if i have zfs raid10 on root on 8 HDs, can i clean shut down, pull the HDs, put the HDs in a different server with the same specs, start that server up, and it'll boot up normally just like the other server did when the HDs were in that 1?

depends on the mode you set up the zvol with, because they have different way of labeling the drives

how can i check?

the_oz

Disk Installation and Labeling

page 16

ty

ah i was searching handbook

yeah there are 2 books and they're both great

page 16 was of what?

16th of pages

which book is "Disk Installation and Labeling" in?

ok you must be looking in the chapters

ummmmmm

Chapter 0: Introduction

ya nvm i'll wait and ask someone who isn't fucked up on drugs

the one I linked

Good day

smartd offer any benefits for ufs on hardware raid?

mzar: thanks for the PR etc for blocklist, I was skiing last week and didnt get round to it. I am not really clear how we get the new version into src/contrib/blocklist yet

but working on it!

demido: TLDR yes. just make sure you're using the same bootmethod (EFI or MBR) in the server bios.

dch: we should convince emaste to import it

mzar: I'm hoping to learn how to do it actually

"how hard can it be"

dch: I don't know

probably you have to do something like "blocklist merge"

but we have it still named "blacklist" and that's probably good

maybe emaste can reveal how he applies own patches after merging last version of OpenSSH

have to go for a walk, bbl

mzar: docs.freebsd.org/en/articles/committers-guide/#vendor-import-git explains it, I'm having a crack at it

dch what's blocklist do?

its super neat

demido: for failed connections (like smtp, or sshd) the daemon passes the file descriptor of the failed connection to blocklistd

is it like a generalized fail2ban for more than just sshd?

blocklistd tracks the number of failures by IP, and if it exceeds a configurable threshold, stores the IP in a db, and updates a pf table

I got swamped by an ssh password cracker last week, which already fails in pre-auth

and freebsd's blocklistd doesn't accommodate that

do you run sshd on 22?

so I fixed that, it worked brilliantly, and a few hours later I had my bandwidth back

nope

2200, with custom ciphers, exclusively pubkey

but there were a *lot* of inbound connection attempts

so a "friend" found your custom port and started hammering?

exactly, from many many different IPs

fucking asshole

its a residential ADSL line here, so it broke things

this is klidl's original post on it, people.freebsd.org/~lidl/blacklistd.html and the new upstream is people.freebsd.org/~lidl/blacklistd.html

erm github.com/zoulasc/blocklist

dkeav: that is one partial solution, I am working on distributing the blocklist IPs across all servers, and thus covering more than just 1 port/attack vector

geoblocking tends to quiet things down quite a lot too

were the IPs isolated to a single net block or totally different?

would be nice to find the guy and beat him to death or pay a hooker with aids to fuck him

"allegedly"

but i like your style of vendetta

all over the place, lots from russian, china, usa, europe, asia, "the world"

Hi

hello, i recently have been working with poudriere local repository and after a reset reboot i am receiving some "odd" messages: pastebin.com/ptcNDFT7 has anyone experienced that a poudriere local repository "started" to just NOT work anymore?

voy4g3r2: do you have configured mirror_type ?

yes, i have it as https

what is even more odd.. multiple jails that reference it, also have the same issue.. it is like the poudriere repo is "foobar"

voy4g3r2: do you have mirrors configured ?

no clue, so probably not :)

so remove this lin or set type to "none"

okay

does it help ?

nope :(

so something else is wrong

yeah.. it is updating the repository right now

going to come back in a few hours.. it was working.. then it was not

thanks for the tips.. i am going to do some more searching

plus cobra kai is on.. so it will keep me out of trouble