Re: support new
Hello Ingo, Parfait, merci beaucoup. Regards, Wesley -Message d'origine- De : Ingo Schwarze Envoyé : mardi 24 octobre 2023 15:35 À : Wesley MOUEDINE ASSABY Cc : misc@openbsd.org Objet : Re: support new Hi Wesley, Wesley MOUEDINE ASSABY wrote on Tue, Oct 24, 2023 at 02:06:47PM +0400: > 0 > C France > P REUNION > T Sainte Clotilde > Z 97490 > O Consultant > I Wesley Mouedine Assaby > M wes...@mouedine.net <mailto:wes...@mouedine.net> U > https://www.mouedine.net N OpenBSD consulting, services like > mailserver, web hosting, firewall and vpn. Committed with s/vpn/VPN/, the spelling familiar from OpenBSD manual pages. I removed all information from your old entry that you no longer included in your new entry. The new entry is now online here, please check: https://www.openbsd.org/support.html#France Yours, Ingo
support update
Please, can you remove my old entry < AISE-INFORMATIQUE > in < France > area. Thank's !
support new
0 C France P REUNION T Sainte Clotilde Z 97490 O Consultant I Wesley Mouedine Assaby M wes...@mouedine.net <mailto:wes...@mouedine.net> U https://www.mouedine.net N OpenBSD consulting, services like mailserver, web hosting, firewall and vpn.
Re: Crash on TOSHIBA PORTEGE Z30-A laptop
> If there isn't a newer BIOS that resolves this, I would tend to return the > box as not suitable. This is the case, there’s no BIOS update. Thank you very much, anyway. Cheers, /Wesley De : Philip Guenther Envoyé : lundi 23 octobre 2023 00:39 À : wes...@technicien.io Cc : b...@openbsd.org; misc@openbsd.org Objet : Re: Crash on TOSHIBA PORTEGE Z30-A laptop On Sat, Oct 21, 2023 at 2:27 AM mailto:wes...@technicien.io> > wrote: Hi Philip, Thank you very much for your answer. I tried to disable all options (+devices) possible. Same issue. And what's about disable acpi in the kernel using the bsd.re-config? As Mike and Theo noted, this will certainly cause problems. Do you think If I replace the wireless card by somthing else, It could resolve this issue? Very unlikely. The problem is the stack depth of the ACPI processing. The crash you saw had the wifi interrupt occur during the ACPI processing but it could just as well happen with some other device interrupting the ACPI processing. If there isn't a newer BIOS that resolves this, I would tend to return the box as not suitable. Phlip Guenther
Re: Crash on TOSHIBA PORTEGE Z30-A laptop
Hi Philip, Thank you very much for your answer. I tried to disable all options (+devices) possible. Same issue. And what's about disable acpi in the kernel using the bsd.re-config? Do you think If I replace the wireless card by somthing else, It could resolve this issue? /Wesley -Message d'origine- De : owner-b...@openbsd.org De la part de Philip Guenther Envoyé : samedi 21 octobre 2023 03:23 À : wes...@technicien.io Cc : b...@openbsd.org; misc@openbsd.org Objet : Re: Crash on TOSHIBA PORTEGE Z30-A laptop On Fri, Oct 20, 2023 at 1:23 PM wrote: > I've recently installed OpenBSD 7.4 on this laptop. > > However, I'm experiencing random crashes. These occur at various > times, including during kernel loading (before running /etc/rc), > > or later while I'm using the system. > > > I've included the contents of /var/run/dmesg.boot below and attached > the screens with the ddb output command. > ... > bios0: vendor TOSHIBA version "Version 4.30" date 04/26/2018 > The screenshots show that the fault happens during a wifi interrupt that catches the ACPI thread processing a very deeply nested AML code. I suspect it's actually running out of kernel stack space as a result. Everything below is based on that hypothesis. So, the first thing to try is to see if there's a BIOS update newer than the 2018 rev it currently has. They may have optimized the AML code, or at least made it less deeply nested. Another possibility is to see if there's a device you can disable that would result in that AML not being called. If there's anything that you aren't using then disable it in the BIOS and hope. The last possibility would be to build a kernel which allocates more pages per thread for its kernel stack by bumping the UPAGES #define in /usr/src/sys/arch/amd64/include/param.h and building a new kernel. It's really only the ACPI thread that needs this, but we don't currently have code to control that on a per-thread basis. Philip Guenther
Re: Shell account service providers
Ibsen S Ripsbusker wrote: Are there services that sell managed OpenBSD shell accounts? I mean a service similar to sdf.org. Try google with keywords "online unix terminal for shell scripting", you will find a lot results. regards.
Re: pkg_add, stdout and exit code
What's about the stdout ? On 13.02.2019 02:11, Solene Rapenne wrote: On Wed, Feb 13, 2019 at 01:56:07AM -0500, Wesley Mouedine Assaby wrote: Hi all, I'm using OpenBSD 6.4 amd64 (GENERIC.MP) #6 Using 'pkg_add' i can't access stdout, and the exit code stays 0 whatever it finds or not the package to install. Example : doas pkg_add sl > file.stdout echo $? # exit code is 0 cat file.stdout # empty file or doas pkg_add sl > file.stdout 2>&1 cat file.stdout # empty file Therefore, i can access stderr trying to install a bad package name but exit code stays 0 doas pkg_add sli > file.stderr echo $? # exit code is 0 cat file.stderr # => Can't find sli Reading pkg_add(1) : Interactive mode is the default on a tty -I Force non-interactive mode. Default is to be interactive when run from a tty. -i Force interactive mode, even if not run from a tty. pkg_add may ask questions to the user if faced with difficult decisions. I also tried with -i/-I same issue. Any way to get stdout ? Is this an expected behavior ? Thanks, Wesley hi, I don't know about pkg_add return codes but what you are currently looking is the return code of doas which return >0 in those cases as explained in doas(1): • The config file /etc/doas.conf could not be parsed. • The user attempted to run a command which is not permitted. • The password was incorrect. • The specified command was not found or is not executable.
pkg_add, stdout and exit code
Hi all, I'm using OpenBSD 6.4 amd64 (GENERIC.MP) #6 Using 'pkg_add' i can't access stdout, and the exit code stays 0 whatever it finds or not the package to install. Example : doas pkg_add sl > file.stdout echo $? # exit code is 0 cat file.stdout # empty file or doas pkg_add sl > file.stdout 2>&1 cat file.stdout # empty file Therefore, i can access stderr trying to install a bad package name but exit code stays 0 doas pkg_add sli > file.stderr echo $? # exit code is 0 cat file.stderr # => Can't find sli Reading pkg_add(1) : Interactive mode is the default on a tty -I Force non-interactive mode. Default is to be interactive when run from a tty. -i Force interactive mode, even if not run from a tty. pkg_add may ask questions to the user if faced with difficult decisions. I also tried with -i/-I same issue. Any way to get stdout ? Is this an expected behavior ? Thanks, Wesley
Re: Ruby On Rails application with httpd
Le 2018-03-19 15:55, Artur Pedziwilk a écrit : On 15 Feb 2018, at 12:03, Wesley MOUEDINE ASSABY <wes...@e-solutions.re> wrote: Is there a way to get a 'Ruby on Rails' application running with the embedded OpenBSD httpd(+slowcgi??) ? Why like that? Relayd is perfect for that on OpenBSD IMHO. Do you have an example ? (httpd + relayd) Thank's anyway. /Wesley
Re: Custom bsd.rd to include auto_install.conf
Try 'upobsd' tool (http://ports.su/sysutils/upobsd) (https://maly.io/@semarie) /Wesley Le 2018-02-23 17:01, Thuban a écrit : As mentionned in autoinstall(8), """ If either /auto_install.conf or /auto_upgrade.conf is found on bsd.rd's built-in RAM disk, autoinstall behaves as if the machine is netbooted, but uses the local response file. """ I would like to build a custom bsd.rd to include auto_install.conf file. Do you have any advice for this ? I found some tutorials for 5.7 [1], so quite outdated, and can't go through the entire process. Regards. [1] : http://mouedine.net/reinstall57/
Ruby On Rails application with httpd
Hi, Is there a way to get a 'Ruby on Rails' application running with the embedded OpenBSD httpd(+slowcgi??) ? Thank you very much anyway! /Wesley
FAQ - Add a link
Hi, Can you add a link to "http://www.openbsd.org; on the OpenBSD logo (smalltitle.gif) located at http://cvsweb.openbsd.org/cgi-bin/cvsweb/ ? It will be better for browsing, to come back. Thank you very much. Regards, Wesley MOUEDINE ASSABY www.openbsdjumpstart.org
acpi error running openbsd snapshot 20140820 (amd64)
NVIDIA MCP61 PCIE rev 0xa2 pci3 at ppb2 bus 3 ppb3 at pci0 dev 12 function 0 NVIDIA MCP61 PCIE rev 0xa2 pci4 at ppb3 bus 4 vga1 at pci0 dev 13 function 0 NVIDIA GeForce 6100 nForce 430 rev 0xa2 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pchb0 at pci0 dev 24 function 0 AMD AMD64 0Fh HyperTransport rev 0x00 pchb1 at pci0 dev 24 function 1 AMD AMD64 0Fh Address Map rev 0x00 pchb2 at pci0 dev 24 function 2 AMD AMD64 0Fh DRAM Cfg rev 0x00 kate0 at pci0 dev 24 function 3 AMD AMD64 0Fh Misc Cfg rev 0x00: core rev BH-G2 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 wbsio0 at isa0 port 0x2e/2: W83627EHF rev 0x63 lm1 at wbsio0 port 0x290/8: W83627EHF fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 usb1 at ohci0: USB revision 1.0 uhub1 at usb1 NVIDIA OHCI root hub rev 1.00/1.00 addr 1 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets root on wd0a (0a792ba942a68105.a) swap on wd0b dump on wd0b Any idea, patches ? Thank you very much. Cheers, Wesley MOUEDINE ASSABY
Re: acpi error running openbsd snapshot 20140820 (amd64)
On 20.08.2014 19:27, Mike Larkin wrote: On Wed, Aug 20, 2014 at 12:34:24PM +0400, Wesley MOUEDINE ASSABY wrote: Hi, Running the install56.fs from an usb key give me the following error : http://pbrd.co/1rWT1Us So i disabled acpi using UKC to be able to install : http://pbrd.co/1rWUqL0 OpenBSD is installed now, but running it with acpi support give me a kernel panic : http://pbrd.co/1rWTCFX trace : http://pbrd.co/1rWTKVS http://pbrd.co/1rWTUws and ps : http://pbrd.co/1rWU1bl So you expect us to help you when: 1. You've been randomly disabling code in the kernel. I can't install it with acpi support as i mentioned. The error with acpi at install process : Running the install56.fs from an usb key give me the following error : http://pbrd.co/1rWT1Us 2. You're claiming the bug is somehow related to acpi and yet you've provided us with no acpidump. If you look the error message : http://pbrd.co/1rWT1Us How can i get the acpidump if there 's no ddb prompt ? :) What would your mechanic say if you took your car to the garage and said My engine is making a strange sound, but I'm not going to tell you what sound it's making. By the way, I've unplugged some random wires somewhere in the engine compartment. Criticism is easy :) ==wma
Re: acpi error running openbsd snapshot 20140820 (amd64)
How can i get the acpidump if there 's no ddb prompt ? :) man acpidump Reading FAQ, there's no acpidump informations...the same for acpi(4) I will post the dump. Thank you very much. What would your mechanic say if you took your car to the garage and said My engine is making a strange sound, but I'm not going to tell you what sound it's making. By the way, I've unplugged some random wires somewhere in the engine compartment. Criticism is easy :) Asking for help and providing a substandard bug report is easier. +1 :)
Re: /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: Cannot load specified object
Hi,
Running the web app, give me in the production.log :
Processing DashboardController#index (for 192.168.0.20 at 2014-07-02
11:58:53) [GET]
Parameters: {controller=dashboard, action=index}
LoadError (Cannot load specified object -
/usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so):
/usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so
lib/rrdmon.rb:4
app/controllers/dashboard_controller.rb:7:in `index'
Below, a beginning of dashboard_controller.rb file :
class DashboardController ApplicationController
def index
@proc = Mailserver.new.processes
@updates = Mailserver.new.updates
# problem to load rrdtools - can not load specified object RRD.so
Rrdmon.new.daily
end
The error was away in the install using LD_PRELOAD in the install
process.
But i don't know how to correct this app, if you can help me.
Thank you very much.
Rendering /var/mailserv/admin/public/500.html (500 Internal Server
Error)
On 01.07.2014 03:14, Stuart Henderson wrote:
On 2014-06-30, Wesley MOUEDINE ASSABY open...@e-solutions.re wrote:
dlopen: /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: done
(failed).
/usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: Cannot load
specified object -
/usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so
...
and verify now : ldconfig -r | grep libpthread.so.18.0
68:-lpthread.18.0 = /usr/lib/libpthread.so.18.0
and the file exists.
I don't understand why it is not loaded ...
dlopen() doesn't automatically pull in libpthread. Either the main
program must be linked against it, or you need LD_PRELOAD.
On 2014-06-30, Wesley MOUEDINE ASSABY open...@e-solutions.re wrote:
On 30.06.2014 18:11, Ted Unangst wrote:
LD_PRELOAD=libpthread.so ruby
I tried this : env LD_PRELOAD=/usr/lib/libpthread.so.18.0 ruby18
path_to_rb
The error go away. But the ruby app doesn't work.
So this fixed one problem, now you have another and need to debug a
bit further..
Re: /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: Cannot load specified object
Now, it works using your advice, the following at startup export LD_PRELOAD=/usr/lib/libpthread.so.18.0 Thank you very much. -- On 01.07.2014 03:14, Stuart Henderson wrote: dlopen() doesn't automatically pull in libpthread. Either the main program must be linked against it, or you need LD_PRELOAD.
/usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: Cannot load specified object
Hi, I'm trying to make mailserv project working with the last OpenBSD version. I meet this error : /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: Cannot load specified object - /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so (LoadError) from /var/mailserv/scripts/rrdmon_create.rb:2 I checked the file /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so exists. I already read the documentation about rrdtool-1.4.8p1. (located in /usr/local/share/doc/pkg-readmes) Packages Installed : ruby-1.8.7.374p0object oriented script language with threads ruby-1.9.3.484p0object oriented script language with threads ruby-daemons-1.1.9p0 wrap existing Ruby scripts to be run as a daemon ruby-fastercsv-1.5.4p2 faster Ruby CSV library ruby-fastthread-1.0.7p9 optimized replacement for Ruby thread.rb primitives ruby-gem_plugin-0.2.3p7 install Ruby gems as plugins ruby-gems-1.8.23p1 package management framework for the Ruby language ruby-iconv-1.8.7.374 libiconv interface for ruby ruby-mongrel-1.1.5p6 fast HTTP library and server for Ruby ruby-mysql-2.8.1p16 access a MySQL database from Ruby ruby-rake-0.9.2.2p0 ruby make ruby-rrd-1.4.8p1ruby interface to librrd ruby19-hoe-2.12.3p1 simple rake/rubygems helper for project Rakefiles $(ldconfig -r | grep rrd) give me : 139:-lrrd.4.0 = /usr/local/lib/librrd.so.4.0 140:-lrrd_th.4.0 = /usr/local/lib/librrd_th.so.4.0 $(ldd /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so) give me : StartEnd Type Open Ref GrpRef Name 0702e000 27032000 dlib 10 0 /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so 06448000 26455000 rlib 01 0 /usr/local/lib/librrd.so.4.0 05814000 2583f000 rlib 01 0 /usr/local/lib/libruby18.so.0.0 06bc6000 26bcf000 rlib 013 0 /usr/lib/libm.so.9.0 0e1bf000 2e1c3000 rlib 01 0 /usr/local/lib/libpangocairo-1.0.so.3600.0 0396f000 23974000 rlib 011 0 /usr/lib/libpthread.so.18.0 050fe000 25108000 rlib 03 0 /usr/X11R6/lib/libpixman-1.so.32.4 0c77d000 2c785000 rlib 03 0 /usr/local/lib/libpng.so.17.1 09da1000 29da5000 rlib 03 0 /usr/X11R6/lib/libxcb-shm.so.1.0 067ec000 267f rlib 03 0 /usr/X11R6/lib/libxcb-render.so.1.0 0d678000 2d67c000 rlib 03 0 /usr/X11R6/lib/libXrender.so.6.0 021e9000 221ed000 rlib 03 0 /usr/X11R6/lib/libXext.so.13.0 035a1000 2361f000 rlib 05 0 /usr/X11R6/lib/libX11.so.16.0 0297b000 2298 rlib 08 0 /usr/X11R6/lib/libxcb.so.3.0 0b102000 2b11a000 rlib 02 0 /usr/local/lib/libcairo.so.12.2 0e448000 2e44d000 rlib 02 0 /usr/local/lib/libpangoft2-1.0.so.3600.0 0649 264a3000 rlib 03 0 /usr/local/lib/libharfbuzz.so.4.2 06042000 2604a000 rlib 04 0 /usr/local/lib/libgraphite2.so.0.0 0767c000 27694000 rlib 03 0 /usr/local/lib/libpango-1.0.so.3600.0 079c7000 279cb000 rlib 04 0 /usr/local/lib/libgmodule-2.0.so.3800.0 0b625000 2b629000 rlib 04 0 /usr/local/lib/libgthread-2.0.so.3800.0 0915e000 2916b000 rlib 04 0 /usr/local/lib/libgobject-2.0.so.3800.0 0c779000 2c77d000 rlib 05 0 /usr/local/lib/libffi.so.0.0 05441000 25457000 rlib 09 0 /usr/local/lib/libpcre.so.3.0 0cf6c000 2cfc1000 rlib 08 0 /usr/local/lib/libglib-2.0.so.3800.0 00a46000 20a57000 rlib 04 0 /usr/X11R6/lib/libfontconfig.so.9.0 010b3000 210cd000 rlib 06 0 /usr/X11R6/lib/libfreetype.so.22.0 038c 238c5000 rlib 05 0 /usr/lib/libexpat.so.11.0 0c2bb000 2c2bf000 rlib 07 0 /usr/X11R6/lib/libpthread-stubs.so.2.0 0ae99000 2aec rlib 01 0 /usr/local/lib/libxml2.so.15.1 0616e000 26175000 rlib 08 0 /usr/lib/libz.so.5.0 049e3000 249e7000 rlib 09 0 /usr/local/lib/libintl.so.6.0 0e60c000 2e6ec000 rlib 011 0 /usr/local/lib/libiconv.so.6.0 0d051000 2d055000 rlib 02 0 /usr/X11R6/lib/libXau.so.10.0 0111e000 21123000 rlib 02 0 /usr/X11R6/lib/libXdmcp.so.11.0 0cba8000 2cbd6000 rlib 02 0 /usr/lib/libstdc++.so.57.0 Any idea ? Thank you very much. Cheers, Wesley MOUEDINE ASSABY
Re: /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: Cannot load specified object
Now, error i have using LD_DEBUG : env LD_DEBUG=1 ruby18 /var/mailserv/scripts/rrdmon_create.rb : ... loading: libexpat.so.11.0 required by /usr/local/lib/librrd.so.4.0 flags /usr/lib/libexpat.so.11.0 = 0x0 obj /usr/lib/libexpat.so.11.0 has /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so as head loading: libXext.so.13.0 required by /usr/local/lib/librrd.so.4.0 flags /usr/X11R6/lib/libXext.so.13.0 = 0x0 obj /usr/X11R6/lib/libXext.so.13.0 has /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so as head loading: libpthread.so.18.0 required by /usr/local/lib/librrd.so.4.0 flags /usr/lib/libpthread.so.18.0 = 0x68 dlopen: failed to open libpthread.so.18.0 unload_shlib called on /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so unload_shlib called on /usr/local/lib/librrd.so.4.0 unload_shlib unloading on /usr/local/lib/librrd.so.4.0 unload_shlib called on /usr/local/lib/libruby18.so.0.0 unload_shlib called on /usr/lib/libm.so.9.0 unload_shlib called on /usr/lib/libc.so.73.1 unload_shlib unloading on /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so dlopen: /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: done (failed). /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: Cannot load specified object - /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so (LoadError) from /var/mailserv/scripts/rrdmon_create.rb:2 doing dtors doing dtors obj 0x8376a288 @0xb189630: [/usr/local/lib/libruby18.so.0.0] doing dtors obj 0x8376a080 @0xc7cab30: [/usr/lib/libc.so.73.1] doing dtors obj 0x844ee068 @0x6b20900: [/usr/lib/libm.so.9.0] and verify now : ldconfig -r | grep libpthread.so.18.0 68:-lpthread.18.0 = /usr/lib/libpthread.so.18.0 and the file exists. I don't understand why it is not loaded ... Any idea ? On 30.06.2014 16:52, sven falempin wrote: ldd /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so would probably give the raeson it is a dlib On Mon, Jun 30, 2014 at 8:38 AM, Wesley MOUEDINE ASSABY open...@e-solutions.re wrote: Hi, I'm trying to make mailserv project working with the last OpenBSD version. I meet this error : /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: Cannot load specified object - /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so (LoadError) from /var/mailserv/scripts/rrdmon_create.rb:2 I checked the file /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so exists. I already read the documentation about rrdtool-1.4.8p1. (located in /usr/local/share/doc/pkg-readmes) Packages Installed : ruby-1.8.7.374p0object oriented script language with threads ruby-1.9.3.484p0object oriented script language with threads ruby-daemons-1.1.9p0 wrap existing Ruby scripts to be run as a daemon ruby-fastercsv-1.5.4p2 faster Ruby CSV library ruby-fastthread-1.0.7p9 optimized replacement for Ruby thread.rb primitives ruby-gem_plugin-0.2.3p7 install Ruby gems as plugins ruby-gems-1.8.23p1 package management framework for the Ruby language ruby-iconv-1.8.7.374 libiconv interface for ruby ruby-mongrel-1.1.5p6 fast HTTP library and server for Ruby ruby-mysql-2.8.1p16 access a MySQL database from Ruby ruby-rake-0.9.2.2p0 ruby make ruby-rrd-1.4.8p1ruby interface to librrd ruby19-hoe-2.12.3p1 simple rake/rubygems helper for project Rakefiles $(ldconfig -r | grep rrd) give me : 139:-lrrd.4.0 = /usr/local/lib/librrd.so.4.0 140:-lrrd_th.4.0 = /usr/local/lib/librrd_th.so.4.0 $(ldd /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so) give me : StartEnd Type Open Ref GrpRef Name 0702e000 27032000 dlib 10 0 /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so 06448000 26455000 rlib 01 0 /usr/local/lib/librrd.so.4.0 05814000 2583f000 rlib 01 0 /usr/local/lib/libruby18.so.0.0 06bc6000 26bcf000 rlib 013 0 /usr/lib/libm.so.9.0 0e1bf000 2e1c3000 rlib 01 0 /usr/local/lib/libpangocairo-1.0.so.3600.0 0396f000 23974000 rlib 011 0 /usr/lib/libpthread.so.18.0 050fe000 25108000 rlib 03 0 /usr/X11R6/lib/libpixman-1.so.32.4 0c77d000 2c785000 rlib 03 0 /usr/local/lib/libpng.so.17.1 09da1000 29da5000 rlib 03 0 /usr/X11R6/lib/libxcb-shm.so.1.0 067ec000 267f rlib 03 0 /usr/X11R6/lib/libxcb-render.so.1.0 0d678000 2d67c000 rlib 03 0 /usr/X11R6/lib/libXrender.so.6.0 021e9000 221ed000 rlib 03 0 /usr/X11R6/lib/libXext.so.13.0 035a1000 2361f000 rlib 05 0 /usr/X11R6/lib/libX11.so.16.0 0297b000 2298 rlib 08 0 /usr/X11R6/lib/libxcb.so.3.0 0b102000 2b11a000 rlib 02 0 /usr/local/lib/libcairo.so.12.2 0e448000 2e44d000 rlib 02 0 /usr/local/lib/libpangoft2-1.0.so.3600.0 0649 264a3000 rlib 03 0 /usr/local/lib/libharfbuzz.so.4.2 06042000 2604a000 rlib 04 0 /usr/local/lib/libgraphite2.so.0.0 0767c000 27694000 rlib 03 0 /usr/local
Re: /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: Cannot load specified object
On 30.06.2014 18:11, Ted Unangst wrote: On Mon, Jun 30, 2014 at 16:38, Wesley MOUEDINE ASSABY wrote: Hi, I'm trying to make mailserv project working with the last OpenBSD version. I meet this error : /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so: Cannot load specified object - /usr/local/lib/ruby/site_ruby/1.8/i386-openbsd/RRD.so (LoadError) from /var/mailserv/scripts/rrdmon_create.rb:2 LD_PRELOAD=libpthread.so ruby I tried this : env LD_PRELOAD=/usr/lib/libpthread.so.18.0 ruby18 path_to_rb The error go away. But the ruby app doesn't work.
Re: Nonexistant domains resolve to my local domain
On 10.04.2014 13:41, Stuart Henderson wrote: Try ASR_DEBUG=1 ping somehost and post the result.. Very useful, where can we find informations about these kind of variables like LD_DEBUG, ASR_DEBUG or other ?? Thank you very much
Re: smokeping errors on OpenBSD 5.4
Hi, Perhaps this can help : Dependencies : http://ports.su/net/smokeping What do you need from the official Smokeping project : http://oss.oetiker.ch/smokeping/doc/smokeping_install.en.html Cheers, Wesley Le 2014-04-06 0:37, Thorleif Wiik [BCIX] a écrit : Hey all, just tried to run smokeping on OpenBSD 5.4, but I have the following error after installing it with pkg_add smokeping # smokeping --help Can't load '/usr/local/libdata/perl5/site_perl/amd64-openbsd/auto/RRDs/RRDs.so' for module RRDs: Cannot load specified object at /usr/libdata/perl5/amd64-openbsd/5.16.3/DynaLoader.pm line 190. at /usr/local/bin/../lib/Smokeping.pm line 15. Compilation failed in require at /usr/local/bin/../lib/Smokeping.pm line 15. BEGIN failed--compilation aborted at /usr/local/bin/../lib/Smokeping.pm line 15. Compilation failed in require at /usr/local/bin/smokeping line 12. BEGIN failed--compilation aborted at /usr/local/bin/smokeping line 12. # Any tips on that ? Thanks, Thorleif
OpenBSD Website, multilanguage faq
Hi There's no anymore multilanguage pages ? Regards, Wesley
Re: OpenBSD Website, multilanguage faq
Le 2014-04-03 15:50, Amit Kulkarni a écrit : On Thu, Apr 3, 2014 at 3:30 AM, Wesley MOUEDINE ASSABY open...@e-solutions.re wrote: Hi There's no anymore multilanguage pages ? Regards, Wesley They are gone... There are huge bunch of commits starting from this one. I thought it was a subtle April fool's joke but apparently not. http://marc.info/?l=openbsd-cvsm=139637003025491w=2 [1] i thought the same before post... Links: -- [1] http://marc.info/?l=openbsd-cvsamp;m=139637003025491amp;w=2
Re: Layer 7 filtering example using pf and relayd : block torrent use and some urls
Thanks, i will correct that. Le 2013-11-27 13:21, Tristan Le Guern a écrit : Le 11/25/13 15:38, Wesley MOUEDINE ASSABY a écrit : Hi, A new how to about PF and relayd : http://www.mouedine.net/relayd Cheers, Wesley MOUEDINE ASSABY Are you aware that DNS use TCP connexion when replies are too large for UDP? It is a bad practice to block this.
Layer 7 filtering example using pf and relayd : block torrent use and some urls
Hi, A new how to about PF and relayd : http://www.mouedine.net/relayd Cheers, Wesley MOUEDINE ASSABY
Re: Layer 7 filtering example using pf and relayd : block torrent use and some urls
Hi, Tested with facebook.com/ It works. In this case, PF doesn't block any IP, relayd take all the work, it is a transparent proxy with https/http inspection. I also tested this : Download .torrent file is not allowed. From a usb key, i tried to open a .torrent with utorrent client (windows) it doesn't download any files.I don't want to make any risky assumptions ;-) Cheers, ==wma Le 2013-11-26 4:14, Paolo Aglialoro a écrit : Hi, really nice tutorial :) What about blocking some sites like dropbox, gdrive, etc. which are the main channels through which files are nowadays leaking out of companies? For instance, in the case of dropbox a single url would not be enough, just look here: https://ipdb.at/org/Dropbox Same to block fbook or similar socials. U could integrate ur schema with the use of tables but the real breakthrough would be catching these applications at protocol level when they try to login remotely. Managing tables of forbidden ip addresses is a job in itself. Il 25/nov/2013 15:38 Wesley MOUEDINE ASSABY open...@e-solutions.re ha scritto: Hi, A new how to about PF and relayd : http://www.mouedine.net/relayd Cheers, Wesley MOUEDINE ASSABY
How-to: dualboot Windows 8.1 and OpenBSD 5.4
Hi
I just tested this. It works nice for me.
I have a Windows 8.1 on a hard drive 15 GB (A full one partition).
So i want to install OpenBSD 5.4 and have multiboot.
-1- Reduce the disk using disk management (MMC snap)
i reduced Windows partition, i have now a second partition 1GB.
Put OpenBSD 5.4 CD, and reboot.
-2- Install OpenBSD using CHS (Be careful!)
OpenBSD is now installed, eject cd, and reboot to windows
# fdisk -e 3
-3- Download the tool dd for windows
http://www.chrysocome.net/dd
Unzip dd-0.6beta3 and do :
open cmd as administrator and do:
dd --list
# this will list device (we are looking for partition 2 (openbsd)
dd if=\\?\Device\Harddisk0\Partition2 of=openbsd.pbr bs=512 count=1
# This record OpenBSD PBR
Copy the file openbsd.pbr to the root c:
-4- Modify boot.ini using bcdedit
In a cmd console (need administrator rights)
bcdedit /create /d OpenBSD 5.4 /application boot sector
# copy the identifier and paste it to the 4 following lines
# For me, identifier is : {0eae31b8-4f98-11e3-8260-00264aa3d5ac}
bcdedit /set {0eae31b8-4f98-11e3-8260-00264aa3d5ac} device boot
bcdedit /set {0eae31b8-4f98-11e3-8260-00264aa3d5ac} path \openbsd.pbr
bcdedit /set {0eae31b8-4f98-11e3-8260-00264aa3d5ac} device partition=c:
bcdedit /displayorder {0eae31b8-4f98-11e3-8260-00264aa3d5ac} /addlast
-5- Reboot, you re done!
As Dmitri said, windows 8.1 load graphical before you have the boot
choice.
And when you choose OpenBSD, the box reboot and load OpenBSD.
I hope this helps!!
If you want i can do a better how-to with snapshots, and put it on the
web.
Or contribute to the FAQ!*
Cheers,
Wesley MOUEDINE ASSABY
http://www.mouedine.net
Re: How-to: dualboot Windows 8.1 and OpenBSD 5.4
Le 2013-11-17 20:27, dmitry.sensei a écrit :
What about 1Tb disk? Is CHS mode correct for this disks?
I done the test using Virtualization.
Not tried with a physical hard drive 1 TB.
17.11.2013 20:20 пользователь Wesley MOUEDINE ASSABY
open...@e-solutions.re написал:
Hi
I just tested this. It works nice for me.
I have a Windows 8.1 on a hard drive 15 GB (A full one partition).
So i want to install OpenBSD 5.4 and have multiboot.
-1- Reduce the disk using disk management (MMC snap)
i reduced Windows partition, i have now a second partition 1GB.
Put OpenBSD 5.4 CD, and reboot.
-2- Install OpenBSD using CHS (Be careful!)
OpenBSD is now installed, eject cd, and reboot to windows
# fdisk -e 3
-3- Download the tool dd for windows
http://www.chrysocome.net/dd [1]
Unzip dd-0.6beta3 and do :
open cmd as administrator and do:
dd --list
# this will list device (we are looking for partition 2 (openbsd)
dd if=\?DeviceHarddisk0Partition2 of=openbsd.pbr bs=512 count=1
# This record OpenBSD PBR
Copy the file openbsd.pbr to the root c:
-4- Modify boot.ini using bcdedit
In a cmd console (need administrator rights)
bcdedit /create /d OpenBSD 5.4 /application boot sector
# copy the identifier and paste it to the 4 following lines
# For me, identifier is : {0eae31b8-4f98-11e3-8260-00264aa3d5ac}
bcdedit /set {0eae31b8-4f98-11e3-8260-00264aa3d5ac} device boot
bcdedit /set {0eae31b8-4f98-11e3-8260-00264aa3d5ac} path openbsd.pbr
bcdedit /set {0eae31b8-4f98-11e3-8260-00264aa3d5ac} device
partition=c:
bcdedit /displayorder {0eae31b8-4f98-11e3-8260-00264aa3d5ac}
/addlast
-5- Reboot, you re done!
As Dmitri said, windows 8.1 load graphical before you have the boot
choice.
And when you choose OpenBSD, the box reboot and load OpenBSD.
I hope this helps!!
If you want i can do a better how-to with snapshots, and put it on
the web.
Or contribute to the FAQ!*
Cheers,
Wesley MOUEDINE ASSABY
http://www.mouedine.net [2]
Links:
--
[1] http://www.chrysocome.net/dd
[2] http://www.mouedine.net
Re: How-to: dualboot Windows 8.1 and OpenBSD 5.4
For more details:
#On windows 8.1 side:
C:\Users\wesley\Desktopdiskpart
Microsoft DiskPart version 6.3.9600
Copyright (C) 1999-2013 Microsoft Corporation.
Sur l'ordinateur : WIN-FP7P8RGJ41R
DISKPART list disk
N° disque Statut Taille LibreDyn GPT
- - --- --- --- ---
Disque 0En ligne 15 G octets 7168 K octets
DISKPART select disk 0
Le disque 0 est maintenant le disque sélectionné.
DISKPART list partition
N° partition Type Taille Décalage
- ---
Partition 1Principale 13 G 1024 K
Partition 2Principale1016 M 14 G
C:\Users\wesley\Desktopdd --list
rawwrite dd for windows version 0.6beta3.
Written by John Newbigin j...@it.swin.edu.au
This program is covered by terms of the GPL Version 2.
Win32 Available Volume Information
\\.\Volume{7eb8fac6-3a97-11e3-8250-806e6f6e6963}\
link to \\?\Device\HarddiskVolume1
fixed media
Mounted on \\.\c:
\\.\Volume{7eb8facf-3a97-11e3-8250-806e6f6e6963}\
link to \\?\Device\Floppy0
removeable media
Mounted on \\.\a:
\\.\Volume{7eb8face-3a97-11e3-8250-806e6f6e6963}\
link to \\?\Device\CdRom0
CD-ROM
Mounted on \\.\d:
NT Block Device Objects
\\?\Device\CdRom0
size is 2147483647 bytes
\\?\Device\Floppy0
\\?\Device\Harddisk0\Partition0
link to \\?\Device\Harddisk0\DR0
Fixed hard disk media. Block size = 512
size is 16106127360 bytes
\\?\Device\Harddisk0\Partition1
link to \\?\Device\HarddiskVolume1
\\?\Device\Harddisk0\Partition2
link to \\?\Device\HarddiskVolume2
Fixed hard disk media. Block size = 512
size is 1065503744 bytes
C:\Windows\system32bcdedit
Gestionnaire de démarrage Windows
-
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject{d12fb8de-3a9f-11e3-87ed-8386d37742c1}
displayorder{current}
{0eae31b8-4f98-11e3-8260-00264aa3d5ac}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-
identificateur {current}
device partition=C:
path\Windows\system32\winload.exe
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence{d12fb8e0-3a9f-11e3-87ed-8386d37742c1}
integrityservices Enable
recoveryenabled Yes
allowedinmemorysettings 0x1575
osdevicepartition=C:
systemroot \Windows
resumeobject{d12fb8de-3a9f-11e3-87ed-8386d37742c1}
nx OptIn
bootmenupolicy Standard
Secteur de démarrage en mode réel
-
identificateur {0eae31b8-4f98-11e3-8260-00264aa3d5ac}
device partition=C:
path\openbsd.pbr
description OpenBSD 5.4
#On OpenBSD side:
# fdisk sd0
Disk: sd0 geometry: 1958/255/63 [31457280 Sectors]
Offset: 0 Signature: 0xAA55
Starting Ending LBA Info:
#: id C H S - C H S [ start:size ]
---
*0: 07 0 32 33 - 1827 116 17 [2048:29356032 ]
NTFS
1: 00 0 0 0 - 0 0 0 [ 0: 0 ]
unused
2: 00 0 0 0 - 0 0 0 [ 0: 0 ]
unused
3: A6 1828 117 18 - 1957 254 63 [29374208: 2081062 ]
OpenBSD
# disklabel sd0
# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: VMware Virtual S
duid: 5a595447d111e24a
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 1958
total sectors: 31457280
boundstart: 29374208
boundend: 31455270
drivedata: 0
16 partitions:
#size offset fstype [fsize bsize cpg]
a: 2046720 29374208 4.2BSD 2048 163841 # /
b:34332 31420928swap # none
c: 314572800 unused
i: 29356032 2048NTFS
17.11.2013 20:20 пользователь Wesley MOUEDINE ASSABY
open...@e-solutions.re написал:
Hi
I just tested this. It works nice for me.
I have a Windows 8.1 on a hard drive 15 GB (A full one partition).
So i want to install OpenBSD 5.4 and have multiboot.
-1- Reduce the disk using disk management (MMC snap)
i reduced Windows partition, i have now a second partition 1GB.
Put OpenBSD 5.4 CD, and reboot.
-2- Install OpenBSD using CHS (Be careful!)
OpenBSD is now installed, eject cd, and reboot to windows
# fdisk -e 3
-3- Download the tool dd for windows
http
Re: How-to: dualboot Windows 8.1 and OpenBSD 5.4
Le 2013-11-17 23:02, Nick Holland a écrit :
On 11/17/13 12:53, Wesley MOUEDINE ASSABY wrote:
Le 2013-11-17 20:27, dmitry.sensei a écrit :
What about 1Tb disk? Is CHS mode correct for this disks?
I done the test using Virtualization.
Not tried with a physical hard drive 1 TB.
The smallest common non-SSD laptop drive is probably around 500G now,
and 1TB is routine on desktops. At least some (many? most?) of these
machines are now shipping with UEFI boot, and a lot of them will be
pre-loaded with Windows, with minimal resources to reload Windows
from
scratch.
The target (and worst-case) audience is the person who bought a
laptop
or desktop pre-loaded with Windows 8, and wants to install OpenBSD
with
as little disruption to the existing system as possible.
I appreciate the efforts, but we need something more comprehensive.
Sounds like I need to go buy a modern Windows system. :-/
I can make the test on hardware at work with a 1TB SATA on a HP
Proliant ML110.
Do you want absolutely UEFI ?
If it is the case, so i will try on a recent laptop.
But this time with 500GB SATA 25.
You re welcome.
Nick.
17.11.2013 20:20 пользователь Wesley MOUEDINE ASSABY
open...@e-solutions.re напиÑал:
Hi
I just tested this. It works nice for me.
I have a Windows 8.1 on a hard drive 15 GB (A full one partition).
So i want to install OpenBSD 5.4 and have multiboot.
-1- Reduce the disk using disk management (MMC snap)
i reduced Windows partition, i have now a second partition 1GB.
Put OpenBSD 5.4 CD, and reboot.
-2- Install OpenBSD using CHS (Be careful!)
OpenBSD is now installed, eject cd, and reboot to windows
# fdisk -e 3
-3- Download the tool dd for windows
http://www.chrysocome.net/dd [1]
Unzip dd-0.6beta3 and do :
open cmd as administrator and do:
dd --list
# this will list device (we are looking for partition 2 (openbsd)
dd if=\?DeviceHarddisk0Partition2 of=openbsd.pbr bs=512 count=1
# This record OpenBSD PBR
Copy the file openbsd.pbr to the root c:
-4- Modify boot.ini using bcdedit
In a cmd console (need administrator rights)
bcdedit /create /d OpenBSD 5.4 /application boot sector
# copy the identifier and paste it to the 4 following lines
# For me, identifier is : {0eae31b8-4f98-11e3-8260-00264aa3d5ac}
bcdedit /set {0eae31b8-4f98-11e3-8260-00264aa3d5ac} device boot
bcdedit /set {0eae31b8-4f98-11e3-8260-00264aa3d5ac} path
openbsd.pbr
bcdedit /set {0eae31b8-4f98-11e3-8260-00264aa3d5ac} device
partition=c:
bcdedit /displayorder {0eae31b8-4f98-11e3-8260-00264aa3d5ac}
/addlast
-5- Reboot, you re done!
As Dmitri said, windows 8.1 load graphical before you have the
boot
choice.
And when you choose OpenBSD, the box reboot and load OpenBSD.
I hope this helps!!
If you want i can do a better how-to with snapshots, and put it on
the web.
Or contribute to the FAQ!*
Cheers,
Wesley MOUEDINE ASSABY
http://www.mouedine.net [2]
Links:
--
[1] http://www.chrysocome.net/dd
[2] http://www.mouedine.net
Limit downloading using the new queueing subsystem (OpenBSD-5.4)
Hi, I built this small network: 192.168.1.0/29axe0-obsd54-re0---WAN I want to limit a host (192.168.1.1/29) to download at 10KBps. The pf ruleset is loaded. I can see the queue employee used but download is still high, not limited at 10 KBps. # pfctl -vvs queue [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] queue restriction on axe0 bandwidth 800K qlimit 50 [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] queue employee parent restriction on axe0 bandwidth 10K qlimit 50 [ pkts: 1744 bytes:2496373 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] queue network parent restriction on axe0 bandwidth 790K default qlimit 50 [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] Is there someone to help me on ? For more informations, see below : # uname -a OpenBSD testing.pf.queue 5.4 GENERIC.MP#80 i386 # cat /etc/pf.conf employee=192.168.1.1 set skip on lo match out on egress inet from lan:network to any nat-to egress match in all scrub (no-df max-mss 1440) queue restriction on axe0 bandwidth 800K queue employee parent restriction bandwidth 10K queue network parent restriction bandwidth 790K default block all pass out on egress pass in on egress inet proto tcp from egress:network to any port ssh pass in log quick on lan from $employee set queue employee pass in on lan # ifconfig lo0: flags=8049 mtu 33192 priority: 0 groups: lo inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff00 re0: flags=8843 mtu 1500 lladdr 00:1e:33:25:a5:33 priority: 0 groups: egress media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) status: active inet6 fe80::21e:33ff:fe25:a533%re0 prefixlen 64 scopeid 0x2 inet 192.168.0.19 netmask 0xffe0 broadcast 192.168.0.31 enc0: flags=0 priority: 0 groups: enc status: active axe0: flags=8843 mtu 1500 lladdr 00:50:b6:0b:e2:7d priority: 0 groups: lan media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.1.4 netmask 0xfff8 broadcast 192.168.1.7 inet6 fe80::250:b6ff:fe0b:e27d%axe0 prefixlen 64 scopeid 0x5 pflog0: flags=141 mtu 33192 priority: 0 groups: pflog Thank you very much for your precious help! Regards, Wesley
Re: Limit downloading using the new queueing subsystem (OpenBSD 5.4-current)
When i download a file using the host 192.168.1.1 and do at the same time : # pfctl -vvs queue queue restriction on axe0 bandwidth 800K qlimit 50 [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] [ measured: 0.0 packets/s, 0 b/s ] queue employee parent restriction on axe0 bandwidth 10K qlimit 50 [ pkts: 21119 bytes: 30624777 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] [ measured: 115.8 packets/s, 1.35Mb/s ] queue network parent restriction on axe0 bandwidth 790K default qlimit 50 [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] [ measured: 0.0 packets/s, 0 b/s ] Le 2013-10-15 15:37, Wesley MOUEDINE ASSABY a écrit : Hi, I built this small network: 192.168.1.0/29axe0-obsd54-re0---WAN I want to limit a host (192.168.1.1/29) to download at 10KBps. The pf ruleset is loaded. I can see the queue employee used but download is still high, not limited at 10 KBps. # pfctl -vvs queue [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] queue restriction on axe0 bandwidth 800K qlimit 50 [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] queue employee parent restriction on axe0 bandwidth 10K qlimit 50 [ pkts: 1744 bytes:2496373 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] queue network parent restriction on axe0 bandwidth 790K default qlimit 50 [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] Is there someone to help me on ? For more informations, see below : # uname -a OpenBSD testing.pf.queue 5.4 GENERIC.MP#80 i386 # cat /etc/pf.conf employee=192.168.1.1 set skip on lo match out on egress inet from lan:network to any nat-to egress match in all scrub (no-df max-mss 1440) queue restriction on axe0 bandwidth 800K queue employee parent restriction bandwidth 10K queue network parent restriction bandwidth 790K default block all pass out on egress pass in on egress inet proto tcp from egress:network to any port ssh pass in log quick on lan from $employee set queue employee pass in on lan # ifconfig lo0: flags=8049 mtu 33192 priority: 0 groups: lo inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff00 re0: flags=8843 mtu 1500 lladdr 00:1e:33:25:a5:33 priority: 0 groups: egress media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) status: active inet6 fe80::21e:33ff:fe25:a533%re0 prefixlen 64 scopeid 0x2 inet 192.168.0.19 netmask 0xffe0 broadcast 192.168.0.31 enc0: flags=0 priority: 0 groups: enc status: active axe0: flags=8843 mtu 1500 lladdr 00:50:b6:0b:e2:7d priority: 0 groups: lan media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.1.4 netmask 0xfff8 broadcast 192.168.1.7 inet6 fe80::250:b6ff:fe0b:e27d%axe0 prefixlen 64 scopeid 0x5 pflog0: flags=141 mtu 33192 priority: 0 groups: pflog Thank you very much for your precious help! Regards, Wesley
Re: Limit downloading using the new queueing subsystem (OpenBSD 5.4-current)
Le 2013-10-15 16:18, Norman Golisz a écrit : On Tue Oct 15 2013 14:08, Norman Golisz wrote: On Tue Oct 15 2013 15:48, Wesley MOUEDINE ASSABY wrote: When i download a file using the host 192.168.1.1 and do at the same time : # pfctl -vvs queue queue restriction on axe0 bandwidth 800K qlimit 50 [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] [ measured: 0.0 packets/s, 0 b/s ] queue employee parent restriction on axe0 bandwidth 10K qlimit 50 [ pkts: 21119 bytes: 30624777 dropped pkts: 0 bytes: 0 ] [ qlength: 0/ 50 ] [ measured: 115.8 packets/s, 1.35Mb/s ] yap, bandwidth restrictions apply on upload, only. So, you're effectively using 10K for TCP ACK packets. you might want to restrict bandwidth on the LAN interface, though. You'd configure the queues as above on the LAN interface and apply packets going out/upload. Actually, queue is defined on axe0 (IN); it is the lan interface. It doesn't work (downloading limited). I already tried this: block all pass in log quick on lan from $employee set queue employee tag policy1 pass in on lan pass log quick tagged policy1 pass out on egress # Downloading still not limited. Any idea ? -- Wesley
Re: Limit downloading using the new queueing subsystem (OpenBSD 5.4-current)
Le 2013-10-15 20:48, Norman Golisz a écrit : Yes, I remember you need to explicitly set a maximum bandwidth to the queue definition: queue employee parent restriction bandwidth 10K max 10K Does this work for you? Yes, i just added max keyword. Therefore i meet a problem : queue restriction on axe0 bandwidth 10M queue employee parent restriction bandwidth 1M max 2M queue network parent restriction bandwidth 9M default If i download a file, download turn around 3,5 KB/s and just after 0/0KB/s ; impossible to download it If i remove the max, it downloads the file with the high bandwidth. Any idea ? Thank you very much. ==wma
Re: poptop on OpenBSD 5.3
Hi, Why not use the embedded package in OpenBSD 5.3 : npppd ?? conf files : /etc/npppd/npppd.conf and npppd-users Below a link that will help you on : http://fr.slideshare.net/GiovanniBechis/npppd-easy-vpn-with-openbsd Cheers, Wesley Le 2013-08-05 4:48, Alvaro Mantilla Gimenez a écrit : Hi, I am trying to configure poptop on OpenBSD 5.3 without success. I've installed the package and configured the files as the /usr/local/share/doc/pkg-readmes/poptop-1.3.4p4 says but didn't work so I started to change things here and there without success. These are the facts: /etc/pptpd.conf: stimeout 10 noipparam logwtmp localip 5.5.5.1 remoteip 5.5.5.2-102 /etc/ppp/options: lock auth usehostname proxyarp +MSChap-V2 mppe-128 mppe-stateless /etc/ppp/ppp.conf: default: set log Phase Chat LCP IPCP CCP tun command set speed 115200 pptp: set log phase tun enable proxy set dns 8.8.8.8 8.8.4.4 set ifaddr 5.5.5.1 5.5.5.0/0 255.255.255.0 set timeout 0 enable chap enable MSChapV2 And here the error: pptpd[25764]: CTRL: Starting call (launching pppd, opening GRE) ppp[14716]: Phase: Using interface: tun0 ppp[14716]: Phase: deflink: Created in closed state ppp[14716]: tun0: Command: default: set speed 115200 ppp[14716]: tun0: Command: pptp: set log phase tun ppp[14716]: tun0: Phase: PPP Started (direct mode). ppp[14716]: tun0: Phase: bundle: Establish ppp[14716]: tun0: Phase: deflink: closed - opening ppp[14716]: tun0: Phase: deflink: Connected! ppp[14716]: tun0: Phase: deflink: opening - carrier ppp[14716]: tun0: Phase: deflink: carrier - lcp ppp[14716]: tun0: Phase: bundle: Authenticate ppp[14716]: tun0: Phase: deflink: his = none, mine = CHAP 0x81 ppp[14716]: tun0: Phase: Chap Output: CHALLENGE ppp[14716]: tun0: Phase: Chap Input: RESPONSE (49 bytes from testuser) ppp[14716]: tun0: Phase: Chap Output: SUCCESS ppp[14716]: tun0: Phase: deflink: lcp - open ppp[14716]: tun0: Phase: bundle: Network ppp[14716]: tun0: Phase: deflink: open - lcp ppp[14716]: tun0: Warning: ff01:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Phase: bundle: Terminate pptpd[25764]: CTRL: EOF or bad error reading ctrl packet length. pptpd[25764]: CTRL: couldn't read packet header (exit) pptpd[25764]: CTRL: CTRL read failed ppp[14716]: tun0: Phase: deflink: read (0): Got zero bytes ppp[14716]: tun0: Phase: deflink: Disconnected! ppp[14716]: tun0: Phase: deflink: Connect time: 1 secs: 354 octets in, 364 octets out ppp[14716]: tun0: Phase: deflink: 7 packets in, 11 packets out ppp[14716]: tun0: Phase: total 718 bytes/sec, peak 0 bytes/sec on Sun Aug 4 18:23:07 2013 ppp[14716]: tun0: Phase: deflink: lcp - closed ppp[14716]: tun0: Phase: bundle: Dead ppp[14716]: tun0: Phase: PPP Terminated (normal). pptpd[25764]: CTRL: Client truncated_ip control connection finished So far I think is not an authentication problem (the authentication process seems to be success) and it is a network related issue. However, I do not how to fix it according to the three lines on the output: ppp[14716]: tun0: Warning: ff01:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable I enabled and applied on sysctl.conf: net.inet.gre.allow=1 net.inet.gre.wccp=1 Also, I added the pf.conf lines needed to allow traffic from 1723 and GRE connections and, to be sure, let all traffic from 5.5.5.0 network pass through the firewall on tun0. Any help? What I am missing? Thanks in advance, Alvaro
gre protocol
Hi, I'm using OpenBSD 5.3-stable. It will be famous if #net.inet.gre.allow=1 can be present in the file /etc/sysctl.conf (as a comment). Thank you very much. Warm Regards, Wesley
How-To updated : Vpn IKEv2 between a Windows 8 Road Warrior Host and an OpenBSD-5.3 gateway
Hi everyone, I just updated my How-To about ikev2. You can reach it here : http://www.mouedine.net Cheers, Wesley MOUEDINE ASSABY
Re: add en_US.UTF8 support
Hi, Thank you very much for your reply. Le 2013-04-11 17:54, Stefan Sperling a écrit : Keep in mind that httpd runs in a chroot in /var/www. I run it using chroot with https support (-DSSL flags) I would recommend to run owncloud in the C locale. What do you mean by 'C locale' ? Warm regards, Wesley
Re: add en_US.UTF8 support
Le 2013-04-11 21:51, Stefan Sperling a écrit : On Thu, Apr 11, 2013 at 09:30:51PM +0400, Wesley M.A. wrote: What do you mean by 'C locale' ? The default locale is called the 'C' locale. It is used when you don't configure any locale via LC_CTYPE or LANG. It only supports the ASCII character set. However that doesn't mean that applications cannot use non-ASCII characters if they want to, they just won't get special support from the operating system for this task. Why are you trying to configure a UTF-8 locale? Do you have a special need for this in your use of owncloud? I get this in the admin console (warning log): Error core setting locale to en_US.UTF-8/en_US.UTF8 failed. Support is probably not installed on your system And at the top : Locale not working This ownCloud server can't set system locale to en_US.UTF-8/en_US.UTF8. This means that there might be problems with certain characters in file names. We strongly suggest to install the required packages on your system to support en_US.UTF-8/en_US.UTF8. Owncloud used : the last 5.0.3 Any idea to fix this ? Again, thank you very much for your time! Cheers, Wesley
Re: add en_US.UTF8 support
Le 2013-04-11 22:29, Stefan Sperling a écrit : When I find time to upgrade to owncloud 5 I will look into this. It is possible that this will fix it: mkdir -p /var/www/usr/share/locale/en_US.UTF-8 cp /usr/share/locale/en_US.UTF-8/LC_CTYPE /var/www/usr/share/locale/en_US.UTF-8/LC_CTYPE But I haven't tested. It works. Again, thank you very much ! Cheers, Wesley
add en_US.UTF8 support
Hi, I run OpenBSD 5.3-current i386 (xbase.tgz included) I install php-5.3 /gd /zip added owncloud 5.0 from owncloud.org I read the faq : 10.20.1 - Configuring the active character set I tried this : export LC_CTYPE=en_US.ISO8859-1 and restart apache same error in Owncloud : setting locale to en_US.UTF-8/en_US.UTF8 failed. Support is probably not installed on your system Any idea ? Regards, Wesley M.A
Snort, DAQ, and established flow
Hi,
I use OpenBSD 5.3-beta
kern.version=OpenBSD 5.3-beta (GENERIC) #33: Fri Feb 15 17:03:34 MST
2013
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
I have some questions:
1) If i run this : $(whereis snort) -v # give me :
Running in packet dump mode
--== Initializing Snort ==--
Initializing Output Plugins!
ERROR: Can't find pcap DAQ!
Fatal Error, Quitting..
what is missing ? i already tried add p5-Net-Pcap, py-libpcap, same
error...
2) i have these rules in my local.rules file :
# detect RDP
alert tcp $HOME_NET any - any 3389 (msg : traffic rdp; sid:110091)
# detect social network : 8minutesDating
alert tcp $HOME_NET any - $EXTERNAL_NET $HTTP_PORTS (msg:SOCIAL NET -
8minuteD
ating; flow:to_server,established; content:Host\:;
pcre:/(Host\:)(\s[a-zA-Z0-9.-]+\.|\s)(8minutedating.c
om)\r\n/; sid: 1871000;)
RDP Alert works well.
But social network alert doesn't work if i let the rule option
flow:to_server,established activated.
Any idea ?
Thank you very much for your help!
Cheers,
Wesley
My snort.conf file :
-
ipvar HOME_NET 10.100.1.0/24
ipvar EXTERNAL_NET !$HOME_NET
ipvar DNS_SERVERS $HOME_NET
ipvar SMTP_SERVERS $HOME_NET
ipvar HTTP_SERVERS $HOME_NET
ipvar SQL_SERVERS $HOME_NET
ipvar TELNET_SERVERS $HOME_NET
ipvar SSH_SERVERS $HOME_NET
ipvar FTP_SERVERS $HOME_NET
ipvar SIP_SERVERS $HOME_NET
portvar HTTP_PORTS
[80,81,311,591,593,901,1220,1414,1830,2301,2381,2809,3128,3702,4343,5250,7001,7145,7510,,7779,8000,8008,8014,8028,8080,8088,8118,8123,8180,8181,8243,8280,8800,,8899,9080,9090,9091,9443,,11371,5]
portvar SHELLCODE_PORTS !80
portvar ORACLE_PORTS 1024:
portvar SSH_PORTS 22
portvar FTP_PORTS [21,2100,3535]
portvar SIP_PORTS [5060,5061,5600]
portvar FILE_DATA_PORTS [$HTTP_PORTS,110,143]
portvar GTP_PORTS [2123,2152,3386]
ipvar AIM_SERVERS
[64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24]
var RULE_PATH /etc/snort/rules
var SO_RULE_PATH /etc/snort/so_rules
var PREPROC_RULE_PATH /etc/snort/preproc_rules
config disable_decode_alerts
config disable_tcpopt_experimental_alerts
config disable_tcpopt_obsolete_alerts
config disable_tcpopt_ttcp_alerts
config disable_tcpopt_alerts
config disable_ipopt_alerts
config checksum_mode: all
config daq_dir: /usr/local/lib/daq/
config pcre_match_limit: 3500
config pcre_match_limit_recursion: 1500
config detection: search-method ac-split search-optimize
max-pattern-len 20
config event_queue: max_queue 8 log 3 order_events content_length
config paf_max: 16000
dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/
dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so
dynamicdetection directory /usr/local/lib/snort_dynamicrules
preprocessor normalize_ip4
preprocessor normalize_tcp: ips ecn stream
preprocessor normalize_icmp4
preprocessor normalize_ip6
preprocessor normalize_icmp6
preprocessor frag3_global: max_frags 65536
preprocessor frag3_engine: policy windows detect_anomalies
overlap_limit 10 min_fragment_length 100 timeout 180
preprocessor stream5_global: track_tcp yes, \
track_udp yes, \
track_icmp no, \
max_tcp 262144, \
max_udp 131072, \
max_active_responses 2, \
min_response_seconds 5
preprocessor stream5_tcp: policy windows, detect_anomalies,
require_3whs 180, \
overlap_limit 10, small_segments 3 bytes 150, timeout 180, \
ports client 21 22 23 25 42 53 79 109 110 111 113 119 135 136 137
139 143 \
161 445 513 514 587 593 691 1433 1521 2100 3306 6070 6665
6667 6668 6669 \
7000 8181 32770 32771 32772 32773 32774 32775 32776 32777 32778
32779, \
ports both 80 81 311 443 465 563 591 593 636 901 989 992 993 994
995 1220 1414 1830 2301 2381 2809 3128 3702 4343 5250 7907 7001 7145
7510 7802 7779 \
7801 7900 7901 7902 7903 7904 7905 7906 7908 7909 7910 7911
7912 7913 7914 7915 7916 \
7917 7918 7919 7920 8000 8008 8014 8028 8080 8088 8118 8123
8180 8243 8280 8800 8899 9080 9090 9091 9443 11371 5
preprocessor stream5_udp: timeout 180
preprocessor http_inspect: global iis_unicode_map unicode.map 1252
compress_depth 65535 decompress_depth 65535
preprocessor http_inspect_server: server default \
http_methods { GET POST PUT SEARCH MKCOL COPY MOVE LOCK UNLOCK
NOTIFY POLL BCOPY BDELETE BMOVE LINK UNLINK OPTIONS HEAD DELETE TRACE
TRACK CONNECT SOURCE SUBSCRIBE UNSUBSCRIBE PROPFIND PROPPATCH BPROPFIND
BPROPPATCH RPC_CONNECT PROXY_SUCCESS BITS_POST CCM_POST SMS_POST
RPC_IN_DATA RPC_OUT_DATA RPC_ECHO_DATA } \
chunk_length 50 \
server_flow_depth 0 \
client_flow_depth 0 \
post_depth 65495 \
oversize_dir_length 500 \
max_header_length 750 \
max_headers 100 \
max_spaces 0 \
small_chunk_length { 10 5 } \
ports { 80 81 311 591 593 901 1220 1414 1830 2301 2381 2809 3128
3702 4343 5250 7001 7145
openbsd5.3-beta, pf.conf, new keyword : once
Hi, I just see this in the pf.conf manpage: onceCreates a one shot rule that will remove itself from an active ruleset after the first match. In case this is the only rule in the anchor, the anchor will be destroyed automatically after the rule is matched. It is a excellent feature, is it possible to have a example of use ? Cheers, Wesley.
OpenBSD5.3-beta, kernel panic : pf.conf with once option
(disabled) pciide1 at pci0 dev 31 function 2 Intel 82801FBM SATA rev 0x04: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using apic 1 int 19 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: FUJITSU MHT2060BH wd0: 16-sector PIO, LBA48, 57231MB, 117210240 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 ichiic0 at pci0 dev 31 function 3 Intel 82801FB SMBus rev 0x04: apic 1 int 19 iic0 at ichiic0 iic0: addr 0x19 00=00 01=00 02=00 03=00 04=00 05=00 06=00 07=00 08=00 09=00 0a=00 0b=00 0c=00 0d=00 0e=00 0f=00 10=00 11=20 24=00 b9=00 ba=00 words 00= 01= 02= 03= 04=0040 05= 06= 07= usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 wsmouse1 at pms0 mux 0 pms0: Synaptics touchpad, firmware 5.9 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 mtrr: Pentium Pro MTRR support axe0 at uhub0 port 1 configuration 1 interface 0 ASIX Electronics AX88772 rev 2.00/0.01 addr 2 axe0: AX88772, address 00:50:b6:0b:e2:61 ukphy0 at axe0 phy 16: Generic IEEE 802.3u media interface, rev. 1: OUI 0x000ec6, model 0x0006 uhidev0 at uhub2 port 1 configuration 1 interface 0 LITEON Technology USB Multimedia Keyboard rev 1.10/1.01 addr 2 uhidev0: iclass 3/1 ukbd0 at uhidev0: 8 variable keys, 6 key codes wskbd1 at ukbd0 mux 1 wskbd1: connecting to wsdisplay0 vscsi0 at root scsibus0 at vscsi0: 256 targets softraid0 at root scsibus1 at softraid0: 256 targets root on wd0a (39789e927a770239.a) swap on wd0b dump on wd0b Thank you very much. Cheers, Wesley
Re: openbsd5.3-beta, pf.conf, new keyword : once
Le 2013-02-22 16:52, Scott McEachern a écrit : On 02/22/13 07:43, Wesley M.A. wrote: Hi, I just see this in the pf.conf manpage: onceCreates a one shot rule that will remove itself from an active ruleset after the first match. In case this is the only rule in the anchor, the anchor will be destroyed automatically after the rule is matched. It is a excellent feature, is it possible to have a example of use ? Cheers, Wesley. Actually it was put in about a year and a half ago: http://www.openbsd.org/cgi-bin/cvsweb/src/share/man/man5/pf.conf.5.diff?r1=1.507;r2=1.508;f=h my fault! Nitpicking aside, thanks for mentioning it... I didn't know about it either until now! ;-) -- Wesley
Re: Snort, DAQ, and established flow
Thank you very much for your answer. I just read man pages... Cheers, Wesley Le 2013-02-22 18:35, Chris Eidem a écrit : Spend more time reading the docs: https://www.snort.org/start/requirements -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- DAQ DAQ is the Data-Acquisition API that is necessary to use Snort version 2.9.0 and above. For more information and to download please visit DAQ[1] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Any more chatter about snort is not relevant to this list, take your questions to the snort listserve. [1] http://www.snort.org/downloads/2103 -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Wesley M.A. Sent: Friday, February 22, 2013 5:06 AM To: misc@openbsd.org Subject: Snort, DAQ, and established flow Hi, I use OpenBSD 5.3-beta kern.version=OpenBSD 5.3-beta (GENERIC) #33: Fri Feb 15 17:03:34 MST 2013 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC I have some questions: 1) If i run this : $(whereis snort) -v # give me : Running in packet dump mode --== Initializing Snort ==-- Initializing Output Plugins! ERROR: Can't find pcap DAQ! Fatal Error, Quitting.. what is missing ? i already tried add p5-Net-Pcap, py-libpcap, same error... 2) i have these rules in my local.rules file : # detect RDP alert tcp $HOME_NET any - any 3389 (msg : traffic rdp; sid:110091) # detect social network : 8minutesDating alert tcp $HOME_NET any - $EXTERNAL_NET $HTTP_PORTS (msg:SOCIAL NET - 8minuteD ating; flow:to_server,established; content:Host\:; pcre:/(Host\:)(\s[a-zA-Z0-9.-]+\.|\s)(8minutedating.c om)\r\n/; sid: 1871000;) RDP Alert works well. But social network alert doesn't work if i let the rule option flow:to_server,established activated. Any idea ? Thank you very much for your help! Cheers, Wesley My snort.conf file : - ipvar HOME_NET 10.100.1.0/24 ipvar EXTERNAL_NET !$HOME_NET ipvar DNS_SERVERS $HOME_NET ipvar SMTP_SERVERS $HOME_NET ipvar HTTP_SERVERS $HOME_NET ipvar SQL_SERVERS $HOME_NET ipvar TELNET_SERVERS $HOME_NET ipvar SSH_SERVERS $HOME_NET ipvar FTP_SERVERS $HOME_NET ipvar SIP_SERVERS $HOME_NET portvar HTTP_PORTS [80,81,311,591,593,901,1220,1414,1830,2301,2381,2809,3128,3702,4343,5250,7001,7145,7510,,7779,8000,8008,8014,8028,8080,8088,8118,8123,8180,8181,8243,8280,8800,,8899,9080,9090,9091,9443,,11371,5] portvar SHELLCODE_PORTS !80 portvar ORACLE_PORTS 1024: portvar SSH_PORTS 22 portvar FTP_PORTS [21,2100,3535] portvar SIP_PORTS [5060,5061,5600] portvar FILE_DATA_PORTS [$HTTP_PORTS,110,143] portvar GTP_PORTS [2123,2152,3386] ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24] var RULE_PATH /etc/snort/rules var SO_RULE_PATH /etc/snort/so_rules var PREPROC_RULE_PATH /etc/snort/preproc_rules config disable_decode_alerts config disable_tcpopt_experimental_alerts config disable_tcpopt_obsolete_alerts config disable_tcpopt_ttcp_alerts config disable_tcpopt_alerts config disable_ipopt_alerts config checksum_mode: all config daq_dir: /usr/local/lib/daq/ config pcre_match_limit: 3500 config pcre_match_limit_recursion: 1500 config detection: search-method ac-split search-optimize max-pattern-len 20 config event_queue: max_queue 8 log 3 order_events content_length config paf_max: 16000 dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/ dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so dynamicdetection directory /usr/local/lib/snort_dynamicrules preprocessor normalize_ip4 preprocessor normalize_tcp: ips ecn stream preprocessor normalize_icmp4 preprocessor normalize_ip6 preprocessor normalize_icmp6 preprocessor frag3_global: max_frags 65536 preprocessor frag3_engine: policy windows detect_anomalies overlap_limit 10 min_fragment_length 100 timeout 180 preprocessor stream5_global: track_tcp yes, \ track_udp yes, \ track_icmp no, \ max_tcp 262144, \ max_udp 131072, \ max_active_responses 2, \ min_response_seconds 5 preprocessor stream5_tcp: policy windows, detect_anomalies, require_3whs 180, \ overlap_limit 10, small_segments 3 bytes 150, timeout 180, \ ports client 21 22 23 25 42 53 79 109 110 111 113 119 135 136 137 139 143 \ 161 445 513 514 587 593 691 1433 1521 2100 3306 6070 6665 6667 6668 6669 \ 7000 8181 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779, \ ports both 80 81 311 443 465 563 591 593 636 901 989 992 993 994 995 1220 1414 1830 2301 2381 2809 3128 3702 4343 5250 7907 7001 7145 7510 7802 7779 \ 7801 7900 7901 7902 7903 7904 7905 7906 7908 7909 7910 7911 7912 7913 7914 7915 7916 \ 7917 7918 7919 7920 8000 8008 8014 8028 8080 8088 8118 8123 8180 8243 8280 8800 8899 9080 9090 9091 9443 11371 5 preprocessor stream5_udp: timeout 180 preprocessor
Re: Snort, DAQ, and established flow
Please read /usr/local/share/doc/pkg-readmes/snort-2.9.4.0 for OpenBSD-specific Snort documentation. Specifically, the recommended way to start Snort is to use the /etc/rc.d/snort script. The rc.d(8) man page has information about rc.d scripts. Hope this helps, Lawrence You are very funny, i already read /usr/local/share/doc/pkg-readmes/* And the same for : Configure /etc/snort/snort.conf (HOME_NET, EXTERNAL_NET, var...RULES) local.rules file And put pkg_scripts=snort in /etc/rc.conf.local and start it manually with /etc/rc.d/snort start Therefore thank you for your trie. Cheers, Wesley
Re: Snort, DAQ, and established flow
Le 2013-02-22 20:34, Lawrence Teo a écrit : So when you start Snort with the rc.d script, the rc.d script runs snort with -c /etc/snort/snort.conf, so it knows where to find the DAQ modules. If you want to use snort -v without using the config file: snort --daq-dir=/usr/local/lib/daq/ -v Lawrence Thank you very much. Wesley
Re: OpenBSD5.3-beta, kernel panic : pf.conf with once option
Le 2013-02-22 21:41, Mike Belopuhov a écrit : short answer: don't do that. you have to use an anchor. regarding the actual crash -- i'll look at it asap. Thank you very much for your reply, your advice. Wesley
Re: daily.output and ROOTBACKUP
Hi 'man 5 crontab' give : Command output is mailed to the crontab owner It is why you have root emails...(root backups are provided from security scripts (from daily)) Cheers, Wesley Le 2013-02-04 20:03, Peter Bisroev a écrit : Hi All, This is a very minor issue, and I could possibly have missed something in the documentation since I do not see people asking this question on the mailing lists. So if someone could point me in the right direction it would be really appreciated. I am using OpenBSD 5.2 on a number of hosts, and all works great. I have daily.local setup as follows: -- cat /etc/daily.local ROOTBACKUP=1 VERBOSESTATUS=0 -- Normal daily output is not emailed, however because I do have ROOTBACKUP=1 I get daily emails about root backups as shown below: -- OpenBSD 5.2 (GENERIC.MP) #368: Wed Aug 1 10:04:49 MDT 2012 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP 1:31AM up 24 days, 1:40, 0 users, load averages: 0.78, 0.28, 0.15 Backing up root=/dev/rwd0a to /dev/rwd0d: 131527+0 records in 131527+0 records out 1077469184 bytes transferred in 57.954 secs (18591693 bytes/sec) ** /dev/rwd0d ** Last Mounted on / ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 1756 files, 26205 used, 490058 free (50 frags, 61251 blocks, 0.0% fragmentation) MARK FILE SYSTEM CLEAN? yes * FILE SYSTEM WAS MODIFIED * -- The reason that I am getting this output makes sense, since the daily manpage states: -- If set to 0, df(1), dump(8), netstat(1), and ruptime(1) are skipped. Consequently, if none of the other commands produce any output, no mail will be sent to root. -- So what would be the correct way to instruct the rootbackup process not to produce output unless something is wrong? Thank you! --peter
add a daemon user
Hi, To add a daemon user like for example _nginx : useradd -L daemon -d /var/empty -s /sbin/nologin -g =uid _nginx Is this enough ? Thank you very much. Cheers, Wesley
Re: add a daemon user
Le 2013-01-29 21:40, jca+o...@wxcvbn.org a écrit : Wesley M.A. open...@e-solutions.re writes: Hi, Hi To add a daemon user like for example _nginx : useradd -L daemon -d /var/empty -s /sbin/nologin -g =uid _nginx Is this enough ? [...] Depends. Your _nginx user will likely serve files, you don't want to put them in /var/empty, which is where other daemons chroot. Do you want to chroot? Why not use the www user? Why not use the devel nginx package, if you need a more recent version? I want to make work mailserv (ie mailserv.github.com) on OpenBSD-5.2 When i install it, _nginx was not created. It is why my question. Thank you. -- Wesley
/var/backups strange behaviour
Hi Before do anything, i read this : man 8 daily I just installed a fresh OpenBSD-5.2 and /var/backups : empty I don't understand why backup is enabled in /var/backups. I explain, if i run the script : 'sh /etc/daily', backups is done. (i.e 'ls /var/backups') In the manpage of daily, it will backup only if : ROOTBACKUP Variable is enable (=1) or altroot partition in /etc/fstab Actually none of these 2 statements are present. Any idea ? Thank you very much. Regards, Wesley
Re: /var/backups strange behaviour
My mistake ! I undestand better. Thank you very much. Cheers, Wesley Le 2013-01-07 17:07, Otto Moerbeek a écrit : On Mon, Jan 07, 2013 at 04:49:12PM +0400, Wesley wrote: Hi Before do anything, i read this : man 8 daily I just installed a fresh OpenBSD-5.2 and /var/backups : empty I don't understand why backup is enabled in /var/backups. I explain, if i run the script : 'sh /etc/daily', backups is done. (i.e 'ls /var/backups') In the manpage of daily, it will backup only if : ROOTBACKUP Variable is enable (=1) or altroot partition in /etc/fstab Actually none of these 2 statements are present. Any idea ? Thank you very much. Regards, Wesley You are confusing things. ROOTBACKUP and config files backups are rtwo different things. Reading docs (and checking references helps): See security(8) (run by daily(8) as documented) and changelist(5) (referred to by security(8)). -Otto
Re: how to save /home during reinstall
Le 2012-12-27 14:15, lilit-aibolit a écrit : Hello misc. I have a /home at old system and I want to install new one from scratch. But I need to save all data in /home without moving it out of box. As I understood I need to stop at this point: Use (W)hole disk or (E)dit the MBR? [whole] At this prompt, hit Ctrl+C or ! and Why don't you mount a second disk and backup /home to this one? just before fdisk part. Cheers, Wesley
Re: List of all software present on OpenBSD 5.2
Le 2012-12-26 19:46, Live user a écrit : Where can I find all the software that comes in install52.iso? Please, read the famous OpenBSD FAQ : 1.8 - What is included with OpenBSD? Here it is : http://www.openbsd.org/faq/faq1.html#Included Cheers, Wesley MOUEDINE ASSABY
Re: How to list available all hard disks in OpenBSD
Hi, you can try this : /usr/sbin/sysctl hw.disknames Cheers, Wesley Le 2012-12-21 7:17, Indunil Jayasooriya a écrit : HI, I would like to know How to list available all hard disks in OpenBSD ? If I run below 2 commands, it will give an output. dmesg |grep wd0 fdisk wd0 If I install a new Hard Disk, How to get to know whether it is wd1 or anything eles? In Linux, Fdisk -l show all the available hard disks. In OpenBSD what's the command for it?
OpenBSD 5.2 Tos / AckPri
Hi,
In OpenBSD 5.2, does this line : pass all tos lowdelay do the same
job that using altq/priq (see below)?
ext_if=kue0
altq on $ext_if priq bandwidth 100Kb queue { q_pri, q_def }
queue q_pri priority 7
queue q_def priority 1 priq(default)
pass out on $ext_if proto tcp from $ext_if to any flags S/SA \
keep state queue (q_def, q_pri)
from this : http://www.benzedrine.cx/ackpri.html
Thank you very much for your replies.
Cheers,
Wesley.
a pf ruleset 5.2
Hi,
I just built a small firewall using OpenBSD 5.2
Advices are welcome... ;-)
Thank you very much.
So, 2 interfaces, with the following rules :
-Traffic only Ipv4
-Allow pings in/out
-Allow our lan to only have ftp/http and https
-Allow an access from anywhere to our RDP server
-Prioritizing Acks
*
lan=rl0
allow={www,ftp,https}
rdphost=10.0.0.10
set skip on lo
set block-policy return
match in all scrub (no-df max-mss 1440)
match out on egress inet from $lan:network to any nat-to egress
block log all
anchor ftp-proxy/*
pass in quick inet proto tcp to port ftp divert-to 127.0.0.1 port 8021
pass out on egress inet proto tcp set prio (1,7)
pass out on egress inet proto udp
pass out on $lan inet
pass in on $lan proto udp from $lan:network to port domain
pass in on $lan proto tcp from $lan:network to port $allow
pass inet proto icmp all icmp-type echoreq
pass in on egress inet proto tcp from any to any port 3389 \
rdr-to $rdphost tag rdp set prio (1,7)
pass out on $lan tagged rdp
*
Cheers,
Wesley
Re: ttyC5, keyboard doesn't work : solved
I just put this in my .profile : echo running X ... /bin/sleep 5 /usr/X11R6/bin/startx -- Wesley Le 2012-11-02 9:25, Wesley a écrit : Le 2012-10-31 17:30, MERIGHI Marcus a écrit : I would try in .Xdefaults XTerm*loginShell:false OR you could do the following in .profile: pgrep -f -x /usr/X11R6/bin/X .* || /usr/X11R6/bin/xinit Hi, I tried both solutions. No error messages, but keyboard doesn't work. Cheers, Wesley
Re: ttyC5, keyboard doesn't work
Le 2012-10-31 17:30, MERIGHI Marcus a écrit : I would try in .Xdefaults XTerm*loginShell:false OR you could do the following in .profile: pgrep -f -x /usr/X11R6/bin/X .* || /usr/X11R6/bin/xinit Hi, I tried both solutions. No error messages, but keyboard doesn't work. Cheers, Wesley
Re: ttyC5, keyboard doesn't work
Le 2012-10-30 12:24, MERIGHI Marcus a écrit : $ grep ttyC1 /etc/ttys ttyC1 /usr/local/sbin/autologin.getty vt220 on secure $ cat /usr/local/sbin/autologin.getty #!/bin/sh -e TERM=vt220 /usr/local/sbin/autologin /dev/$1 /dev/$1 $ cat /usr/local/sbin/autologin #!/bin/sh -e echo running autologin... exec su -l autologin $ cat /home/autologin/.profile /usr/X11R6/bin/startx Hi, Thank you very much, now keyboard works, therefore, in each xterm i have the following errors : xauth: file /home/stac/.serverauth.457 does not exist xauth: (stdin):1: bad display name accueil:0 in add command Fatal server error: Server is already active for display 0 If this server is no longer running, remove /tmp/.X0-lock and start again. Please consult the The X.Org Foundation support at http://wiki.x.org for help. XIO: fatal IO error 35 (Resource temporarily unavailable) on X server :0 after 7 requests (7 known processed) with 0 events remaining When start fwvm, it is possible to disable xterm at startup ? Again, thank you very much for your precious help! Cheers, Wesley
Re: ttyC5, keyboard doesn't work
Hi, I'm sorry, but i did all you write. Now when i turn on my OpenBSD Box, i have a pretty GUI, but when i run 'Terminal', i get these errors : ++ xauth: file /home/stac/.serverauth.22692 does not exist Fatal server error: Server is already active for display 0 If this server is no longer running, remove /tmp/.X0-lock and start again. Please consult the The X.Org Foundation support at http://wiki.x.org for help. XIO: fatal IO error 35 (Resource temporarily unavailable) on X server :0 after 7 requests (7 known processed) with 0 events remaining. ++ I have a user : stac, member of wheel group my 'ttyC1' from the file /etc/ttys : ttyC1 /usr/local/sbin/autologin.getty vt220 on secure $ userinfo stac login stac passwd * uid 1001 groups users wheel change NEVER class gecos dir /home/stac shell /bin/ksh expire NEVER $ cat /usr/local/sbin/autologin #!/bin/sh -e echo running autologin... exec su -l stac $ cat /usr/local/sbin/autologin.getty #!/bin/sh -e TERM=vt220 /usr/local/sbin/autologin /dev/$1 /dev/$1 $ cat /etc/rc.conf.local ntpd_flags= # enabled during install #xdm_flags= $ ls -la total 12384 drwxr-xr-x 4 stac users 512 Oct 31 17:01 . drwxr-xr-x 3 root wheel 512 Oct 11 16:55 .. -rw--- 1 stac users 163 Oct 31 16:56 .Xauthority -rw-r--r-- 1 stac users 62 Oct 12 11:56 .Xdefaults -rw--- 1 stac users 16 Oct 31 11:58 .aucat_cookie -rw-r--r-- 1 stac users 773 Feb 12 2012 .cshrc -rw-r--r-- 1 stac users 2146 Oct 31 16:50 .fvwmrc -rw-r--r-- 1 stac users 398 Feb 12 2012 .login -rw-r--r-- 1 stac users 113 Feb 12 2012 .mailrc drwx-- 4 stac users 512 Oct 12 09:56 .mozilla -rw-r--r-- 1 stac users 240 Oct 31 12:28 .profile -rw--- 1 stac users 52 Oct 31 16:56 .serverauth.12948 drwx-- 2 stac users 512 Oct 12 12:00 .ssh -rw-r--r-- 1 stac users 167 Oct 31 16:48 .xinitrc -rw--- 1 stac users0 Oct 31 11:06 .xsession-errors -rw--- 1 stac users 6290352 Oct 15 08:55 firefox.core $ cat .Xdefaults XTerm*loginShell:true XTerm*faceName: Mono Xterm*faceSize: 14 Any idea ? Therefore, i like a lot what you did with fvwm! It is pretty cool ! ;-) Cheers, Wesley Le 2012-10-31 13:22, MERIGHI Marcus a écrit : Hello Wesley, note: ``autologin'' is a regular user in my case. I never saw the X.org errors you mention.
Re: ttyC5, keyboard doesn't work
Le 2012-10-29 19:57, David Coppa a écrit : I suspect a sleep is required. See: http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/x11/slim/pkg/slim.rc?rev=1.3;content-type=text%2Fplain I don't use 'xdm', and 'slim' is not installed. I just have this in my /etc/ttys : ttyC5 /usr/bin/su - thin -c /usr/X11R6/bin/xinit xterm on secure Any idea ? Thank you very much. Cheers, -- Wesley
Re: sysmerge on 5.2?
Hi, You need to mount your 5.2 CDROM: mount /dev/cd0a /mnt Or get the files from this command : cd /tmp ftp http://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/etc52.tgz ftp http://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/xetc52.tgz And replace the '$RELEASEPATH' with the true path (/tmp or /mnt/5.2/i386) Cheers, Wesley Le 2012-10-29 11:12, bofh a écrit : Hi, Can someone help me understand how sysmerge works? I made all the config changes and then followed the instructions at http://openbsd.org/faq/upgrade52.html and did this: # sysmerge -s $RELEASEPATH/etc52.tgz -x $RELEASEPATH/xetc52.tgz but don't know where the files are stored? My preference has always to do a full/new reinstall - how does sysmerge merge it back into the system? I feel rather dumb, but read the upgrade and the man page quite a few times, and don't really get it :( Thanks!
ttyC5, keyboard doesn't work
Hi, I tried thinclient software from this : http://opensource.mtier.org/mtc.html It works very great on OpenBSD 5.1, when started manually using 'thin' account, and after running: startx Therefore, when i add this line to my /etc/ttys: ttyC5 /usr/bin/su - thin -c /usr/X11R6/bin/xinit xterm on secure # reboot the box, thinclient start, but the keyboard doesn't work. Any idea ? Thank you very much for your precious help. Cheers, Wesley
Re: OpenBSD-current, any chance to have TU2-ETG (ethernet adapter) working?
Le 2012-10-17 19:07, Theo de Raadt a écrit : I just install the last snapshot i386, and plug my Trendnet Ethernet Adapter (TU2-ETG). When i run this: (ifconfig axe0 media ; dmesg ; sysctl hw.sensors) axe0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:b6:4e:5a:c9 priority: 0 media: Ethernet none (none) supported media: media none I don't see any problem. A lot of devices must be configured up, before they will negotiate link. Hi, I tried this : touch /etc/hostname.axe0 and put this content : echo dhcp /etc/hostname.axe0 echo up /etc/hostname.axe0 run : sh /etc/netstart ifconfig axe0 media # with ethernet cable plugged axe0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:b6:4e:5a:c9 priority: 0 media: Ethernet none (none) supported media: media none Thank you very much for your replies. Cheers, -- Wesley M.A PS : I already test it on mac os, sure the device works.
Re: OpenBSD-current, any chance to have TU2-ETG (ethernet adapter) working?
Le 2012-10-18 4:32, Jonathan Gray a écrit : On Wed, Oct 17, 2012 at 09:07:41AM -0600, Theo de Raadt wrote: I just install the last snapshot i386, and plug my Trendnet Ethernet Adapter (TU2-ETG). When i run this: (ifconfig axe0 media ; dmesg ; sysctl hw.sensors) axe0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:b6:4e:5a:c9 priority: 0 media: Ethernet none (none) supported media: media none I don't see any problem. A lot of devices must be configured up, before they will negotiate link. The phy doesn't attach, your device perhaps needs some different gpio magic to the one I have. I you can donate one I'll take a look. Hi, I only have one device. If you want, i can give you a full access using ssh. Cheers, -- Wesley
Re: Last i386 snapshot broken ?
Hi, I just tested install52.iso, the last snapshot built on 15 Oct 12. It works. -- Wesley Le 2012-10-12 5:06, Stuart Henderson a écrit : On 2012-10-11, Yusof Khalid - FreeBSD / OpenBSD frysha...@gmail.com wrote: Hi, Confirm the iso is somehow got problem. I've tried with my virtualbox. Stuck at CD-ROM:E0 Loading /5.2/I386/CDBOOT As Ken mentioned, You seem to have hit something in the current effort to improved the boot blocks. Wait a day or so and try the latest snapshot then. If this still happens on a new snap (e.g. files dated from 12-Oct onwards; not yet biult I think...) then this might be useful information.
OpenBSD-current, any chance to have TU2-ETG (ethernet adapter) working?
uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 wbsio0 at isa0 port 0x2e/2: W83627EHF rev 0x63 lm1 at wbsio0 port 0x290/8: W83627EHF npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 mtrr: Pentium Pro MTRR support vscsi0 at root scsibus1 at vscsi0: 256 targets softraid0 at root scsibus2 at softraid0: 256 targets root on wd0a (5ef37f74d05d92dd.a) swap on wd0b dump on wd0b axe0 at uhub0 port 2 configuration 1 interface 0 ASIX Electronics AX88178 rev 2.00/0.01 addr 2 axe0: AX88178, address 00:50:b6:4e:5a:c9 hw.sensors.aibs0.temp0=45.50 degC (CPU Temperature), OK hw.sensors.aibs0.temp1=38.00 degC (MB Temperature), OK hw.sensors.aibs0.fan0=19852 RPM (CPU FAN Speed), OK hw.sensors.aibs0.fan1=0 RPM (CHASSIS1 FAN Speed), WARNING hw.sensors.aibs0.fan2=0 RPM (CHASSIS2 FAN Speed), WARNING hw.sensors.aibs0.fan3=0 RPM (POWER FAN Speed), WARNING hw.sensors.aibs0.volt0=1.33 VDC (Vcore Voltage), OK hw.sensors.aibs0.volt1=3.20 VDC ( +3.3 Voltage), OK hw.sensors.aibs0.volt2=4.84 VDC ( +5 Voltage), OK hw.sensors.aibs0.volt3=11.98 VDC ( +12 Voltage), OK hw.sensors.lm1.temp0=39.00 degC hw.sensors.lm1.temp1=45.50 degC hw.sensors.lm1.temp2=47.50 degC hw.sensors.lm1.fan1=5273 RPM hw.sensors.lm1.volt0=1.33 VDC (VCore) hw.sensors.lm1.volt1=11.99 VDC (+12V) hw.sensors.lm1.volt2=3.20 VDC (+3.3V) hw.sensors.lm1.volt3=3.20 VDC (+3.3V) hw.sensors.lm1.volt4=1.85 VDC (-12V) hw.sensors.lm1.volt5=1.51 VDC hw.sensors.lm1.volt6=1.52 VDC hw.sensors.lm1.volt7=3.20 VDC (3.3VSB) hw.sensors.lm1.volt8=0.78 VDC (VBAT) hw.sensors.lm1.volt9=1.58 VDC Thank you very much for your help. -- Wesley
ethernet adapter: TrendNet TU2-ETG
Hi, I use OpenBSD 5.1, i have this connected : TU2-ETG From dmesg : axe0 at uhub2 port 2 configuration 1 interface 0 ASIX Electronics AX88178 rev 2.00/0.01 addr 2 axe0: AX88178, address 00:50:b6:4e:5a:c9 Dhcp, static address doesn't work. 'ifconfig axe0 media' give me : axe0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:b6:4e:5a:c9 priority: 0 media: Ethernet none (none) supported media: media none inet 192.168.0.56 netmask 0xff00 broadcast 192.168.0.255 man axe : AX88178 seems to be support, but this model : TU2-ETG, not... Is it possible to have it working for example the new release 5.2 ? I can't test snapshots, i386\install52.iso or cd52.iso, broken...still 10 oct 12 (Don't worry, i know it is a second posts about this problem, perhaps since 4.9 there's news, or it can be solved i.e http://comments.gmane.org/gmane.os.openbsd.misc/191903) Thank you very much. -- Wesley The notebook : Durabook S13Y Here's a full dmesg (dmesg ; sysctl hw.sensors): OpenBSD 5.1 (GENERIC.MP) #188: Sun Feb 12 09:55:11 MST 2012 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Genuine Intel(R) CPU T2250 @ 1.73GHz (GenuineIntel 686-class) 1.73 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,SSE3,MWAIT,EST,TM2,xTPR,PDCM real mem = 1064562688 (1015MB) avail mem = 1037033472 (988MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 06/11/07, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.5 @ 0x9f800 (27 entries) bios0: vendor American Megatrends Inc. version 080014 date 06/11/2007 bios0: By O.E.M. S14Y acpi0 at bios0: rev 0 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC MCFG SLIC OEMB acpi0: wakeup devices P0P2(S4) P0P1(S4) EC0_(S4) MC97(S4) P0P6(S4) P0P7(S4) P0P8(S4) P0P9(S4) HDA_(S3) P0P4(S4) P0P5(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 132MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Genuine Intel(R) CPU T2250 @ 1.73GHz (GenuineIntel 686-class) 1.73 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,SSE3,MWAIT,EST,TM2,xTPR,PDCM ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 3 (P0P1) acpiprt2 at acpi0: bus 1 (P0P4) acpiprt3 at acpi0: bus 2 (P0P5) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2 acpicpu1 at acpi0: C3, C2 acpitz0 at acpi0: critical temperature is 110 degC acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT0 model S14Y serial type Lion oem By O.E.M acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: LIDD acpibtn2 at acpi0: PWRB acpivideo0 at acpi0: SBRG acpivideo1 at acpi0: VGA_ acpivout0 at acpivideo1: LCD_ bios0: ROM list: 0xc/0xea00! 0xcf000/0x800 cpu0: unknown Enhanced SpeedStep CPU, msr 0x06130d2c06000613 cpu0: using only highest and lowest power states cpu0: Enhanced SpeedStep 1729 MHz: speeds: 1733, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82945GM Host rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82945GM Video rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 2 int 16 drm0 at inteldrm0 Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: msi azalia0: codecs: Realtek ALC262, Motorola/0x3055, using Realtek ALC262 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 2 int 21 pci1 at ppb0 bus 1 et0 at pci1 dev 0 function 0 ATT/Lucent ET1310 rev 0x01: apic 2 int 16, address 00:40:45:2d:70:45 etphy0 at et0 phy 0: ET1011 10/100/1000baseT PHY, rev. 2 ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02: apic 2 int 22 pci2 at ppb1 bus 2 wpi0 at pci2 dev 0 function 0 Intel PRO/Wireless 3945ABG rev 0x02: msi, MoW1, address 00:18:de:ca:05:88 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 2 int 23 uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 2 int 19 uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 2 int 18 uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 2 int 21 ppb2 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2 pci3 at ppb2 bus 3 cbb0 at pci3 dev 5 function 0 O2 Micro OZ711MP1 CardBus rev 0x21: apic 2 int 17 cbb1 at pci3 dev 5 function 1 O2 Micro OZ711MP1 CardBus rev 0x21: apic 2 int 17 sdhc0 at pci3 dev 5 function 2 O2 Micro OZ711MP1 SDHC rev 0x01: apic 2 int 17 sdmmc0 at sdhc0 O2 Micro OZ711MP1 XDHC rev 0x01 at pci3 dev 5 function 3
Last i386 snapshot broken ?
Hi, I just downloaded this at http://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/install52.iso : install52.iso 10-Oct-2012 06:50 211M Burn it, try it on 2 different hardware, reboot automatically at first-stage boot loader. Someone already try this snapshot? Thank you very much. Cheers, Wesley M.
Re: Last i386 snapshot broken ?
The hardware is supported from the last release OpenBSD 5.1... Also i already tried a snapshot i386 in september (worked great) Now with this one (october) The system is not installed ! i'm booting on the cd, reboot just after the first-stage boot loader ... Someting wrong with this iso file ?? The install52.iso file compared to SHA256 file (from ftp.openbsd.org/...) : OK I'm going to try it with a VM. Thank you for your reply. Cheers, -- Wesley Le 2012-10-11 10:25, bert a écrit : Dmesg from a working system, or nobody is going to be able to help you. Christ, man, you've been here long enough to know this. On Thu, Oct 11, 2012 at 10:17:23AM +0400, Wesley wrote: Hi, I just downloaded this at http://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/install52.iso : install52.iso 10-Oct-2012 06:50 211M Burn it, try it on 2 different hardware, reboot automatically at first-stage boot loader. Someone already try this snapshot? Thank you very much. Cheers, Wesley M.
Re: Last i386 snapshot broken ?
Tried with Vmware, reboot just after this CDROM: 9F Loading /5.2/I386/CDBOOT I suspect this iso doesn't work... If someone can test it. -- Wesley Le 2012-10-11 10:33, Wesley a écrit : The hardware is supported from the last release OpenBSD 5.1... Also i already tried a snapshot i386 in september (worked great) Now with this one (october) The system is not installed ! i'm booting on the cd, reboot just after the first-stage boot loader ... Someting wrong with this iso file ?? The install52.iso file compared to SHA256 file (from ftp.openbsd.org/...) : OK I'm going to try it with a VM. Thank you for your reply. Cheers, -- Wesley Le 2012-10-11 10:25, bert a écrit : Dmesg from a working system, or nobody is going to be able to help you. Christ, man, you've been here long enough to know this. On Thu, Oct 11, 2012 at 10:17:23AM +0400, Wesley wrote: Hi, I just downloaded this at http://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/install52.iso : install52.iso 10-Oct-2012 06:50 211M Burn it, try it on 2 different hardware, reboot automatically at first-stage boot loader. Someone already try this snapshot? Thank you very much. Cheers, Wesley M.
Re: Last i386 snapshot broken ?
Le 2012-10-11 10:50, Peter N. M. Hansteen a écrit : there are some fairly straightforward ways to check whether it's the iso file that's at fault. try downloading bsd.rd and the sets and perform an upgrade from local disk. The system is not installed on the machines. It reboots automatically at : CDROM: 9F Loading /5.2/I386/CDBOOT And the SHA256's install52.iso match the SHA256 file present in http://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/SHA256; Tried with OpenBSD 5.1 compatible machine, VM... same : error reboot. Need now to test with a second mirror ... Thank you for your reply. -- Wesley
Re: Last i386 snapshot broken ?
Tested with a new mirror: same problem, reboot just after CDROM: 9F Loading /5.2/I386/CDBOOT -- Wesley Le 2012-10-11 11:00, Wesley a écrit : Le 2012-10-11 10:50, Peter N. M. Hansteen a écrit : there are some fairly straightforward ways to check whether it's the iso file that's at fault. try downloading bsd.rd and the sets and perform an upgrade from local disk. The system is not installed on the machines. It reboots automatically at : CDROM: 9F Loading /5.2/I386/CDBOOT And the SHA256's install52.iso match the SHA256 file present in http://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/SHA256; Tried with OpenBSD 5.1 compatible machine, VM... same : error reboot. Need now to test with a second mirror ... Thank you for your reply. -- Wesley
Re: Last i386 snapshot broken ?
I com back, so i tested iso files : install52.iso, cd52.iso (from i386 snapshots) Same problem, reboot just after : CDROM: 9F Loading /5.2/I386/CDBOOT If someone can rebuild the snapshots... Cheers, -- Wesley Le 2012-10-11 11:15, Wesley a écrit : Tested with a new mirror: same problem, reboot just after CDROM: 9F Loading /5.2/I386/CDBOOT -- Wesley Le 2012-10-11 11:00, Wesley a écrit : Le 2012-10-11 10:50, Peter N. M. Hansteen a écrit : there are some fairly straightforward ways to check whether it's the iso file that's at fault. try downloading bsd.rd and the sets and perform an upgrade from local disk. The system is not installed on the machines. It reboots automatically at : CDROM: 9F Loading /5.2/I386/CDBOOT And the SHA256's install52.iso match the SHA256 file present in http://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/SHA256; Tried with OpenBSD 5.1 compatible machine, VM... same : error reboot. Need now to test with a second mirror ... Thank you for your reply. -- Wesley
Re: Last i386 snapshot broken ?
Satisfied to see that i'm not the only one. ;-) Le 2012-10-11 15:39, Udo Siewert a écrit : On 10/11/12 12:51, Wesley wrote: I com back, so i tested iso files : install52.iso, cd52.iso (from i386 snapshots) Same problem, reboot just after : CDROM: 9F Loading /5.2/I386/CDBOOT I can confirm that. Same here. -current (i386) 10/10/12
davical+agendav : PHP Notice: Undefined variable
Hi, I'm testing the new OpenBSD Port : davical-1.0.2p0 on OpenBSD-5.2-current I also installed agendav 1.2.6 All works great except calendar sharing. I get this error in /var/www/logs/error_log PHP Notice: Undefined variable: request in /var/www/davical/inc/caldav-ACL.php on line 148 [Mon Sep 10 16:43:55 2012] [error] PHP Fatal error: Call to a member function PreconditionFailed() on a non-object in /var/www/davical/inc/caldav-ACL.php on line 148 Any idea ? Thank you very much. Regards, Wesley MOUEDINE ASSABY
Re: radicale package, error authentication (resolved)
So i tested my config with Thunderbird/Lightning module, authentication with htpasswd works ! The problem comes from the path (like @sthen said) i give in ical (from imac). And the documentation described in http://radicale.org/user_documentation/#ical was wrong* (therefore this last one works without authentication) Thank you very much for all. -- Wesley Le 2012-09-06 0:47, Stuart Henderson a écrit : I suspect your calendar path is incorrect, typically it would be something like https://localhost:5232/username/calendar Now, i use my imac, and try to connect to caldav : ip_address:5232 ; username wesley I can't access. I've only tried this with Thunderbird+Lightning, the only fruit-themed hardware I have here is an old mac mini running OpenBSD/macppc.
Re: radicale package, error authentication
Now i tried Radicale package on OpenBSD-5.2-current So radicale version is : 0.7 WHat i have done : export PKG_PATH=http://ftp.openbsd.org/pub/OpenBSD/snapshots/packages/i386/ pkg_add -i radicale read this : more /usr/local/share/doc/pkg-readmes/radicale-0.7 so i changed the file /etc/radicale/config to : ... type = htpasswd ... /usr/bin/htpasswd -s -c /etc/radicale/users wesley /usr/bin/htpasswd -s /etc/radicale/users bruno I start radicale server : /etc/rc.d/radicale start Now, i use my imac, and try to connect to caldav : ip_address:5232 ; username wesley I can't access. tail /var/log/radicale give me : 2012-09-05 15:27:24,244 - INFO: Checking rights for collection owned by nobody 2012-09-05 15:27:24,244 - INFO: wesley refused 2012-09-05 15:27:24,244 - DEBUG: Answer status: 401 Unauthorized Any idea ? -- Wesley Le 2012-09-03 19:04, Chris Cappuccio a écrit : Z? Loff [zel...@zeloff.org] wrote: Sorry for the noise, I'll crawl back into my hole now. Hey, it's better than the 147th notice that my African bank account is now suspended.
Re: radicale package, error authentication
Euh... httpd is not used here. In my /etc/rc.conf.local : ntpd_flags= # enabled during install pkg_scripts=radicale netstat -anf inet | grep 5232 # This give me : tcp 0 0 *.5232 *.* LISTEN Without authentication (i.e type = None ), using ical (from iMac), it works great AND without httpd. I just added htpasswd, and users file. Run again : /etc/rc.d/radicale restart Try it a second time with ical : user refused in /var/log/radicale Any idea ? -- Wesley Le 2012-09-05 17:51, Chris Cappuccio a écrit : My African bank account is now closed. Jesus Christ. OpenBSD httpd is chrooted by default. So if /etc/radicale isn't located in /var/www/etc, you are facing an uphill battle. Wesley [open...@e-solutions.re] wrote: Now i tried Radicale package on OpenBSD-5.2-current So radicale version is : 0.7 WHat i have done : export PKG_PATH=http://ftp.openbsd.org/pub/OpenBSD/snapshots/packages/i386/ pkg_add -i radicale read this : more /usr/local/share/doc/pkg-readmes/radicale-0.7 so i changed the file /etc/radicale/config to : ... type = htpasswd ... /usr/bin/htpasswd -s -c /etc/radicale/users wesley /usr/bin/htpasswd -s /etc/radicale/users bruno I start radicale server : /etc/rc.d/radicale start Now, i use my imac, and try to connect to caldav : ip_address:5232 ; username wesley I can't access. tail /var/log/radicale give me : 2012-09-05 15:27:24,244 - INFO: Checking rights for collection owned by nobody 2012-09-05 15:27:24,244 - INFO: wesley refused 2012-09-05 15:27:24,244 - DEBUG: Answer status: 401 Unauthorized Any idea ? -- Wesley Le 2012-09-03 19:04, Chris Cappuccio a ??crit??: Z? Loff [zel...@zeloff.org] wrote: Sorry for the noise, I'll crawl back into my hole now. Hey, it's better than the 147th notice that my African bank account is now suspended.
Re: radicale package, error authentication
Le 2012-09-05 20:38, Chris Cappuccio a écrit : Wesley [open...@e-solutions.re] wrote: Euh... httpd is not used here. Oh, well see, then you're asking the wrong person. I don't even know what radicale is. Radicale is a calDav/CardDav Server. What i want : build it with authentication(htpasswd) and play it with agenDav. (It is a Calendar Web Client) Without authentication (i.e type = None ), using ical (from iMac), it works great AND without httpd. I just added htpasswd, and users file. Run again : /etc/rc.d/radicale restart Try it a second time with ical : user refused in /var/log/radicale Any idea ? Now that I know httpd isn't involved, it sounds like htpasswd isn't using an algorithm compatible with radicale. The htpasswd man page says crypt(3) is the default but clearly SHA is the default. Try the -m or -d option to htpasswd. One of those will probably work for this program. I will try it later. Thank you for your replies. Regards, -- Wesley
Re: Apache on OpenBSD 5.2 ?
I dont know what link your read, but http://www.openbsd.org/52.html give me at the end your answer to your question. - The system includes the following major components from outside suppliers: Xenocara (based on X.Org 7.7 with xserver 1.12.2 + patches, freetype 2.4.10, fontconfig 2.8.0, Mesa 7.10.3, xterm 279, xkeyboard-config 2.6 and more) Gcc 4.2.1 (+patches), 3.3.5 (+ patches) and 2.95.3 (+ patches) Perl 5.12.2 (+ patches) Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support Nginx 1.2.2 (+ patches) OpenSSL 1.0.0f (+ patches) SQLite 3.7.13 (+ patches) Sendmail 8.14.5, with libmilter Bind 9.4.2-P2 (+ patches) NSD 3.2.11 Lynx 2.8.7rel.2 with HTTPS and IPv6 support (+ patches) Sudo 1.7.2p8 Ncurses 5.7 Heimdal 0.7.2 (+ patches) Arla 0.35.7 Binutils 2.15 (+ patches) Gdb 6.3 (+ patches) Less 444 (+ patches) Awk Aug 10, 2011 version Regards, -- Wesley Le 2012-09-05 14:15, Mik J a écrit : Hello, The web page http://www.openbsd.org/52.htmlsays Added nginx(8), an HTTP server, reverse proxy server and mail proxy server. Does it mean that Apache 1.3 will be removed from the default install ? Thank you
Re: radicale package, error authentication
Le 2012-09-05 23:24, Zé Loff a écrit : Now that I know httpd isn't involved, it sounds like htpasswd isn't using an algorithm compatible with radicale. The htpasswd man page says crypt(3) is the default but clearly SHA is the default. Yes, but you can either use -s on htpasswd or specify a different algorithm (crypt or plain) on the radicale config. It is what i have done : read this : more /usr/local/share/doc/pkg-readmes/radicale-0.7 /usr/bin/htpasswd -s -c /etc/radicale/users wesley /usr/bin/htpasswd -s /etc/radicale/users bruno tail /var/log/radicale give me : 2012-09-05 15:27:24,244 - INFO: Checking rights for collection owned by nobody 2012-09-05 15:27:24,244 - INFO: wesley refused 2012-09-05 15:27:24,244 - DEBUG: Answer status: 401 Unauthorized Try the -m or -d option to htpasswd. One of those will probably work for this program. I will try it later. Thank you for your replies. I tried even with 'plain' and it didn't work either. Maybe radicale isn't reading the file properly or at all...
Re: radicale package, error authentication
Le 2012-09-05 23:26, Chris Cappuccio a écrit : Z?? Loff [zel...@zeloff.org] wrote: What about htdigest ? Maybe that's what it's looking for. If we read this : more /usr/local/share/doc/pkg-readmes/radicale-0.7 htpasswd utility is used, not others. -- Wesley
Re: radicale package, error authentication
Le 2012-09-06 0:47, Stuart Henderson a écrit : Moved to ports@ where it should be. Thank's! I suspect your calendar path is incorrect, typically it would be something like https://localhost:5232/username/calendar Using ical (from imac), i follow this : http://radicale.org/user_documentation/#ical It works great without auth-htpasswd. But with, no way. I've only tried this with Thunderbird+Lightning, the only fruit-themed hardware I have here is an old mac mini running OpenBSD/macppc. I will try my config like you with Thunderbird/Lightning...
radicale package, error authentication
Hi, I use OpenBSD 5.1-RELEASE, i just want to test radicale package, the cal server. It works fine without authentication. Now with this enabled to /etc/radicale/config : [acl] # Access method # Value: None | htpasswd | LDAP type = htpasswd # Usernames used for public calendars, separated by a comma public_users = public # Usernames used for private calendars, separated by a comma private_users = private # Htpasswd filename htpasswd_filename = /etc/radicale/users # Htpasswd encryption method # Value: plain | sha1 | crypt htpasswd_encryption = crypt And try this : cd /etc/radicale /usr/bin/htpasswd -c users wesley Restart radicale : /etc/rc.d/radicale restart try the cal server using ical (apple) : don't want my username/password and the radicale log (/var/log/radicale) give me just : INFO: Checking rights for calendar owned by nobody 2012-09-03 12:17:19,614 - INFO: wesley refused any idea ? Thank you very much. -- Wesley
Re: radicale package, error authentication
By default, httpd is in chroot mode, so i just use add this to /etc/rc.conf.local, and reboot the box : httpd_flags=-u I get the same errors : INFO: Checking rights for calendar owned by nobody 2012-09-03 12:17:19,614 - INFO: wesley refused Any idea ? -- Wesley Le 2012-09-03 12:34, Zé Loff a écrit : On Sep 3, 2012, at 9:26 AM, Wesley wrote: Hi, I use OpenBSD 5.1-RELEASE, i just want to test radicale package, the cal server. It works fine without authentication. Now with this enabled to /etc/radicale/config : [acl] # Access method # Value: None | htpasswd | LDAP type = htpasswd # Usernames used for public calendars, separated by a comma public_users = public # Usernames used for private calendars, separated by a comma private_users = private # Htpasswd filename htpasswd_filename = /etc/radicale/users # Htpasswd encryption method # Value: plain | sha1 | crypt htpasswd_encryption = crypt And try this : cd /etc/radicale /usr/bin/htpasswd -c users wesley Restart radicale : /etc/rc.d/radicale restart try the cal server using ical (apple) : don't want my username/password and the radicale log (/var/log/radicale) give me just : INFO: Checking rights for calendar owned by nobody 2012-09-03 12:17:19,614 - INFO: wesley refused any idea ? Thank you very much. -- Wesley Do you run apache chrooted (as per default)? You might need to move the /etc/radicale folder to /var/www/
/etc/rc.d/httpd script : how to use it ?
Hi, I use OpenBSD 5.1 RELEASE. To start Apache, i usually use this command : '/usr/sbin/apachectl start' This, works good. Therefore, i tried to do the same using : '/etc/rc.d/httpd start' Nothing happens. What is the use of this last one ? Thank you very much for your reply. Cheers, Wesley
Re: /etc/rc.d/httpd script : how to use it ?
Thank you very much. But i don't want to have it at startup. It's why i didn't put this line 'httpd_flags=' in /etc/rc.conf.local I was testing radicale package, the famous caldav server. Now i understand better, why it doesn't work. And in my case, 'apachectl start' is enough. Have a good day. Regards, Wesley. Le 2012-08-28 15:04, Nick Holland a écrit : On 08/28/12 06:34, Wesley wrote: # echo 'httpd_flags=' /etc/rc.conf.local and try again: # /etc/rc.d/httpd start httpd(ok) # ta-da! Curiously, this exact example is in the FAQ: http://www.openbsd.org/faq/faq10.html#rc Nick.
roundcubemail port
Hi, I just seen a new version on Roundcube : 0.8 here : http://roundcube.net/ And on the OpenBSD CVSWeb : http://www.openbsd.org/cgi-bin/cvsweb/ports/mail/roundcubemail/ So roundcubemail version : 0.7.2 Is it possible to update it to 0.8 ? Thank you very much for all the perfect job you done. Regards, Wesley
dovecot-2.1.8 with OpenBSD 5.2-current
Hi, I'm trying to build a small mail server with OpenSmtpd, and Dovecot with the last OpenBSD (Snapshot+Updates = -current). OpenSmtpd config is OK. Now i want to install a Dovecot to use pop3s (995): export PKG_PATH=http://ftp.openbsd.org/pub/OpenBSD/snapshots/packages/i386/ pkg_add dovecot # this install dovecot-2.1.8 I run : 'tail -f /var/log/maillog ' Just after : i modify the dovecot cnf file at my convenience and run /usr/local/sbin/dovecot-mkcert.sh * I didn't modify the file /etc/dovecot/dovecot.conf I have this error : Jul 27 19:04:48 current dovecot: master: Dovecot v2.1.8 starting upJ ul 27 19:04:48 current dovecot: master: Error: service(doveadm): pipe() failed:Too many open files Jd: Too many open files dovecot: master: Error: service(dns_client): pipe() faile Jul 27 19:04:48 current dovecot: master: Error: service(director): pipe() failed: Too many open files Jul 27 19:04:48 current dovecot: master: Error: service(dict): pipe() failed: Too many open files Jul 27 19:04:48 current dovecot: master: Error: service(config): pipe() failed: T oo many open files Jul 27 19:04:48 current dovecot: master: Error: service(auth): pipe() failed: Too many open files Jul 27 19:04:48 current dovecot: master: Error: service(auth-worker): pipe() fail ed: Too many open files Jul 27 19:04:58 current dovecot: master: Error: service(anvil): command startup f ailed, throttling for 2 secs Jul 27 19:04:58 current dovecot: master: Error: service(ssl-params): command star tup failed, throttling for 2 secs Jul 27 19:04:58 current dovecot: ssl-params: Fatal: Error reading configuration: Timeout reading config from /var/dovecot/config Jul 27 19:04:58 current dovecot: anvil: Fatal: Error reading configuration: Timeo ut reading config from /var/dovecot/config Any idea ? -- Wesley
Re: dovecot-2.1.8 with OpenBSD 5.2-current
Sorry, something is missing, this error arrives just after : /etc/rc.d/dovecot start Any idea ? I have this error : Jul 27 19:04:48 current dovecot: master: Dovecot v2.1.8 starting upJ ul 27 19:04:48 current dovecot: master: Error: service(doveadm): pipe() failed:Too many open files Jd: Too many open files dovecot: master: Error: service(dns_client): pipe() faile Jul 27 19:04:48 current dovecot: master: Error: service(director): pipe() failed: Too many open files Jul 27 19:04:48 current dovecot: master: Error: service(dict): pipe() failed: Too many open files Jul 27 19:04:48 current dovecot: master: Error: service(config): pipe() failed: T oo many open files Jul 27 19:04:48 current dovecot: master: Error: service(auth): pipe() failed: Too many open files Jul 27 19:04:48 current dovecot: master: Error: service(auth-worker): pipe() fail ed: Too many open files Jul 27 19:04:58 current dovecot: master: Error: service(anvil): command startup f ailed, throttling for 2 secs Jul 27 19:04:58 current dovecot: master: Error: service(ssl-params): command star tup failed, throttling for 2 secs Jul 27 19:04:58 current dovecot: ssl-params: Fatal: Error reading configuration: Timeout reading config from /var/dovecot/config Jul 27 19:04:58 current dovecot: anvil: Fatal: Error reading configuration: Timeo ut reading config from /var/dovecot/config Any idea ? -- Wesley
Re: dovecot-2.1.8 with OpenBSD 5.2-current
I tried this : ulimit -a give me : time(cpu-seconds)unlimited file(blocks) unlimited coredump(blocks) unlimited data(kbytes) 2097152 stack(kbytes)8192 lockedmem(kbytes)1016125 memory(kbytes) 3043896 nofiles(descriptors) 7030 processes1310 when i type '/etc/rc.d/dovecot start' give me again : dovecotJul 27 21:12:08 current dovecot: master: Dovecot v2.1.8 starting up (ok) # Jul 27 21:12:08 current dovecot: master: Error: service(doveadm): pipe() failed: Too many open files Jul 27 21:12:08 current dovecot: master: Error: service(dns_client): pipe() failed: Too many open files Jul 27 21:12:08 current dovecot: master: Error: service(director): pipe() failed: Too many open files Jul 27 21:12:08 current dovecot: master: Error: service(dict): pipe() failed: Too many open files Jul 27 21:12:08 current dovecot: master: Error: service(config): pipe() failed: Too many open files Jul 27 21:12:08 current dovecot: master: Error: service(auth): pipe() failed: Too many open files Jul 27 21:12:08 current dovecot: master: Error: service(auth-worker): pipe() failed: Too many open files Perhaps i need to play with openfiles-cur keyword in /etc/login.conf... So i increased 'default class' 512 to 2048, 'daemon class' 128 to 2048. Seems to work ;-) Any advices ? Thank you very much for your help ! -- Wesley www.mouedine.net Le 2012-07-27 19:30, Mark Patruck a écrit : Make sure you've increased limits (f.e. open file descriptors). This is new since v2.1.8. Check the README-server file in the dovecot-2.1.8 package. On Fri, Jul 27, 2012 at 07:22:33PM +0400, Wesley wrote: Sorry, something is missing, this error arrives just after : /etc/rc.d/dovecot start Any idea ? I have this error : Jul 27 19:04:48 current dovecot: master: Dovecot v2.1.8 starting upJ ul 27 19:04:48 current dovecot: master: Error: service(doveadm): pipe() failed:Too many open files Jd: Too many open files dovecot: master: Error: service(dns_client): pipe() faile Jul 27 19:04:48 current dovecot: master: Error: service(director): pipe() failed: Too many open files Jul 27 19:04:48 current dovecot: master: Error: service(dict): pipe() failed: Too many open files Jul 27 19:04:48 current dovecot: master: Error: service(config): pipe() failed: T oo many open files Jul 27 19:04:48 current dovecot: master: Error: service(auth): pipe() failed: Too many open files Jul 27 19:04:48 current dovecot: master: Error: service(auth-worker): pipe() fail ed: Too many open files Jul 27 19:04:58 current dovecot: master: Error: service(anvil): command startup f ailed, throttling for 2 secs Jul 27 19:04:58 current dovecot: master: Error: service(ssl-params): command star tup failed, throttling for 2 secs Jul 27 19:04:58 current dovecot: ssl-params: Fatal: Error reading configuration: Timeout reading config from /var/dovecot/config Jul 27 19:04:58 current dovecot: anvil: Fatal: Error reading configuration: Timeo ut reading config from /var/dovecot/config Any idea ? -- Wesley
Re: dovecot-2.1.8 with OpenBSD 5.2-current
As i said in the last reply, i modified Default and daemon class openfiles-cur value to 2048. I think it is better to follow your link, create a dovecot class and add the value. Thank you a lot. (Andre and Mark) -- Wesley Le 2012-07-27 21:36, Andre Keller a écrit : Hi Am 27.07.2012 19:18, schrieb Wesley: Perhaps i need to play with openfiles-cur keyword in /etc/login.conf... So i increased 'default class' 512 to 2048, 'daemon class' 128 to 2048. Seems to work ;-) Did you even look into the readme, that mark pointed out? http://www.openbsd.org/cgi-bin/cvsweb/ports/mail/dovecot/pkg/README-server?rev=1.1;content-type=text%2Fplain [1] For example, add this to the login.conf(5) file: dovecot: :openfiles-cur=512: :openfiles-max=2048: :tc=daemon: Rebuild the login.conf.db file if necessary: # [ -f /etc/login.conf.db ] cap_mkdb /etc/login.conf I guess thats all you need to know... Links: -- [1] http://www.openbsd.org/cgi-bin/cvsweb/ports/mail/dovecot/pkg/README-server?rev=1.1;content-type=text%2Fplain
Re: OpenBSD on minimac
Hi, Le 2012-06-10 14:51, Jan Stary a écrit : I got this Mac Mini on my hands, and I would like to install current/macppc on it. According to http://www.openbsd.org/macppc.html#hardware the following MicMini's are supported: Mac mini (PowerMac10,1) Mac mini (Late 2005 (PowerMac10,2)) My model number is A1103. A quick search suggests that it's the same as PowerMac10,1 - is that correct? If so, it should be supported. My problem is it won't boot from install51.iso. I hold the [c] key while booting up, but it still boots into the MacOSX 10.5.8 that is currently installed on the disk, instead of booting from the CD. Am I missing something obvious? Jan Put your cd. Reboot. Hold ALT key at boot to have the choice between boot hard disk or cdrom. Hope it works for you. Cheers, Wesley MOUEDINE ASSABY wesley[at]mouedine [dot]net
Re: Customizing the install process
Hi, Le 2012-06-07 18:44, Tomasz Marszal a écrit : On Thu, 7 Jun 2012 19:23:35 +0530, Jay Patel rockworl...@gmail.com wrote: Hi Tomasz, ya i thoght that too. will try excluding /proc and /dev but dont know if installer will work that way. One more thing if you have 10 equal pcs there should be no problem but if you have different disc that are supported by the different driver ( like sata and ide disc ) you will have to boot rescue from usb or cd and change the /etc/fstab entries i dont know is vi supported in rescue mode but you can always prepare fstab file, copy it to you usb stick and the copy it to your /etc You can use 'ed'. -- Wesley
Re: How-To VPN IKEv2
Le 2012-06-04 1:38, Barry Grumbine a C)critB : On Sat, Jun 2, 2012 at 7:37 AM, Wesley open...@e-solutions.re wrote: Hi, I just done this tutorial, if it can help someone ;-) http://www.mouedine.net Advices are welcome. Thank you very much. Regards, Wesley MOUEDINE ASSABY wesley [at] mouedine[dot] net Hi, Hi Wesley, To get ikeca.cnf, this is easier (latest): lynx -dump http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/ikectl/ikeca.cnf?rev=HEAD;content-type=text%2Fplain; ikeca.cnf or for a specific revison: lynx -dump http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/ikectl/ikeca.cnf?rev=1.4;content-type=text%2Fplain; ikeca.cnf ftp(1) also works with: ftp -V -o ikeca.cnf http://[...]; +1 ;-) Thank you very much. -- Wesley.
