***: ant has joined #arpnetworks
isuldor has joined #arpnetworks
mnathani has quit IRC ()
isuldor has quit IRC (Read error: Connection reset by peer)
mercutio has quit IRC (Ping timeout: 250 seconds)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
mercutio has joined #arpnetworks
dzup has joined #arpnetworks
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
hazardous has quit IRC (Ping timeout: 276 seconds)
hazardous has joined #arpnetworks
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
avj has quit IRC (Quit: ircII EPIC5-1.1.5 -- Are we there yet?)
avj has joined #arpnetworks
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
notion has quit IRC (Ping timeout: 252 seconds)
teneightypea has quit IRC (Ping timeout: 246 seconds)
up_the_irons has quit IRC (Ping timeout: 246 seconds)
toddf has quit IRC (Ping timeout: 256 seconds)
twobithacker has quit IRC (Ping timeout: 246 seconds)
bGeorge has quit IRC (Ping timeout: 276 seconds)
mikeputnam has quit IRC (Ping timeout: 264 seconds)
medum has quit IRC (Ping timeout: 276 seconds)
medum has joined #arpnetworks
mike-burns has quit IRC (Ping timeout: 276 seconds)
mikeputnam has joined #arpnetworks
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
notion has joined #arpnetworks
teneightypea has joined #arpnetworks
bGeorge has joined #arpnetworks
twobithacker has joined #arpnetworks
up_the_irons has joined #arpnetworks
ChanServ sets mode: +o up_the_irons
wallshot has joined #arpnetworks wallshot: tempted to re-open and reply to 1.5 year old support thread
seems easier than providing all the background for a new one
naw that's a bit rude even for me mercutio: it sounds less rude if it has relevant data to me
but you could just reference it wallshot: true, but it wipes out that sense of closure up_the_irons gets from closing tickets :)
yeah i think I'll just link the original one mercutio: yeh ***: DiaboliK has quit IRC () wallshot: *facepalm* of course i submit ticket and then see this nice tool to do what i want myself w/o harrassing the staff
so i *am* rude! brycec: haha -: brycec is curious what that tool is wallshot: reverse dns delegation
last time i tweaked reverse dns, i don't recall seeing this, and Garry handled the config, it was just after i had signed up
but it looks like i can edit them myself now :D brycec: ah mercutio: heh
i think i should use it :)
as the years go by i seem to care less and less about reverse delegation
unless it's a mail server
i'd by happy if it was just <ip>.arpnetworks.com or something brycec: yeah that would be pretty nice
Gets ARP's name out there a bit mercutio: i think that part of the issue is that often there are multipel things happening on one IP
so you end up with just a hostname brycec: And gives users a solid/working rDNS out of the box wallshot: yeah mail is the only thing that forces you to care about reverse
that and your IRC /whois results ;) mercutio: but the hostname you know from the forward lokoup what IP it goes to anyway brycec: IRC is a distant second
crap laptop, quit lagging mercutio: irc i don't care about
my irc reverse lookujp doesn't even seem to be there
even though it's working
i know cos i set it up /years/ ago for reverse for irc :)
actually wallshot: maybe someone redelegated your PTRs :) mercutio: i'd like it to tsay <ip>.static.arpnetworks.com
my irc isn't on arp
and 4.2.2.2, 8.8.8.8 work with it
freenode just sucks :)
actually i like it when routers say their location too wallshot: gotta love hating freenode. the worst irc network i ever loved plett: wallshot: Don't worry. If you're the sort of person who worries that they're rude in a tech support query, you aren't rude :) mercutio: wallshot: it's actually only as bad as undernet used to be
actually it's better than underent used to be
it's like undernet without the "lag"
and people coming in on diff servers and see themselves talk, and being like i said that 5 minutes ago! wallshot: ooh the big old netsplits mercutio: it seemed to be slow with netsplits though
i think internet was slower back then too wallshot: yeah undernet grew faster than bandwidth capabilities mercutio: nah they had ddos issues
dunno how efnet survived
undernet was big here -: mercutio is in NZ mercutio: there usde to be NZ irc server even
but then that went away cos too many ddos issues
and had to use EU servers
cos the US servers blocked non-US IP ***: Ehtyar has joined #arpnetworks
heavysixer has quit IRC (Quit: heavysixer) up_the_irons: mercutio: wallshot : i really don't mind if a 1.5 year old ticket is re-opened
brycec: mercutio : i really should have rDNS working upon new account signup; just another little thing to do... mercutio: up_the_irons: good to know.
heh my yearly bandwidth is nearly at my monthly bw quota
it doesn't seem to be on my cp
not that it really matters brycec: ha congrats up_the_irons: heh mercutio: i wonder what average utilisation is like
is it normally like 1/10th i imagine? ***: mike-burns has joined #arpnetworks
ChanServ sets mode: +o mike-burns
easymac_ has joined #arpnetworks
easymac_ has quit IRC (Client Quit)
easymac has quit IRC (Read error: Connection reset by peer)
easymac has joined #arpnetworks
easymac has quit IRC (Changing host)
easymac has joined #arpnetworks up_the_irons: nixbag: data center day tomorrow. the huge chassis i was telling you about arrived and i need help racking it. wallshot: translated: you get to be my forklift. and my makita. brycec: Okay, question for those more knowledgeable in IPv6, BGP, etc... wtf is wrong with m0n0.ch? (m0n0wall's website). Their IPv6 interface has been b0rked (or sloooow) for as long as I can remember. Tried connecting today, timed out... Threw their address 2a02:200:3:1::101 into HE's looking glass and they can't reach it. So, what's up with them? Can anyone else reach them?
(I googled and didn't see any mentions of their website failing to load over ipv6) pjs: ok, I know I'm retarded, but when I have my pf firewall enabled, I can't get out using ipv6? for instance, "telnet www.google.com 80" tries to use ipv6 first. Disabling the firewall works fine. Now, this is the same pf.conf I have in play in other fbsd 9 VPS... I feel like I've ran into this and forgot the solution. Anyone? brycec: pjs: can you post a copy of your pf.conf? pjs: sure, one sec (though, like I said, it's literally the same (minus IP network) as all my other VPS's) brycec: could be a lot of things... starting with wrong addresses, blocking IPv6 services like NDP (equiv of blocking ARP), or something stranger
pjs: Other VPS' on ARP? pjs: Yea staticsafe: brycec: m0n0.ch seems to work fine from my HE tunnel at home
MTR looks alright too brycec: wat, really? staticsafe: indeed pjs: brycec http://dpaste.com/1014581/ brycec: staticsafe: lg.he.net's traceroute gave two he.net hits then bombed out * * * staticsafe: actually wait
nvm mtr is dying
i guess firefox fell back to v4 brycec: lol yeah FF does that
my squid proxy at work defaults to ipv6
which is neat, but prevents things like ff from falling back to ipv4 staticsafe: one sec lemme do a mtr from all my boxes brycec: thx staticsafe
just wondering if I'm losing my mind... up_the_irons: wallshot: lol pjs: hrmm.. comparing that pf.conf (http://dpaste.com/1014581/) with another from a different fbsd 9.1 VPS the only difference is the ext_net.. staticsafe: brycec: http://sprunge.us/HgeM seems like it may not be reachable via HE for some reason up_the_irons: pjs: my guess is you are blocking NDP ***: phrac has quit IRC (Quit: Lost terminal) staticsafe: my ARP box can't reach it pjs: up_the_irons possible.. but I wonder why my other VPS's dont seem to have this issue -: up_the_irons shrugs staticsafe: brycec: makes no sense either
the AS that IP is in is peered with HE too pjs: up_the_irons possible to have the kernel default to v4 when making a connection? v4 works fine with the rules I have configured up_the_irons: pjs: no idea how to do that mercutio: pjs: it's application not kernel that does that up_the_irons: pjs: why not just disable ipv6 on your NIC?
if ipv6 is turned off, apps won't try to use it mercutio: or what up_the_irons said up_the_irons: on Linux, it's some sysctl param mercutio: disable_ipv6
sysctl -a | grep disable_ipv6
net.ipv6.conf.all.disable_ipv6 = 0
set that to 1 on linux.. pjs: grrr, I hate to disable it.. but I guess they wont be using it staticsafe: thats a step backwards imo, you should fix your pf rules mercutio: if it's pf it's not linux :) pjs: staticsafe I agree
Yea, it's FreeBSD mercutio: i'm yet to do ipv6 on freebsd staticsafe: :O
pjs: i would ask around in ##freebsd or something, probably something simple :P mercutio: try google first i'd reckon pjs: Yea, I suppose.. I'm googling :)
Trying some things. Just odd that the same pf file, literally the exact same (except the ext_net variable) works fine brycec: sorry pjs I got dragged away by a power crisis.
pjs: what about the other files that your pf.conf includes?
are those identical across hosts?
notably, badhosts
also, dumb question (because I'm not a pf guru) but I see a lot of pass in inet, but what about inet6? pjs: brycec yes, they are. It's a cronjob that gets sync'd every couple hours.. just blocked IP's that have been trying to ssh in to frequently
I wonder if this is the culprit: net.inet6.ip6.v6only: 1 brycec: (I seem to recall there's a sysctl that equates inet6 and inet, a la ffff::ipaddress) up_the_irons: it sucks to disable ipv6
step backwards, like staticsafe said pjs: up_the_irons right, I don't want to do that up_the_irons: the new backup service will be v6 only for direct links
i'm not even enabling v4 for it
time to get serious about v6 brycec: Yeah pjs net.inet6.ip6.v6only is that sysctl up_the_irons: (Portal will clearly describe this on the service page) brycec: pjs: so what's net.inet6.ip6.v6only set to on the other boxes? :p pjs: brycec yea, it's sysctl.. but the setting is the same on a working fbsd 9.1 box (same pf.conf) staticsafe: up_the_irons++ brycec: (darn, hoped that was it) up_the_irons: sweet, i just got +1'd
don't think that has ever happened b4 brycec: Not according to my logs up_the_irons: shit brycec: (so, not since Sep 30, 2012) up_the_irons: but according to my memory...
wow, indeed, it has happened 4 times
http://irclogger.arpnetworks.com/irclogger_log_search/arpnetworks?search=up_the_irons%2B%2B&action=search&error=0 brycec: ha
Poor up_the_irons went all of 2012 without one -: up_the_irons cries ***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer brycec: up_the_irons+=100
There there, feel better.
(and that's a first) up_the_irons: wow -: up_the_irons turns into The Hulk ***: dzup has quit IRC (Remote host closed the connection) pjs: Adding these 2 fixed it
pass out on $ext_if inet6
pass out on $ext_if proto ipv6 up_the_irons: :) pjs: Grrr, gonna drive me up the wall why its required here and not on my others staticsafe: o/ up_the_irons: so it was blocking v6 outbound pjs: Yea :-/ wallshot: well that's a way better fix than disabling ipv6! ;) pjs: hah for sure ***: koan has quit IRC (Read error: Connection reset by peer)
koan has joined #arpnetworks
avj has quit IRC (Ping timeout: 252 seconds) wallshot: i'm saving those pf rules to look at later. they make mine look sloppy as heck, all nicely sorted, with timeout rules and labels on everything pjs: wallshot :) ***: hive-mind has quit IRC (Ping timeout: 248 seconds)
wallshot has quit IRC (Remote host closed the connection)
HighJinx has quit IRC (Ping timeout: 245 seconds)
HighJinx has joined #arpnetworks
hive-mind has joined #arpnetworks
toorop has quit IRC (Ping timeout: 264 seconds)
toorop has joined #arpnetworks
heavysixer has quit IRC (Quit: heavysixer)
toorop has quit IRC (Ping timeout: 252 seconds)
toorop has joined #arpnetworks
toorop has quit IRC (Changing host)
toorop has joined #arpnetworks
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
DiaboliK has joined #arpnetworks heavysixer: any JS nerds in here
? jbergstroem: would nerd in your case imply something good? :) heavysixer: jbergstroem: yes but i figured out my own answer
jbergstroem: didn't think to check #javascript first ;-)
super nerds in that channel haha jbergstroem: damn nerds!
oh yeah, and the answer is probably: have you upgraded the jquerys? heavysixer: jbergstroem: heh no the answer was closure are created during instantiation of a function not invocation ***: mnathani has joined #arpnetworks nixbag: up_the_irons: what time will you need help? ***: heavysixer has quit IRC (Quit: heavysixer) nixbag: someone has been trying to brute force my ssh connection this week. well about 3 different people have it seems. mercutio: nixbag: that's normal
welcome to the internet :) nixbag: my first time looking through my auth logs in awhile :) jbergstroem: nixbag: just run sshguard/fail2ban. gets them after a few attempts nixbag: jbergstroem: i'm using fail2ban at the moment. it's already done it's job twice since this morning.
mercutio: "welcome to the internet" reminds me of this http://www.quickmeme.com/meme/35ukyz/ mercutio: heh
but yeah it's all over the palce now ***: mjp has quit IRC (Quit: leaving)
mjp has joined #arpnetworks
Ehtyar has quit IRC (Quit: There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence.)