03:12:55 Does anyone know of a library that exposes something similar to Linux futexes, using something like _umtx_op 07:55:50 dgeo: still having issues? 07:57:23 dgeo: from my scaleway vm I have no trouble, so its probably your ISP 08:01:34 dch: yes 08:03:07 can you share output of `drill www.freebsd.org` , `traceroute www.freebsd.org` & `curl -4vsSLo /dev/null https://www.freebsd.org/` ? 08:03:20 just in case its geodns in freebsd cluster behaving badly 08:03:53 ;; ANSWER SECTION: 08:03:54 www.freebsd.org. 10 IN CNAME web.geo.freebsd.org. 08:03:54 web.geo.freebsd.org. 150 IN A 96.47.72.77 08:05:06 * dgeo mtr -4nt www.freebsd.org 08:05:24 1. (waiting for reply) 08:05:24 2. 147.94.19.209 7.1% 14 0.1 0.1 0.1 0.3 0.1 08:05:27 3. 193.51.105.249 0.0% 14 0.4 0.4 0.2 0.5 0.1 08:05:30 4. 10.4.61.11 0.0% 14 1.0 0.9 0.7 1.3 0.2 08:05:33 5. 193.55.205.167 0.0% 14 26.5 2.7 0.4 26.5 6.9 08:05:36 6. 193.55.205.166 0.0% 14 1.1 1.3 0.9 3.5 0.7 08:05:40 7. 193.55.205.0 0.0% 14 3.4 1.8 0.8 5.4 1.3 08:05:43 8. 193.51.180.128 0.0% 14 4.9 5.2 4.9 5.4 0.2 08:05:46 9. 77.95.71.77 0.0% 14 9.3 10.2 9.3 19.4 2.7 08:05:49 10. 64.125.29.94 0.0% 14 91.8 91.9 91.8 92.2 0.1 08:05:52 11. 208.184.34.238 0.0% 14 88.1 88.0 88.0 88.4 0.1 08:05:55 12. 96.47.77.210 0.0% 14 88.3 89.0 88.2 98.9 2.8 08:05:58 13. 96.47.66.42 0.0% 14 88.4 88.4 88.0 89.8 0.5 08:06:01 14. (waiting for reply) 08:07:10 dgeo% curl -4vsSLo /dev/null https://www.freebsd.org/ 1 08:07:13 * Host www.freebsd.org:443 was resolved. 1 08:07:16 * IPv6: (none) 1 08:07:19 * IPv4: 96.47.72.77 1 08:07:22 * Trying 96.47.72.77:443... 1 08:07:25 * connect to 96.47.72.77 port 443 from 147.94.19.169 port 49516 failed: Operation timed out 1 08:07:28 * Failed to connect to www.freebsd.org port 443 after 75067 ms: Could not connect to server 08:07:31 * closing connection #0 08:07:34 curl: (28) Failed to connect to www.freebsd.org port 443 after 75067 ms: Could not connect to server 08:08:24 other people using the same isp (RENATER / AS2200) have the same problem, other ISPs behave differently 08:08:48 please use some pastebin next time 08:09:56 RENATER's support saw the traceroute and told me the problem must be on server side (in fact, I can ping 96.47.72.76 and 96.47.72.79 but not 96.47.72.77) 08:10:33 nimaje: yes, sorry. I'll remember 08:11:14 https://www.irccloud.com/pastebin/eyymEmaG/france_traceroute 08:14:53 dgeo can you do a paste like mine? also traceroute not mtr so I can compare it to what I see here 08:15:39 but based on what you have here it does indeed look like problems at the last hop 08:15:59 I wonder if your ISP / net range has been blocked because of bad crawler behaviour? 08:16:06 dch: I have the same results from other ISPs, the problem appears only from RENATER ISP and 96.47.72.77 IP (we saw this because a friend using IPv4 only can't join http://vuxml.freebsd.org/freebsd/vuln.xml.xz) 08:16:39 dgeo: based on this info please open a bugzilla ticket for clusteradm to look into 08:17:00 let me know the PR# and I'll attach my info from Paris for comparison 08:17:27 I don't know, but this would be a bit hard: this ISP is dedicated to all public universities and research in france 08:18:37 I'll open a PR and tell you 08:59:25 dch: #285877 09:24:09 hm, does devd not have any way to reload its configs? do I really have to reboot to make new rules take effect? 09:30:16 nimaje: can't you just restart it? 09:40:00 ah, yeah, that should work too, lets see if it breaks anything 09:45:08 dgeo: thanks, I added mine also 09:46:17 seems like it worked and webcamd gets started for my gamepad 09:46:43 \o/ 09:53:09 your gamepad has a webcam? 09:55:05 no, webcamd is a bit misnamed 09:57:43 "The webcamd daemon is basically a port of Linux USB device drivers into userspace in FreeBSD." 09:58:33 oh, weird 12:14:39 runxiyu: in general anything ! firefox shouldn't be used on Firefox, chromium tends to lag behind on security patches by a good week or two 12:14:47 and its too big to just compile from source 12:15:25 sorry, wht was that in reply to 12:16:29 runxiyu: ungoogled chromium not working 12:16:42 also I typoed, shouldn't be used on FreeBSD 12:17:24 I have not tried ungoogled chromium, but considering it is a fork of chromium it would likely recieve security patches even slower than chromium 12:20:11 > in general anything ! firefox shouldn't be used on Firefox 12:20:14 I can't parse this sentence 12:20:41 runxiyu: its typoed, I meant anything ! firefox shouldn't be used on freebsd 12:21:11 Oh 12:21:29 for reference right now ungoogled-chromium within the port tree is 2 weeks out of date (4 versions, including 1 major update) 12:21:48 after being bumped it can still take a while for the port to be built 12:21:51 I'll just not use my FreeBSD system for web browsing them (since I mostly use Librewolf, and occasionally Ungoogled Chromium for certain webdev™ things) 12:22:19 I dont see the issue with firefox, for the most part you can still get it reasonably secure/private 12:22:45 polarian: I need unsigned extenions 12:22:49 Well I guess I could use firefox esr 12:24:14 in any case it might be wise to jail whatever browser you do use because it usually is the biggest attack vector on a BSD system 12:25:05 and unlike Linux distros which have a lot more compute, and a lot more devs able to port browsers, *BSD tend to struggle to keep up, with... in some cases, biweekly updates to fix security issues 12:25:53 which is generally why most people use firefox, its much easier to build, its much faster to build (when I benchmarked it a few years back when playing with gentoo, Chromium took something like 15 hours to compile, while firefox was just 50 mins) 12:26:27 polarian: Unfortunately sometimes I need to test various modern "web technology" 12:26:45 for testing on a more normal system, BSD wont be your firend 12:26:47 friend8 12:26:49 friend* 12:27:04 and I dont think anyone would disagree with the statement "FreeBSD is not desktop ready" 12:27:31 which is exactly why the freebsd foundation is funneling cash into freebsd desktop 12:27:50 but they are focusing on the framework laptop mainly 12:28:28 theres not really that manpower to focus on lots of different laptop-specific problems, so they standardised on the framework laptop as that is what a lot of freebsd devs use 12:28:44 FreeBSD can be used on desktop, in 1990s I was running FreeBSD and browsed the Internet with Netscape Navigator 12:29:04 mzar: compare it to Linux desktop, there is unfortunately no comparison 12:29:12 desktop ready never meant that it worked on desktop 12:29:14 you cant even try to say that freebsd is as desktop ready as anything else 12:29:23 Linux was wonky at that time and panicked a lot 12:29:34 yeah, and now look at it, the standard *nix 12:29:41 OK 12:29:49 mzar: but BSD used to be big in the early 2000s server side too 12:30:04 ISPs were renown for adopting OpenBSD for routing and firewalling 12:30:22 how many of the big networking players now use a BSD base? very few afaik 12:30:54 it works pretty good as a desktop system, of course there is always room for improvement, like wifi support, which is more a laptop thing than a desktop thing 12:30:58 I dont know of a single home router/modem/AP bundle you get these days which isn't a 5 year old Linux version with 101 security flaws 12:31:32 nimaje: they "borrowed" DRM from Linux using LinuxKPI 12:31:39 same with the other BSDs 12:31:57 The "desktop" experience, is a lot of Linux code 12:34:32 polarian: Tbh, "I can't get a stable Chromium installation" (which is not that important to my normal workflow) is my only problem with FreeBSD desktop, so far 12:34:48 I mean, I guess I have issues with i915kms, but whatever I can work around them 12:34:53 a lot of "linux" code mostly provided by hardware vendors 12:35:27 cyric: never said it wasn't, but the Linux folks simply blame that on the fact they use better licencing (the GPL) 12:35:52 and I have bumped into a lot of BSD people which are pro-GPL now 12:37:21 windows wins that vendor popularity contest by far, so those folks should be pro-proprietary then 12:37:45 it kinda feels like there is a shift, I read a lot of old ML archives, and the older BSD devs have always made it clear they oppose the GPL and do not want it within base, the younger people I meet are all for the GPL, usually coming from Linux anyways, many of them use the GPL for their code. There is discussions on moving DRM into base, which will fix the i915kms issues, but means merging GPL 12:37:47 code directly into the src tree... 12:39:18 Dont get me wrong I came from Linux, but it never really fit my beliefs that well, and I strongly aligned with BSD more, but was too scared to hop ship... 12:39:53 apart from ghostbsd, there isn't a BSD you can just slap on your laptop/desktop and have a out the box desktop experience... 12:40:25 then add the notorious wifi troubles, and the spotty hardware support, compared to Linux which today can run on almost anything 12:41:36 anyways I derailed the discussions, apologies 12:44:33 runxiyu: you haven't experienced mass coredumps in your homedir yet? 12:44:50 a notible one is code-oss which seems to randomly segfault 12:46:12 i915kms has also caused panics a few times, why? dunno, pretty rare though 12:46:32 tends to happen on a fresh update it seems (after rebuilding :)) 12:54:49 morning 12:55:07 SFJulie1: afternoon :P 12:55:14 I wanted to understand what could have gone wrong in a BSD install https://pastebin.com/Gjg9yF1J 12:55:44 context : I use qemu on linux to bootstrap an installer config and I made a change to add podman to the custom image 12:56:16 polarian: I use, uh, wayland, nvim, librewolf, texlive, gcc, clang, go1.24.1 12:56:17 that's about it 12:56:32 afternoon polarian :D 12:56:33 I've got a few MCEs due to me messing around in /usr/src/sys/kern too much 12:57:10 SFJulie1: seems like it can't find the root partition 12:57:56 strange it used too 1 commit ago 12:58:25 polarian: my i915kms issues tend to only make my display unusable, and doesn't crash the entire system 12:58:50 polarian: Fortunately the laptop I run FreeBSD on has Intel WiFi 12:59:01 another one I own has rtl8821ce which sucks 12:59:24 runxiyu: librewolf lags behind on updates, 127.0 has hit firefox latest, it has been pushed to the port tree but not yet built for latest, both quarterly's are lagging behind obviously 12:59:35 just as an example :P 13:00:01 Yeah that'd be a tiny issue for security 13:00:24 polarian: were you running it on servers at that time ? 13:00:45 mzar: at what time? 13:00:52 early 2000s? 13:00:58 nah I wasn't born, but I know people who were :P 13:01:27 in fact during the XFS issues, freebsd was kinda the only choice for storage solutions at the time :) 13:01:28 OK 13:02:03 at that time RiserFS was trending, but for Linux 13:02:38 and then reiser killed his wife 13:03:06 that's another story 13:03:16 bigger concern is it has been 1 month since an xorg vuln, the patch hit latest about a week ago, there is still no patch for quarterly 13:03:42 its been 1 month since the patch was pushed to the port tree 13:04:01 so it's now in quarterly 13:04:08 so to be honest moaning about a few days difference between a first party browser, and a third party is negligable compared to the bigger fish 13:04:19 2025Q2 13:05:04 mzar: freshports last checked 4am today, and quarterly 14 still has the vulnerable version 13:06:24 freshports are awesome, we have to be grateful to dvl with that regard 13:07:01 polarian, how can BSD boot from a partition and ignore its root partition ? 13:07:57 I guess I miss a command to tell the kernel hey guy your root partition is here (I use installer config that normaly works well) 13:09:57 and maybe qemu is not perfect 13:11:33 mzar: indeed, very useful! 13:12:57 SFJulie1: I don't know, but what I am seeing from the pastebin is the kernel init, and then it failing to find the root (asking you to specify it) 13:12:58 btw, kudo : podman installation on freeBSD is a breeze and it works as expected 13:13:34 if this is a podman issue, it might be worth asking in #freebsd-jails (despite the name, they do all containerisation) 13:15:30 I have a giganormous /etc/installerconfig I play with on qemu (I added podman this morning on a perfectly fine customization), and I fear it is qemu not doing its job correclty. 13:16:15 well, at least the old « dichotomy » method will work : commenting half the patch and see who creates the problem 13:19:34 polarian, when given the right root partition it is booting 13:21:29 is there a rescue command to fix the issue (with let's say boot device being ufs:/dev/ada0p4) 13:21:33 . 13:21:34 ? 13:23:00 gptboot ? 13:23:28 SFJulie1: probably a bootloader configuration problem, but afaik it should autodetect the root partition 13:23:43 gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 something ? 13:24:49 ah right, silly me I forgot 13:24:54 the root should be in /etc/fstab 13:25:09 LOL found it thanks to you 13:25:41 I think its only zfs which it detects it 13:26:11 on a zfs system the only thing you put in /etc/fstab is your swap 13:26:42 not sure on ufs, haven't played with it in over a year now 13:27:01 I did a stupid > in fstab instead of a >> 13:27:14 ah right 13:27:16 that would explain it lol 13:28:03 I wish there was a networking channel for freebsd 13:28:19 maybe a suggestion for th eops 13:28:21 ops* 13:28:31 I dont want to post my stupid questions to the mailing list, its cemented in the history then :P 13:32:30 polarian, for the sake of curiosity I put you where the bug was (with a comment BUG) https://pastebin.com/GSjxgpsA 13:32:47 as a linux boy this one was tough for me ^^ 13:33:36 ok so reading rc.conf gateway_enable needs to be YES if you want packets routed between interfaces, which I would assume you would want if you have different networks (obviously need a gateway), so I was kinda hoping this would fix my vnet jail problem but it doesn't and now I am stumped. ICMP packets pass, TCP packets pass out to the webserver, pass back to the router, and leaves the router iface 13:33:38 (in this case wireguard), tcpdump'ing my laptop, the packet never hits the wg0 iface on my laptop, so I assume its been dropped, so I added a pass all under the nat rule on my pf and loaded it, and STILL its being dropped, there should already be a state within the state table so it SHOULD bypass the PF filtering within the network stack, so at this point I am clueless on what to try... 13:34:18 logging ? 13:39:24 SFJulie1: sorry wasn't replying to you, thats me having my own issue lol 13:39:59 polarian, I know. I have my issues with vnet in jails too, I was trying to help (poorly) 13:40:07 wait you suggesting I log? I already have tcpdump'd on all relavent ifaces 13:40:29 I am going to go with the MTU problem and see if I can bump wg back up to 1500 13:41:18 * SFJulie1 is used to solving iptables problem by having it spew logs 13:41:34 sorry, the default is 1420 not 1500 13:41:53 ah I never bothered with IPTables 13:41:58 nftable is meant to be better 13:42:07 I just used ufw on Linux 13:42:10 pf is way better :D 13:42:13 indeed 13:42:34 pf is fun to work with, until something breaks :P 13:42:48 describing a graph is more logical for networks than spaghetti code (à la ASM) 13:43:41 I think pf is technically better in my mind but I'm used to iptables..... 13:45:20 at the end of the day it is "whatever floats your boat" 13:46:36 right 13:46:46 and put butter in the spinach 13:47:48 BSD is like sailing at the end of the day when you are bored of your linux tesla with too much magic :D 13:49:44 I think it is time to embarrass myself on the mailing list 13:50:30 good luck and godspeed 13:52:35 I should make an alt just for asking stupid questions :P 14:01:57 wait I wonder if it is due to the routing table... 14:02:27 because I am using wireguard all packets go via wg0 14:02:56 I guess I should try it without wireguard 14:06:36 *pretty obvious I should have done this first* 14:13:46 ok I can see the routing table has nothing for managing this 14:19:04 ok its wireguard, found the issue 14:19:18 ... and it was ? 14:44:09 SFJulie1: yes 14:44:53 hot tip: always check what route(8) outputs when using "show" 14:47:09 omfg selectively removing blocks of IPs from the wireguard AllowedIPs is painful 15:07:35 hmmm, does freebsd route IP addresses based on the smallest block first, ie: 0.0.0.0/0 would be the last matched rule, if there is a say 192.168.0.0/24 rule, it would match the smaller block over 0.0.0.0/0 which means in theory, I just need to add an explicit rule and the 0.0.0.0/0 will not match 15:08:30 polarian: yes, longest prefix always wins 15:08:39 all IP routers work like this 15:09:33 thought so 15:09:42 just had to make sure so I didnt seem like an idiot :P 15:12:57 never be too proud for doing that. I do that all the time. 16:09:14 Well. . . just remember, the metric trumps all. 16:09:25 People forget that. 16:10:19 CrtxReavr: not unless you're doing something quite unusual. a worse (metric) longer prefix is still preferred over a shorter but better prefix 16:30:26 hmm this one is a head whack 16:31:29 so I assumed the reason the response packets for tcp connections were being dropped ont he host was due to the routing table, but using route show the routing table should route the packet via the epair... but yet the host is still dropping the packet for some reason... 16:31:55 there is state, it shouldn't even be checked by pf, state bypasses it 16:32:49 polarian: do you by any chance have 'set state-policy if-bound'? also, add 'log' to all your block rules and check pflog to see which rule is dropping the packet 16:33:25 the only block rule is block all so I will log that 16:33:35 also I do not have set state-policy if-bound 16:33:45 I do not have pflog configured though 16:34:30 you should probably enable pflog and check there anyway to see if it's pf dropping the packet or something else 16:35:47 that would be a good idea 16:36:34 I will take a look later, thanks for the suggestion 16:36:45 also if this is wireguard, check AllowedIPs, that seems obvious but it's easy to forget 16:41:41 ivy: its 0.0.0.0/0 16:41:56 but its not the biggest priority in the routing table 16:42:15 I checked the IP address of the jail against the routing table, it should go via the epair 16:43:13 the thing I dont get, I have read a lot on pf, and afaik in all cases pf does not deal with the response if its stateful, (aka if you have keep state, and the state exists, then packet ALWAYS passes) 16:43:29 it doesn't hurt to setup pflog and check, but I doubt that is the issue 16:44:15 I also doubt it MTU either, as it goes from 1420 to 1500 just fine router side 17:43:41 I've never had an issue with FreeBSD getting MTU wrong when routing between interfaces, even with tunnels. 17:43:51 Now Linux, on the other hand. . . 18:07:58 I will have to check pflog and see if it is there 18:08:22 I am not really sure what else it could be though 18:08:45 the weirdest thing is that ICMP passes, but TCP doesn't 18:09:13 the routing table is correct, and the /24 route should match before the 0.0.0.0/0 route 18:09:50 I see it leave the router wg0 if but not enter the host wg0 if 18:11:33 polarian: you have to run tcpdump, sniff the traffic, check each TCP segment with it and you will find the culprit 18:11:46 you just need good, extended troubleshooting 18:45:02 mzar: no need to sniff - he's already got pflog, so can read the traffic from a file 18:46:22 polarian: I've seen wg behave... in various different ways across systems. And it includes FreeBSDs hypervised by 3rd party or my own bhyve. 18:48:18 polarian: please tl;dr, as I'm not sure what the issue is. I've read the buzz above, about the MTU or what not; but what's the tl;dr? 18:49:00 regis: good to know 18:49:38 anyway, good, extended troubleshooting will help 18:59:45 could you please fix the topic or #freebsd-pulse ? 19:00:15 koobs retired and we are now low on qualified ops 20:03:56 * ober has daily crashes while watching youtube vids. dumpdev="AUTO" but it never seems to find it. swap is /dev/ada0p3.eli. 20:06:37 ober: er, release/stable/main? 20:07:58 14.2 release 20:47:00 ober: not sure but is it writing to the swap dev at startup and then the .eli swap from your fstab overwrites the crash dump metadata with geli ? 20:47:47 that's what I'm guessing. need a non-encrypted device 20:48:14 maybe so. i think i remember something like this happening to me 20:49:08 how big is your swap compared to your ram? 20:49:41 2GB swap, 64GB memory 20:50:04 I stupidly forgot to change mine during the installation and now I have a default sized swap partition of 2GiB to my 64GiB of ram, and dump fails because the swap is too small 20:50:08 regis: host is dropping packets when they come in via wireguard 20:50:13 heh that could also be an issue 20:50:20 ty 20:50:46 I didn't want to reinstall, because tbh I never need the swap for performance reasons anyway 20:50:56 you can use a USB drive as dumpdev 20:51:13 that was my workaround 20:51:16 that's an idea 20:52:49 there's also like a way to store the dump to another device over the network(which I freaking love btw, this type of thing is what I love about FreeBSD 20:54:14 will ddb_enable do the right thing from within X to drop to console? 20:55:10 most of my time in ddb so far has been after kernel panics from loading the graphics drivers, so can't help you with that one :P 20:55:18 I guess try it and see what happens 20:57:10 that's funny that we made the same brainfart during install with the same amount of ram. makes me feel slightly less silly, I guess 21:01:01 dumpdev="AUTO" should dump on your swap device in the crash handler before powering off and write the dump to your filesystem before mounting your swap 21:01:57 nimaje: yeah, but if the swap is too small, it won't 21:02:14 even just a backtrace would be nice. 21:03:11 was mostly meant for jmnbtslsQE 21:03:42 at least in my case, even on a fresh install with nothing running, not even X, kernel panic from loading i915kms, the size of the minidump was something like 2.5G, so no cigar 21:04:03 mtll: are there docs on dumping over the network? 21:04:35 dumpon manpage is your friend 21:05:57 netdumpd in ports 21:06:39 ty 21:07:04 though netdumpd is what you install on the receiving machine, to be clear 21:08:09 aye 21:09:22 again this is what i love about FreeBSD in general; it tends to have the kind of features that you rarely need, but when you do need them, you *really* need them 21:21:31 mtll: yep, the default of 2gb swap is weird, i really wish freebsd supported dumping to a zvol so you could resize that dynamically 23:02:21 Does anyone know if dtrace scripts can include another file? I plan to have a LOT of structs and the file will likely get quite large. 23:14:09 it seems to me that the bsd license could be extended to help protect the bsd licensers from having their software stolen from them by proprietary or gpl copyright trolls. i have been bullied out of using bsd license by nearly everyone I speak to threatening to sue me 23:23:42 farhan: yes cpp is used for that, so #include like you would in c 23:52:59 lisbeths: what? do they think your software is derived from some GPL software? 23:53:39 no they keep telling me that they are going to make a new version and sue me if I use that version 23:53:52 for example there will be a spelling mistake in my software and then they will fix the spelling mistake and then threaten to sue me 23:55:56 who are these jerks 23:56:19 any company that's interested in the software should be glad for the gift and not try to kill the golden goose 23:57:11 it's free as in puppies, not free as in beer