UNIX crash course
Looking to the list for suggestions on becoming at least a semi-competent admin. Long-time members may remember my trial-by-fire 15+ years ago when the boss ordered a T1 and the carrier's tech "helpfully" pointed the dmz interface at the (already outdated) NT4 file server. My current situation is nothing like that, but thanks to all the recent trolls, I discovered that following the IEEE's transition from their email service being little more than a .forward alias into a full-fledged GMail suite, that Google wasn't forwarding emails it deemed spammy and caused the partial loss of nearly seven months' worth of mail. Since I don't trust Google or pretty much any "free" provider at this point, that means doing it myself. Some steps (registering a domain, ordering business-class service or a static IP, etc) are self-evident. But after that, there's a lot I really need to learn beyond what's in the man pages, and my copy of 'Absolute OpenBSD' is quite dated at this point. I've also got that misbehaving ARC-1200B card, so if dlg@ or another team member in the US/Canada has interest in figuring out what's going sideways, I'll pay for shipping both ways.
Kernel panic during install 6.6
Been a long time since I've written, but I've been reading (almost) all along, and it was that troll thread two months ago that keyed me into the fact that my email preferences were NOT being obeyed, and started the wheels grinding. In trying to set up a new system to begin knocking off 15 years of rust and starting to learn something new, I'm pulling a PowerEdge SC1435 out of the closet, then promptly getting a kernel panic from both install66.fs and install66.iso. Memory seems to check out, suspected cause is the Areca ARC-1200 RAID controller since that's where the boot process fails, but that's about all I can give apart from the drives behind the controller being a pair of Seagate 3TB ST3000DM001 drives configured as RAID-1 with 64bit LBA addressing, and that the keyboard is unresponsive (so no ps/trace) except for CTRL-A rebooting the system. I haven't tried 4k blocks yet, figured I'd ask first before beginning the array re-initialization process. Bootloader and dmesg follows: CD-ROM: 82 Loading /6.6/AMD64/CDBOOT probing: pc0 com0 mem[640K 3581M 12800M a20=on] disk: hd0+* cd0 >> OpenBSD/amd64 CDBOOT 3.44 boot> set tty com0 switching console to com0 cannot open cd0a:/etc/random.seed: No such file or directory booting cd0a:/6.6/amd64/bsd.rd: 3732171+1537024+3885432+0+598016 [376562+128+455544+303577]=0xa648d0 entry point at 0x81001000 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2019 OpenBSD. All rights reserved. https://www.OpenBSD.org OpenBSD 6.6 (RAMDISK_CD) #349: Sat Oct 12 11:03:52 MDT 2019 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD real mem = 17161854976 (16366MB) avail mem = 16637759488 (15867MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xdffbc000 (50 entries) bios0: vendor Dell Inc. version "2.2.5" date 03/21/2008 bios0: Dell Inc. PowerEdge SC1435 acpi0 at bios0: ACPI 3.0 acpi0: tables DSDT FACP APIC SPCR HPET MCFG SLIC ERST HEST BERT EINJ SRAT SSDT acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Dual-Core AMD Opteron(tm) Processor 2212, 1995.35 MHz, 0f-41-02 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAP8 cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 199MHz cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 4 pa 0xfec0, version 11, 16 pins, remapped ioapic1 at mainbus0: apid 5 pa 0xfec01000, version 11, 16 pins, remapped ioapic2 at mainbus0: apid 6 pa 0xfec02000, version 11, 16 pins, remapped acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 3 (PXB_) acpiprt2 at acpi0: bus 4 (PPBX) acpiprt3 at acpi0: bus 5 (EXB0) acpiprt4 at acpi0: bus 1 (EXB1) acpiprt5 at acpi0: bus 2 (EXB2) acpiprt6 at acpi0: bus 6 (EXB3) acpiprt7 at acpi0: bus 7 (EXB4) acpicpu at acpi0 not configured "PNP0A08" at acpi0 not configured acpicmos0 at acpi0 pci0 at mainbus0 bus 0 ppb0 at pci0 dev 1 function 0 "ServerWorks HT-1000 PCI" rev 0x00 pci1 at ppb0 bus 3 ppb1 at pci1 dev 13 function 0 "ServerWorks HT-1000 PCIX" rev 0xc0 pci2 at ppb1 bus 4 pchb0 at pci0 dev 2 function 0 "ServerWorks HT-1000" rev 0x00 "ServerWorks HT-1000 LPC" rev 0x00 at pci0 dev 2 function 2 not configured ohci0 at pci0 dev 3 function 0 "ServerWorks HT-1000 USB" rev 0x01: apic 4 int 15, version 1.0, legacy support ohci1 at pci0 dev 3 function 1 "ServerWorks HT-1000 USB" rev 0x01: apic 4 int 15, version 1.0, legacy support ehci0 at pci0 dev 3 function 2 "ServerWorks HT-1000 USB" rev 0x01: apic 4 int 15 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 configuration 1 interface 0 "ServerWorks EHCI root hub" rev 2.00/1.00 addr 1 vga1 at pci0 dev 4 function 0 "ATI ES1000" rev 0x02 wsdisplay1 at vga1 mux 1: console (80x25, vt100 emulation) ppb2 at pci0 dev 7 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2 pci3 at ppb2 bus 5 ppb3 at pci0 dev 8 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2 pci4 at ppb3 bus 1 bge0 at pci4 dev 0 function 0 "Broadcom BCM5721" rev 0x21, BCM5750 C1 (0x4201): msi, address 00:18:8b:75:37:ad brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 ppb4 at pci0 dev 9 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2 pci5 at ppb4 bus 2 ppb5 at pci0 dev 10 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2: msi pci6 at ppb5 bus 6 arc0 at pci6 dev 0 function 0 "Areca ARC-1200B" rev 0x00: apic 5 int 3 uvm_fault(0x81910b70, 0x10, 0, 1) -> e fatal page fault in supervisor mode trap type 6 code 0 rip 8123f3ae cs 8 rflags 10293 cr2 10 cpl e rsp 81a068f0 gsbase 0x818afff0 kgsbase 0x0 panic: trap
Building from source
Coming back to my self-teaching on how to (hopefully eventually) be semi-competent, I'm working on trying to build a git project from source. Thus far I've been able to figure out things like functions having slight name differences (e.g. |pthread_set_name_np()| instead of |pthread_setname_np()) and missing #includes in .hh files, but getting stuck on a library issue... about halfway through the first module, I'm failing with: ld: error: unable to find library -lprotoc ld: error: unable to find library -lprotobuf c++: error: linker command failed with exit code 1 (use -v to see invocation) I've pkg_add'ed the necessary packages, and the libraries exist in /usr/local/lib. I found one site that suggested creating a softlink from .so to .so.9.0 in case the linker didn't understand versioning, but that didn't help. Read the .mk files in /usr/share/mk but nothing jumped out as obvious, and /etc/mk.conf doesn't exist. Pretty sure I'm missing something newbie-obvious, I just don't know what, so a kind "Look here..." would be appreciated. |
6.9-BETA Installer crash
Thought I'd try using the Dell and ARC-1200 combination with 6.9-BETA I mentioned a couple months ago (https://marc.info/?l=openbsd-misc&m=158259981320518), but still no luck. Dmesg of both 6.9-BETA and verbose FreeBSD 12.1-RELEASE attached in case they might be useful. I've also gone backwards to 5.8-RELEASE on the off chance I could zero in on a change that broke things, but no luck there, either. Loading kernel... /boot/kernel/kernel text=0x16bdcc4 data=0x140 data=0x75fe80 syms=[0x8+0x17e098+0 x8+0x19bdd3] Loading configured modules... can't find '/boot/entropy' can't find '/etc/hostid' ---<>--- APIC: Using the MADT enumerator. Copyright (c) 1992-2020 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 12.2-RELEASE r366954 GENERIC amd64 FreeBSD clang version 10.0.1 (g...@github.com:llvm/llvm-project.git llvmorg-10.0.1-0-gef32c611aa2) SRAT: Found CPU APIC ID 0 domain 0: enabled SRAT: Found CPU APIC ID 1 domain 0: enabled SRAT: Found memory domain 0 addr 0x0 len 0xa: enabled SRAT: Found memory domain 0 addr 0x10 len 0xdff0: enabled SRAT: Found memory domain 0 addr 0x1 len 0x32000: enabled SRAT: Found CPU APIC ID 2 domain 1: enabled SRAT: Found CPU APIC ID 3 domain 1: enabled SRAT: Found memory domain 1 addr 0x0 len 0xa: enabled SRAT: Overlapping memory entries SRAT: Found memory domain 1 addr 0x10 len 0xdff0: enabled SRAT: Overlapping memory entries SRAT: Found memory domain 1 addr 0x1 len 0x32000: enabled SRAT: Overlapping memory entries PPIM 0: PA=0xa, VA=0x8271, size=0x1, mode=0 PPIM 1: PA=0x41ffe7000, VA=0x8272, size=0x1000, mode=0x6 pmap: large map 8 PML4 slots (4096 Gb) VT(vga): resolution 640x480 Preloaded elf kernel "/boot/kernel/kernel" at 0x8247b000. Calibrating TSC clock ... TSC clock: 1995040996 Hz CPU: Dual-Core AMD Opteron(tm) Processor 2212 (1995.04-MHz K8-class CPU) Origin="AuthenticAMD" Id=0x40f12 Family=0xf Model=0x41 Stepping=2 Features=0x178bfbff Features2=0x2001 AMD Features=0xea500800 AMD Features2=0x1f SVM: Features=0x0 Revision=1, ASIDs=64 L1 2MB data TLB: 8 entries, fully associative L1 2MB instruction TLB: 8 entries, fully associative L1 4KB data TLB: 32 entries, fully associative L1 4KB instruction TLB: 32 entries, fully associative L1 data cache: 64 kbytes, 64 bytes/line, 1 lines/tag, 2-way associative L1 instruction cache: 64 kbytes, 64 bytes/line, 1 lines/tag, 2-way associative L2 2MB unified TLB: 0 entries, disabled/not present L2 4KB data TLB: 512 entries, 4-way associative L2 4KB instruction TLB: 512 entries, 4-way associative L2 unified cache: 1024 kbytes, 64 bytes/line, 1 lines/tag, 16-way associative real memory = 17179869184 (16384 MB) Physical memory chunk(s): 0x0001 - 0x0009efff, 585728 bytes (143 pages) 0x00103000 - 0x001f, 1036288 bytes (253 pages) 0x0270 - 0xdfed1fff, 3715964928 bytes (907218 pages) 0xdfee6000 - 0xdfee7fff, 8192 bytes (2 pages) 0x0001 - 0x000405bbcfff, 12981096448 bytes (3169213 pages) avail memory = 16632233984 (15861 MB) MADT: Found CPU APIC ID 0 ACPI ID 1: enabled SMP: Added CPU 0 (AP) MADT: Found CPU APIC ID 2 ACPI ID 2: enabled SMP: Added CPU 2 (AP) MADT: Found CPU APIC ID 1 ACPI ID 3: enabled SMP: Added CPU 1 (AP) MADT: Found CPU APIC ID 3 ACPI ID 4: enabled SMP: Added CPU 3 (AP) MADT: Found CPU APIC ID 20 ACPI ID 5: disabled MADT: Found CPU APIC ID 21 ACPI ID 6: disabled MADT: Found CPU APIC ID 22 ACPI ID 7: disabled MADT: Found CPU APIC ID 23 ACPI ID 8: disabled Event timer "LAPIC" quality 100 LAPIC: ipi_wait() us multiplier 55 (r 3601315 tsc 1995040996) ACPI APIC Table: Package ID shift: 1 L2 cache ID shift: 0 L1 cache ID shift: 0 Core ID shift: 0 INTR: Adding local APIC 1 as a target INTR: Adding local APIC 2 as a target INTR: Adding local APIC 3 as a target FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs FreeBSD/SMP: 2 package(s) x 2 core(s) Package HW ID = 0 Core HW ID = 0 CPU0 (BSP): APIC ID: 0 Core HW ID = 1 CPU1 (AP): APIC ID: 1 Package HW ID = 1 Core HW ID = 2 CPU2 (AP): APIC ID: 2 Core HW ID = 3 CPU3 (AP): APIC ID: 3 APIC: CPU 0 has ACPI ID 1 APIC: CPU 1 has ACPI ID 3 APIC: CPU 2 has ACPI ID 2 APIC: CPU 3 has ACPI ID 4 Pentium Pro MTRR support enabled x86bios: IVT 0x00-0x0004ff at 0xf800 x86bios: SSEG 0x09e000-0x09efff at 0xfe3a5000 x86bios: EBDA 0x09f000-0x09 at 0xf809f000 x86bios: ROM 0x0a-0x0fefff at 0xf80a arc4random: no preloaded entropy cache VIMAGE (virtualized network stack) enabled hostuuid: using ---- ULE: setup cpu 0 ULE: setup cpu 1 ULE: setup cpu 2 UL
Re: Building from source
Sorry about taking so long to get back to this... 'tis just a side project to stave off boredom while sitting in hotel rooms with nothing "real job" related remaining to get done. On 12/16/2020 11:34 PM, Bodie wrote: On 17.12.2020 03:07, Chris Zakelj wrote: Coming back to my self-teaching on how to (hopefully eventually) be semi-competent, I'm working on trying to build a git project from source. Thus far I've been able to figure out things like functions having slight name differences (e.g. |pthread_set_name_np()| instead of |pthread_setname_np()) and missing #includes in .hh files, but getting stuck on a library issue... about halfway through the first module, I'm failing with: Will be nice to know which code/project as maybe someone else work on that too It's a stand-alone torrent tracker called hefur: https://github.com/abique/hefur (I'm trying to get this working since it has a much better statistics and control mechanism than OpenTracker) https://www.openbsd.org/report.html This is definitely not report-worthy... at least until I've truly exhausted the relevant reading material. There are for sure other places with more info regarding that. Maybe related Makefile is "hardcoded" with paths which are different on OpenBSD. It offers at least hint to use -v for how it was invokedNemo's response suspects there would be "I'm running on Linux" assumptions in a couple of places, and while I haven't seen anything "obvious" to that effect so far, the fact that it uses CMake in itself does point in that direction. You can create /etc/mk.conf on your own with stuff you need. Maybe you can try to follow https://www.openbsd.org/faq/ports/guide.html as these things are handled on that level and there are tools present like look for 'make port-lib-depends-check' I suspect this would be where Stuart's "-L/usr/local/lib" should live... back to the reading and experimenting!
Re: 6.9-BETA Installer crash
On 2/18/2021 12:26 PM, Chris Cappuccio wrote: Chris Zakelj [c.zak...@ieee.org] wrote: Thought I'd try using the Dell and ARC-1200 combination with 6.9-BETA I mentioned a couple months ago (https://marc.info/?l=openbsd-misc&m=158259981320518), but still no luck. Dmesg of both 6.9-BETA and verbose FreeBSD 12.1-RELEASE attached in case they might be useful. I've also gone backwards to 5.8-RELEASE on the off chance I could zero in on a change that broke things, but no luck there, either. Can you please try booting different versions until you find one that works? You said OpenBSD 5.8 does not boot either? Did you mean 6.8? And, can you try OpenBSD 5.4 and 5.5 ? Five-point-eight is correct. I went through https://cvsweb.openbsd.org/src/sys/dev/pci/arc.c checking for when changes to the driver hit a release, and attempted booting those releases. I'll look at more mirrors on the list to see if I can find those older releases and report back either way.
Re: 6.9-BETA Installer crash
On 2/18/2021 1:07 PM, Stuart Henderson wrote: On 2021-02-18, Chris Zakelj wrote: On 2/18/2021 12:26 PM, Chris Cappuccio wrote: Chris Zakelj [c.zak...@ieee.org] wrote: Thought I'd try using the Dell and ARC-1200 combination with 6.9-BETA I mentioned a couple months ago (https://marc.info/?l=openbsd-misc&m=158259981320518), but still no luck. Dmesg of both 6.9-BETA and verbose FreeBSD 12.1-RELEASE attached in case they might be useful. I've also gone backwards to 5.8-RELEASE on the off chance I could zero in on a change that broke things, but no luck there, either. Can you please try booting different versions until you find one that works? You said OpenBSD 5.8 does not boot either? Did you mean 6.8? And, can you try OpenBSD 5.4 and 5.5 ? Five-point-eight is correct. I went through https://cvsweb.openbsd.org/src/sys/dev/pci/arc.c checking for when changes to the driver hit a release, and attempted booting those releases. I'll look at more mirrors on the list to see if I can find those older releases and report back either way. ftp.eu.openbsd.org has many old releases. Thanks! Now for a mixed-bag result. 5.6 and 5.5 both panic. 5.4 boots (dmesg attached), but doesn't actually see the 1TB array (installer says "Available disks are: none." I did get this curiosity after I escaped the install shell and rebooted: # reboot syncing disks... done arc0: timeout waiting to stop bg rebuild arc0: timeout waiting to flush cache rebooting... There is no array building/modification activity going on, so... (shrug) 3107652+958436+2896976+0+530704 [80+337704+219090]=0xbaeb60 entry point at 0x10001e0 [7205c766, 3404, 24448b12, 85b8a304] Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2013 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 5.4 (RAMDISK_CD) #34: Tue Jul 30 15:35:37 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD real mem = 17161854976 (16366MB) avail mem = 16700104704 (15926MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xdffbc000 (50 entries) bios0: vendor Dell Inc. version "2.2.5" date 03/21/2008 bios0: Dell Inc. PowerEdge SC1435 acpi0 at bios0: rev 2 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP APIC SPCR HPET MCFG SLIC ERST HEST BERT EINJ SRAT SSDT acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Dual-Core AMD Opteron(tm) Processor 2212, 1995.30 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8 cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 199MHz cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 4 pa 0xfec0, version 11, 16 pins ioapic0: misconfigured as apic 0, remapped to apid 4 ioapic1 at mainbus0: apid 5 pa 0xfec01000, version 11, 16 pins ioapic1: misconfigured as apic 0, remapped to apid 5 ioapic2 at mainbus0: apid 6 pa 0xfec02000, version 11, 16 pins ioapic2: misconfigured as apic 0, remapped to apid 6 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 3 (PXB_) acpiprt2 at acpi0: bus 4 (PPBX) acpiprt3 at acpi0: bus 5 (EXB0) acpiprt4 at acpi0: bus 1 (EXB1) acpiprt5 at acpi0: bus 2 (EXB2) acpiprt6 at acpi0: bus 6 (EXB3) acpiprt7 at acpi0: bus 7 (EXB4) pci0 at mainbus0 bus 0 ppb0 at pci0 dev 1 function 0 "ServerWorks HT-1000 PCI" rev 0x00 pci1 at ppb0 bus 3 ppb1 at pci1 dev 13 function 0 "ServerWorks HT-1000 PCIX" rev 0xc0 pci2 at ppb1 bus 4 pchb0 at pci0 dev 2 function 0 "ServerWorks HT-1000" rev 0x00 "ServerWorks HT-1000 LPC" rev 0x00 at pci0 dev 2 function 2 not configured ohci0 at pci0 dev 3 function 0 "ServerWorks HT-1000 USB" rev 0x01: apic 4 int 15, version 1.0, legacy support ohci1 at pci0 dev 3 function 1 "ServerWorks HT-1000 USB" rev 0x01: apic 4 int 15, version 1.0, legacy support ehci0 at pci0 dev 3 function 2 "ServerWorks HT-1000 USB" rev 0x01: apic 4 int 15 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "ServerWorks EHCI root hub" rev 2.00/1.00 addr 1 vga1 at pci0 dev 4 function 0 "ATI ES1000" rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) ppb2 at pci0 dev 7 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2 pci3 at ppb2 bus 5 ppb3 at pci0 dev 8 function 0 "ServerWorks HT-2100 PCIE" rev 0xa2 pci4 at ppb3 bus 1 bge0 at pci4 dev 0 function 0 "Broadcom BCM5721" rev 0x21, BCM5750 C1 (0x4201): apic 5 int 1, address 00:18:8b:75:37:ad brgphy0 at
Re: 6.9-BETA Installer crash
Ohh... that's a pretty big diff, but my Marvell-based ARC-1200 is listed as affected, so it's certainly worth a shot. Now to dig in and teach myself how to patch and build releases against -CURRENT (might be a while before I come back with results)... Chris On 2/22/2021 1:40 PM, Chris Cappuccio wrote: Chris Zakelj [c.zak...@ieee.org] wrote: Thanks! Now for a mixed-bag result. 5.6 and 5.5 both panic. 5.4 boots (dmesg attached), but doesn't actually see the 1TB array (installer says "Available disks are: none." I did get this curiosity after I escaped the install shell and rebooted: Looks like we have a problem with arc_marvell cards. I had one working but there may be different firmware, etc. Areca sent a newer patch to openbsd-tech in the last year or so which you should try: From: ching Huang Subject: [PATCH: sys/dev/pci/arc.c] update Areca Raid adapter driver arc.c for support ARC-1203, ARC-1884 It's not clear if this changes the behavior on your card significantly. Chris
Errors extracting ports and xenocara tarballs
I'm getting an odd error trying to extract these two tarballs from 6.9-RELEASE on a clean install. I'm probably missing something obvious but don't know what. Starting with https://www.openbsd.org/faq/faq5.html, I log in on the console, edit my non-root user, and create the directory structure: # user mod -G wsrc czakelj # cd /usr # mkdir -p xenocara ports # chgrp wsrc xenocara ports # chmod 775 xenocara ports So far, so good. Next I go to https://www.openbsd.org/anoncvs.html, log in non-root via SSH, and begin extracting: arcbuild$ cd /usr/src arcbuild$ tar xzf /home/czakelj/src.tar.gz arcbuild$ tar xzf /home/czakelj/sys.tar.gz arcbuild$ cd /usr arcbuild$ tar xzf /home/czakelj/ports.tar.gz tar: Access/modification time set failed on: ports: Operation not permitted I also get that same error attempting to extract xenocara.tar.gz. Ideas/clues (other than "cheating" and using syspatch since I'm trying to learn stuff after all)? Thanks!
Re: 6.9-BETA Installer crash
On 2/22/2021 5:40 PM, Chris Cappuccio wrote: > Chris Cappuccio [ch...@nmedia.net] wrote: >> >> Looks like we have a problem with arc_marvell cards. I had one working >> but there may be different firmware, etc. >> >> Areca sent a newer patch to openbsd-tech in the last year or so which you >> should try: >> >> From: ching Huang >> Subject: [PATCH: sys/dev/pci/arc.c] update Areca Raid adapter driver arc.c >> for support ARC-1203, ARC-1884 >> >> It's not clear if this changes the behavior on your card significantly. >> > > Oh and here is where he supports the ARC 1200 rev B: > > http://openbsd-archive.7691.n7.nabble.com/PATCH-sys-dev-pci-arc-c-update-Areca-Raid-adapter-driver-arc-c-for-support-ARC-1203-ARC-1884-td394610.html > > It looks like the newer patch on openbsd-tech includes this plus newer. > > Chris > Bit of an update since I found time to experiment... I still haven't been able to directly apply Ching Huang's patch from last summer (many thanks to Chris Cappuccio for helping me at least try to do it the "right" way! I haven't given up, I swear!), but following Ching's offlist suggestion of doing a wholesale replacement of the 6.9-STABLE /src/sys/dev/pci/arc.c with Areca's (https://www.areca.us/support/s_openBSD/driver/arcmsr-1.5.0.1-openbsd.zip) appears to be working cleanly. Since his patch was dated July 6, 2020, I'm guessing it was probably against v1.113 or slightly earlier. If there's a way to nail down the common ancestor, I can try applying the subsequent patches to see if there's something specific that broke it. dmesg below: OpenBSD 6.9-stable (GENERIC.MP) #2: Mon Jun 21 10:19:53 EDT 2021 root@arcbuild.localdomain:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 17161854976 (16366MB) avail mem = 16626343936 (15856MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xdffbc000 (50 entries) bios0: vendor Dell Inc. version "2.2.5" date 03/21/2008 bios0: Dell Inc. PowerEdge SC1435 acpi0 at bios0: ACPI 3.0 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP APIC SPCR HPET MCFG SLIC ERST HEST BERT EINJ SRAT SSDT acpi0: wakeup devices RTC_(S5) PXB_(S5) EXB1(S5) EXB2(S5) EXB3(S5) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Dual-Core AMD Opteron(tm) Processor 2212, 1995.28 MHz, 0f-41-02 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8 cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 2 (application processor) cpu1: Dual-Core AMD Opteron(tm) Processor 2212, 1995.02 MHz, 0f-41-02 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8 cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu1: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu1: smt 0, core 0, package 2 cpu2 at mainbus0: apid 1 (application processor) cpu2: Dual-Core AMD Opteron(tm) Processor 2212, 1995.02 MHz, 0f-41-02 cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8 cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu2: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu2: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu2: smt 0, core 0, package 1 cpu3 at mainbus0: apid 3 (application processor) cpu3: Dual-Core AMD Opteron(tm) Processor 2212, 1995.02 MHz, 0f-41-02 cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8 cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu3: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu3: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu3: smt 0, core 0, package 3 ioapic0 at mainbus0: apid 4 pa 0xfec0, version 11, 16 pins, remapped ioapic1 at mainbus0: apid 5 pa 0xfec01000, version 11, 16 pins, remapped ioapic2 at mainbus0: apid 6 pa 0xfec02000, version 11, 16 pins, remapped acpihpet0 at acpi0: 14318180 H
Re: OpenBSD on Soekris net4801
When I set my 4801 up years and years ago, I did it by using an IDE>CF adapter on an old Athlon system I had hanging around rather than messing around with virtual images, PXE booting, or the like. The Geode processor is roughly equivalent to a Pentium II, so use i386 images. Past that, from my notes I have the console being set for 9600bps and vt220, and \etc\boot.conf set tty com0 On Wed, May 22, 2019 at 2:08 PM Alberto Mijares wrote: > Hi guys, > > I'm new on this list. Greetings everyone. > > Here is my case: > > I installed OpenBSD on a 4GB Flash Card by attaching the card to a > Bhyve VM as a "ahci-hd" custom drive. Then, booted the VM and disabled > a few of services. Also disabled kernel and libs randomization, since > it's not needed and the Soekris couldn't handle it. At the end, only > sshd, syslogd and ntpd are starting and and 73MB or RAM remain free. > Finally, I created a /etc/hostname.sis1 file with proper network > configuration, since the device name in the VM is not the same of the > interface of the Soekris. > > Now I should say: the serial console is not working for me, for some > reason I cannot get it working. I see garbage in the screen with all > possible combinations of speeds and other terminal configs. > > When I plug the CF in the Soekris, it won't boot properly. I think the > kernel is loaded and hangs at some point. Can't tell where, as > explained before. I know the boot is not finishing because I created a > /etc/rc.local in it doesn't do anything. > > I tried to edit /etc/fstab and change sd disk interface for wd. Not > working either. > > I also tried the bsd.rd but I'm not sure if I get a prompt or it also > hangs. > > Ideally, I would boot the Soekris and wait for network initialization > for connecting via SSH. Any suggestion? > > The only thing I haven't tried is the bsd.mp kernel, now that I think. > I'll give it a try and will be waiting for your feedback in the > meantime. > > Thanks in advance. > > > Alberto Mijares > >
Trouble getting ntalkd going
Overview... because something between my laptop and home has a nasty habit of eating IM messages, I'm trying to get talkd(8) running so I can use SSH to talk with family while away. However, something's not right. Base info: $ uname -a OpenBSD .dyndns.org 4.4 GENERIC#1021 i386 (yes, I know it's old... I just haven't seen any errata that affect what I'm doing) $ cat /etc/inetd.conf | grep ntalk ntalk dgram udp waitroot/usr/libexec/ntalkd ntalkd $ netstat -a | grep talk udp0 0 *.ntalk*.* $ who czakelj ttyp0Mar 27 10:11 (w.x.y.z) testuserttyp1Mar 27 10:13 (w.x.y.z) $ talk testuser . . --- . . talk: Couldn't bind to control socket: Can't assign requested address $ So near as I can tell, ntalk(8) is being started at boot, it is running, but something won't let it connect with itself. pf(4) is NOT running on this box (the firewall is upstream). Suggestions?
Re: Trouble getting ntalkd going
On Wed, Mar 28, 2012 at 4:50 AM, Stefan Sieg wrote: > On 2012-03-27 17:00, Chris Zakelj wrote: > >> Overview... because something between my laptop and home has a nasty habit >> of eating IM messages, I'm trying to get talkd(8) running so I can use SSH >> to talk with family while away. However, something's not right. Base >> info: >> >> $ uname -a >> OpenBSD .dyndns.org 4.4 GENERIC#1021 i386 >> (yes, I know it's old... I just haven't seen any errata that affect what >> I'm doing) >> >> $ cat /etc/inetd.conf | grep ntalk >> ntalk dgram udp waitroot/usr/libexec/ntalkd >> ntalkd >> >> $ netstat -a | grep talk >> udp0 0 *.ntalk*.* >> >> $ who >> czakelj ttyp0Mar 27 10:11 (w.x.y.z) >> testuserttyp1Mar 27 10:13 (w.x.y.z) >> >> $ talk testuser >> . >> . >> --- >> . >> . >> talk: Couldn't bind to control socket: Can't assign requested address >> $ >> >> So near as I can tell, ntalk(8) is being started at boot, it is running, >> but something won't let it connect with itself. pf(4) is NOT running on >> this box (the firewall is upstream). Suggestions? >> > > > do you have a proper entry in /etc/hosts ? > > $ cat /etc/hosts # $OpenBSD: hosts,v 1.11 2002/09/26 23:35:51 krw Exp $ # # Host Database # # RFC 1918 specifies that these networks are "internal". # 10.0.0.0 10.255.255.255 # 172.16.0.0172.31.255.255 # 192.168.0.0 192.168.255.255 # ::1 localhost.my.domain localhost 127.0.0.1 localhost.my.domain localhost ::1 anubis.my.domain anubis 127.0.0.1 anubis.my.domain anubis Attempting all variations of "talk user@anubis", and "talk user@localhost" also results in the "Couldn't bind" error.
Re: Trouble getting ntalkd going
On Wed, Mar 28, 2012 at 9:48 AM, Chris Zakelj wrote: > > > On Wed, Mar 28, 2012 at 4:50 AM, Stefan Sieg wrote: > >> On 2012-03-27 17:00, Chris Zakelj wrote: >> >>> Overview... because something between my laptop and home has a nasty >>> habit >>> of eating IM messages, I'm trying to get talkd(8) running so I can use >>> SSH >>> to talk with family while away. However, something's not right. Base >>> info: >>> >>> $ uname -a >>> OpenBSD .dyndns.org 4.4 GENERIC#1021 i386 >>> (yes, I know it's old... I just haven't seen any errata that affect what >>> I'm doing) >>> >>> $ cat /etc/inetd.conf | grep ntalk >>> ntalk dgram udp waitroot/usr/libexec/ntalkd >>> ntalkd >>> >>> $ netstat -a | grep talk >>> udp0 0 *.ntalk*.* >>> >>> $ who >>> czakelj ttyp0Mar 27 10:11 (w.x.y.z) >>> testuserttyp1Mar 27 10:13 (w.x.y.z) >>> >>> $ talk testuser >>> . >>> . >>> --- >>> . >>> . >>> talk: Couldn't bind to control socket: Can't assign requested address >>> $ >>> >>> So near as I can tell, ntalk(8) is being started at boot, it is running, >>> but something won't let it connect with itself. pf(4) is NOT running on >>> this box (the firewall is upstream). Suggestions? >>> >> >> >> do you have a proper entry in /etc/hosts ? >> >> > $ cat /etc/hosts > # $OpenBSD: hosts,v 1.11 2002/09/26 23:35:51 krw Exp $ > # > # Host Database > # > # RFC 1918 specifies that these networks are "internal". > # 10.0.0.0 10.255.255.255 > # 172.16.0.0172.31.255.255 > # 192.168.0.0 192.168.255.255 > # > ::1 localhost.my.domain localhost > 127.0.0.1 localhost.my.domain localhost > ::1 anubis.my.domain anubis > 127.0.0.1 anubis.my.domain anubis > > Attempting all variations of "talk user@anubis", and "talk user@localhost" > also results in the "Couldn't bind" error. > > Wanted to put my resolution in here since Stephan's hosts note got me looking at other names, and it'll (hopefully) help list searches... in a former life, this was my public facing webserver. $ cat /etc/myname oldname.dyndns.org appended "127.0.0.1 oldname.dyndns.org oldname" to /etc/hosts, and now it's working perfectly.
Installation troubles
Evening... I'm trying install my fresh 4.2 CDs on a system that is destined to become a samba server and build machine for CF-based firewalls. Only I'm having a problem (obviously). This is the third release where I'm having this issue, but previously I just chalked it up to old, cranky CDROM drives, and went with FTP. But given this is all new hardware, time to figure out what's really happening. This system is fresh-built amd64 (but will be running/compiling all i386 binaries to avoid having to cross-compile Soekris builds), IDE DVD-ROM drive, SATA hard drive. Boots from CD, then gets through partitioning, labelling, and formatting the drive just fine. Network config sails through, until I finally hit "Let's install the sets!". I hit enter for the defaults 'cd' and 'cd0', at which point I get the following: cd0(atapiscsi0:0:0): Check Condition (error 0x70) on opcode 0x28 SENSE KEY: Media Error ASC/ASCQ: ASC 0x11 ASCQ 0x06 This message repeats three times, at which point the installer gives up, reports 'No filesystems found on cd0', and asks again where to find the sets. For what it's worth, this happens on four different i386 machines of various vintage (from a 16 year old 486 up through tonight's Sempron build), with official CD releases from 4.0 onwards. I'm guessing I'm missing something obvious, but Google and MARC didn't turn up anything, so cluesticks are welcome.
Re: Installation troubles
Richard Toohey wrote: Asking the obvious questions to eliminate them first ... 1. Official CDs? 2. Can you read/copy the CD on *any* machines / *any* OS? 3. Specifically - if you FTP install OpenBSD , can you then mount / copy / do anything with the CD? 4. dmesg(s) Personal experience ... I have installed 3.8 to 4.2 from CDs on machines from P3 500 to Pentium D 2.something via Celeron 900Mhz (Dells, HPs, Compaqs, desktops and laptops) - only real issue was a bogus 4.1 CD than no machine would touch. I had a CD error with 4.2 today (same CD that I have done 3 installs with already!) when extracting Xenocara - so I umounted, ejected, took CD out, waggled it around while saying magic incantation, remounted, and tried again and it worked (well, no errors reported.) HTH, YMMV, IANAD, etc. On 1/11/2007, at 4:55 PM, Chris Zakelj wrote: Evening... I'm trying install my fresh 4.2 CDs on a system that is destined to become a samba server and build machine for CF-based firewalls. Only I'm having a problem (obviously). This is the third release where I'm having this issue, but previously I just chalked it up to old, cranky CDROM drives, and went with FTP. But given this is all new hardware, time to figure out what's really happening. This system is fresh-built amd64 (but will be running/compiling all i386 binaries to avoid having to cross-compile Soekris builds), IDE DVD-ROM drive, SATA hard drive. Boots from CD, then gets through partitioning, labelling, and formatting the drive just fine. Network config sails through, until I finally hit "Let's install the sets!". I hit enter for the defaults 'cd' and 'cd0', at which point I get the following: cd0(atapiscsi0:0:0): Check Condition (error 0x70) on opcode 0x28 SENSE KEY: Media Error ASC/ASCQ: ASC 0x11 ASCQ 0x06 This message repeats three times, at which point the installer gives up, reports 'No filesystems found on cd0', and asks again where to find the sets. For what it's worth, this happens on four different i386 machines of various vintage (from a 16 year old 486 up through tonight's Sempron build), with official CD releases from 4.0 onwards. I'm guessing I'm missing something obvious, but Google and MARC didn't turn up anything, so cluesticks are welcome. 1. Yes, they're official CDs straight from austin@ 2. Yes, both my WinXP laptop and WinXP-64 desktop can read/copy 3. I vaguely recall installing packages from one of them after doing the FTP install, but I'll try again later tonight. 4. I'd love to, but except for the 486 (stuffed in a closet), they don't have serial ports to redirect to.
Re: Installation troubles
Chris Zakelj wrote:
Richard Toohey wrote:
Asking the obvious questions to eliminate them first ...
1. Official CDs?
2. Can you read/copy the CD on *any* machines / *any* OS?
3. Specifically - if you FTP install OpenBSD , can you then mount /
copy / do anything with the CD?
4. dmesg(s)
Personal experience ...
I have installed 3.8 to 4.2 from CDs on machines from P3 500 to
Pentium D 2.something via Celeron 900Mhz (Dells, HPs, Compaqs,
desktops and laptops) - only real issue was a bogus 4.1 CD than no
machine would touch.
I had a CD error with 4.2 today (same CD that I have done 3 installs
with already!) when extracting Xenocara - so I umounted, ejected,
took CD out, waggled it around while saying magic incantation,
remounted, and tried again and it worked (well, no errors reported.)
HTH, YMMV, IANAD, etc.
On 1/11/2007, at 4:55 PM, Chris Zakelj wrote:
Evening... I'm trying install my fresh 4.2 CDs on a system that is
destined to become a samba server and build machine for CF-based
firewalls. Only I'm having a problem (obviously). This is the
third release where I'm having this issue, but previously I just
chalked it up to old, cranky CDROM drives, and went with FTP. But
given this is all new hardware, time to figure out what's really
happening.
This system is fresh-built amd64 (but will be running/compiling all
i386 binaries to avoid having to cross-compile Soekris builds), IDE
DVD-ROM drive, SATA hard drive. Boots from CD, then gets through
partitioning, labelling, and formatting the drive just fine.
Network config sails through, until I finally hit "Let's install the
sets!". I hit enter for the defaults 'cd' and 'cd0', at which point
I get the following:
cd0(atapiscsi0:0:0): Check Condition (error 0x70) on opcode 0x28
SENSE KEY: Media Error
ASC/ASCQ: ASC 0x11 ASCQ 0x06
This message repeats three times, at which point the installer gives
up, reports 'No filesystems found on cd0', and asks again where to
find the sets. For what it's worth, this happens on four different
i386 machines of various vintage (from a 16 year old 486 up through
tonight's Sempron build), with official CD releases from 4.0
onwards. I'm guessing I'm missing something obvious, but Google and
MARC didn't turn up anything, so cluesticks are welcome.
1. Yes, they're official CDs straight from austin@
2. Yes, both my WinXP laptop and WinXP-64 desktop can read/copy
3. I vaguely recall installing packages from one of them after doing
the FTP install, but I'll try again later tonight.
4. I'd love to, but except for the 486 (stuffed in a closet), they
don't have serial ports to redirect to.
Picked up a USB to serial converter on the way home from the office.
Here's a complete installation attempt using the 4.2 i386 CD:
>> OpenBSD/i386 CDBOOT 2.01
boot>
booting cd0a:/4.2/i386/bsd.rd: 4733076+742936 [52+174448+160579]=0x58ad08
entry point at 0x200120*
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2007 OpenBSD. All rights reserved.
http://www.OpenBSD.org
OpenBSD 4.2 (RAMDISK_CD) #468: Tue Aug 28 11:02:17 MDT 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: AMD Sempron(tm) Processor 3000+ ("AuthenticAMD" 686-class, 128KB
L2 cache) 1.81 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3
cpu0: AMD erratum 89 present, BIOS upgrade may be required
real mem = 502820864 (479MB)
avail mem = 480124928 (457MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 07/16/07, BIOS32 rev. 0 @ 0xf0010,
SMBIOS rev. 2.3 @ 0xfc7c0 (45 entries)
bios0: vendor American Megatrends Inc. version "080012 " date 07/16/2007
pcibios0 at bios0: rev 3.0 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf57e0/272 (15 entries)
pcibios0: no compatible PCI ICU found: ICU vendor 0x1039 product 0x0965
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #4 is the last bus
bios0: ROM list: 0xc/0x8000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "SiS 761 PCI" rev 0x02
ppb0 at pci0 dev 1 function 0 "SiS 86C202 VGA" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "SiS 6330 VGA" rev 0x03
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
pcib0 at pci0 dev 2 function 0 "SiS 965 ISA" rev 0x48
pciide0 at pci0 dev 2 function 5 "SiS 5513 EIDE" rev 0x01: 5597/5598:
DMA, channel 0 configured to compatibility, channel 1
configured to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: SCSI0
5/cdrom removable
cd0(pciide0:0:0): using PIO mode 4, DMA mode 2
pciide0: chan
Re: Installation troubles
Kenneth R Westerback wrote: ASC/ASCQ 0x11/0x06 would appear to mean "CIRC Unrecovered Error". These values are listed in /usr/src/sys/scsi_base.c, line 1207 and following. The error text is left out of install kernels to save space. Some random Googling gave me "A CIRC unrecovered data error is defined as a block for which the CIRC based error correction algorithm was unsuccessful on all read attempts up to the read retry count. Layered error correction was not used." at http://www.t10.org/ftp/x3t9.2/document.89/89-108r0.txt Obvously our read retry count is 3 in this case. I don' know if the other OS's you tried have larger values and eventually succeeded, or if they just didn't happen to hit the same block. But it looks like an inability to read a particular block from that CD on that system. Ken That explains the *what* (sort of), but not the why. Given that this occurs on four different systems, with four different drives, with upwards of eight different IDE cables (both 40- and 80-conductor), and that it's across multiple releases and multiple CD's, there has to be something I'm doing wrong. I'm just at a loss as to what.
Re: Compromising a host with pf enabled?
Clint Pachl wrote: Is it possible for a cracker to compromise or root a machine on a network that has pf enabled with the single rule "block all in"? I suspect you're just fishing, but in the interests of spirited debate - Is "block in all" the first rule, the last rule, or somewhere in between? (Yes, it DOES matter) - Does the cracker have alternate methods of entry (tty, ssh, console, etc)?
Re: Compromising a host with pf enabled?
Greg Thomas wrote: It does say "single" rule. Yes, but at that point it becomes a rather useless system. It's likely to break in curious ways, since anything using the 127.0.0.1 loopback will, I think, either become unresponsive or start throwing errors. Social engineering? Usually the weakest point. Agreed.
apm doesn't sleep/suspend desktop
Curious problem here, though I'm probably missing something obvious. I
have apm enabled through /etc/rc.conf.local (apmd_flags=""), and when I
issue 'shutdown -h -p now', the system powers off correctly. However,
if I try to use sleep or suspend ('apm -S' or 'apm -z'), the system acts
like it's going to power down, blinks the monitor momentarily, then
wakes right back up like nothing ever happened. Where to look next?
# dmesg
OpenBSD 4.2-stable (GENERIC) #0: Fri Dec 7 23:23:20 EST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: AMD Opteron(tm) Processor 154 ("AuthenticAMD" 686-class, 1024KB
L2 cache) 2.82 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3
cpu0: AMD erratum 89 present, BIOS upgrade may be required
real mem = 535261184 (510MB)
avail mem = 509927424 (486MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 05/30/06, BIOS32 rev. 0 @ 0xfa850,
SMBIOS rev. 2.2 @ 0xf (39 entries)
bios0: vendor Phoenix Technologies, LTD version "6.00 PG" date 05/30/2006
bios0: http://www.abit.com.tw/ KN8 Series(NF-CK804)
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 70102 dobusy 1 doidle 1
pcibios0 at bios0: rev 3.0 @ 0xf/0xcd44
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfcc30/240 (13 entries)
pcibios0: bad IRQ table checksum
pcibios0: PCI BIOS has 15 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 3 5 7 10 11
pcibios0: no compatible PCI ICU found
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #7 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x1000
cpu0 at mainbus0
cpu0: Cool'n'Quiet K8 2814 MHz: speeds: 2800 2600 2400 2200 2000 1800
1000 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
"NVIDIA nForce4 DDR" rev 0xa3 at pci0 dev 0 function 0 not configured
pcib0 at pci0 dev 1 function 0 "NVIDIA nForce4 ISA" rev 0xa3
nviic0 at pci0 dev 1 function 1 "NVIDIA nForce4 SMBus" rev 0xa2
iic0 at nviic0
iic0: addr 0x2e 00=00 01=00 02=00 03=00 04=a1 05=07 06=00 07=00
iic1 at nviic0
ohci0 at pci0 dev 2 function 0 "NVIDIA nForce4 USB" rev 0xa2: irq 11,
version 1.0, legacy support
ehci0 at pci0 dev 2 function 1 "NVIDIA nForce4 USB" rev 0xa3: irq 3
usb0 at ehci0: USB revision 2.0
uhub0 at usb0: NVIDIA EHCI root hub, rev 2.00/1.00, addr 1
pciide0 at pci0 dev 6 function 0 "NVIDIA nForce4 IDE" rev 0xf2: DMA,
channel 0 configured to compatibility, channel 1 configured to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: SCSI0
5/cdrom removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4
pciide0: channel 1 ignored (disabled)
pciide1 at pci0 dev 7 function 0 "NVIDIA nForce4 SATA" rev 0xf3: DMA
pciide1: using irq 11 for native-PCI interrupt
wd0 at pciide1 channel 0 drive 0:
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5
ppb0 at pci0 dev 9 function 0 "NVIDIA nForce4 PCI-PCI" rev 0xa2
pci1 at ppb0 bus 1
vga1 at pci1 dev 8 function 0 "S3 ViRGE DX/GX" rev 0x01
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
nfe0 at pci0 dev 10 function 0 "NVIDIA CK804 LAN" rev 0xa3: irq 5,
address 00:50:8d:83:09:e7
ciphy0 at nfe0 phy 1: Cicada CS8201 10/100/1000TX PHY, rev. 3
ppb1 at pci0 dev 11 function 0 "NVIDIA nForce4 PCIE" rev 0xa3
pci2 at ppb1 bus 2
ppb2 at pci0 dev 12 function 0 "NVIDIA nForce4 PCIE" rev 0xa3
pci3 at ppb2 bus 3
ppb3 at pci0 dev 13 function 0 "NVIDIA nForce4 PCIE" rev 0xa3
pci4 at ppb3 bus 4
ppb4 at pci0 dev 14 function 0 "NVIDIA nForce4 PCIE" rev 0xa3
pci5 at ppb4 bus 5
ppb5 at pci5 dev 0 function 0 "Intel IOP333 PCIE-PCIX" rev 0x00
pci6 at ppb5 bus 6
arc0 at pci6 dev 14 function 0 "Areca ARC-1220" rev 0x00: irq 10
arc0: 8 SATA Ports, 256MB SDRAM, FW Version: V1.43 2007-4-17
scsibus1 at arc0: 16 targets
sd0 at scsibus1 targ 0 lun 0: SCSI3
0/direct fixed
sd0: 858306MB, 61035 cyl, 60 head, 480 sec, 512 bytes/sec, 1757812224
sec total
sd1 at scsibus1 targ 0 lun 1: SCSI3
0/direct fixed
sd1: 457882MB, 61051 cyl, 32 head, 480 sec, 512 bytes/sec, 937743360 sec
total
ppb6 at pci5 dev 0 function 2 "Intel IOP333 PCIE-PCIX" rev 0x00
pci7 at ppb6 bus 7
pchb0 at pci0 dev 24 function 0 "AMD AMD64 HyperTransport" rev 0x00
pchb1 at pci0 dev 24 function 1 "AMD AMD64 Address Map" rev 0x00
pchb2 at pci0 dev 24 function 2 "AMD AMD64 DRAM Cfg" rev 0x00
pchb3 at pci0 dev 24 function 3 "AMD AMD64 Misc Cfg" rev 0x00
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0:
spkr0 at pcppi0
lm0 at isa0 port 0x290/8: W83627HF
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
pccom0 at isa0 port
Re: apm doesn't sleep/suspend desktop
Nick Guenther wrote:
On Dec 11, 2007 12:30 AM, Chris Zakelj <[EMAIL PROTECTED]> wrote:
Curious problem here, though I'm probably missing something obvious. I
have apm enabled through /etc/rc.conf.local (apmd_flags=""), and when I
issue 'shutdown -h -p now', the system powers off correctly. However,
if I try to use sleep or suspend ('apm -S' or 'apm -z'), the system acts
like it's going to power down, blinks the monitor momentarily, then
wakes right back up like nothing ever happened. Where to look next?
Run apmd with -d?
-Nick
No luck. Running apmd_flags="-d" results in
===
starting local daemons: smbd nmbd mysqld.
standard daemons: apmdStarting mysqld daemon with databases from
/var/www/var/mysql
(things hang here...)
^C cron.
Tue Dec 11 21:35:42 EST 2007
OpenBSD/i386 (imhotep.***.dyndns.org) (ttyC0)
===
Worthy of note is that when I run apmd_flags="", I do not get the
"Starting mysql..." message in the boot messages, but the server does
start correctly, and the boot proceeds normally.
Re: apm doesn't sleep/suspend desktop
Nick Guenther wrote:
On 12/11/07, Chris Zakelj <[EMAIL PROTECTED]> wrote:
Nick Guenther wrote:
On Dec 11, 2007 12:30 AM, Chris Zakelj <[EMAIL PROTECTED]> wrote:
Curious problem here, though I'm probably missing something obvious. I
have apm enabled through /etc/rc.conf.local (apmd_flags=""), and when I
issue 'shutdown -h -p now', the system powers off correctly. However,
if I try to use sleep or suspend ('apm -S' or 'apm -z'), the system acts
like it's going to power down, blinks the monitor momentarily, then
wakes right back up like nothing ever happened. Where to look next?
Run apmd with -d?
-Nick
No luck. Running apmd_flags="-d" results in
===
starting local daemons: smbd nmbd mysqld.
standard daemons: apmdStarting mysqld daemon with databases from
/var/www/var/mysql
(things hang here...)
^C cron.
Tue Dec 11 21:35:42 EST 2007
OpenBSD/i386 (imhotep.***.dyndns.org) (ttyC0)
===
Worthy of note is that when I run apmd_flags="", I do not get the
"Starting mysql..." message in the boot messages, but the server does
start correctly, and the boot proceeds normally.
h, sorry. I thought you'd check the manpage before trying it. -d
makes it run 'do not detach'|'debug'. I meant, don't start it at boot,
but instead run it from a terminal, and watch it's debug messages.
As for mysql... no clue. Seems like one thing is stepping on another thing.
-Nick
Did read, just wasn't expecting that behavior (noob thing on my part).
Anyways, here's what I get now...
(ttyC0)
# tail -f /var/log/messages &
(boot remnants)
(ttyC1)
# apmd -d
(silence)
(ttyC0)
Dec 11 22:34:00 imhotep apmd: battery status: unknown. external power
status: connected. estimated battery live 0%
# apm -S
System will enter standby mode momentarily. (blink)
# Dec 11 22:35:02 imhotep apmd: system resumed from APM sleep
apm -z
System will enter suspend mode momentarily. (blink)
# Dec 11 22:35:43 imhotep apmd: system resumed from APM sleep
_
Seems to me like something is waking it up as soon as it goes into sleep
mode. Could I have something in the BIOS messed up or otherwise causing
a wake-up signal too early?
Re: Real men don't attack straw men
Richard Stallman wrote: When you buy a copy of a non-free program, you pay with your money and with your freedom. You apparently don't assign much value to the freedom that you would give up. I really didn't expect to get involved in this, but if I were to buy a copy of Hy-Tek's Meet Manager (http://www.hy-tekltd.com/swim/mm/index.html), I would not feel any less free than when I started. Granted, I would need to plunk down a significant amount of coin for it, but having a copy of that software would allow me to not only go forth and recoup my initial expenditure, but turn a profit as well. But since there is no free (or otherwise non-proprietary) equivalent, your version of freedom means the swim meet never happens. How, pray tell, would purchasing and using this software reduce my freedom, given that not only does it allow me to make money doing something I find fun, but also enjoy summer weekends in the sun watchings kids have fun, too? Oh, and before you even consider it, running the meet by hand is not an option when you're dealing with over 20 teams and nearly 2000 kids, so don't even go there.
Re: Real men don't attack straw men
bofh wrote: On Dec 14, 2007 7:11 PM, Chris Zakelj <[EMAIL PROTECTED]> wrote: How, pray tell, would purchasing and using this software reduce my freedom, given that not only does it allow me to make money doing something I find fun, but also enjoy summer weekends in the sun watchings kids have fun, too? Come now, there are serious questions about whether Richards line in the sand is in the correct place, but this question is silly. He's not talking about your personal freedom, he's talking about end user's freedom. GPL is about the end user's freedom. BSD is about the developer's freedom. The two does not have to meet. This is why there's such a big deal over OOXML right now. No, this is exactly on point. As I understand his view, Richard seems to think that any software licensed under a schema that doesn't meet his definition of "free" is bad/unethical/whatever, and for an OS to support said software, even if only by reference, is not only also bad, but also diminishes my own freedom. I fail to see how using a software package (remember, *I* would be the end user here), proprietary and license-restricted though it may be, somehow causes a loss in my freedom. I am free to (not) use/purchase such software as I see fit, and don't understand why forking over some cash would somehow result in my losing something, when in my mind, I'm actually coming out ahead. Would I love to see a BSD/ISC/GPL/(insert free license here) equivalent? You bet. But I won't give up relaxing weekends just to make a political statement.
Re: Real men don't attack straw men
bofh wrote: On Dec 15, 2007 11:04 AM, Chris Zakelj <[EMAIL PROTECTED]> wrote: stupid. Shut up." In case you missed it, this discussion revolves just as much around the concept of what Richard considers freedom as it does around licenses and source. This is what I'm on about. My understanding of Richard's viewpoint is that proprietary software sucks, and doing anything to support it sucks as well. I want to know why buying (and thus supporting) a proprietary package causes me to suck as well, when in my view, I'm out there having fun, and helping others have fun as well. He has never said the end user can not buy anything they want. Agreed. But what he has (apparently) said is that doing so sucks, as it encourages them to continue their proprietary (and hence, bad/unethical) ways. I'd like to know why paying for a company's software, in a very niche market with no BSD/GPL/otherfree alternative, makes me suck as well.
Re: Real men don't attack straw men
bofh wrote: On Dec 15, 2007 1:26 AM, Chris Zakelj <[EMAIL PROTECTED]> wrote: bofh wrote: On Dec 14, 2007 7:11 PM, Chris Zakelj <[EMAIL PROTECTED]> wrote: How, pray tell, would purchasing and using this software reduce my freedom, given that not only does it allow me to make money doing something I find fun, but also enjoy summer weekends in the sun watchings kids have fun, too? Come now, there are serious questions about whether Richards line in the sand is in the correct place, but this question is silly. He's not talking about your personal freedom, he's talking about end user's freedom. GPL is about the end user's freedom. BSD is about the developer's freedom. The two does not have to meet. This is why there's such a big deal over OOXML right now. No, this is exactly on point. As I understand his view, Richard seems to think that any software licensed under a schema that doesn't meet his definition of "free" is bad/unethical/whatever, and for an OS to support said software, even if only by reference, is not only also bad, but also diminishes my own freedom. I fail to see how using a software package (remember, *I* would be the end user here), proprietary and license-restricted though it may be, somehow causes a loss in my freedom. I am free to (not) use/purchase such software as I see fit, Again - this discussion is not about your personal freedom. Stop trying to change the discussion. This is about licensing and what you can, and cannot do with the source code. The current discussion is actually pretty important, and muddying up the waters like this is not useful. How about you let Richard decide whether or not my question is important? I don't see your name on the list of OBSD developers, nor donators, nor as a fellow (or whatever the board is called) of the FSF, nor anything else which gives you the right to say "Your question is stupid. Shut up." In case you missed it, this discussion revolves just as much around the concept of what Richard considers freedom as it does around licenses and source. This is what I'm on about. My understanding of Richard's viewpoint is that proprietary software sucks, and doing anything to support it sucks as well. I want to know why buying (and thus supporting) a proprietary package causes me to suck as well, when in my view, I'm out there having fun, and helping others have fun as well.
Re: Real men don't attack straw men
bofh wrote: On Dec 15, 2007 11:19 AM, Chris Zakelj <[EMAIL PROTECTED]> wrote: Agreed. But what he has (apparently) said is that doing so sucks, as it encourages them to continue their proprietary (and hence, bad/unethical) ways. I'd like to know why paying for a company's software, in a very niche market with no BSD/GPL/otherfree alternative, makes me suck as well. He had posted a couple of links to his philosophy, and it makes specific mention of this situation. Sadly, I gave up on following links about four or five emails in. The signal-to-noise ratio was already depressing at that point. I will, however, go back through the trash bin looking for that email.
Re: Embedding OpenBSD
Nick Holland wrote: I've got a little project I'm working on here. It involves stuffing a computer in a donation box with a money detector, so every time someone tosses money in the box, it plays an MP3 file. (no, you can't make a living at this. At least, *I* can't) The first two of these I did were many years ago, and we used a 486 running a simple DOS app. Well, computers that run DOS well are gone, and trying to bring up a new program to play sound files on any of the modern sound chips would be (not) fun...and annoying the next time the hardware all changes again. So, for this generation, I'm using OpenBSD, mpg321, and a 1G CF flash device attached to an CF-> IDE interface. However, this is the first time I've ever done an OpenBSD system that wasn't going to be attached to some kind of network for (hopefully) years at a time. In fact, hopefully, it will NEVER be attached to a network. And, while I got a 1G CF device, I could imagine doing something stupid and having it slowly fill the CF media and six months from now getting a call saying, "It died. Come fix it", and since it will be in another country and probably a ten hour drive away, I'd like to avoid that. :) Once this thing is deployed, I won't have access to it at all, so I'll have no ability to spot a potential problem or fix it. SO, to try to keep things quiet, I've disabled the daily, weekly, and monthly scripts, I've disabled sendmail in /etc/rc.conf.local. Before I ship it out, I'll move /var/log and /var/tmp to point to a mfs system, so hopefully, if something starts logging, a power cycle will dump everything. Only 60M is mounted RW, so it fsck's very quickly, and my app writes only to the MFS. What have I forgotten? Is there anything else I can do to avoid slapping my forehead and saying, "D'oh! Forgot to ..." before I ship it out fully detached? The good news is I'm pretty sure there is at least one OpenBSD developer near-by, but that's just all the more reason to make sure I don't screw it up, I'll never live it down. :) Nick. A noob-ish question/observation... since the mfs could eventually fill, why not point potential logs at /dev/null instead?
Re: Improving disk reliability
Erik WikstrC6m wrote: Hi I am setting up a OpenBSD box to act as a router/file-server for my parents, the box consists mostly of old parts and I try to not spend any extra money on it. One of my biggest worries is, since it will act as a file-server which will contain stuff with some emotional value, data- loss. The preferable way to solve this would probably be to use two disks but that is not an option for me. So I was wondering if it is possible to instead split the disk in two parts, the first is used to install OpenBSD on, and the rest is split in two and setup in a mirror configuration using RAIDframe or something similar. If this is possible, will it buy me any additional protection against dataloss, or is it more likely that my disk crashes all together? The servo motor no longer spins up the hard drive. How will you recover? Setting up the drive as a multi-partition RAIDFrame doesn't accomplish anything except add complexity. If you want protection against a physical hard drive failure, you need more than one hard drive, end of story. Whether you use a RAID-1 mirror, crontab a nightly dump/restore to an external USB drive, or whatever, if there's a single point of failure, you have to consider it "already dead", and choose your preferred recovery method.
Large file freezes with 4.2, Samba, and XP64
I posted this to the samba list about a week ago and received no responses, so I'm hoping someone here can tell me what I'm missing. If I'm forgetting to add some piece of important info, prod as necessary. I've been struggling with this for a while, and though it worked for about five minutes Sunday night, it's been a no-go ever since I built my server last summer. What I've got: Samba (samba): OpenBSD 4.2-STABLE, samba-3.0.25b (from packages) Laptop (osiris): WinXP SP2 Desktop (isis): WinXP x64 SP2 I can copy/move anything and everything between samba and laptop. I can copy/move anything between laptop and desktop. I can *usually* copy small (less than 100M or so) between samba and desktop, and large files FROM samba TO desktop as well. However, when I try to copy large files FROM desktop TO samba, desktop freezes. There are no log messages being generated on the oBSD side (simultaneous tails on /var/log/daemon, messages, smbd.isis, smbd.smbd, and smbd.nmbd all remain silent). The Windows event viewer likewise does not contain any obvious errors upon reboot. Also of note, if I use laptop to move directly between desktop and samba, it always works (though more slowly, since its link is only 100Mbit instead of 1Gbit, and is essentially performing every operation twice). /etc/samba/smb.conf [global] workgroup = ASGARD server string = Samba security = share hosts allow = 192.168.1. 127. load printers = no log file = /var/log/smbd.%m max log size = 50 dns proxy = no # Share Definitions == [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [storage] path = /samba public = yes only guest = yes writable = yes printable = no case sensitive = no oplocks = no create mode = 0777 use client driver = yes /var/run/dmesg.boot # dmesg OpenBSD 4.2-stable (GENERIC) #0: Sat Mar 8 22:58:07 EST 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 535293952 (510MB) avail mem = 508379136 (484MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.2 @ 0xf (39 entries) bios0: vendor Phoenix Technologies, LTD version "6.00 PG" date 05/30/2006 bios0: http://www.abit.com.tw/ KN8 Series(NF-CK804) acpi at mainbus0 not configured cpu0 at mainbus0: (uniprocessor) cpu0: AMD Opteron(tm) Processor 154 , 2813.27 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: AMD erratum 89 present, BIOS upgrade may be required cpu0: Cool'n'Quiet K8 2813 MHz: speeds: 2800 2600 2400 2200 2000 1800 1000 MHz pci0 at mainbus0 bus 0: configuration mode 1 "NVIDIA nForce4 DDR" rev 0xa3 at pci0 dev 0 function 0 not configured pcib0 at pci0 dev 1 function 0 "NVIDIA nForce4 ISA" rev 0xa3 nviic0 at pci0 dev 1 function 1 "NVIDIA nForce4 SMBus" rev 0xa2 iic0 at nviic0 iic0: addr 0x2e 00=00 01=00 02=00 03=00 04=a1 05=07 06=00 07=00 iic1 at nviic0 ohci0 at pci0 dev 2 function 0 "NVIDIA nForce4 USB" rev 0xa2: irq 11, version 1.0, legacy support ehci0 at pci0 dev 2 function 1 "NVIDIA nForce4 USB" rev 0xa3: irq 3 usb0 at ehci0: USB revision 2.0 uhub0 at usb0: NVIDIA EHCI root hub, rev 2.00/1.00, addr 1 pciide0 at pci0 dev 6 function 0 "NVIDIA nForce4 IDE" rev 0xf2: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4 pciide0: channel 1 ignored (disabled) ppb0 at pci0 dev 9 function 0 "NVIDIA nForce4 PCI-PCI" rev 0xa2 pci1 at ppb0 bus 1 vga1 at pci1 dev 6 function 0 "S3 ViRGE DX/GX" rev 0x01 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) nfe0 at pci0 dev 10 function 0 "NVIDIA CK804 LAN" rev 0xa3: irq 5, address 00:50:8d:83:09:e7 ciphy0 at nfe0 phy 1: Cicada CS8201 10/100/1000TX PHY, rev. 3 ppb1 at pci0 dev 11 function 0 "NVIDIA nForce4 PCIE" rev 0xa3 pci2 at ppb1 bus 2 ppb2 at pci0 dev 12 function 0 "NVIDIA nForce4 PCIE" rev 0xa3 pci3 at ppb2 bus 3 ppb3 at pci0 dev 13 function 0 "NVIDIA nForce4 PCIE" rev 0xa3 pci4 at ppb3 bus 4 ppb4 at pci0 dev 14 function 0 "NVIDIA nForce4 PCIE" rev 0xa3 pci5 at ppb4 bus 5 ppb5 at pci5 dev 0 function 0 "Intel IOP333 PCIE-PCIX" rev 0x00 pci6 at ppb5 bus 6 arc0 at pci6 dev 14 function 0 "Areca ARC-1220" rev 0x00: irq 11 arc0: 8 SATA Ports, 256MB SDRAM, FW Version: V1.43 200
Re: Large file freezes with 4.2, Samba, and XP64
Richard Toohey wrote: I usually batch the files into ~ 50Mb at a time, or use a different copying mechanism/program (or a script to copy n directories across at a time.) Not really an option, given that a single DVR recording can be upwards of 8G My experience is more with Windows 2003 server, but there is definitely something in MS code. And Vista still has issues ... just new ones. 8-) As I understand, the XP64 codebase is derived from Server 2003. See if you can find a different copying program ... Well, the links and your script idea pointed me to trying the Windows CLI, and strangely enough, that works in both directions with the aforementioned 8G files at roughly 40% network utilization, which suggests to me that may be the hard-drive throughput limit (in which case, I'd be satisfied). I won't call this solved (since it's more a kludge than a fix), but it's a workable method :)
Re: wifi signal triangulation
Jacob Yocom-Piatt wrote: > only today have i tried out hostapd, it is quite neat. while adding a 2nd AP > to > my network a thought occurred to me: if you had >3 APs that were sufficiently > spread out and had tightly synced clocks you could likely triangulate the > source > of a wifi signal with a fair deal of accuracy. > > is this doable? > > cheers, > jake Dunno if it's doable or not, but I'd think just grabbing a pair of directional antennae, tuning them to whichever channel you're listening for, and taking a cross-bearing would be quicker, easier, and possibly cheaper (especially if some undergrads build the antennae out of Pringles cans ;) )
Re: Harddisk slow
Heinrich Rebehn wrote: > on my Soekris 4801-60 i have a FUJITSU MHV2120AT running as slave. The > > 104857600 bytes transferred in 11.980 secs (8752083 bytes/sec) 8MB/sec isn't particularly bad for a notebook drive, and I get very similar numbers on my own 4801-60 w/ Samsung MP0402H drive: wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 38204MB, 78242976 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 # time dd if=/dev/zero of=zero.txt bs=1m count=100 100+0 records in 100+0 records out 104857600 bytes transferred in 7.289 secs (14384268 bytes/sec) 0m7.93s real 0m0.00s user 0m6.82s system # time dd if=zero.txt of=/dev/null 204800+0 records in 204800+0 records out 104857600 bytes transferred in 12.128 secs (8645905 bytes/sec) 0m12.20s real 0m1.07s user 0m10.78s system These boxes weren't designed with screaming disk I/O in mind. They're meant to be embedded appliances, and this particular model just happens to have a notebook-drive compatible IDE header.
Re: Which free board software for PostgeSQL?
Michael Lechtermann wrote: > Hi, > > anyone can recommend a free PHP board/forums software for use with > PostgreSQL 8.x? > > PgSQL isn't mentioned in the vBulletin homepage. > PHPBB is supposed to work with 7.x, not sure about 8.x > > Thanks in advance. > > Michael If it hasn't already been said to you offlist, here it is for posterity: Try it and see.
Re: Tracking security advisories
"Spruell, Darren-Perot" <[EMAIL PROTECTED]> wrote: For sysadmins that want to know as soon as possible about issues which are deemed patch-worthy (security vulnerabilities, critical reliability issues), what is the "best" way to stay on top of these issues as they are resolved? The canonical source of information seems to be errta.html, which does tend to be updated quickly as the patch becomes available. To keep track of this, it requires the user to access the page and look for a new patch which may apply to him. One could also monitor commits to CVS and while reliable, it becomes a bit more difficult to pick the critical from some of the rest of it. There's also a vuxml setup for OpenBSD at http://www.vuxml.org/openbsd/index.html, which appears to be independently maintained and doesn't stay sufficiently updated to be used as an alerting mechanism. Then, as outlined in release announcements, "Security patch announcements are sent to the [EMAIL PROTECTED] mailing list." This method is preferred by a lot of people so they get some kind of proactive notification of potentially impactive problems. Patch announcements do make it to the list, some as early as 1 day after patch announcement, others 14 days after patch. The possible advantage over errata.html though is you get notified even if you've lapsed in checking out the web page. On the flip side, this requires a developer to take time and craft the message and send it, so the onus is on the project to do the work. DS What is "best" for one person may not necessarily be "best" for another. That said, it shouldn't be too hard to make fetching errata.html part of your daily crontab, running a diff on the fetch versus a cached reference, and triggering an email when there's a difference.
Re: Configuring pppoe during installation?
[EMAIL PROTECTED] wrote: > Would it be possible that the installer asks if you may wanna use the NIC > for pppoe-Connections and then maybe also asks for User/PW for the > connection-settings? :) > > In my oppinion this little change may would maybe bring more "usebillity" > (or how that`s written...) and it would save some time wich is needed to > create a hostname.pppoe. :) > > I think that change for the installer is very small and may would be > usefull too since OpenBSD can do kernel-pppoe. > > > Kind regards, > Sebastian Sounds great in theory, but as Theo gently reminded me when I asked this a year or two ago, there's only so much space on a single 1.44M floppy. Including even rudimentary PPPoE would crowd out other drivers and tools that are much more useful during an install.
Re: Configuring pppoe during installation?
Michael Lechtermann wrote: > Guido Tschakert wrote: > >> You surely do not want to say no to dozens of network questions (and >> maybe a lot of other stuff) >> > Thats why I suggested to make just one question that asks if you would > like to to any optional setup. Default answer [n]. If you choose yes, > only then you'll get the additional questions, whatever they might be. The Dev Gods have said 'No.' Now take your ball and go home. All you're doing at this point is ticking people off, and making yourself look stupid in the archives.
Re: News From HiFn
Clint Pachl wrote: > So when Theo starts crying when companies don't open source, that is > very hypocritical behavior. This statement right here proves you don't know what the hell you're talking about, and makes the rest of your long-winded rant irrelevant. Theo did not, and never has, asked for source. Now why don't you just go back to whatever hole you lurk from and leave the rest of us alone?
Re: Preventing password reuse
STeve Andre' wrote: > On Monday 03 July 2006 17:37, Jeff Simmons wrote: > >> A client is setting up a password policy, and would like to prevent users >> from reusing a password for a period of time (four changes ninety days >> apart). Is there a way to do this, either within the OS or via a program in >> ports? I've been looking for quite a while and haven't found anything. >> > I can't resist pointing out that this is an AWFUL policy. You will be > remembering peoples passwords, a history of them, which are > very likely to be used on other systems. Thats really bad. I wonder > (at least in the USA) what would happen to your company if that > data was ever stolen? > The same thing that happens whenever any other data (like, say, SSNs) gets stolen. Absolutely nothing.
Re: BOB is dying.
Matthias Kilian wrote: > On Sun, Jul 16, 2006 at 02:54:35PM -0400, Tim Donahue wrote: > >> I swear, spam keeps getting wierder and wierder >> > It's not spam, it's modern art. You can use it for poetry. I thought it might have been one of those "BSD is dying!" trolls on slashdot, except they were referring to Microsoft BOB. Ten years late, but at least they'd have gotten one right for a change :)
Re: soekris and openbsd
Gustavo Rios <[EMAIL PROTECTED]> wrote: May some one suggest a good quality HD drive for use with Openbsd 3.9 and Soekris net4801-60 hardware ? Thanks in advance. I would suggest just going through the reviews of notebook drives on www.storagereview.com. Be aware that the little inch long ribbon cable has been suspected as the reason behind a number of supposed drive failures.
PF: PRIQ not working as I expect
Trying to figure out what's going wrong here, and at this point, I'm
stumped. I'm trying to place traffic being served from apache above
that of bulk transfers (BitTorrent, primarily), yet according to pfctl
-vvsq, they're both ending up in the 'bulk' queue as defined by my
rules. Since the 'user www' rule comes AFTER the default queue, I would
think all traffic originated by the server would get the higher
priority, but it isn't. Suggestions?
# cat /etc/pf.conf
# Define interfaces
int_if = "sis1"
dmz_if = "sis2"
ext_if = "pppoe0"
laptop = "192.168.0.3"
xp = "192.168.0.4"
priv_nets = "{ 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 }"
set optimization aggressive
scrub in all
scrub out on $ext_if max-mss 1440
# Queueing
# TCP/ACK frames get first dibs, followed by DNS, surfing, webserver, and
# the unwashed masses.
altq on $ext_if priq bandwidth 768Kb queue { bulk, server, web_req,
dns_out, tcp_ack_out }
queue bulk priq(default)
queue server priority 2
queue web_req priority 4
queue dns_out priority 5
queue tcp_ack_out priority 6
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
nat on $ext_if from !($ext_if) -> ($ext_if:0) static-port
rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
rdr pass on $ext_if proto { tcp, udp } from any to any port 9980:9989 ->
$xp port 9980:*
rdr pass on $ext_if proto { tcp, udp } from any to any port 6081 -> $xp
port 6081
rdr pass on $ext_if proto tcp from any to any port 9990: -> $laptop
port 9990:*
rdr pass on $ext_if proto tcp from any to any port 9000 -> 192.168.0.2
port 80
# Filtering begins
anchor "ftp-proxy/*"
pass quick on $int_if all keep state
pass quick on $dmz_if all keep state
pass quick on 127.0.0.1 all keep state
block drop on $ext_if all
# Microsoft has pissed me off for the last time
block quick from any to 207.46.0.0/12
# Clean invalid SRC/DST packets
block in quick on $ext_if from $priv_nets to any
block out quick on $ext_if from any to $priv_nets
# Pass in allowed servers/proxies
pass in on $ext_if proto tcp from any to ($ext_if) port ssh flags S/SA
keep state
pass in on $ext_if proto tcp from any to ($ext_if) port www flags S/SA
keep state
pass in on $ext_if proto tcp from any to ($ext_if) port smtp flags S/SA
keep state
# Out to the 'net
pass out on $ext_if from ($ext_if) to any modulate state queue(bulk,
tcp_ack_out)
pass out on $ext_if proto tcp from ($ext_if) to any user www modulate
state queue server
pass out on $ext_if proto { tcp, udp } from ($ext_if) to any port {
http, https } modulate state queue (web_req, tcp_ack_out
)
pass out on $ext_if proto { tcp, udp } from ($ext_if) to any port domain
modulate state queue dns_out
# End
Re: [SOLVED] PRIQ not working as I expect
Melameth, Daniel D. wrote: > If your web server is serving up pages, it's likely the pass in rule > that's being hit first and creating state--and since you're not > assigning a queue to that rule, it's being dumped to bulk. That did it... Assigning queue on the 'pass in...' line has it working just how I want it.
Using dd(1) to duplicate a hard drive
Went back about two years in the MARC archives with the terms 'copy drive' (oddly enough, 'dd' itself wouldn't work), and got plenty of linux examples on Google (that pretty much say what I propose anyway) but no luck... I'm hoping to find a faster way to create an image of one drive (a Samsung MP0402H, 40G notebook, to be specific) onto an identical drive than using: # dd if=/dev/rwd0c of=/dev/rwd1c bs=1m Hardware to be used in the copy is an i586/166, Intel 430VX chipset. I vaguely recall hearing that placing the drives on separate IDE channels would help, but any and all other pointers, cluesticks, and proddings are welcome.
Re: Using dd(1) to duplicate a hard drive
Nick Holland wrote: > Chris Zakelj wrote: >> Went back about two years in the MARC archives with the terms 'copy >> drive' (oddly enough, 'dd' itself wouldn't work), and got plenty of >> linux examples on Google (that pretty much say what I propose anyway) >> but no luck... I'm hoping to find a faster way to create an image of one >> drive (a Samsung MP0402H, 40G notebook, to be specific) onto an >> identical drive than using: >> >> # dd if=/dev/rwd0c of=/dev/rwd1c bs=1m >> >> Hardware to be used in the copy is an i586/166, Intel 430VX chipset. I >> vaguely recall hearing that placing the drives on separate IDE channels >> would help, but any and all other pointers, cluesticks, and proddings >> are welcome. > What's the question? "No luck" at what? > What is not working as you expect? > > What you are proposing should work, though you are doing the "more is > better" thing on the blocksize more than needed. 64k or 128k is quite > sufficient. > > It will take a while, and your HW isn't wickedly fast...but I have > used this process myself. > > Nick. Question was, is there a faster way? (about ten off-list replies so far all point to 'no') "No luck" would be finding relevant hits in either MARC or Google about speeding things up. On the block size, thanks! No sense in biting off more than the hardware can chew. I'm aware that the hardware isn't exactly state of the art, but for making a copy of my server to practice on a non-production rig, it gets the job done.
Re: Using dd(1) to duplicate a hard drive
Mitch Parker wrote: > Stuart, > > I concur with that. $20 at newegg gets you one with a power supply for > the hard drive. > > Mitch > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of Stuart Henderson > Sent: Tuesday, August 01, 2006 10:10 AM > To: Chris Zakelj > Cc: misc > Subject: Re: Using dd(1) to duplicate a hard drive > > On 2006/08/01 08:03, Chris Zakelj wrote: > >> Question was, is there a faster way? (about ten off-list replies so far all >> point to 'no') >> > Depending on what's readily available to you, it might be worth > trying with a USB2->IDE adapter. Hmm... I like this idea. Keeps me from having to tear the blasted thing apart when (cause we know it's gonna happen) I mess up the dev rig. May not be the fast option, but it is a zero-downtime option, and that's always a Good Thing.
Re: Choices for Soekris "disk drives"
Gustavo Rios wrote: > Which seagate momentus are you using? > > Thanks in advance. > > On 7/15/05, Frank Denis (Jedi/Sector One) <[EMAIL PROTECTED]> wrote: >> On Fri, Jul 15, 2005 at 07:55:59PM +0530, Mayuresh Kathe wrote: >> >*AVOID* 2.5" IDE Laptop drives. >> >I've had pretty bad experience with them, >> >1. They heat up a lot >> >2. Are slow >> >3. Fail quite often (this could be due to the heat) >> >(face problems with Toshiba and IBM) >> >> I have the opposite experience. My Net4801 is running 24/7 for one >> year with >> a Momentus drive (5400 RPMs) and it is neither slow nor hot. I'm on something like three months non-stop of 24/7 on my Samsung MP0402H w/ 4801. wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 38204MB, 78242976 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
Re: uEagle DSL chipset
Chris 'Xenon' Hanson wrote: > Will Hoskins wrote: >> I was overjoyed when this chipset was supported in 3.8. At last, I >> thought, consumer level DSL equipment which will show up as an >> interface instead of some dodgy ppp tun0 nonsense. >> >> So then, my obsd sweethearts, do you ever drop support for vapourware >> drivers or will this be forever immortalized in your CVS repository >> (neatly avoided the temptation to put suppository). > Bummer. > > I went with a Sangoma S518 card for similar reasons. I've beaten > them into bringing their OBSD driver up to date, but I still am having > trouble with it. It doesn't agree with my ISP's PAP login. > > I don't know of any better DSL interface drivers, unfortunately. > >> Your faithful servant, >> Will Why not just a plain old DSL/10BaseT bridge and pppoe(8)? I agree that it'd be great to have hardware plugged comfortably inside the system and one less piece hanging off the power strip, but canacar@ and crew have done an incredible job on it, to the point where even my old i486/33 with a pair of ep(4) cards can handle residential (384/1.5 tested) DSL.
Re: [unclassified] Re: uEagle DSL chipset
Chris 'Xenon' Hanson wrote: > Chris Zakelj wrote: >> Why not just a plain old DSL/10BaseT bridge and pppoe(8)? I agree that >> it'd be great to have hardware plugged comfortably inside the system and >> one less piece hanging off the power strip, but canacar@ and crew have >> done an incredible job on it, to the point where even my old i486/33 >> with a pair of ep(4) cards can handle residential (384/1.5 tested) DSL. > My ISP uses PPPoA rather than PPPoE. > > PPPoA is in some ways, preferable, since you don't have the MTU > issue of PPPoE. It is helpful to include such details ;) At the office where I worked roughly three years ago, we had a setup where the external modem handled all the PPPoA aspects, but transparently handed off the public IP address and forwarded all ports to the oBSD firewall I had set up. Unfortunately, I forget the name of the company that made it, but it did work quite well, and didn't require any kind of extra configuration on the firewall itself. How it did that, though, I haven't a clue.
Re: Forum-Software, good and secure, on OpenBSD systems?
Adam wrote: > "Jack J. Woehr" <[EMAIL PROTECTED]> wrote: > >> http://www.phpbb.com/ >> > He said "good and secure". Phpbb is neither. Perhaps you would like to offer an alternative instead of just dissing the phpBB users? I've also had an acceptable record with phpBB. This being the result of: 1. Keeping on top of security announcements and promptly patching my system when something gets updated 2. Maintaining the httpd chroot environment 3. Leaving my install plain vanilla (no 3rd party mods) 4. Being a very niche and low-traffic system (only 50 members and 200odd posts in a little over two years online) Does this mean phpBB is secure? Hell no. Anything PHP-based is likely written by folks Theo and co. would derive a sadistic pleasure from sending through "Code Auditing 101." Does it do what I want, when I want, without massive frustration? Yes. Thus, it meets a definition of "good," where "good" equals "what I personally want, when I want it, without giving me a migraine." Your definition of "good" is probably different, and phpBB might not meet it.
Re: [spam] Re: Forum-Software, good and secure, on OpenBSD systems?
Adam wrote: > Chris Zakelj <[EMAIL PROTECTED]> wrote: > >>> He said "good and secure". Phpbb is neither. >>> >> Perhaps you would like to offer an alternative >> > Nope. > Then you are a useless troll. This will be my last reply to your filth. >> instead of just dissing the phpBB users? >> > I didn't say anything about any users. > You did exactly that by attacking Jack's reply and not offering a superior alternative. The admins are the users, the members are the consumers. >> Your definition of "good" is probably different, and phpBB might not >> meet it. >> > My definition of good includes secure. "If you are a very low traffic > obscure site and only have to worry about publicly released exploits > you can patch, and you are willing to patch all the damn time" doesn't > qualify as secure. Read the subject again. > Eleven patches in 26 months, or 0.4 patches/month. How does that compare to your typical Linux distro, or the typical corporate environment? How many patches has MSFT released in that timespan? Compared to maintaining even my gaming rig (and its never-ending onslaught of 64bit driver issues), following phpBB's security list is incredibly easy. > Adam Call yourself what you really are. A sorry troll with no life, whose messages even my spam filter knows what to do with. Goodbye.
Re: [spam] Re: Forum-Software, good and secure, on OpenBSD systems?
bofh wrote: > Why is that a troll? He offered an opinion on Phpbb. It is neither good > nor secure. [see below] Just because he cannot offer an alternative (there > may not be a secure alternative even!) > Because that sentiment had already been echoed by others. No sense beating dead horses except to puff up flames (which he succeeded in doing). > Bad comparison. MSFT's patches are across an entire product line. You are > talking about one specific product here. In order to get a valid > comparison, you will have to count patches for a product of similar size and > complexity. Which, if my memory serves me right, is actually smaller than > phpbb's track record, which actually supports Adam's stance that phpbb is > insecure. > No, I am counting *ONLY* Windows XP. I don't run Office, SQL Server, or any other MSFT product on my gaming machine. It's bad enough just having to deal with that much. > That may be. It is still not secure. We are talking about security, not > ease of patching, or following patch releases. I never said it was secure. In fact, I distinctly recall saying "hell no" to whether or not I considered phpBB secure. What I *did* say was that it fit my needs, as I laid them out.
Re: [spam] Re: Forum-Software, good and secure, on OpenBSD systems?
bofh wrote: > On 9/13/06, Chris Zakelj <[EMAIL PROTECTED]> wrote: >> I never said it was secure. In fact, I distinctly recall saying >> "hell no" to whether or not I considered phpBB secure. What I >> *did* say was that it fit my needs, as I laid them out. > > Which is "good" to you, but probably isn't "good" to people who are > specifically interested in OpenBSD for it's security stance. Have you considered the possibility that I choose OpenBSD specifically for its security stance? phpBB runs on any *NIX or Windows, you know. As I said, I don't trust it to be secure. But I do trust Theo and his team to build the most secure base possible on which to run it. A bullet-proof BB is useless if the underlying OS gets rooted every other day. A marginal BB can work if restoration is only as far away as a restore of /var/www.
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
Neko wrote: so there can be an end to this retard "cant write on the file system" bs http://www.ntfs-3g.org/ so will it be merged in the next obsd release ? this is the future. people use multiple os on their machine, not just vm , they will local install too, so action should be taken to have a filesystem stream that can be viewed by anyone, It's GPL2. The best you can hope for is someone with the time, inclination, and ability offers a port. You will never see it in BASE.
Re: possibly generic disk copy and restore question
An even easier solution would be to just buy a new HDD, and stick the original into a static bag. Why make it harder than it needs to be? On 11/21/08, Robert <[EMAIL PROTECTED]> wrote: > On Fri, 21 Nov 2008 14:14:19 + > "John ." <[EMAIL PROTECTED]> wrote: > >> Hello misc, >> >> I want to install OpenBSD/amd64 on my laptop (a recent Toshiba amd >> turon with 3GB RAM) and ONLY have OpenBSD on it, but before I do this, >> I need to know how I can image the disk and restore it subsequently. >> It has vista on, and I may need to restore vista should I subsequently >> need to sell the laptop at some future date. >> >> The hard disk was partitioned and formatted at the manufacturers. The >> first primary partition is not visible as usable space - I think this >> if from where the OS was prepped. >> >> Has anyone had this scenario, if so, what did you use to image the >> data? Have you restored it since? >> >> thanks >> > > My tool of choice for this is: dd > > Just dd the whole drive to a file, compress it and store it somewhere. > > Depending on how easy it is to rip out the harddrive and if you have > another system around you can use for imaging that might be the fastest > way. > > Otherwise you can image over the network or to an external medium. > With usb-bootable systems i use a usbstick with openbsd to get a > working enviroment. On older systems a knoppix cd still comes in handy. > Over the network just redirect the output from dd over ssh. > > To restore the image just dd it back onto the drive. > > That's as simple as it gets and works also works for the "funny" > partitions with the factory-restore stuff. > > To answer your last questions: > Recently got a new Thinkpad, Vista license/media, XP preinstalled, no XP > key/media, thought an image might come in handy sometime, imaged as > described above, image-file is collecting dust scince then, don't > really expect to restore it anytime soon. > But an image produced this way can be restored and the system would be > "working" the same way it was at the time you made the image. > > (If you only have a NTFS drive around to store the image, > gparted+partimage would be another sollution.) > > > - Robert
Really large drives (was Re: Is there a "badblocks"-equivalent for OpenBSD?)
Travers Buda wrote: I can certainly see various drive makers pushing capacity irrespective of reliability. Germane to this case, some of them reduce the reserve storage for bad sectors for that extra storage. Going along with this, on a recent trip to my local computer megastore, I noticed that 1TB SATA drives are starting to hit the market. With RAID cards like arc(4) around, that makes it pretty easy to build really massive arrays. I'm no good at reading code, so I'm wondering if thought is being given on how to make the physical size (not filesystem... I totally understand why those should be kept small) limitation of http://www.openbsd.org/faq/faq14.html#LargeDrive a non-issue on 64-bit platforms (realizing, of course, that it's a lot harder than something like making an int into a double, since fdisk and so on would need to be made 64bit safe as well)?
Re: Really large drives (was Re: Is there a "badblocks"-equivalent for OpenBSD?)
Matthew Weigel wrote: Chris Zakelj wrote: ... I'm wondering if thought is being given on how to make the physical size (not filesystem... I totally understand why those should be kept small) limitation of http://www.openbsd.org/faq/faq14.html#LargeDrive http://www.openbsd.org/43.html "New Functionality: ... o The ffs layer is now 64-bit disk block address clean. This means that disks, partitions and filesystems larger than 2TB are now supported, with the exception of statfs(2) and quotas." So, yes, thought is being given... Sweet... I missed that when I did my quick reading of the new features. Is it safe to assume the guideline of 1M RAM per 1G of file system to do a reasonable fsck is still valid? a non-issue on 64-bit platforms Whether a system is 64-bit or not isn't very relevant to this - that mostly establishes what the memory address space is, *not* the size of integers that can be used by the system. Ok... insufficient understanding on my part there :)
newfs during install
Trying to install 4.3 from scratch onto the machine I use as my home file server, coming against a problem. The previous configuration was 4x160g as a RAID-5 for OS/support/whatever, and 4x300g drives RAID-5 for samba. I've changed the config so that it's now 2x160 as RAID-1, and 6x300 as RAID-5, necessitating the reinstall. The problem I'm having is that the 1.5T array now exceeds the install script's 2^31-1 limitation of an FFS filesystem. Is there a way I can pass "-O 2" to newfs during installation (telling it to use FFS2), or am I better off using growfs once the system is up and running?
Trying to get a very large array online
Having myself a bit of a problem that the man pages haven't helped me
figure out. Running 4.3-RELEASE(amd64) with an Areca 1220 host
controller, I'm trying to bring a 5T RAID-5 array online (nothing but
samba storage, everything OS lives on sd0). In the dmesg, the
card+array show up thus when initialized using 64bit LBA:
arc0 at pci6 dev 14 function 0 "Areca ARC-1220" rev 0x00: irq 11
arc0: 8 ports, 256MB SDRAM, firmware V1.43 2007-4-17
scsibus1 at arc0: 16 targets
sd0 at scsibus1 targ 0 lun 0: SCSI3
0/direct fixed
sd0: 305245MB, 54265 cyl, 24 head, 480 sec, 512 bytes/sec, 625141760 sec
total
sd1 at scsibus1 targ 0 lun 1: SCSI3
0/direct fixed
sd1: 4769346MB, 74959 cyl, 511 head, 255 sec, 512 bytes/sec, 9767621120
sec total
Trying to fdisk, this is what I get:
# fdisk -e sd1
Enter 'help' for information
fdisk: 1> p
Disk: sd1 geometry: 608006/255/63 [1177686528 Sectors]
Offset: 0 Signature: 0x0
Starting Ending LBA Info:
#: id C H S - C H S [ start:size ]
---
0: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
fdisk: 1> e 3
Starting Ending LBA Info:
#: id C H S - C H S [ start:size ]
---
3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
Partition id ('0' to disable) [0 - FF]: [0] (? for help) A6
Do you wish to edit in CHS mode? [n] y
BIOS Starting cylinder [0 - 608005]: [0]
BIOS Starting head [0 - 254]: [0]
BIOS Starting sector [1 - 63]: [1]
BIOS Ending cylinder [0 - 608005]: [267349] 608005
BIOS Ending head [0 - 254]: [89] 254
BIOS Ending sector [1 - 63]: [4] 63
fdisk:*1> p
Disk: sd1 geometry: 608006/255/63 [1177686528 Sectors]
Offset: 0 Signature: 0x0
Starting Ending LBA Info:
#: id C H S - C H S [ start:size ]
---
0: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
3: A6 0 0 1 - 73307 76 55 [ 0: 1177681798 ] OpenBSD
fdisk:*1>
Clearly that's not right. Trying "fdisk -i sd1" results in an MBR that
starts at 0-1-1, but still ends at 73307-76-55. If I use 4k blocks
instead of 64bit LBA...
sd1 at scsibus1 targ 0 lun 1: SCSI3
0/direct fixed
sd1: 4769346MB, 80750 cyl, 252 head, 60 sec, 4096 bytes/sec, 1220952640
sec total
# fdisk sd1
Disk: sd1 geometry: 80750/252/60 [1220952640 4096-byte Sectors]
Offset: 0 Signature: 0xAA55
Starting Ending LBA Info:
#: id C H S - C H S [ start:size ]
---
0: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused
*3: A6 0 0 1 - 80749 251 60 [ 0: 122094 ] OpenBSD
So far, so good. But now disklabel+newfs cause problems...
# disklabel -E sd1
Initial label editor (enter '?' for help at any prompt)
> a d
offset: [0]
size: [1220952640] 900g
Rounding to cylinder: 235932480
FS type: [4.2BSD]
...
#size offset fstype [fsize bsize cpg]
c: 12209526400 unused 0 0
d:2359324800 4.2BSD 2048 163841
e:235932480235932480 4.2BSD 2048 163841
f:235932480471864960 4.2BSD 2048 163841
g:235932480707797440 4.2BSD 2048 163841
h:235932480943729920 4.2BSD 2048 163841
i: 41290240 1179662400 4.2BSD 2048 163841
> q
Write new label?: [y] y
# newfs sd1d
newfs: wtfs: write error on block 1887459839: Invalid argument
Since each individual slice is only 900g, I would have thought I'm
safely below the sector addressing limits of an FFS filesystem, and it
would have worked. Granted, I could split the array itself into three
sub-2T logical volumes, but I've noticed a very large performance hit
just on the initialization stage in doing so (5 hours for 64bit/4k,
nearly a day when split). Am I doing something wrong, or bashing up
against a subtle limitation of fdisk/disklabel/newfs somewhere? Full dmesg:
# dmesg
OpenBSD 4.3 (GENERIC) #1368: Wed Mar 12 11:05:31 MDT 2008
OpenBSD Order and austin@ encrypted block
Got my pre-order entered a couple days ago, but I still haven't been able to find what keyserver is being used, and thus, I have no idea what austin's PGP message block says. Google turned up nothing about austin@ except a message two years ago about a totally different issue. Is there an oBSD specific keyserver, or am I missing something else? Original Message hEwDrSNaAuoqDVkBAgCeqJQORcw6my6yFazgGyyTdHWmT7Rk67BW/t2XbTigq2u3 QLsMezjHQJu2C9lOnLtgKp+JNuOfjLtGRDcc+lqppgAAAWrDWEmE4f9LPMVZorkE 5a/72Av7vn0K3d7+bLuP4MhIvxt3AWdYmvXJ8ayNUWbMFczfSiEC/5PRRkVsvRVg ajImub3K01rERV7u5x0KS9eTYE9/eiXqjuFe+napu7rlEjgyCANwCmuM7do6PJ7R LHkRqy+mv++5XSdoBgmVGlaWR8d5wKP5e2/jL+mVcUwVp6KvtWT0uH2eb67opekO OiJWBGhMppaj6B4cQBRjI0MtXstjucVhdNu2YrM4P36o7TiVmcrJtmSqYdlFybaO F4Xs6IhQwC9/vBHzm9fFI6Qj+JmfirTX/tk9WtQ8STbzbgO1FYbxHV56y8ZOEuQd wlSWw9B8UY0Yxx7BEl84awAGXp//+JL/03RptWpRnsbArRlVOC7nenbAIGoKT+VN pjxm+MgBKqP1AJ5gnCDMua2D21LEQoEFxXGLkOuBUtDbmiIehoaxzGtH4V5KCPSK fjpUHwhdVroTaLkurQ== =8kgO -END PGP MESSAGE-
Re: Custom kernel for Soekris net4801-50
"Richard P. Koett" <[EMAIL PROTECTED]> wrote:I'm setting up a Soekris net4801-50 (128 Mb RAM) for use as a firewall. For storage it has a 40Gb IDE drive rather than compact flash. For my first attempt I used a generic install of OpenBSD 3.9. The user complained that Internet access seemed slow, however. I'm planning to try again using a custom kernel based on the config file included with Chris Cappuccio's Flashdist installer. (A copy is provided below for reference). Is this a good idea? If I go this route I expect I should comment out the MFS option in the Flashdist config since I'm not using compact flash, and uncomment FFS_SOFTUPDATES. Would anyone care to suggest other changes I should make this config file for my scenario? Any other advice would be appreciated. I have no previous experience with Soekris products and very little experience with custom kernels. I realize that this list is not for supporting people using custom kernels but I hope it's okay to ask a few general questions like this. Thanks, RPK. How much bandwidth is in question here? I've got the exact same setup (4801-50) running GENERIC 3.9, and can saturate my PPPoE 6M/768k DSL line and still be at 65% idle, just by using priority queues in PF. In general, you want to look for configuration and user problems before blaming the kernel.
Re: Custom kernel for Soekris net4801-50
Rod.. Whitworth wrote: > I have a 4801 with CF installed with 3.9 in exactly the manner I would > install on a HDD. > Rod, tried to email you off-list, but it seems my ISP is relaying through a Chinese server that's on your blacklist. Anyways, what special sauce are you using to install to CF? Any time I've tried it using my IDE-CF adapter, the install seems to go cleanly (including fdisk/disklabel), but when the time comes to boot off the CF card (Lexar 512M), I'm stuck with 'ERR R', suggesting something is happening to the translation. I'm discounting (perhaps incorrectly) the possibility of a read error since it's happened with three different cards.
Re: howto clean disks ?
Diana Eichert wrote: On Wed, 1 Jun 2005, Anthony Roberts wrote: The 'dd' way is good enough unless someone is willing to to tear the drive apart in a lab. Items required for "sure fire" disk cleaning methodology. qty. 1 hard drive to clean qty. 1 high velocity military rifle I usually use a .223 round, but other parts of the world may prefer .308(7.62x51) or 7.62x54. qty. what number of rounds you feel like of previously described firearm place drive in front of dirt embankment position yourself ~100'/30M (you want to get some practice in don't you?)from the target, hrrrm, drive. begin target practice, hrrrm, drive cleaning, until drive is thoroughly destroyed, hrrrm, cleaned. retrieve spent brass ( you do reload don't you?), hrrrm, drive cleaning materials (this next step is optional depending on how environmentally conscious you are) pick up remains of target, hrrrm, cleaned hard drive and dispose of properly. remember, always thoroughly clean your firearm, hrrrm, drive cleaning tool after use. there, that should do it diana Nick, I'm beginning to think the addition to the FAQ archived at http://marc.theaimsgroup.com/?l=openbsd-misc&m=106302607626276&w=2 might be a good idea. Though I have to admit, Diana has a very interesting (and probably very fun) alternative :)
Re: MySQL issues
The answer is in the archives ;) Trust me, I'm the one who caused it to be so. Hint: You'll want to create datadir and socket directives in /etc/my.cnf John Tate wrote: Hey, I am having trouble with phpBB2 running on my OpenBSD 3.6 machine, it cannot connect to the database (Mysql). I am guessing this is because Apache and phpBB2 are running in a chroot environment and cannot connect to the Mysql Server's socket. What is the best way around this (preferably) without taking apache out of chroot? Yours, John.
Reading CVS tags
I think I've got this figured out after checking anoncvs.html, but I'd like a thumbs up (or a cluestick) to be sure... OPENBSD_3_7_BASE -> -RELEASE OPENBSD_3_7 -> -STABLE HEAD -> -CURRENT
OT: Programming portability
I'm curious as to how programs actually get ported from one OS to another, and if certain directions are easier than others. That is, how does one figure out what needs to be changed in order to make OpenNTPD work on Linux? Is it generally easier to move a program from $some_bsd to $some_other_os, or from $some_other_os to $some_bsd? How would you even begin to port something like OpenSSH to a non-Unix system like Windows? Does the chosen language (C, C++, Java, etc) make a difference in difficulty? When I've built from ports, I can see make files doing OS detection, but from there (not being a very good coder), I can't really make out how it changes the code based on that. Any recommendations for "casual programmer" books would be cool... I'm not interested in becoming a kernel hacker or driver programmer, but at least being able to understand what's going on would be nice.
Re: OT: Programming portability
Jim Razmus wrote: * Chris Zakelj <[EMAIL PROTECTED]> [050618 12:21]: I'm curious as to how programs actually get ported from one OS to another, and if certain directions are easier than others. That is, how does one figure out what needs to be changed in order to make OpenNTPD work on Linux? Is it generally easier to move a program from $some_bsd to $some_other_os, or from $some_other_os to $some_bsd? How would you even begin to port something like OpenSSH to a non-Unix system like Windows? Does the chosen language (C, C++, Java, etc) make a difference in difficulty? When I've built from ports, I can see make files doing OS detection, but from there (not being a very good coder), I can't really make out how it changes the code based on that. Any recommendations for "casual programmer" books would be cool... I'm not interested in becoming a kernel hacker or driver programmer, but at least being able to understand what's going on would be nice. Not exactly a shallow subject. Take a look at this: http://www.oreilly.com/catalog/port/index.html Jim Looks like a great start, but it's marked as being out of print :( Still, Amazon has to be good for something :) From the description, it looks like it deals with the first part of my question (the 'how' part), but I can't tell if it goes into the 'directions' or 'languages' part. Suggestions there?
Re: OT: Hardware keyloggers embedded in new keyboards?
Dave Feustel wrote: I thought you had more insight. All of OpenBSD's security is at risk with this technology. The security features of an OS will not stop a physical attack, no matter how well designed. This is no different than the admin leaving root's password on a post-it note stuck to the underside of the file drawer. If you don't trust your physical environment, change it. In this case, I'd remove the 'secure' flag from ttyCn, and use either a serial console or SSH in from a keyboard I trusted (by buying it myself from a retailer, and using appropriate tamper-evident tape).
Re: OT: Hardware keyloggers embedded in new keyboards?
Dave Feustel wrote: The device is obviously not new. What *is* new is that it is being installed as oem equipment inside of keyboards for HP and Dell systems and also inside of 'used keyboards which can be unobtrusively switched in for older keyboards. Then the companies doing the switching can secretly monitor all the keystrokes of the user, picking up everything the user types. There is no way to detect the keylogger short of opening up the keyboard. Shortly I predict the keylogging functiion will be incorporated into the keyboard cpu so that even opening up the keyboard will not permit the presence of the logger to be detected. What's new is that this functionality now comes builtin to new systems, possibly at the behest of Homeland Security, which would in that case know the password needed to retrieve the logged keystrokes. So far I see no defense against this spying technique of password capture. If you haven't noticed, companies (probably driven by lawyer paranoia) have been becoming more and more aware of the problems associated with employees misusing email. While as a person I find this rather intrusive and annoying, as an employee and (I shudder to think) potential PHB in 40 years, I find nothing wrong with it. My continued employment depends, in part, on the positive public image my predecessors have spent years building up, and to have it destroyed by a couple of people using company resources in inappropriate ways would really tick me off. Do they have a right to see what I do at home? Hell no, it's not their resources I'm using. But when I'm at the office, they've got every right, because it's their equipment, and their bandwidth. As for the "homeland security" argument, do you have any idea how much raw data they'd have to sift through before coming to something appearing to be a password? This really wanders into the realm of "only the criminals have something to fear", simply because monitoring every computer user in the country would be a task only HAL could perform... and we all know how well that turned out.
Re: OT: Hardware keyloggers embedded in new keyboards?
Dave Feustel wrote: If you read the FAQ carefully you would note that the keylogger chip is now being installed in oem equipment for the company marketing the keyboard. Buying a unit off the shelf does not guarantee that there is no keylogger chip installed in the keyboard. No, but it does mess up the ability of whoever is watching to remotely access what they thought was your keyboard. Sorta like being given a computer with ethernet MAC fe:ed:de:ad:be:ef:00:00, then switching it for a card with MAC 12:34:56:78:90:ab:cd:ef. Now your spy agency has to break into the place and find out what the new card is, otherwise they're not getting anything.
Re: OT: Hardware keyloggers embedded in new keyboards?
Dave Feustel wrote: You are making fact out of fiction and also dealing with the wrong scenario. If everyone's keystrokes are monitored by a builtin keylogger in each computer, then the computer of any 'person of interest' is an open book to any 3-letter agency that decides to find out what that person has on his/her computer. This power will be widely used illegally no matter what safeguards are proposed. And you are wearing more tinfoil than the dude in "Conspiracy Theory." Just because there's a keylogger doesn't mean it's possible to access that information. Firewall off SMTP. Oops, now it can't use its built-in sendmail. Forbid inbound access, aww, there goes SSH/telnet/rlogin access. For every technological problem, there is a technological fix. Just ask the DVD Consortium how well CSS worked. Better yet, ask Sony about their audio CD protection... I got your $2 hack right here, and it's called a "Sharpie". Others have pointed out the futility of your Chicken Little rant. This is your last scrap from me.
PPPoE on 486
I'd like to give a big hoot and cheer Theo and the gang. The new kernelized PPPoE is fast enough to keep up with two MMORPG instances, three internet radio streams, and three large downloads combining for an average of 130kb/sec all at once, while still being 30-50% idle! It never even came close when I tried with 3.4 and 3.5 (see threads from around this time last year). dmesg below. Both ep's are 3C509B in non-PNP mode, full duplex enabled. I imagine it would still grind to a halt if I tried to SSH stuff on account of the crypto (it's a 33MHz chip), but DSL firewalling doesn't require that :) top says... load averages: 0.34, 0.27, 0.25 CPU states: 5% user, 0% nice, 5% system, 55% interrupt, 35% idle OpenBSD 3.7 (GENERIC) #50: Sun Mar 20 00:01:57 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel 486DX (486-class) real mem = 66695168 (65132K) avail mem = 53452800 (52200K) using 839 buffers containing 3436544 bytes (3356K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 05/05/91 pcibios at bios0 function 0x1a not configured bios0: ROM list: 0xc/0x8000 0xd/0x4000 cpu0 at mainbus0 isa0 at mainbus0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard vga0 at isa0 port 0x3b0/48 iomem 0xa/131072 wsdisplay0 at vga0: console (80x25, vt100 emulation), using wskbd0 wsdisplay0: screen 1-5 added (80x25, vt100 emulation) wdc0 at isa0 port 0x1f0/8 irq 14 wd0 at wdc0 channel 0 drive 0: wd0: 8-sector PIO, LBA, 2457MB, 5033952 sectors wd0(wdc0:0:0): using BIOS timings wdc1 at isa0 port 0x170/8 irq 15 atapiscsi0 at wdc1 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable cd0(wdc1:0:0): using BIOS timings ep0 at isa0 port 0x2a0/16 irq 12: address 00:60:97:b6:04:8e, utp (default utp) ep1 at isa0 port 0x300/16 irq 11: address 00:60:08:12:df:f5, utp (default utp) sb0 at isa0 port 0x220/24 irq 5 drq 1: dsp v4.11 midi0 at sb0: audio0 at sb0 opl0 at sb0: model OPL3 midi1 at opl0: pcppi0 at isa0 port 0x61 midi2 at pcppi0: sysbeep0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec fd1 at fdc0 drive 1: 1.2MB 80 cyl, 2 head, 15 sec biomask e745 netmask ff45 ttymask ffc7 pctr: no performance counters in CPU dkcsum: wd0 matched BIOS disk 80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 pppoe0: phase establish pppoe0: phase authenticate pppoe0: phase network
Re: PF & Citrix ICA
TheSG wrote: I have been struggling with this issue for a few days now. I have a Citrix server (customer site) that I cannot connect to through my OpenBSD 3.7 pf firewall. I am able to reach this Citrix server if I go direct (no firewall). I know the Citrix server is open to everyone on the Internet. However, something is happening when my Windows client passes through the OpenBSD pf firewall - I do not receive any packets back from the Citrix server. I have tcpdump running on the outside and inside of the firewall and I see the match rules that allow out from the Inside interface then out the outside interface but I never see any traffic back from the Citrix server. My rules are simple. I have actually done a pass in log all keep state & pass out log all keep state in my rules with nothing else (no block or pass) and it still fails. I see the traffic go through the pf box but never see anything from the Citrix server. I do know this Citrix server is being firewalled by a Check Point NG firewall. I do not believe they are running any IDS or anything else that would block my connection attempts. Has anyone got this to work? If so, what does the rule(s) look like? Thanks. I'm able to connect to my company's Citrix without any trouble, though I don't know offhand who the firewall vendor is. I believe my "magic pixie dust" is this line... nat on $ext_if from $int_if:network to any -> ($ext_if:0) static-port the ':0' suffix tells PF not to include aliases, while 'static-port' tells it not to translate outbound TCP/UDP ports.
Re: 3.7 - in kernel pppoe
J.D. Bronson wrote: At 02:57 PM 7/5/2005, you wrote: On 7/5/05, J.D. Bronson <[EMAIL PROTECTED]> wrote: > I am wondering if there is anyone using this that can tell me if > there is a way to have 'lqr' supported -or- some other way of knowing > if/when the link goes down? > > Last time I tried this - it worked fine, but if the link went down it > never 'redialed' back to the PPPoE provider > > Using userland pppoe - this is never an issue. > > thanks! > I heard about ten times it was fixed in -current. Stop asking it dammit. Now there's a decent reply. Lets see...this was my FIRST real in-kernel questionI dont seem to recall asking this before. Alot of us CAN'T follow -current. I can't...Thats why i asked about 3.7. Now, can someone out there (that uses 3.7-stable) with more than a peanut for a brain possibly help me? I thought I asked nicely and it was a legit question. Perhaps someone on the list is using this and knows. Otherwise, I can continue to use 3.7 with userland pppoe just fine. Jeff It is a fair question, so I'll note the following: 1. If someone replies to you off-list, respect that. 2. Kernel PPPoE is still quite young. If it isn't in the manpage, odds are it either isn't there, isn't stable, or breaks horribly when you look at it funny. 3. That said, any time my link has gone down, it's come back up quite nicely for me, using nothing but the config laid out in the manpage. Of course, I don't use/need LQR, so YMMV. Perhaps if you posted more meaningful info (http://www.openbsd.org/mail.html), someone could give you a more useful answer.
Re: No DMA? What's going on here?
Shawn K. Quinn wrote: On Sun, 2005-07-10 at 00:16 -0400, Nick Holland wrote: BTW: your 10G drive probably has a jumper to bring it below 8G or 2G, which is more than enough for a firewall, and will speed the boot. You will lose the rest of your disk, however. What's the advantage to this over simply configuring the BIOS to recognize the disk up to its limit? All the BIOS ever needs to see is the first 504M/2G/8G of the disk which is where the root filesystem is, right? And from what I have read, a root filesystem should almost never be larger than 504M anyway, right? Because some BIOSes are seriously damaged. I had an old P-90 that refused to even POST with anything larger than a 2G drive. Lying to get the system to POST, then putting your kernel within the BIOS' boot window will get you far enough to let the kernel take over, letting you use the full drive capacity (usually).
Apache icons inside chroot
I've done the googling and turned up empty :( I'm trying to get the included icons to show when someone does a directory view, but everything I try comes back with: [Wed Jul 27 01:35:57 2005] [error] [client 192.168.0.3] (13)Permission denied: access to /icons/movie.gif failed because search permissions are missing on a component of the path 192.168.0.3 - - [27/Jul/2005:01:35:57 +] "GET /icons/movie.gif HTTP/1.1" 403 225 in the error and access logs, respectively. I'm almost certain it's because I'm not accounting for the chroot properly (the icons live in /var/www/icons by default). The section of httpd.conf that addresses it reads thus: --- Alias /icons/ "/var/www/icons/" Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all --- I've also tried using "/icons/", "/icons", and "../icons", all with negative results. The files inside /var/www/icons are all mode 444, and the directory itself is mode 644, so I'm not sure what permission it needs that it doesn't already have. Where should I look next?
Re: Apache icons inside chroot (SOLVED)
Chris Zakelj wrote: I've done the googling and turned up empty :( I'm trying to get the included icons to show when someone does a directory view, but everything I try comes back with: [Wed Jul 27 01:35:57 2005] [error] [client 192.168.0.3] (13)Permission denied: access to /icons/movie.gif failed because search permissions are missing on a component of the path 192.168.0.3 - - [27/Jul/2005:01:35:57 +] "GET /icons/movie.gif HTTP/1.1" 403 225 in the error and access logs, respectively. I'm almost certain it's because I'm not accounting for the chroot properly (the icons live in /var/www/icons by default). The section of httpd.conf that addresses it reads thus: --- Alias /icons/ "/var/www/icons/" Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all --- I've also tried using "/icons/", "/icons", and "../icons", all with negative results. The files inside /var/www/icons are all mode 444, and the directory itself is mode 644, so I'm not sure what permission it needs that it doesn't already have. Where should I look next? For the archives... the answer lives in man chmod :)
Re: OpenBSD on Dell Dimension 2400 or 3000?
Kevin wrote: A friend needs to order a basic computer with a good warranty, to run as a very basic OpenBSD 3.7 firewall for a cablemodem. I'd put one together from parts, but I don't relish doing "won't boot" hardware support from 1600 miles away. Looking at the Dell Dimension line (probably the 2400 or 3000) one concern is that I don't see *any* reports, success or failure, running OpenBSD on this particular product? One reason to choose the Dell (with a CPU that is way overkill) is that the box may be eventually repurposed as an XP desktop... Alternately, any other suggestions for a US mail order PC vendor with fair prices, quick turnaround, a hardware warranty and a pre-built small tower which will reliably run OpenBSD? This is just going to get shoved under a desk, so rackmount is not a consideration, and it doesn't need to be perfectly quiet. Thanks, Kevin I used one of the Dell Optiplex line about 2 years ago to build a firewall at a chemical plant. I specifically asked my boss to get me the bloody cheapest thing he could that had a PCI slot, and that's what I ended up with. As long as you stick to the hardware compatibility list, you shouldn't have any trouble. I will note that when I built that firewall, the embedded NIC was an xl, which of course threw out all sorts of "Command not completed" errors. Whether or not that is still a problem on current kernels (this was built in the 3.3 days), I couldn't tell you, as my current home firewall has an rl and an fxp in it.
Re: twiki
Johan P. Lindstrvm wrote: I would like to co-write an installation guide for twiki (it's in packages) for us less seasoned obsd monglers, I am finding it not-so-straight-forward and would like to help every one else on their way, does anyone know whom I may contact about this matter or do you feel the spotlight? I am more then willing to supply "first line support" for this package if it would come to that. //Johan You probably want to get a hold of Daniel Ouellet, who's been spearheading the unofficial documentation project at www.openbsdsupport.org. It's a bunch of documents that we in the community have written for folks who are willing to do their homework, but haven't quite worked out how to get from manpage to production. You'll notice that some folks write in a style very similar to Nick Holland's official FAQ, while others (like me) are quite different.
Re: twiki
Johan P. Lindstrvm wrote: This is much appreciated, after reading Nick Holland's post ( http://www.holland-consulting.net/obsd/faq-help.html ) I can't do more than agree and feel challenged. How ever, I am missing some details for my FAQ and would really like to get in touch with the individual/group whom made the package to make it more useful, or am I taking the wrong approach? Well, binaries are built and distributed by Theo and the other devs. The packages themselves are built from the ports tree, which is maintained by any number of people. It sounds like they're the ones you're looking for. Take a look inside the Makefile ;)
Re: Why packets are not blocked
Steven wrote: > * Jim <[EMAIL PROTECTED]> [060307 20:36]: >> The problem is that if the kid is already logged into AOL Instant >> messenger, the connection is not broken. So even though she is >> grounded, she can still chat all day on AIM. Why isn't this pf.conf >> file blocking everything on that computer? > I'm not anything of a pf expert, but shouldn't this be expected if > you have keep state rules in your pf.conf? I mean, you've changed > the rule-set, but the connection was set up before the change, and pf > will want to keep allowing the packets from the connection to pass > as a result. > > Just my $0.02 CDN, even with the current exchange rates, still not > worth a lot. I'll let the real experts handle it from here. :-) Aye. You're flushing rules and NAT, but not your state table. Since the state is already established, rules aren't re-evaluated. Adding a state flush ought to get AOL wiped out. Just be mindful that if you have something going on (like an SSH session), those states will also get nailed.
Re: Openbsd PF Book
Qwerty wrote: > Hi All, Could anyone please tell me if the book "Building firewalls with > OpenBSD and PF" (found at Amazon), would still be applicable today, or is > it a bit outdated. Thank You Danny It won't have some of the most current goodness (like the new kernel pppoe(4) driver) mentioned, but the underlying concepts are all still valid.
Re: OpenBSD via serial line
STeve Andre' wrote: > On Monday 01 May 2006 22:15, John Kintaro Tate wrote: > >> I was wondering about installing OpenBSD on a very old laptop (no cdrom) >> via serial line. I am aware it would take literally ages. >> >> I am guessing slip would be the way to go, I have never used it before. >> Does anyone have anything they can point me at with a reasonable >> introduction, such as certain manpages etc. >> >> John >> > I've never thought about a serial feeding. You're right, it would > take forever. My suggestion would be to take the disk out of the > laptop and stuff it into a more modern unit and do the install > that way, or, get an adaptor and put the disk into an i386 box > and do an install that way. Either way is apt to be faster than > using a serial line (gack). > How about a USB PCMCIA card plus USB CD-ROM? Probably need the 'c' floppy instead of the 'a', but it might work.
ADSL PCI cards
About to build a Soekris box for my firewall, and in the interests of getting everything as small and compact as possible, I'd like to replace my current Speedstream 5260 ADSL modem with something along the lines of Sangoma's S518 (http://www.sangoma.com/datasheets/p_s518adsl-specs). Nothing is said about it on the i386 hardware compatibility list, so before I throw money at it, I'd like to know if anybody has used it (or something similar) successfully.
Re: dynamic dns update
I've been using ddclient from packages successfully for the better part of a year. Before that, it was ipcheck.py (until it started doing abusive updates). riwanlky <[EMAIL PROTECTED]> wrote: Hi, I will like to know if OpenBSD have the capability to update my dynamic ip to www.dyndns.org. I am currently running myDYNIPPRO on Windows to update my dynamic ip. I want to move to OpenBSD. I had currently running sendmail, popa3d, mrtg, mySQL on the machine. Thanks and best regards, Riwan
Strange happenings with .forward
Ok, I'm fairly certain I've done something on my side, but I've no clue
what. Running on a fresh install of 3.9-RELEASE, the only thing I've
changed in mail is swapping the default 'localhost.cf' in /etc/rc.conf
for 'sendmail.cf' in /etc/rc.conf.local, and installing pine to read it
(mail frustrates me, and mutt annoys me). There are two user accounts on
the system, one (czakelj) is used for sending emails relating to my
website, and another (junk) which gets used when I need to test
something without breaking the "real" address. I'd like to use a
.forward file to bounce things from the real address to my regular one,
since I don't always remember to log in and look for mail there. Of
course, I tested it on the junk account first, with the following
$ cat /var/www/home/junk/.forward
[EMAIL PROTECTED]
Things worked just swimmingly when I sent a test email, so I did the
same thing to the real account. Only that address can't get through,
because apparently it's being rejected by an upstream server despite my
using the same laptop and same sending email address. Pulled from
/var/spool/mqueue:
# cat qfk531KLXH030430
V8
T1149297622
K1149297622
N1
P30912
I0/5/20696
MDeferred: Connection refused by orion.ieee.org.
Fbs
$_ylpvm25-ext.prodigy.net [207.115.57.56]
$rESMTP
$sylpvm25.prodigy.net
${daemon_flags}
${if_addr}68.75.22.92
S<[EMAIL PROTECTED]>
MDeferred: Connection refused by orion.ieee.org.
Cczakelj:1000:1000:<[EMAIL PROTECTED]>
rRFC822; [EMAIL PROTECTED]
RPFD:[EMAIL PROTECTED]
H?P?Return-Path: <g>
H??Received: from ylpvm25.prodigy.net (ylpvm25-ext.prodigy.net
[207.115.57.56])
by bbhhs96.dyndns.org (8.13.4/8.13.4) with ESMTP id k531KLXH030430
for <[EMAIL PROTECTED]>; Fri, 2 Jun 2006 21:20:22 -0400 (EDT)
H??Received: from [127.0.0.1] (adsl-68-75-22-92.dsl.wotnoh.ameritech.net
[68.75.22.92])
(authenticated bits=0)
by ylpvm25.prodigy.net (8.13.6 smtpauth.dk/8.13.6) with ESMTP id
k533RQav002018
for <[EMAIL PROTECTED]>; Fri, 2 Jun 2006 23:27:27 -0400
H??Message-ID: <[EMAIL PROTECTED]>
H??Date: Fri, 02 Jun 2006 23:27:20 -0400
H??From: Chris Zakelj <[EMAIL PROTECTED]>
H??User-Agent: Thunderbird 1.5.0.4 (Windows/20060516)
H??MIME-Version: 1.0
H??To: [EMAIL PROTECTED]
H??Subject: test forwrd
H??Content-Type: text/plain; charset=ISO-8859-1
H??Content-Transfer-Encoding: 7bit
H??X-Antivirus: avast! (VPS 0622-4, 06/02/2006), Outbound message
H??X-Antivirus-Status: Clean
.
Is this something I've messed up on my side, or did my test email
possibly go through a different pool server that had a different
configuration, and there's nothing I can do about this?
Re: The Wikipedia article on OpenBSD
Jan Izary wrote: > Recently I and several other people have worked to improve the OpenBSD > article contained in the Wikipedia, I'm sure I need not explain how it > works. > > Anyways, I've worked to get as much easily accessable information > regarding OpenBSD in that article as possible and I've pretty much run > into a wall, I've got little else I can add. > > I am putting a call out to the OpenBSD community at large to give a > look at the article and see if they can improve it, fleshing out > anything that has gaps and explaining some of the more complex concepts. > > Things like OpenBSD centred screenshots would be nice if people would > be willing to upload them and list them in the gallery. > > I would have put this on the advocacy list, but really it seems to be > dead and most advocacy seems to run through the misc list. > > Thanks > > http://en.wikipedia.org/wiki/OpenBSD Looks pretty good. My only suggestions would be to note that Nick handles the official FAQ, and adding Daniel Ouellet as the organizer/caretaker of the unofficial user's library.
Adaptec 1205SA
Szechuan Death wrote: > Speaking of which: Which driver supports the Adaptec 1205SA? Anybody? > Bueller? Manpages are not forthcoming. Don't know if any of them do, especially now that Adaptec SCSI has been removed from the kernel. However, if any dev wants it, I just removed one from my gaming machine, and I'd be more than happy to send it their way. Semi-related: I've also got a Promise PDC20269 PATA-133 controller sitting around that any dev is welcome to if that driver (probably part of wd or pciide) needs work.
Re: Adaptec 1205SA
Nick Holland wrote: >Were I a betting man, I'd bet the 1205SA is supported by the pciide(4) >driver. It appears to be a very basic SATA controller. If it's not >supported by pciide, it probably could be. Probably isn't even an >Adaptec chip on it. > > You're right... pulling back the sticker, it's a Silicon Image SIL3112ACT144, which (from i386.html, forgot to look there first, my bad) looks to be supported already. >>Semi-related: I've also got a Promise PDC20269 PATA-133 controller >>sitting around that any dev is welcome to if that driver (probably part >>of wd or pciide) needs work. >> >> >That chip/card is specifically listed in i386.html (pciide, again), is >there a problem you are having with it? > No problems... actually, I've never even pulled it out of the bag (it was included with a 300G hard drive I bought a year or two ago). Just figured I'd offer it on the off chance someone needed one to hack on.
Re: Updated CCD Mirroring HOWTO
J.C. Roberts wrote: >On Sat, 26 Nov 2005 17:00:39 +, Michael Quaintance ><[EMAIL PROTECTED]> wrote: > > >>JCR, >> >>/Please/ don't loose your verbosity. >> >>For newbies like me, your lengthy descriptions of why the OpenBSD >>community thinks like it does are incredibly useful. Short, pithy >>explanations like Tony's are great for people who already understand but >>those of us just starting on our quest can often find them as cryptic as >>the proverbs of Buddha. >> >> >Michael, > >Please do not mistake me and my opinions for the opinions of the OpenBSD >community in general. OpenBSD users and developers actually thrive on >the conflict of differing opinions; a reasonably friendly competition to >figure out and prove both what works and what works best. > >More importantly, do not mistake my opinions as being those of an >OpenBSD DEVELOPER. Though some of them might agree with me, others will >not. The OpenBSD developers have their own community and social group >which is private, exclusive and based on what you do. Unless you have >the dedication it takes to do a *LOT* for the project you'll never know >what their community is like. I'm not a developer and not part of their >internal community but I do know it exists. > >I'm just a normal user who doesn't contribute a great deal to the >project, so there is a *HUGE* difference between me and the people who >actually have both the expertise and dedication needed to write quality >code to improve the project. -To them, I'm just another loud mouth >chatting away on misc@ rather than doing something more productive. > >Kind Regards, >JCR > I'm going to take this thread for what I think it is... the old guard telling us youngin's that our efforts are appreciated, but we've got a bit more to learn about how things work, and how to write good documentation, before we're really ready to jump into these things the way we have been lately. I've noticed a decent drop in the number of "How do I get PPPoE working" and "How do I get Apache+MySQL+PHP working" questions on the list, which is what prompted Daniel to create openbsdsupport in the first place, so in a way, we've been successful in what we set out to do. That said, it's about time I revisited the userland PPPoE doc I wrote a while back one last time and mark it as obsolete, especially in light of the amazing pace that Can has been keeping on the kernel interface, and how user-friendly the pppoe(8) manpage is. Call me a masochist, but I sorta like being clobbered over the head by Theo and his team. I learn more about how to do things right that way than I ever have by picking up a book or guessing at what a doc was trying to tell me.
Re: latin pedants (was theo fwd)
scorch wrote: >>>Errare humanum est, perseverare autem diabolicum! >>> >>> >>Stilus email est humanus , tamen caput capitis - stipes est diabolical. >> >>and >> >>Quid quid latine dictum sit, altum videtur >> >> >usque ad mortem bibendum :-) > > Any hope of getting a translation? Having gone to a public school, I was never indoctrinated with latin.
Re: Problem with Realtek 8139 in very old machine
Giancarlo Razzolini wrote: >Hi again, > > I've managed to make a serial laplink connection with my linux machine, >so now i'm able to access my OpenBSD machine, using the pppd. > > I'm seding my full dmesg, for your apreciation and i hope it will help >to solve my problem: > Just a shot in the dark, but have you tried clearing your CMOS between all these card flips, and checking to be sure that a card-edge trace (or a slot contactor) hasn't become damaged?
Re: BOINC
Johan P. Lindstrvm wrote: >I'm sorry if this comes across as flame bait, that's not my intention. > >With that out of the way; > >How about that BOINC initiative, http://boinc.berkeley.edu is that >something that interests anyone else? > >I can come to think of plenty of reasons why one would not want a port >of it, I use obsd for my critical servers where I want as few pieces >of sw as possible. Is there a need /desire for it? > I run it on my WinXP machines and (knock on wood) haven't had any incidents. If you or someone else creates a port, it'll find a home on my machines, as they sit around doing absolutely nothing practically 24/7, and I think contributing to the science projects represented is a worthwhile goal. Does my answer work for other folks? Probably not. Some will be bound by policies forbidding it even if they wanted. Others may consider the risk too great. It's up to them whether or not to trust BOINC and the port.
Re: BOINC (power consumption info
jared r r spiegel wrote: > OT, and please don't interpret me as naysaying using spare CPU to > contribute to distributed computing projects, but i was interested > to see how much more power my machine ate while running dnetc. > > http://www.ice-nine.org/jrrs/meter/ > > ( taken from a watts-up pro meter and awk/rrdtool frickery ) > > the plateau is me running dnetc, and the bookends are pretty much > idle usage (a little screen/w3m/ssh here and there). > > ~275 W at idle; ~335 W at full tilt. ( i have my monitor (22" CRT) on > that power outlet too, which increases my baseline by about ~80W, > iirc ) > > in passing i am curious about what the cumulative power consumption > of all the projects is. > > again, OT, but wanted to share. > That's a pretty nifty graph you made. I stuck the 335W dnetc and 275W baseline into my trusty TI-82 calculator (I've never trusted my own arithmetic since taking differential equations), and came up with a 60W difference. This is exactly the same wattage that the light bulb in my apartment hallway uses. I'm sure you can see where this is headed ;) Is finding ET, the cure for cancer, or proof of gravity waves worth leaving one extra lightbulb on? For me and many others, the answer is 'yes'.
Teamspeak server
Ok, getting a bit frustrated, so asking the list. Has anyone successfully put a TS server onto an oBSD environment, and if so, what steps are involved? MARC only turned up one link (non-relevant, they wanted to run clients behind PF), while the google hits I got were all woefully out of date and involved linux emulation. Browsing through CVSWEB/ports didn't turn up anything promising, either :( It looks like there's an active fBSD port, but with my giraffe-like coding ability, I haven't a clue where to start to make it work with oBSD. If someone does have the ability, I'm willing to be the guinea pig.
Re: Help
Ricardo Lucas wrote: >Good night everybody, > >i'm starting in openBSD now and I need some help of you if it is possible. >I've installed a firewall using openBSD, of-course, it's working thank's >GOD, but I wanna know, when I make a nat in pf.conf like this above: > >nat on $ext_if from $int_if:network to any -> ($ext_if) > >why I have to put the :network, if I do not put this nat, it's do not work, >I know that it's a noob doubt, but I just wanna know why this happen. > >Another doubt, It's more like a sugestion, is what the program I could use >to monitoring the traffic of my network, and to produce statisticians and >more functions? > > >Since already thank's for your time, and my appologies for my bad english. > >Hug' > Ricardo, two hints... $man 5 pf.conf (it's about halfway down) If that doesn't work, compare: nat on $ext_if from $int_if:network to any -> ($ext_if) to: $sudo pfctl -show nat By your question, I get the feeling you're probably reading the PPPoE guide I wrote, but haven't done your homework like I told you to. BAD BOY!! GO READ THE MAN PAGES LIKE I SAID!!
Re: Teamspeak server
John Danks wrote: >On 12/8/05, Bernd Schoeller <[EMAIL PROTECTED]> wrote: > > >>I had run the current TeamSpeak server in Linux emulation on 3.8 just >>a couple of weeks ago, although I have to admit that this was just for >>testing. But it seemed to work fine. >> >> >I managed to get it running in -current but it was unreliable. Some parts of >the web interface didn't work at all. The voice part seemed to work at first >but later the whole thing locked up. > >The Teamspeak forums are full of questions about OpenBSD support with no >answers. It looks like the current release isn't written in C, but a port is >in progress. > Ok, I get the feeling that linux emulation is about the only choice at the moment, and function/stability is dodgy at best. Bummer... means pointing that firewall hole at windows instead of oBSD :( At least the 'port is in progress' gives me hope, though I don't see how moving an application from one language to another quite fits the term 'port'.
hostap mode on existing firewall
New project I'm trying to work out since the last was a flame-out.
Trying to get my firewall to double as a secured access point so I can
actually carry my laptop around. I've got a working card:
ral0 at pci0 dev 11 function 0 "Ralink RT2560" rev 0x01: irq 12, address
00:11:50:14:f6:a0
ral0: MAC/BBP RT2560 (rev 0x04), RF RT2525
and what I think is a reasonable hostname.ral0 file:
inet 172.16.0.1 255.255.0.0 NONE media autoselect mediaopt hostap \
nwid this_is_only_a_test nwkey totally_sucks chan 11
Here's the problem I've run into... after staring at the dhcpd.conf man
page for a while, it didn't seem like you could feed it two interfaces
at once. So off to Google, where the top articles (for Linux,
admittedly) seem to confirm that you can't serve both the wired and the
wireless internal interfaces at the same time. Ok, fair 'nuff. So now
I consider the possibility of putting ral0 into a bridge with fxp1, and
thought this might work...
/etc/hostname.fxp1:
inet 192.168.0.1 255.255.255.0 NONE
/etc/hostname.ral0:
inet 192.168.0.6 255.255.255.0 media autoselect mediaopt hostap nwid
this_is_only_a_test nwkey totally_sucks chan 11
#I've also tried 172.16.0.0 255.255.0.0 with the same results
/etc/bridgename.bridge0:
add fxp1
add ral0
up
/etc/dhcpd.interfaces
fxp1 ral0 bridge0 #not sure whether ral0 or bridge0 is what dhcpd listens to
and finally at the end of /etc/pf.conf
pass quick on { fxp1, ral0, bridge0 }
Needless to say, I'm getting no love there, either. Is what I'm trying
to do simply not possible, or is there something (obvious, perhaps) that
I'm missing. Yeah, I could go down the street and just buy a WAP, but
that defeats the purpose of learning.
Re: hostap mode on existing firewall
Niall O'Higgins wrote:
>On Wed, Dec 14, 2005 at 09:20:06PM -0500, Chris Zakelj wrote:
>
>
>>Here's the problem I've run into... after staring at the dhcpd.conf man
>>page for a while, it didn't seem like you could feed it two interfaces
>>at once. So off to Google, where the top articles (for Linux,
>>admittedly) seem to confirm that you can't serve both the wired and the
>>wireless internal interfaces at the same time.
>>
>>
>Of course dhcpd can handle multiple interfaces. I don't know how you
>could have gotten the idea that it couldn't. If you read even the
>on-line synopsis of the manual page or looked at dhcpd's usage you
>would see this is clearly supported.
>
>Note the [...ifN]:
>
>dhcpd [-dfn] [-c config-file] [-l lease-file] [if0 [...ifN]]
>
>
Should have been able to get that myself, but for some reason it just
went right by me (just like the '#ed0 le0' line in the default
dhcpd.interfaces file did). Time to stop trusting Google implicitly.
>>I consider the possibility of putting ral0 into a bridge with fxp1, and
>>thought this might work...
>>
>>/etc/hostname.fxp1:
>>inet 192.168.0.1 255.255.255.0 NONE
>>
>>/etc/hostname.ral0:
>>inet 192.168.0.6 255.255.255.0 media autoselect mediaopt hostap nwid
>>this_is_only_a_test nwkey totally_sucks chan 11
>>#I've also tried 172.16.0.0 255.255.0.0 with the same results
>>
>>/etc/bridgename.bridge0:
>>add fxp1
>>add ral0
>>up
>>
>>/etc/dhcpd.interfaces
>>fxp1 ral0 bridge0 #not sure whether ral0 or bridge0 is what dhcpd listens to
>>
>>and finally at the end of /etc/pf.conf
>>pass quick on { fxp1, ral0, bridge0 }
>>
>>Needless to say, I'm getting no love there, either. Is what I'm trying
>>to do simply not possible, or is there something (obvious, perhaps) that
>>I'm missing. Yeah, I could go down the street and just buy a WAP, but
>>that defeats the purpose of learning.
>>
>>
I've gotten a couple of offlist replies which suggest I'm at least on
the right track with this part, but making three mistakes (one in
hostname.ral0, one in pf, and one in dhcpd.interfaces). I'll be able to
try what I think are 'fixes' later this evening.
