Re: Can't SSH into CARP'd system from the outside
On 21:26:51 Oct 18, Vivek Ayer wrote: [demime 1.01d removed an attachment of type application/octet-stream which had a name of pf.conf] [demime 1.01d removed an attachment of type application/x-trash which had a name of pf.conf.BAK] This list does not allow attachments. You can either copy paste them into the mail text or use a mail client like mutt. -Girish
Re: Can't SSH into CARP'd system from the outside
On 22:45:49 Oct 18, Vivek Ayer wrote: Actually, I feel kind of stupid for asking the question. Of course you can never ssh into the virtual carp interface, which is what I was trying to do. SSHing into the physical interface still works no problem. Then again, it would be Yay..CARP is working 100%. You can of course use the CARP virtual interface. In fact you are supposed to use that if you setup CARP. ;) The only thing you can do to the CARP interface (which is the public IP in this case) is ping it, right? No. For all practical purposes that is the IP address you should use. Granted all the redirection to my web server still works, and the carp interface is actually the domain IP, will I just be able to type the domain in a web browser and watch http come up? By this, I mean: INTERNET -- CARP0 --- Routers 1 and 2 --- CARP1 SWITCH --- CARP3 --- Web Servers 1 and 2. I'm going to be CARPing my web servers as well. So how would this work? Public IP request would go to one of the two routers which would redirect to one of the two web servers? Basically, how would http or named interact with the virtual interface? You can find a good writeup on CARP here. http://www.openbsd.org/faq/pf/carp.html I have not properly understood your setup but I can give you some ideas. CARP does not redirect IP traffic. That is handled separately. However by virtue of CARP IP being virtual the redirection is handled by CARP itself. You need to think a lot on the lines of inbound or outbound CAP load balancing/fail-over. If it is a web server you probably need inbound fail-over. Then CARP handles everything for you if you access the CARP virtual IP. OpenBSD gives you several other ways to redirect traffic. relayd(8) and pf(4) trickery using route-to come to mind. I would rather that I do fail-over with CARP and load balancing with relayd and leave route-to alone... The choice is yours. -Girish
Porting driver from Linux
I'd like to port a driver from Linux and/or write it from scratch. 1. How hard is it? It would be my first touch with kernel programming (well - may be except Hello World modules). 2. Is it anything I have to know (except C, APIs and GPL-license)? Best regards -- I've probably left my head... somewhere. Please wait untill I find it. Homepage (pl_PL): http://uzytkownik.jogger.pl/ (GNU/)Linux User: #425935 (see http://counter.li.org/)
NAJNEVEROVATNIJA PONUDA
- This mail is a HTML mail. Not all elements could be shown in plain text mode. - Kurs engleskog jezika za slusanje usput Kurs je u formatu MP3 na 5 CD-a i omogucava ljudima koji su stalno u pokretu i nemaju mnogo vremena da budu kuci pored svog racunara da uz pomoc najnovijih metoda nauce engleski jezik. Na ovaj nacin engleski jezik mozete uciti u kolima, na putu od kuce do posla i obrnuto, dok trcite ili setate, dok putujete ili se odmarate u prirodi, dakle na svom diskmenu ili MP3 player-u engleski jezik cete moci uciti na bilo kom mestu. Vreme u toku dana predvidjeno ucenje engleskog jezika nije standardno, dakle mozete sami planirati koliko cete i gde preslusavati materijal sa CD-a. Rezultati ce biti bolji ukoliko imate kontinuitet u preslusavanju nasih CD-a, sto znaci ukoliko cesce budete slusali materijal brze cete savladati engleski jezik. Ukoliko porucite ovu nesvakidasnju ponudu na poklon cete dobiti i knjigu i prirucnik u jpg formatu , gde cete moci da proverite sve ono sto ste naucili ili da naucite nesto novo. Promotivna ponuda kursa engleskog jezika za slusanje usput ( srpska verzija ) kosta 1380,00 dinara. U cenu jesu uracunati PTT troskovi slanja paketa, sto znaci da Vi placate samo cenu koja je iznad navedena, tj. 1380,00 .. Placanje je pouzecem, dakle po preuzimanju paketa. Ukoliko zelite da porucite ovu nasu specijalnu ponudu potrebno je da dostavite Vase ime i prezime, adresu, mesto, postanski broj i broj telefona i paket ce biti kod Vas u roku od 48 sati. Porudzbine slati iskljucivo na e-mail adrese: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Default Apache chroot problem.
Hi, I'm running OpenBSD 4.3 (GENERIC) with standard httpd Apache/1.3.29 (Unix). I need to use on my machines phpsysinfo script as necessary information table that may be accessed remotely. So i made directory in Apache document root /phpsysinfo and I gave necessary rights to it. And it works. PHP is installed and runned within Apache - so it works. But. There is a problem. It works only when I un-chroot httpd. I need to add this flag: httpd_flags=-u for httpd in /etc/rc.local.conf to make it work properly. Unfortunately :) PHP script is generating the SYSCALL functions or something (sorry, I am not a PHP programmer) to root FS system libraries. Especially devices state logs (dmesg). Additionally it's querying the standard shell applications such as uname or who. Is there any normal way to run it with un-chrooting the Apache? Any kind of help will be appreciated :) P Please don't print this e-mail unless you really need to. Best Regards, Zbigniew Sobczyqski [EMAIL PROTECTED] GG: 1334213 JabberID: zetbee Skype: zetbeee
Re: Default Apache chroot problem.
Zbigniew SobczyEski wrote: Hi, I'm running OpenBSD 4.3 (GENERIC) with standard httpd Apache/1.3.29 (Unix). I need to use on my machines phpsysinfo script as necessary information table that may be accessed remotely. So i made directory in Apache document root /phpsysinfo and I gave necessary rights to it. And it works. PHP is installed and runned within Apache - so it works. But. There is a problem. It works only when I un-chroot httpd. I need to add this flag: httpd_flags=-u for httpd in /etc/rc.local.conf to make it work properly. Unfortunately :) PHP script is generating the SYSCALL functions or something (sorry, I am not a PHP programmer) to root FS system libraries. Especially devices state logs (dmesg). Additionally it's querying the standard shell applications such as uname or who. Is there any normal way to run it with un-chrooting the Apache? Any kind of help will be appreciated :) P Please don't print this e-mail unless you really need to. Best Regards, Zbigniew Sobczyqski [EMAIL PROTECTED] GG: 1334213 JabberID: zetbee Skype: zetbeee Most applications can be chrooted by bringing the needed files inside of the chroot, copying the directory structure outside the chroot, but inside it. (as in /var/www/etc to get what appears to be /etc). But it sounds like this may need to be run outside of the chroot and then copy the results into directories inside the chroot to be read by another script inside of the chroot. (Or put the results into a database and read that instead of files) A cron can be used to either run the main script directly, or to check for a request by the script inside the chroot. Of course, you could also just run un-chrooted Apache. Good Luck, Chris Bennett
Re: Can't SSH into CARP'd system from the outside
On 2008-10-19, Vivek Ayer [EMAIL PROTECTED] wrote: The only thing you can do to the CARP interface (which is the public IP in this case) is ping it, right? No, you can run services on it too.
Re: Can't SSH into CARP'd system from the outside
On Sun, Oct 19, 2008 at 01:04:35PM +0530, Girish Venkatachalam wrote: On 22:45:49 Oct 18, Vivek Ayer wrote: Actually, I feel kind of stupid for asking the question. Of course you can never ssh into the virtual carp interface, which is what I was trying to do. SSHing into the physical interface still works no problem. Then again, it would be Yay..CARP is working 100%. You can do most things with a CARP interface that you can with a regular interface. Exceptions would be applications that rely on bpf. You can of course use the CARP virtual interface. In fact you are supposed to use that if you setup CARP. ;) For services that you want to failover, yes. For administrative purposes (i.e. ssh access), probably not. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
Re: 4.4 Packages
On Sat, 18 Oct 2008, new_guy wrote: First time I've pre-ordered. Wondering when the 4.4 PKG_PATHs will be available so that I can add packages? -- Nov 1, of course, .. that's why it's called a release date. In the meantime, use your disks. Lee == Leland V. Lammert[EMAIL PROTECTED] Chief ScientistOmnitec Corporation Network/Internet Consultants www.omnitec.net ==
Re: Porting driver from Linux
Im afraid that you're going to have to re-write the driver from scratch (without being inspired by the GPLed one) the OpenBSD kernel developers wont include GPLed code into the core of the OS. Are you 100% sure that the driver doesn't already exist in -current? What piece of hardware is this? On Sun, Oct 19, 2008 at 11:19 AM, Maciej Piechotka [EMAIL PROTECTED] wrote: I'd like to port a driver from Linux and/or write it from scratch. 1. How hard is it? It would be my first touch with kernel programming (well - may be except Hello World modules). 2. Is it anything I have to know (except C, APIs and GPL-license)? Best regards -- I've probably left my head... somewhere. Please wait untill I find it. Homepage (pl_PL): http://uzytkownik.jogger.pl/ (GNU/)Linux User: #425935 (see http://counter.li.org/)
Re: Can't SSH into CARP'd system from the outside
Here's my pf.conf: # $OpenBSD: pf.conf,v 1.35 2008/02/29 17:04:55 reyk Exp $ # # See pf.conf(5) and /usr/share/pf for syntax and examples. # Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1 # in /etc/sysctl.conf if packets are to be forwarded between interfaces. # macros ext_if = re0 # External Interface (169.229.158.0/24) int_if = xl0 # Internal Interface (192.168.1.0/24) localnet = $int_if:network webserver = 192.168.1.50 webports = { http , https } tcp_services = { ssh } icmp_types = echoreq carpdevs = { carp0 , carp1 } syncdev = { re1 } ssh_allowed = 192.168.1.100 carp_mcast = 224.0.0.18 # extra tweaks set skip on lo set block-policy return set loginterface $ext_if scrub in # nat/rdr nat on $ext_if from $localnet to any - ($ext_if) nat on $int_if proto tcp from $localnet to $webserver port $webports - $int_if no nat on $int_if proto tcp from $int_if to $localnet rdr on $ext_if proto tcp from any to any port $webports - $webserver rdr on $int_if proto tcp from $localnet to $ext_if port $webports - $webserver # pass rules block in pass out keep state pass in inet proto icmp all icmp-type $icmp_types keep state pass in quick on $int_if pass in on $ext_if inet proto tcp from any to ($ext_if) \ port $tcp_services flags S/SA keep state pass in on $ext_if inet proto tcp from any to $webserver port $webports \ flags S/SA synproxy state pass on $carpdevs proto carp keep state pass quick on $ext_if proto carp \ from $ext_if:network to $carp_mcast keep state pass on $syncdev proto pfsync pass in on $int_if from $ssh_allowed to self keep state (no-sync) antispoof quick for { lo $int_if } Here's my pf.conf.BAK: # $OpenBSD: pf.conf,v 1.35 2008/02/29 17:04:55 reyk Exp $ # # See pf.conf(5) and /usr/share/pf for syntax and examples. # Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1 # in /etc/sysctl.conf if packets are to be forwarded between interfaces. # macros ext_if = re0 # External Interface (169.229.158.0/24) int_if = xl0 # Internal Interface (192.168.1.0/24) localnet = $int_if:network webserver = 192.168.1.50 webports = { http , https } tcp_services = { ssh } icmp_types = echoreq # extra tweaks set skip on lo set block-policy return set loginterface $ext_if scrub in # nat/rdr nat on $ext_if from $localnet to any - ($ext_if) nat on $int_if proto tcp from $localnet to $webserver port $webports - $int_if no nat on $int_if proto tcp from $int_if to $localnet rdr on $ext_if proto tcp from any to any port $webports - $webserver rdr on $int_if proto tcp from $localnet to $ext_if port $webports - $webserver # pass rules block in pass out keep state pass in inet proto icmp all icmp-type $icmp_types keep state pass in quick on $int_if pass in on $ext_if inet proto tcp from any to ($ext_if) \ port $tcp_services flags S/SA keep state pass in on $ext_if inet proto tcp from any to $webserver port $webports \ flags S/SA synproxy state antispoof quick for { lo $int_if } I still don't think it makes sense sshing into your carp interface. I mean, if you ssh once and you're in one machine, but then the next time, you're in another. Anyways, take a look and see what can be done. pf.conf is my current CARP setup, while pf.conf.BAK is before I setup CARP. Thanks, Vivek On Sun, Oct 19, 2008 at 6:53 AM, Jason Dixon [EMAIL PROTECTED] wrote: On Sun, Oct 19, 2008 at 01:04:35PM +0530, Girish Venkatachalam wrote: On 22:45:49 Oct 18, Vivek Ayer wrote: Actually, I feel kind of stupid for asking the question. Of course you can never ssh into the virtual carp interface, which is what I was trying to do. SSHing into the physical interface still works no problem. Then again, it would be Yay..CARP is working 100%. You can do most things with a CARP interface that you can with a regular interface. Exceptions would be applications that rely on bpf. You can of course use the CARP virtual interface. In fact you are supposed to use that if you setup CARP. ;) For services that you want to failover, yes. For administrative purposes (i.e. ssh access), probably not. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
Re: Can't SSH into CARP'd system from the outside
snip # pass rules block in pass out keep state pass in inet proto icmp all icmp-type $icmp_types keep state pass in quick on $int_if pass in on $ext_if inet proto tcp from any to ($ext_if) \ port $tcp_services flags S/SA keep state pass in on $ext_if inet proto tcp from any to $webserver port $webports \ flags S/SA synproxy state pass on $carpdevs proto carp keep state pass quick on $ext_if proto carp \ from $ext_if:network to $carp_mcast keep state pass on $syncdev proto pfsync pass in on $int_if from $ssh_allowed to self keep state (no-sync) antispoof quick for { lo $int_if } snip you've blocked in and then explicitly passed traffic only to $ext_if. -B
New cpuid code to test
Hello all, I'd love to get another round of cpuid testing done (i386/amd64). The code is available at: http://www.tepid.org/~weingart/cpuid.c I'd appreciate it if people could do something like the following on their i386 and amd64 boxes: make cpuid ./cpuid | mail -s 'cpuid output' [EMAIL PROTECTED] Thanks, --Toby.
Re: Can't SSH into CARP'd system from the outside
So you're saying I need to explicitly pass traffic to $carpdevs too? Would that let me ssh into the carp interface then? On Sun, Oct 19, 2008 at 2:52 PM, Bryan Irvine [EMAIL PROTECTED] wrote: snip # pass rules block in pass out keep state pass in inet proto icmp all icmp-type $icmp_types keep state pass in quick on $int_if pass in on $ext_if inet proto tcp from any to ($ext_if) \ port $tcp_services flags S/SA keep state pass in on $ext_if inet proto tcp from any to $webserver port $webports \ flags S/SA synproxy state pass on $carpdevs proto carp keep state pass quick on $ext_if proto carp \ from $ext_if:network to $carp_mcast keep state pass on $syncdev proto pfsync pass in on $int_if from $ssh_allowed to self keep state (no-sync) antispoof quick for { lo $int_if } snip you've blocked in and then explicitly passed traffic only to $ext_if. -B
Issues with RT.FM AnonCVS
Has anyone else had trouble doing checkouts and updates from rt.fm? arcfide:27$ pwd /usr/xenocara/distrib/sets/lists/xshare arcfide:28$ sudo cvs -q -d [EMAIL PROTECTED]:/cvs up -Pd cvs [server aborted]: EOF while looking for end of string in RCS file /cvs/xenocara/distrib/sets/lists/xshare/mi,v arcfide:29$ sudo cvs -d [EMAIL PROTECTED]:/cvs \ -q up -Pd U mi arcfide:30$ What's up? Aaron Hsu
Votre compte en ligne est suspendu
[IMAGE] Votre compte en ligne est suspendu ! Depuis le 20 janvier 2008, Desjardins ` amiliori la procidure de connexion ` AcchsD Internet et AcchsD Affaires. La sicuriti en ligne Une situation nous oblige ` bloquer temporairement l'acchs ` vos solutions en ligne. Pour continuer ` utiliser nos services en lignes vous devez mettre ` jours les paramjtres de sicuriti dans votre compte AcchsD avant le : 21/10/2008 . Je veux mettre ` jour mes paramjtres de sicuriti Nous espirons remidier ` la situation rapidement et vous remercions de votre comprihension. Your online services are temporarily unavailable. To continue to use our online services you must update the security of your AcchsD account before : 21/10/2008 . I want to upgrade the security of my account We apologize for any inconvenience and thank you for your patience. Copyright ) 1996-2007, Mouvement des caisses Desjardins. Tous droits riservis.
Re: Issues with RT.FM AnonCVS
Has anyone else had trouble doing checkouts and updates from rt.fm? arcfide:27$ pwd /usr/xenocara/distrib/sets/lists/xshare arcfide:28$ sudo cvs -q -d [EMAIL PROTECTED]:/cvs up -Pd cvs [server aborted]: EOF while looking for end of string in RCS file /cvs/xenocara/distrib/sets/lists/xshare/mi,v arcfide:29$ sudo cvs -d [EMAIL PROTECTED]:/cvs \ -q up -Pd U mi arcfide:30$ Yeah, I've had issues in the past day or two with rt.fm... I was going to give it another day or two and then drop them a note. Benny -- You have the sex appeal of a school bus fire. -- Greg Geraldo
Re: Installing OpenBSD 4.4 AMD64 with more than 4GB
Erik Carlseen wrote: Erik Carlseen wrote: Ted Unangst wrote: On Fri, Oct 17, 2008 at 2:21 PM, Erik Carlseen [EMAIL PROTECTED] wrote: Does anyone know if this issue has been resolved? I'm trying to boot and OpenBSD 4.4 AMD64 CD on an HP BL465c-G1 (dual Opteron 2216HE CPUs, 8GB RAM) and getting the following during the boot process (this is transcribed manually, so I apologize in advance for any typos): CD-ROM: 9F Loading /4.4/AMD64/CDBOOT probing: pc0 com0 com1 mem[637K 255M 256M 2814M 4853M a20=on] disk: fd0 fd1 hd0+* cd0 OpenBSD/amd64 CDBOOT 2.01 boot machine memory Region 0: type 1 at 0x0 for 637KB Region 1: type 2 at 0x9f400 for 3KB Region 2: type 2 at 0xf for 64KB Region 3: type 1 at 0x10 for 261120KB Region 4: type 1 at 0x1000 for 262144KB Region 5: type 1 at 0x2000 for 2881851KB Region 6: type 3 at 0xcfe4efc0 for 32KB Region 7: type 1 at 0xcfe56fc0 for 4 KB Region 8: type 2 at 0xcfe57fc0 for 1696KB Region 9: type 2 at 0xfec0 for 1024KB Region 10: type 2 at 0xfee0 for 64KB Region 11: type 2 at 0xffc0 for 4096KB Region 12: type 1 at 0x10 for 4980732KB Something like machine memory [EMAIL PROTECTED] here. Check the numbers, and I've never actually tried this. Ted, thanks for the suggestion... I new think I've gotten the hang of this removing memory blocks thing but it hasn't gotten me very far (see below). Low ram: 637KB High ram: 3405115KB Total free memory: 8386488KB boot boot booting cd0a:/4.4/amd64/bsd.rd: 2561344+548422+2799208+0+492560 [80+259200+161660]=0xa82360 entry point at 0x1001e0 [7205c766, 3404, 2448b12, 840a304] Ignoring 4863MB above 4GB panic: init_x86_64: can't find end of memory The operating system has halted. Please press any key to reboot. Is there any way to get this to start, other than driving my lazy self 100 miles to the data center and yanking 4GB out of it? Any help, thoughts, and criticism that doesn't involve suicide booths is appreciated. -Erik I started out getting rid of Region 12 with this command: machine memory [EMAIL PROTECTED] No dice - same problem. So in addition to axing Region 12, I tried paring down Region 5 bit-by-bit (pun semi-intended), to the point where I was eliminating it completely: machine memory [EMAIL PROTECTED] machine memory [EMAIL PROTECTED] Yes, I rounded the value up a bit - there seems to be a rounding error in the amount of memory reported; this seems to get rid of it without affecting the next block. In any case, it still wouldn't boot. I got extreme and eliminated Regions 5, 6, and 12: machine memory [EMAIL PROTECTED] machine memory [EMAIL PROTECTED] machine memory [EMAIL PROTECTED] I'm down to just under 256MB of RAM and I'm still stuck on the same error during the boot process. It's still exactly the same as transcribed below, except that the Ignoring 4863MB above 4GB message is no longer there (for obvious reasons). Any additional ideas would be appreciated. -Erik Apparently I've fixed my own problem - I needed to also delete the memory at Region 6 with this command: machine memory [EMAIL PROTECTED] I'll try adding back in some of the other regions and post my results to the list in case anyone else winds up with the same problem. -Erik OK, here are the boot commands I used to get the installation process going (munged slightly so they don't get deleted as e-mail addresses): machine memory -0x1c000 [at] = 0x1 machine memory -0x1000 [at] 0xcfe56fc0 machine memory -0xafe4f000 [at] 0x2000 machine memory [EMAIL PROTECTED] This eliminated all but about 256MB of RAM. After the installation completed, I experimented a bit and found that I only needed the following line in boot.conf: machine memory -0x1000 [at] 0xcfe56fc0 Your mileage may vary. In fact, your mileage will almost certainly vary unless you're using a very similar machine, chipset, etc. Here's the rub, though - it's still not using the 4GB of RAM at 0x1. My dmesg output is below. If any kernel hacker is slumming over here in misc land and wants to take a crack at this machine, I can probably arrange remote access (e-mail me). -Erik OpenBSD 4.4 (GENERIC) #1562: Tue Aug 12 17:15:53 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 3474673664 (3313MB) avail mem = 3371139072 (3214MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xee000 (64 entries) bios0: vendor HP version A13 date 09/23/2007 bios0: HP ProLiant BL465c G1 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SPCR MCFG HPET SPMI ERST APIC BERT HEST acpi0: wakeup devices acpitimer0 at acpi0: 3579545 Hz, 32 bits acpihpet0 at acpi0: 14318180 Hz acpiprt0 at acpi0: bus 2 (IPPB) acpiprt1 at acpi0: bus 0 (PCI0) acpiprt2 at acpi0: bus 5 (EXBA) acpiprt3 at acpi0: bus 12 (EXBB) acpiprt4 at acpi0: bus 20 (SASB) acpiprt5 at acpi0: bus 22 (EXBD) acpiprt6 at
Re: Record for total number of rigs running OpenBSD
On Fri, Oct 17, 2008 at 11:42 PM, Vivek Ayer [EMAIL PROTECTED] wrote: Hi guys, Just wanted to let you folks know that my lab, due to my insistence, is now running OpenBSD on 5 rigs: 2 CARP/pfsync firewalls 1 DNS Server 2 CARP/pfsync/load-sharing web servers (sparc64) I'm sure there's people out there that have more rigs running it. I'd just like to know. If things go smoothly with these, I'll definitely pitch in money for the 4.5 release (put 4.3 to the test first). Cheers from Berkeley, the birthplace of BSD, Vivek hii .. 1 dns server on compaq desktop pro 2 gateway on compaq desktop pro 2 proxy on compaq deskto pro 1 vpn gateway on compaq desktop pro 1 web server + proxy + database ( radius mysql ) on mac mini intel . -- sonjaya http://idsale.blogspot.com http://www.pojokdomain.com(sell buy domain with free )
Slow file access on Compact Flash
[I read all postings in the archive AFAIK] Just started with CF on embedded hardware advertised to run OpenBSD; ARInfoTek. It does run OpenBSD very well! Now I want the embedded system to run off CF; the board has a CF socket to be wd0. 4.2 runs out of the box, but with very slow access of files. The CF is reasonably fast, though, with ~6MB at 'dd'. But once it has to access files for r/w, it gets very slow. I found some postings that 4.3 would be better, but the install of 4.3 here mainly -stalled- and took a good hour, from a local ftp-site. locate.updatedb is incredibly fast, while some file extraction takes ages. It looks like a large, single, file copies very fast, similar to 'dd'. But opening a file for r/w seems to take ages. Something like tar -C /tmp -xzphf etc43.tgz takes a minute, easily. And etc43.tgz is only 1.2MB. Copying of this file is quick: $ date cp etc43.tgz demo date Mon Oct 20 11:29:15 SGT 2008 Mon Oct 20 11:29:16 SGT 2008 Any hint welcome, Uwe OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Geode(TM) Integrated Processor by AMD PCS (AuthenticAMD 586-class) 500 MHz cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX real mem = 527785984 (503MB) avail mem = 502276096 (479MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 05/23/08, BIOS32 rev. 0 @ 0xfaf00 apm0 at bios0: Power Management spec V1.2 (slowidle) apm0: AC on, battery charge unknown pcibios0 at bios0: rev 2.1 @ 0xf/0xdb74 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdaf0/128 (6 entries) pcibios0: PCI Exclusive IRQs: 5 7 10 11 pcibios0: no compatible PCI ICU found: ICU vendor 0x1022 product 0x2090 pcibios0: Warning, unable to fix up PCI interrupt routing pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x8000 0xef000/0x1000! cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 1 function 0 AMD Geode LX rev 0x31 vga1 at pci0 dev 1 function 1 AMD Geode LX Video rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) glxsb0 at pci0 dev 1 function 2 AMD Geode LX Crypto rev 0x00: RNG AES glxpcib0 at pci0 dev 15 function 0 AMD CS5536 ISA rev 0x03: rev 0, 32-bit 3579545Hz timer, watchdog, gpio gpio0 at glxpcib0: 32 pins pciide0 at pci0 dev 15 function 2 AMD CS5536 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: ULTIMATE CF CARD 4GB wd0: 1-sector PIO, LBA, 3967MB, 8124480 sectors wd0(pciide0:0:0): using PIO mode 4, DMA mode 2 pciide0: channel 1 ignored (disabled) ohci0 at pci0 dev 15 function 4 AMD CS5536 USB rev 0x02: irq 7, version 1.0, legacy support ehci0 at pci0 dev 15 function 5 AMD CS5536 USB rev 0x02: irq 7 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 AMD EHCI root hub rev 2.00/1.00 addr 1 ppb0 at pci0 dev 18 function 0 Pericom PCI-PCI rev 0x00 pci1 at ppb0 bus 1 fxp0 at pci1 dev 12 function 0 Intel 82559ER rev 0x10, i82551: irq 5, address 00:14:b7:00:26:6a inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4 fxp1 at pci1 dev 13 function 0 Intel 82559ER rev 0x10, i82551: irq 11, address 00:14:b7:00:26:6b inphy1 at fxp1 phy 1: i82555 10/100 PHY, rev. 4 fxp2 at pci1 dev 14 function 0 Intel 82559ER rev 0x10, i82551: irq 10, address 00:14:b7:00:26:6c inphy2 at fxp2 phy 1: i82555 10/100 PHY, rev. 4 fxp3 at pci0 dev 19 function 0 Intel 82559ER rev 0x10, i82551: irq 11, address 00:14:b7:00:26:69 inphy3 at fxp3 phy 1: i82555 10/100 PHY, rev. 4 isa0 at glxpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbdprobe: reset response 0xfa pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo usb1 at ohci0: USB revision 1.0 uhub1 at usb1 AMD OHCI root hub rev 1.00/1.00 addr 1 biomask f3cf netmask ffef ttymask ffef mtrr: K6-family MTRR support (2 registers) uplcom0 at uhub1 port 1 Prolific Technology Inc. USB-Serial Controller rev 1.10/3.00 addr 2 ucom0 at uplcom0 uhidev0 at uhub1 port 2 configuration 1 interface 0 NOVATEK USB Multimedia Keyboard rev 1.10/1.00 addr 3 uhidev0: iclass 3/1 ukbd0 at uhidev0: 8 modifier keys, 6 key codes, country code 33 wskbd0 at ukbd0 mux 1 wskbd0: connecting to wsdisplay0 uhidev1 at uhub1 port 2 configuration 1 interface 1 NOVATEK USB Multimedia Keyboard rev 1.10/1.00 addr 3 uhidev1: iclass 3/0, 3 report ids uhid0 at uhidev1 reportid 2: input=1, output=0, feature=0 uhid1 at uhidev1 reportid 3: input=3, output=0, feature=0 softraid0 at root root on wd0a swap on wd0b dump on wd0b
Re: Testing rthreads
On Fri, Oct 17, 2008 at 12:52 AM, Raimo Niskanen [EMAIL PROTECTED] wrote: I have also found patches (#3, #4 and #7) by Philip Guenther in the archives of this list from May 4. Can anyone enlighten me about if these/which patches still are useful or if there are fresher ones or if the 4.4 release kernel or the -current kernel already contains some of them... Ooog, the May 4th ones are a bit out of date. Several of them have been merged, others revised. I posted a revised version of the thread signal handling patch on Sep 17th. I have some stuff beyond that, but I need to merge the feedback I've already received and do some more testing before I send it out anywhere. Or even better, what is the preferred way to test rthreads for an application? I will build the application from source and will happily patch the build? As Ted observed, there's no need to rebuild. I do most my testing via LD_LIBRARY_PATH. I.e., in $HOME/lib I have a copy of librthread.so under the name libpthread.so.11.0, so if I start a program with LD_LIBRARY_PATH=$HOME/lib in its environment, then it uses rthreads instead of user-level threads. That works as long as the program (a) isn't setuid, and (b) doesn't itself mishandle LD_LIBRARY_PATH. Philip Guenther
Tftp-proxy
I'm in need of a little help (and probably a lot of sleep). I have been tweaking my PF due to a need for some added functionality. My last task was to add tftp-proxy so I can backup my Cisco DSL router to my TFTP server. I read the man page and inserted the necessary rules, but alas she's not working and I cannot quite see my error. My TFTP server lives inside the LAN on 192.168.1.5 and I had added the following rules. What am I missing here? Translation ### # no rdr on lo0 from any to any nat-anchor ftp-proxy/* nat on egress from (self) to any tag EGRESS - ($ext_if:0) nat on egress from $wire_if:network to any tag EGRESS - ($ext_if:0) no nat on $ext_if to port tftp rdr-anchor ftp-proxy/* rdr-anchor tftp-proxy/* rdr on $ext_if proto udp from any to any port tftp - 127.0.0.1 port 6969 # $ext_if inbound pass in on $ext_if inet proto icmp from any to $ext_if icmp-type 8 code 0 pass in quick on $ext_if inet proto tcp from ftp-auth to $ext_ip port 21 flags S/SA keep state pass in quick on $ext_if inet proto tcp from any to $ext_if port ssh flags S/SA synproxy state (max 10, source-track rule, max-src-conn 10, max-src-nodes 5, max-src-conn-rate 3/30, overload ssh-bruteforce flush global) pass in quick on $ext_if inet proto udp from ftp-auth to $ext_ip keep state # $wire_if outbound pass out log on $wire_if inet proto tcp from $wire_if to $wire_if:network flags S/SAFR modulate state pass out on $wire_if inet proto tcpto $ftp_server port 21 user proxy flags S/SA keep state pass out log on $wire_if inet proto udp from $wire_if to $wire_if:network keep state pass out on $wire_if inet proto udpto $ftp_server keep state pass out log on $wire_if inet proto icmp from $wire_if to $wire_if:network icmp-type 8 code 0 keep state anchor ftp-proxy/* anchor tftp-proxy/*