Re: Syncing unbound.conf

2019-07-26 Thread Vijay Sankar 



Quoting Stuart Henderson :

No - you wouldn't do it with Unbound which is a *recursive* DNS  
server, you would use an authoritative one like NSD, PowerDNS, Knot  
or BIND. All you would do with Unbound is use stub-zone to point it  
at an authoritative server.


--
 Sent from a phone, apologies for poor formatting.
On 26 July 2019 11:05:44 Flipchan  wrote:
Can you link to any guides or pratical howtos on how to pratically  
do that with unbound ?


Thanks


On July 25, 2019 9:32:29 PM GMT+03:00, Stuart Henderson  
 wrote:

On 2019-07-25, Flipchan  wrote:

Greetings everyone,

Does anyone have a good solution for syncing unbound configuration files?


i have the senario where i have two internal LAN's that in two  
different offices that need to have the same internal
dns system for the local systems, and there is a lot of changes  
being done in the internal zone records so i need
a good way to sync them(the ideal way where to have a similar  
solution like mysql's master-master replication).


Both dns resolvers are running unbound on openbsd 6.5 and right now  
the configuration file is synced with ansible.
Does anyone have a good solution on replicating dns records/configs  
for unbound. In the future it will be scaled
even more so right now is a good time to implement some replication  
for the unbound configs.


Does anyone have a solution for this?

There is people changing the config files on both instances so the  
ideal way would be a replication real time sync function.


Anyone got any ideas?


Thanks in advance
Ciao
flipchan


If multiple sites are updating records in the same internal zone at various
times, they would probably be better off with a normal  
authoritative DNS server
serving that zone (with e.g. stub-zone to point unbound at it),  
editing it in

one place, and using normal DNS replication (zone-transfer and notify)
to push the updates.


--
Sent from my Android device with K-9 Mail. Please excuse my brevity.


I have two locations (foretell.ca and lab.foretell.ca) and for quite a  
while used NSD and Unbound. But switched to the following approach  
(however my use case is very simple and my networks are small, but it  
works well for me)


My unbound.conf on four DNS servers have

include: "/var/unbound/etc/zonedata"

I then set up a simple zonedata file on one server with stuff such as:

local-zone: "foretell.ca." static
.
.
local-zone: "lab.foretell.ca." static
.
.
local-zone: "0.0.10.in-addr.arpa." static
.
.
local-zone: "3.72.10.in-addr.arpa." static
.
.
etc. etc.

Changes to zonedata reflect changes at both locations. Then I just  
have a rsync process running a few times a day that does the following:


fr1s1.foretell.ca# more dnsupdate.sh
rsync -av zonedata 10.0.0.1:/var/unbound/etc/
rsync -av zonedata 10.0.0.3:/var/unbound/etc/
rsync -av zonedata 10.72.3.1:/var/unbound/etc/
rsync -av zonedata 10.72.3.3:/var/unbound/etc/
ssh 10.0.0.1 /etc/rc.d/unbound restart
ssh 10.0.0.3 /etc/rc.d/unbound restart
ssh 10.72.3.1 /etc/rc.d/unbound restart
ssh 10.72.3.3 /etc/rc.d/unbound restart

Obviously I am not sure if this will scale for your requirements but  
mentioning this just in case it helps.


Vijay


--
ForeTell Technologies Limited
59 Flamingo Avenue
Winnipeg, MB, Canada
R3J 0X6

Re: When will be created a great desktop experience for OpenBSD?

2019-05-07 Thread Vijay Sankar 

On 5/7/19 5:23 PM, ropers wrote:

Tangentially related: Does anyone here routinely use the default fvwm?

Now for a really noobish question: Those that do, do you also launch
graphical apps by typing something like this in xterm:

$ firefox > /dev/null 2>&1 &

or do you normally do something else that I've totally overlooked?

(Again, this is about how people use stock default fvwm. If your
answer begins with "install $this_other_launcher", it's probably not
what I'm looking for, but thanks anyway.)


Hi,

I used to be a fvwm user and then a KDE user but my lack of ability to 
change the time to show anything other than UTC in KDE4 made me change 
back to fvwm.


Except for a few systems (for ex. system from which I sending this 
email), I usually use .fvwmrc with


AddToMenu CommandMenu "Command Menu"  Title
+   "Xterm" exec xterm &
+   "Firefox"   exec firefox &
+   "Calculator"    exec xcalc &
+   "Restart fvwm"  Restart fvwm
+   "Start cwm" Restart cwm
+   "Lock Screen"   exec xlock &
+   "Logout"    FvwmForm QuitVerify

It seems to work the best for me.

Vijay

--
Vijay Sankar
ForeTell Technologies Limited
vsan...@foretell.ca

Re: One-shot upgrade script

2019-04-25 Thread Vijay Sankar 



On 4/25/19 8:42 AM, Vijay Sankar wrote:

On 4/25/19 2:07 AM, Remco wrote:

On 25-04-19 01:02, Christian Weisgerber wrote:

I don't remember if I ever posted it, but I've been using an "upgrade"
script to download bsd.rd, verify it, move it to /bsd, and reboot.
With florian@'s additions in -current, I have now extended the
script to download the sets and kick off an unattended upgrade.

In the best case, you simply run
# ./upgrade
and the machine will upgrade itself without any further intervention.

 


#!/bin/sh -e


..

cp bsd.rd /bsd.upgrade

..

I don't think this matches your description.


Tested it on a system running

OpenBSD 6.4 (GENERIC.MP) #9: Tue Mar 26 19:21:43 CET 2019

s2# sh ./upgrade.sh
Trying 151.101.186.217...
Requesting https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/SHA256.sig
100% |**| 2141   
00:00

2141 bytes received in 0.01 seconds (199.89 KB/s)
Signature Verified
Trying 151.101.186.217...
Requesting 
https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/INSTALL.amd64
100% |**| 43409   
00:00

43409 bytes received in 0.08 seconds (533.49 KB/s)
Trying 151.101.186.217...

If I do a boot /bsd.upgrade, the upgrade process completes without any 
further user intervention. If I don't do anything, system boots back 
into 6.4 #9.


On a -current system running

kern.version=OpenBSD 6.5-current (GENERIC.MP) #16: Sun Apr 21 19:25:15 
MDT 2019

dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

the upgrade process continued without any user intervention for the 
initial part. Unfortunately, I have one 4TB drive (sd0, disabled in 
BIOS drive priorities) and four SSD drives on this system (sd1 to sd4) 
on this test system and -current was on /dev/sd2. Even though the BIOS 
was set to boot with sd2 first, /bsd.upgrade seems to boot /dev/sd1. 
Because I am using this test system to test AD functionality with the 
new Samba, I had to muck around with the different drives. So this 
failure was probably due to some stupid thing I was doing with bios 
settings.


I will work further and report back to the list and naddy@

Thanks again for the script,

Vijay

Works perfectly on new snapshots, on normal systems. My failed tests 
were all on various systems where I had built non-standard stuff to see 
if I could extend functionality of different ports and packages beyond 
normal usage. Sorry about the noise.


Here is a log of a successful upgrade from snapshot #3 to #25 using 
naddy's script.


vijay.lab.foretell.ca# sysctl kern.version; sh ./upgrade.sh

kern.version=OpenBSD 6.5 (GENERIC.MP) #3: Sat Apr 13 14:48:43 MDT 2019
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

Trying 128.100.17.240...
Requesting 
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/SHA256.sig

2141 bytes received in 0.00 seconds (9.92 MB/s)
Signature Verified
Trying 128.100.17.240...
Requesting 
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/INSTALL.amd64

43409 bytes received in 0.07 seconds (598.89 KB/s)
Trying 128.100.17.240...
Requesting 
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/base65.tgz

213977837 bytes received in 20.99 seconds (9.72 MB/s)
Trying 128.100.17.240...
Requesting https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/bsd
15959308 bytes received in 5.26 seconds (2.89 MB/s)
Trying 128.100.17.240...
Requesting https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/bsd.mp
16049826 bytes received in 5.12 seconds (2.99 MB/s)
Trying 128.100.17.240...
Requesting https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/bsd.rd
10224716 bytes received in 3.95 seconds (2.47 MB/s)
Trying 128.100.17.240...
Requesting 
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/comp65.tgz

73651367 bytes received in 11.86 seconds (5.92 MB/s)
Trying 128.100.17.240...
Requesting 
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/game65.tgz

2807176 bytes received in 1.77 seconds (1.51 MB/s)
Trying 128.100.17.240...
Requesting 
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/man65.tgz

7567426 bytes received in 3.54 seconds (2.04 MB/s)
Trying 128.100.17.240...
Requesting 
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/xbase65.tgz

20621824 bytes received in 6.11 seconds (3.22 MB/s)
Trying 128.100.17.240...
Requesting 
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/xfont65.tgz

40286621 bytes received in 15.88 seconds (2.42 MB/s)
Trying 128.100.17.240...
Requesting 
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/xserv65.tgz

16734155 bytes received in 5.23 seconds (3.05 MB/s)
Trying 128.100.17.240...
Requesting 
https://openbsd.cs.toronto.edu/pub/OpenBSD/snapshots/amd64/xshare65.tgz

4554652 bytes received in 2.40 seconds (1.81 MB/s)
Signature Verified
INSTALL.amd64: OK
base65.tgz: OK
bsd: OK

Re: One-shot upgrade script

2019-04-25 Thread Vijay Sankar 

On 4/25/19 2:07 AM, Remco wrote:

On 25-04-19 01:02, Christian Weisgerber wrote:

I don't remember if I ever posted it, but I've been using an "upgrade"
script to download bsd.rd, verify it, move it to /bsd, and reboot.
With florian@'s additions in -current, I have now extended the
script to download the sets and kick off an unattended upgrade.

In the best case, you simply run
# ./upgrade
and the machine will upgrade itself without any further intervention.


#!/bin/sh -e


..

cp bsd.rd /bsd.upgrade

..

I don't think this matches your description.


Tested it on a system running

OpenBSD 6.4 (GENERIC.MP) #9: Tue Mar 26 19:21:43 CET 2019

s2# sh ./upgrade.sh
Trying 151.101.186.217...
Requesting https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/SHA256.sig
100% |**| 2141   00:00
2141 bytes received in 0.01 seconds (199.89 KB/s)
Signature Verified
Trying 151.101.186.217...
Requesting https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/INSTALL.amd64
100% |**| 43409   00:00
43409 bytes received in 0.08 seconds (533.49 KB/s)
Trying 151.101.186.217...

If I do a boot /bsd.upgrade, the upgrade process completes without any 
further user intervention. If I don't do anything, system boots back 
into 6.4 #9.


On a -current system running

kern.version=OpenBSD 6.5-current (GENERIC.MP) #16: Sun Apr 21 19:25:15 
MDT 2019

dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

the upgrade process continued without any user intervention for the 
initial part. Unfortunately, I have one 4TB drive (sd0, disabled in BIOS 
drive priorities) and four SSD drives on this system (sd1 to sd4) on 
this test system and -current was on /dev/sd2. Even though the BIOS was 
set to boot with sd2 first, /bsd.upgrade seems to boot /dev/sd1. Because 
I am using this test system to test AD functionality with the new Samba, 
I had to muck around with the different drives. So this failure was 
probably due to some stupid thing I was doing with bios settings.


I will work further and report back to the list and naddy@

Thanks again for the script,

Vijay

--
Vijay Sankar
ForeTell Technologies Limited
vsan...@foretell.ca

Re: samba : snapshots of 6.5

2019-04-15 Thread Vijay Sankar 

On 4/15/19 8:38 AM, Hrvoje Popovski wrote:

On 14.4.2019. 20:10, Tuyosi T wrote:

hi all .

the samba of snapshots does not start .

dell# /etc/rc.d/samba start
  smbd(timeout)


I have similar problem with samba after upgrade to 4.8.11, smbd timeouts
but it starts.

# rcctl stop samba
nmbd(ok)
smbd(ok)

# rcctl start samba
smbd(timeout)

# ps auxw | grep mbd
root 88754  0.0  0.1  1740  6040 ??  Ss 3:33PM0:00.02
/usr/local/sbin/smbd -D
root 48917  0.0  0.0  1616  2260 ??  S  3:33PM0:00.01
/usr/local/sbin/smbd -D
root 47827  0.0  0.0  1616  1832 ??  S  3:33PM0:00.00
/usr/local/sbin/smbd -D


and if i execute rcctl start samba once again nmbd start normally
# rcctl start samba
nmbd(ok)

# ps auxw | grep mbd
root 88754  0.0  0.1  1740  6040 ??  Ss 3:33PM0:00.02
/usr/local/sbin/smbd -D
root 47827  0.0  0.0  1616  1832 ??  S  3:33PM0:00.00
/usr/local/sbin/smbd -D
root 48917  0.0  0.0  1616  2260 ??  S  3:33PM0:00.01
/usr/local/sbin/smbd -D
root 79668  0.0  0.0  1464  2580 ??  Ss 3:34PM0:00.04
/usr/local/sbin/nmbd -D

I have not had this problem with Samba (running samba-4.8.11p0 as a 
standalone file server). Starts and Restarts are visibly slower than the 
corresponding 6.4 installation running samba-4.8.5p1. Probably not a 
proper comparison since the 6.4 stats are from my laptop and 6.5 stats 
are from a SuperMicro server. dmesg for both systems are below in case 
it is of any relevance. If there are any config changes etc., that I can 
test please let me know.


current# time /etc/rc.d/samba start
smbd(ok)
nmbd(ok)
    0m30.59s real 0m30.36s user 0m00.07s system

current# time /etc/rc.d/samba restart
nmbd(ok)
smbd(ok)
smbd(ok)
nmbd(ok)
    0m31.54s real 0m31.19s user 0m00.15s system

current# time /etc/rc.d/samba stop
nmbd(ok)
smbd(ok)
    0m00.68s real 0m00.60s user 0m00.05s system

Here are the stats from 6.4 running stock Samba.

fla1# time /etc/rc.d/samba start
smbd(ok)
nmbd(ok)
    0m00.92s real 0m00.66s user 0m00.17s system

fla1# time /etc/rc.d/samba restart
nmbd(ok)
smbd(ok)
smbd(ok)
nmbd(ok)
    0m01.43s real 0m01.08s user 0m00.35s system

fla1# time /etc/rc.d/samba stop
nmbd(ok)
smbd(ok)
    0m00.58s real 0m00.39s user 0m00.13s system

dmesg from 6.5 snapshot

current# dmesg
OpenBSD 6.5 (GENERIC.MP) #3: Sat Apr 13 14:48:43 MDT 2019
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 16976637952 (16190MB)
avail mem = 16452501504 (15690MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.0 @ 0x7fb77000 (61 entries)
bios0: vendor American Megatrends Inc. version "2.0a" date 03/09/2017
bios0: Supermicro Super Server
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP APIC FPDT FIDT SPMI MCFG HPET LPIT SSDT SSDT 
SSDT DBGP DBG2 SSDT UEFI SSDT DMAR EINJ ERST BERT HEST
acpi0: wakeup devices PEGP(S4) PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4) 
PEG2(S4) PXSX(S4) RP09(S4) PXSX(S4) RP10(S4) PXSX(S4) RP11(S4) PXSX(S4) 
RP12(S4) PXSX(S4) RP13(S4) [...]

acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) CPU E3-1240 v5 @ 3.50GHz, 3501.44 MHz, 06-5e-03
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN

cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 23MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Xeon(R) CPU E3-1240 v5 @ 3.50GHz, 3499.98 MHz, 06-5e-03
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN

cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Xeon(R) CPU E3-1240 v5 @ 3.50GHz, 3499.98 MHz, 06-5e-03
cpu2:

Re: Core Dev?

2018-12-03 Thread Vijay Sankar 
Well, (sorry if this is too much information) my kid started using 
OpenBSD at a very young age due to Antoine's gCompris package 10 or more 
years ago. Also, there is the very useful subscription for stable 
packages at mtier.org. So unless Theo de Raadt or Antoine Jacoutot say 
otherwise, I would think he is a core developer.


On 12/3/18 6:17 PM, Ahmad Bilal wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Can anyone tell me,
Is Antoine Jacoutot a core openbsd developer?

And this is his account (not a impersonator?)
https://github.com/ajacoutot/aws-openbsd

Should I take it as a official way of running OpenBSD on AWS?

Sent with ProtonMail Secure Email.
-BEGIN PGP SIGNATURE-
Version: ProtonMail
Comment: https://protonmail.com

wsBcBAEBCAAQBQJcBceOCRD3irc5ItUgGgAAngIIAJVEZINkE1Md0/OGKeOQ
FX9BLNsAvLsmKZUEHIV4XnyM2kGe2kK/1uxfbboYD7oK6qnekVIDxRB4KjXz
xjhdRzlRkqS50DKFgmVT5z2FN34nDgdLRq3K+vO24jpYAWVYrrrgLsZkqpHp
YfNpOU1pMraiVWKWxEm1K8sqrIraunJoXU1DeBwsRveIm9W8lQhrakOK5w/A
LP7NegSZljctRmTvLDkSwkgdR9mH18y/DFAjj+TlA3oLNB+EkKGRgBxuEddb
BgoAU+9+PSgpoAUGXeWGlp/Q0caUP7lM/VlovbBJF8l+1uEZtc1euwtw8fo/
+cxZXDiMzDbouZAvSqG/60E=
=5R2I
-END PGP SIGNATURE-


--
Vijay Sankar
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Monitoring system

2018-10-05 Thread Vijay Sankar 

Hi,

I am experimenting with librenms at the moment but currently using  
Postgres for Zabbix with the following packages:


zabbix-agent-3.4.8p0 network and application monitoring - agent
zabbix-server-3.4.8-pgsql network and application monitoring - server
zabbix-web-3.4.8p1  network and application monitoring - web frontend
php-7.0.30p10   server-side HTML-embedded scripting language
php-gd-7.0.30p9 image manipulation extensions for php
php-mcrypt-7.0.30p8 mcrypt encryption/decryption extensions for php
php-pgsql-7.0.30p8  pgsql database access extensions for php
php-xmlrpc-7.0.30p8 XML RPC functions for php

It may be with zabbix-mysql (or may be something else) but I vaguely  
recall that you have to use php-mysqli.


Vijay

Quoting flipchan :

Hey how did everyone get zabbix running I tried the zabbix MySQL  
with the zabbix web on 6.2 but I get a database connection error in  
the php , I assume the php can't read the config


On October 5, 2018 4:43:05 AM UTC, Tony Boston  wrote:

I am using Icinga2 on all our machines - you'll find it in packages and
the newest version you'll get with OpenBSD 6.4

On 10/05/18 05:09, Tom Smyth wrote:

Both of of the ones I emailed to you are in ports

also there is pmmact by the Legend paulo Lucende
that can aggregate and convert multiple logs to different formats
worth having a look at that also ...
On Fri, 5 Oct 2018 at 04:08, Tom Smyth 

wrote:



Librenms would be worth a look i believe it has email alerting
and snmp support needs php and mysql
Zabbix   ...havent used this one but it has monitoring functionality

...

If you are monitoring alot of systems, make sure your storage can
cope with alot of I/O or you will see annoying gaps in your graphs
so use SSDs and make sure that when formatting the system
that you align with 1MB offset ...  2048 sectors  (instead the

default

64 bytes)

Peace
Tom Smyth


On Thu, 4 Oct 2018 at 23:57, flipchan  wrote:


Greetings all,

I need to install a monitoring system with email notifications, I

have used mmonit which is great but it's a little too pricey for
personal use.


Can anyone recommend a open source monitoring system that support

email notifications and monitoring of multiple hosts running openbsd.



Something more modern then nagios would be great, I just need it to

work so as long as it supports email notifications and monitoring of
more then one host it's good



Thanks in advance



--
Take Care Sincerely flipchan layerprox dev




--
Kindest regards,
Tom Smyth

Mobile: +353 87 6193172
The information contained in this E-mail is intended only for the
confidential use of the named recipient. If the reader of this

message

is not the intended recipient or the person responsible for
delivering it to the recipient, you are hereby notified that you

have

received this communication in error and that any review,
dissemination or copying of this communication is strictly

prohibited.

If you have received this in error, please notify the sender
immediately by telephone at the number above and erase the message
You are requested to carry out your own virus check before
opening any attachment.






--
GPG-KEY: 0x5C5C239D81121B35
GPG-FP:  49CC8250 CDCF2183 6209C1AE 625677C1 F7783D5F
Threema: DN8PJX4Z


--
Take Care Sincerely flipchan layerprox dev



--
Vijay Sankar
ForeTell Technologies Limited
59 Flamingo Avenue
Winnipeg, MB, Canada
R3J 0X6

Re: roundcube installation php modules

2018-07-10 Thread Vijay Sankar 
Sorry to interject -- just wondering if you read the instructions  
towards the bottom in /usr/local/share/doc/pkg-readmes for php-5.6. It  
specifically says


# cd /etc/php-5.6.sample
# for i in *; do ln -sf ../php-5.6.sample/$i ../php-5.6/; done

HTH,

Vijay

Quoting Teno Deuter :


actually I had to define the absolute path to the module. After doing
this it did work!

I still have the issue with Imagick though! There is no module for
that in OpenBSD repository as it's already integrated in php -
correct? In that case should I ignore that?

Thank you

On Tue, Jul 10, 2018 at 2:30 PM, Teno Deuter  wrote:

sorry forgot to mention that after doing the below changes I did
restart the server!

Thank you

On Tue, Jul 10, 2018 at 2:29 PM, Teno Deuter  wrote:

here are my current extension settings in php-5.6.ini:

;extension=php_bz2.dll
;extension=php_curl.dll
;extension=php_fileinfo.dll

extension=php_gd2.dll

;extension=php_gettext.dll
;extension=php_gmp.dll

extension=php_intl.dll

;extension=php_imap.dll
;extension=php_interbase.dll
;extension=php_ldap.dll
;extension=php_mbstring.dll
;extension=php_exif.dll  ; Must be after mbstring as it depends on it
;extension=php_mysql.dll
;extension=php_mysqli.dll
;extension=php_oci8_12c.dll  ; Use with Oracle Database 12c Instant Client
;extension=php_openssl.dll
;extension=php_pdo_firebird.dll
;extension=php_pdo_mysql.dll
;extension=php_pdo_oci.dll
;extension=php_pdo_odbc.dll
;extension=php_pdo_pgsql.dll

extension=php_pdo_sqlite.dll

;extension=php_pgsql.dll
;extension=php_shmop.dll
;extension=php_soap.dll
;extension=php_sockets.dll

extension=php_sqlite3.dll

;extension=php_sybase_ct.dll
;extension=php_tidy.dll
;extension=php_xmlrpc.dll
;extension=php_xsl.dll

but nothing happens. I still get the same error in the first  
installer step.


Thank you

On Tue, Jul 10, 2018 at 2:07 PM,   wrote:

Have you altered your php.ini to load the extensions and restart php-fpm?
On Jul 10, 2018 7:00 AM, Teno Deuter  wrote:


Dear list,

in a OpenBSD 6.3 machine I run httpd and opensmptd and try to intall
roundcubemail 1.3.5 from the OpenBSD packages repository.

When running the installer, in the first page, I get following warnings:

FileInfo:  OK
Libiconv:  OK
Intl:  NOT AVAILABLE(See http://www.php.net/manual/en/book.intl.php)
Exif:  OK
LDAP:  NOT AVAILABLE(See http://www.php.net/manual/en/book.ldap.php)
GD:  NOT AVAILABLE(See http://www.php.net/manual/en/book.image.php)
Imagick:  NOT AVAILABLE(See  
http://www.php.net/manual/en/book.imagick.php)


but pkg_info shows:

php-gd-5.6.34   image manipulation extensions for php
php-intl-5.6.34 intl library support for php

and I think php-imagick is already part of the php OpenBSD package.

Why do I get the above warnings?

Also, in the second installation page I get the following:

Mimetype to file extension mapping:  NOT OK

but in httpd.conf, on the top of the file, I have the following entry:

types { include "/usr/share/misc/mime.types" }

Thank you







Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Is Intel PRO/1000 CT Desktop Adapter supported on amd64?

2018-06-27 Thread Vijay Sankar 



Quoting John Long :


I found a lot of PRO/1000 adapters listed in the em driver man page but
CT version is not included.

Does anybody know?

Thanks

/jl


Since the CT version uses the Intel 82574L Controller, I think it will work.

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: KDE-apps okular, kmahjongg

2018-06-25 Thread Vijay Sankar 
15 drmioctl+0xf9
#16 VOP_IOCTL+0x5a
#17 vn_ioctl+0x6b
#18 sys_ioctl+0x477
lock order reversal:
 1st 0xff039f1e0198 vmmaplk (>lock) @
/usr/src/sys/uvm/uvm_fault.c:1441
 2nd 0x80120138 drmdevlk (>struct_mutex) @
/usr/src/sys/dev/pci/drm/i915/i915_gem.c:1801
lock order ">struct_mutex"(rwlock) -> ">lock"(rwlock) first
seen at:
#0  witness_checkorder+0x4c0
#1  _rw_enter+0x68
#2  vm_map_lock_ln+0xbc
#3  uvm_map+0x1a1
#4  uvm_km_valloc+0x6c
#5  vmap+0x36
#6  vmap_batch+0xeb
#7  i915_parse_cmds+0x15d
#8  i915_gem_execbuffer2+0x1032
#9  drm_do_ioctl+0x221
#10 drmioctl+0xf9
#11 VOP_IOCTL+0x5a
#12 vn_ioctl+0x6b
#13 sys_ioctl+0x477
#14 syscall+0x32a
#15 Xsyscall_untramp+0xe4
lock order ">lock"(rwlock) -> ">struct_mutex"(rwlock) first
seen at:
#0  witness_checkorder+0x4c0
#1  _rw_enter_write+0x53
#2  i915_gem_object_wait_rendering__nonblocking+0x1fa
#3  i915_gem_fault+0x144
#4  drm_fault+0x18a
#5  uvm_fault+0x743
#6  pageflttrap+0x14c
#7  trap+0x2b6
#8  recall_trap+0x8


Only additional thing I have in /etc/rc.conf.local is

multicast=YES

All KDE seems to work fine here (-current from June 21, 2018)



Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Partitioning recommendations for 6.3?

2018-06-25 Thread Vijay Sankar 



Quoting John Long :


On Mon, 2018-06-25 at 09:25 -0500, Vijay Sankar wrote:

Quoting John Long :

> Been a while and don't have my other OpenBSD boxes accessible.
>
> What are the recommended partitions and appropriate sizes for
> people
> who want to track stable and possibly build the whole ports tree?
>
> Thanks,
>
> /jl

However, for the past year or so, I have had to increase the size of
/usr to 6G and /usr/local to 20G to build all the packages.


I can't remember now.. ports go under /usr/local, correct? What goes in
/usr that would require 6G?

Thanks,

/jl


Here is my df -h output -- Just as an FYI I was testing some  
workarounds for the samba virusfilter issue and then made some  
mistakes that screwed up KDE etc. So decided to build it from scratch  
and have about 5000 packages built right now with the following disk  
usage.


$ df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd0a 1005M102M852M11%/
/dev/sd0l  3.9G1.8G2.0G48%/builds
/dev/sd0k  127G1.3G119G 1%/home
/dev/sd0d  3.9G7.2M3.7G 0%/tmp
/dev/sd0f  5.9G1.9G3.8G33%/usr
/dev/sd0g  2.0G185M1.7G10%/usr/X11R6
/dev/sd0h 19.7G9.4G9.3G50%/usr/local
/dev/sd0j  5.9G3.3G2.3G59%/usr/obj
/dev/sd0i  2.0G990M929M52%/usr/src
/dev/sd0e 31.5G   57.9M   29.9G 0%/var
/dev/sd0m  243G   83.7G147G36%/usr/ports

Reason why I had to increase /usr from the default 2G to 6G was  
because I tend to build -current or -stable in addition to packages  
and the additional files in /usr/share/relink went above the 2G size.  
As a result I increased /usr partition to 6G.


Re. /usr/local, I used to be able to just run dpb (before 6.1) and get  
almost all the packages built without having to do any manual checks.  
So no packages were added to /usr/local earlier. But I may be missing  
something because nowadays I am able to only build around 2700  
packages if I run dpb blindly. I then have to do a make package  
manually for critical items like cmake and others. I found out the  
hard way that if I clean stuff up, some packages such as window  
managers don't build for me. So I leave /usr/local as is which  
resulted in me having to increase the size of /usr/local.  Also, for  
some packages such as webkit, I end up having to do a make clean all  
and then make package.


I may be doing something wrong so none of the above is a recommendation.


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Partitioning recommendations for 6.3?

2018-06-25 Thread Vijay Sankar 



Quoting John Long :


Been a while and don't have my other OpenBSD boxes accessible.

What are the recommended partitions and appropriate sizes for people
who want to track stable and possibly build the whole ports tree?

Thanks,

/jl


Hi,

Hopefully more knowledgeable people may give us better advice. The  
default installation and partition sizes worked great for me till 6.1  
and I was able to build and test changes to kernel and also test ports  
etc without making any changes. However, for the past year or so, I  
have had to increase the size of /usr to 6G and /usr/local to 20G to  
build all the packages.


HTH,

Vijay


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Poor browser performance in OpenBSD

2018-06-20 Thread Vijay Sankar 



Quoting Solene Rapenne :


Максим writes:


Hello.
I'm using Firefox and Chromium (from packages) to browse the  
internet on OpenBSD 6.3 (amd64).
The problem is that their performance in OpenBSD is very poor  
compared to other OSes.
Loading pages is slow, watching online video is possible but the  
responsiveness of the browser becomes awful.


Do I need additional settings to fix this?



In my opinion this is normal on OpenBSD


I am very surprised to hear that web browser performance is that bad  
on OpenBSD. Actually my experience is quite the opposite -- it works  
much better on OpenBSD than on my iMac. However, I don't know if I am  
going only to old man web sites :) I have had ZERO problems going to  
youtube and watching videos etc., from sites like washingtonpost.com  
or globeandmail.ca or other news sites. Typically I use firefox-esr  
but have also tested with tor-browser and chromium.


In case it helps, I am using KDE4 and have the following settings:

vijay.foretell.ca$ ulimit -a
time(cpu-seconds)unlimited
file(blocks) unlimited
coredump(blocks) unlimited
data(kbytes) 5242880
stack(kbytes)16384
lockedmem(kbytes)5057874
memory(kbytes)   15168720
nofiles(descriptors) 1024
processes512

vijay.foretell.ca$ more /etc/sysctl.conf
machdep.allowaperture=2 # See xf86(4)
kern.shminfo.shmall=51200
kern.shminfo.shmmni=1024

/etc/login.conf has default values I think, since I don't recall  
changing that. Here is my .profile in case it helps.


export HISTSIZE=100
export HISTFILE=~/.history
export PS1="\H$ "

nof() {
ls -l $1 | egrep -c '^-'
}

ulimit -d 5242880
ulimit -s 16384
ulimit -n 1024
ulimit -p 512

export CVSROOT=vijay@10.0.0.154:/home/cvs
alias mandpb='mandoc -Tascii /home/ports/infrastructure/man/man1/dpb.1 | less'
alias manbulk='mandoc -Tascii  
/home/ports/infrastructure/man/man8/bulk.8 | less'


export JAVA_HOME=/usr/local/jre-1.8.0/
export PATH=$PATH:/usr/local/jre-1.8.0/bin




Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: QEMU user-mode

2018-04-27 Thread Vijay Sankar 


Quoting Warner Losh <i...@bsdimp.com>:


Greetings,

I was wondering if anybody is using the current stock qemu user-mode code
to run OpenBSD code. The code looks woefully incomplete to my eye, so
incomplete I can't see how it would work for anything useful. I'm not even
sure it would work for anything trivial.

My searching has lead me to conclude that other than Sean Bruno's
qemu-bsd-user github branch, there's no other changes to qemu's bsd-user
patches. However, I thought I'd ask here as well.

Warner


I am not sure if it is user-mode code etc., so the following may not  
be relevant.


The qemu package on OpenBSD 6.2 works very well for my purposes.

In case it helps I am using

/usr/bin/doas env ETHER=em0 /usr/local/bin/qemu-system-x86_64
-net nic,vlan=0,macaddr=AA:BB:CC:01:01:01 -net tap,vlan=0 \
-serial telnet:127.0.0.1:1080,server,nowait \
-monitor telnet:127.0.0.1:1081,server,nowait \
-m 4096 -hda openbsd63.img -nographic &


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Please explain the pkg_check F option, thank you.

2018-02-28 Thread Vijay Sankar 
r/local/share/examples/gdm/var/db/gdm/.pulse
can't enter /usr/local/share/examples/polkit/polkit-1/rules.d
can't enter /usr/local/share/polkit-1/rules.d
Checking file system||Can't cd to (/usr/libexec/) auth: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
 /Can't cd to (/var/) authpf: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/var/db/) ldap: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/var/db/) yubikey: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
can't enter /var/db/gdm
can't enter /var/db/rrd
Checking file system|/Can't cd to (/var/games/hackdir/) save:  
Permission denied

 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/var/nsd/) etc: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/var/nsd/run/) xfr: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/var/) quotas: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't opendir(/var/spool/ftp/bin): Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't opendir(/var/spool/ftp/etc): Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't opendir(/var/spool/ftp/hidden): Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't opendir(/var/spool/smtpd): Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/var/) sysmerge: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/var/www/) cache: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
can't enter /var/www/tmp
can't enter /var/samba/private
can't enter /var/kdm
can't enter /builds
Checking file system|-Can't cd to (/etc/) acme: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/etc/iked/) private: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/etc/isakmpd/) private: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/etc/ldap/) certs: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/etc/skel/) .ssh: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Can't cd to (/etc/ssl/) private: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
can't enter /etc/cups/ssl
can't enter /etc/polkit-1/rules.d
Checking file system|\Can't cd to (/) root: Permission denied
 at /usr/libdata/perl5/OpenBSD/PkgCheck.pm line 889.
Unknown file system entries.

etc.
--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: iwm errors with new snapshot (SOLVED, sort of)

2018-01-25 Thread Vijay Sankar 


Quoting Vijay Sankar <vsan...@foretell.ca>:


Quoting Vijay Sankar <vsan...@foretell.ca>:


Quoting Stefan Sperling <s...@stsp.name>:


On Tue, Jan 23, 2018 at 11:50:28AM -0600, Vijay Sankar wrote:

Over the weekend, I was trying to do some tests requested in tech@
(inteldrm). I downloaded the latest snapshot but had problems with iwm
firmware on my laptops (X1 Carbon 5th gen)

I did not have these errors with the previous snapshot (from January 8,
2018). DHCP etc all worked properly the past couple of weeks, I  
was able to

copy large file sets through wifi etc.

So I tried a new build myself in case there was a mismatch between the
packages on firmware.openbsd.org and the latest snapshot but that did not
work.

Waited couple of days for a newer snapshot, installed it and still get the
following errors


Can you please try a kernel compiled from -current CVS source?

Such kernels work for me.


Sure thing. Will do and get back to you ASAP either tonight or  
tomorrow night.


Thanks very much,

Vijay



I compiled from -current CVS on a build machine, copied a release to  
a USB stick and installed it on the ThinkPad X1 and unfortunately  
this did not solve the issue. I am still getting the sames errors  
with iwm.


I reinstalled the snapshot from January 7, 2018 and iwm0 works  
without any problems except the occasional unhandled firmware  
response. But snapshots from the past few days (I got it using rsync  
from openbsd.cs.toronto.edu) as well as the release I made last  
night as well as tonight all fail.


Here is the dmesg. Also, I built the firmware packages using the new  
release and tested with that as well as the ones from  
firmware.openbsd.org.


$ ls -ltr
total 731536
-rwxr-xr-x  1 vijay  wheel 114688 Jan 24 19:51 BOOTIA32.EFI
-rwxr-xr-x  1 vijay  wheel 129024 Jan 24 19:51 BOOTX64.EFI
-rw-r--r--  1 vijay  wheel 54 Jan 24 19:51 BUILDINFO
-rw-r--r--  1 vijay  wheel  43409 Jan 24 19:51 INSTALL.amd64
-rw-r--r--  1 vijay  wheel   1810 Jan 24 19:51 SHA256
-rw-r--r--  1 vijay  wheel  148826845 Jan 24 19:55 base62.tgz
-rwxr-xr-x  1 vijay  wheel   12997070 Jan 24 19:55 bsd
-rwxr-xr-x  1 vijay  wheel   13074051 Jan 24 19:55 bsd.mp
-rwxr-xr-x  1 vijay  wheel9801823 Jan 24 19:56 bsd.rd
-rw-r--r--  1 vijay  wheel9959424 Jan 24 19:56 cd62.iso
-rw-r--r--  1 vijay  wheel  83284 Jan 24 19:56 cdboot
-rw-r--r--  1 vijay  wheel   2048 Jan 24 19:56 cdbr
-rw-r--r--  1 vijay  wheel   79652771 Jan 24 19:57 comp62.tgz
-rw-r--r--  1 vijay  wheel1474560 Jan 24 19:57 floppy62.fs
-rw-r--r--  1 vijay  wheel2785581 Jan 24 19:57 game62.tgz
-rw-r--r--  1 vijay  wheel   1440 Jan 24 19:57 index.txt
-rw-r--r--  1 vijay  wheel7183490 Jan 24 19:57 man62.tgz
-rw-r--r--  1 vijay  wheel4915200 Jan 24 19:57 miniroot62.fs
-rw-r--r--  1 vijay  wheel  93088 Jan 24 19:57 pxeboot
-rw-r--r--  1 vijay  wheel   18591578 Jan 24 19:58 xbase62.tgz
-rw-r--r--  1 vijay  wheel   40302938 Jan 24 19:58 xfont62.tgz
-rw-r--r--  1 vijay  wheel   12861637 Jan 24 19:58 xserv62.tgz
-rw-r--r--  1 vijay  wheel4527000 Jan 24 19:59 xshare62.tgz
-rw-r--r--  1 vijay  wheel1253238 Jan 24 20:44  
intel-firmware-20171117p0v0.tgz
-rw-r--r--  1 vijay  wheel  70891 Jan 24 20:44  
inteldrm-firmware-20170701.tgz
-rw-r--r--  1 vijay  wheel4134744 Jan 24 20:44  
iwm-firmware-0.20170105.tgz

-rw-r--r--  1 vijay  wheel  67831 Jan 24 20:44 uvideo-firmware-1.2p2.tgz

If there is anything else I can do to make it work or help with some  
testing please let me know,


Thanks very much,

Vijay



Just wanted to close this thread so that it is not left hanging there.  
My problems are due to something I was  doing wrong. To summarize


I have two identical ThinkPad X1 Carbon 5th laptops -- one running  
OpenBSD snapshot #333 and the other running -current that I built


1) If I use amd64 -current BUILD 333, iwm0 works properly. No issues at all

2) If I use amd64 -current that I built (tried five different times),  
I get lots of errors with iwm0. What I mean by this is that, I make a  
release, copy it to a USB drive and install from the USB drive.  
Everything else including USB Ethernet work fine.


3) If I take the drive from my build machine and boot the ThinkPad  
from it, iwm0 works with just the following two errors initially but  
no errors after that (the two errors vary each time but there are only  
two every time I reboot).


Jan 25 11:37:27 builder /bsd: iwm0: unhandled firmware response  
0xff/0xb810 rx ring 0[40]
Jan 25 11:37:40 builder /bsd: iwm0: unhandled firmware response  
0xff/0xb810 rx ring 4[234]


So I am thinking that the problems are due to something I was doing  
wrong when building a release, may be the files in my /rel drive got  
corrupted or whatever. I will eventually figure it out, hopefully.


If it is of any use, I can now try to use the ThinkPad as a build  
machine (since iwm0 works on it now) or do any other tests that ma

Re: iwm errors with new snapshot

2018-01-24 Thread Vijay Sankar 


Quoting Vijay Sankar <vsan...@foretell.ca>:


Quoting Stefan Sperling <s...@stsp.name>:


On Tue, Jan 23, 2018 at 11:50:28AM -0600, Vijay Sankar wrote:

Over the weekend, I was trying to do some tests requested in tech@
(inteldrm). I downloaded the latest snapshot but had problems with iwm
firmware on my laptops (X1 Carbon 5th gen)

I did not have these errors with the previous snapshot (from January 8,
2018). DHCP etc all worked properly the past couple of weeks, I was able to
copy large file sets through wifi etc.

So I tried a new build myself in case there was a mismatch between the
packages on firmware.openbsd.org and the latest snapshot but that did not
work.

Waited couple of days for a newer snapshot, installed it and still get the
following errors


Can you please try a kernel compiled from -current CVS source?

Such kernels work for me.


Sure thing. Will do and get back to you ASAP either tonight or  
tomorrow night.


Thanks very much,

Vijay



I compiled from -current CVS on a build machine, copied a release to a  
USB stick and installed it on the ThinkPad X1 and unfortunately this  
did not solve the issue. I am still getting the sames errors with iwm.


I reinstalled the snapshot from January 7, 2018 and iwm0 works without  
any problems except the occasional unhandled firmware response. But  
snapshots from the past few days (I got it using rsync from  
openbsd.cs.toronto.edu) as well as the release I made last night as  
well as tonight all fail.


Here is the dmesg. Also, I built the firmware packages using the new  
release and tested with that as well as the ones from  
firmware.openbsd.org.


$ ls -ltr
total 731536
-rwxr-xr-x  1 vijay  wheel 114688 Jan 24 19:51 BOOTIA32.EFI
-rwxr-xr-x  1 vijay  wheel 129024 Jan 24 19:51 BOOTX64.EFI
-rw-r--r--  1 vijay  wheel 54 Jan 24 19:51 BUILDINFO
-rw-r--r--  1 vijay  wheel  43409 Jan 24 19:51 INSTALL.amd64
-rw-r--r--  1 vijay  wheel   1810 Jan 24 19:51 SHA256
-rw-r--r--  1 vijay  wheel  148826845 Jan 24 19:55 base62.tgz
-rwxr-xr-x  1 vijay  wheel   12997070 Jan 24 19:55 bsd
-rwxr-xr-x  1 vijay  wheel   13074051 Jan 24 19:55 bsd.mp
-rwxr-xr-x  1 vijay  wheel9801823 Jan 24 19:56 bsd.rd
-rw-r--r--  1 vijay  wheel9959424 Jan 24 19:56 cd62.iso
-rw-r--r--  1 vijay  wheel  83284 Jan 24 19:56 cdboot
-rw-r--r--  1 vijay  wheel   2048 Jan 24 19:56 cdbr
-rw-r--r--  1 vijay  wheel   79652771 Jan 24 19:57 comp62.tgz
-rw-r--r--  1 vijay  wheel1474560 Jan 24 19:57 floppy62.fs
-rw-r--r--  1 vijay  wheel2785581 Jan 24 19:57 game62.tgz
-rw-r--r--  1 vijay  wheel   1440 Jan 24 19:57 index.txt
-rw-r--r--  1 vijay  wheel7183490 Jan 24 19:57 man62.tgz
-rw-r--r--  1 vijay  wheel4915200 Jan 24 19:57 miniroot62.fs
-rw-r--r--  1 vijay  wheel  93088 Jan 24 19:57 pxeboot
-rw-r--r--  1 vijay  wheel   18591578 Jan 24 19:58 xbase62.tgz
-rw-r--r--  1 vijay  wheel   40302938 Jan 24 19:58 xfont62.tgz
-rw-r--r--  1 vijay  wheel   12861637 Jan 24 19:58 xserv62.tgz
-rw-r--r--  1 vijay  wheel4527000 Jan 24 19:59 xshare62.tgz
-rw-r--r--  1 vijay  wheel1253238 Jan 24 20:44  
intel-firmware-20171117p0v0.tgz
-rw-r--r--  1 vijay  wheel  70891 Jan 24 20:44  
inteldrm-firmware-20170701.tgz

-rw-r--r--  1 vijay  wheel4134744 Jan 24 20:44 iwm-firmware-0.20170105.tgz
-rw-r--r--  1 vijay  wheel  67831 Jan 24 20:44 uvideo-firmware-1.2p2.tgz

If there is anything else I can do to make it work or help with some  
testing please let me know,


Thanks very much,

Vijay





--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca
OpenBSD 6.2-current (GENERIC.MP) #0: Wed Jan 24 19:02:23 CST 2018
vi...@builder.lab.foretell.ca:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 16669777920 (15897MB)
avail mem = 16157634560 (15409MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.0 @ 0x4f0e1000 (62 entries)
bios0: vendor LENOVO version "N1MET37W (1.22 )" date 07/04/2017
bios0: LENOVO 20HRCTO1WW
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT TPM2 UEFI SSDT SSDT HPET APIC MCFG ECDT SSDT BOOT 
BATB SSDT SSDT SSDT WSMT SSDT SSDT DBGP DBG2 MSDM ASF! FPDT UEFI
acpi0: wakeup devices GLAN(S4) XHC_(S3) XDCI(S4) HDAS(S4) RP01(S4) RP02(S4) 
RP04(S4) RP05(S4) RP06(S4) RP07(S4) RP08(S4) RP09(S4) RP10(S4) RP11(S4) 
RP12(S4) RP13(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 2399 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz, 2595.02 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BM

Re: iwm errors with new snapshot

2018-01-23 Thread Vijay Sankar 


Quoting Stefan Sperling <s...@stsp.name>:


On Tue, Jan 23, 2018 at 11:50:28AM -0600, Vijay Sankar wrote:

Over the weekend, I was trying to do some tests requested in tech@
(inteldrm). I downloaded the latest snapshot but had problems with iwm
firmware on my laptops (X1 Carbon 5th gen)

I did not have these errors with the previous snapshot (from January 8,
2018). DHCP etc all worked properly the past couple of weeks, I was able to
copy large file sets through wifi etc.

So I tried a new build myself in case there was a mismatch between the
packages on firmware.openbsd.org and the latest snapshot but that did not
work.

Waited couple of days for a newer snapshot, installed it and still get the
following errors


Can you please try a kernel compiled from -current CVS source?

Such kernels work for me.


Sure thing. Will do and get back to you ASAP either tonight or tomorrow night.

Thanks very much,

Vijay


--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

iwm errors with new snapshot

2018-01-23 Thread Vijay Sankar 
Over the weekend, I was trying to do some tests requested in tech@  
(inteldrm). I downloaded the latest snapshot but had problems with iwm  
firmware on my laptops (X1 Carbon 5th gen)


I did not have these errors with the previous snapshot (from January  
8, 2018). DHCP etc all worked properly the past couple of weeks, I was  
able to copy large file sets through wifi etc.


So I tried a new build myself in case there was a mismatch between the  
packages on firmware.openbsd.org and the latest snapshot but that did  
not work.


Waited couple of days for a newer snapshot, installed it and still get  
the following errors


Jan 23 18:57:28 fla1 /bsd: iwm0: could not remove MAC context (error 35)
Jan 23 18:57:28 fla1 /bsd: iwm0: unhandled firmware response  
0xff/0xb810 rx ring 0[7]

Jan 23 18:57:35 fla1 /bsd: iwm0: could not add MAC context (error 35)
Jan 23 18:57:35 fla1 /bsd: iwm0: unhandled firmware response  
0xff/0xb810 rx ring 0[7]

Jan 23 18:57:55 fla1 /bsd: iwm0: could not add sta (error 35)
Jan 23 18:57:55 fla1 /bsd: iwm0: fatal firmware error
Jan 23 18:57:56 fla1 /bsd: iwm0: unhandled firmware response  
0xff/0xb810 rx ring 0[8]

Jan 23 18:58:02 fla1 /bsd: iwm0: fatal firmware error
Jan 23 18:58:03 fla1 /bsd: iwm0: could not remove MAC context (error 35)
Jan 23 18:58:03 fla1 /bsd: iwm0: unhandled firmware response  
0xff/0xb810 rx ring 0[22]


Not sure if it makes any difference but because I lost the two  
Ethernet dongles for the ThinkPads, I was doing the firmware update  
from a USB stick as follows:


fw_update -p /mnt/

OpenBSD -snapshots also were installed from install62.fs, not from a  
PXEBOOT that I usually do.


Here is the dmesg after installing the latest snapshot in case it is  
helpful. It has details about


OpenBSD 6.2-current (RAMDISK_CD) #376: Mon Jan 22 21:15:58 MST 2018
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD

from the installation process and the OS currently installed

OpenBSD 6.2-current (GENERIC.MP) #384: Mon Jan 22 21:11:13 MST 2018
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

Please let me know if I am doing something wrong here or if there is  
anything I can do to help -- have two new ThinkPad X1 Carbon 5th to  
work with (as well as a bunch of other ThinkPads) if any tests would  
be useful.


Thanks very much,

Vijay







--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca
OpenBSD 6.2-current (RAMDISK_CD) #376: Mon Jan 22 21:15:58 MST 2018
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
real mem = 16913035264 (16129MB)
avail mem = 16396693504 (15637MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.0 @ 0x4f0e1000 (62 entries)
bios0: vendor LENOVO version "N1MET37W (1.22 )" date 07/04/2017
bios0: LENOVO 20HRCTO1WW
acpi0 at bios0: rev 2
acpi0: tables DSDT FACP SSDT TPM2 UEFI SSDT SSDT HPET APIC MCFG ECDT SSDT BOOT 
BATB SSDT SSDT SSDT WSMT SSDT SSDT DBGP DBG2 MSDM ASF! FPDT UEFI
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz, 2595.04 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: apic clock running at 24MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 120 pins
acpiec0 at acpi0
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 2 (RP01)
acpiprt2 at acpi0: bus -1 (RP02)
acpiprt3 at acpi0: bus 4 (RP03)
acpiprt4 at acpi0: bus -1 (RP04)
acpiprt5 at acpi0: bus 5 (RP05)
acpiprt6 at acpi0: bus -1 (RP06)
acpiprt7 at acpi0: bus -1 (RP07)
acpiprt8 at acpi0: bus -1 (RP08)
acpiprt9 at acpi0: bus 6 (RP09)
acpiprt10 at acpi0: bus -1 (RP10)
acpiprt11 at acpi0: bus -1 (RP11)
acpiprt12 at acpi0: bus -1 (RP12)
acpiprt13 at acpi0: bus -1 (RP13)
acpiprt14 at acpi0: bus -1 (RP14)
acpiprt15 at acpi0: bus -1 (RP15)
acpiprt16 at acpi0: bus -1 (RP16)
acpiprt17 at acpi0: bus -1 (RP17)
acpiprt18 at acpi0: bus -1 (RP18)
acpiprt19 at acpi0: bus -1 (RP19)
acpiprt20 at acpi0: bus -1 (RP20)
acpiprt21 at acpi0: bus -1 (RP21)
acpiprt22 at acpi0: bus -1 (RP22)
acpiprt23 at acpi0: bus -1 (RP23)
acpiprt24 at acpi0: bus -1 (RP24)
acpicpu at acpi0 not configured
acpipwrres at acpi0 not configured
acpipwrres at acpi0 not configured
acpipwrres at acpi0 not configured
acpitz at acpi0 not configured
"LEN0268" at acpi0 not configured
"ACPI0003" at acpi0 not configured
&qu

Re: bioctl and S.M.A.R.T support for physical disks

2017-10-18 Thread Vijay Sankar 


Quoting Predrag Punosevac <punoseva...@gmail.com>:


Hi Misc,

I am using

# bioctl sd4
Volume  Status   Size Device
softraid0 0 Online  2000396018176 sd4 RAID1
  0 Online  2000396018176 0:0.0   noencl 
  1 Online  2000396018176 0:1.0   noencl 

for my desktop

# uname -a
OpenBSD oko.bagdala2.net 6.2 GENERIC.MP#0 amd64

Physical drives used to create mirror on this machine are
/dev/sd0 and /dev/sd1

When I try to probe the drives with S.M.A.R.T utility I get

# smartctl -i -d sat /dev/sd0
smartctl 6.5 2016-05-07 r4318 [x86_64-unknown-openbsd6.2] (local build)
Copyright (C) 2002-16, Bruce Allen, Christian Franke,
www.smartmontools.org

Smartctl open device: /dev/sd0 [SAT] failed: Operation not supported by
device


and this is without device option

# smartctl -i  /dev/sd0
smartctl 6.5 2016-05-07 r4318 [x86_64-unknown-openbsd6.2] (local build)
Copyright (C) 2002-16, Bruce Allen, Christian Franke,
www.smartmontools.org

Smartctl open device: /dev/sd0 failed: Operation not supported by device

It makes me wonder if S.M.A.R.T. support for physical disks is added to
bioctl since 2006/7 when Marco Peereboom was talking about that on
NYC*BUG. I am using high end enterprise drives on this machine which do
support S.M.A.R.T. and I did enable S.M.A.R.T. in bios.

Cheers,
Predrag


Hi,

smartctl -i  /dev/sd0c works

Vijay

--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: l2tp and openbsd 6.1

2017-10-05 Thread Vijay Sankar 


Quoting lilit-aibolit <lilit-aibo...@mail.ru>:


On 05/10/17 09:17, lilit-aibolit wrote:

Hi,
I've just try your suggestion and IPhone could connect but Windows
gives new errors in log:


##here is Windows attempt
Oct  5 09:08:16 gw isakmpd[19354]: message_parse_payloads: invalid  
next payload type  in payload of type 5
Oct  5 09:08:16 gw isakmpd[19354]: dropped message from  
37.73.208.173 port 2715 due to notification type INVALID_PAYLOAD_TYPE



I've testes one more time and it seems that
INVALID_PAYLOAD_TYPE means wrong PSK in windows vpn client.

So after correction I was able to establish vpn
both from IPhone, Android and from Windows (at least version 7)
with this ipsec.conf:

ike passive esp transport \
proto udp from a.b.s.d to any port 1701 \
main auth hmac-sha1 enc aes group modp2048 \
quick auth hmac-sha1 enc aes \
psk "psk"

ike passive esp transport \
proto udp from a.b.s.d to any port 1701 \
main auth hmac-sha1 enc aes group modp1024 \
quick auth hmac-sha1 enc aes \
psk "psk"


Glad that changing the order is working for you.

Yes, for whatever reason, I found IPSec/L2TP works when ike with  
modp2048 is listed first and then modp1024. I read Stuart Henderson's  
email carefully again and think that my suggestion re. the order of  
IKE statements may be wrong. Probably the only reason this works for  
me is because I am not simultaneously trying to connect with both  
Windows and Android clients. Will try to test that this weekend but  
please read his reply in this thread.

--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: l2tp and openbsd 6.1

2017-10-04 Thread Vijay Sankar 
BC Oct  4 10:12:37  
gw isakmpd[24211]: attribute_unacceptable:
ENCRYPTION_ALGORITHM: got 3DES_CBC, expected AES_CBC Oct  4 10:12:37  
gw isakmpd[24211]: message_negotiate_sa: no compatible proposal  
found Oct  4 10:12:37 gw isakmpd[24211]: dropped message from  
37.73.208.134 port 16884 due to notification type NO_PROPOSAL_CHOSEN


On 02/10/17 23:03, Charles Amstutz wrote:

Hello everyone,

I'm new to this list and l2tp/openbsd (but do have working  
UNIX/Linux knowledge).  After searching the previous forum posts  
(and the internet) I have found a lot of information on l2tp  
ipsec.conf connection strings. However, I can't get android to  
connect. I keep getting IKE negotiation failed errors.


I've looked at sites such as:

http://bluepilltech.blogspot.com/2017/02/openbsd-l2tp-over-ipsec-andro
id-601-ios.html
https://www.authbsd.com/blog/?p=20
http://daemonforums.org/showthread.php?t=10326
https://rzemieniecki.wordpress.com/2014/05/28/debugging-ipsec-on-openb
sd-invalid_cookie/
https://man.openbsd.org/npppd.conf.5
https://blog.gordonturner.com/2016/12/10/openbsd-6-0-vpn-endpoint-for-
ios-and-osx/
https://marc.info/?l=openbsd-misc=145922338026396=2
https://marc.info/?l=openbsd-misc=145614573528471=2
https://www.mail-archive.com/misc@openbsd.org/msg145747.html
... etc


I can get IOS to connect, but I can't get android 7 to connect.  I've
read that android has bugs with the vpn client in 6.x and 7.x (not
sure if it is fixed in 8 or not). However, what is confusing is it
connections just fine To my windows l2tp server.  Bug tracker:
https://issuetracker.google.com/issues/37074640#c35


My goal: Setup openbsd to work with IOS/android/windows/whatever.

My questions.


1)  Can you have more than one ike line in ipsec.conf? from my  
presumption of looking at sites on the internet, you can, however,  
I am not sure.


https://www.authbsd.com/blog/?p=20 makes it seem like you can, unless
it is just two examples


2)  Every time I read a site that says, "this configuration  
worked for me on android", it doesn't work for me. I presume it is  
my lack of understanding, though, I'm not ruling out the possible  
android bug.



I appreciate any help.



Here is my ipsec.conf (this allows IOS to connect)

public_ip = "x.x.x.x"



ike passive esp transport \

   proto udp from $public_ip to any port 1701 \

   main auth "hmac-sha1" enc "aes" group modp1024\

   quick auth "hmac-sha1" enc "aes" \

   psk "PSK-GOES-HERE"

 Here is my npppd.conf



authentication LOCAL type local {

 users-file "/etc/npppd/npppd-users"

}



tunnel L2TP protocol l2tp {

 listen on 0.0.0.0

 listen on ::

}



ipcp IPCP {

 pool-address 10.0.0.101-10.0.0.254

 dns-servers x.x.x.x

}



# use pppx(4) interface.  use an interface per a ppp session.

interface pppx0 address 10.0.0.1 ipcp IPCP

bind tunnel from L2TP authenticated by LOCAL to pppx0



Unfortunately I am not sure if what I am saying is correct or valid  
because maybe this stuff works for me only because I am using older  
versions of Android etc., plus I am using a slightly modified OpenBSD  
5.5 kernel. But you may want to try the following.


The order is important -- doesn't seem to work if modp2048 is listed  
after modp1024. If I do something like


ike passive esp transport proto udp from $local_ip to any port 1701 \
main auth "hmac-sha1" enc "aes" group modp2048 \
quick auth "hmac-sha1" enc "aes" \
psk "mypsk"
ike passive esp transport proto udp from $local_ip to any port 1701 \
main auth "hmac-sha1" enc "aes" group modp1024 \
quick auth "hmac-sha1" enc "aes" \
psk "mypsk"

in the order listed, it works, and it has been working for at least a  
few years. To make sure I am not posting wrong information, I have  
double-checked using Lenovo YogaPad (Android 4.4.2), Windows 7,  
Windows 8, Windows 10, iOS 10.3.3, and MacOS 10.13.


I will try the same thing with -current and report back to the list if  
it is useful.


Hope this helps.

Vijay
--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: l2tp and openbsd 6.1

2017-10-02 Thread Vijay Sankar 


Quoting Stuart Henderson <s...@spacehopper.org>:


On 2017-10-02, Charles Amstutz <charl...@infinitesys.com> wrote:

Hello Sterling,

Thanks for the response. I changed it to

ike passive esp transport \
   proto udp from $public_ip to any port 1701 \
   main auth "hmac-sha1" enc "aes-256" group modp1024\
   quick auth "hmac-sha1" enc "aes-256" \
   PSK "PSK-GOES-HERE"

and still no luck. I found out that Android 8 will connect (using  
aes).   I am dumpping pflog0 and seeing no blocks. However, that  
doesn't mean it still isn't a potential pf problem I guess.  
However, if IOS and android 8 would connect, I would think that  
would rule a pf problem?


Is there a way to turn on additional debugging?  I'm using isakmpd  
-K in rc.conf.local, so not using isakmpd.policy/.conf  (from my  
understanding)
Everything in /var/log/messages is just from npppd. Unless I'm  
reading it wrong, there doesn't appear to be any errors.


I have "isakmpd_flags=-Kv -D0=29 -D1=49 -D2=10 -D3=30 -D5=20 -D6=30
-D8=30 -D9=30 -D10=20" in rc.conf.local as a general-purpose debugging
config, then if there's a particular area I look at isakmpd source to
see if I need to bump one of them up a little. These end up in
/var/log/daemon (or start it by hand to run in the foreground
using -d).

1)  Can you have more than one ike line in ipsec.conf? from my  
presumption of looking at sites on the internet, you can, however,  
I am not sure.


You can, *but* only one "default peer" ("to any" line) will take effect.


https://www.authbsd.com/blog/?p=20 makes it seem like you can, unless
it is just two examples


That site makes it look like you can use the two, but it won't work  
like that.

One config will override the other.


I don't know about Android 8 but have been able to use iPhones as well  
as Android tablets with the following on an older version on OpenBSD.  
Hope this is helpful and not sending the OP in the wrong direction.


In npppd.conf, I am using

interface tun0  address 10.0.0.1 ipcp IPCP
bind tunnel from L2TP_ipv4 authenticated by LOCAL to tun0

instead of

interface pppx0 address 10.0.0.1 ipcp IPCP
bind tunnel from L2TP authenticated by LOCAL to pppx0

and in pf.conf, I have

pass in quick on tun0 inet proto tcp from 10.0.0.0/24







--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Get an MAC address of a LAN PC - OpenBSD

2017-06-23 Thread Vijay Sankar 
Early this morning I sent a private message to the OP to understand why he was 
asking this question. It looked from his reply that the objective was to find 
whether someone had entered the same IP address on different workstations and 
accessed some unauthorized site. 

Not sure if the following is a good suggestion but I thought if he looked at 
/var/log/messages on his firewall he may be able to see stuff such as:

Jun 23 01:53:12 fw1 /bsd: arp info overwritten for 10.20.0.216 by 
58:55:ca:43:83:91 on em0

Jun 23 01:53:12 fw1 /bsd: arp info overwritten for 10.20.0.216 by 
00:f7:6f:d4:3d:b6 on em0

etc. and correlate back.

Vijay 

Sent from my iPhone

>> On Jun 23, 2017, at 06:47, Stuart Henderson  wrote:
>> 
>> On 2017-06-23, Indunil Jayasooriya  wrote:
>> Is there any way to get an MAC address of a PC that was connected to
>> OpenBSD PF box but now it is NOT connect to.
> 
> If the PF box was serving DHCP and the PC fetched its address that way,
> it will likely still be in the lease database, /var/db/dhcpd.leases.
> 
> If this is something which might come up again in the future, you can
> run arpwatch (in ports), but it's no time machine.
> 
>

Re: bgp-spamd question

2017-05-08 Thread Vijay Sankar 


Quoting Markus Rosjat <ros...@ghweb.de>:


Hi there,

I followed the example on http://bgp-spamd.net/client/bgpd.html an  
tried to setup bgpd. the daemon started without problem but when I  
try to fetch IPs it doesnt seem to work for me.


$ doas bgpctl show rib community 65066:666
flags: * = Valid, > = Selected, I = via IBGP, A = Announced, S = Stale
origin: i = IGP, e = EGP, ? = Incomplete

flags destination  gateway  lpref   med aspath origin
$

I would expect a list of IPs here or did I missed a point somewere  
on the way? I simply enabled bgpd without some special flags.


$ doas rcctl enable bgpd
$ doas rcctl get bgpd
bgpd_class=bgpd
bgpd_flags=
bgpd_rtable=0
bgpd_timeout=30
bgpd_user=root
$ doas rcctl start bgpd
bgpd(ok)

here is the bgpd.conf

#macros
spam_rs1="64.142.121.62" # rs.bgp-spamd.net
spam_rs2="217.31.80.170" # eu.bgp-spamd.net
spamASN="65066"

AS 65517

fib-update no   # mandatory, to not update
# the local routing table

group "spam-bgp" {
remote-as $spamASN
multihop 64
announce none   # Do not send any route updates
neighbor $spam_rs1
neighbor $spam_rs2
}

# 'match' is required, to remove entries when routes are withdrawn
match from group "spam-bgp" community $spamASN:42 set pftable  
"bgp_spamd_bypass"

match from group "spam-bgp" community $spamASN:666 set pftable "bgp_spamd"

In my pf.conf I just have the tables defined without any rules for  
the tables.


I can also ping the bgp-spamd servers.

So any advice would be helpful here :)

Regards

--
Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de

G+H Webservice GbR Gorzolla, Herrmann
Königsbrücker Str. 70, 01099 Dresden

http://www.ghweb.de
fon: +49 351 8107220   fax: +49 351 8107227

Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss!  
Before you print it, think about your responsibility and commitment  
to the ENVIRONMENT


Hi,

I have something like

bgp-spamd:\
 :black:\
 :msg="Your address %A has sent mail to a spamtrap\n\
  within the last 24 hours":\
 :method=file:\
 :file=/var/mail/spamd.black:

in /etc/mail/spamd.conf

and a cron job /bin/sh /etc/mail/bgp-spamd.black.sh which has

#!/bin/sh
AS=65066

bgpctl show rib community ${AS}:666 |
sed -e '1,4d' -e 's/\/.*$//' -e 's/[ \*\>]*//' > /var/mail/spamd.black

/usr/libexec/spamd-setup

# EOF

Just double checked and can see it is being updated.

$ ls -l /var/mail/spamd.black
-rw-r--r--  1 root  wheel  233006 May  8 05:20 /var/mail/spamd.black

Hope this helps,

Vijay

--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: ordering

2017-04-15 Thread Vijay Sankar 

Quoting Friedrich Locke <friedrich.lo...@gmail.com>:


Hi folks,

i would like to order obsd 6.1, butfrom the openbsd store i cannot see it
available for ordering.
May you help me ?

thanks, gustavo.


Hi,

I had sent an email to ord...@openbsdstore.com regarding this  
yesterday and they replied that "there isn't a 6.1 cd, please check  
out the obsd.org site to persuade them to make one...". However I did  
not want to bother the list and the developers in case CDs are not the  
way to go. I did a search on mailing list messages but did not see  
anything about 6.1 CDs. So I am thinking that the CD's may be ready  
only by May 1 and the release date was pushed earlier for some reason  
(just a guess because in 2015 and before, CDs were released in May and  
November)


If no OpenBSD CDs are going to be released, then probably it is better  
to just send a donation to the OpenBSD foundation and/or to Theo de  
Raadt. If CD's are going to be released, of course, I would be first  
in line since I have all CD's since 2.8 :)


Vijay
--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Getting http to work

2017-02-26 Thread Vijay Sankar 
  Oops, don't know what happened to my config that I added below. Sorry
about that.

Anyways, the only thing I recall was that I used the real server name
instead of "default" and it worked and I have not touched the configuration
since then :)

Vijay

Quoting Vijay Sankar <vsan...@foretell.ca>:

> Hi,
>
> Can you try using the name of the server instead of "default"?
>
> I sort of recall something like this from a couple of years ago but it
has
> run without any problems for me.
>
> For example, I had "default" instead of the server's name and it did not
> work. Once I changed to the following, there were no issues and it has
run
> like this  since
>
> vault.lab.foretell.ca$ ls -l
>
/etc/httpd.conf                
                 
>  
> -rw-r--r--  1 root  wheel  558 Dec 28  2015 /etc/httpd.conf
>
> vault.lab.foretell.ca$ more
>
/etc/httpd.conf                
                  
>  
> prefork 2
> chroot "/home/distros"
>            server "vault.lab.foretell.ca" {
>                 listen on *
port 80
>                 directory
auto index
>                 }
>
>            types {
>                   
> text/css               
> css
>                   
text/html              
> html htm
>                   
> text/txt               
> txt
>                   
image/gif              
> gif
>                   
image/jpeg             
> jpeg jpg
>                   
image/png              
> png
>                   
application/javascript  js
>                   
application/xml         xml
>            }
>
> Hope this helps,
>
> Vijay
>
> Quoting Monah Baki <monahb...@gmail.com>:
>
>> # netstat -na -f inet | grep LISTEN
>> tcp          0      0  127.0.0.1.25   
       *.*     
>
>              
>> LISTEN
>> tcp          0      0  *.22     
             *.*   
>
>                
>> LISTEN
>> # httpd -dv
>> startup
>> parent: send server: Can't assign requested address
>> # logger exiting, pid 24061
>> server exiting, pid 96224
>> server exiting, pid 68259
>> server exiting, pid 94930
>>
>> It's a fresh install so I wasn't expecting any ports listening. Even
>> if I changed to port 8080 same issue.
>>
>> Thanks
>>
>> On Sat, Feb 25, 2017 at 6:31 PM, Currell Berry <currellbe...@gmail.com>
>> wrote:
>>> Monah Baki writes:
>>>
>>>> # httpd -dnv
>>>> configuration OK
>>>>
>>>> #  rcctl - start httpd
>>>> doing _rc_parse_conf
>>>> doing _rc_quirks
>>>> httpd_flags empty, using default ><
>>>> doing _rc_parse_conf /var/run/rc.d/httpd
>>>> doing _rc_quirks
>>>> doing rc_check
>>>> httpd
>>>> doing rc_pre
>>>> configuration OK
>>>> doing rc_start
>>>> doing _rc_wait start
>>>> doing rc_check
>>>> doing _rc_write_runfile
>>>> (ok)
>>>>
>>>> # /etc/rc.d/httpd start
>>>> httpd(ok)
>>>>
>>>> cat /var/log/messages
>>>>
>>>> Feb 25 15:35:22 nebula httpd[94632]: parent: send server: Can't assign
>>>> requested address
>>>> Feb 25 15:36:06 nebula httpd[14026]: parent: send server: Can't assign
>>>> requested addr

Re: Getting http to work

2017-02-26 Thread Vijay Sankar 
kstation and
>>>>>>> wanted to run default webserver.
>>>>>>>
>>>>>>> In the messages logs I find the following error:
>>>>>>>
>>>>>>> httpd[23792]: parent: send server: Can't assign requested address
>>>>>>>
>>>>>>> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>>>>>>>         lladdr 00:0c:29:b3:81:f8
>>>>>>>         index 1 priority 0 llprio 3
>>>>>>>         groups: egress
>>>>>>>         media: Ethernet autoselect (1000baseT
full-duplex,master)
>>>>>>>         status: active
>>>>>>>         inet 192.168.60.129 netmask 0xff00 broadcast
>>>>>>> 192.168.60.255
>>>>>>>
>>>>>>> In my httpd.conf all I changed was the "ext_addr" Macro,
>>>>>>> everything else as is.
>>>>>>>
>>>>>>> $ cat /etc/httpd.conf
>>>>>>> # $OpenBSD: httpd.conf,v 1.14 2015/02/04 08:39:35 florian Exp $
>>>>>>>
>>>>>>> #
>>>>>>> # Macros
>>>>>>> #
>>>>>>> ext_addr="192.168.60.129"
>>>>>>> # A minimal default server
>>>>>>> server "default" {
>>>>>>>         listen on $ext_addr port 80
>>>>>>> }
>>>>>>>
>>>>>>> Thank you
>>>>>>> Monah
>>>>>>
>>>>>> Did you try
>>>>>>
>>>>>>      ext_addr="*"
>>>>>>
>>>>>> yet?
>>>>>>
>>>>>> Does it report the same error with that in place?
>>>>>>
>>>>>> -- Currell
>>>>
>>>> --
>>>>
>>>> Cordialement, Coues Ludovic
>>>> +336 148 743 42
>>
>> Some ideas:
>> You might have an instance of httpd running in the background stopping a
>> new one from binding to the port.
>>
>> Run the following commands and examine the output to check what could
>> be there
>>
>>     # netstat -na -f inet | grep LISTEN
>>     # ps ax
>>
>> Kill all running instances of httpd, or anything else that is binding to
>> port 80.
>>
>> Once you've done that, try starting httpd in no-fork mode and see what
>> it says:
>>
>>     # httpd -dv
>>
>> If it still doesn't work, try a different port (change 80 to  for
>> instance).
>> -- Currell
>
>  
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: -current not autobooting?

2017-01-15 Thread Vijay Sankar 
  Quoting jungle boogie <jungleboog...@gmail.com>:

> On 01/14/2017 01:40 AM, ludovic coues wrote:
>> Have you read the manpage for boot.conf ?
>> With your config, the boot> prompt should wait a full minute before
>> trying to load a kernel. Default is 5 seconds.
>
> Yes, but it doesn't boot after a full minute or two minutes or likely
> any time until I press enter.
>
>> Also, I don't have a boot.conf file on my system.
>
> That's fine.

Hi,

I have had something like this happen a while ago. But it was because of my
qemu configuration and not because of -current.

I am not sure if you are running -current on a VM but if so, could it be a
configuration issue with the VM host?

Vijay
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Small Business email server using OpenSMTPD

2017-01-13 Thread Vijay Sankar 
  Quoting aretes27...@mypacks.net:

> I'm trying to move a small business email server from an older OpenBSD
> using sendmail to one with OpenBSD 6.0 using OpenSMTPD.
>
> The current email server has:
> - a certificate (used by StartTLS)
> - MS Outlook clients using pop3 to retrieve their mail
> - OpenWebmail for non-local client access
>
> I've not found the correct search results to show to how to do this.
> What I'd really like to find is an example "smtpd.conf" showing the
> required entries.
>
> Can anyone point me in the correct direction?
> Thanks, Joe

I am assuming you are looking for just smtpd.conf and not suggestions like
"use dovecot and httpd for pop and webmail".

man page is very informative about the different options. May be all you
need is to just change some of the stanzas below taken from the example
section of 'man 5 smtpd.conf'
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Sendmail on OpenBSD 6.0

2016-11-17 Thread Vijay Sankar 
  Quoting Damian McGuckin <dami...@esi.com.au>:

> Is anybody using this configuration, i.e. not OpenSMTPD?
>
> Regards - Damian
>
> Pacific Engineering Systems International, 277-279 Broadway, Glebe NSW
> 2037
> Ph:+61-2-8571-0847 .. Fx:+61-2-9692-9623 | unsolicited email not wanted
> hereViews & opinions here are mine and not those of any past or present
> employer

Saw your message in the OpenSMTPd list about having problems with sendmail.

I am not using sendmail on 6.0 at the moment but used it last year
following all the instructions within /usr/local/share/doc/pkg-readmes.

Are you having problems after running sendmail-enable?

Vijay
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Ripping CDs and DVDs

2016-10-31 Thread Vijay Sankar 
Thanks very much. Yes, I am using mp3,flac so that there are two versions.

With the vob format, I have not had any problems with subtitles or audio
streams. It is important for me to use OpenBSD especially since I believe it
will be around much longer than other operating systems. So I have not tried
other OSes.

Sent from my iPhone

> On Oct 30, 2016, at 10:21, Simon Ruderich <si...@ruderich.org> wrote:
>
>> On Sat, Oct 22, 2016 at 05:44:59PM -0500, Vijay Sankar wrote:
>> Hi,
>>
>> In preparation for my retirement in 2050, I am setting up a media server
>> for all my DVDs and CDs.
>>
>> For ripping CD's, I was planning to use abcde as follows:
>>
>> abcde -q high -o mp3
>
> Hello,
>
> For long term storage you might want to consider a more modern
> format like flac (for lossless compression) or ogg/vorbis (better
> quality than mp3).
>
> I use cdparanoia and oggenc (for ogg/vorbis). I think abcde can
> use flac/vorbis too, but haven't used it.
>
>> For DVD's, I was thinking of stuff (thanks to Christian "naddy"
Weisberger)
>> like
>>
>> mplayer -dumpstream -dumpfile i-robot.vob dvd://1
>
> That solution has problems with multiple audio streams (IIRC) and
> subtitles. Also the compression rate can be improved if you use
> h264 or h265. Personally I use handbrake [1] with Matroska (mkv)
> as container (haven't tried that on OpenBSD though). Handbrake
> can't be automated AFAIK, but as I often need to manually adjust
> stuff like audio track languages or titles that isn't much of a
> problem.
>
> Regards
> Simon
>
> [1]: http://www.handbrake.fr/
> --
> + privacy is necessary
> + using gnupg http://gnupg.org
> + public key id: 0x92FEFDB7E44C32F9
>

Re: Ripping CDs and DVDs

2016-10-23 Thread Vijay Sankar 
  Quoting Mihai Popescu <mih...@gmail.com>:

>> In preparation for my retirement in 2050, I am setting up a media server
>> for all my DVDs and CDs.
>
> Krishna knows what we'll be using in 2050! There is a big chance wewill
> use nothing.

:) probably it will be a mind meld directly from the artist/band to the
listener by then !!!

Vijay
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Ripping CDs and DVDs

2016-10-22 Thread Vijay Sankar 
Hi,

In preparation for my retirement in 2050, I am setting up a media server
for all my DVDs and CDs.

For ripping CD's, I was planning to use abcde as follows:

abcde -q high -o mp3

For DVD's, I was thinking of stuff (thanks to Christian "naddy" Weisberger)
like

mplayer -dumpstream -dumpfile i-robot.vob dvd://1

The plan is to upload these files to an OpenBSD 5.9 server running minidlna
and then watch some of these (once the thousands of CDs and DVDs are
ripped) some day using VLC media player on an iPhone/iPad or my OpenBSD
desktop.

Am I on the right track or is there a better way to do this? Any advice
gratefully appreciated and accepted.

Thank you very much,

Vijay
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: generate xorg.conf

2016-06-13 Thread Vijay Sankar 
  Quoting Rudolf Sykora <rudolf.syk...@gmail.com>:

> Hello,
>
> please, how do one generate an xorg.conf file on openBSD?
>
> I thought running
> X -configure
> (or X :1 -configure, if X is running)
> would generate one, however, there seems to be no option -configure
> present. So how, then?
>
> (I want to read xorg.conf and then modify some parts to try to use wacom
> intuos3
> tablet [pressure sensitivity].)
>
> ThanksRuda

I remember doing this long time ago when there were three monitors on my
desk.

On my desktop, I had to do the following steps to create this file:

1) Edit /etc/sysctl.conf and add the line

machdep.allowaperture=1

2) Reboot

3) X -configure

Once I did that, there was a file called xorg.conf.new in the root
directory. There was also a log file /var/log/Xorg.1.log that may give you
more details.

Vijay
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Help with IPsec multiple transform policy

2016-04-16 Thread Vijay Sankar 
  Quoting Sly Midnight <slymidni...@yahoo.com>:

> I got it to work exactly as you suggested using isakmpd.conf.
>
> It took me quite a bit of searching to find the correct sort of syntax
> for that file to achieve what I wanted but it now allows me to connect.
>
> But I've run into another issue that I cannot resolve myself.
>
> Once I connect from ANY client, I can only move data on the VPN for a
> few seconds then it goes dead.
>
> I thought it might be an MTU issue, but I tried setting the MRU setting
> fairly low (such as 1200) in npppd and that didn't solve it.
>
> I tried setting skip on enc0 as well as pppx0 in pf rules and that
> didn't work either.
>
> What else could I be missing? Why would it work, but only briefly?
> Sly

Hi,

If appropriate/practical, it may be useful to provide some details about
your configuration to the list (ipsec.conf, isakmpd.conf, npppd.conf,
pf.conf, sysctl.conf, etc)..

 From your description I am assuming that phase 2 dies on you but of course
it is just a guess.

I am in the process of migrating my 5.7 infrastructure to 5.9 and do not
see any issues with npppd -- android, blackberry, and ios clients are able
to use IPSec, and access dovecot, opensmtpd, and apache-httpd-openbsd
without any problems. I tested native mobile device clients that use
ActiveSync as well as imap and smtp -- no issues to report so far. I am
also testing Windows clients from my home to my lab environment to test
Samba 4.3.8 this weekend and so far so good with the VPN.

I don't have "enterprise" type connections but have three ISP links at my
office (ADSL that uses PPPoE, vDSL, and Cable) and two links at the lab
(vDSL, Cable). Only place where I had to change MTU etc., was with ADSL and
I had to do a "match on pppoe0 scrub (no-df max-mss 1340)" in my pf.conf
re. ADSL for VPN to work properly.

Looking through my logs I see long-lived connections such as (changed IP
addresses but the rest are from the log):

Apr 14 04:51:29 mx2 npppd[19526]: ppp id=175 layer=base logtype=TUNNELUSAGE
user="xx" duration=58390sec layer2=L2TP_ipv4 layer2from=a.b.c.d:1701
auth=MS-CHAP-V2 data_in=277392bytes,3364packets
data_out=235270bytes,2576packets error_in=1 error_out=0 mppe=yes
mppe_in=128bits,stateless mppe_out=128bits,stateless iface=tun0

Vijay
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Recording computer sound.

2016-04-14 Thread Vijay Sankar 
  Quoting li...@wrant.com:

> Wed, 13 Apr 2016 10:07:01 +0200 Alexandre Ratchov <a...@caoua.org>
>> On Tue, Apr 12, 2016 at 08:22:40AM +0300, li...@wrant.com wrote:
>> Mon, 11 Apr 2016 19:17:31 +0200 Alexandre Ratchov <a...@caoua.org>
>>> On Sun, Apr 10, 2016 at 12:16:42PM +0300, li...@wrant.com wrote:
>>> >
>>> > Just an idea, before providing a diff, does it look like a good
>>> > candidate to go into FAQ13.4?  Thank you for your consideration.
>>>
>>> Yes, this would be good candidate (for the FAQ 13.5), as this is
>>> not the first time this is being discussed.
>>
>> Same observation here.  I was suggesting it could be a continuation of
>> the record audio sub-section 13.4, now doing it for 13.5 in accordance
>> with your recommendation and renumbering below (and the index page).
>>
>> Thank you for clarifying the numbering point, mailing the diff shortly.
>>
>>> Basically this proves that the code is not simple enough and
>>> usability needs to be improved.
>>
>> And additionally shows an important feature either not directly obvious
>> from the manual, or merely frequently used enough to need a FAQ mention.
>>
>> I use it all the time, others seem to use it as well; we should
>> enable it by default
>
> Thank you for considering these improvements worthwhile.  And much more
> enjoying the sndiod(8) man page [http://man.openbsd.org/?query=sndiod]
>
> While relevant, the quick idea to jot down the in flight tip at the
> original query for other viewers, now thanks to ratchov@ tj@ tb@ got
> FAQ section 13.5 [http://www.openbsd.org/faq/faq13.html#recordmon]

Tried and it works for me! Thank you very much it is a very nice addition
to the FAQ

Vijay
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: MAC addresses on vmd guests

2016-04-09 Thread Vijay Sankar 
  Thank you very much for the detailed explanation and of course for the
virtualization project.

Vijay

Quoting Mike Larkin <mlar...@azathoth.net>:

> On Fri, Apr 08, 2016 at 05:45:12PM -0500, Vijay Sankar wrote:
>> Hi,
>>
>> I was trying to test patches for vmm and uvm by Stefan Kempf. Everything
>> works great and copies between the host and guest are faster with the
>> patches but I noticed the following.
>>
>> Whenever I reboot the VMM host (running OpenBSD 5.9 -current from
>> yesterday
>> with custom kernel enabled with vmm0 at mainbus0) the guest OS (OpenBSD
>> 5.9
>> -release) has a different MAC address for the same vio0 interface.
>>
>> Is this expected behavior? Reason for asking this is that if it is not
>> expected behavior then probably I may be doing all this incorrectly and
>> any
>> feedback from my tests would just be a time waste for developers. So
>> wanted
>> to avoid that if possible.
>
> Each interface in each VM receives a random MAC presently. There is
> provision
> in the virtio spec to provide a user-defined mac, but this has not been
> plumbed
> all the way down from vmctl (yet).
>
> Take a look at the very end of /usr/src/usr.sbin/vmd/virtio.c[1] for a
> place you
> could set your MAC if you wanted. The MAC address is part of
> vm_create_params,
> so you could, in theory plumb it down from vmctl with another option or
> parse
> flavor if you wanted.
>
> We have not done this yet because the interface specification command
line
> argument starts to look really ugly. I think reyk@ is contemplating a vm
> config
> file definition at some point to handle these extended parameters.
>
> Eg, we don't want something like this:
>
> vmctl start foo -c -k /bsd -i 2,11:22:33:44:55:66,77:88:99:AA:BB:CC
>
> ... although you could probably add that to vmctl in your own local tree
> without
> much hassle (I'm not interested in seeing that diff though as we have
> already
> discussed this and ruled it out).
>
> -ml
>
>> I am running dhcpd on the host and the lease file looks as follows. I
>> only
>> have one VM guest on this test system.
>>
>> builder.lab.foretell.ca$ cat /var/db/dhcpd.leases
>>  ??
>> lease 192.168.1.33 {
>> ?? starts 5 2016/04/08 21:09:17 UTC;
>> ?? ends 6 2016/04/09 09:09:17 UTC;
>> ?? hardware ethernet fe:e1:ba:d0:a6:73;
>> ?? uid 01:fe:e1:ba:d0:a6:73;
>> }
>> lease 192.168.1.32 {
>> ?? starts 5 2016/04/08 21:00:45 UTC;
>> ?? ends 6 2016/04/09 09:00:45 UTC;
>> ?? hardware ethernet fe:e1:ba:d0:40:32;
>> ?? uid 01:fe:e1:ba:d0:40:32;
>> }
>> lease 192.168.1.34 {
>> ?? starts 5 2016/04/08 21:11:55 UTC;
>> ?? ends 6 2016/04/09 09:11:55 UTC;
>> ?? hardware ethernet fe:e1:ba:d0:ee:a5;
>> ?? uid 01:fe:e1:ba:d0:ee:a5;
>> }
>>
>> lease 192.168.1.35 {
>> ?? starts 5 2016/04/08 21:49:46 UTC;
>> ?? ends 6 2016/04/09 09:49:46 UTC;
>> ?? hardware ethernet fe:e1:ba:d0:98:23;
>> ?? uid 01:fe:e1:ba:d0:98:23;
>> }
>>
>> DMESG from VMM HOST
>>
>> OpenBSD 5.9-current (GENERIC.MP) #0: Fri Apr?? 8 13:59:37 CDT 2016
>> ??
>> r...@builder.lab.foretell.ca:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>> real mem = 16806883328 (16028MB)
>> avail mem = 16293249024 (15538MB)
>> mpath0 at root
>> scsibus0 at mpath0: 256 targets
>> mainbus0 at root
>> bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xeb410 (106 entries)
>> bios0: vendor American Megatrends Inc. version "0509" date 05/09/2012
>> bios0: ASUSTeK COMPUTER INC. P8H77-V LE
>> acpi0 at bios0: rev 2
>> acpi0: sleep states S0 S1 S3 S4 S5
>> acpi0: tables DSDT FACP APIC MCFG HPET SSDT SSDT SSDT
>> acpi0: wakeup devices UAR1(S4) PS2K(S4) PS2M(S4) P0P1(S4) PXSX(S4)
>> RP01(S4)
>> PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) BR10(S4)
>> RP06(S4) PXSX(S4) [...]
>> acpitimer0 at acpi0: 3579545 Hz, 24 bits
>> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
>> cpu0 at mainbus0: apid 0 (boot processor)
>> cpu0: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz, 3502.50 MHz
>> cpu0:
>>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,AES,XSAVE,AVX,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARA

Re: MAC addresses on vmd guests

2016-04-09 Thread Vijay Sankar 
Thank you very much.

Sent from my iPhone

> On Apr 9, 2016, at 08:21, Stefan Kempf <sisnk...@gmail.com> wrote:
>
> Vijay Sankar wrote:
>>  Hi,
>>
>> I was trying to test patches for vmm and uvm by Stefan Kempf. Everything
>> works great and copies between the host and guest are faster with the
>> patches but I noticed the following.
>
> thanks for testing!
>
>> Whenever I reboot the VMM host (running OpenBSD 5.9 -current from
yesterday
>> with custom kernel enabled with vmm0 at mainbus0) the guest OS (OpenBSD
5.9
>> -release) has a different MAC address for the same vio0 interface.
>>
>> Is this expected behavior? Reason for asking this is that if it is not
>> expected behavior then probably I may be doing all this incorrectly and
any
>> feedback from my tests would just be a time waste for developers. So
wanted
>> to avoid that if possible.
>
> Yes, it's expected. vmd(8) does not yet support having the user define
> the MAC address of a vio(4) interface. So vio(4) generates a random one.
>
>> I am running dhcpd on the host and the lease file looks as follows. I only
>> have one VM guest on this test system.
>>
>> builder.lab.foretell.ca$ cat /var/db/dhcpd.leases
>>  ??
>> lease 192.168.1.33 {
>> ?? starts 5 2016/04/08 21:09:17 UTC;
>> ?? ends 6 2016/04/09 09:09:17 UTC;
>> ?? hardware ethernet fe:e1:ba:d0:a6:73;
>> ?? uid 01:fe:e1:ba:d0:a6:73;
>> }
>> lease 192.168.1.32 {
>> ?? starts 5 2016/04/08 21:00:45 UTC;
>> ?? ends 6 2016/04/09 09:00:45 UTC;
>> ?? hardware ethernet fe:e1:ba:d0:40:32;
>> ?? uid 01:fe:e1:ba:d0:40:32;
>> }
>> lease 192.168.1.34 {
>> ?? starts 5 2016/04/08 21:11:55 UTC;
>> ?? ends 6 2016/04/09 09:11:55 UTC;
>> ?? hardware ethernet fe:e1:ba:d0:ee:a5;
>> ?? uid 01:fe:e1:ba:d0:ee:a5;
>> }
>>
>> lease 192.168.1.35 {
>> ?? starts 5 2016/04/08 21:49:46 UTC;
>> ?? ends 6 2016/04/09 09:49:46 UTC;
>> ?? hardware ethernet fe:e1:ba:d0:98:23;
>> ?? uid 01:fe:e1:ba:d0:98:23;
>> }
>>
>> DMESG from VMM HOST
>>
>> OpenBSD 5.9-current (GENERIC.MP) #0: Fri Apr?? 8 13:59:37 CDT 2016
>> ??
>> r...@builder.lab.foretell.ca:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>> real mem = 16806883328 (16028MB)
>> avail mem = 16293249024 (15538MB)
>> mpath0 at root
>> scsibus0 at mpath0: 256 targets
>> mainbus0 at root
>> bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xeb410 (106 entries)
>> bios0: vendor American Megatrends Inc. version "0509" date 05/09/2012
>> bios0: ASUSTeK COMPUTER INC. P8H77-V LE
>> acpi0 at bios0: rev 2
>> acpi0: sleep states S0 S1 S3 S4 S5
>> acpi0: tables DSDT FACP APIC MCFG HPET SSDT SSDT SSDT
>> acpi0: wakeup devices UAR1(S4) PS2K(S4) PS2M(S4) P0P1(S4) PXSX(S4)
RP01(S4)
>> PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) BR10(S4)
>> RP06(S4) PXSX(S4) [...]
>> acpitimer0 at acpi0: 3579545 Hz, 24 bits
>> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
>> cpu0 at mainbus0: apid 0 (boot processor)
>> cpu0: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz, 3502.50 MHz
>> cpu0:
>>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX
,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,AES,XSAVE,AV
X,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
>> cpu0: 256KB 64b/line 8-way L2 cache
>> cpu0: smt 0, core 0, package 0
>> mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
>> cpu0: apic clock running at 102MHz
>> cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
>> cpu1 at mainbus0: apid 2 (application processor)
>> cpu1: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz, 3502.00 MHz
>> cpu1:
>>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX
,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,AES,XSAVE,AV
X,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
>> cpu1: 256KB 64b/line 8-way L2 cache
>> cpu1: smt 0, core 1, package 0
>> cpu2 at mainbus0: apid 4 (application processor)
>> cpu2: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz, 3502.00 MHz
>> cpu2:
>>
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,D

MAC addresses on vmd guests

2016-04-08 Thread Vijay Sankar 
ltek 8168" rev 0x09: RTL8168F/8111F
(0x4800), msi, address c8:60:00:98:ea:88
rgephy0 at re0 phy 7: RTL8169S/8110S/8211 PHY, rev. 5
ppb3 at pci0 dev 28 function 5 "Intel 82801BA Hub-to-PCI" rev 0xc4: msi
pci4 at ppb3 bus 4
ppb4 at pci4 dev 0 function 0 "ASMedia ASM1083/1085 PCIE-PCI" rev 0x03
pci5 at ppb4 bus 5
ppb5 at pci0 dev 28 function 6 "Intel 7 Series PCIE" rev 0xc4: msi
pci6 at ppb5 bus 6
em0 at pci6 dev 0 function 0 "Intel 82574L" rev 0x00: msi, address
68:05:ca:06:69:8b
ppb6 at pci0 dev 28 function 7 "Intel 7 Series PCIE" rev 0xc4: msi
pci7 at ppb6 bus 7
em1 at pci7 dev 0 function 0 "Intel 82574L" rev 0x00: msi, address
68:05:ca:06:6a:68
ehci1 at pci0 dev 29 function 0 "Intel 7 Series USB" rev 0x04: apic 2 int
23
usb2 at ehci1: USB revision 2.0
uhub2 at usb2 "Intel EHCI root hub" rev 2.00/1.00 addr 1
pcib0 at pci0 dev 31 function 0 "Intel H77 LPC" rev 0x04
ahci0 at pci0 dev 31 function 2 "Intel 7 Series AHCI" rev 0x04: msi, AHCI
1.3
ahci0: port 5: 3.0Gb/s
scsibus3 at ahci0: 32 targets
sd0 at scsibus3 targ 5 lun 0: <ATA, WDC WD4001FFSX-6, 81.0> SCSI3 0/direct
fixed naa.50014ee2b53c13e9
sd0: 3815447MB, 512 bytes/sector, 7814037168 sectors
ichiic0 at pci0 dev 31 function 3 "Intel 7 Series SMBus" rev 0x04: apic 2
int 18
iic0 at ichiic0
iic0: addr 0x20 01=00 02=00 03=00 04=00 05=00 06=00 07=00 08=00 09=00 0a=00
0b=22 0c=22 0d=88 0e=88 0f=00 10=00 11=98 12=fc 13=04 14=00 15=00 16=38
17=7a 18=00 19=00 1a=00 1b=32 1c=32 1d=22 1e=88 1f=02 20=00 21=00 22=1a
23=84 24=00 25=00 26=55 27=09 28=bf 29=00 2a=f5 2b=00 2c=01 2d=d0 2e=a0
2f=18 30=00 31=00 32=00 33=68 3e=03 46=00 47=03 48=04 49=13 b2=20 b3=83
words 00=ff00 01= 02= 03= 04= 05= 06= 07=
spdmem0 at iic0 addr 0x50: 4GB DDR3 SDRAM PC3-10600
spdmem1 at iic0 addr 0x51: 4GB DDR3 SDRAM PC3-10600
spdmem2 at iic0 addr 0x52: 4GB DDR3 SDRAM PC3-10600
spdmem3 at iic0 addr 0x53: 4GB DDR3 SDRAM PC3-10600
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
vmm0 at mainbus0: VMX/EPT
uhub3 at uhub1 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
uhub4 at uhub2 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
uhub5 at uhub4 port 6 "ALCOR Generic USB Hub" rev 1.10/3.12 addr 3
uhidev0 at uhub5 port 1 configuration 1 interface 0 "Microsoft Wired
Keyboard 400" rev 2.00/3.00 addr 4
uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 variable keys, 6 key codes
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
uhidev1 at uhub5 port 3 configuration 1 interface 0 "No brand 4 Port
KVMSwicther" rev 1.10/1.00 addr 5
uhidev1: iclass 3/0
ukbd1 at uhidev1: 8 variable keys, 6 key codes
wskbd2 at ukbd1 mux 1
wskbd2: connecting to wsdisplay0
uhidev2 at uhub5 port 3 configuration 1 interface 1 "No brand 4 Port
KVMSwicther" rev 1.10/1.00 addr 5
uhidev2: no input interrupt endpoint
vscsi0 at root
scsibus4 at vscsi0: 256 targets
softraid0 at root
scsibus5 at softraid0: 256 targets
root on sd0a (6a09698dd1b09fb0.a) swap on sd0b dump on sd0b

DMESG from VMM Guest

# dmesg
OpenBSD 5.9 (GENERIC) #1761: Fri Feb 26 01:15:04 MST 2016
    dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
RTC BIOS diagnostic error 20
real mem = 1056964608 (1008MB)
avail mem = 1020825600 (973MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0
acpi at bios0 not configured
cpu0 at mainbus0: (uniprocessor)
cpu0: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz, 11734.71 MHz
cpu0:
FPU,VME,DE,PSE,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,MMX,FXSR,SSE,SSE2,SS,HTT,PBE,SSE3,PCLMUL,DTES64,DS-CPL,SSSE3,CX16,xTPR,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,AES,AVX,HV,ITSC
pvbus0 at mainbus0: OpenBSD
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "OpenBSD VMM PCI Host Bridge" rev 0x00
virtio0 at pci0 dev 1 function 0 "Qumranet Virtio RNG" rev 0x00
viornd0 at virtio0
virtio0: irq 3
virtio1 at pci0 dev 2 function 0 "Qumranet Virtio Storage" rev 0x00
vioblk0 at virtio1
scsibus1 at vioblk0: 2 targets
sd0 at scsibus1 targ 0 lun 0: <VirtIO, Block Device, > SCSI3 0/direct fixed
sd0: 4096MB, 512 bytes/sector, 8388608 sectors
virtio1: irq 5
virtio2 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00
vio0 at virtio2: address fe:e1:ba:d0:ee:a5
virtio2: irq 9
isa0 at mainbus0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns8250, no fifo
com0: console
nvram: invalid checksum
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
root on sd0a (b57b955611f70a33.a) swap on sd0b dump on sd0b
WARNING: / was not properly unmounted
WARNING: invalid time in clock chip
WARNING: CHECK AND RESET THE DATE!

/etc/vm.conf is as follows:

vm "vm1.lab.foretell.ca" {
        enable
        memory 1G
        interfaces 1
        kernel "/home/vm/bsd"
        disk "/home/vm/OpenBSD.img"
}

Please let me know if you have any suggestions on what could be causing the
changes to Guest OS MAC addresses.

Thanks very much,

Vijay
 
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: January 24 i386 snapshot - php_fpm seems not to work

2016-01-25 Thread Vijay Sankar 

Quoting bruce <bruc...@laernu.com>:


Or may I'm crazy or just being stupid.
This system used to be the router/firewall running OpenBSD 5.5
Some new people moved in and it was replaced by a SonicWALL appliance.
So I decided to make it a web server.
Installed 5.8. short story-no details- I could never get php and  
mariadb working

at the same time!
started over with snapshot
Decided to chroot httpd to /home/www instead of /var/www. I guess I  
just like a

challenge.
Also using unix sockets and not tcp for interprocess communications. More
challenges.
The httpd server only wants to serve static html pages. Any attempt  
to retreive

a php page just gives a file not found message through the browser.
Take a look at this <http://tonyevil.zapto.org> to see  
configurations and dmesg.

I don't really understand http.conf.
Any tips appreciated.


I looked at the list of packages you had and compared to mine. In my  
case, I have


php-fpm-5.6.13p0stand-alone FPM version of PHP

but did not see that in your list.

However, I am using an older snapshot and there may be something else  
I am not seeing.


--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: permanent ARP being overwritten by ISP

2016-01-17 Thread Vijay Sankar 
Not clear from your message so I was wondering if you have all the following
on the same switch

ISP interface
External interface of your firewall
Internal interface of your firewall
Interfaces of your other systems

I noticed behaviour similar to what you described when I did something like
the above.

The arp rewrite attempts stopped when I separated the Internet connection and
the external interface of the firewall on one switch and all the internal
systems on another switch.

Vijay

Sent from my iPhone

> On Jan 16, 2016, at 12:40, Doug Moss  wrote:
>
> (my apologies for last message - unfamiliar with Yahoo and forcing plain
text email)
>
> Why is a manually entered permanent arp entry being overwritten?
>
>
> At my home, I have an ISP from which I have 5 static IPv4 addresses.
> I use these for my home network, a home email server, jabber server for
family/friends,
> website related to my academic work, etc, with different domains.
>
>
> The ISP service comes into my home via an ethernet cable which I connect to
a switch
> (Cisco gigabit)
>
> Connected to the switch are:
> (A) router to my home network (behind which are desktops, a wireless access
point, kids laptops, etc)
> a low-power, dual NIC OpenBSD amd64 running NAT and unbound (caching)
> with IP address 70.20.25.26
> (B) the academic website
> a low-power, OpenBSD 5.7 amd64
> with IP address 70.20.25.30
> (plus other servers)
>
> The ISP gateway/router is IP address 70.20.25.1
>
> On the academic website, I noticed that the arp table
> showed 70.20.25.26 with the MAC of the ISP gateway
>
> I thought - why should my private traffic from my personal webserver be
routed
> through the ISP gateway - why not go directly to my home network on the same
switch?
>
> So on my webserver, I did this:
> # sudo arp -s 70.20.25.26 00:25:90:0A:69:B6 permanent
>
> Then I checked:
> # arp -an
> Host Ethernet Address   Netif Expire
Flags
> 70.20.25.1   fa:c0:01:75:98:cdem0 19m59s
> 70.20.25.26  00:25:90:0a:69:b6em0 permanent
> 70.20.25.30  00:25:90:ea:52:9cem0 permanent  l
>
> The next day, I found this is the logs:
> Jan 12 08:17:54 www /bsd: arp info overwritten for 70.20.25.26 by
00:25:90:0a:69:b6 on em0
> Jan 12 08:17:54 www /bsd: arp info overwritten for 70.20.25.26 by
fa:c0:01:75:98:cd on em0
> Jan 12 08:37:54 www /bsd: arp info overwritten for 70.20.25.26 by
00:25:90:0a:69:b6 on em0
> Jan 12 08:37:54 www /bsd: arp info overwritten for 70.20.25.26 by
fa:c0:01:75:98:cd on em0
> Jan 12 08:57:54 www /bsd: arp info overwritten for 70.20.25.26 by
00:25:90:0a:69:b6 on em0
> Jan 12 08:57:54 www /bsd: arp info overwritten for 70.20.25.26 by
fa:c0:01:75:98:cd on em0
> (repeated a couple hundred times)
>
> $ arp -an
> Host Ethernet Address   Netif Expire
Flags
> 70.20.25.1   fa:c0:01:75:98:cdem0 19m54s
> 70.20.25.26  fa:c0:01:75:98:cdem0 17m15s
> 70.20.25.30  00:25:90:ea:52:9cem0 permanent  l
>
> and
> $ traceroute 70.20.25.26
> traceroute to 70.20.25.26 (70.20.25.26), 64 hops max, 40 byte packets
> 1  lo0-100.BSTNMA-VFTTP-308.verizon-gni.net (70.20.25.1)  2.841 ms  0.594 ms
3.724 ms
> 2  static-70-20-25-26.bstnma.fios.verizon.net (70.20.25.26)  3.544 ms  1.255
ms  3.593 ms
>
> Am I understanding this correctly?
> Is the ISP gateway continuing to try to re-direct the arp table on my home
router
> to route traffic out to its gateway before coming back to my home network,
instead of
> directly from my router to the other server connected to ports on the same
switch?
>
>
> Have I done something wrong in my configuration?
>
> Is this (a) expected (b) strange but innocent (c) nefarious, or (d)
something else?

Alias equivalent in 5.8 httpd

2015-12-21 Thread Vijay Sankar 

I was wondering what would be the equivalent of Alias in the new httpd.conf

For example, I have

Alias /Microsoft-Server-ActiveSync /var/www/htdocs/horde/rpc.php

in /var/www/conf/httpd.conf with apache-httpd-openbsd-1.3.20140502p4.

With the new httpd, I tried stuff like

location "/Microsoft-Server-ActiveSync" {
block return 301 "http://$SERVER_NAME/horde/rpc.php;
fastcgi socket "/run/php-fpm.sock"
}

in /etc/httpd.conf but that did not work. Not sure whether there is a  
different 3xx code that should be used instead of the permanent  
redirection.


Please let me know if you could point me to any examples that would be  
the equivalent of Alias.


Thanks very much,

Vijay

--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: CD's arrived

2015-10-15 Thread Vijay Sankar 

Quoting Carl Trachte <ctrac...@gmail.com>:


Tucson, Arizona

On Tue, Oct 13, 2015 at 5:25 PM, Ralph Siegler <rsieg...@rsiegler.org> wrote:

On Wed, 07 Oct 2015 14:51:28 +, M Wheeler wrote:


CD's arrived today UK. Thanks again.


Just arrived just north of Chicago, IL USA  (pre-ordered Sept 15)  Many
thanks!


I received mine today in Winnipeg, MB, Canada. The cover looks great!!  
Thanks very much to all the developers.


Reporting this to the list only because I did not notice anyone from  
Canada mentioning that they received the CDs yet. Also, just in case  
you all are wondering, it is a very nice day in Winnipeg (7 Celsius,  
42 kmph wind, excellent day for biking :)



--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: USB mouse spontaneously detaching

2015-08-18 Thread Vijay Sankar 
 on.

 This is what I get in ttyC0:

 ums0 detached
 uhidev2 detached
 uhidev2 at uhub3 port 4 configuration 1 interface 0 Microsoft Microsoft
 Basic Optical Mouse v2.0 rev 1.10/1.04 addr 3
 uhidev2: iclass 3/1
 ums0 at uhidev2: 3 buttons, Z dir
 wsmouse0 at ums0 mux 0
 wsmouse0 detached
 ums0 detached
 uhidev2 detached
 uhidev2 at uhub3 port 4 configuration 1 interface 0 Microsoft Microsoft
 Basic Optical Mouse v2.0 rev 1.10/1.04 addr 3
 uhidev2: iclass 3/1
 ums0 at uhidev2: 3 buttons, Z dir
 wsmouse0 at ums0 mux 0

 I have two MS basic optical mouse, one wired and another wireless. The
 behaviour is exactly the same.

 wsmoused is not running, and I have nothing in my xorg.conf (actually I
 don't have a xorg.conf).

 I've found only one reference to a similar problem in misc@ but,
 unfortunatelly, there was no reply.

 So, any suggestion? Important to highlight that in X mouse works
 perfectly. It's just those annoying messages that keep popping up in the
 console that bothers me.

 Cheers,
 Luciano.




--
Shaun

Ars longa, vita brevis, occasio praeceps, experimentum periculosum,
iudicium difficile - Hippocrates (c. 400BC)



--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: USB mouse spontaneously detaching

2015-08-18 Thread Vijay Sankar 
Just out of curiousity, I tried this on my desktop workstation (5.7  
-stable, AMD64) with a Microsoft Mouse and a Microsoft Keyboard. I  
normally use KDE4 so don't see any of the console messages. So wanted  
to check if the messages come up on a system without the KVM.


It does on this system as well. Did not see any difference after  
removing USB 3.0 support so went back to the default settings


uhidev1 at uhub4 port 5 configuration 1 interface 0 Microsoft  
Microsoft Basic Optical Mouse rev 1.10/1.04 addr 4

uhidev1: iclass 3/1
ums0 at uhidev1: 3 buttons, Z dir
wsmouse0 at ums0 mux 0
wsmouse0 detached
ums0 detached
uhidev1 detached
uhidev1 at uhub4 port 5 configuration 1 interface 0 Microsoft  
Microsoft Basic Optical Mouse rev 1.10/1.04 addr 4

uhidev1: iclass 3/1
ums0 at uhidev1: 3 buttons, Z dir
wsmouse0 at ums0 mux 0




Quoting Luciano Rottava da Silva rott...@gmail.com:


That´s exactly my approach as well. (-:

Boot the machine and switch to another tty. So looks like issue is much
older than I thought.

By the way, I have a mechanical brown cherry switch japanese keyboard and
also I HHKB, and both work perfectly. On the other hand, both mice have
this behaviour.


On 18 August 2015 at 09:40, Vijay Sankar vsan...@foretell.ca wrote:


I have had the same issue going back to OpenBSD 4.x ever since I changed
the KVM that had PS2 mouse and keyboard to a KVM with USB mouse etc. As a
result I always thought it was because of my KVM, so did not report it all
these years!!!

Anyways, my caveman like approach to solve this was to do a CTRL-ALT-F2 if
I had to do anything with vi etc.

Vijay

Quoting Shaun Reiger srei...@sprmail.net:

Ok so I use a cheep Logitech K120 keyboard and mouse that are plugged in to

the usb 2 ports when I see the detach messages. But I tried a test with a
combined keyboard/mouse also a Logitech model K400r and I haven't seen any
detach messages. This was also plugged into the same usb 2 port. I have a
HHKB keyboard which also doesn't illicit any detach message. These detach
message may only be caused by specific keyboard and mouse models.

I'll keep testing and post any findings.



On Monday, August 17, 2015, Luciano Rottava da Silva rott...@gmail.com
wrote:

Here it is my dmesg:


OpenBSD 5.7 (GENERIC.MP) #881: Sun Mar  8 11:04:17 MDT 2015
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8015122432 (7643MB)
avail mem = 7797841920 (7436MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xeb0d0 (56 entries)
bios0: vendor American Megatrends Inc. version 1609 date 01/07/2014
bios0: ASUSTeK COMPUTER INC. F1A55-M LE
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG HPET SSDT SSDT
acpi0: wakeup devices SBAZ(S4) PS2K(S4) PS2M(S4) UAR1(S4) UHC1(S4)
UHC2(S4) USB3(S4) UHC4(S4) USB5(S4) UHC6(S4) UHC7(S4) PE20(S4)
PE21(S4) RLAN(S4) PE22(S4) PE23(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD A6-3500 APU with Radeon(tm) HD Graphics, 2100.18 MHz
cpu0:



FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,3D
NOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKIN
IT,ITSC

cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB
64b/line 16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully
associative
cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully
associative
cpu0: AMD erratum 721 detected and fixed
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 199MHz
cpu0: mwait min=64, max=64, C-substates=0.0.0.0.0, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD A6-3500 APU with Radeon(tm) HD Graphics, 2099.94 MHz
cpu1:



FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,3D
NOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKIN
IT,ITSC

cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB
64b/line 16-way L2 cache
cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully
associative
cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully
associative
cpu1: AMD erratum 721 detected and fixed
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 2 (application processor)
cpu2: AMD A6-3500 APU with Radeon(tm) HD Graphics, 2099.94 MHz
cpu2:



FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,3D
NOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKIN
IT,ITSC

cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB
64b

Re: Show us your /etc/profile

2015-08-02 Thread Vijay Sankar 

Quoting Benny Lofgren bl-li...@lofgren.biz:


On 2015-08-02 08:23, Alessandro DE LAURENZIS wrote:

On Sat 01/08/2015 14:09, Vijay Sankar wrote:

alias nof='ls -l . | egrep -c '^-''
I have always wondered if there is a better way of doing this.


In general, I would avoid using a pipe when a native command exists (and
particularly in this case, where grep string comparison is a slow
operation); this could probably be more appropriate:


There IS no native command doing what Vijay wants... you introduced a
pipe in your own example, too.

Don't be afraid of pipes!

There isn't necessarily a disadvantage in splitting jobs through a pipe.
For example, it enables the system to better utilize multiple
processors/cores, which may or may not make a difference.


In this case, your example is undoubtedly faster.

*But*, what you did was to speed optimize a process, involving a human
operator, to work half a second faster in a rather constructed scenario
with over a hundred thousand files in one directory.

In practice, the difference is completely imperceptible for the operator:


88888 (cut)
bl@paddan:~$ cd /usr/share/man/man3  # [1]
bl@paddan:/usr/share/man/man3$ time ls -l . | egrep -c '^-'
4045
0m0.05s real 0m0.02s user 0m0.03s system
bl@paddan:/usr/share/man/man3$ time find . -maxdepth 1 -type f | wc -l
4045
0m0.04s real 0m0.01s user 0m0.02s system
bl@paddan:/usr/share/man/man3$ _
88888 (cut)


This kind of optimization is really not that productive.

There is for sure a good lesson in showing how to do things in different
ways, to broaden ones horizon when it comes to thinking outside the box
(or pipe).


But, starting to talk about shaving fractions of a second off of an
interactive command in an edge case is just a red herring in my opinion.
It teaches the wrong message.


A much better optimization for this question, in my mind, is this:

Don't use an alias at all! Instead use a shell function, like this:

88888 (cut)
nof() {
ls -l $1 | egrep -c '^-'
}
88888 (cut)

(In this case, substituting find is *not* immediately applicable.)


The advantage of this approach is that in the regular case nof works
just like in Vijay's original alias, but this has the added
functionality of being able to nof any directory with a command line
argument, like this:

88888 (cut)
bl@paddan:/usr/share/man/man3$ nof
4045
bl@paddan:/usr/share/man/man3$ nof /bin
42 -- (Who knew Douglas Adams was an OpenBSD contributor!)
bl@paddan:/usr/share/man/man3$
88888 (cut)


You can't do the above (as easily) with the find approach, since it
doesn't work without a directory argument. (Yes, of course we can add
code to fix that, but that's not the point here.)


This isn't a SPEED optimization, it is a FUNCTIONALITY optimization.

It is a better way to do the same thing, just what Vijay asked for. :-)


Moral of my story: KISS. Keep It Simple, Stupid.

Put your efforts in the right place.


Regards,

/Benny



[1] I first did this to quickly find out which directory in my machine
was the biggest, to have somewhere to play:

bl@paddan:~$ sudo find / -type d -ls | cut -c48- | grep -v ^   

The cut and grep business sorts out all smaller directories with three
or four digit sizes, giving me a quick overview over the biggest
directories.

This whole operation took me less than a minute, including a couple of
trial-and-error runs to find out the best position for the cut.

I am sure there are much better and more accurate ways of doing this,
still with simple shell commands and pipe chaining, but this is what I
thought of off the top of my head, and it did this one-shot job much
more quickly than if I had sat down to come up with a more accurate or
general solution.

Optimizing your *work* doesn't have to include measuring cpu cycles!




alias nof='find ./ -type f -maxdepth 1 | wc -l'

See the difference in runtime in case of a huge file listing (not so
uncommon...):

just22@poseidon:[tmp] time find ./ -type f -maxdepth 1 | wc -l
  113069

  real0m1.732s
  user0m0.100s
  sys 0m1.560s


just22@poseidon:[tmp] time ls -l ./ | egrep -c ^-
113069

real0m2.238s
user0m0.630s
sys 0m1.550s


All the best


Thanks very much Alessandro, Raul, and Benny. Really appreciate all  
your thoughtful comments. They were very educational for me.


Benny's shell function is more appropriate for what I am doing with  
nof. I am very embarrassed to admit this but unfortunately I never  
thought of using a shell function in .profile till I read this thread.  
Thanks again Benny Lofgren.


Just in case it is of any relevance this is what I use nof for. I  
have a few ports building systems running and they run different  
versions of OpenBSD. As a result

Re: Show us your /etc/profile

2015-08-01 Thread Vijay Sankar 

Quoting listas...@dna.uba.ar:


Hello everybody

How do you customize your environment?

What aliases or custom functions do you use?

Here's my /etc/profile I think you can find one or two interesting things
in it.

Show us yours!

(in case wordwrapping breaks long lines: http://pastie.org/10322761)

#

hname=`hostname`
hname=${hname%%.*}

# You are here
test ! -f ~/.hushlogin  test -t 0  banner $hname

# complete path
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/u/system/bin:
export PATH

# system defaults
PAGER=less
export PAGER
EDITOR=vi
test -x /usr/local/bin/vim  EDITOR=vim
export EDITOR

# confort
alias more=less
alias ls='ls -Fca'
alias l='ls -l'
alias wget='wget -c'

alias _tf='tail -20 -f '
alias tf='_tf /var/log/messages'
alias tfm='_tf /var/log/maillog'
alias tfd='_tf /var/log/daemon'

alias ducks='du -cks * |sort -rn |head -11'

alias pid='ps awx | grep -v grep | egrep -- '
test -x `which pgrep 2 /dev/null`  alias pid='pgrep -lf '

pidof()
{
  pgrep $1
}

pkey()
{
  cat ~/.ssh/id_dsa.pub | \
ssh $1 (mkdir ~/.ssh  /dev/null 21; cat -  ~/.ssh/authorized_keys)
}

# windozise
#alias rm='rm -i'
#alias mv='mv -i'
#alias cp='cp -i'

# www
alias gohtdocs='cd /var/www/htdocs'
alias gosite='cd /var/www/htdocs/site/'

alias httpd_restart='/etc/rc.d/httpd restart'

# OpenBSD CVS
CVSROOT=anon...@anoncvs.openbsd.org:/cvs
export CVSROOT

CVS_RSH=/usr/bin/ssh
export CVS_RSH

# OpenBSD packages
export PKG_PATH=http://ftp.openbsd.org/pub/OpenBSD/`uname
-r`/packages/`uname -m`/
export PKG_PATH

# ui
if [ ${SHELL} = /bin/ksh ]
then
PS1=$hname':$PWD{!}'

if [ $USER == root ]
then
export PS1=$PS1# 
alias p='export PS1=# '
else
export PS1=$PS1 
alias p='export PS1=$ '
fi

set -o emacs# heh
set -o vi-tabcomplete   # bashishhh

bind ^B=backward-word
bind ^N=forward-word
fi

unset hname

# ui
if [ -t 0 ]
then
stty erase ^?
stty status ^T  # for dd(1)
fi

#

alias fw_log='tcpdump -ttt -nle -i pflog0'

alias openports='fstat | grep internet| grep -v 127.0.0 | sort -u | awk {
print \$9 } | sort -u'

xtitle()
{
   printf \\033]0;$1\\007
}


alias unspam='sa-learn --ham --dbpath /var/amavisd/.spamassassin -u _vscan'
alias idspam='sudo -u _vscan /bin/sh -l'

function spamtrap
{
test -z $1  echo 'usage: spamtrap regex to block'  return 1

spamdb  | grep $1 | cut -d\| -f 2 | while read x ; do spamdb -t -a $x;
done
}

export http_proxy=http://157.92.192.253:8080/;
export https_proxy=$http_proxy
export ftp_proxy=$http_proxy

test -f /etc/profile.local  . /etc/profile.local


Thanks very much, very interesting. My .profile is a very small subset  
of yours except for the following.


To quickly see how many files I have in a directory, I use

alias nof='ls -l . | egrep -c '^-''

I have always wondered if there is a better way of doing this.
--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Disk Problem

2015-07-10 Thread Vijay Sankar 

Quoting Otto Moerbeek o...@drijf.net:


On Fri, Jul 10, 2015 at 04:04:04PM +, Vijay Sankar wrote:


My objective for this weekend was to follow the new dpb and build ports
without using sudo. So I was hoping to upgrade to the latest snapshot on a
system that I use for tests.

The test system has a 2TB drive and it had two 300GB partitions in it for
ports and vm; and a 120GB SSD for the OS and used to look as follows:

Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd1a 1005M   55.0M900M 6%/
/dev/sd1k 64.5G   20.9G   40.3G34%/home
/dev/sd1d  3.9G   10.0K3.7G 0%/tmp
/dev/sd1f  2.0G966M946M51%/usr
/dev/sd1g 1005M191M764M20%/usr/X11R6
/dev/sd1h  9.8G2.9G6.5G31%/usr/local
/dev/sd1j  2.0G2.0K1.9G 0%/usr/obj
/dev/sd1i  2.0G827M1.1G43%/usr/src
/dev/sd1e 13.5G   26.5M   12.8G 0%/var
/dev/sd0h  298G176G107G62%/ports
/dev/sd0f  298G   19.6G263G 7%/vm

My /etc/fstab was

4f0cd8b5e7fd8f6a.b none swap sw
4f0cd8b5e7fd8f6a.a / ffs rw 1 1
4f0cd8b5e7fd8f6a.k /home ffs rw,nodev,nosuid 1 2
4f0cd8b5e7fd8f6a.d /tmp ffs rw,nodev,nosuid 1 2
4f0cd8b5e7fd8f6a.f /usr ffs rw,nodev 1 2
4f0cd8b5e7fd8f6a.g /usr/X11R6 ffs rw,nodev 1 2
4f0cd8b5e7fd8f6a.h /usr/local ffs rw,nodev 1 2
4f0cd8b5e7fd8f6a.j /usr/obj ffs rw,nodev,nosuid 1 2
4f0cd8b5e7fd8f6a.i /usr/src ffs rw,nodev,nosuid 1 2
4f0cd8b5e7fd8f6a.e /var ffs rw,nodev,nosuid 1 2
4d43e3389228e319.h /ports ffs rw,nodev,nosuid 1 2
4d43e3389228e319.f /vm ffs rw,nodev,nosuid 1 2

I am not sure what happened -- but when I rebooted the system this morning
/ports and /vm would not mount; so I commented out the last two lines in
/etc/fstab and rebooted. After reboot disklabel seems to have changed
completely and it currently looks like this:

# disklabel sd0
# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: ST2000DM001-1CH1
duid: 
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 503
total sectors: 8089950
boundstart: 0
boundend: 8089950
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize  cpg]
  c:  80899500  unused


Is there any way fix the disklabel or is this an error that is impossible to
recover from? duid used to show up as 4d43e3389228e319 and not
.

Please let me know if you have any suggestions.


Get your old label from /var/backups and try to restore it with
disklabel -R.  You don't tell what your platform is, it might be that
you also need to do fdisk work first to restore the mbr partition
table.

But of course, it is also interesting to know what happened to you
disk. But since you do not tell us what you did you are on your own
here.

-Otto


Thank you very much. I am running an older snapshot OpenBSD 5.7  
-current as of Mar 19, 2015. I thought of -R with disklabel but since  
the drive seems to show itself as a 3950MB drive instead of a 2TB  
drive, I was not sure how to do this.


The problem truly is I am not sure what I did to cause all this  
problem!!! The sequence of actions were as follows. Since I had not  
looked at this box for a while I was just logging in to look at where  
I had kept everything. I did a cd /ports/packages/amd64/all and got an  
input error when I tried to edit a file. So I did a shutdown -h now;  
opened the 3.5 and 2.5 hotswap drive bays and pulled both drives out  
and pushed them back in. Powered the system on at which point I was  
dropped into the shell because /vm and /ports had errors. So I tried  
to do a fsck_ffs and that failed. At that point I looked at disklabel  
and noticed that the duid was gone. fdisk sd0 does not show anything  
other than:


# fdisk sd0
Disk: sd0   geometry: 503/255/63 [8089950 Sectors]

I tried the disklabel -R as you suggested;

# disklabel -R sd0 disklabel.sd0.current
disklabel: partition a: partition extends past end of unit
disklabel: partition c: partition extends past end of unit
disklabel: partition d: offset past end of unit
disklabel: partition d: partition extends past end of unit
disklabel: partition e: offset past end of unit
disklabel: partition e: partition extends past end of unit
disklabel: partition f: offset past end of unit
disklabel: partition f: partition extends past end of unit
disklabel: partition g: offset past end of unit
disklabel: partition g: partition extends past end of unit
disklabel: partition h: offset past end of unit
disklabel: partition h: partition extends past end of unit
disklabel: partition i: offset past end of unit
disklabel: partition i: partition extends past end of unit

Also tried
# fdisk -i sd0
Do you wish to write new MBR and partition table? [n] y
Writing MBR at offset 0.
fdisk: error writing MBR: Input/output error

Not sure whether there is any other option but Thanks very much for  
the help and advice

Disk Problem

2015-07-10 Thread Vijay Sankar 
My objective for this weekend was to follow the new dpb and build  
ports without using sudo. So I was hoping to upgrade to the latest  
snapshot on a system that I use for tests.


The test system has a 2TB drive and it had two 300GB partitions in it  
for ports and vm; and a 120GB SSD for the OS and used to look as  
follows:


Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd1a 1005M   55.0M900M 6%/
/dev/sd1k 64.5G   20.9G   40.3G34%/home
/dev/sd1d  3.9G   10.0K3.7G 0%/tmp
/dev/sd1f  2.0G966M946M51%/usr
/dev/sd1g 1005M191M764M20%/usr/X11R6
/dev/sd1h  9.8G2.9G6.5G31%/usr/local
/dev/sd1j  2.0G2.0K1.9G 0%/usr/obj
/dev/sd1i  2.0G827M1.1G43%/usr/src
/dev/sd1e 13.5G   26.5M   12.8G 0%/var
/dev/sd0h  298G176G107G62%/ports
/dev/sd0f  298G   19.6G263G 7%/vm

My /etc/fstab was

4f0cd8b5e7fd8f6a.b none swap sw
4f0cd8b5e7fd8f6a.a / ffs rw 1 1
4f0cd8b5e7fd8f6a.k /home ffs rw,nodev,nosuid 1 2
4f0cd8b5e7fd8f6a.d /tmp ffs rw,nodev,nosuid 1 2
4f0cd8b5e7fd8f6a.f /usr ffs rw,nodev 1 2
4f0cd8b5e7fd8f6a.g /usr/X11R6 ffs rw,nodev 1 2
4f0cd8b5e7fd8f6a.h /usr/local ffs rw,nodev 1 2
4f0cd8b5e7fd8f6a.j /usr/obj ffs rw,nodev,nosuid 1 2
4f0cd8b5e7fd8f6a.i /usr/src ffs rw,nodev,nosuid 1 2
4f0cd8b5e7fd8f6a.e /var ffs rw,nodev,nosuid 1 2
4d43e3389228e319.h /ports ffs rw,nodev,nosuid 1 2
4d43e3389228e319.f /vm ffs rw,nodev,nosuid 1 2

I am not sure what happened -- but when I rebooted the system this  
morning /ports and /vm would not mount; so I commented out the last  
two lines in /etc/fstab and rebooted. After reboot disklabel seems to  
have changed completely and it currently looks like this:


# disklabel sd0
# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: ST2000DM001-1CH1
duid: 
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 503
total sectors: 8089950
boundstart: 0
boundend: 8089950
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize  cpg]
  c:  80899500  unused


Is there any way fix the disklabel or is this an error that is  
impossible to recover from? duid used to show up as 4d43e3389228e319  
and not .


Please let me know if you have any suggestions.

Thanks very much,

Vijay
--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Package for taking a picture

2015-06-15 Thread Vijay Sankar 

Hi STeve,

mplayer -vo png -frames 1 tv://

works for me on my ThinkPad 530 running KDE 3.5 and OpenBSD 5.4.

Vijay

Quoting STeve Andre' and...@msu.edu:


I'm looking in the ports tree for something to test a camera that shows up
as uvideo0.  It looks like

uvideo0 at uhub0 port 12 configuration 1 interface 0  
8SSC20F26960L1GZ52304E9 Integrated Camera rev 2.00/10.04 addr 4

video0 at uvideo0.

I'm sure I used something several years ago.  It's great that the  
ports tree has

gotten so big that you can't remember it all. ;-)

Something to take a pic and put it in a file would be OK.

--STeve Andre'



--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Package for taking a picture

2015-06-15 Thread Vijay Sankar 

Thank you very much. This is great.


Quoting Theo de Raadt dera...@cvs.openbsd.org:


Also, first entry in man -k video, is

  video(1) - record or display images from video(4)


mplayer -vo png -frames 1 tv://

works for me on my ThinkPad 530 running KDE 3.5 and OpenBSD 5.4.

Vijay

Quoting STeve Andre' and...@msu.edu:

 I'm looking in the ports tree for something to test a camera that shows up
 as uvideo0.  It looks like

 uvideo0 at uhub0 port 12 configuration 1 interface 0
 8SSC20F26960L1GZ52304E9 Integrated Camera rev 2.00/10.04 addr 4
 video0 at uvideo0.

 I'm sure I used something several years ago.  It's great that the
 ports tree has
 gotten so big that you can't remember it all. ;-)

 Something to take a pic and put it in a file would be OK.

 --STeve Andre'


--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca




--
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Re: Question for KDE4 users...

2015-05-31 Thread Vijay Sankar 

Quoting David Coppa dco...@gmail.com:


What's the configuration directory for KDE4 under OpenBSD?

~/.kde4 or ~/.kde ?

TIA,
David
--
If you try a few times and give up, you'll never get there. But if
you keep at it... There's a lot of problems in the world which can
really be solved by applying two or three times the persistence that
other people will.
-- Stewart Nelson


I am using a snapshot from middle of March; so not sure if anything  
has changed. But this is what I see in my account:


vijay.sankars.com$ ls -l .kde*
.kde:
total 4
lrwxr-xr-x  1 vijay  vijay   23 Apr  5 07:16 cache-vijay.sankars.com  
- /var/tmp/kdecache-vijay

drwx--  8 vijay  vijay  512 Apr  5 07:16 share
lrwxr-xr-x  1 vijay  vijay   18 Apr  5 07:16 socket-vijay.sankars.com  
- /tmp/ksocket-vijay
lrwxr-xr-x  1 vijay  vijay   14 Apr  5 07:16 tmp-vijay.sankars.com -  
/tmp/kde-vijay


.kde4:
total 8
drwxr-xr-x  2 vijay  vijay  512 Apr  5 07:16 Autostart
lrwxr-xr-x  1 vijay  vijay   24 Apr  5 07:15 cache4-vijay.sankars.com  
- /var/tmp/kde4cache-vijay

drwx--  5 vijay  vijay  512 Apr  5 07:15 share
lrwxr-xr-x  1 vijay  vijay   19 Apr  5 07:15 socket4-vijay.sankars.com  
- /tmp/k4socket-vijay
lrwxr-xr-x  1 vijay  vijay   15 Apr  5 07:15 tmp4-vijay.sankars.com -  
/tmp/kde4-vijay


Since Autostart etc is in .kde4, I thought .kde4 is the main  
configuration directory, but not sure.


Vijay

Re: Simple sendmail configuration

2014-12-20 Thread Vijay Sankar 

Quoting grasso...@versanet.de grasso...@versanet.de:


Hello,

i installed OpenBSD5.6 on a laptop, because Windows is too insecure and
commercial, and Linux is too radical. I am trying to use $mail for  
receiving and
sending e-mails over the remote e-mail account at my internet  
service provider.
With the default sendmail configuration, i can mail only locally. So  
i rewrote
the config with masquerading but could not figure out how to link  
local users to
their remote mail accounts. And i made a mistake, for now local  
mailing is also

broken.

I figure, that there are many people like me trying to hack a bit  
but unwilling
to get a master degree in Unix administration or to ask a Linux  
nerd. So I would

love to see a sample sendmail config for the stuff that is configured that
easily in Thunderbird.

Cheers,
Uli Grassberger




Hi,

I would like to try to help -- but not sure that I have understood  
your problem correctly, so here is a guess.


Do you have a DNS entry that shows your OpenBSD IP as the valid MX  
record for your domain? If not, probably the remote mail server is  
rejecting email from your server. Or may be of the remote email server  
is authoritative for your domain then it is not set up to accept email  
relayed through your server.


I am thinking that if there are no DNS issues, then you can use the  
default sendmail.cf, edit mailertable to send everything for your  
domain.com to the remote mail server and it should work.



Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Dovecot happy on 5.6?

2014-12-16 Thread Vijay Sankar 

Quoting Rod Whitworth glis...@witworx.com:

I have been trying out dovecot for some years and it has always had  
some irritating bug or

limitation and I have seen a few gripes from others.

It seems to have been very quiet lately so I thought I'd have  
another attempt to get it running

whilst choosing options that look like ones to suit me.

Any happy users? Absolute haters who have really tried hard?  
(Description of problem?)


Thanx,


*** NOTE *** Please DO NOT CC me. I am subscribed to the list.
Mail to the sender address that does not originate at the list  
server is tarpitted. The reply-to: address is provided for those who  
feel compelled to reply off list. Thankyou.


Rod/
---
This life is not the real thing.
It is not even in Beta.
If it was, then OpenBSD would already have a man page for it.




I am a very very happy dovecot user -- works great with ypldap, webmail, etc.

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: OpenBSD 5.6 Released

2014-11-01 Thread Vijay Sankar 

Quoting Antoine Jacoutot ajacou...@openbsd.org:


November 1, 2014.

We are pleased to announce the official release of OpenBSD 5.6.
This is our 36th release on CD-ROM (and 37th via FTP/HTTP).  We remain
proud of OpenBSD's record of more than ten years with only two remote
holes in the default install.



Thank you all for the best OS!! The 5.6 CD art work is the best one  
since I started collecting. Congratulations on 5.6 as well as the CD  
artwork and song.


Also wanted to mention that the new folks who took over from the  
computer shop  did a great job with shipping/handling. Based on the  
date on the postage, it took only 5 days to get it from England (from  
Calgary to Winnipeg it used to take 4 days!)


Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Logging Password change attempts

2014-10-31 Thread Vijay Sankar 

Quoting Stuart Henderson s...@spacehopper.org:


On 2014-10-30, Vijay Sankar vsan...@foretell.ca wrote:

Unfortunately that won't work because the objective is to just log any
(successful or failed) attempts to change passwords.


I would probably try to abuse passwordcheck in login.conf to do this..




Thank you very much, I will try this idea

Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Logging Password change attempts

2014-10-31 Thread Vijay Sankar 

Quoting David Coppa dco...@gmail.com:


On Thu, Oct 30, 2014 at 3:07 PM, Vijay Sankar vsan...@foretell.ca wrote:

Quoting trondd tro...@gmail.com:


The second problem I have is that when I change password, out of habit, I
do a passwd instead of mypasswd.




Why not call the script passwd and put it in the path ahead of the real
one?

What is the goal?  Are there users on the system trying to brute force
change a password?  Or are you just tracking how often you change your own
to comply with some policy?

Tim.




Ahh, did not think of renaming passwd and putting it in the path ahead of
the real one! Thanks very much for that idea -- will try that as it will
solve at least one thing.

Vijay

The goal is mainly to prevent Windows admins from saying that we cannot log
and audit password change events on OpenBSD. I am very frustrated when I see
it being used as an argument for not considering OpenBSD.


Or you can log every command issued on the system...
Your management would be very happy! ;) ;)

http://pastebin.com/FZw4rT3T

Ciao!
David
--
If you try a few times and give up, you'll never get there. But if
you keep at it... There's a lot of problems in the world which can
really be solved by applying two or three times the persistence that
other people will.
-- Stewart Nelson



Hi David,

Thank you very much!! I am going to try the passwordcheck idea  
suggested by Stuart since that allows me to keep using -stable. But  
will definitely try your very interesting diff for sure.


Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Logging Password change attempts

2014-10-30 Thread Vijay Sankar 

I have been using a simple script

# mypasswd.sh
/usr/bin/passwd -l
if [[ $? != 0 ]]; then
/usr/bin/logger Unsuccessful attempt to change password
else
/usr/bin/logger Changed login password
fi

to get syslog entries whenever I change my password. I looked for a  
better way but could not find any solutions for this in the archives.


Is there a better way to do this? Please let me know if possible.

Thanks very much,

Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Logging Password change attempts

2014-10-30 Thread Vijay Sankar 

Quoting Alexander Hall alexan...@beard.se:


On October 30, 2014 1:26:25 PM CET, Vijay Sankar vsan...@foretell.ca wrote:

I have been using a simple script

# mypasswd.sh
/usr/bin/passwd -l
if [[ $? != 0 ]]; then
/usr/bin/logger Unsuccessful attempt to change password
else
/usr/bin/logger Changed login password
fi

to get syslog entries whenever I change my password. I looked for a
better way but could not find any solutions for this in the archives.

Is there a better way to do this? Please let me know if possible.


Unless there is any functionality you're missing, and scripting nits  
aside, this seems fine.


Please elaborate on why you think it shouldn't be.

/Alexander


Thanks very much,

Vijay



Thank you very much. The main thing I am not sure of is whether this  
is the right way to do this or if I am missing something obvious. The  
second problem I have is that when I change password, out of habit, I  
do a passwd instead of mypasswd. So I am using an alias in .profile  
and I am thinking that this is probably not good.


I initially thought that auth.* in syslog.conf would log password  
change successes or failures but that did not work. So ended up with  
this script.


Any scripting nits you have also will be very helpful!

Vijay



Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Logging Password change attempts

2014-10-30 Thread Vijay Sankar 

Quoting trondd tro...@gmail.com:


The second problem I have is that when I change password, out of habit, I
do a passwd instead of mypasswd.



Why not call the script passwd and put it in the path ahead of the real one?

What is the goal?  Are there users on the system trying to brute force
change a password?  Or are you just tracking how often you change your own
to comply with some policy?

Tim.




Ahh, did not think of renaming passwd and putting it in the path ahead  
of the real one! Thanks very much for that idea -- will try that as it  
will solve at least one thing.


Vijay

The goal is mainly to prevent Windows admins from saying that we  
cannot log and audit password change events on OpenBSD. I am very  
frustrated when I see it being used as an argument for not considering  
OpenBSD.


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Logging Password change attempts

2014-10-30 Thread Vijay Sankar 

Quoting trondd tro...@gmail.com:


Also check passwd(5), master.passwd holds expiration and last change
information (I don't have in enabled anywhere, so I am not sure what it
looks like) that maybe you could generate a report from if you are
enforcing password expiry that way.

Tim.




Unfortunately that won't work because the objective is to just log any  
(successful or failed) attempts to change passwords. It does not  
matter that this is somewhat useless as far as real security is  
concerned.


Vijay


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Has anyone gotten qemu to install a Linux vm on OpenBSD5.5, 64bit?

2014-09-12 Thread Vijay Sankar 

Quoting Steve Litt sl...@troubleshooters.com:


Hi all,

Has anyone gotten qemu to install a Linux vm on OpenBSD5.5, 64bit? I
don't know whether I'm making dumb mistakes or whether I'm fighting
windmills, but so far I haven't gotten a guest to recognize my USB
keyboard's cursor keys, nor proceed on an install without hanging.

So, has anyone been successful with this? If so, I'll go ahead and form
an exact symptom description.

Thanks,

SteveT

Steve Litt*  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance




I tested the qemu port by installing debian 7.5, I had to edit the  
grub menu and add noapic and nolapic but this was based on info from  
various search results. Probably there are better ways of installing  
linux as a VM guest on OpenBSD but this worked for me.


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: sudo -u environment help

2014-04-04 Thread Vijay Sankar 

Quoting Craig R. Skinner skin...@britvault.co.uk:


Hi,

When sudo'ing to another user, how can I obtain all of their environment
settings as they receive when logging in themselves?

When I use sudo in this manner, settings such as $PATH, $MAIL  umask
aren't being honoured:


$ echo $LOGNAME; echo $PATH; echo $MAIL; umask
craig
/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin:/usr/site/bin:/usr/site/sbin:/home/craig/bin
/var/mail/craig
027



Here, $PATH, $MAIL  umask are unchanged:

$ sudo -H -i -u david
$ echo $LOGNAME; echo $PATH; echo $MAIL; umask
david
/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin:/usr/site/bin:/usr/site/sbin:/home/craig/bin
/var/mail/craig
027


Compare the difference when logging in as that user:

$ login david
...
$ echo $LOGNAME; echo $PATH; echo $MAIL; umask
david
/usr/bin:/bin:/usr/local/bin:/usr/site/bin:/home/david/bin
/var/mail/david
022




/etc/login.conf:
default:\
:passwordcheck=/usr/local/bin/pwqcheck -1:\
:passwordtries=0:\
:path=/usr/bin /bin /usr/local/bin /usr/site/bin ~/bin:\
:umask=022:\
:datasize-cur=

staff:\
	:path=/usr/bin /bin /usr/sbin /sbin /usr/local/bin /usr/local/sbin  
/usr/site/bin /usr/site/sbin ~/bin:\

:umask=027:\
:datasize-cur=


$ egrep 'env_|Defaults' /etc/sudoers | grep -v ^#
Defaults env_keep +=DESTDIR DISTDIR EDITOR FETCH_CMD FLAVOR FTPMODE  
GROUP MAKE
Defaults env_keep +=MAKECONF MULTI_PACKAGES NOMAN OKAY_FILES OWNER  
PKG_CACHE

Defaults env_keep +=PKG_DBDIR PKG_DESTDIR PKG_PATH PKG_TMPDIR PORTSDIR
Defaults env_keep +=RELEASEDIR SHARED_ONLY SSH_AUTH_SOCK SUBPACKAGE VISUAL
Defaults env_keep +=WRKOBJDIR
Defaults always_set_home, ignore_dot, use_loginclass



login(1):

 login enters information into the environment (see environ(7))  
specifying

 the user's home directory (HOME), command interpreter (SHELL), search
 path (PATH), terminal type (TERM), and user name (both LOGNAME  
and USER).


ENVIRONMENT
 login sets the following environment variables:

 HOME
 MAIL

sudo(8):

  Command Environment
 ..  On BSD systems, if the use_loginclass option is
 enabled, the environment is initialized based on the path and setenv
 settings in /etc/login.conf.  The new environment contains the TERM,
 PATH, HOME, MAIL, SHELL, LOGNAME, USER, USERNAME and SUDO_* variables in
 addition to variables from the invoking process permitted by the
 env_check and env_keep options.  This is effectively a whitelist for
 environment variables.



How can I become another user - without knowing their password,
and gain their 'natural' environment?

e.g. from wheel group to a users group member.

'su -l username'  'login username' require their password.

I thought 'sudo -H -i -u username' would do it.

Any suggestions on what else I need to configure?




Instead of

'su -l username'  'login username'

as root, I just

su - username

That always works for me.

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: OBSD 5.4 and OpenLDAP

2014-03-06 Thread Vijay Sankar 

Why do you say it is still broken?

I am running

openldap-client-2.4.35p1 open-source LDAP software (client)
openldap-server-2.4.35p2 open-source LDAP software (server)

on OpenBSD 5.4 without any problems. The package works beautifully,  
works with samba, horde, etc., far better than anything else out  
there. I am using the following:


# Load dynamic backend modules:
modulepath  /usr/local/libexec/openldap
moduleload  back_bdb.la

Quoting Friedrich Locke friedrich.lo...@gmail.com:


Hi folks!

I would like to setup a OpenLDAP server using OpenBSD and the ports
collection.
I wonder if the current OpenLDAP  in the ports is still broken ?
Do it supports mdb/hdb/bdb ?

Thanks a lot.

gustavo.






Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: NSA spy catalog (was: Re: apologies for the noise (interesting article)!)

2014-01-01 Thread Vijay Sankar 

Quoting Christian Weisgerber na...@mips.inka.de:


mufurcz mufu...@iinet.net.au wrote:


http://www.itnews.com.au/News/368564,server-vendors-named-in-nsa-spying-toolkit.aspx?eid=1edate=20131231utm_source=20131231_AMutm_medium=newsletterutm_campaign=daily_newsletter


That's just a summary article about Applebaum's 30C3 talk.  I don't
know if any part of the English-language press has picked up on
this in equivalent detail, but Der Spiegel has published part of
the NSA's actual 2008 spy gear catalog that makes for interesting
reading, including such tidbits as unit cost and development status:

http://www.spiegel.de/netzwelt/netzpolitik/interaktive-grafik-hier-sitzen-die-spaeh-werkzeuge-der-nsa-a-941030.html

Just click on the marked spots on the image map to pop up individual
galleries.  Don't miss the right part of the map.  You can ignore
the German text, which is just explanations for people who don't
know computers or English.

I'm particularly intrigued by the radar return bugs.

It's 2014, and somehow I've woken up in a cyberpunk novel.

--
Christian naddy Weisgerber  na...@mips.inka.de




Thank you very much! This is very interesting..

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Layer 7 filtering example using pf and relayd : block torrent use and some urls

2013-11-25 Thread Vijay Sankar 

Quoting Wesley MOUEDINE ASSABY open...@e-solutions.re:


Hi,

A new how to about PF and relayd :
http://www.mouedine.net/relayd

Cheers,

Wesley MOUEDINE ASSABY




Nice! Thanks very much,

Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: USB ethernet for OpenBSD

2013-10-03 Thread Vijay Sankar 

Quoting MERIGHI Marcus mcmer-open...@tor.at:


obsd...@postafiok.hu (obsd, cgi), 2013.10.02 (Wed) 21:50 (CEST):

Can someone please mention a working USB to Ethernet adapter for OpenBSD
5.3? (anybody has a working one and can share the name of it?)
It doesn't need to be Gbit big... just a 10/100 would be more then enough..


Digitus DN-10050-1 [1]

axe0 at uhub0 port 5 configuration 1 interface 0 ASIX Electronics
AX88772A rev 2.00/0.01 addr 2
axe0: AX88772, address 00:22:f7:XX:XX:XX
ukphy0 at axe0 phy 16: Generic IEEE 802.3u media interface, rev. 1: OUI
0x000ec6, model 0x0006

Running 36 days 24/7 without problems.

[1]
http://www.digitus.info/en/products/network/fast-ethernet-network/network-interface-cards/10100m-network-usb-adapter-dn-10050-1/


!DSPAM:524c7925178091721711741!





The following works here on an older version of OpenBSD --- it shows  
as 1000baseT but of course, it is not as fast as the em0 interface.


axe0 at uhub0 port 1 configuration 1 interface 0 ASIX Electronics  
AX88178 rev 2.00/0.01 addr 2

axe0: AX88178, address 00:80:c8:ff:ff:a1
ukphy0 at axe0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI  
0x00a0bc, model 0x0001


ifconfig axe0
axe0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:80:c8:ef:af:31
priority: 0
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 192.168.0.5 netmask 0xff00 broadcast 192.168.0.255
inet6 fe80::280:c8ff:feef:af31%axe0 prefixlen 64 scopeid 0x5



Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: OpenBSD not forwarding to specific sites

2013-09-30 Thread Vijay Sankar 
/0x1000
Sep 30 23:02:49 menger /bsd: athn0 at pci1 dev 8 function 0 Atheros
AR9227 rev 0x01: irq 10
Sep 30 23:02:49 menger /bsd: athn0: AR9287 rev 2 (1T1R), ROM rev 4,
address f8:1a:67:d6:28:40
Sep 30 23:02:49 menger /bsd: fxp0 at pci1 dev 9 function 0 Intel
8255x rev 0x02, i82557: irq 11, address 00:a0:c9:84:98:5f
Sep 30 23:02:49 menger /bsd: inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 0
Sep 30 23:02:49 menger /bsd: xl0 at pci1 dev 12 function 0 3Com
3c905C 100Base-TX rev 0x78: irq 11, address 00:06:5b:20:f0:b3
Sep 30 23:02:49 menger /bsd: exphy0 at xl0 phy 24: 3Com internal  
media interface

Sep 30 23:02:49 menger /bsd: ichpcib0 at pci0 dev 31 function 0 Intel
82801BA LPC rev 0x11: 24-bit timer at 3579545Hz
Sep 30 23:02:49 menger /bsd: pciide0 at pci0 dev 31 function 1 Intel
82801BA IDE rev 0x11: DMA, channel 0 wired to compatibility, channel
1 wired to compatibility
Sep 30 23:02:49 menger /bsd: wd0 at pciide0 channel 0 drive 0: ST313021A
Sep 30 23:02:49 menger /bsd: wd0: 32-sector PIO, LBA, 12419MB,  
25434228 sectors

Sep 30 23:02:49 menger /bsd: wd0(pciide0:0:0): using PIO mode 4,
Ultra-DMA mode 4
Sep 30 23:02:49 menger /bsd: atapiscsi0 at pciide0 channel 1 drive 0
Sep 30 23:02:49 menger /bsd: scsibus0 at atapiscsi0: 2 targets
Sep 30 23:02:49 menger /bsd: cd0 at scsibus0 targ 0 lun 0: LG, CD-ROM
CRD-8522B, 1.02 ATAPI 5/cdrom removable
Sep 30 23:02:49 menger /bsd: cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
Sep 30 23:02:49 menger /bsd: uhci0 at pci0 dev 31 function 2 Intel
82801BA USB rev 0x11: irq 11
Sep 30 23:02:49 menger /bsd: ichiic0 at pci0 dev 31 function 3 Intel
82801BA SMBus rev 0x11: SMBus disabled
Sep 30 23:02:50 menger /bsd: uhci1 at pci0 dev 31 function 4 Intel
82801BA USB rev 0x11: irq 11
Sep 30 23:02:50 menger /bsd: auich0 at pci0 dev 31 function 5 Intel
82801BA AC97 rev 0x11: irq 10, ICH2 AC97
Sep 30 23:02:50 menger /bsd: ac97: codec id 0x41445360 (Analog  
Devices AD1885)

Sep 30 23:02:50 menger /bsd: ac97: codec features headphone, Analog
Devices Phat Stereo
Sep 30 23:02:50 menger /bsd: audio0 at auich0
Sep 30 23:02:50 menger /bsd: isa0 at ichpcib0
Sep 30 23:02:50 menger /bsd: isadma0 at isa0
Sep 30 23:02:50 menger /bsd: com0 at isa0 port 0x3f8/8 irq 4:
ns16550a, 16 byte fifo
Sep 30 23:02:50 menger /bsd: com0: console
Sep 30 23:02:50 menger /bsd: com1 at isa0 port 0x2f8/8 irq 3:
ns16550a, 16 byte fifo
Sep 30 23:02:50 menger /bsd: pckbc0 at isa0 port 0x60/5
Sep 30 23:02:50 menger /bsd: pckbd0 at pckbc0 (kbd slot)
Sep 30 23:02:50 menger /bsd: pckbc0: using irq 1 for kbd slot
Sep 30 23:02:50 menger /bsd: wskbd0 at pckbd0: console keyboard, using
wsdisplay0
Sep 30 23:02:50 menger /bsd: pcppi0 at isa0 port 0x61
Sep 30 23:02:50 menger /bsd: spkr0 at pcppi0
Sep 30 23:02:50 menger /bsd: lpt0 at isa0 port 0x378/4 irq 7
Sep 30 23:02:50 menger /bsd: npx0 at isa0 port 0xf0/16: reported by
CPUID; using exception 16
Sep 30 23:02:50 menger /bsd: fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
Sep 30 23:02:50 menger /bsd: fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2  
head, 18 sec

Sep 30 23:02:50 menger /bsd: usb0 at uhci0: USB revision 1.0
Sep 30 23:02:50 menger /bsd: uhub0 at usb0 Intel UHCI root hub rev
1.00/1.00 addr 1
Sep 30 23:02:50 menger /bsd: usb1 at uhci1: USB revision 1.0
Sep 30 23:02:50 menger /bsd: uhub1 at usb1 Intel UHCI root hub rev
1.00/1.00 addr 1
Sep 30 23:02:50 menger /bsd: mtrr: Pentium Pro MTRR support
Sep 30 23:02:50 menger /bsd: vscsi0 at root
Sep 30 23:02:50 menger /bsd: scsibus1 at vscsi0: 256 targets
Sep 30 23:02:51 menger /bsd: softraid0 at root
Sep 30 23:02:51 menger /bsd: scsibus2 at softraid0: 256 targets
Sep 30 23:02:51 menger /bsd: root on wd0a (31fe7fcca56ecb48.a) swap on
wd0b dump on wd0b
Sep 30 23:02:50 menger named[28834]: starting BIND 9.4.2-P2
Sep 30 23:02:51 menger named[28834]: command channel listening on  
127.0.0.1#953

Sep 30 23:02:51 menger named[28834]: running
Sep 30 23:02:51 menger savecore: no core dump

I can ping www.google.com.au and load the page in lynx from the router
but not from other machines. Whereas I can use gmail like I am at the
moment fine. This is a very, very strange bug I am experiencing.

--
www.johntate.org




I would like to suggest the following -- make sure that forwarding is  
enabled and there is an IP address on fxp0 -- your internal interface.


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: OpenBSD not forwarding to specific sites

2013-09-30 Thread Vijay Sankar 

Quoting John Tate j...@johntate.org:


It worked for a while but since rebooting my router now none of my
computers work to access google.com, gmail.com works. Many other sites
are not working, it is very frustrating.

Clients on the wireless also don't work, it is the same problem. I can
ping all the sites I can't access the problem appears to be with HTTP.

Since starting the thread I have changed my pf.conf on advice of other
users to have these lines...
set reassemble yes no-df
match in  on pppoe0 scrub (max-mss 1440 no-df reassemble tcp)

Any more ideas?

On Tue, Oct 1, 2013 at 2:51 AM, John Tate j...@johntate.org wrote:

Things are working fine from another one of my computers, it must be
something to do with the computer I'm using. Sorry about that
everyone.

On Tue, Oct 1, 2013 at 2:48 AM, John Tate j...@johntate.org wrote:

Yeah I am using my lan not the wlan. I've not got to even seeing if
the wlan even works yet, though it used to with that configuration.
The worst thing is the hosts occasionally manage to work for a split
second, and stop again. I'm certain there is nothing wrong with my ISP
unless they have trouble with this particular setup. It worked for
months with no problems, and then they started happening.

On Tue, Oct 1, 2013 at 2:44 AM, Luis Coronado lcoron...@ticoit.com wrote:

Im afraid I only read the last post of the email thread about
match/scrub/mtu. That is why I suggested the set option in my previous
email.

The fact that your router can contact the destination hosts without issues
but not the internal hosts forces me to believe that there isnt,  
at least at

this stage a mtu related problem.

I see that you serve your LAN over athn0. You can find out if there are
issues with your wireless setup by running ifconfig athn0 debug  
and watching

/var/log/messages. athn0 power savings fix was submitted almost a year ago
but how knows you could be the happy owner of a particular card  
that doesnt

work as expected.

Have you tried running your lan from the ethernet card instead?

-luis



On Mon, Sep 30, 2013 at 10:32 AM, John Tate j...@johntate.org wrote:


On Tue, Oct 1, 2013 at 2:29 AM, Luis Coronado lcoron...@ticoit.com
wrote:
 set reassemble yes no-df

 I tried using match and scrub rules without luck, but the 'reassemble
 yes
 no-df' solved my problems with the GRE tunnels we use among networks.

 Just make sure you dont have set skip on pppoe0

 -luis
Just trying this, something got through for a second but once again
queries to google and other sites don't work. It is still unreliable.



 On Mon, Sep 30, 2013 at 10:26 AM, John Tate j...@johntate.org wrote:

 Well max-mss doesn't seem to help I can still only access gmail and
 not google.com.au. Also it has become suddenly selective after months
 with no problem so I wonder if this is the default these days. Still
 problems.

 On Tue, Oct 1, 2013 at 2:02 AM, James Shupe jsh...@hermetek.com
 wrote:
  On 2013-09-30 10:58, John Tate wrote:
 
  It would help if you told me how to do this...
 
  # ifconfig pppoe max-mms 1400
  ifconfig: max-mms: bad value
  # ifconfig pppoe0 max-mms 1440
  ifconfig: max-mms: bad value
 
 
  match on $ext scrub (max-mss 1400)
 
  in /etc/pf.conf
 
  Also, don't top post.
 
  --
  James Shupe
 
 



 --
 www.johntate.org



Are you using dhcp on fxp0? I thought I noticed log entries where fxp0  
did not get the IP address it was requesting for.




Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Feedback about Desktop Environments

2013-09-16 Thread Vijay Sankar 

Quoting James Griffin j...@kontrol.kode5.net:


I need to install a Dektop Environment for my partner.

I thought about KDE or xfce, i've tried neither on OpenBSD before.  
Which of the 3 main main DE's (gnome, KDE, XFCE) do you feel work  
best on OpenBSD.


I would need things like removable media mounting from within the  
graphical environment, good sound support and multimedia applications.


Any advice would be helpful from those using any of these Desktop's.  
I thought i'd ask on this list before installing loads of packages.


Cheers, Jamie.




My wife and I tried various desktops but so far have ended up back  
with KDE3. FWIW, it works very well for us.


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

vtigercrm package

2013-09-16 Thread Vijay Sankar 
The vtigercrm package from -current snapshot and ports, which uses PHP  
5.4 gives the error


Cannot re-assign auto-global variable _FILES

From various vtiger forums, it looks like this is a problem with  
their software and nothing with our ports. So I tried to build after  
setting MODPHP_VERSION to 5.3 but that failed with the following:


===  Building package for vtigercrm-5.4.0p1
Create /home/ports/packages/amd64/no-arch/vtigercrm-5.4.0p1.tgz
Error: duplicate item in packing-list /var/www/vtigercrm/vtlib/ModuleDir/5.3.0
Error: duplicate item in packing-list  
/var/www/vtigercrm/vtlib/ModuleDir/5.3.0/CallRelatedList.php
Error: duplicate item in packing-list  
/var/www/vtigercrm/vtlib/ModuleDir/5.3.0/CustomView.php
Error: duplicate item in packing-list  
/var/www/vtigercrm/vtlib/ModuleDir/5.3.0/Delete.php
Error: duplicate item in packing-list  
/var/www/vtigercrm/vtlib/ModuleDir/5.3.0/DetailView.php
Error: duplicate item in packing-list  
/var/www/vtigercrm/vtlib/ModuleDir/5.3.0/DetailViewAjax.php
Error: duplicate item in packing-list  
/var/www/vtigercrm/vtlib/ModuleDir/5.3.0/EditView.php


Please let me know if you can give me any clues on how to make this work.

Thanks very much,

Vijay


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca


-
This message was sent using ForeTell-POST 4.9

Re: vtigercrm package

2013-09-16 Thread Vijay Sankar 
Thank you very much. I just could not figure this out and was puzzled by why 
this would be happening. I have asked people at vtiger for some advice as well 
and if I get anything useful will send it to the list. 

Thanks again,

Vijay Sankar
ForeTell Technologies Limited
vsan...@foretell.ca

Sent from my iPhone 

On 2013-09-16, at 17:37, Nigel Taylor njtay...@asterisk.demon.co.uk wrote:

 On 09/16/13 22:47, Vijay Sankar wrote:
 The vtigercrm package from -current snapshot and ports, which uses PHP
 5.4 gives the error
 
 Cannot re-assign auto-global variable _FILES
 
 From various vtiger forums, it looks like this is a problem with their
 software and nothing with our ports. So I tried to build after setting
 MODPHP_VERSION to 5.3 but that failed with the following:
 
 ===  Building package for vtigercrm-5.4.0p1
 Create /home/ports/packages/amd64/no-arch/vtigercrm-5.4.0p1.tgz
 Error: duplicate item in packing-list
 /var/www/vtigercrm/vtlib/ModuleDir/5.3.0
 Error: duplicate item in packing-list
 /var/www/vtigercrm/vtlib/ModuleDir/5.3.0/CallRelatedList.php
 Error: duplicate item in packing-list
 /var/www/vtigercrm/vtlib/ModuleDir/5.3.0/CustomView.php
 Error: duplicate item in packing-list
 /var/www/vtigercrm/vtlib/ModuleDir/5.3.0/Delete.php
 Error: duplicate item in packing-list
 /var/www/vtigercrm/vtlib/ModuleDir/5.3.0/DetailView.php
 Error: duplicate item in packing-list
 /var/www/vtigercrm/vtlib/ModuleDir/5.3.0/DetailViewAjax.php
 Error: duplicate item in packing-list
 /var/www/vtigercrm/vtlib/ModuleDir/5.3.0/EditView.php
 
 Please let me know if you can give me any clues on how to make this work.
 
 Thanks very much,
 
 Vijay
 
 
 Vijay Sankar, M.Eng., P.Eng.
 ForeTell Technologies Limited
 vsan...@foretell.ca
 
 
 -
 This message was sent using ForeTell-POST 4.9
 $ cd /usr/ports/www/vtigercrm/pkg/PLIST
 $ grep /CallRelatedList.php  PLIST
 vtigercrm/modules/Accounts/CallRelatedList.php
 vtigercrm/modules/Campaigns/CallRelatedList.php
 vtigercrm/modules/Contacts/CallRelatedList.php
 vtigercrm/modules/Emails/CallRelatedList.php
 vtigercrm/modules/Faq/CallRelatedList.php
 vtigercrm/modules/HelpDesk/CallRelatedList.php
 vtigercrm/modules/Invoice/CallRelatedList.php
 vtigercrm/modules/Leads/CallRelatedList.php
 vtigercrm/modules/Potentials/CallRelatedList.php
 vtigercrm/modules/PriceBooks/CallRelatedList.php
 vtigercrm/modules/Products/CallRelatedList.php
 vtigercrm/modules/PurchaseOrder/CallRelatedList.php
 vtigercrm/modules/Quotes/CallRelatedList.php
 vtigercrm/modules/SalesOrder/CallRelatedList.php
 vtigercrm/modules/Vendors/CallRelatedList.php
 vtigercrm/modules/Webmails/CallRelatedList.php
 vtigercrm/vtlib/ModuleDir/5.0.4/CallRelatedList.php
 vtigercrm/vtlib/ModuleDir/5.1.0/CallRelatedList.php
 vtigercrm/vtlib/ModuleDir/5.2.0/CallRelatedList.php
 vtigercrm/vtlib/ModuleDir/5.3.0/CallRelatedList.php
 vtigercrm/vtlib/ModuleDir/${MODPHP_VERSION}.0/CallRelatedList.php
 
 
 When MODPHP_VERSION gets replaced by 5.3 it creates duplicates that
 weren't there before for 5.4.
 
 Could be a problem that the PLIST was generated and should have been
 5.4.0 rather than the subsituted ${MODPHP_VERSION}.0 happens now and
 then, the 5.x.x is more likely the vtigercrm versions than the
 MODPHP_VERSION - and why would you supply copies for other versions of
 PHP, why use 5.4.0 and not just 5.4, looks wrong but needs Maintainer to
 look and agree. If so needs fixing in the ports.

Re: Can't get PostgreSQL to run on startup

2013-09-11 Thread Vijay Sankar 

Quoting openda...@hushmail.com:


Hi,

Anybody else having trouble getting PostgreSQL to run on startup? I  
always have to do /etc/rc.d/postgresql start manually. My line in  
/etc/rc.conf.local reads: pkg_scripts=postgresql,enginx. Nothing  
fishy in the logs. I'm using postgresql-server-9.2.3 (initdb -D  
/var/postgresql/data/) on OpenBSD 5.3.


Thanks.

O.D.




We usually do something like the following:

pkg_scripts=clamd squid havp postgresql nginx

and it works properly


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: npppd sessions log

2013-08-13 Thread Vijay Sankar 

Quoting Radek alee...@gmail.com:


Hi @misc,

I can't find any way/option to log npppd sessions on a VPN gateway.
What I need to log:
- username
- user's source_IP
- user's VPN_internal_IP
- session start_time
- session end_time

Current npppd sessions I can see via npppctl session all/brief but  
I need a history log.


Thanks for help,
Radek




/var/log/messages or /var/log/daemon has all those details.



Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: obsd 5.3 and openldap

2013-06-12 Thread Vijay Sankar 

Quoting Friedrich Locke friedrich.lo...@gmail.com:


Hi folks,

may someone in the list tell me if with obsd5.3 openldap supports hdb or
even bdb.
As far as i know, openldap in openbsd ports is broken.

Thanks you all.

gustavo.




Hi,

I am running 2.4.35 on a -current system and it is not broken  
(replication etc. all work great)


Anyways I had sent you a bunch of messages early this year on the same  
topic -- most of them were copied to misc@ as well. Not sure whether  
any of that was of any help. Just in case it is, this was one of the  
threads from me:


http://marc.info/?l=openbsd-miscm=135820160219059

The following is more useful than what I wrote

http://marc.info/?l=openbsd-miscm=135821142622739w=2

Hope this helps,


Vijay


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: USB Wireless Adapter with hostap

2013-04-19 Thread Vijay Sankar 

Quoting Ted Unangst t...@tedunangst.com:


On Thu, Apr 18, 2013 at 18:28, Vijay Sankar wrote:

I am trying to replace an Apple Extreme base station with an OpenBSD
router and tried quite a few Linksys/Cisco, D-Link etc., wireless USB
adapters but none of them seem to support hostap mode. Everything I
tried uses run, urtw, or urtwn and the stores around here don't seem
to have any USB wireless NIC that uses ral or rum.


Have you thought about using the Apple Extreme in bridge mode?

I used a time capsule for a while, and it was the most reliable access
point I've ever used. It's slightly annoying because you have to
configure it using the magic apple app, but if you're just using it in
bridge mode that's a one time operation and then you never touch it.




Thank you very much. I was hoping to replace the Apple Extreme. If I  
can't find any USB or PCI wireless cards that supports hostap  
reliably, I will try what you suggested.


Thanks again,

Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: USB Wireless Adapter with hostap

2013-04-19 Thread Vijay Sankar 

Quoting Erling Westenvik erling.westen...@gmail.com:


On Thu, Apr 18, 2013 at 06:28:23PM -0500, Vijay Sankar wrote:

I am trying to replace an Apple Extreme base station with an OpenBSD
router and tried quite a few Linksys/Cisco, D-Link etc., wireless
USB adapters but none of them seem to support hostap mode.
Everything I tried uses run, urtw, or urtwn and the stores around
here don't seem to have any USB wireless NIC that uses ral or rum.

What currently available wireless USB adapter would support hostap?

Please let me know if you have any suggestions.


If you can get hold on one, try the D-link DWL-G122 USB dongle (rum).

rum0 at uhub0 port 5 Ralink 802.11 bg WLAN rev 2.00/0.01 addr 2
rum0: MAC/BBP RT2573 (rev 0x2573a), RF RT2528, address 00:22:b0:ec:d1:6f

I unplugged and turned off my old Zyxel wifi router for the last time
yesterday after finally managing to have a working OpenBSD hostap
solution up and running. The day before yesterday I had decided to give
hostap all up after several months of trying various PCI cards, PCMCIA
cards and USB adapters without any luck. (ral,acx,urtw,ath)

Anyway, I deciced to make on last attempt and plugged the DWL-G1222 into
a newer machine running current. Despite that the man page says hostap
mode for rum is discouraged, it worked like a dream. The first 24
hours I tested the network by connecting all my wifi-equipment (one
phone and three laptops, running Android, OpenBSD and Win7, and had all
of them playing non stop music streamed from my mpd server for more than
24 hours. To me, the DWL-G122 has proved itself to be stable and with
very good signal strenght and speed.

I have previously not managed to get this adapter to work on very old
machines.  Like, on an 10 year old Compaq EVO D510 (Pentium 2.4GHz), I
can only connect one client to rum in hostap mode regardless of which
OpenBSD version the machines runs. When attempting to connect more
clients, the adapter disconnects and must be brought up again manually
with ifconfig.  My guess is that this must have something to do with the
USB controller on the machine.


Regards


Erling




Thank you very much. I will try to get the DWL-G122. If not, as Ted  
Unangst suggested, I will set the Apple Extreme in bridge mode.


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

USB Wireless Adapter with hostap

2013-04-18 Thread Vijay Sankar 
I am trying to replace an Apple Extreme base station with an OpenBSD  
router and tried quite a few Linksys/Cisco, D-Link etc., wireless USB  
adapters but none of them seem to support hostap mode. Everything I  
tried uses run, urtw, or urtwn and the stores around here don't seem  
to have any USB wireless NIC that uses ral or rum.


What currently available wireless USB adapter would support hostap?

Please let me know if you have any suggestions.

Thanks very much,

Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

5.3 -current installation problem

2013-04-03 Thread Vijay Sankar 
 Rate Matching Hub rev 2.00/0.00 addr 2
uhub4 at uhub3 port 7 ALCOR Generic USB Hub rev 1.10/3.12 addr 3
uhidev0 at uhub4 port 1 configuration 1 interface 0 Logitech Logitech  
USB Keyboard rev 1.10/28.00 addr 4

uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 variable keys, 6 key codes
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
uhidev1 at uhub4 port 2 configuration 1 interface 0 Logitech USB-PS/2  
Optical Mouse rev 2.00/24.30 addr 5

uhidev1: iclass 3/1
ums0 at uhidev1: 8 buttons, Z dir
wsmouse0 at ums0 mux 0
uhidev2 at uhub4 port 3 configuration 1 interface 0 No brand 4 Port  
KVMSwicther rev 1.10/1.00 addr 6

uhidev2: iclass 3/0
ukbd1 at uhidev2: 8 variable keys, 6 key codes
wskbd2 at ukbd1 mux 1
wskbd2: connecting to wsdisplay0
uhidev3 at uhub4 port 3 configuration 1 interface 1 No brand 4 Port  
KVMSwicther rev 1.10/1.00 addr 6

uhidev3: no input interrupt endpoint
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
root on sd0a (57748c3cc64b8e08.a) swap on sd0b dump on sd0b


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca


-
This message was sent using ForeTell-POST 4.9

Re: 5.3 -current installation problem

2013-04-03 Thread Vijay Sankar 

Quoting Stuart Henderson s...@spacehopper.org:


On 2013-04-03, Vijay Sankar vsan...@foretell.ca wrote:

The following system runs -current from January 2013 without any
problems. But attempts to install from the past few snapshots have
failed.

Installation of April 2, 2013 -current went through without any issues
but upon first reboot, the console was blank, I could not access the
system using SSH and it does not respond to pings.


How far do you get before the console goes blank, does the kernel start
and print text, and then go blank part-way through booting?

To help narrow things down, do you get further if at the boot loader
you do this:

boot -c
disable inteldrm
quit

It looks like there is a header for a serial port on the motherboard,
if you have a connector somewhere and can hook it up via null modem to
another machine you might get more information (e.g. if it panics while
switching video mode you'll be able to get a trace).




Thank you so much. That was exactly it. For the past two days, I was  
poring through all the messages re. UEFI boot and so on and was going  
in the wrong direction. Once I disabled inteldrm I am able to use the  
system now without any problems.


Not sure whether this is worthy of your time but if there are any logs  
or debug information I can provide, I will be happy to do that.


Thanks again,

Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: sendmail stops remote delivery when PTR for local IP points to domain-part

2013-03-21 Thread Vijay Sankar 
mailertable should work in this case, I think. 

Vijay Sankar
ForeTell Technologies Limited
vsan...@foretell.ca

Sent from my iPhone 

On 2013-03-21, at 7:23 AM, Paul de Weerd we...@weirdnet.nl wrote:

 For the sendmail heroes out there...  Let's say I have the following
 in DNS:
 
 $ORIGIN example.com.
 @INMX10mx1
 @INA192.0.2.1
 @IN2001:db8::1
 mx1INA192.0.2.2
 mx1IN2001:db8::2
 wwwINA192.0.2.1
 wwwIN2001:db8::1
 
 $ORIGIN 2.0.192.in-addr.arpa.
 1INPTRexample.com.
 2INPTRmx1.example.com.
 
 $ORIGIN 
 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.
 1INPTRexample.com.
 2INPTRmx1.example.com.
 
 (assume there's SOA and NS records too, they're not relevant to the
 question)
 
 Now on machine 'www.example.com' (this is the hostname set in
 /etc/myname) I would like to send e-mail to x...@example.com.  However,
 sendmail ignores the MX record and attempts local delivery (which
 fails, because 'xxx' is not a local user).
 
 There's a ton of ways to solve this:
 
- get rid of sendmail
- change PTR records to www.example.com
- relay all mail via a smarthost (e.g. mx1.example.com)
- rewrite to @mx1.example.com and fix on mx1
- run a local resolver that lies about PTRs
- ...
 
 However, I'd like to not do any of these but simply instruct sendmail
 to ignore what PTRs are saying local IPs are called.  I don't want to
 make an exception for whatever happens to be in PTR, my sendmail
 config is vanilla OpenBSD defaults and I expect all mail to be
 delivered according to what's in DNS (except for mail to
 www.example.com, the actual hostname (although I'd be interested to
 learn how to do the same for mails directed @www.example.com)).
 
 Can anybody think of a way to achieve this ?
 
 Thanks,
 
 Paul 'WEiRD' de Weerd
 
 -- 
 [++-]+++.+++[---].+++[+
 +++-].++[-]+.--.[-]
 http://www.weirdnet.nl/

Re: sendmail stops remote delivery when PTR for local IP points to domain-part

2013-03-21 Thread Vijay Sankar 
Sorry, I misunderstood. I thought you wanted mail from www.example.com 
addressed to u...@example.com to go to a specific mail server and not be 
delivered to a local account. Did not clue in that you were using example.com 
to refer to ALL domains, not just your own domain. 

Vijay Sankar
ForeTell Technologies Limited
vsan...@foretell.ca

Sent from my iPhone 

On 2013-03-21, at 9:20 AM, Paul de Weerd we...@weirdnet.nl wrote:

 On Thu, Mar 21, 2013 at 07:32:46AM -0400, Vijay Sankar wrote:
 | mailertable should work in this case, I think. 
 
 That's not how I read the comments in /etc/mail/mailertable:
 
 # The sendmail(8) mailer table is used to override routing for particular
 # non-local hostnames and domains (i.e., names other the local hostname
 # or names listed in local-host-names).
 
 The way I understand the mailertable is to do the exact opposite of
 what I want (so you're about to deliver to a remote host but then look
 that host up in your mailertable and have that decide delivery).
 
 Cheers,
 
 Paul 'WEiRD' de Weerd
 
 -- 
 [++-]+++.+++[---].+++[+
 +++-].++[-]+.--.[-]
 http://www.weirdnet.nl/

Re: Squid proxy

2013-03-12 Thread Vijay Sankar 

Quoting Jiri B ji...@devio.us:


On Tue, Mar 12, 2013 at 01:00:58PM +, Stuart Henderson wrote:

On 2013-03-10, Rosen Iliev ro...@mynshosts.com wrote:
 Transparent proxy will not be useful for HTTPS connections.
 To handle HTTPS you'll need not-transparent proxy.

Actually squid 3.3 (not in ports yet) can do this using the
sslbump MITM feature.


I had to check cvs because I've though relayd can do that too,
but ssl MITM support for relayd has not been commited yet :)

jirib




I was confused by the statement that https will not work if squid is  
used as a transparent proxy. I am using squid-2.7.STABLE9p20 and  
transparent proxy seems to work OK with HTTPS.


My squid.conf has the following:

acl local-subnet src 10.0.0.0/24 172.16.0.0/24

http_access allow allow_overidedomains

http_access deny block_domains
http_access deny block_extensions

http_access allow local-subnet localnet

http_access deny all

icp_access allow localnet
icp_access deny all

http_port 8080 transparent

In my /var/squid/logs/access.log, I have entries such as

10.0.0.103 - - [12/Mar/2013:10:23:45 -0600] CONNECT  
clients3.google.com:443 HTTP/1.0 200 4455 TCP_MISS:DIRECT


and so it looks like internal clients go to the squid proxy for HTTPS  
urls. So why are people saying that transparent proxy will not work  
for HTTPS? Or am I reading this log wrong? Please let me know if that  
is the case.


I used tcpdump on the external interface of the OpenBSD firewall and  
did see HTTPS traffic -- NOT http traffic. The browser is Firefox  
13.0.1 and it uses the squid proxy for all protocols including HTTPS.


Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Squid proxy

2013-03-12 Thread Vijay Sankar 

Quoting Stuart Henderson s...@spacehopper.org:


On 2013/03/12 10:49, Vijay Sankar wrote:

Quoting Jiri B ji...@devio.us:

On Tue, Mar 12, 2013 at 01:00:58PM +, Stuart Henderson wrote:
On 2013-03-10, Rosen Iliev ro...@mynshosts.com wrote:
 Transparent proxy will not be useful for HTTPS connections.
 To handle HTTPS you'll need not-transparent proxy.

Actually squid 3.3 (not in ports yet) can do this using the
sslbump MITM feature.

I had to check cvs because I've though relayd can do that too,
but ssl MITM support for relayd has not been commited yet :)

jirib



I was confused by the statement that https will not work if squid is
used as a transparent proxy. I am using squid-2.7.STABLE9p20 and
transparent proxy seems to work OK with HTTPS.

My squid.conf has the following:

acl local-subnet src 10.0.0.0/24 172.16.0.0/24

http_access allow allow_overidedomains

http_access deny block_domains
http_access deny block_extensions

http_access allow local-subnet localnet

http_access deny all

icp_access allow localnet
icp_access deny all

http_port 8080 transparent

In my /var/squid/logs/access.log, I have entries such as

10.0.0.103 - - [12/Mar/2013:10:23:45 -0600] CONNECT
clients3.google.com:443 HTTP/1.0 200 4455 TCP_MISS:DIRECT

and so it looks like internal clients go to the squid proxy for HTTPS
urls. So why are people saying that transparent proxy will not work
for HTTPS? Or am I reading this log wrong? Please let me know if that
is the case.

I used tcpdump on the external interface of the OpenBSD firewall and
did see HTTPS traffic -- NOT http traffic. The browser is Firefox
13.0.1 and it uses the squid proxy for all protocols including HTTPS.


For 2.7 uou must have the proxy configured specifically in your browser
for this to work - the SSL interception features are only in 3.x, and
the server first mode which works with transparent (a.k.a.
interception) proxy needs 3.3.

http://wiki.squid-cache.org/Features/BumpSslServerFirst

(this mode dynamically generates server certificates on-the-fly and
requires your CA certificate to be installed in browsers to avoid
validation failure errors).




Thank you very much, I have WPAD entries in the DHCP server and a PAC  
file, so it looks like I am not really using squid as a transparent  
proxy even though it is configured as one. Now I get it!


Thanks again,

Vijay


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: openldap on OBSD amd64 5.2

2013-01-14 Thread Vijay Sankar 

Quoting Friedrich Locke friedrich.lo...@gmail.com:


Hi,

i am trying to get openldap running, but my experience has been not that
good.
I have built and installed from ports. I can get it up and running but as
soon as qmail tries to bind into it, it begins to consume memory up to all
my available memory.

I asked for help in the openldap mailing list and they got baffled, pretty
baffled.
I was told that in linux some special flags need to be supplied to BDB in
order to get it working well.
What about OpenBSD ? Have you tryied qmail-ldap + openldap on OBSD ? Faced
anything similar ?
I am aware that this problem persist from about two years ago, when i tried
to get them working and the same problem arose.
I waited beleving it would be fixed in a near future ...

I am really interested in get it solved, although i have no knownledge on
BDB internals ..

I am willing to hear 

Thanks in advance.




I have been using OpenLDAP on OpenBSD (OpenLDAP 2.4.12 on OpenBSD 4.7  
i386 as well as OpenLDAP 2.4.26 on OpenBSD 4.9 amd64) without any  
problems for a few years now.


I use sendmail as MTA and use the LDAP database for vacation, address  
books, distribution lists, etc. OpenLDAP also is used to authorize  
Windows users. dovecot users, iphone and blackberry users etc. I use  
BDB so that syncrepl etc. works well.


Since knowledgeable people have mentioned that there are problems with  
newer versions of LDAP, I wonder if it is advisable for you to use the  
older versions on OpenBSD to run OpenLDAP. Not sure, just a thought.  
Since the ports.tar.gz file is on the CD, you may be able to build the  
older packages even though they are obsolete and not available at the  
OpenBSD FTP site.


Vijay


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: openldap on OBSD amd64 5.2

2013-01-14 Thread Vijay Sankar 

I am using db-4.6.21p4

Quoting Friedrich Locke friedrich.lo...@gmail.com:


Hi,

sounds strange. Claudio said it was borked for amd64.
Are you using BDB ? Which version ?

On Mon, Jan 14, 2013 at 8:10 PM, Vijay Sankar vsan...@foretell.ca wrote:


Quoting Friedrich Locke friedrich.lo...@gmail.com:

 Hi,


i am trying to get openldap running, but my experience has been not that
good.
I have built and installed from ports. I can get it up and running but as
soon as qmail tries to bind into it, it begins to consume memory up to all
my available memory.

I asked for help in the openldap mailing list and they got baffled, pretty
baffled.
I was told that in linux some special flags need to be supplied to BDB in
order to get it working well.
What about OpenBSD ? Have you tryied qmail-ldap + openldap on OBSD ? Faced
anything similar ?
I am aware that this problem persist from about two years ago, when i
tried
to get them working and the same problem arose.
I waited beleving it would be fixed in a near future ...

I am really interested in get it solved, although i have no knownledge on
BDB internals ..

I am willing to hear 

Thanks in advance.




I have been using OpenLDAP on OpenBSD (OpenLDAP 2.4.12 on OpenBSD 4.7 i386
as well as OpenLDAP 2.4.26 on OpenBSD 4.9 amd64) without any problems for a
few years now.

I use sendmail as MTA and use the LDAP database for vacation, address
books, distribution lists, etc. OpenLDAP also is used to authorize Windows
users. dovecot users, iphone and blackberry users etc. I use BDB so that
syncrepl etc. works well.

Since knowledgeable people have mentioned that there are problems with
newer versions of LDAP, I wonder if it is advisable for you to use the
older versions on OpenBSD to run OpenLDAP. Not sure, just a thought. Since
the ports.tar.gz file is on the CD, you may be able to build the older
packages even though they are obsolete and not available at the OpenBSD FTP
site.

Vijay


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

--**---
This message was sent using ForeTell-POST 4.9







Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: DISPLAY=:0.1

2012-12-06 Thread Vijay Sankar 

Quoting Gregory Edigarov ediga...@qarea.com:


Hello,

I am a happy user of spectrwm, trying to configure a dualheaded X  
the way I want. I now have two monitors connected to the same card.
what I want is that my monitors to behave in completely independent  
manner, with some applications putting its windows only on monitor0,  
while others puttign on monitor1.


$ env DISPLAY=:0.1 firefox
Error: cannot open display: :0.1

what should I have in my xorg.conf in order to have such setup?

for now I have achieved somewhat near but not what I really want.
is that possible with my current setup i.e. one card, two monitors?

--
With best regards,
Gregory Edigarov




Hi,

I use KDE with two monitors connected to one card and it seems to work  
well with Firefox always starting up on display 1 and libreoffice  
always starting up on display 0 for me. I don't know anything about  
spectrwm (or KDE or X for that matter :)


My xorg.conf has

Section Screen
Identifier Screen0
Device Card0
MonitorMonitor0
SubSection Display
Viewport   0 0
Depth 24
Modes 1920x1080
Virtual 3840 1080
EndSubSection
EndSection

Vijay


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Dilemma: between OpenBSD and NetBSD

2012-08-10 Thread Vijay Sankar 

Quoting benh...@gmx.us:


Hi

A client of mine asked me if I can develop a BSD project for them. I  
don't have much experience with BSDs, and I have been collecting  
some background information.

I was given the choice between OpenBSD and NetBSD.
Now, since portability is not all that important, I was oriented  
towards OpenBSD, which is more secure. The only problem might be the  
lack of certain features on OpenBSD, such as support for a modern  
filesystem. As I said, I don't know much about BSDs, so don't flame  
at me if I say something incorrect. In fact, I am asking your advice.
What I would need for my project is a filesystem that supports, at  
least, journaling. From what I have seen, NetBSD already has that,  
while OpenBSD doesn't.
Has any modern filesystem been ported to OpenBSD? I really need to  
know, because this issue may constitute a stumbling block to my  
adoption of OpenBSD.


Thanks

Ben J. Rafter




You may want to go through the FAQ. The part of the FAQ at  
http://www.openbsd.org/faq/faq8.html answers your questions very  
clearly. For example:


8.21 - Does OpenBSD support any journaling filesystems?

No it doesn't. We use a different mechanism to achieve similar results  
called Soft Updates. Please read FAQ 14 - Soft Updates to get more  
details.


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: strange system resource limits

2012-08-10 Thread Vijay Sankar 

Quoting Friedrich Locke friedrich.lo...@gmail.com:


Hi,

i have setted my system resources for a given user via login.conf, but
after the user login the ulimit -a returns different values.

Here is my login.conf entry:

general:\
:coredumpsize=infinity:\
:cputime=infinity:\
:datasize=infinity:\
:filesize=infinity:\
:stacksize=infinity:\
:maxproc=infinity:\
:memorylocked=infinity:\
:memoryuse=infinity:\
:openfiles=infinity:\
:vmemoryuse=infinity:\
:auth=krb5-or-pwd:\
:ignorenologin:\
:localcipher=blowfish,6:\
:ypcipher=old:\
:priority=-5:\
:ftp-chroot:\
:tc=default:

But when i log in, what i get for ulimit is:

sioux@gustav$ ulimit -a
time(cpu-seconds)unlimited
file(blocks) unlimited
coredump(blocks) unlimited
data(kbytes) 8388608
stack(kbytes)32768
lockedmem(kbytes)unlimited
memory(kbytes)   unlimited
nofiles(descriptors) 7030
processes1310


My doubt is why data and stack limits are not infinity ?

Thanks in advance.




I think this could be because the developers do not want datasize or  
stack to be unlimited :)


I do recall reading somewhere in the lists that the maximum amount of  
virtual memory that can be allocated by a process using malloc is 8GB  
and is set by MAXDSIZ (in vmparam.h). Hopefully I am not giving you a  
totally silly answer and someone more knowledgeable will answer your  
question correctly.



Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: problem in fstab

2012-07-24 Thread Vijay Sankar 

Quoting HvN huubvanniek...@gmail.com:


On Tue, 24 Jul 2012 18:59:14 +0200, Otto Moerbeek wrote:


On Tue, Jul 24, 2012 at 04:44:36PM +, HvN wrote:


Hi,

Today I installed v.5.1 and all went nicely. I put my nfs server in
fstab,
modified hosts and added a mountpoint in /mnt. All worked. Then I
rebooted and the boot halts with:

fsck: exec /usr/sbin/fsck_nfs for Kaapstad:/admin: No such file or
directory

THE FOLLOWING FILE SYSTEM HAD AN UNEXPECTED INCONSISTENCY:
nfs: Kaapstad:/admin (/mnt/Kaapstadadmin)
Unknown error: help!
Enter pathname of shell or RETURN for sh:


How can I solve this? Thank you..


Go to single user mode, show the exact fstab line. Likely it does not
end with 0 0.

-Otto


I booted into single user mode, mounted / and /usr according to FAQ 8.
However, when I try to use vi to change fstab, it says unknown terminal
type. Any suggestions ?




You have to type in

export TERM=vt220

or something like that

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: MPLS VPN on OpenBSD

2012-04-28 Thread Vijay Sankar 

Quoting Rolf Sommerhalder rolf.sommerhal...@alumni.ethz.ch:


Have you noticed the paper which Claudio Jeker had presented at
EuroBSDCon 2011?
  http://2011.eurobsdcon.org/papers/jeker/MPLS.pdf

Althought the talk is listed at
  http://www.openbsd.org/events.html
it is missing at
  http://www.openbsd.org/papers/




Thank you for posting this link. That was an excellent paper. I really  
learned a few things from this.


Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Intel i7 -- OpenBSD amd64

2012-03-01 Thread Vijay Sankar 

Quoting Alvaro Mantilla Gimenez alv...@alvaromantilla.com:


Hi,

  I just want to confirm if intel i7 975 processor are capable to run
OpenBSD amd64 version.

  Thanks for your replys in advance.

  Kind Regards,

 Alvaro




OpenBSD runs very well on the following box that has an i7 processor  
-- I am not sure what the 975 refers to.


$ sysctl hw
hw.machine=amd64
hw.model=Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
hw.ncpu=8
hw.byteorder=1234
hw.pagesize=4096
hw.disknames=sd0:33c4756503ecdda1,sd1:,sd2:67fc90b2b8ff86cc
hw.diskcount=3
hw.sensors.cpu0.temp0=44.00 degC
hw.sensors.cpu1.temp0=44.00 degC
hw.sensors.cpu2.temp0=44.00 degC
hw.sensors.cpu3.temp0=44.00 degC
hw.sensors.cpu4.temp0=44.00 degC
hw.sensors.cpu5.temp0=44.00 degC
hw.sensors.cpu6.temp0=44.00 degC
hw.sensors.cpu7.temp0=44.00 degC
hw.cpuspeed=3411
hw.setperf=100
hw.vendor=ASUSTeK Computer INC.
hw.product=P8H67-M EVO


Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: qemu and USB drives (SOLVED)

2012-01-29 Thread Vijay Sankar 

Quoting Stuart Henderson s...@spacehopper.org:


On 2012-01-28, Vijay Sankar vsan...@foretell.ca wrote:

Hi,

Sorry for the long message. I am not able to figure out a good
solution for the following:

Right now, what I do to test ports etc., is download install51.iso,
run it within qemu, and then do the work. To test the port on a
different server (which is on a different network), I end up burning a
new CD or use PXE boot within my LAN when that is possible, so that
the latest version is on a USB stick. However, I would like to have
-current or -beta on a USB drive without having to burn a CD or use
PXE boot.

Is it possible to install OpenBSD on a USB drive from within qemu and
then use that USB drive to boot a laptop?


I don't know about doing this with qemu, but you can fdisk/disklabel,
mount, untar sets, create fstab, and run installboot(8) manually from
a running OS..




Thank you very much for the five clues you gave me here. It is  
perfect! As you very politely hinted, I was using the wrong tool for  
what I was trying to achieve.


Also, for the archives, many people sent me suggestions in private  
messages. I replied to them and thanked them in private but would like  
to thank them again through the list as well. I tried each of their  
suggestions and this is what I noticed. Jotting it down for the  
archives just in case it saves time for anyone.


SUGGESTIONS FROM LIST AND THE RESULTS

1) TRY WITH A DIFFERENT USB STICK: I purchased a 2GB and another 8GB  
USB stick and retried the installation. On the new 2GB drive as well  
as the 8GB drive, installation from qemu worked but I could not reboot  
using the drive on a laptop. disklabel continued to give me wrong  
information as mentioned in my initial message.


2) WIPE OUT SECURITY STUFF ON THE USB DISK: I did an fdisk and  
disklabel on the 2GB drive. As soon as I did that, qemu installation  
worked without any problems and I was able to take the drive and boot  
a laptop with it. I now see the following from the host as well as the  
guest.


disklabel sd6
# /dev/rsd6c:
type: ESDI
disk: ESDI/IDE disk
label: QEMU HARDDISK
duid: 9fa6e404f695e65d
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 64
sectors/cylinder: 4032
cylinders: 999
total sectors: 4028416
boundstart: 63
boundend: 3999744
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize  cpg]
  a:  3869377   63  4.2BSD   2048 163841
  b:   130281  3869440swap
  c:  40284160  unused


3) TRY RAW AND BLOCK MODES: I was able to install using /dev/sd6c as  
well as /dev/rsd6c with the 2GB drives once it was partitioned  
properly. The install script did not partition the 2GB drive into many  
chunks -- it kept a and b that I had configured with fdisk.


4) TRY RAW AND BLOCK MODES: With the new 8GB drive, I was able to  
install as mentioned earlier. It would not boot on a laptop but would  
boot when used with qemu. But once I did an fdisk -i, wiped out what  
was there and created the partitions, installation worked with  
/dev/rsd6c as well as /dev/sd6c and I can boot from within qemu as a  
guest VM or on a laptop. Interestingly, all I did was create a 7.2GB  
sd6a and sd6b as swap but the installation program did create all the  
different partitions (unlike the 2GB disk).


Here is the disklabel from the qemu host:

disklabel sd6
# /dev/rsd6c:
type: ESDI
disk: ESDI/IDE disk
label: QEMU HARDDISK
duid: 56f7b68cb1c83aea
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 16
sectors/cylinder: 1008
cylinders: 15520
total sectors: 15644912
boundstart: 64
boundend: 15631245
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize  cpg]
  a:   211392   64  4.2BSD   2048 163841
  b:   211395   211456swap
  c: 156449120  unused
  d:   321792   422880  4.2BSD   2048 163841
  e:   287456   744672  4.2BSD   2048 163841
  f:  1890752  1032128  4.2BSD   2048 163841
  g:  1077088  2922880  4.2BSD   2048 163841
  h:  4289408  368  4.2BSD   2048 163841
  i:  2116160  8289376  4.2BSD   2048 163841
  j:  2700416 10405536  4.2BSD   2048 163841
  k:  2525152 13105952  4.2BSD   2048 163841


5) USE DUID: That has been my practice since it became available. Use  
of duid helped me here as well since I did not have to change  
/etc/fstab.


6) USE VIRTUALBOX: I tried with VirtualBox on my iMac and it worked  
well once the disk was partitioned properly. I don't use the iMac much  
since I discovered how awesome xxxterm is, So I did not spend a lot of  
time with VirtualBox, if it is helpful to do any additional tests,  
please let me know and I can do that.


7) STUART's SUGGESTION: This is perfect for me since I don't have

Re: pf.conf man page question (pass rule matching vs. state creation)

2012-01-29 Thread Vijay Sankar 

Quoting corey clingo clinge...@gmail.com:


I had to replace the dead hard drive in an old OpenBSD firewall
yesterday (it only ran for about 8 years :), and in the process I had
to re-do my pf.conf to incorporate the newer (post-4.6 or thereabouts)
syntax. I was trying to figure out why I have what appears to be two
states for each incoming connection that is getting rdr-to'd a box on
the internal network by a pass rule, but I digress.

Anyway, I'm reading the pf.conf man page, and I interpret it as saying
that the last matching pass/block rule determines what action is
taken, but the _first_ matching pass rule is what creates the state.
Am I interpreting this correctly? Is that a contradiction of sorts, at
least from the PoV of being able to use pfctl -ss or systat states to
see what's going on? Should I be using match rules to do nat-to/rdr-to
instead?

Thanks in advance,
Corey




We use PPPoE and have the following with NAT (the firewall has 6  
interfaces and we use NAT just with two of them -- lan and publicdmz)


# NAT all traffic from LAN and Public DMZ to the Internet
match out log on pppoe0 from lan:network to any nat-to (pppoe0)
match out log on pppoe0 from publicdmz:network to any nat-to (pppoe0)
pass out log on pppoe0 from lan:network to any nat-to (pppoe0)
pass out log on pppoe0 from publicdmz:network to any nat-to (pppoe0

Hope this helps.

Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

qemu and USB drives

2012-01-28 Thread Vijay Sankar 

Hi,

Sorry for the long message. I am not able to figure out a good  
solution for the following:


Right now, what I do to test ports etc., is download install51.iso,  
run it within qemu, and then do the work. To test the port on a  
different server (which is on a different network), I end up burning a  
new CD or use PXE boot within my LAN when that is possible, so that  
the latest version is on a USB stick. However, I would like to have  
-current or -beta on a USB drive without having to burn a CD or use  
PXE boot.


Is it possible to install OpenBSD on a USB drive from within qemu and  
then use that USB drive to boot a laptop?


For example, I installed 5.1 -beta as follows using qemu on my 5.0 desktop:

qemu-system-x86_64 -m 1024 -monitor stdio -no-fd-bootchk -hda  
/dev/rsd6c -cdrom

home/vsankar/downloads/openbsd/jan27-2012/install51.iso -boot d

From my 5.0 desktop, I am able to do the following and boot OpenBSD  
within a VM


sudo env ETHER=em0 qemu-system-x86_64 \
-m 1200 -no-fd-bootchk -hda /dev/rsd6c

I thought this would allow me to take the USB drive and boot from it  
on my notebook. When it did not, I did a disklabel (on the qemu host  
-- OpenBSD 5.0 amd64) and saw the following:


disklabel sd6
# /dev/rsd6c:
type: SCSI
disk: SCSI disk
label: DT 101 G2
duid: 
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 973
total sectors: 15644912
boundstart: 0
boundend: 15644912
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize  cpg]
  c: 156449120  unused

But when I boot the 5.1 VM, everything works from the USB and  
disklabel shows all the partitions. Should I not see partition a  
through k on the USB stick when using disklabel on the qemu host also?


I was expecting to see something like this from the qemu host as well  
as the guest VM:


disklabel -A sd6
# /dev/rsd6c:
type: SCSI
disk: SCSI disk
label: DT 101 G2
duid: 
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 973
total sectors: 15644912
boundstart: 0
boundend: 15644912
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize  cpg]
  a:   2403200  4.2BSD   2048 163841 # /
  b:   240340   240320swap
  c: 156449120  unused
  d:   368128   480672  4.2BSD   2048 163841 # /tmp
  e:   362720   848800  4.2BSD   2048 163841 # /var
  f:  1919680  1211520  4.2BSD   2048 163841 # /usr
  g:  1094464  3131200  4.2BSD   2048 163841 # /usr/X11R6
  h:  4347296  4225664  4.2BSD   2048 163841 # /usr/local
  i:  2143040  8572960  4.2BSD   2048 163841 # /usr/src
  j:  2143040 10716000  4.2BSD   2048 163841 # /usr/obj
  k:  2785728 12859040  4.2BSD   2048 163841 # /home

Any clues greatly appreciated.

Thanks very much,

Vijay

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

Re: Starting out

2012-01-27 Thread Vijay Sankar 

Quoting Jannik Pruitt pruttel...@googlemail.com:


Hi everyone.

I got my netier xl 1000 runing now.
It has full network and I can ssh to and from.
X does come up.

thanks for the help with the config on the 32GB CF card.

What I want to do now is put a better terminal in.
A small office suite either console or X based or both.

And I want to install a web browser

Is there a guide or a help page you can point me to.

I know that Open BSD is not really a desk top system.
But its so low in installed space

Thanks




Well, it is a good desktop system and so much more and the  
documentation is very very good. By the way lynx is already in the  
default installation if you are looking to just get to  
www.openbsd.org/faq


http://liveusb-openbsd.sourceforge.net has an example of a complete  
desktop system on a 2GB USB stick, so 32GB CF should be more than  
adequate for running pretty much anything including libreoffice and so  
on.



Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
vsan...@foretell.ca

-
This message was sent using ForeTell-POST 4.9

changes to sendmail

2011-09-29 Thread Vijay Sankar 
Is there a way to get sendmail to use SMTP AUTH and LDAPMAP without recompiling 
all the binaries?

I would like to change from the default

Version 8.14.3
 Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING SCANF
SOCKETMAP STARTTLS TCPWRAPPERS USERDB XDEBUG

to

Version 8.14.3
 Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
MIME8TO7 NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS
PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS TCPWRAPPERS USERDB
USE_LDAP_INIT XDEBUG

without rebuilding userland. 

The way I do it right now is by adding WANT_SMTPAUTH and WANT_LDAP to mk.conf 
and rebuilding all binaries but was wondering if there is a better way.

Thank you,

Vijay

Re: changes to sendmail

2011-09-29 Thread Vijay Sankar 

Quoting Stuart Henderson s...@spacehopper.org:


On 2011-09-29, Vijay Sankar vsan...@foretell.ca wrote:
Is there a way to get sendmail to use SMTP AUTH and LDAPMAP without  
recompiling all the binaries?


I would like to change from the default

Version 8.14.3
 Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS  
PIPELINING SCANF

SOCKETMAP STARTTLS TCPWRAPPERS USERDB XDEBUG

to

Version 8.14.3
 Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
MIME8TO7 NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS
PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS  
TCPWRAPPERS USERDB

USE_LDAP_INIT XDEBUG

without rebuilding userland.

The way I do it right now is by adding WANT_SMTPAUTH and WANT_LDAP  
to mk.conf and rebuilding all binaries but was wondering if there  
is a better way.


Thank you,

Vijay




The best way is probably to make a port of it...




Thanks very much, I will try that path and will report back if I make  
any progress.


Vijay Sankar
ForeTell Technologies Limited
vsan...@foretell.ca
204.885.9535

-
This message was sent using ForeTell-POST 4.7

Re: changes to sendmail

2011-09-29 Thread Vijay Sankar 

Quoting Jay Em Cee j...@cosmicnetworks.net:


--- Vijay Sankar [Thu, Sep 29, 2011 at 08:00:29AM -0500]: ---
Is there a way to get sendmail to use SMTP AUTH and LDAPMAP without  
recompiling all the binaries?



...


without rebuilding userland.

The way I do it right now is by adding WANT_SMTPAUTH and WANT_LDAP  
to mk.conf and rebuilding all binaries but was wondering if there  
is a better way.


Well, you don't have to rebuild *all* binaries, just sendmail. Sorry if
I'm misinterpreting what you meant here. A sendmail rebuild just takes
minutes on my box.

If you're merely asking the powers that be to change the way sendmail is
built, that's a different matter entirely, and one I won't attempt to
answer.




Thanks for your reply. No, it is not a request to change sendmail  
because I actually like the way sendmail is built!


What I tried to do was the following:

cd /usr/src/gnu/usr.sbin/sendmail
make clean all

I thought this would pick up the mk.conf directives for WANT_SMTPAUTH  
and WANT_LDAP. But when I rebooted the build machine it did not allow  
me to access the OpenLDAP server for aliases. So I built the whole  
userland (and xenocara) using the process described in the FAQ and  
that did solve the problem. So I probably am missing something here.


Vijay


Vijay Sankar
ForeTell Technologies Limited
vsan...@foretell.ca
204.885.9535

-
This message was sent using ForeTell-POST 4.7

  1   2   3   >