Re: pre-orders for 5.0
Does anyone else feel like Christmas has come early when they see a pre- order announcement from Theo? Time to make my biannual order plus donation... On 2011-09-07 at 07:35:05, Theo de Raadt wrote: I have activated pre-orders for the 5.0 release -- it is scheduled for official release on Nov 1 on the FTP sites. As usual, we try to get CDs in people's hands slightly a few days before that. __ Daniel A. Ramaley Network Engineer 2 Dial Center 112, Drake University 2407 Carpenter Ave / Des Moines IA 50311 USA Tel: +1 515 271-4540 Fax: +1 515 271-1938 E-mail: daniel.rama...@drake.edu
Re: 4.9 errata page
On 2011-07-17 at 01:20:43, Theo de Raadt wrote: So far there hasn't been anything serious enough for an errata. That's a good thing, right? That is simply amazing. Thanks to all the developers for such a fine release! __ Daniel A. Ramaley Network Engineer 2 Dial Center 112, Drake University 2407 Carpenter Ave / Des Moines IA 50311 USA Tel: +1 515 271-4540 Fax: +1 515 271-1938 E-mail: daniel.rama...@drake.edu
Re: problem patching with 004: RELIABILITY FIX: November 17, 2010
On 2010-11-19 at 07:22:29, FUGU wrote: I should have read the docs. With OpenBSD and its excellent documentation, that's usually the solution. I can't count the number of times i was about to post to this list asking for help but ended up not sending anything because in the process of researching my problem i found the answers i needed. Occasionally the answers are in the list archive, but more commonly in the man pages or the FAQ. __ Daniel A. Ramaley Network Engineer 2 Dial Center 118, Drake University 2407 Carpenter Ave / Des Moines IA 50311 USA Tel: +1 515 271-4540 Fax: +1 515 271-1938 E-mail: daniel.rama...@drake.edu
Re: 4.6 arriving
Got mine in the USA yesterday. I agree, this release looks great. Thank you to everyone involved in getting another release done! On 2009-10-15 at 05:31:36, you wrote: my 4.6 arrived in the uk today from openbsd europe... thanks for the release to all developers. keep going! btw. my favourite 'looking' release to date. the cds looks cool. thank you -robbo -- Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: 4.5 delivery - How do they do it?
On 2009-04-20 at 19:56:15, you wrote: We are working on changes to do this trick in a variety of our deamons and in our kernel; precognition means that we can identify an upcoming period when such packets will come in -- packets which would defragment and subsequently arrange themselves into an attack above the socket layer. since we can precognitively pre-identify the risk, we can drop them right on the ethernet card and avoid even having them dma into memory! Well, we have only parts of this working in the tree. A few pieces are still missing, but Austin is trying a prototype of the algoritms and heuristics in his shipping operation. If you can get precognition working in the network stack, can the same technology be applied to other areas? I'm thinking perhaps you could adapt the precognition algorithm to generating commits to the CVS tree. Give it a very fast machine to run on, and you could accomplish the next 10 full years of OpenBSD development in time for the next release! Once precognition is fully working, i have a humble suggestion that you work on a time travel module next. I don't know if that can be done purely in software though... Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: [semi-OT] Can anyone recommend an OpenBSD-compatible colour laser printer?
On 2009-04-05 at 13:26:54, Martin Schrvder wrote: 2009/4/5, ropers rop...@gmail.com: - The printer should work with OpenBSD without a hitch, and by that I don't mean can sometimes be gotten to work by endlessly tweaking CUPS, and I also don't mean can be gotten to work with compat_linux and a binary blob, Get one with PostScript and a NIC. In my experience, that is the correct answer. At various times in the past i've tried to get non-PostScript printers working with different Unix-like operating systems (including OpenBSD). Unless your time is very cheap, it is usually better just to buy something with PostScript. And if it has built-in networking, even better. Buying a printer with a NIC is easier than setting up printer sharing on a computer. As for the original poster's HP aversion... i've had good luck with HP. At home i use an HP 2605dn, a duplexing color laser printer that has worked beautifully for my light use. That exact model is probably no longer available since HP regularly rotates their consumer models, but they undoubtedly have something similar today. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: How to break the httpd's 4G file size limit?
On 2009-03-10 at 14:34:30, you wrote: I want to set up the web server to share file, but i know apache-1.3.x (which is openbsd default httpd) had the 4G file size limit, can i break this limit? I don't know the correct answer to this question, but i thought of a possible work-around in the event the answer is no. Could you write a CGI program that serves the file? I don't know where Apache's 4 GB limit is. But if the limitation is in how Apache accesses the filesystem and not in how it manages network connections, then maybe a program that is capable of reading large files could get around the limit. This would most likely require mangling the URLs to the large files to really point to the program, unless you can do some mod_rewrite magic. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Pre-Order Prizes
On 2009-03-02 at 16:45:00, Theo de Raadt wrote: Sorry, but I am not going to spend my time making coffee mugs. Thank you. I really like OpenBSD and contribute with money. I already have enough coffee mugs. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Unfortunate dot was ... missing
Firstly, don't panic. I think if you recreate /dev with the appropriate permissions, add the MAKEDEV script and run it, that everything will be fine. You might have to do all this after booting from a CD though and mounting the filesystem. Here's what the permissions look like on my 4.4 system: drwxr-xr-x 3 root wheel 20992 Jan 20 07:00 /dev If you can't get the MAKEDEV script, e-mail me privately and i'd be happy to send a copy from my system. For your own assurance that the source is trustworthy, it would probably be better to get it from the install CD though. On Tuesday February 24 2009, Jean-Francois wrote: All, I just forget the dot !! in the 'rm -r ./dev' so I have no /dev anymore on my server box. One can tell me if this is possible to backup the system without freshh install ? This is a i386 4.4 OpenBSD. One could eventually send me a way or another the full /dev in case this option actually works ? Thanks JF -- Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Backup strategies
On Tuesday February 3 2009 21:16, you wrote: rsync -aHESvv --delete \ --exclude '/home/jonathan/crypt/*' \ --exclude '/mnt/oxygen/home/jonathan/crypt/*' \ /home/jonathan/ /mnt/oxygen/home/jonathan/ This works fine except that the --exclude options are not honored (files under those directories are still copied). I don't know what's wrong there... [...] how about using double-quotes instead? for eg., --exclude /home/jonathan/crypt/*. your shell might be preventing rsync from looking what's inside the quotes... I think rsync needs to see the asterisks, not the shell. So single quotes are correct. In my own scripts, when i wanted to exclude a directory i used to specify just the directory with no wildcard and it worked. Example: --exclude '/home/jonathan/crypt' However, that would also exclude /home/jonathan/crypt2 as collateral damage. This format is what i use now and does what i think you want: --exclude '/home/jonathan/crypt/**' Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: ftp-proxy on a nat firewall
I've gotten a couple of off-list replies with suggestions to try. I
greatly appreciate any ideas, but still have not had any luck so far.
I've trimmed my ruleset and adjust some of it to be more permissive.
Any ideas as to why ftp-proxy still doesn't work?
ext_if = vr0
int_if = fxp0
icmp_types = { echoreq, unreach }
# options
set block-policy return
set loginterface $ext_if
set skip on lo
# packet hygiene
scrub in all fragment reassemble
# nat
nat on $ext_if from !($ext_if) - ($ext_if)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021
# filter rules
#block in all
#block quick inet6 all
anchor ftp-proxy/*
pass out keep state
pass out quick proto tcp from lo to any port ftp
pass in inet proto icmp all icmp-type $icmp_types keep state
#pass from !($ext_if) to any keep state
pass from any to any keep state
On Wednesday January 21 2009 09:33, you wrote:
Hello. I haven't gotten much response on my ftp-proxy issue, but i
realized that i forgot to include the all-important dmesg. I don't
know that it would help any, but it is below. Has anyone else gotten
ftp-proxy on 4.4-stable to work?
OpenBSD 4.4-stable (GENERIC) #1: Mon Jan 12 12:36:24 CST 2009
r...@crufty.ramaley.net:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: VIA Samuel 2 (CentaurHauls 686-class) 534 MHz
cpu0: FPU,DE,TSC,MSR,MTRR,PGE,MMX
real mem = 534278144 (509MB)
avail mem = 508186624 (484MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 11/14/02, BIOS32 rev. 0 @
0xfb370, SMBIOS rev. 2.2 @ 0xf0800 (29 entries)
bios0: vendor Award Software International, Inc. version 6.00 PG
date 11/14/2002
bios0: VIA TECHNOLOGIES, INC. EPIA
apm0 at bios0: Power Management spec V1.2 (slowidle)
apm0: AC on, battery charge unknown
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xf/0xdce4
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdc70/112 (5 entries)
pcibios0: PCI Exclusive IRQs: 10 11 12
pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8231 ISA rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xc000 0xcc000/0xa000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 VIA VT8601 PCI rev 0x05
ppb0 at pci0 dev 1 function 0 VIA VT82C601 AGP rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 Trident CyberBlade i1 rev 0x6a
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
agp0 at vga1: v2, aperture at 0xd000, size 0x1000
drm at vga1 unsupported
pcib0 at pci0 dev 17 function 0 VIA VT8231 ISA rev 0x10
pciide0 at pci0 dev 17 function 1 VIA VT82C571 IDE rev 0x06: ATA100,
channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at pciide0 channel 0 drive 0: IEI Global Sourcing - EDC 1GB
wd0: 1-sector PIO, LBA, 999MB, 2047248 sectors
wd0(pciide0:0:0): using PIO mode 4
pciide0: channel 1 disabled (no drives)
uhci0 at pci0 dev 17 function 2 VIA VT83C572 USB rev 0x1e: irq 12
uhci1 at pci0 dev 17 function 3 VIA VT83C572 USB rev 0x1e: irq 12
viaenv0 at pci0 dev 17 function 4 VIA VT8231 PMG rev 0x10: 24-bit
timer at 3579545Hz
vr0 at pci0 dev 18 function 0 VIA RhineII-2 rev 0x51: irq 10,
address 00:40:63:e2:00:8b
ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 10: OUI
0x004063, model 0x0032
fxp0 at pci0 dev 20 function 0 Intel 8255x rev 0x08, i82559: irq 11,
address 00:03:47:40:45:95
inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 VIA UHCI root hub rev 1.00/1.00 addr 1
usb1 at uhci1: USB revision 1.0
uhub1 at usb1 VIA UHCI root hub rev 1.00/1.00 addr 1
biomask f36d netmask ff6d ttymask
softraid0 at root
root on wd0a swap on wd0b dump on wd0b
vr0: watchdog timeout
On Monday January 19 2009 14:46, you wrote:
Hello. I'm setting up an OpenBSD (4.4-stable) NAT firewall (with a
couple servers behind it) for the first time. Everything seems to
work except for active ftp from machines behind the firewall. Active
ftp connections made from the firewall itself do work, though. I do
have net.inet.ip.forwarding turned on, and ftp-proxy enabled.
I'll paste my full pf.conf at the end of this message, but here are
the lines i believe are relevant to ftp-proxy:
nat on $ext_if from !($ext_if) - ($ext_if)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021
anchor ftp-proxy/*
pass out proto tcp from lo to any port ftp
I have tried starting ftp-proxy with the debugging turned
Re: Find - Sillyness
On Friday January 23 2009 08:07, you wrote:
I am sure it's got something to do with the way I am quoting but it's
not making a lot of sense at this point.
Here is the actual command I am trying to run and it's error
output.
spider:/var/logtransfer/dc-fw1# find . -name pflog.*.gz -exec zcat {}
| tcpdump -entttv -r - \;
find: -exec: no terminating ;
tcpdump: fread: Invalid argument
You're right, the problem is quoting. The shell interprets everything
after the pipe character (|) as a separate command, so find never
receives the semi-colon.
For something this simple, i'd suggest moving the pipe outside of the
find command:
find . -name pflog.*.gz -exec zcat {} \; | tcpdump -entttv -r -
For more complicated situations, you can use a structure more like this:
find . -name pflog.*.gz -print0 | while read -d $'\0' file ; do \
echo Now processing ${file} \
zcat $file | tcpdump -entttv -r - \
done
For your particular situation, not using a find at all might work:
gunzip -c pflog.*.gz | tcpdump -entttv -r -
That could fail if pflog.*.gz expands to so many files that it
overflows the maximum command length, but otherwise should work the
same.
Dan RamaleyDial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540Des Moines IA 50311 USA
Re: Find - Sillyness
Remove the quotes from echo {}. The No such file or directory error
is because find cannot run a program named echo ./daemon.2.gz. Remove
the quotes and it will try to run echo with an argument
of daemon.2.gz.
On Thursday January 22 2009 13:54, you wrote:
I know this is more of a general 'huh' kind of thing, but I figured
someone could kick start my brain for me. Anyone know why this
doesn't work? It appears to find the files ok but the -exec part
thinks it can't?
spider:/var/log# find . -name daemon.*.gz -exec echo {} \;
find: echo ./daemon.2.gz: No such file or directory
find: echo ./daemon.1.gz: No such file or directory
find: echo ./daemon.5.gz: No such file or directory
find: echo ./daemon.4.gz: No such file or directory
find: echo ./daemon.3.gz: No such file or directory
find: echo ./daemon.0.gz: No such file or directory
--
Dan RamaleyDial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540Des Moines IA 50311 USA
Re: ftp-proxy on a nat firewall
Hello. I haven't gotten much response on my ftp-proxy issue, but i
realized that i forgot to include the all-important dmesg. I don't know
that it would help any, but it is below. Has anyone else gotten
ftp-proxy on 4.4-stable to work?
OpenBSD 4.4-stable (GENERIC) #1: Mon Jan 12 12:36:24 CST 2009
r...@crufty.ramaley.net:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: VIA Samuel 2 (CentaurHauls 686-class) 534 MHz
cpu0: FPU,DE,TSC,MSR,MTRR,PGE,MMX
real mem = 534278144 (509MB)
avail mem = 508186624 (484MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 11/14/02, BIOS32 rev. 0 @ 0xfb370,
SMBIOS rev. 2.2 @ 0xf0800 (29 entries)
bios0: vendor Award Software International, Inc. version 6.00 PG date
11/14/2002
bios0: VIA TECHNOLOGIES, INC. EPIA
apm0 at bios0: Power Management spec V1.2 (slowidle)
apm0: AC on, battery charge unknown
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xf/0xdce4
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdc70/112 (5 entries)
pcibios0: PCI Exclusive IRQs: 10 11 12
pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8231 ISA rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xc000 0xcc000/0xa000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 VIA VT8601 PCI rev 0x05
ppb0 at pci0 dev 1 function 0 VIA VT82C601 AGP rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 Trident CyberBlade i1 rev 0x6a
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
agp0 at vga1: v2, aperture at 0xd000, size 0x1000
drm at vga1 unsupported
pcib0 at pci0 dev 17 function 0 VIA VT8231 ISA rev 0x10
pciide0 at pci0 dev 17 function 1 VIA VT82C571 IDE rev 0x06: ATA100,
channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at pciide0 channel 0 drive 0: IEI Global Sourcing - EDC 1GB
wd0: 1-sector PIO, LBA, 999MB, 2047248 sectors
wd0(pciide0:0:0): using PIO mode 4
pciide0: channel 1 disabled (no drives)
uhci0 at pci0 dev 17 function 2 VIA VT83C572 USB rev 0x1e: irq 12
uhci1 at pci0 dev 17 function 3 VIA VT83C572 USB rev 0x1e: irq 12
viaenv0 at pci0 dev 17 function 4 VIA VT8231 PMG rev 0x10: 24-bit
timer at 3579545Hz
vr0 at pci0 dev 18 function 0 VIA RhineII-2 rev 0x51: irq 10, address
00:40:63:e2:00:8b
ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 10: OUI
0x004063, model 0x0032
fxp0 at pci0 dev 20 function 0 Intel 8255x rev 0x08, i82559: irq 11,
address 00:03:47:40:45:95
inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 VIA UHCI root hub rev 1.00/1.00 addr 1
usb1 at uhci1: USB revision 1.0
uhub1 at usb1 VIA UHCI root hub rev 1.00/1.00 addr 1
biomask f36d netmask ff6d ttymask
softraid0 at root
root on wd0a swap on wd0b dump on wd0b
vr0: watchdog timeout
On Monday January 19 2009 14:46, you wrote:
Hello. I'm setting up an OpenBSD (4.4-stable) NAT firewall (with a
couple servers behind it) for the first time. Everything seems to work
except for active ftp from machines behind the firewall. Active ftp
connections made from the firewall itself do work, though. I do have
net.inet.ip.forwarding turned on, and ftp-proxy enabled.
I'll paste my full pf.conf at the end of this message, but here are
the lines i believe are relevant to ftp-proxy:
nat on $ext_if from !($ext_if) - ($ext_if)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021
anchor ftp-proxy/*
pass out proto tcp from lo to any port ftp
I have tried starting ftp-proxy with the debugging turned up a bit and
i end up getting this:
# ftp-proxy -d -D 6
listening on 127.0.0.1 port 8021
#1 FTP session 1/100 started: client 192.168.1.16 to server
192.43.244.161 via proxy SNIP: my external IP
#1 active: server to client port 59694 via port 62694
#1 client close
#1 ending session
Note: i did change the output slightly--i removed my external IP. On
the client i logged in to an anonymous ftp server, then tried an
ls. When that hung, i hit Ctrl-C, which is logged as the client
close line.
What am i doing wrong? I'll put my full pf.conf below. If anything
seems amiss, i'd appreciate a whack with the clue stick.
ext_if = vr0
int_if = fxp0
icmp_types = { echoreq, unreach }
name_server = 192.168.1.2
email_server = 192.168.1.4
email_ports = { smtp, pop3 }
web_server = 192.168.1.5
web_ports = { http, https }
workstation = 192.168.1.16
workstation_ports = { ssh, 6881:6889 }
table
ftp-proxy on a nat firewall
Hello. I'm setting up an OpenBSD (4.4-stable) NAT firewall (with a
couple servers behind it) for the first time. Everything seems to work
except for active ftp from machines behind the firewall. Active ftp
connections made from the firewall itself do work, though. I do have
net.inet.ip.forwarding turned on, and ftp-proxy enabled.
I'll paste my full pf.conf at the end of this message, but here are the
lines i believe are relevant to ftp-proxy:
nat on $ext_if from !($ext_if) - ($ext_if)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021
anchor ftp-proxy/*
pass out proto tcp from lo to any port ftp
I have tried starting ftp-proxy with the debugging turned up a bit and i
end up getting this:
# ftp-proxy -d -D 6
listening on 127.0.0.1 port 8021
#1 FTP session 1/100 started: client 192.168.1.16 to server
192.43.244.161 via proxy SNIP: my external IP
#1 active: server to client port 59694 via port 62694
#1 client close
#1 ending session
Note: i did change the output slightly--i removed my external IP. On the
client i logged in to an anonymous ftp server, then tried an ls. When
that hung, i hit Ctrl-C, which is logged as the client close line.
What am i doing wrong? I'll put my full pf.conf below. If anything seems
amiss, i'd appreciate a whack with the clue stick.
ext_if = vr0
int_if = fxp0
icmp_types = { echoreq, unreach }
name_server = 192.168.1.2
email_server = 192.168.1.4
email_ports = { smtp, pop3 }
web_server = 192.168.1.5
web_ports = { http, https }
workstation = 192.168.1.16
workstation_ports = { ssh, 6881:6889 }
table martians persist { 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \
10.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, 0.0.0.0/8, \
240.0.0.0/4 }
# options
set block-policy return
set loginterface $ext_if
set skip on lo
# packet hygiene
scrub in all fragment reassemble
# nat
nat on $ext_if from !($ext_if) - ($ext_if)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021
# Port forwarding
rdr on $ext_if proto { tcp, udp } from any to $ext_if port domain -
$name_server
rdr on $ext_if proto tcp from any to $ext_if port $email_ports -
$email_server
rdr on $ext_if proto tcp from any to $ext_if port $web_ports -
$web_server
rdr on $ext_if proto tcp from any to $ext_if port $workstation_ports -
$workstation
# filter rules
block in all
block quick inet6 all
pass out keep state
antispoof quick for { lo, $int_if }
block in quick on $ext_if from martians to any
block out quick on $ext_if from any to martians
anchor ftp-proxy/*
pass out proto tcp from lo to any port ftp
pass proto { tcp, udp } from any to $name_server port domain
pass proto tcp from any to $email_server port $email_ports synproxy
state
pass proto tcp from any to $web_server port $web_ports synproxy state
pass proto tcp from any to $workstation port $workstation_ports
pass in inet proto icmp all icmp-type $icmp_types keep state
pass from !($ext_if) to any keep state
Dan RamaleyDial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540Des Moines IA 50311 USA
Re: Testing in a virtual environment
Thanks for the responses! I'll look into KVM and VMWare, and possibly some of the others. From the variety of responses it sounds like VirtualBox is the only virtualization software that *doesn't* work with OpenBSD though. Strangely enough, after asking my question, i reinstalled OpenBSD in VirtualBox with slightly different settings and now it is working just fine. I've managed to build a -stable release. I haven't tried running X, but just being able to compile is good enough for now. The settings i used that work on my machine are VirtualBox' defaults except for turning on VT-x/AMD-V, and within the VM i added softdep to the mount options in fstab. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Testing in a virtual environment
Hello. I have what is hopefully a quick question. Has anyone successfully run OpenBSD 4.4 in a virtualized environment? If so, which one? I've been trying to get it to run within VirtualBox 2.1 with limited success. (OpenBSD will install, but trying to compile software results in a crash.) It is *not* my intention to revive the discussion about how much insecurity a virtual environment adds[1]. I'm aware of the risks. I plan on using virtualized OpenBSD purely for testing and building -release that i can then push out to my production servers. The production servers of course run OpenBSD on bare hardware. [1] See http://marc.info/?l=openbsd-miscm=119318909016582w=2 Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: ftp from script
On Wednesday December 31 2008 13:34, you wrote: On Wed, Dec 31, 2008 at 9:42 AM, Christoph Leser le...@sup-logistik.de wrote: #!/usr/bin/perl `cd /path-to-dir`: `rm *`; You shouldn't be using backticks in a perl script. Backtick simply starts a new process/subshell and runs whatever you have in the backticks. If you're writing perl, use perl's syntax, and you won't have these issues. Try the below instead of the subprocess commands. Verify that unlink command first though; i don't work with globs in perl much and might have munged the syntax. chdir /path-to-dir; unlink *; -- Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Image::Magick help
On Thursday December 4 2008 14:12, Gabri Mate wrote: I'm running 4.3 and installed p5-PerlMagick from packages. When i try to load this module with one of my perl scripts it says: Can't load '/usr/local/libdata/perl5/site_perl/i386-openbsd/auto/Image/Magick/Mag ick.so' for module Image::Magick: Cannot load specified object at /usr/libdata/perl5/i386-openbsd/5.8.8/DynaLoader.pm line 230. Of course i have installed ImageMagick with x11 support. What do you suggest? Thanks in advance! Does the error become more informative if you add this to the top of your program, above where it tries to load the library? use strict; use warnings 'all'; use diagnostics; Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: 4.4 arriving in the U.S.
On Tuesday October 14 2008 12:19, you wrote: Today's mail delivered the 4.4 CDs near Boston, Mass. Also to Des Moines, Iowa. Many thanks to the developers, Agreed. Thank you developers! Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: contact info for PC Weasel?
Given the $350 price tag of the PCI version, it might even be cheaper to get a different motherboard. The PC Weasel site looks unmaintained; the order page only lets you set a credit card expiration date from 2002 to 2008. On Wednesday August 6 2008 15:58, Chris Cappuccio wrote: spend your money on a motherboard with serial console. like a supermicro board or something. you'll be happier. James Hartley [EMAIL PROTECTED] wrote: Does anyone have any information on contacting/ordering a PC Weasel? Their Website: http://www.realweasel.com/ Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: OpenBSD 4.3 FAQ in PDF?
On Tuesday July 22 2008 09:04, you wrote:
for i in 1 2 3 4 5 6 7 8 9; do
ftp http://openbsd.org/faq/faq0${i}.html
done
for i in 10 11 12 13 14 15; do
ftp http://openbsd.org/faq/faq${i}.html
done
Wouldn't it be simpler to be done in one loop?
for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do
ftp http://openbsd.org/faq/faq${i}.html
done
ftp http://openbsd.org/faq/index.html
Note that the 2 loops are not the same. You'd need:
for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do
ftp http://openbsd.org/faq/faq`printf %02d $i`.html
done
The number list could be collapsed into `seq 1 15` on a system with seq
installed.
Dan RamaleyDial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540Des Moines IA 50311 USA
Re: Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable to cache poisoning
On Wednesday July 9 2008 10:48, you wrote: Why haven't the developers posted a formal annoncement clearifing if the distributed BIND is vulnerable? If so, where the hell is the patch? Just curious, how much did you pay for your support contract? Clearly if you feel you are so entitled to a quick patch you must have paid a substantial sum in order to be so upset. Though i've given a few meager donations to OpenBSD, i have not paid for a support contract of any sort. Thus i am not entitled to any level of service and will have to wait patiently and without complaint just like everyone else. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: OT: Dissertation ideas for my degree
On Friday June 20 2008 18:09, you wrote: Oh god... Into my University it's almost the opposite, so much professors using MS Word(R) and still using the IEEE .doc template to write papers. ... Personally I dont understand why it's so fuckin difficult to understand that LaTeX it's great. I once had to do an assignment for a college class wherein the assignment specified it be submitted in MS Word format. What i did was write it in LaTeX, convert that to PDF, convert the PDF to images (1 per page), and then import the images into Word. (I'm not saying that's the *best* path from LaTeX to Word, but it was the first one i thought of that i could make work.) The resulting document was astonishingly large. But it met the requirements as they were written. I turned in the monstrous Word document and got full credit for it. I also complained to the professor about requiring Word documents, and for the next semester the format requirement was changed to PDF. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: OT: Dissertation ideas for my degree
On Friday June 20 2008 11:47, you wrote: There's a pretty good chance that TeX is going to become obsolete, and replaced by some HTML or XML derivative. Many technical publishers have already made the transition. See, for example, the following link from Cambridge University Press https://authornet.cambridge.org/information/productionguide/stm/XML_w orkflow.asp#xml_introduction https://authornet.cambridge.org/information/productionguide/stm/LaTex_workflow.asp Looks like they support LaTeX just fine. From that page, it even sounds like submitting in LaTeX will result in a a faster time to actual publication: LaTeX workflows are generally speedier than the XML or conventional equivalents. I saw no evidence that LaTeX is being replaced by XML. I did note that they say the majority of books use XML, but i'm guessing more potential authors these days have a word processor that can spit out some form of XML than know how to write LaTeX. Please note that i'm a bit biased though. For what few papers i have to write these days i use my favorite text editor to write LaTeX files. I've been using it for close to a decade. In that time i've found LaTeX has some similarties to OpenBSD. In either case, i've learned to trust that someone smarter than me (at least in the areas of page layout and Unix system administration) spent some time considering everything, and i should just use the default settings unless i have a legitimate reason for wanting to change them. In other words, don't turn the knobs just for the sake of turning them. By following that simple rule, it is quite fast and easy to write something in LaTeX, and the output is good. Similarly, setting up and using an OpenBSD system is fast and easy, and it just works. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Where I am? [Was: Rolling release?]
On Wednesday 23 April 2008 15:24, you wrote: The old saying goes, the only stupid question is the one that you don't ask. However, it should be modified for OpenBSD as, the only stupid question is the one you don't research before you ask. It's a tough crowd but in time you start to understand why. You may even come to not only understand it, but even appreciate it. I've asked questions before that could have been answered with enough research. Now i don't. Instead i go to greater effort to find an answer on my own. And if i still feel the need to ask, often in the process of composing a message and going through and making sure i've got all the details of my question correct, i stumble across something i missed and end up finding the solution and not needing to ask at all. As a result, these days i rarely ask anything, because there is simply no need. OpenBSD is so well documented and there is so much information already in the mailing list archive that needing to ask is very rare. OpenBSD and the -misc community has taught me how to do my own research. Knowing how to find answers to my future questions is far more valuable in the long run than merely being handed the answers when i ask. Thank you, both to the developers, and to the community on this mailing list. Now if only i could learn to write in the concise, information-dense style that Theo uses... the above could probably be condensed to 2 or 3 lines. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Optimising OpenBSD
On Tuesday 08 April 2008 18:07, you wrote: As part of my move from GNU/Linux to OpenBSD on my server, I just want to clarify what I need to do to ensure that I have performance optimised. I imagine, if you run the standard OpenBSD system on your servers for some time, you'll be satisfied. Exactly. When i first started using OpenBSD i would always compile my own kernel and change a lot of settings to make it more Linux-like. As i learned the system, i've stopped doing all that. All my OpenBSD machines run GENERIC and don't have many changes in /etc, nor many GNU packages or other bloat installed. The base system works out of the box very well, and the sooner you realize that, the happier you'll be because you'll have less maintenance to do, less to remember, and installations and upgrades will go much faster. Of course, if you want to run some service that isn't part of the base system, you'll have to add it and configure it. But for quite a few services (such as firewall, DNS, DHCP, NTP, even web), a pure OpenBSD install is usually sufficient and all you need to do is turn on the appropriate daemon by adding a line in /etc/rc.conf.local. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Firefox 2.0.0.12
On Monday 07 April 2008 14:00, you wrote: We'll provide you with a secure system, but.. hell, once you get it.. it won't be secure anymore, wait another 6 months, it'll be secure again. briefly. The developers provide a secure system that can be downloaded completely free of charge. If you want the system to remain updated with regards to patches, then you have to do the patching yourself. Note that the patches are also provided freely. What more do you want? Is it reasonable to expect any more? You're already getting quite a bit... The packages/ports might lag a bit from the base system. If you are that concerned about it, either lend a hand maintaining the packages important to you, or consider that perhaps OpenBSD is not the OS for you. You are not OpenBSD's target audience. The developers produce it for themselves. That you happen to be able to derive value from it should be considered as the generous gift it is, and treated as such. If you do not get enough value from it to make it worth using for you, then go find something else. There are plenty of other operating systems out there. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Hot spare synchronisation?
On Friday 08 February 2008 15:37, Douglas A. Tutty wrote:
I'd like to avoid root access as OpenBSD disables it by default for
a good reason. But so far it seems the most maintainable solution.
You could, with some work, do it differently. On the source box, make
a tarball of what you want on the destination box. This preserves
the ownership of the files. Rsync this over as whatever user. Have
a process on the target box, running as root, extract the tarball
into place.
Another idea, which is just a slight variation on the rsync-over-ssh
idea is to only allow a root login using a shared key that is coming
from a specific host and running a specific command:
In sshd_config set PermitRootLogin forced-commands-only. When you set
up the shared key, on the destination prepend something like this to
the key:
from=source.example.com,command=/path/to/validate-rsync
Make the validate-rsync an executable script with contents similar to
that below. I use this procedure to to rsync between machines where i
do not want root to be able to log in directly and it works just fine.
This idea is explained in greater detail here:
http://troy.jdmz.net/rsync/index.html
or by Googling with terms such as ssh and foced-commands-only.
My validate-rsync:
#!/bin/sh
case $SSH_ORIGINAL_COMMAND in
*\*)
echo Rejected
;;
*\(*)
echo Rejected
;;
*\{*)
echo Rejected
;;
*\;*)
echo Rejected
;;
*\*)
echo Rejected
;;
*\`*)
echo Rejected
;;
rsync\ --server*)
$SSH_ORIGINAL_COMMAND
;;
*)
echo Rejected
;;
esac
Dan RamaleyDial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540Des Moines IA 50311 USA
Re: multi-disk external scsi enclosures
On Wednesday 06 February 2008 22:38, Douglas A. Tutty wrote: Since this will be for a low-MHz box, it's BIOS probably won't like large drives either. That means SCSI. If the boxes aren't great or have room or provide cooling for SCSI drives, that makes it external. Could you use a small IDE boot drive and then have a relatively new IDE or SATA controller card with a larger drive plugged into it? That's the arrangement i use at home for my file server; the motherboard is too old to support large drives but a newer controller handles them just fine. Of course, then you'd have to worry about the radiation output of that controller card... Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: low-MHz server
On Wednesday 30 January 2008 12:35, Douglas A. Tutty wrote: My wife is sensitive to what she describes as electromagnetic fields. She gets headaches and other pains when exposed to equipment: the higher the frequency, the worse her symptoms. Rather than trying to find obsolete equipment that runs at a low frequency, would it be possible to build a Faraday cage around your computer? Has your wife had her sensitivity examined by medical professionals? Is it a physical problem or a psychosomatic condition? How does she react to fluorescent lights? Incandescents? How about driving near a radio transmission tower? Or for that matter, even being in a modern car? If there is an electronic device turned on in the next room but she is not aware of it, does she still experience pain? I don't need answers to these questions, but if there is a medical solution to your wife's sensitivity that might be easier than trying to banish all electronics. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: diff of the official FAQ
On Saturday 29 December 2007 00:34, Nick Holland wrote: And...just start at chapter 1 and start reading. :) Odds are, you didn't catch it all the first time, even things that didn't change will mean something to you now when it didn't the last time you looked. Exactly. About once a year i go back and reread the entire FAQ. Each time i learn something new and refresh my memory on things i knew but haven't used recently. (I have had people say to me, Hey, you are just looking at the docs, I thought you knew this? I WROTE the docs. Doesn't mean I remember anything more than 'where to look'.) I think knowing how to find information is more useful than having everything memorized without ever needing to look it up. Between work and family and friends i'm expected to varying degrees to support OpenBSD, Linux, Solaris, Mac OS X, and even Windows shudder. I can't remember how to do everything on all those systems. But i can remember how to look up information quickly. Thanks for all your hard work on the documentation. It is one of the things that make OpenBSD much easier to work with than other systems. For most of my questions i don't even bother using a search engine; i just go to the FAQ and more-often-than-not find the answer i wanted. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: FAQ on install ISO
On Friday 14 September 2007 10:36, you wrote: As every release, many things are changed in the FAQ. Finding and changing the things that need to be changed occupies a LOT of my time between lock and release days. Truly, thank you for your hard work. One of the many things that keeps me buying every release and making a (far too small) donation is the excellent documentation. I can't count the number of times that i was going to post a question to misc@ about something i couldn't figure out, but instead spent an hour reading and solved my problem on my own while gaining a deeper understanding of the software involved. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: That whole Linux stealing our code thing
On Saturday 01 September 2007 17:49, Rui Miguel Silva Seabra wrote: On Sat, Sep 01, 2007 at 04:40:53PM -0600, Theo de Raadt wrote: Most dictionaries I had at my hand define alternative as choices. You can get http://en.wiktionary.org/wiki/alternative Wow. Let's all go practice law with a dictionary. ? But you mentioned dictionaries first... You do realize that when it comes to legal documents, such as licenses, that general-purpose dictionaries are inadequate, right? If you want to look up legal terms, you need a law dictionary. I think that if one is ignorant enough of law that one needs to consult a legal dictionary for more than one or two terms in order to understand a document, then perhaps it would be best to either do a lot of studying to become more knowledgeable, or find someone with more legal training to interpret the document. As a layperson with little in-depth knowledge of legal code, that's how i see things anyway. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: OT Strange Punishment
On Tuesday 28 August 2007 10:32, you wrote: There is a bill before Congress now to roll back patent protection, notably in the field of software. American users of OpenBSD might want to follow this struggle, which is running into massive opposition from non-comp-sci patent holders. Software patents were just a bad idea to begin with. Patenting numbers and algorithms is ridiculous. I wish i had a patent on determining the total number of objects in a set when the numbers of objects in all mutually exclusive subsets of the set are known [my lame attempt to translate addition into patent-speak]. Imagine how much money i could make if i controlled such a basic operation! Oh wait, civilization as we know it would never have been able to develop and instead of working a civilized job at a computer i'd be in out hunting and gathering or (more likely) wouldn't have been born at all. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: scp batch mode?
On Wednesday 15 August 2007 13:50, you wrote: How can scp be run without prompting for a password? Set up ssh shared keys. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Macbook on Openbsd
On Wednesday 25 July 2007 01:13, you wrote: Why would any one use amd64 since it's not even a amd? Is it because it's a 64bit? Do both amd64 and i386/64bit share so much? My understanding (and i'm sure someone else will correct me if i'm wrong) is that AMD extended their processors with 64-bit instructions. This was after Intel released the Itanium, with its own set of 64-bit instructions. But for various reasons the Itanium was not a commercial success on the desktop market and eventually Intel adopted a slightly modified version of AMD's 64-bit instruction set for its desktop chips. AMD calls the architecture of its 64-bit chips AMD64 while Intel calls it Intel 64. Sometimes both are referred to as x86_64. Since AMD and Intel's implementation are very similar, it is possible (and very common) for a compiler to generate code that runs on both. Most operating systems that run on one run on both, though right now it seems most typical to label the architecture as amd64 regardless of whether it is running on an AMD or an Intel chip. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Regular Expression Problem
On Thursday 14 June 2007 07:44, you wrote: I have a problem with regular expressions and can not solve it. I wants to egrep from a big text file all mail addresses. The first edition of _Mastering Regular Expressions_ by Jeffrey E. F. Friedl has a Perl script which generates a 6.5 kB regex which should be able to match e-mail addresses reasonably accurately. That Perl script is available here: http://examples.oreilly.com/regex/readme.html Depending on how Perl-compatible egrep's regex parser is, you might have to modify the e-mail regex. But perhaps you can use it as a starting point. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Recommendation for a UPS
NUT = Network UPS Tools http://www.networkupstools.org/ Check the compatibility list. Even better, check the compatibility list for the version that is available in an OpenBSD package. The list will be in /usr/local/share/ups/driver.list after the package is installed. On Tuesday 17 April 2007 10:52, you wrote: what is the nut list On 4/15/07, bofh [EMAIL PROTECTED] wrote: Or, find an old ups with a serial port, make sure it's on the nut list, then buy replacement batteries at batteriesplus for ~$25 each. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Moving a 100GB directory tree with lots of hardlinks
Try something like this: rsync -avvHR /source/. /destination The -vv is optional, but will print a line for each file as it is being copied. If the copy is interrupted partway through, just run it again and it'll pick up where it left off. If you don't have rsync installed, look for it in packages or ports. On Friday 15 December 2006 10:22, you wrote: OpenBSD 3.7 - i386 Pentium 4 3GHz - 1GB RAM - 2GB swap Hello list, For the past 3 weeks, I have been working on a difficult problem: moving a backuppc (http://backuppc.sourceforge.net/) pool from a RAID0 to a big disk, in order to free the RAID0 before rebuilding a RAID5. The RAID0 has one partition, its size is 2112984700 blocks (512-blocks), roughly 1008GB, which is close to the maximum allowed by ffs. The big disk is 300GB. I need to move 96GB of data which are, due to backuppc design, full of hardlinks! So far, I have tried to use: 1) dd: impossible because the partitions cannot be the same size (and the RAID5 won't be the same size as the RAID0) 2) pax -rw: after transferring almost 70GB, it bails out with a Segmentation fault 3) tar to archive: after something like 60GB, it complains with some file name too long errors 4) gtar to archive (from package gtar-1.15.1p0-static.tgz): ends up with a gtar: memory exhauted error 5) dump to file: successful but 5') restore from file: stops even before starting due to a no memory for entry table error (there is still a lot of unused memory and swap - and no ulimit) Any help is appreciated because I really don't know what to do next. Matthias Bertschy Echo Technologies SA -- Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: mc function key problem
On Thursday 16 November 2006 14:26, you wrote: This problem is persistent over several releases of OpenBSD and on multiple i386 computers, both desktop and laptop: What type of terminal are you using? If you are logging in directly from the console, mc does not work quite right with the default vt220 terminal settings. To change it, edit /etc/ttys and change vt220 to pcvt25 for whichever consoles you use. I have run mc on most versions of OpenBSD that i've used (2.5 to 4.0) without difficulty after making this small change. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: OpenBSD 4.0 - Where is it?
On Thursday 26 October 2006 08:16, you wrote: I admit that I am not the most up to date on the release process, but why is 4.0 not out on the FTP server yet if people are receiving it in their homes on CD? From https://https.openbsd.org/cgi-bin/order: Will release and ship November 1 2006 If you order early you get it shipped early as a bonus. And how do I get on that list of people who get the pre-release? http://www.openbsd.org/orders.html Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Oldest Server you run
On Thursday 12 October 2006 13:54, Falk Husemann wrote: Hello List! We're trying to put an old server to good use again and would like to know what's exactly the oldest machine running OpenBSD? My home mail server was originally a 33 Mhz 486, but once 66 MHz CPUs became free i acquired one and upgraded that part: hw.machine = i386 hw.model = Intel 486DX2 (GenuineIntel 486-class) hw.ncpu = 1 hw.byteorder = 1234 hw.physmem = 20561920 hw.usermem = 20131840 hw.pagesize = 4096 I think the hard drive is a whopping 2.5 GB, almost all of which is free space. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: upgrading without physical access
On Friday 22 September 2006 00:39, you wrote: I have a machine running OpenBSD 3.6 on a remote location that I would like to upgrade. I only have ssh access unless I buy myself an expensive plane ticket. I wondered if there's a safe way to upgrade remotely or should I just wait until I get an opportunity to be in front of the machine. However you go about the remote upgrade, i strongly recommend finding a spare computer and configuring it as close as possible to the remote machine. Then upgrade the local computer through ssh as you plan on doing to the remote computer. Carefully document what you do and why you do it, and once you are sure you have succeeded with the local machine repeat the process on the remote machine. With this plan if something blows up hopefully it will happen first on the local machine and you can learn how to avoid the problem without buying a plane ticket. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: [OT] 2U Server
On Saturday 19 August 2006 03:13, you wrote: 1) Any chassis or supplier recommendations? Comments on Rackmountpro, since I have found this 2U chassis from rackmountpro ( http://www.rackmountpro.com/productpage.php?prodid=2421 ). I have purchased rackmount chassis from them before and been quite happy with the equipment. However, my experience with rackmount hardware is quite limited. I chose Rackmountpro because at the time they had the most affordable prices that i could find. If you do pick up a chassis from them, you may have to order sliding rails separately. But the rails are well worth it if you ever need to get inside the machine. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: DMESG question
On Monday 07 August 2006 08:15, Gabriel George POPA wrote: Most questions on this mail list require me to provide a valid output of dmesg. But if old messages are erased, how am I supposed to do this? Take a look at /var/run/dmesg.boot. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re:
On Monday 31 July 2006 09:41, you wrote: The SMART thing isn't that smart at all. Even after the server crashed twice due faulty harddrive, SMART keeps teeling me everything is OK. I think (someone with more knowledge may correct me if i'm wrontg) SMART communicates with the drive and asks the drive's electronics if anything is wrong. So SMART can only report problems that the drive detects. This is a SEAGATE SATA, only 1 year old. I'd expect a longer life of those drives. Am I wrong? Drives are rated with a mean time before failure. Though the number given is quite high on modern drives, it is still an average. Some percentage of the drives will die in a few months, some will last for 2 years, some for 5 years, etc. Most of the drives produced should last longer than people care to use them. I have a drive at home that has been running for over 8 years continuously (except for moving the computer or power outages). I have had other drives fail a couple months after purchase. [lengthy error messages removed] I've had many problems with hard drives. The types of errors that you are seeing correspond with errors i have received when i had a bad data cable. I haven't had cable problems with SATA, only parallel ATA. But i also have not used SATA drives very much yet (most of my equipment is old). My experience has been that data cables in PCs are made very cheaply and can spontaneously go bad. More often they go bad after being disturbed; have you had the computer open recently? Occasionally cables are even bad when new. I'd suggest replacing the data cable with a new one or one that is known good and see if you still get the errors. When i've had hard drive problems (especially if they are intermittent) i've usually been able to solve them by getting the highest quality cable i could find and using it instead of whatever i had been using. Replacing a cable (even with a relatively expensive new cable) is also much cheaper than getting a new drive, or paying shipping on a bad drive that is still under warranty. Good luck with your drive! I know that dealing with bad drives and cables can be quite frustrating. -- Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
sensors accuracy
How accurate are the sensors on most computers? I ask because after learning (thanks to a few kind individuals on this list) how to monitor sensors with OpenBSD 3.9, i have been checking the values on one of my computers (a VIA Epia machine with 533 MHz C3 processor) to get an idea of what normal looks like, only to discover some unexpected values: $ sysctl hw.sensors hw.sensors.0=viaenv0, TSENS1, temp, 18.10 degC / 64.58 degF hw.sensors.1=viaenv0, TSENS2, temp, 68.00 degC / 154.40 degF hw.sensors.2=viaenv0, TSENS3, temp, 3.70 degC / 38.66 degF hw.sensors.3=viaenv0, FAN1, fanrpm, 0 RPM hw.sensors.4=viaenv0, FAN2, fanrpm, 0 RPM hw.sensors.5=viaenv0, VSENS1, volts_dc, 2.49 V hw.sensors.6=viaenv0, VSENS2, volts_dc, 2.47 V hw.sensors.7=viaenv0, Vcore, volts_dc, 2.01 V hw.sensors.8=viaenv0, VSENS3, volts_dc, 5.38 V hw.sensors.9=viaenv0, VSENS4, volts_dc, 12.48 V According to viaenv(4), hw.sensors.0 is CPU temperature. I can almost guarantee the value printed by sysctl is incorrect; the ambient temperature in my apartment has lately been around 80 degF (roughly 27 degC), and the CPU is passively cooled. Again according to viaenv(4), hw.sensors.1 should be the system temperature. That one seems a bit high; the computer is barely warm to the touch, and is certainly not over 150 degF! Some of the voltage sensors also seem off, though the way in which they are off leads me to suspect that my machine runs on different voltages than the machine referenced when writing the documentation. For instance, viaenv(4) says VSENS1 and Vcore should be 2.0V and 3.3V, respectively. But on my machine they are very close to 2.5V and 2.0V. Is there a way to get hw.sensors to report sensible values for temperatures? Is my hardware broken? Or am i misunderstanding something? And of course, what would a post about hardware to misc be without a dmesg? Here it is: OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA Samuel 2 (CentaurHauls 686-class) 533 MHz cpu0: FPU,DE,TSC,MSR,MTRR,PGE,MMX real mem = 265854976 (259624K) avail mem = 235597824 (230076K) using 3270 buffers containing 13393920 bytes (13080K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(13) BIOS, date 11/14/02, BIOS32 rev. 0 @ 0xfb370 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xdce4 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdc70/112 (5 entries) pcibios0: PCI Exclusive IRQs: 10 11 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8231 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xc000 0xcc000/0xa000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 VIA VT8601 PCI rev 0x05 ppb0 at pci0 dev 1 function 0 VIA VT82C601 AGP rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 Trident CyberBlade i1 rev 0x6a wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pcib0 at pci0 dev 17 function 0 VIA VT8231 ISA rev 0x10 pciide0 at pci0 dev 17 function 1 VIA VT82C571 IDE rev 0x06: ATA100, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: FUJITSU MHV2040AT wd0: 16-sector PIO, LBA, 38154MB, 78140160 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide0: channel 1 disabled (no drives) viaenv0 at pci0 dev 17 function 4 VIA VT8231 PMG rev 0x10 vr0 at pci0 dev 18 function 0 VIA RhineII-2 rev 0x51: irq 11, address 00:40:63 :e2:03:0d ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 10: OUI 0x004063, model 0x0032 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: using exception 16 biomask f7fd netmask fffd ttymask pctr: user-level cycle counter enabled dkcsum: wd0 matches BIOS drive 0x80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 -- Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
sensorsd configuration
Hello. I have not used sensorsd on OpenBSD before, but am trying to learn. I have read sensorsd(8) and sensorsd.conf(5) from OpenBSD 3.9 and the configuration looks very simple. However, i have a couple quick questions: The lines in sensorsd.conf start with hw.sensors.N (where N is a small natural number). How do i determine N for each sensor? Is there a list somewhere that tells what is what? Or is there a command i can run to generate a list? Secondly, is it possible to read the current values of sensors? For example, say i have configured a sensor to monitor the CPU temperature. Is there a way to find out what the current temperature is? Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: sensorsd configuration
Thank you to those who responded! I can figure out sensorsd.conf now. Also thank you to the developers who created such a simple way to monitor the sensors. I've configured sensors on other operating systems that have been a much greater hassle. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
bash-static on OpenBSD 3.9
If anyone has been lamenting the loss of the bash-static package, this evening i took the time to figure out how to create something that works just as well. I peeked in the Makefile for bash on an older version of OpenBSD to see how the static version differs. The difference is when compiling bash the CONFIGURE_ENV variable needs to be set. The full steps i used to build a bash-static package were: First install the ports tarball from the install CD. You will also need to have the compilers install set installed (it is by default). Then: # cd /usr/ports/shells/bash # make print-build-depends This will print a list of dependencies. Install them from packages. You could also compile them from ports, but why when other people have already done the excellent work of providing the packages? # export CONFIGURE_ENV=LDFLAGS=-static # make package That's it! The new bash package will be in /usr/ports/packages/i386/all (of course, i386 will be different for other platforms). It won't have -static in the name, but you can always rename the file before installing on other systems if you really want. -- Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: X not found
The file sets that are used to install OpenBSD are not packages even though they end in the tgz extension. Thus, pkg_add doesn't know what to do with it. Try a command like this instead: # cd / # tar -xvpzf /home/music/xbase39.tgz The -v is optional, but make sure you include -p to preserve permissions. The tar command should be run from the root directory (unless you also use the -C switch). On Wednesday 05 July 2006 13:42, you wrote: so how do you install that, i was thinking it would just be # pkg_add /home/music/xbase39.tgz Can't resolve /home/music/xbase39.tgz but that didnt work, how do you install that package? On 7/5/06, Joachim Schipper [EMAIL PROTECTED] wrote: On Wed, Jul 05, 2006 at 12:03:35AM -0700, Lawrence Horvath wrote: thats what i was asking, can i just install a small set of libs or do i need to entirely install X xbase will do for (almost?) all ports. Joachim -- Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Question related to automaticly encrypted /tmp /vat/tmp (like swap..?)
On Tuesday 04 July 2006 11:13, Hannah Schroeter wrote: It *is*. I've done so since a nearly uncountable number of years. Something like this in /etc/fstab helps. /dev/wd0b /tmpmfs rw,-m0,-s204800 0 0 In the past i've always symlinked /tmp to point to /var/tmp. This has never caused any noticeable problems, but i realize that it isn't the proper way to do things and carries some risk. I have not seen documented how mfs allocates memory, so i just did a quick test. On a machine with 205 MB of RAM free i mounted a 128 MB mfs. Free RAM dropped to 199 MB; only 6 MB used! So OpenBSD must only allocate RAM for sectors that have actually been written to. Since the system is not using any more RAM than it has to, i think i'll switch to using mfs for /tmp as well. -- Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: OT: quiet fans and heatsinks
On Sunday 04 June 2006 21:43, Jacob Yocom-Piatt wrote: these machines need Socket A and Socket 370 heatsinks. it's a plus if they're low profile for 1U and 2U rackmount units. all suggestions appreciated. What i've found works well is to buy a fan adapter that will allow you to use a larger fan (such as a 60mm fan on a 40mm heatsink, 80mm fan on a 60mm heatsink, or a 120mm fan on an 80mm heatsink). Then get a fan of the larger size that uses magnetic levitation bearings (they tend to be considerably quieter than ball bearing fans, though slightly more expensive). Then get an adapter for the fan that will run it at either 7 or 5 volts (Zalman sells some of these for roughly $3 US). So then you use a larger fan, but run it at a slower speed. It will end up pushing about as much air as a small fan at high speed, but make a lot less noise doing it. I recently managed to make a system almost silent this way; i can still hear it (mostly the hard drive noise) if my head is within a foot of the case but otherwise cannot. -- Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: New server
When a user logs in, what would prevent them from accessing their files in /var/www/home/wherever by just using the cd command to change to that directory? Just make sure permissions on whatever they need to access in /var/www/home/wherever are such that the users can change files and Apache can read files. If you want to make it a little easier for the users to find their place in /var/www/home/wherever you could create a symlink within their home directory that points to that location: ln -s /var/www/home/user ~user/webfiles On Friday 19 May 2006 14:37, you wrote: Hi, I have a new server (2.66Ghz Core Duo) with a spangly new LSI MegaRaid card (disable pcibios made it boot happily using bsd.mp), and once we'd found the broken stick of RAM everything's happy (dmesg at end) I have a systems question, relating to apache. I would like to run apache chrooted, but users need access to their both home directories in /home, and their web directory in /var/www/home/wherever. Ideally I'd like to do this under one login per user, but I can't think how to setup the system so they can access /home, and their chrooted area with one account. I don't want to put the entire /home partition into the chroot, that leaves everybody's files vulnerable if apache/php gets haxored. I could just keep each users websites folder in the chroot, but then sftpd or ftpd (both chrooted) won't be able to see them either. I can't think of a way round this, to have chrooted access, with files in separate locations, accessible under one login. Does anybody have any suggestions? Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Set up root partition as read only.
On Friday 14 April 2006 22:17, you wrote: To increase the security level of my OpenBSD system I have defined at /etc/fstab that the root partition should be read only. That won't increase your security level much, but if you really want to make / read-only, there is more involved. (I recently did this on a machine with a flash drive instead of a standard hard drive in order to save wear on the flash.) To start with, read and understand /etc/rc and mfs(8). Convert /dev and /var to be on memory file systems (pay attention to -P in mfs(8)). Then edit /etc/rc and comment out the lines that mount /, /usr, and /var, and the lines that rewrite /etc/resolv.conf. If you need more information than this, Google is your friend. I also have a more detailed HOWTO-style document that i wrote that i would be willing to share off-list, though you might learn more if you do your own research instead. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Via EPIA board/box
On Saturday 15 April 2006 20:03, Steve B wrote: I've seen a number of posts on various OBSD related sites about these Via EPIA boards and their various benefits - low power, hardware crypto, etc. They look like a nice replacement for my old board so I've been looking around at logicsupply.com, idotpc.com and mini-itx.com. There are probably other sites so if you've got them please share g. I've recently ordered a couple machines from www.solarpc.com. If you want the machine to be almost silent, then i suggest either getting one of the machines with a fanless CPU, or getting one with a fan in a 2U case and then replacing the 40mm fan with a 40 to 60mm adapter and an undervolted 60mm fan; the 40mm fan that comes with the CPU is rated to be very quiet but if you are moderately intolerant of noise then the default fan really won't seem quiet. Other than having to replace the fan as described, i have been very happy with the machines. They run OpenBSD very well. I even installed the x.org packages on one just for the heck of it (it was my first time trying to run X on OpenBSD) and X supported the built-in graphics without any manual configuration. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: thin-client
On Wednesday 22 February 2006 08:19, you wrote: Hello. What are the thin-client options with OpenBSD ? Something similar to www.ltsp.org If anyone is using openbsd as a thin-client server. i would be interested in hearing their experiences. I've actually used OpenBSD as an LTSP server. The clients are web terminals used in a library to view the card catalog. It was slightly more hassle to set up than a standard installation that uses Linux, but once everything was configured it worked beautifully. If you want my installation notes on the process i would be happy to send them privately (to avoid list clutter) on request. My setup was with the clients configured to run everything locally (using the server simply as a filesystem). I did a bit of experimenting running applications on the OpenBSD server and having them display on the Linux clients. I was able to get it to work by displaying the application through an SSH tunnel. Unfortunately, the clients i was using (LTSP Jammin-125, an older model they don't seem to sell anymore) were a bit too slow to perform well while handling all the SSH encryption. Someone who understands X11 configuration better than i should be able to set it up without needing the SSH tunnel which would probably have made it fast enough to be useable. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: SCSI tape drive hanging
On Monday 20 February 2006 18:47, Marcus Barczak wrote: Just recently acquired a cast off Sun DDS3 SCSI tape drive. It's an external unit and connected to my internal Adaptec 2940UW controller. The problem i'm experiencing is anytime I try issuing a command with mt for instance: I have an Adaptec 2940UW that i'm using at home, so i'm familiar with the hardware. That card has 3 places for SCSI cables to connect: 2 internal, and 1 external. However, you can only have devices plugged into two connections at a time (there was a more expensive version of the card which did not have this limitation). By any chance were you already using both internal ports before plugging the tape drive into the external? This is where a full dmesg would have been more helpful. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: network distributed storage with windows?
On Thursday 16 February 2006 01:58, A Rossi wrote: My client didn't really like the idea of just making a windows partition and disallowing the users from accessing it with permissions, because then they'd know about something... And some might complain about it being broken - they have several older people on staff who aren't as computer literate. It is possible to not only deny permissions to a drive, but also to completely hide the drive from the user interface. Hiding drives from the interface can be done through group policies (either local policies or via Active Directory). Take a look at Microsoft Knowledge Base article Q231289: Using Group Policy Objects to hide specified drives in My Computer for Windows 2000. Since Windows administration is quite off-topic, if you need further help please e-mail me off list. I haven't hidden drives from users before, but i work with someone who administers Windows and does this so it would be easy for me to ask more questions on how it is done. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: Deletion of indirectly -installed packages (dependencies)
On Wednesday 04 January 2006 18:43, you wrote: I know it isn't simple, one must first have a way to say: hey, I'm a package who was added by a user, I wasn't added just to serve a package you deleted!!, and then check if the dependency is used by any package. Also, it should always ask if we want to delete that dependecy, maybe someone starts using it directly instead of using the package which needed it to be added. But, IMHO, it would be nice, =). It sounds like you want something similar to the apt-get and aptitude programs from Debian Linux. I think that something like that for OpenBSD would be wonderful. But creating it would require considerable developer effort. Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: OpenBSD beep
On Sunday 18 December 2005 03:05, you wrote: And my machine is old, it's Celeron 500 on Chaintech CT-6BTA3 with Intel 82440BX chipset, and my motherboard didn't provide any information about cpu/system temp... I'd suggest opening the case and seeing if all cooling fans are running; on older machines the moving parts often start to wear out. I'm not familiar with your exact hardware, but many motherboards will emit a speaker beep if there is a problem. If you have the manual for the board, try looking up the beep code; you'll need to pay attention to how often it happens and the pattern of beeps when it does. Dan Ramaley Network Programmer/Analyst (515) 271-4540 Dial Center 118, Drake University
Re: Big discrepancy between df and du used space values (3.8)
On Tuesday 08 November 2005 10:36, you wrote: I'm trying to track down why /var is full, and df and du report major differences (or else I'm reading something wrong, in which case I submit to the verbal beatings). Pay attention to what it says for /var. Running OpenBSD 3.8 GENERIC as a firewall. Why does df report 8G used, and du report 9M used? What am I missing? (Don't comment on the size of the / partition, I just realized I made a mistake there, but there are no user accounts on this machine, and /var is on a different partition, so I don't have to worry about log file sizes killing the machine.) One possible cause of this is if a process has one or more large files open on /var that have been deleted. The space from deleted files that are open at the time of deletion is not freed until the file is closed. Innocuous causes for this would be a log file that wasn't rotated properly and the logging program is holding an old log open. Malicious causes for this could include a rootkit that stores data in deleted files to hide its presence, but this is rather unlikely on OpenBSD. The lsof utility (available as a package or in ports) may help with investigating what process is holding a deleted file open, if that is really the problem. If it is, then killing or restarting the offending process should free up the space. In a worst-case scenario you could try rebooting and see if the space is freed. Dan Ramaley Network Programmer/Analyst (515) 271-4540 Dial Center 118, Drake University
Re: OpenBSD Metastore
On Thursday 03 November 2005 08:59, Martin Schrvder wrote: On 2005-11-03 08:20:47 -0600, Jared Solomon wrote: The AOpen MiniPC measures 6.5 x 6.5 x 2 inches, is powered by an Intel Pentium M or Celeron M processor http://www.heise.de/newsticker/meldung/65660 A MacMini is cheaper and runs OBSD. That's not entirely accurate; though a Mac Mini will run OpenBSD, it is not cheaper. The original article that was posted gave a $399 price for the A-Open MiniPC. Apple lists their Mac Mini at $499. But, if you know a way to (legally) acquire a new Mac Mini for less than the $399 MiniPC price, i'd be very interested in hearing about it. Dan Ramaley Network Programmer/Analyst (515) 271-4540 Dial Center 118, Drake University
Re: [Fwd: Re: Theo, I am truely sorry. You misunderstood me.]
On Thursday 20 October 2005 19:01, you wrote: Currently tracking 30+ pieces of hardware. However, I need help: I need people to email me supported hardware, or use the Submit New Kit link on the page to do it. It's pretty easy, and the only requirement is that you need to have personally witnessed its (correct) operation with some version of OpenBSD, and that it is possible to buy it new. Speaking of which: Which driver supports the Adaptec 1205SA? Anybody? Bueller? Manpages are not forthcoming. I submitted the Adaptec 1205 SA to your list. I put it in my OpenBSD 3.7 machine and it just worked. The drive plugged into the 1205 is wd1. I believe these are the relevant dmesg lines: pciide1 at pci0 dev 16 function 0 CMD Technology SiI3112 SATA rev 0x02: DMA pciide1: using irq 10 for native-PCI interrupt pciide1: port 0: device present, speed: 1.5Gb/s wd1 at pciide1 channel 0 drive 0: ST3400832AS wd1: 16-sector PIO, LBA48, 381554MB, 781422768 sectors wd1(pciide1:0:0): using BIOS timings, Ultra-DMA mode 6 The full dmesg follows, in case what i quoted above isn't sufficient: OpenBSD 3.7 (GENERIC) #50: Sun Mar 20 00:01:57 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium II (GenuineIntel 686-class, 512KB L2 cache) 451 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MM X,FXSR real mem = 536453120 (523880K) avail mem = 482713600 (471400K) using 4278 buffers containing 26927104 bytes (26296K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 01/15/99, BIOS32 rev. 0 @ 0xfdb60 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI BIOS has 10 Interrupt Routing table entries pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371AB PIIX4 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x4800 0xcc800/0x2800 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x03 pci1 at ppb0 bus 1 pcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x02 pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA, channel 0 wi red to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: Maxtor 5T010H1 wd0: 16-sector PIO, LBA, 9536MB, 19531250 sectors atapiscsi0 at pciide0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SONY, CD-ROM CDU55E, 1.0u SCSI0 5/cdrom removabl e wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 cd0(pciide0:0:1): using PIO mode 0 pciide0: channel 1 disabled (no drives) uhci0 at pci0 dev 7 function 2 Intel 82371AB USB rev 0x01: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered Intel 82371AB Power Mgmt rev 0x02 at pci0 dev 7 function 3 not configured fxp0 at pci0 dev 15 function 0 Intel 82557 rev 0x02: irq 9, address 00:a0:c9:7 4:9a:a9 inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 0 pciide1 at pci0 dev 16 function 0 CMD Technology SiI3112 SATA rev 0x02: DMA pciide1: using irq 10 for native-PCI interrupt pciide1: port 0: device present, speed: 1.5Gb/s wd1 at pciide1 channel 0 drive 0: ST3400832AS wd1: 16-sector PIO, LBA48, 381554MB, 781422768 sectors wd1(pciide1:0:0): using BIOS timings, Ultra-DMA mode 6 pciide2 at pci0 dev 18 function 0 Promise PDC20269 rev 0x02: DMA, channel 0 co nfigured to native-PCI, channel 1 configured to native-PCI pciide2: using irq 5 for native-PCI interrupt wd2 at pciide2 channel 0 drive 0: Maxtor 6Y250P0 wd2: 16-sector PIO, LBA48, 239372MB, 490234752 sectors wd2(pciide2:0:0): using PIO mode 4, Ultra-DMA mode 6 vga1 at pci0 dev 20 function 0 S3 Trio32/64 rev 0x54 wsdisplay0 at vga1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker sysbeep0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 lm0 at isa0 port 0x290/8: W83781D npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask ed65 netmask ef65 ttymask ffe7 pctr: 686-class user-level performance counters enabled mtrr: Pentium Pro MTRR support dkcsum: wd0 matched BIOS disk 80 dkcsum: wd1 matched BIOS disk 81 dkcsum: wd2 matched BIOS disk 82 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 --
Re: Printer setup
The last time i had to use a non-postscript printer with OpenBSD i used foomatic. Since i was not familiar with the software, it was a bit of a pain to set up. But like most other software on OpenBSD, once i had it configured properly it worked without any problems. Just curious, why don't you want to use foomatic? I haven't tried using cups on OpenBSD, though i have successfully configured cups on Debian Linux, with commands similar to this: # gunzip -c /usr/share/ppd/Brother/Brother-HL-1430-hpijs.ppd.gz \ /tmp/out.ppd # lpadmin -p lp -E -v /dev/lpt0 -P /tmp/out.ppd -D Brother HL-1430 \ -L Local Printer # lpoptions -p lp -o page-left=18 -o page-right=18 \ -o page-top=18 -o page-bottom=18 -o cpi=12 -o lpi=7 On my machine there are 3 different PPD files for the Brother HL-1430, each with one of either hl1250, hpijs, or ljet4 in their name. I'm not sure which one you actually want but you should be able to find them online; if not e-mail me privately and i can send them to you (please note however that using files from random strangers on the internet poses significant security risks). On Friday 30 September 2005 07:12, you wrote: I have been trying to setup a brother HL-1430 printer on OpenBSD 3.7 but has been told it is near impossible. I have installed cups but I am not sure if it is better to use it. I can locate the printer on /dev/lpt0 and it's in dmesg. From that and getting some actually printing done, I haven't been able to find anything usefull on google except this http://www.jakemsr.com/openbsd/foomatic.html, which wasn't what I had in mind. Where to go from here? I have no prior experience with lp(d) but have setup cupsd on other nix's before. Dan Ramaley Network Programmer/Analyst (515) 271-4540 Dial Center 118, Drake University
Re: Which SATA controller to purchase
On Monday 26 September 2005 20:10, you wrote: Try this one out for size, I can vouch that it's super http://www.lsilogic.com/products/megaraid/sata_150_4.html Brandon Is there an LSI SATA card that doesn't have RAID and works with OpenBSD? I don't want RAID support, so buying an expensive ($216 on newegg.com) card doesn't sound like a good deal. Dan Ramaley Network Programmer/Analyst (515) 271-4540 Dial Center 118, Drake University
Which SATA controller to purchase
I have an i386 file server running OpenBSD 3.7-release. I want to add an SATA drive to the system. Since the motherboard does not have SATA built-in, i need to purchase a controller card. I notice on http://www.openbsd.org/i386.html that a number of SATA chips are supported, though many will require an upgrade to -current or 3.8 when it is released (either of which i would be willing to do if necessary). My question is, given a chip number listed on i386.html, how do i find out what products the chip is used in? For example, i was looking at the Promise SATA 150TX4 and i have not yet been able to find what chip that controller uses. Any suggestions on what controller card i should get? Dan Ramaley Network Programmer/Analyst (515) 271-4540 Dial Center 118, Drake University
