Project Management seminars in Beirut-Lebanon
LIST OF OUR SERVICES: Dear Sir/Madam, Our company Construction Management Consultant is organizing the following Project Management seminars in Beirut-Lebanon: Upcoming Seminars in Lebanon Description Start Date End Date May, 2010 Project Feasibility Study11/5/201013/5/2010 Professional Project Management (PMP certification preparation) 18/5/201020/5/2010 Project Maintenance Management Systems25/5/201027/5/2010 June, 2010 Site Construction Management1/6/20103/6/2010 Risk Management8/6/201010/6/2010 Professional Quality control Program15/6/201017/6/2010 Professional Design Management Review22/6/201024/6/2010 Management of Design Build Contracts29/6/20101/7/2010 July, 2010 Project Communication Management6/7/20108/7/2010 Design Protection with Fire Code NFPA Implementation13/7/201015/7/2010 Water and Energy Management20/7/201022/7/2010 Total Quality Management for Engineering27/7/201029/7/2010 August, 2010 Senior Quantity Surveying Techniques3/8/20105/8/2010 Real Estate Investment, Development, Purchasing Contract Leasing Analysis10/8/201012/8/2010 Professional management of Projects Planning Primavera (6) App17/8/201019/8/2010 FIDIC Conditions of Contract Claims Management 24/8/201026/8/2010 Professional Procurement Management 31/8/20102/9/2010 September, 2010 Project Estimation Cost Control Access Applications7/9/20109/9/2010 Construction Contracts Contracting Management14/9/201016/9/2010 Value Engineering Analysis and Reports Presentation21/9/201023/9/2010 Project Manager Skills28/9/201030/9/2010 October, 2010 Essentials of Occupational Safety and Health Program5/10/20107/10/2010 Extension of Time Claims Disputes Resolution12/10/201014/10/2010 Terms of Registration Other Conditions For registration please contact us to send you application form to be filled, signed and send back (Fax or mail) including payment terms. Deadline for registration is a week in advance. If you are not interested receiving further Newsletters click here to remove Beirut Head Office: Tell: 00961-1-736171 Tel/Fax: 00961-1-744049Cell: 00961-3-644526 Jeddah Branch Office: Tel/Fax: 00966 2 6752644Mobile: 00966-560055588 E-mail: i...@cmcco.com Webpage: www.cmcco.com Project Management Consultation Procedures Development Consultation Quality Management Consultation Risk Management Consultation Design Management Consultation Value Engineering Consultation Environmental Management Consultation TrainingServices
Re: Relayd on localhost with multiple SSL Certificates
On Wed, May 12, 2010 04:46, Daniel Ouellet wrote: On 5/11/10 8:05 PM, Keith wrote: Hi. is it possible to get multiple http relayd relays listening on localhost each with a different port # and each with a different ssl certificate ? SSL certificate are host name bound, not port bound isn't it? So, I would say no, but I could be wrong. Well that would actually be the reason it could work. Multiple dns names mapped to the same ip address and configured on separate ports and a given certificate (virtual host) bound to a given port. But whether this will work with relayd i dont know, but i believe it would work fine with apache. /jtm
Re: OpenBSD does not detect connection ( no carrier ) to ASMI52 Leased Line modem
On 2010-05-12, Siju George sgeorge...@gmail.com wrote: On Tue, May 11, 2010 at 3:21 PM, Stuart Henderson s...@spacehopper.org wrote: Did you 'ifconfig iface up'? Some NICs show link before this is done, others do not. Ok :-) # ifconfig rl2 up # ifconfig rl2 rl2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:0b:5d:4c:5b:30 priority: 0 media: Ethernet autoselect (none) status: no carrier inet6 fe80::2e0:4dff:fe06:2b68%rl2 prefixlen 64 scopeid 0x3 inet 132.181.20.26 netmask 0xfffc broadcast 132.181.20.27 does not seem to work :-( Thanks for the reply Stuart :-) --Siju Are you able to try any different types of NIC? (either a newer realtek card using the re(4) driver, or something like fxp, de, sk, bge, em). Alternatively, connecting the modem via a switch might work.
Re: Serious problems with current since end of april, related to scsi controllers (Adaptec/LSILogic)
On Tue, May 11, 2010 at 5:30 PM, Ulrich Kahl ulrich.k...@cityweb.de wrote: Hi! Since end of april, sorry I don't have a more precise date, one of my systems has serious problems. It can't boot sucessfully with a Adaptec controller anymore, the first sign is that it can't find one library, e.g. libc or libz, and later the hard disks transfer rate can't established and the system freezes. See the first dmesg. After switching the controller to a LSILogic one, the system boots correctly, but (presumly) under higher disk io load the system panics, syncing my local cvs repository with cvsync in this case. See second dmesg and trace output. Does someone else encounter similar problems? With the LSILogic using mpi(4), be sure to really run current, r 1.143 of dev/ic/mpi.c was causing this problem and has been backed out some days ago. No idea for the adapted problem though. Landry
Re: Relayd on localhost with multiple SSL Certificates
I've been following the tutorials from https://https://calomel.org I am using a modified version of their pf.conf that can be found at https://calomel.org/pf_config.html and the relayd tutorial that can be found at https://calomel.org/relayd.html The following is an extract from their pf tutorial page As an added layer of security all services will be running on localhost and only those clients negotiating the redirect rules (rdr) will be able to connect. The ideology is if the firewall is off or disabled in some way then the services on the firewall are not available to anyone. Were doing the above and have relayd listening in 127.0.0.1 port 8080 and have pf rdr rules redirecting https traffic to 127.0.0.1:8080 and the certificate that the https relay is using is called 127.0.0.1.crt This works fine but what if we want to host another ssl certificate ? I can add another IP address to the firewall and put a rdr rules in to pf and can put another relay in to relayd.conf but what name does the certificate get now ? This is where I am stuck.. Keith On 12/05/2010 01:05, Keith wrote: Hi. is it possible to get multiple http relayd relays listening on localhost each with a different port # and each with a different ssl certificate ? I've followed a tutorial I found on the net about setting up a firewall up so that no services we bound to any network interfaces and then using pf rdr's to pass say https traffic to localhost where you have relayd listening and let it do the ssl decryption. So if pf failed for some reason then there would be no services available for anyone to connect to ! I've got this setup working for http and a single https certificate just now and it seems to be working fine but I need to be able to host multiple SSL Certificates. If seems that the certificate appears to need to be named after the IP that it's listening on and this is going to cause issues as there's only one 127.0.0.1 I think. Our current setup consists of a pair of firewalls running openbsd, carp, pf and relayd. Currently the carp interface has just one IP but we will assign others to as we free up the other IP addresses in our range. I guess it's not the best idea to do the ssl offloading on the firewall so in the future when another server becomes available I will probably want it to do the SSL decryption. I guess if we do that we could just get the new server a number of IP addresses and let relayd listed on each of them with the SSL certs named after each IP. (If that makes sense) Could anyone give me some advice plz ? Thanks Keith
Re: pf change in upgrade47.html
On Mon, 10 May 2010 15:23:45 +0059, Jason McIntyre wrote: On Mon, May 10, 2010 at 03:08:19PM +1000, Rod Whitworth wrote: Then come back and tell me why ALL the examples start with match ? (i.e. NAT in man pf.conf for 4.7) maybe the idea was that it's simpler to write pass/block rules for your traffic, then just match the nat stuff. i don;t know. And neither does anyone else who hangs out here, it seems. jmc said that we don't need a collection of pf.conf examples. Maybe not, but in the past there was a skeleton that worked if you uncommented the features you needed and did some minor editing in the macros. that is not quite correct (i hope). i meant that the stuff that was previously in /usr/share/examples was useless, so it was removed. there are other, better places, like the faq. Guess why Nick was in the address list? No sign that he knows any more than I do. He's trying to find out what is the best way to make NAT work too, I suppose. Have a look at 4.7's default. Not a mention of NAT anywhere. The commonest function required by a raw beginner doesn't show up but all the spamd and ftp-proxy stuff does (and that's fine), but no NAT. Crazy! the best way to change something you don;t agree with is to submit a diff. It's awfully hard to write a diff when the info one needs to do it correctly is not forthcoming. I guess that nobody who writes the existing hints (man page etc) is short of global IPs.. :{(( *** NOTE *** Please DO NOT CC me. I am subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
Re: Relayd on localhost with multiple SSL Certificates
On 05/12/10 04:53, Keith wrote: Were doing the above and have relayd listening in 127.0.0.1 port 8080 and have pf rdr rules redirecting https traffic to 127.0.0.1:8080 and the certificate that the https relay is using is called 127.0.0.1.crt This works fine but what if we want to host another ssl certificate ? I can add another IP address to the firewall and put a rdr rules in to pf and can put another relay in to relayd.conf but what name does the certificate get now ? This is where I am stuck.. I think you might be looking for something like this: [ fw0:/etc ] # cat hostname.lo0 inet alias 127.0.0.10 255.255.255.0 inet alias 127.0.0.11 255.255.255.0 inet alias 127.0.0.12 255.255.255.0 inet alias 127.0.0.13 255.255.255.0 inet alias 127.0.0.14 255.255.255.0 [ fw0:/etc ] # ls -l /etc/ssl/127* -rw-r--r-- 1 root wheel 928 Mar 8 03:12 /etc/ssl/127.0.0.10.crt -rw-r--r-- 1 root wheel 940 Mar 8 03:12 /etc/ssl/127.0.0.11.crt -rw-r--r-- 1 root wheel 940 Mar 8 03:12 /etc/ssl/127.0.0.12.crt -rw-r--r-- 1 root wheel 936 Mar 8 03:12 /etc/ssl/127.0.0.13.crt -rw-r--r-- 1 root wheel 936 Mar 8 03:12 /etc/ssl/127.0.0.14.crt Tweak to your needs, of course. -- - RSM www.erratic.ca
Individuals/Organisation Required for Business Partnership
Techen Ind. Co. Ltd.and is a New and Smale Scale Company With Intent in Business Partnership for our North American office We Seek Individuals/Organization to Offer Offshore Logistics/Financial Accounting North American Agent will Receive and Process funds on our Behalf Through T/T Wire,Swift Bank Transfers,International Bankers Checks from Our Clients Please do forward To my Email Contacts Names and Phone No. for a Quicker response and More discussions. Xi ling (0perations Manager) Techen Ind Co, China, 3 Sec.2 Chung-Cheng E. Rd. R.O.C
Multiple dhclients and next hops towards a single ISP, yet a single dhcp-server-identifier
Hi all, I have an OpenBSD machine as a router/firewall. It has 4 ethernet interfaces: re0, em0, em1 and em2. All emX -interfaces are connected to the same ADSL box, re0 connects to my home network switch. My subscription allows me to have 5 public IP addresses, so this way I can fetch 3 of them. 2 of the IPs are binat'ed to two different hosts in my home network, and the third one is a regular nat for the rest of the nodes. Once I got it up and running (with some minor patches to dhclient-script and rc), I faced a new problem with dhclient for which I can't find information from man pages or Google. Before getting to source code I decided to spam you. All interfaces em0, em1 and em2 get a different next hop. I use mpath routing with three default routes, one to each interface. The problem seems to be that the next hop on one of the interfaces (em1) is also used as the dhcp-server-identifier by my ISP for all the three leases (em0, em1, em2). Therefore, also the dhclients on em0 and em2 try to send DHCP renews to that address. But it seems to get routed to em1: May 12 11:25:08 fw dhclient[1864]: DHCPREQUEST on em2 to 88.192.128.1 port 67 May 12 11:25:08 fw dhclient[1864]: send_packet: No route to host May 12 11:25:20 fw dhclient[13007]: DHCPREQUEST on em1 to 88.192.128.1 port 67 May 12 11:25:20 fw dhclient[13007]: DHCPACK from 88.192.128.1 (00:0b:45:b6:ef:c0) May 12 11:25:20 fw dhclient[13007]: bound to 88.192.133.155 -- renewal in 5180 seconds. I wonder why dhclient looks up the routing table instead of preferring the interface its sitting on. Can this be somehow changed (without patching code)? I know this DHCP server is reachable via any of the three interfaces. Maybe I could manually (i.e. in dhclient-script) add mpath routes to this DHCP server's address for each interface? BR, Teemu Rinta-aho
mount problem with recent (apr 27) sparc64 snapshot
Hello, after upgrading to the latest snapshot for sparc64 from april 27th I'm no longer able to mount /dev/wd0i, /dev/wd0j and /dev/wd0k. I get: mount_ffs: /dev/wd0j on /var/www: Device not configured Does anyone have any hint what is going wrong here? Was the some additional restriction introduced lately on the number of partitions (8 instead of 16)? Regards, Markus
Re: pf change in upgrade47.html
On Wed, 12 May 2010 19:35:14 +1000 Rod Whitworth glis...@witworx.com wrote: On Mon, 10 May 2010 15:23:45 +0059, Jason McIntyre wrote: On Mon, May 10, 2010 at 03:08:19PM +1000, Rod Whitworth wrote: Then come back and tell me why ALL the examples start with match ? (i.e. NAT in man pf.conf for 4.7) maybe the idea was that it's simpler to write pass/block rules for your traffic, then just match the nat stuff. i don;t know. And neither does anyone else who hangs out here, it seems. ? http://www.openbsd.org/faq/current.html#20090901 http://marc.info/?l=openbsd-miscm=125181847818600w=2
Re: pf change in upgrade47.html
On Wed, 12 May 2010 13:05:15 +0200, Robert wrote: On Wed, 12 May 2010 19:35:14 +1000 Rod Whitworth glis...@witworx.com wrote: On Mon, 10 May 2010 15:23:45 +0059, Jason McIntyre wrote: On Mon, May 10, 2010 at 03:08:19PM +1000, Rod Whitworth wrote: Then come back and tell me why ALL the examples start with match ? (i.e. NAT in man pf.conf for 4.7) maybe the idea was that it's simpler to write pass/block rules for your traffic, then just match the nat stuff. i don;t know. And neither does anyone else who hangs out here, it seems. ? http://www.openbsd.org/faq/current.html#20090901 http://marc.info/?l=openbsd-miscm=125181847818600w=2 Have you actually written and tested a ruleset using either of those documents? If so please show us. Particularly seeing I referenced both of those in my original post as not being helpful and I've been trying to get somebody - anybody - to write a minimal NAT ruleset and show me. *** NOTE *** Please DO NOT CC me. I am subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
[SOLVED] mount problem with recent (apr 27) sparc64 snapshot
On Wed, May 12, 2010 at 11:55:10AM +0200, Markus Lude wrote: Hello, after upgrading to the latest snapshot for sparc64 from april 27th I'm no longer able to mount /dev/wd0i, /dev/wd0j and /dev/wd0k. I get: mount_ffs: /dev/wd0j on /var/www: Device not configured Does anyone have any hint what is going wrong here? Was the some additional restriction introduced lately on the number of partitions (8 instead of 16)? I re-added the missing disklabel entries. All looks good again now. Regards, Markus
Interlang Your translation Votre traduction
Hello my name is Emma ! (independent translator) Do you sometimes need a professional translation from English to French ? I will be happy to do it for you ! Do not hesitate to contact me for more information. I look forward to collaborating with you. Bonjour je m'appelle Emma ! (traductrice indipendante) Avez vous besoin de traductions professionnelles de l'anglais vers le frangais ? Je serais heureuse de m'en charger ! N'hisitez pas ` m'icrire pour plus d'information. Cordialement. Emma
Re: nested vlans: safe to use?
something like this: http://www.openbsd.org/papers/asiabsdcon2010_vether/index.html especially page 6/7... /Pete On 11. mai 2010, at 13.45, Toni Mueller wrote: Hi, I've been trying to figure out whether I can use OpenBSD in a nested vlan scenario. I'm looking at a data centre where I want to get two wires, each carrying several vlans, and funneling them home across a WAN link. Various switch vendors claim to be able to do it, but I couldn't really figure out what the current state of affairs wrt. OpenBSD is. On the other side of the wires or fibres, I'll be talking to Junipers, Ciscos (6509), and/or Foundy switches and/or routers on the other side(s). The desired setup looks like this: data centre LAN --- switch --- WAN --- home (OpenBSD) I want to run at least three vlans across the WAN link, and need to keep the vlans strictly separated. I also need to do traffic shaping on a per-vlan basis. :/ TIA! Kind regards, --Toni++
Re: pf change in upgrade47.html
On 12/05/2010, at 9:28 PM, Rod Whitworth wrote: Particularly seeing I referenced both of those in my original post as not being helpful and I've been trying to get somebody - anybody - to write a minimal NAT ruleset and show me. i use the following on my router at home: pass block log on $if_external anchor ftp-proxy/* pass in on $if_external proto tcp from $host_jp to ($if_external) port smtp rdr-to $host_apathy port smtp pass in on $if_external proto tcp to ($if_external) port { https ssh } rdr-to $host_apathy port ssh pass in on $if_external proto tcp to ($if_external) port imaps rdr-to $host_apathy port imaps pass in on $if_external inet proto icmp to ($if_external:0) icmp-type echoreq pass in on $if_external inet proto { tcp udp } to ($if_external:0) port domain keep state (max 128) pass in on $if_external inet proto udp from port isakmp to ($if_external:0) port isakmp pass in on $if_external inet proto esp to ($if_external:0) pass out on $if_external from ($if_external:0) match out on $if_external inet from { $if_wired:network $if_wireless:network } nat-to ($if_external:0) pass out quick on $if_external inet proto tcp to port { 80 443 } scrub (max-mss 1280) pass out on $if_external pass on internal pass in quick on internal proto tcp to port ftp rdr-to 127.0.0.1 port 8021
Re: pf change in upgrade47.html
On 2010 May 12 (Wed) at 21:28:03 +1000 (+1000), Rod Whitworth wrote: :Particularly seeing I referenced both of those in my original post as :not being helpful and I've been trying to get somebody - anybody - to :write a minimal NAT ruleset and show me. The ruleset I use on my laptop (which sometimes provides network for experimental boxes), is simply thus: pass# to establish keep-state # By default, do not permit remote connections to X11 block in on ! lo0 proto tcp to port 6000:6010 match out log on egress from !(egress) to any nat-to (egress:0) -- One is not superior merely because one sees the world as odious. -- Chateaubriand (1768-1848)
Re: pf change in upgrade47.html
On Wed, 12 May 2010 21:28:03 +1000 Rod Whitworth glis...@witworx.com wrote: On Wed, 12 May 2010 13:05:15 +0200, Robert wrote: http://www.openbsd.org/faq/current.html#20090901 http://marc.info/?l=openbsd-miscm=125181847818600w=2 Have you actually written and tested a ruleset using either of those documents? If so please show us. (oh, you didn't sent this only to me offlist, once more for the ml) I am sending this through an OpenBSD firewall with match nat... Yes, i changed the old syntax prompted by the commit and the following -current faq. Particularly seeing I referenced both of those in my original post as not being helpful and I've been trying to get somebody - anybody - to write a minimal NAT ruleset and show me. I didn't read up on the whole thread. Only wondered what is so hard about changing the nat line to the new syntax. Here would be a condensed version of what i am actually running in my adsl gateway. (striped and generalised) IF_EXT = pppoe0 IF_INT = sk0 antispoof for $IF_EXT inet set skip on lo0 match in all scrub (no-df) match out on $IF_EXT all scrub (no-df random-id max-mss 1440) match out on $IF_EXT inet from any to ! $IF_INT:network nat-to ($IF_EXT) block log all block quick inet6 all pass in on $IF_INT pass out on $IF_EXT Not minimal and generic enough to make into a default cfg, but simple with some nice to have stuff left.
[patch] Re: fdisk and bootable flag
On Tue, 11 May 2010 22:14:26 +0200 Thomas Pfaff tpf...@tp76.info wrote: On Tue, 11 May 2010 12:34:28 -0700 (PDT) stupidmail4me stupidmail...@yahoo.com wrote: Anyone know how to edit the default MBR record so fdisk -iy creates one partition with no bootable flag, or how to unset the bootable flag? I think the following should do it: fdisk: 1 flag partition 0 I suppose the man page should mention that this operation can take on a second operand. diff if this should be mentioned. It was in fact mentioned in the man page but the text was commented out. Not sure why. Index: fdisk.8 === RCS file: /cvs/src/sbin/fdisk/fdisk.8,v retrieving revision 1.69 diff -u -p -r1.69 fdisk.8 --- fdisk.8 27 Mar 2010 13:56:49 - 1.69 +++ fdisk.8 12 May 2010 13:15:04 - @@ -303,14 +303,14 @@ may be appended to indicate bytes, kilob The special size value .Sq * will cause the partition to be sized to use the remainder of the disk. -.It Cm flag Ar # +.It Cm flag Ar # Op Ar value Make the given MBR partition table entry bootable. Only one entry can be marked bootable. .\ If you wish to boot from an extended .\ MBR partition, you will need to mark the MBR partition table entry for the .\ extended MBR partition as bootable. -.\ If an optional value is given, the MBR partition is marked with the given -.\ value, and other MBR partitions are not touched. +If an optional value is given, the MBR partition is marked with the given +value, and other MBR partitions are not touched. .It Cm update Update the machine MBR bootcode and 0xAA55 signature in the memory copy of the currently selected boot block.
Cannot reboot an Alix.1D board
Hi I cannot get an Alix.1D board (http://www.pcengines.ch/alix1d.htm) rebooting cleanly with OpenBSD 4.6 and -current. After installing and booting into OpenBSD on a 4GB CF Card (Sandisk Extreme III), I can issue the command reboot, and the operating system restarts, I can see the BIOS messages up to the point where the BIOS displays: Detecting IDE Drives... After hanging here 60 seconds, it goes further and displays the name of the CF card as Primary master, and hangs a little while again. After this, it tries to boot the network card as if the CF card was not bootable. If I turn the power off and on again, I can boot off the CF card without problem. I have tried several things, that did not change anything to the problem: - install two more recent Alix BIOSes from 8/27/08 and the latest Beta - install OpenBSD -current instead of 4.6 - use another CF card (same manufacturer, but speed only half) It has been suggested on the Alix forum that the method used by OpenBSD to reboot the board (whatever it is) might cause the problem, and that known working ways of rebooting the board could be found at that location: http://www.pcengines.ch/file/alixllc.zip It seems to me that the OpenBSD reboot code involved is in /usr/src/sys/arch/i386/i386/machdep.c in the function cpu_reset(). Unfortunately I am not knowledgeable enough to fully understand what OpenBSD exactly does here to reboot the board, and even less to compare it to the examples given by the manufacturer. Any suggestions? Thank you! Pierre dmesg: OpenBSD 4.7-current (GENERIC) #642: Wed Apr 28 11:46:47 MDT 2010 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Geode(TM) Integrated Processor by AMD PCS (AuthenticAMD 586-class) 333 MHz cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX real mem = 259350528 (247MB) avail mem = 242053120 (230MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 01/16/09, BIOS32 rev. 0 @ 0xfa960 apm0 at bios0: Power Management spec V1.2 (slowidle) apm0: AC on, battery charge unknown pcibios0 at bios0: rev 2.1 @ 0xf/0xdfb4 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf40/112 (5 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 5 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 5 10 11 pcibios0: no compatible PCI ICU found pcibios0: Warning, unable to fix up PCI interrupt routing pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0xa800 0xef000/0x1000! cpu0 at mainbus0: (uniprocessor) amdmsr0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 1 function 0 AMD Geode LX rev 0x31 vga1 at pci0 dev 1 function 1 AMD Geode LX Video rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) glxsb0 at pci0 dev 1 function 2 AMD Geode LX Crypto rev 0x00: RNG AES vr0 at pci0 dev 13 function 0 VIA VT6105M RhineIII rev 0x96: irq 11, address 00:0d:b9:0d:69:08 ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 glxpcib0 at pci0 dev 15 function 0 AMD CS5536 ISA rev 0x03: rev 3, 32-bit 3579545Hz timer, watchdog, gpio gpio0 at glxpcib0: 32 pins pciide0 at pci0 dev 15 function 2 AMD CS5536 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: SanDisk SDCFX3-004G wd0: 4-sector PIO, LBA, 3919MB, 8027712 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 ignored (disabled) auglx0 at pci0 dev 15 function 3 AMD CS5536 Audio rev 0x01: irq 11, CS5536 AC97 ac97: codec id 0x414c4770 (Avance Logic ALC203 rev 0) ac97: codec features headphone, 20 bit DAC, 18 bit ADC, No 3D Stereo audio0 at auglx0 ohci0 at pci0 dev 15 function 4 AMD CS5536 USB rev 0x02: irq 5, version 1.0, legacy support ehci0 at pci0 dev 15 function 5 AMD CS5536 USB rev 0x02: irq 5 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 AMD EHCI root hub rev 2.00/1.00 addr 1 isa0 at glxpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 wbsio0 at isa0 port 0x2e/2: W83627HF rev 0x41 lm1 at wbsio0 port 0x290/8: W83627HF npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 usb1 at ohci0: USB revision 1.0 uhub1 at usb1 AMD OHCI root hub rev 1.00/1.00 addr 1 biomask f7e5 netmask ffe5 ttymask mtrr: K6-family MTRR support (2 registers) vscsi0 at root scsibus0 at vscsi0: 256 targets softraid0 at root root on wd0a swap on wd0b dump on wd0b -- ~ Pierre Berthier Institute of Neuroinformatics University of Zurich and ETH Zurich Winterthurerstrasse 190, CH-8057 Zurich, Switzerland [demime 1.01d removed an attachment of type
Re: pf change in upgrade47.html
On Wed, 12 May 2010 21:28:03 +1000 Rod Whitworth glis...@witworx.com wrote: Have you actually written and tested a ruleset using either of those documents? If so please show us. Particularly seeing I referenced both of those in my original post as not being helpful and I've been trying to get somebody - anybody - to write a minimal NAT ruleset and show me. Creating a minimal rule set for a firewall doing NAT is very simple; basically, it's a one-liner 'match' rule, but with 4.7-RELEASE/STABLE you should be more verbose if you're using ppp(8) and possibly pppd(8), and create the typical interface-based rules. - # $OpenBSD: pf.conf,v 1.49 2009/09/17 06:39:03 jmc Exp $ # # See pf.conf(5) for syntax and examples. # Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1 # in /etc/sysctl.conf if packets are to be forwarded between interfaces. ext_if = tun0 int_if = xl0 set skip on lo # set block-policy drop # default block block in log all # block log quick inet6 # filter rules and anchor for ftp-proxy(8) # anchor ftp-proxy/* # pass in log on $int_if proto tcp to port ftp rdr-to 127.0.0.1 port 8021 # anchor for relayd(8) # anchor relayd/* # nat for local network match out on $ext_if from ($int_if:network) nat-to ($ext_if:0) pass in on $int_if pass out on $ext_if # rules for spamd(8) #table spamd-white persist #table nospamd persist file /etc/mail/nospamd #pass in on egress proto tcp from any to any port smtp \ #rdr-to 127.0.0.1 port spamd #pass in on egress proto tcp from nospamd to any port smtp #pass in log on egress proto tcp from spamd-white to any port smtp #pass out log on egress proto tcp to any port smtp #block in quick from urpf-failed to any # use with care # By default, do not permit remote connections to X11 block in on ! lo0 proto tcp to port 6000:6010 - NOTE: I don't know enough about interface groups or how they work with pf, and I'm still testing and learning, so my advice is *VERY* dodgy. ;) One of the issues is not well stated, namely, the improvements in pf ruleset syntax have a goal of simplification such as hardware-independent rules. This is being accomplished by using interface groups as noted in ifconfig(8). You'll note how the default pf.conf ruleset *intentionally* avoids using the previously typical hardware-dependent syntax such as defining 'ext_if' and 'int_if' then using them in the rules. The more complex hardware-dependent syntax still works fine if used (as above), and providing an example might be useful for the short term. Long term, it is better to use hardware-independent rules. The previously mentioned one-liner would simply be: match out on egress from ! egress nat-to egress Though the above *mostly* works, the trouble is, 'egress' is actually a *GROUP* of interfaces, so what pf is really doing is less than crystal clear unless you've worked with it a bit. I don't know how well the above one-liner works on 4.7-RELEASE/STABLE but I *just* started testing it on -CURRENt with a rather unstable ppp connection (via umodem EVDO/Verizon). With -CURRENT I've found one bug with using 'egress' NAT and it seems to be due to the tun0 interface being destroyed and recreated by ppp(8) so pf loses track of the (only) 'egress' interface. Manually reloading the pf ruleset after ppp(8) recreates the tun0 interface and reestablishes the connection, fixes the problem, so I could easily put the pf reload in /etc/ppp/ppp.linkup to solve the problem. Since manually reloading pf rules is not necessary when using the full interface-based ruleset above, it also should not be necessary when using a hardware independent group-based ruleset (i.e. with 'egress'). I haven't gotten to testing how pppd(8) behaves, but the 'egress group bug' might be there as well. NOTE: I just discovered the above bug a few minutes ago, but the -CURRENT on that box is stale (Mar9) so I'll update and retest to see if it's already fixed before filing a PR. None the less, it might also exist in 4.7-RELEASE or 4.7-STABLE and I'll try to get that tested as well. I don't have RELEASE installed anywhere, so I'll have to build up a new box. Luckily, my 4.7 set was pre-ordered and is sitting right next to me. Ya, our new super-simple-syntax seems to have a show stopper bug on release because you, me, and everyone else, have failed to do adequate testing. -- The OpenBSD Journal - http://www.undeadly.org
Re: pf change in upgrade47.html
On Wed, 12 May 2010 07:46:59 -0700 J.C. Roberts list-...@designtools.org wrote: Long term, it is better to use hardware-independent rules. The previously mentioned one-liner would simply be: match out on egress from ! egress nat-to egress Though the above *mostly* works It seems the ppp issue is because I botched the syntax. It should be: match out on egress from !(egress) nat-to (egress:0) Now I need to figure out why... -- The OpenBSD Journal - http://www.undeadly.org
Espionnage et Renseignement
BONJOUR, Je suis Philippe Dylewski et je dirige lâagence de ditectives privis AGAKURE ` Charleroi (Belgique). J'ai icrit un guide pratique du renseignement et de l'espionnage au quotidien et je me suis dit que ga pouvait vous intiresser ou vous amuser, et dans l'idial les deux. Espionnage et renseignement. Comment tout savoir sur tout le monde, dans les entreprises et ailleurs. (Tout un pohme !) Le livre est une compilation de mithodes venant des outils de l'intelligence iconomique, des ficelles du ditective privi, et de compitences comportementales utiles dans l'obtention d'informations sensibles. Le lecteur saura comment: ⢠; Trouver l'information sensible sur toute personne; ⢠; Dicouvrir des donnies clis sur ses concurrents et partenaires commerciaux ⢠; Mener des recherches pointues sur le net en un minimum de temps; ⢠; Accider au web cachi (partie du web non accessible via les moteurs de recherche); ⢠; Rechercher une personne, nâimporte oy dans le monde; â¢n bsp; Trouver et utiliser logiciels et matiriels d'espionnage (icoute de conversations ` distance, suivre un vihicule ou une personne ` distance, accider ` un ordinateur ou un gsm,...); ⢠; Ditecter le mensonge par des techniques comportementales. Toutes les techniques expliquies le sont de manihre ` pouvoir jtre utilisies par des gens pourvus d'un cerveau normal. Inutile d'jtre un inginieur en informatique (je ne le suis pas) ou un hacker boutonneux (je ne le suis pas non plus). Cela va sans dire, j'aimerais beaucoup vous faire connaitre mon bibi (tous les papas aiment parler de leur rejeton). Bien ` vous, Philippe Philippe Dylewski P.S. 1: Si ce mail stimule votre infatigable curiositi, venez faire un tour sur mon site oy vous trouverez renseignements et articles sur le bouquin (y compris des commentaires de lecteurs) P.S. 2 : Ce mail ne sera envoyi quâune seule fois. Aucun harchlement publicitaire nâest envisagi. Votre adresse nâest pas conservie (ni cidie). Si vous en doutez, vous pouvez toujours vous disinscrire ici [IMAGE]
Re: VPN Clients Behind OpenBSD 4.6 PF NAT
hi, what about pass in and pass out with proto esp or ah ? On Mon, May 10, 2010 at 6:23 PM, dontek don...@gmail.com wrote: The only change to sysctl.conf from default install is uncommenting: net.inet.ip.forwarding=1 net.inet6.ip6.forwarding=1 I am running a slightly pruned version of the FAQ Example: Firewall for Home or Small Office pf.conf. - ext_if=fxp0 int_if=xl0 tcp_services={ 22 } icmp_types=echoreq set block-policy return set loginterface $ext_if set skip on lo match in all scrub (no-df) nat on $ext_if from !($ext_if) - ($ext_if:0) nat-anchor ftp-proxy/* rdr-anchor ftp-proxy/* rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021 block in pass out keep state anchor ftp-proxy/* antispoof quick for { lo $int_if } pass in on $ext_if inet proto tcp from any to ($ext_if) port $tcp_services flags S/SA keep state pass in inet proto icmp all icmp-type $icmp_types keep state pass in quick on $int_if - -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Jorge Enrique Valbuena Vargas Sent: Monday, May 10, 2010 5:47 PM To: Don Reis Cc: misc@openbsd.org Subject: Re: VPN Clients Behind OpenBSD 4.6 PF NAT HI, can you send the pf.conf and sysctl.conf files ? On Mon, May 10, 2010 at 2:56 PM, Don Reis reisd...@gmail.com wrote: Hey guys, I got a little problem: First let me say I am running a fresh install of OpenBSD 4.6 and besides turning on IP forwarding in sysctl and installing the pf.conf example from the FAQ (modified of course to fit my NIC's), I have changed nothing in the default install. The scenario is I am attempting to connect to various external VPN's from inside my NAT network. I have tried both the Cisco and Shrew Soft VPN Clients with various Cisco and Netgear VPN concentrators and appliances, all with the exact same results. I initiate the connection, Phase 1 completes, Phase 2 completes, the tunnel comes up. I'm connected now right, except, packets only flow one direction over the tunnel, my outbound traffic gets through the tunnel to the remote network, but nothing ever comes back. If I jack my computer directly into my internet connection, everything is peachy on all clients and all endpoints. I've searched quite a bit and almost all of what I find is people complaining they can't get a connection over NAT and other people recommending various port redirects to a single machine running the VPN client to make things work. This is of course not like my situation. All VPN negotiations work just fine, I just never receive anything over the tunnel once it's up. Give me a clue. I assume this should just work behind PF NAT, since both clients are negotiating and using NAT-T. Thanks, don..
Re: nested vlans: safe to use?
Hi, On Wed, 12.05.2010 at 01:09:55 +, Stuart Henderson s...@spacehopper.org wrote: First talk to your wan provider, they might either be able to allocate you a couple of vlans that they'll carry for you, or do QinQ (i.e. you feed the provider plain vlans, and they appear directly at the other side). I would very much prefer to abstain from reshuffling vlans in the remote data centre. If possible, I'll try to arrange for non-overlapping vlan ids, which would solve the immediate problem, but could allow for unauthorized use of vlans (eg. what if someone reconfigures their vlan stuff, and suddenly their packets enter the wrong vlan?). I need to prevent this scenario. Using QinQ directly would be much better. The carrier said that they will transport all packets up to 64k per frame fully transparently, w/o any alteration. I need to re-hash the frametype issue, though. In-tree, there is the option of 'ifconfig vlanXXX vlandev vlanYYY which might get you somewhere. This uses the same ethertype on inner and outer vlans and doesn't interoperate with other vendors vlan stacking, but you might be able to do something with it (or maybe you'll just confuse your providers switches). So I can't change the frame types on a per-vlan basis, eg. to match their respective switches' expectations... hmmm. There's also a diff at http://www.mail-archive.com/misc@openbsd.org/msg65694.html that switches ethertype so you can interoperate with other vendors QinQ (it will need updating for -current). Thanks for pointing this out! I'll have a close look. But usually you just feed plain vlans to the wan provider and they handle translation or stacking.. ?!? I also need to do traffic shaping on a per-vlan basis. This does seem to work but I'm under the impression that queueing should be done on the physical interface (vlandev). I don't know how useful this really is. I need to limit and/or reserve bandwidth of individual vlans on the (one) wan pipe. Kind regards, --Toni++
Re: nested vlans: safe to use?
Hi, On Wed, 12.05.2010 at 14:23:18 +0200, Pete Vickers p...@systemnet.no wrote: http://www.openbsd.org/papers/asiabsdcon2010_vether/index.html especially page 6/7... thanks, but... I may have mis-stated the problem. I have no bandwidth or fragmentation problem, but rather a configuration problem in a Metro-LAN-like setting. Oh... and I forgot to add CARP into the mix - I want to automatically fail over the whole stack of vlans to a second router of mine when one interface fails. Kind regards, --Toni++
Re: X exiting after update (inteldrm error)
On Wed, 12 May 2010 02:28:36 -0300 Alan R. S. Bueno alan@gmail.com wrote: I'm not sure if misc@ is the right place to send this... After update kernel + userland + X (yesterday, in the morning (here in Brazil)... but with all the latest relevant changes in the trees src/ and xenocara/ applied), X exited (today, tonight, here in Brazil... yeah! :) with the following error: Both INTELDRM_GEM kernel and the corresponding new X intel driver were recently committed. Due to mirrors being out of sync, your cvs update may have only caught a portion of the needed changes. You should try again with cvs update of src and xenocara. Though not entirely relevant, you might also want to note: http://www.openbsd.org/faq/current.html#20100510 jcr -- The OpenBSD Journal - http://www.undeadly.org
Re: nested vlans: safe to use?
On 2010/05/12 20:35, Toni Mueller wrote: The carrier said that they will transport all packets up to 64k per frame fully transparently, w/o any alteration. I need to re-hash the frametype issue, though. Sounds like there's nothing to do and it should just work then... But usually you just feed plain vlans to the wan provider and they handle translation or stacking.. ?!? If they're doing nested vlans (tag stacking), usually you feed them frames, they add their own tag to get the frames across their network, and decapsulate when they handover to you.
Re: nested vlans: safe to use?
On Wed, 12.05.2010 at 19:48:47 +0100, Stuart Henderson s...@spacehopper.org wrote: But usually you just feed plain vlans to the wan provider and they handle translation or stacking.. ?!? If they're doing nested vlans (tag stacking), usually you feed them frames, they add their own tag to get the frames across their network, and decapsulate when they handover to you. Erm, this sounds backwards to me. I am the guy who needs to stack some - possibly already stacked - vlans at the remote end, in the data centre, and then feed this into the pipe (easy), and decapsulate multiple times at home, and encapsulate everything at home before sending it out through the wan pipe again, to be decapsulated in the data centre and distributed to various other people there. -- Kind regards, --Toni++
Re: nested vlans: safe to use?
Stuart Henderson s...@spacehopper.org wrote: In-tree, there is the option of 'ifconfig vlanXXX vlandev vlanYYY which might get you somewhere. If I remember correctly, at the time I added support for hardware vlan tagging, this kind of stacking did not work--and I don't think this has changed. -- Christian naddy Weisgerber na...@mips.inka.de
Re: pf change in upgrade47.html
On 2010-05-10, Rod Whitworth glis...@witworx.com wrote: The latest pf.conf documentation is written by people who don't need documentation but, probably for the first time, they forgot that compleat newbies need docs that enable them to get things working if they RTveryFM. It's just been done as a conversion from the old syntax style to the new one by the simplest method of converting, I think it it definitely use rewriting into a nicer style... Just by the way, the default pf.conf for 4.7 has a line that says: #pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021 I don't think that line is complete, is it? that one's okay. $ echo 'pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021' | pfctl -nvf - pass in quick inet proto tcp from any to any port = ftp flags S/SA keep state rdr-to 127.0.0.1 port 8021
Re: X exiting after update (inteldrm error)
On Wed, May 12, 2010 at 3:41 PM, J.C. Roberts list-...@designtools.org wrote: Both INTELDRM_GEM kernel and the corresponding new X intel driver were recently committed. Due to mirrors being out of sync, your cvs update may have only caught a portion of the needed changes. You should try again with cvs update of src and xenocara. No. The latest change that my cvs update caught was: http://marc.info/?l=openbsd-cvsm=127357649215000w=2 After that change, no *relevant* change was made (neither in src/ nor xenocara/) that can be the cause of the error; so, cvs update now is irrelevant. If you are subscribed to source-changes@, check the latest changes; if not, check here: http://marc.info/?l=openbsd-cvsr=1b=201005w=2 Though not entirely relevant, you might also want to note: http://www.openbsd.org/faq/current.html#20100510 It's not the case. Kernel + Userland + Xenocara are all up to date (well, to the date in my dmesg head...). Today my machine froze again in the same condictions. (I had to use the power button.) :-(
Re: Virtual domains/users setup with smtpd.
I have very sporadic access to internet this week, your mail is very hard to read, can you summarize as much as possible and describe your exact issue with output from smtpd -dv, smtpd.conf and making sure you are running the latest smtpd ? Will check back my mails tomorrow evening Gilles On Tue, May 11, 2010 at 10:19:19PM -0400, Daniel Ouellet wrote: Hi, I am very much hoping that I could get the input of a kind sole out there, or even to send me a working configuration is find. But I spend the last three days on/off to try to get the virtual alias/domains working on smtpd and I can't get there. I read the man page no less the 20 times, google and all. Eve saw the changes in alias done a few days, ago. 13 now. Even the latest fix here: http://www.mail-archive.com/misc@openbsd.org/msg90204.html Or the few example here: https://calomel.org/opensmtpd.html I try on 4.5, 4.7 and after the fix posted 13 days ago, I did try on current as well. I even empty a bottle of wine tonight to calm me down as I hit the wall a few times and I am getting upset. May be I don't understand the english as it should be, but for me, there is something missing in the man page that I can't break yet. I try no less then may be 100 variation on possible, and very unlikely possibility to get this working, but I cant get there. I set up two servers to test, one with 4.5 one with current and even test on 4.6 a few times. I strip to the minimum, but frankly, I hit the wall. It got to be the most stupid missing details, but please any help would be great. I can't figure it out with the docs I read so far and believe me I read a hell of a lots so far. Below is what I understand, I guess at this time that should work as writing all that I tried would be way to long. What am I missing? Here are the details: Now tested on current on sparc 64. I have multiple domains for testing and ll. All DNS are ok. I see the incoming right. I get constant errors at the receiving end: May 11 21:07:45 spamtrap smtpd[24488]: 1273626465.PixuMJ6IS1qoctUk: from=dan...@presscom.net, relay=smtp1.realconnect.com [66.63.3.242], stat=LocalError (530 5.0.0 Recipient rejected: dan...@opensipd.com) I can deliver local mail to local user on that box. I try to setup virtual users on that box, or virtual users forwarded to remote address as well for testing. That I can't get there. Putting anything in /etc/mail/aliases and doing the newalias will not do it. The simplest configuration as I understand it based on the man page and I even removed any tls stuff as well to keep it simple should be: mail to root@ the hostname will work, no problem. I create the virtual.db file with a single line as follow: # cat virtual dan...@opensipd.com: dan...@presscom.net makemap -t aliases -o /etc/mail/virtual.db /etc/mail/virtual the smtpd.conf have this: listen on lo0 listen on dc0 map aliases { source db /etc/mail/aliases.db } map virtual { source db /etc/mail/virtual.db } accept for all relay accept from all for local deliver to mbox accept for domain opensipd.com alias virtual deliver to mbox But the above isn't right and give configuration errors. Even if the man page suggest it should be possible; for domain domain [alias map] This rule applies to mail destined for the specified domain. This parameter supports the `*' wildcard, so that a single rule for all sub-domains can be used, for example: accept for domain *.example.com deliver to mbox If specified, map is used for looking up alternative destinations for addresses in this domain. May be I don't understand that part properly. Anyway, putting: accept from all for domain opensipd.com alias virtual deliver to mbox give errors as well. accept from all for virtual virtual deliver to mbox give no success either. even f there isn't any error at the start. I still get the : 530 5.0.0 Recipient rejected: dan...@opensipd.com Even trying this for a test; accept from all for virtual virtual relay will not go. Or this; accept from all for domain virtual deliver to mbox no error at startup, but still no go. Anyway, I got a very long list of variation and all kind of trial and nothing works for me so far. Please anyone can tell me what actually works in a step by step as long like what ever I read just do not give me the answer and I am at a lost to get it going. It got to very very stupid and I am sure I will beat myself over the head when it's working, but I can't get it, or understand the man page properly. Some small details is definitely missing for me to get it and may be a very small additional example in the man page might help lost sole like me. Anyone have a small amount of time to graciously offer me to light my candle here?
Re: [Bulk] Re: tls proxy in front of spamd?
On Thu, 6 May 2010 03:21:02 +0300 Jussi Peltola pe...@pelzi.net wrote: On Wed, May 05, 2010 at 07:27:46PM +0100, Kevin Chadwick wrote: Of course, if it's your mail server and clients you can use ips without dns have certficates tied to those ips and even block or monitor resets, none of which can be done with starttls and it is also a smaller window of opportunity. You can always reset the starttls too and man in the middle that, just one less opportunity. If it's your mail server and clients you can just force certificate checking on the hosts you want to connect to with tls. Using a different port adds no cryptographic security (authentication) at all, so it's useless complexity. Sorry, been away, you can use authpf for authentication and even a ssh tunnel for privacy. The main points are that connecting via starttls is like waving a flag saying I am going to connect again via ssl soon, when you could just connect once, (less of a problem for OpenBSD connections). Also some clients like iphones for example try ssl and fall back to plain. Using a separate port also means a user has more options to be sure of a ssl connection (desktop firewall, almost any mail client config etc.). I was wondering what advantages does using port 25 alone have in the light of reading Yahoo being criticised for not following the standard. KeV
Come join me on Create Abundance 2020™ International Network
Create Abundance 2020b International Network: A community dedicated to creating a world that works for all Come join me on Create Abundance 2020b International Network! CORE TEAM JHOVILYN NANOLA Click the link below to Join: http://www.ca2020.net/?xgi=5f51xpsLnKAuQMxg_source=msg_invite_net If your email program doesn't recognize the web address above as an active link, please copy and paste it into your web browser Members already on Create Abundance 2020b International Network Alexxis Monique O. Gratela, Marc Vincent C. Panay, OLWENY San James, Lara Francia, Alvin Jake NaC1adiego Juria About Create Abundance 2020b International Network For people who are seeking mentors for growth and abundance in life, business and spirit. Visit www.iloveabundance.vox.com 11274 members 7237 photos 396 videos 945 discussions 102 Events 3112 blog posts To control which emails you receive on the corner, or to opt-out, go to: http://www.ca2020.net/?xgo=fbNhpL9aXbndCgDbukiNL2KG-/rASpifVvzyfoey6V-yk9Q6TzEZEwxg_source=msg_invite_net
Come join me on Create Abundance 2020™ International Network
Create Abundance 2020b International Network: A community dedicated to creating a world that works for all Come join me on Create Abundance 2020b International Network! CORE TEAM JHOVILYN NANOLA Click the link below to Join: http://www.ca2020.net/?xgi=5f51xpsLnKAuQMxg_source=msg_invite_net If your email program doesn't recognize the web address above as an active link, please copy and paste it into your web browser Members already on Create Abundance 2020b International Network Alexxis Monique O. Gratela, Marc Vincent C. Panay, OLWENY San James, Lara Francia, Alvin Jake NaC1adiego Juria About Create Abundance 2020b International Network For people who are seeking mentors for growth and abundance in life, business and spirit. Visit www.iloveabundance.vox.com 11274 members 7237 photos 396 videos 945 discussions 102 Events 3112 blog posts To control which emails you receive on the corner, or to opt-out, go to: http://www.ca2020.net/?xgo=Z--K6feN4krdCgDbukiNL2KG-/rASpifVvzyfoey6V-yk9Q6TzEZEwxg_source=msg_invite_net
Re: X exiting after update (inteldrm error)
On Wed, 12 May 2010 17:20:28 -0300 Alan R. S. Bueno alan@gmail.com wrote: On Wed, May 12, 2010 at 3:41 PM, J.C. Roberts list-...@designtools.org wrote: Both INTELDRM_GEM kernel and the corresponding new X intel driver were recently committed. Due to mirrors being out of sync, your cvs update may have only caught a portion of the needed changes. You should try again with cvs update of src and xenocara. No. The latest change that my cvs update caught was: http://marc.info/?l=openbsd-cvsm=127357649215000w=2 After that change, no *relevant* change was made (neither in src/ nor xenocara/) that can be the cause of the error; so, cvs update now is irrelevant. If you are subscribed to source-changes@, check the latest changes; if not, check here: I think you're right about the *relevant* changes since the intagp stuff committed today seems to be for pineview from the commit logs. Today my machine froze again in the same condictions. (I had to use the power button.) :-( Bummer. I've been testing the new intel driver (with GEM) for a few weeks and it still has a few bugs with old 82845G. In my case, the screen gets corrupted, but X doesn't actually crash. This happens repeatably when switching to/from virtual terminals, and happens occasionally when flipping between xterms and gtk-based apps in X. Of course, once it's corrupted, a subsequent VT switch will crash X, but the corruption alone does not. The best thing you can do is enable DRM Debug in the kernel and try to get a core dump. $ cat /usr/src/sys/conf/GENERIC | grep DEBUG= makeoptions DEBUG=-g # compile full symbol table $ cat /usr/src/sys/arch/i386/conf/GENERIC_DRMDEBUG include arch/i386/conf/GENERIC option DRMDEBUG option DRMLOCKDEBUG And then follow the instructions in xenocara/README for how to set up and run the system to get a core file. -- The OpenBSD Journal - http://www.undeadly.org
Re: Relayd on localhost with multiple SSL Certificates
On Wed, 12 May 2010 09:09:18 +0200 (CEST) Jens Teglhus MC8ller j...@mostlyharmless.dk wrote: On Wed, May 12, 2010 04:46, Daniel Ouellet wrote: On 5/11/10 8:05 PM, Keith wrote: Hi. is it possible to get multiple http relayd relays listening on localhost each with a different port # and each with a different ssl certificate ? SSL certificate are host name bound, not port bound isn't it? So, I would say no, but I could be wrong. Well that would actually be the reason it could work. Multiple dns names mapped to the same ip address and configured on separate ports and a given certificate (virtual host) bound to a given port. But whether this will work with relayd i dont know, but i believe it would work fine with apache. /jtm I can confirm that this works, but the port will need to be in the link or ips attained. I'm not sure if there are any problems that requiring the port may cause to users?
Re: VPN Clients Behind OpenBSD 4.6 PF NAT
I have tried adding a pass in proto esp with no change to my working status. (tunnel uses ESP) If you would like to return my pf.conf with the rule(s) in the positions you think should be necessary, I will try it and report back. Thanks for trying, any other ideas? -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Jorge Enrique Valbuena Vargas Sent: Wednesday, May 12, 2010 12:59 PM To: Misc OpenBSD Subject: Re: VPN Clients Behind OpenBSD 4.6 PF NAT hi, what about pass in and pass out with proto esp or ah ? On Mon, May 10, 2010 at 6:23 PM, dontek don...@gmail.com wrote: The only change to sysctl.conf from default install is uncommenting: net.inet.ip.forwarding=1 net.inet6.ip6.forwarding=1 I am running a slightly pruned version of the FAQ Example: Firewall for Home or Small Office pf.conf. - ext_if=fxp0 int_if=xl0 tcp_services={ 22 } icmp_types=echoreq set block-policy return set loginterface $ext_if set skip on lo match in all scrub (no-df) nat on $ext_if from !($ext_if) - ($ext_if:0) nat-anchor ftp-proxy/* rdr-anchor ftp-proxy/* rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021 block in pass out keep state anchor ftp-proxy/* antispoof quick for { lo $int_if } pass in on $ext_if inet proto tcp from any to ($ext_if) port $tcp_services flags S/SA keep state pass in inet proto icmp all icmp-type $icmp_types keep state pass in quick on $int_if - -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Jorge Enrique Valbuena Vargas Sent: Monday, May 10, 2010 5:47 PM To: Don Reis Cc: misc@openbsd.org Subject: Re: VPN Clients Behind OpenBSD 4.6 PF NAT HI, can you send the pf.conf and sysctl.conf files ? On Mon, May 10, 2010 at 2:56 PM, Don Reis reisd...@gmail.com wrote: Hey guys, I got a little problem: First let me say I am running a fresh install of OpenBSD 4.6 and besides turning on IP forwarding in sysctl and installing the pf.conf example from the FAQ (modified of course to fit my NIC's), I have changed nothing in the default install. The scenario is I am attempting to connect to various external VPN's from inside my NAT network. I have tried both the Cisco and Shrew Soft VPN Clients with various Cisco and Netgear VPN concentrators and appliances, all with the exact same results. I initiate the connection, Phase 1 completes, Phase 2 completes, the tunnel comes up. I'm connected now right, except, packets only flow one direction over the tunnel, my outbound traffic gets through the tunnel to the remote network, but nothing ever comes back. If I jack my computer directly into my internet connection, everything is peachy on all clients and all endpoints. I've searched quite a bit and almost all of what I find is people complaining they can't get a connection over NAT and other people recommending various port redirects to a single machine running the VPN client to make things work. This is of course not like my situation. All VPN negotiations work just fine, I just never receive anything over the tunnel once it's up. Give me a clue. I assume this should just work behind PF NAT, since both clients are negotiating and using NAT-T. Thanks, don..
Re: pf change in upgrade47.html
On Wed, 12 May 2010 20:18:14 + (UTC) Stuart Henderson s...@spacehopper.org wrote: I don't think that line is complete, is it? that one's okay. $ echo 'pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021' | pfctl -nvf - pass in quick inet proto tcp from any to any port = ftp flags S/SA keep state rdr-to 127.0.0.1 port 8021 It's valid, but if uncommented in the default pf.conf ruleset, it would allow anyone to use your ftp-proxy due to the following 'pass' rule. http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.conf?rev=1.49;content-type=text%2Fplain It would be better to prevent such potential abuse by using the egress interface group. The trouble is the 'on ...' will not allow the use of parenthesis since it's denoting a group of interfaces rather than a group of addresses assigned to interfaces. But this is easily overcome by using 'from (...)' so when the underlying address(es) change on any interface in the group, the rule will reevaluated. NOTE: At present, I don't understand how pf reacts when interface groups are changed (interfaces added or deleted). Index: pf.conf === RCS file: /cvs/src/etc/pf.conf,v retrieving revision 1.49 diff -N -u -p pf.conf --- pf.conf 17 Sep 2009 06:39:03 - 1.49 +++ pf.conf 12 May 2010 22:25:59 - @@ -8,7 +8,8 @@ set skip on lo # filter rules and anchor for ftp-proxy(8) #anchor ftp-proxy/* -#pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021 +#pass in quick on !egress proto tcp from !(egress) to port ftp \ +# rdr-to 127.0.0.1 port 8021 # anchor for relayd(8) #anchor relayd/*
Re: pf change in upgrade47.html
On Wed, 12 May 2010 15:54:04 -0700, J.C. Roberts wrote: On Wed, 12 May 2010 20:18:14 + (UTC) Stuart Henderson s...@spacehopper.org wrote: I don't think that line is complete, is it? that one's okay. $ echo 'pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021' | pfctl -nvf - pass in quick inet proto tcp from any to any port = ftp flags S/SA keep state rdr-to 127.0.0.1 port 8021 It's valid, but if uncommented in the default pf.conf ruleset, it would allow anyone to use your ftp-proxy due to the following 'pass' rule. http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.conf?rev=1.49;content-type=text%2Fplain It would be better to prevent such potential abuse by using the egress interface group. The trouble is the 'on ...' will not allow the use of parenthesis since it's denoting a group of interfaces rather than a group of addresses assigned to interfaces. But this is easily overcome by using 'from (...)' so when the underlying address(es) change on any interface in the group, the rule will reevaluated. What is wrong with the old rule: rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021 being converted to: pass in quick on $int_if proto tcp to port ftp rdr-to 127.0.0.1 port 8021 put in a location above any other rule applying to $inf_if ?? The reason I queried whether the 4.7 construct was correct is that it applies to traffic from any to any. Even my suggested rule would not be universal. Maybe there's an ftp server on the LAN. *** NOTE *** Please DO NOT CC me. I am subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
unsupported atheros usb wifi wn721n
hi! I just got a tp-link tl-wn721n usb adapter which looks like unsupported. tried it on current. (vendor/product: 0x0cf3/0x9271) my question: is there anybody who is working on any driver supporting ! I just got a tp-link tl-wn721n usb adapter which looks like unsupported. my question: is there anybody who is working on any driver supporting this device. if there is then I could help testing it, if there's no one then i thought it'd be a great opportunity to drive deeper and try to write the driver for it. any suggestions? Adamthis device. if there is then I could help testing it, if there's no one then i thought it'd be a great opportunity to drive deeper and try to write the driver for it. any suggestions? Adam OpenBSD 4.7-current (GENERIC.MP) #557: Tue Apr 27 00:36:31 MDT 2010 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz (GenuineIntel 686-class) 2 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM real mem = 2145669120 (2046MB) avail mem = 2067898368 (1972MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 04/07/10, BIOS32 rev. 0 @ 0xfdc70, SMBIOS rev. 2.4 @ 0xe0010 (71 entries) bios0: vendor LENOVO version 7KETC9WW (2.29 ) date 04/07/2010 bios0: LENOVO 8918B8G acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SSDT ECDT TCPA APIC MCFG HPET SLIC BOOT SSDT SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) LURT(S3) DURT(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) EHC0(S3) EHC1(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz (GenuineIntel 686-class) 2 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus 4 (EXP2) acpiprt5 at acpi0: bus 5 (EXP3) acpiprt6 at acpi0: bus 13 (EXP4) acpiprt7 at acpi0: bus 21 (PCI1) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpipwrres0 at acpi0: PUBS acpitz0 at acpi0: critical temperature 127 degC acpitz1 at acpi0: critical temperature 100 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model 42T4513 serial 5561 type LION oem SANYO acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit online acpithinkpad0 at acpi0 acpidock0 at acpi0: GDCK not docked (0) bios0: ROM list: 0xc/0xf000 0xcf000/0x1000 0xd/0x1000 0xe/0x1! cpu0: Enhanced SpeedStep 1996 MHz: speeds: 2001, 2000, 1600, 1200, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel GM965 Host rev 0x0c ppb0 at pci0 dev 1 function 0 Intel GM965 PCIE rev 0x0c: apic 1 int 16 (irq 10) pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 vendor NVIDIA, unknown product 0x0429 rev 0xa1 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) em0 at pci0 dev 25 function 0 Intel ICH8 IGP M rev 0x03: apic 1 int 20 (irq 11), address 00:15:58:cb:d4:f4 uhci0 at pci0 dev 26 function 0 Intel 82801H USB rev 0x03: apic 1 int 20 (irq 11) uhci1 at pci0 dev 26 function 1 Intel 82801H USB rev 0x03: apic 1 int 21 (irq 11) ehci0 at pci0 dev 26 function 7 Intel 82801H USB rev 0x03: apic 1 int 22 (irq 11) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 Intel 82801H HD Audio rev 0x03: apic 1 int 17 (irq 11) azalia0: codecs: Analog Devices AD1984, Conexant/0x2bfa, using Analog Devices AD1984 audio0 at azalia0 ppb1 at pci0 dev 28 function 0 Intel 82801H PCIE rev 0x03: apic 1 int 20 (irq 11) pci2 at ppb1 bus 2 ppb2 at pci0 dev 28 function 1 Intel 82801H PCIE rev 0x03: apic 1 int 21 (irq 11) pci3 at ppb2 bus 3 iwn0 at pci3 dev 0 function 0 Intel Wireless WiFi Link 4965 rev 0x61: apic 1 int 17 (irq 11), MIMO 2T3R, MoW2, address 00:13:e8:ed:2c:cd ppb3 at pci0 dev 28 function 2 Intel 82801H PCIE rev 0x03: apic 1 int 22 (irq 11) pci4 at ppb3 bus 4 ppb4 at pci0 dev 28 function 3 Intel 82801H PCIE rev 0x03: apic 1 int 23 (irq 11) pci5 at ppb4 bus 5 ppb5 at pci0 dev 28 function 4 Intel 82801H PCIE rev 0x03: apic 1 int 20 (irq 11) pci6 at ppb5 bus 13 uhci2 at pci0 dev 29 function 0 Intel 82801H USB rev 0x03: apic 1 int 16 (irq 10) uhci3 at pci0 dev 29
Re: pf change in upgrade47.html
On Thu, 13 May 2010 09:45:47 +1000 Rod Whitworth glis...@witworx.com wrote: What is wrong with the old rule: rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021 being converted to: pass in quick on $int_if proto tcp to port ftp rdr-to 127.0.0.1 port 8021 put in a location above any other rule applying to $inf_if ?? The reason I queried whether the 4.7 construct was correct is that it applies to traffic from any to any. Even my suggested rule would not be universal. Maybe there's an ftp server on the LAN. Yep, the 'pass in quick' with 'any to any' in the default pf.conf ruleset is bad juju, and hence the patch I posted. If deemed acceptable and committed, I'll patch update47.html accordingly. But to answer your question, the interface names such as int_if were intentionally removed since we can now create hardware independent rulesets by using interface groups. If you're overly accustomed to using interface names like '$int_if' it takes a bit to wrap your head around the new interface groups, but they're really cool. -- The OpenBSD Journal - http://www.undeadly.org
=?utf-8?Q?=C2=BFQue_Puede_Hacer_el_Internet_por_su_Negocio?_-_iMex=C2=B410_Auditorio_Hilton_-_Cierre_de_Inscripciones?=
Congreso Nacional Internet Marketing Experts 2010 Lunes 24 de Mayo - Hotel Hilton Guadalajara [IMAGE] Congreso Nacional Internet Marketing Experts 2010 Guadalajara [IMAGE] Lunes 24 de Mayo de 2010 [IMAGE] Auditorio - Hilton Guadalajara [IMAGE] 9:00 am - 7:00 pm Ser Visto Para Ser Rentable El Internet como medio de mercadotecnia ofrece beneficios excepcionales y un potencial de reconocimiento de marca para todo tipo de industria. Un evento sin precedentes que propone alternativas de vanguardia y tecnologCa expuestas por lCderes en el C!mbito. La mercadotecnia por Internet es altamente rentable, ofrece muchas ventajas C:nicas que la publicidad tradicional no puede igualar, asC como herramientas de alto impacto y desempeC1o que desarrollarC!n un verdadero vCnculo entre su empresa y su mercado meta. Objetivos y beneficios B?QuC) puede hacer la mercadotecnia por internet por mi negocio? b Generar trC!fico a su sitio web o instalaciones fCsicas (generaciC3n de contactos, ventas, etc.) b Mejorar sus actividades promocionales en lCnea b una forma mC!s de llegar a los clientes b Extender el posicionamiento de su marca en nuevos mercados b Dar a su negocio una ventaja sobre su competencia b Reducir sus costos de mercadotecnia a la vez que mejora sus resultados Algunos de los temas generales b Tu presencia en internet b Posicionamiento, trC!fico objetivo y mercadotecnia online b Impacto de las redes sociales como estratC)gia de negocios b Mobile Marketing b e-mail Marketing [IMAGE] Lic. Fernanda Rivas Sales Development Representative Line 1: +52 (33) 1201-6898 Line 2: +52 (33) 1562-1784 Line 3: +52 (33) 3110-6502 InversiC3n del Evento $3,800B:B: + IVA Cuota por Participante[IMAGE] PromociC3n Especial a Grupos Copyright (C) 2010, Congress Marketing Online S.C. Derechos reservados. Congress Marketing, El logo de Congress Marketing, y Congress Marketing Online S.C. son marcas registradas y/o sus filiales en Estados Unidos, Canada, Colombia, Brasil y Uruguay. ADVERTENCIA Congress Marketing no cuenta con alianzas estrategicas de ningun tipo dentro de la republica mexicana. NO SE DEJE ENGACAR - DIGA NO A LA PIRATERIA. Todos los logotipos, marcas comerciales e imC!genes son propiedad de sus respectivas corporaciones y se utilizan con fines informativos solamente. Este Mensaje ha sido enviado a misc@openbsd.org como usuario de Congress Marketing o bien un usuario le refirio para recibir este newsletter. Como usuario de Congress Marketing, en este acto autoriza de manera expresa que Congress Marketing le puede contactar vCa correo electrC3nico u otros medios. Si usted ha recibido este mensaje por error, haga caso omiso de el y reporte su cuenta respondiendo este correo con el subject BAJA CM000SCRMZ. Unsubscribe to this mailing list, reply a blank message withe the subject UNSUBSCRIBE CM000SCRMZ Tenga en cuenta que la gestiC3n de nuestras bases de datos es de suma importancia y no es intenciC3n de la empresa la inconformidad del receptor.
Seminario sobre TOMA DE DECISIONES Y ADM. DEL TIEMPO - Montevideo, miercoles 19 de mayo.
Ciclo 2010 SEMINARIOS PRACTICOS INTENSIVOS TOMA DE DECISIONES Y ADMINISTRACISN EFICAZ DEL TIEMPO Herramientas para optimizar los resultados y mejorar nuestra productividad MIIRCOLES 19 DE MAYO - HOTEL LAFAYETTE - MONTEVIDEO - DE 19 A 22 HS. OBJETIVO: En la actualidad, es cada vez mas complicado concentrarse en un solo proyecto urgente, ya que las cargas laborales son excesivas y todas son prioridad. Esto interfiere en su vida familiar y profesional, ya que su imagen se ve daqada al no considerarsele altamente efectivo. Por ello hemos diseqado este seminario, el cual le ayudara a definir, organizar, desarrollar y culminar con ixito todos sus proyectos. Se presentaran distintos aspectos que intervienen en la toma de decisiones con el propssito de ayudar al participante a identificar las oportunidades de mejora en su gestisn empresarial o privada. Procesos sicolsgicos: Procrastinacisn y Autoengaqo. Intereses de grupo y de sus partes. Por que no se hace lo que se sabe debiera hacerse? Escenarios posibles, probabilidades y valor econsmico de los resultados. Con mmnima matematica. Lo que habrma que saber para mejor decidir y su costo en tiempo y dinero. Razones desconocidas para hacer cosas. Creacisn de oportunidades. Las Emociones y la Decisisn. Se entregaran repartidos desarrollados aunque no alcanzara el tiempo para tratarlo profundamente todo. Como administrar el tiempo Como organizar y gestionar las tareas EXPONEN: - Ing. Eustaquio Vera Iglesias: Master en administracisn (Universidad Standford, EE.UU.) y docente universitario. - Pablo W. Dorrego Duarte: Especializado en liderazgo (SRV, Houston) y gerencia (ESADE, Espaqa). - Se incluye diploma y material INVERSISN: $ 900 pesos (inscribiindose hasta el 17/5: $ 700). Grupos pagan 2 entran 3, consulte por descuentos para asistentes del interior. Informes y reservas: (02) 315 3330, Montevideo. RESERVE HOY SU CUPO Y OBTENGA BENEFICIOS Gracias por recibir esta propuesta por e-mail y no deseamos ser molestia para usted por dicha vma intentando las mmnimas comunicaciones. Si no desea recibir mas mensajes envmenos un correo con la palabra remover o baja en el asunto, y el sistema automaticamente lo realiza. [demime 1.01d removed an attachment of type image/jpeg which had a name of le_mailings.jpg] [demime 1.01d removed an attachment of type image/jpeg which had a name of tomad.jpg]
PMS DE MÉXICO LO INVITA A PARTICIPAR: SEMINARIO DE ALMACENES E INVENTARIOS PARA MEJOR CONTROL
PMS de MC)xicoB. lo invita al excelente seminario: Estrategias y TC)cnicas de SupervisiC3n y OrganizaciC3n de bAlmacenes e Inventariosb MC)xico D.F. 24 De Mayo 2010 Una C3ptima ejecuciC3n en la cadena de suministro comienza con planeaciC3n estratC)gica y procesos de negocio definidos. Los elementos de la cadena, bien administrados apoyan la operaciC3n logCstica. El resguardo de materiales resulta mC!s eficiente cuando va de la mano de conceptos aplicados en concordancia con la estrategia del negocio. Objetivos del seminario: -Comprender el proceso de administraciC3n y su influencia en el almacC)n. -Aplicar la Ley de Pareto para eficientar la confiabilidad de los registros operativos. -Identificar los principios de administraciC3n de inventarios y los sistemas de reposiciC3n mC!s comunes. -Aplicar conceptos en ejercicios y casos prC!cticos Resultados: Relacionar la importancia estratC)gica del almacC)n conforme los objetivos del negocio. Ubicar el papel de PlaneaciC3n, Compras, Proveedores e Inventarios dentro de la Cadena de Suministro, AplicaciC3n prC!ctica de conceptos en ejercicios y dinC!micas. Dirigido a: Responsables de LogCstica, Inventarios, AlmacC)n, Planeadores de materiales y Encargados de abastecimiento o compra de materiales Mayores informes responda este correo electrC3nico con los siguientes datos. Empresa: Nombre: TelC)fono: Email. NC:mero de Interesados: Y en breve le haremos llegar la informaciC3n completa del evento. O bien comunCquese a nuestros telC)fonos un ejecutivo con gusto le atenderC!. Tels. (33) 8851-2365, (33) 8851-2741, (33)3125-4658. Reciba un cordial saludo. Este Mensaje ha sido enviado a misc@openbsd.org como usuario de Pms de MC)xico o bien un usuario le refiriC3 para recibir este boletCn. Como usuario de Pms de MC)xico, en este acto autoriza de manera expresa que Pms de MC)xico le puede contactar vCa correo electrC3nico u otros medios. Si usted ha recibido este mensaje por error, haga caso omiso de el y reporte su cuenta respondiendo este correo con el subject BAJAALMACEN Unsubscribe to this mailing list, reply a blank message with the subject UNSUBSCRIBE ALMACEN Tenga en cuenta que la gestiC3n de nuestras bases de datos es de suma importancia y no es intenciC3n de la empresa la inconformidad del receptor.
Re: X exiting after update (inteldrm error)
On Wed, May 12, 2010 at 11:34 PM, J.C. Roberts list-...@designtools.org wrote: Bummer. I've been testing the new intel driver (with GEM) for a few weeks and it still has a few bugs with old 82845G. In my case, the screen gets corrupted, but X doesn't actually crash. This happens repeatably when switching to/from virtual terminals, and happens occasionally when flipping between xterms and gtk-based apps in X. Of course, once it's corrupted, a subsequent VT switch will crash X, but the corruption alone does not. I'm experiencing exactly the same issue on my X41 (915GM). ciao, david
OpenBSD 4.7 pictures
Just thought I'd share some pictures. OpenBSD 4.7 just arrived in the mail today(I'm in Oklahoma, USA). Checkout http://earlz.biz.tm/openbsd_pics/ for pictures of some of it