I am cleaning up. To look for packages to remove, how can I have a list of dependent packages?

luke_jobless_sb: you can use pkg info -r or pkg info -f

both require passing the package you are referring too

do a man pkg-info which will give you a little more details and options you can tweak

voy4g3r2: thank you

does anyone know any drawback if i disable aws ssm-user?

Hi. I am running freebsd 14.1 unfortunately (maybe) I want to use datadog for monitoring and Im not sure how to best "attack" this. My first thought was using a port but this was deprecated and after deleting the third line that sets "size" for a given package in the Makefile I thought better of it. I tried to build from source but datadog somehow managed to make that not so easy even though I

thought this agent was written in go its a ball of python code to get it to build. Then I remembered that freebsd now has a build of podman so I could maybe run it via podman but when I tried that I fail with privatebin.net/?dc6b894d502d5a8b#EP…95zHFSZ59HHuv34fgo2AnJKB37DdVoev7i8 . Anyhow so this is my step back. Im a noob at FreeBsd as you can tell so I need some advice as to

viable/fewest hacks route ways to attack this I think.

bbsl: that looks like your podman environment isn't clean/ready

Are you doing this on a plain host or in a jail?

Alver: Podman Im trying to make work via plain host. I didnt reboot yet (perhaps I should) but I followed the FreeBsd section here podman.io/docs/installation to set it up

Also it wasnt clear to me why podman needs to run in the background via a service. I thought on linux that was one of the main selling points of podman, that it didnt need a "daemon" but I might be misunderstading whats happening on FreeBsd also in addition to why :o)

Anyways if I can run datadog-agent via podman that solves my problems (except it runs as root which I guess is not great perhaps) but if there are less hacky solutions that are more in line with how one would solve this on FreeBsd please share those.

I actually wonder, how does one get a manpage on a specific shell builtin?

I guess it's all in 1 big page for the shell itself?

Depends on the shell. Bash has "help" so you can type something like: "help declare" and it'll output the bit about the declare option.

zsh has `man zshbuiltins`

is Dragon RTL8125BG supported out of the box?

If you're going to use zsh, you may as well just go full retard: ohmyz.sh

(It prolly also means you're an emacs person.)

didn't know about that domain hack... spiffy

domain hack?

ohmyz.sh en.wikipedia.org/wiki/Domain_hack

it says flicker uses south korea for the domain flic.kr

as I'm old, i knew the guy who sold ing.com to ing. he used to have a machine called scream.ing.com :-)

awesome

I used to work for EMC. . . part of emc i worked for was formerly DataGeneral. .

Most of our lab shit still used dg.com sub-domaims and dg.com itself redirected to emc.com publically

An EMC salesman, w/o auth "sold" dg.com to DollarGeneral.

This kicked-off shit-storm of work for us.

CrtxReavr: Never worked "for" them but used multiple Symms, and CLARiiON's over my career heheh

whoa

Most of the clariion devs were old DG/UX coders.

Huge tallents

heh.. Yeah

I was at AT&T at the time..

Was an honor just to see them work, let alone collaborate with them and actually teach 'em a few tricks.

They had mad stories.

Indeed

NCR storage people had some wild stories too

I spent tine there in the 90's

DG/UX had some really cutting edge features that either inpired other platforms or were sadly lost to time and media misdirection.

First OS to use a memory FS for /dev/

the Clariion Disks arrays ... memories. When I was at SGI we have the v1 RAID-3 only model, DB-9 fibre channel. I went through 4 generations of those disk arrays :-)

I would connect two full racks to one SGI, and mirror across them so I could safely update their firmware, used XLV/XFS which was pretty good for the era

Had a service wrapper kernel module that could Make any TCP based service fault tollerant with their NUMA tech.

«I've seen things you people wouldn't believe...»

yeah, and now gone like tears in the rain ... :-)

Not sure if anyone else is running much on any arm64 boxes with freebsd but I've been pleased currently even with some limited hardware ...

Tenkawa: nice to hear!

Hecate: yeah the RK3588 working actually came as a surprise

Tenkawa: it looks like a lovely thing! What's the use?

Hecate: I am a hobbyist now that I'm retired... My old career though was db/os building/devel

I do this for fun and to stay up to date

I'm curious to see if I can get one of my RISC-V machines running on it too heh...

i am going to give the latest on AWS a try today on graviton and see how it behaves

aquamo4k: ssm-user is confuses me for process view. it sticks to my jail activities. i wonder if there we have any drawback of disabling ssm-user

aquamo4k: works beautiful beside this

before a reinvenion of wheel, is there any configuration of partial parallel starts of jails?

I have a governing jail that should start first and all others in parallel

luke_jobless_sb: depend?

luke: =D haha

anyone here who is good at IPFW?

Probably better to ask your question, vs. take a poll.

Oct 22 00:00:25 MyComp kernel: ipfw: 65500 Deny UDP 192.168.1.1:45824 192.168.1.255:7788 in via em0

got em in /var/log/security every min.

pastbin your 'ipfw show' output.

192.168.1.1 is your ip?

default gateway

So not your FreeBSD host?

WAN-Router-Server

nope

This an AWS instance?

I found a few hits for 7788

arp -an | fgrep 192.168.1.1

Unreal, Quicktime, and 1 trojan

(trojan attempt)

TCP has more but those were the main UDP packet types

dandyn: what is your issue? are you concerned about this blocked broadcast? want to link it with service? disappointed with IPFW filtering it? or anything else?

I wanna know what it is.

:)

I dont have unreal, Quicktime, or trojan on a new installed freebsd 14.1

ha.. then fire up sniffer, like tcpdump or wireshark, catch this datagram and let us know

I saw a lot of hits about different network devices sending 7788/udp broadcasts every minute.

Mono uses it too

yeah Asus

asus router yes

but this is ydp?

udp

yeah Asus uses udp plenty

okok

broadcast won't work for tcp, so udp is reasonable choice

indeed

spray and pray

there is a lot of noise in network, it resembles me white noise

CrtxReavr: they say tcp.. but this is UDP hmm..

in your link

this is as far as I have come too

but maybe like mzar said, sniff it

any sinple lightweight sniffer?

I think it's a nothing burger.

If it bothers you, smash router.

:)

dandyn: you don't have a Netgear sitting in there somewhere too do you?

nope

Ok.. they use it too

I see

so lan IP ...1.1 is default gateway, what is ...1.255 ?

what might that be?

the gateway in this case is dhcp server "asus router" yes?

if it is /24 then 255 is the whole network.

Ok.. that doc didn't list it but I found another that says it is used on tcp "and" udp

for minimally the asus RT-AX56U

possibly others

"192.168.1.255 is a private IP address and directly related to your Wi-Fi network. It is the chain of numbers you use to access the router admin page."

(that showed up in a firmware update)

192.168.1.255 is a (old terminology) bclass c broadcast ip

s/bclass/class

That's likely the broadcast ip for your lan.

ifconfig would tell us

indeed

you use bash?

alias tb='ncat termbin.com 9999'

broadcast 192.168.1.255

ifconfig | tb

tb not found :)

15:29 < CrtxReavr> alias tb='ncat termbin.com 9999'

aha sorry

Just an easy way to pastebin from the cli

cool

it'll print a simple url you can share

ok so it has something to to with default gateway IP and broadcast IP, and thereby the router?

yes, the router is broadcasting looking for friends

aha :)

yeah. . . whatever this service is. . .

okok, how can I stop it from fill up the /log/security file?

BTW, it's a router, not a gateway. . . gateway is sloppy and imprecise in 99.99% of cases.

can we ignore it somehow?

you could add a silent drop for it.

that sounds interesting

where can I read about that?

"silent drop"

you can beging with "man ipfw"

aye :)

thnx all!

A rule without 'log' keyword is a silent rule.

(apparently). I am no ipfw expert.

caveat emptor etc

dandyn, this looks like a good guide adminbyaccident.com/freebsd/how-to-…figure-the-ipfw-firewall-on-freebsd

thnx <3

i just realised we now have support for enforced .1q tagging on SR-IOV PF interfaces, which means SR-IOV support is no longer completely useless

(added back in May, but i missed it)

Any AppJail users here? I'm trying it out, but I ran into a problem.

my keyboard wont work with freebed but works with one if i add it via usb

on laptop

rough

tl;dr trying to make a Linux jail with a ':<random>' vnet gives me 'ifconfig: interface 251cb06c45d does not exist'

unrelated, i'm getting a very strange error from buildworld that i don't understand: 0x0.st/XlCr.txt

it seems like something failed but it didn't print/log the failing command?

hmm, deleting <objdir>/tmp fixed it but that should not be necessary, need to debug this more after this build is done