mixing ports and non-ports programs
I'm not sure how to look this up, and it doesn't seem to be in the FAQ. I frequently add stuff that isn't in ports by building from sources. Sometimes this real world stuff needs newer versions of other things than what's in ports. But the port is already installed and has things depending on it. So I have to uninstall the dependencies, uninstall the port, then install the newer version. Sometimes I can take the distfile from the uninstalled dependency and build it as a generic tarball outside the ports system, sometimes it has too many patches to make it worthwhile. For example: I've just gotten fldigi running under 5.0 and 5.2, but the fltk 1.x in ports is too old to work. I had to uninstall it, which meant aqsis had to be uninstalled. Turns out there's a newer aqsis too but I haven't started on that yet. I'm not in a position to make updated ports because I don't run current. BTW it's easy to install fldigi right now. Just download and unpack it, cd into it, do setenv LIBS "-lossaudio -lexecinfo" then ./configure, gmake, gmake install. Great program for hams, also does wefax. You need fltk 1.3.0 though. The ports hamlib is old so if you've got a recent radio you need to update that. You also need libexecinfo, libsamplerate, portaudio, xmlrpc. I have gnuradio built but not working yet: troubleshooting via the gnuradio list. Alan -- Credit is the root of all evil. - AB1JX
Re: FAQ - Disk Imaging
On 04/13/13 19:27, Kevin Chadwick wrote: > 4.15 of the faq says > > Unfortunately, there are no known disk imaging packages which are > FFS-aware. > > I haven't tested ... Get back with me when you have. I'll be happy to find out that statement is now wrong, but I've been doing this about 20 years too long to believe everything that's put out on a website. Note that OpenBSD, FreeBSD and NetBSD are not directly file system compatible anyway, as I recall...and also note that OpenBSD has two things you need to check -- ffs and ffs2, so yes, I'm quite skeptical that we have a "just works" with OpenBSD solution here. Hopefully I'm wrong. If it's true, this would be way-cool, but I'm not selling my air conditioners yet. Prove me wrong, I'll thank you. Nick.
Re: match and nat-to
On 2013-04-13, Chris Smith wrote:
> Looking for a bit of clarification on match and nat-to. At one point
> (and maybe still so?) nat rules were "first matching" as opposed to
> the 'normal' case of "last matching" but match rules are sticky until
> overridden.
>
> With:
> match out on $ext_if inet from !($ext_if) to any nat-to ($ext_if)
> match out on $ext_if inet from $gamer to any nat-to ($ext_if) static-port
>
> Followed by a pass rule:
> pass in on $int_if inet proto { tcp, udp } from em0:network
>
> Does the system $gamer (it is a system on the internal network) get
> static-port natted? Or should those rules be reordered? Or should
> something different be done?
Rather than saying what it does (which the manpage already does,
second paragraph of Translation is relevant), it's more generally
applicable to show you how you can find out for yourself:
Put match log (matches) at the top of pf.conf, and watch output of
"tcpdump -neipflog0 -vv"
The rule numbers displayed can be looked up with pfctl -sr -R .
> What happens when $gamer wants to use a port that's already in use?
The translation fails. I don't recall what happens then, but it
probably depends on your other rules - maybe the packet is sent out
untranslated if you don't have a block rule to stop that from occurring.
If you want to play around with this to see what happens, "nc -p" is
useful, you will need a couple of systems behind the same nat, or keep
changing the IP address, to try it.
With "pfctl -xnotice" you get this in syslog/dmesg,
Apr 13 23:27:11 jodrell /bsd: pf: pf: NAT proxy port allocation (0-0) failed
(but -xnotice is very noisy and not something you would want to leave
running normally). Also in -current there is a "translation" counter
(visible with pfctl -si) which gets increased.
>
> As a note the particular system in question is running an older version:
> OpenBSD 5.1-current (GENERIC.MP) #1: Thu May 31 18:31:17 EDT 2012
> in case the answer(s) might different.
I would recommend releases rather than -current if you're not going
to keep them updated..all of the pain and none of the gain.
FAQ - Disk Imaging
4.15 of the faq says Unfortunately, there are no known disk imaging packages which are FFS-aware. I haven't tested whether a broad brush had been applied expecting ufs and ffs to be the same or if clonezillas statement is correct but thought it may be worth bringing up that clonezilla.org says Filesystem supported: (1) ext2, ext3, ext4, reiserfs, reiser4, xfs, jfs, btrfs of GNU/Linux, (2) FAT12, FAT16, FAT32, NTFS of MS Windows, (3) HFS+ of Mac OS, (4) UFS of FreeBSD, NetBSD, and OpenBSD, and (5) VMFS3 and VMFS5 of VMWare ESX. Therefore you can clone GNU/Linux, MS windows, Intel-based Mac OS, and FreeBSD, NetBSD, and OpenBSD, no matter it's 32-bit (x86) or 64-bit (x86-64) OS. For these file systems, only used blocks in partition are saved and restored. For unsupported file system, sector-to-sector copy is done by dd in Clonezilla.
Re: usleep() buffer update
On Sat, Apr 13, 2013 at 2:53 PM, Mihai Popescu wrote: > Can someone give me some hints in this direction, please, what exactly > triggers usleep() internaly ? usleep() doesn't trigger anything, but usleep(1) doesn't mean "sleep exactly 1us", it means "sleep at least 1us". In practice, your process is probably sleeping for much longer than that because of the scheduler clock's granularity. Try calling clock_gettime() immediately before and after the usleep() to see how long you're actually sleeping.
usleep() buffer update
Hello, This is a question about OS behaviour which I can't find the answer for. I am using the serial port as /dev/cua00 set up for non blocking and no bytes count or timeout. Basicaly I send 5 bytes and after each one the connected device sends one back, so there are 5 bytes as a response. write(fd, outbuf, 5); usleep(1); read(fd, inpbuf, 5); My observation was that if I'm not using that usleep() function between then read() returns nothing. If I use it, then I have some bytes as it should. One may say that it needs some time to receive, but I think it is not related: 1 us is hardly a real delay to allow proper receiving at 9600 baud. So it looks like usleep() triggers some OS interrupt or buffer updates. Can someone give me some hints in this direction, please, what exactly triggers usleep() internaly ? Thank you.
match and nat-to
Looking for a bit of clarification on match and nat-to. At one point
(and maybe still so?) nat rules were "first matching" as opposed to
the 'normal' case of "last matching" but match rules are sticky until
overridden.
With:
match out on $ext_if inet from !($ext_if) to any nat-to ($ext_if)
match out on $ext_if inet from $gamer to any nat-to ($ext_if) static-port
Followed by a pass rule:
pass in on $int_if inet proto { tcp, udp } from em0:network
Does the system $gamer (it is a system on the internal network) get
static-port natted? Or should those rules be reordered? Or should
something different be done?
What happens when $gamer wants to use a port that's already in use?
As a note the particular system in question is running an older version:
OpenBSD 5.1-current (GENERIC.MP) #1: Thu May 31 18:31:17 EDT 2012
in case the answer(s) might different.
Thanks,
Chris
Re: ospfd loopback advertisment failure (adjacency fail?)
On 2013-04-13, Hrvoje Popovski wrote:
> On 13.4.2013. 17:29, Stuart Henderson wrote:
>> ospfd doesn't support point-to-point on ethernet interfaces, you will
>> need to remove this from cisco config for now.
>>
>> might not be too hard to add though.. (as in, I have a diff which builds,
>> but I have no idea if it works ;-)
>>
>
> could you post that diff, i'm willing to test it
>
>
naive diff, and tested on a hack box only: if you run it in
production and it eats your network, don't blame me. ;-)
(for anyone wondering if this is useful: if you are sure you'll
only have the 2 routers on a segment, it avoids waiting for $dead-time
before bringing up adjacencies).
Index: ospfd/interface.c
===
RCS file: /cvs/src/usr.sbin/ospfd/interface.c,v
retrieving revision 1.75
diff -u -p -r1.75 interface.c
--- ospfd/interface.c 14 May 2012 10:17:21 - 1.75
+++ ospfd/interface.c 13 Apr 2013 20:18:55 -
@@ -348,6 +348,10 @@ if_act_start(struct iface *iface)
iface->name);
iface->passive = 1;
}
+ if (iface->pointopoint) {
+ log_warnx("if_act_start: interface %s configured as
point-to-point", iface->name);
+ iface->type = IF_TYPE_POINTOPOINT;
+ }
gettimeofday(&now, NULL);
iface->uptime = now.tv_sec;
Index: ospfd/ospfd.c
===
RCS file: /cvs/src/usr.sbin/ospfd/ospfd.c,v
retrieving revision 1.79
diff -u -p -r1.79 ospfd.c
--- ospfd/ospfd.c 22 Mar 2013 11:29:01 - 1.79
+++ ospfd/ospfd.c 13 Apr 2013 20:18:55 -
@@ -813,6 +813,7 @@ merge_interfaces(struct area *a, struct
* - new interfaces (easy)
* - deleted interfaces (needs to be done via fsm?)
* - changing passive (painful?)
+* - changing point-to-point (painful?)
*/
for (i = LIST_FIRST(&a->iface_list); i != NULL; i = ni) {
ni = LIST_NEXT(i, entry);
@@ -872,6 +873,15 @@ merge_interfaces(struct area *a, struct
if (ospfd_process == PROC_OSPF_ENGINE)
if_fsm(i, IF_EVT_DOWN);
i->passive = xi->passive;
+ if (ospfd_process == PROC_OSPF_ENGINE)
+ if_fsm(i, IF_EVT_UP);
+ }
+
+ if (i->pointopoint != xi->pointopoint) {
+ /* need to restart interface to cope with this change??
*/
+ if (ospfd_process == PROC_OSPF_ENGINE)
+ if_fsm(i, IF_EVT_DOWN);
+ i->pointopoint = xi->pointopoint;
if (ospfd_process == PROC_OSPF_ENGINE)
if_fsm(i, IF_EVT_UP);
}
Index: ospfd/ospfd.h
===
RCS file: /cvs/src/usr.sbin/ospfd/ospfd.h,v
retrieving revision 1.91
diff -u -p -r1.91 ospfd.h
--- ospfd/ospfd.h 17 Jan 2013 10:07:56 - 1.91
+++ ospfd/ospfd.h 13 Apr 2013 20:18:55 -
@@ -350,6 +350,7 @@ struct iface {
u_int8_t linkstate;
u_int8_t priority;
u_int8_t passive;
+ u_int8_t pointopoint;
};
struct ifaddrdel {
Index: ospfd/parse.y
===
RCS file: /cvs/src/usr.sbin/ospfd/parse.y,v
retrieving revision 1.74
diff -u -p -r1.74 parse.y
--- ospfd/parse.y 6 Mar 2013 21:36:57 - 1.74
+++ ospfd/parse.y 13 Apr 2013 20:18:55 -
@@ -120,7 +120,7 @@ typedef struct {
%token AREA INTERFACE ROUTERID FIBUPDATE REDISTRIBUTE RTLABEL RDOMAIN
%token RFC1583COMPAT STUB ROUTER SPFDELAY SPFHOLDTIME EXTTAG
%token AUTHKEY AUTHTYPE AUTHMD AUTHMDKEYID
-%token METRIC PASSIVE
+%token METRIC PASSIVE POINTOPOINT
%token HELLOINTERVAL FASTHELLOINTERVAL TRANSMITDELAY
%token RETRANSMITINTERVAL ROUTERDEADTIME ROUTERPRIORITY
%token SET TYPE
@@ -664,6 +664,7 @@ interfaceopts_l : interfaceopts_l interf
;
interfaceoptsl : PASSIVE { iface->passive = 1; }
+ | POINTOPOINT { iface->pointopoint = 1; }
| DEMOTE STRING {
if (strlcpy(iface->demote_group, $2,
sizeof(iface->demote_group)) >=
@@ -734,6 +735,7 @@ lookup(char *s)
{"msec",MSEC},
{"no", NO},
{"passive", PASSIVE},
+ {"point-to-point", POINTOPOINT},
{"rdomain", RDOMAIN},
{"redistribute",REDISTRIBUTE},
{"retransmit-interval", RETRANSMITINTERVAL},
Index: ospfd/printconf.c
===
RCS file: /cvs/src/usr.sbin/o
Re: snmpd, oid and scripts
On 2013-04-11, Joel Carnat wrote: > Hi, > > I wanted to get rid of net-snmp and use the shipped snmpd(8). > I have OpenBSD boxes running various services (DNS, Web, Mail...) and have > scripts providing service stats using the extend/exec net-snmp feature. I > read about the "oid" feature of snmpd(8) but it seems it can only publish > fixed text of numbers. > > Is there any way to tell snmpd(8) to run an external script and send it's > results to the snmp client? No, there isn't. (If there was, it would be in the manual).
Re: order site down?
On Sat, Apr 13, 2013 at 02:31:03PM +0800, Alan Cheng wrote: > I got "500 internal error" too. Same here. The following page has a list of vendors which sell CD sets and/or other OpenBSD stuff. The main site in Canada, which is having issues, is only one of them. http://www.openbsd.org/orders.html Pick whichever's closest! Nicolai
Re:
On 04/13/13 07:52, Jan Stary wrote: > Going over the X FAQ, I see > > 11.1.1 - How much computer do I need to run X? > > > While "How much computer" is slightly amusing, > was it meant to be "how much computer power" > or something? > > Jan > It was meant to be slightly amusing. :) It is definitely an "or something" situation. It certainly isn't a matter of simple "computer power" -- I'd be hard pressed to want to run X on a 400MHz PentiumII w/256M RAM now... Most graphical apps will take more processor or memory, and vastly better machines of the same platform are being tossed in trash cans every day. But on a 100MHz 192M SPARCstation20 (or even a 40MHz SPARCstation2), if you have the keyboard, mouse and display that work, I'd be hard-pressed NOT to want to run X on it, as these are graphical machines, they have a fantastic keyboard, a mouse that was DESIGNED for X, and clip along pretty well once X is running, and X configuration Just Works...even if just as a bunch of Xterms. Don't run firefox on it, though... Nick.
Re: ospfd loopback advertisment failure (adjacency fail?)
On 13.4.2013. 17:29, Stuart Henderson wrote: > ospfd doesn't support point-to-point on ethernet interfaces, you will > need to remove this from cisco config for now. > > might not be too hard to add though.. (as in, I have a diff which builds, > but I have no idea if it works ;-) > could you post that diff, i'm willing to test it
Re: php e kerberos
On 2013-04-12, Rémi Bougard wrote: > Hi, > > On Fri, Apr 12, 2013 at 01:06:30PM -0300, Friedrich Locke wrote: >> Hi folks, >> >> i am running OBSD 5.2 and i would like to try to connect to a kerberos >> server using php. >> >> In the following link http://www.php.net/manual/en/book.kadm5.php in the >> requirement section it is stated : >> >> "No external libraries are needed to build this extension." >> [...] > > > Looks like to me it is a PECL extension : > http://www.php.net/manual/en/kadm5.installation.php ...and it's about 8 years old and doesn't build.
Re: userland pppoe unusable/slow/dropping packets
On 2013-04-12, Adam wrote: > Trying to use userland pppoe for a DSL connection, I connect fine, and I > can pass small amounts of traffic through the link without issues. But as > soon as I send real traffic through it (a couple hundred Kb/sec of pretty > ordinary DNS and HTTP traffic) latency shoots up to 1500ms and it starts > dropping packets really badly, like 50% or so. Pinging from the openbsd > machine gives lots of: > > sendto: No buffer space available > > The CPU is 90-95% idle. Using kernel pppoe I can ping flood the default > gateway with 1400 byte packets while sending that same traffic through and > everything is fine, so it isn't the modem/ISP/etc. I know userland pppoe > is obviously going to be slower, but is it supposed to be this bad? http://marc.info/?l=openbsd-tech&m=130134805219592&w=2 might help. > I can't use kernel pppoe as it appears to be causing the machine to lock up > occasionally and require a hard reset. This is a rubbish bug report, see http://www.openbsd.org/report.html
Re: ospfd loopback advertisment failure (adjacency fail?)
On 2013-04-12, Kostas Zorbadelos wrote: > > I think most probably the problem is in the network type (BROADCAST vs > P2P in Cisco). Is there some way to declare em3 as point-to-point in > ospfd or do I just need to remove > > ip ospf network point-to-point > > from the cisco interface config? ospfd doesn't support point-to-point on ethernet interfaces, you will need to remove this from cisco config for now. might not be too hard to add though.. (as in, I have a diff which builds, but I have no idea if it works ;-)
Re: php e kerberos
Hi, On Fri, Apr 12, 2013 at 01:06:30PM -0300, Friedrich Locke wrote: > Hi folks, > > i am running OBSD 5.2 and i would like to try to connect to a kerberos > server using php. > > In the following link http://www.php.net/manual/en/book.kadm5.php in the > requirement section it is stated : > > "No external libraries are needed to build this extension." > [...] Looks like to me it is a PECL extension : http://www.php.net/manual/en/kadm5.installation.php -- Rémi Bougard
[no subject]
Going over the X FAQ, I see 11.1.1 - How much computer do I need to run X? While "How much computer" is slightly amusing, was it meant to be "how much computer power" or something? Jan
iked: What is missing?
Hello misc, I want to use iked but the manpage says it is not ready to use and some important things are missing. What parts are missing and is it still not safe at all or only under special circumstances? Thanks Matt
Re: sendmail config [solved]
Thanks for all the prompt replies. The MUA is indeed the place to do the modifications. Just for the records, in SqurrelMail I had to modify the file 'class/deliver/Deliver.class.php' Tony On Fri, Apr 12, 2013 at 11:06 AM, James Griffin wrote: > Fri 12.Apr'13 at 9:27:14 +0300 Tony Berth > > I want to display the IP of the mail server only, as client IPs isn't a > > relevant info for the 'outside world'. The same applies to the > 'User-Agent' > > field. > > > > Concerning the 'References', It was just an idea but still I want to have > > that option regardless how I could ever use it. > > > > Thanks > > > > Tony > > That information is added by the MUA: References:, User-Agent:, etc. The > MTA only adds relevant information about the client, during the smtp > transaction. All MTA's do that. There's not really any benefit in trying > to hide it. Your domain information can be obtained by others means anyway > if people want it, thus it's a pointless task. > > Configure your MUA to exclude bits if you really need to. It's not a MTA > issue. > > -- > James Griffin: jmz at kontrol.kode5.net > jmzgriffin at gmail.com > > A4B9 E875 A18C 6E11 F46D B788 BEE6 1251 1D31 DC38
