Re: Determining the number of CPU cores and hyperthreads from userspace

2021-09-19 Thread Abel Abraham Camarillo Ojeda
is this useful?:

$ cat sysconf.c
#include 
#include 

int
main()
{
printf("nproc configured %ld\n", sysconf(_SC_NPROCESSORS_CONF));
printf("nproc online %ld\n", sysconf(_SC_NPROCESSORS_ONLN));
return 0;
}
$ cc -o sysconf sysconf.c
$ ./sysconf
nproc configured 4
nproc online 2

On Sun, Sep 19, 2021 at 1:18 PM Chris Bennett <
cpb_m...@bennettconstruction.us> wrote:

> On Sun, Sep 19, 2021 at 01:37:05PM -0400, Daniel Wilkins wrote:
> > Hyperthreads are easy: they've been disabled for years (unless they got
> flipped on and I didn't notice.)
> >
>
> Does the setting in the BIOS need to be turned off also?
> Or is it irrelevant? I had a server for a while where the company
> insisted that it be left on in the BIOS.
>
> Thanks,
> Chris
>
>


Re: sndiod on by default (does it need to be ? )

2021-02-21 Thread Abel Abraham Camarillo Ojeda
On Sun, Feb 21, 2021 at 8:39 AM Tom Smyth 
wrote:

> Hi Sebastian
> I get users want to listen to audio but if the only hardware is a buzzer
> and the user is not running x what are the chances they are using audio on
> the console only ?
>
> I can keep running
> rcctl disable sndiod
> Post install
>
> I thought linking audio support on by default to x would make sense as it
> is likely such system is for users who may need audio
>
> Just a thought
> Thanks
>
>
> On Sunday, 21 February 2021, Sebastian Benoit 
> wrote:
>
> > Tom Smyth(tom.sm...@wirelessconnect.eu) on 2021.02.21 04:08:48 +:
> > > Hello,
> > >
> > > I was wondering should sndiod (default) startup be determined based on
> > > whether or not
> > > it the install is a typical headless install (off) or  an install for
> > > a user machine with  running X
> > >
> > > is there a reason why one would need to run this daemon by default?
> >
> > Because users want to listen to audio.
> >
> > > my thinking is by having the service off by default would reduce the
> > > default attack surface of the OS ?
> >
> > How big is that attack surface? And especially compared to X?
> >
> > > perhaps the installer could use the answer to the question do you
> > > intend to run X   to determine whether or not to enable the sndiod
> > > daemon ?
> >
> > The difference is that a running sndiod is not noticable to you. Running
> X
> > is - you dont have a console anymore on your screen.
> >
> > Whereas a not running sndiod is noticable - no sound.
> >
> > Next to security, we try to make it easy for people to use OpenBSD. Not
> > asking questions when not needed is just that.
> >
> > /Benno
> >
>

I use audio with mpd + ncmpc, without X need. No thanks...


> --
> Kindest regards,
> Tom Smyth.
>


Re: OpenBSD and Shells.com

2021-02-11 Thread Abel Abraham Camarillo Ojeda
On Thu, Feb 11, 20210.00 at 4:00 PM Alex Lee  wrote:

> Just wanted to check in on this one and see if there was a chance to chat.
> Thanks!
>
> On Sun, Jan 24, 2021 at 3:07 PM Alex Lee  wrote:
>
> > Hi!  My name is Alex Lee, and I am hoping that we can partner with
> > OpenBSD.  We offer virtual cloud computers that can be accessed from any
> > web enabled device.  As we offer multiple OS options such as different
> > Linux distros and Windows, it gives the user the opportunity to use the
> OS
> > they want on the device they want (I use Ubuntu Desktop on an iPad
> Pro).  I
> > was hoping that we could chat about a potential collaboration as our
> > product can give folks an opportunity to test out OpenBSD without
> > installing it on their hardware.  I know there are a lot of folks who are
> > afraid to make the jump and this would be an easy way for them to get
> > involved with OpenBSD.  Let me know if we could chat more!   Thanks.
> >
> > alex
> >
>

As far as I know you don't need to ask permission to do that kind of
service,
or I don't understand what you're requesting


Re: wireguard listen in other rdomain?

2020-08-11 Thread Abel Abraham Camarillo Ojeda
On Tue, Aug 11, 2020 at 6:22 PM Matt Dunwoodie  wrote:

> On Tue, 11 Aug 2020 17:46:05 -0500
> Abel Abraham Camarillo Ojeda  wrote:
>
> > Hi to all,
> >
> > (unsure if this if for tech@ or misc@)
>
> Probably better suited for misc, moved there.
>
> > I'm using wireguard interfaces but I see that no matter what
> > domain I put the interface:
> >
> > # ifconfig wg0 rdomain X
> >
> > It always listens in rdomain 0 (default),
> > is this expected?, is there any way to listen in another rdomain?
> > I want to expose several wg interfaces all listening in same port but
> > there's not option to listen in another ip address:
> >
> >  wgport port
> >  Set the UDP port that the tunnel operates on.  The
> >  interface will
> >  bind to INADDR_ANY and IN6ADDR_ANY_INIT.  If no port is
> >  configured, one will be chosen automatically.
> >
> > I tried creating several wg interfaces with different wgport and using
> > pf udp redirections but source address selection gets very messy...
> >
> > Ideas?
>
> Have a look at "wgrtable" in ifconfig(8) to listen in another rdomain.
>

Thanks, will check that.


>
> However, I'd like to know the reason for wanting multiple interfaces
>


I made the original mail just from memory, but after reviewing the machine
in question I realized that what I really wanted to do was having a single
wg interface listen in several ports

I run on this machine some services that are hard to isolate with pf so I
run them
in another rdomain (nfsd) and was exploring into how to make all this
work + wg


> and why they should be listening on the same port.


I'm worried about extreme firewalls by universities/hotels and such here
(Mexico) that block most ports,
so I just recalled that what I really wanted was having a single wg
interface listen in several of probably
opened ports like:

udp 4500
udp 53  (wanted to listen on udp53 on uplink interface/rdomain because I'm
using udp53 in rdomain 0 for
 internal dns resolver)
udp 123 (ntp)
udp 443 (quic?)


> Perhaps there is
> a better solution than rdomains and pf redirections.
>

Sorry for this poorly described mail, maybe I need some sleep...

Will try to answer this better tomorrow

Thanks for your attention, I left that machine with a very fragile/complex
setup that I'm having
problems understanding right now...


> Cheers,
> Matt
>


Re: how to mount phone?

2020-07-14 Thread Abel Abraham Camarillo Ojeda
On Tue, Jul 14, 2020 at 5:07 AM Jan Stary  wrote:

> On Jul 13 14:39:35, justinkm...@gmail.com wrote:
> > Just wishing to mount my phone to access photos.
> > Here's the output from dmesg:
> > ugen0 at uhub0 port 3 "Alcatel U50? Alcatel U50?" rev 2.00/3.10 addr 2
> > Any ideas on how this might be mounted??
>
> I believe phone OSes go out of their way to _not_ expose
> the storage as an umass. You need a dedicated app to do
> things as fundamental as copying a file.
>
>
I think you can use adb (in packages) to copy more "easily"
(without installing third-party apps on phone):

https://developer.android.com/studio/command-line/adb#copyfiles


Re: disklabel: autoalloc failed

2020-06-26 Thread Abel Abraham Camarillo Ojeda
On Fri, Jun 26, 2020 at 1:43 PM Rupert Gallagher 
wrote:

> Ref. disklabel(8)
> > The maximum disk and partition size is 64PB.
>
> Is that so? Let see...
>
> OpenBSD 6.7 (GENERIC.MP) #2: Thu Jun  4 09:55:08 MDT 2020
>
> $> doas dmesg | grep sd3
> sd3 at scsibus2 targ 2 lun 0: 
> naa.5000c500c3ad5c90
> sd3: 4769307MB, 512 bytes/sector, 9767541168 sectors
>
> $> doas disklabel -p t sd3
> # /dev/rsd3c:
> type: SCSI
> disk: SCSI disk
> label: ST5000LM000-2AN1
> duid: [omitted]
> flags:
> bytes/sector: 512
> sectors/track: 255
> tracks/cylinder: 511
> sectors/cylinder: 130305
> cylinders: 74959
> total sectors: 9767541168 # total bytes: 4.5T
> boundstart: 256
> boundend: 4294852800
> drivedata: 0
>
> 16 partitions:
> #size   offset  fstype [fsize bsize   cpg]
>   c: 4.5T0  unused
>
> $> doas disklabel -E sd3
> sd3> p t
> OpenBSD area: 256-4294852800; size: 2.0T; free: 2.0T
> ..^^ :(
>

are you using MBR or GPT?


> #size   offset  fstype [fsize bsize   cpg]
>   c: 4.5T0  unused
>
> $> echo "/ 4T" >label
>
> $> doas disklabel -w -A -T label sd3
> disklabel: autoalloc failed
>
> :(
>
> $> doas disklabel -E sd3
> Label editor (enter '?' for help at any prompt)
> sd3> p t
> OpenBSD area: 256-4294852800; size: 2.0T; free: 2.0T
> #size   offset  fstype [fsize bsize   cpg]
>   c: 4.5T0  unused
> sd3> a
> partition: [a]
> offset: [256]
> size: [4294852544]
> FS type: [4.2BSD]
> sd3*> p t
> OpenBSD area: 256-4294852800; size: 2.0T; free: 0.0T
> #size   offset  fstype [fsize bsize   cpg]
>   a: 2.0T  256  4.2BSD   8192 65536 1
>   c: 4.5T0  unused
> sd3*>
>
> :(
>
>


Re: Sound is good on OpenBSD

2020-04-30 Thread Abel Abraham Camarillo Ojeda
On Wed, Apr 29, 2020 at 7:46 AM Alexandre Ratchov  wrote:

> On Wed, Apr 29, 2020 at 11:46:06AM +0200, Moises Simon wrote:
> > On Tue, Apr 28, 2020 at 03:38:58PM -0500, Abel Abraham Camarillo Ojeda
> wrote:
> > > I think increasing -b option in sndiod helps to prevent audio jumping,
> I
> > > hear music with a local mpd with music directory over nfs, plus a lot
> of
> > > firefox and chrome and hear no jumps , etc
> > >
> > > regards
> >
> > I can confirm. For me setting -b 8640 stops the audio jumping.
> >
> > Thanks Abel.
> >
>
> what devices are you using? azalia? usb?
>


azalia0 at pci0 dev 31 function 3 "Intel 100 Series HD Audio" rev 0x21: msi
azalia0: codecs: Realtek ALC298, Intel/0x2809, using Realtek ALC298
audio0 at azalia0

$ grep sndiod /etc/rc.conf.local
sndiod_flags=-b12000

dmesg just in case:

 OpenBSD 6.7-beta (GENERIC.MP) #125: Sun Apr 12 14:56:53 MDT 2020
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8431632384 (8041MB)
avail mem = 8163483648 (7785MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.0 @ 0xb9908000 (58 entries)
bios0: vendor LENOVO version "R0GET56W (1.56 )" date 08/31/2017
bios0: LENOVO 20JVS17D00
acpi0 at bios0: ACPI 5.0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP UEFI SSDT SSDT HPET APIC MCFG ECDT SSDT BOOT BATB
SLIC SSDT SSDT WSMT SSDT SSDT DBGP DBG2 MSDM DMAR ASF! FPDT UEFI
acpi0: wakeup devices GLAN(S4) XHC_(S3) XDCI(S4) HDAS(S4) RP01(S4) RP02(S4)
RP04(S4) RP05(S4) RP06(S4) RP07(S4) RP08(S4) RP09(S4) RP10(S4) RP11(S4)
RP12(S4) RP13(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 2399 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2960.10 MHz, 06-4e-03
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,MD_CLEAR,TSXFA,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 24MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2860.65 MHz, 06-4e-03
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,MD_CLEAR,TSXFA,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 1 (application processor)
cpu2: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2860.64 MHz, 06-4e-03
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,MD_CLEAR,TSXFA,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 1, core 0, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2860.64 MHz, 06-4e-03
cpu3:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,MD_CLEAR,TSXFA,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 120 pins
acpimcfg0 at acpi0
acpimcfg0: addr 0xf800, bus 0-63
acpiec0 at acpi0
acpiprt0 at acpi0: bus 0 (PCI0)
a

Re: Sound is good on OpenBSD

2020-04-28 Thread Abel Abraham Camarillo Ojeda
On Tuesday, April 28, 2020, David Demelier  wrote:

> Le 28/04/2020 à 14:01, Yury Grebenkin a écrit :
>
>> OpenBSD gives a better sound experience on my machine than several
>> Linux distributions I have used and FreeBSD. Just want to say thank
>> you to all the people involved and state the fact that OpenBSD does
>> make a difference.
>>
>
> The audio stack is definitely better as we have the clean and simple sndio
> interface while Linux has to deal with ALSA, Jack, PulseAudio and maybe
> pipewire at some point.
>
> That said, I personally have stuttering when playing music on OpenBSD and
> doing some CPU “intensive” tasks like many firefox tabs opened. I'd be glad
> to see if it works better for you and if you tweak the system to avoid that.
>
> --
> David


I think increasing -b option in sndiod helps to prevent audio jumping, I
hear music with a local mpd with music directory over nfs, plus a lot of
firefox and chrome and hear no jumps , etc

regards


Re: Will windows 10 boot after installing openBSD?

2020-04-13 Thread Abel Abraham Camarillo Ojeda
On Monday, April 13, 2020, Никита Степанов 
wrote:

>
Yes


Re: 10GBit network performance on OpenBSD 6.4

2019-04-08 Thread Abel Abraham Camarillo Ojeda
On Sun, Apr 7, 2019 at 5:21 PM Mark Schneider 
wrote:

> Short feedback:
>
> Just for the test I have checked the 10GBit network performance
> between two FreeBSD 13.0 servers (both HP DL380g7 machines)
> transfering data in both directions
>
> # ---
> ironm@fbsdsrv2:~ $ scp ironm@200.0.0.10:/home/ironm/t2.iso t100.iso
> Password for ironm@fbsdsrv1:
> t2.iso 100% 3626MB 130.2MB/s   00:27
>
> # ---
> ironm@fbsdsrv2:~ $ scp obsd2fbsd.iso ironm@200.0.0.10:/home/ironm/t1.iso
> Password for ironm@fbsdsrv1:
> obsd2fbsd.iso  100% 3626MB 140.4MB/s   00:25
> # ---
>
> The ssh performance using 10GBit network connection on FreeBSD 13.0
> is approx 7 times higher than the one on OpenBSD 6.4.
>
> Is it the question of the "ix" NIC driver of OpenBSD 6.4?
> (X520-DA2 NICs from Intel)
>
> Does one of you achieve good 10Gbit network performance with other
> 10Gbit NICs?
>
> Thank you in advance for your hints.
>
> Kind regards
> Mark
>
> --
> m...@it-infrastrukturen.org
>
>
> Am 06.04.2019 22:52, schrieb Mark Schneider:
> > Hi,
> >
> > Please allow me few questions regarding 10GBit network performance on
> > OpenBSD 6.4.
> > I face quite low network performance  for the Intell X520-DA2 10GBit
> > network card.
> >
> > Test configuration in OpenBSD-Linux-10GBit_net_performance.txt -
> > http://paste.debian.net/1076461/
> > Low transfer rate for scp - OpenBSD-10GBit-perftest.txt -
> > http://paste.debian.net/1076460/
> >
> > Test configuration:
> > # ---
> > # OpenBSD 6.4 on HP DL380g7
> > # -
> >
> > # 10GBit X520-DA2 NIC
> > ix0: flags=208843
> > mtu 1500
> > media: Ethernet autoselect (10GbaseSR
> > full-duplex,rxpause,txpause)
> > inet6 fe80::d51e:1b74:17d7:8230%ix0 prefixlen 64 scopeid 0x1
> > inet 200.0.0.3 netmask 0xff00 broadcast 200.0.0.255
> >
> > ix1: flags=208843
> > mtu 1500
> > media: Ethernet autoselect (10GbaseSR
> > full-duplex,rxpause,txpause)
> > inet 10.0.0.7 netmask 0xff00 broadcast 10.0.0.255
> > inet6 fe80::b488:caea:5d6f:9992%ix1 prefixlen 64 scopeid 0x2
> > # ---
> >
> > Compare to Linux the 10GBit transfer from/to OpenBSD is few times slower:
> >
> > # ---
> > # OpenBSD to Linux (Asus P8BWS)
> > # -
> > srvob# iperf3 -c 10.0.0.2
> > ...
> > - - - - - - - - - - - - - - - - - - - - - - - - -
> > [ ID] Interval   Transfer Bitrate
> > [  5]   0.00-10.00  sec  1.50 GBytes  1.29 Gbits/sec
> > sender
> > [  5]   0.00-10.20  sec  1.50 GBytes  1.27 Gbits/sec
> > receiver
> > # ---
> >
> >
> > # ---
> > # Linux (DL380g7) to Linux (Asus P8BWS)
> > # -
> > root@kali:~# iperf3 -c 100.0.0.2
> > ...
> > - - - - - - - - - - - - - - - - - - - - - - - - -
> > [ ID] Interval   Transfer Bitrate Retr
> > [  5]   0.00-10.00  sec  10.9 GBytes  9.39 Gbits/sec 328
> > sender
> > [  5]   0.00-10.04  sec  10.9 GBytes  9.35 Gbits/sec
> > receiver
> > # ---
> >
> > The scp transfer rate is like 21MBytes/s only per ssh connection
> > (OpenBSD <-> Linux):
> > # ---
> > root@kali:~# scp /re*/b*/ka*/kali-linux-kde-2019.1a-*.iso
> > ironm@10.0.0.7:/home/ironm/t12.iso
> > ironm@10.0.0.7's password:
> > kali-linux-kde-2019.1a-amd64.iso 4%  173MB
> > 21.5MB/s   02:40 ETA
> > # ---
> >
> >
> > The 1GBit cooper based NIC works also slower but reaching almost 40%
> > of the max trasfer rate of 1 Gbit:
> >
> > # ---
> > # OpenBSD 6.4 (DL380g7 1Gbit NIC) to Linux (DL380g7 1GBit NIC)
> > # 
> > srvob# iperf3 -c 170.0.0.10
> > ...
> > - - - - - - - - - - - - - - - - - - - - - - - - -
> > [ ID] Interval   Transfer Bitrate
> > [  5]   0.00-10.00  sec   471 MBytes   395 Mbits/sec
> > sender
> > [  5]   0.00-10.20  sec   471 MBytes   388 Mbits/sec
> > receiver
> > # ---
> >
> > # ---
> > # Linux (Asus P8BWS) to Linux (DL380g7)
> > # -
> > root@kali:~# iperf3 -c 192.168.1.122
> > ...
> > - - - - - - - - - - - - - - - - - - - - - - - - -
> > [ ID] Interval   Transfer Bitrate Retr
> > [  5]   0.00-10.00  sec  1.09 GBytes   939 Mbits/sec 183
> > sender
> > [  5]   0.00-10.04  sec  1.09 GBytes   934 Mbits/sec
> > receiver
> > # ---
> >
> >
> > Thank you in advance for your hints what OpenBSD 6.4 settings do I miss.
> >
> > Best regards
> > Mark
> >
>

Whats your performance without scp? tcpbench / netcat, for example?


Re: dmesg for edgerouter 6p

2018-10-23 Thread Abel Abraham Camarillo Ojeda
On Tue, Oct 23, 2018 at 4:24 PM Holger Glaess  wrote:

> hi
>
> i upgrade from an native 6.4 beta installation , no problems at all.
>
>
> / 29>dmesg
> Copyright (c) 1982, 1986, 1989, 1991, 1993
>  The Regents of the University of California.  All rights reserved.
> Copyright (c) 1995-2018 OpenBSD. All rights reserved.
> https://www.OpenBSD.org
>
> OpenBSD 6.4 (GENERIC.MP) #0: Sat Oct 13 03:52:37 UTC 2018
>  visa@octeon:/usr/src/sys/arch/octeon/compile/GENERIC.MP
> real mem = 1073741824 (1024MB)
> avail mem = 1038041088 (989MB)
> mainbus0 at root: board 20300 rev 1.20
> cpu0 at mainbus0: CN70xx/CN71xx CPU rev 0.2 1000 MHz, CN70xx/CN71xx FPU
> rev 0.0
> cpu0: cache L1-I 78KB 39 way D 32KB 32 way, L2 1024KB 8 way
> cpu1 at mainbus0: CN70xx/CN71xx CPU rev 0.2 1000 MHz, CN70xx/CN71xx FPU
> rev 0.0
> cpu1: cache L1-I 78KB 39 way D 32KB 32 way, L2 1024KB 8 way
> cpu2 at mainbus0: CN70xx/CN71xx CPU rev 0.2 1000 MHz, CN70xx/CN71xx FPU
> rev 0.0
> cpu2: cache L1-I 78KB 39 way D 32KB 32 way, L2 1024KB 8 way
> cpu3 at mainbus0: CN70xx/CN71xx CPU rev 0.2 1000 MHz, CN70xx/CN71xx FPU
> rev 0.0
> cpu3: cache L1-I 78KB 39 way D 32KB 32 way, L2 1024KB 8 way
> clock0 at mainbus0: int 5
> octcrypto0 at mainbus0
> iobus0 at mainbus0
> simplebus0 at iobus0: "soc"
> octciu0 at simplebus0
> octcib0 at simplebus0: max-bits 23
> octcib1 at simplebus0: max-bits 12
> octcib2 at simplebus0: max-bits 6
> octcib3 at simplebus0: max-bits 15
> octcib4 at simplebus0: max-bits 4
> octcib5 at simplebus0: max-bits 11
> octcib6 at simplebus0: max-bits 11
> cn30xxsmi0 at simplebus0
> octxctl0 at simplebus0: DWC3 rev 0x250a
> xhci0 at octxctl0, xHCI 1.0
> usb0 at xhci0: USB revision 3.0
> uhub0 at usb0 configuration 1 interface 0 "Generic xHCI root hub" rev
> 3.00/1.00 addr 1
> octxctl1 at simplebus0: DWC3 rev 0x250a
> xhci1 at octxctl1, xHCI 1.0
> usb1 at xhci1: USB revision 3.0
> uhub1 at usb1 configuration 1 interface 0 "Generic xHCI root hub" rev
> 3.00/1.00 addr 1
> com0 at simplebus0: ns16550a, 64 byte fifo
> com0: console
> com1 at simplebus0: ns16550a, 64 byte fifo
> com1: probed fifo depth: 0 bytes
> octmmc0 at simplebus0
> sdmmc0 at octmmc0: 8-bit, mmc high-speed
> sdmmc1 at octmmc0: 8-bit, mmc high-speed
> octrng0 at iobus0 base 0x14000 irq 0
> cn30xxgmx0 at iobus0 base 0x118000800
> cnmac0 at cn30xxgmx0: SGMII, address fc:ec:da:40:fa:42
> ukphy0 at cnmac0 phy 4: Generic IEEE 802.3u media interface, rev. 2: OUI
> 0x0001c1, model 0x000c
> cnmac1 at cn30xxgmx0: SGMII, address fc:ec:da:40:fa:43
> ukphy1 at cnmac1 phy 5: Generic IEEE 802.3u media interface, rev. 2: OUI
> 0x0001c1, model 0x000c
> cnmac2 at cn30xxgmx0: SGMII, address fc:ec:da:40:fa:44
> ukphy2 at cnmac2 phy 6: Generic IEEE 802.3u media interface, rev. 2: OUI
> 0x0001c1, model 0x000c
> cnmac3 at cn30xxgmx0: SGMII, address fc:ec:da:40:fa:45
> ukphy3 at cnmac3 phy 7: Generic IEEE 802.3u media interface, rev. 2: OUI
> 0x0001c1, model 0x000c
> cn30xxgmx1 at iobus0 base 0x118001000
> cnmac4 at cn30xxgmx1: SGMII, address fc:ec:da:40:fa:46
> ukphy4 at cnmac4 phy 8: Generic IEEE 802.3u media interface, rev. 0: OUI
> 0x0001c1, model 0x0027
> cnmac5 at cn30xxgmx1: SGMII, address fc:ec:da:40:fa:47
> ukphy5 at cnmac5 phy 9: Generic IEEE 802.3u media interface, rev. 0: OUI
> 0x0001c1, model 0x0027
>

Do the six ports work?

Thanks


> /dev/ksyms: Symbol table not valid.
> umass0 at uhub0 port 2 configuration 1 interface 0 "Generic USB3.0 Card
> Reader" rev 3.00/15.32 addr 2
> umass0: using SCSI over Bulk-Only
> scsibus0 at umass0: 2 targets, initiator 0
> sd0 at scsibus0 targ 1 lun 0:  SCSI4
> 0/direct removable serial.05e307491532
> sd0: 61056MB, 512 bytes/sector, 125042688 sectors
> sdmmc1: can't enable card
> scsibus1 at sdmmc0: 2 targets, initiator 0
> sd1 at scsibus1 targ 1 lun 0:  SCSI2 0/direct
> removable
> sd1: 3776MB, 512 bytes/sector, 7733248 sectors
> vscsi0 at root
> scsibus2 at vscsi0: 256 targets
> softraid0 at root
> scsibus3 at softraid0: 256 targets
> boot device: sd0
> root on sd0a (1e8c6ddb499f7a0a.a) swap on sd0b dump on sd0b
> WARNING: No TOD clock, believing file system.
> WARNING: CHECK AND RESET THE DATE!
> 20:25:13 Mon Aug 20
>
>
> holger
>
>
>


Re: How to copy n bytes from stdin to stdout?

2018-06-21 Thread Abel Abraham Camarillo Ojeda
On Thu, Jun 21, 2018 at 3:57 AM, Maximilian Pichler
 wrote:
> On Thu, Jun 21, 2018 at 9:48 AM, Otto Moerbeek  wrote:
>>> On Thu, Jun 21, 2018 at 12:11:52AM +0200, Maximilian Pichler wrote:
>>> > I'm just wondering what these other utilities might be.
>>>
>>> hexdump -v -n 1234567 -e '"%c"'
>
> Speed-wise this is roughly on par with 'dd bs=1'.
>
>>> If the input doesn't contain backslashes (or something else, tr(1))
>>>
>>>   vis -aoF6 | head -n 1234567 | unvis
>
> Backslashes exist. :)
>
>> Variation that buffers the writes:
>>
>> dd ibs=1 count=n
>
> Nice, this is about three time as fast as bs=1. Both are much slower
> than 'ghead -c'.
>


Reads buffered the first 5 chars from file:

$ cat file | perl -ne 'BEGIN { $/ = \1 } print if $. <= 5; exit 0 if $. == 5'

maetel$ kdump  | grep read\(0
 43509 perl CALL  read(0,0xc9e9996f000,0x2000)
maetel$
maetel$ kdump  | grep write\(1
 43509 perl CALL  write(1,0xc9e0c6c5000,0x5)
maetel$



Re: Flatbed scanner that works well with OpenBSD?

2018-01-21 Thread Abel Abraham Camarillo Ojeda
On Fri, Jan 19, 2018 at 1:47 PM, Ax0n  wrote:
> Slightly related, I have a CanoScan LiDE 100 that used to work great with
> OpenBSD, using either ScanImage or simple-scan. It's detected, but sometime
> around OpenBSD-5.6 it stopped working. I use it infrequently enough, and I
> have enough computers that I usually just give up and have my wife use her
> Windows laptop to scan for me. I have a slightly vested interest in having
> my only scanner work with my main daily desktop/laptop OS.

Same here with same CanoScan LiDE 100, also don't know precisely when
it stopped working.

>
> I'll try installing some old versions of OpenBSD and see if I can find
> where it broke, and post dmesg's of the before/after mess, if anyone thinks
> that would help.
>
> On Fri, Jan 19, 2018 at 11:38 AM, Anthony J. Bentley 
> wrote:
>
>> Base Pr1me writes:
>> > Did you give your userland user/group permissions to use the uhub/ugen
>> > device?
>>
>> Of course; without that I wasn't able to detect the scanner in the first
>> place.
>>
>> > On Fri, Jan 19, 2018 at 9:59 AM, Anthony J. Bentley 
>> > wrote:
>> >
>> > > Bryan Linton writes:
>> > > > Hello misc@
>> > > >
>> > > > I'm currently looking to purchase a scanner that works well with
>> OpenBSD.
>> > > >
>> > > > I'm aware of the list provided at:
>> > > >
>> > > >   http://www.sane-project.org/sane-mfgs.html
>> > > >
>> > > > but I recently purchased (and returned) a scanner that was listed as
>> > > being
>> > > > fully supported on that list because no matter what I did, I couldn't
>> > > > get it to work right with xsane or scanimage.  Though I purchased it
>> > > used,
>> > > > so it's possible it may have simply been broken from the get-go.
>> > > >
>> > > > Does anyone happen to know of a scanner that is *known* to work well
>> > > > with OpenBSD?
>> > >
>> > > Well, I just bought a CanoScan 9000F MkII specifically because it was
>> > > marked as fully supported on that list, and I can say it does NOT work
>> > > on OpenBSD; scanimage -L detects it just fine but attempting to scan
>> > > gives an I/O error. As a workaround I plugged it into a Linux laptop,
>> > > started saned, and scan seamlessly from OpenBSD with scanimage's
>> network
>> > > support, until I find the time to make a proper bug report.
>> > >
>> > > In the past I used a CanoScan LiDE 20 quite regularly from OpenBSD, but
>> > > that was several years ago.
>> > >
>> > >
>>
>>



Re: support new

2018-01-01 Thread Abel Abraham Camarillo Ojeda
On Monday, January 1, 2018, Theo Buehler <t...@theobuehler.org> wrote:

> On Sat, Dec 30, 2017 at 12:18:18AM -0600, Abel Abraham Camarillo Ojeda
> wrote:
> > 0
> > C Mexico
> > P Nuevo Leon
> > T Monterrey
> > Z 67113
> > O Abel Abraham Camarillo Ojeda
> > I
> > A La pradera 314, Guadalupe
> > M supp...@verlet.org
> > U
> > B
> > X
> > N Over 9 years of experience with OpenBSD. Infrastructure, networking
> > and software consulting and development; strong focus on UNIX,
> > specially OpenBSD and Linux.
> >
>
> added. thanks
>
>
Thank you


support new

2017-12-29 Thread Abel Abraham Camarillo Ojeda
0
C Mexico
P Nuevo Leon
T Monterrey
Z 67113
O Abel Abraham Camarillo Ojeda
I
A La pradera 314, Guadalupe
M supp...@verlet.org
U
B
X
N Over 9 years of experience with OpenBSD. Infrastructure, networking
and software consulting and development; strong focus on UNIX,
specially OpenBSD and Linux.



Re: EdgeRouter Lite VS Alix2D3

2017-12-04 Thread Abel Abraham Camarillo Ojeda
On Mon, Dec 4, 2017 at 7:49 AM, Ivo Chutkin  wrote:
> Hello list,
>
> When I read OpenBSD could run on EdgeRouter Lite, I give it a try (now with
> 6.2 current as of 28.11.2017).
> I expected closer performance to Alix, but ERL even do not respond on
> console in reasonable times, for example, it takes 10-15 sec to log in.

I cannot confirm this, when I:

# cu -s 115200 -l cua00

to my ERL3 I can login immediately (less than <1seg after entering password)

how do you measure it?

> After reboot, it takes about 5 min on "reordering libraries:" vs 30 sec on
> Alix.

Well, it depends on your storage write speed, I'm using a memory with
like 8MBps (write) and I think thats your bottleneck, maybe you could try:

library_aslr=NO

regards

>
> Is it what I should expect from ERL or I am doing something wrong here?
>
> Thanks for your input,
> Ivo
>
>



Re: A stupid question, re: xargs(1)

2017-10-14 Thread Abel Abraham Camarillo Ojeda
On Sat, Oct 14, 2017 at 12:02 PM, Raul Miller  wrote:
> On Sat, Oct 14, 2017 at 10:26 AM, Marc Espie  wrote:
>> the find -print0 / xargs -0 couple was designed to solve that problem
>> a long time ago in one specific case.
>
> I suppose the other angle to take would be the addition of a null
> delimiter option for other command line utilities.
>

find . |  grep something | more filters | perl -ne 'chomp; print
"$_\0"'  | xargs -0 ...

> Put differently: if it's "broken by design" then there's no real
> non-broken motives for avoiding incompatibilities with that design.
>
> Which is *not* to say that my kneejerk reactions are the right
> approach: Other people's insight's are important. But: short term
> buy-in, less so (though can't be ignored in the long run).
>
> Thanks,
>
> --
> Raul
>



Re: show total memory used / allocated by a program

2017-03-17 Thread Abel Abraham Camarillo Ojeda
You could also use time(1), the command, not the shell built-in:

$ env time -l echo

0.00 real 0.01 user 0.00 sys
   552  maximum resident set size
 0  average shared memory size
 0  average unshared data size
 0  average unshared stack size
51  minor page faults
15  major page faults
 0  swaps
 4  block input operations
 0  block output operations
 0  messages sent
 0  messages received
 0  signals received
 4  voluntary context switches
 0  involuntary context switches
$



On Fri, Mar 17, 2017 at 10:13 AM, Manuel Solis 
wrote:
> Hello again!!
>
>
> Yes, indeed systat and vmstat are a good options too.
>
> Mihai Popescu,
>
> Please try one of these examples and see if they show you the information
> you are looking for:
>
> suggestion1:  $ top |head -n5| tail -n1
> suggestion2:  $ vmstat -s|more
> suggestion3:  $ vmstat -m|more
> suggestion4:  $ systat
>
> I hope this information will help :)
>
> Manuel
>
>
> On Fri, Mar 17, 2017 at 9:19 AM, Edgar Pettijohn 
> wrote:
>
>> .
>>
>> > On Mar 17, 2017, at 9:21 AM, Manuel Solis 
>> wrote:
>> >
>> > Hello,
>> >
>> >> El 17/03/2017, a las 05:04, Mihai Popescu  escribió:
>> >>
>> >> Hello,
>> >>
>> >> I am using top to show running programs activity on an OpenBSD system.
>> >>
>> >> Is there another better command to show in detail the memory used by
>> > programs?
>> >
>> > Top is really a good command, you should see de man page for more
>> options.
>> >
>> >>
>> >> My system has 8GB physical RAM. Looking at this, can someone tell me
>> >> if OpenBSD uses the "swap memory" model used by other OSes, basically
>> >> moving chunks from physical memory to the swap partition when they are
>> >> not used?
>> >
>> > Yes it does, you could use the #disklabel  command to see it
>> >>
>> >> If a program ask for a memory allocation, is this request satisfied
>> >> imediately if there is enough physical RAM available or is it done at
>> >> the moment the program needs to do read/write on that memory?
>> >>
>> >> Expanding the first question, is there a command to show all these
>> >> details, like total memory used, static and dynamic, how much is
>> >> physical or swap, etc?
>> >>
>> > top is the command that you are looking for :)
>> >
>> >
>> >> Thank you.
>> >>
>> >
>> > I hope that information is useful for your needs, i recommend you to
>> look at
>> > the Faq page
>> > https://www.openbsd.org/faq/index.html
>> > 
>> > they really did a great job explaining everything and most of what it
>> has are
>> > practical examples, if you need expanded theory then you should get the
>> book
>> > Absolute OpenBSD - By Michael W Lucas, it helped me a lot.
>> > http://www.nostarch.com/obenbsd2e 
>> >
>> > Best reggards!!!
>> >
>> > Manuel
>>
>> I think systat or vmstat may be helpful.
>>
>
>
>
> --
> Ing. Manuel Solís Agüero
> Corporativo Los Solises
> Cel: (871) 108 6000
> Tel: (871) 721 6303



Re: Freezing VMs on Bytemark Hosting

2016-07-29 Thread Abel Abraham Camarillo Ojeda
On Fri, Jul 29, 2016 at 7:48 AM, Edd Barrett  wrote:
> On Wed, Jul 27, 2016 at 04:27:00PM +, Mark Lee Smith wrote:
>> I have a host running OpenBSD 5.9 -stable on Vultr which has been doing the
>> same thing; freezing once a week. Is there any information that I could
>> provide if/when it happens again?
>
> Interesting...
>
> Does Vultr use kvm+qemu?

dmesg from vultr attached.

I'm not having problems using it.


>
> At the moment I am trying to narrow down what the freeze could possibly
> be related to. I really have no idea.
>
> I think I am going to throw up another VM and deploy a DEBUG kernel on
> it, to see if it gives any clues.
>
> What have you tried so far btw?
>
> --
> Best Regards
> Edd Barrett
>
> http://www.theunixzoo.co.uk

[demime 1.01d removed an attachment of type application/octet-stream which had 
a name of dmesg]



Re: DNS servers around here not working for days. dig works. fix?

2016-06-15 Thread Abel Abraham Camarillo Ojeda
On Tue, Jun 14, 2016 at 3:49 PM, Chris Bennett
 wrote:
> On Tue, Jun 14, 2016 at 09:05:57PM +0100, Stuart Henderson wrote:
>>
>> If you can't find some other way to get things working then at least
>> you should be able to browse by "ssh -D 1080 somehost" and setting the
>> browser to use 127.0.0.1:1080 as SOCKS proxy, and tell it to have the
>> far end resolve DNS (in Firefox, tick the 'remote DNS' box).
>>
>
> For now, this works. I'm a little tired right now. This is working.
> I will try later or tomorrow to get a proper solution. This is not going
> to be an everyday solution!
>
> Thanks,
> Chris Bennett
>

Which mexican ISP are you using?

Here in mexico I know some big ISP get arrangements with companies
like google to provide 'local cache' of some of its services - like 8.8.8.8
DNS; I'm referring to Axtel in Mexico, precisely...



Re: OpenBSD5.7, hangs on ppb6 "Intel 5000 PCIE" Dell poweredge 1950

2016-02-11 Thread Abel Abraham Camarillo Ojeda
On Thu, Feb 11, 2016 at 6:18 PM, John Nyhuis  wrote:
> We had a drive failure, and after replacement I am reinstalling our bridging
> Firewall, OpenBSD 5.7 - amd64, bsd.mp kernal.  This is the same version that
> was running stably on this server before.
>
> HW: Dell Poweredge 1950 v2, BIOS 2.7.0
>
> We made it through the install OK, but on first boot, I hang on:
> "ppb6 at pci0 dev 3 function 0 "Intel 5000 PCIE" rev 0x12"
> "pci7 at ppb6 bus 1"
>
> I've gone through the BIOS and disabled everything, including the NICs which
> I actually need for the final solution, and I still hang at the same device
> "Intel 5000 PCIE" rev 0x12" while the OS is loading.
>
> Google hasn't turned up much of use.
> Any ideas?
> --
> Thanks,
> John N.
>

In my experience with this servers - poweredge 1950 - this has been
'fixed' by changing RAID cards,
we keep a lot of PERC5 cards on site because of this...

sometimes we have seen some 'broken capacitors' on these cards,
so sometimes the card was broken, not some hdds

regards~



Re: Question about core dumps and swap space.

2015-10-20 Thread Abel Abraham Camarillo Ojeda
Hi

On Mon, Oct 19, 2015 at 10:11 PM, Nick Holland
 wrote:
> [...]
> and thus, I'll suggest you just don't worry about it.  IF you manage to
> find a way to panic your machine, drop the memory wy down to 2G or
> so, reproduce it and worry about a 2G core dump.

Nick, In this case boot.conf:

machine memory=2G

would be enough? or should one get other ram sticks...?

Thanks

> And -- even if you do have a system panic, very often developers can
> make sense out of what went wrong from the output of the debugger's
> trace and ps commands, rather than having to dig through an entire core
> dump.  This is always what they ask for FIRST.
>
> Nick.



Re: Captive portal with OpenBSD as a hostap

2015-10-05 Thread Abel Abraham Camarillo Ojeda
On Mon, Oct 5, 2015 at 4:47 PM, Kapetanakis Giannis
 wrote:
> On 05/10/15 16:26, laudarch wrote:
>>
>> I made a custom implementation and a diff to authpf, will share that
>> later just in case anyone wants it.
>>
>> I hope this helps you, it pretty simple
>> http://bastienceriani.fr/?p=70
>
>
> That's nice, but how do you log-out inactive users/IPs?
> There is no such option in pf
> a) expire after a certain amount of time and/or

pfctl -t loggedusers -T expire 3600 # expire after one hour,
regardless of activity

> b) expire after a certain amount of inactivity
>
> pfsense (sorry) uses pf for all it's firewalling and ipf for tracking down
> users coming from it's captive portal.
>
> G



Re: Captive portal with OpenBSD as a hostap

2015-10-05 Thread Abel Abraham Camarillo Ojeda
On Mon, Oct 5, 2015 at 5:18 PM, Kapetanakis Giannis
<bil...@edu.physics.uoc.gr> wrote:
> On 06/10/15 01:04, Abel Abraham Camarillo Ojeda wrote:
>>
>>
>> That's nice, but how do you log-out inactive users/IPs?
>> There is no such option in pf
>> a) expire after a certain amount of time and/or
>> pfctl -t loggedusers -T expire 3600 # expire after one hour,
>> regardless of activity
>
>
> you're right on this. I'm also using it for bruteforcers but I've forgot.
> My main concern is inactive users.
>
> G
>

# i think you can do that with two tables
table  counters persist

run every hour:

# ${script that reads pfctl table and reads addresses with counters in zero};
# pfctl -t loggedusers2 -T zero; # zero remaining users counters

I've a script that does the first, but probably should be written a
_lot_ better...

~



Re: OpenBSD 5.7 httpd tls intermediate/chain certificate problem

2015-05-14 Thread Abel Abraham Camarillo Ojeda
On Thu, May 14, 2015 at 7:35 AM, Michal Lesniewski
open...@michal.wildnet.pl wrote:
 Hello,

 I'm trying to configure OpenBSD 5.7 httpd with tls with intermediate/chain
 certificate without no success.

 my httpd.conf:

 server default {
 listen on 10.11.0.200 tls port 443

 tls {
 certificate /etc/ssl/server-unified.pem
 key /etc/ssl/private/server.key
 }


I think this should be

tls certificate /etc/ssl/server-unified.pem
tls key /etc/ssl/private/server.key

 root /htdocs/default
 }

 types {
 include /usr/share/misc/mime.types
 }



 My certificate is intermediate/chain certificate. That mean I need to supply
 next level certificate that is between my certificate and CA.

 I made that chain certificate concatenating PEM format files with
 corresponding certs (all certs Signature Algorithm: sha256WithRSAEncryption)

 cat server.pem sub.class2.server.ca.pem ca-sha2.pem 
 /etc/ssl/server-unified.pem

 server-unified.pem looks like:

 -BEGIN CERTIFICATE-
 (Primary SSL certificate: server.pem)
 -END CERTIFICATE-
 -BEGIN CERTIFICATE-
 (Intermediate certificate: sub.class2.server.ca.pem)
 -END CERTIFICATE-
 -BEGIN CERTIFICATE-
 (Root certificate: ca-sha2.pem)
 -END CERTIFICATE-

 Certificate and key installed in default locations:

 # ls -alh /etc/ssl/private/server.key
 -r  1 root  wheel   6.2K May 13 19:40 /etc/ssl/private/server.key
 # ls -alh /etc/ssl/server.pem
 -rw-r--r--  1 root  wheel   3.3K May 13 19:41 /etc/ssl/server.pem
 # ls -alh /etc/ssl/server-unified.pem
 -rw-r--r--  1 root  wheel   8.0K May 14 13:53 /etc/ssl/server-unified.pem


 I try to test using openssl s_client:

 michal@michal-MSQ87TN:~$ openssl s_client -connect 10.11.0.200:443
 CONNECTED(0003)
 GET / HTTP/1.0



 httpd log:


 # httpd -dvv
 startup
 server_tls_load_keypair: using certificate /etc/ssl/server-unified.pem
 server_tls_load_keypair: using private key /etc/ssl/private/server.key
 socket_rlimit: max open files 1024
 socket_rlimit: max open files 1024
 server_privinit: adding server default
 server_privinit: adding server default
 socket_rlimit: max open files 1024
 server_launch: running server default
 server_launch: running server default
 server_launch: running server default

 there is no server_tls_init
 nothing apears when started openssl s_client command


 ^Clogger exiting, pid 20328
 server exiting, pid 17109
 server exiting, pid 6140
 server exiting, pid 16603
 parent terminating, pid 11859


 I tested combinations with unified certificate like:

 cat server.pem sub.class2.server.ca.pem  /etc/ssl/server-unified.pem
 cat ca-sha2.pem sub.class2.server.ca.pem server.pem 
 /etc/ssl/server-unified.pem
 cat sub.class2.server.ca.pem server.pem  /etc/ssl/server-unified.pem

 but situation is always as described above.


 When I try to change in config file tls certificate to:

 tls certificate /etc/ssl/server.pem

 where server.pem is PEM format file certificate from my CA (there is no
 entire SSL certificate trust chain) and start httpd:

 # httpd -dvv
 startup
 server_tls_load_keypair: using certificate /etc/ssl/server.pem
 server_tls_load_keypair: using private key /etc/ssl/private/server.key
 socket_rlimit: max open files 1024
 socket_rlimit: max open files 1024
 server_privinit: adding server default
 server_privinit: adding server default
 socket_rlimit: max open files 1024
 server_launch: running server default
 server_launch: running server default
 server_tls_init: setting up TLS for default
 server_launch: running server default
 server_tls_init: setting up TLS for default
 server_tls_init: setting up TLS for default
 server_launch: running server default
 server_launch: running server default
 server_launch: running server default
 default 10.11.0.100 - - [14/May/2015:14:07:50 +0200] GET / HTTP/1.0 200 7
 server default, client 1 (1 active), 10.11.0.100:52805 - 10.11.0.200:443,
 done
 ^Clogger exiting, pid 5930
 server exiting, pid 19884
 server exiting, pid 26372
 server exiting, pid 14384
 parent terminating, pid 22451


 I try to test using openssl s_client like before:

 michal@michal-MSQ87TN:~$ openssl s_client -connect 10.11.0.200:443
 CONNECTED(0003)
 depth=0 C = PL, ST = Mazowieckie, L = Warszawa, O = XXX, CN = XXX,
 emailAddress = XXX
 verify error:num=20:unable to get local issuer certificate
 verify return:1
 depth=0 C = PL, ST = Mazowieckie, L = Warszawa, O = XXX, CN = XXX,
 emailAddress = XXX
 verify error:num=27:certificate not trusted
 verify return:1
 depth=0 C = PL, ST = Mazowieckie, L = Warszawa, O = XXX, CN = XXX,
 emailAddress = XXX
 verify error:num=21:unable to verify the first certificate
 verify return:1
 ---
 Certificate chain
  0 s:/C=PL/ST=Mazowieckie/L=Warszawa/O=XXX/CN=XXX/emailAddress=XXX
i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom
 Class 2 Primary Intermediate Server CA
 ---
 Server 

Re: Console overrun with SPARC64 on Sun V210

2015-03-11 Thread Abel Abraham Camarillo Ojeda
On Wed, Mar 11, 2015 at 10:05 AM, John Long codeb...@inbox.lv wrote:
 Hi,

 I just installed 5.6 on a Sun V210. The console doesn't seem to know how big
 the terminal emulator screen is. Whether I use cu or minicom too many lines
 are displayed. For example top loses all the lines until about the 4th task
 line. All the CPU, mem stuff etc. rolls off. vi is also unusable on part of
 the screen.

 This all automagically works with Solaris but it's been a while since I had
 OpenBSD running on a V210 and I can't remember if this worked before or not
 or what I had to do.

 How do I fix this, please??

 Thanks.

 /jl

 --
 ASCII ribbon campaign ( ) Powered by Lemote Fuloong
  against HTML e-mail   X  Loongson MIPS and OpenBSD
and proprietary/ \http://www.mutt.org
  attachments /   \  Code Blue or Go Home!
  Encrypted email preferred  PGP Key 2048R/DA65BC04


Are you running cu inside an xterm? If so I think you can run resize(1)...



Re: bypass xlock/slock

2015-03-09 Thread Abel Abraham Camarillo Ojeda
On Mon, Mar 9, 2015 at 3:25 AM, Alex Greif a...@greifdesign.net wrote:
 Hi,

 I am currently trying to find a solution to lock my desktop system (openbsd
 5.6, amd64), but with the following steps I can always bypass xlock or
 slock:

 - run X session with startx
 - lock it with xlock or slock
 - switch to text console 2 (with [CTRL]+[ALT]+[F2])
 - switch to text console 1, where X server seems to run in foreground. The
 last message is (II) AIGLX: Suspending AIGLX clients fro VT switch
 ... now the problem begins...
 - CTRL-C a few times
 - xinit is killed
 - you are in the login shell of the user who locked the screen ... arrgh

 Is there a security advice how to prevent killing the X session by switching
 the text console and killing xinit?

 thanks,
 Alex


you could run xdm(1)...



Re: hardware support

2015-02-22 Thread Abel Abraham Camarillo Ojeda
On Sun, Feb 22, 2015 at 1:38 PM, Joseph Oficre seran...@gmail.com wrote:
 BTW, is there someone with nvidia gtx 650 card and some kind of 1920x1200
 resolution? Just to know im not alone in this cruel world..

 PS: i've made live USB, booted, but first FAST check didnt give me any
 results, just segfault on xorg -configure, need more time for it :c


I think xorg -configure is known to be broken, you should try just to
run startx(1) without xorg.conf file



Re: postgresql-server exiting abnormally after upgrade to -snapshot

2015-02-14 Thread Abel Abraham Camarillo Ojeda
On Sat, Feb 14, 2015 at 2:12 AM, Hugo Osvaldo Barrera h...@barrera.io wrote:
 On 2015-02-13 13:20, Stuart Henderson wrote:
 On 2015-02-12, Hugo Osvaldo Barrera h...@barrera.io wrote:
  On 2015-02-12 10:18, Stuart Henderson wrote:
  On 2015-02-11, Hugo Osvaldo Barrera h...@barrera.io wrote:
   Can
   someone else confirm postgres9.4 work fine on the latest -snapshot?
 (the
   confirmation would be helpful to reafirm that it's not an issue with
 some
   dependency or library).
 
  Works fine on my bacula box, running 9.4.1 (and previously 9.4.0) on
 amd64.
 
 
  Ok, so now I know that the issue is on my end. Which leaves me even more
  confused. You're running the latest snapshots too, right? (eg: the ones
 from
  feb 10th?).
 
  Aside from a clean install, do you have any more changes? Perhaps
 login.conf?

 I have the login.conf section from the example in the pkg-readme,

 postgresql:\
 :openfiles-cur=768:\
 :tc=daemon:

 and this in sysctl.conf

 # postgresql
 kern.seminfo.semmni=256
 kern.seminfo.semmns=2048
 kern.shminfo.shmmax=50331648

 sthen@hutch:~:532$ ls -l /bin/ls /usr/local/bin/postgres
 -r-xr-xr-x  1 root  bin   267968 Feb 10 23:19 /bin/ls*
 -r-xr-xr-x  1 root  bin  6508711 Feb  9 03:21 /usr/local/bin/postgres*

 sthen@hutch:~:533$ sysctl kern.version
 kern.version=OpenBSD 5.7-beta (GENERIC) #797: Tue Feb 10 16:26:12 MST 2015
 t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC


 Thanks for all the details. It looks like almost everything is identical
 except our kernels (I had a few extra fields in sysctl.conf edited for pg,
 but
 reverted them just to make sure they weren't screwing up).

   # sysctl kern.version
   kern.version=OpenBSD 5.7-beta (GENERIC.MP) #852: Tue Feb 10 16:31:16 MST
 2015
   t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

 I switched to the SP kernel just to discard any possible regressions that
 might
 be affecting this scenario, but no change.

 It looks like the issue is elsewhere, but I've no idea where to look. I've so
 far failed to build postgresql-server with debug symbols enabled too, but
 that's just lack of knowledge on my part.

 --
 Hugo Osvaldo Barrera
 A: Because we read from top to bottom, left to right.
 Q: Why should I start my reply below the quoted text?

 [demime 1.01d removed an attachment of type application/pgp-signature]



you should give more information about how to reproduce this problem,
how accurately can you reproduce it, are you sending just a given query
and it always crashes?

you should get more error context, maybe try log_statement into postgresql.conf
and try to log all statements and see which one crashes it...

http://www.postgresql.org/docs/9.4/static/runtime-config-logging.html

are you using any custom C extension?

did you dump and restore database ? did you use 'custom format' or
'plain format' ?
there where any errors on import? - postgres just warns about some
import errors,
which in my opinion are severe...



Re: recommended input methods?

2014-10-14 Thread Abel Abraham Camarillo Ojeda
On Tue, Oct 14, 2014 at 1:14 AM, Bryan Linton b...@shoshoni.info wrote:
 On 2014-10-14 14:02:52, Joel Rees joel.r...@gmail.com wrote:
 What're the recommended input methods for Japanese and Spanish?


 I can't speak for anything officially recommended, but for
 Japanese at least, I use ports/inputmethods/anthy with
 ports/inputmethods/uim and it works well.

 The only complaint I have is that for some applications, namely
 xombrero and xfe, they either do not accept Japanese input unless
 their locale is specifically changed to Japanese, such as is the
 case with xombrero, which has the side-effect of changing all
 fonts to Japanese equivalents which makes for rather ugly font
 choices made for the Latin alphabet, or in the case of xfe where
 it just does not accept Japanese input at all no matter what I
 have tried.

 An xterm invoked as uxterm and started with a Japanese font allows
 me to have a terminal which supports the input and display of
 Japanese however, so I'm not quite sure what keeps xombrero and
 xfe from working out-of-the box like Firefox, editors/leafpad, and
 devel/geany, for example.  If anyone knows, please let me know.

 I do have
 export XMODIFIERS=@im=uim
 export GTK_IM_MODULE=uim
 in my .xinitrc file.


 As far as Spanish is concerned, I simply have a dead-key set up in
 my .xinitrc
 setxkbmap -rules base -model pc105 -option compose:menu
 which sets the menu key in-between the right-ALT and right-CTRL
 keys to a dead-key such that pressing MENUa will produce an
 'a' with umlauts.  There are many other combinations as well.

 You could probably use uim to to switch between a Spanish layout,
 but it might be easier to do that with setxkbmap if you're
 planning on typing in Spanish a lot, and are not just in need of
 an occasional extended-Latin character.  If you'll only
 occasionally need an extended-Latin character, then using a
 dead-key would probably be the easiest route.

 I'd be interested in what other people use for the above tasks as
 well.

 Hope this was helpful!

 --
 Bryan


For spanish I also just map whatever key is more comfortable on
each particular keyboard to dead_acute (for accents) - which is the
most common used, and set a modifier key where I see fit and
declare extra keysyms for those keycodes:

$ cat .Xmodmap
[...]
keycode  10 = 1 exclam exclamdown

keycode  20 = slash question questiondown
keycode  25 = comma less guillemotleft

keycode  26 = period greater guillemotright
keycode  41 = u U udiaeresis Udiaeresis
keycode  46 = n N ntilde Ntilde
keycode  75 = dead_acute
keycode  94 = Mode_switch

[...]
$



Re: Relationship Between VLANs and Physical Interfaces in PF

2014-09-05 Thread Abel Abraham Camarillo Ojeda
On Wed, Aug 6, 2014 at 3:38 PM, Stuart Henderson s...@spacehopper.org wrote:
 1. Don't use different _in and _out names, use syntax like queue foo on em0
 and queue foo on em1. That way you assign packets to the correct queues on
 both interfaces in one step with something like match to port 53 queue fast.
 The queue name is associated with the PF state; packets matching that state
 get assigned to that queue.


Very useful recommendation, thanks.

 1a. Confirm your queue setup by running systat queue (as root) and
 making sure that you see packets assigned to the various queues that you
 have configured.

Is there anyway to monitor set prio queues? my prio statements don't
seem to make
any effect...

 2. In my (admittedly very limited) testing with the new queueing system,
 it hasn't done very well with low bandwidth queues (ADSL type speeds) that
 used to work OK with altq (symptom, packets being assigned to queues as
 expected, but rates not being controlled). Next step in my testing there
 will be to build a kernel with a higher HZ value (faster timer) but
 I haven't got round to that yet.


I've just started using queues today with:

OpenBSD 5.6-current (GENERIC.MP) #364: Thu Sep  4 02:57:22 MDT 2014
t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

on my home ADSL link (6mbps down/700kbps up) and pf seems to be good at
managing queues as small as 100kbps.

Thanks.

regards



Re: foomatic-rip 'f' exited (retcode=9)

2014-08-19 Thread Abel Abraham Camarillo Ojeda
I believe that in later versions foomatic (now called cups-filters)
has deprecated support for lpd.

It still works but you need to create an foomatic wrapper and use it
as if= in printcap, parse lpd options and call the original foomatic-rip
...

I will show you an example of such foomatic-rip wrapper as soon as I
can found it...

On Tue, Aug 19, 2014 at 11:25 PM, Predrag Punosevac
punoseva...@gmail.com wrote:
 I had a simple printcap file for printing using lpd and foomatic-rip for
 about seven years now but since past release it stop working

 predrag@oko$ uname -a
 OpenBSD oko.bagdala2.net 5.6 GENERIC.MP#333 amd64

 lp|HP|HP Photosmart 5250:\
 :lp=3D/dev/ulpt0:\
 :af=3D/etc/foomatic/HP-PhotoSmart_C5200.ppd:\
 :if=3D/usr/local/bin/foomatic-rip:\
 :sh:sd=3D/var/spool/output:\
 :lf=3D/var/log/lpd-errs:

 I am of course in the daemon group and /etc/ulpt0 is owned by daemon
 with permission 664. Spooling directory has correct permission. This is
 the only thing I see in log files

 Aug 19 23:10:16 oko lpd[15224]: lp: filter 'f' exited (retcode=3D9)
 Aug 19 23:10:16 oko lpd[15224]: mail sent to user predrag about job
 stdin on printer lp ((null))
 Aug 19 23:10:16 oko lpd[15224]: lp: job could not be printed
 (cfA002oko.bagdala2.net)

 However /tmp/foomatic-rip-mF6GXB.log is a bit more revealing

 foomatic-rip version 1.0.54 running...
 called with arguments: '-w132', '-l66', '-i0', '-n', 'predrag', '-j',
 'stdin', '-h', 'oko.bagdala2.net', '/etc/foomatic/lpd/lp.ppd'
 No printer definition (option -P name) specified!

 I am getting that even though I replaced my original file with the one
 generated by foomatic-configure utility.

 lp|HP|HP PhotoSmart C5200:\
 :ppdfile=3D/etc/foomatic/lpd/lp.ppd:\
 :sd=3D/var/spool/output/lp:\
 :lf=3D/var/log/lpd-errs:\
 :lp=3D/dev/ulpt0:\
 :if=3D/usr/local/libexec/cups/filter/foomatic-rip:\
 :af=3D/etc/foomatic/lpd/lp.ppd:\
 :sh:\
 :mx#0:

 lp.ppd is just renamed original PPD file which I used for many years. I
 remember there was a way to generate that file from that but I forgot
 how to do it as it was so long time ago.=20

 The above is obviously caused by options passed to foomatic-rip. I also
 dislike the fact that one of the paths involve CUPS.

 Can somebody point to me what am I doing wrong here. I noticed that
 /etc/foomatic is no longer created automatically. Also filter.conf file
 is no longer needed?

 Thanks!
 Predrag



Re: slow qemu openbsd

2014-05-26 Thread Abel Abraham Camarillo Ojeda
On Mon, May 26, 2014 at 10:16 AM, Швецов Михаил mv...@ya.ru wrote:
 Maybe I'm doing something wrong. Please help me.

 I install openbsd 5.5 i386 and qemu-1.7.0 from packages.

 qemu-img create -f qcow2 /vm/qcow2.img 10G

 qemu-system-i386 -name qcow2 -nodefaults -m 512 -hda /mnt/ qcow2.img
 -cdrom /obraz/install55.iso -net nic -net
 tap,ifname=tun1,script=no,downscript=no -boot once=d -display
 vnc=0.0.0.0:1 -monitor vc -vga cirrus

 qemu-img create -f raw /vm/raw.img 10G

 qemu-system-i386 -name raw -nodefaults -m 512 -hda /mnt/raw.img -cdrom
 /obraz/install55.iso -net nic -net
 tap,ifname=tun2,script=no,downscript=no -boot once=d -display
 vnc=0.0.0.0:2 -monitor vc -vga cirrus

 QCOW2 works slower RAW, and RAW works slower host machine. I think that
 disc is the weakest link.

 I try set -hda /dev/rwd3c (disk itself – not system(wd0)) – but nothing
 changed.

 What I may do to work VM QEMU faster???



You could try using virtio in disk and network:

qemu-system-i386 -drive file=$img,if=virtio -net tap -net nic,if=virtio

I have found a measurable improvement using them.



Re: Automatic console locking at system suspend

2014-05-08 Thread Abel Abraham Camarillo Ojeda
You could use tmux, run $ sleep 5; zzz;
then detach from tmux and ^D to logout before system suspends.


On Wed, May 7, 2014 at 8:44 PM, Alessandro DE LAURENZIS 
just22@gmail.com wrote:

 Hi Tristan,

 No, I'm trying to lock the wscons, not an X session...

 Cheers

 On 7 May 2014 22:42:35 CEST, Tristan PILAT tristan.pi...@gmail.com
 wrote:
  On Mon, Apr 21, 2014 at 4:51 PM, Alessandro DE LAURENZIS 
  just22@gmail.com wrote:
 
   Hello,
  
   I google-ed a lot, but it seems that there is no trivial solution
 to
   this point.
  
   I extensively use console (and tmux), ending up with a lot of
   simultaneously open shells; I normally suspend my laptop when I
 leave,
   so it would be a security enhancement to automatically lock all of
 them.
  
 
 
 I advice you to install slock and autolock and then add something like
 for
 example
 exec xautolock -time 10 -locker 'slock'  to your .xinirc or
 .xsession
 --
 Tristan

 --
 Sent from my Android device with K-9 Mail. Please excuse my brevity.



Re: Slow IO on SSD disk

2014-04-18 Thread Abel Abraham Camarillo Ojeda
On Fri, Apr 18, 2014 at 7:55 AM, Paco Esteban p...@onna.be wrote:
 On Fri, 18 Apr 2014, Alexander Hall wrote:



 On April 18, 2014 2:45:33 PM CEST, Paco Esteban p...@onna.be wrote:
 On Fri, 18 Apr 2014, Alexander Hall wrote:
 
 
 
  On April 18, 2014 2:38:08 PM CEST, Paco Esteban p...@onna.be wrote:
  On Fri, 18 Apr 2014, Alexander Hall wrote:
  
  
  
   On April 18, 2014 12:39:16 PM CEST, Paco Esteban p...@onna.be
  wrote:
   Hi all,
   
   I've a Lenovo T400 laptop with a SanDisk 64GB SSD disk.
   It used to have Debian 7 on it (everything working just fine),
 and
  now
   I
   want to use it as my personal laptop with OpenBSD.
   
   I've installed 5.4. Everything is working great (sound, webcam,
 etc)
   but
   disk. I get ~40MB/s writing and reding to and from disk. This
 very
  same
   disk reported 250MB/s reading and 190MB/s writing on debian7.
  
   How did you measure this on openbsd? Copying files? dd?
  
   /Alexander
  
  dd in both OS's. Block size 1MB, count 5k from /dev/zero
  RAM is 4GB on this machine.
 
  Do you use the raw device, e.g. /dev/rsd1c ?
 
  /Alexander
 
 No, I used something like this:
 
 dd if=/dev/zero of=foo.bin bs=1048576 count=5000

 To measure raw disk performance, dd to/from a raw partition (need not be 
 'c') is your friend.

 Others maybe can explain filesystem overhead.

 Will I break things if I dd to raw device /dev/rsd0d (/dev/sd0d is
 mounted on /tmp in my case) ?

 Cheers,

 --
 Paco Esteban.
 GnuPG key: 0x0E1192A4


you need to unmount it first:

# unmount /dev/sd0d;
# dd if=/dev/zero of=/dev/rsd0d bs=1M count=5000



Re: softeaid rebuild very slow

2014-04-13 Thread Abel Abraham Camarillo Ojeda
On Sun, Apr 13, 2014 at 5:22 AM, John Cox jc-open...@uphall.net wrote:
 Hi

 I'm running OpenBSD 5.4 (dmesg below) with softraid in mirror mode.
 One of the drives failed so I replaced it - the first time that RAID
 has actually saved my data as opposed to simply making my life harder!
 Thank you softraid.

 They are 3T drives and it looks like the rebuild is going to take ~5
 days to do.  Is this expected?  Is there any config parameter that I
 should have set up to improve performance?  5 days = ~7MBytes / sec
 and I know the drives can run a lot faster than that.

 Can I reboot the system during the rebuild or if I do will it start at
 the beginning again? I could try it but I'm now about 3 days in and
 don't wish to waste it.

As I've seen in my testing you _can_ reboot/poweroff the machine and
you won't lose rebuild progress.

 Many thanks



Re: Generate hashed rootpw for native ldapd

2014-02-21 Thread Abel Abraham Camarillo Ojeda
try not including newline:

$ echo -n passphrase | openssl dgst -sha1 -binary | openssl enc
-base64 | awk '{print {SHA}$0}'
{SHA}YhAnRDQFLyD8uD4dD0kiBPyxGIQ=
$


On Fri, Feb 21, 2014 at 6:31 AM, Joel Carnat j...@carnat.net wrote:
 Hum, I tried it but it doesn't work.

 I have a slappasswd else where to test. And here's what I get :
 # print passphrase | openssl dgst -sha1 -binary | openssl enc -base64 | awk 
 '{print {SHA}$0}'
 {SHA}ZLvhLmLU88dUQwzfUgsq6IV8ZRE=
 # echo passphrase | openssl dgst -sha1 -binary | openssl enc -base64 | awk 
 '{print {SHA}$0}'
 {SHA}ZLvhLmLU88dUQwzfUgsq6IV8ZRE=
 # slappasswd -h {SHA} -s passphrase
 {SHA}YhAnRDQFLyD8uD4dD0kiBPyxGIQ=

 Using the string generated with slappasswd works.
 Other two don't :(

 Le 21 févr. 2014 à 13:18, Marcus MERIGHI mcmer-open...@tor.at a écrit :

 j...@carnat.net (Joel Carnat), 2014.02.21 (Fri) 12:09 (CET):
 I want to generate a hashed rootpw for native ldapd (on OBSD 5.4).
 I've tried various things like `echo secret | sha256` but I can't 
 authenticate.

 If possible, I'd like not to install openldap-server just to get slappasswd.

 What is the (native) way to generate the SSHA hashed format for rootpw ?

 ``What are {SHA} and {SSHA} passwords and how do I generate them?''
 http://www.openldap.org/faq/data/cache/347.html

 Easiest way there seems to be:

 print passphrase | openssl dgst -sha1 -binary | \
  openssl enc -base64 | awk '{print {SHA}$0}'

 No way to test here...

 Bye, Marcus



Re: how to aggregate a single TCP connection, is posible?

2013-10-02 Thread Abel Abraham Camarillo Ojeda
On Wed, Oct 2, 2013 at 3:58 AM, Stuart Henderson s...@spacehopper.org wrote:
 On 2013/10/01 23:02, Abel Abraham Camarillo Ojeda wrote:
  On Fri, 23 Aug 2013 18:39:29 -0500, Abel Abraham Camarillo Ojeda
  acam...@verlet.org wrote:
  Not yet, will test.
 
  On Thu, Aug 22, 2013 at 7:05 AM, Stuart Henderson s...@spacehopper.org
  wrote:
  On 2013-08-22, Abel Abraham Camarillo Ojeda acam...@verlet.org wrote:
  Is there a way to duplicate the throughput of a single
  TCP connection using two servers having two gigabit NICs?
 
  I have tried using LACP but I cannot get more than
  900MB of throughput...
 
  LACP uses a hash over IP addresses/vlan tags/flowlabel to avoid
  problems
  with out-of-order packet delivery. (Similar for equal-cost multipath).
  Have you tried a roundrobin trunk yet?

 Stuart:

 Trying between two obsd hosts only (no switch) I was able to get
 more than 1000Mb speed testing with tcpbench but only using great
 values for -n option (-n 16)...

 Is there a way to aggregate (reliably) a single TCP connection using an
 LACP capable switch between two OpenBSD hosts?

 I'm using this:

 http://www.amazon.com/Cisco-SG200-26P-Ethernet-Mini-GBIC-SLM2024PT/dp/B004GHMU5Q

 Thanks

 I'm not aware of any LACP implementation on switches which does per-packet
 balancing.

 Even if you hack your kernel so that LACP trunks use round-robin to
 determine the output port (rather than hashes of headers), that is only
 on the link *to* the switch. Once the switch has received a packet,
 it will use its own algorithm to choose the output port.

 Typically the switch will use a hash of ethernet headers i.e. src/dest
 MAC and vlan tags - expensive switches will allow more options but usually
 even then it's no more than src/dest IP and port numbers.

 Even if you can find some way around this, some packets will arrive
 out-of-order which will cause individual TCP flows to slow down, so even
 in that case it's pretty unlikely to really help actual performance.

 It sounds like what you really need here is 10GE kit. Motherboard/NIC
 ports aren't too bad now, but if you want more than 2-4 10GE ports on a
 switch (to mention some of the cheaper options: xgs1910-24, gsm7228s,
 sg500x-24) then the switches start to get rather expensive.


Thanks, I don't really need this, it was just a kind of research...



Re: how to aggregate a single TCP connection, is posible?

2013-10-02 Thread Abel Abraham Camarillo Ojeda
Andy:

This seems interesting, will check later.

thanks.

On Wed, Oct 2, 2013 at 4:07 AM, Andy a...@brandwatch.com wrote:
 Multipath TCP is the only way I know of to truly aggregate a single
 connection across any and all links.

 iOS7 supports Multi-path TCP, Citrix supports it and Amazon EC2 uses it too
 :)
 http://mptcp.info.ucl.ac.be/
 http://perso.uclouvain.be/olivier.bonaventure/blog/html/2013/09/18/mptcp.html

 In their tests the devs managed to get a single TCP connection to run at
 upto 53Gbit across 6 10Bgit links.

 The patch is very simple to apply.

 Andy.


 On Wed 02 Oct 2013 09:58:02 BST, Stuart Henderson wrote:

 On 2013/10/01 23:02, Abel Abraham Camarillo Ojeda wrote:

 On Fri, 23 Aug 2013 18:39:29 -0500, Abel Abraham Camarillo Ojeda
 acam...@verlet.org wrote:

 Not yet, will test.

 On Thu, Aug 22, 2013 at 7:05 AM, Stuart Henderson s...@spacehopper.org
 wrote:

 On 2013-08-22, Abel Abraham Camarillo Ojeda acam...@verlet.org
 wrote:

 Is there a way to duplicate the throughput of a single
 TCP connection using two servers having two gigabit NICs?

 I have tried using LACP but I cannot get more than
 900MB of throughput...


 LACP uses a hash over IP addresses/vlan tags/flowlabel to avoid

 problems

 with out-of-order packet delivery. (Similar for equal-cost multipath).
 Have you tried a roundrobin trunk yet?


 Stuart:

 Trying between two obsd hosts only (no switch) I was able to get
 more than 1000Mb speed testing with tcpbench but only using great
 values for -n option (-n 16)...

 Is there a way to aggregate (reliably) a single TCP connection using an
 LACP capable switch between two OpenBSD hosts?

 I'm using this:


 http://www.amazon.com/Cisco-SG200-26P-Ethernet-Mini-GBIC-SLM2024PT/dp/B004GHMU5Q

 Thanks


 I'm not aware of any LACP implementation on switches which does per-packet
 balancing.

 Even if you hack your kernel so that LACP trunks use round-robin to
 determine the output port (rather than hashes of headers), that is only
 on the link *to* the switch. Once the switch has received a packet,
 it will use its own algorithm to choose the output port.

 Typically the switch will use a hash of ethernet headers i.e. src/dest
 MAC and vlan tags - expensive switches will allow more options but usually
 even then it's no more than src/dest IP and port numbers.

 Even if you can find some way around this, some packets will arrive
 out-of-order which will cause individual TCP flows to slow down, so even
 in that case it's pretty unlikely to really help actual performance.

 It sounds like what you really need here is 10GE kit. Motherboard/NIC
 ports aren't too bad now, but if you want more than 2-4 10GE ports on a
 switch (to mention some of the cheaper options: xgs1910-24, gsm7228s,
 sg500x-24) then the switches start to get rather expensive.



Re: how to aggregate a single TCP connection, is posible?

2013-10-01 Thread Abel Abraham Camarillo Ojeda
 On Fri, 23 Aug 2013 18:39:29 -0500, Abel Abraham Camarillo Ojeda
 acam...@verlet.org wrote:
 Not yet, will test.

 On Thu, Aug 22, 2013 at 7:05 AM, Stuart Henderson s...@spacehopper.org
 wrote:
 On 2013-08-22, Abel Abraham Camarillo Ojeda acam...@verlet.org wrote:
 Is there a way to duplicate the throughput of a single
 TCP connection using two servers having two gigabit NICs?

 I have tried using LACP but I cannot get more than
 900MB of throughput...

 LACP uses a hash over IP addresses/vlan tags/flowlabel to avoid
 problems
 with out-of-order packet delivery. (Similar for equal-cost multipath).
 Have you tried a roundrobin trunk yet?

Stuart:

Trying between two obsd hosts only (no switch) I was able to get
more than 1000Mb speed testing with tcpbench but only using great
values for -n option (-n 16)...

Is there a way to aggregate (reliably) a single TCP connection using an
LACP capable switch between two OpenBSD hosts?

I'm using this:

http://www.amazon.com/Cisco-SG200-26P-Ethernet-Mini-GBIC-SLM2024PT/dp/B004GHMU5Q

Thanks



Re: how to aggregate a single TCP connection, is posible?

2013-08-23 Thread Abel Abraham Camarillo Ojeda
Not yet, will test.

On Thu, Aug 22, 2013 at 7:05 AM, Stuart Henderson s...@spacehopper.org wrote:
 On 2013-08-22, Abel Abraham Camarillo Ojeda acam...@verlet.org wrote:
 Is there a way to duplicate the throughput of a single
 TCP connection using two servers having two gigabit NICs?

 I have tried using LACP but I cannot get more than
 900MB of throughput...

 LACP uses a hash over IP addresses/vlan tags/flowlabel to avoid problems
 with out-of-order packet delivery. (Similar for equal-cost multipath).
 Have you tried a roundrobin trunk yet?



how to aggregate a single TCP connection, is posible?

2013-08-21 Thread Abel Abraham Camarillo Ojeda
Is there a way to duplicate the throughput of a single
TCP connection using two servers having two gigabit NICs?

I have tried using LACP but I cannot get more than
900MB of throughput...

dmesg both servers are equal:

OpenBSD 5.2 (GENERIC.MP) #368: Wed Aug  1 10:04:49 MDT 2012
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 2141519872 (2042MB)
avail mem = 2062200832 (1966MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0x7fb9c000 (64 entries)
bios0: vendor Dell Inc. version 2.0.1 date 10/27/2007
bios0: Dell Inc. PowerEdge 2950
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP APIC SPCR HPET MCFG WDAT SLIC ERST HEST BERT EINJ TCPA
acpi0: wakeup devices PCI0(S5)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1596.16 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,SSSE3,CX16,xTPR,PDCM,DCA,NXE,LONG,LAHF
cpu0: 4MB 64b/line 16-way L2 cache
cpu0: apic clock running at 265MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,SSSE3,CX16,xTPR,PDCM,DCA,NXE,LONG,LAHF
cpu1: 4MB 64b/line 16-way L2 cache
cpu2 at mainbus0: apid 2 (application processor)
cpu2: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,SSSE3,CX16,xTPR,PDCM,DCA,NXE,LONG,LAHF
cpu2: 4MB 64b/line 16-way L2 cache
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,SSSE3,CX16,xTPR,PDCM,DCA,NXE,LONG,LAHF
cpu3: 4MB 64b/line 16-way L2 cache
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 4
ioapic1 at mainbus0: apid 5 pa 0xfec81000, version 20, 24 pins
ioapic1: misconfigured as apic 0, remapped to apid 5
acpihpet0 at acpi0: 14318179 Hz
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 6 (PEX2)
acpiprt2 at acpi0: bus 7 (UPST)
acpiprt3 at acpi0: bus 8 (DWN1)
acpiprt4 at acpi0: bus 10 (DWN2)
acpiprt5 at acpi0: bus 1 (PEX3)
acpiprt6 at acpi0: bus 2 (PE2P)
acpiprt7 at acpi0: bus 12 (PEX4)
acpiprt8 at acpi0: bus 14 (PEX6)
acpiprt9 at acpi0: bus 4 (SBEX)
acpiprt10 at acpi0: bus 16 (COMP)
acpicpu0 at acpi0: C3
acpicpu1 at acpi0: C3
acpicpu2 at acpi0: C3
acpicpu3 at acpi0: C3
ipmi at mainbus0 not configured
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel 5000X Host rev 0x12
ppb0 at pci0 dev 2 function 0 Intel 5000 PCIE rev 0x12
pci1 at ppb0 bus 6
ppb1 at pci1 dev 0 function 0 Intel 6321ESB PCIE rev 0x01
pci2 at ppb1 bus 7
ppb2 at pci2 dev 0 function 0 Intel 6321ESB PCIE rev 0x01
pci3 at ppb2 bus 8
ppb3 at pci3 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc3
pci4 at ppb3 bus 9
bnx0 at pci4 dev 0 function 0 Broadcom BCM5708 rev 0x12: apic 4 int 16
ppb4 at pci2 dev 1 function 0 Intel 6321ESB PCIE rev 0x01: msi
pci5 at ppb4 bus 10
ppb5 at pci1 dev 0 function 3 Intel 6321ESB PCIE-PCIX rev 0x01
pci6 at ppb5 bus 11
ppb6 at pci0 dev 3 function 0 Intel 5000 PCIE rev 0x12
pci7 at ppb6 bus 1
ppb7 at pci7 dev 0 function 0 Intel IOP333 PCIE-PCIX rev 0x00
pci8 at ppb7 bus 2
mfi0 at pci8 dev 14 function 0 Dell PERC 5 rev 0x00: apic 5 int 14, 0x1f031028
mfi0: logical drives 1, version 5.2.1-0067, 256MB RAM
scsibus0 at mfi0: 1 targets
sd0 at scsibus0 targ 0 lun 0: DELL, PERC 5/i, 1.03 SCSI3 0/direct
fixed naa.6001c230daeb98001352781c17f970ff
sd0: 278784MB, 512 bytes/sector, 570949632 sectors
ppb8 at pci7 dev 0 function 2 Intel IOP333 PCIE-PCIX rev 0x00
pci9 at ppb8 bus 3
ppb9 at pci0 dev 4 function 0 Intel 5000 PCIE x8 rev 0x12: msi
pci10 at ppb9 bus 12
ppb10 at pci0 dev 5 function 0 Intel 5000 PCIE rev 0x12
pci11 at ppb10 bus 13
ppb11 at pci0 dev 6 function 0 Intel 5000 PCIE x8 rev 0x12: msi
pci12 at ppb11 bus 14
ppb12 at pci0 dev 7 function 0 Intel 5000 PCIE rev 0x12
pci13 at ppb12 bus 15
Intel I/OAT rev 0x12 at pci0 dev 8 function 0 not configured
pchb1 at pci0 dev 16 function 0 Intel 5000 Error Reporting rev 0x12
pchb2 at pci0 dev 16 function 1 Intel 5000 Error Reporting rev 0x12
pchb3 at pci0 dev 16 function 2 Intel 5000 Error Reporting rev 0x12
pchb4 at pci0 dev 17 function 0 Intel 5000 Reserved rev 0x12
pchb5 at pci0 dev 19 function 0 Intel 5000 Reserved rev 0x12
pchb6 at pci0 dev 21 function 0 Intel 5000 FBD rev 0x12
pchb7 at pci0 dev 22 function 0 Intel 5000 FBD rev 0x12
ppb13 at pci0 dev 28 

Re: snapshots/amd64/SHA256 x*.tgz checksums missing

2013-05-06 Thread Abel Abraham Camarillo Ojeda
search archives

On Mon, May 6, 2013 at 4:19 AM, MERIGHI Marcus mcmer-open...@tor.at wrote:
 Hello,

 my snapshot upgrade procedure just puked at me because it could not find
 a checksum for xbase53.tgz. This is on amd64, dmesg at the end.
 Below is the result of me going through all the archs and looking for
 x*.tgz checksums in the SHA256 files. I do know that this does not make
 sense for some archs because some do not even have x*.tgz file sets.

 alpha yes
 amd64 no
 armish yes
 hp300 no
 hppa no
 i386 no
 landisk yes
 loongson no
 luna88k no
 macppc no
 mvme68k no
 mvme88k no
 octeon yes
 sgi no
 socppc no
 sparc yes
 sparc64 no
 vax yes
 zaurus yes

 Of course I would like to know whether this is by mistake or an intended
 change (current.html does not tell anything about it).

 Bye, Marcus

 OpenBSD 5.3-current (GENERIC.MP) #106: Thu Apr 25 16:37:24 MDT 2013
 t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
 real mem = 3194331136 (3046MB)
 avail mem = 3101650944 (2957MB)
 mainbus0 at root
 bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf68e0 (62 entries)
 bios0: vendor Dell Inc. version A18 date 12/06/2011
 bios0: Dell Inc. Latitude D630
 acpi0 at bios0: rev 2
 acpi0: sleep states S0 S3 S4 S5
 acpi0: tables DSDT FACP HPET APIC ASF! MCFG TCPA SLIC SSDT
 acpi0: wakeup devices PCI0(S5) PCIE(S4) USB1(S0) USB2(S0) USB3(S0) USB4(S0) 
 USB5(S0) EHC2(S0) EHCI(S0) AZAL(S3) RP01(S3) RP02(S4) RP03(S3) RP04(S3) 
 RP05(S3) RP06(S5) LID_(S3) PBTN(S4)
 acpitimer0 at acpi0: 3579545 Hz, 24 bits
 acpihpet0 at acpi0: 14318179 Hz
 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
 cpu0 at mainbus0: apid 0 (boot processor)
 cpu0: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz, 1995.34 MHz
 cpu0: 
 FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF
 cpu0: 2MB 64b/line 8-way L2 cache
 cpu0: apic clock running at 199MHz
 cpu1 at mainbus0: apid 1 (application processor)
 cpu1: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz, 1995.00 MHz
 cpu1: 
 FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF
 cpu1: 2MB 64b/line 8-way L2 cache
 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
 ioapic0: misconfigured as apic 0, remapped to apid 2
 acpimcfg0 at acpi0 addr 0xf800, bus 0-63
 acpiprt0 at acpi0: bus 3 (PCIE)
 acpiprt1 at acpi0: bus -1 (AGP_)
 acpiprt2 at acpi0: bus 11 (RP01)
 acpiprt3 at acpi0: bus 12 (RP02)
 acpiprt4 at acpi0: bus -1 (RP03)
 acpiprt5 at acpi0: bus -1 (RP04)
 acpiprt6 at acpi0: bus -1 (RP05)
 acpiprt7 at acpi0: bus 9 (RP06)
 acpiprt8 at acpi0: bus 0 (PCI0)
 acpicpu0 at acpi0: C3, C2, C1, PSS
 acpicpu1 at acpi0: C3, C2, C1, PSS
 acpitz0 at acpi0: critical temperature is 99 degC
 acpibtn0 at acpi0: LID_
 acpibtn1 at acpi0: PBTN
 acpibtn2 at acpi0: SBTN
 acpiac0 at acpi0: AC unit online
 acpibat0 at acpi0: BAT0 model DELL KP4331 serial 278 type LION oem SMP
 acpibat1 at acpi0: BAT1 not present
 acpidock0 at acpi0: GDCK not docked (0)
 acpivideo0 at acpi0: VID_
 acpivideo1 at acpi0: VID_
 acpivideo2 at acpi0: VID2
 cpu0: Enhanced SpeedStep 1995 MHz: speeds: 2001, 2000, 1600, 1200, 800 MHz
 pci0 at mainbus0 bus 0
 pchb0 at pci0 dev 0 function 0 Intel GM965 Host rev 0x0c
 vga1 at pci0 dev 2 function 0 Intel GM965 Video rev 0x0c
 intagp0 at vga1
 agp0 at intagp0: aperture at 0xe000, size 0x1000
 inteldrm0 at vga1
 drm0 at inteldrm0
 intel_overlay_map_regs partial stub
 inteldrm0: 1440x900
 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
 wsdisplay0: screen 1-5 added (std, vt100 emulation)
 Intel GM965 Video rev 0x0c at pci0 dev 2 function 1 not configured
 uhci0 at pci0 dev 26 function 0 Intel 82801H USB rev 0x02: apic 2 int 20
 uhci1 at pci0 dev 26 function 1 Intel 82801H USB rev 0x02: apic 2 int 21
 ehci0 at pci0 dev 26 function 7 Intel 82801H USB rev 0x02: apic 2 int 22
 usb0 at ehci0: USB revision 2.0
 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
 azalia0 at pci0 dev 27 function 0 Intel 82801H HD Audio rev 0x02: msi
 azalia0: codecs: Sigmatel STAC9205X
 audio0 at azalia0
 ppb0 at pci0 dev 28 function 0 Intel 82801H PCIE rev 0x02: msi
 pci1 at ppb0 bus 11
 ppb1 at pci0 dev 28 function 1 Intel 82801H PCIE rev 0x02: msi
 pci2 at ppb1 bus 12
 wpi0 at pci2 dev 0 function 0 Intel PRO/Wireless 3945ABG rev 0x02: msi, 
 MoW2, address 00:1f:3c:cc:e5:3c
 ppb2 at pci0 dev 28 function 5 Intel 82801H PCIE rev 0x02: msi
 pci3 at ppb2 bus 9
 bge0 at pci3 dev 0 function 0 Broadcom BCM5755M rev 0x02, BCM5755 A2 
 (0xa002): apic 2 int 17, address 00:21:70:d9:e5:ab
 brgphy0 at bge0 phy 1: BCM5755 10/100/1000baseT PHY, rev. 0
 uhci2 at pci0 dev 29 function 0 Intel 82801H USB rev 0x02: apic 2 int 20
 uhci3 at pci0 dev 29 function 1 Intel 82801H USB rev 0x02: apic 2 int 21
 uhci4 at pci0 dev 29 

Re: snapshots/amd64/SHA256 x*.tgz checksums missing

2013-05-06 Thread Abel Abraham Camarillo Ojeda
they aren't too old to care.

On Mon, May 6, 2013 at 5:04 AM, MERIGHI Marcus mcmer-open...@tor.at wrote:
 acam...@verlet.org (Abel Abraham Camarillo Ojeda), 2013.05.06 (Mon) 11:27 
 (CEST):
 search archives

 That's what I call minimalism ;-)

 I did what you told me to in advance and there's only one hit close
 enough to care:

 Alexander Polakov
 snapshots SHA256 mismatch
 2013-05-04 22:00:35
 http://marc.info/?l=openbsd-miscm=136770496915566

 All other hit's for
 ``http://marc.info/?l=openbsd-miscw=2r=1s=snapshotq=b'' or
 ``http://marc.info/?l=openbsd-miscw=2r=1s=sha256q=b'' or
 ``http://marc.info/?l=openbsd-techw=2r=1s=snapshotq=b'' or
 ``http://marc.info/?l=openbsd-techw=2r=1s=sha256q=b'' are to old
 to care. Latest snapshot used by me with alle the checksums in SHA256
 was downloaded 2013-04-28:
 OpenBSD 5.3-current (GENERIC.MP) #106: Thu Apr 25 16:37:24 MDT 2013
 t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

 Alexander's report talks of wrong checksums, /me of missing checksums.
 Therefore:

 A) Maybe you can give me a 2 words pointer?
 B) Read my original message?

 Bye, Marcus

 On Mon, May 6, 2013 at 4:19 AM, MERIGHI Marcus mcmer-open...@tor.at wrote:
  my snapshot upgrade procedure just puked at me because it could not find
  a checksum for xbase53.tgz. This is on amd64, dmesg at the end.
  Below is the result of me going through all the archs and looking for
  x*.tgz checksums in the SHA256 files. I do know that this does not make
  sense for some archs because some do not even have x*.tgz file sets.
 
  alpha yes
  amd64 no
  armish yes
  hp300 no
  hppa no
  i386 no
  landisk yes
  loongson no
  luna88k no
  macppc no
  mvme68k no
  mvme88k no
  octeon yes
  sgi no
  socppc no
  sparc yes
  sparc64 no
  vax yes
  zaurus yes
 
  Of course I would like to know whether this is by mistake or an intended
  change (current.html does not tell anything about it).
 
  Bye, Marcus
 
  OpenBSD 5.3-current (GENERIC.MP) #106: Thu Apr 25 16:37:24 MDT 2013
  t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
  real mem = 3194331136 (3046MB)
  avail mem = 3101650944 (2957MB)
  mainbus0 at root
  bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf68e0 (62 entries)
  bios0: vendor Dell Inc. version A18 date 12/06/2011
  bios0: Dell Inc. Latitude D630
  acpi0 at bios0: rev 2
  acpi0: sleep states S0 S3 S4 S5
  acpi0: tables DSDT FACP HPET APIC ASF! MCFG TCPA SLIC SSDT
  acpi0: wakeup devices PCI0(S5) PCIE(S4) USB1(S0) USB2(S0) USB3(S0) 
  USB4(S0) USB5(S0) EHC2(S0) EHCI(S0) AZAL(S3) RP01(S3) RP02(S4) RP03(S3) 
  RP04(S3) RP05(S3) RP06(S5) LID_(S3) PBTN(S4)
  acpitimer0 at acpi0: 3579545 Hz, 24 bits
  acpihpet0 at acpi0: 14318179 Hz
  acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
  cpu0 at mainbus0: apid 0 (boot processor)
  cpu0: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz, 1995.34 MHz
  cpu0: 
  FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF
  cpu0: 2MB 64b/line 8-way L2 cache
  cpu0: apic clock running at 199MHz
  cpu1 at mainbus0: apid 1 (application processor)
  cpu1: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz, 1995.00 MHz
  cpu1: 
  FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF
  cpu1: 2MB 64b/line 8-way L2 cache
  ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
  ioapic0: misconfigured as apic 0, remapped to apid 2
  acpimcfg0 at acpi0 addr 0xf800, bus 0-63
  acpiprt0 at acpi0: bus 3 (PCIE)
  acpiprt1 at acpi0: bus -1 (AGP_)
  acpiprt2 at acpi0: bus 11 (RP01)
  acpiprt3 at acpi0: bus 12 (RP02)
  acpiprt4 at acpi0: bus -1 (RP03)
  acpiprt5 at acpi0: bus -1 (RP04)
  acpiprt6 at acpi0: bus -1 (RP05)
  acpiprt7 at acpi0: bus 9 (RP06)
  acpiprt8 at acpi0: bus 0 (PCI0)
  acpicpu0 at acpi0: C3, C2, C1, PSS
  acpicpu1 at acpi0: C3, C2, C1, PSS
  acpitz0 at acpi0: critical temperature is 99 degC
  acpibtn0 at acpi0: LID_
  acpibtn1 at acpi0: PBTN
  acpibtn2 at acpi0: SBTN
  acpiac0 at acpi0: AC unit online
  acpibat0 at acpi0: BAT0 model DELL KP4331 serial 278 type LION oem SMP
  acpibat1 at acpi0: BAT1 not present
  acpidock0 at acpi0: GDCK not docked (0)
  acpivideo0 at acpi0: VID_
  acpivideo1 at acpi0: VID_
  acpivideo2 at acpi0: VID2
  cpu0: Enhanced SpeedStep 1995 MHz: speeds: 2001, 2000, 1600, 1200, 800 MHz
  pci0 at mainbus0 bus 0
  pchb0 at pci0 dev 0 function 0 Intel GM965 Host rev 0x0c
  vga1 at pci0 dev 2 function 0 Intel GM965 Video rev 0x0c
  intagp0 at vga1
  agp0 at intagp0: aperture at 0xe000, size 0x1000
  inteldrm0 at vga1
  drm0 at inteldrm0
  intel_overlay_map_regs partial stub
  inteldrm0: 1440x900
  wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
  wsdisplay0: screen 1-5 added (std, vt100 emulation)
  Intel GM965 Video rev

Re: FAQ - Disk Imaging

2013-04-16 Thread Abel Abraham Camarillo Ojeda
I have worked with clonezilla cloning OpenBSD filesystems using
its UFS support, but there are some problems concerning disklabel
creation, what I did, if I remember correctly was creating a dd
image from the first MB (or so of the disk) which when dumped will
create the partition table and disklabel on the disk, then, with
the label created you need to restore partitions on an specific order,
though, first sda1, then sda2, sda3, sda4, sda5, sda6 (if you have more than
10 labels) I don't remember why... (but I remember that it has a bug where
it would try to restore sda10, sda11, sda1, sda2, sda3, sda4...)

I hope this is useful...

On Tue, Apr 16, 2013 at 4:21 AM, Kevin Chadwick ma1l1i...@yahoo.co.uk wrote:
 I'll try it and let you know.

 Well I did a very quick test into memory at first (whilst doing
 something else at the same time) and it seemed to talk about ufs
 filesystem usage and I was very surprised. I then tried some more
 comprehensive tests and only found dd usage.

 I'll retry what I did initially and report if it is FFS-aware.
 if you hear no more then take it that it only uses dd.

 --
 ___

 'Write programs that do one thing and do it well. Write programs to work
 together. Write programs to handle text streams, because that is a
 universal interface'

 (Doug McIlroy)
 ___



Re: ssh tunneling with -D option

2012-07-18 Thread Abel Abraham Camarillo Ojeda
On Wed, Jul 18, 2012 at 5:12 PM, Paolo Aglialoro paol...@gmail.com wrote:
 Hello,

 I'm trying to use a remote obsd box as a socks proxy through ssh.
 Both local and remote are 5.1-release.

 After reading man pages, I specified in local ssh_config:
 Tunnel yes

 and, also, in remote sshd_config:
 AllowTcpForwarding yes
 PermitTunnel yes

 So, I basically establish a session like this:
 # ssh -p remote_sshd_port -D 12345 user@mysshdserver

 and then, on local machine, I go with:
 # http_proxy=http://127.0.0.1:12345/; lynx google.com

 Lynx makes HTTP connection to 127.0.0.1:12345 and then sends HTTP request;
 the comes Alert! Unexpected network read error; connection aborted.

 Using my local machine as the sshd server does not change the effect.
 Also tried throwing in a linux box in the battlefield, but results are the
 same.
 Where is my mistake?

 Thanks for your advice!


those are socks proxies, not http proxies, try something like dsocks...



Re: ssh tunneling with -D option

2012-07-18 Thread Abel Abraham Camarillo Ojeda
with firefox you go to preferences - use socks proxy 127.0.0.1 port 1080
or something like that.

On Wed, Jul 18, 2012 at 6:07 PM, Paolo Aglialoro paol...@gmail.com wrote:
 @Abel

 I've had a look at dsocks page, the instructions are kinda criptic but
 just did something this way:

 # ssh -D 1080 user@sshdhost
 # dsocks.sh lynx google.com

 it looks like working (yeaah!!! great piece of advice, mate!!!) but
 also produces lotsa garbage on the screen bottom like:

 lynx: (dsocks4) error reading reply: Connection refused
 (even if, eventually, I get connection and the desired page)

 Issuing the following:
 # dsocks.sh lynx google.com 21 /dev/null

 does not get rid of those messages. Maybe something wrong with v4/v5???


 @Alex

 So it looks I've been misled by the many people on internet who claim they
 can use firefox establishing a ssh -D connection before. Actually I tried
 to configure both firefox and netsurf but just had no results.

 So, can I use ssh to proxy my http without dsocks or not?




 On Thu, Jul 19, 2012 at 12:47 AM, m...@extensibl.com wrote:

 Hi Paolo,

  http_proxy=http://127.0.0.1:12345/; lynx google.com
 AFAIK, you should test SOCKS proxy, not HTTP.

 Regards,
 Alex



Re: chromium can't start since two snapshots

2012-05-19 Thread Abel Abraham Camarillo Ojeda
On Sat, May 19, 2012 at 4:01 AM, Antoine Jacoutot ajacou...@bsdfrog.org
wrote:
 On Sat, May 19, 2012 at 10:53:39AM +0200, cbrisseau wrote:
 Hi,

 Since two packages snapshots, I can't start chromium anymore. I have
 installed latest amd64 snapshot from May 17, and latest packages
 snapshot from May 16.

 When starting chromium I have:
 $ chrome
 /usr/local/chrome/chrome:/usr/lib/libstdc++.so.54.0:
 /usr/local/lib/libestdc++.so.14.0 : WARNING:
 symbol(_ZN11__gnu_debug17_S_debug_messagesE) size mismatch, relink
 your program
 terminate called after throwing an instance of 'std::logic_error'
 B  what(): B basic_string::_S_construct null not valid
 zsh: abort (core dumped) B chrome


 Is it a known problem or my mistake?

 rm ~/.config/chromium/SingletonLock

 --
 Antoine


voodoo, it works...



Re: Where's my bandwidth going?

2012-05-04 Thread Abel Abraham Camarillo Ojeda
and fstat(1)...

On Fri, May 4, 2012 at 7:10 AM, Stuart Henderson s...@spacehopper.org wrote:
 The request was specifically for pids...

 On 2012-05-04, Abel Abraham Camarillo Ojeda acam...@verlet.org wrote:
 I use pktstat from ports...

 On Thu, May 3, 2012 at 11:34 PM, Chris Cappuccio ch...@nmedia.net wrote:
 The suggestion on this thread are interesting. But tcpdump -n is pretty
 manageable over a modem link and shows you exactly what you want to know,
not
 just a summary of it.

 Alan Corey [ab...@devio.us] wrote:
 I'm on a modem, so there's only about 3 K/sec anyway, but is there
 anything that'll show me at least pids of what's using bandwidth?
 I've learned to close Firefox and even mc sessions I'm not using,
 and I'm watching a wget download and pftop and netstat -b -I tun0
 -w 1.

 I've got it under control right now by shutting off my wireless
 access point because my Kindle Fire was talking to s3.amazonaws.com.
 Poking around in userland ppp sources I see something called
 netgraph. B How do I use that and what does it do?

 B B Alan

 --
 Keep them laughing half the time, scared of you the other half. And
always
 keep them guessing. -- Clair George



Re: Where's my bandwidth going?

2012-05-03 Thread Abel Abraham Camarillo Ojeda
I use pktstat from ports...

On Thu, May 3, 2012 at 11:34 PM, Chris Cappuccio ch...@nmedia.net wrote:
 The suggestion on this thread are interesting. But tcpdump -n is pretty
manageable over a modem link and shows you exactly what you want to know, not
just a summary of it.

 Alan Corey [ab...@devio.us] wrote:
 I'm on a modem, so there's only about 3 K/sec anyway, but is there
 anything that'll show me at least pids of what's using bandwidth?
 I've learned to close Firefox and even mc sessions I'm not using,
 and I'm watching a wget download and pftop and netstat -b -I tun0
 -w 1.

 I've got it under control right now by shutting off my wireless
 access point because my Kindle Fire was talking to s3.amazonaws.com.
 Poking around in userland ppp sources I see something called
 netgraph. B How do I use that and what does it do?

 B  Alan

 --
 Keep them laughing half the time, scared of you the other half. And always
keep them guessing. -- Clair George



Re: Question on LPD and OpenBSD printing

2012-04-05 Thread Abel Abraham Camarillo Ojeda
On Thu, Apr 5, 2012 at 3:39 AM, Jan Stary h...@stare.cz wrote:
 On Apr 05 05:19:18, Girish Venkatachalam wrote:
 On Thu, Apr 5, 2012 at 4:46 AM, Jan Stary h...@stare.cz wrote:
 
  Nothing.
 
  Then something else is broken.
 
  Run lpd with -l to make sure that the print job
  at least made it to lpd as a request.
 

 If the queue clears that is what it means right? It does make it.

 I will also take a stab at the -l switch.

 What I mean is that with lpd -l, there will be an entry in the
 log saying there was a rint job requested; which you say is
 not there now, so we are not sure that pd even knows about your
 printjob.

  You do actually have the foomatic* packages installed, right?
  You did not just blindly copy the ':if=/usr/local/bin/foomatic-rip:'
  line, right?
 

 But of course yes. If you install hpijs it is installed as a dependency.

 -Girish

 --
 G3 Tech
 Networking appliance company
 web: http://g3tech.in B mail: gir...@g3tech.in


It's also useful if you use:

debug: 1

in your  /etc/foomatic/filter.conf, next:

$ lpr file.ps;

and then check:

# cat /tmp/foomatic*



Re: openbsd / ipsec / hardware

2012-04-02 Thread Abel Abraham Camarillo Ojeda
On Mon, Apr 2, 2012 at 5:02 PM, Stuart Henderson s...@spacehopper.org wrote:
 On 2012-04-02, Dewey Hylton dewey.hyl...@gmail.com wrote:
From: Stuart Henderson stu at spacehopper.org
Subject: Re: openbsd / ipsec / hardware
Newsgroups: gmane.os.openbsd.misc
Date: 2012-03-31 21:39:14 GMT (1 day, 22 hours and 53 minutes ago)
On 2012-03-30, Dewey Hylton dewey.hylton at gmail.com wrote:
 i'm getting ready to implement a few new site-to-site vpns using
 openbsd, and am on the hunt for appropriate hardware. i have several
 alix (geode) and lanner (intel atom) boxes working wonderfully as
 firewalls and routers, but neither type are able to provide enough
 throughput when ipsec is added to their roles.

 the lanner boxes can't accept add-in cards. the alix can accept
 a minipci, and i know that soekris makes a crypto accelerator (hifn?)
 that may help - but i'm not sure that'll be enough oompf either.
 our site-to-site link will provide up to 20Mbps, but the lanner box
 is topping out at 3.3Mbps with ipsec and the alix is at 1.5Mbps.

This seems a bit on the low side. How are you testing throughput?

 i'm using a simple scp of a 100MB file. scp reports its transmission
 speed. and i'm comparing the same transmission of the same file between
 the same two hosts with and without vpn encryption. it may not be
 the best or most accurate measurement, but i believe it gives me the
 information i'm looking for.

 Sorry, this is a horrible way to measure connection speed.
 Plain ftp would be better, but something that doesn't also measure
 disk throughput would be better still (tcpbench, iperf etc).

 Also if you're testing from the router itself note that results
 when testing from another machine which connects through the router
 are likely to be very different.


is nc okay for this kind of measurements?



Re: ath driver returns “unable to reset hardware” when attempting to use Atheros AR5424 on 5.0-stable

2012-02-19 Thread Abel Abraham Camarillo Ojeda
On Sun, Feb 19, 2012 at 4:31 PM, Christopher Down
christopher.d...@iofc.org wrote:

 I have read conflicting reports about OpenBSD's support for this chip.
 If it is not supported (yet), is there a practical way for me to help
 (bearing in mind that I am not experienced with driver programming on
 OpenBSD at this point in time)? Otherwise, is there some other
 solution other than having to resort to buying a new card to put in
 the machine?

 Thanks,

 Christopher Down


It's unsupported, I had one, trashed it, and bought a new card...



Is anyone able to use subtitleeditor?

2012-02-18 Thread Abel Abraham Camarillo Ojeda
When I tell it to open any video I get this:

Media file could not be played.
Failed to create a GStreamer textoverlay (textoverlay). Please check
your GStreamer installation.

$ pkg_info -S subtitleeditor
Information for inst:subtitleeditor-0.37.1p2

Signature:
subtitleeditor-0.37.1p2,GL.12.0,X11.15.0,Xau.9.0,Xcomposite.3.0,Xcursor.4.0,X
damage.3.1,Xdmcp.10.0,Xext.12.0,Xfixes.5.1,Xi.11.0,Xinerama.5.0,Xrandr.6.1,Xr
ender.5.0,Xxf86vm.5.0,atk-1.0.2801.0,atkmm-1.6.10.0,c.62.0,cairo.11.1,cairomm
-1.0.5.0,desktop-file-utils-0.19,drm.2.6,enchant-1.6.0p0,enchant.6.1,expat.9.
0,fontconfig.7.0,freetype.18.1,gdk-x11-2.0.2400.0,gdk_pixbuf-2.0.2200.1,gdkmm
-2.4.11.0,gettext-0.18.1p0,gio-2.0.2992.0,giomm-2.4.11.0,glib-2.0.2992.0,glib
mm-2.4.11.0,gmodule-2.0.2992.0,gobject-2.0.2992.0,gstaudio-0.10.2.5,gstbase-0
.10.2.4,gstcdda-0.10.2.5,gstcontroller-0.10.3.4,gstdataprotocol-0.10.2.4,gsti
nterfaces-0.10.2.5,gstnet-0.10.2.4,gstnetbuffer-0.10.2.5,gstpbutils-0.10.2.5,
gstreamer-0.10.2.4,gstreamer-plugins-base-0.10.35p1,gstreamer-plugins-good-0.
10.30p2v0,gstreamermm-0.10.1.0,gstreamermm-0.10.10,gstrtp-0.10.2.5,gsttag-0.1
0.2.5,gstvideo-0.10.2.5,gthread-2.0.2992.0,gtk-update-icon-cache-2.24.8,gtk-x
11-2.0.2400.0,gtk2mm-2.24.2p0,gtkmm-2.4.11.0,iconv.6.0,intl.5.0,iso-codes-3.2
8,libiconv-1.14,m.7.0,pango-1.0.2903.0,pangocairo-1.0.2903.0,pangoft2-1.0.290
3.0,pangomm-1.4.10.0,pcre-8.21,pcre.2.5,pixman-1.22.2,png.13.0,pthread-stubs.
1.0,pthread.13.3,sigc-2.0.2.0,stdc++.54.0,xcb-render.0.0,xcb-shm.0.0,xcb.2.2,
xml++-2.6.1.0,xml2.12.0,z.4.1

$ subtitleeditor
(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **: gst_element_register:
assertion `g_type_is_a (type, GST_TYPE_ELEMENT)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **: gst_element_register:
assertion `g_type_is_a (type, GST_TYPE_ELEMENT)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **: gst_element_register:
assertion `g_type_is_a (type, GST_TYPE_ELEMENT)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **: gst_element_register:
assertion `g_type_is_a (type, GST_TYPE_ELEMENT)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **: gst_element_register:
assertion `g_type_is_a (type, GST_TYPE_ELEMENT)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **:
gst_element_factory_get_element_type: assertion
`GST_IS_ELEMENT_FACTORY (factory)' failed

(subtitleeditor:29100): GLib-GObject-CRITICAL **: g_object_unref:
assertion `G_IS_OBJECT (object)' failed

(subtitleeditor:29100): GStreamer-CRITICAL **: gst_element_register:
assertion `g_type_is_a (type, 

Re: /dev/srandom vs. /dev/arandom

2011-10-18 Thread Abel Abraham Camarillo Ojeda
On Tue, Oct 18, 2011 at 3:55 PM, James Hozier guitars...@yahoo.com wrote:
 From: Paul D. Ouderkirk p...@ouderkirk.ca
 Subject: Re: /dev/srandom vs.
 /dev/arandom
 To: Theo de Raadt dera...@cvs.openbsd.org
 Cc: James
 Hozier guitars...@yahoo.com, misc@openbsd.org
 Date: Tuesday, October 18,
 2011, 5:41 PM
 On Tue, Oct 18, 2011 at 12:20 PM,
 Theo de Raadt
 dera...@cvs.openbsd.org
 wrote:
  In any case, I'm
  getting just
 under 600KB/s on average with
 /dev/random. This is on a rather
  old
 machine, so I guess it's not too bad.
 
  I am getting 9MB/sec on a zaurus
 (416 MHz xscale
 arm).

 Just so everyone is on the same page, how are you
 measuring
 that? B dd
 if=/dev/random of=/dev/null ?

 
  If my math is
 right, you would see 600KB/sec on a 10
 MHz Xeon.
 
  Yes, I said MHz.


 

 --
 --
 Paul D. Ouderkirk
 Senior
 UNIX System Administrator
 p...@ouderkirk.ca
 --
 laughing,
 in the mechanism
 -- William Gibson



 On /dev/null as
 opposed to my hard drive, I do get 600MB/s though.



Strange...



Re: Dennis Ritchie

2011-10-13 Thread Abel Abraham Camarillo Ojeda
2011/10/13 Donald Reichert silvershadow...@gmx.de:
  Original-Nachricht 
 Datum: Thu, 13 Oct 2011 12:14:20 +0200
 Von: David Coppa dco...@gmail.com
 An: misc@openbsd.org
 Betreff: Dennis Ritchie

 Today is a sad sad day :(

 Rest in Peace.
 Without you, we would never be here.

 Cheers,
 David

 He died last weekend. RIP.

 #include stdio.h

 int main()
 {
 printf(goodbye, dad\n);
 return 0;
 }
 --
 Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
 belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de



:(



Re: no packages for amd64 snapshot

2011-09-22 Thread Abel Abraham Camarillo Ojeda
On Thu, Sep 22, 2011 at 7:53 PM, LeviaComm Networks n...@leviacomm.net wrote:

 The only way I see to move forward would be to either downgrade to 4.9 or
 compile the damned packages myself.


Which would be faster than complaining.



Re: ksh: bad number (with leading zeroes) should not work for 0 - 7

2011-09-15 Thread Abel Abraham Camarillo Ojeda
On Thu, Sep 15, 2011 at 4:19 PM, Pascal Stumpf pascal.stu...@cubes.de wrote:
 On Thu, Sep 15, 2011 at 12:06:14PM +, Thorsten Glaser wrote:
 Abel Abraham Camarillo Ojeda acamari at verlet.org writes:

  Some of our shell scripts that work with dates and do something like:
 
  month=`date +%m`
  something  month=$((month-1))

 month=10#$(date +%m)

 Is that a mkshism?


 The easiest solution here is:

 typeset -Z2 month



Yep, I did that in some scripts, just
don't know how portable it is...



Re: ksh: bad number (with leading zeroes) should not work for 0 - 7

2011-09-15 Thread Abel Abraham Camarillo Ojeda
On Thu, Sep 15, 2011 at 4:58 PM, Thorsten Glaser t...@mirbsd.de wrote:
 Abel Abraham Camarillo Ojeda dixit:

On Thu, Sep 15, 2011 at 4:19 PM, Pascal Stumpf pascal.stu...@cubes.de wrote:

 month=10#$(date +%m)

 Is that a mkshism?

 No, that's proper Korn shell.

 The easiest solution here is:

 typeset -Z2 month

 That can break as soon as month is made an integer someplace down.
 Padding is meant for output, not input.

Yep, I did that in some scripts, just
don't know how portable it is...

 tg@stinky:~ $ /bin/ksh -c 'i=10#08; print $((i)) $(uname -a)'
 8 SunOS stinky 5.8 Generic_117350-61 sun4u sparc SUNW,Sun-Fire-V210 Solaris

 So, portable across all Korn shells.

 bye,
 //mirabilos
 --
 FWIW, I'm quite impressed with mksh interactively. I thought it was much
 *much* more bare bones. But it turns out it beats the living hell out of
 ksh93 in that respect. I'd even consider it for my daily use if I hadn't
 wasted half my life on my zsh setup. :-) -- Frank Terbeck in #!/bin/mksh


I meant portable among other shells, or bourne shell...



Re: ksh: bad number (with leading zeroes) should not work for 0 - 7

2011-09-15 Thread Abel Abraham Camarillo Ojeda
On Thu, Sep 15, 2011 at 5:46 PM, Thorsten Glaser t...@mirbsd.de wrote:
 Abel Abraham Camarillo Ojeda dixit:

I meant portable among other shells, or bourne shell...

 They donbt have $((b)) either, sob

 bye,
 //mirabilos
 --
 Yay for having to rewrite other people's Bash scripts because bash
 suddenly stopped supporting the bash extensions they make use of
 B  B  B  B -- Tonnerre Lombard in #nosec


I was talking about portability of typeset -Z2...



ksh: bad number (with leading zeroes) should not work for 0 - 7

2011-09-12 Thread Abel Abraham Camarillo Ojeda
Some of our shell scripts that work with dates and do something like:

month=`date +%m`
something  month=$((month-1))

Suddenly started crashing on august... there seems to be a bug identifying
not-numbers (numbers with leading zeroes) before '08' (eigth), how to reproduce:

$ for i in 0{0,1,2,3,4,5,6,7,8,9}; do a=$i; a=$((a-1)); echo $a; done
-1
0
1
2
3
4
5
6
ksh: 08: bad number `08'
$


Thanks.



Re: ksh: bad number (with leading zeroes) should not work for 0 - 7

2011-09-12 Thread Abel Abraham Camarillo Ojeda
On Mon, Sep 12, 2011 at 5:08 PM, Tobias Ulmer tobi...@tmux.org wrote:

 Fix your script, add the leading zero after you're done with the
 calculation.


I'm already doing that, just wasn't sure if it was a bug...

Thanks.



Re: Firefox 6

2011-09-06 Thread Abel Abraham Camarillo Ojeda
On Tue, Sep 6, 2011 at 6:20 PM, Amit Kulkarni amitk...@gmail.com wrote:
 B  Without having an endless crab session about Firefox, I'd like to
 know if Firefox 6 seems any better for you. B  Firefox 4+ seems to
 not just leak memory, but hemorrhage it. B In 5 I routinely hit the
 2G data limit. B FF6 is better in this regard it seems, but freezes
 the system in fits of reallocing memory, freezing OpenBSD for
 seconds at a time.

 FF 3.6.xx seemed much better to me.

 Are others seeing FF6 as not much better? B I see Landry just
 committed 6.0.2 so I'm going to try that, but I don't have a lot of
 hope.


 try FF7 b4 from his git repo
 http://rhaalovely.net/cgit/mozilla-firefox/commit/?h=beta

 FF7 is the first FF release which pays serious attention to those
 memory bugs, so it might help you. takes about 2-4 hrs to compile on
 amd64.



2-4 hrs to build? When it finishes compiling there will be already firefox 8!



Re: What should I do with a remote AIX machine if I accidentally chmod /usr/bin/ksh?

2011-08-30 Thread Abel Abraham Camarillo Ojeda
On Tue, Aug 30, 2011 at 6:41 PM, Marcos Ariel Laufer
mar...@ipversion4.com wrote:
 .. and , maybe, just maybe, the help he gets could be the 'miracle' he
 needs to consider OpenBSD his OS of choice..



The miracle he needs to be _converted_, because he will think that here are a
bunch of guys with nothing to do.

We don't need to go there evangelizing.



Re: xpdf slow

2011-08-24 Thread Abel Abraham Camarillo Ojeda
On Wed, Aug 24, 2011 at 7:09 AM, igor denisov saufe...@gmail.com wrote:
 Hello there,

 May someone help me with the following.

 My xpdf is very slow on pdf files from www.archive.org.
 pdf is attached.

 xpdfrc

 #

 #- display fonts

 # These map the Base-14 fonts to the Type 1 fonts that ship with
 # ghostscript. B You'll almost certainly want to use something like
 # this, but you'll need to adjust this to point to wherever
 # ghostscript is installed on your system. B (But if the fonts are
 # installed in a standard location, xpdf will find them
 # automatically.)

 displayFontT1 B  B  B  B  B  B  B  B  B  B  B  B  B 
/usr/X11R6/lib/X11/fonts/misc/
 displayFontT1 B  B  B  B  B  B  B  B  B  B  B  B  B 
/usr/X11R6/lib/X11/fonts/75dpi/:unscaled
 displayFontT1
 /usr/X11R6/lib/X11/fonts/100dpi/:unscaled
 displayFontT1 Times-Roman
 /usr/local/share/ghostscript/fonts/n021003l.pfb
 displayFontT1 Times-Italic
 /usr/local/share/ghostscript/fonts/n021023l.pfb
 displayFontT1 Times-Bold
 /usr/local/share/ghostscript/fonts/n021004l.pfb
 displayFontT1 Times-BoldItalic
 /usr/local/share/ghostscript/fonts/n021024l.pfb
 displayFontT1 Helvetica
 /usr/local/share/ghostscript/fonts/n019003l.pfb
 displayFontT1 Helvetica-Oblique
 /usr/local/share/ghostscript/fonts/n019023l.pfb
 displayFontT1 Helvetica
 /usr/local/share/ghostscript/fonts/n019003l.pfb
 displayFontT1 Helvetica-Oblique
 /usr/local/share/ghostscript/fonts/n019023l.pfb
 displayFontT1 Helvetica-Bold
 /usr/local/share/ghostscript/fonts/n019004l.pfb
 displayFontT1 Helvetica-BoldOblique
 /usr/local/share/ghostscript/fonts/n019024l.pfb
 displayFontT1 Courier
 /usr/local/share/ghostscript/fonts/n022003l.pfb
 displayFontT1 Courier-Oblique
 /usr/local/share/ghostscript/fonts/n022023l.pfb
 displayFontT1 Courier-Bold
 /usr/local/share/ghostscript/fonts/n022004l.pfb
 displayFontT1 Courier-BoldOblique
 /usr/local/share/ghostscript/fonts/n022024l.pfb
 displayFontT1 Symbol
 /usr/local/share/ghostscript/fonts/s05l.pfb
 displayFontT1 ZapfDingbats
 /usr/local/share/ghostscript/fonts/d05l.pfb
 displayFontT1 B  B  B  B  B  B  B  B  B  B  B  B  B 
/usr/X11R6/lib/X11/fonts/Type1/

 # If you need to display PDF files that refer to non-embedded fonts,
 # you should add one or more fontDir options to point to the
 # directories containing the font files. B Xpdf will only look at .pfa,
 # .pfb, and .ttf files in those directories (other files will simply
 # be ignored).

 #fontDir B  B  B  B  B  B  B  B /usr/local/fonts/bakoma

 [demime 1.01d removed an attachment of type application/pdf which had a name
of appliedgeophysic00rast.pdf]



xpdf is always slow :P

unrelated: have you tried zathura?, it's in ports, it seems a whole lot
faster
to me...



Re: Can command-line options be specified in any place?

2011-06-21 Thread Abel Abraham Camarillo Ojeda
On Tue, Jun 21, 2011 at 6:39 PM,  vadi...@gmail.com wrote:
 Hi,

 I'm considering migrating my desktop from Linux to OpenBSD but the
 main feature that
 kept me away from *BSD world for over a decade since I've first tried
 FreeBSD was the
 one that options must only be specified after command before any
 arguments. (At least
 that is true for basic commands). For example on Linux a command

 B ls -l foo -h

 will print the foo's size with suffix (K, M, G, etc.). On *BSD
 (including Mac OS X) I get error
 message:

 B ls: -h: No such file or directory

 Is there an easy way to get the desired behavior on OpenBSD? If that
 can only be achieved
 by patching system's sources is there a standard way to maintain my
 personal set of
 patches so that they will be automatically applied every time I upgrade
system?

 Best regards,
 Vadim.



It would be more useful to fix your scripts...



Re: 64bit (or better) memory reads in i386

2011-06-12 Thread Abel Abraham Camarillo Ojeda
Asking on a mailing list is easier than doing testing... it seems...

On Sun, Jun 12, 2011 at 1:27 AM, Giridhari giridh...@live.com.au wrote:
 Further, can you tell me what the cp and cpio commands would be like- will
 they take advantage of 64 or 128bit memory reads and writes?

 -Original Message- From: Otto Moerbeek
 Sent: Sunday, June 12, 2011 3:37 PM
 To: Giridhari
 Cc: misc@openbsd.org
 Subject: Re: 64bit (or better) memory reads in i386

 On Sun, Jun 12, 2011 at 03:35:00PM +0930, Giridhari wrote:

 Thankyou for the prompt reply.

 Excuse me please, I made a mistake. I meant 64bit Intel hardware.

 Intel makes loads of processors doing just that.

 -Original Message- From: Matthew Dempsky Sent: Sunday, June
 12, 2011 3:25 PM To: Giridhari Cc: misc@openbsd.org Subject: Re:
 64bit (or better) memory reads in i386

 On Sat, Jun 11, 2011 at 10:55 PM, Giridhari giridh...@live.com.au wrote:
 Is there much activity in porting OpenBSD to x64 architecture?

 http://www.openbsd.org/amd64.html



Re: updating netbook bios

2011-06-11 Thread Abel Abraham Camarillo Ojeda
On Sat, Jun 11, 2011 at 1:58 AM, patrick keshishian pkesh...@gmail.com
wrote:
 On Fri, Jun 10, 2011 at 11:42 PM, Robert info...@die-optimisten.net
wrote:
 Hi,

 you can create a bootable USB stick with FreeDOS:
 http://sourceforge.net/apps/mediawiki/freedos/index.php?title=USB

 earlier today I did look at freedos option. But I couldn't find info
 on their site on whether or not it would see the USB stick after
 booting off one of their ISO images.

 The link you provide is more promising as I can place the bios update
 image on the usb stick along with the bootable freedos image. But
 those steps require either a Linux or a Winblows box. Will have to
 wait 'til I get to the office on Monday.

 Thanks,
 --patrick



 I use it for BIOS updates and it works fine.

 kind regards,
 Robert


 On Fri, 10 Jun 2011 23:23:55 -0700
 patrick keshishian pkesh...@gmail.com wrote:

 On Fri, Jun 10, 2011 at 10:52 PM, Francois Pussault
 fpussa...@contactoffice.fr wrote:
  hi,

 Thanks for the quick reply.


  as far the usb stick is OK, you may put exe on its root directory
  then as you boot from CD,  see USBstick it will be unable to reject
it.

 OK. I copied the windows exe file to root dir of the USB stick. Still
 no go. The error message is:

 The command is not recognized B Type HELP for a list of supported
 commands

  if possible use a fat32 B or vfat format on B the USBstick

 Hmm.. currently it USB stick is 06 DOS  32MB format. I'll see if I
 can find another spare one to reformat with fat32 (0x0b).

  to disable file permitions check.

 How does one do this?

 --patrick


  I hop it can work like that
 
 
  
  From: patrick keshishian pkesh...@gmail.com
  Sent: Sat Jun 11 07:45:02 CEST 2011
  To: misc misc@openbsd.org
  Subject: updating netbook bios
 
 
  So I have this gateway lt31 (someshit) netbook that hangs after random
  number of zzz/wake cycles. I posted on misc@ about it a few times and
  both Theo and Mike Larkin chimed in (privately) with advice and
  patches; Much appreciated, but the problem persists.
 
  So I had the genius idea that updating the bios may help the
situation.
 
  The problem: The bios update is a zip file with one DOS and one
  Winblows executable.
 
  I don't have either OS. So I borrowed a Win XP and a Windows Server
  2003 CD from friends.
 
  I am able to boot off both of them (using an external USB CDROM) and
  drop to a command prompt. This is in the hopes of executing the win
  .exe file off a USB stick.
 
  Recap: I boot off CD fine. I am able to drop to a command prompt OK. I
  am able to see the contents of the USB stick OK too. But I am unable
  to execute the damn executable off the USB stick.
 
  I can't CD into the directory they are in (error message: not
  allowed). I can DIR folder and get the listing of the
  directory/folder with the executables within it. If I supply the full
  path to the executable it doesn't run (I forget the exact error
  message -- I should've written it down before giving up).
 
  So the question I have is how can I update this netbook's bios?
 
  --patrick
 
 
 
  Cordialement
  Francois Pussault
  3701 - 8 rue Marcel Pagnol
  31100 Toulouse
  France
  +33 6 17 230 820 B  +33 5 34 365 269
  fpussa...@contactoffice.fr



Why don't you try downloading the iso file, and using something like
growisofs to _add_ your bios update files into it, then burn it and run it.

I did that when I needed to update my BIOS...



Re: How do I exclude a directory using tar in OpenBSD?

2011-06-05 Thread Abel Abraham Camarillo Ojeda
On Thu, Jun 2, 2011 at 6:59 AM, Nico Kadel-Garcia nka...@gmail.com wrote:
 On Tue, May 31, 2011 at 8:39 AM, Stuart Henderson s...@spacehopper.org 
 wrote:
 On 2011-05-31, Marian Hettwer m...@kernel32.de wrote:
 On Tue, 31 May 2011 10:53:58 +0200, LEVAI Daniel l...@ecentrum.hu
 wrote:
 On Tue, May 31, 2011 at 11:42:24 +0300, Michael Sioutis wrote:
 Hello!

 I can't find it in the man page, and it seems it is not supported (?)
 I am trying to backup some folders and want to exclude some and nth
 will work. I've tried:
 --exclude=/folder/
 --exclude=/folder/
 --exclude /folder
 --exclude folder

 I will get an error: --exclude... directory doesn't exist.

 Excluding will work in Linux.

 That is a GNU extension. You can work this around with find(1) and the
 tar(1)'s '-I' option.



 bsdtar from the FreeBSD project supports --exclude too.
 The OP could as well install gnu tar from packages. bsdtar doens't seem
 to exist...

 At least that's what I do at work (Debian, Solaris, OpenBSD env).
 It's a pain to walk around every nifty details of different unixes...

 The other way you can do it is just use posix-specified options and
 not rely on vendor-specific extensions. But unfortunately many of the
 vendors (*cough*gnu*cough*) don't make it clear which options are
 standard and which are extensions... And, sadly, even some of the
 BSD-derived OS have replaced a bunch of their standard tools with GNU.

 GNU tools have become the industry standard, for a stack of reasons.
 This sort of useful feature for tar, its protective autostripping of
 leading slashes, and its built-in compression access are only a few of
 the reasons its become so popular. Transforming a simple --exclude
 based command line into a set of included targets can become
 extremely awkward, especially when snapshotting a dynamic target (for
 backup purposes) or dealing with file names from a shared file system
 (such as an NFS or Samba published system in international settings)
 that parsing the names can cause. chaos.

 I've had similar issues with the cp command, and its lack of cp
 -a. I've taken to using rsync, first, to generate a target space
 that I can then run the tar or other commands against. With cheaper,
 faster disk these days, it's usually cheaper for me as a programmer to
 do this.



Don't forget to mention the Industry Standard rsync protocol...



Re: I don't get where the load comes from

2011-05-31 Thread Abel Abraham Camarillo Ojeda
On Tue, May 31, 2011 at 2:24 AM, Francois Pussault
fpussa...@contactoffice.fr wrote:

 load is not realy a cpu usage %.
 In facts it is sum of many % (cpu real load, memory, buffers, etc...)
 that explain why load can up over 5.0 for each cpu without any crash or freeze
 of the host.

 we should consider load as a host ressources %... this is not real of course
 but this is more real, than considering it as only cpu use.



The load average numbers give the number of jobs in the run queue averaged
over 1, 5, and 15 minutes

from top(1).



Re: OT:Re: How do I exclude a directory using tar in OpenBSD?

2011-05-31 Thread Abel Abraham Camarillo Ojeda
On Tue, May 31, 2011 at 4:05 PM, Eric Furman ericfur...@fastmail.net wrote:
 Better to have your script
 detect which OS it's running on and take appropriate action.



Sure, that's why autoconf is state of art.



Re: putty or ssh, screen $cmd

2011-05-29 Thread Abel Abraham Camarillo Ojeda
On Sun, May 29, 2011 at 6:46 PM, Martin Pelikan
martin.peli...@gmail.com wrote:
 Have you ever tried to use screen inside a screen? ssh'd to other
 machines? B Not to mention ^A is beginning-of-line in most terminals.

I generally map ^a to be the prefix key on tmux...



Re: impact of unaligned partitions/slices on 4kB sector drives (wd10ears)

2011-05-14 Thread Abel Abraham Camarillo Ojeda
List:   openbsd-tech
Subject:impact of unaligned partitions/slices on 4kB sector drives
(wd10ears)
From:   Robert robert () openbsd ! pap ! st
Date:   2010-01-06 22:54:34
Message-ID: 20100106235434.55963d32 () openbsd ! pap ! st

 Hello,

 i did some measurements on the impact that unaligned partitions/slices
 have on the new harddrives that use ondisk 4kB sectors and export
 them as 512B sectors. [1]
 My tests were done on a Western Digital WD10EARS. [2]


 CONCLUSION:
 Having unaligned partition/slices on those disks leads to noticable
 performance penalty under realworld workloads.


 IMPLICATIONS:
 1. The rounding of unit sizes to cylinder boundaries by disklabel has
to be evaluated.
 2. A FAQ entry for the advanced format disks is needed to tell people
to set the XP jumper. (more on that later)
If disklabel is not modified, that entry would also have to explain
the alignement implications and how to use a calculator.


 TEST RESULTS:

 - sequential write/read speeds ---

   dd bs | aligned   | unaligned | wd10eads*
 |   |   |
4k write |  97433116 |  86349673 |  80762241  (bytes/sec)
   64k w | 101273894 |  85616298 |  81234814
1m w |  98291974 |  79201231 |  83113302
 |   |   |
4k read  | 103706513 | 104434701 |  82723667
   64k r | 105136468 | 104453140 |  85552816
1m r | 104228605 | 104921901 |  85650289

   (* wd10eads is the previous generation to the wd10ears with 32mb
   cache and usual 512B ondisk sectors. Disk is in a different system!
   That system is not idle so actual numbers might be higher.)


 - extracting a source tree ---

   aligned   :  6m26.31s
   unaligned : 14m30.30s


 - build kernel / make obj / make build ---

  | aligned   | unaligned
   kernel |  2m27.94s |  2m48.12s
   make obj   |  0m28.51s |  1m01.41s
   make build | 36m07.27s | 70m51.58s




 EXPLANAITIONS (or whatever :):

 Those numbers are kinda scary.
 I would not have expected such bad results for the builds from my
 earlier sequential rw tests i sent to misc@.

 (Just to make it clear, if the partition/slices are not aligned,
  the disk has to read every 4k sector it wants to write to, before it
  can actually do that. The 64MB of cache help to elevate that up to
  some point.)

 This drive has a XP legacy jumper. (Same as WD15EARS and WD20EARS.)
 It is intended to be used for Windows XP systems with a single partition
 over the whole drive.
 XP uses the same 63 sector offset as OpenBSD does.
 Setting this jumper, transparently alignes the 63 sectors infront of a
 4k sector boundary.
 When that jumper is set, slices inside the partition only have to be
 multiples of 8 big.
 The issue is with disklables rounding down to the nearest cylinder
 boundary.
 This will mess up the nice multiplication by 1024, which would lead to
 a size divisable by 8.
 The rounding down is always done when using units, but not when
 requesting a size without a unit/in sectors.
 So slices can be aligned that way by hand.
 That rounding to cylinders is not needed, afaik.
 So without that, a simple rtfaq! set the damn jumper! would be
 enough, to get the best performance out of such harddisks.


 Below you can find more info about my test setup and the test outputs.


 Cheers,

 - Robert



 [1] http://www.wdc.com/advformat
 [2] http://www.wdc.com/en/products/products.asp?driveidv3



 TESTS:

 aligned   == XP jumper set
 unaligned == XP jumper NOT set*
   (* without the jumper,
  the partition/slices are off by one 512B sector.)


 I installed a snapshot i had on hand (see dmesg) and went from there.
   (Fresh installl without the jumper.)
 Source-tree used is -current from some hours ago.
 I sync'ed before every test.
 disk layout and ramdisk was the same in both scenarios.


 - dmesg ---
 OpenBSD 4.6-current (GENERIC.MP) #40: Tue Dec 29 01:02:20 MST 2009
 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
 real mem = 3488088064 (3326MB)
 avail mem = 3388391424 (3231MB)
 mainbus0 at root
 bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xf0730 (61 entries)
 bios0: vendor American Megatrends Inc. version 1104 date 09/11/2009
 bios0: ASUSTeK Computer INC. P5QL-E
 acpi0 at bios0: rev 2
 acpi0: tables DSDT FACP APIC MCFG OEMB HPET OSFR
 acpi0: wakeup devices P0P2(S4) P0P3(S4) P0P1(S4) UAR1(S4) PS2K(S4) PS2M(S4) 
 EUSB(S4) \
 USBE(S4) P0P5(S4) P0P6(S4) P0P7(S4) P0P8(S4) P0P9(S4) GBEC(S4) USB0(S4) 
 USB1(S4) \
 use rev 1.10/21.00 addr 2
 uhidev1: iclass 3/1
 ukbd0 at uhidev1: 8 modifier keys, 6 key codes
 wskbd1 at ukbd0 mux 1
 wskbd1: connecting to wsdisplay0
 vscsi0 at root
 scsibus4 at vscsi0: 256 targets
 softraid0 at root
 root on sd0a swap on sd0b dump on sd0b

 (( fwiw, jacob: that azalia is just disabled.
the iic0 should be an asus ai booster.
still have to modify the live driver for that soundblaster 5.1 vx. ))


 - fdisk ---
 Disk: sd0 geometry: 121601/255/63 [1953525168 

Re: impact of unaligned partitions/slices on 4kB sector drives (wd10ears)

2011-05-14 Thread Abel Abraham Camarillo Ojeda
On Sat, May 14, 2011 at 4:08 AM, David Gwynne l...@animata.net wrote:


 i have had a look at querying disks for their physical and logical block
alignments and offsets, but the the WD??EARS-00? drives dont report this info.
according to western digital, the next generation of these drives
(WD??EARS-11? iirc) are supposed to report them. if i ever find a disk that
does report the physical to logical alignment, i might have a look at having
the system make use of those values.


Yes, this is exactly the last thing I remember about this topic.

 huggz,
 dlg



This isn't my boot disk, it's the storage disk, I'm going to
re-disklabel, and newfs it;

Do I also need to do something with fdisk? I'm not sure...

Thanks.



Re: impact of unaligned partitions/slices on 4kB sector drives (wd10ears)

2011-05-14 Thread Abel Abraham Camarillo Ojeda
On Sat, May 14, 2011 at 4:22 AM, Otto Moerbeek o...@drijf.net wrote:
 On Sat, May 14, 2011 at 04:15:51AM -0500, Abel Abraham Camarillo Ojeda
wrote:

 On Sat, May 14, 2011 at 4:08 AM, David Gwynne l...@animata.net wrote:
 
 
  i have had a look at querying disks for their physical and logical block
 alignments and offsets, but the the WD??EARS-00? drives dont report this
info.
 according to western digital, the next generation of these drives
 (WD??EARS-11? iirc) are supposed to report them. if i ever find a disk
that
 does report the physical to logical alignment, i might have a look at
having
 the system make use of those values.
 

 Yes, this is exactly the last thing I remember about this topic.

  huggz,
  dlg
 
 

 This isn't my boot disk, it's the storage disk, I'm going to
 re-disklabel, and newfs it;

 Do I also need to do something with fdisk? I'm not sure...

 Yes, that is recommended. If yo use the whole disk for OpenBSd,

As I do.

 fdisk -i will do.

 B  B  B  B -Otto


Ok.



Re: What IRCD is preferred among true security minded folk?

2011-04-28 Thread Abel Abraham Camarillo Ojeda
On Thu, Apr 28, 2011 at 7:07 PM, Jean-Philippe Ouellet
jean-phili...@ouellet.biz wrote:
 Dear Misc, This is somewhat off topic, but it's been on my mind for quite
 some time, and someone just brought up irc, so I thought I'd ask.

 I've been looking to set up an irc server for some time now. It would be
 mostly for personal use and I don't plan on having more than a handful of
 concurrent users nor connecting said server to any IRC network. My primary
 criteria are:
 B - Good security track record
 B - Runs on OpenBSD (port or package)
 B - Clean code (Preferably C)
 B - Supports encrypted connections

I use SILC some times...
I think OpenBSD devs also use it.


 I've read some atrocious IRCd source, I believe I even read one (an old
 version of hybrid?) where all configuration had to be done at compile time
 with #define statements instead of using a configuration file. I would
 prefer C over C++ (hence I'm not too fond of inspIRCd (also because they
 recently had an exploit in one of their default modules)).

 As I cannot trust the integrity of others' connections, I wish for
 connections to be encrypted in some form or another. Multiple irc servers
 support encryption via SSL, such a feature would be desirable. I would like
 to have channels guaranteed to be private, where private is defined by
 exclusively comprised of explicitly allowed users, (allowed by me, in some
 configuration file,) who must have authenticated via PASS or something to
 ensure that they are not impostors, and either be using *encrypted*
 connections from *unspecified*, changing, origins (as in the case of my
 phone, laptop, and friends' computers) or *unencrypted* connections from
 *known*, fixed, origins (as in the case of my bots).

 *IF THE ABOVE IS NOT POSSIBLE*, I want to prevent anyone from connecting to
 my server except for myself, my friends, and my bots. Normally I would
 accomplish this via PF, however in this case I cannot because I don't have
a
 list of IPs to allow. I frequently use IRC via my phone whose IP very often
 changes and is in a range much bigger than I'd like to allow. The problem
of
 my phone could be solved by using a bouncer, however such a service would
 also need to be locked down, thus bringing me back to block 0. My friends
 also use varying (unpredictable) locations, and whitelisting each one on an
 as-needed basis would be infeasible. One potential solution I have sought
is
 preventing users from doing anything until a proper NICK/USER/PASS has been
 provided, with all accounts created by myself and told to the intended user
 in a secure/prearranged manner, and patching my bots to authenticate as
such
 would be rather trivial.

 Features of the IRCd are not as important to me as its security. Sure,
 nickserv  chanserv  friends would be nice, but I'm more concerned about
 keeping outsiders/snoopers out of private channels and keeping my/friends
 connections secure, and less concerned about preventing chat flooding,
 opless channels, etc.

 So far I have looked into:
 B * ngIRCd - so far my favorite
 B * UnrealIRCd B }
 B * IRCD-Hybrid } - all forks from the same giant nightmare
 B * Ratbox IRCd }
 B * inspIRCd - written in C++, and doesn't have a great track-record
 but I am completely open to anything.

 Many thanks,
 Jean-Philippe



Re: Any suggests for modest, known compatible servers with RAID 1?

2011-04-28 Thread Abel Abraham Camarillo Ojeda
On Thu, Apr 28, 2011 at 10:25 PM, Nico Kadel-Garcia nka...@gmail.com wrote:
 I just went halfway through the build your own custom kernel,
 manually configure partition tables, etc., etc. rituals to set up
 software RAID for OpenBSD 4.8, and have concluded that it's not
 economical the engineering time to do all that manual work for
 something available in hardware.

 So, I'm looking for modest servers simply act as a locked down
 external SSH server. I can lock down the OpenSSH pretty thoroughly,
 I'm just looking for modest, known-compatible server hardware. Any
 good recommendations? The listings for RAID compatibility include a
 lot of higher end cards, and for this application, RAID 1 is plenty.



Be sure to buy two of them, for when the RAID card fails.



Re: Like OpenBSD? Like to see new stuff happening? You really need to order a CD today :)

2011-04-22 Thread Abel Abraham Camarillo Ojeda
On Fri, Apr 22, 2011 at 12:16 AM, Sunnz sun...@gmail.com wrote:
 forget about multi-license, it is isc license and it doesn't really
 make sense to make them like ms volume license.

 but how hard would it be to provide an option for people to specify a
 different price for buying the cd? then you can pay $1000 for a cd if
 you want.

 --
 g):g.1e /h2/g B  )c f71h07e /e.9f04c
 sunnz.org



There are $1000 cds there.



Re: Upgrade i386 to amd64

2011-04-07 Thread Abel Abraham Camarillo Ojeda
On Wed, Apr 6, 2011 at 11:37 PM, Steven R. Gerber
sger...@gerber-systems.com wrote:
 
 B  B  B  B Going through /etc manually or by sysmerge is tedious.


I wish we had some kind of super-black-magic-mind-reading-hyper-sysmerge
tool...



Re: Upgrade i386 to amd64

2011-04-07 Thread Abel Abraham Camarillo Ojeda
On Thu, Apr 7, 2011 at 3:31 PM, Amit Kulkarni amitk...@gmail.com wrote:
 On 2011-04-07 0:57:10 Amit Kulkarni amitkulz () gmail ! com wrote:

 Is this in the FAQ? Never thought I would read such a question.


 I will be sure to put it in the IFAQ for 5.0. B Along with where is
 the sea-urchin flavored frozen yogurt? and do these gloves make
 my butt look big?


 Can't some people get sarcasm? You are the second person to refer to
 this. Nick got it. Maybe a smiley would have reinforced the sarcasm...



You need to use the sarcasm tags: sarcasm/sarcasm



Re: Constant rate mbuf leak

2011-02-11 Thread Abel Abraham Camarillo Ojeda
On Fri, Feb 11, 2011 at 3:44 PM, Lars Kotthoff li...@larsko.org wrote:
 In the meantime knowing which board it is (or, even better, what network
 drivers are in use) would help immensely.

 3 like this
 rl0 at pci0 dev 18 function 0 Realtek 8139 rev 0x10

 and one
 ral0 at pci0 dev 21 function 0 Ralink RT2860 rev 0x00
 ral0: MAC/BBP RT2860 (rev 0x0101), RF RT2820 (MIMO 2T3R)

 Alan's network drivers seem to be completely different though.

 Lars



I have had a lot of problem with rl*, I didn't wanted to debug, so just
bought some re* (if you want something cheap).

I remember a comment by Jacob Meuser about how rl driver (and cards)
sucks and re* are more or less ok.



Re: Printing (well anything) using lpd...

2011-02-02 Thread Abel Abraham Camarillo Ojeda
On Tue, Feb 1, 2011 at 8:59 AM, Manuel Giraud
manuel.gir...@univ-nantes.fr wrote:
 Jacob Meuser jake...@sdf.lonestar.org writes:

 foomatic is pretty easy to set up.

 Thread hijacker here. I tried to setup a lpd/foomatic for a printer over
 network and always end-up with this kind of message in
 /var/log/lpd-errs:
 --8---cut here---start-8---
 Feb B 1 13:46:29 K lpd[6548]: restarted
 foomatic-rip version 4.0.4.217 running...
 called with arguments: '-w132', '-l66', '-i0', '-n', 'manuel', '-j',
'foo.pdf', '-h', 'K', '/etc/foomatic/HPcolor.ppd'
 Parsing PPD file ...
 Added option Resolution
 Added option PageSize
 Added option Model
 Added option PrintoutMode
 Added option InputSlot
 Added option Duplex
 Added option Quality
 Added option ImageableArea
 Added option PaperDimension
 Added option Font

 Parameter Summary
 -

 Spooler: lpd
 Printer:
 Shell: /bin/ksh
 PPD file: /etc/foomatic/HPcolor.ppd
 ATTR file:
 Printer model: HP Color LaserJet 4500 hpijs pcl3, 3.10.4.16
 Options: foo.pdf
 Job title: foo.pdf
 File(s) to be printed:
 STDIN

 Printing system options:
 Pondering option 'foo.pdf'
 Unknown boolean option foo.pdf.
 Options from the PPD file:

 

 File: STDIN

 

 Filetype: PDF
 Process is dying with Cannot find a writable temp dir., exit stat 9
 Cleaning up...
 Feb B 1 13:46:58 K lpd[24642]: col: filter 'f' exited (retcode=9)
 Feb B 1 13:48:01 K lpd[24642]: mail sent to user manuel about job foo.pdf on
printer col (FILTERERR)
 Feb B 1 13:48:01 K lpd[24642]: col: job could not be printed (cfA007K)
 --8---cut here---end---8---

 I'm using 4.8 stable with packages. /etc/foomatic/HPcolor.ppd is a copy
 of

/usr/local/share/foomatic/db/source/PPD/HP/hp-color_laserjet_4500-hpijs-pcl3.
ppd.gz
 from the hpijs package.

 I've also installed foomatic-filters and my /etc/printcap is:
 --8---cut here---start-8---
 col|HP Color: \
 B  B  B  B :lp=9100@192.168.0.12:\
 B  B  B  B :af=/etc/foomatic/HPcolor.ppd:\
 B  B  B  B :if=/usr/local/bin/foomatic-rip:\
 B  B  B  B :sd=/var/spool/output:\
 B  B  B  B :lf=/var/log/lpd-errs:\
 B  B  B  B :sh:
 --8---cut here---end---8---

 Well. Searching the web, this seems to be related to this:

http://old.nabble.com/foomatic-stops-working-again-td29285534.html#a29287775
 And might be already fixed in -current (i think i should shut up and
 test then).
 --
 Manuel Giraud



I think this was fixed in current:

http://marc.info/?l=openbsd-portsm=128893326227486w=2

http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic/foomatic-filt
ers/revision/241

Greetings.



Re: amd64.html diff

2011-01-29 Thread Abel Abraham Camarillo Ojeda
As far as I know there is no way to prevent it from making shit when
you send diffs
through it's web client.

But anyway, I didn't searched enough, I just got tired and take the
dust off my nail(1)
(Heirloom mailx).

On Fri, Jan 28, 2011 at 10:27 PM, Amit Kulkarni amitk...@gmail.com wrote:
 Ok I got it. I admit I didn't think of Semprons or Athlon Neo as 64
 bit capable but some are :)

 I will post to www@ after this. Sorry about my mail. I thought gmail
 would be better. I have set it to text encoding. I will definitely try
 and fix this.

 On Fri, Jan 28, 2011 at 9:26 PM, Nick Holland
 n...@holland-consulting.net wrote:
 On 01/28/11 14:57, Amit Kulkarni wrote:
 Updated diff based on private Atom feedback and bigmem feedback.

 In short, no.
 In long: well, see notes within.

 Index: amd64.html
 ===
 RCS file: /cvs/www/amd64.html,v
 retrieving revision 1.228
 diff -u -r1.228 amd64.html
 --- amd64.html B  B  B  B 1 Nov 2010 22:06:58 - B  B  B  1.228
 +++ amd64.html B  B  B  B 28 Jan 2011 19:55:09 -
 @@ -20,7 +20,7 @@
 B hr

 B p
 -OpenBSD/amd64 runs on AMD's Athlon-64 family of processors in 64-bit
 mode.
 +OpenBSD/amd64 runs on AMD's Opteron-64/Athlon-64 family of processors
 in 64-bit mode.

 I think this is already quite correct, if we consider the Opteron part
 of the Athlon64 family.

 IF you are going to get really picky about this, you need to do your
 homework, as I'll pick you back.
 * It's Opteron, not Opteron-64.
 * If I read it as it is, I think there's a strong possibility my 64 bit
 happy Sempron might run. B After your change, I start thinking you have
 itemized everything that works...and thus, my Sempron won't work. B I
 lose, my Sempron works fine, thank you very much. B And here's where it
 gets ugly...not all the Semprons do.
 * Athlon Neo? Turion? B Athlon X2, X3, X4...? Phenom?

 And what have we gained by enlarging the list? B nothing.

 B It also runs on processors made by other manufacturers which have
cloned
 B the AMD64 extensions. B (Some Intel processors lack support for
important
 B PAE NX bit, which means those machines will run without any W^X support
 --
 @@ -52,7 +52,7 @@
 B p
 B The only major shortcoming at this time is that the kernel debugger
 B a


href=http://www.openbsd.org/cgi-bin/man.cgi?query=ddbamp;arch=amd64amp;sek
 tion=4ddb/a
 -is somewhat poor.
 +is somewhat poor. There is no support yet for memory greater than 4 GB.

 this probably does need a note somewhere, but I think it can be done
 better.

 B hr
 B a name=hardware/a
 @@ -62,7 +62,7 @@

 B p
 B All versions of the AMD Athlon 64 processors and their clones are
 -supported.
 +supported. This includes AMD Opteron, AMD Phenom, AMD Athlon, Intel
 Nehalem (Core i3, i5, and i7), and 64 bit Intel Atom.

 again, you take a broad general statement which is accurate and turn it
 into an incomplete (and wrong -- many Athlons are NOT amd64 compatable!
 B The name predates the 64 bit instruction set) specific statement. B I'm
 not even gonna start listing the Intel systems you skipped over there,
 and a very high percentage of the Intel Atom chips in consumer hands
 (and I believe some still being sold) are NOT AMD64 compatible. B It's
 all covered under clone quite nicely and to my satisfaction. B A lot of
 the early Intel AMD64-compatible chips screwed up their AMD64
 compatibility to the point where you basically just have to try it and
 see if YOUR chip works.

 It is not practical to enumerate every marketing name for every chip out
 there (I see an attempt was made on the i386 page, though that should be
 a legacy platform now and thus easier, but good ol' Intel is still
 making new i386-only chips (or at least was, as of the first generations
 of Atom...*sigh*).

 There's also just no point, and a lot more future maintenance for this
 page. B We are, actually, trying to cut down the itemized lists of
 devices supported, not add to them. B It isn't about having the longest
 list, it is about having the most useful list.

 B h4SMP support/h4
 B Starting with OpenBSD 3.6, OpenBSD/amd64 supports most SMP


 On Fri, Jan 28, 2011 at 12:25 PM, Amit Kulkarni amitk...@gmail.com
 wrote:
 Hi misc,

 I don't know where to post www updates. www seems to be heavily
 spammed and nobody uses it. And I don't want to spam specific people.

 www@ is the right place. B It's read by the people that need to read it.
 B However, your mailer is mangling diffs still (line wraps, two leading
 spaces where there should be one, etc.). B Mail the diff to yourself, see
 if you can apply it.

 Nick.



Re: Atheros AR5001

2011-01-27 Thread Abel Abraham Camarillo Ojeda
On Thu, Jan 27, 2011 at 4:23 AM,  sergey.k...@gmail.com wrote:
 My Acer Aspire One 751 shipped with Atheros AR5001.
 Recognized and works in Linux

 B  B  B  B $ lspci -vv -s 03:00.0
 B  B  B  B 03:00.0 Ethernet controller: Atheros Communications Inc. AR5001
Wireless Network Adapter (rev 01)
 B  B  B  B  B Subsystem: Foxconn International, Inc. Device e00d
 B  B  B  B  B Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop-
ParErr- Stepping- SERR- FastB2B- DisINTx-
 B  B  B  B  B Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast TAbort-
TAbort- MAbort- SERR- PERR- INTx-
 B  B  B  B  B Latency: 0, Cache Line Size: 64 bytes
 B  B  B  B  B Interrupt: pin A routed to IRQ 17
 B  B  B  B  B Region 0: Memory at d000 (64-bit, non-prefetchable)
[size=64K]
 B  B  B  B  B Capabilities: access denied
 B  B  B  B  B Kernel driver in use: ath5k
 B  B  B  B  B Kernel modules: ath5k

 It is recognized as AR5424 by OpenBSD:

 B  B  B  B ath0 at pci2 dev 0 function 0 Atheros AR5424 rev 0x01: apic 2
int 17 (irq 4)
 B  B  B  B ath0: AR5424 14.2 phy 7.0 rf 0.0, WOR5_ETSIC, address
00:24:2c:6f:ab:c0

 Doesn't work

 B  B  B  B $ ifconfig ath0 scan debug
 B  B  B  B ath0: unable to reset hardware: hal status 3

 I need help to make it work.
 It is working in Linux, and backport was already made for AR5424
 http://www.mail-archive.com/tech@openbsd.org/msg01613.html

 PS: is it a right mailing list?



You have been answered in your other thread...
It doesn't work.



Re: NO-IP not updating!

2011-01-26 Thread Abel Abraham Camarillo Ojeda
On Wed, Jan 26, 2011 at 3:56 AM, Leslie Jensen les...@eskk.nu wrote:
 Hello list.

 I'm quite new to Openbsd, have used Freebsd for a while.

 I have a newly installed Openbsd system.
 OpenBSD machine01.no-ip.org 4.8 GENERIC.MP#335 amd64

 Upon installation of noip I ran the command noip2 -C to configure it.

 I want noip to run a script every 30 minutes that sends a mail to me at the
 end of the updating of the address.

 So I choose the settings accordingly when configuring noip.

 I've put the following in my /etc/rc.local

 --
 # Add your local startup actions here.

 /usr/local/sbin/noip2 

 echo '.'
 --

 When the machine is booted I get the mail, but I do not get the updates
 every 30 minutes as I should.

 I cannot see if the the daemon starts because the line at the startup
screen
 shows only starting local daemons:,

 The command:
 # ps -aux | grep noip

 Gives

 _noip B  B  6013 B 0.0 B 0.2 B  428 B  916 ?? B Is B  B 10:04AM B 
B 0:00.01
 /usr/local/sb

 Top shows the process
 6013 _noip B  B  B 2 B  B 0 B 428K B 916K idle B  B  B select B  B 0:00
B 0.00% noip2

 If I kill that process and start noip2 from the command line it also sends
 the mail at start up but not after the following 30 minutes.

 I'm not sure whether noip is running every 30 minutes I've been tailing
 /var/log/messages and I cannot see anything related to noip there.

 Can anyone on this list point me in the right direction?

 Thanks

 /Leslie



cron(8), maybe?



Re: Sniffer detector for OpenBSD

2011-01-26 Thread Abel Abraham Camarillo Ojeda
There is no Cuba there...

On Wed, Jan 26, 2011 at 9:28 AM, Evgeniy Sudyr eject.in...@gmail.com wrote:
 Check list of companies which provides support there
 http://openbsd.org/support.html

 On Wed, Jan 26, 2011 at 5:37 PM, Orestes Leal R.
 l...@cubacatering.avianet.cu wrote:
 the only isp in cuba it's named etecsa, here there is no such things like
 multiples isps,
 conections are slow (from 3kilobytes/s to 60kilobytes/s in the better cases
 and rarely)
 conections are expensive, I have internet through my employer and therefore
 my employer
 pays to etecsa for the link.

 como tienes acceso a internet en cuba? yo soy de venezuela btw

 quisiera saber como functiona todo eso en cuba con los isp's, etc.

 On Mon, Jan 24, 2011 at 3:31 PM, Orestes Leal R.
 l...@cubacatering.avianet.cu wrote:

 Actually I understand everything friend don't worry, TODO BIEN!
 Here in Cuba almost no one uses openbsd.

 Thanks a lot,
 LeaL


 I realize after I sent the note that my Spanish was completely screwed.
 My apologies.
 Here.
 Is there anyone close to you that uses openbsd or anyone you know in a
 neighboring country?
 I referenced Mexico and Colombia because help from native speakers may
 be
 more efficient.

 --- On Mon, 1/24/11, Super Biscuit super_bisq...@yahoo.com wrote:

 From: Super Biscuit super_bisq...@yahoo.com
 Subject: Re: Sniffer detector for OpenBSD
 To: Orestes Leal R. l...@cubacatering.avianet.cu
 Cc: misc@openbsd.org misc@openbsd.org
 Date: Monday, January 24, 2011, 5:22 PM

 Try http://openports.se

 Use sniff and sniffer as the search queries.

 No hay nadie acerca de usted que esta usando OpenBSD. Disculpa mi pobre
 Castiliano.
 Talvez son gente en Mexico o Colombia.

 Ja tente, and use the search above.



 --- On Mon, 1/24/11, Orestes Leal R. l...@cubacatering.avianet.cu
 wrote:

 From: Orestes Leal R. l...@cubacatering.avianet.cu
 Subject: Sniffer detector for OpenBSD
 To: misc@openbsd.org misc@openbsd.org
 Date: Monday, January 24, 2011, 5:47 PM

 I've searching an sniffer detector for a LAN in OpenBSD unsucessfully,
 but found Sniffdet (outdated) and doesn't compile on
 OpenBSD4.8 and in all packages I dont know if there is one, any
 suggestions
 about this?

 I need to detect sniffers on my network possibly from Linux or or
 Windows
 Machines.





 --
 Using Opera's revolutionary email client: http://www.opera.com/mail/






 --
 Using Opera's revolutionary email client: http://www.opera.com/mail/





 --
 --
 With regards,
 Eugene Sudyr



Re: AR5424 on OpenBSD

2010-12-19 Thread Abel Abraham Camarillo Ojeda
On Sun, Dec 19, 2010 at 2:21 AM, Hugo Osvaldo Barrera
h...@osvaldobarrera.com.ar wrote:
 I've an Atheros AR5424, which OpenBSD seems to detect correctly, but
 does not really work.
 The ath driver is used, and the man pages don't list this model as being
 supported, but I though I might ask if there was some fix/etc.


 # ifconfig ath0 chan
 ath0: flags=8822BROADCAST,NOTRAILERS,SIMPLEX,MULTICAST mtu 1500
 B  B  B  B lladdr 00:1f:e2:a2:c5:4f
 B  B  B  B priority: 4
 B  B  B  B groups: wlan
 B  B  B  B media: IEEE802.11 autoselect
 B  B  B  B status: no network
 B  B  B  B ieee80211: nwid 
 B  B  B  B  B  B  B  B chan B freq B  B  B properties
 # ifconfig ath0 scan
 ath0: flags=8822BROADCAST,NOTRAILERS,SIMPLEX,MULTICAST mtu 1500
 B  B  B  B lladdr 00:1f:e2:a2:c5:4f
 B  B  B  B priority: 4
 B  B  B  B groups: wlan
 B  B  B  B media: IEEE802.11 autoselect
 B  B  B  B status: no network
 B  B  B  B ieee80211: nwid 
 blueath0: unable to reset hardware; hal status 4294934528
 #

 In reference to the above blue error, the man pages say it should not
 happen. B Again, the card is not listed as supported either.

 I don't mind providing more feedback/testing patches/etc.
 Cheers, and thanks.

 dmesg:

 OpenBSD 4.8-current (GENERIC.MP) #589: Mon Oct 18 16:29:17 MDT 2010
 B  B dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
 real mem = 2134712320 (2035MB)
 avail mem = 2064023552 (1968MB)
 mainbus0 at root
 bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe2c30 (25 entries)
 bios0: vendor Hewlett-Packard version F.33 date 04/29/2008
 bios0: Hewlett-Packard Compaq Presario C700 Notebook PC
 acpi0 at bios0: rev 2
 acpi0: sleep states S0 S3 S4 S5
 acpi0: tables DSDT FACP APIC HPET MCFG ASF! SLIC BOOT SSDT
 acpi0: wakeup devices SLPB(S4) P32_(S4) EXP1(S4) EXP2(S4) EXP3(S4)
 EXP4(S4) EXP5(S4) EXP6(S4)
 acpitimer0 at acpi0: 3579545 Hz, 24 bits
 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
 cpu0 at mainbus0: apid 0 (boot processor)
 cpu0: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz, 1729.28 MHz
 cpu0:

FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX1
6,xTPR,PDCM,NXE,LONG
 cpu0: 1MB 64b/line 4-way L2 cache
 cpu0: apic clock running at 132MHz
 cpu1 at mainbus0: apid 1 (application processor)
 cpu1: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz, 1729.00 MHzI doesn't
work.

http://marc.info/?l=openbsd-miscm=126420221716157w=2
 cpu1:

FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX1
6,xTPR,PDCM,NXE,LONG
 cpu1: 1MB 64b/line 4-way L2 cache
 ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins
 ioapic0: misconfigured as apic 0, remapped to apid 4
 acpihpet0 at acpi0: 14318179 Hz
 acpiprt0 at acpi0: bus 0 (PCI0)
 acpiprt1 at acpi0: bus 2 (P32_)
 acpiprt2 at acpi0: bus 1 (EXP1)
 acpiprt3 at acpi0: bus -1 (EXP2)
 acpiprt4 at acpi0: bus -1 (EXP3)
 acpiprt5 at acpi0: bus -1 (EXP4)
 acpiprt6 at acpi0: bus -1 (EXP5)
 acpiprt7 at acpi0: bus -1 (EXP6)
 acpiec0 at acpi0
 acpicpu0 at acpi0: C3, C2, C1, PSS
 acpicpu1 at acpi0: C3, C2, C1, PSS
 acpitz0 at acpi0: critical temperature 100 degC
 acpibtn0 at acpi0: PWRB
 acpibtn1 at acpi0: LID0
 acpibtn2 at acpi0: SLPB
 acpibat0 at acpi0: BAT0 model Primary type Lion oem Hewlett-Packard
 acpiac0 at acpi0: AC unit online
 acpivideo0 at acpi0: OVGA
 cpu0: Enhanced SpeedStep 1729 MHz: speeds: 1733, 1333, 1067, 800 MHz
 pci0 at mainbus0 bus 0
 pchb0 at pci0 dev 0 function 0 Intel GM965 Host rev 0x03
 vga1 at pci0 dev 2 function 0 Intel GM965 Video rev 0x03
 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
 wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
 intagp0 at vga1
 agp0 at intagp0: aperture at 0x8000, size 0x1000
 inteldrm0 at vga1: apic 4 int 16 (irq 11)
 drm0 at inteldrm0
 Intel GM965 Video rev 0x03 at pci0 dev 2 function 1 not configured
 azalia0 at pci0 dev 27 function 0 Intel 82801H HD Audio rev 0x03: apic
 4 int 22 (irq 11)
 azalia0: codecs: Conexant CX20561
 audio0 at azalia0
 ppb0 at pci0 dev 28 function 0 Intel 82801H PCIE rev 0x03: apic 4 int
 18 (irq 11)
 pci1 at ppb0 bus 1
 ath0 at pci1 dev 0 function 0 Atheros AR5424 rev 0x01: apic 4 int 16
 (irq 11)
 ath0: AR5424 14.2 phy 7.0 rf 0.0, WOR02W, address 00:1f:e2:a2:c5:4f
 uhci0 at pci0 dev 29 function 0 Intel 82801H USB rev 0x03: apic 4 int
 21 (irq 11)
 uhci1 at pci0 dev 29 function 1 Intel 82801H USB rev 0x03: apic 4 int
 20 (irq 11)
 uhci2 at pci0 dev 29 function 2 Intel 82801H USB rev 0x03: apic 4 int
 19 (irq 11)
 ehci0 at pci0 dev 29 function 7 Intel 82801H USB rev 0x03: apic 4 int
 23 (irq 11)
 usb0 at ehci0: USB revision 2.0
 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
 ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xf3
 pci2 at ppb1 bus 2
 rl0 at pci2 dev 1 function 0 Realtek 8139 rev 0x10: apic 4 int 16 (irq
 11), address 00:1e:ec:78:5b:13
 

Re: [Was: OT - gmail alternatives] PGP web mail anyone?

2010-12-15 Thread Abel Abraham Camarillo Ojeda
On Wed, Dec 15, 2010 at 4:23 PM, Ted Unangst ted.unan...@gmail.com wrote:
 On Wed, Dec 15, 2010 at 3:51 PM, Kevin Chadwick ma1l1i...@yahoo.co.uk
wrote:
 That's about the third time it's been recommended and I've kept meaning
 to look at it. I've been installing it for ages. Just loaded it up and
 from the name was expecting a graphical curses browser but was rather
 pleasantly surprised. Time to keep an eye on the source and try to find
 out how likely it is to avoid exploits that affect firefox. (with
 javascript disabled, theres no point striving for the impossible)

 no disrespect to marco, but it's nothing more than a (lighter than
 usual) shim around webkit. B it's just like safari, chrome, midori,
 arora, etc., wrt files it will try parsing and the attack surface so
 exposed.



I thought that the point about xxxterm was nice keybindings, a nice
configuration file and some keyboard free interface...



Re: symbol ( - - - - ) size mismatch, relink your program

2010-12-11 Thread Abel Abraham Camarillo Ojeda
On Sat, Dec 11, 2010 at 10:04 AM, Mihai Popescu B.S. mihai...@gmail.com wrote:
 Hello,

 I did a snapshot install and I got many warnings like this one. What
 could be this warning, is it about mismatch on .so files ?

 Thanks.



I think this is in the archives...



Re: OT - secondary DNS recommendations

2010-12-08 Thread Abel Abraham Camarillo Ojeda
On Wed, Dec 8, 2010 at 10:49 AM, Scott McEachern sc...@blackstaff.ca wrote:
 B It seems my free-as-in-beer secondary DNS service, EveryDNS.net, has
 abandoned WikiLeaks, so I'd like to return the favour.

 Given the (general) support of WikiLeaks here, I was wondering if anyone
 could recommend a free alternative to replace EveryDNS.net?

 I know how to use Google to find free alternatives, I'm looking for
 *recommendations* for a simple two-domain home network.

 Thanks in advance,

 - Scott



I have been using http://freedns.afraid.org/ for a couple of years without
any
incident.



Re: Donations

2010-12-05 Thread Abel Abraham Camarillo Ojeda
On Sun, Dec 5, 2010 at 4:38 PM, L. V. Lammert l...@omnitec.net wrote:
 On Sun, 5 Dec 2010, Dmitrij D. Czarkoff wrote:

  On Sun, 5 Dec 2010, Randal L. Schwartz wrote:
  I agree totally that there are a lot of idiots running parts of the US
  system, but at least they ARE predictable.

 Being predictable is just not enough. Hardly You would enjoy predictibility
of
 You being put to prison on suspection of possibility of You commiting some
 crime.

 Actually, being predictable ALLOWS planning to avoid such problems!

 Ever head of Don Quixote? THe moral of the storey - pick the battles you
 have a chance of winning and avoid the rest.

 B  B  B  B Lee



The moral of the story was that when you are left of all your objectives and
believings you suddenly die of sad and oldness. :P



Re: How to open PDF that requires Adobe 9

2010-12-04 Thread Abel Abraham Camarillo Ojeda
On Sat, Dec 4, 2010 at 8:17 PM, Brynet bry...@gmail.com wrote:
 Hi,

 Why are you using xpdf? it's so old and crummy :-).

 print/epdfview, which uses the poppler library.
 textproc/mupdf, independent renderer, pretty good.

 -Bryan.



There is also textproc/zathura.



ahci0: read NCQ error page, but not an NCQ error?

2010-12-04 Thread Abel Abraham Camarillo Ojeda
I'm getting this when I: dd if=/dev/rsd2c of=/dev/null bs=1m; some disk:

ahci0: read NCQ error page, but not an NCQ error?
...
I first tried to mount_ntfs It, when it didn't worked I tried to dd' it.

Should I try to set any debugging flags or should I throw this disk to trash?

This is amd64 -current as Nov 22.

dmesg:

OpenBSD 4.8-current (kobj) #0: Mon Nov 22 20:58:47 CST 2010
r...@maetel.00z:/usr/kobj
real mem = 2011758592 (1918MB)
avail mem = 1944289280 (1854MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.5 @ 0x9f400 (60 entries)
bios0: vendor American Megatrends Inc. version 080014 date 03/13/2009
bios0: FOXCONN A6VMX
acpi0 at bios0: rev 0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG OEMB HPET SSDT
acpi0: wakeup devices PCE2(S4) PCE3(S4) PCE4(S4) PCE5(S4) PCE6(S4)
PCE7(S4) SBAZ(S4) PS2K(S4) PS2M(S3) P0PC(S4) WOL_(S4) AC97(S4)
MC97(S4) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) EUSB(S3)
PWRB(S4)
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD Phenom(tm) II X4 955 Processor, 800.18 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu0: apic clock running at 200MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD Phenom(tm) II X4 955 Processor, 800.04 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu2 at mainbus0: apid 2 (application processor)
cpu2: AMD Phenom(tm) II X4 955 Processor, 800.03 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu2: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu2: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
cpu3 at mainbus0: apid 3 (application processor)
cpu3: AMD Phenom(tm) II X4 955 Processor, 800.03 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW
cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu3: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative
cpu3: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins
acpihpet0 at acpi0: 14318180 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (P0P1)
acpiprt2 at acpi0: bus -1 (PCE2)
acpiprt3 at acpi0: bus -1 (PCE3)
acpiprt4 at acpi0: bus -1 (PCE4)
acpiprt5 at acpi0: bus 2 (PCE5)
acpiprt6 at acpi0: bus 3 (P0PC)
acpicpu0 at acpi0
acpicpu1 at acpi0
acpicpu2 at acpi0
acpicpu3 at acpi0
acpibtn0 at acpi0: PWRB
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 ATI RS690 Host rev 0x00
ppb0 at pci0 dev 1 function 0 ATI RS690 PCIE rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 5 function 0 ATI Radeon X1250 rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb1 at pci0 dev 5 function 0 ATI RS690 PCIE rev 0x00
pci2 at ppb1 bus 2
re0 at pci2 dev 0 function 0 Realtek 8101E rev 0x01: RTL8101E
(0x3400), apic 4 int 17 (irq 15), address 00:1f:e2:09:c2:ee
rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1
ahci0 at pci0 dev 18 function 0 ATI SB600 SATA rev 0x00: apic 4 int
22 (irq 11), AHCI 1.1
scsibus0 at ahci0: 32 targets
sd0 at scsibus0 targ 0 lun 0: ATA, WDC WD5000AAJS-2, 01.0 SCSI3 0/direct fixed
sd0: 476940MB, 512 bytes/sec, 976773168 sec total
sd1 at scsibus0 targ 1 lun 0: ATA, WDC WD10EARS-00Y, 80.0 SCSI3 0/direct fixed
sd1: 953869MB, 512 bytes/sec, 1953525168 sec total
sd2 at scsibus0 targ 3 lun 0: ATA, Maxtor 6L080M0, BACE SCSI3 0/direct fixed
sd2: 78167MB, 512 bytes/sec, 160086528 sec total
ohci0 at pci0 dev 19 function 0 ATI SB600 USB rev 0x00: apic 4 int
16 (irq 5), version 1.0, legacy support
ohci1 at pci0 dev 19 function 1 ATI SB600 USB rev 0x00: apic 4 int
17 (irq 15), version 1.0, legacy support
ohci2 at pci0 dev 19 function 2 ATI SB600 USB rev 0x00: apic 4 int
18 (irq 10), version 1.0, legacy support
ohci3 at pci0 dev 19 function 3 ATI SB600 USB rev 

Re: Re-KeyGen Virtual machine from template

2010-11-09 Thread Abel Abraham Camarillo Ojeda
On Tue, Nov 9, 2010 at 5:42 PM, Keith ke...@scott-land.net wrote:
 I've managed to get OpenBSD working in a virtual machine and have created a
 template to use whenever I need a new OBSD virtual server but I was
 wondering what would need to be done to each machine to make it unique from
 the other machines also produced from the same template !

 Is there a way to re trigger the process that happens the first time a
 OpenBSD machine boots up where the three keys are generated ?

 Thanks
 Keith



# rm /etc/ssh/ssh*key;
# halt -p;

Then make your system image... (the keys will be autogenerated the next time
the images boot).

Saludos.



Re: Linux-2.6.36-libre: turning Linux's Free Bait into Free Software

2010-11-09 Thread Abel Abraham Camarillo Ojeda
On Tue, Nov 9, 2010 at 6:14 PM, frantisek holop min...@obiit.org wrote:
 hmm, on Tue, Nov 09, 2010 at 03:53:59PM -0500, Brynet said that
 Why are you sending this crap here? the inclusion of binary
 firmware/microcode in OpenBSD is considered acceptable so long as the
 license allows for redistribution.

 maybe you could read first what's it about...


 perhaps it would have been better for advoc...@.
 i was just thinking about sending it in as well,
 it's quite interesting to see what others are doing
 with other open source licenses.

 there is so much crap on this list, an honest OT
 once in a while can only do good.





 ...in the _firmware_ subdirectory,...

 Although the corresponding _drivers_...

firmware != drivers



Re: Cannot fill hard drive with /dev/random

2010-11-08 Thread Abel Abraham Camarillo Ojeda
On Mon, Nov 8, 2010 at 11:23 AM, James Hozier guitars...@yahoo.com wrote:
 # dd if=/dev/random of=/dev/sd1c 
 dd: /dev/random: Input/output error
 0+0 records in
 0+0 records out
 0 bytes transferred in 0.000 secs (0 bytes/sec)
 #

 But /dev/urandom (dd if=/dev/urandom of=/dev/sd1c ) works fine. Is 
 /dev/random not
 supposed to be used for some reason or something?



man(4):

 /dev/randomThis device is reserved for future support of hardware
random generators.



Re: Cannot fill hard drive with /dev/random

2010-11-08 Thread Abel Abraham Camarillo Ojeda
On Mon, Nov 8, 2010 at 11:30 AM, Abel Abraham Camarillo Ojeda
acam...@verlet.org wrote:
 On Mon, Nov 8, 2010 at 11:23 AM, James Hozier guitars...@yahoo.com wrote:
 # dd if=/dev/random of=/dev/sd1c 
 dd: /dev/random: Input/output error
 0+0 records in
 0+0 records out
 0 bytes transferred in 0.000 secs (0 bytes/sec)
 #

 But /dev/urandom (dd if=/dev/urandom of=/dev/sd1c ) works fine. Is
/dev/random not
 supposed to be used for some reason or something?



 man(4):

 B  B  /dev/random B  B This device is reserved for future support of
hardware
 B  B  B  B  B  B  B  B  B  B random generators.


Duh, meant random(4)...



Re: Printing with HP laserjet p1606dn and LPD, hpijis: unable to set device=

2010-11-04 Thread Abel Abraham Camarillo Ojeda
Oh, Yep, I forget to attach that other logfile, when I start dbus as:

# dbus --system;

Only the Dbus line goes away:

prnt/hpijs/hpijs.cpp 268: unable to set device=HP LaserJet 1018, err=48
prnt/hpijs/hpijs.cpp 289: unable to set device=HP LaserJet 1018, err=48
 Unable to open the initial device, quitting.
prnt/hpijs/hpijs.cpp 694: unable to read client data err=-2

On Thu, Nov 4, 2010 at 12:30 AM, Antoine Jacoutot ajacou...@bsdfrog.org
wrote:
 On Wed, 3 Nov 2010, Abel Abraham Camarillo Ojeda wrote:

 ...
 prnt/hpijs/services.cpp 760: dBus Connection Error (Failed to connect
 to socket /var/run/dbus/system_bus_socket: No such file or directory)!
 prnt/hpijs/hpijs.cpp 268: unable to set device=HP LaserJet 1018, err=48
 prnt/hpijs/hpijs.cpp 289: unable to set device=HP LaserJet 1018, err=48
  Unable to open the initial device, quitting.
 prnt/hpijs/hpijs.cpp 694: unable to read client data err=-2

 You are obviously not running DBus.


 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe

 ---
 New page: %%Page: 2 2
 tee: stdout: Broken pipe
 tee: Found: %%Page: 2 2
 B -- Output goes to the FIFO buffer now.

 stdout:
 Found: %%BeginPageSetup
 Inserting option code into PageSetup section.
 Broken pipe
 Flushing FIFO.
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe
 tee: stdout: Broken pipe

Printing with HP laserjet p1606dn and LPD, hpijis: unable to set device=

2010-11-03 Thread Abel Abraham Camarillo Ojeda
I'm unsuccesfully trying to make this HP printer... to print... (this
is a new printer
I have already printed with windows XP, and on this OpenBSD box using foo2zjs
instead of hpijs, but it only works via usb, not network...):


If I:

$ lpr ~/xyguide.ps;

I get this on /tmp/foomatic-rip.log:

prnt/hpijs/hpijs.cpp 268: unable to set device=HP LaserJet 1018, err=48
prnt/hpijs/hpijs.cpp 289: unable to set device=HP LaserJet 1018, err=48
 Unable to open the initial device, quitting.
prnt/hpijs/hpijs.cpp 694: unable to read client data err=-2

I'm using the following packages:

foomatic-db-4.0.20100821p0
foomatic-db-engine-4.0.5
foomatic-db-gutenprint-5.2.6
foomatic-filters-4.0.5
hpcups-3.10.9
hpijs-3.10.9
hplip-3.10.9
hplip-libs-3.10.9

/etc/printcap:
#   $OpenBSD: printcap,v 1.4 2003/03/28 21:32:30 jmc Exp $

#lp|local line printer:\
#   :lp=/dev/lp:sd=/var/spool/output:lf=/var/log/lpd-errs:

lp|Hp LaserJet p1606dn:\
   :lp=/dev/ugen0.01:\
   :rp=raw:\
   :sd=/var/spool/output:\
   :lf=/var/log/lpd-errs:\
   :if=/usr/local/bin/foomatic-rip:\
   :af=/etc/foomatic/hp-laserjet_professional_p1606dn-hpijs.ppd:\
   :sh:

#:rm=guten.00z:\

#rp|remote line printer:\
#   :lp=:rm=printhost:rp=lp:sd=/var/spool/output:lf=/var/log/lpd-errs:

-

Log of foomatic-rip:
foomatic-rip version 4.0.5.223 running...
called with arguments: '-w132', '-l66', '-i0', '-n', 'the00z', '-j',
'xyguide.ps', '-h', 'maetel.00z',
'/etc/foomatic/hp-laserjet_professional_p1606dn-hpijs.ppd'
Parsing PPD file ...
Added option Resolution
Added option PageSize
Added option Model
Added option PrintoutMode
Added option MediaType
Added option InputSlot
Added option Quality
Added option ImageableArea
Added option PaperDimension
Added option Font

Parameter Summary
-

Spooler: lpd
Printer:
Shell: /bin/ksh
PPD file: /etc/foomatic/hp-laserjet_professional_p1606dn-hpijs.ppd
ATTR file:
Printer model: HP LaserJet Professional p1606dn hpijs, 3.10.6.15,
requires proprietary plugin
Options: xyguide.ps
Job title: xyguide.ps
File(s) to be printed:
STDIN

Printing system options:
Pondering option 'xyguide.ps'
Unknown boolean option xyguide.ps.
Options from the PPD file:
Starting process reset-file (generation 1)
reset-file exited with status 0



File: STDIN



Filetype: PostScript
Reading PostScript input ...
-- This document is DSC-conforming!
Job claims to be DSC-conforming, but %%BeginProlog was missing
before first line with another%%BeginProlog comment (is this a
TeX/LaTeX/dvips-generated PostScript file?). Assuming start of
Prolog here.
Inserting option code into Prolog section.

---
Found: %%BeginProlog
Found: %%EndProlog

---
Found: %%BeginSetup
Inserting option code into Setup section.
Found: %%EndSetup

---
New page: %%Page: 1 1

Found: %%BeginPageSetup
Inserting option code into PageSetup section.
New page found but previous not printed, print it now.
Found: %%Page: 2 2
 -- Output goes directly to the renderer now.


Starting renderer with command: /usr/local/bin/gs -sstdout=%stderr
-dBATCH -dPARANOIDSAFER -dQUIET -dNOPAUSE -sDEVICE=ijs
-sIjsServer=hpijs -dDEVICEWIDTHPOINTS=612 -dDEVICEHEIGHTPOINTS=792
-sDeviceManufacturer=HEWLETT-PACKARD -sDeviceModel=HP LaserJet
1018 -r600 
-sIjsParams=Quality:Quality=0,Quality:ColorMode=0,Quality:PenSet=0,PS:MediaPosition=7
-dIjsUseOutputFD -sOutputFile=%stdout -_
Starting process kid3 (generation 1)
Starting process kid4 (generation 2)
Starting process renderer (generation 2)
JCL:  %-123...@pjl
job data

prnt/hpijs/services.cpp 760: dBus Connection Error (Failed to connect
to socket /var/run/dbus/system_bus_socket: No such file or directory)!
prnt/hpijs/hpijs.cpp 268: unable to set device=HP LaserJet 1018, err=48
prnt/hpijs/hpijs.cpp 289: unable to set device=HP LaserJet 1018, err=48
 Unable to open the initial device, quitting.
prnt/hpijs/hpijs.cpp 694: unable to read client data err=-2
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: Broken pipe
tee: stdout: 

Re: Multi-Port SSH brute force protection

2010-11-01 Thread Abel Abraham Camarillo Ojeda
On Mon, Nov 1, 2010 at 8:30 AM, onteria onte...@scarletdevil.net wrote:
 I was checking my authlog today and noticed the following series of
 brute force login attempts:

 Nov B 1 01:37:04 solar sshd[8173]: Failed password for root from
 58.211.1.163 port 8895 ssh2
 Nov B 1 01:37:04 solar sshd[10692]: Received disconnect from
 58.211.1.163: 11: Bye Bye
 Nov B 1 01:37:06 solar sshd[6273]: Failed password for root from
 58.211.1.163 port 9052 ssh2
 Nov B 1 01:37:06 solar sshd[21047]: Received disconnect from
 58.211.1.163: 11: Bye Bye

 First off login as root is disabled, so not much they can do here, but
 I'd like to try and setup up some kind of throttling protection for
 these sorts of attacks. Unfortunately they keep changing ports, so the
 traditional port 22 protection isn't going to work. I'm wondering if
 there's something similar to spamd for sshd that can handle this sort of
 throttling before handing off to the real server, or if sshd has some
 functionality to do that on its own. Thanks ahead of time for any
 suggestions.

 - Onteria



There is sshguard in ports, or you can read the archives for some pf
max-src-conn-rate magic (or pf.conf(5)).



  1   2   >