Re: SPARC minimum hardware specification

2015-07-21 Thread Christian Weisgerber
On 2015-07-21, Karel Gardas gard...@gmail.com wrote:

 Does that mean that lying on desk, Sun Blade 150 is more noisy than
 M3000?

Coincidently, we yesterday lugged two M3000s into the hackroom here
at c2k15.  When turned on, these make a hellish noise and you want
them in an insulated server room far away.

The Blade 150 is a desktop machine.  It's not as quiet as a modern
quiet PC, but it's par for the course for an average PC from fifteen
years ago.  (It is also slower than my Soekris net6501-50.)

-- 
Christian naddy Weisgerber  na...@mips.inka.de



Re: relayd support for ECDSA certificates

2015-07-21 Thread Stuart Henderson
On 2015-07-20, Seth l...@sysfu.com wrote:
 Anyone know if relayd supports ECDSA certificates?

 I'm trying to setup a TLS accelerator using an ECDSA cert and it's  
 crapping with a 'Broken pipe' error right after loading the certificate  
 and private key.

Probably not. Support for ECDSA server certs is quite limited in most
software. In case you're not aware, note that you don't need an ECDSA cert
to use EC encryption, that works fine with RSA certs too.



Re: SPARC minimum hardware specification

2015-07-21 Thread Raf Czlonka
On Tue, Jul 21, 2015 at 09:14:30AM BST, Karel Gardas wrote:

 Following this: http://unixhq.com/websgt/sunblade150.pdf -- it's 5.5
 bells (is that 55 dB?).

Yes - it's a standard SI prefix[0]. However, 'bel'(B), *not* 'bell', is
not used very often and 'decibel'(dB) is the actual unit.

[0] http://www.bipm.org/en/measurement-units/prefixes.html

Raf



Re: relayd relay stability

2015-07-21 Thread Stuart Henderson
On 2015-07-21, keith scott ke...@scott-land.net wrote:
 Hi, I am having some trouble building relayd. I've got down to the make
 part where it fails as you can see below. Do you know what I'm doing wrong ?

I suspect you perhaps didn't install the comp57.tgz set, if that's likely
you can add it to the running system if you like:

# cd /tmp
# ftp http://ftp.fr.openbsd.org/pub/OpenBSD/5.7/amd64/{SHA256.sig,comp57.tgz}
# signify -C -p /etc/signify/openbsd-57-base.pub -x SHA256.sig comp57.tgz 
(cd /; tar xzpvf tmp/comp57.tgz)



Re: SPARC minimum hardware specification

2015-07-21 Thread Christian Weisgerber
On 2015-07-21, Graham Stephens gra...@thestephensdomain.com wrote:

 These machines were not fast when new, but I will say that if you do try 
 one of these you *need* the proper memory for them (IIRC, registered). 

You need the proper memory for _any_ machine.  And you misremember.

spdmem0 at iic0 addr 0x50: 512MB SDRAM ECC PC133CL2
spdmem1 at iic0 addr 0x51: 512MB SDRAM ECC PC133CL2
spdmem2 at iic0 addr 0x52: 256MB SDRAM ECC PC133CL2

 You can run them on cheaper (non registered) memory, but they run *MUCH* 
 slower than with the supplied memory.

That doesn't make any sense.

-- 
Christian naddy Weisgerber  na...@mips.inka.de



Dell Latitude D610 screen blanking issue

2015-07-21 Thread Ax0n
I acquired a Dell Latitude D610 (including docking station, expansion-bay
HDD and a bunch of other accessories) from a friend. I've been running
OpenBSD on it since around the time 5.6 came out. I'm running 5.7-RELEASE
with all patches applied.

The screen (perhaps only the backlight) won't come back from a lid closure
screen blank. Waking from suspend or hibernate will bring it back. Using
xset s activate (which should blank the screen) followed by a key press to
wake the display will also bring it back. I have disabled
machdep.lidsuspend because I frequently run this system in the docking
station with the lid closed and generally don't want my laptops suspending
when closed.

It's a minor annoyance, but I'm wondering if there's something I could do
to fix the screen blanking issue. I'm not having much luck finding anything
useful in the wscons/wsdisplay man pages. Ideas?

Also, bwi(4) doesn't work on this system. There was a patch posted back in
December against 5.6, but I'm just running a tiny urtwn(4) that seems to be
working great.

dmesg; sysctl hw.sensors follows.


OpenBSD 5.7 (GENERIC) #0: Sun Jul 19 23:33:46 CDT 2015
r...@capture.labs.h-i-r.net:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) M processor 1.73GHz (GenuineIntel 686-class)
1.73 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,PBE,NXE,EST,TM2,PERF
real mem  = 1064652800 (1015MB)
avail mem = 1034891264 (986MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: date 10/02/05, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3
@ 0xf7860 (60 entries)
bios0: vendor Dell Inc. version A06 date 10/02/2005
bios0: Dell Inc. Latitude D610
acpi0 at bios0: rev 0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC ASF! MCFG SSDT SSDT SSDT
acpi0: wakeup devices LID_(S3) PBTN(S4) PCI0(S5) USB0(S0) USB1(S0) USB2(S0)
USB4(S0) USB3(S0) MODM(S3) PCIE(S4) NIC_(S5)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 133MHz
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 1
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (AGP_)
acpiprt2 at acpi0: bus 3 (PCIE)
acpicpu0 at acpi0: C3, C3, C2, C1, PSS
acpitz0 at acpi0: critical temperature is 101 degC
acpiac0 at acpi0: AC unit offline
acpibat0 at acpi0: BAT0 model DELL MT2648 serial 2 type LION oem Samsung
SDI
acpibat1 at acpi0: BAT1 not present
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: PBTN
acpibtn2 at acpi0: SBTN
acpidock0 at acpi0: GDCK not docked (0)
acpivideo0 at acpi0: VID_
acpivideo1 at acpi0: VID_
acpivideo2 at acpi0: VID2
bios0: ROM list: 0xc/0xf800! 0xcf800/0x800
cpu0: Enhanced SpeedStep 1730 MHz: speeds: 1733, 1333, 1067, 800 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82915GM Host rev 0x03
vga1 at pci0 dev 2 function 0 Intel 82915GM Video rev 0x03
intagp0 at vga1
agp0 at intagp0: aperture at 0xc000, size 0x1000
inteldrm0 at vga1
drm0 at inteldrm0
inteldrm0: 1024x768
wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
Intel 82915GM Video rev 0x03 at pci0 dev 2 function 1 not configured
ppb0 at pci0 dev 28 function 0 Intel 82801FB PCIE rev 0x03: apic 1 int 16
pci1 at ppb0 bus 2
bge0 at pci1 dev 0 function 0 Broadcom BCM5751 rev 0x01, BCM5750 A1
(0x4001): apic 1 int 16, address 00:14:22:ca:e3:f1
brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0
uhci0 at pci0 dev 29 function 0 Intel 82801FB USB rev 0x03: apic 1 int 16
uhci1 at pci0 dev 29 function 1 Intel 82801FB USB rev 0x03: apic 1 int 17
uhci2 at pci0 dev 29 function 2 Intel 82801FB USB rev 0x03: apic 1 int 18
uhci3 at pci0 dev 29 function 3 Intel 82801FB USB rev 0x03: apic 1 int 19
ehci0 at pci0 dev 29 function 7 Intel 82801FB USB rev 0x03: apic 1 int 16
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xd3
pci2 at ppb1 bus 3
cbb0 at pci2 dev 1 function 0 TI PCI6515 CardBus rev 0x00: apic 1 int 19
TI PCI6515 CardBus rev 0x00 at pci2 dev 1 function 5 not configured
bwi0 at pci2 dev 3 function 0 Broadcom BCM4318 rev 0x02: apic 1 int 17,
address 00:14:a4:63:ce:94
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 4 device 0 cacheline 0x10, lattimer 0x20
pcmcia0 at cardslot0
auich0 at pci0 dev 30 function 2 Intel 82801FB AC97 rev 0x03: apic 1 int
16, ICH6 AC97
ac97: codec id 0x83847650 (SigmaTel STAC9750/51)
ac97: codec features headphone, 20 bit DAC, 20 bit ADC, SigmaTel 3D
audio0 at auich0
Intel 82801FB Modem rev 0x03 at pci0 dev 30 function 3 not configured
ichpcib0 at pci0 dev 31 function 0 Intel 82801FBM LPC rev 0x03: 

Re: SPARC minimum hardware specification

2015-07-21 Thread Christian Weisgerber
On 2015-07-20, Joel Rees joel.r...@gmail.com wrote:

 I know I'm persona non-grata on the list these days, and I doubt I'm
 going to make much sense in an argument, but it's the way Intel won
 that has some of use willing to take a small hit on performance or
 price.

The irony is that I've probably run more non-x86 hardware than the
mouth flappers here.  (For one, I've had four different Alphas over
the years.)

Nowadays there are no alternatives to x86 in the desktop market.
None.  There are choices in the (big) server market and there are
choices in the embedded market, but there is nothing in the desktop
segment.  Being willing to take a small hit on performance or
price does not magically will such alternatives into existence;
it just makes you sound delusional.

And anybody considering OpenBSD on non-x86 be better prepared to
pitch in with development, add support and fix problems.  If you
just want to use it, you're better off with x86.

(For instance, and getting vaguely back to topic, the Blade 150
suffers both ohci(4) and gem(4) lockups if you hit the right usage
pattern.  And we have tons of build logs from ports that fail to
build on various archs.)

-- 
Christian naddy Weisgerber  na...@mips.inka.de



Re: SPARC minimum hardware specification

2015-07-21 Thread Richard Thornton
I have dismantled my Sun Blade 100, circa 2002 era, and I have the (4) 500 MG 
memory sticks, keyboard, mouse, monitor, CD player, and the two original stock 
15 GB IDE drives.  If anyone wants the parts, let me know.


It was occasionally‎ a noisy box. I kept mine in a metal enclosure for medium 
sized tower computers, bought via catalog.   The enclosure really deadened the 
sound for around $35.   

This machine worked well with OpenBSD. Version 5.3 was very good on it.





Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
  Original Message  
From: Graham Stephens
Sent: Tuesday, July 21, 2015 2:31 PM
To: na...@mips.inka.de
Cc: misc@openbsd.org
Subject: Re: SPARC minimum hardware specification

On 21/07/2015 17:10, Christian Weisgerber wrote:
 On 2015-07-21, Graham Stephens gra...@thestephensdomain.com wrote:

 These machines were not fast when new, but I will say that if you do try
 one of these you *need* the proper memory for them (IIRC, registered).

 You need the proper memory for _any_ machine. And you misremember.

 spdmem0 at iic0 addr 0x50: 512MB SDRAM ECC PC133CL2
 spdmem1 at iic0 addr 0x51: 512MB SDRAM ECC PC133CL2
 spdmem2 at iic0 addr 0x52: 256MB SDRAM ECC PC133CL2

 You can run them on cheaper (non registered) memory, but they run *MUCH*
 slower than with the supplied memory.

 That doesn't make any sense.


Now that you've called me out, I had to do a bit of digging to remember 
some of the facts...

I have the alternative memory in working machines at the moment, so I 
can't take them apart to check the specs; it may be that the clock 
timings are different, I don't recall.

I was right, however, about the memory being registered - I just had it 
the wrong way round. The OEM memory is ECC unbuffered. By changing a 
jumper on the motherboard it allows the use of ECC registered, which is 
easier to come by and hence cheaper - at least it was when I was looking 
last.
This may explain the difference in speeds.



Re: SPARC minimum hardware specification

2015-07-21 Thread Karel Gardas
On Tue, Jul 21, 2015 at 6:06 PM, Christian Weisgerber
na...@mips.inka.de wrote:
 Coincidently, we yesterday lugged two M3000s into the hackroom here
 at c2k15.  When turned on, these make a hellish noise and you want
 them in an insulated server room far away.

Christian, this is really first hand experience I needed to hear. It
basically means that it's useless to purchase a lot of expensive M3k
instead of more powerful, yet noisy and a lot heavier M4k. Thanks a
lot for this!

 The Blade 150 is a desktop machine.  It's not as quiet as a modern
 quiet PC, but it's par for the course for an average PC from fifteen
 years ago.  (It is also slower than my Soekris net6501-50.)

:-) good to know. I guess M3k is several times faster than blade 150.
My bet is 5-7x. is that right?

Thanks a lot for all your information provided! Karel



Re: SPARC minimum hardware specification

2015-07-21 Thread Karel Gardas
On Tue, Jul 21, 2015 at 11:18 PM, Erling Westenvik
erling.westen...@gmail.com wrote:
 On Tue, Jul 21, 2015 at 04:09:58PM +0100, Raf Czlonka wrote:
 On Tue, Jul 21, 2015 at 09:14:30AM BST, Karel Gardas wrote:

  Following this: http://unixhq.com/websgt/sunblade150.pdf -- it's 5.5
  bells (is that 55 dB?).

 Yes - it's a standard SI prefix[0]. However, 'bel'(B), *not* 'bell', is
 not used very often and 'decibel'(dB) is the actual unit.

 The wonders of metric logic: a decimeter is one-tenth of a meter, but a
 decibel is ten times a bel?

decibel is also one-tenth of bell, isn't it?

Anyway, by different metic logic I've been more thinking about all
those measurements on bystander position versus common position etc.
See http://www.spectra.com/wp-content/uploads/coolthreadst1000.pdf --
and search for noise. You will see:

Declared Operating/Idling Acoustic Acoustic Noise 7.7B (LwAd,1B=10dB)
66dB (LpAm, bystander positions) -- this LwAd and LpAm is what I'm
talking about here and what makes comparison of noise from Blade
100/150 and M3000 so difficult. Fortunately Christian give me this
information from his first hand experience.

Karel



Re: SPARC minimum hardware specification

2015-07-21 Thread Benjamin Baier
On Tue, 21 Jul 2015 23:18:40 +0200
Erling Westenvik erling.westen...@gmail.com wrote:

 On Tue, Jul 21, 2015 at 04:09:58PM +0100, Raf Czlonka wrote:
  On Tue, Jul 21, 2015 at 09:14:30AM BST, Karel Gardas wrote:
  
   Following this: http://unixhq.com/websgt/sunblade150.pdf -- it's 5.5
   bells (is that 55 dB?).
  
  Yes - it's a standard SI prefix[0]. However, 'bel'(B), *not* 'bell', is
  not used very often and 'decibel'(dB) is the actual unit.
 
 The wonders of metric logic: a decimeter is one-tenth of a meter, but a
 decibel is ten times a bel?
Mindgames...?
1 dB == 0.1 Bel
1 dm == 0.1 m

1 Bel == 10 dB
1 m == 10 dm

 Erling
 
  [0] http://www.bipm.org/en/measurement-units/prefixes.html
  
  Raf
 

Greetings Ben



Re: SPARC minimum hardware specification

2015-07-21 Thread Erling Westenvik
On Tue, Jul 21, 2015 at 04:09:58PM +0100, Raf Czlonka wrote:
 On Tue, Jul 21, 2015 at 09:14:30AM BST, Karel Gardas wrote:
 
  Following this: http://unixhq.com/websgt/sunblade150.pdf -- it's 5.5
  bells (is that 55 dB?).
 
 Yes - it's a standard SI prefix[0]. However, 'bel'(B), *not* 'bell', is
 not used very often and 'decibel'(dB) is the actual unit.

The wonders of metric logic: a decimeter is one-tenth of a meter, but a
decibel is ten times a bel?

Erling

 [0] http://www.bipm.org/en/measurement-units/prefixes.html
 
 Raf



Re: sh(1), ksh(1) - lack of information about default sourcefile.

2015-07-21 Thread Ingo Schwarze
Hi,

Black Rider wrote on Sun, Jun 14, 2015 at 02:48:17PM +:

 I have noticed that the ksh and sh manpages don't make reference to the 
 file /.profile, which I understand to hold the default shell variables if 
 the other source files listed on the manuals don't exist.

Sorry for being late to the party, but as nobody clarified, better
late than never.  The .profile file in the root directory isn't
used when other initialization *files* don't exist, but it is used
in place of ~/.profile when the $HOME *directory* does not exist.

That's an obscure corner case that i don't think needs to be
documented.  Besides, it's not even really specific to the shell.
It more about login(1).  If your home dir doesn't exist, you
get HOME=/ - and that's about all there is to it.

Yours,
  Ingo



Re: bug in rc.subr: kills more than it should (patch)

2015-07-21 Thread nusenu
 imagine you have N services named:

 service service1 service2 ...

 or a ab abc ...

 Now you want to stop 'service' and you run: 'rcctl stop
 service'

 all (not just one) of them are gone?


 rc.subr invokes pkill and does a startswith match but does
 not require a perfect/complete match.

 What do you think about this patch to require a perfect match
 when sending invoking pkill/pgrep?
 Won't work. Carefully read pgrep(1) again.



I'm glad someone changed his opinion on this. :)

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/rc.d/rc.subr.diff?r1=1.98r2
=1.99

http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/tor/pkg/tor.rc?rev=1.4con
tent-type=text/x-cvsweb-markup

http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/tor/pkg/tor.rc?rev=1.4con
tent-type=text/x-cvsweb-markup


By default, require an exact match of the process name and argument list.
This allows running several instances of the same rc.d(8) script by just
linking it to different name.
e.g.
ln -s ftpproxy ftpproxy6
echo 'ftpproxy6_flags=-6' /etc/rc.conf.local

This is likely to break some rc.d scripts in ports. I will try and fix
them all
in the next few days but I'd appreciate reports if I missed some.



...and yes, that was exactly my use case ;)
I'm also linking tor's rc script multiple times + custom flags.

https://github.com/nusenu/ansible-relayor/blob/master/tasks/configure.yml#L13
8

[demime 1.01d removed an attachment of type application/pgp-signature which had 
a name of signature.asc]



LibreSSL and easy-rsa

2015-07-21 Thread Predrag Punosevac
Hi Misc,

I apologize if this was asked earlier. I am using easy-rsa to generate
certificates for my new OpenVPN gateway. Could somebody confirm if
easy-rsa is now using LibreSSL?  Quick inspection of

/usr/local/share/easy-rsa/vars 

reveales that

export OPENSSL=openssl

however

# which openssl
/usr/bin/openssl

which together with man pages 

http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/openssl.1?query=opensslsec=1

indicate that easy-rsa should be using LibreSSL now. 

I have found this bug report 

https://forums.openvpn.net/topic17800.html

on the easy-rsa mailing list. Apparently there is even OpenBSD community
of OpenVPN users that I was not aware of

http://www.openbsdsupport.org/openvpn-on-openbsd56.html

Best,
Predrag



Re: SPARC minimum hardware specification

2015-07-21 Thread ludovic coues
2015-07-21 1:57 GMT+02:00 Joel Rees joel.r...@gmail.com:
 On Sat, Jul 18, 2015 at 5:45 AM, Christian Weisgerber
 na...@mips.inka.de wrote:
 On 2015-07-17, BSD b...@cpscoatings.net wrote:

 As a new user, I find myself in the same position as the OP: very
 interested in non-Intel products. But there seems to be a vacuum of
 information around this topic.

 You're 15 years too late.  x86 has won.

 I know I'm persona non-grata on the list these days, and I doubt I'm
 going to make much sense in an argument, but it's the way Intel won
 that has some of use willing to take a small hit on performance or
 price.

 Besides, it's only a small hit on much of what I do. RAM and hard disk
 speed make up for quite a bit.


I doubt anyone will argue about intel being cheaper and faster.
But people might be interested in other thing.
Power consumption come in my mind. That's one of the reason why most
smartphone run on ARM and wikipedia claim the cell processor was used
for making to most efficient server regarding floating operation per
second versus power consumption.
Another thing is to find bug. Each platform is different and some have
already exposed bug which existed on x86 or amd64 but where harder to
produce.

Here is a metaphor. Intel produce hammer. Really nice hammer, work
really well on nails, can also be used to stick a screw in wood. But
sometimes, you aren't looking for a hammer.

Cordialement, Coues Ludovic
+336 148 743 42



Re: SPARC minimum hardware specification

2015-07-21 Thread Karel Gardas
On Mon, Jul 20, 2015 at 6:14 PM, Christian Weisgerber
na...@mips.inka.de wrote:
 Let's cut through some of this crap.  If you want a reasonably quiet
 sparc64 designed to be put on a desk, your fastest choices are a

 Sun Blade 100   or
 Sun Blade 150   (~20% faster)

Following this: http://unixhq.com/websgt/sunblade150.pdf -- it's 5.5
bells (is that 55 dB?). M3000, on the other hand is 47 dB(A),
reference here:
https://www.fujitsu.com/global/Images/ds-sparcenterprise-m3000-ww-en.pdf

Does that mean that lying on desk, Sun Blade 150 is more noisy than
M3000? I'm asking someone who does have real practical experience with
both boxes, since comparison of those noise values is nearly
impossible since I'm afraid they both are measured using different
metrics.

Thanks! Karel



Re: relayd relay stability

2015-07-21 Thread keith scott
Hi, I am having some trouble building relayd. I've got down to the make
part where it fails as you can see below. Do you know what I'm doing wrong ?

I downloaded the src.tar.gz file
tar xzf ../src.tar.gz

export CVSROOT=anon...@anoncvs.spacehopper.org:/cvs
cvs up -AC
cvs server: Updating .
P agentx.c
P ca.c
P config.c
P control.c
P http.h
P parse.y
P pfe.c
P relay.c
P relay_http.c
P relayd.c
P relayd.conf.5
P relayd.h
P ssl.c
# make obj
/usr/src/usr.sbin/relayd/obj - /usr/obj/usr.sbin/relayd
# make
make: don't know how to make /usr/lib/crt0.o (prerequisite of: relayd)
Stop in /usr/src/usr.sbin/relayd

Thanks
Keith.


On Tue, Jul 21, 2015 at 5:08 AM, Sebastian Benoit benoit-li...@fb12.de
wrote:


 Hi,

 here is how to update relayd to current:

 (your user account has to be in group wsrc)

 $ cd /usr
 $ cvs -qd anon...@anoncvs.ca.openbsd.org:/cvs get -rOPENBSD_5_7 -P src
 $ cd src/usr.sbin/relayd
 $ cvs up -AC
 $ make obj
 $ make
 $ sudo cp /usr/sbin/relayd /usr/sbin/relayd.orig
 $ sudo make install

 restart relayd and see if its better.

 /Benno

 Keith(ke...@scott-land.net) on 2015.07.20 23:55:43 +0100:
  Hi,
  Since upgrading one of our OpenBSD firewalls on Monday last
  week we have been having serious stability issues with relayd as its
  been randomly exiting after only a few hours of being started.  We were
  in the same situation a few years ago when we did a previous upgrade of
  OBSD and at that time I think we reverted some of the servers to a
  previous build of OBSD,  I think we also committed out some parts of our
  relayd.conf file until things became stable and we left it like that
  till we upgraded last week.
 
  I've got a feeling that the crashes are related to the only relay that
  we have called http_forwarder and to the protocol we've called http
  where we add the X-Forwarded header.  Previous to the recent upgrade the
  match header append X-Forwarded-For... line had been commented out
  and I am assuming that that was the reason that it had been stable.
 
  After the first or second crash last week I think we removed the http
  protocol from our relayd.conf and that made things stable again but we
  need to get the X-Forwarded-For header working so I re enabled it again
  today along with some minor other edits but relayd has died again...
 
  After searching around I found this but am not sure if it's related to
  our issue http://permalink.gmane.org/gmane.os.openbsd.misc/220963
 
  If anyone can help it would be appreciated as I am unsure how or what to
  do next.
 
  Thanks,
 
  Keith
 
  I left relayd running in the foreground with verbose enabled and below
  are the last few log lines.
 
  relay http_forwarder, session 8734 (440 active), 0, XX.XX.XX.174 - :0,
  no method (406 Not Acceptable), POST
  ca exiting, pid 26811
  ca exiting, pid 17254
  pfe exiting, pid 26999
  ca exiting, pid 29382
  ca exiting, pid 7976
  ca exiting, pid 24659
  hce exiting, pid 16102
  relay exiting, pid 9783
  relay exiting, pid 19514
  relay exiting, pid 12042
  relay exiting, pid 13716
  parent terminating, pid 29733
 
  Our relayd.conf file
 
  Interval 60
  timeout 8000
  prefork 5
  log updates
 
  table web_hosts{ 192.168.XX.aa, 192.168.XX.bb }
 
  http protocol http {
match header append X-Forwarded-For value $REMOTE_ADDR
return error
  }
 
  redirect http_Main {
listen on 192.168.xx.2 port  80 interface vlanXX
listen on 192.168.xx.3 port  80 interface vlanXX
match pftag http_Main
forward to web_hosts  port  82 check http / code 200
  }
 
  redirect https_Main {
listen on 192.168.xx.2 port 443 interface vlanXX
match pftag https_Main
forward to web_hosts  port 443 check tcp
  }
 
  redirect https_Other {
listen on 192.168.xx.3 port 443 interface vlanXX
match pftag https_NN_Only
forward to web_hosts  port 445 check tcp
  }
 
  relay http_forwarder {
listen on 127.0.0.1 port 8080
protocol http
forward to web_hosts port 82 mode loadbalance check http / code 200
  }
 
  relay SSL_Generic {
listen on 127.0.0.1 port 9441
forward to web_hosts port  443 mode loadbalance check tcp
  }
 
  relay SSL_Other {
listen on 127.0.0.1 port 9444
forward to web_hosts port 445 mode loadbalance check tcp
  }
 

 --



CD0B-F192-76F3 : REMINDER from misc

2015-07-21 Thread Alan Cheng
accept CD0B-F192-76F3



Octeon - EdgeRouter Lite panic during rm -rf /usr/ports

2015-07-21 Thread Seth
First, thanks very much to those involved in bringing OpenBSD to the 
Ubiquiti EdgeRouter Lite. I finally got my system setup the other day, 
and I'm really looking forward to using it more.


I tried to untar ports.tar.gz last night, but doing so around the same 
time as the first security script check ran into trouble (perl process 
ran for ~3hrs of CPU time overnight) and the untar never completed. This 
morning, I killed perl and tried to rm -rf the ports tree so I could 
start clean, but the kernel panic'd. I rebooted, tried again and got a 
second panic.


Dmesg, trace  ps (both) below.

Thanks,
Seth

# dmesg
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2015 OpenBSD. All rights reserved. http://www.OpenBSD.org

OpenBSD 5.8-beta (GENERIC) #2: Sat Jul 11 21:34:50 CEST 2015
r...@erl-2.jasper.la:/usr/src/sys/arch/octeon/compile/GENERIC
real mem = 515932160 (492MB)
avail mem = 511524864 (487MB)
warning: no entropy supplied by boot loader
mainbus0 at root
cpu0 at mainbus0: Cavium OCTEON CPU rev 0.1 500 MHz, Software FP emulation
cpu0: cache L1-I 32KB 4 way D 8KB 64 way, L2 128KB 8 way
clock0 at mainbus0: int 5
iobus0 at mainbus0
octcf at iobus0 base 0x1d000800 irq 0 not configured
pcibus at iobus0 irq 0 not configured
cn30xxgmx0 at iobus0 base 0x118000800 irq 48
cnmac0 at cn30xxgmx0: RGMII, address dc:9f:db:28:37:0e
atphy0 at cnmac0 phy 7: F1 10/100/1000 PHY, rev. 2
cnmac1 at cn30xxgmx0: RGMII, address dc:9f:db:28:37:0f
atphy1 at cnmac1 phy 6: F1 10/100/1000 PHY, rev. 2
cnmac2 at cn30xxgmx0: RGMII, address dc:9f:db:28:37:10
atphy2 at cnmac2 phy 5: F1 10/100/1000 PHY, rev. 2
octrng0 at iobus0 base 0x14000 irq 0
octhci at iobus0 irq 56 not configured
dwctwo0 at iobus0 base 0x118006800 irq 56
usb0 at dwctwo0: USB revision 2.0
uhub0 at usb0  DWC2 root hub rev 2.00/1.00 addr 1
uartbus0 at mainbus0
com0 at uartbus0 base 0x118000800 irq 34: ns16550, no working fifo
com0: console
com1 at uartbus0 base 0x118000c00 irq 35: ns16550, no working fifo
/dev/ksyms: Symbol table not valid.
umass0 at uhub0 port 1 configuration 1 interface 0 Lexar Echo rev 
2.00/11.00 addr 2

umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: Lexar, Echo, 1100 SCSI0 0/direct 
removable serial.05dca01aY63VXR9F6JRF

sd0: 15296MB, 512 bytes/sector, 31326208 sectors
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
boot device: sd0
root on sd0a (0b4a9b1afd0999c1.a) swap on sd0b dump on sd0b
WARNING: / was not properly unmounted
WARNING: No TOD clock, believing file system.
WARNING: CHECK AND RESET THE DATE!
cnmac0: a reception error occured, the packet was dropped (error code = 13)

crash
panic: pool_do_get: dwc2qtd free list modified: page 0x98000f1f4000; 
item addr 0x98000f1f4018; offset 0x0=0xafbead

Stopped at  0x812722f4: jr  ra
0x812722f8:  nop
RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC!
DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION!
ddb trace
0x812722f0 (16429069f5df9c6e,900107000200,200,0)  ra 
0x810b

2f70 sp 0x9800095b77a0, sz 0
0x810b2e24 (16429069f5df9c6e,900107000200,200,0)  ra 0x0 sp 
0x98000

95b77a0, sz 0
User-level: pid 30882
ddb ps
   PID   PPID   PGRPUID  S   FLAGS  WAIT  COMMAND
 29187   8338   8338  0  20x32 login_passwd
 30578   8338   8338 27  30xc00490  netio sshd
  8338  25189   8338  0  30x82  netio sshd
*30882  7  30882  0  7 0x3rm
 7  1  7  0  30x8b  pause ksh
 14755  1  14755  0  30x80  poll  cron
 16891  1  16891 99  30x90  poll  sndiod
 12621   2136   2136 95  30x90  kqreadsmtpd
  4356   2136   2136 95  30x90  kqreadsmtpd
 11248   2136   2136 95  30x90  kqreadsmtpd
 12767   2136   2136 95  30x90  kqreadsmtpd
 16863   2136   2136 95  30x90  kqreadsmtpd
 25205   2136   2136103  30x90  kqreadsmtpd
  2136  1   2136  0  30x80  kqreadsmtpd
   191  1191 77  30x90  poll  dhcpd
 25189  1  25189  0  30x80  selectsshd
 12495   1664  11586 83  30x90  poll  ntpd
  1664  11586  11586 83  30x90  poll  ntpd
 11586  1  11586  0  30x80  poll  ntpd
  9057  22320  22320 74  30x90  bpf   pflogd
 22320  1  22320  0  30x80  netio pflogd
 18268  20821  20821 73  30x90  kqreadsyslogd
 20821  1  20821  0  30x80  netio syslogd
 12384  0  0  0  2 0x14200