From owner-freebsd-questions@freebsd.org Sun Aug 2 00:02:17 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 69891368322 for ; Sun, 2 Aug 2020 00:02:17 +0000 (UTC) (envelope-from doug@safeport.com) Received: from bucksport.safeport.com (bucksport.safeport.com [198.74.231.101]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BK1RD5rQlz3Yk8 for ; Sun, 2 Aug 2020 00:02:16 +0000 (UTC) (envelope-from doug@safeport.com) Received: from bucksport.safeport.com (bucksport.safeport.com [198.74.231.101]) by bucksport.safeport.com (8.14.5/8.14.5) with ESMTP id 07202GJ1044142 for ; Sat, 1 Aug 2020 20:02:16 -0400 (EDT) (envelope-from doug@safeport.com) Date: Sat, 1 Aug 2020 20:02:16 -0400 (EDT) From: Doug Denault To: freebsd-questions@FreeBSD.ORG Subject: freebsd-update - Cannot identify running kernel Message-ID: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (bucksport.safeport.com [198.74.231.101]); Sat, 01 Aug 2020 20:02:16 -0400 (EDT) X-Rspamd-Queue-Id: 4BK1RD5rQlz3Yk8 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of doug@safeport.com designates 198.74.231.101 as permitted sender) smtp.mailfrom=doug@safeport.com X-Spamd-Result: default: False [-2.25 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.90)[-0.904]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:198.74.231.101:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.92)[-0.924]; DMARC_NA(0.00)[safeport.com]; NEURAL_HAM_SHORT(-0.32)[-0.322]; RCVD_COUNT_ONE(0.00)[1]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:11288, ipnet:198.74.228.0/22, country:US]; ONCE_RECEIVED(0.10)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 00:02:17 -0000 I did an update from 11.3 --> 12.1 that did not seem to work. That turned out to be my error but I rolled back to 11.3. I have a 12.0 system that did not have the error so I thought I would update to 12.0 to try to get a handle on my problem. This update did not exactly work. It will boot and I suspect I can do anything not requiring access to /boot. The zfs boot process is not bothered by this problem. zpool list NAME SIZE ALLOC FREE CKPOINT EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT bootpool 1.98G 274M 1.72G - - 15% 13% 1.00x ONLINE - zroot 920G 7.76G 912G - - 0% 0% 1.00x ONLINE - zfs list NAME USED AVAIL REFER MOUNTPOINT bootpool 273M 1.59G 271M /bootpool zroot 7.76G 883G 96K /zroot zroot/ROOT 5.15G 883G 96K none zroot/ROOT/default 5.15G 883G 5.15G / zroot/tmp 168K 883G 168K /tmp zroot/usr 2.59G 883G 96K /usr zroot/usr/home 682M 883G 682M /usr/home zroot/usr/ports 742M 883G 742M /usr/ports zroot/usr/src 1.20G 883G 1.20G /usr/src zroot/var 12.5M 883G 96K /var zroot/var/audit 96K 883G 96K /var/audit zroot/var/crash 96K 883G 96K /var/crash zroot/var/log 572K 883G 572K /var/log zroot/var/mail 11.5M 883G 11.5M /var/mail zroot/var/tmp 96K 883G 96K /var/tmp In comparing this with a zfs system I have not so abused, I can tell that bootpool needs to be added to the zroot/ROOT/default as boot thus the file system visible to the OS would have /boot in it. I know my terminology is likely all messed up, I am a zfs newbie. Anyway bootpool/boot/ has the right stuff: ls bootpool/boot/ ./ delay.4th loader.efi* menu.4th ../ device.hints loader.rc menu.rc beastie.4th dtb/ loader_4th* menusets.4th boot efi.4th loader_4th.efi* modules/ boot0 entropy loader_lua* pmbr boot0sio firmware/ loader_lua.efi* pxeboot boot1 frames.4th loader_simp* screen.4th boot1.efi* gptboot loader_simp.efi* shortcuts.4th boot1.efifat gptzfsboot logo-beastie.4th support.4th boot2 isoboot logo-beastiebw.4th userboot.so brand-fbsd.4th kernel/ logo-fbsdbw.4th userboot_4th.so brand.4th kernel.old/ logo-orb.4th userboot_lua.so cdboot loader* logo-orbbw.4th version.4th check-password.4th loader.4th lua/ zfs/ color.4th loader.conf mbr zfsboot defaults/ loader.conf.orig menu-commands.4th zfsloader* So ... is my analysis correct? If so how do it put bootpool/boot/ where "it belongs"? _____ Douglas Denault http://www.safeport.com support@safeport.com Voice: 301-217-9220 Fax: 301-217-9277 From owner-freebsd-questions@freebsd.org Sun Aug 2 00:31:35 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AC725368F14 for ; Sun, 2 Aug 2020 00:31:35 +0000 (UTC) (envelope-from doug@fledge.watson.org) Received: from cyrus.watson.org (cyrus.watson.org [204.107.128.30]) by mx1.freebsd.org (Postfix) with ESMTP id 4BK2524jkfz3b08 for ; Sun, 2 Aug 2020 00:31:34 +0000 (UTC) (envelope-from doug@fledge.watson.org) Received: from fledge.watson.org (fledge.watson.org [198.74.231.63]) by cyrus.watson.org (Postfix) with ESMTPS id 2CD5863796 for ; Sun, 2 Aug 2020 00:31:28 +0000 (UTC) Received: from fledge.watson.org (doug@localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.15.2/8.15.2) with ESMTP id 0720VREY013255 for ; Sat, 1 Aug 2020 20:31:27 -0400 (EDT) (envelope-from doug@fledge.watson.org) Received: from localhost (doug@localhost) by fledge.watson.org (8.15.2/8.15.2/Submit) with ESMTP id 0720VRlu013252 for ; Sat, 1 Aug 2020 20:31:27 -0400 (EDT) (envelope-from doug@fledge.watson.org) Date: Sat, 1 Aug 2020 20:31:27 -0400 (EDT) From: doug Reply-To: doug@safeport.com To: freebsd-questions@FreeBSD.ORG Subject: Re: freebsd-update - Cannot identify running kernel In-Reply-To: Message-ID: References: User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Rspamd-Queue-Id: 4BK2524jkfz3b08 X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of doug@fledge.watson.org has no SPF policy when checking 204.107.128.30) smtp.mailfrom=doug@fledge.watson.org X-Spamd-Result: default: False [2.85 / 15.00]; HAS_REPLYTO(0.00)[doug@safeport.com]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.00)[0.001]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_THREE(0.00)[4]; REPLYTO_DOM_NEQ_FROM_DOM(0.00)[]; NEURAL_SPAM_MEDIUM(0.86)[0.861]; NEURAL_SPAM_LONG(0.98)[0.984]; DMARC_NA(0.00)[watson.org]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:11288, ipnet:204.107.128.0/24, country:US]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 00:31:35 -0000 On Sat, 1 Aug 2020, Doug Denault wrote: > I did an update from 11.3 --> 12.1 that did not seem to work. That turned out > to be my error but I rolled back to 11.3. I have a 12.0 system that did not > have the error so I thought I would update to 12.0 to try to get a handle on > my problem. > > This update did not exactly work. It will boot and I suspect I can do > anything not requiring access to /boot. The zfs boot process is not bothered > by this problem. > > zpool list > NAME SIZE ALLOC FREE CKPOINT EXPANDSZ FRAG CAP DEDUP HEALTH > ALTROOT > bootpool 1.98G 274M 1.72G - - 15% 13% 1.00x ONLINE > - > zroot 920G 7.76G 912G - - 0% 0% 1.00x ONLINE > - > > zfs list > NAME USED AVAIL REFER MOUNTPOINT > bootpool 273M 1.59G 271M /bootpool > zroot 7.76G 883G 96K /zroot > zroot/ROOT 5.15G 883G 96K none > zroot/ROOT/default 5.15G 883G 5.15G / > zroot/tmp 168K 883G 168K /tmp > zroot/usr 2.59G 883G 96K /usr > zroot/usr/home 682M 883G 682M /usr/home > zroot/usr/ports 742M 883G 742M /usr/ports > zroot/usr/src 1.20G 883G 1.20G /usr/src > zroot/var 12.5M 883G 96K /var > zroot/var/audit 96K 883G 96K /var/audit > zroot/var/crash 96K 883G 96K /var/crash > zroot/var/log 572K 883G 572K /var/log > zroot/var/mail 11.5M 883G 11.5M /var/mail > zroot/var/tmp 96K 883G 96K /var/tmp > > In comparing this with a zfs system I have not so abused, I can tell that > bootpool needs to be added to the zroot/ROOT/default as boot thus the file > system visible to the OS would have /boot in it. I know my terminology is > likely all messed up, I am a zfs newbie. > > Anyway bootpool/boot/ has the right stuff: > > ls bootpool/boot/ > ./ delay.4th loader.efi* menu.4th > ../ device.hints loader.rc menu.rc > beastie.4th dtb/ loader_4th* menusets.4th > boot efi.4th loader_4th.efi* modules/ > boot0 entropy loader_lua* pmbr > boot0sio firmware/ loader_lua.efi* pxeboot > boot1 frames.4th loader_simp* screen.4th > boot1.efi* gptboot loader_simp.efi* shortcuts.4th > boot1.efifat gptzfsboot logo-beastie.4th support.4th > boot2 isoboot logo-beastiebw.4th userboot.so > brand-fbsd.4th kernel/ logo-fbsdbw.4th userboot_4th.so > brand.4th kernel.old/ logo-orb.4th userboot_lua.so > cdboot loader* logo-orbbw.4th version.4th > check-password.4th loader.4th lua/ zfs/ > color.4th loader.conf mbr zfsboot > defaults/ loader.conf.orig menu-commands.4th zfsloader* > > So ... is my analysis correct? If so how do it put bootpool/boot/ where "it > belongs"? > So after some reading, I might be making more of this than it is. Seems to me because so little data is involved make /boot, copy the data and perhaps rename bootpool to something just to be safe. If so the next question is did freebsd-update leave anything else behind? From owner-freebsd-questions@freebsd.org Sun Aug 2 01:29:54 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8F8A136A48D for ; Sun, 2 Aug 2020 01:29:54 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [IPv6:2001:470:0:19b::b869:801b]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "www.holgerdanske.com", Issuer "www.holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BK3NJ6w2qz3cmH for ; Sun, 2 Aug 2020 01:29:52 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (TLS_AES_128_GCM_SHA256:TLSv1.3:Kx=any:Au=any:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Sat, 1 Aug 2020 18:29:41 -0700 Subject: Re: freebsd-update - Cannot identify running kernel To: freebsd-questions@freebsd.org References: From: David Christensen Message-ID: <78c7d012-8c82-a25a-e70d-6a09d0098bad@holgerdanske.com> Date: Sat, 1 Aug 2020 18:29:41 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4BK3NJ6w2qz3cmH X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of dpchrist@holgerdanske.com has no SPF policy when checking 2001:470:0:19b::b869:801b) smtp.mailfrom=dpchrist@holgerdanske.com X-Spamd-Result: default: False [2.86 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.12)[0.118]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_SPAM_MEDIUM(0.94)[0.943]; DMARC_NA(0.00)[holgerdanske.com]; NEURAL_SPAM_LONG(0.90)[0.899]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 01:29:54 -0000 On 2020-08-01 17:31, doug wrote: > On Sat, 1 Aug 2020, Doug Denault wrote: > >> I did an update from 11.3 --> 12.1 that did not seem to work. >> I have a 12.0 >> system that did not have the error so I thought I would update to 12.0 >> to try to get a handle on my problem. I assume you mean "update to 12.1"? >> This update did not exactly work. It will boot and I suspect I can do >> anything not requiring access to /boot. On my system, /boot is a symlink; not a ZFS filesystem: 2020-08-01 18:10:51 toor@f3 ~ # freebsd-version ; uname -a 12.1-RELEASE-p7 FreeBSD f3.tracy.holgerdanske.com 12.1-RELEASE-p7 FreeBSD 12.1-RELEASE-p7 GENERIC amd64 2020-08-01 18:22:18 toor@f3 ~ # ll /boot lrwxr-xr-x 1 root wheel 13 2019/10/31 21:37:10 /boot@ -> bootpool/boot 2020-08-01 18:22:44 toor@f3 ~ # zfs list -r | egrep 'NAME|boot|/$' NAME USED AVAIL REFER MOUNTPOINT bootpool 372M 1.42G 190M /bootpool soho2_zroot/ROOT/default 4.23G 4.28G 2.22G / > The zfs boot process is not >> bothered by this problem. >> >> zpool list >> NAME       SIZE  ALLOC   FREE  CKPOINT  EXPANDSZ   FRAG    CAP  DEDUP >> HEALTH ALTROOT >> bootpool  1.98G   274M  1.72G        -         -    15%    13%  1.00x >> ONLINE - >> zroot      920G  7.76G   912G        -         -     0%     0%  1.00x >> ONLINE - So, a 1 TB HDD? I would use that for data. I put my systems on small SSD's: 2020-08-01 18:14:08 toor@f3 ~ # camcontrol devlist | grep ada0 at scbus0 target 0 lun 0 (ada0,pass0) >> So ... is my analysis correct? If so how do it put bootpool/boot/ >> where "it belongs"? Look for the symlink, as above. > So after some reading, I might be making more of this than it is. Seems > to me because so little data is involved make /boot, copy the data and > perhaps rename bootpool to something just to be safe. I have assumed 'bootpool' is hard coded into the bootloader(s), and renaming it will break boot. So, I have not tried renaming bootpool. I would advise taking an image of your system drive before proceeding, but an image of a 1 TB system drive could require a lot of storage (this is why I use small SSD's for system drives). > If so the next > question is did freebsd-update leave anything else behind? I keep my system configuration files in a version control system (CVS). I never do in-place OS major version upgrades. Instead, I make sure the system configuration files are checked in, stop services, backup the data, pull the system drive, insert a blank system drive, do a fresh install, update the OS, install packages, update the packages, check out the old configuration files to a side directory, configure the system as required, restore the data, and start services. David From owner-freebsd-questions@freebsd.org Sun Aug 2 04:32:14 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 727B3370EDA for ; Sun, 2 Aug 2020 04:32:14 +0000 (UTC) (envelope-from doug@fledge.watson.org) Received: from cyrus.watson.org (cyrus.watson.org [204.107.128.30]) by mx1.freebsd.org (Postfix) with ESMTP id 4BK7Qj2tl3z44ck for ; Sun, 2 Aug 2020 04:32:13 +0000 (UTC) (envelope-from doug@fledge.watson.org) Received: from fledge.watson.org (fledge.watson.org [198.74.231.63]) by cyrus.watson.org (Postfix) with ESMTPS id 40BCA56607; Sun, 2 Aug 2020 04:32:12 +0000 (UTC) Received: from fledge.watson.org (doug@localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.15.2/8.15.2) with ESMTP id 0724WAts018329; Sun, 2 Aug 2020 00:32:10 -0400 (EDT) (envelope-from doug@fledge.watson.org) Received: from localhost (doug@localhost) by fledge.watson.org (8.15.2/8.15.2/Submit) with ESMTP id 0724WAH2018326; Sun, 2 Aug 2020 00:32:10 -0400 (EDT) (envelope-from doug@fledge.watson.org) Date: Sun, 2 Aug 2020 00:32:10 -0400 (EDT) From: doug Reply-To: doug@safeport.com To: David Christensen cc: freebsd-questions@freebsd.org Subject: Re: freebsd-update - Cannot identify running kernel In-Reply-To: <78c7d012-8c82-a25a-e70d-6a09d0098bad@holgerdanske.com> Message-ID: References: <78c7d012-8c82-a25a-e70d-6a09d0098bad@holgerdanske.com> User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 X-Rspamd-Queue-Id: 4BK7Qj2tl3z44ck X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of doug@fledge.watson.org has no SPF policy when checking 204.107.128.30) smtp.mailfrom=doug@fledge.watson.org X-Spamd-Result: default: False [3.14 / 15.00]; HAS_REPLYTO(0.00)[doug@safeport.com]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.16)[0.156]; MIME_GOOD(-0.10)[multipart/mixed,text/plain]; REPLYTO_DOM_NEQ_FROM_DOM(0.00)[]; DMARC_NA(0.00)[watson.org]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.65)[0.645]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; CTYPE_MIXED_BOGUS(1.00)[]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_SPAM_LONG(0.33)[0.335]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; ASN(0.00)[asn:11288, ipnet:204.107.128.0/24, country:US]; MID_RHS_MATCH_FROM(0.00)[] Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8BIT X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 04:32:14 -0000 On Sat, 1 Aug 2020, David Christensen wrote: > On 2020-08-01 17:31, doug wrote: >> On Sat, 1 Aug 2020, Doug Denault wrote: >> >>> I did an update from 11.3 --> 12.1 that did not seem to work. > >>> I have a 12.0 >>> system that did not have the error so I thought I would update to 12.0 >>> to try to get a handle on my problem. > > I assume you mean "update to 12.1"? > > >>> This update did not exactly work. It will boot and I suspect I can do >>> anything not requiring access to /boot. > > On my system, /boot is a symlink; not a ZFS filesystem: > > 2020-08-01 18:10:51 toor@f3 ~ > # freebsd-version ; uname -a > 12.1-RELEASE-p7 > FreeBSD f3.tracy.holgerdanske.com 12.1-RELEASE-p7 FreeBSD > 12.1-RELEASE-p7 GENERIC amd64 > > 2020-08-01 18:22:18 toor@f3 ~ > # ll /boot > lrwxr-xr-x 1 root wheel 13 2019/10/31 21:37:10 /boot@ -> bootpool/boot > > 2020-08-01 18:22:44 toor@f3 ~ > # zfs list -r | egrep 'NAME|boot|/$' > NAME USED AVAIL > REFER MOUNTPOINT > bootpool 372M 1.42G > 190M /bootpool > soho2_zroot/ROOT/default 4.23G 4.28G 2.22G / > > >> The zfs boot process is not >>> bothered by this problem. >>> >>> zpool list >>> NAME       SIZE  ALLOC   FREE  CKPOINT  EXPANDSZ   FRAG    CAP  DEDUP >>> HEALTH ALTROOT >>> bootpool  1.98G   274M  1.72G        -         -    15%    13%  1.00x >>> ONLINE - >>> zroot      920G  7.76G   912G        -         -     0%     0%  1.00x >>> ONLINE - > > So, a 1 TB HDD? I would use that for data. > > > I put my systems on small SSD's: > > 2020-08-01 18:14:08 toor@f3 ~ > # camcontrol devlist | grep ada0 > at scbus0 target 0 lun 0 (ada0,pass0) > > >>> So ... is my analysis correct? If so how do it put bootpool/boot/ >>> where "it belongs"? > > Look for the symlink, as above. > > >> So after some reading, I might be making more of this than it is. Seems >> to me because so little data is involved make /boot, copy the data and >> perhaps rename bootpool to something just to be safe. > > I have assumed 'bootpool' is hard coded into the bootloader(s), and > renaming it will break boot. So, I have not tried renaming bootpool. > > > I would advise taking an image of your system drive before proceeding, > but an image of a 1 TB system drive could require a lot of storage (this > is why I use small SSD's for system drives). > > >> If so the next >> question is did freebsd-update leave anything else behind? > > I keep my system configuration files in a version control system (CVS). > > > I never do in-place OS major version upgrades. Instead, I make sure the > system configuration files are checked in, stop services, backup the > data, pull the system drive, insert a blank system drive, do a fresh > install, update the OS, install packages, update the packages, check out > the old configuration files to a side directory, configure the system as > required, restore the data, and start services. > > David Thank you. All the systems I have that use zfs I either did the default zfs install or they are the way they came from the manufacturer. This system has no data on it so I can experiement away. I had assumed the bootpool pool came from freebsd-update. I do not remember that /boot was a symlink bur was wasn't really paying any attention to that. I appreciate all the info. From owner-freebsd-questions@freebsd.org Sun Aug 2 06:32:48 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 60C283733CE for ; Sun, 2 Aug 2020 06:32:48 +0000 (UTC) (envelope-from doug@safeport.com) Received: from cyrus.watson.org (cyrus.watson.org [204.107.128.30]) by mx1.freebsd.org (Postfix) with ESMTP id 4BKB5p72cGz48Tp for ; Sun, 2 Aug 2020 06:32:46 +0000 (UTC) (envelope-from doug@safeport.com) Received: from fledge.watson.org (fledge.watson.org [198.74.231.63]) by cyrus.watson.org (Postfix) with ESMTPS id EC9C161447; Sun, 2 Aug 2020 06:23:56 +0000 (UTC) Received: from fledge.watson.org (doug@localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.15.2/8.15.2) with ESMTP id 0726Nuc5020566; Sun, 2 Aug 2020 02:23:56 -0400 (EDT) (envelope-from doug@safeport.com) Received: from localhost (doug@localhost) by fledge.watson.org (8.15.2/8.15.2/Submit) with ESMTP id 0726Nu0m020563; Sun, 2 Aug 2020 02:23:56 -0400 (EDT) (envelope-from doug@safeport.com) X-Authentication-Warning: fledge.watson.org: doug owned process doing -bs Date: Sun, 2 Aug 2020 02:23:56 -0400 (EDT) From: doug@safeport.com X-X-Sender: doug@fledge.watson.org Reply-To: doug@fledge.watson.org To: David Christensen cc: freebsd-questions@freebsd.org Subject: Re: freebsd-update - Cannot identify running kernel In-Reply-To: Message-ID: References: <78c7d012-8c82-a25a-e70d-6a09d0098bad@holgerdanske.com> User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 X-Rspamd-Queue-Id: 4BKB5p72cGz48Tp X-Spamd-Bar: +++++++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=fail (mx1.freebsd.org: domain of doug@safeport.com does not designate 204.107.128.30 as permitted sender) smtp.mailfrom=doug@safeport.com X-Spamd-Result: default: False [7.02 / 15.00]; ARC_NA(0.00)[]; R_SPF_FAIL(1.00)[-all:c]; HAS_REPLYTO(0.00)[doug@fledge.watson.org]; TO_DN_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.43)[0.426]; REPLYTO_DN_EQ_FROM_DN(0.00)[]; MIME_GOOD(-0.10)[multipart/mixed,text/plain]; REPLYTO_DOM_NEQ_FROM_DOM(0.00)[]; HAS_XAW(0.00)[]; NEURAL_SPAM_MEDIUM(0.32)[0.323]; DMARC_NA(0.00)[safeport.com]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; VIOLATED_DIRECT_SPF(3.50)[]; CTYPE_MIXED_BOGUS(1.00)[]; FROM_NO_DN(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_SPAM_LONG(0.77)[0.769]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; ASN(0.00)[asn:11288, ipnet:204.107.128.0/24, country:US]; GREYLIST(0.00)[pass,body] X-Spam: Yes Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8BIT X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 06:32:48 -0000 On Sun, 2 Aug 2020, doug wrote: > On Sat, 1 Aug 2020, David Christensen wrote: > >> On 2020-08-01 17:31, doug wrote: >>> On Sat, 1 Aug 2020, Doug Denault wrote: >>> >>>> I did an update from 11.3 --> 12.1 that did not seem to work. >> >>>> I have a 12.0 >>>> system that did not have the error so I thought I would update to 12.0 >>>> to try to get a handle on my problem. >> >> I assume you mean "update to 12.1"? >> >> >>>> This update did not exactly work. It will boot and I suspect I can do >>>> anything not requiring access to /boot. >> >> On my system, /boot is a symlink; not a ZFS filesystem: >> >> 2020-08-01 18:10:51 toor@f3 ~ >> # freebsd-version ; uname -a >> 12.1-RELEASE-p7 >> FreeBSD f3.tracy.holgerdanske.com 12.1-RELEASE-p7 FreeBSD >> 12.1-RELEASE-p7 GENERIC amd64 >> >> 2020-08-01 18:22:18 toor@f3 ~ >> # ll /boot >> lrwxr-xr-x 1 root wheel 13 2019/10/31 21:37:10 /boot@ -> bootpool/boot >> >> 2020-08-01 18:22:44 toor@f3 ~ >> # zfs list -r | egrep 'NAME|boot|/$' >> NAME USED AVAIL >> REFER MOUNTPOINT >> bootpool 372M 1.42G >> 190M /bootpool >> soho2_zroot/ROOT/default 4.23G 4.28G 2.22G > / >> >> >>> The zfs boot process is not >>>> bothered by this problem. >>>> >>>> zpool list >>>> NAME       SIZE  ALLOC   FREE  CKPOINT  EXPANDSZ   FRAG    CAP  DEDUP >>>> HEALTH ALTROOT >>>> bootpool  1.98G   274M  1.72G        -         -    15%    13%  1.00x >>>> ONLINE - >>>> zroot      920G  7.76G   912G        -         -     0%     0%  1.00x >>>> ONLINE - >> >> So, a 1 TB HDD? I would use that for data. >> >> >> I put my systems on small SSD's: >> >> 2020-08-01 18:14:08 toor@f3 ~ >> # camcontrol devlist | grep ada0 >> at scbus0 target 0 lun 0 (ada0,pass0) >> >> >>>> So ... is my analysis correct? If so how do it put bootpool/boot/ >>>> where "it belongs"? >> >> Look for the symlink, as above. >> >> >>> So after some reading, I might be making more of this than it is. Seems >>> to me because so little data is involved make /boot, copy the data and >>> perhaps rename bootpool to something just to be safe. >> >> I have assumed 'bootpool' is hard coded into the bootloader(s), and >> renaming it will break boot. So, I have not tried renaming bootpool. >> >> >> I would advise taking an image of your system drive before proceeding, >> but an image of a 1 TB system drive could require a lot of storage (this >> is why I use small SSD's for system drives). >> >> >>> If so the next >>> question is did freebsd-update leave anything else behind? >> >> I keep my system configuration files in a version control system (CVS). >> >> >> I never do in-place OS major version upgrades. Instead, I make sure the >> system configuration files are checked in, stop services, backup the >> data, pull the system drive, insert a blank system drive, do a fresh >> install, update the OS, install packages, update the packages, check out >> the old configuration files to a side directory, configure the system as >> required, restore the data, and start services. >> >> David > > Thank you. All the systems I have that use zfs I either did the default zfs > install or they are the way they came from the manufacturer. This system > has no data on it so I can experiement away. I had assumed the bootpool > pool came from freebsd-update. I do not remember that /boot was a symlink > bur was wasn't really paying any attention to that. I appreciate all the > info. The problem of freebsd-update not working was caused by the absense of /boot. The fix is, as suggested above, make /boot a symlink to /bootpool/boot. I absoluted verified this as my first attempt was to copy /bootpool/boot --> /boot. I then updated 12.0 --> 12.1. However this boots 12.0. Apparently from posts not all 12.x systems have /bootpool/boot. From owner-freebsd-questions@freebsd.org Sun Aug 2 09:04:02 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 85DB5377033 for ; Sun, 2 Aug 2020 09:04:02 +0000 (UTC) (envelope-from jacques+freebsd@foucry.net) Received: from mail.foucry.net (fournil.foucry.net [95.217.83.231]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKFSK0Rt4z4Ftm for ; Sun, 2 Aug 2020 09:04:00 +0000 (UTC) (envelope-from jacques+freebsd@foucry.net) Received: from mithril.localdomain (2a01cb0400bb09004aa472fffe9e65a1.ipv6.abo.wanadoo.fr [IPv6:2a01:cb04:bb:900:4aa4:72ff:fe9e:65a1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.foucry.net (Postfix) with ESMTPSA id C1B211BE70 for ; Sun, 2 Aug 2020 09:03:43 +0000 (UTC) Received: from mithril (localhost [IPv6:::1]) by mithril.localdomain (Postfix) with ESMTP id F36D413088 for ; Sun, 2 Aug 2020 11:03:42 +0200 (CEST) Date: Sun, 2 Aug 2020 11:03:42 +0200 From: Jacques Foucry To: freebsd-questions@freebsd.org Subject: poudriere check-sanity failed Message-ID: <20200802090342.GA24415@mithril> Mail-Followup-To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4BKFSK0Rt4z4Ftm X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=foucry.net; spf=pass (mx1.freebsd.org: domain of jacques@foucry.net designates 95.217.83.231 as permitted sender) smtp.mailfrom=jacques@foucry.net X-Spamd-Result: default: False [-2.56 / 15.00]; RCVD_TLS_LAST(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.988]; RCVD_COUNT_THREE(0.00)[3]; MID_RHS_NOT_FQDN(0.50)[]; NEURAL_HAM_SHORT(-0.27)[-0.274]; DMARC_POLICY_ALLOW(-0.50)[foucry.net,none]; NEURAL_HAM_MEDIUM(-0.99)[-0.995]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:95.217.0.0/16, country:DE]; TAGGED_FROM(0.00)[freebsd] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 09:04:02 -0000 Hello friends, This morning I launch the update of my poudriere's packages ` poudriere bulk -j 12-1 -p 12-1 -f /usr/local/etc/poudriere.d/12-1.lst ` And it faile on sqlite3 `[00:00:56] Failed ports: databases/sqlite3:check-sanity` and all packages depending of sqlite3 faileÑ• too. I did not find any comprehensive explainantion or solution. As experiented admins, you should already have this issue and may a solution. What's your advices? Thanks in advance and an lite bit late Happy Sysadmin day -- Jacques Foucry From owner-freebsd-questions@freebsd.org Sun Aug 2 14:44:26 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 04B2C37F048 for ; Sun, 2 Aug 2020 14:44:26 +0000 (UTC) (envelope-from paul@gromit.dlib.vt.edu) Received: from gromit.dlib.vt.edu (gromit.dlib.vt.edu [128.173.49.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "gromit.dlib.vt.edu", Issuer "Chumby Certificate Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKP14527dz4Y5g for ; Sun, 2 Aug 2020 14:44:24 +0000 (UTC) (envelope-from paul@gromit.dlib.vt.edu) Received: from mather.gromit23.net (c-98-244-101-97.hsd1.va.comcast.net [98.244.101.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gromit.dlib.vt.edu (Postfix) with ESMTPSA id 518471D9; Sun, 2 Aug 2020 10:44:18 -0400 (EDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.15\)) Subject: poudriere check-sanity failed From: Paul Mather In-Reply-To: Date: Sun, 2 Aug 2020 10:44:17 -0400 Cc: Jacques Foucry Content-Transfer-Encoding: quoted-printable Message-Id: References: To: freebsd-questions@freebsd.org X-Mailer: Apple Mail (2.3445.104.15) X-Rspamd-Queue-Id: 4BKP14527dz4Y5g X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=fail reason="No valid SPF, No valid DKIM" header.from=vt.edu (policy=none); spf=none (mx1.freebsd.org: domain of paul@gromit.dlib.vt.edu has no SPF policy when checking 128.173.49.70) smtp.mailfrom=paul@gromit.dlib.vt.edu X-Spamd-Result: default: False [-0.53 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; NEURAL_HAM_LONG(-0.87)[-0.868]; TAGGED_RCPT(0.00)[freebsd]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_MEDIUM(-0.62)[-0.623]; NEURAL_SPAM_SHORT(0.47)[0.465]; RECEIVED_SPAMHAUS_PBL(0.00)[98.244.101.97:received]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2]; ASN(0.00)[asn:1312, ipnet:128.173.0.0/16, country:US]; RCVD_TLS_ALL(0.00)[]; DMARC_POLICY_SOFTFAIL(0.10)[vt.edu : No valid SPF, No valid DKIM,none] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 14:44:26 -0000 On Sun, 2 Aug 2020 11:03:42 +0200, Jacques Foucry = wrote: > Message: 6 > Date: Sun, 2 Aug 2020 11:03:42 +0200 > From: Jacques Foucry > To: freebsd-questions@freebsd.org > Subject: poudriere check-sanity failed > Message-ID: <20200802090342.GA24415@mithril> > Content-Type: text/plain; charset=3Dutf-8 >=20 > Hello friends, >=20 > This morning I launch the update of my poudriere's packages >=20 > ` poudriere bulk -j 12-1 -p 12-1 -f = /usr/local/etc/poudriere.d/12-1.lst > ` >=20 > And it faile on sqlite3 >=20 > `[00:00:56] Failed ports: databases/sqlite3:check-sanity` >=20 > and all packages depending of sqlite3 faile? too. >=20 >=20 > I did not find any comprehensive explainantion or solution. >=20 > As experiented admins, you should already have this issue and may a = solution. >=20 > What's your advices? This, indeed, also happened to me yesterday. To fix it, I looked in the = Poudriere build log for the databases/sqlite3 port (which you can = access, e.g., by the Web interface for the build). There, I saw this at = the end of the log file: =3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D> You cannot select multiple options from the RL radio =3D=3D=3D=3D=3D> Only one of these must be defined: READLINES LIBEDIT *** Error code 1 Stop. make: stopped in /usr/ports/databases/sqlite3 =3D>> Cleaning up wrkdir =3D=3D=3D> Cleaning for sqlite3-3.32.3_1,1 build of databases/sqlite3 | sqlite3-3.32.3_1,1 ended at Sat Aug 1 = 18:13:30 EDT 2020 build time: 00:00:01 !!! build failure encountered !!! =3D=3D=3D=3D=3D I assumed from this that a new option/default had been introduced. You = can fix this by invoking "poudriere options ..." to change the options, = or else update your option selections in the "...-make.conf" for the = jail. With the options fixed, the port built for me. Cheers, Paul.= From owner-freebsd-questions@freebsd.org Sun Aug 2 17:48:16 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0E86F3A37C1; Sun, 2 Aug 2020 17:48:16 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-qt1-x844.google.com (mail-qt1-x844.google.com [IPv6:2607:f8b0:4864:20::844]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKT5B1s5nz3Tw7; Sun, 2 Aug 2020 17:48:13 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-qt1-x844.google.com with SMTP id v22so20780226qtq.8; Sun, 02 Aug 2020 10:48:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:date:from:user-agent:mime-version:to:subject :content-transfer-encoding; bh=xwFe9guNwA1dGgL48tMXyF8rwowlvw2p6UvPFVpArMM=; b=QfMdyleWvQx1Jf8Rk9m88SCW2i4o1t1QUkCuwLVQRr45DyHs7iLAZg/ExJZPetu3nq TEQdu6PxM+ym9RplV9rR4Bgs5DBLFv1ahHJjcFSTYSKSuzucLYymUpSjHT/JYLYGga9K YGLsBCUQLbHe+nHLTDxbrVr6Kakesy+uIFaGvIQlUCRTYconMeqii4G+PV74moJ2fAz4 bl8AIralwVK/KcFJGjMw42nWobVE/pC/avwxfAWB+B7lyskUPsDtZnNKV+R1zJOxTy5V +hl9FhwZK22eWU/2hY3g7AoHTiJey8Y/cV10F3iaCGmZtY/YT1lAwdgIaGixoc+n34qB DZFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:content-transfer-encoding; bh=xwFe9guNwA1dGgL48tMXyF8rwowlvw2p6UvPFVpArMM=; b=ZnRxHF3QBd/WNv5Zlju/rcZKQ/ujMx7/RS1bDdp4qlDLpInGA/K3n9T8U1XQ8ZfZyt TEkA3n5nRglrLumQ+CSe9FdUKfLo2L80mrzNDssg+iVhO8ZyoN0MoaZgkRemPNlBLH19 tsPkMvz1qBVJMzIcjXlTY8WZeSddaln34aXS4CPk/MAMmubGZo/m1HIu0Nter1PZ8SVy zKU/kzLBQBAW0HRru0G/xWDxhB6RLbrA257fcPRYaMaTh2eiZqRxOpl4MzxuJcTYQa7W EHlqByWn5BEBd5EaJHdzCfhMNZnPBQJsoYwBNrzQccxHiWnS4VkFc+mMykddmqj7XKJE Z0aQ== X-Gm-Message-State: AOAM530IbLQwSg0Z7vW7ecuPO7T4v7X99Lr5OSudo11X2nbR51y+sUtM Nhb3ODOVngIb4lLMatw3vYAGR5MH X-Google-Smtp-Source: ABdhPJz4MyCz1Pk/dMBtybrKZqzAzVVeWYA9UcJzmdHh8K+hYYa9Ri+LKyRlEOA+h56oqkBS2hkziw== X-Received: by 2002:ac8:7383:: with SMTP id t3mr13020575qtp.160.1596390492663; Sun, 02 Aug 2020 10:48:12 -0700 (PDT) Received: from [10.0.10.8] (cpe-65-25-51-0.neo.res.rr.com. [65.25.51.0]) by smtp.googlemail.com with ESMTPSA id c205sm18018744qkg.98.2020.08.02.10.48.11 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 02 Aug 2020 10:48:11 -0700 (PDT) Message-ID: <5F26FC5B.6030706@gmail.com> Date: Sun, 02 Aug 2020 13:48:11 -0400 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: "freebsd-questions@freebsd.org" , freebsd-jail@FreeBSD.org Subject: jail(8) bug with vnet & non-vnet jails running at same time? Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4BKT5B1s5nz3Tw7 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=QfMdyleW; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of luzar722@gmail.com designates 2607:f8b0:4864:20::844 as permitted sender) smtp.mailfrom=luzar722@gmail.com X-Spamd-Result: default: False [-2.46 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.53)[-0.534]; RECEIVED_SPAMHAUS_PBL(0.00)[65.25.51.0:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.97)[-0.971]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.96)[-0.959]; MIME_GOOD(-0.10)[text/plain]; SUBJECT_ENDS_QUESTION(1.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::844:from]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 17:48:16 -0000 Hello list; Please review configuration looking for something I may have missed. Hopping someone can suggest something that will change the behavior eliminating the problem. Equipment. Real hardware, 12.1 release, amd64 dual cpu. Description; non-vnet jails and vnet jails using the bridge/epair method can ping the public internet when only non-vnet jails are started at a time or when only vnet jails are started at a time. But when both non-vnet jails and vnet jails are started together then neither one can ping the public internet. The order of the jails definitions in the jail.conf file has no effect on changing what is happening. Bug description: When non-vnet jails are started their ip addresses are added to the NIC facing the public AFTER the public ip address and the non-vnet jail has access to the public internet. But when both non-vnet jails and vnet jails are started at the same time then the non-vnet jails ip addresses gets added before the public ip address of the NIC facing the public internet causing the host to lose all access to the public internet. This seems to be a jail(8) bug. It makes no difference which command method is used to start and stop the jails. Service jail onestart jailname or jail –cv jailname The following is a capture of the command sequence showing this bug. Follow the re0 NIC public ip address xx.25.51.0 in the ifconfig -a listing. Before any jails are started. /root >ifconfig -a snip ... re0: flags=8943 metric 0 mtu 1500 options=8209b ether 50:3e:aa:06:11:22 inet xx.25.51.0 netmask 0xfffff000 broadcast 255.255.255.255 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 bridge0: flags=8843 metric 0 mtu 1500 ether 02:3e:ba:a7:58:00 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: re0 flags=143 ifmaxaddr 0 port 2 priority 128 path cost 20000 groups: bridge nd6 options=1 /root >cat /etc/jail.conf # non-vnet jail zdir20 { host.hostname = "zdir20"; path = "/usr/jails/zdir20"; mount.fstab = "/usr/local/etc/fstab/zdir20"; exec.consolelog = "/var/log/zdir20.console.log"; mount.devfs; ip4.addr = 10.0.22.5; interface = "re0"; allow.raw_sockets; devfs_ruleset = "4"; exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; } # vnet jail using the bridge/epair method v0jail1 { host.hostname = "v0jail1"; path = "/usr/jails/v0jail1"; mount.fstab = "/usr/local/etc/fstab/v0jail1"; exec.consolelog = "/var/log/v0jail1.console.log"; mount.devfs; devfs_ruleset = "4"; vnet = "new"; vnet.interface = "epair55b"; exec.prestart = "ifconfig epair55 create up"; exec.prestart += "ifconfig bridge0 addm epair55a"; exec.prestart += "ifconfig epair55a descr vnet-v0jail1"; exec.prestart += "ifconfig bridge0 inet 10.0.48.2 netmask 255.255.255.0 alias"; exec.start = "/bin/sh /etc/rc"; exec.start += "ifconfig epair55b inet 10.0.48.1 netmask 255.255.255.0"; exec.start += "route add default 10.0.48.2"; exec.prestop = "ifconfig epair55b -vnet v0jail1"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.poststop = "ifconfig bridge0 deletem epair55a"; exec.poststop += "sleep 2"; exec.poststop += "ifconfig epair55a destroy"; exec.poststop += "ifconfig bridge0 inet 10.0.48.2 -alias"; } /root >jls JID IP Address Hostname Path # start only the non-vnet jail /root >service jail onestart zdir20 Starting jails: zdir20. /root >jls JID IP Address Hostname Path 18 10.0.22.5 zdir20 /usr/jails/zdir20 # Take notice that the non-vnet jails ip address follows the nic’s # public ip address. /root >ifconfig -a re0: flags=8943 metric 0 mtu 1500 options=8209b ether 50:3e:aa:06:11:22 inet xx.25.51.0 netmask 0xfffff000 broadcast 255.255.255.255 inet 10.0.22.5 netmask 0xffffffff broadcast 10.0.22.5 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 bridge0: flags=8843 metric 0 mtu 1500 ether 02:3e:ba:a7:58:00 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: re0 flags=143 ifmaxaddr 0 port 2 priority 128 path cost 20000 groups: bridge nd6 options=1 # login to the non-vnet jail and ping the public /root >jexec zdir20 login -f root Last login: Sun Aug 2 11:30:40 on pts/0 FreeBSD 12.1-RELEASE-p6 GENERIC Welcome to your FreeBSD jail. zdir20 /root > zdir20 /root >ping -c 2 freebsd.org PING freebsd.org (96.47.72.84): 56 data bytes 64 bytes from 96.47.72.84: icmp_seq=0 ttl=48 time=44.426 ms 64 bytes from 96.47.72.84: icmp_seq=1 ttl=48 time=44.481 ms --- freebsd.org ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 44.426/44.453/44.481/0.027 ms zdir20 /root >exit logout # stop the non-vnet jail and show that the network is back to # starting condition. /root >service jail onestop zdir20 Stopping jails: zdir20. /root >jls JID IP Address Hostname Path /root >ifconfig -a re0: flags=8943 metric 0 mtu 1500 options=8209b ether 50:3e:aa:06:11:22 inet xx.25.51.0 netmask 0xfffff000 broadcast 255.255.255.255 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 bridge0: flags=8843 metric 0 mtu 1500 ether 02:3e:ba:a7:58:00 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: re0 flags=143 ifmaxaddr 0 port 2 priority 128 path cost 20000 groups: bridge nd6 options=1 # start only the vnet jail and see the bridge0 /root >service jail onestart v0jail1 Starting jails: v0jail1. /root >jls JID IP Address Hostname Path 19 v0jail1 /usr/jails/v0jail1 /root >ifconfig -a re0: flags=8943 metric 0 mtu 1500 options=82099 ether 50:3e:aa:06:11:22 inet xx.25.51.0 netmask 0xfffff000 broadcast 255.255.255.255 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 bridge0: flags=8843 metric 0 mtu 1500 ether 02:3e:ba:a7:58:00 inet 10.0.48.2 netmask 0xffffff00 broadcast 10.0.48.255 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: epair55a flags=143 ifmaxaddr 0 port 5 priority 128 path cost 2000 member: re0 flags=143 ifmaxaddr 0 port 2 priority 128 path cost 20000 groups: bridge nd6 options=1 epair55a: flags=8943 metric 0 mtu 1500 description: vnet-v0jail1 options=8 ether 02:eb:be:f5:15:0a inet6 fe80::eb:beff:fef5:150a%epair55a prefixlen 64 scopeid 0x5 groups: epair media: Ethernet 10Gbase-T (10Gbase-T ) status: active nd6 options=21 # login to the vnet jail and ping the public internet. /root >jexec v0jail1 login -f root Last login: Sun Aug 2 11:29:41 on pts/0 FreeBSD 12.1-RELEASE-p6 GENERIC Welcome to your FreeBSD jail. v0jail1 /root >ping -c 2 freebsd.org PING freebsd.org (96.47.72.84): 56 data bytes 64 bytes from 96.47.72.84: icmp_seq=0 ttl=47 time=46.745 ms 64 bytes from 96.47.72.84: icmp_seq=1 ttl=47 time=43.930 ms --- freebsd.org ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 43.930/45.337/46.745/1.407 ms v0jail1 /root >exit logout # close the vnet jail and return to starting condition. /root >service jail onestop v0jail1 Stopping jails: v0jail1. /root >jls JID IP Address Hostname Path /root >ifconfig -a re0: flags=8943 metric 0 mtu 1500 options=8209b ether 50:3e:aa:06:11:22 inet xx.25.51.0 netmask 0xfffff000 broadcast 255.255.255.255 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 bridge0: flags=8843 metric 0 mtu 1500 ether 02:3e:ba:a7:58:00 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: re0 flags=143 ifmaxaddr 0 port 2 priority 128 path cost 20000 groups: bridge nd6 options=1 # Start both the non-vnet jail and the vnet jail together. /root >service jail onestart Starting jails: zdir20 v0jail1. # login to the non-vnet jail and it has no public access. /root >jexec zdir20 login -f root [K Last login: Sun Aug 2 11:36:34 on pts/0 FreeBSD 12.1-RELEASE-p6 GENERIC Welcome to your FreeBSD jail. zdir20 /root >ping -c 2 freebsd.org ping: cannot resolve freebsd.org: Host name lookup failure zdir20 /root >exit logout # login to the vnet jail and it has no public access. /root >jexec v0jail1 login -f root Last login: Sun Aug 2 11:38:56 on pts/0 FreeBSD 12.1-RELEASE-p6 GENERIC Welcome to your FreeBSD jail. v0jail1 /root >ping -c 2 freebsd.org ping: cannot resolve freebsd.org: Host name lookup failure v0jail1 /root >exit logout /root >jls JID IP Address Hostname Path 20 10.0.22.5 zdir20 /usr/jails/zdir20 21 v0jail1 /usr/jails/v0jail1 # Here is the bug. See that the non-vnet jail ip address comes before the # public address causing the host to lose access to the public internet. /root >ifconfig -a re0: flags=8943 metric 0 mtu 1500 options=82099 ether 50:3e:aa:06:11:22 inet 10.0.22.5 netmask 0xffffffff broadcast 10.0.22.5 inet xx.25.51.0 netmask 0xfffff000 broadcast 255.255.255.255 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 bridge0: flags=8843 metric 0 mtu 1500 ether 02:3e:ba:a7:58:00 inet 10.0.48.2 netmask 0xffffff00 broadcast 10.0.48.255 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: epair55a flags=143 ifmaxaddr 0 port 5 priority 128 path cost 2000 member: re0 flags=143 ifmaxaddr 0 port 2 priority 128 path cost 20000 groups: bridge nd6 options=1 epair55a: flags=8943 metric 0 mtu 1500 description: vnet-v0jail1 options=8 ether 02:77:b8:5f:e4:0a inet6 fe80::77:b8ff:fe5f:e40a%epair55a prefixlen 64 scopeid 0x5 groups: epair media: Ethernet 10Gbase-T (10Gbase-T ) status: active nd6 options=21 # stop both jails and return to starting condition. /root >service jail onestop Stopping jails: zdir20 v0jail1. /root >jls JID IP Address Hostname Path /root >ifconfig -a re0: flags=8943 metric 0 mtu 1500 options=8209b ether 50:3e:aa:06:11:22 inet xx.25.51.0 netmask 0xfffff000 broadcast 255.255.255.255 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 bridge0: flags=8843 metric 0 mtu 1500 ether 02:3e:ba:a7:58:00 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: re0 flags=143 ifmaxaddr 0 port 2 priority 128 path cost 20000 groups: bridge nd6 options=1 From owner-freebsd-questions@freebsd.org Sun Aug 2 17:55:37 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C75BF3A36F5; Sun, 2 Aug 2020 17:55:37 +0000 (UTC) (envelope-from dan@langille.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKTFh1JDpz3V1Y; Sun, 2 Aug 2020 17:55:32 +0000 (UTC) (envelope-from dan@langille.org) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 8F16F5C00B9; Sun, 2 Aug 2020 13:55:32 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Sun, 02 Aug 2020 13:55:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=langille.org; h= content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=fm1; bh=0 +fFF6R0a9eR9HEYhklm8fqCysHrqAfHpioJdqOLj4Y=; b=UD4OsdWupSbNPX6SQ rY6hwmsUAwaErZU1gsEavpNGMo7/N3o60cEFm4gG3nlH8zCZMgwouAPlP613cM/o 33D1bZiY/R7SkAzfScDiPZkpyYlCvviYSf+s4qFGwwOOxsjnbAB5Y9LoTUezldon BF6QwfvbFmpGyoxJ+32Y60NIBXIlR+rXOLoX0YzaBkCQ49Z3ny6IOSZhK4nGJDT1 3twNBWL+Ov5pPN4vsYwtTMWKfazvoTbiBBA7MridncnuIkJ5MrUejYQNU3erzQVc ZBPcj2lW6l8DnkrVeYa4KlhL4QlaqKoZlUO124WrUUM3AxuBARhhROQNbWttWg8s Mj2DQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=0+fFF6R0a9eR9HEYhklm8fqCysHrqAfHpioJdqOLj 4Y=; b=tVMzG8+zJw8RouBHeMBvZOPb3QUIgCY4gPNAGzCsrw+TV3HacX66DSGeX cY8O7/Sxx3s8LpRngZ4OUVwz+Xs1XgGFmpPpIi0BtZu9enYV3NKZmEIRPSfJ7iKN Sk8yts/xecd67q6Gksu/uCOJR/JBx7FRs+FwQ3zlue6P8EVa4YoeS2Iu/FlsevPo KB361To0o3iXcxQILFeWEbbSaGTb0z8DMUDHzTgK0QOpSj9nDoJhwATPofgZgerW hhIYge/P33u2UEelHZvwWxlIUSp1SB5Al9wUmjUBR+DLmuuSdWnt1ytPpO8iVCn8 u8CUp1EGVcBj8JtwrEY88IhRLE9xA== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedrjedvgdduvdduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurheptggguffhjgffgffkfhfvofesthhqmhdthhdtjeenucfhrhhomhepffgrnhcu nfgrnhhgihhllhgvuceouggrnheslhgrnhhgihhllhgvrdhorhhgqeenucggtffrrghtth gvrhhnpeevvdfgveeugeffieduhfetffduvdffkedtleejteegleduffevhfefkeehgedv veenucffohhmrghinhepthifihhtthgvrhdrtghomhenucfkphepuddtkedrfeeirdelhe druddtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhep uggrnheslhgrnhhgihhllhgvrdhorhhg X-ME-Proxy: Received: from air01.wifi.int.unixathome.org (pool-108-36-95-10.phlapa.fios.verizon.net [108.36.95.10]) by mail.messagingengine.com (Postfix) with ESMTPA id 2604D3280059; Sun, 2 Aug 2020 13:55:32 -0400 (EDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\)) Subject: Re: jail(8) bug with vnet & non-vnet jails running at same time? From: Dan Langille In-Reply-To: <5F26FC5B.6030706@gmail.com> Date: Sun, 2 Aug 2020 13:55:31 -0400 Cc: "freebsd-questions@freebsd.org" , "freebsd-jail@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: References: <5F26FC5B.6030706@gmail.com> To: Ernie Luzar X-Mailer: Apple Mail (2.3608.120.23.2.1) X-Rspamd-Queue-Id: 4BKTFh1JDpz3V1Y X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=langille.org header.s=fm1 header.b=UD4OsdWu; dkim=pass header.d=messagingengine.com header.s=fm3 header.b=tVMzG8+z; dmarc=pass (policy=none) header.from=langille.org; spf=pass (mx1.freebsd.org: domain of dan@langille.org designates 66.111.4.25 as permitted sender) smtp.mailfrom=dan@langille.org X-Spamd-Result: default: False [-2.97 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.25]; RWL_MAILSPIKE_GOOD(0.00)[66.111.4.25:from]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[langille.org:+,messagingengine.com:+]; DMARC_POLICY_ALLOW(-0.50)[langille.org,none]; NEURAL_HAM_SHORT(-1.45)[-1.449]; FREEMAIL_TO(0.00)[gmail.com]; RECEIVED_SPAMHAUS_PBL(0.00)[108.36.95.10:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; SUBJECT_ENDS_QUESTION(1.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.25:from]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.002]; R_DKIM_ALLOW(-0.20)[langille.org:s=fm1,messagingengine.com:s=fm3]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-0.92)[-0.922]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 17:55:37 -0000 > On Aug 2, 2020, at 1:48 PM, Ernie Luzar wrote: >=20 > Hello list; > Please review configuration looking for something I may have missed. = Hopping someone can suggest something that will change the behavior = eliminating the problem. >=20 >=20 > Equipment. Real hardware, 12.1 release, amd64 dual cpu. >=20 > Description; > non-vnet jails and vnet jails using the bridge/epair method can ping = the public internet when only non-vnet jails are started at a time or = when only vnet jails are started at a time. But when both non-vnet jails = and vnet jails are started together then neither one can ping the public = internet. The order of the jails definitions in the jail.conf file has = no effect on changing what is happening. >=20 > Bug description: > When non-vnet jails are started their ip addresses are added to the = NIC facing the public AFTER the public ip address and the non-vnet jail = has access to the public internet. But when both non-vnet jails and vnet = jails are started at the same time then the non-vnet jails ip addresses = gets added before the public ip address of the NIC facing the public = internet causing the host to lose all access to the public internet. = This seems to be a jail(8) bug. >=20 > It makes no difference which command method is used to start and stop = the jails. > Service jail onestart jailname or jail =E2=80=93cv jailname This may be related to my twitter rant about vnet problems in my own = jails: https://twitter.com/DLangille/status/1289944047763693569 The symptoms you describe to similar to my own. I cannot access ports = on jails on the same host, but I can access ports on other hosts. --=20 Dan Langille - BSDCan / PGCon dan@langille.org From owner-freebsd-questions@freebsd.org Sun Aug 2 18:25:31 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 81D423A4890 for ; Sun, 2 Aug 2020 18:25:31 +0000 (UTC) (envelope-from jacques+freebsd@foucry.net) Received: from mail.foucry.net (fournil.foucry.net [95.217.83.231]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKTwB2rntz3XFX for ; Sun, 2 Aug 2020 18:25:30 +0000 (UTC) (envelope-from jacques+freebsd@foucry.net) Received: from mithril.localdomain (2a01cb0400bb09004aa472fffe9e65a1.ipv6.abo.wanadoo.fr [IPv6:2a01:cb04:bb:900:4aa4:72ff:fe9e:65a1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.foucry.net (Postfix) with ESMTPSA id 2B0D11C1CC for ; Sun, 2 Aug 2020 18:25:28 +0000 (UTC) Received: from mithril (localhost [IPv6:::1]) by mithril.localdomain (Postfix) with ESMTP id 46C791314E for ; Sun, 2 Aug 2020 20:25:27 +0200 (CEST) Date: Sun, 2 Aug 2020 20:25:27 +0200 From: Jacques Foucry To: freebsd-questions@freebsd.org Subject: Re: poudriere check-sanity failed Message-ID: <20200802182527.GC17267@mithril> Mail-Followup-To: freebsd-questions@freebsd.org References: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Rspamd-Queue-Id: 4BKTwB2rntz3XFX X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=foucry.net; spf=pass (mx1.freebsd.org: domain of jacques@foucry.net designates 95.217.83.231 as permitted sender) smtp.mailfrom=jacques@foucry.net X-Spamd-Result: default: False [-2.84 / 15.00]; RCVD_TLS_LAST(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.986]; RCVD_COUNT_THREE(0.00)[3]; MID_RHS_NOT_FQDN(0.50)[]; NEURAL_HAM_SHORT(-0.56)[-0.560]; DMARC_POLICY_ALLOW(-0.50)[foucry.net,none]; NEURAL_HAM_MEDIUM(-1.00)[-0.996]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:95.217.0.0/16, country:DE]; TAGGED_FROM(0.00)[freebsd] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 18:25:31 -0000 Le dimanche 02 août 2020 à 10:44:17 (-0400), Paul Mather à écrit: > On Sun, 2 Aug 2020 11:03:42 +0200, Jacques Foucry wrote: > > > Message: 6 > > Date: Sun, 2 Aug 2020 11:03:42 +0200 > > From: Jacques Foucry > > To: freebsd-questions@freebsd.org > > Subject: poudriere check-sanity failed > > Message-ID: <20200802090342.GA24415@mithril> > > Content-Type: text/plain; charset=utf-8 > > > > Hello friends, > > > > This morning I launch the update of my poudriere's packages > > > > ` poudriere bulk -j 12-1 -p 12-1 -f /usr/local/etc/poudriere.d/12-1.lst > > ` > > > > And it faile on sqlite3 > > > > `[00:00:56] Failed ports: databases/sqlite3:check-sanity` > > > > and all packages depending of sqlite3 faile? too. > > > > > > I did not find any comprehensive explainantion or solution. > > > > As experiented admins, you should already have this issue and may a solution. > > > > What's your advices? > > > This, indeed, also happened to me yesterday. To fix it, I looked in the Poudriere build log for the databases/sqlite3 port (which you can access, e.g., by the Web interface for the build). There, I saw this at the end of the log file: > > ===== > =================================================== > ====> You cannot select multiple options from the RL radio > =====> Only one of these must be defined: READLINES LIBEDIT > *** Error code 1 > > Stop. > make: stopped in /usr/ports/databases/sqlite3 > =>> Cleaning up wrkdir > ===> Cleaning for sqlite3-3.32.3_1,1 > build of databases/sqlite3 | sqlite3-3.32.3_1,1 ended at Sat Aug 1 18:13:30 EDT 2020 > build time: 00:00:01 > !!! build failure encountered !!! > ===== > > I assumed from this that a new option/default had been introduced. You can fix this by invoking "poudriere options ..." to change the options, or else update your option selections in the "...-make.conf" for the jail. > > With the options fixed, the port built for me. It works \o/ Thank you Paul. I must have the reflex to look at the log. Bloddy mind. Take care. -- Jacques Foucry From owner-freebsd-questions@freebsd.org Sun Aug 2 18:49:35 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7DC443A49E6 for ; Sun, 2 Aug 2020 18:49:35 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKVRy0vkVz3YQp for ; Sun, 2 Aug 2020 18:49:33 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: by mail-il1-x12b.google.com with SMTP id t18so29403001ilh.2 for ; Sun, 02 Aug 2020 11:49:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=ZPuioIoqXgpFH2Lp2tQoBoxV96w6ZTysiarN/TR7TGE=; b=ZHUzSxIZodXoFEFLikyhHQ+Utf8/i/AvpjCSwxjDYcxsuFzzmdy/unCivVLphqnvHe /F4UeIm37cveo0dShHYPUim876OaIXhnXIgHhJJawm2FmyTkJpjyCwcQ4efGNUsImrXB /Bv7zkmejDJX0V4BS4Ncr+nZC7mbSaXP7tg122TLAGLpETdkGRWOD3Pe3/5TvQlqip1j 9WQphTnjuN1xxAFXwVqXjNngGo7IypMJg1J7tYKYGlWJiev0++7JoGWBbsfgYKRvnEiG NCsqNX6B1z6w+zoghP32TQcQ7CQHsn8OyCUEbwLR2YEipH/18JghX79dVkXYIz0sLdbT s7BQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=ZPuioIoqXgpFH2Lp2tQoBoxV96w6ZTysiarN/TR7TGE=; b=dps8tITERBMW56FcDNf3kqMPRC5dkE3Rrp4cDoKXd0t3F/vga98Nt2gg2S+yOi3BUd H9j4915YhH62/bkto1HO7rHQ8qyks8JVAyqt6KTW4CLqIwKe1pgGDXUWVMsJozWRB+K2 BzFNvTmJ1WS5qPTzI3XlvuCh/YwUpgnaRQLuRbA8P4j9Vq3waU65b9ZRyWM99b7CiPq5 TPMo2kTnT94jVuhMT4EPPs8Umg+5riN0uyPwMJcNZpdI9e2AiGFlsTcrxCWkqRAW6tkE +5nPESPQViY/B5MELXMm4ByOZ9QneADGs8qILxalwtK2sh51Mv9WPnk9XF7GzyEtBZRf ZnuA== X-Gm-Message-State: AOAM5308iL5A7dL6d13NFsOv02NoVqnNjVMjYAziPjjHzkjzDzN63+AH LMGM0zhERk+xAN3ol8lGXMOIKZFynoDXvVO+y8APRQwWBIk= X-Google-Smtp-Source: ABdhPJxZuWUHyE7mi+no3rc0WjQ0SIbqY/mkOCp+L3j9mhCwUzHBe6V5ewJr5yMCQP1hjMCnV66242NxL60eCuvjdpI= X-Received: by 2002:a92:1814:: with SMTP id 20mr14537946ily.81.1596394172596; Sun, 02 Aug 2020 11:49:32 -0700 (PDT) MIME-Version: 1.0 From: Aryeh Friedman Date: Sun, 2 Aug 2020 14:49:21 -0400 Message-ID: Subject: Best way to force net/pptpclient to stay connected? To: FreeBSD Mailing List X-Rspamd-Queue-Id: 4BKVRy0vkVz3YQp X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=ZHUzSxIZ; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of aryehfriedman@gmail.com designates 2607:f8b0:4864:20::12b as permitted sender) smtp.mailfrom=aryehfriedman@gmail.com X-Spamd-Result: default: False [-0.29 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; URI_COUNT_ODD(1.00)[1]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.27)[-0.271]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.01)[-1.005]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.01)[-1.014]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::12b:from]; HTTP_TO_IP(1.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 18:49:35 -0000 My hosting company is worse than useless after repeated attempts to make my VPN connection to them never timeout/disconnect it does so randomly after a few hours of being connected. After a fair amount of research I have been able to length this from a few mins to a few hours but I am out of ideas now and short of writing reset on no ping shell script or the equiv and having it run all the time is there any other tricks I can try. Here is my /etc/ppp.conf: default: set log phase chat lcp ipcp ccp tun command set authname XXX set authkey XXX set timeout 0 set mppe 128 add 10.31.10.0/24 HISADDR enable lqr echo # set lqrperiod 45 set ifaddr 0 0 nat enable yes Here is command line I use to invoke it: /usr/local/sbin/pptp --nobuffer --loglevel 2 [vpn server IP goes here] & -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org From owner-freebsd-questions@freebsd.org Sun Aug 2 18:49:59 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 46F353A4DBD; Sun, 2 Aug 2020 18:49:59 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKVSQ36nvz3YFw; Sun, 2 Aug 2020 18:49:58 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-qt1-x832.google.com with SMTP id o22so26522124qtt.13; Sun, 02 Aug 2020 11:49:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-transfer-encoding; bh=Ve9f5UlQyqCWclV7CQngHZ6H5aIprjMzlJuvaTmaQlQ=; b=NWQNJrUwaxnOCScKatUa/jX7dBL8jQgqsVXo62J4WCI0bP6OrkkAHrsVJXujhqpFPq dM16X9qEh6ZuBa0hybgRdIaYrdEriz591gkb7OgQjpOjiadKyXtyEJuN37nOe+X8LAf1 MDB8LT2nIOcmciMX5HfEO4ihROmgGychFEaf7JVtHz8x8b6TU87olBaL0S5IxcnlHsH1 yZ+hBPVXitKNNht2RfvMbk0URvWJe+Q8bf3Kl8/68X0kTDekB2JCVALhYfmY7hfYFOgw k7aNwo2+yvJNrnpvSuo8NWdZy7KKKY2RZ2pPztCDcStKM1mWOa8dwjUZgGK1UZMgnGjp ZCmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-transfer-encoding; bh=Ve9f5UlQyqCWclV7CQngHZ6H5aIprjMzlJuvaTmaQlQ=; b=XEgu+tsGHKxsfPrv+CmzNSeKxCjmpP0EeMTJaVuLbAb7RGjSk94WWlFP4SNoxYl/2d 23LThYBjMRtr0RDF0qdQohKlKO1J+7tSsFapuNZTBEe37OgrcSmhpNBVvz+MXZyqc3+E HsHOPvMftpIBabmnsp0uU+b3c/gejaQQ30Zy0LwA0zs8g9p4dydjF6GhG+r/qR3wemEp QLNber0sXWkYf/JL7++jQPRFkboQM6Nasw4ReoRCs6FO38m69z4JFiViiNqs/o/mYsur z/WCgMaJg6DyG19Ck78n+egK6sgoqMwi71g0Z/a6HQL9a8QtFJ6WCp1PlQgoEWRsIYvR GilA== X-Gm-Message-State: AOAM5304xvLHlvWCazaUV2ZqTqG5yjQyMbuvFLdphLPYC53TvC+V3E/c N5jfuq5dh4D+P70/divsNXBJKdnQ X-Google-Smtp-Source: ABdhPJzjq10UVHqSphdNALvJPaFegfKKNaaJkvPaj2V2kdGQGIennpQqVbGVQGuU7SNdauFT/45QzA== X-Received: by 2002:ac8:7c8d:: with SMTP id y13mr13409740qtv.387.1596394197304; Sun, 02 Aug 2020 11:49:57 -0700 (PDT) Received: from [10.0.10.8] (cpe-65-25-51-0.neo.res.rr.com. [65.25.51.0]) by smtp.googlemail.com with ESMTPSA id c33sm19653756qtk.40.2020.08.02.11.49.56 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 02 Aug 2020 11:49:56 -0700 (PDT) Message-ID: <5F270AD4.8080001@gmail.com> Date: Sun, 02 Aug 2020 14:49:56 -0400 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: Dan Langille CC: "freebsd-questions@freebsd.org" , "freebsd-jail@freebsd.org" Subject: Re: jail(8) bug with vnet & non-vnet jails running at same time? References: <5F26FC5B.6030706@gmail.com> In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4BKVSQ36nvz3YFw X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=NWQNJrUw; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of luzar722@gmail.com designates 2607:f8b0:4864:20::832 as permitted sender) smtp.mailfrom=luzar722@gmail.com X-Spamd-Result: default: False [-2.46 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.52)[-0.521]; RECEIVED_SPAMHAUS_PBL(0.00)[65.25.51.0:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.98)[-0.983]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-0.95)[-0.952]; MIME_GOOD(-0.10)[text/plain]; SUBJECT_ENDS_QUESTION(1.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::832:from]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 18:49:59 -0000 Dan Langille wrote: >> On Aug 2, 2020, at 1:48 PM, Ernie Luzar wrote: >> >> Hello list; >> Please review configuration looking for something I may have missed. Hopping someone can suggest something that will change the behavior eliminating the problem. >> >> >> Equipment. Real hardware, 12.1 release, amd64 dual cpu. >> >> Description; >> non-vnet jails and vnet jails using the bridge/epair method can ping the public internet when only non-vnet jails are started at a time or when only vnet jails are started at a time. But when both non-vnet jails and vnet jails are started together then neither one can ping the public internet. The order of the jails definitions in the jail.conf file has no effect on changing what is happening. >> >> Bug description: >> When non-vnet jails are started their ip addresses are added to the NIC facing the public AFTER the public ip address and the non-vnet jail has access to the public internet. But when both non-vnet jails and vnet jails are started at the same time then the non-vnet jails ip addresses gets added before the public ip address of the NIC facing the public internet causing the host to lose all access to the public internet. This seems to be a jail(8) bug. >> >> It makes no difference which command method is used to start and stop the jails. >> Service jail onestart jailname or jail –cv jailname > > This may be related to my twitter rant about vnet problems in my own jails: > > https://twitter.com/DLangille/status/1289944047763693569 > > The symptoms you describe to similar to my own. I cannot access ports on jails on the same host, but I can access ports on other hosts. > Your twitter posts are all pf firewall related. From what I can tell you are using local only vnet jails and want to talk between them. Do you have any non-vnet jails running on the host where the 2 vnet jails are running? Do you have any local only vnet jails working on any other systems? To me knowledge there is only 1 way to have local only vnet jails to talk to each other. Do not assign ip address to epairXa or to the bridge. Only assign an ip address to epairXb the interface in the vnet jail. All the vnet jails you want to be local only have to be members on the same bridge. From owner-freebsd-questions@freebsd.org Sun Aug 2 19:19:01 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 345383A518E; Sun, 2 Aug 2020 19:19:01 +0000 (UTC) (envelope-from dan@langille.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKW5w3FVfz3ZlF; Sun, 2 Aug 2020 19:19:00 +0000 (UTC) (envelope-from dan@langille.org) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id C54F55C0113; Sun, 2 Aug 2020 15:18:59 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Sun, 02 Aug 2020 15:18:59 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=langille.org; h= content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=fm1; bh=6 0tPHlhGipLqhlriBCG12YoArhP0+M3aQnPe0rKBmFU=; b=n6VoBWM6hEq4j6HXX ZrXEnlzQ0xn6utnuthaRNkPQDZzrn7kJ2OfDN9Vgj3mxcxnhhNEnQp4SSXz2vE7T x256XlUFJ0JgHz5t25YOhwxt5gb9W7sJwmgkBvwCcLHwEJZZu1oU+EczdEJgnAH/ ZC/fWgkc9lNMvUAIrM9pO7k9BtwDrmJ05LO4mdAhPPSprT2WMbOWLVX2wpQsIl3N 2IM3TS1CLH8/xYjElTsfhgJoIG+IduDDIesNK6rgQq3LK4+SW4QEw9nWdA/Ll5m9 fKc6tBUBefpYDpZfz3EfjNdDFmZL0v43Y4qq1mSL06KF99OBIF3pVjtvAxY2ELtr +mxHA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=60tPHlhGipLqhlriBCG12YoArhP0+M3aQnPe0rKBm FU=; b=QlEiGkan5Qh9n+Mf4DBoTJbAY6/7yLmvMZrRwrxH0x0WxtZfUnuCYqTWg 4TTzunvmCmC6wKk2jREw3o7UvIe0+DKIr6ZMdJx+WVxBLDdMXZYO8jYITrmiJZh+ WxMd2fjVplzEJMhg/Ut/hX9/6lI1EpDqosh8X8RROPrcjMsW7E2PgnMMeY2AtBs0 +pN2xo1RycvftUK5kYWZ4aiPKggf/WtE5PGDYE9Q+8EskZYDvgkd5OtkBlEMp1jy 9ltN3KDTXGVHh+5yYsgQdJR5/WY3MdM3eNOYZkcEIRnLjqa0B+i8XFYSCZ5qFot4 +KfhB+Lqf8oVrDLpH2oJKVFU4loYg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedrjedvgddufeelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurheptggguffhjgffgffkfhfvofesthhqmhdthhdtjeenucfhrhhomhepffgrnhcu nfgrnhhgihhllhgvuceouggrnheslhgrnhhgihhllhgvrdhorhhgqeenucggtffrrghtth gvrhhnpeevvdfgveeugeffieduhfetffduvdffkedtleejteegleduffevhfefkeehgedv veenucffohhmrghinhepthifihhtthgvrhdrtghomhenucfkphepuddtkedrfeeirdelhe druddtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhep uggrnheslhgrnhhgihhllhgvrdhorhhg X-ME-Proxy: Received: from air01.wifi.int.unixathome.org (pool-108-36-95-10.phlapa.fios.verizon.net [108.36.95.10]) by mail.messagingengine.com (Postfix) with ESMTPA id 73EE13060067; Sun, 2 Aug 2020 15:18:59 -0400 (EDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\)) Subject: Re: jail(8) bug with vnet & non-vnet jails running at same time? From: Dan Langille In-Reply-To: <5F270AD4.8080001@gmail.com> Date: Sun, 2 Aug 2020 15:18:58 -0400 Cc: "freebsd-questions@freebsd.org" , "freebsd-jail@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: <01D7BB67-FCC8-4896-8E02-0C26CF6036CC@langille.org> References: <5F26FC5B.6030706@gmail.com> <5F270AD4.8080001@gmail.com> To: Ernie Luzar X-Mailer: Apple Mail (2.3608.120.23.2.1) X-Rspamd-Queue-Id: 4BKW5w3FVfz3ZlF X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=langille.org header.s=fm1 header.b=n6VoBWM6; dkim=pass header.d=messagingengine.com header.s=fm3 header.b=QlEiGkan; dmarc=pass (policy=none) header.from=langille.org; spf=pass (mx1.freebsd.org: domain of dan@langille.org designates 66.111.4.25 as permitted sender) smtp.mailfrom=dan@langille.org X-Spamd-Result: default: False [-2.87 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.25]; RWL_MAILSPIKE_GOOD(0.00)[66.111.4.25:from]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[langille.org:+,messagingengine.com:+]; DMARC_POLICY_ALLOW(-0.50)[langille.org,none]; NEURAL_HAM_SHORT(-1.35)[-1.350]; FREEMAIL_TO(0.00)[gmail.com]; RECEIVED_SPAMHAUS_PBL(0.00)[108.36.95.10:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; SUBJECT_ENDS_QUESTION(1.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.25:from]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[langille.org:s=fm1,messagingengine.com:s=fm3]; NEURAL_HAM_MEDIUM(-1.00)[-1.002]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-0.92)[-0.922]; MIME_GOOD(-0.10)[text/plain]; TO_MATCH_ENVRCPT_SOME(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 19:19:01 -0000 > On Aug 2, 2020, at 2:49 PM, Ernie Luzar wrote: >=20 > Dan Langille wrote: >>> On Aug 2, 2020, at 1:48 PM, Ernie Luzar wrote: >>>=20 >>> Hello list; >>> Please review configuration looking for something I may have missed. = Hopping someone can suggest something that will change the behavior = eliminating the problem. >>>=20 >>>=20 >>> Equipment. Real hardware, 12.1 release, amd64 dual cpu. >>>=20 >>> Description; >>> non-vnet jails and vnet jails using the bridge/epair method can ping = the public internet when only non-vnet jails are started at a time or = when only vnet jails are started at a time. But when both non-vnet jails = and vnet jails are started together then neither one can ping the public = internet. The order of the jails definitions in the jail.conf file has = no effect on changing what is happening. >>>=20 >>> Bug description: >>> When non-vnet jails are started their ip addresses are added to the = NIC facing the public AFTER the public ip address and the non-vnet jail = has access to the public internet. But when both non-vnet jails and vnet = jails are started at the same time then the non-vnet jails ip addresses = gets added before the public ip address of the NIC facing the public = internet causing the host to lose all access to the public internet. = This seems to be a jail(8) bug. >>>=20 >>> It makes no difference which command method is used to start and = stop the jails. >>> Service jail onestart jailname or jail =C3=A2=E2=82=AC=E2=80=9Ccv = jailname >> This may be related to my twitter rant about vnet problems in my own = jails: >> https://twitter.com/DLangille/status/1289944047763693569 >> The symptoms you describe to similar to my own. I cannot access = ports on jails on the same host, but I can access ports on other hosts. >=20 > Your twitter posts are all pf firewall related. =46rom what I can = tell you are using local only vnet jails and want to talk between them. >=20 > Do you have any non-vnet jails running on the host where the 2 vnet = jails are running? >=20 > Do you have any local only vnet jails working on any other systems? One of those two jails in question is vnet, the other is not. There are = many non-vnet jails on this host, only one vnet. > To me knowledge there is only 1 way to have local only vnet jails to = talk to each other. Do not assign ip address to epairXa or to the = bridge. Only assign an ip address to epairXb the interface in the vnet = jail. All the vnet jails you want to be local only have to be members on = the same bridge. I will look at that for this jail. Thank you. --=20 Dan Langille - BSDCan / PGCon dan@langille.org From owner-freebsd-questions@freebsd.org Sun Aug 2 20:34:26 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D02E83A7201 for ; Sun, 2 Aug 2020 20:34:26 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKXmx5b8mz3fkP for ; Sun, 2 Aug 2020 20:34:25 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [192.168.0.2] (ozzie.tundraware.com [75.145.138.73]) (authenticated bits=0) by oceanview.tundraware.com (8.15.2/8.15.2) with ESMTPSA id 072KYAHI002070 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Sun, 2 Aug 2020 15:34:10 -0500 (CDT) (envelope-from tundra@tundraware.com) To: FreeBSD Mailing List From: Tim Daneliuk Subject: What Happened to 'make delete-old' In /usr/src/sys Autocrypt: addr=tundra@tundraware.com; prefer-encrypt=mutual; keydata= xsFNBFlVgYoBEADIYD9W4mbKz5cEleX923hagDWkxyJl4kRiMJnz+dNAH71MItSdErMb0cFt CPxVncb4dR4R2ec0c0MjPcgVINNtbY1DMWsF7t31TKD8NG9ZjLqF6fZDFjgkRejqHytgjmCI UejrMSCf0UJsLtg+I3N1ZVVxd7ALj2bCvC/uc5S7j+YbNnhQvSoBbdFj/xOTjyOGGpk7WfB7 e42PGKq1NSgnI7tcY6HSaSH+LHeoc0yUpBb5A1ge+RhR1N9JTniEFe0qvOBi+HgUltEoxsk4 xb6IhpkDOTsxHvEg5h0ukfl8kG9cu+LrEBqwPaC8lPw3UmoTEAU+lXHanPE12JCF/54EtVCc rb4W0vqgGmLJzn5dRU/fWkar0FKPq4eoV0XMbGZKIC6pWQnMEsxEMpNvh7oefK6Kyn+LO+59 +sNYHbv1RImDJccmfHTOA6/jHdwOcnYy37U8UF7e+mGrwNs8GsMQx2AaQbR6VErakH3GBgft bMFOGQxiaRBkbzba7BZCQ060yhiC3/Mb/xHoVi7PBEmKig1SErTMA7Fh3CYPYIRDphNs6OSr tf9O4hbzUAsjbU3rxOfiWQjP3fSOM0KUBj4wpIWZlMrjAGnMIz2wHb211wsBiLqSaGiiO1LR 7RrcvbIFZvHQHiWe2tdRyuH3N/h7A316yoLfx+yy1gyP5weWsQARAQABzSRUaW0gRGFuZWxp dWsgPHR1bmRyYUB0dW5kcmF3YXJlLmNvbT7CwXcEEwEIACEFAllVgYoCGyMFCwkIBwIGFQgJ CgsCBBYCAwECHgECF4AACgkQdoOXo5EJFKntcA/9F9ags9Ik5C49N39iRq+yqBdn/Lr75rqv +Yg7JkjeVlwHpnQt1S6orTC7EaJc+AqY3szCEmhfuT0+E96Bw2k+G/XRnaedZ9SHSdImlmq0 RmOFpWLr67ScvlA9YG1tyR+QYraEFqK5EB6qhOWRJoz1BYtAAntK9b9gUTXt/277sT7lAWaj oPi4CDd4DofHc4E9VRsniMQNMLCWqc/ygAK07cWbK2Rh90tS2C4nK6OHFkNkK94zDilfxod1 NBFTUPPYfEU2CSa3eLlpfhYY3/2X7zNvmmCt+chHUnAhQLhldQ3WlqmTKP+ZK9LX002/bY1O M8Zk76WyA/A3EfsIUbnXBQvFyjwX6W4QEytlZWtp/yRIe64JOa3dZ8rkhragb2N4VgVLBVe3 jtZgfQ72pHrfNk/T0uT+hjFqInvIYiXkhxB2GiD7Ga28VuXojTmeoaW3GKcvoVxONSju7WzD XgyxWRmNpd5uifJcC3YU3tNNAosnQ0/5FW4wkducSEVwwqnAiSMQEMDDa/e6oP6GyOzes5SV LTNCRYdHWVKbxjetYU4SKm5RdLx9XuJo0qL9vO97mCNwdNkTM7gO2ycQ49qUiGbCZJOh2gpP ZRFrpJDxbloosAfOEB6IYjhb38u6jvbScJKK3bWA+a8TK4SrQpdRd1cAnW9sA8jCTV8ejZq0 CHnOwU0EWVWBigEQAJYuihAOOOe/kAn045Ayn+3is3S+6eV4IAgL6lJhoChkgUJJuFoRX9BY rd35z29+q2/UCoProzd4Mk66wXeWv6n4s5R79OUzjgMLCTVlVaMy4gjPL9NRDwMt7KYRF56g mnoKZwfPDi/oJ5toPPboW94FrMwonqbdqYM2Pyi/HPMe4e396WQ4TaA1CdhyzKHoFSpkGcjX zIQ5yQ5aaGS7wonRu/pg15dbu+8QOgxRNFa0bO+ntz/30u+VmxFqFVbExjuy3Or8fSBhJgx4 cfyrrunKLclpZ/52VeK3l53yWYpR8RaTZfzpu8Ih+ijAY4XLO5F8P1T6sEviMaTY2F0sbFRx ZJXsgFpiKeWPHUn7/LX7qcoFJYoFqG6b3n5km+qy39x6lMgJDuxKpeN6lYj//LB6xVzn0JI+ 4ZHPrEkFqxu8VkL7deCPTI67ZJik18jXjTH9sha1YBvgvxIPFMA7ZwXX2AwNu7PzdcCpWarS usOAHbjQBUsQ+ZPpI1oeFnsCPZ+8/mMcTjVRZyJxOPs3KnXZv2cXNuaa7lwkWS366gHzQI7O l6WdC8TyNjiOzR654cL8BgYQ/xNSW1vTXqPWSRU8/b/5IueY2tQJh0CKIvfoP0rk8976wa1R 8SRi08mwHX7+F5oSeXLRNHicQGpS1f0DywdRcQ0MFHyq/CV4dTltABEBAAHCwV8EGAEIAAkF AllVgYoCGwwACgkQdoOXo5EJFKkDNw//c8nailIVOV72l7Lze+2AuK9MYUCFb1i4qI1WTnG0 OHQlCAltPhdwZPAozJw/eNqIcuWQh8rZspve9ipj589wLSsVyaFRsuYXTiYZ9RlRsnJYa36h 2JML3ZGrRsSxaUEAggbiOKbwmw27JuOIPmC3Gln4tJuZ+nw6cfCgMI45bIzinVanxHwPLeLp BZKpaEYzAwtBykUfAXn3jDwrI95UlMJvhHDFuRgvb6uSyJIqmp5aR/BjnlSdEwICyWpRAVSt yqZeBMeHbCr1B97PIRzk/q0eHm9T+AoiZWwz1iVGGgkYdAaCfs2PBlNHmRm93cfgoEcaGvNb RbTXOe28niMJeYMQsnjOTy5AQIrhVKeP5E+qVs/oPK/inmLiTbjZcnrO2wR+uxpPGgmR6M/3 p8qyRdaOvT87HZXO+Wr+r9A4UnwhCPsfELwPlEo+TJQ/oE71Mlkx/ddQCWELcHjXrQF9YbzA Ml7g0zTkgHysh4DNkV5iYteOcmCwsWdOwn0H0yZfz6weyr8nEdPngyOjFNKMIpcTbeg8866c GxXAJj46dub4VdVwfvMRHfmmRJkjdId7YHWMgz2Kf7S7KPCROLis7WjlOdSS0q2m/7qy9WL/ ZW50YLS8ZZLMrnari5JxCyJX+8n6ZASo2AA93iTbKmYegK2LDwW1QLU1iAF3GyGOnSE= Message-ID: <01f493d3-088c-8215-a2f3-6821b3d84e69@tundraware.com> Date: Sun, 2 Aug 2020 15:34:04 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (oceanview.tundraware.com [45.55.60.57]); Sun, 02 Aug 2020 15:34:10 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: 072KYAHI002070 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (not cached, score=-2.135, required 1, autolearn=not spam, ALL_TRUSTED -1.00, AWL 0.77, BAYES_00 -1.90) X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-Rspamd-Queue-Id: 4BKXmx5b8mz3fkP X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of tundra@tundraware.com designates 45.55.60.57 as permitted sender) smtp.mailfrom=tundra@tundraware.com X-Spamd-Result: default: False [-2.02 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[tundraware.com]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.82)[-0.817]; NEURAL_HAM_MEDIUM(-0.67)[-0.669]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-0.23)[-0.231]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:14061, ipnet:45.55.32.0/19, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 20:34:26 -0000 Is this no longer required? From owner-freebsd-questions@freebsd.org Sun Aug 2 21:38:40 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9BF4A3A8F87 for ; Sun, 2 Aug 2020 21:38:40 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKZC40Hjgz414M for ; Sun, 2 Aug 2020 21:38:39 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [192.168.0.2] (ozzie.tundraware.com [75.145.138.73]) (authenticated bits=0) by oceanview.tundraware.com (8.16.1/8.15.2) with ESMTPSA id 072LbKaF006693 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Sun, 2 Aug 2020 16:37:20 -0500 (CDT) (envelope-from tundra@tundraware.com) Subject: Re: What Happened to 'make delete-old' In /usr/src/sys From: Tim Daneliuk To: FreeBSD Mailing List References: <01f493d3-088c-8215-a2f3-6821b3d84e69@tundraware.com> Autocrypt: addr=tundra@tundraware.com; prefer-encrypt=mutual; keydata= xsFNBFlVgYoBEADIYD9W4mbKz5cEleX923hagDWkxyJl4kRiMJnz+dNAH71MItSdErMb0cFt CPxVncb4dR4R2ec0c0MjPcgVINNtbY1DMWsF7t31TKD8NG9ZjLqF6fZDFjgkRejqHytgjmCI UejrMSCf0UJsLtg+I3N1ZVVxd7ALj2bCvC/uc5S7j+YbNnhQvSoBbdFj/xOTjyOGGpk7WfB7 e42PGKq1NSgnI7tcY6HSaSH+LHeoc0yUpBb5A1ge+RhR1N9JTniEFe0qvOBi+HgUltEoxsk4 xb6IhpkDOTsxHvEg5h0ukfl8kG9cu+LrEBqwPaC8lPw3UmoTEAU+lXHanPE12JCF/54EtVCc rb4W0vqgGmLJzn5dRU/fWkar0FKPq4eoV0XMbGZKIC6pWQnMEsxEMpNvh7oefK6Kyn+LO+59 +sNYHbv1RImDJccmfHTOA6/jHdwOcnYy37U8UF7e+mGrwNs8GsMQx2AaQbR6VErakH3GBgft bMFOGQxiaRBkbzba7BZCQ060yhiC3/Mb/xHoVi7PBEmKig1SErTMA7Fh3CYPYIRDphNs6OSr tf9O4hbzUAsjbU3rxOfiWQjP3fSOM0KUBj4wpIWZlMrjAGnMIz2wHb211wsBiLqSaGiiO1LR 7RrcvbIFZvHQHiWe2tdRyuH3N/h7A316yoLfx+yy1gyP5weWsQARAQABzSRUaW0gRGFuZWxp dWsgPHR1bmRyYUB0dW5kcmF3YXJlLmNvbT7CwXcEEwEIACEFAllVgYoCGyMFCwkIBwIGFQgJ CgsCBBYCAwECHgECF4AACgkQdoOXo5EJFKntcA/9F9ags9Ik5C49N39iRq+yqBdn/Lr75rqv +Yg7JkjeVlwHpnQt1S6orTC7EaJc+AqY3szCEmhfuT0+E96Bw2k+G/XRnaedZ9SHSdImlmq0 RmOFpWLr67ScvlA9YG1tyR+QYraEFqK5EB6qhOWRJoz1BYtAAntK9b9gUTXt/277sT7lAWaj oPi4CDd4DofHc4E9VRsniMQNMLCWqc/ygAK07cWbK2Rh90tS2C4nK6OHFkNkK94zDilfxod1 NBFTUPPYfEU2CSa3eLlpfhYY3/2X7zNvmmCt+chHUnAhQLhldQ3WlqmTKP+ZK9LX002/bY1O M8Zk76WyA/A3EfsIUbnXBQvFyjwX6W4QEytlZWtp/yRIe64JOa3dZ8rkhragb2N4VgVLBVe3 jtZgfQ72pHrfNk/T0uT+hjFqInvIYiXkhxB2GiD7Ga28VuXojTmeoaW3GKcvoVxONSju7WzD XgyxWRmNpd5uifJcC3YU3tNNAosnQ0/5FW4wkducSEVwwqnAiSMQEMDDa/e6oP6GyOzes5SV LTNCRYdHWVKbxjetYU4SKm5RdLx9XuJo0qL9vO97mCNwdNkTM7gO2ycQ49qUiGbCZJOh2gpP ZRFrpJDxbloosAfOEB6IYjhb38u6jvbScJKK3bWA+a8TK4SrQpdRd1cAnW9sA8jCTV8ejZq0 CHnOwU0EWVWBigEQAJYuihAOOOe/kAn045Ayn+3is3S+6eV4IAgL6lJhoChkgUJJuFoRX9BY rd35z29+q2/UCoProzd4Mk66wXeWv6n4s5R79OUzjgMLCTVlVaMy4gjPL9NRDwMt7KYRF56g mnoKZwfPDi/oJ5toPPboW94FrMwonqbdqYM2Pyi/HPMe4e396WQ4TaA1CdhyzKHoFSpkGcjX zIQ5yQ5aaGS7wonRu/pg15dbu+8QOgxRNFa0bO+ntz/30u+VmxFqFVbExjuy3Or8fSBhJgx4 cfyrrunKLclpZ/52VeK3l53yWYpR8RaTZfzpu8Ih+ijAY4XLO5F8P1T6sEviMaTY2F0sbFRx ZJXsgFpiKeWPHUn7/LX7qcoFJYoFqG6b3n5km+qy39x6lMgJDuxKpeN6lYj//LB6xVzn0JI+ 4ZHPrEkFqxu8VkL7deCPTI67ZJik18jXjTH9sha1YBvgvxIPFMA7ZwXX2AwNu7PzdcCpWarS usOAHbjQBUsQ+ZPpI1oeFnsCPZ+8/mMcTjVRZyJxOPs3KnXZv2cXNuaa7lwkWS366gHzQI7O l6WdC8TyNjiOzR654cL8BgYQ/xNSW1vTXqPWSRU8/b/5IueY2tQJh0CKIvfoP0rk8976wa1R 8SRi08mwHX7+F5oSeXLRNHicQGpS1f0DywdRcQ0MFHyq/CV4dTltABEBAAHCwV8EGAEIAAkF AllVgYoCGwwACgkQdoOXo5EJFKkDNw//c8nailIVOV72l7Lze+2AuK9MYUCFb1i4qI1WTnG0 OHQlCAltPhdwZPAozJw/eNqIcuWQh8rZspve9ipj589wLSsVyaFRsuYXTiYZ9RlRsnJYa36h 2JML3ZGrRsSxaUEAggbiOKbwmw27JuOIPmC3Gln4tJuZ+nw6cfCgMI45bIzinVanxHwPLeLp BZKpaEYzAwtBykUfAXn3jDwrI95UlMJvhHDFuRgvb6uSyJIqmp5aR/BjnlSdEwICyWpRAVSt yqZeBMeHbCr1B97PIRzk/q0eHm9T+AoiZWwz1iVGGgkYdAaCfs2PBlNHmRm93cfgoEcaGvNb RbTXOe28niMJeYMQsnjOTy5AQIrhVKeP5E+qVs/oPK/inmLiTbjZcnrO2wR+uxpPGgmR6M/3 p8qyRdaOvT87HZXO+Wr+r9A4UnwhCPsfELwPlEo+TJQ/oE71Mlkx/ddQCWELcHjXrQF9YbzA Ml7g0zTkgHysh4DNkV5iYteOcmCwsWdOwn0H0yZfz6weyr8nEdPngyOjFNKMIpcTbeg8866c GxXAJj46dub4VdVwfvMRHfmmRJkjdId7YHWMgz2Kf7S7KPCROLis7WjlOdSS0q2m/7qy9WL/ ZW50YLS8ZZLMrnari5JxCyJX+8n6ZASo2AA93iTbKmYegK2LDwW1QLU1iAF3GyGOnSE= Message-ID: <6dd2b0d0-0740-a157-4346-784480dcef8a@tundraware.com> Date: Sun, 2 Aug 2020 16:37:15 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <01f493d3-088c-8215-a2f3-6821b3d84e69@tundraware.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (oceanview.tundraware.com [45.55.60.57]); Sun, 02 Aug 2020 16:37:21 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: 072LbKaF006693 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (not cached, timed out) X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-Rspamd-Queue-Id: 4BKZC40Hjgz414M X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of tundra@tundraware.com designates 45.55.60.57 as permitted sender) smtp.mailfrom=tundra@tundraware.com X-Spamd-Result: default: False [-2.22 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[tundraware.com]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.84)[-0.837]; NEURAL_HAM_MEDIUM(-0.77)[-0.770]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-0.32)[-0.318]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:14061, ipnet:45.55.32.0/19, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Aug 2020 21:38:40 -0000 On 8/2/20 3:34 PM, Tim Daneliuk wrote: > Is this no longer required? NVM - Cockpit error. The makefile that supports this is in /usr/src .... d'oh... From owner-freebsd-questions@freebsd.org Mon Aug 3 03:07:01 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 763E53AD95C for ; Mon, 3 Aug 2020 03:07:01 +0000 (UTC) (envelope-from mason@blisses.org) Received: from phlegethon.blisses.org (phlegethon.blisses.org [50.56.97.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKjTv44bRz4Dwc for ; Mon, 3 Aug 2020 03:06:59 +0000 (UTC) (envelope-from mason@blisses.org) Received: from cocytus.blisses.org (service.blisses.org [64.223.129.151]) by phlegethon.blisses.org (Postfix) with ESMTP id D90DF194D04; Sun, 2 Aug 2020 23:06:51 -0400 (EDT) Received: from blisses.org (acheron.int.blisses.org [10.0.1.10]) by cocytus.blisses.org (Postfix) with ESMTPSA id 495B8380; Sun, 2 Aug 2020 23:06:51 -0400 (EDT) Date: Sun, 2 Aug 2020 23:06:50 -0400 From: Mason Loring Bliss To: doug@safeport.com, freebsd-questions@freebsd.org Subject: Re: freebsd-update - Cannot identify running kernel Message-ID: <20200803030649.GH31477@blisses.org> References: <78c7d012-8c82-a25a-e70d-6a09d0098bad@holgerdanske.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="G44BJl3Aq1QbV/QL" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) X-Rspamd-Queue-Id: 4BKjTv44bRz4Dwc X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of mason@blisses.org designates 50.56.97.101 as permitted sender) smtp.mailfrom=mason@blisses.org X-Spamd-Result: default: False [-4.48 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.05)[-1.050]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-0.96)[-0.964]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[blisses.org]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.07)[-0.070]; RCPT_COUNT_TWO(0.00)[2]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:19994, ipnet:50.56.0.0/17, country:US]; RCVD_TLS_LAST(0.00)[]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Aug 2020 03:07:01 -0000 --G44BJl3Aq1QbV/QL Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Aug 02, 2020 at 02:23:56AM -0400, doug@safeport.com wrote: > Apparently from posts not all 12.x systems have /bootpool/boot. There might be other situations I'm not remembering, but I suspect you'll find bootpools on most systems upgraded to 12 but originally installed before the UEFI bootloader knew about GELI. --=20 Mason Loring Bliss (( If I have not seen as far as others, it is because mason@blisses.org )) giants were standing on my shoulders. - Hal Abels= on --G44BJl3Aq1QbV/QL Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEEXtBZz1axB5rEDCEnrJXcHbvJVUFAl8nf0cACgkQnrJXcHbv JVXRdRAAwykNuaOn2N0rI4QGdJQC0rtz0KfEEoOp81tvC5AUco4RAiyZZHP58dLf aJpyLpJ9+eNRxXrnoCn5bqQPc8q32cvki4q/F20mah2a0uZN7LzbT3RLxTVVu8fV AulvY8RHwekiCB9C801/tI5wjE83+3T3MtpN7vWfK9ICzyQsj2Zh91fESX4PDfB+ Gz1z/jYVuIKJrNJ1bKTQRMjcE2MxwiDxheLjDlpuPRQc2fL6Wqhk6jNTEKvjKo1+ J0T3eja+Qr9dqD+s5dkLOvtOij2c7waO9agcmQKOKijWaUen7TtiUI0ZIXO66thv tKG+3qgT3QYY22MBzbRBluOGS/GFhEsc8clwE7roFNdAsOHlSoJISibfYJWJuKE+ RQ5q9VbEMiZpuB93LffSZVUXfIir1P26PjZAkWGe4gSwYN7MO/L1qVTABOed5HMJ buDHikW+B0gS79nwU7GIvBl3WU/Zc9HwelsHQKGu5QjQZaIo5IWJm0JFTiWPnJ0s Ju3aVXk5Bm0nZRgKqdAhhPtyv2UJ6fUpC3b5hib8G0M+xafSEkzUxkyDPnbY2T6K fDKmwP283pejkywQYmqSdDOqzX2iTwygr41WjJ/GHscimjqT0jqb3/VKquzdncmE cll9MQdv8d83+DAYEi6Gj10RX3QJyMvIHI0v7pp7QhN70KZFCdg= =30ks -----END PGP SIGNATURE----- --G44BJl3Aq1QbV/QL-- From owner-freebsd-questions@freebsd.org Mon Aug 3 03:31:54 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BBFAE3AE202 for ; Mon, 3 Aug 2020 03:31:54 +0000 (UTC) (envelope-from roberthuff@rcn.com) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4BKk2f2Flwz4Fyh for ; Mon, 3 Aug 2020 03:31:54 +0000 (UTC) (envelope-from roberthuff@rcn.com) Received: by mailman.nyi.freebsd.org (Postfix) id 4D5153AE201; Mon, 3 Aug 2020 03:31:54 +0000 (UTC) Delivered-To: questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4D1D73AE088 for ; Mon, 3 Aug 2020 03:31:54 +0000 (UTC) (envelope-from roberthuff@rcn.com) Received: from smtp.rcn.com (smtp.rcn.com [69.168.97.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKk2d1tXLz4G45 for ; Mon, 3 Aug 2020 03:31:53 +0000 (UTC) (envelope-from roberthuff@rcn.com) DKIM-Signature: v=1; a=rsa-sha1; d=rcn.com; s=20180516; c=relaxed/simple; q=dns/txt; i=@rcn.com; t=1596425511; h=From:Subject:Date:To:MIME-Version:Content-Type; bh=FkiOaUJEsj7ycWscBIV34bYcrx8=; b=F2rPYs6FDBJMrNkSudPPAzhUFyWA1o3Jgpp5Sx2yNhoF5XHC5Hobp4OIwg3LmAZe +3N4bd4etulQ3OxBfvCszpfS/xw3W3RNMMIIKs2AgmaIWTUiMCcJrmCvgl08OdFv U+JtNdUbtzxqz7aFKqNOwJZj4q69C4GssGXDFhqOubRtancd1MuAhqKt17gXzb4j fISMzR6RnBXq+5WgonD9tZcisNxGoAtcEpMVoEAAZZ9oQv0dM3Lit6LMyuLTMGG0 JTmtwIWOPs6DCHMc0nq25rrv0txowZlz27eO7zn61RwVb5bD4TNYADFT+9XMTrrY jF/+XcmkzjJU4YRaE57Viw==; X_CMAE_Category: , , X-CNFS-Analysis: v=2.3 cv=J+PUEzvS c=1 sm=1 tr=0 a=9TgA2UwI6Wy+6BV4wQM/cQ==:117 a=9TgA2UwI6Wy+6BV4wQM/cQ==:17 a=KGjhK52YXX0A:10 a=kj9zAlcOel0A:10 a=XRQyMpdBKAEA:10 a=y4yBn9ojGxQA:10 a=48faUk6PgeAA:10 a=XrFhm6ab6LNN5s9GEaoA:9 a=CjuIK1q_8ugA:10 X-CM-Score: 0 X-Scanned-by: Cloudmark Authority Engine X-Authed-Username: cm9iZXJ0aHVmZkByY24uY29t Received: from [209.6.230.48] ([209.6.230.48:59036] helo=jerusalem.litteratus.org.litteratus.org) by smtp.rcn.com (envelope-from ) (ecelerity 3.6.25.56547 r(Core:3.6.25.0)) with ESMTPSA (cipher=AES256-GCM-SHA384) id 29/E6-42436-725872F5; Sun, 02 Aug 2020 23:31:51 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <24359.34086.899433.931369@jerusalem.litteratus.org> Date: Sun, 2 Aug 2020 23:31:50 -0400 From: Robert Huff To: questions@freebsd.org Subject: looking for .ppd X-Mailer: VM 8.2.0b under 26.3 (amd64-portbld-freebsd13.0) X-Rspamd-Queue-Id: 4BKk2d1tXLz4G45 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=rcn.com header.s=20180516 header.b=F2rPYs6F; dmarc=pass (policy=none) header.from=rcn.com; spf=pass (mx1.freebsd.org: domain of roberthuff@rcn.com designates 69.168.97.78 as permitted sender) smtp.mailfrom=roberthuff@rcn.com X-Spamd-Result: default: False [-4.45 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[rcn.com:s=20180516]; NEURAL_HAM_MEDIUM(-1.00)[-1.004]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:69.168.97.0/24]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.01)[-1.009]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[rcn.com:dkim]; DKIM_TRACE(0.00)[rcn.com:+]; DMARC_POLICY_ALLOW(-0.50)[rcn.com,none]; NEURAL_HAM_SHORT(-0.34)[-0.341]; FROM_EQ_ENVFROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[69.168.97.78:from]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:36271, ipnet:69.168.97.0/24, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[69.168.97.78:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Aug 2020 03:31:54 -0000 Hello: I have a recent -CURRENT system on which I am installing CUPS. The printer is a Brother HL-2270DW ... which is not on the list of known printers, and for which I am unable to find a .ppd from a trustworthy source. Anyone know where to locate this? Or failing that, possibly have one they could share? Hopefully, Robert Huff From owner-freebsd-questions@freebsd.org Mon Aug 3 06:47:48 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C9CBB370B36 for ; Mon, 3 Aug 2020 06:47:48 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4BKpNh3Rnwz4Nh0 for ; Mon, 3 Aug 2020 06:47:48 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: by mailman.nyi.freebsd.org (Postfix) id 7480F370AD9; Mon, 3 Aug 2020 06:47:48 +0000 (UTC) Delivered-To: questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 744403707E0 for ; Mon, 3 Aug 2020 06:47:48 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.187]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BKpNf5twpz4Ngy for ; Mon, 3 Aug 2020 06:47:46 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([178.5.237.51]) by mrelayeu.kundenserver.de (mreue011 [212.227.15.167]) with ESMTPA (Nemesis) id 1Mbzdn-1kbpfm1yJD-00daVU; Mon, 03 Aug 2020 08:47:41 +0200 Date: Mon, 3 Aug 2020 08:47:37 +0200 From: Polytropon To: Robert Huff Cc: questions@freebsd.org Subject: Re: looking for .ppd Message-Id: <20200803084737.5567c5bf.freebsd@edvax.de> In-Reply-To: <24359.34086.899433.931369@jerusalem.litteratus.org> References: <24359.34086.899433.931369@jerusalem.litteratus.org> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K1:z0NXwoF/i5fzd/IY6dm3oGYnTkD9WAYcZCdmd4GBZYbUQAjhw6r zUGNFXlE8tonl6JpK/BXQ6q0HSaw1wqanAYCBJLBzSzK1+Gkc4K6HlmJGobrajxaA0ByNd2 wYASt2ivkGHruD3a4kXFMruZLmQpoeWLDlwiOYIwvpqfz2N3UPbVGXhkIqoTo4yMjEm16c2 P0ainNrq9bouAfkQlIe3w== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:X79+akkKcec=:c2I8rveIslypNfkLh4IiYG EDBRZ5FVkPyTpGQxRkLAOfJPiAspn+HDfMKLFqhNhzdcONMM+rl/rSrG3RVP+ECONjeYwRwoF FM1vDD5KDUqrQvFAKsvwPRDZSiH+DdebRkcXJjoSbSpvLPUU4af1p3S/ZpRc9trPbQ9g2ZlWW JPGl6jxmoaagEe+WZkKBB07au0YhFsjC3EjVC6+s0H/WjVN3NMbxVMn9vhmL6gbVd/inH2zPO qsLCwuvWnR6DT9PeNNoYzE8rOJabsx6i0LQ+hbi6aRd48ef5SWxo96GoMsiFSsHdl4/1gHPuC s+ay1REzbnughXquRvXjX4Hrd+H7zWfi8LfuKpLNMFNS4DtpIR7mumwGXFUfg3c8MbA41mxRO k9aChtWa/zbQo6JulnaGS3REuMF6fc9g4Ymt4c0wY7mXHb+J9OklOzxf6gPDZaXtFwUmhv0nB RGqkmSIaI73BSHEs2PulDQAIwF9nd7t/UDZqt5Vk5NSyaF5Ouc4uZBQD4Xqd4RRFf6VK+CW7H zhZmosFvRjYUxsErDLdQ+vbDSjqUbCvyuheyJKc0NFls0Q9a4FP3P3r6H3laPywKv/rlhTeM+ El8MWYJuCSlneqt0CctGwD28ifDexZn5E5AIkcL2B1wf1zPB5fUa1yMs0rMhaDbFSnW6q8iXx TJF/bTuk98dMhmDCRHjWzBiA/NSxvmATNKAD+uuPF78Y53w4OpYdhap58n2NJIHgk5gILwz0r cB5N/7WUkpzooQcAdCAWxddZ+Yvze8Tm4iDW40BkfAHeNHjopKIQbQ+RAz6aObDaP8kjWbMrv /9C5C4GTY1hlwPXmNB/JYEVfYY2zsoHJgQtu3sRp4mJikYNFVDnnPSP39nUmpCkKz4zLamd X-Rspamd-Queue-Id: 4BKpNf5twpz4Ngy X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd@edvax.de has no SPF policy when checking 212.227.126.187) smtp.mailfrom=freebsd@edvax.de X-Spamd-Result: default: False [2.58 / 15.00]; HAS_REPLYTO(0.00)[freebsd@edvax.de]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; HAS_ORG_HEADER(0.00)[]; NEURAL_HAM_SHORT(-0.22)[-0.217]; RCPT_COUNT_TWO(0.00)[2]; RECEIVED_SPAMHAUS_PBL(0.00)[178.5.237.51:received]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; ARC_NA(0.00)[]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-0.27)[-0.268]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[edvax.de]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.67)[0.667]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MID_CONTAINS_FROM(1.00)[]; RCVD_IN_DNSWL_NONE(0.00)[212.227.126.187:from]; R_SPF_NA(0.00)[no SPF record]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.227.126.187:from]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Aug 2020 06:47:48 -0000 On Sun, 2 Aug 2020 23:31:50 -0400, Robert Huff wrote: > Hello: > I have a recent -CURRENT system on which I am installing CUPS. > The printer is a Brother HL-2270DW ... which is not on the list of > known printers, and for which I am unable to find a .ppd from a > trustworthy source. > Anyone know where to locate this? Or failing that, possibly have > one they could share? >From the Brother's german download section I found this: CUPSwrapper Printer driver Source Codes This is CUPS wrapper Printer driver Source Codes. https://www.brother.de/support/hl-2270dw/downloads This leads to the download section: https://support.brother.com/g/b/branch/downloadhowto.aspx?c=de&lang=de&prod=hl2270dw_all&os=127&dlid=dlf005894_000&flang=4&type3=560 (Choose Linux, RPM, English, if neccessary.) Download the file: cupswrapperHL2270DW-2.0.4-2.i386.rpm Extract it (it can be processed like regular compressed archives, using a GUI tool or the Midnight Commander.) Inside it, there's a file: CONTENTS.cpio Extract it (using cpio or another tool.) Inside it, usr/local/Brother/Printer/HL2270DW/cupswrapper (relative path), there is a file cupswrapperHL2270DW-2.0.4, a script executable intended for Linux. Copy it as name HL2270.PPD and edit. It contains (!) the PPD, starting line 69. Cut to that point. First lines: *PPD-Adobe: "4.3" *%================================================ *% Copyright Brother Industries,Ltd 2006-2008 *% "Brother HL2270DW for CUPS" *%================================================ >From there, it's 280 lines long. Cut there. Last lines: *UIConstraints: *InputSlot MANUAL *Duplex DuplexTumble *UIConstraints: *InputSlot MANUAL *Duplex DuplexNoTumbl The resulting ppd file should be 10530 bytes. Tataa - you have the correct PPD file. Deutsch gut. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Mon Aug 3 16:19:47 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C938B37F0ED for ; Mon, 3 Aug 2020 16:19:47 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4BL34g4P5jz42ls for ; Mon, 3 Aug 2020 16:19:47 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: by mailman.nyi.freebsd.org (Postfix) id 94FE937F0EC; Mon, 3 Aug 2020 16:19:47 +0000 (UTC) Delivered-To: questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 94CB337F1D2 for ; Mon, 3 Aug 2020 16:19:47 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from nightmare.dreamchaser.org (ns.dreamchaser.org [66.109.141.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "dreamchaser.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BL34f5XNSz42lr for ; Mon, 3 Aug 2020 16:19:46 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from breakaway.dreamchaser.org (breakaway [192.168.151.122]) by nightmare.dreamchaser.org (8.15.2/8.15.2) with ESMTP id 073GJcS1073222; Mon, 3 Aug 2020 10:19:39 -0600 (MDT) (envelope-from freebsd@dreamchaser.org) Subject: Re: looking for .ppd To: Robert Huff , questions@freebsd.org References: <24359.34086.899433.931369@jerusalem.litteratus.org> From: Gary Aitken Reply-To: freebsd@dreamchaser.org Message-ID: <15556d3e-5b85-7af8-f385-ec135e352bbc@dreamchaser.org> Date: Mon, 3 Aug 2020 10:17:58 -0600 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.8.1 MIME-Version: 1.0 In-Reply-To: <24359.34086.899433.931369@jerusalem.litteratus.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (nightmare.dreamchaser.org [192.168.151.101]); Mon, 03 Aug 2020 10:19:39 -0600 (MDT) X-Rspamd-Queue-Id: 4BL34f5XNSz42lr X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@dreamchaser.org designates 66.109.141.57 as permitted sender) smtp.mailfrom=freebsd@dreamchaser.org X-Spamd-Result: default: False [-2.99 / 15.00]; HAS_REPLYTO(0.00)[freebsd@dreamchaser.org]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.95)[-0.947]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-1.04)[-1.041]; MIME_GOOD(-0.10)[text/plain]; REPLYTO_ADDR_EQ_FROM(0.00)[]; DMARC_NA(0.00)[dreamchaser.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.71)[-0.706]; RCPT_COUNT_TWO(0.00)[2]; RCVD_TLS_LAST(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:21947, ipnet:66.109.128.0/19, country:US]; RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Aug 2020 16:19:47 -0000 On 8/2/20 9:31 PM, Robert Huff wrote: > > Hello: > I have a recent -CURRENT system on which I am installing CUPS. > The printer is a Brother HL-2270DW ... which is not on the list of > known printers, and for which I am unable to find a .ppd from a > trustworthy source. > Anyone know where to locate this? Or failing that, possibly have > one they could share? The brother website refers to a "Generic CUPSwrapper printer driver" as the one for the HL-2270DW, which is the same as the one for the HL-2250DN, so there's a good possibility the supplied ppd stp-brother-hl-2250dn.5.3.ppd.gz might work. Gary From owner-freebsd-questions@freebsd.org Mon Aug 3 19:38:06 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 393AB3A6266 for ; Mon, 3 Aug 2020 19:38:06 +0000 (UTC) (envelope-from kremels@kreme.com) Received: from mail.covisp.net (mail.covisp.net [65.121.55.42]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BL7TT28jLz4KF3 for ; Mon, 3 Aug 2020 19:38:04 +0000 (UTC) (envelope-from kremels@kreme.com) From: "@lbutlr" Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: SSH log lines Message-Id: <09256F5E-469C-402B-94DC-3C07F8AC29ED@kreme.com> Date: Mon, 3 Aug 2020 13:37:55 -0600 To: FreeBSD X-Mailer: Apple Mail (2.3649) X-Rspamd-Queue-Id: 4BL7TT28jLz4KF3 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of kremels@kreme.com designates 65.121.55.42 as permitted sender) smtp.mailfrom=kremels@kreme.com X-Spamd-Result: default: False [-0.78 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.93)[-0.934]; FROM_HAS_DN(0.00)[]; MISSING_MIME_VERSION(2.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; R_SPF_ALLOW(-0.20)[+mx]; DMARC_NA(0.00)[kreme.com]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.05)[-1.048]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-0.40)[-0.400]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:209, ipnet:65.112.0.0/12, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[65.121.55.42:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Aug 2020 19:38:06 -0000 When some moon tires to login to an account like root, ssh does n=E2=80=99= t log the IP address in the failure line as it does with non-existent = users. sshd[99328] error: PAM: Authentication error for root from = vps-94314d13.vps.ovh.ca sshd[99328] Connection closed by authenticating user root 139.99.236.165 = port 46226 [preauth] sshd[7202] Invalid user pi from 2.232.248.6 port 46438 Is there anyway that I can change this so that the IP address appears = not eh same line as the Authentication error, it would make my = blacklisting these people much easier. --=20 I never wanted to do this in the first place. From owner-freebsd-questions@freebsd.org Tue Aug 4 05:22:50 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3FCBB3B1B71 for ; Tue, 4 Aug 2020 05:22:50 +0000 (UTC) (envelope-from idefix@fechner.net) Received: from anny.lostinspace.de (anny.lostinspace.de [IPv6:2001:608:a02::33]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BLNS91kxdz3cQk for ; Tue, 4 Aug 2020 05:22:49 +0000 (UTC) (envelope-from idefix@fechner.net) Received: from server.idefix.lan (241-130-067-156.ip-addr.inexio.net [156.67.130.241]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: idefix@fechner.net) by anny.lostinspace.de (Postfix) with ESMTPSA id 6A57AB70D3 for ; Tue, 4 Aug 2020 07:22:45 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fechner.net; s=default; t=1596518565; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:autocrypt:autocrypt; bh=EDBWH57lMsiBkXAj8T0CHVCLVazvpIUnONKXRhBxRWs=; b=qz8mySMPSi+BBIAmq0W3BavSbsxVmempkioirvDnMZ1tguN+dhAKL5POOsg4WWjY4qD7UU kL1ZQKB66Sw9dheDiH0wnnSEDkxGiNvke/1LZUQuNpDTVJT7Nbg/jZBWs36WP4oVVBd5/Y eWW2VMo/qd/VP4Q/JnFUtFGvSijQ8qE= Received: from [192.168.0.151] (241-130-067-156.ip-addr.inexio.net [156.67.130.241]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by server.idefix.lan (Postfix) with ESMTPSA id C5D6C3485EE for ; Tue, 4 Aug 2020 07:22:44 +0200 (CEST) Subject: Re: SSH log lines To: freebsd-questions@freebsd.org References: <09256F5E-469C-402B-94DC-3C07F8AC29ED@kreme.com> From: Matthias Fechner Autocrypt: addr=idefix@fechner.net; prefer-encrypt=mutual; keydata= xsFNBFqca1YBEADM9mF2+ifk8HILTlf5wtAzV6SYVR4RvNOo/8Kucw4sCZT76zS1fjZe4Zy1 3C0IZ07Wi+3PnoGIgOCsXp3PrTc2nuHQWkwVBYXy8UaR9DHBWA/mIvRGG1ZscKQYA6oUdCvd K8Mu26zO60yTt+ONzFtK6G1myH4EHXZ8dpmdCFf+W3rzTU+aCQ5S3OfwCLGgYgOaVREGkdOc 5SVCpFb4n+2B8+CqeWsRHhnT+4h7/YhgDMGp4GiI3yrB2nBVSUUvcosD2nRtJQgGQHcAFtMq 3hJaKPOR/mHc6KVrp0xmGNmdtazvXloHmGIl9O1UpmMmrYu9Kugl0JkGi2fAcno02XgVlkyX 7xDLTteP5cNqRxor4yVDaRWUQnOfK9XgcrKGrAzb65BkCSkjT+Aw3S/A8Qd6NvjL9qy1d+Ct dzatOVF/Y7jaW28CMr3jvwPS13OxV7PnJzIZzdik20eVxfOXuYfxZD+PwBaGgFF0qj6zKACC aKLalE0ZpY0zNn/iPyQX/Cf9KoDyFpOHSsEswiJ5rCWwppVcsFyogHOemVmeaXlvyDPEipnV ZUkpGP/CCqPu3eD0uDzP7UJ0pt/l/JfW0Xw/4p9mjB024xiRlxLa6vSRfGl//EdtAIbKKa8x 5wsKTQEbYJDmXE3tH/A54DCqRXhcopTlu2iJlTdnIMltn9afVwARAQABzSVNYXR0aGlhcyBG ZWNobmVyIDxpZGVmaXhAZmVjaG5lci5uZXQ+wsGuBBMBCgBBAhsDBQkJZgGABQsJCAcDBRUK CQgLBRYDAgEAAh4BAheAFiEEaWB64mCp804YOtqutot13J/XR+EFAlqcc9gCGQEAIQkQtot1 3J/XR+EWIQRpYHriYKnzThg62q62i3Xcn9dH4ZDKEADAPFRKDtfZpLV3quthRl0OTytPlMKN rIMDI4BN0BSElFmTypdE0Xbsy7rGI5OYi8QwotqA2yK199mzWD+a6VFCINUuWgZq/vGjNJ9i Vo5hak9vnnCmy6BA8tnPQ6RT23PDuPvuw8++cDF6pKh9QnNB1nOnjdpXBdWqwnetjSMbNgDl EtLoIEjVFFHz+EcszGykM+Xv0hbcaEgcBdpVfUdUkDagkSj1j3kOcnBfw1X6G8uVRUDYoN00 oWJUkp5XdxyrD7/nNbdjwnpF3xuVb2enrxnuXLG3qa+wMR1LE7IZKQ9qDMgN8eqYN+Rp66bu AczDB4fZ7alm6HMxmSso2hKQqInm6KbrfxmGfPOYRaHaq1g+AeVkbWM7qfYNLMKomRBiNhS0 uPvKUiBlqQbwzeJ1BG6AciYwGr4dIy5ZHwUjnaCHX7gtsgCscHhhZNOv3fcSXCFLWO2iYr1J 5Z7M9+O6enGpdCXhBHSpcC6CWw4wnrJOiBvqVzSrIR05rlUJdBMtIP3JmmiVJA6M57VcTIzi Dm/sWs8EZWeL0DGUBG9QNVthAO/X7gCByG2CkuYAXyYM+r+0Z5e4A7eb4TFANekngKd4j1gd z6OhTZxdCLkw/U3OAw5XjdcRkKJNbQ4FYzX7znuCYOoZvJsTsXdQWm8Gz381Fae7GgppjFhu oI5zec7BTQRanGtWARAA3e4IsdkX7VWByvNiPAvXAAnCNhvtSccq81h1oEqBbSfQ1N9pMIsf Edg87w2VXX6U1y1J5ct6JamYTWUIMer/77ncQnfg6xF3+fbjo9218h+W0wvve2yarpL3NPJ7 bO/suyYTuOBQFpqxu/SpItLJs5S+RHGPfEG4r1iaD9ldoQ06HHAhDqhCg0uDd6uz23leXg1U rqDPNnY51Mae5RWFCaLits/ThHQYkWEC0YsBhQLGVdVmF08CziplqgAQ/mdb+7YzLNJoii7B wQh220CI9l2smv5rg4YrPzxKfrOopJq7JQAOBf4by0pQ42Blt/PhJJG+WKc6DJTZHLJ81L3v uv9h9ocf6gDGDfXJRY+0P+vJ9XDr1sa8rxFCtn35zW/JYEAGhA6Hn4kdb8AT1ePl1Bq0R9aY Y7f78VGjZMiGplBdeXw9b6O0SOSGA4c5RfkRHNKbqcJw8jD4tSQQg1wtz1vDh+/V45Yh0G4J yQYzitZeQthuqF1LN1Z4KwLS2JCTzHs7XNdEk4oXishMl3+pffbYQfb0FH5P1XUfDssNJF77 djG2heFE5lFeMXxCeIQd4pU1FQKiavqtYaa4eOw1NDu3C3CcbzFI58KRgCn0atvMGQhhf5UW 8VAupUz4i3dECWB79vClk++SvdsWwmTglL4QC6AEis/TF30Ew6HoSPkAEQEAAcLBkwQYAQoA JhYhBGlgeuJgqfNOGDrarraLddyf10fhBQJanGtWAhsMBQkJZgGAACEJELaLddyf10fhFiEE aWB64mCp804YOtqutot13J/XR+GWbBAAqECNdPYbaYVXtgEISe8Lj6PKSK0hQNDG9KX4m1/7 GMPGWc/8d3LUyNwI6tm2kmqHmyLlMneqDyO3AM4C+LNsx4mdwoR9nQ8SZTj35DmoitduAyTD 6lolrsXt/bYKtt7bD4cHLxfgwvkpCaC1igmDQtOn0t2y5LWdLOJVRObany+cMDL8YMQfuvrF h8GVkr9SMAf4HqL+s5BIVXZF6qxjxOdi8i31NAAjJooXJdP56bAjGUpbNLq4HgrDzLhz0J5n DNhEW3q3vIvTnSkA8xga021pfQ8TUX+KPnAGIqxCTNynPmQ9khN+G00r4N5HUEGUG4/qPgUX LEdC2hmzkZDWjGZaeTrl7Xi+pxu7GwD59G41FJbqfAiRFw1xDRuiyRtf6FVhaptzrT8q+VKD EALobhsdPzpugFyq/5pPr3rqCljF5KpZdOOf22BO219gNIJMhhOQ3Y2ohz5kvTbFrig3hMS5 V2Ti9Rl/jyo1iwA8Jb9O1xwfB3+lNP5aX9/5oIEbah8imx7dIkamGjAveYFXTK27oMYetVP8 8SGsHlO1aJQ+XEa5bcaj6ebMzsA88ONiWMG6WLFxSVzZLghgpitSx3EoXxIILX1d4PySs7zU UJ+qdX9H66aZf3meVL1lSqzRESc3GYJDnnMcIivy/yaBqRn1jqlhrE8XvwJ0HF8Y/A8= Message-ID: <745dc612-d5a4-1e06-89bb-8df5dfbd7e1f@fechner.net> Date: Tue, 4 Aug 2020 07:22:42 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <09256F5E-469C-402B-94DC-3C07F8AC29ED@kreme.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Content-Language: en-US X-Rspamd-Server: anny.lostinspace.de X-Rspamd-Queue-Id: 4BLNS91kxdz3cQk X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=fechner.net header.s=default header.b=qz8mySMP; dmarc=pass (policy=none) header.from=fechner.net; spf=pass (mx1.freebsd.org: domain of idefix@fechner.net designates 2001:608:a02::33 as permitted sender) smtp.mailfrom=idefix@fechner.net X-Spamd-Result: default: False [-5.81 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[fechner.net:s=default]; NEURAL_HAM_MEDIUM(-1.03)[-1.025]; FROM_HAS_DN(0.00)[]; DWL_DNSWL_MED(-2.00)[fechner.net:dkim]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.987]; RCVD_COUNT_THREE(0.00)[3]; RCVD_IN_DNSWL_MED(-0.20)[2001:608:a02::33:from]; DKIM_TRACE(0.00)[fechner.net:+]; DMARC_POLICY_ALLOW(-0.50)[fechner.net,none]; NEURAL_HAM_SHORT(-0.10)[-0.100]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:5539, ipnet:2001:608::/32, country:DE]; RCVD_TLS_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[156.67.130.241:received] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Aug 2020 05:22:50 -0000 Am 03.08.2020 um 21:37 schrieb @lbutlr: > When some moon tires to login to an account like root, ssh does n’t log the IP address in the failure line as it does with non-existent users. > > sshd[99328] error: PAM: Authentication error for root from vps-94314d13.vps.ovh.ca > sshd[99328] Connection closed by authenticating user root 139.99.236.165 port 46226 [preauth] > > sshd[7202] Invalid user pi from 2.232.248.6 port 46438 > > Is there anyway that I can change this so that the IP address appears not eh same line as the Authentication error, it would make my blacklisting these people much easier. try fail2ban, it can handle all of this correctly. Gruß Matthias -- "Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the universe trying to produce bigger and better idiots. So far, the universe is winning." -- Rich Cook From owner-freebsd-questions@freebsd.org Tue Aug 4 20:43:15 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6AA9137F024 for ; Tue, 4 Aug 2020 20:43:15 +0000 (UTC) (envelope-from mail@dbalan.in) Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BLmtB016rz3br6 for ; Tue, 4 Aug 2020 20:43:13 +0000 (UTC) (envelope-from mail@dbalan.in) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id F3641882 for ; Tue, 4 Aug 2020 16:43:11 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute1.internal (MEProxy); Tue, 04 Aug 2020 16:43:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dbalan.in; h=to :from:subject:message-id:date:mime-version:content-type :content-transfer-encoding; s=fm2; bh=9oTIOL0qpekZ1A7/i81agugnyX h7CUVXCcYY+lMrM+U=; b=U7klq/0MPzlnIo8Tef8rYOlzK2z7rtzpXtUqg91ain hkJn0rHiWzIbbnJD9Dmi7kbqnld6Nxo6ivBxfr/b1fMzhgx+Hv2LtAei4waW7oB7 ANol+STe+wYco7O55/+6AxQEJMGH0m2g0vuR1iiRZO5T8RSsGnw5nKwDC3wR7lBz 0w7jOBUwbYpdOHNq5T2nNQhMLaFDjuA5ShujG3LsFgMh+5PFYLGVCSLFyj844XwS IH1EQzXeI09mTUK4VODUJQNW4Y5bvu9KSbNUh0YJdY1GtI0AygBgW1Nre3/DxTPx nX3lLcd0oFcN5jzR5kwLxs+tMstXH+m1P2Ao/yo5whcA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:message-id:mime-version:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=9oTIOL 0qpekZ1A7/i81agugnyXh7CUVXCcYY+lMrM+U=; b=F9K1ULh+Vq/nv/pqg6pNpv zDyKnN2R4K5aEKXs8sW8Zbk8RSaWgGYI/aStqqSIDY9ck6cuUzIZCd9NPTwY30Mx sRL2FyaC7ulf9g81RQAoKqdmpwZgCWHbEQLMaYZeGb4PgppgZ09kJuucm3jSsJX9 yTxjr27ZaJ/VSbxR7swEDDYdv44xaWTptLs72ArHYsbzdM9nQN84EeNkrJw+GsVa wRPfPmhWElGSOYee/rGdClTpU0G9k/zFS86FqaxyZEFTNrEIbbDoTnf11W4eZ+XY yksFk5AoO3p0CRniKXAbxTAhHA5zy+8sy8kqrUsnBVMB242OMwny3lEtwzH4LhRA == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedrjeeigdduheegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefvhffukffffgggtgfgsehtjeertd dtfeejnecuhfhrohhmpeffhhgrnhgrnhhjrgihuceurghlrghnuceomhgrihhlsegusggr lhgrnhdrihhnqeenucggtffrrghtthgvrhhnpeejhedujeehkeeuieegtdeljedtjeeike dvteevffejkedvtefhhffhheetffeiheenucffohhmrghinhepfhhrvggvsghsugdrohhr ghenucfkphepledurdeihedrvdehuddrheehnecuvehluhhsthgvrhfuihiivgeptdenuc frrghrrghmpehmrghilhhfrhhomhepmhgrihhlsegusggrlhgrnhdrihhn X-ME-Proxy: Received: from [192.168.0.171] (ip5b41fb37.dynamic.kabel-deutschland.de [91.65.251.55]) by mail.messagingengine.com (Postfix) with ESMTPA id 206DC30600B1 for ; Tue, 4 Aug 2020 16:43:11 -0400 (EDT) To: FreeBSD From: Dhananjay Balan Subject: How to secure NFS? Message-ID: Date: Tue, 4 Aug 2020 22:43:08 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BLmtB016rz3br6 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=dbalan.in header.s=fm2 header.b=U7klq/0M; dkim=pass header.d=messagingengine.com header.s=fm3 header.b=F9K1ULh+; dmarc=none; spf=pass (mx1.freebsd.org: domain of mail@dbalan.in designates 64.147.123.24 as permitted sender) smtp.mailfrom=mail@dbalan.in X-Spamd-Result: default: False [-2.48 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; RWL_MAILSPIKE_VERYGOOD(0.00)[64.147.123.24:from]; R_DKIM_ALLOW(-0.20)[dbalan.in:s=fm2,messagingengine.com:s=fm3]; RECEIVED_SPAMHAUS_PBL(0.00)[91.65.251.55:received]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:64.147.123.24]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; ARC_NA(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.990]; RCVD_COUNT_THREE(0.00)[4]; DMARC_NA(0.00)[dbalan.in]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[dbalan.in:+,messagingengine.com:+]; NEURAL_HAM_SHORT(-0.90)[-0.897]; NEURAL_HAM_MEDIUM(-0.99)[-0.993]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:11403, ipnet:64.147.123.0/24, country:US]; SUBJECT_ENDS_QUESTION(1.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[64.147.123.24:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Aug 2020 20:43:15 -0000 Hi, I am trying to run an NFS server following https://www.freebsd.org/doc/handbook/network-nfs.html (on 12.1-RELEASE-p6). It doesn't touch at all about securing this server, is there any such documentation? Also my pf never sees any of these packets. I have block in all on the file with explicit pass in rules and this just works :/ How is it completely by-passing my firewall? Regards, Dhananjay Balan From owner-freebsd-questions@freebsd.org Tue Aug 4 21:07:34 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9266F37F7A4 for ; Tue, 4 Aug 2020 21:07:34 +0000 (UTC) (envelope-from dr.klepp@gmx.at) Received: from vie01a-dmta-at50-2.mx.upcmail.net (vie01a-dmta-at50-2.mx.upcmail.net [62.179.121.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BLnQF53q8z3cv1 for ; Tue, 4 Aug 2020 21:07:33 +0000 (UTC) (envelope-from dr.klepp@gmx.at) Received: from [172.31.216.41] (helo=vie01a-pemc-psmtp-at50) by vie01a-dmta-at50.mx.upcmail.net with esmtp (Exim 4.92) (envelope-from ) id 1k349h-0006ZT-D8 for freebsd-questions@freebsd.org; Tue, 04 Aug 2020 23:07:29 +0200 Received: from x61.lan ([85.126.97.210]) by vie01a-pemc-psmtp-at50 with SMTP @ mailcloud.upcmail.net id BZ7V2300E4YLlkt0BZ7VbB; Tue, 04 Aug 2020 23:07:29 +0200 X-SourceIP: 85.126.97.210 X-CNFS-Analysis: v=2.2 cv=O6RJhF1W c=1 sm=2 tr=0 cx=a_idp_f a=/Ac8Q0O/YFE5LOLfUiYZVw==:117 a=/Ac8Q0O/YFE5LOLfUiYZVw==:17 a=8nJEP1OIZ-IA:10 a=6I5d2MoRAAAA:8 a=eHL4P6T5Issbh7DMBnkA:9 a=wPNLvfGTeEIA:10 a=mL032U4Dr3kA:10 a=Cwvrka5r01MA:10 a=IjZwj45LgO3ly-622nXo:22 From: "Dr. Nikolaus Klepp" To: freebsd-questions@freebsd.org Subject: Re: How to secure NFS? Date: Tue, 4 Aug 2020 23:07:34 +0200 User-Agent: KMail/1.9.10 References: In-Reply-To: X-KMail-QuotePrefix: > MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <202008042307.34450.dr.klepp@gmx.at> X-Rspamd-Queue-Id: 4BLnQF53q8z3cv1 X-Spamd-Bar: ++++++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=fail (mx1.freebsd.org: domain of dr.klepp@gmx.at does not designate 62.179.121.137 as permitted sender) smtp.mailfrom=dr.klepp@gmx.at X-Spamd-Result: default: False [6.17 / 15.00]; RCVD_TLS_LAST(0.00)[]; R_SPF_FAIL(1.00)[-all]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; FREEMAIL_FROM(0.00)[gmx.at]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[gmx.at]; NEURAL_SPAM_MEDIUM(1.02)[1.018]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_SPAM_SHORT(0.60)[0.602]; NEURAL_SPAM_LONG(0.75)[0.746]; MID_CONTAINS_FROM(1.00)[]; FROM_NAME_HAS_TITLE(1.00)[dr]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:6830, ipnet:62.179.0.0/17, country:AT]; SUBJECT_ENDS_QUESTION(1.00)[]; FREEMAIL_ENVFROM(0.00)[gmx.at]; RCVD_IN_DNSWL_LOW(-0.10)[62.179.121.137:from] X-Spam: Yes X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Aug 2020 21:07:34 -0000 Anno domini 2020 Tue, 4 Aug 22:43:08 +0200 Dhananjay Balan scripsit: > Hi, > > I am trying to run an NFS server following > https://www.freebsd.org/doc/handbook/network-nfs.html (on 12.1-RELEASE-p6). > > It doesn't touch at all about securing this server, is there any such > documentation? I use NFS over SSH. Nik > > Also my pf never sees any of these packets. I have block in all on the > file with explicit pass in rules and this just works :/ How is it > completely by-passing my firewall? > > Regards, > Dhananjay Balan > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ... From owner-freebsd-questions@freebsd.org Wed Aug 5 01:02:24 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7F4583A4ADB; Wed, 5 Aug 2020 01:02:24 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-qv1-xf2e.google.com (mail-qv1-xf2e.google.com [IPv6:2607:f8b0:4864:20::f2e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BLtdC55ntz45vT; Wed, 5 Aug 2020 01:02:23 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-qv1-xf2e.google.com with SMTP id j10so13324367qvo.13; Tue, 04 Aug 2020 18:02:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:date:from:user-agent:mime-version:to:subject :content-transfer-encoding; bh=nst0EJwDkoD6V2/Aq9C5nUqpkmpFpDLE/sveIAJ42M0=; b=k8GszHBP6Mk6BwzADf61nhseqoH7HCHvVc11A7u7ny4pTOH3QEXQJGTRe0X4eRrhoa 0njvqSlfTyHAO3nBzTRqEnuLUIi1RvSvDNa7mKC6eY/n4QjiAxugtc7YAjjfZGVjJKPi zvZYQOHMHTWlh9XSWOdBTQcRhHDi/ZrMqwxitnoqJH5J9l7KK9xsU27Lw8ODN08KFXWR BfLlUwMC3bkX/Yu9REh5TDlVX5IT+9ED5k+thubmhTLDP9G20r0AK+9nCR33H6GMpyn+ VRXbMlN3IA7R2rElkCto1wWmQ1jDdm2HxJPta5mZXUaLbg3dhXuaKfuIl4si2tG+KMV4 7ffQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:content-transfer-encoding; bh=nst0EJwDkoD6V2/Aq9C5nUqpkmpFpDLE/sveIAJ42M0=; b=XECV74mPLObVZZKUJYL9jGjg1G6srxrEzxF1/ukYPYGfKROsorSWpqdEiHPobQSGoQ B0vZOI4MYZU/mQvlzOO82kNzd5JjGBWmtaBTPm5oJx4N2cE47DvXk3RPpGyjjuGVuA6A UrYJrGtx1FqTJ3e2NQCjct5iDQf1STvjaCeKYF9HdujQO23RhH0tBJTGk/r62C0LGg7V V17GeIG4pug8xfrqWiSrOdDJkcqiO/o2ZW9/1u6yDbE6saHreawZmWdW7PgvpnzTcS69 z22KgeTmam7Otvtu37X7sWJmbNEFFHoFdcTRyeTIMLIlQ17bpa1jH5TAEJp+E88aBncy MPaQ== X-Gm-Message-State: AOAM530k3ESdzhP42/BH2Kl5oHf4flxgq2e1cK+m20iUCfGCpkdhlYFf GE2Xd7hsoLh4pLXRoAZTo6ZHyVb7 X-Google-Smtp-Source: ABdhPJyXgbQliEsZYMNqBu2k5BSNczNqKaYWcEJv5m6pV5T9caSsIMhiCi6NawBthV3lqOoyOhA20A== X-Received: by 2002:a0c:c409:: with SMTP id r9mr1152431qvi.123.1596589342511; Tue, 04 Aug 2020 18:02:22 -0700 (PDT) Received: from [10.0.10.8] (cpe-65-25-51-0.neo.res.rr.com. [65.25.51.0]) by smtp.googlemail.com with ESMTPSA id x198sm438513qka.37.2020.08.04.18.02.21 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 04 Aug 2020 18:02:21 -0700 (PDT) Message-ID: <5F2A051D.4030604@gmail.com> Date: Tue, 04 Aug 2020 21:02:21 -0400 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: "freebsd-questions@freebsd.org" , "freebsd-jail@freebsd.org" Subject: how to make a non-vnet jail local only? Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BLtdC55ntz45vT X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=k8GszHBP; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of luzar722@gmail.com designates 2607:f8b0:4864:20::f2e as permitted sender) smtp.mailfrom=luzar722@gmail.com X-Spamd-Result: default: False [-1.88 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RECEIVED_SPAMHAUS_PBL(0.00)[65.25.51.0:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.97)[-0.972]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.95)[-0.954]; MIME_GOOD(-0.10)[text/plain]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_SPAM_SHORT(0.04)[0.042]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::f2e:from]; TO_DN_EQ_ADDR_ALL(0.00)[]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 01:02:24 -0000 I have non-vnet jails working that can reach the public internet. But now I would like to make some local only non-vnet jails that can only access other local only non-vnet jails. BY local meaning have no access to the public internet. How do I make this happen? Thanks for any pointers. From owner-freebsd-questions@freebsd.org Wed Aug 5 01:08:43 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4424B3A53B3 for ; Wed, 5 Aug 2020 01:08:43 +0000 (UTC) (envelope-from me@yonghua.org) Received: from 7.mo173.mail-out.ovh.net (7.mo173.mail-out.ovh.net [46.105.44.159]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BLtmV2yJ6z46R0 for ; Wed, 5 Aug 2020 01:08:42 +0000 (UTC) (envelope-from me@yonghua.org) Received: from player692.ha.ovh.net (unknown [10.110.103.133]) by mo173.mail-out.ovh.net (Postfix) with ESMTP id A6080147D70 for ; Wed, 5 Aug 2020 03:08:39 +0200 (CEST) Received: from yonghua.org (unknown [113.106.251.88]) (Authenticated sender: me@yonghua.org) by player692.ha.ovh.net (Postfix) with ESMTPSA id BEC5D14DF7C21 for ; Wed, 5 Aug 2020 01:08:38 +0000 (UTC) Subject: Re: How to secure NFS? To: freebsd-questions@freebsd.org References: <202008042307.34450.dr.klepp@gmx.at> From: Wesley Peng Message-ID: <057c9ac4-d10e-2fe0-fa12-fe0f6390b819@yonghua.org> Date: Wed, 5 Aug 2020 09:08:34 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <202008042307.34450.dr.klepp@gmx.at> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Ovh-Tracer-Id: 474848289368326916 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: 0 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeduiedrjeejgdegfecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecunecujfgurhepuffvfhfhkffffgggjggtgfesthejredttdefjeenucfhrhhomhephggvshhlvgihucfrvghnghcuoehmvgeshihonhhghhhurgdrohhrgheqnecuggftrfgrthhtvghrnhepleeuieejieekheelfeehheeuuefgfeethfekheekueeffedufffgfeejkefgveehnecuffhomhgrihhnpehfrhgvvggsshgurdhorhhgnecukfhppedtrddtrddtrddtpdduudefrddutdeirddvhedurdekkeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhhouggvpehsmhhtphdqohhuthdphhgvlhhopehplhgrhigvrheiledvrdhhrgdrohhvhhdrnhgvthdpihhnvghtpedtrddtrddtrddtpdhmrghilhhfrhhomhepmhgvseihohhnghhhuhgrrdhorhhgpdhrtghpthhtohepfhhrvggvsghsugdqqhhuvghsthhiohhnshesfhhrvggvsghsugdrohhrgh X-Rspamd-Queue-Id: 4BLtmV2yJ6z46R0 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of me@yonghua.org designates 46.105.44.159 as permitted sender) smtp.mailfrom=me@yonghua.org X-Spamd-Result: default: False [-1.21 / 15.00]; RCVD_TLS_LAST(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ptr:mail-out.ovh.net]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCVD_COUNT_THREE(0.00)[3]; DMARC_NA(0.00)[yonghua.org]; NEURAL_SPAM_SHORT(0.05)[0.046]; RCVD_IN_DNSWL_NONE(0.00)[46.105.44.159:from]; NEURAL_HAM_MEDIUM(-0.96)[-0.959]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:16276, ipnet:46.105.0.0/16, country:FR]; SUBJECT_ENDS_QUESTION(1.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[46.105.44.159:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 01:08:43 -0000 Dr. Nikolaus Klepp wrote: > I am trying to run an NFS server following > https://www.freebsd.org/doc/handbook/network-nfs.html (on 12.1-RELEASE-p6). > > It doesn't touch at all about securing this server, is there any such > documentation? You can try Ceph. mounting filesystem from ceph server is simple and safe. regards. From owner-freebsd-questions@freebsd.org Wed Aug 5 02:13:00 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2DD4B3A65D7 for ; Wed, 5 Aug 2020 02:13:00 +0000 (UTC) (envelope-from olivares14031@gmail.com) Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BLwBf4p9xz48xw for ; Wed, 5 Aug 2020 02:12:58 +0000 (UTC) (envelope-from olivares14031@gmail.com) Received: by mail-wm1-x329.google.com with SMTP id p14so4371221wmg.1 for ; Tue, 04 Aug 2020 19:12:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=3c5IyEEhv6oWUKGQqUETW1zNWWJi6w3AN3HuT+eaLFc=; b=N8luiVH3X7tQDMVHTnsoVKS+PeausEnNZtdu4FQ5Tj713dTpL5Mg9duQSi5Q6VYO0B 7YhTiAu1V0H+Xv3Zbwis6N8qkzF+zKgCzU4UYk7JNHmJG3mr8DJqz/hjjA+X3NWiQciL ZUdh8C1k2sIEVpyAY2tr5brdNuNngRz3pTV90rMnyXAuV2AwyAWQttGgz3eCroKh1cNn i1xJBUIXvS74a74fFJVC4KEVN8nbL0zI5ZEcVgM4cqHGO0aCwxc1+lzuXbAU7rKN8FOl 4Xmd8fnESRNhTrZSjOruMH/AGE1xyJDkyQZvEIYBk9l9apJTM2vr9iyKKnp+bEuOu1Al iuhg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=3c5IyEEhv6oWUKGQqUETW1zNWWJi6w3AN3HuT+eaLFc=; b=cOHKFdRAALFH4RYgibovxyITleZGlBlimsaFEO4Ys6JwiPMzFD4hWKc7kVytoW9zy4 GEcQajJ5iBJkSWuiKH8MYZfyl6PCWFYaQVLuR7P/dI9HFQmUPxq6zhHOjEuMkuuVT7Zb AXZ7bE31H/uFDPjbSPybZB0d0T2ALq4VzgZlZvEccqqP33IQQwRvU7OuWYeLiH5TjBW2 nmLx9lkHylgqZR+q6oMuJrrLSFT9+z4iaifou/5kiWt0FY29+KPLIFUEugHeUokoFipu jbuY+b1taI/oRamj8biM3AwENyRRfuwDXnO2BClLfwF1Fej6RtDa9kRdsUsSURixHNLp U0lw== X-Gm-Message-State: AOAM532RdYCMLykVBjY3HGsRXpir2IpR1eLD2L4GhjXAsL9pqAzeD92M u14TxjJdme5Gu4gw5lCdh7fObYrii+F2aOTX2gG3LMl5 X-Google-Smtp-Source: ABdhPJz0KvXO6VTfL4zooJgzpgmG0VpQc+gQp0G7CbuhTn0AnHH/oIrqL93UZ6NSpsO46YHoBCZr8I9lB2MiyxvgQxQ= X-Received: by 2002:a05:600c:2157:: with SMTP id v23mr1028557wml.38.1596593576393; Tue, 04 Aug 2020 19:12:56 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a1c:3243:0:0:0:0:0 with HTTP; Tue, 4 Aug 2020 19:12:55 -0700 (PDT) From: Antonio Olivares Date: Tue, 4 Aug 2020 21:12:55 -0500 Message-ID: Subject: Complete idiots guide to virtualize Android with bhyve To: FreeBSD Questions X-Rspamd-Queue-Id: 4BLwBf4p9xz48xw X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=N8luiVH3; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of olivares14031@gmail.com designates 2a00:1450:4864:20::329 as permitted sender) smtp.mailfrom=olivares14031@gmail.com X-Spamd-Result: default: False [-3.00 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.95)[-0.955]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; NEURAL_HAM_LONG(-0.99)[-0.993]; RCPT_COUNT_ONE(0.00)[1]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::329:from]; NEURAL_HAM_SHORT(-0.05)[-0.052]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 02:13:00 -0000 Dear kind FreeBSD users, I have seen some sites where it is mentioned that we can run Android with bhve on FreeBSD. https://m.youtube.com/watch?utm_source=discoverbsd&v=zq2rYQ84DiQ But I cannot follow which commands to use or where to get Android sources. Is there a complete idiots guide somewhere so I can follow step by step. I have experience with virtualbox and VMware but on Linux. I would like to use bhyve and FreeBSD because I have updated a school machine to 12.1-RELEASE-p4? to p7 because of covid(17+2) school closure in March and I have to set it up for instruction(online). I may need zoom and I have a ziggi USB document camera already set up. There are several programs which are available for Android but not native FreeBSD. https://www.freebsdnews.com/2020/07/29/video-android-in-freebsd-bhyve-by-oleg/ https://www.freebsd.org/doc/handbook/virtualization-host-bhyve.html https://jjasghar.github.io/blog/2019/06/03/using-bhyve-on-freebsd/ I have read these guides and have entered some of the commands but some fail to work and give errors. Any examples and Android sources where bhvye succeeds are appreciated. Instruction to students may be hybrid part in school and part online maybe entirely online. This will help setup some videos since many students have smart phones and most run Android they can setup Google Play or Fdroid and get them to help instruction calculators, math programs and or Google sheets, Google Docs and Google Slides. Thank you for any advice and help provided in advance. Best Regards, Antonio From owner-freebsd-questions@freebsd.org Wed Aug 5 02:48:58 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6B25F3A8344 for ; Wed, 5 Aug 2020 02:48:58 +0000 (UTC) (envelope-from daniel@dstev.xyz) Received: from mail-40133.protonmail.ch (mail-40133.protonmail.ch [185.70.40.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "protonmail.com", Issuer "SwissSign Server Gold CA 2014 - G22" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BLx082m3Kz4C52 for ; Wed, 5 Aug 2020 02:48:56 +0000 (UTC) (envelope-from daniel@dstev.xyz) Date: Wed, 05 Aug 2020 02:48:47 +0000 To: Antonio Olivares From: Daniel Stevenson Cc: FreeBSD Questions Reply-To: Daniel Stevenson Subject: Re: Complete idiots guide to virtualize Android with bhyve Message-ID: <2FpLnblcS8dY17rDqJi-ACKQ4qXa5A6M7LZjQ2xv79zjqXLj9-jCTMZes_SU1glRZmJ8BtpIp5IJDT0dBNBq5fWf_6vBDexQ_UqivFWS7Hk=@dstev.xyz> In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.7 required=7.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FROM_SUSPICIOUS_NTLD, T_PDS_OTHER_BAD_TLD shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mail.protonmail.ch X-Rspamd-Queue-Id: 4BLx082m3Kz4C52 X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.37 / 15.00]; HAS_REPLYTO(0.00)[daniel@dstev.xyz]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[dstev.xyz:s=protonmail]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[185.70.40.133:from]; R_SPF_ALLOW(-0.20)[+ip4:185.70.40.0/24]; NEURAL_HAM_LONG(-1.01)[-1.011]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_MEDIUM(-0.99)[-0.989]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[dstev.xyz:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[dstev.xyz,quarantine]; NEURAL_HAM_SHORT(-1.27)[-1.268]; FREEMAIL_TO(0.00)[gmail.com]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[185.70.40.133:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 02:48:58 -0000 On Tuesday, August 4, 2020 9:12 PM, Antonio Olivares wrote: > Dear kind FreeBSD users, > > I have seen some sites where it is mentioned that we can run Android with > bhve on FreeBSD. > > https://m.youtube.com/watch?utm_source=3Ddiscoverbsd&v=3Dzq2rYQ84DiQ > > But I cannot follow which commands to use or where to get Android sources= . > > Is there a complete idiots guide somewhere so I can follow step by step. = I > have experience with virtualbox and VMware but on Linux. I would like to > use bhyve and FreeBSD because I have updated a school machine to > 12.1-RELEASE-p4? to p7 because of covid(17+2) school closure in March and= I > have to set it up for instruction(online). I may need zoom and I have a > ziggi USB document camera already set up. There are several programs whic= h > are available for Android but not native FreeBSD. > > https://www.freebsdnews.com/2020/07/29/video-android-in-freebsd-bhyve-by-= oleg/ > > https://www.freebsd.org/doc/handbook/virtualization-host-bhyve.html > > https://jjasghar.github.io/blog/2019/06/03/using-bhyve-on-freebsd/ > > I have read these guides and have entered some of the commands but some > fail to work and give errors. > > Any examples and Android sources where bhvye succeeds are appreciated. > Instruction to students may be hybrid part in school and part online mayb= e > entirely online. This will help setup some videos since many students hav= e > smart phones and most run Android they can setup Google Play or Fdroid an= d > get them to help instruction calculators, math programs and or Google > sheets, Google Docs and Google Slides. > > Thank you for any advice and help provided in advance. Google Docs, Sheets, Slides, etc. are all available as web apps, and using those would be much easier and likely much more comfortable than trying to emulate Android apps on a laptop or desktop. Zoom can likewise be used as a web app. You could also attempt using Zoom's CentOS package under FreeBSD's Linux compatability layer, but it would be hit-or-miss. Sticking to the browser is likely your best bet. Are there any other programs you were worried about? Also, if you don't mind my asking, do you have much prior experience with FreeBSD on the desktop? It is a great operating system, but not especially easy to use if you are unfamiliar with Unix. If you are new, you may be better off with a desktop-focused derivative of FreeBSD, such as GhostBSD or FuryBSD, or a beginner-friendly Linux distro like Ubuntu or Pop!_OS. -- Daniel Stevenson From owner-freebsd-questions@freebsd.org Wed Aug 5 06:55:57 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D48653AC598 for ; Wed, 5 Aug 2020 06:55:57 +0000 (UTC) (envelope-from greg.marsh@gmail.com) Received: from mail-io1-xd2c.google.com (mail-io1-xd2c.google.com [IPv6:2607:f8b0:4864:20::d2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BM2T86ckWz4QTJ for ; Wed, 5 Aug 2020 06:55:56 +0000 (UTC) (envelope-from greg.marsh@gmail.com) Received: by mail-io1-xd2c.google.com with SMTP id v6so29576949iow.11 for ; Tue, 04 Aug 2020 23:55:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:content-transfer-encoding:mime-version:date:subject:message-id :to; bh=Xv8U/ueTI4ToSSwheSsBSqboDIHBL78/epqVbRYNFCo=; b=r6i2ZniX339KdoLH4SfMt9rAvaKm8mLdzToRz03Ze52MSdisDixQBriqSX0MKMLXWG m66eBSrTVJ/0VpkAgTQea/i4hv6HJMIcC4dY0dbpTwfj9CCdzO7wEX1pflktZx86PomY WG+0Dz80lshfToQq7teQGophl5ElL3cqJuaRUr+osOjlJsC+b94P1aozsfGMVpsmSAmb 8S1hxh6wyHcs3/3Q9zFXChntKh65lC20F7SO+He5+MwG9X3IvRqj50r0PofjNcp54sYC v29RDEYa6rde+mGqUyck+5P3hTPUCl8qt2JMSYubfPlec/guNfZmq8susoPQrUVVGBM3 lNoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version:date :subject:message-id:to; bh=Xv8U/ueTI4ToSSwheSsBSqboDIHBL78/epqVbRYNFCo=; b=L9b3WOk4r/6I/Ob0qcLiFc82PTWlRQrgmvq+esYHxBEwRNPGkv0MUAn3i0befrTk8o VnmuukaNrC4DkvFzgZtkB/zK2QDsi8KEob/apw6IALuMrJSaW2WxZQjipMT0N2MOCVea 8JMYXxtBGdMK9SvDqp7YjUu7bjrN4jDWo9t+FH9uSV8Tj4a8lWYdO+SY5srTiq/4hlam j/o49ll/ThD8nr8di7SbECTVuJ5yLPzYd8eH/DhB9vXZQlx4JrOc1cj31NtcrbLzJCv6 l8OD0OIXdqPJUKWEUbZofL3c0wErBuSOWPJbATEibjQ3LVk6rMJo5H+0gCggJlXcM/Jr q0ZA== X-Gm-Message-State: AOAM531tndmSGxUf+/DVWBjNUWCTQ1SINwcy37K1M8vnENnAfZGCWc+v qHlOt3u8FEMOdr4bK0A/E7/FQHuqHAY= X-Google-Smtp-Source: ABdhPJwHEGUcqAyheQwtqkbxzPcbImoISI1+8Gh6Rwwy258w9LFwZNuZigpYnDqe26jrsVL7q66cAw== X-Received: by 2002:a05:6638:214d:: with SMTP id z13mr2576892jaj.7.1596610554829; Tue, 04 Aug 2020 23:55:54 -0700 (PDT) Received: from [192.168.1.131] (107-179-165-9.cpe.teksavvy.com. [107.179.165.9]) by smtp.gmail.com with ESMTPSA id n10sm774492ila.2.2020.08.04.23.55.53 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 04 Aug 2020 23:55:54 -0700 (PDT) From: Greg Marsh Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (1.0) Date: Wed, 5 Aug 2020 02:55:52 -0400 Subject: Question re ZFS with mixed drive speeds & types Message-Id: <575C4647-8F20-4187-9B74-2D509D31A249@gmail.com> To: freebsd-questions@freebsd.org X-Mailer: iPhone Mail (16G183) X-Rspamd-Queue-Id: 4BM2T86ckWz4QTJ X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=r6i2ZniX; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of gregmarsh@gmail.com designates 2607:f8b0:4864:20::d2c as permitted sender) smtp.mailfrom=gregmarsh@gmail.com X-Spamd-Result: default: False [-3.30 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MV_CASE(0.50)[]; TO_DN_NONE(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.83)[-0.835]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.98)[-0.984]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.98)[-0.981]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d2c:from]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 06:55:57 -0000 Hello everyone. I hope you are well.=20 I=E2=80=99m budgeting to upgrading my home file server. Sort of for more dat= a capacity, but mostly for more physical space, flexibility and to try some t= hings storage wise. It=E2=80=99s currently got a 6x2tb SATA raidz of WD reds= w/ssd for l2arc & logging.=20 1st goal - mirror that ssd. Now, I=E2=80=99ve got a big box of still working Seagate Cheetah 15k scsi dr= ives & several controllers, both raid and not. The drives are only 146gb, bu= t 15k. However, I=E2=80=99m wondering if I were to make a VDEV pool of like 7= of them, add that to my volume and what, if any positive benefit it might t= o my ZFS storage? I ask because about 10 years ago, I was involved in a project that had a HUG= E storage component. Many of the vendors we brought in to pitch, including S= un, were promoting tiered storage. Sun in particular were quite proud of thi= s tech. Their system ran ZFS and had a hybrid of ssd, sas & SATA, with the s= ystem dynamically moving data around the different speed/capacity drives, ba= sed on their activity, all transparent to the application or user. Most ofte= n used data coming from the ssd & sas drives, with less active files kept on= the SATA drives. I=E2=80=99m wondering if this capability made it into the open source versio= n of ZFS. Because that would be fantastic. Thank you all for any insight or advice. Cheers, Greg Sent from my iPhone= From owner-freebsd-questions@freebsd.org Wed Aug 5 07:13:46 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EC1C33AC9A1 for ; Wed, 5 Aug 2020 07:13:46 +0000 (UTC) (envelope-from ralf-mardorf@riseup.net) Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.riseup.net", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BM2sj5pLDz4Qtf for ; Wed, 5 Aug 2020 07:13:45 +0000 (UTC) (envelope-from ralf-mardorf@riseup.net) Received: from capuchin.riseup.net (capuchin-pn.riseup.net [10.0.1.176]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "Sectigo RSA Domain Validation Secure Server CA" (not verified)) by mx1.riseup.net (Postfix) with ESMTPS id 4BM2sg2hsYzDsZT for ; Wed, 5 Aug 2020 00:13:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1596611623; bh=/gcCbFOuXlhOahp4SXAu9vrrqn6dGKBz0FT/d/4Lj1I=; h=Date:From:To:Subject:In-Reply-To:References:From; b=WC1UL9PPI82wPkv4wRS+ZfAMBoGLhxnlflrtvl53vTr0c8TztFeELS4/z0uWT1rIn Xx0NvigBYujX/gWl+0EDClhsmUTNBbfvO5Jo1FmFvIhotTJLkOYYCcj9wU0daxjtj9 9v/6qITfq3hN4xiRHo9rzSCOvQ0baFC3VDdcDMqE= X-Riseup-User-ID: 67FF943BC39BDA69DFF55BE2609175694AAD04EE984B18339D5459B902A7C1FD Received: from [127.0.0.1] (localhost [127.0.0.1]) by capuchin.riseup.net (Postfix) with ESMTPSA id 4BM2sf6DWhz8scB for ; Wed, 5 Aug 2020 00:13:42 -0700 (PDT) Date: Wed, 5 Aug 2020 09:13:31 +0200 From: Ralf Mardorf To: freebsd-questions@freebsd.org Subject: Re: Complete idiots guide to virtualize Android with bhyve Message-ID: <20200805091331.4b52af5c@archlinux> In-Reply-To: <2FpLnblcS8dY17rDqJi-ACKQ4qXa5A6M7LZjQ2xv79zjqXLj9-jCTMZes_SU1glRZmJ8BtpIp5IJDT0dBNBq5fWf_6vBDexQ_UqivFWS7Hk=@dstev.xyz> References: <2FpLnblcS8dY17rDqJi-ACKQ4qXa5A6M7LZjQ2xv79zjqXLj9-jCTMZes_SU1glRZmJ8BtpIp5IJDT0dBNBq5fWf_6vBDexQ_UqivFWS7Hk=@dstev.xyz> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BM2sj5pLDz4Qtf X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=riseup.net header.s=squak header.b=WC1UL9PP; dmarc=pass (policy=none) header.from=riseup.net; spf=pass (mx1.freebsd.org: domain of ralf-mardorf@riseup.net designates 198.252.153.129 as permitted sender) smtp.mailfrom=ralf-mardorf@riseup.net X-Spamd-Result: default: False [-4.43 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[riseup.net:s=squak]; NEURAL_HAM_MEDIUM(-1.00)[-1.005]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[198.252.153.129:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[riseup.net:dkim]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[riseup.net:+]; DMARC_POLICY_ALLOW(-0.50)[riseup.net,none]; NEURAL_HAM_SHORT(-0.81)[-0.807]; NEURAL_HAM_LONG(-1.02)[-1.018]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; MID_RHS_NOT_FQDN(0.50)[]; ASN(0.00)[asn:16652, ipnet:198.252.153.0/24, country:US]; RCVD_TLS_ALL(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[198.252.153.129:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 07:13:47 -0000 On Wed, 05 Aug 2020 02:48:47 +0000, Daniel Stevenson wrote: >On Tuesday, August 4, 2020 9:12 PM, Antonio Olivares wrote: >> Any examples and Android sources where bhvye succeeds are >> appreciated. Instruction to students may be hybrid part in school >> and part online maybe entirely online. This will help setup some >> videos since many students have smart phones and most run Android >> they can setup Google Play or Fdroid and get them to help >> instruction calculators, math programs and or Google sheets, Google >> Docs and Google Slides. Hi, it doesn't make sense to install an operating system that doesn't fit the users needs and then to emulate a mobile phone on that operating system, to run the required applications. That is the most worst mismanagement possible in the first place. "Android is [...] designed primarily for touchscreen mobile devices such as smartphones and tablets [...] its source code is known as Android Open Source Project (AOSP) which is primarily licensed under the Apache License. However most Android devices ship with additional proprietary software pre-installed [...]." - https://en.wikipedia.org/wiki/Android_(operating_system) You are using an operating system not providing what you actually need, so to workaround the wrong choice done in the first place, you consider to use a virtual machine, but not to run the most useful guest for your purpose, instead you consider to try the most freakish "solution". > Ubuntu A Zoom mobile app is available for iOS and iPadOS, too, see https://zoom.us/support/download . Why not running iOS or iPadOS as virtualbox guest? Consider to run Ubuntu as guest on your FreeBSD host and iOS as guest in the Ubuntu guest. See: https://lists.ubuntu.com/archives/ubuntu-users/2019-April/296577.html Take a look at the date, when the screenshot was taken and at the date of the post to the Ubuntu mailing list. It's around one year ago, so it should still work today. https://i.imgur.com/4rHkCs4.jpg Joking apart, the "complete idiots guide" you are asking for, is to not do something completely idiotic. I can't comment on the "Zoom Extension for Browsers". I can't comment on Zoom at all. However, did you already test it? If Zoom shouldn't run (as app or browser extension) on FreeBSD, maybe an alternative to "Zoom" does. If nothing should work on FreeBSD, then before considering to emulate a mobile phone, try to run a more common guest, either "Linux" or "Windows" or even consider to purge FreeBSD and to install an operating system that does suit. Well-implemented virtualisation is something very useful. Using virtualisation to patch a lack of plan makes the lack of plan just worse. It's a "Fass ohne Boden", translation: https://t4.ftcdn.net/jpg/00/53/46/37/240_F_53463791_23a9vQG7TIsliZE2PyWT4SEzh3MDTZWL.jpg Regards, Ralf From owner-freebsd-questions@freebsd.org Wed Aug 5 07:17:13 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4C7883AC9BB; Wed, 5 Aug 2020 07:17:13 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from bede.qeng-ho.org (bede.qeng-ho.org [217.155.128.241]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BM2xg6KGGz4RSH; Wed, 5 Aug 2020 07:17:11 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2]) by bede.qeng-ho.org (Postfix) with ESMTP id D2CF310195; Wed, 5 Aug 2020 08:17:03 +0100 (BST) Subject: Re: how to make a non-vnet jail local only? To: Ernie Luzar , "freebsd-questions@freebsd.org" , "freebsd-jail@freebsd.org" References: <5F2A051D.4030604@gmail.com> From: Arthur Chance Message-ID: <77719bef-6c53-21a7-ca17-3ebac05427b9@qeng-ho.org> Date: Wed, 5 Aug 2020 08:17:03 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <5F2A051D.4030604@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BM2xg6KGGz4RSH X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@qeng-ho.org designates 217.155.128.241 as permitted sender) smtp.mailfrom=freebsd@qeng-ho.org X-Spamd-Result: default: False [-1.74 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.95)[-0.952]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:217.155.128.240/29]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[qeng-ho.org]; NEURAL_HAM_LONG(-1.01)[-1.014]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.47)[-0.474]; FREEMAIL_TO(0.00)[gmail.com,freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13037, ipnet:217.155.0.0/16, country:GB]; SUBJECT_ENDS_QUESTION(1.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 07:17:13 -0000 On 05/08/2020 02:02, Ernie Luzar wrote: > I have non-vnet jails working that can reach the public internet. > But now I would like to make some local only non-vnet jails that can > only access other local only non-vnet jails. BY local meaning have no > access to the public internet. > > How do I make this happen? > > Thanks for any pointers. Create a second loopback interface (cloned_interfaces="lo1" in /etc/rc.conf or ifconfig lo1 create for manual control) and put the local jails on lo1 without access to any other interface. -- The number of people predicting the demise of Moore's Law doubles every 18 months. From owner-freebsd-questions@freebsd.org Wed Aug 5 07:45:11 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E10D03AD2EF for ; Wed, 5 Aug 2020 07:45:11 +0000 (UTC) (envelope-from contact@evilham.com) Received: from yggdrasil.evilham.com (yggdrasil.evilham.com [IPv6:2a02:2770::216:3eff:fee1:cf9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BM3Yy4j4wz4TQY for ; Wed, 5 Aug 2020 07:45:10 +0000 (UTC) (envelope-from contact@evilham.com) Received: from yggdrasil.evilham.com (localhost [IPv6:::1]) by yggdrasil.evilham.com (Postfix) with ESMTP id 4BM3Yn4mBCz1CWq for ; Wed, 5 Aug 2020 09:45:01 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=evilham.com; h=from:to :subject:references:in-reply-to:date:message-id:mime-version :content-type; s=mail; bh=NfqZ/pZm1uc6lUhE9WvQdCjDvqw=; b=JQU473 unHqnjT/F6ZcE2vPx8KfFobhCSRNhg+4A5gTtHFr2j0ovqasoy+7o+zmFUEKcZ+h 2Iy8UdHRftu8nV4H+5LLkHpiVdFSIJ+ODP1n3MKGzF0zCC8YTqkb3pRiwpvDJLaE ZkduTGa/TIAYBoKqEcrebZRQHg/itTD5xdn2Q= Received: from yggdrasil.evilham.com (unknown [IPv6:2a0a:e5c1:121:1::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by yggdrasil.evilham.com (Postfix) with ESMTPSA id 4BM3Yn0zTbz1CWp for ; Wed, 5 Aug 2020 09:45:01 +0200 (CEST) From: Evilham To: freebsd-questions@freebsd.org Subject: Re: Complete idiots guide to virtualize Android with bhyve References: In-reply-to: Date: Wed, 05 Aug 2020 09:44:50 +0200 Message-ID: <2cc1b4bd-1575-4924-b19a-5562edb17d7a@yggdrasil.evilham.com> MIME-Version: 1.0 Content-Type: text/plain; format=flowed X-Rspamd-Queue-Id: 4BM3Yy4j4wz4TQY X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=fail (headers rsa verify failed) header.d=evilham.com header.s=mail header.b=JQU473 u; dmarc=pass (policy=none) header.from=evilham.com; spf=pass (mx1.freebsd.org: domain of contact@evilham.com designates 2a02:2770::216:3eff:fee1:cf9 as permitted sender) smtp.mailfrom=contact@evilham.com X-Spamd-Result: default: False [-3.06 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.91)[-0.913]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.98)[-0.980]; RCVD_COUNT_THREE(0.00)[3]; R_DKIM_REJECT(0.00)[evilham.com:s=mail]; DKIM_TRACE(0.00)[evilham.com:-]; DMARC_POLICY_ALLOW(0.00)[evilham.com,none]; NEURAL_HAM_SHORT(-0.37)[-0.368]; DMARC_POLICY_ALLOW_WITH_FAILURES(-0.50)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:196752, ipnet:2a02:2770::/32, country:NL] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 07:45:11 -0000 On dc., ag. 05 2020, Antonio Olivares wrote: > Dear kind FreeBSD users, > > I have seen some sites where it is mentioned that we can run > Android with > bhve on FreeBSD. > > https://m.youtube.com/watch?utm_source=discoverbsd&v=zq2rYQ84DiQ > > But I cannot follow which commands to use or where to get > Android sources. > > Is there a complete idiots guide somewhere so I can follow step > by step. I > have experience with virtualbox and VMware but on Linux. I > would like to With the Caveat that you should think about whether or not this is the approach you want to take, what you are asking is indeed doable and there are valid use-cases to running Android in a VM. I guess there is no complete step by step guide because there are many ways to do it and it depends a bit on your needs. The general guide would be something like: 1. Get an ISO from the Android-x86 project https://www.android-x86.org/releases (not aware of other installation methods atm) 2. Use that ISO to install the OS under bhyve (using the UEFI loader) 3. Profit It's a tad more complex than that because you'll have to make sure that networking is properly setup and that the screen is made available over VNC; that's where any general step-by-step bhyve guide will help. There are helpers like vm-bhyve, depending on how you approach things you can use either. See, e.g.: https://github.com/churchers/vm-bhyve/ and https://wiki.freebsd.org/bhyve/ which might bring you a tad further. Cheers, -- Evilham From owner-freebsd-questions@freebsd.org Wed Aug 5 08:32:13 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DAB233AE71D for ; Wed, 5 Aug 2020 08:32:13 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [IPv6:2001:470:0:19b::b869:801b]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "www.holgerdanske.com", Issuer "www.holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BM4cF0kyyz4WQW for ; Wed, 5 Aug 2020 08:32:12 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (TLS_AES_128_GCM_SHA256:TLSv1.3:Kx=any:Au=any:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Wed, 5 Aug 2020 01:32:03 -0700 Subject: Re: Question re ZFS with mixed drive speeds & types To: freebsd-questions@freebsd.org References: <575C4647-8F20-4187-9B74-2D509D31A249@gmail.com> From: David Christensen Message-ID: <4fefedad-5b2a-11b8-7b22-3b6162f0404f@holgerdanske.com> Date: Wed, 5 Aug 2020 01:32:02 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <575C4647-8F20-4187-9B74-2D509D31A249@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4BM4cF0kyyz4WQW X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of dpchrist@holgerdanske.com has no SPF policy when checking 2001:470:0:19b::b869:801b) smtp.mailfrom=dpchrist@holgerdanske.com X-Spamd-Result: default: False [3.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.79)[0.790]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_SPAM_MEDIUM(0.50)[0.503]; DMARC_NA(0.00)[holgerdanske.com]; NEURAL_SPAM_LONG(0.81)[0.809]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 08:32:13 -0000 On 2020-08-04 23:55, Greg Marsh wrote: > Hello everyone. I hope you are well. > > I’m budgeting to upgrading my home file server. Sort of for more data capacity, but mostly for more physical space, flexibility and to try some things storage wise. It’s currently got a 6x2tb SATA raidz of WD reds w/ssd for l2arc & logging. > 1st goal - mirror that ssd. > > Now, I’ve got a big box of still working Seagate Cheetah 15k scsi drives & several controllers, both raid and not. The drives are only 146gb, but 15k. However, I’m wondering if I were to make a VDEV pool of like 7 of them, add that to my volume and what, if any positive benefit it might to my ZFS storage? > > I ask because about 10 years ago, I was involved in a project that had a HUGE storage component. Many of the vendors we brought in to pitch, including Sun, were promoting tiered storage. Sun in particular were quite proud of this tech. Their system ran ZFS and had a hybrid of ssd, sas & SATA, with the system dynamically moving data around the different speed/capacity drives, based on their activity, all transparent to the application or user. Most often used data coming from the ssd & sas drives, with less active files kept on the SATA drives. > > I’m wondering if this capability made it into the open source version of ZFS. Because that would be fantastic. > > Thank you all for any insight or advice. > > Cheers, > Greg Everything I have read recommends using the same size and speed devices in a given pool. To upgrade a pool, one technique is to replace one device at a time with a "better" device, wait for the new device to resilver, and repeat until all devices have been upgraded. Beware that if you have raidz1, you would be at risk of losing everything if a drive failed while upgrading another. Using the SSD for cache and using two or more SCSI drives in a mirror for log makes sense if you want to minimize hardware cost. David From owner-freebsd-questions@freebsd.org Wed Aug 5 09:13:57 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 24ADA3AEDE4 for ; Wed, 5 Aug 2020 09:13:57 +0000 (UTC) (envelope-from tomek@cedro.info) Received: from mail-wr1-x42c.google.com (mail-wr1-x42c.google.com [IPv6:2a00:1450:4864:20::42c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BM5XN2fNsz4YQy for ; Wed, 5 Aug 2020 09:13:56 +0000 (UTC) (envelope-from tomek@cedro.info) Received: by mail-wr1-x42c.google.com with SMTP id l2so29412383wrc.7 for ; Wed, 05 Aug 2020 02:13:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cedro.info; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mVpzwqkh2z29NH4vP9/844T9qh5y61+g4dBWBTkn/Qs=; b=aoBQ44oLXIXsKuzb+Sr95OfJRgm4gILvybekGXPXLwm46abavZaVwfi7Zjqso/dz/h 9tv7DM5fUIR3VB6dFt6t9fiBt1PrADMRuI2IFmoW0jEmxke3Rq4PIZXcmWcQw0Oealo8 CQy3lu/xAfQGpWThSuKl9NDVuORtWVoDrukWCnD3vkTSyd2VI2LjHjEfUoUtihInHcx/ WEcpNBxm60AxJoRQ2+MUfDN3RGHbZ7MlpEPJJGYSzHzD69RTec0zSC5uDn4Q49MAQpu+ So7K8mTqPGGDafnAcB9TNbb/taU8phDpStKM08J1T6uhOUGsC4tjDxPbLd5fkCcsKGZH F+Aw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mVpzwqkh2z29NH4vP9/844T9qh5y61+g4dBWBTkn/Qs=; b=PE40wHi2rfJK51CEGh+QKgTs+TSIG69Kxlgl2/9WWp78Du3p2M14tg1XKhaL3Hqgr7 cG6beXMC+3JV/EyhazDCLfGBD+l5+4TtKPsp4n9Fqgn/kcEsvJGtK+rU5xEAd8yqiBHO P24COgbF3c0Y9wRqQLU6FtRwpHr55UIRPbyjkserSawsA0dhxVWu8ovAMCgwmiGG6P+8 ZW0QwmopuzSRtk+qftLtxTqtO+XdKwotkPuIfNqvMAglbwvna3ecJuzzxlxu5NHhnDsv +kEn6+ay49oakPrjC3fj/WbRtuniuHQvVaEyPy/6DxxKHxUxBGP4S7fJ300YAr3Bu1JU m7Lg== X-Gm-Message-State: AOAM532ljQkPifGeMJoBptdl3VhNdDTxDaVohQ/utQrZnu14pE5/ZAQH lINFIxzDtHfmRv1dcDIe5mdXpV88wIApKvUrXaOyBQ== X-Google-Smtp-Source: ABdhPJwCXsVYN+u8V1egL2q0Z02cK/8sQ3CVNTZ3QXuLBnTV1X0iRYYhxZbYyzZCk3l1FKKoX3sdFXStwPCMe04ZlCw= X-Received: by 2002:adf:9cc9:: with SMTP id h9mr1920052wre.343.1596618834139; Wed, 05 Aug 2020 02:13:54 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Tomasz CEDRO Date: Wed, 5 Aug 2020 11:13:44 +0200 Message-ID: Subject: Re: Complete idiots guide to virtualize Android with bhyve To: Antonio Olivares Cc: FreeBSD Questions Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4BM5XN2fNsz4YQy X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=cedro.info header.s=google header.b=aoBQ44oL; dmarc=none; spf=none (mx1.freebsd.org: domain of tomek@cedro.info has no SPF policy when checking 2a00:1450:4864:20::42c) smtp.mailfrom=tomek@cedro.info X-Spamd-Result: default: False [-1.64 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.92)[-0.921]; R_DKIM_ALLOW(-0.20)[cedro.info:s=google]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.55)[0.552]; NEURAL_HAM_LONG(-0.97)[-0.973]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[cedro.info]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[cedro.info:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::42c:from]; R_SPF_NA(0.00)[no SPF record]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 09:13:57 -0000 Just an idea - if Android applications were designed to be portable - why Dalvik/Java cannot be ported to various OS just as Python or Java is available to make those applications simply work on various platforms? ;-) -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info From owner-freebsd-questions@freebsd.org Wed Aug 5 09:32:24 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EDAAE3AF87B for ; Wed, 5 Aug 2020 09:32:24 +0000 (UTC) (envelope-from FreeBSD@shaneware.biz) Received: from ipmail03.adl6.internode.on.net (ipmail03.adl6.internode.on.net [150.101.137.143]) by mx1.freebsd.org (Postfix) with ESMTP id 4BM5xg4kKBz4bS5 for ; Wed, 5 Aug 2020 09:32:22 +0000 (UTC) (envelope-from FreeBSD@shaneware.biz) X-SMTP-MATCH: 0 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A2D6AAAIfCpf/8lRAg5gGgEBAQEBAQE?= =?us-ascii?q?BAQEDAQEBARIBAQEBAgIBAQEBQAeBQwKDA2iCC4MJiQGGC4FrJYN0gS+Wags?= =?us-ascii?q?BPAECBAEBD4Q3BAICgiclOQUNAhABAQYBAQEBAQYEhlWFcgEFIw8BIzMJAhg?= =?us-ascii?q?CAhgOAgJXBgEMCAEBgyKCfJdVm3qBMoVShQ6BDioBhUFLgnyEXoFBgREnDII?= =?us-ascii?q?vLj6EJQIHgyaCYASbY5o1ggFrmX8FKJ99kiibAoY4gXkzGiGDPE8ZDZx2NGc?= =?us-ascii?q?CBgEHAQEDCVcBjQsBgkQBAQ?= Received: from ppp14-2-81-201.adl-apt-pir-bras31.tpg.internode.on.net (HELO leader.local) ([14.2.81.201]) by ipmail03.adl6.internode.on.net with ESMTP; 05 Aug 2020 19:02:16 +0930 Subject: Re: Question re ZFS with mixed drive speeds & types To: Greg Marsh , freebsd-questions@freebsd.org References: <575C4647-8F20-4187-9B74-2D509D31A249@gmail.com> From: Shane Ambler Message-ID: Date: Wed, 5 Aug 2020 19:02:14 +0930 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 MIME-Version: 1.0 In-Reply-To: <575C4647-8F20-4187-9B74-2D509D31A249@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4BM5xg4kKBz4bS5 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of FreeBSD@shaneware.biz has no SPF policy when checking 150.101.137.143) smtp.mailfrom=FreeBSD@shaneware.biz X-Spamd-Result: default: False [-1.00 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.82)[-0.825]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[150.101.137.143:from]; NEURAL_HAM_LONG(-0.72)[-0.723]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[ShaneWare.Biz]; AUTH_NA(1.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.35)[-0.349]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[no SPF record]; FREEMAIL_TO(0.00)[gmail.com,freebsd.org]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2]; ASN(0.00)[asn:4739, ipnet:150.101.0.0/16, country:AU]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[150.101.137.143:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 09:32:25 -0000 On 5/8/20 4:25 pm, Greg Marsh wrote: > Hello everyone. I hope you are well. > > I’m budgeting to upgrading my home file server. Sort of for more > data capacity, but mostly for more physical space, flexibility and to > try some things storage wise. > I ask because about 10 years ago, I was involved in a project that > had a HUGE storage component. Many of the vendors we brought in to > pitch, including Sun, were promoting tiered storage. Sun in > particular were quite proud of this tech. Their system ran ZFS and > had a hybrid of ssd, sas & SATA, with the system dynamically moving > data around the different speed/capacity drives, based on their > activity, all transparent to the application or user. ZFS can use ssd drives for a zpool cache, keeping used files on the faster disks, but I don't believe ZFS (or any disk based FS) offers any automatic load balancing between disk types. For automatic load balancing I would expect the use of a distributed file system, like glusterFS or cephFS -- FreeBSD - the place to B...Sharing Disks Shane Ambler From owner-freebsd-questions@freebsd.org Wed Aug 5 12:46:58 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 053D9375CD7 for ; Wed, 5 Aug 2020 12:46:58 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.134]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMBG86ZMHz4nyc for ; Wed, 5 Aug 2020 12:46:56 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([188.102.101.6]) by mrelayeu.kundenserver.de (mreue012 [212.227.15.167]) with ESMTPA (Nemesis) id 1McIYO-1kbG7e0qmS-00cfvh; Wed, 05 Aug 2020 14:46:54 +0200 Date: Wed, 5 Aug 2020 14:46:53 +0200 From: Polytropon To: Tomasz CEDRO Cc: FreeBSD Questions Subject: Re: Complete idiots guide to virtualize Android with bhyve Message-Id: <20200805144653.c0d48b2e.freebsd@edvax.de> In-Reply-To: References: Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K1:XH0tmJpMPJS0bGNldtRnMh74/Y1nrnw4LDPDq0q1qoEh5DZZD1X kU6+0GMTbPHJQp6yPodC1mGgq07zFd6jrZ28KOV3hR/1JCNxzKNlv/uULbhHrGdMMrx4OSr 1RI7qstexOlGacLO44ZFxPM3v5YLdOUjLhhxfCFlR8mxgM0kOoZrUu8+4ieFkPRktMHYX+B TquNfmw7bG54fJKYm2E2A== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:bII4MVwVYws=:Qekhz7+J82nGZtvHZr3YNS IxhbOITDwKjKtdBfV01WsZLPpgkIXZJeuVm3XZG1NEuq7e5n7tM+aQT8J7KFhhMNm66g3cshx k0OMNo22R1vyEOxDRAep8X8VOCCPhrGs5CdPh07HI1BkOgbzY0uIRkkZDhbAX3SPRPOzEolWs 5xS9IQdEYwdQ4zz8Wx4QgcjPti9i4LYasiaJdQ463omGJorjkFxQH1YRk8tIdT2LM806KuorQ ZRwwHSRbvuaUOVgmFcptwcjcBCzIXEeBtAmf+3FqfeoBZScFoHlWHCf539TwTTmWdY5yn8gu/ 98sr2jQLKTccn2SMofJC9p6PkLqpfWpjJ6frr+7t4JqeOimwsIRrolxnZKJLP+571QRBvhFca voeG+NnbFGiDYWDPVmkSz7blzaGZTvqQvUHr3Hzy5KW7AE7fcza33M/4bpB16s0mw73/a2N18 ocjpHTaccbbcZVHIqfMM714hU2HeV2VV9J1mW60cBrd3+f59aOQHQDbMOfsRPkmKO/XT7Vl+J zx3dNDOAmA2XXXOVugB9q+SdsLBqyk5d+MNS3qTK6cmSqio3e6+nn6mTtfGM13CkBoOd+DGN/ 9cgSim7vSDefZrCQV/z35PlUzV9G/EcSGbgrLdNFp4NzfWbOiDBPwZT1xGb0Mi4udd/a7wX9X eaZMcO9kMTuuefq3v7NWxj5zjht5O1uZ3bKsrkoksavGnlGHh48vc3jS0zBSmxCBk0BFJTSTB MPu2ygx1rly+ttWoqsv/fntxyxxSkKSjG+1S0mh9vh+IgV6M+82/lHlJwBMXxwJ657ForDDbA 6mpatybncGU/GnUGHZt732OC2GuFVyLq7xKL9/1ybiIckaU620UGsSldZbE0QRh2caeCI+s X-Rspamd-Queue-Id: 4BMBG86ZMHz4nyc X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd@edvax.de has no SPF policy when checking 212.227.126.134) smtp.mailfrom=freebsd@edvax.de X-Spamd-Result: default: False [3.01 / 15.00]; HAS_REPLYTO(0.00)[freebsd@edvax.de]; RCVD_VIA_SMTP_AUTH(0.00)[]; MV_CASE(0.50)[]; HAS_ORG_HEADER(0.00)[]; TO_DN_ALL(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; RECEIVED_SPAMHAUS_PBL(0.00)[188.102.101.6:received]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.29)[-0.289]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.13)[0.133]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[edvax.de]; AUTH_NA(1.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_LONG(0.77)[0.771]; MID_CONTAINS_FROM(1.00)[]; RCVD_IN_DNSWL_NONE(0.00)[212.227.126.134:from]; R_SPF_NA(0.00)[no SPF record]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.227.126.134:from]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 12:46:58 -0000 On Wed, 5 Aug 2020 11:13:44 +0200, Tomasz CEDRO wrote: > Just an idea - if Android applications were designed to be portable - > why Dalvik/Java cannot be ported to various OS just as Python or Java > is available to make those applications simply work on various > platforms? ;-) Yes! Java! Write once, run every-... oh sorry, this program only runs on latest "Windows"... ;-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Wed Aug 5 14:17:39 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5F3B23776F7; Wed, 5 Aug 2020 14:17:39 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-qk1-x72b.google.com (mail-qk1-x72b.google.com [IPv6:2607:f8b0:4864:20::72b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMDGp1VcSz4slq; Wed, 5 Aug 2020 14:17:38 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-qk1-x72b.google.com with SMTP id 77so9466476qkm.5; Wed, 05 Aug 2020 07:17:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-transfer-encoding; bh=HMQ1s5gwHDSBqmKQ8Tf4HdQdNk2BA9ZYT9SJyi6XanI=; b=UoOkNQdFdvxVpfBNMuzkS0G7Y+xv2oAhn7sXCoqaADYLpQi8HTlHxjM3FcF3FMatkF TJOnC2Ur+5yZ1GPxqZaYVya11DaBOjx7tDKeYKVHYsVWWFS3lw5VHmtX7GOyH6BFyA3H 0fGPefX93xdCL89er1NvLg1UFlrYlIFvcQAJ+EHq5c8xelX/bmE8pXRpMe36zcAMapjg e5/cK2GwPNPlW6MFpPd9v2f8y4NunoFX+eiju+o9rPzXE5sUNIKxjVa+5zu3PUAWDWfB eeRRJfv5pIAtuTfwbc5NCRLtX6K+ve7KnJBKWrrenkGpagSNDSBw+Gxxb1j8083jFIrY xTQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-transfer-encoding; bh=HMQ1s5gwHDSBqmKQ8Tf4HdQdNk2BA9ZYT9SJyi6XanI=; b=spS2gktWIS/qBRJDrTgV7BE814H2vkqqTrk7DNbfFcchjBkVYN3NNmbILFvtpWYWmy H2tBNv4G0YZp6aLrc0MEUhJCCt6ebEr5j83xY4WctTcH+GO2DozRBVxZmnqKcZEbJlbQ V241nwXCF0S8Qru8erBDcls/N/1ZKvS9EJhuGwCm75X/3ox4sQfGl6d0+H/HtxPZwkht fGRwiC1ooS4+uN0sghv/XgqFgaXTo1SrYZxUjaiKeOQ/ce3viIlZ6fzOAaG9d6bWpPuA wyBjD+e3xjv7Dg4lAIZpo9lD35dpKy+97RoUXNaqwSES504HCKRxaSiNj3HXZzfnp6b3 jh7A== X-Gm-Message-State: AOAM533/Y6TKfqVIudP+1XC/Sf9vqCHbnHywtD8lk18kHFgcKLux55wT 3YLrenIS/3++b1Vy655gDqR7KExM X-Google-Smtp-Source: ABdhPJzj656MtDZU4ySZ7Htu6vLUCbkzMMu06H7832tSwREbX6haHLOMP7tOqArSabdDwEO9WqBQgw== X-Received: by 2002:a37:9e09:: with SMTP id h9mr3414807qke.361.1596637057391; Wed, 05 Aug 2020 07:17:37 -0700 (PDT) Received: from [10.0.10.8] (cpe-65-25-51-0.neo.res.rr.com. [65.25.51.0]) by smtp.googlemail.com with ESMTPSA id s184sm1715842qkf.50.2020.08.05.07.17.36 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 05 Aug 2020 07:17:36 -0700 (PDT) Message-ID: <5F2ABF80.4080208@gmail.com> Date: Wed, 05 Aug 2020 10:17:36 -0400 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: Arthur Chance CC: "freebsd-questions@freebsd.org" , "freebsd-jail@freebsd.org" Subject: Re: how to make a non-vnet jail local only? References: <5F2A051D.4030604@gmail.com> <77719bef-6c53-21a7-ca17-3ebac05427b9@qeng-ho.org> In-Reply-To: <77719bef-6c53-21a7-ca17-3ebac05427b9@qeng-ho.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BMDGp1VcSz4slq X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=UoOkNQdF; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of luzar722@gmail.com designates 2607:f8b0:4864:20::72b as permitted sender) smtp.mailfrom=luzar722@gmail.com X-Spamd-Result: default: False [-2.33 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.39)[-0.389]; RECEIVED_SPAMHAUS_PBL(0.00)[65.25.51.0:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.96)[-0.962]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-0.98)[-0.983]; MIME_GOOD(-0.10)[text/plain]; SUBJECT_ENDS_QUESTION(1.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::72b:from]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 14:17:39 -0000 Arthur Chance wrote: > On 05/08/2020 02:02, Ernie Luzar wrote: >> I have non-vnet jails working that can reach the public internet. >> But now I would like to make some local only non-vnet jails that can >> only access other local only non-vnet jails. BY local meaning have no >> access to the public internet. >> >> How do I make this happen? >> >> Thanks for any pointers. > > Create a second loopback interface (cloned_interfaces="lo1" in > /etc/rc.conf or ifconfig lo1 create for manual control) and put the > local jails on lo1 without access to any other interface. > I tested this already and it doesn't work. non-vnet jail with lo99 for the nic and ip address of 10.0.28.5 can still reach the public internet. Also tested a non-vnet jail with re0 for the nic and ip address of 127.0.10.10 and it can NOT reach the public internet. Created a second non-vnet jail with re0 for the nic and ip address of 127.0.10.11 and it can NOT reach the public internet. But these 2 jails can ping each other. So the nic loX has nothing to do with limiting the non-vnet jail to local host access only. Based on the above 2 tests it looks like the 127.0.0.2 through 127.255.255.254 ip address range is the local host controlling factor. Just to cover all the bases. The host firewall allows the lo0 interface to pass without any rules. The lo99 interface has no firewall rules at all or any NAT rules for 127.0.0.0/8. 10.0.0.0/8 is the only ip address range being NATed. To see if 127.0.0.0/8 has some special internal limiting factor on it or if because the firewall does not NAT 127.0.0.0/8 is the cause of non-vnet jails not being able to reach the public internet. So I created a 3rd non-vnet jail with re0 for the nic and ip address of 192.168.10.10 and made no changes to the firewall or NAT. This jail can NOT reach the public internet, but can ping the other 2 local only jails 127.0.10.10 and 127.0.10.11. So the conclusion is that loX or 127.0.0.0/8 has nothing to do with being the controlling factor between local or public non-vnet jails. The real controlling factor is in the jails ip address being NATed or not. Can this conclusion be disputed? From owner-freebsd-questions@freebsd.org Wed Aug 5 14:45:00 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B862F378B18 for ; Wed, 5 Aug 2020 14:45:00 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: from mail-qk1-x743.google.com (mail-qk1-x743.google.com [IPv6:2607:f8b0:4864:20::743]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMDtN20Wbz4vsL for ; Wed, 5 Aug 2020 14:45:00 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: by mail-qk1-x743.google.com with SMTP id g26so41908634qka.3 for ; Wed, 05 Aug 2020 07:45:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seibercom.net; s=google; h=date:from:to:subject:message-id:in-reply-to:references:reply-to :organization:mime-version; bh=Umw0SwF8rno1sVFFm4RZ5D30lKi3REU7pConKmsRBYc=; b=qxYv5dezH5By+iCbjgEn339ufWq+YC/igV2hzzcHWFzy0wlbZw0lQPpVXirQC5ZobE 4z/+Lr20WmyqUP98utezFpdNNzIFMVNQ7iWv5OW2dgl5OZArSzxIRE/J1xe83dDRXKg8 gqbpYeSW7giDDiRrkBiudy7P3/Zo9wiodie6k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:reply-to:organization:mime-version; bh=Umw0SwF8rno1sVFFm4RZ5D30lKi3REU7pConKmsRBYc=; b=P0z0tXL/55heO2w0k++th7tbutcKzfY8wIj7zwmzJGDISMQzIVjh9jxzfknh5MW3YW cwGvv+NWBqZehAukHaX8g6CT21g0uT5+VY/lyfqmlAthw4YDmvy0qudb6LfAv8+qhhHK V9LZjlaeksnxR9d0cdkTlut4rsS+ofCsLzkinqeFLaVBFe0c2sFuHLwttVSOv+dWT8oq b4KLBjaP+qXIV2OSy8paf94c2JFpbViBAOpUwpSnpdqGrWqz1fA533CvSH+PqrJWjLlK 587LD64y27mgGukHhw/QyJNAzXJuv5kslaCGfh/BJO/n+UfO+5nKkvCmLe2I5d/8jEeE qcFg== X-Gm-Message-State: AOAM530ZygyNDuLI+zAFtgK0f6ICWAD+jekUYCy9w6sutwEANnxjITs9 8gX6+vodobM4hZ9TLXOMgz7+WwTdm0c= X-Google-Smtp-Source: ABdhPJwEXvMx8O9k4iP/U4tDgBLhpUjAwiSR3G/waW7nxnMvRCz9GzD+gAnW9r/DABqGa7uI7mdO6A== X-Received: by 2002:a37:a758:: with SMTP id q85mr3612852qke.325.1596638373712; Wed, 05 Aug 2020 07:39:33 -0700 (PDT) Received: from scorpio.seibercom.net (cpe-174-109-231-236.nc.res.rr.com. [174.109.231.236]) by smtp.gmail.com with ESMTPSA id l13sm2084665qth.77.2020.08.05.07.39.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 05 Aug 2020 07:39:32 -0700 (PDT) Received: from scorpio.seibercom.net (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by scorpio.seibercom.net (Postfix) with ESMTPS id 4BMDm313MHzt5J for ; Wed, 5 Aug 2020 10:39:31 -0400 (EDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.102.4 at scorpio.seibercom.net Date: Wed, 5 Aug 2020 10:39:24 -0400 From: Jerry To: "User Questions" Subject: Re: Complete idiots guide to virtualize Android with bhyve Message-ID: <20200805103924.0637d8e2@scorpio.seibercom.net> In-Reply-To: <20200805144653.c0d48b2e.freebsd@edvax.de> References: <20200805144653.c0d48b2e.freebsd@edvax.de> Reply-To: "User Questions" Organization: seibercom NET X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; amd64-portbld-freebsd11.4) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; boundary="Sig_/mEcobWqKMcwIi_wHnXYpgwx"; protocol="application/pgp-signature" X-Rspamd-Queue-Id: 4BMDtN20Wbz4vsL X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=seibercom.net header.s=google header.b=qxYv5dez; dmarc=none; spf=pass (mx1.freebsd.org: domain of jerry@seibercom.net designates 2607:f8b0:4864:20::743 as permitted sender) smtp.mailfrom=jerry@seibercom.net X-Spamd-Result: default: False [3.37 / 15.00]; HAS_REPLYTO(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; HAS_ORG_HEADER(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[seibercom.net:+]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; REPLYTO_EQ_TO_ADDR(5.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RECEIVED_SPAMHAUS_PBL(0.00)[174.109.231.236:received]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.47)[-0.472]; R_DKIM_ALLOW(-0.20)[seibercom.net:s=google]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.89)[-0.887]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[seibercom.net]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_SPAM_SHORT(0.32)[0.324]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::743:from]; GREYLIST(0.00)[pass,body]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 14:45:00 -0000 --Sig_/mEcobWqKMcwIi_wHnXYpgwx Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Wed, 5 Aug 2020 14:46:53 +0200, Polytropon stated: >On Wed, 5 Aug 2020 11:13:44 +0200, Tomasz CEDRO wrote: >> Just an idea - if Android applications were designed to be portable - >> why Dalvik/Java cannot be ported to various OS just as Python or Java >> is available to make those applications simply work on various >> platforms? ;-) =20 > >Yes! Java! Write once, run every-... oh sorry, this program >only runs on latest "Windows"... ;-) There are a couple of questions that need to be answered here. 1) Whose fault is it that the application only runs on MS Windows? 2) Why would the author of such applications choose to prioritize a Microsoft operating system over a rival operating systems? Before assessing blame in this situation, those two basic questions should first be answered. --=20 Jerry --Sig_/mEcobWqKMcwIi_wHnXYpgwx Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEIQb/tTwl6I1ueEVtOHMGOIfexWQFAl8qxJwACgkQOHMGOIfe xWQ6eAf/aXs0Mw0AbWeFIPU7q4SRY2wSugKLJN9OTs1XwjzUH21puHTuTalayI+s tro+7IYtyGd3cBj4neE3+dBQK+vZJi2Z2wPNzhU5qp9WHBeyl9tEJ9XPDX6Iwr9w 5eKYInvuUCvE54oO2yyfTJHgCzNft1mAcm+jFzPa4Ojp40rZBN99IBkd4VTmIvtS RFlyW1hzAF9H5szlRB8nHerE4GTAKvMdeyRUxpK+hl1rQVo7qYqxhczwMrycHe/l YX+xPzYIKuWBsb25lSMEr5a9D6R210eoH6z/HpZdjN/P6pszlBmQ+71hBeWMuvRm IwM9WlKrUD4R3nwHRVYOg7VvvOJnqg== =Cbbw -----END PGP SIGNATURE----- --Sig_/mEcobWqKMcwIi_wHnXYpgwx-- From owner-freebsd-questions@freebsd.org Wed Aug 5 15:07:45 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2FDDA378DBC for ; Wed, 5 Aug 2020 15:07:45 +0000 (UTC) (envelope-from 4250.82.1d4c20007569f9b.ec9f292a4cbeb6b4f3274b990e118776@email-od.com) Received: from s1-b0c6.socketlabs.email-od.com (s1-b0c6.socketlabs.email-od.com [142.0.176.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMFNc2kv8z3Sf8 for ; Wed, 5 Aug 2020 15:07:43 +0000 (UTC) (envelope-from 4250.82.1d4c20007569f9b.ec9f292a4cbeb6b4f3274b990e118776@email-od.com) DKIM-Signature: v=1; a=rsa-sha256; d=email-od.com;i=@email-od.com;s=dkim; c=relaxed/relaxed; q=dns/txt; t=1596640064; x=1599232064; h=content-transfer-encoding:content-type:mime-version:references:in-reply-to:message-id:subject:cc:to:from:date:x-thread-info; bh=amMVvPLg5bbcg8tnXWZm9qIoDFX52hAhXGZ2DzjXGGc=; b=oSRQEziX9cyoCKhB0/5Ji9axbIedQEFAyTxgDZLKG9Qn0vEJMf3Ko7g9Q2OHfvJYhnPjzIRk+BIegyiBGFJfOHVzV7zm05jduCWGcby4fT/T8/tigeA4GukkidkPDbge4m9olnH7kumFCH3KyaEgJZZ2w+kR7Fhi5p4hMqby90s= X-Thread-Info: NDI1MC45Mi4xZDRjMjAwMDc1NjlmOWIuZnJlZWJzZC1xdWVzdGlvbnM9ZnJlZWJzZC5vcmc= Received: from r2.h.in.socketlabs.com (r2.h.in.socketlabs.com [142.0.180.12]) by mxsg2.email-od.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Wed, 5 Aug 2020 11:07:36 -0400 Received: from smtp.lan.sohara.org (EMTPY [185.202.17.215]) by r2.h.in.socketlabs.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Wed, 5 Aug 2020 11:07:35 -0400 Received: from [192.168.63.1] (helo=steve.lan.sohara.org) by smtp.lan.sohara.org with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1k3L0v-000CQ1-Nx; Wed, 05 Aug 2020 16:07:33 +0100 Date: Wed, 5 Aug 2020 16:07:33 +0100 From: Steve O'Hara-Smith To: Tomasz CEDRO Cc: Antonio Olivares , FreeBSD Questions Subject: Re: Complete idiots guide to virtualize Android with bhyve Message-Id: <20200805160733.d1bfa86fdcf9d07e1c41744a@sohara.org> In-Reply-To: References: X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) X-Clacks-Overhead: "GNU Terry Pratchett" Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BMFNc2kv8z3Sf8 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=email-od.com header.s=dkim header.b=oSRQEziX; dmarc=none; spf=pass (mx1.freebsd.org: domain of 4250.82.1d4c20007569f9b.ec9f292a4cbeb6b4f3274b990e118776@email-od.com designates 142.0.176.198 as permitted sender) smtp.mailfrom=4250.82.1d4c20007569f9b.ec9f292a4cbeb6b4f3274b990e118776@email-od.com X-Spamd-Result: default: False [-2.25 / 15.00]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[email-od.com:s=dkim]; NEURAL_HAM_MEDIUM(-0.99)[-0.988]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip4:142.0.176.0/20]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[sohara.org]; RWL_MAILSPIKE_VERYGOOD(0.00)[142.0.176.198:from]; NEURAL_HAM_LONG(-1.04)[-1.038]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[email-od.com:+]; NEURAL_HAM_SHORT(-0.52)[-0.524]; RCVD_IN_DNSWL_NONE(0.00)[142.0.176.198:from]; FORGED_SENDER(0.30)[steve@sohara.org,4250.82.1d4c20007569f9b.ec9f292a4cbeb6b4f3274b990e118776@email-od.com]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; FREEMAIL_CC(0.00)[gmail.com,freebsd.org]; ASN(0.00)[asn:7381, ipnet:142.0.176.0/22, country:US]; FROM_NEQ_ENVFROM(0.00)[steve@sohara.org, 4250.82.1d4c20007569f9b.ec9f292a4cbeb6b4f3274b990e118776@email-od.com] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 15:07:45 -0000 On Wed, 5 Aug 2020 11:13:44 +0200 Tomasz CEDRO wrote: > Just an idea - if Android applications were designed to be portable - > why Dalvik/Java cannot be ported to various OS just as Python or Java > is available to make those applications simply work on various > platforms? ;-) You need all the Android interface classes. -- Steve O'Hara-Smith From owner-freebsd-questions@freebsd.org Wed Aug 5 15:09:26 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2EF8B37923F for ; Wed, 5 Aug 2020 15:09:26 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [217.72.192.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMFQY1lVmz3SnM for ; Wed, 5 Aug 2020 15:09:24 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([188.102.101.6]) by mrelayeu.kundenserver.de (mreue109 [212.227.15.183]) with ESMTPA (Nemesis) id 1Mnac7-1kV0kQ06hZ-00jVoS for ; Wed, 05 Aug 2020 17:09:23 +0200 Date: Wed, 5 Aug 2020 17:09:22 +0200 From: Polytropon To: User Questions Subject: Re: Complete idiots guide to virtualize Android with bhyve Message-Id: <20200805170922.dfa056f4.freebsd@edvax.de> In-Reply-To: <20200805103924.0637d8e2@scorpio.seibercom.net> References: <20200805144653.c0d48b2e.freebsd@edvax.de> <20200805103924.0637d8e2@scorpio.seibercom.net> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K1:wzzzyRR3Ip2j+MhkkubrzhurDOU+Db9vGZF/IgQ1VVr8ENFRVLa bICN92nLJYuLoJKcdhwzvr1R0/g01SwAPF8qcsSLNxu5cxPnTI8K5fpVPUaIpbMg8bX1k/L RBoRbix0bYZbUEjWnwm86WmYrNhaRWf03haKfRKvh2/8jeennyNzFUzTvULkH44fIcqyT3B 7Pr+0Vw30SsUu6fj2JrxA== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:9EZnpwsBO/g=:5qLQyqeux1626dZqIiwI5b 9E2bYrQNb4W+YnZLtHl4W2uUZspbni0mVRCOMcx9KNnbbZ+7JrMYoHJdMtxBfCORZUk4F6+yG Xb64McdAS/LCGwkIaIFWOVfvopik18libK1vS53sqTMpJkV1KS9Heybbl7CBL1IhmSMREGUYa 6LDmm8HfPbG7nOnKYlUP+yu/r0npaUftMNPPPDVsBKfCIRAUflZ0jftQSYcg9NDH1AAu4Idsp yJZlUm/dmDMstgCE1dRbep3jImKm5KeK6C0Z8hH1xYVNzeYrryJny9Wny7aQofhm1E1mDlKVF 2oieafcPRQX6yrl4X/Uw9AcNh71m91PsW71hzudkLfqwCOuak4/s04HNho2P1du8BOpzNsTsx m7y0exH+Rc+msLypvi0cdrz+k2ahe7ibF85Ar/6lSzx5QJdNC+x7tE0J18cxvgT8Sbk64cp1g a2DTy2NtV4s9+HF9erF+RDD9Xv3qWo92rjLnqayCVLScBnVnYuc+9/08FyNZ1DQQfzurWda5o gpRua91S6e9TT7WSRWCB+PTdF/rcC9Zm1YJq4OMWK36KzJwp3AAk7+/WgcNs6L+MiZdmaJ4xa mXZFXwjyOeatWnu41pC4j51a2x8AGY8Ge7RAtUMl1AbflQjpDaBFP/Obe4SzceO5527YaSE7b UKO5r7ZI7idZpABknQqtKN12tE/ZPbEEY26+qy3XbdrsDLtYpOROkRI2JcFX/XxMKq9Hc00wD PaaOECxaRKvmnCm/a3ydOGN7pXAQZ3iVFRPQ4+IyP0t7m+GVym6GMP6VQEvU9OXv15d2czPIW YZd7stTsQlesYpCEbmrS6qMZDotyfOrCmn9iUljEgZXdrqcxRRSXraTLwEmB2XTHn0JxTF8 X-Rspamd-Queue-Id: 4BMFQY1lVmz3SnM X-Spamd-Bar: ++++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd@edvax.de has no SPF policy when checking 217.72.192.74) smtp.mailfrom=freebsd@edvax.de X-Spamd-Result: default: False [4.35 / 15.00]; HAS_REPLYTO(0.00)[freebsd@edvax.de]; RCVD_VIA_SMTP_AUTH(0.00)[]; MV_CASE(0.50)[]; HAS_ORG_HEADER(0.00)[]; TO_DN_ALL(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[188.102.101.6:received]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:8560, ipnet:217.72.192.0/20, country:DE]; MIME_TRACE(0.00)[0:+]; ARC_NA(0.00)[]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.43)[0.427]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.54)[0.543]; RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_LAST(0.00)[]; NEURAL_SPAM_LONG(0.97)[0.975]; MID_CONTAINS_FROM(1.00)[]; RCVD_IN_DNSWL_NONE(0.00)[217.72.192.74:from]; R_SPF_NA(0.00)[no SPF record]; DMARC_NA(0.00)[edvax.de]; RWL_MAILSPIKE_POSSIBLE(0.00)[217.72.192.74:from]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 15:09:26 -0000 On Wed, 5 Aug 2020 10:39:24 -0400, Jerry wrote: > On Wed, 5 Aug 2020 14:46:53 +0200, Polytropon stated: > >On Wed, 5 Aug 2020 11:13:44 +0200, Tomasz CEDRO wrote: > >> Just an idea - if Android applications were designed to be portable - > >> why Dalvik/Java cannot be ported to various OS just as Python or Java > >> is available to make those applications simply work on various > >> platforms? ;-) > > > >Yes! Java! Write once, run every-... oh sorry, this program > >only runs on latest "Windows"... ;-) > > There are a couple of questions that need to be answered here. > > 1) Whose fault is it that the application only runs on MS Windows? > > 2) Why would the author of such applications choose to prioritize > a Microsoft operating system over a rival operating systems? > > Before assessing blame in this situation, those two basic questions > should first be answered. Nothing should be answered, because there's a ";-)" appended to the statement. Java != Java, especially when you consider how a Java program can hook into OS-specific internals that sometimes should be abstracted by Java libraries, but in reality often aren't abstracted, so there is a thick layer of OS-dependent (!) code involved. You can see this for apps written in Java intended to be run on Andoid, and even there, things like "version mismatch" or "only runs on those models" can be found. Similarly, there are Java programs which can be called "Java program written for Windows", and as such will not flawlessly run on anything else, even if the Java runtime environment is present and working. The reasons why there is a "for" in the development process can be many, such as intending a vendor lock-in, requiring 3rd party libraries not available anywhere else, or having a testing team that does now have anything than "Windows" PCs they could test the software on. Comparable reasons can be found to explain the restrictions of "Java for Android". Nothing has been asked, nothing needs to be answered. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Wed Aug 5 16:09:33 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6B23D37AA96; Wed, 5 Aug 2020 16:09:33 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from bede.qeng-ho.org (bede.qeng-ho.org [217.155.128.241]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMGlw4Y51z3WqJ; Wed, 5 Aug 2020 16:09:32 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2]) by bede.qeng-ho.org (Postfix) with ESMTP id 73ED910640; Wed, 5 Aug 2020 17:09:30 +0100 (BST) Subject: Re: how to make a non-vnet jail local only? To: Ernie Luzar Cc: "freebsd-questions@freebsd.org" , "freebsd-jail@freebsd.org" References: <5F2A051D.4030604@gmail.com> <77719bef-6c53-21a7-ca17-3ebac05427b9@qeng-ho.org> <5F2ABF80.4080208@gmail.com> From: Arthur Chance Message-ID: <15ab4539-afaf-df6e-8c36-bf8056723999@qeng-ho.org> Date: Wed, 5 Aug 2020 17:09:30 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <5F2ABF80.4080208@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BMGlw4Y51z3WqJ X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@qeng-ho.org designates 217.155.128.241 as permitted sender) smtp.mailfrom=freebsd@qeng-ho.org X-Spamd-Result: default: False [-1.66 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.90)[-0.901]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:217.155.128.240/29]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[qeng-ho.org]; NEURAL_HAM_LONG(-1.01)[-1.014]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.44)[-0.443]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13037, ipnet:217.155.0.0/16, country:GB]; SUBJECT_ENDS_QUESTION(1.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 16:09:33 -0000 On 05/08/2020 15:17, Ernie Luzar wrote: > Arthur Chance wrote: >> On 05/08/2020 02:02, Ernie Luzar wrote: >>> I have non-vnet jails working that can reach the public internet. >>> But now I would like to make some local only non-vnet jails that can >>> only access other local only non-vnet jails. BY local meaning have no >>> access to the public internet. >>> >>> How do I make this happen? >>> >>> Thanks for any pointers. >> >> Create a second loopback interface (cloned_interfaces="lo1" in >> /etc/rc.conf or ifconfig lo1 create for manual control) and put the >> local jails on lo1 without access to any other interface. >> > > I tested this already and it doesn't work. > > non-vnet jail with lo99 for the nic and ip address of 10.0.28.5 can > still reach the public internet. This surprises me. It's a while since I looked at the network handling code, but I was under the impression any packet, whatever its address, on an interface with the LOOPBACK flag set was not routed off the machine. But see below. > Also tested a non-vnet jail with re0 for the nic and ip address of > 127.0.10.10 and it can NOT reach the public internet. > > Created a second non-vnet jail with re0 for the nic and ip address of > 127.0.10.11 and it can NOT reach the public internet. Also in the network code, any packet with a loopback address as either source or destination is not routed off machine. This behaviour is mandated by RFC 1122. It obviously works, no matter what the interface. However, using a loopback address on a non-loopback interface is logged as a bad address. You're not supposed to put loopback addresses on non loopback interfaces. > But these 2 jails can ping each other. This does not involve off machine routing. Given that you wanted non-vnet jails to talk to each other, this would seem to be exactly what you need. > So the nic loX has nothing to do with limiting the non-vnet jail to > local host access only. Based on the above 2 tests it looks like the > 127.0.0.2 through 127.255.255.254 ip address range is the local host > controlling factor. > > Just to cover all the bases. The host firewall allows the lo0 interface > to pass without any rules. The lo99 interface has no firewall rules at > all or any NAT rules for 127.0.0.0/8. 10.0.0.0/8 is the only ip address > range being NATed. I suspect (well, guess) the NATing is what is allowing the lo99 packets to be routed off machine. Try reading the relevant bits of the source code (in /usr/src/sys/netinet, probably ip_{in,out}put.c and maybe ip_fastfwd.c), plus the relevant firewall code if you're really interested. > To see if 127.0.0.0/8 has some special internal limiting factor on it or > if because the firewall does not NAT 127.0.0.0/8 is the cause of > non-vnet jails not being able to reach the public internet. As I said above, this is mandatory behaviour. Even if a packet with a loopback address was emitted by your machine, your ISP should drop it as part of their bogon filtering. (Sadly should isn't the same as will.) > So I created a 3rd non-vnet jail with re0 for the nic and ip address of > 192.168.10.10 and made no changes to the firewall or NAT. This jail can > NOT reach the public internet, but can ping the other 2 local only jails > 127.0.10.10 and 127.0.10.11. > > So the conclusion is that loX or 127.0.0.0/8 has nothing to do with > being the controlling factor between local or public non-vnet jails. The > real controlling factor is in the jails ip address being NATed or not. > > Can this conclusion be disputed? I'm sure you can find someone on the net to dispute with you if you really want. :-) Personally I can't be bothered. The firewall rules also have an effect on routing (duh!), but as you've not said which firewall you're using I can't address that. However, by putting all jails you want not to access the outside world on their own lo interface with their own subnet means you could simply firewall that interface from talking to the outside which is nice and simple. The approach I'm using these days is to use IPv6 for almost everything that's purely in house, and avoid NAT like the horrible hack it is. If you want a set of jails to only be able to speak to each other and the host then using a cloned lo interface and pure link local addresses is nice and simple and doesn't involve a firewall at all. -- The number of people predicting the demise of Moore's Law doubles every 18 months. From owner-freebsd-questions@freebsd.org Wed Aug 5 16:59:59 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2ACC037B648 for ; Wed, 5 Aug 2020 16:59:59 +0000 (UTC) (envelope-from kremels@kreme.com) Received: from mail.covisp.net (mail.covisp.net [65.121.55.42]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMHt63FwHz3ZQj for ; Wed, 5 Aug 2020 16:59:58 +0000 (UTC) (envelope-from kremels@kreme.com) From: "@lbutlr" Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: SSH log lines Date: Wed, 5 Aug 2020 10:59:56 -0600 References: <09256F5E-469C-402B-94DC-3C07F8AC29ED@kreme.com> <745dc612-d5a4-1e06-89bb-8df5dfbd7e1f@fechner.net> To: FreeBSD In-Reply-To: <745dc612-d5a4-1e06-89bb-8df5dfbd7e1f@fechner.net> Message-Id: X-Mailer: Apple Mail (2.3652.0.5.2.1) X-Rspamd-Queue-Id: 4BMHt63FwHz3ZQj X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of kremels@kreme.com designates 65.121.55.42 as permitted sender) smtp.mailfrom=kremels@kreme.com X-Spamd-Result: default: False [-1.02 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.90)[-0.905]; FROM_HAS_DN(0.00)[]; MISSING_MIME_VERSION(2.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; R_SPF_ALLOW(-0.20)[+mx]; DMARC_NA(0.00)[kreme.com]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.02)[-1.016]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-0.70)[-0.700]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:209, ipnet:65.112.0.0/12, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[65.121.55.42:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 16:59:59 -0000 On 03 Aug 2020, at 23:22, Matthias Fechner wrote: > Am 03.08.2020 um 21:37 schrieb @lbutlr: >> When some moon tires to login to an account like root, ssh does n=E2=80= =99t log the IP address in the failure line as it does with non-existent = users. >>=20 >> sshd[99328] error: PAM: Authentication error for root from = vps-94314d13.vps.ovh.ca >> sshd[99328] Connection closed by authenticating user root = 139.99.236.165 port 46226 [preauth] >>=20 >> sshd[7202] Invalid user pi from 2.232.248.6 port 46438 >>=20 >> Is there anyway that I can change this so that the IP address appears = not eh same line as the Authentication error, it would make my = blacklisting these people much easier. >=20 > try fail2ban, it can handle all of this correctly. Why I am trying to do wis instantly ban any criminals attempting to = login to root (and a few other other accounts). Fail2ban will ban = repeated attempts (just like sshguard which I am already using). But it doesn't matter, the sshguard author is looking at adding a = feature for this. --=20 Space Directive 723: Terraformers are expressly forbidden from recreating Swindon. From owner-freebsd-questions@freebsd.org Wed Aug 5 18:26:53 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B38E53A5EBA for ; Wed, 5 Aug 2020 18:26:53 +0000 (UTC) (envelope-from jacques+freebsd@foucry.net) Received: from mail.foucry.net (fournil.foucry.net [95.217.83.231]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMKpN5r6Sz44kQ for ; Wed, 5 Aug 2020 18:26:52 +0000 (UTC) (envelope-from jacques+freebsd@foucry.net) Received: from mithril.localdomain (lfbn-idf2-1-434-144.w86-246.abo.wanadoo.fr [86.246.142.144]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.foucry.net (Postfix) with ESMTPSA id 188361EBEF for ; Wed, 5 Aug 2020 18:26:36 +0000 (UTC) Received: from mithril (localhost [IPv6:::1]) by mithril.localdomain (Postfix) with ESMTP id 58B6913C57 for ; Wed, 5 Aug 2020 20:26:36 +0200 (CEST) Date: Wed, 5 Aug 2020 20:26:36 +0200 From: Jacques Foucry To: freebsd-questions@freebsd.org Subject: Re: Question re ZFS with mixed drive speeds & types Message-ID: <20200805182636.GD48435@mithril> Mail-Followup-To: freebsd-questions@freebsd.org References: <575C4647-8F20-4187-9B74-2D509D31A249@gmail.com> <4fefedad-5b2a-11b8-7b22-3b6162f0404f@holgerdanske.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <4fefedad-5b2a-11b8-7b22-3b6162f0404f@holgerdanske.com> X-Rspamd-Queue-Id: 4BMKpN5r6Sz44kQ X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=foucry.net; spf=pass (mx1.freebsd.org: domain of jacques@foucry.net designates 95.217.83.231 as permitted sender) smtp.mailfrom=jacques@foucry.net X-Spamd-Result: default: False [-3.36 / 15.00]; RCVD_TLS_LAST(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.01)[-1.005]; RCVD_COUNT_THREE(0.00)[3]; MID_RHS_NOT_FQDN(0.50)[]; NEURAL_HAM_SHORT(-1.03)[-1.030]; DMARC_POLICY_ALLOW(-0.50)[foucry.net,none]; NEURAL_HAM_MEDIUM(-1.02)[-1.021]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:95.217.0.0/16, country:DE]; TAGGED_FROM(0.00)[freebsd] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 18:26:53 -0000 Le mercredi 05 août 2020 à 01:32:02 (-0700), David Christensen à écrit: > On 2020-08-04 23:55, Greg Marsh wrote: > > Hello everyone. I hope you are well. > > > > I’m budgeting to upgrading my home file server. Sort of for more data capacity, but mostly for more physical space, flexibility and to try some things storage wise. It’s currently got a 6x2tb SATA raidz of WD reds w/ssd for l2arc & logging. > > 1st goal - mirror that ssd. > > > > Now, I’ve got a big box of still working Seagate Cheetah 15k scsi drives & several controllers, both raid and not. The drives are only 146gb, but 15k. However, I’m wondering if I were to make a VDEV pool of like 7 of them, add that to my volume and what, if any positive benefit it might to my ZFS storage? > > > > I ask because about 10 years ago, I was involved in a project that had a HUGE storage component. Many of the vendors we brought in to pitch, including Sun, were promoting tiered storage. Sun in particular were quite proud of this tech. Their system ran ZFS and had a hybrid of ssd, sas & SATA, with the system dynamically moving data around the different speed/capacity drives, based on their activity, all transparent to the application or user. Most often used data coming from the ssd & sas drives, with less active files kept on the SATA drives. I remember the same thing when Sun demostrate us ZFS (I was a Sunkskill at this time). But I never tried. > > > > I’m wondering if this capability made it into the open source version of ZFS. Because that would be fantastic. > > > > Thank you all for any insight or advice. > > > > Cheers, > > Greg > > > Everything I have read recommends using the same size and speed devices > in a given pool. > > > To upgrade a pool, one technique is to replace one device at a time with > a "better" device, wait for the new device to resilver, and repeat until > all devices have been upgraded. Beware that if you have raidz1, you > would be at risk of losing everything if a drive failed while upgrading > another. If you want I wrote a small tuto about that and change my Free∇AS disks. > Using the SSD for cache and using two or more SCSI drives in a mirror > for log makes sense if you want to minimize hardware cost. > > > David > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- Jacques Foucry From owner-freebsd-questions@freebsd.org Wed Aug 5 18:45:59 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D9D713A6742 for ; Wed, 5 Aug 2020 18:45:59 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [217.72.192.75]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMLDP6Rz5z45qS for ; Wed, 5 Aug 2020 18:45:57 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([188.102.101.6]) by mrelayeu.kundenserver.de (mreue109 [212.227.15.183]) with ESMTPA (Nemesis) id 1MGz5h-1jyfKS3z5X-00E3KO; Wed, 05 Aug 2020 20:45:48 +0200 Date: Wed, 5 Aug 2020 20:45:46 +0200 From: Polytropon To: Jacques Foucry Cc: freebsd-questions@freebsd.org Subject: Re: Question re ZFS with mixed drive speeds & types Message-Id: <20200805204546.d1bf410e.freebsd@edvax.de> In-Reply-To: <20200805182636.GD48435@mithril> References: <575C4647-8F20-4187-9B74-2D509D31A249@gmail.com> <4fefedad-5b2a-11b8-7b22-3b6162f0404f@holgerdanske.com> <20200805182636.GD48435@mithril> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:WCZXlajXxpRMbnrL36mEtgpNBntA1QeCX/h1YjDJ4h2jHK19Ka5 MN8gPs/JuNn2GFCQBx+poCs+2sit7jR/vMIn8BnM9Y10jJ1fdxxqYQLwNVFQsuWU2eBjvXU NoR7MqUTaHpmlwrVvr6wjY/k/VJzXkk5v6ffmlXAnVaBqGs7b/XQoZoi15C7KTBRQsBOX71 +iK3RGo+RpM/cxrL0OIDQ== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:OJrXFggDOaA=:1+jvQ35H0YAeV9PKqFlOy+ +6yAoytwu1+H7J8hruC8f5gHD1/p2cL4LNatEOCqrTN0kzSsdV+EUhjV3FQT5+vmtRtQN2Hh9 BF2nFVZqyjBYDgySTAJ/aJStmGDYzy/6QM1O0drNTW77iMdjIlF/Pc8izDV59hT+bl9vfykHO b/3NTFo5l0KO3VTVC15du8uO1QxJjww2os+9+Ts1nDOYd+pAaO22auGJrvScEaFAgGqsW4F+F WNDPO/qpmFq69zYzBiUUrZcpa2AphV+FhGJKwvccRYZfp1KmJ1Vog9Pj9k7carW3ne0UaH62f ZTiVuAKE76aoTLZUYPsfPqFnCT+sZWVUeQjgFNw99mZvjpRIsGzwn++8i7lRpHvxOzOmfpqde QGDdHE+Jw80M71et9Aru1w/7b1qW+Pm2naZjcAMqYFKZkPksKoYJnqCJHTRdtWOh4wQC9ku1m x6EUeltu8KagrPJ3xAtKmojdlhwbLDE6h4TCY3ZM0J7eLQbbz+K0oCxCBgya1/kFI6Caa/J9i WD/TNWSo93aVnhXWZ8rtK8jVWiQm61ptyp4smjS8gc84dSI0Pwj6WUuXAEHo7DpKydCkygKkO qkKBZFIiFzb3r+Xcw7jGuZzigvAju19QdKttXjCLpUgPYYMnwNUu8i+dz5aDCuYEzdEiWpqJY NI8SvPXtnZwoU0Yfy/BinEnNsFZY1Hv8jhB5V3d2h2NNxZjcnGbw/3uLOdTHYb9740VPZm70+ K3/D0zvZgx0PqbjL1IaeP078zCEMDaheu0YDcnnADCbSKvZKQdLu4PcyvwPe0pCShlg5cJySb JF3sPk/jD8ic2Ti9qOnfVmrDtVknDIEJ+j1KQ5q6RMnSoQmHd6gVQmo/6gfOY/mHa+WECVF X-Rspamd-Queue-Id: 4BMLDP6Rz5z45qS X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd@edvax.de has no SPF policy when checking 217.72.192.75) smtp.mailfrom=freebsd@edvax.de X-Spamd-Result: default: False [2.68 / 15.00]; HAS_REPLYTO(0.00)[freebsd@edvax.de]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; HAS_ORG_HEADER(0.00)[]; NEURAL_HAM_SHORT(-0.31)[-0.307]; RCPT_COUNT_TWO(0.00)[2]; RECEIVED_SPAMHAUS_PBL(0.00)[188.102.101.6:received]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:8560, ipnet:217.72.192.0/20, country:DE]; MIME_TRACE(0.00)[0:+]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.06)[-0.062]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TAGGED_RCPT(0.00)[freebsd]; MIME_GOOD(-0.10)[text/plain]; AUTH_NA(1.00)[]; DMARC_NA(0.00)[edvax.de]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_LONG(0.65)[0.649]; MID_CONTAINS_FROM(1.00)[]; RCVD_IN_DNSWL_NONE(0.00)[217.72.192.75:from]; RCVD_TLS_LAST(0.00)[]; R_SPF_NA(0.00)[no SPF record]; RWL_MAILSPIKE_POSSIBLE(0.00)[217.72.192.75:from]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 18:45:59 -0000 On Wed, 5 Aug 2020 20:26:36 +0200, Jacques Foucry wrote: > Le mercredi 05 ao=FBt 2020 =E0 01:32:02 (-0700), David Christensen =E0 = =E9crit: > > On 2020-08-04 23:55, Greg Marsh wrote: > > > [...] > > > I ask because about 10 years ago, I was involved in a project that ha= d a HUGE storage component. Many of the vendors we brought in to pitch, inc= luding Sun, were promoting tiered storage. Sun in particular were quite pro= ud of this tech. Their system ran ZFS and had a hybrid of ssd, sas & SATA, = with the system dynamically moving data around the different speed/capacity= drives, based on their activity, all transparent to the application or use= r. Most often used data coming from the ssd & sas drives, with less active = files kept on the SATA drives. >=20 >=20 > I remember the same thing when Sun demostrate us ZFS (I was a Sunkskill at > this time). But I never tried. Sounds a bit like HSM - hierarchical storage management, implemented on IBM mainframe systems (DFHSM) and on DEC VMS for VAX and Alpha, also has been implemented on AIX and other UNIX operating systems. So decades old stuff is "new" again... ;-) --=20 Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Wed Aug 5 19:57:08 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1B55E3A7D3B for ; Wed, 5 Aug 2020 19:57:08 +0000 (UTC) (envelope-from 4250.82.1d4c2000762114f.82fa46285328f34ceb05e10749970133@email-od.com) Received: from s1-b0c6.socketlabs.email-od.com (s1-b0c6.socketlabs.email-od.com [142.0.176.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMMpW3Drcz49Jv for ; Wed, 5 Aug 2020 19:57:07 +0000 (UTC) (envelope-from 4250.82.1d4c2000762114f.82fa46285328f34ceb05e10749970133@email-od.com) DKIM-Signature: v=1; a=rsa-sha256; d=email-od.com;i=@email-od.com;s=dkim; c=relaxed/relaxed; q=dns/txt; t=1596657427; x=1599249427; h=content-transfer-encoding:content-type:mime-version:references:in-reply-to:message-id:subject:cc:to:from:date:x-thread-info; bh=DUvmcO0xJ8tqTtYLP3qcUS/HV4fk0a3f2DVFghYAGBA=; b=b406By7YPcsZtYIc4s7elFfDDc0ox74aB8QXRrGrRkUyS4qL3AZDwbC4L9mVYKn0mxjRRvVGaljFoPgEvys14ZLUzZS2Q/GywTz3TPKSWVPRp7kO7OYOOolcIK5vZnpU72ntTBNLIofKTBPUrUU71qLmIW6G0ffQU+J48zzIM3Q= X-Thread-Info: NDI1MC45Mi4xZDRjMjAwMDc2MjExNGYuZnJlZWJzZC1xdWVzdGlvbnM9ZnJlZWJzZC5vcmc= Received: from r3.us-east-1.aws.in.socketlabs.com (r3.us-east-1.aws.in.socketlabs.com [142.0.191.3]) by mxsg2.email-od.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Wed, 5 Aug 2020 15:56:57 -0400 Received: from smtp.lan.sohara.org (EMTPY [185.202.17.215]) by r3.us-east-1.aws.in.socketlabs.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Wed, 5 Aug 2020 15:56:56 -0400 Received: from [192.168.63.1] (helo=steve.lan.sohara.org) by smtp.lan.sohara.org with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1k3PWw-000DKt-Iv; Wed, 05 Aug 2020 20:56:54 +0100 Date: Wed, 5 Aug 2020 20:56:54 +0100 From: Steve O'Hara-Smith To: freebsd-questions@freebsd.org Cc: Polytropon Subject: Re: Question re ZFS with mixed drive speeds & types Message-Id: <20200805205654.c884ed8ef72b0cef048e5072@sohara.org> In-Reply-To: <20200805204546.d1bf410e.freebsd@edvax.de> References: <575C4647-8F20-4187-9B74-2D509D31A249@gmail.com> <4fefedad-5b2a-11b8-7b22-3b6162f0404f@holgerdanske.com> <20200805182636.GD48435@mithril> <20200805204546.d1bf410e.freebsd@edvax.de> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) X-Clacks-Overhead: "GNU Terry Pratchett" Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BMMpW3Drcz49Jv X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=email-od.com header.s=dkim header.b=b406By7Y; dmarc=none; spf=pass (mx1.freebsd.org: domain of 4250.82.1d4c2000762114f.82fa46285328f34ceb05e10749970133@email-od.com designates 142.0.176.198 as permitted sender) smtp.mailfrom=4250.82.1d4c2000762114f.82fa46285328f34ceb05e10749970133@email-od.com X-Spamd-Result: default: False [-2.26 / 15.00]; ARC_NA(0.00)[]; RWL_MAILSPIKE_VERYGOOD(0.00)[142.0.176.198:from]; R_DKIM_ALLOW(-0.20)[email-od.com:s=dkim]; NEURAL_HAM_MEDIUM(-1.01)[-1.008]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip4:142.0.176.0/20]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[sohara.org]; NEURAL_HAM_LONG(-1.04)[-1.044]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[email-od.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[142.0.176.198:from]; NEURAL_HAM_SHORT(-0.51)[-0.506]; FORGED_SENDER(0.30)[steve@sohara.org,4250.82.1d4c2000762114f.82fa46285328f34ceb05e10749970133@email-od.com]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:7381, ipnet:142.0.176.0/22, country:US]; FROM_NEQ_ENVFROM(0.00)[steve@sohara.org,4250.82.1d4c2000762114f.82fa46285328f34ceb05e10749970133@email-od.com]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2020 19:57:08 -0000 On Wed, 5 Aug 2020 20:45:46 +0200 Polytropon wrote: > On Wed, 5 Aug 2020 20:26:36 +0200, Jacques Foucry wrote: > > I remember the same thing when Sun demostrate us ZFS (I was a Sunkskill > > at this time). But I never tried. > > Sounds a bit like HSM - hierarchical storage management, I remember a lecture about a variant on that where the layering went all way from RAM to tape seamlessly, the idea was that data was inherently persistent and the virtual address space was huge. > So decades old stuff is "new" again... ;-) That lecture would have been late 1970s. -- Steve O'Hara-Smith From owner-freebsd-questions@freebsd.org Thu Aug 6 03:48:49 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7DFC73B0738 for ; Thu, 6 Aug 2020 03:48:49 +0000 (UTC) (envelope-from FreeBSD@shaneware.biz) Received: from ipmail03.adl2.internode.on.net (ipmail03.adl2.internode.on.net [150.101.137.141]) by mx1.freebsd.org (Postfix) with ESMTP id 4BMZGl6fWzz4b2F for ; Thu, 6 Aug 2020 03:48:47 +0000 (UTC) (envelope-from FreeBSD@shaneware.biz) X-SMTP-MATCH: 0 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A2D+AABefCtf/8lRAg5gGwEBAQEBAQE?= =?us-ascii?q?BBQEBARIBAQEDAwEBAUAHgUODBWiFFYkBhgmCEIN0mBkLATwBAgQBAYRGBAI?= =?us-ascii?q?CgiklOBMCEAEBBgEBAQEBBgSGVYVyAQUjMyMQCw4KAgIYDgICVwYBDAgBAYM?= =?us-ascii?q?igny0F4EyhVKFHoEOKokJhF6BQYE4gmk+h1SCYASbFk+aNoIBa5oCBSigAZI?= =?us-ascii?q?poT2BejMaIYM8TxkNnHY0ZwIGCAEBAwlXAY8wAQE?= Received: from ppp14-2-81-201.adl-apt-pir-bras31.tpg.internode.on.net (HELO leader.local) ([14.2.81.201]) by ipmail03.adl2.internode.on.net with ESMTP; 06 Aug 2020 13:18:43 +0930 Subject: Re: how to make a non-vnet jail local only? To: Arthur Chance , Ernie Luzar Cc: "freebsd-questions@freebsd.org" References: <5F2A051D.4030604@gmail.com> <77719bef-6c53-21a7-ca17-3ebac05427b9@qeng-ho.org> <5F2ABF80.4080208@gmail.com> <15ab4539-afaf-df6e-8c36-bf8056723999@qeng-ho.org> From: Shane Ambler Message-ID: Date: Thu, 6 Aug 2020 13:18:39 +0930 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 MIME-Version: 1.0 In-Reply-To: <15ab4539-afaf-df6e-8c36-bf8056723999@qeng-ho.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BMZGl6fWzz4b2F X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of FreeBSD@shaneware.biz has no SPF policy when checking 150.101.137.141) smtp.mailfrom=FreeBSD@shaneware.biz X-Spamd-Result: default: False [3.47 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[ShaneWare.Biz]; AUTH_NA(1.00)[]; RWL_MAILSPIKE_GOOD(0.00)[150.101.137.141:from]; NEURAL_SPAM_MEDIUM(0.86)[0.862]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.02)[-0.023]; NEURAL_SPAM_LONG(0.63)[0.633]; RCVD_IN_DNSWL_NONE(0.00)[150.101.137.141:from]; R_SPF_NA(0.00)[no SPF record]; FREEMAIL_TO(0.00)[qeng-ho.org,gmail.com]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:4739, ipnet:150.101.0.0/16, country:AU]; SUBJECT_ENDS_QUESTION(1.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 03:48:49 -0000 On 6/8/20 1:39 am, Arthur Chance wrote: > On 05/08/2020 15:17, Ernie Luzar wrote: >> Arthur Chance wrote: >>> On 05/08/2020 02:02, Ernie Luzar wrote: >>>> I have non-vnet jails working that can reach the public internet. >>>> But now I would like to make some local only non-vnet jails that can >>>> only access other local only non-vnet jails. BY local meaning have no >>>> access to the public internet. >>>> >>>> How do I make this happen? >>>> >>>> Thanks for any pointers. >>> >>> Create a second loopback interface (cloned_interfaces="lo1" in >>> /etc/rc.conf or ifconfig lo1 create for manual control) and put the >>> local jails on lo1 without access to any other interface. >>> >> >> I tested this already and it doesn't work. >> >> non-vnet jail with lo99 for the nic and ip address of 10.0.28.5 can >> still reach the public internet. Do you have bridging or routing enabled? Routing can receive foreign packets on an interface and route them to a different interface. Bridging connects interfaces, sending the same packets on each. While I don't have jails setup, I use sysutils/vm-bhyve for bhyve instances. I have two "vm switches" which are bridge interfaces connecting bhyve instances with physical interfaces, one bridges with wlan0 and allows a vm to get internet access, the second bridges with re0, which has no physical connection and provides no internet access to bhyve instances, but I can ssh into it from the host. I have - net.link.bridge.ipfw: 0 net.link.bridge.ipfw_arp: 0 net.link.bridge.pfil_bridge: 1 net.link.bridge.pfil_onlyip: 1 net.inet.ip.sourceroute: 0 -- FreeBSD - the place to B...Sharing Desktops Shane Ambler From owner-freebsd-questions@freebsd.org Thu Aug 6 11:44:00 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 55F2137DF97 for ; Thu, 6 Aug 2020 11:44:00 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-qk1-x734.google.com (mail-qk1-x734.google.com [IPv6:2607:f8b0:4864:20::734]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMmq32ltSz42F5 for ; Thu, 6 Aug 2020 11:43:59 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-qk1-x734.google.com with SMTP id l6so44562013qkc.6 for ; Thu, 06 Aug 2020 04:43:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-transfer-encoding; bh=iny+iStL8J7vLu4I1Q+rJKl+vSL32nedNhL8tSyXA1g=; b=Ty8bII8xfpqnhdKndKv5tpiwsoW3a83OfRwCSy1+ZvB0gQR84vkJPrxECMMdBkb3Gp BTkvOG28ngwRBgbMzWy5IRyrwhfFmD97CPaT4VPJ7AtAfzdR/zqsUyO5DJPhMxdR8fQE dULSL+Up1vnv8SvmmaGNXXkTcb6Nt7J2Iy+19hjSIKNpQpDkbff1qUK4UDyQup/2sEpg fnGW9c+LSsHoMXO/pKzt1h5WqI57aRnhCpQwWsv1r7C57FN6Nb5FkR8Vh7VAXOecOCgo Uy0VdfJ7d2JeVui6BteVCd63oSOUC4fsmuPM9lI3K57c4XSJR+hEkn7/Q3XwCv6puZY1 OpOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-transfer-encoding; bh=iny+iStL8J7vLu4I1Q+rJKl+vSL32nedNhL8tSyXA1g=; b=PljY5GPHV7iCTjfVmWSiZhu7W55qNVKS+oMhBU+Bs/le+fJ1e8hsCfcrg+ev+VMrzY HnHc4oW9UBrC+jMWSnhUvhY5v+j8tGSNWP3LI3brQBBzDQ1M3WcUignMh8z6Qy67K9Nz /e2zNttq//HBhC0rY7EuOhMck2IWDW7ErIwQVkPI81IbLVCzYHHm74TaYgLWqm02YFmx pxNGucunESh5F5EP2RzT+Lf4HE34lg3b5SpCN4lZ2ltxaX/OfcZam6OTIZ4QJMg0JKKQ hyNduudbmN5h1LLMqhtmgVC25jSJvpJsWXDkP1TmMWWJ3HmcvQBfzB+xesG2yOy9cvY+ g9Wg== X-Gm-Message-State: AOAM530fOqUQejFLIc+vMFXCznX/fFzD5SL699vxEy4IZMkVYsoG3YBs P7mx1FdrM4Tm+oTPpxkcfdCINngq X-Google-Smtp-Source: ABdhPJxPOL7+iP/TwyfnlMs8IlFqidsV7L/zTOkOUdexR+1wH7iFJHbeoYlgn0lR3AKMp818d47DWQ== X-Received: by 2002:a37:6783:: with SMTP id b125mr7799291qkc.465.1596714238172; Thu, 06 Aug 2020 04:43:58 -0700 (PDT) Received: from [10.0.10.8] (cpe-65-25-51-0.neo.res.rr.com. [65.25.51.0]) by smtp.googlemail.com with ESMTPSA id f31sm4807866qte.35.2020.08.06.04.43.57 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 06 Aug 2020 04:43:57 -0700 (PDT) Message-ID: <5F2BECFC.9010002@gmail.com> Date: Thu, 06 Aug 2020 07:43:56 -0400 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: Shane Ambler CC: Arthur Chance , "freebsd-questions@freebsd.org" Subject: Re: how to make a non-vnet jail local only? References: <5F2A051D.4030604@gmail.com> <77719bef-6c53-21a7-ca17-3ebac05427b9@qeng-ho.org> <5F2ABF80.4080208@gmail.com> <15ab4539-afaf-df6e-8c36-bf8056723999@qeng-ho.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BMmq32ltSz42F5 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=Ty8bII8x; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of luzar722@gmail.com designates 2607:f8b0:4864:20::734 as permitted sender) smtp.mailfrom=luzar722@gmail.com X-Spamd-Result: default: False [-2.10 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.16)[-0.162]; RECEIVED_SPAMHAUS_PBL(0.00)[65.25.51.0:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.94)[-0.939]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-1.00)[-0.996]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::734:from]; SUBJECT_ENDS_QUESTION(1.00)[]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 11:44:00 -0000 Shane Ambler wrote: > On 6/8/20 1:39 am, Arthur Chance wrote: >> On 05/08/2020 15:17, Ernie Luzar wrote: >>> Arthur Chance wrote: >>>> On 05/08/2020 02:02, Ernie Luzar wrote: >>>>> I have non-vnet jails working that can reach the public internet. >>>>> But now I would like to make some local only non-vnet jails that can >>>>> only access other local only non-vnet jails. BY local meaning have no >>>>> access to the public internet. >>>>> >>>>> How do I make this happen? >>>>> >>>>> Thanks for any pointers. >>>> Create a second loopback interface (cloned_interfaces="lo1" in >>>> /etc/rc.conf or ifconfig lo1 create for manual control) and put the >>>> local jails on lo1 without access to any other interface. >>>> >>> I tested this already and it doesn't work. >>> >>> non-vnet jail with lo99 for the nic and ip address of 10.0.28.5 can >>> still reach the public internet. > > Do you have bridging or routing enabled? > > Routing can receive foreign packets on an interface and route them to a > different interface. > > Bridging connects interfaces, sending the same packets on each. > > > While I don't have jails setup, I use sysutils/vm-bhyve for bhyve > instances. I have two "vm switches" which are bridge interfaces > connecting bhyve instances with physical interfaces, one bridges with > wlan0 and allows a vm to get internet access, the second bridges with > re0, which has no physical connection and provides no internet access to > bhyve instances, but I can ssh into it from the host. > > I have - > net.link.bridge.ipfw: 0 > net.link.bridge.ipfw_arp: 0 > net.link.bridge.pfil_bridge: 1 > net.link.bridge.pfil_onlyip: 1 > net.inet.ip.sourceroute: 0 > Using 12.1 generic with the system default for those settings. From owner-freebsd-questions@freebsd.org Thu Aug 6 19:21:31 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4131E3A940C for ; Thu, 6 Aug 2020 19:21:31 +0000 (UTC) (envelope-from pathiaki2@yahoo.com) Received: from sonic302-22.consmr.mail.ne1.yahoo.com (sonic302-22.consmr.mail.ne1.yahoo.com [66.163.186.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BMyyy0SS1z4Tth for ; Thu, 6 Aug 2020 19:21:29 +0000 (UTC) (envelope-from pathiaki2@yahoo.com) X-YMail-OSG: 99C32DAVM1nvqWa2yOo182mQlWhqpmC_zit5i8ZD94sCMpVwA7kNcJfe8CCHJNX 2tr2khZTB1uSYEg9wKc.MFEtliJjLv1TuC060As0hr13oIP_8Jcnm6cIaZIoktl5_YHkI3ZvhBvz ckktb2.DZZcEgE3CU2TEmDA4M3ehmlPdAzMQQqvfeIvu80qqjN6knH.Qwese9PrzMlugD.C6gHV3 YFWnT7LJVpPFBkm8bW5_t_UZCufMeVAYn6KPE0uYvkg.geYCXG01npfGdNckgUkPUujr_AiNsTGs 3xQZJaIgLcgeweCUuJN2KR0pcpdWHpzBI91atmeTtUl1UPr4ZDrkfoiouUPMeRiJqQ55HBJpj1Zi 0b0dwL1rnqlRVJTNkxcFDXegmC_uCi_yXGyejXGMh2LrvAJ3kLnxDGh7F4SSVvNvADSfq.2yyhBA D3hXtzY81Bd0sYErJgVi4Yo_5GYRe8LNXk239BQTucFQFeUQ2IFFIOOrHtMst0Bgi2pcMiYa9P8r OHthyefmLzb3gnB9_aXvK_VS4gDpbAk8YL7MaJb8WoUaHyTPHfxPLflilSDOAW0KYIjj_EqaTtmJ LKMAgFq8cIzKF6DLDxx.8_UkQIRbuEeEbknG0S92iuPMrP2bFdRvioPpMr8PFR5vtuTDPcDbz4lY rzI0nVCnSQNRCnsOcwfs9BkaHSD4YO7yjv5ZxYkuWHpcFrqGOqDZSL1NwUX3P7bHexx2jQRj7vKS OzEHd6eHqiPfeVxDsj_9SgMZA_twAGI.3.wgRLOe.2OlFwVrNesVnUDisa2bRxwKHNszRSJWvbjb 07Vqhz4ZKWgw3.vuOw_YqH_pUne7VZApiuhaYT5JdYPDqHP3CX79dgQeowtVItsu4cxa_L9aOGhl kx0djz8.hgHSDU5z4HAK_oz4QmSEoisAEYFafSUT1JywmlEYaFQMUG1RujtMV8nX_7CWs.A7xnr6 WLVArTX40x_d2F5iIwX4dKjbveqPlp5V9pqaBPDS2ju3EZweJHSCToFSgq9QkOkRDgfgQeRluMQM hFlQzjLqhPdFg5eJqsXjflLy9qTjI6agTzIBpSnZpAvOC8iTpynLjKScfYuxK2vP_f08dvVXOO1H qJCnh.gO2Ea2xMIFHizHVjlGcOtb5L.xC0GwYpRrPIH2PU5QHvvh0f1soBA3EhqlszoW_1u8eUIp W62BegGlQEwCUITiVMh.jwdHNJSrdSZ7HxQog1NVsNh3QcmKl6.fWdiPUAD_HgOz94mn.vhDmnbO zRUTZs675ERDb4Xqx_KdZWtDvn4W_qiavACJhWuvxo8ckid2xYn8jmRuXcFQtu4hXP9vGyc7IumG xWokwL1tYNw-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic302.consmr.mail.ne1.yahoo.com with HTTP; Thu, 6 Aug 2020 19:21:28 +0000 Date: Thu, 6 Aug 2020 19:21:28 +0000 (UTC) From: Paul Pathiakis To: Jacques Foucry , Polytropon Cc: freebsd-questions@freebsd.org Message-ID: <1535400648.1041648.1596741688161@mail.yahoo.com> In-Reply-To: <20200805204546.d1bf410e.freebsd@edvax.de> References: <575C4647-8F20-4187-9B74-2D509D31A249@gmail.com> <4fefedad-5b2a-11b8-7b22-3b6162f0404f@holgerdanske.com> <20200805182636.GD48435@mithril> <20200805204546.d1bf410e.freebsd@edvax.de> Subject: Re: Question re ZFS with mixed drive speeds & types MIME-Version: 1.0 X-Mailer: WebService/1.1.16436 YMailNorrin Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.100 Safari/537.36 X-Rspamd-Queue-Id: 4BMyyy0SS1z4Tth X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.19 / 15.00]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; RWL_MAILSPIKE_POSSIBLE(0.00)[66.163.186.148:from]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; FREEMAIL_FROM(0.00)[yahoo.com]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; TAGGED_RCPT(0.00)[freebsd]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; NEURAL_HAM_LONG(-0.99)[-0.987]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[yahoo.com:+]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; RCVD_IN_DNSWL_NONE(0.00)[66.163.186.148:from]; NEURAL_HAM_SHORT(-0.15)[-0.149]; NEURAL_HAM_MEDIUM(-1.05)[-1.052]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36646, ipnet:66.163.184.0/21, country:US]; RCVD_COUNT_TWO(0.00)[2]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim] Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 19:21:31 -0000 Wow.... someone as old as me... :) I had no idea.=C2=A0 I remember a lot of those applications in an OS that w= ere based on this theory.=C2=A0 I believe there were even a few that indexe= d tape drives with UNIX i-nodes.=C2=A0 Good times..... :) P. On Wednesday, August 5, 2020, 2:46:06 PM EDT, Polytropon wrote: =20 =20 On Wed, 5 Aug 2020 20:26:36 +0200, Jacques Foucry wrote: > Le mercredi 05 ao=C3=BBt 2020 =C3=A0 01:32:02 (-0700), David Christensen = =C3=A0 =C3=A9crit: > > On 2020-08-04 23:55, Greg Marsh wrote: > > > [...] > > > I ask because about 10 years ago, I was involved in a project that ha= d a HUGE storage component. Many of the vendors we brought in to pitch, inc= luding Sun, were promoting tiered storage. Sun in particular were quite pro= ud of this tech. Their system ran ZFS and had a hybrid of ssd, sas & SATA, = with the system dynamically moving data around the different speed/capacity= drives, based on their activity, all transparent to the application or use= r. Most often used data coming from the ssd & sas drives, with less active = files kept on the SATA drives. >=20 >=20 > I remember the same thing when Sun demostrate us ZFS (I was a Sunkskill a= t > this time). But I never tried. Sounds a bit like HSM - hierarchical storage management, implemented on IBM mainframe systems (DFHSM) and on DEC VMS for VAX and Alpha, also has been implemented on AIX and other UNIX operating systems. So decades old stuff is "new" again... ;-) --=20 Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... _______________________________________________ freebsd-questions@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org= " =20 From owner-freebsd-questions@freebsd.org Thu Aug 6 20:33:01 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CEF043AA2D4 for ; Thu, 6 Aug 2020 20:33:01 +0000 (UTC) (envelope-from greg.marsh@gmail.com) Received: from mail-qt1-x82c.google.com (mail-qt1-x82c.google.com [IPv6:2607:f8b0:4864:20::82c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BN0YT0893z4Yb4 for ; Thu, 6 Aug 2020 20:33:00 +0000 (UTC) (envelope-from greg.marsh@gmail.com) Received: by mail-qt1-x82c.google.com with SMTP id c12so28409499qtn.9 for ; Thu, 06 Aug 2020 13:33:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=1IjaQske7P21y4TY79jJ9voHUqWCQv/TbeujpgS2MLE=; b=dakUOp/IsruY+BtYph/TdtQlZCnqLiqBICD/YdwQHWqkMF3x7E7Wf72URzzgPxrH6I wXEiGJsI3R1gEvprqabAr2YHA1YW0HBXKjXzGErZd4cWDBjJJ+sy+8MgpbXaeSJVXmJF 5MO0ICGbuWIGStH25KRLIBzuKUej/f+2hJnUJnj1XwhKwLyFyGC2xLj+oJMtj5B+6NGR U1QRaOK+4FUI/szI7McI3na6OTT/r8tdcuZH25DwNH6H0sciPsifHrzdD7DPjsLTFKYe 1ZXBLeTxLoWVP4whVEIc8ulyxhiJ/QbLgEjygsZBSeaJYkMEG5h6CcdJ7hUHedua/Fq6 qRlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=1IjaQske7P21y4TY79jJ9voHUqWCQv/TbeujpgS2MLE=; b=on/SjxEQ9/BB6Ot5KOpEaoB3L/ln0QBe2/9UyBb8NyIuZ0qV64I0RHyz+9nD0dsbIT lgv4WWIubyZ1PIqZ3NNZbV7LdlnrEc8YQ7pQTwsRp2RfyxhEdmGkxIho8TRcJISlM9mm FEMfzVtUKHQYxaQW+qs0ifeoVdLcxhTL4fZQMDKk6k+WsXjeusTFW5YJMUEF2/yvEe+D 3PFLLIhWKSw+v58SKUFHzHJXTU2DFf+uTdGoLUTG7oY5Hb2/1d7qypz+qDdF4VMN4u++ axQ27AwRsB3tu/3hCRgHoVuU/uMCi69l5xjjAXgfMog49YAHvPH2CDUb9u4YA3mTtTQX WRtQ== X-Gm-Message-State: AOAM5326eDa+f7uBIrS3L6c/bM42CL302U3TS7WW2JkH1HAtVs3HVM94 O+xZ6nN9ILI2vtvHBLBy+A8= X-Google-Smtp-Source: ABdhPJx6EzTIYCRLY41tSo7O/8varT1LXdl005VXhU+KzIwAwX8mCDRxkD+mU+LaYTqxFFcSmjiBMQ== X-Received: by 2002:ac8:4c9a:: with SMTP id j26mr10497491qtv.373.1596745979858; Thu, 06 Aug 2020 13:32:59 -0700 (PDT) Received: from [25.108.17.155] ([24.114.48.200]) by smtp.gmail.com with ESMTPSA id g49sm6073057qtk.74.2020.08.06.13.32.58 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Aug 2020 13:32:59 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) Subject: Re: Question re ZFS with mixed drive speeds & types From: Greg Marsh X-Mailer: iPhone Mail (16G183) In-Reply-To: <1535400648.1041648.1596741688161@mail.yahoo.com> Date: Thu, 6 Aug 2020 16:32:55 -0400 Cc: Jacques Foucry , Polytropon , freebsd-questions@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <039ADEB2-9BE6-4407-89FF-5FAC160102A1@gmail.com> References: <575C4647-8F20-4187-9B74-2D509D31A249@gmail.com> <4fefedad-5b2a-11b8-7b22-3b6162f0404f@holgerdanske.com> <20200805182636.GD48435@mithril> <20200805204546.d1bf410e.freebsd@edvax.de> <1535400648.1041648.1596741688161@mail.yahoo.com> To: Paul Pathiakis X-Rspamd-Queue-Id: 4BN0YT0893z4Yb4 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=dakUOp/I; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of gregmarsh@gmail.com designates 2607:f8b0:4864:20::82c as permitted sender) smtp.mailfrom=gregmarsh@gmail.com X-Spamd-Result: default: False [-1.62 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.55)[-0.555]; FREEMAIL_TO(0.00)[yahoo.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.06)[-1.063]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RECEIVED_SPAMHAUS_PBL(0.00)[24.114.48.200:received]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; NEURAL_HAM_LONG(-1.00)[-0.997]; TAGGED_RCPT(0.00)[freebsd]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::82c:from]; RCVD_TLS_ALL(0.00)[]; SUSPICIOUS_RECIPS(1.50)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 20:33:01 -0000 Thank you all for your input and memories. I=E2=80=99m glad to hear I=E2=80=99= m not hallucinating having recalled said storage sales pitches. =3D) I suspect what I=E2=80=99ll end up doing is migrating my current array to th= e new system, then experiment with adding mixed drives to a second, testing a= rray.=20 When I started in IT, it was in a big VAX/Alpha OpenVMS using company. The p= rogrammers couldn=E2=80=99t stop talking about how lighting fast the RMS fil= e/record storage system was. I was just an operator at the time.=20 But, when I saw the circulation system (I worked at a newspaper) move from a= single Alpha 233 to a dual 2 GHz Xeon running Linux and ProgressDB move waa= aay slower, was I convinced there had to be better ways.=20 To be fair, I generally blame the crappy off the shelf program that replaced= a decades old, in house developed one. Cheers, Greg Sent from my iPhone > On Aug 6, 2020, at 15:21, Paul Pathiakis via freebsd-questions wrote: >=20 > Wow.... someone as old as me... :) > I had no idea. I remember a lot of those applications in an OS that were b= ased on this theory. I believe there were even a few that indexed tape driv= es with UNIX i-nodes. Good times..... :) > P. >=20 > On Wednesday, August 5, 2020, 2:46:06 PM EDT, Polytropon wrote: =20 >=20 > On Wed, 5 Aug 2020 20:26:36 +0200, Jacques Foucry wrote: >> Le mercredi 05 ao=C3=BBt 2020 =C3=A0 01:32:02 (-0700), David Christensen =C3= =A0 =C3=A9crit: >>> On 2020-08-04 23:55, Greg Marsh wrote: >>>> [...] >>>> I ask because about 10 years ago, I was involved in a project that had a= HUGE storage component. Many of the vendors we brought in to pitch, includi= ng Sun, were promoting tiered storage. Sun in particular were quite proud of= this tech. Their system ran ZFS and had a hybrid of ssd, sas & SATA, with t= he system dynamically moving data around the different speed/capacity drives= , based on their activity, all transparent to the application or user. Most o= ften used data coming from the ssd & sas drives, with less active files kept= on the SATA drives. >>=20 >>=20 >> I remember the same thing when Sun demostrate us ZFS (I was a Sunkskill a= t >> this time). But I never tried. >=20 > Sounds a bit like HSM - hierarchical storage management, > implemented on IBM mainframe systems (DFHSM) and on > DEC VMS for VAX and Alpha, also has been implemented > on AIX and other UNIX operating systems. >=20 > So decades old stuff is "new" again... ;-) >=20 >=20 >=20 >=20 > --=20 > Polytropon > Magdeburg, Germany > Happy FreeBSD user since 4.0 > Andra moi ennepe, Mousa, ... > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.or= g" =20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.or= g" From owner-freebsd-questions@freebsd.org Thu Aug 6 21:20:31 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 20FEC3ABCE5 for ; Thu, 6 Aug 2020 21:20:31 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BN1cG0r1tz4cvR for ; Thu, 6 Aug 2020 21:20:29 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: by mail-io1-xd2e.google.com with SMTP id j8so38781282ioe.9 for ; Thu, 06 Aug 2020 14:20:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=rWg+ND9YaHIDX0OgsZEe2PYEJ8auRdZKdO8IiZctrcE=; b=gT7V2wLLuPRzGkDCH0txff7EjxJ70YNJnJTe5njBroRuEnAD05Wpyx7DJPeqOyBirP vOiXwbfx9mpDFTCX2XPYCYECQEUpIwiT9gDE9qZJFHrXfKK6eef2C+PGfU2c6JNtuRZu 76epzXsUHDnxYYI3SC7HxfizfY1fRj8zhfSQxdJACNXjvpnvhT/4Wc7rKdbLPKo2b9A4 rVahPNdFKYJRKc4xRDi/DPpkxDW1729iMLHrt6b6p8E3sRUdnFia9hvhXtzUM2kw0hbw 0qUg6G46isNCjxjuMAC1j6kiK8t+4GBGMYyW274nxb31rPNKSItfMBTTc+YhbqHli26B hHtg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=rWg+ND9YaHIDX0OgsZEe2PYEJ8auRdZKdO8IiZctrcE=; b=bmUIcID+eOC6HqOz928fTLBX2PTOnr8jVm1M+NI1ypSfmhiVbrip7FpNLbC62O8Pnb TjpI+AbjocDo7y9zQYME1KAJS8uK8HjkPxkxFBzGv65Y16cfENdF5zkdm+rHpnYj1BQH bjZeF3+B7QGIHeTPpxhiFZ+fPP6Wd6FF6AVtz7acdG0TOsfm4qKatYzAEpzdgZkZk9WH yNjOgqixMLrYqoD69CCOR1D968t22f2ZVpKziUvqPfC4vHD71eR/2ceHBL+5U0SymRv3 Cv2x41cOFFeaWe1NdsVqnfzcWWxw8SdOQjFm0hbnJ+/dWvI+C7x/nHnWCBf1dYwpv27P 4VTQ== X-Gm-Message-State: AOAM5326cdA2UP1s4na6YnsyuNOTEnGxy9tgO2K2jT3aW+HGrcDcZBcA l67WIP8VeWheulNvODGc2dD/vZ84o66nwV8sUa4nPrFh X-Google-Smtp-Source: ABdhPJz7Xy/gHhsSyqyvyZ+BDAms/G62eJVWPZhsXShS4YGTHgsb/YwcD1hj0v0OIObeJGqAb5Fk9mcHewdOA09CZSI= X-Received: by 2002:a02:b610:: with SMTP id h16mr1098717jam.74.1596748828594; Thu, 06 Aug 2020 14:20:28 -0700 (PDT) MIME-Version: 1.0 From: Aryeh Friedman Date: Thu, 6 Aug 2020 17:20:16 -0400 Message-ID: Subject: Best way to make a machine boot with or without a Internet connection To: FreeBSD Mailing List X-Rspamd-Queue-Id: 4BN1cG0r1tz4cvR X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=gT7V2wLL; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of aryehfriedman@gmail.com designates 2607:f8b0:4864:20::d2e as permitted sender) smtp.mailfrom=aryehfriedman@gmail.com X-Spamd-Result: default: False [-2.98 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.06)[-1.062]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; NEURAL_HAM_LONG(-0.99)[-0.993]; RCPT_COUNT_ONE(0.00)[1]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d2e:from]; NEURAL_SPAM_SHORT(0.08)[0.077]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 21:20:31 -0000 Due to storm related damage my ISP went out for a few (12) hours earlier in the week and while I got it usable without a Internet connection by putting everything in my LAN in /etc/hosts (I also run a local_unbound --> local bind9 on my file server which I have created a zone file for the LAN machines also), but it was very slow in booting due to ntpdate, tomcat and sendmail not being to connect to the Internet for either forward or reverse DNS. I don't want to turn these services off, but I want to be able to do a normal boot (no long hangs) if the ISP goes down again. What is the best way to do this? -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org From owner-freebsd-questions@freebsd.org Thu Aug 6 21:30:28 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4FEE13AC02E for ; Thu, 6 Aug 2020 21:30:28 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BN1ql2Lm1z4dZf for ; Thu, 6 Aug 2020 21:30:26 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: by mail-io1-xd31.google.com with SMTP id q75so42998264iod.1 for ; Thu, 06 Aug 2020 14:30:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=P7tySZgy8xHoXPCfx4gQrhTqSEfOe7PVhuRvysOCuWM=; b=DJXRBecZKiYkcKDOCNCPB54a/Uq9eoNiQkWWUVxN+ZaFUUGNBQpoTpqI7spX5KWheR gWkanSSZuRI1kyFIapEwUSiNJ0BMkKroEeAf5P9dzGyTgOl5pw7rmVboDeng+XJ3Axbc eVnM6V57CbHwakoyQXiRxrLq5/bSIJg34oM+x+I1QZ44MUOAGRjJiVBwFNOnZsBkiD4v Dwxrq/zYj71S5L9U+O7FT1EXw0pec1BH5ntPSocLinDq2mTt2LxGFu6EpZlaUa0nEZY0 c14LTYYmHzhajEHP8xgQBaO0RU4nhhNpbMoy4MkHP05JD0HM1IMjuiQzWm7Sd4NGI2u2 2QcQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=P7tySZgy8xHoXPCfx4gQrhTqSEfOe7PVhuRvysOCuWM=; b=J8WYXo/tFMquhKE9a4X9kXDeQeqozUkSUod/FeCqWaYQ5wHtBPiWlg9duGBqXpEI9l qJvmp98fMUltOR61tWqRaNbmU84LmdZCS8GJUFJJGicwc6pL6JnPQx6rJG88sy/eN9zw yfU06jkcjZcWgkH1re84Er7UrrMLxmpyv+a/YKKLZWjdspCtt9xjirTxAhyPJPecoSYo zSOD+Hdc8Pz8v/jHRljizUQcdkywcL7w1GUSMZVKkj7IV/bHAFeoCgKjRcU7bV/PBgvI 5Zbwnr4c/AueZMUz+nw+mZRc5ys0aTVLsyqvV6vxwm34OTRbk4FhkPU+bEk7ER1i2onl lRDw== X-Gm-Message-State: AOAM53387yq70HurEtfBRYXp7U5zOhS86DZTmMzw6pk4yUHBoAwqBBaV VHQyj+jRtQsM/8USijkngYozjt1E/OoxC/bLeQkU1tj42LU= X-Google-Smtp-Source: ABdhPJwMLx4PvZv47aB1VsPVLHpsICs37JpDesr/bH4r3Kurfb6NceMOVEyxPNBwzOUPJrh8eWmL8Kkb++k0hliJr1U= X-Received: by 2002:a5e:d519:: with SMTP id e25mr1095752iom.36.1596749425549; Thu, 06 Aug 2020 14:30:25 -0700 (PDT) MIME-Version: 1.0 From: Aryeh Friedman Date: Thu, 6 Aug 2020 17:30:14 -0400 Message-ID: Subject: Unroutable packer to specific IP forces process to run To: FreeBSD Mailing List X-Rspamd-Queue-Id: 4BN1ql2Lm1z4dZf X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=DJXRBecZ; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of aryehfriedman@gmail.com designates 2607:f8b0:4864:20::d31 as permitted sender) smtp.mailfrom=aryehfriedman@gmail.com X-Spamd-Result: default: False [-1.84 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.06)[-1.057]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; NEURAL_HAM_LONG(-1.00)[-0.996]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_SPAM_SHORT(0.21)[0.210]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d31:from]; HTTP_TO_IP(1.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 21:30:28 -0000 I have VPN that has stability problems (the fault of the ISP and they admit it) I have set up one my FreeBSD machine as a router for that specific VPN: # on non-gateway machines in /etc/rc.conf static_routes="internalnet2" route_internalnet2="-net 10.31.10.0/24 192.168.11.60" Is there any way to force the gateway machine to run a preset command if 10.31.10.0/24 is unreachable? (i.e. reset the connection) -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org From owner-freebsd-questions@freebsd.org Thu Aug 6 21:33:03 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2AE843AC2C6 for ; Thu, 6 Aug 2020 21:33:03 +0000 (UTC) (envelope-from dwilde1@gmail.com) Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BN1tk3Dk9z4f5R for ; Thu, 6 Aug 2020 21:33:02 +0000 (UTC) (envelope-from dwilde1@gmail.com) Received: by mail-pf1-x432.google.com with SMTP id k18so18586168pfp.7 for ; Thu, 06 Aug 2020 14:33:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=P1ID9v8cf/kooQ1OFIe65qyPh8Zy0J9eWVx1hqC7OOM=; b=AOL3ZVigRNrirZxeIRiMYVsrxe5wqMyt+BysyNIVIEm2wc51/kYg5yJ9TxKKBlGhsK tJ3jYyMmnQqBx63+L8qAxXxwbFNVi1C7e6n9BD1mVp2FSU2uMusYupeYWi7MSNJOfhkg DHMrY4cdTbBHxAILIf5YUb+nor2oiPuOjz0Bi2WvbKBDsOOvzUV5hcOmc5Tu5HVNjGbo ZEdxSkqLyyMeIa1XhAkv7NbdpTnxxCclXiwwq4Zplr96B2mgzZPRhxkqltf6gr8yo+D/ dWd2pN11PL889RYWRxvOr0rLuhiO6KJ5EWW/W9pTuOP+GOd20P2VSu82T+IiNS1cTjeD hH7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=P1ID9v8cf/kooQ1OFIe65qyPh8Zy0J9eWVx1hqC7OOM=; b=LFr0fgf/uF9DK8L2693Bc7QdCmZLekHlZwnR76Cp0vmVzZy94rZBuME4k2SDNmm93y Mmjxe4IJnwg4Muf6fvaqH68BTXBENmY8Qb+5JU6sWaLDKqJJXaq5CAgibVbORAUMqc70 1JaFmsywb79/TUiOe6te3PS13X4bUbmLpBrFBVEYDxXL2y5qCB5zxiN2xrx254KtT5TI QaaQeBgvrMCTF4dPDkO40liYbcTTuWjoLRrAVJh2gPpoCgzedjZkZE9bNo4ZkyvebGik VmYxVY4SQbi26oY2nGLq16ZLvNfT8cvaW6pqWYBUtnP4lZT64nl6UpR/4Xz6YVDtZfWr sd9Q== X-Gm-Message-State: AOAM531CbVXVa5J1ZmMBy7I+YfdN/J86wF7NdZEW9VLIyz5QBT3i8fp5 FlEt5Pn4MJQFYWuvbCdFcROY43fC X-Google-Smtp-Source: ABdhPJxG+hlHNBgCla/y4w9KPk6jOB+/xYL5EADpSeOtux/cowwVpcI0x3s9sY2Lr2o2QUavV1GnfQ== X-Received: by 2002:a62:192:: with SMTP id 140mr9684555pfb.53.1596749580763; Thu, 06 Aug 2020 14:33:00 -0700 (PDT) Received: from [192.168.0.4] ([184.101.51.28]) by smtp.gmail.com with ESMTPSA id i1sm9924613pfo.212.2020.08.06.14.32.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 06 Aug 2020 14:32:59 -0700 (PDT) Subject: Re: Unroutable packer to specific IP forces process to run To: Aryeh Friedman , FreeBSD Mailing List References: From: Don Wilde Message-ID: <89e3f48c-74a1-4198-6b17-7e13a026225b@gmail.com> Date: Thu, 6 Aug 2020 14:32:58 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Rspamd-Queue-Id: 4BN1tk3Dk9z4f5R X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=AOL3ZVig; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of dwilde1@gmail.com designates 2607:f8b0:4864:20::432 as permitted sender) smtp.mailfrom=dwilde1@gmail.com X-Spamd-Result: default: False [-2.93 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FREEMAIL_TO(0.00)[gmail.com,freebsd.org]; RECEIVED_SPAMHAUS_PBL(0.00)[184.101.51.28:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.05)[-1.048]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.10)[0.098]; NEURAL_HAM_LONG(-0.98)[-0.985]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::432:from]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 21:33:03 -0000 On 8/6/20 2:30 PM, Aryeh Friedman wrote: > I have VPN that has stability problems (the fault of the ISP and they admit > it) I have set up one my FreeBSD machine as a router for that specific VPN: > # on non-gateway machines in /etc/rc.conf > static_routes="internalnet2" > route_internalnet2="-net 10.31.10.0/24 192.168.11.60" > > Is there any way to force the gateway machine to run a preset command if > 10.31.10.0/24 is unreachable? (i.e. reset the connection) What about a simple scripted cron-job ping, Aryeh? Sometimes the simplest solutions are the best. -- Don Wilde **************************************************** * What is the Internet of Things but a system * * of systems including humans? * **************************************************** From owner-freebsd-questions@freebsd.org Thu Aug 6 21:35:58 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8544D3AC7A1 for ; Thu, 6 Aug 2020 21:35:58 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: from mail-il1-x144.google.com (mail-il1-x144.google.com [IPv6:2607:f8b0:4864:20::144]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BN1y60Rtxz4fK0 for ; Thu, 6 Aug 2020 21:35:57 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: by mail-il1-x144.google.com with SMTP id p16so118310ile.0 for ; Thu, 06 Aug 2020 14:35:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZT9jHaQYNKdxYkteCyGYmg/0FBIp1wtg7756AIl7JJg=; b=p66rWCLMzcSkOrbmsCfGiTHIPYSE2teYdKHtvB2YjLs87QB1GOG9OWsmx2vjUC95rF xtk0i0ZxK2H2kw1hgtHGVnGUdk0qJgXpQT5tfJkBqt99cEJPCqwzJoSI0pxMuNsbcpty 5cgniM37hNCwQcme9Oh7r5wqNbr53ZLAuaGWEkxhbfziRIgtSyb+Dg+QQ6v6f0fYrwYO qOqK2VM/bEyuRI1l8aG+3SbsbekM0hlh29BR/QWDU9qHNOq2AZZAZiUFYPzzPn40wYvI 4W4RrpAOdq1k/4I0pPJ+lb6ELLXr9Q9yoMCfWDDHium1BpFpJmNPN4yTkCWonz56EfmT iLqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZT9jHaQYNKdxYkteCyGYmg/0FBIp1wtg7756AIl7JJg=; b=UnOjGoVkgx6bqrm5RsDd3aNKm2Ui7HlX3kc/vZuc8KdprG0ROjcqAiIAupU7pHW4EW waFQVEYJEIode1bQOiUYGbw6K2BFfGI6/YPljIEZRcd07uXeXHh0heBHVIHliv87R5zf SHTujsO1gskLNDTSt1HCwopHRGnajZeWecQPwYvPIq7UCAe+vgxjVexb/I2MDw/yj6cV 0zZNlv+G7nw9pGi092fWpZAofEa/gJuGAu3t3ninm2AlANvSqHQouMT91czMqZIRifqY ivwzR2E05xNkP/XvSzAUYUuTAhu4SDABe80YU5Odnu6WbpWKGWCdBjOSwu/Mm509tsfm H/aQ== X-Gm-Message-State: AOAM5333kMopmFPDf2HM5Od5whNCc7fx3rTkRLqI6Etl1qDSfhpldvQq z7iwocYeDcWr4iRDSW3I3RdZu2eyL7tgP6qoeWz79QzI X-Google-Smtp-Source: ABdhPJwD/SjsBRzIYOeAOn1DDxLnUgCa0MCNVCYD6El+BEbNFUBehD8ByU6HrOQdD/7vgRc5xN1Tm/bo7v26FTYlEAU= X-Received: by 2002:a92:1a08:: with SMTP id a8mr1019758ila.187.1596749757536; Thu, 06 Aug 2020 14:35:57 -0700 (PDT) MIME-Version: 1.0 References: <89e3f48c-74a1-4198-6b17-7e13a026225b@gmail.com> In-Reply-To: <89e3f48c-74a1-4198-6b17-7e13a026225b@gmail.com> From: Aryeh Friedman Date: Thu, 6 Aug 2020 17:35:46 -0400 Message-ID: Subject: Re: Unroutable packer to specific IP forces process to run To: Don Wilde Cc: FreeBSD Mailing List X-Rspamd-Queue-Id: 4BN1y60Rtxz4fK0 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=p66rWCLM; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of aryehfriedman@gmail.com designates 2607:f8b0:4864:20::144 as permitted sender) smtp.mailfrom=aryehfriedman@gmail.com X-Spamd-Result: default: False [-2.15 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.11)[-0.114]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.04)[-1.043]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.995]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::144:from]; HTTP_TO_IP(1.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 21:35:58 -0000 On Thu, Aug 6, 2020 at 5:33 PM Don Wilde wrote: > > On 8/6/20 2:30 PM, Aryeh Friedman wrote: > > I have VPN that has stability problems (the fault of the ISP and they > admit > > it) I have set up one my FreeBSD machine as a router for that specific > VPN: > > # on non-gateway machines in /etc/rc.conf > > static_routes="internalnet2" > > route_internalnet2="-net 10.31.10.0/24 192.168.11.60" > > > > Is there any way to force the gateway machine to run a preset command if > > 10.31.10.0/24 is unreachable? (i.e. reset the connection) > What about a simple scripted cron-job ping, Aryeh? Sometimes the > simplest solutions are the best. > The amount time the connection stays up is unpredictable and due to the use case it needs to be repaired immediately if down (not even a 5 min delay for cron to do its normal wake up and look for a job is acceptable) > -- > Don Wilde > **************************************************** > * What is the Internet of Things but a system * > * of systems including humans? * > **************************************************** > > -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org From owner-freebsd-questions@freebsd.org Thu Aug 6 21:38:48 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 733B33AC77A for ; Thu, 6 Aug 2020 21:38:48 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: from mail-il1-x133.google.com (mail-il1-x133.google.com [IPv6:2607:f8b0:4864:20::133]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BN21M3Qjgz4ffc for ; Thu, 6 Aug 2020 21:38:47 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: by mail-il1-x133.google.com with SMTP id j9so71870ilc.11 for ; Thu, 06 Aug 2020 14:38:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=la29Vz7mgDFYUMM4MxkIkJoPxuf98O3HbVxVb34iqMk=; b=L5X787FQi/8z19smnQ07n3G5piDHQ+wrw23tEzbwSysvhAWHoeawYIpt6pMRweKxeO 4WddZPiEbUnZTB7kCxlwJLRfNDTDfotpSPdIoasSDHwvNV6m8NFv7lS5Vbx3ARmgQiF6 jNz6OcAsRRWZFxBtM/jQPjAnqpvL0bcdMDsVrZ5SV9zH65nFqGkTul0j1w7+XKtXotTE u9meA1vOk5rWSF6rTOcVBnaydDCKDZpagQeq9Ffkfvat4/S2cYPapCnQXGqOiuQC6Dfj yoJdUCo3FHff/a23hq9ls7WQf7rSIOct2kQULnoJTaDIHg7Hsam1R+UWpsDZ/KdZSzVv VSGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=la29Vz7mgDFYUMM4MxkIkJoPxuf98O3HbVxVb34iqMk=; b=JNqi6KY6KX5RYo5H5IrSG4aoqXqjv5v6xO1zCwQK4li6EDt2csBGNZ118Z1kqgzYDB vUbvNcqG5YVlwouNEaCnjZn/6dyGJKhNu8D7GR3YKjxi+MMrTa2EUDZvHmp9Lkt96OPF anS+16RPIFmqnFPlT2cXUluC4QSgFnAFm037IWbkePiLfohwERExx5E4ZF2UpBv1fot3 zfjCyov068rzNoC5QNKWqMa0LkCPicpgqnq4UGZMevibJbmTTaf+S98E2Omrd7f9T3g9 2MhlToL/2lgl7wRnkPC5ZYr8uC8ZB7pl3/vbvmW8t9dE69g/4/ejJN1bHySSl0VnFRuE XNsQ== X-Gm-Message-State: AOAM532IZsALCk/P1qTq6QeIlOlgsutwnqHW9v4pSbZOgLq2rMasVWEh TVCPKQdOGaSttdJ4DmeQ9vl4uqiqpjeaTQKY0FM= X-Google-Smtp-Source: ABdhPJwPXwclLJqlyAk6Bl91kD3N8IloW9V/FGtYWUl1JnbWwt3KJBe709mdrDvtpKop0SJku/R5HjGlElitD4xsfqc= X-Received: by 2002:a05:6e02:c12:: with SMTP id d18mr973681ile.185.1596749925814; Thu, 06 Aug 2020 14:38:45 -0700 (PDT) MIME-Version: 1.0 References: <89e3f48c-74a1-4198-6b17-7e13a026225b@gmail.com> In-Reply-To: From: Aryeh Friedman Date: Thu, 6 Aug 2020 17:38:34 -0400 Message-ID: Subject: Re: Unroutable packer to specific IP forces process to run To: Don Wilde Cc: FreeBSD Mailing List X-Rspamd-Queue-Id: 4BN21M3Qjgz4ffc X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=L5X787FQ; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of aryehfriedman@gmail.com designates 2607:f8b0:4864:20::133 as permitted sender) smtp.mailfrom=aryehfriedman@gmail.com X-Spamd-Result: default: False [-2.15 / 15.00]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.11)[-0.114]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.04)[-1.042]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.995]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::133:from]; HTTP_TO_IP(1.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 21:38:48 -0000 On Thu, Aug 6, 2020 at 5:35 PM Aryeh Friedman wrote: > > > On Thu, Aug 6, 2020 at 5:33 PM Don Wilde wrote: > >> >> On 8/6/20 2:30 PM, Aryeh Friedman wrote: >> > I have VPN that has stability problems (the fault of the ISP and they >> admit >> > it) I have set up one my FreeBSD machine as a router for that specific >> VPN: >> > # on non-gateway machines in /etc/rc.conf >> > static_routes="internalnet2" >> > route_internalnet2="-net 10.31.10.0/24 192.168.11.60" >> > >> > Is there any way to force the gateway machine to run a preset command if >> > 10.31.10.0/24 is unreachable? (i.e. reset the connection) >> What about a simple scripted cron-job ping, Aryeh? Sometimes the >> simplest solutions are the best. >> > > The amount time the connection stays up is unpredictable and due to the > use case it needs to be repaired immediately if down (not even a 5 min > delay for cron to do its normal wake up and look for a job is acceptable) > > Should add the use case is near real time DB replication during a alpha test of a life critical DB and thus any down time of the production DB is unacceptable (and before you say use a non-production instance me and you have already discussed this use case so you know it is not an option) -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org From owner-freebsd-questions@freebsd.org Thu Aug 6 21:39:08 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8E1283AC869 for ; Thu, 6 Aug 2020 21:39:08 +0000 (UTC) (envelope-from dwilde1@gmail.com) Received: from mail-pf1-x434.google.com (mail-pf1-x434.google.com [IPv6:2607:f8b0:4864:20::434]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BN21l3D6sz4fdG for ; Thu, 6 Aug 2020 21:39:07 +0000 (UTC) (envelope-from dwilde1@gmail.com) Received: by mail-pf1-x434.google.com with SMTP id 74so17561656pfx.13 for ; Thu, 06 Aug 2020 14:39:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=dqe3j/PgiO679w4Ba0Cmwys8bLTYPSjX/LSqaRKS1ZY=; b=gLLvK9HQ9NU3MdwYvSr3GtKNmVy7eZmfp83mmzOsVxoJEORgGsByqfec0iss86yHqk aDBtlis0vpgfZ6nlfCh71dSecjOy4bQpYF5W/0JrjcHUtWoGYa8IDC0DfSujakkiThLv fs30KzQflLdML0A/Ej3uw3jK/EsTBqu9RGS1t59fMhpQSJK+A6wKxIwjs6FZqgT5nAJZ dwHzhND5knQGE4wew2A/DIt3paLUAePSivtSkVQvgFq8JzxPrUPAgXo7BVE/Bdxchuxm UKeFkPKTFSzuqaTf602eyrtY5AW54VCMTF8SbCnUtMjOasjegGqXh/BvioFfCMTq7mWw KhBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=dqe3j/PgiO679w4Ba0Cmwys8bLTYPSjX/LSqaRKS1ZY=; b=qgOSV2yyrxS1iYfOT+Za/N0myhiwtJGSHC0O3H9Jx1IuSjOQQuUBF9Gwi+1kXbpBAS Oz3dzZBSLL4gyMLy3OjbGI+PMUqUUaVUHhLnPrreJqCe1MQ+wRQ2VI8GcpkF0eeBvMHT j4DEr80n6iapnRF2xPyafMhgK8F3hIxv4OGhI9xJN/ZZiDAjXWKXzMsnwIFvP1zPZuCJ 00Dcb6Ai6ur7fRJRD4J8oJg0CfOSd32cam+zb3Q8d5bq67bvkmUtAsQfr+Rdv7r+vmZS bdg8aBID1lVoZIH8va4H389zA4/x2FjhhkytOpb9QNxXQgiv+U4wCV/SHSOsNE92GPwc dIug== X-Gm-Message-State: AOAM5309dCiM2YebD9jJscWAAw5dwjZmxVPSUV7zaGUjEWD5+NEt1rOm DJq3F2FM6CJ7Ht6xLuXUQ15pgHVO X-Google-Smtp-Source: ABdhPJyLRN8EXgYs18nRh9AErYPVFeQbt4v8p1iHKZjAm9B8r5LaZbdk/XNDvX8me66kOdjpb414Vg== X-Received: by 2002:a63:f1a:: with SMTP id e26mr9238101pgl.80.1596749945724; Thu, 06 Aug 2020 14:39:05 -0700 (PDT) Received: from [192.168.0.4] ([184.101.51.28]) by smtp.gmail.com with ESMTPSA id q96sm8760532pja.0.2020.08.06.14.39.04 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 06 Aug 2020 14:39:05 -0700 (PDT) Subject: Re: Unroutable packer to specific IP forces process to run To: Aryeh Friedman Cc: FreeBSD Mailing List References: <89e3f48c-74a1-4198-6b17-7e13a026225b@gmail.com> From: Don Wilde Message-ID: <491b2176-7886-7c90-a9a4-f3a6a6a98c08@gmail.com> Date: Thu, 6 Aug 2020 14:39:03 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Language: en-US X-Rspamd-Queue-Id: 4BN21l3D6sz4fdG X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=gLLvK9HQ; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of dwilde1@gmail.com designates 2607:f8b0:4864:20::434 as permitted sender) smtp.mailfrom=dwilde1@gmail.com X-Spamd-Result: default: False [-1.85 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.05)[-1.052]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RECEIVED_SPAMHAUS_PBL(0.00)[184.101.51.28:received]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.19)[0.187]; NEURAL_HAM_LONG(-0.99)[-0.988]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::434:from]; HTTP_TO_IP(1.00)[]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 21:39:08 -0000 On 8/6/20 2:35 PM, Aryeh Friedman wrote: > > > On Thu, Aug 6, 2020 at 5:33 PM Don Wilde > wrote: > > > On 8/6/20 2:30 PM, Aryeh Friedman wrote: > > I have VPN that has stability problems (the fault of the ISP and > they admit > > it) I have set up one my FreeBSD machine as a router for that > specific VPN: > > # on non-gateway machines in /etc/rc.conf > > static_routes="internalnet2" > > route_internalnet2="-net 10.31.10.0/24 > 192.168.11.60" > > > > Is there any way to force the gateway machine to run a preset > command if > > 10.31.10.0/24 is unreachable?  (i.e. > reset the connection) > What about a simple scripted cron-job ping, Aryeh? Sometimes the > simplest solutions are the best. > > > The amount time the connection stays up is unpredictable and due to > the use case it needs to be repaired immediately if down (not even a 5 > min delay for cron to do its normal wake up and look for a job is > acceptable) Understood. So how about a simple C daemon that pings every ten seconds? Just set the ping count to 1. > > > -- > Don Wilde > **************************************************** > * What is the Internet of Things but a system      * > * of systems including humans?                     * > **************************************************** > > > > -- > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org -- Don Wilde **************************************************** * What is the Internet of Things but a system * * of systems including humans? * **************************************************** From owner-freebsd-questions@freebsd.org Thu Aug 6 21:40:40 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6F3773AC974 for ; Thu, 6 Aug 2020 21:40:40 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: from mail-io1-xd2f.google.com (mail-io1-xd2f.google.com [IPv6:2607:f8b0:4864:20::d2f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BN23W2zCqz4fmg for ; Thu, 6 Aug 2020 21:40:39 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: by mail-io1-xd2f.google.com with SMTP id q75so43022995iod.1 for ; Thu, 06 Aug 2020 14:40:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=jHNsfEjFBQloQP9jdtQgxLUnL/ipOSjpyqBqcGdd+uY=; b=BfnztVphZ4cIOzIvkY9bRSlze0ec/5Lv5iQtEjePrQUsmZTJtx91OwnC5mPYlRSHXj QoWcA8gj+h0XuQWn0XtZ7OitlHjQjz7vMuuIueEtUb6N1VOPFAu5z4ve1+Nn9XTQCnyd 8CnfwSSY44bWoKU/9I1KZwLFmNcUoxagjlKZ9vZHz5gTiDzjaIrZChOhpAQs2+nR14Ym aKTBzjGKGFamuVqj72NcpGZcslDzQE42+Ri+tfqx3++9hI4BRbE8iYVeXbVGkRNSGD8N oYSDTcPfQIFQLb7XgT75oGbZ3W4kotxmWMf8FWb99WroP8A3trkgqMfxcDNRduFXpHoO 8nVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jHNsfEjFBQloQP9jdtQgxLUnL/ipOSjpyqBqcGdd+uY=; b=OERcwQlSJulcHPXVywL+7kT7aQigIkNq9ayTYpi0vkr1RuNj2Bm0op0ZtQPPz1zzD7 4TVqvTJvasXvfeq3JYCZz91mRl2V5NLa1fF9XKjma8PqK2xo+QGnfMckJLH5T8zue3C3 8zfMj0D4sokinEvV1bJIa1uQn7sQDTOvmid0v43omXbN2jiDcx4YcF01bR/zr+Kdy4a8 NkNF7ENvp+/LAtkA2V/3B9q/Qb6Kkd16kUFc7rWCW5f1sAu0DQfcdRGhoFTTlGonSpqb OXqSNPpI1uLYbQgfAq8LcLFTJLH142DgiP+MDaJwGFGDtsEZnx0+lhhVXZRVdZ63/HxO 8zig== X-Gm-Message-State: AOAM530lTCwEaeAgBsJuZSSuYfcWq1mVj4/EO03Or4orQDaBS9uJHOLn 6r6yZqT7+SzgbBWE75/CjRo/RFAG9QnuxZmcZvU= X-Google-Smtp-Source: ABdhPJy0l+/exHzuxaz3/awv9NqM/H0ECdsfWNE49rfufQAk/ODmSqHiYHPFFxaj8FDntMrjAJiRmiHoy2ZKpoZXjyc= X-Received: by 2002:a02:b817:: with SMTP id o23mr1130542jam.138.1596750038270; Thu, 06 Aug 2020 14:40:38 -0700 (PDT) MIME-Version: 1.0 References: <89e3f48c-74a1-4198-6b17-7e13a026225b@gmail.com> <491b2176-7886-7c90-a9a4-f3a6a6a98c08@gmail.com> In-Reply-To: <491b2176-7886-7c90-a9a4-f3a6a6a98c08@gmail.com> From: Aryeh Friedman Date: Thu, 6 Aug 2020 17:40:27 -0400 Message-ID: Subject: Re: Unroutable packer to specific IP forces process to run To: Don Wilde Cc: FreeBSD Mailing List X-Rspamd-Queue-Id: 4BN23W2zCqz4fmg X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=BfnztVph; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of aryehfriedman@gmail.com designates 2607:f8b0:4864:20::d2f as permitted sender) smtp.mailfrom=aryehfriedman@gmail.com X-Spamd-Result: default: False [-2.15 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.11)[-0.114]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.04)[-1.042]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.995]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d2f:from]; HTTP_TO_IP(1.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 21:40:40 -0000 On Thu, Aug 6, 2020 at 5:39 PM Don Wilde wrote: > > On 8/6/20 2:35 PM, Aryeh Friedman wrote: > > > > On Thu, Aug 6, 2020 at 5:33 PM Don Wilde wrote: > >> >> On 8/6/20 2:30 PM, Aryeh Friedman wrote: >> > I have VPN that has stability problems (the fault of the ISP and they >> admit >> > it) I have set up one my FreeBSD machine as a router for that specific >> VPN: >> > # on non-gateway machines in /etc/rc.conf >> > static_routes="internalnet2" >> > route_internalnet2="-net 10.31.10.0/24 192.168.11.60" >> > >> > Is there any way to force the gateway machine to run a preset command if >> > 10.31.10.0/24 is unreachable? (i.e. reset the connection) >> What about a simple scripted cron-job ping, Aryeh? Sometimes the >> simplest solutions are the best. >> > > The amount time the connection stays up is unpredictable and due to the > use case it needs to be repaired immediately if down (not even a 5 min > delay for cron to do its normal wake up and look for a job is acceptable) > > Understood. > > So how about a simple C daemon that pings every ten seconds? Just set the > ping count to 1. > System load. (the gateway also hosts 3 moderately used VM's) > > >> -- >> Don Wilde >> **************************************************** >> * What is the Internet of Things but a system * >> * of systems including humans? * >> **************************************************** >> >> > > -- > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org > > -- > Don Wilde > **************************************************** > * What is the Internet of Things but a system * > * of systems including humans? * > **************************************************** > > -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org From owner-freebsd-questions@freebsd.org Thu Aug 6 21:58:58 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2E2613ACFED for ; Thu, 6 Aug 2020 21:58:58 +0000 (UTC) (envelope-from dwilde1@gmail.com) Received: from mail-pg1-x52e.google.com (mail-pg1-x52e.google.com [IPv6:2607:f8b0:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BN2Sd1Z07z3Rl8 for ; Thu, 6 Aug 2020 21:58:56 +0000 (UTC) (envelope-from dwilde1@gmail.com) Received: by mail-pg1-x52e.google.com with SMTP id p3so27686530pgh.3 for ; Thu, 06 Aug 2020 14:58:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=Z2p2LXJWaJw/HWlQkSZb/s/6XyEtOgypr6BI7RXHefI=; b=gwbhh1WqocsnNpaWIB2GoDs6nndmaanXAw40d71+D1U51OxmkIriLB4D1QeW44QNDP p/NaBOuA9/FcQgVXKcu3uSChfsbB7jm+fJQjr6gT7A5I/QPhtulg1W7CQ3fIq0lT8VZq uKPWC69zPi4IyRhSctJBka/nlBMQi11VNgHiAGKWy7n+E7Kfn9/G8O0UCNLCVywEYW2U NN7o0iRuy7DpkqvQ1BwqEaXo4XCzOcGxmHTbIX4VsWDXYuWTnrCiKXQDCjGIMoC57cfs YjMOLoYxntoEuiDslQI/tfwaAol53cH9HQDBOP7IsgK9yKmA53LewmaB2I/LtPsirJ6x Yqig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=Z2p2LXJWaJw/HWlQkSZb/s/6XyEtOgypr6BI7RXHefI=; b=E8x+ynKlRLTr2sYYKuEAsim6xVXqa96fX05vbNx0raW962MhZtPas++FpWIqSUeqP7 3m6IetFuijejgBHh5cYDCBRmtYYM4/+7Y3LX8pHUrpUmIv56z3BmgOGBvwszVb8cAF0i dHaWq/Ah7r2GpoORG4neW5dp+rF0yq8z8la+x2DQsjaG4Dfk5VC/tYtfmhJ+fzXOULNk ZUcIkJgJFvy3dJScAXM8NP/cVqmyqZmEu9gc+dIuBjWX+wLHuokGsmzbI0y77eSD2Xa5 in4K3Armhy7AcJrMBs/KfVhgE9Ex7ObwmpmOUPKGVohiXQWbj0KUIMWCI2X3J33BNLr1 essg== X-Gm-Message-State: AOAM531zSZ2Ttc/doB57pRn/F4P/OvkUIxgvyC6a55mSbJqm/y4uhV66 6cDTjux6X6xPY6Jc4wPF5Hq0cCZK X-Google-Smtp-Source: ABdhPJzUEonoPaujiBhJJwihHsCawP6OoZw8FUevJ4ZZ9QI+LYwKEPQQYBb/an6LeinIC0nNfK/Klg== X-Received: by 2002:a63:4b0c:: with SMTP id y12mr8311346pga.199.1596751135224; Thu, 06 Aug 2020 14:58:55 -0700 (PDT) Received: from [192.168.0.4] ([184.101.51.28]) by smtp.gmail.com with ESMTPSA id 8sm8457994pjx.14.2020.08.06.14.58.54 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 06 Aug 2020 14:58:54 -0700 (PDT) Subject: Re: Unroutable packer to specific IP forces process to run To: Aryeh Friedman Cc: FreeBSD Mailing List References: <89e3f48c-74a1-4198-6b17-7e13a026225b@gmail.com> <491b2176-7886-7c90-a9a4-f3a6a6a98c08@gmail.com> From: Don Wilde Message-ID: Date: Thu, 6 Aug 2020 14:58:53 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Language: en-US X-Rspamd-Queue-Id: 4BN2Sd1Z07z3Rl8 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=gwbhh1Wq; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of dwilde1@gmail.com designates 2607:f8b0:4864:20::52e as permitted sender) smtp.mailfrom=dwilde1@gmail.com X-Spamd-Result: default: False [-2.81 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.77)[-0.768]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.05)[-1.054]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RECEIVED_SPAMHAUS_PBL(0.00)[184.101.51.28:received]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.987]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::52e:from]; HTTP_TO_IP(1.00)[]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 21:58:58 -0000 On 8/6/20 2:40 PM, Aryeh Friedman wrote: > > > On Thu, Aug 6, 2020 at 5:39 PM Don Wilde > wrote: > > > On 8/6/20 2:35 PM, Aryeh Friedman wrote: >> >> >> On Thu, Aug 6, 2020 at 5:33 PM Don Wilde > > wrote: >> >> >> On 8/6/20 2:30 PM, Aryeh Friedman wrote: >> > I have VPN that has stability problems (the fault of the >> ISP and they admit >> > it) I have set up one my FreeBSD machine as a router for >> that specific VPN: >> > # on non-gateway machines in /etc/rc.conf >> > static_routes="internalnet2" >> > route_internalnet2="-net 10.31.10.0/24 >> 192.168.11.60" >> > >> > Is there any way to force the gateway machine to run a >> preset command if >> > 10.31.10.0/24 is unreachable?  (i.e. >> reset the connection) >> What about a simple scripted cron-job ping, Aryeh? Sometimes the >> simplest solutions are the best. >> >> >> The amount time the connection stays up is unpredictable and due >> to the use case it needs to be repaired immediately if down (not >> even a 5 min delay for cron to do its normal wake up and look for >> a job is acceptable) > > Understood. > > So how about a simple C daemon that pings every ten seconds? Just > set the ping count to 1. > > > System load.  (the gateway also hosts 3 moderately used VM's) Okay, so forget a system() call to ping. Send a packet directly to something on the target from the C code. Even simpler, just call getaddrinfo() on host:port of a machine at the "other" end. Honestly, I don't think you can get any simpler than this, Aryeh. There's only so much you can juggle, and no existing package is going to be any faster or more specifically better than what you code yourself. Take a break, drink some coffee, and approach it with a refreshed brain. You do have the resources you need to solve this and I *know* you're good enough to do so. I do understand what you're trying to do. I had my programmers build international database and site replication into a raw C module for Apache 1.3 many dozens of moons ago. We also, IIRC, talked about how your bosses are screwing you out of necessary resources. Sooner or later you're going to have to address that issue head-on, but YMMV and beyond what we've already discussed it's not my business. All the best! :D -- Don Wilde **************************************************** * What is the Internet of Things but a system * * of systems including humans? * **************************************************** From owner-freebsd-questions@freebsd.org Thu Aug 6 22:13:56 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 781213AD5B1 for ; Thu, 6 Aug 2020 22:13:56 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: from mail-io1-xd43.google.com (mail-io1-xd43.google.com [IPv6:2607:f8b0:4864:20::d43]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BN2nv56vqz3SlG for ; Thu, 6 Aug 2020 22:13:55 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: by mail-io1-xd43.google.com with SMTP id g19so39203467ioh.8 for ; Thu, 06 Aug 2020 15:13:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=LnLmU/TkuS2xH02gF6EQd8w4TD3Tc2lxxWjJ3PIZWGg=; b=IU4z3ri3lyGvSq68tGLzFecD8ukuxhlo5GL/L32YkqDv7RmM4Iqbp+E6I/IbtpgsRv r/l0g2EDbxsxQ/gSN3+/fVFKzJe8kb87GOuDkEvUJfM80I4cr0qYTXKzSiWUsLYjI/KS S3VrnbhbBI51Vmi3Vo/4i0a0XRZgEqI00dg3ljTtHqLC2fSZ0+47SbAAIe8k0d6ycZjG O7VxQlqe7YMid0eiKHQBUGJ3dN2S2vNTcG4j+bC0Ueoq2XFQD1lFa08TfouQmigZntxH PaLHAo1NitzUEJnUd/InbNTf3xns9+nJUlUshw9M6Xc2KC0ry7OqxGJ5xj+4u1Lfk9xY Gi9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LnLmU/TkuS2xH02gF6EQd8w4TD3Tc2lxxWjJ3PIZWGg=; b=SPlXjverc+N1syw9Xb3rp50MucovcKGgngdhGGUD20C7wUk59vfmosIgf/O41mCrEL zpiRLZ1piW2DmsssMnVCq4qEHHxbQ5VpWqtOK0LuUMIRBv0b+mJgpsAKTu1zHyrhDhlI EzbKJ0ITRUMIa421RkvnqY0X1iHOMXRFYiIffrhCb0AtoPNyxTXkzmPA2/H92ZgrJ4qm D4PUbc4Zn6/NVnwXwxLL2+924a5bXcB/erPhz2w+FhqEBGwABbJcXusCXsKuJjf+9xHc lRf1YgATRWW2FNN+wPwWTvQNIrsZxb5r8Z/bQxF8BzqKrjsPYpUH0JjsZUFbPqomY8i7 ooVA== X-Gm-Message-State: AOAM5315BL3FpHz3+HyOFXAwqOOwgCv0CoeWvLz5mWDrIvyhtYSd5+ZE P6V2xza+xHSDk+YdYNpk2VMaToosdkD02omuiug= X-Google-Smtp-Source: ABdhPJxbz2FfDEik1nvmfUo1re3c9lU0g4jOWEWB5VJfX3NvA37b78O72A1kGuBbJCwYODjHo4bMCzbrSduu5Kc3RM0= X-Received: by 2002:a5e:d519:: with SMTP id e25mr1278952iom.36.1596752034645; Thu, 06 Aug 2020 15:13:54 -0700 (PDT) MIME-Version: 1.0 References: <89e3f48c-74a1-4198-6b17-7e13a026225b@gmail.com> <491b2176-7886-7c90-a9a4-f3a6a6a98c08@gmail.com> In-Reply-To: From: Aryeh Friedman Date: Thu, 6 Aug 2020 18:13:43 -0400 Message-ID: Subject: Re: Unroutable packer to specific IP forces process to run To: Don Wilde Cc: FreeBSD Mailing List X-Rspamd-Queue-Id: 4BN2nv56vqz3SlG X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=IU4z3ri3; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of aryehfriedman@gmail.com designates 2607:f8b0:4864:20::d43 as permitted sender) smtp.mailfrom=aryehfriedman@gmail.com X-Spamd-Result: default: False [-3.00 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.96)[-0.959]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.04)[-1.043]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.995]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d43:from]; HTTP_TO_IP(1.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2020 22:13:56 -0000 On Thu, Aug 6, 2020 at 5:58 PM Don Wilde wrote: > > On 8/6/20 2:40 PM, Aryeh Friedman wrote: > > > > On Thu, Aug 6, 2020 at 5:39 PM Don Wilde wrote: > >> >> On 8/6/20 2:35 PM, Aryeh Friedman wrote: >> >> >> >> On Thu, Aug 6, 2020 at 5:33 PM Don Wilde wrote: >> >>> >>> On 8/6/20 2:30 PM, Aryeh Friedman wrote: >>> > I have VPN that has stability problems (the fault of the ISP and they >>> admit >>> > it) I have set up one my FreeBSD machine as a router for that specific >>> VPN: >>> > # on non-gateway machines in /etc/rc.conf >>> > static_routes="internalnet2" >>> > route_internalnet2="-net 10.31.10.0/24 192.168.11.60" >>> > >>> > Is there any way to force the gateway machine to run a preset command >>> if >>> > 10.31.10.0/24 is unreachable? (i.e. reset the connection) >>> What about a simple scripted cron-job ping, Aryeh? Sometimes the >>> simplest solutions are the best. >>> >> >> The amount time the connection stays up is unpredictable and due to the >> use case it needs to be repaired immediately if down (not even a 5 min >> delay for cron to do its normal wake up and look for a job is acceptable) >> >> Understood. >> >> So how about a simple C daemon that pings every ten seconds? Just set the >> ping count to 1. >> > > System load. (the gateway also hosts 3 moderately used VM's) > > > Okay, so forget a system() call to ping. Send a packet directly to > something on the target from the C code. Even simpler, just call > getaddrinfo() on host:port of a machine at the "other" end. > I have written ICMP (clone of ping with some extras covered by a NDA) in the past and this is not as simple as it sounds (I thought it was a afternoon project it ended up taking 3 weeks [I learned a lot though]) > Honestly, I don't think you can get any simpler than this, Aryeh. There's > only so much you can juggle, and no existing package is going to be any > faster or more specifically better than what you code yourself. > I know a site that has done just this and gone a step farther and have a per user ACL for access to the net (it is a public access free shell provider m-net.arbornet.org) and it works perfectly with almost zero system load (they did say it took a kernel modification and thus me looking for a better way). > We also, IIRC, talked about how your bosses are screwing you out of > necessary resources. Sooner or later you're going to have to address that > issue head-on, but YMMV and beyond what we've already discussed it's not my > business. > Client and not boss in this case (I am a freelancer) and in this case the cost of a second license is greater than their annual income (the vendor has a really odd pricing model since the first license is quite affordable and everyone after 2 is affordable but the second one is not) and thus I actually agree with them that it is not an option. -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org From owner-freebsd-questions@freebsd.org Fri Aug 7 07:43:15 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 03B153B4894 for ; Fri, 7 Aug 2020 07:43:15 +0000 (UTC) (envelope-from jacques+freebsd@foucry.net) Received: from mail.foucry.net (fournil.foucry.net [95.217.83.231]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BNHQp0GQ8z47Gx for ; Fri, 7 Aug 2020 07:43:13 +0000 (UTC) (envelope-from jacques+freebsd@foucry.net) Received: from mithril.localdomain (unknown [IPv6:2a01:cb10:8e64:fe00:4aa4:72ff:fe9e:65a1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.foucry.net (Postfix) with ESMTPSA id 3AFD229455 for ; Fri, 7 Aug 2020 07:43:06 +0000 (UTC) Received: from mithril (localhost [IPv6:::1]) by mithril.localdomain (Postfix) with ESMTP id 5A0CA11602 for ; Fri, 7 Aug 2020 09:43:05 +0200 (CEST) Date: Fri, 7 Aug 2020 09:43:05 +0200 From: Jacques Foucry To: freebsd-questions@freebsd.org Subject: Total newbie with bhyve Message-ID: <20200807074305.GA61922@mithril> Mail-Followup-To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Rspamd-Queue-Id: 4BNHQp0GQ8z47Gx X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=foucry.net; spf=pass (mx1.freebsd.org: domain of jacques@foucry.net designates 95.217.83.231 as permitted sender) smtp.mailfrom=jacques@foucry.net X-Spamd-Result: default: False [-2.43 / 15.00]; RCVD_TLS_LAST(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.985]; RCVD_COUNT_THREE(0.00)[3]; MID_RHS_NOT_FQDN(0.50)[]; NEURAL_HAM_SHORT(-0.14)[-0.137]; DMARC_POLICY_ALLOW(-0.50)[foucry.net,none]; NEURAL_HAM_MEDIUM(-1.01)[-1.007]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:95.217.0.0/16, country:DE]; TAGGED_FROM(0.00)[freebsd] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Aug 2020 07:43:15 -0000 Hello Friends, I am a total newbie with bhyve, but I need a virtual machine linux in order to run docker. Is it possible to have this kind of configuration: FreeBSD 12-p7 -> bhyve (debian buster) -> docker with web acces ? This is a real theoric question for now but I know that one day I will need to have this kind of configuration. Of course VirtualBox is a anoter approch, but I perfer to use FreeBSD main virtualization technology. Thanks for your advices and your time to my silly question. -- Jacques Foucry From owner-freebsd-questions@freebsd.org Fri Aug 7 08:42:40 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B73403B59A1 for ; Fri, 7 Aug 2020 08:42:40 +0000 (UTC) (envelope-from mail@osfux.nl) Received: from vm1982.osfux.nl (vm1982.osfux.nl [79.99.187.212]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BNJlH0pCBz4B7V for ; Fri, 7 Aug 2020 08:42:34 +0000 (UTC) (envelope-from mail@osfux.nl) Received: from vm1982.osfux.nl (localhost [127.0.0.1]) by vm1982.osfux.nl (Postfix) with ESMTP id 4320B2014F for ; Fri, 7 Aug 2020 10:42:27 +0200 (CEST) X-Spam-Status: No, score=0.0 required=5.0 tests=none shortcircuit=no X-Spam-Checker-Version: SpamAssassin 3.4.3 Received: from [192.168.9.195] (unknown [95.174.67.156]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by vm1982.osfux.nl (Postfix) with ESMTPSA for ; Fri, 7 Aug 2020 10:42:27 +0200 (CEST) Subject: Re: Total newbie with bhyve To: freebsd-questions@freebsd.org References: <20200807074305.GA61922@mithril> From: Ruben Message-ID: <90661466-6dff-8ad9-ebf2-cc90a220a25c@osfux.nl> Date: Fri, 7 Aug 2020 10:42:26 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <20200807074305.GA61922@mithril> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BNJlH0pCBz4B7V X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.84 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[osfux.nl:s=default]; NEURAL_HAM_MEDIUM(-1.03)[-1.032]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.994]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[osfux.nl:+]; DMARC_POLICY_ALLOW(-0.50)[osfux.nl,reject]; NEURAL_HAM_SHORT(-0.81)[-0.810]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:8315, ipnet:79.99.184.0/21, country:NL]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Aug 2020 08:42:40 -0000 Hi Jacques, That's totally possible. I have been using bhyve for this purpose as well (running linux/docker). I do think bhyve has more hardware requirements than Virtualbox. If you have a look at https://www.freebsd.org/doc/handbook/virtualization-host-bhyve.html (top of the page) it is clarified. If your hardware permits it i'd definately recommend bhyve. GL/HF! Kind regards, ruben On 8/7/20 9:43 AM, Jacques Foucry wrote: > Hello Friends, > > I am a total newbie with bhyve, but I need a virtual machine linux in order to > run docker. > > Is it possible to have this kind of configuration: > > FreeBSD 12-p7 -> bhyve (debian buster) -> docker with web acces ? > > This is a real theoric question for now but I know that one day I will need to > have this kind of configuration. > > Of course VirtualBox is a anoter approch, but I perfer to use FreeBSD main > virtualization technology. > > Thanks for your advices and your time to my silly question. > From owner-freebsd-questions@freebsd.org Fri Aug 7 08:47:05 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A7AAC3B5D85 for ; Fri, 7 Aug 2020 08:47:05 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from bede.qeng-ho.org (bede.qeng-ho.org [217.155.128.241]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BNJrS5Y2Dz4BPK for ; Fri, 7 Aug 2020 08:47:04 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2]) by bede.qeng-ho.org (Postfix) with ESMTP id 4F1AA10195 for ; Fri, 7 Aug 2020 09:46:57 +0100 (BST) Subject: Re: Total newbie with bhyve To: freebsd-questions@freebsd.org References: <20200807074305.GA61922@mithril> From: Arthur Chance Message-ID: Date: Fri, 7 Aug 2020 09:46:57 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <20200807074305.GA61922@mithril> Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BNJrS5Y2Dz4BPK X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@qeng-ho.org designates 217.155.128.241 as permitted sender) smtp.mailfrom=freebsd@qeng-ho.org X-Spamd-Result: default: False [-2.24 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.91)[-0.910]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:217.155.128.240/29]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.98)[-0.980]; DMARC_NA(0.00)[qeng-ho.org]; NEURAL_HAM_SHORT(-0.05)[-0.053]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:13037, ipnet:217.155.0.0/16, country:GB]; MIME_TRACE(0.00)[0:+]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Aug 2020 08:47:05 -0000 On 07/08/2020 08:43, Jacques Foucry wrote: > Hello Friends, > > I am a total newbie with bhyve, but I need a virtual machine linux in order to > run docker. > > Is it possible to have this kind of configuration: > > FreeBSD 12-p7 -> bhyve (debian buster) -> docker with web acces ? > > This is a real theoric question for now but I know that one day I will need to > have this kind of configuration. > > Of course VirtualBox is a anoter approch, but I perfer to use FreeBSD main > virtualization technology. > > Thanks for your advices and your time to my silly question. > I've recently started using bhyve rather than VirtualBox. If you haven't seen it, take a look at the sysutils/vm-bhyve port, it wraps up bhyve in a convenient form, and I've found it very easy to use. For your specific needs, I have no experience with docker. However, I've just set up a vm running Ubuntu so my wife has a second machine in house on which to run EnergyPlus. That all went fine apart from a few niggles about the keyboard. I made the mistake of telling Ubuntu I had a UK keyboard, forgetting that the console was virtualised via VNC, and the non-alphanumeric keys got scrambled. Setting Ubuntu's view of my keyboard to US ANSI fixed most of the problem. If you ssh into the vm keyboard layout doesn't matter anyway. -- The number of people predicting the demise of Moore's Law doubles every 18 months. From owner-freebsd-questions@freebsd.org Fri Aug 7 17:24:20 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 38AA93BFB38 for ; Fri, 7 Aug 2020 17:24:20 +0000 (UTC) (envelope-from lobo@bsd.com.br) Received: from mail-io1-xd2f.google.com (mail-io1-xd2f.google.com [IPv6:2607:f8b0:4864:20::d2f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BNXKG4nT6z3SNb for ; Fri, 7 Aug 2020 17:24:18 +0000 (UTC) (envelope-from lobo@bsd.com.br) Received: by mail-io1-xd2f.google.com with SMTP id a5so2625863ioa.13 for ; Fri, 07 Aug 2020 10:24:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsd.com.br; s=capeta; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=A9x1Tjhhbt0F3CIBi2dgYD34olYIYVz5kJwoWI26YL8=; b=emMXlDi6ywrEFcZBy++vFgHVXc+BZ1NjUGZY6q75mNm9atolDyZBvZ60+5e5GkzmP1 w46C2SMKrneDDd7+0EwkoBjL2rTZy7DKBPiF7iglyw1oWBtqvaPOZoPr3x93S1r0b953 +IzYjVWoBX2dl6akyX6c+NGiUfS/ExFnu8XO4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=A9x1Tjhhbt0F3CIBi2dgYD34olYIYVz5kJwoWI26YL8=; b=Ezhc1XlUuHJpJ5keEIX/cbUyLA5yJG35ElN/EuPlLRJkjAdHraoO0OTsl+cDOK3Xy4 aTqBOVzaFrfutSCRuZlUS2zzXk35SHkbHZTXumXvx/tGRZPBs/+ukWiLm2dnVH5nln8A 5sNuudYHfj2kTqsMxf7jn78KTRo+Hjvaaf5YwOdKyaz0aBOA9Ae1BZlqJAbzpqn4ctMY +OldzWZu0N6O8VcsY/9HS26BVXdKvs7JsMLB3cNWPWrMtRICNi8wrq0Z6+F7FTbqM9a2 O89euhmlTDNsQyXkt36goxPDkY23CQTQYrZnl1oi7fligiFpdnG3vOO+lULG/FjcSewb ZtPQ== X-Gm-Message-State: AOAM5332w786Whf0+8DHRbtTbaVlRkLqOAy9EHZLazjBccjFRUYkXaTd 0adebnVghOUj17ih2J8zDWUPk3E0CByNjO0zPyIxg3oA X-Google-Smtp-Source: ABdhPJwL2I7/QmAsu9LKX5bpifxECXpj9/0sICp6qOqmDMd+RauoOjGYz0o7BhiUTWijP0zO9gLe1E1D1yol4S0wG48= X-Received: by 2002:a6b:ba89:: with SMTP id k131mr5270412iof.133.1596821056791; Fri, 07 Aug 2020 10:24:16 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Mario Lobo Date: Fri, 7 Aug 2020 14:24:06 -0300 Message-ID: Subject: Re: Best way to make a machine boot with or without a Internet connection To: FreeBSD Mailing List X-Rspamd-Queue-Id: 4BNXKG4nT6z3SNb X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=bsd.com.br header.s=capeta header.b=emMXlDi6; dmarc=none; spf=pass (mx1.freebsd.org: domain of lobo@bsd.com.br designates 2607:f8b0:4864:20::d2f as permitted sender) smtp.mailfrom=lobo@bsd.com.br X-Spamd-Result: default: False [-2.62 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.80)[-0.804]; R_DKIM_ALLOW(-0.20)[bsd.com.br:s=capeta]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[bsd.com.br]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.01)[-1.005]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[bsd.com.br:+]; NEURAL_HAM_SHORT(-0.31)[-0.314]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d2f:from]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Aug 2020 17:24:20 -0000 On Thu, Aug 6, 2020 at 6:20 PM Aryeh Friedman wrote: > Due to storm related damage my ISP went out for a few (12) hours earlier in > the week and while I got it usable without a Internet connection by putting > everything in my LAN in /etc/hosts (I also run a local_unbound --> local > bind9 on my file server which I have created a zone file for the LAN > machines also), but it was very slow in booting due to ntpdate, tomcat and > sendmail not being to connect to the Internet for either forward or reverse > DNS. I don't want to turn these services off, but I want to be able to do > a normal boot (no long hangs) if the ISP goes down again. What is the > best way to do this? > > -- > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > This is a long shot but perhaps you could find a way to start these services in the background (&). -- Mario Lobo http://www.mallavoodoo.com.br FreeBSD since version 2.2.8 [not Pro-Audio.... YET!!] From owner-freebsd-questions@freebsd.org Fri Aug 7 18:54:27 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6A7CE371C28 for ; Fri, 7 Aug 2020 18:54:27 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: from mail-io1-xd35.google.com (mail-io1-xd35.google.com [IPv6:2607:f8b0:4864:20::d35]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BNZKG4RQKz3Y5P for ; Fri, 7 Aug 2020 18:54:26 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: by mail-io1-xd35.google.com with SMTP id g14so2942762iom.0 for ; Fri, 07 Aug 2020 11:54:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=PiukJ6Q/WEEHIZe+NlimoYrqB2lCVS8ub72GmgPpQXc=; b=TJ2ivnFEf+nKd6Ahke+zgDxvmxi6o2e5oXust45Y96N6/HjRWF7ZPgAb3NQaN85nPi jbX1ONiUXTWhy9SNyyNOxzT/CMkg9nOmwyCHK9StcQlo+VFwv69zAfAs5ajLkBlTkaq4 vZALKNhQBfrQWk788zekTA6v1i3EsJMMCxf8UDpYt157FauwFp7OeAZLwqDbjiS3VOXt OwcOX3N9qNd1uC+F18wF9ecxqgzu0pMpb9Im0MztBqJGxozHxVQ2+iX3jY8GVdzQyZA2 OoIsq4VhcIcu5DOgCoSqKE6BXOw3c/3VwEXyLkVJedGRsNQLKmR5QfFCo6+gE3F5zAzj uWow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=PiukJ6Q/WEEHIZe+NlimoYrqB2lCVS8ub72GmgPpQXc=; b=MeUjiJR8kXKmQJb8fMd/17y7uqBGCsiAW2QM6bGzyO5dYZdWi7cxae8niCoKplmGvD t0Ak0X3SBmdWzhxFHhfigTGIwZDz/6LKonG8o5sGymvUtiL4bbwDT4J2kldFr0HcWoHM D5TOZeRLo49IbJGLQmioqsJ8rvCW7OkrpGmVYryav3G1Wt/H15TG2KydcA/FYp63BujA gjltEHfJDU4RZtltjdRabrIGBNKT3zRQvUfwgK6eja2OpeArK+lomIyqfSA1ZeLLx+jO I81BnAPAlTtt4VJ21an17XXXIOWtrw0t1GAY1j/J/Xv+/kVW4EG823MnM/UtL8wBPHKS tu7Q== X-Gm-Message-State: AOAM532UBPUAu0roJ6ZYZDNliFp5tmZFFd+a5gSY39Y6ckCv8qkqIcrF lBYgM4DPA7tX6Nwm4hVoSVv9sKIzT2hxgWuhu2U= X-Google-Smtp-Source: ABdhPJwBG1KomGQZ0OIQQZkMYzy/ZFSYYK+Nm7Of2jTphDjC4ry1we8W5CdxduUWemxbkJ7OmHH+WKNTZ3UZ9Qe0zM0= X-Received: by 2002:a02:c789:: with SMTP id n9mr6297173jao.40.1596826465164; Fri, 07 Aug 2020 11:54:25 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Aryeh Friedman Date: Fri, 7 Aug 2020 14:54:13 -0400 Message-ID: Subject: Re: Best way to make a machine boot with or without a Internet connection To: Mario Lobo Cc: FreeBSD Mailing List X-Rspamd-Queue-Id: 4BNZKG4RQKz3Y5P X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=TJ2ivnFE; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of aryehfriedman@gmail.com designates 2607:f8b0:4864:20::d35 as permitted sender) smtp.mailfrom=aryehfriedman@gmail.com X-Spamd-Result: default: False [-3.59 / 15.00]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-0.98)[-0.978]; FROM_HAS_DN(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; NEURAL_HAM_LONG(-0.99)[-0.991]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d35:from]; NEURAL_HAM_SHORT(-0.62)[-0.620]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Aug 2020 18:54:27 -0000 On Fri, Aug 7, 2020 at 1:24 PM Mario Lobo wrote: > On Thu, Aug 6, 2020 at 6:20 PM Aryeh Friedman > wrote: > > > Due to storm related damage my ISP went out for a few (12) hours earlier > in > > the week and while I got it usable without a Internet connection by > putting > > everything in my LAN in /etc/hosts (I also run a local_unbound --> local > > bind9 on my file server which I have created a zone file for the LAN > > machines also), but it was very slow in booting due to ntpdate, tomcat > and > > sendmail not being to connect to the Internet for either forward or > reverse > > DNS. I don't want to turn these services off, but I want to be able to > do > > a normal boot (no long hangs) if the ISP goes down again. What is the > > best way to do this? > > > > -- > > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to " > > freebsd-questions-unsubscribe@freebsd.org" > > > > This is a long shot but perhaps you could find a way to start these > services in the background (&). > Given they are done by /etc/rc based on rc.onf not likely > -- > Mario Lobo > http://www.mallavoodoo.com.br > FreeBSD since version 2.2.8 [not Pro-Audio.... YET!!] > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org From owner-freebsd-questions@freebsd.org Fri Aug 7 19:19:51 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4FCE63724DB for ; Fri, 7 Aug 2020 19:19:51 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [217.72.192.73]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BNZtZ2WdLz3Z3D for ; Fri, 7 Aug 2020 19:19:49 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([94.222.26.40]) by mrelayeu.kundenserver.de (mreue109 [212.227.15.183]) with ESMTPA (Nemesis) id 1MRTEp-1kOq511RjB-00NVPo; Fri, 07 Aug 2020 21:19:46 +0200 Date: Fri, 7 Aug 2020 21:19:45 +0200 From: Polytropon To: Aryeh Friedman Cc: Mario Lobo , FreeBSD Mailing List Subject: Re: Best way to make a machine boot with or without a Internet connection Message-Id: <20200807211945.ba8fe409.freebsd@edvax.de> In-Reply-To: References: Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K1:Zv7jYU0W0YVpd4iQrYQuvdi70JdQAjeQcEk8wtOKJPQhsInDCut YLL557qTKZLrhbE9Oj3GNIgOWcUka72ZaAiOBMbdPsV7hy9s6HxPtbsKX9e+eBenn1X7yCw GXWchDFiYodYDTN32CBL4aJeu9ORUcXtfodvCPM/eBXbiBG2UqyvvWmFi5X2+YCX5lt8WHR UsaG88mBUOF/cai/8bmwQ== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:zhDt208n8p8=:H9/nBNF4orXBzuGdd+/4JI wC0JjRyAOGLP2Ud/L7LdsLTNGsO7HuNihLjDtBxnAcW7NqY3ZA4SqpkU2ZXd7oCKzJhYksQXE q8MtLL+XpEZVcDL0sFoVKvrNVNrWxonq5SlWGNzQCuwiK4JR2pwOpHnjB7yl9aPBy3wagvasr 7f8OoEg1VLxRNpWdHWiHfd0OPyQk7xPvoeL3KlvbFAGxh6VETuPueRxnk+n5W6e10+tHUaP7A x969mJ/m+nODhs0q3A8XrR5bIxWimtzfsk6en1ebqSyZdjFlFnhroJfBfpeFoANsgizMgRYGN DOTUoBg1FWQYeie72wj7bvCgM8qrkB+4V/IxzAv0+SASw4yFErODqfThkeJ9h7eE4d3ofJ30K cBrcpzyAj2xZfKUVqZ821+7Z9glJN/bEzzZu99DR25q/MMASNH1L3vhgqpG0jWUhsgeULqRgb fSZ8hT2q0ONLrcJMdEJ07MIzFZGLOVwXU3dEehpZaodHxD/9vo2ZNImUMd6kQyiBTcUbl/eHj JPQGxqIIn5NZdP07rcD4exPxGQC5CZXa0JbyFwsi3N7uEI7Txq+UbW/BZBJO4OZm03sY8nS4j dG7lEP8h0IksUGfqUS9KMLHmyXh5y+VU8YmRN/hhT2+Q4ZX6MbNTE0MH2CFL5wQTaF6bsWfq3 P6251BxM6H6MTy4O2tXuPVC5nL3/zNuaf1ei1HZV83YlTtALQjwwr1vCpDn2NO4sRWGjqS8Nx 24cmnnoQXeFv6y5v2wzciTvKOc6UaDW3ifdzLIPlA8A7+Vksnbb4NZZxXBeIv01Jf5xSOTdiA L8F6Bu7JGX48k66bHGWbF9jhfgvQETmv0qBe8MwodoY8UBnxTEa9Wm23cMBw7H2NavrFKT/ X-Rspamd-Queue-Id: 4BNZtZ2WdLz3Z3D X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd@edvax.de has no SPF policy when checking 217.72.192.73) smtp.mailfrom=freebsd@edvax.de X-Spamd-Result: default: False [3.82 / 15.00]; HAS_REPLYTO(0.00)[freebsd@edvax.de]; RCVD_VIA_SMTP_AUTH(0.00)[]; MV_CASE(0.50)[]; HAS_ORG_HEADER(0.00)[]; TO_DN_ALL(0.00)[]; FREEMAIL_TO(0.00)[gmail.com]; RECEIVED_SPAMHAUS_PBL(0.00)[94.222.26.40:received]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:8560, ipnet:217.72.192.0/20, country:DE]; MIME_TRACE(0.00)[0:+]; ARC_NA(0.00)[]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_SPAM_SHORT(0.03)[0.032]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[edvax.de]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.83)[0.834]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_LONG(0.56)[0.555]; MID_CONTAINS_FROM(1.00)[]; RCVD_IN_DNSWL_NONE(0.00)[217.72.192.73:from]; R_SPF_NA(0.00)[no SPF record]; RWL_MAILSPIKE_POSSIBLE(0.00)[217.72.192.73:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_LAST(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Aug 2020 19:19:51 -0000 On Fri, 7 Aug 2020 14:54:13 -0400, Aryeh Friedman wrote: > On Fri, Aug 7, 2020 at 1:24 PM Mario Lobo wrote: > > > On Thu, Aug 6, 2020 at 6:20 PM Aryeh Friedman > > wrote: > > > > > Due to storm related damage my ISP went out for a few (12) hours earlier > > in > > > the week and while I got it usable without a Internet connection by > > putting > > > everything in my LAN in /etc/hosts (I also run a local_unbound --> local > > > bind9 on my file server which I have created a zone file for the LAN > > > machines also), but it was very slow in booting due to ntpdate, tomcat > > and > > > sendmail not being to connect to the Internet for either forward or > > reverse > > > DNS. I don't want to turn these services off, but I want to be able to > > do > > > a normal boot (no long hangs) if the ISP goes down again. What is the > > > best way to do this? > > > > > > -- > > > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org > > > _______________________________________________ > > > freebsd-questions@freebsd.org mailing list > > > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > > > To unsubscribe, send any mail to " > > > freebsd-questions-unsubscribe@freebsd.org" > > > > > > > This is a long shot but perhaps you could find a way to start these > > services in the background (&). > > > > Given they are done by /etc/rc based on rc.onf not likely The "problem" is that rc, in combination with rc.conf and the responsible rc.d/ scripts, determines the order in which certain services have to be started. A workaround would be to use /etc/rc.local to manually do what rc would do with its internal logic. Using this approach, you could set the exact order as well as tests for "is currently connected to the Internet", starting all subsequent tasks that do require an online connection. You would put the first steps into the background, using &, and you could then even invoke "service netif start" (or parts thereof), followed by your own services (such as ntp, webserver, mailserver). Such a mechanism could be configured to set a flag, for example stupidly simple as a "lock file", and repeat to test for Internet availability until the Internet becomes available - then stop. Some further logic could be added to check if the connection stays alive, and if it goes down, stop the services, remove the lock file, and keep trying at a specified interval. Of course, this is all manual stuff, nothing is provided by the OS to handle this in an appropriate fashion and doesn't even look right... ;-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Fri Aug 7 21:08:31 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8157537455B for ; Fri, 7 Aug 2020 21:08:31 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BNdHy0k8fz3fcd for ; Fri, 7 Aug 2020 21:08:29 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by mail-wr1-x435.google.com with SMTP id y3so2841824wrl.4 for ; Fri, 07 Aug 2020 14:08:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=89NGplluPggg11vlF2vXalB8hcsp55E/SNrZENkR/cc=; b=gUaGOj3vSWnSjGj8T0bRjRi6PwBRDH41Z1U5g+BCQiyMzt10AQ1GX5Wc+9ZU3o2FkP Wpy5Wpn3+jet6qsR+Z1fyPuM718r2WKqOAWKkKgOgDf0KW46Gt991e6rSgTAye+PmWUN 21ckpGjUivBjJQjg6g7DIrEwWNHaYKAjFevA6btyuTWvJu7X4EqAEnlrSsnNUly7G2jN 7WMbuPrGzZWh8tGl35Tk0Pgyu0mWU3Ztlc4ukA6axWR3xBikgYfyRhwCmesh0bAT9yXn 7UlrCG6dYEbCejohFV/V70TTDAo2u4WUhF3SdXLQOOfrMGlWiYPf5+tc9Rgq3xfXUZz7 6HQQ== X-Gm-Message-State: AOAM533aykWmfN5atPp3Kq5Rw1GRjVh3sgQi84YTRMhF8ccrva4z85ts O+gxiSnk2Bo8+1Wrr3rsiwWnpB1F X-Google-Smtp-Source: ABdhPJweFWjy7pI98OYDV9vLVlqK3quUssLTD3vpV/IdtMxWwB6F16XNBg55/VqUX/E9r+jNOF3kvw== X-Received: by 2002:adf:fd8b:: with SMTP id d11mr13994062wrr.156.1596834507208; Fri, 07 Aug 2020 14:08:27 -0700 (PDT) Received: from gumby.homeunix.com ([2.217.227.122]) by smtp.gmail.com with ESMTPSA id v16sm8562487wmj.14.2020.08.07.14.08.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Aug 2020 14:08:26 -0700 (PDT) Date: Fri, 7 Aug 2020 22:08:24 +0100 From: RW To: freebsd-questions@freebsd.org Subject: Re: Best way to make a machine boot with or without a Internet connection Message-ID: <20200807220824.42f04645@gumby.homeunix.com> In-Reply-To: References: X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; amd64-portbld-freebsd12.1) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BNdHy0k8fz3fcd X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.36 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[googlemail.com:s=20161025]; RECEIVED_SPAMHAUS_PBL(0.00)[2.217.227.122:received]; FROM_HAS_DN(0.00)[]; FREEMAIL_FROM(0.00)[googlemail.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.97)[-0.966]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_MEDIUM(-0.43)[-0.430]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; DKIM_TRACE(0.00)[googlemail.com:+]; DMARC_POLICY_ALLOW(-0.50)[googlemail.com,quarantine]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::435:from]; NEURAL_SPAM_SHORT(0.03)[0.032]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[googlemail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_TLS_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[googlemail.com:dkim] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Aug 2020 21:08:31 -0000 On Thu, 6 Aug 2020 17:20:16 -0400 Aryeh Friedman wrote: > Due to storm related damage my ISP went out for a few (12) hours > earlier in the week and while I got it usable without a Internet > connection by putting everything in my LAN in /etc/hosts (I also run > a local_unbound --> local bind9 on my file server which I have > created a zone file for the LAN machines also), but it was very slow > in booting due to ntpdate, tomcat and sendmail not being to connect > to the Internet for either forward or reverse DNS. I don't want to > turn these services off, but I want to be able to do a normal boot > (no long hangs) if the ISP goes down again. What I used to do when I needed to use my computer without a network connection is define an OFFLINE flag in rc.conf and then make the setting of relevant "enable" flags conditional on that. If there's anything you still need to run you could start it separately with onestart later in the boot sequence. From owner-freebsd-questions@freebsd.org Fri Aug 7 22:33:15 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A2B35375C3F for ; Fri, 7 Aug 2020 22:33:15 +0000 (UTC) (envelope-from SRS0=kybE=BR=mail.sermon-archive.info=doug@sermon-archive.info) Received: from mail.sermon-archive.info (sermon-archive.info [71.177.216.148]) by mx1.freebsd.org (Postfix) with ESMTP id 4BNg9k3XWlz4103 for ; Fri, 7 Aug 2020 22:33:14 +0000 (UTC) (envelope-from SRS0=kybE=BR=mail.sermon-archive.info=doug@sermon-archive.info) Received: from [10.0.1.251] (mini [10.0.1.251]) by mail.sermon-archive.info (Postfix) with ESMTPSA id 4BNg9c1hVQz2fjTt for ; Fri, 7 Aug 2020 15:33:08 -0700 (PDT) From: Doug Hardie Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.15\)) Subject: Re: Best way to make a machine boot with or without a Internet connection Date: Fri, 7 Aug 2020 15:33:07 -0700 References: <20200807220824.42f04645@gumby.homeunix.com> To: User Questions In-Reply-To: <20200807220824.42f04645@gumby.homeunix.com> Message-Id: X-Mailer: Apple Mail (2.3445.104.15) X-Virus-Scanned: clamav-milter 0.101.4 at mail X-Virus-Status: Clean X-Rspamd-Queue-Id: 4BNg9k3XWlz4103 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of SRS0=kybE=BR=mail.sermon-archive.info=doug@sermon-archive.info designates 71.177.216.148 as permitted sender) smtp.mailfrom=SRS0=kybE=BR=mail.sermon-archive.info=doug@sermon-archive.info X-Spamd-Result: default: False [-1.20 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.57)[-0.568]; FROM_HAS_DN(0.00)[]; MV_CASE(0.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[lafn.org: no valid DMARC record]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.988]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-0.24)[-0.241]; R_SPF_ALLOW(-0.20)[+ip4:71.177.216.148]; FORGED_SENDER(0.30)[bc979@lafn.org,SRS0=kybE=BR=mail.sermon-archive.info=doug@sermon-archive.info]; RCVD_NO_TLS_LAST(0.10)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:5650, ipnet:71.177.216.0/23, country:US]; FROM_NEQ_ENVFROM(0.00)[bc979@lafn.org,SRS0=kybE=BR=mail.sermon-archive.info=doug@sermon-archive.info]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Aug 2020 22:33:15 -0000 > On 7 August 2020, at 14:08, RW via freebsd-questions = wrote: >=20 > On Thu, 6 Aug 2020 17:20:16 -0400 > Aryeh Friedman wrote: >=20 >> Due to storm related damage my ISP went out for a few (12) hours >> earlier in the week and while I got it usable without a Internet >> connection by putting everything in my LAN in /etc/hosts (I also run >> a local_unbound --> local bind9 on my file server which I have >> created a zone file for the LAN machines also), but it was very slow >> in booting due to ntpdate, tomcat and sendmail not being to connect >> to the Internet for either forward or reverse DNS. I don't want to >> turn these services off, but I want to be able to do a normal boot >> (no long hangs) if the ISP goes down again. =20 >=20 >=20 > What I used to do when I needed to use my computer without a network > connection is define an OFFLINE flag in rc.conf and then make the > setting of relevant "enable" flags conditional on that. If there's > anything you still need to run you could start it separately with > onestart later in the boot sequence. Depending on what you need running you may be able to use the proposed = fix in bug report 190447. I use that to move sshd above all the long = startup items so that I can access the systems if there is a hang in the = boot process. Generally, SSH access is all I need in those situations. = The other option if you have console access is to control-C through the = long running items. It takes a few of them, and those services are then = not initialized or running. But that gets through the boot process much = quicker. -- Doug From owner-freebsd-questions@freebsd.org Sat Aug 8 09:48:52 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 79FAA3A5E6D for ; Sat, 8 Aug 2020 09:48:52 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: from mail-vs1-xe41.google.com (mail-vs1-xe41.google.com [IPv6:2607:f8b0:4864:20::e41]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BNy9H0H1yz4Yx1 for ; Sat, 8 Aug 2020 09:48:50 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: by mail-vs1-xe41.google.com with SMTP id n25so1928544vsq.6 for ; Sat, 08 Aug 2020 02:48:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seibercom.net; s=google; h=date:from:to:subject:message-id:in-reply-to:references:reply-to :organization:mime-version; bh=n+JKM4DeOO/Fmn6sxO3yJ7A63Z2UpR0pF9xXW6ekiAA=; b=FlgwNGJE0gJPzxX4Kll0Hm8rO250EG+sOjVBYAIZiwdftdb4wniM+ovRjwuMzb8giF rRSrURP1u2ajJhXhfeou+Puz18BEjFZ0ITdcC0qrejV1xWAXr8x3hUtLMb+zZyyWLLkf GuP73tMaJsYvM66CqSMmylq12qt02MiRmaW7I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:reply-to:organization:mime-version; bh=n+JKM4DeOO/Fmn6sxO3yJ7A63Z2UpR0pF9xXW6ekiAA=; b=MsQ7R7rYA3lJqWcRRqi68xx45wDoaG9NCMEi4EKn7nOu/86vourU1aQF7y8opEgs1O TWCimcMb5zNlCavdyxrc0j7iROr27EHMFRwP4q0OncdFAzqAX8Lne29Q8w4DmFyV+yQC UrOsCIyel+3SzeWsseni9v4089ExAkJj+ggdSwIek0koo3OuDtgD7R3fz6swXwyWEvtK bbGkqXF/IEk8KxO0CBrxPKRe2EkXZXPV7K2cxDsSflwGRM1QYwrRKh71yfwH1Gaa5XOM lSWEw2Dz23ePKbYdJwuECsH5LshFqoZ4TRJAZbhK4aElC3KE+RTJd74p683PN+yol+TJ H6QQ== X-Gm-Message-State: AOAM5303IAxAaPK5n/eigaP/a1+vcjY0Qjtrd8dXJLSLWosRtRkwwUyZ n+z5+Sfu2JAvtPoYPZX4iU3RRxlA4E4= X-Google-Smtp-Source: ABdhPJzez8EGBmMWnfxo0l7BBg7JjmQfb4ZC4o2bsXRXB8Ut/zhrTLdsuj8OBqyt3YU3RsbyVaTPMw== X-Received: by 2002:ad4:576c:: with SMTP id r12mr18775309qvx.232.1596879632384; Sat, 08 Aug 2020 02:40:32 -0700 (PDT) Received: from scorpio.seibercom.net (cpe-174-109-231-236.nc.res.rr.com. [174.109.231.236]) by smtp.gmail.com with ESMTPSA id h24sm8701279qkk.72.2020.08.08.02.40.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 08 Aug 2020 02:40:30 -0700 (PDT) Received: from scorpio.seibercom.net (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by scorpio.seibercom.net (Postfix) with ESMTPS id 4BNxzd3R8rzwnb for ; Sat, 8 Aug 2020 05:40:29 -0400 (EDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.102.4 at scorpio.seibercom.net Date: Sat, 8 Aug 2020 05:40:23 -0400 From: Jerry To: "User Questions" Subject: Re: Best way to make a machine boot with or without a Internet connection Message-ID: <20200808054023.555f71ae@scorpio.seibercom.net> In-Reply-To: <20200807211945.ba8fe409.freebsd@edvax.de> References: <20200807211945.ba8fe409.freebsd@edvax.de> Reply-To: "User Questions" Organization: seibercom NET X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; amd64-portbld-freebsd11.4) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; boundary="Sig_/KzWuoTAH0RixSRuqF1xXEby"; protocol="application/pgp-signature" X-Rspamd-Queue-Id: 4BNy9H0H1yz4Yx1 X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=seibercom.net header.s=google header.b=FlgwNGJE; dmarc=none; spf=pass (mx1.freebsd.org: domain of jerry@seibercom.net designates 2607:f8b0:4864:20::e41 as permitted sender) smtp.mailfrom=jerry@seibercom.net X-Spamd-Result: default: False [3.04 / 15.00]; HAS_REPLYTO(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; HAS_ORG_HEADER(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[seibercom.net:+]; NEURAL_HAM_SHORT(-0.21)[-0.209]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; REPLYTO_EQ_TO_ADDR(5.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RECEIVED_SPAMHAUS_PBL(0.00)[174.109.231.236:received]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.17)[-0.169]; R_DKIM_ALLOW(-0.20)[seibercom.net:s=google]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.98)[-0.982]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[seibercom.net]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::e41:from]; GREYLIST(0.00)[pass,body]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Aug 2020 09:48:52 -0000 --Sig_/KzWuoTAH0RixSRuqF1xXEby Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Fri, 7 Aug 2020 21:19:45 +0200, Polytropon stated: >On Fri, 7 Aug 2020 14:54:13 -0400, Aryeh Friedman wrote: >> On Fri, Aug 7, 2020 at 1:24 PM Mario Lobo wrote: >> =20 >> > On Thu, Aug 6, 2020 at 6:20 PM Aryeh Friedman >> > wrote: >> > =20 >> > > Due to storm related damage my ISP went out for a few (12) hours >> > > earlier =20 >> > in =20 >> > > the week and while I got it usable without a Internet connection >> > > by =20 >> > putting =20 >> > > everything in my LAN in /etc/hosts (I also run a local_unbound >> > > --> local bind9 on my file server which I have created a zone >> > > file for the LAN machines also), but it was very slow in booting >> > > due to ntpdate, tomcat =20 >> > and =20 >> > > sendmail not being to connect to the Internet for either forward >> > > or =20 >> > reverse =20 >> > > DNS. I don't want to turn these services off, but I want to be >> > > able to =20 >> > do =20 >> > > a normal boot (no long hangs) if the ISP goes down again. What >> > > is the best way to do this? >> > > >> > > -- >> > > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org >> > > _______________________________________________ >> > > freebsd-questions@freebsd.org mailing list >> > > https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> > > To unsubscribe, send any mail to " >> > > freebsd-questions-unsubscribe@freebsd.org" >> > > =20 >> > >> > This is a long shot but perhaps you could find a way to start these >> > services in the background (&). >> > =20 >>=20 >> Given they are done by /etc/rc based on rc.onf not likely =20 > >The "problem" is that rc, in combination with rc.conf and >the responsible rc.d/ scripts, determines the order in which >certain services have to be started. A workaround would be >to use /etc/rc.local to manually do what rc would do with >its internal logic. Using this approach, you could set the >exact order as well as tests for "is currently connected >to the Internet", starting all subsequent tasks that do >require an online connection. You would put the first >steps into the background, using &, and you could then >even invoke "service netif start" (or parts thereof), >followed by your own services (such as ntp, webserver, >mailserver). Such a mechanism could be configured to >set a flag, for example stupidly simple as a "lock file", >and repeat to test for Internet availability until the >Internet becomes available - then stop. Some further >logic could be added to check if the connection stays >alive, and if it goes down, stop the services, remove >the lock file, and keep trying at a specified interval. > >Of course, this is all manual stuff, nothing is provided >by the OS to handle this in an appropriate fashion and >doesn't even look right... ;-) I saw something on the web a while ago that sort of addressed this sort of problem. The user ran a script via cron on boot-up that checked for a specific conditions then started 'monit' to start the appropriate applications. --=20 Jerry --Sig_/KzWuoTAH0RixSRuqF1xXEby Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEIQb/tTwl6I1ueEVtOHMGOIfexWQFAl8ucwcACgkQOHMGOIfe xWRYswgAjcy6FiN2ef3xu3OSiWIwk34+iRLOXO1C4/i4B3VKL8AvwXOtYzfZySvw RrQHT7x5iPXgvnYpMXdNJ/ydKLkrov2z6MA5ij8nHNq4xvCF3gRBZMHi23e/D2j0 QXOcssyf3FyuUO2MzpKbUU2Ze6BSn7emGFaSB3EJilgHNXU7XuXqQ/IDjZsM+37U nk5iBk7fjgKcfrj1rYyPgdGeh7UpbC1y3MzAITYsvdgF715Sx5DgqEBorc8d/LUa P7wcO0P/V6tAYLc1hUHU9MWJdKw6EomT2Qfx8BXozHywnxyDN1tIRTUpx0odH3PP XkvhxPmiPs9jaEa0uFUzHfYfOdUBYA== =uvmu -----END PGP SIGNATURE----- --Sig_/KzWuoTAH0RixSRuqF1xXEby-- From owner-freebsd-questions@freebsd.org Sat Aug 8 10:13:39 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A99203A69FF for ; Sat, 8 Aug 2020 10:13:39 +0000 (UTC) (envelope-from 4250.82.1d4c20007b266f1.f0a035307e2234803dfc69b75a41326d@email-od.com) Received: from s1-b0c6.socketlabs.email-od.com (s1-b0c6.socketlabs.email-od.com [142.0.176.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BNyjt3pBFz4bd8 for ; Sat, 8 Aug 2020 10:13:38 +0000 (UTC) (envelope-from 4250.82.1d4c20007b266f1.f0a035307e2234803dfc69b75a41326d@email-od.com) DKIM-Signature: v=1; a=rsa-sha256; d=email-od.com;i=@email-od.com;s=dkim; c=relaxed/relaxed; q=dns/txt; t=1596881619; x=1599473619; h=content-transfer-encoding:content-type:mime-version:references:in-reply-to:message-id:subject:cc:to:from:date:x-thread-info; bh=b4LMt5yBKr0y/ukbTFTmHkorgqcRFWzpjxdiJXkFmKQ=; b=elbrHzIEQ7N569y/1ixnRggmZWVMDtevmPZkrJBm/1yzrzD7yGhCbJ3bWKtFpGGkHAyQzSHDt2eiuk4X68ohZTbX9nlkKAUEVnO7XXtfvSTd7S4UONdblhB6yFd4YjMYiEJQJ6tLOC/4dSAGuqFqiXkPahShxhGzZBryEyQ8cfg= X-Thread-Info: NDI1MC45Mi4xZDRjMjAwMDdiMjY2ZjEuZnJlZWJzZC1xdWVzdGlvbnM9ZnJlZWJzZC5vcmc= Received: from r2.us-east-1.aws.in.socketlabs.com (r2.us-east-1.aws.in.socketlabs.com [142.0.191.2]) by mxsg2.email-od.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Sat, 8 Aug 2020 06:13:36 -0400 Received: from smtp.lan.sohara.org (EMTPY [185.202.17.215]) by r2.us-east-1.aws.in.socketlabs.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Sat, 8 Aug 2020 06:13:36 -0400 Received: from [192.168.63.1] (helo=steve.lan.sohara.org) by smtp.lan.sohara.org with smtp (Exim 4.94 (FreeBSD)) (envelope-from ) id 1k4Lr4-0002Q8-NV; Sat, 08 Aug 2020 11:13:34 +0100 Date: Sat, 8 Aug 2020 11:13:34 +0100 From: Steve O'Hara-Smith To: Aryeh Friedman Cc: FreeBSD Mailing List Subject: Re: Best way to make a machine boot with or without a Internet connection Message-Id: <20200808111334.4dc78fbd3369a0bcf9eada04@sohara.org> In-Reply-To: References: X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) X-Clacks-Overhead: "GNU Terry Pratchett" Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BNyjt3pBFz4bd8 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=email-od.com header.s=dkim header.b=elbrHzIE; dmarc=none; spf=pass (mx1.freebsd.org: domain of 4250.82.1d4c20007b266f1.f0a035307e2234803dfc69b75a41326d@email-od.com designates 142.0.176.198 as permitted sender) smtp.mailfrom=4250.82.1d4c20007b266f1.f0a035307e2234803dfc69b75a41326d@email-od.com X-Spamd-Result: default: False [-2.10 / 15.00]; ARC_NA(0.00)[]; RWL_MAILSPIKE_VERYGOOD(0.00)[142.0.176.198:from]; R_DKIM_ALLOW(-0.20)[email-od.com:s=dkim]; NEURAL_HAM_MEDIUM(-0.98)[-0.978]; FROM_HAS_DN(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip4:142.0.176.0/20]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[sohara.org]; NEURAL_HAM_LONG(-1.01)[-1.006]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[email-od.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[142.0.176.198:from]; NEURAL_HAM_SHORT(-0.41)[-0.414]; FREEMAIL_TO(0.00)[gmail.com]; FORGED_SENDER(0.30)[steve@sohara.org,4250.82.1d4c20007b266f1.f0a035307e2234803dfc69b75a41326d@email-od.com]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:7381, ipnet:142.0.176.0/22, country:US]; FROM_NEQ_ENVFROM(0.00)[steve@sohara.org,4250.82.1d4c20007b266f1.f0a035307e2234803dfc69b75a41326d@email-od.com]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Aug 2020 10:13:39 -0000 On Thu, 6 Aug 2020 17:20:16 -0400 Aryeh Friedman wrote: > Due to storm related damage my ISP went out for a few (12) hours earlier > in the week and while I got it usable without a Internet connection by > putting everything in my LAN in /etc/hosts (I also run a local_unbound > --> local bind9 on my file server which I have created a zone file for > the LAN machines also), but it was very slow in booting due to ntpdate, > tomcat and sendmail not being to connect to the Internet for either > forward or reverse DNS. I don't want to turn these services off, but I > want to be able to do a normal boot (no long hangs) if the ISP goes down > again. What is the best way to do this? Your problem is DNS so I'd suggest solving it at that level. Point everything at a local DNS service and provide that with the handful of addresses that you need to boot smoothly (or put them in /etc/hosts where they're needed) so that it doesn't have to forward queries for them. This does leave you open to problems if they change of course. -- Steve O'Hara-Smith From owner-freebsd-questions@freebsd.org Sat Aug 8 11:21:34 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7AECF3A923A for ; Sat, 8 Aug 2020 11:21:34 +0000 (UTC) (envelope-from yasu@utahime.org) Received: from gate.utahime.jp (gate.utahime.jp [183.180.29.210]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BP0DF0R84z3b4y for ; Sat, 8 Aug 2020 11:21:32 +0000 (UTC) (envelope-from yasu@utahime.org) Received: from eastasia.home.utahime.org (eastasia.home.utahime.org [192.168.174.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by gate.utahime.jp (Postfix) with ESMTPS id 6FF64C4D6 for ; Sat, 8 Aug 2020 20:21:22 +0900 (JST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=utahime.org; s=maybe2019112701; t=1596885682; bh=jaKuQR+Hl8GZ1qoi4824vrGU+b+gZ9iHBTAOpgj/vOQ=; h=Date:To:Subject:From; b=e8V6GQ/PAc85CuSJiZxYGAJed9nXzvWKYzRBVnkKcwc0V7Z4Jbm/WvZv8p8wxegV8 rhjNvXvJ4fwxfC5Qi+XZ8dTsG69Dxsln76PKuhsw+ewe7BpxGMmyodba0otfWw2J6L DqbRtC+qYo2r/DhzG/RcOK3UvrMU/Sbv885Nvf3nMP9rpKZXEqt04lfw3UHeOmuTeL q2lnLZPnPz8jqDUfYt+NKnUDT4ND7FqSxOoBeR7mq8BrepIn8q5LpQzr3LcC+vycgp a7WbRnaPe6GiygaPqNJrbp3c31NhgwqmEe5+EQGAuzZElTi2TapRHZREt+OLnagYH5 jD0P6SuC7DpPg== Received: from localhost (rolling.home.utahime.org [192.168.174.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by eastasia.home.utahime.org (Postfix) with ESMTPSA id E06924D9EA; Sat, 8 Aug 2020 20:21:21 +0900 (JST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.102.4 at eastasia.home.utahime.org Date: Sat, 08 Aug 2020 20:21:00 +0900 (JST) Message-Id: <20200808.202100.797290716807615226.yasu@utahime.org> To: freebsd-questions@freebsd.org Subject: Trouble of svn repositories? From: Yasuhiro KIMURA X-Mailer: Mew version 6.8 on Emacs 26.3 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BP0DF0R84z3b4y X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=pass header.d=utahime.org header.s=maybe2019112701 header.b=e8V6GQ/P; dmarc=none; spf=pass (mx1.freebsd.org: domain of yasu@utahime.org designates 183.180.29.210 as permitted sender) smtp.mailfrom=yasu@utahime.org X-Spamd-Result: default: False [0.13 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[utahime.org:s=maybe2019112701]; NEURAL_HAM_MEDIUM(-0.86)[-0.855]; FROM_HAS_DN(0.00)[]; MV_CASE(0.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.95)[-0.948]; RCVD_COUNT_THREE(0.00)[3]; DMARC_NA(0.00)[utahime.org]; R_SPF_ALLOW(-0.20)[+a:spf-authorized.utahime.org]; DKIM_TRACE(0.00)[utahime.org:+]; NEURAL_HAM_SHORT(-0.07)[-0.067]; MID_CONTAINS_FROM(1.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:2519, ipnet:183.180.0.0/16, country:JP]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Aug 2020 11:21:34 -0000 Hello, Commit messages are arriving to svn-* ML, but svn update doesn't pull them. Is trouble happening to svn repositories? --- Yasuhiro KIMURA From owner-freebsd-questions@freebsd.org Sat Aug 8 16:25:32 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D5B753AF91D for ; Sat, 8 Aug 2020 16:25:32 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.135]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BP6yz3wc4z46cb for ; Sat, 8 Aug 2020 16:25:31 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([188.102.98.146]) by mrelayeu.kundenserver.de (mreue010 [212.227.15.167]) with ESMTPA (Nemesis) id 1Mz9pT-1kz8wc0t3z-00wH1S for ; Sat, 08 Aug 2020 18:25:29 +0200 Date: Sat, 8 Aug 2020 18:25:28 +0200 From: Polytropon To: freebsd-questions@freebsd.org Subject: Re: Best way to make a machine boot with or without a Internet connection Message-Id: <20200808182528.371dbadf.freebsd@edvax.de> In-Reply-To: <20200808054023.555f71ae@scorpio.seibercom.net> References: <20200807211945.ba8fe409.freebsd@edvax.de> <20200808054023.555f71ae@scorpio.seibercom.net> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K1:meATFPArp0/j88jK7vPtVNG9B6kblQmgVoZamj9CQ8j2lR4zNKC cbLwxSGVvoQmEmqocKAC6jKfFde76JB6Jm+v4g6afJ3407YRV7gmQ9mdxuJ1RcIA52eismt JkJVap6bklB8hXo1hsz+3igFNNihQkPF1d2HrlE9f296m298pixWbCKfoCOZcRt2B10EGCk 3u1YVLcbylsTUyUFUZJaA== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:p8TT2YH4RFU=:AR99nuZcXKGNiKhsWCyjyK yut59t5ExPs+E+DP1piJdt5bi3b8n3o1jZf1vQZxEmnLCJHfeNZ4rR6qS7I21plC1c4lI89d0 3OEtXlfeRhgL9hKMwdkQxHJkrstkJycJJVY3h4ZbHmMEirU1UaclCJibFx+Th1WlJ3L8TceHe 6TN51QUnlts5c7bu+HyXpKL3AlN4Yv4BvCCa7XTte7Cvn2EuJA/YpmBO4dtJnTXzfkPajCyN6 jWdpNkx886dlrhedV5uPibkhm2+lRk9wEr82qTzgYMJgci3/+WE5jAilH/4thV2BodONQHBzF U5pgrSmi79bI4cXEEvMNy3mwKS7x/wExUKU+GOuqjicFTSAmGZ5LYQs0jqr6gjM2bEiFakkEP Jg6b5uhbAXQI6KEDMAPmI3hS4U7J1UzezLTAaEWwIwPXeY881BxQ5ZPlBGcO5ZzQEtoCuzIB7 eLbw05UOgK3b6sP5yxasbG0bBpdJrVBiGEXCHhSyfR0XIhd9pYsJ4utICoM0dTIpBnoe7nzK/ K7Ij3cDgLqfvd1YHBRGYgLoXr25URN58sr3urUWEyDOTQ2Rj44KYRjvv2YZeONVEvfrHIkziH yXM+TV2oxMwMkRzQTPQ9bDa2kz+xZEzmrm664ZJjEI4U7KyjQD/Yd2EbE0+Hhh35iFXRePgS5 cfmAn/Pf3wqXXmGm9pg5hu+3tnCWu1UiYnYei+H8YV8AHVbg8w2ZR47eaEaQYYrwkbg+ibW2A qjWwfnSB1hCi55GJTu2fuNNDB7ETbcYbGhUVko0skGIp4TYISAt+ncr6oVvdZpyjf349yZEqs izDw3yBekQycKEc0FYw+Bhw508t8icJ+Gs0RNosirvZ/QX5VekUeHP49ZF+piSpkrPfxC1M X-Rspamd-Queue-Id: 4BP6yz3wc4z46cb X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd@edvax.de has no SPF policy when checking 212.227.126.135) smtp.mailfrom=freebsd@edvax.de X-Spamd-Result: default: False [3.63 / 15.00]; HAS_REPLYTO(0.00)[freebsd@edvax.de]; RCVD_VIA_SMTP_AUTH(0.00)[]; MV_CASE(0.50)[]; TO_DN_NONE(0.00)[]; HAS_ORG_HEADER(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[188.102.98.146:received]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.01)[0.006]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.29)[0.292]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[edvax.de]; NEURAL_SPAM_LONG(0.93)[0.934]; MID_CONTAINS_FROM(1.00)[]; RCVD_IN_DNSWL_NONE(0.00)[212.227.126.135:from]; R_SPF_NA(0.00)[no SPF record]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.227.126.135:from]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Aug 2020 16:25:32 -0000 On Sat, 8 Aug 2020 05:40:23 -0400, Jerry wrote: > On Fri, 7 Aug 2020 21:19:45 +0200, Polytropon stated: > >On Fri, 7 Aug 2020 14:54:13 -0400, Aryeh Friedman wrote: > >> On Fri, Aug 7, 2020 at 1:24 PM Mario Lobo wrote: > >> > >> > On Thu, Aug 6, 2020 at 6:20 PM Aryeh Friedman > >> > wrote: > >> > > >> > > Due to storm related damage my ISP went out for a few (12) hours > >> > > earlier > >> > in > >> > > the week and while I got it usable without a Internet connection > >> > > by > >> > putting > >> > > everything in my LAN in /etc/hosts (I also run a local_unbound > >> > > --> local bind9 on my file server which I have created a zone > >> > > file for the LAN machines also), but it was very slow in booting > >> > > due to ntpdate, tomcat > >> > and > >> > > sendmail not being to connect to the Internet for either forward > >> > > or > >> > reverse > >> > > DNS. I don't want to turn these services off, but I want to be > >> > > able to > >> > do > >> > > a normal boot (no long hangs) if the ISP goes down again. What > >> > > is the best way to do this? > >> > > > >> > > -- > >> > > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org > >> > > _______________________________________________ > >> > > freebsd-questions@freebsd.org mailing list > >> > > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > >> > > To unsubscribe, send any mail to " > >> > > freebsd-questions-unsubscribe@freebsd.org" > >> > > > >> > > >> > This is a long shot but perhaps you could find a way to start these > >> > services in the background (&). > >> > > >> > >> Given they are done by /etc/rc based on rc.onf not likely > > > >The "problem" is that rc, in combination with rc.conf and > >the responsible rc.d/ scripts, determines the order in which > >certain services have to be started. A workaround would be > >to use /etc/rc.local to manually do what rc would do with > >its internal logic. Using this approach, you could set the > >exact order as well as tests for "is currently connected > >to the Internet", starting all subsequent tasks that do > >require an online connection. You would put the first > >steps into the background, using &, and you could then > >even invoke "service netif start" (or parts thereof), > >followed by your own services (such as ntp, webserver, > >mailserver). Such a mechanism could be configured to > >set a flag, for example stupidly simple as a "lock file", > >and repeat to test for Internet availability until the > >Internet becomes available - then stop. Some further > >logic could be added to check if the connection stays > >alive, and if it goes down, stop the services, remove > >the lock file, and keep trying at a specified interval. > > > >Of course, this is all manual stuff, nothing is provided > >by the OS to handle this in an appropriate fashion and > >doesn't even look right... ;-) > > I saw something on the web a while ago that sort of addressed this sort > of problem. The user ran a script via cron on boot-up that checked for > a specific conditions then started 'monit' to start the appropriate > applications. If I remember correctly, systemd is _the_ tool to deal with this kind of situation... ;-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Sat Aug 8 16:54:38 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 613DB37856A for ; Sat, 8 Aug 2020 16:54:38 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-qk1-x736.google.com (mail-qk1-x736.google.com [IPv6:2607:f8b0:4864:20::736]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BP7cY0btdz48J8 for ; Sat, 8 Aug 2020 16:54:36 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-qk1-x736.google.com with SMTP id 2so4565036qkf.10 for ; Sat, 08 Aug 2020 09:54:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-transfer-encoding; bh=xDaBeCgCC49RwC2mHkaYVVI4WhfeiBm8JHCrhROY204=; b=IZo0C7HP2t37CWgZKb39yFnyGigQh0DtWe5DPC//hPOPsSQ2qCZahYx+IZ4/unW+N2 wocUmAkl7H73v9817U5oST1Bxw3w9o/ymPAkv0VmeaLci5y7cUCuQVJiUNLFlG4xC6r0 aBIGyKHyZGEguDDi2l+XLPo+c9N2+g5BDntMqA+qXqifqWo3F1az0ClJAbNc/Weud5j4 IIZImyNWBuQBT16XWY1OaxHalJ71RXy4bAFvqJPFt3vNEvoVW0nOgnicaGSCo0jwjiGX HwSV0/9w4ebqMpAY3GGaViqidOGow8WO0Qx2pqw2+zWEMrdaSJhiQRKR7LrPOsvHqMi4 HToA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-transfer-encoding; bh=xDaBeCgCC49RwC2mHkaYVVI4WhfeiBm8JHCrhROY204=; b=HDSknDJO3TEu+aWlChUHOA949l15+f4w6FO7ki+oNXf7Itf+fuGvtifVOF+RH1yj7G TZEpd7G8f2vRQPVXqfFdoZqimjHVgAIegcF1j88oHX5Hvmp2NN16ke2hvg+zoHxOGcc9 dMSRJEsASuaf9Es5CsAVQg7mjiBhT1LTYfFNk7PjNRlLw+R2/C69qXp7Nv3v9QLJOEaA ASAX4uESIITcpxvQRGnLceR/QWJnA5szq9d9ZS2MYV8nUwu5yRlzi5ypNEhNsle0xU5k ZheWRB8iURQ+qpHZ45cnRlQ3H+P3DLMkKdsV6OWHjVcTbkLD+pRRldtsRKHxAP6KeIKo ckWQ== X-Gm-Message-State: AOAM530e4eE6xMpRluZPKv6CRtp3GBDxqotKjfKLTLXaGY2HoHx1fL9F ZtxbqvbvloEKkl7QkHW59093IYtS X-Google-Smtp-Source: ABdhPJzg483RNu+4nzA8/8Jfc8+5o+u6zpPrJV0QEv0nJfXgLJB22HueoeqM1X4AORp+OELgz4VzCw== X-Received: by 2002:a05:620a:573:: with SMTP id p19mr19137295qkp.197.1596905675642; Sat, 08 Aug 2020 09:54:35 -0700 (PDT) Received: from [10.0.10.8] (cpe-65-25-51-0.neo.res.rr.com. [65.25.51.0]) by smtp.googlemail.com with ESMTPSA id d46sm11654516qtk.37.2020.08.08.09.54.34 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 08 Aug 2020 09:54:35 -0700 (PDT) Message-ID: <5F2ED8CA.3070201@gmail.com> Date: Sat, 08 Aug 2020 12:54:34 -0400 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: Polytropon CC: freebsd-questions@freebsd.org Subject: Re: Best way to make a machine boot with or without a Internet connection References: <20200807211945.ba8fe409.freebsd@edvax.de> <20200808054023.555f71ae@scorpio.seibercom.net> <20200808182528.371dbadf.freebsd@edvax.de> In-Reply-To: <20200808182528.371dbadf.freebsd@edvax.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BP7cY0btdz48J8 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=IZo0C7HP; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of luzar722@gmail.com designates 2607:f8b0:4864:20::736 as permitted sender) smtp.mailfrom=luzar722@gmail.com X-Spamd-Result: default: False [-3.84 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.71)[-0.706]; RECEIVED_SPAMHAUS_PBL(0.00)[65.25.51.0:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.10)[-1.102]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.04)[-1.036]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::736:from]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Aug 2020 16:54:38 -0000 Polytropon wrote: > On Sat, 8 Aug 2020 05:40:23 -0400, Jerry wrote: >> On Fri, 7 Aug 2020 21:19:45 +0200, Polytropon stated: >>> On Fri, 7 Aug 2020 14:54:13 -0400, Aryeh Friedman wrote: >>>> On Fri, Aug 7, 2020 at 1:24 PM Mario Lobo wrote: >>>> >>>>> On Thu, Aug 6, 2020 at 6:20 PM Aryeh Friedman >>>>> wrote: >>>>> >>>>>> Due to storm related damage my ISP went out for a few (12) hours >>>>>> earlier >>>>> in >>>>>> the week and while I got it usable without a Internet connection >>>>>> by >>>>> putting >>>>>> everything in my LAN in /etc/hosts (I also run a local_unbound >>>>>> --> local bind9 on my file server which I have created a zone >>>>>> file for the LAN machines also), but it was very slow in booting >>>>>> due to ntpdate, tomcat >>>>> and >>>>>> sendmail not being to connect to the Internet for either forward >>>>>> or >>>>> reverse >>>>>> DNS. I don't want to turn these services off, but I want to be >>>>>> able to >>>>> do >>>>>> a normal boot (no long hangs) if the ISP goes down again. What >>>>>> is the best way to do this? >>>>>> >>>>>> -- >>>>>> Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org >>>>>> _______________________________________________ >>>>>> freebsd-questions@freebsd.org mailing list >>>>>> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >>>>>> To unsubscribe, send any mail to " >>>>>> freebsd-questions-unsubscribe@freebsd.org" >>>>>> >>>>> This is a long shot but perhaps you could find a way to start these >>>>> services in the background (&). >>>>> >>>> Given they are done by /etc/rc based on rc.onf not likely >>> The "problem" is that rc, in combination with rc.conf and >>> the responsible rc.d/ scripts, determines the order in which >>> certain services have to be started. A workaround would be >>> to use /etc/rc.local to manually do what rc would do with >>> its internal logic. Using this approach, you could set the >>> exact order as well as tests for "is currently connected >>> to the Internet", starting all subsequent tasks that do >>> require an online connection. You would put the first >>> steps into the background, using &, and you could then >>> even invoke "service netif start" (or parts thereof), >>> followed by your own services (such as ntp, webserver, >>> mailserver). Such a mechanism could be configured to >>> set a flag, for example stupidly simple as a "lock file", >>> and repeat to test for Internet availability until the >>> Internet becomes available - then stop. Some further >>> logic could be added to check if the connection stays >>> alive, and if it goes down, stop the services, remove >>> the lock file, and keep trying at a specified interval. >>> >>> Of course, this is all manual stuff, nothing is provided >>> by the OS to handle this in an appropriate fashion and >>> doesn't even look right... ;-) >> I saw something on the web a while ago that sort of addressed this sort >> of problem. The user ran a script via cron on boot-up that checked for >> a specific conditions then started 'monit' to start the appropriate >> applications. > > If I remember correctly, systemd is _the_ tool to deal with > this kind of situation... ;-) > Is systemd part of the base OS or a port? From owner-freebsd-questions@freebsd.org Sat Aug 8 17:05:49 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 70D17378CB7 for ; Sat, 8 Aug 2020 17:05:49 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.135]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BP7sS2f64z48jK for ; Sat, 8 Aug 2020 17:05:48 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([188.102.98.146]) by mrelayeu.kundenserver.de (mreue012 [212.227.15.167]) with ESMTPA (Nemesis) id 1MwjO6-1kwfTM0E2c-00yD70; Sat, 08 Aug 2020 19:05:46 +0200 Date: Sat, 8 Aug 2020 19:05:45 +0200 From: Polytropon To: Ernie Luzar Cc: freebsd-questions@freebsd.org Subject: Re: Best way to make a machine boot with or without a Internet connection Message-Id: <20200808190545.20610591.freebsd@edvax.de> In-Reply-To: <5F2ED8CA.3070201@gmail.com> References: <20200807211945.ba8fe409.freebsd@edvax.de> <20200808054023.555f71ae@scorpio.seibercom.net> <20200808182528.371dbadf.freebsd@edvax.de> <5F2ED8CA.3070201@gmail.com> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K1:YwxX23OJ5V7ZtoWfvIkRFqAH968PnxyakkkbnLMjUyMgiDGYpI2 yK7H8cpS72Ktoa2OZ97AWLZpbZdP7FuCQJ6xK4zp9YpwbT3L+mwpIUkz9YIDU/lR45zFxk8 nh4rXu2+cHMmVGrPsZ77z6fWtr77mqvEM1+ArgHESPrZ9sbS998rbx3oMz44rFD5JNuQkMw cxWG8cc6i5pa5Bdpl1MbA== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:2TFgABQHz/s=:2hlp19pQ+82KTXIR3F/UcQ 7Hdz+XULX2wLzpMmfYlu3lWA9mCJCV6gqSBm1A7EyvaRO6swjflSwsxpNhenuNEX49nx3SWRH fRDfTFGEIFfOlbooXdL79tNqVszSHJwKJ/hSIrH2YT00ZxBcUjUS+l2D8KyHbeYZXnfcw4C1s itiwrzI/D05edFqVi2fekn8PDwHneILvBaW0kzCmjL296U1V0+cEq4HtvV4pTlWp5Plk+79Bb q/CaQdFxpH4hMzJawTWsYHOomjjAeVVRaGsAJZMNTljCdPbY9xUR8WjW0PtNB2j6CaA41Y/oy Zf/t5oQDvXvdFziy2UOwYahsbatY7bS+zyZ24u4wa6cDbQ2JVNxcPVR3f4vB/2BPM1i115KPt 0BTLqYWRSA6pgPWiA0kd817RuoVEnbqEFA+710oog94iHFc37cFLmsulJuVTfEZrTLZk5dcQZ IBaODPPhTijrtl7BFeH6/SGlqf4eYmzFZoNQBXi0QhJrUR2EZVc/iqvxkIcMtakF6Iw9BUxgJ ZBJou7/ly87jvzc0JbJAQNT+CdkGlq/Fp4AesQKNu8HE8N9TXfG8XCS/oPfI8T03yrKUpQpON ZVSRC7BZ+2R+RM+LiomZ6tzsYZch5+ld1+JOcz7mnig2oEmWmXc4HOVtUtLNr87Cn+3SQJtui Dgt4oGEN3ieMeS93TRpe4avp2qEFF39B9rAMMIpYdw4dnSdB0jxIMVMSdPxTO74Eh+BY08wXM kaHgzJBIfazPnzoPRyuOUk8IpUtU+oyIB9r+Asj4gw/WPRHttYHTb++9r7llIookxXK9+D+ir fejqhwu64Kgc9QEsHkGfmJbyh1JzlvLK3nmDJTcVrdNOnD6feF2PuRuvg0u9HY0K5NCPKKT X-Rspamd-Queue-Id: 4BP7sS2f64z48jK X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd@edvax.de has no SPF policy when checking 212.227.126.135) smtp.mailfrom=freebsd@edvax.de X-Spamd-Result: default: False [2.54 / 15.00]; HAS_REPLYTO(0.00)[freebsd@edvax.de]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; HAS_ORG_HEADER(0.00)[]; NEURAL_HAM_SHORT(-0.44)[-0.443]; RCPT_COUNT_TWO(0.00)[2]; FREEMAIL_TO(0.00)[gmail.com]; RECEIVED_SPAMHAUS_PBL(0.00)[188.102.98.146:received]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.02)[-0.021]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[edvax.de]; AUTH_NA(1.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_LONG(0.60)[0.603]; MID_CONTAINS_FROM(1.00)[]; RCVD_IN_DNSWL_NONE(0.00)[212.227.126.135:from]; R_SPF_NA(0.00)[no SPF record]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.227.126.135:from]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Aug 2020 17:05:49 -0000 On Sat, 08 Aug 2020 12:54:34 -0400, Ernie Luzar wrote: > Polytropon wrote: > > On Sat, 8 Aug 2020 05:40:23 -0400, Jerry wrote: > >> On Fri, 7 Aug 2020 21:19:45 +0200, Polytropon stated: > >>> On Fri, 7 Aug 2020 14:54:13 -0400, Aryeh Friedman wrote: > >>>> On Fri, Aug 7, 2020 at 1:24 PM Mario Lobo wrote: > >>>> > >>>>> On Thu, Aug 6, 2020 at 6:20 PM Aryeh Friedman > >>>>> wrote: > >>>>> > >>>>>> Due to storm related damage my ISP went out for a few (12) hours > >>>>>> earlier > >>>>> in > >>>>>> the week and while I got it usable without a Internet connection > >>>>>> by > >>>>> putting > >>>>>> everything in my LAN in /etc/hosts (I also run a local_unbound > >>>>>> --> local bind9 on my file server which I have created a zone > >>>>>> file for the LAN machines also), but it was very slow in booting > >>>>>> due to ntpdate, tomcat > >>>>> and > >>>>>> sendmail not being to connect to the Internet for either forward > >>>>>> or > >>>>> reverse > >>>>>> DNS. I don't want to turn these services off, but I want to be > >>>>>> able to > >>>>> do > >>>>>> a normal boot (no long hangs) if the ISP goes down again. What > >>>>>> is the best way to do this? > >>>>>> > >>>>>> -- > >>>>>> Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org > >>>>>> _______________________________________________ > >>>>>> freebsd-questions@freebsd.org mailing list > >>>>>> https://lists.freebsd.org/mailman/listinfo/freebsd-questions > >>>>>> To unsubscribe, send any mail to " > >>>>>> freebsd-questions-unsubscribe@freebsd.org" > >>>>>> > >>>>> This is a long shot but perhaps you could find a way to start these > >>>>> services in the background (&). > >>>>> > >>>> Given they are done by /etc/rc based on rc.onf not likely > >>> The "problem" is that rc, in combination with rc.conf and > >>> the responsible rc.d/ scripts, determines the order in which > >>> certain services have to be started. A workaround would be > >>> to use /etc/rc.local to manually do what rc would do with > >>> its internal logic. Using this approach, you could set the > >>> exact order as well as tests for "is currently connected > >>> to the Internet", starting all subsequent tasks that do > >>> require an online connection. You would put the first > >>> steps into the background, using &, and you could then > >>> even invoke "service netif start" (or parts thereof), > >>> followed by your own services (such as ntp, webserver, > >>> mailserver). Such a mechanism could be configured to > >>> set a flag, for example stupidly simple as a "lock file", > >>> and repeat to test for Internet availability until the > >>> Internet becomes available - then stop. Some further > >>> logic could be added to check if the connection stays > >>> alive, and if it goes down, stop the services, remove > >>> the lock file, and keep trying at a specified interval. > >>> > >>> Of course, this is all manual stuff, nothing is provided > >>> by the OS to handle this in an appropriate fashion and > >>> doesn't even look right... ;-) > >> I saw something on the web a while ago that sort of addressed this sort > >> of problem. The user ran a script via cron on boot-up that checked for > >> a specific conditions then started 'monit' to start the appropriate > >> applications. > > > > If I remember correctly, systemd is _the_ tool to deal with > > this kind of situation... ;-) > > > > Is systemd part of the base OS or a port? It's a GNU/Linux core component (adopted by most distributions) and often seen as the best advertisement to use FreeBSD. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...