Re: inserting non-printable characters in sed?
Fred Snurd writes: > I have been looking at sed to insert non-printable characters into text > files. The sed(1) manpage states that I should be able to insert' > octal values by preceding the three character octal value with a backslash. The only place the word "octal" shows up in the sed man page is in the description of the OUTPUT of the [2addr]l command. It is not described as a meaningful input for the [2addr]s/re/replacement/flags command. // marc
inserting non-printable characters in sed?
I have been looking at sed to insert non-printable characters into text files. The sed(1) manpage states that I should be able to insert octal values by preceding the three character octal value with a backslash. However, my foo apparently isn't strong enough. eg. $ cat file first line second line FF third line fourth line FF $ sed 's!FF$!\f!' file > output $ cat output first line second line FF third line fourth line FF $ sed 's!FF!\014!' file > output $ cat output first line second line 014 third line fourth line 014 How am I misinterpreting how octal values can be inserted?
Re: scripting port install driving me mad
2008/7/12 Stuart Henderson <[EMAIL PROTECTED]>: > On 2008-07-12, Juan Miscaro <[EMAIL PROTECTED]> wrote: >> Hi, I have a script that I use to automate server installations. >> Every time I come to the point of installing a port with a certain >> flavor: >> >> postfix with sasl2/mysql >> >> I can never get it to work. >> >> I thought I had it working before by putting in the Makefile: >> >> FLAVORS= sasl2 mysql >> >> but this is ignored. >> >> Putting the following in the script also barfs: >> >> env FLAVOR="sasl2 mysql" >> >> What am I missing? >> >> /juan >> >> > > Why not just provide a local package repository with things like > this ready-built? Then you can point PKG_PATH at it and upgrade > them easily in the future too. Heh, that's what I'm trying to do. > You can use SUBDIRLIST to build a list of ports with certain > flavours. See /usr/ports/infrastructure/plist for example lists. I can't find documentation for SUBDIRLIST. Thanks to everyone who responded. I seem to be making headway. /juan
Using savecore
Hello [EMAIL PROTECTED] Assume the following situation: - no serial console, - no dmesg buffer, - kernel crashes while box in X. Can savecore help? If so, how can I use it? - Alexey.
pcmcia ethernet timeout
Dear List, i have an old laptop with a pcmcia ethernet card which is recognized as ne3 during setup. When i try to acquire an ip address through dhcp the kernel says that the card times out. Okay, i've added the address, dns and routing settings manually, so lets try to access the network. And again the card times out. -- Gabri Mate [EMAIL PROTECTED] [demime 1.01d removed an attachment of type application/pgp-signature]
Re: scripting port install driving me mad
On 2008-07-12, Juan Miscaro <[EMAIL PROTECTED]> wrote: > Hi, I have a script that I use to automate server installations. > Every time I come to the point of installing a port with a certain > flavor: > > postfix with sasl2/mysql > > I can never get it to work. > > I thought I had it working before by putting in the Makefile: > > FLAVORS= sasl2 mysql > > but this is ignored. > > Putting the following in the script also barfs: > > env FLAVOR="sasl2 mysql" > > What am I missing? > > /juan > > Why not just provide a local package repository with things like this ready-built? Then you can point PKG_PATH at it and upgrade them easily in the future too. You can use SUBDIRLIST to build a list of ports with certain flavours. See /usr/ports/infrastructure/plist for example lists.
Re: scripting port install driving me mad
On Sat, Jul 12, 2008 at 03:11:18PM -0400, Juan Miscaro wrote: > Hi, I have a script that I use to automate server installations. > Every time I come to the point of installing a port with a certain > flavor: > > postfix with sasl2/mysql > > I can never get it to work. > > I thought I had it working before by putting in the Makefile: > > FLAVORS= sasl2 mysql > > but this is ignored. > > Putting the following in the script also barfs: > > env FLAVOR="sasl2 mysql" > > What am I missing? instead of manually setting FLAVOR in your script (btw, FLAVORS is just a list of available FLAVORs, not what FLAVORs will be built) or mucking about in the ports Makefiles, you probably want to use SUBDIRLIST from the top of the ports directory. for example: $ echo 'mail/postfix/stable,sasl2,mysql' > /tmp/build-list $ echo 'another/port' >> /tmp/build-list $ echo 'one/more,flavored' >> /tmp/build-list $ echo 'still/another,-subpackage' >> /tmp/build-list $ cd /usr/ports $ BULK=Yes FETCH_PACKAGES=Yes SUBDIRLIST=/tmp/build-list make install see bsd.port.mk(5) and packages-specs(7) for more info. btw, you can generate a SUBDIRLIST from all installed packages: $ pkg_info -fa | sed -ne 's/[EMAIL PROTECTED] subdir=\([^ ]*\) .*/\1/p' > build-list although, there is probably a better way to do this with perl. -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
Re: scripting port install driving me mad
On Sat, Jul 12, 2008 at 03:11:18PM -0400, Juan Miscaro wrote: > Hi, I have a script that I use to automate server installations. > Every time I come to the point of installing a port with a certain > flavor: > > postfix with sasl2/mysql > > I can never get it to work. > > I thought I had it working before by putting in the Makefile: > > FLAVORS= sasl2 mysql > > but this is ignored. > > Putting the following in the script also barfs: > > env FLAVOR="sasl2 mysql" > > What am I missing? > > /juan No idea, since you're not giving your actual script. cd /usr/ports && SUBDIR=mail/postfix/stable,sasl2,mysql SUDO=sudo make install BULK=Yes should more or less work.
Re: pkg_add not terminating
On Fri, Jul 11, 2008 at 08:31:36PM -0400, Daniel Ouellet wrote: > Ivo van der Sangen wrote: >> When trying to install texlive_texmf-minimal-2007p2.tgz I run into problems. >> The >> pkg_add script does not terminate. The progress bar stops at 100% and there >> are >> still 3 processes running: perl, ftp and gzip. > > It happen sometime when dependency are install. The FTP hang as it doesn't > close the connection properly. > > Just look the process and kill ONLY the ftp one when it's at 100% and do > not close by itself. This will allow the rest of the regular pkg_add to > continue as usual. > > Then the install process will continue as normal and get the next > dependency if any as nothing unusual happened. > > Not a big deal when you know. > > Hope this help you. > > Best, > > Daniel This helps indeed. Nasty, but if you know it not a big problem indeed. Good to hear it has been addressed in -current. Regards, Ivo van der Sangen
scripting port install driving me mad
Hi, I have a script that I use to automate server installations. Every time I come to the point of installing a port with a certain flavor: postfix with sasl2/mysql I can never get it to work. I thought I had it working before by putting in the Makefile: FLAVORS= sasl2 mysql but this is ignored. Putting the following in the script also barfs: env FLAVOR="sasl2 mysql" What am I missing? /juan
neomagic and the "needs-update" entries
Good afternoon! In xenocara/MODULES file a "needs-update" entry, eg by neomagic, can provoke errors, like PR pending/5836 [0]? The PR in short: On i386 ThinkPad 600X (NeoMagic 256ZX NM2360) doesn't work WindowMaker since 2008.04.10 (or before too, that was my first test after 4.3 RELEASE branch fork.) With 4.3 RELEASE works. The very odd thing: cwm, fvwm; and icewm from ports work. All application works, that I use. WindowMaker didn't change since 2007.09.15. After branch fork in xenocara/MODULES file the neomagic has been updated two times: on 2008.03.19 from 1.1.1 to 1.2.0 and on 2008.05.21 to 1.2.1. In xenocara/driver/xf86-video-neomagic/ directory remained 1.1.1. The "needs-update" appeared with 1.2.0. Are they not in sync? Is this rate major update? Are the "needs-update" entries like as "public todo lists"? [0]: http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yes&numbers=5836 Synopsis and Subject: wmaker on ThinkPad600X Fatal server error
Re: pkg_add not terminating
On Sat, Jul 12, 2008 at 07:32:07PM +1200, Richard Toohey wrote: > On 12/07/2008, at 12:31 PM, Daniel Ouellet wrote: > >> Ivo van der Sangen wrote: >>> When trying to install texlive_texmf-minimal-2007p2.tgz I run into >>> problems. The >>> pkg_add script does not terminate. The progress bar stops at 100% and >>> there are >>> still 3 processes running: perl, ftp and gzip. >> >> It happen sometime when dependency are install. The FTP hang as it doesn't >> close the connection properly. >> >> Just look the process and kill ONLY the ftp one when it's at 100% and do >> not close by itself. This will allow the rest of the regular pkg_add to >> continue as usual. >> >> Then the install process will continue as normal and get the next >> dependency if any as nothing unusual happened. >> >> Not a big deal when you know. >> >> Hope this help you. >> >> Best, >> >> Daniel > > If it is FTP (and these are the symptoms I've seen when it has been > an FTP issue) then ... > > My experience is that your FTP *control* channel is timed out, because the > FTP > takes over a certain time (e.g. 10 minutes.) Your FTP *data* channel is > busy, > but dumb firewalls (usually M$ in my experience) see nothing happening on > the > control channel, and kill it. The data channel finishes the transfer, but > your control > channel has gone ... so hang ... > > It's OpenBSD, so use the excellent docs ... > > http://www.openbsd.org/cgi-bin/man.cgi?query=pkg_add&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html > > Near the bottom ... > > FTP_KEEPALIVE > Have ftp(1) send a byte after every FTP_KEEPALIVE > seconds, > so that incorrectly configured network equipment won't > ag- > gressively drop it. See ``ftp -k'' for more information. > > This will keep the control channel alive, so when the data channel is > finished, > the control channel is still alive & bad things don't happen. > > Thanks. In fact, this has been turned on by default after 4.3, so in current this should no longer be an issue at all. I'm going to remove the button from pkg_add soon, this does remind me to do it...
Re: Sitecom NL-030
On 2008-07-12, M. Feenstra <[EMAIL PROTECTED]> wrote: > > I tried adding the USB product ID (SITECOMEU is vendor ID) to usbdevs but > than realized there was no support for the chipset (MOSCHIP MCS7830). > Has anyone succeeded in porting the linux drivers from the moschip website > to OpenBSD or found another way to support the NL-030? It's probably simpler to modify an existing OpenBSD driver for another USB-ethernet device with reference to the data sheet (it looks fairly good). http://www.moschip.com/html/data_sheets.html http://www.moschip.com/data/products/MCS7830/Data%20Sheet_7830DA.pdf
Wiki: FreeOpenSourceSoftware.org
Hi OpenBSD folks, I'm the author of the Internet site http://www.livinginternet.com/ with input from many of the original creators of the Internet. I was lucky enough to get the FreeOpenSourceSoftware and FreeLibreOpenSourceSoftware domains, and have donated them to the FOSS community. I have set up a wiki at the domains to provide a home for FOSS, specifically as separate from Commercial Open Source Software (COSS) with some published code but closed elements for advanced functionality that potentially leads right back to proprietary lock-in. The link to "FOSS Philosophy" starts with a quote from Adam Smith (!), and describes the clear FOSS / COSS separation I believe important to help the FOSS brand continue to succeed. I've seeded the Wiki with basic starting information. Feel free to add. Please spread the word to let others know of the launch! http://freeopensourcesoftware.org/ Cheers, Bill -- Bill Stewart Founder, Eseri.net http://Eseri.net/ p: 613-796-8529
Re: Hardware recommendation for firewalls (more than 4 NICs)
Martmn Coco wrote: Hi misc, I'm currently looking for hardware alternatives for firewalls that should have more than four NICs. Currently we are buying R200s from Dell, but we have the 4 NIC limitation. We could tell Dell to install a quad port NIC (in addition to the two-port onboard card), but I haven't read good things about the way they work. I've also looked into soekris, but they don't seem to have enough CPU for what we want (this is pure speculation) as we also have intense IPSec traffic on some of these firewalls (I've seen that some of them could have encryption boards added to increase performance, but I don't know if it works for any kind of protocol, or at what rate). In any case, what I would like to have is firewalls with multiple NICs (at least 6 NICs) *and* sufficient CPU to let IPSec work alright at least at ~50Mbps (internal backbone firewalls). The multiple NICs are to use trunk, pfsync, real network interfaces, etc. i see that people have already made this pointlessly heated, but i'll just put in my 2 cents nicely: unless you're routing ridiculous amounts of traffic, in which case openbsd might not be able to handle the pps count, it is probably best to trunk the four interfaces into the switch, put vlans and/or carp on top of that and not add a slough of extra interfaces. it's not for me to say that you don't need the extra interfaces but trunking and vlans will likely (1) save ports on your switches, (2) make your setup more resilient by having a larger number of interfaces for each link to fail through, (3) simplify the cabling and (4) minimize the number of switches required. btw, commercially available hw encryption accelerators are not very relevant anymore since there is so much idle cpu power in most modern machines. it's usually a better idea just to buy a faster machine or one with a cpu that does its own crypto acceleration, e.g. via C7. cheers, jake Thanks, Martmn.
Re: Hardware recommendation for firewalls (more than 4 NICs)
On Sat, Jul 12, 2008 at 08:24:52AM -0500, Gordon Grieder wrote: > > Fast forward and we've got these 2960G's everywhere, a couple of 3750G's > doing the L3 work and feeding to the hardware out to the world. Nearly 20 > VLANs going through various trunks (single gig and etherchannel). The stuff > just works well when configured properly. Small clarification: we do have some physical separation. Our iSCSI traffic, SAN heartbeat and DMZs have their own VLANs and physical trunks. Previous message applied to all general user traffic. Gord
Re: Hardware recommendation for firewalls (more than 4 NICs)
On Sat, Jul 12, 2008 at 12:24:46AM -0400, Jason Dixon wrote: > I knew it was a matter of time before the "vlan insecurity" bullshit hit > the fan. RTFA. Who says anything about "blindly trusting" switches? > If you can't correctly configure VLANs on your switches, and filter on > vlan(4) interfaces in PF, you shouldn't be administering production > networks. There's nothing functionally different between: > > $ext_if="em0" > > and > > $ext_if="vlan0" > > I've developed networks with over a dozen routed VLAN segments on a > single physical GbE link. With carp(4) interfaces on top. It's easy. > In fact, it's a hell of a lot less error- and failure-prone than > managing 5 interfaces. If you're not going to use the features that > came with those $5k switches you just bought, you might as well stick > with $100 Netgears from Best Buy. Yep. A few years ago when the "vlan insecurity bullshit" was all the rage we happened to be upgrading our LAN to gigabit. I was a bit leery from the experiences of dealing with Nortel's retarded (and proprietary) protocol-based VLAN crap. But I didn't want that to taint our future. So before deciding on a course of action (VLAN or physical separation) we picked up a couple of Cisco 2960G's, put them on my workbench and *BEAT THE FUCKING SHIT OUT OF THEM* trying all these VLAN hopping exploits that were talked about. Nothing seemed to work: the switches did their job. On our older Nortel 450's we did see some VLAN traffic leaking out when the things were flooded but those units dated back to the late 90's or so. Tech changes and improves. Fast forward and we've got these 2960G's everywhere, a couple of 3750G's doing the L3 work and feeding to the hardware out to the world. Nearly 20 VLANs going through various trunks (single gig and etherchannel). The stuff just works well when configured properly. Gord
HEADS UP: xf86-video-openchrome replaces xf86-video-via
I've just committed the openchrome driver for via chipsets in Xenocara and enabled it by default in place of the old, obsolete, version of xf86-video-via that was there before. If you're using a VIA chipset with a configuration file, replace Driver "via" with Driver "openchrome" in /etc/X11/xorg.conf to use the new driver after your next update. Thanks to bernd@ who evaluated the openchrome driver and made the few patches needed to get it to compile on OpenBSD. -- Matthieu Herrb
Re: Hardware recommendation for firewalls (more than 4 NICs)
* Martmn Coco <[EMAIL PROTECTED]> [2008-07-12 00:33]: > I'm currently looking for hardware alternatives for firewalls that should > have more than four NICs. there is a 1u supermicro that has 4 onboard, on PCIe and PCI-X each. gives 12 ems in 1U. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
Re: Hardware recommendation for firewalls (more than 4 NICs)
>> >I knew it was a matter of time before the "vlan insecurity" bullshit hit >> >the fan. RTFA. Who says anything about "blindly trusting" switches? >> >If you can't correctly configure VLANs on your switches, and filter on >> >vlan(4) interfaces in PF, you shouldn't be administering production >> >networks. There's nothing functionally different between: >> > >> >I've developed networks with over a dozen routed VLAN segments on a >> >single physical GbE link. With carp(4) interfaces on top. It's easy. >> >In fact, it's a hell of a lot less error- and failure-prone than >> >managing 5 interfaces. If you're not going to use the features that >> >came with those $5k switches you just bought, you might as well stick >> >with $100 Netgears from Best Buy. >> >> Oh dear gracious goodness me. >> >> $5K switches >> >> Can I sell you a few? Or tell me what brand you buy so I >> can buy stock? >> >> And who is your power company so I can buy stock? >> >> And who is your landlord so I can buy shares? >> >> I'm sorry, but my application doesn't seem to bear any resemblance >> to yours. Certainly my constraints are very different. > >How ironic, given that I'm suggesting using *fewer* resources. Let that >sink in for a while. Knock it off, guys. One guy's psycho ex-girlfriend is another's new princess. It's simplistic to knock someone's else deployment environment without understanding the full scope of details. The devil is in the details. I have a number of environments where 1q trunks and VLAN segments work wonders. I also have a major critical infrastructure environment where whinging about $5k is a shrug of the shoulders. In this latter case, I'd prefer that the bleary-eyed telecom tech getting pulled out of bed at 3am be able to quickly get things back up and running by swapping out an access switch connected to the firewall by a single, simple ethernet tether than call the engineering consultant (me) out of bed. This applies even moreso when the affected site might be a switch yard in the middle of nowhere and it's going to cost upward of $2k just to mobilize a truck to get there. In certain instances, the more elegant and manageable solution involves an octopus of cables and a storehouse of interchangeable parts. In others, it's an elegant layering of services on one cable. Then again, I work in a world where documentation is done on CAD stations, is reviewed and stamped and impacts can cost millions and potentially human life. "Self-documenting" firewall rules in a config file won't cut it. You guys can discuss CAM flooding on $50 DLinks and excess wiring and HVAC requirements all you want. Not every problem is a nail and not every solution is a hammer. Sometimes you need to spend $100 and others $10k+. Sometimes you really just want a semi-retarded switch but that is good to -40C and runs on anything from 24 to 130VDC AND 120VAC simultaneously or that is Class 1/Div 2 rated. YMMV but please respect the fact that the requirements of others may differ rather drastically from your own personal experiences. --J
Re: pkg_add not terminating
On 12/07/2008, at 12:31 PM, Daniel Ouellet wrote: Ivo van der Sangen wrote: When trying to install texlive_texmf-minimal-2007p2.tgz I run into problems. The pkg_add script does not terminate. The progress bar stops at 100% and there are still 3 processes running: perl, ftp and gzip. It happen sometime when dependency are install. The FTP hang as it doesn't close the connection properly. Just look the process and kill ONLY the ftp one when it's at 100% and do not close by itself. This will allow the rest of the regular pkg_add to continue as usual. Then the install process will continue as normal and get the next dependency if any as nothing unusual happened. Not a big deal when you know. Hope this help you. Best, Daniel If it is FTP (and these are the symptoms I've seen when it has been an FTP issue) then ... My experience is that your FTP *control* channel is timed out, because the FTP takes over a certain time (e.g. 10 minutes.) Your FTP *data* channel is busy, but dumb firewalls (usually M$ in my experience) see nothing happening on the control channel, and kill it. The data channel finishes the transfer, but your control channel has gone ... so hang ... It's OpenBSD, so use the excellent docs ... http://www.openbsd.org/cgi-bin/man.cgi? query=pkg_add&apropos=0&sektion=0&manpath=OpenBSD +Current&arch=i386&format=html Near the bottom ... FTP_KEEPALIVE Have ftp(1) send a byte after every FTP_KEEPALIVE seconds, so that incorrectly configured network equipment won't ag- gressively drop it. See ``ftp -k'' for more information. This will keep the control channel alive, so when the data channel is finished, the control channel is still alive & bad things don't happen. Thanks.
