Re: RSS or Atom syndication for security advisories?
I did not say that. I did not see that you in particular, or anyone in this mailing list, make this work. As a user, I simply suggest creating an RSS channel for security advisories and *even* I offer myself to help. The intention behind was to improve OpenBSD web. Simply. I want to thank Brian and Hiltjo who gave me positives answers with resolutive comments. I missed some guide or collaboration in order to incorporate this change or at least talk about technical pros and cons. Perhaps it's me but I perceived some kind or rudeness in some responses. Oh! Come on! Why don't we concentrate in teach reasons and not in "I don't want to move my position". Do you think this kind of answer would benefit the project? Do you treat people in reality like in the web? Xavier A 22.05.2023 15:11, Theo de Raadt escrigué: I am not going to do any of this work you want. Good bye. Xavier wrote: "Theo de Raadt" said: > I'd be thrilled to do less work on errata! > How about we do RSS, and stop making errata? > We can do static RSS. > Configure and forget. I don't know if you say it seriously. If you do, I think it's the best. Perhaps you could write some semantic file and convert them to desired format (html, RSS, etc.). I saw the www repo (https://github.com/openbsd/www/blob/38884496ed89e3041dcaaeadaf21e20a918581ee/errata73.html) and it seems you make things manually. Don't you think an static site generator or some kind of tool to make things more automatic (I'm thinking in mandoc conversion because all the web is really a big documentation project)? Regards, Xavier
Re: RSS or Atom syndication for security advisories?
Thanks a lot, Brian. Very appreciated. So now the only work is to merge to www A 22.05.2023 15:50, Brian Conway escrigué: On Mon, May 22, 2023, at 9:59 AM, Xavier wrote: I don't know if you say it seriously. If you do, I think it's the best. Perhaps you could write some semantic file and convert them to desired format (html, RSS, etc.). I saw the www repo (https://github.com/openbsd/www/blob/38884496ed89e3041dcaaeadaf21e20a918581ee/errata73.html) and it seems you make things manually. Don't you think an static site generator or some kind of tool to make things more automatic (I'm thinking in mandoc conversion because all the web is really a big documentation project)? Regards, Xavier Done. https://www.mail-archive.com/announce@openbsd.org/maillist.xml Enjoy. Bye. -b
Re: RSS or Atom syndication for security advisories?
"Theo de Raadt" said: I'd be thrilled to do less work on errata! How about we do RSS, and stop making errata? We can do static RSS. Configure and forget. I don't know if you say it seriously. If you do, I think it's the best. Perhaps you could write some semantic file and convert them to desired format (html, RSS, etc.). I saw the www repo (https://github.com/openbsd/www/blob/38884496ed89e3041dcaaeadaf21e20a918581ee/errata73.html) and it seems you make things manually. Don't you think an static site generator or some kind of tool to make things more automatic (I'm thinking in mandoc conversion because all the web is really a big documentation project)? Regards, Xavier
Re: RSS or Atom syndication for security advisories?
Why? I can help you if you want to code it On Mon, 22 May 2023 04:37:06 -0600 "Theo de Raadt" ha escrit: > Not going to happen. > > Xavier B. wrote: > > > Yeah!, I understand you. But I think it should be included in official > > resources. To whom is concerned about. > > > > On Sun, 21 May 2023 21:27:19 +0200 > > Hiltjo Posthuma ha escrit: > > > > > On Sun, May 21, 2023 at 06:26:12PM +, Xavier B. wrote: > > > > Thanks, Hiltjo, for your help. I very appreciate that. > > > > > > > > Perhaps it could be useful to place it in official site. > > > > What do you think? What kind of software do you use to generate the web > > > > page? Perhaps I could help you to add RSS security advisories. > > > > > > > > > > Hi, > > > > > > You're welcome, but to be clear: I only posted the link. > > > > > > http://undeadly.org/cgi?action=about > > > > >
Re: RSS or Atom syndication for security advisories?
Yeah!, I understand you. But I think it should be included in official resources. To whom is concerned about. On Sun, 21 May 2023 21:27:19 +0200 Hiltjo Posthuma ha escrit: > On Sun, May 21, 2023 at 06:26:12PM +0000, Xavier B. wrote: > > Thanks, Hiltjo, for your help. I very appreciate that. > > > > Perhaps it could be useful to place it in official site. > > What do you think? What kind of software do you use to generate the web > > page? Perhaps I could help you to add RSS security advisories. > > > > Hi, > > You're welcome, but to be clear: I only posted the link. > > http://undeadly.org/cgi?action=about >
Re: RSS or Atom syndication for security advisories?
Thanks, Hiltjo, for your help. I very appreciate that. Perhaps it could be useful to place it in official site. What do you think? What kind of software do you use to generate the web page? Perhaps I could help you to add RSS security advisories. Thanks, Xavier On Sun, 21 May 2023 16:03:54 +0200 Hiltjo Posthuma ha escrit: > On Sun, May 21, 2023 at 11:34:57AM +0000, Xavier B. wrote: > > Hi, > > > > I just want to know if there is an RSS or Atom syndication advisories. > > > > I have several machines with several operaring system in them: GNU/Linux > > (alpine and arch), FreeBSD and OpenBSD. > > I have a news reader and I'm subscribed to many operating systems security > > advisories so ocassionally I know there are some security bugs and then I > > need to update one of my machine system. > > > > > > Regarding to OpenBSD I just saw this errata page > > [https://www.openbsd.org/errata73.html] but it is not RSS/atom and it's > > version specific. Is it anywhere else? > > > > If not, please consider to provide it from an user point of view. > > > > Thanks in advance, > > > > Hi, > > http://undeadly.org/errata/errata.rss > > -- > Kind regards, > Hiltjo
RSS or Atom syndication for security advisories?
Hi, I just want to know if there is an RSS or Atom syndication advisories. I have several machines with several operaring system in them: GNU/Linux (alpine and arch), FreeBSD and OpenBSD. I have a news reader and I'm subscribed to many operating systems security advisories so ocassionally I know there are some security bugs and then I need to update one of my machine system. Regarding to OpenBSD I just saw this errata page [https://www.openbsd.org/errata73.html] but it is not RSS/atom and it's version specific. Is it anywhere else? If not, please consider to provide it from an user point of view. Thanks in advance,
Re: Unconsistent two-level write speed bouncing on softraid RAID1 SSD's
I decided talking about my performance issue to the manufacturer's support (Crucial by Micron). I convinced them that the disks had a problem so they proposed me RMA for my two disks and initiated the procedure from their side. I hope this would help someone getting a similar issue. Hopping this would help someone facing a similar situation. Thanks all for your replies. Cheers PS: I was pleasently surprised Crucial's support did not forced me installing windows to run their diag tool and told they "Understood" I was running OpenBSD On Wed, 2021-06-09 at 03:45 +0200, xavie...@mailoo.org wrote: > Hello, There's a strange write speed bounce behavior on my SATA > softraid > RAID1 SSD (Crucial BX500 480GB 3D NAND). Sequential writes starts > high > (~450MB/s with dd and a bs of 1M) then after about 30s to 1:30 minute > it > falls to a low ~7MB/s for one minute, then bounce back to the high > speed > of 450MB/s and so forth. > > Maybe the problem come from my Crucial BX500 480GB 3D NAND SATA 2.5- > inch > SSD which are new. But I'm not 100% sure what's happening really. > Maybe > this would help someone facing a similar situation with this > particular > high / low write speed bounces. I also tried with a second softraid > on > the same machine but with spinning USB disks. No problems so far, the > write speed is constant. Read speed are fine and constant on SSD as > well. > > Please let me know if there something I should try to workaroud or > identify this > problem. > > Reproduction scenario: > > note: The test I made to show you used the default 512B block size > with dd (so > the high speed is limited to ~130MB/s and the low speed remains > around 7MB/s) > > - disabled pf and system logs > - dd if=/dev/zero of=testfile # on /home > - iostat -w1 sd0 sd1 sd6 # chunk0 chunk1 softraid_volume > > See iostat: for results > > mount: > /dev/sd6a on / type ffs (local, softdep) > /dev/sd6h on /home type ffs (local, nodev, nosuid, softdep) > /dev/sd6e on /tmp type ffs (local, nodev, nosuid, softdep) > /dev/sd6f on /usr type ffs (local, nodev, softdep) > /dev/sd6g on /var type ffs (local, nodev, nosuid, softdep) > > disklabel: > # /dev/rsd0c: > type: SCSI > disk: SCSI disk > label: CT480BX500SSD1 > duid: 808fe38d1751a671 > flags: > bytes/sector: 512 > sectors/track: 63 > tracks/cylinder: 255 > sectors/cylinder: 16065 > cylinders: 58369 > total sectors: 937703088 > boundstart: 64noatimenoatime > boundend: 937697985 > drivedata: 0 > > 16 partitions: > # size offset fstype [fsize bsize cpg] > a: 937697921 64 RAID > c: 937703088 0 unused > # /dev/rsd1c: > type: SCSI > disk: SCSI disk > label: CT480BX500SSD1 > duid: 33c950831897af57 > flags: > bytes/sector: 512 > sectors/track: 63 > tracks/cylinder: 255 > sectors/cylinder: 16065 > cylinders: 58369 > total sectors: 937703088 > boundstart: 64 > boundend: 937697985 > drivedata: 0 > > 16 partitions: > # size offset fstype [fsize bsize cpg] > a: 937697921 64 RAID > c: 937703088 0 unused > # /dev/rsd6c: > type: SCSI > disk: SCSI disk > label: SR RAID 1 > duid: 1266e4d9a58f149d > flags: > bytes/sector: 512 > sectors/track: 63 > tracks/cylinder: 255 > sectors/cylinder: 16065 > cylinders: 58368 > total sectors: 937697393 > boundstart: 64 > boundend: 937681920 > drivedata: 0 > > 16 partitions: > # size offset fstype [fsize bsize cpg] > a: 2104448 64 4.2BSD 2048 16384 12960 # / > b: 33768633 2104512 swap # none > c: 937697393 0 unused > d: 2104480 35873152 4.2BSD 2048 16384 12960 > e: 8402016 37977632 4.2BSD 2048 16384 12960 # /tmp > f: 62926592 46379648 4.2BSD 2048 16384 12960 # /usr > g: 62926624 109306240 4.2BSD 2048 16384 12960 # /var > h: 765449024 172232896 4.2BSD 4096 32768 26062 # /home > > bioctl: > Volume Status Size Device > softraid0 1 Online 1000170315776 sd7 RAID1 > 0 Online 1000170315776 1:0.0 noencl > 1 Online 1000170315776 1:1.0 noencl > > dd: > 23679552+0 records in > 679551+0 records out > 123930112 bytes transferred in 177.691 secs (68230103 bytes/sec) > > corresponding iostat: > sd0 sd1 sd6 > KB/t t/s MB/s KB/t t/s MB/s KB/t t/s MB/s > 30.06 31 0.92 3023679552+0 records in > 679551+0 records out > 123930112 bytes transferred in 177.691 secs (68230103 bytes/sec) .12 > 31 0.92 29.81 32 0.95 > 14.47 17 0.24 14.47 17 0.24 14.47 17 0.24 > 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 > 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 > 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 > 2.00 2 0.00 2.00 2 0.00 2.00 2 0.00 > 16.00 1 0.02 16.00 1 0.02 16.00 1 0.02 > 16.00 1 0.02 16.00 1 0.02 16.00 1 0.02 > 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 > 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 > 32.00 250 7.80 32.00 250 7.80 32.00 250 7.80 DD START > 32.00 5116 159.88 32.00 5116 159.88 32.00 5116 159.88 > 31.95 4656 145.30 31.95 4655 145.27 31.95 4655 145.27 > 31.99 4501 140.60 31.99 4502 140.63 31.99 4502 140.63 > 32.00 4446 138.94 32.00 4446 138.94 32.00 4446 138.94 > 32.00 4303 134.47 32.00 4302 134.44 32.00 4303 134.47 > 32.00 4313 134.77 32.00 4313 134.77 32.00 4313 134.77 > 32.00 4380 136.88
Re: Unconsistent two-level write speed bouncing on softraid RAID1 SSD's
I don't see how an SSD can be SMR or CMR as it's not spinning plates. But I can understand those SSD's quality can be part of the problem. On Thu, 2021-06-10 at 12:50 +, Kent Watsen wrote: > The Crucial BX500 SSD uses SMR technology, which is best used for > infrequent-write applications. > > For general-purpose, and especially NAS, applications, CMR technology > should be used. > > K. > > > On Jun 10, 2021, at 6:20 AM, Xavier Sanchez > > wrote: > > > > Hi ! not so surprising news: hardware is the problem > > > > I managed to get one of the two disks apart yesterday and I figured > > out > > that those disks was in cause. (both of them) > > > > Written from my laptop directly to the device and > > - good and constant read speed > > - bouncing 7MB/s to high write speed > > > > I did looked at the serial number, they're the same. > > > > Manufacturer's support suggests that if there's no trim, write > > speed > > may be impacted ( but so much ? ) and told to let the disk idle for > > 6 > > to 8 hours so the internal garbage collector could clean it. > > > > I tried that with no luck as well. > > > > Read somewhere that issuing a security erase could also help. So I > > tried issuing the following: > > > > # atactl sd0c secsetpass user high > > User password: > > Retype user password: > > atactl: ATA device returned error register 0 > > > > But any sec* command returned: > > atactl: ATA device returned error register 0 > > > > even after a coldboot ( non-frozen ), despite the devices supports > > the > > Security Mode feature set > > > > - Am I attempting to issue the security erase the wrong way ? > > > > To me it was 0) check if not frozen 2) set user pass 3) issue > > security > > erase command with password. > > > > # atactl sd0c > > Model: CT480BX500SSD1, Rev: M6CR022, Serial #: 2030E408CA88 > > Device type: ATA, fixed > > Cylinders: 16383, heads: 16, sec/track: 63, total sectors: > > 937703088 > > Device capabilities: > > ATA standby timer values > > IORDY operation > > IORDY disabling > > Device supports the following standards: > > ATA-3 ATA-4 ATA-5 ATA-6 ATA-7 ATA-8 ATA-9 ATA-10 > > Master password revision code 0xfffe > > Device supports the following command sets: > > NOP command > > READ BUFFER command > > WRITE BUFFER command > > Host Protected Area feature set > > Read look-ahead > > Write cache > > Power Management feature set > > Security Mode feature set > > SMART feature set > > Flush Cache Ext command > > Flush Cache command > > 48bit address feature set > > Advanced Power Management feature set > > DOWNLOAD MICROCODE command > > Device has enabled the following command sets/features: > > NOP command > > READ BUFFER command > > WRITE BUFFER command > > Host Protected Area feature set > > Read look-ahead > > Write cache > > Power Management feature set > > SMART feature set > > Flush Cache Ext command > > Flush Cache command > > 48bit address feature set > > DOWNLOAD MICROCODE command > > > > > > > On Wed, 2021-06-09 at 03:45 +0200, xavie...@mailoo.org wrote: > > > Hello, There's a strange write speed bounce behavior on my SATA > > > softraid > > > RAID1 SSD (Crucial BX500 480GB 3D NAND). Sequential writes starts > > > high > > > (~450MB/s with dd and a bs of 1M) then after about 30s to 1:30 > > > minute > > > it > > > falls to a low ~7MB/s for one minute, then bounce back to the > > > high > > > speed > > > of 450MB/s and so forth. > > > > > > Maybe the problem come from my Crucial BX500 480GB 3D NAND SATA > > > 2.5- > > > inch > > > SSD which are new. But I'm not 100% sure what's happening really. > > > Maybe > > > this would help someone facing a similar situation with this > > > particular > > > high / low write speed bounces. I also tried with a second > > > softraid > > > on > > > the same machine but with spinning USB disks. No problems so far, > > > the > > > write speed is con
Re: Unconsistent two-level write speed bouncing on softraid RAID1 SSD's
All right, thanks for pointing out the details and the procedure, seems legit secfreeze is issued by default. On Thu, 2021-06-10 at 07:08 -0700, Bryan Linton wrote: > On 2021-06-10 11:49:59, Xavier Sanchez wrote: > > > > Read somewhere that issuing a security erase could also help. So I > > tried issuing the following: > > > > # atactl sd0c secsetpass user high > > User password: > > Retype user password: > > atactl: ATA device returned error register 0 > > > > But any sec* command returned: > > atactl: ATA device returned error register 0 > > > > even after a coldboot ( non-frozen ), despite the devices supports > > the > > Security Mode feature set > > > > - Am I attempting to issue the security erase the wrong way ? > > > > This is not possible on OpenBSD. It's actually a feature, not a > bug. OpenBSD issues the secfreeze command at the driver level > when disks attach. > > From atactl(8): > > secfreeze > Prevents changes to passwords until a following power > cycle. > The purpose of this command is to prevent password > setting > attacks on the security system. After command > completion any > other commands that update the device lock mode will be > aborted. > > > You can see in src/sys/dev/ata/atascsi.c:408 and > src/sys/dev/ata/wd.c:305 that the same command is issued to all > sd(4) and wd(4) drives as a security measure. > > You're going to need to boot from a live CD/USB in order to set a > password on the drive. > > You should also double-check that your BIOS doesn't have a setting > to disable this too. I've heard that some BIOSes have a toggle > for this to help mitigate the above-mentioned password setting > attacks. > > Also, another poster mentioned that these are SMR drives. If > that's the case, then the "stuttering" speeds you described is > normal for them. SMR drives are good for storing infrequently > accessed files. They're big and they're cheap, but they're not > always very fast. > > Like the old saying goes when it comes to hard drives, "Pick any > two: cheap, fast, big". SMR drives write data in "stripes". If > you change even one bit of one byte anywhere in that stripe, the > drive has to read the entire stripe into memory, change what was > changed, then re-write the entire stripe. > > This is a limitation of the technology they use. It allows very > high density drives, but has the drawback of slowing things down a > lot whenever the drive has to re-write a stripe of data. > > > I've personally found that SMR drives are good enough for my use > case, but I wouldn't recommend them for a live database where > latency is much more critical. > > It seems like the new hierarchy is now: > > SSD >> PMR > SMR > > when it comes to speed. The inverse is true when it comes to > capacity. > > So to summarize, your drive may be working exactly as intended. >
Re: Unconsistent two-level write speed bouncing on softraid RAID1 SSD's
Hi ! not so surprising news: hardware is the problem I managed to get one of the two disks apart yesterday and I figured out that those disks was in cause. (both of them) Written from my laptop directly to the device and - good and constant read speed - bouncing 7MB/s to high write speed I did looked at the serial number, they're the same. Manufacturer's support suggests that if there's no trim, write speed may be impacted ( but so much ? ) and told to let the disk idle for 6 to 8 hours so the internal garbage collector could clean it. I tried that with no luck as well. Read somewhere that issuing a security erase could also help. So I tried issuing the following: # atactl sd0c secsetpass user high User password: Retype user password: atactl: ATA device returned error register 0 But any sec* command returned: atactl: ATA device returned error register 0 even after a coldboot ( non-frozen ), despite the devices supports the Security Mode feature set - Am I attempting to issue the security erase the wrong way ? To me it was 0) check if not frozen 2) set user pass 3) issue security erase command with password. # atactl sd0c Model: CT480BX500SSD1, Rev: M6CR022, Serial #: 2030E408CA88 Device type: ATA, fixed Cylinders: 16383, heads: 16, sec/track: 63, total sectors: 937703088 Device capabilities: ATA standby timer values IORDY operation IORDY disabling Device supports the following standards: ATA-3 ATA-4 ATA-5 ATA-6 ATA-7 ATA-8 ATA-9 ATA-10 Master password revision code 0xfffe Device supports the following command sets: NOP command READ BUFFER command WRITE BUFFER command Host Protected Area feature set Read look-ahead Write cache Power Management feature set Security Mode feature set SMART feature set Flush Cache Ext command Flush Cache command 48bit address feature set Advanced Power Management feature set DOWNLOAD MICROCODE command Device has enabled the following command sets/features: NOP command READ BUFFER command WRITE BUFFER command Host Protected Area feature set Read look-ahead Write cache Power Management feature set SMART feature set Flush Cache Ext command Flush Cache command 48bit address feature set DOWNLOAD MICROCODE command On Wed, 2021-06-09 at 03:45 +0200, xavie...@mailoo.org wrote: > Hello, There's a strange write speed bounce behavior on my SATA > softraid > RAID1 SSD (Crucial BX500 480GB 3D NAND). Sequential writes starts > high > (~450MB/s with dd and a bs of 1M) then after about 30s to 1:30 minute > it > falls to a low ~7MB/s for one minute, then bounce back to the high > speed > of 450MB/s and so forth. > > Maybe the problem come from my Crucial BX500 480GB 3D NAND SATA 2.5- > inch > SSD which are new. But I'm not 100% sure what's happening really. > Maybe > this would help someone facing a similar situation with this > particular > high / low write speed bounces. I also tried with a second softraid > on > the same machine but with spinning USB disks. No problems so far, the > write speed is constant. Read speed are fine and constant on SSD as > well. > > Please let me know if there something I should try to workaroud or > identify this > problem. > > Reproduction scenario: > > note: The test I made to show you used the default 512B block size > with dd (so > the high speed is limited to ~130MB/s and the low speed remains > around 7MB/s) > > - disabled pf and system logs > - dd if=/dev/zero of=testfile # on /home > - iostat -w1 sd0 sd1 sd6 # chunk0 chunk1 softraid_volume > > See iostat: for results > > mount: > /dev/sd6a on / type ffs (local, softdep) > /dev/sd6h on /home type ffs (local, nodev, nosuid, softdep) > /dev/sd6e on /tmp type ffs (local, nodev, nosuid, softdep) > /dev/sd6f on /usr type ffs (local, nodev, softdep) > /dev/sd6g on /var type ffs (local, nodev, nosuid, softdep) > > disklabel: > # /dev/rsd0c: > type: SCSI > disk: SCSI disk > label: CT480BX500SSD1 > duid: 808fe38d1751a671 > flags: > bytes/sector: 512 > sectors/track: 63 > tracks/cylinder: 255 > sectors/cylinder: 16065 > cylinders: 58369 > total sectors: 937703088 > boundstart: 64noatimenoatime > boundend: 937697985 > drivedata: 0 > > 16 partitions: > # size offset fstype [fsize bsize cpg] > a: 937697921 64 RAID > c: 937703088 0 unused > # /dev/rsd1c: > type: SCSI > disk: SCSI disk > label: CT480BX500SSD1 > duid: 33c950831897af57 > flags: > bytes/sector: 512 > sectors/track: 63 > tracks/cylinder: 255 > sectors/cylinder: 16065 > cylinders: 58369 > total sectors: 937703088 > boundstart: 64 > boundend: 937697985 > drivedata: 0 > > 16 partitions: > # size offset fstype [fsize bsize cpg] > a: 937697921 64 RAID > c: 937703088 0 unused > # /dev/rsd6c: >
Unconsistent two-level write speed bouncing on softraid RAID1 SSD's
Hello, There's a strange write speed bounce behavior on my SATA softraid RAID1 SSD (Crucial BX500 480GB 3D NAND). Sequential writes starts high (~450MB/s with dd and a bs of 1M) then after about 30s to 1:30 minute it falls to a low ~7MB/s for one minute, then bounce back to the high speed of 450MB/s and so forth. Maybe the problem come from my Crucial BX500 480GB 3D NAND SATA 2.5-inch SSD which are new. But I'm not 100% sure what's happening really. Maybe this would help someone facing a similar situation with this particular high / low write speed bounces. I also tried with a second softraid on the same machine but with spinning USB disks. No problems so far, the write speed is constant. Read speed are fine and constant on SSD as well. Please let me know if there something I should try to workaroud or identify this problem. Reproduction scenario: note: The test I made to show you used the default 512B block size with dd (so the high speed is limited to ~130MB/s and the low speed remains around 7MB/s) - disabled pf and system logs - dd if=/dev/zero of=testfile # on /home - iostat -w1 sd0 sd1 sd6 # chunk0 chunk1 softraid_volume See iostat: for results mount: /dev/sd6a on / type ffs (local, softdep) /dev/sd6h on /home type ffs (local, nodev, nosuid, softdep) /dev/sd6e on /tmp type ffs (local, nodev, nosuid, softdep) /dev/sd6f on /usr type ffs (local, nodev, softdep) /dev/sd6g on /var type ffs (local, nodev, nosuid, softdep) disklabel: # /dev/rsd0c: type: SCSI disk: SCSI disk label: CT480BX500SSD1 duid: 808fe38d1751a671 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 58369 total sectors: 937703088 boundstart: 64noatimenoatime boundend: 937697985 drivedata: 0 16 partitions: # size offset fstype [fsize bsize cpg] a: 937697921 64 RAID c: 937703088 0 unused # /dev/rsd1c: type: SCSI disk: SCSI disk label: CT480BX500SSD1 duid: 33c950831897af57 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 58369 total sectors: 937703088 boundstart: 64 boundend: 937697985 drivedata: 0 16 partitions: # size offset fstype [fsize bsize cpg] a: 937697921 64 RAID c: 937703088 0 unused # /dev/rsd6c: type: SCSI disk: SCSI disk label: SR RAID 1 duid: 1266e4d9a58f149d flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 58368 total sectors: 937697393 boundstart: 64 boundend: 937681920 drivedata: 0 16 partitions: # size offset fstype [fsize bsize cpg] a: 2104448 64 4.2BSD 2048 16384 12960 # / b: 33768633 2104512 swap # none c: 937697393 0 unused d: 2104480 35873152 4.2BSD 2048 16384 12960 e: 8402016 37977632 4.2BSD 2048 16384 12960 # /tmp f: 62926592 46379648 4.2BSD 2048 16384 12960 # /usr g: 62926624 109306240 4.2BSD 2048 16384 12960 # /var h: 765449024 172232896 4.2BSD 4096 32768 26062 # /home bioctl: Volume Status Size Device softraid0 1 Online 1000170315776 sd7 RAID1 0 Online 1000170315776 1:0.0 noencl 1 Online 1000170315776 1:1.0 noencl dd: 23679552+0 records in 679551+0 records out 123930112 bytes transferred in 177.691 secs (68230103 bytes/sec) corresponding iostat: sd0 sd1 sd6 KB/t t/s MB/s KB/t t/s MB/s KB/t t/s MB/s 30.06 31 0.92 3023679552+0 records in 679551+0 records out 123930112 bytes transferred in 177.691 secs (68230103 bytes/sec) .12 31 0.92 29.81 32 0.95 14.47 17 0.24 14.47 17 0.24 14.47 17 0.24 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 2.00 2 0.00 2.00 2 0.00 2.00 2 0.00 16.00 1 0.02 16.00 1 0.02 16.00 1 0.02 16.00 1 0.02 16.00 1 0.02 16.00 1 0.02 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 0.00 0 0.00 32.00 250 7.80 32.00 250 7.80 32.00 250 7.80 DD START 32.00 5116 159.88 32.00 5116 159.88 32.00 5116 159.88 31.95 4656 145.30 31.95 4655 145.27 31.95 4655 145.27 31.99 4501 140.60 31.99 4502 140.63 31.99 4502 140.63 32.00 4446 138.94 32.00 4446 138.94 32.00 4446 138.94 32.00 4303 134.47 32.00 4302 134.44 32.00 4303 134.47 32.00 4313 134.77 32.00 4313 134.77 32.00 4313 134.77 32.00 4380 136.88 32.00 4380 136.88 32.00 4380 136.88 32.00 4316 134.87 32.00 4316 134.87 32.00 4316 134.87 32.00 4251 132.84 32.00 4252 132.87 32.00 4252 132.87 sd0 sd1 sd6 KB/t t/s MB/s KB/t t/s MB/s KB/t t/s MB/s 32.00 4185 130.79 32.00 4185 130.79 32.00 4185 130.79 32.00 4289 134.02 32.00 4289 134.02 32.00 4289 134.02 32.00 4304 134.50 32.00 4303 134.47 32.00 4304 134.50 32.00 4261 133.17 32.00 4261 133.17 32.00 4261 133.17 31.98 4264 133.19 31.98 4264 133.19 31.98 4264 133.19 31.95 4193 130.85 31.95 4193 130.85 31.95 4193 130.85 31.99 4227 132.06 31.99 4228 132.10 31.99 4228 132.10 32.00 4270 133.44 32.00 4270 133.44 32.00 4270 133.44 31.99 4192 130.96 31.99 4192 130.96 31.99 4192 130.96 32.00 4221 131.91 32.00 4221 131.91 32.00 4221 131.91 32.00 4058 126.81 32.00 4057 126.78 32.00 4058 126.81 31.99 4190 130.91 31.99 4190 130.91 31.99 4190 130.91 31.99 4204 131.32 31.99 4204 131.32 31.99 4204 131.32 32.00
Recovering corrupted encrypted partition
Hello, Recently my 6.6-stable machine lost power while on, which aparently corrupted a softraid crypto partition (not a boot partition) that was mounted. Trying to decrypt it with the same bioctl command i usually use fails with the error: softraid0: invalid metadata format I tried bioctl's "-R" and "-C force" options, which fail with the same error. After searching all over the mailing list archives, I couldn't find a solution that didn't destroy data. Some people suggested zeroing the first megabyte and reconfiguring the disklabel, but I'm not sure if that would overwrite my existing data. It seems that recovering the partition itself is not easy/possible at the moment. However, could I manually decrypt the data? I tried running openssl enc -d -aes-256-xts -salt -k at numerous byte offsets from the start of the partition, but so far it has been failing with the error "bad magic number". Any other ideas?
Thinkpad X1 Carbon, losing trackpoint after sleep
Hello, I am following -current. I noticed that I am losing the trackpoint on my thinkpad X1 Carbon (2014) after sleep. I don't recall that behavior on 6.4. There is a fishy error in my Xorg that happens after resuming: [ 70963.916] (EE) ws: /dev/wsmouse: GCALIBCOORS failed Inappropriate ioctl for device Please find in attachment my dmesg and my Xorg.log. Thanks, dmesg Description: Binary data [19.873] (--) checkDevMem: using aperture driver /dev/xf86 [19.889] (--) Using wscons driver on /dev/ttyC4 [19.916] X.Org X Server 1.19.7 Release Date: 2019-03-02 [19.916] X Protocol Version 11, Revision 0 [19.916] Build Operating System: OpenBSD 6.5 amd64 [19.916] Current Operating System: OpenBSD puffy 6.5 GENERIC.MP#20 amd64 [19.916] Build Date: 22 April 2019 05:07:44PM [19.916] [19.916] Current version of pixman: 0.36.0 [19.916]Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. [19.916] Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. [19.916] (==) Log file: "/var/log/Xorg.0.log", Time: Tue Apr 23 12:08:42 2019 [19.917] (==) Using config directory: "/etc/X11/xorg.conf.d" [19.917] (==) Using system config directory "/usr/X11R6/share/X11/xorg.conf.d" [19.919] (==) No Layout section. Using the first Screen section. [19.920] (==) No screen section available. Using defaults. [19.920] (**) |-->Screen "Default Screen Section" (0) [19.920] (**) | |-->Monitor "" [19.920] (==) No monitor specified for screen "Default Screen Section". Using a default monitor configuration. [19.921] (==) Automatically adding devices [19.921] (==) Automatically enabling devices [19.921] (==) Not automatically adding GPU devices [19.921] (==) Max clients allowed: 256, resource mask: 0x1f [19.921] (==) FontPath set to: /usr/X11R6/lib/X11/fonts/misc/, /usr/X11R6/lib/X11/fonts/TTF/, /usr/X11R6/lib/X11/fonts/OTF/, /usr/X11R6/lib/X11/fonts/Type1/, /usr/X11R6/lib/X11/fonts/100dpi/, /usr/X11R6/lib/X11/fonts/75dpi/ [19.921] (==) ModulePath set to "/usr/X11R6/lib/modules" [19.921] (II) The server relies on wscons to provide the list of input devices. If no devices become available, reconfigure wscons or disable AutoAddDevices. [19.921] (II) Loader magic: 0x2cef3066000 [19.921] (II) Module ABI versions: [19.921]X.Org ANSI C Emulation: 0.4 [19.921]X.Org Video Driver: 23.0 [19.921]X.Org XInput driver : 24.1 [19.921]X.Org Server Extension : 10.0 [19.922] (--) PCI:*(0:0:2:0) 8086:1616:17aa:2227 rev 9, Mem @ 0xe000/16777216, 0xc000/536870912, I/O @ 0x3000/64 [19.922] (II) LoadModule: "glx" [19.923] (II) Loading /usr/X11R6/lib/modules/extensions/libglx.so [19.935] (II) Module glx: vendor="X.Org Foundation" [19.935]compiled for 1.19.7, module version = 1.0.0 [19.935]ABI class: X.Org Server Extension, version 10.0 [19.935] (==) Matched modesetting as autoconfigured driver 0 [19.935] (==) Assigned the driver to the xf86ConfigLayout [19.935] (II) LoadModule: "modesetting" [19.935] (II) Loading /usr/X11R6/lib/modules/drivers/modesetting_drv.so [19.936] (II) Module modesetting: vendor="X.Org Foundation" [19.936]compiled for 1.19.7, module version = 1.19.7 [19.936]Module class: X.Org Video Driver [19.936]ABI class: X.Org Video Driver, version 23.0 [19.936] (II) modesetting: Driver for Modesetting Kernel Drivers: kms [19.944] (**) modeset(0): claimed PCI slot 0@0:2:0 [19.944] (II) modeset(0): using default device [19.944] (WW) VGA arbiter: cannot open kernel arbiter, no multi-card support [19.961] (II) modeset(0): Creating default Display subsection in Screen section "Default Screen Section" for depth/fbbpp 24/32 [19.961] (==) modeset(0): Depth 24, (==) framebuffer bpp 32 [19.961] (==) modeset(0): RGB weight 888 [19.961] (==) modeset(0): Default visual is TrueColor [19.961] (II) Loading sub module "glamoregl" [19.961] (II) LoadModule: "glamoregl" [19.963] (II) Loading /usr/X11R6/lib/modules/libglamoregl.so [19.976] (II) Module glamoregl: vendor="X.Org Foundation" [19.976]compiled for 1.19.7, module version = 1.0.0 [19.976]ABI class: X.Org ANSI C Emulation, version 0.4 [19.976] (II) glamor: OpenGL accelerated X.org driver based. [20.011] (II) glamor: EGL version 1.4: [20.025] (II) modeset(0): glamor initialized [20.026] (II) modeset(0): Output eDP-1 has no monitor section [20.026] (II) modeset(0): Output DP-1 has no monitor section [20.028] (II) modeset(0): Output HDMI-1 has no monitor section [20.029] (II) modeset(0): Output DP-2 has no monitor
Re: wsmouse mapping button clicks
On Mon, 2018-05-14 at 20:09 -0400, Patrick Marchand wrote: > On 05/14, Ulf Brosziewski wrote: > > Hi Patrick, > > > > thanks for the infos. I'm afraid you're out of luck, it seems > > that this device would need vendor-/model-specific extensions > > in our HID-mouse driver. It only announces two "regular" buttons, > > so our driver won't look for more (what xinput shows as buttons 4 > > and 5 are mappings from "Z axis" values). No kind of button > > mapping will help. If it's a workaround for you, you might enable > > middle-button emulation in X. > > > > I was afraid of that. Well guess I'll have to return it then. > > Has anybody tried a Contour Unicomp mouse? I'm guessing it should > work fine and will probably be ideal for use with acme. > > Thanks for the help Ulf. > FWIW I seem to be in the same situation with my Razer Mamba.
Re: Remote kernel debugging with kgdb and vmm
On Sun, 2018-05-13 at 22:22 +0300, IL Ka wrote: > AFAIK kgdb (remote debug) is not supported: > http://openbsd-archive.7691.n7.nabble.com/on-line-kernel-debugging-tt > 335833.html#a341551 > > You can debug running kernel but functionality is limited. Thanks. Looks like using QEmu gdbserver[1] us my best option then. [1] https://bit.ly/2KYiTA4
Remote kernel debugging with kgdb and vmm
Hello, I'd like to dive into the bridge driver and I am trying to setup a kernel debugging environment. I chose to use VMM to do that but I don't seem to find a way to connect my local gdb to the VMM console. I guess I would need another serial device for KGDB, but I have not found how to do that in the man. Is anyone using VMM for this? Or plain old QEMU? Thanks, Xavier
Re: tap+bridge: arp reply not forwarded
On Sun, 2018-05-06 at 17:51 -0400, Xavier Guerin wrote:
> On Sun, 2018-05-06 at 09:34 -0400, Xavier Guerin wrote:
> > On Sat, 2018-05-05 at 21:07 -0700, Carlos Cardenas wrote:
> > > On Sat, May 05, 2018 at 11:37:07PM -0400, Xavier Guerin wrote:
> > > > Hello list,
> > > >
> > > > Working with a user-space TCP-IP, I tried to setup a local
> > > > bridge
> > > > between two taps, each tap being driver by a user-space client
> > > > and
> > > > server.
> > > >
> > > > user-space <-> TAP0 <-> BRIDGE0 <-> TAP1 <-> user-space
> > > >
> > > > I am interestingly stuck at the ARP discovery phase. When the
> > > > client
> > > > send its ARP request, the server receives it and replies.
> > > > However,
> > > > the
> > > > client never gets the reply back.
> > > >
> > > > Some research indicated that since the client is getting an
> > > > echoed
> > > > version of its request, the bridge learns its address
> > > > preventing
> > > > the reply from being forwared.
> > > >
> > > > Would my understanding be correct? If so, is there any way to
> > > > correct
> > > > this behavior?
> > > >
> > > > Thanks,
> > > > xavier
> > > >
> > >
> > > What version are you running?
> > >
> > > I ask because of the following:
> > > https://www.openbsd.org/errata63.html
> > > https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/003_arp.pa
> > > tc
> > > h.
> > > sig
> > >
> > > +--+
> > > Carlos
> > >
> >
> > I am running 6.3 but was missing that patch (hadn't syspatch'd in a
> > long time). I just applied the patch and tried again, but no cigar.
> >
> > Here is exactly what is happening:
> >
> > 1. On TAP0, the server waits for any request on 10.1.0.1 (user-
> > space
> > stack address)
> > 2. On TAP1, the client tries to connect to 10.1.0.1 from 10.1.0.2
> > (also
> > user-space address)
> > 3. The ARP table of the client is empty, so it sends a broadcast
> > ARP
> > request.
> > 4. Both the server AND the client receive that request, the client
> > ignores it
> > 5. The server responds to the client but the client never receives
> > the
> > reply
> >
> > I can see the reply packet leaving TAP0 and passing through
> > BRIDGE0.
> > It
> > just simply never show up on TAP1.
> >
> > /x
> >
>
> Looking at the source code for the bridge and doing some debugging in
> VMM, it looks like the reply gets dropped at that point:
>
> sys/net/if_bridge.c:1182
>
> if (bridge_ourether(ifl, eh->ether_shost)) {
> m_freem(m);
> return;
> }
>
> In my case, ifl is the sending address and, of course, the source
> ethernet is ours.
>
> Doing some barbaric massaging of the inner FOREACH got me to the
> point
> where my ARP reply was received by my stack. I also was able to get a
> S/SA/A sequence but eventually the stack failed after its first P.
>
> I'll investigate the TCP misbehaving using static ARP routes as Edgar
> suggested.
>
> /x
>
I'm running out of luck apparently... Now that ARP is out of the way,
the user-space client sends an S frame to the user-space server through
tap2. The server uses tap1, which sees the frame (per tcpdump).
However, the read() function on tap1 never returns any data.
Re: tap+bridge: arp reply not forwarded
On Sun, 2018-05-06 at 09:34 -0400, Xavier Guerin wrote:
> On Sat, 2018-05-05 at 21:07 -0700, Carlos Cardenas wrote:
> > On Sat, May 05, 2018 at 11:37:07PM -0400, Xavier Guerin wrote:
> > > Hello list,
> > >
> > > Working with a user-space TCP-IP, I tried to setup a local bridge
> > > between two taps, each tap being driver by a user-space client
> > > and
> > > server.
> > >
> > > user-space <-> TAP0 <-> BRIDGE0 <-> TAP1 <-> user-space
> > >
> > > I am interestingly stuck at the ARP discovery phase. When the
> > > client
> > > send its ARP request, the server receives it and replies.
> > > However,
> > > the
> > > client never gets the reply back.
> > >
> > > Some research indicated that since the client is getting an
> > > echoed
> > > version of its request, the bridge learns its address preventing
> > > the reply from being forwared.
> > >
> > > Would my understanding be correct? If so, is there any way to
> > > correct
> > > this behavior?
> > >
> > > Thanks,
> > > xavier
> > >
> >
> > What version are you running?
> >
> > I ask because of the following:
> > https://www.openbsd.org/errata63.html
> > https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/003_arp.patc
> > h.
> > sig
> >
> > +--+
> > Carlos
> >
>
> I am running 6.3 but was missing that patch (hadn't syspatch'd in a
> long time). I just applied the patch and tried again, but no cigar.
>
> Here is exactly what is happening:
>
> 1. On TAP0, the server waits for any request on 10.1.0.1 (user-space
> stack address)
> 2. On TAP1, the client tries to connect to 10.1.0.1 from 10.1.0.2
> (also
> user-space address)
> 3. The ARP table of the client is empty, so it sends a broadcast ARP
> request.
> 4. Both the server AND the client receive that request, the client
> ignores it
> 5. The server responds to the client but the client never receives
> the
> reply
>
> I can see the reply packet leaving TAP0 and passing through BRIDGE0.
> It
> just simply never show up on TAP1.
>
> /x
>
Looking at the source code for the bridge and doing some debugging in
VMM, it looks like the reply gets dropped at that point:
sys/net/if_bridge.c:1182
if (bridge_ourether(ifl, eh->ether_shost)) {
m_freem(m);
return;
}
In my case, ifl is the sending address and, of course, the source
ethernet is ours.
Doing some barbaric massaging of the inner FOREACH got me to the point
where my ARP reply was received by my stack. I also was able to get a
S/SA/A sequence but eventually the stack failed after its first P.
I'll investigate the TCP misbehaving using static ARP routes as Edgar
suggested.
/x
Re: tap+bridge: arp reply not forwarded
On Sun, 2018-05-06 at 09:34 -0400, Xavier Guerin wrote:
> On Sat, 2018-05-05 at 21:07 -0700, Carlos Cardenas wrote:
> > On Sat, May 05, 2018 at 11:37:07PM -0400, Xavier Guerin wrote:
> > > Hello list,
> > >
> > > Working with a user-space TCP-IP, I tried to setup a local bridge
> > > between two taps, each tap being driver by a user-space client
> > > and
> > > server.
> > >
> > > user-space <-> TAP0 <-> BRIDGE0 <-> TAP1 <-> user-space
> > >
> > > I am interestingly stuck at the ARP discovery phase. When the
> > > client
> > > send its ARP request, the server receives it and replies.
> > > However,
> > > the
> > > client never gets the reply back.
> > >
> > > Some research indicated that since the client is getting an
> > > echoed
> > > version of its request, the bridge learns its address preventing
> > > the reply from being forwared.
> > >
> > > Would my understanding be correct? If so, is there any way to
> > > correct
> > > this behavior?
> > >
> > > Thanks,
> > > xavier
> > >
> >
> > What version are you running?
> >
> > I ask because of the following:
> > https://www.openbsd.org/errata63.html
> > https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/003_arp.patc
> > h.
> > sig
> >
> > +--+
> > Carlos
> >
>
> I am running 6.3 but was missing that patch (hadn't syspatch'd in a
> long time). I just applied the patch and tried again, but no cigar.
>
> Here is exactly what is happening:
>
> 1. On TAP0, the server waits for any request on 10.1.0.1 (user-space
> stack address)
> 2. On TAP1, the client tries to connect to 10.1.0.1 from 10.1.0.2
> (also
> user-space address)
> 3. The ARP table of the client is empty, so it sends a broadcast ARP
> request.
> 4. Both the server AND the client receive that request, the client
> ignores it
> 5. The server responds to the client but the client never receives
> the
> reply
>
> I can see the reply packet leaving TAP0 and passing through BRIDGE0.
> It
> just simply never show up on TAP1.
>
> /x
>
Looking at the source code for the bridge and doing some debugging in
VMM, it looks like the reply gets dropped at that point:
sys/net/if_bridge.c:1182
if (bridge_ourether(ifl, eh->ether_shost)) {
m_freem(m);
return;
}
In my case, ifl is the sending address and, of course, the source
ethernet is ours.
Doing some barbaric massaging of the inner FOREACH got me to the point
where my ARP reply was received by my stack. I also was able to get a
S/SA/A sequence but eventually the stack failed after its first P.
I'll investigate the TCP misbehaving using static ARP routes as Edgar
suggested.
/x
Re: tap+bridge: arp reply not forwarded
On Sat, 2018-05-05 at 21:07 -0700, Carlos Cardenas wrote: > On Sat, May 05, 2018 at 11:37:07PM -0400, Xavier Guerin wrote: > > Hello list, > > > > Working with a user-space TCP-IP, I tried to setup a local bridge > > between two taps, each tap being driver by a user-space client and > > server. > > > > user-space <-> TAP0 <-> BRIDGE0 <-> TAP1 <-> user-space > > > > I am interestingly stuck at the ARP discovery phase. When the > > client > > send its ARP request, the server receives it and replies. However, > > the > > client never gets the reply back. > > > > Some research indicated that since the client is getting an echoed > > version of its request, the bridge learns its address preventing > > the reply from being forwared. > > > > Would my understanding be correct? If so, is there any way to > > correct > > this behavior? > > > > Thanks, > > xavier > > > > What version are you running? > > I ask because of the following: > https://www.openbsd.org/errata63.html > https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/003_arp.patch. > sig > > +--+ > Carlos > I am running 6.3 but was missing that patch (hadn't syspatch'd in a long time). I just applied the patch and tried again, but no cigar. Here is exactly what is happening: 1. On TAP0, the server waits for any request on 10.1.0.1 (user-space stack address) 2. On TAP1, the client tries to connect to 10.1.0.1 from 10.1.0.2 (also user-space address) 3. The ARP table of the client is empty, so it sends a broadcast ARP request. 4. Both the server AND the client receive that request, the client ignores it 5. The server responds to the client but the client never receives the reply I can see the reply packet leaving TAP0 and passing through BRIDGE0. It just simply never show up on TAP1. /x
tap+bridge: arp reply not forwarded
Hello list, Working with a user-space TCP-IP, I tried to setup a local bridge between two taps, each tap being driver by a user-space client and server. user-space <-> TAP0 <-> BRIDGE0 <-> TAP1 <-> user-space I am interestingly stuck at the ARP discovery phase. When the client send its ARP request, the server receives it and replies. However, the client never gets the reply back. Some research indicated that since the client is getting an echoed version of its request, the bridge learns its address preventing the reply from being forwared. Would my understanding be correct? If so, is there any way to correct this behavior? Thanks, xavier
User-space TCP/IP testing with tap, bridge and PF
Hello list, I am developing a userspace TCP/IP stack. Most of the time on my servers I use special NICs and API to bypass the kernel. When on the go I'd like to do the same on my OpenBSD dev laptop. I chose to use tap + bridge and some PF-fu to try to make it work, but after several fruitless hours i am stumped. Here is my setup: userspace <-> tap0 <-> bridge0 <-> iwm0 TAP0 is left unconfigured (except for link0). No route is present for my userspace stack. I added the following in pf.conf to get out to the Internet: > pass out on $lan_if proto tcp from 10.1.0.1 to any nat-to ($lan_if:0) 10.1.0.1 being my userspace stack's IP. I've gone as far as having one of my packet sent to its destination address and come back to iwm0. Then, OpenBSD does the reverse translation and schlepts the packet back on the bridge. However, because of the lack of route to my userspace stack, openbsd uses the defaut route's MAC, which is not the one for my tap0 device and therefore the packet never reaches its destination through bridge0. I tried to add a static route for the userspace stack's IP but I don't seem to be able to do that (route fails between "address unreachable" and "invalid argument" when specifying either the device of the link address). Is my approach correct? If so, how get I get openbsd to use the proper MAC address on the return path? Thanks! xavier
Re: no image on external monitor via HDMI output in X
On Thu, Jun 09, 2016 at 08:57:00PM +0300, Mihai Popescu wrote: Hi Mihai , > > More ideas ? > > dmesg output here > > http://sprunge.us/gASi Thanks, see you.
Re: no image on external monitor via HDMI output in X
On Thu, Jun 09, 2016 at 04:59:39PM +0200, Francois Pussault wrote: Hi Francois , > Hello > > Did you try to enable from xrandr command the hdmi port ? > at least xrandr --output HDMI1 --auto ? Yes, with no results, any command output: # xrandr --output HDMI1 --auto # xrandr --output HDMI2 --auto # More ideas ? Thanks, see you. > > I've had something more or less similar with an dvi port. mode auto solved the > issue. > > > ---- > > From: Xavier OB <xavieropenbsdquesti...@gmail.com> > > Sent: Thu Jun 09 16:49:06 CEST 2016 > > To: <misc@openbsd.org> > > Subject: no image on external monitor via HDMI output in X > > > > > > Hi , > > > > > > I install a fresh new OpenBSD 5.9 on this machine http://sprunge.us/gRJU . > > > > When X start, I get this log: http://sprunge.us/ZaUM > > > > I fix the "(WW) checkDevMem: failed" problem setting > > machdep.allowaperture=1 in /etc/sysctl.conf with same problem, no > > image on external monitor via HDMI output. > > > > The xrandr log is http://sprunge.us/VQGV . > > > > Hmmm, any idea ? Thanks. > > > > > > See you. > > > > > Cordialement > Francois Pussault > 10 chemin de négo saoumos > apt 202 - bat 2 > 31300 Toulouse > +33 6 17 230 820 +33 5 34 365 269 > fpussa...@contactoffice.fr
no image on external monitor via HDMI output in X
Hi , I install a fresh new OpenBSD 5.9 on this machine http://sprunge.us/gRJU . When X start, I get this log: http://sprunge.us/ZaUM I fix the "(WW) checkDevMem: failed" problem setting machdep.allowaperture=1 in /etc/sysctl.conf with same problem, no image on external monitor via HDMI output. The xrandr log is http://sprunge.us/VQGV . Hmmm, any idea ? Thanks. See you.
Opaque option in ospfctl show database
Hi all, With ospfctl, there is an opaque option listed in show database: $ doas ospfctl show database none unknown argument: none valid commands/args: area asbr external network router self-originated summary opaque # < Here However, there no mention in the man page http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-5.8/man8/ospfctl.8?query=ospfctl=8=OpenBSD-5.8 What does it do ? Thank you for your answer. -- Xavier Claude cont...@xavierclaude.be
Unable to set the server to download the sets with autoinstall
Hello, I'm trying to use autoinstall with OpenBSD 5.5 but the Server line in the configuration file is not read set according to the install.conf and instead is used for the ntp server. Here is my install.conf file: System hostname = testbsd Password for root = $2a$06$8APgDGjoEAAq85b3S.QZzer...dmiwcummDpa Start sshd(8) by default = yes Start ntpd(8) by default = yes Do you expect to run the X Window System = no Change the default console to com0 = no Which speed should com0 use = 19200 Setup a user = conostix Password for user = $2a$06$6IqO/zjUnFgrsI76g2/be.../YWDIA3T/mGdO What timezone are you in = Europe/Luxembourg Location of sets = http Server = 192.168.42.1 Server directory = plop And in the ai.log file, I have: NTP server? (hostname or 'default') [default] 192.168.42.1 And at the end of the log: Let's install the sets! HTTP/FTP proxy URL? (e.g. 'http://proxy:8080', or 'none') [none] none (Was not able to get ftplist from ftp.openbsd.org, but that is OK) Server? (hostname or 'done') Question has no answer in response file. The install.conf retrieved by the installer is the same as the one on the web server (checked with the installer shell). Thank you for your help. -- Xavier Claude cont...@xavierclaude.be
Re: Unable to set the server to download the sets with autoinstall
Le 2014-05-08 13:03, Kenneth Westerback a écrit : On 8 May 2014 05:33, Xavier Claude cont...@xavierclaude.be wrote: Hello, I'm trying to use autoinstall with OpenBSD 5.5 but the Server line in the configuration file is not read set according to the install.conf and instead is used for the ntp server. Here is my install.conf file: System hostname = testbsd Password for root = $2a$06$8APgDGjoEAAq85b3S.QZzer...dmiwcummDpa Start sshd(8) by default = yes Start ntpd(8) by default = yes Do you expect to run the X Window System = no Change the default console to com0 = no Which speed should com0 use = 19200 Setup a user = conostix Password for user = $2a$06$6IqO/zjUnFgrsI76g2/be.../YWDIA3T/mGdO What timezone are you in = Europe/Luxembourg Location of sets = http Server = 192.168.42.1 Server directory = plop And in the ai.log file, I have: NTP server? (hostname or 'default') [default] 192.168.42.1 And at the end of the log: Let's install the sets! HTTP/FTP proxy URL? (e.g. 'http://proxy:8080', or 'none') [none] none (Was not able to get ftplist from ftp.openbsd.org, but that is OK) Server? (hostname or 'done') Question has no answer in response file. The install.conf retrieved by the installer is the same as the one on the web server (checked with the installer shell). Thank you for your help. -- Xavier Claude cont...@xavierclaude.be Since the 'NTP Server' question contains 'Server', it will match the install.conf question, and since the NTP question comes first ... I think you will have to put a 'NTP Server = default' line in the install.conf, so it can be consumed before the 'Server' line is called for. Thank you, it worked. Perhaps we should change 'Server?' to 'HTTP Server?' now that ftp is no longer an install method, thus allowing unambiguous selection. Ken -- Xavier Claude cont...@xavierclaude.be
Default interface choice for automatic install
Hello again, I have another issue with autoinstall, the man page says[1] that when the machine is booted via netboot, the interface chosen is the one used for the netboot. It works well for a virtual machine, even with multiple interfaces. But on a physical machine with 2 Broadcom interfaces, and 2 Intel, with the netboot done by the Broadcom interface, the autoinstall doesn't start automatically (I can't test the netboot with the Intel interface, the BIOS doesn't allow it). What can I do to force the automatic install on the netboot interface? Thank you for your answer. [1]:http://www.openbsd.org/cgi-bin/man.cgi?query=autoinstallsektion=8 -- Xavier Claude cont...@xavierclaude.be
Re: Default interface choice for automatic install
Le 2014-05-08 17:03, Kenneth Westerback a écrit : On 8 May 2014 10:11, Xavier Claude cont...@xavierclaude.be wrote: Hello again, I have another issue with autoinstall, the man page says[1] that when the machine is booted via netboot, the interface chosen is the one used for the netboot. It works well for a virtual machine, even with multiple interfaces. But on a physical machine with 2 Broadcom interfaces, and 2 Intel, with the netboot done by the Broadcom interface, the autoinstall doesn't start automatically (I can't test the netboot with the Intel interface, the BIOS doesn't allow it). What can I do to force the automatic install on the netboot interface? Thank you for your answer. [1]:http://www.openbsd.org/cgi-bin/man.cgi?query=autoinstallsektion=8 -- Xavier Claude cont...@xavierclaude.be More information would be nice. Like a dmesg, and any actual messages you see before/during the install attempt. The dmesg is join, you can see on the last lines (138) that it doesn't recognize the PXE interface. A capture to a serial port acting as the console would be perfect. I don't have serial access to the machine today, I can have it tomorrow if you need more informations. Which Broadcom interface is doing the netbooting? What architecture are you using? Stuff like that. The Broadcom interface used for netboot is named bnx1. The architecture is i386. The physical machine is a Dell Poweredge 1950. I don't see any other useful information but tell me if you need more. -- Xavier Claude cont...@xavierclaude.be OpenBSD 5.5-stable (RAMDISK_CD) #0: Tue May 6 14:29:13 CEST 2014 r...@openbsd55.office.conostix.com:/usr/src/sys/arch/i386/compile/RAMDISK_CD cpu0: Intel(R) Xeon(R) CPU E5450 @ 3.00GHz (GenuineIntel 686-class) 3 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,LONG,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,SSE4.1,LAHF,PERF real mem = 3484286976 (3322MB) avail mem = 3420123136 (3261MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 10/30/10, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.5 @ 0xcfb9c000 (67 entries) bios0: vendor Dell Inc. version 2.7.0 date 10/30/2010 bios0: Dell Inc. PowerEdge 1950 acpi0 at bios0: rev 2 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP APIC SPCR HPET MCFG WD__ SLIC ERST HEST BERT EINJ TCPA acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 332MHz cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 4 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 4 (PEX2) acpiprt2 at acpi0: bus 5 (UPST) acpiprt3 at acpi0: bus 6 (DWN1) acpiprt4 at acpi0: bus 8 (DWN2) acpiprt5 at acpi0: bus 1 (PEX3) acpiprt6 at acpi0: bus -1 (PE2P) acpiprt7 at acpi0: bus 10 (PEX4) acpiprt8 at acpi0: bus 12 (PEX6) acpiprt9 at acpi0: bus 2 (SBEX) acpiprt10 at acpi0: bus 14 (COMP) bios0: ROM list: 0xc/0x9000! 0xc9000/0x1000 0xca000/0x1e00 0xcc000/0x6200 0xd2800/0x1000! 0xec000/0x4000! pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 5000X Host rev 0x12 ppb0 at pci0 dev 2 function 0 Intel 5000 PCIE rev 0x12 pci1 at ppb0 bus 4 ppb1 at pci1 dev 0 function 0 Intel 6321ESB PCIE rev 0x01 pci2 at ppb1 bus 5 ppb2 at pci2 dev 0 function 0 Intel 6321ESB PCIE rev 0x01 pci3 at ppb2 bus 6 ppb3 at pci3 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc3 pci4 at ppb3 bus 7 bnx0 at pci4 dev 0 function 0 Broadcom BCM5708 rev 0x12: apic 4 int 16 ppb4 at pci2 dev 1 function 0 Intel 6321ESB PCIE rev 0x01 pci5 at ppb4 bus 8 ppb5 at pci1 dev 0 function 3 Intel 6321ESB PCIE-PCIX rev 0x01 pci6 at ppb5 bus 9 ppb6 at pci0 dev 3 function 0 Intel 5000 PCIE rev 0x12 pci7 at ppb6 bus 1 mfi0 at pci7 dev 0 function 0 Symbios Logic SAS1078 rev 0x04: apic 4 int 16 mfi0: PERC 6/i Integrated, firmware 6.1.1-0047, 256MB cache scsibus0 at mfi0: 64 targets sd0 at scsibus0 targ 0 lun 0: DELL, PERC 6/i, 1.21 SCSI3 0/direct fixed naa.60022190a150e0001af3af9d03ad4998 sd0: 476416MB, 512 bytes/sector, 975699968 sectors ppb7 at pci0 dev 4 function 0 Intel 5000 PCIE x8 rev 0x12: apic 4 int 16 pci8 at ppb7 bus 10 em0 at pci8 dev 0 function 0 Intel 82571EB rev 0x06: apic 4 int 16, address 00:15:17:97:e6:6e em1 at pci8 dev 0 function 1 Intel 82571EB rev 0x06: apic 4 int 17, address 00:15:17:97:e6:6f ppb8 at pci0 dev 5 function 0 Intel 5000 PCIE rev 0x12 pci9 at ppb8 bus 11 ppb9 at pci0 dev 6 function 0 Intel 5000 PCIE x8 rev 0x12: apic 4 int 16 pci10 at ppb9 bus 12 ppb10 at pci0 dev 7 function 0 Intel 5000 PCIE rev 0x12 pci11 at ppb10 bus 13 pchb1 at pci0 dev 16 function 0 Intel 5000 Error Reporting rev 0x12 pchb2 at pci0 dev 16 function 1 Intel 5000 Error Reporting rev 0x12 pchb3 at pci0 dev 16 function 2 Intel 5000 Error
Installing Openbsd 5.2 as KVM guest
Hi everyone, I'm trying to install OpenBSD 5.2 as KVM guest but I can't get passed the installation process because the disk and the network are not being detected correctly. When configuring the network I'm only presented one network interface called 'vlan0', if I select it then I get asked which tag the vlan interface will be on, the default is ':1', whatever I choose (default or not) I get the message Invalid interface choice: ' ' If I write 'done' leaving the network config for later and answer the coming questions when I get to the point where I should configure the disks partitions, there is no disk available. The xml file for virsh look like this: disk type='block' device='disk' driver name='qemu' type='raw'/ source dev='/dev/vgntap02_more/identifiers'/ target dev='vda' bus='virtio'/ alias name='virtio0'/ address type='pci' domain='0x' bus='0x00' slot='0x04' function='0x0'/ /disk interface type='bridge' mac address='00:50:5x:x5:xx:xx'/ source bridge='brxxx'/ target dev='vnet60'/ model type='virtio'/ address type='pci' domain='0x' bus='0x00' slot='0x03' function='0x0'/ /interface This is a managed system so I have no control over the devices used for the machine, what I do know is that the harddrive is a SAN volume thus the /dev/vgntap02... device. The hypervisors run on Redhat 5.5 Is it possible at all to install OpenBSD in such a machine? Thank you! Xavier
Re: PHP 5.3 on 4.9 (stable)
The download file /usr/ports/distfiles/php-5.3.5.tar.gz is a html text file. You can directly download a good one : # cd /usr/ports/distfiles # ftp http://museum.php.net/php5/php-5.3.5.tar.gz You can look for good url in the bad php-5.3.5.tar.gz file. This works for me. Xavier. -Message d'origine- De : owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] De la part de vovka Envoyi : mardi 26 juillet 2011 03:26 @ : Devin Ceartas Cc : misc@openbsd.org Objet : Re: PHP 5.3 on 4.9 (stable) On Mon, Jul 25, 2011 at 15:36, Devin Ceartas nacred...@gmail.com wrote: I'm getting this error, which I would have thought would have been cleaned up in the stable ports but doesn't seem to be. Has anyone else seen this or know if this a simple error of not updating a check file somwhere: Size does not match for /usr/ports/distfiles/php-5.3.5.tar.gz snip Your system is not in sync. See FAQ 15.4.1: http://www.openbsd.org/faq/faq15.html#NoFun I'm getting all kinds of crazy errors. I just can't seem to get this ports stuff working at all. It is very likely that you are using a system and ports tree which are not in sync.
symfony2 and php 5.3 with OpenBSD 4.9 stable
The symphony team has released the so long waited version for this php framework. For the technical parts this new version needs php 5.3.2 as it use php namespaces. After having installed straight the version 5.3.5 for php (make install from ports) and added APC-3.1.7 I have run the simple symphony check. Everthing looks fine except one optional check : # php-5.3 app/check.php * * * Symfony requirements check * * * php.ini used by PHP: /var/www/conf/php.ini ** WARNING ** * The PHP CLI can use a different php.ini file * than the one used with your web server. * If this is the case, please ALSO launch this * utility from your web server. ** WARNING ** ** Mandatory requirements ** OKChecking that PHP version is at least 5.3.2 (5.3.5 installed) OKChecking that the date.timezone setting is set OKChecking that app/cache/ directory is writable OKChecking that the app/logs/ directory is writable OKChecking that the json_encode() is available OKChecking that the SQLite3 or PDO_SQLite extension is available OKChecking that the session_start() is available OKChecking that the ctype_alpha() is available ** Optional checks ** OKChecking that the PHP-XML module is installed OKChecking that the libxml version is at least 2.6.21 OKChecking that the token_get_all() function is available OKChecking that the mb_strlen() function is available OKChecking that the iconv() function is available OKChecking that the utf8_decode() is available OKChecking that the posix_isatty() is available [[WARNING]] Checking that the intl extension is available: FAILED *** Install and enable the intl extension (used for validators) *** OKChecking that a PHP accelerator is installed OKChecking that the APC version is at least 3.0.17 OKChecking that php.ini has short_open_tag set to off OKChecking that php.ini has magic_quotes_gpc set to off OKChecking that php.ini has register_globals set to off OKChecking that php.ini has session.auto_start set to off The optional test regarding intl extension failed. The php 5.3 version doesn't provide php5-intl This is not mandatory. Despite symphony2 works on OpenBSD 4.9 It's a good news. Good framework on a good operating system ! I hope this will help. Regards.
Donnation to OpenBSD
Hi there, I have a Sun Ultra 60 that I wish to give to OpenBSD Team. The machine is based in Paris, have 2 creator 3D cards (I think), no keyboard. I can have a check if someone that is interressed to get it for OpenBSD. I have also a couple of Netapp Filer Head (Alpha based systems) Please contact me in private. Regards, Xavier
neighbor received notification: error in OPEN message, unknown subcode 8
Hello,
I have some neighbor that is flapping since long day (looking at logs since I
have some issues about 4.8 openbsd, that seems to be fixed).
Dec 1 16:49:05 core-3 bgpd[27061]: neighbor 194.68.129.153: received
notification: error in OPEN message, unknown subcode 8
Any idea what it is ... And how to fix that ?
group Sfinx {
local-address 194.68.129.xxx
announceall
announceIPv4unicast
announceIPv6none
softreconfigin yes
softreconfigout yes
set med 50
set localpref 5500
depend on vlan2
enforce neighbor-as yes
...
neighbor 194.68.129.153 {
remote-as 21409
max-prefix 50 restart 60
set community delete 21409:*
}
}
Thanks
/Xavier
Re: OpenBGPD fatal in RDE : cannot allocate memory
Hello, Le 30 nov. 2010 ` 11:03, Stuart Henderson a icrit : On 2010-11-30, Xavier Beaudouin k...@oav.net wrote: Hello, I have updated a openbgpd router from OpenBSD 4.7 i386 to 4.8 amd64. Now I have new instability like this : Nov 29 21:25:22 core-3 bgpd[28895]: fatal in RDE: path_alloc: Cannot allocate memory Nov 30 02:01:47 core-3 bgpd[5522]: fatal in RDE: up_generate: Cannot allocate memory Is this box acting as a route-reflector? No route reflector at all. It is a peering box with 3 IX, on transit and 3 ibgp session (count 6, because I use IPv6). Configuration of this box on demand . Xavier
Re: OpenBGPD fatal in RDE : cannot allocate memory
Hi Claudio,
Maybe it is time to change the default datalimit in the RDE. So maybe
something like this may help.
bgpd needs quite a bit more (temporary) memory when running with
softreconfig. A lot of additional memory is needed on reloads and when
large sessions flap that cause a lot of UPDATE messages.
Side note: bgpd on amd64 needs quite a bit more memory then i386 because
of the 64bit pointers.
Yeah... That's why I have 2G on this machine I hope this should be enougth
... 1G on i386 was ok... So...
I will tell you if this fix my problem... (if you don't hear me... so it can
be fixed...) ping me if you need a clear status.
Cheers.
Xavier
--
:wq Claudio
Index: rde.c
===
RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
retrieving revision 1.302
diff -u -p -r1.302 rde.c
--- rde.c 24 Nov 2010 00:58:10 - 1.302
+++ rde.c 30 Nov 2010 10:12:56 -
@@ -18,6 +18,8 @@
#include sys/types.h
#include sys/socket.h
+#include sys/time.h
+#include sys/resource.h
#include errno.h
#include ifaddrs.h
@@ -156,6 +158,7 @@ pid_t
rde_main(int pipe_m2r[2], int pipe_s2r[2], int pipe_m2s[2], int
pipe_s2rctl[2],
int debug)
{
+ struct rlimitrl;
pid_tpid;
struct passwd *pw;
struct pollfd *pfd = NULL;
@@ -184,6 +187,13 @@ rde_main(int pipe_m2r[2], int pipe_s2r[2
setproctitle(route decision engine);
bgpd_process = PROC_RDE;
+
+ if (getrlimit(RLIMIT_DATA, rl) == -1)
+ fatal(getrlimit);
+ rl.rlim_cur = RLIM_INFINITY;
+ rl.rlim_max = RLIM_INFINITY;
+ if (setrlimit(RLIMIT_DATA, rl) == -1)
+ fatal(setrlimit);
if (setgroups(1, pw-pw_gid) ||
setresgid(pw-pw_gid, pw-pw_gid, pw-pw_gid) ||
Re: OpenBGPD fatal in RDE : cannot allocate memory
Hi Claudio, Le 30 nov. 2010 ` 17:45, Xavier Beaudouin a icrit : Hi Claudio, Maybe it is time to change the default datalimit in the RDE. So maybe something like this may help. bgpd needs quite a bit more (temporary) memory when running with softreconfig. A lot of additional memory is needed on reloads and when large sessions flap that cause a lot of UPDATE messages. Side note: bgpd on amd64 needs quite a bit more memory then i386 because of the 64bit pointers. Yeah... That's why I have 2G on this machine I hope this should be enougth ... 1G on i386 was ok... So... I will tell you if this fix my problem... (if you don't hear me... so it can be fixed...) ping me if you need a clear status. This patch, opens another problem, seems that FIB is not updated at all when applied. I reverted to openbgp 4.8 release. :( Xavier
Re: OpenBGPD fatal in RDE : cannot allocate memory
Hi Claudio, Le 30 nov. 2010 ` 19:38, Claudio Jeker a icrit : This patch, opens another problem, seems that FIB is not updated at all when applied. I reverted to openbgp 4.8 release. You sure you have http://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/001_bgpd.patch installed? Since that could be the cause of your problem. Both patch applied... Well I will see if those 2 patches fixes the problem. Sincerly, Xavier
OpenBGPD fatal in RDE : cannot allocate memory
Hello, I have updated a openbgpd router from OpenBSD 4.7 i386 to 4.8 amd64. Now I have new instability like this : Nov 29 21:25:22 core-3 bgpd[28895]: fatal in RDE: path_alloc: Cannot allocate memory Nov 30 02:01:47 core-3 bgpd[5522]: fatal in RDE: up_generate: Cannot allocate memory I have 2Gb on this machine and login.conf like this : default:\ :path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin:\ :umask=022:\ :datasize-max=1512M:\ :datasize-cur=1024M:\ :maxproc-max=2048:\ :maxproc-cur=1024:\ :openfiles-cur=1024:\ :stacksize-cur=4M:\ :localcipher=blowfish,6:\ :ypcipher=old:\ :tc=auth-defaults:\ :tc=auth-ftp-defaults: This currently make me mad, because this router handle more than 130 peers and is still unstable. What is needed to make openbgpd work as it should and shuttup ? (I am going to add a monit... because on production day this is not acceptable). Xavier
IVI support ?
Hello, About IPv6 and IPv4 access, my company want to kill dual stack stuff or limit them to minimum possible if possible and avoid subnetting that loose unfortunatly ips every time. Our idea is to have all our system to be IPv6 only native and when an IPv4 wants to access to an IPv6 service, IVI can do the translation (this is not magic, but the idea is to provide specific IPv6 hosts to be visible outside the IPv6 internet). So I get on IVI : IPv4 - IPv6 mapping : http://www.ivi2.org/ There is draft about that : http://tools.ietf.org/html/draft-xli-behave-ivi-07 Does OpenBSD has somewhat support about this draft ? or can we do that using OpenBSD standard tools (eg pf or relayd ?). I really don't want to us to rely on Linux, so That's why I'm asking question about that... Since OpenBSD is really network toolbox (OpenOSPF/BGP. etc). This can help to get a internet with v6 ready ? Regards, xavier
Re: IVI support ?
Hi Pete, Le 12 oct. 2010 ` 14:40, Pete Vickers a icrit : For v6 clients to access v4 services, see this RFC: http://tools.ietf.org/html/draft-ietf-behave-v6v4-xlate-stateful-12 Implemented on OpenBSD via pf BIND patches: http://ecdysis.viagenie.ca/ I know that... In fact this exactly the opposite thing that IVI does... Access from IPv4 to IPv6 services... An Edge router that allow IPv4 old internet access to IPv6 only services... /Xavier /Pete On 12. okt. 2010, at 13.01, Xavier Beaudouin wrote: Hello, About IPv6 and IPv4 access, my company want to kill dual stack stuff or limit them to minimum possible if possible and avoid subnetting that loose unfortunatly ips every time. Our idea is to have all our system to be IPv6 only native and when an IPv4 wants to access to an IPv6 service, IVI can do the translation (this is not magic, but the idea is to provide specific IPv6 hosts to be visible outside the IPv6 internet). So I get on IVI : IPv4 - IPv6 mapping : http://www.ivi2.org/ There is draft about that : http://tools.ietf.org/html/draft-xli-behave-ivi-07 Does OpenBSD has somewhat support about this draft ? or can we do that using OpenBSD standard tools (eg pf or relayd ?). I really don't want to us to rely on Linux, so That's why I'm asking question about that... Since OpenBSD is really network toolbox (OpenOSPF/BGP. etc). This can help to get a internet with v6 ready ? Regards, xavier Pete Vickers p...@systemnet.no | +47 48 17 91 00 SystemNet AS
ospf6ctl reload - ospf6d disapear
Hi there,
I am using OpenBSD 4.7 (OpenBSD core-3.kazar.net 4.7 GENERIC.MP#449 i386).
I have a simple setup :
router-id 193.43.214.7
fib-update yes
redistribute 2001:67c:ec::5 # lo0
redistribute 2001:67c:ec:fffc::/64 # vlan56
# areas
area 0.0.0.0 {
interface lo0 {
passive
metric 1000
}
interface vlan722 { metric 100 }
}
When I add a redistribute subnet and interface xx { metric 100 }
the ospf6ctl reload... give me a :
Aug 12 12:15:46 core-4 ospf6d[31683]: fatal in rde: interface lost in rde
Aug 12 12:15:46 core-4 ospf6d[1609]: lost child: route decision engine exited
So I have to restart ospf6d manualy...
Maybe there is some issue inside the code ?
Sincerly,
Xavier
Re: Resilient RAID
What is the most recent OpenBSD release that does support and document installing on to RAID? none. it's pointless anyway. use two machines and carp, et voila, resilent against a lot more things than just disk failures. And if you don't want to suffer because of a harddisk failure you can also use flashrd to make the openbsd stuff on a DOM, a Compact Flash or even an USB key. /Xavier
Re: OpenBGP tcp md5 woes...
Hi there, Le 16 mai 2010 ` 14:26, Claudio Jeker a icrit : On Sat, May 15, 2010 at 05:15:21PM +0200, Xavier Beaudouin wrote: Hi Stuart, Le 15 mai 2010 ` 13:47, Stuart Henderson a icrit : On 2010-05-15, Xavier Beaudouin k...@oav.net wrote: Hello, I am running OpenBSD 4.7-current, and it seems I have some problems to negociate tcp md5 bgp session... They doesn't seems at all to wake up, I have connection timeout... or what ever. Please show ipsecctl -sa and netstat -rnfencap # netstat -rnfencap Routing tables (empty) # ipsecctl -sa FLOWS: No flows SAD: tcpmd5 from 194.68.129.120 to 194.68.129.151 spi 0x18ca8716 tcpmd5 from 194.68.129.120 to 194.68.129.150 spi 0x38c985dd tcpmd5 from 194.68.129.114 to 194.68.129.120 spi 0x4f5d8833 tcpmd5 from 194.68.129.103 to 194.68.129.120 spi 0x5351ca6b tcpmd5 from 194.68.129.120 to 194.68.129.115 spi 0x7a989c0e tcpmd5 from 194.68.129.120 to 194.68.129.121 spi 0x8c8c5051 tcpmd5 from 194.68.129.129 to 194.68.129.120 spi 0xaece6b67 tcpmd5 from 194.68.129.121 to 194.68.129.120 spi 0xbb6260f1 tcpmd5 from 194.68.129.115 to 194.68.129.120 spi 0xbc589b6f tcpmd5 from 194.68.129.120 to 194.68.129.129 spi 0xc16133b3 tcpmd5 from 194.68.129.120 to 194.68.129.114 spi 0xc36216e4 tcpmd5 from 194.68.129.120 to 194.68.129.103 spi 0xc39e4d97 tcpmd5 from 194.68.129.150 to 194.68.129.120 spi 0xc8bf11ca tcpmd5 from 194.68.129.120 to 194.68.129.102 spi 0xcc6b7756 tcpmd5 from 194.68.129.102 to 194.68.129.120 spi 0xd9097ad1 tcpmd5 from 194.68.129.197 to 194.68.129.120 spi 0xdb53b930 tcpmd5 from 194.68.129.151 to 194.68.129.120 spi 0xde1e91da tcpmd5 from 194.68.129.120 to 194.68.129.197 spi 0xe630b27a The .120 is my IP :p I have md5 working with a kernel from April 28th and an absolutely -current bgpd, and also with the version from the Apr 28th snapshot, so I don't think there is a general problem with the code you're running. I'm allmost sure there is no problems... I still try to find where is it the problem :( If you have any hints.. I'm be happy to apply them... Did it work before the update with that peer? Most of the time the problem is different passwords or some other misconfiguration. TCP MD5 is an ugly hack that has some nasty ramifications (it breaks some basic behaviour of TCP e.g. RST signaling). Hum, this is strange, in fact all tcp md5 sessions doesn't work at all. I can give you access to this router if you like Claudio... :) Xavier Normaly the best is to turn of md5 and check that the session works. Then enabling md5 or use ttl-security. -- :wq Claudio
OpenBGP tcp md5 woes...
:* } } Extract of /var/log/messages about 194.68.129.102 : May 14 14:35:40 core-3 bgpd[1238]: neighbor 194.68.129.102: socket error: Operation timed out May 14 14:38:55 core-3 bgpd[1238]: neighbor 194.68.129.102: socket error: Operation timed out May 14 14:52:56 core-3 bgpd[31552]: neighbor 194.68.129.102: socket error: Operation timed out May 14 14:56:10 core-3 bgpd[31552]: neighbor 194.68.129.102: socket error: Operation timed out netstat -a says : SYN_SENT But no luck :( /Xavier
Re: OpenBGP tcp md5 woes...
Hi Stuart, Le 15 mai 2010 ` 13:47, Stuart Henderson a icrit : On 2010-05-15, Xavier Beaudouin k...@oav.net wrote: Hello, I am running OpenBSD 4.7-current, and it seems I have some problems to negociate tcp md5 bgp session... They doesn't seems at all to wake up, I have connection timeout... or what ever. Please show ipsecctl -sa and netstat -rnfencap # netstat -rnfencap Routing tables (empty) # ipsecctl -sa FLOWS: No flows SAD: tcpmd5 from 194.68.129.120 to 194.68.129.151 spi 0x18ca8716 tcpmd5 from 194.68.129.120 to 194.68.129.150 spi 0x38c985dd tcpmd5 from 194.68.129.114 to 194.68.129.120 spi 0x4f5d8833 tcpmd5 from 194.68.129.103 to 194.68.129.120 spi 0x5351ca6b tcpmd5 from 194.68.129.120 to 194.68.129.115 spi 0x7a989c0e tcpmd5 from 194.68.129.120 to 194.68.129.121 spi 0x8c8c5051 tcpmd5 from 194.68.129.129 to 194.68.129.120 spi 0xaece6b67 tcpmd5 from 194.68.129.121 to 194.68.129.120 spi 0xbb6260f1 tcpmd5 from 194.68.129.115 to 194.68.129.120 spi 0xbc589b6f tcpmd5 from 194.68.129.120 to 194.68.129.129 spi 0xc16133b3 tcpmd5 from 194.68.129.120 to 194.68.129.114 spi 0xc36216e4 tcpmd5 from 194.68.129.120 to 194.68.129.103 spi 0xc39e4d97 tcpmd5 from 194.68.129.150 to 194.68.129.120 spi 0xc8bf11ca tcpmd5 from 194.68.129.120 to 194.68.129.102 spi 0xcc6b7756 tcpmd5 from 194.68.129.102 to 194.68.129.120 spi 0xd9097ad1 tcpmd5 from 194.68.129.197 to 194.68.129.120 spi 0xdb53b930 tcpmd5 from 194.68.129.151 to 194.68.129.120 spi 0xde1e91da tcpmd5 from 194.68.129.120 to 194.68.129.197 spi 0xe630b27a The .120 is my IP :p I have md5 working with a kernel from April 28th and an absolutely -current bgpd, and also with the version from the Apr 28th snapshot, so I don't think there is a general problem with the code you're running. I'm allmost sure there is no problems... I still try to find where is it the problem :( If you have any hints.. I'm be happy to apply them... Xavier
OpenBSD 4.6 and ospf6d ?
Hi there, Changelog says: various ospf6d changes... The main problem is I cannot find ospf6d on OpenBSD 4.6/i386 installation (even if it is a full installation). Is there something I missed? /Xavier
Re: php5 package, no zip support?
Use PECL http://pecl.php.net/package/zip The last version is :1.10.2 The last time I used it 1.8.10 : cd tmp ftp http://pecl.php.net/get/zip-1.8.10.tgz tar xvzf zip-1.8.10.tgz cd zip-1.8.10 ./configure make make install Make a new file : /var/www/conf/php5/zip.ini extension=zip.so apachectl stop apachectl start Xavier. 2009/2/16 Daniel Polak dan...@sys.nl I have php5-core-5.2.6p0 installed on an OpenBSD system and am having trouble using the zip functionality of PHP. The line $zip = new ZipArchive; results in this error: *Fatal error*: Class 'ZipArchive' not found Apparently PHP has to be compiled with zip support. Could somebody who knows more about the PHP5 port tell me how enable zip support? Daniel
OpenBGPd + pf tables : removing prefix that is not on a table?
Hello, I use OpenBGPd and Pf to make some traffic shapping (see : http://blog.oav.net/dotclear/index.php?post/2007/01/19/32-traffic-shapping-avec-openbsd-pf-altq-et-openbgpd) , but I don't find yet the good way to tell PF to keep my bgp table to be up to date ? In fact I do just a bgpctl clear nei uplink every night to keep my table up to date. Problem is that the neighbor and all the routes I reinject into pf change all the time... so my shapping reflect the real life, only when I have just cleared the session, so it is not a good method. I found that http://marc.info/?l=openbsd-pfm=113646508819716w=2 is maybe a solution. But nothing more. Any solutions on OpenBSD 4.5 ? Thanks, /Xavier [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Openbgpd : how to ADD a community ?
Hello,
I use OpenBSD 4.5 on one of my router. I'd like to ADD a community to
group of peer.
I have currenlty such statements :
# Set transit communities
match from group Transit set { community 35189:9000, med 20 }
# Set peering communities
match from group Peering set { community 35189:8000, med 15 }
Problem, if that I have same subnet on 2 group Transit and Peering so
I cannot have both of them on the route.
Is there any way to do :
match from group Peering set { community +35189:8000, med 15 }
?
Thanks,
/Xavier
relayd vs loopback interface
Hello, I'd like to create some setup with relayd to allow bounce-back access to VIP eg. allowing machines behind the load balancer to access other VIP. In order to do that I want to set the VIP into loopback and set /32 routes against public network to reach them. Now is there any problems against such setup and clues about that ? Thanks to your replies and any pointers. /xavier [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Import (export.dat)
Exemple de problhme rencontri sur un import (up4o.php).
Il faut me remonter ce type de problhme pour correction
ERREUR : SQLSTATE[22001]: String data, right truncated: 7 ERROR: value too
long for type character varying(10)ligne : 5
INSERT INTO optiscan_productor
(id,productor,comment,conge,created_at,created_by,updated_at,updated_by)
VALUES('{5a54d779-3300-49cc-af79-e58b67ee545e}','11R171',null,'B. ET JP.
FAIXO','2009-02-12
11:47:21','{c04d7ebd-a358-4b4e-89db-60c765471f93}','2009-02-12
11:47:21','{c04d7ebd-a358-4b4e-89db-60c765471f93}');
Ici c'est le code congi et le nom du producteur qui ont ite inversis...
C'est corrigi.
Par aileurs, ce producteur a iti ricrie lors de la viste 1 minute aprhs, il
faudra ` l'occasion faire du minage :
idhttp://optiscan.fr/4pgs/display.php?server=127.0.0.1%3A5432%3Aallowdata
base=optiscanschema=publictable=optiscan_productorsubject=tablereturn_url
=tables.php%3Fserver%3D127.0.0.1%253A5432%253Aallow%26amp%3Bdatabase%3Doptisc
an%26amp%3Bschema%3Dpublicreturn_desc=Retoursortkey=1sortdir=ascstrings=c
ollapsedpage=13
productorhttp://optiscan.fr/4pgs/display.php?server=127.0.0.1%3A5432%3Aallow
database=optiscanschema=publictable=optiscan_productorsubject=tableretur
n_url=tables.php%3Fserver%3D127.0.0.1%253A5432%253Aallow%26amp%3Bdatabase%3Do
ptiscan%26amp%3Bschema%3Dpublicreturn_desc=Retoursortkey=2sortdir=ascstri
ngs=collapsedpage=13
commenthttp://optiscan.fr/4pgs/display.php?server=127.0.0.1%3A5432%3Aallowd
atabase=optiscanschema=publictable=optiscan_productorsubject=tablereturn_
url=tables.php%3Fserver%3D127.0.0.1%253A5432%253Aallow%26amp%3Bdatabase%3Dopt
iscan%26amp%3Bschema%3Dpublicreturn_desc=Retoursortkey=3sortdir=ascstring
s=collapsedpage=13
congehttp://optiscan.fr/4pgs/display.php?server=127.0.0.1%3A5432%3Aallowdat
abase=optiscanschema=publictable=optiscan_productorsubject=tablereturn_ur
l=tables.php%3Fserver%3D127.0.0.1%253A5432%253Aallow%26amp%3Bdatabase%3Doptis
can%26amp%3Bschema%3Dpublicreturn_desc=Retoursortkey=4sortdir=ascstrings=
collapsedpage=13
created_athttp://optiscan.fr/4pgs/display.php?server=127.0.0.1%3A5432%3Aallo
wdatabase=optiscanschema=publictable=optiscan_productorsubject=tableretu
rn_url=tables.php%3Fserver%3D127.0.0.1%253A5432%253Aallow%26amp%3Bdatabase%3D
optiscan%26amp%3Bschema%3Dpublicreturn_desc=Retoursortkey=5sortdir=ascstr
ings=collapsedpage=13
created_byhttp://optiscan.fr/4pgs/display.php?server=127.0.0.1%3A5432%3Aallo
wdatabase=optiscanschema=publictable=optiscan_productorsubject=tableretu
rn_url=tables.php%3Fserver%3D127.0.0.1%253A5432%253Aallow%26amp%3Bdatabase%3D
optiscan%26amp%3Bschema%3Dpublicreturn_desc=Retoursortkey=6sortdir=ascstr
ings=collapsedpage=13
updated_athttp://optiscan.fr/4pgs/display.php?server=127.0.0.1%3A5432%3Aallo
wdatabase=optiscanschema=publictable=optiscan_productorsubject=tableretu
rn_url=tables.php%3Fserver%3D127.0.0.1%253A5432%253Aallow%26amp%3Bdatabase%3D
optiscan%26amp%3Bschema%3Dpublicreturn_desc=Retoursortkey=7sortdir=ascstr
ings=collapsedpage=13
updated_byhttp://optiscan.fr/4pgs/display.php?server=127.0.0.1%3A5432%3Aallo
wdatabase=optiscanschema=publictable=optiscan_productorsubject=tableretu
rn_url=tables.php%3Fserver%3D127.0.0.1%253A5432%253Aallow%26amp%3Bdatabase%3D
optiscan%26amp%3Bschema%3Dpublicreturn_desc=Retoursortkey=8sortdir=ascstr
ings=collapsedpage=13
56fe264a-e3d7-47bc-ac2a-9f4d3ca53ba0 B. et JP. Faixo *NULL* 11R171 2009-02-12
11:48:08 c04d7ebd-a358-4b4e-89db-60c765471f93 2009-02-12 11:48:08
c04d7ebd-a358-4b4e-89db-60c765471f93 5a54d779-3300-49cc-af79-e58b67ee545e B.
ET JP. FAIXO *NULL* 11R171 2009-02-12 11:47:21
c04d7ebd-a358-4b4e-89db-60c765471f93 2009-02-12 11:47:21
c04d7ebd-a358-4b4e-89db-60c765471f93
*Par ailleurs, il est impiratif de n'uploader le fichier export.dat qu'une
seule fois ...*
Xavier.
Re: hoststated status ?
Hello :) Just to say thank you about all replys I got :p Relayd is marvelous :) /Xavier Le 9 fivr. 09 ` 00:26, Xavier Beaudouin a icrit : Hello, Just a quick question, what is the status of hoststated ? I ran into http://www.openbsd.org/papers/eurobsdcon07/pyr-loadbalancing/ and I found that a quite exiting projet. Unfortunalty it doesn't seems to be into 4.4 or even on snapshots... Is there any replacements ? drawbacks or anything that explain it is not yet supported by stable releases? Thanks; /Xavier
hoststated status ?
Hello, Just a quick question, what is the status of hoststated ? I ran into http://www.openbsd.org/papers/eurobsdcon07/pyr- loadbalancing/ and I found that a quite exiting projet. Unfortunalty it doesn't seems to be into 4.4 or even on snapshots... Is there any replacements ? drawbacks or anything that explain it is not yet supported by stable releases? Thanks; /Xavier
Re: pppoe0 doesn't get ip address - how to reconnect ?
The soekris box seems now working. I have to wait several days... I just add in the file : /etc/rc.shutdown ifconfig pppoe0 down Thanks a lot all for your help. I 'll have a look also for PPOE_TERM_UNKNOWN_SESSIONS Regards. Xavier. 2008/7/17 Vadim Zhukov [EMAIL PROTECTED]: 15 July 2008 c. 14:57:58 Henning Brauer wrote: * Xavier Millihs-Lacroix [EMAIL PROTECTED] [2008-07-15 09:02]: Sometimes when I boot a soekris box (net5501) - OpenBSD 4.3, I didn't get each times an ip address for the pppoe0 link. This is a problem as I can connect to this box only remotely. I didn't find on the documentation how to reconnect automatically if the link goes down. pppoe automagically reconnects. many ISPs have some logic to deny you from opening two ppp sessions, so by the time your box reboots the old sessions has not yet timed out. You can't do all that much but waiting for the old session to expire, pppoe will retry all the time. Search for PPPOE_TERM_UNKNOWN_SESSIONS kernel option. I have such provider, and this option helps a lot. BTW: Is there any point to translate this knob to interface linkN flag? -- Best wishes, Vadim Zhukov
pppoe0 doesn't get ip address - how to reconnect ?
Sometimes when I boot a soekris box (net5501) - OpenBSD 4.3, I didn't get each times an ip address for the pppoe0 link. This is a problem as I can connect to this box only remotely. I didn't find on the documentation how to reconnect automatically if the link goes down. Any ideas ? Xavier. Here is my configuration : /etc/sysctl.conf file : net.inet.ip.forwarding=1 net.inet6.ip6.forwarding=1 /etc/rc.conf.local file : named_flags= # nameserver ntpd_flags= # timeserver dhcpd_flags= # DHCP server ftpproxy_flags= # ftp proxy server pf=YES pf_rules=/etc/pf.conf check_quotas=NO # desactivate quotas /etc/resolv.conf file : lookup file bind nameserver 127.0.0.1 */etc/hostname.pppoe0 file file :* inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev vr0 \ authproto pap authname my_USER authkey my_PASSWORD up !/sbin/route add default 0.0.0.1 */etc/hostname.**vr0 file :* up * * */etc/hostname.**vr1 file :* inet 10.0.0.1 255.255.255.0 NONE I don't have /etc/mygate file. I don't have /var/named/named.boot file I use pf.
Re: pppoe0 doesn't get ip address - how to reconnect ?
Thanks a lot. I will make some tests this evening. pppoe automagically reconnects So if my ip change I still have to reload pf ? using ppp.linkdown ? Xavier. 2008/7/15 Henning Brauer [EMAIL PROTECTED]: * Xavier Millihs-Lacroix [EMAIL PROTECTED] [2008-07-15 09:02]: Sometimes when I boot a soekris box (net5501) - OpenBSD 4.3, I didn't get each times an ip address for the pppoe0 link. This is a problem as I can connect to this box only remotely. I didn't find on the documentation how to reconnect automatically if the link goes down. pppoe automagically reconnects. many ISPs have some logic to deny you from opening two ppp sessions, so by the time your box reboots the old sessions has not yet timed out. You can't do all that much but waiting for the old session to expire, pppoe will retry all the time. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: pppoe0 doesn't get ip address - how to reconnect ?
2008/7/15 Henning Brauer [EMAIL PROTECTED]:
* Xavier Millihs-Lacroix [EMAIL PROTECTED] [2008-07-15 14:15]:
pppoe automagically reconnects
So if my ip change I still have to reload pf ?
not if you write your pf.conf correctly
Here is my actual version. I 'will add later spamd, sshbruteforece.
Do you think my pf.conf is correct ?
Xavier.
# macros
ext_if=pppoe0
int_if=vr1
tcp_services={ 22, 113 }
icmp_types=echoreq
comp3=192.168.1.2
# options
set block-policy return
set loginterface $ext_if
set skip on lo
# scrub
scrub in
# nat/rdr
nat on $ext_if from !($ext_if) - ($ext_if:0)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021
rdr on $ext_if proto tcp from any to any port 80 - $comp3
# filter rules
block in
pass out keep state
anchor ftp-proxy/*
antispoof quick for { lo $int_if }
pass in on $ext_if inet proto tcp from any to ($ext_if) \
port $tcp_services flags S/SA keep state
pass in on $ext_if inet proto tcp from any to $comp3 port 80 \
flags S/SA synproxy state
pass in inet proto icmp all icmp-type $icmp_types keep state
pass in quick on $int_if
/etc/pf.conf
# macros
ext_if=pppoe0
int_if=vr1
tcp_services={ 22, 113, 443 }
icmp_types=echoreq
srvexchange=192.168.1.2
tcp_srvexchange={ 25, 110, 1024 }
srvfiles=192.168.1.10
tcp_srvfiles={ 873, 3389 }
# options
set block-policy return
set loginterface $ext_if
set skip on lo
# scrub
scrub in
# nat/rdr
nat on $ext_if from !($ext_if) - ($ext_if:0)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021
rdr on $ext_if proto tcp from any to any port $tcp_srvfiles - $srvfiles
rdr on $ext_if proto tcp from any to any port $tcp_srvexchange -
$srvexchange
# filter rules
block in
pass out keep state
anchor ftp-proxy/*
antispoof quick for { lo $int_if }
pass in on $ext_if inet proto tcp from any to ($ext_if) \
port $tcp_services flags S/SA keep state
pass in on $ext_if inet proto tcp from any to $srvfiles port $tcp_srvfiles \
flags S/SA synproxy state
pass in on $ext_if inet proto tcp from any to $srvexchange port
$tcp_srvexchange \
flags S/SA synproxy state
pass in inet proto icmp all icmp-type $icmp_types keep state
pass in quick on $int_if
Install Business Intelligence software like Pentaho
Hi, All Does anybody have already installed Business Intelligence software like Pentaho on OpenBSD ? Do you have good experiences with other software for reporting, analyzing ... (on OBSD) ? Thanks. Xavier
Re: 4.2 xenocara make build problem
On Sun, Jun 8, 2008 at 9:32 PM, Jesus Sanchez [EMAIL PROTECTED] wrote: Hi, using 4.2. Today I downloaded the xenocara.tar.gz from ftp.openbsd.org and it seems to have a problem. I untared the source into /usr/src/xenocara don't go any further http://www.openbsd.org/faq/upgrade43.html#xenocaramove
Re: Window Manager
On Mon, May 5, 2008 at 3:16 AM, Douglas A. Tutty [EMAIL PROTECTED] wrote: On Sun, May 04, 2008 at 09:29:42PM -0300, Gonzalo Lionel Rodriguez wrote: I dont know if it is the place to ask it, but that window manager uses? And why? I don't understand the question. Are you asking what window manager I use? icewm: small, easy to configure, has a taskbar for frequently used apps. Works well on my low-resource systems. Doug. If indeed Doug is right about your question I'm testing e17, not so small, not that easy to configure (everything is new, it takes time), very shiny (I can show off with my OBSD now) Xavier.
pbm install 4.3 Packard Bell EasyNote
Hello to all, The install of the 4.3 is quite difficult in comparison to the 4.2 (both dmesg are attached to the mail) the wifi is not properly recognised The boot is processed completely 50% of the times. I mean each time I have the ddb prompt, I just reboot (boot reboot) (see the dmesgko4.3 and the dmesgok4.3) and that second time it completes I've attached also the trace and ps. I reinstalled the 4.2 and all works fine, 4.3 stable is booting improperly half the time and 4.3 -current also. I stil can reboot my computer two times, and keep the ethernet cable instead of my wifi, but any improvement is welcome If anyone can help, thanks in advance. 0xe6000/0x1000! 0xeb000/0x5000! cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82855GM Host rev 0x02 Intel 82855GM Memory rev 0x02 at pci0 dev 0 function 1 not configured Intel 82855GM Config rev 0x02 at pci0 dev 0 function 3 not configured vga1 at pci0 dev 2 function 0 Intel 82855GM Video rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: aperture at 0xb000, size 0x800 Intel 82855GM Video rev 0x02 at pci0 dev 2 function 1 not configured uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x03: irq 10 uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x03: irq 11 ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x03: irq 7 ehci0: reset timeout ehci0: init failed, error=13 ppb0 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x83 pci1 at ppb0 bus 1 rtw0 at pci1 dev 1 function 0 Realtek 8180 rev 0x20: irq 11 rtw0: ver RTL8180F, rtw0: could not recall EEPROM in 1us rtw0: could not recall EEPROM in 1us rl0 at pci1 dev 2 function 0 Realtek 8139 rev 0x10: irq 3, address 00:40:d0:62:86:13 rlphy0 at rl0 phy 0: RTL internal PHY ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x03 pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x03: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: ST94019A wd0: 16-sector PIO, LBA48, 38154MB, 78140160 sectors atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: QSI, DVD+-RW SDW-082S, LX06 ATAPI 5/cdrom removable ichiic0 at pci0 dev 31 function 3 Intel 82801DB SMBus rev 0x03: irq 5 iic0 at ichiic0 iic0: addr 0x18 00=00 01=00 02=00 3e=00 4e=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic0: addr 0x1b 00=00 01=00 3e=00 48=d0 words 00= 01= 02= 03= 04= 05= 06= 07= iic0: addr 0x1e 00=00 01=00 3e=00 48=d0 words 00= 01= 02= 03= 04= 05= 06= 07= iic0: addr 0x21 00=00 01=00 02=00 3e=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic0: addr 0x24 00=00 01=00 3e=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic0: addr 0x26 00=00 01=00 02=00 3e=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic0: addr 0x29 00=00 01=00 02=00 03=00 04=00 3e=00 3f=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic0: addr 0x2c 00=00 3e=00 3f=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic0: addr 0x2f 00=00 01=00 3e=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic0: addr 0x4a 3e=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic0: addr 0x4d 3e=00 words 00= 01= 02= 03= 04= 05= 06= 07= auich0 at pci0 dev 31 function 5 Intel 82801DB AC97 rev 0x03: irq 5, ICH4 AC97 ac97: codec id not read audio0 at auich0 Intel 82801DB Modem rev 0x03 at pci0 dev 31 function 6 not configured usb0 at uhci0: USB revision 1.0 uhub0 at usb0 Intel UHCI root hub rev 1.00/1.00 addr 1 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 biomask edf5 netmask edfd ttymask mtrr: Pentium Pro MTRR support nvram: invalid checksum softraid0 at root OpenBSD 4.3-current (GENERIC) #0: Sun Apr 27 22:32:03 CEST 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Celeron(R) M processor 1400MHz (GenuineIntel 686-class) 1.40 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF real mem = 234385408 (223MB) avail mem = 218484736 (208MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 09/14/04, BIOS32 rev. 0 @ 0xe97a0, SMBIOS rev. 2.3 @ 0xec31d (38 entries) bios0:
Re: Chatting with developers? Is it soo 1996?
Voyeurism is a bad thing ;) And the developers made another choice so :) Andris a icrit : On Tue, Apr 15, 2008 at 2:20 PM, Theo de Raadt [EMAIL PROTECTED] wrote: I found an old email on the mailing lists, dating back to 1996, when Theo announced users could connect and chat with the developers on their ICB server. Many developers did not like it, so please leave them alone. I can understand your point, but isn't there a way of connecting to just read? I mean, we only read, you talk. That would be very interesting. Ce message a fait l'objet d'un traitement anti-virus. Il est rappeli que tout message ilectronique est susceptible d'altiration au cours de son acheminement sur Internet. Ce message, ainsi que les pihces jointes, sont itablis, sous la seule responsabiliti de l'expiditeur, ` l'intention exclusive de ses destinataires ; ils peuvent contenir des informations confidentielles. Toute publication, utilisation ou diffusion doit jtre autorisie prialablement. Ce message a fait l'objet d'un traitement anti-virus. Il est rappeli que tout message ilectronique est susceptible d'altiration au cours de son acheminement sur Internet. Vous pouvez consulter le site de l'Assemblie nationale ` l'adresse suivante : http://www.assemblee-nationale.fr
Re: Remote Admin Card - Dell DRAC or HP ILO2 ?
Hello, I'm not sure but advanced ilo provides remote cd/dvd/floppy ? Is it true ? Xavier. 2008/2/22, Joe Warren-Meeks [EMAIL PROTECTED]: On Thu, Feb 21, 2008 at 08:10:16PM +0100, Nick Nauwelaerts wrote: I don't really see how this is related to openbsd, but ilo2 wins hands down to drac, but has a costly advanced license. Installing openbsd through ilo2 virtual cd works just fine btw. I thought you only needed the license if you used higher resolutions than a basic console. If you are just using text mode on the console, then they work excellently. I've used both with OpenBSD firewalls and infinitely prefer the HP ones. -- joe. Jennifer's dad sent her a nice cuddly cat, so that's nice.
Remote Admin Card - Dell DRAC or HP ILO2 ?
Who wins in the OpenBSD world? DRAC (Dell Remote Admin Card) or iLo (HP's Integrated Lights Out) (or better ilo2) ? We're looking at new servers and are wondering if these are worth the cash, or which is the one to go for ? I see some problem with ILO2 on HP DL320 G5 (/G5p ?). We need to be able to do 'quite' everything remotely (from installing (virtual floppy / cd / dvd) to exploitation). Regards.
Re: Remote Admin Card - Dell DRAC or HP ILO2 ?
I really like PXE too. But the servers to be administrate remotely would be the firewalls (two in carp association). Xavier 2008/2/21, Jussi Peltola [EMAIL PROTECTED]: On Thu, Feb 21, 2008 at 07:01:21PM +0100, Xavier Millihs-Lacroix wrote: We need to be able to do 'quite' everything remotely (from installing (virtual floppy / cd / dvd) to exploitation). I prefer PXE booted bsd.rd and a serial console, with BIOS serial redirection it is quite close to a LOM module and does the things it can do extremely reliably.
Re: Remote Admin Card - Dell DRAC or HP ILO2 ?
I really like PXE too. But the servers to be administrate remotely would be the firewalls (two in carp association). Xavier
Re: Remote Admin Card - Dell DRAC or HP ILO2 ?
You are right. I think I'll put a box like soekris in front of ILO ports to prevent hack on ILO By this way I 'll be able to push CD / floppy image to the HP's servers. During upgrade of the soerkis box. I'll use the firewall server COM port and PXE if I should do a full reinstall. Xavier. 2008/2/21, Jussi Peltola [EMAIL PROTECTED]: On Thu, Feb 21, 2008 at 07:50:52PM +, Stuart Henderson wrote: I normally go for the time-honoured serial console to a box running conserver and a masterswitch though (on a separate lan: you don't really want this sort of thing, ILO/DRAC or masterswitch or IP KVM or whatever else, on your main lan unprotected). And it's supposed to be out of band and not shared with the main network to be really useful when you need it. Serial consoles are easily accessed with a telephone modem connected to the console server, redundant networking is much more complex (and I'd say less foolproof). -- Jussi Peltola
Re: Server room temperature sensors
Hello, There are some kits (with DB9 connector / RS232) that can follow up to 4 sensors for $ 40-45 / 30 . It 's very fast to built it. You get one mesure per second on the /dev/ttyX And after you can use rrdtool to have nive graphs. Regards. Xavier 2008/2/11, Bill [EMAIL PROTECTED]: On Wed, 6 Feb 2008 23:07:01 -0800 Joe [EMAIL PROTECTED] spake: Can anyone recommend a server room temperature sensor that I can use with openbsd? I want to monitor temperature and humidity. I hope to graph the data from the sensor. The sensor can be connected to my openbsd via usb, serial, or even network. I've used AVTECH in a few of my rooms. I think the cheapest is around $240 maybe... bigger models can handle everything from smoke, to noise, etc... Read them via SNMP tied to nagios. Works good, the basic model comes with a temp sensor in the unit and a 25' (I believe) lead to a remote sensor. I also have some NetBotz, and while expensive are pretty cool - airflow, noise, temp, humidity, door sensor, camera, etc... Nice if your not spending out of pocket eh...
Serial port (RS232) on USB port
Hello, I want add one or several serial / rs232 connectors on a OpenBSD box (Soekris or standard PC) - without adding a PCI card - just converter. I search compatibles products. When we buy product we don't know the chip. Do you have good experiences ? I have an converter, here an excerpt dmesg and usbdevs : uftdi0 at uhub0 port 2 uftdi0: FTDI FT232R USB UART, rev 2.00/6.00, addr 3 ucom0 at uftdi0 portno 1 # usbdevs -dv Controller /dev/usb0: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 uhub0 port 1 addr 2: low speed, power 100 mA, config 1, NetScroll(0x0035), Genius(0x0458), rev 1.10 uhidev0 port 2 addr 3: full speed, power 90 mA, config 1, FT232R USB UART(0x6001), FTDI(0x0403), rev 6.00 uftdi0 - I think tJhe FT232R USB UART is the /dev/ttyU0 device. But I can't talk witj it (in or out). # stty -f /dev/ttyU0 ispeed 0 baud; ospeed 9600 baud; lflags: echoe echoke echoctl cflags: cs8 -parenb Any ideas ? On another box I was using tip for receiving caracters. Xavier.
Re: ftp.openbsd.org?
man pages too On Feb 4, 2008 3:23 PM, Alexey Vatchenko [EMAIL PROTECTED] wrote: Hi! I can't get into ftp.openbsd.org and http://www.openbsd.org/cgi-bin/cvsweb/ shows me Internal Server Error page. Is it OK? -- Alexey Vatchenko http://www.bsdua.org
Re: OpenCVS?
a little mdoc -mandoc cvs.1 and there you go ! Oups, nroff -mandoc cvs.1 That works better like this On Jan 26, 2008 8:43 AM, xavier brinon [EMAIL PROTECTED] wrote: the man pages of opencvs are cvs.1, cvs.5 (as far as I remember) in the source directory of opencvs On Jan 25, 2008 4:38 PM, Julian Leyh [EMAIL PROTECTED] wrote: On 11:57 Sun 20 Jan , Darrin Chandler wrote: On Sun, Jan 20, 2008 at 06:31:48PM +, Stuart Henderson wrote: On 2008/01/20 10:15, Unix Fan wrote: Stuart Henderson wrote: See for yourself: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/cvs/ I'm slighly confused by something if the cvs command in OpenBSD 4.2 is OpenCVS, it isn't - not everything in source is linked to the build yet. However, those interested in using/testing OpenCVS should take a peek at their /usr/src/usr.bin/cvs/README file as a start. The binary gets installed as opencvs, but the manpages as cvs - just in case you're wondering why cvs --help still is GNU CVS, and the manpages are not ;) -- If you don't remember something, it never existed... If you aren't remembered, you never existed... I don't quite understand what love is like... But if there was someone who liked me, I'd be happy.
Re: OpenCVS?
the man pages of opencvs are cvs.1, cvs.5 ans cvsintro.7 (know I remember) in the source directory of opencvs, that is : /usr/src/usr.bin/cvs/ a little mdoc -mandoc cvs.1 and there you go ! On Jan 26, 2008 8:43 AM, xavier brinon [EMAIL PROTECTED] wrote: the man pages of opencvs are cvs.1, cvs.5 (as far as I remember) in the source directory of opencvs On Jan 25, 2008 4:38 PM, Julian Leyh [EMAIL PROTECTED] wrote: On 11:57 Sun 20 Jan , Darrin Chandler wrote: On Sun, Jan 20, 2008 at 06:31:48PM +, Stuart Henderson wrote: On 2008/01/20 10:15, Unix Fan wrote: Stuart Henderson wrote: See for yourself: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/cvs/ I'm slighly confused by something if the cvs command in OpenBSD 4.2 is OpenCVS, it isn't - not everything in source is linked to the build yet. However, those interested in using/testing OpenCVS should take a peek at their /usr/src/usr.bin/cvs/README file as a start. The binary gets installed as opencvs, but the manpages as cvs - just in case you're wondering why cvs --help still is GNU CVS, and the manpages are not ;) -- If you don't remember something, it never existed... If you aren't remembered, you never existed... I don't quite understand what love is like... But if there was someone who liked me, I'd be happy.
Re: OpenCVS?
the man pages of opencvs are cvs.1, cvs.5 (as far as I remember) in the source directory of opencvs On Jan 25, 2008 4:38 PM, Julian Leyh [EMAIL PROTECTED] wrote: On 11:57 Sun 20 Jan , Darrin Chandler wrote: On Sun, Jan 20, 2008 at 06:31:48PM +, Stuart Henderson wrote: On 2008/01/20 10:15, Unix Fan wrote: Stuart Henderson wrote: See for yourself: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/cvs/ I'm slighly confused by something if the cvs command in OpenBSD 4.2 is OpenCVS, it isn't - not everything in source is linked to the build yet. However, those interested in using/testing OpenCVS should take a peek at their /usr/src/usr.bin/cvs/README file as a start. The binary gets installed as opencvs, but the manpages as cvs - just in case you're wondering why cvs --help still is GNU CVS, and the manpages are not ;) -- If you don't remember something, it never existed... If you aren't remembered, you never existed... I don't quite understand what love is like... But if there was someone who liked me, I'd be happy.
flamewars : 9 Tips for Dealing with Idiots on the Internet
Seems to be a must read Sent to you by Xavier Brinon via Google Reader: Online Survival Guide: 9 Tips for Dealing with Idiots on the Internet via Internet Duct Tape by engtech on 09/01/08 My first experience with online communication was bulletin board systems in the early 90s. The more things change, the more they stay the same. The experience of running a blog is almost exactly the same as it was running a BBS 15 years ago. The only difference is the sheer number of channels available for communication. Where there was once up to 100 to 200 local BBSes there are now so many online forums for communication that it might as well be infinite., New forums for communication are being created all the time. Mainstream sites like the New York Times let you comment on articles, and each person has their own discussion forum thanks to sites like Facebook and MySpace. When I was involved in the BBS/IRC scene as a teenager I was surrounded by flame wars; one-upmanship was part of the attraction. I thought it was because of the immaturity of the participants, but now I think it is a natural offshoot of digital communication. We lose all the visual and auditory cues that are a normal part of human dialog and instead focus on words that can be easy to misinterpret (especially if looking for a reason to fight). quoting myself Winter is one of the worst for flame wars because environmental conditions make people more irritable and more likely to spend more time online. Here are some tips for navigating online discussions from someone who has been participating and managing public forums for over 15 years. Tips for Administrators Tip #1: Disemvowel From Wikipedia: In the fields of Internet discussion and forum moderation, disemvoweling is the removal of vowels from text either as a method of self-censorship, or as a technique by forum moderators to censor Internet trolling and other unwanted posting. When used by a forum moderator, the net effect of disemvowelling text is to render it illegible or legible only through significant cognitive effort. Xeni Jardin, co-editor of Boing Boing says of the practice, the dialogue stays, but the misanthrope looks ridiculous, and the emotional sting is neutralized. This original sentence: In the fields of Internet discussion and forum moderation, disemvoweling (also spelled disemvowelling) is the removal of vowels from text. would be disemvowelled to look like this: n th flds f ntrnt dscssn nd frm mdrtn, Dsmvwlng (ls splld dsmvwllng) s th rmvl f vwls frm txt. You can disemvowel any text using this tool. There is also a Firefox extension that lets you disemvowel comments if you're a WordPress administrator. The same guy has a Firefox extension for handling religious trolls. Tip #2: Temporarily disable comments for that post This works well if you've been linked to from another site and it's bringing a lot of tolls (IE: Digg, Slashdot). You can turn the comments on after a day or two without having to wade through the 100+ comments telling you how much of an idiot you are because they don't agree with some minor minutiae of your argument. Tip #3: Take the discussion to email Nothing kills a flame war like removing the audience. Quoting myself: There is a different between scrawling messages on a public site and having a one on one conversation. The flame wars that are routine on some sites rarely exist in personal email. People stop being disembodied words and ideas and you remember that there is a person behind all of that typing. Comment Ninja is a handy Firefox extension for WordPress blog administrators that makes it easy to respond to commenters on your blog by email. Tip #4: Never post personal information Because you are an administrator, you have access to a commenters email address and their IP address. This information is usually enough to find out anything else you want to about who they are. (IE: put their email address into Facebook to find their real name, use their IP address to find out where they work) It can be tempting to deal with a troll by removing their anonymity, but making it personal can change a one time nuisance into someone with a grudge that won't go away. Tips for Anyone Tip #5: Let it stew If something really gets your goat, then sit on it. Come back and re-read what bothered you later on and you may find that you were reading between the lines and interpreting an emotional undertone that isn't there. The human mind is great at adding missing context, but it can also trick you into reading what you want to believe. Revisiting something that filled you with rage days latter can leave you scratching your head trying to find what it was that pulled your chain. Tip #6: Leave it where you found it As I said earlier, it is ridiculously easy to collect personal identifying information about someone and find other parts of their online identity. Other than bringing a public argument to a private means of communication, you
Re: A sad thread - RMS vs. OpenBSD
a famous one, let S be the set of all elements that do not belong to S On Jan 8, 2008 3:10 AM, Eliah Kagan [EMAIL PROTECTED] wrote: Just recently, I said: On the other hand, well-formed statements can talk about some of their properties in certain systems. If worse comes to worse, you can simply use a different system to evaluate the statement. This really does make sense and there is information conveyed--a parallel would be Raymond Smullyan's example of a sign that reads, This sign was made my Cellini. That sign is actually telling you something. Typographical correction: Raymond Smullyan's example is of a sign that says: This sign was made *by* Cellini. -Eliah
newfs: cg 0: bad magic number
Hi *, I'm trying to build a new FS on an IDE disk. All newfs commands end with: # newfs /dev/rwd1a .. .. newfs: cg 0: bad magic number newfs: fsinit1 failed Here is the disk info: # disklabel wd1 # /dev/rwd1c: type: ESDI disk: ESDI/IDE disk label: Maxtor 6B250R0 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 30515 total sectors: 490234752 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a:481950 4.2BSD 2048 16384 16 c:4902347520 unused 0 0 (I tried several fs size (stard or end of the disk, same error) Any idea? Xavier -- Weird enough for government work.
Re: newfs: cg 0: bad magic number
Strange... fdisk wd1 reports: # fdisk wd1 Disk: wd1 geometry: 30515/255/63 [490234752 Sectors] Offset: 0 Signature: 0x180 Starting EndingLBA Info: #: id C H S - C H S [ start:size ] 0: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused When I create some partitions, write them to the disk, restart fdisk, I'm back to the same empty config. Is my disk physically dead? :( Xavier -- There's no place like ~ On Thu, 3 Jan 2008, Xavier Mertens wrote: Hi *, I'm trying to build a new FS on an IDE disk. All newfs commands end with: # newfs /dev/rwd1a .. .. newfs: cg 0: bad magic number newfs: fsinit1 failed Here is the disk info: # disklabel wd1 # /dev/rwd1c: type: ESDI disk: ESDI/IDE disk label: Maxtor 6B250R0 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 30515 total sectors: 490234752 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a:481950 4.2BSD 2048 16384 16 c:4902347520 unused 0 0 (I tried several fs size (stard or end of the disk, same error) Any idea? Xavier -- Weird enough for government work.
Re: newfs: cg 0: bad magic number
Indeed, this test was bad...
But the same occurs with an offset of 63 sectors :(
Same with fdisk:
fdisk: 1 edit 3
Starting EndingLBA Info:
#: id C H S - C H S [ start:size ]
3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
Partition id ('0' to disable) [0 - FF]: [0] (? for help) A6
Do you wish to edit in CHS mode? [n]
offset: [0] 63
size: [0] 488392002
fdisk:*1 q
Writing current MBR to disk.
bash-3.2# fdisk wd1
Disk: wd1 geometry: 30515/255/63 [490234752 Sectors]
Offset: 0 Signature: 0x100
Starting EndingLBA Info:
#: id C H S - C H S [ start:size ]
0: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
Xavier
--
Secret hacker rule #11: hackers read manuals.
On Wed, 2 Jan 2008, Nick Holland wrote:
Good thing OpenBSD only runs on one platform and one type of computer,
eh?
Xavier Mertens wrote:
..
16 partitions:
#size offset fstype [fsize bsize cpg]
a:481950 4.2BSD 2048 16384 16
c:4902347520 unused 0 0
Assuming this is i386 (what people usually assume when they don't
bother to show dmesg or even mention platform), you need a one
cylinder offset on your 'a' partition (or more accurately, your
first partition. TYPICALLY, that's 63 sectors, but not always).
What you have here clobbers your MBR, which holds your (now hosed)
fdisk partitions.
see faq4.html.
Nick.
Re: newfs: cg 0: bad magic number
Ok, I fixed the disk partitions: # fdisk wd1 Disk: wd1 geometry: 30515/255/63 [490234752 Sectors] Offset: 0 Signature: 0x0 Starting EndingLBA Info: #: id C H S - C H S [ start:size ] 0: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 1: A6 0 1 1 - 30514 254 63 [ 63: 490223412 ] OpenBSD 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused # disklabel wd1 # Inside MBR partition 1: type A6 start 63 size 490223412 # /dev/rwd1c: type: ESDI disk: ESDI/IDE disk label: Maxtor 6B250R0 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 30515 total sectors: 490234752 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a:490223412 63 4.2BSD 2048 16384 16 c:4902347520 unused 0 0 But I still have the same error at the end of the newfs: newfs: cg 0: bad magic number newfs: fsinit1 failed :( Xavier -- Hint: A reload a day, keeps the TAC away . On Wed, 2 Jan 2008, Ted Unangst wrote: On 1/2/08, Xavier Mertens [EMAIL PROTECTED] wrote: 16 partitions: #size offset fstype [fsize bsize cpg] a:481950 4.2BSD 2048 16384 16 your partition is not properly offset from the beginning of the disk, where all the goodies like mbr need to live.
Re: newfs: cg 0: bad magic number
Is that normal to have a signature of 0x0 reported by fdisk? On my other disks, signature is 0xAA55. Thanks for your help! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Xavier Mertens Sent: jeudi 3 janvier 2008 2:28 To: misc@openbsd.org Subject: Re: newfs: cg 0: bad magic number Ok, I fixed the disk partitions: # fdisk wd1 Disk: wd1 geometry: 30515/255/63 [490234752 Sectors] Offset: 0 Signature: 0x0 Starting EndingLBA Info: #: id C H S - C H S [ start:size ] 0: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 1: A6 0 1 1 - 30514 254 63 [ 63: 490223412 ] OpenBSD 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused # disklabel wd1 # Inside MBR partition 1: type A6 start 63 size 490223412 # /dev/rwd1c: type: ESDI disk: ESDI/IDE disk label: Maxtor 6B250R0 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 30515 total sectors: 490234752 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a:490223412 63 4.2BSD 2048 16384 16 c:4902347520 unused 0 0 But I still have the same error at the end of the newfs: newfs: cg 0: bad magic number newfs: fsinit1 failed :( Xavier -- Hint: A reload a day, keeps the TAC away . On Wed, 2 Jan 2008, Ted Unangst wrote: On 1/2/08, Xavier Mertens [EMAIL PROTECTED] wrote: 16 partitions: #size offset fstype [fsize bsize cpg] a:481950 4.2BSD 2048 16384 16 your partition is not properly offset from the beginning of the disk, where all the goodies like mbr need to live.
Re: A very good OpenLDAP tutorial - Notes
Thanks a lot, it gives the opportunity to read something new. Now I know better about it. I think it's a good idea to share our current reading. On Dec 13, 2007 12:25 AM, badeguruji [EMAIL PROTECTED] wrote: http://www.acay.com.au/~oscarp/tutor/ for all new Openldap users. thx, and sorry if you don't need this. -BG ~~Kalyan-mastu~~
OpenBSD on VMware
Hi *, I'm running a 4.1-GENERIC on a VMware server (the VMare host runs a Microsoft Windows OS). I've no access to the VMware server. At random time, the server is just powered off (that's the feedback I always received from the VMware server administrator). There is nothing in logs and as the server is off, the console is not available anymore. :( Does somebody already experienced such issue? Any tips to run OBSD as VMware guest? Regards, Xavier PS: I'm using pcn as network driver. Maybe vmnet could increase performance and/or stability?
Re: OpenBSD on VMware
It's a VMware server 1.0.3. I've no more info about the config. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of PowerBSD Sent: lundi 26 novembre 2007 8:17 To: misc@openbsd.org Subject: Re: OpenBSD on VMware On Mon, Nov 26, 2007 at 07:56:16AM +0100, Xavier Mertens wrote: Hi *, I'm running a 4.1-GENERIC on a VMware server (the VMare host runs a Microsoft Windows OS). I've no access to the VMware server. At random time, the server is just powered off (that's the feedback I always received from the VMware server administrator). There is nothing in logs and as the server is off, the console is not available anymore. :( Does somebody already experienced such issue? Any tips to run OBSD as VMware guest? Regards, Xavier PS: I'm using pcn as network driver. Maybe vmnet could increase performance and/or stability? I always runs openbsd on vmware , but the vware version is workstation 6.0.2.59824 . you may post your vmware server version.
Re: OpenBSD on VMware
Ok, the only fix that explains my issue is this one: This release fixes a problem that resulted from a conflict between Linux guest operating systems with kernel version 2.6.21 and RTC-related processes on the host. This problem caused the virtual machine to quit unexpectedly. Could you give me more details? As the VMware server is not under my control, I need to have good arguments to ask them to upgrade! :( /x -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of PowerBSD Sent: lundi 26 novembre 2007 8:33 To: misc@openbsd.org Subject: Re: OpenBSD on VMware On Mon, Nov 26, 2007 at 08:15:03AM +0100, Xavier Mertens wrote: It's a VMware server 1.0.3. I've no more info about the config. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of PowerBSD Sent: lundi 26 novembre 2007 8:17 To: misc@openbsd.org Subject: Re: OpenBSD on VMware On Mon, Nov 26, 2007 at 07:56:16AM +0100, Xavier Mertens wrote: Hi *, I'm running a 4.1-GENERIC on a VMware server (the VMare host runs a Microsoft Windows OS). I've no access to the VMware server. At random time, the server is just powered off (that's the feedback I always received from the VMware server administrator). There is nothing in logs and as the server is off, the console is not available anymore. :( Does somebody already experienced such issue? Any tips to run OBSD as VMware guest? Regards, Xavier PS: I'm using pcn as network driver. Maybe vmnet could increase performance and/or stability? I always runs openbsd on vmware , but the vware version is workstation 6.0.2.59824 . you may post your vmware server version. read this link : http://www.vmware.com/support/server/doc/releasenotes_server.html#resolved
[AV DiD] the death of AV defense in Depth
Hi, misc ! I think this is worth reading, http://www.nruns.com/ps/The_Death_of_AV_Defense_in_Depth-Revisiting_Anti-Virus_Software.pdf If anyone know an AV that is conceptually well made, please, tell me.
google team and the DIY way of life
-- Forwarded message -- From: xavier brinon [EMAIL PROTECTED] Date: Nov 12, 2007 10:12 AM Subject: Re: google team and the DIY way of life To: michael hamerski [EMAIL PROTECTED] I'm working for a French ISP where the dev team seems to live in a kind of secret chamber. I tried 3 times to code my own tools, sharing it with collegues. I've been told to quickly remove them, even if the tools helped a lot my collegues and myself. It's a shame, they didn't look at it and we were all back to the old tools. It's just for me to show that sharing code inside a company and having the ability to work with it is not available for everyone. It's not what they do, it's the way they work that is important for me here. I don't know how your company deals with that kind of thing, mine just don't. you must read that post like : hey, what you do here is great ! Even big companies know that ! I can post it in every open source community list, but i'm just an openBSD fan. And Misc@ seemed the most relevant to me. Sorry if it is not. On Nov 11, 2007 11:15 PM, michael hamerski [EMAIL PROTECTED] wrote: Posted by Reza Behforooz, Software Engineer In my first month at Google, I complained to a friend on the Gmail team about a couple of small things that I disliked about Gmail. I ... Dear Google, Could you get Reza to fix contact/label whitelisting in Gmail while he's at it? thanks, mike
google team and the DIY way of life
from the Official Google Blog Posted by Reza Behforooz, Software Engineer In my first month at Google, I complained to a friend on the Gmail team about a couple of small things that I disliked about Gmail. I expected him to point me to the bug database. But he told me to fix it myself, pointing me to a document on how to bring up the Gmail development environment on my workstation. The next day my code was reviewed by Gmail engineers, and then I submitted it. A week later, my change was live. I was amazed by the freedom to work across teams, the ability to check in code to another project, the trust in engineers to work on the right thing, and the excitement and speed of getting things done for our users. Engineers across our offices (and across projects) have access to the same code; I didn't have to ask for anyone's permission to work on this. I know, it's obvious that it's works if you share your code and let others submit their diffs. Just a reminder... See Google ? they shut up and code !
Re: Open hardware.
+1 On Nov 4, 2007 7:22 AM, Mark Thomas [EMAIL PROTECTED] wrote: On Nov 3, 2007 2:47 PM, Adrian Fisher [EMAIL PROTECTED] wrote: Would you be more inclined to buy a machine based on open source hardware rather than proprietary products such as Asus, Intel and AMD? Of course! -- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
systrace/stsh policies
Hi *, I'm busy with a systrace/stsh implementation but there is a lack of standard policies (IMHO). Any idea where I can find some ready-to-use policies? I must be missing some important ones, when the user logs in, he got immediately the following error: systrace: getcwd: Permission denied Xavier -- Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
Re: Wasting our Bandwidth
Le mardi 18 septembre 2007 ` 06:29 -0500, Marco Peereboom a icrit : Now if they'd fix the copyright message to only mention Reyk all would be good. All this mess so easily solved ? Too good to be true. Xav
Problem with new IDE disk
Hi *, I just reinstalled a box (running -CURRENT). I added a third IDE drive: wd2 at pciide0 channel 1 drive 1: WDC WD2500JB-00REA0 wd2: 16-sector PIO, LBA48, 238475MB, 488397168 sectors wd2(pciide0:1:1): using PIO mode 4, Ultra-DMA mode 5 dkcsum: wd2 matches BIOS drive 0x82 It will be fully dedicated to OpenBSD so, I issued the following commands: # fdisk -i wd2 # disklabel -E wd2 (created 'a' partition) # newfs wd2a == Errors! wd2a: id not found writing fsbn 488397104 (wd2 bn 8796581419375; cn 547561868 tn 158 sn 1), retrying wd2: transfer error, downgrading to Ultra-DMA mode 4 wd2(pciide0:1:1): using PIO mode 4, Ultra-DMA mode 4 wd2a: id not found writing fsbn 488397104 (wd2 bn 8796581419375; cn 547561868 tn 158 sn 1), retrying wd2: transfer error, downgrading to Ultra-DMA mode 3 wd2(pciide0:1:1): using PIO mode 4, Ultra-DMA mode 3 wd2a: id not found writing fsbn 488397104 (wd2 bn 8796581419375; cn 547561868 tn 158 sn 1), retrying I booted the box with a Knoppix CD and I was able to create an ext3 fs on the disk. The filesystem was successfully mounted under OpenBSD and I/O were correct. Any idea why newfs failed? Regards, Xavier -- The three Rs of Microsoft support: Retry, Reboot, Reinstall.
Re: Problem with new IDE disk
Argh! So stupid! I just started a rebuild of userland tools... I'll keep you informed. Tx Miod! Xavier -- Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie) On Thu, 23 Aug 2007, Miod Vallat wrote: # fdisk -i wd2 # disklabel -E wd2 (created 'a' partition) # newfs wd2a [...] wd2a: id not found writing fsbn 488397104 (wd2 bn 8796581419375; cn 547561868 tn 158 sn 1), retrying It looks like you are indeed running a -CURRENT (or fairly recent) kernel, but with an older userland. Are you sure your fdisk, disklabel and newfs binaries are on par with the kernel? Miod
Re: Problem with new IDE disk
Ok, problem solved, it was indeed a mismatch between kernel userland! Tx! Xavier -- The first time that Microsoft makes a product that doesn't suck will be when they start making vacuum cleaners! On Thu, 23 Aug 2007, Miod Vallat wrote: # fdisk -i wd2 # disklabel -E wd2 (created 'a' partition) # newfs wd2a [...] wd2a: id not found writing fsbn 488397104 (wd2 bn 8796581419375; cn 547561868 tn 158 sn 1), retrying It looks like you are indeed running a -CURRENT (or fairly recent) kernel, but with an older userland. Are you sure your fdisk, disklabel and newfs binaries are on par with the kernel? Miod
OpenBGPd + pf + pf tables.
Hello,
I receive several subnet with OpenBGPd and I add them into a pf table like
this :
pf.conf (extract)
table bgp { 172.31.0.0/24, 10.0.1.1 }
bgpd.conf (extract)
AS 65530
holdtime 180
holdtime min 3
fib-update no
listen on xxx.xxx.xxx.150
neighbor xxx.xxx.xxx.xxx {
descr routeurs
announce none
remote-as 35189
}
deny quick from any prefix 0.0.0.0/0
allow from any prefixlen 8 - 24
allow from any set pftable bgp
The problem I have is if I have a subnet removed from bgp (eg my AS35189
neighbor) it is not removed from pf table bgp.
Do you have an little idea to do this automaticaly ?
Thanks !
/Xavier
HTTP URL filtering?
Hi *, I've a problem with an Apache web server hit by f*cking spammers... I would like to filter some URLs (unused but still used by the bots) *BEFORE* they reach the httpd processes. What could be the best method? pf? something else? Thanks! Xavier
Bge nic and ifconfig mtu ?
2.0 uhub4 at usb4 uhub4: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports with 8 removable, self powered ppb5 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0xd3 pci6 at ppb5 bus 6 ichpcib0 at pci0 dev 31 function 0 Intel 82801FB LPC rev 0x03: PM disabled pciide0 at pci0 dev 31 function 1 Intel 82801FB IDE rev 0x03: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TEAC, CD-224E-N, 1.AA SCSI0 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) pciide1 at pci0 dev 31 function 2 Intel 82801FR SATA rev 0x03: DMA, channel 0 wired to native-PCI, channel 1 wired to native-PCI pciide1: using apic 4 int 19 (irq 10) for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: Maxtor 6Y120M0 wd0: 16-sector PIO, LBA, 117246MB, 240121728 sectors wd1 at pciide1 channel 0 drive 1: Maxtor 6Y120M0 wd1: 16-sector PIO, LBA, 117246MB, 240121728 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 wd1(pciide1:0:1): using PIO mode 4, Ultra-DMA mode 5 ichiic0 at pci0 dev 31 function 3 Intel 82801FB SMBus rev 0x03: apic 4 int 19 (irq 10) iic0 at ichiic0 lm1 at iic0 addr 0x2f: W83792D rev D isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 biomask 0 netmask 0 ttymask 0 ioapic0: pin 16 shares different IPL interrupts (40..50), degraded performance pctr: user-level cycle counter enabled dkcsum: wd0 matches BIOS drive 0x80 dkcsum: wd1 matches BIOS drive 0x80 IGNORED root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 Thanks, /Xavier
Thunderbird stability/usability?
hi *, A few days ago, my notebook disk died... Good opportunity to reinstall a fresh 3.9-GENERIC. My X environment is running fine (xfce4) but Thunderbird gives me some headaches... (mozilla-thunderbird-1.5.0.4.tgz) From time to time, when reading RSS feeds or HTML mails (Grrr), it just closes! (no crash, no core produced, no error). Another annoying behaviour: the GUI! Some windows are opened with a small size or without content!? (like password windows) Is that a problem related to my X environment? To Thunderbird? Regards, Xavier -- Secret hacker rule #11: hackers read manuals.
