--- Log opened Wed Nov 19 00:00:20 2025
00:00 -!- Bradipo [~Bradipo@50.77.44.29] has quit [Ping timeout: 250 seconds]
00:01 -!- fro [fro@humpty.dance] has joined #openbsd
00:04 -!- adip [~adip@c145-48.icpnet.pl] has quit [Ping timeout: 246 seconds]
00:06 -!- byteskeptical [~amnesia@user/byteskeptical] has joined #openbsd
00:06 -!- jerryf [~jerryf@user/jerryf] has quit [Ping timeout: 272 seconds]
00:07 -!- fro [fro@humpty.dance] has quit [Remote host closed the connection]
00:08 -!- wmcd [~sombrero@user/sombrero] has joined #openbsd
00:08 -!- wmcd is now known as sombrero
00:08 -!- jerryf [~jerryf@user/jerryf] has joined #openbsd
00:18 -!- sunwind [~paradox@218.235.189.80.dyn.plus.net] has quit [Quit: Outside Context Problem.]
00:22 -!- jalfresi [~bendavies@81.187.186.224] has quit [Ping timeout: 252 seconds]
00:23 -!- seninha [~seninha@user/seninha] has joined #openbsd
00:25 -!- sunwind [~paradox@218.235.189.80.dyn.plus.net] has joined #openbsd
00:31 -!- fro [fro@humpty.dance] has joined #openbsd
00:31 -!- sjg [~sjg@user/sjg] has quit [Ping timeout: 264 seconds]
00:33 -!- sjg [~sjg@user/sjg] has joined #openbsd
00:33 -!- shahab [~shahab@user/shahab] has joined #openbsd
00:45 -!- kaotica [~user@user/d4q] has quit [Ping timeout: 256 seconds]
00:55 -!- enwu [~enwu@user/enwu] has quit [Ping timeout: 252 seconds]
00:57 -!- tozhu [~tozhu@223.87.244.17] has joined #openbsd
01:00 -!- c0co [~cc@81.78.145.32] has quit [Quit: Lost terminal]
01:01 -!- c0co [~cc@81.78.145.32] has joined #openbsd
01:01 -!- c0co [~cc@81.78.145.32] has quit [Changing host]
01:01 -!- c0co [~cc@user/c0co] has joined #openbsd
01:04 -!- enwu [~enwu@user/enwu] has joined #openbsd
01:08 -!- baz [~baz@user/baz] has quit [Remote host closed the connection]
01:08 -!- baz [~baz@user/baz] has joined #openbsd
01:09 -!- km [~km@c978F5BC1.dhcp.as2116.net] has quit []
01:11 -!- baz [~baz@user/baz] has quit [Remote host closed the connection]
01:12 -!- baz [~baz@user/baz] has joined #openbsd
01:13 -!- martian67 [~martian67@user/meow/martian67] has joined #openbsd
01:13 -!- Bokamosho [Bokamosho@thunderirc.net] has quit [Ping timeout: 244 seconds]
01:25 -!- gman999 [~GMan999@user/gman999] has joined #openbsd
01:29 -!- kaotica [~user@user/d4q] has joined #openbsd
01:31 -!- sjg [~sjg@user/sjg] has quit [Ping timeout: 244 seconds]
01:33 -!- sjg [~sjg@user/sjg] has joined #openbsd
01:41 -!- ecbrown [~user@user/ecbrown] has joined #openbsd
01:42 -!- Bokamosho [Bokamosho@bokamosho.thunderirc.net] has joined #openbsd
01:44 -!- enwu [~enwu@user/enwu] has quit [Ping timeout: 256 seconds]
01:48 -!- sjg [~sjg@user/sjg] has quit [Ping timeout: 264 seconds]
01:50 -!- sombrero [~sombrero@user/sombrero] has quit [Remote host closed the connection]
01:51 -!- sjg [~sjg@user/sjg] has joined #openbsd
01:52 -!- enwu [~enwu@user/enwu] has joined #openbsd
01:57 -!- fro [fro@humpty.dance] has quit [Quit: ..<cyp>: die bastards!@#&!#]
02:03 -!- frx [~frx@user/frx] has quit [Remote host closed the connection]
02:03 -!- nawcom_ [~nawcom@bulldadachat.com] has joined #openbsd
02:03 -!- nawcom [~nawcom@bulldadachat.com] has quit [Ping timeout: 252 seconds]
02:03 -!- nawcom_ is now known as nawcom
02:08 -!- frx [~frx@user/frx] has joined #openbsd
02:10 -!- martian67 [~martian67@user/meow/martian67] has quit [Remote host closed the connection]
02:10 -!- martinver [~martinver@200.68.171.238] has joined #openbsd
02:10 -!- martian67 [~martian67@user/meow/martian67] has joined #openbsd
02:10 -!- lfa [~lfa@fsf/member/lfa] has quit [Quit: See you soon]
02:11 -!- martinver [~martinver@200.68.171.238] has quit [Client Quit]
02:18 -!- xgpt [xgpt@user/xgpt] has quit [Quit: Goodbye! - The Lounge - https://thelounge.chat]
02:19 -!- xgpt [xgpt@user/xgpt] has joined #openbsd
02:21 -!- wmcd [~sombrero@user/sombrero] has joined #openbsd
02:21 -!- wmcd is now known as sombrero
02:25 -!- baz [~baz@user/baz] has quit [Remote host closed the connection]
02:26 -!- jgh [~jgh@hellmouth.gulag.org.uk] has quit [Remote host closed the connection]
02:28 -!- baz [~baz@user/baz] has joined #openbsd
02:29 -!- xx [~xx@user/xx] has quit [Ping timeout: 272 seconds]
02:29 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
02:37 -!- c0co [~cc@user/c0co] has quit [Quit: Lost terminal]
02:40 -!- sjg [~sjg@user/sjg] has quit [Ping timeout: 250 seconds]
02:41 -!- sjg [~sjg@user/sjg] has joined #openbsd
02:42 -!- jitter [~jitter@user/jitter] has quit [Ping timeout: 264 seconds]
02:44 -!- jitter [~jitter@193.178.58.8.dynamic-pppoe.dt.ipv4.wtnet.de] has joined #openbsd
02:44 -!- jitter [~jitter@193.178.58.8.dynamic-pppoe.dt.ipv4.wtnet.de] has quit [Changing host]
02:44 -!- jitter [~jitter@user/jitter] has joined #openbsd
02:45 -!- emigrant [emigrant@user/emigrant] has quit [Ping timeout: 250 seconds]
02:47 -!- emigrant [~emigrant@user/emigrant] has joined #openbsd
02:48 -!- bsandro [~bsandro@user/bsandro] has quit [Ping timeout: 264 seconds]
02:48 -!- bsandro [~bsandro@user/bsandro] has joined #openbsd
02:50 -!- MegaDrive [~MegaDrive@rundeck/MegaDrive] has quit [Remote host closed the connection]
02:55 -!- emigrant [~emigrant@user/emigrant] has quit [Ping timeout: 244 seconds]
02:56 -!- sombrero [~sombrero@user/sombrero] has quit [Ping timeout: 272 seconds]
02:57 -!- emigrant [emigrant@user/emigrant] has joined #openbsd
03:06 -!- baz [~baz@user/baz] has quit [Remote host closed the connection]
03:07 -!- baz [~baz@user/baz] has joined #openbsd
03:08 -!- tozhu [~tozhu@223.87.244.17] has quit [Ping timeout: 240 seconds]
03:14 -!- jerryf [~jerryf@user/jerryf] has quit [Remote host closed the connection]
03:14 -!- jerryf [~jerryf@user/jerryf] has joined #openbsd
03:18 -!- wmcd [~sombrero@user/sombrero] has joined #openbsd
03:18 -!- wmcd is now known as sombrero
03:23 -!- tvtoon [~The_cUnix@user/tvtoon] has quit [Quit: "Daishowri!"]
03:24 -!- mover [~hischild@user/mover] has quit [Quit: leaving]
03:30 -!- luscious1 [~luscious@user/lusciouslover] has joined #openbsd
03:30 -!- lusciouslover [~luscious@user/lusciouslover] has quit [Read error: Connection reset by peer]
03:33 -!- lusciouslover [~luscious@user/lusciouslover] has joined #openbsd
03:33 -!- luscious1 [~luscious@user/lusciouslover] has quit [Read error: Connection reset by peer]
03:41 -!- housemate [~housemate@203.30.2.71] has quit [Read error: Connection reset by peer]
03:41 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
03:44 -!- tozhu [~tozhu@139.207.54.9] has joined #openbsd
03:47 -!- sombrero [~sombrero@user/sombrero] has quit [Ping timeout: 272 seconds]
03:53 -!- zip100 [~zip100@185.209.196.241] has quit [Ping timeout: 252 seconds]
03:55 -!- zip100 [~zip100@185.209.196.163] has joined #openbsd
04:03 -!- ekix [~eki@88-148-144-106.bb.dnainternet.fi] has quit [Quit: leaving]
04:05 -!- eki [~eki@88-148-144-106.bb.dnainternet.fi] has joined #openbsd
04:26 -!- tozhu [~tozhu@139.207.54.9] has quit [Read error: Connection reset by peer]
04:28 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
04:29 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
04:35 -!- tozhu [~tozhu@139.207.54.9] has joined #openbsd
04:53 -!- seninha [~seninha@user/seninha] has quit [Quit: Leaving]
04:53 -!- tozhu [~tozhu@139.207.54.9] has quit [Read error: Connection reset by peer]
04:54 < cgnarne> mikrotik chs works. also 9front. 9legacy probably won't work rn
05:00 -!- ewig``` [~ewig```@user/ewig] has joined #openbsd
05:00 -!- Guest59237 [~quassel@185.9.78.55] has quit [Ping timeout: 244 seconds]
05:04 -!- Guest59237 [~quassel@185.9.78.55] has joined #openbsd
05:17 -!- housemate [~housemate@203.30.2.71] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.”]
05:18 -!- sonya [~nightwolf@gateway/tor-sasl/sonya] has joined #openbsd
05:19 -!- mappx [~mapp@user/mappx] has joined #openbsd
05:23 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
05:30 -!- nedko [~nedko@gateway/tor-sasl/nedko] has quit [Remote host closed the connection]
05:30 -!- nedko [~nedko@gateway/tor-sasl/nedko] has joined #openbsd
05:30 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has joined #openbsd
05:33 -!- jerryf [~jerryf@user/jerryf] has quit [Remote host closed the connection]
05:33 -!- jerryf [~jerryf@user/jerryf] has joined #openbsd
05:33 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has quit [Remote host closed the connection]
05:33 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has joined #openbsd
05:39 -!- slimeyballs [~Username@67.183.133.197] has quit [Read error: Connection reset by peer]
05:39 -!- slimeyballs [~Username@2601:601:d078:1370:98df:ff0:90a4:a67c] has joined #openbsd
05:46 -!- creeper [~Username@2601:601:d078:1370:98df:ff0:90a4:a67c] has joined #openbsd
05:47 -!- slimeyballs [~Username@2601:601:d078:1370:98df:ff0:90a4:a67c] has quit [Read error: Connection reset by peer]
05:52 -!- creeper [~Username@2601:601:d078:1370:98df:ff0:90a4:a67c] has quit [Ping timeout: 252 seconds]
05:53 -!- creeper [~Username@2601:601:d078:1370:98df:ff0:90a4:a67c] has joined #openbsd
05:57 -!- housemate [~housemate@203.30.2.71] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.”]
06:00 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
06:07 -!- sunwind [~paradox@218.235.189.80.dyn.plus.net] has quit [Quit: Outside Context Problem.]
06:07 -!- slimeyballs [~Username@67.183.133.197] has joined #openbsd
06:08 -!- shiranaihito_ [~shiranaih@2001:fb1:7d:d19e:1cf9:5467:7e7c:57f8] has joined #openbsd
06:09 -!- creeper [~Username@2601:601:d078:1370:98df:ff0:90a4:a67c] has quit [Ping timeout: 252 seconds]
06:15 -!- martian67 [~martian67@user/meow/martian67] has quit [Remote host closed the connection]
06:15 -!- martian67 [~martian67@user/meow/martian67] has joined #openbsd
06:29 -!- librecat [uid714233@id-714233.helmsley.irccloud.com] has joined #openbsd
06:30 -!- fede [~fede@37.161.188.59] has quit [Ping timeout: 264 seconds]
06:30 -!- fede [~fede@37.163.88.133] has joined #openbsd
06:44 -!- zapata [~zapata@user/zapata] has joined #openbsd
06:45 -!- ivdsangen [~ivo@83-84-59-127.cable.dynamic.v4.ziggo.nl] has joined #openbsd
06:48 < librecat> i got cloudflared running on openbsd
06:48 < librecat> i took the freebsd patches and modified them
06:49 < librecat> im happy to have an openbsd selfhosted home server :)
06:54 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
06:55 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
06:56 -!- lagrange [~john@user/lagrange] has joined #openbsd
06:59 -!- shiranaihito_ [~shiranaih@2001:fb1:7d:d19e:1cf9:5467:7e7c:57f8] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
07:01 -!- qqe [~qqq@185.54.21.140] has joined #openbsd
07:03 < mischief> did you need to involve cloudflare though
07:04 < IcePic> yeah, the words "selfhosting" and making a dependency on clownflare seems a bit opposite
07:05 < WrezHole> yeah, the words "selfhosting" and making a dependency on clownflare seems a bit opposite
07:07 < WrezHole> Sorry about that.
07:07 < WrezHole> just marked it and my cat click on the mouse 
07:08 < IcePic> that cat posts really smart content. ;)
07:09 < WrezHole> indeed. 
07:10 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has quit [Remote host closed the connection]
07:11 -!- ewig``` [~ewig```@user/ewig] has quit [Remote host closed the connection]
07:12 -!- struchu [~struchu@staticline-31-183-133-251.toya.net.pl] has joined #openbsd
07:12 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has joined #openbsd
07:13 -!- fede [~fede@37.163.88.133] has quit [Ping timeout: 264 seconds]
07:13 < mischief> i was thinking about selfhosting on your own residential isp, after reading some comments on hn about these 'ddos protection' services
07:14 < mischief> some people claimed some hosting providers either drop you as a customer, or start blackholing the upstream traffic, but i wonder what happens on residential isps
07:15 < mischief> i host some stuff at home today like gitlab, but never been 'ddosed' besides the usual ai zeitgeist
07:16 -!- abcba [~abcba@46.191.233.16] has quit [Ping timeout: 265 seconds]
07:17 -!- abcba [~abcba@136.169.173.16] has joined #openbsd
07:26 < thrig> selfhosting can be tricky if the ISP disallows inbound connections
07:31 < vortexx> if you're behind CGNAT you've got an issue. Thus someone in here's need to run wg from the home to the VPS and run all the https traffic to the VPS via the wg tunnel to the selfhosted sites behind the home router
07:31 < vortexx> I've been selfhosting for 10 years with a couple of Swiss ISPs (admittedly ones who cater to geeks) and not had issues
07:31 -!- baz [~baz@user/baz] has quit [Remote host closed the connection]
07:32 < vortexx> (mostly nextcloud)
07:32 -!- baz [~baz@user/baz] has joined #openbsd
07:34 < mischief> is that init7
07:42 -!- ixc [~ixc@user/ixc] has joined #openbsd
07:45 -!- echelon [~steerpike@gateway/tor-sasl/steerpike] has quit [Remote host closed the connection]
07:45 -!- echelon [~steerpike@gateway/tor-sasl/steerpike] has joined #openbsd
07:46 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
07:46 -!- jerryf [~jerryf@user/jerryf] has quit [Remote host closed the connection]
07:46 -!- nedko [~nedko@gateway/tor-sasl/nedko] has quit [Remote host closed the connection]
07:46 -!- eniac [~eniac@user/eniac] has quit [Remote host closed the connection]
07:46 -!- psydroid3 [~psydroid@185.99.206.53] has joined #openbsd
07:46 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
07:47 -!- jerryf [~jerryf@user/jerryf] has joined #openbsd
07:48 -!- eniac [~eniac@user/eniac] has joined #openbsd
07:48 -!- rfmoz [~rfmoz@static-145-126-230-77.ipcom.comunitel.net] has joined #openbsd
07:49 -!- nedko [~nedko@gateway/tor-sasl/nedko] has joined #openbsd
07:50 -!- foton [~unknown@user/foton] has quit [Quit: WeeChat 4.5.1]
07:52 -!- foton [~unknown@user/foton] has joined #openbsd
08:09 -!- zimmer__ [~zimmer@user/zimmer] has joined #openbsd
08:12 -!- zimmer [~zimmer@user/zimmer] has quit [Ping timeout: 264 seconds]
08:16 -!- shiranaihito_ [~shiranaih@156.59.50.245] has joined #openbsd
08:18 -!- nature [~nature@64.137.144.64] has quit [Ping timeout: 255 seconds]
08:21 -!- housemate [~housemate@203.30.2.71] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
08:21 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
08:23 -!- szilard [~szilard@1F2EF991.nat.pool.telekom.hu] has quit [Remote host closed the connection]
08:24 -!- szilard [~szilard@1F2EF991.nat.pool.telekom.hu] has joined #openbsd
08:33 < librecat> vortexx: yes im behind CGNAT but i might want to rent the cheapest vps to use as a reverse proxy using httpd yes
08:33 -!- feriman [~feriman@user/feriman] has joined #openbsd
08:43 -!- emmanuelux [~emmanuelu@user/emmanuelux] has quit [Remote host closed the connection]
08:48 -!- b50d [~b50d@62.96.54.30] has joined #openbsd
08:53 -!- ewig [~ewig@user/ewig] has joined #openbsd
08:58 -!- housemate [~housemate@203.30.2.71] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
08:59 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
09:02 -!- jerryf [~jerryf@user/jerryf] has quit [Remote host closed the connection]
09:03 -!- jalfresi [~bendavies@224.186.187.81.in-addr.arpa] has joined #openbsd
09:04 -!- jerryf [~jerryf@user/jerryf] has joined #openbsd
09:05 -!- xx [~xx@user/xx] has joined #openbsd
09:07 -!- fede [~fede@37.163.88.133] has joined #openbsd
09:09 -!- CrimeWave [~Ebox-MTL@user/CrimeWave] has quit [Quit: Electronic Box Montréal - Textual IRC 7.2.6 OSX]
09:24 -!- fede [~fede@37.163.88.133] has quit [Remote host closed the connection]
09:24 -!- fede [~fede@37.163.88.133] has joined #openbsd
09:30 -!- foton [~unknown@user/foton] has quit [Quit: WeeChat 4.5.1]
09:30 -!- foton [~unknown@user/foton] has joined #openbsd
09:33 -!- skippy8 [~skippy8@user/Skippy8] has joined #openbsd
09:37 -!- lusciouslover [~luscious@user/lusciouslover] has quit [Ping timeout: 264 seconds]
09:38 -!- lusciouslover [~luscious@user/lusciouslover] has joined #openbsd
09:40 -!- tozhu [~tozhu@223.87.244.17] has joined #openbsd
09:40 -!- tozhu [~tozhu@223.87.244.17] has quit [Client Quit]
09:40 -!- tozhu [~tozhu@223.87.244.17] has joined #openbsd
09:42 -!- skippy8 [~skippy8@user/Skippy8] has quit [Quit: WeeChat 4.7.1]
09:43 -!- skippy8 [~skippy8@user/Skippy8] has joined #openbsd
09:43 -!- tozhu [~tozhu@223.87.244.17] has quit [Client Quit]
09:45 -!- zcram [~zcram@user/zcram] has joined #openbsd
09:46 -!- psydroid3 [~psydroid@185.99.206.53] has quit [Quit: KVIrc 5.2.6 Quasar http://www.kvirc.net/]
09:52 -!- hugohagogo [~cleber@user/hugohagogo] has joined #openbsd
10:04 -!- bigato [~bigato@user/bigato] has joined #openbsd
10:05 -!- lavaball [~Melissa@31.204.155.215] has joined #openbsd
10:08 -!- tozhu [~tozhu@223.87.244.17] has joined #openbsd
10:10 -!- foton [~unknown@user/foton] has quit [Quit: WeeChat 4.5.1]
10:10 -!- foton [~unknown@user/foton] has joined #openbsd
10:16 -!- foton [~unknown@user/foton] has quit [Quit: WeeChat 4.5.1]
10:20 -!- foton [~unknown@user/foton] has joined #openbsd
10:21 -!- housemate [~housemate@203.30.2.71] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
10:22 -!- jalfresi [~bendavies@224.186.187.81.in-addr.arpa] has quit [Ping timeout: 264 seconds]
10:26 -!- MrPlop [~cedric@bender.ddpo.be] has quit [Read error: Connection reset by peer]
10:26 -!- tozhu [~tozhu@223.87.244.17] has quit [Ping timeout: 240 seconds]
10:31 -!- MrPlop [~cedric@bender.ddpo.be] has joined #openbsd
10:32 -!- tozhu [~tozhu@223.87.244.17] has joined #openbsd
10:34 -!- foton [~unknown@user/foton] has quit [Quit: WeeChat 4.5.1]
10:38 -!- skippy8 [~skippy8@user/Skippy8] has quit [Quit: WeeChat 4.7.1]
10:39 -!- tozhu [~tozhu@223.87.244.17] has quit [Read error: Connection reset by peer]
10:41 -!- tozhu [~tozhu@223.87.244.17] has joined #openbsd
10:42 -!- m1dnight [~m1dnight@d8D861A17.access.telenet.be] has quit [Ping timeout: 240 seconds]
10:45 -!- qqe [~qqq@185.54.21.140] has quit [Remote host closed the connection]
10:45 -!- rc [~rc@user/rc] has quit [Quit: nyaa~]
10:47 -!- m1dnight [~m1dnight@d8D861A17.access.telenet.be] has joined #openbsd
10:53 -!- zcram [~zcram@user/zcram] has quit [Quit: Do the right thing.]
10:54 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
10:55 -!- foton [~unknown@user/foton] has joined #openbsd
10:56 -!- Guest59237 [~quassel@185.9.78.55] has quit [Ping timeout: 256 seconds]
10:56 -!- Guest59237 [~quassel@185.9.78.28] has joined #openbsd
10:57 -!- jgh [~jgh@hellmouth.gulag.org.uk] has joined #openbsd
11:01 -!- tochu [~tozhu@223.87.244.17] has joined #openbsd
11:02 -!- tozhu [~tozhu@223.87.244.17] has quit [Ping timeout: 240 seconds]
11:02 -!- tochu is now known as tozhu
11:04 -!- foton [~unknown@user/foton] has quit [Quit: WeeChat 4.5.1]
11:05 -!- tochu [~tozhu@223.87.244.17] has joined #openbsd
11:06 -!- tozhu [~tozhu@223.87.244.17] has quit [Ping timeout: 240 seconds]
11:06 -!- tochu is now known as tozhu
11:12 -!- Guest25 [~Guest25@38.90.18.38] has joined #openbsd
11:14 -!- tochu [~tozhu@223.87.244.17] has joined #openbsd
11:15 -!- tozhu [~tozhu@223.87.244.17] has quit [Ping timeout: 240 seconds]
11:15 -!- tochu is now known as tozhu
11:26 -!- tochu [~tozhu@223.87.244.17] has joined #openbsd
11:27 -!- tozhu [~tozhu@223.87.244.17] has quit [Ping timeout: 240 seconds]
11:27 -!- tochu is now known as tozhu
11:32 -!- mover [~hischild@user/mover] has joined #openbsd
11:39 -!- tozhu [~tozhu@223.87.244.17] has quit [Quit: tozhu]
11:39 -!- uzuri [~uzuri@user/uzuri] has quit [Read error: Connection reset by peer]
11:45 -!- Guest25 [~Guest25@38.90.18.38] has quit [Quit: Client closed]
11:50 -!- xet7 [~xet7@user/xet7] has quit [Remote host closed the connection]
11:50 -!- WrezHole [~wrezhole@user/WrezHole] has quit [Quit: leaving]
11:50 -!- housemate [~housemate@203.30.2.71] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
11:51 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
11:53 -!- wrezhole [~wrezhole@user/WrezHole] has joined #openbsd
11:56 -!- foton [~unknown@user/foton] has joined #openbsd
11:58 -!- jalfresi [~bendavies@224.186.187.81.in-addr.arpa] has joined #openbsd
12:01 -!- housemate [~housemate@203.30.2.71] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
12:02 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
12:08 -!- housemate [~housemate@203.30.2.71] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
12:08 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
12:10 -!- cpk1 [~cpk@185.172.87.163] has quit [Quit: WeeChat 3.2.1]
12:11 -!- djhankb9311 [~djhankb@ip-208-113-164-68.nodes.dream.io] has joined #openbsd
12:12 < avemestr> deimosBSD: I noticed your dmesg at NYC*BSD on Protectli devices... Are you happy with them running OpenBSD? Any issues to be aware of?
12:13 < sibiria> it's chinese OEM hardware, which is a potential cause of concern
12:14 < sibiria> got one in "lab" at work, not running openbsd, and hardware-wise it's a decent piece of equipment
12:15 -!- byteskeptical [~amnesia@user/byteskeptical] has quit [Quit: Lost terminal]
12:16 -!- fossdd [~fossdd@sourcehut/user/fossdd] has quit [Ping timeout: 255 seconds]
12:17 < avemestr> sibiria: You're still happy with the Odroid?
12:24 -!- abcba [~abcba@136.169.173.16] has quit [Ping timeout: 252 seconds]
12:25 -!- ohnoagain [~ohnoagain@81.209.189.43] has joined #openbsd
12:26 -!- abcba [~abcba@46.191.233.16] has joined #openbsd
12:32 < sibiria> avemestr: very
12:36 -!- ohnoagain [~ohnoagain@81.209.189.43] has quit [Quit: Client closed]
12:45 -!- niftily [~niftily@user/niftily] has joined #openbsd
12:48 -!- seninha [~seninha@user/seninha] has joined #openbsd
12:58 -!- Leone [~Leo@104-195-203-103.cpe.teksavvy.com] has joined #openbsd
12:59 -!- fvincenzo [~somebody@fw-tnat-cam5.arm.com] has quit [Remote host closed the connection]
13:04 -!- fvincenzo [~somebody@fw-tnat-cam5.arm.com] has joined #openbsd
13:17 -!- cpk [~cpk@185.172.87.163] has joined #openbsd
13:25 -!- brynet [~brynet@brynet.ca] has quit [Quit: leaving]
13:31 -!- zapata [~zapata@user/zapata] has quit [Quit: zapata]
13:32 -!- jerryf [~jerryf@user/jerryf] has quit [Remote host closed the connection]
13:32 -!- jerryf [~jerryf@user/jerryf] has joined #openbsd
13:35 -!- lavaball [~Melissa@31.204.155.215] has quit [Quit: lavaball]
13:35 -!- lavaball [~Melissa@31.204.155.215] has joined #openbsd
13:38 -!- aaro [aaro@user/aaro] has quit [Ping timeout: 244 seconds]
13:40 -!- zcram [~zcram@user/zcram] has joined #openbsd
13:44 -!- qqe [~qqq@185.54.21.140] has joined #openbsd
13:44 -!- abcba [~abcba@46.191.233.16] has quit [Quit: Lost terminal]
13:44 -!- ublx [~ublx@user/ublx] has joined #openbsd
13:45 -!- niftily [~niftily@user/niftily] has quit [Quit: leaving]
13:47 -!- uzuri [~uzuri@user/uzuri] has joined #openbsd
13:47 -!- aaro [aaro@user/aaro] has joined #openbsd
13:51 -!- daugaard [~daugaard@user/daugaard] has joined #openbsd
13:52 -!- uzuri [~uzuri@user/uzuri] has quit [Read error: Connection reset by peer]
13:54 -!- qqe [~qqq@185.54.21.140] has quit [Quit: Lost terminal]
13:59 -!- objectliteral [~objectlit@user/objectliteral] has joined #openbsd
14:00 -!- corg [~corg@242.171-64-87.adsl-dyn.isp.belgacom.be] has joined #openbsd
14:00 -!- corg [~corg@242.171-64-87.adsl-dyn.isp.belgacom.be] has quit [Client Quit]
14:01 -!- wrezhole [~wrezhole@user/WrezHole] has quit [Quit: leaving]
14:01 -!- niftily [~niftily@user/niftily] has joined #openbsd
14:02 -!- WrezHole [~wrezhole@user/WrezHole] has joined #openbsd
14:09 -!- brynet [~brynet@brynet.ca] has joined #openbsd
14:15 -!- fixou [~fixou@212.114.19.0] has quit [Quit: The Lounge - https://thelounge.chat]
14:17 -!- fixou [~fixou@212.114.19.0] has joined #openbsd
14:27 -!- niftily [~niftily@user/niftily] has quit [Quit: leaving]
14:29 -!- tozhu [~tozhu@218.89.244.138] has joined #openbsd
14:33 -!- nature [~nature@64.137.144.64] has joined #openbsd
14:36 -!- mmlj4 [~mmlj4@ip174-69-111-3.no.no.cox.net] has left #openbsd [G'bye]
14:46 -!- ublx [~ublx@user/ublx] has quit [Quit: ublx]
14:49 -!- tozhu [~tozhu@218.89.244.138] has quit [Quit: tozhu]
14:50 -!- tozhu [~tozhu@218.89.244.138] has joined #openbsd
14:54 -!- housemate [~housemate@203.30.2.71] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
14:56 -!- housemate [~housemate@203.30.2.71] has joined #openbsd
15:07 -!- tronexte [~X@82.102.30.18] has quit [Ping timeout: 265 seconds]
15:08 -!- tronexte [~X@82.102.30.18] has joined #openbsd
15:10 -!- polishdub [~polishdub@ip72-208-203-185.ph.ph.cox.net] has quit [Ping timeout: 240 seconds]
15:12 -!- polishdub [~polishdub@ip72-208-203-185.ph.ph.cox.net] has joined #openbsd
15:19 -!- lavaball [~Melissa@31.204.155.215] has quit [Remote host closed the connection]
15:27 -!- tozhu [~tozhu@218.89.244.138] has quit [Quit: tozhu]
15:27 -!- tozhu [~tozhu@218.89.244.138] has joined #openbsd
15:29 -!- SirJitsu1 [~SirJitsu@162-231-111-175.lightspeed.livnmi.sbcglobal.net] has joined #openbsd
15:29 < unpx> Hello there, I'm trying to fix a configuration in relayd.conf and httpd.conf. It was supposed to work setting X-Forwarded-Fro and some other similar header, but httpd logs "style forwarded" are not giving me the remote host who is doing the connection
15:33 -!- struchu [~struchu@staticline-31-183-133-251.toya.net.pl] has quit [Quit: WeeChat 4.7.1]
15:37 < lts-> unpx: 'match request header set "X-Forwarded-For" value "$REMOTE_ADDR"' should bring the remote host to the end of the log entries of /var/www/logs/access.log
15:41 -!- lil_lasagna [~Ivan@178.237.235.249] has joined #openbsd
15:41 -!- luna-gavle [bittin@triton.blinkenshell.org] has quit [Quit: leaving]
15:41 -!- lagrange [~john@user/lagrange] has quit [Quit: leaving]
15:49 -!- CrashOverride [~strcat@p548554a8.dip0.t-ipconnect.de] has joined #openbsd
15:53 -!- tozhu [~tozhu@218.89.244.138] has quit [Quit: tozhu]
15:54 -!- alx- [~alx@195.15.28.34] has quit [Read error: Connection reset by peer]
15:55 -!- alx- [~alx@195.15.28.34] has joined #openbsd
15:55 < unpx> lts-: ty! But where can I see the relayd logs?
15:59 < lts-> unpx: if you have "log connection" in /etc/relayd.conf, AFAIK the messages appearing at /var/log/daemon are the ones you get
15:59 -!- uzuri [~uzuri@user/uzuri] has joined #openbsd
16:01 < unpx> lts-: okay, because I'm know trying to guess who is trying to "DDOS" my gitea instance. It looks like someone is wget-ing everything
16:02 < thrig> AI! AI! AI!
16:02 < unpx> Because now that I made hidden some repos, they are continuing to ping on those urls
16:03 < thrig> ban them all. or feed them bad data (which costs you BW)
16:03 < unpx> Point was: gitea was opening too many files and then crashed
16:04 -!- c0co [~cc@81.78.145.32] has joined #openbsd
16:05 -!- DetourNetworkUK [DetourNetw@user/DetourNetworkUK] has quit [Read error: Connection reset by peer]
16:05 < lts-> You should get the remote IP with the above logs, and then you can whois it and see that it's indeed one of the big AI providers
16:06 -!- c0co [~cc@81.78.145.32] has quit [Changing host]
16:06 -!- c0co [~cc@user/c0co] has joined #openbsd
16:06 -!- DetourNetworkUK [~DetourNet@user/DetourNetworkUK] has joined #openbsd
16:06 < unpx> thrig: I was trying with pf rules, but it looks like a lot of different ips
16:08 -!- uwharrie [~uwharrie@user/uwharrie] has left #openbsd []
16:08 < c0co> hello
16:09 < pardis> unpx: this might be helpful https://github.com/ai-robots-txt/ai.robots.txt
16:09 < pardis> if you want to be sure they're blocked instead of relying on them honouring robots.txt, you might be able to adapt the nginx config snippet for relayd
16:11 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has quit [Remote host closed the connection]
16:11 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has joined #openbsd
16:12 < thrig> meanwhile, gemini://gemini.conman.org/boston/2025/11/18.2
16:16 -!- kaotica [~user@user/d4q] has quit [Ping timeout: 264 seconds]
16:17 < unpx> Ah I see, something like this: https://michal.sapka.pl/weblog/2023/blocking-bad-bots-openbsd/ <<< block request header "User-Agent" value "blob"
16:17 -!- Bradipo [~Bradipo@50.77.44.29] has joined #openbsd
16:21 -!- polarian [~polarian@znc.polarian.dev] has quit [Excess Flood]
16:21 < unpx> thrig: sadly the UA is [User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36]
16:21 < unpx> uoop, I meant pardis:
16:22 < thrig> yeah they fake the UA, and also proxy through residential IP ranges, the bastards!
16:24 -!- polarian [~polarian@znc.polarian.dev] has joined #openbsd
16:25 -!- fro [fro@humpty.dance] has joined #openbsd
16:26 < c0co> Yeah I just arbitrarily and without a second thought block anything that sends more than 15 requests to my server in under 20 seconds 
16:26 < c0co> permanently block
16:26 < c0co> I haven't checked out my list of blocked IPs lately but it's gotta be in the tens of thousands
16:27 < c0co> i do not need to be search-indexed. I do not need Shodan to detail my server. I do not consent to people clicking fast
16:28 < thrig> and also https://github.com/Xorlent/Internet-Scanners to cut down on the log noise
16:28 < thrig> and also the spamhaus drop list will whack off another bunch of subnets
16:29 < unpx> thrig: that can go into a permatable on pf I guess
16:30 < avemestr> I just use pf-badhost and block Russia, China, and similar countries. Doesn't help with crawlers running on AWS, but it do remove a lot of traffic. If one is so inclined, one might add known AI ASN(s) to the script as well.
16:31 < unpx> Because the poor gitea is now taking about 3s to reply now that I made repo public again
16:31 -!- polarian [~polarian@znc.polarian.dev] has quit [Excess Flood]
16:31 -!- polarian [~polarian@znc.polarian.dev] has joined #openbsd
16:31 < Bradipo> spamhaus tracks web spam as well as email?
16:31 < tk> I read the pf.conf man page a bit more, and I finally figured out how to solve that full NAT problem. It's blindingly obvious in retrospect.
16:32 < avemestr> unpx: Take a look at https://www.geoghegan.ca/pfbadhost.html (the script is from 2021, but the lists of blocked IPs are updated daily)
16:32 < thrig> https://www.spamhaus.org/drop/drop_v4.json https://www.spamhaus.org/drop/drop_v6.json
16:33 < tk> pass in on egress ... to self port ... rdr-to <target>
16:34 < Bradipo> I've stopped using spamhaus, or any other RBL for that matter.  They don't get to decide what I permit.
16:35 < tk> pass out on <interface-target-is-routable-via> ... to <target> ... nat-to (<interface-target-is-routable-via>:0)
16:35 < Bradipo> That being said, I don't seem to have any of the typical bot problems slowing down my sites...
16:36 < thrig> probably depends on what's on the site, like if there are git repos or something
16:36 < tk> i don't get how we didn't figure this out the last time
16:36 < tk> I actually re-read the logs and don't getit
16:36 < avemestr> tk: So a bit like the line just above the "DNS" headline on this page? https://www.openbsd.org/faq/pf/example1.html
16:37 < tk> no
16:37 < tk> that's just port forwarding
16:37 -!- housemate_ [~housemate@203.56.146.120] has joined #openbsd
16:38 < tk> the problem is that in the case you show 192.168.1.2 sees traffic aimed at it, coming from internet IPs
16:38 < tk> and when 192.168.1.2 replies, the packets are from 192.168.1.2 to an internet IP. this necessitates that 192.168.1.2 knows to route the packet to the internet back via the router
16:38 < tk> but in my case, there are multiple paths back to the internet
16:39 < tk> and the default route is not the one I want to take, but I also can't make any meaningful routing table change because the source IPs are dynamic
16:39 < tk> this could potentially also be solved with tunnels but I didn't want tunnels over a tunnel
16:40 < tk> what I needed to do is to accept traffic aimed at me, but redirect it to another host (port forwarding), but also make it look like _I_ sent the packets (nat) at the same time
16:40 < avemestr> Ah, okay.
16:40 < tk> so that the host knew to send the packets back to me, and didn't try to send them directly, as they would get routed via a different gateway, which would also apply NAT, and which would mean that the original client would get replies from the wrong IP
16:40 -!- housemate [~housemate@203.30.2.71] has quit [Ping timeout: 264 seconds]
16:41 -!- martinver [~martinver@200.68.171.186] has joined #openbsd
16:42 -!- housemate_ [~housemate@203.56.146.120] has quit [Ping timeout: 250 seconds]
16:44 -!- martinver [~martinver@200.68.171.186] has quit [Client Quit]
16:44 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has quit [Ping timeout: 272 seconds]
16:44 -!- housemate [~housemate@203.56.146.68] has joined #openbsd
16:46 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has joined #openbsd
16:49 -!- housemate [~housemate@203.56.146.68] has quit [Remote host closed the connection]
16:49 -!- housemate [~housemate@203.56.146.68] has joined #openbsd
16:53 -!- jgh [~jgh@hellmouth.gulag.org.uk] has quit [Remote host closed the connection]
16:56 -!- fede [~fede@37.163.88.133] has quit [Ping timeout: 255 seconds]
16:56 < unpx> avemestr: thank you, I may have exagerated a bit: IPv4 addresses in table:  1779198705
16:56 -!- fede [~fede@78.210.118.34] has joined #openbsd
16:56 < unpx> pfctl: Current pool size exceeds requested table-entries limit 200000
16:56 -!- martinver [~martinver@200.68.171.186] has joined #openbsd
16:58 < lts-> ":D"
17:00 < lts-> use "set limit table-entries 9999999999" in beginning of pf.conf
17:01 < tk> okay, weird, I tried _exactly_ this earlier this year and it didn't work, maybe it was just a bug in an earlier OpenBSD
17:01 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
17:01 -!- martinver [~martinver@200.68.171.186] has quit [Client Quit]
17:01 -!- zimmer__ [~zimmer@user/zimmer] has quit [Ping timeout: 250 seconds]
17:01 < unpx> lts-: nice try: /etc/pf.conf:5: only positive values permitted
17:01 < unpx> Is this an integer overflow??
17:02 < lts-> Probably yes
17:02 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
17:02 < lts-> 1779198705 is 41% of all IPv4 address space
17:03 -!- housemate_ [~housemate@202.7.248.56] has joined #openbsd
17:04 -!- lavaball [~Melissa@31.204.155.215] has joined #openbsd
17:04 -!- housemate [~housemate@203.56.146.68] has quit [Ping timeout: 250 seconds]
17:04 < lts-> For a more useful advice, I've heard a couple reports that just updating robots.txt and blocking Meta address space has cut down traffic for 99%+
17:05 -!- manis [01a66df340@185.72.67.185] has joined #openbsd
17:05 -!- frankyfrank__ [~housemate@203.56.146.68] has joined #openbsd
17:05 -!- feriman [~feriman@user/feriman] has quit [Read error: Connection reset by peer]
17:05 < lts-> You can start with e.g. https://wiki.gentoo.org/robots.txt
17:06 < unpx> lts-: dunno if just putting here an IP is okay, but here is a sample: 124.243.188.12
17:07 < lts-> Seems to be Huawei
17:07 -!- housemate_ [~housemate@202.7.248.56] has quit [Ping timeout: 250 seconds]
17:10 < Bradipo> My robots.txt is fairly simple... 
17:10 < Bradipo> user-agent: * ... disallow: /
17:10 < vortexx> mischief: yes I'm on init7
17:16 -!- fart_cat [~fart_cat@user/fart-cat:36778] has joined #openbsd
17:19 < unpx> Bradipo: sadly, that doesn't always work. Some bot are required to be spelled
17:25 < Bradipo> unpx: I don't think so.
17:27 -!- frankyfrank__ [~housemate@203.56.146.68] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
17:28 < Bradipo> unpx: At any rate, there's always https://zadzmo.org/code/nepenthes/
17:38  * sonya noticed an example how to reject ai-scrapers instead of 'Anubis' (less resources and much more simple in configuration). the idea is to check defined Cookie and, if there's none (ai, ignoring robots.txt and Cookies), - return html-stopper with js setting required Cookie and returning at the same page.. here's the examples for nginx and caddy →  https://termbin.com/lg2b ... sorry for offtopic
17:39 < humm> ah, yes, blocking people not using js or not using cookies
17:41 -!- feriman [~feriman@user/feriman] has joined #openbsd
17:41 < sonya> well.. anyway it's better than 'Anubis' in all respects.. imho..
17:48 < c0co> I think the solution to the anubis "Anime girl" problem is to put an anime girl on *every* "WAF" so that they can be judged on their merits alone
17:50 < IcePic> this is why AI is so good at rendering anime girls, they are trained on zillions of anubis pages where they only get to see that
17:50 < lts-> Just put a non-anime non-child pinup girl there
17:52 -!- seninha [~seninha@user/seninha] has quit [Quit: Leaving]
17:58 -!- rfmoz [~rfmoz@static-145-126-230-77.ipcom.comunitel.net] has quit [Remote host closed the connection]
17:58 -!- vados [~vados@46-133-10-203.mobile.vf-ua.net] has joined #openbsd
17:58 -!- b50d [~b50d@62.96.54.30] has quit [Remote host closed the connection]
18:01 -!- zimmer [~zimmer@user/zimmer] has joined #openbsd
18:03 < unpx> lts-: oh, I enabled aggregate and now it is 965503287
18:06 < lts-> Well then, now it's only 22% 
18:14 -!- abcba [~abcba@46.191.233.16] has joined #openbsd
18:15 -!- nsuperbus_ [~nsuperbus@host-46-251-26-104.kabelnet.hu] has quit [Quit: goodbye]
18:16 < unpx> lts-: at this point it would be easier to make a whitelist :^)
18:16 -!- nsuperbus [~nsuperbus@host-46-251-26-104.kabelnet.hu] has joined #openbsd
18:26 -!- adip [~adip@c145-48.icpnet.pl] has joined #openbsd
18:26 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
18:26 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
18:31 -!- spuos [~spuos@47.14.132.153] has joined #openbsd
18:32 -!- sjg [~sjg@user/sjg] has quit [Ping timeout: 244 seconds]
18:33 < pardis> or block /24s instead of individual addresses
18:34 -!- sjg [~sjg@user/sjg] has joined #openbsd
18:34 -!- gce108 [~gce@user/gce108] has joined #openbsd
18:34 < thrig> or /22 or whatevers if random brazil cloud ranges are spamming your system
18:36 -!- fossdd [~fossdd@sourcehut/user/fossdd] has joined #openbsd
18:42 -!- fossdd [~fossdd@sourcehut/user/fossdd] has quit [Remote host closed the connection]
18:45 -!- housemate [~housemate@202.7.247.155] has joined #openbsd
18:45 -!- fossdd [~fossdd@sourcehut/user/fossdd] has joined #openbsd
18:46 < lts-> At this point you can consider why ipv6 is not always that great in real life
18:48 < thrig> with ipv6 you start with /64 bans by default
18:48 -!- fede [~fede@78.210.118.34] has quit [Ping timeout: 264 seconds]
18:48 -!- fede [~fede@37.160.37.224] has joined #openbsd
18:52 -!- lagrange [~john@user/lagrange] has joined #openbsd
18:54 -!- housemate [~housemate@202.7.247.155] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
18:54 -!- ublx [~ublx@user/ublx] has joined #openbsd
18:56 -!- housemate [~housemate@202.7.247.155] has joined #openbsd
18:57 < c0co> i think I block 16s lol
18:58 < c0co> i also pipe all SSH spam directly to PF
18:58 < c0co> nice try "admin", if that is your real name!
18:59 < thrig> ssh I whitelist to a few subnets
19:00 < lts-> Wireguard is great - it responds with nothing unless your initial contact had the right private key material
19:01 -!- jab [~user@user/jab] has joined #openbsd
19:02 < uzuri> lts-: i love wireguard but dont know much about vpns generally
19:02 -!- vados [~vados@46-133-10-203.mobile.vf-ua.net] has quit [Read error: Connection reset by peer]
19:03 < uzuri> i know wg has a smaller codebase than openvpn but is it actually more secure?
19:03 < uzuri> not as old (and possibly) mature as ovpn
19:03 < thrig> never did figure out how to setup openvpn, but I do have wireguard running
19:04 < uzuri> or is another protocol the best option?
19:04 < uzuri> (looking at you ipsex)
19:04 < uzuri> ***********ipsec
19:04 < Bradipo> c0co: I often wonder how successful the SSH spam is in finding open accounts.
19:05 < lts-> I would argue wireguard and openVPN are both secure. OpenVPN even has plenty of features wireguard does not. Plenty of scrutiny has been given to both
19:05 < thrig> rpi used to ship running sshd by default with a known static password
19:05 < Bradipo> The only account that they try that exists on my system is "root" and it isn't permitted to login as "root".  The rest of the accounts that they try are all non-existent.
19:06 < thrig> also for historic reasons many research or academic sites wanted to be "open" and not have firewalls
19:06 < pardis> wouldn't be surprised if they try accounts that exist by default in popular cloud images
19:06 < thrig> so back then plugging an unpatched windows system onto the network would get it hacked in under 30 seconds
19:06 < pardis> if you bother to set up your own user accounts, you are probably already not their target demographic
19:07 < lts-> So many n00bs placing insecure services against Internet.
19:09 < mischief> a long time ago i accidentally had an edgerouter lite with ssh/default pass exposed to the wan
19:09 < mischief> it got popped pretty quickly
19:10 < spuos> oh wow my irc talk perms weren't active
19:11 < spuos> oops lol 
19:11 < spuos> I'm not proud to say this, but I haven't touched my firewall since I set up PF rules. what was that manpage with after install maintainence? 
19:11 < spuos> also, does anyone know how I'd learn about what manpages relate to libtls? 
19:12 -!- fro [fro@humpty.dance] has quit [Remote host closed the connection]
19:12 < spuos> and yes I can appreciate the irony of thie room talking about lusers getting pwned 
19:12 < lts-> I've seen a DMZ host get popped by a script kiddie. From what I could tell, they could have wiped the whole company. Fortunately the attacker didn't know how to use tmux.
19:12 < humm> spuos: you mean afterboot(8)?
19:14 < dennis> spuos: man man is pretty great. It tells you how you can search for stuff in man. Specifically, check out -k and apropos
19:14 < c0co> Bradipo: reasonably successful I'd imagine. There are an awful lot of poorly configured servers and home routers out there, people who either don't care or don't understand the security implications, bad default settings in certian routers and operating systems etc - gotta build a botnet somehow afterall.
19:15 < humm> spuos: and /usr/src/etc/root/root.mail
19:19 -!- skippy8 [~skippy8@185.224.112.81] has joined #openbsd
19:22 < spuos> humm: thanks. what's /usr/src/etc/root/root.mail? 
19:28 < humm> spuos: A message that attempts to describe the most basic initial questions that a system administrator of an OpenBSD box might have.  You are urged to save this message for later reference.
19:28 -!- seninha [~seninha@user/seninha] has joined #openbsd
19:29 < humm> https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/etc/root/root.mail?rev=1.179&content-type=text/plain
19:32 < spuos>  huh, I have it but not in that dir 
19:32 < humm> /usr/src is just where you’d be likely to check out the OpenBSD sources if you were to do that
19:33 -!- seninha [~seninha@user/seninha] has quit [Client Quit]
19:33 < Bradipo> spuos: There's also the FAQ: https://www.openbsd.org/faq/
19:37 -!- housemate [~housemate@202.7.247.155] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
19:42 -!- housemate [~housemate@202.7.247.155] has joined #openbsd
19:43 -!- fede [~fede@37.160.37.224] has quit [Ping timeout: 240 seconds]
19:43 -!- fede [~fede@78.212.211.11] has joined #openbsd
19:47 -!- zcram [~zcram@user/zcram] has quit [Quit: Do the right thing.]
19:47 -!- fede [~fede@78.212.211.11] has quit [Ping timeout: 244 seconds]
19:48 -!- fede [~fede@78.208.43.255] has joined #openbsd
19:54 -!- tozhu [~tozhu@218.89.244.138] has joined #openbsd
19:54 -!- seninha [~seninha@user/seninha] has joined #openbsd
19:56 -!- ecbrown [~user@user/ecbrown] has quit [Quit: ERC 5.6.0.30.1 (IRC client for GNU Emacs 30.2)]
19:58 -!- ecbrown [~user@user/ecbrown] has joined #openbsd
19:59 -!- tozhu [~tozhu@218.89.244.138] has quit [Ping timeout: 240 seconds]
20:08 -!- memset_ [~memset@gateway/tor-sasl/memset] has joined #openbsd
20:08 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
20:16 -!- lusciouslover [~luscious@user/lusciouslover] has quit [Ping timeout: 246 seconds]
20:19 -!- uzuri [~uzuri@user/uzuri] has quit [Ping timeout: 264 seconds]
20:19 -!- CrimeWave [~Ebox-MTL@user/CrimeWave] has joined #openbsd
20:28 -!- mlw [~mlw@41.73.193.26] has joined #openbsd
20:29 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has quit [Remote host closed the connection]
20:29 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has joined #openbsd
20:29 -!- ewig [~ewig@user/ewig] has quit [Ping timeout: 265 seconds]
20:33 -!- fede [~fede@78.208.43.255] has quit [Remote host closed the connection]
20:34 -!- gustik [~gusto@92-180-235-79.dynamic.orange.sk] has quit [Quit: leaving]
20:34 -!- _wnh_ [~Thunderbi@user/wnh] has joined #openbsd
20:36 -!- bigato [~bigato@user/bigato] has quit [Read error: Connection reset by peer]
20:36 -!- bigato [~bigato@user/bigato] has joined #openbsd
20:37 -!- gumnos1 [~gumnos@2600:382:2b21:edf4:ba70:f4ff:fe1e:1ef2] has quit [Ping timeout: 244 seconds]
20:38 < ssm_> spuos: I think it's pretty cool @deraadt writes new install their own personal email
20:39 -!- uzuri [~uzuri@user/uzuri] has joined #openbsd
20:39 -!- gumnos [~gumnos@2600:382:2b20:e359:ba70:f4ff:fe1e:1ef2] has joined #openbsd
20:42 -!- polishdub [~polishdub@ip72-208-203-185.ph.ph.cox.net] has quit [Remote host closed the connection]
20:48 -!- ixc [~ixc@user/ixc] has quit [Ping timeout: 256 seconds]
20:55 -!- o0x1eef [~o0x1eef@user/o0x1eef] has quit [Ping timeout: 244 seconds]
20:57 -!- Lucanis [~lucanis@user/lucanis] has joined #openbsd
20:58 -!- Lucanis_ [~lucanis@user/lucanis] has joined #openbsd
20:59 -!- mlw [~mlw@41.73.193.26] has quit [Ping timeout: 264 seconds]
21:01 -!- lusciouslover [~luscious@user/lusciouslover] has joined #openbsd
21:01 -!- mlw [~mlw@41.73.193.26] has joined #openbsd
21:02 -!- polishdub [~polishdub@ip72-208-203-185.ph.ph.cox.net] has joined #openbsd
21:02 -!- Lucanis [~lucanis@user/lucanis] has quit [Ping timeout: 264 seconds]
21:03 -!- o0x1eef [~o0x1eef@user/o0x1eef] has joined #openbsd
21:11 -!- CrashOverride [~strcat@p548554a8.dip0.t-ipconnect.de] has quit [Ping timeout: 264 seconds]
21:12 -!- mlw [~mlw@41.73.193.26] has quit [Remote host closed the connection]
21:14 -!- jgh [~jgh@85.158.153.62] has joined #openbsd
21:18 -!- zimmer__ [~zimmer@user/zimmer] has joined #openbsd
21:20 -!- xet7 [~xet7@user/xet7] has joined #openbsd
21:20 -!- housemate [~housemate@202.7.247.155] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
21:21 -!- zimmer [~zimmer@user/zimmer] has quit [Ping timeout: 256 seconds]
21:21 -!- cli [~m-vsauiy@user/cli] has quit [Ping timeout: 246 seconds]
21:23 -!- aqsd [~aqsd@user/aqsd] has quit [Read error: Connection reset by peer]
21:23 -!- zimmer [~zimmer@user/zimmer] has joined #openbsd
21:23 -!- lagrange [~john@user/lagrange] has quit [Quit: leaving]
21:24 -!- jalfresi [~bendavies@224.186.187.81.in-addr.arpa] has quit [Ping timeout: 264 seconds]
21:26 -!- zimmer__ [~zimmer@user/zimmer] has quit [Ping timeout: 244 seconds]
21:27 -!- tvtoon [~The_cUnix@user/tvtoon] has joined #openbsd
21:29 -!- aqsd [~aqsd@user/aqsd] has joined #openbsd
21:33 -!- lusciouslover [~luscious@user/lusciouslover] has quit [Ping timeout: 260 seconds]
21:34 -!- lusciouslover [~luscious@user/lusciouslover] has joined #openbsd
21:34 -!- housemate [~housemate@202.7.247.155] has joined #openbsd
21:35 -!- shiranaihito_ [~shiranaih@156.59.50.245] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
21:36 -!- skippy8 [~skippy8@185.224.112.81] has quit [Quit: WeeChat 4.7.1]
21:36 -!- gotohello [~gotohello@user/gotohello] has joined #openbsd
21:38 -!- feriman [~feriman@user/feriman] has quit [Ping timeout: 244 seconds]
21:39 -!- SirJitsu1 [~SirJitsu@162-231-111-175.lightspeed.livnmi.sbcglobal.net] has quit [Quit: Konversation terminated!]
21:44 -!- nature [~nature@64.137.144.64] has quit [Ping timeout: 264 seconds]
21:54 -!- bsdperl [~bsdperl@user/bsdperl] has quit [Quit: bsdperl]
21:56 -!- bsdperl [~bsdperl@user/bsdperl] has joined #openbsd
22:04 -!- sonya [~nightwolf@gateway/tor-sasl/sonya] has quit [Quit: Leaving]
22:07 -!- dinowilliam [~dinowilli@user/DINOWILLIAM] has joined #openbsd
22:11 -!- jab [~user@user/jab] has quit [Ping timeout: 264 seconds]
22:13 -!- fro [fro@humpty.dance] has joined #openbsd
22:14 -!- Feigr [~REDACTED@c-85-228-19-228.bbcust.telenor.se] has quit [Remote host closed the connection]
22:14 -!- emmanuelux [~emmanuelu@user/emmanuelux] has joined #openbsd
22:16 -!- nature [~nature@138.51.50.205] has joined #openbsd
22:16 -!- rc [~rc@user/rc] has joined #openbsd
22:17 -!- sbr [~sbr@dddd.8by3.net] has quit [Ping timeout: 252 seconds]
22:20 -!- Feigr [~REDACTED@c-85-228-19-228.bbcust.telenor.se] has joined #openbsd
22:26 -!- ivdsangen [~ivo@83-84-59-127.cable.dynamic.v4.ziggo.nl] has quit [Quit: leaving]
22:28 -!- r3d1n [~r3d1n@d-23-245-115-17.oh.cpe.breezeline.net] has joined #openbsd
22:30 -!- visl is now known as jason
22:31 -!- jason is now known as visl
22:35 -!- fro [fro@humpty.dance] has quit [Quit: ..<cyp>: die bastards!@#&!#]
22:38 -!- _wnh_1 [~Thunderbi@user/wnh] has joined #openbsd
22:39 -!- seninha [~seninha@user/seninha] has quit [Remote host closed the connection]
22:39 -!- seninha [~seninha@user/seninha] has joined #openbsd
22:42 -!- _wnh_ [~Thunderbi@user/wnh] has quit [Ping timeout: 264 seconds]
22:44 -!- yakubin [~yakubin@user/yakubin] has left #openbsd [Bye]
22:46 -!- edthix [~Thunderbi@60.48.88.84] has joined #openbsd
22:48 -!- _wnh_1 [~Thunderbi@user/wnh] has quit [Quit: _wnh_1]
22:50 -!- ogopogo [~ogopogo@2806:2f0:a6c1:e9cd::5] has joined #openbsd
22:57 -!- jalfresi [~bendavies@224.186.187.81.in-addr.arpa] has joined #openbsd
22:59 -!- sbr [~sbr@dddd.8by3.net] has joined #openbsd
23:01 -!- nature [~nature@138.51.50.205] has quit [Ping timeout: 244 seconds]
23:08 -!- nature [~nature@138.51.51.205] has joined #openbsd
23:10 -!- sbr [~sbr@dddd.8by3.net] has quit [Ping timeout: 250 seconds]
23:11 -!- housemate [~housemate@202.7.247.155] has quit [Quit: “He who has had the self-dignity to respect, never harm, nor speak badly about others, deserves the right to be left alone.” ~ H.S.T.]
23:18 < ssm_> Do future match rules in pf(4) all get skipped as soon as state is established? IE `pass in on blah \n match out on blah`, match rule will never apply?
23:18 < ssm_> I'm going through www/faq/pf/filter.html
23:19 < ssm_> if I wanted to match that rule would I need `pass in on blah no state \n match out on blah \n pass out on blah`?
23:19 -!- vdamewood [~vdamewood@fedora/vdamewood] has joined #openbsd
23:20 -!- plasma [plasma@user/meow/p1asma] has left #openbsd []
23:21 -!- tozhu [~tozhu@171.223.92.232] has joined #openbsd
23:22 -!- objectliteral [~objectlit@user/objectliteral] has quit [Quit: nyaa~]
23:23 -!- sbr [~sbr@dddd.8by3.net] has joined #openbsd
23:30 < dg> the stateful filtering section of man pf.conf is probably closer to what you're asking than the faq
23:30 -!- tozhu [~tozhu@171.223.92.232] has quit [Quit: tozhu]
23:30 < r3d1n> git status
23:30 < r3d1n> oops
23:30 -!- tozhu [~tozhu@171.223.92.232] has joined #openbsd
23:31 -!- c0co [~cc@user/c0co] has quit [Quit: Lost terminal]
23:31 < dg> ssm_: but yes, you can use no state in one direction, but then you create the state on the pass out rule, which may or may not be what you want
23:33 -!- jgh [~jgh@85.158.153.62] has quit [Remote host closed the connection]
23:40 -!- adip [~adip@c145-48.icpnet.pl] has quit [Ping timeout: 264 seconds]
23:43 -!- jalfresi [~bendavies@224.186.187.81.in-addr.arpa] has quit [Ping timeout: 264 seconds]
23:47 < quinq> /15/15
23:49 -!- puffybuf [~puffy@user/puffybuf] has joined #openbsd
23:51 -!- fro [fro@humpty.dance] has joined #openbsd
23:51 < echelon> hi
23:52 < echelon> i'm trying to install to a device that only has serial console, do i need to edit the boot.conf file to make the installer work?
23:54 -!- ecbrown [~user@user/ecbrown] has quit [Remote host closed the connection]
23:57 < puffybuf> I give up. Can't install extensions on ungoogled-chromium port
23:59 < fro> ok
--- Log closed Thu Nov 20 00:00:21 2025