Re: recommend web-based file explorer program?
On Friday 08 September 2006 00:03, smith wrote: Can anyone recommend a good web-based file explorer program. I'd like to setup a website with openbsd where users can 1) upload and download files and 2) give their customer's permission to upload and download files too. It would be great if the program had the look and feel similar to windows explorer but on a website. A commercial solution would be great too if it runs on OpenBSD. I'd prefer a program that didn't require a database, especially mysql, and didn't require php. But I wouldn't eliminate them from scrutiny either. If the whole program just ran on Perl and OpenBSD's apache that would be great. We currently use ftp for this sort of thing but my users need the ability to give their customers access at will. If there is a ftp solution, I'd like to hear it too. This setup would be a cannon fodder setup were the server sits outside our firewall and my users are told not to rely on the security of this server. Even our current ftp server was setup this way. Any suggestions would be greatly appreciated. Check out http://www.phpxplorer.org/phpXplorer/webIndex.php. I'm using it on one of my websites and it works quite well.
Re: Serial Console and /etc/ttys
Alas, Setting local did not help. I later found the local option in the terminals configuration menu. It is set to off. Best Regards Edd
Re: Opinion of MySQL 5.xx on OpenBSD 3.9...
On Thu, Sep 07, 2006 at 01:57:19PM +0200, Edgars wrote: Same here, a lot of problems since 3.7. :( Because of that, two client servers was migrated to freebsd :/ -Original message- From: Toni Mueller [EMAIL PROTECTED] Date: Thu, 7 Sep 2006 13:09:09 +0300 To: misc@openbsd.org Subject: Re: Opinion of MySQL 5.xx on OpenBSD 3.9... Hello, On Thu, 22.06.2006 at 12:49:22 +0200, Henning Brauer [EMAIL PROTECTED] wrote: I haven't seen stability problems with mysql on OpenBSD in a long time. not even on sparc64. then you are very lucky, imho. then you're both doing smth wrong: mysql Ver 12.22 Distrib 4.0.27, for unknown-openbsd3.8 (i386) Uptime: 94 days 17 hours 17 min 50 sec ~26 databases( mostly evil bulletin boards). - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://entropy.pl http://entropy.pl/?blog
feature req: vnconfig should work on readonly fs
The patch appears to work for me on OpenBSD 3.9 i386.
--- sys/dev/vnd.c.orig Fri Sep 8 03:41:21 2006
+++ sys/dev/vnd.c Fri Sep 8 04:56:05 2006
@@ -817,7 +817,7 @@
* have to worry about them.
*/
NDINIT(nd, LOOKUP, FOLLOW, UIO_USERSPACE, vio-vnd_file, p);
- if ((error = vn_open(nd, FREAD|FWRITE, 0)) != 0) {
+ if ((error = vn_open(nd, FREAD|FWRITE, 0)) != 0 (error !=
EROFS || (error = vn_open(nd, FREAD, 0)) != 0)) {
vndunlock(vnd);
return (error);
}
3.9-stable (weird) panic pccom
Hello misc@, I just had a weird situation with my home network: The power supply of my file server died, the file server is connected to my router with serial cables for access. file-server router com2 (cua01)com1 (tty00) com1 (tty01)com2 (cua01) Now the weird part: my router paniced: ddb trace Debugger(d080ce9c,1,0,60,0) at Debugger+0x4 comsoft(58,10,10,10,d080ce9c) at comsoft+0xee Bad frame pointer: 0xd080ce44 Does this have anything todo with each other? I mean a bug in pccom(4) triggered by noise/something when my fileserver went down hard? ddb ps PID PPID PGRPUID S FLAGS WAIT COMMAND 583 1583 0 3 0x4086 ttyin getty 13559 1 13559 0 3 0x4086 ttyin getty 28309 1 28309 0 3 0x4086 ttyin getty 826 1826 0 3 0x4086 ttyin getty 24171 1 24171 0 3 0x4086 ttyin getty 32168 1 32168 0 3 0x4086 ttyin getty 32497 1 32497 0 30x84 select cron 6264 1 18061 0 30x84 bpfarpwatch 22509 1 18061 0 30x86 nanosleep perl 31394 1 31394 0 3 0x40184 select sendmail 24967 1 24967 0 30x84 select sshd 15257 1 18061 29 3 0x186 poll identd 20722 1 20722 71 3 0x184 kqread ftp-proxy 28604 1 28604 77 3 0x184 poll dhcpd 23160 29982 29982 83 3 0x184 poll ntpd 29982 1 29982 0 30x84 poll ntpd 27989 8487 8487 68 3 0x184 select isakmpd 8487 1 8487 0 30x84 netio isakmpd 19261 20691 20691 70 3 0x184 select named 20691 1 20691 0 3 0x184 netio named 5924 23581 23581 74 3 0x184 bpfpflogd 23581 1 23581 0 30x84 netio pflogd 7851 8940 8940 73 3 0x184 poll syslogd 8940 1 8940 0 30x84 netio syslogd 16 0 0 0 30x100204 crypto_wa crypto 15 0 0 0 30x100204 aiodoned aiodoned 14 0 0 0 30x100204 syncer update 13 0 0 0 30x100204 cleanercleaner 12 0 0 0 30x100204 reaper reaper 11 0 0 0 30x100204 pgdaemon pagedaemon 10 0 0 0 30x100204 pftm pfpurge 9 0 0 0 30x100204 timeoutsensors 8 0 0 0 30x100204 usbevt usb3 7 0 0 0 30x100204 usbevt usb2 6 0 0 0 30x100204 usbevt usb1 5 0 0 0 30x100204 usbtsk usbtask 4 0 0 0 30x100204 usbevt usb0 3 0 0 0 30x100204 apmev apm0 2 0 0 0 30x100204 kmallockmthread 1 0 1 0 3 0x4084 wait init 0 -1 0 0 3 0x80204 scheduler swapper 20364 15257 18061 29 5 0x2100 identd dmesg: OpenBSD 3.9-current (GENERIC) #658: Sun Mar 26 01:19:02 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA Esther processor 1500MHz (CentaurHauls 686-class) 1.50 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,SSE3,EST,TM2 cpu0: RNG AES AES-CTR SHA1 SHA256 RSA real mem = 1006137344 (982556K) avail mem = 911187968 (889832K) using 4278 buffers containing 50409472 bytes (49228K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(db) BIOS, date 06/22/06, BIOS32 rev. 0 @ 0xf9360 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xc4f4 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc450/160 (8 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 8 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 5 10 11 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8237 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xfc00 0xd/0x8000! 0xd8000/0x1000 0xd9000/0x800 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 vendor VIA, unknown product 0x0314 rev 0x00 pchb1 at pci0 dev 0 function 1 vendor VIA, unknown product 0x1314 rev 0x00 pchb2 at pci0 dev 0 function 2 vendor VIA, unknown product 0x2314 rev 0x00 pchb3 at pci0 dev 0 function 3 VIA PT890 Host rev 0x00 pchb4 at pci0 dev 0 function 4 vendor VIA, unknown product 0x4314 rev 0x00 pchb5 at pci0 dev 0 function 7 vendor VIA, unknown product 0x7314 rev 0x00 ppb0 at pci0 dev 1 function 0 VIA VT8377 AGP rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 vendor VIA, unknown product 0x3344 rev
Re: OpenBSD Wireless Router
* I just want to use IPsec, its probably far harder to crack anyway. I have wrote scripts and such before that do ssh encryption anyway, i could probably use that kind of tunneling on squid connections and all. * My internet connection is currently briged to the wireless link to a router with WPA. I can use this with ndiswrapper and wpa_supplicant but personally I don't think linux is secure enough. Fedora Core 5 runs extremely fast on the machine, its the router I really care about. I love OpenBSD from experience. * I want to be able to shape traffic, from a WiMax connection at 11mb and a 1.5mbit adsl connection on one machine. I can most likely do this, ill just put the different traffic on different networks (house and servers). On 9/8/06, openbsd misc [EMAIL PROTECTED] wrote: On Fri, Sep 08, 2006 at 05:00:16AM +1000, John Tate wrote: I am constantly disappointed with the lack of freedom out-of-the-box wireless routers provide. I am interested in a solution on OpenBSD, because I haven't used any Soekris device yet but you may be interested in this: http://www.soekris.com/net4511.htm A WRAP system could also be an option www.pcengines.ch I haven't tried wireless lan with openbsd because it does not support WPA. Regards Hagen Volpers -- Faced with the fact that Intelligent Design doesn't meet the criteria for a scientific theory, leading proponent redefines what a scientific theory is. Result: Astrology now a scientific theory.
Re: 3.9-stable (weird) panic pccom
On Fri, Sep 08, 2006 at 01:39:09PM +0200, Andreas Bihlmaier wrote: Hello misc@, I just had a weird situation with my home network: The power supply of my file server died, the file server is connected to my router with serial cables for access. file-server router com2 (cua01) com1 (tty00) com1 (tty01) com2 (cua01) Now the weird part: my router paniced: ddb trace Debugger(d080ce9c,1,0,60,0) at Debugger+0x4 comsoft(58,10,10,10,d080ce9c) at comsoft+0xee Bad frame pointer: 0xd080ce44 power cycle usually produces a break signal on the serial. this caused your machine to drop into ddb. type 'co' (; Does this have anything todo with each other? I mean a bug in pccom(4) triggered by noise/something when my fileserver went down hard? ddb ps PID PPID PGRPUID S FLAGS WAIT COMMAND 583 1583 0 3 0x4086 ttyin getty 13559 1 13559 0 3 0x4086 ttyin getty 28309 1 28309 0 3 0x4086 ttyin getty 826 1826 0 3 0x4086 ttyin getty 24171 1 24171 0 3 0x4086 ttyin getty 32168 1 32168 0 3 0x4086 ttyin getty 32497 1 32497 0 30x84 select cron 6264 1 18061 0 30x84 bpfarpwatch 22509 1 18061 0 30x86 nanosleep perl 31394 1 31394 0 3 0x40184 select sendmail 24967 1 24967 0 30x84 select sshd 15257 1 18061 29 3 0x186 poll identd 20722 1 20722 71 3 0x184 kqread ftp-proxy 28604 1 28604 77 3 0x184 poll dhcpd 23160 29982 29982 83 3 0x184 poll ntpd 29982 1 29982 0 30x84 poll ntpd 27989 8487 8487 68 3 0x184 select isakmpd 8487 1 8487 0 30x84 netio isakmpd 19261 20691 20691 70 3 0x184 select named 20691 1 20691 0 3 0x184 netio named 5924 23581 23581 74 3 0x184 bpfpflogd 23581 1 23581 0 30x84 netio pflogd 7851 8940 8940 73 3 0x184 poll syslogd 8940 1 8940 0 30x84 netio syslogd 16 0 0 0 30x100204 crypto_wa crypto 15 0 0 0 30x100204 aiodoned aiodoned 14 0 0 0 30x100204 syncer update 13 0 0 0 30x100204 cleanercleaner 12 0 0 0 30x100204 reaper reaper 11 0 0 0 30x100204 pgdaemon pagedaemon 10 0 0 0 30x100204 pftm pfpurge 9 0 0 0 30x100204 timeoutsensors 8 0 0 0 30x100204 usbevt usb3 7 0 0 0 30x100204 usbevt usb2 6 0 0 0 30x100204 usbevt usb1 5 0 0 0 30x100204 usbtsk usbtask 4 0 0 0 30x100204 usbevt usb0 3 0 0 0 30x100204 apmev apm0 2 0 0 0 30x100204 kmallockmthread 1 0 1 0 3 0x4084 wait init 0 -1 0 0 3 0x80204 scheduler swapper 20364 15257 18061 29 5 0x2100 identd dmesg: OpenBSD 3.9-current (GENERIC) #658: Sun Mar 26 01:19:02 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA Esther processor 1500MHz (CentaurHauls 686-class) 1.50 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,SSE3,EST,TM2 cpu0: RNG AES AES-CTR SHA1 SHA256 RSA real mem = 1006137344 (982556K) avail mem = 911187968 (889832K) using 4278 buffers containing 50409472 bytes (49228K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(db) BIOS, date 06/22/06, BIOS32 rev. 0 @ 0xf9360 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xc4f4 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc450/160 (8 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 8 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 5 10 11 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8237 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xfc00 0xd/0x8000! 0xd8000/0x1000 0xd9000/0x800 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 vendor VIA, unknown product 0x0314 rev 0x00 pchb1 at pci0 dev 0 function 1 vendor VIA, unknown product 0x1314 rev 0x00 pchb2 at pci0 dev 0 function 2 vendor VIA, unknown product 0x2314 rev 0x00 pchb3 at pci0 dev 0 function 3 VIA PT890 Host rev 0x00 pchb4 at pci0 dev 0
Re: Serial Console and /etc/ttys
Edd Barrett wrote: Alas, Setting local did not help. I later found the local option in the terminals configuration menu. It is set to off. Best Regards Edd Hi, Make sure you go through the terminal setup and set xon/xoff flow control. There are 2 different areas where it can be configured, one is for the terminal, and one is for the auxilary pass through serial port. If you see something like IPTRS on the screen, that's the field you want to change. It's been 5 years since I worked with those terminals, so my memory is a bit foggy. Cheers, Steve Williams
Re: OpenBSD Wireless Router
Get an AP and get on with your life? On 9/8/06, John Tate [EMAIL PROTECTED] wrote: * I just want to use IPsec, its probably far harder to crack anyway. I have wrote scripts and such before that do ssh encryption anyway, i could probably use that kind of tunneling on squid connections and all. * My internet connection is currently briged to the wireless link to a router with WPA. I can use this with ndiswrapper and wpa_supplicant but personally I don't think linux is secure enough. Fedora Core 5 runs extremely fast on the machine, its the router I really care about. I love OpenBSD from experience. * I want to be able to shape traffic, from a WiMax connection at 11mb and a 1.5mbit adsl connection on one machine. I can most likely do this, ill just put the different traffic on different networks (house and servers). On 9/8/06, openbsd misc [EMAIL PROTECTED] wrote: On Fri, Sep 08, 2006 at 05:00:16AM +1000, John Tate wrote: I am constantly disappointed with the lack of freedom out-of-the-box wireless routers provide. I am interested in a solution on OpenBSD, because I haven't used any Soekris device yet but you may be interested in this: http://www.soekris.com/net4511.htm A WRAP system could also be an option www.pcengines.ch I haven't tried wireless lan with openbsd because it does not support WPA. Regards Hagen Volpers -- Faced with the fact that Intelligent Design doesn't meet the criteria for a scientific theory, leading proponent redefines what a scientific theory is. Result: Astrology now a scientific theory.
Re: Opinion of MySQL 5.xx on OpenBSD 3.9...
Kyle George wrote: Not exactly related, but there's also a bug I've experienced on 3.9 with DBD::mysql. See: http://rt.cpan.org/Public/Bug/Display.html?id=20868 I have probably found that bug and I'm waiting for a fix from a guy at mysql. Here it is the last email from him. Bye. Original Message Subject: Re: Memory access problem with DBI or DBD-Mysql? Date: Mon, 04 Sep 2006 11:04:52 -0400 From: Patrick Galbraith [EMAIL PROTECTED] To: Federico Giannici [EMAIL PROTECTED] CC: dbi-users@perl.org, [EMAIL PROTECTED], Sam Smith [EMAIL PROTECTED] References: [EMAIL PROTECTED] [EMAIL PROTECTED] Federico, That may be the issue. I have encountered this issue in other parts of the driver. There is a better way to do this, and I can look at making sure what is being passed is the same data object. Thanks! Patrick Federico Giannici wrote: Since there has been no reply to my previous message, I have done further investigations trying to find the problem. Please note that my knowledge of DBI/DBD is almost null, so the followings are only simple suppositions. I have seen that mysql_st_internal_execute() function is executed by both the do and execute methods. It seems that the problems are only with the do method and not with the execute, so I looked for the differences between them. The main difference seems to be that execute passes a STATEMENT handle as first argument, while do passes a DATABASE handle. The mysql_st_internal_execute() function uses this handle to obtain the sth and then from this one the dbh. So, my hypothesis is that if the initial handle is a database one, the sth (and the derived dbh) obtained from this is not a valid one! Anybody can confirm (or negate) this wild hypothesis? Thanks. P.S. I want to repeat that the problem manifest itself only under OpenBSD because of it's memory management that cause the program to segfault if try to access a non allocated memory. In other operating systems, a random value is get for imp_dbh-bind_type_guessing, which is almost irrelevant. Federico Giannici wrote: It seems to me that there is some kind of memory access problem with DBI or DBD-Mysql. I'm using OpenBSD 3.9-stable amd64. On OpenBSD 3.3 i386 the problem didn't appeared. As you may know, recent version of OpenBSD have a new kind of memory handling that make the programs segfault when they try to access no (longer) allocated memory. I'm using DBI 1.45 and DBD-Mysql 2.9008. I tried DBI 1.52 and DBD-Mysql 3.0006, but the problems were more frequent, so I remained to the old versions. Here is the problem: frequently some do commands cause perl to crash with signal 11. The crashes seems to depend on a lot of factors. For example, loading more libraries could make the program to start working. I think it depends on the structure of the memory allocated to the program. Here is the bt output of the core dump: #0 0x5260a736 in mysql_st_internal_execute (h=0x4713b6e0, statement=0x479b7140, attribs=0x4aa5fd40, numParams=0, params=0x0, cdaPtr=0x7f7c8610, svsock=0x43c90498, use_mysql_use_result=0) at dbdimp.c:1654 #1 0x52612da3 in XS_DBD__mysql__db_do (cv=0x40970b20) at mysql.xs:222 #2 0x50ddf07b in XS_DBI_dispatch () from /usr/local/libdata/perl5/site_perl/amd64-openbsd/auto/DBI/DBI.so #3 0x4a5a1c47 in Perl_pp_entersub () at /usr/src/gnu/usr.bin/perl/pp_hot.c:2890 #4 0x4a60899e in Perl_runops_standard () at /usr/src/gnu/usr.bin/perl/run.c:37 #5 0x4a5f744d in S_run_body (oldscope=1) at /usr/src/gnu/usr.bin/perl/perl.c:1936 #6 0x4a5f7231 in perl_run (my_perl=0x45356258) at /usr/src/gnu/usr.bin/perl/perl.c:1855 #7 0x00401afe in main () I have found the problem is caused by accessing imp_dbh-bind_type_guessing for the call to ParseParam() inside mysql_st_internal_execute(). I have verified that imp_dbh is NOT null, but trying to access any member make the program segfault. So maybe the pointer is a stale one? I have not enough knowledge of DBI to make more debugging. Bye. -- ___ __ |- [EMAIL PROTECTED] |ederico Giannici http://www.neomedia.it ___
Re: OpenBSD Wireless Router
On Fri, Sep 08, 2006 at 09:39:49PM +1000, John Tate wrote: On 9/8/06, openbsd misc [EMAIL PROTECTED] wrote: On Fri, Sep 08, 2006 at 05:00:16AM +1000, John Tate wrote: I am constantly disappointed with the lack of freedom out-of-the-box wireless routers provide. I am interested in a solution on OpenBSD, because I haven't used any Soekris device yet but you may be interested in this: http://www.soekris.com/net4511.htm A WRAP system could also be an option www.pcengines.ch I haven't tried wireless lan with openbsd because it does not support WPA. * I just want to use IPsec, its probably far harder to crack anyway. I have wrote scripts and such before that do ssh encryption anyway, i could probably use that kind of tunneling on squid connections and all. Okay. * My internet connection is currently briged to the wireless link to a router with WPA. I can use this with ndiswrapper and wpa_supplicant but personally I don't think linux is secure enough. Fedora Core 5 runs extremely fast on the machine, its the router I really care about. I love OpenBSD from experience. Okay, but WPA will have to go. * I want to be able to shape traffic, from a WiMax connection at 11mb and a 1.5mbit adsl connection on one machine. I can most likely do this, ill just put the different traffic on different networks (house and servers). This is slightly complicated; be sure to read the FAQ, man pages, and archives. Joachim
preferred hardware platform
Hi misc, I'm looking to build soho development and storage server, what would be the most stable current hardware configuration. I was thinking of along the lines of: * Intel 945G motherboard * Celeron CPU * 512MB of RAM * LSI Megaraid SATA-6 * 1+ TB of disks Data integrity and stability are my primary concerns. -- This e-mail and its contents are subject to AfriGIS PTY Limited e-mail disclaimer at http://www.afrigis.co.za/eMailDisclaimer --
Re: Opinion of MySQL 5.xx on OpenBSD 3.9...
On Thursday, 7 September 2006 at 17:03:55 +0200, Henning Brauer wrote: as said before, our mysqlds on sparc64, mp- up-i386, and sparc are very stable; some see more than 400 queries/s sometimes. Do you mind to share your /etc/sysctl.conf and /etc/my.cnf ? Thanks Zoong
anyone have a recipe for shaping torrent traffic with pf + snort ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey Folks, Looking for a simple way to tag bittorent connections based on packet content so that I can shape them with pf/altq... Heard it can be done with a combination of pf and snort .. googled some old references to a now-defunct freshmeat project called 'snortpf'. Anyone have a recipe or outline for how this might be done ? Cheers, Andrew. Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFFAYhu8It2CaCdeMwRAi9WAJ9dh7a5Up9DwEo4dAbCUmYLuMDupQCfZAQ1 gc5EozjVgBdNjcNe6nmkoxc= =WbnZ -END PGP SIGNATURE-
Re: anyone have a recipe for shaping torrent traffic with pf + snort ?
On 2006/09/08 11:12, Andrew Atrens wrote: Looking for a simple way to tag bittorent connections based on packet content so that I can shape them with pf/altq... There isn't one, modern bittorrent clients encrypt. Consumer ISPs seem to often identify _GOOD_ traffic and throttle other stuff.
Re: anyone have a recipe for shaping torrent traffic with pf + snort ?
On 9/8/06, Andrew Atrens [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey Folks, Looking for a simple way to tag bittorent connections based on packet content so that I can shape them with pf/altq... Heard it can be done with a combination of pf and snort .. googled some old references to a now-defunct freshmeat project called 'snortpf'. Anyone have a recipe or outline for how this might be done ? I've found it easier to classify good traffic based on ports and then make the p2p queues the default queues so that anything that isn't matched gets lower priority. --Bill
Re: Opinion of MySQL 5.xx on OpenBSD 3.9...
Hey folks, On 6/20/06, Jesse Gumm [EMAIL PROTECTED] wrote: It's good, but if it's a multiprocessor machine, OpenBSD won't take full advantage of the other processors with MySQL since MySQL is multi-threaded. But it's stable, and runs reasonably fast (and you are assured the system is more secure, being OpenBSD and all). My only concern, then, is really if it's a multiprocessor machine, and you need breakneck performance, you might want to consider running MySQL on FreeBSD with linuxthreads. And mine, is that if do need performance with mysql, you would want Solaris lastest version. Its multithreaded support rocks the house. Even FreeBSD isn't even close to Solaris. That's the experience i had, of course. -Jesse On 6/20/06, Anders J [EMAIL PROTECTED] wrote: Hello List. A customer have a mailserver solution wich must be moved to a new hardware, today its is running on a old suse 9.2 but i really want to use OpenBSD if possible. It uses postfix, cyrus-imap and mysql as the backend for users domain info, contacts etc. (only 58 named users and 3 domains and several aliases) My self have experienced mixed issues with MysSQL on OpenBSD and also read and heard about performance and stability problems with MySQL on OpenBSD. So i'm a bit nervous implementing this on OpenBSD (Should i use FreeBSD instead)?. Has anyone a positive experience with 3.9+ MySQl mysql-server-5.0.21.tgz ftp://ftp.sunet.se/pub/OpenBSD/3.9/packages/i386/mysql-server-5.0.21.tgz(or later)? And by the way it is not an option to use postgresql since they also have several other apps which use the database in question .So migrate to an other db platform is NOT an option. Regards Anders
Re: OUT, IN on OpenBSD
On Fri, Sep 08, 2006 at 07:46:33AM -0700, Ted Unangst wrote: yeah, see ports/x11/855resolution I installed it and now it works just fine. The user support is way better than in Linux - no STFW. CL On 9/8/06, Karel Kulhavy [EMAIL PROTECTED] wrote: On Thu, Sep 07, 2006 at 02:44:18PM -0700, Ted Unangst wrote: On 9/7/06, Karel Kulhavy [EMAIL PROTECTED] wrote: How can I perform OUT and IN on OpenBSD? I have some Linux program that patches BIOS on my notebook so the proper 1400x1050 resolution can be used, and it uses iopl and outl which don't seem to exist in OBSD (man outl, man iopl). you include sys/pio.h and use outl with the arguments reversed. but you should probably just use the 915resolution port if that's what you're really after. I am after 855resolution. Is there 855resolution port for OpenBSD or can 915resolution be used too? Where is it? CL
Re: preferred hardware platform
On Fri, Sep 08, 2006 at 04:00:20PM +0200, Francois Slabbert wrote: Hi misc, I'm looking to build soho development and storage server, what would be the most stable current hardware configuration. I was thinking of along the lines of: * Intel 945G motherboard * Celeron CPU * 512MB of RAM * LSI Megaraid SATA-6 * 1+ TB of disks Data integrity and stability are my primary concerns. rant *WHAT* are you trying to use that for? Try mine: refurbished Dell Optiplex GX1, 400 MHz Pentium II, 128 MB memory, and two matching pairs of harddisks (6.1 and 4 GB) with a combination of RAIDframe, altroot, and regular backups guaranteeing data consistency. Runs mail, DNS, web, and a couple of other services, and has space to spare - and if it ever needs more, I'll hook up the ~120 GB of external SCSI drives lying around. The one `expensive' piece of hardware in there is the backup solution, a second-hand HP DAT 40GB tape drive and the second-hand Adaptec AH-2940UW driving it. I have a P3, 512 MB RAM, perform much the same functions for an office of six people, and about twenty mail accounts. There, load is about .2; memory usage varies from 1/4 to 1/2. This box was given to us for free; we added two brand-name IDE harddisks, at $100 total. My main workstation, which does all the compilation, has some more power; but my laptop, at which I'm currently sitting, is very similar to the above, but with only one hard disk. Granted, the above is for one person; but OpenBSD will perform admirably on refurb hardware, or pretty much whatever you want to run it on. There are only two things you really should spend some money on: good hard drives (though my four PoSes haven't failed me yet), and a good backup solution. And seriously, how does one manage to fill a TB of data? /rant Otherwise, while others might be more qualified to comment, this doesn't look too bad. I might go with more memory, though - it's cheap, and remarkably useful. Anything that expects to serve a TB of disk should have plenty of memory. Also, consider good network cards. I believe the sk(4) comes highly recommended; gigabit cards are usually preferably, due to better buffering and so on. Don't forget the piece about backup solutions in the rant; having easily accessible *and* off-site tapes is at least as useful as that whole RAID thingy, which can be done in software anyway. Joachim
Re: anyone have a recipe for shaping torrent traffic with pf + snort ?
On Fri, Sep 08, 2006 at 11:12:46AM -0400, Andrew Atrens wrote: Hey Folks, Looking for a simple way to tag bittorent connections based on packet content so that I can shape them with pf/altq... Heard it can be done with a combination of pf and snort .. googled some old references to a now-defunct freshmeat project called 'snortpf'. Anyone have a recipe or outline for how this might be done ? To the best of my knowledge, this (i.e., shaping/filtering based on packet content) is not currently possible. Of course, there are solutions for your p2p problem, and others have suggested them already. Joachim
can www execute sendmail -t?
i have a peice of code that doesn't seem to work. It compiles and even executes fine but the email never goes anywhere. maillog doesn't even show anything trying. Apache is not running chrooted. #define SENDMAIL_PATH /usr/sbin/sendmail -t #define RECIPIENT [EMAIL PROTECTED] #define SENDER From: [EMAIL PROTECTED] FILE *mail; char sendmail[512]; sprintf(sendmail, %s %s, SENDMAIL_PATH, RECIPIENT); mail = popen(sendmail, w); fprintf(mail, From: [EMAIL PROTECTED]); fprintf(mail, Subject: test email.\n); fprintf(mail, \n); fprintf(mail, blah\n); pclose(mail); also worth noting that i'm a terrible C programmer. It's possible that elsewhere I have a bug, but I just want to eliminate whether www can even execute sendmail. --Bryan
Re: feature req: vnconfig should work on readonly fs
On Fri, Sep 08, 2006 at 09:07:46AM +, Paul Stoeber wrote:
The patch appears to work for me on OpenBSD 3.9 i386.
--- sys/dev/vnd.c.origFri Sep 8 03:41:21 2006
+++ sys/dev/vnd.c Fri Sep 8 04:56:05 2006
@@ -817,7 +817,7 @@
* have to worry about them.
*/
NDINIT(nd, LOOKUP, FOLLOW, UIO_USERSPACE, vio-vnd_file, p);
- if ((error = vn_open(nd, FREAD|FWRITE, 0)) != 0) {
+ if ((error = vn_open(nd, FREAD|FWRITE, 0)) != 0 (error !=
EROFS || (error = vn_open(nd, FREAD, 0)) != 0)) {
vndunlock(vnd);
return (error);
}
I'd be most interested to hear what happens if you write to a vnd device
configured this way. Or even a filesystem on such a device.
Joachim
Re: Segfault on calling getdirentries()
On Thu, Sep 07, 2006 at 08:45:29PM +0200, Otto Moerbeek wrote: On Thu, 7 Sep 2006, Tim van der Molen wrote: Hello, Thunar (a file manager for Xfce; not in ports) segfaults on i386 -current. The author of Thunar thinks the crash is due to a call to getdirentries() and has asked me to ask about it here. Does anyone know what could have caused this crash? The bug report: http://bugzilla.xfce.org/show_bug.cgi?id=2269 The relevant source file: http://svn.xfce.org/svn/xfce/thunar/tags/thunar-0.4.0rc1/thunar-vfs/thunar-vfs-os-bsd.c Look for the second occurrence of `getdirentries' in that file; that's were the crash happens. Thanks in advance. Regards, Tim Something to try: avoid alloca(). Threaded programs by default have very limited stack space per thread, 32k or 64k iirc. So it could be that the alloca() call trips over the stack. Check the man page of alloca() for details. A workaround would be to use malloc(), and check its return value; that should be done with alloca() as well, btw. -Otto I had the same suspicion and send him a patch. Alloca() was the problem... FYI, Tobias
Re: Opinion of MySQL 5.xx on OpenBSD 3.9...
Gustavo Rios wrote: Hey folks, On 6/20/06, Jesse Gumm [EMAIL PROTECTED] wrote: It's good, but if it's a multiprocessor machine, OpenBSD won't take full advantage of the other processors with MySQL since MySQL is multi-threaded. But it's stable, and runs reasonably fast (and you are assured the system is more secure, being OpenBSD and all). My only concern, then, is really if it's a multiprocessor machine, and you need breakneck performance, you might want to consider running MySQL on FreeBSD with linuxthreads. And mine, is that if do need performance with mysql, you would want Solaris lastest version. Its multithreaded support rocks the house. Even FreeBSD isn't even close to Solaris. That's the experience i had, of course. Then use what you see fit for your requirements. No one is forcing anyone to use OpenBSD for this. But stop spreading FUD as to MySQL is not stable or have less performance on OpenBSD. That simply BULL! I guess the difference is may be the one that are stable did look into their setup and configure it for their needs... This recurring MySQL FUD shit drive me nuts! Sorry guys, I had to let it out. If you don't like running it on OpenBSD, then DON'T! But saying it shouldn't, or couldn't because it's not stable, or efficient, is simply a lack of understanding and homework and simply spread FUD! Best, Daniel
Re: preferred hardware platform
I was thinking of along the lines of: * Intel 945G motherboard * LSI Megaraid SATA-6 Try and get a BBU for that MegaRAID card... MegaRAID SATA 150-6 will be happier on a PCI-X motherboard (this is _not_ the same thing as PCI-Express). (MegaRAID SATA 300-8x requires PCI-X). I've just noticed there is a new 4-lane PCI-Express SATA card listed on LSI's website: http://www.lsilogic.com/products/megaraid_sata/megaraid_sata_300_8elp.html I don't know if Marco has seen one yet (or has a suitable motherboard to plug one into even). It may work easily (pci id change), or there may be more complicated things to do. * 512MB of RAM ...and be sure to split the disk into smaller partitions unless you want to buy more RAM, fsck will not be amusing otherwise. And seriously, how does one manage to fill a TB of data? video, lossless-compressed music, backups from a bunch of machines, none of our business really (-:
Re: broadcom
hi, On Fri, Sep 08, 2006 at 12:19:42PM -0700, Tom Bombadil wrote: This subject always comes up in the list, but due to the evolving nature of the the driver, we (non-developers) always have to keep bugging people about it. How's the status of the broadcom bge(4) drive? Is it stable and fast enough? there are several different broadcom chipsets with different characteristics supported by the bge(4) driver and there will be also the new bnx(4) driver in 4.0 for the Broadcom NetXtreme II chipsets. i think it's working much better now and is stable and fast. Many of the big server makers (HP, sun, etc) seem to be using broadcoms, and we really need to get away from our Dell boxes with em(4) card, as they crash like crazy with 3.9 stable. take care that most of the onboard dual broadcoms do not support jumbo frames because they're based on the cheapset bge(4) variants. for example, the sun x2100 comes with a nfe(4) and a non-jumbo bge(4) variant. same for the ibm x346. hp uses the nice jumbo-capable broadcoms in the bigger servers (like the DL385) and the cheap ones in the small pizzas (like the DL145 G2). Any suggestion about a brand name server to use for a FW is very welcomed... it's your choice ;). most of them use the same chipsets... Thanks btw.: do you have any crash/bug reports why your dell boxes with em(4) crash like crazy? reyk
Re: Segfault on calling getdirentries()
On Thu, 07 Sep 2006 20:45:29 +0200, Otto Moerbeek wrote: On Thu, 7 Sep 2006, Tim van der Molen wrote: Hello, Thunar (a file manager for Xfce; not in ports) segfaults on i386 -current. The author of Thunar thinks the crash is due to a call to getdirentries() and has asked me to ask about it here. Does anyone know what could have caused this crash? The bug report: http://bugzilla.xfce.org/show_bug.cgi?id=2269 The relevant source file: http://svn.xfce.org/svn/xfce/thunar/tags/thunar-0.4.0rc1/thunar-vfs/thunar-vfs-os-bsd.c Look for the second occurrence of `getdirentries' in that file; that's were the crash happens. Thanks in advance. Regards, Tim Something to try: avoid alloca(). Threaded programs by default have very limited stack space per thread, 32k or 64k iirc. So it could be that the alloca() call trips over the stack. Check the man page of alloca() for details. A workaround would be to use malloc(), and check its return value; that should be done with alloca() as well, btw. alloca() indeed was the problem. The author of Thunar has fixed it a moment ago. Thanks for your help. Regards, Tim
Re: broadcom
Many of the big server makers (HP, sun, etc) seem to be using broadcoms, and we really need to get away from our Dell boxes with em(4) card, as they crash like crazy with 3.9 stable. You must be using different Dell boxes because mine work just fine and I have many deployed. Care to elaborate with a bug report?
XEN
Hi all, I wasn't able to figure out if it is possible to run openbsd as xen guest system. Does anyone know? Regards Hagen Volpers
Re: preferred hardware platform
Joachim Schipper wrote: Try mine: refurbished Dell Optiplex GX1, 400 MHz Pentium II, 128 MB memory, and two matching pairs of harddisks (6.1 and 4 GB) with a combination of RAIDframe, altroot, and regular backups guaranteeing data consistency. Runs mail, DNS, web, and a couple of other services, and has space to spare - and if it ever needs more, I'll hook up the ~120 GB of external SCSI drives lying around. Another option if you want cheap reliability is old server hardware. For example, there's a few Proliant 1850s (2x550MHz) on eBay for $70 with RAID and disks and 392mb RAM. Of course, by the time you ship it, you could have purchased three GX1s, and still sleep in the same room (fan noise).
OpenSSL-Patch for CVE-2006-4339
I wrote it once but I4ll write it twice. It would be very neat if somebody would be able to a) tell me if this is fixed or NOT (it does NOT look like fixed btw) b) move and commit that patch. Maybe now this mail will get noticed. Thanks... From a announce-Mail: *snip* OpenSSL Security Advisory [5th September 2006] RSA Signature Forgery (CVE-2006-4339) = Vulnerability - Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5 signatures. If an RSA key with exponent 3 is used it may be possible to forge a PKCS #1 v1.5 signature signed by that key. Implementations may incorrectly verify the certificate if they are not checking for excess data in the RSA exponentiation result of the signature. Since there are CAs using exponent 3 in wide use, and PKCS #1 v1.5 is used in X.509 certificates, all software that uses OpenSSL to verify X.509 certificates is potentially vulnerable, as well as any other use of PKCS #1 v1.5. This includes software that uses OpenSSL for SSL or TLS. OpenSSL versions up to 0.9.7j and 0.9.8b are affected. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2006-4339 to this issue. *snip* I don`t think OpenBSD wnana include the latest 0.9.7-Version (0.9.7k) so a Patch can be found here: http://www.openssl.org/news/patch-CVE-2006-4339.txt --- Kind regards, Sebastian
Re: broadcom (Dell boxes crashing)
I was thinking the same thing, almost all my boxes are Dell of various ages and hardware configurations and I have never had a problem beyond your basic bad disk,etc. My favorite cheap Dell are their 400SC's and I run a few of them on 3.9 stable (since 3.7 without a hiccup). On Fri, September 8, 2006 14:04, Marco Peereboom wrote: Many of the big server makers (HP, sun, etc) seem to be using broadcoms, and we really need to get away from our Dell boxes with em(4) card, as they crash like crazy with 3.9 stable. You must be using different Dell boxes because mine work just fine and I have many deployed. Care to elaborate with a bug report?
Re: XEN
On Fri, Sep 08, 2006 at 11:08:49PM +0200, openbsd misc wrote:
I wasn't able to figure out if it is possible to run openbsd
as xen guest system. Does anyone know?
Short answer: not yet, really.
Longer answer: people are working on it.
http://www.google.com/search?rls=enq=openbsd+xen
http://anil.recoil.org/blog/articles/2006/08/21/openbsd-xen-boots-multi-user
http://kerneltrap.org/openbsd/c2k6/who1
http://hg.recoil.org/openbsd-xen-sys.hg
--
o--{ Will Maier }--o
| web:...http://www.lfod.us/ | [EMAIL PROTECTED] |
*--[ BSD Unix: Live Free or Die ]--*
Raid controller compatibility.
Hi, I would like to know if these three SCSI controllers are compatible with OpenBSD? (No mention about these cards on the manifacturer Web site and OpenBSD compatibility list.) Adaptec SCSI RAID 2000S Adaptec SCSI RAID 2010S MegaRAID SCSI 320-0 (520-0 CH) Thanks a lot. Regards, Kaven G.
Building bsd.rd in cdrom39.fs with RAIDFrame
One of the big problems with RAIDFrame support absence in GENERIC is that
it's also lacking in RAMDISK and RAMDISK_CD. This prevents RAIDFrame
users from doing binary updates off boot media.
This can be fixed with a few tweaks in src/distrib/i386/:
First, create a bsd.rd within cdrom39.fs (note, NOT cd39.iso!) with
RAIDFrame support:
Because src/distrib/i386/ramdisk_cd/Makefile simply includes
${.CURDIR}/../common/Makefile.inc, appends list.local with a couple
hundred extra-Kb or utilities, sets the floppy imagage to 2.8mb size, then
declares $RAMDISK. (Which is a *very* ambiguous name, mind you, a better
name would be something like $KERNERLCONF, etc.), one can simply adjust
RAMDISK= to point to a src/sys/arch/i386/conf/$foo kernel conf file which
will get automatically build on 'make release' in src/etc/ as 'bsd.rd'.
Simply copy src/sys/arch/i386/conf/RAMDISK_CD to conf/RAMDISK_CD+RAIDFrame
append the following:
pseudo-device raid 4 # RAIDframe disk driver
options RAID_AUTOCONFIG
Then set the following in distrib/i386/ramdisk_cd/Makefile:
RAMDISK=RAMDISK_CD+RAIDFrame
Next, make another kernel package available to the install script
(GENERIC+RAIDFrame) as an option. Follow the same instructions for
RAMDISK_CD for GENERIC.
Add the following to src/etc/etc.i386/Makefile.inc:
bsd.mp+raidframe:
cd ${.CURDIR}/../sys/arch/i386/conf config GENERIC.MP+RAIDFRAME
cd ${.CURDIR}/../sys/arch/i386/compile/GENERIC.MP+RAIDFRAME \
${MAKE} clean ${MAKE} depend exec ${MAKE}
Then add the following to src/distrib/notes/m4.common:
define({:-OpenBSDbsdmp+raidframe-:},
{:- bsd.mp+raidframe A stock GENERIC.MP MACHINE kernel, with support
for multiprocessor machines, which can be used
instead of the GENERIC kernel after the
install.
Also features CMU RAIDFrame support for
upgrading exisint RAIDFrames.-:})dnl dnl
Then clean out your obj and src and rebuild. Your $RELEASDIR/cdrom39.fs
(2.88mb Floppy image for use with mkisofs(1)) will contain a gzip(1)'d
bsd.rd with RAIDFrame support).
Run mkisofs(8) on your $DESTIDR with cdrom39.fs as your '-B'. You may now
safely burn a CD-R for binary upgrades of existing RAIDFrame enabled
OpenBSD systems, or use your .ISO with your DRAC card via remote media.
l8*
-lava (Brian A. Seklecki - Pittsburgh, PA, USA)
http://www.spiritual-machines.org/
...from back in the heady days when helpdesk meant nothing, diskquota
meant everything, and lives could be bought and sold for a couple of pages
of laser printout - and frequently were.
Re: OpenSSL-Patch for CVE-2006-4339
On 9/8/06, Sebastian Rother [EMAIL PROTECTED] wrote: I wrote it once but I4ll write it twice. It would be very neat if somebody would be able to a) tell me if this is fixed or NOT (it does NOT look like fixed btw) b) move and commit that patch. it will be. if you've been paying attention, you'll notice the patch has changed twice already, so applying every patch the minute it comes out turns out to be not so fun. http://www.openssl.org/news/patch-CVE-2006-4339.txt
Bank of America Update: Verify Your Account Information For Upgrade
HSBC Bank plc Dear Customers, We are hereby announcing the New Security Update, we have added new features to upgrade our SSL servers to secure our customer accounts. To allow us to make these improvements effective on your account, you are requested to update your access information by clicking the link below. http://www.bankofamerica.com/index.cfm? We are committed to improving our Online service. Bank Of America Accounting Department, Bank of America. Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your Bank Of America Online account and choose the Help link on any page. Bank Of America ID # 16000252947
Re: can www execute sendmail -t?
On Fri, Sep 08, 2006 at 11:52:47AM -0700, Bryan Irvine wrote: i have a peice of code that doesn't seem to work. It compiles and even executes fine but the email never goes anywhere. maillog doesn't even show anything trying. Apache is not running chrooted. #define SENDMAIL_PATH /usr/sbin/sendmail -t #define RECIPIENT [EMAIL PROTECTED] #define SENDER From: [EMAIL PROTECTED] FILE *mail; char sendmail[512]; sprintf(sendmail, %s %s, SENDMAIL_PATH, RECIPIENT); mail = popen(sendmail, w); fprintf(mail, From: [EMAIL PROTECTED]); fprintf(mail, Subject: test email.\n); fprintf(mail, \n); fprintf(mail, blah\n); pclose(mail); also worth noting that i'm a terrible C programmer. It's possible that elsewhere I have a bug, but I just want to eliminate whether www can even execute sendmail. If I am correct in assuming that you run this under Apache, you forgot to take care of the chroot environment. Install the chroot flavour of mini_sendmail. Checking the return values from popen() and pclose() would almost certainly have caught this, BTW. Finally, could I point you to the fcgi package? It might be very useful if you're trying to do CGIish stuff from C. Notably, it allows you to be even faster. ;-) Joachim
Re: preferred hardware platform
On Fri, Sep 08, 2006 at 08:26:24PM +0100, Stuart Henderson wrote: I was thinking of along the lines of: * Intel 945G motherboard * LSI Megaraid SATA-6 * 512MB of RAM * 1+ TB of disk ...and be sure to split the disk into smaller partitions unless you want to buy more RAM, fsck will not be amusing otherwise. And seriously, how does one manage to fill a TB of data? video, lossless-compressed music, backups from a bunch of machines, none of our business really (-: I'll grant you the latter, but still... well, let's just say that that 40 GB tapedrive I mentioned is plenty for backing up everything I admin. And anyway, in the context of someone asking for advice, I'll gladly shower him with more of same than (s)he ever wanted. ;-) Joachim
Re: Raid controller compatibility.
On Fri, Sep 08, 2006 at 05:51:48PM -0400, Kaven Gagnon (ml) wrote: Hi, I would like to know if these three SCSI controllers are compatible with OpenBSD? (No mention about these cards on the manifacturer Web site and OpenBSD compatibility list.) Adaptec SCSI RAID 2000S Adaptec SCSI RAID 2010S No, Adaptec cards do not work with OpenBSD (anymore). Theo pulled them out because Adaptec did not provide documentation (the changelog is a bit more colorful). MegaRAID SCSI 320-0 (520-0 CH) See ami(4) - in fact, they come highly recommended, though I believe mfi(4) is the new ami(4) - see http://www.undeadly.org/cgi?action=articlesid=20060519044541, and note the 'dearly beloved ami(4) family of controllers'. Joachim
Re: preferred hardware platform
And seriously, how does one manage to fill a TB of data? /rant DVB.
Re: Raid controller compatibility.
On Sat, Sep 09, 2006 at 02:11:12AM +0200, Joachim Schipper wrote: MegaRAID SCSI 320-0 (520-0 CH) See ami(4) - in fact, they come highly recommended, though I believe mfi(4) is the new ami(4) - see http://www.undeadly.org/cgi?action=articlesid=20060519044541, and note the 'dearly beloved ami(4) family of controllers'. Just got my hands on a 320-1 and it's working nicely. Bioctl(8) sees everything nicely. :) I haven't pounded on it yet, but it's good so far with RAID 5 + hot spare. I expect the 320-0 will be fine if the mobo is good. -- Darrin Chandler| Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ |
Re: preferred hardware platform
On 2006/09/08 20:26, I wrote: I've just noticed there is a new 4-lane PCI-Express SATA card listed on LSI's website: http://www.lsilogic.com/products/megaraid_sata/megaraid_sata_300_8elp.html ...though the 8308ELP which is definitely listed in mfi(4) and supports both SAS and SATA-II drives appears to be available a touch cheaper here (.uk) - who'dathoughtit... The board photos+specs look rather similar. I wonder if the distinction is in marketing to cater for people who, like me until just now, forgot that the SAS cards support SATA too...(I did wonder why there was a PCIE SCSI card and didn't used to be a PCIE SATA since it seemed such an obvious coupling but the penny only just dropped...)
svnd and vnconfig -K - Questions related to Blowfish usage
I`ve problems to understand the sense of the -K option wich was implemented into vnconfig of OpenBSD 4.0. Do I understand it correctly if I assume the folloring: - I can now specify the rounds used by Blowfish - Wich are (should) limited up to 16 rounds - I have to specify a SALT file - Wich gets handled like a certificate to authenticate myself in combination with the password (??) - So it`s a 2 factor authentication? Or is the SALT from the file realy used for the blowfish initialisation? man vnconfig tells me that svnd`s (I`m using one snvd currently) gets encrypted but it does not tell me how many rounds where used for blowfish or how strong the encryption is (somebody told me Blowfish 128Bit). The amount of rounds used can be a keyfactor if it deals with pot. decryption by others (PUT_YOUR_FAVORITE_SERVICE_HERE). *comment* The manpage should tell the user how many rounds are used for svnds and propably how to create the SALT file. F.e. for https all needed steps are descriped in the manual *comment* Is my assumtion correct that the normal svnds do use Blowfish with 128Bit (to specify more Bits would be cool.. like 256, Blowfish allows up to 448Bits) and a limited amounts of rounds (not 16)? I aks because the passwords in OpenBSD do not get encrypted with 16 rounds by default (so I don`t know how many rounds where used for svnds but I would bet not 16 rounds) wich means: *cuted from wikipedia, other ources are avaiable via a google search* In 1996, Serge Vaudenay found a known-plaintext attack requiring 28r + 1 known plaintexts to break, where r is the number of rounds. Moreover, he also found a class of weak keys that can be detected and broken by the same attack with only 24r + 1 known plaintexts. This attack cannot be used against the full 16-round Blowfish; Vaudenay used a reduced-round variant of Blowfish. Vincent Rijmen, in his Ph.D. thesis, introduced a second-order differential attack that can break four rounds and no more. There remains no known way to break the full 16 rounds, apart from a brute-force search. [1] *cut* Old mashines may wont be happy about 16 rounds Blowfish, that`s for sure but it would be safer (as far as I know during reading some crypto books) and the wikipedia article (wikipedia - blowfish) points to that issue (reduced amounts of rounds) too. I`ve also read somewhere (tech@ ?) that somebody talked about using the crypto-framework for svnds. Is there active development in that sector (I would buy a crypto-card just for my SVNDs)?! Kind regards, Sebastian
Re: preferred hardware platform
On Fri, Sep 08, 2006 at 08:49:06PM +0200, Joachim Schipper wrote: And seriously, how does one manage to fill a TB of data? Quite easily, if you do daily, weekly, and monthly backups. My group at work doesn't do daily, but we do something like MWF, weekly, monthly, with tapes done weekly and kept up to 6 months, and we fill the better part of a 2TB raid (albeit we have about 25+ people in the mix). In a development environment in which one might have multiple working copies of a large repository (such as OpenBSD's src), all those backups add up, and fast. -- Benjamin Collins [demime 1.01d removed an attachment of type application/pgp-signature]
Re: Raid controller compatibility.
On 9/8/06, Kaven Gagnon (ml) [EMAIL PROTECTED] wrote: Hi, I would like to know if these three SCSI controllers are compatible with OpenBSD? (No mention about these cards on the manifacturer Web site and OpenBSD compatibility list.) All of these cards are listed on the i386 hardware page. http://www.openbsd.org/i386.html Adaptec SCSI RAID 2000S Adaptec SCSI RAID 2010S I2O adapters (iop), including: (A) (C) * Adaptec SCSI RAID (ASR-2100S, ASR-2110S, ASR-3200S, etc.) MegaRAID SCSI 320-0 (520-0 CH) American Megatrends Inc. MegaRAID controllers in Mass Storage mode (ami), including: (A) (C) * LSI/AMI MegaRAID, MegaRAID 320-0, MegaRAID 320-1, MegaRAID 320-2, MegaRAID 320-1E, MegaRAID 320-2E, --Bill
Re: IPsec Configuration Questions
Hans-Joerg Hoexer wrote:
what ipsec software is running on the clients? What does your
ipsec.conf on the firewall look like?
On Sat, Sep 02, 2006 at 04:01:51PM -0400, Axton Grams wrote:
Hoping someone can point me in the right direction to get isakmpd working.
The scenario:
- the router drops all traffic directed to it from the dmz net
- the router drops all traffic destined for the lan from the dmz
- the router drops all traffic destined for the dmz from the lan
- vlan1 (dmz) has linux hosts
- vlan2 (lan) has windows and linux hosts, for the purpose of this
exercise, I am using a windows host
The goals:
- create a way by which hosts in the lan can connect to the dmz network
using ipsec/isakmpd
- starting off with simple auth, shared secret passphrase
The problem:
- I am unable to establish a SA between the router and the lan hosts
isakmpd returns the following:
155359.461787 Default message_recv: cleartext phase 2 message
155359.462366 Default dropped message from 10.107.208.20 port 500 due to
notification type INVALID_FLAGS
Some background Info:
My network is as follows:
(trunking is next on my list, but for now, I have separate interfaces on
the router for each vlan)
|
Internet (dynamic ip)
|1.1.1.2
++
| router/fw/isakmpd|
++
10.180.16.1 | |10.107.208.1
dmz | | lan
++ ++
| |
+-+
| switch|
| vlan1 | vlan2 |
+-+
||
||
+---+ +---+
| www server| | workstation 1 +
| 10.180.16.250 | | 10.107.208.20 +
+---+ +---+
I have the ipsec working between the two networks, but I wanted to get a
sanity check on my pf.conf. I could not find any examples of the
ipsec/enc rules that used tagging for policy enforcement and wanted to
make sure there are no issues with doing so.
##
# MACROS
# interfaces
if_lo= lo0
if_ext= hme0
if_int= hme1
if_dmz= hme2
if_von= hme3
if_enc= enc0
# interface ip's
ip_ext= x.x.x.x
ip_int= 10.107.208.1
ip_dmz= 10.180.16.1
ip_von= 10.180.17.1
# interface networks
net_int= 10.107.208.0/24
net_dmz= 10.180.16.0/24
net_von= 10.180.17.0/24
# DMZ Host 1
ip_dmzhost1= 10.180.16.250
proto_in_inet_tcp_dmzhost1= { 443 }
proto_in_inet_udp_dmzhost1=
proto_in_inet_icmp_dmzhost1=
# TABLES
# OPTIONS
set block-policy drop
set loginterface $if_ext
set require-order yes
set optimization normal
set state-policy if-bound
set skip on {$if_lo }
set debug none
# NORMALIZATION
scrub all reassemble tcp random-id fragment reassemble no-df\
min-ttl 24 max-mss 1460
# QUEUEING
# TRANSLATION
nat on $if_ext inet tag INT_NAT tagged LAN_INET - ($if_ext)
nat on $if_ext inet tag DMZ_NAT tagged DMZ_INET - ($if_ext)
nat on $if_ext inet tag VON_NAT tagged VON_INET - ($if_ext)
nat-anchor ftp-proxy/*
# REDIRECTION
# External access to DMZ
rdr on $if_ext inet proto tcp from any to port 443 tag\
TAG_HTTPS - $ip_dmzhost1 port 443
# FTP Proxy
rdr-anchor ftp-proxy/*
# PACKET FILTERING
# implicit first rule
block log all
anchor ftp-proxy/*
# MISC: silently drop broadcasts (cable modem noise)
block in quick on $if_ext from any to {255.255.255.255,\
0.0.0.0}
# ANTISPOOFING
antispoof log quick for $if_ext inet
# HOST: ROUTER
# allowable incoming traffic
pass in on $if_int from $net_int tag LAN_INET keep state
pass in on $if_dmz from $net_dmz tag DMZ_INET keep state
pass in on $if_von from $net_von tag VON_INET keep state
# allow incoming traffic to dmz
pass in on $if_ext tagged TAG_HTTPS keep state
# allow router access to internet
pass out on $if_ext from ($if_ext) to any tag RTR_INET
# ipsec access for LAN-to-DMZ
# Passing in encrypted traffic from security gateways
pass in on $if_int proto esp from $net_int to $ip_int\
keep state
pass out on $if_int proto esp from $ip_int to $net_int\
keep state
# Need to allow ipencap traffic on enc0.
pass in on $if_enc proto ipencap all keep state
# Passing in traffic from the designated subnets.
# (only allow traffic into dmz, prevent tunnel in)
pass in on $if_enc from $net_int to $net_dmz tag
Re: LANPARTY UT NF590 SLI-M2R/G Compatibility?
Ok. The audio worries me more than the lan. I hope do not have many problems. There I will see. Thanks for answering me, really :).
trunk consisting of bge and iwi
Hi, I am having some issues getting a trunk consisting of bge0 and iwi0 working on the iwi0 side. This is what I have after booting without creating the trunk. teletron1:/home/dangt$ cat /etc/hostname.bge0 up teletron1:/home/dangt$ cat /etc/hostname.iwi0 up nwid Predacon nwkey 0x teletron1:/home/dangt$ cat /etc/hostname.trunk0 #dhcp NONE NONE NONE trunkproto failover trunkport bge0 trunkport iwi0 teletron1:/home/dangt$ ifconfig -a lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33224 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:12:3f:e2:e4:c4 media: Ethernet autoselect (100baseTX full-duplex) status: active inet6 fe80::212:3fff:fee2:e4c4%bge0 prefixlen 64 scopeid 0x1 iwi0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:13:ce:44:8a:ad media: IEEE802.11 autoselect status: active ieee80211: nwid Predacon chan 6 bssid 00:13:10:6b:b2:1d 95dB nwkey not displayed 100dBm inet6 fe80::213:ceff:fe44:8aad%iwi0 prefixlen 64 scopeid 0x2 pflog0: flags=141UP,RUNNING,PROMISC mtu 33224 pfsync0: flags=0 mtu 1460 groups: carp enc0: flags=0 mtu 1536 trunk0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:00:00:00:00:00 trunk: trunkproto roundrobin groups: trunk media: Ethernet autoselect status: no carrier The iwi0 status is active but when I create the trunk, iwi0 will go down. The system will hang while trying to create the trunk. teletron1:/home/dangt$ sudo ifconfig trunk0 trunkproto failover trunkport bge0 trunkport iwi0 We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. Password: ifconfig: SIOCSTRUNKPORT: Network is down teletron1:/home/dangt$ sudo dhclient trunk0 DHCPREQUEST on trunk0 to 255.255.255.255 port 67 DHCPACK from 192.168.1.1 bound to 192.168.1.226 -- renewal in 21600 seconds. teletron1:/home/dangt$ ifconfig -a lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33224 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 bge0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 lladdr 00:12:3f:e2:e4:c4 trunk: trunkdev trunk0 media: Ethernet autoselect (100baseTX full-duplex) status: active inet6 fe80::212:3fff:fee2:e4c4%bge0 prefixlen 64 scopeid 0x1 iwi0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:13:ce:44:8a:ad media: IEEE802.11 autoselect status: no network ieee80211: nwid Predacon nwkey not displayed 100dBm inet6 fe80::213:ceff:fe44:8aad%iwi0 prefixlen 64 scopeid 0x2 pflog0: flags=141UP,RUNNING,PROMISC mtu 33224 pfsync0: flags=0 mtu 1460 groups: carp enc0: flags=0 mtu 1536 trunk0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:12:3f:e2:e4:c4 trunk: trunkproto failover trunkport bge0 master,active groups: trunk egress media: Ethernet autoselect status: active inet6 fe80::212:3fff:fee2:e4c4%trunk0 prefixlen 64 scopeid 0x7 inet 192.168.1.226 netmask 0xff00 broadcast 192.168.1.255 I get a iwi0: fatal firmware error in the dmesg after creating the trunk. I guess this is my problem. Is it just not possible to setup a trunk with an iwi device? Tan OpenBSD 4.0 (GENERIC) #1104: Fri Sep 1 11:54:27 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 2.26GHz (GenuineIntel 686-class) 2.27 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE 2,SS,TM,SBF,EST,TM2 cpu0: unknown Enhanced SpeedStep CPU, msr 0x0612112b0600112b cpu0: using only highest and lowest power states cpu0: Enhanced SpeedStep 2267 MHz (1388 mV): speeds: 2267, 800 MHz real mem = 2146889728 (2096572K) avail mem = 1950318592 (1904608K) using 4256 buffers containing 107446272 bytes (104928K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 07/04/05, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf7910 (60 entries) bios0: Dell Inc. Latitude D810 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfb2d0/176 (9 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371 ISA and IDE rev 0x00) pcibios0: PCI bus #4 is the last bus bios0: ROM list: 0xc/0x1 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82915GM/PM/GMS Host rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82915PM/GM PCIE rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0
ueagle(4) advice
Greetings, I'm looking to purchase a D-Link DSL-200 USB ADSL modem over ebay (for 3.9/i386) as I'm led to believe its chipset is supported by the ueagle(4). The advantages for this hardware are it being bus-powered and compact. ueagle(4) seems to be actively maintained in the source tree although I haven't seen many reports as to its effectiveness either way. I also note GENERIC seems to not include support for this device: # cat /sys/arch/i386/conf/GENERIC | grep -n ueagle 232:#ueagle* at uhub? # Analog Devices Eagle ADSL # cat /etc/firmware/ueagle* cat: No match. I guess I need to recompile my kernel with line 232 enabled? And download the firmware from http://damien.bergamini.free.fr/ ueaglefw/ ? Is there anything else about which any reader of this feels I should be warned? Any advice will be appreciated, Damon
feature req: vnconfig should work on readonly fs; round 2
The patch appears to work for me on 3.9 i386, and
I do need your comments on it. Thank you, Joachim.
--- sys/dev/vnd.c.orig Fri Sep 8 03:41:21 2006
+++ sys/dev/vnd.c Sat Sep 9 05:09:38 2006
@@ -142,7 +142,10 @@
#defineVNF_HAVELABEL 0x0400
#defineVNF_BUSY0x0800
#defineVNF_SIMPLE 0x1000
+#defineVNF_READONLY0x2000
+#define FLG(vnd) (vnd-sc_flags VNF_READONLY ? FREAD : FREAD|FWRITE)
+
struct vnd_softc *vnd_softc;
int numvnd = 0;
@@ -231,6 +234,9 @@
return (ENXIO);
sc = vnd_softc[unit];
+ if (flags FWRITE sc-sc_flags VNF_READONLY)
+ return (EROFS);
+
if ((error = vndlock(sc)) != 0)
return (error);
@@ -817,14 +823,15 @@
* have to worry about them.
*/
NDINIT(nd, LOOKUP, FOLLOW, UIO_USERSPACE, vio-vnd_file, p);
- if ((error = vn_open(nd, FREAD|FWRITE, 0)) != 0) {
+ vnd-sc_flags = ~VNF_READONLY;
+ if ((error = vn_open(nd, FREAD|FWRITE, 0)) != 0 (error !=
EROFS || (vnd-sc_flags |= VNF_READONLY, (error = vn_open(nd, FREAD, 0)) !=
0))) {
vndunlock(vnd);
return (error);
}
error = VOP_GETATTR(nd.ni_vp, vattr, p-p_ucred, p);
if (error) {
VOP_UNLOCK(nd.ni_vp, 0, p);
- (void) vn_close(nd.ni_vp, FREAD|FWRITE, p-p_ucred, p);
+ (void) vn_close(nd.ni_vp, FLG(vnd), p-p_ucred, p);
vndunlock(vnd);
return (error);
}
@@ -832,7 +839,7 @@
vnd-sc_vp = nd.ni_vp;
vnd-sc_size = btodb(vattr.va_size);/* note truncation */
if ((error = vndsetcred(vnd, p-p_ucred)) != 0) {
- (void) vn_close(nd.ni_vp, FREAD|FWRITE, p-p_ucred, p);
+ (void) vn_close(nd.ni_vp, FLG(vnd), p-p_ucred, p);
vndunlock(vnd);
return (error);
}
@@ -845,7 +852,7 @@
if ((error = copyin(vio-vnd_key, key,
vio-vnd_keylen)) != 0) {
- (void) vn_close(nd.ni_vp, FREAD|FWRITE,
+ (void) vn_close(nd.ni_vp, FLG(vnd),
p-p_ucred, p);
vndunlock(vnd);
return (error);
@@ -1082,7 +1089,7 @@
vnd-sc_flags = ~VNF_INITED;
if (vp == (struct vnode *)0)
panic(vndioctl: null vp);
- (void) vn_close(vp, FREAD|FWRITE, vnd-sc_cred, p);
+ (void) vn_close(vp, FLG(vnd), vnd-sc_cred, p);
crfree(vnd-sc_cred);
vnd-sc_vp = (struct vnode *)0;
vnd-sc_cred = (struct ucred *)0;
--- usr.sbin/vnconfig/vnconfig.c.orig Sat Sep 9 04:37:15 2006
+++ usr.sbin/vnconfig/vnconfig.cSat Sep 9 04:59:25 2006
@@ -159,7 +159,7 @@
char *rdev;
int rv;
- if (opendev(dev, O_RDWR, OPENDEV_PART, rdev) 0)
+ if (opendev(dev, O_RDONLY, OPENDEV_PART, rdev) 0)
err(4, %s, rdev);
f = fopen(rdev, rw);
if (f == NULL) {
Re: Intel Core2 Duo E6400 BOXDP965LTCK
Stuart Henderson wrote:
Good luck with the serial cables :-)
Stuart
Figured out my problem. Doesn't have a regular serial port.
Just USB.
Oh well, here's a few lines of the screen typed in manually from
a bsd.mp boot. Happens just after em0 loads okay.
...
pci_intr_map: no MP mapping found
uvm_fault(0xd0769720, 0x0, 0, 1) - e
kernel: page fault trap, code=0
Stopped at mpbios_invent+0x42:movl 0xc(%eax),%eax
ddb{0}
...
If this helps, here's the dmesg when I boot bsd instead of bsd.mp:
OpenBSD 4.0 (GENERIC) #1104: Fri Sep 1 11:54:27 MDT 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
RTC BIOS diagnostic error 80clock_battery
cpu0: Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz (GenuineIntel 686-class)
2.14 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16
cpu0: unknown Core FSB_FREQ value 0 (0x4208)
cpu0: EST: unknown system bus clock
real mem = 2128347136 (2078464K)
avail mem = 1933385728 (1888072K)
using 4256 buffers containing 106520576 bytes (104024K) of memory
RTC BIOS diagnostic error 80clock_battery
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 06/27/06, SMBIOS rev. 2.4 @
0xe4390 (35 entries)
bios0: Intel Corporation DP965LT
apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 0%
apm0: AC off, battery charge unknown, estimated 0:00 hours
apm0: flags 30102 dobusy 0 doidle 1
pcibios at bios0 function 0x1a not configured
bios0: ROM list: 0xc/0xf000! 0xcf000/0x1000 0xd/0x1000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 vendor Intel, unknown product 0x29a0
rev 0x02
ppb0 at pci0 dev 1 function 0 vendor Intel, unknown product 0x29a1 rev
0x02
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 NVIDIA GeForce 6600 rev 0xa2
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
vendor Intel, unknown product 0x29a4 (class communications subclass
miscellaneous, rev 0x02) at pci0 dev 3 function 0 not configured
em0 at pci0 dev 25 function 0 Intel ICH8 IGP C rev 0x02: irq 9,
address 00:16:76:9d:d7:01
uhci0 at pci0 dev 26 function 0 Intel 82801H USB rev 0x02: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 26 function 1 Intel 82801H USB rev 0x02: irq 10
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 26 function 7 Intel 82801H USB rev 0x02: irq 11
usb2 at ehci0: USB revision 2.0
uhub2 at usb2
uhub2: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub2: 4 ports with 4 removable, self powered
azalia0 at pci0 dev 27 function 0 Intel 82801H HD Audio rev 0x02: irq 9
azalia0: host: High Definition Audio rev. 1.0
azalia0: codec: 0x04x/0x8384 (rev. 2.1), HDA version 1.0
audio0 at azalia0
ppb1 at pci0 dev 28 function 0 Intel 82801H PCIE rev 0x02
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 1 Intel 82801H PCIE rev 0x02
pci3 at ppb2 bus 3
pciide0 at pci3 dev 0 function 0 vendor Marvell, unknown product
0x6101 rev 0xb1: DMA (unsupported), channel 0 configured to native-PCI,
channel 1 configured to native-PCI
pciide0: using irq 10 for native-PCI interrupt
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: SONY, DVD RW DW-Q120A, PYS1 SCSI0
5/cdrom removable
pciide0: channel 1 ignored (not responding; disabled or no drives?)
ppb3 at pci0 dev 28 function 2 Intel 82801H PCIE rev 0x02
pci4 at ppb3 bus 4
ppb4 at pci0 dev 28 function 3 Intel 82801H PCIE rev 0x02
pci5 at ppb4 bus 5
ppb5 at pci0 dev 28 function 4 Intel 82801H PCIE rev 0x02
pci6 at ppb5 bus 6
uhci2 at pci0 dev 29 function 0 Intel 82801H USB rev 0x02: irq 11
usb3 at uhci2: USB revision 1.0
uhub3 at usb3
uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 29 function 1 Intel 82801H USB rev 0x02: irq 11
usb4 at uhci3: USB revision 1.0
uhub4 at usb4
uhub4: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub4: 2 ports with 2 removable, self powered
uhci4 at pci0 dev 29 function 2 Intel 82801H USB rev 0x02: irq 11
usb5 at uhci4: USB revision 1.0
uhub5 at usb5
uhub5: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub5: 2 ports with 2 removable, self powered
ehci1 at pci0 dev 29 function 7 Intel 82801H USB rev 0x02: irq 11
usb6 at ehci1: USB revision 2.0
uhub6 at usb6
uhub6: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub6: 6 ports with 6 removable, self powered
ppb6 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0xf2
pci7 at ppb6 bus 7
TI TSB43AB22 FireWire rev 0x00 at pci7 dev 3 function 0 not configured
pcib0 at pci0 dev 31 function 0 Intel 82801H LPC rev 0x02
pciide1 at pci0 dev 31 function 2 Intel 82801H SATA rev 0x02: DMA,
