It's apparently explicitly supported by dxwnd, but I failed to find anything in release notes or anything like a post you mention. Binary download however contains an 'exports' directory which is basically a list of titles it supports.
Great reading in itself.
It's a different operating system. You can't point at a dockerfile, say "port this please from linux-such-and-such to FreeBSD" and expect it to work every time. There are nuances even with linux-compat.
Contrary to popular belief load-balance/scaleout is orthogonal to containers (and k8s is only one of the ways to go about it), so obviously it's not discussed in an article about containers.
Very often you can, or could, because the software is portable (e.g. Node or Python or Postgres), and / or platform-independent (e.g. written in JS, Python, bash, etc).
In my practice it was completely normal to build things inside a container to be deployed on Linux using the same sources and basically the same package names and versions as used on a developer macOS machine (which is BSD-like enough down below).
> macOS machine (which is BSD-like enough down below)
That's like saying an Ubuntu .deb will work on Gentoo because it's all Linux anyway. It's not that simple. There is dependencies and there are differences in the packages, package managers and surrounding system for a reason. It's not 1:1.
Perhaps the naming scheme happened to line up for the packages you where using, but this should be considered not assumed.
It would be nice if there was some sort of translator that could handle "most common cases". I think it would improve the usability of Jails.
Perhaps that would require someone to keep a list of packages mapping certain packages between operating systems.
Something like "apt install python3-serial" -> "pkg install py311-pyserial" may suffice.
For anyone that would use something like that, you should implement a prototype, publish it and perhaps someone else will build upon what you started!
And thanks for that or we'd be inundated with terrible flops ala SimCity disaster of 2013.
Face it, AAA studios just can't do open world and can't do decades-long development cycles, they always immediately lose the plot beneath super-irrelevant graphics, platform deals/restrictions and other crap that's mostly openly detrimental to gameplay and ease of access.
That they insist on treating game development as movie production is my running hypothesis.
Rimworld also has non-inconsiderable female following, but only because it's a) very mod-friendly and b) in continued development for more than 10 years already. Its attention to relationships and interpersonal stuff also helps.
Wireguard adds nothing unless you'd want to terminate it on the router. In which case it adds so very little it's unnoticeable.
About any n100 will do. Question is in their reliability which mostly comes down to power regulation components quality. Not performance.
One of my installs runs on a repurposed old android phone. Which has about 100 times CPU capacity of the router I write this through, and that one being cheap tplink shit still terminates wireguard at link speed which is 100Mbps. You don't need fancy gear for routing. And you don't usually need gigabit uplink because speed is limited way upstream.
But if you want "the right gear and damn the price" go get a Microtik. They are very good.
The primary reason I stick to iptables instead of nft is that I already learned iptables decades ago, and some software I interact with still defaults to iptables and/or does not have full support for nft.
Why do you doubt the sanity of people sticking to iptables? What makes nft compelling?
My main reason is that nft applies configs atomically. It also has very good tracing/debugging features for figuring out how and why things aren't working as expected.
That said, I think many distros are shipping `iptables` as the wrapper/compatibility layer over nft now anyways.
As someone who recently switched over from iptables to nftables on one of my machines, the only thing that's better with nftables are sets and maps...
And, like, maybe I'm missing something, but I've found that sets are insufficiently powerful and maps are insufficiently well-documented. You can't have nested sets... that is sets that are defined (partially or completely) in terms of other sets. You also can't share sets across tables (or have "global" sets)... so that list of interfaces that'd be really good to apply to all of your rules? Yeah, you've gotta duplicate it in every damn table. And maps? My big beef with them is that the documentation makes two things very unclear:
1) What part of the nftables rule is going to do a lookup of the key in the map and what part will get the value. Like, seriously. Check out the nft(8) man page and look at their mapping examples. The k:v selection and insertion logic is clear as mud. I can guess a couple of possible interpretations, but if they explicitly state the logic, I must have skipped over it.
2) If it's even possible to have a multi-component key, to -for example- cook up a "verdict map" that fills out the statements:
You also lose the really nice tabular status display that 'iptables -L -n -v' provides you... instead you get a nested abomination that (on the one hand) thankfully isn't fucking JSON, but (on the other hand) isn't JSON, so you have to cook up a processor if you want to transform it. You also lose the really nice, well-thought-out CLI help text for doing basic shit, like, suchas "List the goddamn rules in the fucking ruleset". Even the nft(8) man page takes its sweet time getting around to telling you how to do that really fundamental task.
"The CLIs are much less nice to use" is kind of a theme I've noticed with some of these replacement networking-management tools. 'bridge' is way less nice to use than 'brctl' [0], 'ss' is quite a bit more obnoxious than 'netstat', etc, etc.
Though, to be clear, I find 'ip' to be a much better tool than 'ifconfig'... at least the Linux version of 'ifconfig'. Maybe the BSD version is great.
[0] It doesn't help at all that you have to use both 'ip' and 'bridge' to manage bridges.
Are they? I recently had to learn nftables and they seem to be iptables but with a slightly nicer syntax and without pre-defined chains. But otherwise, nftables directly maps to iptables and neither of them seem similar to pf.
AirPods knockoffs are mass-produced. They contain power and RF comms in a package that's significantly smaller than an eye. The only problem with prosthetic eye camera I as a half-skilled home-lab owner would have is how to not ruin the source prostetic. Which is trivial - just buy a dozen and practice.
https://sourceforge.net/projects/dxwnd/
reply