//////23

CrtxReavr: echo '"foo,bar","fubar"' |tr -d '"'|cut -d, -f1

with zsh is there a way to see files that were deleted? I was under the impression that there are snapshots or is that something I have to enable?

zfs*

duh, yes zfs

mns: You can cd into the .zfs directory hidden for every mountpoint.

Therein you can browse shapshots, if you've taken them.

thanks mason

apparently I have snapshots going all the way back to 2023 in /.zfs

mns: Think of old tape-based strategies for keeping specific older snapshots. You can literally take a tape strategy and use it with ZFS snapshots.

yeah I remember we used to have something similar on our systems when I was working at the Big RDBMS Company That Destroyed The Sun. ZFS was default on all the servers that we ran our tools and applications on.

Saved my ass many a time.

mason: apparently I've messed something up, without touching jail related configs, and since yesterday can't seem to get to my webserver anymore.

mns: Hrm, well. Make sure all the mounts you expect are mounted. That was a concern yesterday.

mns still enjoy powering up my Ultra 5 :)

external disks even sound like they are serious business

Yes, Ultra 5's were awesome systems.

mason: yesh all the mounts are there. If I do "curl -I -k 192.168.70.151" from the host to the jail, I get the headers from the web server, no issue. So I know the web server is working. Its just when I try to access via FQDN that things don't seem to work.

That could be a range of things.

But it sounds like a virtual server config.

So check that your web server configs are all accessible.

This sounds like the sort of thing that would make me not want the mixed-nullfs-style of mounting things.

yeah I'm trying to rule out obvious things looking at the previous configuration. I'll probably do a write up of it tomorrow and post it somewhere for folks to see the configs and setups.

mns: FWIW, you can migrate to simpler storage if you decide you want to. Just make new datasets and flesh them out.

mason: the configs are all accessible. without that the webserver wouldn't even start.

Internet traffic -> cloudflare (dns management only) -> cable modem -> sslh (fbsd host on 443) -> web server (jail on fbsd host)

that's the flow of traffic to the webserver

Is the web server seeing the requests?

web server logs and/or tcpdump can help with that.

yes the webserver sees the request when I use "curl -I -k ip.address" from the fbsdhost to the jail.

but it doesn't reply? or does it try to reply and fails?

it replies, I get the reply

its a 200 status code

but it doesn't understand what to serve?

maybe tcpdump and make sure it's receiving a request for the right domain

although you should see that in the logs too

with teh 200 code, the logs indicate its fine.

hmmm I could get rid of sslh and see what happens. I only have port 443 open, even for ssh.

Alright very cool guys. The fragmentation-related amdgpu slowdowns/hangs came back just in time for 14.3-RELEASE apparently. After a week of uptime or so, it happens again. This was fixed at some point on 14-STABLE and now it's back.

sphex_: What sort of fragmentation?

mason: physical memory fragmentation. when the kernel has trouble finding contiguous physical pages.

Ah. So, basically just using the machine. That's really deeply unfortunate.

yeah. it makes the desktop super jittery after a while. now I couldn't draw circles with my mouse cursor without it "flying off" after a micro-hang... but I dunno I might be fragmenting my memory more than usual somehow.

am I really the only one getting this? I guess not too many people use FreeBSD on the desktop and have a drm-kmod amdgpu card and don't reboot for weeks at a time and get their memory all fragmented and run GUI programs that somehow trigger those contiguous memory allocation requests...

sphex_, I have been suffering through the system pauses too. It was not there in 12, not there in 13, but in 14 it has been a continuing problem.

bridge_pfil() feels like a very confused function

er, wrong channel

Does anyone know how to get networking working in a bastille jail when the host is a VPN client and has all its traffic routed over said VPN?

zilti: do your jails use vnet , alias, or inherit networking?

crest: alias networking

crest: alias networking

So, I have a 'bastille0' cloned interface

crest: I tried to use a vnet jail at some point, but it is not possible to create a bridge on the VPN interface

you can't put a vpn interface into a bridge because it's not an ethernet interface, you should use a vnet jail and route between the jail and the internet (which probably requires NAT)

File name too long (63)

i hate this error

*nix OSes twist the meaning of bridge bigly.

ivy: Yes... Well, I now managed to have the whole VPN setup on my router, so I can act as if there was no VPN at all on that server :)

Is there a tool that will display duplicate lines and line numbers in a file?

CrtxReavr: uniq

and grep, i guess

CrtxReavr: If I understood you correctly, you may have a file with lines like: "foo\nbar\nbas\nbeep\nbas\nfoo" and you want it to display something like: (1, 6): "foo" (3, 5): "bas" ?

Or even like: 1 foo 3 bas 5 bas 6 foo

still unclear: start with `grep -c . filename` or `cat filename | uniq -c`

CrtxReavr: how about awk 't[$0] != 0 { print(t[$0], NR) } { t[$0] = NR }' ?

ahh, good one

awk is black magic

as they say dura lex, sed lex, awk lex

"The law is harsh but it is the law, the law is perverse."?

nimaje: something like that, I am thankful perl is not included

not a fan of perl?

paint splatter are a bit hard to read and write

I personally do not know any fans of perl

perl's great. stable, everywhere, useful with minimal fuss.

compared to python, perl's a cakewalk

Depends on who you ask (imo).

I work in bioinformatics, a lot of biologists have taken a liking to python because it's easy for them to learn and use compared to perl.

perl doesn't inflate my cve per month measurements by a few powers of 10

and python packaging is crap

i don't dispute that the language is clean and useful

while perl resembles line noise

but perl is a systems programming language, python is a generic language

python's quite good at a number of things in the language compared to other interpreted langs

i only object to the packaging problems.

and perl is better suited toward system tools than python (evil eyes ansible)

As a C/C++ developer myself, I object to everything being a reference. :3

(talking about python)

oh, well i'm thoroughly infected with ()'s

LISP any day

I don't know lisp. I use projects that use lisp but I don't know it myself.

I used to rely on Python a lot until I realised I can instead write Rust

and unlike Python or Perl it would run on a Windows PC of a colleague without fuss

Remilia: I'm not too familiar with rust either actually, do you compile it on a FreeBSD box and then send the compiled program over to your Windows using colleague?

no I compile it on work-issued Windows laptop haha

oh lol

you can actually install the toolchain even if you have no administrator rights

you can also do that with Perl and Python but go explain how to to an average linguist or LQA

though this is more of a #freebsd-social conversation

TIL #freebsd-social exists. :partycat:

Demosthenex, LISP = Lots of Irritating, Silly Parentheses

CrtxReavr: ever use it?

nimaje, thanks for your awk solution, though it does break down if there's more than two instances of a line.

Demosthenex, no - that's just a bad, decades old joke.

kinda like how perl is the Perfect Emacs Rewrite Language

(somewhat related, since a core part of emacs is lisp :P)

Before the LLM phase, LISP was billed as a strong language for A.I.

Who remembers when perl was part of FreeBSD's base?

the good old days

Also gcc, bind, three different firewalls.

What's that?

FreeBSD *STILL* has three different firewalls in base?

dunno if they were good, Perl updates too often and is too useless so it was great that 5.0 removed it

ah yes, making fun of having three firewalls is classic

I remember skipping 5.0 though

kevans: I like having options ahaha

though sadly ipfw's NAT is still a huge pain configuration-wise

CrtxReavr: they keep pulling letters off of 'ipfw' and it keeps getting better. can't wait for the fourth firewall 'f' to be in base.

5.0 removed it? hot damn that was in early 2003. the tech world was a totally different place back then.

What version dropped ipfirewall?

Remilia, it was removed because someone ported its function in the build process to awk.

I was a big fan of ipfw/natd.

I even wrote a doc on difiguring it that got a shit-ton of downloads back when EFnet still got a lot of traffic.

s/difiguring/configuring

CrtxReavr: you probably won't believe this but I know that because I use FreeBSD since 2.2.x

but thank you for taking time to explain it to me

I was a *USER* in the 2.x.x days, but 3.0 was my first version to install and be root on.

EFNet is still around and has ~5 very active channels

I'm there. . . not sure what channels you're speaking of though.

#political, #football, #irc30, #Chases...i forget the 5th. #bball maybe?

#hockey is mostly dead, even during playoffs.

I hang in:

#FreeBSDHelp

#bsdcode

#ciscohelp

#Solaris

#bsdports

#bsddocs

on efnet or...? running /list on those in efnet returns no results.

I'm in those channels, on EFnet.

wow...ok then. /list doesn't show them, but /join succeeded and i see dozens of other nicks in #freebsdhelp and #bsdcode.

sweet! more bsd discussions!

ZedHedTed: Not all channels are publicly visible

vkarlsen: I'd even say most channels aren't on networks without robust anti-spam measures, you don't want spambots to see your channel in the list

so it's +s everywhere

the terminal on my bhyve vm is jacked, and i'm not sure i've seen this before

normally, i wouldn't care but i need to change the ip address. any ideas

export TERM=vt100 xterm, xterm-256color all don't seem to do anything

well, nevermind i guess. was able to mdconfig the disk, mount it, update it, restart

so prior to updating FreeBSD kernel+world I create a new boot environment to roll back in case of issues. just creating and activating the boot environment is enough to make any changes to the root filesystem apply in the new boot environment, right? or do I need to reboot after activating?

up until this point since I haven't been sure, I've just rebooted, but since I'm actively using my system currently it'd be nice to avoid extra reboots

my process up to this point has been create and activate the new BE, reboot, upgrade from pkgbase, reboot again into the upgraded system

it'd save some hassle if I could just create and activate the BE, upgrade from pkgbase, then reboot into the upgraded system, but would that have the upgrades apply to the BE that I'm in *currently*, rather than the new one?

Someone should probably ban-forward Schamschula to ##fyc

tm512: you'd have to mount the BE

activation takes place in loader, effectively

kevans: mount and then chroot I presume?

chroot or there's even a convenient `bectl jail` subcommand

ah cool I will look into that

# pkg update

pkg: Cannot open dev/null

yeah you need to mount devfs

but our default configuration does allow it, at least, now

is that mount -t devfs devfs /dev or something?

looks right to my eyebeall

that was a bit of a guess but yeah it worked *shrug*

I think I was remembering the command to do it on Linux

now I'm getting: pkg: No SRV record found for the repo 'FreeBSD'

and similar errors

but /etc/pkg/FreeBSD.conf is present in the jail

it seems it's because networking is not set up in the jail

I can't ping or curl anything

try pkg -r from the host, then

or -c

-c maybe makes more sense

How was the jail provisioned?

bectl jail

kevans: would -j work as well? I'm not sure where I find the chroot path or the jail name

seems I got it, -j did not work btw

I have a file for which file(1) says: AppleDouble encoded Macintosh file

How can I. . . do something with it?

xxd output: termbin.com/6udc

CrtxReavr: "rm filename" is about the most action you'll see with that.