***: toddf has quit IRC (Ping timeout: 276 seconds)
awyeah has quit IRC (Ping timeout: 276 seconds)
mike-burns has quit IRC (Ping timeout: 276 seconds)
mike-burns has joined #arpnetworks
ChanServ sets mode: +o mike-burns
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
schmir has joined #arpnetworks
LT has joined #arpnetworks
schmir has quit IRC (Ping timeout: 252 seconds)
nakano is now known as nakano_
nakano_ is now known as nakano
schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
ziyourenxiang has joined #arpnetworks
razorluv_ has quit IRC (Quit: leaving)
heavysixer has quit IRC (Quit: BAMPF!)
awyeah_ is now known as awyeah awyeah: Anyone here use any of the desktop search apps? Like copernic or X1? ***: Lefty has quit IRC (Quit: Lost terminal)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
LT has quit IRC (Quit: Leaving)
Lefty has joined #arpnetworks
wallshot has joined #arpnetworks wallshot: "submit one traceroute output (ipv6) per day" ... "sorry, you've already submitted an ipv6 traceroute within the last 24 hours"
that's not 1 per day!
unless you script something to drop it in on 24 hours to the second jpalmer: I've crontabbed it. ***: nakano is now known as nakano_
nakano_ is now known as nakano jpalmer: if it misses one once in a while to being a few seconds too early.. no real loss to me.
I have it automatically getting new IPv6 addresses to use each day. then mark that IP as used, so that is doesn't try to use the same one a second time. ***: nakano is now known as nakano_ wallshot: yeah i'm thinking a new ipv6 alias and outputs in a cronjob would be nice ***: ziyourenxiang has quit IRC (Quit: ziyourenxiang) jpalmer: wallshot: the basis for the scripts I crontabbed: http://www.tunnelbroker.net/forums/index.php?topic=975.0
I modified the scripts and DB schema slightly. If you try to reuse the same hostname/IP, it gets rejected. so I added a column for "State" which defaults to 0 (unused) and after teh submission script is run.. rather than deleting the entry, it changes "State" to a 1 (used) I also makde the IP column "unique" so I can parse the feed multiple times, and don't get duplicate entries. wallshot: nice
way more complex than i was thinking jpalmer: I parse the feed once a day, for new entries. and run the submission script once a day also. wallshot: thought i'd have a script that generated an ip based on how many days it's been since sept 27 or something jpalmer: it's not really that complex. very simple DB schema.. and the person who posted the script did all of the real work. wallshot: so it just kept incrementing day by day dxtr: Submit traceroute where? wallshot: he.net's ipv6 "certification" thing tooth: It's in the script. ;-) jpalmer: dxtr: ipv6.he.net/certification dxtr: Oh, right jpalmer: fun little ipv6 learnign thing
I learned a bit, and will get a free t-shirt. not bad for something I was interested in anyway. dxtr: will I get a t-shirt if I live in Sweden? :D ***: ziyourenxiang has joined #arpnetworks jpalmer: I didn't read anything about it being open to only US addresses, but you may want to email ipv6@he.net and ask. but honestly, even without the t-shirt, it's a decent learning tutorial to go through the tasks dxtr: I WANT THE T-SHIRT! jpalmer: lol dxtr: :) tooth: There's a TSHIRT?? ***: ziyourenxiang has quit IRC (Client Quit) jdoe: jpalmer: they accent non-US addresses, I just expect things will take longer.
jpalmer: ... and if you're in Zimbabwe or something, who the fuck knows.
s/and/though/ jpalmer: zimbabwe? i thought that place was fictional :P
j/k
tooth: yeah jdoe: I dunno. They also said like... 4-6 weeks or something, didn't they? jpalmer: tooth: pictures: http://groups.google.com/group/windows/web/no-bots jdoe: oh shit it's tooth tooth: buh jpalmer: jdoe: So, I'll get my t-shirt around the time my new 60" plasma TV gets delivered. tooth: jpalmer, link doesn't work for me. jpalmer: tooth: hah. bad copy/paste. my bad. sec
http://www.tunnelbroker.net/forums/index.php?topic=1069.0 jdoe: dude, if you think that's bad you need to see the back :P
http://broquea.corp.he.net/v6shirt.png tooth: They have to give them away because nobody would buy it. wallshot: do they tell u when they ship it, or does it just happen all automagically when you hit sage? jdoe: you have to verify your address. wallshot: yeah i just did that yesterday
and chose my size
omg excellent nerd shirt! jdoe: yeah, that's it, I think.
not really.
but it might make a great rag :P wallshot: i find that some of the coziest tshirts i have are good rags tooth: I find that some of my best rags make the coziest shirts. wallshot: so i actually punched in the ipv6 address from back of shirt into my browser, and felt a moment of "oh duh" when it pulled up the he.net ipv6 page jdoe: lol -: jdoe golf claps jpalmer: LOL ***: nakano_ is now known as nakano
plundra has quit IRC (Ping timeout: 240 seconds)
plundra has joined #arpnetworks jpalmer: I'm not going to lie. e.net needs more tests. that was kinda enjoyable. we'll have to think up a few, and suggest them. jdoe: there aren't really many tests you can do.
do you have a functioning ipv6 mx? check.
do you have a functioning ipv6 dns? check.
does your registrar share the love? check.
oh right, website too.
(check.) wallshot: tis true, they got despeate for "more tests" when they made with the 100 daily submisisons thing ***: shansa has joined #arpnetworks wallshot: i think 10 would have been enough ***: heavysixer has quit IRC (Ping timeout: 276 seconds)
plundra has quit IRC (Ping timeout: 255 seconds)
shansa has quit IRC (Quit: leaving)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
plundra has joined #arpnetworks jpalmer: jdoe: yeah, but there are other things you could do, to get more involved. maybe something along the lines of "request that /48, and subnet it" or asking some routing questions so that people get deeper into that aspect of ipv6. I see (and have personally HAD) issues with autoconfig not working right.. so maybe some tests that help you learn and fundamentally understand those aspects
actually, hrm. let me share those ideas with HE. brb jdoe: eh
the problem is that a lot of stuff is still in flux jpalmer: sure jdoe: ie DHCPv6 which is poorly supported at best.
(isc dhcpd only supports it recently, almost no client oses do) wallshot: the /48 would be fun jpalmer: and, some of it is probably a little more outside of HE's scope. I mean, I assume HE's goal behind this is #1) to drive understanding. #2) to help educate the masses, #3) those masses to help educate others (by doing things like asking for reverse delegation, and such) #4) to quantifiably demonstrate that IPv6 is growing (every domain that gets glue, is counted in those adoption rates, helping drive the effort) etc. wallshot: seems you can allocate a /48 on he.net's tunnelbroker, for people who aren't already offered one by arpnetworks jpalmer: with that in mind, the routing/subet aspects help with #1, and maybe #2) but not the rest. wallshot: just click "Allocate /48" link on the tunnel details i guess
so he.net should totally have you play with that RandalSchwartz: Yeah, I have a half dozen /48's now. jpalmer: wallshot: yeah, they already have the infrastructure for it. RandalSchwartz: "Let the enumeration of the grains of sand of the beaches commence!" wallshot: if each grain had its own IP, we'd have how many trillions of ip's left? :) jpalmer: RandalSchwartz: haha toddf: the sad thing is that dhcpv6 is applying a v4 mindset to v6
rtsol can have extensions added, including supplying dns info etc RandalSchwartz: yeah - let them use the MACaddr as prescribed jpalmer: toddf: I haven't messed with it much, so.. I can't comment toddf: stateless autoconfig vs stateful, rtsol is what I've used for 10+ years
dhcpv6 has only showed up in recent years
though some dhcpv6 proponents like to say 'this is how we will allocate subnets to clients' so maybe there is some merit, I'm not aware of subnet allocations via rtsol... jpalmer: as for the autconfig test, they could do something like "what is the MAC address of your client machine" then, you have to login from that machine, with the autoconfig address, and click the "check" button. littel things like that. ***: atsen has joined #arpnetworks
atsen has quit IRC (Quit: later skater!) -: awyeah like the new twitter.
toddf just uses the pidgin plugin
tooth isn't a twit tooth: :D -: RandalSchwartz is a twit host!
jpalmer is just a twit carrier. jpalmer: the truth is, I've never tweeted. and up until the recent iphone jailbreak, I never even READ a tweet. -: nesta twitches wallshot: i once searched twitter for a recent news event
it showed me a bunch of user's tweets. users with penises as their image thumbs
that's what i get for using a work computer to check twitter for the first time
a lesson to not ever visit twitter again ***: RandalSchwartz has quit IRC (Quit: rebooting emacs)
RandalSchwartz has joined #arpnetworks jdoe: lol emacs irc :( ***: mattx86 has joined #arpnetworks
NightStar has joined #arpnetworks NightStar: There are not issued free shell
Here are granted free shell? RandalSchwartz: NightStar - nothing free.
paid-for machines
which run shells yes. jpalmer: NightStar: no, arpnetworks doesn't do free. ;)
though, depending on your needs, they are well worth the price. NightStar: I generally do not have internet money, so I'm looking for a free shell ", if there are not issued free shell, you do not know where to find them? on what channel? jdoe: they don't exist.
well the sort of do.
there are still things like sdf.lonestar.org, but they're restricted unless you pay, and they're not likely to tolerate bullshit. jpalmer: NightStar: ask a freind for a shell. one who trusts you implicitely. (which, excludes it being some random guy on IRC) nesta: there are a few free shell places left. silenceisdefeat.com ***: NightStar has quit IRC (Quit: NightStar Script v 1.0 http://Glooz.ru/)
shansa has joined #arpnetworks
schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection) mattx86: there's a handful of free shell providers left.. I even came across one that did a free vps service! :)
though, I didn't dare signup hehe nesta: wow really
thats funny mattx86: yeah ***: heavysixer has quit IRC (Quit: BAMPF!) RandalSchwartz: heh... a recruiter just asked me "Oh, I have an opening needing Perl... is that somethign you have expertise in." :)
does "Literally, I wrote the book on Perl" mean anything? :) nukeAFK: hi all ***: nukeAFK is now known as nuke` nuke`: anyone wanna point me on the right direction in how to config mail on my vps so i can use alias@mydomains.bla with pop3? mattx86: RandalSchwartz :P RandalSchwartz: nuke` - what operating system? nuke`: debian RandalSchwartz: Oh - no idea then mattx86: nuke`: are you just wanting the system mail sent to you? RandalSchwartz: I figured you as a freebsd guy. then I can help :) nuke`: no i want to be able to use it
like a normal mais
mail*
send receive not just local mattx86: nuke`: check out howtoforge.com - great tutorials nuke`: k gonna check ty mattx86: I've setup mail servers and antispam boxes for different distros using the different (distro-specific) tutorials there nuke`: yeah im checking this one
Setting Up A Mail Server Using Exim4, Clamav, Dovecot, SpamAssassin And Many More On Debian jdoe: boo exim.
RandalSchwartz: lol mattx86: yeah, postfix is best IMHO RandalSchwartz: Yeah - you won't regret postfix
I'm using cyrus with postfix for pop3/imap mattx86: postfix for SMTP/SMTPS and dovecot for POP3/IMAP RandalSchwartz: err - dovecot yes
sorry, cyrus was the old thing
the tricky part is getting authentication from the right place for pop3/imap
and smtps jdoe: and dovecot for SMTPA ;) mattx86: last time I did it, I don't think it was too bad
right I think I used dovecot for that jdoe: RandalSchwartz: now that dovecot can provide auth it's reasonable straightforward.
RandalSchwartz: cyrus-sasl was a PITA.
reasonably. RandalSchwartz: I think my problem is I wanted to use /etc/passwd but my dovecot is chrooted
or wait... it's because postfix is chrooted
so getting it to talk to dovecot properly nuke`: u guys sound like u could do it in 5min instead of me going on for days :P RandalSchwartz: for freebsd, yes jdoe: RandalSchwartz: yeah, the 'trick' is getting the path/permissions right for the socket for postfix. RandalSchwartz: not a linux user htough jdoe: happily it's a one-off, once you figure that out you can stop beating your head against the wall.
... my poor, poor head :( mattx86: nuke`: to get a "perfect" mail server, you could very well be there for days.. me anyways ;) RandalSchwartz: "postconf -n" is my friend
"what have I tweaked HERE to copy it over THERE" mattx86: mail servers are a bit of a pain to configure, atleast the way I want one configured
that's why for the time being, I've decided to stay with rackspace for email service nuke`: yeah i guess your right, gonna go sleep and try it tmorrow again
nn all RandalSchwartz: sleep at 4pm? :) mattx86: night wallshot: i find postfix pretty damn easy
qmail i had to patch up the ass to get the way i wanted, that was a pain RandalSchwartz: qmail also suffers djbism mattx86: yeah, postfix is 'easy', and dovecot relatively so RandalSchwartz: I can't imagine why anyone would use sendmail (with or without m4) at this point
m4 is its own wtf, anyway :) mattx86: it's when you add in SSL, antispam, antivirus, e-mail signing and so forth is when it gets complicated RandalSchwartz: I have postgrey, and amavisd-new (post-queue)
the tricky part was not passing outbound mail through amavisd mattx86: domain-based 'virtual' hosting using a MySQL database isn't exactly straight-forward either RandalSchwartz: mysql? ugh.
postgres for the win
friends don't let friends use mysql mattx86: I was gonna ask what ppl use nowadays RandalSchwartz: especially now that oracle is strangling it mattx86: lol randal, line up ^ :P wallshot: mmm sqlite RandalSchwartz: I presume mysql will go the same way as "open"solaris mattx86: that's the first thing I assumed would go - not opensolaris RandalSchwartz: already gone jdoe: opensolaris hasn't gone, exactly. RandalSchwartz: well, it's not the source of solaris any more jdoe: when oracle fails to release "solaris express", then I'll call it dead. RandalSchwartz: it now exists only as a fork mattx86: jdoe: ah RandalSchwartz: they've already said no more solaris releeases with source jdoe: no they haven't RandalSchwartz: so it's done. gone.
oh - source *after the fact* yeah jdoe: they explicitly said source will happen... just not until after a proper solaris release. RandalSchwartz: and no community input jdoe: yeah
well that's not surprising.
I dunno, I have high hopes for illumos.
(seriously) mattx86: going back to the e-mail for a moment..
RandalSchwartz: why wouldn't you pass outbound mail thru amavisd-new? jdoe: because when I send a GTUBE I don't want it to bounce? ;)
well I mean, I do
but from the OTHER server. mattx86: unless you don't have massive amounts of users on your mail server
:P RandalSchwartz: one user
and he got mad. :) jdoe: most people don't scan outbound.
google doesn't :P RandalSchwartz: his legit mail was blocked. mattx86: RandalSchwartz: you, I presume? :) RandalSchwartz: no.
neil bauman (insightcruises.com) mattx86: ah, fair enough RandalSchwartz: so I had to work out how not to scan on port 587 mail
and yet still get tls or sasl to kick in mattx86: ah RandalSchwartz: filter_catchall_pcre contains /^/ FILTER smtp-amavis:[127.0.0.1]:10024
and it's not enabled on submission or smtps
but *is* enabled on 25
... check_sender_access pcre:/usr/local/etc/postfix/filter_catchall_pcre
last step of smtpd_recipient_restrictions in main.cf
I couldn't find any other way to write "filter this sometimes"
great way to kill a few hours on my laptop "sudo port install wine" :)
I think I'm compiling X11. :) mattx86: hm.. says that Neil had the idea basically for insight cruises while reading a perl programming book... was it your book? :) RandalSchwartz: Yes. mattx86: nice :) RandalSchwartz: I was his first speaker for the first cruise too
that was about 60 cruises ago for me. mattx86: wow shansa: can you actualy feel the whole lot of respect flowing from my keyboard to you? ~_~ mattx86: were most of them with insight? RandalSchwartz: all of them
well - formerly called geekcruises, yes.
but we're trying to eliminate that name everywhere. shansa: anyone with more than one vps with ARP? are your vpses hosted on he same physical host? RandalSchwartz: yes. and no
at least, I imagine they aren't
since I have to use a different console host shansa: yes
each one has a different kveXX? RandalSchwartz: yeah shansa: kvr*
ok. that's safer I guess. RandalSchwartz: well - considering the huge amount of redundancy, and the MTBF of the hosts, I wouldn't worry
in fact, far better at ARP than many other places.
raid 10 disk, redundant power, redundant net jdoe: RandalSchwartz: the way I would have done it was to add the content filter lines just to inbound, and have unfiltered local/submission ports. RandalSchwartz: jdoe - that's what I did jdoe: RandalSchwartz: I meant in master.cf, not main.cf RandalSchwartz: oh, well, then I'd have to list all 5 other restrictions in master.cf
this way, I could keep the heavy one in main.cf, and the exceptions in master mattx86: RandalSchwartz: that's pretty neat, the cruise thing
I'll have to check that out jdoe: RandalSchwartz: I would have done "-o content_filter=..." etc. and left the rest of the filtering alone, but yeah I dig. I think. RandalSchwartz: well - it's not really a content filter
it's a reject if this thing bitches
so it has to go in the restrictions
and content_filter isn't allowed there
except indirectly
it wasn't obvious to me either... but I found it by googling. :) jdoe: your setup seems... odd.
but what do I know :) RandalSchwartz: how would content_filter= trigger a reject at handshake time because it's spammy?
it has to be in a _restriction
not a filter
ahh - maybe it's possible now
I might be able to simplify my setup then jdoe: I'd have to look, I've never bothered with before-queue filters before recently.
... okay, I do have it setup here. And in master.cf too.
can share the config if you'd like. RandalSchwartz: no - I'm now trying to remember why I had to have it in the _restrictions jdoe: haha ***: nakano is now known as nakano_
mattx86 has quit IRC (Read error: Operation timed out)
nakano_ is now known as nakano
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
wallshot has quit IRC (Quit: Leaving.)
mattx86 has joined #arpnetworks
shansa has quit IRC (Quit: leaving)
shansa has joined #arpnetworks