#arpnetworks 2015-06-07,Sun

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
***andol has joined #arpnetworks [01:38]
........................ (idle for 1h57mn)
hive-mind has quit IRC (Ping timeout: 265 seconds) [03:35]
............... (idle for 1h11mn)
grodymy first invoice is 129x
march 2012
crap, i been using ARP for that long?
must be doing something right ;)
[04:46]
...... (idle for 29mn)
mercutioheh [05:16]
....... (idle for 31mn)
RandalSchwartzdrwxr-xr-x 2 root wheel 2 Nov 21 2009 /media
that's my first day
[05:47]
.... (idle for 16mn)
I'm hoping that the downtime notice of jun 9 at 1am means tuesday morning and not wednesday morning. :) [06:03]
mercutioyeah it does mean tuesday morning
was it not obvious?
[06:13]
RandalSchwartzwell, some people would call that monday
especially if they are staying up for it
[06:15]
mercutioyeah it's one of those weird things
socially monday night 1 am
technically tuesday night 1 am
[06:15]
RandalSchwartzright [06:16]
mercutiobut usually when you have a preadvised outage it's a technical time not a social time.
what do you think would make it more clear?
[06:16]
RandalSchwartzI'm happy the notice didn't say PST. I would have revolted at that. :) [06:16]
mercutioheh [06:16]
RandalSchwartzno, it's fine. I'm just waking up and being slightly grizzled during that.
or confounded until the cobwebs clear.
"there's no f-ing PST until November peoples!"
[06:17]
mercutioi know the feeling. [06:17]
BryceBotThat's what she said!! [06:17]
mercutioyeah there's no PT is there? [06:17]
RandalSchwartzthere's PT, and PDT, but no PST. [06:18]
mercutioi sometimes find myself checking if i'm in daylight saving or standard time.
what?
of course there's a PST?
[06:18]
RandalSchwartzNo
it doesn't exist anywhere
not until november
[06:18]
mercutioit still exists even if it's not currently used. [06:19]
RandalSchwartzno place in the normal UTC-8 stays that way. they all move to UTC-7
how would it "exist" if you can't use it *anywhere*?
[06:19]
mercutioYeah, but PST as a thing still exists. [06:19]
RandalSchwartzthe concept, sure. [06:19]
mercutioit's dormant
it's like a bear hibernating
[06:19]
RandalSchwartzjust like the concept "world peace" [06:19]
mercutioIt doesn't mean the bear doesn't exist. [06:19]
RandalSchwartzthat's different
a bear is a real thing
time isn't
[06:20]
mercutioso is a timezone. [06:20]
RandalSchwartznot real [06:20]
mercutioa time zone is a standard whether or not followed [06:20]
RandalSchwartzanyway, finishing my wake-up sequence [06:20]
mercutioeven if daylight saving is abolished then PDT will still mean something
just be followed anymore.
you must be EST :)
EWDT
EDT
haha
before you correct me.
i suppopse you could be a 6 am riser..
[06:20]
RandalSchwartzI have an early flight from PDX this morning
so I'm on schedule to get to the airport early
[06:22]
mercutioahh [06:24]
RandalSchwartzand.. unlike the TSA PreCheck that I've gotten reliably for the past few years, I've now been de-selected, so from time to time, I'm like everyone else. That sucks.
so I have to get there even earlier. :(
[06:29]
mercutiodid you read about how the checking for weapons thing is failing miserably? [06:30]
RandalSchwartzyeah - I hope that doesn't mean even more kabuki theatre [06:30]
mercutioso there's a high level of convenience and low amount of increased security for the inconvenience.
s/convenience/inconvenience/
[06:30]
BryceBot<mercutio> so there's a high level of inconvenience and low amount of increased security for the ininconvenience. [06:31]
RandalSchwartzzactly [06:31]
mercutiohaha
i had no /g
[06:31]
RandalSchwartzin one response, I read "they should just target people based on profile, and randomly select another 10%, and let the rest just go to the gate after simply scanning the boading pass"
I agree
[06:31]
mercutioi heard that police stop black people in the US way more often than white people. [06:32]
RandalSchwartzof course... more black people are involved in crime. :) :) [06:32]
mercutioprofile targetting often is kind of racist. [06:32]
RandalSchwartzyeah - that's why we can't do that in the US at the airport. only from squad cars. [06:33]
mercutiopoor people commit more "obvious" crimes. [06:33]
RandalSchwartzbut El Al airlines can do it just fine. they profile everyone that boards. [06:33]
mercutiorich people commit more hidden crimes.
off shore tax havens is kind of worse than petty theft.
[06:33]
RandalSchwartzI know. some white rich guy effectively has the equity that was in my house [06:34]
mercutiomonopolies, duopilies, price setting etc. [06:34]
RandalSchwartzstole $100k from me. but will I ever see him prosecuted? no.
so I walked on the loan, and have a spare bedroom of a friend, instead of a 5-bedroom house.
[06:34]
mercutiothe thing is, if you say that this stuff is bad.. it's too big a problem and too hard to track and follow for people to want to get involved with [06:35]
RandalSchwartzmy credit takes a hit. my net worth takes a hit. [06:35]
mercutioso instead it's down to petty theft etc. [06:35]
RandalSchwartzzactly [06:35]
mercutiodamn. [06:35]
RandalSchwartzok... shower time. [06:35]
mercutiothere's a problem here with people wrongly taking bills to debt collectors
for money that people didn't even owe.
screws up their credit rating, makes it hard for them to find somewhre to live etc.
someone won a court case over it recently.
i've heard so many billing problems with telecommunications stuff..
over a long period of time, and many different companies.
sometimes i wonder if it's on purpose because medium sized companies may not look over it properly
small the bill should be shorter and more obvious..
[06:35]
RandalSchwartzI think there are many problems and often the wrong people solving them. :) [06:52]
now to finish packing and get outta here. [06:58]
............................................ (idle for 3h39mn)
brycecmercutio: Thank you! I've argued with Randal in the past that PST is still defined even when it's not active. It's nice to know I'm not alone. [10:37]
m0undspdt = part of the year, pst = other part of the year? [10:39]
brycecYes, same as you have with mst/mdt [10:39]
m0undsthat's what i always assume when i see it
right
i don't think i've ever seen it abbreviated pt
just pst/pdt
[10:39]
brycecpt = part time, in my book :p [10:40]
m0undsyeah [10:40]
.... (idle for 19mn)
grodyp/t f/t is used here often [10:59]
.............. (idle for 1h8mn)
m0undsstaticsafe: have you played w/fasttrack routeros?
fasttrack in* routeros, rather
[12:07]
staticsafem0unds: not yet, not sure how to either
*) added ~fasttrack-connection~ firewall action in filter/mangle tables for marking connections as fasttrack;
oh
[12:12]
m0undsyeah, it doesn't work on all platforms but in true mikrotik fashion they don't say which ones don't support it
so i added the rule and deconfigured everything else (it says you can't use anything but hw queues and firewall rules w/conntrack) and it wouldn't work right
it showed the fasttrack rule was being hit by traffic, but nothing was categorized as such
what i gleaned from the documentation was that you need a rule to flag stuff as fasttrack and a separate rule to just accept the remainder of traffic that can't be flagged as such
[12:13]
staticsafehmm [12:27]
***m0unds__ has joined #arpnetworks
m0unds_ has quit IRC (Ping timeout: 264 seconds)
[12:41]
m0undsyeah, it's just broken on ppc hardware i guess
reset to factory, used the default rules they include on init (which includes a new fasttrack rule) and it still wasn't counting traffic
the bytes passed through the fasttrack rule incremented, but the counter for fasttrack itself in /ip settings didn't
[12:43]
***m0unds_ has joined #arpnetworks
m0unds__ has quit IRC (Ping timeout: 265 seconds)
[12:46]
m0undsoh well [12:47]
................. (idle for 1h21mn)
staticsafem0unds: can you paste me the default fasttrack rule? [14:08]
m0undssure, one sec
well, not the default but i can give you a link to the example they posted (i already reverted my config)
http://pastebin.com/kxiKjYzd
PDF is just some background on it
[14:08]
........... (idle for 54mn)
***hive-mind has joined #arpnetworks [15:03]
............... (idle for 1h14mn)
grodymmm mikrotik - my rb750 is collecting dust [16:17]
mercutiothe whole hardware nat thing on low end routers sucks
you need closed source drivers for switches that can do some hw nat off load (which i think can do normal forwarding too, but can rewrite ip's without you receiving the traffic afaik)
otherise you can't do anythig close to gigabit.
i was kind of hoping they'd just use faster cpu's
[16:23]
staticsafeNAT sucks [16:30]
mercutioyeh it does.
maybe ipv6 will take off
you never know :)
they need faster cpus for samba on home routers too
i think it's mostly about memory bandwidth being low
[16:32]
m0undsluckily for consumers, most consumer router mfgrs use closed source drivers [16:36]
grodyNAT is evil [16:37]
m0undsit's terrible [16:37]
grodyfortunately i have minimal use of NAT @home [16:37]
mercutiom0unds: that's not lucky for consumers. [16:38]
m0undsexplain
because for most people, you buy a box, you plug it in and it works
[16:38]
mercutioit is buggy
then it doesn't work :/
in some situations you have to disable the hardware nat or things break.
[16:39]
m0undsthe only person i know who regularly has issues with a shitty natbox is my buddy who uses a POS asus router [16:39]
mercutioif it was open source it'd probably break less. [16:39]
m0undsand in most cases, you don't even have a box to check to disable nat
and most people wouldn't /know/ to do that
[16:39]
BryceBotThat's what she said!! [16:39]
m0undshw nat, rather [16:39]
mercutiothe broadcom implementation is better than the atheros implementation i think. [16:40]
m0undsyou can turn off nat altogether, but the vast majority of home users aren't going to derp around with changing settings [16:40]
mercutioone of them is better than the other at least. [16:40]
m0undsthey'll just say "well shit, it broke" and buy another POS [16:40]
mercutiochanging hw nat changes more than just nat :/ [16:40]
m0undsthese are the same people who rent a modem from their ISP, which has a wlan device on it and then buy a router at best buy and run /both/ [16:40]
mercutioit's called hw nat but it does some other stuff too with regards to hw forwarding. [16:40]
m0undsand never know [16:40]
mercutioi suspect it's used for bridging too. [16:40]
m0undsi've never seen a checkbox to turn off hw nat except on tp-link stuff
and their stuff isn't popular in the us
[16:41]
mercutiobecause the ethernet card doesn't normally return payload and headers as separate chains.
ahh ok i have a tp-link router with a tickbox :)
i didn't know that tp-link weren't popular there.
they're apparently the most popular router brand around the world :/
[16:41]
m0undsi bought one for my in-laws because it was cheap and it replaced some POS linksis from 10 years ago that couldn't do more than 20mbit [16:41]
mercutiobecause they're really big in china.
they're all much of a muchness. you have atheros or broadcom.
tp-link vary quite a lot by model..
[16:42]
m0undsi bought them a c7
it was like $80
[16:42]
mercutiothat's what i'm using.
i have two of them :)
mine was like $80 then it was on special for like $60
so i got another.
[16:42]
m0undsthey're happy with it, it lets them use their provisioned speed (75mbit) [16:43]
mercutiothe first is running default firmware, the second is using openwrt. [16:43]
m0undshasn't crashed or anything since december [16:43]
mercutioyeh it'll do 200 megabit of nat easily without hw.
mine never crashes.
it also runs surprisingly cool
[16:43]
m0undsyea, noticed that too [16:43]
mercutioi don't know if you've touched it when it's been running
but you don't burn yourself touching the top.
[16:43]
m0undsthe linksys they had was brown on the bottom from heat [16:44]
mercutioyeh wireless routers running hot is really common, that's why i thought it was good to mention :) [16:44]
grodyhmm that has me curious now how much NAT traffic my pfSense can handle [16:44]
staticsafeRouterOS is very stable for me at home [16:44]
m0undsyea, these builds of 6.x are a lot, lot, lot better than 5.x and early 6.x [16:44]
mercutiorouteros seems to be most unstable when doing "weird" things or upgrades.
and weird can be something as simple as running queues :/
[16:44]
m0undsi think they like to add features to fulfill a "checkbox" on a product sheet, and never develop them, improve them or fix them
like mpls
they "support" mpls
[16:45]
grodyi used to have my rb750 bonding two DSL and an eDOCSIS (total of about 34mbps) - handled well until you maxed all the lines [16:45]
m0undsbut it's atrocious [16:45]
mercutiom0unds: i think the whole thing is atrocious myself :)
but it fills a niche.
[16:46]
grodyit's a pity openwrt has no support for the hw nat on this router [16:46]
mercutioand they put a lot more development into stuff than people like tp-link do [16:46]
grodybe curious to test [16:46]
mercutioi don't know why i careso much about 200 megabit+ nat performance
it's not like my internet can do 200 megabit.
[16:46]
m0undsthey have a really adversarial relationship w/customers [16:47]
mercutiobut using hw nat makes bridging go faster on archer c7, and openwrt is slower than normal firmware for bridging wireless ac to ethernet..
with no nat.
m0unds: you think?
[16:47]
m0undsjust thinking of stuff like one of their suppliers using the completely wrong capacitors on the power stage for an entire run of rb450gs [16:48]
mercutioi think they just have a lot of people with high expectations for a cheap low end product. [16:48]
m0undsand they refused to do anything to help [16:48]
mercutiom0unds: wow. [16:48]
m0undsjust referred everyone to their reseller [16:48]
mercutiothat sounds normal. [16:48]
m0undswell, it was a way for them to get out of handling it [16:48]
mercutioas much as i hate to say it, they probably don't want to deal with returns directly.
it's bigger companies that care more about maintaining an image and make more money that want to take on things like that.
[16:48]
m0undsaccording to the agreements w/most of the resellers, they couldn't even return these devices because there was nothing "Wrong" with them aside from using bad capacitors in them [16:49]
mercutiobut often it's only if they decide it's a big enough problem. [16:49]
m0undsso it was essentially, contact your reseller, they might replace it for you, then it goes in a landfill somewhere
but that's if they were willing to do it
[16:49]
mercutiowow.
that sucks.
[16:49]
m0undsyeah, pretty terrible - granted, not an expensive device, but for their screw up they should probably have eaten at least part of it
or set up a repair deal or something
because WISPs and stuff with tons of those devices in service were left in a shitty situation
[16:50]
BryceBotThat's what she said!! [16:50]
mercutioyeah
and wisp's and stuff that use those devices would be tempted to shift to something else
and use less of the more expensive boxes.
[16:50]
m0undsyep [16:51]
mercutioubiquity suck too though
they suck slightly differently
[16:51]
m0undseh, i think they at least sort of stand behind their stuff [16:51]
mercutiolike uap-ac routers?
they're shit :)
[16:51]
m0undshahaha [16:51]
staticsafethey are? [16:51]
mercutios/routers/access points/ [16:51]
BryceBot<mercutio> like uap-ac access points? [16:51]
m0undsi have a couple of their AC aps [16:51]
mercutiothey run hot
crash
[16:51]
m0undsit's what i use to cover my house [16:51]
mercutioand my one makes this annoying whirring noise when transferring data [16:51]
m0undsthe one upstairs had crashing issues, i warranty replaced it
haven't had issues with the replacement
[16:52]
mercutiothe archer c7 gives faster wireless perofrmance with better range.
and doesn't make an annoying whirring noise when transferring data.
[16:52]
m0undsbut i can't POE power it and mount it on my ceiling [16:52]
mercutiobecause it's too hot? [16:52]
m0undsno, an archer c7
hahaha
[16:52]
mercutiooh right
i'm apprehensive about ceiling mounting uap-ac
have you touched it?
[16:52]
m0undsyeah, it's warm but not obnoxiously so [16:53]
staticsafei use an AirPort Extreme, works just fine for me [16:53]
mercutioreally?
could you leave your finger there?
[16:53]
m0undsi'd have to get a ladder and hold my hand on it to find out
but it didn't seem warmer than anything else i've had ceiling mounted when i pulled the quirky one to replace it
[16:54]
mercutiointeresting
the only thing i've found close was this modem that was known for having overhaeting issues in summer
and people using fans on it.
modems use a lot less poewr than they used to
that modem only had 4mb or 8mb of ram too
and so would overload with nat
and it'd get short enugh on ram that the web interface was slow
for some reason i've found tp-link stuff has really fast web interfaces
but a lot of these interfaces are kind of hacked together
and there's been quite a few web exploits, and things like exploits you can do from going to a page that links to http://192.168.1.1...
[16:55]
.... (idle for 16mn)
staticsafei wonder if the archer c7 is an upgrade over the AirPort Extreme [17:14]
mercutioprobably.
They're both triple stream though
I'd wait for the newer stuff.
[17:16]
........ (idle for 36mn)
the tp-link stuff newer than c7 is broadcom adn less friendly with openwrt and shifted back to internal antennas though
i'd only really consider upgrading from one ac router to another ac router if you had range problems or needed two or such
the mean reason i upgraded was so i could run openwrt and to get rid of the whine while transferring data
[17:52]
mnathani_staticsafe: does the Airport Extreme require a Mac for configuration or is there a windows utility / web interface as well? [18:05]
...... (idle for 29mn)
how do I get the 'top' included with arch to sort by cpu usage? [18:34]
..... (idle for 21mn)
m0undsthere's a windows airport utility, iirc [18:55]
....... (idle for 30mn)
mercutiomna: p
err P
sorry, i do it without thinking :)
for some reason mtr is using a lot of cpu again
[19:25]
............ (idle for 59mn)
mnathani_mercutio: thanks
I have this tricky software situation, where I need to run something as root, its a python program GNS3. I am using archlinux, when I do chmod +s /usr/bin/python, the program lauches wierd with several sections missing. I can launch kde as root, and then GNS3 works, however google chrome does not work in that situation.
[20:24]
***Seji has quit IRC (*.net *.split)
qbit has quit IRC (*.net *.split)
mkb has quit IRC (*.net *.split)
sng has quit IRC (*.net *.split)
qbit has joined #arpnetworks
mkb has joined #arpnetworks
sng has joined #arpnetworks
sng has quit IRC (Changing host)
sng has joined #arpnetworks
qbit is now known as Guest10976
Seji has joined #arpnetworks
[20:29]
mnathani_plus I keep reading that its a really bad idea to run X=Server as root [20:37]
mercutioi wouldn't worry too much about that [20:50]
BryceBotThat's what she said!! [20:50]
mercutiojust don't mix desktop/server workloads for externally facing
if your local user account gets hacked you're screwed whatever you do
the number of processes running as other users on a desktop should be low anyway
[20:50]
mnathani_I dont worry about running stuff as root - I am careful not to do something stupid, however I like using google chrome which refuses to run as root [20:54]
mercutioohh i thought you meant the X server running as root
and using the normal system as a user
why are you logging in as root?
[20:54]
mnathani_x server included [20:54]
mercutioarch runs X server as root, openbsd doesn't.. [20:54]
mnathani_gns3 refuses to work as sudo via normal user [20:55]
mercutiowhy not?
si it X?
maybe it's not getting the X key passed through
[20:55]
mnathani_it opens a windows but the icons and navigation are missing [20:55]
mercutiogoogle it? [20:56]
mnathani_I tried
lots of older posts
not much recent stuff - specifically arch related
might be easier searching for a way to run chrome within root loging as normal user
[20:59]
............... (idle for 1h10mn)
***dj_goku_ has quit IRC (Remote host closed the connection) [22:10]
.... (idle for 15mn)
brycecmercutio: Arch runs X as $user brycec 1082 3.4 0.6 355780 102572 tty1 S<l Jun06 47:44 /usr/lib/xorg-server/Xorg -nolisten tcp :0 vt1 -auth /tmp/serverauth.8UUyW3ovGU
(That's off a fresh install as of yesterday)
And no, Xorg is not setuid either
[22:25]
mercutiobrycec: i don't find that,hmm..
am i doing something wrong somehow? :)
root 954 0.2 1.3 672168 217164 tty1 Ssl+ May15 95:20 /usr/lib/xorg-server/Xorg :0 -seat seat0 -auth /run/lightdm/root/:0 -nolisten tcp vt1 -novtswitch
[22:31]
brycecOhh you're starting a login manager from systemd? [22:32]
mercutioyeh [22:32]
brycecI login and startx [22:32]
mercutioi see.
yeah it's way easier with lightdm :)
as i can use the keyboard and mouse
with synergy..
so my synergy starts with lightdm..
[22:32]
brycecTry changing the service file for systemd to start it as a non-root user then. [22:33]
mercutioahh maybe i will. as you see i don't restart X that often.
i thought linux was still behind on that though, at least the defaults are behind..
[22:36]
brycecI can't speak to other distros, and Arch is very much a "assemble it yourself" thing with no room for defaults (as this weekend's fresh install has reminded me)
But Linux has been capable for a number of years. All about permissions.
[22:38]
mercutioi kind of want something in betwen ubuntu and arch
arch still isn't that great for servers.
it's not really that bad for servers though.
it's just bad enough to create a few complications..
[22:41]
...... (idle for 28mn)
brycecbrycec prepares to run an SSD secure erase on a live system :D
It's way more fun than it should be to erase an OS out from under itself.
It's sortof like catastrophic drive failure, only it's intentional :p
[23:11]
mercutioso systemd has it's own ntp client now [23:16]
brycec*its
:p
[23:16]
mercutiobrycec: a lot of systems lock ssd secure erase out
adn you have to hotswap the drive to do it...
[23:16]
BryceBotThat's what she said!! [23:16]
brycecmercutio: or suspend+resume
which is the trick that worked for me
[23:17]
mercutioahh
same diff in the end i suppose
[23:17]
brycecwhich is good because I can't get at the physical drives currently. [23:17]
mercutioit's bloody annoying [23:17]
brycecI approve of it though. Sure it doesn't prevent all forms of data loss, but at least it's something to prevent some rogue virus from wiping your drive or locking you out of it. [23:18]
mercutioyeah i suppsoe
if there was an easy to fix it it wouldn't be so bad.
[23:18]
brycecBut then it wouldn't be physically secure :p [23:19]
mercutioi never thought of suspend
i don't even know how to suspend in linux
[23:19]
m0undsentomb it in concrete and bury it in your yard [23:19]
brycecpm-suspend [23:19]
m0undsthat's what i do to secure my drives [23:19]
mercutiois it just single press on power button? [23:19]
brycechttps://wiki.archlinux.org/index.php/SSD_memory_cell_clearing
mercutio: pm-suspend works for me
[23:19]
mercutiocool. [23:19]
brycecm0unds: Yes well I wasn't looking for "security" so much as "full wipe for new OS install" [23:20]
m0undsit's more convenient to just wipe than to bury a disk in your yard
it's hard to figure out which hole belonged to which disk
[23:20]
mercutiosecure erase is still good for performance
it's kind of annoying
[23:20]
brycecExactly why I secure erased instead of just formatting :p Full reset on performance. [23:21]
m0undsit's really annoying to unearth a disk entombed in concrete only to find out it's a backup from 2001
takes hours to chisel it out
[23:21]
***andol has left [23:30]
mercutioi had secure erase a samsung evo to get peformance back (with the new firmware) [23:35]
milkim0unds: you dont label the holes? [23:37]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)