08:07:26 <dziq> Hi.
08:12:39 <dziq> I installed a FreeBSD server. Is it normal behavior that VNET jails do not respect the PF rules defined on the host? Do VNET jails use their own packet filtering?
08:28:58 <[tj]> dziq: yes, they have their own network stack so if you give them a real interface they are like little real computers
08:32:17 <dziq> [tj]: thanks for explanation :)
08:35:20 <[tj]> I think netns would act the same way, but I've avoid learning anything about firewalling on linux
09:48:59 <crb> can to pass through usb devices to a bhyve guest
09:53:30 <[tj]> I am unsure, you can pass the entire pcie device for the usb controller through
09:57:05 <[tj]> I think pcie pass through is the best you can do right now
10:57:22 <satanist> is the py311-sqlite package currently broken? I get the error "ImportError: No module named '_sqlite3'" and google helps not mutch there are only ports related solutions (i.e. https://forums.freebsd.org/threads/sqlite3-on-python3-fails.53114/)
10:58:13 <satanist> this is freebsd 14.2 and pkg quarterly repo
11:05:44 <dch> crb: yes only by pcie device. getting a separate pcie USB hub is feasible for most desktop PCs though, but for laptops its a bit complicated.
11:06:13 <crb> super helpful, thank you
11:06:15 <dch> [tj]: any recommendations for a replacement wifi chip in my laptop, with a view to being able to test the work you're doing?
11:06:58 <dch> satanist: try asking in the #freebsd-python channel, its relatively slow response time, but much higher level of expertise
11:07:34 <[tj]> dch: if you get whatever is in the framework 13 12th gen intel then you will have the hardware in my laptop
11:08:14 <dch> [tj]: I was thinking of getting something slightly different but still in the same h/w line, to keep you busy / find different bugs
11:08:20 <dch> but I will use that as a starting point
11:08:34 <dch> satanist: it works fine for me here,
11:08:42 <[tj]> I have 8 interfaces that should be supported
11:09:08 <dch> https://www.irccloud.com/pastebin/QWaunZVz/squeal-lite
11:09:32 <dch> satanist: anyway I suggest you post your uname -a, pkg info, and exactly what happens during import.
11:10:03 <satanist> dch: thank, I'll ask in #freebsd-python
11:10:20 <dch> this is widely enough used that I would expect something in bugs.freebsd.org
11:10:38 <satanist> I haven't found something on bugs.freebsd.org
11:11:37 <dch> I see no new commits on ports latest, and on bugs there is nothing significant https://bugs.freebsd.org/bugzilla/buglist.cgi?quicksearch=sqlite3
11:15:09 <satanist> ah I fucked up and installed the package on the host not in the jail
11:15:19 <satanist> sorry for the noice
12:50:13 <dch> no worries :D
13:37:16 <Demosthenex> ok, so if i'm at 13.2, should i upgrade to 13.3 before going to 13.4, or just upgrade straight to 13.4?
13:49:23 <phryk> geli attack
13:50:06 <phryk> Also, what's the RW-DETACH flag for geli? Seeing it on one of my partitions, but pretty sure I didn't specify that.
15:32:26 <phryk> Can I append to PATH (i.e. PATH=/foo:$PATH) in a user crontab?
15:36:53 <kevans> I don't believe we do any kind of variable expansion there
15:40:58 <phryk> mhh, seems to work. OTOH i currently only call executables in the prepended directory in this crontab.
15:41:32 <phryk> lemme see if i can get a look at it
15:44:01 <phryk> ah yes, $PATH is just a literal in there.
15:44:01 <kevans> env > /tmp/env.out early on in the script just to confirm?
15:44:04 <kevans> ah
15:44:16 <phryk> echo $PATH, but yes
15:44:29 <kevans> you should still be able to do it for individual cron entries, though
15:45:07 <kevans> I /think/ it's purely interpreted by teh shell
15:45:52 <phryk> yeah, but crontabs on this system will pretty much exclusively only call one program, so it should be defined for the entire crontabs anyhow. :)
15:49:23 <phryk> wrote a little backup tool, this machine will collate and verify backups (from multiple machines in the medium-to-long run) and everything is run from cron. also has some niceties like outputting prometheus metrics.
15:51:12 <phryk> and neat, i don't even have to set PYTHONPATH for it to find the library code in ~/.local/lib/python*. so i can have my tool cleanly separated from the rest of the system with pip install --user without having to maintain yet another environment.
16:54:59 <gt> since sony picke freebsd up for the playstation, have they contributed back to the project? either through donations or code
16:55:21 <gt> s/picke/picked
17:36:39 <Demosthenex> so i haven't updated in a while, and looking at my procedure to update my EFI loader. it appears maybe it wasn't updated last time? https://dpaste.org/UjpDK/raw
17:37:03 <Demosthenex> i did strings on the loaders and the strings match, but the cksums dont, so how can i tell what version the loaders are?
18:12:18 <Soni> we would like to propose an experiment called "AF_IPSEC_LEGACY + AF_IPSEC"
18:16:11 <Soni> it would basically provide an API somewhat similar to this https://developer.android.com/reference/android/net/IpSecManager but it'd look a lot more like regular sockets, you'd create a socket, bind with a private key + address, connect with a public key + address, etc
18:16:47 <Soni> (well, the actual name of the experiment would be "IPsec as an address family")
18:17:45 <Soni> for more context: https://mailarchive.ietf.org/arch/msg/ipsec/u-GM9QQiwXa5TNhd5K4Y68O9Q2Y/
18:40:44 <skered> pf firewall last match wins right?
19:41:14 <scoobybejesus> except for with quick
21:49:43 <lts> Read that as "fireball" and went directly to 8d6 space
21:50:14 <lts> Devastating effect in any case
22:56:58 <wildeboskat> Is there any way I can find a log of what was done last time pkg upgrade ran?
22:57:12 <wildeboskat> Something is broken since then and I'm having trouble finding the cause
23:04:08 <wildeboskat> Oof I got it
23:04:12 <wildeboskat> It was something with libccid