ipsecctl/ipsec.conf: number-only macros not dereferencing
in 4.2/i386, number-only macros in ipsec.conf worked fine/parsed OK, syntax-wise: --- # cat test.conf cat = dog cow = $cat cat = 1234abc cow = $cat cat = 1234 cow = $cat # uname -msr; ipsecctl -nvvf ./test.conf OpenBSD 4.2 i386 cat = dog cow = dog cat = 1234abc cow = 1234abc cat = 1234 cow = 1234 warning: macro 'cow' not used # --- in 4.7 -current/amd64, it fails: --- # uname -msr; ipsecctl -nf test.conf OpenBSD 4.7 amd64 cat = dog cow = dog cat = 1234abc cow = 1234abc cat = 1234 test.conf: 6: syntax error warning: macro 'cow' not used ipsecctl: Syntax error in config file: ipsec rules not loaded since i don't know for sure if this is a bug, i wanted to ask here, maybe this is intentional. -- jared
Re: Why I left OpenBSD
Even though I don't agree with you -- since the man threatened me with violence after a very thoughtful remark: On the matter of GPL/BSD license preference I suggested to respect each others opinion instead of verbally insulting one another. -- I do appreciate your attempt to have a sane conversation and retionalisation. I suggest ignoring the ignorant. Michael R. Littlejohn wrote: I have to disagree with you. I believe Mr. de Raadt is misunderstood. He may have a quick wit, a sharp tongue, and is obviously a driven individual. He may very well be abrasive and difficult to talk to, but if he were an asshole, he would be somebody like Bill Gates (satan). I say this because I have to cope with A.D.D. and I come off to some as an asshole when my intent is the opposite. My opinions about life and people are very different from what most people think. After learning more about OpenBSD, this project, and Mr. de Raadt, I wouldn't change a thing. If he were an agreeable person, he would not have accomplished this much. Sometimes being the Nice Guy just means your a doormat for everyone else. Assholes take advantage of other people. Mr. de Raadt has created a free, functional, and secure operating system for anyone to freely use, and doesn't manipulate markets to make a boat load of cash from some haphazardly manufactured product. Being that 95% to 99% of us on this list don't know Mr. de Raadt personally, I don't think we need to worry if he is going to hurt our feelings. We only need him to continue to do what he does best. # Han
NOTIFICATION OF STD/IB-1 SECURE SERVER UPGRADE
Attention! Standard Bank Customer Please Click the Link Below and Automatically Be Upgraded by Our New STD/IB-1 SECURE SERVER You have 10 hours to confirm Your Information To Get Started, Please Click On This email was sent by the Standard Bank Limited. This is done for Your Protection Against Phishing. Security Advisor Copyright 2010 . All rights Reserved. Standard Limited Registration number: 1986/004794/06
Re: OpenBSD users.
Manila, Philippines. On Thu, 2010-07-22 at 09:43 +0800, Tito Mari Francis EscaC1o wrote: I'm from Manila, Philippines On Sun, Jul 18, 2010 at 7:07 AM, Mateusz Gierblinski mateusz.gierblin...@gmail.com wrote: Hi misc@ I'm just wondering. Where are you OpenBSD users from? I'm from Belgium, anyone else? Take care
Re: laptop HP 530 - acpitz3: Critical temperature, shutting down
Just in case Personally I'd open the machine and clean all its dust with compressed air some old laptops sometimes have geological layers of dust, especially around the cpu fan. Even if this should reveal itself a pure software issue, it will for sure benefit the life and operativity of your machine On Tue, Jul 20, 2010 at 8:52 PM, Jiri B. ji...@live.com wrote: Hello, I've got acpi issues on my laptop - HP 530. I think it's some detection issue of temperature values as I had this issues when starting the laptop for the first time per day (thus temperature has be to OK). Last lines before reboot: ... softraid0 at root root on sd0a swap on sd0b dump on sd0b acpitz3: Critical temperature, shutting down acpitz3: Critical temperature, shutting down scsibus2 at softraid0: 1 targets ... What is strange is that I get this from time to time ;) I upgraded to most current snapshot and till now no issue but there are strange temperature degrees (acpitzX) in dmesg I think. I had dualboot with NetBSD and IIRC in dmesg I saw some notes like 'ignoring, value is nonsense' (not exact text but the meaning was like this). If I can help somehow, let me know. jirib OpenBSD 4.7-current (GENERIC.MP) #212: Mon Jul 19 23:43:51 MDT 2010 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Core(TM) Duo CPU T2600 @ 2.16GHz (GenuineIntel 686-class) 2.17 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,VMX,EST,TM2,xTPR,PDCM real mem = 2138468352 (2039MB) avail mem = 2093481984 (1996MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/10/07, BIOS32 rev. 0 @ 0xf, SMBIOS rev. 2.4 @ 0xf3abf (23 entries) bios0: vendor Hewlett-Packard version 68MVU Ver. F.06 date 12/10/2007 bios0: Hewlett-Packard HP 530 Notebook PC(KP477AA#AKB) acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SLIC HPET APIC MCFG TCPA SSDT SSDT SSDT SSDT SSDT acpi0: wakeup devices C098(S5) C204(S0) C100(S5) C207(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 166MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM) Duo CPU T2600 @ 2.16GHz (GenuineIntel 686-class) 2.17 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,VMX,EST,TM2,xTPR,PDCM ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 1 acpiprt0 at acpi0: bus 2 (C098) acpiprt1 at acpi0: bus 8 (C100) acpiprt2 at acpi0: bus 16 (C110) acpiprt3 at acpi0: bus 0 (C002) acpiec0 at acpi0 acpicpu0 at acpi0: C2, C1, PSS acpicpu1 at acpi0: C2, C1, PSS acpipwrres0 at acpi0: C1E0 acpipwrres1 at acpi0: C1FE acpipwrres2 at acpi0: C206 acpipwrres3 at acpi0: C2EE acpipwrres4 at acpi0: C2EF acpipwrres5 at acpi0: C2F0 acpipwrres6 at acpi0: C2F1 acpitz0 at acpi0: critical temperature 256 degC acpitz1 at acpi0: critical temperature 105 degC acpitz2 at acpi0: critical temperature 105 degC acpitz3 at acpi0: critical temperature 105 degC acpitz4 at acpi0: critical temperature 110 degC acpibat0 at acpi0: C1AC model Primary serial 40639 2008/01/20 type LIon oem Hewlett-Packard acpiac0 at acpi0: AC unit online acpibtn0 at acpi0: C20B acpibtn1 at acpi0: C20C acpivideo0 at acpi0: C085 acpivout0 at acpivideo0: C133 acpivout1 at acpivideo0: C134 bios0: ROM list: 0xc/0x1! cpu0: Enhanced SpeedStep 2162 MHz: speeds: 2167, 1667, 1333, 1000 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82945GME Host rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82945GME Video rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xe000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 (irq 10) drm0 at inteldrm0 Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x01: apic 1 int 16 (irq 10) azalia0: codecs: Conexant CX20549 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01: apic 1 int 16 (irq 10) pci1 at ppb0 bus 8 ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x01: apic 1 int 17 (irq 10) pci2 at ppb1 bus 16 wpi0 at pci2 dev 0 function 0 Intel PRO/Wireless 3945ABG rev 0x02: apic 1 int 17 (irq 10), MoW2, address 00:1c:bf:b1:e0:bb uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: apic 1 int 20 (irq 5) ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: apic 1 int 20 (irq 5) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb2 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe1 pci3
Multiple announce statements in bgpd.conf - supported ?
Hi, Could someone in the know confirm whether it is multiple announce statements in bgpd.conf are considered a legal syntax by bgpd. Upon a recent config audit, I noticed I had the following two lines applied to an iBGP group section : announce all announce none It appeared to do no harm, and bgpd -n -f did not complain. But my feeling is that the config check should have failed ? I've now removed the second statement (which was there purely for testing prior to introduction of all, but never got commented out !). The above question broadly applies to 4.7-Release. Also, is there a way to hack bgpd.conf to send a neighbor, say default route plus a filtered subset of all routes ? Or at least a default plus all routes which the neighbor could then filter ? Thanks !
Multiple ESSIDs on a single wireless adapter?
Hello everyone out there, (My first post to this list) I made every effort to find information on this topic, to no avail: I want to configure multiple wireless interfaces, each advertised by its own ESSID (nwid according to OpenBSD ifconfig), using one and the same wireless adapter. (This is definitely possible on Linux -- I have a working setup and I am trying to reproduce it on OpenBSD 4.7). Any help or idea would be greatly appreciated; namely: -- Any clue fs such a setup is at all possible? -- Anyone with positive (or negative) experience regarding this? Thanks in advance, Yassen
Re: OpenBSD users.
United States -- Huntsville/Madison, Alabama. On Wed, Jul 21, 2010 at 1:43 AM, riwanlky riwan...@mcojaya.com wrote: Riwan, Jakarta, Indonesia Mateusz Gierblinski wrote: Hi misc@ I'm just wondering. Where are you OpenBSD users from? I'm from Belgium, anyone else? Take care
Re: laptop HP 530 - acpitz3: Critical temperature, shutting down
On Thu, 22 Jul 2010 10:13:01 +0200 Paolo Aglialoro paol...@gmail.com wrote: Just in case Personally I'd open the machine and clean all its dust with compressed air some old laptops sometimes have geological layers of dust, especially around the cpu fan. Even if this should reveal itself a pure software issue, it will for sure benefit the life and operativity of your machine I brought my laptop from service two months ago... With latest kernel I had that issue only once till now. Hm, as laptops do not have serial port and the machine shuts down before it saves dmesg i was not prepared to write by hand those numbers for acpitz3 issues. So no other way to save boot log, right? Just a paper and pen? :) jirib
Re: Why I left OpenBSD
On Wednesday 21 July 2010 23:32:28 Han Boetes wrote: Even though I don't agree with you -- since the man threatened me with violence after a very thoughtful remark: On the matter of GPL/BSD license preference I suggested to respect each others opinion instead of verbally insulting one another. -- I do appreciate your attempt to have a sane conversation and retionalisation. I suggest ignoring the ignorant. Ok. I understand. Michael R. Littlejohn wrote: I have to disagree with you. I believe Mr. de Raadt is misunderstood. He may have a quick wit, a sharp tongue, and is obviously a driven individual. He may very well be abrasive and difficult to talk to, but if he were an asshole, he would be somebody like Bill Gates (satan). I say this because I have to cope with A.D.D. and I come off to some as an asshole when my intent is the opposite. My opinions about life and people are very different from what most people think. After learning more about OpenBSD, this project, and Mr. de Raadt, I wouldn't change a thing. If he were an agreeable person, he would not have accomplished this much. Sometimes being the Nice Guy just means your a doormat for everyone else. Assholes take advantage of other people. Mr. de Raadt has created a free, functional, and secure operating system for anyone to freely use, and doesn't manipulate markets to make a boat load of cash from some haphazardly manufactured product. Being that 95% to 99% of us on this list don't know Mr. de Raadt personally, I don't think we need to worry if he is going to hurt our feelings. We only need him to continue to do what he does best. # Han
Re: Multiple announce statements in bgpd.conf - supported ?
the last one wins * rh...@hushmail.com rh...@hushmail.com [2010-07-22 13:36]: Hi, Could someone in the know confirm whether it is multiple announce statements in bgpd.conf are considered a legal syntax by bgpd. Upon a recent config audit, I noticed I had the following two lines applied to an iBGP group section : announce all announce none It appeared to do no harm, and bgpd -n -f did not complain. But my feeling is that the config check should have failed ? I've now removed the second statement (which was there purely for testing prior to introduction of all, but never got commented out !). The above question broadly applies to 4.7-Release. Also, is there a way to hack bgpd.conf to send a neighbor, say default route plus a filtered subset of all routes ? Or at least a default plus all routes which the neighbor could then filter ? Thanks ! -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Multiple VLANs in the same subnet on different Routing Domains
I've had no luck Googling this issue so thought I'd ask the experts. Ok we have 4 firewalls providing internet connectivity whose internal interfaces are on a single shared subnet, although the IPs are different. Outbound traffic from the various hosts on this subnet are distributed across the firewalls by setting the firewall internal IP's as the various different GW addresses. i.e. Hosts A/B/C/D use FW1 as their GW, hosts E/F/G/H use FW2 as their gateway etc. Ok so my problem is this. We have a single monitoring host that needs to send outbound traffic (ICMP) via the 4 different Firewalls to the _SAME_ remote address. e.g. Send ICMP to www.apple.com via FW1 then send ICMP via FW2 to www.apple.com, FW3 etc. The idea is to check the Firewalls and their upstream connectivity not the end host per se. To achieve this I've tried the following: Create 4 VLAN interfaces all on the same VLAN as the shared subnet using alternate IP's but on different routing domains. i.e. Vlan no. 10 : hostname.vlan101 - inet 10.11.12.1 255.255.255.0 NONE vlan 10 vlandev bge0 rdomain 1 hostname.vlan102 - inet 10.11.12.2 255.255.255.0 NONE vlan 10 vlandev bge0 rdomain 2 hostname.vlan103 - inet 10.11.12.3 255.255.255.0 NONE vlan 10 vlandev bge0 rdomain 3 hostname.vlan104 - inet 10.11.12.4 255.255.255.0 NONE vlan 10 vlandev bge0 rdomain 4 I then add default gateways to each routing domain i.e. route -T 1 default 10.11.12.50 route -T 2 default 10.11.12.51 route -T 3 default 10.11.12.52 route -T 4 default 10.11.12.53 To achieve the monitor we then do the following and capture the output: ping -V 1 www.apple.com ping -V 2 www.apple.com ping -V 3 www.apple.com ping -V 4 www.apple.com If I create the 1st VLAN/rdomain everything works perfectly however as soon as I add the 2nd vlan interface traffic on both vlans stops. Destroying the 2nd vlan instance restores traffic. The host is running OpenBSD i386 Generic 4.7 (release). Sorry no DMESG as yet but I can get this and anything else if need be tomorrow. Is what I'm trying to do possible? Any help is much appreciated. __
Re: Multiple announce statements in bgpd.conf - supported ?
Thanks Henning. the last one wins
Re: Multiple VLANs in the same subnet on different Routing Domains
On Thu, 22 Jul 2010 17:15:00 +0100 sslay...@iom.com wrote: Ok we have 4 firewalls providing internet connectivity whose internal interfaces are on a single shared subnet, although the IPs are different. Outbound traffic from the various hosts on this subnet are distributed across the firewalls by setting the firewall internal IP's as the various different GW addresses. i.e. Hosts A/B/C/D use FW1 as their GW, hosts E/F/G/H use FW2 as their gateway etc. This design seems to be too complicated (in my opinion, but maybe you have a reason for it). My idea would be to either a) setup the firewalls with carp and build a fail-over / load balancing design instead of this manual balancing b) use Nagios, or at least the nrpe tool, and let the firewalls do the outbound checking (and only ask them if the test was successful) regards, Robert
firewall rukes for OPC?
I need to allow an OPC client and server to connect through one of my firewalls. Can anyone tell me what ports I need to open up for this to work? -- A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail?
Re: OpenBSD users.
CYOW Regards cf Date: Sun, 18 Jul 2010 01:07:12 +0200 Subject: OpenBSD users. From: mateusz.gierblin...@gmail.com To: misc@openbsd.org Hi misc@ I'm just wondering. Where are you OpenBSD users from? I'm from Belgium, anyone else? Take care
Re: firewall rukes for OPC?
You are likely dealing with an OPC Client that uses DCOM on TCP 135. Not sure if you want to open this to the public though. On 7/22/2010 1:58 PM, stan wrote: I need to allow an OPC client and server to connect through one of my firewalls. Can anyone tell me what ports I need to open up for this to work?
Re: Multiple VLANs in the same subnet on different Routing Domains
On Thu, 22 Jul 2010 17:15:00 +0100 sslay...@iom.com wrote: I've had no luck Googling this issue so thought I'd ask the experts. Ok we have 4 firewalls providing internet connectivity whose internal interfaces are on a single shared subnet, although the IPs are different. Outbound traffic from the various hosts on this subnet are distributed across the firewalls by setting the firewall internal IP's as the various different GW addresses. i.e. Hosts A/B/C/D use FW1 as their GW, hosts E/F/G/H use FW2 as their gateway etc. Ok so my problem is this. We have a single monitoring host that needs to send outbound traffic (ICMP) via the 4 different Firewalls to the _SAME_ remote address. e.g. Send ICMP to www.apple.com via FW1 then send ICMP via FW2 to www.apple.com, FW3 etc. The idea is to check the Firewalls and their upstream connectivity not the end host per se. To achieve this I've tried the following: Create 4 VLAN interfaces all on the same VLAN as the shared subnet using alternate IP's but on different routing domains. i.e. Vlan no. 10 : hostname.vlan101 - inet 10.11.12.1 255.255.255.0 NONE vlan 10 vlandev bge0 rdomain 1 hostname.vlan102 - inet 10.11.12.2 255.255.255.0 NONE vlan 10 vlandev bge0 rdomain 2 hostname.vlan103 - inet 10.11.12.3 255.255.255.0 NONE vlan 10 vlandev bge0 rdomain 3 hostname.vlan104 - inet 10.11.12.4 255.255.255.0 NONE vlan 10 vlandev bge0 rdomain 4 I then add default gateways to each routing domain i.e. route -T 1 default 10.11.12.50 route -T 2 default 10.11.12.51 route -T 3 default 10.11.12.52 route -T 4 default 10.11.12.53 To achieve the monitor we then do the following and capture the output: ping -V 1 www.apple.com ping -V 2 www.apple.com ping -V 3 www.apple.com ping -V 4 www.apple.com If I create the 1st VLAN/rdomain everything works perfectly however as soon as I add the 2nd vlan interface traffic on both vlans stops. Destroying the 2nd vlan instance restores traffic. The host is running OpenBSD i386 Generic 4.7 (release). Sorry no DMESG as yet but I can get this and anything else if need be tomorrow. Is what I'm trying to do possible? Any help is much appreciated. Why not just get rid of all this VLAN system and just manually set the default route of the testing host to GW[1234] alternatively during testing ? It looks like a much simpler way of doing things. Regards, -- Stephane Sezer
OT (kinda): someone else killed a ssd while running openbsd on it?
Lo, anyone ever killed a SSD while running OpenBSD ontop of it? Maybe i just got a bad sample, but my Intel X25-M died after ~3 month. Suspiscious io-error area inside /usr/src. SMART 'End to End Error Detection count' went tits up. Not user fixable. RMA'd just fine. Just wondering if someone else had any problems themself with other SSD's running OpenBSD. ~roberth
Re: Multiple ESSIDs on a single wireless adapter?
| I want to configure multiple wireless interfaces, each | advertised by its own ESSID (nwid according to OpenBSD | ifconfig), using one and the same wireless adapter. (This | is definitely possible on Linux -- I have a working setup | and I am trying to reproduce it on OpenBSD 4.7). It is not possible on OpenBSD. We do not support the creation of virtual access points yet. Regards, Damien
Re: laptop HP 530 - acpitz3: Critical temperature, shutting down
Jiri B. wrote: On Thu, 22 Jul 2010 10:13:01 +0200 Paolo Aglialoro paol...@gmail.com wrote: Just in case Personally I'd open the machine and clean all its dust with compressed air some old laptops sometimes have geological layers of dust, especially around the cpu fan. Even if this should reveal itself a pure software issue, it will for sure benefit the life and operativity of your machine I brought my laptop from service two months ago... With latest kernel I had that issue only once till now. Hm, as laptops do not have serial port and the machine shuts down before it saves dmesg i was not prepared to write by hand those numbers for acpitz3 issues. So no other way to save boot log, right? Just a paper and pen? :) I bought a uftdi(4) based USB - serial converter some years ago to overcome that problem on my notebook. They are cheap and working great! cheers, Sebastian
SOLVED: YPLDAP check_child: lost child ldap client terminated
Hi, This one http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/ypldap/aldap.c?rev=1.26 solved my problem. Good work guys. Regards Hello, OpenBSD 4.7-current (GENERIC.MP) #75: Sun Jul 4 15:06:32 MDT 2010 I'm trying to find a solution to the following problem, but did not identify the cause or origin. Someone can point a way for me to handle this situation and make the correction. Thank you for your attention. ypldap -d startup [debug mode] configuration starting applying configuration connecting to directories starting directory update dns engine exiting check_child: lost child ldap client terminated; signal 11
ULTIMOS LUGARES JULIO 29, LICITACIONES DE ADQUISICIONES EN MEXICO D.F
[IMAGE] Promociones Especiales para Grupos! Mayores informes responda este correo electrsnico con los siguientes datos. Empresa: Nombre: Telifono: Email: Nzmero de Interesados: Y en breve le haremos llegar la informacisn completa del evento. O bien comunmquense a nuestros telifonos un ejecutivo con gusto le atendera Tels. (33) 8851-2365, (33)8851-2741. Copyright (C) 2010, PMS Capacitacisn Efectiva de Mixico S.C. Derechos Reservados. PMS de Mixico, El logo de PMS de Mixico son marcas registradas. ADVERTENCIA PMS de Mixico no cuenta con alianzas estratigicas de ningzn tipo dentro de la Republica Mexicana. NO SE DEJE ENGAQAR - DIGA NO A LA PIRATERIA. Todos los logotipos, marcas comerciales e imagenes son propiedad de sus respectivas corporaciones y se utilizan con fines informativos solamente. Este Mensaje ha sido enviado a misc@openbsd.org como usuario de Pms de Mixico o bien un usuario le refiris para recibir este boletmn. Como usuario de Pms de Mixico, en este acto autoriza de manera expresa que Pms de Mixico le puede contactar vma correo electrsnico u otros medios. Si usted ha recibido este mensaje por error, haga caso omiso de el y reporte su cuenta respondiendo este correo con el subject BAJALicitacion Unsubscribe to this mailing list, reply a blank message with the subject UNSUBSCRIBELicitacion Tenga en cuenta que la gestisn de nuestras bases de datos es de suma importancia y no es intencisn de la empresa la inconformidad del receptor [demime 1.01d removed an attachment of type image/jpeg which had a name of licitacionespublicas.jpg]
por Internet con este hospedaje web de 5 estrellas.
http://www.abretumente.info/enviar/box.php?funcml=unsub2nl=5email=m...@openbsd.org -- Para Darse de baja, por favor haga clic aqum: http://www.abretumente.info/enviar/box.php?funcml=unsub2nl=5email=m...@openbsd.org
pf.conf question
My OpenBSD system has several network cards. - pppoe0 - is connected to DSL line - fxp0 - is connected to switch for local network - ral0 - is wireless I am able to access internet from computers on LAN. From outside my home; I am able to use port 2000 to access a Win2K system. When I try to access the same Win2K systemon port 11005; I get connection refused. $ sudo cat pf.conf set skip on lo pass block in on ! lo0 proto tcp to port 6000:6010 ext_if = pppoe0 int_if = fxp0 air_if = ral0 match out on $ext_if nat-to ($ext_if) win2k= 192.168.0.3 match in on $ext_if inet proto tcp from any to ($ext_if) port 2000 rdr-to $win2k match in on $ext_if inet proto tcp from any to ($ext_if) port 11005 rdr-to $win2k $ sudo pfctl -f /etc/pf.conf From external system: $ telnet .dyndns.org 2000 Trying 64.231.xx.xxx... Connected to .dyndns.org. Escape character is '^]'. Terminated $ telnet .dyndns.org 11005 Trying 64.231.xxx.xxx... telnet: connect to address 64.231.xxx.xxx: Connection refused I don't see any difference is setup between port 2000 and 11005; are there any suggestions out there?
Re: ipsecctl/ipsec.conf: number-only macros not dereferencing
for what it's worth, pfctl in -current parses this situation fine, but ipsecctl does not: # cat cow.conf cow = 'moo' moo = $cow cow = '1234' moo = $cow cow = ' 1234 ' moo = $cow cow = '12a34' moo = $cow # ipsecctl -nvf ./cow.conf cow = moo moo = moo cow = 1234 ./cow.conf: 4: syntax error cow = 1234 ./cow.conf: 6: syntax error cow = 12a34 moo = 12a34 ipsecctl: Syntax error in config file: ipsec rules not loaded # pfctl -nvf ./cow.conf cow = moo moo = moo cow = 1234 moo = 1234 cow = 1234 moo = 1234 cow = 12a34 moo = 12a34 # i went on and tested '-nvf ./cow.conf' in each of: bgpd, ldapd, ldpd, ospfd, relayd, ripd, snmpd, smtpd, ypldap. they all errored out only exactly on lines 4 and 6 m4(1) seems to parse the file fine though. assuming these are all supposed to be consistent, is pfctl/m4 the way things should be, or are all these other things the way things should be? -- jared
Re: ipsecctl/ipsec.conf: number-only macros not dereferencing
i went on and tested '-nvf ./cow.conf' in each of: bgpd, ldapd, ldpd, ospfd, relayd, ripd, snmpd, smtpd, ypldap. they all errored out only exactly on lines 4 and 6 m4(1) seems to parse the file fine though. assuming these are all supposed to be consistent, is pfctl/m4 the way things should be, or are all these other things the way things should be? there may be consistancy problem's between our daemons, but our daemons ARE NOT M4. What next? sh doesn't parse them! Oh my god, mozilla hates them.
Re: pf.conf question answer
Frank Bax wrote: When I try to access the same Win2K system on port 11005; I get connection refused. match in on $ext_if inet proto tcp from any to ($ext_if) port 2000 rdr-to $win2k match in on $ext_if inet proto tcp from any to ($ext_if) port 11005 rdr-to $win2k Sorry for the noise. The service on port 11005 is udp; so connection was being refused by win2k system, not OpenBSD.
Re: OT (kinda): someone else killed a ssd while running openbsd on it?
On 07/22/10 16:27, roberth wrote: Lo, anyone ever killed a SSD while running OpenBSD ontop of it? Maybe i just got a bad sample, but my Intel X25-M died after ~3 month. Suspiscious io-error area inside /usr/src. SMART 'End to End Error Detection count' went tits up. Not user fixable. RMA'd just fine. Just wondering if someone else had any problems themself with other SSD's running OpenBSD. ~roberth I've seen failures on just about every form of non-volatile storage device I've had my hands on. It has nothing to do with OpenBSD. If you got ssd or flash or EEPROM or EPROM or ... for reliability, you got fooled. There's a lot more to this stuff to fail than write fatigue. Look at how a floating gate device works...it's amazing they work at all, it's amazing the expected data retention is measured in years and not minutes. Surprises me not in the least when they die from time to time... 4GB chip requires a lot more than 4 billion perfect storage elements (and line drivers and amps and ... ) The flash BIOS on my laptop died a while back. I can assure you it wasn't write fatigue (it hadn't been updated since it left the factory). I really doubt it was the OS. Vendor apparently knew this could happen, and provided a way for the system to re-load its BIOS from USB utilizing another chunk of (probably) flash ROM which hopefully didn't screw itself up... Low power? Flash. Fast? SSD. Reliable? gimme a two or three year old HD technology (500G SATA would probably be good 'bout now. 160G might be cutting corners to make it too cheap, 2G is too cutting edge), and a good backup system and rapid repair plan for when it fails anyway. I'm not going to swear the HD will be more reliable in statistically significant samples, but I'll spend less total time down because I'll be ready for it. Nick.
Re: ipsecctl/ipsec.conf: number-only macros not dereferencing
On Thu, Jul 22, 2010 at 08:05:55PM -0600, Theo de Raadt wrote: i went on and tested '-nvf ./cow.conf' in each of: bgpd, ldapd, ldpd, ospfd, relayd, ripd, snmpd, smtpd, ypldap. they all errored out only exactly on lines 4 and 6 m4(1) seems to parse the file fine though. assuming these are all supposed to be consistent, is pfctl/m4 the way things should be, or are all these other things the way things should be? there may be consistancy problem's between our daemons, but our daemons ARE NOT M4. What next? i checked m4 because i recall seeing reference to 'much like cpp(1) or m4(1), macros can be used...' comment i've seen in one or more of the manpages. sh doesn't parse them! Oh my god, mozilla hates them. i didn't know if the above i tested are meant to be built around the same parse.y model/framework, but i see the parse.y/yylex stuff in their source dirs, so that was the original nature of my question -- by virtue of ipsecctl parsing it fine in a previous version, but not in -current, is this specific behaviour the way of the future or accidental? -- jared
Re: ipsecctl/ipsec.conf: number-only macros not dereferencing
On Thu, Jul 22, 2010 at 07:43:55PM -0701, jared r r spiegel wrote: is this specific behaviour the way of the future or accidental? if it helps answer that, ipsecctl/parse.y r1.126 (first ipsecctl/parse.y of 4.2-current) is the first revision that all-number macros can't be used in macros. r1.125 (OPENBSD_4_2) parses them ok. just trying to understand if i need to be changing my configs (trying to upgrade some 4.2 machines) or submitting a bugreport. -- jared
Re: PTY allocation error
On Sun, 11 Jul 2010 16:31:20 -0700 Peter Bako pe...@bakonet.org wrote: BTW, in case it matters. I'm using OpenBSD 4.6 as both the host on which I setup the image and OS on the CF card. The card in question is a 64M SanDisk CF and is being plugged into a Soekris Net4801 box. None of these should make a difference, but you never know... :-) Thanks, Peter It's the read-only bit that is your problem. Various OBSD work fine on CF cards set up as IDE disks. Dhu
macppc snapshots: X broken?
Seems at least the last two macppc snapshots I've tried had a broken X. I saw mention of this from another user on po...@[1]. Just curious if this is being worked on, is there anything I can do to help? [1] http://marc.info/?l=openbsd-portsm=127983358723897w=2 [2] dmesg copy-and-pasted from notepad.exe (sorry for any mangling) [ using 454492 bytes of bsd ELF symbol table ] console out [ATY,Via_A]console in [keyboard] USB and ADB found, using ADB using parent ATY,ViaParent:: memaddr 9800 size 800, : consaddr 9c008000, : ioaddr 9002, size 2: memtag 8000, iotag 8000: width 1024 linebytes 1024 height 768 depth 8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2010 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.7-current (GENERIC) #68: Thu Jul 22 00:18:09 MDT 2010 dera...@macppc.openbsd.org:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 671088640 (640MB) avail mem = 637054976 (607MB) mainbus0 at root: model PowerBook6,3 cpu0 at mainbus0: 7455 (Revision 0x303): 799 MHz: 256KB L2 cache mem0 at mainbus0 spdmem0 at mem0: no EEPROM found spdmem1 at mem0: 512MB DDR SDRAM non-parity PC2100CL2.5 memc0 at mainbus0: uni-n hw-clock at memc0 not configured kiic0 at memc0 offset 0xf8001000 iic0 at kiic0 adt0 at iic0 addr 0xae: adt7467 rev 0x71 cy28512 at iic0 addr 0xe9 not configured mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 Apple UniNorth AGP rev 0x00 vgafb0 at pci0 dev 16 function 0 ATI Radeon Mobility 9200 rev 0x01, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x5 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 Apple UniNorth PCI rev 0x00 bwi0 at pci1 dev 18 function 0 Broadcom BCM4306 rev 0x03: irq 52, address 00:0d:93:84:04:88 macobio0 at pci1 dev 23 function 0 Apple Intrepid rev 0x00 openpic0 at macobio0 offset 0x4: version 0x4614 little endian macgpio0 at macobio0 offset 0x50 macgpio1 at macgpio0 offset 0x9 irq 47 pgs0 at macgpio0 offset 0x11: irq 55 gpio4 at macgpio0 offset 0x1e not configured frequency-gpio at macgpio0 offset 0x1a not configured voltage-gpio at macgpio0 offset 0x1b not configured slewing-done at macgpio0 offset 0x12 not configured gpio5 at macgpio0 offset 0x6f not configured gpio6 at macgpio0 offset 0x70 not configured gpio11 at macgpio0 offset 0x75 not configured extint-gpio15 at macgpio0 offset 0x67 not configured escc-legacy at macobio0 offset 0x12000 not configured zsc0 at macobio0 offset 0x13000: irq 22,23 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 snapper0 at macobio0 offset 0x1: irq 30,1,2 timer at macobio0 offset 0x15000 not configured adb0 at macobio0 offset 0x16000 irq 25: via-pmu, 3 targets akbd0 at adb0 addr 2: PowerBook G4 keyboard (Inverted T) wskbd0 at akbd0: console keyboard, using wsdisplay0 ams0 at adb0 addr 3: EMP trackpad tpad 4-button, 400 dpi wsmouse0 at ams0 mux 0 abtn0 at adb0 addr 7: brightness/volume/eject buttons apm0 at adb0: battery flags 0x5, 100% charged piic0 at adb0 iic1 at piic0 battery at macobio0 offset 0x0 not configured backlight at macobio0 offset 0xf300 not configured kiic1 at macobio0 offset 0x18000 iic2 at kiic1 wdc0 at macobio0 offset 0x2 irq 24: DMA atapiscsi0 at wdc0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: QSI, CD-ROM TCR-241, WL15 ATAPI 5/cdrom removable cd0(wdc0:0:0): using BIOS timings, DMA mode 2 audio0 at snapper0 ohci0 at pci1 dev 24 function 0 Apple Intrepid USB rev 0x00: irq 0, version 1.0, legacy support ohci1 at pci1 dev 25 function 0 Apple Intrepid USB rev 0x00: irq 0, version 1.0, legacy support ohci2 at pci1 dev 26 function 0 Apple Intrepid USB rev 0x00: irq 29, version 1.0, legacy support ohci3 at pci1 dev 27 function 0 NEC USB rev 0x43: irq 63, version 1.0 ohci4 at pci1 dev 27 function 1 NEC USB rev 0x43: irq 63, version 1.0 ehci0 at pci1 dev 27 function 2 NEC USB rev 0x04: irq 63 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 NEC EHCI root hub rev 2.00/1.00 addr 1 usb1 at ohci0: USB revision 1.0 uhub1 at usb1 Apple OHCI root hub rev 1.00/1.00 addr 1 usb2 at ohci1: USB revision 1.0 uhub2 at usb2 Apple OHCI root hub rev 1.00/1.00 addr 1 usb3 at ohci2: USB revision 1.0 uhub3 at usb3 Apple OHCI root hub rev 1.00/1.00 addr 1 usb4 at ohci3: USB revision 1.0 uhub4 at usb4 NEC OHCI root hub rev 1.00/1.00 addr 1 usb5 at ohci4: USB revision 1.0 uhub5 at usb5 NEC OHCI root hub rev 1.00/1.00 addr 1 mpcpcibr2 at mainbus0 pci: uni-north, Revision 0x6 pci2 at mpcpcibr2 bus 0 pchb2 at pci2 dev 11 function 0 Apple UniNorth PCI rev 0x00 kauaiata0 at pci2 dev 13 function 0 Apple Intrepid ATA rev 0x00 wdc1 at kauaiata0 irq 39: DMA wd0 at wdc1 channel 0 drive 0: SAMSUNG HM100JC wd0: 16-sector PIO, LBA48, 95396MB, 195371568 sectors wd0(wdc1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 5 Apple UniNorth Firewire rev 0x81 at