if no microcode message is printed, the CPU already has the latest microcode version OR the .conf file was not read/loaded correct, i think it is probably the first as the config looks correct

I should probably also use the microcode update service :x

hi, guys, can you tell me, what should I do: I want to try freebsd on virtual machine, but preinstalled version don't have enough space. Need I create another virtual disk or I can somehow expand the disk?

theres a lot of variables there. how are you virtualizing?

I'm using virt-manager, so is this an answer? :D

well you can increase the size of the disk image using whatever method your virtualization toolset gives you. then, you will want to boot into a separate vm image and mount the expanded one so you can edit the partitions and expand the filesystems. At least thats how I imagine it would go

yes, that's pretty much how I imagine it, but the thing is, I don't know exactly how to do it. I'm just asking if there's a guide

I did a little bit of googling and found some fourum posts:

it probably wont be exactly the same for the vm image but the gpart and growfs commands are what's important

I havent used the vm image but I would assume it uses UFS

there is a choice

thanks for link, didn't know how to google it correctly

rtprio: I know the configuration of wireguard itself is the same everywhere, but my questions is more around setting up the freebsd specific stuff such as how to enable the service and where to put the config files.

wireguard gets set up as an interface, there is no wireguard service. you would use ifconfig to bring it up

you should be able to bring up that man page in your own system as well

i got a bash script that runs a program of mine in a tmux session. it's like tmux new-session -s foo 'myapp -f /path/to/config -v run > /home/me/app.log 2>&1; exec $SHELL'. but when myapp had seg fault, that error wasn't put into the app.log, it was over in the tmux session. why?

thats def weird. did you give that a google? seems like it could be a common issue

maybe the seg fault is from bash and not the program?

does it work when you use any other program in place of your app? do some rudimentary testing and take the unstable program variable

*take out the unstable program variable

ok i needed: tmux new-session -s foo 'exec > /home/me/app.log 2>&1; myapp -f /home/me/myapp.conf -v start'

i think that'll work

Hi, I've recently installed FreBSD 14.3 and I see a ~constant stream of input errors on an Intel 82583V NIC, which leads to a dip in throughput. I'm stress testing the system and try to route at full 1Gbps full duplex through the router. How can I figure out what's causing these errors ?

I bootstrapped the system from a live memstick image. I repeated the test with previous versions 14.2, 14.1 and 13.1. These versions manage to recover from the input errors and achieve full 1Gbps RX & TX.

I noticed that the following threads kernel{if_io_tqg_1} and kernel{if_io_tqg_3} consume more CPU while the system returns input errors.

The system routes between em1 and em2

is it possible to freebsd-update a 14.3 to a specific patchlevel like p3 instead of 'newest'? i have a feeling p5 has a bug causing system crashes but i wanna verify first

kerneldove_, Yes. But the way is to compile from source. git clone the repo. Checkout the patch level you want to build. Compile it. Then install from that build of it.

It is actually a pretty straight forward process.

eh ya i'll pass. i'll just install 14.3 and not update

really should be able to run freebsd-update fetch -p 3 or something

I think everyone using FreeBSD should do a source compile at least onces. Then they will know how to do it when they need/want to do something special with it.

i've done it dozens of times, i know the process. i don't have time for that

I don't recommend watching it crank through it. I would launch it and then let it run and come back in an hour or three and it will be done.

I happen to be running on a source built system right now.

I should do a source build at some point, sounds fun. I need more goobers to test on though. I am not sure how difficult it is to src install when I need ZFS

*zfs root

what's a goober?

I am also running root on zfs and wouldn't have it any other way.

Reinhilde: haha its just what I call boxes, computers, anything that I can install and boot something on

I have a few spare laptops that I could test on probably

rwp: I guess I just dont really know about the src installation process. I'm sure theres info about it in the handbook

kerneldove_: you should use /usr/sbin/daemon

ya eventually i will but tmux is working fine for now

specialbomb, Yes. docs.freebsd.org/en/books/handbook/cutting-edge/#makeworld

specialbomb: building from source is easy enough. If you have zfs, use beinstall(8) which will install the built sources into a new boot environment

perfection

when you're ready to build from sources feel free to ask for more info here. It's not hard to do, but there are a couple of useful *.conf files where some guidance is handy.

what are bursts of "Limiting closed port RST response ..." messages in /var/log/messages?

something is having fun with a closed port

look at log_in_vain to have those logged

ok ty. should i blackhole them

?

I personally do

net.inet.tcp.blackhole=2

net.inet.udp.blackhole=1 <-- both of these settings?

add these to rc.conf

log_in_vain="2"

so don't set net.inet.tcp.blackhole=2

net.inet.udp.blackhole=1 ? or DO set those in addition to log in vain?

and do service netoptions restart

it does the same thing

i personally do a sysrc log_in_vain="2" && service netoptions restart

vs adding stuff to sysctl.conf that aren't already a rc.conf arg

remembe doing sysctl bleh.blah.bleh=x will not make it perm until you add it to /etc/sysctl.conf

you also have some other options

you can lower the threshhold or increase it

net.inet.icmp.icmplim: 200

sorry i guess i'm dumb i didn't catch if you set net.inet.tcp.blackhole=2

or you can disregard those msgs by doing

net.inet.udp.blackhole=1 or not?

net.inet.icmp.icmplim_output: 1

setting that to 0

setting log_in_vain="2"

and restart netoptions does exactly what you doing with that OID

log_in_vain="0" # >=1 to log connects to ports w/o listeners.

er no sorry

youre right hah

yeah add those blackhole= as mentioned before

log_in_vain logs those connection attempts

blackhole just makes it so it doesnt respond and appears to hang

net.inet.tcp.icmp_may_rst=0

that may or may not break things but it helps

I am guessing you do have a firewall setup ?

you have come here

ya i have a fw

it's ports that are sometimes used, and hence open to the fw, that are getting probed, i imagine

i got the bios updated so now we'll see if 14.3-p5 still core dumps

thats part of having something online

limiting rst is antidos feature

ketas ya and it's a good feature, but i was thinking about just blackholing entirely, with net.inet.tcp.blackhole=2

net.inet.udp.blackhole=1

i already have udp blackhole, was thinking about adding tcp blackhole

log_in_vain is overkill but im curious whp probes my closed ports

ya i personally don't care who i just wanna cut noise in logs and network traffic/work for server

well you can fw block it too

how so? i use pf

block icmp

but then i can't ping can i?

you can allow those

pass in on $ext_if proto icmp icmp-type echoreq

etc..

guys what's up

blocking icmps eh

hmm

if you alow icmp out you can ping

it

ketas you said it can be blocked in fw, how?

just drop it all

what is 'it'?

drop mic like it's hot

icmps?

you wanted to block tcp?

i think ping uses port #4 right?

4 and 8

echoreq echorep

icmp haz types

haa

has

some people block icmp some people don't

some people block pings other don't

yeah I like those who don't

some peole set drop-policy to drop others don't

but you can block all in fw

can block flooders by ip too

that could backfire but

i would ask to post your firewall config

but these days people are weird like that

about*

sysctl net.inet.tcp.blackhole can be set to 3 as well, must be a new 1. Setting net.inet.tcp.blackhole=3 extends the behavior of value 2 by also dropping unexpected segments on listening ports without sending a RST, offering further protection against certain scanning techniques

a new 1 meaning new option

yeap

man -P 'less -p " overload "' pf.conf

is an option

3 is new 1 :p

I like that one

but not the other one

hur

Hi

Hi

My Znc is broken for about month

why dont you fix it ?

why did you wait so long

it's not mine ircnow

oh well that would do it

My problem now it's not that ZNC

Ok what is the problem now

I don't know what is happening on the internet the last 10 days

neither do we

we need them logs

anyone here uses hosting like Linode or something like that

i run a VPS on contabo in germany

I use Vultr VPS, cheap but correct

cpet: be careful we may face legal problems if you didn't super secured your server from AI

it basically just runs a ircd

I will explain

AI is basically a information miner, if you host things that aren't yours well thats on you not AI

ketas: guess we lost him

wreh?

still waiting on this so called legal action

cpet: there is an organized AI bots attacks that happens from September (I think from July but it was lesser) till now, but now it's stronger.. On 8 Nov Linode contacted me (but I didn't read the msg :p ) saying that there is an physical problems on the server that runs my service (I am sure it's only me).. and they will move it to a new one, after the move on the next day 9 Nov.. a ToS...

...Violation msg sent to me (I also didn't notice XD ) saying that some company in Spain "comvive" works on security and hosting, is listed my server IP within the last Ddos happen on them.. also the next day 10 Nov, some really weird mail service in Italy "tana.it", is listing me in login-attacks (trying to access some of user account).. also didn't that.. I noticed on 11 Nov, when my...

...website is went down.. and my sim card no more works.. I noticed many international calls from India (that Spain company have data centers in India) and Spain...

yeap this is the wrong place for that

wha

yeah, looks like.. but do you noticed any heavy attacks on ssh, irc or http last months?

nope

The more weirder is that on the same day 8 Nov many data centers in India having heavy traffic problems.. also in Us-east Georgia

guess someone is a victim of "install it and forget then complain when weird things happen"

cpet: they used a php RCE

how did sim enter this picture

I scanned all my server and it's clean

ketas: those company wants to take legal action.. if I didn't move

I have also many strange reports from weird numbers in last two days on my number.. so my sim card company took an action

oh that way

ketas: I also I feel that linode given my contact information to them..

the fuck tho :)

bec. I have two numbers on my account linode.. the two numbers the same thing happened to them

thay send +700K request testing many exploits in less than 2 hours, until found the perfect one..

wait your vps got owned?

yeah

and they used it in nearly every way they could abuse

hacked other servers, used as Zombie in DDos and login-attacks

only in few hours

eh

phones, tho, still?

who bans admin phones

My sim is disabled now XD

so no more calls

how did your vps being owned f with your phone?

?

nvm

why does /var/log/messages have swap_pager: cannot allocate bio in it if system is only using 10% of swap?

think you are missing some of that message

well admins could be slow to respond, could at maximum take it down, nevermind the fucking with paying customer

no that's all of it

my vps have been hacked using some php RCE.. then after they abused my server.. and the affected companies contacted Linode.. linode gived them as I think my phone numbers.. calling me many times.. then some other strange numbers reported me and my sim is disabled now

php lol, switch to rust

mediawiki

and phpbb

who's the phone co?

ask them too?

"On November 8 2025, customers using services hosted in our Mumbai (in-bom-2) and Chennai (in-maa) datacenters may have experienced packet loss and connection timeouts due to an issue with a third party transit provider. "

they got owned too?

:)

this linode nearly all vps companies have the same problems

saaaarr

and all ips attacked me is from India and Indonesia

someone did the needful all over their datacenter

shocking

yeah

btw which lto i want if i want to play with tapes at home?

also in USA

6? 5?

George

just don't use php it suck

always has

this also affected cloud flare, and found some interesting article on bbc on the same day of the heavy attack

Linode refuses to talk, and said to me the security of the vps is on the customer

why there's a constant water need in dc anyway

using evap cooling?

you can also see here all their problems in last 10 days

+5 Emergency, not only them also there are many other vps in the same time have nearly the same problems.. this a bizarre international attack..

So be careful

just find a smaller provider. screw big names like linode and hurdur

yeah

there's probably a 0 day hypervisor escape going around

vps is big risk. just get a cheap dedicated bare metal

from a smaller provider

I think the hackers got into one of the vps in the network there in india and entered every other server on linode

that would be fun

and all of this are automated by AI

crazy O_o

just use ai bro

reminds me techcrunch.com/2023/08/23/cloudnordic-azero-cloud-host-ransomware

entire infra was busted

even company mail :)

Retrofan, track down the guy that hacked your phpbb vps and murder him

heh, you mean AI

all of this are bots AI

an be solved :)

rm -f the ai

Ah

s/an/can

:)

flatdog: how are yout

met is good, no problem

write an AI bot that "murders" their AI bots :P

oroborus, the snake eating its tail. Cool idea

tho right now you can still target the puppermasters

But..

isn't that what trollbots on twitter have been doing for years already, arguing between each other

The weirdest thing here the attack on that weird mail website

tana.it

fully outsourced outrage culture. love it.

it's a private one

flatdog: what if it reaches the head

problem solved

they attacked a specified users wants to read their private mails

no more headaches for hoomans

and I don't know if they are behind the weird reports on my phone number

Sim is no more usable now, need to go to the company

it's 2025 you don't have to be ashamed of calling The Manhole voiceline anymore

be out and proud Retrofan

a what

brb, wife said something about lunch

*hooman one

how did you source a wife

cannot remember, it happened 40+ years ago

laterz

wtf

lead_pipe23: romans liked you

ugh poudriere is failing to extract to /tmp/ today

i can't imagine living with someone for that long

i don't even like having weekend guests

good for them but to me having a family is weird

kerneldove_ likes aloneness

ya

i can't imagine having to negotiate my living conditions with another person permanently

Family is good, not bad

i see kerneldove_ in sociologicamente.it/wp-content/uploads/2017/12/3663-1012.jpg

i already said good for them, just not for me

nah i'm orderly that's a shithole

it's not like i 'never grew up' or smth

I also forgot to share my desktop screenshot

definitely strong late 90s flare going on there

hah

what the de?

nt3.5ws :p

I like that image looks nice on desktop

is that the freebsd port or an actual next system?

afterstep

never mind heh

Gworkspace running ibb.co/BKzMG6Zh

*Gnustep

I like after.. but the 2.0 version is unusable

well seeing how x11amp has been removed years ago

we may have found why your VPS was owned

:D

lol

not to mention staroffice was decomisisoned years ago as well

realplayer has been a thing since like what 2005?

think the only thing on that screenshot that is modern is the monkey icon

now since im bored lets do some digging

it was removed in 2015

mm so poudriere fails if WRKDIRPREFIX=/tmp but works if WRKDIRPREFIX=/tmp2 with identical mount params

wat

cpet: This not staroffice

why would you change the wrkdirprefix

this the leates Openoffice

I like the star's icon

ah i see

i kind of like libreoffice

cpet: so it all ends up in /tmp/ whether I build in tree or via poudriere

well check the mount options cause /tmp i think has noexec nosuid

cpet: to be honest I was using mediawiki version form 2012; bec I hate JS

which is all neded by poudriere to build

only if you use the rootless building

Retrofan: fail

yeah it fails in extract, which is very odd

never had a reason to do that i setup poudriere and use the html frontend

but phpbb was the leatest

I modifed a theme to be nearly 0 JS

Retrofan: php is bad anything thats not fixed ASAP will get owned

Retrofan: especially if you run wordpress

thios is why I use hugo

No wordpress heh the whole website is static web 1.0 html

last i checked nothing really can be done with vanilla html

I used a blog uses markdown, and heavy modified it to 100% static

That wiki never touched it since 2022

and I forget it

That attack is so dengrous they are not only attacking in one way, they nearly all protcols, AI scan for security holes and make bots test it

irc and ssh and http

and many more

So we now have clever worms XD

you are using old as hell software

then complaing your stuff got owned

?

what teh hell?

phpbb is not old

only mediawiki

and they hacked both in less than hour

in less than an hour, counted from..?

I can see in logs

bots was trying many different ways

and found the right

i have considered writing my own forum software

It's only me hacked you can see nearly all the company have the same problem now..

in Tcl

NIc

nice

not done it yet. but i should

make it html 3.2

my server also hacked many other servers, and acted as a zombie

may want to read up on properly securing your server

lol my server hacked

kind of curious of logs

ketas: dont confuse your server with your mind

my hacks are ok

Retrofan: i only ask cause my pf has blocked over 3k IPs

and a bunch of 404's from random php crap

ketas: what?

i don't even watch what mine logs

4.217.221.186|Wed 12 Nov 2025 06:59:52 -0600|404|961|GET /enclas.php HTTP/1.1|||Host:

etc..

yeah

ports are funny too

it's and international attack

they are working from sep

but now look like they took over india

there's ALL sorts of scans nowadays

ketas

I scanned 3 times using ClamAV

I am using linux vps

clamav is as useless as it gets

and nothing their

I think it's a 0 day

or somthing like SQL slammer

writes it self to memory

only

Retrofan: its not hard to random try thing and use them without anyone knowing for months

cpet: it only attack servers, I think that no one way; bec AI writes the code for attacking

and after get in it makes it attack other servers on company

gets in from where ssh exploit

then DDos some security services

and trying to hack some weird people

I think it's mafia or something organized

cpet: gets in from everywhere

i see

my ssh is super sucred and they tried and faild

but got in from php

it's AI

many ways many thing

The only thing I am scared of is they may stole my visa, like what they done for my phone number

my sim useless now

Data centers is heating up.. and people can't afford water in many places

The modern world is scary

its not scary just greedy

I thought we were championing equality and celebrating diversity

Oh, they closed the ticket

skynet became online

I can start my server now.. but I will let it down for couple days

skynet is after ketas and Retrofan

Be careful also cloud flare is affected

hah

its always either cloudflare or amazon

I can't trust their security now

didn't cloudflare recently ddos itself?

i personally never did

Koston: link or it never happened

Koston: oh

only read about problems in india

that affected the service

guys

what you talking about man?

yeah

sounds hysterical

black2: im bored so im just listening

Koston: hah

I will send links of the last problems with them.. hold a sec

all i got form this is dont use linode

heh

that is from 2021

cf is never a good-will actor in the industry

Xd

my bad

did you guys hear about the founder's downfall in life?

There one which new

hold a sec

feel sorry for that guy

black2: link or it never happened

i guess i can google but

you kind of started it

so pay up

pending result...

rain check opk

The Devastating Decline of a Brilliant Young Coder by WIRED

they really should do a lot of the things they've done

this is exclusively for members

shouldnt*

pfft

you can bypass that with wayback machine I think

well I can read the whole thing here

you want the pdf? cpet

tl;dr, the guy got dementia in his early 30s

an S-1 IPO filing that it made public today, “Tragically, Lee stepped down from Cloudflare in 2015, suffering the debilitating effects of Frontotemporal Dementia, a rare neurological disease.”

damn :(

I can't find cloudflare

I have PTSD, Chronic kidney disease at stage 3 and my hands get numb

but still sucks :(

but I got many other ones

In same time of linode

anything with cloud in it is bound to have issues

"cloud" is a buff term

similar derivatives include "Internet of Things" and "Big Data"

search for linode, first hit description: Linode Kubernetes Engine Managed K8s container orchestration engine for containerized workloads.

what an absolute bullshit bingo jackpot line

buzzword bingo

can anyone tell the difference between AI, ML and DL anymore?

Koston: that sounds bogus and pompous.

I am scared now on my money and visa

Retrofan: what VISA?

I don't know if they are hacked or somethin.. but how my phone number leaked.. and got reports on it

sim card is no more working

black2: Probably his foreign residency, since "visa" is spelled in all lowercase.

?

oh

I mean my credit card

Then that's Visa, not visa.

We here use term "visa" for all credit cards

Or VISA rather.

I call both VISA and Mastercard just "Slavecard" because of them constantly going after entertainment and censoring it all to death just because their CEO's don't like it.

remiliascarlet: hey did I talk to you before? Are you the Japenese person who stayed in #fsf quite often?

I'm Japanese, though I don't think I was in #fsf for that long.

yeah they cut the donation money of wikileaks back then. that was scary man.

a debit is the best I can stand. I never will get a credit card despite constant temptations by the bank employees.

I was in #gnu before, but I was constantly being attacked with "you're cringe" after having sided with RMS.

remiliascarlet: okay but nice to talk to you again. I think you are the person then.

I have debit cards only. Not because I can't get credit cards, I just don't trust them.

why? because of the RMS's supposed connection to Marvin Minsky?

that's fallacy

I simply said that cancelling the very man that made GNU and FSF possible in the first place was a very bad move, and the political activists there didn't like that.

cpet: you are not dying?

this is off topic, please move the conversation elsewhere

[tj]: okay man chill

you gotta get a head of things

oh, mine is debit not credit..

I think we'd best take it elsewhere? remiliascarlet

black2: Watch out, he's an operator. Might move this to #freebsd-social.

[tj]: wdym "head of things"?

remiliascarlet: okay

theirs always that one person

ketas: not yet

black2: proper management of those plastics is key

ops should always be opped up; the libera catalyst rule considered harmful

cpet: what plastics?

black2: cards?

okay right

I only have a few and they sit in my drawer so I should be fine

-social, now

wtf catalyst

ketas: please stay on topic

and tell me with py-openssl isnt found

something must be done about this colla of cryptofascists.

Reinhilde: kdegames fails cause py-openssl was renamed to py-pyopenssl

now sadly i use pkg

so compiling would render me recompilg kde

and well no :)

uh, huh. 's always struck me that freebsd's packaging is strange sometimes

After KDE 4 came out.. KDE became useless

i like KDE xfce4 for my lower end systems

i liked E as well but they have a very strange release cycle

and I have seen them release like 4 releases in a day

e?

oh that e

eketas

bye

cpet, don't be that guy.

ok i reinstalled 14.3, didn't update so i'm not at patch 5, and starting up my server app. we'll see if i get an OS crash again

got bios updated so it's not that

Just because you have the lastest BIOS, doesn't mean it isn't a turd.

well it was shitting when it had the older bios so there's nothing more i can do at this point

last thing left to try is if the p5 change to udp code is the culprit

my server app is heavy on udp

p5 as in perl?

patch level 5

the latest 14.3 patch level

CrtxReavr: what guy ?

09:12 < cpet> ketas: please stay on topic

CrtxReavr: please stay on topic man

are you guys flirting?

jc

kerneldove_: ive known CrtxReavr since probably aroound 2001

well i guess you guys have a really strong bond formed and i'm sure you guys will be happy together

And he gets worse every year.

you two are so cute. perfect couple

now hes flirting

all this time and the flame is still alive

hah

:/

kerneldove_: you did it not me

hrm sudo was remade in rust

nice!

i wonder if its behavior is exactly the same or if it did the coreutils jig

hah

kerneldove_: cgit.freebsd.org/ports/tree/security/sudo-rs

i'll give it a try

i still use sendmail despite it being not used any more due to bad rep of being insecure

so bleh :)

It's a piece of software with a long history.

It's also very mature.

also was rewritten

That said, however, I find postfix to be much easier to configure and keep secure.

And hell, it's damned near as mature as sendmail these days.

i like opensmtpd

syntax is almost in par with pf

Sendmail is 42 yrs old 1 yr older than myself

Postfix is 26 yr old

according to the trustworthy wikipedia

I just remember with postfix, everything I needed to know about configuring it was in the comments of the included .conf file.

Exim is older

I always got confused with the hosts stuff

Isn't exim a client?

server

o_O

Are you thinking of exmh?

exim

oh

Exim was the default mail server in Directadmin

but they cut freebsd support for some reason

In March 2023 a study performed by E-Soft, Inc.,[5] approximated that 59% of the publicly reachable mail-servers on the Internet ran Exim.

CrtxReavr: :)

Conclusion exim admins didn't now how to not report a version tag.

now how

Is it popular in India & China?

i dont know

I'm just baffled as to how it could have been so under the radar for me.

no body is perfect not even grammar people

"Nobody."

this isn't about me man

Hey,you teed me up so nicely there.

I get lucky so often

You know, if you were to track down my Junior & Senior High English teachers and tell that them I grew up to be a grammar zealot, they'd never believe you.

tell that them ?

s/that//

tell them that I

yes

or drop the 'that' - that works too.

too many that's

so I have a script that fetch ip's from access.log based on 404, random shell code, and some other crap

just in the last 72 hours it has blocked around 4000 IP's

not to mention it has taken me a while to block all that censys scanning bs

CrtxReavr: I graduated in August, yay me

luckily grammar is not part of it or else I would of failed miserably

heh

Finally finished beauty school, eh?

cyberSecurity

i guess to computer it's beauty school

pccard was removed

pccard.4*

cpet wtf 4k ips. you run a porn site or some other hot target?

i'm glad i don't run any public facing services

kerneldove_, never exposed ssh to the internet before?

ya but that's the not the same as a website

with ssh it's easy to know if it's legit vs not traffic

probably ai crawlers "found" you

not at all surprising these days

Long before AI crawlers was web crawlers.

I love it when you can watch your logs, see them download your robots.txt, then immediately hit everything you tell them not to index.

ah, the old days

That's all still very much a thing.

lol

Joshua just wants to play a game.

Was Matthew Broderick 12 when they made that movie?

"I'd piss on the spark plug if I thought it'd do any good!"

He was very young for sure.

This part had me dying laughing.

I'm old, but I never owned a cradle modem.

``30 GOTO 20 `` would have been a lot more efficient.

Thisd odysee it's own video site, or another YT aggregator?

CrtxReavr: on my home network I begun just opening up wireguard tunnels instead of keeping ssh open, way better option imo

wg was a blessing upon us mortals

my home vpn situation improved greatly with the conversion from openvpn to wg

Jason Donenfeld is genuinely one of my favorite dudes, his projects are great. I use pass daily

kevans: In what way?

I moved from openvpn to headscale and have had so many problems

I've always been hungup on the config/routing of wireguard.

I'd hope it would be no different than openvpn (even though it's mostly done for you in pfsense).

its not that hard! you should read the introduction to the concepts of wg on the official webpage. its beautifully simple actually

so simple it makes you wonder why no one really did it before. really genius stuff

Well everytime I'm thinking about it I'm remote... over openvpn... I get scared.

I'll have to try again.

dont be scared, be curious!

you can experiment with it locally on two machines too if you wanna poke around at that

why is cpet trying to date CrtxReavr and me

:p

is that what you want?

I struggle to find a reason to use VPNs when there's ssh handy.l

mason: because it's a drag to ssh port forward all the time

Eh, SOCKS makes it pretty easy.

If I had to do a ton of UDP I might change my mind. But I never do.

not everything is web either

Other things can use SOCKS, but yeah.

Huh. TIL SOCKS5 can do UDP.

i would say using emcrypted encapsulation would be a better idea in most cases

ketas: dont be weird man

aye cpet

drama in the love triangle!

no thats ketas being ketas

This looks neat, anybody use this before? github.com/DtxdF/AppJail

not sure I trust a project that has such big donation images

heh

LOL

ill still handwrite my jails for now I think. cool though

the inhouse jail manager in rc is good enough for me

i have problems with that

cpet: same I'm a simple man

and thing it came from

why one can't just install a port :p

unsure

I'm sure there is a use case for someone.

yeah

i dont think any of the new jail managers fix any of the issues that make people want to create new ones

cbd is a beast of a ugly and confusing app

but it works when its setup

cbsd*

never used any of them somehow

ketas: dont be like CrtxReavr who never herd of exim

i never used that

used qmail and postfix

oh yeah strange ideas

why that's a thing in linux anyway i wonder

i can get the idea

but it's another damn wrapper

linux uses systemd which is a overly complicated beast as well

systemd asids

aside

but those containers?

kind of like the idea of OCI

wtf oci even was

Oracle Cloud Infrastructure?

open container infra

Open Container Initiative ?

:p

ya know docker, podman, that stuff

that whole thing seems like someone rubbing and go like... now how do we make everyone suffer as much as windows users when they want to install programs

rubbing hands

containers arent a bad idea, its more seemingly everyone wants to do it differently and its frustrating

thats my perception at least

same with jail managers

:)

I just use the rc script!

it worky good

it worky

heh

i need to reorganize my jails and datasets. I want to make it so each jail has its own ZFS dataset so I can snapshot more granularly. I first started working with freebsd in general a few months ago so my architecture is a bit naive :P

finally got all these url regex crap working

now all these *.php pings give Connection Closed

specialbomb: been working with freebsd for 28 years

specialbomb: :D

im in love with it!

done you get weird too

dont

i installed 4.6

actually when did 2.2.8 come out

I mean, im no professional, but I love the freebsd way of doing things

ok 27 years

ive run into so few problems, and the documentation is a ton better than a lot of other operating systems ive fooled with. its never been easier to answer my own questions

hah

yes

specialbomb: asking the wrong questions then

im not experienced, so they arent hard questions :p

ask ketas all your questions he knows all the things

reminds me linux.die.net/man/8/lsof

love the synopsis

terrifying

every command is like that

think i sent in a ML requesting a rewrite to a more informative -h output

the reply was not good so gave up

of what

lsof?

all commands

well it fragments

thats one hell of a request.

if you know C sed and some magic

its not really

did someone get pissed

people always get pissed when I say something

hah

why

:p

i guess im too direct for most people

why you hate /root/

:p

cause installing everything to /root is bad

btw where to put custom things in hier anyway?

noone really fines you

hier is an illusion

there is no fs police

yes

I suppose I dont really know what you mean by "rewrite to a more informative -h output" for "all commands"

usage: rm [-f | -i] [-dIPRrvWx] file ... unlink [--] file

poudriere uses /xxxdirxxx in it's jails

but i chose /root/ for less confusion

what would be your ideal output?

Application Options: --config=PATH Configuration file location (~/.irssi/config) --home=PATH Irssi home dir location (~/.irssi)

somebody recently put /root 750 into mtree

this makes me have to do a man rm

read

which craps me

and then go on so i want rm -i

now if rm was like irssi

i can go yeah i want -i and rf

i can't decide where to go

go any where

zpools go /xxx

ah, I guess im always having a man page open anyway so I suppose it doesnt bug me much

zpools goto /beer

pools of beer... nice

i mean you can write anywhere as long as it won't confuse you or others

beer 448G 52.9G 395G - - 1% 11% 1.00x ONLINE -

root@server:/var/log/hiawatha #

we all need a beer dataset

nanobsd did put things into /root/ as well

ive only used nanobsd once

I named my main storage pool boulder

heh

specialbomb: i drink a lot of beer so its a reminder

specialbomb: kind of why I own unix.beer

one could choose never to be used dir in / as well

like /custom

cause I drink the beers while doing unix stuffs

opt srv whatever could be used as well

nice domain

mail/openwebmail||2021-02-01|Has expired: Does not use modern Perl syntax and no development activity since 2006

i've see /data\d+ or /virt\d+ being used

aww

whatever

I havent hosted a website in a long time :(

i host one using a mini pc that sits right next to my router

Copyright © 2001-2025 Open WebMail Project

they used $year i thinl

k

I just dont have a lot to say, so I dont need to host a site!

hmm openwebmail.org/openwebmail/doc/changes.txt

i have a patch bin

unsure

trying to see why kdegames doesnt compile

KDE was my de of choice when I was a lot younger, ive been meaning to try it out again

Installing py311-pyopenssl-25.3.0_1,1...

pkg-static: py311-pyopenssl-25.3.0_1,1 conflicts with py311-openssl-25.0.0_1,1 (installs files into the same place). Problematic file: /usr/local/lib/python3.11/site-packages/OpenSSL/SSL.py

on those jails & oci

was it renamed lately?

yeah I was thinking about that one lately ketas haha

or those are two things?

ah

so MOVED isnt the same as RENAME?

it should be moved

delete it?

i cant

why?

it will remove about 900 ports

always can

-f

guess ill just wait until packages are rebuilt

900 dependencies? sure sounds like kde

pkg create -nv

specialbomb: i like KDE its the most complete DE

specialbomb: however people hate it

first

or so

cpet: I took the i3 pill a long time ago and never really went back haha. I've gotten so used to my own little setup that I look like an idiot when I have to use someone elses computer

looks like it's rust time again

o/` lets rust again o/`

why?

it was done 27 hours ago

hmm

unsure why naming

it's already a py openssl

py py openssl?

time to email the committer

it's upstream name but still

ah so the project renamed?

unsure if it did

think all those were renamed to pyname

er py-pyname

imagine if new port comes and is named py-openssl

i was just wondering cause I wanted kdegames

:p

you should calm your desires

nah, next it will be python-opensecuresocketlayer

openbuffy

secure socket slayer

hah

ketas: please stay on topic

:p