Re: httpd howto redirect port 80 to 443 in vm

2018-03-02 Thread Matt M 
Why not use a .htaccess redirect?

https://www.sslshopper.com/apache-redirect-http-to-https.html

On Thu, Mar 1, 2018 at 7:18 AM Bryan Harris  wrote:

> Alternate?: go back to original config and change
>
> server "default"
>
> to
>
> server "example.com"
>
> And maybe an alias for "www.example.com."
>
> Just a thought.
>
> V/r,
> Bryan
>
-- 
There's no place like 127.0.0.1

Re: fsck: CANNOT READ: BLK 4235468160

2018-01-08 Thread Matt M 
I just saw you mentioned you are using the disk inside of virtualbox. Does
this same thing happen if you use the disk natively?


On Mon, Jan 8, 2018 at 8:52 AM Matt M <cmorrow...@gmail.com> wrote:

> With disks, the blocks can change. There can be any number of reasons for
> this, from the actual physical platters going bad to the read heads not
> functioning properly, or the memory on the disk going bad. SSD is a
> different story, in my experience when it begins to go the behavior becomes
> really erratic and inconsistent. You could try replacing cables, but you
> are probably looking at replacing the disk.
>
>
> On Sat, Jan 6, 2018 at 9:12 PM STeve Andre' <and...@msu.edu> wrote:
>
>> When you enter the realm of hardware errors, anything can happen.  If
>> you are lucky you will see the same hard and soft errors every time you
>> cross a bad sector, but I have seen many cases wildly varying block
>> numbers on really sick disks.  And yes, bad cables and USB interfaces
>> can be a problem too.  Try wiggling the cable disk the disk stable and
>> see if you can produce errors.
>>
>> Try doing a read with that USB hardware on another disk, too. That will
>> tell you something.  I'll bet that the disk is bad.  If it stops
>> producing errors, don't forgive it!  Get a new one.
>>
>> --STeve Andre'
>>
>> On 01/06/18 21:45, Maximilian Pichler wrote:
>> > Hi,
>> >
>> > I'm running fsck on an external USB hard drive, using OpenBSD 6.2
>> > inside VirtualBox on MacOS.
>> >
>> > On each run it gives a handful of "CANNOT READ: BLK ..." messages, but
>> > the block numbers reported are different (!) each time.
>> >
>> > If the disk is damaged, shouldn't the problematic blocks be
>> > consistent? Does this point to a communication problem with the disk
>> > (e.g. faulty USB cable)? Or is this a hopelessly unstable situation
>> > given the general screwiness of USB over VirtualBox/Mac OS...?
>> >
>> > Also, does answering "y" to "CANNOT READ" modify the disk contents?
>> >
>> > Thanks for any insights!
>> >
>> > Max
>> >
>> >
>> > xhci0 at pci0 dev 12 function 0 "Intel 7 Series xHCI" rev 0x00: apic 2
>> int 20
>> > usb0 at xhci0: USB revision 3.0
>> > uhub0 at usb0 configuration 1 interface 0 "Intel xHCI root hub" rev
>> > 3.00/1.00 addr 1
>> > umass0 at uhub0 port 9 configuration 1 interface 0 "Seagate Expansion"
>> > rev 3.00/0.00 addr 2
>> > umass0: using SCSI over Bulk-Only
>> > scsibus4 at umass0: 2 targets, initiator 0
>> > sd0 at scsibus4 targ 1 lun 0: <Seagate, Expansion, 9300> SCSI4 0/direct
>> fixed
>> > sd0: 3815447MB, 512 bytes/sector, 7814037167 <(781)%20403-7167> sectors
>> >
>> > $ doas fsck /dev/sd0a
>> > ** /dev/rsd0a
>> > ** Last Mounted on /home/max/mnt
>> > ** Phase 1 - Check Blocks and Sizes
>> >
>> > CANNOT READ: BLK 4235468160 <(423)%20546-8160>
>> > CONTINUE? [Fyn?] y
>> >
>> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
>> >
>> > CANNOT READ: BLK 4128081280 <(412)%20808-1280>
>> > CONTINUE? [Fyn?] y
>> >
>> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
>> > CANNOT READ: BLK 4194986880 <(419)%20498-6880>
>> > CONTINUE? [Fyn?] y
>> > CONTINUE? [Fyn?] y
>> >
>> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
>> > ** Phase 2 - Check Pathnames
>> >
>> > CANNOT READ: BLK 4195146384 <(419)%20514-6384>
>> > CONTINUE? [Fyn?] y
>> > CONTINUE? [Fyn?] y
>> >
>> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
>> > ** Phase 3 - Check Connectivity
>> > ** Phase 4 - Check Reference Counts
>> > ** Phase 5 - Check Cyl groups
>> > 614222 files, 408012667 used, 76524122 free (3658 frags, 9565058
>> > blocks, 0.0% fragmentation)
>> >
>> > MARK FILE SYSTEM CLEAN? [Fyn?] y
>> >
>> >
>> > * FILE SYSTEM WAS MODIFIED *
>> >
>> >
>> > $ doas fsck -f /dev/sd0a
>> > ** /dev/rsd0a
>> > ** File system is already clean
>> > ** Last Mounted on /home/max/mnt
>> > ** Phase 1 - Check Blocks and Sizes
>> >
>> > CANNOT READ: BLK 4236615424 <(423)%20661-5424>
>> > CONTINUE? [Fyn?] y
>> >
>> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
>> > ** Phase 2 - Check Pathnames
>&

Re: fsck: CANNOT READ: BLK 4235468160

2018-01-08 Thread Matt M 
With disks, the blocks can change. There can be any number of reasons for
this, from the actual physical platters going bad to the read heads not
functioning properly, or the memory on the disk going bad. SSD is a
different story, in my experience when it begins to go the behavior becomes
really erratic and inconsistent. You could try replacing cables, but you
are probably looking at replacing the disk.


On Sat, Jan 6, 2018 at 9:12 PM STeve Andre'  wrote:

> When you enter the realm of hardware errors, anything can happen.  If
> you are lucky you will see the same hard and soft errors every time you
> cross a bad sector, but I have seen many cases wildly varying block
> numbers on really sick disks.  And yes, bad cables and USB interfaces
> can be a problem too.  Try wiggling the cable disk the disk stable and
> see if you can produce errors.
>
> Try doing a read with that USB hardware on another disk, too. That will
> tell you something.  I'll bet that the disk is bad.  If it stops
> producing errors, don't forgive it!  Get a new one.
>
> --STeve Andre'
>
> On 01/06/18 21:45, Maximilian Pichler wrote:
> > Hi,
> >
> > I'm running fsck on an external USB hard drive, using OpenBSD 6.2
> > inside VirtualBox on MacOS.
> >
> > On each run it gives a handful of "CANNOT READ: BLK ..." messages, but
> > the block numbers reported are different (!) each time.
> >
> > If the disk is damaged, shouldn't the problematic blocks be
> > consistent? Does this point to a communication problem with the disk
> > (e.g. faulty USB cable)? Or is this a hopelessly unstable situation
> > given the general screwiness of USB over VirtualBox/Mac OS...?
> >
> > Also, does answering "y" to "CANNOT READ" modify the disk contents?
> >
> > Thanks for any insights!
> >
> > Max
> >
> >
> > xhci0 at pci0 dev 12 function 0 "Intel 7 Series xHCI" rev 0x00: apic 2
> int 20
> > usb0 at xhci0: USB revision 3.0
> > uhub0 at usb0 configuration 1 interface 0 "Intel xHCI root hub" rev
> > 3.00/1.00 addr 1
> > umass0 at uhub0 port 9 configuration 1 interface 0 "Seagate Expansion"
> > rev 3.00/0.00 addr 2
> > umass0: using SCSI over Bulk-Only
> > scsibus4 at umass0: 2 targets, initiator 0
> > sd0 at scsibus4 targ 1 lun 0:  SCSI4 0/direct
> fixed
> > sd0: 3815447MB, 512 bytes/sector, 7814037167 <(781)%20403-7167> sectors
> >
> > $ doas fsck /dev/sd0a
> > ** /dev/rsd0a
> > ** Last Mounted on /home/max/mnt
> > ** Phase 1 - Check Blocks and Sizes
> >
> > CANNOT READ: BLK 4235468160 <(423)%20546-8160>
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> >
> > CANNOT READ: BLK 4128081280 <(412)%20808-1280>
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> > CANNOT READ: BLK 4194986880 <(419)%20498-6880>
> > CONTINUE? [Fyn?] y
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> > ** Phase 2 - Check Pathnames
> >
> > CANNOT READ: BLK 4195146384 <(419)%20514-6384>
> > CONTINUE? [Fyn?] y
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> > ** Phase 3 - Check Connectivity
> > ** Phase 4 - Check Reference Counts
> > ** Phase 5 - Check Cyl groups
> > 614222 files, 408012667 used, 76524122 free (3658 frags, 9565058
> > blocks, 0.0% fragmentation)
> >
> > MARK FILE SYSTEM CLEAN? [Fyn?] y
> >
> >
> > * FILE SYSTEM WAS MODIFIED *
> >
> >
> > $ doas fsck -f /dev/sd0a
> > ** /dev/rsd0a
> > ** File system is already clean
> > ** Last Mounted on /home/max/mnt
> > ** Phase 1 - Check Blocks and Sizes
> >
> > CANNOT READ: BLK 4236615424 <(423)%20661-5424>
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> > ** Phase 2 - Check Pathnames
> >
> > CANNOT READ: BLK 3732315520
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> >
> > CANNOT READ: BLK 4161885792
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> >
> > CANNOT READ: BLK 4201995728
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> >
> > CANNOT READ: BLK 4202008160
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> >
> > CANNOT READ: BLK 4202013680
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> > ** Phase 3 - Check Connectivity
> > ** Phase 4 - Check Reference Counts
> > ** Phase 5 - Check Cyl groups
> >
> > CANNOT READ: BLK 5011229824
> > CONTINUE? [Fyn?] y
> >
> > THE FOLLOWING DISK SECTORS COULD NOT BE READ:
> > 614222 files, 408012667 used, 76524122 free (3658 frags, 9565058
> > blocks, 0.0% fragmentation)
> >
> >
>
>

-- 
There's no place like 127.0.0.1

Re: ETE - ETA

2017-01-22 Thread Matt M 
ETA is a sort of "universally" recognized and used form. To be technical,
ETA and ETE would be synonymous in this case anyway.

The time to wait till arrival (eta) would correspond exactly with the time
it takes to complete the process (enroute).

On Sun, Jan 22, 2017 at 8:30 AM jean-francois  wrote:

> Hi,
>
> I always wondered what was ETA for during the installation process.
>
> As of today, I noticed this should read ETE as for Estimated Time Enroute.
>
> ETA stands for Estimated Time of Arrival and is therefore more or less
> constant.
>
> Regards

Re: the balance between OpenBSD and life

2016-05-31 Thread Matt M 
On Sat, May 28, 2016 at 7:31 AM Teng Zhang  wrote:

> I can't adjust  the time for OpenBSD and my life appropriately. Could you
> please share your experience with me about how you adjust your time between
> OpenBSD and your life.
> thanks for any reply.
>
>
If OpenBSD is consuming so much of your time that it is interfering with
life, then maybe leave OpenBSD alone for a while and come back when life in
general isn't needing your full attention, Maybe run OpenBSD for your
server or desktop, but don't consume yourself with it - if it works, it
works - and it should work without having to constantly babysit or tweak it.

I am a musician, and if I could I would easily spend 12+ hours per day
playing, composing, recording and mixing music. But I have a job and
family, so music takes a second seat to that. There are times where I can't
even pick up an instrument for days at a time. That's life. But I always
come back to it whenever I get the chance, and sometimes I have the time to
focus heavily on music. OpenBSD should be no different for you.

Re: My computer suddenly turned itself off.

2015-01-21 Thread Matt M 
Sudden power offs are often indicative of heat issues, especially on
laptops. Does it power right back on and stay on for a long time? If not I
would suspect heat. If it does stay on, it may be a power management bug, a
bad power source or possibly a failing power supply in the machine.
 If it won't power back on right away, or won't stay on till it sits for a
while, try cleaning the cpu fan - they collect a lot of dust.


On Wednesday, January 21, 2015, Joel Rees joel.r...@gmail.com wrote:

 I'm looking under /var/log, but not seeing any logfiles to give me any
 clues.

 What information should I post? I have /var/log/messages from the
 moment of the crash, but it's about 36K.

 dmesg:
 ---
 OpenBSD 5.5-stable (GENERIC) #0: Sat Dec 13 14:38:02 JST 2014
 r...@ob.reiisi.homedns.org:/usr/src/sys/arch/i386/compile/GENERIC
 cpu0: AMD Sempron(tm) 2600+ (AuthenticAMD 686-class, 256KB L2 cache)
 1.84 GHz
 cpu0:
 FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,MPC,MMXX,3DNOW2,3DNOW
 real mem  = 737636352 (703MB)
 avail mem = 713281536 (680MB)
 mainbus0 at root
 bios0 at mainbus0: AT/286+ BIOS, date 07/28/04, BIOS32 rev. 0 @
 0xfbaa0, SMBIOS rev. 2.3 @ 0xf0800 (33 entries)
 bios0: vendor Phoenix Technologies, LTD version 6.00 PG date 07/28/2004
 bios0: MICRO-STAR INTERNATIONAL CO., LTD KM266-8237
 acpi0 at bios0: rev 0
 acpi0: sleep states S0 S1 S4 S5
 acpi0: tables DSDT FACP APIC
 acpi0: wakeup devices SLPB(S5) USB0(S1) USB1(S1) USB2(S1) USB3(S1)
 USB4(S1) USB5(S1) USB6(S1) USB7(S1) LAN0(S5) UAR1(S5) LPT1(S5)
 ECP1(S5) PCI0(S5)
 acpitimer0 at acpi0: 3579545 Hz, 24 bits
 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
 cpu0 at mainbus0: apid 0 (boot processor)
 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
 cpu0: apic clock running at 333MHz
 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 3, 24 pins
 acpiprt0 at acpi0: bus 0 (PCI0)
 acpicpu0 at acpi0
 acpitz0 at acpi0: critical temperature is 100 degC
 acpibtn0 at acpi0: PWRB
 acpibtn1 at acpi0: SLPB
 bios0: ROM list: 0xc/0x7e00 0xc8000/0x1a00!
 pci0 at mainbus0 bus 0: configuration mode 1 (bios)
 pchb0 at pci0 dev 0 function 0 VIA VT8378 PCI rev 0x00
 viaagp0 at pchb0: v3
 agp0 at viaagp0: aperture at 0xe000, size 0x1000
 ppb0 at pci0 dev 1 function 0 VIA VT8377 AGP rev 0x00
 pci1 at ppb0 bus 1
 vga1 at pci1 dev 0 function 0 VIA VT8378 VGA rev 0x01
 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
 wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
 pciide0 at pci0 dev 7 function 0 ITExpress IT8212F rev 0x13: DMA,
 channel 0 wired to native-PCI, channel 1 wired to native-PCI
 pciide0: using apic 2 int 18 for native-PCI interrupt
 wd0 at pciide0 channel 0 drive 0: Maxtor 6B160P0
 wd0: 16-sector PIO, LBA48, 156334MB, 320173056 sectors
 wd1 at pciide0 channel 0 drive 1: WDC WD3200AAJB-00J3A0
 wd1: 16-sector PIO, LBA48, 305245MB, 625142448 sectors
 wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6
 wd1(pciide0:0:1): using PIO mode 0
 pciide1 at pci0 dev 15 function 0 VIA VT82C571 IDE rev 0x06: ATA133,
 channel 0 configured to compatibility, channel 1 configured to
 compatibility
 wd2 at pciide1 channel 0 drive 0: Maxtor 4R080L0
 wd2: 16-sector PIO, LBA, 78167MB, 160086528 sectors
 wd2(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 6
 atapiscsi0 at pciide1 channel 1 drive 0
 scsibus0 at atapiscsi0: 2 targets
 cd0 at scsibus0 targ 0 lun 0: TSSTcorp, CD/DVDW TS-H552A, BA52 ATAPI
 5/cdrom removable
 cd0(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 3
 uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x81: apic 2 int 21
 uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x81: apic 2 int 21
 uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x81: apic 2 int 21
 uhci3 at pci0 dev 16 function 3 VIA VT83C572 USB rev 0x81: apic 2 int 21
 ehci0 at pci0 dev 16 function 4 VIA VT6202 USB rev 0x86: apic 2 int 21
 usb0 at ehci0: USB revision 2.0
 uhub0 at usb0 VIA EHCI root hub rev 2.00/1.00 addr 1
 viapm0 at pci0 dev 17 function 0 VIA VT8237 ISA rev 0x00: SMI
 iic0 at viapm0
 iic0: addr 0x2f 00=00 01=07 02=00 03=00 04=07 05=00 06=00 07=00 14=14
 15=62 16=03 17=02 words 00=00ff 01=07ff 02=00ff 03=00ff 04=07ff
 05=00ff 06=00ff 07=00ff
 spdmem0 at iic0 addr 0x50: 512MB DDR SDRAM non-parity PC2700CL2.5
 spdmem1 at iic0 addr 0x51: 256MB DDR SDRAM non-parity PC2700CL2.5
 auvia0 at pci0 dev 17 function 5 VIA VT8233 AC97 rev 0x60: apic 2 int 22
 ac97: codec id 0x56494170 (VIA Technologies VT1617)
 ac97: codec features headphone, 18 bit DAC, 18 bit ADC, KS Waves 3D
 audio0 at auvia0
 vr0 at pci0 dev 18 function 0 VIA RhineII-2 rev 0x78: apic 2 int 23,
 address 00:11:09:b4:08:41
 ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 8: OUI
 0x004063, model 0x0032
 usb1 at uhci0: USB revision 1.0
 uhub1 at usb1 VIA UHCI root hub rev 1.00/1.00 addr 1
 usb2 at uhci1: USB revision 1.0
 uhub2 at usb2 VIA UHCI root hub rev 1.00/1.00 addr 1
 usb3 at uhci2: USB revision 1.0

Re: Upgrade path from 4.1?

2014-02-06 Thread Matt M 
Your best option would be to backup data and configs, and reinstall fresh.
There are so many releases between 4.1 and 5.4 that you're going to spend a
lot of time just to get to -current or -stable 5.4, while you're still
gonna have to modify config files that have changes since 4.1 that it
probably wouldn't be worth the time and effort. As far as skipping
versions, first you're gonna have a lot of issues going straight from 4.1
to 5.4. If you just look at the changelogs between each version, you'll see
a lot of things have been removed or considered defunct, and configuration
for services may have changed dramatically (pf and softraid, for example).

Do yourself the favor and save the headaches by just reloading fresh and
porting over any configs.


On Thu, Feb 6, 2014 at 4:49 AM, davy davy.van.de.mo...@gmail.com wrote:

 Hi,

 I've recently was asked to take over the maintenance of an old OpenBSD
 machine, which has not been updated in the last 7 years.

 Currently the machine has been running for close to 1000 days on 4.1. It
 has been a while since I worked with OpenBSD (shame on me), and I'm really
 not sure what the best way would be to upgrade this machine, knowning I
 don't have a serial or local access to the box.

 Can I do a 4.1 - 5.4 in one shot?

 thx!
 Davy

Cisco routers

2014-01-31 Thread Matt M 
This may not be the most appropriate place to ask, but I figured a lot of
you are using Cisco on your networks.

I am beginning to study for the CCNA and I want to purchase at least one
Cisco router and a switch for a home lab. I don't want to spend a lot of
money unnecessarily, and have been looking at the 2600 routers. Since I
don't know anything about Cisco hardware, I don't know if this is too old,
if it still applies in the industry, what I might be lacking in the IOS and
the hardware capabilities, etc.

What would you guys recommend for a starter lab that will give me what I
need to apply to real-world networks?

PF port forwarding issue

2014-01-17 Thread Matt M 
I am using PF on 5.4-stable to NAT and firewall my network, but I can't get
port forwarding to work. All requests end up at the OpenBSD box and go no
further. For instance, I opened port 22 in PF to forward to a Centos box,
but ssh on the openbsd box still takes the request. Port 80 isn't working
at all, as there is no apache on the openbsd box. PF is running on
192.168.2.160 and apache is on 192.168.2.170. I can access apache by
directly connecting to 192.168.2.170

Thanks for any help.

PF.conf
---
ext_if = dc0
int_if = vr0

icmp_types=echoreq

#OPTIONS
set block-policy return
set loginterface egress
set skip on lo

#default block incoming traffic
block in log

#PORT FORWARDING
pass in on egress proto tcp from any to any port 22 rdr-to 192.168.2.170
port 22
pass in on egress proto tcp from any to any port 80 rdr-to 192.168.2.170
port 80

#NAT the entire network
match out on egress inet from !(egress:network) to any nat-to (egress:0)

#pass outgoing traffic through firewall with no checking
pass out quick

#antispoof protection
antispoof quick for { lo $int_if }

pass in inet proto icmp all icmp-type $icmp_types

Re: Is my 5.4 CD ok?

2014-01-16 Thread Matt M 
There isn't any reason all the packages couldn't fit on a cd. Most are just
a few bytes to a few kb, and a small number are into a few MB. Browsing the
package list (for i386), it looks like the largest one might be 4mb.

You should set your pkg path to the cd if you want to install from there,
*export PKG_PATH=/mnt/cdrom/5.4/packages/`machine -a`/*(change to
the mount point of your cdrom)

Personally, I prefer to just set the pkg path to an http mirror as it is
just as fast, or often faster, than cdrom and I don't have to have the cd
on hand.


On Thu, Jan 16, 2014 at 7:28 PM, Mario mario@videotron.ca wrote:

 Hi list.

 I know you are all busy discussing electricity issues but maybe one of you
 can take a moment to answer this.

 Browsing my new CDs for first time ever, I am a little confused and I am
 seeking clarification.  Is the following normal?  Because when I think
 about it, can really over 14,000  packages (amd64 + hppa) fit on a CD.  I
 am puzzled.

 marst:349$ pwd
 /mnt/5.4/packages/amd64
 marst:350$ ls -l
 total 25238
 -r--r--r--  1 root  wheel  539 Aug  5 17:25 TRANS.TBL
 -r--r--r--  1 root  wheel   125468 Jul 29 13:26 bzip2-1.0.6p0.tgz
 -r--r--r--  1 root  wheel   674979 Jul 29 13:26 curl-7.26.0p3.tgz
 -r--r--r--  1 root  wheel  7556487 Jul 29 13:26 gettext-0.18.2p3.tgz
 -r--r--r--  1 root  wheel  2012934 Jul 29 13:26 gnupg-1.4.13p0.tgz
 -r--r--r--  1 root  wheel  159 Aug  5 17:22 index.txt
 -r--r--r--  1 root  wheel  1521545 Jul 29 13:26 libiconv-1.14p0.tgz
 -r--r--r--  1 root  wheel   264257 Jul 29 13:26 libidn-1.27.tgz
 -r--r--r--  1 root  wheel   280021 Jul 29 13:26 rsync-3.0.9p3.tgz
 -r--r--r--  1 root  wheel   165840 Jul 29 13:26 unzip-6.0p2.tgz
 -r--r--r--  1 root  wheel   322276 Jul 29 13:26 xz-5.0.5.tgz
 marst:351$

 I guess the question is are all the binaries supposed to be on CD because
 if I follow instructions as per booklet:

 % su
 Password : root password
 # mount /dev/cd0a /mnt
 # /mnt/5.4/packages/amd64
 # pkg_add emacs-21.4p23.tgz

 That's not working.  Well it worked when my $PKG_PATH was still set on ftp
 but I suppose PKG_PATH is supposed to be set to the CD path.

 Also nowhere on CD2 I can find the soundtrack.  I suppose that should be
 easy.  I would really need a song at the moment.

 --
 Mario

Re: Virtualize or bare-metal?

2014-01-13 Thread Matt M 
I personally wouldn't advise using a single bare-metal machine just for
dhcp, a separate one for dns, a separate one for sendmail etc. Seems like a
huge waste of resources to me. My opinion is that you would fare better, as
was suggested earlier, to use some of the other bare-metal machines for
more intensive tasks like Apache. And, I always like to have a spare box or
two to experiment with different things on, so I would keep one just for
that if it were me. Virtualizing is great for testing and experimenting,
but sometimes you can't beat a real machine for that.


On Tue, Jan 14, 2014 at 12:50 AM, Christopher Ahrens n...@leviacomm.netwrote:

 Matthew Weigel wrote:

 On 1/13/2014 9:11 PM, Christopher Ahrens wrote:

 Jack Woehr wrote:

 Christopher Ahrens wrote:


 Wish I could split everything off to physical, but all I have for
 space for is a mini-rack that fits under my desk in my apartment


 Sounds like you have answered your own question!


 What I meant by bare-metal was if I should run a bunch of services on
 the same
 installation of OpenBSD.


 Well, hardware failures on a small pool of machines are still hardware
 failures on a small pool of machines, whether you have virtual servers or
 not.

 For security, chroot (especially with privilege separation) accomplishes
 a lot
 of what virtualization claims to offer, with a much longer history of
 auditing
 and better understood weaknesses.

 It is usually easier, in my experience, to manage one system running many
 services in individual chroot environments than to manage many (virtual)
 systems.  Files in chroot environments will sometimes need to be updated
 when
 you change the main system, but in my experience this is a much easier
 task to
 identify and manage than applying those changes en masse to a collection
 of
 virtual hosts.  Plus, there will be plenty of system updates to the main
 system that don't need to trickle down to the chroot environments, but
 will
 almost always need to be applied individually to each virtual host.

 You may still want to physically separate some concerns if you have enough
 machines (e.g., build machines vs. service machines, spreading out
 disk-intensive services, etc.), but in general I don't think
 virtualization
 will particularly help you.



 OK, I think I'll try loading multiple services onto single machines, I'm
 thinking that I could always just attach a bunch of carp interfaces (one
 for each service) to the machine then if I want to move that service to
 another machine (Virtual or physical) I just destroy the carp interface and
 recreate it on the new one.

 At this point my plan is to use a pair of machines for a specific category
 (to allow for a machine failure or allow for update cycles with no
 downtime), each pair would handle one of Public internet services
 (external-facing DNS, Public Web server, SMTP filtering), internal services
 (Internal DNS, LDAP, CA), or business applications (Wiki, Mail Store / IMAP
 access, source code control).  The last two boxes used as spare and to test
 virtualization options.

 I am just not using a single machine for multiple roles (I cut my teeth on
 Windows 2000/2003 and picked up some bad habits and obsolete advice)

Re: openbsd host halted with unknown acpi event

2012-10-31 Thread Matt M. 

On 10/31/2012 11:05 AM, Rares Aioanei wrote:

On Wed, Oct 31, 2012 at 10:28:35AM +0400, Sergey Bronnikov wrote:

Yesterday I have found an unpleasent bug in OpenBSD.

I started two virtual machines in qemu with netbsd and building
source inside each virtual machine.
After about 10 min laptop become overheated just below the keyboard,
Xorg was shutdowned and host halted with following messages on console:

/bsd: acpithinkpad0: unknown event 0x6022
/bsd: acpitz1: critical temperature exceeded 100C (3732K), shutting down

Is described above load critical for openbsd?
What is an event 0x6022? I didn't find such event in dumped acpi tables.


You said that you felt heat just below the keyboard. As a tech, I know 
that overheating can cause all sorts of random errors and will power off 
your machine. Typically if it is strictly heat related, your pc will not 
come back on for at least a couple of minutes, after it has had time to 
cool off, or will power back on immediately and then power right back off.


Open your laptop if you can, clean dust off the fans and vents, and it 
should help. I would also advise to get a laptop cooler - they are only 
a few dollars and help a lot.

pf and torrenting

2012-10-31 Thread Matt M. 
I am trying to get torrenting to work but I can't seem to get any 
packets to go through. Tcpdump shows attempted activity and nothing 
blocked,but the torrent client itself doesn't seem to be receiving 
anything from any torrent I have tried.

The torrent client is using port 58846

From the pf.conf:
---

ext_if=rl0




pass in on $ext_if proto tcp from any to any port 58846 rdr-to 
192.168.1.101 port 58846

Upgrade to 5.2?

2012-10-30 Thread Matt M. 
Yesterday I upgraded from 5.1-release to -current. Is there any need to 
upgrade to 5.2-release? Could this cause issues since -current is really 
newer than what's on the 5.2 media?