Re: Cannot configure wi-fi card

2022-05-28 Thread Stuart Henderson
On 2022-05-28, Peter Nicolai Mathias Hansteen wrote: > --Apple-Mail=_2B4B5EC6-B0C2-4A8D-9201-FCBDE33C5566 > Content-Transfer-Encoding: 8bit > Content-Type: text/plain; > charset=utf-8 > > > >> 28. mai 2022 kl. 04:25 skrev Matsuda Kenji : >> >> Hello. >> >> I just installed OpenBSD 7.1 and

Re: spamd on VirtualBox vm - rdr-to rules not working as expected

2022-05-27 Thread Stuart Henderson
On 2022-05-27, Arete wrote: > I’m setting up spamd in front of a Postfix mail server, and am having > an issue with rdr-to rules not working the way I expect. > > My setup: Re-purposed Mac Mini running MacOS 12.4 Monterey, Postfix & > Dovecot, smtp port-forwarded to this box from my firewall.

Re: mutt fetch-mail ssl error

2022-05-25 Thread Stuart Henderson
On 2022-05-22, Avon Robertson wrote: > The libcrypto build and install as outlined above by Theo was completed > without error a few minutes ago on the Dell M6600. It was then rebooted > and mutt's G command was invoked to fetch mail from pop3.xtra.co.nz. > > Sadly the attempt failed and mutt's

Re: gpt+uefi boot+openbsd+linux

2022-05-25 Thread Stuart Henderson
On 2022-05-24, Nick Holland wrote: > On 5/24/22 6:28 PM, Gustavo Rios wrote: >> May some one here suggest a documentation the explains this scenario ? I am >> in needof this. >> >> Thanks in advance! > > I've actually been experimenting with the UEFI OpenBSD and Windows combo, > though I suspect

Re: documentation

2022-05-24 Thread Stuart Henderson
On 2022-05-24, Nathaniel Nigro wrote: > any of the ftp mirrors with the "doc" directory should have historical > versions txt and pdf of the faq and the pf guide Those files are nearly 10 years out of date. -- Please keep replies on the mailing list.

Re: booting OpenBSD on Raspberry pi4 without using sdcard for UEFI

2022-05-22 Thread Stuart Henderson
is on console On Sat, May 21, 2022 at 2:53 PM Stuart Henderson wrote: On 2022-05-20, Sandeep Gupta wrote: Hello, This post here ( http://matecha.net/posts/openbsd-on-pi-4-with-full-disk-encryption/) claims its possible to boot OpenBSD directly from USB without the need for UEFI on sdcard. I tried

Re: booting OpenBSD on Raspberry pi4 without using sdcard for UEFI

2022-05-21 Thread Stuart Henderson
On 2022-05-20, Sandeep Gupta wrote: > Hello, > > This post here ( > http://matecha.net/posts/openbsd-on-pi-4-with-full-disk-encryption/) claims > its possible to > boot OpenBSD directly from USB without the need for UEFI on sdcard. > I tried today but couldn't get it to work. I got a blank

Re: mutt fetch-mail ssl error

2022-05-20 Thread Stuart Henderson
On 2022/05/20 22:18, Avon Robertson wrote: > Thank you for your response Stuart. Alas your suggestion to try the > binary from the working host does not work. I have pasted a log of my > actions below. I will try Theo's fix tomorrow. Hopefully there will be a snapshot by then so you can just

Re: mutt fetch-mail ssl error

2022-05-20 Thread Stuart Henderson
On 2022-05-20, Avon Robertson wrote: > I have been unable to fetch mail with mutt on this host using either the > currently installed snapshot and mutt package, or the snapshot and mutt > package that had been installed 2-3 days previously. > > I have been able to send mail using mutt in

Re: best place to put export variables

2022-05-19 Thread Stuart Henderson
On 2022-05-18, Michael wrote: > On 05/19/22 01:44AM, Mihai Popescu wrote: >> Hello, >> >> I want to export XDG_CACHE_HOME variable used by Xorg. >> What is the best place (file or ?) to export this variable? >> >> I remember i used some file to export a long time ago PS1 variable. >> Should I

Re: calling all PFsync users for experience, gotchas, feedback, tips and tricks

2022-05-19 Thread Stuart Henderson
On 2022-05-19, Jordan Geoghegan wrote: > I've run pfsync + CARP for a number of years now. One interesting > "gotcha" I discovered when building an IPv6-only test network was that > pfsync does not work in an IPv6-only environment. I tried both unicast > and multicast configurations to no

Re: kernel fault after 7.1

2022-05-17 Thread Stuart Henderson
On 2022/05/18 01:40, Vitaliy Makkoveev wrote: > > On 18 May 2022, at 01:18, Stuart Henderson > > wrote: > > > > On 2022-05-17, kasak wrote: > >> Can I somehow revert kernel to 7.1-release, to make syspatch working? > > > > Boot bsd.rd and do an 'up

Re: kernel fault after 7.1

2022-05-17 Thread Stuart Henderson
On 2022-05-17, kasak wrote: > Can I somehow revert kernel to 7.1-release, to make syspatch working? Boot bsd.rd and do an 'upgrade' install to 7.1 again. (You can also do this with sysupgrade if you modify the script).

Re: Historical Reasons For Default NAT Source Port Modification

2022-05-16 Thread Stuart Henderson
On 2022-05-16, Alexander Bochmann wrote: > Hi, > > ...on 2022-05-16 13:23:31, Philipp Buehler wrote: > > > I cannot recall many applications from 20y ago that have been very keen > > on sending from certain ports (besides IKE already mentioned by JJ). > > I seem to remember firewall rules that

Re: Wireguard IP packets fragmentation issue

2022-05-15 Thread Stuart Henderson
ry off-the-shelf home CPE so it's very very xommon on the internet. > I hope the clarifications helps and that im right or at least that I > learn something new :) > Thanks > Tom Smyth > > > > > > > > > On Sun, 15 May 2022 at 19:37, Stuart Henderson > wrote:

Re: Wireguard IP packets fragmentation issue

2022-05-15 Thread Stuart Henderson
On 2022-05-15, Tom Smyth wrote: > IP fragments on internet are avoided generally through PMTU discovery (mtu > path > discovery) but > PMTU does not work beyond a Nat (if a smaller MTU interface exists > behind a NAT then the smaller > MTU will not be discovered. That's not right, NAT doesn't

Re: Wireguard IP packets fragmentation issue

2022-05-15 Thread Stuart Henderson
On 2022-05-15, Theo de Raadt wrote: > .Bd -literal -offset indent > -inet 0.0.0.0 255.255.255.255 NONE \e > +inet 0.0.0.0 255.255.255.255 0.0.0.1 \e > pppoedev em0 authproto pap \e > authname 'testcaller' authkey 'donttell' up > -dest 0.0.0.1 > inet6 eui64 > > I don't think this

Re: Wireguard IP packets fragmentation issue

2022-05-15 Thread Stuart Henderson
On 2022-05-15, Jason McIntyre wrote: > On Sat, May 14, 2022 at 09:14:36PM -0000, Stuart Henderson wrote: >> On 2022-05-14, Georg Pfuetzenreuter wrote: >> > pppoe(4) already has a section on this, possibly this could be used as a >> > start. >> >>

Re: Cron running at 99% CPU for seemingly no reason

2022-05-15 Thread Stuart Henderson
On 2022-05-15, Stephan Mending wrote: > Especially the line stating "the kernel did not panic" surprises me, as I am > greeted by the kernel debugger. Not sure how to interpret that. ddb is entered for panics (which are explicit calls from kernel code) and for other exceptions (which are not) -

Re: Wireguard IP packets fragmentation issue

2022-05-14 Thread Stuart Henderson
On 2022-05-14, Georg Pfuetzenreuter wrote: > pppoe(4) already has a section on this, possibly this could be used as a > start. It's not a great start really. Mixes up information about a method to set the pppoe MTU to 1500 (RFC4638) and using scrub, doesn't describe the problem (says "causing

Re: Wireguard IP packets fragmentation issue

2022-05-14 Thread Stuart Henderson
On 2022-05-14, n18fu...@tutanota.com wrote: >> I recommend "max-mss" instead of no-df, you don't really want fragments >> if you can help it. The number to cap at is 40 below the lowest actual >> MTU across the tunnel, so 1380 should do for WireGuard, IPsec varies >> depending on the options

Re: Wireguard IP packets fragmentation issue

2022-05-14 Thread Stuart Henderson
On 2022-05-14, William Ahern wrote: > On Fri, May 13, 2022 at 11:10:41PM +0200, n18fu...@tutanota.com wrote: >> Hi, >> >> I've set up an OpenBSD server on the Cloud, set up a Wireguard tunnel, and >> configured default route through that server. I've noticed that I can't >> access some websites:

Re: calling all PFsync users for experience, gotchas, feedback, tips and tricks

2022-05-13 Thread Stuart Henderson
On 2022-05-13, Marko Cupać wrote: > The only problem I currently have with pfsync is the fact that it does > not synchronise queue membership of states. IIRC this is meant to work but only if you have identical rulesets, after expanding interface addresses etc. This will require some care in

Re: A speed test with Iperf , Relayd and PF

2022-05-13 Thread Stuart Henderson
On 2022-05-13, Fabrizio Francione wrote: > Code: > tcp connection fixup { >   tcp nodelay > } > > relay IPERF_TEST{ >   listen on 10.10.10.2 port 6740 >   forward to 192.168.20.9 port 6670 >   protocol fixup > } > With IPERF I obtain a speed of 144Mbps . Why use nodelay? That disables Nagle

Re: Setting up vmd with veb0/vport0

2022-05-12 Thread Stuart Henderson
On 2022-05-12, David Demelier wrote: > (vm) # > ping 8.8.8.8 > PING 8.8.8.8 (8.8.8.8): 56 data bytes > ping: sendmsg: Can't assign requested address > ping: wrote 8.8.8.8 64 chars, ret=-1 > (vm) # > # ftp http://5.135.187.121/index.html > Trying 5.135.187.121... > ftp: connect: Can't assign

Re: OpenBSD ports require xbase set - still true?

2022-05-09 Thread Stuart Henderson
On 2022-05-09, Steffen Nurpmeso wrote: > Until now whenever i wanted to do this i had to install xbase, > otherwise the port makefile complained some. (I am afraid i have > forgotten the details.) Is this still true? Yes. We don't particularly want to deal with reports of build failures or

Re: hw.perfpolicy behavior on desktop/server

2022-05-09 Thread Stuart Henderson
On 2022-05-09, Atanas Vladimirov wrote: > Hi Guys, > > I'm running -current. > Recently I noticed (not sure when it changed) that my CPU is not > throttling anymore. The `hw.perfpolicy` is set to auto and `hw.setperf` > is always at 100%. I red that there was a change in 7.1: > > - Changed the

Re: Modern RFC3442 (Classless DHCP Static Routes)

2022-05-09 Thread Stuart Henderson
On 2022-05-09, Stuart Henderson wrote: >>> >>> That doesn't seem like correct behavior (the ISC version certainly >>> offers both). Both options should be sent if configured, it's up to >>> the client to properly handle this. >>> Clients that are

Re: Modern RFC3442 (Classless DHCP Static Routes)

2022-05-09 Thread Stuart Henderson
On 2022-05-06, Florian Obser wrote: > On 2022-05-06 10:28 -04, Sonic wrote: >> On Fri, May 6, 2022 at 7:18 AM Florian Obser wrote: >>> Also, dhcpd(8) does not even hand out option 3 when option 121 is >>> configured. >> >> That doesn't seem like correct behavior (the ISC version certainly >>

Re: deep packet inspection over no TLS/SSL traffic

2022-05-09 Thread Stuart Henderson
On 2022/05/09 10:46, Riccardo Giuntoli wrote: > Yes I know. With rdomains and pair it would be nice to write a daemon > that inspect L7 search for bittorrent identification and take action > above those packets.  > Yes. DMCA is a complete overkill. Vultr applies it. When business will It doesn't

Re: deep packet inspection over no TLS/SSL traffic

2022-05-09 Thread Stuart Henderson
On 2022-05-09, Riccardo Giuntoli wrote: > I've found a distfiles on the fr openbsd mirror: > > https://ftp.fr.openbsd.org/pub/OpenBSD/distfiles/ndpi-4.2.tar.gz > > Someone try it? This is used by ntopng, we don't have anything to use this to make packet forwarding decisions (anyway, by the time

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-05-06 Thread Stuart Henderson
On 2022-05-04, Theo de Raadt wrote: > I have also pointed out a couple of times now that sysclean ignores the > lessons of "find -print0" and "xargs -0", and I worry it could find a > file called > > "/somewhere/matchingpattern/\n/etc/spwd.db" Thus is easily fixed by adding a "delete" mode which

Re: Modern RFC3442 (Classless DHCP Static Routes)

2022-05-06 Thread Stuart Henderson
On 2022-05-04, nace...@narwhals.org wrote: > https://marc.info/?l=openbsd-tech=162652200109398=2 I disagree. > while its technically correct with the rfc, in practice, not many OSes > rigidly enforces not using the router option when 121 is present that > I've used. It's not just technically

Re: OpenBSD ftp and libtls: how to use session resumption with -S

2022-05-06 Thread Stuart Henderson
On 2022-05-06, Theo Buehler wrote: > While we could readily make libssl fall back to the legacy stack if > SSL_OP_NO_TICKET is disabled, I don't think this optimization outweighs > the overall benefit of TLSv1.3 - better protocol, cleaner code. Especially when the major beneficiary of this is

Re: relayd blocking by IP

2022-05-05 Thread Stuart Henderson
On 2022-05-05, Fabio Martins wrote: > On Thursday, May 5, 2022, Marcus MERIGHI wrote: > >> Hello Stuart, Hello Fabio, >> >> thanks for reading and suggesting! >> >> >> Exactly, though it is going to be relayd that is listening and >> forwarding to the application (or not, in case of

Re: Two minor issues with GNOME (autologin/night light)

2022-05-05 Thread Stuart Henderson
On 2022-05-05, David Demelier wrote: > 2. The autologin feature does not seem to work. Even though enabled in > the GNOME users settings and it has edited the /etc/gdm/custom.conf the > file to add: > > AutomaticLoginEnable=True > AutomaticLogin=markand > > It still goes to the GDM login

Re: relayd blocking by IP

2022-05-04 Thread Stuart Henderson
On 2022-05-04, Marcus MERIGHI wrote: > Hello! > > I need to block http/s traffic, but only for some Host: header values. > I.e. domain "xyz.abc" should be reachable, domain "klm.opq" not, both > behind the same IP. > > This rules out blocking with PF. > > I looked at relayd(8)/relayd.conf(5)

Re: rspamd and pyzor

2022-05-03 Thread Stuart Henderson
On 2022-05-03, kasak wrote: > rspamd manual assume, that we should use this construction: > > ExecStart=/bin/sh -c '/usr/bin/razor-check && /usr/bin/echo -n "spam" || > /usr/bin/echo -n "ham"' > > The razor-check manual confirm this: "razor-check" terminates with exit > value 0 if the signature

Re: mutt-wizard

2022-05-03 Thread Stuart Henderson
On 2022-05-02, ehakanduran wrote: > didn't) but I couldn't figure out a way to fix the second problem. Why > Ctrl-o doesn't work remains a mystery too. Any pointers will be very > much appreciated. See "stty -a", ^O is probably set to 'discard'. Try 'stty discard undef' to disable this and pass

Re: rspamd and pyzor

2022-05-03 Thread Stuart Henderson
On 2022-05-03, Michael Hekeler wrote: > But are you sure that you need it for pyzor?!?!?!? rspamd needs it. It's event-driven so they probably try to avoid blocking as much as possible, and by running it over TCP the load can be distributed between machines more easily. -- Please keep replies

Re: rspamd and pyzor

2022-05-03 Thread Stuart Henderson
On 2022-05-02, kasak wrote: > Hello misc! > > I have some information for rspamd users, and one question. > > As you may know, rspamd not using pyzor by directly calling pyzor binary. > > Instead, they say, you need to create special systemd socket, and call > pyzor through it. > > It is

Re: pkg-readmes missing for gnome and kde?

2022-05-01 Thread Stuart Henderson
On 2022-05-01, Antoine Jacoutot wrote: > On Sun, 2022-05-01 at 20:51 +0300, Mihai Popescu wrote: >> Hello, >> >> I tried to enable gnome or kde after install in an openbsd snapshot for >> amd64. >> Last time (some time ago) I know for sure there were some pkg-readmes >> for both gnome and kde

Re: OpenBSD 7.1 - hangs after userland upgrade on server hardware

2022-05-01 Thread Stuart Henderson
On 2022-05-01, Andrew Lemin wrote: > Hi all, > > I am totally stumped with issues while upgrading/installing 7.1 and I need > some help! > > Server; Supermicro X10SLV-Q (Intel Q87 Express), Xeon E3-1280 v3, 8G RAM, > Mellanox 10G NIC > > This server has been running OpenBSD flawlessly for years.

Re: creating new partition has corrupted the disklabel ("bad super block")

2022-04-30 Thread Stuart Henderson
On 2022-04-30, Nick Holland wrote: > On 4/30/22 5:16 AM, Sylvain Saboua wrote: >> Hello >> >> I have recently got an upgrade for my laptop with a 1TB SSD drive. >> I successfully managed to install a dual boot between archlinux and >> openbsd, both on encrypted partitions. >> >> Everything was

Re: bwfm0 no networking when combined with trunk (Raspberry Pi 4)

2022-04-30 Thread Stuart Henderson
On 2022-04-30, David Demelier wrote: > I have setup a trunk combination on my Pi 4 to aggregate the ethernet > port (bse0) with the wireless port (bwfm0) using the examples in the > documentation: trunk changes the MAC address to that of the first port, and there's a fair chance that changing

Re: Unusable resolution on a widescreen monitor during install

2022-04-27 Thread Stuart Henderson
On 2022-04-27, Nick Holland wrote: > On 4/27/22 9:15 AM, David Demelier wrote: >> >> http://markand.fr/static/openbsd-resolution.jpeg > > * Do a serial install (aren't I funny? As if there is a serial port on a > machine with an HDMI port! But maybe there is...Maybe I should go buy > a lottery

Re: clang 13 space issues with KARL

2022-04-27 Thread Stuart Henderson
On 2022-04-27, Nick Holland wrote: >> What can I do to make KARL reorder_kernel use less memory without buying more >> RAM? I've turned KARL off for now but that's not a real solution and I hate >> it. >> >> Is there no option in the clang 13.0.0 linker to store what it would normally >> store

Re: OpenBSD 7.1 and unbound 1.15.0

2022-04-27 Thread Stuart Henderson
On 2022-04-27, Renaud Allard wrote: > This is a cryptographically signed message in MIME format. > > --ms080604030904040206090102 > Content-Type: text/plain; charset=UTF-8; format=flowed > Content-Transfer-Encoding: 8bit > > > > On 4/26/22 16:25, Renaud Allard wrote: >> >> Hello, >>

Re: OpenBSD and multitasking

2022-04-26 Thread Stuart Henderson
On 2022-04-26, Mike Larkin wrote: > On Tue, Apr 26, 2022 at 02:13:16AM +0300, Mihai Popescu wrote: >> I can bear this since I'm not into large file transfer business. But >> here is another interesting fact: each time my disk is used by some >> file transfer, all the running applications, mostly

Re: Sysctl settings for transmission bittorrent (udp receive buffer size)

2022-04-25 Thread Stuart Henderson
On 2022-04-25, Daniel Schuermann wrote: > I can't get transmission (bittorrent client) to work properly. > > From the logs: > transmission-daemon: UDP Failed to set receive buffer: > requested 4194304, got 41600 > > On Linux I would do: > sysctl net.core.rmem_max=4194304 > I couldn't figure

Re: Should FUSE mounts be considered local?

2022-04-23 Thread Stuart Henderson
On 2022-04-22, Allan Streib wrote: > I had an SMB network share mounted on a directory under my $HOME (via > FUSE using usmb package), and overnight security(8) tried to check it for > setuid/setgid files. That did not go well. I see that I could have set > the SUIDSKIP environment variable but I

Re: kernel fault after 7.1

2022-04-23 Thread Stuart Henderson
On 2022-04-23, kasak wrote: > hello everybody. after upgrading to 7.1 my router started to panic very > often :(( about twice a day. Please report to b...@openbsd.org, with the information from your mail, plus dmesg, and an outline of how the machine is configured (what types of network

Re: 7.1 & nsd - failed writing to tcp: Permission denied

2022-04-23 Thread Stuart Henderson
On 2022-04-22, Laura Smith wrote: > --- Original Message --- > On Friday, April 22nd, 2022 at 18:16, Peter J. Philipp > wrote: > >> So that's weird becuase the 3-way handshake must have completed for nsd to >> reply a query. Meaning there was SYN's and ACK's being exchanged but perhaps

Re: No valid root disk found when upgrading

2022-04-22 Thread Stuart Henderson
On 2022-04-21, Stuart Henderson wrote: >> upgrade# cd /dev; sh MAKEDEV sd0 >> upgrade# mount -t ffs -r /dev/sd0a /mnt >> upgrade# ls /mnt >> .cshrc bsd dev sbin >> .profilebsd.booted etc

Re: No valid root disk found when upgrading

2022-04-21 Thread Stuart Henderson
On 2022-04-21, michal.lyszc...@bofc.pl wrote: > --47wmzg5ty6ypgy6x > Content-Type: text/plain; charset=us-ascii > Content-Disposition: inline > Content-Transfer-Encoding: 7bit > > Hello Stuart, > Thanks for your reply, here is more data > On 2022-04-21 21:43:08, Stuart He

Re: No valid root disk found when upgrading

2022-04-21 Thread Stuart Henderson
On 2022-04-21, michal.lyszc...@bofc.pl wrote: >> 16 partitions: >> #size offset fstype [fsize bsize cpg] >> a: 8400960 1024 4.2BSD 2048 16384 12960 >> b: 67119581 8401984swap >> c:4883971680

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-04-21 Thread Stuart Henderson
On 2022-04-21, Florian Obser wrote: > On 2022-04-20 21:42 UTC, Stuart Henderson wrote: >> On 2022-04-20, Florian Obser wrote: >>> You will need a carefully curated /etc/sysclean.ignore file. >>> >>> You decided to put maildirs somewhere on the system, syscl

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-04-20 Thread Stuart Henderson
On 2022-04-20, Florian Obser wrote: > You will need a carefully curated /etc/sysclean.ignore file. > > You decided to put maildirs somewhere on the system, sysclean is not > omniscient, you need to tell it to leave them alone. Same with .git > directories. > I don't recall needing to tell it

Re: Is there a way to build mod_auth_kerb?

2022-04-19 Thread Stuart Henderson
On 2022-04-18, Maksim Rodin wrote: > Hello, > I am trying to build mod_auth_kerb for apache2 on OpenBSD 6.9 > I installed heimdal-libs-7.7.0p0 and downloaded the latest src for > mod_auth_kerb from github > After unpacking and configuring the following way: > ./configure

Re: reordering libraries: fdcresult: overrun

2022-04-19 Thread Stuart Henderson
On 2022-04-19, rtw0 dtw0 wrote: > I would provide more info if I knew how to configure the mail service on > OBSD, which I had never considered useful before when I thought that I > might rely solely on the Handbook and man pages. You just need to get the information onto a computer which _can_

Re: no output from zathura

2022-04-18 Thread Stuart Henderson
I've committed a fix. If you report problems with ports, it would help to include at least: - OpenBSD version and machine arch (it never hurts to include the full dmesg) - Package version - (plus the description of what happens, any console messages etc, like you included here) And preferably

Re: Auto layout for disk partitions - a new user's perspective

2022-04-18 Thread Stuart Henderson
On 2022-04-18, James Mintram wrote: > Hi. I am new to OpenBSD, so these questions come from my first > experience with the system. > > I selected the auto layout option when partitioning my 256GB drive. I have > then found issues while doing the following: > > 1) Cloning src from the github

Re: Nginx + Syslog Question

2022-04-17 Thread Stuart Henderson
On 2022-04-17, David Anthony wrote: > I'm trying to send Nginx access logs to syslog. I've tried examples in > the default nginx configuration file and man page to no avail. Can > anyone help identify why I'm not seeing access logs? It runs in /var/www chroot, and uses its own code to write to

Re: Spamd as a proxy

2022-04-15 Thread Stuart Henderson
On 2022-04-15, alejan...@rogue-research.com wrote: > Hi Mr Hansteen, > > Thanks for the reply, I started my journey with OpenBSD this week and I > decided to buy your book to help me understand its PF system, it's been > very helpful. I've been reading man pages from pf,spamd,opensmtpd and >

Re: time drift in OpenBSD in proxmox (qemu-kvm) guest

2022-04-15 Thread Stuart Henderson
ep it like that if possible :) > On Fri, 15 Apr 2022 at 11:12, Stuart Henderson > wrote: > > > > On 2022-04-14, Stefan Sperling wrote: > > > On Thu, Apr 14, 2022 at 09:26:41PM -, Stuart Henderson wrote: > > >> I have some OpenBSD guests in Proxmox VE 7.1-

Re: time drift in OpenBSD in proxmox (qemu-kvm) guest

2022-04-15 Thread Stuart Henderson
On 2022-04-14, Stefan Sperling wrote: > On Thu, Apr 14, 2022 at 09:26:41PM -0000, Stuart Henderson wrote: >> I have some OpenBSD guests in Proxmox VE 7.1-7 (pve-qemu-kvm_6.1.0) and >> seeing pretty bad clock drift (50 seconds in ~7h uptime). ntpd can't cope >> with it. From

Re: IKEV2 two devices can connect but only one can make traffic

2022-04-15 Thread Stuart Henderson
On 2022-04-12, Łukasz Moskała wrote: > I remember talking with network engineer at one company I used to work at. > We used fortigate firewalls, and I asked why are we using SSLVPN instead of > ipsec-based vpn, as both were supported. > > He said something along the lines of "ipsec does not work

time drift in OpenBSD in proxmox (qemu-kvm) guest

2022-04-14 Thread Stuart Henderson
I have some OpenBSD guests in Proxmox VE 7.1-7 (pve-qemu-kvm_6.1.0) and seeing pretty bad clock drift (50 seconds in ~7h uptime). ntpd can't cope with it. From boot: 2022-04-14T13:58:19.844Z ntpd[26996]: adjusting local clock by 1.745061s 2022-04-14T13:59:24.070Z ntpd[26996]: adjusting local

Re: Request additions to qbittorrent-nox port README

2022-04-14 Thread Stuart Henderson
+cc ports@ & maintainer On 2022/04/14 21:11, u...@mailo.com wrote: > > 127.0.0.1 is probably the best thing to suggest > > for listening to localhost. > The thing is - I need it accessible from another machine over network. > With `localhost` it DOES work over network, > this is how I have used

Re: How do I report a kernel panic occuring on install media?

2022-04-14 Thread Stuart Henderson
On 2022/04/14 12:21, rtw0 dtw0 wrote: > Hi, > > To disable acpi permanently: > # config -ef /bsd > ukc > disable acpi > ukc > quit This is a REALLY BAD IDEA. >From my earlier mail: https://marc.info/?l=openbsd-misc=164983204029245=2 | (Note: acpi drivers are used for various machine

Re: Request additions to qbittorrent-nox port README

2022-04-13 Thread Stuart Henderson
On 2022-04-13, wrote: > I have had 2 issues with `qbittorrent-nox`, both are OpenBSD-specific > and IMHO it would be appropriate if README described them. > http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/qbittorrent/qbittorrent-nox/pkg/README?rev=1.3=text/x-cvsweb-markup > > I emailed Elias

Re: How do I report a kernel panic occuring on install media?

2022-04-13 Thread Stuart Henderson
On 2022-04-13, misc.99...@aleeas.com wrote: > > It sounds like you're trying to use the 32bit OpenBSD installer for a >> 64bit cpu. In that case, you would want the AMD64 installer. Even if that is the case, it's not very likely to change the ACPI parsing. > As far as I remember the CPU is only

Re: Question about /etc/resolvd.conf and local resolver

2022-04-13 Thread Stuart Henderson
On 2022-04-13, J Doe wrote: > For people reading this thread ... > > /etc/resolv.conf is the traditional file for configuring the system > resolver(s) while /etc/resolvd.conf is the configuration file for the > resolvd *daemon*, which is also involved in the configuration of the > system

Re: How do I report a kernel panic occuring on install media?

2022-04-13 Thread Stuart Henderson
On 2022-04-13, misc.99...@aleeas.com wrote: > I'm trying to boot OpenBSD 7.0 i386 image (sha256: > 2423307414df1800537063b3cafd9ae788b46711074b7f94d855c8a3de622f51) from a USB > flash drive on HP Mini, Intel Atom N2600 1.60 GHz machine. Before I could > install, unfortunately I'm facing a

Re: IKEV2 two devices can connect but only one can make traffic

2022-04-12 Thread Stuart Henderson
On 2022-04-11, Ettore Tagarelli wrote: > If I use the "dynamic keyword I get this error: "no IP address found for > dynamic" though "config address 192.168.98.1/24" is there. > Using 0.0.0.0/32 instead of 0.0.0.0/0 causes that traffic is not routed > ('cause /32 restrict the only address possible

Re: IKEV2 two devices can connect but only one can make traffic

2022-04-11 Thread Stuart Henderson
On 2022-04-11, Ettore Tagarelli wrote: > Hello, > I've an Openbsd 6.6 machine with IKEV2. I always used it with only one > client connected and it always worked. Trying to connect with two clients > (behind the same NAT) I found out that the connection seems established but > only one client

Re: TLS library problme: tlsv1 alert protocol

2022-04-09 Thread Stuart Henderson
On 2022-04-09, Stephan Mending wrote: > Hi Tom, > > Hm.. I am on the receiving end of this TLS Handshake. > I am running -release on one and -current on another. Problem and error > messages are the same. > > Excerpt of the running postfix main.cf: > > smtpd_tls_mandatory_ciphers = high >

Re: map/mount a directory/partition into memory

2022-04-08 Thread Stuart Henderson
On 2022-04-08, Stuart Henderson wrote: > On 2022-04-08, Stefan Hagen wrote: >> Mihai Popescu wrote (2022-04-08 05:17 CEST): >>> Since my computer is struggling with chromium and I suspect it's the >>> disk access being too slow, I want to map the directory accesse

Re: map/mount a directory/partition into memory

2022-04-08 Thread Stuart Henderson
On 2022-04-08, Mihai Popescu wrote: >> swap /tmp mfs rw,nodev,nosuid,-s=1g 0 0 > > for some reason, xenodm is not displayed and i am not able to login ... Permissions are probably wrong. Try this: - boot single-user - mount -uw / (don't mount other filesystems) - chmod 1777 /tmp - reboot --

Re: map/mount a directory/partition into memory

2022-04-08 Thread Stuart Henderson
On 2022-04-08, Stefan Hagen wrote: > Mihai Popescu wrote (2022-04-08 05:17 CEST): >> Since my computer is struggling with chromium and I suspect it's the >> disk access being too slow, I want to map the directory accessed by >> chromium ( i think it is ~/.cache) into the memory. >> >> Looking in

Re: pf documentation

2022-04-07 Thread Stuart Henderson
On 2022-04-07, Steve Litt wrote: > I need some easy beginner's pf documentation as well as some > intermediate pf documentation. I plan to make an OpenBSD/pf firewall. I > haven't done this in ten years, and imagine pf and the process of > turning OpenBSD into a firewall have changed in that

Re: TLS library problme: tlsv1 alert protocol

2022-04-07 Thread Stuart Henderson
On 2022-04-06, Tom Smyth wrote: > Hi Stephan, > at a guess I would say that there is no overlap between supported TLS > protool versions and ciphers > available on the client vs the server. This message explicitly suggests protocol version rather than cipher > if your system is using a recent

Re: redis fails to start

2022-04-06 Thread Stuart Henderson
On 2022-04-06, rea...@catastrophe.net wrote: > I have redis configured to start with rspamd. The configuration is default > with no changes after the port install. Redis has been failing to start and > doesn't give much information back when running with `--loglevel verbose'. > > I'm able to run

Re: RISC-V board to buy

2022-04-05 Thread Stuart Henderson
On 2022-04-05, Martin wrote: > Hi list, > > Can anybody know where to buy SiFive HiFive Unmatched (preferred) or > Microsemi PolarFire SoC Icicle Kit to run 7.1 on RISC-V architecture? Can't > find it in stock anywhere. Farnell have some of the Microsemi boards.

Re: OpenBSD-7.1beta EM7455 with default ports config detects as umb0 without AT ports

2022-04-05 Thread Stuart Henderson
On 2022-04-05, Martin wrote: > Hi list, > > Just connected EM7455 modem (factory default port configuration with MBIM + > AT port + NMEA port + DM port) to a machine with latest 7.1beta snapshot. > > The modem detected as umb0, but no AT port or NMEA port detected at all. > > How did developers

Re: OpenBSD benchmarks

2022-04-05 Thread Stuart Henderson
On 2022-04-04, Nicolas Goy wrote: > Hello, > > I'd like to make some 10gbit/s benchmarks for an OpenBSD based router. > > I was wondering if there was some "standard" pf ruleset I could use to > have a meaningful metric. It might be useful to have PF disabled, and PF enabled with a simple "pass"

Re: sysupgrade from -stable (was: error rebuilding binaries after 6.9->7.0 sysupgrade)

2022-04-04 Thread Stuart Henderson
On 2022/04/04 20:37, Steve Fairhead wrote: > On 04/04/2022 13:10, owner-m...@openbsd.org wrote: > > sysupgrade only copes with what look like release versions (no version > > suffix, upgrades to release+0.1 with no arguments, or snapshot with -s) > > or snapshots (-current or -beta suffix, by

Re: Internal Logging?

2022-04-04 Thread Stuart Henderson
On 2022-04-04, Eric Thomas wrote: > I'd like to understand more about how OpenBSD logs internal events such as: > > - pkg_add/delete events > - user logins > - X session start/stops > etc. > > Is there "one big log" where all of these types of events are stored? > Or are they logged in specific

Re: How to track system changes?

2022-04-04 Thread Stuart Henderson
On 2022-04-04, Eric Thomas wrote: > I want to have a high degree of confidence in my system's state > (packages that have been added, configs that have changed, permissions > changed, etc). I've read about "read only filesystems" and the > pro's/con's

Re: openbsd, softraid recovery (I have password)

2022-04-04 Thread Stuart Henderson
On 2022-04-03, Nick Holland wrote: > If you are going to find your data, you need to recreate the disklabel > partitions exactly as they were on the encrypted FFS from OpenBSD. > scan_ffs(8) may help. OoenBSD's scan_ffs only supports FFS1, the OS defaults to FFS2.

Re: error rebuilding binaries after 6.9->7.0 sysupgrade

2022-04-03 Thread Stuart Henderson
you want and install manually) Unless you modify sysupgrade you can't get from a "OpenBSD 7.1" kernel to downloading files from the /7.1/ directory. > Dave Raymond > > On 4/3/22, Stuart Henderson wrote: > > On 2022-04-03, Steve Fairhead wrote: > >> On 07/11/2021 10

Re: error rebuilding binaries after 6.9->7.0 sysupgrade

2022-04-03 Thread Stuart Henderson
On 2022-04-03, Steve Fairhead wrote: > On 07/11/2021 10:35, Steve Fairhead wrote: >> >> That's what I'd expect, and I did indeed run sysupgrade without specific >> options. Nonetheless I seem to have wound up with -current when I would >> have expected -stable: >> >> # dmesg | grep OpenBSD >>

Re: How to rebuild the ports tree?

2022-04-01 Thread Stuart Henderson
On 2022-04-01, Eric Thomas wrote: > @Crystal > >> If you want to work with the ports tree, it's _much_ better to set up >> DPB than just running 'make' in the various directories: > > Very cool blog! I def spent some time reading. The dpb method feels > like a litle too advanced for me at

Re: increasing max value of rdomain/rtable

2022-04-01 Thread Stuart Henderson
On 2022-04-01, Valdrin MUJA wrote: > I want to increase the number of rdomain/rtable from 255 to 1024. I will do > this at my own risk. I had a look at the kernel code but couldn't figure out > how to upgrade it. I would be very grateful if you could guide me on this. > Thanks in advance. I'm

Re: How to rebuild the ports tree?

2022-03-31 Thread Stuart Henderson
On 2022-03-31, Eric Thomas wrote: > --c9bb7b05db88e7ee > Content-Type: text/plain; charset="UTF-8" > > I'm stuck. I need to install the UniFi 6.2.26 port, I used the [FAQ to > setup the ports tree](https://www.openbsd.org/faq/ports/ports.html). > This seemed to work just fine.

Re: Multiple wgpeers on single wg(4) interface with same wgaip list

2022-03-31 Thread Stuart Henderson
On 2022-03-31, Matthew Ernisse wrote: > I am trying to setup several tunnels into a single wg(4) endpoint. > The first tunnel worked fine however when I add the second one the wgaip > statement moves to the last wgpeer configured. Is this expected behavior? Yes, you can't use these

Re: issue with move to php8 as default

2022-03-30 Thread Stuart Henderson
On 2022-03-30, ITwrx wrote: >> The php-fpm ports default to using /etc/php-fpm.conf. >> >> If you are running both php74_fpm and php80_fpm together then you must >> change this default for at least one of them and point it at its own >> configuration file e.g. >> >> php74_fpm_flags=-y

Re: issue with move to php8 as default

2022-03-30 Thread Stuart Henderson
You seem to have missed my reply: https://marc.info/?l=openbsd-misc=164855890727816=2 On 2022-03-30, ITwrx wrote: > On Wed, 30 Mar 2022 09:30:39 -0500 > ITwrx wrote: > >> > Hi ITwrx >> > >> > you will need to check your rc.conf.local and update it to start up >> > the php8.0 fpm >> > >> > it

Re: issue with move to php8 as default

2022-03-29 Thread Stuart Henderson
On 2022-03-28, ITwrx wrote: > I'm running php7.4 and php8 at the same time on an OpenBSD 7.0 machine > i'm testing as a web server. I'm pretty sure they were both starting up > fine until yesterday (it's been a while) after i updated with pkg_add -u > and syspatch. Now, php8 fails to start with:

Re: OpenBGPd: fatal in RDE: aspath_get: Cannot allocate memory

2022-03-29 Thread Stuart Henderson
On 2022-03-29, Claudio Jeker wrote: > On Tue, Mar 29, 2022 at 09:53:56AM +0200, Laurent CARON wrote: >> Hi, >> >> I'm happily running several OpenBGPd routers (Openbsd 7.0). >> >> After having applied the folloxing filters (to blackhole traffic from >> certain countries): >> >> include

  1   2   3   4   5   6   7   8   9   10   >