07:19:48 <demido> if i have zfs raid10 on root on 8 HDs, can i clean shut down, pull the HDs, put the HDs in a different server with the same specs, start that server up, and it'll boot up normally just like the other server did when the HDs were in that 1?
07:33:11 <the_oz> depends on the mode you set up the zvol with, because they have different way of labeling the drives
07:33:32 <demido> how can i check?
07:36:58 <demido> the_oz
07:37:07 <the_oz> Disk Installation and Labeling
07:37:11 <the_oz> page 16
07:37:16 <demido> ty
07:37:29 <the_oz> https://ia800501.us.archive.org/5/items/free-bsd-mastery-zfs-michael-w-lucas/FreeBSD%20Mastery%20ZFS%20-%20Michael%20W%20Lucas.pdf
07:38:38 <demido> ah i was searching handbook
07:39:09 <the_oz> yeah there are 2 books and they're both great
07:39:19 <demido> page 16 was of what?
07:39:39 <the_oz> 16th of pages
07:40:15 <demido> which book is "Disk Installation and Labeling" in?
07:40:37 <the_oz> ok you must be looking in the chapters
07:40:43 <the_oz> ummmmmm
07:41:22 <the_oz> Chapter 0: Introduction
07:42:01 <demido> ya nvm i'll wait and ask someone who isn't fucked up on drugs
07:42:09 <the_oz> the one I linked
07:42:53 <the_oz> Good day
09:45:20 <demido> smartd offer any benefits for ufs on hardware raid?
12:50:03 <dch> mzar: thanks for the PR etc for blocklist, I was skiing last week and didnt get round to it. I am not really clear how we get the new version into src/contrib/blocklist yet
12:50:07 <dch> but working on it!
12:50:47 <dch> demido: TLDR yes. just make sure you're using the same bootmethod (EFI or MBR) in the server bios.
12:52:39 <mzar> dch: we should convince emaste to import it
12:53:11 <dch> mzar: I'm hoping to learn how to do it actually
12:53:20 <dch> "how hard can it be"
12:57:17 <mzar> dch: I don't know
12:57:38 <mzar> probably you have to do something like "blocklist merge"
12:57:59 <mzar> but we have it still named "blacklist" and that's probably good
12:58:50 <mzar> maybe emaste can reveal how he applies own patches after merging last version of OpenSSH
12:59:01 <mzar> have to go for a walk, bbl
13:08:23 <dch> mzar: https://docs.freebsd.org/en/articles/committers-guide/#vendor-import-git explains it, I'm having a crack at it
13:21:15 <demido> dch what's blocklist do?
13:21:22 <dch> its super neat
13:21:52 <dch> demido: for failed connections (like smtp, or sshd) the daemon passes the file descriptor of the failed connection to blocklistd
13:22:12 <demido> is it like a generalized fail2ban for more than just sshd?
13:22:24 <dch> blocklistd tracks the number of failures by IP, and if it exceeds a configurable threshold, stores the IP in a db, and updates a pf table
13:22:54 <dch> I got swamped by an ssh password cracker last week, which already fails in pre-auth
13:23:04 <dch> and freebsd's blocklistd doesn't accommodate that
13:23:23 <demido> do you run sshd on 22?
13:23:25 <dch> so I fixed that, it worked brilliantly, and a few hours later I had my bandwidth back
13:23:26 <dch> nope
13:23:37 <dch> 2200, with custom ciphers, exclusively pubkey
13:23:47 <dch> but there were a *lot* of inbound connection attempts
13:23:48 <demido> so a "friend" found your custom port and started hammering?
13:24:00 <dch> exactly, from many many different IPs
13:24:08 <demido> fucking asshole
13:24:16 <dch> its a residential ADSL line here, so it broke things
13:24:53 <dch> this is klidl's original post on it, https://people.freebsd.org/~lidl/blacklistd.html and the new upstream is https://people.freebsd.org/~lidl/blacklistd.html
13:25:05 <dkeav> https://www.tarsnap.com/spiped.html
13:25:08 <dch> erm https://github.com/zoulasc/blocklist
13:25:45 <dch> dkeav: that is one partial solution, I am working on distributing the blocklist IPs across all servers, and thus covering more than just 1 port/attack vector
13:26:24 <dkeav> geoblocking tends to quiet things down quite a lot too
13:26:38 <demido> were the IPs isolated to a single net block or totally different?
13:28:43 <demido> would be nice to find the guy and beat him to death or pay a hooker with aids to fuck him
13:29:33 <dkeav> "allegedly"
13:29:38 <dkeav> but i like your style of vendetta
13:51:52 <dch> all over the place, lots from russian, china, usa, europe, asia, "the world"
16:34:01 <angry_vincent> Hi
22:39:56 <voy4g3r2> hello, i recently have been working with poudriere local repository and after a reset reboot i am receiving some "odd" messages: https://pastebin.com/ptcNDFT7 has anyone experienced that a poudriere local repository "started" to just NOT work anymore?
22:42:28 <mzar> voy4g3r2: do you have configured mirror_type ?
22:43:29 <voy4g3r2> yes, i have it as https
22:43:54 <voy4g3r2> https://pastebin.com/4RKS8bV8
22:47:51 <voy4g3r2> what is even more odd.. multiple jails that reference it, also have the same issue.. it is like the poudriere repo is "foobar"
22:50:38 <mzar> voy4g3r2: do you have mirrors configured ?
22:50:52 <voy4g3r2> no clue, so probably not :)
22:51:23 <mzar> so remove this lin or set type to "none"
22:52:32 <voy4g3r2> okay
22:53:00 <mzar> does it help ?
22:53:10 <voy4g3r2> nope :(
22:54:15 <mzar> so something else is wrong
22:54:24 <voy4g3r2> yeah.. it is updating the repository right now
22:54:34 <voy4g3r2> going to come back in a few hours.. it was working.. then it was not
22:54:44 <voy4g3r2> thanks for the tips.. i am going to do some more searching
22:54:55 <voy4g3r2> plus cobra kai is on.. so it will keep me out of trouble