Re: mount_cd9660 options
frantisek holop schrieb: the disc in question is a dvd... so it's udf and udf is considered to be a replacement of ISO 9660, and today is widely used for (re)writable optical media. DVDs can contain both filesystem's metadata and share the data. In fact, many Video DVDs are built that way. Regards, Patrick Georgi
Network Traffic statistics on IPSEC Interface
Hi, I want to collect IPSEC traffic statistics between two OpenBSD Routers . I tried using SNMP but I am unable to view the traffic on enc0 as it is a virtual interface. Is there any other tool which can provide the IPSEC interface traffic information. -Unni
Re: mount_cd9660 options
On Tue, Nov 13, 2007 at 09:58:20AM +, Jason McIntyre wrote: On Mon, Nov 12, 2007 at 10:00:13PM +0100, frantisek holop wrote: if you mount a cd9660 filesystem w/ -R (no rockridge extensions) you get norrip in the output. i don;t think you can specify this as a mount option though, so i'm not sure where we'd document this. well, there might be a NOTE(S) section in mount_cd9660... well we don;t have (officially) NOTES sections. it would have to be CAVEATS or BUGS, neither of which are suitable. it could go in -R, but according to you this comes from mounting a udf filesystem. The norrip flag is printed by mount(8), but it applies to cd9660 filesystems, not udf. You can see the flags that are applicable to the various mount_XXX options in mount.c:prmount(). These flags are not set via -o whatever, but by giving flags to the command itself. I think these flags should be documented in the various mount_xxx pages. -Otto
Re: mount_cd9660 options
On Mon, Nov 12, 2007 at 10:00:13PM +0100, frantisek holop wrote: if you mount a cd9660 filesystem w/ -R (no rockridge extensions) you get norrip in the output. i don;t think you can specify this as a mount option though, so i'm not sure where we'd document this. well, there might be a NOTE(S) section in mount_cd9660... well we don;t have (officially) NOTES sections. it would have to be CAVEATS or BUGS, neither of which are suitable. it could go in -R, but according to you this comes from mounting a udf filesystem. and i've meant to ask this for some time now: the disc in question is a dvd... so it's udf and udf is considered to be a replacement of ISO 9660, and today is widely used for (re)writable optical media. so if cd9660 != udf and one is the replacement of the other, i was wondering if mount_cd9660 might be overhauled a bit to reflect this situation... do you want to overhaul the functionality of mount_cd9660? in what way? jmc
Re: pf max-src-conn states
On 12.11-19:11, Henning Brauer wrote: [ ... ] 1. trying to use 'max-src-conn 1' to limit service to one connection per host (with overload table) but when i disconnect and re-reconnect i get blocked. should this state expire when correctly closed, allowing a second connection, or is the timeout needed? there is always a 2*MSL timeout - any better book covering TCP/IP basics should give you the plethora of reasons. thanks. will re-test and check. -- t t w
Re: HP Procurve or Soekris w. OpenBSD ?
On Mon, Nov 12, 2007 at 01:01:26PM +, Stuart Henderson wrote: On 2007/11/12 12:56, knitti wrote: Looking to manage several webservers I am wondering if anybody uses something like this: http://soekris.kd85.com/images/tn/dsc03600.med.jpg ? (That image shows Wim's net4801-50 plus quadport lan1641 firewall box, giving 7 ports with low powerconsumption - on OpenBSD) yes, it works fine. but see below. what sort of bandwidth / packets per second? ...that is the point. especially the pps rate and the estimated concurrent TCP sessions (concurrent visitors on the website) are important. a net4801 is able to handle more than 60MBit/s, but the real limitation is the supported number of pf states/sessions/... The standard choice in my datacenter (linux users mostly) seems to be HP Procurve but I'd prefer the power of PF. they're most likely switches. (Vantronix have a module for HP 5300xl switches that runs PF, though). for the record: http://www.vantronix.com/products/vtfw/xl1/ I don't know exactly the 4801, but I use a couple of 4501 as firewalls and IPSec-Routers for connections of up to 5 MBit/sec. Seeing the specs of the 4801 and knowing the 4501, I wouldn't use them for more than about 40-50 Mbit/sec. I feel 40-50M would be pushing it, given that you might like some overhead to allow for occasional heavy numbers of packets. 5501 might do better (maybe with a nic rather than the on-board vr). the net5501 is ok and the performance is much better. there was just some more work in the past to fix and optimize the sis driver and to tune OpenBSD support for the 45xx/48xxx. some more work needs to be done for the h/w in the net5501. I'd normally prefer a standard amd64/i386 box for a datacentre firewall though. I may change my mind when the net7501 eventually surfaces... and it would be great to have soekrises with redundant power supplies ;) it is not just the performance. reyk
Queuing for my homelan (which scheduler to use?)
Hi all, sadly I can't get more than ADSL3000 (3072kbit dl/384kbit ul) at home therefore I want to use queues on my 4.2 gateway. I seperated my lan into clients (10.1.0.0/24), wlan (10.1.16.0/24), servers (10.1.3.0/24) and some other, but they don't need internet access... I read http://www.openbsd.org/faq/pf/queueing.html and want to seperate traffic by: client_in (downloads originated by my own clients) client_out (uploads originated by my own clients) wlan_in (downloads originated by my and some others laptops) wlan_out (uploads originated by my and some others laptops) server_in (downloads originated by my servers) server_out (upload originated by my servers) icmp_out (don't disturb my pings...) mail_out (large mails sent by my mailrelay in the servers subnet shouldn't disturb eg. the one hit my website recieves a day ;) ) ssh_out (...) tcp_ack_out (...) I think the protocol specific queues should have a higher priority than the subnet specific ones. (?) What would be the best way to archive this? I am not sure which scheduler I should use in which combinations of priority and bandwidth. Any tips are really appreciated. -- Greetings Chris
Re: Logging bandwidth usage with PF
On Mon, Nov 12, 2007 at 11:52:08PM -0500, Jason Dixon scribbled: # On Nov 12, 2007, at 10:31 AM, Joel Gudknecht wrote: # # Misc list: # # I'm trying to figure out a way to log and analyze bandwidth usage # passing through my PF gateway. It's doing NAT for ~60 users. # How about argus? http://qosient.com/argus/ It reads netflow data; but also has its own powerful processing/storage engine. It does bidirectional flow analysis, where netflow only does it unidirectional. You may or may not want that, but I encourage you to look anyway. It's quite a bit easier to script. -- Jonathan Towne
PF problems
Hello, I had a Openbsd-4.0 as a firewall, updated for OpenBSD-4.2 and my rules are no longer working. Ex In my rules I have something like this: pass in quick pass from 10.1.0.0/16 to 10.1.100.0/24 keep state pass in quick pass from 10.1.0.0/16 to 10.1.100.0/24 keep state And at the end of the file I have this rule: block in log all The connection between these networks seem to be ok, but when the ip 10.1.1.78 tries to access the ip 10.1.100.210 on port 8080, the connection happens, but the return on this handshake is blocked, thus: Nov 13 04:15:09.477539 rule 2342 / (match) block in on bge1: 10.1.100.210.8080 10.1.1.148.2162: S 1099497881:1099497881 (0) ack 4184425031 win 5840 mss 1460, nop, nop, sackOK (DF) The rule 2342 is the last line of pf.conf, where I lock everything. Someone has idea what may be happening?
Re: PF problems
On Tue, 2007-11-13 at 14:17 -0200, Kleber Rocha wrote: 10.1.1.78 tries to access the ip 10.1.100.210 on port 8080, the If xl0 faces 10.1.1.0 (outside) and bge0 faces your local (inside) 10.1.100.0/24, then your pass in statement will create a state associated with inbound traffic. However, it will not automatically create an associated stateful outbound connection out/in your bge0. This is a common misunderstanding with pf(4) as a transit device. Default-block in policy routers have to have a default pass out keep state rule to get this PIX/ASA style behavior that most are used to. ~BAS
Re: PF problems
On 11/13/07, Kleber Rocha [EMAIL PROTECTED] wrote: I had a Openbsd-4.0 as a firewall, updated for OpenBSD-4.2 and my rules are no longer working. Ex In my rules I have something like this: pass in quick pass from 10.1.0.0/16 to 10.1.100.0/24 keep state These rules looks wrong. Regardless, 4.1 and higher keeps state by default so add flags S/SA or change the rule to something like: pass in quick from 10.1.0.0/16 to 10.1.100.0/24 And at the end of the file I have this rule: block in log all The connection between these networks seem to be ok, but when the ip 10.1.1.78 tries to access the ip 10.1.100.210 on port 8080, the connection happens, but the return on this handshake is blocked, thus: Nov 13 04:15:09.477539 rule 2342 / (match) block in on bge1: 10.1.100.210.8080 10.1.1.148.2162: S 1099497881:1099497881 (0) ack 4184425031 win 5840 mss 1460, nop, nop, sackOK (DF) The rule 2342 is the last line of pf.conf, where I lock everything.
Re: HP Procurve or Soekris w. OpenBSD ?
David Newman wrote: I was just about to ask about this. I've been very happy with Nexcom 1563s as pf firewalls, especially with the disk-on-chip. No moving parts is good. (And thanks misc@ for this recommendation.) But the Nexcoms have only 100Base-T interfaces and now I've got a requirement for gig boxes in a couple of data centers. Any recommendations for carp/pfsync hardware with these specs on each box? - - at least 3 x 1000Base-T (mandatory) - - disk on chip if possible (not mandatory) - - fanless (not mandatory) - - rack-mountable (not manadatory) Any reasonable RAM and CPU speed considered, in the context of pushing traffic at ~100-300 Mbit/s. Or am I better off just buying el cheapo PCs and relying on carp and pfsync for redundancy? I have been very pleased with my FWA-9106 from iBASE. http://www.ibt.ca/v2/items/fwa9106/index.html Mine have P4 CPU at 3.2GHz and 1GB of DDR400 (can take up to 4GB) NICs are 4 msk (Marvell 8053) and 2 em (Intel 82541) interfaces. There is also two PCI slots at the back and I believe a third at the front. /Jason
Re: Network Traffic statistics on IPSEC Interface
On Nov 13, 2007 3:50 PM, Puthanveetil Unnikrishnan [EMAIL PROTECTED] wrote: Hi, I want to collect IPSEC traffic statistics between two OpenBSD Routers . I tried using SNMP but I am unable to view the traffic on enc0 as it is a virtual interface. Is there any other tool which can provide the IPSEC interface traffic information. Unni, Try asking on http://www.benzedrine.cx/mailinglist.html http://bsd-india.org/maillist.html or https://honor.trusecure.com/mailman/listinfo/firewall-wizards If you get no response from here. From your first name I guess you are a mallu? nice to see another one here :-) Kind Regards Siju
Re: google team and the DIY way of life
On Nov 12, 2007 11:18 PM, Ted Unangst [EMAIL PROTECTED] wrote: On 11/11/07, Sean Darby [EMAIL PROTECTED] wrote: If anybody from the OpenBSD team ever works for Google, it will certainly be a very wise move on behalf of Google for hiring them. do the people currently working at google count? or does it have to be a new hire? Just heard of Neils Provos. Who else? just curious :-)) Kind Regards Siju
Re: Queuing for my homelan (which scheduler to use?)
Chris, It looks like you have quite a few questions. The obsd list will not write your firewall for you, but this should get you started in the right direction. Hierarchical Fair Service Curve (HFSC) of OpenBSD http://calomel.org/pf_hfsc.html -- Calomel @ http://calomel.org Open Source Research and Reference On Tue, Nov 13, 2007 at 01:34:06PM +0100, Chris Cohen wrote: Hi all, sadly I can't get more than ADSL3000 (3072kbit dl/384kbit ul) at home therefore I want to use queues on my 4.2 gateway. I seperated my lan into clients (10.1.0.0/24), wlan (10.1.16.0/24), servers (10.1.3.0/24) and some other, but they don't need internet access... I read http://www.openbsd.org/faq/pf/queueing.html and want to seperate traffic by: client_in (downloads originated by my own clients) client_out (uploads originated by my own clients) wlan_in (downloads originated by my and some others laptops) wlan_out (uploads originated by my and some others laptops) server_in (downloads originated by my servers) server_out (upload originated by my servers) icmp_out (don't disturb my pings...) mail_out (large mails sent by my mailrelay in the servers subnet shouldn't disturb eg. the one hit my website recieves a day ;) ) ssh_out (...) tcp_ack_out (...) I think the protocol specific queues should have a higher priority than the subnet specific ones. (?) What would be the best way to archive this? I am not sure which scheduler I should use in which combinations of priority and bandwidth. Any tips are really appreciated. -- Greetings Chris
Re: [OT] making Firefox respect telnet:// URLs
On Nov 12, 2007 7:21 PM, Linus Swdlas [EMAIL PROTECTED] wrote: On Mon, 12 Nov 2007 18:25:57 +0100, William Boshuck [EMAIL PROTECTED] wrote: On Mon, Nov 12, 2007 at 02:02:32AM +0100, Linus Swdlas wrote: On Mon, 12 Nov 2007 00:25:29 +0100, ropers [EMAIL PROTECTED] wrote: feel free to correct me. =) This kind of parameter substitution is in the POSIX 1 specification for sh. See the parameters section of the man page for sh(1). I stand corrected. ;) But I wouldn't, I'd let bash do it: Probably better to use sh, or ksh, since they are in OpenBSD by default, and are more than up to the task. OpenBSD's ksh is great, I've never bothered to check if it's available for Solaris for example. I've just assumed that it's not, and bash is. And I use Linux too, so, I personally prefer bash. =) Though in this case I agree with you, at least if he doesn't already have bash installed. =) These may be of interest: http://www.wormhole.hu/~ice/ksh/ http://www.mirbsd.org/?mksh DS
Re: OS not seeing all RAM (1GiB less)
C Thala wrote: What would cause an 4.1 machine running on a Dell PowerEdge 1950 to see only 3,220,439,040 bytes of RAM as opposed to the 4GB that it really has (confirmed by BIOS)? This: http://www.dansdata.com/askdan00015.htm should answer your question. While the article mentions Windows, the issue is with the x86 architecture.
Re: Queuing for my homelan (which scheduler to use?)
On Tuesday 13 November 2007 19:08:27 Calomel wrote: Chris, It looks like you have quite a few questions. Yep. The obsd list will not write your firewall for you, Of course not. but this should get you started in the right direction. Hierarchical Fair Service Curve (HFSC) of OpenBSD http://calomel.org/pf_hfsc.html Thanks, will read that tomorrow. -- Greetings Chris
problems with D-LINK USB PCI Adapter on sparc64 *solved in 4.2*
It works in 4.2. Thanks a lot for your help. /Joaquin -- Forwarded message -- From: Joaquin Herrero [EMAIL PROTECTED] Date: 08-nov-2007 15:33 Subject: problems with D-LINK USB PCI Adapter on sparc64 To: misc@openbsd.org ?Anyone has any idea about this...? Thanks. Joaqumn. On Nov 5 joakinen wrote... Hi everybody, I'm having problems with usb disks on my Sun Ultra 10 desktop. Last week I bought a D-Link DU-520 5-Port USB 2.0 PCI Ada pter for this machine. OpenBSD detected it without problems, and detects all the hardware I plug in this card. The probl em is that only the c partition is shown in disklabel, so I cannot mount the disks, as no i partition shows up. I give here details about the problem and the dmesg of the machine. Any comments appreciated. When I plug an external USB disk this is what is logged on /var/log/messages: umass0 at uhub2 port 4 configuration 1 interface 0 umass0: Lacie Group. SA Lacie Mobile Drive, rev 2.00/0.01, addr 2 umass0: using SCSI over Bulk-Only scsibus3 at umass0: 2 targets sd0 at scsibus3 targ 1 lun 0: SAMSUNG, MP0804H, SCSI0 0/direct fixed sd0: 76351MB, 76351 cyl, 64 head, 32 sec, 512 bytes/sec, 156368016 sec total This is the disklabel output for that disk: # disklabel sd0 # /dev/rsd0c: type: SCSI disk: SCSI disk label: MP0804H flags: bytes/sector: 512 sectors/track: 32 tracks/cylinder: 64 sectors/cylinder: 2048 cylinders: 76351 total sectors: 156368016 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 3 partitions: # sizeoffset fstype [fsize bsize cpg] c: 156368016 0 unused 0 0 # Cyl 0 - 76351* disklabel: warning, partition c: size % cylinder-size != 0 There's no i partition, so I cannot mount it. Same happens with any usb disk I've tried. For example, this is the log for a usb flash disk: umass0 at uhub2 port 2 configuration 1 interface 0 umass0: vendor 0x0930 USB Flash Memory, rev 2.00/1.00, addr 2 umass0: using SCSI over Bulk-Only scsibus3 at umass0: 2 targets sd0 at scsibus3 targ 1 lun 0: , USB Flash Memory, 1.00 SCSI2 0/direct removable sd0: 978MB, 978 cyl, 64 head, 32 sec, 512 bytes/sec, 2002944 sec total and this is the disklabel output: # disklabel sd0 # /dev/rsd0c: type: SCSI disk: SCSI disk label: USB Flash Memory flags: bytes/sector: 512 sectors/track: 32 tracks/cylinder: 64 sectors/cylinder: 2048 cylinders: 978 total sectors: 2002944 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 3 partitions: # sizeoffset fstype [fsize bsize cpg] c: 2002944 0 unused 0 0 # Cyl 0 - 977 In this case there's no warning, but no sd0i partition. Here is the dmesg: console is keyboard/display Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2007 OpenBSD. All rights reserved. http://www.OpenBSD.org http://www.openbsd.org/ OpenBSD 4.1 (GENERIC) #1099: Sat Mar 10 19:18:09 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/sparc64/compile/GENERIC total memory = 1073741824 avail memory = 969736192 using 6553 buffers containing 53682176 bytes of memory bootpath: /[EMAIL PROTECTED],0/[EMAIL PROTECTED] ,1/[EMAIL PROTECTED],0/[EMAIL PROTECTED],0 mainbus0 (root): Sun Ultra 5/10 UPA/PCI (UltraSPARC-IIi 440MHz) cpu0 at mainbus0: SUNW,UltraSPARC-IIi (rev 9.1) @ 440 MHz, version 0 FPU cpu0: physical 16K instruction (32 b/l), 16K data (32 b/l), 2048K external (64 b/l) psycho0 at mainbus0 addr 0xfffc4000: SUNW,sabre, impl 0, version 0, ign 7c0 psycho0: bus range 0-3, PCI bus 0 psycho0: dvma map c000-dfff, iotdb 534c000-53cc000 pci0 at psycho0 ppb0 at pci0 dev 1 function 1 Sun Simba PCI-PCI rev 0x13 pci1 at ppb0 bus 1 ebus0 at pci1 dev 1 function 0 Sun PCIO EBus2 rev 0x01 auxio0 at ebus0 addr 726000-726003, 728000-728003, 72a000-72a003, 72c000-72c003, 72f000-72f003 power0 at ebus0 addr 724000-724003 ipl 37 SUNW,pll at ebus0 addr 504000-504002 not configured sab0 at ebus0 addr 40-40007f ipl 43: rev 3.2 sabtty0 at sab0 port 0 sabtty1 at sab0 port 1 comkbd0 at ebus0 addr 3083f8-3083ff ipl 41: layout 42 wskbd0 at comkbd0: console keyboard com0 at ebus0 addr 3062f8-3062ff ipl 42: mouse: ns16550a, 16 byte fifo lpt0 at ebus0 addr 3043bc-3043cb, 30015c-30015d, 70-7f ipl 34: polled fdthree at ebus0 addr 3023f0-3023f7, 706000-70600f, 72-720003 ipl 39 not configured clock1 at ebus0 addr 0-1fff: mk48t59 flashprom at ebus0 addr 0-f not configured audioce0 at ebus0 addr 20-2000ff, 702000-70200f, 704000-70400f, 722000-722003 ipl 35 ipl 36: nvaddrs 0 audio0 at audioce0 hme0 at pci1 dev 1 function 1 Sun HME rev 0x01: ivec 0x7e1, address 08:00:20:fe:3f:6c nsphy0 at hme0 phy 1: DP83840
Linksys WMP54G does not work properly
Hi experts! I am working with a Linksys WMP54G Wireless-G PCI Adapter under OpenBSD 4.1. When I launch dhclient ral0 it works perfectly (or assign directly and ip address using ifconfig). However the problem arrive some seconds later, that are changed the flags from ral0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST to ral0: flags=8c43UP,BROADCAST,RUNNING,OACTIVE,SIMPLEX,MULTICAST and the wireless card does not continue working. I need then to launch ifconfig ral0 down dhclient ral0 (or assign the IP using ifconfig). Is this a known issue? is a possible bug? or should I force some specific parameters in my wireless card? Below included ifconfig when the wireless card is working correctly and some seconds/minutes later when it does not work: Log ifconfig when wireless card is working fine: # ifconfig lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33224 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 re0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:1a:4d:4c:18:b1 media: Ethernet autoselect (10baseT half-duplex) status: no carrier ral0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:1a:70:ac:9d:85 groups: wlan egress media: IEEE802.11 autoselect (OFDM54 mode 11g) status: active ieee80211: nwid blackhats.es chan 11 bssid 00:1a:70:97:aa:c0 49dB 100dBm inet6 fe80::21a:70ff:feac:9d85%ral0 prefixlen 64 scopeid 0x2 inet 192.168.1.101 netmask 0xff00 broadcast 192.168.1.255 pflog0: flags=0 mtu 33224 enc0: flags=0 mtu 1536 Log ifconfig when wireless card is NOT working fine: # ifconfig lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33224 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 re0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:1a:4d:4c:18:b1 media: Ethernet autoselect (10baseT half-duplex) status: no carrier ral0: flags=8c43UP,BROADCAST,RUNNING,OACTIVE,SIMPLEX,MULTICAST mtu 1500 lladdr 00:1a:70:ac:9d:85 groups: wlan egress media: IEEE802.11 autoselect (OFDM54 mode 11g) status: active ieee80211: nwid blackhats.es chan 11 bssid 00:1a:70:97:aa:c0 50dB 100dBm inet6 fe80::21a:70ff:feac:9d85%ral0 prefixlen 64 scopeid 0x2 inet 192.168.1.101 netmask 0xff00 broadcast 192.168.1.255 pflog0: flags=0 mtu 33224 enc0: flags=0 mtu 1536 # dmesg command output included to have more possible clues: OpenBSD 4.1 (overdrivemp) #5: Mon Nov 5 02:38:33 GMT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/overdrivemp cpu0: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR real mem = 2145873920 (2095580K) avail mem = 1952587776 (1906824K) using 4278 buffers containing 107417600 bytes (104900K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+ BIOS, date 05/11/07, BIOS32 rev. 0 @ 0xfb710, SMBIOS rev. 2.4 @ 0xf0100 (40 entries) bios0: Gigabyte Technology Co., Ltd. P35-DS3P apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 3.0 @ 0xf/0xded4 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdd90/288 (16 entries) pcibios0: PCI Exclusive IRQs: 3 5 6 9 10 11 pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801GH LPC rev 0x00) pcibios0: PCI bus #5 is the last bus bios0: ROM list: 0xc/0xf600 acpi at mainbus0 not configured mainbus0: Intel MP Specification (Version 1.4) cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 266 MHz cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR cpu2 at mainbus0: apid 3 (application processor) cpu2: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu2: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR cpu3 at mainbus0: apid 1 (application processor) cpu3: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz cpu3: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR mainbus0: bus 0 is type PCI mainbus0: bus 1 is type PCI mainbus0: bus 2 is type PCI mainbus0: bus 3 is type PCI
Re: uvm_fault crash on fresh 4.2
Jeff Quast [EMAIL PROTECTED] wrote: On Nov 12, 2007 7:25 PM, Nick Guenther [EMAIL PROTECTED] wrote: I just installed an old compaq desktop that I intend to use as a Stopped at pmap_enter+0xaf:movl0(%edx,%eax,4),%eax ddb trace pmap_enter(d69c7a2c, 1c022000, 2353000,5,20,1c027000,da433ea4,0) at pmap_enter+0xaf uvm_fault(d687875c,1c023000,0,1,da3efea0) at uvm_fault+0xd0c trap() at trap+0x269 every fault i've had in the area of pmap on i386 has been due to bad ram, at least 6 or more times in my experience with garbage resecued machines. There's a pretty quick knee-jerk reaction on this list that your hardware is bad even when the problem isn't obvious. However, i'd have to agree here. Chris
OT: OpenBSD on Asus eeePC
Andreas Maus wrote: Did anyone try to run OpenBSD on Asus new small eeePC? Output of /proc/cpuinfo (1) and lspci (2) can be found here: (1) http://scr3.golem.de/?d=0711/Eee-Testa=55901s=9 (2) http://scr3.golem.de/?d=0711/Eee-Testa=55901s=10 4 GB Flashdrive and 512MB+ RAM is enough and the CPU is a simple Celeron ... O.K. the Atheros (LAN and WLAN) adapters may be the problem ... So did anyone tried to install OpenBSD on it ? Will it work (of couse! ;) ) but has anyone experience about the nonworking devices ? (esp. the mentioned LAN/WLAN adapters) Looks like WLAN is Atheros 5212 which is ath(4) under OpenBSD. See here http://forums.bsdnexus.com/viewtopic.php?pid=16360#p16360 About LAN. I think it is Attansic/Atheros L2. It is unsupported as of 4.2 and -current. There are linux drivers: Attansic L1 Gigabit (also can be found on ASUS P5K mainboards) http://atl1.sourceforge.net/ Attansic L2 10/100 (also can be found on ASUS F5R laptops) http://lwn.net/Articles/218588/ Btw, Attansic drivers (according to source code and module naming) are somehow based on (derived from) Intel drivers. Ask developers. Maybe these drivers are easy to port if you'll donate couple of Eee-PCs. They are so cheap :) - Alexey.
Re: OT: OpenBSD on Asus eeePC
Full dmesg and lspci http://www.fabianrodriguez.com/blog/archives/2007/10/26/ubuntu-710-gibbon-swings-on-the-asus-eee/ - Alexey. On Nov 14, 2007 1:02 AM, Alexey Suslikov [EMAIL PROTECTED] wrote: Andreas Maus wrote: Did anyone try to run OpenBSD on Asus new small eeePC? Output of /proc/cpuinfo (1) and lspci (2) can be found here: (1) http://scr3.golem.de/?d=0711/Eee-Testa=55901s=9 (2) http://scr3.golem.de/?d=0711/Eee-Testa=55901s=10 4 GB Flashdrive and 512MB+ RAM is enough and the CPU is a simple Celeron ... O.K. the Atheros (LAN and WLAN) adapters may be the problem ... So did anyone tried to install OpenBSD on it ? Will it work (of couse! ;) ) but has anyone experience about the nonworking devices ? (esp. the mentioned LAN/WLAN adapters) Looks like WLAN is Atheros 5212 which is ath(4) under OpenBSD. See here http://forums.bsdnexus.com/viewtopic.php?pid=16360#p16360 About LAN. I think it is Attansic/Atheros L2. It is unsupported as of 4.2 and -current. There are linux drivers: Attansic L1 Gigabit (also can be found on ASUS P5K mainboards) http://atl1.sourceforge.net/ Attansic L2 10/100 (also can be found on ASUS F5R laptops) http://lwn.net/Articles/218588/ Btw, Attansic drivers (according to source code and module naming) are somehow based on (derived from) Intel drivers. Ask developers. Maybe these drivers are easy to port if you'll donate couple of Eee-PCs. They are so cheap :) - Alexey.
Re: OT: OpenBSD on Asus eeePC
On 2007/11/14 01:02, Alexey Suslikov wrote: Looks like WLAN is Atheros 5212 which is ath(4) under OpenBSD. See here http://forums.bsdnexus.com/viewtopic.php?pid=16360#p16360 The disassembly photos I saw showed a AR5BXB63, based on AR5007 or something.
Re: Linksys WMP54G does not work properly
On 11/13/07, Borja Tarraso [EMAIL PROTECTED] wrote: I am working with a Linksys WMP54G Wireless-G PCI Adapter under OpenBSD 4.1. When I launch dhclient ral0 it works perfectly (or assign directly and ip address using ifconfig). However the problem arrive some seconds later, that are changed the flags from ral0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST to ral0: flags=8c43UP,BROADCAST,RUNNING,OACTIVE,SIMPLEX,MULTICAST and the wireless card does not continue working. I need then to launch ifconfig ral0 down dhclient ral0 (or assign the IP using ifconfig). Unfortunately I've run into a similar problem, but I don't know how to resolve it. As such, I've given up on ral and moved to pgt as it works a bit better. Details on my issue: http://marc.info/?t=11938185784r=1w=2 http://marc.info/?t=11801456182r=1w=2
Re: OT: OpenBSD on Asus eeePC
lsusb (as found in web) Bus 005 Device 003: ID eb1a:2761 eMPIA Technology, Inc. Bus 005 Device 002: ID 0cf2:6225 ENE Technology, Inc. Bus 005 Device 001: ID : Bus 004 Device 001: ID : Bus 003 Device 001: ID : Bus 002 Device 001: ID : Bus 001 Device 001: ID : 0cf2:6225 ENE Technology, Inc. is probably an SD controller and eb1a:2761 eMPIA Technology, Inc. is probably a web-camera. - Alexey. On Nov 14, 2007 1:29 AM, Alexey Suslikov [EMAIL PROTECTED] wrote: Full dmesg and lspci http://www.fabianrodriguez.com/blog/archives/2007/10/26/ubuntu-710-gibbon-swings-on-the-asus-eee/ - Alexey. On Nov 14, 2007 1:02 AM, Alexey Suslikov [EMAIL PROTECTED] wrote: Andreas Maus wrote: Did anyone try to run OpenBSD on Asus new small eeePC? Output of /proc/cpuinfo (1) and lspci (2) can be found here: (1) http://scr3.golem.de/?d=0711/Eee-Testa=55901s=9 (2) http://scr3.golem.de/?d=0711/Eee-Testa=55901s=10 4 GB Flashdrive and 512MB+ RAM is enough and the CPU is a simple Celeron ... O.K. the Atheros (LAN and WLAN) adapters may be the problem ... So did anyone tried to install OpenBSD on it ? Will it work (of couse! ;) ) but has anyone experience about the nonworking devices ? (esp. the mentioned LAN/WLAN adapters) Looks like WLAN is Atheros 5212 which is ath(4) under OpenBSD. See here http://forums.bsdnexus.com/viewtopic.php?pid=16360#p16360 About LAN. I think it is Attansic/Atheros L2. It is unsupported as of 4.2 and -current. There are linux drivers: Attansic L1 Gigabit (also can be found on ASUS P5K mainboards) http://atl1.sourceforge.net/ Attansic L2 10/100 (also can be found on ASUS F5R laptops) http://lwn.net/Articles/218588/ Btw, Attansic drivers (according to source code and module naming) are somehow based on (derived from) Intel drivers. Ask developers. Maybe these drivers are easy to port if you'll donate couple of Eee-PCs. They are so cheap :) - Alexey.
Daily insecurity report and drop priv accounts for handling automated tasks
Hi all, I've been wondering how to deal with this particular issue for quite some time now, and I can't find any references to the right way(TM) to handle it. I always prefer to run automated tasks as limited privilege users on my OpenBSD hosts - such as tasks that pull files across from other hosts, and other such nightly tasks. To make this work the drop priv user account needs a shell and a home dir (for SSH keys etc), and has no need for a password. However this causes the /etc/security script to generate warnings every night such as, Login nightlysync is off but still has a valid shell and alternate access files in home directory are still readable. The tasks that this user performs are scheduled through cron. Is there a better way for me to be setting up these kinds of tasks so that this warning doesn't get raised ? Or is the warning spurious ? Cheers Dave
Re: OT: OpenBSD on Asus eeePC
Maybe different Eee-PC models? If I understand correctly, AR5007 solution is based on AR2417 chip. AR5006 is based on AR5424. And this is mini-PCI so ASUS can plug anything... - Alexey. On Nov 14, 2007 1:45 AM, Stuart Henderson [EMAIL PROTECTED] wrote: On 2007/11/14 01:02, Alexey Suslikov wrote: Looks like WLAN is Atheros 5212 which is ath(4) under OpenBSD. See here http://forums.bsdnexus.com/viewtopic.php?pid=16360#p16360 The disassembly photos I saw showed a AR5BXB63, based on AR5007 or something.
Re: Network Traffic statistics on IPSEC Interface
Unni, Try asking on http://www.benzedrine.cx/mailinglist.html http://bsd-india.org/maillist.html or https://honor.trusecure.com/mailman/listinfo/firewall-wizards Thanks Siju for the Links . Girish suggested me to try out pf labels and pfflowd .I tried both the options and I found the pfflowd to be more usefull to my environment.I can generate trend graphs using the following tools pfflowd/flow-tools/Flowscan/CUGrapher .This setup was adapted from the following tutorial http://www.dynamicnetworks.us/netflow/ .
4.2 firewall freezes up
I am having problems with a pair of firewall machines which keep on freezing up. I have just installed 4.2 on them, and previously they were running freebsd 6.2 for about a year without any problems. Basically the machine becomes unresponsive to anything, but there is no panic screen or anything like that, and it also does not release its carp ip's, I have to actually pull the power before the backup firewall takes over. Any ideas on this? Thanks, Josh OpenBSD 4.2 (GENERIC) #375: Tue Aug 28 10:38:44 MDT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium III (GenuineIntel 686-class, 512KB L2 cache) 498 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE real mem = 268005376 (255MB) avail mem = 251502592 (239MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 02/10/99, BIOS32 rev. 0 @ 0xec700, SMBIOS rev. 2.1 @ 0xf1941 (48 entries) bios0: vendor Compaq version 686T5 date 02/10/99 bios0: Compaq Deskpro EN Series SFF apm0 at bios0: Power Management spec V1.2 (BIOS managing devices) apm0: AC on, battery charge unknown apm0: flags 130102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xec700/0x3900 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf75d0/112 (5 entries) pcibios0: PCI Interrupt Router at 000:20:0 (Intel 82371AB PIIX4 ISA rev 0x00) pcibios0: PCI bus #3 is the last bus bios0: ROM list: 0xc/0x8000 0xe/0x8000! cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Rage Pro rev 0x5c wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) fxp0 at pci0 dev 10 function 0 Intel 8255x rev 0x05, i82558: irq 11, address 00:50:8b:a5:00:fd inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 0 ppb1 at pci0 dev 13 function 0 DEC 21152 PCI-PCI rev 0x03 pci2 at ppb1 bus 2 fxp1 at pci2 dev 4 function 0 Intel 8255x rev 0x05, i82558: irq 11, address 00:50:8b:66:5b:4e inphy1 at fxp1 phy 1: i82555 10/100 PHY, rev. 0 fxp2 at pci2 dev 5 function 0 Intel 8255x rev 0x05, i82558: irq 11, address 00:50:8b:66:5b:4f inphy2 at fxp2 phy 1: i82555 10/100 PHY, rev. 0 ppb2 at pci0 dev 14 function 0 DEC 21152 PCI-PCI rev 0x03 pci3 at ppb2 bus 3 fxp3 at pci3 dev 4 function 0 Intel 8255x rev 0x05, i82558: irq 11, address 00:50:8b:66:29:1e inphy3 at fxp3 phy 1: i82555 10/100 PHY, rev. 0 fxp4 at pci3 dev 5 function 0 Intel 8255x rev 0x05, i82558: irq 11, address 00:50:8b:66:29:1f inphy4 at fxp4 phy 1: i82555 10/100 PHY, rev. 0 piixpcib0 at pci0 dev 20 function 0 Intel 82371AB PIIX4 ISA rev 0x02 pciide0 at pci0 dev 20 function 1 Intel 82371AB IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: QUANTUM FIREBALL CR6.4A wd0: 16-sector PIO, LBA, 6149MB, 12594960 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) uhci0 at pci0 dev 20 function 2 Intel 82371AB USB rev 0x01: irq 11 piixpm0 at pci0 dev 20 function 3 Intel 82371AB Power rev 0x02: SMI iic0 at piixpm0 admtemp0 at iic0 addr 0x4c: adm1021 isa0 at piixpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 sb0 at isa0 port 0x220/24 irq 5 drq 1: dsp v3.01 midi0 at sb0: SB MIDI UART audio0 at sb0 opl0 at sb0: model OPL3 midi1 at opl0: SB Yamaha OPL3 pcppi0 at isa0 port 0x61 midi2 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec usb0 at uhci0: USB revision 1.0 uhub0 at usb0: Intel UHCI root hub, rev 1.00/1.00, addr 1 biomask ef45 netmask ef45 ttymask ffc7 pctr: 686-class user-level performance counters enabled mtrr: Pentium Pro MTRR support dkcsum: wd0 matches BIOS drive 0x80 root on wd0a swap on wd0b dump on wd0b
Re: Daily insecurity report and drop priv accounts for handling automated tasks
Dave Harrison wrote: Hi all, I've been wondering how to deal with this particular issue for quite some time now, and I can't find any references to the right way(TM) to handle it. I always prefer to run automated tasks as limited privilege users on my OpenBSD hosts - such as tasks that pull files across from other hosts, and other such nightly tasks. To make this work the drop priv user account needs a shell and a home dir (for SSH keys etc), and has no need for a password. However this causes the /etc/security script to generate warnings every night such as, Login nightlysync is off but still has a valid shell and alternate access files in home directory are still readable. The tasks that this user performs are scheduled through cron. Is there a better way for me to be setting up these kinds of tasks so that this warning doesn't get raised ? Or is the warning spurious ? here's my way of squishing those messages: * create the user, give it a non-trivial (but easy to type) PW. This is often useful in the development stage anyway. Don't use a trivial password in case you forget to do the next step... * When ready to kill the PW, rather than clearing it, by putting a few repeated chars in the encrypted PW string, for example, , using vipw. You now have an account that technically has a PW, but it is unlikely anyone will find something that hashes to the string you created. The string probably has the wrong number of characters anyway. Daily is happy, you are happy, and no one can log in. ...you hope. Here's a problem. You may want to be aware of funny accounts on your system. Let's say you kill a password as I suggested, then your evil co-administrator, Bob, decides he wants to keep having access to this machine after he quits. So, he quietly does a chpass on that account, then puts in his resignation. You run around and delete all his accounts, and think, Job done. Bob now logs into that account, and uses the ssh key he also dropped in place to get wherever he wanted to go (assuming a little pre- planning, of course). So, you might WANT to have as part of your daily routine verifying that you have X insecurity reports, and that they are there for the reasons you expect. 'course, that's hardly the only attack vector. If seeing Insecurity Report freaks your boss out, you might find it safer to eliminate the report (Windows never tells me how insecure it is, so it must be better!). Otherwise, treat it as just part of your daily mails. (Interestingly, your subject line auto-filed your message into my Insecurity Reports folder, and it rather concerned me that a new message suddenly arrived there. :) Nick.
Re: Daily insecurity report and drop priv accounts for handling automated tasks
Dave, In our backup environment the backup user needs a shell and home dir for ssh keys as you described. The passwd is disabled and ssh keys are required. We also limit access to the backup user to specific source ip addresses like the backup server. We also use ssh wrappers. Using the command argument in the ssh keys file you can have a script check what command is being run. The backup user only needs to accept rsync so that is what we are validating. If any other command is run or if a shell is requested the connection is denied. This is a link to the explanation of our backup methodology and at the bottom is an example of the rsync wrapper script. Rsync remote files to backup server http://calomel.org/backup_server_rsync.html As Nick explained, if you have untrustworthy admins any setup can be compromised. I suggest writing a script to execute a simple command like ls using the backup user. If ls is successful, the wrapper in not working. If anyone has any other recommendations I would be interested in hearing about them. There is always room for improvement. -- Calomel @ http://calomel.org Open Source Research and Reference On Tue, Nov 13, 2007 at 10:17:07PM -0500, Nick Holland wrote: Dave Harrison wrote: Hi all, I've been wondering how to deal with this particular issue for quite some time now, and I can't find any references to the right way(TM) to handle it. I always prefer to run automated tasks as limited privilege users on my OpenBSD hosts - such as tasks that pull files across from other hosts, and other such nightly tasks. To make this work the drop priv user account needs a shell and a home dir (for SSH keys etc), and has no need for a password. However this causes the /etc/security script to generate warnings every night such as, Login nightlysync is off but still has a valid shell and alternate access files in home directory are still readable. The tasks that this user performs are scheduled through cron. Is there a better way for me to be setting up these kinds of tasks so that this warning doesn't get raised ? Or is the warning spurious ? here's my way of squishing those messages: * create the user, give it a non-trivial (but easy to type) PW. This is often useful in the development stage anyway. Don't use a trivial password in case you forget to do the next step... * When ready to kill the PW, rather than clearing it, by putting a few repeated chars in the encrypted PW string, for example, , using vipw. You now have an account that technically has a PW, but it is unlikely anyone will find something that hashes to the string you created. The string probably has the wrong number of characters anyway. Daily is happy, you are happy, and no one can log in. ...you hope. Here's a problem. You may want to be aware of funny accounts on your system. Let's say you kill a password as I suggested, then your evil co-administrator, Bob, decides he wants to keep having access to this machine after he quits. So, he quietly does a chpass on that account, then puts in his resignation. You run around and delete all his accounts, and think, Job done. Bob now logs into that account, and uses the ssh key he also dropped in place to get wherever he wanted to go (assuming a little pre- planning, of course). So, you might WANT to have as part of your daily routine verifying that you have X insecurity reports, and that they are there for the reasons you expect. 'course, that's hardly the only attack vector. If seeing Insecurity Report freaks your boss out, you might find it safer to eliminate the report (Windows never tells me how insecure it is, so it must be better!). Otherwise, treat it as just part of your daily mails. (Interestingly, your subject line auto-filed your message into my Insecurity Reports folder, and it rather concerned me that a new message suddenly arrived there. :) Nick.
Re: OT: OpenBSD on Asus eeePC
On 14/11/2007, at 6:55 AM, Andreas Maus wrote: Did anyone try to run OpenBSD on Asus new small eeePC? Just fired up a flashboot image from usb running 4.1 bsd.rd: OpenBSD 4.1-stable (GENERIC-RD) #0: Thu Aug 16 17:15:55 CEST 2007 [EMAIL PROTECTED]:/home/rd/flashboot/flashboot/obj/GENERIC-RD cpu0: Intel(R) Celeron(R) M processor 900MHz (GenuineIntel 686- class) 631 MHz cpu0: FPU ,V86 ,DE ,PSE ,TSC ,MSR ,MCE ,CX8 ,APIC ,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF real mem = 527527936 (515164K) avail mem = 455950336 (445264K) using 4278 buffers containing 26501120 bytes (25880K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+ BIOS, date 10/17/07, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.5 @ 0xf06c0 (37 entries) bios0: ASUSTeK Computer INC. 701 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 3.0 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf76a0/176 (9 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801FB LPC rev 0x00) pcibios0: PCI bus #5 is the last bus bios0: ROM list: 0xc/0xf800! acpi at mainbus0 not configured cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82915GM/PM/GMS Host rev 0x04 vga1 at pci0 dev 2 function 0 Intel 82915GM/GMS Video rev 0x04: aperture at 0xf7f0, size 0x1000 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) Intel 82915GM/GMS Video rev 0x04 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801FB HD Audio rev 0x04: irq 5 azalia0: host: High Definition Audio rev. 1.0 azalia0: codec: 0x04x/0x10ec (rev. 1.1), HDA version 1.0 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801FB PCIE rev 0x04 pci1 at ppb0 bus 4 ppb1 at pci0 dev 28 function 1 Intel 82801FB PCIE rev 0x04 pci2 at ppb1 bus 3 vendor Attansic Technology, unknown product 0x2048 (class network subclass ethernet, rev 0xa0) at pci2 dev 0 function 0 not configured ppb2 at pci0 dev 28 function 2 Intel 82801FB PCIE rev 0x04 pci3 at ppb2 bus 1 ath0 at pci3 dev 0 function 0 Atheros AR5424 rev 0x01: irq 10 ath0: AR5424 14.2 phy 7.0 rf 0.0, WOR0W, address 00:15:af:3f:70:3b uhci0 at pci0 dev 29 function 0 Intel 82801FB USB rev 0x04: irq 7 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801FB USB rev 0x04: irq 3 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801FB USB rev 0x04: irq 10 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 29 function 3 Intel 82801FB USB rev 0x04: irq 5 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ppb3 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xd4 pci4 at ppb3 bus 5 ichpcib0 at pci0 dev 31 function 0 Intel 82801FBM LPC rev 0x04: PM disabled pciide0 at pci0 dev 31 function 2 Intel 82801FBM SATA rev 0x04: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 1 drive 0: SILICONMOTION SM223AC wd0: 1-sector PIO, LBA, 3815MB, 7815024 sectors wd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4 ichiic0 at pci0 dev 31 function 3 Intel 82801FB SMBus rev 0x04: irq 3 iic0 at ichiic0 isa0 at ichpcib0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 biomask effd netmask effd ttymask rd0: fixed, 30720 blocks pctr: 686-class user-level performance counters enabled mtrr: Pentium Pro MTRR support umass0 at uhub0 port 2 configuration 1 interface 0ugen0 at uhub3 port 2 ugen0: vendor 0xeb1a product 0x2761, rev 2.00/8.21, addr 2
Connectivity Issues with Linksys 802.11 USB Adapter
Hi guys, I have a Linksys WUSB11 v2.8 802.11 USB wireless adapter on a fresh OpenBSD 4.2 install. It is recognized as an atu0 device. Internally it works great. I can ping all of the IPs inside the gateway (and ping the gateway) and browse to internal web sites, etc. Externally, I have no connectivity on atu0, but I can get outside on my wired (fxp0) interface. Here's the relevant portion of my ifconfig with the wired (fxp0) interface down: fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:8b:67:04:60 groups: egress media: Ethernet autoselect (none) status: no carrier inet 192.168.0.254 netmask 0xff00 broadcast 192.168.0.255 inet6 fe80::250:8bff:fe67:460%fxp0 prefixlen 64 scopeid 0x1 atu0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:0c:41:56:f4:30 groups: wlan egress media: IEEE802.11 autoselect (DS1 mode 11b) status: active ieee80211: nwid NETGEAR chan 11 bssid 00:0f:b5:c5:31:7e 87% inet 192.168.0.127 netmask 0xff00 broadcast 192.168.0.255 inet6 fe80::20c:41ff:fe56:f430%atu0 prefixlen 64 scopeid 0x4 I've tried adding atu0 to the 'egress' group, but still no go. Any ideas? Thanks, Brad -- View this message in context: http://www.nabble.com/Connectivity-Issues-with-Linksys-802.11-USB-Adapter-tf4802127.html#a13739799 Sent from the openbsd user - misc mailing list archive at Nabble.com.
ospfd errors
Hi, I was wondering if anyone could offer any solution to this OSPFD error when it starts up: ospfd[11601]: send_packet: error sending packet on interface em0: No route to host It says there is no route to host for every interface defined in ospfd.conf This is using the default config on an OpenBSD 4.0 amd64 install. (Note, ip forwarding and ip multicast forwarding are enabled) Thanks, Linden.
Mising dependencies expat.8.0
Hello. I'm trying to add vim package and I'm getting following error: Can't install gettext-0.14.6p0: lib not found expat.8.0 Dependencies for gettext-0.14.6p0 resolve to: libiconv-1.9.2p3 Full dependency tree is libiconv-1.9.2p3 Can't install vim-7.1.33-no_x11: can't resolve gettext-0.14.6p0 I didn't find expat.8.0 on any server. So, is this dependency ok? Regards. -- Rafal Brodewicz [EMAIL PROTECTED]
Re: Mising dependencies expat.8.0
Rafa3 Brodewicz wrote: I didn't find expat.8.0 on any server. So, is this dependency ok? did you install xbase? http://openbsd.org/faq/upgrade42.html#libexpat
Re: HP Procurve or Soekris w. OpenBSD ?
: I was just about to ask about this. I've been very happy with Nexcom 1563s as pf firewalls, especially with the disk-on-chip. No moving parts is good. (And thanks misc@ for this recommendation.) But the Nexcoms have only 100Base-T interfaces and now I've got a requirement for gig boxes in a couple of data centers. Any recommendations for carp/pfsync hardware with these specs on each box? - - at least 3 x 1000Base-T (mandatory) - - disk on chip if possible (not mandatory) - - fanless (not mandatory) - - rack-mountable (not manadatory) Any reasonable RAM and CPU speed considered, in the context of pushing traffic at ~100-300 Mbit/s. Or am I better off just buying el cheapo PCs and relying on carp and pfsync for redundancy? I have been very pleased with my FWA-9106 from iBASE. http://www.ibt.ca/v2/items/fwa9106/index.html Mine have P4 CPU at 3.2GHz and 1GB of DDR400 (can take up to 4GB) NICs are 4 msk (Marvell 8053) and 2 em (Intel 82541) interfaces. There is also two PCI slots at the back and I believe a third at the front. These look like an updated version of the embedded machines I bought from Portwell a few years ago. (2GHz P4 Celeron, 4 x em + 2 x fxp, CF, etc, etc)
Re: OT: OpenBSD on Asus eeePC
Jacob Winther wrote: On 14/11/2007, at 6:55 AM, Andreas Maus wrote: Did anyone try to run OpenBSD on Asus new small eeePC? Just fired up a flashboot image from usb running 4.1 bsd.rd: nice to see you have one. can you boot -current and mail the dmesg to [EMAIL PROTECTED] Does anybody know where I could buy such a machine, preferrably in .ch or .de? - Marc OpenBSD 4.1-stable (GENERIC-RD) #0: Thu Aug 16 17:15:55 CEST 2007 [EMAIL PROTECTED]:/home/rd/flashboot/flashboot/obj/GENERIC-RD cpu0: Intel(R) Celeron(R) M processor 900MHz (GenuineIntel 686-class) 631 MHz [...]
Re: OT: OpenBSD on Asus eeePC
Marc Balmer schrieb: Jacob Winther wrote: On 14/11/2007, at 6:55 AM, Andreas Maus wrote: Did anyone try to run OpenBSD on Asus new small eeePC? Just fired up a flashboot image from usb running 4.1 bsd.rd: nice to see you have one. can you boot -current and mail the dmesg to [EMAIL PROTECTED] Does anybody know where I could buy such a machine, preferrably in .ch or .de? - Marc Hello, you might find this link useful: http://www.asus.de/news_show.aspx?id=8890 (sorry, its german) Asus will ship the EeePC to Germany and Austria in December2007. Mabye alternate.de will sell them. guido
win32-codecs, avi and amd64 question
Hello, I'm currently running current i386 on my amd64 processor. I'm considering to move to the amd64 distribution but I noticed that the win32-codecs package is only for i386. Is there currently a win32-codecs alternative for amd64 or is it possible to watch avi (+/- all codecs) movies on amd64? Thank you very much! Didier
