00:02:01 <victori> oh I see what I did wrong hah
00:18:06 <s2r> Is anybody running tailscale inside a jail?
00:24:15 <scoobybejesus> no, but it would be great to see a write-up on how someone is running it in a loopback jail (as opposed to vnet or shared ip)
00:29:41 <s2r> I've read that it's possible however I'm still getting an error regarding missing /dev/tun even though I created a rule in /etc/devfs.rules and linked it to jail conf.
00:30:41 <s2r> also I restarted defs, server devfs restart before restarting the jail.
00:51:23 <entrop> s2r: are all the relevant kernel modules loaded on the host, not the jail?
00:52:38 <entrop> s2r: or https://forum.tailscale.com/t/tailscale-on-a-freebsd-jail/923/4
00:54:52 <s2r> I will check it, thank you. After setting the jail to vnet I no longer get /dev/tun missing error.
03:03:01 <jaredj> mlargh, somehow i mismanaged my occambsd build jail and my /usr/src ended up missing a fix that it seems it should have had https://emacs.ch/@jaredj/112929814364241575
12:30:32 <Ltning> Say, why is 0.0.0.0/32 the same as 127.0.0.1/32 ?
12:51:28 <Alver> Ltning: it's not
13:36:29 <EnlGmA> any updates on paris olympics 2024?
13:37:42 <regis> Updates cause blue screens :(
13:58:42 <Ltning> Alver: Well according to bsd44 as of 31 years ago, it's effectively the same. And it's in "all" IP stacks except .. Windows?
13:58:52 <Ltning> Fairly sure old NT/2000 will still have that behaviour, though.
13:59:35 <nimaje> in what way the same?
14:20:51 <Ltning> Like this: https://github.com/freebsd/freebsd-src/blob/872164f559d2637f8de30fcd9da46d9b43d24328/sys/netinet/in_pcb.c#L1312-L1331
14:21:23 <Ltning> Also, given recent news that javascript in browsers can bypass the sandbox and access resources on localhost by connecting to 0.0.0.0 ..
14:25:16 <dstolfa> Ltning: well on freebsd browser sandbox isn't really a thing (at least on chromium, i haven't checked FF but i'd be surprised if it was capsicumized)
14:27:58 <Ltning> But this is kinda bad, because any listening port is reachable via 0.0.0.0, no matter which interface the port is on.
14:28:28 <Ltning> And browsers will prevent you from talking to localhost if the javascript is remote (I don't know the exact rules or implementations here).
14:29:20 <Ltning> https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser
15:29:31 <nimaje> yep, it seems strange that 0.0.0.0 (which is something else than 0.0.0.0/32) is allowed for connect, but I can't really follow that code, it seems to connect to an arbitary ip of an arbitary interface, which could be 127.0.0.1 or something else
20:16:54 <decuser> strange and interesting world. I just pulled my inspiron 2020 all in one out of the closet and tried to install netbsd some complaining about iipxide or some such, no such complaining from freebsd.
20:17:36 <decuser> I'm trying to branch out from freebsd, but it just works and the other bsd's are so foreign :)
20:18:07 <decuser> that's what i get for trying to branch out.
20:18:34 <decuser> with icewm, my mem is at 1.66G/7.86G... trim
21:39:19 <beowuff> Update from yesterday's home assistant chat, I've got it up and running in a jail. It sees several devices on my network by default.
21:39:37 <beowuff> I don't think I'll run it here long term, because updating it would be too painful.