Re: encrypted disk image
Many thanks for clearing that up. Regards, Peter On 05/21/2016 12:38 AM, Ted Unangst wrote: Peter Wens wrote: On a encrypted (sd1) OpenBSD 5.9 install (amd64, (qemu, virtio)): I created a diskimage (dd if=/dev/urandom of=disk.img bs=1m count=100 vnconfig vnd0 disk.img fdisk -iy vnd0 disklabel -E vnd0 ( a a RAID) bioctl -c C -l /dev/vnd0a softraid0 creates sd2newfs /dev/rsd2c mount /dev/rsd2c /mnt installboot -v -r /mnt sd2 /usr/mdec/biosboot /usr/mdec/boot then copy some files and at some point the systems locks up. The same procedure on a unencrypted install no troubles at all. any suggestion in what's happening? Stacking softraid doesn't work. This has irked me for some time, but it's the way things are for now.
Re: Secure PKG_PATH for doas
On Fri, May 20, 2016 at 03:37:48PM +0100, Raf Czlonka wrote: > On Fri, May 20, 2016 at 12:39:46PM BST, Igor Mironov wrote: > > > Thank you Mart, Ted and Stuart--I understood that installpath in > > pkg.conf provides a secure default, and PKG_PATH should probably > > be used for overrides only (if at all). > > Hi Igor, > > PKG_PATH is essential - installpath= in pkg.conf(5) won't suffice > - if you don't want to build ports' dependencies and prefer to > simply have them install as packages, by using: > > FETCH_PACKAGES=Yes > > in mk.conf(5). > > Regards, > > Raf But that one completely does not require doas since it's run in -n mode.
Misc cqw
Hello. Misc ?! ay dr
Re: Suggestion: new webpage for openbsd.org
On 2016-05-20 Fri 17:12 PM |, Theo de Raadt wrote: > > This is a project that does rapid incremental changes. --
Re: Secure PKG_PATH for doas
On Sat, May 21, 2016 at 08:55:37AM BST, Marc Espie wrote: > On Fri, May 20, 2016 at 03:37:48PM +0100, Raf Czlonka wrote: > > On Fri, May 20, 2016 at 12:39:46PM BST, Igor Mironov wrote: > > > > > Thank you Mart, Ted and Stuart--I understood that installpath in > > > pkg.conf provides a secure default, and PKG_PATH should probably > > > be used for overrides only (if at all). > > > > Hi Igor, > > > > PKG_PATH is essential - installpath= in pkg.conf(5) won't suffice > > - if you don't want to build ports' dependencies and prefer to > > simply have them install as packages, by using: > > > > FETCH_PACKAGES=Yes > > > > in mk.conf(5). > > > > Regards, > > > > Raf > > But that one completely does not require doas since it's run in -n mode. Sure, me reply was to the "if at all" part and I was merely pointing out that 'installpath' doesn't work everywhere and sometimes one must set PKG_PATH. Raf
wsmouse1 detached - ums0 detached - uhidev0 detached
Hello, I am using OpenBSD 5.9-stable, but it keeps disconnecting the mouse. I have this problem on two laptops: Toshiba laptop with Toshiba mouse, and Asus laptop with Targus mouse. When it boots as soon as it reaches the login prompt it prints the following: wsmouse1 detached ums0 detached uhidev0 detached The trackpad on Xenocara works well though. In the dmesg I see this: acpi0: ATKG checksum error I am willing to test patches from developers for 5.9-stable... Here is the dmesg of the Asus laptop with mouse: OpenBSD 5.9-stable (GENERIC.MP) #0: Thu May 19 15:15:14 AZOST 2016 root@fnord:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2130313216 (2031MB) avail mem = 2061611008 (1966MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xfc6d0 (33 entries) bios0: vendor American Megatrends Inc. version "211" date 04/01/2008 bios0: ASUSTeK Computer Inc. F3Sr acpi0 at bios0: rev 2 acpi0: ATKG checksum error <- acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC MCFG SLIC DBGP BOOT ECDT OEMB HPET ATKG SSDT acpi0: wakeup devices USB0(S3) USB1(S3) USB2(S3) EUSB(S3) USB3(S3) USB4(S3) USBE(S3) HDAC(S3) P0P1(S4) P0P2(S4) P0P9(S3) SLPB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz, 1436.59 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM 2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF,SENSOR cpu0: 4MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 199MHz cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz, 1197.01 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM 2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF,SENSOR cpu1: 4MB 64b/line 16-way L2 cache cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpimcfg0 at acpi0 addr 0xc000, bus 0-255 acpiec0 at acpi0 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P1) acpiprt2 at acpi0: bus 2 (P0P2) acpiprt3 at acpi0: bus 3 (P0P3) acpiprt4 at acpi0: bus 4 (P0P4) acpiprt5 at acpi0: bus 5 (P0P5) acpiprt6 at acpi0: bus 6 (P0P6) acpiprt7 at acpi0: bus 8 (P0P8) acpiprt8 at acpi0: bus 9 (P0P9) acpicpu0 at acpi0: !C3(100@57 mwait.3@0x30), !C2(500@1 mwait.1@0x10), C1(1000@1 mwait.1), PSS acpicpu1 at acpi0: !C3(100@57 mwait.3@0x30), !C2(500@1 mwait.1@0x10), C1(1000@1 mwait.1), PSS acpitz0 at acpi0: critical temperature is 105 degC acpiac0 at acpi0: AC unit offline acpibat0 at acpi0: BAT0 model "F3---24" serial type LIon oem "ASUSTEK" acpiasus at acpi0 not configured acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: LID_ cpu0: Enhanced SpeedStep 1436 MHz: speeds: 2001, 2000, 1600, 1200, 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel GM965 Host" rev 0x03 ppb0 at pci0 dev 1 function 0 "Intel GM965 PCIE" rev 0x03: msi pci1 at ppb0 bus 1 radeondrm0 at pci1 dev 0 function 0 "ATI Mobility Radeon HD 2400" rev 0x00 drm0 at radeondrm0 radeondrm0: msi uhci0 at pci0 dev 26 function 0 "Intel 82801H USB" rev 0x03: apic 2 int 16 uhci1 at pci0 dev 26 function 1 "Intel 82801H USB" rev 0x03: apic 2 int 21 ehci0 at pci0 dev 26 function 7 "Intel 82801H USB" rev 0x03: apic 2 int 18 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 "Intel 82801H HD Audio" rev 0x03: msi azalia0: codecs: Realtek ALC660, Motorola/0x3055, using Realtek ALC660 audio0 at azalia0 ppb1 at pci0 dev 28 function 0 "Intel 82801H PCIE" rev 0x03 pci2 at ppb1 bus 2 age0 at pci2 dev 0 function 0 "Attansic Technology L1" rev 0xb0: msi, address xx:xx:xx:xx:xx:xx atphy0 at age0 phy 0: F1 10/100/1000 PHY, rev. 5 ppb2 at pci0 dev 28 function 1 "Intel 82801H PCIE" rev 0x03 pci3 at ppb2 bus 3 wpi0 at pci3 dev 0 function 0 "Intel PRO/Wireless 3945ABG" rev 0x02: msi, MoW2, address xx:xx:xx:xx:xx:xx ppb3 at pci0 dev 28 function 2 "Intel 82801H PCIE" rev 0x03 pci4 at ppb3 bus 4 jmb0 at pci4 dev 0 function 0 "JMicron JMB360 SATA" rev 0x02 ahci0 at jmb0: apic 2 int 18, AHCI 1.0 scsibus1 at ahci0: 32 targets ppb4 at pci0 dev 28 function 3 "Intel 82801H PCIE" rev 0x03 pci5 at ppb4 bus 5 ppb5 at pci0 dev 28 function 4 "Intel 82801H PCIE" rev 0x03: msi pci6 at ppb5 bus 6 ppb6 at pci0 dev 28 function 5 "Intel 82801H PCIE" rev 0x03: msi pci7 at ppb6 bus 8 uhci2 at pci0 dev 29 function 0 "Intel 82801H USB" rev 0x03: apic 2 int 23 uhci3 at pci0 dev 29 function 1 "Intel 82801H USB" rev 0x03: apic 2 int 19 uhci4 at pci0 dev
OpenBSD on Mikrotik/RouterBoard hardware ?
Hello all, My old companion, OpenBSD router/firewall (Intel Atom based and 5 Gigabit Intel network interfaces) died 2 weeks ago ... (Really think motherbord is dead :( ). I temporary replaced it by an unused old workstation based on AMD64x2 processor, 4GB Ram, and with a (unique) Realtek Gigabit card (I use vlan for routing). Installed it with OpenBSD 5.9 amd64, and works pretty well, but seems to be difficult for this hardware to handle load. So I try to get a better hardware. Context : Optic fiber with 200Mbits/s DL, 50Mbits/s UL came to home this week (Tuesday) replacing 2 DSL connections. (that I keep for now : network throughput is somewhat ridiculous compared to Optic fiber, but stability is really great : being an homeworker, Internet uptime is a prime goal, despite the throughput). About 20 VLAN to handle ... and for most of them, PF rules apply. Compared to delivered "router" from ISP (SFR in France, "NB6V box" for those who know this provider), this temporary "router" seems to lack of CPU/network interrupts while downloading at high speed (above 10 MBytes/s) on WAN. ping on other hosts drastically increases (+50~200ms based from 4~10 ms when link is not heavily used) while OpenBSD tries to route/firewall/nat the WAN traffic. I already used Routerboards/RouterOS for several customers : works pretty great while using high throughput Internet connections. Customer's need is achieved for all cases, but the inside RouterOS doesn't feat my needs. (IPv6 policy based routing, and IPv6 NPT for instance). About hardware : RB2011 (XXX) or RB3011 (XXX) can, I think, match my needs. About software : OpenBSD stands out for a while for being my privileged OS for a router/firewall, and clearly feats my needs while it's simple to handle some particular cases ... (compared to a Linux based router for instance). Is there any one who tried this hardware/software association (excepting the RB600A/soppc) ? If not, what's the best hardware you know to operate an OpenBSD router with high throughput networks and many (about 450~500, including bridge/tag rules) PF rules ? Best CPU, best known network driver (handling inside hardware implementations), and so on ... Thanks for reading :) . Christophe.
Re: OpenBSD on Mikrotik/RouterBoard hardware ?
I'll be mostly interested in any efforts to keep OpenBSD on ARM based SOHO routers by MikroTik, like RB951G and its family. RB951G is affordable, little box with 5 GbE ports with PoE capabilities, running on ~700MHz Atheros ARM SoC, it worked very nicely for my home needs with RouterOS, but I've forced to sell it and use something else instead, but it doesn't mean I'm not considering going back there :)
bsd.rd got IP from DHCP, but no network, no sets
I have problem installing OpenBSD 2016.05.20 i386 snapshot. I was unguarded with preparation. I had booted bsd.rd from Grub2, to avoid using some installer media. Grub2: set root=(hdx,y) kopenbsd /root/bsd.rd boot The installer boots fine. I get IP from DHCP. It came quickly. Configuring, as usual. I deleted all of my previous HDD partitions. No return. Came to sets. I choose 'http', because i didn't download the sets. I used an official mirror. "ftp: : no address associated with name Looked at http:///pub/OpenBSD/snaphots/i386 and found no OpenBSD/i386 6.0 sets. The set name looked for were: ..." I go to shell with "!". Network card is dc(4). ifconfig: OK route -n show: OK ping internet: not ok ping gateway: not ok ping other PC: not ok But i got IP from DHCP! Trying static IP configuring, playing with ifconfig dc0 media, playing with ifconfig dc0 mediaopts No success, i stuck. Typed from dmesg: dc0 at cardbus1 dev 0 function 0 "Xircom X3201-3" rev 0x03: irq11, address 00:... tqphy0 at dc0 phy 0: 78Q2120 10/100 PHY, rev. 11 "Xircom 56k Modem" rev 0x03 at cardbus1 dev 0 function 1 not configured" ... tqphy0 detached dc0 detached dc0 at cardbus1 dev 0 function 0 "Xircom X3201-3" rev 0x03: irq11, address 00:... tqphy0 at dc0 phy 0: 78Q2120 10/100 PHY, rev. 11 "Xircom 56k Modem" rev 0x03 at cardbus1 dev 0 function 1 not configured" I installed another PC in the same local network, with the install60.iso from the same time, using the sets from the same official mirror. It works, it sees the sets, it pings the gateway, it pings the internet. I cannot show you a dmesg, because no network. I made some mistakes: I did not leave the old, working system, i deleted all of the partitions, and i didn't download the installer sets. But i didn't halted the installer yet, it waites some smart command. Can i solve this without reboot the PC? Can i solve this without purchase some installer media (FDD, CD)? It is a ThinkPad 600X. It is not booting from USB and PXE. The PC in the previous OS worked right, had network and long before worked with OpenBSD, too. Maybe the problem is booting bsd.rd from Grub2?
Re: bsd.rd got IP from DHCP, but no network, no sets
On Sat, May 21, 2016 at 10:25:33PM +0200, butresin wrote: > > Maybe the problem is booting bsd.rd from Grub2? > No, GRUB2 has nothing to do here, I've actually did the same thing on -current about a few days ago, and it worked flawlessly.
Re: bsd.rd got IP from DHCP, but no network, no sets
> ifconfig: OK > route -n show: OK > ping internet: not ok > ping gateway: not ok > ping other PC: not ok > But i got IP from DHCP! Thank you for letting list know about your experience with OpenBSD install. screwed your instalation: YES not posting commands full output: YES making assumptions: YES getting help from list: NO But someone answered you, at least!
how is a table of blocked addresses synchronized between redundant firewalls
hi everyone i have two firewalls tied together with carp, i understand that state tables are synchronized between the firewalls with pfsync, are user created tables also synchronized, if not how is this done ? shadrock
5.9 xenocara.tar.gz
I am getting the following error trying to untar xenocara from official 5.9 cd. I had no problems with ports or src. Did anyone else have this problem or did I mess up my cd somehow? # mount /dev/cd0a /mnt # cd /usr # tar xfz /mnt/xenocara.tar.gz tar: End of archive volume 1 reached tar: Sorry, unable to determine archive format.
Re: 5.9 xenocara.tar.gz
On 05/21/16 21:31, Edgar Pettijohn wrote: I am getting the following error trying to untar xenocara from official 5.9 cd. I had no problems with ports or src. Did anyone else have this problem or did I mess up my cd somehow? # mount /dev/cd0a /mnt # cd /usr/xenocara # tar xfz /mnt/xenocara.tar.gz tar: End of archive volume 1 reached tar: Sorry, unable to determine archive format. Disregard. unmounted/remounted cd and it worked.
can't find books.html link
Could you please tell me where can i find the link which corresponding to books.html on the www.openbsd.org. thanks
Re: bsd.rd got IP from DHCP, but no network, no sets
On 16.05.22Sun 00:31, Mihai Popescu wrote: > > ifconfig: OK > > route -n show: OK > > ping internet: not ok > > ping gateway: not ok > > ping other PC: not ok > > But i got IP from DHCP! > > > Thank you for letting list know about your experience with OpenBSD install. > > screwed your instalation: YES > not posting commands full output: YES > making assumptions: YES > getting help from list: NO > But someone answered you, at least! > You are right. But your answer is a progress, too. You pointed, what i missed from my original mail. Thanks. # dhclient dc0 DHCPREQUEST on dc0 to 255.255.255.255 DHCPACK from 192.168.1.1 bound to 192.168.1.34 -- renewal in 43200 seconds. # ifconfig dc0 dc0: flags=8843 mtu 1500 lladr 00:10:a4:b9:bc:43 groups egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.1.34 netmask 0xff00 broadcast 192.168.1.255 # route -n show Routing tables Internet: Destination Gateway Flags Refs UseMtu Prio Iface default 192.168.1.1 UGS 0 2 -8 dc0 127.0.0.1 127.0.0.1UHPl 0 0 327681 lo0 192.168.1./24 192.168.1.34 UCP 1 0 -4 dc0 192.168.1.1 link#4 UHLcP1 1 -4 dc0 192.168.1.3400:10:a4:b9:bc:43UHLPl0 0 -1 dc0 192.168.1.255 192.168.1.34 UHPb 0 0 -1 dc0 Internet6: Destination Gateway Flags Refs UseMtu Prio Iface ::1 ::1 UHPl 0 0 327681 lo0 fe80::1%lo0 fe80::1%lo0 UHPl 0 0 327681 lo0 ff01::%lo0/32 ::1 UC 0 1 327684 lo0 ff02::%lo0/32 ::1 UC 0 1 327684 lo0 # ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1): 56 data bytes ping: sendto: Host is down ping: wrote 192.168.1.1 64 chars, ret=-1
