Re: Queuing faster than 4 Gbps

2018-02-27 Thread BARDOU Pierre
Some more info :
* This firewall used to run OpenBSD 5.7, with a similar performance. CPU0 was 
around 10% idle. If I sent more traffic, I saw IFQ drops
* It just has been upgraded to 6.2. 3 cores are loaded now, the busiest is 
around 50% idle. If I send more traffic, I see out discards on my IX interfaces.

Maybe it is related to the output buffer ? Is there a way to increase it ?
Just in case, here is the output of netstat -m, vmstat -m and systat mbufs. 
I don't understand what the output of those commands mean... If someone has a 
link to some documentation about these, that would help
885 mbufs in use:
834 mbufs allocated to data
4 mbufs allocated to packet headers
47 mbufs allocated to socket names and addresses
72/256/64 mbuf 2048 byte clusters in use (current/peak/max)
670/17640/120 mbuf 2112 byte clusters in use (current/peak/max)
0/48/64 mbuf 4096 byte clusters in use (current/peak/max)
0/120/64 mbuf 8192 byte clusters in use (current/peak/max)
34/70/112 mbuf 9216 byte clusters in use (current/peak/max)
0/40/80 mbuf 12288 byte clusters in use (current/peak/max)
0/40/64 mbuf 16384 byte clusters in use (current/peak/max)
0/56/64 mbuf 65536 byte clusters in use (current/peak/max)
48936 Kbytes allocated to network (4% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines

###

Memory statistics by bucket size
Size   In Use   Free   Requests  HighWater  Couldfree
  16  471553 1125641280  0
  32  417607 131271 640  0
  64 1511 25  33005 320 12
 128 3178 22  49040 160  8
 256  664 24 225183  80  0
 512  238  2 113984  40  0
1024 2212  4  32615  20  0
2048  547  5   4047  10244
4096   55  2  12158   5  0
8192  207  1216   5  0
   163845  0  54156   5  0
   327686  0 13   5  0
   655363  0  10151   5  0
  1310722  0  2   5  0
  2621441  0  1   5  0
  5242881  0  1   5  0

Memory usage type by bucket size
Size  Type(s)
  16  devbuf, pcb, rtable, ifaddr, dirhash, ACPI, exec, VM swap, UVM amap,
  UVM aobj, USB, USB device, temp
  32  devbuf, pcb, rtable, ifaddr, sysctl, sem, dirhash, ACPI, in_multi,
  ether_multi, exec, UVM amap, USB, USB device, NDP, temp
  64  devbuf, rtable, ifaddr, counters, vnodes, dirhash, ACPI, proc,
  in_multi, VM swap, UVM amap, USB, USB device, temp
 128  devbuf, pcb, rtable, ifaddr, sysctl, counters, vnodes, UFS mount, sem,
  dirhash, ACPI, NFS srvsock, ip_moptions, in_multi, UVM amap, USB,
  USB device, USB HC, temp
 256  devbuf, rtable, ifaddr, counters, ioctlops, iov, vnodes, shm, VM map,
  dirhash, ACPI, exec, UVM amap, USB, USB device, temp
 512  devbuf, ifaddr, counters, ioctlops, iov, UFS mount, dirhash,
  file desc, ttys, newblk, UVM amap, temp
1024  devbuf, pcb, sysctl, counters, ioctlops, mount, UFS mount, shm, proc,
  ttys, exec, USB device, crypto data, temp
2048  devbuf, ioctlops, UFS mount, ACPI, VM swap, UVM aobj, USB, temp
4096  devbuf, ifaddr, counters, ioctlops, proc, ttys, USB, memdesc, temp
8192  devbuf, counters, ttys, pagedep, USB, temp, SYN cache
   16384  devbuf, UFS mount, NFS daemon, MSDOSFS mount, temp
   32768  devbuf, UFS quota, UFS mount, ISOFS mount, inodedep
   65536  devbuf, temp
  131072  devbuf, VM swap
  262144  VM swap
  524288  temp

Memory statistics by type   Type  Kern
  Type InUse MemUse HighUse  Limit Requests Limit Limit Size(s)
devbuf  5343  3971K   4044K 78644K148130 0  
16,32,64,128,256,512,1024,2048,4096,8192,16384,32768,65536,131072
   pcb7817K 17K 78644K  5250 0  16,32,128,1024
rtable   116 7K 34K 78644K   2798400 0  16,32,64,128,256
ifaddr9416K 17K 78644K  1180 0  
16,32,64,128,256,512,4096
sysctl 3 2K  2K 78644K30 0  32,128,1024
  counters5963K 63K 78644K   590 0  
64,128,256,512,1024,4096,8192
  ioctlops 0 0K  4K 78644K   1173370 0  
256,512,1024,2048,4096
   iov 0 0K  1K 78644K   100 0  256,512
 mount 2 2K  2K 78644K20 0  1024
vnodes  122578K 78K 78644K 23790 0  64,128,256
 UFS quota 1

Re: sudoedit for doas?

2018-02-27 Thread Niels Kobschaetzki

> On 28. Feb 2018, at 07:50, Hess THR  wrote:
> 
> Hello, 
> 
> hmm, I went through the relevant man pages: 
> 
> https://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/doas.1
> https://man.openbsd.org/doas.conf.5
> 
> but I cannot find a sudoedit alternative for the "doas". 
> 
> Are there any? 

No

Niels



noip freezes my 6.0

2018-02-27 Thread Hess THR
Hello, 

pkg_add ...pub/OpenBSD/6.0/packages/amd64/no-ip-2.1.9p4.tgz
enable it with rcctl

.. ok, it works! heading for a sleep. 

but in the morning: the OpenBSD router was not responding. 

ok, omg, power off/on. don't know what happened, nothing in the logs. 

ok, next day, the same, during the night, the machine freezes. now I turn the 
noip off with rcctl and not running the noip client. 

.. the machine didn't freezed. 

How can I help the community, how to debug this problem? (before opening a 
low-level bugreport, want to make it a more quality report)

Many thanks. 



https://www.openbsd.org/ftp.html

2018-02-27 Thread Hess THR
Hello, 

I can see that ftp.fsn.hu is available over HTTPS, but isn't listed in the 
HTTPS part of the ftp.html

How can we reach the maintainer of the ftp.html? 

Thanks. 



sudoedit for doas?

2018-02-27 Thread Hess THR
Hello, 

hmm, I went through the relevant man pages: 

https://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/doas.1
https://man.openbsd.org/doas.conf.5

but I cannot find a sudoedit alternative for the "doas". 

Are there any? 

Many thanks. 



Another vmd sanity check recommendation / WAS: "vmctl stop" causing disk image corruption with OpenBSD 6.2-stable VM

2018-02-27 Thread openbsd2012
Hi Mike,


I got curious again and tried starting a second vmd process when there is 
already a running vmd process. The new process causes the original process to 
stop responding. As expected, this makes a mess of the disk image files already 
loaded by the first vmd process.


I also tried starting the second vmd process using a distinct vm.conf which 
used none of the disk image files from the original vmd process. This still 
causes the VMs running under the first vmd process to stop responding, even 
after the second vmd process is killed. The disk image files from the original 
process were also flagged for fsck at reboot of the VMs.


Perhaps another sanity check for the to-do list... don't start vmd if it is 
already running?


Yours truly,

Breen



From: Mike Larkin 
Sent: February 3, 2018 4:49 PM
To: openbsd2012
Cc: 'misc@openbsd.org'
Subject: Re: "vmctl stop" causing disk image corruption with OpenBSD 6.2-stable 
VM

...

> May I suggest a vmd sanity check to avoid a VM disk image being loaded by 
> more than one VM simultaneously? Providing a patch is outside my skill set, 
> unfortunately.
>
>
> Yours truly,
>
>
> Breen
>

Not a bad idea, I'll toss it on the to-do list. thanks..

-ml



Re: Can you specify which interface DHCP should serve on, in /etc/dhcpd.conf , or only via arg?

2018-02-27 Thread Tinker
Hi Marcus,

Thank you a lot for responding.

Aha so dhcpd(8) will only listen to the interfaces that correspond to
the subnets specified in dhcpd.conf(8), thank you for clarifying.

What you say is, that dhcpd will make touch the interfaces that
equivalence-match with subnets listed in dhcpd.conf, only -

E.g., if dhcpd.conf is specified to serve the 1.2.whatever.whatever/16
subnet (e.g. "subnet 1.2.123.234 netmask 255.255.0.0 { .. }"), then
from among the interfaces (per config of IP/subnet) 1.2.3.4/8,
1.2.3.5/16, and 1.2.3.6/24, only the middle one will be touched.
Correct?


For completeness, two questions:

1)
I was trying to read this answer out of dhcpd(8)'s and dhcpd.conf(8)'s
man pages.

Also right now searching through these documents for the word "subnet"
and otherwise skimming them through, I do not see what you clarified
now stated clearly there.

dhcpd(8)'s man page says this though, which in absence of other
clarifications would have a contrary meaning:

"If no interface names are specified on the command line, and the -u
option is not given, dhcpd will identify all network interfaces which
are up, eliminating non-broadcast interfaces if possible, and listen
for DHCP broadcasts on each interface."

Can you please clarify how I mis-read the manual, or, is there an
understanding that for some reason is implied and not needs to be
written up here (..that of the interfaces that make up the "all network
interfaces which are up [..] and listen for DHCP broadcasts on each
interface" set, only those addressed by subnet definitions in the
config file will be touched)?

Where I'm coming from is I want DHPCD to touch the particular intended
LAN interface and no WAN or other interface as that would sound like a
screwup - maybe a malevolent actor could try to steal all the LAN IP:s
if he could access my DHPCD from another interface - so it's nice to
know exactly how DHCP's interface selection works.

2)
For final clarity can you please walk me through how to get the subnet
selection to hit right - say I have these interfaces:

em0: IP 187.76.85.45, netmask /24, and the system's default route is
 187.76.85.252

em1: IP 192.168.100.195, netmask /31

em2: IP 192.168.100.2, netmask /24

em3: IP 192.168.100.1, netmask /16

and this /etc/dhcpd.conf:

subnet 192.168.100.0 netmask 255.255.255.0 {
 range 192.168.100.3 192.168.100.254;
 option routers 192.168.100.2;
}


I'll now run dhcpd and instead of specifying the argument "em2" as I
always did before to ensure that only em2 is touched, I won't specify
anything.

Will dhcpd pick em2 on the basis of the 192.168.100.XXX/24 subnet of
dhcpd.conf being equivalent to em2 only and none other?

(So for instance, em1 is a subnet of em2's subnet but the matching is
by equivalence only and hence em1 will not be selected - and not
considering the netmask, em3 overlaps with em1's subnet, but since it's
subnet + IP that are equivalence-checked then that one is not taken
also.)

If you can please explain how/why this works out would be great, maybe
with doc/code ref.

Thanks,
Tinker

‐‐‐ Original Message ‐‐‐

On February 27, 2018 3:41 PM, Marcus MERIGHI  wrote:

> t1...@protonmail.ch (Tinker), 2018.02.27 (Tue) 07:12 (CET):
> 
> > Just so I not missed anything in reading the man pages \[1\]:
> > 
> > If you have a machine with an external and an internal NIC e.g. em0 and
> > 
> > em1 , and you want to serve DHCP only on em1 , then the only way to do
> > 
> > that is as a dhcpd argument, e.g. add a line 'dhcpd="em1"' to
> > 
> > /etc/rc.conf.local or alternatively add a line "dhcpd em1" to
> > 
> > /etc/rc.local - there is no way to specify in /etc/dhcpd.conf which
> > 
> > network interfaces dhcpd will bind/serve on, right?
> > 
> > Has this been for a particular reason (i.e. it's a feature) or just
> > 
> > noone bothered?
> > 
> > The usecase I describe above should be typical.
> 
> dhcpd(8) reads the subnet declarations from dhcpd.conf(5) and get's to
> 
> the interface from there. It does not listen like other network daemons
> 
> but uses bpf(4). Try to block it with pf(4)... ;-)
> 
> Marcus




Lenovo X130e blank video at boot.rd

2018-02-27 Thread j
I am replacing my ancient X60 with an X130e of lesser age.  This model 
is previously found as working on misc.


When trying to install 6.2 (release) over Windows 10 there is no video 
to see.


By booting miniroot62.fs from USB the kernel loads, but the "OpenBSD 6.2 
" and subsequent boot messages do not appear.  The video is blank 
(apparently backlit but no text is present.)  The biosboot loader 
messages prior to that do appear for a few seconds.  The USB stick 
activity light does blink as if things are happening normally.


Same result for 6.1 and 5.9.

The three video options: Native video, VGA and HDMI video outputs show 
the same biosboot lines and then the screen blanks.  A couple of 
different monitors on the VGA output show "unsupported format" or 
somesuch suggesting the video signal is not a standard format.


There is no serial port on this hardware.  The BIOS is updated to the 
latest.  I'm going to try to obtain a dmesg with blindly typing against 
the install script (blessed OpenBSD with a simple install CLI!)


I'm wondering if there is something to be enabled/disabled in 
boot_config that would help.  I don't quite understand why video would 
blank out once the kernel gets control 
(src/sys/arch/amd64/amd64/consinit.c and machdep.c) since nothing looks 
like it is touching video configuration.  This seems to be way before 
any video driver gets control.


The Windows 10 "about" page says this is AMD E-450 APU with Radeon HD 
Graphics.  The Hardware page says "AMD Radeon HD 6320 Graphics".


Does anyone have further advice?

thanks

John



Re: Supermicro SuperServer E200-9A

2018-02-27 Thread lists
Tue, 27 Feb 2018 10:42:42 -0500 Mike 
> On 2/27/2018 8:51 AM, Stuart Henderson wrote:
> > On 2018/02/27 08:30, Rupert Gallagher wrote:  
> >> Not new at all. 
> >>
> >> https://www.servethehome.com/intel-atom-c3338-benchmarks-why-denverton-is-so-sweet/
> >>
> >> https://www.servethehome.com/intel-atom-c3558-linux-benchmarks-and-review/
> >>
> >> https://www.servethehome.com/
> >> intel-atom-c3958-16-core-top-end-embedded-qat-linux-benchmarks-and-review/ 
> >>  
> > 
> > Launch date q3 '17 is pretty new.
> >   
> 
> fwiw, for a couple of years, I've been running what could be considered
> the prior model of that motherboard, the A1SRi-2758F.  OpenBSD has no
> issues running on it. I use CLI elusively, no X stuff..

Hi Mike,

I laugh every time someone mentions serve-their-home sponsored web site.
I also laugh at people who can't quote in email but tend to give advice.

Here is what I think, disregard Rupert, and skip new unsupported boards.

Evasively this has not affected your system mainboard, very interesting:

https://www.servethehome.com/intel-atom-c2000-series-bug-quiet/
https://www.google.com/search?q=atom+c2758+sudden+death

The fault affects various makers, manifests itself in dead system board.

https://www.supermicro.com/products/motherboard/atom/x10/a1sri-2758f.cfm
https://en.wikipedia.org/wiki/List_of_Intel_Atom_microprocessors#Silvermont_microarchitecture_4

In light of meltdown spectres, how come this did not get any fancy icon?
We are also VERY seriously concerned of critical faults in BMC firmware.

https://www.supermicro.com/products/nfo/ipmi.cfm
https://www.thomas-krenn.com/en/wiki/IPMI_Security_Updates

Here is the current generation of Atom server boards discussed in the
thread, these are quite new and still unsupported:

https://www.supermicro.com/products/motherboard/atom/
https://en.wikipedia.org/wiki/List_of_Intel_Atom_microprocessors#Goldmont_microarchitecture_2

I suspect critical bugs down the line with c3000, to re-warrant extended
product life statements back to the reality of 2yrs, smells like a plan:

https://en.wikipedia.org/wiki/Planned_obsolescence#Contrived_durability

I have a previous generation Atom D525 right next to me, SuperMicro made
X7SPA-HF-D525-O and can report DISSATISFACTION with both of BMC firmware
operating system related vulnerabilities and its reliability.  I have to
constantly restart the BMC before reboots and totally skipped next gens.

https://www.supermicro.com/products/motherboard/atom/ich9/x7spa-hf-d525.cfm
https://www.thomas-krenn.com/en/wiki/X7SPA-HF

Marketing stuff of no real technical value (will praise anything for $):
https://www.servethehome.com/supermicro-x7spahfd525-x7spehfd525-atom-server-motherboard-review/

I will SKIP until both the BMC starts getting accessible to reprogram w/
OpenBSD tools into using OpenBSD as the BMC firmware.. and further until
Intel stops shipping processors set to fail with hardware bugs, remotely
exploitable management engines and microcode malware disasters included.

Conclusion: Atom server boards are overpriced and the BMC are a failure!
Mobo makers do NOT provide fixes to issues w/ BMC security, reliability.
Check BMC firmware upgrades paths and third party reports on the BMC fw.

https://www.google.com/search?q=WPCM450
https://www.thomas-krenn.com/en/wiki/Nuvoton_WPCM450R_IPMI_Chip_with_ATEN-Software
https://www.thomas-krenn.com/en/wiki/Supermicro_IPMI_Security_Updates_November_2013

There are NO BMC firmware upgrades past R3.16 and BIOS 1.2b really none.
I am very disappointed the BMC crashes on its own, and prevents reboots.

https://www.supermicro.com/support/bios/firmware0.aspx
https://www.thomas-krenn.com/en/wiki/IPMI_Security_Updates
https://www.thomas-krenn.com/en/download.html?manufacturer=5=82=7224
https://www.supermicro.com/products/motherboard/ATOM/ICH9/X7SPA-HF-D525.cfm

Now a mandatory dmesg, BMC crash indication at the end, affects reboots.
I bought this board brand new in May 2011, one year later the BMC fails.

Note, the board has the latest BIOS and BMC firmwares, and still the BMC
OS keeps crashing every couple of minutes.  It is one major RMA incident
& the 2 companies selling the boards in my country can not help, at all.

The faulty chip is the Winbond WPCM450 BMC: avoid everywhere.  I can not
be convinced its AST2400 & AST2500 replacements are anything better.  It
is really loudly screaming for an OpenBSD reflash, but I have no images.

https://www.google.com/search?q=AST2400
https://www.thomas-krenn.com/en/wiki/ASPEED_AST2400_IPMI_Chip_with_ATEN-Software
https://www.google.com/search?q=AST2500

OpenBSD runs extremely stable on this board, but I hate the BMC, period.
Before buying mainboards ask long term usage reports from OpenBSD users!

Kind regards,
Anton Lazarov

OpenBSD 6.2-current (GENERIC.MP) #11: Mon Feb 26 19:16:54 MST 2018
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4277665792 (4079MB)
avail mem = 4140994560 

Please explain the pkg_check F option, thank you.

2018-02-27 Thread Zsolt Kantor
What exactly does the pkg_check -F option?  If I use it, it does some 
filesystem check, and some "Locating unknown files".

At the end I get: "Locating unknown files: ok", "Locating unknown directories: 
ok", and a long list of "not found" directories and files, like below.
Not found:
/boot
/bsd
/bsd.rd
/bsd.sp
/bsd.syspatch61
/etc/X11/xenodm/authdir
. . . . 


At the really end I get this: Locating unknown directories: ok

I don't understand what is with that list of "not found" files.
In the manual page it does not say much about this option (or I don't 
understand much), it only states: "-F  Check the filesystem for random 
objects.".

Q1: What are those random objects?
Q2: It actually checks the file system?? (like fsck)
Q3: What's about that long list of not found directories and files?



Re: Supermicro SuperServer E200-9A

2018-02-27 Thread Charlie Eddy
Mihai,

Your extrapolation is the only issue here as OP did not describe a linear
causal relationship.

See below.

> I want to build a OpenBSD firewall. And I have bought a Supermicro
> SuperServer E200-9A. There is installed a A2SDi-4C-HLN4F motherboard in
it.

On Tue, Feb 27, 2018 at 11:01 AM, Rupert Gallagher 
wrote:

> I did not purchase the board, yet. The OP did. And he did well. Both Linux
> and FreeBSD run on it.
>
> ‐‐‐ Original Message ‐‐‐
>
> On 27 February 2018 4:22 PM, Charlie Eddy 
> wrote:
>
> > Rupert, I strongly suggest you actively search as quickly as possible as
> > Stuart suggested, or return your product. Not the first time this has
> > happened so don't take it personally.
>


Re: gif(4) changes vs tunnelbroker

2018-02-27 Thread Pavel Korovin
On 02/28, David Gwynne wrote:
> what is the status of sysctl net.inet.ipip ?

David, thank you! That was easy :)
Sorry for the noise.

$ sysctl net.inet.ipip.allow
net.inet.ipip.allow=0
# sysctl -w net.inet.ipip.allow=1
net.inet.ipip.allow: 0 -> 1
$ ping6 www.google.com
PING www.google.com (2a00:1450:4013:c01::67): 56 data bytes
64 bytes from 2a00:1450:4013:c01::67: icmp_seq=0 hlim=48 time=40.500 ms
64 bytes from 2a00:1450:4013:c01::67: icmp_seq=1 hlim=48 time=40.645 ms
^C
--- www.google.com ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 40.500/40.573/40.645/0.073 ms

-- 
With best regards,
Pavel Korovin



Suddenly Trojta mail application on my computer can't sent e-mail.

2018-02-27 Thread f...@freddyfisker.dk


Re: Supermicro SuperServer E200-9A

2018-02-27 Thread Rupert Gallagher
I did not purchase the board, yet. The OP did. And he did well. Both Linux and 
FreeBSD run on it. 

‐‐‐ Original Message ‐‐‐

On 27 February 2018 4:22 PM, Charlie Eddy  wrote:

> Rupert, I strongly suggest you actively search as quickly as possible as
> Stuart suggested, or return your product. Not the first time this has
> happened so don't take it personally.



Re: Unsetting a DHCP option in dhcpd.conf(5)

2018-02-27 Thread Sonic
I suspect you can use groups, set it for a group and leave it out of
another group.

On Tue, Feb 27, 2018 at 12:55 PM, Grzegorz Kowalczyk
 wrote:
> Hi,
>
> can an option be unset in a host declaration of dhcpd.conf(5)?
>
> I'm trying to set a generic "option routers A.B.C.D" option in a
> subnet block and disable it in some host blocks.
>
> I've already skimmed through dhcpd.conf(5) and dhcp-options(5) man
> pages, to no avail.
>



interrupt at 50% on dell E5450

2018-02-27 Thread vincent delft
Hello,

I've just installed current on my new dell e5450, but encounter some
troubles.

1 of the 4 display CPU in Top is heating 50% for interrupts.

Concerning the installation process I did, I just followed the normal
process by booting bsd.rd and performing a standard install by getting
files from internet.
So, at the reboot he installed automatically some firmwares: iwm, uvideo
and vmm.

I've removed those firmwares via pkg_delete, but the problem remains.

on Bios level, I've not performed changes.
Before booting, I've checked that "legacy" was activated, since it was,
I've leave it as it is.


Any ideas ?

something I should de-activate ?


Vincent

ps:
except that, I have 2 small problems:
1. the brightness button which does not work. xbacklight neither, but
xrandr --brightness work well :-).

2. After a lid close (suspend), when I open it, the machine try to start,
the screen appears very shortly but goes back in "sleeping". Pressing the
power button make the system coming back to normal where it was.
I see in dmesg message like: "acpivideo0: unknown event 0x00" when I close
or open the lid.
using the "moon" button does not create such problem. The suspend and
resume work perfectly.










TOP:
--

load averages:  0.03,  0.02,  0.00e5450.home.lan 18:39:24
28 processes: 27 idle, 1 on processor  up  0:02
CPU0 states:  0.2% user,  0.0% nice,  0.5% system, 60.5% interrupt, 38.9%
idle
CPU1 states:  1.3% user,  0.0% nice,  1.2% system,  0.0% interrupt, 97.5%
idle
CPU2 states:  1.9% user,  0.0% nice,  0.7% system,  0.0% interrupt, 97.4%
idle
CPU3 states:  0.2% user,  0.0% nice,  1.4% system,  0.0% interrupt, 98.3%
idle
Memory: Real: 20M/391M act/tot Free: 7431M Cache: 283M Swap: 0K/4220M

  PID USERNAME PRI NICE  SIZE   RES STATE WAIT  TIMECPU COMMAND
1 root  100  384K  428K idle  wait  0:01  0.00% init
 8886 vi180  684K  796K sleep/2   pause 0:00  0.00% ksh
76946 _smtpq 20 1476K 3680K idle  kqread0:00  0.00% smtpd
14499 _smtpd 20 1392K 3640K idle  kqread0:00  0.00% smtpd
36195 root   20 1528K 2244K idle  kqread0:00  0.00% smtpd
33739 _smtpd 20 1472K 3704K idle  kqread0:00  0.00% smtpd
98349 _smtpd 20 1264K 3460K idle  kqread0:00  0.00% smtpd
19311 root   20  880K 1376K idle  select0:00  0.00% sshd
30693 _smtpd 20 1348K 3552K idle  kqread0:00  0.00% smtpd
30697 _smtpd 20 1264K 3512K idle  kqread0:00  0.00% smtpd
21077 _ntp   20  700K 2364K sleep/2   poll  0:00  0.00% ntpd
98937 root   30  312K 1252K idle  ttyin 0:00  0.00% getty
52645 root   30  312K 1256K idle  ttyin 0:00  0.00% getty
80044 root   30  316K 1252K idle  ttyin 0:00  0.00% getty
38165 _pflogd40  712K  532K sleep/2   bpf   0:00  0.00% pflogd
48738 _ntp   2  -20  756K 2448K sleep/2   poll  0:00  0.00% ntpd
23159 root   20  684K  616K idle  kqread0:00  0.00% slaacd
77351 _syslogd   20  932K 1616K sleep/3   kqread0:00  0.00% syslogd

dmesg


OpenBSD 6.2-current (GENERIC.MP) #11: Mon Feb 26 19:16:54 MST 2018
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8456654848 <(845)%20665-4848> (8064MB)
avail mem = 8193343488 <(819)%20334-3488> (7813MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xed750 (89 entries)
bios0: vendor Dell Inc. version "A11" date 11/18/2015
bios0: Dell Inc. Latitude E5450
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC FPDT FIDT MCFG HPET SSDT UEFI SSDT ASF! SSDT
SSDT SSDT SSDT PCCT SSDT SSDT SSDT SLIC MSDM DMAR
acpi0: wakeup devices PEGP(S4) PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4) PEG2(S4)
PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4)
PXSX(S4) RP05(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz, 2694.16 MHz
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,
CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,
PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,
SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,
POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,
RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,HLE,
AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,RDSEED,ADX,SMAP,PT,SENSOR,ARAT,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
acpitimer0: recalibrated TSC frequency 2294695314 <(229)%20469-5314> Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz, 2693.77 MHz
cpu1: 

Unsetting a DHCP option in dhcpd.conf(5)

2018-02-27 Thread Grzegorz Kowalczyk
Hi,

can an option be unset in a host declaration of dhcpd.conf(5)?

I'm trying to set a generic "option routers A.B.C.D" option in a
subnet block and disable it in some host blocks.

I've already skimmed through dhcpd.conf(5) and dhcp-options(5) man
pages, to no avail.



Re: Supermicro SuperServer E200-9A

2018-02-27 Thread Mihai Popescu
> Looks like ProtoMail Mobile could use some assistance with proper quoting... 
> :)

That is not the only problem, look to a sample:
Tm90IG5ldyBhdCBhbGwuDQoNCmh0dHBzOi8vd3d3LnNlcnZldGhlaG9tZS5j
b20vaW50ZWwtYXRvbS1jMzMzOC1iZW5jaG1hcmtzLXdoeS1kZW52ZXJ0b24t

Going back to the subject, I still fail to figure out why some people
buy the hardware first and only after that they are concerned if
OpenBSD runs on it.



Re: Supermicro SuperServer E200-9A

2018-02-27 Thread Mike
On 2/26/2018 6:26 PM, Rupert Gallagher wrote:
> Note on passing: the C2000 are officially retired and discontinued.
> 
> Sent from ProtonMail Mobile
> 
> On Mon, Feb 26, 2018 at 23:21, Stuart Henderson  wrote:
> 
>> On 2018-02-26, OpenBSD user wrote: > Hello > > I want to build a OpenBSD 
>> firewall. And I have bought a Supermicro > SuperServer E200-9A. There is 
>> installed a A2SDi-4C-HLN4F motherboard in it. > > I'm trying to installed 
>> OpenBSD 6.2 on it, [snip]

Looks like ProtoMail Mobile could use some assistance with proper
quoting... :)



Re: Supermicro SuperServer E200-9A

2018-02-27 Thread Charlie Eddy
great news then

On Mon, Feb 26, 2018 at 3:26 PM, Rupert Gallagher 
wrote:

> Note on passing: the C2000 are officially retired and discontinued.
>
> Sent from ProtonMail Mobile
>
> On Mon, Feb 26, 2018 at 23:21, Stuart Henderson 
> wrote:
>
> > On 2018-02-26, OpenBSD user wrote: > Hello > > I want to build a OpenBSD
> firewall. And I have bought a Supermicro > SuperServer E200-9A. There is
> installed a A2SDi-4C-HLN4F motherboard in it. > > I'm trying to installed
> OpenBSD 6.2 on it, but I have some problems. > > First I tried to boot it
> from an usb stick and thought I could use the > installed keyboard to
> control the installation. But under the boot > process and before I could
> type "i" for install, it had turned the > keyboard off. > > Then I tried to
> control the installation from the IPMI port. I can > control the
> installation through it, but when I'm went to configure the > NIC's there
> is only a VLAN installed. Beside the IPMI port there is also > 4 other
> NIC's installed on the motherboard. And I can't see them. I type > "done"
> but when the installation come to the installed hdd, there is > none to
> choose between. > > I have visit the manufacturer site, but there isn't any
> drivers to any *BSD. > > I have googled for other who have problems, but I
> can't find any solutions. > > How do I installed OpenBSD 6.2 on the E200-9A
> ? > > Please help. > > Thanks in advance > > This machine has a lot of
> rather new hardware in (C3000 Denverton) and is really not at all supported
> yet. I found a dmesg from RAMDISK_CD on one of these and it's full of
> failure starting with being unable to enable acpi (so interrupt routing and
> other things aren't working), plus we haven't even got skeleton pcidevs
> entries for most of the devices (ahci, nic, etc). Realistically, at the
> moment, I'd say the best chances of getting this machine supported are if
> you can get similar hardware in the hands of a developer if there is anyone
> with interest, skills and time to look into it, remote debugging of a
> system in this state is going to be slow and painful.. OpenBSD 6.2-current
> (RAMDISK_CD) #379: Wed Jan 24 12:58:41 MST 2018 dera...@amd64.openbsd.org:
> /usr/src/sys/al mem = 4250882048 (4053MB) avail mem = 4118294528 (3927MB)
> mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.0 @ 0x7f0c7000 (31
> entries) bios0: vendor American Megatrends Inc. version "1.0" date
> 08/02/2017 bios0: Supermicro Super Server acpi0 at bios0: rev 2, can't
> enable ACPI cpu0 at mainbus0: (uniprocessor) cpu0: Intel(R) Atom(TM) CPU
> C3338 @ 1.50: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,
> CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,
> PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,
> CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,
> AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,
> ITSC,FSGSBASE,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,SENSOR,ARAT
> cpu0: 2MB 64b/line 16-way L2 cache cpu0: cannot disable silicon debug cpu0:
> mwait min=64, max=64, C-substates=0.2.0.2, IBE pci0 at mainbus0 bus 0
> 0:31:5: mem address conflict 0xfe01/0x1000 pchb0 at pci0 dev 0 function
> 0 vendor "Intel", unknown product 0x1980 rev 0x11 pchb1 at pci0 dev 4
> function 0 vendor "Intel", unknown product 0x19a1 rev 0x11 vendor "Intel",
> unknown product 0x19a2 (class system subclass root complex event, rev 0x11)
> at pci0 dev 5 function 0 not configured ppb0 at pci0 dev 10 function 0
> vendor "Intel", unknown product 0x19a5 rev 0x11 pci1 at ppb0 bus 1 ppb1 at
> pci0 dev 17 function 0 vendor "Intel", unknown product 0x19ab rev 0x11 pci2
> at ppb1 bus 2 ppb2 at pci2 dev 0 function 0 "ASPEED Technology AST1150 PCI"
> rev 0x03 pci3 at ppb2 bus 3 "ASPEED Technology AST2000" rev 0x30 at pci3
> dev 0 function 0 not configured vendor "Intel", unknown product 0x19ac
> (class system subclass miscellaneous, rev 0x11) at pci0 dev 18 function 0
> not configured ahci0 at pci0 dev 19 function 0 vendor "Intel", unknown
> product 0x19b2 rev 0x11: unable to map interrupt ahci1 at pci0 dev 20
> function 0 vendor "Intel", unknown product 0x19c2 rev 0x11: unable to map
> interrupt xhci0 at pci0 dev 21 function 0 vendor "Intel", unknown product
> 0x19d0 rev 0x11: couldn't map interrupt ppb3 at pci0 dev 22 function 0
> vendor "Intel", unknown product 0x19d1 rev 0x11 pci4 at ppb3 bus 4 vendor
> "Intel", unknown product 0x15e5 (class network subclass ethernet, rev 0x11)
> at pci4 dev 0 function 0 not configured vendor "Intel", unknown product
> 0x15e5 (class network subclass ethernet, rev 0x11) at pci4 dev 0 function 1
> not configured ppb4 at pci0 dev 23 function 0 vendor "Intel", unknown
> product 0x19d2 rev 0x11 pci5 at ppb4 bus 5 vendor "Intel", unknown product
> 0x15e5 (class network subclass ethernet, rev 0x11) at pci5 dev 0 function 0
> not configured vendor "Intel", unknown product 0x15e5 (class network
> subclass ethernet, rev 0x11) at pci5 

Re: Supermicro SuperServer E200-9A

2018-02-27 Thread Rupert Gallagher
Note on passing: the C2000 are officially retired and discontinued.

Sent from ProtonMail Mobile

On Mon, Feb 26, 2018 at 23:21, Stuart Henderson  wrote:

> On 2018-02-26, OpenBSD user wrote: > Hello > > I want to build a OpenBSD 
> firewall. And I have bought a Supermicro > SuperServer E200-9A. There is 
> installed a A2SDi-4C-HLN4F motherboard in it. > > I'm trying to installed 
> OpenBSD 6.2 on it, but I have some problems. > > First I tried to boot it 
> from an usb stick and thought I could use the > installed keyboard to control 
> the installation. But under the boot > process and before I could type "i" 
> for install, it had turned the > keyboard off. > > Then I tried to control 
> the installation from the IPMI port. I can > control the installation through 
> it, but when I'm went to configure the > NIC's there is only a VLAN 
> installed. Beside the IPMI port there is also > 4 other NIC's installed on 
> the motherboard. And I can't see them. I type > "done" but when the 
> installation come to the installed hdd, there is > none to choose between. > 
> > I have visit the manufacturer site, but there isn't any drivers to any 
> *BSD. > > I have googled for other who have problems, but I can't find any 
> solutions. > > How do I installed OpenBSD 6.2 on the E200-9A ? > > Please 
> help. > > Thanks in advance > > This machine has a lot of rather new hardware 
> in (C3000 Denverton) and is really not at all supported yet. I found a dmesg 
> from RAMDISK_CD on one of these and it's full of failure starting with being 
> unable to enable acpi (so interrupt routing and other things aren't working), 
> plus we haven't even got skeleton pcidevs entries for most of the devices 
> (ahci, nic, etc). Realistically, at the moment, I'd say the best chances of 
> getting this machine supported are if you can get similar hardware in the 
> hands of a developer if there is anyone with interest, skills and time to 
> look into it, remote debugging of a system in this state is going to be slow 
> and painful.. OpenBSD 6.2-current (RAMDISK_CD) #379: Wed Jan 24 12:58:41 MST 
> 2018 dera...@amd64.openbsd.org:/usr/src/sys/al mem = 4250882048 (4053MB) 
> avail mem = 4118294528 (3927MB) mainbus0 at root bios0 at mainbus0: SMBIOS 
> rev. 3.0 @ 0x7f0c7000 (31 entries) bios0: vendor American Megatrends Inc. 
> version "1.0" date 08/02/2017 bios0: Supermicro Super Server acpi0 at bios0: 
> rev 2, can't enable ACPI cpu0 at mainbus0: (uniprocessor) cpu0: Intel(R) 
> Atom(TM) CPU C3338 @ 1.50: 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,FSGSBASE,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,SENSOR,ARAT
>  cpu0: 2MB 64b/line 16-way L2 cache cpu0: cannot disable silicon debug cpu0: 
> mwait min=64, max=64, C-substates=0.2.0.2, IBE pci0 at mainbus0 bus 0 0:31:5: 
> mem address conflict 0xfe01/0x1000 pchb0 at pci0 dev 0 function 0 vendor 
> "Intel", unknown product 0x1980 rev 0x11 pchb1 at pci0 dev 4 function 0 
> vendor "Intel", unknown product 0x19a1 rev 0x11 vendor "Intel", unknown 
> product 0x19a2 (class system subclass root complex event, rev 0x11) at pci0 
> dev 5 function 0 not configured ppb0 at pci0 dev 10 function 0 vendor 
> "Intel", unknown product 0x19a5 rev 0x11 pci1 at ppb0 bus 1 ppb1 at pci0 dev 
> 17 function 0 vendor "Intel", unknown product 0x19ab rev 0x11 pci2 at ppb1 
> bus 2 ppb2 at pci2 dev 0 function 0 "ASPEED Technology AST1150 PCI" rev 0x03 
> pci3 at ppb2 bus 3 "ASPEED Technology AST2000" rev 0x30 at pci3 dev 0 
> function 0 not configured vendor "Intel", unknown product 0x19ac (class 
> system subclass miscellaneous, rev 0x11) at pci0 dev 18 function 0 not 
> configured ahci0 at pci0 dev 19 function 0 vendor "Intel", unknown product 
> 0x19b2 rev 0x11: unable to map interrupt ahci1 at pci0 dev 20 function 0 
> vendor "Intel", unknown product 0x19c2 rev 0x11: unable to map interrupt 
> xhci0 at pci0 dev 21 function 0 vendor "Intel", unknown product 0x19d0 rev 
> 0x11: couldn't map interrupt ppb3 at pci0 dev 22 function 0 vendor "Intel", 
> unknown product 0x19d1 rev 0x11 pci4 at ppb3 bus 4 vendor "Intel", unknown 
> product 0x15e5 (class network subclass ethernet, rev 0x11) at pci4 dev 0 
> function 0 not configured vendor "Intel", unknown product 0x15e5 (class 
> network subclass ethernet, rev 0x11) at pci4 dev 0 function 1 not configured 
> ppb4 at pci0 dev 23 function 0 vendor "Intel", unknown product 0x19d2 rev 
> 0x11 pci5 at ppb4 bus 5 vendor "Intel", unknown product 0x15e5 (class network 
> subclass ethernet, rev 0x11) at pci5 dev 0 function 0 not configured vendor 
> "Intel", unknown product 0x15e5 (class network subclass ethernet, rev 0x11) 
> at pci5 dev 0 function 1 not configured vendor "Intel", unknown product 
> 

Re: Supermicro SuperServer E200-9A

2018-02-27 Thread Mike
On 2/27/2018 8:51 AM, Stuart Henderson wrote:
> On 2018/02/27 08:30, Rupert Gallagher wrote:
>> Not new at all. 
>>
>> https://www.servethehome.com/intel-atom-c3338-benchmarks-why-denverton-is-so-sweet/
>>
>> https://www.servethehome.com/intel-atom-c3558-linux-benchmarks-and-review/
>>
>> https://www.servethehome.com/
>> intel-atom-c3958-16-core-top-end-embedded-qat-linux-benchmarks-and-review/
> 
> Launch date q3 '17 is pretty new.
> 

fwiw, for a couple of years, I've been running what could be considered
the prior model of that motherboard, the A1SRi-2758F.  OpenBSD has no
issues running on it. I use CLI elusively, no X stuff..

The requisite dmesg:

OpenBSD 6.2-stable (GENERIC.MP) #4: Wed Feb  7 19:16:57 EST 2018
mik...@sentry.24cl.com:/sys/arch/amd64/compile/GENERIC.MP
real mem = 8544800768 (8148MB)
avail mem = 8278806528 (7895MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0x7f4d8000 (50 entries)
bios0: vendor American Megatrends Inc. version "1.1a" date 08/27/2015
bios0: Supermicro A1SAi
acpi0 at bios0: rev 2
acpi0: sleep states S0 S5
acpi0: tables DSDT FACP FPDT FIDT SPMI MCFG WDAT UEFI APIC BDAT HPET
SSDT HEST BERT ERST EINJ
acpi0: wakeup devices PEX1(S0) PEX2(S0) PEX3(S0) PEX4(S0) EHC1(S0)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) CPU C2758 @ 2.40GHz, 2400.44 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu0: 1MB 64b/line 16-way L2 cache
cpu0: TSC frequency 2400442320 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 100MHz
cpu0: mwait min=64, max=64, C-substates=0.2.0.0.0.0.3, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Atom(TM) CPU C2758 @ 2.40GHz, 2400.01 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu1: 1MB 64b/line 16-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Atom(TM) CPU C2758 @ 2.40GHz, 2400.01 MHz
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu2: 1MB 64b/line 16-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Atom(TM) CPU C2758 @ 2.40GHz, 2400.01 MHz
cpu3:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu3: 1MB 64b/line 16-way L2 cache
cpu3: smt 0, core 3, package 0
cpu4 at mainbus0: apid 8 (application processor)
cpu4: Intel(R) Atom(TM) CPU C2758 @ 2.40GHz, 2400.01 MHz
cpu4:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu4: 1MB 64b/line 16-way L2 cache
cpu4: smt 0, core 4, package 0
cpu5 at mainbus0: apid 10 (application processor)
cpu5: Intel(R) Atom(TM) CPU C2758 @ 2.40GHz, 2400.01 MHz
cpu5:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu5: 1MB 64b/line 16-way L2 cache
cpu5: smt 0, core 5, package 0
cpu6 at mainbus0: apid 12 (application processor)
cpu6: Intel(R) Atom(TM) CPU C2758 @ 2.40GHz, 2400.01 MHz
cpu6:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu6: 1MB 64b/line 16-way L2 cache
cpu6: smt 0, core 6, package 0
cpu7 at mainbus0: apid 14 (application processor)
cpu7: Intel(R) Atom(TM) CPU C2758 @ 2.40GHz, 2400.01 MHz
cpu7:

SSL_CIPHER_description(3) weirdness

2018-02-27 Thread Ingo Schwarze
Hi,

this is just too weird to not mention it.

If you write a function for a complicated task, designing the user
interface well requires hard work.  But you might think that not
much can go wrong when designing a function for a trivial task.
Guess again...

Here is my new candidate for the worstly-designed trivial API:
SSL_CIPHER_description(3).

To start with, you have the choice of providing your own return
buffer to the function or letting it malloc(3) one for you.
That's certainly not making the design, the documentation, or the
usage easier, but oh well, there is more than one function providing
that dubious choice.  But hold on.

If you provide your own buffer, even if it is large enough, the
function can still fail from ENOMEM (sic!).  In that case, the
content of your buffer is not changed - in particular, if it was
uninitialized before, it may not be NUL-terminated afterwards,
inviting subsequent read buffer overruns.

On the other hand, if you do not provide your own buffer and memory
allocation fails, the function returns a pointer to a static string,
so you have no choice but to use strcmp(3) to detect the error
condition - even if you only want to print and then discard the
result, because you must free(3) the returned string on success,
but of course you must *not* free the returned error string...

Apparently, the OpenSSL folks noticed that all this is not quite ideal.
So they changed the semantics of the interface for 1.1.0, without
renaming it.  So in 1.1.0 and later, it does return NULL on failure,
as it should always have.

Consequently, here is the SIMPLEST possible, correct snippet for
using this interface in application code with a user-provided buffer:

desc = SSL_CIPHER_description(cipher, buf, sizeof(buf));
if (desc == NULL)  /* Required because we might use 1.1.0. */
warnx("SSL_CIPHER_description: buffer too small");
else if (strcmp(desc, "OPENSSL_malloc Error") == 0)
warn("SSL_CIPHER_description");
else if (strcmp(desc, "Buffer too small") == 0)
printf("%s (truncated)\n", buf);
else
puts(buf);

You might hope that using auto-alloc could be simpler, but not
much - here is the SIMPLEST possible, correct code for that case:

desc = SSL_CIPHER_description(cipher, NULL, 0);
if (desc == NULL || strcmp(desc, "OPENSSL_malloc Error") == 0)
warn("SSL_CIPHER_description");
/* We must not call free(3) here. */
else {
puts(desc);
free(desc);
}

Any lesson from this mess?  Well, you can always fix bugs in your
implementation, but PLEASE get the freaking API right the first time!

Now, should i add these two snippets as EXAMPLES to the manual
page?  We can't really hope that any programmer will get it right
without seeing the examples, or can we?

Sigh,
  Ingo



Re: Supermicro SuperServer E200-9A

2018-02-27 Thread Charlie Eddy
I would "bump" the issue for this specific case, but I think it is a very
laughable mistake to argue over the definition of new.

Rupert, I strongly suggest you actively search as quickly as possible as
Stuart suggested, or return your product. Not the first time this has
happened so don't take it personally.

It would also be cool if someone has:

1) A contact list of devs who are chill and want to program new things such
as a Supermicro
SuperServer E200-9A with an A2SDi-4C-HLN4F motherboard in it.

2) A specific recommendation for an alternative device that will provide
similar sweet functionality.

My idea of (2) is one of the following:
https://www.openbsd.org/octeon.html
https://www.openbsd.org/sgi.html
... but I could be totally wrong, I am not that smart and very busy.

Regards,
Charlie

On Tue, Feb 27, 2018 at 5:51 AM, Stuart Henderson 
wrote:

> On 2018/02/27 08:30, Rupert Gallagher wrote:
> > Not new at all.
> >
> > https://www.servethehome.com/intel-atom-c3338-benchmarks-
> why-denverton-is-so-sweet/
> >
> > https://www.servethehome.com/intel-atom-c3558-linux-
> benchmarks-and-review/
> >
> > https://www.servethehome.com/
> > intel-atom-c3958-16-core-top-end-embedded-qat-linux-
> benchmarks-and-review/
>
> Launch date q3 '17 is pretty new.
>
> > Sent from ProtonMail Mobile
> >
> >
> > On Mon, Feb 26, 2018 at 23:21, Stuart Henderson 
> wrote:
> >
> > On 2018-02-26, OpenBSD user wrote: > Hello > > I want to build a
> OpenBSD firewall. And I
> > have bought a Supermicro > SuperServer E200-9A. There is installed a
> A2SDi-4C-HLN4F
> > motherboard in it. > > I'm trying to installed OpenBSD 6.2 on it,
> but I have some problems.
> > > > First I tried to boot it from an usb stick and thought I could
> use the > installed
> > keyboard to control the installation. But under the boot > process
> and before I could type
> > "i" for install, it had turned the > keyboard off. > > Then I tried
> to control the
> > installation from the IPMI port. I can > control the installation
> through it, but when I'm
> > went to configure the > NIC's there is only a VLAN installed. Beside
> the IPMI port there is
> > also > 4 other NIC's installed on the motherboard. And I can't see
> them. I type > "done"
> > but when the installation come to the installed hdd, there is > none
> to choose between. > >
> > I have visit the manufacturer site, but there isn't any drivers to
> any *BSD. > > I have
> > googled for other who have problems, but I can't find any solutions.
> > > How do I installed
> > OpenBSD 6.2 on the E200-9A ? > > Please help. > > Thanks in advance
> > > This machine has a
> > lot of rather new hardware in (C3000 Denverton) and is really not at
> all supported yet. I
> > found a dmesg from RAMDISK_CD on one of these and it's full of
> failure starting with being
> > unable to enable acpi (so interrupt routing and other things aren't
> working), plus we
> > haven't even got skeleton pcidevs entries for most of the devices
> (ahci, nic, etc).
> > Realistically, at the moment, I'd say the best chances of getting
> this machine supported
> > are if you can get similar hardware in the hands of a developer if
> there is anyone with
> > interest, skills and time to look into it, remote debugging of a
> system in this state is
> > going to be slow and painful.. OpenBSD 6.2-current (RAMDISK_CD)
> #379: Wed Jan 24 12:58:41
> > MST 2018 dera...@amd64.openbsd.org:/usr/src/sys/al mem = 4250882048
> (4053MB) avail mem =
> > 4118294528 (3927MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev.
> 3.0 @ 0x7f0c7000 (31
> > entries) bios0: vendor American Megatrends Inc. version "1.0" date
> 08/02/2017 bios0:
> > Supermicro Super Server acpi0 at bios0: rev 2, can't enable ACPI
> cpu0 at mainbus0:
> > (uniprocessor) cpu0: Intel(R) Atom(TM) CPU C3338 @ 1.50:
> > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,
> CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,
> PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,
> CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,
> AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,
> ITSC,FSGSBASE,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,SENSOR,ARAT
> > cpu0: 2MB 64b/line 16-way L2 cache cpu0: cannot disable silicon
> debug cpu0: mwait min=64,
> > max=64, C-substates=0.2.0.2, IBE pci0 at mainbus0 bus 0 0:31:5: mem
> address conflict
> > 0xfe01/0x1000 pchb0 at pci0 dev 0 function 0 vendor "Intel",
> unknown product 0x1980 rev
> > 0x11 pchb1 at pci0 dev 4 function 0 vendor "Intel", unknown product
> 0x19a1 rev 0x11 vendor
> > "Intel", unknown product 0x19a2 (class system subclass root complex
> event, rev 0x11) at
> > pci0 dev 5 function 0 not configured ppb0 at pci0 dev 10 function 0
> vendor "Intel", unknown
> > product 0x19a5 rev 0x11 pci1 at ppb0 bus 1 ppb1 at pci0 

Re: Supermicro SuperServer E200-9A

2018-02-27 Thread Rupert Gallagher
Not new at all.

https://www.servethehome.com/intel-atom-c3338-benchmarks-why-denverton-is-so-sweet/

https://www.servethehome.com/intel-atom-c3558-linux-benchmarks-and-review/

https://www.servethehome.com/intel-atom-c3958-16-core-top-end-embedded-qat-linux-benchmarks-and-review/

Sent from ProtonMail Mobile

On Mon, Feb 26, 2018 at 23:21, Stuart Henderson  wrote:

> On 2018-02-26, OpenBSD user wrote: > Hello > > I want to build a OpenBSD 
> firewall. And I have bought a Supermicro > SuperServer E200-9A. There is 
> installed a A2SDi-4C-HLN4F motherboard in it. > > I'm trying to installed 
> OpenBSD 6.2 on it, but I have some problems. > > First I tried to boot it 
> from an usb stick and thought I could use the > installed keyboard to control 
> the installation. But under the boot > process and before I could type "i" 
> for install, it had turned the > keyboard off. > > Then I tried to control 
> the installation from the IPMI port. I can > control the installation through 
> it, but when I'm went to configure the > NIC's there is only a VLAN 
> installed. Beside the IPMI port there is also > 4 other NIC's installed on 
> the motherboard. And I can't see them. I type > "done" but when the 
> installation come to the installed hdd, there is > none to choose between. > 
> > I have visit the manufacturer site, but there isn't any drivers to any 
> *BSD. > > I have googled for other who have problems, but I can't find any 
> solutions. > > How do I installed OpenBSD 6.2 on the E200-9A ? > > Please 
> help. > > Thanks in advance > > This machine has a lot of rather new hardware 
> in (C3000 Denverton) and is really not at all supported yet. I found a dmesg 
> from RAMDISK_CD on one of these and it's full of failure starting with being 
> unable to enable acpi (so interrupt routing and other things aren't working), 
> plus we haven't even got skeleton pcidevs entries for most of the devices 
> (ahci, nic, etc). Realistically, at the moment, I'd say the best chances of 
> getting this machine supported are if you can get similar hardware in the 
> hands of a developer if there is anyone with interest, skills and time to 
> look into it, remote debugging of a system in this state is going to be slow 
> and painful.. OpenBSD 6.2-current (RAMDISK_CD) #379: Wed Jan 24 12:58:41 MST 
> 2018 dera...@amd64.openbsd.org:/usr/src/sys/al mem = 4250882048 (4053MB) 
> avail mem = 4118294528 (3927MB) mainbus0 at root bios0 at mainbus0: SMBIOS 
> rev. 3.0 @ 0x7f0c7000 (31 entries) bios0: vendor American Megatrends Inc. 
> version "1.0" date 08/02/2017 bios0: Supermicro Super Server acpi0 at bios0: 
> rev 2, can't enable ACPI cpu0 at mainbus0: (uniprocessor) cpu0: Intel(R) 
> Atom(TM) CPU C3338 @ 1.50: 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,FSGSBASE,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,SENSOR,ARAT
>  cpu0: 2MB 64b/line 16-way L2 cache cpu0: cannot disable silicon debug cpu0: 
> mwait min=64, max=64, C-substates=0.2.0.2, IBE pci0 at mainbus0 bus 0 0:31:5: 
> mem address conflict 0xfe01/0x1000 pchb0 at pci0 dev 0 function 0 vendor 
> "Intel", unknown product 0x1980 rev 0x11 pchb1 at pci0 dev 4 function 0 
> vendor "Intel", unknown product 0x19a1 rev 0x11 vendor "Intel", unknown 
> product 0x19a2 (class system subclass root complex event, rev 0x11) at pci0 
> dev 5 function 0 not configured ppb0 at pci0 dev 10 function 0 vendor 
> "Intel", unknown product 0x19a5 rev 0x11 pci1 at ppb0 bus 1 ppb1 at pci0 dev 
> 17 function 0 vendor "Intel", unknown product 0x19ab rev 0x11 pci2 at ppb1 
> bus 2 ppb2 at pci2 dev 0 function 0 "ASPEED Technology AST1150 PCI" rev 0x03 
> pci3 at ppb2 bus 3 "ASPEED Technology AST2000" rev 0x30 at pci3 dev 0 
> function 0 not configured vendor "Intel", unknown product 0x19ac (class 
> system subclass miscellaneous, rev 0x11) at pci0 dev 18 function 0 not 
> configured ahci0 at pci0 dev 19 function 0 vendor "Intel", unknown product 
> 0x19b2 rev 0x11: unable to map interrupt ahci1 at pci0 dev 20 function 0 
> vendor "Intel", unknown product 0x19c2 rev 0x11: unable to map interrupt 
> xhci0 at pci0 dev 21 function 0 vendor "Intel", unknown product 0x19d0 rev 
> 0x11: couldn't map interrupt ppb3 at pci0 dev 22 function 0 vendor "Intel", 
> unknown product 0x19d1 rev 0x11 pci4 at ppb3 bus 4 vendor "Intel", unknown 
> product 0x15e5 (class network subclass ethernet, rev 0x11) at pci4 dev 0 
> function 0 not configured vendor "Intel", unknown product 0x15e5 (class 
> network subclass ethernet, rev 0x11) at pci4 dev 0 function 1 not configured 
> ppb4 at pci0 dev 23 function 0 vendor "Intel", unknown product 0x19d2 rev 
> 0x11 pci5 at ppb4 bus 5 vendor "Intel", unknown product 0x15e5 (class network 
> subclass ethernet, rev 

Re: Supermicro SuperServer E200-9A

2018-02-27 Thread Stuart Henderson
On 2018/02/27 08:30, Rupert Gallagher wrote:
> Not new at all. 
> 
> https://www.servethehome.com/intel-atom-c3338-benchmarks-why-denverton-is-so-sweet/
> 
> https://www.servethehome.com/intel-atom-c3558-linux-benchmarks-and-review/
> 
> https://www.servethehome.com/
> intel-atom-c3958-16-core-top-end-embedded-qat-linux-benchmarks-and-review/

Launch date q3 '17 is pretty new.

> Sent from ProtonMail Mobile
> 
> 
> On Mon, Feb 26, 2018 at 23:21, Stuart Henderson  wrote:
> 
> On 2018-02-26, OpenBSD user wrote: > Hello > > I want to build a OpenBSD 
> firewall. And I
> have bought a Supermicro > SuperServer E200-9A. There is installed a 
> A2SDi-4C-HLN4F
> motherboard in it. > > I'm trying to installed OpenBSD 6.2 on it, but I 
> have some problems.
> > > First I tried to boot it from an usb stick and thought I could use 
> the > installed
> keyboard to control the installation. But under the boot > process and 
> before I could type
> "i" for install, it had turned the > keyboard off. > > Then I tried to 
> control the
> installation from the IPMI port. I can > control the installation through 
> it, but when I'm
> went to configure the > NIC's there is only a VLAN installed. Beside the 
> IPMI port there is
> also > 4 other NIC's installed on the motherboard. And I can't see them. 
> I type > "done"
> but when the installation come to the installed hdd, there is > none to 
> choose between. > >
> I have visit the manufacturer site, but there isn't any drivers to any 
> *BSD. > > I have
> googled for other who have problems, but I can't find any solutions. > > 
> How do I installed
> OpenBSD 6.2 on the E200-9A ? > > Please help. > > Thanks in advance > > 
> This machine has a
> lot of rather new hardware in (C3000 Denverton) and is really not at all 
> supported yet. I
> found a dmesg from RAMDISK_CD on one of these and it's full of failure 
> starting with being
> unable to enable acpi (so interrupt routing and other things aren't 
> working), plus we
> haven't even got skeleton pcidevs entries for most of the devices (ahci, 
> nic, etc).
> Realistically, at the moment, I'd say the best chances of getting this 
> machine supported
> are if you can get similar hardware in the hands of a developer if there 
> is anyone with
> interest, skills and time to look into it, remote debugging of a system 
> in this state is
> going to be slow and painful.. OpenBSD 6.2-current (RAMDISK_CD) #379: Wed 
> Jan 24 12:58:41
> MST 2018 dera...@amd64.openbsd.org:/usr/src/sys/al mem = 4250882048 
> (4053MB) avail mem =
> 4118294528 (3927MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.0 @ 
> 0x7f0c7000 (31
> entries) bios0: vendor American Megatrends Inc. version "1.0" date 
> 08/02/2017 bios0:
> Supermicro Super Server acpi0 at bios0: rev 2, can't enable ACPI cpu0 at 
> mainbus0:
> (uniprocessor) cpu0: Intel(R) Atom(TM) CPU C3338 @ 1.50:
> 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,FSGSBASE,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,SENSOR,ARAT
> cpu0: 2MB 64b/line 16-way L2 cache cpu0: cannot disable silicon debug 
> cpu0: mwait min=64,
> max=64, C-substates=0.2.0.2, IBE pci0 at mainbus0 bus 0 0:31:5: mem 
> address conflict
> 0xfe01/0x1000 pchb0 at pci0 dev 0 function 0 vendor "Intel", unknown 
> product 0x1980 rev
> 0x11 pchb1 at pci0 dev 4 function 0 vendor "Intel", unknown product 
> 0x19a1 rev 0x11 vendor
> "Intel", unknown product 0x19a2 (class system subclass root complex 
> event, rev 0x11) at
> pci0 dev 5 function 0 not configured ppb0 at pci0 dev 10 function 0 
> vendor "Intel", unknown
> product 0x19a5 rev 0x11 pci1 at ppb0 bus 1 ppb1 at pci0 dev 17 function 0 
> vendor "Intel",
> unknown product 0x19ab rev 0x11 pci2 at ppb1 bus 2 ppb2 at pci2 dev 0 
> function 0 "ASPEED
> Technology AST1150 PCI" rev 0x03 pci3 at ppb2 bus 3 "ASPEED Technology 
> AST2000" rev 0x30 at
> pci3 dev 0 function 0 not configured vendor "Intel", unknown product 
> 0x19ac (class system
> subclass miscellaneous, rev 0x11) at pci0 dev 18 function 0 not 
> configured ahci0 at pci0
> dev 19 function 0 vendor "Intel", unknown product 0x19b2 rev 0x11: unable 
> to map interrupt
> ahci1 at pci0 dev 20 function 0 vendor "Intel", unknown product 0x19c2 
> rev 0x11: unable to
> map interrupt xhci0 at pci0 dev 21 function 0 vendor "Intel", unknown 
> product 0x19d0 rev
> 0x11: couldn't map interrupt ppb3 at pci0 dev 22 function 0 vendor 
> "Intel", unknown product
> 0x19d1 rev 0x11 pci4 at ppb3 bus 4 vendor "Intel", unknown product 0x15e5 
> (class network
> subclass ethernet, rev 0x11) at pci4 

Re: Queuing faster than 4 Gbps

2018-02-27 Thread BARDOU Pierre
Hello,

I reached this conclusion like Stuart says : if I configure a bandwidth above 
4G, like for instance 50, pfctl says "number too big".
I checked in parse.y, the limit is UINT_MAX.

If I use 5G instead, it parses OK, but pfctl -sq shows another number. I guess 
50 - UINT_MAX.

By the way, with this hardware (dmesg below) I can only get around 2.5 Gbps of 
firewalled traffic (around 350 kpps)...
If you have some tuning advices to pump that up, that would be great.
I only tuned ifq.maxlen to 8192 and qlimit to the same value.


OpenBSD 6.2 (GENERIC.MP) #5: Fri Feb  2 23:02:19 CET 2018

r...@syspatch-62-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4108201984 (3917MB)
avail mem = 3976663040 (3792MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xb7fcb000 (82 entries)
bios0: vendor HP version "P80" date 04/02/2015
bios0: HP ProLiant DL320e Gen8 v2
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP SPCR MCFG HPET  SPMI ERST APIC  BERT HEST DMAR 
 SSDT SSDT SSDT SSDT SSDT
acpi0: wakeup devices PCI0(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimcfg0 at acpi0 addr 0xb800, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) CPU E3-1271 v3 @ 3.60GHz, 3592.17 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: TSC frequency 3592174860 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Xeon(R) CPU E3-1271 v3 @ 3.60GHz, 3591.68 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Xeon(R) CPU E3-1271 v3 @ 3.60GHz, 3591.68 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Xeon(R) CPU E3-1271 v3 @ 3.60GHz, 3591.68 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 0, core 3, package 0
ioapic0 at mainbus0: apid 8 pa 0xfec0, version 20, 24 pins
, remapped to apid 8
acpiprt0 at acpi0: bus 10 (IPT1)
acpiprt1 at acpi0: bus -1 (IPT2)
acpiprt2 at acpi0: bus -1 (IPT3)
acpiprt3 at acpi0: bus -1 (IPT4)
acpiprt4 at acpi0: bus -1 (IPT5)
acpiprt5 at acpi0: bus 3 (IPT6)
acpiprt6 at acpi0: bus -1 (IPT7)
acpiprt7 at acpi0: bus 1 (IPT8)
acpiprt8 at acpi0: bus 4 (PT02)
acpiprt9 at acpi0: bus 7 (PT03)
acpiprt10 at acpi0: bus 2 (PT04)
acpiprt11 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0: C1(1000@1 mwait.1)
acpicpu1 at acpi0: C1(1000@1 mwait.1)
acpicpu2 at acpi0: C1(1000@1 mwait.1)
acpicpu3 at acpi0: C1(1000@1 mwait.1)
acpitz0 at acpi0: critical temperature is 31 degC
"IPI0001" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0F13" at acpi0 not configured
"ACPI000D" at acpi0 not configured
ipmi at mainbus0 not configured
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Xeon E3-1200 v3 Host" rev 0x06
ppb0 at pci0 dev 1 function 0 "Intel Core 4G PCIE" rev 0x06: msi
pci1 at ppb0 bus 4
ciss0 at pci1 dev 0 function 0 "Hewlett-Packard Smart Array" rev 0x01: apic 8 
int 16
ciss0: 1 LD, HW rev 1, FW 6.64/6.64, 64bit fifo rro
scsibus1 at ciss0: 1 targets
sd0 at scsibus1 targ 0 lun 0:  SCSI3 0/direct fixed
sd0: 139979MB, 

Re: httpd howto redirect port 80 to 443 in vm

2018-02-27 Thread Solène Rapenne

Le 2018-02-27 07:58, Mischa Peters a écrit :

On 27 Feb 2018, at 05:04, niya  wrote:

hi
using vmd in openbsd 6.2
and following 
http://thecyberrecce.net/2017/01/15/secure-webservers-with-openbsd-6-0-setting-up-httpd-mariadb-and-php/

i have setup openbsd running a webserver
everything installed and the webserver works via port 80 and 443.
i can access the webserver from a remote client by browsing to the ip 
of the host machine and redirecting to the vm address and port using 
pf.
i tried to setup port 80 redirection to port 443 so that all all 
access is over HTTPS, when i use http://host ip, i am redirected to 
https://default/
how do i get the webserver to redirect to the ip address of the host 
machine?


my httpd.conf

server "default" {
listen on $ext_addr port 80 block return 301 
"https://$SERVER_NAME$REQUEST_URI;

#   listen on $ext_addr port 80
listen on $ext_addr tls port 443
tls {
key "/etc/ssl/private/server.key"
certificate "/etc/ssl/server.crt"
}
directory {
index "index.php"
}
location "*.php" {
fastcgi socket "/run/php-fpm.sock"
}


shadrock


Hi,

$SERVER_NAME uses the name you have specified at ‘server “default”’
which is “default” in this case.

Mischa


Exactly, $HTTP_HOST should be used instead of $SERVER_NAME for what
you want to do.



Re: gif(4) changes vs tunnelbroker

2018-02-27 Thread David Gwynne


> On 27 Feb 2018, at 4:10 am, Pavel Korovin  wrote:
> 
> Dear all,
> 
> After upgrading several hosts to -current I noticed that all my IPv6 tunnels
> via tunnelbroker stopped working. Recently introduced changes to gif(4) 
> (since 
> late December 2017) are too complex for me to grasp, maybe anybody on the list
> can advise.

hi pavel,

there was a window where gif only allowed configuration of the tunnel 
parameters while the interface was down, but still implicitly brought the 
interface up when addresses were configured. a lot of gif configs (or tunnel 
configs generally) have the ips set before the tunnel, so they'd go up, and 
then prevent configuration.

this has been fixed in -current, but a snap with the fix may not have made it 
out.

if this isn't the problem, can you send me your config and the state of the gif 
interfaces that are at fault and i'll see what else i broke.

cheers,
dlg

> 
> -- 
> With best regards,
> Pavel Korovin
> 



Re: httpd howto redirect port 80 to 443 in vm

2018-02-27 Thread Mischa Peters

> On 27 Feb 2018, at 05:04, niya  wrote:
> 
> hi
> using vmd in openbsd 6.2
> and following 
> http://thecyberrecce.net/2017/01/15/secure-webservers-with-openbsd-6-0-setting-up-httpd-mariadb-and-php/
> i have setup openbsd running a webserver
> everything installed and the webserver works via port 80 and 443.
> i can access the webserver from a remote client by browsing to the ip of the 
> host machine and redirecting to the vm address and port using pf.
> i tried to setup port 80 redirection to port 443 so that all all access is 
> over HTTPS, when i use http://host ip, i am redirected to https://default/
> how do i get the webserver to redirect to the ip address of the host machine?
> 
> my httpd.conf
> 
> server "default" {
> listen on $ext_addr port 80 block return 301 
> "https://$SERVER_NAME$REQUEST_URI;
> #   listen on $ext_addr port 80
> listen on $ext_addr tls port 443
> tls {
> key "/etc/ssl/private/server.key"
> certificate "/etc/ssl/server.crt"
> }
> directory {
> index "index.php"
> }
> location "*.php" {
> fastcgi socket "/run/php-fpm.sock"
> }
> 
> 
> shadrock

Hi,

$SERVER_NAME uses the name you have specified at ‘server “default”’ which is 
“default” in this case. 

Mischa