Re: Can I use OpenBSD in a virtual machine, for example, VirtualBox?

2017-06-26 Thread Branden Harper
I did not run into any issues running a server on KVM either.

On Jun 26, 2017 8:29 PM, "Ax0n"  wrote:

> You'll find little official support on the lists for problems you have due
> to the hypervisor, but I've found that OpenBSD works great in VirtualBox.
> You can't get VirtualBox Guest Additions working, but judging from the
> popularity of this post I wrote almost 8 years ago, and the comments on it,
> this trick still works for many people to get an OpenBSD VM into
> full-screen mode.
>
> http://www.h-i-r.net/2009/11/virtualbox-full-screen-resolution-for.html
>
> Don't expect acceleration, guest/host clipboard interacrion or anything
> else fancy from Guest Additions, but the basics for a daily-use OpenBSD
> desktop, such as Lumina or XFCE, various terminals, web browsers and the
> like work fine in VBox.
>
> On Mon, Jun 26, 2017 at 5:16 PM, Josh Stephens  wrote:
>
> > > On Mon, 26 Jun 2017, SOUL_OF_ROOT 55 wrote:
> > >
> > > > Can I use OpenBSD in a virtual machine, for example, VirtualBox?
> > > >
> > > Yep, .. have had them for many years, VirtualBox & Xen.
> > >
> > > Lee
> > >
> > >
> > I could be wrong when I say this but the only gotcha that you will run
> into
> > with virtual box will be the guest additions. I don’t think they are
> > supported
> > on OpenBSD?
> >
> >
>


Re: Can I use OpenBSD in a virtual machine, for example, VirtualBox?

2017-06-26 Thread Ax0n
You'll find little official support on the lists for problems you have due
to the hypervisor, but I've found that OpenBSD works great in VirtualBox.
You can't get VirtualBox Guest Additions working, but judging from the
popularity of this post I wrote almost 8 years ago, and the comments on it,
this trick still works for many people to get an OpenBSD VM into
full-screen mode.

http://www.h-i-r.net/2009/11/virtualbox-full-screen-resolution-for.html

Don't expect acceleration, guest/host clipboard interacrion or anything
else fancy from Guest Additions, but the basics for a daily-use OpenBSD
desktop, such as Lumina or XFCE, various terminals, web browsers and the
like work fine in VBox.

On Mon, Jun 26, 2017 at 5:16 PM, Josh Stephens  wrote:

> > On Mon, 26 Jun 2017, SOUL_OF_ROOT 55 wrote:
> >
> > > Can I use OpenBSD in a virtual machine, for example, VirtualBox?
> > >
> > Yep, .. have had them for many years, VirtualBox & Xen.
> >
> > Lee
> >
> >
> I could be wrong when I say this but the only gotcha that you will run into
> with virtual box will be the guest additions. I don’t think they are
> supported
> on OpenBSD?
>
>


Re: Can I use OpenBSD in a virtual machine, for example, VirtualBox?

2017-06-26 Thread Josh Stephens
> On Mon, 26 Jun 2017, SOUL_OF_ROOT 55 wrote:
>
> > Can I use OpenBSD in a virtual machine, for example, VirtualBox?
> >
> Yep, .. have had them for many years, VirtualBox & Xen.
>
> Lee
>
>
I could be wrong when I say this but the only gotcha that you will run into
with virtual box will be the guest additions. I don’t think they are supported
on OpenBSD?



Re: Can I use OpenBSD in a virtual machine, for example, VirtualBox?

2017-06-26 Thread L. V. Lammert
On Mon, 26 Jun 2017, SOUL_OF_ROOT 55 wrote:

> Can I use OpenBSD in a virtual machine, for example, VirtualBox?
>
Yep, .. have had them for many years, VirtualBox & Xen.

Lee



Re: Can I use OpenBSD in a virtual machine, for example, VirtualBox?

2017-06-26 Thread Eric Furman
Your favorite Internet search engine is your friend.

On Mon, Jun 26, 2017, at 05:18 PM, SOUL_OF_ROOT 55 wrote:
> Can I use OpenBSD in a virtual machine, for example, VirtualBox?



Re: Can I use OpenBSD in a virtual machine, for example, VirtualBox?

2017-06-26 Thread Thuban
* SOUL_OF_ROOT 55  le [26-06-2017 18:18:41 -0300]:
> Can I use OpenBSD in a virtual machine, for example, VirtualBox?

yes


signature.asc
Description: PGP signature


Can I use OpenBSD in a virtual machine, for example, VirtualBox?

2017-06-26 Thread SOUL_OF_ROOT 55
Can I use OpenBSD in a virtual machine, for example, VirtualBox?


Re: PF packets being blocked...why?

2017-06-26 Thread Steve Williams

Hi,

Yes, I have (what appears to be) 100% functionality of the 
forwarding/nat/etc.


That wouldn't work if forwarding wasn't enabled.

# cat /etc/sysctl.conf
net.inet.ip.forwarding=1

And I have rebooted multiple times.

Thanks,
Steve W.


On 26/06/2017 12:30 PM, Timo Myyrä wrote:

Hmm, have you enabled net.inet.ip.forwarding?

Timo

Steve Williams  writes:


Hi,

Packets from vether are going out NAT'd no problem.  I have 100%
Internet access on 192.168.123.0/24.

 From my understanding, the "pass out quick inet all flags S/SA" allow
packets out and should create state for the connection for any ipv4
packets on any interface.

Subsequent packets (these seem to have the "P"ush flag set) should
match the state and not get blocked.

Hum... perhaps the states are expiring too fast?

How do I find out if the state existed at the time that the packet was
blocked?

Thanks,
Steve W.


On 26/06/2017 12:09 PM, Ville Valkonen wrote:

Hello,

a quick glance and it seems you aren't allowing vether traffic to pass.

--
Regards,
Ville

On Jun 26, 2017 8:19 PM, "Steve Williams"
> wrote:

 Hi,

 New install of OpenBSD 6.1 on apu2.  Love the little box.

 I have em0 as the connection to the Internet and I bridged em1 and
 em2 together on 192.168.123.0.

 I've been using OpenBSD since the 2.7 days, but have never run NAT
 so this is my first foray into that world.  I have followed the
 FAQ on "building a router" almost vebatim. It's working fine, but
 I am seeing some packets blocked with no effect on browsing behind
 the OpenBSD box.

 My ruleset:

 # pfctl -sr
 match in all scrub (no-df random-id)
 match out on egress inet from ! (egress:network) to any nat-to
 (egress:0) round-robin
 block drop log quick from  to any
 block drop log quick from  to any
 block drop log all
 pass out quick inet all flags S/SA
 pass in on vether0 inet all flags S/SA
 pass in on em1 inet all flags S/SA
 pass in on em2 inet all flags S/SA
 pass in on egress inet proto tcp from any to (egress) port = 22
 flags S/SA
 pass in on egress inet proto tcp from any to (egress) port = 993
 flags S/SA
 pass in on egress inet proto tcp from any to (egress) port = 80
 flags S/SA
 pass in on egress inet proto tcp from any to (egress) port = 443
 flags S/SA

 # tcpdump -n -e -ttt -i pflog0# from man pflog man page
 Jun 26 09:45:54.241145 rule 4/(match) block in on vether0:
 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
 1805 (DF)
 Jun 26 09:45:54.701283 rule 4/(match) block in on vether0:
 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
 1805 (DF)
 Jun 26 09:45:55.623757 rule 4/(match) block in on vether0:
 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
 1805 (DF)
 Jun 26 09:45:57.460985 rule 4/(match) block in on vether0:
 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
 1805 (DF)
 Jun 26 09:46:01.150933 rule 4/(match) block in on vether0:
 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
 1805 (DF)
 Jun 26 09:46:08.522599  rule 4/(match) block in on
 vether0: 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375)
 ack 1 win 1805 (DF)
 Jun 26 09:46:47.479083 rule 4/(match) block in on vether0:
 192.168.123.2.46549 > 172.217.3.206.443: P
 4042174712:4042174735(23) ack 2564095917 win 1593 (DF)
 Jun 26 09:46:47.896295 rule 4/(match) block in on vether0:
 192.168.123.2.53452 > 23.23.126.54.443: P
 4003838125:4003838156(31) ack 2044539346 win 65535 (DF)
 Jun 26 09:46:47.896662 rule 4/(match) block in on vether0:
 192.168.123.2.53452 > 23.23.126.54.443: R 31:31(0) ack 1 win 65535
 (DF)
 Jun 26 09:46:47.896674 rule 4/(match) block in on vether0:
 192.168.123.2.59762 > 216.58.216.163.443: P
 113176577:113176608(31) ack 2619790719 win 1403 (DF)
 Jun 26 09:46:47.896685 rule 4/(match) block in on vether0:
 192.168.123.2.59762 > 216.58.216.163.443: F 31:31(0) ack 1 win
 1403 (DF)
 Jun 26 09:46:47.896711 rule 4/(match) block in on vether0:
 192.168.123.2.39279 > 31.13.77.6.443: P 4254697166:4254697197(31)
 ack 2615144509 win 1545 (DF)
 Jun 26 09:46:47.896735 rule 4/(match) block in on vether0:
 192.168.123.2.39279 > 31.13.77.6.443: R 31:31(0) ack 1 win 1545 (DF)

 # pfctl -R 4 -sr
 block drop log all

 It is not all https traffice that is being blocked as I can hit my
 banking site, etc.  Does anyone have an idea why are these packets
 being blocked?

 Thanks,
 Steve Williams







Re: PF packets being blocked...why?

2017-06-26 Thread Timo Myyrä
Hmm, have you enabled net.inet.ip.forwarding?

Timo

Steve Williams  writes:

> Hi,
>
> Packets from vether are going out NAT'd no problem.  I have 100%
> Internet access on 192.168.123.0/24.
>
> From my understanding, the "pass out quick inet all flags S/SA" allow
> packets out and should create state for the connection for any ipv4
> packets on any interface.
>
> Subsequent packets (these seem to have the "P"ush flag set) should
> match the state and not get blocked.
>
> Hum... perhaps the states are expiring too fast?
>
> How do I find out if the state existed at the time that the packet was
> blocked?
>
> Thanks,
> Steve W.
>
>
> On 26/06/2017 12:09 PM, Ville Valkonen wrote:
>> Hello,
>>
>> a quick glance and it seems you aren't allowing vether traffic to pass.
>>
>> --
>> Regards,
>> Ville
>>
>> On Jun 26, 2017 8:19 PM, "Steve Williams"
>> > > wrote:
>>
>> Hi,
>>
>> New install of OpenBSD 6.1 on apu2.  Love the little box.
>>
>> I have em0 as the connection to the Internet and I bridged em1 and
>> em2 together on 192.168.123.0.
>>
>> I've been using OpenBSD since the 2.7 days, but have never run NAT
>> so this is my first foray into that world.  I have followed the
>> FAQ on "building a router" almost vebatim. It's working fine, but
>> I am seeing some packets blocked with no effect on browsing behind
>> the OpenBSD box.
>>
>> My ruleset:
>>
>> # pfctl -sr
>> match in all scrub (no-df random-id)
>> match out on egress inet from ! (egress:network) to any nat-to
>> (egress:0) round-robin
>> block drop log quick from  to any
>> block drop log quick from  to any
>> block drop log all
>> pass out quick inet all flags S/SA
>> pass in on vether0 inet all flags S/SA
>> pass in on em1 inet all flags S/SA
>> pass in on em2 inet all flags S/SA
>> pass in on egress inet proto tcp from any to (egress) port = 22
>> flags S/SA
>> pass in on egress inet proto tcp from any to (egress) port = 993
>> flags S/SA
>> pass in on egress inet proto tcp from any to (egress) port = 80
>> flags S/SA
>> pass in on egress inet proto tcp from any to (egress) port = 443
>> flags S/SA
>>
>> # tcpdump -n -e -ttt -i pflog0# from man pflog man page
>> Jun 26 09:45:54.241145 rule 4/(match) block in on vether0:
>> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
>> 1805 (DF)
>> Jun 26 09:45:54.701283 rule 4/(match) block in on vether0:
>> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
>> 1805 (DF)
>> Jun 26 09:45:55.623757 rule 4/(match) block in on vether0:
>> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
>> 1805 (DF)
>> Jun 26 09:45:57.460985 rule 4/(match) block in on vether0:
>> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
>> 1805 (DF)
>> Jun 26 09:46:01.150933 rule 4/(match) block in on vether0:
>> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
>> 1805 (DF)
>> Jun 26 09:46:08.522599  rule 4/(match) block in on
>> vether0: 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375)
>> ack 1 win 1805 (DF)
>> Jun 26 09:46:47.479083 rule 4/(match) block in on vether0:
>> 192.168.123.2.46549 > 172.217.3.206.443: P
>> 4042174712:4042174735(23) ack 2564095917 win 1593 (DF)
>> Jun 26 09:46:47.896295 rule 4/(match) block in on vether0:
>> 192.168.123.2.53452 > 23.23.126.54.443: P
>> 4003838125:4003838156(31) ack 2044539346 win 65535 (DF)
>> Jun 26 09:46:47.896662 rule 4/(match) block in on vether0:
>> 192.168.123.2.53452 > 23.23.126.54.443: R 31:31(0) ack 1 win 65535
>> (DF)
>> Jun 26 09:46:47.896674 rule 4/(match) block in on vether0:
>> 192.168.123.2.59762 > 216.58.216.163.443: P
>> 113176577:113176608(31) ack 2619790719 win 1403 (DF)
>> Jun 26 09:46:47.896685 rule 4/(match) block in on vether0:
>> 192.168.123.2.59762 > 216.58.216.163.443: F 31:31(0) ack 1 win
>> 1403 (DF)
>> Jun 26 09:46:47.896711 rule 4/(match) block in on vether0:
>> 192.168.123.2.39279 > 31.13.77.6.443: P 4254697166:4254697197(31)
>> ack 2615144509 win 1545 (DF)
>> Jun 26 09:46:47.896735 rule 4/(match) block in on vether0:
>> 192.168.123.2.39279 > 31.13.77.6.443: R 31:31(0) ack 1 win 1545 (DF)
>>
>> # pfctl -R 4 -sr
>> block drop log all
>>
>> It is not all https traffice that is being blocked as I can hit my
>> banking site, etc.  Does anyone have an idea why are these packets
>> being blocked?
>>
>> Thanks,
>> Steve Williams
>>
>>
>>



Re: PF packets being blocked...why?

2017-06-26 Thread Ville Valkonen
Hi,

yes, scratch my original message. Shouldn't reply while on the move.

--
Ville


On Jun 26, 2017 9:14 PM, "Steve Williams" 
wrote:

Hi,

Packets from vether are going out NAT'd no problem.  I have 100% Internet
access on 192.168.123.0/24.

>From my understanding, the "pass out quick inet all flags S/SA" allow
packets out and should create state for the connection for any ipv4 packets
on any interface.

Subsequent packets (these seem to have the "P"ush flag set) should match
the state and not get blocked.

Hum... perhaps the states are expiring too fast?

How do I find out if the state existed at the time that the packet was
blocked?

Thanks,
Steve W.



On 26/06/2017 12:09 PM, Ville Valkonen wrote:

Hello,

a quick glance and it seems you aren't allowing vether traffic to pass.

--
Regards,
Ville

On Jun 26, 2017 8:19 PM, "Steve Williams" 
wrote:

> Hi,
>
> New install of OpenBSD 6.1 on apu2.  Love the little box.
>
> I have em0 as the connection to the Internet and I bridged em1 and em2
> together on 192.168.123.0.
>
> I've been using OpenBSD since the 2.7 days, but have never run NAT so this
> is my first foray into that world.  I have followed the FAQ on "building a
> router" almost vebatim.  It's working fine, but I am seeing some packets
> blocked with no effect on browsing behind the OpenBSD box.
>
> My ruleset:
>
> # pfctl -sr
> match in all scrub (no-df random-id)
> match out on egress inet from ! (egress:network) to any nat-to (egress:0)
> round-robin
> block drop log quick from  to any
> block drop log quick from  to any
> block drop log all
> pass out quick inet all flags S/SA
> pass in on vether0 inet all flags S/SA
> pass in on em1 inet all flags S/SA
> pass in on em2 inet all flags S/SA
> pass in on egress inet proto tcp from any to (egress) port = 22 flags S/SA
> pass in on egress inet proto tcp from any to (egress) port = 993 flags S/SA
> pass in on egress inet proto tcp from any to (egress) port = 80 flags S/SA
> pass in on egress inet proto tcp from any to (egress) port = 443 flags S/SA
>
> # tcpdump -n -e -ttt -i pflog0# from man pflog man page
> Jun 26 09:45:54.241145 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:45:54.701283 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:45:55.623757 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:45:57.460985 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:46:01.150933 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:46:08.522599 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:46:47.479083 rule 4/(match) block in on vether0:
> 192.168.123.2.46549 > 172.217.3.206.443: P 4042174712:4042174735(23) ack
> 2564095917 win 1593 (DF)
> Jun 26 09:46:47.896295 rule 4/(match) block in on vether0:
> 192.168.123.2.53452 > 23.23.126.54.443: P 4003838125:4003838156(31) ack
> 2044539346 win 65535 (DF)
> Jun 26 09:46:47.896662 rule 4/(match) block in on vether0:
> 192.168.123.2.53452 > 23.23.126.54.443: R 31:31(0) ack 1 win 65535 (DF)
> Jun 26 09:46:47.896674 rule 4/(match) block in on vether0:
> 192.168.123.2.59762 > 216.58.216.163.443: P 113176577:113176608(31) ack
> 2619790719 win 1403 (DF)
> Jun 26 09:46:47.896685 rule 4/(match) block in on vether0:
> 192.168.123.2.59762 > 216.58.216.163.443: F 31:31(0) ack 1 win 1403 (DF)
> Jun 26 09:46:47.896711 rule 4/(match) block in on vether0:
> 192.168.123.2.39279 > 31.13.77.6.443: P 4254697166:4254697197(31) ack
> 2615144509 win 1545 (DF)
> Jun 26 09:46:47.896735 rule 4/(match) block in on vether0:
> 192.168.123.2.39279 > 31.13.77.6.443: R 31:31(0) ack 1 win 1545 (DF)
>
> # pfctl -R 4 -sr
> block drop log all
>
> It is not all https traffice that is being blocked as I can hit my banking
> site, etc.  Does anyone have an idea why are these packets being blocked?
>
> Thanks,
> Steve Williams
>
>
>
>


Re: PF packets being blocked...why?

2017-06-26 Thread Steve Williams

Hi,

Packets from vether are going out NAT'd no problem.  I have 100% 
Internet access on 192.168.123.0/24.


From my understanding, the "pass out quick inet all flags S/SA" allow 
packets out and should create state for the connection for any ipv4 
packets on any interface.


Subsequent packets (these seem to have the "P"ush flag set) should match 
the state and not get blocked.


Hum... perhaps the states are expiring too fast?

How do I find out if the state existed at the time that the packet was 
blocked?


Thanks,
Steve W.


On 26/06/2017 12:09 PM, Ville Valkonen wrote:

Hello,

a quick glance and it seems you aren't allowing vether traffic to pass.

--
Regards,
Ville

On Jun 26, 2017 8:19 PM, "Steve Williams" 
> wrote:


Hi,

New install of OpenBSD 6.1 on apu2.  Love the little box.

I have em0 as the connection to the Internet and I bridged em1 and
em2 together on 192.168.123.0.

I've been using OpenBSD since the 2.7 days, but have never run NAT
so this is my first foray into that world.  I have followed the
FAQ on "building a router" almost vebatim. It's working fine, but
I am seeing some packets blocked with no effect on browsing behind
the OpenBSD box.

My ruleset:

# pfctl -sr
match in all scrub (no-df random-id)
match out on egress inet from ! (egress:network) to any nat-to
(egress:0) round-robin
block drop log quick from  to any
block drop log quick from  to any
block drop log all
pass out quick inet all flags S/SA
pass in on vether0 inet all flags S/SA
pass in on em1 inet all flags S/SA
pass in on em2 inet all flags S/SA
pass in on egress inet proto tcp from any to (egress) port = 22
flags S/SA
pass in on egress inet proto tcp from any to (egress) port = 993
flags S/SA
pass in on egress inet proto tcp from any to (egress) port = 80
flags S/SA
pass in on egress inet proto tcp from any to (egress) port = 443
flags S/SA

# tcpdump -n -e -ttt -i pflog0# from man pflog man page
Jun 26 09:45:54.241145 rule 4/(match) block in on vether0:
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
1805 (DF)
Jun 26 09:45:54.701283 rule 4/(match) block in on vether0:
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
1805 (DF)
Jun 26 09:45:55.623757 rule 4/(match) block in on vether0:
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
1805 (DF)
Jun 26 09:45:57.460985 rule 4/(match) block in on vether0:
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
1805 (DF)
Jun 26 09:46:01.150933 rule 4/(match) block in on vether0:
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win
1805 (DF)
Jun 26 09:46:08.522599  rule 4/(match) block in on
vether0: 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375)
ack 1 win 1805 (DF)
Jun 26 09:46:47.479083 rule 4/(match) block in on vether0:
192.168.123.2.46549 > 172.217.3.206.443: P
4042174712:4042174735(23) ack 2564095917 win 1593 (DF)
Jun 26 09:46:47.896295 rule 4/(match) block in on vether0:
192.168.123.2.53452 > 23.23.126.54.443: P
4003838125:4003838156(31) ack 2044539346 win 65535 (DF)
Jun 26 09:46:47.896662 rule 4/(match) block in on vether0:
192.168.123.2.53452 > 23.23.126.54.443: R 31:31(0) ack 1 win 65535
(DF)
Jun 26 09:46:47.896674 rule 4/(match) block in on vether0:
192.168.123.2.59762 > 216.58.216.163.443: P
113176577:113176608(31) ack 2619790719 win 1403 (DF)
Jun 26 09:46:47.896685 rule 4/(match) block in on vether0:
192.168.123.2.59762 > 216.58.216.163.443: F 31:31(0) ack 1 win
1403 (DF)
Jun 26 09:46:47.896711 rule 4/(match) block in on vether0:
192.168.123.2.39279 > 31.13.77.6.443: P 4254697166:4254697197(31)
ack 2615144509 win 1545 (DF)
Jun 26 09:46:47.896735 rule 4/(match) block in on vether0:
192.168.123.2.39279 > 31.13.77.6.443: R 31:31(0) ack 1 win 1545 (DF)

# pfctl -R 4 -sr
block drop log all

It is not all https traffice that is being blocked as I can hit my
banking site, etc.  Does anyone have an idea why are these packets
being blocked?

Thanks,
Steve Williams







Re: PF packets being blocked...why?

2017-06-26 Thread Ville Valkonen
Hello,

a quick glance and it seems you aren't allowing vether traffic to pass.

--
Regards,
Ville

On Jun 26, 2017 8:19 PM, "Steve Williams" 
wrote:

> Hi,
>
> New install of OpenBSD 6.1 on apu2.  Love the little box.
>
> I have em0 as the connection to the Internet and I bridged em1 and em2
> together on 192.168.123.0.
>
> I've been using OpenBSD since the 2.7 days, but have never run NAT so this
> is my first foray into that world.  I have followed the FAQ on "building a
> router" almost vebatim.  It's working fine, but I am seeing some packets
> blocked with no effect on browsing behind the OpenBSD box.
>
> My ruleset:
>
> # pfctl -sr
> match in all scrub (no-df random-id)
> match out on egress inet from ! (egress:network) to any nat-to (egress:0)
> round-robin
> block drop log quick from  to any
> block drop log quick from  to any
> block drop log all
> pass out quick inet all flags S/SA
> pass in on vether0 inet all flags S/SA
> pass in on em1 inet all flags S/SA
> pass in on em2 inet all flags S/SA
> pass in on egress inet proto tcp from any to (egress) port = 22 flags S/SA
> pass in on egress inet proto tcp from any to (egress) port = 993 flags S/SA
> pass in on egress inet proto tcp from any to (egress) port = 80 flags S/SA
> pass in on egress inet proto tcp from any to (egress) port = 443 flags S/SA
>
> # tcpdump -n -e -ttt -i pflog0# from man pflog man page
> Jun 26 09:45:54.241145 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:45:54.701283 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:45:55.623757 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:45:57.460985 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:46:01.150933 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:46:08.522599 rule 4/(match) block in on vether0:
> 192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
> Jun 26 09:46:47.479083 rule 4/(match) block in on vether0:
> 192.168.123.2.46549 > 172.217.3.206.443: P 4042174712:4042174735(23) ack
> 2564095917 win 1593 (DF)
> Jun 26 09:46:47.896295 rule 4/(match) block in on vether0:
> 192.168.123.2.53452 > 23.23.126.54.443: P 4003838125:4003838156(31) ack
> 2044539346 win 65535 (DF)
> Jun 26 09:46:47.896662 rule 4/(match) block in on vether0:
> 192.168.123.2.53452 > 23.23.126.54.443: R 31:31(0) ack 1 win 65535 (DF)
> Jun 26 09:46:47.896674 rule 4/(match) block in on vether0:
> 192.168.123.2.59762 > 216.58.216.163.443: P 113176577:113176608(31) ack
> 2619790719 win 1403 (DF)
> Jun 26 09:46:47.896685 rule 4/(match) block in on vether0:
> 192.168.123.2.59762 > 216.58.216.163.443: F 31:31(0) ack 1 win 1403 (DF)
> Jun 26 09:46:47.896711 rule 4/(match) block in on vether0:
> 192.168.123.2.39279 > 31.13.77.6.443: P 4254697166:4254697197(31) ack
> 2615144509 win 1545 (DF)
> Jun 26 09:46:47.896735 rule 4/(match) block in on vether0:
> 192.168.123.2.39279 > 31.13.77.6.443: R 31:31(0) ack 1 win 1545 (DF)
>
> # pfctl -R 4 -sr
> block drop log all
>
> It is not all https traffice that is being blocked as I can hit my banking
> site, etc.  Does anyone have an idea why are these packets being blocked?
>
> Thanks,
> Steve Williams
>
>
>
>


PF packets being blocked...why?

2017-06-26 Thread Steve Williams

Hi,

New install of OpenBSD 6.1 on apu2.  Love the little box.

I have em0 as the connection to the Internet and I bridged em1 and em2 
together on 192.168.123.0.


I've been using OpenBSD since the 2.7 days, but have never run NAT so 
this is my first foray into that world.  I have followed the FAQ on 
"building a router" almost vebatim.  It's working fine, but I am seeing 
some packets blocked with no effect on browsing behind the OpenBSD box.


My ruleset:

# pfctl -sr
match in all scrub (no-df random-id)
match out on egress inet from ! (egress:network) to any nat-to 
(egress:0) round-robin

block drop log quick from  to any
block drop log quick from  to any
block drop log all
pass out quick inet all flags S/SA
pass in on vether0 inet all flags S/SA
pass in on em1 inet all flags S/SA
pass in on em2 inet all flags S/SA
pass in on egress inet proto tcp from any to (egress) port = 22 flags S/SA
pass in on egress inet proto tcp from any to (egress) port = 993 flags S/SA
pass in on egress inet proto tcp from any to (egress) port = 80 flags S/SA
pass in on egress inet proto tcp from any to (egress) port = 443 flags S/SA

# tcpdump -n -e -ttt -i pflog0# from man pflog man page
Jun 26 09:45:54.241145 rule 4/(match) block in on vether0: 
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
Jun 26 09:45:54.701283 rule 4/(match) block in on vether0: 
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
Jun 26 09:45:55.623757 rule 4/(match) block in on vether0: 
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
Jun 26 09:45:57.460985 rule 4/(match) block in on vether0: 
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
Jun 26 09:46:01.150933 rule 4/(match) block in on vether0: 
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
Jun 26 09:46:08.522599 rule 4/(match) block in on vether0: 
192.168.123.2.38022 > 216.58.216.165.443: P 0:1375(1375) ack 1 win 1805 (DF)
Jun 26 09:46:47.479083 rule 4/(match) block in on vether0: 
192.168.123.2.46549 > 172.217.3.206.443: P 4042174712:4042174735(23) ack 
2564095917 win 1593 (DF)
Jun 26 09:46:47.896295 rule 4/(match) block in on vether0: 
192.168.123.2.53452 > 23.23.126.54.443: P 4003838125:4003838156(31) ack 
2044539346 win 65535 (DF)
Jun 26 09:46:47.896662 rule 4/(match) block in on vether0: 
192.168.123.2.53452 > 23.23.126.54.443: R 31:31(0) ack 1 win 65535 (DF)
Jun 26 09:46:47.896674 rule 4/(match) block in on vether0: 
192.168.123.2.59762 > 216.58.216.163.443: P 113176577:113176608(31) ack 
2619790719 win 1403 (DF)
Jun 26 09:46:47.896685 rule 4/(match) block in on vether0: 
192.168.123.2.59762 > 216.58.216.163.443: F 31:31(0) ack 1 win 1403 (DF)
Jun 26 09:46:47.896711 rule 4/(match) block in on vether0: 
192.168.123.2.39279 > 31.13.77.6.443: P 4254697166:4254697197(31) ack 
2615144509 win 1545 (DF)
Jun 26 09:46:47.896735 rule 4/(match) block in on vether0: 
192.168.123.2.39279 > 31.13.77.6.443: R 31:31(0) ack 1 win 1545 (DF)


# pfctl -R 4 -sr
block drop log all

It is not all https traffice that is being blocked as I can hit my 
banking site, etc.  Does anyone have an idea why are these packets being 
blocked?


Thanks,
Steve Williams





Re: Headphone with Conexant CX20724

2017-06-26 Thread Edgar Pettijohn
mixerctl (1) handles a lot of stuff. Take a look at it's output and you may 
find something that needs tweaking.

⁣Sent from BlueMail ​

On Jun 26, 2017, 10:58 AM, at 10:58 AM, Manuel Giraud  
wrote:
>Hi,
>
>I have a laptop on which the headphone produce sound only on the left
>channel (I have tested and it works with a linux distro (same
>headphone)). I'm trying to make my way into the azalia driver without
>success. Does anyone have an idea of how to sort this out?
>
>OpenBSD 6.1-current (GENERIC.MP) #109: Mon Jun 26 17:34:02 CEST 2017
>manuel@elite.giraud:/sys/arch/amd64/compile/GENERIC.MP
>RTC BIOS diagnostic error
>9d
>real mem = 8448348160 (8056MB)
>avail mem = 8186515456 (7807MB)
>mpath0 at root
>scsibus0 at mpath0: 256 targets
>mainbus0 at root
>bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xc78da000 (33 entries)
>bios0: vendor HP version "N75 Ver. 01.14" date 04/12/2017
>bios0: HP HP EliteBook 840 G3
>acpi0 at bios0: rev 2
>acpi0: sleep states S0 S3 S4 S5
>acpi0: tables DSDT FACP SSDT TCPA SSDT UEFI SSDT SSDT WSMT HPET APIC
>MCFG SSDT SSDT SSDT SSDT DMAR NHLT ASF! FPDT BGRT SSDT
>acpi0: wakeup devices PEGP(S4) PEG1(S4) PEGP(S4) PEG2(S4) PEGP(S4)
>PEG0(S4) GLAN(S0) XHC_(S3) XDCI(S4) HDAS(S4) PXSX(S4) RP01(S4) PXSX(S4)
>RP02(S4) PXSX(S4) RP03(S4) [...]
>acpitimer0 at acpi0: 3579545 Hz, 24 bits
>acpihpet0 at acpi0: 2399 Hz
>acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
>cpu0 at mainbus0: apid 0 (boot processor)
>cpu0: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2496.00 MHz
>cpu0:
>FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
>cpu0: 256KB 64b/line 8-way L2 cache
>cpu0: TSC frequency 249600 Hz
>cpu0: smt 0, core 0, package 0
>mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
>cpu0: apic clock running at 23MHz
>cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
>cpu1 at mainbus0: apid 2 (application processor)
>cpu1: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2496.00 MHz
>cpu1:
>FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
>cpu1: 256KB 64b/line 8-way L2 cache
>cpu1: smt 0, core 1, package 0
>cpu2 at mainbus0: apid 1 (application processor)
>cpu2: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2496.00 MHz
>cpu2:
>FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
>cpu2: 256KB 64b/line 8-way L2 cache
>cpu2: smt 1, core 0, package 0
>cpu3 at mainbus0: apid 3 (application processor)
>cpu3: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2496.00 MHz
>cpu3:
>FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
>cpu3: 256KB 64b/line 8-way L2 cache
>cpu3: smt 1, core 1, package 0
>ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 120 pins
>acpimcfg0 at acpi0 addr 0xf800, bus 0-63
>acpiprt0 at acpi0: bus 0 (PCI0)
>acpiprt1 at acpi0: bus -1 (PEG1)
>acpiprt2 at acpi0: bus -1 (PEG2)
>acpiprt3 at acpi0: bus -1 (PEG0)
>acpiprt4 at acpi0: bus -1 (RP01)
>acpiprt5 at acpi0: bus 1 (RP02)
>acpiprt6 at acpi0: bus -1 (RP03)
>acpiprt7 at acpi0: bus 2 (RP04)
>acpiprt8 at acpi0: bus -1 (RP05)
>acpiprt9 at acpi0: bus -1 (RP06)
>acpiprt10 at acpi0: bus -1 (RP07)
>acpiprt11 at acpi0: bus -1 (RP08)
>acpiprt12 at acpi0: bus -1 (RP09)
>acpiprt13 at acpi0: bus -1 (RP10)
>acpiprt14 at acpi0: bus -1 (RP11)
>acpiprt15 at acpi0: bus -1 (RP12)
>acpiprt16 at acpi0: bus -1 (RP13)
>acpiprt17 at acpi0: bus -1 (RP14)
>acpiprt18 at acpi0: bus -1 (RP15)
>acpiprt19 at acpi0: bus -1 (RP16)
>acpiprt20 at acpi0: bus -1 (RP17)
>acpiprt21 at acpi0: bus -1 (RP18)
>acpiprt22 at acpi0: bus 

Headphone with Conexant CX20724

2017-06-26 Thread Manuel Giraud
Hi,

I have a laptop on which the headphone produce sound only on the left
channel (I have tested and it works with a linux distro (same
headphone)). I'm trying to make my way into the azalia driver without
success. Does anyone have an idea of how to sort this out?

OpenBSD 6.1-current (GENERIC.MP) #109: Mon Jun 26 17:34:02 CEST 2017
manuel@elite.giraud:/sys/arch/amd64/compile/GENERIC.MP
RTC BIOS diagnostic error 9d
real mem = 8448348160 (8056MB)
avail mem = 8186515456 (7807MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xc78da000 (33 entries)
bios0: vendor HP version "N75 Ver. 01.14" date 04/12/2017
bios0: HP HP EliteBook 840 G3
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT TCPA SSDT UEFI SSDT SSDT WSMT HPET APIC MCFG SSDT 
SSDT SSDT SSDT DMAR NHLT ASF! FPDT BGRT SSDT
acpi0: wakeup devices PEGP(S4) PEG1(S4) PEGP(S4) PEG2(S4) PEGP(S4) PEG0(S4) 
GLAN(S0) XHC_(S3) XDCI(S4) HDAS(S4) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) 
PXSX(S4) RP03(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 2399 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2496.00 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: TSC frequency 249600 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 23MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2496.00 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 1 (application processor)
cpu2: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2496.00 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 1, core 0, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2496.00 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 120 pins
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG1)
acpiprt2 at acpi0: bus -1 (PEG2)
acpiprt3 at acpi0: bus -1 (PEG0)
acpiprt4 at acpi0: bus -1 (RP01)
acpiprt5 at acpi0: bus 1 (RP02)
acpiprt6 at acpi0: bus -1 (RP03)
acpiprt7 at acpi0: bus 2 (RP04)
acpiprt8 at acpi0: bus -1 (RP05)
acpiprt9 at acpi0: bus -1 (RP06)
acpiprt10 at acpi0: bus -1 (RP07)
acpiprt11 at acpi0: bus -1 (RP08)
acpiprt12 at acpi0: bus -1 (RP09)
acpiprt13 at acpi0: bus -1 (RP10)
acpiprt14 at acpi0: bus -1 (RP11)
acpiprt15 at acpi0: bus -1 (RP12)
acpiprt16 at acpi0: bus -1 (RP13)
acpiprt17 at acpi0: bus -1 (RP14)
acpiprt18 at acpi0: bus -1 (RP15)
acpiprt19 at acpi0: bus -1 (RP16)
acpiprt20 at acpi0: bus -1 (RP17)
acpiprt21 at acpi0: bus -1 (RP18)
acpiprt22 at acpi0: bus -1 (RP19)
acpiprt23 at acpi0: bus -1 (RP20)
acpiec0 at acpi0
acpicpu0 at acpi0: C3(200@1034 mwait.1@0x60), C2(200@151 mwait.1@0x33), 
C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: C3(200@1034 mwait.1@0x60), C2(200@151 mwait.1@0x33), 
C1(1000@1 mwait.1), PSS
acpicpu2 at acpi0: C3(200@1034 

Re: Tor Relay

2017-06-26 Thread Gareth Llewellyn
>  Original Message 
> From: ca...@protonmail.com
> Anyone with some experience/tips would be helpful

I run a few OpenBSD based relays/exits ( 
https://atlas.torproject.org/#search/BrassHorn ) so, if once you've followed 
the guides others have written, feel free to get in touch with any questions.
Also have a look at https://github.com/nusenu which has an ansible playbook 
along with lots of interesting stats which are more consumable here: 
https://nusenu.github.io/OrNetStats/
We need more OpenBSD relays for diversity reasons (e.g. of over 7000 relays 
only ~358 are OpenBSD) so thank you for running one!

I would also recommend that you subscribe to the tor-relays mailing list.