Peter N. M. Hansteen
@pitrh@mastodon.social  ·  activity timestamp 4 days ago

My upcoming book, The Book of PF 4th edition, is part of B&N’s pre-order sale Sept 3–5! Use code PREORDER25 for 25% off (35% for Premium members).

https://www.barnesandnoble.com/w/the-book-of-pf-4th-edition-peter-nm-hansteen/1147997310?ean=9781718504707

#bookofpf #bnpreorder #openbsd #freebsd #pf #packetfilter #networking #security #nostarch #barnesandnoble

Stefano Marinelli
Michael Dexter
Stefano Marinelli and 1 other boosted
BSDTV
@bsdtv@bsd.network  ·  activity timestamp 5 days ago

A new BSDCan video has been posted:
Enhancing Unix Education through Chaos Engineering and Gamification using FreeBSD by Andreas Kirchner, Benedict Reuschling

https://youtu.be/ZpCpcTu3yUk

For more information, please visit:
https://www.bsdcan.org/2025/
- and -
https://www.bsdcan.org/2025/timetable/timetable-Enhancing-Unix-Education.html

#runbsd #freebsd #pf #bsdcan
BSDTV
@bsdtv@bsd.network  ·  activity timestamp 5 days ago

A new BSDCan video has been posted:
Enhancing Unix Education through Chaos Engineering and Gamification using FreeBSD by Andreas Kirchner, Benedict Reuschling

https://youtu.be/ZpCpcTu3yUk

For more information, please visit:
https://www.bsdcan.org/2025/
- and -
https://www.bsdcan.org/2025/timetable/timetable-Enhancing-Unix-Education.html

#runbsd #freebsd #pf #bsdcan

Michael Dexter
Stefano Marinelli
Michael Dexter and 1 other boosted
Stefano Marinelli
@stefano@mastodon.illumos.cafe  ·  activity timestamp 6 days ago

Hey #illumos friends, I'm experimenting on a VPS. They assigned me a /64 IPv6 subnet, but I can't use it. Long story short, I think I need an NDP proxy, but as far as I know, one isn't available on illumos. So, I've created a ULA and mapped it using NAT66: map vioif0 myULA/64 -> publicIPV6/128. It works, but the server eventually crashes and reboots. When I look at the /var/adm/messages file, I see:

[...]
2025-09-01T17:47:59.314554+00:00 hostname unix: [ID 836849 kern.notice] #012#015panic[cpu1]/thread=fffffe00040f4c20:
2025-09-01T17:47:59.314564+00:00 hostname genunix: [ID 335743 kern.notice] BAD TRAP: type=e ( #pf Page fault) rp=fffffe00040f3b20 addr=0 occurred in module "unix" due to a NULL pointer dereference
2025-09-01T17:47:59.314569+00:00 hostname unix: [ID 100000 kern.notice] #012
2025-09-01T17:47:59.314574+00:00 hostname unix: [ID 839527 kern.notice] sched:
2025-09-01T17:47:59.314578+00:00 hostname unix: [ID 753105 kern.notice] #pf Page fault
2025-09-01T17:47:59.314582+00:00 hostname unix: [ID 532287 kern.notice] Bad kernel fault at addr=0x0
2025-09-01T17:47:59.314587+00:00 hostname unix: [ID 243837 kern.notice] pid=0, pc=0xfffffffffb887d3b, sp=0xfffffe00040f3c18, eflags=0x10246
2025-09-01T17:47:59.314591+00:00 hostname unix: [ID 619397 kern.notice] cr0: 8005003b cr4: 3606f8
2025-09-01T17:47:59.314596+00:00 hostname unix: [ID 152204 kern.notice] cr2: 0
2025-09-01T17:47:59.314599+00:00 hostname unix: [ID 634440 kern.notice] cr3: 22800000
2025-09-01T17:47:59.314603+00:00 hostname unix: [ID 625715 kern.notice] cr8: 0

[...]

If I disable that map, it's stable (but I can't use ipV6 from the non global zones)

Any ideas?
Stefano Marinelli
@stefano@mastodon.illumos.cafe  ·  activity timestamp 6 days ago

Hey #illumos friends, I'm experimenting on a VPS. They assigned me a /64 IPv6 subnet, but I can't use it. Long story short, I think I need an NDP proxy, but as far as I know, one isn't available on illumos. So, I've created a ULA and mapped it using NAT66: map vioif0 myULA/64 -> publicIPV6/128. It works, but the server eventually crashes and reboots. When I look at the /var/adm/messages file, I see:

[...]
2025-09-01T17:47:59.314554+00:00 hostname unix: [ID 836849 kern.notice] #012#015panic[cpu1]/thread=fffffe00040f4c20:
2025-09-01T17:47:59.314564+00:00 hostname genunix: [ID 335743 kern.notice] BAD TRAP: type=e ( #pf Page fault) rp=fffffe00040f3b20 addr=0 occurred in module "unix" due to a NULL pointer dereference
2025-09-01T17:47:59.314569+00:00 hostname unix: [ID 100000 kern.notice] #012
2025-09-01T17:47:59.314574+00:00 hostname unix: [ID 839527 kern.notice] sched:
2025-09-01T17:47:59.314578+00:00 hostname unix: [ID 753105 kern.notice] #pf Page fault
2025-09-01T17:47:59.314582+00:00 hostname unix: [ID 532287 kern.notice] Bad kernel fault at addr=0x0
2025-09-01T17:47:59.314587+00:00 hostname unix: [ID 243837 kern.notice] pid=0, pc=0xfffffffffb887d3b, sp=0xfffffe00040f3c18, eflags=0x10246
2025-09-01T17:47:59.314591+00:00 hostname unix: [ID 619397 kern.notice] cr0: 8005003b cr4: 3606f8
2025-09-01T17:47:59.314596+00:00 hostname unix: [ID 152204 kern.notice] cr2: 0
2025-09-01T17:47:59.314599+00:00 hostname unix: [ID 634440 kern.notice] cr3: 22800000
2025-09-01T17:47:59.314603+00:00 hostname unix: [ID 625715 kern.notice] cr8: 0

[...]

If I disable that map, it's stable (but I can't use ipV6 from the non global zones)

Any ideas?
Stefano Marinelli
@stefano@mastodon.bsd.cafe  ·  activity timestamp 7 days ago

Today is Monday, 1st September. And September means one thing: EuroBSDCon!

23 days to go until EuroBSDCon 2025 in Zagreb!

I’m doing a little “advent calendar” for BSD fans: each day until the conference I’ll share one article from it-notes.dragas.net about FreeBSD, OpenBSD, NetBSD, DragonFlyBSD, ZFS, PF and more. The dedicated hashtag will be #EuroBSDConAdvent

Let’s start right away with "I Solve Problems" - my EuroBSDCon 2024 (and #BSDCan 2025) talk about migrating from Linux to BSDs:

https://it-notes.dragas.net/2024/10/03/i-solve-problems-eurobsdcon/

If you’re coming to Zagreb, reply to this post - it would be nice to meet up with fellow BSD users!

#EuroBSDCon#BSD#FreeBSD#OpenBSD#NetBSD#DragonFlyBSD#ZFS#PF#RunBSD#EuroBSDConAdvent
Peter N. M. Hansteen
@pitrh@mastodon.social  ·  activity timestamp 2 weeks ago

The next scheduled "Network Management with the OpenBSD Packet Filter Toolset" fullday session is at EuroBSDcon in Zagreb, 2025-09-25 10:30–17:30: https://events.eurobsdcon.org/2025/talk/FW39CX/

register here: https://2025.eurobsdcon.org/registration.html

#openbsd #freebsd #pf #packetfilter #networking #security #eurobsdcon
BSDTV
@bsdtv@bsd.network  ·  activity timestamp last month

A new BSDCan video has been posted:

A packet's journey through pf By Kristof Provost

https://youtu.be/JtSg6ylDALo

A walkthrough of a packet's journey through (FreeBSD's) pf, concentrating on the big picture and its implications.

We'll cover when packets are inspected, when rules are evaluated and how states are used. Along the way we'll cover what DTrace probes can show us, what some of pfctl's counters mean and just how many times pf can look at a single packet.

This talk is intended for firewall admins looking for a deeper understanding and aspiring pf developers. It is not a "How to use pf" talk.

#pf #runbsd #freebsd