Panic on 1 oct 2012 kernel
Hi, Just got a panic from an nginx webserver of ours. Can produce ps and trace since ddb send symbol unknown when we send the command. This is what was captured from my camera phone; panic: kernel diagnostic assertion __mp_lock_held(sched_lock) == 0 failed: file ../../../../kern/kern_lock.c, line 363 Stopped at Debugger+0x5: leave Thanks, Insan Praja SW OpenBSD 5.2-current (IMS-AMD64.MP) #3: Mon Oct 1 14:49:48 WIT 2012 r...@development.xxx.net:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2145189888 (2045MB) avail mem = 2065670144 (1969MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.33 @ 0x7fee2000 (29 entries) bios0: vendor IBM version IBM BIOS Version 1.35-[G9E135AUS-1.35]- date 09/29/2007 bios0: IBM IBM System x3250 -[436442A]- acpi0 at bios0: rev 0 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP MCFG APIC BOOT SPCR SSDT acpi0: wakeup devices PEG_(S4) PEG2(S4) EXP1(S4) EXP5(S4) EXP6(S4) PCIB(S4) COM1(S4) COM2(S4) USB1(S4) USB2(S4) USB3(S4) USB4(S4) EUSB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimcfg0 at acpi0 addr 0xe000, bus 0-25 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Xeon(R) CPU 3040 @ 1.86GHz, 1866.98 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF cpu0: 2MB 64b/line 8-way L2 cache cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Xeon(R) CPU 3040 @ 1.86GHz, 1866.73 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF cpu1: 2MB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 12 (PEG_) acpiprt2 at acpi0: bus 6 (PEG2) acpiprt3 at acpi0: bus 5 (EXP1) acpiprt4 at acpi0: bus 1 (EXP5) acpiprt5 at acpi0: bus 3 (EXP6) acpiprt6 at acpi0: bus 26 (PCIB) acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpibtn0 at acpi0: PWRB ipmi at mainbus0 not configured cpu0: Enhanced SpeedStep 1866 MHz: speeds: 1867, 1600 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel E7230 Host rev 0xc0 ppb0 at pci0 dev 1 function 0 Intel E7230 PCIE rev 0xc0: msi pci1 at ppb0 bus 12 ppb1 at pci0 dev 3 function 0 Intel 82975X PCIE rev 0xc0: msi pci2 at ppb1 bus 6 ppb2 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01: msi pci3 at ppb2 bus 5 ppb3 at pci0 dev 28 function 4 Intel 82801G PCIE rev 0x01: msi pci4 at ppb3 bus 1 bge0 at pci4 dev 0 function 0 Broadcom BCM5721 rev 0x21, BCM5750 C1 (0x4201): apic 2 int 16, address 00:1a:64:6e:a0:9a brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 ppb4 at pci0 dev 28 function 5 Intel 82801G PCIE rev 0x01: msi pci5 at ppb4 bus 3 bge1 at pci5 dev 0 function 0 Broadcom BCM5721 rev 0x21, BCM5750 C1 (0x4201): apic 2 int 17, address 00:1a:64:6e:a0:9b brgphy1 at bge1 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: apic 2 int 23 uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: apic 2 int 19 uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: apic 2 int 18 uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: apic 2 int 16 ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: apic 2 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb5 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xe1 pci6 at ppb5 bus 26 vga1 at pci6 dev 4 function 0 ATI ES1000 rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) radeondrm0 at vga1: apic 2 int 18 drm0 at radeondrm0 pcib0 at pci0 dev 31 function 0 Intel 82801GB LPC rev 0x01 pciide0 at pci0 dev 31 function 2 Intel 82801GB SATA rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: Hitachi HDS721616PLA380 IBM wd0: 16-sector PIO, LBA48, 152626MB, 312579695 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TSSTcorp, CD-ROM TS-L162C, IB02 ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x01: apic 2 int 19 iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 512MB DDR2 SDRAM ECC PC2-5300CL5 spdmem1 at iic0 addr 0x51: 512MB DDR2 SDRAM ECC PC2-5300CL5 spdmem2 at iic0 addr 0x52: 512MB DDR2 SDRAM ECC PC2-5300CL5 spdmem3 at iic0 addr 0x53: 512MB DDR2 SDRAM ECC PC2-5300CL5 usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 Intel UHCI root
Re: kern.maxclusters vs syn proxy
* Tyler Morgan tyl...@tradetech.net [2012-10-02 18:31]: which links to: http://www.openbsd.org/faq/pf/filter.html#synproxy which gets far from saying what Henning said. this has been fixed. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: Panic on 1 oct 2012 kernel
On 4 October 2012 12:06, Insan Praja SW insan.pr...@gmail.com wrote: Hi, Just got a panic from an nginx webserver of ours. Can produce ps and trace since ddb send symbol unknown when we send the command. This is what was captured from my camera phone; You mean can't ? can you paste exactly what happens when you try to get a trace ? Looks like some code path is trying to grab the kernel_lock with the sched_lock held. panic: kernel diagnostic assertion __mp_lock_held(sched_lock) == 0 failed: file ../../../../kern/kern_lock.c, line 363 Stopped at Debugger+0x5: leave Thanks, Insan Praja SW OpenBSD 5.2-current (IMS-AMD64.MP) #3: Mon Oct 1 14:49:48 WIT 2012 r...@development.xxx.net:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2145189888 (2045MB) avail mem = 2065670144 (1969MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.33 @ 0x7fee2000 (29 entries) bios0: vendor IBM version IBM BIOS Version 1.35-[G9E135AUS-1.35]- date 09/29/2007 bios0: IBM IBM System x3250 -[436442A]- acpi0 at bios0: rev 0 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP MCFG APIC BOOT SPCR SSDT acpi0: wakeup devices PEG_(S4) PEG2(S4) EXP1(S4) EXP5(S4) EXP6(S4) PCIB(S4) COM1(S4) COM2(S4) USB1(S4) USB2(S4) USB3(S4) USB4(S4) EUSB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimcfg0 at acpi0 addr 0xe000, bus 0-25 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Xeon(R) CPU 3040 @ 1.86GHz, 1866.98 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF cpu0: 2MB 64b/line 8-way L2 cache cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Xeon(R) CPU 3040 @ 1.86GHz, 1866.73 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF cpu1: 2MB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 12 (PEG_) acpiprt2 at acpi0: bus 6 (PEG2) acpiprt3 at acpi0: bus 5 (EXP1) acpiprt4 at acpi0: bus 1 (EXP5) acpiprt5 at acpi0: bus 3 (EXP6) acpiprt6 at acpi0: bus 26 (PCIB) acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpibtn0 at acpi0: PWRB ipmi at mainbus0 not configured cpu0: Enhanced SpeedStep 1866 MHz: speeds: 1867, 1600 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel E7230 Host rev 0xc0 ppb0 at pci0 dev 1 function 0 Intel E7230 PCIE rev 0xc0: msi pci1 at ppb0 bus 12 ppb1 at pci0 dev 3 function 0 Intel 82975X PCIE rev 0xc0: msi pci2 at ppb1 bus 6 ppb2 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01: msi pci3 at ppb2 bus 5 ppb3 at pci0 dev 28 function 4 Intel 82801G PCIE rev 0x01: msi pci4 at ppb3 bus 1 bge0 at pci4 dev 0 function 0 Broadcom BCM5721 rev 0x21, BCM5750 C1 (0x4201): apic 2 int 16, address 00:1a:64:6e:a0:9a brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 ppb4 at pci0 dev 28 function 5 Intel 82801G PCIE rev 0x01: msi pci5 at ppb4 bus 3 bge1 at pci5 dev 0 function 0 Broadcom BCM5721 rev 0x21, BCM5750 C1 (0x4201): apic 2 int 17, address 00:1a:64:6e:a0:9b brgphy1 at bge1 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: apic 2 int 23 uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: apic 2 int 19 uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: apic 2 int 18 uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: apic 2 int 16 ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: apic 2 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb5 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xe1 pci6 at ppb5 bus 26 vga1 at pci6 dev 4 function 0 ATI ES1000 rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) radeondrm0 at vga1: apic 2 int 18 drm0 at radeondrm0 pcib0 at pci0 dev 31 function 0 Intel 82801GB LPC rev 0x01 pciide0 at pci0 dev 31 function 2 Intel 82801GB SATA rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: Hitachi HDS721616PLA380 IBM wd0: 16-sector PIO, LBA48, 152626MB, 312579695 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TSSTcorp, CD-ROM TS-L162C, IB02 ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x01: apic 2 int 19 iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 512MB DDR2 SDRAM ECC PC2-5300CL5 spdmem1 at iic0 addr
Re: Panic on 1 oct 2012 kernel
Hi, On Thu, 04 Oct 2012 17:52:24 +0700, Christiano F. Haesbaert haesba...@haesbaert.org wrote: On 4 October 2012 12:06, Insan Praja SW insan.pr...@gmail.com wrote: Hi, Just got a panic from an nginx webserver of ours. Can produce ps and trace since ddb send symbol unknown when we send the command. This is what was captured from my camera phone; You mean can't ? can you paste exactly what happens when you try to get a trace ? Yap. Sorry for that. Looks like some code path is trying to grab the kernel_lock with the sched_lock held. panic: kernel diagnostic assertion __mp_lock_held(sched_lock) == 0 failed: file ../../../../kern/kern_lock.c, line 363 Stopped at Debugger+0x5: leave Thanks, Insan Praja SW OpenBSD 5.2-current (IMS-AMD64.MP) #3: Mon Oct 1 14:49:48 WIT 2012 r...@development.xxx.net:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2145189888 (2045MB) avail mem = 2065670144 (1969MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.33 @ 0x7fee2000 (29 entries) bios0: vendor IBM version IBM BIOS Version 1.35-[G9E135AUS-1.35]- date 09/29/2007 bios0: IBM IBM System x3250 -[436442A]- acpi0 at bios0: rev 0 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP MCFG APIC BOOT SPCR SSDT acpi0: wakeup devices PEG_(S4) PEG2(S4) EXP1(S4) EXP5(S4) EXP6(S4) PCIB(S4) COM1(S4) COM2(S4) USB1(S4) USB2(S4) USB3(S4) USB4(S4) EUSB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimcfg0 at acpi0 addr 0xe000, bus 0-25 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Xeon(R) CPU 3040 @ 1.86GHz, 1866.98 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF cpu0: 2MB 64b/line 8-way L2 cache cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Xeon(R) CPU 3040 @ 1.86GHz, 1866.73 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF cpu1: 2MB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 12 (PEG_) acpiprt2 at acpi0: bus 6 (PEG2) acpiprt3 at acpi0: bus 5 (EXP1) acpiprt4 at acpi0: bus 1 (EXP5) acpiprt5 at acpi0: bus 3 (EXP6) acpiprt6 at acpi0: bus 26 (PCIB) acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpibtn0 at acpi0: PWRB ipmi at mainbus0 not configured cpu0: Enhanced SpeedStep 1866 MHz: speeds: 1867, 1600 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel E7230 Host rev 0xc0 ppb0 at pci0 dev 1 function 0 Intel E7230 PCIE rev 0xc0: msi pci1 at ppb0 bus 12 ppb1 at pci0 dev 3 function 0 Intel 82975X PCIE rev 0xc0: msi pci2 at ppb1 bus 6 ppb2 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01: msi pci3 at ppb2 bus 5 ppb3 at pci0 dev 28 function 4 Intel 82801G PCIE rev 0x01: msi pci4 at ppb3 bus 1 bge0 at pci4 dev 0 function 0 Broadcom BCM5721 rev 0x21, BCM5750 C1 (0x4201): apic 2 int 16, address 00:1a:64:6e:a0:9a brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 ppb4 at pci0 dev 28 function 5 Intel 82801G PCIE rev 0x01: msi pci5 at ppb4 bus 3 bge1 at pci5 dev 0 function 0 Broadcom BCM5721 rev 0x21, BCM5750 C1 (0x4201): apic 2 int 17, address 00:1a:64:6e:a0:9b brgphy1 at bge1 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: apic 2 int 23 uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: apic 2 int 19 uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: apic 2 int 18 uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: apic 2 int 16 ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: apic 2 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb5 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xe1 pci6 at ppb5 bus 26 vga1 at pci6 dev 4 function 0 ATI ES1000 rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) radeondrm0 at vga1: apic 2 int 18 drm0 at radeondrm0 pcib0 at pci0 dev 31 function 0 Intel 82801GB LPC rev 0x01 pciide0 at pci0 dev 31 function 2 Intel 82801GB SATA rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: Hitachi HDS721616PLA380 IBM wd0: 16-sector PIO, LBA48, 152626MB, 312579695 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TSSTcorp, CD-ROM TS-L162C, IB02 ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x01: apic 2 int 19 iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 512MB
Re: Panic on 1 oct 2012 kernel
On 4 October 2012 12:56, Insan Praja SW insan.pr...@gmail.com wrote: Hi, On Thu, 04 Oct 2012 17:52:24 +0700, Christiano F. Haesbaert haesba...@haesbaert.org wrote: On 4 October 2012 12:06, Insan Praja SW insan.pr...@gmail.com wrote: Hi, Just got a panic from an nginx webserver of ours. Can produce ps and trace since ddb send symbol unknown when we send the command. This is what was captured from my camera phone; You mean can't ? can you paste exactly what happens when you try to get a trace ? Yap. Sorry for that. You're not using generic, what did you change ? Can you show me what happens when you try to get a trace/ps ? Did you reboot the machine ? If you're screwing with the kernel and asking for support at least try to tell us what have you changed.
Re: ikev2 and (ta-da) OpenBSD road warrior host
On Thu, Oct 4, 2012 at 6:13 AM, Erling Westenvik erling.westen...@gmail.com wrote: Shamefully I must admit what many OpenBSD'ers consider a crime worse than intercourse with the devil, namely to follow a so-called Howto (http://www.mouedine.net/) and within minutes having my daughters Windows 7 road warrior up and running connected to my OpenBSD gateway using IKEv2. Luckily for those that think natively in man pages, I'm stuck with how to achieve the same thing with my OpenBSD real road warriors, so now is your chance to tell me off. On the gateway the following /etc/iked.conf works for the win7 client: # cat /etc/iked.conf ikev2 passive esp \ from 192.168.3.0/24 to 10.10.10.0/24 local a.b.c.d peer any \ srcid a.b.c.d \ config address 10.10.10.7 I've generated certificates for one of my OpenBSD clients: # ikectl ca vpn certificate t500 create (+ export) copied them to the client and extracted them according to ikectl(8): # tar -C /etc/iked laptop -xzpf t500.tgz which brought /etc/iked on the laptop to contain: ./ca/ca.crt ./certs/t500.crt ./crls/ca.crl ./export/ca.pfx ./export/t500.pfx ./private/t500.key ./private/local.key ./local.pub What is difficult to derive from the multitude of man pages from this point onward, is: 1) how to add the client to /etc/iked.conf on the gateway. config address cannot be used by the ikev2 client implemented in the iked. also you might find out that certificates are not working in the client setup. i'm working on fixing the latter right now. 2) how to configure and start the client. for now your only option is to use psk and a different server rule. please make sure to use different local ip addresses on the server otherwise you won't be able to match multiple policies. that's something we need to address as well. I think I'll be able to figure out most of it if someone would just point me in the right direction. Cheers, Erling
Re: ikev2 and (ta-da) OpenBSD road warrior host
On Thu, Oct 04, 2012 at 01:40:30PM +0200, Mike Belopuhov wrote: for now your only option is to use psk and a different server rule. please make sure to use different local ip addresses on the server otherwise you won't be able to match multiple policies. that's something we need to address as well. Thanks. And good luck with the implementation of IKEv2. It looks really promising! And sorry for my attempt to joke about howto's. For people like me they are sometimes a necessary evil.
Alerta Usted tiene un mensaje de amor
Aun te amo mucho mi amor quizas te hayas olvidado de mi, quiero que sepas Aun te amo mucho mi amor quizas te hayas olvidado de mi, quiero que sepas Usted tiene un mensaje personal para ver el mensaje completo y la foto ingrese en VER MENSAJE Aun te amo mucho mi amor quizas te hayas olvidado de mi, quiero que sepas Aun te amo mucho mi amor quizas te hayas olvidado de mi, quiero que sepas Usted tiene un mensaje privado con el titulo: TE AMO MUCHO MI AMOR, alguien te considera muy especial y te envió un mensaje junto a una foto editada en nuestro portal, esperamos le sea de su agrado. TE AMO MUCHO MI AMOR Aun te amo mucho mi amor quizas te hayas olvidado de mi, quiero que sepas que io nunca lo hize recuerdas cuando. Aun te amo mucho mi amor quizas te hayas olvidado de mi, quiero que sepas Aun te amo mucho mi amor quizas te hayas olvidado de mi, quiero que sepas VER MENSAJE Aun te amo mucho mi amor quizas te hayas olvidado de mi, quiero que sepas
Re: Nginx, FCGI and C programs
On Thu, Oct 04, 2012 at 08:20:43PM +0300, Ville Valkonen wrote: Hi, I've configured Nginx and FCGI to run some C/C++ apps, well almost. When navitaging to http://host.foo/weezel/progut/default.cgi nginx's error log states the following (below there is test.c, test.c == default.cgi): 2012/10/04 16:52:22 [error] 26690#0: *14 kevent() reported that connect() failed (61: Connection refused) while connecting to upstream, client: 192.168.50.102, server: host.foo, request: GET /weezel/progut/ HTTP/1.1, upstream: fastcgi://127.0.0.1:9001, host: host.foo Not sure but is your dns working inside chroot? jirib
Venda como un Guerrillero - Logre un Record de Ventas
Venda como un Guerrillero - Armas y Tácticas No Convencionales para Lograr un Récord de Ventas Panama 11 de Octubre / Sheraton Panama Hotel Convention Center Para sobrevivir en el medio actual de las ventas, ya sea de productos o servicios, usted debe poner en práctica el coraje de un mercenario veterano ¡Debe convertirse en un guerrillero!... Cierre más ventas y gane más cuentas con las estrategias probadas de las ventas de guerrilla. Hoy, hay una selva ahí afuera: Los presupuestos están limitados, la competencia es feroz y la decisión de compra a menudo se basa en el precio, pero usted tiene garantizado el cumplimiento de sus metas porque este seminario le ayudará a dominar las técnicas, los acercamientos y las habilidades que diferencian al Top 5 de los Vendedores de todos los demás y obtendrá lo que necesita para llevar sus ventas a un nivel más alto y poder disfrutar de las ventajas que siempre ha esperado de su carrera en ventas. Este seminario le ofrece los beneficios de una nueva forma revolucionaria de vender, incluyendo: 1. Las 10 características clave que destacan a los mejores vendedores de los demás Descubra los secretos del éxito de los vendedores guerreros. 2. Cómo implementar tácticas que convierten a los prospecto en clientes. 3. Piense como el cliente y adapte su acercamiento a la venta. 4. Domine la venta con valor agregado: La llave para mantener sus clientes a largo plazo. 5. Acorte su ciclo de venta y obtenga el sí más rápido. 6. Vuélvase indispensable y derrote a sus competidores. ¡Obtenga la Información Completa! Respondiendo los siguientes datos: -Empresa: -Nombre: -Puesto: -Tel: ( ) o Llame al (507) 2791083-279-0887 ESTE CORREO NO PUEDE SER CONSIDERADO INTRUSIVO YA QUE CUMPLE CON LAS POLÍTICAS ANTISPAM INTERNACIONALES Y LOCALES: Responda este correo con el Asunto unsus y automáticamente quedará fuera de nuestras listas. Este correo ha sido enviado a: misc@openbsd.org - 84726
Excelente curso: Plan de Desarrollo para Capacitadores Últimos Lugares
Apreciable Ejecutivo: TIEM de México Empresa Líder en Capacitación y Actualización de Capital Humano Le recordamos que el excelente curso denominado: Plan de Desarrollo para Capacitadores Esta progrado en la Ciudad de México, los días 09 y 10 de Octubre de 2012 Inscríbase antes del 06 de Octubre y obtenga un descuento del 15% con Inversión Inmediata O bien, por cada dos participantes inscritos en tarifa de Inversión normal, el tercero es completamente gratis No deje pasar esta oportunidad e Invierta en su Desarrollo Personal y Profesional Toda estrategia de crecimiento en cualquier organización requiere de un sistema eficaz de capacitación, dentro del cual la especialización de expertos en los centros de trabajo juega un papel primordial para su desarrollo. Al optimizar las técnicas y mecanismos de adquisición de conocimientos, desarrollo de habilidades, e incorporación de actitudes que modifiquen la conducta, así como la generación de la creatividad eficaz, se provocara el desarrollo de tecnología y productividad a través de la capacitación interna. Este Plan de Desarrollo para Capacitadores, responde a esta vital necesidad. Beneficios: Los participantes serán capaces de impartir cursos presenciales con una metodología que: Garantice la asimilación de información y el desarrollo de habilidades Asegure la satisfacción de sus capacitandos como resultado de una impartición ágil y amena, orientada a los objetivos de aprendizaje. Aprenderán a conducir exitosamente cursos de capacitación de su especialidad de acuerdo a un modelo activo de enseñanza-aprendizaje y con un alto nivel de calidad. Objetivos: Conocerán los fundamentos teóricos del proceso enseñanza-aprendizaje de adultos Desarrollarán las habilidades que les permita: Preparar sesiones de cursos presenciales Conducir cursos de capacitación presenciales Evaluar cursos de capacitación presencial Dirigido a: Gerentes, supervisores, encargados del departamento de capacitación y todas aquellas personas que entre sus actividades cotidianas impartan capacitación e instrucciones para trabajo. Duración: 16 horas Si al momento de recibir este correo ya confirmo su asistencia, le pedimos que haga caso omiso. De lo contrario, solicite la información completa respondiendo este correo con los siguientes datos: Empresa: Nombre: Ciudad: Teléfono: O si lo prefiere comuníquese a los teléfonos: Del DF al 5611-0969 con 10 líneas Interior del País Lada sin Costo 01 800 900 TIEM (8436) Aceptamos todas las TDC y Débito. **Promoción: 3 meses sin Intereses pagando con American Express **Aplica solo con Inversión Normal ®Todos los Derechos Reservados ©2011 TIEM Talento e Innovación Empresarial de México Este Mensaje le ha sido enviado como usuario de TIEM de México o bien un usuario le refirió para recibir este boletín. Como usuario de TIEM de México, en este acto autoriza de manera expresa que TIEM de México le puede contactar vía correo electrónico u otros medios. Si usted ha recibido este mensaje por error, haga caso omiso de él y reporte su cuenta respondiendo este correo con el subject BAJABD Tenga en cuenta que la gestión de nuestras bases de datos es de suma importancia y no es intención de la empresa la inconformidad del receptor.
Re: Nginx, FCGI and C programs
On 4 October 2012 20:36, Jiri B ji...@devio.us wrote: On Thu, Oct 04, 2012 at 08:20:43PM +0300, Ville Valkonen wrote: Hi, I've configured Nginx and FCGI to run some C/C++ apps, well almost. When navitaging to http://host.foo/weezel/progut/default.cgi nginx's error log states the following (below there is test.c, test.c == default.cgi): 2012/10/04 16:52:22 [error] 26690#0: *14 kevent() reported that connect() failed (61: Connection refused) while connecting to upstream, client: 192.168.50.102, server: host.foo, request: GET /weezel/progut/ HTTP/1.1, upstream: fastcgi://127.0.0.1:9001, host: host.foo Not sure but is your dns working inside chroot? jirib I tried the following: mkdir /var/www/etc cd /var/www/etc sudo cp -p /etc/hosts /etc/resolv.conf . but no success. Any other hints? -- Ville
Tecnicas Super Efectivas de Cobranza
[IMAGE] Técnicas Súper Efectivas de Cobranza Seminario ONLINE en VIVO este 08 de Octubre ¡Descubra el modo rápido, fácil y legal de recuperar su dinero de cuentas atrasadas! usted conocerá docenas de secretos que las empresas más efectivas usan para que los deudores paguen rápido, convierta el teléfono en su instrumento más poderoso de recuperación de cartera, cómo manejar cada excusa, cómo tratar con gente enojada y abusiva y aprenda a escribir cartas que le faciliten el trabajo. Recibirá herramientas y técnicas que necesita para ser más productivo, más eficaz y más contundente, sin mencionar que estará menos estresado en el trabajo. ¡No deje pasar esta única oportunidad! Entre los puntos a tratar se incluyen: * Cómo manejar excusas, mentiras y quejas de los deudores * Calme a clientes furiosos e irracionales con técnicas que trabajan como un encanto * Mantenga su organización fuera de problemas, sabiendo exactamente cuáles son sus derechos y límites legales * Haga que ingrese más dinero con sus cartas de cobranza * Mantenga el control de la conversación telefónica cuando los deudores tratan de conducirlo por otro lado * Sepa exactamente cuándo y cómo usted debería considerar la demanda judicial en cuentas atrasadas. Adquiera la información completa y sin compromiso solo responda este correo con asunto -Deseo Folleto Cobranza o Comuníquese al (507) 279-1083 / 279-0258 / 279-0887 - y a la brevedad lo recibira. ESTE CORREO NO PUEDE SER CONSIDERADO INTRUSIVO YA QUE CUMPLE CON LAS POLÍTICAS ANTISPAM INTERNACIONALES Y LOCALES: Responda este correo con el Asunto borrar y automáticamente quedará fuera de nuestras listas. [demime 1.01d removed an attachment of type image/jpeg which had a name of co-panama.jpg]
Re: Nginx, FCGI and C programs
On Fri, Oct 5, 2012 at 5:34 AM, Ville Valkonen weezeld...@gmail.com wrote: On 4 October 2012 20:36, Jiri B ji...@devio.us wrote: On Thu, Oct 04, 2012 at 08:20:43PM +0300, Ville Valkonen wrote: Hi, I've configured Nginx and FCGI to run some C/C++ apps, well almost. When navitaging to http://host.foo/weezel/progut/default.cgi nginx's error log states the following (below there is test.c, test.c == default.cgi): 2012/10/04 16:52:22 [error] 26690#0: *14 kevent() reported that connect() failed (61: Connection refused) while connecting to upstream, client: 192.168.50.102, server: host.foo, request: GET /weezel/progut/ HTTP/1.1, upstream: fastcgi://127.0.0.1:9001, host: host.foo Not sure but is your dns working inside chroot? jirib I tried the following: mkdir /var/www/etc cd /var/www/etc sudo cp -p /etc/hosts /etc/resolv.conf . but no success. Any other hints? -- Ville If you type netstat -an do you see 127.0.0.1:9001 showing as LISTEN? -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
Re: Nginx, FCGI and C programs
Ville Valkonen wrote, On 10/4/2012 1:34 PM: On 4 October 2012 20:36, Jiri B ji...@devio.us wrote: On Thu, Oct 04, 2012 at 08:20:43PM +0300, Ville Valkonen wrote: Hi, I've configured Nginx and FCGI to run some C/C++ apps, well almost. When navitaging to http://host.foo/weezel/progut/default.cgi nginx's error log states the following (below there is test.c, test.c == default.cgi): 2012/10/04 16:52:22 [error] 26690#0: *14 kevent() reported that connect() failed (61: Connection refused) while connecting to upstream, client: 192.168.50.102, server: host.foo, request: GET /weezel/progut/ HTTP/1.1, upstream: fastcgi://127.0.0.1:9001, host: host.foo Not sure but is your dns working inside chroot? jirib I tried the following: mkdir /var/www/etc cd /var/www/etc sudo cp -p /etc/hosts /etc/resolv.conf . but no success. Any other hints? -- Ville Hi Ville, Can you telnet to 127.0.0.1:9001. The error you've got from nginx says connection refused, which means nginx could not connect to 127.0.0.1 port 9001. Rosen
Recommended new laptop under US$800 for OpenBSD
Good day, I'd like to seek your advise what new laptop brand and model should I buy that is fully functional (video, LAN, Wifi, sound) with OpenBSD 5.x. I searched online and found only older models. My sisters plan to give me a laptop for Christmas so I'd like to make sure I get the laptop that works with my OS of choice. Thank you very much.
Re: Recommended new laptop under US$800 for OpenBSD
On Thu, Oct 04, 2012 at 19:23, Tito Mari Francis Escaño wrote: Good day, I'd like to seek your advise what new laptop brand and model should I buy that is fully functional (video, LAN, Wifi, sound) with OpenBSD 5.x. I searched online and found only older models. My sisters plan to give me a laptop for Christmas so I'd like to make sure I get the laptop that works with my OS of choice. Well, at the moment, the video situation with Sandy Bridge (2nd gen core 2) processors is less than 100% functional (no xv, other quirks), so that pushes you back to older machines right there. Same story for laptops with the AMD A-? APU series.
Re: Recommended new laptop under US$800 for OpenBSD
Alright, how about the not so old that I can buy brand new? Buying second hand leaves me at the mercy of the seller, praying it won't break just when the shop or personal warranty expires. Thanks for the advice. On Thu, Oct 4, 2012 at 8:01 PM, Ted Unangst t...@tedunangst.com wrote: On Thu, Oct 04, 2012 at 19:23, Tito Mari Francis Escaño wrote: Good day, I'd like to seek your advise what new laptop brand and model should I buy that is fully functional (video, LAN, Wifi, sound) with OpenBSD 5.x. I searched online and found only older models. My sisters plan to give me a laptop for Christmas so I'd like to make sure I get the laptop that works with my OS of choice. Well, at the moment, the video situation with Sandy Bridge (2nd gen core 2) processors is less than 100% functional (no xv, other quirks), so that pushes you back to older machines right there. Same story for laptops with the AMD A-? APU series.
Make build on powerpc 7455b: Executables are broken
I assume I or my hardware is doing something stupid and obvious. I've been trying to successfully build OpenBSD for the first time on a 2002 G4 (Mirror Drive Door) dual 1ghz. The RAM is new, and slightly faster than the bus speed demands (pc3200 instead of pc2700). Processer is a PowerPC 7455B. I am following the guide for building OpenBSD from source to the letter (Although a misread is not out of the question!). First I use cvs to checkout the sources for -CURRENT (Including Xenocara and Ports, but I've never gotten that far). The kernel builds fine, and I install it and reboot. On an earlier attempt, I verified it was installing properly by changing WS_KERNEL_BG. I am starting from the latest snapshot and sources, and have tried multiple cvs revisions and gone through two latest snapshots. Filebin link for the 7.3mb script log of my build attempt is here:http://filebin.ca/I1aLqmsKata/buildlog I did use -j4, but the problem is the same without it. The result: --- install -c -o root -g bin -m 444 /usr/src/bin/md5/sha256.1 /usr/share/man/man1/sha256.1 *** Signal 6 in target maninstall Stop in /usr/src/bin/md5: Received signal 6 (line 71 of bsd.man.mk, target maninstall: @l=/usr/share/man/man1/cksum.1; t=/usr/share/man/man1/sum.1; echo $t -\ $l; rm -f $t; ln $l $t;) *** Error code 2 in target realinstall Stop in /usr/src/bin: Exit status 2 (line 48 of bsd.subdir.mk, target realinstall) *** Error code 2 in target realinstall Stop in /usr/src: Exit status 2 (line 48 of bsd.subdir.mk, target realinstall) *** Error code 2 in target build Stop in /usr/src: Exit status 2 (line 85 of Makefile, target build) --- All executables installed before that give Abort trap signal 6 results. The system can barely be used, and once logout occurs, the system is hosed. No login is possible, nothing can be executed, single user mode does not work. It looks like I am somehow getting broken executables and when ln is called after its installation, it aborts. I assume that line is the first time an installed executable is called, but I'm not sure why my executables are aborting. It's still logged in if anyone has any ideas other than rm -rf /, which aborts :) Matt