Recently one of my servers that runs FreeBSD 11.1 keeps hanging on boot. Usually, the 2nd hard reboot will fix it. The root file system on this server is using ZFS and the ZFS pool report it as healthy. So I’ve been reluctant to do anything about it. Until tonight, when I accidentally list the partition of that drive (ada4): ...
This post is probably more relevant to my use case of PF firewall running on FreeBSD 11.1, and I need to remind myself how to unblock an IP from the block list. Here’s a snippet of what’s in /etc/pf.conf: table persist # Don't send rejections. Just drop. set block-policy drop # Exempt the loopback interface to prevent services utilizing the # local loop from being blocked accidentally. set skip on lo0 # all incoming traffic on external interface is normalized and fragmented # packets are reassembled. scrub in on $ext_if all fragment reassemble # set a default deny policy. block in log all # This is a desktop so be permissive in allowing outgoing connections. pass out quick modulate state # Enable antispoofing on the external interface antispoof for $ext_if inet #antispoof for $ext_if inet6 # block packets that fail a reverse path check. we look up the routing # table, check to make sure that the outbound is the same as the source # it came in on. if not, it is probably source address spoofed. block in from urpf-failed to any # drop broadcast requests quietly. block in quick on $ext_if from any to 255.255.255.255 block in log quick on $ext_if inet from to any In the pf.conf, the blocked IP table is called sshguard. To list all the blocked IPs, run: ...
Before getting into how to change a user’s password on FreeBSD, let’s have a quick revision on how that can be done on a Linux system. As a user we can change the password by typing: Or with a root account, we can change/set the password for another user: How about a FreeBSD? It should be the same way as how it’s done on Linux right? Right? Well, not quite. ...
After rebooting my FreeBSD 11.0, I wasn’t able to login to Mate desktop manager via SLiM (Login Manager). I spent sometimes to try to fix it, but failed. I’ll try it again later when I have a bit of free time. Here’s a quick note of a work around, so I won’t forget what I’ve done. Disable loading slim on start up by editing /etc/rc.conf and commented out the following line: Run this command manually to start mate-session: So, it appears SLiM is the culprit here since Mate-session can be started up manually.
Today I successfully upgraded my FreeBSD home nas server from 10.3 to 11.0. This is the final release of version 11.0, though the official announcement is expected to be made on September 28. After the system upgrade, I need to also upgrade the 2 zpools (tank and zroot) so they can have new features. Upgrading tank was easy, all I needed to do was running this command: # zpool upgrade tank This system supports ZFS pool feature flags. Enabled the following features on 'tank': sha512 skein For zroot, in addition to running the above command (by replacing the actually zpool name to zroot), I also need to update the boot code. ...