Re: Fn keyboard issue on lenovo ideapad
On Thu, Jun 28, 2012 at 08:24:46PM +0200, frantisek holop wrote: hi there, it seems that the Fn key on my netbook is a bit too eager. it seems to work at first glance all right, fn+volume up/down, fn+brightness works, though fn+rfkill does not. This is bugs@ material. Can you put the acpidump somewhere? Curious that acpithinkpad doesn't attach.
SIL 3512 sata card dma errors
Hi! I'm using a SIL 3512A (BIOS ver. 4.3.79) SATA raid card with two disks connected to it. When I'm starting an I/O intensive archive unpacking from wd0 to wd1, I get DMA errors on the console. If I unpack from wd0 - wd0, then it seems fine. I've replaced/switched cables and replaced wd1 too. I can not get a dmesg at the moment, sorry, but I'll post it later when I get to the machine. It is an old Pentium 4 2.4 GHz and runs 5.1-base. I've tried to remove every other PCI cards and left just the SIL, but I could still reproduce this error. Here is a transcript of the error messages: wd1(pciide0:1:0): timeout type: ata c_bcount: 16384 c_skip: 0 pciide0:1:0: bus_master DMA error: missing interrupt, status=0x21 pciide0 channel 1: reset failed for drive 0 wd1d: device timeout writing fsbn 124405184 of 124405184-124405215 (wd1 bn 14642 6976; cn 145264 tn 13 sn 45), retrying pciide0:1:0: not ready, st=0xd1BSY,DRDY,DSC,ERR, err=0x00 pciide0 channel 1: reset failed for drive 0 wd1d: device timeout writing fsbn 124405184 of 124405184-124405215 (wd1 bn 14642 6976; cn 145264 tn 13 sn 45), retrying Anyone has a clue what should I do? I assume the problem is with wd1, is this correct? I could not replace wd0, but if it could be the problem then I reinstall the system to another disk. I'll also try to update the SIL card's BIOS. Should I try -current with this problem? Thanks, Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: OpenBSD's webpage desing
hmm, on Fri, Jun 29, 2012 at 01:19:47PM +1000, Sunnz Yiu said that On Jun 29, 2012 6:56 AM, frantisek holop min...@obiit.org wrote: hmm, on Thu, Jun 28, 2012 at 04:15:56PM -0400, Dave Anderson said that For dynamic content it's even simpler -- the program producing the content should also provide the corresponding header information. and it does so inside the head of the page. a perfectly normal and accepted practice. it'll do it in the http header if the developer for the dynamic page knows what they are doing. still, it is not the webserver doing it. -f -- even if you win the rat race, you're still a rat.
Re: Fn keyboard issue on lenovo ideapad
hmm, on Fri, Jun 29, 2012 at 10:35:41AM +0300, Paul Irofti said that On Thu, Jun 28, 2012 at 08:24:46PM +0200, frantisek holop wrote: hi there, it seems that the Fn key on my netbook is a bit too eager. it seems to work at first glance all right, fn+volume up/down, fn+brightness works, though fn+rfkill does not. This is bugs@ material. Can you put the acpidump somewhere? your wish is my command. obiit.org/f/s100/ Curious that acpithinkpad doesn't attach. i paused about it as well, but strictly speaking this is not a thinkpad. it's the other family 'ideapad'. there are other acpi extensions in linux as well for some of the ideapads. while we are at acpi, please also notice the acpicpu lines: acpicpu0 at acpi0:, C3, C2, C1, PSS ^ acpicpu1 at acpi0:, C3, C2, C1, PSS acpicpu2 at acpi0:, C3, C2, C1, PSS acpicpu3 at acpi0:, C3, C2, C1, PSS -f -- it is always dark if you don't open your eyes.
Does pfsync require same firewall rules on each fw?
Hi All, Does pfsync require firewalls to have the same firewall rules on all hosts in the sync group? May seem an odd thing to ask, but I have a situation in which I have two firewalls on different sides of my network, each one connected to a different external network. Occasionally due to BGP weights etc we might get asymettric packet flow and packets come into our network via one firewall and out via the other. This is a problem for pf's state system and the only way I've been able to work around it is to not keep state at all -- obviously not a great idea. I'm hoping I might be able to re-arrange my network to a point where this is not an issue and both external connections come into a single OpenBSD box so that pf states can work. But, I was wondering... could I use pfsync to sync states across from one side of the network to the other? Do pfsync packets contain reference to the firewall rule number or specific interface? Or does it just have information specific to the packet itself (ie, src address, dst address, sequence numbers etc)? -Matt
Re: OpenBSD's webpage desing
frantisek holop is a shit eating moron who should be ignored by anyone who is not a shit eating moron... FUCK YOU holop. FUCK YOU holop. Please SHUT THE FUCK UP you stupid moron, frantisek holop. I beg all true @misc followers Search the archives for this shit eating moron's posts. He is nothing but a shit eating moron troll. On Fri, Jun 29, 2012, at 01:19 PM, Sunnz Yiu wrote: On Jun 29, 2012 6:56 AM, frantisek holop min...@obiit.org wrote: hmm, on Thu, Jun 28, 2012 at 04:15:56PM -0400, Dave Anderson said that For dynamic content it's even simpler -- the program producing the content should also provide the corresponding header information. and it does so inside the head of the page. a perfectly normal and accepted practice. it'll do it in the http header if the developer for the dynamic page knows what they are doing.
Re: Does pfsync require same firewall rules on each fw?
2012/6/29 Matt Hamilton ma...@netsight.co.uk:
Hi All,
Does pfsync require firewalls to have the same firewall rules on all
hosts in the sync group? May seem an odd thing to ask, but I have a
situation in which I have two firewalls on different sides of my
network, each one connected to a different external
network. Occasionally due to BGP weights etc we might get asymettric
packet flow and packets come into our network via one firewall and out
via the other. This is a problem for pf's state system and the only
way I've been able to work around it is to not keep state at all --
obviously not a great idea.
Hi.
pfsync only synchronizes states. Which rules created them is
irrelevant. If you have a PI address space, you're probably fine.
Don't forget to provide a stable and possibly separate link between
the routers, IPsec tunnel or a VLAN, or don't rely on multicast and
set syncpeers. On an open network it can sometimes bite, which is
probably caused by others using similar multicast addresses, or I
don't know.
But, I was wondering... could I use pfsync to sync states across from
one side of the network to the other? Do pfsync packets contain
reference to the firewall rule number or specific interface? Or does
it just have information specific to the packet itself (ie, src
address, dst address, sequence numbers etc)?
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_pfsync.h?rev=1.44
struct pfsync_upd_c {
u_int64_t id;
struct pfsync_state_peersrc;
struct pfsync_state_peerdst;
u_int32_t creatorid;
u_int32_t expire;
u_int8_ttimeout;
u_int8_tstate_flags;
u_int8_t_pad[2];
} __packed;
Imagine what would you gain if you forced people to use the same rules
or even the same interface names. These are completely separate
things.
--
Martin Pelikan
dhcpd sync: tuncated or invalid packet
Hi List, i am using two machines in our network as DHCP servers and want to synchronise them via the -Y and -y switches. After a while, they get out of sync and have slight differences in their leasefiles. After investigating a bit, i activated the sync_debug mode in /usr/src/usr.sbin/dhcpd/sync.c by setting sync_debug != 0: int sync_debug = 1; recompiled dhcpd and installed it. Watching the logs shows, that the messages aren't received properly: on sparc64: Jun 29 13:42:03 sparci dhcpd[23673]: DHCPREQUEST for 192.168.1.144 from 00:23:12:06:d6:34 via 192.168.1.242 Jun 29 13:42:03 sparci dhcpd[23673]: DHCPACK on 192.168.1.144 to 00:23:12:06:d6:34 via 192.168.1.242 Jun 29 13:42:03 sparci dhcpd[23673]: sending DHCP_SYNC_LEASE for hw 00:23:12:06:d6:34 - ip 192.168.1.144, start 1340970122, end 1343562122 Jun 29 13:42:03 sparci dhcpd[23673]: sending sync message to 192.168.1.240 (192.168.1.240) Jun 29 13:42:03 sparci dhcpd[23673]: sending sync message to 192.168.1.244 (192.168.1.244) Jun 29 13:42:03 sparci dhcpd[23673]: 192.168.1.244(sync): truncated or invalid packet Jun 29 13:42:03 sparci dhcpd[23673]: DHCPREQUEST for 192.168.1.144 from 00:23:12:06:d6:34 via 192.168.1.242 Jun 29 13:42:03 sparci dhcpd[23673]: DHCPACK on 192.168.1.144 to 00:23:12:06:d6:34 via 192.168.1.242 Jun 29 13:42:03 sparci dhcpd[23673]: sending DHCP_SYNC_LEASE for hw 00:23:12:06:d6:34 - ip 192.168.1.144, start 1340970123, end 1343562123 Jun 29 13:42:03 sparci dhcpd[23673]: sending sync message to 192.168.1.240 (192.168.1.240) Jun 29 13:42:03 sparci dhcpd[23673]: sending sync message to 192.168.1.244 (192.168.1.244) on amd64 (virtual): Jun 29 13:42:03 infra0 dhcpd[21062]: DHCPREQUEST for 192.168.1.144 from 00:23:12:06:d6:34 via 192.168.1.242 Jun 29 13:42:03 infra0 dhcpd[21062]: DHCPACK on 192.168.1.144 to 00:23:12:06:d6:34 via 192.168.1.242 Jun 29 13:42:03 infra0 dhcpd[21062]: sending DHCP_SYNC_LEASE for hw 00:23:12:06:d6:34 - ip 192.168.1.144, start 1340970122, end 1343562122 Jun 29 13:42:03 infra0 dhcpd[21062]: sending sync message to 192.168.1.240 (192.168.1.240) Jun 29 13:42:03 infra0 dhcpd[21062]: sending sync message to 192.168.1.241 (192.168.1.241) Jun 29 13:42:03 infra0 dhcpd[21062]: 192.168.1.241(sync): truncated or invalid packet Jun 29 13:42:03 infra0 dhcpd[21062]: 192.168.1.241(sync): truncated or invalid packet on amd64 (real hardware): Jun 29 13:42:03 infra1 dhcpd[11844]: 192.168.1.244(sync): truncated or invalid packet Jun 29 13:42:03 infra1 dhcpd[11844]: 192.168.1.241(sync): truncated or invalid packet Jun 29 13:42:03 infra1 dhcpd[11844]: 192.168.1.241(sync): truncated or invalid packet These are logentries from three machines, to rule out anything is related to the second host running on virtual hardware. The dhcpd syncs are started in unicast mode with -Y 192.168.1.244 -Y 192.168.1.240 -y 192.168.1.241 (on the sparc64, and vice versa on the other hosts). Multicast syncs don't change the situation. Is there anything, i can do about the truncated messages to get this working as it should? marc
Re: Manpage update for option user user ?
On Tue, Jun 26, 2012 at 12:36:25PM +0100, Ti Zed wrote: Hello, recently, i migrated an old pf_old.conf file (OpenBSD 4.4) to the new pf_new.conf grammar of OpenBSD 5.0. In the pf_old.conf there is a line with a user restriction user user. As the old manpage of pf.conf states, just tcp/udp protocols are handled and other ignored. Which means, in the pf_old.conf the rules are loaded even without tcp/udp flags. With the new version, the tcp/udp flags has to be set in the rule, otherwise an error is thrown (see below) and the rules will not be loaded into the pf engine. ... user only applies to tcp/udo ... skipping rule due to errors Unfurtonately this can lead to faults during a migration (without the knowledge of this fact). From my point of view, the manpage of pf.conf should be updated with the comment, that the option user user HAS TO BE bound to an protocol otherwise the rules will not be loaded. Kind regards man page updated. thanks, jmc
Re: OpenBSD's webpage desing
what kind of shit are we talking about here? Scheisster baby eat my caviar turds or sinewy shrimp intestines you have to swallow wholesale lest being called a fag? Don't leave this up for interpretation or commentators unaware of Tourette syndrome tax deductions will /again/ quote out of context and label OpenBSD a psychopath hangout. Btw I read Theo was probably going Reiser-loco, that's fucking hilarious. I left OpenBSD to become a murder profiler. -- p frantisek holop is a shit eating moron who should be ignored by anyone who is not a shit eating moron... FUCK YOU holop. FUCK YOU holop. Please SHUT THE FUCK UP you stupid moron, frantisek holop. I beg all true @misc followers Search the archives for this shit eating moron's posts. He is nothing but a shit eating moron troll. On Fri, Jun 29, 2012, at 01:19 PM, Sunnz Yiu wrote: On Jun 29, 2012 6:56 AM, frantisek holop min...@obiit.org wrote: hmm, on Thu, Jun 28, 2012 at 04:15:56PM -0400, Dave Anderson said that For dynamic content it's even simpler -- the program producing the content should also provide the corresponding header information. and it does so inside the head of the page. a perfectly normal and accepted practice. it'll do it in the http header if the developer for the dynamic page knows what they are doing.
Re: OpenBSD's webpage desing
On Wed 27/06/12 08:32, Theo de Raadt dera...@cvs.openbsd.org wrote: On Tue, Jun 26, 2012 at 3:24 PM, richardtoo...@paradise.net.nz wrote: I'd prefer the (small) team of developers to work on the code. Well, that's a false dichotomy: not all OpenBSD committers work on the code. A handful work primarily on maintaining the website and/or documentation, because that's an important job too. Fair enough, I am not a developer, so it was entirely my 2c. I'm sure there are a lot of people who pop up and offer to do stuff but when the going gets tough and not much fun, they melt away like snowflakes. I've seen it in a number of organisations - lots of ideas, not enough implementers (if there's such a word.) Yeah. I get mails like that. We can make this much prettier using php. bullshit, we can make it prettier using javascript/node ;^)
RFQ FOR ARC1220
Hi TopSuplier69432-WSBE- Please do not delete this line You show in your Web-Site ARECA items. Please quote for 1 pcs of ARC1220 Thank you for your cooperation PS: We buy stocks, Please send your stock for sale to st...@lti.co.il Thanks and Regards, Purchasing Department Tel. +972-74-7147791 Fax.+972-74-7147791 LTi www.lti.co.il Remove me from E-Mail List If the above link doesn't work please copy the following link and insert into your browser: http://ns.lti.co.il/RemoveFrom.php?Email=misc@openbsd.orgKey=a66 8997f60e51a5403cf4502d78d3b8598
Re: OpenBSD's webpage desing
oi, fur-for-brains-man you said you will never see an email from me ever because i go directly to /dev/null. your mama's so fat you cannot even set up procmail. hmm, on Fri, Jun 29, 2012 at 07:20:29AM -0400, Eric Furman said that frantisek holop is a shit eating moron who should be ignored by anyone who is not a shit eating moron... FUCK YOU holop. FUCK YOU holop. Please SHUT THE FUCK UP you stupid moron, frantisek holop. I beg all true @misc followers Search the archives for this shit eating moron's posts. He is nothing but a shit eating moron troll. On Fri, Jun 29, 2012, at 01:19 PM, Sunnz Yiu wrote: On Jun 29, 2012 6:56 AM, frantisek holop min...@obiit.org wrote: hmm, on Thu, Jun 28, 2012 at 04:15:56PM -0400, Dave Anderson said that For dynamic content it's even simpler -- the program producing the content should also provide the corresponding header information. and it does so inside the head of the page. a perfectly normal and accepted practice. it'll do it in the http header if the developer for the dynamic page knows what they are doing. -- don't /usr/bin/talk to strangers
Actualizacion Normativa de Alto Impacto
 copy; 2012 Conference Corporativo S.C. Asista a los 48 Mejores Cursos en Meacute;xico de la Serie:NOVEDADES NORMATIVAS en la ADMINISTRACIOacute;N PUacute;BLICA MEXICANA Incluye 4 cursos de ALTO IMPACTO para el CIERRE de GESTIOacute;N 2012: 1) Taller para la Elaboracioacute;n Puntual de las Memorias Documentales. 2) Curso sobre el Libro Blanco y las Memorias Documentales del Sector Puacute;blico Mexicano. 3) Curso sobre Coacute;mo Solventar Observaciones 4) Taller para la Elaboracioacute;n del Acta Entrega Recepcioacute;n y Rendicioacute;n de Cuentas Cursos, Contenidos y Metodologiacute;as Desarrollados en Alianza con las Mejores Universidades Europeas con Calidad ISO 9000. Curso 1 (Nueva) Ley Federal Anticorrupcioacute;n. Curso 2 (Nueva) Ley de Asociaciones Puacute;blico-Privadas. Curso 3 (NUEVO TALLER) Elaboracioacute;n Puntual de las Memorias Documentales. Curso 4 (NUEVO CURSO) Excelencia en la Conformacioacute;n del LIBRO BLANCO y las Memorias Documentales del Sector Puacute;blico Mexicano. Curso 5 (NUEVO TALLER) Acta ENTREGA RECEPCIOacute;N. Curso 6 Coacute;mo Solventar Observaciones (BASADO EN JURISPRUDENCIA DEFINIDA DE LA SUPREMA CORTE DE JUSTICIA DE LA NACIOacute;N) (Incluye Acuerdo por el Cual se Establecen las Disposiciones Generales para la Realizacioacute;n de Auditoriacute;as, Revisiones y Visitas de Inspeccioacute;n). Curso 7 (NUEVA) Ley Federal de Archivos. Curso 8 Ley Federal de Responsabilidades Administrativas. Curso 9 Defensa Estrateacute;gica de los Servidores Puacute;blicos y su Procedimiento Administrativo. Curso 10 Auditoriacute;a Gubernamental. (Incluye Acuerdo por el Cual se Establecen las Disposiciones Generales para la Realizacioacute;n de Auditoriacute;as, Revisiones y Visitas de Inspeccioacute;n). Curso 11 Reacute;gimen Juriacute;dico de las Responsabilidades de los Servidores Puacute;blicos. Curso 12 Dualidad Penal Administrativa. Curso 13 Fundamentos Penales para Auditores Gubernamentales. Curso 14 Teacute;cnicas de Argumentacioacute;n Juriacute;dica. Curso 15 Nuevo Enfoque Estrateacute;gico para los OICprime;S Oacute;rganos Internos de Control del Gobierno Mexicano. (Incluye Acuerdo por el Cual se Establecen las Disposiciones Generales para la Realizacioacute;n de Auditoriacute;as, Revisiones y Visitas de Inspeccioacute;n). Curso 16 Licitaciones Electroacute;nicas de las ADQUISICIONES - COMPRANET para Servidores Puacute;blicos (Convocantes). Curso 15 Licitaciones Electroacute;nicas de las OBRAS PUacute;BLICAS - COMPRANET para Servidores Puacute;blicos (Convocantes). Curso 17 NUEVAS Disposiciones del CONAC. Curso 19 Manual de Contabilidad Gubernamental. Curso 20 Clasificador por Objeto del Gasto. Curso 21 Matriz de Administracioacute;n de Riesgos (MAR). Curso 22 MANUAL Administrativo de ADQUISICIONES. Curso 23 MANUAL Administrativo de OBRAS PUacute;BLICAS. Curso 24 Manual Administrativo de RECURSOS MATERIALES y SERVICIOS GENERALES. Curso 25 Manual Administrativo de Aplicacioacute;n General en Materia de RECURSOS FINANCIEROS. Curso 26 Manual Administrativo de RECURSOS HUMANOS. Curso 27 Manual Administrativo de Aplicacioacute;n General en Materia de Tecnologiacute;as de la Informacioacute;n y Comunicaciones (TIC). Curso 28 Manual de Transparencia. Curso 29 Disposiciones en Materia de Control Interno y su Manual Administrativo. Curso 30 Servicio Profesional de Carrera y su Reglamento. Curso 31 NUEVO Manual del Servicio Profesional de Carrera. Curso 32 Auditoriacute;as, Revisiones y Visitas de Inspeccioacute;n. Curso 33 NUEVO Esquema de Induccioacute;n a la Administracioacute;n Puacute;blica Federal. Curso 34 NUEVO Esquema de Induccioacute;n a la Institucioacute;n. Curso 35 NUEVO Esquema de Induccioacute;n al Puesto. Curso 36 Ley de Adquisiciones. Curso 37 Ley de Obras Puacute;blicas. Curso 38 Licitaciones y Contrataciones de las Adquisiciones. Curso 39 Licitaciones y Contrataciones de las Obras Puacute;blicas. Curso 40 Reglamento de la Ley de Adquisiciones. Curso 41 Reglamento de la Ley de Obras Puacute;blicas. Curso 42 Coacute;mo Elaborar Detalladamente la Matriz de Conversioacute;n del CONAC. Curso 43 Presupuesto Basado en Resultados (PBR). Curso 44 Disentilde;o de la Matriz del Marco Loacute;gico para la Evaluacioacute;n del PBR. Curso 45 Sistema de Evaluacioacute;n del Desempentilde;o (SED). Curso 46 Nuevos Lineamientos sobre Indicadores para Medir los Avances Fiacute;sicos y Financieros. Curso 47 Contabilidad Gubernamental en la Transparencia de las Finanzas Puacute;blicas. Curso 48 Contabilidad Gubernamental en la Armonizacioacute;n Contable y el Nuevo Plan de Cuentas. Atencioacute;n Ejecutiva Centro de Atencioacute;n Telefoacute;nica: DF y Aacute;rea Metropolitana (55) 91 40 30 30 Lada sin costo: (01 800) 439 66 66 Correo dirigido a: ESTE MAIL CUMPLE CON LAS POLiacute;TICAS ANTISPAM INTERNACIONALES Y LOCALES. Para darse de baja soacute;lo haga click aquiacute;
Re: Does pfsync require same firewall rules on each fw?
On Fri, Jun 29, 2012 at 01:20:49PM +0200, Martin Pelikan wrote:
2012/6/29 Matt Hamilton ma...@netsight.co.uk:
Does pfsync require firewalls to have the same firewall rules on all
hosts in the sync group?
pfsync only synchronizes states. Which rules created them is
irrelevant.
This absolutely incorrect (see below)
But, I was wondering... could I use pfsync to sync states across
from one side of the network to the other?
How well this will work depends a lot on the nature of your traffic and
the latency between the two firewalls. You will probably need to use the
'defer' option for the pfsync interface, which will cause delays on
connection setup if the firewalls are too far apart.
Do pfsync packets contain reference to the firewall rule number or
specific interface? Or does it just have information specific to the
packet itself (ie, src address, dst address, sequence numbers etc)?
If the firewall rulesets are the same, pfsync will link the state
entries to the matching rules. this is necessary to get timeouts, max-*
limits and overload table behavior, per-rule src node tracking, etc. If
the rulesets are different, all states will be associated with the
'default' rule and as such will get the defaults for these items,
regardless of the options on the rule which matched when the state was
created.
It's not impossible to get the same ruleset across two very different
firewalls though, as long as the general policy is the same you can
probably make it work by using interface groups rather than the actual
interface names, and tables where ip addresses need to be different.
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_pfsync.h?rev=1.44
struct pfsync_upd_c {
This is only used for state updates, state creations are done with
struct pfsync_state in pfvar.h.
