Re: pgt firmware ...
Why don't you try to install a snapshot version ? Just to see if the problem is resolved for the next release (5.1)... And sorry for the wget advice :-) All the best, Wesley. On Tue, 28 Feb 2012 00:33:06 +1030, David Walker wrote: > Hi Magnus. > > That was the issue - that directory didn't exist. > It was my fault - playing with fstab ... > > Unfortunately it seems there's bigger issue anyway. > When I plug the card in there's either no action (no ifconfig, no > LEDs, no console message) or I get a panic. > It happens invariably (I think) if the card's in at boot, here's one > (hand typed) ... > > cbb0: no bus space > panic: io alloc > Stopped at Debugger+0x4: popl %ebp > > ddb> > > I've done 'ps' and 'trace' but they're a bit long to transcribe right now. > I did 'boot dump' and can see the dump in /var/crash - when I get > sometime I'll try and read some more man pages and see if I can > extract anything useful. > If anyone's interested and wants me to extract anything, please tell > me how, and I'll do it soonest. I'm not sure what I'm looking for. > > Regardless, I might re-install so I can guarantee any other changes > I've made are voided and try again. It's quite possible theres an > issue with the card also. I might try it on another OS to verify that. > > Best wishes. > > On 27/02/2012, Magnus wrote: >> Hello, >> >> check that you have the path /var/db/pkg >> >> Information about the package(s) is recorded in a central repository, by >> default located in /var/db/pkg/. This will, among other things, prevent >> the dependencies of a package from being deleted before the package >> itself has been deleted. This helps ensure that an application cannot be >> accidentally broken by a careless user >> >> f.i. mine looks like this: >> >> # ls -Fl /var/db/pkg >> total 76 >> drwxr-xr-x 2 root wheel 512 Oct 19 11:29 bacula-client-5.0.2p1/ >> drwxr-xr-x 2 root wheel 512 Sep 13 10:14 bash-4.1.9p0/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 dnsmasq-2.55/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 gd-2.0.35p0/ >> drwxr-xr-x 2 root wheel 512 Sep 13 10:14 gettext-0.18.1p0/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 joe-3.7p0/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 jpeg-8b/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 libdnet-1.12p1/ >> drwxr-xr-x 2 root wheel 512 Sep 13 10:14 libiconv-1.13p2/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 lua-5.1.4p1/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 nano-2.2.6/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 ngrep-1.45p1/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 nmap-5.21p3/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 ntop-1.1/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 pcre-8.02p1/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 pfstat-2.3p1/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 png-1.2.44/ >> drwxr-xr-x 2 root wheel 512 Jun 15 2011 postfix-2.8.20110113/ >> drwxr-xr-x 2 root wheel 512 Sep 12 12:56 screen-4.0.3p2/ >> >> // Magnus >> >> >> >> >> On 2012-02-27 12:58, David Walker wrote: >>> Thank you Peter. >>> >>> I still get the same error message (error line wrapped): >>> >>> pkg_add ./pgt-firmware-1.2p2.tgz >>> Bad pkg_db: No such file or directory at >>> /usr/libdata/perl5/OpenBSD/PackageInfo.pm line 63. >>> >>> Line 63: >>> >>> opendir(my $dir, $pkg_db) or die "Bad pkg_db: $!"); >>> >>> Somethings wrong with my environment but what ... >>> >>> On 27/02/2012, Peter Hessler wrote: >>>> NO! >>>> >>>> For the love of everything holy, don't fucking use wget. >>>> >>>> the built-in ftp(1) client can download from http servers. >>>> >>>> and, do NOT just extract the files. we have package tools for a >>>> reason. >>>> >>>> EITHER: >>>> a) pkg_add >>>> http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz >>>> >>>> OR >>>> >>>> b) ftp http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2.tgz >>>> && >>>> pkg_add ./pgt-firmware-1.2.tgz >>>> >>>> Anything else is stupid. >>>> >>>> >>>> >>>> On 2012 Feb 26 (Sun) at 18:21:31 +0400 (+0400), Wesley M. wrote: >>>> :Try this : >>>> :add wg
Re: pgt firmware ...
Try this : add wget package using pkg_add -vi wget wget http://firmware.openbsd.org/firmware/5.0/pgt-firmware-1.2p2.tgz Then extract this in /etc/firmware. Halt your machine, Remove your network card, and now plug the new card, boot Hope that it will help. Wesley. On Mon, 27 Feb 2012 00:02:28 +1030, David Walker wrote: > Thanks Wesley. > > I forgot about that. > I was going from man pgt which says: > FILES > > A prepackaged version of the firmware, designed to be used with > pkg_add(1), can be found at: > > http://firmware.openbsd.org/firmware/pgt-firmware-1.2.tgz > > The problem I have is that fw_update doesn't accept arguments and I > need the adjacent pcmcia slot for the ethernet card and they are both > bulky cards. > I need to remove the conexant card to insert the ethernet card to > access the network and then fw_update reports there are no devices to > update - the conexant card is no longer attached. > :] > > If you can think of a way to run this locally it'd be great. > > On 26/02/2012, Wesley M. wrote: >> try fw_update (provided in OpenBSD 5.0) >> >> Wesley. >> >> On Sun, 26 Feb 2012 17:51:03 +1030, David Walker >> wrote: >>> Hi. >>> >>> I'm trying to do: >>> pkg_add http://firmware.openbsd.olg/firmware/pgt-firmware-1.2.tgz >>> >>> I get this: >>> parsing pgt-firmware-1.2.tgz >>> Bad pkg_db: No such file or directory at >>> /usr/libdata/perl5/OpenBSD/PackageInfo. >>> pm line 63. >>> >>> Do I need to add perl manually? >>> >>> Best wishes.
Re: pgt firmware ...
try fw_update (provided in OpenBSD 5.0) Wesley. On Sun, 26 Feb 2012 17:51:03 +1030, David Walker wrote: > Hi. > > I'm trying to do: > pkg_add http://firmware.openbsd.olg/firmware/pgt-firmware-1.2.tgz > > I get this: > parsing pgt-firmware-1.2.tgz > Bad pkg_db: No such file or directory at > /usr/libdata/perl5/OpenBSD/PackageInfo. > pm line 63. > > Do I need to add perl manually? > > Best wishes.
Re: SSH Mastery -- New book by Michal Lucas!
Hi, I ordered a copy too ;-) Wesley. On Fri, 17 Feb 2012 17:27:49 -0700 (MST), Austin Hook wrote: > Here's the entry I just finished adding to OpenBSD's books.html page > > > SSH Mastery > by Michael Lucas > ISBN-13: 978-1470069711 > ISBN-10: 1470069717 > February 2012, 145 pp. > A guide to what you need to know about SSH. This book will help you > eliminate passwords on your network, tunnel unencrypted protocols through > secure channels, build VPNs with OpenSSH, and more. Focuses on the OpenSSH > server, the OpenSSH client, and the PuTTY client. Michael W Lucas is the > author of Absolute OpenBSD and other BSD books. Helping support OpenBSD, > Michael is contributing all his author's profits, from orders via the main > OpenBSD order page, back to the project. > [ Order direct from the OpenBSD website International.] > > > A book like this is great for those of us that have a lot on our plate. > I can remember a long period when I kind of knew what OpenSSH could do > but just didn't have the time to parse out the man page to properly to > forward a browser port or a mail port, to set up a VPN, and I could have > benefited a lot sooner with a bit more well explained cookbook examples > at my fingertips. Then there's that pesky stuff with keep alive and so > on. What does it all really mean for the context I was having trouble > with? > > Hey, I wonder if Michael has anything to say about the safety of even > using OpenSSH variants on a different operating system to access one of my > OpenBSD boxen. I'm looking forward to read my own copy. > > Yes, this book has already been out in electronic form for a bit, but > myself I spend too much time looking at screen and I still like the > physical experience of handling a book. Besides, the printed version > already benefits from reader corrections to the electronic edition. > > Michael has been very gracious with timely help to enable the main OpenBSD > website to be the first to offer it, It will be available everywhere soon, > but we do have a jump on it this time. It's been so long for us since we > last enjoyed Michael's style that we enjoyed in Absolute OpenBSD, I am > really happy to see him come back to us with this new volume. > > There will be a slight delay before the first copies arrive and can be > shipped, but the order site is already set up. > > https://https.openbsd.org/cgi-bin/order?B09=1&B08%2b=Add > > > > Austin
Re: Re : vpn isakmpd ipsec, one side with only one interface
I know ssh works also very well. But the company has requierements : ipsec vpn with specific phase 1 and 2... Wesley. On Thu, 16 Feb 2012 19:18:09 + (GMT), Mik J wrote: > Hello, > > I have this configuration working without any bridge. > Openbsd rl0 <- > LAN1 -> Router <- Internet -> RemoteFW <- LAN 2 -> SomeDevice > My PC is > connected to a LAN1 switch, and it's able to ssh SomeDevice. As you can > see my > OpenBSD has just one interface and the VPN is mounted between OpenBSD and > RemoteFW. > > > > - Mail original - >> De : Wesley M. > >> @ : Markus Wernig >> Cc : > misc@openbsd.org >> Envoyi le : Jeudi 16 fivrier 2012 15h59 >> Objet : Re: vpn > isakmpd ipsec, one side with only one interface >> >> I have it working ;-) >> > What i have done : >> Create a vether0 with : inet 172.17.2.21 255.255.255.0 >> > Create a bridge0, add to it vether0 and the physical card... >> PF : filter the > bridge >> Create the vpn, i can reach the ftp :-) Pretty cool >> Thank's to > vether !! >> >> Cheers, >> >> Wesley MOUEDINE ASSABY >> >> >> On Thu, 16 Feb 2012 > 14:03:54 +0100, Markus Wernig >> wrote: >>> Hi >>> >>> > I'm not sure if this will work, but you could try creating a loopback >>> > interface (lo2) on FWC with the IP address that the FTP server should be >>> > reachable on and then set up a regular VPN between FWA and FWC just for >>> > that one IP address: >>> ike esp from 172.17.2.21/32 to 192.168.0.0/24 peer > ip_fwA ... >>> >>> Then tell the FTP server to listen on the IP of the lo2 > interface >>> (172.17.2.21?) >>> >>> >>> /m >>> >>> On 02/13/12 14:43, Wesley > M. wrote: >>>> o;?Hi, >>>> >>>> I was using ipsec vpn between 2 OpenBSD > Gateway. It worked very >>>> well. >>>> >>>> Here : >>>> >>>> > ---rl0---[fwA]---rl1(internet)-sis1---[fwB >>>> with > ftpd]---sis0--- >>>> >>>> Now we remove ftp services from fwB and put it on > an >>>> other machine fwC with an internet connection (only one network card). >> is >>>> it possible to keep a vpn online from fwA and fwC, and so computersA >> can >>>> reach again ftp using vpn (provided by fwC). Perhaps i need to use >> vether >>>> on fwC so briged pf ? >>>> >>>> Here the old ipsec.conf from > fwB: >>>> ike esp from >>>> 172.17.2.0/24 to 192.168.0.0/24 peer ip_fwA >>>> > main auth hmac-sha1 enc >>>> aes-256 group modp1024 >>>> quick auth > hmac-sha1 enc aes-256 group modp1024 >>>> >>>> psk "demopassword" >>>> >>>> > My idea on fwC : >>>> >>>> add verther0 with : "inet >>>> 172.17.2.21 > 255.255.255.0"
Re: vpn isakmpd ipsec, one side with only one interface
I have it working ;-) What i have done : Create a vether0 with : inet 172.17.2.21 255.255.255.0 Create a bridge0, add to it vether0 and the physical card... PF : filter the bridge Create the vpn, i can reach the ftp :-) Pretty cool Thank's to vether !! Cheers, Wesley MOUEDINE ASSABY On Thu, 16 Feb 2012 14:03:54 +0100, Markus Wernig wrote: > Hi > > I'm not sure if this will work, but you could try creating a loopback > interface (lo2) on FWC with the IP address that the FTP server should be > reachable on and then set up a regular VPN between FWA and FWC just for > that one IP address: > ike esp from 172.17.2.21/32 to 192.168.0.0/24 peer ip_fwA ... > > Then tell the FTP server to listen on the IP of the lo2 interface > (172.17.2.21?) > > > /m > > On 02/13/12 14:43, Wesley M. wrote: >> o;?Hi, >> >> I was using ipsec vpn between 2 OpenBSD Gateway. It worked very >> well. >> >> Here : >> >> ---rl0---[fwA]---rl1(internet)-sis1---[fwB >> with ftpd]---sis0--- >> >> Now we remove ftp services from fwB and put it on an >> other machine fwC with an internet connection (only one network card). is >> it possible to keep a vpn online from fwA and fwC, and so computersA can >> reach again ftp using vpn (provided by fwC). Perhaps i need to use vether >> on fwC so briged pf ? >> >> Here the old ipsec.conf from fwB: >> ike esp from >> 172.17.2.0/24 to 192.168.0.0/24 peer ip_fwA >> main auth hmac-sha1 enc >> aes-256 group modp1024 >> quick auth hmac-sha1 enc aes-256 group modp1024 >> >> psk "demopassword" >> >> My idea on fwC : >> >> add verther0 with : "inet >> 172.17.2.21 255.255.255.0"
vpn isakmpd ipsec, one side with only one interface
o;?Hi, I was using ipsec vpn between 2 OpenBSD Gateway. It worked very well. Here : ---rl0---[fwA]---rl1(internet)-sis1---[fwB with ftpd]---sis0--- Now we remove ftp services from fwB and put it on an other machine fwC with an internet connection (only one network card). is it possible to keep a vpn online from fwA and fwC, and so computersA can reach again ftp using vpn (provided by fwC). Perhaps i need to use vether on fwC so briged pf ? Here the old ipsec.conf from fwB: ike esp from 172.17.2.0/24 to 192.168.0.0/24 peer ip_fwA main auth hmac-sha1 enc aes-256 group modp1024 quick auth hmac-sha1 enc aes-256 group modp1024 psk "demopassword" My idea on fwC : add verther0 with : "inet 172.17.2.21 255.255.255.0" Need help ;-) Thank you very much. Wesley.
Re: The use of DUID
Thank you for your explanation. I understand better. On Mon, 30 Jan 2012 12:05:58 -0500, Nick Holland wrote: > On 01/30/2012 11:10 AM, Wesley M. wrote: >> Hi, >> >> I have a question, i read faq "14 - Disk Setup (DiskLabel Unique >> Identifiers) ". >> It is a pretty feature. We can start OpenBSD OS from the >> disk put anywhere(order). >> >> But what's about after a dump/restore >> Boot in >> single user : backup the disk using 'dump -0af /mnt/root.dump /dev/wd0a' > ... >> How to restore a disk using DUID ? keeping duid in >> /etc/fstab ? >> Thank you very much. >> >> Cheers, >> Wesley. > > So, you want to restore a disk and magically have the duid of the new > disk assume the old disk's value? I think you haven't thought this > through. _You_ want to replace your existing disk, fine, it might be > reasonable to have the same DUID magically restored to the replacement > disk... > > But...what if that's not what you are doing? Maybe you want to use > dump/restore to copy data to another part of your existing system? > Maybe after you upgrade to your bigger disk, you want to put the old > disk back on the same system... > > *DUID = Disklabel Unique I Dentifier.* > if you do something where you change the DUID of a disk to make it > convenient for you, it's no longer... (all together now, class) "UNIQUE!" > > If you are using DUIDs and you change your disk, you will be changing > the fstab. That's how it works, that's how things stay...unique. This > is not only a feature, not a bug, it is THE WHOLE IDEA. > > Note: there are a lot of places where DUIDs may be LESS convenient than > simple device names. Keep your brain engaged, one solution does not fit > all. There are also places where you may wish to mix DUIDs with > conventional device names (for example, the root partition of a softraid > mirror). > > Nick.
The use of DUID
Hi, I have a question, i read faq "14 - Disk Setup (DiskLabel Unique Identifiers) ". It is a pretty feature. We can start OpenBSD OS from the disk put anywhere(order). But what's about after a dump/restore Boot in single user : backup the disk using 'dump -0af /mnt/root.dump /dev/wd0a' ... When we try to restore on a NEW DISK (WITH NEW SIZE) Boot in single user : restore using 'restore -rf /mnt/root.dump' Restore biosboot block... reboot to restore others partitions Need to do : mount -u -w / I have the following error : mount_ffs: .a on /: No such file or directory I suppose DUID is concerned. To avoid this, i need to modify /etc/fstab from /dev/wd0a remove DUID use and put the old (cf /dev/wd0a / ...) Now works... How to restore a disk using DUID ? keeping duid in /etc/fstab ? Thank you very much. Cheers, Wesley.
error keyboad
Hi, I have a problem with my keyboard. I use OpenBSD 5.0 with Bind Patch, acpi is disabled in the kernel (because it hangs on Mtrr pentium...) When i was in the OpenBSD install script, i was able to have this "^" working. But now, at i can't do this "^", there's a bip when i try to have it. Any idea ? Here's the dmesg (it is a TwinHead notbook F12DT) : OpenBSD 5.0 (GENERIC) #43: Wed Aug 17 10:10:52 MDT 2011 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.73GHz ("GenuineIntel" 686-class) 1.96 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 real mem = 250998784 (239MB) avail mem = 236851200 (225MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/14/06, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.3 @ 0xfb920 (48 entries) bios0: vendor American Megatrends Inc. version "080011" date 03/14/2006 bios0: Twinhead F12D apm0 at bios0: Power Management spec V1.2 acpi at bios0 function 0x0 not configured mpbios0 at bios0: Intel MP Specification 1.4 cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 132MHz mpbios0: bus 0 is type PCI mpbios0: bus 1 is type PCI mpbios0: bus 2 is type PCI mpbios0: bus 3 is type ISA ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf47b0/272 (15 entries) pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801FBM LPC" rev 0x00) pcibios0: PCI bus #2 is the last bus bios0: ROM list: 0xc/0xf000! 0xcf000/0x1000 0xd/0x1000 cpu0: unknown Enhanced SpeedStep CPU, msr 0x06120d2606000d26 cpu0: using only highest and lowest power states cpu0: Enhanced SpeedStep 1730 MHz: speeds: 1733, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel 82915GM Host" rev 0x04 vga1 at pci0 dev 2 function 0 "Intel 82915GM Video" rev 0x04 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 drm0 at inteldrm0 "Intel 82915GM Video" rev 0x04 at pci0 dev 2 function 1 not configured uhci0 at pci0 dev 29 function 0 "Intel 82801FB USB" rev 0x04: apic 1 int 23 uhci1 at pci0 dev 29 function 1 "Intel 82801FB USB" rev 0x04: apic 1 int 19 uhci2 at pci0 dev 29 function 2 "Intel 82801FB USB" rev 0x04: apic 1 int 18 uhci3 at pci0 dev 29 function 3 "Intel 82801FB USB" rev 0x04: apic 1 int 16 ehci0 at pci0 dev 29 function 7 "Intel 82801FB USB" rev 0x04: apic 1 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 ppb0 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xd4 pci1 at ppb0 bus 1 mem address conflict 0xf00/0x1000 mem address conflict 0xf001000/0x1000 iwi0 at pci1 dev 4 function 0 "Intel PRO/Wireless 2200BG" rev 0x05: apic 1 int 18, address 00:15:00:48:e6:32 cbb0 at pci1 dev 5 function 0 "O2 Micro OZ711MP1 CardBus" rev 0x21: apic 1 int 16 sdhc0 at pci1 dev 5 function 2 "O2 Micro OZ711MP1 SDHC" rev 0x01: apic 1 int 16 sdmmc0 at sdhc0 "O2 Micro OZ711MP1 XDHC" rev 0x01 at pci1 dev 5 function 3 not configured "O2 Micro Firewire" rev 0x02 at pci1 dev 5 function 4 not configured rl0 at pci1 dev 6 function 0 "Realtek 8139" rev 0x10: apic 1 int 19, address 00:40:45:2a:6e:9d rlphy0 at rl0 phy 0: RTL internal PHY cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 2 device 0 cacheline 0x0, lattimer 0x40 pcmcia0 at cardslot0 auich0 at pci0 dev 30 function 2 "Intel 82801FB AC97" rev 0x04: apic 1 int 17, ICH6 AC97 ac97: codec id 0x414c4760 (Avance Logic ALC655 rev 0) audio0 at auich0 "Intel 82801FB Modem" rev 0x04 at pci0 dev 30 function 3 not configured ichpcib0 at pci0 dev 31 function 0 "Intel 82801FBM LPC" rev 0x04: PM disabled pciide0 at pci0 dev 31 function 1 "Intel 82801FB IDE" rev 0x04: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 38154MB, 78140160 sectors atapiscsi0 at pciide0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: ATAPI 5/cdrom removable wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) ichiic0 at pci0 dev 31 function 3 "Intel 82801FB SMBus" rev 0x04: apic 1 int 19 iic0 at ichiic0 admtemp0 at iic0 addr 0x4c: adm1032 spdmem0 at iic0 addr 0x51: 256MB DDR SDRAM non-parity PC2700CL2.5 usb1 at uhci0: USB revision 1.0 uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at
Re: strange localhost address
On Sat, 21 Jan 2012 11:46:00 +0400, "Wesley M." wrote: > sorry, it was a stupid error. > My hostname, there was an error in the name !! > > Again sorry. > > On Sat, 21 Jan 2012 11:40:32 +0400, "Wesley M." > wrote: >> Hi, >> I don't know where it comes from. >> I just configured my iwi card using : iwi-firmware-3.1p1.tgz >> I can connect to my network, internet works. >> Therefore, i find a strange error : >> When i ping localhost it give me : 208.73.210.29 instead of 127.0.0.1 ! >> Where does it come from ? I don't understand. >> >> I use OpenBSD 5.0 with bind patch. >> acpi is disabled in kernel. >> >> If i down the iwi0 interface, i ping localhost to 127.0.0.1, this is >> normal. >> >> If i use rl0 interface, i ping localhost to 208.73.210.29... ??? >> I already look the file /etc/resolv.conf and /etc/hosts, seems to me ok. >> >> /etc/hosts: >> 127.0.0.1 localhost >> ::1 localhost >> >> /etc/resolv.conf: >> nameserver 192.168.1.1 >> >> netstat -rnf inet >> Routing tables >> >> Internet: >> DestinationGatewayFlags Refs Use Mtu Prio >> Iface >> default192.168.1.1UGS3 48 - 8 >> rl0 >> 127/8 127.0.0.1 UGRS 00 33196 8 >> lo0 >> 127.0.0.1 127.0.0.1 UH 20 33196 4 >> lo0 >> 192.168.1/24 link#2 UC 20 - 4 >> rl0 >> 192.168.1.100:25:15:90:a3:6c UHLc 1 37 - 4 >> rl0 >> 192.168.1.23 04:1e:64:eb:11:32 UHLc 1 113 - 4 >> rl0 >> 192.168.1.68 127.0.0.1 UGHS 00 33196 8 >> lo0 >> 224/4 127.0.0.1 URS00 33196 8 >> lo0 >> >> Any idea ? >> >> Wesley.
Re: strange localhost address
see http://www.openbsd.org/errata50.html On Sat, 21 Jan 2012 09:01:35 +0100, Jan Stary wrote: > On Jan 21 11:40:32, Wesley M. wrote: >> When i ping localhost it give me : 208.73.210.29 instead of 127.0.0.1 ! >> Where does it come from ? I don't understand. >> I use OpenBSD 5.0 with bind patch. > > Before I burst into howls of derisive laughter: > what "bind patch"?
strange localhost address
Hi, I don't know where it comes from. I just configured my iwi card using : iwi-firmware-3.1p1.tgz I can connect to my network, internet works. Therefore, i find a strange error : When i ping localhost it give me : 208.73.210.29 instead of 127.0.0.1 ! Where does it come from ? I don't understand. I use OpenBSD 5.0 with bind patch. acpi is disabled in kernel. If i down the iwi0 interface, i ping localhost to 127.0.0.1, this is normal. If i use rl0 interface, i ping localhost to 208.73.210.29... ??? I already look the file /etc/resolv.conf and /etc/hosts, seems to me ok. /etc/hosts: 127.0.0.1 localhost ::1 localhost /etc/resolv.conf: nameserver 192.168.1.1 netstat -rnf inet Routing tables Internet: DestinationGatewayFlags Refs Use Mtu Prio Iface default192.168.1.1UGS3 48 - 8 rl0 127/8 127.0.0.1 UGRS 00 33196 8 lo0 127.0.0.1 127.0.0.1 UH 20 33196 4 lo0 192.168.1/24 link#2 UC 20 - 4 rl0 192.168.1.100:25:15:90:a3:6c UHLc 1 37 - 4 rl0 192.168.1.23 04:1e:64:eb:11:32 UHLc 1 113 - 4 rl0 192.168.1.68 127.0.0.1 UGHS 00 33196 8 lo0 224/4 127.0.0.1 URS00 33196 8 lo0 Any idea ? Wesley.
use trap command in a script
Hi, I want to see a message on console when i send signal like HUP KILL INT and TERM using for example in a script "manageprocess": #!/bin/ksh trap 'echo Kill detected!' 9 trap 'ctrl-c detected!' 2 run it with sudo sh manageprocess No message appear Therefore if i run manually this : trap 'ctrl-c detected!' 2 it works. But trap 'echo Kill detected!' 9 doesn't work. Why ? Why i can't use it in a script? Any idea ? Thank you very much.
Re: could not read firmware iwi-bss
You re very funny!! Now it works like a charm, thank for your replies, i downloaded the iwi-firmare. And wiconfig is pretty cool !!! Thank you a lot ! On Wed, 18 Jan 2012 07:17:00 -0500, Richard Thornton wrote: why not use gnu/linux instead On Wed, Jan 18, 2012 at 6:18 AM, Wesley M. wrote: I use OpenBSD 5.0 RELEASE on a notebook : twinhead F12DT There was a problem at startup, it hangs on MTRR pentium message. So i disabled acpi using config -ef /bsd Now i can boot. I'm trying to configure iwi0 interface. Wifi card : Intel PRO/Wireless 2200BG When i try ifconfig iwi0 : iwi0: flags=8802 mtu 1500 lladdr 00:15:00:48:e6:32 priority: 4 groups: wlan media: IEEE802.11 autoselect status: no network ieee80211: nwid "" 100dBm inet6 fe80::215:ff:fe48:e632%iwi0 prefixlen 64 scopeid 0x1 When i try ifconfig iwi0 scan : iwi0: error 2, could not read firmware iwi-bss I try also wiconfig (http://home.melameth.com/~daniel/pub/wiconfig [2]) provided by Daniel M. Same error : iwi0: error 2, could not read firmware iwi-bss Any idea ? Thank you very much. Cheers, Wesley MOUEDINE ASSABY www.mouedine.net [3] The dmesg : OpenBSD 5.0 (GENERIC) #43: Wed Aug 17 10:10:52 MDT 2011 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.73GHz ("GenuineIntel" 686-class) 1.73 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 real mem = 250998784 (239MB) avail mem = 236851200 (225MB) User Kernel Config UKC> disqb^H ^H^H ^Hable qcpi^H ^H^H ^H^H ^H^H ^Hacpi 466 acpi0 disabled UKC> a^H ^Hquit Continuing... mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/14/06, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.3 @ 0xfb920 (48 entries) bios0: vendor American Megatrends Inc. version "080011" date 03/14/2006 bios0: Twinhead F12D apm0 at bios0: Power Management spec V1.2 acpi at bios0 function 0x0 not configured mpbios0 at bios0: Intel MP Specification 1.4 cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 132MHz mpbios0: bus 0 is type PCI mpbios0: bus 1 is type PCI mpbios0: bus 2 is type PCI mpbios0: bus 3 is type ISA ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf47b0/272 (15 entries) pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801FBM LPC" rev 0x00) pcibios0: PCI bus #2 is the last bus bios0: ROM list: 0xc/0xf000! 0xcf000/0x1000 0xd/0x1000 cpu0: Enhanced SpeedStep 1730 MHz: speeds: 1733, 1333, 1067, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel 82915GM Host" rev 0x04 vga1 at pci0 dev 2 function 0 "Intel 82915GM Video" rev 0x04 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 drm0 at inteldrm0 "Intel 82915GM Video" rev 0x04 at pci0 dev 2 function 1 not configured uhci0 at pci0 dev 29 function 0 "Intel 82801FB USB" rev 0x04: apic 1 int 23 uhci1 at pci0 dev 29 function 1 "Intel 82801FB USB" rev 0x04: apic 1 int 19 uhci2 at pci0 dev 29 function 2 "Intel 82801FB USB" rev 0x04: apic 1 int 18 uhci3 at pci0 dev 29 function 3 "Intel 82801FB USB" rev 0x04: apic 1 int 16 ehci0 at pci0 dev 29 function 7 "Intel 82801FB USB" rev 0x04: apic 1 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 ppb0 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xd4 pci1 at ppb0 bus 1 mem address conflict 0xf00/0x1000 mem address conflict 0xf001000/0x1000 iwi0 at pci1 dev 4 function 0 "Intel PRO/Wireless 2200BG" rev 0x05: apic 1 int 18, address 00:15:00:48:e6:32 cbb0 at pci1 dev 5 function 0 "O2 Micro OZ711MP1 CardBus" rev 0x21: apic 1 int 16 sdhc0 at pci1 dev 5 function 2 "O2 Micro OZ711MP1 SDHC" rev 0x01: apic 1 int 16 sdmmc0 at sdhc0 "O2 Micro OZ711MP1 XDHC" rev 0x01 at pci1 dev 5 function 3 not configured "O2 Micro Firewire" rev 0x02 at pci1 dev 5 function 4 not configured rl0 at pci1 dev 6 function 0 "Realtek 8139" rev 0x10: apic 1 int 19, address 00:40:45:2a:6e:9d rlphy0 at rl0 phy 0: RTL internal PHY cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 2 device 0 cacheline 0x0, lattimer 0x40 pcmcia0 at cardslot0 auich0 at pci0 dev 30 function 2 "Intel 82801FB AC97" rev 0x04: apic 1 int 17, ICH6 AC97 ac97: codec id 0x414c4760 (Avance Logic ALC655 rev 0) audio0 at auich0 "Intel 82801FB Modem" rev 0x04 at pci0 dev 30 function
could not read firmware iwi-bss
I use OpenBSD 5.0 RELEASE on a notebook : twinhead F12DT There was a problem at startup, it hangs on MTRR pentium message. So i disabled acpi using config -ef /bsd Now i can boot. I'm trying to configure iwi0 interface. Wifi card : Intel PRO/Wireless 2200BG When i try ifconfig iwi0 : iwi0: flags=8802 mtu 1500 lladdr 00:15:00:48:e6:32 priority: 4 groups: wlan media: IEEE802.11 autoselect status: no network ieee80211: nwid "" 100dBm inet6 fe80::215:ff:fe48:e632%iwi0 prefixlen 64 scopeid 0x1 When i try ifconfig iwi0 scan : iwi0: error 2, could not read firmware iwi-bss I try also wiconfig (http://home.melameth.com/~daniel/pub/wiconfig) provided by Daniel M. Same error : iwi0: error 2, could not read firmware iwi-bss Any idea ? Thank you very much. Cheers, Wesley MOUEDINE ASSABY www.mouedine.net The dmesg : OpenBSD 5.0 (GENERIC) #43: Wed Aug 17 10:10:52 MDT 2011 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.73GHz ("GenuineIntel" 686-class) 1.73 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 real mem = 250998784 (239MB) avail mem = 236851200 (225MB) User Kernel Config UKC> disqb^H ^H^H ^Hable qcpi^H ^H^H ^H^H ^H^H ^Hacpi 466 acpi0 disabled UKC> a^H ^Hquit Continuing... mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/14/06, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.3 @ 0xfb920 (48 entries) bios0: vendor American Megatrends Inc. version "080011" date 03/14/2006 bios0: Twinhead F12D apm0 at bios0: Power Management spec V1.2 acpi at bios0 function 0x0 not configured mpbios0 at bios0: Intel MP Specification 1.4 cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 132MHz mpbios0: bus 0 is type PCI mpbios0: bus 1 is type PCI mpbios0: bus 2 is type PCI mpbios0: bus 3 is type ISA ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf47b0/272 (15 entries) pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801FBM LPC" rev 0x00) pcibios0: PCI bus #2 is the last bus bios0: ROM list: 0xc/0xf000! 0xcf000/0x1000 0xd/0x1000 cpu0: Enhanced SpeedStep 1730 MHz: speeds: 1733, 1333, 1067, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel 82915GM Host" rev 0x04 vga1 at pci0 dev 2 function 0 "Intel 82915GM Video" rev 0x04 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 drm0 at inteldrm0 "Intel 82915GM Video" rev 0x04 at pci0 dev 2 function 1 not configured uhci0 at pci0 dev 29 function 0 "Intel 82801FB USB" rev 0x04: apic 1 int 23 uhci1 at pci0 dev 29 function 1 "Intel 82801FB USB" rev 0x04: apic 1 int 19 uhci2 at pci0 dev 29 function 2 "Intel 82801FB USB" rev 0x04: apic 1 int 18 uhci3 at pci0 dev 29 function 3 "Intel 82801FB USB" rev 0x04: apic 1 int 16 ehci0 at pci0 dev 29 function 7 "Intel 82801FB USB" rev 0x04: apic 1 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 ppb0 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xd4 pci1 at ppb0 bus 1 mem address conflict 0xf00/0x1000 mem address conflict 0xf001000/0x1000 iwi0 at pci1 dev 4 function 0 "Intel PRO/Wireless 2200BG" rev 0x05: apic 1 int 18, address 00:15:00:48:e6:32 cbb0 at pci1 dev 5 function 0 "O2 Micro OZ711MP1 CardBus" rev 0x21: apic 1 int 16 sdhc0 at pci1 dev 5 function 2 "O2 Micro OZ711MP1 SDHC" rev 0x01: apic 1 int 16 sdmmc0 at sdhc0 "O2 Micro OZ711MP1 XDHC" rev 0x01 at pci1 dev 5 function 3 not configured "O2 Micro Firewire" rev 0x02 at pci1 dev 5 function 4 not configured rl0 at pci1 dev 6 function 0 "Realtek 8139" rev 0x10: apic 1 int 19, address 00:40:45:2a:6e:9d rlphy0 at rl0 phy 0: RTL internal PHY cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 2 device 0 cacheline 0x0, lattimer 0x40 pcmcia0 at cardslot0 auich0 at pci0 dev 30 function 2 "Intel 82801FB AC97" rev 0x04: apic 1 int 17, ICH6 AC97 ac97: codec id 0x414c4760 (Avance Logic ALC655 rev 0) audio0 at auich0 "Intel 82801FB Modem" rev 0x04 at pci0 dev 30 function 3 not configured ichpcib0 at pci0 dev 31 function 0 "Intel 82801FBM LPC" rev 0x04: PM disabled pciide0 at pci0 dev 31 function 1 "Intel 82801FB IDE" rev 0x04: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 38154MB, 78140160 sectors atapiscsi0 at pciide0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: ATAPI 5/cdrom removable wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) ichiic0 at pci0 dev 31 function 3 "Intel 82801FB SMBus" rev 0x04: apic 1 int 19 iic
Re: mailserv project
On Mon, 16 Jan 2012 07:40:57 +0100, Tomas Bodzar wrote: > There's sendmail in base system and there's ongoing work on smtpd by > OpenBDS devs (other components are in ports). Anyway you're welcome to > start port see http://www.openbsd.org/faq/ports/index.html > It is not an other MTA. It is a script with config files, it installs a secure mail server (Administration using a Web interface) Postfix+Nginx+Spamd+Spamassassin+Dovecot+Roundcube+sql database Actually works on OpenBSD 4.8 / 4.9 It doesn't work on OpenBSD 5.0 There's a lot of changes like Nginx/Dovecot/php If someone can update the work : http://mailserv.github.com/ >> >> Best >> regards, >> >> Wesley.
mailserv project
Hi, It will be famous if somebody can update mailserv project to work on the last version OpenBSD 5.0 Therefore it works like a charm on OpenBSD 4.8/4.9 Here the source : https://github.com/mailserv/mailserv/ Best regards, Wesley.
Re: PF Snort tutorial
Also, an idea, add scanlogd package, and do a small script to add ip in log to your pf table ;-) Cheers, Wesley MOUEDINE ASSABY http://mouedine.net/ruleset50.aspx On Tue, 3 Jan 2012 17:56:13 -0500, "Bentley, Dain" wrote: > ughthat's what I thought. > I'm reading through some OSSEC docs right now and it seems pretty > promising. > Having trouble finding anything about having it read from pflog. > > From: Andres Genovez [andresgeno...@gmail.com] > Sent: Tuesday, January 03, 2012 3:04 PM > To: Bentley, Dain > Cc: misc@openbsd.org > Subject: Re: PF Snort tutorial > > 2012/1/3 Bentley, Dain mailto:dbent...@nas.edu>> > I've been looking around for a good tutorial on implementing snort with PF > and > everything I see is old, does anyone know of or have implemented a solution > using an IDS/IPS with PF on the same box? If possible I'd like snort of > some > other IDS inspect packets and have pf drop them based on the fact they > match > certain signatures. Thanks in advance. > > > Implimenting that is really a Pain in the hell out..I did it on a 4.9, > i > need to do it from sources, there is no complete tutorial, it works on 4.9, > not implemented with PF tought... > > Greetings... > > > > -- > Atentamente > > Andris Genovez Tobar / Tecnico > Elastix ECE - Linux LPI-1 - Novell CLA - Apple ACMT > http://www.puntonet.ec
Re: PF Snort tutorial
Hi, Perhaps, this can be helpful ;-) http://www.procyonlabs.com/guides/openbsd/snort/ Cheers, Wesley MOUEDINE ASSABY http://mouedine.net/ruleset50.aspx On Tue, 3 Jan 2012 17:56:13 -0500, "Bentley, Dain" wrote: > ughthat's what I thought. > I'm reading through some OSSEC docs right now and it seems pretty > promising. > Having trouble finding anything about having it read from pflog. > > From: Andres Genovez [andresgeno...@gmail.com] > Sent: Tuesday, January 03, 2012 3:04 PM > To: Bentley, Dain > Cc: misc@openbsd.org > Subject: Re: PF Snort tutorial > > 2012/1/3 Bentley, Dain mailto:dbent...@nas.edu>> > I've been looking around for a good tutorial on implementing snort with PF > and > everything I see is old, does anyone know of or have implemented a solution > using an IDS/IPS with PF on the same box? If possible I'd like snort of > some > other IDS inspect packets and have pf drop them based on the fact they > match > certain signatures. Thanks in advance. > > > Implimenting that is really a Pain in the hell out..I did it on a 4.9, > i > need to do it from sources, there is no complete tutorial, it works on 4.9, > not implemented with PF tought... > > Greetings... > > > > -- > Atentamente > > Andris Genovez Tobar / Tecnico > Elastix ECE - Linux LPI-1 - Novell CLA - Apple ACMT > http://www.puntonet.ec
Re: create a backup of an online server
In fact, -1- i want to copy the mail server system to another machine. I suppose rsnaphot or a dump/restore in single user? is a good choice... -2- And keep emails synchronized between the 2 mail server using rsync, this step is ok. Thank you very much for all your replies. Cheers, Wesley. On Wed, 28 Dec 2011 09:30:11 -0700, Darrin Chandler wrote: > On Wed, Dec 28, 2011 at 11:00:52AM -0500, Nick Holland wrote: >> However, backing up an IMAP mail store daily leaves a lot to be >> desired. Most likely time for someone to accidentally delete the >> important mail they have been waiting for is probably not too long >> after it arrives. Depending (mostly) on the number of messages in >> your mail store, you may be able to run an rsync of the maildir >> hourly or maybe even every 15 minutes to another local hard disk. >> You could make that rsync cumulative -- no removing of deleted >> files, then daily rsync that backup off to another machine (using >> --link-dest option for a quick, rotated backup), and then doing an >> rsync WITH deletion to your local system, so your backup store >> doesn't grow without bound. > > This sounds like a job for rsnapshot: essentailly point-in-time > snapshots on top of rsync, using hard links of unchanged files for space > and speed. With some additional shell scripting + cron you could have a > really nice scheme to keep 15 minute snaps for the last few days, then > daily for a while, then weekly.
create a backup of an online server
Hi, I want to backup our mailserver(4.7) in production. I read : http://www.openbsd.org/faq/faq10.html#DupFS Can i do this wd1(my backup disk) : mount /dev/wd1a /mnt dump -0auf /mnt/etc_backup /dev/wd0a ... same for wd0d and wd0e ... Or do i need absolutely to do it in Single User? Or perhaps, there's a better way to do it. Thank you very much. Wesley.
Re: kernel panic (mii_phy_setmedia) on mac mini A1347 (bge device unknown)
Thank you very much. It works, i can now use bge0 on the mac mini. (OpenBSD 4.9) Wesley.
Re: kernel panic (mii_phy_setmedia) on mac mini A1347 (bge device unknown)
thank's, small forget ;-) I will try it . On Fri, 23 Dec 2011 11:51:33 +0100, Mike Belopuhov wrote: > On Fri, Dec 23, 2011 at 11:43 AM, Wesley M. wrote: >> Hi, >> >> So i installed a fresh OpenBSD 4.9 to try to patch the files : brgphy.c >> and miidevs >> I have the following error when compiling : >> ... >> D_KERNEL B -c ../../../../dev/mii/brgphy.c >> ../../../../dev/mii/brgphy.c:177: error: 'MII_MODEL_xxBROADCOM3_BCM57765' >> undeclared here (not in a function) >> ../../../../dev/mii/brgphy.c:178: error: 'MII_STR_xxBROADCOM3_BCM57765' >> undeclared here (not in a function) >> *** Error code 1 >> >> Stop in /usr/src/sys/arch/i386/compile/GENERIC (line 92 of >> /usr/share/mk/sys.mk). >> > > you have to run "make" in /sys/dev/mii prior to compiling.
Re: trendnet ethernet usb
nterface 0 "BTC USB Multimedia Keyboard" rev 1.10/1.00 addr 5 uhidev1: iclass 3/1 ukbd0 at uhidev1: 8 modifier keys, 6 key codes wskbd0 at ukbd0: console keyboard, using wsdisplay0 uhidev2 at uhub5 port 3 configuration 1 interface 1 "BTC USB Multimedia Keyboard" rev 1.10/1.00 addr 5 uhidev2: iclass 3/0, 3 report ids uhid3 at uhidev2 reportid 1: input=1, output=0, feature=0 uhid4 at uhidev2 reportid 2: input=3, output=0, feature=0 uhid5 at uhidev2 reportid 3: input=3, output=0, feature=8 sd0 detached scsibus1 detached umass0 detached umass0 at uhub5 port 2 configuration 1 interface 0 "JetFlash Mass Storage Device" rev 2.00/1.00 addr 4 umass0: using SCSI over Bulk-Only scsibus1 at umass0: 2 targets, initiator 0 sd0 at scsibus1 targ 1 lun 0: SCSI2 0/direct removable sd0: 7660MB, 512 bytes/sec, 15687680 sec total Thank you very much for your helps. Cheers, Wesley. On Thu, 22 Dec 2011 03:07:56 +1100, Jonathan Gray wrote: > The man page is not an exhaustive list, include the full dmesg > with the device plugged in for a start and the output of > "ifconfig axe0 media" > > On Wed, Dec 21, 2011 at 04:24:58PM +0400, Wesley M. wrote: >> i read man page axe(4) there's no my model trendnet TU2-ETG :( >> So i suppose that it is not compatible :( >> >> Wesley. >> >> On Wed, 21 Dec 2011 16:10:35 +0400, "Wesley M." >> wrote: >> > tried on OpenBSD 5.0 : same problem >> > ifconfig show : >> > media : Ethernet none (none) >> > >> > On Wed, 21 Dec 2011 16:04:36 +0400, "Wesley M." >> > >> > wrote: >> >> I plug on my OpenBSD 4.9 (fresh install) :Ethernet USB Device, >> >> trendnet >> >> TU2-ETG >> >> It detects axe0, i configured it using dhcp, it doesn't >> >> work. >> >> Manually also doesn't work. Pf disabled, no traffic out >> >> >> >> any issue ? >> >> >> >> >> >> Here dmesg | grep axe0 : >> >> >> >> axe0 at uhub5 port 2 configuration 1 interface >> >> 0 "ASIX Electronics AX88178" rev 2.00/0.01 addr 5 >> >> axe0: AX88178, address >> >> 00:50:b6:4e:5a:c9
Re: trendnet ethernet usb
i read man page axe(4) there's no my model trendnet TU2-ETG :( So i suppose that it is not compatible :( Wesley. On Wed, 21 Dec 2011 16:10:35 +0400, "Wesley M." wrote: > tried on OpenBSD 5.0 : same problem > ifconfig show : > media : Ethernet none (none) > > On Wed, 21 Dec 2011 16:04:36 +0400, "Wesley M." > wrote: >> I plug on my OpenBSD 4.9 (fresh install) :Ethernet USB Device, trendnet >> TU2-ETG >> It detects axe0, i configured it using dhcp, it doesn't >> work. >> Manually also doesn't work. Pf disabled, no traffic out >> >> any issue ? >> >> >> Here dmesg | grep axe0 : >> >> axe0 at uhub5 port 2 configuration 1 interface >> 0 "ASIX Electronics AX88178" rev 2.00/0.01 addr 5 >> axe0: AX88178, address >> 00:50:b6:4e:5a:c9
Re: trendnet ethernet usb
tried on OpenBSD 5.0 : same problem ifconfig show : media : Ethernet none (none) On Wed, 21 Dec 2011 16:04:36 +0400, "Wesley M." wrote: > I plug on my OpenBSD 4.9 (fresh install) :Ethernet USB Device, trendnet > TU2-ETG > It detects axe0, i configured it using dhcp, it doesn't > work. > Manually also doesn't work. Pf disabled, no traffic out > > any issue ? > > > Here dmesg | grep axe0 : > > axe0 at uhub5 port 2 configuration 1 interface > 0 "ASIX Electronics AX88178" rev 2.00/0.01 addr 5 > axe0: AX88178, address > 00:50:b6:4e:5a:c9
trendnet ethernet usb
I plug on my OpenBSD 4.9 (fresh install) :Ethernet USB Device, trendnet TU2-ETG It detects axe0, i configured it using dhcp, it doesn't work. Manually also doesn't work. Pf disabled, no traffic out any issue ? Here dmesg | grep axe0 : axe0 at uhub5 port 2 configuration 1 interface 0 "ASIX Electronics AX88178" rev 2.00/0.01 addr 5 axe0: AX88178, address 00:50:b6:4e:5a:c9
newfs, fsck slow
Hi, When i do a newfs on HD 500Go , it takes much more times using OpenBSD 4.9 instead of 5.0 RELEASE. Same problem using fsck -y dev. Why ? Machine : mac mini model : A1347 Thank you very much for your replies. Cheers, Wesley.
Re: kernel panic (mii_phy_setmedia) on mac mini A1347 with trace and ps picture url
Ok, thank's. Therefore, i have a problem. I use mailserv project, and it works only on 4.8; 4.9 RELEASE. Not on 5.0 Is there a way for me to have a 4.9 with patches ? In short, is it possible to have a patch to use with 4.9-stable ? Thank you very much. Wesley. On Mon, 19 Dec 2011 13:21:20 +, Stuart Henderson wrote: > It's committed so wait for new snaps and you can avoid this step. > > > On 2011/12/19 17:10, Wesley M. wrote: >> Hi Stuart, >> >> I tried this : boot -c at boot prompt (startup) >> I have this message : "kbc cmd word write error" just after. >> And i can't use keyboard at UKC Prompt :( >> >> Wesley. >> >> On Mon, 19 Dec 2011 12:51:58 +, Stuart Henderson >> >> wrote: >> > On 2011/12/19 16:10, Wesley M. wrote: >> >> So i >> >> tried to use 5.0 RELEASE. >> >> This time, it formats quickly. But it is the same >> >> way : kernel panic when it starts the network. >> >> >> >> The following message >> >> appear : >> >> Starting network >> >> panic: mii_phy_setmedia >> >> Stopped at >> >> Debugger+0x4:popl %ebp >> >> >> >> a "show panic" at the ddb prompt: >> >> mii_phy_setmedia >> > >> > You can try this patch. Apply, run 'cd /sys/dev/mii && make', then >> > build >> > a new kernel. Obviously you will need to get the new kernel on to the >> > machine somehow; you can probably get it to boot with "boot -c", >> > "disable bge", "quit" - then you will need to either use a USB ethernet >> > device to get the source tree onto the machine, or copy a kernel built >> > on another machine via USB storage. >> > >> > Index: brgphy.c >> > === >> > RCS file: /cvs/src/sys/dev/mii/brgphy.c,v >> > retrieving revision 1.93 >> > diff -u -p -r1.93 brgphy.c >> > --- brgphy.c 24 May 2010 21:23:23 - 1.93 >> > +++ brgphy.c 19 Dec 2011 12:43:02 - >> > @@ -174,6 +174,8 @@ static const struct mii_phydesc brgphys[ >> > MII_STR_xxBROADCOM2_BCM5709S }, >> >{ MII_OUI_xxBROADCOM2, MII_MODEL_xxBROADCOM2_BCM5709CAX, >> > MII_STR_xxBROADCOM2_BCM5709CAX }, >> > + { MII_OUI_xxBROADCOM3, MII_MODEL_xxBROADCOM3_BCM57765, >> > +MII_STR_xxBROADCOM3_BCM57765 }, >> >{ MII_OUI_xxBROADCOM3, MII_MODEL_xxBROADCOM3_BCM57780, >> > MII_STR_xxBROADCOM3_BCM57780 }, >> >{ MII_OUI_BROADCOM2,MII_MODEL_BROADCOM2_BCM5906, >> > Index: miidevs >> > === >> > RCS file: /cvs/src/sys/dev/mii/miidevs,v >> > retrieving revision 1.116 >> > diff -u -p -r1.116 miidevs >> > --- miidevs21 Jan 2011 09:46:13 - 1.116 >> > +++ miidevs19 Dec 2011 12:43:02 - >> > @@ -159,6 +159,7 @@ model xxBROADCOM2 BCM5709C 0x003c BCM570 >> > model xxBROADCOM2 BCM5761 0x003d BCM5761 10/100/1000baseT PHY >> > model xxBROADCOM2 BCM5709S0x003f BCM5709S 1000/2500baseSX PHY >> > model xxBROADCOM3 BCM577800x0019 BCM57780 10/100/1000baseT PHY >> > +model xxBROADCOM3 BCM577650x0024 BCM57765 10/100/1000baseT PHY >> > model BROADCOM BCM54000x0004 BCM5400 1000baseT PHY >> > model BROADCOM BCM54010x0005 BCM5401 1000baseT PHY >> > model BROADCOM BCM54110x0007 BCM5411 1000baseT PHY >> > >> > Actually I don't see any reason why not to commit this as-is. >> > It may not work but it's certainly not going to make things worse. >> > Any OKs for this? >> > >> >> I can't note "trace" message, i have no serial port on the mac... :( >> > >> > Yes you can, just re-type it from the text on-screen. But in this case >> > the ramdisk dmesg you included is enough.
Re: kernel panic (mii_phy_setmedia) on mac mini A1347 with trace and ps picture url
Hi Stuart, I tried this : boot -c at boot prompt (startup) I have this message : "kbc cmd word write error" just after. And i can't use keyboard at UKC Prompt :( Wesley. On Mon, 19 Dec 2011 12:51:58 +, Stuart Henderson wrote: > On 2011/12/19 16:10, Wesley M. wrote: >> So i >> tried to use 5.0 RELEASE. >> This time, it formats quickly. But it is the same >> way : kernel panic when it starts the network. >> >> The following message >> appear : >> Starting network >> panic: mii_phy_setmedia >> Stopped at >> Debugger+0x4:popl %ebp >> >> a "show panic" at the ddb prompt: >> mii_phy_setmedia > > You can try this patch. Apply, run 'cd /sys/dev/mii && make', then build > a new kernel. Obviously you will need to get the new kernel on to the > machine somehow; you can probably get it to boot with "boot -c", > "disable bge", "quit" - then you will need to either use a USB ethernet > device to get the source tree onto the machine, or copy a kernel built > on another machine via USB storage. > > Index: brgphy.c > === > RCS file: /cvs/src/sys/dev/mii/brgphy.c,v > retrieving revision 1.93 > diff -u -p -r1.93 brgphy.c > --- brgphy.c 24 May 2010 21:23:23 - 1.93 > +++ brgphy.c 19 Dec 2011 12:43:02 - > @@ -174,6 +174,8 @@ static const struct mii_phydesc brgphys[ > MII_STR_xxBROADCOM2_BCM5709S }, > { MII_OUI_xxBROADCOM2, MII_MODEL_xxBROADCOM2_BCM5709CAX, > MII_STR_xxBROADCOM2_BCM5709CAX }, > + { MII_OUI_xxBROADCOM3, MII_MODEL_xxBROADCOM3_BCM57765, > + MII_STR_xxBROADCOM3_BCM57765 }, > { MII_OUI_xxBROADCOM3, MII_MODEL_xxBROADCOM3_BCM57780, > MII_STR_xxBROADCOM3_BCM57780 }, > { MII_OUI_BROADCOM2,MII_MODEL_BROADCOM2_BCM5906, > Index: miidevs > === > RCS file: /cvs/src/sys/dev/mii/miidevs,v > retrieving revision 1.116 > diff -u -p -r1.116 miidevs > --- miidevs 21 Jan 2011 09:46:13 - 1.116 > +++ miidevs 19 Dec 2011 12:43:02 - > @@ -159,6 +159,7 @@ model xxBROADCOM2 BCM5709C0x003c BCM570 > model xxBROADCOM2 BCM57610x003d BCM5761 10/100/1000baseT PHY > model xxBROADCOM2 BCM5709S 0x003f BCM5709S 1000/2500baseSX PHY > model xxBROADCOM3 BCM57780 0x0019 BCM57780 10/100/1000baseT PHY > +model xxBROADCOM3 BCM57765 0x0024 BCM57765 10/100/1000baseT PHY > model BROADCOM BCM5400 0x0004 BCM5400 1000baseT PHY > model BROADCOM BCM5401 0x0005 BCM5401 1000baseT PHY > model BROADCOM BCM5411 0x0007 BCM5411 1000baseT PHY > > Actually I don't see any reason why not to commit this as-is. > It may not work but it's certainly not going to make things worse. > Any OKs for this? > >> I can't note "trace" message, i have no serial port on the mac... :( > > Yes you can, just re-type it from the text on-screen. But in this case > the ramdisk dmesg you included is enough.
Re: kernel panic (mii_phy_setmedia) on mac mini A1347 with trace and ps picture url
On Mon, 19 Dec 2011 10:33:56 -0200, Daniel Bolgheroni wrote: > On Mon, Dec 19, 2011 at 04:10:16PM +0400, Wesley M. wrote: >> >> Here is the ps message : http://i43.tinypic.com/mkufyo.jpg >> Here is the >> trace message : http://i40.tinypic.com/25syfxf.jpg > > Have you tried to disable whatever it is on boot>? i tried disable bge0, boot, i still have a kernel panic just after "Starting Network"
kernel panic (mii_phy_setmedia) on mac mini A1347 with trace and ps picture url
Hi, I tried to install OpenBSD 4.9 on an Apple mac mini (new generation). Model : A1347 ; Core i5, thunderbolt Technology, HD 500Go At installation using 4.9 RELEASE : It takes a long time to format slides. At the reboot : i have a kernel panic just after "starting network" So i tried to use 5.0 RELEASE. This time, it formats quickly. But it is the same way : kernel panic when it starts the network. The following message appear : Starting network panic: mii_phy_setmedia Stopped at Debugger+0x4:popl %ebp a "show panic" at the ddb prompt: mii_phy_setmedia I can't note "trace" message, i have no serial port on the mac... :( Here is the ps message : http://i43.tinypic.com/mkufyo.jpg Here is the trace message : http://i40.tinypic.com/25syfxf.jpg here is the dmesg issue : boot on bsd.rd : OpenBSD 5.0 (RAMDISK_CD) #36: Wed Aug 17 10:27:31 MDT 2011 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/RAMDISK_CD RTC BIOS diagnostic error a9 cpu0: Intel(R) Core(TM) i5-2415M CPU @ 2.30GHz ("GenuineIntel" 686-class) 2.30 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,XSAVE,AVX real mem = 2047619072 (1952MB) avail mem = 2007117824 (1914MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 07/29/05, SMBIOS rev. 2.4 @ 0xe (61 entries) bios0: vendor Apple Inc. version "MM51.88Z.0075.B00.1106271442" date 06/27/2011 bios0: Apple Inc. Macmini5,1 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC SBST ECDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT MCFG SSDT SSDT SSDT acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 99MHz cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P2) acpiprt2 at acpi0: bus 5 (PEG1) acpiprt3 at acpi0: bus 2 (RP01) acpiprt4 at acpi0: bus -1 (RP02) acpiprt5 at acpi0: bus 3 (RP03) bios0: ROM list: 0xc/0xee00 memory map conflict 0xe00f8000/0x1000 memory map conflict 0xfed1c000/0x4000 memory map conflict 0xffed/0x3 pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel Core 2G Host" rev 0x09 ppb0 at pci0 dev 1 function 0 "Intel Core 2G PCIE" rev 0x09: apic 2 int 16 pci1 at ppb0 bus 1 ppb1 at pci0 dev 1 function 1 "Intel Core 2G PCIE" rev 0x09: apic 2 int 16 pci2 at ppb1 bus 5 ppb2 at pci2 dev 0 function 0 vendor "Intel", unknown product 0x1513 rev 0x00 pci3 at ppb2 bus 6 ppb3 at pci3 dev 0 function 0 vendor "Intel", unknown product 0x1513 rev 0x00: apic 2 int 17 pci4 at ppb3 bus 7 vendor "Intel", unknown product 0x1513 (class system subclass miscellaneous, rev 0x00) at pci4 dev 0 function 0 not configured ppb4 at pci3 dev 3 function 0 vendor "Intel", unknown product 0x1513 rev 0x00: apic 2 int 16 pci5 at ppb4 bus 8 ppb5 at pci3 dev 4 function 0 vendor "Intel", unknown product 0x1513 rev 0x00: apic 2 int 17 pci6 at ppb5 bus 9 ppb6 at pci3 dev 5 function 0 vendor "Intel", unknown product 0x1513 rev 0x00: apic 2 int 18 pci7 at ppb6 bus 58 ppb7 at pci3 dev 6 function 0 vendor "Intel", unknown product 0x1513 rev 0x00: apic 2 int 19 pci8 at ppb7 bus 107 vga1 at pci0 dev 2 function 0 "Intel GT2+ Video" rev 0x09 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) "Intel 6 Series MEI" rev 0x04 at pci0 dev 22 function 0 not configured uhci0 at pci0 dev 26 function 0 vendor "Intel", unknown product 0x1c2c rev 0x05: apic 2 int 21 ehci0 at pci0 dev 26 function 7 "Intel 6 Series USB" rev 0x05: apic 2 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 "Intel 6 Series HD Audio" rev 0x05 at pci0 dev 27 function 0 not configured ppb8 at pci0 dev 28 function 0 "Intel 6 Series PCIE" rev 0xb5: apic 2 int 16 pci9 at ppb8 bus 2 bge0 at pci9 dev 0 function 0 "Broadcom BCM57765" rev 0x10, unknown BCM57765 (0x57785100): apic 2 int 16, address 3c:07:54:0c:6b:b7 ukphy0 at bge0 phy 1: Generic IEEE 802.3u media interface, rev. 4: OUI 0x00d897, model 0x0024 "Broadcom SD Host Controller" rev 0x10 at pci9 dev 0 function 1 not configured ppb9 at pci0 dev 28 function 2 "Intel 6 Series PCIE" rev 0xb5: apic 2 int 18 pci10 at ppb9 bus 3 ppb10 at pci10 dev 0 function 0 vendor "TI", unknown product 0x823e rev 0x01 pci11 at ppb10 bus 4 vendor "TI", unknown product 0x823f (class serial bus subclass Firewire, rev 0x01) at pci11 dev 0 function 0 not configured uhci1 at pci0 dev 29 function 0 vendor "Intel", unknown product 0x1c27 rev 0x05: apic 2 int 19 ehci1 at pci0 dev 29 function 7 "Intel 6 Series USB" rev 0x05: apic 2 int 22 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1 pcib0 at pci0 dev
kernel panic (mii_phy_setmedia) on mac mini A1347
Hi, I tried to install OpenBSD 4.9 on an Apple mac mini (new generation). Model : A1347 Core i5, thunderbolt Technology, HD 500Go At installation using 4.9 RELEASE : It takes a long time to format slides. At the reboot : i have a kernel panic just after "starting network" So i tried to use 5.0 RELEASE. This time, it formats quickly. But it is the same way : kernel panic when it starts the network. The following message appear : Starting network panic: mii_phy_setmedia Stopped at Debugger+0x4:popl %ebp a "show panic" at the ddb prompt: mii_phy_setmedia I can't note "trace" message, i have no serial port on the mac... :( So you can see the trace message attached (picture) and the "ps" message attached (picture) here is the dmesg issue : boot on bsd.rd : OpenBSD 5.0 (RAMDISK_CD) #36: Wed Aug 17 10:27:31 MDT 2011 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/RAMDISK_CD RTC BIOS diagnostic error a9 cpu0: Intel(R) Core(TM) i5-2415M CPU @ 2.30GHz ("GenuineIntel" 686-class) 2.30 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,XSAVE,AVX real mem = 2047619072 (1952MB) avail mem = 2007117824 (1914MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 07/29/05, SMBIOS rev. 2.4 @ 0xe (61 entries) bios0: vendor Apple Inc. version "MM51.88Z.0075.B00.1106271442" date 06/27/2011 bios0: Apple Inc. Macmini5,1 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC SBST ECDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT MCFG SSDT SSDT SSDT acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 99MHz cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P2) acpiprt2 at acpi0: bus 5 (PEG1) acpiprt3 at acpi0: bus 2 (RP01) acpiprt4 at acpi0: bus -1 (RP02) acpiprt5 at acpi0: bus 3 (RP03) bios0: ROM list: 0xc/0xee00 memory map conflict 0xe00f8000/0x1000 memory map conflict 0xfed1c000/0x4000 memory map conflict 0xffed/0x3 pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel Core 2G Host" rev 0x09 ppb0 at pci0 dev 1 function 0 "Intel Core 2G PCIE" rev 0x09: apic 2 int 16 pci1 at ppb0 bus 1 ppb1 at pci0 dev 1 function 1 "Intel Core 2G PCIE" rev 0x09: apic 2 int 16 pci2 at ppb1 bus 5 ppb2 at pci2 dev 0 function 0 vendor "Intel", unknown product 0x1513 rev 0x00 pci3 at ppb2 bus 6 ppb3 at pci3 dev 0 function 0 vendor "Intel", unknown product 0x1513 rev 0x00: apic 2 int 17 pci4 at ppb3 bus 7 vendor "Intel", unknown product 0x1513 (class system subclass miscellaneous, rev 0x00) at pci4 dev 0 function 0 not configured ppb4 at pci3 dev 3 function 0 vendor "Intel", unknown product 0x1513 rev 0x00: apic 2 int 16 pci5 at ppb4 bus 8 ppb5 at pci3 dev 4 function 0 vendor "Intel", unknown product 0x1513 rev 0x00: apic 2 int 17 pci6 at ppb5 bus 9 ppb6 at pci3 dev 5 function 0 vendor "Intel", unknown product 0x1513 rev 0x00: apic 2 int 18 pci7 at ppb6 bus 58 ppb7 at pci3 dev 6 function 0 vendor "Intel", unknown product 0x1513 rev 0x00: apic 2 int 19 pci8 at ppb7 bus 107 vga1 at pci0 dev 2 function 0 "Intel GT2+ Video" rev 0x09 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) "Intel 6 Series MEI" rev 0x04 at pci0 dev 22 function 0 not configured uhci0 at pci0 dev 26 function 0 vendor "Intel", unknown product 0x1c2c rev 0x05: apic 2 int 21 ehci0 at pci0 dev 26 function 7 "Intel 6 Series USB" rev 0x05: apic 2 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 "Intel 6 Series HD Audio" rev 0x05 at pci0 dev 27 function 0 not configured ppb8 at pci0 dev 28 function 0 "Intel 6 Series PCIE" rev 0xb5: apic 2 int 16 pci9 at ppb8 bus 2 bge0 at pci9 dev 0 function 0 "Broadcom BCM57765" rev 0x10, unknown BCM57765 (0x57785100): apic 2 int 16, address 3c:07:54:0c:6b:b7 ukphy0 at bge0 phy 1: Generic IEEE 802.3u media interface, rev. 4: OUI 0x00d897, model 0x0024 "Broadcom SD Host Controller" rev 0x10 at pci9 dev 0 function 1 not configured ppb9 at pci0 dev 28 function 2 "Intel 6 Series PCIE" rev 0xb5: apic 2 int 18 pci10 at ppb9 bus 3 ppb10 at pci10 dev 0 function 0 vendor "TI", unknown product 0x823e rev 0x01 pci11 at ppb10 bus 4 vendor "TI", unknown product 0x823f (class serial bus subclass Firewire, rev 0x01) at pci11 dev 0 function 0 not configured uhci1 at pci0 dev 29 function 0 vendor "Intel", unknown product 0x1c27 rev 0x05: apic 2 int 19 ehci1 at pci0 dev 29 function 7 "Intel 6 Series USB" rev 0x05: apic 2 int 22 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1 pcib0 at pci0 dev 31 function 0 "Intel HM65 LPC" rev
Re: roundcubemail on openbsd 5.0
Hi, I tried to blank tables in roundcubemail database, done. But it still doesn't work. I can't login with user@domain I can only with : username And mails are sent with @localhost I let you my main.inc.php file attached And the file /var/www/roundcubemail/virtusertable contain : user@domain user userx@domainx userx Thank you for your replies and your help. Wesley M. PS : OpenBSD 5.0 / rouncubemail package 0.5.3p1 Original Message Subject: Re: roundcubemail on openbsd 5.0 Date: Wed, 14 Dec 2011 21:35:49 + From: Stuart Henderson To: "Wesley M." Cc: misc@openbsd.org, mwlu...@blackhelicopters.org, po...@openbsd.org Reply-To: po...@openbsd.org I have just tested this method with roundcube 0.7 on OpenBSD with a blank database and it works fine there, logging in with the full email address as specified in the left-hand column of the virtusertable file uses the username on the right-hand-side as the imap login name, and in prefs/identities it shows up the full list of sender addresses with a matching entry. Have you tried it with a blank database? Reply-to set to ports@, though you might do better with a roundcube forum instead if you still have problems.. On 2011/12/14 10:33, Wesley M. wrote: > Hi, > > I use sendmail 8.14.15 with virtusertable and procmail for multiple > domains and > dovecot 2.0; and Apache (chrooted in /var/www) > MAILDIR : /var/mailserver/%u/ > IMAP/POP3/IMAPS/POP3S works. > I just want : > > At the Roundcube login page, type user1@domain1 and > send emails from this email :user1@domain1 without @localhost > > Actually i can only log in with user1 and when i send email, i have > user1@localhost > > I tried this : > add these 2 lines > in main.inc.php and cp /etc/mail/virtusertable in /var/www/roundcubemail/ > > $rcmail_config['plugins'] = array('virtuser_file'); > $rcmail_config['virtuser_file'] = '/roundcubemail/virtusertable'; > add a new user, try to connect with > user_new@domain1 : no success > try to connect with user_new : OK but always > send emails with @localhost > > I read man pages, a lot of documents in > Internet, it doesn't work for me. > Any idea ? > > Thank you very much for your > replies, your helps. > > Wesley. > > www.mouedine.net > > On Tue, 13 Dec 2011 20:48:16 +, Stuart Henderson > wrote: > > On 2011/12/13 15:28, Michael W. Lucas wrote: > >> I have Roundcube elsewhere. It basically runs like any other > >> IMAP/pop3 client, e.g., communicates over port 110/995/whatever. My > >> roundcube install isn't actually on my mail server. > >> > >> This leads me to think that copying system files into the chroot isn't > >> going to help. > > > > It has some special support for looking up usernames from a file > > in virtusertable format. Can't say I've used it myself though.. > > > >> Using a mail client other than roundcube, can you authenticate to the > >> server using user@domain, and send mail from user@domain? > > > > Had Wesley followed the advice in my email about where to look > > in the config file etc. he would probably have it working by now. > > > >> > > See the config file, where it says "This domain will be used to > >> > > form e-mail addresses of new users". Note that it says *new*; > >> > > existing users will need to be changed in the database. [demime 1.01d removed an attachment of type application/octet-stream which had a name of main.inc.php]
Re: roundcubemail on openbsd 5.0
Hi, Very funny, i already know this tips. But when i add a new user and try to connect on, i always have @localhost. At Roundcube login prompt : type username@specificdomainuser doesn't work. And type just the username work, try to send a mail, it sends with @localhost I know i can modify manually this. But the goal is to have this automatically for new users. Wesley On Wed, 14 Dec 2011 08:38:18 +, nick wrote: > Wesley, I think once you've logged in with a user, you're stuck > with whatever was in the config file as has been previously said as it's > created the roundcube entries in the database. > > What you'll need to do > now for that user is to log into roundcube, click Personal Settings at > the top, then click identities and change the email address manually for > them. > > If you've a lot of users you could probably open up the database > manually and change the records directly. > > Regards. > > On 14/12/2011 > 06:33, Wesley M. wrote: > >> Hi, >> >> I use sendmail 8.14.15 with > virtusertable and procmail for multiple >> domains and >> dovecot 2.0; and > Apache (chrooted in /var/www) >> MAILDIR : /var/mailserver/%u/ >> > IMAP/POP3/IMAPS/POP3S works. >> I just want : >> >> At the Roundcube login > page, type user1@domain1 and >> send emails from this email > :user1@domain1 without @localhost >> >> Actually i can only log in with > user1 and when i send email, i have >> user1@localhost >> >> I tried this > : >> add these 2 lines >> in main.inc.php and cp /etc/mail/virtusertable > in /var/www/roundcubemail/ >> >> $rcmail_config['plugins'] = > array('virtuser_file'); >> $rcmail_config['virtuser_file'] = > '/roundcubemail/virtusertable'; >> add a new user, try to connect with >> > user_new@domain1 : no success >> try to connect with user_new : OK but > always >> send emails with @localhost >> >> I read man pages, a lot of > documents in >> Internet, it doesn't work for me. >> Any idea ? >> >> > Thank you very much for your >> replies, your helps. >> >> Wesley. >> >> > www.mouedine.net [1] >> >> On Tue, 13 Dec 2011 20:48:16 +, Stuart > Henderson >> wrote: >> >>> On 2011/12/13 15:28, Michael W. Lucas wrote: > >>> >>>> I have Roundcube elsewhere. It basically runs like any other > IMAP/pop3 client, e.g., communicates over port 110/995/whatever. My > roundcube install isn't actually on my mail server. This leads me to > think that copying system files into the chroot isn't going to help. >>> > It has some special support for looking up usernames from a file in > virtusertable format. Can't say I've used it myself though.. >>> >>>> > Using a mail client other than roundcube, can you authenticate to the > server using user@domain, and send mail from user@domain? >>> Had Wesley > followed the advice in my email about where to look in the config file > etc. he would probably have it working by now. >>>> >>>>> See the config > file, where it says "This domain will be used to form e-mail addresses > of new users". Note that it says *new*; existing users will need to be > changed in the database. > > > > Links: > -- > [1] > http://www.mouedine.net > [2] mailto:s...@spacehopper.org
Re: roundcubemail on openbsd 5.0
Hi, I use sendmail 8.14.15 with virtusertable and procmail for multiple domains and dovecot 2.0; and Apache (chrooted in /var/www) MAILDIR : /var/mailserver/%u/ IMAP/POP3/IMAPS/POP3S works. I just want : At the Roundcube login page, type user1@domain1 and send emails from this email :user1@domain1 without @localhost Actually i can only log in with user1 and when i send email, i have user1@localhost I tried this : add these 2 lines in main.inc.php and cp /etc/mail/virtusertable in /var/www/roundcubemail/ $rcmail_config['plugins'] = array('virtuser_file'); $rcmail_config['virtuser_file'] = '/roundcubemail/virtusertable'; add a new user, try to connect with user_new@domain1 : no success try to connect with user_new : OK but always send emails with @localhost I read man pages, a lot of documents in Internet, it doesn't work for me. Any idea ? Thank you very much for your replies, your helps. Wesley. www.mouedine.net On Tue, 13 Dec 2011 20:48:16 +, Stuart Henderson wrote: > On 2011/12/13 15:28, Michael W. Lucas wrote: >> I have Roundcube elsewhere. It basically runs like any other >> IMAP/pop3 client, e.g., communicates over port 110/995/whatever. My >> roundcube install isn't actually on my mail server. >> >> This leads me to think that copying system files into the chroot isn't >> going to help. > > It has some special support for looking up usernames from a file > in virtusertable format. Can't say I've used it myself though.. > >> Using a mail client other than roundcube, can you authenticate to the >> server using user@domain, and send mail from user@domain? > > Had Wesley followed the advice in my email about where to look > in the config file etc. he would probably have it working by now. > >> > > See the config file, where it says "This domain will be used to >> > > form e-mail addresses of new users". Note that it says *new*; >> > > existing users will need to be changed in the database.
Re: roundcubemail on openbsd 5.0
I tried this : cp /etc/mail/virtusertable /var/www/roundcubemail/ And changed in /var/www/roundcubemail/main.inc.php this line to $rcmail_config['virtuser_file'] = '/roundcubemail/virtusertable'; Add a new user. Try it, only works with his username, and when i try to send emails, it comes from username@localhost Any idea ? > My first guess here would be that httpd is probably chrooted in which > case you're trying to access a file that is not available > >> When i try to connect using user@domain : >> error authentification >> and when i use just the username, there's @localhost >> attached to the username. > > See the config file, where it says "This domain will be used to > form e-mail addresses of new users". Note that it says *new*; > existing users will need to be changed in the database.
roundcubemail on openbsd 5.0
Hi, I use sendmail with procmail(for maildir) and dovecot on OpenBSD 5.0 And a virtusertable /etc/mail/virtusertable for multiple domains. All works fine, i can send and receive emails. When i use roundcube, if i type a username, try to send an email, it is from username@localhost So, i modified the file /var/www/roundcubemail/config/main.inc.php and add the following : $rcmail_config['plugins'] = array('virtuser_file'); $rcmail_config['virtuser_file'] = '/etc/mail/virtusertable'; When i try to connect using user@domain : error authentification and when i use just the username, there's @localhost attached to the username. If someone can help me on. Thank you very much. Wesley.
Re: maildir in sendmail
Hi Stuart, Yes, i wish to use sendmail, and dovecot for pop3s/imaps But the big problem, i want to have only one Maildir folder : /var/mail/%u And then use roundcubemail to access the maildir. That's all. I read a lot of documents, man pages on sendmail. The only way i found is add this : feature (`local_procmail')dnl in my .mc config file pkg_add -vim procmail; and configure .procmailrc in each /home/%u There's no easiest way to have it (maildir)? Thank you. Wesley. On Thu, 8 Dec 2011 11:03:31 + (UTC), Stuart Henderson wrote: > You were going to use dovecot weren't you? It comes with its own delivery > agent, which can be fed over LMTP, and supports maildir/mbox/mdbox etc > using the same choice of directory layout as dovecot pop3/imap daemons. > > > On 2011-12-08, Wesley M. wrote: >> I noticed that sendmail use by default mbox : /var/mail/%u >> Is there a >> easy way to have maildir ? without procmail feature ? >> Or there's no other >> way except using procmail ? >> >> I don't want to use procmail, because, i will >> need a second large slide /home. >> I just want that all emails are in >> /var/mail/%u (maildir). >> >> And then use roundcubemail package. >> >> Thank you >> very much for your help. >> >> Wesley.
maildir in sendmail
I noticed that sendmail use by default mbox : /var/mail/%u Is there a easy way to have maildir ? without procmail feature ? Or there's no other way except using procmail ? I don't want to use procmail, because, i will need a second large slide /home. I just want that all emails are in /var/mail/%u (maildir). And then use roundcubemail package. Thank you very much for your help. Wesley.
USB to ethernet adapter
Hi, I'm going to build a small firewall with proxy cache for web. Using an Apple Mac mini. For the second ethernet, i will use : - Trendnet TU2-ETG OR Apple MC704ZM. What is better ? using trendnet or Apple Adapter ? And is it enough stable to use a USB Adapter ? Thank you very much for your answers. Wesley.
Re: roundcubemail packet
Hi, First, thank you for your email. I use it at work, a purchased version(75$) (allard mail server) : v4.7.6 I want to build my own mail server with sendmail, because, mailserv doesn't work on OpenBSD 5.0, for example : there's no dovecot-sieve ; dovecot 2 is a big update; and especially install script doesn't work well, precompiled package like php5-core,dovecot--mysql, the name has changed. There's a lot of bugs to correct... Perhaps, someone can correct them here ;-) That said, it is a very good product, and i use already the 4.7.6 mail server. Cheers, Wesley. On Mon, 05 Dec 2011 08:30:40 -0500 (EST), Dewey Hylton wrote: > my recommendation would be to look at a finished product which seems to do > everything you're looking for. since it's open source, you can poke around > and find how it is put together. or of course you can just use it as-is - i > used it for several years for myself and a couple of my customers, and was > completely satisfied with it. > > http://mailserv.github.com/
Re: roundcubemail packet
I modified mail_location in dovecot.conf : mail_location = mbox:~/mail:INBOX=/var/mail/%u but still not working :-( Have this in maillog : Dec 5 16:22:53 mailserver dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=14593, secured Dec 5 16:22:53 mailserver dovecot: imap(wesley): Disconnected: Logged out bytes=29/399 On Mon, 5 Dec 2011 14:10:03 +0200, Gregory Edigarov wrote: > On Mon, 05 Dec 2011 15:47:23 +0400 > "Wesley M." wrote: > >> in my /etc/dovecot/dovecot.conf >> i added this line : >> mail_location = mbox:/var/mail/%u >> >> when i atempt to connect using webmail (roundcube) and do a "tail -f >> /var/log/maillog", i have : >> >> Dec 5 15:45:19 mailserver dovecot: imap-login: Login: user=, >> method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=1502, secured >> Dec 5 15:45:19 mailserver dovecot: imap(wesley): Error: user wesley: >> Initialization failed: Initializing mail storage from mail_location >> setting failed: mbox: mbox root directory can't be a >> file: /var/mail/wesley (http://wiki2.dovecot.org/MailLocation/Mbox) >> Dec 5 15:45:19 mailserver dovecot: imap(wesley): Error: Invalid user >> settings. Refer to server log for more information. >> >> Also, mail are in : /var/mail/%u (mbox) >> If i add a user, does it need a home directory ? >> >> If someone can help me. > actually, if you read your log message carefully - you will be able to > solve it yourself. > http://wiki2.dovecot.org/MailLocation/mbox > gives you the right syntax. > >> >> >> On Mon, 5 Dec 2011 12:26:55 +0100, Vitali wrote: >> > On Mon, Dec 5, 2011 at 11:56 AM, Wesley M. >> wrote: >> >> Hi, >> >> >> >> Thank you for your reply. >> >> Already done. But still doesn't work. >> >> I have "connection error on imap server" >> >> >> >> I have 3 users created, with 3 2 domains hosted. >> >> 993, 143 dovecot ports (imaps,imap) listen OK. >> >> >> >> ? >> > >> > Please, try to connect to your IMAP port manually to see what it's >> > going to reply. >> > >> > # telnet your.imap.host 143 >> > here there will be imap server messages... >> > you then type: >> > a001 login username passwd >> > here must imap server's messages... >> > a002 logout >> > # >> > >> > V.
Re: roundcubemail packet
in my /etc/dovecot/dovecot.conf i added this line : mail_location = mbox:/var/mail/%u when i atempt to connect using webmail (roundcube) and do a "tail -f /var/log/maillog", i have : Dec 5 15:45:19 mailserver dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=1502, secured Dec 5 15:45:19 mailserver dovecot: imap(wesley): Error: user wesley: Initialization failed: Initializing mail storage from mail_location setting failed: mbox: mbox root directory can't be a file: /var/mail/wesley (http://wiki2.dovecot.org/MailLocation/Mbox) Dec 5 15:45:19 mailserver dovecot: imap(wesley): Error: Invalid user settings. Refer to server log for more information. Also, mail are in : /var/mail/%u (mbox) If i add a user, does it need a home directory ? If someone can help me. On Mon, 5 Dec 2011 12:26:55 +0100, Vitali wrote: > On Mon, Dec 5, 2011 at 11:56 AM, Wesley M. wrote: >> Hi, >> >> Thank you for your reply. >> Already done. But still doesn't work. >> I have "connection error on imap server" >> >> I have 3 users created, with 3 2 domains hosted. >> 993, 143 dovecot ports (imaps,imap) listen OK. >> >> ? > > Please, try to connect to your IMAP port manually to see what it's > going to reply. > > # telnet your.imap.host 143 > here there will be imap server messages... > you then type: > a001 login username passwd > here must imap server's messages... > a002 logout > # > > V.
Re: roundcubemail packet
# netstat -anf inet Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp 0 0 *.993 *.* LISTEN tcp 0 0 *.143 *.* LISTEN tcp 0 0 *.995 *.* LISTEN tcp 0 0 *.110 *.* LISTEN tcp 0 0 *.3306 *.* LISTEN tcp 0 0 *.80 *.* LISTEN tcp 0 0 *.443 *.* LISTEN tcp 0 0 *.37 *.* LISTEN tcp 0 0 *.13 *.* LISTEN tcp 0 0 *.113 *.* LISTEN tcp 0 0 *.587 *.* LISTEN tcp 0 0 *.25 *.* LISTEN My pf.conf : set skip on lo block log all pass in on egress inet proto tcp from any to any port \ {imap,imaps,http,https,pop3,pop3s,smtp,smtps} So my configuration : OpenBSD 5.0 dovecot-2.0.13p5 roundcubemail-0.5.3p1 sendmail mysql-server php On Mon, 5 Dec 2011 13:18:02 +0200, Gregory Edigarov wrote: > On Mon, 05 Dec 2011 14:56:20 +0400 > "Wesley M." wrote: > >> Hi, >> >> Thank you for your reply. >> Already done. But still doesn't work. >> I have "connection error on imap server" >> >> I have 3 users created, with 3 2 domains hosted. >> 993, 143 dovecot ports (imaps,imap) listen OK. >> >> ? > > is server really listening on 127.0.0.1? > >> >> On Mon, 5 Dec 2011 10:59:24 +0200, Gregory Edigarov >> wrote: >> > On Mon, 05 Dec 2011 12:38:46 +0400 >> > "Wesley M." wrote: >> > >> >> Thank you very much. It works. >> >> >> >> Except i can't connect to my imap server. :-( >> >> I use dovecot. Ports are opened. >> >> ?? >> >> >> > again, search your roundcube config file for 'localhost' >> > pattern, and replace it with 127.0.0.1. >> > but better still, add "127.0.0.1 localhost" to your /etc/hosts file, >> > and check man resolv.conf, looking specifically for 'lookup' option >> >> >> >> On Mon, 05 Dec 2011 21:15:08 +1300, Richard Toohey >> >> wrote: >> >> > On 5/12/2011, at 9:03 PM, Wesley M. wrote:
Re: roundcubemail packet
Hi, Thank you for your reply. Already done. But still doesn't work. I have "connection error on imap server" I have 3 users created, with 3 2 domains hosted. 993, 143 dovecot ports (imaps,imap) listen OK. ? On Mon, 5 Dec 2011 10:59:24 +0200, Gregory Edigarov wrote: > On Mon, 05 Dec 2011 12:38:46 +0400 > "Wesley M." wrote: > >> Thank you very much. It works. >> >> Except i can't connect to my imap server. :-( >> I use dovecot. Ports are opened. >> ?? >> > again,search your roundcube config file for 'localhost' > pattern, and replace it with 127.0.0.1. > but better still, add "127.0.0.1 localhost" to your /etc/hosts file, > and check man resolv.conf, looking specifically for 'lookup' option >> >> On Mon, 05 Dec 2011 21:15:08 +1300, Richard Toohey >> wrote: >> > On 5/12/2011, at 9:03 PM, Wesley M. wrote:
Re: roundcubemail packet
Thank you very much. It works. Except i can't connect to my imap server. :-( I use dovecot. Ports are opened. ?? On Mon, 05 Dec 2011 21:15:08 +1300, Richard Toohey wrote: > On 5/12/2011, at 9:03 PM, Wesley M. wrote: > >> Hi, >> >> I have the following error : >> >> Check DB config >> DSN (write): NOT OK(MDB2 Error: connect failed) >> Make sure that the configured database exists and that the user has write >> privileges >> DSN: mysql://roundcube:pass@localhost/roundcubemail >> > > Try 127.0.0.1 > > http://www.openbsd.org/faq/faq10.html#httpdchroot > >> Using http://mailserver_ip/roundcubemail/installer/ >> I have a user roundcube in mysql, with a "roundcubemail" database. >> I don't understand why it stops here... If someone can help me? >> >> What is installed on this machine (OpenBSD 5.0) : >> aspell-0.60.6p4; bzip2-1.0.6; curl-7.21.7; cvsps-2.1 >> dovecot-2.0.13p5; femail-0.97p1; femail-chroot-0.97p3; >> gettext-0.18.1p0; git-1.7.6p0; libiconv-1.13p2; libidn-1.22 >> libltdl-1.5.26p0; libmagic-5.00; libmcrypt-2.5.8p1; libxml-2.7.8p2 >> mysql-client-5.1.54p0; mysql-server-5.1.54p9; p5-Clone-0.31p1; >> p5-DBD-mysql-4.019 >> p5-DBI-1.616; p5-Error-0.17016p0; p5-FreezeThaw-0.43p2; p5-MLDBM-2.04 >> p5-Net-Daemon-0.43p0; p5-Params-Util-1.00p2; p5-PlRPC-0.2018p1; >> p5-SQL-Statement-1.33 >> pecl-fileinfo-1.0.4p0; php-5.2.17p5; php-mcrypt-5.2.17p3; >> php-mysql-5.2.17p3 >> php-pspell-5.2.17p3; roundcubemail-0.5.3p1; rsync-3.0.8p0 >> >> Also, i want to buil a mailserver (multi-domains) using sendmail(with >> virtusertable) >> and dovecot. But i want to use pop3/pop3s does this working with >> roundcubemail-0.5.3p1 ? >> >> Thank you very much for your help. >> >> Cheers, >> >> Wesley.
roundcubemail packet
Hi, I have the following error : Check DB config DSN (write): NOT OK(MDB2 Error: connect failed) Make sure that the configured database exists and that the user has write privileges DSN: mysql://roundcube:pass@localhost/roundcubemail Using http://mailserver_ip/roundcubemail/installer/ I have a user roundcube in mysql, with a "roundcubemail" database. I don't understand why it stops here... If someone can help me? What is installed on this machine (OpenBSD 5.0) : aspell-0.60.6p4; bzip2-1.0.6; curl-7.21.7; cvsps-2.1 dovecot-2.0.13p5; femail-0.97p1; femail-chroot-0.97p3; gettext-0.18.1p0; git-1.7.6p0; libiconv-1.13p2; libidn-1.22 libltdl-1.5.26p0; libmagic-5.00; libmcrypt-2.5.8p1; libxml-2.7.8p2 mysql-client-5.1.54p0; mysql-server-5.1.54p9; p5-Clone-0.31p1; p5-DBD-mysql-4.019 p5-DBI-1.616; p5-Error-0.17016p0; p5-FreezeThaw-0.43p2; p5-MLDBM-2.04 p5-Net-Daemon-0.43p0; p5-Params-Util-1.00p2; p5-PlRPC-0.2018p1; p5-SQL-Statement-1.33 pecl-fileinfo-1.0.4p0; php-5.2.17p5; php-mcrypt-5.2.17p3; php-mysql-5.2.17p3 php-pspell-5.2.17p3; roundcubemail-0.5.3p1; rsync-3.0.8p0 Also, i want to buil a mailserver (multi-domains) using sendmail(with virtusertable) and dovecot. But i want to use pop3/pop3s does this working with roundcubemail-0.5.3p1 ? Thank you very much for your help. Cheers, Wesley.
Re: sendmail(failed)
> Change in startup procedure for Postfix and exim: The base OS has moved > to using scripts in /etc/rc.d to start all daemons. The script for > sendmail does not function fully for alternative MTAs (in particular it > will display "failed" at startup, although the daemon will still be > started, and "/etc/rc.d/sendmail reload" or "...stop" will not work as > expected). If you were using Postfix or exim and starting it using the > standard method of setting sendmail_flags in rc.conf.local, you should > set sendmail_flags=NO and start the relevant daemon via pkg_scripts, e.g. > > pkg_scripts="${pkg_scripts} postfix" I'm agree, but how to start sendmail with pkg_scripts using flags : "-bd -q30m" ?? Thank you for your reply. Wesley.
sendmail(failed)
Hi I upgraded my mailserver to OpenBSD 5.0 Now at startup i have : Starting Network Daemons : sshd sendmail(failed) inetd failed ? why ? Normal ? And in rc.local we have a script that execute postfix with the option set-permissions If i do : netstat -anf inet ; i can see that the box listen well in 25 587 ... smtp ports If i remove : sendmail_flags="-bd -q30m" in /etc/rc.conf.local restart the computer and try manually : sendmail -bd -q30m tell me that postfix is running. If i remove : sendmail_flags="-bd -q30m" in /etc/rc.conf.local and also remove the script in rc.local (needed to start postfix) ; restart the box and try manually : sendmail -bd -q30m, things works well, therefore, just after that, postfix start automatically. So ? Thank you very much for your help. Wesley.
Re: original sendmail.cf, mc ?
Thank you very much for your help ! Now all works fine. I just configured the smart host my mc file. On Thu, 24 Nov 2011 10:12:17 +0100, Antoine Jacoutot wrote: > On Thu, Nov 24, 2011 at 09:54:17AM +0100, Paul de Weerd wrote: >> Looking more closely at how I set this up, hostname.mc is actually in >> /etc/mail with a symlink to /usr/share/sendmail/cf and sendmail.cf is >> a symlink to /usr/share/sendmail/cf/hostname.cf. This way, my /etc >> backup backs up the configuration (mc file) and not its parsed output >> (cf file, which still gets backed up to /var/backups). > > Your mc file should be appended at the end of your cf file; so you only > need to backup your cf file ;)
original sendmail.cf, mc ?
Hi, I use OpenBSD 5.0 I know the *.mc files are in : /usr/share/sendmail/cf/ And sendmail.cf file is in /etc/mail, but it comes from which mc file ? I just want to modify the origin mc file to allow me to send email from a real domain instead of his hostname. Or perhaps, there an easiest way to do that... Wrong ? Thank you very much for your help. Cheers, Wesley
Re: What is wrong with this pf config
Hi, Please read again : http://www.openbsd.org/faq/pf/example1.html Or you can take a look here : http://mouedine.net/ruleset5.aspx Cheers, Wesley On Mon, 21 Nov 2011 19:15:06 +1100, John Tate wrote: > I am having troubles with this pf configuration, it seems when loaded > nothing can access my server on the internal interface for the LAN, I > cannot see why, and it's pretty much based off the very standard > example in the OpenBSD faq. > > When I unload the configuration, I can access the DNS server on the > firewall running this configuration. It seems to forward everything > through to the Internet, but blocks DNS which makes it pretty useless. > I've looked at it at least five times... > > [john@baal ~$ cat /etc/pf.conf > int_if="xl0" > ext_if="tun0" > > rothbard="10.0.0.10" > baal="10.0.0.2" > smass="10.0.0.1" > > tcp_services="{22}" > icmp_types="echoreq" > > set block-policy return > set loginterface $ext_if > set skip on lo > > match out on egress inet from !(egress:network) to any nat-to (egress:0) > > block in log > pass out quick > > antispoof quick for { lo $int_if } > > pass in on egress inet proto tcp from any to (egress) \ > port $tcp_services > #After this goes forwarded ports... Probably just use ssh tunnels. > > pass in inet proto icmp all icmp-type $icmp_types > > What is wrong? > > Also can you tell me how to do this so it only needs to load once, and > not be loaded by a shell script after userland pppoe successfully > connects?
opensmtpd
Hi, I seen http://www.opensmtpd.org Does exist a "stable" version ? can we put it on production ? And what's about your handbook : https://www.poolp.org/OpenSMTPD/ Possible to have this hanbook in french ? Thank you very much for replies. All the best, Wesley M.
optimize adsl bandwidth
Hi, I use OpenBSD 5.0, what is better between use "prio" or altq on em0 priq bandwidth 200Kb queue {q_def,q_pri}" ? I explain : altq on em0 priq bandwidth 200Kb queue {q_def,q_pri} queue q_def priority 1 queue q_pri priority 7 priq(default) ... pass out on egress inet proto tcp queue(q_def,q_pri) ... OR pass out on egress inet proto tcp prio (1,7) What is better, or perhaps, it works on the same way... If someone can help on ... Thank you very much. Wesley
Re: jeu de règles PF/ PF Ruleset - OpenBSD 5.0
Je prends note ;-) Merci. On Fri, 4 Nov 2011 19:37:46 +0100, "hvom .org" wrote: > Le 4 novembre 2011 19:14, Wesley M. a C)crit : >> Hi, >> >> See here : >> >> http://mouedine.net/ruleset5.aspx >> >> (with divert/tag use) >> >> All the best, >> >> Wesley MOUEDINE ASSABY >> >> > > Faire un copier/coller serait plus juste. Vous C*tes sur une ML de > partage, votre dC)marche est cordiale. Mais fait un peu marketing ici. > > 100% libre, 0% obscur :)
jeu de règles PF/ PF Ruleset - OpenBSD 5.0
Hi, See here : http://mouedine.net/ruleset5.aspx (with divert/tag use) All the best, Wesley MOUEDINE ASSABY
post-Altq
Hi, What's about the post-Altq ? See here : http://bsdly.blogspot.com/2011/07/anticipating-post-altq-world.html Does someone have any news about that? Cheers, Wesley.
Full ruleset Packet filter OpenBSD 5.0
Hi, See here : http://mouedine.net/ruleset49.aspx (with divert/tag use) All the best, Wesley MOUEDINE ASSABY
Re: limit ftp download
I tried this : added a second ftpproxy_flags in my /etc/rc.conf.local So in the file, we have : ftpproxy_flags="-q ilimit" # Listen by default on 8021 ftpproxy_flags="-q istd" # It doesn't work, it use the last line in /etc/rc.conf.local : istd queue I suppose that it doesn't listen on the same port 8021 for 2 queue. So i try this, add this line to /etc/rc.local : ftpproxy_flags="-q istd -p8022" And in my /etc/rc.conf.local : ftpproxy_flags="-q ilimit" Restart the box, and do : netstat -anf inet Listen on 127.0.0.1:8021 and 127.0.0.1:8022, seem to work But the limit user download now 10Ko/s instead of 20Ko/s. I think, it is not the right way to do it. Is there someone who have a sample ? using -T option for ftp-proxy ? Thank you very much. Wesley. > On Thu, 03 Nov 2011 09:02:32 +0100, Camiel Dobbelaar wrote: > Run two ftp-proxies: one with the -q ilimit and one with the -q istd. > > Then redirect the limited user to one proxy and the rest to the other.
Re: Packet Tagging issues with NAT in pf OBSD 4.9
Hi, try this sample _int = "re0" _ext = "fxp1" int_net = "192.168.200.0/24" set block-policy drop set skip on lo match in all scrub (no-df max-mss 1440) match out on $_ext inet from $int_net to any nat-to (egress) block log all pass in on $_int inet proto udp from $int_net to any port domain pass in on $_int inet proto tcp from $int_net to any port \ { www, https, ssh, pop3, imap, imaps, pop3s, submission, smtps } pass out on $_ext inet proto tcp all pass out on $_ext inet proto udp all All the best, Wesley MOUEDINE ASSABY. > _int = "re0" > _ext = "fxp1" > int_net = "192.168.200.0/24" > > pass out on $_ext tag LAN_NAT_TO_INET tagged LAN_TO_INET > pass in on $_int from $int_net tag LAN_TO_INET > > .. > > pass out quick on $_ext tagged LAN_NAT_TO_INET nat-to ($_ext) > > > > Any reason why at the bottom of my .conf file where nat-to is in my "quick" > rule it would work but when it's at the first filter rule it does not? > I've > read over the man page and have the book of pf v.2 and still am confused. > Any > tought is greatly appreciated. > > > > Regards, > > Dain
Re: limit ftp download
Thank you for your reply. I read the man page of ftp-proxy. There's an option like you said, "-q queue". But in my way, i have 2 queue : ilimit and istd ilimit : bandwidth -> 20Ko/s istd : bandwidth -> 128 Ko/s So i just modified to my /etc/rc.conf.local : ftpproxy_flags="" to ftpproxyflags="-q ilimit" Restart the box. Now, when this limited user download files using ftp, it downloads at 20Ko/s. But the others download also at 20Ko/s ; How can i fix the others to download files at 128 Ko/s ? How can i have 2 ftp stream like one 20Ko/s and 128 Ko/s ? Thank you very much for your help. Wesley. On Thu, 03 Nov 2011 07:04:04 +0100, Camiel Dobbelaar wrote: > On 3-11-2011 6:07, Wesley M. wrote: >> I suppose it is because traffic are redirect to 127.0.0.1 (ftpproxy) >> >> sample of my pf.conf: >> ... >> anchor "ftp-proxy/*" >> pass in on $lan inet proto tcp from $limithost \ >> to port 21 divert-to 127.0.0.1 port 8021 queue ilimit >> ... >> >> Is there a way to solve this problem? > > ftp-proxy has a '-q' option to set a queue.
limit ftp download
Hi, I'm using OpenBSD 5.0 I'm testing traffic shapping using altq. I can limit a user (his Ip address) to a 160Kb/s, it works great. But when this user try to download a file using ftp, he downloads it at 1024Kb/s. I suppose it is because traffic are redirect to 127.0.0.1 (ftpproxy) sample of my pf.conf: ... anchor "ftp-proxy/*" pass in on $lan inet proto tcp from $limithost \ to port 21 divert-to 127.0.0.1 port 8021 queue ilimit ... Is there a way to solve this problem? I want also that the others can download on ftp at full speed* Thank you very much. Cheers, Wesley.
Re: NIDS on OpenBSD
I'm not agree, Using PF, and only PF, we can feed a table using some parameters and it is filtered on one/several ports. PF can't detect Network scan like nmap or ... So it is why i use scanlogdb (it is in the OpenBSD Ports). And some people use Snort also for this kind of things. PF is a good firewall, we can play with QoS/IP,Ports filter/NAT/ Src NAT/ Statefull/Load Balancing/scrub But it is not a NIDS. ;-) All the best, Wesley M. On Wed, 19 Oct 2011 10:05:33 +0300, Gregory Edigarov wrote: > I think it is bad practice to use something that's not even in the > base, when you have the feature in pf readily available. > > pass in on vr0 inet proto tcp from any to (vr0) port ssh keep state \ > (max-src-conn-rate 1/60, overload flush global) > > > On Wed, 19 Oct 2011 10:04:09 +0400 > "Wesley M." wrote: > >> I added this : >> >> in pf.conf >> ... >> table persist file "/etc/black" >> ... >> block quick from >> ... >> >> Added to crontab >> pfctl -t black -T add $(cat /var/log/alert | awk '{print $6}') >> >> What do you think about that ? >> Perhaps, you have easiest way to do it ? >> Now i'm looking for a small web monitor to view alerts provided by >> scanlogd. Any idea ? >> >> cheers, >> >> Wesley. >> >> >> On Wed, 19 Oct 2011 09:31:35 +0400, "Wesley M." >> wrote: >> > Hi, >> > >> > I use OpenBSD 4.9, i'm looking for a good nids. >> > >> > I found >> > "scanlogd" in ports, works very well. >> > >> > But is there a way to work this >> > last one with pf ? For example add the ip-address detected by >> > scanlogd >> to a >> > "Blacklist" table ? >> > >> > Also, is there a way to have a web monitor to view >> > alert? >> > >> > Perhaps, you use something else ... what ? ;-) snort ? >> > >> > Thank you >> > very much ! >> > >> > All the best, >> > >> > Wesley.
Re: NIDS on OpenBSD
I added this : in pf.conf ... table persist file "/etc/black" ... block quick from ... Added to crontab pfctl -t black -T add $(cat /var/log/alert | awk '{print $6}') What do you think about that ? Perhaps, you have easiest way to do it ? Now i'm looking for a small web monitor to view alerts provided by scanlogd. Any idea ? cheers, Wesley. On Wed, 19 Oct 2011 09:31:35 +0400, "Wesley M." wrote: > Hi, > > I use OpenBSD 4.9, i'm looking for a good nids. > > I found > "scanlogd" in ports, works very well. > > But is there a way to work this > last one with pf ? For example add the ip-address detected by scanlogd to a > "Blacklist" table ? > > Also, is there a way to have a web monitor to view > alert? > > Perhaps, you use something else ... what ? ;-) snort ? > > Thank you > very much ! > > All the best, > > Wesley.
NIDS on OpenBSD
Hi, I use OpenBSD 4.9, i'm looking for a good nids. I found "scanlogd" in ports, works very well. But is there a way to work this last one with pf ? For example add the ip-address detected by scanlogd to a "Blacklist" table ? Also, is there a way to have a web monitor to view alert? Perhaps, you use something else ... what ? ;-) snort ? Thank you very much ! All the best, Wesley.
Re: Help setting up a PF NAT gateway
Hi, see my sample, it is well explained. http://mouedine.net/ruleset49.aspx All the best, Wesley MOUEDINE ASSABY www.mouedine.net On Mon, 10 Oct 2011 17:38:26 +0200, Stefan Midjich wrote: > Simplest of things but I'm failing miserably. > > $ sudo cat /etc/hostname.vic2 # External NIC with static public IPv4 > address > inet 50.50.50.59 255.255.255.0 50.50.50.255 > > $ sudo cat /etc/hostname.vic3 # Internal NIC used as gateway by two > machines on same network > inet 10.221.181.10 255.255.255.0 10.221.181.255 > > For troubleshooting I have removed the block all rule, to confirm that > it is in fact my NAT related rules that don't work. > > These are my first and only NAT rules. The other rules work fine and > are just to allow SSH to my management interface and ICMP response > from the external IP and from the internal gateway IP. Besides I've > removed the block all so the other rules don't matter much now. > > match out on vic2 inet from 10.221.181.0/24 to any nat-to (vic2) > round-robin > pass inet from 10.221.181.0/24 to any flags S/SA keep state > > With tcpdump I can see packets going to vic3, but no further. > > With block all commented out I can fully test the network around and > everything is working just fine, I can nc -kl 50.50.50.59 65535 and > connect to that port from anywhere on the internet. I just can't > connect out from the private network through the gateway. The systems > in the private network have 10.221.181.10 as their default gateway. > > I even have the Book of PF 2nd edition here but it's of no use, the > rules are mostly from there. Just for troubleshooting I can also nc > -kl 10.221.181.10 65535 on the gateway and connect to that port from > the private network machines without issues. > > So please tell me, what am I missing in this nat-to rule? > > -- > > > Med vdnliga hdlsningar / With kind regards > > Stefan Midjich
Re: problem routing
INTERNETsis1sis2---(server,ISP_ROUTER,workstations) sis2:10.100.1.250 ISP_ROUTER:10.100.1.254 server:10.100.1.150 , gateway : 10.100.1.254 worskstations 10.100.1.0/24 , gateway : 10.100.1.250 I already tried isakmpd ikev1 vpn : ping 10.100.1.250 ok ssh ok can't ping 10.100.1.150, rdp doesn't work also can't ping 10.100.1.254 Is it possible to access my server using rdomain ? route -T 1 add 0.0.0.0/0 10.100.1.254 ifconfig enc0 rdomain 1 any idea ? Thank you very very much. Wesley.
Re: routing problem
On Wed, 28 Sep 2011 15:42:05 +0400, pavel pocheptsov wrote: > 28 QP5P=QQP1QQ 2011, 15:28 P>Q "Wesley M." : >> The VPN is between a fictif ip address(gives by the_green_bow) to >> 10.100.1.0/24 >> >> Using VPN, i can ping 10.100.1.250 and use also ssh on the box but pings >> doesn't work for : 10.100.1.100, and 10.100.1.254. >> >> On the OpenBSD SIDE : ipsec.conf >> >> ike dynamic from 10.100.1.0/24 to any \ >> main auth hmac-sha1 enc aes-256 group modp1024 \ >> quick auth hmac-sha1 enc aes-256 psk demokey >> > maybe add to ipsec.conf "from any to 10.100.." I don't think that it will solve my mistake. Because VPN works, and ready to 10.100.1.0/24 The problem is that the server 10.100.1.100 has a different gateway (10.100.1.254) > on remote side "route add 10.100.1.0 mask 255.255.255.0 > IP_addres_of_your_vpn_gateway(not real gateway)" it doesn't work. :-(
Re: routing problem
The VPN is between a fictif ip address(gives by the_green_bow) to 10.100.1.0/24 Using VPN, i can ping 10.100.1.250 and use also ssh on the box but pings doesn't work for : 10.100.1.100, and 10.100.1.254. On the OpenBSD SIDE : ipsec.conf ike dynamic from 10.100.1.0/24 to any \ main auth hmac-sha1 enc aes-256 group modp1024 \ quick auth hmac-sha1 enc aes-256 psk demokey On Wed, 28 Sep 2011 15:05:52 +0400, pavel pocheptsov wrote: > what settings on client/home side? > B ipconfig /all, route print..etc > > > 28 QP5P=QQP1QQ 2011, 11:18 P>Q "Wesley M." : > > > > > Hi, > > I have at work: > TS Server : 10.100.1.100 his gateway is 10.100.1.254 (router for private > network) > Firewall : 10.100.1.250 (OpenBSD 4.9, ADSL : sis0, Lan (10.100.1.0/24) > :sis2 > > On the firewall, i can ping 10.100.1.100 and telnet 10.100.1.100 3389 -> > OK > > When i am at home, i connect to firewall using "thegreenbow" vpn is ok, i > can ping 10.100.1.250, use ssh on the firewall, but i can't ping > 10.100.1.100 and can't use rdp on this address. > > my pf rules: > ... > set skip on {lo,enc0} > pass out on sis2 inet proto tcp from $remote to 10.100.1.100 port 3389 > pass out inet proto icmp all icmp-type echoreq > ... > > Any idea ? > thank you very much. > Wesley
Re: routing problem
On Wed, 28 Sep 2011 06:49:59 -0400, Nick Holland wrote: > On 09/28/11 03:13, Wesley M. wrote: >> Hi, >> >> I have at work: >> TS Server : 10.100.1.100 his gateway is 10.100.1.254 (router for private >> network) > > bzzt. Bad. > (I'm guessing that's a windows terminal server) Yes, it is (RDS, Windows 2008 R2) >> Firewall : 10.100.1.250 (OpenBSD 4.9, ADSL : sis0, Lan (10.100.1.0/24) >> :sis2 >> >> On the firewall, i can ping 10.100.1.100 and telnet 10.100.1.100 3389 -> >> OK > > right. no gateway involved. Yes, it doesn't need the gateway : 10.100.1.254 > >> When i am at home, i connect to firewall using "thegreenbow" vpn is ok, i >> can ping 10.100.1.250, use ssh on the firewall, but i can't ping >> 10.100.1.100 and can't use rdp on this address. >> >> my pf rules: >> ... >> set skip on {lo,enc0} >> pass out on sis2 inet proto tcp from $remote to 10.100.1.100 port 3389 >> pass out inet proto icmp all icmp-type echoreq >> ... > To resume : INTERNET---sis0-sis1---LAN--- On the LAN side : There's the TS SERVER and the ISP ROUTER (need it to connect the 4 others locations) > > Fixes: 1) fix the default gateway on the TS Server machine, add a custom > route for whatever that "private network" thingie is. I can't change the gateway, because the others locations (there are 4) won't connect on TS. > 2) instead of your VPN, use an SSH tunnel to your firewall, then > redirect 3389 to the TS Server. This way, your remote desktop session > is between the gateway and the firewall, which are both on the same subnet. Seem's a good solution. But there's no other way to connect TS using VPN ? > > Nick.
routing problem
Hi, I have at work: TS Server : 10.100.1.100 his gateway is 10.100.1.254 (router for private network) Firewall : 10.100.1.250 (OpenBSD 4.9, ADSL : sis0, Lan (10.100.1.0/24) :sis2 On the firewall, i can ping 10.100.1.100 and telnet 10.100.1.100 3389 -> OK When i am at home, i connect to firewall using "thegreenbow" vpn is ok, i can ping 10.100.1.250, use ssh on the firewall, but i can't ping 10.100.1.100 and can't use rdp on this address. my pf rules: ... set skip on {lo,enc0} pass out on sis2 inet proto tcp from $remote to 10.100.1.100 port 3389 pass out inet proto icmp all icmp-type echoreq ... Any idea ? thank you very much. Wesley
configure lan ports and wifi like a switch
Hi, I use an appliance with OpenBSD 4.9, there are 3 network ports(sis0-2), and a wifi port (ral0) sis0 : egress (internet) sis1, sis2, ral0 : lan i configure a hostname.trunk0 : trunkport sis2 trunkport sis1 trunkport ral0 trunkproto loadbalance inet 10.100.1.50 255.255.255.0 hostname.sis1, hostname.sis2 : up hostname.ral0 inet 10.100.1.241 255.255.255.0 NONE media autoselect mode 11g mediaopt hostap nwid SSID wpakey mypassword chan 11 up It seems to me that it doesn't work. Any advice, or ideas ? Thank you a lot for your replies !! Wesley.
Re: IPsec+rdomain
Hi, I already had the same problem. You need to use a Ipsec VPN and NAT. See here : http://www.undeadly.org/cgi?action=article&sid=20090127205841 Becare with your pf.conf syntax * many changes on recent OpenBSD Release. Cheers, Wesley MOUEDINE ASSABY www.mouedine.net On Wed, 14 Sep 2011 22:15:36 -0300, Rodrigo Mosconi wrote: > I would like to know how integrated/related IPsec tools are integrated > with the routing domains? > Is possible to configure ipsec tunnels as a vpn concentrator to > private classes? An example: > > At my side I have 2 private network (suppose 172.16.1.0/24 and > 172.16.2.0/24), and I have 2 partners that their network are the same > 10.10.10.0/24. > Both partners refuses to change the network. > > How can I distinguish both partners? Theoretically the partner A can > belong to rdomain 1 and partner B to rdomain 2? > > Just to simplify: > partner A access network 172.16.1.0/24 > and > partner B access network 172.16.2.0/24 > > Thanks for any help, > > Mosconi
Re: Starting popa3d ...
Hi, See the file /etc/inetd.conf cheers, Wesley MOUEDINE ASSABY On Tue, 13 Sep 2011 12:19:21 +0930, David Walker wrote: > Hi. > > uname -rsv > OpenBSD 5.0 GENERIC#39 > > I'm gearing up to use popa3d and testing it on a machine. > > I tried the following in rc.conf.local (where V is version number and > exeunt) ... > popa3d_flags="-D" > popa3d_flags="-V" > popa3d_flags="-D -V" > > ... and it does not start. > > Even though I see this in RC.D(8) ... > > Services comprising OpenBSD base > are > started by rc(8). > > ... and this in RC.CONF(8) ... > > This file contains a series of Bourne-shell syntax assignments that > are > used to configure the system daemons. > > ... and these in RC(8) .. > > rc is the command script that is invoked by init(8) when the system > starts up. It performs system housekeeping chores and starts up > system > daemons. > > Normal- > ly, rc.local contains commands and daemons that are not part of the > stock > installation. > > A quick (quick) grep of rc (and rc.conf) shows that while other > services in base are there popa3d is absent in both. > Is this an oversight for popa3d (and perhaps others) that aren't > included in rc but are in base? > Is this intended by the use of "Normally" in rc(8) and do those other > man pages warrant re-wording? > > So I added popa3d to rc.local and that works although I'm not sure if > the intended method is to merely pop the command in there ... > popa3d -D > ... bypassing rc.conf.local flags or some other method. > Doing thiss I get no feedback on whether or not popa3d has started > other than looking at ps -x ... > > It doesn't seem to matter whether or not I have a popa3d file in rc.d ... > This doesn't seem to be the intent of rc.d(8). > If I mv some of the other files related to rc services in rc.d > (notably ntpd and smtpd) I get an error message at boot when I try to > start those services. > Has popa3d or rc.local slipped through the cracks? > > I added popa3d to pkg_scripts= in rc.conf and that appears to function > as intended (rc.conf.local flags obeyed and requires file in rc.d). > > Best wishes.
Re: Why aren't you running -current?
Hi, Need to cvs update and rebuild, so take time. And configuration file can change. Cheers, Wesley. >> i'm sorry :( > > don't be sorry, just tell me why, i am just curious.
vpn ike1 ok, but can't access workstation
Hi, I have a win7 with dynamic ip address connected using "green Bow VPN". [road warrior]>[OpenBSD]>>>[192.168.0.0/24] The tunnel is opened. I can ping the OpenBSD(4.9) gateway(192.168.0.249), but no workstations in the lan. I try : "tcpdump -nettti pflog0" report me nothing. I try : "tcpdump -i enc0", i can see icmp packet provening from the win7 dynamic ip address. my ipsec.conf (openbsd box): ike dynamic from 192.168.0.0/24 to any main auth hmac-sha1 enc aes group modp1024 quick auth hmac-sha1 enc aes psk testabcd My pf.conf (openbsd) lan="sis2" set skip on {lo, enc0} match out on egress inet from $lan:network nat-to egress block log all pass in on egress proto {esp ah} pass in on egress proto udp to port {4500 500} pass in on egress inet proto tcp to port ssh pass So, any idea ? Thank you very much for your help! cheers, Wesley.
ikev2
Hi, sorry to post again this. Is there someone who have already tried a vpn using ikev2 with EAP-MSCHAP-V2 support ? Thank you very much. Cheers, Wesley.M
Re: vpn with a win7 workstation
Ok, thank you a lot for your replay. Have you ever try to use ikev2 ? using iked and so win7 have ikev2 support. I tried to use it (iked) but no success... :( If you can take a eye on it. Cheers, Wesley M. On Wed, 31 Aug 2011 19:07:49 +0800, Zak Elep wrote: > On Wed, Aug 31, 2011 at 6:30 PM, Wesley M. wrote: >> What is the best way to build a vpn between an OpenBSD 4.9 gateway >> and a Win7 workstation ? > > I got this working here on our network, both for Win7 and Ubuntu > clients going to an OpenBSD gateway. > > On the gateway, have /etc/ipsec.conf say something like > > # roadwarrior > ike passive esp from any to gateway.ip.address peer any psk > your-rand0m-password-here > ike passive esp from gateway.ip.address to any psk > your-rand0m-password-here > > And on your Win7 client, get Shrew VPN[0] and add a configuration with > the following auth: > > Phase 1: > - Exchange type: main > - DH Exchange: group 2 > - Cipher algorithm: aes > - Cipher key length: 256 Bits > - Hash algorithm: sha1 > > Phase 2: > - Transform length: aes > - Transform key length: 256 Bits > - HMAC algorithm: sha1 > - PFS Exchange: group 2 > - Compression algorithm: deflate > > Policy: > - add a topology entry that matches your internal network > > [0] http://www.shrew.net/download/vpn
vpn with a win7 workstation
Hi What is the best way to build a vpn between an OpenBSD 4.9 gateway and a Win7 workstation ? Thank you very much for your advices. All the best, Wesley M.
Re: ftpd server
Hi, You will find your solution here : http://www.openbsd.org/faq/pf/ftp.html Best regards, Wesley MOUEDINE ASSABY http://mouedine.net/ruleset49.aspx On Tue, 30 Aug 2011 23:38:41 -0700, fqui nonez wrote: > Hello > > I have a ftpd server box, OBSD-4.9, and pflog shows: > > Aug 29 10:11:03.520900 rule 3/(match) pass in on rl0: > 190.87.195.241.2732 > 192.168.5.2.21: S 2008995709:2008995709(0) win > 65535 > Aug 29 10:15:52.825409 rule 3/(match) pass in on rl0: > 190.87.195.241.3190 > 192.168.5.2.21: S 409025537:409025537(0) win > 65535 > Aug 29 10:27:40.085461 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.2732: FP 2719210498:2719210554(56) ack 2008995823 win > 17424 (DF) [tos 0x10] > Aug 29 10:28:44.085510 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 [tos 0x10] > Aug 29 10:29:48.085560 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10] > Aug 29 10:30:52.085653 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 [tos 0x10] > Aug 29 10:31:56.085655 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10] > Aug 29 10:32:29.475695 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.3190: FP 2719185758:2719185814(56) ack 409025651 win > 17424 [tos 0x10] > Aug 29 10:33:00.085705 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 [tos 0x10] > Aug 29 10:33:33.475738 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10] > Aug 29 10:34:04.085762 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10] > Aug 29 10:34:37.475788 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 [tos 0x10] > Aug 29 10:35:08.085806 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.2732: R 57:57(0) ack 1 win 0 (DF) [tos 0x10] > Aug 29 10:35:41.475843 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10] > Aug 29 10:36:45.475901 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 [tos 0x10] > Aug 29 10:37:49.475947 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10] > Aug 29 10:38:53.476001 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 [tos 0x10] > Aug 29 10:39:57.476044 rule 1/(match) block out on rl0: 192.168.5.2.21 >> 190.87.195.241.3190: R 57:57(0) ack 1 win 0 [tos 0x10] > > pf rules are: > > set skip on lo > block in log all > block out log all > pass out log quick on rl0 > pass in log quick on rl0 proto tcp from any to port {20 21 22} > antispoof quick log for rl0 > pass # to establish keep-state > > It look for me, that somebody send code over port 21, then ftpd > respond over port 21, and pf stops sftp! > I have seen that normal behaviour of ftpd is logged on random ports; > as effect of ftp_proxy. > > Is it happening something weird here? > > Thanks so much.
iked
Hi, Is there someone already use iked to build a vpn with a win7 ? ... And of course an OpenBSD gateway. Thank you very much for your help and reply. All the best, Wesley. PS : I already read man pages iked; ikectl and iked.conf