IT notes


The sockstat command list open Internet or UNIX domain sockets. List open tcp in ipv4: # sockstat -4l Show connectd sockets in port 443 and tcp: # sockstat -P tcp -p 443 -c List unix sockets: # sockstat -u


Update Freebsd using freebsd-update: Set in /etc/rc.conf: kern_securelevel_enable="NO" kern_securelevel="0" reboot and then: # freebsd-update upgrade -r 10.4-RELEASE # freebsd-update install # reboot # freebsd-update install Repeate then to upgrade to 11.1 freebsd-update upgrade -r 11.1-RELEASE Only security patches: # freebsd-update fetch # freebsd-update install To update the packages: # pkg-static upgrade -f # freebsd-update install A forced upgrade of all installed packages will replace the packages with fresh versions from the repository even if the version number has not increased.


When updating if get something like this: pkg: Newer FreeBSD version for package jsoncpp: - package: 1101503 - running kernel: 1100506 Try uname -KU to get the version, and then: pkg -o OSVERSION=1100506 update -f pkg -o OSVERSION=1100506 upgrade

update port

Make a copy of the current port: cp -R <port-name> <port-name>.orig Work on the port: make makesum make checksum make stage make check-orphans make package make install make deinstall Crete the diff, first change one level up: diff -u port-name.orig port-name > port-name.diff Submit the patch.


To start an application on port 80 being not root: sysctl net.inet.ip.portrange.reservedhigh=79 That will allow to bind an application in any port > 79, to allow any port: sysctl net.inet.ip.portrange.reservedhigh=0 Add this to /etc/sysctl.conf to keep changes persistent across reboots: net.inet.ip.portrange.reservedhigh=79

Syslogd 8 bit

If want to log full utf-8 strings “emoji’s” use the option -8, example on /etc/rc.conf: syslogd_flags="-ssC8" The optiosn are: -s Operate in secure mode. Do not log messages from remote machines. If specified twice, no network socket will be opened at all, which also disables logging to remote machines. -C Create log files that do not exist (permission is set to 0600). -8 Tells syslogd not to interfere with 8-bit data.

vm tools

vmware tools guest FreeBSD While running FreeBSD as a guest on VMWARE the vm-tools can be installed with this: $ pkg install open-vm-tools-nox11 Later enable them on /etc/rc.conf: vmware_guest_vmblock_enable="YES" vmware_guest_vmhgfs_enable="YES" vmware_guest_vmmemctl_enable="YES" vmware_guest_vmxnet_enable="YES" vmware_guestd_enable="YES"


FreeBSD zfs disk image Use VirtualBox to install FreeBSD using UFS. After having FreeBSD installed, update your sources and build a custom world and kernel based on your needs for the new image to be created: # cd /usr/src # make -j4 buildworld buildkernel adjust -j4 to the number or cpu cores Use this script to create the image: $ mkdir /raw && cd /raw $ fetch --no-verify-peer https://raw.

ipv6 tunnelbroker

6in4 6in4 uses tunneling to encapsulate IPv6 traffic over explicitly-configured IPv4 links. The 6in4 traffic is sent over the IPv4 Internet inside IPv4 packets whose IP headers have the IP protocol number set to 41. “6to4” is a tunneling method that is only interesting for reaching IPv6-only services. And 6to4 makes sense only if one has a public IPv4 address. As a rule, you only need to enable “6to4” if you want to access services that are only IPv6.

observability tools

FreeBSD Linux src: