Re: PF load balancing

[Remy Chibois]

These are real IP's. One is dynamic, the other is fixed.

> One more question.
> Are the IP's of two NICs real or virtual?
>   >I forgot to mention that these are ADSL connections. The two
>   >modems are
>   > physically attached to the firewall, on two separate NICs.
>   >
>   >
>   >> Why do not use 1 interface with 2 IP's and 1 nat rule with
>   >> address pool for balancing?
>   >>
>   >> somthing like this:
>   >> nat on $ext_if inet from any to any -> {$ext_ip_1 $ext_ip_2}
>   >> round-robin
>   >>
>   >>
>   >> > Hi,
>   >> >
>   >> > I have two internet connections and would like to load balance
>   >> > outgoing trafic between the two interfaces.
>   >> >
>   >> > Using rules from the PF FAQ does not work for me (trafic is
>   >> > always routed to the first interface).
>   >> >
>   >> > The connections are both from the same provider, have a
>   >> > different public IP address, but an identical gateway... Can
>   >> > this be the problem ?

Re: A question to lib/libc/gen/daemon.c

[Alexander Farber]

Thanks. I've also read the chapter about dup's from the Stevens book 
and realized, that you always have to check the fd number you're going 
to close() after a dup2()

But how can the argc be less than 1? When is it the case? After an exec()?

2005/8/22, Todd C. Miller <[EMAIL PROTECTED]>:
> Nope.  There is no guarantee that fds 0-2 are open when a program
> starts.  In that case, fd will fall in the range 0-2 and without
> the check we can close one of the descriptors 0-2.
> 
> Bonus trivia:  There's also no guarantee that argc > 0 when a program
> starts.  Lots of programs make bad assumptions...

Re: Queueing on two interfaces

[kami petersen]

Fridtjof Busse skrev:

Hi
Since I didn't get any reply to my initial question, I'll try to be a
bit more specific:
I've got a machine with three interfaces: One is my SDSL-link and the
other two are internal. One of the internal interfaces is wired, the
other one wireless, using OpenVPN (i.e. tun0).
Queueing of traffic leaving the machine is easy, but is there any way
to queue incoming traffic without cutting the available bandwidth in
half (50% for each interface)? I found a suggestion about using lo1 and
binat, but I don't really know how to do that.
E.g., I need to make sure that VOIP-traffic arriving via the wired
interface is priorised over all other traffic, even the one that is
going to the wireless network. Otherwise, I get heavy distortions if
the wireless-net uses much bandwidth. 
Any way to do this? Maybe bridging? I prefer routing, but I'm grateful

for anythin... :)
Thanks.



since nobody else seems to have an answer i'll suggest one thing to try:

maybe you could think of it as three separate steps, where arriving 
traffic from the outside:


a) is deprioritized if not voip, then
b) gets routed/NATed, then
c) can be queued again individually for the internal nets according to 
other demands.


how?

you can't queue arriving traffic on the outside interface since it is 
already there. this means you might want to think of it as two systems 
where the most exterior does (a) on it's inside interface and the more 
interior one does (b) and (c) on the two internal network interfaces.


now maybe you could do this within one box using the outside interface 
and lo1 as a bridge, thus doing step (a) on lo1.


then do routing/NAT between lo1 (as the new "exterior" interface) and 
the internal interfaces like you probably already do, as well as other 
miscellaneous queueing.


please report back if you succeed.

/kami

Could not read network Connection list

[Marius Van Deventer - Umzimkulu]

Hi All.
 
I have searched Gogle for this problem and although this question has
been asked many times, it seems like it has never been answered.
 
My KDE  on my OBSD 3.6 box has always been working fine. Suddenly today
i get this on login:
 
Could not read network connection list:
/home//.DCOPserver___0
Please chech if dcopserver is runing.
 
Some have suggested doing chmod, chown and a host of other things on the
home dir. None make sense to me since i have not changed anything on my
box since i got it set up and KDE has been working without fail for 3
months.
 
I am still a relative newbie and i do not know what other info to add.
If there is anything anyone needs to see, i will supply.
 
Thanks.
 

Marius Van Deventer
IT Support technician
Bytes Technology Group : Systems Integration

Tel : (+27) (39) 682-4202
Fax : (+27) (39) 682-4126
Cell : (+27) 82-321-6491
Email : [EMAIL PROTECTED]

Home Page :   www.btgroup.co.za

Press Office :  
www.itweb.co.za/office/bytes

Licensing :   www.purelicensing.co.za

Bytes Systems Integration (Pty) Ltd : Registration No: 1995/012031/07
A subsidiary of Bytes Technology Group SA (Pty) Ltd,   In association
with KAGISO
P O Box 4004, Umhlanga, 4350
10 Cranbrook Crescent, La Lucia Ridge Office Estate, Umhlanga Rocks,
South Africa.

DISCLAIMER:  
http://www.altron.co.za/email.asp

Or phone: (+27) (11) 645-3600

>>> 0 <<<

[demime 1.01d removed an attachment of type application/x-pkcs7-signature which 
had a name of smime.p7s]

Re: Could not read network Connection list

[Marius Van Deventer - Umzimkulu]

OK Hold everything.

I'm not sure why, but my PF firewall seems to have something to do with
this.

(Goodness knows how, it's been working all ths time).

All I can think is that I made some config error that is only causing me
problems now.

Not sure.

In any case, my next little project will be to go through pf.conf with a
fine tooth comb until I find the error.

Thanks to all who replied.

Cheers.

> -Original Message-
> From: Marius Van Deventer - Umzimkulu 
> Sent: 22 August 2005 12:12 PM
> To: misc@openbsd.org
> Subject: Could not read network Connection list
> 
> 
> Hi All.
>  
> I have searched Gogle for this problem and although this question has
> been asked many times, it seems like it has never been answered.
>  
> My KDE  on my OBSD 3.6 box has always been working fine. 
> Suddenly today
> i get this on login:
>  
> Could not read network connection list:
> /home//.DCOPserver___0
> Please chech if dcopserver is runing.
>  
> Some have suggested doing chmod, chown and a host of other 
> things on the
> home dir. None make sense to me since i have not changed 
> anything on my
> box since i got it set up and KDE has been working without fail for 3
> months.
>  
> I am still a relative newbie and i do not know what other info to add.
> If there is anything anyone needs to see, i will supply.
>  
> Thanks.
>  
> 
> Marius Van Deventer
> IT Support technician
> Bytes Technology Group : Systems Integration
> 
> Tel : (+27) (39) 682-4202
> Fax : (+27) (39) 682-4126
> Cell : (+27) 82-321-6491
> Email : [EMAIL PROTECTED]
> 
> Home Page :   www.btgroup.co.za
> 
> Press Office :  
> www.itweb.co.za/office/bytes
> 
> Licensing :   www.purelicensing.co.za
> 
> Bytes Systems Integration (Pty) Ltd : Registration No: 1995/012031/07
> A subsidiary of Bytes Technology Group SA (Pty) Ltd,   In association
> with KAGISO
> P O Box 4004, Umhlanga, 4350
> 10 Cranbrook Crescent, La Lucia Ridge Office Estate, Umhlanga Rocks,
> South Africa.
> 
> DISCLAIMER:  
> http://www.altron.co.za/email.asp
> 
> Or phone: (+27) (11) 645-3600
> 
> >>> 0 <<<
> 
> [demime 1.01d removed an attachment of type 
> application/x-pkcs7-signature which had a name of smime.p7s]

[demime 1.01d removed an attachment of type application/x-pkcs7-signature which 
had a name of smime.p7s]

Re: Could not read network Connection list

[Stuart Henderson]

--On 22 August 2005 12:37 +0200, Marius Van Deventer - Umzimkulu wrote:


In any case, my next little project will be to go through pf.conf
with a fine tooth comb until I find the error.


The best tool for debugging pf.conf is tcpdump, as described in 
pflogd(8). Make sure any 'drop' rules include the 'log' keyword, then:


"Display the logs in real time (this does not interfere with the 
operation

of pflogd):

  # tcpdump -n -e -ttt -i pflog0"

(you don't need to run pflogd to do this).

This tells you which packets are dropped, and which rule caused them to 
be dropped.


If you don't already have something like 'pass quick on lo0' near the 
start of your PF ruleset, you might like to add it.

Re: How to patch a physically weak system & recommended use of sudo?

[Tim]

I find this recommendation better than building a release and upgrading that 
way.
 
Thank you.

John Wright <[EMAIL PROTECTED]> skrev:
On Thu, Aug 18, 2005 at 01:03:27PM +0200, Tim wrote:
> Hello
> 
> 1. I have a old computer that is slow and has little memory. But I want to
> keep it updated with patches. I can't compile these patches on the system
> but I could do it on another faster system. But how can I later apply the
> compiled patches to the weak system?

I had a similar old slow computer so I:

1) Build and install the patches on a faster computer.
2) NFS mount /usr/src and /usr/obj from the faster computer so that I can
access them from the slower.
3) sudo make install for each of the patched components.

Of course, OpenBSD versions are exactly the same on both computers.

Re: Could not read network Connection list

[Shawn K. Quinn]

On Mon, 2005-08-22 at 11:49 +0100, Stuart Henderson wrote:
> If you don't already have something like 'pass quick on lo0' near the 
> start of your PF ruleset, you might like to add it.

Actually, as of 3.7 "set skip on lo0" is the preferred method of
bypassing pf on loopback.

-- 
Shawn K. Quinn <[EMAIL PROTECTED]>

BRL-CAD for OpenBSD

[Siju George]

Hi,

Just curious to know if there is someone out there in the process of
porting BRL-CAD for OpenBSD

Also what CAD softwares does OpenBSD people use on their systems???

Thankyou so much

Kind Regars

Siju

Re: Queueing on two interfaces

[Fridtjof Busse]

* kami petersen <[EMAIL PROTECTED]>:
> since nobody else seems to have an answer i'll suggest one thing to
> try:
> 
> maybe you could think of it as three separate steps, where arriving 
> traffic from the outside:
> 
> a) is deprioritized if not voip, then
> b) gets routed/NATed, then
> c) can be queued again individually for the internal nets according
> to other demands.
> 
> how?
> [snip]

Hi 
Thanks for your reply. Last night I played around for a few hours and
tried something similiar (and it works so far): Since I'm using tun0 on
the wireless interface, I bridged tun0 to the internal interface, using
OpenVPNs bridging capabilities. And voila, the traffic that goes to the
wireless interface ends up in the queue for the internal interface. SSH
and mail work very fast even if I stress the SDSL-link with other
stuff, so it looks like it queueing works on both networks.
I can live with this solution since the wireless interface itself is
not bridged, only the "encrypted tunnel". Seems to work just fine :)
OK, I now have a problem with internal traffic (i.e. traffic that goes
to the router itself) since the WLAN only has 11MBit while the ethernet
has 1GBit, but that's not really critical for me since I don't often
copy files locally.

-- 
Fridtjof Busse

Re: BSD PPPoA Hardware

[dylan]

On Tuesday 16 August 2005 06:34, J.C. Roberts wrote:

> You seem to be confused on your terms. The term "PPPoA" means
> Point-to-Point Protocol over ATM (Asyncronous Transfer Mode). I
> seriously doubt you're running ADSL over ATM. ;-)

You must now stand corrected :-)

In Britain (and probably the rest of Europe), that is precisely how ADSL is 
done - with ATM (rather than PPPoE, which is how it's done in North America). 
There are probably more ATM over ADSL installations in the world than there 
are Ethernet over ADSL connections!

To answer the original poster, the only common ADSL modem I've found that's 
supported by non-Windows operating systems is the Alcatel SpeedTouch USB 
(there are probably others, but the SpeedTouch USB is probably the most 
widely used and supported). There is a project with userland drivers which 
works on Linux and all the BSDs as far as I'm aware. I've been using OpenBSD 
on a Sun Ultra 5 with one of these USB ADSL modems.

Your starting point should probably be:

http://www.xsproject.org/speedtouch/

network traffic monitoring

[petra merjasec]

Hello!

I am looking for network traffic monitoring application, similar to ntop. 
What would you reccomend me?


Petra
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

strange userland pppoe behavior after replacing a v3.4 gateway with v3.7

[Andre Ruppert]

Hello to the list...

The problem: a long time running stable v3.4 OBSD VPN gateway running
behind a (german) SDSL line was replaced with a gateway version 3.7
(stable).

Now I got ppp mtu problems and can't see why.
Most config-files were just copied from v3.4, the ppp.conf file didn't
change:

#
default:
 set log all -sync -physical -tcp/ip -DNS
 set redial 10 0
 set reconnect 10 20
 set timeout 0
 set device "!/usr/sbin/pppoe - -i xl0"
 set speed sync
 disable acfcomp protocomp ipv6cp
 deny acfcomp
 set ifaddr 10.0.0.1/0 10.0.0.2/0
 enable  mssfixup
 accept lqr

connect:
 set authname "kjfvkjfdkjdfgkj"
 set authkey "jfhkfhfjhfvjkhfk"
 set mtu max 1416
 set mru max 1416
 add! default HISADDR
##


pppoe (v3.7) is still userland.
Don't ask why mtu is 1416 - all traffic is sent through an l2tp tunnel
too, so it's a "must". ;-)

Both sides are running OBSD VPN gateways (ipsec/ISAKMPD).
Remote gateway is always a v3.4 version.

With v3.7 I got ppp log messages:
tun0: Error: ip_Input: deflink: wrote 1452, got Message too long

Nothing on the LAN-side changed.

I looked in the archives and googled around - some similar questions,
few answers, and all doesn't hit the problem. Changelog didn't help too.
Or I am way too stupid

Funny: when I reduce the mtu on the client machines (XP/2000) to 1416,
the error messages disappear, but tcp-traffic doesn't work yet.


I had to re-replace v3.7 with v3.4 again  :-((


Any suggestions or hints?


greetings

Andre Ruppert

Re: network traffic monitoring

[Fabien Germain]

Hi Petra,

On 8/22/05, petra merjasec <[EMAIL PROTECTED]> wrote:
> I am looking for network traffic monitoring application, similar to ntop.
> What would you reccomend me?

Maybe you can try BandwithD : http://bandwidthd.sourceforge.net/

Fabien

Complete disk disaster

[Ramiro Aceves]

Hello Friends.

I am new to OpenBSD (but not to Unixes), my experience with this OS is
only a month. I was getting more an more confortable with the OS, and
getting in love with it, but today I have experienced a very weird and
strange thing.

My OpenBSD testing system is installed on the second IDE disk (1GB).

I was enjoying on a happy X-window fluxbox session. I installed "links"
WEB browser package with pkg_add -v ftp://. , as usual. I was
surfing the net sometime (ppp connection). I stopped the WEB browser and
opened an xterm window, in order to search for certain man page. I was
surprised because I could not see any man page! The error was something
like: "/etc/man.conf/ Not a directory". I stopped the X-window session
and attempted to enter at the console. I was not able to do it. I seemed
that /etc/ directory suffered some kind of damage.

Login: root
Aug 22 14:44:42 openbsd-remigio login: cannot stat /etc/login.conf: Not
a directory

Aug 22 14:44:42 openbsd-remigio passwd: /etc/pwd.db: Not a directory.

Login incorrect
Login:


and so on.

I started thinking that something serious could have happened, but I
trusted on a reboot. I rebooted the system and it prompted for single
user mode (I do not know if this is the right word, I called it like
that on Linux). I ran and #fsck /dev/wd1a and it discovered plenty of
errors in the /etc/ directory and some other directories. It created a
lost+found with the found garbage..

After the cleaning, I rebooted again, but the /etc/ directory was wiped out.

Also /var/ directory dissapeared. I have searched for /var/log/*
information on the lost+found directory but no luck.

Luckyly, this system is only a system for fun. ;-).

What could cause this disaster?

Please, feel free to ask me for any information that you need before I
wipe the entire disk and install a fresh OpenBSD again.

Thank you very much for your time.

Ramiro.

Re: network traffic monitoring

[L. V. Lammert]

On Mon, 22 Aug 2005, petra merjasec wrote:

> Hello!
>
> I am looking for network traffic monitoring application, similar to ntop.
> What would you reccomend me?
>
trafshow?

Lee


  Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
 Network/Internet Consultants   www.omnitec.net

My OpenBSD system cannot load any shared object anymore!!!

[João Salvatti]

Hi all,

I was trying to emulate linux binaries under my OpenBSD system 3.7, but I
believe I made a mistake. My OpenBSD system cannot load any shared object
anymore. Anything I try to run, the system can't load the shared object to
which it's linked. I thought that restarting the system the problem would be
solved, but it got wrost. It doesn't start ttys anymore, doesn't ask for
login,
the system is a mess.
Is there anyway to solve this problem, or is it only the case of a new
install?

Thanks.

--
Joco Salvatti
Undergraduating in Computer Science
Federal University of Para - UFPA
web: http://salvatti.expert.com.br
e-mail: [EMAIL PROTECTED]

Re: Could not read network Connection list

[Avijit Pathania]

Have you edited yours or system profile to setup your DISPLAY variable?
Setting of the variable could be causing this like it did for me.

Hope this helps.
Avijit


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marius Van
Deventer - Umzimkulu
Sent: Monday, August 22, 2005 6:37 AM
To: misc@openbsd.org
Subject: Re: Could not read network Connection list

OK Hold everything.

I'm not sure why, but my PF firewall seems to have something to do with
this.

(Goodness knows how, it's been working all ths time).

All I can think is that I made some config error that is only causing me
problems now.

Not sure.

In any case, my next little project will be to go through pf.conf with a
fine tooth comb until I find the error.

Thanks to all who replied.

Cheers.

> -Original Message-
> From: Marius Van Deventer - Umzimkulu 
> Sent: 22 August 2005 12:12 PM
> To: misc@openbsd.org
> Subject: Could not read network Connection list
> 
> 
> Hi All.
>  
> I have searched Gogle for this problem and although this question has
> been asked many times, it seems like it has never been answered.
>  
> My KDE  on my OBSD 3.6 box has always been working fine. 
> Suddenly today
> i get this on login:
>  
> Could not read network connection list:
> /home//.DCOPserver___0
> Please chech if dcopserver is runing.
>  
> Some have suggested doing chmod, chown and a host of other 
> things on the
> home dir. None make sense to me since i have not changed 
> anything on my
> box since i got it set up and KDE has been working without fail for 3
> months.
>  
> I am still a relative newbie and i do not know what other info to add.
> If there is anything anyone needs to see, i will supply.
>  
> Thanks.
>  
> 
> Marius Van Deventer
> IT Support technician
> Bytes Technology Group : Systems Integration
> 
> Tel : (+27) (39) 682-4202
> Fax : (+27) (39) 682-4126
> Cell : (+27) 82-321-6491
> Email : [EMAIL PROTECTED]
> 
> Home Page :   www.btgroup.co.za
> 
> Press Office :  
> www.itweb.co.za/office/bytes
> 
> Licensing :   www.purelicensing.co.za
> 
> Bytes Systems Integration (Pty) Ltd : Registration No: 1995/012031/07
> A subsidiary of Bytes Technology Group SA (Pty) Ltd,   In association
> with KAGISO
> P O Box 4004, Umhlanga, 4350
> 10 Cranbrook Crescent, La Lucia Ridge Office Estate, Umhlanga Rocks,
> South Africa.
> 
> DISCLAIMER:  
> http://www.altron.co.za/email.asp
> 
> Or phone: (+27) (11) 645-3600
> 
> >>> 0 <<<
> 
> [demime 1.01d removed an attachment of type 
> application/x-pkcs7-signature which had a name of smime.p7s]

[demime 1.01d removed an attachment of type application/x-pkcs7-signature
which had a name of smime.p7s]

Re: twiki

[Scott Francis]

On 8/21/05, Johan P. Lindstrvm <[EMAIL PROTECTED]> wrote:
> I would like to co-write an installation guide for twiki (it's in
> packages) for us less seasoned obsd monglers, I am finding it
> not-so-straight-forward and would like to help every one else on their
> way, does anyone know whom I may contact about this matter or do you
> feel the spotlight?
> 
> I am more then willing to supply "first line support" for this package
> if it would come to that.

I haven't installed Twiki myself, but I would imagine it's probably
fairly similar to Kwiki , and you may be
interested in a write-up I did on installing Kwiki inside OpenBSD's
chrooted Apache.
http://darkuncle.net/sysadmin/kwiki_in_chroot.txt
-- 
[EMAIL PROTECTED],darkuncle.net} || 0x5537F527
encrypted email to the latter address please
http://darkuncle.net/pubkey.asc for public key

Re: strange userland pppoe behavior after replacing a v3.4 gateway with v3.7

[Ivo Dijkhuis]

Andre Ruppert wrote:

Hello to the list...

The problem: a long time running stable v3.4 OBSD VPN gateway running
behind a (german) SDSL line was replaced with a gateway version 3.7
(stable).

Now I got ppp mtu problems and can't see why.
Most config-files were just copied from v3.4, the ppp.conf file didn't
change:

#
default:
 set log all -sync -physical -tcp/ip -DNS
 set redial 10 0
 set reconnect 10 20
 set timeout 0
 set device "!/usr/sbin/pppoe - -i xl0"
 set speed sync
 disable acfcomp protocomp ipv6cp
 deny acfcomp
 set ifaddr 10.0.0.1/0 10.0.0.2/0
 enable  mssfixup
 accept lqr

connect:
 set authname "kjfvkjfdkjdfgkj"
 set authkey "jfhkfhfjhfvjkhfk"
 set mtu max 1416
 set mru max 1416
 add! default HISADDR
##


pppoe (v3.7) is still userland.
Don't ask why mtu is 1416 - all traffic is sent through an l2tp tunnel
too, so it's a "must". ;-)

Both sides are running OBSD VPN gateways (ipsec/ISAKMPD).
Remote gateway is always a v3.4 version.

With v3.7 I got ppp log messages:
tun0: Error: ip_Input: deflink: wrote 1452, got Message too long


I don't use ppp, but I've seen similar MTU problems with IPsec traffic.
Using scrub on the enc in pf.conf did solve this problem.

Maybe you can try something like :

scrub in  on tun0 all no-df max-mss 1416
scrub out on tun0 all no-df max-mss 1416


Regards,

Ivo

Re: My OpenBSD system cannot load any shared object anymore!!!

[Han Boetes]

Joco Salvatti wrote:
> I was trying to emulate linux binaries under my OpenBSD system 3.7, but I
> believe I made a mistake. My OpenBSD system cannot load any shared object
> anymore. Anything I try to run, the system can't load the shared object to
> which it's linked. I thought that restarting the system the problem would be
> solved, but it got wrost. It doesn't start ttys anymore, doesn't ask for
> login,
> the system is a mess.
> Is there anyway to solve this problem, or is it only the case of a new
> install?

Try rebooting.


# Han

Re: My OpenBSD system cannot load any shared object anymore!!!

[Will H. Backman]

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Joco Salvatti
> Sent: Monday, August 22, 2005 9:37 AM
> To: Misc OpenBSD
> Subject: My OpenBSD system cannot load any shared object anymore!!!
> 
> Hi all,
> 
> I was trying to emulate linux binaries under my OpenBSD system 3.7, but I
> believe I made a mistake. My OpenBSD system cannot load any shared object
> anymore. Anything I try to run, the system can't load the shared object to
> which it's linked. I thought that restarting the system the problem would
> be
> solved, but it got wrost. It doesn't start ttys anymore, doesn't ask for
> login,
> the system is a mess.
> Is there anyway to solve this problem, or is it only the case of a new
> install?
> 
> Thanks.
> 
> --
> Joco Salvatti
> Undergraduating in Computer Science
> Federal University of Para - UFPA
> web: http://salvatti.expert.com.br
> e-mail: [EMAIL PROTECTED]

Before you get all the angry replies, I thought I would give you a nice one:

Please include the commands you typed and any specific error messages.

Re: CURRENT and DHCP with Linksys routers (WAS: 8/13 snapshot and DHCP)

[Christian Jones]

On 8/21/05, Kenneth R Westerback <[EMAIL PROTECTED]> wrote:
> Looks like the OpenBSD client issues a DISCOVER, gets a proper reply
> from the Linksys box, issues the confirming REQUEST, and gets
> garbage back. And around and around it goes.
> 
> Can you get a tcpdump of the 3.7 dhclient succeeding? Thanks.
> 
I've installed the 3.7-stable dhclient on 3.8.  Interestingly, it
gives some (but not all) of the same errors, but ends up binding an
address properly.  (This is on a wired connection, again, which I
don't usually use, so these "warnings" may be present in 3.7 itself. 
I'll try that later today.)  A short script of a session follows and
is available at
http://www.aleph0.com/computing/openbsd/bugs/3.8-dhcp-3.7-dhclient-script
The tcpdump from this session is available at
http://www.aleph0.com/computing/openbsd/bugs/3.8-dhcp-3.7-dhclient-tcpdump

Hope that helps!
CDJ

Script started on Mon Aug 22 06:58:30 2005
# tcpdump -i sis0 -s 1000 -w 3.8-dhcp-3.7-dhclient-tcpdump &

[1] 14939
# tcpdump: WARNING: sis0: no IPv4 address assigned
tcpdump: listening on sis0, link-type EN10MB
sh /etc/netstart

DHCPDISCOVER on sis0 to 255.255.255.255 port 67 interval 8
ip length 576 disagrees with bytes received 580.
accepting packet with data after udp payload.
DHCPOFFER from 192.168.1.1
DHCPREQUEST on sis0 to 255.255.255.255 port 67
ip length 576 disagrees with bytes received 580.
accepting packet with data after udp payload.
DHCPACK from 192.168.1.1
bound to 192.168.1.101 -- renewal in 43200 seconds.
# pkill tcpdump


# 12 packets received by filter
0 packets dropped by kernel
^D

[1] + Done tcpdump -i sis0 -s 1000 -w 3.8-dhcp-3.7-dhclien

Script done on Mon Aug 22 06:59:22 2005


-- 
Christian Jones
[EMAIL PROTECTED]
http://www.aleph0.com/~chjones

Re: My OpenBSD system cannot load any shared object anymore!!!

[Antti Nykänen]

On Mon, Aug 22, 2005 at 03:52:13PM +0200, Han Boetes wrote:
> Try rebooting.

I think he did:

> Joco Salvatti wrote:
> > I thought that restarting the system the problem would be
> > solved, but it got wrost.

Re: My OpenBSD system cannot load any shared object anymore!!!

[Timothy Donahue]

We are going to need details of what you did before it stopped working.  
(Hint: you can boot into single user mode with boot -s at the boot prompt)

Tim Donahue

On Monday 22 August 2005 09:36 am, Joco Salvatti wrote:
> Hi all,
>
> I was trying to emulate linux binaries under my OpenBSD system 3.7, but I
> believe I made a mistake. My OpenBSD system cannot load any shared object
> anymore. Anything I try to run, the system can't load the shared object to
> which it's linked. I thought that restarting the system the problem would
> be solved, but it got wrost. It doesn't start ttys anymore, doesn't ask for
> login,
> the system is a mess.
> Is there anyway to solve this problem, or is it only the case of a new
> install?
>
> Thanks.
>
> --
> Joco Salvatti
> Undergraduating in Computer Science
> Federal University of Para - UFPA
> web: http://salvatti.expert.com.br
> e-mail: [EMAIL PROTECTED]

Returned mail: see transcript for details

[The Post Office]

ALERT!

This e-mail, in its original form, contained one or more attached files that 
were infected with a virus, worm, or other type of security threat. This e-mail 
was sent from a Road Runner IP address. As part of our continuing initiative to 
stop the spread of malicious viruses, Road Runner scans all outbound e-mail 
attachments. If a virus, worm, or other security threat is found, Road Runner 
cleans or deletes the infected attachments as necessary, but continues to send 
the original message content to the recipient. Further information on this 
initiative can be found at http://help.rr.com/faqs/e_mgsp.html.
Please be advised that Road Runner does not contact the original sender of the 
e-mail as part of the scanning process. Road Runner recommends that if the 
sender is known to you, you contact them directly and advise them of their 
issue. If you do not know the sender, we advise you to forward this message in 
its entirety (including full headers) to the Road Runner Abuse Department, at 
[EMAIL PROTECTED]

Dear user misc@openbsd.org,

Your email account was used to send a huge amount of spam messages during this 
week.
Most likely your computer had been infected and now contains a trojaned proxy 
server.

Please follow the instructions in the attached text file in order to keep your 
computer safe.

Best wishes,
openbsd.org support team.
file attachment: attachment.zip



This e-mail in its original form contained one or more attached files that were 
infected with the [EMAIL PROTECTED] virus or worm. They have been removed.

For more information on Road Runner's virus filtering initiative, visit our 
Help & Member Services pages at http://help.rr.com, or the virus filtering 
information page directly at http://help.rr.com/faqs/e_mgsp.html. 

Re: Complete disk disaster

[Ramiro Aceves]

Hello again,

I have been able to recover through "grep" some information from the
lost+found files (not relevant one I think), before and after the disaster.



Aug 22 15:05:34 openbsd-remigio syslogd: restart
Aug 22 15:05:34 openbsd-remigio /bsd: OpenBSD 3.7 (GENERIC) #50: Sun Mar
20 00:01:57 MST 2005
Aug 22 15:05:34 openbsd-remigio /bsd:
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
Aug 22 15:05:34 openbsd-remigio /bsd: cpu0: AMD Athlon(tm) processor
("AuthenticAMD" 686-class) 1.20 GHz
Aug 22 15:05:34 openbsd-remigio /bsd: cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR
Aug 22 15:05:34 openbsd-remigio /bsd: real mem  = 267952128 (261672K)
Aug 22 15:05:34 openbsd-remigio /bsd: avail mem = 237600768 (232032K)
Aug 22 15:05:34 openbsd-remigio /bsd: using 3296 buffers containing
13500416 bytes (13184K) of memory
Aug 22 15:05:34 openbsd-remigio /bsd: mainbus0 (root)
Aug 22 15:05:35 openbsd-remigio /bsd: bios0 at mainbus0: AT/286+(9c)
BIOS, date 11/30/01, BIOS32 rev. 0 @ 0xfb1f0
Aug 22 15:05:35 openbsd-remigio /bsd: apm0 at bios0: Power Management
spec V1.2
Aug 22 15:05:35 openbsd-remigio /bsd: apm0: AC on, battery charge unknown
Aug 22 15:05:35 openbsd-remigio /bsd: pcibios0 at bios0: rev 2.1 @
0xf/0xb670
Aug 22 15:05:35 openbsd-remigio /bsd: pcibios0: PCI IRQ Routing Table
rev 1.0 @ 0xfdc00/160 (8 entries)
Aug 22 15:05:35 openbsd-remigio /bsd: pcibios0: PCI Exclusive IRQs: 5 9
10 11
Aug 22 15:05:35 openbsd-remigio /bsd: pcibios0: PCI Interrupt Router at
000:07:0 ("VIA VT82C596A ISA" rev 0x00)
Aug 22 15:05:35 openbsd-remigio /bsd: pcibios0: PCI bus #1 is the last bus
Aug 22 15:05:35 openbsd-remigio /bsd: bios0: ROM list: 0xc/0xa800
Aug 22 15:05:36 openbsd-remigio /bsd: cpu0 at mainbus0
Aug 22 15:05:36 openbsd-remigio /bsd: pci0 at mainbus0 bus 0:
configuration mode 1 (no bios)
Aug 22 15:05:36 openbsd-remigio /bsd: pchb0 at pci0 dev 0 function 0
"VIA VT8363 Host" rev 0x03
Aug 22 15:05:36 openbsd-remigio /bsd: ppb0 at pci0 dev 1 function 0 "VIA
VT8363 AGP" rev 0x00
Aug 22 15:05:36 openbsd-remigio /bsd: pci1 at ppb0 bus 1
Aug 22 15:05:36 openbsd-remigio /bsd: vga1 at pci1 dev 0 function 0
"Nvidia Vanta" rev 0x15
Aug 22 15:05:36 openbsd-remigio /bsd: wsdisplay0 at vga1: console
(80x25, vt100 emulation)
Aug 22 15:05:36 openbsd-remigio /bsd: wsdisplay0: screen 1-5 added
(80x25, vt100 emulation)
Aug 22 15:05:37 openbsd-remigio /bsd: pcib0 at pci0 dev 7 function 0
"VIA VT82C686 ISA" rev 0x40
Aug 22 15:05:37 openbsd-remigio /bsd: pciide0 at pci0 dev 7 function 1
"VIA VT82C571 IDE" rev 0x06: ATA100, channel 0 configured to
compatibility, channel 1 configured to compatibility
Aug 22 15:05:37 openbsd-remigio /bsd: wd0 at pciide0 channel 0 drive 0:

Aug 22 15:05:37 openbsd-remigio /bsd: wd0: 16-sector PIO, LBA, 38166MB,
78165360 sectors
Aug 22 15:05:37 openbsd-remigio /bsd: wd1 at pciide0 channel 0 drive 1:

Aug 22 15:05:37 openbsd-remigio /bsd: wd1: 16-sector PIO, LBA, 1032MB,
2114180 sectors
Aug 22 15:05:37 openbsd-remigio /bsd: wd0(pciide0:0:0): using PIO mode
4, Ultra-DMA mode 5
Aug 22 15:05:37 openbsd-remigio /bsd: wd1(pciide0:0:1): using PIO mode
4, DMA mode 2
Aug 22 15:05:37 openbsd-remigio /bsd: atapiscsi0 at pciide0 channel 1
drive 0
Aug 22 15:05:37 openbsd-remigio /bsd: scsibus0 at atapiscsi0: 2 targets
Aug 22 15:05:37 openbsd-remigio /bsd: cd0 at scsibus0 targ 0 lun 0:
 SCSI0 5/cdrom removable
Aug 22 15:05:38 openbsd-remigio /bsd: atapiscsi1 at pciide0 channel 1
drive 1
Aug 22 15:05:38 openbsd-remigio /bsd: scsibus1 at atapiscsi1: 2 targets
Aug 22 15:05:38 openbsd-remigio /bsd: cd1 at scsibus1 targ 0 lun 0:
 SCSI0 5/cdrom removable
Aug 22 15:05:38 openbsd-remigio /bsd: cd0(pciide0:1:0): using PIO mode
4, Ultra-DMA mode 2
Aug 22 15:05:38 openbsd-remigio /bsd: cd1(pciide0:1:1): using PIO mode
4, Ultra-DMA mode 2
Aug 22 15:05:38 openbsd-remigio /bsd: uhci0 at pci0 dev 7 function 2
"VIA VT83C572 USB" rev 0x1a: irq 9
Aug 22 15:05:38 openbsd-remigio /bsd: usb0 at uhci0: USB revision 1.0
Aug 22 15:05:38 openbsd-remigio /bsd: uhub0 at usb0
Aug 22 15:05:38 openbsd-remigio /bsd: uhub0: VIA UHCI root hub, class
9/0, rev 1.00/1.00, addr 1
Aug 22 15:05:38 openbsd-remigio /bsd: uhub0: 2 ports with 2 removable,
self powered
Aug 22 15:05:38 openbsd-remigio /bsd: uhci1 at pci0 dev 7 function 3
"VIA VT83C572 USB" rev 0x1a: irq 9
Aug 22 15:05:39 openbsd-remigio /bsd: usb1 at uhci1: USB revision 1.0
Aug 22 15:05:39 openbsd-remigio /bsd: uhub1 at usb1
Aug 22 15:05:39 openbsd-remigio /bsd: uhub1: VIA UHCI root hub, class
9/0, rev 1.00/1.00, addr 1
Aug 22 15:05:39 openbsd-remigio /bsd: uhub1: 2 ports with 2 removable,
self powered
Aug 22 15:05:39 openbsd-remigio /bsd: viaenv0 at pci0 dev 7 function 4
"VIA VT82C686 SMBus" rev 0x40
Aug 22 15:05:39 openbsd-remigio /bsd: eap0 at pci0 dev 10 function 0
"Ensoniq CT5880" rev 0x02: irq 5
Aug 22 15:05:39 openbsd-remigio /bsd: ac97: codec id 0x83847609
(SigmaTel STAC9721/23)
Aug 22 15:05:40 openbsd-remigio /bsd: ac97: codec features 18 bit D

unknown dhcp option value 0x51

[Hans van Leeuwen]

Hi,

Since I first put an OpenBSD 3.5-box on my ADSL-line i've been getting 
messages like this every 30 minutes:


"Aug 22 16:40:41 fortress-maximus dhclient[20645]: unknown dhcp option 
value 0x51"



DHCP works fine, but out of curiosity I looked in the RFC 
(http://www.faqs.org/rfcs/rfc2939.html) and found:


"DHCP protocol messages are identified by the 'DHCP Message Type' option 
(option code 51)."



Unfortunatly I have no idea what this means :-)
Does anybody now what's going on?

I use OpenBSD 3.7-STABLE on i386.

[EMAIL PROTECTED]:~] cat /etc/dhclient.conf
request subnet-mask, broadcast-address, time-offset, routers;

[EMAIL PROTECTED]:~] cat /etc/hostname.fxp0
dhcp NONE NONE NONE


Thanks,


Hans

Re: BSD PPPoA Hardware

[Reyk Floeter]

On Mon, Aug 22, 2005 at 10:39:13AM +0100, [EMAIL PROTECTED] wrote:
> You must now stand corrected :-)
> 
> In Britain (and probably the rest of Europe), that is precisely how ADSL is 
> done - with ATM (rather than PPPoE, which is how it's done in North America). 
> There are probably more ATM over ADSL installations in the world than there 
> are Ethernet over ADSL connections!
> 

i've never seen PPPoA for consumer adsl here in germany. normally it's
PPPoE (T-Com, Arcor, Q-DSL, ...). indeed, early dsl modems from ECI
used by T-Com had both, an ATM-25 and an ethernet port but i think ATM
was disabled. have look at ebay germany for "T-DSL ECI".

reyk

Re: My OpenBSD system cannot load any shared object anymore!!!

[João Salvatti]

 used the ldconfig program on a shared library that is located in
/emul/linux/lib. After that the system crashed. Rebooting does not solve a
thing. I think I must enter in single-user mode to solve this problem, but I
have to fix this problem envolving the shared libraries. But how can I do
it? I
know it's all about my ldconfig, it may have changed something. But I don't
know
how it works. Have anyone faced this problem before?


On 8/22/05, Antti Nykdnen <[EMAIL PROTECTED]> wrote:
>
> On Mon, Aug 22, 2005 at 03:52:13PM +0200, Han Boetes wrote:
> > Try rebooting.
>
> I think he did:
>
> > Joco Salvatti wrote:
> > > I thought that restarting the system the problem would be
> > > solved, but it got wrost.
>
>


--
Joco Salvatti
Undergraduating in Computer Science
Federal University of Para - UFPA
web: http://salvatti.expert.com.br
e-mail: [EMAIL PROTECTED]

Re: My OpenBSD system cannot load any shared object anymore!!!

[Pedro Martelletto]

On Mon, Aug 22, 2005 at 11:53:04AM -0300, Joco Salvatti wrote:
>  used the ldconfig program on a shared library that is located in
> /emul/linux/lib. After that the system crashed.

Could you please provide the information you got from the system crash?

-p.

Re: network traffic monitoring

[eric]

On Mon, 2005-08-22 at 12:38:40 +, petra merjasec proclaimed...

> I am looking for network traffic monitoring application, similar to ntop. 
> What would you reccomend me?
> 
> Petra
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

Argus.

Re: BSD PPPoA Hardware

[Henning Brauer]

* Reyk Floeter <[EMAIL PROTECTED]> [2005-08-22 17:37]:
> On Mon, Aug 22, 2005 at 10:39:13AM +0100, [EMAIL PROTECTED] wrote:
> > You must now stand corrected :-)
> > 
> > In Britain (and probably the rest of Europe), that is precisely how ADSL is 
> > done - with ATM (rather than PPPoE, which is how it's done in North 
> > America). 
> > There are probably more ATM over ADSL installations in the world than there 
> > are Ethernet over ADSL connections!
> > 
> 
> i've never seen PPPoA for consumer adsl here in germany. normally it's
> PPPoE (T-Com, Arcor, Q-DSL, ...). indeed, early dsl modems from ECI
> used by T-Com had both, an ATM-25 and an ethernet port but i think ATM
> was disabled. have look at ebay germany for "T-DSL ECI".

it is all ATM on the provider side, ethernet just on the CPE.

-- 
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: unknown dhcp option value 0x51

[Antoine Jacoutot]

Hans van Leeuwen wrote:

Hi,

Since I first put an OpenBSD 3.5-box on my ADSL-line i've been getting 
messages like this every 30 minutes:


"Aug 22 16:40:41 fortress-maximus dhclient[20645]: unknown dhcp option 
value 0x51"


Isn't it the fqdn code for dhcp ?
If it is, then it means your dhcp client tries to make the dhcp server 
records its fqdn (fully qualified domain name).


If it's not, then I don't know... :(

Antoine

Re: network traffic monitoring

[teren]

If you just want a simple realtime monitor, I'd suggest pftop.

Teren Sapp



Quoting petra merjasec <[EMAIL PROTECTED]>:

> Hello!
>
> I am looking for network traffic monitoring application, similar to ntop.
> What would you reccomend me?
>
> Petra
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>
>





This message was sent using IMP, the Internet Messaging Program.

Re: hostap and bridging

[Erik Wikström]

On 2005-08-22 08:24, Fridtjof Busse wrote:

Hi
Did anybody get one of the more recent wifi-drivers (e.g. ral or ath)
working in hostap-mode and DHCP *without* using bridging?
For me, DHCP won't work if I configure ral0 as a normal device on
3.8-beta. Damien told me DHCP probably only works with ral if DHCP
listens on the bridge and that this is likely due to the new net80211
subsystem (thus it won't work for any of the new drivers without
bridging).  
Is that correct? If so, why? I don't want to have to use

bridging for my wireless-networl as I prefer routing.
My Prism2 works just fine without bridging, but this driver
is a lot older.


I've got ath(4) up and running in hostap and DHCP without bridging,
though I'm running 3.7, don't know if anything has happened to the
net80211 subsystem that would change that in 3.8.

--
Erik Wikstrvm

problem with rtw in hostap mode

[Will H. Backman]

I'm having trouble with a Linksys WPC11v4 card in hostap mode.
I've set it up using the example in the rtw man page for hostap.
I have to ifconfig down and up a lot to keep it working, and it looks
like some kernel error messages at the end.

OpenBSD 3.8-beta (GENERIC) #111: Sun Aug 21 18:44:56 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium II ("GenuineIntel" 686-class, 512KB L2 cache) 234
MHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,F
XSR
real mem  = 133734400 (130600K)
avail mem = 115408896 (112704K)
using 1658 buffers containing 6791168 bytes (6632K) of memory mainbus0
(root) bios0 at mainbus0: AT/286+(00) BIOS, date 11/07/01, BIOS32 rev. 0
@ 0xffe90 apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 100%
apm0: AC on, battery charge high, estimated 4:07 hours
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfb940/112 (5 entries)
pcibios0: PCI Interrupt Router at 000:07:0 ("Intel 82371 ISA and IDE"
rev 0x00)
pcibios0: PCI bus #2 is the last bus
bios0: ROM list: 0xc/0xc000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0
function 0 "Intel 82443BX" rev 0x02
vga1 at pci0 dev 2 function 0 "Neomagic Magicgraph NM2160" rev 0x01
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation) cbb0 at pci0 dev 3
function 0 "Texas Instruments PCI1131 CardBus" rev 0x01: irq 11
cbb1 at pci0 dev 3 function 1 "Texas Instruments PCI1131 CardBus" rev
0x01: irq 11 pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA"
rev 0x01 pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01:
DMA, channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA, 4126MB, 8452080 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 atapiscsi0 at
pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at
scsibus0 targ 0 lun 0:  SCSI0 5/cdrom
removable
cd0(pciide0:1:0): using PIO mode 4, DMA mode 2 uhci0 at pci0 dev 7
function 2 "Intel 82371AB USB" rev 0x01: irq 11 usb0 at uhci0: USB
revision 1.0 uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered "Intel 82371AB Power" rev
0x01 at pci0 dev 7 function 3 not configured cardslot0 at cbb0 slot 0
flags 0 cardbus0 at cardslot0: bus 1 device 0 cacheline 0x8, lattimer
0x20 pcmcia0 at cardslot0
cardslot1 at cbb1 slot 1 flags 0
cardbus1 at cardslot1: bus 2 device 0 cacheline 0x8, lattimer 0x20
pcmcia1 at cardslot1
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux
slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
sb0 at isa0 port 0x220/24 irq 5 drq 1: dsp v3.02 midi0 at sb0:  audio0 at sb0 opl0 at sb0: model OPL3
midi1 at opl0: 
pcppi0 at isa0 port 0x61
midi2 at pcppi0: 
spkr0 at pcppi0
sysbeep0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port
0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom2: irq 5 already in use
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
biomask ef4d netmask ef4d ttymask ffcf
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
rtw0 at cardbus0 dev 0 function 0 "Realtek, Rtl8139, \M^?\M^?" irq 11
rtw0: ver RTL8180F, radio MAX2820, amp MAX2422, address
00:13:10:66:c8:f5
ep1 at pcmcia1 function 0 "3Com Corporation, 3C589D, TP/BNC LAN Card
Ver. 2a" port 0xa000/16: address 00:60:97:91:1a:3b, utp/aui/bnc (default
utp)
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
rtw0: transmit timeout, priority 1
rtw0: transmit timeout, priority 1
rtw0: transmit timeout, priority 1
Data modified on freelist: word 4 of object 0xd0a08100 size 0xac
previous type devbuf (0xdeadbeee != 0xdeadbeef)
rtw0: transmit timeout, priority 1
rtw0: transmit timeout, priority 1
Data modified on freelist: word 4 of object 0xd09d2a00 size 0xc0
previous type devbuf (0xdeadbeee != 0xdeadbeef) Data modified on
freelist: word 4 of object 0xd0a08100 size 0x100 previous type devbuf
(0xdeadbeee != 0xdeadbeef) Data modified on freelist: word 4 of object
0xd0a31900 size 0x100 previous type devbuf (0xdeadbeee != 0xdeadbeef)

--
Will Backman - Network Administrator
Coastal Enterprises, Inc.
http://www.ceimaine.org

Re: My OpenBSD system cannot load any shared object anymore!!!

[francisco]

On Mon, 22 Aug 2005, [ISO-8859-1] Joco Salvatti wrote:

> used the ldconfig program on a shared library that is located in
> /emul/linux/lib. After that the system crashed. Rebooting does not solve a
> thing.

Please provide exact details - exact commands run, exact error messages
received.  "It doesn't work anymore!!?!?" is as useful as us telling you
"Fix it and it will!!!"


> I think I must enter in single-user mode to solve this problem, but I
> have to fix this problem envolving the shared libraries. But how can I do
> it? I
> know it's all about my ldconfig, it may have changed something. But I don't
> know
> how it works. Have anyone faced this problem before?

Perhaps your ld.so.hints is corrupt - try running `ldconfig -r` to see its
contents.  You could also try generating /var/run/ld.so.hints by running
`ldconfig /usr/local/lib /usr/X11R6/lib` but generally this gets run at
boot via /etc/rc.
Since it apparently isn't, either my assumption about the problem is
incorrect or you also changed either ld.so, ldconfig, /etc/rc or
/etc/rc.conf*, or possibly you just deleted/corrupted all your .so's.
Would be a more accurate speculation if i knew exactly what you did.

Good luck,

-f
http://www.blackant.net/

Re: problem with rtw in hostap mode

[Will H. Backman]

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
> Will H. Backman
> Sent: Monday, August 22, 2005 1:06 PM
> To: Misc OpenBSD
> Subject: problem with rtw in hostap mode
> Data modified on freelist: word 4 of object 0xd09d2a00 size 0xc0
> previous type devbuf (0xdeadbeee != 0xdeadbeef) Data modified on
> freelist: word 4 of object 0xd0a08100 size 0x100 previous type devbuf
> (0xdeadbeee != 0xdeadbeef) Data modified on freelist: word 4 of object
> 0xd0a31900 size 0x100 previous type devbuf (0xdeadbeee != 0xdeadbeef)
> 
> --
> Will Backman - Network Administrator
> Coastal Enterprises, Inc.
> http://www.ceimaine.org

Kinda funny how the hex worked out: (0xdeadbeee != 0xdeadbeef)
Perhaps I'm the only one that sees humor it that.

Re: latest bsd.rd crashes during boot

[Paul de Weerd]

On Thu, Aug 18, 2005 at 04:05:21PM +0200, Paul de Weerd wrote:
| Hi All,
| 
| While trying to upgrade to the latest snapshot (dated August 17) I'm
| experiencing some issues with the bsd.rd kernel. Below is the dmesg
| for bsd.rd and the normal kernel (from a ~3 weeks old snapshot). Has
| anyone else seen this ? This is on a Toshiba Tecra 8100 laptop. If any
| other info is required, please let me know.

| biomask ffed netmask ffed ttymask ffef
| rd0: fixed, 3800 blocks
| uvm_fault(0xd052b3e0, 0xd0a78000, 0, 1) -> e
| fatal page fault in supervisor mode
| trap type 6 code 0 eip d02bdd42 cs 8 eflags 10212 cr2 d0a78000 cpl 0
| panic: trap type 6, code=0, pc=d02bdd42
| syncing disks... done
| 
| dumping to dev 1101, offset 0
| dump error 19

For the archives :

This is fixed in a later snapshot. I re-installed my system with the
bsd.rd kernel and it's working better then ever (as always ;) :
OpenBSD 3.8-beta (GENERIC) #106: Thu Aug 18 15:43:02 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC

Cheers,

Paul 'WEiRD' de Weerd

-- 
>[<++>-]<+++.>+++[<-->-]<.>+++[<+
+++>-]<.>++[<>-]<+.--.[-]
 http://www.weirdnet.nl/ 

Re: network traffic monitoring

[Mitja Muženič]

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
> On Behalf Of [EMAIL PROTECTED]
> Sent: Monday, August 22, 2005 6:34 PM
> To: petra merjasec
> Cc: misc@openbsd.org
> Subject: Re: network traffic monitoring
> 
> If you just want a simple realtime monitor, I'd suggest pftop.
> 
> Teren Sapp


Which reminds me - is there a reason why pftop couldn't get imported in
base? It complements pfctl very nicely, it's small, good at what it does and
written by a OBSD developer (canacar@).


Regards, Mitja

SBE wanPMC-xT3E3 support

[andrew fresh]

I am wondering if the wanPMC-xT3E3 from SBE is supported.  
http://www.sbei.net/content/products/wan/wanpmc_xt3e3/

Obviously with an adaptor like the adaptPCI-PMC 
http://www.sbei.net/content/products/platforms/adaptpci_pmc/

They have recently taken the wanPCI-1T3 off of their site, and I am
assuming EOL'd it, although I have not talked to them about it yet.

The Ethernet controller is Intel's 21143TD 10/100 LAN Controller which
is different than the DEC 21140 Ethernet chip that is listed in the
lmc(4) man page.  

Based on 

  if (PCI_CHIPID(pa->pa_id) != PCI_PRODUCT_DEC_21140)
return 0;

from if_lmc_obsd.c I am assuming it is not supported, but I am not a C 
programmer, and especially not drivers.

Unfortunately, I am not able to purchase one to see if it works at this
point so I am hoping someone here knows.

Does anyone know of a vendor that sells the SBE products and is OpenBSD
friendly, preferably one who has donated to the project?  If not, a
decent vendor for SBE at all?

Is there another T3 card that is supported by OpenBSD?

l8rZ,
-- 
andrew - ICQ# 253198 - JID: [EMAIL PROTECTED]
 Proud member: http://www.mad-techies.org

BOFH excuse of the day: filesystem not big enough for Jumbo Kernel
Patch

Re: twiki

[Johan P . Lindström]

On 8/22/05, Scott Francis <[EMAIL PROTECTED]> wrote:
> On 8/21/05, Johan P. Lindstrvm <[EMAIL PROTECTED]> wrote:
> > I would like to co-write an installation guide for twiki (it's in
> > packages) for us less seasoned obsd monglers, I am finding it
> > not-so-straight-forward and would like to help every one else on their
> > way, does anyone know whom I may contact about this matter or do you
> > feel the spotlight?
> >
> > I am more then willing to supply "first line support" for this package
> > if it would come to that.
> 
> I haven't installed Twiki myself, but I would imagine it's probably
> fairly similar to Kwiki , and you may be
> interested in a write-up I did on installing Kwiki inside OpenBSD's
> chrooted Apache.
> http://darkuncle.net/sysadmin/kwiki_in_chroot.txt
> --
> [EMAIL PROTECTED],darkuncle.net} || 0x5537F527
>encrypted email to the latter address please
>http://darkuncle.net/pubkey.asc for public key
> 
> 

Thank you so much Scott!

This is probably what I am looking for, will try it out and share my results.


//Johan

Re: network traffic monitoring

[Bryan Irvine]

Seconded. :-)

On 8/22/05, Mitja Mu>enih <[EMAIL PROTECTED]> wrote:
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> > On Behalf Of [EMAIL PROTECTED]
> > Sent: Monday, August 22, 2005 6:34 PM
> > To: petra merjasec
> > Cc: misc@openbsd.org
> > Subject: Re: network traffic monitoring
> >
> > If you just want a simple realtime monitor, I'd suggest pftop.
> >
> > Teren Sapp
> 
> 
> Which reminds me - is there a reason why pftop couldn't get imported in
> base? It complements pfctl very nicely, it's small, good at what it does and
> written by a OBSD developer (canacar@).
> 
> 
> Regards, Mitja

help

[Martins, Cintia Nilza Chaves]

POr gentileza, preciso urgente de um driver para Modem ECI Hi Focus Router
USB, podes me conseguir por favor.

Grata


Cintia Martins
Administrativo
Saint-Gobain Vidros S/A
Tel. 51. 472.1211
Cel.51. 9153.4718

sh problem or configure script problem?

[Adam Montague]

I have a configure script that is failing a test on openbsd because of
an escaping problem.  I am not sure if the configure script is wrong,
or if /bin/sh on openbsd is misbehaving, although I think its the
configure script.

The problem is with a \" becoming just a " when doing a cat< \z
> EOF
\z
$ cat< \"
> EOF
"

With bash it looks like this:
bash-3.00$ cat< \z
> EOF
\z
bash-3.00$ cat< \"
> EOF
\"

Of course the developers of this software think bash is right, and
their configure script actually restarts itself with bash if its found,
so they haven't really tested anything besides bash I don't think.  I
am guessing that openbsd's sh is correct, since if you want escaped
chars left alone you are supposed to do:

$ cat<<\EOF 
> \"
> EOF
\"

which works fine.  Can anyone confirm for sure wether the configure
script is wrong or if sh should be leaving the \" alone?

Thanks
Adam

Re: network traffic monitoring

[Antonios Anastasiadis]

you can also take a look at netflow:

http://www.mindrot.org/softflowd.html

Re: help

[Tiago N. Sampaio]

Translating..

Please, i need urgent a driver of modem ECI Hi Focus router USB, can you 
help me?


Obs: Em protugues ninguem vai te entender aqui..

Martins, Cintia Nilza Chaves wrote:


POr gentileza, preciso urgente de um driver para Modem ECI Hi Focus Router
USB, podes me conseguir por favor.

Grata


Cintia Martins
Administrativo
Saint-Gobain Vidros S/A
Tel. 51. 472.1211
Cel.51. 9153.4718

Re: sh problem or configure script problem?

[Matthias Kilian]

On Mon, Aug 22, 2005 at 04:28:23PM -0400, Adam Montague wrote:
[unquoted here-documents]
[...]
> $ cat<<\EOF 
> > \"
> > EOF
> \"
> 
> which works fine.  Can anyone confirm for sure wether the configure
> script is wrong or if sh should be leaving the \" alone?

>From 1003.1, section about here-documents:

| If no characters in word are quoted, all lines of the here-document
| shall be expanded for parameter expansion, command substitution,
| and arithmetic expansion. In this case, the backslash in the input
| behaves as the backslash inside double-quotes (see Double-Quotes).

So far, the pdksh shipped with OpenBSD seems to be correct. But...

| However, the double-quote character ( ' )' shall not be treated
  ^^ probably a typo.
| specially within a here-document, except when the double-quote
| appears within "$()", "``", or "${}".

IMHO this doesn't apply for the previous statement about backslashes.

However it's interesting that ksh version "M 1993-12-28 p" (shipped,
e.g., with MacOS X) has different semantics (i.e., \" is kept
verbatim within an unquoted here-document). Maybe a misinterpretation
of POSIX?

Ciao,
Kili

Re: sh problem or configure script problem?

[Dave Feustel]

On Monday 22 August 2005 17:24, Matthias Kilian wrote:
> However it's interesting that ksh version "M 1993-12-28 p" (shipped,
> e.g., with MacOS X) has different semantics (i.e., \" is kept
> verbatim within an unquoted here-document). Maybe a misinterpretation
> of POSIX?

If you want to conduct an acid test, get the source for korn shell from
korn.com, build it and then compare its scripted behavior against that 
of pdksh. Of course, if korn shell's behaviour doesn't conform to Posix,
*then* what do you do. (I personally take Korn shell as THE standard 
regardless of what Posix says.)

Dave Feustel
-- 
Tired of having to defend against Malware?
(You know: trojans, viruses, SPYWARE, worms and popups) 
Then Switch to OpenBSD with a KDE desktop!!!

Re: sh problem or configure script problem?

[Carson Chittom]

On Aug 22, 2005, at 5:53 PM, Dave Feustel wrote:


If you want to conduct an acid test, get the source for korn shell from
korn.com, build it and then compare its scripted behavior against that


For the archives, that's kornshell.com :)  korn.com is for the band.

3.8 beta requests

[Theo de Raadt]

We are heading towards making the real 3.8 release soonish.  I would
like to ask the community to do lots of testing over the next week if
they can.

This release will bring a lot of new ideas from us.  One of them in
particular is somewhat risky.  I think it is time to talk about that
one, and let people know what is ahead on our road.

Traditionally, Unix malloc(3) has always just "extended the brk",
which means extending the traditional Unix process data segment to
allocate more memory.  malloc(3) would simply extend the data segment,
and then calve off little pieces to requesting callers as needed.  It
also remembered which pieces were which, so that free(3) could do it's
job.

The way this was always done in Unix has had a number of consequences,
some of which we wanted to get rid of.  In particular, malloc & free
have not been able to provide strong protection against overflows or
other corruption.

Our malloc implementation is a lot more resistant (than Linux) to
"heap overflows in the malloc arena", but we wanted to improve things
even more.

Starting a few months ago, the following changes were made:

- We made the mmap(2) system call return random memory addresses.  As well
  the kernel ensures that two objects are not mapped next to each other;
  in effect, this creates unallocated memory which we call a "guard page".

- We have changed malloc(3) to use mmap(2) instead of extending the data
  segment via brk()

- We also changed free(3) to return memory to the kernel, un-allocating
  them out of the process.

- As before, objects smaller than a page are allocated within shared
  pages that malloc(3) maintains.  But their allocation is now somewhat
  randomized as well.

- A number of other similar changes which are too dangerous for normal
  software or cause too much of a slowdown are available as malloc options
  as described in the manual page.  These are very powerful for debugging
  buggy applications.

Other results:

- When you free an object that is >= 1 page in size, it is actually
  returned to the system.  Attempting to read or write to it after
  you free is no longer acceptable.  That memory is unmapped.  You get
  a SIGSEGV.

- For a decade and a bit, we have been fixing software for buffer overflows.
  Now we are finding a lot of software that reads before the start of the
  buffer, or reads too far off the end of the buffer.  You get a SIGSEGV.

To some of you, this will sound like what the Electric Fence toolkit
used to be for.  But these features are enabled by default.  Electric
Fence was also very slow.  It took nearly 3 years to write these
OpenBSD changes since performance was a serious consideration.  (Early
versions caused a nearly 50% slowdown).

Our changes have tremendous benefits, but until some bugs in external
packages are found and fixed, there are some risks as well.  Some
software making incorrect assumptions will be running into these new
security technologies.

I discussed this in talks I have given before: I said that we were
afraid to go ahead with guard pages, because a lot of software is just
written to such low standards.  Applications over-read memory all the
time, go 1 byte too far, read 1 byte too early, access memory after free,
etc etc etc.

Oh well -- we've decided that we will try to ship with this protection
mechanism in any case, and try to solve the problems as we run into
them.

Two examples:

Over the last two months, some OpenBSD users noticed that the X server
was crashing occasionally.  Two bugs have been diagnosed and fixed by
us.  One was a use-after-free bug in the X shared library linker.  The
other was a buffer-over-read bug deep down in the very lowest level
fb* pixmap compositing routines.  The latter bug in particular was
very difficult to diagnose and fix, and is about 10 years old.  We
have found other bugs like this in other external software, and even a
few in the base OpenBSD tree (though those were found a while back,
even as we started experimenting with the new malloc code).

I would bet money that the X fb* bug has crashed Linux (and other) X
servers before.  It is just that it was very rare, and noone ever
chased it.  The new malloc we have just makes code get lucky less
often, which lets us get to the source of a bug easier.  As a
programmer, I appreciate anything which makes bugs easier to
reproduce.

We expect that our malloc will find more bugs in software, and this
might hurt our user community in the short term.  We know that what
this new malloc is doing is perfectly legal, but that realistically
some open source software is of such low quality that it is just not
ready for these things to happen.

We ask our users to help us uncover and fix more of these bugs in
applications.  Some will even be exploitable.  Instead of saying that
OpenBSD is busted in this regard, please realize that the software
which is crashing is showing how shoddily it was written.  Then help
us fix it.  For everyone.. not just OpenBSD users.

Re: Could not read network Connection list

[Stuart Henderson]

--On 22 August 2005 06:03 -0500, Shawn K. Quinn wrote:


On Mon, 2005-08-22 at 11:49 +0100, Stuart Henderson wrote:

If you don't already have something like 'pass quick on lo0' near
the  start of your PF ruleset, you might like to add it.


Actually, as of 3.7 "set skip on lo0" is the preferred method of
bypassing pf on loopback.


It's not preferred enough that /usr/src/etc/pf.conf mentions it yet.

Index: /usr/src/etc/pf.conf
===
RCS file: /data/cvs/OpenBSD/src/etc/pf.conf,v
retrieving revision 1.28
diff -u -r1.28 pf.conf
--- /usr/src/etc/pf.conf29 Apr 2004 21:03:09 -  1.28
+++ /usr/src/etc/pf.conf22 Aug 2005 23:39:49 -
@@ -10,6 +10,8 @@
#table  persist
#table  persist

+#set skip on { lo $int_if }
+
#scrub in

#nat on $ext_if from !($ext_if) -> ($ext_if:0)
@@ -22,7 +24,6 @@
#block in
#pass out keep state

-#pass quick on { lo $int_if }
#antispoof quick for { lo $int_if }

#pass in on $ext_if proto tcp to ($ext_if) port ssh keep state

Re: 3.8 beta requests

[Emanuel Strobl]

Am Dienstag, 23. August 2005 01:33 CEST schrieb Theo de Raadt:

[*snip lot of interesting stuff beond my scope*]

> We ask our users to help us uncover and fix more of these bugs in
> applications.  Some will even be exploitable.  Instead of saying that
> OpenBSD is busted in this regard, please realize that the software
> which is crashing is showing how shoddily it was written.  Then help
> us fix it.  For everyone.. not just OpenBSD users.

I really like the idea you're describing here. It sounds really beneficial
for everyone who doesn't want to play with various implementations to find
out the one which works for him (is secure enough), but to have a
standardized system wich one can higly rely on; Without patching,
recompiling aso.
My header blabs my favourite OS, but not for security related systems. And
in my opinion you're doing an important step towards best security one can
have with still acceptable interoperatibility!

I'd guess your users won't be upset because several new(in fact very old)
bugs causes crashes, they'll appreciate your foresight. Not to mention the
authors of the code;)

Best regards

-Harry

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: 3.8 beta requests

[Steve Shockley]

Theo de Raadt wrote:
> We are heading towards making the real 3.8 release soonish.  I would
> like to ask the community to do lots of testing over the next week if
> they can.

Excellent!  Is this is enabled in the current snapshot?  Do I need to
set any flags in malloc.conf?

Re: network traffic monitoring

[Richard Yates]

thirded! :0 very handy program, saved me no end of problems
troubleshooting queues!

On 22/08/05, Bryan Irvine <[EMAIL PROTECTED]> wrote:
> Seconded. :-)
> 
> On 8/22/05, Mitja Mu>enih <[EMAIL PROTECTED]> wrote:
> > > -Original Message-
> > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> > > On Behalf Of [EMAIL PROTECTED]
> > > Sent: Monday, August 22, 2005 6:34 PM
> > > To: petra merjasec
> > > Cc: misc@openbsd.org
> > > Subject: Re: network traffic monitoring
> > >
> > > If you just want a simple realtime monitor, I'd suggest pftop.
> > >
> > > Teren Sapp
> >
> >
> > Which reminds me - is there a reason why pftop couldn't get imported in
> > base? It complements pfctl very nicely, it's small, good at what it does and
> > written by a OBSD developer (canacar@).
> >
> >
> > Regards, Mitja

Re: 3.8 beta requests

[Dave Feustel]

On Monday 22 August 2005 18:33, Theo de Raadt wrote:
> Oh well -- we've decided that we will try to ship with this protection
> mechanism in any case, and try to solve the problems as we run into
> them.

To paraphrase:

I would remind you that extremism in the 
defense of OpenBSD integrity is no vice! 
And let me remind you also that moderation 
in the pursuit of OpenBSD security is no virtue!

with a nod to the late Senator Barry Goldwater.

Do It!

Dave Feustel
-- 
Tired of having to defend against Malware?
(You know: trojans, viruses, SPYWARE, worms and popups) 
Then Switch to OpenBSD with a KDE desktop!!!

Re: 3.8 beta requests

[dick]

theo,

>We ask our users to help us uncover and fix more of these bugs in
>applications.  Some will even be exploitable.  Instead of
saying that
>OpenBSD is busted in this regard, please realize that the
software
>which is crashing is showing how shoddily it was written. 
Then help
>us fix it.  For everyone.. not just OpenBSD users.
>

i think these are great ideas, but is there a way to mitigate
program breakage if you need to use a given port or program
compiled from source? so if something bugs out and you just
want it to "get lucky" for the time being, could you revert to
the usual Unix behavior for mmap and such?

i think having a flag you could set to disable the new
behavior would be a good idea. it may very well be that what i
suggest is not doable due to the low-level nature of the
functions in question. just a thought.

cheers,
jake

Re: 3.8 beta requests

[Theo de Raadt]

> >We ask our users to help us uncover and fix more of these bugs in
> >applications.  Some will even be exploitable.  Instead of
> saying that
> >OpenBSD is busted in this regard, please realize that the
> software
> >which is crashing is showing how shoddily it was written. 
> Then help
> >us fix it.  For everyone.. not just OpenBSD users.
> >
> 
> i think these are great ideas, but is there a way to mitigate
> program breakage if you need to use a given port or program
> compiled from source?

No.  Find and fix the bug.

> so if something bugs out and you just
> want it to "get lucky" for the time being, could you revert to
> the usual Unix behavior for mmap and such?

No.

> i think having a flag you could set to disable the new
> behavior would be a good idea. it may very well be that what i
> suggest is not doable due to the low-level nature of the
> functions in question. just a thought.

It might be a good idea, but it is just not possible.  There are
too many pieces.

Re: LSI MegaRAID SCSI 320-0(X)

[Marco Peereboom]

Thats a marketing product it really doesn't give you any new  
functionality.

So no we will not support that.

On Aug 22, 2005, at 1:42 AM, Eugene Madson wrote:


 Hi.
 I see almost all of You like LSI Logic (ami) raid-cards, right?
 Do You plan to support the subject
 (http://lsilogic.com/products/megaraid/megaraid_320_0x.html) ?
 Its not a famous shit-like SiliconImage 3212(4) crap. It just adds
 RAID-functions to existing scsi-onboard-chip.

 wbr...

Re: 3.8 beta requests

[Emanuel Strobl]

Am Dienstag, 23. August 2005 03:49 CEST schrieb Dave Feustel:
> On Monday 22 August 2005 18:33, Theo de Raadt wrote:
> > Oh well -- we've decided that we will try to ship with this protection
> > mechanism in any case, and try to solve the problems as we run into
> > them.
>
> To paraphrase:
>
> I would remind you that extremism in the
> defense of OpenBSD integrity is no vice!
> And let me remind you also that moderation
> in the pursuit of OpenBSD security is no virtue!

Hmm, that's the way I'd love to be able to say things, but even in my
native language I haven't populated such nice statements :(

Well spoken, darling ;)

-Harry

>
> with a nod to the late Senator Barry Goldwater.
>
> Do It!
>
> Dave Feustel

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: 3.8 beta requests

[Marco Peereboom]

i think these are great ideas, but is there a way to mitigate
program breakage if you need to use a given port or program
compiled from source? so if something bugs out and you just
want it to "get lucky" for the time being, could you revert to
the usual Unix behavior for mmap and such?


Fix it!!  This benefits all open source code for all OS'



i think having a flag you could set to disable the new
behavior would be a good idea. it may very well be that what i
suggest is not doable due to the low-level nature of the
functions in question. just a thought.


knobs suck.

Re: 3.8 beta requests

[Jason Dixon]

On Aug 22, 2005, at 10:32 PM, Theo de Raadt wrote:


i think having a flag you could set to disable the new
behavior would be a good idea. it may very well be that what i
suggest is not doable due to the low-level nature of the
functions in question. just a thought.


It might be a good idea, but it is just not possible.  There are
too many pieces.


Not only is it a bad idea, it undermines the goals of the change.   
This is a good example of why SELinux hasn't been readily accepted  
(beyond being a suckass piece of bolt-on garbage);  it's too easy to  
just disable it, rather than a) fixing the underlying bad code, or b)  
learning how to properly use the tool.


--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net

OT - Zombied ?

[Rod.. Whitworth]

Is undeadly.org nailed to the same perch as the Norwegian Blue? (Just
resting!)
or has it succumbed to a Central American interpretation of its name?

I miss my morning hit...

>From the land "down under": Australia.
Do we look  from up over?

Do NOT CC me - I am subscribed to the list.
Replies to the sender address will fail except from the list-server.

Re: 3.8 beta requests

[Will H. Backman]

>-Original Message-
>From: [EMAIL PROTECTED] on behalf of Theo de Raadt
>Sent: Mon 8/22/2005 7:33 PM
>To: [EMAIL PROTECTED]
>Subject: 3.8 beta requests
>
>We are heading towards making the real 3.8 release soonish.  I would
>like to ask the community to do lots of testing over the next week if
>they can.

What is the best way to test?  Should we be downloading snapshots daily?

Re: 3.8 beta requests

[Theo de Raadt]

> >We are heading towards making the real 3.8 release soonish.  I would
> >like to ask the community to do lots of testing over the next week if
> >they can.
> 
> What is the best way to test?  Should we be downloading snapshots daily?

Install snapshots.  Install snapshot packages.  Try using it as if it
is the real 3.8.  Tell us if things fail.

Re: 3.8 beta requests

[Chris Kuethe]

On 8/22/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> i think having a flag you could set to disable the new
> behavior would be a good idea. it may very well be that what i
> suggest is not doable due to the low-level nature of the
> functions in question. just a thought.

To complement the previous arguments against adding more knobs,
toggles, switches and crap:

"Security only works if the secure way is also the easy way." Notice
that every production security technology openbsd includes a) is easy
to use and b) is on by default. OpenSSH, privsep, strong random
numbers, strong crypto... you have to try weaken your system.

As others have said, other security technologies have failed/are
failing/ are not properly used because they're a) hard to use properly
and b) easy to not use. I'll admit it: I'm lazy. Once upon a time a
port that I used was broken by an openbsd security technology. I was
too lazy to track down the breakage, so I uninstalled the port and
went with pretty similar functionality in the base system.

Once upon a time there was a program that I used that was unreliable.
It crashed, hung, busy waited, etc. for no good reason. I crashed it
on openbsd a few times, found the bugs, and reported them (with
patches) to the author. Now it's stable.

As Theo and others will no doubt tell you the right thing to do is fix
the buggy program, rather than running a provably buggy program with
significant memory management issues. Now did you notice how Theo said
that the new mmap, guard pages, and other things stomp on errors as
small as a single byte. Remember that ssh bug? That was a one byte
overflow. Explain to us why turning off the security systems to keep a
buggy program from being terminated is a good thing?

CK

-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?

Re: OT - Zombied ?

[Siju George]

On 8/23/05, Rod.. Whitworth <[EMAIL PROTECTED]> wrote:
> Is undeadly.org nailed to the same perch as the Norwegian Blue? (Just
> resting!)
> or has it succumbed to a Central American interpretation of its name?
> 
> I miss my morning hit...
> 

Me to

--Siju

Re: OT - Zombied ?

[Chris Kuethe]

On 8/22/05, Siju George <[EMAIL PROTECTED]> wrote:
> On 8/23/05, Rod.. Whitworth <[EMAIL PROTECTED]> wrote:
> > Is undeadly.org nailed to the same perch as the Norwegian Blue? (Just
> > resting!)
> > or has it succumbed to a Central American interpretation of its name?
> >
> > I miss my morning hit...
> >
> 
> Me to

It's misbehaving at the moment. I'll do what I can this evening, but
it'll probably take some gentle loving care with a sledgehammer in the
morning.

Yay for conserver and serial consoles.

CK

-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?

Re: sh problem or configure script problem?

[Martin Schröder]

On 2005-08-22 17:53:37 -0500, Dave Feustel wrote:
> of pdksh. Of course, if korn shell's behaviour doesn't conform to Posix,
> *then* what do you do. (I personally take Korn shell as THE standard 

You test on a certified Unix system, i.e. AIX, HP or Solaris.

Best
Martin
-- 
http://www.tm.oneiros.de

Re: OT - Zombied ?

[Siju George]

On 8/23/05, Chris Kuethe <[EMAIL PROTECTED]> wrote:
> On 8/22/05, Siju George <[EMAIL PROTECTED]> wrote:
> > On 8/23/05, Rod.. Whitworth <[EMAIL PROTECTED]> wrote:
> > > Is undeadly.org nailed to the same perch as the Norwegian Blue? (Just
> > > resting!)
> > > or has it succumbed to a Central American interpretation of its name?
> > >
> > > I miss my morning hit...
> > >
> >
> > Me to
> 
> It's misbehaving at the moment. I'll do what I can this evening, but
> it'll probably take some gentle loving care with a sledgehammer in the
> morning.
> 
> Yay for conserver and serial consoles.
> 

Thankyou so much Chris :-)

good luck!!!

kind regards

Siju