into the center of the stack insiiide

Hmm task failed successfully moment

capturing success logged error output

Yeah

The RTW doesn't show up in ifconfig, it only shows in the bsdinstall tui

old lenovo hw-probe: bsd-hardware.info/?probe=497a7e92e4

Volume up but nothing from beep

Houston we have WiFi!!!

JetpackJackson: roger that

I used the handbook and some forum posts to get it working (mainly the the handbook)

godspeed JetpackJackson

:3

Brb gotta feed the cats

that's A-ffirm JetpackJackson

I did docs.freebsd.org/en/books/handbook/…twork/#basic-wireless-configuration but used rtw880 in place of the example

honestly i haven't configured WIFI on fbsd myself but from what backlog I can see it's a pain for a lot of people

Yeah that's what I've seen too

Audio is gonna be my next task

I got sound to work using my headset this is awesome

Luanti works too

I love it

ant-x, You say that like there was any doubt! :-)

Huh weird my Xf86audio* keys only register as such when I press alt plus the key, instead of fn...

I wonder if that's why I can't change the audio volume with a niri keybind

That's a tomorrow tinker

:3

I'm so happy I got audio and niri and WiFi working

i spent a lot of time today trying to write an rc.d/my_program service script for a little program i wrote. I wanted the program to launch as a specific user that had the permissions required to access a directory (I more or less got this working - still not sure if I did it right). My program binds to a socket @ <IP>:80 but i could not figure out for the life of me how to do that without running

as root

I am definitely not the person to ask about that, I have not tried to write a service yet

i enable mac_portacl module and gave the user permissions like this: `sysctl security.mac.portacl.rules="uid:1002:tcp:80,uid:1002:tcp:443"` but it still wouldn't let me bind to the port

It seems like it shouldn't be as hard as it has been for me - for some reason though i just can't get it

Hmm maybe sleep on it and come back to it in the morning? (Depending on your timezone ofc)

yeah i'm reading up on an article covering rc scripting and looking over the manpages

Well that's good, the man pages are really good from what I've read so far

yeah I'm in the process of getting to now freebsd coming from linux for the last couple years and the manpages here are to die for

know*

Oh nice

This is like my first/second day of trying out FreeBSD lol

nice, I'm thoroughly enjoying it myself

Same here

when i will terminate to install linux on my boxes? i need docker and good mehaniker

Maybe I should add this laptop to the wiki page for laptops

I should run another probe now that I configured the WiFi and sound

why is the command 'pwd' but the man page says current working directory, not present working directory? either update the man page to replace current with present, or change the command to cwd, no?

maybe the p is for print.. so print working directory

It most certainly is an abbreviation for "Print Working Directory".

ah ok tyvm

just got a checksum mismatch msg to /var/log/messages from zfs on nda0p3.eli. is my drive bad or?

have you scrubed your pool?

nah it just happened. should i? it's a 1 drive stripe fwiw

There is no RAID? It's just a single device? Then likely that will indicate data loss.

I would start a scrub. Then it might resolve itself or it might not.

ok scrub done. so does that mean the drive is going bad or is that normal?

We don't have enough information to say yet either way. It's still something to watch for and to gather more information.

Did the scrub show a clean read of everything? Or did it report errors?

What type of device is this? What does the SMART data say? Run a SMART selftest and look at the result of it.

zpool status says one or more devices has experienced an unrecoverable error. an attempt was made to correct the error. applications are unaffected. scan: scrub repaired 0B with 0 errors

errosr: no known data errors

but cksum column has 2 for nda0p3.eli

Hmm... I would probably "zpool clear" the error since it thinks the scrub had no errors. Then I would run a smartctl -t short /dev/nda0p3 and then after waiting for it to be done run smartctl -l selftest /dev/nda0p3 and see what it says.

smartctl commands fail saying unable to detect device type

specify device type with -d option

it's a nvme ssd fwiw

rwp, "You say that like there was any doubt" > Yeah, there is often doubt on my side, and the syntax with nested ssh calls is difficult, and target server of the outer invocation does not matter becauuse ssh -W performs the connection.

Oh, NVMe, no support for SMART there.

ant-x, Right. But *I* knew it would work. :-)

Good for you!

If you move the option from the command line into the ~/.ssh/config file then the server name will matter because it will be used to select that stanza from the config file.

Just an alias.

And how am I to keep the reverse tunnel open -- in a screen session?

I use autossh to manage it. It's available as a pkg.

It's really late here so I will be saying Good Night until tomorrow.

rwp, thans, and good night. I wondered if an reverse tunnel could be opepened in an init script or a @boot cronjob (if the FreeBSD cron supports @boot).

Hello, all. My old machine has an Intel Pentium 4 CPU, according to sysctl. Does FreeBSD have tools to let me now the exact model of the CPU, to save physical disassembly?

lscpu

usually just printed in dmesg output

sysctl hw.model

carneous, dmesg only says it is Interl (R) Pentium (R) 4, but I need to know the exact model to know how to throttle it (if at all possible).

deconfed, lscpu -- thank you.

I should see if I can put more ram into the lenovo

Hi

Cloudflare is now going donw

*down

Look like the rate of hacking and outages is increasing these days..

Yo I can put more ram into it

Nice

I should figure out how to use this thing as a sort of thin client

Yeah, We've got local elections in .dk, and the russians have targeted "us" 'cause of the support for .ua

Thought it might be that, but turns out it quite more than that.

yeah worldwide mafias is doing very huge work these days..

Can't help but notice the similarities in lists of companies that have laid off people in favor of using AI, and companies that recently have faced outtages.... Not saying it's 1:1, but....

AI needs huge resources

Also more hack able

we are playing with fire if we believe in a thing as stupid as "AI"

it's not that humans are all born without any sort of potential

but by teaching the chimps the theory of evolution, they are going to only look back at inferior species and refuse to evolve any further

The "I" in AI is a groce overestimate :)

Great marketing, though.

Re-naming Artificial Neural Networks to make people think it's some sort of sentient servant or something.

Artificial Large Language Model doesn't sound as convincing

Just heard at the ${OFFICE} - DownFlare, CloudFail(ure)

They had many problems the past months

also they affected in the outage (hack) of data centers in India

it's such idiocy to believe that ML can produce something that is both "intelligent" and "math-proficient"

it's very very difficult to teach an ML model to do math although techinically it runs on a computer

but these investors seem to be very much buying into that c**p

I see there is a release branch for 15.0 now! only a few more weeks until its released!

Can't access 60% of websites now due to that

:/

dont run cloudflare kids!

wait

JetpackJackson: are you the same from XMPP?

Yeah

Didn't know you were here lol

It's making easy for hackers to get down most of web by just hacking one serivce

I literally talk about BSD endlessly, where do you think I would be :P

Lol true

JetpackJackson: whats brings you here

Retrofan: its worse than that

CF decrypts (and likely stores) all TLS packets

polarian: wanted to try FreeBSD lol

well, welcome!

It's fun, I'm enjoying it

Thank you

heh leaked data XD

cloudflare sucks

So everyone who uses cloudflare, think of all those financial transactions cloudflare can see

they literally know everything about you :)

my infrastructure is proudly hosted without CF

Nice

also I feel cloudflare has become big out of the fear of DDOS

but big botnets have taken out cloudflare before xD

I am using CF to prevent another hack of my server :(

Retrofan: sarcasm?

reddit.com/r/CloudFlare/comments/1p0abms/the_entire_internet_lol (:

No

no worries, FreeBSD is still cloud-free

I don't know how to stop hacks of my servers

they are huge

have you been pwned ?

and I am using linode which they got attacked few days ago

JetpackJackson: if you want to hang out with some BSD folks (across all 3) checkout #bsdcafe which is now bridged to the bsdcafe matrix

its a cool community

mzar: would explain why the ports take weeks to hit repos

lol

Oh cool, thanks!

I think hackers are targeting India and west Asia

polarian: they hit just in time ;-p

mage: yeah looks about right

many AI datacenters are there

where ?

you have to fence them Retrofan

and in 8 Nov most of Indian datacenters was down

now, when LLMs are idling , we are saving about 1.5% of the global electricty

Yeah good

and saving water

prbobably too

Retrofan: cf is a phacking traitor

it opens the backdoor for google to crawl the site but lock the thing down for the rest of us

it's "technology" is of no big deal. any site admin with any technical skillset knows how to make something like that.

its8

its*

OMG Cloudflare. I need to think it better. Cloudflare is down so my sites are down. It can be a simple fix only if I was able to access the dashboard and disable the protection. But hey, dashboard is down (:

I guess I can turn off the protection via API, but guess where are those API keys? My fault.

Capio|Yaazkal: enigma.m2m.pm/cf.png

armin: oops

A big shout out to the folks at Fastly for providing a fast and reliable connection for me to download FreeBSD with today

Hi there, have anyone tried www/ladybird browser ?

zip, indeed. I for one am long accustomed to fast, reliable, and unlimited interenet (although it may change any time), and have forgotten it is not everywhere the case.

ant-x: first internet i had was a 14.4 modem connection later upgraded to 33.6 and then 56k

downloading freebsd then going to bed then gambling if it finished or not

was always a pain :)

hmm has anyone here used platformio on freebsd? i can compile a blink example for the nano but not a hackpack code that uses a library. i used trombik's toolchain github repo to get it to work so im confused why platformio is only sort of half working? like i can compile the code fine on linux so i know its compileable

god, memories of downloading 100mb worth of slackware floppy disk images over dial-up

JetpackJackson: just because it compiles doesn't mean it works

zip: :)

cpet, mine was formally and nominally 56 kbs, but in practice it hardly reached 30-40.

Capio|Yaazkal: The API would also be down

cpet, download managers to the rescue, e.g. Reget.

cpet: true

ant-x: DSL was the same way if you had a noisy line DSL sucked

I guess I'll figure out bhyve today

ive only played with Arduino IDE

JetpackJackson: could use the linux version with linux emu or the windows client with wine

installing a VM for 1 program seems over board to me

Alright

cpet, yet people seem to be routinely running single program in containers.

actually it's python so as long as all the modules are installed it should work with little mods

ant-x: and interestly enough docker has no maintainer :)

Wow!

why use docker when you can use OCI

JetpackJackson: does this run on top of VSCode ?

Idk I'm just using the cli

It's built on top of Microsoft's Visual Studio Code – free, open source, and MIT licensed editor

oh screw that then hah

Oh the arduino IDE

oh, the entire net went down ....

cpet: I have DSL :)

works fine, better than the coax in the area

but im lucky :)

well lucky DSL wise, not with the fibre postcode lottery

nerozero: nah just cloudflare

@polarian, look logs 20 min ago

> Hi there, have anyone tried www/ladybird browser ?

CloudFlare having a bad day.

?

CrtxReavr, yeah, 3 hours down

polarian, like 30-50 people disconnected in 2 sec

cloudflare ruined normies lives today

Odysee was down too

so did docker

I was thrilled to not be stuck on DSL anymore. I paid for "fiber" and it was 50 megabit VDSL to an exchange in the neighborhood.

well, it was 50 megabits *after* arguing with the ISP for multiple weeks that when their modem was showing me right in the logs that it was only getting a 10 megabit pipe down, it was a problem on their end, not on mine

but they refused to investigate until they sent a tech out. the tech did 15 seconds of tests and then corrected the error on their end.

ph@ck CrtxReavr CF

it's turning the internet into "an App"

hodapp: a tale as old as time

imagine doing exactly the same thing as AWS cloudfront but running it as the business of a company

lame is the right word

but luckily have actual fiber now! and I left the coax line in place, in case I gotta switch

Then again I have seen some of the reports normal users send in to friends in the buissnes

coax corrodes. . . it's just a matter of when, not if the ability to carry a viable signal will degrade.

CrtxReavr: what kind of time-scale are we talking, though?

Let's see. . .

I had cable internet between 2000 & 2020. . . had to get the coax between the curb and the side of the house replaced at least twice.

Plus, there was multple service calls where they could just cut ~10cm off the ends and re-crimp.

cd ..

I do remember adsl over string

ah, there it went my cd..

Could be worse, it wasn't sudo...

I still very much remember my worst typo ever. . . and it wasn't even as root.

I was in my homedir, and I meant to type something like 'rm abc*' but instead typed 'rm abc *'.

I just remember this down that big on CloudFlare since using it (many years). But unfortunatelly I can't thing of an strategy if this happens again. I mean, I have domain registered, DNS and proxy with them. Maybe registering the domain elsewere and having the change to change NS server if it happens again. Unless there is no way.

s/thing/think

hodapp, this photo amuses me: trioptimum.com/~crtxreavr/tmp/3gen.jpg

It represents four generations of Internet connectivity in my neighborhood.

From left to right, POTS (sorta) for dial-up & iDSL, Time-Warner/Spectrum cable, & Google Fiber.

CrtxReavr: supposedly(tm) we will get AT&T Fiber around here soon. I haven't gotten any clue on whether they're running their own fiber (which seems unlikely) or reusing the existing fiber that the other big ISP already owns (which also seems unlikely)

or using coax and going "LOOK IT'S FIBER"

CrtxReavr - is (your?) dog about to comment about your neighborhood's internet connectivity?

my cat has definitely sampled the internet connectivity sometimes

by chewing on cables mostly

comment about or "comment" on?

yes :-)

Hmm I think I can use platformio to download libraries that I can then put into /usr/local per wiki.freebsd.org/Arduino

daddoo, I don't think she (the dog) ever chewed on network cables, but she went through a phase where she chewed the shit out of several power adapters.

ouch

This might be a dumb question, but how do I run programs in a rocky Linux chroot? Like I can't seem to install things in the chroot to run

you need enough of an operating system for it to work

I thought that's what the rocky Linux package did

Like I did chroot /compat/linux /bin/bash and theres barely anything there

hm. you've got your linux proc and sys filesystems mounted?

oh hang on – I'm misunderstanding your problem a little. You've got bash running fine but it's other software you need now?

Correct

Like I can't even find a package manager lol

In the chroot

For Rocky Linux

Hmm I got an Ubuntu jammy chroot working

So thats nice

I wonder if Theres a way to use arch instead

JetpackJackson: create a Linux jail

JetpackJackson: wiki.freebsd.org/LinuxJails

Is there a debootstrap script for arch?

nope

Darn

Well at least I got platformio working on the Ubuntu chroot

if you are picky on the linux distro then install in bhyve if youre like me and just want x to run debian it is

Oh

Ok

as I think ports only has redhat9 as the default linux emu in ports

cent os 7 or redhat 9

I just realized its pronounced "beehive" and not "bye-vuh"...

Ah

Idk if this laptop is beefy enough for virtualization

seeing how you basically compile the OS when you install arch

i dont think that would work

linux.mk does mention rocky linux as well

heh cent os 7 is deprecated so the only option is rh9

I thought Arch was all binaries. Gentoo is compiled.

Yeah arch is binary except for the AUR

void linux is both, its similar to FreeBSD in that manner. you can build the world and all packages, or just download binaries from a mirror

void linux is 11.3 silly little guys in a trenchcoat

ive used it for a long time now, heh

i remeber i compiled the kernel as I installed it

but this was 2005ish

the only linux I use is endeaver and virtualbox to run windows 11 for school as bhyve had issues with tpm

to run this fingerprint comparing app

ah, tpm. bleh

which later runs in wine

but since I have 2 extra 1 tb ssd's i install that on one

Hmm why did my disk usage suddenly increase

jails are big

Yazi?? Why does yazi pull in all of noto-fonts and zoxide?

Those are optional deps

interesting how my first computer had a 2GB drive

these days you can get a 4tb drive for about 100 bucks

and people still get annoyed when an extra 100 megs of packages are installed

heh

In this case its 6gb

tank/ROOT/default 820G 15G 805G 2% /

On arch it depends on just gcc-libs and nerd-fonts-symbols

i will never fill up those 820G

but its a z2 with 4 disk so disk io is nice and speedy

JetpackJackson: you could compile your port using portmaster and change the options

I should share my pool size when I get home :D

AUXTOOLS can be disabled

but on a side note if you are runing freebsd in cli learn the cli dont use something that compares to midnight commander

cpet: oh ok

JetpackJackson: sadly with pkg's you can't please everyone but thats the nice thing about poudriere and portmaster

just takes longer

Hmm OK the thing is that nerd-fonts installs all the fonts but I just want symbols

Idk I'll play with it later

JetpackJackson: what exactly are the symbols ?

cpet: font symbols

Hmm how can I tell poudriere to get the quarterly branch

use separate ports tree

Im only setting up one tree

OK

so switch the branch

How

deconfed, "lscpu". Thanks, my lscpu dump is here: <paste.c-net.org/CadmiumAbruptly> . powerd fails to start with: "no cpufreq(4) support -- aborting: No such file or directory" . The man page for cpufreq is in section 4 and documents a C API, listing several frequence drivers, including p4tcc -- Pentium 4 Thermal Control Circuitry. How can I make sure whether my CPU supports this (or any other throttling method), and if it does, how can I use it in FreeBSD?

ant-x: that's 32-bit CPU

Yes.

mzar: I mean via poudriere but ill try that

pourdiere is only a factory JetpackJackson

my shift is over, Good Night

g'night, mzar.

ant-x: if it was supported than probably best version to test would be =< 10.0-RELEASE

Ouch. At this stage, I'd rather get a better fan and cut down its powersupply with a series resistor for added silence.

When a new FreeBSD release is coming out, how are the administrator informed which parts of their hardware are no longer supported?

If FreeBSD supported my CPU circa version 10, why would 14 not support it, if still has a i386 build?

Release notes.

ha.. that's hard to answer, the only answer that comes to mind is: panta rhei

maybe you can try booting NetBSD ?

Sure I can, only I don't like switching OSes as sight of problems -- teach me bad habits, and drains my energy.

mzar, why did you mentioned NetBSD in particular?

A totally different question: if I got me a free third-level domain name, and a static IP on my router, what are my next steps in establishing a web server -- set up some name server, such as bind?

ant-x: I thing the right answer is: you neglected it, instead of running FreeBSD on this laptop and reporting issues you skipped this part and guys removed, or rather changed the lines of code your equipment was realying on

so it's your fault

s/thing/think

When did this happend, I assmebled and started this ancient computer just a few days ago!

yeap

hello cpet

you have to proceed with this troubleshooting further, my shift is over, bye

It nice to hear, however, that the devs may be paying head to the users of FreeBSD on old hardware.

g'night.

you cant expect software to work for everything forever

especially when you can run 32bit apps on 64bit as well as compile 32 bit apps on 64 bit

Ports reminds me of when I ran gentoo

gentoo got ports from freebsd

Indeed. But I had the impressions *nix was often used to bring old hardware back to life. This can't last forever, of course.

think the poriginal dev had some issues and created gentoo

or some damn thing ?

ant-x: thats why we have netbsd

cpet, is NetBSD more compatible with old hardware?

yeap

Thanks, mzar and cpet for bringing NetBSD to my attention.

Chancec are I'll migrate my stuff to NetBSD in good time.

we use netbsd's bmake as well as blocklistd and some other stuff so

programs originally developed on/for NetBSD?

yeap

the BSD's actually share quit a bit of code

a lot of wifi drivers come from openbsd

Still do, after no many years since the forking out from BSD?

i have a copy of 386bsd on my ftp thats interesting to read

Hmm I might need to make a portfor the symbols font and then modify yazi to use it

cpet, read the source?

yeah

Idk I'll think about it. I dont want to get too crazy with configuring ports cause I did that with gentoo

What is the lightest and smallest name server available on FreeBSD?

as in authoritative DNS server, I mean.

ant-x: nsd

Interesting. From the docs it seems that bind was the original FreeBSD name server.

once upon a time it was included

now its been replaced by unbound

which never works for me

due to my old school mindset I still install bind-tools

But is unbound meant for authoritative use?

no its just a resolver

but unbound is on my list like pulse audio is

kill it with fire and dont use it

now I am unsure if you remove unbound will it affect resolinvg with resolv.conf as I think thats done with libc

but I dont want to brake my system so I kept it if not I would of removed it from base

apparently you can

ant-x: most people use 3rd party DNS that makes unbound useless in my opinion, my ISP moved form there own DNS to google's but they still allow old DNS for biz users

And nsd is authoritative only. It is required for hosting one's own domain. Do I understand correctly that a recusive name server is not required for that, as the client will be using their own recursive DNS servers to get the my IP from my domain?

no

however if you want to be able to resolve domains using your own DNS you need bind or powerdns

no -- not required, or no -- I misunderstood the purpse of recurisve name servers?

not required

if you look most of the top TLD's are using nsd vs bind

Ah, thanks. For now I have no idea why one would need one's own DNS resolver, unless to feel more independent.

back in the day when the internet was slow caching DNS information made the internet speedier

Is the undersling name server software easily determinable?

I personally like running my own stuff so I run my own DNS

In your case, nsd + recursive name-server may be worse than a single tool for both authoritative and recursive.

oh I run NSD on the server bind on another machine

You have an multi-machine system at home? Cool.

whats a multimachine system ?

I have 2 machines one acts like a server another is a desktop that I happen to run my own caching DNS

mostly due to old habbit

Well -- your own hosting infrastructure, based on more than a single machine.

now is it any more secure than running say DNS over https

nope

i just like the idea if my DNS is down I can login and firue out why

vs compalin to cloudflare

cpet: "run NSD on the server bind on another machine" > I undestood it as you having two server machines.

i understood multimachine system as a VPS

heh

No, no, no.

i have a biz line with a /29 or 5 static IP's

so i host my own domain, email, all that fun stuff

I will be glad when I manage to host a website on my single static IP and access it via my domain name. It is already accessible by the IP (when the machine is on :-)

it runs of a intel i7, 32gigs of ram and a zfs mirror of 2 512 gb nve drives

ZFS reminds me to ask your opinion: Does silent bit rot really happen?

just learn to properly set up the site

cpet, I can't register the domain before the authoritative name server is up.

shouldn't matter

An orthogonal problem?

and simply put nothing last forever and yes silent bit rot is a thing

this why backups are a must

or mitigate it using a z2 or a nas or even a detacheable USB drive

I am not usre you can didstinguish rotten vs fresh copy given two backups, without an additional CRC.

the least of my worries are not being able to access my 20 years of emails

aparently some people backup there emails

The more you have, the more you worry about somehow losing it...

cpet, emails, usenet posts, all they have ever said on IRC.

``man syslog'' is the programmers documentation (section 3). Where is the admnistrator'd documentation, that is info on configuring syslog and locaing its log files?

try man syslogd

Hmm xwayland is crashing. That's exciting

i dont care enough to use wayland so I use x11

as long as it runs firefox and plays my youtube

heh

specialbomb, thanks.

ant-x, "man syslogd" or "man syslog.conf"

just the linux world wanting to reimplement something and the whole world goes OMFG! i need to use it cause everyone else does

Sure, I went from syslogd to syslog.conf via SEE ALSO.

thats what I intended :)

picking up your own pieces is an important skill

Indeed.

It may be like a puzzle.

apropos is your friend

man man

cpet: same here, x11 and i3 for almost a decade here lol

that searches based on input

apropos syslog will show you every man page that includes or mentions syslog

I tried migrating to wayland, but none of my existing stuff would work with it well so I gave up on trying lpl

s/lpl/lol

every time I trie wayland it just gave me a black screen

networking is pissing me off

yeap that happens a lot

stateful packets are hitting my drop log rule

which might be a route issue come to think of it

nope correct route

I have a http packet coming in on a epair from a vnet jail, this is NAT'd and passed out but when it comes back is is dropped by pf

A stateful packet might hit a drop rule due to an

asymmetric traffic path, where the return traffic takes a different route than the initial packet, causing it to miss the established state entry. Other reasons include misconfigured rules, state table exhaustion (e.g., exceeded TCP reassembly depth), network connection breaks, or a specific packet having an unsupported option.

ah shit

this firewall used to work, until I complicated shit

google is hard

(TM)

heh

did you just paste llm shit

I have wlan0, em0, then a lagg0 joining the two

it made you think of why its doing it

so why does it matter where it from

and then a wg0 tunnel

packet goes out and returns on wg0

then in theory it's doing what it says above

hmm, could you offer a better description of your topology? where are you sending traffic to?

and what do your rules look like?

no one ever does that

I just thought maybe its because I am filtering on lagg0

I shouldnt be filtering on forwarding, but only on the physical interfaces, and wireguard

hmmm still doesn't work

you're allowed to filter on a lagg

nothing will stop you from filtering localhost

I probably have a similar setup. how are you exposing your jail to the external network? are you routing or using a bridge vdev?

now is it the correct way probably not but hey you can do it

specialbomb: epair

yeah, but your epair interface on the host has to either route the traffic, or the traffic needs to get bridged. which are you doing?

g2g sadly

uhhh anyone ever get freebsd crashing more and more often, and now when i go past boot screen i get a fatal trap 9: general protection fault while in kernel mode then server reboot again?

14.3p5

i blame HW

you seem to have a lot of hw issues, betting on it

start memtesting your ram and checking your drives

possibly checking your gfx card which I doubt thats it

specialbomb, i run dozens of servers

HW still dies despite running dozens of servers

ya my point was that i don't have "lot of hw issues" if adjusted for amount of hw i run

Ugh I think I'm having an integrated graphics issue... YaLTeR/niri #722

ok even weirder now that dhclient had to be executed manually

dhcp was not automatic

hmmmm

did it manually doesnt matter

kerneldove: just givin ya shit :p

:)

specialbomb: routed

did you set forwarding in rc.conf ?

yeah

like I said this used to work

few months back

so what did you change

just trying to figure out what in my network has changed

the user

rn I am just stripping everything out of pf

:P

specialbomb: afaik just adding lagg0

and modifying the firewall a bit

but I cant remember how

so I am just stripping it down :P

also stripped out lagg0

lagg0 is great

probably a simple mistake. if you change the egress port its important then you have to make sure all of your rules now refer to it. did you set a macro for your egress interface?

typically thats common practice

s/then/that

specialbomb: yes all this is macro'd

very interesting. I have not had issues like this and I use a lagg and routed jails, one of which has a wg peer within

now, I dont use PF at the moment since I use a dedicated firewall, but while I was playing with PF it conntracking never messed up

I removed lagg

its the same thing

00:00:00.000007 rule 8/0(match): block in on wg0: 34.160.111.145 > 192.168.4.2: ip-proto-6

im using ifconfig.me (http get using fetch) to test from within the jail

pflog0 shows this

this *should* be stateful

and I remember having this year a year ago, but I cant remember what fixed it

hmm. its hard to tell without knowing your whole topology

welp I stripped it down to

wlan0, wg0 and the epair

im assuming 192.168.4.0/24 is your jail network?

no thats wireguard network

the response packet from the webserver is being dropped by the default "block log" when in on wg0

this *should* be stateful

why is it matching ip-proto-6?

I would look into that :)

alright let me copy the firewall

just to clarify, by "dedicated firewall," I mean an external firewall device. PF running on the host is not really the same as that

cpet: I want to use wayland

specialbomb: bpa.st/AOGQ

literally stripped it down to this

my router runs OpenBSD which has its own firewall, but I know its not the issue

the packet passes through both egress and ingress without issue

its purely a host config problem

anyways stripped down firewall to the basics and it still doesnt want to fucking work lol

I remember having this issue ages ago but I cant for the life of me remember what fixed it

I moaned about it on IRC a year ago until lightbulb moment :P

its definitely a state issue because if I drop the block rule, the host drops the packet

the route is fine

I have to ask, whats with the NAT rule on the wireguard if?

oh thats weird, theres duplicate states too

even if I flush it will duplicate the state it seems

specialbomb: this is my laptop so the router cant be handed packets for networks local to my laptop

wouldn't work on other networks

lbmk_if is the epair

and its network is a /29 (as theres also a bhyve vm within the jail)

so I need 4 IPs, and a /30 provides 2 (and /31 also 2)

what are you trying to achievr with wireguard then? what are you tunneling to and from?

so the /29 is NAT'd do the IPv4 address of the wg iface

and then passed on to the router for WAN access

specialbomb: wg is always on vpn

I dropped all my blocking on the physical iface to prevent packets leaving the laptop unless its through wg0

so, are you attempting to VPN all of your traffic or just your jail traffic

all the traffic gets vpn'd

if there was no vpn (the initial config a year ago) it would be nat to wlan0

I am just so fed up of this

sorry, im trying my best. im just a novice.

im also at work so its hard to focus on

Hmm I want a framework cause it seems like they have good HW

*HW support

Im really bummed about xwayland not working on niri

specialbomb: lol not at you

I am not expected anyone to exactly help lol

JetpackJackson: f*ck wayland

this setup just seems kinda fucked I guess haha

yeah well

theres a lot of variables at play here and all I can do is ask questions and try to piece together your goal

no clue why

wayland is marmite

what does that mean

you have multiple external interfaces too and im thinking routing issues could still be at play here, its hard to say.

Hey all. I just switched my media server (the family tv) over to freebsd, and I noticed that vlc doesn't ship with nvlc (ncurses) turned on by default. I'm not wildly fond of nvlc, so rather than build the port by hand I'm wondering if there's a simple text-based audio front-end that I might use in place of nvlc.

rtprio: controversial