looking for bandwidth monitor by ip
dear list, i found this program called "traffic" from freebsd ports, i tried to compile it under openbsd but not succed, so anyone know similiar application like that ? here's the master site: http://darkzone .ma .cx/resources/unix/traffic/ thx,
Re: looking for bandwidth monitor by ip
On 2008-06-04, Agung T. Apriyanto <[EMAIL PROTECTED]> wrote: > i found this program called "traffic" from freebsd ports, > i tried to compile it under openbsd but not succed, > so anyone know similiar application like that ? darkstat, it's in ports.
ciss on hp DL385 G5?
Hi, We're trying to install OpenBSD on a HP ProLiant DL385 G5. But as shown in the dmesg below, the RAID controller (HP Smart Array P400) is not detected. According to the ciss(4) man page it should be supported. Has anyone got OpenBSD to install on such a machine? -martin OpenBSD 4.3-current (RAMDISK_CD) #9: Mon Jun 2 12:57:51 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/ RAMDISK_CD real mem = 2134159360 (2035MB) avail mem = 2072326144 (1976MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xee000 (66 entries) bios0: vendor HP version "A09" date 03/27/2008 bios0: HP ProLiant DL385 G5 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SPCR MCFG HPET SPMI ERST APIC SRAT BERT HEST acpiprt0 at acpi0: bus 5 (EXB0) acpiprt1 at acpi0: bus 8 (EXB1) acpiprt2 at acpi0: bus 11 (EXB3) acpiprt3 at acpi0: bus 3 (EXB4) acpiprt4 at acpi0: bus 0 (PCI0) acpiprt5 at acpi0: bus 67 (EXBA) acpiprt6 at acpi0: bus 70 (EXBB) acpiprt7 at acpi0: bus 65 (EXBD) acpiprt8 at acpi0: bus 64 (PCI1) cpu0 at mainbus0: (uniprocessor) cpu0: Quad-Core AMD Opteron(tm) Processor 2356, 2300.37 MHz cpu0: FPU ,VME ,DE ,PSE ,TSC ,MSR ,PAE ,MCE ,CX8 ,APIC ,SEP ,MTRR ,PGE ,MCA ,CMOV ,PAT ,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,MMXX,FFXSR,LONG, 3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative pci0 at mainbus0 bus 0: configuration mode 1 vga1 at pci0 dev 3 function 0 "ATI ES1000" rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) "Compaq iLO" rev 0x03 at pci0 dev 4 function 0 not configured "Compaq iLO" rev 0x03 at pci0 dev 4 function 2 not configured uhci0 at pci0 dev 4 function 4 "Hewlett-Packard USB" rev 0x00: irq 11 "Hewlett-Packard IPMI" rev 0x00 at pci0 dev 4 function 6 not configured ppb0 at pci0 dev 5 function 0 "ServerWorks HT-1000 PCI" rev 0x00 pci1 at ppb0 bus 1 ppb1 at pci1 dev 13 function 0 "ServerWorks HT-1000 PCIX" rev 0xc0 pci2 at ppb1 bus 2 pchb0 at pci0 dev 6 function 0 "ServerWorks HT-1000" rev 0x00 pciide0 at pci0 dev 6 function 1 "ServerWorks HT-1000 IDE" rev 0x00: DMA atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets, initiator 7 cd0 at scsibus0 targ 0 lun 0: ATAPI 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 0 "ServerWorks HT-1000 LPC" rev 0x00 at pci0 dev 6 function 2 not configured ohci0 at pci0 dev 7 function 0 "ServerWorks HT-1000 USB" rev 0x01: irq 5, version 1.0, legacy support ohci1 at pci0 dev 7 function 1 "ServerWorks HT-1000 USB" rev 0x01: irq 5, version 1.0, legacy support ehci0 at pci0 dev 7 function 2 "ServerWorks HT-1000 USB" rev 0x01: irq 5 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "ServerWorks EHCI root hub" rev 2.00/1.00 addr 1 ppb2 at pci0 dev 15 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2 pci3 at ppb2 bus 5 ppb3 at pci0 dev 16 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2 pci4 at ppb3 bus 8 ppb4 at pci0 dev 17 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2 pci5 at ppb4 bus 14 ppb5 at pci0 dev 18 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2 pci6 at ppb5 bus 11 ppb6 at pci0 dev 19 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2 pci7 at ppb6 bus 3 ppb7 at pci7 dev 0 function 0 "ServerWorks PCIE-PCIX" rev 0xc3 pci8 at ppb7 bus 4 bnx0 at pci8 dev 0 function 0 "Broadcom BCM5708" rev 0x12: irq 11 pchb1 at pci0 dev 24 function 0 "AMD AMD64 10h HyperTransport" rev 0x00 pchb2 at pci0 dev 24 function 1 "AMD AMD64 10h Address Map" rev 0x00 pchb3 at pci0 dev 24 function 2 "AMD AMD64 10h DRAM Cfg" rev 0x00 pchb4 at pci0 dev 24 function 3 "AMD AMD64 10h Misc Cfg" rev 0x00 pchb5 at pci0 dev 24 function 4 "AMD AMD64 10h Link Cfg" rev 0x00 usb1 at uhci0: USB revision 1.0 uhub1 at usb1 "Hewlett-Packard UHCI root hub" rev 1.00/1.00 addr 1 usb2 at ohci0: USB revision 1.0 uhub2 at usb2 "ServerWorks OHCI root hub" rev 1.00/1.00 addr 1 usb3 at ohci1: USB revision 1.0 uhub3 at usb3 "ServerWorks OHCI root hub" rev 1.00/1.00 addr 1 isa0 at mainbus0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo com1: probed fifo depth: 0 bytes pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 rd0: fixed, 4480 blocks uhub4 at uhub3 port 1 "vendor 0x04b4 product 0x6560" rev 2.00/0.07 addr 2 uhidev0 at uhub1 port 1 configuration 1 interface 0 "HP Virtual Keyboard" rev 1.10/0.02 addr 2 uhidev0: iclass 3/1 ukbd0 at uhidev0 wskbd1 at ukbd0 mux 1 wskbd1: connecting to wsdisplay0 uhidev1 at uhub1 port 1 configuration 1 interface 1 "HP Virtual Keyboard" rev 1.10/0.02 addr 2 uhidev1: iclass 3/1 uhid at uhidev1 not configured uhub5 at uhub1 port 2 "HP Virtual Hub" rev 1.10/0.01 addr 3 root on rd0a swap on rd0b du
Google in "shell" - looks interesting
http://goosh.org
Google in "shell" - correction
Runs fine in graphical browser,but not in lynx in my VM :-/
knowing spamd blacklist size
Hi, In OpenBSD 4.3, is there a way to find out via script the current size of the spamd blacklist? Thanks in advance. Regards, Jose -- Mail.com Autos- Powered by Oncars.com: Drive By Today! http://www.oncars.com
Re: Google in "shell" - looks interesting
On 04/06/08 13:39 +0100, Tomas Bodzar wrote: > http://goosh.org > > Great.
spamd sync question
Hi, I am working to setup a spamd environment where we will have two OpenBSD/spamd bridges running in synchronization mode, one at each Internet link we have. One of these bridges is already running and has already its white and grey lists populated. I now plan to active the second bridge, and I would like to import the white and grey lists from the first bridge. I suppose I could simply stop spamd and spamlogd in the first bridge, copy /var/db/spamd to /var/db in the second bridge, and then startup spamd and spamlogd in both bridges with the with -y and -Y options. However I have two points the are still not quite clear to me. 1. The first bridge runs 4.2 STABLE whereas the second one will run 4.3 STABLE. Will that be a problem? Could I bring spamd and spamlogd versions only runnning on both bridges to use the new sync protocol without having to upgrade them both to CURRENT? 2. The MTA and outgoing SMTP server on each side differ. Apart from changing the PF rules (to log SMTP connections), would there be anything else I should worry about? Thanks in advance. Regards, Jose. -- Mail.com Autos- Powered by Oncars.com: Drive By Today! http://www.oncars.com
Re: NAT over internet & VPN?
On Wed, Jun 04, 2008 at 02:08:02PM +1000, Rod Whitworth wrote:
> On Tue, 3 Jun 2008 22:49:10 -0500, Matt Garman wrote:
> >I've been using the "vpnc" program on Linux to connect to my
> >employer's network. The program also exists for OpenBSD, and
> >works great for my needs.
> >
> >I use my OpenBSD (3.9) install as a typical internet gateway,
> >firewall, NAT box. My pf script is virtually identical to the
> >example on the webpage.
> >
> >What I'd like to do is have my OBSD box to NAT on the tun device
> >(VPN tunnel). I.e., so I can use the VPN connection seamlessly
> >from any system on my home network.
>
> First thing you need to do is to get up to date with at least 4.3
> installed. Nothing but 4.2 and 4.3 is supported.
I've had the 4.2 CDs sitting on my desk for months now, just haven't
gotten around to installing! I'm hoping that my configuration and
question are simple enough that the version discrepancy won't
matter.
> Then you need to realise that nobody here has ESP , so it's a bit
> hard to tell you what to change when your pf.conf is only hinted
> at. There are lots of pf.conf examples on webpages.
Sorry, I meant to post it... it was late, and I was sleepy. It's
virtually identical to the example pf.conf on the OBSD web page
(http://openbsd.org/faq/pf/example1.html). You can see what I
added---lines with the vpn_if and vpn_addr macros, in an attempt to
get the functionality I want.
Thanks again,
Matt
# macros
ext_if="vr0"
int_if="vr1"
vpn_if="tun0"
vpn_addr="192.168.187.0/24"
tcp_services="{ 22, 113 }"
icmp_types="echoreq"
# options
set block-policy return
set loginterface $ext_if
set skip on lo
# scrub
scrub in
# nat/rdr
nat on $vpn_if from $int_if to $vpn_addr -> ($vpn_if)
nat on $ext_if from !($ext_if) -> ($ext_if:0)
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
# filter rules
block in
pass out keep state
anchor "ftp-proxy/*"
antispoof quick for { lo $int_if }
pass in on $ext_if inet proto tcp from any to ($ext_if) \
port $tcp_services flags S/SA keep state
pass in on $vpn_if inet proto tcp from any to ($vpn_if) \
port $tcp_services flags S/SA keep state
pass in inet proto icmp all icmp-type $icmp_types keep state
pass quick on $int_if
Userland ppp: Change route failed -- no such process
Someone else reported this same problem back in 2005 but never got a
response, so I'll try again.
I've been running FreeBSD (userland ppp) on my old i486 firewall machine
for several years and decided to try OpenBSD 4.3 on the same machine.
I have it working well now (pppoe/DSL) except when ppp needs to change
the default route e.g. when reestablishing a dropped connection.
Here is ppp's log when that occurs:
Jun 4 06:23:21 cyr ppp[469]: TCP/IP: route_UpdateMTU: Netif: 7 (tun0), dst
0.0.0.0/0, mtu 1492
Jun 4 06:23:21 cyr ppp[469]: ID0: 1 = socket(17, 3, 0)
Jun 4 06:23:21 cyr ppp[469]: ID0: -1 = write(1, data, 120)
Jun 4 06:23:21 cyr ppp[469]: TCP/IP: rt_Update failure:
Jun 4 06:23:21 cyr ppp[469]: TCP/IP: rt_Update: Dst = 0.0.0.0/0
Jun 4 06:23:21 cyr ppp[469]: Warning: 0.0.0.0/0: Change route failed: errno:
No such process
This happens when my ISP gives me a different IP address when reconnecting.
The new connection doesn't work until I use pppctl to "add! default HISADDR"
manually.
The ppp code responsible for changing the route is found in
/usr/src/usr.sbin/ppp/ppp/route.c:
s = ID0socket(PF_ROUTE, SOCK_RAW, 0);
wb = ID0write(s, &rtmes, rtmes.m_rtm.rtm_msglen);
if (wb < 0) {
ncprange_setsa(&ncpdst, dst, mask);
log_Printf(LogTCPIP, "rt_Update failure:\n");
log_Printf(LogTCPIP, "rt_Update: Dst = %s\n", ncprange_ntoa(&ncpdst));
if (rtmes.m_rtm.rtm_errno == 0)
log_Printf(LogWARN, "%s: Change route failed: errno: %s\n",
ncprange_ntoa(&ncpdst), strerror(errno));
So ppp writes to a socket when trying to change routes, but I don't
know who is supposed to be listening at the other end, or why he is
missing in action.
Any ideas?
Thanks!
Re: looking for bandwidth monitor by ip
On Wed, Jun 4, 2008 at 9:29 PM, Agung T. Apriyanto <[EMAIL PROTECTED]> wrote: > On Wed, Jun 4, 2008 at 7:17 PM, Stuart Henderson <[EMAIL PROTECTED]> wrote: >> >> darkstat, it's in ports. >> >> > > i'm kinda looking for ncurses based, nothing much, only bandwidth usage > based on ip, some kind like this: > http://darkzone .ma .cx/resources/unix/traffic/screenshot1.jpg > perhaps there will be a generous man ported that to OpenBSD *wink* > > but thanks anyway for your suggest stuart, i'll try looking around again. > oops forgot to cc :D
Re: Google in "shell" - looks interesting
Meh. Doesn't work with lynx. Why bother? On Wed, Jun 4, 2008 at 6:17 AM, Cesare Gargano <[EMAIL PROTECTED]> wrote: > On 04/06/08 13:39 +0100, Tomas Bodzar wrote: >> http://goosh.org >> >> > > Great. > > -- Systems Programmer, Principal Electrical & Computer Engineering The University of Arizona [EMAIL PROTECTED]
Re: Google in "shell" - looks interesting
On 04/06/08 07:59 -0700, Marti Martinez wrote: > Meh. Doesn't work with lynx. Why bother? > > On Wed, Jun 4, 2008 at 6:17 AM, Cesare Gargano > <[EMAIL PROTECTED]> wrote: > > On 04/06/08 13:39 +0100, Tomas Bodzar wrote: > >> http://goosh.org > >> > >> > > > > Great. > > > > > > > > -- > Systems Programmer, Principal > Electrical & Computer Engineering > The University of Arizona > [EMAIL PROTECTED] > > ?
Re: Google in "shell" - looks interesting
According to Marti Martinez <[EMAIL PROTECTED]>: > > Meh. Doesn't work with lynx. Why bother? > > On Wed, Jun 4, 2008 at 6:17 AM, Cesare Gargano > <[EMAIL PROTECTED]> wrote: > > On 04/06/08 13:39 +0100, Tomas Bodzar wrote: > >> > >> http://goosh.org > >> > > > > Great. Doesn't work with links either. Plus in FireFox it requires Javascript to be enabled to function... I don't get it - why does the world need this? Regards, web... -- William Bulley Email: [EMAIL PROTECTED]
Re: Google in "shell" - looks interesting
2008/6/4 Tomas Bodzar <[EMAIL PROTECTED]>: > http://goosh.org > > while borderline useless in some respects, it's a tremendously interesting concept. :D thanks! (sorry Marti for that last message..) -- IEEE Student Branch President Wentworth Institute of Technology 550 Huntington Ave. Boston, MA. 02115 401.837.8417 [EMAIL PROTECTED]
Re: Google in "shell" - looks interesting
And what are the colorblind doing with it? On Wed, Jun 04, 2008 at 11:09:32AM -0400, William Bulley wrote: > According to Marti Martinez <[EMAIL PROTECTED]>: > > > > Meh. Doesn't work with lynx. Why bother? > > > > On Wed, Jun 4, 2008 at 6:17 AM, Cesare Gargano > > <[EMAIL PROTECTED]> wrote: > > > On 04/06/08 13:39 +0100, Tomas Bodzar wrote: > > >> > > >> http://goosh.org > > >> > > > > > > Great. > > Doesn't work with links either. Plus in FireFox it > requires Javascript to be enabled to function... > > I don't get it - why does the world need this? > > Regards, > > web... > > -- > William Bulley Email: [EMAIL PROTECTED]
Re: Google in "shell" - looks interesting
On 2008-06-04, William Bulley <[EMAIL PROTECTED]> wrote: > According to Marti Martinez <[EMAIL PROTECTED]>: >> >> Meh. Doesn't work with lynx. Why bother? >> >> On Wed, Jun 4, 2008 at 6:17 AM, Cesare Gargano >> <[EMAIL PROTECTED]> wrote: >> > On 04/06/08 13:39 +0100, Tomas Bodzar wrote: >> >> >> >> http://goosh.org >> >> >> > >> > Great. > > Doesn't work with links either. Plus in FireFox it > requires Javascript to be enabled to function... > > I don't get it - why does the world need this? Because they don't know about surfraw?
Re: ciss on hp DL385 G5?
4 jun 2008 kl. 14.19 skrev Martin Hedenfalk: Hi, We're trying to install OpenBSD on a HP ProLiant DL385 G5. But as shown in the dmesg below, the RAID controller (HP Smart Array P400) is not detected. According to the ciss(4) man page it should be supported. Has anyone got OpenBSD to install on such a machine? As a followup I installed FreeBSD 7.0-RELEASE on this machine without any trouble. See dmesg below. However, I would love to be able to run OpenBSD instead :-) -martin Copyright (c) 1992-2008 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 7.0-RELEASE #0: Sun Feb 24 19:59:52 UTC 2008 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Quad-Core AMD Opteron(tm) Processor 2356 (2300.09-MHz 686-class CPU) Origin = "AuthenticAMD" Id = 0x100f23 Stepping = 3 Features = 0x178bfbff < FPU ,VME ,DE ,PSE ,TSC ,MSR ,PAE ,MCE ,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT> Features2=0x802009> AMD Features=0xee400800,RDTSCP,LM,3DNow!+, 3DNow!> AMD Features2 =0x7ff,,,Prefetch,,> Cores per package: 4 real memory = 2145705984 (2046 MB) avail memory = 2090188800 (1993 MB) ACPI APIC Table: FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs cpu0 (BSP): APIC ID: 0 cpu1 (AP): APIC ID: 1 cpu2 (AP): APIC ID: 2 cpu3 (AP): APIC ID: 3 ioapic0 irqs 0-15 on motherboard ioapic1 irqs 16-31 on motherboard ioapic2 irqs 32-47 on motherboard kbd1 at kbdmux0 ath_hal: 0.9.20.3 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, RF5413) hptrr: HPT RocketRAID controller driver v1.1 (Feb 24 2008 19:59:27) acpi0: on motherboard acpi0: [ITHREAD] acpi0: Power Button (fixed) Timecounter "ACPI-safe" frequency 3579545 Hz quality 850 acpi_timer0: <32-bit timer at 3.579545MHz> port 0x920-0x923 on acpi0 acpi_hpet0: iomem 0xfed0-0xfed003ff on acpi0 Timecounter "HPET" frequency 14318180 Hz quality 900 cpu0: on acpi0 cpu1: on acpi0 cpu2: on acpi0 cpu3: on acpi0 pcib0: on acpi0 pci0: on pcib0 vgapci0: port 0x1000-0x10ff mem 0xe800-0xefff,0xf7ff-0xf7ff irq 44 at device 3.0 on pci0 pci0: at device 4.0 (no driver attached) pci0: at device 4.2 (no driver attached) uhci0: port 0x1800-0x181f irq 45 at device 4.4 on pci0 uhci0: [GIANT-LOCKED] uhci0: [ITHREAD] usb0: on uhci0 usb0: USB revision 1.0 uhub0: <(0x103c) UHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb0 uhub0: 2 ports with 2 removable, self powered pci0: at device 4.6 (no driver attached) pcib1: at device 5.0 on pci0 pci1: on pcib1 pcib2: at device 13.0 on pci1 pci2: on pcib2 atapci0: port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x500-0x50f at device 6.1 on pci0 ata0: on atapci0 ata0: [ITHREAD] ata1: on atapci0 ata1: [ITHREAD] isab0: at device 6.2 on pci0 isa0: on isab0 ohci0: port 0x1c00-0x1cff mem 0xf7ee-0xf7ee0fff irq 5 at device 7.0 on pci0 ohci0: [GIANT-LOCKED] ohci0: [ITHREAD] usb1: OHCI version 1.0, legacy support usb1: SMM does not respond, resetting usb1: on ohci0 usb1: USB revision 1.0 uhub1: <(0x1166) OHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb1 uhub1: 2 ports with 2 removable, self powered ohci1: port 0x3000-0x30ff mem 0xf7ed-0xf7ed0fff irq 5 at device 7.1 on pci0 ohci1: [GIANT-LOCKED] ohci1: [ITHREAD] usb2: OHCI version 1.0, legacy support usb2: SMM does not respond, resetting usb2: on ohci1 usb2: USB revision 1.0 uhub2: <(0x1166) OHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb2 uhub2: 2 ports with 2 removable, self powered ehci0: port 0x3400-0x34ff mem 0xf7ec-0xf7ec0fff irq 5 at device 7.2 on pci0 ehci0: [GIANT-LOCKED] ehci0: [ITHREAD] usb3: EHCI version 1.0 usb3: companion controllers, 2 ports each: usb1 usb2 usb3: on ehci0 usb3: USB revision 2.0 uhub3: <(0x1166) EHCI root hub, class 9/0, rev 2.00/1.00, addr 1> on usb3 uhub3: 4 ports with 4 removable, self powered pcib3: irq 42 at device 15.0 on pci0 pci5: on pcib3 pcib4: irq 38 at device 16.0 on pci0 pci8: on pcib4 pcib5: irq 39 at device 17.0 on pci0 pci14: on pcib5 pcib6: irq 40 at device 18.0 on pci0 pci11: on pcib6 pcib7: irq 41 at device 19.0 on pci0 pci3: on pcib7 pcib8: at device 0.0 on pci3 pci4: on pcib8 bce0: mem 0xf800-0xf9ff irq 41 at device 0.0 on pci4 miibus0: on bce0 brgphy0: PHY 1 on miibus0 brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto bce0: Ethernet address: 00:1e:0b:c3:ae:4e bce0: [ITHREAD] bce0: ASIC (0x57081020); Rev (B2); Bus (PCI-X, 64-bit, 133MHz); F/W (0x01090605); Flags( MFW MSI ) pcib9: on acpi0 pci64: on pcib9 pcib10: irq 36 at device 15.0 on pci64 pci67: on pcib10 pcib11: irq 32 at device 16.0 on pci64 pci70: on pcib11 ciss0: port 0x4000-0x40ff mem 0xfdf0-0xfdff
Encrypted filesystems
Hello, I hope this is not a FAQ, but my homework so far (which includes reading the FAQ and the installation guide as well as "just" Googling) hasn't provided an answer. Are there any means of encrypting filesystems other than using cryptfs plus vnode? As far as I could find out, the latter imposes a size limit of roughly 8GB which is acceptable for most partitions but not all of them. For example, I recently installed the most recent version of Slackware Linux on a laptop (don't blame me, it's what the owner wanted) and I was able to have everything except /boot encrypted, including system partitions such as /, without any size limits other than that of the fstype itself. Thanks in advance, Alphons -- If riding in an airplane is flying, then riding in a boat is swimming. If you want to experience the element, get out of the vehicle.
Re: Google in "shell" - looks interesting
If it were actually usable from a shell, it'd be interesting. If I'm already running a graphical interbrowser, it's because I want graphical interwebs.
Multiple FTP servers behind firewalls
Hey guys, I have a a pair of OpenBSD firewalls, using carp+pf protecting all our services. Now, we are going to end up in a situation where we need to have multiple separate ftp servers behind these firewalls (one per project). Currently I'm thinking of creating a new CARP interface on the external interface with a unique IP and a separate ftp-proxy per back-end server My question is basically has anyone done this already and does it work? Are there any problems with having multiple CARP interfaces using the same physical one? Is there a better, easier solution? It's times like these that I wish the ftp protocol included vhosts. Cheers chaps. -- joe. I don't like Annika. She's so pretentious.
Re: Google in "shell" - looks interesting
Ted Unangst wrote: If it were actually usable from a shell, it'd be interesting. If I'm already running a graphical interbrowser, it's because I want graphical interwebs. Exactly.
Re: Encrypted filesystems
On Wed, 04 Jun 2008 15:34:11 +, Alphons \"Fonz\" van Werven wrote > Are there any means of encrypting filesystems other than using > cryptfs plus vnode? As far as I could find out, the latter imposes a > size limit of roughly 8GB which is acceptable for most partitions > but not all of them. Fonz, There's no "cryptfs" in OpenBSD's ports tree. In OpenBSD, either vnconfig(8) or mount_vnd(8) are used to mount filesystem images, with or without encryption. FAQ 14.10 shows an example of mounting a CD9660 filesystem, but any valid filesystem structure may be mounted this way. As far as I know, there are no size restrictions other than the limits of the chosen filesystem.
Re: Encrypted filesystems
Josh Grosse wrote: There's no "cryptfs" in OpenBSD's ports tree. Sorry - I must have been using FreeBSD for too long ;-) In OpenBSD, either vnconfig(8) or mount_vnd(8) are used to mount filesystem images, with or without encryption. Manpages found - thanks. Alphons -- If riding in an airplane is flying, then riding in a boat is swimming. If you want to experience the element, get out of the vehicle.
Re: Google in "shell" - looks interesting
On Wed, Jun 04, 2008 at 09:46:26AM -0700, Dag Richards wrote: > Ted Unangst wrote: > > If it were actually usable from a shell, it'd be interesting. If I'm > > already running a graphical interbrowser, it's because I want > > graphical interwebs. > > Exactly. > So, can you launch a graphical browser from the goosh command line? sorry...
Re: Google in "shell" - looks interesting
Mark Zimmerman wrote: On Wed, Jun 04, 2008 at 09:46:26AM -0700, Dag Richards wrote: Ted Unangst wrote: If it were actually usable from a shell, it'd be interesting. If I'm already running a graphical interbrowser, it's because I want graphical interwebs. Exactly. So, can you launch a graphical browser from the goosh command line? sorry... No, but if we could launch it from a shell then we could parse the out put in our own apps. Store the results for our own purposes, wget and scrape pages etc.
Re: Multiple FTP servers behind firewalls
Joe, We have used a CARP firewall (two machines in failover and not load balancing) in front of a dozen ftp servers. We use 12 different ip addresses in total. One ftp-proxy for each CARP interface and forwarding the traffic to one of the 12 backend ftp server. This works fine. Ftp-Proxy (forward and reverse proxy) https://calomel.org/ftp_proxy.html If you use one external ip and thus one CARP virtual device, you might be able to use different external ports redirected to each ftp-proxy daemon. This might cause a bit of confusion depending on your users and what clients they use. Clients normally expect ftp to be on port 21 of course. vhosts would definitely be a welcome addition, but I am not sure how this would be implemented. Some problems you may see is when the CARP firewalls failover. The ftp-proxy anchors are not inherited by the second BACKUP firewall. Clients can just reconnect after the BACKUP firewall comes up. You may also want to see if you can limit ftp connection to passive mode only. This seems to help with some of the broken windows clients, though you can use the "-r" argument in ftp-proxy to suit ancient clients. If anyone has any other solutions I would also be interested in hearing about them. -- Calomel @ https://calomel.org Open Source Research and Reference On Wed, Jun 04, 2008 at 05:02:45PM +0100, Joe Warren-Meeks wrote: >Hey guys, > >I have a a pair of OpenBSD firewalls, using carp+pf protecting all >our services. > >Now, we are going to end up in a situation where we need to have >multiple separate ftp servers behind these firewalls (one per project). >Currently I'm thinking of creating a new CARP interface on the external >interface with a unique IP and a separate ftp-proxy per back-end server > >My question is basically has anyone done this already and does it work? > >Are there any problems with having multiple CARP interfaces using the >same physical one? > >Is there a better, easier solution? It's times like these that I wish >the ftp protocol included vhosts. > >Cheers chaps. > > -- joe. > >I don't like Annika. She's so pretentious.
Re: ciss on hp DL385 G5?
Martin Hedenfalk wrote: We're trying to install OpenBSD on a HP ProLiant DL385 G5. But as shown in the dmesg below, the RAID controller (HP Smart Array P400) is not detected. According to the ciss(4) man page it should be supported. Has anyone got OpenBSD to install on such a machine? I don't have any DL385s, but maybe try disabling acpi and see if it works. It looks like OpenBSD isn't seeing the bus that ciss sits on.
Re: Encrypted filesystems
On 4-Jun-08, at 10:09 AM, Alphons Fonz van Werven wrote: Josh Grosse wrote: There's no "cryptfs" in OpenBSD's ports tree. Sorry - I must have been using FreeBSD for too long ;-) In OpenBSD, either vnconfig(8) or mount_vnd(8) are used to mount filesystem images, with or without encryption. Manpages found - thanks. This may be of use, depending on your ultimate goal regarding disk encryption. https://www.mainframe.cx/~ckuethe/encrypted_disks.html This thread is a good read as well: http://marc.info/?t=11916631661&r=1&w=2 Cheers Scott
kill suspects
The F-BEE_EYE are stealing from suspects and using gang members and corrupt police to kill those that complain. A recent story ran on 60 minutes about Chicago police but the real story was not told. This also happens in the San Fran Bay area where the cost of living is very high.
