i'm tailing pflog and seeing a bunch of pass out messages, but why when the rules matching them don't have the 'log' keyword? i only have 'log' on 1 rule and it's not the rule matching these messages. my pflog tail cmd is tcpdump -e -i pflog0 -l -n -t fwiw

hmm

it's logging what's not specified?

rules are reloaded, right?

ya no "log" on these rules

yep

fresh install, fresh boot, 14.3p5

it's old state?

eh

got a sys you can try replicating on?

no

Can you pastebin your pf.conf and some example packets showing that behavior?

ya sec

V_PauAmma_V, termbin.com/8ws6

I'm at a loss as to what is going on here. I downloaded the mini usb image installer, installed with UFI mode, install went fine. On first boot, it still can't find init

there's a bit more that i left out to simplify but that's basically it. there's only ONE rule that has log on it

It panics, gives me errors, and reboots

Are there any known errors with the 14.3 images?

I should probably back up and fiddle in the bios. This machine had a freebsd install two years ago and it's just sat since I set that up and set it up as a backup.

no luck

kerneldove_, what does the rule that logs contain? I don't see it in your config.

the rule that has log in it that SHOULD be logging?

V_PauAmma_V, ^

All rules in your pf.conf would be best. Sanitize the addresses if necessary.

btw i removed "log" from that rule and reloaded pf service, those log messages are still going in there lol

i'm just gonna chalk it up to a pf bug and move on ty though

ping

yo

nice!

what's world

up*

sad about a pf bug you?

I'm alright, just had a hell of a time connecting and registering with Libera

ya it sucks

miss the days when you could just /connect

yeah it was simpler before

what's your of bug

Spammers and trolls ruined it for everyone.

i'm tailing pflog and seeing a bunch of pass out messages, but why when the rules matching them don't have the 'log' keyword? termbin.com/8ws6. my pflog tail cmd is tcpdump -e -i pflog0 -l -n -t fwiw

meh there was that before. i think some ppl became hypersensitive and couldn't take the heat

went authoritarian

ppl online now never woulda made it in the 90's

there is also AI fucking up the internet big time

Yep. A lot of channels are limited to registered users specifically because of spammers and LLM's.

Not that they can't get around it. But, it slows them down a little.

plus now hardware becoming more expensive

15 will be released soon I mean scheduled

Couple weeks.

2 November last I checked

That's still the word on the streets.

!kerneldove_ set state-defaults no-log

trying...

v01d, you sure? i get syntax error on that

hmm

state-opt = ( "max" number | "no-sync" | timeout | "sloppy" |

"source-track" [ ( "rule" | "global" ) ] |

"max-src-nodes" number | "max-src-states" number |

"max-src-conn" number |

"max-src-conn-rate" number "/" number |

"overload" "<" string ">" [ "flush" ] |

"if-bound" | "floating" )

no no-log. from pf.conf

man page

got my hopes up :/

it needs to be placed before your rules

ya it is, doesn't work

it's not a valid state option in freebsd pf

where are you seeing it documented?

you might be picking up docs for openbsd pf?

set skip on pflog0

that didn't bork syntax, but didn't work

pass out quick on $ext_if inet from !($ext_if) to any nat-to ($ext_if:0) no state

add no state

don't i wanna keep state tho?

you sure it's bug

ya. other rules that match but don't have "log" don't create a log entry

I'm a bit lost

ya it's weird

ty for trying

kerneldove_: are you progressing with PF configuration ?

no, no solution to that bug mzar :(

perhaps you can switch to ipfw

i plan to eventually since it's the first priority freebsd fw, but i don't have time atm

after i migrate to 15 probably

anyone else migrated from pf to ipfw? glad you did or?

is anyone currently using pkgbase?

I'm reading the PF book and also got MWL's email hosting book. I feel like I'm doing the tech book equivalent of watching youtube videos about how to draw instead of drawing

just try stuff on your own man

no need to consult a book except for extremely complex subjects

eh, I feel like email is one of those

the firewall one... yeah I should have gone for a tutorial first. Oh well.

I got a lot of value out of Absolute FreeBSD so I've been skewing towards books

20 years ago I took the time to train crm114 discriminator on my mail for spam and ham. it's been doing a wonderful job ever since

sometimes trends change, like suddenly reciving thousands of south american messages, send a few for training to crm114 and that's that

...if anyone is looking for an extremely lightweight, highly accurate spam filter

at my day job I used to submit a bunch of spam samples to Barracuda Networks. and their subsequent signature updates never improved a damn thing

your book recommendation reminded me of a trend I noticed among some young people, wiki.futo.org/index.php/Introductio…inute_presentation_by_FUTO_software

> ""By running your own email, you seize control of your communications." -mwl

they are trying to seize control of all their data

I'm very slowly hopping on that train

Installing LibreOffice and kicking Google Docs to the kerb, and I'm sending a UK business £3/month to run my email for me

one day I'll do the big push and get my ass off iCloud and google

I'm also using blu-rays for backups of my music collection and my photos, because hackers can't delete your blu-rays

one of the main things I did was cancelling my Spotify subscription at the start of 2022 and switched to buying albums. At this point I have all the albums I used to stream, plus a bunch more, and for a lot less money

Which reminds me, today I'm supposed to be setting up the spare box with Freebsd-15-BETA5 and getting at least one jail up and running.

well, after checking if RC1 came out I guess

Buying albums is actually really good, since it supports the artist a lot more than streaming services

yeah

wish Bandcamp wasn't owned Epic Games but I still buy from them, and from Beatport

yup. CDs are great as well

I used LibreOffice back through StarOffice, OpenOffice.org, and Apache OpenOffice, and kind of always hated large parts of it, but after our work machines were forced to Office365 and shit like that, LibreOffice fell firmly in the "this sucks, but it sucks in a predictable, consistent way that I am used to for 20 years" bin

and this ended up being so much more manageable than actual MS Office

Honestly, agreed. I wouldn't write my thesis in LibreOffice again, but it gets the work done for smaller projects

like 20 years ago, I did a very large school project on OpenOffice.org on a Pentium with 32 MB RAM

this was painful, but functional

other cool little factoid: LibreOffice Draw can open a PDF and edit it at the object level

anyone else migrated from pf to ipfw? glad you did or?

I've migrated the other way around, I find that pf gives more flexibility

though I might just be bad at using ipfw

ipfw add 65534 deny log irc from kerneldove_ to any via #freebsd

kerneldove_: didn't actually use ipfw now for I think 15 years, moved to pf for the most part myself, but hey, that's just me, ymmv

i'm tailing pflog and seeing a bunch of pass out messages, but why when the rules matching them don't have the 'log' keyword? termbin.com/8ws6. my pflog tail cmd is tcpdump -e -i pflog0 -l -n -t fwiw

Should all the bit be in place to support freebsd-updating 9.x to 10,11,12,... ?

freebsd-update serves don't drop EOL releases?

Is there a way to find out the amount of changes (bytes, blocks, whatever) that have been written to a pool after a device was offlined or removed? I'm trying to come up with a way to attach, sync, and detach my USB drive only when the changeset is larger than a certain value - to avoid slowing the machine down too much the rest of the time.

seems like you'd need a snapshot made at the time of offlining/removing

Hmm, capsicum seems really hard to use with sqlite, given most libraries open a connection string and wal creates files.

hodapp: yes, i would agree

hadret: that's a dependency I'd prefer to avoid :-/

Hmm, zed(8) referenced by zpool(8) doesn't exist..

All of this talk about using LibreOffice and other programs to write papers and theses (I had to look up the plural of thesis) seems odd to me who would most naturally reach for LaTeX for it.

Ltning, A snapshot could be created and then look at the space it is consuming to know the difference between it and the current file system and then use that size to trigger an action.

yea I was thinking of using zpool events -f to pick up on device removal/add, but I also have automated snapshots that may be created after I create on upon detach, which will prevent my "watched" snapshot from providing useful data

rwp: And that's what I did the second time around. The main reason why I didn't for my bachelor's thesis were time constraints and being afraid that I wouldn't be able to learn to use LaTeX in time. For my master's thesis, time constraints were the reason why I decided to go with it, to allow me to actually focus on writing the thesis and not having to fiddle around with it all the time to make

it look good :D

Being able to just cut and paste a bunch of paragraphs and move them around freely, with no delays or glitches, was extremely liberating

my filesystem has developed an undeletable file; fsck diesn�t help

what happens when you try to delete?

it says �operation is not permitted�

I've had a ZFS filesystem develop non-deletable files before.

DaliborFox, "... was extremely liberating" I am not sure if you are talking about LaTeX or LibreOffice there and I am really curious as to which it is at that comment. :-)

rwp: LaTeX; in Libreoffice, if I were to move a paragraph of text, I'd have to wait a good 20 seconds for it to update, slowly scroll to the point where I want to insert it to, paste it, wait for it to render, and start fixing up the broken formatting and links, oh boy

sjjd, Is the file immutable? What does "ls -ldo" on the file say? Use "chflags 0 file" on the file to remove the schg flag?

DaliborFox, That is my experience too! :-)

sjjd, By default FreeBSD installs with a list of some files that they set the schg (system-change) flag making them immutable. /I/ wish these were not set by default as it seems redundant to me but whatever. You can find them with this find command.

find . -flags +schg -exec ls -ldo {} +

This often gets bumped into with deleting a jail directory. The schg system-change immutable flag needs to be removed first.

chflags -xR 0 /jails/sys1

rm -rf /jails/sys1

yes, it shows the word �schg� in the listing

That's the reason for the "operation is not permitted" when trying to remove it. It's not permitted! :-/

�illegal option -x� rwp

Huh? "man chflags" -x Do not cross mount points

s/mount points/streams/

is there an easy / reliable way to see if a host is pkgbase? preferably without a pkg info call

-current @ arm64 is broken:

In file included from /usr/src/stand/efi/fdt/efi_fdt.c:31:

/usr/src/stand/efi/include/efi.h:47:10: fatal error: 'Uefi.h' file not found

47 | #include <Uefi.h>

mailed warner

hodapp: is /home a symlink to /usr/home?

I was able to get my new install to boot, but I have to remove my SATA card for my zfs pool.

wipt, why?

what's up in here

kerneldove_: have you figured out your pf issue

no sadly

sad I could not help

atleast you tried bud

have you tried that on FreeBSD forum

I think you'll have more help there

rwp, re: SSH static address via a tunnel> I hope I understood the first part: I log into my home machine, and open a referse tunnel to the pubnix. I have done that and made sure the pubnix port (5119 in my case) is indeed taken. But I don't understand the rest: why can I not, now that the reverse tunnel is open, simply ssh pubnix:5119 ?

I have also noticed that `$ service sshd restart' does not show any error message, but does not restart the service (because a normal users cannot do that). Is it the expected behavior of the service command? I'd expect it to print an error message...

BarnabasDK: If I leave the disk controller connected, FreeBSD won't boot, it panics because it can't find init

on my hand I have a memory issue, I constantly run out of swap space and drm0: [drm] Error atomic update failure on pipe A

v01d, maybe i'll try that ty

kerneldove_: yeah there is sections on the forum for firewall issue and more experienced user me

the zpool hasn't been imported, so it shouldn't be looking for the init on there. I had FreeBSD installed on this machine with the same setup awhile back without issues, and I had the same conctroller in another box next to it that's been going for a long time.

kerneldove_: forums.freebsd.org/forums/firewalls.44

still looks active which is cool

kerneldove_: the forum or your firewall?