[01:38] *** andol has joined #arpnetworks [03:35] *** hive-mind has quit IRC (Ping timeout: 265 seconds) [04:46] my first invoice is 129x [04:46] march 2012 [04:47] crap, i been using ARP for that long? [04:47] must be doing something right ;) [05:16] heh [05:47] drwxr-xr-x 2 root wheel 2 Nov 21 2009 /media [05:47] that's my first day [06:03] I'm hoping that the downtime notice of jun 9 at 1am means tuesday morning and not wednesday morning. :) [06:13] yeah it does mean tuesday morning [06:14] was it not obvious? [06:15] well, some people would call that monday [06:15] especially if they are staying up for it [06:15] yeah it's one of those weird things [06:15] socially monday night 1 am [06:16] technically tuesday night 1 am [06:16] right [06:16] but usually when you have a preadvised outage it's a technical time not a social time. [06:16] what do you think would make it more clear? [06:16] I'm happy the notice didn't say PST. I would have revolted at that. :) [06:16] heh [06:17] no, it's fine. I'm just waking up and being slightly grizzled during that. [06:17] or confounded until the cobwebs clear. [06:17] "there's no f-ing PST until November peoples!" [06:17] i know the feeling. [06:17] That's what she said!! [06:17] yeah there's no PT is there? [06:18] there's PT, and PDT, but no PST. [06:18] i sometimes find myself checking if i'm in daylight saving or standard time. [06:18] what? [06:18] of course there's a PST? [06:18] No [06:18] it doesn't exist anywhere [06:18] not until november [06:19] it still exists even if it's not currently used. [06:19] no place in the normal UTC-8 stays that way. they all move to UTC-7 [06:19] how would it "exist" if you can't use it *anywhere*? [06:19] Yeah, but PST as a thing still exists. [06:19] the concept, sure. [06:19] it's dormant [06:19] it's like a bear hibernating [06:19] just like the concept "world peace" [06:19] It doesn't mean the bear doesn't exist. [06:20] that's different [06:20] a bear is a real thing [06:20] time isn't [06:20] so is a timezone. [06:20] not real [06:20] a time zone is a standard whether or not followed [06:20] anyway, finishing my wake-up sequence [06:20] even if daylight saving is abolished then PDT will still mean something [06:20] just be followed anymore. [06:20] you must be EST :) [06:21] EWDT [06:21] EDT [06:21] haha [06:21] before you correct me. [06:21] i suppopse you could be a 6 am riser.. [06:22] I have an early flight from PDX this morning [06:22] so I'm on schedule to get to the airport early [06:24] ahh [06:29] and.. unlike the TSA PreCheck that I've gotten reliably for the past few years, I've now been de-selected, so from time to time, I'm like everyone else. That sucks. [06:29] so I have to get there even earlier. :( [06:30] did you read about how the checking for weapons thing is failing miserably? [06:30] yeah - I hope that doesn't mean even more kabuki theatre [06:30] so there's a high level of convenience and low amount of increased security for the inconvenience. [06:31] s/convenience/inconvenience/ [06:31] so there's a high level of inconvenience and low amount of increased security for the ininconvenience. [06:31] zactly [06:31] haha [06:31] i had no /g [06:31] in one response, I read "they should just target people based on profile, and randomly select another 10%, and let the rest just go to the gate after simply scanning the boading pass" [06:32] I agree [06:32] i heard that police stop black people in the US way more often than white people. [06:32] of course... more black people are involved in crime. :) :) [06:32] profile targetting often is kind of racist. [06:33] yeah - that's why we can't do that in the US at the airport. only from squad cars. [06:33] poor people commit more "obvious" crimes. [06:33] but El Al airlines can do it just fine. they profile everyone that boards. [06:33] rich people commit more hidden crimes. [06:34] off shore tax havens is kind of worse than petty theft. [06:34] I know. some white rich guy effectively has the equity that was in my house [06:34] monopolies, duopilies, price setting etc. [06:34] stole $100k from me. but will I ever see him prosecuted? no. [06:35] so I walked on the loan, and have a spare bedroom of a friend, instead of a 5-bedroom house. [06:35] the thing is, if you say that this stuff is bad.. it's too big a problem and too hard to track and follow for people to want to get involved with [06:35] my credit takes a hit. my net worth takes a hit. [06:35] so instead it's down to petty theft etc. [06:35] zactly [06:35] damn. [06:35] ok... shower time. [06:35] there's a problem here with people wrongly taking bills to debt collectors [06:35] for money that people didn't even owe. [06:36] screws up their credit rating, makes it hard for them to find somewhre to live etc. [06:36] someone won a court case over it recently. [06:37] i've heard so many billing problems with telecommunications stuff.. [06:37] over a long period of time, and many different companies. [06:38] sometimes i wonder if it's on purpose because medium sized companies may not look over it properly [06:38] small the bill should be shorter and more obvious.. [06:52] I think there are many problems and often the wrong people solving them. :) [06:58] now to finish packing and get outta here. [10:37] mercutio: Thank you! I've argued with Randal in the past that PST is still defined even when it's not active. It's nice to know I'm not alone. [10:39] pdt = part of the year, pst = other part of the year? [10:39] Yes, same as you have with mst/mdt [10:39] that's what i always assume when i see it [10:39] right [10:40] i don't think i've ever seen it abbreviated pt [10:40] just pst/pdt [10:40] pt = part time, in my book :p [10:40] yeah [10:59] p/t f/t is used here often [12:07] staticsafe: have you played w/fasttrack routeros? [12:07] fasttrack in* routeros, rather [12:12] m0unds: not yet, not sure how to either [12:12] *) added ~fasttrack-connection~ firewall action in filter/mangle tables for marking connections as fasttrack; [12:12] oh [12:13] yeah, it doesn't work on all platforms but in true mikrotik fashion they don't say which ones don't support it [12:13] so i added the rule and deconfigured everything else (it says you can't use anything but hw queues and firewall rules w/conntrack) and it wouldn't work right [12:13] it showed the fasttrack rule was being hit by traffic, but nothing was categorized as such [12:14] what i gleaned from the documentation was that you need a rule to flag stuff as fasttrack and a separate rule to just accept the remainder of traffic that can't be flagged as such [12:27] hmm [12:41] *** m0unds__ has joined #arpnetworks [12:43] *** m0unds_ has quit IRC (Ping timeout: 264 seconds) [12:43] yeah, it's just broken on ppc hardware i guess [12:44] reset to factory, used the default rules they include on init (which includes a new fasttrack rule) and it still wasn't counting traffic [12:44] the bytes passed through the fasttrack rule incremented, but the counter for fasttrack itself in /ip settings didn't [12:46] *** m0unds_ has joined #arpnetworks [12:47] *** m0unds__ has quit IRC (Ping timeout: 265 seconds) [12:47] oh well [14:08] m0unds: can you paste me the default fasttrack rule? [14:08] sure, one sec [14:08] well, not the default but i can give you a link to the example they posted (i already reverted my config) [14:09] http://pastebin.com/kxiKjYzd [14:09] PDF is just some background on it [15:03] *** hive-mind has joined #arpnetworks [16:17] mmm mikrotik - my rb750 is collecting dust [16:23] the whole hardware nat thing on low end routers sucks [16:24] you need closed source drivers for switches that can do some hw nat off load (which i think can do normal forwarding too, but can rewrite ip's without you receiving the traffic afaik) [16:24] otherise you can't do anythig close to gigabit. [16:25] i was kind of hoping they'd just use faster cpu's [16:30] NAT sucks [16:32] yeh it does. [16:33] maybe ipv6 will take off [16:33] you never know :) [16:35] they need faster cpus for samba on home routers too [16:36] i think it's mostly about memory bandwidth being low [16:36] luckily for consumers, most consumer router mfgrs use closed source drivers [16:37] NAT is evil [16:37] it's terrible [16:37] fortunately i have minimal use of NAT @home [16:38] m0unds: that's not lucky for consumers. [16:38] explain [16:39] because for most people, you buy a box, you plug it in and it works [16:39] it is buggy [16:39] then it doesn't work :/ [16:39] in some situations you have to disable the hardware nat or things break. [16:39] the only person i know who regularly has issues with a shitty natbox is my buddy who uses a POS asus router [16:39] if it was open source it'd probably break less. [16:39] and in most cases, you don't even have a box to check to disable nat [16:39] and most people wouldn't /know/ to do that [16:39] That's what she said!! [16:39] hw nat, rather [16:40] the broadcom implementation is better than the atheros implementation i think. [16:40] you can turn off nat altogether, but the vast majority of home users aren't going to derp around with changing settings [16:40] one of them is better than the other at least. [16:40] they'll just say "well shit, it broke" and buy another POS [16:40] changing hw nat changes more than just nat :/ [16:40] these are the same people who rent a modem from their ISP, which has a wlan device on it and then buy a router at best buy and run /both/ [16:40] it's called hw nat but it does some other stuff too with regards to hw forwarding. [16:40] and never know [16:40] i suspect it's used for bridging too. [16:41] i've never seen a checkbox to turn off hw nat except on tp-link stuff [16:41] and their stuff isn't popular in the us [16:41] because the ethernet card doesn't normally return payload and headers as separate chains. [16:41] ahh ok i have a tp-link router with a tickbox :) [16:41] i didn't know that tp-link weren't popular there. [16:41] they're apparently the most popular router brand around the world :/ [16:41] i bought one for my in-laws because it was cheap and it replaced some POS linksis from 10 years ago that couldn't do more than 20mbit [16:42] because they're really big in china. [16:42] they're all much of a muchness. you have atheros or broadcom. [16:42] tp-link vary quite a lot by model.. [16:42] i bought them a c7 [16:42] it was like $80 [16:42] that's what i'm using. [16:42] i have two of them :) [16:43] mine was like $80 then it was on special for like $60 [16:43] so i got another. [16:43] they're happy with it, it lets them use their provisioned speed (75mbit) [16:43] the first is running default firmware, the second is using openwrt. [16:43] hasn't crashed or anything since december [16:43] yeh it'll do 200 megabit of nat easily without hw. [16:43] mine never crashes. [16:43] it also runs surprisingly cool [16:43] yea, noticed that too [16:43] i don't know if you've touched it when it's been running [16:44] but you don't burn yourself touching the top. [16:44] the linksys they had was brown on the bottom from heat [16:44] yeh wireless routers running hot is really common, that's why i thought it was good to mention :) [16:44] hmm that has me curious now how much NAT traffic my pfSense can handle [16:44] RouterOS is very stable for me at home [16:44] yea, these builds of 6.x are a lot, lot, lot better than 5.x and early 6.x [16:44] routeros seems to be most unstable when doing "weird" things or upgrades. [16:45] and weird can be something as simple as running queues :/ [16:45] i think they like to add features to fulfill a "checkbox" on a product sheet, and never develop them, improve them or fix them [16:45] like mpls [16:45] they "support" mpls [16:45] i used to have my rb750 bonding two DSL and an eDOCSIS (total of about 34mbps) - handled well until you maxed all the lines [16:45] but it's atrocious [16:46] m0unds: i think the whole thing is atrocious myself :) [16:46] but it fills a niche. [16:46] it's a pity openwrt has no support for the hw nat on this router [16:46] and they put a lot more development into stuff than people like tp-link do [16:46] be curious to test [16:46] i don't know why i careso much about 200 megabit+ nat performance [16:47] it's not like my internet can do 200 megabit. [16:47] they have a really adversarial relationship w/customers [16:47] but using hw nat makes bridging go faster on archer c7, and openwrt is slower than normal firmware for bridging wireless ac to ethernet.. [16:47] with no nat. [16:47] m0unds: you think? [16:48] just thinking of stuff like one of their suppliers using the completely wrong capacitors on the power stage for an entire run of rb450gs [16:48] i think they just have a lot of people with high expectations for a cheap low end product. [16:48] and they refused to do anything to help [16:48] m0unds: wow. [16:48] just referred everyone to their reseller [16:48] that sounds normal. [16:48] well, it was a way for them to get out of handling it [16:48] as much as i hate to say it, they probably don't want to deal with returns directly. [16:49] it's bigger companies that care more about maintaining an image and make more money that want to take on things like that. [16:49] according to the agreements w/most of the resellers, they couldn't even return these devices because there was nothing "Wrong" with them aside from using bad capacitors in them [16:49] but often it's only if they decide it's a big enough problem. [16:49] so it was essentially, contact your reseller, they might replace it for you, then it goes in a landfill somewhere [16:49] but that's if they were willing to do it [16:49] wow. [16:49] that sucks. [16:50] yeah, pretty terrible - granted, not an expensive device, but for their screw up they should probably have eaten at least part of it [16:50] or set up a repair deal or something [16:50] because WISPs and stuff with tons of those devices in service were left in a shitty situation [16:50] That's what she said!! [16:50] yeah [16:50] and wisp's and stuff that use those devices would be tempted to shift to something else [16:50] and use less of the more expensive boxes. [16:51] yep [16:51] ubiquity suck too though [16:51] they suck slightly differently [16:51] eh, i think they at least sort of stand behind their stuff [16:51] like uap-ac routers? [16:51] they're shit :) [16:51] hahaha [16:51] they are? [16:51] s/routers/access points/ [16:51] like uap-ac access points? [16:51] i have a couple of their AC aps [16:51] they run hot [16:51] crash [16:51] it's what i use to cover my house [16:51] and my one makes this annoying whirring noise when transferring data [16:52] the one upstairs had crashing issues, i warranty replaced it [16:52] haven't had issues with the replacement [16:52] the archer c7 gives faster wireless perofrmance with better range. [16:52] and doesn't make an annoying whirring noise when transferring data. [16:52] but i can't POE power it and mount it on my ceiling [16:52] because it's too hot? [16:52] no, an archer c7 [16:52] hahaha [16:52] oh right [16:53] i'm apprehensive about ceiling mounting uap-ac [16:53] have you touched it? [16:53] yeah, it's warm but not obnoxiously so [16:53] i use an AirPort Extreme, works just fine for me [16:53] really? [16:53] could you leave your finger there? [16:54] i'd have to get a ladder and hold my hand on it to find out [16:54] but it didn't seem warmer than anything else i've had ceiling mounted when i pulled the quirky one to replace it [16:55] interesting [16:55] the only thing i've found close was this modem that was known for having overhaeting issues in summer [16:55] and people using fans on it. [16:56] modems use a lot less poewr than they used to [16:56] that modem only had 4mb or 8mb of ram too [16:56] and so would overload with nat [16:57] and it'd get short enugh on ram that the web interface was slow [16:57] for some reason i've found tp-link stuff has really fast web interfaces [16:57] but a lot of these interfaces are kind of hacked together [16:58] and there's been quite a few web exploits, and things like exploits you can do from going to a page that links to http://192.168.1.1... [17:14] i wonder if the archer c7 is an upgrade over the AirPort Extreme [17:16] probably. [17:16] They're both triple stream though [17:16] I'd wait for the newer stuff. [17:52] the tp-link stuff newer than c7 is broadcom adn less friendly with openwrt and shifted back to internal antennas though [17:53] i'd only really consider upgrading from one ac router to another ac router if you had range problems or needed two or such [17:53] the mean reason i upgraded was so i could run openwrt and to get rid of the whine while transferring data [18:05] staticsafe: does the Airport Extreme require a Mac for configuration or is there a windows utility / web interface as well? [18:34] how do I get the 'top' included with arch to sort by cpu usage? [18:55] there's a windows airport utility, iirc [19:25] mna: p [19:25] err P [19:25] sorry, i do it without thinking :) [19:25] for some reason mtr is using a lot of cpu again [20:24] mercutio: thanks [20:26] I have this tricky software situation, where I need to run something as root, its a python program GNS3. I am using archlinux, when I do chmod +s /usr/bin/python, the program lauches wierd with several sections missing. I can launch kde as root, and then GNS3 works, however google chrome does not work in that situation. [20:29] *** Seji has quit IRC (*.net *.split) [20:29] *** qbit has quit IRC (*.net *.split) [20:29] *** mkb has quit IRC (*.net *.split) [20:29] *** sng has quit IRC (*.net *.split) [20:29] *** qbit has joined #arpnetworks [20:29] *** mkb has joined #arpnetworks [20:29] *** sng has joined #arpnetworks [20:29] *** sng has quit IRC (Changing host) [20:29] *** sng has joined #arpnetworks [20:30] *** qbit is now known as Guest10976 [20:30] *** Seji has joined #arpnetworks [20:37] plus I keep reading that its a really bad idea to run X=Server as root [20:50] i wouldn't worry too much about that [20:50] That's what she said!! [20:50] just don't mix desktop/server workloads for externally facing [20:51] if your local user account gets hacked you're screwed whatever you do [20:51] the number of processes running as other users on a desktop should be low anyway [20:54] I dont worry about running stuff as root - I am careful not to do something stupid, however I like using google chrome which refuses to run as root [20:54] ohh i thought you meant the X server running as root [20:54] and using the normal system as a user [20:54] why are you logging in as root? [20:54] x server included [20:54] arch runs X server as root, openbsd doesn't.. [20:55] gns3 refuses to work as sudo via normal user [20:55] why not? [20:55] si it X? [20:55] maybe it's not getting the X key passed through [20:55] it opens a windows but the icons and navigation are missing [20:56] google it? [20:59] I tried [20:59] lots of older posts [21:00] not much recent stuff - specifically arch related [21:00] might be easier searching for a way to run chrome within root loging as normal user [22:10] *** dj_goku_ has quit IRC (Remote host closed the connection) [22:25] mercutio: Arch runs X as $user brycec 1082 3.4 0.6 355780 102572 tty1 S (That's off a fresh install as of yesterday) [22:26] And no, Xorg is not setuid either [22:31] brycec: i don't find that,hmm.. [22:31] am i doing something wrong somehow? :) [22:31] root 954 0.2 1.3 672168 217164 tty1 Ssl+ May15 95:20 /usr/lib/xorg-server/Xorg :0 -seat seat0 -auth /run/lightdm/root/:0 -nolisten tcp vt1 -novtswitch [22:32] Ohh you're starting a login manager from systemd? [22:32] yeh [22:32] I login and startx [22:32] i see. [22:33] yeah it's way easier with lightdm :) [22:33] as i can use the keyboard and mouse [22:33] with synergy.. [22:33] so my synergy starts with lightdm.. [22:33] Try changing the service file for systemd to start it as a non-root user then. [22:36] ahh maybe i will. as you see i don't restart X that often. [22:37] i thought linux was still behind on that though, at least the defaults are behind.. [22:38] I can't speak to other distros, and Arch is very much a "assemble it yourself" thing with no room for defaults (as this weekend's fresh install has reminded me) [22:39] But Linux has been capable for a number of years. All about permissions. [22:41] i kind of want something in betwen ubuntu and arch [22:42] arch still isn't that great for servers. [22:42] it's not really that bad for servers though. [22:43] it's just bad enough to create a few complications.. [23:11] * brycec prepares to run an SSD secure erase on a live system :D [23:15] It's way more fun than it should be to erase an OS out from under itself. [23:15] It's sortof like catastrophic drive failure, only it's intentional :p [23:16] so systemd has it's own ntp client now [23:16] *its [23:16] :p [23:16] brycec: a lot of systems lock ssd secure erase out [23:16] adn you have to hotswap the drive to do it... [23:16] That's what she said!! [23:17] mercutio: or suspend+resume [23:17] which is the trick that worked for me [23:17] ahh [23:17] same diff in the end i suppose [23:17] which is good because I can't get at the physical drives currently. [23:17] it's bloody annoying [23:18] I approve of it though. Sure it doesn't prevent all forms of data loss, but at least it's something to prevent some rogue virus from wiping your drive or locking you out of it. [23:18] yeah i suppsoe [23:18] if there was an easy to fix it it wouldn't be so bad. [23:19] But then it wouldn't be physically secure :p [23:19] i never thought of suspend [23:19] i don't even know how to suspend in linux [23:19] entomb it in concrete and bury it in your yard [23:19] pm-suspend [23:19] that's what i do to secure my drives [23:19] is it just single press on power button? [23:19] https://wiki.archlinux.org/index.php/SSD_memory_cell_clearing [23:19] mercutio: pm-suspend works for me [23:19] cool. [23:20] m0unds: Yes well I wasn't looking for "security" so much as "full wipe for new OS install" [23:20] it's more convenient to just wipe than to bury a disk in your yard [23:20] it's hard to figure out which hole belonged to which disk [23:20] secure erase is still good for performance [23:20] it's kind of annoying [23:21] Exactly why I secure erased instead of just formatting :p Full reset on performance. [23:21] it's really annoying to unearth a disk entombed in concrete only to find out it's a backup from 2001 [23:21] takes hours to chisel it out [23:30] *** andol has left [23:35] i had secure erase a samsung evo to get peformance back (with the new firmware) [23:37] m0unds: you dont label the holes?