The Continually Updated Clinical Reference

[Qu SQ]

Launched in 1996, www.eMedicine.com comprises the largest and most current 
Clinical Knowledge Base available to physicians and other healthcare 
professionals. eMedicine's subscription site for institutions is 
www.iMedicine.com. Nearly 10,000 physician authors and editors contribute to 
the eMedicine Clinical Knowledge Base, which contains articles on 7,000 
diseases and disorders. The evidence-based content, updated regularly, provides 
the latest practice guidelines in 59 medical specialties. eMedicine's 
professional content undergoes 4 levels of physician peer review plus an 
additional review by a PharmD prior to publication. 



In May 2003, eMedicine launched a new consumer health site, 
www.eMedicineHealth.com. Current medical information is available in the Health 
Resource, First Aid and Emergencies, and Lifestyle and Wellness Centers. With 
more than 5500 pages of health content, the site contains articles written by 
physicians for patients and consumers. Each article is reviewed by 2 physicians 
and a PharmD prior to publication. 



Subsequent revisions of professional or consumer articles may be provided by 
internal eMedicine copy editing staff, the physician author, or a physician or 
PharmD member of the editorial board associated with each article. Updates 
after the initial peer review do not generally go through subsequent peer 
review, though select articles may undergo a level of repeat peer review. 
eMedicine is proud to be certified by the Health On the Net Foundation 
(HONConduct #256884) verifying compliance with its 8 principles of conduct. In 
compliance with the guidance associated with the fourth principle (C 
attribution (C eMedicine posts the date of the last revision of any kind on 
each article.



The eMedicine Clinical Knowledge Base contains 30,000 multimedia files and 
features the largest online repository of medical education credits for 
physicians, nurses, and optometrists. 



Please reference www.emedicine.com for more information.

Re: Intel D945GCLF2

[Andrei Pirvan]

Hello

I have a D945GCLF2 for almost 2 months, and it works well with OpenBSD
4.4. I use it with the stock fan disabled and with an 120mm Nexus
RealSilent that covers almost the whole board. To make it fanless, I
think the best solution is a bigger heatsink for the north bridge like
[1], of course, if you have space for it. My temps are lower, due to
ambient temperature in this period of year:

# sysctl -a|grep  hw
hw.machine=i386
hw.model=Intel(R) Atom(TM) CPU 330 @ 1.60GHz (GenuineIntel 686-class)
hw.ncpu=1
hw.byteorder=1234
hw.pagesize=4096
hw.disknames=cd0,sd0
hw.diskcount=2
hw.sensors.cpu0.temp0=14.00 degC
hw.sensors.admtm0.temp0=18.00 degC (Internal)
hw.sensors.admtm0.temp1=31.00 degC (External)
hw.sensors.admtm0.temp2=24.00 degC (External)
hw.sensors.admtm0.volt0=2.55 VDC (2.5 V)
hw.sensors.admtm0.volt1=0.00 VDC (Vccp)
hw.sensors.admtm0.volt2=3.28 VDC (3.3 V)
hw.sensors.admtm0.volt3=5.05 VDC (5 V)
hw.sensors.admtm0.volt4=12.38 VDC (12 V)
hw.sensors.admtm0.volt5=3.28 VDC (Vcc)
hw.sensors.admtm0.volt6=1.59 VDC (1.5 V)
hw.sensors.admtm0.volt7=1.77 VDC (1.8 V)
hw.cpuspeed=1597
hw.setperf=100
hw.vendor=Intel Corporation
hw.product=D945GCLF2
hw.uuid=d72c7a24-8a30-11dd-9c44-0019d159b7d4
hw.physmem=2136846336
hw.usermem=2136834048

As a side note, use it with OpenBSD 4.4 because earlier versions (4.2
tested by me) have issues with onboard gigabit ethernet controller.
Also, the stock fan is very noisy, even at 50% speed in BIOS.
[1] 
http://www.silentpcreview.com/forums/viewtopic.php?t=50620highlight=d945gclf2

Break pkg_add cyclic dependency

[Mike Williams]

Hi,

I am trying to setup CUPS on a machine and have got into package 
dependency hell.  I want a cups flavoured ghostscript but it wont 
install as it cannot resolve dependencies on foomatic-filters and cups. 
 If I install either of them then they install a non-CUPS flavoured 
version of ghostscript.  This is with 4.4 release.


# pkg_add -n -v ghostscript-8.62p2-a4-cups
parsing ghostscript-8.62p2-a4-cups
Dependencies for ghostscript-8.62p2-a4-cups resolve to: cups-1.2.7p9, 
libiconv-1.12, ghostscript-fonts-8.11p0, jpeg-6bp3, ijs-0.35, png-1.2.28 
(todo: cups-1.2.7p9)

ghostscript-8.62p2-a4-cups:parsing cups-1.2.7p9
Dependencies for cups-1.2.7p9 resolve to: foomatic-filters-3.0.2p1, 
jpeg-6bp3, tiff-3.8.2p0, png-1.2.28 (todo: foomatic-filters-3.0.2p1)

ghostscript-8.62p2-a4-cups:parsing foomatic-filters-3.0.2p1
Dependencies for foomatic-filters-3.0.2p1 resolve to: 
enscript-1.6.3p1-a4, ghostscript-8.62p2-a4-cups (todo: 
ghostscript-8.62p2-a4-cups)

Can't install ghostscript-8.62p2-a4-cups: can't resolve cups-1.2.7p9
Can't install foomatic-filters-3.0.2p1: can't resolve 
ghostscript-8.62p2-a4-cups

Can't install cups-1.2.7p9: can't resolve foomatic-filters-3.0.2p1
Can't install ghostscript-8.62p2-a4-cups: can't resolve cups-1.2.7p9
# pkg_add -n -v foomatic-filters-3.0.2p1
parsing foomatic-filters-3.0.2p1
Dependencies for foomatic-filters-3.0.2p1 resolve to: 
enscript-1.6.3p1-a4, ghostscript-8.62p2 (todo: ghostscript-8.62p2)

foomatic-filters-3.0.2p1:parsing ghostscript-8.62p2
Dependencies for ghostscript-8.62p2 resolve to: libiconv-1.12, 
ghostscript-fonts-8.11p0, jpeg-6bp3, ijs-0.35, png-1.2.28

...
# pkg_add -n -v cups
parsing cups-1.2.7p9
Dependencies for cups-1.2.7p9 resolve to: foomatic-filters-3.0.2p1, 
jpeg-6bp3, tiff-3.8.2p0, png-1.2.28 (todo: foomatic-filters-3.0.2p1)

cups-1.2.7p9:parsing foomatic-filters-3.0.2p1
Dependencies for foomatic-filters-3.0.2p1 resolve to: 
enscript-1.6.3p1-a4, ghostscript-8.62p2 (todo: ghostscript-8.62p2)

cups-1.2.7p9:parsing ghostscript-8.62p2
Dependencies for ghostscript-8.62p2 resolve to: libiconv-1.12, 
ghostscript-fonts-8.11p0, jpeg-6bp3, ijs-0.35, png-1.2.28

...

So what is the way to break this cycle of dependenciesso I can get a 
CUPS flavored ghostscript installed?  TIA


--
Mike

pppd, ip-up script and privileges

[patrick keshishian]

Hi,

I'm curious about why privileges are revoked before executing
ip-{up,down} scripts?

ROUTING section of pppd(8) says:

+--- pppd(8)
| When IPCP negotiation is completed successfully,
| pppd will inform the kernel of the local and remote
| IP addresses ... to create a host route to the remote
| end ... which will enable the peers to exchange IP
| packets. Communication with other machines generally
| requires further modification to routing tables. In
| most cases the defaultroute [is] sufficient for this,
| but in some cases further intervention is required.
| The /etc/ppp/ip-up script can be used for this.
+-

However, if ip-up is to change the routing table it will require
root privilege.

Am I missing something?

--patrick

Re: FreeBSD emulation of VMware Tools

[Guido Tschakert]

Hi,

have you read man compat_freebsd and tried the suggestions (i.e.
download libc.so.1 from somewhere and also ldd and some other files)

guido

Laurens Vets schrieb:
 Hi list,
 
 I'm trying to get the FreeBSD version of the VMware Tools installed in
 OpenBSD 4.4 under VMware Server 2.0 following the guide posted at
 http://www.openbsd-wiki.org/index.php?title=HowTo_install_VMWare_tools.
 
 I've had to install the freebsd_lib-4.11p0.tgz package and had to add
 some additional symbolic links to /emul/freebsd/usr/lib.  However,
 vmware-guestd segfaults upon trying to start it:
 
 # ktrace /emul/freebsd/sbin/vmware-guestd --background
 /var/run/vmware-guestd.pid --halt-command /sbin/shutdown -p -h now
 Segmentation fault (core dumped)
 # ktrace -C
 # kdump
   6020 ktrace   RET   ktrace 0
   6020 ktrace   CALL  execve(0xcfbdabb3,0xcfbdaa60,0xcfbdaa78)
   6020 ktrace   NAMI  /emul/freebsd/sbin/vmware-guestd
   6020 ktrace   NAMI  /emul/freebsd/usr/lib/libc.so.1
   6020 ktrace   NAMI  /emul/freebsd
   6020 vmware-guestd NAMI  /emul/freebsd/usr/lib/libc.so.1
   6020 vmware-guestd EMUL  freebsd
   6020 vmware-guestd RET   execve 0
   6020 vmware-guestd PSIG  SIGSEGV SIG_DFL code 1 addr=0x85fa8 trapno=1
   6020 vmware-guestd NAMI  vmware-guestd.core
 #
 
 I'm not sure how to proceed from here.  Can anyone help me further?
 
 Thanks in advance!

Re: Break pkg_add cyclic dependency

[Matthias Kilian]

On Sun, Jan 04, 2009 at 03:48:29PM +, Mike Williams wrote:
 # pkg_add -n -v ghostscript-8.62p2-a4-cups
[...]
 Can't install ghostscript-8.62p2-a4-cups: can't resolve cups-1.2.7p9
 Can't install foomatic-filters-3.0.2p1: can't resolve 
 ghostscript-8.62p2-a4-cups
 Can't install cups-1.2.7p9: can't resolve foomatic-filters-3.0.2p1
 Can't install ghostscript-8.62p2-a4-cups: can't resolve cups-1.2.7p9
[...]
 So what is the way to break this cycle of dependenciesso I can get a 
 CUPS flavored ghostscript installed?  TIA

This has been fixed in current. For 4.4, the workaround is to first
install the unflavored ghostscript, then install cups, then replace
the installed ghostscript by the one with the cups flavor using
pkg_add -r.

Ciao,
Kili

Re: Break pkg_add cyclic dependency

[Antoine Jacoutot]

On Sun, 4 Jan 2009, Mike Williams wrote:

 Hi,
 
 I am trying to setup CUPS on a machine and have got into package dependency
 hell.  I want a cups flavoured ghostscript but it wont install as it cannot
 resolve dependencies on foomatic-filters and cups.  If I install either of
 them then they install a non-CUPS flavoured version of ghostscript.  This is
 with 4.4 release.
 
 # pkg_add -n -v ghostscript-8.62p2-a4-cups

This is a known issue fixed in -current.

The workaround is tho pkg_add ghostscript-8.62p2-a4... then:
$ sudo pkg_add -rF update ghostscript-8.62p2-a4-cups

-- 
Antoine

Re: ftp from script

[Ed Ahlsen-Girard]

Thanks to all.  The below worked.

Grab the snapshots:

#!/usr/bin/perl

use Net::FTP;

unlink /home/ed/snap/*;

my $host = 'rt.fm';

my $ftp = Net::FTP-new($host, Debug =0)
or die Cannot connect to $host: $0;

$ftp-login(anonymous,'-anonymous@')
or die Cannot login , $ftp-message;

$ftp-cwd(/pub/OpenBSD/snapshots/i386)
   or die Cannot change working directory , $ftp-message;

my @ftp_ls = $ftp-ls()
or die Can't get directory listing , $ftp-message;

for (@ftp_ls) {
my $tgz = $_;
unless ($tgz =~ /tgz/) {
next;
}
$tgz =~ s/\S\s{7}?//;
print $tgz\n;
$ftp-get($tgz)
or die get failed , $ftp-message;
}

$ftp-get(INSTALL.i386)
or die get failed , $ftp-message;

$ftp-get(index.txt)
or die get failed , $ftp-message;

$ftp-get(bsd)
or die get failed , $ftp-message;

$ftp-get(bsd.rd)
or die get failed , $ftp-message;

$ftp-cwd(/pub/OpenBSD/snapshots)
   or die Cannot change working directory , $ftp-message;

$ftp-get(ports.tar.gz)
or die get failed , $ftp-message;

exec '/usr/sbin/srcgrab';

exit;


Update source:

#!/bin/sh

export cvsroot=anon...@rt.fm:/cvs

cd /usr

cvs checkout -P src

date

Re: Testing in a virtual environment

[Daniel A. Ramaley]

Thanks for the responses! I'll look into KVM and VMWare, and possibly 
some of the others. From the variety of responses it sounds like 
VirtualBox is the only virtualization software that *doesn't* work with 
OpenBSD though.

Strangely enough, after asking my question, i reinstalled OpenBSD in 
VirtualBox with slightly different settings and now it is working just 
fine. I've managed to build a -stable release. I haven't tried running 
X, but just being able to compile is good enough for now. The settings 
i used that work on my machine are VirtualBox' defaults except for 
turning on VT-x/AMD-V, and within the VM i added softdep to the mount 
options in fstab.


Dan RamaleyDial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540Des Moines IA 50311 USA

Re: ftp from script

[Randal L. Schwartz]

 Ed == Ed Ahlsen-Girard eagir...@cox.net writes:
Ed #!/bin/sh

Ed export cvsroot=anon...@rt.fm:/cvs

Ed cd /usr

Ed cvs checkout -P src

Ed date

You still haven't learned to check the return value of cd. :)

That should be:

 cd /usr || exit 1


-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
mer...@stonehenge.com URL:http://www.stonehenge.com/merlyn/
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion

Re: Break pkg_add cyclic dependency

[Mike Williams]

Matthias Kilian wrote:

On Sun, Jan 04, 2009 at 03:48:29PM +, Mike Williams wrote:

# pkg_add -n -v ghostscript-8.62p2-a4-cups

[...]

Can't install ghostscript-8.62p2-a4-cups: can't resolve cups-1.2.7p9
Can't install foomatic-filters-3.0.2p1: can't resolve 
ghostscript-8.62p2-a4-cups

Can't install cups-1.2.7p9: can't resolve foomatic-filters-3.0.2p1
Can't install ghostscript-8.62p2-a4-cups: can't resolve cups-1.2.7p9

[...]
So what is the way to break this cycle of dependenciesso I can get a 
CUPS flavored ghostscript installed?  TIA


This has been fixed in current. For 4.4, the workaround is to first
install the unflavored ghostscript, then install cups, then replace
the installed ghostscript by the one with the cups flavor using
pkg_add -r.


Many thanks - it is all up and running now.  Cheers!

--
Mike

Re: ftp from script

[Markus Lude]

On Sun, Jan 04, 2009 at 07:03:38AM -0600, Ed Ahlsen-Girard wrote:
 Thanks to all.  The below worked.
 
 Grab the snapshots:
[...]

 Update source:
 
 #!/bin/sh
 
 export cvsroot=anon...@rt.fm:/cvs
 
 cd /usr
 
 cvs checkout -P src

Why not use cvs update? Of course you need to chdir to /usr/src then.

Regards,
Markus

Re: Testing in a virtual environment

[Brian Keefer]

On Jan 4, 2009, at 9:36 AM, Daniel A. Ramaley wrote:


Strangely enough, after asking my question, i reinstalled OpenBSD in
VirtualBox with slightly different settings and now it is working just
fine. I've managed to build a -stable release. I haven't tried running
X, but just being able to compile is good enough for now. The settings
i used that work on my machine are VirtualBox' defaults except for
turning on VT-x/AMD-V, and within the VM i added softdep to the mount
options in fstab.



Enabling the VT instructions is recommended regardless of what  
hypervisor is being used (at least, among the commercial ones).  It  
will result in noticeably better performance overall.  At least, this  
has been my experience with VMware and comments from Microsoft seem to  
indicate the same of Hyper-V and other hypervisors in general.


For those who don't follow VMware closely, ESXi (the VMware  
Infrastructure hypervisor) is now free.  It comes with the VMware  
Infrastructure Client and the VMware Infrastructure Update utility.  I  
would recommend it for anyone who is building a dedicated  
Virtualization Host.  VMware Server is only necessary if you actually  
want to use the host OS and occasionally run guests.  Of course, the  
hardware supported by ESXi is a little bit more limited, since it's  
geared for server platform hardware.  You'll want to make sure the  
BIOS and firmware for all the underlying gadgets has been upgraded to  
the latest (RAID controllers, etc).


--
bk

OpenBSD on home router - error requesting several URLs

[Sergey Khentov]

Hello there,

I have a very little experience in OpenBSD and network configuration /
troubleshooting, so any advice / keyword to google / etc is welcome.

Description:

I have installed and configured OpenBSD 4.4-release to be used as a
gateway to Internet (via ADSL modem).

ser...@gate:~  uname -a

OpenBSD gate.home.net 4.4 GENERIC#1021 i386

At the moment most of configuration work has been done: I can browse
Internet from my home network. But some sites are not accessible: when I
try to open an URL my browser thinks a lot of time (about 30 minutes -
after that I have stopped URL loading) and does not shows anything at
all! But when I try to open the same URL with lynx on OpenBSD - it opens
without any errors / delays / etc. The one example of the web-site -
battle.net. The other example - youtube.com. I have tried to open those
from Desktop PC with Windows XP and from Nokia N810, and the result is
the same, so I think it is OpenBSD-configuration error. Moreover,
traceroute from home network to e.g. battle.net reaches some Internet
servers. I have tried to search google and have asked this question on
one of *NIX-related forums and haven't get any solution of my problem.
Well, maybe you have any ideas?

Here comes OpenBSD configuration:

PC has 4 network cards: ath0 (this is also a wireless access-point),
rl0, rl1, rl2. rl0 is connected to home network, rl1 looks into local
area network (there are some common resources), rl2 is connected to
ADSL-modem (bridge mode).

ser...@gate:~  ifconfig
lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33204
  groups: lo
  inet 127.0.0.1 netmask 0xff00
  inet6 ::1 prefixlen 128
  inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6

ath0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST mtu
1500
  lladdr 00:1e:58:ad:74:d3
  groups: wlan
  media: IEEE802.11 autoselect hostap
  status: active
  ieee80211: nwid homenet chan 1 bssid 00:1e:58:ad:74:d3 nwkey not
displayed
  inet 192.168.2.254 netmask 0xff00 broadcast 192.168.2.255
  inet6 fe80::21e:58ff:fead:74d3%ath0 prefixlen 64 scopeid 0x1
rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
  lladdr 00:e0:4c:e9:c5:dc
  media: Ethernet autoselect (100baseTX full-duplex)
  status: active
  inet 192.168.1.254 netmask 0xff00 broadcast 192.168.1.255
  inet6 fe80::2e0:4cff:fee9:c5dc%rl0 prefixlen 64 scopeid 0x2
rl1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
  lladdr 00:11:6b:3f:16:02
  media: Ethernet autoselect (100baseTX full-duplex)
  status: active
  inet6 fe80::211:6bff:fe3f:1602%rl1 prefixlen 64 scopeid 0x3
  inet 10.0.55.43 netmask 0xff00 broadcast 10.0.55.255
rl2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1400
  lladdr 00:11:6b:96:70:48
  media: Ethernet autoselect (100baseTX full-duplex)
  status: active
  inet6 fe80::211:6bff:fe96:7048%rl2 prefixlen 64 scopeid 0x4
enc0: flags=0 mtu 1536
pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1392
  dev: rl2 state: session
  sid: 0x2d27 PADI retries: 5 PADR retries: 0 time: 09:20:19
  sppp: phase network authproto pap
  groups: pppoe egress
  inet6 fe80::21e:58ff:fead:74d3%pppoe0 - prefixlen 64 scopeid 0x7
  inet 78.37.41.134 -- 78.36.32.1 netmask 0x
pflog0: flags=141UP,RUNNING,PROMISC mtu 33204
  groups: pflog

ser...@gate:~  cat /etc/pf.conf
# comments were stripped :)
cl_if=rl1
adsl_if=pppoe0
int_if=rl0
wifi_if=ath0

nets_priv = { 127.0.0.0/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 }

set block-policy drop
set loginterface $adsl_if

# scrub in all

nat on $cl_if from $int_if:network to 10.0.11.0/24 - ($cl_if)
nat on $cl_if from $wifi_if:network to 10.0.11.0/24 - ($cl_if)
nat on $adsl_if from $int_if:network to any - ($adsl_if)
nat on $adsl_if from $wifi_if:network to any - ($adsl_if)

ser...@gate:~  route show -inet
Routing tables

Internet:
Destination Gateway Flags Refs Use Mtu Prio Iface
default 0.0.0.1 UGS 5 169770 - 48 pppoe0
10.0.1/24 core.drevlanka.ru UGS 0 5799 - 48 rl1
10.0.10/24 core.drevlanka.ru UGS 0 4 - 48 rl1
10.0.11/24 core.drevlanka.ru UGS 0 8951 - 48 rl1
10.0.55/24 link#3 UC 1 0 - 48 rl1
cerber.drevlanka.r localhost UGHS 0 0 33204 48 lo0
core.drevlanka.ru 00:13:21:c6:15:c7 UHLc 4 230 - 48 rl1
ip78-36-32-1.onego ip78-37-41-134.one UH 0 0 - 48 pppoe0
loopback localhost UGRS 0 0 33204 48 lo0
localhost localhost UH 2 8 33204 48 lo0
192.168.1/24 link#2 UC 1 0 - 48 rl0
192.168.1.1 00:20:ed:6b:0e:77 UHLc 2 8 - 48 rl0
192.168.2/24 link#1 UC 1 0 - 48 ath0
192.168.2.1 link#1 UHLc 2 2918 - 48 ath0
BASE-ADDRESS.MCAST localhost URS 0 0 33204 48 lo0

I don't know if it will help, but dmesg comes below my signature.

--
BR,
Sergey Khentov

# I have removed lines 'pckbcintr: no dev for slot 1' from dmesg - they
# repeat 432 times
ser...@gate:~  dmesg
ev for slot 1
pckbcintr: no dev for slot 1
syncing disks... done
rebooting...
OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III (GenuineIntel 

Re: OpenBSD on home router - error requesting several URLs

[Jorge Valbuena]

1. Why so many NAT rules ?
2. Your BSD Server only for home router and firewall device ?
3. You should read OpenBSD FAQ and PF FAQ
4. type  man afterboot,  from the command line.

BSD FAQ:

http://www.openbsd.org/faq/index.html

PF FAQ:
http://www.openbsd.org/faq/pf/index.html

After reading this, you should have a clear vision of your configuration.
 
I hope this can help !


Jorge V




 Original-Nachricht 
 Datum: Mon, 5 Jan 2009 01:23:07 +0300
 Von: Sergey Khentov sergey.khen...@gmail.com
 An: misc@openbsd.org
 Betreff: OpenBSD on home router - error requesting several URLs

 Hello there,
 
 I have a very little experience in OpenBSD and network configuration /
 troubleshooting, so any advice / keyword to google / etc is welcome.
 
 Description:
 
 I have installed and configured OpenBSD 4.4-release to be used as a
 gateway to Internet (via ADSL modem).
 
 ser...@gate:~  uname -a
 
 OpenBSD gate.home.net 4.4 GENERIC#1021 i386
 
 At the moment most of configuration work has been done: I can browse
 Internet from my home network. But some sites are not accessible: when I
 try to open an URL my browser thinks a lot of time (about 30 minutes -
 after that I have stopped URL loading) and does not shows anything at
 all! But when I try to open the same URL with lynx on OpenBSD - it opens
 without any errors / delays / etc. The one example of the web-site -
 battle.net. The other example - youtube.com. I have tried to open those
 from Desktop PC with Windows XP and from Nokia N810, and the result is
 the same, so I think it is OpenBSD-configuration error. Moreover,
 traceroute from home network to e.g. battle.net reaches some Internet
 servers. I have tried to search google and have asked this question on
 one of *NIX-related forums and haven't get any solution of my problem.
 Well, maybe you have any ideas?
 
 Here comes OpenBSD configuration:
 
 PC has 4 network cards: ath0 (this is also a wireless access-point),
 rl0, rl1, rl2. rl0 is connected to home network, rl1 looks into local
 area network (there are some common resources), rl2 is connected to
 ADSL-modem (bridge mode).
 
 ser...@gate:~  ifconfig
 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33204
   groups: lo
   inet 127.0.0.1 netmask 0xff00
   inet6 ::1 prefixlen 128
   inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
 
 ath0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST mtu
 1500
   lladdr 00:1e:58:ad:74:d3
   groups: wlan
   media: IEEE802.11 autoselect hostap
   status: active
   ieee80211: nwid homenet chan 1 bssid 00:1e:58:ad:74:d3 nwkey not
 displayed
   inet 192.168.2.254 netmask 0xff00 broadcast 192.168.2.255
   inet6 fe80::21e:58ff:fead:74d3%ath0 prefixlen 64 scopeid 0x1
 rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
   lladdr 00:e0:4c:e9:c5:dc
   media: Ethernet autoselect (100baseTX full-duplex)
   status: active
   inet 192.168.1.254 netmask 0xff00 broadcast 192.168.1.255
   inet6 fe80::2e0:4cff:fee9:c5dc%rl0 prefixlen 64 scopeid 0x2
 rl1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
   lladdr 00:11:6b:3f:16:02
   media: Ethernet autoselect (100baseTX full-duplex)
   status: active
   inet6 fe80::211:6bff:fe3f:1602%rl1 prefixlen 64 scopeid 0x3
   inet 10.0.55.43 netmask 0xff00 broadcast 10.0.55.255
 rl2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1400
   lladdr 00:11:6b:96:70:48
   media: Ethernet autoselect (100baseTX full-duplex)
   status: active
   inet6 fe80::211:6bff:fe96:7048%rl2 prefixlen 64 scopeid 0x4
 enc0: flags=0 mtu 1536
 pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1392
   dev: rl2 state: session
   sid: 0x2d27 PADI retries: 5 PADR retries: 0 time: 09:20:19
   sppp: phase network authproto pap
   groups: pppoe egress
   inet6 fe80::21e:58ff:fead:74d3%pppoe0 - prefixlen 64 scopeid 0x7
   inet 78.37.41.134 -- 78.36.32.1 netmask 0x
 pflog0: flags=141UP,RUNNING,PROMISC mtu 33204
   groups: pflog
 
 ser...@gate:~  cat /etc/pf.conf
 # comments were stripped :)
 cl_if=rl1
 adsl_if=pppoe0
 int_if=rl0
 wifi_if=ath0
 
 nets_priv = { 127.0.0.0/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 }
 
 set block-policy drop
 set loginterface $adsl_if
 
 # scrub in all
 
 nat on $cl_if from $int_if:network to 10.0.11.0/24 - ($cl_if)
 nat on $cl_if from $wifi_if:network to 10.0.11.0/24 - ($cl_if)
 nat on $adsl_if from $int_if:network to any - ($adsl_if)
 nat on $adsl_if from $wifi_if:network to any - ($adsl_if)
 
 ser...@gate:~  route show -inet
 Routing tables
 
 Internet:
 Destination Gateway Flags Refs Use Mtu Prio Iface
 default 0.0.0.1 UGS 5 169770 - 48 pppoe0
 10.0.1/24 core.drevlanka.ru UGS 0 5799 - 48 rl1
 10.0.10/24 core.drevlanka.ru UGS 0 4 - 48 rl1
 10.0.11/24 core.drevlanka.ru UGS 0 8951 - 48 rl1
 10.0.55/24 link#3 UC 1 0 - 48 rl1
 cerber.drevlanka.r localhost UGHS 0 0 33204 48 lo0
 core.drevlanka.ru 00:13:21:c6:15:c7 UHLc 4 230 - 48 rl1
 ip78-36-32-1.onego ip78-37-41-134.one UH 0 0 - 48 pppoe0
 loopback localhost UGRS 0 0 

Re: OpenBSD on home router - error requesting several URLs

[Zbigniew Sobczyński]

Hello,

I don't really know what is the solution - but I can give a few clues
- that might help.

First of all - why do you have so many network interfaces running at
the same time..? They complicate things unnecessarly.. You should
setup something like:
- 1 for WAN
- 1 for LAN (wired - connected to hardware switch)
- 1 for Air Communications (Wi-Fi)

The fact that mentioned URL's opens at your box (via links or
something similiar) means absolutely nothing..

And one more thing - you should setup your pf from scratch - with help
of google and guys over here..

--
Good Night,
macosxgeek
http://zapytaj-gugla.com.pl

WysEane z iPhone'a

W dniu 2009-01-04, o godz. 23:23, Sergey Khentov sergey.khen...@gmail.com
 napisaE(a):


Hello there,

I have a very little experience in OpenBSD and network configuration /
troubleshooting, so any advice / keyword to google / etc is welcome.

Description:

I have installed and configured OpenBSD 4.4-release to be used as a
gateway to Internet (via ADSL modem).

ser...@gate:~  uname -a

OpenBSD gate.home.net 4.4 GENERIC#1021 i386

At the moment most of configuration work has been done: I can browse
Internet from my home network. But some sites are not accessible:
when I
try to open an URL my browser thinks a lot of time (about 30 minutes -
after that I have stopped URL loading) and does not shows anything at
all! But when I try to open the same URL with lynx on OpenBSD - it
opens
without any errors / delays / etc. The one example of the web-site -
battle.net. The other example - youtube.com. I have tried to open
those
from Desktop PC with Windows XP and from Nokia N810, and the result is
the same, so I think it is OpenBSD-configuration error. Moreover,
traceroute from home network to e.g. battle.net reaches some Internet
servers. I have tried to search google and have asked this question on
one of *NIX-related forums and haven't get any solution of my problem.
Well, maybe you have any ideas?

Here comes OpenBSD configuration:

PC has 4 network cards: ath0 (this is also a wireless access-point),
rl0, rl1, rl2. rl0 is connected to home network, rl1 looks into local
area network (there are some common resources), rl2 is connected to
ADSL-modem (bridge mode).

ser...@gate:~  ifconfig
lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33204
 groups: lo
 inet 127.0.0.1 netmask 0xff00
 inet6 ::1 prefixlen 128
 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6

ath0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST
mtu
1500
 lladdr 00:1e:58:ad:74:d3
 groups: wlan
 media: IEEE802.11 autoselect hostap
 status: active
 ieee80211: nwid homenet chan 1 bssid 00:1e:58:ad:74:d3 nwkey not
displayed
 inet 192.168.2.254 netmask 0xff00 broadcast 192.168.2.255
 inet6 fe80::21e:58ff:fead:74d3%ath0 prefixlen 64 scopeid 0x1
rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lladdr 00:e0:4c:e9:c5:dc
 media: Ethernet autoselect (100baseTX full-duplex)
 status: active
 inet 192.168.1.254 netmask 0xff00 broadcast 192.168.1.255
 inet6 fe80::2e0:4cff:fee9:c5dc%rl0 prefixlen 64 scopeid 0x2
rl1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lladdr 00:11:6b:3f:16:02
 media: Ethernet autoselect (100baseTX full-duplex)
 status: active
 inet6 fe80::211:6bff:fe3f:1602%rl1 prefixlen 64 scopeid 0x3
 inet 10.0.55.43 netmask 0xff00 broadcast 10.0.55.255
rl2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1400
 lladdr 00:11:6b:96:70:48
 media: Ethernet autoselect (100baseTX full-duplex)
 status: active
 inet6 fe80::211:6bff:fe96:7048%rl2 prefixlen 64 scopeid 0x4
enc0: flags=0 mtu 1536
pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1392
 dev: rl2 state: session
 sid: 0x2d27 PADI retries: 5 PADR retries: 0 time: 09:20:19
 sppp: phase network authproto pap
 groups: pppoe egress
 inet6 fe80::21e:58ff:fead:74d3%pppoe0 - prefixlen 64 scopeid 0x7
 inet 78.37.41.134 -- 78.36.32.1 netmask 0x
pflog0: flags=141UP,RUNNING,PROMISC mtu 33204
 groups: pflog

ser...@gate:~  cat /etc/pf.conf
# comments were stripped :)
cl_if=rl1
adsl_if=pppoe0
int_if=rl0
wifi_if=ath0

nets_priv = { 127.0.0.0/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 }

set block-policy drop
set loginterface $adsl_if

# scrub in all

nat on $cl_if from $int_if:network to 10.0.11.0/24 - ($cl_if)
nat on $cl_if from $wifi_if:network to 10.0.11.0/24 - ($cl_if)
nat on $adsl_if from $int_if:network to any - ($adsl_if)
nat on $adsl_if from $wifi_if:network to any - ($adsl_if)

ser...@gate:~  route show -inet
Routing tables

Internet:
Destination Gateway Flags Refs Use Mtu Prio Iface
default 0.0.0.1 UGS 5 169770 - 48 pppoe0
10.0.1/24 core.drevlanka.ru UGS 0 5799 - 48 rl1
10.0.10/24 core.drevlanka.ru UGS 0 4 - 48 rl1
10.0.11/24 core.drevlanka.ru UGS 0 8951 - 48 rl1
10.0.55/24 link#3 UC 1 0 - 48 rl1
cerber.drevlanka.r localhost UGHS 0 0 33204 48 lo0
core.drevlanka.ru 00:13:21:c6:15:c7 UHLc 4 230 - 48 rl1
ip78-36-32-1.onego ip78-37-41-134.one UH 0 0 - 48 pppoe0
loopback localhost UGRS 0 0 33204 48 lo0

Re: OpenBSD on home router - error requesting several URLs

[Sergey Khentov]

Hello,

2009/1/5 Jorge Valbuena jorg...@gmx.net:
 1. Why so many NAT rules ?

LAN accessable from rl1 has some common web servers that must be
accessed only from its internal network. Those servers has IPs
10.0.11.0/24. I can connect only one device to that internal network,
so I can obtain only one IP address. This is some kind of a network
policy of that LAN - to use NAT. These are 2 rules (to NAT both home
interfaces: rl0  ath0). 2 other NAT rules are for Internet.

 2. Your BSD Server only for home router and firewall device ?

At the moment - yes. Later I'll install squid, samba, configure FTP 
install some torrent client.

 3. You should read OpenBSD FAQ and PF FAQ

already done :) forgot to say so.

 4. type  man afterboot,  from the command line.

the same :)


 BSD FAQ:

 http://www.openbsd.org/faq/index.html

 PF FAQ:
 http://www.openbsd.org/faq/pf/index.html

 After reading this, you should have a clear vision of your configuration.

Well, at the moment the configuration is quite clear to me, remember,
I have configured network by myself :) But I have never configured
network on OpenBSD (and on any router at all), and have never tried to
troubleshoot any network errors.

-- 
BR,
Sergey Khentov

Re: OpenBSD on home router - error requesting several URLs

[Daniel Melameth]

On Sun, Jan 4, 2009 at 3:23 PM, Sergey Khentov sergey.khen...@gmail.com wrote:
 I have a very little experience in OpenBSD and network configuration /
 troubleshooting, so any advice / keyword to google / etc is welcome.

 Description:

 I have installed and configured OpenBSD 4.4-release to be used as a
 gateway to Internet (via ADSL modem).

 At the moment most of configuration work has been done: I can browse
 Internet from my home network. But some sites are not accessible: when I
 try to open an URL my browser thinks a lot of time (about 30 minutes -
 after that I have stopped URL loading) and does not shows anything at
 all! But when I try to open the same URL with lynx on OpenBSD - it opens
 without any errors / delays / etc. The one example of the web-site -
 battle.net. The other example - youtube.com. I have tried to open those
 from Desktop PC with Windows XP and from Nokia N810, and the result is
 the same, so I think it is OpenBSD-configuration error. Moreover,
 traceroute from home network to e.g. battle.net reaches some Internet
 servers. I have tried to search google and have asked this question on
 one of *NIX-related forums and haven't get any solution of my problem.
 Well, maybe you have any ideas?

 Here comes OpenBSD configuration:

 PC has 4 network cards: ath0 (this is also a wireless access-point),
 rl0, rl1, rl2. rl0 is connected to home network, rl1 looks into local
 area network (there are some common resources), rl2 is connected to
 ADSL-modem (bridge mode).

 ser...@gate:~  ifconfig

 pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1392
  dev: rl2 state: session
  sid: 0x2d27 PADI retries: 5 PADR retries: 0 time: 09:20:19
  sppp: phase network authproto pap
  groups: pppoe egress
  inet6 fe80::21e:58ff:fead:74d3%pppoe0 - prefixlen 64 scopeid 0x7
  inet 78.37.41.134 -- 78.36.32.1 netmask 0x

 ser...@gate:~  cat /etc/pf.conf
 # comments were stripped :)
 cl_if=rl1
 adsl_if=pppoe0
 int_if=rl0
 wifi_if=ath0

 nets_priv = { 127.0.0.0/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 }

 set block-policy drop
 set loginterface $adsl_if

 # scrub in all

 nat on $cl_if from $int_if:network to 10.0.11.0/24 - ($cl_if)
 nat on $cl_if from $wifi_if:network to 10.0.11.0/24 - ($cl_if)
 nat on $adsl_if from $int_if:network to any - ($adsl_if)
 nat on $adsl_if from $wifi_if:network to any - ($adsl_if)

Welcome to the world of DSL, PPPoE and smaller MTU values.  Man 4
pppoe will give you the details, but you need to add the following
line to your rules:

scrub out on $adsl_if all max-mss 1352

Cheers.

Re: OpenBSD on home router - error requesting several URLs

[FRLinux]

On Sun, Jan 4, 2009 at 11:29 PM, Daniel Melameth dan...@melameth.com wrote:
 scrub out on $adsl_if all max-mss 1352

Hello,

What I ever had to use here was : scrub out on pppoe0 max-mss 1440

So, why that value of 1352 instead? I understand that in that game,
one has to fine tune that value to get it right, but my question would
be why so low?

Cheers,
Steph

Re: OpenBSD on home router - error requesting several URLs

[Daniel Melameth]

On Sun, Jan 4, 2009 at 5:00 PM, FRLinux frli...@gmail.com wrote:
 On Sun, Jan 4, 2009 at 11:29 PM, Daniel Melameth dan...@melameth.com wrote:
 scrub out on $adsl_if all max-mss 1352
 What I ever had to use here was : scrub out on pppoe0 max-mss 1440

 So, why that value of 1352 instead? I understand that in that game,
 one has to fine tune that value to get it right, but my question would
 be why so low?

I listed that value because the MTU output from ifconfig from his
pppoe interface is 1392.

Re: Testing in a virtual environment

[Dieter]

 I have two build vms running on my home kvm server, one to compile and
 create releases for amd64 and one for x86.

Wouldn't a chroot tree be sufficient for this?

Re: Wine on OpenBSD

[Leonardo Rodrigues]

 On Sun, Dec 28, 2008 at 02:28:58PM -0600, Austin English wrote:

 I've gotten around some of the issues, but am looking for the 'right'
 way to do so, rather than hacks.

Check the ports/misc archives. There was an effort on porting wine,
but it did not get very far. If I remember correctly, there was some
issues with process signal handling or whatever.

Re: Intel D945GCLF2

[Anathae Townsend]

msi has one,
http://global.msi.com.tw/index.php?func=proddescmaincat_no=388cat2_no=599;
cat3_no=601prod_no=1614#

 -Original Message-
 From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf
 Of Nenhum_de_Nos
 Sent: Friday, January 02, 2009 7:20 PM
 To: misc@openbsd.org
 Subject: Re: Intel D945GCLF2
 
 On Fri, January 2, 2009 17:40, Chris Cohen wrote:
  Has anyone installed openbsd on the Atom board D945GCLF2? If so
 could
  you post a dmesg and does it run stable?
 
  --
  Thanks
  Chris
 
 has anyone seen any atom dual core with two lan ?
 
 I'd like a pf router that would be low energy :)
 
 Alix is openbsd friend right ? ( 2d3 in this case )
 I did like alix but a mini itx with regular vga is better for me :)
 
 thanks,
 
 matheus
 
 
 --
 We will call you cygnus,
 The God of balance you shall be

Re: Testing in a virtual environment

[David Gwynne]

On 04/01/2009, at 11:29 AM, Rolf Sommerhalder wrote:


OpenBSD i386-current works fine in VirtualIron
http://www.virtualiron.com/, which is an attractive Xen-based
alternative to VMware ESX.

I have not tried to run amd64 as a guest in VirtualIron yet. Nor  
have I
checked if VItools have been ported to OpenBSD since I last looked  
into

its source one year ago.


there is the beginnings of a kernel driver called vmt(4) that could  
(or should in my opinion) replace the VItools. if kernel hacking is  
something anyone wants to get into, this would be a great place to  
start.


dlg

Re: Testing in a virtual environment

[Anathae Townsend]

I have openbsd running under both of microsoft's virtual systems, virtual pc
and virtual server. The advantage of virtual server is the process runs as a
service, not as a user program and is available whenever the machine is up.

BSDday 2009 - Call For Charlas

[HDC]

Hola lista, les envmo el Call For Charlas para un evento que estamos
armando. Esto evento es sobre sistemas *BSD.
En breve vamos a tener disponible el site con toda la info del evento.
Les agradecerma que nos den una mano con la difusisn.

Saludos y feliz comienzo de aqo,
Hernan

*

 Call For ``Charlas44 (CFCh) =

BSDday Argentina 2009 - http://www.bsdday.com.ar/


Capital Federal - 29 y 30 de Mayo (fechas a confirmar)

* OpenBSDeros - Grupo de Usuarios de OpenBSD y
* BUG-DC-UBA-AR- BSD User Group del Departamento de Computacisn de la
Facultad de Ciencias Exactas y Naturales de la Universidad de Buenos
Aires,
llaman a la participacisn a la comunidad de software libre, usuarios,
administradores y desarrolladores de sistemas *BSD al BSDday 2009.

La tematica del evento es sobre sistemas operativo, software,
licencias e filosofma BSD y temas relacionados.

El autor de cada charla seleccionada podra participar presencialmente,
como orador en el evento. En los casos en que la charla sea realizada
por varios autores, se permitira un maximo de 3 oradores.

Aclaracisn: Por cuestiones presupuestarias, sslo podra abonar algunos
de los pasajes, total o parcialmente, a los autores seleccionados que
residan fuera de Capital Federal o Gran Buenos Aires (Argentina).

Agradecemos la contribucisn de todos en la difusisn de este llamado y
del evento en si, reenviando este correo electrsnico.

Si bien todavma no se encuentra confirmado los dmas, horarios y lugar
en donde se llevara a cabo el BSDday, se anunciara en breve.


= Dsnde enviar las Charlas =

Las charlas tienen que ser enviadas en un correo electrsnico en texto
plano y ser adjuntadas (en algzn formato libre) a la siguiente
direccisn de correo electrsnico cfch[en]bsdday.com.ar. Las charlas van
a ser recibidas hasta el 29 de Abril inclusive.


= Csmo enviar las Charlas =

El envmo de la propuesta de charla debe tener los siguientes datos:

* Tmtulo:
* Autor(es): Nombre y apellido, breve descripcisn de cada uno, foto,
lugar de residencia, asociacisn, BUG, organismo, o empresa a la que
pertenece, si corresponde.
* Tipo : Puede ser Charla tradicional o Taller (Con PC)
* Tiempo estimado de duracisn: Las charlas generalmente son de 45' y
los talleres tiene una duracisn de 1:45. En caso de que sea mayor o
menor el tiempo requerido solicitamos su justificacisn.
* Breve descripcisn de la charla: Uno o dos parrafo(s) que explique
-no tan brevemente- el contenido de la presentacisn.
* Nivel objetivo de la charla: Clasificar dentro de: newbie
(nuevo)/intermedio/avanzado/experto).
* Tipo de publico: Pzblico en general, promotores de SL, alumnos de
escuelas medias, alumnos de educacisn superior, docentes de escuelas
medias, docentes en general, capacitadores.
* Conocimientos previos: Especificar que conocimientos previos deberan
tener los asistentes.
* Tematica: programacisn, multimedia, comunicaciones, estacisn de
trabajo, servicios de red, interoperabilidad, educacisn, kernel,
sociedad, etc.
* Telifono del/los autor/es: Para poder comunicarnos.
* Residencia del/los autor/es.


= Qui formato deben tener las Presentaciones =

El envmo de las diapositivas y/o presentaciones debe tener alguno de
los siguientes formatos:

* Openoffice.org presentation
* HTML standard
* Postscript
* PDF
* Texto plano
* LaTex


= Licencia =

Debe especificarse una licencia que permita que los organizadores del
evento distribuyan el material y que permita ser descargado del sitio
web del BSDday.

Si no sabe cual especificar puede seleccionar entre GFDL o cc-by-sa 2.5 es.


*

--
# /dev/hdc
- OpenBSDeros.org
hdc [at] openbsderos [dot] org