Thanks, Matthew, for some balances in this thread.
I don't see a need to reconcile the two sides. (It would be good if that
was possible, though.)

RMS wrote, why in his personal opinion, he does not recommend the use of
OpenBSD. And some p*** at him. What a shame ! 'Freedom' is not only
one's choice of software, but also one's choice of an own opinion.
It would serve this list and the people on it well, to allow RMS to voice
his own opinion. And, if in personal disagreement, argue. Like some
act...

Hi,

I decided to CVSUP this morning and compiled the kernel. Unlike
yesterday, the boot hung right after the filesystem mounts/checks. I
thought maybe I had better be in sync with Userland, but make build
did nothing to rectify the situation.
I was very careful in making new /dev's, and also merging /etc/ So I
am at a total loss. The computer requires a hard
reboot so I can't generate any output to look at.

Thanks, Rob.

--
"Emancipate yourself from mental slavery, none but ourselves c...

yes,that is the result of games carp plays with routes (which it
shouldn not, imo, but anyway). it should finally work as advertised in
-current even with unnumbered carpdevs.

--
Henning Brauer, hb@bsws.de, henning@openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam

After doing a lot of head banging, i was able to get it working (so far)

# openssl version
OpenSSL 0.9.7j 04 May 2006
# uname -a
OpenBSD ironhost.fistofiron.com 4.2 GENERIC#375 i386
#

this setting causes lot of errors, hence i have commented it.
#prompt = no # this option is generating lot of errors.

I referred my sites especially: http://www.faqs.org/docs/securing/chap24sec196.html

below is working fine:

#
# cat openssl.cnf
#
# OpenSSL example configurat...

I've seen this happen too but ended up just shutting off ntpd entirely
and croned an rdate in it's place.

In my case the clock goes WAAAAAAY out and even when I fix it it flys
way out on the next NTP interval.
Even if I restart NTPD the damned thing flies way out again a while
later.

I'm sure the clock is totally screwed on this machine but ntpd didn't
help _AT ALL_ just made things worse.
A cron'd rdate is keeping things in check now that I've turned off
ntpd (waiting to replace the ...

Some archs use timecounter code now for the clock. That code has a lot
of benefits, but the range of clock drifts that can be compensated for
is not very big. I have an experimental diff here that might solve

I would really have to look into the code to see if it's feasible to
start adjusting frequency when not synced. Currently I do not think it
will work without some rewriting. I am also worried the complexity of
the code would increase, or some oscillating effect would be

Yes, you can create...

Keeping it simple is always best. I did however as a test create a drift
file, not sure it very accurate as number, but close and the box sync
pretty quickly and still stay in sync. So, there is definitely a case
where it might be needed to create one to start with I guess. I do not
know if that file is updated after the fact however, but there is a way

Will do.

Daniel

I had some issues with my master ntp server not getting in sync to well
and all other equipment sync to it, get very often deny updates because
of source out of sync. This master sync about 2 thousands other time
devices, witch is not a big load by any mean what so ever.

Then looking at it more, I saw some source getting out of sync, etc.

Then looking at the reference at ntp.org, I came across this:

http://www.pool.ntp.org/vendors.html

Quote "You 'must absolutely not use the default pool.n...

Precisely. I have a machine in the US which runs on an Australian
timezone. Automatically setting ntp peers to any subset is going to be
wrong somewhere.

--
Christopher Vance

That is sure 100% true. I was just trying to be sensitive to the request
of the ntp.org itself asking not to do so. There is multiple zone and as
such it would be nice to pick on, just like we pick the timezone when we
install the OS, may be it might be a good idea to also pick the zone for
the ntp at install time no? It might be possible to tie the timezone
selection to what would make more sense for the ntp zone as well I think.

Just like oyu say, it's not possible to know where the system ...

It's fair to follow "their bullshit" (if you can even call it that) if
they're the ones providing the service you're relying on, isn't it?
What's the worry? That who uses OpenBSD will be trackable through ntp
by what pool they use?

-Nick

So perhaps the OpenBSD project could apply for a "vendor zone".
Application is linked to on that page as well.

Either way, thank you Daniel for the tip, I'll make the change in my
site42.tgz file set and retro my existing boxes.

-Chad

You do realize that that specific stance is *completely* hypocritical.

You do not recommend OpenBSD because its ports system states upfront
that there *are* non-free pieces of software that works under it.

But you recommend Linux distros, even though every one out there knows
there are *more* pieces of non-software that work in it.

Even though Linux contains hooks to allow for binary blobs, or is careful
to stay compatible with binary drivers from nvidia and ATI for people to
choose from.
...

RMS,

..maybe you should look into the OpenBSD project, methods, and the end
result - not necessarily to promote OpenBSD in some way, because I
don't believe anyone here sees value in that - but to educate
yourself, rather than speak from what someone else has commented on,
or little bits of cursory research. I think it's difficult getting a
sense of what OpenBSD stands for without having used the OS itself, or

the ultimate freedom is that of free choice. As I've seen, the OpenBSD
developers have...

What you recommend is quite boring what is not boring is your lack of
research into this topic. It's ok to not know what you are talking

OpenBSD is by far the most free OS in the landscape. Everything that
ships with it is free or else it won't be distributed with it. There is
not a single open source OS out there that is more careful than OpenBSD
on licensing, copyrights and frivolous patents. We actually have

Unlinke linux OpenBSD does not contain proprietary firmware blobs in the
distr...

Has nothing to do with what "freedom is all about in the U.S."...how
about keeping this apolitical and on subject; that being RMS's
comments as an individual.

Actually, I'm not claiming that your response is irrelevant and In
fact, I agree with your points concerning the rms spin doctor
techniques and misleading comments. The only contention was with the
"this is what freedom is all about in the US".

RMS' comments really do not relate to what freedom (whatever
definition one chooses to employ) is all about; in the US or anywhere
else. RMS's philosophy is "citizenship" neutral, and in order to
properly counter his (misguided) concepts, opposing arguments...

Um, OpenBSD is the only common OS that is actively against blobs. See
http://www.openbsd.org/lyrics.html#39

Sir, it was brought up that the linux distributions you do suggest do
often include in their ports systems non-free software. See e.g.
http://marc.info/?l=openbsd-misc&m=119726055819074&w=2
What do you say to that? Was that a lie or a mistake?

Respectfully,
-Nick

yes, but it is so stupid, the firmware is loaded into the device and
not running in OpenBSD itself.

in the past, the microcode was normally stored in non-volatile memory
on the hardware device, let's say a NIC, but now most of the devices
require to load the firmware into RAM. it is cheaper to do it this
way, flash chips are just too expensive for the mass market. mostly
all of the new ethernet and wireless cards require to load an external
firmware image into the _card's_ RAM, it wouldn't be p...

I noticed some crazy behavior lately,

The box wich I use and where I installed current (for some days) "freezes".
Well it doesn't stop at all.....

I can switch the consoles but I can't input anything (like commands).
The SSH stays open....

The behavior is not related to load and it's pretty much "random".
Sometimes the PC works for36hrs and more and sometimes it "freezes" after
40 minutes.

So the SSH stays open. I had "top -s1" open in a Shell and the time just
"stoped" in there. Later the ...

Sure :)
Just wanted to know if it's known. Not that I may missed a mail at misc@
or so where it was discussed and a solution presented.

--
dmesg
I recompiled (again) to ensure the kernelimage is ok (but did no CVS up so
the code is identical).
--

OpenBSD 4.2-current (GENERIC.MP) #0: Sun Dec 9 19:52:06 CET 2007
root@raven:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Genuine Intel(R) CPU 2140 @ 1.60GHz ("GenuineIntel" 686-class) 1.60 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC...

Seems like a cardbus related issue (like interrupt establishment).
Getting a dmesg and panic trace could help to identify the issue.

ACK packets are part of any two-way TCP/IP communication. Spamd's
mission with respect to blacklisted hosts is to waste spammers' time
by replying slowly. If you primarily want to blackhole rather than
greylist and tarpit, spamd is not the tool you are looking for.

--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 8...

On Mon, Dec 10, 2007 at 04:24:03PM +0100, Renaud Allard wrote:
| Peter N. M. Hansteen wrote:
| > Renaud Allard <renaud@llorien.org> writes:
| >
| >> I just noticed that spamd is trying to send ack packets from 127.0.0.1 to the IP
| >> of the sender when it hits the greytrap IP. I don't feel this is wanted
| >> behavior. Has anymone any idea of why it is doing so?
| >
| > ACK packets are part of any two-way TCP/IP communication. Spamd's
| > mission with res...