We are looking forward to seeing you!''

Indeed! :-)

[Tags: Events, hackathon] [Slashdot It!]

``EuroBSDcon2012
18 - 21 October 2012, Warsaw, Poland

EuroBSDcon is the European technical conference for people working on and with BSD based operating systems and related projects. EuroBSDcon 2012 is the 11th EuroBSDcon and will take place in Poland, 18-21 October 2012 in Warsaw. EuroBSDcon is a great and unique time to learn more about the powerful BSD systems we use everyday and to connect with other developers around the world. ''

[Tags: eurobsdcon, Events] [Slashdot It!]

The old addresses are going to be available at least another week.''

Background of this change that the ISP of most of the NetBSD services requires renumbering. Of course this only affects IPv4, not IPv6 :-)

[Tags: ] [Slashdot It!]

``To start with, the man pages for ipf(5) and ipnat(5) have been rewritten from scratch to make them easier to understand and thus easier to use the various features in IPFilter. In addition there is now an ipmon(5) that supports delivery of log messages to different destinations - including generating SNMP traps messages.

There are a few new actions that can be used with ipnat.conf. The one that will be of most interest to people is "rewrite" which supports translation of both the source and destination address with a single rule. Use of an rdr/map combination is no longer required. There are also some others that are more experimental. One of those is a "divert" action that takes a packet and puts an IP + UDP header on the front, allowing "raw packets" to be delivered to any socket. Similarly, replies from that socket have the relevant header data removed.

There are a few extras for ipf.conf, most notably it now allows for defining limits on how many different hosts/networks can have a state entry in the state table for each rule. IPFilter 5.1.1 also supports specifying a filter rule group for the filtering of ICMP packets that match an entry in the state table. Additionally, there is a new rule - "decapsulate". This has been designed to allow filtering on "inner headers" of packets that have been encapsulated in clear text. It will, for example, allow filtering on IPv4 headers inside of IPv6 packets (or vice versa.)

It is no longer required to have a separate ipf6.conf file. Both IPv4 and IPv6 packets can be used in the same file. For those that have separate files today, they should not interfere with each other unless you have "block in all" for IPv4 and "pass in all" for IPv6 or similar. In that case, the "block in all" will affect IPv6 traffic. This is a reflection of the internal design where there is now only a single list of filter rules, not one for each protocol. Check the man page for ipf.conf for more details.''

[Tags: ipfilter, Security] [Slashdot It!]

``First, my problem was I had just replaced my motherboard on my custom build PC. Once I got Windows 7 64-bit loaded and everything working, I sat up to clone my system drive. The drive is a 500GB Seagate Barracude, SATA 2 drive. Cloning locally to an identical drive.

When booting into g4u, my transfer speeds were extremely slow. Normally, my 500 Gb clones take only about 90 minutes. But this was still working after over 6 hours. The g4u transfer speed was reporting only 1.5 Mb/sec.

I shut things down, and went into my system BIOS. I noticed that the SATA mode was set to "IDE Mode" for my drives. I changed this to "AHCI Mode" and continued to boot into g4u. This worked to fix the transfer speeds, and my clone finished normally. Getting 83 Mb/sec.

Once the drive was finished, I attempted to boot into Windows, but it would not boot. I had to change my BIOS back to "IDE Mode", then Windows behaved normally.

Upon researching this, I am now learning that you should enable AHCI Mode BEFORE installing Windows for it to work. Apparently, if Windows is not installed while using AHCI Mode, it disables the drivers for AHCI on the system drive. So if you later enable AHCI in your BIOS as I did, Windows will not have the driver loaded. I saw there is a fix on the Microsoft web site, but I haven't attempted to try it yet.

If someone else runs into a similar problem, hopefully this will help you.''

FWIW, g4u-2.5beta1 is based on NetBSD-current from January 2012, so checking your BIOS may help anyone seeing bad disk performance out there.
(Emphasizes in the text added by me)

[Tags: g4u, performance] [Slashdot It!]

There's also is a PDF which lists the BSD Associate (BSDA) examn objectives on 57 pages. That's neccessary!

There is currently no training material available that covers all the examn objectives, and that allows people interested in the certification to start learning. That sucks!

Now that's where I'd like to ask the NetBSD (and actually the whole BSD community) for support: This is not a small task, but I think it would be worthwhile for the whole community to have that available, either in closed (paper/book) or in public (electronic) form.

Any takers?

Update: Jeremy Reed reminds me that he has startet a Wiki-based approach to cover all topics of the BSDA, with the eventual goal to publish the result in book form. There is a Wiki-to-PDF transformation engine already in place, and the primary focus can be put on the contents at this point. So, this is the point where YOU come in. Have a look, get involved, participate in a novel project!

[Tags: bsdca, bsdcertification] [Slashdot It!]

Dan continues: ``BSDCan 2012 will be held 11-12 May, 2012 in Ottawa at the University of Ottawa. It will be preceded by two days of tutorials on 9-10 May.

NOTE: This will be Fri/Sat with tutorials on Wed/Thu.

We are now accepting proposals for talks.

The talks should be designed with a very strong technical content bias. Proposals of a business development or marketing nature are not appropriate for this venue.

If you are doing something interesting with a BSD operating system, please submit a proposal. Whether you are developing a very complex system using BSD as the foundation, or helping others and have a story to tell about how BSD played a role, we want to hear about your experience. People using BSD as a platform for research are also encouraged to submit a proposal. Possible topics include:

• How we manage a giant installation with respect to handling spam.
• and/or sysadmin.
• and/or networking.

See also "Restore CD Howto" for actual installation procedures: http://www.NetBSD.org/ports/cobalt/restorecd-howto.html: (though RestoreUSB is not mentioned yet) and see files in .tar.gz archive for more details. ''

Time to get out the good old Cobalt cube :)

[Tags: cobalt] [Slashdot It!]

Remember that this is a test release, so your feedback is wanted - either to me in person, or to the g4u-help mailing list. Thanks!

Here's a full list of changes:

• New commands "uploadmbr" and "slurpmbr" to backup and restore the master boot record, which includes the partition table. Required to restore a partition to an empty disk.
• New command "copymbr" to copy the MBR from one disk to another, similar to "copydisk"
• New command "wipedisk" to write the disk full with 0-bytes once from start (sector 0) to end (last sector)
• Enable command line history/editing by forcing /bin/sh to be built without -DSMALL (ugly hack... there be lots of dragons!)
• When setting up a fresh compile tree, g4u patches are now applied automagically without aborting the build
• Error detection was now enabled in the dd(1) command, which is the core of g4u (surprise!). With that, disks with broken/unreadable sectors should now be copied, skipping the unreadable sectors and copying the rest. This affects a number of programs: copydisk, copypart, uploaddisk, uploadpart. BEWARE: I wasn't able to actually test this as I do not have a disk with bad sectors here. Please report back your experiences!!!
• Make this build with NetBSD-current sources as of 2012-01-12
• New drivers added to the kernel:
  • RDC PMX-1000 IDE controllers
  • Intel SCH IDE controllers
  • TOSHIBA PICCOLO controllers
  • Attansic/Atheros L1C/L2C Ethernet
  • Broadcom BCM43xx wireless
  • Agere/LSI ET1310/ET1301 Gigabit Ethernet
  • RDC R6040 10/100 Ethernet
  • USB LCDs and USB-VGA adaptors, e.g.:
  • DisplayLink DL-1x0/1x5
  • Option N.V. Wireless USB WAN modems
  • Microsoft RNDIS specifications USB ethernet
  • Atheros AR9001U USB Wifi
  • Intersil PrismGT USB Wifi
  • Virtio PCI, memory balloon, disk & network devices
  • ... and many more that slipped past QA
• ... and any driver updates, optimizations and bug fixes and other enhancements from NetBSD-current

• ISO
• compressed ISO
• First floppy
• 2nd floppy
• 3rd floppy
• all 3 floppies
• sources

[Tags: gpl, licensing] [Slashdot It!]

Apparently FreeBSD's telnetd currently has such a problem, and I think it's fair that Colin Percival as the FreeBSD Security Officer did release the advisory, even if it's in a sub-optimal timeframe.

For those NetBSD uses wondering if there's a similar problem in NetBSD's telnetd: Apparenly an unchecked argument can cause memory corruption by a memcpy length parameter overflow in sub-option processing (for terminal type, size etc.). This was fixed in NetBSD thanks to a hints from Colin. There's no NetBSD Security Advisory yet, but people still using telnetd in production networks may consider rebuilding libtelnet and telnetd.

So, to those of you who have moved to SSH: Happy Holidays!
To the rest: Happy Updating! :-)

[Tags: Security] [Slashdot It!]

• NetBSD Security Advisory 2011-008: OpenPAM privilege escalation

  Affects pkgsrc, all release branches and -current before 2011-11-09, it's fixed in all branches (current, netbsd-4 and -5) after that date.

  Details from the advisory: ``The pam_start() function of OpenPAM doesn't check the "service" argument. With a relative path it can be tricked into reading a config file from an arbitrary location. NetBSD base utilities pass fixed constant strings. 3rd party programs which run with elevated privileges and allow user chosen strings open an attack vector.''

• NetBSD Security Advisory 2011-009: BIND resolver DoS:

  Affects pkgsrc, all release branches and -current from before 2011-11-20, it's fixed in the CVS branches after 2011-11-20.

  Details from the advisory: ``Unpatched BIND 9 resolvers may cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. ISC provided a patch which makes named recover gracefully from the inconsistency, preventing the abnormal exit.

  The patch has two components. When a client query is handled, the code which processes the response to the client has to ask the cache for the records for the name that is being queried. The first component of the patch prevents the cache from returning the inconsistent data. The second component prevents named from crashing if it detects that it has been given an inconsistent answer of this nature.''

BSD Certification covers NetBSD, FreeBSD, OpenBSD and DragonflyBSD, and has the goal to offer certification about BSD specific tasks in both Associate and Professional levels.

Based on my personal, most recent experience, certification is a good thing as you can show that you have a full grasp on a topic with all the relevant topics, and that you didn't only learn the few things that are relevant for your current job. Get certified!

[Tags: bsdcertification] [Slashdot It!]

Details include setting up a TFTP server for loading the bootloader and getting DHCP sending out the right files.

[Tags: g4u, pxe] [Slashdot It!]

The latter one is worth quoting in this blog's NetBSD context: ``We are now focused on three things: NetBSD compatibility, embedded systems, and reliability. 3.2.0 will have a lot of headers, libraries, and userland programs take from NetBSD, which is a very stable, mature system. The BSDs are quite popular as you may know. One of them is sold under the brand name "Macintosh" by Apple. [...]

We think NetBSD is a mature stable system. Linux is not nearly as well written and is changing all the time. NetBSD has something like 8000 packages. That is enough for us.''

Further topics include multicore and microkernel architectures, grants from Google and the European Research Council, software licensing, the GPL and Linux. Have a look!

[Tags: minix, tanenbaum] [Slashdot It!]

To go on from there, I found that my NetBSD VM's only disk was too small to do anything useful. Options for enlarging that came to mind:

1. NFS - see 'panic' above, no go.
2. Adding another (virtual) disk - easily doable, but I felt like not adding one
3. Extending the existing disk - adventure time!

1. Enlarge the last file system on disk
2. Fix the partition table to add another partition for the new space

For those in a similar situation, here are the steps to use the newly gained space on an enlarged (virtual) disk:

1. Prepare: save the old output of "dmesg" (/var/run/dmesg.boot is OK)

2. Enlarge - VMware Fusion wants a shutdown for that, you cannot suspend the machine

3. After booting, run a diff on the saved "dmesg" output, to learn what the old and new size of the disk is, in sectors. My diff looks like this, note the size change in sectors:

   -wd0: 10240 MB, 22192 cyl, 15 head, 63 sec, 512 bytes/sect x 20971520 sectors
   +wd0: 20480 MB, 44384 cyl, 15 head, 63 sec, 512 bytes/sect x 41943040 sectors 

4. Backup the existing/old disklabel, just in case: disklabel wd0 >disklabel.BAK

5. Edit the disklabel: disklabel -e wd0

6. In the editor, adjust the disk size in sectors from 20971520 to 41943040:

   total sectors: 41943040 

7. Partition 'd' is the full disk on i386/amd64, it starts at sector 0 and is 41943040 sectors big

   #        size    offset     fstype [fsize bsize cpg/sgs]
    d:  41943040         0     unused      0     0        # (Cyl.      0 -  44384*)
   

8. Partition 'c' is the NetBSD part of the disk. As this VM only has NetBSD, all the usable space is used. Note that "usable" space excludes the first 63 sectors of the disk (mbr etc.), i.e. it is 41943040 - 63 = 41942977 sectors:

   #        size    offset     fstype [fsize bsize cpg/sgs]
    c:  41942977        63     unused      0     0        # (Cyl.      0*-  44384*)
   

9. After this everything is in sync with the new disk again, and the remaining/new space can be used for new partition 'e'. As the new space starts where the disk used to end, its offset is the old size, 20971520 sectors.

   The size of the new partition expands from the offset sector 20971520 to the end of the disk at sector 41943040, i.e. the partition size is:

   % expr 41943040 - 20971520
   20971520
   

   In total, this gives for the new partition:

   #        size    offset     fstype [fsize bsize cpg/sgs]
    e:  20971520  20971520     4.2BSD   2048 16384     0  # (Cyl.  22192*-  44384*)
   

10. Last, create file system, mount and populate:

    # newfs /dev/rwd0e
    # mkdir /disk2
    # echo '/dev/wd0e /disk2 ffs rw,log 2 2' >>/etc/fstab
    # mount /disk2
    # cd /usr ; pax -rw -pe -v stuff /disk2
    # rm -fr stuff ; ln -s /disk2/stuff .
    

P.S.: I'm offering choccolate to anyone fixing crossbuilding of NetBSD-current from Mac OS X. Any takers?

[Tags: disklabel, fusion, g4u, vmware] [Slashdot It!]

``There are also "lite" versions of the Linux operating system available, including NetBSD, which is at www.netbsd.org. One of the amazing things about NetBSD is the variety of hardware pieces it will run on.''

[Tags: linux, sudbury] [Slashdot It!]

The MBR95 features WiFi 'N' with a 2x2 internal antenna configuration, which allows it to be much more portable than the MBR900 that had two antennas the stuck up in the air. This also removes the concern of breaking your WiFi antenna and you still receive the same 100-150' (Real world tests) wireless range you'd receive with the MBR900. You'll also have the ability to do dual SSIDs (Wireless Network Name), which can allow you to create a business end for private users and a guest network for public users. This feature will also allow you to create multiple categories for different devices; in example: QoS (Quality of Service), VoIP and more. The new NetBSD is also the only platform that will allow users to use WiFi as WAN, which allows them to use another WiFi source as failover or connect their hotspot enabled smartphone. ''

See the full article for more information. The system is available for about $110US in the 3G Store, there's also a longer list of features and techincal details.

Update: Of course there's also an official vendor page.

[Tags: cradlepoint, lte, mbr95, Products, wimax] [Slashdot It!]

Interested NetBSD users have a variety of options to get NetBSD to talk IPv6, and Eric Haszlakiewicz has posted about his experience: ``If anyone else has been putting off setting this up because it seemed like it would be hard to do, I urge you to give it a shot.''

To test ones IPv6 connectivity, there are several websites available.

[Tags: ipv6] [Slashdot It!]