00:00:20 if no microcode message is printed, the CPU already has the latest microcode version OR the .conf file was not read/loaded correct, i think it is probably the first as the config looks correct 00:10:44 I should probably also use the microcode update service :x 00:47:29 hi, guys, can you tell me, what should I do: I want to try freebsd on virtual machine, but preinstalled version don't have enough space. Need I create another virtual disk or I can somehow expand the disk? 00:54:59 theres a lot of variables there. how are you virtualizing? 01:00:15 I'm using virt-manager, so is this an answer? :D 01:17:53 well you can increase the size of the disk image using whatever method your virtualization toolset gives you. then, you will want to boot into a separate vm image and mount the expanded one so you can edit the partitions and expand the filesystems. At least thats how I imagine it would go 01:24:24 yes, that's pretty much how I imagine it, but the thing is, I don't know exactly how to do it. I'm just asking if there's a guide 01:27:05 I did a little bit of googling and found some fourum posts: 01:27:05 https://forums.freebsd.org/threads/resizing-a-partition.74237/post-453861 01:28:56 it probably wont be exactly the same for the vm image but the gpart and growfs commands are what's important 01:29:35 I havent used the vm image but I would assume it uses UFS 01:30:57 there is a choice 01:31:29 thanks for link, didn't know how to google it correctly 01:32:45 rtprio: I know the configuration of wireguard itself is the same everywhere, but my questions is more around setting up the freebsd specific stuff such as how to enable the service and where to put the config files. 02:04:46 wireguard gets set up as an interface, there is no wireguard service. you would use ifconfig to bring it up 02:07:01 https://man.freebsd.org/cgi/man.cgi?wg(4) 02:07:50 you should be able to bring up that man page in your own system as well 02:08:58 i got a bash script that runs a program of mine in a tmux session. it's like tmux new-session -s foo 'myapp -f /path/to/config -v run > /home/me/app.log 2>&1; exec $SHELL'. but when myapp had seg fault, that error wasn't put into the app.log, it was over in the tmux session. why? 02:10:53 thats def weird. did you give that a google? seems like it could be a common issue 02:11:45 maybe the seg fault is from bash and not the program? 02:23:00 does it work when you use any other program in place of your app? do some rudimentary testing and take the unstable program variable 02:23:24 *take out the unstable program variable 02:34:43 ok i needed: tmux new-session -s foo 'exec > /home/me/app.log 2>&1; myapp -f /home/me/myapp.conf -v start' 02:34:49 i think that'll work 04:17:03 Hi, I've recently installed FreBSD 14.3 and I see a ~constant stream of input errors on an Intel 82583V NIC, which leads to a dip in throughput. I'm stress testing the system and try to route at full 1Gbps full duplex through the router. How can I figure out what's causing these errors ? 04:17:18 I bootstrapped the system from a live memstick image. I repeated the test with previous versions 14.2, 14.1 and 13.1. These versions manage to recover from the input errors and achieve full 1Gbps RX & TX. 04:17:43 I noticed that the following threads kernel{if_io_tqg_1} and kernel{if_io_tqg_3} consume more CPU while the system returns input errors. 04:17:50 The system routes between em1 and em2 06:21:53 is it possible to freebsd-update a 14.3 to a specific patchlevel like p3 instead of 'newest'? i have a feeling p5 has a bug causing system crashes but i wanna verify first 06:26:27 kerneldove_, Yes. But the way is to compile from source. git clone the repo. Checkout the patch level you want to build. Compile it. Then install from that build of it. 06:26:35 It is actually a pretty straight forward process. 06:26:55 eh ya i'll pass. i'll just install 14.3 and not update 06:27:22 really should be able to run freebsd-update fetch -p 3 or something 06:29:26 I think everyone using FreeBSD should do a source compile at least onces. Then they will know how to do it when they need/want to do something special with it. 06:29:54 i've done it dozens of times, i know the process. i don't have time for that 06:33:51 I don't recommend watching it crank through it. I would launch it and then let it run and come back in an hour or three and it will be done. 06:34:10 I happen to be running on a source built system right now. 06:44:54 I should do a source build at some point, sounds fun. I need more goobers to test on though. I am not sure how difficult it is to src install when I need ZFS 06:45:00 *zfs root 06:51:55 what's a goober? 06:53:31 I am also running root on zfs and wouldn't have it any other way. 07:01:22 Reinhilde: haha its just what I call boxes, computers, anything that I can install and boot something on 07:01:44 I have a few spare laptops that I could test on probably 07:03:00 rwp: I guess I just dont really know about the src installation process. I'm sure theres info about it in the handbook 07:14:05 kerneldove_: you should use /usr/sbin/daemon 07:17:33 ya eventually i will but tmux is working fine for now 07:30:40 specialbomb, Yes. https://docs.freebsd.org/en/books/handbook/cutting-edge/#makeworld 09:48:10 specialbomb: building from source is easy enough. If you have zfs, use beinstall(8) which will install the built sources into a new boot environment 09:48:11 perfection 09:50:00 when you're ready to build from sources feel free to ask for more info here. It's not hard to do, but there are a couple of useful *.conf files where some guidance is handy. 10:18:58 what are bursts of "Limiting closed port RST response ..." messages in /var/log/messages? 10:23:24 something is having fun with a closed port 10:23:42 look at log_in_vain to have those logged 10:25:45 ok ty. should i blackhole them 10:25:46 ? 10:27:27 I personally do 10:29:12 net.inet.tcp.blackhole=2 10:29:12 net.inet.udp.blackhole=1 <-- both of these settings? 10:29:54 add these to rc.conf 10:29:58 log_in_vain="2" 10:30:33 so don't set net.inet.tcp.blackhole=2 10:30:33 net.inet.udp.blackhole=1 ? or DO set those in addition to log in vain? 10:30:49 and do service netoptions restart 10:31:15 it does the same thing 10:31:49 i personally do a sysrc log_in_vain="2" && service netoptions restart 10:32:05 vs adding stuff to sysctl.conf that aren't already a rc.conf arg 10:32:56 remembe doing sysctl bleh.blah.bleh=x will not make it perm until you add it to /etc/sysctl.conf 10:34:41 you also have some other options 10:34:51 you can lower the threshhold or increase it 10:35:05 net.inet.icmp.icmplim: 200 10:35:16 sorry i guess i'm dumb i didn't catch if you set net.inet.tcp.blackhole=2 10:35:17 or you can disregard those msgs by doing 10:35:17 net.inet.udp.blackhole=1 or not? 10:35:31 net.inet.icmp.icmplim_output: 1 10:35:36 setting that to 0 10:35:55 setting log_in_vain="2" 10:36:05 and restart netoptions does exactly what you doing with that OID 10:36:52 log_in_vain="0" # >=1 to log connects to ports w/o listeners. 10:37:19 er no sorry 10:37:25 youre right hah 10:37:50 yeah add those blackhole= as mentioned before 10:38:08 log_in_vain logs those connection attempts 10:38:24 blackhole just makes it so it doesnt respond and appears to hang 10:40:13 net.inet.tcp.icmp_may_rst=0 10:40:22 that may or may not break things but it helps 10:41:39 I am guessing you do have a firewall setup ? 10:42:32 * cpet pokes ketas 10:44:13 you have come here 10:44:15 ya i have a fw 10:44:33 it's ports that are sometimes used, and hence open to the fw, that are getting probed, i imagine 10:45:06 i got the bios updated so now we'll see if 14.3-p5 still core dumps 10:45:31 thats part of having something online 10:45:31 limiting rst is antidos feature 10:45:54 ketas ya and it's a good feature, but i was thinking about just blackholing entirely, with net.inet.tcp.blackhole=2 10:45:54 net.inet.udp.blackhole=1 10:46:05 i already have udp blackhole, was thinking about adding tcp blackhole 10:46:08 log_in_vain is overkill but im curious whp probes my closed ports 10:46:27 ya i personally don't care who i just wanna cut noise in logs and network traffic/work for server 10:46:39 well you can fw block it too 10:46:49 how so? i use pf 10:46:51 block icmp 10:46:58 but then i can't ping can i? 10:47:07 you can allow those 10:47:30 pass in on $ext_if proto icmp icmp-type echoreq 10:47:32 etc.. 10:47:50 guys what's up 10:47:54 blocking icmps eh 10:47:58 hmm 10:48:03 if you alow icmp out you can ping 10:48:10 * cpet blocks ketas 10:48:26 * ketas passes ir 10:48:27 it 10:48:58 ketas you said it can be blocked in fw, how? 10:49:23 just drop it all 10:49:31 what is 'it'? 10:49:35 drop mic like it's hot 10:49:42 icmps? 10:49:56 you wanted to block tcp? 10:50:02 i think ping uses port #4 right? 10:50:10 4 and 8 10:50:20 echoreq echorep 10:50:25 icmp haz types 10:50:27 haa 10:50:28 has 10:50:47 some people block icmp some people don't 10:50:57 some people block pings other don't 10:51:10 yeah I like those who don't 10:51:10 some peole set drop-policy to drop others don't 10:51:13 but you can block all in fw 10:51:29 can block flooders by ip too 10:51:46 that could backfire but 10:51:54 i would ask to post your firewall config 10:52:03 but these days people are weird like that 10:52:13 about* 10:52:18 sysctl net.inet.tcp.blackhole can be set to 3 as well, must be a new 1. Setting net.inet.tcp.blackhole=3 extends the behavior of value 2 by also dropping unexpected segments on listening ports without sending a RST, offering further protection against certain scanning techniques 10:52:34 a new 1 meaning new option 10:52:41 yeap 10:53:30 man -P 'less -p " overload "' pf.conf 10:53:48 is an option 10:54:15 3 is new 1 :p 11:16:51 I like that one 11:17:37 but not the other one 11:20:38 hur 11:35:34 Hi 11:35:59 Hi 11:36:18 My Znc is broken for about month 11:36:37 why dont you fix it ? 11:36:42 why did you wait so long 11:36:54 it's not mine ircnow 11:37:29 oh well that would do it 11:37:55 My problem now it's not that ZNC 11:38:29 Ok what is the problem now 11:38:51 I don't know what is happening on the internet the last 10 days 11:39:04 neither do we 11:39:13 we need them logs 11:39:35 anyone here uses hosting like Linode or something like that 11:40:03 i run a VPS on contabo in germany 11:40:27 I use Vultr VPS, cheap but correct 11:41:14 cpet: be careful we may face legal problems if you didn't super secured your server from AI 11:41:40 it basically just runs a ircd 11:41:47 I will explain 11:42:17 * cpet gets some water, a NOS and some chips 11:44:04 AI is basically a information miner, if you host things that aren't yours well thats on you not AI 11:47:17 ketas: guess we lost him 11:48:46 wreh? 11:50:13 still waiting on this so called legal action 11:53:16 cpet: there is an organized AI bots attacks that happens from September (I think from July but it was lesser) till now, but now it's stronger.. On 8 Nov Linode contacted me (but I didn't read the msg :p ) saying that there is an physical problems on the server that runs my service (I am sure it's only me).. and they will move it to a new one, after the move on the next day 9 Nov.. a ToS... 11:53:18 ...Violation msg sent to me (I also didn't notice XD ) saying that some company in Spain "comvive" works on security and hosting, is listed my server IP within the last Ddos happen on them.. also the next day 10 Nov, some really weird mail service in Italy "tana.it", is listing me in login-attacks (trying to access some of user account).. also didn't that.. I noticed on 11 Nov, when my... 11:53:19 ...website is went down.. and my sim card no more works.. I noticed many international calls from India (that Spain company have data centers in India) and Spain... 11:54:20 yeap this is the wrong place for that 11:54:48 wha 11:55:17 yeah, looks like.. but do you noticed any heavy attacks on ssh, irc or http last months? 11:55:37 nope 11:56:52 The more weirder is that on the same day 8 Nov many data centers in India having heavy traffic problems.. also in Us-east Georgia 11:56:53 guess someone is a victim of "install it and forget then complain when weird things happen" 11:57:36 cpet: they used a php RCE 11:57:44 how did sim enter this picture 11:57:56 I scanned all my server and it's clean 11:58:26 ketas: those company wants to take legal action.. if I didn't move 11:59:50 I have also many strange reports from weird numbers in last two days on my number.. so my sim card company took an action 12:00:39 oh that way 12:00:47 ketas: I also I feel that linode given my contact information to them.. 12:00:50 the fuck tho :) 12:01:29 bec. I have two numbers on my account linode.. the two numbers the same thing happened to them 12:02:23 thay send +700K request testing many exploits in less than 2 hours, until found the perfect one.. 12:02:43 wait your vps got owned? 12:03:02 yeah 12:03:25 and they used it in nearly every way they could abuse 12:03:53 hacked other servers, used as Zombie in DDos and login-attacks 12:04:12 only in few hours 12:04:22 eh 12:04:35 phones, tho, still? 12:04:47 who bans admin phones 12:04:53 My sim is disabled now XD 12:04:59 so no more calls 12:05:18 how did your vps being owned f with your phone? 12:05:30 ? 12:05:39 nvm 12:06:04 why does /var/log/messages have swap_pager: cannot allocate bio in it if system is only using 10% of swap? 12:07:13 think you are missing some of that message 12:07:47 well admins could be slow to respond, could at maximum take it down, nevermind the fucking with paying customer 12:08:16 no that's all of it 12:08:18 my vps have been hacked using some php RCE.. then after they abused my server.. and the affected companies contacted Linode.. linode gived them as I think my phone numbers.. calling me many times.. then some other strange numbers reported me and my sim is disabled now 12:08:28 php lol, switch to rust 12:08:37 mediawiki 12:08:39 and phpbb 12:09:01 who's the phone co? 12:09:08 ask them too? 12:09:26 "On November 8 2025, customers using services hosted in our Mumbai (in-bom-2) and Chennai (in-maa) datacenters may have experienced packet loss and connection timeouts due to an issue with a third party transit provider. " 12:09:46 they got owned too? 12:09:48 :) 12:10:10 this linode nearly all vps companies have the same problems 12:10:14 saaaarr 12:10:33 and all ips attacked me is from India and Indonesia 12:10:35 someone did the needful all over their datacenter 12:10:40 shocking 12:10:46 yeah 12:10:50 btw which lto i want if i want to play with tapes at home? 12:10:53 also in USA 12:10:57 6? 5? 12:11:00 George 12:11:01 just don't use php it suck 12:11:04 always has 12:15:47 this also affected cloud flare, and found some interesting article on bbc on the same day of the heavy attack 12:15:48 https://www.bbc.com/news/articles/cgr417pwek7o 12:17:28 Linode refuses to talk, and said to me the security of the vps is on the customer 12:19:00 why there's a constant water need in dc anyway 12:19:07 https://status.linode.com/ 12:19:11 using evap cooling? 12:19:24 you can also see here all their problems in last 10 days 12:21:22 +5 Emergency, not only them also there are many other vps in the same time have nearly the same problems.. this a bizarre international attack.. 12:21:48 So be careful 12:22:11 just find a smaller provider. screw big names like linode and hurdur 12:22:25 yeah 12:22:51 there's probably a 0 day hypervisor escape going around 12:23:14 vps is big risk. just get a cheap dedicated bare metal 12:23:18 from a smaller provider 12:23:30 I think the hackers got into one of the vps in the network there in india and entered every other server on linode 12:23:43 that would be fun 12:23:50 and all of this are automated by AI 12:23:59 crazy O_o 12:24:05 just use ai bro 12:24:06 reminds me https://techcrunch.com/2023/08/23/cloudnordic-azero-cloud-host-ransomware/ 12:24:53 entire infra was busted 12:25:07 even company mail :) 12:25:14 Retrofan, track down the guy that hacked your phpbb vps and murder him 12:25:30 heh, you mean AI 12:25:36 all of this are bots AI 12:25:37 an be solved :) 12:25:42 rm -f the ai 12:25:43 Ah 12:25:44 s/an/can 12:25:46 :) 12:25:52 flatdog: how are yout 12:26:15 met is good, no problem 12:26:24 write an AI bot that "murders" their AI bots :P 12:26:50 oroborus, the snake eating its tail. Cool idea 12:26:57 tho right now you can still target the puppermasters 12:27:09 But.. 12:27:18 isn't that what trollbots on twitter have been doing for years already, arguing between each other 12:27:35 The weirdest thing here the attack on that weird mail website 12:27:38 tana.it 12:27:42 fully outsourced outrage culture. love it. 12:27:51 it's a private one 12:28:05 flatdog: what if it reaches the head 12:28:16 problem solved 12:28:29 they attacked a specified users wants to read their private mails 12:28:39 no more headaches for hoomans 12:28:59 and I don't know if they are behind the weird reports on my phone number 12:29:25 Sim is no more usable now, need to go to the company 12:29:26 it's 2025 you don't have to be ashamed of calling The Manhole voiceline anymore 12:29:38 be out and proud Retrofan 12:29:39 a what 12:29:53 brb, wife said something about lunch 12:30:06 *hooman one 12:30:31 how did you source a wife 12:31:19 cannot remember, it happened 40+ years ago 12:31:39 laterz 12:32:07 wtf 12:32:10 lead_pipe23: romans liked you 12:32:15 ugh poudriere is failing to extract to /tmp/ today 12:32:22 * dch wonders what changed 12:32:22 i can't imagine living with someone for that long 12:32:35 i don't even like having weekend guests 12:32:50 good for them but to me having a family is weird 12:34:58 kerneldove_ likes aloneness 12:35:10 ya 12:35:26 i can't imagine having to negotiate my living conditions with another person permanently 12:36:38 Family is good, not bad 12:37:05 i see kerneldove_ in https://sociologicamente.it/wp-content/uploads/2017/12/3663-1012.jpg 12:37:11 i already said good for them, just not for me 12:37:40 nah i'm orderly that's a shithole 12:37:49 it's not like i 'never grew up' or smth 12:43:51 I also forgot to share my desktop screenshot 12:43:54 https://ibb.co/bRWJP22R 12:45:47 definitely strong late 90s flare going on there 12:46:19 hah 12:46:53 what the de? 12:47:09 nt3.5ws :p 12:47:30 I like that image looks nice on desktop 12:48:32 is that the freebsd port or an actual next system? 12:49:17 afterstep 12:49:23 never mind heh 12:49:39 Gworkspace running https://ibb.co/BKzMG6Zh 12:49:45 *Gnustep 12:50:03 I like after.. but the 2.0 version is unusable 12:50:11 well seeing how x11amp has been removed years ago 12:50:19 we may have found why your VPS was owned 12:50:20 :D 12:50:28 lol 12:51:02 not to mention staroffice was decomisisoned years ago as well 12:51:14 realplayer has been a thing since like what 2005? 12:51:36 think the only thing on that screenshot that is modern is the monkey icon 12:51:55 now since im bored lets do some digging 12:52:25 it was removed in 2015 12:52:40 mm so poudriere fails if WRKDIRPREFIX=/tmp but works if WRKDIRPREFIX=/tmp2 with identical mount params 12:52:41 wat 12:53:31 cpet: This not staroffice 12:53:38 why would you change the wrkdirprefix 12:53:40 this the leates Openoffice 12:53:49 I like the star's icon 12:53:56 ah i see 12:54:28 i kind of like libreoffice 12:54:32 cpet: so it all ends up in /tmp/ whether I build in tree or via poudriere 12:55:03 well check the mount options cause /tmp i think has noexec nosuid 12:55:09 cpet: to be honest I was using mediawiki version form 2012; bec I hate JS 12:55:10 which is all neded by poudriere to build 12:55:17 only if you use the rootless building 12:55:35 Retrofan: fail 12:55:41 yeah it fails in extract, which is very odd 12:56:13 never had a reason to do that i setup poudriere and use the html frontend 12:56:26 but phpbb was the leatest 12:56:43 I modifed a theme to be nearly 0 JS 12:56:55 Retrofan: php is bad anything thats not fixed ASAP will get owned 12:57:02 Retrofan: especially if you run wordpress 12:57:16 thios is why I use hugo 12:57:34 No wordpress heh the whole website is static web 1.0 html 12:57:45 last i checked nothing really can be done with vanilla html 12:58:24 I used a blog uses markdown, and heavy modified it to 100% static 12:59:01 That wiki never touched it since 2022 12:59:10 and I forget it 13:01:45 That attack is so dengrous they are not only attacking in one way, they nearly all protcols, AI scan for security holes and make bots test it 13:01:59 irc and ssh and http 13:02:03 and many more 13:02:37 So we now have clever worms XD 13:04:46 you are using old as hell software 13:04:54 then complaing your stuff got owned 13:04:57 ? 13:04:59 what teh hell? 13:05:06 phpbb is not old 13:05:15 only mediawiki 13:05:30 and they hacked both in less than hour 13:05:41 in less than an hour, counted from..? 13:05:55 I can see in logs 13:06:16 bots was trying many different ways 13:06:21 and found the right 13:06:54 i have considered writing my own forum software 13:07:00 It's only me hacked you can see nearly all the company have the same problem now.. 13:07:00 in Tcl 13:07:05 NIc 13:07:07 nice 13:07:13 not done it yet. but i should 13:07:28 make it html 3.2 13:08:27 my server also hacked many other servers, and acted as a zombie 13:09:21 may want to read up on properly securing your server 13:09:45 lol my server hacked 13:09:47 kind of curious of logs 13:10:02 ketas: dont confuse your server with your mind 13:10:22 my hacks are ok 13:10:30 Retrofan: i only ask cause my pf has blocked over 3k IPs 13:10:45 and a bunch of 404's from random php crap 13:10:59 ketas: what? 13:11:03 i don't even watch what mine logs 13:11:03 4.217.221.186|Wed 12 Nov 2025 06:59:52 -0600|404|961|GET /enclas.php HTTP/1.1|||Host: 13:11:07 etc.. 13:11:13 yeah 13:11:16 ports are funny too 13:11:25 it's and international attack 13:11:33 they are working from sep 13:11:44 but now look like they took over india 13:11:47 there's ALL sorts of scans nowadays 13:11:57 * cpet scans ketas 13:12:02 * cpet ketas has ssh running 13:12:04 ketas 13:12:16 I scanned 3 times using ClamAV 13:12:22 I am using linux vps 13:12:27 clamav is as useless as it gets 13:12:33 and nothing their 13:12:41 I think it's a 0 day 13:12:50 or somthing like SQL slammer 13:12:56 writes it self to memory 13:12:59 only 13:13:05 Retrofan: its not hard to random try thing and use them without anyone knowing for months 13:14:39 cpet: it only attack servers, I think that no one way; bec AI writes the code for attacking 13:15:05 and after get in it makes it attack other servers on company 13:15:23 gets in from where ssh exploit 13:15:36 then DDos some security services 13:15:52 and trying to hack some weird people 13:16:10 I think it's mafia or something organized 13:16:30 cpet: gets in from everywhere 13:16:53 i see 13:16:54 my ssh is super sucred and they tried and faild 13:17:04 but got in from php 13:17:06 it's AI 13:17:18 many ways many thing 13:18:13 The only thing I am scared of is they may stole my visa, like what they done for my phone number 13:18:28 my sim useless now 13:19:26