Re: IDE disk problems

[Marco Peereboom]

pciide1:1:0: bus-master DMA error: missing interrupt, status=0x20
wd3a: device timeout writing fsbn 154732672 of 154732672-154732703  (wd3
bn 154732735; cn 153504 tn 11 sn 10), retrying
wd3: soft error (corrected)
wd3(pciide1:1:0): timeout
type: ata
c_bcount: 16384
c_skip: 0

It's trying to write and it recovers; which means hey I ran into a  
bad block and I was able to recover from that. All's good!


Enough of these means your disk is about to go tits up.

Do a "dd if=/dev/rwd3c of=/dev/null bs=1m" that should at least clear  
up the worst issues.  Do it a few days later and see if there are new  
errors.  If so toss the drive; if not you can trust it as far as you  
can throw it.


On Oct 3, 2005, at 10:27 PM, Gordon Willem Klok wrote:

I think he (Steve) is correct in his diagnosis, the drive being bad  
seems
logical however I have been chasing some problems with ioapic and  
interrupts
myself on a similar setup, the drive in question is attached to  
pciide1
which shares interrupt 17 with possibly bunch of other devices in  
the dmesg
e.g. auich and fxp, and the soft error being corrected is missing  
interrupt,
just a guess on my part but I have been having similar problems and  
have
just started recently to go poking about for answers. What I can  
suggest
 is that he attempt to maybe disable some of the device he doesn't  
use e.g.

serial,parallel,midi or game ports and hope that the bios uses these
interrupts for something else (hasn't worked for me with my bios  
but its

worth a shot I guess).

GWK

Marco Peereboom wrote:


Dude you're disk is dying on you.  Replace it ASAP.
On Oct 3, 2005, at 11:57 AM, Steve Harding wrote:

I have been chasing intermittent problems with my hard disks for  
a  while

now, and have replaced nearly everything, including drives, in an
attempt to fix them. I had convinced myself that it must be a
motherboard problem so I just swapped out to the one listed  
below.  Disk
errors show up at the end of the dmesg. This machine acts as a  
backup
server, with data coming in from a Windows machine (via samba)  
and  then

a mass of rsync and gtar/gzip activity.

What I was wondering is whether the problem might be something other
than hardware. Any thoughts would be appreciated.

Thanks, Steve

OpenBSD 3.7 (GENERIC.MP) #50: Sun Mar 20 00:17:19 MST 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/ 
GENERIC.MP


cpu0: AMD Athlon(tm) MP 2000+ ("AuthenticAMD" 686-class) 1.67 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PS 
E3 6,MMX,FXSR,SSE

real mem  = 1073258496 (1048104K)
avail mem = 972795904 (949996K)
using 4278 buffers containing 53764096 bytes (52504K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(f6) BIOS, date 03/05/02, BIOS32 rev. 0 @
0xfb100
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
pcibios0 at bios0: rev 2.1 @ 0xf/0xdf94
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdec0/208 (11 entries)
pcibios0: PCI Exclusive IRQs: 5 11
pcibios0: no compatible PCI ICU found
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #2 is the last bus
bios0: ROM list: 0xc/0xa800 0xcc000/0x2800 0xcf000/0x1800
mainbus0: Intel MP Specification (Version 1.4) (OEM0  
PROD)

cpu0 at mainbus0: apid 0 (boot processor)
k7_powernow: couldn't map BIOS
cpu0: apic clock running at 266 MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD Athlon(tm) MP 2000+ ("AuthenticAMD" 686-class) 1.67 GHz
cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV
mainbus0: bus 0 is type PCI
mainbus0: bus 1 is type PCI
mainbus0: bus 2 is type PCI
mainbus0: bus 3 is type ISA
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "AMD 762 PCI" rev 0x11
ppb0 at pci0 dev 1 function 0 "AMD 762 PCI-PCI" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 5 function 0 "Nvidia Vanta" rev 0x15
wsdisplay0 at vga1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 7 function 0 "AMD 768 ISA" rev 0x05
pciide0 at pci0 dev 7 function 1 "AMD 768 IDE" rev 0x04: DMA,   
channel 0

configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA48, 38166MB, 78165360 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  SCSI0
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
"AMD 768 Power Mgmt" rev 0x03 at pci0 dev 7 function 3 not  
configured
auich0 at pci0 dev 7 function 5 "AMD 768 AC97" rev 0x03: apic 2  
int 17

(irq 11), AMD768 AC97
ac97: codec id 0x49434511 (ICEnsemble ICE1232)
ac97: codec features headphone, 18 bit DAC, 18 bit ADC, KS Waves 3D
audio0 at auich0
pciide1 at pci0 dev 9 function 0 "Promise PDC20269" rev 0x02: DMA,

Re: Webmail recommendations?

[Geoff White]

Jason Dixon wrote:

On Oct 1, 2005, at 6:34 PM, Chris wrote:


I want to setup a OBSD box for my email server.  It will service
probably about 2 dozen people, but It could conceivably double or more
over the next year or two.

I was wondering if anyone had any recommendations for an mta, and for a
webmail program that is easy to use and fully featured for users who are
not so computer savvy.

I am pretty comfortable with Sendmail, but I hear a lot of people are
moving more toward postfix (which I know nothing about).

I am at a loss for a good web interface.




Check out my OpenBSD "distro"  www.MailDroid.org  burn a CD, load it 
into Iron, has everything you need.


geoffw

Re: IDE disk problems

[Andy Hayward]

On 10/4/05, Nick Holland <[EMAIL PROTECTED]> wrote:
>
> You only mentioned the drives.
> BTW: There are companies which sell "too long" IDE drive cables. If you
> want to go fast, you gotta keep 'em short, and that won't work in many
> boxes.


While we're on the subject of IDE cables:

* for the modern 80way cables the length limit is 45cm (18 inches)
* avoid the 'round' cables
* a single drive on a channel should be on the end connector, not the middle
connector

(guess who spent 3 days last month tracking down a problem related to a bad
cable)

-- ach

Re: LSI MegaRAID SATA 300-8X controller

[Travis Gillitzer]

Marco added support for it in 3.8. Using his changes, I was able to retrofit
it into 3.7 release.

On 10/3/05, Marco Peereboom <[EMAIL PROTECTED]> wrote:
>
> Try it. If it doesn't work let me know and I'll add it to ami(4).
>
> On Oct 3, 2005, at 10:10 AM, <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
> wrote:
>
> > heya,
> >
> > i'm interested in getting an 8-channel SATA RAID controller
> > that runs on the ami driver so i can use all the new neato
> > RAID functionality for my backup server. i haven't seen
> > anything in the archives about a known working controller like
> > i've described, but i did see the LSI MegaRAID SATA 300-8X
> > mentioned in a couple posts.
> >
> > is anybody currently using this controller? does it run on the
> > ami driver and/or play nice with bioctl?
> >
> > if this card is unsupported i would appreciate a suggestion
> > for another 8 channel SATA RAID card that is known to work
> > with ami and bioctl.
> >
> > cheers,
> > jake

Re: Webmail recommendations?

[Raul Aldaz]

> One that I worked with a while back and kinda like for some reasons is
> OpenWebMail.  The big plus was that it worked with sendmail directly --
> didn't need to learn a new mail system.  A few OpenWebMail notes:
> 
> 
> 2) Not too processor intensive, but memory hungry.

It depends on the number of users. For >100 users, without any memory problem,
we had a huge performance improvement after changing to SpeedyCGI. 

> 
> 3) Users seemed to find it pretty usable.  Not exactly loaded with
> features, but works.

It's one of the few that integrates very good with ldap. We only had to write
something to sync addressbook with ldap.

> 6) The port may have some permissions issues.  I figured it out, but
> didn't have time to do it again and take notes this time to help get it
> fixed.

I have all after port installation fixes, I'd like to post the patch at port@
when I have time.

> Definitely an app with quirks...but if you are comfy with sendmail now
> and don't want to spend a lot of time learning a new mail handler, this
> might be worth a look-at.

It works very good with qmail-ldap. Only issue was vacation.pl with remote
smtp servers, but a small sync script solved it also.



"Este correo electrsnico y la informacisn contenida en el mismo es de
 caracter confidencial y esta sometida al secreto profesional, dirigiindose
 exclusivamente al destinatario mencionado en el encabezamiento, cuyos datos
 forman parte de un fichero responsabilidad del GRUPO CARRERAS  y cuya
 finalidad es contactar con el titular de los datos a travis del correo
 electrsnico. Le informamos que cuenta con los derechos de acceso,
 rectificacisn y cancelacisn, que podra ejercitar  mediante el envmo de un e-
 mail a la siguiente direccion: [EMAIL PROTECTED]
 Si  el  receptor de la comunicacisn no fuera el destinatario, le informamos
 que cualquier divulgacisn, copia,  distribucisn  o utilizacisn  no
 autorizada de la informacisn contenida en la misma esta prohibida por la
 legislacisn vigente."

http://www.grupocarreras.com

BGP session clear by remote end when MD5 is configure AND the session was initiate from OpenBSD side failed and do not recover.

[Daniel Ouellet]

I am not sure that this is normal for routers configure with MD5 or not 
to react like this. Both side can and should be allow to initiate the 
bgp session. But when the session is not initiate from bgpd, then 
unexpected results occur.


OpenBSD  <---> Cisco routers.

With MD5.

If the session is initiate from the OpenBSD side (tcp/xxx -> to tcp/179) 
on a remote Cisco router, then any 'bgpctl neighbor x.x.x.x clear' on 
that remote router will work and the session clear and comes back 
instantly. Great!


However if the session in that condition is clear from the Cisco side 
(clear ip bgp x.x.x.x), then the OpenBSD side doesn't really reset the 
session and it will continue to expect the packets on the same return 
port tcp/xxx oppose to accept the new session on the port 179 that is 
initiate at that time from the remote side and then reply to the tcp/xxx 
request port.


When the session is reset from the remote side, then it should become 
Cisco -> OpenBSD with ( tcp/xxx to tcp/179) so the 179 port should be on 
the OpenBSD side then no?


Then you will start to get the error in the log like this:

%TCP-6-BADAUTH: No MD5 digest from OpenBSD(179) to Cisco(48384) (RST)

where the OpenBSD is the OpenBSD IP's and same for the Cisco IP's.

Also, I haven't been able yet to establish a session where the Cisco 
side would initiate the session and then the OpenBSD side would be the 
remote side when the MD5 is configure. It may be possible and sure 
should be, but I haven't been able to yet.


I can provide more details if need be, or tests more as well, but that's 
in short what is going on.


It's been many days so far and that what I found on why my sessions with 
MD5 are not coming up, or when clear doesn't come back to live.


Looks to me like the bgpd wants to be the initiator of the connection 
every time and then it will work for itself well. Is it the case here?


I started to check deeper when I realize that one side always reset the 
session quicker then the other without MD5 and then got stuck when MD5 
is in use.


This is on 3.7 and I had what look like the same problem with 3.6 and 
3.8-current ( sep 29).


Am I missing something here? Was the the intention from the start?

Many thanks for putting some light on this for me.

Daniel

Load Balancing

[Manpreet Singh Nehra]

I have been through the FAQS and manuals trying to configure load
balancing on my 4 DSL connections. The connections are all same from the
same ISP, each connection terminates into a ADSL router, which gets the
IP from the ISP server, the ADSL routers have the following internal
addresses

1. 172.31.1.1
2. 172.31.2.1
3. 172.31.3.1
4. 172.31.4.1

The routers cannot be configured in bridge mode. so its not an option to
get the IP address on the machine. behind the 5th card is my internal
network 192.168.1.0/24. Now I want to configure the 4 connections to
load balance.
DHCP
--R1---|172.31.1.2 |
rl0 172.31.1.1 |   |
   |   |
DHCP   |   |
--R2---|172.31.2.2 |
rl1 172.31.2.1 |   |LAN
   |192.168.1.3|---
DHCP   |   |
--R3---|172.31.3.2 |
rl2 172.31.3.1 |   |
   |   |
DHCP   |   |
--R4---|172.31.4.2 |
rl3 172.31.4.1 |___|


The routers are getting Dynamic IPs from the ISP the firewall also gets
dynamic IPs from the ADSL routers (can be changed to static) the local
lan is connected at 192.168.1.3 at rl4.

Here is my pf.conf
##
#Macros
##
ext_if1="rl0"
ext_if2="rl1"
ext_if3='rl2'
#ext_if4="rl3"
int_if="rl4"
ext_gw1="172.31.1.1"
ext_gw2="172.31.2.1"
ext_gw3="172.31.3.1"
#ext_gw4="172.31.4.1"
lan_ip="192.168.1.3"
lan_net = "192.168.1.0/24"


#NAT Rules

#Local Lan to Internet
nat on $ext_if1 from $lan_net to any -> ($ext_if1)
nat on $ext_if2 from $lan_net to any -> ($ext_if2)
nat on $ext_if3 from $lan_net to any -> ($ext_if3)
nat on $ext_if4 from $lan_net to any -> ($ext_if4)

#DMZ To Internet
#nat on $ext_if1 from $dmz_net to any -> ($ext_if1)

#Local Lan to DMZ
#nat on $dmz_if from $lan_net to $dmz_net -> ($dmz_if)

#
#Redirection Rules
#
#rdr on $int_if inet proto tcp from any to any port www -> 127.0.0.1
port 8080


#
#Load Balancing
#
pass in on $int_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2),
($ext_if3 $ext_gw3), ($ext_if4 $ext_gw4) } round-robin from $lan_net to
any keep state


pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if1 reply-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if1 route-to ($ext_if3 $ext_gw3) from $ext_if3 to any
pass out on $ext_if1 reply-to ($ext_if3 $ext_gw3) from $ext_if3 to any
pass out on $ext_if1 route-to ($ext_if4 $ext_gw4) from $ext_if4 to any
pass out on $ext_if1 reply-to ($ext_if4 $ext_gw4) from $ext_if4 to any
pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
pass out on $ext_if2 reply-to ($ext_if1 $ext_gw1) from $ext_if1 to any
pass out on $ext_if2 route-to ($ext_if3 $ext_gw3) from $ext_if3 to any
pass out on $ext_if2 reply-to ($ext_if3 $ext_gw3) from $ext_if3 to any
pass out on $ext_if2 route-to ($ext_if4 $ext_gw4) from $ext_if4 to any
pass out on $ext_if2 reply-to ($ext_if4 $ext_gw4) from $ext_if4 to any
pass out on $ext_if3 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
pass out on $ext_if3 reply-to ($ext_if1 $ext_gw1) from $ext_if1 to any
pass out on $ext_if3 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if3 reply-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if3 route-to ($ext_if4 $ext_gw4) from $ext_if4 to any
pass out on $ext_if3 reply-to ($ext_if4 $ext_gw4) from $ext_if4 to any
pass out on $ext_if4 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
pass out on $ext_if4 reply-to ($ext_if1 $ext_gw1) from $ext_if1 to any
pass out on $ext_if4 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if4 reply-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if4 route-to ($ext_if4 $ext_gw3) from $ext_if3 to any
pass out on $ext_if4 reply-to ($ext_if4 $ext_gw3) from $ext_if3 to any

#
#Firewall Rules
#
#SSH Rules
pass in on $int_if proto tcp to ($int_if) port ssh keep state
pass in on $ext_if1 proto tcp to ($ext_if1) port ssh keep state
pass in on $ext_if2 proto tcp to ($ext_if2) port ssh keep state
pass in on $ext_if3 proto tcp to ($ext_if3) port ssh keep state
pass out on $int_if proto tcp to ($int_if) port ssh keep state
pass out on $ext_if1 proto tcp to ($ext_if1) port ssh keep state
pass out on $ext_if2 

Re: netstart and trunk interfaces in 3.8

[Rogier Krieger]

On 10/4/05, Ryan Puckett <[EMAIL PROTECTED]> wrote:
> When using 3com NICs (aka xl's) in a trunk, the trunk interface will not
> be defined after a system reboot.

Wouldn't a hostname.if(5) entry to ensure readyness of the physical
interfaces suffice? For VLAN interfaces, I usually add the following
snippet at the top (substitute $parent for your physical interface):

# Ensure parent interface readiness
!/sbin/ifconfig $parent up

I haven't played with trunk(4) yet, given previous problems with the
HP switches (5308xl's) and link aggregation. Mind you, that wasn't
with OpenBSD. Once I see a quiet window come up, I suppose I'll try
out trunk(4).


> Modified in /etc/netstart:
> changed
> ifmstart "" "carp gif gre pfsync pppoe"

Given your reasoning, shouldn't vlan(4) also be in the list as it also
requires a physical interface to be present? I suspect that they're
not in the list for a reason.

Cheers,

Rogier

--
If you don't know where you're going, any road will get you there.

Re: LSI MegaRAID SATA 300-8X controller

[Marco Peereboom]

I did?

Cool!

On Oct 4, 2005, at 12:05 AM, Travis Gillitzer wrote:

Marco added support for it in 3.8.  Using his changes, I was able  
to retrofit it into 3.7 release.


On 10/3/05, Marco Peereboom < [EMAIL PROTECTED]> wrote:Try it.  If  
it doesn't work let me know and I'll add it to ami(4).


On Oct 3, 2005, at 10:10 AM, <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
wrote:

> heya,
>
> i'm interested in getting an 8-channel SATA RAID controller
> that runs on the ami driver so i can use all the new neato
> RAID functionality for my backup server. i haven't seen
> anything in the archives about a known working controller like
> i've described, but i did see the LSI MegaRAID SATA 300-8X
> mentioned in a couple posts.
>
> is anybody currently using this controller? does it run on the
> ami driver and/or play nice with bioctl?
>
> if this card is unsupported i would appreciate a suggestion
> for another 8 channel SATA RAID card that is known to work
> with ami and bioctl.
>
> cheers,
> jake

Re: Webmail recommendations?

[Roberto Pereyra]

Hi !

Try http://www.uebimiau.org/

roberto

2005/10/4, Jason Dixon <[EMAIL PROTECTED]>:
> On Oct 1, 2005, at 6:34 PM, Chris wrote:
>
> > I want to setup a OBSD box for my email server.  It will service
> > probably about 2 dozen people, but It could conceivably double or more
> > over the next year or two.
> >
> > I was wondering if anyone had any recommendations for an mta, and
> > for a
> > webmail program that is easy to use and fully featured for users
> > who are
> > not so computer savvy.
> >
> > I am pretty comfortable with Sendmail, but I hear a lot of people are
> > moving more toward postfix (which I know nothing about).
> >
> > I am at a loss for a good web interface.
> >
> > Anyone care to make any recommendations?
>
> Everyone has their own favorite MTA;  mine happens to be Postfix.  I
> use Squirrelmail on one server, it's fine for basic webmail and you
> can't beat the easy installation.  For users that want a "prettier"
> interface, Horde/IMP works quite well, even in the OpenBSD httpd
> chroot.  I no longer run the ports version, installing manually from
> source is no less difficult and allows you to keep up with the more
> current releases.  I also happen to use Turba (address book),
> Kronolith (shared calendar), Nag (shared tasklists), and Whups
> (ticket system).  I've encountered some small issues with Kronolith,
> everything else seems production-ready.
>
> --
> Jason Dixon
> DixonGroup Consulting
> http://www.dixongroup.net

Re: hp nc6120 I can't use openbsd

[Haluk Durmus]

thank you verry much!

after disabeling pcibios and ppd I was able to boot.
Now I have to figure out how all my devices could be supported...

Haluk

On Mon, 3 Oct 2005 22:27:09 -0400
"Jason Haag" <[EMAIL PROTECTED]> wrote:

> > I love openbsd but after the display of my openbsd-laptop
> > was broken a bought a new Laptop hp nc6120.
> > I can't boot openbsd wit 3.7 boot cd and snapshot 3.8 boot cd.
> 
> Have you tried disabling pcibios, pchb and/or ppb from UKC?
> 
> I had a similar problem with a nx6125, and this did allow it to boot,
> but a lot of the devices are not supported. I ended up returning (read:
> handing-down) the nx6125.
> 
> -Jason

Re: IDE disk problems

[Steve Harding]

The thing that has been bothering me is that I replaced a drive 2 months
ago because of similar errors, and wd3, which is now showing errors, is
a brand new drive.

ffs recovery after mkfs.ext2 on it

[Jakub Głazik]

Hi all,

Are there any chances to recover files after doing mkfs.ext2 /dev/hdXY 
on the filesystem with obsd label on it? (only one partition in the label)





--
.: Jakub G3azik
.: zytek(at)ostrow-wlkp.net
.: jid:zytek(at)azazel.ostrow-wlkp.net

Re: netstart and trunk interfaces in 3.8

[Reyk Floeter]

On Mon, Oct 03, 2005 at 08:51:10PM -0600, Ryan Puckett wrote:
> When using 3com NICs (aka xl's) in a trunk, the trunk interface will not
> be defined after a system reboot.
> 

yes, a diff for this issue is already in the queue. good timing ;).

trunk needs to be started before any other virtual interfaces (vlan,
carp, ...), but after the physical ones.

> I'm thinking this is because the /etc/netstart script considers trunk
> interfaces to be normal/real interfaces vs. a virtual interface that
> need to created until after all real interfaces are brought up (aka like
> carp).
> 
> If I modify the netstart command and delay the startup of trunk
> interfaces, then the trunk interface is brought up just fine.
> 
> 
> Modified in /etc/netstart:
> changed
> ifmstart "" "carp gif gre pfsync pppoe"
> to
> ifmstart "" "carp gif gre pfsync pppoe trunk"
> 

wrong order, it should be

ifmstart "" "trunk vlan carp gif gre pfsync pppoe"

reyk

OpenBSD on Nokia IP3300?

[Mattias R. Lindgren]

Hello everyone.

Has anyone tried running openbsd on a Nokia IP3300?  It is a 1U unit with an
AMD processor, 256mb ram and a 20gb hdd.  It has 2 serial interfaces and 3
intel pro 100's.  They are very inexpensive to pick up on ebay, so I was
wondering if anyone has attempted an install?  I would think it should work
pretty easily?

Thanks,

Mattias

Re: Kprinter in KDE fails

[Andreas Bihlmaier]

> Marc Espie wrote:
> >>I have managed to get OpenBSD printing with CUPS from the packages, but 
> >>if I try to start kprinter in KDE it crashes. Every other application in 
> >>KDE crashes too with I try to use "print" from the file menu.
> >
> >Did you install cups ?
> >KDE is built to use cups as a plugin, but you need to install it before
> >you can switch kprinter to cups.
> 
> It is clear from the above that he installed CUPS :-) He can print from 
> CUPS.
> 
> I actually face the same problem.

works fine here on:
OpenBSD ahb64.ahb.de 3.8 GENERIC#258 [amd64/i386]

But I'm not using kde just the utility "kprinter".
Don't know if this info is of any help.

What versions did you try? Any RECENT snapshot?

Greetz,
ahb

Re: OpenBSD VPN SonicWall Problems

[Trepliev]

I'm not following where in the OpenBSD 3.7 man pages is states that this
cannot be done. I know to review the docs before posting. ;-)
 I do have the configuration working fine with RSA Sigs instead of preshared
keys between multiple OpenBSD peers (that are under my control). The
difference here unfortunately involves a SonicWall peer that is not under my
control and the debug information doesn't clearly tell me what is going
wrong.
 Thanks,
-Dave
 On 10/3/05, Hans-Joerg Hoexer <[EMAIL PROTECTED]>
wrote:
>
> Hi,
>
> On Fri, Sep 30, 2005 at 05:57:14PM -0700, Trepliev wrote:
> > [Net-SonicWall]
> > ID-type= IPV4_ADDR_SUBNET
> > Network= 172.16.0.0  
> > Netmask= 255.255.0.0  
> ^
> >
> > [Net-Corp]
> > ID-type= IPV4_ADDR_SUBNET
> > Network= 10.1.105.0  
> > Netmask= 255.255.255.0  
> ^^
>
> This is not supposed to work. Please read isakmpd.conf(5).

Re: OpenBSD VPN SonicWall Problems

[Trepliev]

I have posted a sanitized read of the file at:
 http://www.consault.com/vpn/capture.txt
 Will this help?
 Thanks,
-Dave

 On 10/3/05, Hans-Joerg Hoexer <[EMAIL PROTECTED]>
wrote:
>
> Hi,
>
> and please provide me the pcap file generated with -L.
>
> Thanks
> HJ.
>
> On Fri, Sep 30, 2005 at 05:57:14PM -0700, Trepliev wrote:
> > I'm having some unusual difficulties getting a VPN running between
> > OpenBSD3.7 and a SonicWall.
> >
> > The remote gateway is not under my control and I have to make the
> > adjustments on my side to make this work.
> >
> > For some reason it looks to be failing during Phase 1 when it is getting
> the
> > USER_FQDN from the remote gateway.
> >
> > Does anyone here have working configuration snippets for this sort of
> > arrangement?
> >
> > Thanks!
> >
> > AAA.AAA.AAA.AAA is the address of the local OpenBSD 3.7 VPN Server
> > BBB.BBB.BBB.BBB is the address of the remote SonicWall
> >
> > =
> > isakmpd.conf
> > =
> >
> > [General]
> > Retransmits= 3
> > Exchange-max-time= 120
> > Check-interval= 300
> > Policy-file= /etc/isakmpd/isakmpd.policy
> >
> > [Phase 1]
> > BBB.BBB.BBB.BBB= ISAKMP-peer-SonicWall
> >
> > [Phase 2]
> > Connections= IPsec-Fission-SonicWall
> >
> > [ISAKMP-peer-SonicWall]
> > Phase= 1
> > Transport= udp
> > Address= BBB.BBB.BBB.BBB
> > Configuration= SonicWall-main-mode
> > Authentication= mekmitasdigoat
> > Local-ID= ID-Fission
> > Remote-ID= ID-SonicWall
> >
> > [IPsec-Fission-SonicWall]
> > Phase= 2
> > ISAKMP-peer= ISAKMP-peer-SonicWall
> > Configuration= SonicWall-quick-mode
> > Local-ID= Net-Corp
> > Remote-ID= Net-SonicWall
> >
> > [ID-SonicWall]
> > ID-type= USER_FQDN
> > Name= SonicWall
> >
> > [ID-Fission]
> > ID-type= FQDN
> > Name= fission.corp.local
> >
> > [Net-SonicWall]
> > ID-type= IPV4_ADDR_SUBNET
> > Network= 172.16.0.0  
> > Netmask= 255.255.0.0  
> >
> > [Net-Corp]
> > ID-type= IPV4_ADDR_SUBNET
> > Network= 10.1.105.0  
> > Netmask= 255.255.255.0  
> >
> > [SonicWall-main-mode]
> > DOI= IPSEC
> > EXCHANGE_TYPE= AGGRESSIVE
> > Transforms= AES-SHA-GRP2
> >
> > [SonicWall-quick-mode]
> > DOI= IPSEC
> > EXCHANGE_TYPE= QUICK_MODE
> > Suites= QM-ESP-AES-SHA-GRP2-SUITE
> >
> >
> > =
> > Debugging information from ISAKMPD -dvL -D0=70 -D4=99 -D5=50 -D6=60
> -D7=50
> > -D8=40 -D9=40
> > =
> >
> > 174101.074956 Default log_debug_cmd: log level changed from 0 to 70 for
> > class 0 [priv]
> > 174101.075646 Default log_debug_cmd: log level changed from 0 to 99 for
> > class 4 [priv]
> > 174101.075713 Default log_debug_cmd: log level changed from 0 to 50 for
> > class 5 [priv]
> > 174101.075773 Default log_debug_cmd: log level changed from 0 to 60 for
> > class 6 [priv]
> > 174101.075832 Default log_debug_cmd: log level changed from 0 to 50 for
> > class 7 [priv]
> > 174101.075891 Default log_debug_cmd: log level changed from 0 to 40 for
> > class 8 [priv]
> > 174101.075950 Default log_debug_cmd: log level changed from 0 to 40 for
> > class 9 [priv]
> > 174101.077609 Sdep 30 monitor_init: pid 18819 my fd 6 [priv]
> > 174101.079134 Sdep 30 monitor_init: pid 0 my fd 5 [priv]
> > 174101.079510 Misc 10 monitor_init: privileges dropped for child process
> > 174101.654766 Timr 10 timer_add_event: event
> connection_checker(0x3c1e8c80)
> > added last, expiration in 0s
> > 174101.655255 Misc 60 connection_record_passive: passive connection
> > "IPsec-Fission-SonicWall" added
> > 174101.645410 Plcy 30 policy_init: initializing
> > 174101.658148 Misc 20 udp_make: transport 0x3c1ead00 socket 8 ip
> > 127.0.0.1 port 500
> > 174101.659980 Misc 20 udp_encap_make: transport 0x3c1ead40 socket 9 ip
> > 127.0.0.1   port 4500
> > 174101.675446 Misc 20 udp_make: transport 0x3c06a0c0 socket 16 ip
> > AAA.AAA.AAA.AAA port 500
> > 174101.677576 Misc 20 udp_encap_make: transport 0x3c06a100 socket 17 ip
> > AAA.AAA.AAA.AAA port 4500
> > 174101.696403 Misc 20 udp_make: transport 0x3c06a480 socket 26 ip
> > 0.0.0.0 port 500
> > 174101.698525 Misc 20 udp_encap_make: transport 0x3c06a4c0 socket 27 ip
> > 0.0.0.0   port 4500
> > 174101.743637 Default log_packet_init: starting IKE packet capture to
> file
> > "/var/run/isakmpd.pcap"
> > 174101.744459 Timr 10 timer_handle_expirations: event
> > connection_checker(0x3c1e8c80)
> > 174101.745041 Timr 10 timer_add_event: event
> connection_checker(0x3c1e8c80)
> > added last, expiration in 300s
> > 174101.746671 Timr 10 timer_add_event: event
> exchange_free_aux(0x3c065d00)
> > added before connection_checker(0x3c1e8c80), expiration in 120s
> > 174101.748101 Exch 10 exchange_establish_p1: 0x3c0

Re: getting usb networking up on the Zaurus

[Chuck Robey]

Jonathan Gray wrote:


On Mon, Oct 03, 2005 at 08:26:35PM -0400, Chuck Robey wrote:
 


Stuart Henderson wrote:

   


--On 03 October 2005 17:19 -0400, Chuck Robey wrote:

 


Add to this the fact that it works, to/from FreeBSD to the original
Linux on the Zaurus, using cdce on both ends.
   

Client (aka target) mode is where the Z acts as a USB peripheral, not 
as a host. afaik you need the Linux distributed with the Z to support 
this.


cdce on (Open|Free|Net)BSD is just for running on a computer (host) to 
*connect* to such a device in client mode.


Simplest way for you to connect the two is probably with a 
USB-ethernet adapter (aue, kue, cue and the like)...


 

Fantastic!  I sure appreciate this, the first real suggestion [beyond 
"go read usb(4)"].  This I can do, tomorrow!
   



Note that you will need a Zaurus USB host cable for this, these
don't come with the Zaurus and have to be purchased seperately.

If you just want some kind of network connectivity a Compact Flash
Ethernet or 802.11 wireless adapter would probably be a better choice.
 

Well, I don't consider losing the CF flash as a minor problem (at least 
to me).  Doing anything directly with the usb line means I don't lose 
any of the already minimal expansion capability.  I guess I don't 
immediately see why you say that those would be better choices than the 
usb solution.

Re: Webmail recommendations?

[Bob Bostwick \(Lists\)]

Not sure if it will run on OBSD or not (haven't had time to try yet...),
but hands down Zimbra is the best looking web interface out there -
including Exchange OWA.

http://www.zimbra.com/


Regards,

Bob Bostwick

>>-Original Message-
>>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf

>>Of Chris
>>Sent: Saturday, October 01, 2005 5:35 PM
>>To: misc@openbsd.org
>>Subject: Webmail recommendations?
>>
>>Hello
>>
>>I want to setup a OBSD box for my email server.  It will service 
>>probably about 2 dozen people, but It could conceivably double or more

>>over the next year or two.
>>
>>I was wondering if anyone had any recommendations for an mta, and for 
>>a webmail program that is easy to use and fully featured for users who

>>are not so computer savvy.
>>
>>I am pretty comfortable with Sendmail, but I hear a lot of people are 
>>moving more toward postfix (which I know nothing about).
>>
>>I am at a loss for a good web interface.
>>
>>Anyone care to make any recommendations?
>>
>>Thank you.
>>
>>
>>Chris

Re: IDE RAID5

[michael hamerski]

Steve Shockley wrote:

Thorsten Glaser wrote:


(How about Microsoft NT and Linux, which also
do software RAID?



I'm 90% sure that NT mirrors can be moved to different hardware, as long 
as the disk geometry stays the same.  I'm less sure about Raid 5, but in 
theory it should work as well.


Of course, even moving a single IDE disk may or may not work, depending 
on how your controller drivers are configured.  (There's a KB article on 
this.)







I would say that probably depends a lot on the partinioning, if you have 
a single monolithic partition, you might be ok. If like me you like to 
make a lot of smaller partitions on a large disk, you're fscked. In the 
first case it will bite you anyway at some point. I doubt mirroring 
changes anything. Disk geom will depend on bios anyway and there's no 
way you can be sure it will remain the same.


At least W2k has a very serious problem with reshuffling the disk 
partition names when moved from box to box, or even on the same box on a 
different channel, hell even on the same damn channel if you 
reinstall... I've done this a lot and it kills all your paths when you 
make sample based audio for example.


To the best of my knowledge this was *never* addressed, I doubt XP did 
anything to that effect.

nat vpn pptp issues

[Chris Smith]

OpenBSD 3.7 doing NAT with pf.

A group from another compnay was successfully using IPSec (through the 
pf firewall) to tunnel to their corporate server. New personnel in 
their IT staff decided to change from IPSec to PPTP  (why oh why?) and 
now only one computer can connect at a time.
I have the appropriate "pass out ...gre..." in pf.conf but still only 
one at a time can connect.

Some Googling led to a possible need for a pptp proxy but I don't know 
how current this information is. Is a proxy needed to solve this? Is it 
included in 3.7?

Thanks for any assistance.

Chris

Re: getting usb networking up on the Zaurus

[Mike Hernandez]

On 10/4/05, Chuck Robey <[EMAIL PROTECTED]> wrote:
>I guess I don't
> immediately see why you say that those would be better choices than the
> usb solution.
>
>
I'm guessing that if you don't have the usb host cable then it's the
better choice. Buying one piece (i.e. a cf network card) is easier
than buying a host cable, and a usb ethernet card (espcially since you
can't usually just walk into your local shop and get the host cable,
usually requires some shipping).

FWIW I'm using a linksys usb200M and it works great.

Mike

Re: IDE disk problems

[hellsop]

On Tue, Oct 04, 2005 at 07:46:01AM -0600, Steve Harding wrote:
> The thing that has been bothering me is that I replaced a drive 2 months
> ago because of similar errors, and wd3, which is now showing errors, is
> a brand new drive.

Then perhaps something else, like the card, kills drives.

-- 
This was, apparently, beyond her ken.  So far beyond her ken that she was
well into barbie territory.
  -- J. D. Baldwin

Re: getting usb networking up on the Zaurus

[Stuart Henderson]

--On 04 October 2005 12:28 -0400, Chuck Robey wrote:


Note that you will need a Zaurus USB host cable for this, these
don't come with the Zaurus and have to be purchased seperately.


Zhost cable, or I guess a 'digital camera mini USB lead' with AF-AF 
gender changer might do the trick.



Well, I don't consider losing the CF flash as a minor problem (at
least to me).  Doing anything directly with the usb line means I
don't lose any of the already minimal expansion capability.  I guess
I don't immediately see why you say that those would be better
choices than the usb solution.


Another thing I forgot to point out - the Z isn't meant to provide much 
power on the USB line (mine is in the post so I can't tell how much!), 
but there's a chance you may need to feed power via a powered hub.

Endace DAG cards

[eric]

Is anyone using Endace DAG cards in production on 3.7 or 3.8-current? I've
searched around quite a bit of references that support is in libpcap, but
I'm not certain if that support has made it's way to openbsd yet.

Also, if you're using them in production, do you have any issues with or
have any reservations for using them? 

Thanks.

- Eric

Re: nat vpn pptp issues

[Peter Hessler]

On Tue, Oct 04, 2005 at 02:45:54PM -0400, Chris Smith wrote:
:OpenBSD 3.7 doing NAT with pf.
:
:A group from another compnay was successfully using IPSec (through the 
:pf firewall) to tunnel to their corporate server. New personnel in 
:their IT staff decided to change from IPSec to PPTP  (why oh why?) and 
:now only one computer can connect at a time.
:I have the appropriate "pass out ...gre..." in pf.conf but still only 
:one at a time can connect.

True, this is a limitation of the PPTP spec.  Go slap the IT Staff, and 
tell them to revert back to IPSec.


:Some Googling led to a possible need for a pptp proxy but I don't know 
:how current this information is. Is a proxy needed to solve this? Is it 
:included in 3.7?
:
:Thanks for any assistance.
:
:Chris
:

-- 
"My life is a soap opera, but who has the rights?"
-- MadameX

Re: looking for reliable USB printer

[Daniel Martini]

Hi,

On Sat, Oct 01, 2005 at 12:05:39AM +0200, Marc Espie wrote:
> Just wanted to know what people currently use for an usb printer under
> OpenBSD. I'm looking for rather cheap hardware that's currently sold
> in europe as brand new, and guaranteed to work (through experience)
> by people...

I bought a Kyocera FS-1010 in July 2004 for 249,- EUR. Probably one of the
cheapest black&white Laser Printers having native PostScript (actually
KPDL2, Kyoceras PostScript dialect). Works flawlessly up to now. Plug in
and print. The only thing you have to do once is switch it to PostScript
mode (standard mode is PCL) by echoing the proper control sequence to
/dev/ulpt*. Control sequences and settings are quite well documented in
pdf files on the accompanying CD. Cartridges are relatively cheap, as the
drums aren't integrated (the printer has permanent drums). Thus per page
costs are said to be quite low, though I have no own calculations
available.

Regards,
Daniel

Apple Mac G5 or G4 dual-cpu

[Theo de Raadt]

We would love it if someone is able to supply one or our developers in
the Netherlands with a dual-cpu Mac.  It does not matter if it is G4
or G5, either will do.  If anyone can, please drop me a note.  Thanks.

Re: Kprinter in KDE fails

[Daniel Martini]

Hi,

On Mon, Oct 03, 2005 at 02:29:55PM +0200, [EMAIL PROTECTED] wrote:
> I have managed to get OpenBSD printing with CUPS from the packages, but if I 
> try to start kprinter in KDE it crashes. Every other application in KDE 
> crashes too with I try to use "print" from the file menu.
> 
> Is this a common problem in KDE on OpenBSD? Have I missed something? I have 
> testet this on two different installations and it's the same result.

Seen this too, check this post:
http://marc.theaimsgroup.com/?l=openbsd-misc&m=112422708302678&w=2

Regards,
Daniel

Re: IDE disk problems

[Joe S]

[EMAIL PROTECTED] wrote:

On Tue, Oct 04, 2005 at 07:46:01AM -0600, Steve Harding wrote:


The thing that has been bothering me is that I replaced a drive 2 months
ago because of similar errors, and wd3, which is now showing errors, is
a brand new drive.



Then perhaps something else, like the card, kills drives.



I had a bad PC power cable (lose connectors) eat 2 drives. Replaced the 
power cable and the box has had 0 problems since. I know this sounds 
really weird, but CHECK every CABLE for a snug fig.

Re: nat vpn pptp issues

[Chris Smith]

On Tuesday 04 October 2005 03:38 pm, Peter Hessler wrote:
> True, this is a limitation of the PPTP spec.  Go slap the IT Staff,
> and tell them to revert back to IPSec.

While I agree on what should be done to their IT staff, and that IPSec 
(from what little I know) is superior, it may be an issue beyond my 
control.

The unfortunate thing is that they claim (probably correctly) that it 
works fine for them from all of the other field office locations.

Being that PPTP use is somewhat ubiquitous, I'm wondering if it's an 
OpenBSD/pf limitation or design decision, or do others have to jump 
through hoops to work with this as well.

Oddly enough much information I find talks about the difficulties of 
IPSec and NAT, which works fine with pf.

Thanks.

Chris

Re: OpenBSD and KDE printing

[Daniel Martini]

Hi,

On Sun, Oct 02, 2005 at 04:48:13AM +0200, [EMAIL PROTECTED] wrote:
> During this test I found that every single program, started from within KDE,
> crashes when I use the print option from (in most cases) the file menu.
> 
> Kprinter crashes too.
> 
> This is with or without any cups service running.

Check this post:
http://marc.theaimsgroup.com/?l=openbsd-misc&m=112422708302678&w=2

Regards,
Daniel

Re: nat vpn pptp issues

[Melameth, Daniel D.]

Chris Smith wrote:
> On Tuesday 04 October 2005 03:38 pm, Peter Hessler wrote:
> > True, this is a limitation of the PPTP spec.  Go slap the IT Staff,
> > and tell them to revert back to IPSec.
> 
> While I agree on what should be done to their IT staff, and that IPSec
> (from what little I know) is superior, it may be an issue beyond my
> control.
> 
> The unfortunate thing is that they claim (probably correctly) that it
> works fine for them from all of the other field office locations.
> 
> Being that PPTP use is somewhat ubiquitous, I'm wondering if it's an
> OpenBSD/pf limitation or design decision, or do others have to jump
> through hoops to work with this as well.
> 
> Oddly enough much information I find talks about the difficulties of
> IPSec and NAT, which works fine with pf.

OpenBSD ignores the Call ID field in the GRE packets that PPTP uses...
check the archives...

http://marc.theaimsgroup.com/?l=openbsd-misc&m=110660283102711&w=2.

Re: IDE disk problems

[knitti]

On 10/4/05, Joe S <[EMAIL PROTECTED]> wrote:
> I had a bad PC power cable (lose connectors) eat 2 drives. Replaced the
> power cable and the box has had 0 problems since. I know this sounds
> really weird, but CHECK every CABLE for a snug fig.

I second that. And check your PSU. I've seen (on different boxes) bad
PSUs killing disks, PCI- and AGP-cards, tape drives and, of course,
mainboards. Sometimes a PSU seems working, but changes its behaviour
under load or heat.

--knitti

Re: OpenBSD on Nokia IP3300?

[Alexandre]

Mattias R. Lindgren wrote:

Hello everyone.

Has anyone tried running openbsd on a Nokia IP3300?  It is a 1U unit with an
AMD processor, 256mb ram and a 20gb hdd.  It has 2 serial interfaces and 3
intel pro 100's.  They are very inexpensive to pick up on ebay, so I was
wondering if anyone has attempted an install?  I would think it should work
pretty easily?

Thanks,

Mattias




Never tried myself, but Nokia's OS being a FreeBSD variant, I'm pretty 
sure it works. But there is no cd drive.

Every thing seems supported. I'll check if we have one left at work.

By the way, check this :
http://www.linuxjournal.com/article/6606
If they did it with Linux, it can be done with OpenBSD.

Alexandre

-- http://www.speenics.org/

Re: nat vpn pptp issues

[Chris Smith]

On Tuesday 04 October 2005 04:32 pm, Melameth, Daniel D. wrote:
> OpenBSD ignores the Call ID field in the GRE packets that PPTP
> uses...

So a design decision?

macppc G5 support coming

[Theo de Raadt]

Well, since Miod has kind of let the cat out of the bag regarding the
G5 work, I might as well show the results, since I have the machine
that is currently running it best, a dual G5 Xserve.

About 3 weeks ago Mark Kettenis started the Apple G5 support effort.
A little bit later Dale joined in to help, and now the G5 is running
multiuser.  A bunch of issues remain.  Not all the code is commited
yet, but most of it is.

The same kernel will run on older machines as well.  The G5 has 64-bit
support, but is being run in 32-bit mode so that we do not need to
invent a whole new architecture for now.  It uses 64-bit page table
entries which contain a eXecute bit, though, so we will be able to
add W^X support soon.

--

Again -- there are a whole bunch of issues left to finish, so be patient.

Apple RackMac3,1 5.1.7f1 BootROM built on 08/25/04 at 15:11:09
Copyright 1994-2004 Apple Computer, Inc.
All Rights Reserved.

Welcome to Open Firmware, the system time and date is: 21:33:53 10/04/2005

To continue booting, type "mac-boot" and press return.
To shut down, type "shut-down" and press return.

 ok
0 > boot enet:,ofwboot 
CLIENT: 000d939c73fa 199.185.137.102
SERVER: 00034740db0a 199.185.137.8 
Transfer FILE: ofwboot \
TFTP-actual=e3c6 TFTP-adler32=c19eef6 load-size=e3c6 adler32=c19eef6 

Loading ELF

>> OpenBSD/macppc Boot
Using IP address: 199.185.137.102
root addr=199.185.137.8 path=/i386.d
4221840+300332=0x4500f0
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2005 OpenBSD. All rights reserved.  http://www.OpenBSD.org

OpenBSD 3.8-current (GENERIC) #484: Mon Oct  3 18:14:03 MDT 2005
[EMAIL PROTECTED]:/sys/arch/macppc/compile/GENERIC
real mem = 2134380544 (2084356K)
avail mem = 1971040256 (1924844K)
using 1254 buffers containing 82182144 bytes of memory
mainbus0 (root)
cpu0 at mainbus0: 970 (Revision 0x300): 2000 MHz
memc0 at mainbus0: u3
mpcpcibr0 at mainbus0 pci: u3-agp, Revision 0xff
pci0 at mpcpcibr0 bus 0
pchb0 at pci0 dev 11 function 0 "Apple K2 AGP" rev 0x00
ht0 at mainbus0: u3-ht: 8 devices
pci1 at ht0 bus 0
pchb1 at pci1 dev 0 function 0 "Apple K2" rev 0x00
ppb0 at pci1 dev 1 function 0 "AMD 8131 PCIX" rev 0x12
pci2 at ppb0 bus 6
"AMD 8131 PCIX IOAPIC" rev 0x01 at pci1 dev 1 function 1 not configured
ppb1 at pci1 dev 2 function 0 "AMD 8131 PCIX" rev 0x12
pci3 at ppb1 bus 7
bge0 at pci3 dev 4 function 0 "Broadcom BCM5704C" rev 0x03, BCM5704 A3 
(0x2003): irq 0 address 00:0d:93:9c:73:fa
brgphy0 at bge0 phy 1: BCM5704 10/100/1000baseT PHY, rev. 0
bge1 at pci3 dev 4 function 1 "Broadcom BCM5704C" rev 0x03, BCM5704 A3 
(0x2003): irq 0 address 00:0d:93:9c:73:fb
brgphy1 at bge1 phy 1: BCM5704 10/100/1000baseT PHY, rev. 0
"AMD 8131 PCIX IOAPIC" rev 0x01 at pci1 dev 2 function 1 not configured
ppb2 at pci1 dev 3 function 0 "Apple U3 PCI-PCI" rev 0x00
pci4 at ppb2 bus 1
macobio0 at pci4 dev 7 function 0 "Apple K2 Macio" rev 0x60
openpic0 at macobio0: version 0x4614
macgpio0 at macobio0
pmu-interrupt at macgpio0 offset 0x9 not configured
programmer-switch at macgpio0 offset 0x11 not configured
ringDetect at macgpio0 offset 0x8 not configured
indicatorLED at macgpio0 offset 0xb not configured
indicatorSwitch at macgpio0 offset 0xc not configured
keySwitch at macgpio0 offset 0xd not configured
fcu-interrupt at macgpio0 offset 0x15 not configured
chip-fault at macgpio0 offset 0x17 not configured
systemMonitorA at macgpio0 offset 0x1c not configured
systemMonitorB at macgpio0 offset 0x1d not configured
slewing-done at macgpio0 offset 0x23 not configured
fcu-hw-reset at macgpio0 offset 0x3a not configured
zsc0 at macobio0: irq 22,23
zstty0 at zsc0 channel 0 (console i/o)
zstty1 at zsc0 channel 1
ki2c0 at macobio0
adb0 at macobio0 irq 25: via-pmu, 0 targets
aed0 at adb0 addr 0: ADB Event device
apm0 at adb0: battery flags 0x9, 0% charged
ppb3 at pci1 dev 4 function 0 "Apple U3 PCI-PCI" rev 0x00
pci5 at ppb3 bus 2
ohci0 at pci5 dev 11 function 0 "NEC USB" rev 0x43: irq 63, version 1.0
usb0 at ohci0: USB revision 1.0
uhub0 at usb0
uhub0: NEC OHCI root hub, rev 1.00/1.00, addr 1
uhub0: 3 ports with 3 removable, self powered
ohci1 at pci5 dev 11 function 1 "NEC USB" rev 0x43: irq 63, version 1.0
usb1 at ohci1: USB revision 1.0
uhub1 at usb1
uhub1: NEC OHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
ehci0 at pci5 dev 11 function 2 "NEC USB" rev 0x04: irq 63
usb2 at ehci0: USB revision 2.0
uhub2 at usb2
uhub2: NEC EHCI root hub, rev 2.00/1.00, addr 1
uhub2: 5 ports with 5 removable, self powered
ppb4 at pci1 dev 5 function 0 "Apple U3 PCI-PCI" rev 0x00
pci6 at ppb4 bus 3
kauaiata0 at pci6 dev 13 function 0 "Apple K2 ATA" rev 0x00
wdc0 at kauaiata0 irq 39: DMA
"Apple K2 Firewire" rev 0x00 at pci6 dev 14 function 0 not configured
ppb5 at pci1 dev 6 function 0 "Apple U3 PCI-PCI" rev 0x00
pci7 at ppb5 bus 4
gem0 at pci7 dev 15 function 0 "Apple K2 GMAC" rev 0x00: couldn't map interrupt
ppb6 at pci1 dev 

Re: Problem with arla.

[scorch]

Jan Johansson said the following on 2005-09-29 11:44:


Hello.

I am having problems with arla. 2 of 3 reboots the afsd will be running but

$ cd /afs
ksh: cd: /afs - Not a directory

I did not see this problem on 3.7. I did start to see it on my home pc but took
it as a fluke because of the amount of problems I have with that machine. Today
I installed 


OpenBSD 3.8-current (GENERIC) #159: Tue Sep 27 22:21:33 MDT 2005

on my laptop (that have been rock solid with 3.7) and see the problem
imediatly.


hi Jan,

I can't speak from experience, I'm not running -current on OpenBSD with OpenAFS 
yet.

my only issues in several months of reasonably heavy arla usage has been with 
physical disk IO errors, and then needing to flush the cache afterwards.

try rm -rf /var/spool/afs before restarting arla next time, and also using 
these arla flags in your rc.* somewhere.

afs=YES
afsd_flags="--log=/var/log/arlad.log --recover"

maybe this will help get more info, & also ensure a clean startup.

can you determine if you always have the issue accessing a file from cache, or 
not? fs flush* may help here as well.

cheers, scorch
--
out of the frying pan and into the fire

Re: Problem with arla.

[ober]

You could always just use openafs client.
Yes, it works.
Working on a howto, for configuring the client.


-bash-3.00# modstat
Type Id Off Loadaddr Size Info Rev Module Name
VFS   0   0 e36e4000 0077 e374f748   2 afs
-bash-3.00# ps |grep afsd
 9011 p4  I+  0:00.00 grep afsd
28154 C0- DKL 0:00.00  (afsd)
 4188 C0- IKL 0:00.00  (afsd)
21217 C0- DKL 0:00.92  (afsd)
30134 C0- DKL 0:00.00  (afsd)
14611 C0- DKL 0:00.00  (afsd)
19159 C0- DKL 0:00.00  (afsd)
30863 C0- DKL 0:00.00  (afsd)
23582 C0- DKL 0:00.00  (afsd)
17813 C0- DKL 0:01.02  (afsd)
13379 C0- DKL 0:00.10  (afsd)
21462 C0- DKL 0:00.04  (afsd)
 4849 C0- DKL 0:00.00  (afsd)
-bash-3.00# df
Filesystem  512-blocks  Used Avail Capacity  Mounted on
/dev/wd0a 38384476  16628716  1983654046%/
AFS  14400 0 14400 0%/afs
-bash-3.00# uname -a
OpenBSD bench.linbsd.org 3.7 BULLSEYE#1 i386
-bash-3.00#


-Ober

On Tue, 4 Oct 2005, scorch wrote:


Jan Johansson said the following on 2005-09-29 11:44:


Hello.

I am having problems with arla. 2 of 3 reboots the afsd will be running but

$ cd /afs
ksh: cd: /afs - Not a directory

I did not see this problem on 3.7. I did start to see it on my home pc but 
took
it as a fluke because of the amount of problems I have with that machine. 
Today
I installed 
OpenBSD 3.8-current (GENERIC) #159: Tue Sep 27 22:21:33 MDT 2005


on my laptop (that have been rock solid with 3.7) and see the problem
imediatly.


hi Jan,

I can't speak from experience, I'm not running -current on OpenBSD with 
OpenAFS yet.


my only issues in several months of reasonably heavy arla usage has been with 
physical disk IO errors, and then needing to flush the cache afterwards.


try rm -rf /var/spool/afs before restarting arla next time, and also using 
these arla flags in your rc.* somewhere.


afs=YES
afsd_flags="--log=/var/log/arlad.log --recover"

maybe this will help get more info, & also ensure a clean startup.

can you determine if you always have the issue accessing a file from cache, 
or not? fs flush* may help here as well.


cheers, scorch
--
out of the frying pan and into the fire

Re: Delivery reports about your e-mail

[Civis]

Madame, Mademoiselle, Monsieur,

Nous vous remercions de votre courrier C)lectronique.

Dans le souci de mieux correspondre C  vos attentes, nous vous prions de bien 
vouloir nous contacter dC)sormais par le biais du nouveau "Portail des 
Citoyens", mis C  votre disposition C  l'adresse Internet
http://www.europarl.eu.int/opengov/default_fr.htm

Nous vous invitons donc C  transfC)rer le contenu de votre courriel vers le 
formulaire, par simple "copier/coller" (copy/paste).

Avec nos remerciements



Dear Correspondent,

Thank you for your e-mail message.

To enable us to deal with your message, we would kindly ask you to readdress it 
to us using the form given at the B+ Citizensb Portal B; on the EP web site at
http://www.europarl.eu.int/opengov/default_en.htm

You can transfer the text of your message to the form using the copy and paste 
procedure.

Re: Problem with arla.

[ober]

In fact here is the howto
http://www.linbsd.org/afs_on_openbsd_client.html
It works fine for me on 3.7.

If you have any questions let me know.
So far it seems to be very stable for me.
YMMV

-Ober

On Tue, 4 Oct 2005, scorch wrote:


Jan Johansson said the following on 2005-09-29 11:44:


Hello.

I am having problems with arla. 2 of 3 reboots the afsd will be running but

$ cd /afs
ksh: cd: /afs - Not a directory

I did not see this problem on 3.7. I did start to see it on my home pc but 
took
it as a fluke because of the amount of problems I have with that machine. 
Today
I installed 
OpenBSD 3.8-current (GENERIC) #159: Tue Sep 27 22:21:33 MDT 2005


on my laptop (that have been rock solid with 3.7) and see the problem
imediatly.


hi Jan,

I can't speak from experience, I'm not running -current on OpenBSD with 
OpenAFS yet.


my only issues in several months of reasonably heavy arla usage has been with 
physical disk IO errors, and then needing to flush the cache afterwards.


try rm -rf /var/spool/afs before restarting arla next time, and also using 
these arla flags in your rc.* somewhere.


afs=YES
afsd_flags="--log=/var/log/arlad.log --recover"

maybe this will help get more info, & also ensure a clean startup.

can you determine if you always have the issue accessing a file from cache, 
or not? fs flush* may help here as well.


cheers, scorch
--
out of the frying pan and into the fire

Re: Apple Mac G5 or G4 dual-cpu

[Theo de Raadt]

> > We would love it if someone is able to supply one or our developers in
> > the Netherlands with a dual-cpu Mac.  It does not matter if it is G4
> > or G5, either will do.  If anyone can, please drop me a note.  Thanks.
> 
> So SMP is next on the list of Mark Kettenis after G5 support? Splendid!

No offers yet.

Re: OpenBSD on Nokia IP3300?

[Mike Hernandez]

On 10/4/05, Alexandre <[EMAIL PROTECTED]> wrote:
> If they did it with Linux, it can be done with OpenBSD.
>

unless it uses some proprietary drivers ;) (like my nvidia card...doh!)

Mike

Re: Apple Mac G5 or G4 dual-cpu

[Dries Schellekens]

Theo de Raadt wrote:


We would love it if someone is able to supply one or our developers in
the Netherlands with a dual-cpu Mac.  It does not matter if it is G4
or G5, either will do.  If anyone can, please drop me a note.  Thanks.


So SMP is next on the list of Mark Kettenis after G5 support? Splendid!


Cheers,

Dries

Re: OpenBSD on Nokia IP3300?

[Joost Tr]

http://web.irtnog.org/howtos-orig/freebsd-firewall-ip330 (freebsd though)
www.google.com



From: "Mattias R. Lindgren" <[EMAIL PROTECTED]>
To: 
Subject: OpenBSD on Nokia IP3300?
Date: Tue, 4 Oct 2005 11:33:13 -0600

Hello everyone.

Has anyone tried running openbsd on a Nokia IP3300?  It is a 1U unit with 
an

AMD processor, 256mb ram and a 20gb hdd.  It has 2 serial interfaces and 3
intel pro 100's.  They are very inexpensive to pick up on ebay, so I was
wondering if anyone has attempted an install?  I would think it should work
pretty easily?

Thanks,

Mattias

Re: detect if a flag-day has happened in the meanwhile

[Ted Unangst]

On 10/3/05, Han Boetes <[EMAIL PROTECTED]> wrote:
> Ah right. But is there perhaps a way to test it on two compiled
> kernels?

no.

Re: OpenBSD on Nokia IP3300?

[Mattias R. Lindgren]

I was imagining it working in much the same way as we do our soekris boxes.
That is, install the OS on a different machine and then move the hard drive
over to the machine in question (Turning on the default serial port first,
of course).

~Mattias

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Joost Tr
Sent: Tuesday, October 04, 2005 2:54 PM
To: misc@openbsd.org
Subject: Re: OpenBSD on Nokia IP3300?

http://web.irtnog.org/howtos-orig/freebsd-firewall-ip330 (freebsd though)
www.google.com


>From: "Mattias R. Lindgren" <[EMAIL PROTECTED]>
>To: 
>Subject: OpenBSD on Nokia IP3300?
>Date: Tue, 4 Oct 2005 11:33:13 -0600
>
>Hello everyone.
>
>Has anyone tried running openbsd on a Nokia IP3300?  It is a 1U unit with 
>an
>AMD processor, 256mb ram and a 20gb hdd.  It has 2 serial interfaces and 3
>intel pro 100's.  They are very inexpensive to pick up on ebay, so I was
>wondering if anyone has attempted an install?  I would think it should work
>pretty easily?
>
>Thanks,
>
>Mattias

[demime 1.01d removed an attachment of type application/x-pkcs7-signature which 
had a name of smime.p7s]

3.8 Snap with MiniVox MV100 USB audio

[Will H. Backman]

Playing with unsupported hardware, but thought I would give a report in case
anyone else was thinking of going down this road:

Purchased a MiniVox MV100 USB audio speakerphone.  dmesg picks up the
following:

OpenBSD 3.8-beta (GENERIC) #119: Wed Aug 24 01:47:37 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
--SNIP-- (i hope this editing of the dmesg doesn't get me killed!)
uaudio0 at uhub1 port 1 configuration 1 interface 0: FORTEMEDIA FM1083, rev
1.10/0.01, addr 2
uaudio_add_selector: NOT IMPLEMENTED
uaudio0: audio rev 1.00, 8 mixer controls
audio0 at uaudio0

audioctl -a output:

name=USB audio
version=
config=uaudio
encodings=ulinear:8*,mulaw:8*,alaw:8*,slinear:8*,slinear_le:16,ulinear_le:16*
,slinear_be:16*,ulinear_be:16*
properties=full_duplex,independent
full_duplex=0
fullduplex=0
blocksize=1088
hiwat=60
lowat=1
monitor_gain=0
mode=
play.rate=8000
play.channels=1
play.precision=8
play.encoding=mulaw
play.gain=127
play.balance=32
play.port=0x0
play.avail_ports=0x0
play.seek=0
play.samples=0
play.eof=0
play.pause=0
play.error=0
play.waiting=0
play.open=0
play.active=0
play.buffer_size=65536
record.rate=8000
record.channels=1
record.precision=16
record.encoding=slinear_le
record.gain=127
record.balance=32
record.port=0x0
record.avail_ports=0x0
record.seek=0
record.samples=0
record.eof=0
record.pause=0
record.error=0
record.waiting=0
record.open=0
record.active=0
record.buffer_size=65536
record.errors=0

Attmpting to access /dev/audio or /dev/sound gives a permission denied error
even when logged in as root.

# ls -l /dev/audio* /dev/sound*
lrwx--  1 root  wheel 6 Aug 26 17:55 /dev/audio -> audio0
crw-rw-rw-  1 root  wheel   42, 128 Oct  4 20:29 /dev/audio0
lrwx--  1 root  wheel 9 Aug 26 17:55 /dev/audioctl -> audioctl0
crw-rw-rw-  1 root  wheel   42, 192 Aug 26 17:55 /dev/audioctl0
lrwx--  1 root  wheel 6 Aug 26 17:55 /dev/sound -> sound0
crw-rw-rw-  1 root  wheel   42,   0 Oct  4 21:09 /dev/sound0

I'm not very experienced at messing aroung with audio on openbsd, and I can't
seem to find much information on how to start helping.  This device seemed
interesting because it claims driverless use on Mac OS9, OSX, Windows ME,
etc.

Ipsec vpn tunnel x509 phase 2 does not start.

[dagrichards]

Having trouble brining up a tunnel.
I have followed these instructions
http://mirror.huxley.org.ar/ipsec/isakmpd.htm
and used the included script to gen my certs.

This seems to complete phase 1 see snip1

Though never seems to move on to phase 2 see snip 2
the licesnsees line gives me some pause as that is not the common can of the 
cert, though that is what prints in the debug.   The name in the subject field 
on the cert is loanerxppc2.xxx.gov

configs are included after snips


client is an XP box running ipsec.exe from e.bootis behind a nat on a Openbsd  
fw. This works with preshared keys through the fw

isakmpd -dDA=50 
snip 1 
173611.209764 Exch 40 exchange_run: exchange 0x893c00 finished step 5, 
advancing...
173611.210067 Mesg 10 virtual_send_message: enabling NAT-T encapsulation for 
this exchange
173611.210410 Exch 10 exchange_finalize: 0x893c00 xpws Default-main-mode policy 
responder phase 1 doi 1 exchange 2 step 6
173611.210685 Exch 10 exchange_finalize: icookie 90d893da9f1f4816 rcookie 
83c51437d4efd48e
173611.210921 Exch 10 exchange_finalize: msgid  
173611.212348 Exch 10 exchange_finalize: phase 1 done: initiator id 
/C=US/ST=California/L=Martinez/O=ccchsd/OU=IS/CN=loanerxppc2..gov, 
responder id [EMAIL PROTECTED], src: 172.16.5.241 dst: 172.16.4.230
17361


--snip 2 -
ghri_fw:root:/etc/isakmpd #isakmpd -dD9=99 
173331.863667 Default log_debug_cmd: log level changed from 0 to 99 for class 9 
[priv]
173332.317663 Plcy 30 policy_init: initializing
173332.321123 Default x509_read_from_dir: PEM_read_X509 failed for ca.srl
173338.331292 Plcy 90 x509_generate_kn: generating KeyNote policy for 
certificate 0x88da00
173338.332119 Plcy 60 x509_generate_kn: added credential
173338.332481 Plcy 80 x509_generate_kn: added credential:
Authorizer: 
"DN:/C=US/ST=California/L=Martinez/O=ccchsd/OU=IS/CN=555ghrifw..gov"
Licensees: "DN:/C=US/ST=California/L=Martinez/O=ccchsd/OU=IS/CN=loanerxppc2.
173338.335104 Plcy 30 keynote_cert_obtain: failed to open 
"/etc/isakmpd/keynote//[EMAIL PROTECTED]/credentials"





ghri_fw:root:/etc/isakmpd #cat isakmpd.conf 
[General]
Retransmits=5
Exchange-max-time=  120
Listen-on= 172.16.5.241 

# X.509 certificate locations
[X509-certificates]
Accept-self-signed= 1
CA-directory=   /etc/isakmpd/ca/
Cert-directory= /etc/isakmpd/certs/
Private-key=/etc/isakmpd/private/[EMAIL PROTECTED]



[Phase 1]
172.16.4.230=  xpws

[xpws]
Phase=  1
Transport=  udp
Local-address=  172.16.5.241 
Address=   0.0.0.0 
Configuration=  Default-main-mode 
ID= My-ID

[My-ID]
ID-type=USER_FQDN
# this is the certificate for this gateway
Name=   [EMAIL PROTECTED]

 

[Phase 2]
Connections=winxp


[winxp]
Phase=  2
ISAKMP-peer=xpws 
Configuration= Default-quick-mode 
Local-ID= dmz 
Remote-ID= Unknown-address 



  
[loanerxp]
ID-type=IPV4_ADDR 
Address=192.168.10.15

[dmz]
ID-type=IPV4_ADDR_SUBNET
Network=192.168.12.0
Netmask=255.255.255.0




[Unknown-address]
ID-Type=IPV4_ADDR
Address=0.0.0.0



[Default-quick-mode]
DOI=IPSEC
EXCHANGE_TYPE=  QUICK_MODE
Suites= QM-ESP-3DES-SHA-SUITE

[Default-main-mode]
DOI=IPSEC
EXCHANGE_TYPE=  ID_PROT
Transforms= 3DES-SHA-RSA_SIG


# Encryption/Authentication suite definitions

[3DES-SHA-RSA_SIG]
ENCRYPTION_ALGORITHM=   3DES_CBC
HASH_ALGORITHM= SHA
AUTHENTICATION_METHOD=  RSA_SIG
ENCAPSULATION_MODE= TUNNEL
AUTHENTICATION_ALGORITHM=   HMAC_SHA







ghri_fw:root:/etc/isakmpd #cat isakmpd.policy
KeyNote-Version: 2
Comment: This policy accepts ESP SAs from a remote that uses the right password
$OpenBSD: policy,v 1.6 2001/06/20 16:36:19 angelos Exp $
$EOM: policy,v 1.6 2000/10/09 22:08:30 angelos Exp $
Authorizer: "POLICY"
Licensees: 
"DN:/C=US/ST=California/L=Martinez/O=ccchsd/OU=IS/CN=555ghrifw.ccchsd.gov" ||  
"passphrase:1234" || "passphrase:0291ff014dccdd03874d9e8e4cdf3e6"
Conditions: app_domain == "IPsec policy" &&
esp_present == "yes" &&
esp_enc_alg != "null" -> "true"; 

# --- [EMAIL PROTECTED] ---
authorizer: "[EMAIL PROTECTED]"
licensees:"DN:"
conditions: remote_id_type =="ASN1 DN" &&
remote_id =="" -> "true";

# --- [EMAIL PROTECTED] ---
authorizer: "[EMAIL PROTECTED]"
licensees:"DN:"
conditions: remote_id_type =="ASN1 DN" &&
remote_id =="" -> "true";

Re: sh-script executing

[Ilya A. Kovalenko]

correction, for logs:

  My first conclusion that "sh(1) reads file in process
of execution" was wrong.
  Looks like when file size is increasing during script
execution, sh(1) additionally executes file "tail" (starting
at old EOF seek position).
  I guess, this behavior is useless (and dangerous) for regular
files.
  When file size decreasing or does not changing, nothing is
happening.

IAK>   I found out that sh(1) reads file in process of execution (instead of
IAK> read whole file and execute it from memory image), which makes
IAK> editing such scripts unreliable and/or dangerous. Is there any
IAK> existing ways to solve this problem ?

IAK>   Is there sense to make sh(1) to read whole script file before
IAK> executing (optionally, at least), because, as far as I understand,
IAK> current behavior is pretty useless as feature ?

Ilya A. Kovalenko  (mailto:[EMAIL PROTECTED])
Special EQ SW section
JSC Oganer-Service

Re: looking for reliable USB printer

[Shane J Pearson]

Marc,

On 05/10/2005, at 5:39 AM, Daniel Martini wrote:


I bought a Kyocera FS-1010 in July 2004 for 249,- EUR. Probably one  
of the

cheapest black&white Laser Printers having native PostScript (actually
KPDL2, Kyoceras PostScript dialect). Works flawlessly up to now.  
Plug in


I know you are looking for USB, however if you are avoiding printers  
with

a network connection because they tend to be expensive, then...

I have not tried the USB functionality, however I have a Kyocera
FS-1020DN. My FS-1020DN also does postscript (in the printer), plus
duplex, came with an internal 10/100 print server and does 20 A4 ppm. I
have always just printed through the network. The duplex functionality
half ejects the paper and brings it back through the printer, so the
speed is more than halved when doing duplex printing.

It is not a dodgy GDI "Win printer".

It seems cheap to me considering these features. Doing a quick search,
I find these brand new at around $630 Australian and 450 Euros at
French stores.


Shane J Pearson

Re: Webmail recommendations?

[Jens Teglhus Møller]

I've used SquirrelMail and it works with both IMAP and POP3. It's 
pretty
good, simple and functional. However it does lack more advanced 
features

suchs as threading, searching, etc. I personally wish it had.


SquirrelMail supports threading, if you use it against an imap server 
that supports it.


I use it with courier imap on an openbsd box and it works great.

/jtm 

Re: detect if a flag-day has happened in the meanwhile

[Han Boetes]

Ted Unangst wrote:
> On 10/3/05, Han Boetes <[EMAIL PROTECTED]> wrote:
> > Ah right. But is there perhaps a way to test it on two
> > compiled kernels?
>
> no.

Alright. Too bad.



# Han