Re: OpenBSD 5.3 npppd pppoe segmantation fault
Yasuoka thanks for your suggestion! I tried today's -current version. 2013-04-21 It seems to be fine:) I have question. npppd pppx session need the inet6? I usually kill the interface's inet6. npppd pppoe connection for tun0 work. but, pppx0's didn't work! #server #/etc/hostname.bge0 -inet6 up #/etc/npppd/npppd.conf authentication LOCAL type local { users-file /etc/npppd/npppd-users } tunnel PPPOE protocol pppoe { listen on interface re0 #added mru 1400 pipex yes authentication-method pap chap mschapv2 #added } ipcp IPCP { pool-address 10.0.0.2-10.0.0.254 dns-servers 8.8.8.8 } #for pppx0 didn't work. when kill the interface's inet6. interface pppx0 address 10.0.0.1 ipcp IPCP bind tunnel from PPPOE authenticated by LOCAL to pppx0 #for tun0 worked. when kill the interface's inet6. #interface tun0 address 10.0.0.1 ipcp IPCP #bind tunnel from PPPOE authenticated by LOCAL to tun0 ##End of text #for tun0 # npppd -df /etc/npppd/npppd.conf 2013-04-21 14:49:22:NOTICE: Starting npppd pid=21719 version=5.0.0 2013-04-21 14:49:22:NOTICE: Load configuration from='/etc/npppd/npppd.conf' successfully. 2013-04-21 14:49:22:INFO: tun0 Started ip4addr=10.0.0.1 2013-04-21 14:49:22:INFO: Listening /var/run/npppd_ctl (npppd_ctl) 2013-04-21 14:49:22:INFO: ipcp=IPCP pool dyn_pool=[10.0.0.2/31,10.0.0.4/30,10.0.0.8/29,10.0.0.16/28,10.0.0.32/27,10.0.0.64/26,10.0.0.128/26,10.0.0.192/27,10.0.0.224/28,10.0.0.240/29,10.0.0.248/30,10.0.0.252/31,10.0.0.254/32] pool=[10.0.0.2/31,10.0.0.4/30,10.0.0.8/29,10.0.0.16/28,10.0.0.32/27,10.0.0.64/26,10.0.0.128/26,10.0.0.192/27,10.0.0.224/28,10.0.0.240/29,10.0.0.248/30,10.0.0.252/31,10.0.0.254/32] 2013-04-21 14:49:22:INFO: Added 13 routes for new pool addresses 2013-04-21 14:49:22:INFO: Loading pool config successfully. 2013-04-21 14:49:22:INFO: pppoed Listening on bge0 (PPPoE) [PPPOE] using=/dev/bpf0 address=00:11:22:33:44:55 2013-04-21 14:49:22:INFO: pppoed RecvPADI from=aa:bb:cc:dd:ee:ff service-name= host-uniq=7446772e if=bge0 2013-04-21 14:49:22:INFO: pppoed SendPADO to=aa:bb:cc:dd:ee:ff serviceName= acName=00:11:22:33:44:55 hostUniq=7446772e eol if=bge0 2013-04-21 14:49:22:INFO: pppoed if=bge0 session=36434 SendPADS serviceName= hostUniq=7446772e 2013-04-21 14:49:22:NOTICE: pppoed if=bge0 session=36434 logtype=PPPBind ppp=0 2013-04-21 14:49:22:ERR: ppp id=0 layer=base getnameinfo() failed at ppp_set_tunnel_label 2013-04-21 14:49:22:INFO: ppp id=0 layer=base logtype=Started tunnel=PPPOE(0.0.0.0) 2013-04-21 14:49:22:INFO: ppp id=0 layer=lcp logtype=Opened mru=1400/1492 auth=PAP magic=2d9b575b/e5d6257c 2013-04-21 14:49:22:DEBUG: ppp id=0 layer=pap pap_start 2013-04-21 14:49:22:INFO: ppp id=0 layer=pap logtype=Success username=taro realm=LOCAL 2013-04-21 14:49:22:INFO: ppp id=0 layer=base unhandled protocol ipv6cp, 32855(8057) 2013-04-21 14:49:22:INFO: ppp id=0 layer=ipcp IP Address peer=0.0.0.0 our=10.0.0.101. 2013-04-21 14:49:22:INFO: ppp id=0 layer=base unhandled protocol ipv6cp, 32855(8057) 2013-04-21 14:49:22:INFO: ppp id=0 layer=ipcp logtype=Opened ip=10.0.0.101 assignType=dynamic 2013-04-21 14:49:22:ERR: ppp id=0 layer=base getnameinfo() failed at ppp_set_tunnel_label 2013-04-21 14:49:22:NOTICE: ppp id=0 layer=base logtype=TUNNELSTART user=taro duration=0sec layer2=PPPOE layer2from=0.0.0.0 auth=PAP ip=10.0.0.101 iface=tun0 2013-04-21 14:49:22:NOTICE: ppp id=0 layer=base Using pipex=yes 2013-04-21 14:49:23:INFO: ppp id=0 layer=base unhandled protocol ipv6cp, 32855(8057) 2013-04-21 14:49:32:INFO: ppp id=0 layer=base unhandled protocol ipv6cp, 32855(8057) ^C 2013-04-21 14:49:50:NOTICE: pptpd Stopped 2013-04-21 14:49:50:INFO: pppoed if=bge0 session=36434 SendPADT 2013-04-21 14:49:50:ERR: ppp id=0 layer=base getnameinfo() failed at ppp_set_tunnel_label 2013-04-21 14:49:50:NOTICE: ppp id=0 layer=base logtype=TUNNELUSAGE user=taro duration=28sec layer2=PPPOE layer2from=0.0.0.0 auth=PAP data_in=120bytes,9packets data_out=191bytes,13packets error_in=7 error_out=0 mppe=no iface=tun0 2013-04-21 14:49:50:INFO: pppoed Shutdown bge0 (PPPoE) [PPPOE] address=00:11:22:33:44:55 2013-04-21 14:49:50:NOTICE: pppoed Stopped 2013-04-21 14:49:50:INFO: tun0 Stopped 2013-04-21 14:49:50:INFO: Deleted 13 routes for old pool addresses 2013-04-21 14:49:50:INFO: realm name=LOCAL Finalized 2013-04-21 14:49:50:NOTICE: Terminate npppd. #End of log for tun0 #for pppx0 #client pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1492 priority: 0 dev: bge0 state: session sid: 0xbe6f PADI retries: 16 PADR retries: 0 time: 00:00:32 sppp: phase network authproto pap authname taro groups: pppoe egress status: active inet6 fe80:::::%pppoe0 - prefixlen 64 scopeid 0x5 inet 0.0.0.0 -- 0.0.0.1 netmask 0x #inet6 fe80:: was masked #server npppd -df /etc/npppd/npppd.conf 2013-04-21 14:57:16:NOTICE: Starting npppd pid=21302 version=5.0.0 2013-04-21 14:57:16:NOTICE: Load
Re: Disappointing ISC BIND performance on OpenBSD 5.3 snapshot
I've never used BIND in this sort of instance, so I can't speak to that. I can say, however, I've run reasonably large authoritative anycast DNS setups with NSD and OpenBSD. two north american sites, 10Kqps average, with one notable 80K spike. the whole system ran practically untouched (minor BGPd and NSD patches) for two years. ymmv On Sat, Apr 20, 2013 at 3:18 PM, Stuart Henderson s...@spacehopper.orgwrote: On 2013-04-19, Kostas Zorbadelos kzo...@otenet.gr wrote: root@dmeg-dns1 ~ # /usr/local/sbin/named -V BIND 9.9.2-P2 built with '--enable-shared' '--enable-threads' You could try rebuilding the port without --enable-threads and see if it's any different.
Re: NAT with one interface
On 2013-04-21, Ted Unangst t...@tedunangst.com wrote: On Sun, Apr 21, 2013 at 00:47, Stuart Henderson wrote: I've changed the FAQ to say interfaces rather than adapters to make it more obvious that there's no problem doing this with vlans. Strictly speaking, you don't even need vlans. You can NAT off a single interface with two IPs. /--- inside machine 1 uplink switch NAT router \-- inside machine 2 This will work, although your uplink may or may not enjoy your inside packets occasionally leaking into their network. Indeed, though I think this is sufficiently unusual that including it in the FAQ would be counter-productive ;)
Re: Why does OpenBSD use CVS?
On 2013-04-20, Alokat MacMoneysack mail...@alokat.org wrote: Hi, first, I don't want to start a flame war about why is CVS better or not better than X - it's just a question. If you say, we use it because it just works - it's okay. :) So why does OpenBSD still uses CVS and don't migrate to SVN or something like git as other OSS projekts do? Regards, fritjof my 2p: like all version control software CVS has bugs, but between us, developers have a reasonable idea of how to avoid them in CVS, there's less knowledge about other version control systems. Also having the repository stored in human-readable (ish) files is an advantage if there was ever any repo corruption. You might also ask why some other OS use source control software which they don't even include in the base OS ;-) Amen. The fact that I now have to install subversion and all its bloat dependencies to do anything in the other BSD I use will me making it so I now do a lot more with OpenBSD. -- ESP
Re: NAT with one interface
On 2013-04-21, Ted Unangst t...@tedunangst.com wrote: On Sun, Apr 21, 2013 at 00:47, Stuart Henderson wrote: I've changed the FAQ to say interfaces rather than adapters to make it more obvious that there's no problem doing this with vlans. Strictly speaking, you don't even need vlans. You can NAT off a single interface with two IPs. /--- inside machine 1 uplink switch NAT router \-- inside machine 2 This will work, although your uplink may or may not enjoy your inside packets occasionally leaking into their network. Indeed, though I think this is sufficiently unusual that including it in the FAQ would be counter-productive ;) Actually it's not that unusual, seems to be stardard fare if you've got two VPS's at a colo and one without Internet. They typically only have one interface.
Re: wireless mouse on 9.1
I have a Logitech Trackman wireless trackball. works perfectly. As does my daughter's wireless mouse. Also logitech. Thanks, Chuck! That very mouse is recommended to me from old school guys. I would probably get something like m185 or m525 if on sale. Best regards Zoran
SYBA SI-PEX40065 / Marvell 88SE9215 Support
Hi All, Is there any chance for the SYBA SI-PEX40065 (http://www.sybausa.com/productInfo.php?iid=1375) SATA Controller Card being supported? According to the product page it uses a Marvell 88SE9215 Controller (http://www.marvell.com/storage/system-solutions/assets/Marvell-88SE92xx-002-product-brief.pdf) if that's helpful at all. Below is my dmesg with an external (eSATA) drive connected. Any help is appreciated, thanks! -Nick OpenBSD 5.3-current (GENERIC) #121: Thu Apr 4 09:42:08 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 1022230528 (974MB) avail mem = 987402240 (941MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf (63 entries) bios0: vendor Dell Inc version 1.0.3 date 10/02/2006 bios0: Dell Inc Dimension E521 acpi0 at bios0: rev 0 acpi0: sleep states S0 S1 S3 S4 S5 acpi0: tables DSDT FACP BOOT SSDT HPET MCFG SLIC APIC acpi0: wakeup devices HUB0(S5) XVRA(S5) XVRB(S5) XVRC(S5) USB0(S3) USB2(S3) AZAD(S5) MMAC(S5) MMCI(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: disabled acpimcfg0 at acpi0 addr 0xf000, bus 0-255 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Athlon(tm) 64 Processor 3200+, 2004.45 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW,LAHF,SVM,EAPICSP,AMCR8 cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 200MHz ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 4 (HUB0) acpicpu0 at acpi0: PSS acpibtn0 at acpi0: PWRB cpu0: PowerNow! K8 2004 MHz: speeds: 2000 1800 1000 MHz pci0 at mainbus0 bus 0 NVIDIA C51 Host rev 0xa2 at pci0 dev 0 function 0 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 1 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 2 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 3 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 4 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 5 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 6 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 7 not configured ppb0 at pci0 dev 2 function 0 NVIDIA C51 PCIE rev 0xa1 pci1 at ppb0 bus 1 em0 at pci1 dev 0 function 0 Intel PRO/1000 MT (82574L) rev 0x00: apic 2 int 11, address 00:1b:21:ab:ce:c6 ppb1 at pci0 dev 3 function 0 NVIDIA C51 PCIE rev 0xa1 pci2 at ppb1 bus 2 ppb2 at pci0 dev 4 function 0 NVIDIA C51 PCIE rev 0xa1 pci3 at ppb2 bus 3 ahci0 at pci3 dev 0 function 0 vendor Marvell, unknown product 0x9215 rev 0x10: apic 2 int 5, AHCI 1.0 ahci0: failed to start port, cannot probe PMP ahci0: device on port 1 didn't come ready, TFD: 0x180BSY ahci0: failed to start port, cannot softreset ahci0: unable to communicate with device on port 1 scsibus0 at ahci0: 32 targets vga1 at pci0 dev 5 function 0 NVIDIA GeForce 6150 LE rev 0xa2 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) NVIDIA MCP51 Host rev 0xa2 at pci0 dev 9 function 0 not configured pcib0 at pci0 dev 10 function 0 NVIDIA MCP51 ISA rev 0xa3 nviic0 at pci0 dev 10 function 1 NVIDIA MCP51 SMBus rev 0xa3 iic0 at nviic0 spdmem0 at iic0 addr 0x52: 512MB DDR2 SDRAM non-parity PC2-4200CL5 spdmem1 at iic0 addr 0x53: 512MB DDR2 SDRAM non-parity PC2-4200CL5 iic1 at nviic0 NVIDIA MCP51 Memory rev 0xa3 at pci0 dev 10 function 2 not configured ohci0 at pci0 dev 11 function 0 NVIDIA MCP51 USB rev 0xa3: apic 2 int 15, version 1.0, legacy support ehci0 at pci0 dev 11 function 1 NVIDIA MCP51 USB rev 0xa3: apic 2 int 7 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 NVIDIA EHCI root hub rev 2.00/1.00 addr 1 pciide0 at pci0 dev 14 function 0 NVIDIA MCP51 SATA rev 0xa1: DMA pciide0: using apic 2 int 11 for native-PCI interrupt wd0 at pciide0 channel 0 drive 0: ST3500630AS wd0: 16-sector PIO, LBA48, 476940MB, 976773168 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6 wd1 at pciide0 channel 1 drive 0: HDS728080PLA380 wd1: 16-sector PIO, LBA48, 76293MB, 15625 sectors wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 6 pciide1 at pci0 dev 15 function 0 NVIDIA MCP51 SATA rev 0xa1: DMA pciide1: using apic 2 int 10 for native-PCI interrupt wd2 at pciide1 channel 0 drive 0: ST2000DM001-1CH164 wd2: 16-sector PIO, LBA48, 1907729MB, 3907029168 sectors wd2(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 6 wd3 at pciide1 channel 1 drive 0: Hitachi HDS5C3020ALA632 wd3: 16-sector PIO, LBA48, 1907729MB, 3907029168 sectors wd3(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 6 ppb3 at pci0 dev 16 function 0 NVIDIA MCP51 PCI-PCI rev 0xa2 pci4 at ppb3 bus 4 bce0 at pci4
Re: Ethernet card not working
Hi Miod, Sebastian was kind enough to compile a -current kernel for me wih this patch and the ethernet card works! I hope this patch can make its way in 5.3 in time. Riccardo On 04/16/13 22:28, Miod Vallat wrote: Does the following diff help? Index: if_ne_pcmcia.c === RCS file: /cvs/src/sys/dev/pcmcia/if_ne_pcmcia.c,v retrieving revision 1.95 diff -u -p -r1.95 if_ne_pcmcia.c --- if_ne_pcmcia.c 3 Jul 2011 15:47:17 - 1.95 +++ if_ne_pcmcia.c 16 Apr 2013 20:26:47 - @@ -296,19 +296,23 @@ const struct ne2000dev { PCMCIA_CIS_IODATA_PCETTXR, 0, -1, { 0x00, 0xa0, 0xb0 } }, -{ PCMCIA_VENDOR_LINKSYS, PCMCIA_PRODUCT_NETGEAR_FA410TXC, +{ PCMCIA_VENDOR_NETGEAR, PCMCIA_PRODUCT_NETGEAR_FA410TXC, PCMCIA_CIS_DLINK_DFE670TXD, 0, -1, { 0x00, 0x05, 0x5d } }, -{ PCMCIA_VENDOR_LINKSYS, PCMCIA_PRODUCT_NETGEAR_FA410TXC, +{ PCMCIA_VENDOR_NETGEAR, PCMCIA_PRODUCT_NETGEAR_FA410TXC, PCMCIA_CIS_DLINK_DFE670TXD, 0, -1, { 0x00, 0x50, 0xba } }, - { PCMCIA_VENDOR_LINKSYS, PCMCIA_PRODUCT_NETGEAR_FA410TXC, + { PCMCIA_VENDOR_NETGEAR, PCMCIA_PRODUCT_NETGEAR_FA410TXC, PCMCIA_CIS_DLINK_DFE670TXD, 0, -1, { 0x00, 0x0d, 0x88 } }, -{ PCMCIA_VENDOR_LINKSYS, PCMCIA_PRODUCT_NETGEAR_FA410TXC, +{ PCMCIA_VENDOR_NETGEAR, PCMCIA_PRODUCT_NETGEAR_FA410TXC, + PCMCIA_CIS_DLINK_DFE670TXD, + 0, -1, { 0x00, 0x13, 0x46 } }, + +{ PCMCIA_VENDOR_NETGEAR, PCMCIA_PRODUCT_NETGEAR_FA410TXC, PCMCIA_CIS_DLINK_DFE670TXD, 0, -1, { 0x00, 0x40, 0x05 } },
Re: Ethernet card not working
On Sun, Apr 21, 2013 at 3:43 PM, Riccardo Mottola riccardo.mott...@libero.it wrote: I hope this patch can make its way in 5.3 in time. 5.3 is scheduled to be released in 10 days. There's no way for a change now to make it to the CDs which are already pressed. It's a couple months too late for that. Philip Guenther
Xephyr bug with Firefox
Hello. I use Xephyr with Firefox. I also run Firefox as a dedicated user. At seemingly random times, but on a regular basis, Firefox will behave oddly. Firefox will open links in a new window, scrolling up or down with my touchpad will cause the tab to go forward or backward through browser history, and sometimes capslock will be on when typing in Firefox, even though capslock is off. Restarting Firefox does not fix these issues, but restarting Xephyr does. These issues typically happen when Firefox has been loaded and idle for many hours, although once it happened after only being loaded for a few minutes. I'm guessing this is a memory corruption bug. Could any of you try to reproduce this bug, and could any of you suggest some simple ways (simple like strace) of debugging this? I would like to have something concrete to report to the Xephyr folks so that it gets fixed quickly. I am running a recent snapshot on an AMD64 with 6GB of memory. I have no other problems with other software, so I think I can rule out damaged hardware. Thanks
How many rounds to use for a pbkdf2 encrypted disk?
The example in vnconfig shows 20,000. I picked 30K. This is a 2.8G core2 duo machine, encrypting mail and other stuff. I haven't found sources on the net that have explained what low security is, up to total paranoia with regards # of rounds. Ideas? URLs for good places to read? Thanks! --STeve Andre'
Re: OpenBSD 5.3 npppd pppoe segmantation fault
Hi, Thank you for your feedbacks. On Sun, 21 Apr 2013 16:09:36 +0900 trick star freeu...@inbox.com wrote: I have question. npppd pppx session need the inet6? No, it doesn't matter the inet6. I usually kill the interface's inet6. npppd pppoe connection for tun0 work. but, pppx0's didn't work! I don't think it matters for this kind of problem whether npppd uses tun or pppx. #server npppd -df /etc/npppd/npppd.conf 2013-04-21 14:57:16:NOTICE: Starting npppd pid=21302 version=5.0.0 2013-04-21 14:57:16:NOTICE: Load configuration from='/etc/npppd/npppd.conf' successfully. 2013-04-21 14:57:16:INFO: pppx0 Started pppx 2013-04-21 14:57:16:INFO: Listening /var/run/npppd_ctl (npppd_ctl) 2013-04-21 14:57:16:INFO: ipcp=IPCP pool dyn_pool=[10.0.0.2/31,10.0.0.4/30,10.0.0.8/29,10.0.0.16/28,10.0.0.32/27,10.0.0.64/26,10.0.0.128/26,10.0.0.192/27,10.0.0.224/28,10.0.0.240/29,10.0.0.248/30,10.0.0.252/31,10.0.0.254/32] pool=[10.0.0.2/31,10.0.0.4/30,10.0.0.8/29,10.0.0.16/28,10.0.0.32/27,10.0.0.64/26,10.0.0.128/26,10.0.0.192/27,10.0.0.224/28,10.0.0.240/29,10.0.0.248/30,10.0.0.252/31,10.0.0.254/32] 2013-04-21 14:57:16:INFO: Loading pool config successfully. 2013-04-21 14:57:16:INFO: pppoed Listening on bge0 (PPPoE) [PPPOE] using=/dev/bpf0 address=00:11:22:33:44:55 2013-04-21 14:57:42:INFO: pppoed RecvPADI from=aa:bb:cc:dd:ee:ff service-name= host-uniq=7446772e if=bge0 2013-04-21 14:57:42:INFO: pppoed SendPADO to=aa:bb:cc:dd:ee:ff serviceName= acName=00:11:22:33:44:55 hostUniq=7446772e eol if=bge0 2013-04-21 14:57:42:INFO: pppoed if=bge0 session=43717 SendPADS serviceName= hostUniq=7446772e 2013-04-21 14:57:42:NOTICE: pppoed if=bge0 session=43717 logtype=PPPBind ppp=0 2013-04-21 14:57:42:ERR: ppp id=0 layer=base getnameinfo() failed at ppp_set_tunnel_label 2013-04-21 14:57:42:INFO: ppp id=0 layer=base logtype=Started tunnel=PPPOE(0.0.0.0) 2013-04-21 14:57:42:INFO: ppp id=0 layer=lcp logtype=Opened mru=1400/1492 auth=PAP magic=dea55c97/0632d896 2013-04-21 14:57:42:DEBUG: ppp id=0 layer=pap pap_start 2013-04-21 14:57:42:INFO: ppp id=0 layer=pap logtype=Success username=taro realm=LOCAL 2013-04-21 14:57:42:INFO: ppp id=0 layer=base unhandled protocol ipv6cp, 32855(8057) 2013-04-21 14:57:42:INFO: ppp id=0 layer=ipcp IP Address peer=0.0.0.0 our=10.0.0.101. 2013-04-21 14:58:15:WARNING: ppp id=0 layer=ipcp timeout sending Config-Requests ppp id=0 failed to open the IPCP because npppd could not get the response from the client. 2013-04-21 14:58:15:INFO: ppp id=0 layer=ipcp IPCP is stopped 2013-04-21 14:58:21:INFO: pppoed if=bge0 session=43717 SendPADT 2013-04-21 14:58:21:ERR: ppp id=0 layer=base getnameinfo() failed at ppp_set_tunnel_label 2013-04-21 14:58:21:NOTICE: ppp id=0 layer=base logtype=TUNNELUSAGE user=taro duration=39sec layer2=PPPOE layer2from=0.0.0.0 auth=PAP data_in=98bytes,7packets data_out=265bytes,20packets error_in=1 error_out=0 mppe=no iface=pppx0 its duration was 39sec ^C 2013-04-21 14:59:34:INFO: ppp id=1 layer=base unhandled protocol ipv6cp, 32855(8057) The logs seem to be snipped. ppp id=1 appeared suddenly. 2013-04-21 14:59:34:INFO: ppp id=1 layer=base unhandled protocol ipv6cp, 32855(8057) 2013-04-21 14:59:34:INFO: ppp id=1 layer=lcp terminated by peer it was stopped by LCP terminate request from the peer. 2013-04-21 14:59:34:INFO: pppoed if=bge0 session=48751 RecvPADT 2013-04-21 14:59:34:INFO: pppoed if=bge0 session=48751 SendPADT 2013-04-21 14:59:34:ERR: ppp id=1 layer=base getnameinfo() failed at ppp_set_tunnel_label 2013-04-21 14:59:34:NOTICE: ppp id=1 layer=base logtype=TUNNELUSAGE user=taro duration=64sec layer2=PPPOE layer2from=0.0.0.0 auth=PAP data_in=242bytes,20packets data_out=509bytes,32packets error_in=11 error_out=0 mppe=no iface=pppx0 its duration was 64sec. The behavior of ppp id=0 and ppp id=1 seem to be different. And logs don't show any problem which can relate to the problem. So I suspect the problem is not caused by npppd. If you can repeat the problem, I'd like you to get the result of the command below tcpdump -pni bge0 ether proto 0x8863 or 0x8864 --yasuoka
Re: Xephyr bug with Firefox
On Sun, Apr 21, 2013 at 16:12, Robert Connolly wrote: I use Xephyr with Firefox. I also run Firefox as a dedicated user. At seemingly random times, but on a regular basis, Firefox will behave oddly. Firefox will open links in a new window, scrolling up or down with my touchpad will cause the tab to go forward or backward through browser history, and sometimes capslock will be on when typing in Firefox, even though capslock is off. In other words, Xephyr's virtual shift key is stuck on. Have you tried toggling the shift key to reset it? Then again, I'm highly suspicious of any program running on OpenBSD that claims to have allocated not just one, but two SE Linuxes. vm32:~ Xephyr :1 2 XSELINUXs still allocated at reset
Re: How many rounds to use for a pbkdf2 encrypted disk?
On Sun, Apr 21, 2013 at 19:00, and...@msu.edu wrote: The example in vnconfig shows 20,000. I picked 30K. This is a 2.8G core2 duo machine, encrypting mail and other stuff. I haven't found sources on the net that have explained what low security is, up to total paranoia with regards # of rounds. Ideas? URLs for good places to read? As many as don't annoy you. 100k will be about half a second on a CPU. The problem is the bad guys aren't going to be using CPUs. A single computer with a few high end graphics cards can do somewhere in the neighborhood of 3 billion hashes in one second. 1000 rounds (the bare minimum for pbkdf2) turns that into 3 million/s. 100k turns it into 30k/s. The work factor and time required scale linearly for both you and the attacker, the attacker just has somewhere ranging from 15000 to many more times more computing resources at his disposal. It's hard to directly equate time you spend waiting with time it will cost some unknown attacker. Your best bet is a longer password. Nothing will save you if your password is a word from a dictionary, or some 3lit3 spelling thereof. An interesting read: http://www.tarsnap.com/scrypt/scrypt.pdf There is a table at the top of page 14 that compares hypothetical hardware cracking costs. If you suspect somebody with a million dollars, access to chip fabrication facilities, and a year to wait will be interested in reading your email, you should use at least 100k rounds and and a ten character random password.