can 1 service reload or restart another service?

I believe so

there any prior art?

i'm trying to go the most direct path from cloning freebsd-src to a scripted bsdinstall iso. so i make buildworld/kernel, but there's no etc/usr/ dir to copy my distributable.txz into usr/freebsd-dist/. and release/amd64/mkisoimages.sh errors boot/loader.efi no such file or dir. what's wrong?

usr/ dir, not etc/usr/

buildworld doesn't install the world anywhere

oh so usr/ and all that is built and ready, but it has to be put somewhere?

if you want to make an installed system image you can do make -DDB_FROM_SRC DESTDIR=/path/to/dir installworld installkernel distribution

that won't touch the system i'm running it on right?

as long as you set DESTDIR

if you don't set DESTDIR, it will indeed bugger up the running system

whoa

do i have to sudo run this too btw?

yup

think i got it, i build with sudo make -j8 buildworld buildkernel KERNCONF=GENERIC then i INSTALL to a place with sudo make -DDB_FROM_SRC DESTDIR=~/temp/build installworld installkernel KERNCONF=GENERIC right??

you forgot the distribution target

that's the one that makes /etc and so on

oh distribution, what's that?

my custom.txz in the DISTRIBUTIONS field in bsdinstall script?

make -DDB_FROM_SRC DESTDIR=~/temp/build KERNCONF=GENERIC installworld installkernel distribution

but what do i put for distribution?

the literal word "distribution"

loool

k trying now !!

sorry forgot i make cleaned last night before going to bed so i gotta rebuild now

using all my cores i got it down to like 15 min tho

running

it's there!!

thwhere does boot/loader.eli come from that's still missing?

.efi*

no wrong, it is

weird ls showed different

i wonder if zfs or the terminal was like, stale

ty RhodiumToad!!

there's no usr/freebsd-dist, so do i just make that and put my custom.txz in there? or is there a different route since i'm compiling from source?

just make that

and the only distribution then that will be in freebsd-dist is my custom.txz. i don't need to put base.txz and kernel.txz in there like i have been?

i was before just because i started with an extracted iso distro

that had stuff in freebsd-dist already!

in the installed freebsd dir there is a regular environment but no mkisoimages.sh, why not?

where am i *supposed* to be getting the .sh from that i make an iso image with? from the dir going into the iso, or from the host system, or?

mkisoimages.sh is part of the sources, not part of the built system

ya, ok so use the one from the repo got it

so btw freebsd-dist only having my custom.txz is ok?

well nvm i'll just test it sorry

tyvm

it needs to have whatever distributions you tell bsdinstall to install

can we install a system with no distributions not even base?

what would that even mean? no files?

when i tried it still installed like normal

ya i dunno

but i put nothing for it

DISTRIBUTIONS="" or whatever

is there a git repo or blog post with all this cool stuff?

not that i know of

i got pflog_enable="YES" in rc.conf but tcpdup --list-interfaces doesn't show pflog0 like it should. why's that?

oops got it

anyone tried /usr/obj on tmpfs? that is building world and kernel in tmpfs. how much size is needed, assuming llvm build

iirc, 20-odd gigs for amd64 world+kernel

maybe a bit more if you don't prune out some stuff

ok. so not yet on this laptop. i have 16G of RAM. not planning ram update

i prune unneeded from base. but not from kernel

hello

How does ipfw handle rules added/removed/enabled/disabled via cli after starting the firewall?

Hi. I'm having a problem where my GPT labels are being removed during boot. At the moment, /boot/loader.conf looks like this 0x0.st/HWGZ.txt and my dmesg looks like 0x0.st/HWGN.txt.1

Also, can ipfw refresh rules that are specified using DNS instead of IP?

You can see the label is created "GEOM_LABEL[1]: Label for provider ada2p2 is gpt/freebsd-root." and then a few moments later it's removed "GEOM_LABEL[1]: Label gpt/freebsd-root removed."

Evaluating and possibly moving to ipfw is on my to-do list, but not really high priority. I have a need for manipulating dynamic rules, which I can do with my pf setup (anchors + pfctl), but want to do a quick review of an approach using ipfw before I go ahead and implement it all in pf.

Well, "using" pf, not "in" pf heh.

FragmentedCurve: Got any more surrounding lines on that dmesg?

That's the full dmesg output

Michael Dexter asked me to run this, so I wanted to share it as well: weblog.antranigv.am/posts/2023/10/bhyve-cpu-allocation-256

Title: bhyve CPU Allocation Test for 256 core machine | Freedom Be With All

_xor: Any ideas?

Haven't looked yet, need to finish this script, will look after.

From a quick look, and mind you I'm not super experienced with geom (so take this with a grain of salt), but an obvious first thing to try is use gpart to check GPT+partitions states.

As in make sure it's not corrupt or whatnot.

Should be a read-only action that takes a few minutes to eliminate that possibility.

gpart status and gpart recover don't report any corruption.

Also, if I boot into the livecd from the installer, all the labels show up fine under /dev.

FragmentedCurve: glabel entries are removed if the backing device is opened exclusively via another name

FragmentedCurve: so for example if ada2p2 is mounted under that name, then gpt/freebsd-root is removed

RhodiumToad: Ah, thank you. I just booted into single user mode too and see the labels aren't removed. Is there a way to disable that behavior?

no

that would defeat the point of exclusive opens

it's easier to understand if you look at the graphical display of the geom graph, which you can get by installing graphviz and doing sysctl -n kern.geom.confdot | dot -Tsvg >geom.svg and then displaying the svg in any handy viewer

the rNwNeN entries mean the number of read, write and exclusive opens

i am trying to install freebsd on a new dell vostro laptop. I have used win32diskimager on windows to make a live USB, and i have verified the checksum as specified in the manual. I've disabled secure boot and i've made my USB the main bootable device. however, it doesn't seem to boot into the live usb. what should i do to make it work?

(i understand that dell isn't very good with freebsd support, I'd like to do it as an exercise at the very least.)

Can you explain in more detail what you mean by "it doesn't seem to boot into the live usb"?

well, it seems to show a black screen for a few seconds, and then boots into windows

this is after configuring the boot options in the menu and choosing uefi usb boot

"UEFI" might be the sticking point. Do you have an EFI USB or BIOS USB option?

i will check that and get back here. thanks

which image did you use? some of the hybrid images have issues with some BIOses

oops, too late

my laptop doesn't have legacy boot support.

is there an alternate method to make the usb work for an install?

"< RhodiumToad> which image did you use? some of the hybrid images have issues with some BIOses" "< RhodiumToad> oops, too late"

oh, I used ftp4.tw.freebsd.org/pub/FreeBSD/rel…BSD-13.2-RELEASE-amd64-memstick.img

that should be fine...

i see. I'll look at my bios again and see if there is a setting i can tweak

I'll make a forum post if not

that image is MBR-partitioned rather than GPT, but it has a valid UEFi ESP

wiki.freebsd.org/Laptops#A-F seems to be saying some Dell Vostro models work. Is yours one of those?

Title: Laptops - FreeBSD Wiki

they left again

Thanks0

s/0/./

wiki.freebsd.org/Laptops#A-F seems to be saying some Dell Vostro models work. Is yours one of those?

Title: Laptops - FreeBSD Wiki

i checked the website for my model, it is too new, it's a Vostro 5630

the older ones as i've checked from tutorials seem to have legacy boot

this thread: forums.freebsd.org/threads/unable-t…freebsd-bios-freezes-with-usb.83575 seems to have an idea, but i need another usb for that..

Title: Unable to install FreeBSD, BIOS freezes with USB | The FreeBSD Forums

That doesn't mean it can't be made to work, just that no one has reported on it.

i do believe there should be a way, i guess i will set up a forum post with more details and pictures

Good luck!

mage: The problem with my jail that I was talking a bit yesterday is that I'm not able to install any packages as it seems to say insufficient privileges when it's mounted ro for the most part and only specific ones are read-write. For reference I tried to install via the pkg tool, with: "pkg -j bind install bind"

Quick opinions, how much of this do you agree with? youtube.com/watch?v=YsBxS2WswBw&t=3447s

Title: Michael W. Lucas talks FreeBSD (and whatever else he wants) - YouTube

57:30 - 59:15 (link is timestamped, too)

Specifically the part where he said "80% of people use pf; that's where the loves goes", which got me wondering how much dev activity ipfw sees vs. pf.

I only use ipfw on FreeBSD, so I guess I'm part of the 20%. Alternately, his numbers are made up.

50% each here; new firewalls would be pf

Sorry I forgot one machine not running that has pf installed. So 66.7% (out if 3) in favor of pf

_xor: is there a resoning for the claim that pf is _the_ modern firewall?

so from what I want and need from a firewall pf and ipfw has these features, and I prefere the ipfw config style

Used to use ipfw before pf got on the scene, then took a break from FreeBSD, then came back to FreeBSD in 2019 and decided to look at pf since it was an option then. I find the pf syntax - or maybe its description in pf.conf(5) - slightly less confusing, so pf it is. Which doesn't contribute much to overall ratio, since I only have one computer.

V_PauAmma_V, What are you talking about? That's 100% pf on your side!

For 1 computer. I doubt that's anything but background noise in the overall ratio.

mason: Yeah, the 20% number certainly seems made-up, though I think he meant it more as a figure-of-speech instead of an actual citable number.

satanist: No idea if it's more modern. It's newer than pf, that much is objectively true. Beyond that though, I don't know if it means anything beyond that.

er, I meant pf is newer than ipfw.

Though from the man pages, ipfw seems to have a superset of features that pf offers (as far as I can tell).

V_PauAmma_V: I used ipfw (and ipf for a brief period) in the late 90s and early 2000s, then switched to pf. I'm contemplating utilizing ipfw again after seeing how much it has evolved since I last used it and for my use-cases, it might be easier to manage than pf.

pf works fine for me though, for the most part. Dynamic rules feel kind of strange with anchors and * children.

ipfw looks like it can handle tables without needing a reload, which makes more sense to me.

I should stop saying "dynamic rules", since I think that specifically means rules created and deleted by the firewall itself during processing (e.g. state). What I mean is rules that are added/removed after the firewall is initialized and is ready for processing.

ipfw has no trouble at all handling new table entries or entire new rules added on the fly

42.7 percent of all statistics are made up on the spot.

The reputation of pf is that it is an excellent firewall. And the standalone pfsense has increased that reputation by making it accessible to the unwashed masses.

The upstream for pf is OpenBSD and OpenBSD's pf has the reputation for the most efficient pf implementation. It's fastest on the same hardware.

That FreeBSD has a forked version and has been unable to merge back with upstream is less than great. In a perfect world FreeBSD pf would be in sync with upstream OpenBSD pf.

I personally don't like the configuration style of pf. It's not the way I like to do things. But I am spending all of my effort on firewalls with pf regardless.

As far as I can see I don't think anyone is looking to pry ipfw out of FreeBSD. But M. Lucas is giving his expert opinion that if newbies are looking at a firewall that they should learn pf and I agree that from what I see that is not bad advice.

For one thing it means that if they want "the best" implementation of pf then they can transition to an OpenBSD pf implementation more easily.

And I wish FreeBSD were able to merge the pf implementations back together again so that I would not need to say that.

O.o

maybe in your crowd you dont see the firewall software available inside the source tree being used that much ! but that does not mean is not used at all

huh?

As I understand it, FreeBSD and OpenBSD's kernel internal interfaces are different enough that this isn't a realistic option.

both ipfw and pf are in tree

V_PauAmma_V, That's the problem as I see it too. Things have diverged a lot. If it were easy then it would have been done already. It's now a hard problem.

I'm not a kernel dev, so I won't venture an opinion of my own on feasibility or hardness.

(Or effect on filtering performance.)

This is all opinion discussion. Above _xor asked how much people agreed with M. Lucas in that user group talk.

I think if people are using ipfw and happy then they should keep being happy and keep using it.

I think that generally people on the outside when they think of *BSD firewalls though that they think of pf. And pfsense (on FreeBSD too!) has increased that visibility.

But honestly *BSD firewalls are only a small fraction of the Linux netfilter firewall use. Outnumbered by massive numbers there.

Just guessing based on what I'd imagine it would be like to merge FreeBSD pf with OpenBSD pf, but I'd have to imagine it would be a pain based on just knowing that FreeBSD's version of tree since it was originally merged in has added multi-threading.

So I'd imagine all of the sync primitives and data structures required would be scattered about all over the place, not contained within a few specific places.

yep

it would be nice for a very specific comparison of syntax and things between freebsd and openbsd pf