What is the normal device name for an SD card?

maybe mmcsd(4)?

nxjoseph: thanks, that does look like the right thing, but my device isn't showing up. I'll dig.

maybe dmesg could help you identify, youre welcome

Ah! I'd tried dmesg first, but "grep mmc" turned up nothing; "grep -i mmc" does the trick. Oops.

hehe

has anyone had experince upgrading 9.x to 14.x ?

is freebsd ncurses updated regularly from invisible-island? or have the implementations diverged over the years?

current version in pkg repo is ncurses-6.6, so yes it's updated.

checkpoint: I have in the past using "freebsd-update" to from 9.x -> 10.x -> 11.x -> 12.x, etc...

I'd imagine a much faster way would be to just pull the src and do the upgrade manually by building it, though. That's a lot of steps (if those repos are even still available for freebsd-update.)

checkpoint: thanks. appreciated.

ek: I have rootfs on a separate partition on this box. My plan is to get it formatted, then 14.3 installed from USB stick, then remount /usr, /var and /home and get packages upgraded when needed.

my previous experience shows that FreeBSD is very well backwards compatible, i.e. old binaries work fine on contemporary systems.

nimaje: if you're interested in a discussion about what "tabs 1,9,17..." should do - gwsw/less #737#issuecomment-4018069631 (Thomas Dickey chimed in too!)

GoSox I have my tables prior to any options (such as set block-policy return, set loginterface $ext_if, and set skip on lo)

well, it only causes a problem and throws an error if i add the scrub. BUT i could try it anyway just to see

I have scrub in on $ext_if all fragment reassemble right after set skip on lo and right before my first nat rule

so table definition, then the loopback skip rule, then scrub, then everything else?

still getting an error about order even in that order

and the error is always on the scrub line

˜/47

GoSox, Tables must be before options. Move the tables up to the top. I have "scrub in" instead of "scrub in all" in my rules and don't remember what the ramifications are about it.

i got it all worked out

as expected, the problem wasn’t at all what it appeared to be and thats why i couldn’t track it down lol

there are files in /usr/share/examples/pf which you'll love

that does sound interesting

and pf.conf manpage is also as detailed as it gets

ive read over the manpage a million times, theres definitely a gap between the manpage and where examples will get you, i need to check that out

*firing up my bsd machine*

oh crap my freebsd machine is currently wiped i need to reinstall

are those examples posted online anywhere?

Wait, if your fBSD box is wiped, what the heck are you working on now?

like on IRC right now? A 2018 mac mini

also, i’mmmmmm trying to reinstall bsd on my test mac mini right now but it just got an install error hmm

so when pf firewall is running, is there a process named “pf” that is running or does it have a different name or is there some other way it functions?

So you're using pf under OSX now

well i have a server that is running pf on os x, and i’m trying to set up a freebsd server that does all of the same stuff

GoSox: yes in git

Because the answers to your question will differ.

i was sad to find out launchd isn’t available on freebsd :(

to which question, exactly?

oh the process?

well in that case i’m curious how it runs on both systems

ketas: thanks!

pfctl configures the kernel for the packet filtering. There is no pf process. You might have started up a pflogd process but that is supplemental.

oh ok

so is `desktop-installer` a freebsd specific thing or is it a general unix thing?

i have a thread going about this on the forum but basically, every time i use it to install sddm and xfce4, i only get xfce4 and i get no sddm, i have to install it manually. but others on freebsd test it out, and it works properly for them, which is odd

ive only tested it on one piece of hardware at this point though, a 2012 mac mini with intel integrated gpu

I have never heard of desktop-installer before and never used it.

What is it you are trying to accomplish with the pf rules you shared? It does not seem to be in a flow that makes sense to me. So it seems like it is something other than the usual firewall.

in what way?

those are webserver rules so the idea is to block everything except web and email traffic

pass in to a table of specific addresses? That's odd.

As a side note it looks like it handles IPv4 only and not IPv6 but that's not atypical.

oh i have scripts on my sites that can add bad users to those tables so if you make a web page angry, it can block you at the firewall level for a given amount of time

Let me post a counter example to a pastebin.

are you referring to the pastebin of my fw rules i shared here a couple hours ago?

GoSox, termbin.com/t1a4

Yes, the pastebin you shared a while back. This is a working example from a FreeBSD server. It has both a persistent table for blocking bad-actor bots and also a fail2ban anchor too.

that doesn’t really look all that different from what i have setup, except i’m allowing different services on each of the two IPs, and some vpn stuff

But you have been reporting that yours doesn't load due to errors. Start with a working example and change it until it does what you want.

oh i worked that out

Unfortunately I am just passing by because it is midnight here now and I am over at a friend's place but must be heading home now. Good luck!

there were some unused anchors at the top of the config file i didn’t notice were uncommented and - i don’t know how but they were causing problems and i didn’t need them so i just commented them all out

so for now i think my firewall rule issue is complete and now i’m back to figuring out why desktop-installer doesn’t work consistentyl for me but i’m also only going to mess around with it for a little while longer then i’m going to bed (in theory)

ah crap i don’t suppose any of you guys know how to set the startup disk on a mac, but within freebsd? This mac has two drives and its just a system preference on the mac side, but the mac side doesn’t see the bsd side as a bootable drive so every time i reboot, it goes back into macos

how do you start sddm manually?

GoSox the way i made my linux drive start first was to swap the physical drives to the one the mac starts normally, and the mac drive moved to secondary so now I have to use option while booting to even get macos to appear

both drives show up if i hold the option key, and my real server wont’ be a mac anyway/ but on this test machine, its annoying

also if i wipe macos, it will default to booting bsd but for now, its handy having access to both on this machine

so i changed my display resolution (in xfce4 in a fresh freebsd15 install) and the new resolution is unreadable. But it didn’t auto-change back and now i’m stick with a screen i can’t see. Anyone know how to fix?

this is a long shot, but regarding ‘scrub in’ in pf firewall, is there any way to see any kind of stats on that? like how many malformed packets it is tossing?

Hi. I'm trying to update an opensense system which is based on FreeBSD 14. During running "pkg update" it is reporting that "pkg-static: pkgmir.geo.freebsd.org/FreeBSD:14:a…kmods_quarterly_3/packagesite.tzst: Not Found". I can see a .tzst file exists for quarterly_2 but not for quarterly_3 or 4. Is there something on my system I need to reconfigure to stop it looking for tzst files?

Quinn20: Here's what I see when I take a look at the mirrior site. Your local mirror may not have the data? ```We use MaxMind GeoLite based geo-dns to choose a close mirror for you. IMPORTANT: We do NOT guarantee uptime of any particular mirror. We provide SRV fallbacks for redundancy.```

I've checked about 12 mirrors listed, all seem to be missing .tzst files.

avih: I really don't care about tabs or its behaviour, I just checked on my freebsd 14.3 machine because it was easy, if you want that freebsd behaves as posix specifies then please open a problem report, well the man page didn't say if I should expect the character after a tabstop at position N or N+1, so a problem report for improving the documentation would be good in any case

nimaje: I'm not going to do that. Regardless, my conclusion is that posix got it wrong. it described incorrectly the behavior of SVR4, which is the same as in unix-v7. the link i posted earlier has the relevant info.

as in v8 *

GoSox: probably /usr/sbin/efibootmgr ?

$ which efibootmgr

/usr/sbin/efibootmgr

GoSox: wayland or x?

Could it be that 14.4-RELEASE is already out?

s2r: it was tagged and builds started on the 6th, it is not officiallty released with release notes etc until the 10th

you are free to upgrade now if you like

yes, I saw that on the release page but I didn't know the binaries were already available.

this is at least in part due to freebsd's constant issues trying to get new releases published on various cloud providers

they constantly reject our submissions for no good reason and we have to go via backchannels to get the release published

ivy: it's a pity to hear that