Re: help debug NFS

2021-04-12 Thread Родин Максим

Hi, James
Thank you for the link.
Since the problem really exists, the only option is to
use a periodical querying the mount point like you recommend or like
I did using while-loop.

11.04.2021 21:11, James Stark пишет:

Hi Maxim,

I ran into the problem with the nfs mounts on linux hanging a few
months ago, when the Linux distro that I'm running (Void) on the NFS
client dropped UDP NFS mounts.  At the time I found this post that
explains the situation:

http://openbsd-archive.7691.n7.nabble.com/nfsd-hangs-Linux-tcp-clients-after-5-minutes-idle-td402844.html

As a work around, I've set up a cron script that stat's the mount
point every four minutes.  That stops the mount from hanging.

I hope that helps.

James

On Sun, Apr 11, 2021 at 2:04 AM Родин Максим  wrote:


Hello
I have an NFS server on OpenBSD 6.8 stable
which exports a folder with default settings.
I have a linux mint client which mounts a share from this NFS server
with these settings:
sudo mount -o wsize=8192,rsize=8192 192.168.1.65:/big
/home/user/store
   which gives a decent speed at about 50-60MB/s both sides which seem ok
for me.
The problem is: when the mount point is not used for a while (5 minutes
and more) the share becomes unresponsive and the only way to unmount the
share is to do
sudo umount -lf /home/user/store
After that I can mount the share once again.
When I imitate using the share on client using
while :; do ls /home/user/store/ && echo "OK" && sleep 3 ; done;
the share remains responsive all the time and shows no problems.

What tweaks(settings) on the client(server) am I missing in my setup
to keep the mount point responsive?
--
Best regards
Maksim Rodin



--
С уважением,
Родин Максим



help debug NFS

2021-04-11 Thread Родин Максим

Hello
I have an NFS server on OpenBSD 6.8 stable
which exports a folder with default settings.
I have a linux mint client which mounts a share from this NFS server 
with these settings:

sudo mount -o wsize=8192,rsize=8192 192.168.1.65:/big
/home/user/store
 which gives a decent speed at about 50-60MB/s both sides which seem ok 
for me.
The problem is: when the mount point is not used for a while (5 minutes 
and more) the share becomes unresponsive and the only way to unmount the 
share is to do

sudo umount -lf /home/user/store
After that I can mount the share once again.
When I imitate using the share on client using
while :; do ls /home/user/store/ && echo "OK" && sleep 3 ; done;
the share remains responsive all the time and shows no problems.

What tweaks(settings) on the client(server) am I missing in my setup
to keep the mount point responsive?
--
Best regards
Maksim Rodin



Split-horizon dns

2021-03-26 Thread Родин Максим

Hello,
Is there a way to do split horizon dns using NSD?
I did not find anything similar in man nsd.conf
--
Best regards
Maksim Rodin



Re: blacklistd analogue

2021-03-25 Thread Родин Максим

Hello,
Why not just use a script that reads auth logs and adds abusive hosts to 
pf table using some patterns?

And you then decide what to do with addresses in that table and how long
should they stay in that table.

user~$ pfctl -t bad_ips -T show | wc -l
   69079

24.03.2021 21:33, jeanpierre пишет:

Does there exist an OpenBSD analogue for FreeBSD's blacklistd daemon?

For the sake of completeness: blacklistd is a daemon that, using pf
anchors, blocks connections from abusive hosts to parctiular services
(e.g. sshd) until they start behaving themselves again.

I find it very useful for timming down log files.

Regards,
Jean-Pierre



--
С уважением,
Родин Максим



Aspeed AST2400 integrated video supported?

2021-02-18 Thread Родин Максим

Hello
Is that type of video chip on server motherboard (Supermicro X11SSL) 
supported?



--
Maksim Rodin



Cisco AnyConnect Secure Mobility Client Alternatives with MFA?

2021-01-31 Thread Родин Максим

Hello,
Our employer decided that AnyConnect Secure Mobility Client with 
multifactor Azure authentication is the only secure option to connect to 
work. No alternatives, no discussions.

There are packages for Windows and Linux only.
Did anybody succeed in running vpn clients compatible with all that 
funny stuff?


--
Best regards
Maksim Rodin



Re: httpd fastcgi socket option not working as expected

2020-12-21 Thread Родин Максим

Hello once again!
I figured it out.
The right syntax is now:

fastcgi socket tcp 127.0.0.1 3031

Thank you Adriano!


21.12.2020 14:53, Adriano Barbosa пишет:
Hi, I’m not able to read the details of your email right now. Are you on 
6.8? httpd(8) changed syntax for fastcgi socket.



Em seg., 21 de dez. de 2020 às 06:48, Родин Максим <mailto:a23s4a2...@yandex.ru>> escreveu:


Hello.
I have a working Django project
which can be run by its own http-server
using

"./manage.py runserver 0.0.0.0:8000 <http://0.0.0.0:8000>"

One of the apps is available then on

"http://192.168.1.102:8000/it;

The same project can be run using uwsgi's own
http server by adding the option
"http-socket = :8000"
to the uwsgi.ini file:
The whole file is:

[uwsgi]
fastcgi-socket = 127.0.0.1:3031 <http://127.0.0.1:3031>
http-socket = :8000
chdir = /home/someuser/DJANGO/main_site/
wsgi-file = main_site/wsgi.py
master = True
max-requests = 5000
processes = 2
threads = 2
stats = 127.0.0.1:9191 <http://127.0.0.1:9191>
venv = /home/someuser/work_env
touch-reload = /home/someuser/DJANGO/main_site/reload
safe-pidfile2 = /home/someuser/DJANGO/main_site/uwsgi.pid
logto2 = /tmp/uwsgi.log
vacuum = True
# daemonize = yes

I was able to set up OpenBSD httpd to serve
Django applications two years ago.
I lost httpd.conf file which was working for me
but it did not seem too much complicated.
Now I try to reproduce my setup by using the
simplest httpd.conf:

server "192.168.1.102" {
          listen on * port 8000
          fastcgi socket ":3031"


fastcgi socket tcp 127.0.0.1 3031


}

Now I start uwsgi after commenting out the option "http-socket = :8000"
and it is ready to serve on 127.0.0.1:3031 <http://127.0.0.1:3031>:

someuser$ uwsgi uwsgi.ini
[uWSGI] getting INI configuration from uwsgi.ini
*** Starting uWSGI 2.0.19.1 (64bit) on [Mon Dec 21 13:25:29 2020] ***
compiled with version: OpenBSD Clang 10.0.1  on 21 December 2020
07:54:16
os: OpenBSD-6.8 GENERIC#1
nodename: somewebserver
machine: amd64
clock source: unix
pcre jit disabled
detected number of CPU cores: 1
current working directory: /home/someuser/DJANGO/main_site
detected binary path: uwsgi

and its log:

chdir() to /home/someuser/DJANGO/main_site/
your processes number limit is 256
your memory page size is 4096 bytes
detected max file descriptor number: 512
lock engine: ipcsem
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to TCP address 127.0.0.1:3031
<http://127.0.0.1:3031> fd 3
Python version: 3.8.6 (default, Oct 13 2020, 09:04:17)  [Clang 10.0.1 ]
PEP 405 virtualenv detected: /home/someuser/work_env
Set PythonHome to /home/someuser/work_env
Python main interpreter initialized at 0xa81c55ec00
python threads support enabled
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 250080 bytes (244 KB) for 4 cores
*** Operational MODE: preforking+threaded ***
WSGI app 0 (mountpoint='') ready in 1 seconds on interpreter
0xa81c55ec00 pid: 89605 (default app)
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 89605)
spawned uWSGI worker 1 (pid: 70095, cores: 2)
writing pidfile to /home/someuser/DJANGO/main_site/uwsgi.pid
spawned uWSGI worker 2 (pid: 17757, cores: 2)
writing pidfile to /home/someuser/DJANGO/main_site/uwsgi.pid
writing pidfile to /home/someuser/DJANGO/main_site/uwsgi.pid
*** Stats server enabled on 127.0.0.1:9191 <http://127.0.0.1:9191>
fd: 11 ***

And this is what httpd shows:

user$ httpd -d
startup
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
server_privinit: adding server 192.168.1.102
server_privinit: adding server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: running server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: running server 192.168.1.102
server_launch: running server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: running server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: running server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: running server 192.168.1.102

Then I try to access http://192.168.1.102:8000/it/

And than httpd shows:

192.168.1.102 192.168.1.57 - - [21/Dec/2020:13:33:21 +0300] "GET /it/
HTTP/1.1&qu

httpd fastcgi socket option not working as expected

2020-12-21 Thread Родин Максим

Hello.
I have a working Django project
which can be run by its own http-server
using

"./manage.py runserver 0.0.0.0:8000"

One of the apps is available then on

"http://192.168.1.102:8000/it;

The same project can be run using uwsgi's own
http server by adding the option
"http-socket = :8000"
to the uwsgi.ini file:
The whole file is:

[uwsgi]
fastcgi-socket = 127.0.0.1:3031
http-socket = :8000
chdir = /home/someuser/DJANGO/main_site/
wsgi-file = main_site/wsgi.py
master = True
max-requests = 5000
processes = 2
threads = 2
stats = 127.0.0.1:9191
venv = /home/someuser/work_env
touch-reload = /home/someuser/DJANGO/main_site/reload
safe-pidfile2 = /home/someuser/DJANGO/main_site/uwsgi.pid
logto2 = /tmp/uwsgi.log
vacuum = True
# daemonize = yes

I was able to set up OpenBSD httpd to serve
Django applications two years ago.
I lost httpd.conf file which was working for me
but it did not seem too much complicated.
Now I try to reproduce my setup by using the
simplest httpd.conf:

server "192.168.1.102" {
listen on * port 8000
fastcgi socket ":3031"
}

Now I start uwsgi after commenting out the option "http-socket = :8000"
and it is ready to serve on 127.0.0.1:3031:

someuser$ uwsgi uwsgi.ini
[uWSGI] getting INI configuration from uwsgi.ini
*** Starting uWSGI 2.0.19.1 (64bit) on [Mon Dec 21 13:25:29 2020] ***
compiled with version: OpenBSD Clang 10.0.1  on 21 December 2020 07:54:16
os: OpenBSD-6.8 GENERIC#1
nodename: somewebserver
machine: amd64
clock source: unix
pcre jit disabled
detected number of CPU cores: 1
current working directory: /home/someuser/DJANGO/main_site
detected binary path: uwsgi

and its log:

chdir() to /home/someuser/DJANGO/main_site/
your processes number limit is 256
your memory page size is 4096 bytes
detected max file descriptor number: 512
lock engine: ipcsem
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to TCP address 127.0.0.1:3031 fd 3
Python version: 3.8.6 (default, Oct 13 2020, 09:04:17)  [Clang 10.0.1 ]
PEP 405 virtualenv detected: /home/someuser/work_env
Set PythonHome to /home/someuser/work_env
Python main interpreter initialized at 0xa81c55ec00
python threads support enabled
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 250080 bytes (244 KB) for 4 cores
*** Operational MODE: preforking+threaded ***
WSGI app 0 (mountpoint='') ready in 1 seconds on interpreter 
0xa81c55ec00 pid: 89605 (default app)

*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 89605)
spawned uWSGI worker 1 (pid: 70095, cores: 2)
writing pidfile to /home/someuser/DJANGO/main_site/uwsgi.pid
spawned uWSGI worker 2 (pid: 17757, cores: 2)
writing pidfile to /home/someuser/DJANGO/main_site/uwsgi.pid
writing pidfile to /home/someuser/DJANGO/main_site/uwsgi.pid
*** Stats server enabled on 127.0.0.1:9191 fd: 11 ***

And this is what httpd shows:

user$ httpd -d
startup
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
server_privinit: adding server 192.168.1.102
server_privinit: adding server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: running server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: running server 192.168.1.102
server_launch: running server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: running server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: running server 192.168.1.102
server_launch: configuring server 192.168.1.102
server_launch: running server 192.168.1.102

Then I try to access http://192.168.1.102:8000/it/

And than httpd shows:

192.168.1.102 192.168.1.57 - - [21/Dec/2020:13:33:21 +0300] "GET /it/ 
HTTP/1.1"

500 0
server 192.168.1.102, client 1 (1 active), 192.168.1.57:34196 -> 
192.168.1.102:8

000, No such file or directory (500 Internal Server Error)

No change on uwsgi.log
No change on uwsgi stdout

netstat -naf inet
Active Internet connections (including servers)
Proto   Recv-Q Send-Q  Local Address  Foreign Address(state)
tcp  0  0  127.0.0.1.3031 *.*LISTEN
tcp  0  0  *.8000 *.*LISTEN

httpd does not seem to use the fastcgi socket it is pointed to
or is it my annoying mistake?

--
Best regards
Maksim Rodin



Re: OpenSMTPD-extras manual

2020-12-20 Thread Родин Максим

man table-socketmap is interesting but confusing:
__
"""DESCRIPTION
 This manual page documents the file
 format of "socketmap" tables used by
 the smtpd(8) mail daemon.

 The format described here applies to tables
 as defined in smtpd.conf(5).

SOCKETMAP TABLE
 A "socketmap" table uses a simple protocol.
The client sends a single-
 line request and the server sends
a single-line reply.

 The table may be used for any kind of key-based
lookup and replies are
 expected to follow the formats described in table(5).
"""
__

This table type could be just an experimental
useless table type like ldap tables or
a universal key to any userdata(password) storage if
one manages to make a middleware which
is able to make requests to any userdata storage
and return a needed value in proper format
to smtpd server through socketmap.

But again no clear manual entry makes it useless.
No hint in the manual how to configure this type
of table access


20.12.2020 01:34, Ingo Schwarze пишет:

Hi Maksim & Edgar,

Edgar Pettijohn wrote on Sat, Dec 19, 2020 at 03:37:22PM -0600:

On Sat, Dec 19, 2020 at 08:02:19PM +0300, ??  wrote:



Where can I find any manuals and examples regarding OpenSMTPD-extras?


Try:

$ man -k ^table-
$ man table-passwd table-socketmap table-sqlite table-redis


Which table types are supported and do not have status "experimental"
like ldap tables?
E.g. what is opensmtpd-extras-python and how can I use it?


Not sure about thise questions.


Your best bet is to git clone the repository and search for the tables,
etc you are interested in.


That would be unusual with OpenBSD; when possible, we try to include
documentation in user-installable packages and not only in source
distributions.

Strangely, in this case, there are files

   table-postgres.5 table-mysql.5

in the source tarballs but not in the respective packing lists.

Strangely, the tarball also contains three empty README files.


If there is a manual simply `mandoc file | less`.


Not the best advice ever...  :-/

Manually piping mandoc(1) output to less(1) is never needed.

If you have a manual page in the current directory - say, table-sqlite.5 -
then just

$ man -l table-sqlite.5

is sufficient, and if it's properly installed, as the opensmtpd-extras
package does it, then just

$ man table-sqlite

does the job without even needing to worry about the current directory.


Unfortunantly there aren't manuals for all of the `extras`.


Hmm, you may be right about that one, for example a table-python(5)
manual page doesn't appear to exist.

Yours,
   Ingo



--
С уважением,
Родин Максим



OpenSMTPD-extras manual

2020-12-19 Thread Родин Максим

Hello.
Where can I find any manuals and examples regarding OpenSMTPD-extras?
Which table types are supported and do not have status "experimental"
like ldap tables?
E.g. what is opensmtpd-extras-python and how can I use it?
--
Best regards
Maksim Rodin



OpenSMTPD and ldap+tls

2020-11-30 Thread Родин Максим

Hello
Is there a way to make opensmtpd work
with ldap aliases over a secure connection?

I do not know where to find working examples of this
My current /etc/mail/ldap.conf look like this:
  1 url>>--->---ldap://ldap1.mydomain.ru
  2 basedn>->--->---dc=mydomain,dc=ru
  3 username>--->---cn=service,dc=mydomain,dc=ru
  4 password>--->---passpasspass
  5
  6 domain_filter>-->---(&(objectClass=domain)(dc=%s))
  7 domain_attributes>--dc
  8
  9 credentials_filter>-(&(objectClass=posixAccount)(uid=%s))
 10 credentials_attributes>-uid,userPassword
 11
 12 userinfo_filter>>---(&(objectClass=posixAccount)(uid=%s))
 13 userinfo_attributes>uid,uidNumber,gidNumber,homeDirectory
 14
 15 alias_filter>--->---(&(objectClass=nisMailAlias)(cn=%s))
 16 alias_attributes>---rfc822MailMember

ldapd daemon is set up on another host to work over tls and ssl and
working correctly.

If I change url to ldaps://ldap1.mydomain.ru
or to ldap+tls://ldap1.mydomain.ru
then smtpd -dv shows:
"""
_
vdomains[50952]: warn: ldap_parse_url fail
vdomains[50952]: warn: ldap_connect error
vdomains[50952]: fatal: failed to connect
"""
_

--
Best Regards
Maksim Rodin



Re: incorrect pf rule?

2020-11-29 Thread Родин Максим

It turns out that my caring ISP really has a free firewall service
which is enabled by default.
I asked my ISP to disable it completely and now everything is OK.
Thank you!

29.11.2020 13:08, Stuart Henderson пишет:

On 2020-11-29, Родин Максим  wrote:

The problem is that only port 80 seems to be open from the outside.
I used several online port scanners to check this.
All of them tell:
port 80 OPEN
port 443 CLOSED


Could it be blocked by your ISP? Do you receive packets on your external
interface at all when you test port 443?




--
С уважением,
Родин Максим



Re: incorrect pf rule?

2020-11-29 Thread Родин Максим

It turns out that my caring ISP really has a free firewall service
which is enabled by default.
I asked my ISP to disable it completely and now everything is OK.
Thank you!

29.11.2020 14:30, Stuart Henderson пишет:

On 2020-11-29, Stuart Henderson  wrote:

On 2020-11-29, Родин Максим  wrote:

The problem is that only port 80 seems to be open from the outside.
I used several online port scanners to check this.
All of them tell:
port 80 OPEN
port 443 CLOSED


Could it be blocked by your ISP? Do you receive packets on your external
interface at all when you test port 443?





Or...if this is behind nat, do you need to add a port-forwarding on your ISP 
router?



--
С уважением,
Родин Максим



incorrect pf rule?

2020-11-28 Thread Родин Максим

Hello
I have a small 5 year old home router (upgraded to OpenBSD 6.8 stable) 
with a static white IP from my internet provider (gotten by dhcp) and a 
simple http/https server (OpenBSD httpd) in my network using VirtualBox 
VM (OpenBSD 6.8) which has a static IP 192.168.1.102.
The http server is available from the internal network on http and https 
ports when 192.168.1.102 is used.
To make the http server work from outside I'm trying to use the 
following PF rule on my router:

...
web_server = "192.168.1.102"
web_ports = "{ http https }"...
...
# Web-server
pass in log on egress inet proto tcp \
from ! to (egress) port $web_ports \
rdr-to $web_server

The problem is that only port 80 seems to be open from the outside.
I used several online port scanners to check this.
All of them tell:
port 80 OPEN
port 443 CLOSED

The whole ruleset is below:
__
"""
router root ~ # grep -v '^#' /etc/pf.conf 




int_if = "{ vether1 em1 em3 athn0 }"
beeline_tv = "{ em0 em2 }"
table  { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 \
   172.16.0.0/12 192.0.2.0/24 \
   192.168.0.0/16 198.18.0.0/15 198.51.100.0/24\
   }
table  persist file "/etc/pf/bad_ip"
asterisk_server = "192.168.1.101"
web_server = "192.168.1.102"
web_ports = "{ http https }"

block log all

set block-policy drop
set skip on lo

match in all scrub (no-df random-id max-mss 1440)
match out on egress inet from (vether1:network) to any nat-to (egress:0)

pass out quick inet
pass in on $int_if inet

pass on $beeline_tv allow-opts

pass in on egress inet proto tcp from ! \
to (egress) port 22 keep state \
(max-src-conn 2, max-src-conn-rate 2/300, \
overload  flush global)

pass in on egress inet proto udp from ! \
to (egress) port 5060 keep state \
(max-src-states 1) rdr-to $asterisk_server
pass in on $int_if inet proto udp from (vether1:network) \
to (egress) port 5060 \
rdr-to $asterisk_server


pass in on egress inet proto udp from ! \
to (egress) port 1:2 keep state \
(max-src-states 1) rdr-to $asterisk_server

pass in on $int_if inet proto udp from (vether1:network) \
to (egress) port 1:2 \
rdr-to $asterisk_server


pass in on egress inet proto { tcp udp } from ! \
to (egress) port { 5 }  rdr-to 192.168.1.65

pass in log on egress inet proto tcp from ! \
to (egress) port $web_ports \
rdr-to $web_server
"""



I added some log options to try to understand which rule can be blocking 
access to https port from the outside but the log shows the following:



"""
router root ~ # tcpdump -n -e -ttt -i pflog0 port 80 or port 443

tcpdump: WARNING: snaplen raised from 116 to 160
tcpdump: listening on pflog0, link-type PFLOG
Nov 29 08:28:44.602109 rule 23/(match) pass in on vether0: 
5.101.123.139.40470 > 89.179.243.222.80: S 2282440086:2282440086(0) win 
29200  (DF) [tos 0x28]

"""


Access to port http is logged successfully but access to port https is 
nowhere
There are other rdr-to rules in my ruleset and all of them work as 
expected e.g.:
port 5060 udp and port range 1:2 udp are redirected to 
VirtualBox VM (Asterisk) as expected.




--
Best regards
Maksim Rodin



ldapd.conf certificate directive not working?

2020-11-28 Thread Родин Максим

Hello
When I use the following directive in ldapd.conf:
1)
...
listen on em0 ldaps
...
or
...
listen on em0 tls
...
and the certificate (em0.crt) and key (em0.key) files are in 
/etc/ldap/certs,

then "ldapd -n" shows OK.

When I use:
2)
...
listen on em0 ldaps certificate "/etc/ldap/certs/em0.crt"
or
listen on em0 ldaps certificate "/etc/ldap/certs/em0"
...
or
...
listen on em0 tls certificate "/etc/ldap/certs/em0.crt"
or
listen on em0 tls certificate "/etc/ldap/certs/em0"
...
then "ldapd -n" shows the following:
"/etc/ldapd.conf:10: cannot load certificate: /etc/ldap/certs/em0.crt
/etc/ldapd.conf:11: cannot load certificate: /etc/ldap/certs/em0.crt"
or
"/etc/ldapd.conf:10: cannot load certificate: /etc/ldap/certs/em0
/etc/ldapd.conf:11: cannot load certificate: /etc/ldap/certs/em0"

man ldapd.conf says:
"If no certificate name is specified, the /etc/ldap/certs directory is
searched for a file named by joining the interface name with a
.crt extension, e.g. /etc/ldap/certs/fxp0.crt."

This works OK
But the following:

"If the certificate name is an absolute path, a .crt and .key
extension are appended to form the certificate path and key path
respectively."
This part does not seem to work at all.
Neither it tries to search certificates using the absolute path nor
it tries to append .crt or .key extension to the absolute path when no 
extension is used in config.


Or I do it completely wrong?

--
Maksim Rodin



Re: Help debugging slow nfs (40kB/s); linux client

2020-04-18 Thread Родин Максим

Hello,
Try these options:

sudo mount.nfs -o wsize=8192,rsize=8192 IPADDRESS:/shara /home/myuser/shara/

Play with wsize and rsize to achieve better speed.
These are mines.

18.04.2020 02:31, Nathan Clement пишет:

Hello,

I am trying to get an Intel atom mini itx board running as an OpenBSD 6.6
NAS.
I've got the necessary daemons running on the mini itx board:


doas rcctl ls started

cron
httpd
mountd
nfsd
ntpd
pflogd
portmap
slaacd
smtpd
sndiod
sshd
syslogd

and exports is set up:


cat /etc/exports

/home/nathan/shared -alldirs -ro

I am mounting this from my laptop which runs on arch linux at the moment.
On the linux client machine, this is the relevant line from mount:

192.168.1.4:/home/nathan/shared on /home/nathan/mnt type nfs
(rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.1.4,mountvers=3,mountport=997,mountproto=udp,local_lock=none,addr=192.168.1.4)

I can copy small files over nfs, but anything large takes way too long.
I've read rsync isn't necessarily the best way to gauge transfer speed, but
rsync shows I'm getting about 38kB/s transfer speed. For comparison, I
tried using sshfs to mount the same directory on the itx to the same
location on the linux system and I get ~1.1MB/s, wow! Even that isn't
great, but I'm the laptop is on wifi and I figure I can get to more tuning
later.

It seems clear I'm not (just) dealing with hardware limitations in this nfs
mount. What else can I do to debug this?

Thanks,
Nathan



--
С уважением,
Родин Максим



Re: Does Intel driver supports Intel g31?

2020-04-12 Thread Родин Максим

Clearly Russia is guilty of everything in this world.
But Kazakhstan is not Russia.
And your post shows that stupid people live not only in Kazakhstan.

11.04.2020 18:24, m brandenberg пишет:

On Sat, 11 Apr 2020, Nikita Stepanov wrote:


Does Intel driver supports Intel g31?


Clearly, Russia's GRU has been tasked with killing Theo by aneurism.

--
Monty Brandenberg



--

Maksim Rodin



Re: Samba on obsd

2020-03-25 Thread Максим
As a replacement for MS AD you have no chance with OpenBSD.Sadly.� --� Maksim
Rodin� � � 25.03.2020, 02:10, "Lars Bonnesen" :

  Hi. I am having a project on setting up Samba to work as a
  replacement for
  MS AD.

  I would prefer to do it on OpenBSD, but how is the implementation of
  Samba
  on OpenBSD? Is it enhanced in a way that will cause any known
  problems that
  would not be on say... CentOS?

  Regards, Lars.


xl2tpd cannot connect to PPPoE VPN server

2019-08-19 Thread Максим
Hello,
I set up an xl2tp client using xl2tpd port on OpenBSD amd64 stable.
Most of the time I connect to a Mikrotik PPPoE VPN server and the connection 
runs without problems but
sometimes I cannot make a connection. When this happens I see the following in 
the /var/log/daemon:

tail -f /var/log/daemon | grep xl2tpd
Jul 25 13:27:07 nb1 xl2tpd[96632]: Written by Mark Spencer, Copyright (C) 1998, 
Adtran, Inc.
Jul 25 13:27:07 nb1 xl2tpd[96632]: Forked by Scott Balmos and David Stipp, (C) 
2001
Jul 25 13:27:07 nb1 xl2tpd[96632]: Inherited by Jeff McAdams, (C) 2002
Jul 25 13:27:07 nb1 xl2tpd[96632]: Forked again by Xelerance 
(www.xelerance.com) (C) 2006-2016
Jul 25 13:27:07 nb1 xl2tpd[96632]: Listening on IP address 0.0.0.0, port 1701
Jul 25 13:27:07 nb1 xl2tpd[96632]: Connecting to host IPADDRESS, port 1701
Jul 25 13:27:38 nb1 xl2tpd[96632]: Maximum retries exceeded for tunnel 39276.  
Closing.
Jul 25 13:27:38 nb1 xl2tpd[96632]: Connection 0 closed to 91.234.97.130, port 
1701 (Timeout)

When I check the port 1701 on the VPN host with netcat it is open.
When I ask a VPN admin on their side to check my connection attempts they do 
not see anything.

When I make a connection using Windows or Ubuntu machine at the same time, it 
connects without problems.


What can be the problem?


-- 
Best regards,
Maksim Rodin



Re: How to clear the screen correctly in ksh

2019-07-05 Thread Максим
Hello,
Thanks for the hint, it really works out of the box on 6.5
I did not notice it because I use vi mode in ksh which does not seem
to know about this key combination. In man ksh there is no option for the vi
mode.

-- 
Maksim Rodin


04.07.2019, 12:59, "Stuart Henderson" :
> On 2019-07-04, Максим  wrote:
>>  Hello
>>  In bash I can press Ctrl-l to clear the screen.
>>  In ksh this key combination does not work. I can clear the screen only
>>  using the command "clear".
>>
>>  How can I do this using hotkeys in ksh?
>>  And how to do this when in vi mode?
>>
>>  I tried a workaround by assigning the key combination to Ctrl-l to cwm:
>>  cat .cwmrc
>>  unbind-key C-l
>>  bind-key C-l "/usr/bin/clear"
>>  After reloading cwm there is no effect.
>>
>>  --
>>  Maksim Rodin
>
> Update to 6.5.
>
> (Or if, like me, you hate the ^L = clear behaviour, restord the previous
> behaviour with "bind ^L=redraw").



How to clear the screen correctly in ksh

2019-07-04 Thread Максим
Hello
In bash I can press Ctrl-l to clear the screen.
In ksh this key combination does not work. I can clear the screen only
using the command "clear".

How can I do this using hotkeys in ksh?
And how to do this when in vi mode?

I tried a workaround by assigning the key combination to Ctrl-l to cwm:
cat .cwmrc
unbind-key C-l
bind-key C-l "/usr/bin/clear"
After reloading cwm there is no effect.

-- 
Maksim Rodin



Re: IPTV handling on OpenBSD soft router

2019-06-18 Thread Максим
Yes, I too thought that the  table could be the reason and even
tried to completely comment out the rules with this table. That did not
help and I later understood why. The rules with the  table
affect the network stream on egress port which is vether0 by me. But
these rules do not apply neither to em0 nor em2. These are part of the
same virtual bridge0 as vether0 but they are not filtered.
As I understand if the iptv stream is blocked by PF it should be logged
by the rule "block log all". But there are no packets when I do "tcpdump
-n -e -i pflog0 not ifname vether0 and action block"

--
Best regardsMaksim Rodin

18:41, 18 июня 2019 г., Stuart Henderson :

  On 2019-06-18, Максим  wrote:

� When I disable PF and use tcpdump to monitor network activity
on em2
� (where the IPTV box is connected) I see a stream of udp packets
(something like this:
� 233.33.210.7:5050)
� This stream is interrupted in several seconds when I enable PF
again.


  It probably doesn't help that you have the multicast address range
  in your  table ..


Re: IPTV handling on OpenBSD soft router

2019-06-18 Thread Максим
When I disable PF and use tcpdump to monitor network activity on em2
(where the IPTV box is connected) I see a stream of udp packets (something like 
this:
233.33.210.7:5050)
This stream is interrupted in several seconds when I enable PF again.

-- 
Best regards
Maksim Rodin


17.06.2019, 10:20, "Peer" :
> Could it be that your IPTV is using a non-IP protocoll, e.g. an ethertype 
> which is not IPv4 nor IPv6, but something different? Like Powerline, G.hn or 
> so? -- And which is blocked by pf?There are several protocol and type fields 
> on the different layers (MAC, IP, TCP/UDP), and I recently noticed that tools 
> and man pages do not always identify them very clearly or are somewhat 
> misnamed (for historical reasons I'd say).Btw., I'm looking for a pointer to 
> packet formats of ethertypes 0x88e1 and 0x8912, which my current filter 
> bubble or info availability didn't allow me to find until now. They show up 
> in tcpdump although they are not TCP nor even IP, and wireshark doesn't 
> decrypt the payload, which I'm interested in.
>  Ursprüngliche Nachricht Von: Родин Максим 
>  Datum: 16.06.19 22:16 (GMT+01:00) An: OpenBSD general 
> usage list  Betreff: [misc] IPTV handling on OpenBSD soft 
> router Hello,I am trying to set up an IPTV-box behind a soft router.When my 
> internet (iptv) provider installed the IPTV box he said thatI need a switch 
> before my soft router to let IPTV stream successfully pass to the IPTV box.I 
> thought that a virtual bridge interface would be enough for this purpose.I 
> created a bridge0 interface and added three interfaces to it:em0 - a physical 
> one which delivers internet and iptv from my provider.em2 - a physical one to 
> which the IPTV-box is connected and which receives a mac binded ip address 
> from the local network of my provider(100.65.129.0/24).vether0 - a virtual 
> one which receives an external ip address from dhcp server of my provider (it 
> therefore belongs to egress group) and through which my home computers access 
> the internet using NAT ({ vether1 em1 em3 athn0 }).When PF is disabled the 
> IPTV-box is working.When PF is enabled the IPTV box works for several seconds 
> and then the picture freezes. When I change to another TV channel it works 
> again for several seconds and then it freezes again.My pf settings are listed 
> below (I used some of the config in PF user's guide)I do no filtering on the 
> ports needed (em0, em2)When I do:tcpdump -n -e -i pflog0 not ifname vether0It 
> shows no blocked packetsWhat am I 
> missing?""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""router
>  root ~ # cat /etc/pf.conf# $OpenBSD: pf.conf,v 1.54 2014/08/23 05:49:42 
> deraadt Exp $## See pf.conf(5) and /etc/examples/pf.confint_if = "{ vether1 
> em1 em3 athn0 }"table  { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 
> 169.254.0.0/16 \    172.16.0.0/12 192.0.2.0/24 224.0.0.0/3 \    
> 192.168.0.0/16 198.18.0.0/15 198.51.100.0/24    \    203.0.113.0/24 
> }table  persist file "/etc/pf/bad_ip"block log allset block-policy 
> dropset loginterface egressset skip on lomatch out on egress inet from 
> (vether1:network) to any nat-to (egress:0)block in quick on egress from 
>  to anyblock return out quick on egress from any to pass 
> out quick inetpass in on $int_if inet#  IPTVpass on em2pass on em0#pass in on 
> egress inet proto tcp from ! to (egress) port 22pass in on egress 
> inet proto tcp from ! to (egress) port 80pass in on egress inet 
> proto { tcp udp } from any to (egress) port { 51413 22034 6890:6999 6881 }  
> rdr-to 192.168.1.4pass in on egress inet proto { tcp udp } from any to 
> (egress) port { 5 }  rdr-to 192.168.1.65#block return # block stateless 
> traffic#pass # establish keep-state# By default, do not permit remote 
> connections to X11#block return in on ! lo0 proto tcp to port 
> 6000:6010""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" -- 
> Best regardsMaksim Rodin

IPTV handling on OpenBSD soft router

2019-06-16 Thread Родин Максим

Hello,
I am trying to set up an IPTV-box behind a soft router.

When my internet (iptv) provider installed the IPTV box he said that
I need a switch before my soft router to let IPTV stream successfully 
pass to the IPTV box.

I thought that a virtual bridge interface would be enough for this purpose.
I created a bridge0 interface and added three interfaces to it:
em0 - a physical one which delivers internet and iptv from my provider.
em2 - a physical one to which the IPTV-box is connected and which 
receives a mac binded ip address from the local network of my provider

(100.65.129.0/24).
vether0 - a virtual one which receives an external ip address from dhcp 
server of my provider (it therefore belongs to egress group) and through 
which my home computers access the internet using NAT ({ vether1 em1 em3 
athn0 }).


When PF is disabled the IPTV-box is working.
When PF is enabled the IPTV box works for several seconds and then the 
picture freezes. When I change to another TV channel it works again for 
several seconds and then it freezes again.
My pf settings are listed below (I used some of the config in PF user's 
guide)

I do no filtering on the ports needed (em0, em2)

When I do:
tcpdump -n -e -i pflog0 not ifname vether0
It shows no blocked packets

What am I missing?


""
router root ~ # cat /etc/pf.conf
#   $OpenBSD: pf.conf,v 1.54 2014/08/23 05:49:42 deraadt Exp $
#
# See pf.conf(5) and /etc/examples/pf.conf

int_if = "{ vether1 em1 em3 athn0 }"
table  { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 \
   172.16.0.0/12 192.0.2.0/24 224.0.0.0/3 \
   192.168.0.0/16 198.18.0.0/15 198.51.100.0/24\
   203.0.113.0/24 }
table  persist file "/etc/pf/bad_ip"

block log all

set block-policy drop
set loginterface egress
set skip on lo

match out on egress inet from (vether1:network) to any nat-to (egress:0)

block in quick on egress from  to any
block return out quick on egress from any to 
pass out quick inet
pass in on $int_if inet

#  IPTV
pass on em2
pass on em0

#
pass in on egress inet proto tcp from ! to (egress) port 22
pass in on egress inet proto tcp from ! to (egress) port 80
pass in on egress inet proto { tcp udp } from any to (egress) port { 
51413 22034 6890:6999 6881 }  rdr-to 192.168.1.4
pass in on egress inet proto { tcp udp } from any to (egress) port { 
5 }  rdr-to 192.168.1.65


#block return   # block stateless traffic
#pass   # establish keep-state

# By default, do not permit remote connections to X11
#block return in on ! lo0 proto tcp to port 6000:6010
"""


--
Best regards
Maksim Rodin



Re: Flask and uWSGI on OpenBSD httpd

2019-06-06 Thread Максим
https://uwsgi.readthedocs.io/en/latest/OpenBSDhttpd.html?highlight=openbsd

-- 
Best regards
Maksim Rodin


06.06.2019, 09:02, "Tito Mari Francis Escaño" :
> Good day to everyone on misc,
> I’m trying to setup a Flask-based web application on OpenBSD 6.5 and I keep 
> encountering mention of uWSGI in integrating it with OpenBSD httpd, but I 
> found there were very few and vague resources online.
> I have already figured out what packages I should use, I used the provided 
> Python 3.6.8p0 and py3-flask package.
> Further I installed uwsgi thru “pip install uwsgi”, but there were no 
> references for integrating the uwsgi with httpd, what should be the 
> configuration of the httpd for this?
> Can somebody please point me to references I should look into to make this 
> happen?
> Would greatly appreciate your help.
> Thanks.



Re: The right way to view the current input layout in X

2019-05-28 Thread Максим
Thank you.
It really does the job.

-- 
Best Regards
Maksim Rodin

28.05.2019, 16:24, "Lévai, Dániel" :
> That's the thing, that doesn't tell you which specific layout is active (from 
> us,ru).
>
> I've been using skb for ages for this: https://plhk.ru/
>
> It does the job.
>
> Dani
>
> ‐‐‐ Original Message ‐‐‐
> On Tuesday, 28 May 2019 14:39, Robert Klein  wrote:
>
>>  On Tue, 28 May 2019 14:50:30 +0300
>>  Максим a23s4a2...@yandex.ru wrote:
>>
>>  > Hello,
>>  > The following command is run from my .xsession file to allow me to
>>  > switch between english and russian layout: "setxkbmap -layout "us,ru"
>>  > -option grp:alt_space_toggle"
>>  > But how can I view the current input layout?
>>
>>  “man setxkbmap” says:
>>
>>  [...]
>>  -query With this option setxkbmap just prints the current rules,
>>  model, layout, variant, and options, then exits.
>>  [...]
>>
>>  Best regards
>>  Robert
>>
>>  > --
>>  > Maksim Rodin



Re: The right way to view the current input layout in X

2019-05-28 Thread Максим
I saw this option
Not exactly what I want:

"~ $ setxkbmap -query
rules:  base
model:  pc105
layout: us,ru
options:grp:alt_space_toggle"

I would like to know whether it is "en" or "ru" right now

-- 
Best Regards
Maksim Rodin


28.05.2019, 15:41, "Robert Klein" :
> On Tue, 28 May 2019 14:50:30 +0300
> Максим  wrote:
>
>>  Hello,
>>  The following command is run from my .xsession file to allow me to
>>  switch between english and russian layout: "setxkbmap -layout "us,ru"
>>  -option grp:alt_space_toggle"
>>
>>  But how can I view the current input layout?
>
> “man setxkbmap” says:
>
> [...]
>    -query With this option setxkbmap just prints the current rules,
>    model, layout, variant, and options, then exits.
> [...]
>
> Best regards
> Robert
>
>>  --
>>  Maksim Rodin



The right way to view the current input layout in X

2019-05-28 Thread Максим
Hello,
The following command is run from my .xsession file to allow me to switch 
between english and russian layout:
"setxkbmap -layout "us,ru" -option grp:alt_space_toggle"

But how can I view the current input layout?

-- 
Maksim Rodin



Re: Django + httpd + relayd

2019-03-31 Thread Родин Максим

Django + httpd is explained here:
https://uwsgi.readthedocs.io/en/latest/OpenBSDhttpd.html?highlight=openbsd

30.03.2019 17:22, Michael Joy пишет:

Apologies in advance for the noobish question.
Does anyone have a tutorial or example of a working configuration for a
Django app being served with httpd and relayd? Beating my head off the wall
with it at this point.



--
С уважением,
Родин Максим



cannot install iozone

2019-03-15 Thread Максим
Hello.
I cannot install iozone though it is shown using command pkglocate
$ pkglocate iozone
iozone-3.465:benchmarks/iozone:/usr/local/bin/iozone
iozone-3.465:benchmarks/iozone:/usr/local/man/man1/iozone.1

$ pkg_info -Q iozone
shows nothing

$ doas pkg_add -i iozone
quirks-3.107 signed on 2019-03-14T12:02:09Z
Can't find iozone

I don't understand what wrong with that package is.
OpenBSD 6.5 GENERIC.MP#758 amd64

-- 
Best Regards
Maksim Rodin



Re: SSH disconnects right after accepting

2019-02-07 Thread Максим
Hello,
Did you edit /etc/login.conf recently?

-- 
Best Regards
Maksim Rodin


08.02.2019, 03:27, "Lars Bonnesen" :
> OpenBSD 6.4
>
> Putty just reports "Authenticating with public key "XXX" from agent" and
> then I am disconnected. If I run sshd with -ddd, I get the following
> output. I can't seem to get any error, and therefor I can't tell what is
> wrong. Anyone has any idea? Thanks
>
> debug2: load_server_config: filename /etc/ssh/sshd_config
> debug2: load_server_config: done config len = 204
> debug2: parse_server_config: config /etc/ssh/sshd_config len 204
> debug3: /etc/ssh/sshd_config:25 setting LogLevel DEBUG
> debug3: /etc/ssh/sshd_config:30 setting PermitRootLogin no
> debug3: /etc/ssh/sshd_config:39 setting AuthorizedKeysFile
> .ssh/authorized_keys
> debug3: /etc/ssh/sshd_config:86 setting Subsystem sftp
> /usr/libexec/sftp-server
> debug1: sshd version OpenSSH_7.9, LibreSSL 2.8.2
> debug1: private host key #0: ssh-rsa SHA256:XXX
> debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:XXX
> debug1: private host key #2: ssh-ed25519 SHA256:XXX
> debug1: rexec_argv[0]='/usr/sbin/sshd'
> debug1: rexec_argv[1]='-ddd'
> debug2: fd 3 setting O_NONBLOCK
> debug1: Bind to port 22 on 0.0.0.0.
> Server listening on 0.0.0.0 port 22.
> debug2: fd 4 setting O_NONBLOCK
> debug1: Bind to port 22 on ::.
> Server listening on :: port 22.
> debug1: fd 5 clearing O_NONBLOCK
> debug1: Server will not fork when running in debugging mode.
> debug3: send_rexec_state: entering fd = 8 config len 204
> debug3: ssh_msg_send: type 0
> debug3: send_rexec_state: done
> debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
> debug1: inetd sockets after dupping: 3, 3
> Connection from 172.17.4.3 port 63721 on 172.17.1.2 port 22 rdomain "0"
> debug1: Client protocol version 2.0; client software version
> PuTTY_Release_0.70
> debug1: no match: PuTTY_Release_0.70
> debug1: Local version string SSH-2.0-OpenSSH_7.9
> debug2: fd 3 setting O_NONBLOCK
> debug3: ssh_sandbox_init: preparing pledge sandbox
> debug2: Network child is on pid 89382
> debug3: preauth child monitor started
> debug3: privsep user:group 27:27 [preauth]
> debug1: permanently_set_uid: 27/27 [preauth]
> debug1: list_hostkey_types:
> rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
> debug3: send packet: type 20 [preauth]
> debug1: SSH2_MSG_KEXINIT sent [preauth]
> debug3: receive packet: type 20 [preauth]
> debug1: SSH2_MSG_KEXINIT received [preauth]
> debug2: local server KEXINIT proposal [preauth]
> debug2: KEX algorithms:
> curve25519-sha256,curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
> [preauth]
> debug2: host key algorithms:
> rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
> debug2: ciphers ctos: chacha20-poly1...@openssh.com
> ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,
> aes256-...@openssh.com [preauth]
> debug2: ciphers stoc: chacha20-poly1...@openssh.com
> ,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,
> aes256-...@openssh.com [preauth]
> debug2: MACs ctos: umac-64-...@openssh.com,umac-128-...@openssh.com,
> hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,
> hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
> [preauth]
> debug2: MACs stoc: umac-64-...@openssh.com,umac-128-...@openssh.com,
> hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,
> hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
> [preauth]
> debug2: compression ctos: none,z...@openssh.com [preauth]
> debug2: compression stoc: none,z...@openssh.com [preauth]
> debug2: languages ctos: [preauth]
> debug2: languages stoc: [preauth]
> debug2: first_kex_follows 0 [preauth]
> debug2: reserved 0 [preauth]
> debug2: peer client KEXINIT proposal [preauth]
> debug2: KEX algorithms:
> curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1
> [preauth]
> debug2: host key algorithms:
> ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
> [preauth]
> debug2: ciphers ctos: aes256-ctr,aes256-cbc,rijndael-...@lysator.liu.se
> ,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,chacha20-poly1...@openssh.com,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
> [preauth]
> debug2: ciphers stoc: aes256-ctr,aes256-cbc,rijndael-...@lysator.liu.se
> ,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,chacha20-poly1...@openssh.com,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
> [preauth]
> debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,
> 

Re: SSH server immediately closes connection

2018-12-15 Thread Родин Максим

Hello,
That was my fault. I misconfigured my login.conf last time.

14.12.2018 16:14, Nick Holland пишет:

On 12/14/18 00:27, Максим wrote:

Hello,
I've got a PC running OpenBSD current.
After the latest upgrade I cannot ssh to it.

When I run "ssh 10.26.5.70"
I get this:
"Connection to 10.26.5.70 closed by remote host.
  Connection to 10.26.5.70 closed."
As an SSH client I use another OpenBSD box and a Linux machine
with the same result.
When I run "ssh -vvv 10.26.5.70"
the last messages are:

"debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to 10.26.5.70 ([10.26.5.70]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessi...@openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: send packet: type 1
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
   #0 client-session (t3 nr0 i0/0 o0/0 e[write]/0 fd 4/5/6 sock -1 cc -1)

debug3: fd 1 is not O_NONBLOCK
Connection to 10.26.5.70 closed by remote host.
Connection to 10.26.5.70 closed.
Transferred: sent 2644, received 1932 bytes, in 0.0 seconds
Bytes per second: sent 1085498.2, received 793185.5
debug1: Exit status -1"


No errors in /var/log/daemon
No errors in /var/log/authlog

The result doesn't depend on the user which I use to login.


I just happened to have upgraded a system last night to the most recent
snapshot, I am NOT having any such problem.
OpenBSD 6.4-current (GENERIC.MP) #510: Thu Dec 13 06:20:42 MST 2018
 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

So ... Doesn't appear to be a systemic problem, most likely either a
knob you twisted before the upgrade or something about your upgrade process.

You need to provide more details about what you did...both before and
during the upgrade...and some indication of what platform you are
running and the snapshot you upgraded to.

Nick.



--
С уважением,
Родин Максим



SSH server immediately closes connection

2018-12-13 Thread Максим
Hello,
I've got a PC running OpenBSD current.
After the latest upgrade I cannot ssh to it.
When I run "ssh 10.26.5.70"
I get this:
"Connection to 10.26.5.70 closed by remote host.
 Connection to 10.26.5.70 closed."
As an SSH client I use another OpenBSD box and a Linux machine
with the same result.
When I run "ssh -vvv 10.26.5.70"
the last messages are:

"debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to 10.26.5.70 ([10.26.5.70]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessi...@openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: send packet: type 1
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t3 nr0 i0/0 o0/0 e[write]/0 fd 4/5/6 sock -1 cc -1)

debug3: fd 1 is not O_NONBLOCK
Connection to 10.26.5.70 closed by remote host.
Connection to 10.26.5.70 closed.
Transferred: sent 2644, received 1932 bytes, in 0.0 seconds
Bytes per second: sent 1085498.2, received 793185.5
debug1: Exit status -1"


No errors in /var/log/daemon
No errors in /var/log/authlog

The result doesn't depend on the user which I use to login.

-- 
Best regards
Maksim Rodin



Re: How to make the cwm window manager reread new config

2018-09-16 Thread Родин Максим

Thank you very much, it works.
I always thought this would restart my whole session and I would loose
all my open windows.

15.09.2018 21:38, Antoine Jacoutot пишет:

On Sat, Sep 15, 2018 at 08:41:52PM +0300, Родин Максим wrote:

Hello,
May be a silly question,
how can I make the cwm window manager reread its config file
without loosing my working session?


 From cwmrc(5):
BIND FUNCTION LIST
  restart  Restart the running cwm(1).

And from cwm(1):
  cwm rereads its configuration file when it receives a hangup signal,
  SIGHUP, by executing itself with the name and arguments with which it was
  started.  This is equivalent to the restart function.



--
Maksim



Re: Deploy Django app - strategy?

2018-09-16 Thread Родин Максим

I deploy my django app using uwsgi and venv in my home dir
uWSGi starts on its default port and httpd server uses this port
to handle my app requests. Everything just like in the official manual 
of uwsgi.


26.08.2018 23:41, Chris Narkiewicz пишет:

On 26/08/2018 21:01, Paul de Weerd wrote:

Use python3 -m venv /path/to/venv to create a virtualenv using python3
and be done with it.


Yeah, it did the trick. I'm going to deplrecate use of virtualenv,
since it's no longer needed with Python 3.6.

   That will use a symlink to the actual python3

binary in /usr/local, so no issues with the lack of wxallowed on /var.
However, you'll have to deal with the chroot implications there...


I guess it's a non-starter with Django... I guess it'd be easier to
simply run it in Docker.


What webserver are you using?


It's pretty standard stack:

* postgresql on localhost
* uwsgi on localhost with http/fastcgi protocol
* httpd on egress

Best regards,
Chris



--
С уважением,
Родин Максим



How to make the cwm window manager reread new config

2018-09-15 Thread Родин Максим

Hello,
May be a silly question,
how can I make the cwm window manager reread its config file
without loosing my working session?
--
Maksim



Re: Can OpenBSD connect to MS L2TP VPN?

2018-09-03 Thread Максим
Hello.
I recently managed to make a connection to MIkrotik L2TP server
using xl2tp package. I'm not sure it would be the same as for Windows
but you could try. The problem may be how to set the domain part of the login:
DCDOMAIN\user (DCDOMAIN\\user, user@dsdomain.local?..)

The only problem was that I did not pay much attention to several details in 
pkg-readme
for xl2tp package.


--
Best regards
Maksim Rodin


03.09.2018, 20:50, "Sacha El Masry" :
> Hi,
>
> I've searched the internet every way I could think of, but cannot find
> an easy answer to whether it's possible for OpenBSD as a client to
> connect to a Microsoft (Windows Server-provided) L2TP VPN?
>
> Obviously, there are countless guides to setting up OpenBSD as a
> server, to which Windows, macOS, iOS and Linux/Android clients can
> connect. While I should be able to work out how to do the reverse, I
> haven't succeeded.
>
> The first question is: can OpenBSD, using base packages or xl2tpd,
> actually connect to this type of Windows VPN?
>
> If it can, and one of you has done so, could you please provide a
> pointer? I have read up on base tools, but as far as I get it, they can
> be used to set up a server, or as a gateway with another IPSEC
> gateway. From what little I understand, xl2tpd can be used as a client,
> but I have not managed to create a connection - or to establish 'flows'
> - as per the instructions that package provides
>   at: /usr/local/.../xl2tpd-1.3.11.
>
> Thanks,
>
> Sacha



Re: pip install (python3) requires some development libraries

2018-08-27 Thread Максим
Thank you very much!
Your advice is really much easier to remember for me
as I am not a big programmer.

-- 
Best regards
Maksim Rodin


27.08.2018, 16:09, "Stuart Henderson" :
> On 2018/08/27 15:43, Максим wrote:
>>  I manually downloaded the python-ldap-3.1.0.tar.gz archive (this packet is 
>> a dependency
>>  which gives that error).
>>
>>  unpacked it and ran python setup.py build.
>>  The same error:
>>  "running build
>>  running build_py
>>  running egg_info
>>  writing Lib/python_ldap.egg-info/PKG-INFO
>>  writing dependency_links to Lib/python_ldap.egg-info/dependency_links.txt
>>  writing requirements to Lib/python_ldap.egg-info/requires.txt
>>  writing top-level names to Lib/python_ldap.egg-info/top_level.txt
>>  reading manifest file 'Lib/python_ldap.egg-info/SOURCES.txt'
>>  reading manifest template 'MANIFEST.in'
>>  no previously-included directories found matching 'Doc/.build'
>>  writing manifest file 'Lib/python_ldap.egg-info/SOURCES.txt'
>>  running build_ext
>>  building '_ldap' extension
>>  cc -pthread -Wno-unused-result -Wsign-compare -Wunreachable-code -DNDEBUG
>>  -O2 -pipe -fPIC -O2 -pipe -O2 -pipe -fPIC -DHAVE_SASL -DHAVE_TLS 
>> -DHAVE_LIBLDAP_R
>>  -DHAVE_LIBLDAP_R -DLDAPMODULE_VERSION=3.1.0 -DLDAPMODULE_AUTHOR=python-ldap 
>> project
>>  -DLDAPMODULE_LICENSE=Python style -IModules 
>> -I/home/misa/REQUEST_TRACKER/rt/include
>>  -I/usr/local/include/python3.6m -c Modules/LDAPObject.c
>>  -o build/temp.openbsd-6.4-amd64-3.6/Modules/
>>  LDAPObject.o
>>  In file included from Modules/LDAPObject.c:8:
>>  Modules/constants.h:7:10: fatal error: 'lber.h' file not found
>>  #include "lber.h"
>>   ^~~~
>>  1 error generated.
>>  error: command 'cc' failed with exit status 1
>>
>>  As already noticed THERE IS a file lber.h on my system.
>>  The thing is it is no seen by the installer
>>
>>  I run pip3 inside a virtualenv.
>>  Without using a venv I have the same result
>
> For python-ldap 3.1.0 you will need to add the following to setup.cfg in
> the [_ldap] section.
>
> library_dirs = /usr/local/lib
> include_dirs = /usr/local/include /usr/local/include/sasl



Re: pip install (python3) requires some development libraries

2018-08-27 Thread Максим
That did the trick.
The command
"env CFLAGS="${CFLAGS} -I/usr/local/include" pip install django-auth-ldap"
did install all needed packets.
I hardly would have get to it by myself.
Thank you very much!
-- 
Best Regards
Maksim Rodin


27.08.2018, 15:40, "Remco" :
> Op 08/27/18 om 12:09 schreef Максим:
>>  Sorry, I was wrong.
>>  There is a file "lber.h" on the system (/usr/local/include/lber.h)
>>  But the installer doesn't seem to know where to find it.
>>  So the question remains.
>>
>>  --
>>  Maksim Rodin
>
> Maybe you need to use the CFLAGS -I option to include /usr/local/include
> in the include search path, something like:
> env CFLAGS="${CFLAGS} -I/usr/local/include" 



Re: pip install (python3) requires some development libraries

2018-08-27 Thread Максим
I manually downloaded the python-ldap-3.1.0.tar.gz archive (this packet
is a dependencywhich gives that error).unpacked it and ran python
setup.py build.The same error:"running buildrunning build_pyrunning
egg_infowriting Lib/python_ldap.egg-info/PKG-INFOwriting dependency_links
to Lib/python_ldap.egg-info/dependency_links.txtwriting requirements to
Lib/python_ldap.egg-info/requires.txtwriting top-level names to
Lib/python_ldap.egg-info/top_level.txtreading manifest file
'Lib/python_ldap.egg-info/SOURCES.txt'reading manifest template
'MANIFEST.in'no previously-included directories found matching
'Doc/.build'writing manifest file 'Lib/python_ldap.egg-info/SOURCES.txt'running
build_extbuilding '_ldap' extensioncc -pthread -Wno-unused-result
-Wsign-compare -Wunreachable-code -DNDEBUG-O2 -pipe -fPIC -O2 -pipe -O2
-pipe -fPIC -DHAVE_SASL -DHAVE_TLS -DHAVE_LIBLDAP_R-DHAVE_LIBLDAP_R
-DLDAPMODULE_VERSION=3.1.0 -DLDAPMODULE_AUTHOR=python-ldap 
project-DLDAPMODULE_LICENSE=Python
style -IModules 
-I/home/misa/REQUEST_TRACKER/rt/include-I/usr/local/include/python3.6m
-c Modules/LDAPObject.c-o
build/temp.openbsd-6.4-amd64-3.6/Modules/LDAPObject.o� � � � � � � � � � � � � 
� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 
� � � � � � � � � � � � � � � � � � � � � � � � 
� In file included from Modules/LDAPObject.c:8:Modules/constants.h:7:10:
fatal error: 'lber.h' file not found#include "lber.h"� � � � � � � � 
^~~~1 error generated.error: command 'cc' failed with exit status 1� As
already noticed THERE IS a file lber.h on my system.The thing is it is no
seen by the installer� I run pip3 inside a virtualenv.Without using a
venv I have the same result--� Maksim Rodin� � � 27.08.2018, 15:10,
"flipchan" :

  Try manually downloading it from pypi.python.org and running Python
  setup.py build and Python setup.py install
  � On August 27, 2018 10:09:48 AM UTC, "Максим" 
  wrote:

Sorry, I was wrong.
There is a file "lber.h" on the system (/usr/local/include/lber.h)
But the installer doesn't seem to know where to find it.
So the question remains.

-- 
Maksim Rodin


27.08.2018, 11:52, "Stuart Henderson" :
 On 2018-08-27, Максим  wrote:
  Hello.
  I'm trying to install some django components, which
  require development libraries be installed on the system to
  successfully compile.
  If it goes about Ubuntu I understand that I have to install
  something like "packet-dev" with the command
  "sudo apt install packet-dev"
  What are my steps to make something equal on OpenBSD (6.3/amd64)?
  I suppose I should begin with fetching the ports tree.
  But what else? How do I make install script find the dev-libraries needed?

  In my case I'm trying to install django-ldap-auth using pip.
  When the installer begins to compile he complains that it cannot find 
some files:
  "In file included from Modules/LDAPObject.c:8:
  Modules/constants.h:7:10: fatal error: 'lber.h' file not found
  #include "lber.h"
  1 error generated.
  error: command 'cc' failed with exit status 1"

 Specifically for this: pkg_add openldap-client

 In general: pkg_add pkglocatedb and use the pkg_locate command.
  


  --
  Take Care Sincerely flipchan layerprox dev


Re: pip install (python3) requires some development libraries

2018-08-27 Thread Максим
Sorry, I was wrong.
There is a file "lber.h" on the system (/usr/local/include/lber.h)
But the installer doesn't seem to know where to find it.
So the question remains.

-- 
Maksim Rodin


27.08.2018, 11:52, "Stuart Henderson" :
> On 2018-08-27, Максим  wrote:
>>  Hello.
>>  I'm trying to install some django components, which
>>  require development libraries be installed on the system to
>>  successfully compile.
>>  If it goes about Ubuntu I understand that I have to install
>>  something like "packet-dev" with the command
>>  "sudo apt install packet-dev"
>>  What are my steps to make something equal on OpenBSD (6.3/amd64)?
>>  I suppose I should begin with fetching the ports tree.
>>  But what else? How do I make install script find the dev-libraries needed?
>>
>>  In my case I'm trying to install django-ldap-auth using pip.
>>  When the installer begins to compile he complains that it cannot find some 
>> files:
>>  "In file included from Modules/LDAPObject.c:8:
>>  Modules/constants.h:7:10: fatal error: 'lber.h' file not found
>>  #include "lber.h"
>>  1 error generated.
>>  error: command 'cc' failed with exit status 1"
>
> Specifically for this: pkg_add openldap-client
>
> In general: pkg_add pkglocatedb and use the pkg_locate command.



Re: pip install (python3) requires some development libraries

2018-08-27 Thread Максим
No, that didn't do the trick.
Openldap-client was already installed from packages.
It says on the home page of django-auth-ldap:
"You’ll need the OpenLDAP libraries and headers available on your system"
I don't think the openldap-client package itself installs its headers as well.

-- 
Maksim Rodin

27.08.2018, 11:52, "Stuart Henderson" :
> On 2018-08-27, Максим  wrote:
>>  Hello.
>>  I'm trying to install some django components, which
>>  require development libraries be installed on the system to
>>  successfully compile.
>>  If it goes about Ubuntu I understand that I have to install
>>  something like "packet-dev" with the command
>>  "sudo apt install packet-dev"
>>  What are my steps to make something equal on OpenBSD (6.3/amd64)?
>>  I suppose I should begin with fetching the ports tree.
>>  But what else? How do I make install script find the dev-libraries needed?
>>
>>  In my case I'm trying to install django-ldap-auth using pip.
>>  When the installer begins to compile he complains that it cannot find some 
>> files:
>>  "In file included from Modules/LDAPObject.c:8:
>>  Modules/constants.h:7:10: fatal error: 'lber.h' file not found
>>  #include "lber.h"
>>  1 error generated.
>>  error: command 'cc' failed with exit status 1"
>
> Specifically for this: pkg_add openldap-client
>
> In general: pkg_add pkglocatedb and use the pkg_locate command.



pip install (python3) requires some development libraries

2018-08-27 Thread Максим
Hello.
I'm trying to install some django components, which
require development libraries be installed on the system to
successfully compile.
If it goes about Ubuntu I understand that I have to install
something like "packet-dev" with the command
"sudo apt install packet-dev"
What are my steps to make something equal on OpenBSD (6.3/amd64)?
I suppose I should begin with fetching the ports tree.
But what else? How do I make install script find the dev-libraries needed?

In my case I'm trying to install django-ldap-auth using pip.
When the installer begins to compile he complains that it cannot find some 
files:
"In file included from Modules/LDAPObject.c:8:
Modules/constants.h:7:10: fatal error: 'lber.h' file not found
#include "lber.h"
1 error generated.
error: command 'cc' failed with exit status 1"

--
Best regards
Maksim Rodin



Re: Poor browser performance in OpenBSD

2018-06-21 Thread Максим
Sorry for corrupted output.
I had to compose the email in a browser.
I will try to fix that.

-- 
Best regards.
Maksim Rodin

21.06.2018, 12:13, "Максим" :
> Here is the vmstat result. It can be seen clear when I start a youtube
> video in firefox. CPU usage jumps and falls, whenI close the tab with
> that video.I cannon imagine what can be a bottleneck in the system with
> core i3 cpu, 8 gb ram and ssd when the only "heavy" processis firefox
> with 10 open tabs, the rest is tmux with a few terminals and thunderbird.? I
> also tried setting machdep.allowaperture=2 to 0 following Thomas Frohwein's
> advice butI didn't see any changes after reboot. And I also remember that
> I didn't change that parameter by hand.I suppose it was set automatically
> by the system installer when I chose "Do you expect to run the X Window
> System? [yes]"And I don't see any hint in "man xf86" that it has anything
> to do with performance restrictions.? doas vmstat -w 5? procs? ? ?
> memory? ? ? ? ? ? page? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? disks? ? ?
> traps? ? ? ? ? ? ? ? ? cpu? r? ? s? ? avm? ? ? ? fre? flt? re?
> pi? po? fr? sr sd0 cd0? int? ? sys? ? cs us sy id? 3 293 1804M? ?
> 4266M? 897? ? 0? ? 0? ? 0? ? 0? ? 0? ? 2? ? 0? 102 13798 1903?
> 4? 2 94? 0 295 1799M? ? 4271M? 501? ? 0? ? 0? ? 0? ? 0? ? 0? ?
> 0? ? 0? 156? 8505 1347? 1? 1 98? 3 292 1799M? ? 4271M? ? 34? ?
> 0? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? 151? 6959 1113? 0? 0 100? 2
> 292 1760M? ? 4307M? 465? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? 187
> 11689 1386? 2? 1 96? 1 295 1759M? ? 4308M 3519? ? 0? ? 0? ? 0? ?
> 0? ? 0? ? 0? ? 0? 248 27514 4037 11? 6 82? 3 298 1802M? ? 4234M
> 6631? ? 0? ? 0? ? 0? ? 0? ? 0? ? 1? ? 0? 296 64983 6072 26 11 61? 4
> 300 1837M? ? 4202M 8481? ? 0? ? 0? ? 0? ? 0? ? 0? 76? ? 0 350
> 62912 7460 30 12 57? 5 302 1929M? ? 4100M 16860? ? 0? ? 0? ? 0? ?
> 0? ? 0? ? 0? ? 0? 537 87017 9736 58 16 24? 2 305 1912M? ? 4082M
> 9525? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? 210 42731 5417 40 11 47? 5
> 302 1911M? ? 4095M 9629? ? 0? ? 0? ? 0? ? 0? ? 0? ? 7? ? 0? 364
> 70279 9421 38 13 48? 2 311 1927M? ? 4038M 9220? ? 0? ? 0? ? 0? ?
> 0? ? 0? ? 0? ? 0? 590 77202 9896 35 13 49? 5 311 1970M? ? 4021M
> 10586? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? 552 110548 17876 49 20
> 28? 3 311 2047M? ? 3900M 16934? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0
> 1491 105224 18734 55 31? 7? 8 305 2101M? ? 3832M 18703? ? 0? ? 0? ?
> 0? ? 0? ? 0? ? 0? ? 0 2149 85147 16381 55 37? 0? 7 306 2115M? ?
> 3794M 8234? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? 626 68552 12057 43
> 23 30? 0 312 2079M? ? 3830M 7116? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? ?
> 0? 367 90852 12290 49 17 32? 2 306 2082M? ? 3847M 5519? ? 0? ? 0? ?
> 0? ? 0? ? 0? ? 0? ? 0? 322 65909 10800 34 14 51? 4 303 2061M? ?
> 3850M 6255? ? 0? ? 0? ? 0? ? 0? ? 0? ? 5? ? 0? 410 72349 11289 32
> 17 50? 7 300 2063M? ? 3863M 6900? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? ?
> 0? 435 78476 11630 49 21 28? 3 304 2064M? ? 3856M 4617? ? 0? ? 0? ?
> 0? ? 0? ? 0? ? 0? ? 0? 580 61415 9961 31 16 52? 3 305 2017M? ?
> 3934M 10344? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? 545 73093 10099
> 38 16 44? 0 307 1945M? ? 4007M 1864? ? 0? ? 0? ? 0? ? 0? ? 0? ?
> 0? ? 0? 141 12998 1624? 3? 4 92? 3 305 1921M? ? 4026M? 897? ?
> 0? ? 0? ? 0? ? 0? ? 0? ? 0? ? 0? 148 13916 1589? 6? 2 92? 2 305
> 1921M? ? 4045M? 572? ? 0? ? 0? ? 0? ? 0? ? 0? 15? ? 0? 185
> 10068 1267? 2? 1 97? 1 306 1846M? ? 4120M 3488? ? 0? ? 0? ? 0? ?
> 0? ? 0? ? 0? ? 0? 179 14300 2274 19? 4 76? --? ? ? ? ? 20.06.2018,
> 16:04, "IL Ka" :
>
>   Have you tried vmstat to find bottleneck: is it CPU in userspace or
>   in kernel or storage?Which WM are you using? Could it be WM issue?Try
>   to use lower resolution? ? (I know that resolution is locked for
>   LCDs, but you can try just to make sure it is not the problem)



Re: Poor browser performance in OpenBSD

2018-06-21 Thread Максим
Here is the vmstat result. It can be seen clear when I start a youtube
video in firefox. CPU usage jumps and falls, whenI close the tab with
that video.I cannon imagine what can be a bottleneck in the system with
core i3 cpu, 8 gb ram and ssd when the only "heavy" processis firefox
with 10 open tabs, the rest is tmux with a few terminals and thunderbird.� I
also tried setting machdep.allowaperture=2 to 0 following Thomas Frohwein's
advice butI didn't see any changes after reboot. And I also remember that
I didn't change that parameter by hand.I suppose it was set automatically
by the system installer when I chose "Do you expect to run the X Window
System? [yes]"And I don't see any hint in "man xf86" that it has anything
to do with performance restrictions.� doas vmstat -w 5� procs� � � 
memory� � � � � �  page� � � � � � � � � � � � � � � � � � �  disks� � � 
traps� � � � � � � � �  cpu� r� �  s� �  avm� � � �  fre�  flt�  re� 
pi�  po�  fr�  sr sd0 cd0�  int� �  sys� �  cs us sy id� 3 293 1804M� � 
4266M�  897� �  0� �  0� �  0� �  0� �  0� �  2� �  0�  102 13798 1903� 
4�  2 94� 0 295 1799M� �  4271M�  501� �  0� �  0� �  0� �  0� �  0� � 
0� �  0�  156�  8505 1347�  1�  1 98� 3 292 1799M� �  4271M� �  34� � 
0� �  0� �  0� �  0� �  0� �  0� �  0�  151�  6959 1113�  0�  0 100� 2
292 1760M� �  4307M�  465� �  0� �  0� �  0� �  0� �  0� �  0� �  0�  187
11689 1386�  2�  1 96� 1 295 1759M� �  4308M 3519� �  0� �  0� �  0� � 
0� �  0� �  0� �  0�  248 27514 4037 11�  6 82� 3 298 1802M� �  4234M
6631� �  0� �  0� �  0� �  0� �  0� �  1� �  0�  296 64983 6072 26 11 61� 4
300 1837M� �  4202M 8481� �  0� �  0� �  0� �  0� �  0�  76� �  0 350
62912 7460 30 12 57� 5 302 1929M� �  4100M 16860� �  0� �  0� �  0� � 
0� �  0� �  0� �  0�  537 87017 9736 58 16 24� 2 305 1912M� �  4082M
9525� �  0� �  0� �  0� �  0� �  0� �  0� �  0�  210 42731 5417 40 11 47� 5
302 1911M� �  4095M 9629� �  0� �  0� �  0� �  0� �  0� �  7� �  0�  364
70279 9421 38 13 48� 2 311 1927M� �  4038M 9220� �  0� �  0� �  0� � 
0� �  0� �  0� �  0�  590 77202 9896 35 13 49� 5 311 1970M� �  4021M
10586� �  0� �  0� �  0� �  0� �  0� �  0� �  0�  552 110548 17876 49 20
28� 3 311 2047M� �  3900M 16934� �  0� �  0� �  0� �  0� �  0� �  0� �  0
1491 105224 18734 55 31�  7� 8 305 2101M� �  3832M 18703� �  0� �  0� � 
0� �  0� �  0� �  0� �  0 2149 85147 16381 55 37�  0� 7 306 2115M� � 
3794M 8234� �  0� �  0� �  0� �  0� �  0� �  0� �  0�  626 68552 12057 43
23 30� 0 312 2079M� �  3830M 7116� �  0� �  0� �  0� �  0� �  0� �  0� � 
0�  367 90852 12290 49 17 32� 2 306 2082M� �  3847M 5519� �  0� �  0� � 
0� �  0� �  0� �  0� �  0�  322 65909 10800 34 14 51� 4 303 2061M� � 
3850M 6255� �  0� �  0� �  0� �  0� �  0� �  5� �  0�  410 72349 11289 32
17 50� 7 300 2063M� �  3863M 6900� �  0� �  0� �  0� �  0� �  0� �  0� � 
0�  435 78476 11630 49 21 28� 3 304 2064M� �  3856M 4617� �  0� �  0� � 
0� �  0� �  0� �  0� �  0�  580 61415 9961 31 16 52� 3 305 2017M� � 
3934M 10344� �  0� �  0� �  0� �  0� �  0� �  0� �  0�  545 73093 10099
38 16 44� 0 307 1945M� �  4007M 1864� �  0� �  0� �  0� �  0� �  0� � 
0� �  0�  141 12998 1624�  3�  4 92� 3 305 1921M� �  4026M�  897� � 
0� �  0� �  0� �  0� �  0� �  0� �  0�  148 13916 1589�  6�  2 92� 2 305
1921M� �  4045M�  572� �  0� �  0� �  0� �  0� �  0�  15� �  0�  185
10068 1267�  2�  1 97� 1 306 1846M� �  4120M 3488� �  0� �  0� �  0� � 
0� �  0� �  0� �  0�  179 14300 2274 19�  4 76� --� � � � � 20.06.2018,
16:04, "IL Ka" :

  Have you tried vmstat to find bottleneck: is it CPU in userspace or
  in kernel or storage?Which WM are you using? Could it be WM issue?Try
  to use lower resolution�  � (I know that resolution is locked for
  LCDs, but you can try just to make sure it is not the problem)


Re: Poor browser performance in OpenBSD

2018-06-20 Thread Максим
m x position: 1919
[20.382] (II) ws: /dev/wsmouse: minimum y position: 0
[20.382] (II) ws: /dev/wsmouse: maximum y position: 1079
[20.382] (==) ws: /dev/wsmouse: Buttons: 7
[20.384] (**) ws: /dev/wsmouse: YAxisMapping: buttons 4 and 5
[20.384] (II) XINPUT: Adding extended input device "/dev/wsmouse" (type: 
MOUSE, id 7)
[20.831] (**) /dev/wsmouse: (accel) keeping acceleration scheme 1
[20.831] (**) /dev/wsmouse: (accel) acceleration profile 0
[20.831] (**) /dev/wsmouse: (accel) acceleration factor: 2.000
[20.831] (**) /dev/wsmouse: (accel) acceleration threshold: 4
[25.274] (II) intel(0): resizing framebuffer to 3840x1080
[25.312] (II) intel(0): switch to mode 1920x1080@60.0 on HDMI1 using pipe 
0, position (1920, 0), rotation normal, reflection none
[25.773] (II) intel(0): EDID vendor "SAM", prod id 1605
[25.774] (II) intel(0): Using EDID range info for horizontal sync
[25.774] (II) intel(0): Using EDID range info for vertical refresh
[25.774] (II) intel(0): Printing DDC gathered Modelines:
[25.774] (II) intel(0): Modeline "1920x1080"x0.0  148.50  1920 2008 2052 
2200  1080 1084 1089 1125 +hsync +vsync (67.5 kHz eP)
[25.774] (II) intel(0): Modeline "1920x1080"x0.0  148.50  1920 2448 2492 
2640  1080 1084 1089 1125 +hsync +vsync (56.2 kHz e)
[25.774] (II) intel(0): Modeline "1280x720"x0.0   74.25  1280 1390 1430 
1650  720 725 730 750 +hsync +vsync (45.0 kHz e)
[25.774] (II) intel(0): Modeline "1280x720"x0.0   74.25  1280 1720 1760 
1980  720 725 730 750 +hsync +vsync (37.5 kHz e)
[25.774] (II) intel(0): Modeline "720x576"x0.0   27.00  720 732 796 864  
576 581 586 625 -hsync -vsync (31.2 kHz e)
[25.774] (II) intel(0): Modeline "720x480"x0.0   27.00  720 736 798 858  
480 489 495 525 -hsync -vsync (31.5 kHz e)
[25.774] (II) intel(0): Modeline "800x600"x0.0   40.00  800 840 968 1056  
600 601 605 628 +hsync +vsync (37.9 kHz e)
[25.774] (II) intel(0): Modeline "800x600"x0.0   36.00  800 824 896 1024  
600 601 603 625 +hsync +vsync (35.2 kHz e)
[25.774] (II) intel(0): Modeline "640x480"x0.0   31.50  640 656 720 840  
480 481 484 500 -hsync -vsync (37.5 kHz e)
[25.774] (II) intel(0): Modeline "640x480"x0.0   31.50  640 664 704 832  
480 489 492 520 -hsync -vsync (37.9 kHz e)
[25.774] (II) intel(0): Modeline "640x480"x0.0   30.24  640 704 768 864  
480 483 486 525 -hsync -vsync (35.0 kHz e)
[25.774] (II) intel(0): Modeline "640x480"x0.0   25.18  640 656 752 800  
480 490 492 525 -hsync -vsync (31.5 kHz e)
[25.774] (II) intel(0): Modeline "720x400"x0.0   28.32  720 738 846 900  
400 412 414 449 -hsync +vsync (31.5 kHz e)
[25.774] (II) intel(0): Modeline "1280x1024"x0.0  135.00  1280 1296 1440 
1688  1024 1025 1028 1066 +hsync +vsync (80.0 kHz e)
[25.774] (II) intel(0): Modeline "1024x768"x0.0   78.75  1024 1040 1136 
1312  768 769 772 800 +hsync +vsync (60.0 kHz e)
[25.774] (II) intel(0): Modeline "1024x768"x0.0   75.00  1024 1048 1184 
1328  768 771 777 806 -hsync -vsync (56.5 kHz e)
[25.774] (II) intel(0): Modeline "1024x768"x0.0   65.00  1024 1048 1184 
1344  768 771 777 806 -hsync -vsync (48.4 kHz e)
[25.774] (II) intel(0): Modeline "832x624"x0.0   57.28  832 864 928 1152  
624 625 628 667 -hsync -vsync (49.7 kHz e)
[25.774] (II) intel(0): Modeline "800x600"x0.0   49.50  800 816 896 1056  
600 601 604 625 +hsync +vsync (46.9 kHz e)
[25.774] (II) intel(0): Modeline "800x600"x0.0   50.00  800 856 976 1040  
600 637 643 666 +hsync +vsync (48.1 kHz e)
[25.774] (II) intel(0): Modeline "1152x864"x0.0  108.00  1152 1216 1344 
1600  864 865 868 900 +hsync +vsync (67.5 kHz e)
[25.774] (II) intel(0): Modeline "1280x800"x0.0   71.00  1280 1328 1360 
1440  800 803 809 823 +hsync -vsync (49.3 kHz e)
[25.774] (II) intel(0): Modeline "1280x960"x0.0  108.00  1280 1376 1488 
1800  960 961 964 1000 +hsync +vsync (60.0 kHz e)
[25.774] (II) intel(0): Modeline "1280x1024"x0.0  108.00  1280 1328 1440 
1688  1024 1025 1028 1066 +hsync +vsync (64.0 kHz e)
[25.774] (II) intel(0): Modeline "1440x900"x0.0   88.75  1440 1488 1520 
1600  900 903 909 926 +hsync -vsync (55.5 kHz e)
[25.774] (II) intel(0): Modeline "1600x1200"x0.0  162.00  1600 1664 1856 
2160  1200 1201 1204 1250 +hsync +vsync (75.0 kHz e)
[25.774] (II) intel(0): Modeline "1680x1050"x0.0  119.00  1680 1728 1760 
1840  1050 1053 1059 1080 +hsync -vsync (64.7 kHz e)
[25.774] (II) intel(0): Modeline "1440x900"x0.0  136.75  1440 1536 1688 
1936  900 903 909 942 -hsync +vsync (70.6 kHz e)



-- 
Best regards
Maksim Rodin


20.06.2018, 12:13, "Patrick Harper" :
> It's using the framebuffer driver in EFI mode,

Re: Poor browser performance in OpenBSD

2018-06-20 Thread Максим
initial modes
[17.856] (II) modeset(0): Output eDP-1 using initial mode 1920x1080 +0+0
[17.856] (II) modeset(0): Output HDMI-1 using initial mode 1920x1080 +1920+0
[17.856] (==) modeset(0): Using gamma correction (1.0, 1.0, 1.0)
[17.856] (==) modeset(0): DPI set to (96, 96)
[17.856] (II) Loading sub module "fb"
[17.856] (II) LoadModule: "fb"
[17.858] (II) Loading /usr/X11R6/lib/modules/libfb.so
[17.860] (II) Module fb: vendor="X.Org Foundation"
[17.860]compiled for 1.19.6, module version = 1.0.0
[17.860]ABI class: X.Org ANSI C Emulation, version 0.4
[17.860] (==) Depth 24 pixmap format is 32 bpp
[18.040] (==) modeset(0): Backing store enabled
[18.040] (==) modeset(0): Silken mouse enabled
[18.040] (II) modeset(0): RandR 1.2 enabled, ignore the following RandR 
disabled message.
[18.091] (II) modeset(0): Initializing kms color map
[18.093] (==) modeset(0): DPMS enabled
[18.093] (WW) modeset(0): DRI2: glamor lacks support for pixmap 
import/export
[18.093] (II) modeset(0): [DRI2] Setup complete
[18.093] (II) modeset(0): [DRI2]   DRI driver: i965
[18.093] (II) modeset(0): [DRI2]   VDPAU driver: i965
[18.094] (--) RandR disabled
[18.114] (II) AIGLX: enabled GLX_MESA_copy_sub_buffer
[18.114] (II) AIGLX: enabled GLX_ARB_create_context
[18.114] (II) AIGLX: enabled GLX_ARB_create_context_profile
[18.114] (II) AIGLX: enabled GLX_EXT_create_context_es{,2}_profile
[18.114] (II) AIGLX: enabled GLX_INTEL_swap_event
[18.114] (II) AIGLX: enabled GLX_SGI_swap_control
[18.114] (II) AIGLX: enabled GLX_EXT_framebuffer_sRGB
[18.114] (II) AIGLX: enabled GLX_ARB_fbconfig_float
[18.114] (II) AIGLX: enabled GLX_EXT_fbconfig_packed_float
[18.114] (II) AIGLX: GLX_EXT_texture_from_pixmap backed by buffer objects
[18.114] (II) AIGLX: enabled GLX_ARB_create_context_robustness
[18.114] (II) AIGLX: Loaded and initialized i965
[18.114] (II) GLX: Initialized DRI2 GL provider for screen 0
[18.121] (II) modeset(0): Damage tracking initialized
[18.121] (II) modeset(0): Setting screen physical size to 1016 x 285
[18.260] (II) config/wscons: checking input device /dev/wskbd
[18.260] (II) wskbd: using layout us
[18.260] (II) LoadModule: "kbd"
[18.261] (II) Loading /usr/X11R6/lib/modules/input/kbd_drv.so
[18.263] (II) Module kbd: vendor="X.Org Foundation"
[18.263]compiled for 1.19.6, module version = 1.9.0
[18.263]Module class: X.Org XInput Driver
[18.263]ABI class: X.Org XInput driver, version 24.1
[18.263] (II) Using input driver 'kbd' for '/dev/wskbd'
[18.263] (**) /dev/wskbd: always reports core events
[18.263] (**) /dev/wskbd: always reports core events
[18.263] (**) Option "Protocol" "standard"
[18.263] (**) Option "XkbRules" "base"
[18.263] (**) Option "XkbModel" "pc105"
[18.263] (**) Option "XkbLayout" "us"
[18.263] (II) XINPUT: Adding extended input device "/dev/wskbd" (type: 
KEYBOARD, id 6)
[18.728] (II) config/wscons: checking input device /dev/wsmouse
[18.728] (II) LoadModule: "ws"
[18.729] (II) Loading /usr/X11R6/lib/modules/input/ws_drv.so
[18.730] (II) Module ws: vendor="X.Org Foundation"
[18.730]compiled for 1.19.6, module version = 1.3.0
[18.730]Module class: X.Org XInput Driver
[18.730]ABI class: X.Org XInput driver, version 24.1
[18.730] (II) Using input driver 'ws' for '/dev/wsmouse'
[18.730] (**) /dev/wsmouse: always reports core events
[18.730] (II) ws: /dev/wsmouse: debuglevel 0
[18.730] (**) Option "Device" "/dev/wsmouse"
[18.730] (**) ws: /dev/wsmouse: ZAxisMapping: buttons 4 and 5
[18.730] (**) ws: /dev/wsmouse: WAxisMapping: buttons 6 and 7
[18.730] (**) ws: /dev/wsmouse: associated screen: 0
[19.176] (II) ws: /dev/wsmouse: minimum x position: 0
[19.176] (II) ws: /dev/wsmouse: maximum x position: 3839
[19.176] (II) ws: /dev/wsmouse: minimum y position: 0
[19.176] (II) ws: /dev/wsmouse: maximum y position: 1079
[19.176] (==) ws: /dev/wsmouse: Buttons: 7
[19.179] (**) ws: /dev/wsmouse: YAxisMapping: buttons 4 and 5
[19.179] (II) XINPUT: Adding extended input device "/dev/wsmouse" (type: 
MOUSE, id 7)
[19.625] (**) /dev/wsmouse: (accel) keeping acceleration scheme 1
[19.625] (**) /dev/wsmouse: (accel) acceleration profile 0
[19.625] (**) /dev/wsmouse: (accel) acceleration factor: 2.000
[19.625] (**) /dev/wsmouse: (accel) acceleration threshold: 4
[30.176] (II) modeset(0): EDID vendor "HWP", prod id 16917
[30.176] (II) modeset(0): Printing DDC gathered Modelines:
[30.176] (II) modeset(0): Modeline "1920x1080"x0.0  143.69  1920 2016 2080 
2176  1080 1088 1092 1100 -hsync -vsync (66.0 kHz eP)


-- 
Best regards
Maksim Rodin


20.06.2018, 11:30, "Patrick Harper" :
> Post the contents of /var/log/Xorg.0.log
>
> --
>   Patrick Harper
>   paia...@fastmail.com
>
> On Wed, 20 Jun 2018, at 00:20, Максим wrote:
>>  fw_update was among the first commands after the install process :-)
>>  hardware acceleration definitely works.
>>
>>  --
>>
>>  20.06.2018, 10:04, "Maurice McCarthy" :
>>  > Can only suggest reading man intel and/or running
>>  > $ doas fw_update
>>  >
>>  > beyond that you'd need someone more knowledgeable.
>>  > Good Luck



Re: Poor browser performance in OpenBSD

2018-06-20 Thread Максим
fw_update was among the first commands after the install process :-)
hardware acceleration definitely works.

-- 


20.06.2018, 10:04, "Maurice McCarthy" :
> Can only suggest reading man intel and/or running
> $ doas fw_update
>
> beyond that you'd need someone more knowledgeable.
> Good Luck



Poor browser performance in OpenBSD

2018-06-19 Thread Максим
Hello.
I'm using Firefox and Chromium (from packages) to browse the internet on 
OpenBSD 6.3 (amd64).
The problem is that their performance in OpenBSD is very poor compared to other 
OSes.
Everything I found regarding boosting their performance:
1) Changing some values in login.conf for login group staff and adding myself 
to that login class:
staff:\
:datasize-cur=4096M:\
:datasize-max=infinity:\
:openfiles-cur=1024:\
:stacksize-cur=64M:\
:maxproc-max=512:\
:maxproc-cur=512:\
:ignorenologin:\
:requirehome@:\
:tc=default:

2) sysctl kern.shminfo.shmall=268435456

All of this was taken from here:
http://openbsd-archive.7691.n7.nabble.com/Coddling-bloated-web-browsers-etc-or-how-far-does-kern-shminfo-shmall-usefully-go-td244155.html

These changes to the system don't seem to have any effect.
Loading pages is slow, watching online video is possible but the responsiveness 
of the browser becomes awful.

Do I need additional settings to fix this?


dmesg:

OpenBSD 6.3-current (GENERIC.MP) #13: Thu Jun 14 17:29:44 MDT 2018
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8442433536 (8051MB)
avail mem = 8108933120 (7733MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe9374 (57 entries)
bios0: vendor Hewlett-Packard version "K01 v02.57" date 11/16/2012
bios0: Hewlett-Packard HP Compaq Pro 6300 All-in-One PC
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG HPET SSDT SSDT SLIC SSDT SSDT TCPA ASF! BGRT
acpi0: wakeup devices PS2K(S3) PS2M(S3) P0P1(S4) USB1(S3) USB2(S3) USB3(S3) 
USB4(S3) USB5(S3) USB6(S3) USB7(S3) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) 
PXSX(S4) RP03(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz, 3293.09 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,XSAVE,AVX,F16C,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,IBRS,IBPB,STIBP,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz, 3292.52 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,XSAVE,AVX,F16C,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,IBRS,IBPB,STIBP,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (P0P1)
acpiprt2 at acpi0: bus -1 (RP01)
acpiprt3 at acpi0: bus -1 (RP02)
acpiprt4 at acpi0: bus -1 (RP03)
acpiprt5 at acpi0: bus -1 (RP04)
acpiprt6 at acpi0: bus -1 (RP05)
acpiprt7 at acpi0: bus -1 (RP06)
acpiprt8 at acpi0: bus -1 (RP07)
acpiprt9 at acpi0: bus -1 (RP08)
acpiprt10 at acpi0: bus -1 (PEG0)
acpiprt11 at acpi0: bus -1 (PEG1)
acpiprt12 at acpi0: bus -1 (PEG2)
acpiprt13 at acpi0: bus -1 (PEG3)
acpiec0 at acpi0: not present
acpicpu0 at acpi0: C3(350@80 mwait.1@0x20), C2(500@59 mwait.1@0x10), C1(1000@1 
mwait.1), PSS
acpicpu1 at acpi0: C3(350@80 mwait.1@0x20), C2(500@59 mwait.1@0x10), C1(1000@1 
mwait.1), PSS
acpipwrres0 at acpi0: FN00, resource for FAN0
acpipwrres1 at acpi0: FN01, resource for FAN1
acpipwrres2 at acpi0: FN02, resource for FAN2
acpipwrres3 at acpi0: FN03, resource for FAN3
acpipwrres4 at acpi0: FN04, resource for FAN4
acpitz0 at acpi0: critical temperature is 105 degC
acpitz1 at acpi0: critical temperature is 105 degC
acpicmos0 at acpi0
"INT3F0D" at acpi0 not configured
tpm0 at acpi0: TPM_ addr 0xfed4/0x5000: Infineon SLB9635 1.2 rev 0x10
acpibtn0 at acpi0: PWRB
"PNP0C14" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
acpivideo0 at acpi0: PEG0
acpivideo1 at acpi0: VGA_
acpivideo2 at acpi0: GFX0
acpivout0 at acpivideo2: DD02
acpivout at acpivideo2 not configured
cpu0: Enhanced SpeedStep 3293 MHz: speeds: 3300, 3200, 3100, 3000, 2800, 2700, 
2600, 2500, 2400, 2300, 2200, 2100, 1900, 1800, 1700, 1600 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Core 3G Host" rev 0x09
inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics 2500" rev 

Re: Different sound sources interfere with each other

2018-06-19 Thread Максим
The same occures during some network activity.
I noticed it when I had my python script get some data through ssh from several 
hosts simultaneously.
The sound from cmus worked with big interruptions till the script finished its 
work.

-- 
Best regards
Maksim Rodin


19.06.2018, 10:24, "Jordan Geoghegan" :
> On 06/18/18 11:58, Родин Максим wrote:
>>  May be the system becomes ... too busy to serve these actions
>>  simultaneously?
>>  It seemed to me that any task which made decent use of computer
>>  resources was able to cause that behavior.
>
> It would seem you're right. I just tried maxing out my workstation (i7
> 3770, 16GB ram) and with nearly all 16GB ram occupied (over 100 firefox
> tabs, 10 Libreoffice instances, Thunderbird etc) I have been able to
> consistently reproduce this issue.
> When I copy a large block of text from LibreOffice, the audio
> skips/stutters as Maxim described. Once I get the machine swapping, it's
> game over-- it becomes nigh impossible to play music. Closing down
> firefox and letting reaper do its magic (or just reducing ram usage in
> general) seems to resolve the issue.
>
> Just my 2 cents,
>
> Cheers,
> Jordan



Re: Different sound sources interfere with each other

2018-06-19 Thread Максим
The same occures during some network activity.
I noticed it when I had my python script get some data through ssh from several 
hosts simultaneously.
The sound from cmus worked with big interruptions till the script finished its 
work.

-- 
Best regards
Maksim Rodin


19.06.2018, 10:24, "Jordan Geoghegan" :
> On 06/18/18 11:58, Родин Максим wrote:
>>  May be the system becomes ... too busy to serve these actions
>>  simultaneously?
>>  It seemed to me that any task which made decent use of computer
>>  resources was able to cause that behavior.
>
> It would seem you're right. I just tried maxing out my workstation (i7
> 3770, 16GB ram) and with nearly all 16GB ram occupied (over 100 firefox
> tabs, 10 Libreoffice instances, Thunderbird etc) I have been able to
> consistently reproduce this issue.
> When I copy a large block of text from LibreOffice, the audio
> skips/stutters as Maxim described. Once I get the machine swapping, it's
> game over-- it becomes nigh impossible to play music. Closing down
> firefox and letting reaper do its magic (or just reducing ram usage in
> general) seems to resolve the issue.
>
> Just my 2 cents,
>
> Cheers,
> Jordan



Re: Different sound sources interfere with each other

2018-06-18 Thread Родин Максим
May be the system becomes ... too busy to serve these actions 
simultaneously?
It seemed to me that any task which made decent use of computer 
resources was able to cause that behavior.


18.06.2018 18:22, Maxim Tarasov пишет:

Hi,

I was able to find another trigger for this sound glitch:

dd if=/dev/zero of=/tmp/test bs=1m count=256
rm /tmp/test

Sound sometimes interrupts in the middle of dd(1) call, and always
interrupts at the time of rm(1) call on files larger than 200 Mb. It
looks like in case of dd/rm not only sound is affected, but mouse
cursor controlled by USB mouse also stops responding.

unlink(2) call seem to take a long time:

$ dd if=/dev/zero of=test bs=1m count=1024 && ktrace rm test && kdump -R | grep 
unlink
1024+0 records in
1024+0 records out
1073741824 bytes transferred in 2.265 secs (473858546 bytes/sec)
24666 rm   0.01 CALL  unlink(0x7f7bb91b)
24666 rm   0.431070 RET   unlink 0

Can anybody provide any pointers on how to debug this further or
suggestions on what the problem might be?



--
С уважением,
Родин Максим



Different sound sources interfere with each other

2018-06-13 Thread Максим
Hello,
I use USB headphones on OpenBSD amd64 6.3
So they are detected on the system:
uaudio0 at uhub3 port 2 configuration 1 interface 0 "Sennheiser Communications 
Sennheiser USB headset" rev 1.10/1.00 addr 3
uaudio0: audio rev 1.00, 8 mixer controls
audio1 at uaudio0

I've set up  this audio device in accordance with official FAQ 
(https://www.openbsd.org/faq/faq13.html#confaudio)
cat /etc/rc.conf.local
"sndiod_flags=-f rsnd/1"

The first problem is: when I listen to music (cmus) and browse in the internet 
(Firefox) cmus sometimes stops playing for a second.
This happens when I click a link on a page or receive some notification from 
the web page (which may play some short sound)

The second problem is: when some audio source is played (online video or some 
music file) the sound is sometimes distorted or it bursts.
To fix this I have to pause and unpause the sound source several times.

What can be a problem? Do I need any additional setup for my audio device?

-- 
Best regards
Maksim Rodin



Re: 4-ports router under $150

2018-04-09 Thread Родин Максим

https://ru.aliexpress.com/item/QOTOM-310G4-3215U-Barebone-mini-pc-Dual-core-4-nics-Mini-pc-Ubuntu-Industrial-desktop-Computer/32769767156.html

This is what I bought for similar purposes.

It has 4 Intel Gigabit ports and their efficiency is 99%.


08.04.2018 00:59, Anatoli пишет:

Hi All!

I'm looking for a modest 4-5 ports router under $150 that works well 
with OpenBSD. I don't need WiFi, USB or console port, and the 
throughput don't need to exceed 100Mbps. The ideal device would be 
EdgeRouter X (compact, 5 ports, $50) but I know it's not supported at 
this moment and probably never will be.


EdgeRouter (ER) Lite only has 3 ports and the switch ports (eth2-4) of 
ERPOE-5 are not yet supported.


ER-4 would be great, but the 4th port is SFP, I'd need to by an SFP 
NIC for one of my devices and I'm not sure it's supported as the 
octeon page says ER PRO SFP ports are not supported yet. Also it's a 
bit expensive ($190).


Banana Pi R2 would be great too, but I couldn't find if it's supported 
by OpenBSD (it has MediaTek MT7623N, Quad-core ARM Cortex-A7).


Are there 4-5 port devices that are known to work well with OpenBSD?

Thanks,
Anatoli



--
С уважением,
Родин Максим



Re: 4-ports router under $150

2018-04-09 Thread Родин Максим
https://ru.aliexpress.com/item/QOTOM-310G4-3215U-Barebone-mini-pc-Dual-core-4-nics-Mini-pc-Ubuntu-Industrial-desktop-Computer/32769767156.html 



This is what I bought for similar purposes.

It has 4 Intel Gigabit ports and their efficiency is 99%.


08.04.2018 00:59, Anatoli пишет:

Hi All!

I'm looking for a modest 4-5 ports router under $150 that works well 
with OpenBSD. I don't need WiFi, USB or console port, and the 
throughput don't need to exceed 100Mbps. The ideal device would be 
EdgeRouter X (compact, 5 ports, $50) but I know it's not supported at 
this moment and probably never will be.


EdgeRouter (ER) Lite only has 3 ports and the switch ports (eth2-4) of 
ERPOE-5 are not yet supported.


ER-4 would be great, but the 4th port is SFP, I'd need to by an SFP 
NIC for one of my devices and I'm not sure it's supported as the 
octeon page says ER PRO SFP ports are not supported yet. Also it's a 
bit expensive ($190).


Banana Pi R2 would be great too, but I couldn't find if it's supported 
by OpenBSD (it has MediaTek MT7623N, Quad-core ARM Cortex-A7).


Are there 4-5 port devices that are known to work well with OpenBSD?

Thanks,
Anatoli



--
С уважением,
Родин Максим



Re: 4-ports router under $150

2018-04-09 Thread Максим
It has a compatible Intel Ethernet adapter (82583V)
https://man.openbsd.org/man4/em.4
I don't know what else can be a problem.

-- 
С уважением,
Родин Максим


09.04.2018, 11:29, "Anatoli" <m...@anatoli.ws>:
> Thanks, Maxim.
>
> Have you tried it with OpenBSD? Or should all these j1900 devices work well?
>
> *From:* Максим
> *Sent:* Monday, April 09, 2018 02:30
> *To:* Anatoli, Misc
> *Subject:* Re: 4-ports router under $150
>
> Hi Anatoli,
> Another good device for $165 in basic setup:
> https://ru.aliexpress.com/item/Mini-Industrial-PC-Max-8G-DDR3-Dual-Core-Mini-Desktop-Computer-x86-4-Lan-port-12v/32692470253.html?spm=a2g0v.search0104.3.23.1e1e2025iFZAQt_ab_test=searchweb0_0,searchweb201602_2_10152_10151_10065_10344_10068_10342_5722912_10343_10340_5722612_10341_10698_10697_10696_5722812_10084_10083_10618_5722712_10307_10301_10059_10534_308_100031_10103_441_10624_10623_10622_10621_5723012_10620_5722512,searchweb201603_25,ppcSwitch_3_expid=55575e8e-990d-4e17-80a8-5eec917361f0-3_pvid=55575e8e-990d-4e17-80a8-5eec917361f0=ae803_1=0
>
> --
> С уважением,
> Родин Максим
>
> 08.04.2018, 02:45, "Anatoli" <m...@anatoli.ws>:
>
>>  Hi All!
>>
>>  I'm looking for a modest 4-5 ports router under $150 that works well
>>  with OpenBSD. I don't need WiFi, USB or console port, and the throughput
>>  don't need to exceed 100Mbps. The ideal device would be EdgeRouter X
>>  (compact, 5 ports, $50) but I know it's not supported at this moment and
>>  probably never will be.
>>
>>  EdgeRouter (ER) Lite only has 3 ports and the switch ports (eth2-4) of
>>  ERPOE-5 are not yet supported.
>>
>>  ER-4 would be great, but the 4th port is SFP, I'd need to by an SFP NIC
>>  for one of my devices and I'm not sure it's supported as the octeon page
>>  says ER PRO SFP ports are not supported yet. Also it's a bit expensive
>>  ($190).
>>
>>  Banana Pi R2 would be great too, but I couldn't find if it's supported
>>  by OpenBSD (it has MediaTek MT7623N, Quad-core ARM Cortex-A7).
>>
>>  Are there 4-5 port devices that are known to work well with OpenBSD?
>>
>>  Thanks,
>>  Anatoli



Re: 4-ports router under $150

2018-04-09 Thread Максим
Hi Anatoli,
Another good device for $165 in basic setup:
https://ru.aliexpress.com/item/Mini-Industrial-PC-Max-8G-DDR3-Dual-Core-Mini-Desktop-Computer-x86-4-Lan-port-12v/32692470253.html?spm=a2g0v.search0104.3.23.1e1e2025iFZAQt_ab_test=searchweb0_0,searchweb201602_2_10152_10151_10065_10344_10068_10342_5722912_10343_10340_5722612_10341_10698_10697_10696_5722812_10084_10083_10618_5722712_10307_10301_10059_10534_308_100031_10103_441_10624_10623_10622_10621_5723012_10620_5722512,searchweb201603_25,ppcSwitch_3_expid=55575e8e-990d-4e17-80a8-5eec917361f0-3_pvid=55575e8e-990d-4e17-80a8-5eec917361f0=ae803_1=0

-- 
С уважением,
Родин Максим


08.04.2018, 02:45, "Anatoli" <m...@anatoli.ws>:
> Hi All!
>
> I'm looking for a modest 4-5 ports router under $150 that works well
> with OpenBSD. I don't need WiFi, USB or console port, and the throughput
> don't need to exceed 100Mbps. The ideal device would be EdgeRouter X
> (compact, 5 ports, $50) but I know it's not supported at this moment and
> probably never will be.
>
> EdgeRouter (ER) Lite only has 3 ports and the switch ports (eth2-4) of
> ERPOE-5 are not yet supported.
>
> ER-4 would be great, but the 4th port is SFP, I'd need to by an SFP NIC
> for one of my devices and I'm not sure it's supported as the octeon page
> says ER PRO SFP ports are not supported yet. Also it's a bit expensive
> ($190).
>
> Banana Pi R2 would be great too, but I couldn't find if it's supported
> by OpenBSD (it has MediaTek MT7623N, Quad-core ARM Cortex-A7).
>
> Are there 4-5 port devices that are known to work well with OpenBSD?
>
> Thanks,
> Anatoli



webcam in browser not seen

2018-04-07 Thread Родин Максим

Hello,
I have a laptop with OpenBSD 6.3 64bit installed.
There is a webcam on the laptop which is detected in dmesg as uvideo0 
device.
The problem is that the webcam is not seen in browser. I tried to setup 
a Google Meet session.
Audio and mic seem to have been detected (after I installed 
gstreamer1-plugins-good and gstreamer1-plugins-libav).

The webcam section shows that there is no webcam in the system.


--
Best regards
Maxim Rodin



webcam in browser not seen

2018-04-07 Thread Максим
Hello,
I have a laptop with OpenBSD 6.3 64bit installed.
There is a webcam on the laptop which is detected in dmesg as uvideo0 device.
The problem is that the webcam is not seen in browser. I tried to setup a 
Google Meet session.
Audio and mic seem to have been detected (after I installed 
gstreamer1-plugins-good and gstreamer1-plugins-libav).
The webcam section shows that there is no webcam in the system.


-- 
Best regards
Maxim Rodin



OpenBSD as l2tp vpn client

2018-04-07 Thread Максим
Hello,
Where can I find any useful information about setting up a L2TP VPN client
in recent versions of OpenBSD?
The L2TP VPN server is setup on a Microtik router.

-- 
Best regards
Maxim Rodin



Multiple layers of softraid

2018-01-30 Thread Максим
Hello,
Is it safe to make "stackable" RAID using softraid?
I mean: make two RAID1 virtual disks using softraid and then make a RAID0 
virtual disk using the previous two RAID1 virtual disks (RAID1+0).

-- 
Best regards,
Maxim Rodin



Re: Some hints to set up a PPTP or L2TP VPN client under OpenBSD

2017-12-03 Thread Максим
Hi, Denis.
At the moment I'd like to connect to a Mikrotik router which
was set up as a VPN server.
>From Ubuntu and Windows I'm able to connect
using built in solutions.
If there are some differences in MS Windows VPN Server
which I should take into account when connecting
from OpenBSD client, I'd be glad to know them as well.

Thanks in advance.
--
Maxim Rodin



03.12.2017, 13:30, "Denis" <den...@mindall.org>:
> Hi,
>
> Are you going to use OpenBSD as a client of MS Win server using L2TP and
> mschap auth?
>
> Thanks.
>
> On 12/3/2017 11:27 AM, Максим wrote:
>>  Hello,
>>  Where can I find any useful information about setting up a VPN client
>>  (PPTP or L2TP) in recent versions of OpenBSD?
>>  Everything I found goes about OpenBSD version 3.8.
>>
>>  --
>>  Best regards
>>  Maxim Rodin



Some hints to set up a PPTP or L2TP VPN client under OpenBSD

2017-12-03 Thread Максим
Hello,
Where can I find any useful information about setting up a VPN client
(PPTP or L2TP) in recent versions of OpenBSD?
Everything I found goes about OpenBSD version 3.8.

--
Best regards
Maxim Rodin



Re: NFS daemon is very slow in server-to-client direction in TCP mode

2016-04-15 Thread Максим
Thanks, Brian!You are right. The default value of 65536 for wsize and
rsize seems bad for debian client. Lower values gave me very good results
(it seems the lower the value the better the responsiveness).I finally
stopped at value 4096. Seems working.š--Best regardsRodin Maximššš14.04.2016,
15:25, "Brian Conway" :

  I ran into that same behavior with a Debian client before lowering
  the readsize and writesize in the NFS mount options (they defaulted
  to 64K I believe). Try starting at 8096 and working your way up until
  you find the failure point.

  Brian Conway
  Software Engineer, Owner
  RCE Software, LLC
  ššš

  I was using nfs service on OpenBSD (amd64) since version 5.6.

  The whole setup process repeats the steps in official FAQ on the
  OpenBSD's homepage.
  The problem was and remains (now in version 5.9 amd64):
  in TCP mode the upload speed is about 20-30MB/s
  which is quite acceptable for my needs, but the download speed is
  about 32Kb/s.

  As a workaround I had set up the debain client to connect to my
  NFS-server in UDP mode.
  In that mode the speed was good in both directions.

  In recent versions of debian OS the UDP option for NFS-client
  disappeared.
  The question is: is it possible to fix TCP mode in NFS server or is
  it still the problem of the NFS client?

  Best Regards
  Rodin Maxim



NFS daemon is very slow in server-to-client direction in TCP mode

2016-04-14 Thread Максим
I was using nfs service on OpenBSD (amd64) since version 5.6.

The whole setup process repeats the steps in official FAQ on the OpenBSD's 
homepage.
The problem was and remains (now in version 5.9 amd64): 
in TCP mode the upload speed is about 20-30MB/s
which is quite acceptable for my needs, but the download speed is about 32Kb/s.

As a workaround I had set up the debain client to connect to my NFS-server in 
UDP mode.
In that mode the speed was good in both directions.

In recent versions of debian OS the UDP option for NFS-client disappeared.
The question is: is it possible to fix TCP mode in NFS server or is it still 
the problem of the NFS client?

Best Regards
Rodin Maxim