Re: HIFN 7955 Support in OpenBSD 4.6 on AMD Geode LX800 System

On 2/18/2010 7:21 AM, Liam Farr wrote: Hi, I thought that the system might be using the built in crypto in the AMD Geode CPU instead of the HIFN and have used config -e -o bsd.new /bsd to disable glxsb (glxsb0 at pci0 dev 1 function 2 AMD Geode LX Crypto rev 0x00: RNG AES) in the kernel,

Re: HIFN 7955 Support in OpenBSD 4.6 on AMD Geode LX800 System

On 2/18/2010 12:47 PM, Ryan Corder wrote: Essentially, on these lower-power devices, the cost of moving the data to and from the crypto card across the PCI bus negates most performance gains you would achieve trying to offload it. Right Where as on servers, these devices only offer a benefit

Re: cell card on vaio p

On Fri, 2009-10-30 at 12:01 -0700, Lawrence-Sporkton wrote: I believe its the Gobi 1000 or Gobi UNDP-1 which appear to be the same device Very odd. This is a CDMA/3G/GSM/EVDO modem? Normally they show up as PCMICIA, USB, or PCI Serial devices. A lot of times the PCMCIA ones present a USB

Re: Starting a Radius / Nas in openbsd

On Fri, 2009-10-30 at 22:08 +0100, C. Diego Raffaelli A. wrote: Any idea? Am i right using OpenBSD and trying to use Radius and/or NAS?? RADIUS Authentication and RADIUS Accounting are what you want, but that's off-topic for this list. Look in ports for RADIUS servers. Good luck. ~BAS

Re: LaCie

On Tue, 2009-08-04 at 13:53 -0300, Marcos Laufer wrote: Hello, has anyone had any experience with LaCie Raid and Storage very Feng shui ~BAS I'm the kind of Mac-using sociopath that looks at an external NAS and asks: 'What kind of RAID array defines me as a person?'

Re: Multiple IPSec-tunnels and load balancing

On Tue, 2009-06-30 at 11:15 +0200, u...@o3si.de wrote: Is it possible to load balance / failover the traffic over IPSec? If so, should I use GIF for load balancing / routing? That's what Cisco DMVPN is, as far as I can tell. Was just reading about it. You're talking about GRE tunnels to two

Re: unable to redirect port 443 from the internet to an internal server

On Wed, 2009-06-10 at 09:24 -0700, Journey Man wrote: Yet another rule that redirects port 1443 to port 443 works: Try tcpdump: % sudo tcpdump -i $ext_if 'port 443' Then try to re-create the TCP socket from a 3rd party remote host. See if the syn packet comes in. If not, then your ISP could

Re: logging smtp connections

On Sat, 2009-05-02 at 05:06 -0500, Robson Caetano wrote: Hi I would like to log From:, To: and Subject: fields of every SMTP connection to my internal SMTP server that is passed by the openbsd firewall. You're better off doing that within your MTA. Courier has a Big Brother feature:

sudo 1.6.9p20 patch in OPENBSD_4_3 and OPENBSD_4_4

All: Do we want to slip this into presently supported branches containing 1.6.9p17? It's a quick patch: http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c.diff?r1=1.160.2.21r2=1.160.2.22only_with_tag=SUDO_1_6_9 I tested it on -rOPENBSD_4_3. Just be sure to nuke the version string. $ more

Re: Transport Mode ipsec(4) and inet6(4) gre(4)

I haven't looked if we have support, but gre(4) w/ ipv6 address and stf(4) seem to be best options out there for secure v6 tunnels. That sounds... bizarre. According to ipv6book.ca, M. Blanchet. It's a good read, except OpenBSD/NetBSD are neglected (probably becase of the stf(4)/6to4(4)

Transport Mode ipsec(4) and inet6(4) gre(4) (WAS: isakmpd + gre crashing)

, Brian A. Seklecki wrote: But as soon as I start an scp from Perspex to Soekris, Perspex reboots after a few hundred kb. Unfortunately, Perspex is in a datacenter and I do not have console access to it to see what the heck is happening at that exact moment. I don't recall. But for the record

Re: Routing issue with VPN tunnel

On Mon, 2008-12-15 at 00:06 +, Danial wrote: I don't like responding to my own thread but I really need help with this one, so I'll try to rephrase the question: Just about every userland utility has the ability to specify source transmit addresses (bind(4) function) If not, we can add it.

Re: 4.3-stable panics on a Soekris net-5501

Today I was dumping files from a wd0 disk to a mountpoint on sd0 disk (external USB). I accidently unplugged the power cable of sd0 disk and That is generally considered the proper / pragmatic behavior. FreeBSD Foundation is sponsoring development to change this behavior to to some sort of

Re: Can't SSH into CARP'd system from the outside

On Mon, 2008-10-20 at 14:19 -0700, Vivek Ayer wrote: So far, I can't ssh into the carp from the outside, can't ntp from the Try: % sudo tcpdump -ttt -e -vvv -n -i pflog0 -s 1024 -- Brian A. Seklecki [EMAIL PROTECTED] Collaborative Fusion, Inc. IMPORTANT: This message contains

Re: PF Queue on a GROUP of nics?

On Mon, 2008-10-06 at 16:39 +1100, Sunnz wrote: Is it possible? Say I have a few nics of the same group... dc0 dc1 dc2 dc3... which all belong to a group dc. Sunnz Do you mean a shared queue where downstream bandwidth from a single upstream interface is proportionally divided into two

Advanced Queuing: Host-Only Stateful Inspection and Queues

[Long Message Disclaimer] All: I was just looking over Peter Hansteen's PF book -- It's a great reference, but the coverage on QUEUING is limited (6 pages of ~150). I was hoping to find an answer to a question there-in, that I had back in 2006 when I filed system/4574 -- but with behind me, I

Re: LDAP and OpenBSD

On Fri, 2008-10-10 at 19:52 +0200, raven wrote: I'm thinking how my users into an ldap db can login into my openbsd One would need NSS_LDAP and PAM_LDAP, which requires PAM and NSS infrastructure in-tree. Likely you'd want to sponsor development for something like that. ~BAS -- Brian

Re: recommendation for router (COMMELL)

What *would* you recommend? In addition to the listed duties, I am looking for stability, For a mail server appliance, Axiomtek units are the only way to fly. Try the NA-820. We've been nothing but pleased, and of all the cheap Award/AMI BIOS's, theirs has been the best performing so far,

Re: isakmpd

with lots of known-good-working isakmpd(8) / isakmpd.conf(5) examples. ~BAS I think i have seen some sample config before but i cant seem to find any now.. Any help would be appreciated.. /Daniel -- Brian A. Seklecki [EMAIL PROTECTED] Collaborative Fusion, Inc. IMPORTANT: This message

Re: make build fails for OPENBSD_4_4 on i386

On Fri, 2008-08-08 at 13:59 +0200, Miod Vallat wrote: Until the cd-rom are actually created and the release is announced, tags are Just trying to be helpful in reporting a build-problem during the releng cycle. If there's a better venue for such reports, lets have it :) ~BAS IMPORTANT:

Re: contact info for PC Weasel?

On Wed, 2008-08-06 at 13:58 -0700, Chris Cappuccio wrote: spend your money on a motherboard with serial console. like a supermicro board or something. you'll be happier. No offense but: No. No you wont. Unless you have IPMI or something like Dell's DRAC (4, not 5 -- 5 sux big time). The

sshd_config(5) PermitRootLogin yes

Am I reading this right? http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?rev=1.80content-type=text/x-cvsweb-markup I dont have a fresh install anywhere -- but I want to say that it doesnt default to PermitRootLogin yes after the install. I remember that I filed PRs with

Re: sshd_config(5) PermitRootLogin yes

On Thu, 10 Jul 2008, Brynet wrote: The keyword here is *default*. Say you installed OpenBSD on a soekris, it's nice having root enabled temporarily. That way you can login at a later time, create a lesser privledged account, On Soekris, does the first boot console access not function

Re: sshd_config(5) PermitRootLogin yes

afterboot(8) covers this Works for me, I guess. =/ ~BAS http://www.openbsd.org/cgi-bin/man.cgi?query=afterbootapropos=0sektion=0ma npath=OpenBSD+Currentarch=i386format=html

Re: sshd_config(5) PermitRootLogin yes

the rationel why the rest of the projects changed it. ~~BAS On Thu, Jul 10, 2008 at 10:35:06AM -0400, Brian A. Seklecki wrote: Am I reading this right? http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?rev=1.80content-type=text/x-cvsweb-markup I dont have a fresh install

Re: sshd_config(5) PermitRootLogin yes

types worry because they don't really understand security. On Thu, Jul 10, 2008 at 01:38:22PM -0400, Brian A. Seklecki wrote: On Thu, 10 Jul 2008, Marco Peereboom wrote: Of course it is enabled by default. Why do I want a box that is freshly installed and unreachable? No -- I just find

Re: snmpd

] [host] UCD-DISKIO-MIB::diskIOTable The sensor stuff should be committed into the Ports version of Net-SNMP by now. I can get it committed to Pkgsrc if not. Its just not been at the top of my priority list. -- Brian A. Seklecki Collaborative Fusion, Inc

Re: nagios monitoring of a remote openntp service

; [EMAIL PROTECTED]:12$ /usr/local/libexec/nagios/check_ntp_time -H ntp NTP OK: Offset -0.002711469308 secs|offset=-0.002711s; 60.00;120.00; so, it can work. -- Brian A. Seklecki [EMAIL PROTECTED] Collaborative Fusion, Inc.

Re: snmpd

at the top of my priority list. -- Brian A. Seklecki [EMAIL PROTECTED] Collaborative Fusion, Inc.

Re: Simple OBSD/Samba sharing/restart question

On Mon, 2008-03-31 at 12:36 -0400, Dan Brosemer wrote: But should you need to stop and start it, just kill off the [sn]mbd processes and fire them off manually. Use /etc/rc.local as your command line flag/switch reference point. ~BAS IMPORTANT: This message contains confidential

Re: configuration tweaks for CF-based systems?

one month of Blockbuster Total Access, No Cost. http://tc.deals.yahoo.com/tc/blockbuster/text5.com -- Brian A. Seklecki [EMAIL PROTECTED] Collaborative Fusion, Inc.

Re: Vlan tagging and Carp

On Wed, 2008-03-26 at 09:32 -0400, G 0kita wrote: Hello all! I'm having some trouble with getting an OpenBSD box to properly tag packets via 802.1Q. I'm setting up an OpenBSD4.2 router pulling data off a trunk port on a Cisco 2960 switch. I can see the packets traverse the stack upwards but

Re: Vlan tagging and Carp

On Wed, 2008-03-26 at 10:01 -0400, G 0kita wrote: --- Nah, a /29 is the smallest WAN space you can use for a CARP - CARP (or HSRP/VRRP) Ethernet WAN transport. If you have that budget and business need, then you can afford the hardware and IP space. Remember, you can always use _RFC1918 private

Re: PF and application level firewall

-- Brian A. Seklecki [EMAIL PROTECTED] Collaborative Fusion, Inc. IMPORTANT: This message contains confidential information and is intended only for the individual named. If the reader of this message is not an intended recipient (or the individual responsible for the delivery of this message

Re: openbsd router hardware

On Wed, 2008-03-05 at 09:55 -0800, Joe wrote: Perhaps you got a bad board in your past? I've had 10 years of bad VIA chipsets (pciide(4), etc.) Anyone who has been on the lists for a few years knows the same old story. Results 1-10 of about 3,170 for bsd VIA ATA dma error ~BAS

Re: openbsd router hardware

On Sun, 2008-03-02 at 09:04 +0100, Joerg Zinke wrote: This will be my first VIA Board, will see how it works... That's great news. I run some VIA -- not at all bad. But they've still got a long way to go before they re-earn the community's trust. A decade of problems doesn't just go away

Re: openbsd router hardware

On Mon, 2007-12-24 at 13:29 +0100, Joerg Zinke wrote: Hi, I'm looking for hardware to install an openbsd based dsl-router. I already searched the list archives and looked at WRAP and Soekris, but it seems that they do not match my requirements: - fanless - as small as possible - Soekris

Re: libc.so.39.3

It would be in the base.tgz in release 3.9 You may have upgraded and an old binary may be linked against the old version. Try making a symlink. On Sat, 2008-02-23 at 14:07 -0500, Jay Hart wrote: On base OpenBSD 4.2. What package should I install to get the above library? Thanks, Jay

Re: libc.so.39.3

On Sat, 2008-02-23 at 12:30 -0700, Theo de Raadt wrote: No, do not make a symbolic link. Right, for the record and mail archives, a symlink would only be a temp solution and is not guaranteed (likely even) to solve the problem. Obviously, Jay is not working on in a production environment,

Re: Watching the prgress of dd if=drive1 of=drive2

On Sat, 2008-02-23 at 12:15 -0800, Jon wrote: I'm using dd to clone a drive. How can I watch the progress of this or see the transfer rate in real time? http://www.openbsd.org/cgi-bin/cvsweb/src/bin/dd/dd.c?rev=1.15content-type=text/x-cvsweb-markup main(int argc, char *argv[])

Re: Watching the prgress of dd if=drive1 of=drive2

On Sat, 2008-02-23 at 12:15 -0800, Jon wrote: I'm using dd to clone a drive. How can I watch the progress of this or see the transfer rate in real time? It should accept SIGINFO (control+G) on most terminals. You may also be able to compile progress(1) ~BAS IMPORTANT: This message

Re: Thank you: Re: Watching the prgress of dd if=drive1 of=drive2

On Sat, 2008-02-23 at 13:46 -0800, Jon wrote: on some learning paths here. This mailing list is awesome. Thank you. just remember that when 4.3 CD pre-release-sales are announced :) IMPORTANT: This message contains confidential information and is intended only for the individual named. If

Re: Remote syslog

syslog-ng + transport mode IPSec (or tunnel, if you have infrastructure on either end). use pf(4) to ensure that only IPSec peers can write. ~BAS On Tue, 2008-02-19 at 21:42 -0700, Steve B wrote: and whether you are doing it over SSH or IPSEC? I have looked at various

Re: Projector/external monitor not working on OpenBSD 4.2-current on Thinkpad X60

read the man page i810(4): Option MonitorLayout anystr Allow different monitor configurations. e.g. CRT,LFP will configure a CRT on Pipe A and an LFP on Pipe B. Regardless of the primary headsb pipe it is always configured as PIPEA,PIPEB.

Re: vlan configuration: off-topic

maybe and *BSD vlan(1) wont transmit VLAN 1 as tagged (per spec) Correct -- Thank you. I misspoke. It _will_ transmit it tagged as VLAN1 (if vlan1 interface is defined), but whether the receiving VLAN1 interface on the PowerConnect can ever receive is anyone's guess. I suppose it

Re: vlan configuration: off-topic

On Sun, 2008-01-20 at 00:11 +, Mike wrote: Hey Brian, I read your post about removing dell switches from your network. Just curious which models are you referring to? PowerConnect 27xx Managed Entry-Level. Everything else is a re-branded Cisco with a crippled ISO version. ~BAS

Re: vlan configuration: off-topic

On Fri, 2008-01-18 at 11:49 -0200, John Nietzsche wrote: Dear gentleman, i am starting with vlan topic right now. I am in need to get two dell powerconnect 2724 switches to implement 3 vlan. I know how to The Dee PC2724 cant move its mgmnt vlan from VLAN1, and *BSD vlan(1) wont transmit VLAN

Re: Trouble Installing OpenBSD 4.2 stable

On Fri, 2007-12-28 at 17:16 -0600, Alan Hamlett wrote: Currently running OpenBSD i386 3.8 with one 20GB IDE drive at wd0a and one 250gb IDE drive all partitioned for bsd. Trying to install OpenBSD i386 4.2 from install42.iso by trading the 250gb drive for a cd-rom drive. I keep getting

Re: Had a strange problem with CARP preemption

On Thu, 2007-12-20 at 15:31 +1100, Dave Harrison wrote: Because carp doesn't log it's state changes etc, I've been writing the Over Christmas, I may backport the FreeBSD carp(4) logging improvements and submit them with kernel/5512. ~BAS

Re: no 4.2-stable package updates??

critical patches, and those should be pulled into 4.2-stable. Unfortunately, it isn't that easy. Some updates imply updates of depending ports (e.g. poppler and evince), which may imply further updates of dependencies. So you'll end up with -current -- more or less, including more

Re: no 4.2-stable package updates??

ports. Personnaly, I use -current (base+packages) everywhere. But this is just me. -- Brian A. Seklecki [EMAIL PROTECTED] Collaborative Fusion, Inc. IMPORTANT: This message contains confidential information and is intended only for the individual named. If the reader of this message

Re: How to test if pfsync is working?

On Sun, 2007-12-02 at 01:14 -0800, Jake Conk wrote: Hello, I have pfsync setup between two servers and they're connected to each The command that you're look for is: $ sudo netstat -s state | grep -A 17 pfsync pfsync: 0 packets received (IPv4) 0 packets received (IPv6)

Re: IPSEC bridge and pf

On Sun, 2007-12-02 at 19:08 -0500, tim wrote: my current pf configuration and add the use of the IPSEC bridge to that set up. Just check tcpdump -vvv -n -s 192 -i pflog0. Probably pass quick proto ipencap all etc.

Update RAIDFrame-Enabled ISO for 4.2

Updated diff, ISO image, build instructions. http://people.collaborativefusion.com/~seklecki/obsd_wRAIDFrame.html Note: There's a small problem with my regex in install.sub that prevents scanning of RAIDFrame boot lines in dmesg.boot. The work-around from the bsd.rd shell is to: $ export

Re: VPN Concentrator

On Fri, 30 Nov 2007, Khalid Schofield wrote: Hi, I'd like to make a VPN Concentrator using openbsd. I want users to be able to authenticate using usernames and passwords and to either nat the users or give them an ip from our main dhcp server via a bridge. That's a tall order. In Cisco-land

Re: pflog filling up /var mount every 2-3 days!

On Fri, 30 Nov 2007, Jake Conk wrote: Hello, I have my /var partitioned out to be 150mb which I thought was a You're probably getting a lot of log hits on a default block log all at the end of your rules. You can prevent a lot of crud by doing block quicks w/o log statements for the

Re: snmpd on current

On Wed, 21 Nov 2007, Insan Praja SW wrote: Date: Wed, 21 Nov 2007 18:45:47 +0700 From: Insan Praja SW [EMAIL PROTECTED] To: misc@openbsd.org misc@openbsd.org Subject: snmpd on current Hi all, I'm currently running 4.2-current and installing net-snmp-5.4.1 from ports (updated). Something is

Re: Site-to-site IPSec VPN between OpenBSD and Cisco PIX 515E

On Thu, 22 Nov 2007, Shohrukh Shoyoqubov wrote: Date: Thu, 22 Nov 2007 09:46:54 +0500 From: Shohrukh Shoyoqubov [EMAIL PROTECTED] To: misc@openbsd.org Subject: Re: Site-to-site IPSec VPN between OpenBSD and Cisco PIX 515E From which machine do I have to do ping -I A.B.C.D E.F.G.H pf has

Re: 4.1 fresh install dc0: failed to force tx and rx to idle state

I have cut and pasted the output from ifconfig and dmesg below. I do have a non tulip nic I might try tomorrow. Try a -current kernel. If it occurs, obtain a backtrace / kernel core dump and post it. Possibly file a PR if it is warranted. It might not get fixed quickly, so grab an

Re: PF problems

On Tue, 2007-11-13 at 14:17 -0200, Kleber Rocha wrote: 10.1.1.78 tries to access the ip 10.1.100.210 on port 8080, the If xl0 faces 10.1.1.0 (outside) and bge0 faces your local (inside) 10.1.100.0/24, then your pass in statement will create a state associated with inbound traffic. However, it

Re: OS not seeing all RAM (1GiB less)

On Mon, 2007-11-12 at 22:40 -0500, C Thala wrote: What would cause an 4.1 machine running on a Dell PowerEdge 1950 to see only 3,220,439,040 bytes of RAM as opposed to the 4GB that it really has (confirmed by BIOS)? A little something-something called PAE. You're probably running 4.1/i386?

Re: Clamav

On Mon, 2007-11-05 at 10:49 -0500, Peter Fraser wrote: get updates on the virus signatures. I was going to put Well how many local patches are there? Did you try to bump the port to the version you want? Just update the Makefile distinfo and see if the patches apply cleanly. ~BAS

Re: 4.2 won't boot after fresh installation

Ok, just tried rebooting with your suggestion of: boot -c disable fdc* boot Actually, I had to quit instead of boot It stopped at the same place: fd0 at fdc0 drive 0: 1.44MB 80cyl, 2 head, 18 sec Enable verbose in ukc. It often shows silent probes that fail and lock the system

Re: OpenBSD isakmpd and pf vs Cisco PIX or ASA

On Mon, 2007-11-05 at 07:23 +0100, Martin Toft wrote: On Mon, Nov 05, 2007 at 01:29:05AM +0100, Cabillot Julien wrote: Have you try openbsd 4.2 ? PF have been really improved in this release. pf(4) has nothing to do with isakmpd(8), except as it relates to recent addition of routing tags. -

Re: OpenBSD 4.2 hardware recommendation

On Sat, 2007-11-03 at 00:20 +0300, VP wrote: Hello! I have a network with 100 users and 7 servers and current firewall need to be replaced. I want to by brand server due to company policy. Brand as in put your company name on the hardware It can be SPARC or x86. But vendors don't

Re: OpenBSD 4.2 hardware recommendation

On Sat, 3 Nov 2007, Martin Schrvder wrote: You don't need one computer with two discs and two psus; instead get two systems and use carp to get HA. Also 2GB for a firewall is overkill. Spend the money on the NICs instead. If he's going to be doing local processing of pcap(4) data into some

Re: OpenBSD 4.2 hardware recommendation

If he's going to be doing local processing of pcap(4) data into some pcap(3), of course, is what I meant :}

Re: Custom Kernel for 4.2 upgrade

On Fri, 2007-11-02 at 20:21 +, Stuart Henderson wrote: On 2007/11/02 14:45, Jason Murray wrote: I have a 4.1 box that uses RAIDFrame so I need to compile a customer kernel in order to upgrade. I know this is not supported, but it has worked (minus the one gotcha) for me from 3.6 until

Re: OpenBSD 4.2 hardware recommendation

On Sat, 2007-11-03 at 00:42 +0300, VP wrote: It can be SPARC or x86. But vendors don't officially support OpenBSD with their hardware. We need tower server with 1 proccessor, 2 gigs of RAM, 2 SCSI disks and 2 power supply. Does anyone recommend brand server which supports For a

Re: Server trouble shooting

Since I can't connect successfully via ssh is there anything else I could be doing remotely? ...you could be researching a Lights-out-Management solution for your server (Dell DRAC, Sun LOM). Best all-around solution is a PC-Weasel (realweasel.com) connected to the system next to it (Or a

Re: OpenBSD Sound

On Wed, 2007-10-31 at 14:51 +, Tomas Bodzar wrote: And still one thing When I was try OpenBSD (I think that was 3.8),I use WindowMaker,Xmms and lots Some *BSD systems are adjusting PCM driver support to allow multiple process to open /dev/dsp / /dev/audio multiple times in-exclusively,

Re: CEF / MLS (WAS: Re: em(4) - IFCAP_VLAN_MTU IFCAP_VLAN_HWTAGGING ?)

On Mon, 2007-10-22 at 12:04 +0200, Henning Brauer wrote: * Claudio Jeker [EMAIL PROTECTED] [2007-10-22 08:17]: Fragment Reassembly does not happen in the forwarding plane, it happens on the end system. By doing flow based forwarding on the router you're no longer able to do all the

Re: Problem with MP on 4.2

first try to enable acpi and see what happens. Thanks. Enabling acpi did not make a difference, but then I disabled apm and it's working. Right -- all of the example ukc output shows how to enable acpi0 but no one ever shows how to disable apm0. ~BAS Abdul HTH, Stijn

Re: OpenBSD 4.2 RAIDFrame mirror

On Thu, 2007-10-25 at 10:50 +0200, Dominik Zalewski wrote: Dear All, I have a machine with two Maxtor 160GB hard disks. I've installed OpenBSD 4.2 on first one and I would like to use second one as a mirror. If you really want to kick as the dead horse, I can probably roll a 4.2 install

Re: SUMMARY: Still unable to get Cyclades Z serial ports working with OpenBSD

On Thu, 2007-10-25 at 14:39 -0700, Don Jackson wrote: no channels at tached Well, no channels attached tells me its a hardware issue (cables`n`shit), or the software failing to properly probe the hardware. Does it work in another system under another platform (Linux LiveCD, etc.). I use

Re: Installing the latest snapshot freezes on i386

On Tue, 2007-10-23 at 01:42 -0700, Reza Muhammad wrote: Hi all, I just recently purchased a brand new HP Pavilion G3035L Desktop PC (spec: http://www.anugrahpratama.com/product/21/1092/HP-Pavilion-G3035L-Desktop-PC). It's using Intel Core Duo processor. I tried to install OpenBSD's

Re: Performance problem with CF card on AMD CS5536 IDE

pciide0 at pci0 dev 15 function 2 AMD CS5536 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: Turbo Industrial CF Card wd0: 1-sector PIO, LBA, 1983MB, 4062240 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2

CEF / MLS (WAS: Re: em(4) - IFCAP_VLAN_MTU IFCAP_VLAN_HWTAGGING ?)

On Mon, 2007-10-22 at 00:12 +0100, Tony Sarendal wrote: On 10/21/07, Henning Brauer [EMAIL PROTECTED] wrote: I'll throw this out there since its been something on my mind for a while: Hardware VLAN tagging, TOE offload, IP/UDP/TCP Checksum offload, interface polling are all ways to accelerate

Re: ipsec(4) routing for a branch offices

PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian A. Seklecki Sent: Thursday, October 18, 2007 2:02 AM To: misc@openbsd.org Subject: ipsec(4) routing for a branch offices On a variety of 3rd party platforms, I often establish an SA between two IPSec devices with a /16 of RFC 1918

Re: em(4) - IFCAP_VLAN_MTU IFCAP_VLAN_HWTAGGING ?

On Thu, 18 Oct 2007 14:16:59 +0100 Tony Sarendal [EMAIL PROTECTED] wrote: Just a 5 minute quick test, nothing too scientific. Thanks! What was your IXIA platform? RHEL with gig interface or an appliance? ~BAS -- Brian A. Seklecki [EMAIL PROTECTED] IMPORTANT: This message contains

Re: vlan hostname.if problem

! -- Brian A. Seklecki [EMAIL PROTECTED] Collaborative Fusion, Inc. IMPORTANT: This message contains confidential information and is intended only for the individual named. If the reader of this message is not an intended recipient (or the individual responsible for the delivery

ipsec(4) routing for a branch offices

x.east.verizon.net vpncxxx.pub.collaborativefusion.com spi 0x0ACAEE17 seq 89 len 116 ICMP packets giving me the old slip-a-roo out the back door :} -- Brian A. Seklecki [EMAIL PROTECTED] IMPORTANT: This message contains confidential information and is intended only for the individual named

em(4) - IFCAP_VLAN_MTU IFCAP_VLAN_HWTAGGING ?

* -lava (Brian A. Seklecki - Pittsburgh, PA, USA) http://www.spiritual-machines.org/

Re: Cisco 3002 VPN client to OpenBSD?

On Fri, 2007-10-05 at 18:50 -0400, Rod Dorman wrote: On Friday, October 5, 2007, 15:14:41, Jeff Simmons wrote: On Friday 05 October 2007 01:17, Claer wrote: The Cisco client license forbids explicitely to connect to anything but Cisco Hardware. You could rip the ISA controller out of a Pix

Re: Cisco 3002 VPN client to OpenBSD?

On Fri, 2007-10-05 at 12:14 -0700, Jeff Simmons wrote: On Friday 05 October 2007 01:17, Claer wrote: The Cisco client license forbids explicitely to connect to anything but Cisco Hardware. If that's so, then legal forgot to tell marketing. ;-) The Cisco VPN 3002 Hardware Client works

Re: Cisco 3002 VPN client to OpenBSD?

. ~BAS On Wed, 2007-10-03 at 20:32 -0700, Jeff Simmons wrote: 3002 -- Brian A. Seklecki [EMAIL PROTECTED] Collaborative Fusion, Inc. IMPORTANT: This message contains confidential information and is intended only for the individual named. If the reader of this message is not an intended

Re: hardware for vpn

On Thu, 2007-10-04 at 15:24 +0200, Marc Balmer wrote: Tang Tse wrote: Just one question regarding VPNs OpenBSD and HW, is there any recomendation for hardware? i mean, i want to setup a VPN between 2 offices and i need some reasonable speed.. with a computer with some recent hardware do i

Re: hardware for vpn

On Thu, 2007-10-04 at 17:54 +0200, Piotrek Kapczuk wrote: 2007/10/4, Brian A. Seklecki [EMAIL PROTECTED]: I'm demo'ing some 1U P4-class network appliance hardware that will probably fit your needs well. See URLs below. [...] http://code.google.com/p/bsd-appliance/wiki

Re: Soekris vpn1401 and vpn1411 (use Hi/fn 7955 security accelerator chip) supported?

Timo Schoeler [EMAIL PROTECTED] wrote: On an semi-related note, I recently tested the vpn1411 in a significantly faster (2.8GHz P4 Celeron D): des3/3des: w/ acceleration: # time dd if=/dev/zero bs=1m count=100 | openssl des3 -pass pass:test -engine cryptodev -out /dev/null engine cryptodev

Re: Asking abt my PF

To get debugging info out of pf(4): $ sudo pfctl -x loud Also check netstat -s for layer 3/4 errors, and netstat -m for kernel memory resource consumption, and ifconfig -i(?) for layer 2 errors. ~BAS On Tue, 2007-10-02 at 14:20 +0700, dika wrote: Dear teams, Im using OpenBSD4.1 for my

Re: ipsec with carp

Also: 1) Does the documentation in ipsec(4) / isakmpd.conf(5) / sasyncd.conf(5) imply that all policies / security associations should be between the CARP HA L3 address? 2) Is your isakmpd(8) binding to wildcard address? 3) Did this problem evolve with the implementation of sasyncd(8) or did

Re: ipsec with carp

. The other side is in passive mode. Thanks for the replies. Patrick Brian A. Seklecki schrieb: Also: 1) Does the documentation in ipsec(4) / isakmpd.conf(5) / sasyncd.conf(5) imply that all policies / security associations should be between the CARP HA L3 address? 2) Is your

Re: RAID1 powerloss - can parity rewrite be safely backgrounded?

I know it is a lot faster but would that solve the parity problem on boot completely? 'man bio' doesn't seem to answer that. For a variety of reasons, hardware raid controllers handle ungraceful shutdown better -- onboard batteries for the HBA's RAM/Cache, etc. Hardware RAID almost never goes

Re: RAID1 powerloss - can parity rewrite be safely backgrounded?

raid(4) hasn't been touched in a while (years), so short answer: No. NetBSD is still actively committing to it, though, and has functional background parity recalculation. I understand there is interest in replacing RAIDFrame instead of resynchronizing the subtree. In the mean time, find a

Re: SOLVED? Re: 4.0 - 4.1 broke ipsec

Ok, it's running now. The cause was not the move from 4.0 - 4.1, but the move from a diskful to a diskless setup: The machine mounts its root fs via nfs. WHAT?!?!?! What the heck kind of security-minded sanity check would fail based on the underlying VFS? Did you eventually get a PR open

Re: IDE or SCSI virtual disks for VMWare image?

Any word on the degraded performance of fork operations inside the vmware server guest? Or am I imagining that thread of e-mails? ~BAS On Sat, 2007-07-07 at 10:04 -0500, Todd Pytel wrote: On Sat, 2007-07-07 at 10:44 -0400, Nick Holland wrote: There's the answer to your question: For your

Re: Config problem of Intel 915GM

Safe to ignore - most i810 devices have duplicate PCI bus entries for the internal and external video. Both are drive by the same logical GPU, though. ~BAS On Sun, 2007-07-01 at 00:21 +0800, Alex Kwan wrote: Hello! When I exit from the X, I got following warning message: I810: No matching

Re: installing jdk-1.5 on 4.1 (i386) error

Try to 'tar tzvf [file]' each member. Do any of them exit with Unexepected EOF ? That means that the download never completed that the file is truncated (which leads to the SHA1 and Size mismatch) ~BAS On Sun, 19 Aug 2007, Chris wrote: I downloaded all the packages put them in

Re: OBSD 4.1 drops to ddb with cdd0: error 22 on component 0 (and 1 (mirror))

This is the expected behavior for a failure on a CCD component. Try cutting the SATA cable to a live system some time; watch the kernel panic there as well. Suddenly it cant stat() / or read/write from swap. You're playing with fire with CCD anyway: RAID0. The stuff in 4.1 wasn't touched for

Re: Kernel MINIROOTSIZE 8192 = No Boot

and has a quick one-line fix such as this. (only to get a you're not running GENERIC response) I know there are people out there running embedded environments who were testing 4.1 during -current. ~BAS -- Brian A. Seklecki [EMAIL PROTECTED] Collaborative Fusion, Inc. IMPORTANT: This message

  1   2   3   >