Bastien Durel | 27 Mar 18:31 2015

icmp6 get dropped on gif tunnel

Hello.
I have an openbsd router with 2 upstreams (one pppoe (pppoe0 on sis1),
one ipoe (sis0)).

I have a sixxs(6-in-4) tunnel (gif0).
If the gif tunnel is on one of my providers (pppoe0), it works well. 

gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
        description: Sixxs
        priority: 0
        groups: gif egress
        tunnel: inet 109.190.17.241 -> 212.100.184.146
        inet6 fe80::200:24ff:fecf:42ac%gif0 ->  prefixlen 64 scopeid 0xc
        inet6 2001:6f8:202:19c::2 -> 2001:6f8:202:19c::1 prefixlen 128

the 2001:6f8:3c8::/48 subnet which is routed via this tunnel

This provider gives me native Ipv6, so the tunnel is pretty useless, and
I want to put it on the other provider, which doesn't.

But when I move it on the other provider, the tunnel basicly works (I
can ping an inside box (2001:6f8:3c8:42:xxx) from the outside), but the
router does not answer to ping, on the tunnel endpoint Ipv6
(2001:6f8:202:19c::2) nor on any other interface (in 2001:6f8:3c8::/48).

Then sixxs count it as down, and will disable it if nothing is done. I
can ping from router to remote tunnel endpoint (2001:6f8:202:19c::1),
but remote tunnel endpoint does not get any answer when it ping my
router endpoint. nor does can I ping it from outside. 

(Continue reading)

Comète | 27 Mar 11:19 2015

Intel I211 NIC not working on Shuttle DS57U with latest snapshot

Hi,

i've just installed the latest snapshot on this new fanless little
machine with 2 NICs (one I218-LM and another with I211 chipset) and the I211
is not detected, dmesg returning: "EEPROM Checksum is not valid". I've looked
at "man em" and saw I211 was supported.

Any idea ?

Thank you.

Morgan
OpenBSD 5.7-current (GENERIC.MP) #896: Thu Mar 26 14:56:12 MDT 2015
    todd <at> amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 2009530368 (1916MB)
avail mem = 1944829952 (1854MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8  <at>  0xec2f0 (81 entries)
bios0: vendor American Megatrends Inc. version "1.05" date 01/16/2015
bios0: Shuttle Inc. DS57U
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC FPDT FIDT MCFG HPET SSDT UEFI SSDT ASF! SLIC SSDT SSDT SSDT DMAR
acpi0: wakeup devices PEGP(S4) PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4) PEG2(S4) PXSX(S4) RP01(S4)
PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) RP05(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
(Continue reading)

Bernd Schoeller | 27 Mar 10:25 2015
Picon

Intel 5th gen NUC graphics support

Hi -

I just aquired an Intel NUC (NUC5i5RYK) to use as my main OpenBSD 
desktop system.

After getting kernel panics when booting 5.6, using a SNAPSHOT seems to 
work well (panic was: lapic_set_lvt: bad pin value 228). The next hurdle 
I have to overcome is getting accelerated X to work. There is also no 
support for a framebuffer console (which is probably related).

I think the critical part of the X11 output (full dump below) is:

[    30.163] (II) AIGLX: Screen 0 is not DRI2 capable
[    30.163] (EE) AIGLX: reverting to software rendering

Is the new graphics chipset already supported in OpenBSD, and I just 
have the configuration wrong? Or will I have to wait for support? 
Anything I can do to help development?

Thanks,
Bernd

PS: Two other observations: the kernel takes rather long to load (15 
seconds) and I get this line of strange symbols in the dmesg below.

DMESG:

OpenBSD 5.7-current (GENERIC.MP) #895: Wed Mar 18 18:55:03 MDT 2015
deraadt <at> amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8453918720 (8062MB)
(Continue reading)

Some Developer | 27 Mar 09:03 2015
Picon

C++14 and C11 support sucks in OpenBSDs default compiler - any chance of Clang in base?

I'm not entirely aware of the changes that the OpenBSD developers have 
made to the version of GCC that ships with OpenBSD but is there any work 
being done on including Clang in OpenBSD base?

It has a BSD compatible license unlike GCC. It has its own debugger with 
the same license unlike GDB.

So what are the reasons why OpenBSD has so far shunned Clang and LLDB? 
Is it missing some extra security features that the OpenBSD team have 
added to their version of GCC?

Any info is appreciated.

R0me0 *** | 27 Mar 03:11 2015
Picon

Gource

http://www.echothrust.com/blogs/monitoring-pf-logs-gource

jin&hitman&Barracuda | 26 Mar 21:15 2015
Picon

Leap seconds

As you know, the leap second issue will occour on 29th. June. I saw
articles on some Linux distro's web page. It looks like there is a bug on
the Linux kernel and it was effected on 2012.

I would like to ask, is there anything which i should do on my OpenBSD 5.6 ?

Sorry for my English

L.R. D.S. | 26 Mar 19:55 2015
Picon

Set PKG_PATH using Time Zone?

Is really boring write the package repository everytime we install. 
Why not set the repository using the Time Zone as a reference?
For example, if you set Japan as your zone, then run
export PKG_PATH=http://www.ftp.ne.jp/OpenBSD/'uname -r'/packages/'uname -m'/

rizz2pro . | 26 Mar 19:07 2015
Picon

Change routes with multipath?

Hello everyone,

I hope I posted this in the right area, I don't usually join mailing lists
so I am still a bit of a noob.

Anyways, hoping someone could help me out. I am coming up empty on my
searches figuring this out.

If I have 2 default gateways configured with priorities, how would I modify
the priorities using "route change"? I would prefer not to have to delete
the route and re-add them.

$ sudo route add -mpath default 64.4.4.4 -priority 1
$ sudo route add -mpath default 129.2.2.2 -priority 15
$ sudo netstat -rn | grep default
~
# default           64.4.4.4       UGS        3     3308     -     1 em0
# default            129.2.2.2       UGS        0        0     -    15 em1

If I try to change priorities:

$ sudo route change -mpath default 129.2.2.2 -priority 1
~
# route: writing to routing socket: No such process
# change net default: gateway 129.2.2.2: not in table

Any hints as to how I can change priority on a default multipath route? I
would appreciate it greatly.

Thanks for reading.
(Continue reading)

Predrag Punosevac | 26 Mar 18:21 2015
Picon

L2TP using Npppd and IPsec

Hi Misc,

I need to provide secure access to a web application running on my
servers to handful typical desktop users. I am thinking of requiring
them to have L2TP/IPSec VPN tunnel before they can browse my
application. HTTPS is not good enough due to the nature of the
application. 

Why L2TP? I am not a Windows uses but it seems that it should be trivial
to setup client side

https://www.hideipvpn.com/2010/03/howto-windows-7-ipsecl2tp-vpn-setup-tutorial/
and avoid customer service requests, on another hand I am reading man
pages for npppd and ipsec on 5.7 and Giovanni's slides from two years
ago

http://www.slideshare.net/GiovanniBechis/npppd-easy-vpn-with-openbsd

for the talk he gave at BSDCan IIRC. I don't need to use RADIUS just a
local authentication database. It is in the base and it seems very easy
to configure. 

Is anybody running similar setup in production? Any caveats? Any other
advises before I take a plunge.

Predrag

P.S. I have quite a bit experience with OpenVPN server on OpenBSD but  
in my experience getting credentials to a Windows client is pain because
a typical user knows only to double click and I don't know now to
(Continue reading)

Alexei Malinin | 26 Mar 13:50 2015
Picon

httpd cgi (5.6-stable)

Hello.

I'm trying to get working cgi programs with OpenBSD-5.6 stable httpd on default /var/www but without success:

# cat /var/www/logs/httpd-access.log 
stats.example.com 192.0.2.101 - - [26/Mar/2015:15:30:24 +0300] "GET / HTTP/1.1" 200 376 ""
"Mozilla/5.0 (X11; OpenBSD amd64; rv:22.0) Gecko/20100101 Firefox/22.0"
stats.example.com 192.0.2.101 - - [26/Mar/2015:15:30:24 +0300] "GET /favicon.ico HTTP/1.1" 404 0 ""
"Mozilla/5.0 (X11; OpenBSD amd64; rv:22.0) Gecko/20100101 Firefox/22.0"
stats.example.com 192.0.2.101 - - [26/Mar/2015:15:30:24 +0300] "GET /favicon.ico HTTP/1.1" 404 0 ""
"Mozilla/5.0 (X11; OpenBSD amd64; rv:22.0) Gecko/20100101 Firefox/22.0"
stats.example.com 192.0.2.101 - - [26/Mar/2015:15:30:27 +0300] "GET /cgi-bin/bgplg HTTP/1.1" 500 0 ""
"Mozilla/5.0 (X11; OpenBSD amd64; rv:22.0) Gecko/20100101 Firefox/22.0"
stats.example.com 192.0.2.101 - - [26/Mar/2015:15:31:22 +0300] "GET / HTTP/1.1" 200 376 ""
"Mozilla/5.0 (X11; OpenBSD amd64; rv:22.0) Gecko/20100101 Firefox/22.0"
stats.example.com 192.0.2.101 - - [26/Mar/2015:15:31:24 +0300] "GET /cgi-bin/bgplg HTTP/1.1" 500 0 ""
"Mozilla/5.0 (X11; OpenBSD amd64; rv:22.0) Gecko/20100101 Firefox/22.0"
stats.example.com 192.0.2.101 - - [26/Mar/2015:15:31:26 +0300] "GET /cgi-bin/bgplg HTTP/1.1" 500 0 ""
"Mozilla/5.0 (X11; OpenBSD amd64; rv:22.0) Gecko/20100101 Firefox/22.0"

Please tell me what I'm doing wrong?

My environment:

# cat /etc/httpd.conf
#
# Macros
#
listen_address="10.0.0.1"

(Continue reading)

Or Elimelech | 26 Mar 11:40 2015
Picon

Dell R630 with PERC H730

Hello Misc

I am trying to install OpenBSD 5.6 on the above machine.

1. While using Lifecycle controller and deploy OS I get weird disk layout with
MSDos partition which cannot be removed.
2. While trying to init the raid myself through the raid controller and init
the raid 1 I see <none> in the disks while trying to install

Has anyone encountered this issue?

Thanks

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]


Gmane