Re: SPARC minimum hardware specification
On 2015-07-21, Karel Gardas gard...@gmail.com wrote: Does that mean that lying on desk, Sun Blade 150 is more noisy than M3000? Coincidently, we yesterday lugged two M3000s into the hackroom here at c2k15. When turned on, these make a hellish noise and you want them in an insulated server room far away. The Blade 150 is a desktop machine. It's not as quiet as a modern quiet PC, but it's par for the course for an average PC from fifteen years ago. (It is also slower than my Soekris net6501-50.) -- Christian naddy Weisgerber na...@mips.inka.de
Re: relayd support for ECDSA certificates
On 2015-07-20, Seth l...@sysfu.com wrote: Anyone know if relayd supports ECDSA certificates? I'm trying to setup a TLS accelerator using an ECDSA cert and it's crapping with a 'Broken pipe' error right after loading the certificate and private key. Probably not. Support for ECDSA server certs is quite limited in most software. In case you're not aware, note that you don't need an ECDSA cert to use EC encryption, that works fine with RSA certs too.
Re: SPARC minimum hardware specification
On Tue, Jul 21, 2015 at 09:14:30AM BST, Karel Gardas wrote: Following this: http://unixhq.com/websgt/sunblade150.pdf -- it's 5.5 bells (is that 55 dB?). Yes - it's a standard SI prefix[0]. However, 'bel'(B), *not* 'bell', is not used very often and 'decibel'(dB) is the actual unit. [0] http://www.bipm.org/en/measurement-units/prefixes.html Raf
Re: relayd relay stability
On 2015-07-21, keith scott ke...@scott-land.net wrote: Hi, I am having some trouble building relayd. I've got down to the make part where it fails as you can see below. Do you know what I'm doing wrong ? I suspect you perhaps didn't install the comp57.tgz set, if that's likely you can add it to the running system if you like: # cd /tmp # ftp http://ftp.fr.openbsd.org/pub/OpenBSD/5.7/amd64/{SHA256.sig,comp57.tgz} # signify -C -p /etc/signify/openbsd-57-base.pub -x SHA256.sig comp57.tgz (cd /; tar xzpvf tmp/comp57.tgz)
Re: SPARC minimum hardware specification
On 2015-07-21, Graham Stephens gra...@thestephensdomain.com wrote: These machines were not fast when new, but I will say that if you do try one of these you *need* the proper memory for them (IIRC, registered). You need the proper memory for _any_ machine. And you misremember. spdmem0 at iic0 addr 0x50: 512MB SDRAM ECC PC133CL2 spdmem1 at iic0 addr 0x51: 512MB SDRAM ECC PC133CL2 spdmem2 at iic0 addr 0x52: 256MB SDRAM ECC PC133CL2 You can run them on cheaper (non registered) memory, but they run *MUCH* slower than with the supplied memory. That doesn't make any sense. -- Christian naddy Weisgerber na...@mips.inka.de
Dell Latitude D610 screen blanking issue
I acquired a Dell Latitude D610 (including docking station, expansion-bay HDD and a bunch of other accessories) from a friend. I've been running OpenBSD on it since around the time 5.6 came out. I'm running 5.7-RELEASE with all patches applied. The screen (perhaps only the backlight) won't come back from a lid closure screen blank. Waking from suspend or hibernate will bring it back. Using xset s activate (which should blank the screen) followed by a key press to wake the display will also bring it back. I have disabled machdep.lidsuspend because I frequently run this system in the docking station with the lid closed and generally don't want my laptops suspending when closed. It's a minor annoyance, but I'm wondering if there's something I could do to fix the screen blanking issue. I'm not having much luck finding anything useful in the wscons/wsdisplay man pages. Ideas? Also, bwi(4) doesn't work on this system. There was a patch posted back in December against 5.6, but I'm just running a tiny urtwn(4) that seems to be working great. dmesg; sysctl hw.sensors follows. OpenBSD 5.7 (GENERIC) #0: Sun Jul 19 23:33:46 CDT 2015 r...@capture.labs.h-i-r.net:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.73GHz (GenuineIntel 686-class) 1.73 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,PBE,NXE,EST,TM2,PERF real mem = 1064652800 (1015MB) avail mem = 1034891264 (986MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: date 10/02/05, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf7860 (60 entries) bios0: vendor Dell Inc. version A06 date 10/02/2005 bios0: Dell Inc. Latitude D610 acpi0 at bios0: rev 0 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC ASF! MCFG SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) PBTN(S4) PCI0(S5) USB0(S0) USB1(S0) USB2(S0) USB4(S0) USB3(S0) MODM(S3) PCIE(S4) NIC_(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 133MHz ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 1 acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGP_) acpiprt2 at acpi0: bus 3 (PCIE) acpicpu0 at acpi0: C3, C3, C2, C1, PSS acpitz0 at acpi0: critical temperature is 101 degC acpiac0 at acpi0: AC unit offline acpibat0 at acpi0: BAT0 model DELL MT2648 serial 2 type LION oem Samsung SDI acpibat1 at acpi0: BAT1 not present acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: PBTN acpibtn2 at acpi0: SBTN acpidock0 at acpi0: GDCK not docked (0) acpivideo0 at acpi0: VID_ acpivideo1 at acpi0: VID_ acpivideo2 at acpi0: VID2 bios0: ROM list: 0xc/0xf800! 0xcf800/0x800 cpu0: Enhanced SpeedStep 1730 MHz: speeds: 1733, 1333, 1067, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82915GM Host rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82915GM Video rev 0x03 intagp0 at vga1 agp0 at intagp0: aperture at 0xc000, size 0x1000 inteldrm0 at vga1 drm0 at inteldrm0 inteldrm0: 1024x768 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) Intel 82915GM Video rev 0x03 at pci0 dev 2 function 1 not configured ppb0 at pci0 dev 28 function 0 Intel 82801FB PCIE rev 0x03: apic 1 int 16 pci1 at ppb0 bus 2 bge0 at pci1 dev 0 function 0 Broadcom BCM5751 rev 0x01, BCM5750 A1 (0x4001): apic 1 int 16, address 00:14:22:ca:e3:f1 brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 uhci0 at pci0 dev 29 function 0 Intel 82801FB USB rev 0x03: apic 1 int 16 uhci1 at pci0 dev 29 function 1 Intel 82801FB USB rev 0x03: apic 1 int 17 uhci2 at pci0 dev 29 function 2 Intel 82801FB USB rev 0x03: apic 1 int 18 uhci3 at pci0 dev 29 function 3 Intel 82801FB USB rev 0x03: apic 1 int 19 ehci0 at pci0 dev 29 function 7 Intel 82801FB USB rev 0x03: apic 1 int 16 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xd3 pci2 at ppb1 bus 3 cbb0 at pci2 dev 1 function 0 TI PCI6515 CardBus rev 0x00: apic 1 int 19 TI PCI6515 CardBus rev 0x00 at pci2 dev 1 function 5 not configured bwi0 at pci2 dev 3 function 0 Broadcom BCM4318 rev 0x02: apic 1 int 17, address 00:14:a4:63:ce:94 cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 4 device 0 cacheline 0x10, lattimer 0x20 pcmcia0 at cardslot0 auich0 at pci0 dev 30 function 2 Intel 82801FB AC97 rev 0x03: apic 1 int 16, ICH6 AC97 ac97: codec id 0x83847650 (SigmaTel STAC9750/51) ac97: codec features headphone, 20 bit DAC, 20 bit ADC, SigmaTel 3D audio0 at auich0 Intel 82801FB Modem rev 0x03 at pci0 dev 30 function 3 not configured ichpcib0 at pci0 dev 31 function 0 Intel 82801FBM LPC rev 0x03:
Re: SPARC minimum hardware specification
On 2015-07-20, Joel Rees joel.r...@gmail.com wrote: I know I'm persona non-grata on the list these days, and I doubt I'm going to make much sense in an argument, but it's the way Intel won that has some of use willing to take a small hit on performance or price. The irony is that I've probably run more non-x86 hardware than the mouth flappers here. (For one, I've had four different Alphas over the years.) Nowadays there are no alternatives to x86 in the desktop market. None. There are choices in the (big) server market and there are choices in the embedded market, but there is nothing in the desktop segment. Being willing to take a small hit on performance or price does not magically will such alternatives into existence; it just makes you sound delusional. And anybody considering OpenBSD on non-x86 be better prepared to pitch in with development, add support and fix problems. If you just want to use it, you're better off with x86. (For instance, and getting vaguely back to topic, the Blade 150 suffers both ohci(4) and gem(4) lockups if you hit the right usage pattern. And we have tons of build logs from ports that fail to build on various archs.) -- Christian naddy Weisgerber na...@mips.inka.de
Re: SPARC minimum hardware specification
I have dismantled my Sun Blade 100, circa 2002 era, and I have the (4) 500 MG memory sticks, keyboard, mouse, monitor, CD player, and the two original stock 15 GB IDE drives. If anyone wants the parts, let me know. It was occasionally a noisy box. I kept mine in a metal enclosure for medium sized tower computers, bought via catalog. The enclosure really deadened the sound for around $35. This machine worked well with OpenBSD. Version 5.3 was very good on it. Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. Original Message From: Graham Stephens Sent: Tuesday, July 21, 2015 2:31 PM To: na...@mips.inka.de Cc: misc@openbsd.org Subject: Re: SPARC minimum hardware specification On 21/07/2015 17:10, Christian Weisgerber wrote: On 2015-07-21, Graham Stephens gra...@thestephensdomain.com wrote: These machines were not fast when new, but I will say that if you do try one of these you *need* the proper memory for them (IIRC, registered). You need the proper memory for _any_ machine. And you misremember. spdmem0 at iic0 addr 0x50: 512MB SDRAM ECC PC133CL2 spdmem1 at iic0 addr 0x51: 512MB SDRAM ECC PC133CL2 spdmem2 at iic0 addr 0x52: 256MB SDRAM ECC PC133CL2 You can run them on cheaper (non registered) memory, but they run *MUCH* slower than with the supplied memory. That doesn't make any sense. Now that you've called me out, I had to do a bit of digging to remember some of the facts... I have the alternative memory in working machines at the moment, so I can't take them apart to check the specs; it may be that the clock timings are different, I don't recall. I was right, however, about the memory being registered - I just had it the wrong way round. The OEM memory is ECC unbuffered. By changing a jumper on the motherboard it allows the use of ECC registered, which is easier to come by and hence cheaper - at least it was when I was looking last. This may explain the difference in speeds.
Re: SPARC minimum hardware specification
On Tue, Jul 21, 2015 at 6:06 PM, Christian Weisgerber na...@mips.inka.de wrote: Coincidently, we yesterday lugged two M3000s into the hackroom here at c2k15. When turned on, these make a hellish noise and you want them in an insulated server room far away. Christian, this is really first hand experience I needed to hear. It basically means that it's useless to purchase a lot of expensive M3k instead of more powerful, yet noisy and a lot heavier M4k. Thanks a lot for this! The Blade 150 is a desktop machine. It's not as quiet as a modern quiet PC, but it's par for the course for an average PC from fifteen years ago. (It is also slower than my Soekris net6501-50.) :-) good to know. I guess M3k is several times faster than blade 150. My bet is 5-7x. is that right? Thanks a lot for all your information provided! Karel
Re: SPARC minimum hardware specification
On Tue, Jul 21, 2015 at 11:18 PM, Erling Westenvik erling.westen...@gmail.com wrote: On Tue, Jul 21, 2015 at 04:09:58PM +0100, Raf Czlonka wrote: On Tue, Jul 21, 2015 at 09:14:30AM BST, Karel Gardas wrote: Following this: http://unixhq.com/websgt/sunblade150.pdf -- it's 5.5 bells (is that 55 dB?). Yes - it's a standard SI prefix[0]. However, 'bel'(B), *not* 'bell', is not used very often and 'decibel'(dB) is the actual unit. The wonders of metric logic: a decimeter is one-tenth of a meter, but a decibel is ten times a bel? decibel is also one-tenth of bell, isn't it? Anyway, by different metic logic I've been more thinking about all those measurements on bystander position versus common position etc. See http://www.spectra.com/wp-content/uploads/coolthreadst1000.pdf -- and search for noise. You will see: Declared Operating/Idling Acoustic Acoustic Noise 7.7B (LwAd,1B=10dB) 66dB (LpAm, bystander positions) -- this LwAd and LpAm is what I'm talking about here and what makes comparison of noise from Blade 100/150 and M3000 so difficult. Fortunately Christian give me this information from his first hand experience. Karel
Re: SPARC minimum hardware specification
On Tue, 21 Jul 2015 23:18:40 +0200 Erling Westenvik erling.westen...@gmail.com wrote: On Tue, Jul 21, 2015 at 04:09:58PM +0100, Raf Czlonka wrote: On Tue, Jul 21, 2015 at 09:14:30AM BST, Karel Gardas wrote: Following this: http://unixhq.com/websgt/sunblade150.pdf -- it's 5.5 bells (is that 55 dB?). Yes - it's a standard SI prefix[0]. However, 'bel'(B), *not* 'bell', is not used very often and 'decibel'(dB) is the actual unit. The wonders of metric logic: a decimeter is one-tenth of a meter, but a decibel is ten times a bel? Mindgames...? 1 dB == 0.1 Bel 1 dm == 0.1 m 1 Bel == 10 dB 1 m == 10 dm Erling [0] http://www.bipm.org/en/measurement-units/prefixes.html Raf Greetings Ben
Re: SPARC minimum hardware specification
On Tue, Jul 21, 2015 at 04:09:58PM +0100, Raf Czlonka wrote: On Tue, Jul 21, 2015 at 09:14:30AM BST, Karel Gardas wrote: Following this: http://unixhq.com/websgt/sunblade150.pdf -- it's 5.5 bells (is that 55 dB?). Yes - it's a standard SI prefix[0]. However, 'bel'(B), *not* 'bell', is not used very often and 'decibel'(dB) is the actual unit. The wonders of metric logic: a decimeter is one-tenth of a meter, but a decibel is ten times a bel? Erling [0] http://www.bipm.org/en/measurement-units/prefixes.html Raf
Re: sh(1), ksh(1) - lack of information about default sourcefile.
Hi, Black Rider wrote on Sun, Jun 14, 2015 at 02:48:17PM +: I have noticed that the ksh and sh manpages don't make reference to the file /.profile, which I understand to hold the default shell variables if the other source files listed on the manuals don't exist. Sorry for being late to the party, but as nobody clarified, better late than never. The .profile file in the root directory isn't used when other initialization *files* don't exist, but it is used in place of ~/.profile when the $HOME *directory* does not exist. That's an obscure corner case that i don't think needs to be documented. Besides, it's not even really specific to the shell. It more about login(1). If your home dir doesn't exist, you get HOME=/ - and that's about all there is to it. Yours, Ingo
Re: bug in rc.subr: kills more than it should (patch)
imagine you have N services named: service service1 service2 ... or a ab abc ... Now you want to stop 'service' and you run: 'rcctl stop service' all (not just one) of them are gone? rc.subr invokes pkill and does a startswith match but does not require a perfect/complete match. What do you think about this patch to require a perfect match when sending invoking pkill/pgrep? Won't work. Carefully read pgrep(1) again. I'm glad someone changed his opinion on this. :) http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/rc.d/rc.subr.diff?r1=1.98r2 =1.99 http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/tor/pkg/tor.rc?rev=1.4con tent-type=text/x-cvsweb-markup http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/tor/pkg/tor.rc?rev=1.4con tent-type=text/x-cvsweb-markup By default, require an exact match of the process name and argument list. This allows running several instances of the same rc.d(8) script by just linking it to different name. e.g. ln -s ftpproxy ftpproxy6 echo 'ftpproxy6_flags=-6' /etc/rc.conf.local This is likely to break some rc.d scripts in ports. I will try and fix them all in the next few days but I'd appreciate reports if I missed some. ...and yes, that was exactly my use case ;) I'm also linking tor's rc script multiple times + custom flags. https://github.com/nusenu/ansible-relayor/blob/master/tasks/configure.yml#L13 8 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
LibreSSL and easy-rsa
Hi Misc, I apologize if this was asked earlier. I am using easy-rsa to generate certificates for my new OpenVPN gateway. Could somebody confirm if easy-rsa is now using LibreSSL? Quick inspection of /usr/local/share/easy-rsa/vars reveales that export OPENSSL=openssl however # which openssl /usr/bin/openssl which together with man pages http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/openssl.1?query=opensslsec=1 indicate that easy-rsa should be using LibreSSL now. I have found this bug report https://forums.openvpn.net/topic17800.html on the easy-rsa mailing list. Apparently there is even OpenBSD community of OpenVPN users that I was not aware of http://www.openbsdsupport.org/openvpn-on-openbsd56.html Best, Predrag
Re: SPARC minimum hardware specification
2015-07-21 1:57 GMT+02:00 Joel Rees joel.r...@gmail.com: On Sat, Jul 18, 2015 at 5:45 AM, Christian Weisgerber na...@mips.inka.de wrote: On 2015-07-17, BSD b...@cpscoatings.net wrote: As a new user, I find myself in the same position as the OP: very interested in non-Intel products. But there seems to be a vacuum of information around this topic. You're 15 years too late. x86 has won. I know I'm persona non-grata on the list these days, and I doubt I'm going to make much sense in an argument, but it's the way Intel won that has some of use willing to take a small hit on performance or price. Besides, it's only a small hit on much of what I do. RAM and hard disk speed make up for quite a bit. I doubt anyone will argue about intel being cheaper and faster. But people might be interested in other thing. Power consumption come in my mind. That's one of the reason why most smartphone run on ARM and wikipedia claim the cell processor was used for making to most efficient server regarding floating operation per second versus power consumption. Another thing is to find bug. Each platform is different and some have already exposed bug which existed on x86 or amd64 but where harder to produce. Here is a metaphor. Intel produce hammer. Really nice hammer, work really well on nails, can also be used to stick a screw in wood. But sometimes, you aren't looking for a hammer. Cordialement, Coues Ludovic +336 148 743 42
Re: SPARC minimum hardware specification
On Mon, Jul 20, 2015 at 6:14 PM, Christian Weisgerber na...@mips.inka.de wrote: Let's cut through some of this crap. If you want a reasonably quiet sparc64 designed to be put on a desk, your fastest choices are a Sun Blade 100 or Sun Blade 150 (~20% faster) Following this: http://unixhq.com/websgt/sunblade150.pdf -- it's 5.5 bells (is that 55 dB?). M3000, on the other hand is 47 dB(A), reference here: https://www.fujitsu.com/global/Images/ds-sparcenterprise-m3000-ww-en.pdf Does that mean that lying on desk, Sun Blade 150 is more noisy than M3000? I'm asking someone who does have real practical experience with both boxes, since comparison of those noise values is nearly impossible since I'm afraid they both are measured using different metrics. Thanks! Karel
Re: relayd relay stability
Hi, I am having some trouble building relayd. I've got down to the make part where it fails as you can see below. Do you know what I'm doing wrong ? I downloaded the src.tar.gz file tar xzf ../src.tar.gz export CVSROOT=anon...@anoncvs.spacehopper.org:/cvs cvs up -AC cvs server: Updating . P agentx.c P ca.c P config.c P control.c P http.h P parse.y P pfe.c P relay.c P relay_http.c P relayd.c P relayd.conf.5 P relayd.h P ssl.c # make obj /usr/src/usr.sbin/relayd/obj - /usr/obj/usr.sbin/relayd # make make: don't know how to make /usr/lib/crt0.o (prerequisite of: relayd) Stop in /usr/src/usr.sbin/relayd Thanks Keith. On Tue, Jul 21, 2015 at 5:08 AM, Sebastian Benoit benoit-li...@fb12.de wrote: Hi, here is how to update relayd to current: (your user account has to be in group wsrc) $ cd /usr $ cvs -qd anon...@anoncvs.ca.openbsd.org:/cvs get -rOPENBSD_5_7 -P src $ cd src/usr.sbin/relayd $ cvs up -AC $ make obj $ make $ sudo cp /usr/sbin/relayd /usr/sbin/relayd.orig $ sudo make install restart relayd and see if its better. /Benno Keith(ke...@scott-land.net) on 2015.07.20 23:55:43 +0100: Hi, Since upgrading one of our OpenBSD firewalls on Monday last week we have been having serious stability issues with relayd as its been randomly exiting after only a few hours of being started. We were in the same situation a few years ago when we did a previous upgrade of OBSD and at that time I think we reverted some of the servers to a previous build of OBSD, I think we also committed out some parts of our relayd.conf file until things became stable and we left it like that till we upgraded last week. I've got a feeling that the crashes are related to the only relay that we have called http_forwarder and to the protocol we've called http where we add the X-Forwarded header. Previous to the recent upgrade the match header append X-Forwarded-For... line had been commented out and I am assuming that that was the reason that it had been stable. After the first or second crash last week I think we removed the http protocol from our relayd.conf and that made things stable again but we need to get the X-Forwarded-For header working so I re enabled it again today along with some minor other edits but relayd has died again... After searching around I found this but am not sure if it's related to our issue http://permalink.gmane.org/gmane.os.openbsd.misc/220963 If anyone can help it would be appreciated as I am unsure how or what to do next. Thanks, Keith I left relayd running in the foreground with verbose enabled and below are the last few log lines. relay http_forwarder, session 8734 (440 active), 0, XX.XX.XX.174 - :0, no method (406 Not Acceptable), POST ca exiting, pid 26811 ca exiting, pid 17254 pfe exiting, pid 26999 ca exiting, pid 29382 ca exiting, pid 7976 ca exiting, pid 24659 hce exiting, pid 16102 relay exiting, pid 9783 relay exiting, pid 19514 relay exiting, pid 12042 relay exiting, pid 13716 parent terminating, pid 29733 Our relayd.conf file Interval 60 timeout 8000 prefork 5 log updates table web_hosts{ 192.168.XX.aa, 192.168.XX.bb } http protocol http { match header append X-Forwarded-For value $REMOTE_ADDR return error } redirect http_Main { listen on 192.168.xx.2 port 80 interface vlanXX listen on 192.168.xx.3 port 80 interface vlanXX match pftag http_Main forward to web_hosts port 82 check http / code 200 } redirect https_Main { listen on 192.168.xx.2 port 443 interface vlanXX match pftag https_Main forward to web_hosts port 443 check tcp } redirect https_Other { listen on 192.168.xx.3 port 443 interface vlanXX match pftag https_NN_Only forward to web_hosts port 445 check tcp } relay http_forwarder { listen on 127.0.0.1 port 8080 protocol http forward to web_hosts port 82 mode loadbalance check http / code 200 } relay SSL_Generic { listen on 127.0.0.1 port 9441 forward to web_hosts port 443 mode loadbalance check tcp } relay SSL_Other { listen on 127.0.0.1 port 9444 forward to web_hosts port 445 mode loadbalance check tcp } --
CD0B-F192-76F3 : REMINDER from misc
accept CD0B-F192-76F3
Octeon - EdgeRouter Lite panic during rm -rf /usr/ports
First, thanks very much to those involved in bringing OpenBSD to the Ubiquiti EdgeRouter Lite. I finally got my system setup the other day, and I'm really looking forward to using it more. I tried to untar ports.tar.gz last night, but doing so around the same time as the first security script check ran into trouble (perl process ran for ~3hrs of CPU time overnight) and the untar never completed. This morning, I killed perl and tried to rm -rf the ports tree so I could start clean, but the kernel panic'd. I rebooted, tried again and got a second panic. Dmesg, trace ps (both) below. Thanks, Seth # dmesg Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2015 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 5.8-beta (GENERIC) #2: Sat Jul 11 21:34:50 CEST 2015 r...@erl-2.jasper.la:/usr/src/sys/arch/octeon/compile/GENERIC real mem = 515932160 (492MB) avail mem = 511524864 (487MB) warning: no entropy supplied by boot loader mainbus0 at root cpu0 at mainbus0: Cavium OCTEON CPU rev 0.1 500 MHz, Software FP emulation cpu0: cache L1-I 32KB 4 way D 8KB 64 way, L2 128KB 8 way clock0 at mainbus0: int 5 iobus0 at mainbus0 octcf at iobus0 base 0x1d000800 irq 0 not configured pcibus at iobus0 irq 0 not configured cn30xxgmx0 at iobus0 base 0x118000800 irq 48 cnmac0 at cn30xxgmx0: RGMII, address dc:9f:db:28:37:0e atphy0 at cnmac0 phy 7: F1 10/100/1000 PHY, rev. 2 cnmac1 at cn30xxgmx0: RGMII, address dc:9f:db:28:37:0f atphy1 at cnmac1 phy 6: F1 10/100/1000 PHY, rev. 2 cnmac2 at cn30xxgmx0: RGMII, address dc:9f:db:28:37:10 atphy2 at cnmac2 phy 5: F1 10/100/1000 PHY, rev. 2 octrng0 at iobus0 base 0x14000 irq 0 octhci at iobus0 irq 56 not configured dwctwo0 at iobus0 base 0x118006800 irq 56 usb0 at dwctwo0: USB revision 2.0 uhub0 at usb0 DWC2 root hub rev 2.00/1.00 addr 1 uartbus0 at mainbus0 com0 at uartbus0 base 0x118000800 irq 34: ns16550, no working fifo com0: console com1 at uartbus0 base 0x118000c00 irq 35: ns16550, no working fifo /dev/ksyms: Symbol table not valid. umass0 at uhub0 port 1 configuration 1 interface 0 Lexar Echo rev 2.00/11.00 addr 2 umass0: using SCSI over Bulk-Only scsibus0 at umass0: 2 targets, initiator 0 sd0 at scsibus0 targ 1 lun 0: Lexar, Echo, 1100 SCSI0 0/direct removable serial.05dca01aY63VXR9F6JRF sd0: 15296MB, 512 bytes/sector, 31326208 sectors vscsi0 at root scsibus1 at vscsi0: 256 targets softraid0 at root scsibus2 at softraid0: 256 targets boot device: sd0 root on sd0a (0b4a9b1afd0999c1.a) swap on sd0b dump on sd0b WARNING: / was not properly unmounted WARNING: No TOD clock, believing file system. WARNING: CHECK AND RESET THE DATE! cnmac0: a reception error occured, the packet was dropped (error code = 13) crash panic: pool_do_get: dwc2qtd free list modified: page 0x98000f1f4000; item addr 0x98000f1f4018; offset 0x0=0xafbead Stopped at 0x812722f4: jr ra 0x812722f8: nop RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! ddb trace 0x812722f0 (16429069f5df9c6e,900107000200,200,0) ra 0x810b 2f70 sp 0x9800095b77a0, sz 0 0x810b2e24 (16429069f5df9c6e,900107000200,200,0) ra 0x0 sp 0x98000 95b77a0, sz 0 User-level: pid 30882 ddb ps PID PPID PGRPUID S FLAGS WAIT COMMAND 29187 8338 8338 0 20x32 login_passwd 30578 8338 8338 27 30xc00490 netio sshd 8338 25189 8338 0 30x82 netio sshd *30882 7 30882 0 7 0x3rm 7 1 7 0 30x8b pause ksh 14755 1 14755 0 30x80 poll cron 16891 1 16891 99 30x90 poll sndiod 12621 2136 2136 95 30x90 kqreadsmtpd 4356 2136 2136 95 30x90 kqreadsmtpd 11248 2136 2136 95 30x90 kqreadsmtpd 12767 2136 2136 95 30x90 kqreadsmtpd 16863 2136 2136 95 30x90 kqreadsmtpd 25205 2136 2136103 30x90 kqreadsmtpd 2136 1 2136 0 30x80 kqreadsmtpd 191 1191 77 30x90 poll dhcpd 25189 1 25189 0 30x80 selectsshd 12495 1664 11586 83 30x90 poll ntpd 1664 11586 11586 83 30x90 poll ntpd 11586 1 11586 0 30x80 poll ntpd 9057 22320 22320 74 30x90 bpf pflogd 22320 1 22320 0 30x80 netio pflogd 18268 20821 20821 73 30x90 kqreadsyslogd 20821 1 20821 0 30x80 netio syslogd 12384 0 0 0 2 0x14200