Re: Bottleneck in httpd. I need help to address capacity issues on max parallel and rate connections
Ted Unangst wrote: On 5/9/07, Daniel Ouellet [EMAIL PROTECTED] wrote: I try to stay safe in my choices and comments are welcome, but I have to point out as well that ALL the values below needs to be changes to that new value to get working well. If even only one of them is not at the level below, the results in the tests start to be affected pretty bad at times. net.bpf.bufsize=524288 net.inet.ip.redirect=0 never mind the rest, but these two really make no sense. none. Make no sense in the test and improving results, or make no sense in setting them as such here? net.inet.ip.redirect=0 Is to disable ICMP routing redirects. Otherwise, your system could have its routing table misadjusted by an attacker. Wouldn't be wise to do so? May be if PF is turn on, then there is no reason for this, but with PF ON, I get drop and need to address that. Didn't pursue it yet as dead however. As for the net.bpf.bufsize, I am looking again in my notes and tests, it's use for Berkeley Packet Filter (BPF), to maintains an internal kernel buffer for storing packets received off the wire. Yes in that case it make sense not to have that here. I redid the tests with the default value and yes you are right! This one is wrong here. May be lack of sleep. (; Thanks for correcting me! I also have the revise my statement on the net.inet.ip.portfirst=32768 effect. In a series of new tests, it doesn't have the impact noted the first test runs. So, I would keep it as default value as well now. May be it was when PF was enable that I have more of an impact then. But my notes are not clear on that specific one. Anything else you see that may be questionable in what I sent? I am doing more tests with different hardware to be sure it's all sane value in the end. Other wise many thanks for having taken the time to look it over and give me your feedback on it! I sure appreciate it big time! Best Daniel
Unfamiliar (to me only) ports behavior
Dear gentleman/madam, i have just installed openbsd 4.1. I am very happy with it, but something i was not expecting is happening: As an ordinary user (belonging to the group wheel) i switched to the ports collection directory (/usr/ports/x11/openmotif) and issued i make fetch. I got surprised when the tarball started to be dowloaded in /usr/ports/distfiles although its sticky bit is not on. May someone here explain me how it is possible? Thanks in advance.
Xdm fix in Xenocara
Hi misc@, dunno if it has already been reported, since the switch to xenocara xdm didn't want to start anymore, it was complaining (/var/log/xdm.log) for missing files in /usr/X11R6/lib/X11/xdm (which didn't exist..) Maybe it's only on my boxes (regularly updated from snapshots, not fresh installs) As a quickfix i manually symlinked /usr/X11R6/lib/X11/xdm@ - /etc/X11/xdm/ and it works now, but i suppose it should be fixed in xdm at compile/configure-time ? Landry
Re: Unfamiliar (to me only) ports behavior
John Nietzsche wrote: Dear gentleman/madam, i have just installed openbsd 4.1. I am very happy with it, but something i was not expecting is happening: As an ordinary user (belonging to the group wheel) i switched to the ports collection directory (/usr/ports/x11/openmotif) and issued i make fetch. I got surprised when the tarball started to be dowloaded in /usr/ports/distfiles although its sticky bit is not on. May someone here explain me how it is possible? Please provide some more info: $ cd /usr/ports/distfiles $ ls -ld . openmotif* $ cat /etc/mk.conf Did you grant yourself permission in the sudoers file? Disclaimer: I am not running 4.1
net.inet.tcp.keepinittime
Quick question. In FAQ 6.6.1 we have reference for: net.inet.tcp.keepinittime http://www.openbsd.org/faq/faq6.html#Tuning But in man(3) sysclt we have: tcp.keepinittime Unused. I assume the man page is right, is it so? Value sure cna be preset via sysctl: # sysctl net.inet.tcp.keepinittime net.inet.tcp.keepinittime=150 # sysctl net.inet.tcp.keepinittime=10 net.inet.tcp.keepinittime: 150 - 10
Re: net.inet.tcp.keepinittime
On Thu, May 10, 2007 at 03:49:39AM -0400, Daniel Ouellet wrote: Quick question. In FAQ 6.6.1 we have reference for: net.inet.tcp.keepinittime http://www.openbsd.org/faq/faq6.html#Tuning But in man(3) sysclt we have: tcp.keepinittime Unused. I assume the man page is right, is it so? Value sure cna be preset via sysctl: # sysctl net.inet.tcp.keepinittime net.inet.tcp.keepinittime=150 # sysctl net.inet.tcp.keepinittime=10 net.inet.tcp.keepinittime: 150 - 10 keepinittime is used by the syncache to timeout SYN request. So the manpage seems to be wrong. -- :wq Claudio
Re: Bottleneck in httpd. I need help to address capacity issues on max parallel and rate connections
On Thu, May 10, 2007 at 02:31:54AM -0400, Daniel Ouellet wrote: Ted Unangst wrote: On 5/9/07, Daniel Ouellet [EMAIL PROTECTED] wrote: I try to stay safe in my choices and comments are welcome, but I have to point out as well that ALL the values below needs to be changes to that new value to get working well. If even only one of them is not at the level below, the results in the tests start to be affected pretty bad at times. net.bpf.bufsize=524288 net.inet.ip.redirect=0 never mind the rest, but these two really make no sense. none. Make no sense in the test and improving results, or make no sense in setting them as such here? net.inet.ip.redirect=0 Is to disable ICMP routing redirects. Otherwise, your system could have its routing table misadjusted by an attacker. Wouldn't be wise to do so? May be if PF is turn on, then there is no reason for this, but with PF ON, I get drop and need to address that. Didn't pursue it yet as dead however. net.inet.ip.redirect has only an effect if you enable net.inet.ip.forwarding. As you are running a server and not a router I doubt this is the case. Additionally net.inet.ip.redirect does not modify the routing table. Your are probably looking at net.inet.icmp.rediraccept. As for the net.bpf.bufsize, I am looking again in my notes and tests, it's use for Berkeley Packet Filter (BPF), to maintains an internal kernel buffer for storing packets received off the wire. Yes in that case it make sense not to have that here. I redid the tests with the default value and yes you are right! This one is wrong here. May be lack of sleep. (; Thanks for correcting me! I also have the revise my statement on the net.inet.ip.portfirst=32768 effect. In a series of new tests, it doesn't have the impact noted the first test runs. So, I would keep it as default value as well now. May be it was when PF was enable that I have more of an impact then. But my notes are not clear on that specific one. With many shortliving connections you have a lot of sockets in TIME_WAIT. Because you are testing from one host only you start to hit these entries more and more often this often results in a retry from the client. Additionally by filling all available ports the port allocation algorithm is starting to get slower but that's a problem that you will only see on the host :) The accept behaviour of OpenBSD should be fine. Anything else you see that may be questionable in what I sent? I am doing more tests with different hardware to be sure it's all sane value in the end. Other wise many thanks for having taken the time to look it over and give me your feedback on it! I think there are a few knobs that you should reconsider. I will write an other mail about that. -- :wq Claudio
Re: net.inet.tcp.keepinittime
Claudio Jeker wrote: keepinittime is used by the syncache to timeout SYN request. So the manpage seems to be wrong. Thanks for the clarification. Daniel
vpn in OBSD 4.1
Dear all i looking tutorial for install vpn in obsd 4.1 with client microsoft xp or mac also support netbios for file or print sharing so what can i use openvpn , ipsec , vpn ? -- sonjaya http://sicute.blogspot.com
Re: net.inet.tcp.keepinittime
On Thu, May 10, 2007 at 04:45:09AM -0400, Daniel Ouellet wrote: Claudio Jeker wrote: keepinittime is used by the syncache to timeout SYN request. So the manpage seems to be wrong. Thanks for the clarification. Daniel ...and with claudio's help i just updated the man page. jmc
Re: Xdm fix in Xenocara
On Thu, May 10, 2007 at 09:22:58AM +0200, Landry Breuil wrote: dunno if it has already been reported, since the switch to xenocara xdm didn't want to start anymore, it was complaining (/var/log/xdm.log) for missing files in /usr/X11R6/lib/X11/xdm (which didn't exist..) That's a configuration problem, you probably still have references to /usr/X11R6/lib/X11/xdm in your /etc/X11/xdm/xdm-config. Ciao, Kili -- Nein, mein Geddchtnis ist manchmal wie ein... Wie hei_t noch dieses Gerdt, durch das man Reis abgie_t? Kochbeutel?
OpenBSD roadtrip: Berlin Germany 2007-05-30 - 2007-06-02
Hi, after Pentecost OpenBSD/OpenSSH is at the LinuxTag in Berlin/Germany from 2007-05-30 until 2007-06-02 There will be a BSD Day with talks on friday 2007-06-01 http://www.linuxtag.org/2007/en/conf/events/vp-freitag.html Feel free to drop by and say hello Wilhelm and Wim 2007/5/9, Wim Vandeputte [EMAIL PROTECTED]: Hey, in Ede, at the NLUUG Voorjaarsconferentie 2007 in Krakow, Poland for Confidence 2007 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= https://kd85.com/notforsale.html
Re: Xdm fix in Xenocara
2007/5/10, Matthias Kilian [EMAIL PROTECTED]: On Thu, May 10, 2007 at 09:22:58AM +0200, Landry Breuil wrote: dunno if it has already been reported, since the switch to xenocara xdm didn't want to start anymore, it was complaining (/var/log/xdm.log) for missing files in /usr/X11R6/lib/X11/xdm (which didn't exist..) That's a configuration problem, you probably still have references to /usr/X11R6/lib/X11/xdm in your /etc/X11/xdm/xdm-config. Yes, you're right, files in /etc/X11/xdm are rather outdated (they're here since the installation..) Installing xetc41.tgz solved this :) (blame me, i don't update etc41.tgz and xetc41.tgz each times) Landry
Re: Unfamiliar (to me only) ports behavior
I am not playing with sudoers file! This just a bare install. $ ls -ld /usr/ports /usr/src drwxrwxr-x 46 root wheel 1024 May 10 03:21 /usr/ports drwxrwxr-x 18 root wsrc512 Mar 11 16:19 /usr/src Isn't it strange that the ports/src directories have write bit group permission on? $ cd /usr/ports/distfiles/ $ ls -ld . openmotif drwxr-xr-x 3 sioux wheel 1536 May 10 06:01 . drwxr-xr-x 2 sioux wheel 512 May 10 03:17 openmotif $ cat /etc/mk.conf cat: /etc/mk.conf: No such file or directory $ Thanks in advance. On 5/10/07, Clint Pachl [EMAIL PROTECTED] wrote: John Nietzsche wrote: Dear gentleman/madam, i have just installed openbsd 4.1. I am very happy with it, but something i was not expecting is happening: As an ordinary user (belonging to the group wheel) i switched to the ports collection directory (/usr/ports/x11/openmotif) and issued i make fetch. I got surprised when the tarball started to be dowloaded in /usr/ports/distfiles although its sticky bit is not on. May someone here explain me how it is possible? Please provide some more info: $ cd /usr/ports/distfiles $ ls -ld . openmotif* $ cat /etc/mk.conf Did you grant yourself permission in the sudoers file? Disclaimer: I am not running 4.1
Re: Redirected packet from pf is lost
Hi Stuart, I've got a Dell SC1435, running OpenBSD 4.0, with two Ethernet interfaces (bge0 and bge1) working as a gateway and firewall for our internal network. bge0 is the external connection (with a class B IPv4 address), and bge1 is the internal connection (private IP network, class C). They are both part of a bridge, bridge0: From the information you gave, I don't see any reason for these to be bridged, and there are some good reasons not to (it will increase broadcast traffic on both segments, and makes things more complex, especially where PF is concerned) The main reason you might need it is if there are also machines on bge1 with public addresses (though if that's the case, it would be cleaner to have them on a separate interface - physical or vlan) There is only one public address, which is the one on bge0. It's the first time I've setup a OpenBSD machine and I'm happy to learn of a better way to accomplish this! Based on various docs I've read I understood that I needed to create such a bridge, and since it worked I assumed it was the way to this. But I just shut down the bridge and our network still works. Thanks! Best regards, Andreas
Re: Bottleneck in httpd. I need help to address capacity issues on max parallel and rate connections
On Wed, May 09, 2007 at 06:41:27PM -0400, Daniel Ouellet wrote: Hi, I am passing my finding around for the configuration of sysctl.conf to remove bottleneck I found in httpd as I couldn't get more then 300 httpd process without crapping out badly and above that, the server simply got out of wack. SNIP === sysctl.conf changes. kern.seminfo.semmni=1024 kern.seminfo.semmns=4096 kern.shminfo.shmall=16384 kern.maxclusters=12000 What does netstat -m tell you about the peak usage of clusters is it really that high? kern.maxproc=2048 # Increase for the process limits. kern.maxfiles=5000 kern.shminfo.shmmax=67108864 kern.somaxconn=2048 Is httpd really so slow in accepting sockets that you had to increase this by factor 16? Is httpd actually doing a listen with such a large number? net.bpf.bufsize=524288 As tedu@ pointed out this has nothing todo with your setup. net.inet.ip.maxqueue=1278 Are you sure you need to tune the IP fragment queue? You are using TCP which does PMTU discovery and sets the DF flag by default so no IP fragments should be seen at all unless you borked something else. net.inet.ip.portfirst=32768 net.inet.ip.redirect=0 This has no effect unless you enable forwarding. net.inet.tcp.keepinittime=10 net.inet.tcp.keepidle=30 net.inet.tcp.keepintvl=30 These values are super aggressive especially the keepidle and keepintvl values are doubtful for your test. Is your benchmark using SO_KEEPALIVE? I doubt that and so these two values have no effect and are actually counterproductive (you are sending more packets for idle sessions). net.inet.tcp.mssdflt=1452 This is another knob that should not be changed unless you really know what you are doing. The mss calculation uses this value as safe default that is always accepted. Pushing that up to this value may have unpleasant sideeffects for people behind IPSec tunnels. The used mss is the max between mssdflt and the MTU of the route to the host minus IP and TCP header. net.inet.tcp.recvspace=65535 net.inet.tcp.sendspace=65535 net.inet.tcp.rstppslimit=400 net.inet.tcp.synbucketlimit=420 net.inet.tcp.syncachelimit=20510 If you need to tune the syncache in such extrem ways you should consider to adjust TCP_SYN_HASH_SIZE and leave synbucketlimit as is. The synbucketlimit is here to limit attacks to the hash list by overloading the bucket list. On your system it may be necessary to traverse 420 nodes on a lookup. Honestly the syncachelimit and synbucketlimit knob are totaly useless. If anything we should allow to resize the hash and calculate the both limits from there. -- :wq Claudio
Re: Bottleneck in httpd. I need help to address capacity issues on max parallel and rate connections
As requested a few times in private to make the results available, here you go with what works for me. Hope this help some anyway. Use what make sense to you based on your setup, hardware and traffic. Final value in use after testing are now set as follow for me assuming a good amount of memory to allow so many process to run. I use minimum 2GB, some have 4GB. Recompile httpd with upper limits for process. I put 2048 to allow more room in the future if needed, but I still want to be safe and limit the process lower that that. If php is in use for example, static compilation would improve, but I choose to keep the system as much as possible as default for many reasons, including maintenance, support and regular upgrades. Your choice may vary. In fstab A partition for the files used by the sites set with noatime set on it to avoid the change in last access time for each files. Definitely improve access time a lots under heavy load! httpd logs could be on it's own partition as well, mounted softdep to gain some efficiency in logs updates if very busy sites. For httpd.conf == Timeout 300 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 5 MinSpareServers 50 MaxSpareServers 100 StartServers 75 MaxClients 768 MaxRequestsPerChild 0 In sysctl.conf == # Below are values added to improve performance of httpd after # testing with http_load under parallel and rate setting. kern.maxclusters=12000 # The maximum number of mbuf(9) clusters # that may be allocated. kern.maxfiles=4096 # The maximum number of open files that # may be open in the system. kern.maxproc=2048 # The maximum number of simultaneous # processes the system will allow. kern.seminfo.semmni=1024# The maximum number of semaphore # identifiers allowed. kern.seminfo.semmns=4096# The maximum number of semaphores # allowed in the system. kern.shminfo.shmall=16384 # The maximum amount of total shared # memory allowed in the system (in # pages). kern.shminfo.shmmax=67108864# The maximum shared memory segment size # (in bytes). kern.somaxconn=2048 # Upper bound on the number of half-open # connections a process # can allow to be associated with a # socket, using listen(2). net.inet.ip.maxqueue=1280 # Fragment flood protection. Sets the # maximum number of # unassembled IP fragments in the # fragment queue. net.inet.tcp.keepidle=30# Time connection must be idle before # keepalive sent. net.inet.tcp.keepinittime=10# Used by the syncache to timeout SYN # request. net.inet.tcp.keepintvl=30 # Interval between keepalive sent to # remote machines. net.inet.tcp.mssdflt=1452 # The maximum segment size that is used # as default for non-local connections. net.inet.tcp.recvspace=65535# TCP receive buffer size. net.inet.tcp.rstppslimit=400# This variable specifies the maximum # number of outgoing # TCP RST packets per second. TCP RST # packets exceeding # this value are subject to rate # limitation and will not go # out from the node. A negative value # disables rate limitation. net.inet.tcp.sendspace=65535# TCP Send buffer size. net.inet.tcp.synbucketlimit=420 # The maximum number of entries allowed # per hash bucket in # the TCP SYN cache. net.inet.tcp.syncachelimit=20510# The maximum number of entries # allowed in the TCP SYN # cache.
Re: Unfamiliar (to me only) ports behavior
On 2007/05/10 06:11, John Nietzsche wrote: I am not playing with sudoers file! This just a bare install. A bare install does not come with /usr/ports, you must have created it. Possibly with umask 002.
Failing to get [EMAIL PROTECTED] in X
I see from the archives that I'm not alone with this problem, but I have found no solution: Trying to get the VGA port on my X40 to deliver [EMAIL PROTECTED] to my Dell E228WFP and failing. Attempt 1 with no xorg.conf in place outputs [EMAIL PROTECTED], a virtual, scrollable desktop of 1680x1050 and this Xorg.log: http://a.mongers.org/x/1-Xorg.0.log Attempt 2 with X -configure outputs same resolution and scrollable desktop, plus this xorg.conf.new and Xorg.log: http://a.mongers.org/x/2-Xorg.0.log http://a.mongers.org/x/2-xorg.conf.new Attempt 3 with above xorg.conf.new edited to contain the modeline from 'gtf 1680 1050 60' outputs the same resolution and same scrollable desktop as before. Any clues as to what I'm doing wrong? -- I prefer the dark of the night, after midnight and before four-thirty, when it's more bare, more hollow.http://a.mongers.org
Re: Unfamiliar (to me only) ports behavior
On Thu, May 10, 2007 at 06:11:49AM -0300, John Nietzsche wrote: | I am not playing with sudoers file! This just a bare install. | | $ ls -ld /usr/ports /usr/src | drwxrwxr-x 46 root wheel 1024 May 10 03:21 /usr/ports | drwxrwxr-x 18 root wsrc512 Mar 11 16:19 /usr/src | | Isn't it strange that the ports/src directories have write bit group | permission on? | | $ cd /usr/ports/distfiles/ | $ ls -ld . openmotif | drwxr-xr-x 3 sioux wheel 1536 May 10 06:01 . | drwxr-xr-x 2 sioux wheel 512 May 10 03:17 openmotif | $ cat /etc/mk.conf | cat: /etc/mk.conf: No such file or directory | $ | | | | Thanks in advance. /usr/ports is writeable by you (since you're in wheel) and you created /usr/ports/distfiles (thus owning it). It's not very strange that you can write to directories you own, basic UNIX file permission stuff. Cheers, Paul 'WEiRD' de Weerd | On 5/10/07, Clint Pachl [EMAIL PROTECTED] wrote: | John Nietzsche wrote: | Dear gentleman/madam, | | i have just installed openbsd 4.1. I am very happy with it, but | something i was not expecting is happening: | | As an ordinary user (belonging to the group wheel) i switched to the | ports collection directory (/usr/ports/x11/openmotif) and issued i | make fetch. | | I got surprised when the tarball started to be dowloaded in | /usr/ports/distfiles although its sticky bit is not on. | | May someone here explain me how it is possible? | | Please provide some more info: | | $ cd /usr/ports/distfiles | $ ls -ld . openmotif* | $ cat /etc/mk.conf | | Did you grant yourself permission in the sudoers file? | | Disclaimer: I am not running 4.1 | -- [++-]+++.+++[---].+++[+ +++-].++[-]+.--.[-] http://www.weirdnet.nl/ [demime 1.01d removed an attachment of type application/pgp-signature]
Re: Bottleneck in httpd. I need help to address capacity issues on max parallel and rate connections
Claudio Jeker wrote: net.inet.ip.redirect has only an effect if you enable net.inet.ip.forwarding. As you are running a server and not a router I doubt this is the case. Additionally net.inet.ip.redirect does not modify the routing table. Your are probably looking at net.inet.icmp.rediraccept. More reading in the man pages did the truck on that one and yes you are absolutely right. (; I also have the revise my statement on the net.inet.ip.portfirst=32768 effect. In a series of new tests, it doesn't have the impact noted the first test runs. So, I would keep it as default value as well now. May be it was when PF was enable that I have more of an impact then. But my notes are not clear on that specific one. With many shortliving connections you have a lot of sockets in TIME_WAIT. Because you are testing from one host only you start to hit these entries more and more often this often results in a retry from the client. Additionally by filling all available ports the port allocation algorithm is starting to get slower but that's a problem that you will only see on the host :) The accept behaviour of OpenBSD should be fine. I did test it with a few more hosts and as stated, the OpenBSD default was right. (; But I appreciate the additional informations! Thanks. Anything else you see that may be questionable in what I sent? I am doing more tests with different hardware to be sure it's all sane value in the end. Other wise many thanks for having taken the time to look it over and give me your feedback on it! I think there are a few knobs that you should reconsider. I will write an other mail about that. That sure would be welcome. I would be curious to see what else, or differences you may see. I did lots of tests in different setup, but I am always happy to see improvements. I have for now my somewhat final version done and looks pretty good. Much better then before for sure anyway. Now I can enjoy seeing traffic coming in instead of worry about complains. (; But more improvements and suggestions with explications would be welcome as understanding on my side anyway. Many thanks! Daniel
RedBoot not saving boot script on Thecus N2100
(No response on arm@ so I am posting this to misc@) Has there been any progress on going back to an older version of RedBoot in order to be able to boot the Thecus N2100 from the boot script? Also, do some Thecus N2100's have a serial header actually on the SATA backplane instead of just the contacts where one would be? Thank you. Bryan
Re: Thecus N2100 and RAID 1
On May 8, 2007, at 6:44 AM, Aaron Poffenberger wrote: Raidframe is really easy to use. The man pages for raidctl(8) will give you step-by-step instructions. In a nutshell, though: 1) enable raidframe in your kernel (search for RAIDframe in GENERIC to get find the line), 2) create the raidn.conf (where n is a number for the array) following the man page -- see the examples section, 3) create the raid -- again, see the examples section in the man page, 4) copy the raidn.conf file to /etc if you want auto configuration during reboots (this part didn't leap out at me from the manpage), 5) enjoy. Raidframe works very well. I followed the instructions at http://www.eclectica.ca/howto/openbsd-software-raid-howto.php and my RAID 1 is rebuilding right now. Everything seems to be working very well. I just posted another thread regarding the lack of automatic boot in latest firmware issue. Bryan
Re: Bottleneck in httpd. I need help to address capacity issues on max parallel and rate connections
Claudio Jeker wrote: On Wed, May 09, 2007 at 06:41:27PM -0400, Daniel Ouellet wrote: Hi, I am passing my finding around for the configuration of sysctl.conf to remove bottleneck I found in httpd as I couldn't get more then 300 httpd process without crapping out badly and above that, the server simply got out of wack. SNIP === sysctl.conf changes. kern.seminfo.semmni=1024 kern.seminfo.semmns=4096 kern.shminfo.shmall=16384 kern.maxclusters=12000 What does netstat -m tell you about the peak usage of clusters is it really that high? I will do an other series of tests in the next few days and be sure of it before putting my foot in my mouth. But at 1, I was getting drops in my test setup. kern.maxproc=2048 # Increase for the process limits. kern.maxfiles=5000 kern.shminfo.shmmax=67108864 kern.somaxconn=2048 Is httpd really so slow in accepting sockets that you had to increase this by factor 16? Is httpd actually doing a listen with such a large number? Yes, I was doing tests using a few clients and pushing the server at 2000 parallel connections to test with. That was in lab test and in real life, I assume that half should be fine. But I wanted to be safe. So, place for review on my side. net.bpf.bufsize=524288 As tedu@ pointed out this has nothing todo with your setup. Agreed before and was removed after more reading. You are right. net.inet.ip.maxqueue=1278 Are you sure you need to tune the IP fragment queue? You are using TCP which does PMTU discovery and sets the DF flag by default so no IP fragments should be seen at all unless you borked something else. With smaller queue I was getting slower responses and drop. May be a need a better way to verify this situation for a fact. net.inet.ip.portfirst=32768 net.inet.ip.redirect=0 This has no effect unless you enable forwarding. Was removed as well. net.inet.tcp.keepinittime=10 net.inet.tcp.keepidle=30 net.inet.tcp.keepintvl=30 These values are super aggressive especially the keepidle and keepintvl values are doubtful for your test. Is your benchmark using SO_KEEPALIVE? I doubt that and so these two values have no effect and are actually counterproductive (you are sending more packets for idle sessions). Yes, aggressive I was/am. Keep Alive was/is in use yes. I will have more to play with in lab and see if I was to aggressive and look like you would think I am. The default value give me not as good results however. More tests needed specifically on this and I will do so. May be the defaults are fine, I will see if I can find a way to be more objective about these values. net.inet.tcp.mssdflt=1452 This is another knob that should not be changed unless you really know what you are doing. The mss calculation uses this value as safe default that is always accepted. Pushing that up to this value may have unpleasant sideeffects for people behind IPSec tunnels. The used mss is the max between mssdflt and the MTU of the route to the host minus IP and TCP header. I will review and read more on it. I based my changes on results seen with the setup under heavy load. There is always place for improvements. This gives me more to consider and will do so. net.inet.tcp.recvspace=65535 net.inet.tcp.sendspace=65535 net.inet.tcp.rstppslimit=400 net.inet.tcp.synbucketlimit=420 net.inet.tcp.syncachelimit=20510 If you need to tune the syncache in such extrem ways you should consider to adjust TCP_SYN_HASH_SIZE and leave synbucketlimit as is. The synbucketlimit is here to limit attacks to the hash list by overloading the bucket list. On your system it may be necessary to traverse 420 nodes on a lookup. Honestly the syncachelimit and synbucketlimit knob are totaly useless. If anything we should allow to resize the hash and calculate the both limits from there. Interesting! I will retest with that in mind. Didn't see that explication in my reading so far. Thanks for this! You are most helpful and this gives me something to research more and I sure appreciates your time in passing the informations. Looks like a few more days of testing needed. Many thanks! Daniel
Re: Bottleneck in httpd. I need help to address capacity issues on max parallel and rate connections
Claudio Jeker wrote: === sysctl.conf changes. kern.seminfo.semmni=1024 kern.seminfo.semmns=4096 kern.shminfo.shmall=16384 kern.maxclusters=12000 What does netstat -m tell you about the peak usage of clusters is it really that high? You are right again! (; # netstat -m 14140 mbufs in use: 1098 mbufs allocated to data 12527 mbufs allocated to packet headers 515 mbufs allocated to socket names and addresses 585/694/4096 mbuf clusters in use (current/peak/max) 4976 Kbytes allocated to network (94% in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines I was not looking at the right place. Back to default value. Thanks for the help! Daniel
Re: Failing to get [EMAIL PROTECTED] in X
Alex Holst wrote: I see from the archives that I'm not alone with this problem, but I have found no solution: Trying to get the VGA port on my X40 to deliver [EMAIL PROTECTED] to my Dell E228WFP and failing. Attempt 1 with no xorg.conf in place outputs [EMAIL PROTECTED], a virtual, scrollable desktop of 1680x1050 and this Xorg.log: http://a.mongers.org/x/1-Xorg.0.log Attempt 2 with X -configure outputs same resolution and scrollable desktop, plus this xorg.conf.new and Xorg.log: http://a.mongers.org/x/2-Xorg.0.log http://a.mongers.org/x/2-xorg.conf.new Attempt 3 with above xorg.conf.new edited to contain the modeline from 'gtf 1680 1050 60' outputs the same resolution and same scrollable desktop as before. Any clues as to what I'm doing wrong? I think you aren't actually telling X to use the resolution you want. Try adding 'Modes 1680x1050' to the Depth 24 part of 'SubSection Display', and a Default Depth 24 line under 'Section Screen' to cause it to be used. See FAQ11 for more info... My A21p required stuff similar to above, plus poking at the HorSync and VertRefresh ranges until I found something that worked at the 1600x1200 the machine can do... Not sure if that's going to solve your problem, but I think it will move you closer. Nick.
Re: Unfamiliar (to me only) ports behavior
John Nietzsche wrote: I am not playing with sudoers file! This just a bare install. $ ls -ld /usr/ports /usr/src drwxrwxr-x 46 root wheel 1024 May 10 03:21 /usr/ports drwxrwxr-x 18 root wsrc512 Mar 11 16:19 /usr/src Isn't it strange that the ports/src directories have write bit group permission on? No. For /usr/src, this is normal so non-root users (i.e. users in group wsrc) can build the system. Not sure why wheel has write permission to /usr/ports. It must have been a umask/tar/mkdir issue. $ cd /usr/ports/distfiles/ $ ls -ld . openmotif drwxr-xr-x 3 sioux wheel 1536 May 10 06:01 . drwxr-xr-x 2 sioux wheel 512 May 10 03:17 openmotif $ cat /etc/mk.conf cat: /etc/mk.conf: No such file or directory $ Anyway, since you are in the wheel group, you are able to write to /usr/ports. If you unpacked the ports, you will be the owner of all the contents, hence sioux (I'm assuming you) owns everything under ports. That's why sioux can run ``make fetch''. FYI1: check out ports(7) and pay close attention to the SUDO/mk.conf related stuff. It allows you to build and install apps as a regular user, elevating your privileges when necessary. Very cool. FYI2: Please don't top post, it feels unnatural replying to your message. Thanks in advance. On 5/10/07, Clint Pachl [EMAIL PROTECTED] wrote: John Nietzsche wrote: Dear gentleman/madam, i have just installed openbsd 4.1. I am very happy with it, but something i was not expecting is happening: As an ordinary user (belonging to the group wheel) i switched to the ports collection directory (/usr/ports/x11/openmotif) and issued i make fetch. I got surprised when the tarball started to be dowloaded in /usr/ports/distfiles although its sticky bit is not on. May someone here explain me how it is possible? Please provide some more info: $ cd /usr/ports/distfiles $ ls -ld . openmotif* $ cat /etc/mk.conf Did you grant yourself permission in the sudoers file? Disclaimer: I am not running 4.1
Re: Unfamiliar (to me only) ports behavior
On Thu, May 10, 2007 at 06:11:49AM -0300, John Nietzsche wrote: I am not playing with sudoers file! This just a bare install. $ ls -ld /usr/ports /usr/src drwxrwxr-x 46 root wheel 1024 May 10 03:21 /usr/ports drwxrwxr-x 18 root wsrc512 Mar 11 16:19 /usr/src Isn't it strange that the ports/src directories have write bit group permission on? No.
Is there anyone who succeed in 3945ABG by wpi driver ?
I'm sorry for asking this again, but I really can't use the 3945ABG on amd64 platform now . I installed openbsd-current, download the firmware from http://damien.bergamini.free.fr/packages/openbsd/wpi-firmware-1.13.tgz, and then added -A i386 to pkg_add to ignore the platform-incompatible problem. I copied the bsd.mp and enabled acpi by config, but the 3945ABG did not works. Here are some information that may be usefully: #dhclient wpi0 wpi0: not found exiting. #ifconfig -a lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33192 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 wpi0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:18:de:bc:42:78 groups: wlan media: IEEE802.11 autoselect status: no network ieee80211: nwid 100dBm inet6 fe80::218:deff:febc:4278%wpi0 prefixlen 64 scopeid 0x1 fxp0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:16:d3:18:77:46 media: Ethernet autoselect (none) status: no carrier enc0: flags=0 mtu 1536 And below is my dmesg.boot: OpenBSD 4.1-current (GENERIC.MP) #1217: Fri May 4 01:13:15 MDT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 1063383040 (1038460K) avail mem = 899076096 (878004K) using 22937 buffers containing 106545152 bytes (104048K) of memory mainbus0 (root) bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xdc010 (28 entries) bios0: Hewlett-Packard Presario V3000 (RQ125PA#AB2) acpi0 at mainbus0: rev 0 acpi0: tables DSDT FACP APIC BOOT MCFG APIC SSDT SSDT acpitimer at acpi0 not configured acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz, 1596.29 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,CX16,xTPR,NXE,LONG cpu0: 2MB 64b/line 8-way L2 cache cpu0: apic clock running at 132MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz, 1596.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,CX16,xTPR,NXE,LONG cpu1: 2MB 64b/line 8-way L2 cache ioapic0 at mainbus0 apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 0 (PEGP) acpiprt2 at acpi0: bus 2 (RP01) acpiprt3 at acpi0: bus 4 (RP03) acpiprt4 at acpi0: bus 5 (RP04) acpiprt5 at acpi0: bus 8 (PCIB) acpiec0 at acpi0: EC0_ acpicpu at acpi0 not configured acpicpu at acpi0 not configured acpitz at acpi0 not configured acpitz at acpi0 not configured acpibtn at acpi0 not configured acpibtn at acpi0 not configured acpibtn at acpi0 not configured acpibat at acpi0 not configured acpiac at acpi0 not configured pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 Intel 82945GM MCH rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82945GM Video rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: apic 1 int 22 (irq 11) azalia0: host: High Definition Audio rev. 1.0 azalia0: codec: 0x14f1/0x5047 (rev. 0.0), HDA version 1.0 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02 pci1 at ppb0 bus 2 ppb1 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02 pci2 at ppb1 bus 4 ppb2 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x02 pci3 at ppb2 bus 5 wpi0 at pci3 dev 0 function 0 Intel PRO/Wireless 3945ABG rev 0x02: apic 1 int 19 (irq 10), address 00:18:de:bc:42:78 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 1 int 23 (irq 11) uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 1 int 19 (irq 10) uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 1 int 21 (irq 10) uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 1 int 16 (irq 11) ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x02: apic 1 int 23 (irq 11) ehci0: timed out waiting for BIOS usb0 at ehci0: USB revision 2.0 uhub0 at usb0 uhub0: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub0: 8 ports with 8 removable, self powered ppb3 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2 pci4 at ppb3 bus 8 fxp0 at pci4 dev 8 function 0 Intel PRO/100 VM rev 0x02, i82562: apic 1 int 20 (irq 11), address 00:16:d3:18:77:46 inphy0 at fxp0 phy 1: i82562ET 10/100 PHY, rev. 0 Ricoh 5C832 Firewire rev 0x00 at pci4 dev 9 function 0 not configured sdhc0 at pci4 dev 9 function 1 Ricoh 5C822 SD/MMC rev 0x19: apic 1 int 18 (irq 10) sdmmc0 at sdhc0 Ricoh 5C843 rev 0x01 at pci4 dev 9 function 2 not configured Ricoh 5C592 Memory Stick rev 0x0a at
inkernel pppoe not connecting
howdy, ive had a look around and asked on whirlpool forums to get in kernel pppoe working modem is setup as a bridge, has sync and works fine in the userland ppp im using the faq example for pppoe0 /etc/hostname.pppoe0 inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev fxp1 \ authproto chap authname [EMAIL PROTECTED] authkey bahbahbah up !/sbin/route add default 0.0.0.1 and /etc/hostname.fxp0 up restarting the computer gives no errors and then ifconfig gives pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1492 dev: fxp1 state: session sid: 0xf300 PADI retries: 0 PADR retries: 0 time: 00:00:15 sppp: phase establish authproto chap authname [EMAIL PROTECTED] groups: pppoe inet6 fe80::290:27ff:fe2e:7fd6%pppoe0 - prefixlen 64 scopeid 0x6 inet 0.0.0.0 -- 0.0.0.1 netmask 0x so it appears that its trying to connect but not ive tried this same config on 2 computers running 4.1 stable and on 2 different modems so i assume its something im doing wrong the 2nd machine i setup was purely to test this installed from scratch, setup the 2 config files and restarted and get exactly the same error any ideas?
Re: Unfamiliar (to me only) ports behavior
Dear users, just one more question: which umask directive should my cvsup files (for src and ports collection) should have? Now, i am using umask=0002. Thanks once more. On 5/10/07, Marc Espie [EMAIL PROTECTED] wrote: On Thu, May 10, 2007 at 06:11:49AM -0300, John Nietzsche wrote: I am not playing with sudoers file! This just a bare install. $ ls -ld /usr/ports /usr/src drwxrwxr-x 46 root wheel 1024 May 10 03:21 /usr/ports drwxrwxr-x 18 root wsrc512 Mar 11 16:19 /usr/src Isn't it strange that the ports/src directories have write bit group permission on? No.
Re: inkernel pppoe not connecting
On 5/10/07, Wesley Connor [EMAIL PROTECTED] wrote: /etc/hostname.pppoe0 inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev fxp1 \ authproto chap authname [EMAIL PROTECTED] authkey bahbahbah up !/sbin/route add default 0.0.0.1 and /etc/hostname.fxp0 up You use fxp1 in /etc/hostname.pppoe0 but configure fxp0. Is it a typo in your post or bug in your configuration?
Re: Is there anyone who succeed in 3945ABG by wpi driver ?
On 5/10/07, abutter gao [EMAIL PROTECTED] wrote: I'm sorry for asking this again, but I really can't use the 3945ABG on amd64 platform now . I installed openbsd-current, download the firmware from http://damien.bergamini.free.fr/packages/openbsd/wpi-firmware-1.13.tgz, and then added -A i386 to pkg_add to ignore the platform-incompatible problem. I copied the bsd.mp and enabled acpi by config, but the 3945ABG did not works. Here are some information that may be usefully: #dhclient wpi0 wpi0: not found exiting. #ifconfig -a lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33192 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 wpi0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:18:de:bc:42:78 groups: wlan media: IEEE802.11 autoselect status: no network ieee80211: nwid 100dBm inet6 fe80::218:deff:febc:4278%wpi0 prefixlen 64 scopeid 0x1 fxp0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:16:d3:18:77:46 media: Ethernet autoselect (none) status: no carrier enc0: flags=0 mtu 1536 And below is my dmesg.boot: OpenBSD 4.1-current (GENERIC.MP) #1217: Fri May 4 01:13:15 MDT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP Maybe it is because you are running current instead of release/stable? Though that is just an idea.
Re: Failing to get [EMAIL PROTECTED] in X
Quoting Nick Holland ([EMAIL PROTECTED]): [..] I tried tweaking xorg.conf like you suggested and some other things: http://a.mongers.org/x/xorg.conf http://a.mongers.org/x/Xorg.0.log Now X outputs [EMAIL PROTECTED] Uh. Xorg.log mentions CRT as an active display on pipe A with no active displays on pipe B. I have no idea what it means but wonder if that's related to my problem. The display on my laptop is blank. Any other hints? -- I prefer the dark of the night, after midnight and before four-thirty, when it's more bare, more hollow.http://a.mongers.org
Re: Is there anyone who succeed in 3945ABG by wpi driver ?
First, I have a access point with dhcp service, and I just want to get dynamic IP from the AP, so I use dhclient. But I'll check whether there is iwilist. I don't know how to deal with this by NetBSD, but dhclient wpi0 after installing wpi firmware is enough to connect to the AP and get IP address from it in my friend's NetBSD laptop. 2007/5/10, nicodache [EMAIL PROTECTED]: I might say something totally stupid, but : 1. you won't get any IP like that; you must connect to a wifi network before (and you get status: no network in your ifconfig -a), so use iwlist wpi0 scan (if iwlist exists on OpenBSD, I don't know) to find networks, and use iwconfig wpi0 *something like essid my_essid* to connect to this network. Afterwards you'll be able to get an Ip from dhcp. 2. if iwlist gives you an error, be sure wpi0 is activated (ifconfig wpi0 up). If you still encounter problem, then I don't have any idea why ;) On 5/10/07, abutter gao [EMAIL PROTECTED] wrote: I'm sorry for asking this again, but I really can't use the 3945ABG on amd64 platform now . I installed openbsd-current, download the firmware from http://damien.bergamini.free.fr/packages/openbsd/wpi-firmware-1.13.tgz, and then added -A i386 to pkg_add to ignore the platform-incompatible problem. I copied the bsd.mp and enabled acpi by config, but the 3945ABG did not works. Here are some information that may be usefully: #dhclient wpi0 wpi0: not found exiting. #ifconfig -a lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33192 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 wpi0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:18:de:bc:42:78 groups: wlan media: IEEE802.11 autoselect status: no network ieee80211: nwid 100dBm inet6 fe80::218:deff:febc:4278%wpi0 prefixlen 64 scopeid 0x1 fxp0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:16:d3:18:77:46 media: Ethernet autoselect (none) status: no carrier enc0: flags=0 mtu 1536 And below is my dmesg.boot: OpenBSD 4.1-current (GENERIC.MP) #1217: Fri May 4 01:13:15 MDT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 1063383040 (1038460K) avail mem = 899076096 (878004K) using 22937 buffers containing 106545152 bytes (104048K) of memory mainbus0 (root) bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xdc010 (28 entries) bios0: Hewlett-Packard Presario V3000 (RQ125PA#AB2) acpi0 at mainbus0: rev 0 acpi0: tables DSDT FACP APIC BOOT MCFG APIC SSDT SSDT acpitimer at acpi0 not configured acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz, 1596.29 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,CX16,xTPR,NXE,LONG cpu0: 2MB 64b/line 8-way L2 cache cpu0: apic clock running at 132MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz, 1596.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,CX16,xTPR,NXE,LONG cpu1: 2MB 64b/line 8-way L2 cache ioapic0 at mainbus0 apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 0 (PEGP) acpiprt2 at acpi0: bus 2 (RP01) acpiprt3 at acpi0: bus 4 (RP03) acpiprt4 at acpi0: bus 5 (RP04) acpiprt5 at acpi0: bus 8 (PCIB) acpiec0 at acpi0: EC0_ acpicpu at acpi0 not configured acpicpu at acpi0 not configured acpitz at acpi0 not configured acpitz at acpi0 not configured acpibtn at acpi0 not configured acpibtn at acpi0 not configured acpibtn at acpi0 not configured acpibat at acpi0 not configured acpiac at acpi0 not configured pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 Intel 82945GM MCH rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82945GM Video rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: apic 1 int 22 (irq 11) azalia0: host: High Definition Audio rev. 1.0 azalia0: codec: 0x14f1/0x5047 (rev. 0.0), HDA version 1.0 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02 pci1 at ppb0 bus 2 ppb1 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02 pci2 at ppb1 bus 4 ppb2 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x02 pci3 at ppb2 bus 5 wpi0 at pci3 dev 0 function 0 Intel PRO/Wireless 3945ABG rev 0x02: apic 1 int 19 (irq 10), address 00:18:de:bc:42:78 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB
Re: Is there anyone who succeed in 3945ABG by wpi driver ?
wpi driver is not included in the 4.1's default amd64 kernel and I don't think it's the problem. Thanks for you reply! 2007/5/10, djgoku [EMAIL PROTECTED]: On 5/10/07, abutter gao [EMAIL PROTECTED] wrote: I'm sorry for asking this again, but I really can't use the 3945ABG on amd64 platform now . I installed openbsd-current, download the firmware from http://damien.bergamini.free.fr/packages/openbsd/wpi-firmware-1.13.tgz, and then added -A i386 to pkg_add to ignore the platform-incompatible problem. I copied the bsd.mp and enabled acpi by config, but the 3945ABG did not works. Here are some information that may be usefully: #dhclient wpi0 wpi0: not found exiting. #ifconfig -a lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33192 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 wpi0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:18:de:bc:42:78 groups: wlan media: IEEE802.11 autoselect status: no network ieee80211: nwid 100dBm inet6 fe80::218:deff:febc:4278%wpi0 prefixlen 64 scopeid 0x1 fxp0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:16:d3:18:77:46 media: Ethernet autoselect (none) status: no carrier enc0: flags=0 mtu 1536 And below is my dmesg.boot: OpenBSD 4.1-current (GENERIC.MP) #1217: Fri May 4 01:13:15 MDT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP Maybe it is because you are running current instead of release/stable? Though that is just an idea.
Re: Failing to get [EMAIL PROTECTED] in X
This works for me on a 2007WFP Dell at 1680x1050: Section Monitor Identifier DELL 2007WFP ModeLine 1680x1050 146.2 1680 1784 1968 2256 1050 1051 1054 1087 -hsync -vsync HorizSync 30.0 - 83.0 VertRefresh 56.0 - 75.0 Option dpms EndSection Section Screen Identifier Default Screen Device ATI Technologies, Inc. RV370 5B62 [Radeon X600 (PCIE)] Monitor DELL 2007WFP DefaultDepth24 SubSection Display Depth 24 Modes 1680x1050 1152x864 1024x768 800x600 720x400 640x480 EndSubSection EndSection On 5/10/07, Alex Holst [EMAIL PROTECTED] wrote: Quoting Nick Holland ([EMAIL PROTECTED]): [..] I tried tweaking xorg.conf like you suggested and some other things: http://a.mongers.org/x/xorg.conf http://a.mongers.org/x/Xorg.0.log Now X outputs [EMAIL PROTECTED] Uh. Xorg.log mentions CRT as an active display on pipe A with no active displays on pipe B. I have no idea what it means but wonder if that's related to my problem. The display on my laptop is blank. Any other hints? -- I prefer the dark of the night, after midnight and before four-thirty, when it's more bare, more hollow.http://a.mongers.org
Re: Is there anyone who succeed in 3945ABG by wpi driver ?
On 5/10/07, abutter gao [EMAIL PROTECTED] wrote: First, I have a access point with dhcp service, and I just want to get dynamic IP from the AP, so I use dhclient. But I'll check whether there is iwilist. I don't know how to deal with this by NetBSD, but dhclient wpi0 after installing wpi firmware is enough to connect to the AP and get IP address from it in my friend's NetBSD laptop. After the firmware is installed try: (If you have a WEP key on the WIFI added the nwkey switch to the ifconfig line) # ifconfig wpi0 nwid WAP_ESSID_HERE # dhclient wpi0
Re: Performance: OpenVPN vs IPsec
Hello Michael, Wednesday, May 9, 2007, 7:51:35 AM, you wrote: M Now, as I understand it, it isn't possible to create an IPsec connection M from a single host within a NATed network to an external server ... From my experience - in most cases it works (with some limitations). Our employees are using IPSec VPN to work from home, and some of them are behind home network routers. We also doing lot of IPSec from the company's network (behind OpenBSD firewall/NAT) to customers gateways (using various clients). -- Best regards, Borismailto:[EMAIL PROTECTED]
Re: 4.0 locked up over the weekend
On Wed, May 09, 2007 at 11:46:13AM -0700, Bruce Bauer wrote: On 5/8/07, Joachim Schipper [EMAIL PROTECTED] wrote: On Tue, May 08, 2007 at 09:05:44AM -0700, Bruce Bauer wrote: Probably a good idea to put some load on the sytem anyway. Running make in ports/www/kde should keep it busy for a while Not familiar with bonnie++, I'll check it out [snip: bonnie runs fine] update: i've experienced 3 more hard lockups. no messgaes on the console screen. nothing unusual in any of the log file that i've found. make running in /upr/ports/x11/kde was interrupted at different tasks each time, (downloading, compiling, and running a configure script). system recovered each time with no problems after a powercycle. are there some system monitoring tools i should be running to keep track of various resources? No, not really; very few things you could do would cause the system to freeze. Okay, so something is wrong. Troubleshooting it tends to be hard; however, you are experiencing lock-ups, not crashes. Perhaps the box simply gets too hot? Most modern systems have sensors, which can usually be seen via hw.sensors, or at least the BIOS screen. Simply cleaning out the mess tends to help here. Joachim -- TFMotD: fpa, fea, fta (4) - DEC FDDI controller device driver
Re: Spamd Q
The example in the man page assumes your mail server requires no
redirection.
If you actually redirect connections to your real mail server, then
you will need to modify the example appropriately.
-Bob
* Steve Shockley [EMAIL PROTECTED] [2007-05-03 19:02]:
I've just upgraded my firewall to 4.1. The firewall runs spamd, and
redirects connections (that don't go to spamd) to a server behind the
firewall.
I modified my pf.conf per the sample in the spamd(8) man page. It's a
couple of days later, and suddenly I realize that I'm only getting mail
that's explicitly in my whitelist, from this rule:
rdr on $ext_cable proto tcp from spamd-mywhite to port smtp - $mail
port 25
I'm thinking my problem is the no rdr rule, maybe that's preventing
the smtp connections from getting redirected. Here's all my
smtp-related rdr rules:
rdr on $ext_cable proto tcp from spamd-mywhite to port smtp - $mail
port 25
no rdr on $ext_cable proto tcp from spamd-white to any port smtp
rdr pass on $ext_cable proto tcp from any to any port smtp - 127.0.0.1
port spamd
# Send smtp to mail server
rdr on $ext_cable inet proto tcp from any to any port 25 - $mail port 25
So, what's my best solution? Would changing the no rdr to a rdr -
$mail do what I want, or would I be better off moving spamd to my mail
server?
--
#!/usr/bin/perl
if ((not 0 not 1) != (! 0 ! 1)) {
print Larry and Tom must smoke some really primo stuff...\n;
}
Re: 4.0 locked up over the weekend
Bruce Bauer wrote: This system has been running flawlessly since mid-March with GENERIC plus the 010 patch. dmesg below This morning I found it totally unresponsive both through network and at the console. Had to use the power switch to recover. Where do I start trying to track this down? The system is running sshd and openvpn only DMESG: OpenBSD 4.0 (GENERICp) #0: Fri Mar 16 19:07:33 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERICp cpu0: AMD Sempron(tm) Processor 3000+ (AuthenticAMD 686-class, 256KB L2 cache) 1.61 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,CX16 .. Is this an amd64 capable Sempron? It looks like it is, based on the rest of the dmesg. If so...this could be the i386 on amd64 bug, the symptoms sure seem to fit. (granted, locked hard covers a lot of problems... :) If that's the case, you might want to upgrade to 4.1, which should take care of the problem. Nick.
Re: Failing to get [EMAIL PROTECTED] in X
Quoting Steven Harms ([EMAIL PROTECTED]): This works for me on a 2007WFP Dell at 1680x1050: Section Monitor Identifier DELL 2007WFP ModeLine 1680x1050 146.2 1680 1784 1968 2256 1050 1051 1054 1087 -hsync -vsync HorizSync 30.0 - 83.0 VertRefresh 56.0 - 75.0 Option dpms Thanks, I tried that but still no 1680x1050. Sheesh. How different can these displays be? For kicks, I just tried adding a few additional modes to my screen: Section Screen Identifier WFP Device Card0 Monitor External Monitor DefaultDepth24 SubSection Display Modes 1680x1050 1280x1024 800x600 ViewPort 0 0 Depth 24 EndSubSection EndSection Ctrl-Alt-Numlock+ toggles between 1280x1024 and 800x600, but never goes to 1680x1050. Are invalid modes ignored? Do I need to tweak up a black magic ModeLine for this to work? Any guesses as to why autoconfiguration doesn't figure out the highest common denominator between my video card and monitor? (The hardware is capable. Booting the laptop to a disgusting OS that happens to be installed as well outputs just the resolution I want). -- I prefer the dark of the night, after midnight and before four-thirty, when it's more bare, more hollow.http://a.mongers.org
Re: 4.0 locked up over the weekend
Can you get rid of extraneous hardware? Can you drop some RAM, and the video card? How about any of the AMD-specific processor setting, like HyperTransport? Can you disable apm? maybe there are some conflicts in the apm... I mean, these are a few ideas that I thought of... On 5/10/07, Joachim Schipper [EMAIL PROTECTED] wrote: On Wed, May 09, 2007 at 11:46:13AM -0700, Bruce Bauer wrote: On 5/8/07, Joachim Schipper [EMAIL PROTECTED] wrote: On Tue, May 08, 2007 at 09:05:44AM -0700, Bruce Bauer wrote: Probably a good idea to put some load on the sytem anyway.
Absolute OpenBSD out-of-print?
According to the publisher, Michael Lucas's book Absolute OpenBSD is currently out-of-stock. http://nostarch.com/frameset.php?startat=openbsd Does anybody know if there are plans for another printing? Or maybe even a second edition? I note that it is still listed for sale on the official OpenBSD orders page, but my order from that page has been placed on backorder.
configuration's errors with pf ?
Hi,
Since I use an OpenBSD server as gateway, instead of a Linksys WRT54GL
under OpenWRT, I find my network performances are worse than before.
I have high-latency, much deconnections and websites are often unreachable.
I don't know if it's due to hardware or configuration's errors in my
pf.conf, all seems ok when i check cpu/memory/network on the gateway.
Here is my pf.conf, may be some mistakes in it which could explain this ?
# $OpenBSD: pf.conf,v 1.31 2006/01/30 12:20:31 camield Exp $
#
# See pf.conf(5) and /usr/share/pf for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.
ext=rl0
int=xl0
Valistar={172.16.85.0/27}
Larry=172.16.85.27
Ssh_Larry=22
Ssh_Cyrrhus=443block in inet
Tcp_ports={21,53,80,443,6667,6697,8080}
Udp_ports={53}
set block-policy drop
set loginterface none
set optimization high-latency
set timeout interval 10
set timeout frag 30
set limit { frags 5000, states 2500 }
set state-policy if-bound
set skip on lo
scrub in all
nat on $ext inet from xl0:network to any - $ext
rdr on $ext proto tcp from any to any port $Ssh_Larry - $Larry
antispoof quick for {lo $int} inet
block in log quick inet6
block out log quick inet6
pass in log on $int from $Valistar to any flags S/SA keep state
pass out log on $int from any to $Valistar flags S/SA keep state
pass in quick on $int proto tcp from $Valistar to ($int) port
$Ssh_Cyrrhus flags S/SA keep state
pass in on $ext proto tcp from any to any port $Tcp_ports flags S/SA
keep state
pass in log on $ext proto tcp from any to any port $Ssh_Larry flags S/SA
keep state
pass in log on $ext proto tcp from any to any port $Ssh_Cyrrhus flags
S/SA keep state
pass in on $ext proto udp from any to any port $Udp_ports keep state
pass in log on $ext inet proto icmp all icmp-type
{echorep,timex,unreach} keep state
pass in log on $int inet proto icmp all icmp-type
{echoreq,echorep,timex,unreach} keep state
pass out log on $ext proto tcp all flags S/SA modulate state
pass out on $ext proto {udp,icmp} all keep state
Thanks for help.
Yanic
Re: Failing to get [EMAIL PROTECTED] in X
On 5/10/07, Alex Holst [EMAIL PROTECTED] wrote: I see from the archives that I'm not alone with this problem, but I have found no solution: Trying to get the VGA port on my X40 to deliver [EMAIL PROTECTED] to my Dell E228WFP and failing. the i810 driver really doesn't like using resolutions that aren't in its BIOS. use 915resolution to add a 1680 1050 mode.
Re: 4.0 locked up over the weekend
In article [EMAIL PROTECTED], Nick Holland wrote: cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,CX16 .. Is this an amd64 capable Sempron? It looks like it is, based on the rest of the dmesg. Nope, no LONG in that cpu flags... -- [100~Plax]sb16i0A2172656B63616820636420726568746F6E61207473754A[dZ1!=b]salax
Re: configuration's errors with pf ?
In article [EMAIL PROTECTED], Yggdrasill Senecoen wrote: Ssh_Cyrrhus=443block in inet This line could be problematic. --Toby.
what's the best way to configure a 3.75TB datastore?
Hello List, We're the proud new owner of a 10x750GB appliance. We're going to put OpenBSD on it and I was looking for suggestions or feedback on a configuration we were considering. This server is going to be stored at our colo and we have a point to point T1 directly connected to it. (We're going to initially populate it here and only have to rsync daily differences after hours.) Luca-Brozzi.ad2.com - Partition Size(GB) / 2 swap 8 /usr 4 /usr/local 4 /usr/obj 4 /usr/src 4 /var 2 /home 20 /tmp 2 /backups/server1 400 /backups/server2 400 /backups/server3 400 /backups/server4 400 /backups/server5 400 /backups/server6 400 /backups/server7 400 /backups/server8 400 /backups/server9 400 Is this the best way to do it? Does anyone have suggestions on a better way to do it? Thanks, John
compiling dnscap
Paul Vixie is working on a tcpdump-like dns packet capture tool. http://public.oarci.net/tools/dnscap/ I can't seem to get it to compile on OBSD. I get the following errors. GTX-440:/tmp/dnscap#make (compile dnscap.c w/ -g -O) /bin/sh: isc-config.sh: not found dnscap.c:42:26: net/ethernet.h: No such file or directory dnscap.c:69:22: isc/list.h: No such file or directory dnscap.c:137: error: syntax error before ISC_LINK dnscap.c:141: error: syntax error before endpoint_list dnscap.c:141: warning: type defaults to `int' in declaration of `endpoint_list' dnscap.c:141: warning: data definition has no type or storage class dnscap.c:144: error: syntax error before ISC_LINK dnscap.c:151: error: syntax error before mypcap_list dnscap.c:151: warning: type defaults to `int' in declaration of `mypcap_list' dnscap.c:151: warning: data definition has no type or storage class dnscap.c:154: error: syntax error before ISC_LINK dnscap.c:158: error: syntax error before vlan_list dnscap.c:158: warning: type defaults to `int' in declaration of `vlan_list' dnscap.c:158: warning: data definition has no type or storage class dnscap.c:161: error: syntax error before ISC_LINK dnscap.c:166: error: syntax error before text_list dnscap.c:166: warning: type defaults to `int' in declaration of `text_list' dnscap.c:166: warning: data definition has no type or storage class dnscap.c:176: error: syntax error before '*' token dnscap.c:177: error: syntax error before '*' token dnscap.c:180: error: syntax error before '*' token dnscap.c:180: warning: type defaults to `int' in declaration of `ep_present' dnscap.c:180: warning: type qualifiers ignored on function return type dnscap.c:181: error: syntax error before '*' token dnscap.c:197: error: syntax error before vlans dnscap.c:197: warning: type defaults to `int' in declaration of `vlans' dnscap.c:197: warning: data definition has no type or storage class dnscap.c:200: error: syntax error before initiators dnscap.c:200: warning: type defaults to `int' in declaration of `initiators' dnscap.c:200: warning: data definition has no type or storage class dnscap.c:201: error: syntax error before responders dnscap.c:201: warning: type defaults to `int' in declaration of `responders' dnscap.c:201: warning: data definition has no type or storage class dnscap.c:202: error: syntax error before mypcaps dnscap.c:202: warning: type defaults to `int' in declaration of `mypcaps' dnscap.c:202: warning: data definition has no type or storage class dnscap.c: In function `parse_args': dnscap.c:321: warning: implicit declaration of function `ISC_LIST_INIT' dnscap.c:353: warning: implicit declaration of function `ISC_LINK_INIT' dnscap.c:357: warning: implicit declaration of function `ISC_LIST_APPEND' dnscap.c:360: warning: implicit declaration of function `ISC_LIST_EMPTY' dnscap.c:460: warning: implicit declaration of function `ISC_LIST_HEAD' dnscap.c:460: warning: assignment makes pointer from integer without a cast dnscap.c:462: warning: implicit declaration of function `ISC_LIST_NEXT' dnscap.c:462: warning: assignment makes pointer from integer without a cast dnscap.c:470: warning: assignment makes pointer from integer without a cast dnscap.c:472: warning: assignment makes pointer from integer without a cast dnscap.c: At top level: dnscap.c:501: error: syntax error before '*' token dnscap.c:501: warning: `endpoint_arg' was used with no prototype before its definition dnscap.c: In function `endpoint_arg': dnscap.c:505: error: `arg' undeclared (first use in this function) dnscap.c:505: error: (Each undeclared identifier is reported only once dnscap.c:505: error: for each function it appears in.) dnscap.c:507: error: `list' undeclared (first use in this function) dnscap.c: At top level: dnscap.c:539: error: syntax error before '*' token dnscap.c:539: warning: `endpoint_add' was used with no prototype before its definition dnscap.c: In function `endpoint_add': dnscap.c:544: error: `ia' undeclared (first use in this function) dnscap.c:545: error: `list' undeclared (first use in this function) dnscap.c: In function `prepare_bpft': dnscap.c:551: error: syntax error before bpfl dnscap.c:565: error: `ns_o_update' undeclared (first use in this function) dnscap.c:575: error: `bpfl' undeclared (first use in this function) dnscap.c:600: warning: assignment makes pointer from integer without a cast dnscap.c:602: warning: assignment makes pointer from integer without a cast dnscap.c:607: warning: assignment makes pointer from integer without a cast dnscap.c:609: warning: assignment makes pointer from integer without a cast dnscap.c:618: warning: assignment makes pointer from integer without a cast dnscap.c:620: warning: assignment makes pointer from integer without a cast dnscap.c: At top level: dnscap.c:635: error: syntax error before '*' token dnscap.c:635: warning: type qualifiers ignored on function return type dnscap.c:635: warning: return type defaults to `int' dnscap.c:635: warning: no previous prototype for
Re: Absolute OpenBSD out-of-print?
Tried the OpenBSD bookstore? http://www.openbsd.org/books.html --Bryan On 5/10/07, Matthew Szudzik [EMAIL PROTECTED] wrote: According to the publisher, Michael Lucas's book Absolute OpenBSD is currently out-of-stock. http://nostarch.com/frameset.php?startat=openbsd Does anybody know if there are plans for another printing? Or maybe even a second edition? I note that it is still listed for sale on the official OpenBSD orders page, but my order from that page has been placed on backorder.
Re: what's the best way to configure a 3.75TB datastore?
On 5/10/07, John Brahy [EMAIL PROTECTED] wrote: Hello List, We're the proud new owner of a 10x750GB appliance. We're going to put OpenBSD on it and I was looking for suggestions or feedback on a configuration we were considering. This server is going to be stored at our colo and we have a point to point T1 directly connected to it. (We're going to initially populate it here and only have to rsync daily differences after hours.) Hi, I believe in using the right tool for the job and, to be honest I wouldn't use OpenBSD for a large data store like that. If it were me I'd get a real SAN or NAS but you have what you have so my top choice would be an OS that you can run an Volume manager on, Linux with LVM2 or Veritas VM. FreeBSD has some Volume Management capabilities but I have no experience using them. Sorry if my answer offends you. Matt
cvsync broken?
Hello!
Just trying to cvsync my stuff. And it wants to remove quite much:
Remove src/usr.sbin/altq/tbrconfig/Makefile,v in Attic
Remove src/usr.sbin/altq/tbrconfig/tbrconfig.8,v in Attic
Remove src/usr.sbin/altq/tbrconfig/tbrconfig.c,v in Attic
Remove src/usr.sbin/amd/Makefile,v
Remove src/usr.sbin/amd/amd/ChangeLog,v
Remove src/usr.sbin/amd/amd/Makefile,v
Remove src/usr.sbin/amd/amd/afs_ops.c,v
Remove src/usr.sbin/amd/amd/am_ops.c,v
Remove src/usr.sbin/amd/amd/amd.8,v
Remove src/usr.sbin/amd/amd/amd.c,v
Remove src/usr.sbin/amd/amd/amq_subr.c,v
Remove src/usr.sbin/amd/amd/clock.c,v
Remove src/usr.sbin/amd/amd/efs_ops.c,v
Remove src/usr.sbin/amd/amd/get_args.c,v
Remove src/usr.sbin/amd/amd/host_ops.c,v
[... MUCH more before I hit Ctrl-C ...]
What's up?
Here's my cvsync.conf:
config {
hostname cvsync.de.openbsd.org
collection {
name openbsd release rcs
prefix /cvs
umask 022
scanfile /usr/local/src.own/CVSROOT.scanfile
}
}
### lrwx-- 1 root wheel 26 Apr 26 2005 /cvs -
/usr/local/src.own/CVSROOT
Kind regards,
Hannah.
Re: Failing to get [EMAIL PROTECTED] in X
Quoting Ted Unangst ([EMAIL PROTECTED]): On 5/10/07, Alex Holst [EMAIL PROTECTED] wrote: I see from the archives that I'm not alone with this problem, but I have found no solution: Trying to get the VGA port on my X40 to deliver [EMAIL PROTECTED] to my Dell E228WFP and failing. the i810 driver really doesn't like using resolutions that aren't in its BIOS. use 915resolution to add a 1680 1050 mode. I have actually tried that a few days ago, running 915resolution from rc.securelevel like pkg/DESCR says with no positive effect. I didn't know which mode to change, so I even booted my system at securelevel -1 and manually set every mode to 1680 1050 mode with absolutely no effect (other than changing those Mode outputs in Xorg.log). Just now I changed mode 4d to 1680x1050 and restarted X. My display is now running [EMAIL PROTECTED] .. showing a massive, unscrollable 1680x1050 desktop. This message is hence cramped and insanely hard to read while I type :) tori$ sudo 915resolution -l | grep 4d Mode 4d : 1680x1050, 16 bits/pixel tori$ xwininfo -root | grep geometry -geometry 1680x1050+0+0 Any more suggestions as to what I'm doing wrong? -- I prefer the dark of the night, after midnight and before four-thirty, when it's more bare, more hollow.http://a.mongers.org
Re: Absolute OpenBSD out-of-print?
--- Matthew Szudzik [EMAIL PROTECTED] wrote: According to the publisher, Michael Lucas's book Absolute OpenBSD is currently out-of-stock. http://nostarch.com/frameset.php?startat=openbsd Does anybody know if there are plans for another printing? Or maybe even a second edition? I note that it is still listed for sale on the official OpenBSD orders page, but my order from that page has been placed on backorder. On Amazon.com it's not clear if it's _really_ available, but BN claims to be able to ship it in 24 hrs! http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?EAN=9781886411999 And of course I have a copy (unused), but it would be expensive for me to send it to you (I am in Europe, the book is rather heavy, and what the Post Office is offering me is not at the rates available for bookshops). R-C Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail at http://mrd.mail.yahoo.com/try_beta?.intl=ca
Re: Absolute OpenBSD out-of-print?
Hi, On 5/10/07, Matthew Szudzik [EMAIL PROTECTED] wrote: According to the publisher, Michael Lucas's book Absolute OpenBSD is currently out-of-stock. http://nostarch.com/frameset.php?startat=openbsd Does anybody know if there are plans for another printing? Or maybe even a second edition? I have this book. This book is quite out of date now. Especially the package system. Pf has advanced too and isakmpd etc.. I'd wait until a second revision (if thats happenning, I have no idea). Tried Ebay? -- Best Regards Edd --- http://students.dec.bournemouth.ac.uk/ebarrett/
Re: cvsync broken?
Hello! On Thu, May 10, 2007 at 09:40:58PM +0200, Timo Schoeler wrote: hostname cvsync.de.openbsd.org I see anoncvs problems on exactly this machine and the SPLINE mirror in germany... Not really a good failure mode, just deleting everything. :-( timo Kind regards, Hannah.
Re: what's the best way to configure a 3.75TB datastore?
On Thu, 10 May 2007 14:21:23 -0500 Matt Bettinger [EMAIL PROTECTED] wrote: On 5/10/07, John Brahy [EMAIL PROTECTED] wrote: Hello List, We're the proud new owner of a 10x750GB appliance. We're going to put OpenBSD on it and I was looking for suggestions or feedback on a configuration we were considering. This server is going to be stored at our colo and we have a point to point T1 directly connected to it. (We're going to initially populate it here and only have to rsync daily differences after hours.) Hi, I believe in using the right tool for the job and, to be honest I wouldn't use OpenBSD for a large data store like that. If it were me I'd get a real SAN or NAS but you have what you have so my top choice would be an OS that you can run an Volume manager on, Linux with LVM2 or Veritas VM. FreeBSD has some Volume Management capabilities but I have no experience using them. Sorry if my answer offends you. Matt I second that, except for GNU/Linux and FreeBSD; I'd really recommend to run, if possible, Solaris and take advantage of ZFS with all its nice tools and features. Btw, can you specify what this appliance is? I have an EMC Cellerra at work which /could/ be used as a highly redundant and nice performing CIFS server (authentication to be done by another machine, though). We found this out after figuring out weeks of how to add a second/third machine to our *cough* RHEL *cough* server infrastructure to get a redundant setup (the file server is connected to another EMC, a 3TByte CX300, using FC) using 'a' cluster filesystem. This turned out to be a real PITA -- and then someone told us that the Cellerra can do this most conveniently. Guess what it is doing right now? It exports a 3TByte NFSv3 FS. gs... To make a long story short: Really THINK VERY HARD on this setup. Once you decided which way you go and store 3TByte of data there (regardless of the way *how* you do it, using GNU/Linux, FreeBSD, Solaris or DR-DOS ;) be sure it will be a real PITA to get this corrected IF you have to... timo
Re: compiling dnscap
On Thu, May 10, 2007 at 12:15:24PM -0700, Bryan Irvine wrote: Paul Vixie is working on a tcpdump-like dns packet capture tool. http://public.oarci.net/tools/dnscap/ I can't seem to get it to compile on OBSD. I get the following errors. GTX-440:/tmp/dnscap#make (compile dnscap.c w/ -g -O) /bin/sh: isc-config.sh: not found dnscap.c:42:26: net/ethernet.h: No such file or directory dnscap.c:69:22: isc/list.h: No such file or directory This second header appears to be in the version of bind in the libbind port. -- Mike Small [EMAIL PROTECTED]
Re: cvsync broken?
On Thu, May 10, 2007, Hannah Schroeter wrote: Just trying to cvsync my stuff. And it wants to remove quite much: hostname cvsync.de.openbsd.org same problem with anoncvs1.usa.openbsd.org and anoncvs3.usa.openbsd.org
Re: Failing to get [EMAIL PROTECTED] in X
Try `sudo 915resolution 4d 1680 1050 32` If 4d is the only one that has 1680x1050 available you only have 16bit color, and you're trying to use 24, so it's not changing anything. On 5/10/07, Alex Holst [EMAIL PROTECTED] wrote: Quoting Ted Unangst ([EMAIL PROTECTED]): On 5/10/07, Alex Holst [EMAIL PROTECTED] wrote: I see from the archives that I'm not alone with this problem, but I have found no solution: Trying to get the VGA port on my X40 to deliver [EMAIL PROTECTED] to my Dell E228WFP and failing. the i810 driver really doesn't like using resolutions that aren't in its BIOS. use 915resolution to add a 1680 1050 mode. I have actually tried that a few days ago, running 915resolution from rc.securelevel like pkg/DESCR says with no positive effect. I didn't know which mode to change, so I even booted my system at securelevel -1 and manually set every mode to 1680 1050 mode with absolutely no effect (other than changing those Mode outputs in Xorg.log). Just now I changed mode 4d to 1680x1050 and restarted X. My display is now running [EMAIL PROTECTED] .. showing a massive, unscrollable 1680x1050 desktop. This message is hence cramped and insanely hard to read while I type :) tori$ sudo 915resolution -l | grep 4d Mode 4d : 1680x1050, 16 bits/pixel tori$ xwininfo -root | grep geometry -geometry 1680x1050+0+0 Any more suggestions as to what I'm doing wrong? -- I prefer the dark of the night, after midnight and before four-thirty, when it's more bare, more hollow.http://a.mongers.org
Re: Absolute OpenBSD out-of-print?
On 5/10/07, Matthew Szudzik [EMAIL PROTECTED] wrote: Does anybody know if there are plans for another printing? Or maybe even a second edition? According to Lucas' Website, he still intends on writing an _Absolute_ book for NetBSD. I may be wrong, but I don't suspect we will see second editions of the other two volumes. http://www.blackhelicopters.org/~mwlucas/#stuff
OpenOffice 2.2.0 packages for -current ?
I'm playing with -current to see if it fits my needs for desktop usage, but building OOo on my own (24gig of free space?) isn't possible on my laptop ;-) Has anyone got packages with OOo for -current? TIA -- .: Jakub Glazik, .: too geek to live, too leet to die ;-) .: email jabber: zytekatnuxi.pl
OpenBSD serial terminal binary programs
Hello; I'm wondering if anyone has any recommendations for a terminal program similar to hyper terminal for windows in structure but not appearance.
Re: cvsync broken?
On 5/10/07, Claus Assmann [EMAIL PROTECTED] wrote: On Thu, May 10, 2007, Hannah Schroeter wrote: Just trying to cvsync my stuff. And it wants to remove quite much: hostname cvsync.de.openbsd.org same problem with anoncvs1.usa.openbsd.org and anoncvs3.usa.openbsd.org I talked with Todd Miller about this (anoncvs3 specifically) and he said it is a problem with the upstream mirror that appears to be fixed now (my cvsup server doesn't delete stuff anymore). Jason
Re: cvsync broken?
On May 10, 2007, at 1:10 PM, Claus Assmann wrote: On Thu, May 10, 2007, Hannah Schroeter wrote: same problem with anoncvs1.usa.openbsd.org and anoncvs3.usa.openbsd.org I think anoncvs3.usa.openbsd.org is working now. I am running a cvsync operation as we speak and it is recreating everything. Bryan
Re: cvsync broken?
On 5/10/07, Hannah Schroeter [EMAIL PROTECTED] wrote: Hello! On Thu, May 10, 2007 at 09:40:58PM +0200, Timo Schoeler wrote: hostname cvsync.de.openbsd.org I see anoncvs problems on exactly this machine and the SPLINE mirror in germany... Not really a good failure mode, just deleting everything. :-( there's some issues with the servers. obviously, the client can't know the difference between file accidentally deleted on the server and file intentionally deleted.
Airtist - Lancement du aircasting
Si vous avez des difficultes pour visualiser cette page , cliquez ici Artiste le plus tilichargi Kaysha Style : Rnb, Zouk Les indispensables d'Airtist Bloc Party A Weekend In The City Style : Alternatif Les Httes T Plaisir Style : Chanson frangaise Ben Westbeech Welcome to the b... Style : Jazz Fusion Maniak Spread your wings Style : Trip Hop Isabelle Boulay Du Temps pour toi Style : Chanson frangaise JJKB Productions Style : Jazz Fusion Da Traxx session 1 live Style : Techno Passi Odyssie Style : Rap Holophonics A land to lend my f... Style : Rock Jacques Higelin Inidit Style : Chanson frangaise El Kado Arabesque Style : Flamenco oriental Nicolas Bacchus A Table Style : Chanson frangaise Nada Surf The weight is a gift Style : Rock Samy Goz Jet Set Party 2 Style : Crooner Bigband Tanaeka Ne plus voler Style : Rock Henri Salvador Rivirence Style : Variiti Bonjour, Dans cette newsletter une avalanche de nouvelles fonctionnalitis dont le AIRCASTING qui vous permet de choisir les artistes qui gagneront leur inscription sur Airtist. Et enfin, la nouveauti qui nous tiens le plus ` coeur, la possibiliti de faire des DONS ` des associations grbce ` vos tilichargements et oui 1 centimes est reversi ` des oeuvres caritatives sur chaque tilichargement. Solensi, Secours Catholique, Espoir Foi Vie, CUSF... A vos dons !!! Le nouveau format de cette newsletter vous permet igalement de dicouvrir les artistes les plus icoutis ainsi que les nouveautis, il vous suffit de cliquer sur icouter pour lancer la musique. Vous jtes un artiste ou label inscrit sur Airtist ? Vous trouverez ci-dessous des news vous concernant. Quant au tilichargement Gratuit Ligal Ethique, son lancement imminent vous sera signali par email ... mais le plus simple est encore de rester connecti sur Airtist et de surveiller la page d'accueil ;-) Olivier Nouveautis Airtist Aircasting En votant, c'est vous qui choisissez les artistes qui pourront distribuer leurs musiques en tilichargement sur Airtist en leur faisant gagner leur inscription au Backstage (valeur de 40â¬). Comment participer ? Il vous suffit d'auditionner les candidats en icoutant leurs musiques et de voter OUI ou NON et ainsi leur permettre de distribuer leurs musiques sur Airtist. Venez dans le AIRCASTING tous les jours pour dicouvrir les nouveaux candidats et leurs ivolutions... Dicouvrez, votez et amusez vous ! Faire un don A chaque fois que vous tilichargez une musique, 1 centime d'euro est versi par Airtist dans votre compte Faire un don. Vous en disposez pour l'offrir ` une Åuvre caritative ou association humanitaire de votre choix (Sol en Si, Secours Catholique, Espoir Foi Vie etc.). Pour effectuer vos dons, connectez vous, allez dans Communauti puis cliquez sur : Vous avez dij` effectui des tilichargements ? Vous pouvez faire des dons. Evaluations titres et albums Une musique ou un album vous a plu ou vous a ennuyi ? Faites le savoir en donnant une note allant de 1 ` 5 itoiles, l'artiste appriciera de voir l'intirjt que vous portez ` sa musique et cela vous aidera ` trouver rapidement les meilleures musiques. Mise en avant des nouveautis Les nouveaux titres et albums sont maintenant diffirenciis dans les fiches des artistes. La mention nouveauti sera affichie pendant un mois aprhs l'ajout d'une nouvelle musique par l'artiste! Nouveau support client, FAQ Notre interface contact ` ivolui. Si vous perdez une musique lors d'un tilichargement, si vous avez un problhme avec votre compte, etc. vous pouvez consulter notre guide oy vous y trouverez une Foire Aux Questions. Si malgri tout, vous ne trouvez pas de riponse ` votre question, vous pouvez vous connecter au support client pour jtre en contact direct avec l'iquipe Airtist. Activer le tilichargement Gratuit Ligal Ethique Avant le lancement du tilichargement Gratuit Ligal Ethique et rimunirateur pour vous grbce ` une annonce publicitaire, pensez ` choisir quels titres vous souhaitez activer dans ce mode. Vous jtes libre de silectionner un titre ou la totaliti. Comment? Allez dans votre Backstage, menu Musique,allez dans Editer titre, onglet Informations principales, dernihre option. Riclamer votre rimuniration Dans le menu Rimuniration vous pouvez riclamer votre paiement dhs que vous atteignez un cumul de 10â¬, il vous suffit de remplir les informations de paiement et d'adresse postale puis de cliquer sur Riclamer ma rimuniration. Listing de vos rimunirations Vous avez eu des tilichargements les mois passis? Dans le menu Rimuniration vous pouvez editer un fichier CSV avec le listing de vos rimunirations pour votre gestion comptabilistique. Pour cela cliquez sur CSV ` droite des mois que vous souhaitez. Droit d'auteurs, Sacem Si vos musiques sont diclaries ` la Sacem ou ` une autre sociiti de gestion collective des droits d'auteurs, n'oubliez pas de renseigner les informations des droits pour chacun de vos titres, pour cela allez dans Editer titre puis onglet Droit d'auteur.
Re: cvsync broken?
Hannah Schroeter [EMAIL PROTECTED] wrote: Just trying to cvsync my stuff. And it wants to remove quite much: The same mirroring problem that affected www.openbsd.org also affected the master repository mirror. The damage propagated to cvsync.de.openbsd.org and probably some other public mirrors. -- Christian naddy Weisgerber [EMAIL PROTECTED]
Re: cvsync broken?
I'm pretty sure this is all related to ualberta and www blowing up, causing a bit of a ripple effect. It'll likely take some time for the mirrors to sync back up Jimmy. On 5/10/07, Jason Crawford [EMAIL PROTECTED] wrote: On 5/10/07, Claus Assmann [EMAIL PROTECTED] wrote: On Thu, May 10, 2007, Hannah Schroeter wrote: Just trying to cvsync my stuff. And it wants to remove quite much: hostname cvsync.de.openbsd.org same problem with anoncvs1.usa.openbsd.org and anoncvs3.usa.openbsd.org I talked with Todd Miller about this (anoncvs3 specifically) and he said it is a problem with the upstream mirror that appears to be fixed now (my cvsup server doesn't delete stuff anymore). Jason
Re: 4.0 locked up over the weekend
Tobias Weingartner wrote: In article [EMAIL PROTECTED], Nick Holland wrote: cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,CX16 .. Is this an amd64 capable Sempron? It looks like it is, based on the rest of the dmesg. Nope, no LONG in that cpu flags... And while this part is right, that CPU does not have LONG support, it may still exhibit the PAE bug. -- [100~Plax]sb16i0A2172656B63616820636420726568746F6E61207473754A[dZ1!=b]salax
Re: cvsync broken?
On Thu, 10 May 2007 20:48:28 + (UTC) [EMAIL PROTECTED] (Christian Weisgerber) wrote: Hannah Schroeter [EMAIL PROTECTED] wrote: Just trying to cvsync my stuff. And it wants to remove quite much: The same mirroring problem that affected www.openbsd.org also affected the master repository mirror. The damage propagated to cvsync.de.openbsd.org and probably some other public mirrors. -- Christian naddy Weisgerber [EMAIL PROTECTED] Ouch.
Re: OpenBSD serial terminal binary programs
BradenM - Sonoma Computer [EMAIL PROTECTED] wrote: I'm wondering if anyone has any recommendations for a terminal program similar to hyper terminal for windows in structure but not appearance. Are you looking for (1) a terminal emulator, or (2) a serial communications program? These are two entirely separate functions although there is an unfortunate history of conflating them in the PC world. For (1), the most popular is xterm. For (2), cu/tip is included in the base system. -- Christian naddy Weisgerber [EMAIL PROTECTED]
Re: OpenBSD serial terminal binary programs
On 5/10/07, BradenM - Sonoma Computer [EMAIL PROTECTED] wrote: Hello; I'm wondering if anyone has any recommendations for a terminal program similar to hyper terminal for windows in structure but not appearance. tip(1) and cu(1) (same binary) are in base and you can find in ports: Port: minicom-2.00.0p2 Path: comms/minicom Info: MS-DOS Telix-like serial communication program Maint: The OpenBSD ports mailing-list [EMAIL PROTECTED] Index: comms L-deps: iconv.=4::converters/libiconv intl.=3:gettext-=0.10.38:devel/gettext B-deps: :devel/metaauto autoconf-2.13:devel/autoconf/2.13 gettext-=0.14.6:devel/gettext R-deps: :comms/kermit :comms/lrzsz gettext-=0.10.38:devel/gettext Archs: any DS
Re: Absolute OpenBSD out-of-print?
On Thu, May 10, 2007 at 03:11:09PM -0500, James Hartley wrote: On 5/10/07, Matthew Szudzik [EMAIL PROTECTED] wrote: Does anybody know if there are plans for another printing? Or maybe even a second edition? According to Lucas' Website, he still intends on writing an _Absolute_ book for NetBSD. I may be wrong, but I don't suspect we will see second editions of the other two volumes. http://www.blackhelicopters.org/~mwlucas/#stuff Hi, Competing publishers have taken to eavesdropping on what I'm writing, and then rushing competing books of their own into print. I no longer publically announce what I'm writing at any time because of this. Paranoid? Perhaps. I do run OpenBSD, however. ;-) The publisher generally tells me when a book is out-of-print, but AO is outdated at this point so they might not have. Much of it is still applicable, but it doesn't cover all the new nifty features that have come out in the last few years. It might also be in that dregs can be found here and there, but not really totally out of print limbo. Family medical problems have generally thrown my writing schedule into the toilet the last couple of years. (Hurrah for the US health care system!) But I am working on a tech book to come out later this year. ==ml -- Michael W. Lucas[EMAIL PROTECTED], [EMAIL PROTECTED] http://www.BlackHelicopters.org/~mwlucas/ Latest book: PGP GPG -- http://www.pgpandgpg.com On 5/4/2007, the TSA kept 3 pairs of my soiled undies for security reasons.
Re: OpenBSD serial terminal binary programs
On Thu, May 10, 2007 at 01:29:42PM -0700, BradenM - Sonoma Computer wrote: Hello; I'm wondering if anyone has any recommendations for a terminal program similar to hyper terminal for windows in structure but not appearance. cu and tip, both are in base. -- :wq Claudio
Re: OpenBSD serial terminal binary programs
I use cu man tip(1) diana
Re: OpenOffice 2.2.0 packages for -current ?
On Thu, 10 May 2007, Jakub Glazik wrote: I'm playing with -current to see if it fits my needs for desktop usage, but building OOo on my own (24gig of free space?) isn't possible on my laptop ;-) Has anyone got packages with OOo for -current? Like the ftp site? Yes. Look in snapshots/packages. -- Kyle George
Re: OpenBSD serial terminal binary programs
On 5/10/07, BradenM - Sonoma Computer [EMAIL PROTECTED] wrote: Hello; I'm wondering if anyone has any recommendations for a terminal program similar to hyper terminal for windows in structure but not appearance. Someone else already suggested cu/tip which are good. My weapon of choice is minicom which is in ports. --Bryan
Re: OpenBSD serial terminal binary programs
On Thu, 10 May 2007, Darren Spruell wrote: ... and you can find in ports: Port: minicom-2.00.0p2 Path: comms/minicom Info: MS-DOS Telix-like serial communication program Nooo ;-) if there's one thing that really bugs me when I'm working on a Linux system ( yes I do touch them on occasion ) is having to use minicom. simply put cu is your friend. ex: cu -l /dev/ttyU0 -s 9600 connects me to the serial console port on my Plextor boxes via a USB cellphone data cable diana
Re: OpenOffice 2.2.0 packages for -current ?
On Thu, May 10, 2007 at 07:57:28PM +0200, Jakub Glazik wrote: I'm playing with -current to see if it fits my needs for desktop usage, but building OOo on my own (24gig of free space?) isn't possible on my laptop ;-) Has anyone got packages with OOo for -current? What's wrong with the packages at ftp.openbsd.org? (ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/packages/i386/openoffice*, in case you wondered.) Joachim -- TFMotD: amq (8) - automounter query tool
Re: what's the best way to configure a 3.75TB datastore?
I believe in using the right tool for the job and, to be honest I wouldn't use OpenBSD for a large data store like that. If it were me I'd get a real SAN or NAS but you have what you have so my top choice would be an OS that you can run an Volume manager on, Linux with LVM2 or Veritas VM. FreeBSD has some Volume Management capabilities but I have no experience using them. Sorry if my answer offends you. I'm inclined to agree here, at least until OpenBSD gets stable ffs2 support (allowing filesystems larger than 1tb), but until then, I'd really recommend going the GNU/Linux or FreeBSD route. Although I'd probably favor GNU/Linux with LVM for a large data store. Jimmy.
Re: Failing to get [EMAIL PROTECTED] in X
Alex Holst wrote: Quoting Nick Holland ([EMAIL PROTECTED]): [..] I tried tweaking xorg.conf like you suggested and some other things: http://a.mongers.org/x/xorg.conf http://a.mongers.org/x/Xorg.0.log Now X outputs [EMAIL PROTECTED] Uh. Xorg.log mentions CRT as an active display on pipe A with no active displays on pipe B. I have no idea what it means but wonder if that's related to my problem. The display on my laptop is blank. Any other hints? Make sure HorizSync is correct (have a look at the manual for your monitor, it probably has a VESA table) and set VertRefresh to 60. Change the Modes for your monitor to only include 1680x1050, no others.
Re: what's the best way to configure a 3.75TB datastore?
I'd really recommend to run, if possible, Solaris and take advantage of ZFS with all its nice tools and features. That's a great idea, I always think OpenBSD for everything but I don't want to know how long it would take to fsck 3.75TB. I'm going to go with Solaris w/ZFS. Thanks!
Re: OpenBSD serial terminal binary programs
On Thu, May 10, 2007 at 03:31:30PM -0600, Diana Eichert wrote: I use cu man tip(1) diana note that cu and tip have separate man pages now. jmc
Re: what's the best way to configure a 3.75TB datastore?
On Thu, May 10, 2007 at 12:03:44PM -0700, John Brahy wrote: Hello List, We're the proud new owner of a 10x750GB appliance. We're going to put OpenBSD on it and I was looking for suggestions or feedback on a configuration we were considering. This server is going to be stored at our colo and we have a point to point T1 directly connected to it. (We're going to initially populate it here and only have to rsync daily differences after hours.) Luca-Brozzi.ad2.com - Partition Size(GB) /2 swap 8 /usr 4 /usr/local 4 /usr/obj 4 /usr/src 4 /var 2 /home20 /tmp 2 /backups/server1 400 /backups/server2 400 /backups/server3 400 /backups/server4 400 /backups/server5 400 /backups/server6 400 /backups/server7 400 /backups/server8 400 /backups/server9 400 Is this the best way to do it? Does anyone have suggestions on a better way to do it? It really depends. The volume manager crowd have a point in that a volume manager can make it easier to do this sort of thing (supporting really large filesystems would work as well, but that's still being worked on). However, quite a few backup systems will happily stripe the backups across as many disks as you feed them; AMANDA can certainly do this, although it's not really a good fit for filesystem-based backups. I'd be wary of the 'one disk per server' method you use above, though; that's not likely to be a good map in the future. You might even want to consider mounting ~ 2TB ccds under, say, /disks and symlinking /backups/server1, ... to those, mostly for psychological reasons. You might want to consider various variants on RAID, too. This depends on the uptime requirements, obviously, but if this is the only place you'll store backups, you'll want to make sure a simple disk failure doesn't cause too much trouble. Otherwise, your non-backup directories are ridiculously large, but that's not really going to hurt you in this case, and taking this much storage offline for repartitioning would be painful. Joachim -- PotD: x11/xtraceroute - graphical version of traceroute
Re: www.openbsd.org (and vs openbsd.org)
On Wed, May 09, 2007 at 06:33:19PM -0600, Theo de Raadt wrote: 1. www.openbsd.org replies with Forbidden at the moment -- but I guess most people already know. www.openbsd.org is a mirror on a good network connection. at the moment it is recovering from having eaten itself. Thanks for your answer. Nobody answered my second question though :) Maybe nobody knows the answer? :) Summary: I was once told not to use openbsd.org; it was said that www.openbsd.org was the only valid site (ignoring mirror sites). Is this just bullshit? Again, sorry for the noise (especially if it is just bullshit...). Now that I've started a thread about it, I feel I have to complete the quest. Martin [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: OpenBSD serial terminal binary programs
On 5/10/07, Diana Eichert [EMAIL PROTECTED] wrote: if there's one thing that really bugs me when I'm working on a Linux system ( yes I do touch them on occasion ) is having to use minicom. Minicom is nice if you want to control logging during your session, and if you're doing something that might cause your device to change speeds... CK -- GDB has a 'break' feature; why doesn't it have 'fix' too?
Re: vpn in OBSD 4.1
Hi. i looking tutorial for install vpn in obsd 4.1 with client microsoft xp or mac also support netbios for file or print sharing so what can i use openvpn , ipsec , vpn ? You obviously haven't looked very far? OpenVPN and pptp are in Ports. I use OpenVPN for ease of use on *BSD, Linux, Mac, Windows. Netbios sharing comes down to how you've configured the VPN tunnel (routed, bridged, WINS). You're well advised to go do some reading on your own. If you had you would have discovered that OpenVPN ahs a tutorial page for configuring the server, as does the readily available PPTP server. Installing is left as an (Easy) exercise to you. A
Re: OpenBSD serial terminal binary programs
On Thu, 10 May 2007, Jason McIntyre wrote: note that cu and tip have separate man pages now. jmc yeah, I just looked in one of the ssh sessions I had running, it's running 3.5.
Re: www.openbsd.org (and vs openbsd.org)
On 5/10/07, Martin Toft [EMAIL PROTECTED] wrote: On Wed, May 09, 2007 at 06:33:19PM -0600, Theo de Raadt wrote: 1. www.openbsd.org replies with Forbidden at the moment -- but I guess most people already know. www.openbsd.org is a mirror on a good network connection. at the moment it is recovering from having eaten itself. Thanks for your answer. Nobody answered my second question though :) Maybe nobody knows the answer? :) Summary: I was once told not to use openbsd.org; it was said that www.openbsd.org was the only valid site (ignoring mirror sites). Is this just bullshit? Again, sorry for the noise (especially if it is just bullshit...). Now that I've started a thread about it, I feel I have to complete the quest. I think Theo answered your second question. BTW, love Theo's technical answer to the bigger problem. Greg
Re: vpn in OBSD 4.1
On Fri, May 11, 2007 at 08:11:41AM +0930, Adam Hawes wrote: Hi. i looking tutorial for install vpn in obsd 4.1 with client microsoft xp or mac also support netbios for file or print sharing so what can i use openvpn , ipsec , vpn ? You obviously haven't looked very far? OpenVPN and pptp are in Ports. I use OpenVPN for ease of use on *BSD, Linux, Mac, Windows. Netbios sharing comes down to how you've configured the VPN tunnel (routed, bridged, WINS). You're well advised to go do some reading on your own. If you had you would have discovered that OpenVPN ahs a tutorial page for configuring the server, as does the readily available PPTP server. Installing is left as an (Easy) exercise to you. Just note that PPTP isn't particularly secure. IPsec is nice, but hard(er) to get right in the presence of a lot of crappy routers. OpenVPN mostly Just Works, but is slower and at least the OpenBSD implementation of IPsec is arguably more secure. Joachim -- TFMotD: dhclient.conf (5) - DHCP client configuration file
Re: www.openbsd.org (and vs openbsd.org)
On Fri, May 11, 2007 at 12:10:13AM +0200, Martin Toft wrote:
Nobody answered my second question though :) Maybe nobody knows
the answer? :) Summary: I was once told not to use openbsd.org; it
was said that www.openbsd.org was the only valid site (ignoring
mirror sites). Is this just bullshit?
Yes, it's bullshit, and yes, Theo answered your question. www is
a mirror.
--
o--{ Will Maier }--o
| web:...http://www.lfod.us/ | [EMAIL PROTECTED] |
*--[ BSD Unix: Live Free or Die ]--*
Re: www.openbsd.org (and vs openbsd.org)
On Fri, May 11, 2007 at 12:10:13AM +0200, Martin Toft wrote: Nobody answered my second question though :) Maybe nobody knows the answer? :) Summary: I was once told not to use openbsd.org; it was said that www.openbsd.org was the only valid site (ignoring mirror sites). Is this just bullshit? I think the question was answered indirectly when he mentioned www.openbsd.org being a mirror site. As I understand it, openbsd.org is the root site (probably in Theo's house) but www.openbsd.org is the main mirror located at the university. It has much higher bandwidth so it should be used instead. As a matter of courtesy as well as practicality, you should use www.openbsd.org instead.
Re: OpenOffice 2.2.0 packages for -current ?
Joachim Schipper napisa3(a): On Thu, May 10, 2007 at 07:57:28PM +0200, Jakub Glazik wrote: I'm playing with -current to see if it fits my needs for desktop usage, but building OOo on my own (24gig of free space?) isn't possible on my laptop ;-) Has anyone got packages with OOo for -current? What's wrong with the packages at ftp.openbsd.org? (ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/packages/i386/openoffice*, in case you wondered.) Joachim You're kidding me, right? Both of you, right? God I must be blind. I was SURE that packages for -current aren't build and thought that it was LOGICAL. Arrgh. -- .: Jakub Glazik, .: too geek to live, too leet to die ;-) .: email jabber: zytekatnuxi.pl
Insecurity problem?
In the past I have always applied relevant patches and recompiled whatever was needed to take care of errata items. Nearly a week ago I decided to use a spare machine to track i386 4.1 stable, did what I was told (FAQ, thanks Nick et al!) : untarred sources, cvs updates, makes all went without hitches and just used a fair few hours. The build box now sends me email every day saying: Checking setuid/setgid files and devices: Setuid/device find errors: find: fts_read: No such file or directory I ran sh -v /etc/security 21 |less and searched for fts_read but the context is just waht you'd expect from the output above. I know that fts_read is a part of find but what is it looking for in vain? I get an itchy feeling that everything did not go as expected during update but the box seems to do whatever I try with no problems. Cluebat? _Rod Depressed? Me? Don't make me laugh! :Spike Milligan:1918-2002:
Re: www.openbsd.org (and vs openbsd.org)
On 10/05/07, Emilio Perea [EMAIL PROTECTED] wrote: On Fri, May 11, 2007 at 12:10:13AM +0200, Martin Toft wrote: Nobody answered my second question though :) Maybe nobody knows the answer? :) Summary: I was once told not to use openbsd.org; it was said that www.openbsd.org was the only valid site (ignoring mirror sites). Is this just bullshit? I think the question was answered indirectly when he mentioned www.openbsd.org being a mirror site. As I understand it, openbsd.org is the root site (probably in Theo's house) but www.openbsd.org is the main mirror located at the university. It has much higher bandwidth so it should be used instead. As a matter of courtesy as well as practicality, you should use www.openbsd.org instead. www.openbsd.org has some scripts and pages that no other mirror carries, i.e. /cgi-bin/man.cgi, /cgi-bin/cvsweb and a few others. But you don't have to worry about it -- all mirrors link to www.openbsd.org for those pages that they are not supposed to carry. Cheers, Constantine.
Re: www.openbsd.org (and vs openbsd.org)
Thanks for all your answers. Sorry for creating all that fuss -- I should have interpreted Theo's answer correctly. Martin [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
pkg_add after manually installed stuff
Lately, mostly with ruby/RoR stuff I've manually installed some things such as gems. Later, there were ports/packages for these things. Using pkg_add then fails because files already exists. I've looked at various -F options, but none that I've tried work for this situation. To be able to install the package, I've had to go through the error output of pkg_add and manually remove any conflicting files (ok, I scripted it). Is there an easier way that I'm overlooking? Would this be worth adding another keyword for -F to just install the files even if they are there (same md5, even!)? Yes, yes, I should be submitting ports instead of just installing unported stuff. ;-P -- Darrin Chandler| Phoenix BSD User Group | MetaBUG [EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
