comp.unix.bsd.openbsd.misc Google Group

Re: Trying to block a single MAC address using static arp...and failing badly

thatseattle...@gmail.com (Jonathan Rogers) — Tue, 18 Nov 2008 03:26:14 UT

RTFA. Of course he knows enough to change his IP address - I thought
that was implicit in the original discussion. (If I know how to use pf
to block the non-existent, phony, arp-assigned address, then surely I
would know how to block a normal static IP address, yes?)
My original question still stands - even if there are other, better

Re: poor AES performance with VIA Padlock (xcrypt)

pawel.krawc...@hush.com (Paweł Krawczyk) — Mon, 17 Nov 2008 22:36:28 UT

Self-reply - it seems like Padlock is only used if openssl is called
with -evp option:
$ openssl speed -evp aes-128-cbc -engine cryptodev
(...)
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes
8192 bytes
aes-128-cbc 28976.23k 109942.25k 308725.20k 538851.21k

poor AES performance with VIA Padlock (xcrypt)

pawel.krawc...@hush.com (Paweł Krawczyk) — Mon, 17 Nov 2008 21:48:52 UT

I'm trying to benchmark the VIA Padlock crypto engine on OpenBSD 4.3
running 1 GHz VIA CPU. It seems like OpenBSD sees the Padlock feature,
but the crypto performance is pretty poor. This is how CPU is seen by
the kernel:
OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008
dera...@i386.openbsd.org:/usr/ src/sys/arch/i386/compile/GENE RIC

Re: Trying to block a single MAC address using static arp...and failing badly

dnich...@d-and-d.com (DoN. Nichols) — Mon, 17 Nov 2008 21:36:16 UT

[ ... ]
Hmm ... that static address is not going to change? Then block
using it -- if nobody else is likely to get it. (Perhaps remove it from
the list which DHCP will issue to others?)
Anyway -- once you are sure that it will always be him with that
IP address, why not simply route him into oblivion?

Trying to block a single MAC address using static arp...and failing badly

thatseattle...@gmail.com (Jonathan Rogers) — Mon, 17 Nov 2008 17:16:52 UT

I've got an OpenBSD 3.6 firewall (yea, old, will upgrade soon) and I'm
trying to block one noodnik user from the network it controls. For a
variety of reasons, it's going to be easiest to do this by targeting
his MAC address (yea, I know they can be spoofed, but this guy isn't
that clueful).
I'm trying a suggestion seen on some forums that suggests creating a

Re: Permission Denied

j...@nowhere.net (jch) — Tue, 11 Nov 2008 01:02:13 UT

>
_____
Can do. For the solution to my problem see my note to Joachim. The NFS
share with the source(s) was set to "noexec". After making a copy to
/tmp, i was able to show that the compiled code ran as expected. Then i
edited the /etc/fstab file to remove the "no" from the "exec" option.
The OBSD Team keeps pumping out all these great upgrades. I tend to run

Re: Permission Denied

j...@nowhere.net (jch) — Tue, 11 Nov 2008 00:49:11 UT

_____
As i suspected, there is always a simple answer, and Joachim put his
finger on it. The sources reside on an NFS connected file server which
was indeed mounted ...,noexec,.... !! The old OBSD 2.6 computer never
had NFS shares, and the Vector Linux 5.9 is mounted "exec", and that is
why the executable code ran as expected.

Re: Permission Denied

jdnootspamschip...@math.uu.nl (Joachim Schipper) — Mon, 10 Nov 2008 22:57:43 UT

/usr/local/sbin:/home/contrex/ bin:/usr/libexec:/usr/local/li bexec:\
/usr/games:/usr/local/emul/red hat/lib/:
[Line wrapped for convenience - Joachim]
There are many things that could go wrong, but one of the more-likely
and less-obvious is a filesystem mounted noexec.
And no, aside from '.' being in your PATH (which may lead to executing

Re: Permission Denied

es...@lain.home (Marc Espie) — Mon, 10 Nov 2008 22:53:35 UT

I have no clue, it looks like a really weird thing to me.
Still, OpenBSD 3.9 is ancient. Unless you have very good reasons not to,
I would advise you to update to 4.4, maybe the problem will go away. If it
does not, I'm willing to look at it.
Have you tried running it under the system shell ? might be an issue with

Re: Permission Denied

j...@nowhere.net (jch) — Mon, 10 Nov 2008 21:22:49 UT

_____
It is a compiled FORTRAN source to generate N random floating point
numbers between 0 and 1. I am currently running OpenBSD v3.9 on i586.
Here is the sh script (Forcl.sh) i use to compile the source(s):
------------------------------ ------------------------------
prog=`basename $0`
narg=1
if [ $# -lt $narg ] ; then

Re: Permission Denied

daveuhr...@yahoo.com (Dave Uhring) — Mon, 10 Nov 2008 09:06:02 UT

Have you placed some privileged instructions in the program? Can root
execute the program?

Re: Permission Denied

es...@lain.home (Marc Espie) — Mon, 10 Nov 2008 08:17:16 UT

In article <Pine.BSO.4.64.0811091941480.1 8...@cnx4.contrex-consulting.c a>,
Where does your executable come from ?
If it's an old one and you're running a more recent OpenBSD, WAKE UP.
We switched from a.out to ELF almost a decade ago. There's still some
compat.aout mechanism somewhere in the sysctl.

Re: Permission Denied

j...@nowhere.net (jch) — Mon, 10 Nov 2008 06:32:44 UT

Here is the piece of my .bashrc file that sets the path and exports it.
Perhaps i have an error in it?
if [ "$USER" = root ]; then

PATH=.:/bin:/sbin:/usr/bin:/us r/sbin:/usr/X11R6/bin:/usr/loc al/bin:/usr/local/sbin:~/bin:/ usr/libexec:/usr/local/libexec :/usr/local/emul/redhat/lib/:
PS1="\u@\h:/\W\$ "

Re: Permission Denied

j...@nowhere.net (jch) — Mon, 10 Nov 2008 05:01:34 UT

_____
Yes, see below. This is the vexing part!
-rwxr-xr-x 1 contrex contrex 6052 Nov 9 19:09 rndtest_single
I must be doing something wrong, but where? As i said, same syntax on
OBSD 2.6 and VL 5.9 linux runs perfectly. When i use the sh shell i get
the same message:
\u@\h:/\W$ ./rndtest_single

Re: Permission Denied

daveuhr...@yahoo.com (Dave Uhring) — Mon, 10 Nov 2008 04:17:39 UT

Is the file actually executable?
ls -l ./rndtest_single