[00:04] *** ant has quit IRC (Remote host closed the connection) [00:41] *** ant has joined #arpnetworks [00:42] *** isuldor has joined #arpnetworks [01:52] *** mnathani has quit IRC () [03:07] *** isuldor has quit IRC (Read error: Connection reset by peer) [05:33] *** mercutio has quit IRC (Ping timeout: 250 seconds) [05:50] *** heavysixer has joined #arpnetworks [05:50] *** ChanServ sets mode: +o heavysixer [06:08] *** heavysixer has quit IRC (Quit: heavysixer) [06:32] *** heavysixer has joined #arpnetworks [06:32] *** ChanServ sets mode: +o heavysixer [07:34] *** mercutio has joined #arpnetworks [07:37] *** dzup has joined #arpnetworks [09:24] *** heavysixer has quit IRC (Quit: heavysixer) [09:29] *** heavysixer has joined #arpnetworks [09:29] *** ChanServ sets mode: +o heavysixer [09:52] *** heavysixer has quit IRC (Quit: heavysixer) [10:03] *** heavysixer has joined #arpnetworks [10:03] *** ChanServ sets mode: +o heavysixer [10:57] *** hazardous has quit IRC (Ping timeout: 276 seconds) [11:04] *** hazardous has joined #arpnetworks [12:11] *** heavysixer has quit IRC (Quit: heavysixer) [12:29] *** heavysixer has joined #arpnetworks [12:29] *** ChanServ sets mode: +o heavysixer [12:59] *** avj has quit IRC (Quit: ircII EPIC5-1.1.5 -- Are we there yet?) [13:12] *** avj has joined #arpnetworks [13:19] *** heavysixer has quit IRC (Quit: heavysixer) [13:24] *** heavysixer has joined #arpnetworks [13:24] *** ChanServ sets mode: +o heavysixer [13:29] *** notion has quit IRC (Ping timeout: 252 seconds) [13:29] *** teneightypea has quit IRC (Ping timeout: 246 seconds) [13:30] *** up_the_irons has quit IRC (Ping timeout: 246 seconds) [13:31] *** toddf has quit IRC (Ping timeout: 256 seconds) [13:31] *** twobithacker has quit IRC (Ping timeout: 246 seconds) [13:31] *** bGeorge has quit IRC (Ping timeout: 276 seconds) [13:32] *** mikeputnam has quit IRC (Ping timeout: 264 seconds) [13:32] *** medum has quit IRC (Ping timeout: 276 seconds) [13:33] *** medum has joined #arpnetworks [13:34] *** mike-burns has quit IRC (Ping timeout: 276 seconds) [13:38] *** mikeputnam has joined #arpnetworks [13:38] *** toddf has joined #arpnetworks [13:38] *** ChanServ sets mode: +o toddf [13:38] *** notion has joined #arpnetworks [13:38] *** teneightypea has joined #arpnetworks [13:38] *** bGeorge has joined #arpnetworks [13:38] *** twobithacker has joined #arpnetworks [13:39] *** up_the_irons has joined #arpnetworks [13:39] *** ChanServ sets mode: +o up_the_irons [14:09] *** wallshot has joined #arpnetworks [14:11] tempted to re-open and reply to 1.5 year old support thread [14:12] seems easier than providing all the background for a new one [14:12] naw that's a bit rude even for me [14:12] it sounds less rude if it has relevant data to me [14:13] but you could just reference it [14:13] true, but it wipes out that sense of closure up_the_irons gets from closing tickets :) [14:13] yeah i think I'll just link the original one [14:13] yeh [14:15] *** DiaboliK has quit IRC () [14:22] *facepalm* of course i submit ticket and then see this nice tool to do what i want myself w/o harrassing the staff [14:22] so i *am* rude! [14:22] haha [14:23] * brycec is curious what that tool is [14:23] reverse dns delegation [14:24] last time i tweaked reverse dns, i don't recall seeing this, and Garry handled the config, it was just after i had signed up [14:24] but it looks like i can edit them myself now :D [14:25] ah [14:25] heh [14:25] i think i should use it :) [14:25] as the years go by i seem to care less and less about reverse delegation [14:25] unless it's a mail server [14:25] i'd by happy if it was just .arpnetworks.com or something [14:26] yeah that would be pretty nice [14:26] Gets ARP's name out there a bit [14:26] i think that part of the issue is that often there are multipel things happening on one IP [14:26] so you end up with just a hostname [14:26] And gives users a solid/working rDNS out of the box [14:26] yeah mail is the only thing that forces you to care about reverse [14:26] that and your IRC /whois results ;) [14:26] but the hostname you know from the forward lokoup what IP it goes to anyway [14:26] IRC is a distant second [14:27] crap laptop, quit lagging [14:27] irc i don't care about [14:27] my irc reverse lookujp doesn't even seem to be there [14:27] even though it's working [14:27] i know cos i set it up /years/ ago for reverse for irc :) [14:28] actually [14:28] maybe someone redelegated your PTRs :) [14:28] i'd like it to tsay .static.arpnetworks.com [14:28] my irc isn't on arp [14:28] and 4.2.2.2, 8.8.8.8 work with it [14:28] freenode just sucks :) [14:29] actually i like it when routers say their location too [14:29] gotta love hating freenode. the worst irc network i ever loved [14:29] wallshot: Don't worry. If you're the sort of person who worries that they're rude in a tech support query, you aren't rude :) [14:29] wallshot: it's actually only as bad as undernet used to be [14:29] actually it's better than underent used to be [14:29] it's like undernet without the "lag" [14:29] and people coming in on diff servers and see themselves talk, and being like i said that 5 minutes ago! [14:30] ooh the big old netsplits [14:30] it seemed to be slow with netsplits though [14:31] i think internet was slower back then too [14:31] yeah undernet grew faster than bandwidth capabilities [14:32] nah they had ddos issues [14:32] dunno how efnet survived [14:32] undernet was big here [14:32] * mercutio is in NZ [14:32] there usde to be NZ irc server even [14:33] but then that went away cos too many ddos issues [14:33] and had to use EU servers [14:33] cos the US servers blocked non-US IP [14:35] *** Ehtyar has joined #arpnetworks [15:00] *** heavysixer has quit IRC (Quit: heavysixer) [15:09] mercutio: wallshot : i really don't mind if a 1.5 year old ticket is re-opened [15:11] brycec: mercutio : i really should have rDNS working upon new account signup; just another little thing to do... [15:11] up_the_irons: good to know. [15:12] heh my yearly bandwidth is nearly at my monthly bw quota [15:13] it doesn't seem to be on my cp [15:13] not that it really matters [15:14] ha congrats [15:26] heh [15:29] i wonder what average utilisation is like [15:30] is it normally like 1/10th i imagine? [15:32] *** mike-burns has joined #arpnetworks [15:32] *** ChanServ sets mode: +o mike-burns [15:33] *** easymac_ has joined #arpnetworks [15:37] *** easymac_ has quit IRC (Client Quit) [15:37] *** easymac has quit IRC (Read error: Connection reset by peer) [16:16] *** easymac has joined #arpnetworks [16:16] *** easymac has quit IRC (Changing host) [16:16] *** easymac has joined #arpnetworks [16:22] nixbag: data center day tomorrow. the huge chassis i was telling you about arrived and i need help racking it. [16:23] translated: you get to be my forklift. and my makita. [16:41] Okay, question for those more knowledgeable in IPv6, BGP, etc... wtf is wrong with m0n0.ch? (m0n0wall's website). Their IPv6 interface has been b0rked (or sloooow) for as long as I can remember. Tried connecting today, timed out... Threw their address 2a02:200:3:1::101 into HE's looking glass and they can't reach it. So, what's up with them? Can anyone else reach them? [16:41] (I googled and didn't see any mentions of their website failing to load over ipv6) [16:42] ok, I know I'm retarded, but when I have my pf firewall enabled, I can't get out using ipv6? for instance, "telnet www.google.com 80" tries to use ipv6 first. Disabling the firewall works fine. Now, this is the same pf.conf I have in play in other fbsd 9 VPS... I feel like I've ran into this and forgot the solution. Anyone? [16:42] pjs: can you post a copy of your pf.conf? [16:43] sure, one sec (though, like I said, it's literally the same (minus IP network) as all my other VPS's) [16:43] could be a lot of things... starting with wrong addresses, blocking IPv6 services like NDP (equiv of blocking ARP), or something stranger [16:43] pjs: Other VPS' on ARP? [16:43] Yea [16:44] brycec: m0n0.ch seems to work fine from my HE tunnel at home [16:44] MTR looks alright too [16:44] wat, really? [16:45] indeed [16:45] brycec http://dpaste.com/1014581/ [16:45] staticsafe: lg.he.net's traceroute gave two he.net hits then bombed out * * * [16:45] actually wait [16:45] nvm mtr is dying [16:45] i guess firefox fell back to v4 [16:45] lol yeah FF does that [16:46] my squid proxy at work defaults to ipv6 [16:46] which is neat, but prevents things like ff from falling back to ipv4 [16:46] one sec lemme do a mtr from all my boxes [16:46] thx staticsafe [16:46] just wondering if I'm losing my mind... [16:48] wallshot: lol [16:49] hrmm.. comparing that pf.conf (http://dpaste.com/1014581/) with another from a different fbsd 9.1 VPS the only difference is the ext_net.. [16:49] brycec: http://sprunge.us/HgeM seems like it may not be reachable via HE for some reason [16:49] pjs: my guess is you are blocking NDP [16:49] *** phrac has quit IRC (Quit: Lost terminal) [16:50] my ARP box can't reach it [16:50] up_the_irons possible.. but I wonder why my other VPS's dont seem to have this issue [16:50] * up_the_irons shrugs [16:54] brycec: makes no sense either [16:54] the AS that IP is in is peered with HE too [16:57] up_the_irons possible to have the kernel default to v4 when making a connection? v4 works fine with the rules I have configured [16:57] pjs: no idea how to do that [16:57] pjs: it's application not kernel that does that [16:57] pjs: why not just disable ipv6 on your NIC? [16:58] if ipv6 is turned off, apps won't try to use it [16:58] or what up_the_irons said [16:58] on Linux, it's some sysctl param [16:58] disable_ipv6 [16:58] sysctl -a | grep disable_ipv6 [16:58] net.ipv6.conf.all.disable_ipv6 = 0 [16:58] set that to 1 on linux.. [16:59] grrr, I hate to disable it.. but I guess they wont be using it [16:59] thats a step backwards imo, you should fix your pf rules [16:59] if it's pf it's not linux :) [16:59] staticsafe I agree [16:59] Yea, it's FreeBSD [17:00] i'm yet to do ipv6 on freebsd [17:00] :O [17:00] pjs: i would ask around in ##freebsd or something, probably something simple :P [17:00] try google first i'd reckon [17:00] Yea, I suppose.. I'm googling :) [17:01] Trying some things. Just odd that the same pf file, literally the exact same (except the ext_net variable) works fine [17:03] sorry pjs I got dragged away by a power crisis. [17:03] pjs: what about the other files that your pf.conf includes? [17:03] are those identical across hosts? [17:03] notably, badhosts [17:04] also, dumb question (because I'm not a pf guru) but I see a lot of pass in inet, but what about inet6? [17:04] brycec yes, they are. It's a cronjob that gets sync'd every couple hours.. just blocked IP's that have been trying to ssh in to frequently [17:04] I wonder if this is the culprit: net.inet6.ip6.v6only: 1 [17:05] (I seem to recall there's a sysctl that equates inet6 and inet, a la ffff::ipaddress) [17:05] it sucks to disable ipv6 [17:05] step backwards, like staticsafe said [17:05] up_the_irons right, I don't want to do that [17:06] the new backup service will be v6 only for direct links [17:06] i'm not even enabling v4 for it [17:06] time to get serious about v6 [17:06] Yeah pjs net.inet6.ip6.v6only is that sysctl [17:06] (Portal will clearly describe this on the service page) [17:07] pjs: so what's net.inet6.ip6.v6only set to on the other boxes? :p [17:07] brycec yea, it's sysctl.. but the setting is the same on a working fbsd 9.1 box (same pf.conf) [17:07] up_the_irons++ [17:08] (darn, hoped that was it) [17:08] sweet, i just got +1'd [17:08] don't think that has ever happened b4 [17:09] Not according to my logs [17:09] shit [17:09] (so, not since Sep 30, 2012) [17:09] but according to my memory... [17:10] wow, indeed, it has happened 4 times [17:10] http://irclogger.arpnetworks.com/irclogger_log_search/arpnetworks?search=up_the_irons%2B%2B&action=search&error=0 [17:10] ha [17:11] Poor up_the_irons went all of 2012 without one [17:11] * up_the_irons cries [17:12] *** heavysixer has joined #arpnetworks [17:12] *** ChanServ sets mode: +o heavysixer [17:12] up_the_irons+=100 [17:12] There there, feel better. [17:12] (and that's a first) [17:13] wow [17:13] * up_the_irons turns into The Hulk [17:13] *** dzup has quit IRC (Remote host closed the connection) [17:17] Adding these 2 fixed it [17:17] pass out on $ext_if inet6 [17:17] pass out on $ext_if proto ipv6 [17:17] :) [17:17] Grrr, gonna drive me up the wall why its required here and not on my others [17:17] \o/ [17:17] so it was blocking v6 outbound [17:17] Yea :-/ [17:18] well that's a way better fix than disabling ipv6! ;) [17:18] hah for sure [17:30] *** koan has quit IRC (Read error: Connection reset by peer) [17:30] *** koan has joined #arpnetworks [17:30] *** avj has quit IRC (Ping timeout: 252 seconds) [17:31] i'm saving those pf rules to look at later. they make mine look sloppy as heck, all nicely sorted, with timeout rules and labels on everything [17:36] wallshot :) [17:44] *** hive-mind has quit IRC (Ping timeout: 248 seconds) [17:55] *** wallshot has quit IRC (Remote host closed the connection) [18:19] *** HighJinx has quit IRC (Ping timeout: 245 seconds) [18:24] *** HighJinx has joined #arpnetworks [18:28] *** hive-mind has joined #arpnetworks [18:43] *** toorop has quit IRC (Ping timeout: 264 seconds) [18:44] *** toorop has joined #arpnetworks [18:47] *** heavysixer has quit IRC (Quit: heavysixer) [18:49] *** toorop has quit IRC (Ping timeout: 252 seconds) [18:50] *** toorop has joined #arpnetworks [18:50] *** toorop has quit IRC (Changing host) [18:50] *** toorop has joined #arpnetworks [19:07] *** heavysixer has joined #arpnetworks [19:07] *** ChanServ sets mode: +o heavysixer [19:12] *** DiaboliK has joined #arpnetworks [19:22] any JS nerds in here [19:22] ? [19:24] would nerd in your case imply something good? :) [19:49] jbergstroem: yes but i figured out my own answer [19:49] jbergstroem: didn't think to check #javascript first ;-) [19:49] super nerds in that channel haha [19:52] damn nerds! [19:53] oh yeah, and the answer is probably: have you upgraded the jquerys? [19:54] jbergstroem: heh no the answer was closure are created during instantiation of a function not invocation [19:58] *** mnathani has joined #arpnetworks [19:58] up_the_irons: what time will you need help? [20:08] *** heavysixer has quit IRC (Quit: heavysixer) [20:08] someone has been trying to brute force my ssh connection this week. well about 3 different people have it seems. [20:09] nixbag: that's normal [20:09] welcome to the internet :) [20:10] my first time looking through my auth logs in awhile :) [20:20] nixbag: just run sshguard/fail2ban. gets them after a few attempts [20:21] jbergstroem: i'm using fail2ban at the moment. it's already done it's job twice since this morning. [20:22] mercutio: "welcome to the internet" reminds me of this http://www.quickmeme.com/meme/35ukyz/ [20:36] heh [20:37] but yeah it's all over the palce now [20:49] *** mjp has quit IRC (Quit: leaving) [20:53] *** mjp has joined #arpnetworks [22:35] *** Ehtyar has quit IRC (Quit: There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence.)