05:44:16 FYI, still an ftp issue, and it also affects the website apparently when you go to download via http (after selecting a version, you go to this URL, which hangs until timeout: https://www.freebsd.org/where/) 05:45:01 East coast the server in question is 96.47.72.116/ftp0.nyi.freebsd.org 05:46:40 From a west coast VPS (SEA) I get a different server (204.15.11.67/ftp0.tuk.freebsd.org), which is reachable, but it just immediately closes the connection. 05:47:08 (specifically this error: 421 Service not available, remote server has closed connection.) 05:48:31 It's kind of odd there's no links to mirrors or the http download site on any pages linked from the "Get FreeBSD" menu item on the main FreeBSD website. 05:52:23 It would be good if whoever has control of the GeoDNS would drop the bad mirrors routing over to known good ones. No idea who that would be in the project though. 06:01:11 Kind of odd the east coast one is down as that's in their main NYI datacenter (if the hostname is to be believed). 07:22:44 Due to multiple mirrors having been identified as offline I doubt it is a datacenter problem. More likely it is a server side problem. 07:31:13 My ThinkPad has an atheros WLAN chip that is just out of the range man says is supported. I don't need openbsd as much as to write the driver myself, but would be happy to know when to check again. 09:42:05 mane yes, sup? 09:43:45 antranigv_: nothing atm xD 09:43:54 I think I solved my current issues 09:44:19 But you could tell me how to make my bad send mails to gamail 09:44:38 Teach me even 09:59:05 lw: btw, ip-transparent worked 10:48:12 hi, is there a way to separate cwd's of different threads within one process? on linux this can be done with unshare(CLONE_FS) 11:35:53 /28/54 12:53:52 good morning 12:56:39 Morning 13:01:29 EHLO 13:06:56 I need to get vscode working on FreeBSD 14.1. What are my options? 13:09:37 pkg install editors/vscode 13:18:33 holy gyatt it works just out of the box 13:18:41 maybe because I switched from quarterly to latest 13:23:57 🤷 18:16:17 Hi, do you recommend using autotools for packaging or just vanilla Makefiles? I have done my research. I want to know your opinions. 18:20:12 spmzt: I'm all for simplicity. 18:26:49 spmzt, It depends upon who is consuming your project code. I mostly use autoconf+automake (never libtool) to produce full featured Makefiles very simply. 18:27:43 Years ago I wrote a now ancient article which is my personal guide to using them simply which I guess I need to update now. https://www.proulx.com/~bob/doc/HOWTO-autotools.html 18:28:41 mason: that's what I thought first. Feels like unnecessary layer of indirection. But I have to learn it know for some reason... 18:29:15 rwp: Thanks! I will read your article now. 18:29:47 *now 18:33:25 Any tips on how to get a FreeBSD 14.1 VM running under 13.3 bhyve? Install worked but boot fails with a very odd message: 18:34:01 "zfs: unsupported feature: com.klarasystems:vdev_zaps_v2" 18:34:31 Googling that talks about a mismatch in boot blocks, but I literally just completed the 14.1 install, so I don't see how it can be outdated. 18:35:16 What's the backing store for the VM on 13.3? Are you using a zvol or a disk image raw file or? 18:35:37 For bhyve's "loader" I'm using "bhyveload" (I'm not really finding docs on which loader is used in which circumstances, I assume "bhyveload" for FreeBSD, "grub" for Linux, and the EFI stuff for graphical installs) 18:35:43 zvol 18:36:58 This is a very fuzzy area in my knowledge but I have been trying to understand it myself too. 18:37:03 I think the bhyveload method is taking a shortcut in that it is not creating a VM that is actually rebooting but is instead directly loading the VM kernel. Which causes the problem you are seeing when there are mismatched features. 18:37:20 spork_css: UEFI is for anything, bhyveload is an alternative specifically for FreeBSD which isn't really needed nowadays (although there's no harm in using it) 18:37:23 I think you need to use the newer 14 bhyveload on the older 13 bhyve in order to get this feature. I think. 18:38:25 That's the other option. Use uefi to boot. Possibly grub. Myself I don't like UEFI and so I would attempt grub first to get a legacy bios boot structure. But then try uefi. 18:39:39 Just for background are you using bhyve or a helper such as vm-bhyve? 19:21:47 rwp: I want to understand, why you don't use libtool? because of pkg-config or what? 19:33:05 spork_css: depending on what you're doing with that 14.1 VM, maybe use UFS instead of ZFS, if the bhyve host is on an older version of ZFS. ZFS on ZFS isn't that useful either iirc 19:50:24 spmzt, I don't like libtool. I think its main use is to support rpath which is a feature I think should never be used. So I don't use it. 19:50:59 But automake is useful because it allows a vary simple template to be expanded into a full featured Makefile. I like that so I do use it. 19:51:41 I don't have anything particularly against people maintaining their own full featured Makefile by hand. That's fine. But it's a lot of characters in the file that I would rather generate. 19:52:23 And if using automake then using autoconf supports automake most efficiently. And the combination then runs pretty much everywhere. 20:39:44 it seems wireguard doesn't attempt to reconnect when the initial attempt fails 20:40:04 so change of carrier, or after waking from suspend and reconnecting to wifi causes wireguard to break until you forcefully restart it 20:40:11 this is the kernel module and not wireguard-go 20:40:18 anyone having the same issue? 20:51:28 hi polarian , I don't have this issue on OpenBSD, must be FreeBSD specific. Haven't tried doing wireguard on that yet 20:51:45 hopefully people who use it daily can chime in 20:51:58 I will go to ML then 20:52:05 if I remember to :P 20:52:12 I have a lot of emails to write :( 20:52:54 https://unix.stackexchange.com/questions/313832/how-to-clone-and-extend-to-new-disk-in-freebsd <--this looks pretty sound 20:53:55 polarian: I can't confirm neither reproduce this 20:54:14 after wakeup wirguard works 20:54:16 mzar: if you disconnect from wifi and then reconnect, does your tunnel work again? 20:54:30 my wireguard tunnel never handshakes again... 20:54:39 moreover, there is no "connection" in wireguard 20:54:42 if I disable the tunnel the carrier works just fine 20:54:57 it just sends/receives encrypted packets 20:55:13 mzar: apologies yes... my point is when it it fails to handshake, it doesn't appear to attend a handshake again 20:55:36 maybe I should set a PersistentKeepalive 20:57:22 polarian: when I bring wlan0 down and up again, wireguard just works 20:57:36 good point 20:58:49 wtf? 20:58:59 let me try again 20:59:46 polarian: how do you find FreeBSD ? is it usable OS ? 21:01:10 weird it worked now... it was becoming painful at uni... 21:01:15 nope it didn't... 21:01:18 hello CCFL_Man, do you still run this infrasond monitorig on FreeBSD 21:01:25 it worked for 2-3 seconds after wlan0 came back up, and then nothing... 21:01:28 all packets dropped... 21:01:41 had to restart wireguard 21:02:15 that's sad story polarian, your wireguard setup seems to be borked 21:02:31 mzar: freebsd works decently wifi is a little annoying as I have to adjust the flags for wlan0 (remove WPA when in public and then add it again at home) 21:02:54 mzar: no clue why... works just fine on my phone and my server has no issues... 21:03:24 it's most likely the keep alive. If it's not there the connection might need to redone 21:03:45 mzar: i have not started yet. i realized the modifications i made to get Earthworm to build on FreeBSD might have broken things 21:03:47 I am aiming for always on vpn on my laptop but finding it difficult to find a way to do this on LAN 21:04:04 all packets should go via wireguard, but the carrier default gateway takes priority 21:04:25 if there are nat/firewall steps in between peers and there is a long disruption (e.g., sleep) then the connection might fail 21:04:26 I can disable DHCP but then that means manually configuring wifi... which isn't ideal 21:04:37 I can't remove the default route... or modify it as freebsd blocks it 21:05:15 CCFL_Man: that's sad story, IIRC we were testing the OS upgrade and ended fine fine buils for FreeBSD 12 or 13 ? 21:05:15 ignore me, that's not the problem here 21:05:58 the common trick is for your vpn to push 0.0.0.0/1 where your default gateway is 0.0.0.0/0 21:06:33 in wireguard "PersistentKeepAlive " is important for clients behind NAT 21:08:50 it's nice to see you guys using FreeBSD and troubleshooting it, but it's getting late here, so Good Night 21:09:10 night mzar sleep well 21:10:11 daemon: wg-up uses 0.0.0.0/1 already 21:10:32 that is a narrower scope that your default gateway so should take priority 21:10:50 connect to the vpn and pastebin/pastee a netstat -rn 21:11:11 I rather not netstat as it contains my IPs :) 21:11:23 change them a bit so they are still sane but not yours 21:11:23 0.0.0.0/1 goes via wg0 21:11:33 192.168.2.0/24 goes via wlan0 21:11:38 192.168.2.0/24 needs to go via wg0 too 21:11:52 it sounds stupid but I cant do always on vpn if my laptop cant talk to my server properly 21:12:17 plus its to overlay WPA encryption on wifi... wireguard adds an extra layer to secure the carrier 21:12:21 I mean you could add a static route to it via your wifi/lan adapter 21:12:29 my router is also the vpn server :) 21:12:35 ah 21:12:46 but it needs to come in on the wg0 interface 21:13:11 but I dont see any way to set route priority on freebsd... 21:13:14 I know how to do this on linux... 21:13:51 this is solvable, but I would just get a cheap vps and make that the vpn master. Stick your nameservers, webserver and znc on it too; it just makes life easier 21:14:06 then all your devices are its client 21:14:16 lol 21:14:32 this problem will be solved when I stop doing a hairpin nat 21:14:42 will certainly help 21:14:48 though it really does sound like a routing issu 21:14:49 e 21:14:56 due to lack of money I stuck wifi and server on the same subnet... my new server is on a separate subnet 21:15:07 but the thing is though... the packets going via wifi... should still be wireguarded 21:15:21 I am using old APs... can I trust the WPA on them? no 21:15:32 WPA2? 21:15:36 yes... 21:15:41 but the APs are not security patched 21:15:49 and call home to tenda last I checked 21:16:07 block that on your gateway 21:16:11 I *could* buy new APs but that would landfill my current APs and also cost me money 21:16:19 daemon: issue is some wifi users dont want to use wg 21:16:29 I don't blame them 21:16:30 I want wg as an optional security improvement for my devices, and not affect other devices :) 21:16:43 on my phone this was simple, always on vpn setting on android will instantly do this for me 21:16:55 all packets will ALWAYS go via wireguard 21:17:38 so ... if you are disconnected from lan and wireless, and you connect lan and the connect to the vpn all is good, but if you then enable wireless and disconnect from the lan, then the route gets knackard? 21:33:06 daemon: no this has nothing to do with the route 21:34:16 if you are talking about the loss of network... if wireguard is started AFTER the link is up, it wireguard functions fine apart from the fact LAN packets dont get tunneled (which I want them to), if the link changes, or goes down and up... wireguard doesn't handshake again and ALL packets are dropped until wireguard is disabled (packets go via wlan0) or restarted (handshakes again and goes via 21:34:18 wg0) 22:03:36 polarian: why not use a separate subnet for your server/wg-accessible subnet and your lan? 22:05:04 if you have a decent wiwi adaptor you can make FBSD your AP. I did this a lonmg time ago until I needed N and no adaptors that FBSD had drivers for supported it... yeah lonmg time ago 22:05:40 (stupid keyboard cannot type/spell) 22:06:09 @lw, @rwp, @vortexx: I'm so sorry, my ADD is a mess and I got lost over here... I'm using "bmd" (https://github.com/yuichiro-naito/bmd) and since this is test/dev stuff (to see what 14.x brings) and all our physical hosts/jails use zfs I wanted zfs in here as well... 22:07:06 jmnbtslsQE: the server is on the same subnet as the wifi ap (unfortunately this will be fixed in the future) the wireguard interface has its own subnet, the router allows wireguard packets to enter the server/wifi subnet again, the reason for this is because the server is connected over ethernet (intercepting this would be difficult as you would need to be on site, however wifi encryption is not 22:07:07 I'm going to try UEFI and grub, whichever can get me a non-gui console like bhyveload does... 22:07:08 the most reliable, so as a little side hussle I was trying to set it up so that my laptop will tunnel all its packets to the router, and have the router pass the packets back into the subnet to the server... this then has the wireguard encryption ontop of the WPA for higher carrier security 22:07:19 different subnet, good idea. I typically use FBSD as routing firewall and turn off alll that on the AP so that means AP to your net goes through ipfw or whatever you want 22:08:08 problem is because dhcp advertises a /24 subnet, my laptop sees the servers directly, and the default firewall rule added by dhcp is matched to first, packets should go directly to the server and do not even need to go to the router... the solution would be to change it to /32 but then that means manually setting the IP 22:08:40 the ideal would be to set the wg0 link as priority... this means when wg0 is down the packets will pass freely through the normal route, but when its up ALL packets, including LAN, should be sent out via wg0 22:08:57 can DHCP be served by FBSD? (I do that) 22:08:57 hope that makes sense :) 22:09:10 ??? 22:09:19 I am not sure what you are getting at here, sorry... 22:09:20 then you can do what you want wit it 22:09:49 I think I'm using isc-dhcpd 22:10:00 shbrngdo: yes, you can run a dhcp daemon with freebsd 22:10:40 if my work was not married to M$ and demanded at least Ubuntu (so that they can install Intune and other assorted spyware), I would still happily run FreeBSD on my work machine. It was an Optiplex desktop where everything worked. 22:11:06 topcat001: run your ubuntu in a vm 22:11:26 if the wiwi talks to your net on 10.0.1/24 and everything else is 10.0.2/24, FBSD serves up 2 DHCP's, one for each assuming multi-homed. If not then yerah 1 adaptor 1 DHCP 22:11:31 🙃 22:12:14 nhot saying VLAN, nope, not going there 22:12:32 Actually I tried, and it was mostly fine, but the problem I had is that I needed to run Edge (yes I know) for Teams video meetings on Ubuntu (enforced), and that did not work reliably work in a vm rtprio 22:12:45 ah, that's a shame 22:13:20 I'm still not done with that; technically camera/audio passthrough should work. Perhaps it's my inexperience 22:13:34 Edge <3 22:13:38 can teams use chrome or is it too tied to winders... [ 22:14:00 it can't because only Edge supports Intune/MDM auth 22:14:41 it's horrible, but much less horrible than being forced to run Win11 (that is truly horrible) 22:15:25 I love generally how snappy FBSD is. When hardware is good, it's really efficient. 22:15:52 figures. yet another reason. Winders is angeringg me a lot lately. Porting perfectly good Linux code ito winders application, and naturally it has firewall and driver issues tha I'm slowly fixing. No "howto" eithe, HOURS of plowing through docs for that one line of magic incantation code 22:16:23 shbrngdo: I think you are misunderstanding what I am looking for... I simply want FreeBSD to defaultly send all packets via wg0 route and not via wlan0 when wg0 is up 22:16:51 then to form the always on vpn I just block all traffic on wlan0 apart from wireguard 22:17:02 hmmm so the route prio on wg0 needs to be a smaller number 22:17:24 indeed, but I dont know how to work with poute prio on freebsd and I couldnt find anything in the handbook (unless im blind) 22:17:33 that was the issue I mentioned somewhere above :P 22:17:56 I don't think FBSD is measurably slower than Linux in my use cases; often faster. However, I'm splitting hairs here. Windows is typically much slower (because of $reason but I couldn't care less) 22:24:23 polarian: but the router is also on this subnet ? 22:24:42 hmmm I am confusing BSD's route with Linux it seems. Well maybe when the iface you want is available, maybe do a route change defauklt (et.)? 22:25:25 yeah, not sure if freebsd supports route metric 22:25:52 so far looks like no, unfortunately 22:28:15 polarian: i haven't used wireguard but not sure how it ever worked if you are routing the subnet (that includes the outer wireguard endpoint) via the wireguard interface (via its subnet/inner endpoint) 22:28:32 as far as i know, failing over to the non-wireguard would require manually changing the routes 22:29:31 or really, just adding/deleting the subnet from the wireguard interface, and ensuring the remote outer endpoint of the wireguard tunnel is still routed over the lan 22:29:56 much easier if you just change your subnets, even if it's just to split your 2.0/24 to a 2.0/25 22:31:16 hmm well i guess there is still some manual work involved in that case 22:32:58 jmnbtslsQE: it is on both subnets, yes 22:33:39 also this is not wireguard specific, this is a matter of the routing table 22:33:58 if you were doing ip forwarding it would be the same process 22:37:27 another nice trick to isolate an AP, use its WAN port to connect to your other subnet. subnet 1 on wifi, 2 on LAN, AP does dhcp for subnet 1, FBSD for subnet 2. just a thought 22:37:54 it sounds like a devd script would be enough to set your routes automatically when the wireguard tunnel goes up or down, but i haven't done much with devd 22:38:44 yes - devd event stuff. I have only used it to alter perms on USB devices but yeah it is powerful like that 22:39:05 also I have thought about adding/deleting the route, but freebsd doesn't allow you 22:40:32 well you set the gateway in rc.conf probably. you might wander through the /etc/rc.d scripts to see how they work 22:40:44 polarian: i've never seen that. what happens when you try? 22:41:41 not running as root? Just thought I'd ask... 22:42:48 it was as root 22:42:55 I cant remember though... not able to attempt rn 22:43:47 OK, i guess try again later and post here. i don't see any reason you cannot change the routes 22:49:40 @lw, @rwp, @vortexx: thanks to you all, and just a follow-up, doing a reinstall and using UEFI worked seamlessly, still a little curious about "bhyveloader" and why all these options are necessary compared to something like vmware... 22:52:58 spork_css: yw, glad you got it working 22:53:53 there's #bhyve btw for all things bhyve. I don't often hear of people using bhyveload, that was maybe the first way to boot anything when bhyve was developed, but now people just boot on UEFI 22:55:42 spork_css, Good deal! Glad to hear you have a good result. 22:56:38 I am fuzzy on this so take this with caution but I think, not sure but think, that instead of emulating the reset behavior of the machine completely that they skip over that part and jump right to loading the kernel and then jumping to it. 22:57:26 Normally an x86 system at reset jumps to FFFF:0000 (oh I know that's almost but not quite right, let me be fuzzy here) in 16-bit mode. It has 16 bytes of 16-bit opcodes available to execute there. 22:58:16 That is usually 16-bit machine opcodes to jump to a 256 byte block of 16-bit code. Which then traps to 32-bit or 64-bit native machine code. Which then loads the initial system loader. Which then loads the next phase of the boot. 22:59:13 That's all emulated exactly by KVM and VMware and all of the rest. But in bhyvve using bhyveloader I think they thought, why go through all of that messy stuff? We are running 64-bit native now. It's going to eventually be running 64-bit native. Let's just load the BSD kernel and jump there from here directly. 22:59:33 Not completely sure mind you but pretty sure this is what is happening with bhyveloader. 22:59:57 Meanwhile the uefi loader does emulate that all exactly. Which is why it's the generic way to boot random generic systems which can boot UEFI. 23:02:26 Now *I* don't like UEFI and if Legacy BIOS booting is available I will choose it. Which when using bhyve to boot Linux systems the grub method works well because it sets up a Legacy BIOS boot environment. 23:32:10 For VMs most of the time BIOS is sufficient 23:32:52 I only have a few Win11 testing vms (work requirement) on uefi 23:53:28 rwp: sounds about right, I got a little bit of a needed refresh on PC booting recently by watching far too many youtube videos from a guy that does retro-computing repairs