://www.openbsd.org/cvsup.html and a few examples and
  docs from the mirrors.
 
  Note that I am not using the OpenBSD-provided cvsup client. I am not doing
  this on OpenBSD.
 
  Please carbon-copy me on replies.
 

 Once you change OpenBSD-src to OpenBSD-all, it should work just fine
 (but get the 2.5GB CVS repository as a whole).

 jason

Re: Endpoint security solution for Windows Systems based in OpenBSD

[Stuart Henderson]

On 2005/12/01 11:40:13, Sean Comeau wrote:
 On Thu, Dec 01, 2005 at 01:18:41PM +, Stuart Henderson wrote:
  --On 01 December 2005 05:02 -0800, Diego Fernando Nieto Moreno wrote:
  
  http://force.coresecurity.com/index.php?module=articlesfunc=display;
  ptid=10catid=39aid=16
  
  The firewall is a Windows port of OpenBSD's Packet Filter (PF)
  that's just sick..!
 
 agreed, if by 'sick' you mean 'really awesome'

awesome: inspiring awe.

awe: A mixed emotion of reverence, respect, dread, and wonder inspired by
authority, genius, great beauty, sublimity, or might.

Ok, I'll go with that (:

Looking at it in more depth, there are parallels with systrace.
Certainly looks interesting and much-needed in the Windows world
where it's often difficult to use a normal system without
Administrator privileges.

Re: Multiple IP's thru DHCP on a single NIC

[turha turha]

On 12/2/05, jared r r spiegel [EMAIL PROTECTED] wrote:

 On Thu, Dec 01, 2005 at 05:36:24PM +0200, turha turha wrote:
  Hi!
 
  I'm trying to find out if it's possible to get multiple IP's using DHCP
 to a
  single NIC.

   without knowing what the specifics of the DHCP-situation on the ISP's
   end is, perhaps a safe assumption is that you're going to need
   different MACs to be the source of the DHCPDISCOVERs/DHCPREQUESTs


I'm pretty sure, that at least if I use two different MAC's I'd get two
different IP's, I might have tested it, but am not sure though.

  a *very* simple solution that will probably Just Work (assuming
   there is nothing on ISP-side that restricts you to just 1 IP, and
 assuming
   your dhclient box can accomodate it) would be to get a little
   hub/switch and use two external NICs in the dhclient box.
   connect each NIC and the CPE to the switch and run dhclient for
   both ifaces.


IMO, that's a bit crappy solution, I did think of that, but since from the
software standpoint what I'm trying to find, at least to my knowledge, is
doable, I'll try to make it work, without 2 external NIC's. Of course the
box only has 2 NIC's, I guess I could buy a third, since they aren't that
expensive, but I'd rather do it with just the two, less cables and all ;-)

 Also, related to this, OBSD doesn't create an additional virtual interface
  when using aliases for an IP, is it possible to create an extra
 interface ?
 
  The reason for this is so that in pf.conf I could use the interface name
 in
  parenthesis, so when the DHCP changes one of the IP's pf configuration
  updates automatically.

   you can still use the interface name in parens regardless of the
   virtual interface whatnot..  perhaps you mean something like, if
   there was a physical NIC, 'fxp0' and two virtual interfaces: fxp0.0
 and
   fxp0.1 you could filter based on simply (fxp0) or (fxp)...
   i thought you could use a macro for ifspec, but either you can't or i'm
   testing wrong:

 

 [/home/jrrs] $ echo X=\fxp0\\npass on \$X all  | pfctl -nvf-
 X = fxp0
 pass on fxp0 all
 [/home/jrrs] $ echo X=\fxp0 lo0\\npass on \$X all  | pfctl -nvf-
 X = fxp0 lo0
 stdin:2: syntax error

 


What I'd need would be like having IF fxp0, with two or more virtual
interfaces, and then using (fxp0.0) and (fxp0.1) kinda stuff in pf.conf,
and this is very related to the last question. What I meant by the reasoning
for not having virtual interfaces was that what's the upside of aliases in
contrast to virtual interfaces. As far as I know, virtual interfaces in this
situation would save the day, ie. I could give different MAC's to different
virtual interfaces and then use dhclient on all the interfaces (virtual or
otherwise) I wanted to, and use the interface names in parenthesis in
pf.conf (again virtual or otherwise).

  if you had two NICs of the same family (err, driver) from the above
 suggestion,
   you could satisfy that with, ieg:

 
 pass on fxp all
 

   provided the only fxp(4)s you had were the externals (eg, if you have
   fxp0, fxp1 for external and fxp2 for internal, that may not be desired,
   however you could put the 'fxp' rules at the top and then specific fxp2
   treatment at the bottom)

  Does anybody know the reasoning behind not creating a virtual interface
 ?

   it's not linux?

   in seriousness, no.  other than seeing that virtual interfaces are not
   created for physical interfaces who exist (maybe they are created
   with extant physical interfaces, eg trunk(4)), but there's no fxp0.0stuff
   that i've come across.

 --

   jared

 [ openbsd 3.8 GENERIC ( oct 30 ) // i386 ]


Thanks for the suggestions though.

Re: Fully configurable UPS daemon

[Tomaz Markelj]

The thing is, I don't have APC ups, so I need something that I could
manually set DUMB signals monitoring on the daemon, NUT didn't work good...


-Original Message-
From: Roy Morris [mailto:[EMAIL PROTECTED] 
Sent: Thursday, December 01, 2005 10:53 PM
To: Tomaz Markelj
Subject: RE: Fully configurable UPS daemon

apcd? - works for us

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] Behalf Of
 Tomaz Markelj
 Sent: Thursday, December 01, 2005 4:43 PM
 To: misc@openbsd.org
 Subject: Fully configurable UPS daemon
 
 
 Hello all!
 
 I've been having problems with setting a NUT ups daemon up, 
 it always says
 On Battery (manualy configured the power/line flags, RTS,DCD... - dumb
 signaling)
 
 Now i ask the community, is there maybe a fully configurable 
 UPS daemon for
 openbsd?
 
 
 Regards,

Re: Fully configurable UPS daemon

[Tomaz Markelj]

But isn't APCD only for APC Smart UPSes?

-Original Message-
From: Roy Morris [mailto:[EMAIL PROTECTED] 
Sent: Thursday, December 01, 2005 10:53 PM
To: Tomaz Markelj
Subject: RE: Fully configurable UPS daemon

apcd? - works for us

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] Behalf Of
 Tomaz Markelj
 Sent: Thursday, December 01, 2005 4:43 PM
 To: misc@openbsd.org
 Subject: Fully configurable UPS daemon
 
 
 Hello all!
 
 I've been having problems with setting a NUT ups daemon up, 
 it always says
 On Battery (manualy configured the power/line flags, RTS,DCD... - dumb
 signaling)
 
 Now i ask the community, is there maybe a fully configurable 
 UPS daemon for
 openbsd?
 
 
 Regards,

Re: managed switches and carp

[Christopher Vance]

On Thu, Dec 01, 2005 at 05:53:36PM +0100, Henning Brauer wrote:

wow. what fucked up equipment is that? tell us so we can avoid it :)


Alloy.  We call them 'Annoy'.  :-(

Anyway, we now appear to have working switches of a different brand.
Thanks, all.

--
Christopher Vance

Re: LOGIN FAILURES ON ttyC0

[Andrew Daugherity]

On 11/28/05, Federico Giannici [EMAIL PROTECTED] wrote:
 eric wrote:
  On Mon, 2005-11-28 at 12:59:18 +0100, Federico Giannici proclaimed...
 
 
 Isn't ttyC0 the console? I'm sure that nobody is trying to log from
 the console...
 
 
  It is the first virtual terminal on x86 architectures. Logs don't lie, so
  you might want to track it down, or see if you're flubbing passwords.

 OK, but what I want to know is: is it the PHYSICAL console of the PC?
 I have it in front of me, so I can see that nobody is using it!

Yes, it's the local keyboard/display.  ttyC0, ttyC1, ttyC2, etc. are
the virtual consoles accessed from the keyboard by Ctrl-Alt-F1,
C-A-F2, CA-F3, etc.  A serial console would be tty00, tty01, etc.  ssh
logins, xterms, etc., will be ttyp0 etc.

As has already been advised, check your logs, particularly authlog and secure.

Andrew

fyi - openbsd 3.8 squirrelmail php bug and imap-uw

[Paul Pruett]

I ran into something w/ squirrelmail on openBSD 3.8
with uw imap needing plain text login and with a php
bug causing timeouts

short answer - use flavor plaintext with imap-uw instead
of trying edit of /etc/c-client.cf  - and use imap serverside
sort option on squirrelmail  - or manually update/patch php4 - ughh







NOTES - longwinded for those who may care,
and for google, else read no further


--

from the front of squirrelmail.org

SquirrelMail and PHP 4.4.1 issues
Nov 07, 2005 by Tomas Kuliavas
PHP developers released PHP 4.4.1 version on 2005-10-31.
Security fixes introduced bug, which affects three SquirrelMail
functions. If your SquirrelMail install does not use server
side sorting, PHP bug can create infinite loop in message display.
If you are using PHP 4.4.1, you should update it to 4.4.x-dev or apply 
patch.


(or as a quick fix set squirrel mail to serverside sort)

--

According to
http://www.squirrelmail.org/docs/admin/admin-10.html
OpenBSD
there are two different packaging flavors. [default package] and
[package with plaintext support]. Use plaintext package or
enable plain text login in /etc/c-client.cf

I used the default make install, so I'm sure I got
the package w/o plain text.
I had /etc/c-client.cf edited accordingly from previous usage..

# cat /etc/c-client.cf
set disable-plaintext nil


But it did not work...



So rather than using the port package without flavor and trying
to override with /etc/c-client.cf,
I made package with flavor and that worked. ..

# pkg_delete imap-uw-2004g
imap-uw-2004g: complete
Clean shared items: complete

# cd /usr/ports/mail/imap-uw
# env FLAVOR=plaintext make install


And that fixed it. --- then I had to do some changes to php.ini
and change some squirrel mail settings because the version of php w/ 3.8
has issues with imap or the version of imap has issues with php... 
whatever..

anywho changing things like squirrelmail to have imap sort help..

(be sure to exercise it with some attachements before you think its good 
to go...)


a source of info-
http://www.squirrelmail.org/wiki/BrowseProblemsByPhpError

a reminder to us slothful admins,  imap need only be for
localhost for squirrelmail... can configure pf.conf so only localhost uses 
imap...

Re: Nic problems

[Nick Holland]

L. V. Lammert wrote:
 Had a NIC fail last Monday at a remote site, after a local storm. We have 
 had problems with this site before - apparently the building was built on 
 the 'cheap' and they didn't do a lot of nice electrical stuff like 
 grounding the structure!

there are other things that can do it, too...
Had a client who was in the electrical business, their building was
pretty well assembled, from all I could see.  However, they were under
the intersection of several big power lines, and they seemed to collect
near-by lightning strikes.

Replaced MANY NICs and hubs in their building on at least two
occassions.  They had all kinds of protection devices on
everything..except the network cables.  Well...running through the
ceiling 50 ft. under a lightning strike picked up enough juice to blow
out NICs.

 When I got there and looked at the server, I found this type of message at 
 the start:
 
 Nov 25 16:57:07 Mainserver /bsd: WARNING: mclpool limit reached; increase 
 kern.m
 axclusters
 Nov 25 16:57:07 Mainserver /bsd: dc0: no memory for tx list
 Nov 25 16:57:07 Mainserver /bsd: dc0: no memory for tx listdc0:
 
 and finally:
 
 Nov 25 16:59:07 Mainserver /bsd: WARNING: mclpool limit reached; increase 
 kern.maxclusters
 
 [Yeah, I know it's a cheap NIC, but we've been using them for years and had 
 no problems.]
 
   Since swapping the NIC fixed the problem, does it make sense this was a 
 hardware problem?

did swapping the NIC fix the probem, or did rebooting the machine fix
the problem?

Sounds more like two separate problems:
  1) Chatty NIC (Davicom chips aren't the greatest of the dc(4)
compatable devices)
  2) kern.maxclusters problem

I think both of these have got better since 3.6.  I'd *highly* suggest
starting with an upgrade.  Hmmm...bit of googling indicates that there
was a big improvement here for 3.6, but I think there was more since
then.  My comments on this are HIGHLY unauthoritative, btw.

   If so, can anyone recommend a NIC available here in the states that 
 might be opto-isolated?

Even if it could be done (I don't think it could be, practically), it
wouldn't help, as it would just blow out the isolation parts (which will
be soldered on the NIC).

Ethernet NICs are already basically DC isolated through a transformer.
'course, transformers do a good job of passing high voltage, high
frequency spikes, but low frequency and DC is pretty well blocked.

If you want to see how this is done, I think the Realtek website had
some interesting reference designs for the download.  Ok, *I* thought
they were interesting, but then, I consider solder a valid programming
language and debugging tool. :)

Nick.


 DMESG
 ==
 -bash-3.00$ cat dmesg.boot
 OpenBSD 3.6 (SITE-Mainserver) #0: Thu Dec  9 10:10:48 CST 2004
  [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/SITE-Mainserver
...
 dc0 at pci0 dev 14 function 0 Davicom DM9102 rev 0x40: irq 3, address 
 00:08:a1:75:83:74
 amphy0 at dc0 phy 1: Am79C873 10/100 media interface, rev. 1
 pciide0 at pci0 dev 15 function 0 VIA VT8237 SATA rev 0x80: DMA
 pciide0: using irq 10 for native-PCI interrupt
...

Re: Booting very slow when using CompactFlash adapters

[Nick Holland]

Martmn Coco wrote:
...
 The oddity is you have the flash on the SECOND disk channel.  That
 should work, but a buggy BIOS might get in the way.
 
 
 I tried to move it to the first channel, but the speed problem was still 
 there when booting:

bah. :)

...
 I see you have a P4.  Could the heat sink have fallen off/not been
 mounted properly?  Supposedly, the P4 will slow itself down when it
 overheats.  IF the heat sink were not on at all (or a tiny air gap
 existed), the thing would probably reach critical temp within a couple
 seconds of power-on, and slow to an absolute crawl.  The kernel is
 loaded by the BIOS, so until the kernel was completely loaded.  At that
 point, OpenBSD would be halting the processor when it was idle, and it
 would probably stay cool enough to keep running at respectable speed.
...
 It is a really good theory :), but as I mentioned before, the install on 
 this machine went flawlessy, this meaning that when we boot from the 
 floppy, no speed issues were encountered. We only get slow speeds when 
 booting from the CompactFlash.

yeah...unless the heat sink fell off between install and reboot.  Yeah,
I'm REALLY Stretching there...

 Assuming those two ideas are not worth they electrons they were written
 on, next test would be to try an ordinary HD in this machine.

I'm still curious about this...but I am not sure what the answer would
tell me at this point...well, I guess if this is slow, I say broken
BIOS!...if it is fast, sounds like what TedU was describing.

 Next thing I'd like to see is a running commentary on what's on the
 screen at, say, every five or ten minute intervals, so we can get some
 idea where the slow-down is, and what is going on in the machine at each
 point.  Booting is fairly complicated, a combination of ROM, boot
 loaders, OS and hardware...lots of places for things to go wrong.
 However, never heard of this one before...
 
 
 I'm not sure of what you mean by this. 

EXACTLY what you provided...

 When you boot the box, first the
 boot prompt takes a while to appear. Even the part that says using 
 disk 0 partition 3 (or something like that) is slow. When you get to 
 the boot prompt, and you hit enter, you start to get the /-\|... 
 progress indicator, going rally slow, but one can tell that some 
 progress is being done, and that is why we left it to see how much it 
 took to boot. For 55, 56 minutes, it's the same thing, and then the 
 kernel is load and everything seems to start to work fine. The speed 
 issue seems to disappear, so it's definitely a BIOS thing or something 
 like that.

yes, that's what I wanted to know.
What I was curious about was did the kernel load quick but the /etc/rc
run slow?  stuck fsck'ing on a big flash disk?  But no...you decribed it
clearly, it is obviously having trouble of some kind reading the kernel
via BIOS...that's what it's doing with the twirly.

 I will use this CompactFlash in the VIA System to move on with the 
 upgrade, and will try to do some more tests, but I really don't know how 
 could I continue testing, other than upgrading the mobo's firmware (it's 
 a Gigabyte board), but I really don't think that will do the trick.

Eh, when things go strange, upgrade the BIOS.  It rarely fixes things,
but you feel silly when it actually does.  And obviously, it is a
BIOS-ish issue.  Might want to try a different brand flash module, or
even a PCI IDE interface card, just to get a different connection to the
existing one.

YEARS ago, machines used to have fast and slow modes of operation.
some had a smart mode, which was supposed to get around the problems
some copy protection had when running on a faster-than-expected
computer.  I thought of this with your problem, but I think those
systems ran slow when the BIOS accessed the /floppy/, which you say
works fine, not the hard disk, which you are having problems with.  And
I don't recall seeing that option in the last many years...though I
don't look for it, either.  Relatively recently, I had a complaint of a
very slow computer...dug around for viruses and spyware, blew away the
HD, installed OpenBSD, and that was slow, too.  After way too much time,
I noticed the BIOS speed was set to compatable...which was Dell's way
of turning a 333MHz Celeron into an 80286.  But since compatable
sounded good, I looked at that screen probably half a dozen times
until I saw that it's alternative was fast... ooops. :)

That does it, I'm out of ideas. :(

Nick.

theo

[Sophie Laurie]

theo,


Coming from Canada, have you ever skated on thin ice? Well, you're doing
it now!


I've seen the emails that you and some of the others have sent my
Mother, Sophia, in her inbox. Remember her, or have you pickled your
brain to such a degree with alcohol that you can't remember?


Since swearing is obviously accepted in these lists and you yourself has
set the precedent, don't mind if I swear myself.


Listen you sycophantic little prick!


She's a wheelchair bound 65 year old woman who only wanted your help and
instead, all she got was verbally assaulted by you and some of the
others. She did nothing wrong and you intentionally misinterpreted what
she
said just so you could take the opportunity to abuse her. You used her
for an opportunity to take out your frustrations. Get a life sicko.
  

Remember the USB ports on a Toshiba Satellite A60 - All she wanted to
use was an external mouse

  
What you and some of the others did was disgusting and you should be
ashamed of yourselves you gutless wonders.


I don't give a shit if you volunteer your entire pathetic little life
doing free shit for people - either do it and shut up or don't
do it at all, but don't do it and then act like the martyr, and don't
EVER take it out on my Mother again. Fuck knows why but she likes
(liked) you. i personally
don't give a shit about you. You may think your God in your little
insignificant world, and suck arses may treat you
like that, but to me you're nothing but an ugly, sad single twisted
little individual - a little boy who never got
over throwing temper tantrums, flying off the handle and never grew up
properly, who never grew up properly. You're not a very well adjusted
person and if you're pissed off with your own pathetic little life,
don't take it out on my Mother or I'll take it out on you.


You have no idea how you've upset her. I knew somthing had happened to
her because she was crying several weeks ago and her mood hasn't been
the same since but she wouldn't tell me what was wrong. Apart from me,
her only other contact with the outside world is by email so I checked
her inbox and found yours (and others) cruel emails. I hope you're all
proud of yourselves. She has never used language like that in her entire
life (I'm a bit different to her) like several of you used on her in
both public  private email returns. Neither did she deserve your
attitudes or your foul mouthes or your barage of rude insults. theo,
you're a spoilt, high strung, foul tempered, disgusting little
individual. You have no idea who you're writing to and you should be
more careful in future you bastard. On the other hand, I know all about
you. I've even got a picture of your house. 

I got my Mother into computers many years ago because I thought it would
be good for her mind but because of you, i'm sorry i did. Between me and
her,  you're going to miss out on a lot of money in future because of
your childish attitude and disgusting temper (I reiterate, you have no
idea who you're writing to - or who's watching the list).

And I don't give a shit about all you nerds and geeks (nice ones
excepted) and your little rules about what's appropriate to post and
where. I'll post it anywhere I God damn like and I'll say what I God
damn please and you can take it any way you like - so take this email
and stick it... in any list you think it belongs in - so ask me if I
give a shit. Well, I'll tell ya, I don't give a shit! You can stick it
up your arse for all I care you sad little boy.

Personally, i'm disgusted that she grovelled to you but i'm even more
disgusded with your crewl and calous response to her you gutless wonder.

Just know this theo. Don't dare upset my mother again.

I visit canada from time to time on business. you ever speak to my
mother like that again and i'll personally come
over to canada and see you personally appologise to her in writing you
ugly, weedy little poor excuse for a man.

You've got a lot of growing up to do boy. It's a pity you're a sad
middle-aged man who's made it this far in life but have failed to mature
mentally past the 12th grade. I don't think there's any hope for you.


Sophia's daughter,
Martha (Muscles) Boyd

(I'm going to delete this email now so she doesn't see it in her inbox)

bus-master DMA error: missing interrupt

[Jason Dixon]

I recently purchased a pair of Iron Systems A210 servers for a  
firewall installation.  The systems were ordered with no hard drives  
and ide-to-CF adapters onboard.  They are running 3.8 -release on  
512MB compact flash (SanDisk SDCFB-512).  I'm seeing the following  
error in the same place on both systems at boot:


wd0(pciide0:0:0): timeout
type: ata
c_bcount: 512
c_skip: 0
pciide0:0:0: bus-master DMA error: missing interrupt, status=0x21
wd0c: device timeout reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying
wd0(pciide0:0:0): timeout
type: ata
c_bcount: 512
c_skip: 0
pciide0:0:0: bus-master DMA error: missing interrupt, status=0x21
wd0: transfer error, downgrading to PIO mode 4
wd0(pciide0:0:0): using PIO mode 4
wd0c: device timeout reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying
wd0: soft error (corrected)

Everything then continues as usual, although I'm also not doing any  
intentional writes to disk.  Anyone have any idea what might be  
causing this and if it's safe to ignore (yeah, right).



OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Celeron(R) CPU 2.00GHz (GenuineIntel 686-class) 2 GHz
cpu0:  
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36, 
CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID

real mem  = 258449408 (252392K)
avail mem = 228941824 (223576K)
using 3180 buffers containing 13025280 bytes (12720K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(7e) BIOS, date 10/27/04, BIOS32 rev. 0 @  
0xfb220

apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 70102 dobusy 1 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0xdf84
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdec0/192 (10 entries)
pcibios0: PCI Exclusive IRQs: 5 7 9 10 11 12
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371SB ISA rev  
0x00)

pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xb200! 0xcc000/0x1000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82845G/GL rev 0x03
vga1 at pci0 dev 2 function 0 Intel 82845G/GL Video rev 0x03:  
aperture at 0xe000, size 0x800

wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x02: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x02: irq 9
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x02: irq 7
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x02: irq 5
usb3 at ehci0: USB revision 2.0
uhub3 at usb3
uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub3: 6 ports with 6 removable, self powered
ppb0 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0x82
pci1 at ppb0 bus 1
em0 at pci1 dev 3 function 0 Intel PRO/1000MT (82541GI) rev 0x00:  
irq 12, address: 00:e0:81:56:dd:fa
em1 at pci1 dev 4 function 0 Intel PRO/1000MT (82541GI) rev 0x00:  
irq 10, address: 00:e0:81:56:dd:fb
skc0 at pci1 dev 5 function 0 Schneider  Koch SK-9821 v2.0 rev  
0x20: irq 11

skc0: Marvell Yukon (0x1)
sk0 at skc0 port A: address 00:00:5a:9f:31:b4
eephy0 at sk0 phy 0: Marvell 88E1011 Gigabit PHY, rev. 3
ichpcib0 at pci0 dev 31 function 0 Intel 82801DB LPC rev 0x02
pciide0 at pci0 dev 31 function 1 Intel 82801DB IDE rev 0x02: DMA,  
channel 0 configured to compatibility, channel 1 configured to  
compatibility

wd0 at pciide0 channel 0 drive 0: SanDisk SDCFB-512
wd0: 4-sector PIO, LBA, 488MB, 1000944 sectors
wd0(pciide0:0:0): using PIO mode 4, DMA mode 2
pciide0: channel 1 disabled (no drives)
Intel 82801DB SMBus rev 0x02 at pci0 dev 31 function 3 not configured
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
sysbeep0 at pcppi0
it0 at isa0 port 0x290/8: IT87
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
biomask ebe5 netmask ffe5 ttymask ffe7
pctr: user-level cycle counter enabled
wd0(pciide0:0:0): timeout
type: ata
c_bcount: 512
c_skip: 0
pciide0:0:0: bus-master DMA error: missing interrupt, status=0x21
wd0c: device timeout reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying
wd0(pciide0:0:0): timeout
type: ata

Re: theo

[Tony]

Sophie Laurie wrote:


 theo,


 Coming from Canada, have you ever skated on thin ice? Well, you're doing
 it now!
I've lived in Canada. Nine months of winter and three months of bad skating
is just a myth.

 She's a wheelchair bound 65 year old woman who only wanted your help and
Same age, but haven't had to hit the wheelchair yet.

 Remember the USB ports on a Toshiba Satellite A60 - All she wanted to
 use was an external mouse
So would I, but laptops are notoriously strange and expecting strange stuff
to work flawlessly is something I've long since learned to not expect.
Unreasonable expectations are somewhat tolerated in children, not so much
in adults. Considering the goals of OpenBSD, I would not expect USB rodents,
sound cards or even video to be necessarily well supported.
If using the mouse was of prime importance, I'd use Windows and even then
I'd probably have to download drivers because Windows doesn't support it
either.

The problems are most likely due to bad hardware from Toshiba.
Toshiba has workarounds that work in (some versions of) Windows.
Very unlikely that Toshiba has workarounds that work in OpenBSD.
I don't think OpenBSD does hardware support for Toshiba.


 Sophia's daughter,
 Martha (Muscles) Boyd

 (I'm going to delete this email now so she doesn't see it in her inbox)

... and any replies?

theo (fwd)

[ober]

Maybe you should get your mom off of OpenBSD and onto
http://abcnews.go.com/GMA/Living/story?id=235788page=1

.2cents

-Ober

-- Forwarded message --
Date: Fri, 02 Dec 2005 13:18:02 +1100
From: Sophie Laurie [EMAIL PROTECTED]
To: Theo de Raadt [EMAIL PROTECTED]
Cc: misc@openbsd.org misc@openbsd.org
Subject: theo

theo,

Coming from Canada, have you ever skated on thin ice? Well, you're doing
it now!

I've seen the emails that you and some of the others have sent my
Mother, Sophia, in her inbox. Remember her, or have you pickled your
brain to such a degree with alcohol that you can't remember?

Since swearing is obviously accepted in these lists and you yourself has
set the precedent, don't mind if I swear myself.

Listen you sycophantic little prick!

She's a wheelchair bound 65 year old woman who only wanted your help and
instead, all she got was verbally assaulted by you and some of the
others. She did nothing wrong and you intentionally misinterpreted what
she
said just so you could take the opportunity to abuse her. You used her
for an opportunity to take out your frustrations. Get a life sicko.


Remember the USB ports on a Toshiba Satellite A60 - All she wanted to
use was an external mouse


What you and some of the others did was disgusting and you should be
ashamed of yourselves you gutless wonders.

I don't give a shit if you volunteer your entire pathetic little life
doing free shit for people - either do it and shut up or don't
do it at all, but don't do it and then act like the martyr, and don't
EVER take it out on my Mother again. Fuck knows why but she likes
(liked) you. i personally
don't give a shit about you. You may think your God in your little
insignificant world, and suck arses may treat you
like that, but to me you're nothing but an ugly, sad single twisted
little individual - a little boy who never got
over throwing temper tantrums, flying off the handle and never grew up
properly, who never grew up properly. You're not a very well adjusted
person and if you're pissed off with your own pathetic little life,
don't take it out on my Mother or I'll take it out on you.

You have no idea how you've upset her. I knew somthing had happened to
her because she was crying several weeks ago and her mood hasn't been
the same since but she wouldn't tell me what was wrong. Apart from me,
her only other contact with the outside world is by email so I checked
her inbox and found yours (and others) cruel emails. I hope you're all
proud of yourselves. She has never used language like that in her entire
life (I'm a bit different to her) like several of you used on her in
both public  private email returns. Neither did she deserve your
attitudes or your foul mouthes or your barage of rude insults. theo,
you're a spoilt, high strung, foul tempered, disgusting little
individual. You have no idea who you're writing to and you should be
more careful in future you bastard. On the other hand, I know all about
you. I've even got a picture of your house.

I got my Mother into computers many years ago because I thought it would
be good for her mind but because of you, i'm sorry i did. Between me and
her,  you're going to miss out on a lot of money in future because of
your childish attitude and disgusting temper (I reiterate, you have no
idea who you're writing to - or who's watching the list).

And I don't give a shit about all you nerds and geeks (nice ones
excepted) and your little rules about what's appropriate to post and
where. I'll post it anywhere I God damn like and I'll say what I God
damn please and you can take it any way you like - so take this email
and stick it... in any list you think it belongs in - so ask me if I
give a shit. Well, I'll tell ya, I don't give a shit! You can stick it
up your arse for all I care you sad little boy.

Personally, i'm disgusted that she grovelled to you but i'm even more
disgusded with your crewl and calous response to her you gutless wonder.

Just know this theo. Don't dare upset my mother again.

I visit canada from time to time on business. you ever speak to my
mother like that again and i'll personally come
over to canada and see you personally appologise to her in writing you
ugly, weedy little poor excuse for a man.

You've got a lot of growing up to do boy. It's a pity you're a sad
middle-aged man who's made it this far in life but have failed to mature
mentally past the 12th grade. I don't think there's any hope for you.


Sophia's daughter,
Martha (Muscles) Boyd

(I'm going to delete this email now so she doesn't see it in her inbox)

--

The only thing that spoils OpenBSD is theo de raadt

Re: theo (fwd)

[Ioan Nemes]

She went her anger, just leave it!
Theo doesn't need advocates to reply - if he wants too!
Errare humanum est, perseverare autem diabolicum!

Ioan



 ober [EMAIL PROTECTED] 02/12/2005 04:13:21 pm 
Maybe you should get your mom off of OpenBSD and onto
http://abcnews.go.com/GMA/Living/story?id=235788page=1 

.2cents

-Ober

-- Forwarded message --
Date: Fri, 02 Dec 2005 13:18:02 +1100
From: Sophie Laurie [EMAIL PROTECTED]
To: Theo de Raadt [EMAIL PROTECTED]
Cc: misc@openbsd.org misc@openbsd.org
Subject: theo

theo,

Coming from Canada, have you ever skated on thin ice? Well, you're
doing
it now!

I've seen the emails that you and some of the others have sent my
Mother, Sophia, in her inbox. Remember her, or have you pickled your
brain to such a degree with alcohol that you can't remember?

Since swearing is obviously accepted in these lists and you yourself
has
set the precedent, don't mind if I swear myself.

Listen you sycophantic little prick!

She's a wheelchair bound 65 year old woman who only wanted your help
and
instead, all she got was verbally assaulted by you and some of the
others. She did nothing wrong and you intentionally misinterpreted
what
she
said just so you could take the opportunity to abuse her. You used her
for an opportunity to take out your frustrations. Get a life sicko.


Remember the USB ports on a Toshiba Satellite A60 - All she wanted to
use was an external mouse


What you and some of the others did was disgusting and you should be
ashamed of yourselves you gutless wonders.

I don't give a shit if you volunteer your entire pathetic little life
doing free shit for people - either do it and shut up or don't
do it at all, but don't do it and then act like the martyr, and don't
EVER take it out on my Mother again. Fuck knows why but she likes
(liked) you. i personally
don't give a shit about you. You may think your God in your little
insignificant world, and suck arses may treat you
like that, but to me you're nothing but an ugly, sad single twisted
little individual - a little boy who never got
over throwing temper tantrums, flying off the handle and never grew up
properly, who never grew up properly. You're not a very well adjusted
person and if you're pissed off with your own pathetic little life,
don't take it out on my Mother or I'll take it out on you.

You have no idea how you've upset her. I knew somthing had happened to
her because she was crying several weeks ago and her mood hasn't been
the same since but she wouldn't tell me what was wrong. Apart from me,
her only other contact with the outside world is by email so I checked
her inbox and found yours (and others) cruel emails. I hope you're all
proud of yourselves. She has never used language like that in her
entire
life (I'm a bit different to her) like several of you used on her in
both public  private email returns. Neither did she deserve your
attitudes or your foul mouthes or your barage of rude insults. theo,
you're a spoilt, high strung, foul tempered, disgusting little
individual. You have no idea who you're writing to and you should be
more careful in future you bastard. On the other hand, I know all
about
you. I've even got a picture of your house.

I got my Mother into computers many years ago because I thought it
would
be good for her mind but because of you, i'm sorry i did. Between me
and
her,  you're going to miss out on a lot of money in future because of
your childish attitude and disgusting temper (I reiterate, you have no
idea who you're writing to - or who's watching the list).

And I don't give a shit about all you nerds and geeks (nice ones
excepted) and your little rules about what's appropriate to post and
where. I'll post it anywhere I God damn like and I'll say what I God
damn please and you can take it any way you like - so take this email
and stick it... in any list you think it belongs in - so ask me if I
give a shit. Well, I'll tell ya, I don't give a shit! You can stick
it
up your arse for all I care you sad little boy.

Personally, i'm disgusted that she grovelled to you but i'm even more
disgusded with your crewl and calous response to her you gutless
wonder.

Just know this theo. Don't dare upset my mother again.

I visit canada from time to time on business. you ever speak to my
mother like that again and i'll personally come
over to canada and see you personally appologise to her in writing you
ugly, weedy little poor excuse for a man.

You've got a lot of growing up to do boy. It's a pity you're a sad
middle-aged man who's made it this far in life but have failed to
mature
mentally past the 12th grade. I don't think there's any hope for you.


Sophia's daughter,
Martha (Muscles) Boyd

(I'm going to delete this email now so she doesn't see it in her
inbox)

--

The only thing that spoils OpenBSD is theo de raadt
http://www.netcleanse.com

Re: theo (fwd)

[Kevin R]

[snip]
 The only thing that spoils OpenBSD is ...

This is a good example of a thread unnecessarily getting out of control.
How about everyone following a few simple guidelines:

1. Read the entire FAQ before posting

2. If a message is poorly posted for reasons like:
 - you should have read the FAQ before posting
 - no, we don't and probably never will support your old hardware
 - you forgot to include a dmesg and proper diagnostics, etc...
Then a simple one line reply indicating this would suffice.

3. Respect each other's knowledge or lack thereof
Google can't help you if you don't know what you're looking for and end up
with 1000's of sites that don't match your problem. 

It takes far more effort to whine and complain about a post than to provide
simple feedback on what they could/should have done.  At the very least,
remind them to re-read http://www.openbsd.org/mail.html

A newbie to the list won't understand the nuances of a poorly written post -
but if he's treated with respect he may buy CD's and tell all his friends.

If you can't say anything nice... don't say anything at all.

Re: theo

[eric]

On Fri, 2005-12-02 at 13:18:02 +1100, Sophie Laurie proclaimed...

 I've seen the emails that you and some of the others have sent my
 Mother, Sophia, in her inbox. Remember her, or have you pickled your
 brain to such a degree with alcohol that you can't remember?

Did you know your mother married her brother and you're the bastard spawn of
that relationship?

Just curious.

p.s. Hi Mom!

Re: theo

[Steve Shockley]

Oh, fun.

Sophie Laurie wrote:

She's a wheelchair bound 65 year old woman who only wanted your help and
instead, all she got was verbally assaulted by you and some of the
others. She did nothing wrong and you intentionally misinterpreted what
she
said just so you could take the opportunity to abuse her. You used her
for an opportunity to take out your frustrations. Get a life sicko.


Strange, according to http://marc.theaimsgroup.com/?m=112674507931298, 
s-laurie started out with My wife kindly bought me... so, assuming 
that sexagenarian wheelchair-bound women deserve special treatment, how 
is one to know?  She forgot to post her profile.


 don't take it out on my Mother or I'll take it out on you.

 You have no idea who you're writing to and you should be more
 careful in future you bastard. On the other hand, I know all about
 you. I've even got a picture of your house.

 (I reiterate, you have no
 idea who you're writing to - or who's watching the list)

 Just know this theo. Don't dare upset my mother again.

 I visit canada from time to time on business. you ever speak to my
 mother like that again and i'll personally come
 over to canada and see you personally appologise to her in writing you
 ugly, weedy little poor excuse for a man.

 Martha (Muscles) Boyd

Does your mother know you're threatening someone who, based on the 
context of your threats, you think is smaller and weaker than you?  Lame 
threats, too.  Either threaten to beat him up, or don't.  Better yet, 
just beat him up or don't.  Don't set up a web page, a mascot, and a 
mailing list about beating him up without ever actually doing it.



What you and some of the others did was disgusting and you should be
ashamed of yourselves you gutless wonders.


What you're doing here is shameful.  You threw a bomb signed by your 
mother and ran away.


 i personally don't give a shit about you.

You sure spent a lot of time on someone you don't give a shit about.

 You have no idea how you've upset her.

I can't wait until she sees all the replies to your message.


I knew somthing had happened to
her because she was crying several weeks ago and her mood hasn't been
the same since but she wouldn't tell me what was wrong.  Apart from me,
her only other contact with the outside world is by email so I checked
her inbox and found yours (and others) cruel emails.


Glad to see you respect her privacy.  Perhaps her emotional difficulty 
is due to her lack of socializing.



Neither did she deserve your
attitudes or your foul mouthes or your barage of rude insults. 


Perhaps.  People are mean.  Nobody gets to age 65 without figuring that 
out.  For that matter, nobody gets to age 6 without figuring that out. 
Theo's famous for being mean.  Most people don't cry when Theo's mean to 
them.



theo,
you're a spoilt, high strung, foul tempered, disgusting little
individual.


Ah, a barrage of insults in the sentence after you complain about his 
barrage of insults.



Between me and
her,  you're going to miss out on a lot of money in future because of
your childish attitude and disgusting temper


Why do you assume that someone who donates his time cares about your 
money?  I assume that you've both been quite generous in the past, 
otherwise it's just so much hot air.



And I don't give a shit about all you nerds and geeks (nice ones
excepted) and your little rules about what's appropriate to post and
where. I'll post it anywhere I God damn like and I'll say what I God
damn please and you can take it any way you like - so take this email
and stick it... in any list you think it belongs in - so ask me if I
give a shit. Well, I'll tell ya, I don't give a shit! You can stick it
up your arse for all I care you sad little boy.


So, if you don't care about rules and what's appropriate, then why are 
you upset that someone flamed your poor mother?



You've got a lot of growing up to do boy. It's a pity you're a sad
middle-aged man who's made it this far in life but have failed to mature
mentally past the 12th grade. I don't think there's any hope for you.


So, is he a boy or a man?  And 37 is middle-aged now?  Crap.


(I'm going to delete this email now so she doesn't see it in her inbox)


Sure she will.


--

The only thing that spoils OpenBSD is theo de raadt



Wow, you even changed her signature.  If she used Windows, you'd be the 
Kak worm.

Help with lpd and XP

[Greg Thomas]

Ok, I decided to switch from using a little Linksys 802.11b parallel
print server to using my OpenBSD box for printing to my one printer. 
Printing locally works fine but I'm having trouble printing from XP.

[EMAIL PROTECTED]:/home/ethant# cat /etc/printcap
#   $OpenBSD: printcap,v 1.4 2003/03/28 21:32:30 jmc Exp $
#
lp|:\
:sh:sf:lp=/dev/lpt0:sd=/var/spool/output:lf=/var/log/lpd-errs:

[EMAIL PROTECTED]:/home/ethant# lpq
Warning: no daemon present
Rank   Owner  Job  Files Total Size
1stethant 9Test Page 0 bytes

[EMAIL PROTECTED]:/home/ethant# ps waux |grep lpd
daemon7435  0.0  0.9   180   556 ??  Ss10:22PM0:00.03 /usr/sbin/lpd

[EMAIL PROTECTED]:/home/ethant# sudo lprm 9
cannot dequeue dfA009LOCUST
cfA009locust.2fortheroad.net dequeued

And I get a bunch of these in /var/log/lpd-errs until I rm everything
in /var/spool/output:

Dec  1 22:31:06 grits lpd[15269]: locust.2fortheroad.net
Dec  1 22:31:06 grits lpd[15269]: link tfA009locust.2fortheroad.net
cfA009locust.2fortheroad.net: File exists
Dec  1 22:31:14 grits lpd[5050]: locust.2fortheroad.net
Dec  1 22:31:14 grits lpd[5050]: link tfA009locust.2fortheroad.net
cfA009locust.2fortheroad.net: File exists
Dec  1 22:31:22 grits lpd[21910]: locust.2fortheroad.net
Dec  1 22:31:22 grits lpd[21910]: link tfA009locust.2fortheroad.net
cfA009locust.2fortheroad.net: File exists
Dec  1 22:31:30 grits lpd[17060]: locust.2fortheroad.net
Dec  1 22:31:30 grits lpd[17060]: link tfA009locust.2fortheroad.net
cfA009locust.2fortheroad.net: File exists
Dec  1 22:31:38 grits lpd[23270]: locust.2fortheroad.net
Dec  1 22:31:38 grits lpd[23270]: link tfA009locust.2fortheroad.net
cfA009locust.2fortheroad.net: File exists

I saw a similar message on misc back in August but no resolution. 
What am I doing wrong?

Thanks,
Greg

OpenBSD 3.7 (GENERIC) #0: Thu Jul 14 17:59:16 PDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III (GenuineIntel 686-class, 128KB L2 cache) 1 GHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MM
X,FXSR,SSE
real mem  = 65052672 (63528K)
avail mem = 51933184 (50716K)
using 819 buffers containing 3354624 bytes (3276K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(77) BIOS, date 01/03/02, BIOS32 rev. 0 @ 0xfd7b0
pcibios0 at bios0: rev 2.1 @ 0xfd7b0/0x850
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf40/160 (8 entries)
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00)
pcibios0: PCI bus #2 is the last bus
bios0: ROM list: 0xc/0x8000 0xd/0x8000!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82810E rev 0x03
vga1 at pci0 dev 1 function 0 Intel 82810E Graphics rev 0x03: aperture at 0xf8
00, size 0x400
wsdisplay0 at vga1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb0 at pci0 dev 30 function 0 Intel 82801AA Hub-to-PCI rev 0x02
pci1 at ppb0 bus 1
ahc1 at pci1 dev 11 function 0 Adaptec AHA-2940U rev 0x01: irq 3
scsibus0 at ahc1: 16 targets
st0 at scsibus0 targ 4 lun 0: WangDAT, Model 3400DX, 5.0j SCSI2 1/sequential r
emovable
st0: drive empty or not ready
cbb0 at pci1 dev 13 function 0 Ricoh 5C475 CardBus rev 0x81: irq 9
xl0 at pci1 dev 14 function 0 3Com 3c905B 100Base-TX rev 0x00: irq 10, address
 00:10:5a:02:3d:8f
exphy0 at xl0 phy 24: 3Com internal media interface
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 2 device 0 cacheline 0x0, lattimer 0x20
pcmcia0 at cardslot0
ichpcib0 at pci0 dev 31 function 0 Intel 82801AA LPC rev 0x02
pciide0 at pci0 dev 31 function 1 Intel 82801AA IDE rev 0x02: DMA, channel 0 w
ired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: ST320410A
wd0: 16-sector PIO, LBA, 19092MB, 39102336 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4
atapiscsi0 at pciide0 channel 1 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: SAMSUNG, CD-ROM SC-148, B100 SCSI0
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
uhci0 at pci0 dev 31 function 2 Intel 82801AA USB rev 0x02: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
Intel 82801AA SMBus rev 0x02 at pci0 dev 31 function 3 not configured
auich0 at pci0 dev 31 function 5 Intel 82801AA AC97 rev 0x02: irq 9, ICH AC97
ac97: codec id 0x41445361 (Analog Devices AD1886)
ac97: codec features headphone, Analog Devices Phat Stereo
audio0 at auich0
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using wsdisplay0
mpu0 at isa0 port 0x300/2: generic MPU-401 compatible
midi0 at mpu0: MPU-401 MIDI UART
pcppi0 at isa0 port 0x61
midi1 at pcppi0: PC speaker
sysbeep0 

Re: theo

[Bryan Allen]

Do we really have to go through this crap again?

EOF plzkthx.
--
Bryan Allen
[EMAIL PROTECTED]
http://bda.mirrorshades.net
Cyberpunk is dead. Long live cyberpunk.

Re: theo (fwd)

[Joakim Aronius]

Second that.

Just ignore personal mails sent to misc@, theo is perfectly capable of 
answering mails, if he wish to.

Lets try to keep the signal to noise ration on a decent level, keep OT mails 
off-list.

Cheers,
/jkm
 
* Kevin R ([EMAIL PROTECTED]) wrote:
 [snip]
  The only thing that spoils OpenBSD is ...
 
 This is a good example of a thread unnecessarily getting out of control.
 How about everyone following a few simple guidelines:
 
 1. Read the entire FAQ before posting
 
 2. If a message is poorly posted for reasons like:
  - you should have read the FAQ before posting
  - no, we don't and probably never will support your old hardware
  - you forgot to include a dmesg and proper diagnostics, etc...
 Then a simple one line reply indicating this would suffice.
 
 3. Respect each other's knowledge or lack thereof
 Google can't help you if you don't know what you're looking for and end up
 with 1000's of sites that don't match your problem. 
 
 It takes far more effort to whine and complain about a post than to provide
 simple feedback on what they could/should have done.  At the very least,
 remind them to re-read http://www.openbsd.org/mail.html
 
 A newbie to the list won't understand the nuances of a poorly written post -
 but if he's treated with respect he may buy CD's and tell all his friends.
 
 If you can't say anything nice... don't say anything at all.

Re: theo

[Janne Johansson]

Sophie Laurie wrote:

The only thing that spoils OpenBSD is theo de raadt


But it caters so well the needs for all the worst nastiest
anal-carotid-constriction-software-patent-loving-spam-your-grandma-
for-a-dollar-bottom-feeding-killing-babies-in-palestine-and-iraq
type organizations to be able to use the OpenBSD codebase in whatever
way they like.

For which at least Diana Eichert is ever so thankful. ;)