date:20070918

Hello,

Simple noob question... I've installed a few packages (ie nrpe2 and
openvpn) that on other systems like Linux and even BSD based systems
such as FreeBSD provide means of a rc script which can start and stop
the service and you can configure this script to be executed on boot.

After installing these packages on OpenBSD I've listed the package
contents and don't notice any equivalent files that would do this. Are
we supposed to write our own startup scripts and place them in
/etc/rc.local to be executed when the system boots? Does OpenBSD not
use rc scripts that start/stop/restart/ and status applications?

Thanks,
- Jake

Re: Simple startup daemon's on boot question?

2007-09-18 Thread Lars Hansson

On 9/18/07, Jake Conk [EMAIL PROTECTED] wrote:
 Are we supposed to write our own startup scripts and place them in
 /etc/rc.local to be executed when the system boots?

Yes.

 Does OpenBSD not use rc scripts that start/stop/restart/ and
 status applications?

No but you can install something like freedt or runit from ports to
get those features.

---
Lars Hansson

Re: Simple startup daemon's on boot question?

2007-09-18 Thread Craig Skinner


Jake Conk wrote:


After installing these packages on OpenBSD I've listed the package
contents and don't notice any equivalent files that would do this. Are
we supposed to write our own startup scripts and place them in
/etc/rc.local to be executed when the system boots? Does OpenBSD not
use rc scripts that start/stop/restart/ and status applications?


http://www.openbsd.org/faq/faq10.html#rc


The package install scripts often advise boot up suggestions, (which you 
can script), or point to readme files.


Then call them from /etc/rc.local and /etc/rc.shutdown, some are so 
simple that a script is not needed, e.g:


echo -n ' squid'
/usr/local/sbin/squid

echo -n ' dovecot'
/usr/local/sbin/dovecot

echo -n ' mailman'
nice -n 18 /usr/local/lib/mailman/bin/mailmanctl -s -q start



What I do is create /usr/local/site and put my local site scripts 
somewhere in there.


echo -n ' viagrad'
su -m _viagrad  /usr/local/site/libexec/viagrad/viagrad start

echo -n ' mailgraph'
/usr/local/site/sbin/mailgraphctl start  /dev/null

Re: Simple startup daemon's on boot question?

On 2007/09/18 02:05, Jake Conk wrote:
 After installing these packages on OpenBSD I've listed the package
 contents and don't notice any equivalent files that would do this. Are
 we supposed to write our own startup scripts and place them in
 /etc/rc.local to be executed when the system boots? Does OpenBSD not
 use rc scripts that start/stop/restart/ and status applications?

correct; it is common for packages to display instructions about
this when they're installed, especially if it's more complex than
just start the daemon if the file is executable.

ports/packages include some software which some people use for
this (e.g. monit, runit, maybe some others) but adding to rc.local
is the standard way.

Re: Creating bridge problem

On 2007/09/18 11:33, Julian Leyh wrote:
 On 03:38 Sat 15 Sep , Jake Conk wrote:
  ifconfig bridge0 add fxp1
 
 it's brconfig, not ifconfig.

well spotted.


On 2007/09/17 19:03, Jake Conk wrote:
   And it just hangs pretty much forever until i Ctrl-C it... If I put in
   my /etc/hostname.bridge0 file...

and that's bridgename.bridge0

Re: Mini PCI card for hostap mode

On 14:49 Mon 17 Sep , Karsten McMinn wrote:
 On 9/17/07, Steve B [EMAIL PROTECTED] wrote:
  Can anyone recommend a vendor that carries mini PCI
  cards that support hostap mode under OpenBSD?
 
 man (4) ral is a good place to start. I bought a MSI MN54G
 recently which worked.

I prefer ral(4), too. In my laptop a MSI MP54G5, same in my soekris
net5501, and in my net4801 the one I got with it from Wim, don't know
which one exactly it is.

regards,
Julian

Re: Creating bridge problem

On 03:38 Sat 15 Sep , Jake Conk wrote:
 ifconfig bridge0 add fxp1

it's brconfig, not ifconfig.

Re: bgpd usage

2007-09-18 Thread Tony Sarendal

On 9/17/07, Henning Brauer [EMAIL PROTECTED] wrote:

 * Gregory Edigarov [EMAIL PROTECTED] [2007-09-17 17:12]:
  Just a pure interest: has somebody bgpd in production for, say, 2 or 3
  fullview routing?  I have 6 routers with bgpd but they are IBGP, and
  therefore does not do fullview routing.

 there are many way bigger installations than that.

 I have multiple full feeds myself as well.


I run it in the lab to feed prefixes to our CRS-1/GSR/7600 boxes, lots of
prefixes,
with exception for some politician making decisions the thing is
great. Had it up and running in a minute or two.
And it is fast, even on not so fast hardware,

Re: Simple startup daemon's on boot question?

On 02:05 Tue 18 Sep , Jake Conk wrote:
 Hello,
 
 Simple noob question... I've installed a few packages (ie nrpe2 and
 openvpn) that on other systems like Linux and even BSD based systems
 such as FreeBSD provide means of a rc script which can start and stop
 the service and you can configure this script to be executed on boot.
 
 After installing these packages on OpenBSD I've listed the package
 contents and don't notice any equivalent files that would do this. Are
 we supposed to write our own startup scripts and place them in
 /etc/rc.local to be executed when the system boots?

Yes.. Some packages even give you an example how to put it in your
rc.local.

As for OpenVPN, I put it into my hostname.if, to have it start whenever
the interface is started at boot time.

 Does OpenBSD not
 use rc scripts that start/stop/restart/ and status applications?

no, use rc.local and ps ;)

 
 Thanks,
 - Jake
 

You're welcome,
Julian

Re: Simple startup daemon's on boot question?

Julian,

What do you mean that you put OpenVPN into your hostname.if? Can your
hostname.if file contain  sh script code? If so is that true also with
something like hostname.fxp0?

Also, what do you mean by use ps?

Thanks,
- Jake

On 9/18/07, Julian Leyh [EMAIL PROTECTED] wrote:
 On 02:05 Tue 18 Sep , Jake Conk wrote:
  Hello,
 
  Simple noob question... I've installed a few packages (ie nrpe2 and
  openvpn) that on other systems like Linux and even BSD based systems
  such as FreeBSD provide means of a rc script which can start and stop
  the service and you can configure this script to be executed on boot.
 
  After installing these packages on OpenBSD I've listed the package
  contents and don't notice any equivalent files that would do this. Are
  we supposed to write our own startup scripts and place them in
  /etc/rc.local to be executed when the system boots?

 Yes.. Some packages even give you an example how to put it in your
 rc.local.

 As for OpenVPN, I put it into my hostname.if, to have it start whenever
 the interface is started at boot time.

  Does OpenBSD not
  use rc scripts that start/stop/restart/ and status applications?

 no, use rc.local and ps ;)

 
  Thanks,
  - Jake
 

 You're welcome,
 Julian

Re: Simple startup daemon's on boot question?

2007-09-18 Thread Craig Skinner


Jake Conk wrote:

Julian,

What do you mean that you put OpenVPN into your hostname.if? Can your
hostname.if file contain  sh script code?


$ man hostname.if

See the section on !command-line


Also, what do you mean by use ps?



$ man ps

Re: Simple startup daemon's on boot question?

2007-09-18 Thread Gilles Chehade

On Tue, Sep 18, 2007 at 03:25:56AM -0700, Jake Conk wrote:
 Julian,
 
 What do you mean that you put OpenVPN into your hostname.if? Can your
 hostname.if file contain  sh script code? If so is that true also with
 something like hostname.fxp0?
 

This is from hostname.if(5)

!command-line
Arbitrary shell commands can be executed using this direc-
tive.  Useful for doing interface specific configuration
such as setting up custom routes using route(8) or estab-
lishing tunnels using ifconfig(8).  It is worth noting that
``\$if'' in a command line will be replaced by the inter-
face name.

Gilles

-- 
On 9/15/07, Richard Stallman [EMAIL PROTECTED] wrote:
 Please omit me from the cc list on these messages.

creating a vpn tunnel to all

2007-09-18 Thread Chris Bullock

Background:
We are using Metro Ethernet to connect several sites to our main office.  In
order to save money the telco has a couple of sites riding the same vlan
coming into us. One of these sites is one of our remote offices and the
other is a competing office.

Problem:
Since we are on the vlan there is no way I can route without the possibility
of someone running a sniffer and sniffing my packets, so my goal is I want
all my traffic from my remote office to come through my main office even
Internet.  To map this tunnel using isakmpd would I just create a tunnel to
0.0.0.0?
Regards,
Chris

embedded device

2007-09-18 Thread Alberich de megres

Hi,

Can anyone pointme to a embedded device like soekris?, but i want one that
performs fine using pf. Better if it have gigabits NICs but if not there's
no problem.

thanks!

Re: Wasting our Freedom

2007-09-18 Thread Bodo Eggert

Paul de Weerd [EMAIL PROTECTED] wrote:
 On Mon, Sep 17, 2007 at 03:38:45PM +0200, Adrian Bunk wrote:

 | It's not about lazyness of BSD developers, many people who consider the
 | BSD licence more free than the GPL argue that the advantage of the BSD
 | licence is that it does not require you to give back.
 | 
 | Something is wrong if your licence text clearly states that you do not
 | require getting anything back but you then argue on moral grounds that
 | something has to be given back.
 
 Something is wrong if your licence text clearly states that you MUST
 give back, but then you don't return the favour on grounds that hey,
 they don't require it, so we don't have to.

If you may demand me to give back, why should I(*) not demand the same thing
for my contributions?

You're not only asking to contribute to your project, but you're asking me
to throw my code to the feet of Apple amd Microsoft, who will user it, make
big bucks and lock out alternatives as far as possible, especially free ones.
This happens to not be my idea of sharing code.

You may say it's morally correct for them because they never claimed they'd
not suck your blood, but did the GPL people claim not to demand others to
give back? Au contrair, and if it's OK for companies to do what they say
they would, it will be OK for them and for me, too.


*) I did not yet work on a BSD licensed project, but let's asume I did

 It may be perfectly legal, but it's interesting to say the least.
 No, you do not have to give back. But weren't you open source / free
 software developers ? Why did you pick the GPL ? Because you didn't
 want someone to run of with your code ? You wanted code to be given
 back ? Why not do it yourself ?

 By not giving back you're giving a strange signal.

Gee, since you're demanding back anyway, you can use the GPL for your
project and use my contribution. Problem solved.

Oh, you want people to be free not to share? Freedom includes having the
moral right to do something. Am I free not to share? Or is this freedom
just an empty shell?

-- 
Funny quotes:
36. You never really learn to swear until you learn to drive.

Fri_, Spammer: [EMAIL PROTECTED] [EMAIL PROTECTED]

Re: Wasting our Freedom

2007-09-18 Thread Helge Hafting


Jacob Meuser wrote:

On Mon, Sep 17, 2007 at 09:47:43AM +0200, Helge Hafting wrote:

  

Your problem seems to be with the BSD licence,
and the power to alter that licence lies in the BSD community.



I hope you can understand that this mentality is _exactly_ what has
some in the BSD community so upset.
  

First, note that I am not really a linux developer as my only
contributions to linux are testing.

But it really looks like bsd people are more unhappy with their
licence than linux people.  You can ask linux developers to
keep the bsd licence - and the request is not unreasonable.
Nobody is forced to give back, so some people choose not
to.  Some of these have a GPL agenda, some have
a commercial agenda. 


I am sure some developers are willing to give back bsd code,
but you can't do anything about those who don't. You don't
want to have code locked up with GPL, these developers
don't want their code improvements locked up in proprietary products.

So - either you will have to accept the current situation, or
adjust the BSD licence to cope with this.


when I see the linux community start to take credit for works they
did not create and I see the linux community respond to warnings
  

Taking credit for the works of others is wrong of course,
no matter what licence is involved.

that people in the community are going overboard and jeopardizing
the linux community, which we do all benefit from, with a more or
less whatever attitude, it makes me sad.  it would be like losing
a friend.  I don't like losing friends, so I get vocal.

I don't understand why the linux community can't seem to say, We
can accept BSD licensed code.  There's no need to add the GPL to
it.  and maybe even, Although we strongly prefer the GPL,
respect for other licenses is every bit as important as respect
for the GPL.
  

Good points.  But note that the linux community is divided on this,
as on many other issues.  And there is nothing to do about
those who disagree.

I could be wrong, but I strongly believe that if the above was
truly accepted and believed by the community, the actions that
started and spread this whole debacle^Wdebate would not have
happened in the first place.
  

My impression is that the actions that started the
debate was an unauthorized (possibly illegal)
change that the linux community also rejected. 
With that problem solved, the debate turned to

gpl/bsd licencing issues.

look, the GPL legally forces others to keep the same license.
the BSD community is asking the linux community do the same.
and when the linux community refuses, what do you expect the
recourse to be?
  

Clearly, there is the risk of less cooperation.  Or some
kind of licencing scheme that makes sure that code with bsd
origin always can go back into bsd as long as it stays open.

That would solve the problem - if such a scheme is possible.


Helge Hafting

Re: Wasting our Freedom

2007-09-18 Thread Marco Peereboom

Now if they'd fix the copyright message to only mention Reyk all would
be good.

On Tue, Sep 18, 2007 at 11:00:13AM +0200, Henning Brauer wrote:
 * Theodore Tso [EMAIL PROTECTED] [2007-09-17 23:04]:
  Number 2, if you take a look at their latest set of changes (which
  have still not been accepted), the HAL code is under a pure BSD
  license (ath5k_hw.c).  Other portions are dual licensed, but not the
  HAL
 
 if that is true and stays that way - excellenty!
 
 -- 
 Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
 BS Web Services, http://bsws.de
 Full-Service ISP - Secure Hosting, Mail and DNS Services
 Dedicated Servers, Rootservers, Application Hosting - Hamburg  Amsterdam

Re: embedded device

2007-09-18 Thread Jason Dixon


On Sep 18, 2007, at 7:09 AM, Alberich de megres wrote:


Hi,

Can anyone pointme to a embedded device like soekris?, but i want  
one that
performs fine using pf. Better if it have gigabits NICs but if not  
there's

no problem.


We can't make a recommendation if you don't tell us what your  
performance requirements are.  The Soekris are fine for general pf  
use.  The newer 5501's are presumably faster, although I haven't seen  
any benchmarks to date.


---
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net

Re: Wasting our Freedom

2007-09-18 Thread Jason Dixon


On Sep 18, 2007, at 7:16 AM, Bodo Eggert wrote:


Paul de Weerd [EMAIL PROTECTED] wrote:

On Mon, Sep 17, 2007 at 03:38:45PM +0200, Adrian Bunk wrote:


| It's not about lazyness of BSD developers, many people who  
consider the
| BSD licence more free than the GPL argue that the advantage of  
the BSD

| licence is that it does not require you to give back.
|
| Something is wrong if your licence text clearly states that you  
do not
| require getting anything back but you then argue on moral  
grounds that

| something has to be given back.

Something is wrong if your licence text clearly states that you MUST
give back, but then you don't return the favour on grounds that hey,
they don't require it, so we don't have to.


If you may demand me to give back, why should I(*) not demand the  
same thing

for my contributions?

You're not only asking to contribute to your project, but you're  
asking me
to throw my code to the feet of Apple amd Microsoft, who will user  
it, make
big bucks and lock out alternatives as far as possible, especially  
free ones.

This happens to not be my idea of sharing code.


Here we go again with the Evil Corporation.  What exactly have they  
lock[ed] out?  How have they magically stopped you from  
distributing your free code?


Are you somehow able to make big bucks on your own with the GPL  
that you wouldn't have otherwise been able to under the BSD?  If so,  
please let me know.  I want big bucks too!



---
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net

Re: Wasting our Freedom

2007-09-18 Thread linux-os (Dick Johnson)

On Tue, 18 Sep 2007, Bodo Eggert wrote:

 Paul de Weerd [EMAIL PROTECTED] wrote:
 On Mon, Sep 17, 2007 at 03:38:45PM +0200, Adrian Bunk wrote:

 | It's not about lazyness of BSD developers, many people who consider the
 | BSD licence more free than the GPL argue that the advantage of the BSD
 | licence is that it does not require you to give back.
 |
 | Something is wrong if your licence text clearly states that you do not
 | require getting anything back but you then argue on moral grounds that
 | something has to be given back.

 Something is wrong if your licence text clearly states that you MUST
 give back, but then you don't return the favour on grounds that hey,
 they don't require it, so we don't have to.

 If you may demand me to give back, why should I(*) not demand the same
thing
 for my contributions?

 You're not only asking to contribute to your project, but you're asking me
 to throw my code to the feet of Apple amd Microsoft, who will user it, make
 big bucks and lock out alternatives as far as possible, especially free
ones.
 This happens to not be my idea of sharing code.

 You may say it's morally correct for them because they never claimed they'd
 not suck your blood, but did the GPL people claim not to demand others to
 give back? Au contrair, and if it's OK for companies to do what they say
 they would, it will be OK for them and for me, too.


 *) I did not yet work on a BSD licensed project, but let's asume I did

 It may be perfectly legal, but it's interesting to say the least.
 No, you do not have to give back. But weren't you open source / free
 software developers ? Why did you pick the GPL ? Because you didn't
 want someone to run of with your code ? You wanted code to be given
 back ? Why not do it yourself ?

 By not giving back you're giving a strange signal.

 Gee, since you're demanding back anyway, you can use the GPL for your
 project and use my contribution. Problem solved.

 Oh, you want people to be free not to share? Freedom includes having the
 moral right to do something. Am I free not to share? Or is this freedom
 just an empty shell?

 --
 Funny quotes:
 36. You never really learn to swear until you learn to drive.

 Fri_, Spammer: [EMAIL PROTECTED] [EMAIL PROTECTED]
 -

How about [EMAIL PROTECTED]

Cheers,
Dick Johnson
Penguin : Linux version 2.6.22.1 on an i686 machine (5588.30 BogoMips).
My book : http://www.AbominableFirebug.com/
_


The information transmitted in this message is confidential and may be
privileged.  Any review, retransmission, dissemination, or other use of this
information by persons or entities other than the intended recipient is
prohibited.  If you are not the intended recipient, please notify Analogic
Corporation immediately - by replying to this message or by sending an email
to [EMAIL PROTECTED] - and destroy all copies of this information,
including any attachments, without reading or disclosing them.

Thank you.

Re: Wasting our Bandwidth

2007-09-18 Thread Xavier Bestel

Le mardi 18 septembre 2007 ` 06:29 -0500, Marco Peereboom a icrit :
 Now if they'd fix the copyright message to only mention Reyk all would
 be good.

All this mess so easily solved ? Too good to be true.

Xav

TCP Bandwidth Delay Product

Hello,

I was wondering if OpenBSD had this feature which FreeBSD and NetBSD
both have which improve my tcp throughput. I was able to configure it
using sysctl net.tcp.inflight.*

Here is a piece from the FreeBSD website: The TCP Bandwidth Delay
Product Limiting is similar to TCP/Vegas in NetBSD. It can be enabled
by setting net.inet.tcp.inflight.enable sysctl variable to 1. The
system will attempt to calculate the bandwidth delay product for each
connection and limit the amount of data queued to the network to just
the amount required to maintain optimum throughput.

Thanks,
- Jake

Re: Wasting our Bandwidth

2007-09-18 Thread Marco Peereboom

That's it; that easy.

On Tue, Sep 18, 2007 at 02:04:46PM +0200, Xavier Bestel wrote:
 Le mardi 18 septembre 2007 ` 06:29 -0500, Marco Peereboom a icrit :
  Now if they'd fix the copyright message to only mention Reyk all would
  be good.
 
 All this mess so easily solved ? Too good to be true.
 
   Xav

Re: Wasting our Freedom

2007-09-18 Thread Theodore Tso

On Tue, Sep 18, 2007 at 06:29:48AM -0500, Marco Peereboom wrote:
 Now if they'd fix the copyright message to only mention Reyk all would
 be good.

It *does* mention Reyk, if you would bother to look.  The thing which
Theo is kvetching about, and which apparently is enough to cause the
*BSD zombies to start attacking without actually _checking_ _for_
_themselves_ is whether or not Jiri and Nick did enough to work so
they should have their names listed in the headers.  In other words,
all of the megabytes and megabhytes of flamewar is over these two
lines:

 * Copyright (c) 2006-2007 Nick Kossifidis [EMAIL PROTECTED]
 * Copyright (c) 2007 Jiri Slaby [EMAIL PROTECTED]

Petty, isn't it?  Let's just say it's b.s. like this which is why, 16
years ago, I decided to work with Linux instead of BSD.

- Ted

P.S.  And yes, before those two lines is:

 * Copyright (c) 2004-2007 Reyk Floeter [EMAIL PROTECTED]

and after those two lines is the BSD permission notice.

Re: Simple startup daemon's on boot question?

On 03:25 Tue 18 Sep , Jake Conk wrote:
 What do you mean that you put OpenVPN into your hostname.if? Can your
 hostname.if file contain  sh script code? If so is that true also with
 something like hostname.fxp0?

My hostname.ral0:
inet 10.10.1.1 255.255.255.0 NONE media autoselect mediaopt hostap mode 11g 
nwid my_net chan 5
!/usr/local/sbin/openvpn --cd /etc/openvpn --daemon --config server.conf

 Also, what do you mean by use ps?

Well, you can see if it's running and which pid it has... not very
verbose, but it depends on what information you want to get.

Bye,
Julian

New port wanted : Debian/Ubuntu's apt-cacher

2007-09-18 Thread Lars Noodén

I'm helping to set up a couple labs where there are (apparently
intentional) networking problems.  However, locally the connectivity is
fine.  Since a fair number workstation activities will be centered
around Debian and Ubuntu and in order to get usable speeds, packages
have to be cached with apt-cacher:

http://packages.debian.org/stable/net/apt-cacher

However, for what I hope are obvious reasons, I would prefer to run this
on OpenBSD.  Has any one already ported this, started to port this, or
have recommendations about how to start?

To further complicate it, I prioritize Apache2 over 1.3x

Regards,

Re: Problem with Intel 4-port NIC

On 2007/09/18 16:00, Michel Le Cocq wrote:
 I don't understand what you have done to make it working.

Forced the pci-x slot to 66MHz.

Re: creating a vpn tunnel to all

2007-09-18 Thread Jonas Thambert

Chris Bullock wrote:
 Background:
 We are using Metro Ethernet to connect several sites to our main office.  In
 order to save money the telco has a couple of sites riding the same vlan
 coming into us. One of these sites is one of our remote offices and the
 other is a competing office.
 
 Problem:
 Since we are on the vlan there is no way I can route without the possibility
 of someone running a sniffer and sniffing my packets, so my goal is I want
 all my traffic from my remote office to come through my main office even
 Internet.  To map this tunnel using isakmpd would I just create a tunnel to
 0.0.0.0?
 Regards,
 Chris
 

Setup VPN between the remote offices and your main site. Aggregate
all the traffic to your main site where you have internet
connectivity using an IGP or static routes.

Should solve your ethernet snooping-problem.


/Jonas

Re: Problem with Intel 4-port NIC

2007-09-18 Thread Michel Le Cocq

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I don't understand what you have done to make it working.

Michel

Stuart Henderson a icrit :
 On 2007/09/17 13:43, slug bait wrote:
 Bingo!  I figured out that it was a problem with the checksum
 offloading shortly after my original email but I had NO clue how
 to fix it.

 it's not actually caused by offloading, but offloading means that
 transfers from the nic to the motherboard aren't protected by the
 standard network checksums, so they pass through to userland with
 bad data (rather than getting rejected in the network stack).

 Everything is working now and I hope I NEVER have to open these
 1U cases again.  Jamming the SATA connectors back in after
 they're covered by the NIC makes me cry.  ;)

 (-:
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG79oOtdSucJnea0gRAsaMAKCdvKulvxo4JPndp4V5cZjJQ1MLWACfW3rq
EBcu4J1GKfqdO2Ht2ZDDI8M=
=IevH
-END PGP SIGNATURE-

Re: Wasting our Freedom

2007-09-18 Thread frantisek holop

hmm, on Mon, Sep 17, 2007 at 05:08:46AM -0700, David Schwartz said that
  As said above, the accusations, if you read them correctly, were not
  wrong, but spot on right. Unless someone proves that dual-licensing as
  in you may follow terms A or terms B at your choice implicitly implies
  being allowed to remove A altogether should you choose B.
 
 You are confusing licenses with license notices. The GPL says you must keep
 GPL license notices intact. Otherwise, it gives you complete freedom to
 modify. This means that if you choose the GPL, you gain (from the GPL) the
 right to remove the BSD license *NOTICE*.
 
 This has no effect on anyone's substantive rights though. Removing license
 notices has no effect on actual licenses.

but how do i know i have a bsd licensed file
if the license notice has been removed from it?

i know copyright applies to a file which has no (c) line in it,
because it's implicit.  but licenses are not implicit, are they?

-f
-- 
treat each day as your last, one day you will be right.

question on spamd blacklisted hosts

{ This is a resend.  No replies after 24 hours }

Running OBSD 4.0 here.

I was under the impression that spamd only did greylisting and dynamic
whitelisting.  Static blacklisting available via spamd-setup (and
pseudo-whitelisting; of some of those blacklisted hosts).

But not dynamic blacklisting.

I occasionally get log messages like:

 spamd[12128]: (BLACK) 65.216.123.37: [EMAIL PROTECTED] -
[EMAIL PROTECTED]

I searched my spamdb table (static blacklist) and the IP address above
is not in there.

What am I missing?

--
Juan


  Be smarter than spam. See how smart SpamGuard is at giving junk email the 
boot with the All-new Yahoo! Mail at http://mrd.mail.yahoo.com/try_beta?.intl=ca

font problems with vlc, only rectangles are shown

2007-09-18 Thread Didier Wiroth

Hello,
I'm a non-developer and amateur openbsd user.
I'm running current on a test machine, it is my own build (release and 
xenocara) from \
16.09.2007.

I've installed vlc from ports. When I run the vlc application, I can't read the 
font. \
The vlc gui is displayed correctly but the font is replaced with a lot of 
rectangles \
 as a result menus are unusable.

Running vlc (0.8.6c) from the command line shows a lot of Pango-WARNING **:
vlc:/usr/local/lib/vlc/codec/libquicktime_plugin.so: undefined symbol 'NewHandle
Clear'
(.:2694): Pango-WARNING **: File not found
(.:2694): Pango-WARNING **: Failed to load Pango module '/usr/local/lib/pango/1.
5.0/modules/pango-basic-fc.so' for id 'BasicScriptEngineFc'
(.:2694): Pango-WARNING **: File not found
(.:2694): Pango-WARNING **: File not found
(.:2694): Pango-WARNING **: pango_shape called with bad font, expect ugly output
(.:2694): Pango-WARNING **: pango_font_get_glyph_extents called with null font a
rgument, expect ugly output
(.:2694): Pango-WARNING **: pango_font_get_metrics called with null font argumen
t, expect ugly output
(.:2694): Pango-WARNING **: _pango_cairo_font_install called with bad font, expe
ct ugly output

I never had problems with that before, could someone tell me what is wrong 
please?
Did I do some error at some installation point?

pkg_info pango-1.16.5 shows that mozilla-firefox-2.0.0.6 and seamonkey uses 
it too, \
but they work just fine?!

Thank you very much for helping!
Kind regards 
Didier

Re: embedded device

2007-09-18 Thread Jason Dixon


On Sep 18, 2007, at 11:03 AM, Tang Tse [EMAIL PROTECTED] wrote:


I had a soekis 4801 and pf performs only about 28Mb/s I think.

I trying to set up a router for about 50-100 users and only with  
28Mb/s i hadn't enought there's a big bottle neck.
I general, i read that soekris devices are optimized for power  
consume/heat disipation not for performance.


No reason not to keep this on-list.

You should upgrade to 4.2.  There were pf improvements at c2k7 that  
doubled performance on Soekris (~58Mbps).


---
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net

Re: question on spamd blacklisted hosts

2007-09-18 Thread Jacob Yocom-Piatt


Juan Miscaro wrote:

{ This is a resend.  No replies after 24 hours }

Running OBSD 4.0 here.

I was under the impression that spamd only did greylisting and dynamic
whitelisting.  Static blacklisting available via spamd-setup (and
pseudo-whitelisting; of some of those blacklisted hosts).

But not dynamic blacklisting.

I occasionally get log messages like:

 spamd[12128]: (BLACK) 65.216.123.37: [EMAIL PROTECTED] -
[EMAIL PROTECTED]

I searched my spamdb table (static blacklist) and the IP address above
is not in there.

What am I missing?

  


man spamd-setup

search for spamd-setup in the spamd manpage

cheers,
jake


--
Juan


  Be smarter than spam. See how smart SpamGuard is at giving junk email the 
boot with the All-new Yahoo! Mail at http://mrd.mail.yahoo.com/try_beta?.intl=ca

Re: question on spamd blacklisted hosts

2007-09-18 Thread Darrin Chandler

On Tue, Sep 18, 2007 at 10:30:45AM -0400, Juan Miscaro wrote:
 { This is a resend.  No replies after 24 hours }
 
 Running OBSD 4.0 here.
 
 I was under the impression that spamd only did greylisting and dynamic
 whitelisting.  Static blacklisting available via spamd-setup (and
 pseudo-whitelisting; of some of those blacklisted hosts).
 
 But not dynamic blacklisting.

It can also blacklist for 24 hours for spamtrap addresses.

 I occasionally get log messages like:
 
  spamd[12128]: (BLACK) 65.216.123.37: [EMAIL PROTECTED] -
 [EMAIL PROTECTED]
 
 I searched my spamdb table (static blacklist) and the IP address above
 is not in there.
 
 What am I missing?

You are missing a lot of detective work on your end, for starters.

That IP address certainly isn't Microsoft. It's probably sent spam under
different domains as well. It could have been in a blacklist via
spamd-setup, or one of your own spamtraps (if you're using them), or ...

Search your spamd logs for that IP and you should see the
connect/disconnect lines that may show lists: xxx where xxx will be
the list that it's on. If you are keeping logs long enough, or if you
catch this quick enough, you can also see the initial interaction.

-- 
Darrin Chandler|  Phoenix BSD User Group  |  MetaBUG
[EMAIL PROTECTED]   |  http://phxbug.org/  |  http://metabug.org/
http://www.stilyagin.com/  |  Daemons in the Desert   |  Global BUG Federation

Re: Define hosts lookup for pf.conf

2007-09-18 Thread pichi

The Socket module should also be there:

$ perl -e 'use strict; use Socket; print(hello\n);'
hello


Thanks,

I have perl installed:

$perl -v

$This is perl, v5.8.8 built for i386-openbsd

but it looks like I dont have the socket module becuase when I do:

$perl -e

I get:

$No code specified for -e.

How can I add that module, and again, is is it safe for a publically
accessable firewall?

Many thanks from the newby,

Pedro


-- 
View this message in context: 
http://www.nabble.com/Define-hosts-lookup-for-pf.conf-tf4469900.html#a12759409
Sent from the openbsd user - misc mailing list archive at Nabble.com.

Re: Wasting our Freedom

2007-09-18 Thread Denis Doroshenko

On 9/18/07, Theodore Tso [EMAIL PROTECTED] wrote:
 On Tue, Sep 18, 2007 at 06:29:48AM -0500, Marco Peereboom wrote:
  Now if they'd fix the copyright message to only mention Reyk all would
  be good.

 It *does* mention Reyk, if you would bother to look.  The thing which
 Theo is kvetching about, and which apparently is enough to cause the
 *BSD zombies to start attacking without actually _checking_ _for_
 _themselves_ is whether or not Jiri and Nick did enough to work so
 they should have their names listed in the headers.

and did they really do enough? if those names shouldn't be there, why
play childish games and insist on putting them in?

  In other words,
 all of the megabytes and megabhytes of flamewar is over these two
 lines:

  * Copyright (c) 2006-2007 Nick Kossifidis [EMAIL PROTECTED]
  * Copyright (c) 2007 Jiri Slaby [EMAIL PROTECTED]

 Petty, isn't it?

and what so petty is there? who can show what those two added to the
original work so that according to the law they are allowed to put
their names in there?

  Let's just say it's b.s. like this which is why, 16
 years ago, I decided to work with Linux instead of BSD.

and who really cares about why you did this or did that? this OT
sentence sounded like real childish BC. if you want to have fun while
coding and share it with others - do it, if you want also to play
contract games - do it; choose BSD or GPL and go with it. however,
whatever you do you must respect laws. if the law says you can put
your name in only if much of work is done, so it must be. there are no
other variants. and everything will come back to you no matter whether
it is good or bad. if you ignore laws using somebody's work, the same
will be done to you one day.

 - Ted


 P.S.  And yes, before those two lines is:

  * Copyright (c) 2004-2007 Reyk Floeter [EMAIL PROTECTED]

 and after those two lines is the BSD permission notice.

P.S. Let's just say that BC like that is why I decided to work with
BSD instead of Linux 11 years ago.

Re: Wasting our Freedom

2007-09-18 Thread frantisek holop

hmm, on Tue, Sep 18, 2007 at 08:56:47AM -0400, Theodore Tso said that
 On Tue, Sep 18, 2007 at 06:29:48AM -0500, Marco Peereboom wrote:
  Now if they'd fix the copyright message to only mention Reyk all would
  be good.
 
 It *does* mention Reyk, if you would bother to look.  The thing which

the keyword is `only'.  only = him and noone else (at the moment)

 Theo is kvetching about, and which apparently is enough to cause the
 *BSD zombies to start attacking without actually _checking_ _for_
 _themselves_ is whether or not Jiri and Nick did enough to work so
 they should have their names listed in the headers.  In other words,

are you publicly stating that you have checked, and found the amount
of work done justifying a (c) addition of not even one but 2 persons?

 all of the megabytes and megabhytes of flamewar is over these two
 lines:
 
  * Copyright (c) 2006-2007 Nick Kossifidis [EMAIL PROTECTED]
  * Copyright (c) 2007 Jiri Slaby [EMAIL PROTECTED]
 
 Petty, isn't it?  Let's just say it's b.s. like this which is why, 16
 years ago, I decided to work with Linux instead of BSD.

so you don't mind if a couple of us go around adding say 10 lines
of code to files you authored, and then put our copyrights under
your name?  good!  i am glad to hear that.  a bit of additional
undeserved credit is always welcome anyway.
would look good in my cv.


it is not just a bit of undeserved credit.  the (c) owners will
be asked in the future regarding any legal aspects of the files
they hold copyrights to.  i don't think those 2 gentlemen have
earned that yet.

-f
-- 
dum spiro spero --  as long as i breathe i hope

Re: question on spamd blacklisted hosts

2007-09-18 Thread Peter N. M. Hansteen

Juan Miscaro [EMAIL PROTECTED] writes:

 { This is a resend.  No replies after 24 hours }

That could have been due to too little information.

 Running OBSD 4.0 here.

 I was under the impression that spamd only did greylisting and dynamic
 whitelisting.  Static blacklisting available via spamd-setup (and
 pseudo-whitelisting; of some of those blacklisted hosts).

I had to go back and check, but 4.0 has greytrapping.  Are you perhaps
using that in your setup? 

 I occasionally get log messages like:

  spamd[12128]: (BLACK) 65.216.123.37: [EMAIL PROTECTED] -
 [EMAIL PROTECTED]

Well, one obvious deficiency here is that you cut out the timestamp.
If you're using either greytrapping or one of the more frequently
updated downloadable blaclists (such as Beck's from UoA), it's quite
possible that the address was in the blacklist at the time but its
entry expired.

Also, at least if you're running with spamd -v, you should be able to
find out which blacklist it mathched by grepping your spamd log for
the IP address.  For example, a moment's tail -f /var/log/spamd at one
of my gateways turned up

Sep 18 17:43:36 skapet spamd[20795]: (BLACK) 212.8.32.8:  - [EMAIL 
PROTECTED]

Then grep 212.8.32.8 /var/log/spamd yields several screenfuls, with
one useful excerpt

Sep 18 15:06:52 skapet spamd[20795]: 212.8.32.8: connected (8/8), lists: 
spamd-greytrap
Sep 18 15:10:37 skapet spamd[20795]: (BLACK) 212.8.32.8:  - [EMAIL 
PROTECTED]
Sep 18 15:12:20 skapet spamd[20795]: 212.8.32.8: From: Mail Delivery Subsystem 
[EMAIL PROTECTED]
Sep 18 15:12:20 skapet spamd[20795]: 212.8.32.8: To: [EMAIL PROTECTED]
Sep 18 15:12:20 skapet spamd[20795]: 212.8.32.8: Subject: Returned mail: User 
unknown
Sep 18 15:13:21 skapet spamd[20795]: 212.8.32.8: disconnected after 389 
seconds. lists: spamd-greytrap

which shows in both connection and disconnection that it's one of the
poor sods caught in my local greytrapping.  And it's trying to deliver
something or other to a largish subset of the addresses on my spamtrap
list.

Cheers,
-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

problems with ral0 and OBSD 4.0

2007-09-18 Thread Alessandro Roncari

Hello

I have the following issue with ralink wireless card, acting in hostap 
mode

 hardware: ral-rt2561s board acting as access point on a Soekris 
 Net4501, running OpenBSD 4.0.


can't seem to make it work like it should, even with a 9dBi antenna the 
signal is very weak and much weaker than my old netgear AP. weak and 
unstable

everything is set up correctly

# dmesg | grep ral0
ral0 at pci0 dev 16 function 0 Ralink RT2561S rev 0x00: irq 10, 
address 00:12:0e:61:80:98
ral0: MAC/BBP RT2561C, RF RT5225


ral0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lladdr 00:12:0e:61:80:98
 media: IEEE802.11 autoselect hostap (autoselect mode 11a hostap)
 status: active
 ieee80211: nwid xxx chan 11 bssid 00:12:0e:61:80:98 nwkey  
100dBm
 inet 192.168.x.x netmask 0xff00 broadcast 192.168.x.xxx
 inet6 fe80::212:eff:fe61:8098%ral0 prefixlen 64 scopeid 0x1

but it seems it's all working at very small % of its power.
question is: is this a known bug in the driver?? or is there anything I 
could do to improve the situation?

Thanks,

Alessandro
Soekris docs  rulesets http://sekureshell.altervista.org

Re: OpenBSD Install Goal

2007-09-18 Thread Jan Stary

 I hope one day soon OpenBSD will adopt a nice ncurses setup similar
 to something like FreeBSD with ease to it.

There is no _need_ for a nice curses setup - the current installer
already has ease to itw, to put it mildly. In fact, OpenBSD's
installer is the best I have met during my years-long career of
a sysadmin.

You are given a brand new machine; you bring your install CD; and after
four minutes of using the standard tools (disklabel, fdisk, ifconfig,
...) you are already very familiar with, you have a fully working box,
modulo afterboot.

Jan

Re: embedded device

2007-09-18 Thread Trash Compactor


Alberich de megres wrote:

Hi,

Can anyone pointme to a embedded device like soekris?, but i want one that
performs fine using pf. Better if it have gigabits NICs but if not there's
no problem.

thanks!

  

There are several by commell (commell.com.tw)
The LE-564 and LE-565 have nice spec sheets.  Cases for these are a 
little more problematic since I have not seen anyone selling these 
boards with a case.
I would love to see a 1U case that fits two of these boards and two 
power supplies, for use with CARP and pfsync.


/Jason

OpenBGPd Regular Expression

2007-09-18 Thread nachocheeze

I saw from a thread a while back that putting as-path regular
expression support into OpenBGPd was being considered.  I'm testing
out a 4.2 snapshot, and so far it doesn't seem to be there just yet.

For various reasons, I'd like to be able to tweak prefixes based on
some specific as-path values a la Juniper.  This kind of stuff:

Criteria: Path whose second AS number must be 56 or 78.
Regular Expression: (. 56) | (. 78) or . (56|78)
Example Matches:  1234 56 and/or 34 78

http://www.juniper.net/techpubs/software/junos/junos74/swconfig74-policy/html/policy-extend-match-config3.html

Anyone know if this is in the works?

Re: question on spamd blacklisted hosts

--- Peter N. M. Hansteen [EMAIL PROTECTED] wrote:

 Juan Miscaro [EMAIL PROTECTED] writes:
 
  { This is a resend.  No replies after 24 hours }
 
 That could have been due to too little information.
 
  Running OBSD 4.0 here.
 
  I was under the impression that spamd only did greylisting and
 dynamic
  whitelisting.  Static blacklisting available via spamd-setup (and
  pseudo-whitelisting; of some of those blacklisted hosts).
 
 I had to go back and check, but 4.0 has greytrapping.  Are you
 perhaps
 using that in your setup? 
 
  I occasionally get log messages like:
 
   spamd[12128]: (BLACK) 65.216.123.37: [EMAIL PROTECTED] -
  [EMAIL PROTECTED]
 
 Well, one obvious deficiency here is that you cut out the timestamp.
 If you're using either greytrapping or one of the more frequently
 updated downloadable blaclists (such as Beck's from UoA), it's quite
 possible that the address was in the blacklist at the time but its
 entry expired.

I _am_ using blacklists with spamd-setup and I _did_ check the
blacklisted hosts immediately after seeing the message.  Perhaps my
command is messed up:

sudo pfctl -t spamd -T show | grep 65.216.123.37


  Be smarter than spam. See how smart SpamGuard is at giving junk email the 
boot with the All-new Yahoo! Mail at http://mrd.mail.yahoo.com/try_beta?.intl=ca

Re: OpenBGPd Regular Expression

2007-09-18 Thread Claudio Jeker

On Tue, Sep 18, 2007 at 12:25:02PM -0500, [EMAIL PROTECTED] wrote:
 I saw from a thread a while back that putting as-path regular
 expression support into OpenBGPd was being considered.  I'm testing
 out a 4.2 snapshot, and so far it doesn't seem to be there just yet.
 
 For various reasons, I'd like to be able to tweak prefixes based on
 some specific as-path values a la Juniper.  This kind of stuff:
 
 Criteria: Path whose second AS number must be 56 or 78.
 Regular Expression: (. 56) | (. 78) or . (56|78)
 Example Matches:  1234 56 and/or 34 78
 
 http://www.juniper.net/techpubs/software/junos/junos74/swconfig74-policy/html/policy-extend-match-config3.html
 
 Anyone know if this is in the works?
 

Adding a better AS filter list is on my todo list since a long time. We
will not implement a full regex -- cisco demonstrated once again why regex
is a bad idea.

Just a few thoughts. I do not like the | (or) operator. This can be
written with two rules without any issues. I guess we will support +, ., -
, ^ and $.

-- 
:wq Claudio

Re: Wasting our Freedom

2007-09-18 Thread Marco Peereboom

On Tue, Sep 18, 2007 at 08:56:47AM -0400, Theodore Tso wrote:
 On Tue, Sep 18, 2007 at 06:29:48AM -0500, Marco Peereboom wrote:
  Now if they'd fix the copyright message to only mention Reyk all would
  be good.
 
 It *does* mention Reyk, if you would bother to look.  The thing which
 Theo is kvetching about, and which apparently is enough to cause the
 *BSD zombies to start attacking without actually _checking_ _for_
 _themselves_ is whether or not Jiri and Nick did enough to work so
 they should have their names listed in the headers.  In other words,
 all of the megabytes and megabhytes of flamewar is over these two
 lines:
 
  * Copyright (c) 2006-2007 Nick Kossifidis [EMAIL PROTECTED]
  * Copyright (c) 2007 Jiri Slaby [EMAIL PROTECTED]

Its simple; this is illegal.  Those two fruitcakes didn't do jack and
can therefore not claim copyright.  Would be the same as me taking the
linux kernel and adding myself to each file.  I am pretty sure some
people would be up in arms about that.

 
 Petty, isn't it?  Let's just say it's b.s. like this which is why, 16
 years ago, I decided to work with Linux instead of BSD.

I don't make the laws and I did not break any so you call it whatever
you like.

 
   - Ted
 
 P.S.  And yes, before those two lines is:
 
  * Copyright (c) 2004-2007 Reyk Floeter [EMAIL PROTECTED]

So what?  you don't get a cookie for abiding the law.

 
 and after those two lines is the BSD permission notice.

Where it belongs.  Again you don't get a cookie for doing what you are
supposed to do.

Just like you don't get a cookie for taking care of your kids; you're
supposed to do that.

Re: Wasting our Freedom

2007-09-18 Thread Gilles Chehade

On Tue, Sep 18, 2007 at 08:56:47AM -0400, Theodore Tso wrote:

 [...]

 Petty, isn't it?  Let's just say it's b.s. like this which is why, 16
 years ago, I decided to work with Linux instead of BSD.
 

Fortunately, no one seems to miss you so much in the BSD camp ;-)

Gilles

Re: Define hosts lookup for pf.conf

2007-09-18 Thread Richard Toohey

It's telling you exactly what's wrong - you have not specified any  
code for the -e option.


man perl:

SYNOPSIS
   perl [ -sTuU ] [ -hv ] [ -V[:configvar] ]
   [ -cw ] [ -d[:debugger] ] [ -D[number/list] ]
   [ -pna ] [ -Fpattern ] [ -l[octal] ] [ -0[octal] ]
   [ -Idir ] [ -m[-]module ] [ -M[-]'module...' ]
   [ -P ] [ -S ] [ -x[dir] ]
   [ -i[extension] ] [ -e 'command' ] [ -- ] [ programfile ]  
[ argu-

   ment ]...

In the code snippet I sent I specified some code that tried to pull  
in the Socket module (I just copied the first two perl lines of  
David's script):


$ perl -e 'use strict; use Socket; print(hello\n);'

perl -e on its own will raise the error you have seen.

If a module is missing you will get something along the lines of:

perl -e 'use no-such-module;'
Can't locate no.pm in @INC (@INC contains: [cut blah-blah-blah]) at - 
e line 1.

BEGIN failed--compilation aborted at -e line 1.

But we are wandering well outside the realms of OpenBSD and into  
perl.  Try http://www.perlmonks.org/ or http://www.perl.com/ as  
starting points.


On 19/09/2007, at 3:21 AM, pichi wrote:


The Socket module should also be there:

$ perl -e 'use strict; use Socket; print(hello\n);'
hello


Thanks,

I have perl installed:

$perl -v

$This is perl, v5.8.8 built for i386-openbsd

but it looks like I dont have the socket module becuase when I do:

$perl -e

I get:

$No code specified for -e.

How can I add that module, and again, is is it safe for a publically
accessable firewall?

Many thanks from the newby,

Pedro


--
View this message in context: http://www.nabble.com/Define-hosts- 
lookup-for-pf.conf-tf4469900.html#a12759409

Sent from the openbsd user - misc mailing list archive at Nabble.com.

Re: question on spamd blacklisted hosts

--- Jacob Yocom-Piatt [EMAIL PROTECTED] wrote:

 Juan Miscaro wrote:
  { This is a resend.  No replies after 24 hours }
 
  Running OBSD 4.0 here.
 
  I was under the impression that spamd only did greylisting and
 dynamic
  whitelisting.  Static blacklisting available via spamd-setup (and
  pseudo-whitelisting; of some of those blacklisted hosts).
 
  But not dynamic blacklisting.
 
  I occasionally get log messages like:
 
   spamd[12128]: (BLACK) 65.216.123.37: [EMAIL PROTECTED] -
  [EMAIL PROTECTED]
 
  I searched my spamdb table (static blacklist) and the IP address
 above
  is not in there.
 
  What am I missing?
 

 
 man spamd-setup
 
 search for spamd-setup in the spamd manpage


Did that already.  See my other replies to this thread.



  Be smarter than spam. See how smart SpamGuard is at giving junk email the 
boot with the All-new Yahoo! Mail at http://mrd.mail.yahoo.com/try_beta?.intl=ca

Re: question on spamd blacklisted hosts

--- Darrin Chandler [EMAIL PROTECTED] wrote:

 On Tue, Sep 18, 2007 at 10:30:45AM -0400, Juan Miscaro wrote:
  { This is a resend.  No replies after 24 hours }
  
  Running OBSD 4.0 here.
  
  I was under the impression that spamd only did greylisting and
 dynamic
  whitelisting.  Static blacklisting available via spamd-setup (and
  pseudo-whitelisting; of some of those blacklisted hosts).
  
  But not dynamic blacklisting.
 
 It can also blacklist for 24 hours for spamtrap addresses.


I'm not using the spamtrap feature.


  I occasionally get log messages like:
  
   spamd[12128]: (BLACK) 65.216.123.37: [EMAIL PROTECTED] -
  [EMAIL PROTECTED]
  
  I searched my spamdb table (static blacklist) and the IP address
 above
  is not in there.
  
  What am I missing?
 
 You are missing a lot of detective work on your end, for starters.
 
 That IP address certainly isn't Microsoft. It's probably sent spam
 under
 different domains as well. It could have been in a blacklist via
 spamd-setup, or one of your own spamtraps (if you're using them), or


I know it's not Microsoft related.

Yes, I'm trying to ascertain why it was seen as a blacklisted host when
I cannot find this IP address in my pf spamd table.


 
 Search your spamd logs for that IP and you should see the
 connect/disconnect lines that may show lists: xxx where xxx will
 be
 the list that it's on. If you are keeping logs long enough, or if you
 catch this quick enough, you can also see the initial interaction.


It's all there.  I'm now trying to figure out why.


  Be smarter than spam. See how smart SpamGuard is at giving junk email the 
boot with the All-new Yahoo! Mail at http://mrd.mail.yahoo.com/try_beta?.intl=ca

1440x900 resolution problem

2007-09-18 Thread Marius ROMAN

Hi misc,

I can't get the 1440x900 resolution on my Samsung 940BW flat panel
screen to work.
I searched the lists but found nothing that could help me.
Xorg.0.log says something like this :

(II) ATI(0): Not using mode 1440x900 (no mode of this name)

Using gtf (gtf 1440 900 60) I have added :
Modeline 1440x900_60.00  106.47  1440 1520 1672 1904  900 901 904
932  -HSync +Vsync
to the Monitor section on xorg.conf.

Any ideas ?

/var/log/Xorg.0.log
=

(--) checkDevMem: using aperture driver /dev/xf86
(--) Using wscons driver on /dev/ttyC4 in pcvt compatibility mode (version 3.32)
(WW) xf86AcquireGART: AGPIOC_ACQUIRE failed (Device not configured)
(WW) GARTInit: AGPIOC_INFO failed (Device not configured)

X Window System Version 6.9.0 (for OpenBSD)
Release Date: 21 December 2005
X Protocol Version 11, Revision 0, Release 6.9
Build Operating System: OpenBSD 4.1 i386 [ELF]
Current Operating System: OpenBSD localhost 4.1 GENERIC#1450 i386
Build Date: 07 March 2007
Before reporting problems, check http://wiki.X.Org
to make sure that you have the latest version.
Module Loader present
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: /var/log/Xorg.0.log, Time: Tue Sep 18 21:14:49 2007
(==) Using config file: /etc/X11/xorg.conf
(==) ServerLayout X.org Configured
(**) |--Screen Screen0 (0)
(**) |   |--Monitor Monitor0
(**) |   |--Device Card0
(**) |--Input Device Mouse0
(**) |--Input Device Keyboard0
(**) FontPath set to
/usr/X11R6/lib/X11/fonts/misc/,/usr/X11R6/lib/X11/fonts/TTF/,/usr/X11R6/lib/X11/fonts/Type1/,/usr/X11R6/lib/X11
/fonts/CID/,/usr/X11R6/lib/X11/fonts/75dpi/,/usr/X11R6/lib/X11/fonts/100dpi/
(**) RgbPath set to /usr/X11R6/lib/X11/rgb
(**) ModulePath set to /usr/X11R6/lib/modules
(II) Module ABI versions:
X.Org ANSI C Emulation: 0.2
X.Org Video Driver: 0.8
X.Org XInput driver : 0.5
X.Org Server Extension : 0.2
X.Org Font Renderer : 0.4
(II) Loader running on openbsd
(II) LoadModule: bitmap
(II) Loading /usr/X11R6/lib/modules/fonts/libbitmap.so
(II) Module bitmap: vendor=X.Org Foundation
compiled for 6.9.0, module version = 1.0.0
Module class: X.Org Font Renderer
ABI class: X.Org Font Renderer, version 0.4
(II) Loading font Bitmap
(II) LoadModule: pcidata
(II) Loading /usr/X11R6/lib/modules/libpcidata.so
(II) Module pcidata: vendor=X.Org Foundation
compiled for 6.9.0, module version = 1.0.0
ABI class: X.Org Video Driver, version 0.8
(II) PCI: PCI scan (all values are in hex)
(II) PCI: 00:00:0: chip 1166,0009 card , rev 06 class 06,00,00 hdr 80
(II) PCI: 00:00:1: chip 1166,0009 card , rev 06 class 06,00,00 hdr 80
(II) PCI: 00:02:0: chip 8086,1229 card 1028,009b rev 08 class 02,00,00 hdr 00
(II) PCI: 00:06:0: chip 125d,1969 card 125d, rev 01 class 04,01,00 hdr 00
(II) PCI: 00:0e:0: chip 1002,4752 card 1028,00ce rev 27 class 03,00,00 hdr 00
(II) PCI: 00:0f:0: chip 1166,0200 card 1166,0200 rev 50 class 06,01,00 hdr 80
(II) PCI: 00:0f:1: chip 1166,0211 card , rev 00 class 01,01,8a hdr 80
(II) PCI: 00:0f:2: chip 1166,0220 card 1166,0220 rev 04 class 0c,03,10 hdr 80
(II) PCI: 01:02:0: chip 9005,00cf card 1028,00ce rev 01 class 01,00,00 hdr 80
(II) PCI: 01:02:1: chip 9005,00cf card 1028,00ce rev 01 class 01,00,00 hdr 80
(II) PCI: End of PCI scan
(II) Host-to-PCI bridge:
(II) Bus 0: bridge is at (0:0:0), (0,0,1), BCTRL: 0x0008 (VGA_EN is set)
(II) Bus 0 I/O range:
[0] -1  0   0x - 0x (0x1) IX[B]
(II) Bus 0 non-prefetchable memory range:
[0] -1  0   0x - 0x (0x0) MX[B]
(II) Bus 0 prefetchable memory range:
[0] -1  0   0x - 0x (0x0) MX[B]
(II) PCI-to-ISA bridge:
(II) Bus -1: bridge is at (0:15:0), (0,-1,-1), BCTRL: 0x0008 (VGA_EN is set)
(II) Host-to-PCI bridge:
(II) Bus 1: bridge is at (0:0:0), (1,1,0), BCTRL: 0x0008 (VGA_EN is set)
(II) Bus 1 I/O range:
[0] -1  0   0x - 0x (0x1) IX[B]
(II) Bus 1 non-prefetchable memory range:
[0] -1  0   0x - 0x (0x0) MX[B]
(II) Bus 1 prefetchable memory range:
[0] -1  0   0x - 0x (0x0) MX[B]
(--) PCI:*(0:14:0) ATI Technologies Inc Rage XL rev 39, Mem @
0xfc00/24, 0xfe101000/12, I/O @ 0xe800/8
(II) Addressable bus resource ranges are
[0] -1  0   0x - 0x (0x0) MX[B]
[1] -1  0   0x - 0x (0x1) IX[B]
(II) OS-reported resource ranges:
[0] -1  0   0x0010 - 0x3fff (0x3ff0) MX[B]E(B)
[1] -1  0   0x000f - 0x000f (0x1) MX[B]
[2] -1  0   0x000c - 0x000e (0x3) MX[B]
[3] -1  0   0x - 0x0009 (0xa) MX[B]
[4] -1  0   0x -

Re: Wasting our Freedom

2007-09-18 Thread Can E. Acar

Theodore Tso wrote:
 On Mon, Sep 17, 2007 at 03:06:37PM -0700, Can E. Acar wrote:
 The only remaining issue is whether Nick  Jiri have enough
 original contributions to the code to be added to the Copyright.

 I believe this needs to be resolved between Reyk and Nick and Jiri.

 The main reason of Theo's message, linked earlier, was the
 lack of response on this issue. It seems that the SFLC is
 dismissing this issue, and thus stalling its resolution by the
 developers.
 
 OK, so all of this flaming, and digging up of licenses ripped off,
 and chaff thrown up in the air, and moaning and bewailing about
 theft, is now down to these two lines regarding Nick and Jiri:

Yes, quite an improvement, considering how it all started, dont you think?
Pity it took so much pushing and dragging to get people to do the right
thing.
There is just one little step to go. It is can not be that hard, can it?


 * Copyright (c) 2004-2007 Reyk Floeter [EMAIL PROTECTED]
 * Copyright (c) 2006-2007 Nick Kossifidis [EMAIL PROTECTED]
 * Copyright (c) 2007 Jiri Slaby [EMAIL PROTECTED]
 [snip rest of BSD license]
 
 It's under a BSD license; what material difference does those two
 lines make, for goodness sake?  It's under a BSD license, so it's not
 like anything won't be given back.

As a programmer, you sure would know what difference any two lines
would make on your program. When it comes to law, you seem to lose
that intuition.


 Whether or not they have made
 enough for changes is really a question for the lawyers, and may
 differ from one jurisdiction to another
 --- but whether or not they have now, or maybe will not make until later ---

Well, they can add their names *anywhere* in the whole file, *except*
these two lines. See, these lines have a whole different meaning
when it comes to laws.  When they make sufficient contribution, they
sure can add their names. What is so difficult to understand here?

I have seen some academic papers, where the first author did all the work,
the second author is the professor who funded the work, and the remaining
five authors are just coming along for a ride.  You know what the
difference is? The original author *allows* them to put their names as
authors.

Here, you are adding names, and say why not. It is both unethical and
illegal.

 does it really make a
 difference?  Who gets hurt if someone gets they get a bit more credit
 than they deserve?  Certainly the most important thing is that Reyk is
 given proper credit, right?

As long as it is not a derived work, Reyk gets to decide who is in the
copyright. Even if it is a derived work, it is polite to ask.

If, at the beginning, Nick and Jiri, and others asked Reyk to be included
in the Copyright for the adaptation work they did on the HAL. I do not
believe he would have refused. I can not talk for him, but things would
be have been resolved in a much nicer and positive way.

Instead they chose to push Reyk for months to dual license his code,
then attempted to change the whole license. Even now, when there is
just a small issue left, people are still dragging and resisting.

I am really disappointed by all this.  I would have expected that once
such a patch is suggested (let alone being committed to some public place)
some senior/respected/responsible Linux person would tell them what they
are doing is wrong.  Right from the start.  I now see this is not how
things work around here.  Senior developers are either too busy or
reluctant to get their hands dirty. In OpenBSD, (which, I accept is a
much smaller community) when one developer does something wrong,
the clue stick is there to be used by one of the more experienced
developers.
Which means, issues are resolved quickly and with much less pain.


Can

-- 
In theory, there is no difference between theory and practice.
But, in practice, there is.

Re: Wasting our Freedom

2007-09-18 Thread Lennart Sorensen

On Tue, Sep 18, 2007 at 11:55:29AM -0700, Can E. Acar wrote:
 Well, they can add their names *anywhere* in the whole file, *except*
 these two lines. See, these lines have a whole different meaning
 when it comes to laws.  When they make sufficient contribution, they
 sure can add their names. What is so difficult to understand here?

Please define Sufficient contribution.  And in what juristiction that
definition applies.

--
Len Sorensen

Re: Wasting our Freedom

2007-09-18 Thread Jeff Garzik


Can E. Acar wrote:

As long as it is not a derived work, Reyk gets to decide who is in the
copyright. Even if it is a derived work, it is polite to ask.


Additional work went in, thus additional copyrights were added.



I am really disappointed by all this.  I would have expected that once
such a patch is suggested (let alone being committed to some public place)


In a purely open development environment, even personal developer trees 
are made public.  That's the way we _want_ development to occur.  Out in 
public, with a full audit trail.


Your implied ideal scenario is tantamount to guaranteeing that mistakes 
are never committed to a public repository anywhere.  Mistakes will 
happen.  Even legal mistakes.  In public.




some senior/respected/responsible Linux person would tell them what they
are doing is wrong.  Right from the start.


What you are seeing is an example of mistakes that were caught in 
review, and corrected.


That's how any scalable review process works...  the developer reviews 
his own work.  the team reviews the developer's work.  the maintainer 
reviews the team's work.  the next maintainer reviews.  and so on, to 
the top.


Jeff

Re: Wasting our Freedom

2007-09-18 Thread Can E. Acar

Lennart Sorensen wrote:
 On Tue, Sep 18, 2007 at 11:55:29AM -0700, Can E. Acar wrote:
 Well, they can add their names *anywhere* in the whole file, *except*
 these two lines. See, these lines have a whole different meaning
 when it comes to laws.  When they make sufficient contribution, they
 sure can add their names. What is so difficult to understand here?
 
 Please define Sufficient contribution.  And in what juristiction that
 definition applies.

Please note that I am not a lawyer. It would be best if you do
your own research, and consult a lawyer.

Please look up the definition of derivative work. Even Wikipedia would
do for
some basic definitions. The copyright laws in most countries adhere to the
Berne Convention, yet another phrase to look up.

From my own research, one guideline I would consider is:
The new material must be original and copyrightable in itself.

But, again, if it comes to that, the lawyers will decide and we can have
no more say on the subject.

Let me, instead tell you how we handle this when working on BSD code:
We communicate. If we feel we did some extensive changes to a file, we ask.
Get OKs from other senior developers, preferably the authors and then add
our name.

During our license audits of the OpenBSD tree, a couple of years ago, our
developers went into great pains to locate the authors and clarify
the questionable licenses that were our tree.  We are actively working
on replacing the remaining non-BSD licensed code in our tree. Not by
slapping
on our own licenses, but by asking the authors nicely to relicense, finding
replacements with an acceptable license, or by rewriting them.


Can

-- 
In theory, there is no difference between theory and practice.
But, in practice, there is.

Re: embedded device

2007-09-18 Thread Boudewijn Ector

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Trash Compactor schreef:
 Alberich de megres wrote:
 Hi,

 Can anyone pointme to a embedded device like soekris?, but i want
 one that
 performs fine using pf. Better if it have gigabits NICs but if not
 there's
 no problem.

 thanks!

  
 There are several by commell (commell.com.tw)
 The LE-564 and LE-565 have nice spec sheets.  Cases for these are a
 little more problematic since I have not seen anyone selling these
 boards with a case.
 I would love to see a 1U case that fits two of these boards and two
 power supplies, for use with CARP and pfsync.

 /Jason

Try PC-engines boards.pcengines.ch.
my graduation project runs OpenBSD on these boards :)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG8Bxcswhu1gS6+qoRAlKtAKCaJYBebwy+za3MoL9HNfHO/qq64ACgrywt
3OAgVPgvs7ZrKhYeV7QqC9M=
=iy15
-END PGP SIGNATURE-

Status of uvm_fault in 4.2

2007-09-18 Thread Jon Steel

Hi

Back in OpenBSD 4.0 I got the error below regarding a uvm_fualt.
According to the cvs logs in pmap.c the bug was not occuring in OpenBSD
4.1 due to some code being reverted, so we switched to that. It seemed
to corret the problem until just the other day. I had a computer
constantly rebooting all night, and on one of the shutdowns I got the error.

I noticed that there is a lot of changes going on in pmap.c since 4.1
and I was wondering on the status of this error? Has it actually been
fixed yet? If it has not, is there anything I can do to help? I have a
few dual and quad core machines I could use to test any changes.

Thanks

Jonathan Steel

uvm_fault(0x..., 0x..., 0, 1) - e
kernel: page fault trap, code = 0
stopped at pmap_page_remove_86+0x114:
0(%eax, %edx, 4), %eax

The trace output is:

pmap_page_remove_86(d0d31420,c0,e9b57e2c,d04adeb9,e99f) at 
pmap_page_remove_86+0x114
uvm_vnp_terminate(d8034e04,0,0,0,0,14,0,d7e95004) at uvm_vnpterminate+0x31f
uvm_attach(d8034e04,0,2,0,d7f38378) at uvn_attach+0x2b5
uvm_unmap_detach(d7e959a4,0,d7f3841c,1) at uvm_unmap_detach+-x62
uvmspace_free(d7f38378,6,d08120e0) at uvmspace_free+0xfd
uvm_exit(d7fbb868,14,8,286) at uvm_exit+0x19
reaper(d80df430) at reaper+0x90
Bad frame pointer: 0xd0913eb8

Re: 1440x900 resolution problem

2007-09-18 Thread Darrin Chandler

On Tue, Sep 18, 2007 at 09:44:14PM +0300, Marius ROMAN wrote:
 (II) ATI(0): Not using mode 1440x900 (no mode of this name)
 
 Using gtf (gtf 1440 900 60) I have added :
 Modeline 1440x900_60.00  106.47  1440 1520 1672 1904  900 901 904
 932  -HSync +Vsync
 to the Monitor section on xorg.conf.

Try matching the name in the Modeline and the one you use in Modes. IOW,
use 1440x900_60.00 in both places. Or use 1400x900 in both places.

-- 
Darrin Chandler|  Phoenix BSD User Group  |  MetaBUG
[EMAIL PROTECTED]   |  http://phxbug.org/  |  http://metabug.org/
http://www.stilyagin.com/  |  Daemons in the Desert   |  Global BUG Federation

Re: question on spamd blacklisted hosts

2007-09-18 Thread Darrin Chandler

On Tue, Sep 18, 2007 at 09:09:24PM +0100, Stuart Henderson wrote:
 On 2007/09/18 13:48, Juan Miscaro wrote:
  I _am_ using blacklists with spamd-setup and I _did_ check the
  blacklisted hosts immediately after seeing the message.  Perhaps my
  command is messed up:
  
  sudo pfctl -t spamd -T show | grep 65.216.123.37
 
 yes, most blacklists use cidr prefixes.

Yes :)

Use test instead of show should help there:

$ sudo pfctl -t spamd -T test 65.216.123.37

-- 
Darrin Chandler|  Phoenix BSD User Group  |  MetaBUG
[EMAIL PROTECTED]   |  http://phxbug.org/  |  http://metabug.org/
http://www.stilyagin.com/  |  Daemons in the Desert   |  Global BUG Federation

Re: question on spamd blacklisted hosts

On 2007/09/18 13:48, Juan Miscaro wrote:
 I _am_ using blacklists with spamd-setup and I _did_ check the
 blacklisted hosts immediately after seeing the message.  Perhaps my
 command is messed up:
 
 sudo pfctl -t spamd -T show | grep 65.216.123.37

yes, most blacklists use cidr prefixes.

Re: question on spamd blacklisted hosts

--- Darrin Chandler [EMAIL PROTECTED] wrote:

 On Tue, Sep 18, 2007 at 09:09:24PM +0100, Stuart Henderson wrote:
  On 2007/09/18 13:48, Juan Miscaro wrote:
   I _am_ using blacklists with spamd-setup and I _did_ check the
   blacklisted hosts immediately after seeing the message.  Perhaps
 my
   command is messed up:
   
   sudo pfctl -t spamd -T show | grep 65.216.123.37
  
  yes, most blacklists use cidr prefixes.
 
 Yes :)
 
 Use test instead of show should help there:
 
 $ sudo pfctl -t spamd -T test 65.216.123.37


Bingo.

Thanks Stuart and Darrin.

// juan


  Get news delivered with the All new Yahoo! Mail.  Enjoy RSS feeds right 
on your Mail page. Start today at http://mrd.mail.yahoo.com/try_beta?.intl=ca

Re: problems with ral0 and OBSD 4.0

2007-09-18 Thread Pierre Riteau


Le 18 sept. 07 ` 18:41, Alessandro Roncari a icrit :


Hello

I have the following issue with ralink wireless card, acting in hostap
mode


hardware: ral-rt2561s board acting as access point on a Soekris
Net4501, running OpenBSD 4.0.



can't seem to make it work like it should, even with a 9dBi antenna
the
signal is very weak and much weaker than my old netgear AP. weak and
unstable

everything is set up correctly

# dmesg | grep ral0
ral0 at pci0 dev 16 function 0 Ralink RT2561S rev 0x00: irq 10,
address 00:12:0e:61:80:98
ral0: MAC/BBP RT2561C, RF RT5225


ral0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lladdr 00:12:0e:61:80:98
 media: IEEE802.11 autoselect hostap (autoselect mode 11a
hostap)
 status: active
 ieee80211: nwid xxx chan 11 bssid 00:12:0e:61:80:98 nwkey

100dBm
 inet 192.168.x.x netmask 0xff00 broadcast 192.168.x.xxx
 inet6 fe80::212:eff:fe61:8098%ral0 prefixlen 64 scopeid 0x1

but it seems it's all working at very small % of its power.
question is: is this a known bug in the driver?? or is there
anything I
could do to improve the situation?


Update to OpenBSD 4.1 or -current, there were some changes in ral(4)
code.

e.g.
replace rssadapt(9) with amrr for automatic rate control.
as a side-effect, this should fix all the bogus xmit rate panics
users have been complaining about for some time when operating in
HostAP mode.



Thanks,

Alessandro
Soekris docs  rulesets http://sekureshell.altervista.org

Re: 1440x900 resolution problem

2007-09-18 Thread Sean Darby

I'm no pro, and anyone please correct me if I'm wrong, but
this might work...

in xorg.conf under section monitor...
paste this before endsection:

Modeline1440x900 134.52 1440 1536 1688 1936 900 901 904 939
Modeline1440x900 132.71 1440 1536 1688 1936 900 901 904 939
Modeline1440x900 130.75 1440 1536 1688 1936 900 901 904 938

up above it where you have horiz  vert, you might try:

HorizSync31-81
VertRefresh  56-76

...or maybe...

HorizSync   30-92 (I might be off on that)
VertRefresh 60-170 (I might be off on that too)

And in section screen under subsection display you might
want to update to something like...

SubSection Display
   Depth  16
   Modes  1440x900 1280x960 1366x768 1280x800 1152x864
1280x768 1024x768 1280x600 1024x600 800x600 768x576 640x480
 EndSubSection
 SubSection Display
   Depth  24
   Modes  1440x900 1280x960 1366x768 1280x800 1152x864
1280x768 1024x768 1280x600 1024x600 800x600 768x576 640x480
 EndSubSection
 SubSection Display
   Depth  8
   Modes  1440x900 1280x960 1366x768 1280x800 1152x864
1280x768 1024x768 1280x600 1024x600 800x600 768x576 640x480
 EndSubSection

Again, apologies in advance if my inexperience has provided
incorrect information. I've adjusted my 1680x1050 resolution
settings similarly to that above and it worked. Though it
might be different for you depending on what all you are
using, I'm not sure.

-Sean

On Tue, Sep 18, 2007 at 09:44:14PM +0300, Marius ROMAN wrote:
 Hi misc,

 I can't get the 1440x900 resolution on my Samsung 940BW flat panel
 screen to work.
 I searched the lists but found nothing that could help me.
 Xorg.0.log says something like this :

 (II) ATI(0): Not using mode 1440x900 (no mode of this name)

 Using gtf (gtf 1440 900 60) I have added :
 Modeline 1440x900_60.00  106.47  1440 1520 1672 1904  900 901 904
 932  -HSync +Vsync
 to the Monitor section on xorg.conf.

 Any ideas ?

 /var/log/Xorg.0.log
 =

 (--) checkDevMem: using aperture driver /dev/xf86
 (--) Using wscons driver on /dev/ttyC4 in pcvt compatibility mode (version
3.32)
 (WW) xf86AcquireGART: AGPIOC_ACQUIRE failed (Device not configured)
 (WW) GARTInit: AGPIOC_INFO failed (Device not configured)

 X Window System Version 6.9.0 (for OpenBSD)
 Release Date: 21 December 2005
 X Protocol Version 11, Revision 0, Release 6.9
 Build Operating System: OpenBSD 4.1 i386 [ELF]
 Current Operating System: OpenBSD localhost 4.1 GENERIC#1450 i386
 Build Date: 07 March 2007
 Before reporting problems, check http://wiki.X.Org
 to make sure that you have the latest version.
 Module Loader present
 Markers: (--) probed, (**) from config file, (==) default setting,
 (++) from command line, (!!) notice, (II) informational,
 (WW) warning, (EE) error, (NI) not implemented, (??) unknown.
 (==) Log file: /var/log/Xorg.0.log, Time: Tue Sep 18 21:14:49 2007
 (==) Using config file: /etc/X11/xorg.conf
 (==) ServerLayout X.org Configured
 (**) |--Screen Screen0 (0)
 (**) |   |--Monitor Monitor0
 (**) |   |--Device Card0
 (**) |--Input Device Mouse0
 (**) |--Input Device Keyboard0
 (**) FontPath set to

/usr/X11R6/lib/X11/fonts/misc/,/usr/X11R6/lib/X11/fonts/TTF/,/usr/X11R6/lib/
X11/fonts/Type1/,/usr/X11R6/lib/X11

/fonts/CID/,/usr/X11R6/lib/X11/fonts/75dpi/,/usr/X11R6/lib/X11/fonts/100dpi/
 (**) RgbPath set to /usr/X11R6/lib/X11/rgb
 (**) ModulePath set to /usr/X11R6/lib/modules
 (II) Module ABI versions:
 X.Org ANSI C Emulation: 0.2
 X.Org Video Driver: 0.8
 X.Org XInput driver : 0.5
 X.Org Server Extension : 0.2
 X.Org Font Renderer : 0.4
 (II) Loader running on openbsd
 (II) LoadModule: bitmap
 (II) Loading /usr/X11R6/lib/modules/fonts/libbitmap.so
 (II) Module bitmap: vendor=X.Org Foundation
 compiled for 6.9.0, module version = 1.0.0
 Module class: X.Org Font Renderer
 ABI class: X.Org Font Renderer, version 0.4
 (II) Loading font Bitmap
 (II) LoadModule: pcidata
 (II) Loading /usr/X11R6/lib/modules/libpcidata.so
 (II) Module pcidata: vendor=X.Org Foundation
 compiled for 6.9.0, module version = 1.0.0
 ABI class: X.Org Video Driver, version 0.8
 (II) PCI: PCI scan (all values are in hex)
 (II) PCI: 00:00:0: chip 1166,0009 card , rev 06 class 06,00,00 hdr
80
 (II) PCI: 00:00:1: chip 1166,0009 card , rev 06 class 06,00,00 hdr
80
 (II) PCI: 00:02:0: chip 8086,1229 card 1028,009b rev 08 class 02,00,00 hdr
00
 (II) PCI: 00:06:0: chip 125d,1969 card 125d, rev 01 class 04,01,00 hdr
00
 (II) PCI: 00:0e:0: chip 1002,4752 card 1028,00ce rev 27 class 03,00,00 hdr
00
 (II) PCI: 00:0f:0: chip 1166,0200 card 1166,0200 rev 50 class 06,01,00 hdr
80
 (II) PCI: 00:0f:1: chip 1166,0211 card , rev 00 class 01,01,8a hdr
80
 (II) PCI: 00:0f:2: chip 1166,0220 card 1166,0220 rev 04 class 0c,03,10 hdr
80
 (II) PCI: 01:02:0: chip 9005,00cf card 1028,00ce rev 01 class 01,00,00 hdr
80
 (II) PCI: 01:02:1: chip

Re: embedded device

2007-09-18 Thread Douglas A. Tutty

On Tue, Sep 18, 2007 at 11:36:54AM -0400, Jason Dixon wrote:
 On Sep 18, 2007, at 11:03 AM, Tang Tse [EMAIL PROTECTED] wrote:
 
 I had a soekis 4801 and pf performs only about 28Mb/s I think.
 
 I trying to set up a router for about 50-100 users and only with  
 28Mb/s i hadn't enought there's a big bottle neck.
 I general, i read that soekris devices are optimized for power  
 consume/heat disipation not for performance.
 
 No reason not to keep this on-list.
 
 You should upgrade to 4.2.  There were pf improvements at c2k7 that  
 doubled performance on Soekris (~58Mbps).

My understanding of the reason for embedded is for low power consumption
and heat disipation.  If you're more interested in performance, why are
you specifying embedded?  Why not specify the throughput and determine
the horsepower from that?

Doug.

Re: OpenBSD Install Goal

2007-09-18 Thread Douglas A. Tutty

On Tue, Sep 18, 2007 at 07:00:01PM +0200, Jan Stary wrote:
  I hope one day soon OpenBSD will adopt a nice ncurses setup similar
  to something like FreeBSD with ease to it.
 
 There is no _need_ for a nice curses setup - the current installer
 already has ease to itw, to put it mildly. In fact, OpenBSD's
 installer is the best I have met during my years-long career of
 a sysadmin.
 
 You are given a brand new machine; you bring your install CD; and after
 four minutes of using the standard tools (disklabel, fdisk, ifconfig,
 ...) you are already very familiar with, you have a fully working box,
 modulo afterboot.

The only issue I've seen is that if you are new to OBSD, even if used to
the command line in Linux (not clicky-pointy-lindows) fdisk and
disklabel are new.  On linux, the standard non-GUI partitioner is cfdisk
(curses fdisk) while there is not such thing as disklabel).

To my mind, even a curses interface to cfdisk and disklabel is not
necessary, but a little more help, e.g. a mini-menu along the bottom,
would go a long way.  Of course, the best thing is to have a copy of
Absolute OpenBSD and the FAQ open infront of you when you do the
install.

Doug.

Re: OpenBSD Install Goal

2007-09-18 Thread David Given

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Douglas A. Tutty wrote:
[...]
 The only issue I've seen is that if you are new to OBSD, even if used to
 the command line in Linux (not clicky-pointy-lindows) fdisk and
 disklabel are new.  On linux, the standard non-GUI partitioner is cfdisk
 (curses fdisk) while there is not such thing as disklabel).

I think cfdisk is pretty nasty. Standard Linux fdisk, with its highly minimal
command-line interface, is far easier to use IMO (but much harder to learn).
At least cfdisk is better than the incredibly slow and cumbersome
dialog-driven partitioner that Debian has --- I really cannot imagine what
they were thinking with that one.

Actually, OpenBSD does fall down a bit when it comes to partitioning; it's
not
just that there are two tools for doing what's pretty much the same job
(partitioning chunks of disk), it's that they have such radically different
user interfaces. You end up having to learn *two* UIs. I realise that there
are implementation reasons why it's necessary to have two apps, but that
doesn't help the usability.

People might be interested in having a look at Minix's partitioner, part.
Minix uses a slice-based system like the BSDs, although with slightly
different semantics, and part is a curses-based app that's actually
surprisingly easy to use *and* learn, even when doing complicated things.

http://minix1.woodhull.com/current/2.0.4/wwwman/man8/part.8.html

It's particularly interesting because it has a rather good algorithm for
guessing magical values --- point the cursor at a field, and pressing m
cycles
through all the significant values for that field. It's very rare that I
actually have to type a value in; which for something as critical to
miscalculation as a partition table is a good design feature.

- --
bbb o=o=o o=o=o=o=o=o=o=oo=o=o=
 bbb
http://www.cowlark.com
bbbbbbbbbbbbbbbbbbb
b
b There does not now, nor will there ever, exist a programming language in
b which it is the least bit hard to write bad programs. --- Flon's Axiom
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG8Fxrf9E0noFvlzgRAtHFAJ9xuoi5AVycWnED4XLguav1EIdjPgCg0pOh
ZvwLAZFMIAF2wdQh8tI1bww=
=uhyz
-END PGP SIGNATURE-

Re: OpenBSD Install Goal

On 2007/09/18 18:44, Douglas A. Tutty wrote:
 To my mind, even a curses interface to cfdisk and disklabel is not
 necessary, but a little more help, e.g. a mini-menu along the bottom,
 would go a long way.  Of course, the best thing is to have a copy of
 Absolute OpenBSD and the FAQ open infront of you when you do the
 install.

The booklet that comes with the CD set is good enough for
most purposes (if you're stuck with a small HD, maybe add a
pencil and a calculator if you think it'll help)...

Re: OpenBSD Install Goal

2007-09-18 Thread Darren Spruell

On 9/18/07, Douglas A. Tutty [EMAIL PROTECTED] wrote:
  You are given a brand new machine; you bring your install CD; and after
  four minutes of using the standard tools (disklabel, fdisk, ifconfig,
  ...) you are already very familiar with, you have a fully working box,
  modulo afterboot.

 The only issue I've seen is that if you are new to OBSD, even if used to
 the command line in Linux (not clicky-pointy-lindows) fdisk and
 disklabel are new.  On linux, the standard non-GUI partitioner is cfdisk
 (curses fdisk) while there is not such thing as disklabel).

fdisk isn't new; any operating system that has had to partition an
i386 system carries along with it the same fdisk-ish pardigm. whether
you call it fdisk, or cfdisk, or anaconda disk partitioning, or
windows setup, people have been doing the same damn thing for years
and shouldn't find differences in implementation intimidating.

disklabels aren't a strictly unique thing either; several systems have
them. even Linux has to deal with disklabels on non-x86 platforms
(e.g. Sun boxen) e.g.
http://www.gentoo.org/doc/en/handbook/handbook-sparc.xml?part=1chap=4.

 To my mind, even a curses interface to cfdisk and disklabel is not
 necessary, but a little more help, e.g. a mini-menu along the bottom,
 would go a long way.

Blech.

http://www.openbsd.org/faq/faq4.html
http://www.openbsd.org/faq/faq14.html
ftp://ftp.openbsd.org/pub/OpenBSD/4.1/i386/INSTALL.i386

There are resources a-plenty; anyone who finds it confusing is either
trying to install without having read docs, or is not familiar with
computers in the first place (and thus needs to read the docs.)
Computer users need to get smarter, instead of technology getting
dumber for them.

DS

Re: Wasting our Freedom

2007-09-18 Thread Jacob Meuser

On Tue, Sep 18, 2007 at 08:56:47AM -0400, Theodore Tso wrote:

 all of the megabytes and megabhytes of flamewar is over these two
 lines:
 
  * Copyright (c) 2006-2007 Nick Kossifidis [EMAIL PROTECTED]
  * Copyright (c) 2007 Jiri Slaby [EMAIL PROTECTED]
 
 Petty, isn't it?  Let's just say it's b.s. like this which is why, 16
 years ago, I decided to work with Linux instead of BSD.

copyright assertion == claim of ownership, or posession.

posession is 9/10 of the law.

was it petty of UCB to claim copyrights over code USL claimed ownersip
of?

was it also petty of Novell to claim that they, and not SCO, owned
the copyright to UNIX?

sorry, but calling attribution claims of any sort petty is nothing
short of dangerous ignorance.

-- 
[EMAIL PROTECTED]
SDF Public Access UNIX System - http://sdf.lonestar.org

Re: Simple startup daemon's on boot question?

On 2007/09/19 07:11, Edwards, David  (JTS) wrote:
 Introducing fresh admin staff to BSD is a lot easier
 if they don't have to do the grep for PID
 kill -TERM PID thing to stop a running service.

pkill is good for that. unlike some OS, you don't get trained
to use a command (killall) which could bite you on certain other
OS.

 Believe it or not, I've had people reboot servers in
 order to stop and start a service sigh..

this is not actually all that bad an idea in the
'start a service' case; it does ensure that it comes
up correctly at boot time.

Re: Simple startup daemon's on boot question?

2007-09-18 Thread Edwards, David (JTS)

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 On Behalf Of Jake Conk
 Sent: Tuesday, 18 September 2007 6:36 PM
 To: misc@openbsd.org
 Subject: Simple startup daemon's on boot question?

 Hello,

 Simple noob question... I've installed a few packages (ie nrpe2 and
 openvpn) that on other systems like Linux and even BSD based systems
 such as FreeBSD provide means of a rc script which can start and stop
 the service and you can configure this script to be executed on boot.

 After installing these packages on OpenBSD I've listed the package
 contents and don't notice any equivalent files that would do this. Are
 we supposed to write our own startup scripts and place them in
 /etc/rc.local to be executed when the system boots? Does OpenBSD not
 use rc scripts that start/stop/restart/ and status applications?

I'm probably going to get burnt for this but :-)

Put this in /etc/rc.conf.local:
---
local_startup_dir=/etc/rc.d
---

Put this in /etc/rc.local
--
. /etc/rc.conf.local
for f in ${local_startup_dir}/*.sh ; do
  if [ -x $f ]; then
logger -p daemon.notice -t rc.local Starting $f
$f start
sleep 1
  fi
done
---

Create the /etc/rc.d directory and plonk start/stop
executable scripts in there (should all end in .sh).

To turn a script off temporarily, make it non-executable
or change .sh to .sh.off or something.

Use numbers (01, 02 etc) in the front of the filename
to determine which scripts run first..

I use a template script like this:
--
#!/bin/sh
#
# To start the pf-syslog log catcher
#
what=syslog-ng
where=/usr/local/sbin
args=

KillProc()
{
  proc=$1
  sig=$2

  pid=`ps -xo pid,args | grep -v grep | grep $proc | awk '{print $1}'`

  if [ X$pid != X ]; then
 kill -$sig $pid
 echo $pid

  else
 echo Nothing to kill
  fi
}

case $1 in
start)
if [ -f $where/$what ]; then
echo Starting $what
/$where/$what $args
fi
;;
stop)
echo Stopping $what
KillProc $what TERM
exit 0
;;
*)
echo $0: Usage $0 start||stop 
;;
esac

exit 0

I have found over the years that this approach has a
lot of benefits and few drawbacks.

Introducing fresh admin staff to BSD is a lot easier
if they don't have to do the grep for PID
kill -TERM PID thing to stop a running service.
And of course look in /etc/rc.local,
work out how to start it then start it..

Believe it or not, I've had people reboot servers in
order to stop and start a service sigh..

ciao
dave
---
Dave Edwards

Re: Define hosts lookup for pf.conf

2007-09-18 Thread Edwards, David (JTS)

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 On Behalf Of pichi
 Sent: Tuesday, 18 September 2007 4:05 PM
 To: misc@openbsd.org
 Subject: Re: Define hosts lookup for pf.conf

 Dave,

 Thanks so much for your help. I have never touched perl but I
 will give it a try. Still, I have other questiones:

You're welcome.

 1. What software will I need to install on the firewalll in
 order for this script to work?

Perl is part of the default install.  If you save the script
somewhere in your path (/usr/local/bin/ works) and make it
executable (chmod 755 whatever_you_call_it.pl), then you will
be able to call it like:

# pfctl -s state | whatever_you_call_it.pl

 2. Is there any danger in having this kind of software on a publically
 accessable firewall?

Perl is kick-ass magic that once you're half way up
the learning curve, you wonder how the hell you ever
lived without it..

In my view, there is no risk in having it installed on a
firewall and there are many benefits.  Frankly I'd be
amazed if it isn't already there :-)

ciao
dave
---
Dave Edwards

Re: Define hosts lookup for pf.conf

2007-09-18 Thread Edwards, David (JTS)

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 On Behalf Of pichi
 Sent: Wednesday, 19 September 2007 12:52 AM
 To: misc@openbsd.org
 Subject: Re: Define hosts lookup for pf.conf

 The Socket module should also be there:

 $ perl -e 'use strict; use Socket; print(hello\n);'
 hello

Please try to keep track of who said what..  The above came
from a post by Richard Toohey [EMAIL PROTECTED]

 but it looks like I dont have the socket module becuase when I do:

 $perl -e

 I get:

 $No code specified for -e.

This is answered in another post..

Pedro, You probably won't get too much more hand-holding
here.  You really should have a good look at the tools
available to you before you post to this list.

man is your friend, google is your library index.

 How can I add that module, and again, is it safe for a publically
 accessable firewall?

I'm a bit worried about this term publicly accessible firewall,
it's a contradiction in terms.  Firewalls should be nearly invisible,
certainly not public ally accessible.

Perl and the enormous number of modules available for Perl are
tools that can be used on firewalls for administration and although
bare bones is a good way to build a firewall (from general
principles), you do need certain tools to manage it.  Perl is
one tool that I would miss greatly if it were removed.

Perl does not listen on the network so it cannot be attacked
directly.  Any risk is related to the ability of an
attacker to use Perl to their advantage after they have
already compromised your firewall.  If they own your
firewall, all bets are off and the lack of Perl is
unlikely to even slow them down.

Again, IMHO, there is no risk to installing Perl and
any modules you require on a firewall.

Having said that, it's good that you are cautious :-)

ciao
dave
---
Dave Edwards

On Tue, 2007-09-18 at 11:55 -0700, Can E. Acar wrote:
Theodore Tso wrote:
On Mon, Sep 17, 2007 at 03:06:37PM -0700, Can E. Acar wrote:
The only remaining issue is whether Nick Jiri have enough
original contributions to the code to be added to the Copyright.

I believe this needs to be resolved between Reyk and Nick and Jiri.

The main reason of Theo's message, linked earlier, was the
lack of response on this issue. It seems that the SFLC is
dismissing this issue,000d8b92-0010lling its resolution by the
developers.

OK, so all of this flaming, and digging up of licenses ripped off,
and chaff thrown up in the air, and moaning and bewailing about
theft, is now down to these two lines regarding Nick and Jiri:

Yes, quite an improvement, considering how it all started, dont you think?
Pity it took so much pushing and dragging to get people to do the right
thing.
There is just one little step to go. It is can not be that hard, can it?

Apparently.

* Copyright (c) 2004-2007 Reyk Floeter [EMAIL PROTECTED]
* Copyright (c) 2006-2007 Nick Kossifidis [EMAIL PROTECTED]
* Copyright (c) 2007 Jiri Slaby [EMAIL PROTECTED]
[snip rest of BSD license]

It's under a BSD license; what material difference does those two
lines make, for goodness sake? It's under a BSD license, so it's not
like anything won't be given back.

As a programmer, you sure would know what difference any two lines
would make on your program. When it comes to law, you seem to lose
that intuition.

Whether or not they have made
enough for changes is really a question for the lawyers, and may
differ from one jurisdiction to another
--- but whether or not they have now, or maybe will not make until later ---

Well, they can add their names *anywhere* in the whole file, *except*
these two lines. See, these lines have a whole different meaning
when it comes to laws. When they make sufficient contribution, they
sure can add their names. What is so difficult to understand here?

So, here is the actual commit of the code in Linville's wireless
networking development tree:

http://git.kernel.org/?p=linux/kernel/git/linville/wireless-dev.git;a=commitdiff;h=fb32e1730a91e39adcf06ed5254bfc5a65d17a9b

It I am not mistaken, it was Sunday afternoon, so probably 5/6 or more
of this thread consisting of more than 110 messages (according to my
inbox) to LKML was after this time.

As this already had the BSD license ...

Anyway, as for the changes, I am not going to check the original, but
from the first commit up to now is here:

http://git.kernel.org/?p=linux/kernel/git/linville/wireless-dev.git;a=blobdiff;f=drivers/net/wireless/ath5k_hw.c;h=e4cc307e9590a71bcc8542c45dbd2caf3f9e8fe5;hp=f273c42d4004b81597e7cfc5f7eec757a7c52910;hb=everything;hpb=fb32e1730a91e39adcf06ed5254bfc5a65d17a9b

Running a diffstat shows:

ath5k_hw.c | 344 +
1 file changed, 165 insertions(+), 179 deletions(-)

But not having the original version, and as the other two lines are
already present, I am not going to look closer at the changes.

snip

However, the question I wanted to ask, was this:

Can all those that still feel that there is a problem, please go and
look at the original, compare it to the current, and then determine (ie,
go ask a lawyer or some other appropriate person if need be) if the
changes is enough of a contribution *BEFORE* posting again?

Pretty please with sugar on top?

Thanks,

Re: Wasting our Freedom

2007-09-18 Thread Alan Cox

 sorry, but calling attribution claims of any sort petty is nothing
 short of dangerous ignorance.

Says a man who has a .sig of SDF Public Access UNIX System -
http://sdf.lonestar.org;

Well sdf.lonestar.org claims to be NetBSD so might I suggest your
dangerous ignorance starts at the Unix trademark.


And please take this where it belongs which is the relevant wireless
list. Better yet leave the dispute to those it actually involves, which
is not most of the OpenBSD community, nor the Linux kernel team, but a
small group of developers in the OpenBSD wireless world and a few people
in the ath5k GPL project.

Re: Simple startup daemon's on boot question?