00:02.04 | fsmithred | yeah |
00:02.36 | fsmithred | in /usr/share/weather-util/stations.gz, I changed the url in all the metar lines |
00:02.40 | fsmithred | looks like this: |
00:02.42 | fsmithred | metar = http://tgftp.nws.noaa.gov/data/observations/metar/decoded/AYGN.TXT |
00:02.58 | fsmithred | also may have changed it in one place in weather.py |
00:03.07 | fsmithred | or that may have changed automatically - I'm not sure |
00:04.29 | fsmithred | the change is the same on every line, only the last part (station ID) is different. |
00:04.37 | fsmithred | I did them all with sed -i something-or-other |
00:05.06 | DocScrutinizer05 | BRRRR http://tgftp.nws.noaa.gov/data/observations/metar |
00:05.10 | DocScrutinizer05 | dang |
00:05.16 | DocScrutinizer05 | http://tgftp.nws.noaa.gov/data/observations/metar/decoded/EDDN.TXT |
00:05.57 | DocScrutinizer05 | waaay tooOoooOOOoo c-c-c-cooOOoolDdd_d_d |
00:06.03 | fsmithred | wow, I didn't know it was that cold there |
00:06.57 | DocScrutinizer05 | walking outside, it hits you like a bus |
00:07.35 | DocScrutinizer05 | a 30 to 40 centigrade more would be appreciated |
00:07.59 | DocScrutinizer05 | even 50 are still OK |
00:08.38 | fsmithred | lol |
00:09.10 | fsmithred | here's the bug report. It says it's been fixed upstream, but I don't see any newer version in jessie or ascii |
00:09.12 | fsmithred | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835264 |
00:09.19 | DocScrutinizer05 | well, maybe not at night 1:09 |
00:09.52 | DocScrutinizer05 | I sent Tim the chanlog link, so he can look it all up |
00:10.14 | DocScrutinizer05 | I barely can *read* perl anyway |
00:10.57 | DocScrutinizer05 | do blabla UNLESS xy,; #WTF?!' a snytax is that? |
00:11.11 | *** join/#devuan Obri` (daniel@sonne.alt-f4.ch) |
00:11.29 | golinux | Weather has what to do with devuan? |
00:11.35 | *** join/#devuan rleigh (~rleigh@134.36.162.219) |
00:11.35 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
00:11.36 | fsmithred | nobody can read perl - it's a write-only language |
00:11.40 | fsmithred | has to do with #devuan |
00:12.19 | golinux | infobot is useless noise |
00:12.39 | DocScrutinizer05 | don't go bitching about people *talking* about the bot, please! |
00:12.58 | DocScrutinizer05 | you're doin g it yourself! |
00:14.05 | DocScrutinizer05 | actually we even talk about a API change in larger internet |
00:14.39 | DocScrutinizer05 | totally irrelevant that aPI is for NOAA |
00:15.43 | *** join/#devuan Obri (daniel@sonne.alt-f4.ch) |
00:16.29 | DocScrutinizer05 | if you need 'the bandwidth' for some more relevant and urgent topic, please go ahead, we'll hush immediately |
00:18.43 | *** join/#devuan Martin89 (~martin89@s1.netz1984.de) |
00:20.14 | fsmithred | weather-util doesn't show up in ceres |
00:20.45 | djph | didn't the weather-util package get borken |
00:20.55 | fsmithred | author said new version was in the works back in August |
00:21.02 | DocScrutinizer05 | LOL |
00:21.02 | fsmithred | yeah, there's an easy fix |
00:21.24 | fsmithred | just change the links it uses |
00:21.39 | DocScrutinizer05 | see http://tgftp.nws.noaa.gov/data/observations/metar/decoded/EDDN.TXT |
00:21.45 | DocScrutinizer05 | looks pretty simple |
00:21.46 | djph | yeah, I downloaded the source / fixed zips / etc. seems the copy in the repos is simply outdated |
00:22.23 | fsmithred | put it on git.devuan.org and maybe it will get put in the official repo |
00:22.34 | DocScrutinizer05 | :-)) |
00:22.44 | fsmithred | and we can be upstream from debian |
00:22.56 | DocScrutinizer05 | and OT again ;-) |
00:37.25 | DocScrutinizer05 | On Toppic, here |
00:38.30 | fsmithred | ? |
00:51.12 | DocScrutinizer05 | fsmithred: >>put it on git.devuan.org and maybe it will get put in the official repo. and we can be upstream from debian<< is clearly 100% on topic for #devuan ;-) |
01:04.55 | *** join/#devuan freedom01 (~freedom@121.54.39.155) |
01:07.33 | *** join/#devuan blueness (~blueness@gentoo/developer/blueness) |
01:12.15 | fsmithred | if it gets adopted, that'll be one more thing that works in devuan but doesn't work in debian |
01:12.52 | fsmithred | "other" because I already discovered that live-boot works with 4.x kernel better in devuan than in debian |
01:13.35 | fsmithred | maybe live-boot, maybe something else used to make live iso - not sure what |
01:14.09 | *** join/#devuan alk` (~alk@93-44-86-43.ip96.fastwebnet.it) |
01:31.02 | *** join/#devuan DocScrutinizer05 (~saturn@openmoko/engineers/joerg) |
02:06.12 | *** join/#devuan dardevelin (~dardeveli@unaffiliated/dardevelin) |
02:09.17 | *** join/#devuan ttr (ttr@pl.ttrsite.net) |
02:11.06 | *** join/#devuan Obri (daniel@sonne.alt-f4.ch) |
02:12.42 | *** join/#devuan rleigh (~rleigh@134.36.162.219) |
02:12.42 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
02:53.22 | *** join/#devuan Drugo (~Drugo@host28-132-dynamic.7-87-r.retail.telecomitalia.it) |
02:57.04 | *** join/#devuan Humpelstilzchen (erik@x4e36b607.dyn.telefonica.de) |
03:01.48 | *** join/#devuan Hoshpak (~Hoshpak@p2003005B4B53DD00BCCEF07FA0764064.dip0.t-ipconnect.de) |
03:07.20 | *** join/#devuan pcg_b (~pcg_b@112-121-181-66.dsl.sacoriver.net) |
03:26.05 | *** join/#devuan furrywolf (~randyg@70-1-20-86.pools.spcsdns.net) |
03:33.17 | *** join/#devuan Bryanstein (~Bryanstei@shellium/admin/bryanstein) |
04:07.15 | *** join/#devuan freedom0101 (~freedom@121.54.39.154) |
04:09.29 | *** join/#devuan freedom012 (~freedom@121.54.39.152) |
04:13.55 | *** join/#devuan rleigh (~rleigh@134.36.162.219) |
04:13.55 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
04:17.18 | *** join/#devuan freedom01 (~freedom@121.54.39.153) |
04:46.03 | *** join/#devuan knidos (~knidos@78.174.107.3) |
05:13.19 | *** join/#devuan alk` (~alk@93-44-86-43.ip96.fastwebnet.it) |
05:15.44 | *** join/#devuan DocScrutinizer05 (~saturn@openmoko/engineers/joerg) |
05:45.55 | *** join/#devuan Obri` (daniel@sonne.alt-f4.ch) |
05:48.56 | *** join/#devuan Obri (daniel@sonne.alt-f4.ch) |
05:53.41 | *** join/#devuan justinsm (~justinsm@82-69-63-196.dsl.in-addr.zen.co.uk) |
06:06.42 | *** join/#devuan scartozzo1 (~flavio@2-238-140-4.ip244.fastwebnet.it) |
06:15.09 | *** join/#devuan rleigh (~rleigh@134.36.162.219) |
06:15.09 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
06:24.36 | *** join/#devuan triffid (~triffid@pool-173-66-84-124.washdc.fios.verizon.net) |
06:49.36 | *** join/#devuan AlexLikeRock (~AlexLikeR@unaffiliated/alexlikerock) |
07:02.44 | *** join/#devuan thrasymachus (~mpurcell@c-98-225-21-53.hsd1.wa.comcast.net) |
07:07.28 | *** join/#devuan giricz81 (~giricz81@ip4-83-240-38-90.cust.nbox.cz) |
07:23.31 | *** join/#devuan freedom01 (~freedom@121.54.39.155) |
08:02.00 | *** join/#devuan Besnik_b (~Besnik@athedsl-4367675.home.otenet.gr) |
08:16.19 | *** join/#devuan rleigh (~rleigh@134.36.162.219) |
08:16.20 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
08:21.49 | *** join/#devuan Obri (daniel@sonne.alt-f4.ch) |
08:42.44 | *** join/#devuan AntoFox (~Thunderbi@dynamic-adsl-78-12-57-144.clienti.tiscali.it) |
09:15.01 | *** join/#devuan Levure (~quassel@91.181.239.93) |
09:18.14 | *** join/#devuan amphi (~amphi@100.red-79-157-62.dynamicip.rima-tde.net) |
09:35.06 | *** join/#devuan chimay (~chimay@unaffiliated/chimay) |
09:54.01 | *** join/#devuan freedom01 (~freedom@121.54.39.153) |
09:54.34 | *** join/#devuan aitor (~aitor@114.62-99-112.dynamic.clientes.euskaltel.es) |
09:57.28 | aitor | Centurion_Dan: are you there? |
09:57.55 | aitor | or golinux or jaromil? |
09:59.03 | *** join/#devuan davec_ (~davec@host-69-145-45-32.shr-wy.client.bresnan.net) |
10:00.52 | *** join/#devuan kraiskil (~kraiskil@a91-156-135-134.elisa-laajakaista.fi) |
10:02.56 | aitor | here you are a purpy theme for slim: |
10:03.12 | aitor | gnuinos.org/slim |
10:06.30 | aitor | i'll be back in a few minutes |
10:09.58 | *** join/#devuan Obri` (daniel@sonne.alt-f4.ch) |
10:17.32 | *** join/#devuan rleigh (~rleigh@134.36.162.219) |
10:17.32 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
10:20.08 | *** join/#devuan giricz81 (~giricz81@ip4-83-240-38-90.cust.nbox.cz) |
10:26.16 | *** join/#devuan aitor (~aitor@114.62-99-112.dynamic.clientes.euskaltel.es) |
10:26.21 | aitor | hi again |
10:48.19 | *** join/#devuan aitor (~aitor@114.62-99-112.dynamic.clientes.euskaltel.es) |
10:53.44 | *** join/#devuan blueness (~blueness@gentoo/developer/blueness) |
10:54.36 | *** join/#devuan urigi (25c9f056@gateway/web/freenode/ip.37.201.240.86) |
10:55.04 | urigi | Hi! Is it possible to use devuan repository with Ubuntu? |
10:55.26 | urigi | 14.04 |
10:55.58 | *** join/#devuan Pali (~pali@Maemo/community/contributor/Pali) |
10:59.45 | KatolaZ | urigi: mixing deb repositories from different distributions is normally a bad idea |
10:59.59 | KatolaZ | it is possible, but you mess-up you are alone |
11:01.22 | urigi | okay, thanks! |
11:15.10 | *** join/#devuan xes_ (~xes@unaffiliated/xes) |
11:18.01 | *** join/#devuan Spagno (~Spagno@2.229.195.21) |
11:22.39 | *** join/#devuan xes__ (~xes@unaffiliated/xes) |
11:25.16 | *** join/#devuan xes (~xes@unaffiliated/xes) |
11:31.15 | *** join/#devuan devil (~quassel@vmd16322.contabo.host) |
11:34.53 | *** join/#devuan Achylles (~Achylles@191.8.110.49) |
12:15.40 | *** join/#devuan SylvieLorxu (~TheLastPr@ip-213-127-80-157.ip.prioritytelecom.net) |
12:18.18 | *** join/#devuan cyteen (~cyteen@83.51.198.146.dyn.plus.net) |
12:18.48 | *** join/#devuan rleigh (~rleigh@134.36.162.219) |
12:18.48 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
12:26.57 | *** join/#devuan Obri (daniel@sonne.alt-f4.ch) |
12:43.34 | *** join/#devuan ltem (~panta@h081217057026.dyn.cm.kabsi.at) |
13:01.11 | *** join/#devuan snux (~snux@net-37-182-133-101.cust.vodafonedsl.it) |
13:34.28 | *** join/#devuan OmegaPhil (~kvirc@62.212.72.243) |
13:34.28 | *** join/#devuan OmegaPhil (~kvirc@fsf/member/OmegaPhil) |
13:35.19 | *** join/#devuan OmegaPhil (~kvirc@62.212.72.243) |
13:35.19 | *** join/#devuan OmegaPhil (~kvirc@fsf/member/OmegaPhil) |
13:35.49 | *** join/#devuan OmegaPhil (~kvirc@62.212.72.243) |
13:35.49 | *** join/#devuan OmegaPhil (~kvirc@fsf/member/OmegaPhil) |
13:48.36 | *** join/#devuan justinsm (~justinsm@82-69-63-196.dsl.in-addr.zen.co.uk) |
14:03.50 | *** join/#devuan AntoFox (~Thunderbi@dynamic-adsl-78-12-57-144.clienti.tiscali.it) |
14:19.58 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
14:33.22 | *** join/#devuan kraiskil (~kraiskil@a91-156-135-134.elisa-laajakaista.fi) |
14:50.57 | *** join/#devuan john280z (~johnm@user-0ce2k3h.cable.mindspring.com) |
15:07.28 | *** join/#devuan yann-kaelig (~inyan@89-64-55-238.dynamic.chello.pl) |
15:08.20 | *** join/#devuan IoFran (~Icedove@189.231.21.160) |
15:19.22 | *** join/#devuan Achylles (~Achylles@191.8.110.49) |
15:25.47 | *** join/#devuan cyteen (~cyteen@250.208.93.209.dyn.plus.net) |
15:26.58 | *** join/#devuan AlexLikeRock (~AlexLikeR@unaffiliated/alexlikerock) |
15:35.54 | *** join/#devuan golinux (~golinux@unaffiliated/golinux) |
15:37.30 | *** join/#devuan TwistedFate (~TwistedFa@unaffiliated/twistedfate) |
15:49.01 | *** join/#devuan furrywolf (~randyg@70-7-48-250.pools.spcsdns.net) |
16:14.39 | *** join/#devuan DeFender1031 (~DeFender1@89-138-171-187.bb.netvision.net.il) |
16:17.39 | *** join/#devuan regulus (~regulus@unaffiliated/regulus) |
16:18.46 | golinux | aitor: Thanks. But there is already a purpy theme for slim that will be in the RC: https://git.devuan.org/hellekin/slim/tree/suites/jessie/debian/devuan-curve :) |
16:19.48 | *** join/#devuan wildlander (~wildlande@unaffiliated/wildlander) |
16:21.13 | *** join/#devuan rleigh (~rleigh@134.36.162.219) |
16:21.13 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
16:23.54 | *** join/#devuan Achylles (~Achylles@191.8.110.49) |
16:48.20 | *** join/#devuan giricz81 (~giricz81@ip4-83-240-38-90.cust.nbox.cz) |
16:48.31 | *** join/#devuan mns` (b156ff05@gateway/web/freenode/ip.177.86.255.5) |
16:52.00 | *** join/#devuan AlexLikeRock (~AlexLikeR@unaffiliated/alexlikerock) |
17:22.04 | Centurion_Dan | o/ |
17:22.59 | *** join/#devuan ltem (~panta@h081217057026.dyn.cm.kabsi.at) |
17:23.33 | Centurion_Dan | golinux - new desktop-base and xfce-settings in jessie-proposed |
17:23.54 | Centurion_Dan | should now properly set the theme. |
17:29.20 | *** join/#devuan mobinmob (~mobinmob@2a02:582:7421:e200:5a85:98bd:f5b6:3baf) |
17:33.13 | golinux | Centurion_Dan: Nice. Will get to it after b'fast |
17:37.40 | *** join/#devuan Guest3341 (~Guest3341@83.220.236.111) |
17:38.15 | *** part/#devuan Guest3341 (~Guest3341@83.220.236.111) |
18:03.48 | *** join/#devuan Achylles (~Achylles@200-158-230-224.dsl.telesp.net.br) |
18:19.59 | *** join/#devuan wulllst (~msi@dslb-178-008-116-029.178.008.pools.vodafone-ip.de) |
18:22.25 | *** join/#devuan rleigh (~rleigh@134.36.162.219) |
18:22.25 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
18:25.52 | *** join/#devuan jaromil (~jaromil@chat.dyne.org) |
18:25.52 | *** join/#devuan jaromil (~jaromil@unaffiliated/jaromil) |
18:38.44 | *** join/#devuan cyteen (~cyteen@250.208.93.209.dyn.plus.net) |
18:50.37 | *** join/#devuan Besnik_b (~Besnik@athedsl-219942.home.otenet.gr) |
18:58.06 | *** join/#devuan Besnik_b (~Besnik@athedsl-219942.home.otenet.gr) |
19:15.29 | *** part/#devuan wulllst (~msi@dslb-178-008-116-029.178.008.pools.vodafone-ip.de) |
19:18.40 | *** join/#devuan aqu4 (~aqu4bot@unaffiliated/subsen/bot/aqu4) |
19:24.02 | *** join/#devuan D-HUND (~debdog@2a02:8070:45c2:e600:7a24:afff:fe8a:d04d) |
19:29.35 | *** join/#devuan Akuli (~Akuli@mobile-access-bceedb-130.dhcp.inet.fi) |
20:23.40 | *** join/#devuan rleigh (~rleigh@134.36.162.219) |
20:23.40 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
20:31.48 | *** join/#devuan furrywolf (~randyg@70-6-186-40.pools.spcsdns.net) |
20:54.57 | *** join/#devuan DocScrutinizer05 (~saturn@openmoko/engineers/joerg) |
21:21.27 | *** join/#devuan aqu4 (~aqu4bot@unaffiliated/subsen/bot/aqu4) |
21:21.40 | *** join/#devuan IoFran (~Icedove@189.231.16.156) |
21:36.05 | DocScrutinizer05 | could anybody share a pointer to 2networking for total noobs" please? :-S I'm dealing with netfilters and route and ifconfig since literally decades, but now I'm lost in connecting two subnets on a router system |
21:36.53 | DocScrutinizer05 | seems I lack some few elementary details in how that whole network stuff works |
21:38.36 | *** join/#devuan Xenguy (~Xenguy@206-47-117-175.dsl.ncf.ca) |
21:41.22 | KatolaZ | DocScrutinizer05: what is the problem? |
21:43.02 | DocScrutinizer05 | I want a subnet 192.158.69.0/24 on eth2 of a ERpro8, and I want it reachable from br0 (eth1,3,4,5) |
21:43.34 | DocScrutinizer05 | sorry s/158/168/ |
21:44.01 | DocScrutinizer05 | br0=192.158.4.0/24 |
21:44.04 | DocScrutinizer05 | sorry s/158/168/ |
21:44.07 | DocScrutinizer05 | ohmy |
21:44.12 | Xiaoman | A router has a routing table. If the kernel forwards packages for IPv4, then when it recieves a package not destined to its interfaces it looks in its routing table and shoves the package out the proper interface to the next hop. |
21:44.55 | DocScrutinizer05 | and when one of the interfaces *has* the right IO/mask? |
21:45.09 | Xiaoman | The machine will route packages for anything it knows about if forwarding is enabled. |
21:45.10 | DocScrutinizer05 | then I don't need a routing entry? |
21:45.24 | Xiaoman | If it knows about something it is in the routing table. |
21:45.32 | Xiaoman | If it isn't in the routing table it doesn't know about it. |
21:46.11 | DocScrutinizer05 | http://paste.opensuse.org/59559988 |
21:46.27 | DocScrutinizer05 | so everything looks fine, no? |
21:49.53 | Xiaoman | If that system forwards packets (did I call them packages before? wow) then it should forward between those subnets, yeah. |
21:49.59 | DocScrutinizer05 | actually yes, everything looks just fine: http://paste.opensuse.org/77474516 |
21:50.13 | Xiaoman | What is your exact issue? |
21:50.19 | DocScrutinizer05 | so why the heck is my printer not available via http:// anymore? |
21:50.41 | DocScrutinizer05 | printer = 192.168.69.23 |
21:50.49 | Xiaoman | There could be a million reasons. |
21:51.43 | Xiaoman | The routed path seems legit, which suggest a filtering, service or configuration problem... Not related to the routing side of things. |
21:52.12 | Xiaoman | tcpdump is your friend. |
21:53.56 | DocScrutinizer05 | ta |
21:54.31 | justinsm | and nmap |
21:55.09 | Xiaoman | justinsm: nc 192.168.69.23 80, does that function in this case :) |
21:57.22 | *** join/#devuan cyteen (~cyteen@250.208.93.209.dyn.plus.net) |
21:58.17 | DocScrutinizer05 | do you think a "IP: 192.168.69.23; gateway: 0.0.0.0" on the DHCP configured printer (local printer display) looks fishy? |
21:59.40 | DocScrutinizer05 | shouldn't that maybe rather be gateway:192.168.69.1 ? |
21:59.44 | Xiaoman | Not necessarily, since I assume it is trash software. |
22:00.29 | Xiaoman | Could be it shows the catch-all routing entry. |
22:00.50 | Xiaoman | If you can ping it _over the router_ then it obviously has a 0/0 pointing to the router. |
22:01.05 | Xiaoman | In which case all is fine. |
22:02.17 | Xiaoman | But if you ping it over a switched network (and it works like now), you might be fooled to think it actually is the 0/0 it shows, in which case it is wrong. |
22:02.21 | DocScrutinizer05 | isn't ping mere ARP? |
22:02.29 | Xiaoman | No. |
22:02.51 | Xiaoman | A "normal" ping is a part of the TCP/IP suite/standard. |
22:03.08 | Xiaoman | There is such a thing as ARP Ping thingy, but I haven't seen anyone use them. |
22:04.05 | DocScrutinizer05 | know what? :-/ -.- Browser had dunnowhat friggin persistent data (port number? plus NAT session in router?) |
22:04.17 | DocScrutinizer05 | restarted browser and it works |
22:04.21 | DocScrutinizer05 | headdesks |
22:04.36 | Xiaoman | >filtering, service or configuration problem |
22:04.41 | Xiaoman | Damn, thought I had everything covered. |
22:05.28 | Xiaoman | Confirmed: Your printer has shitty as fuck software. |
22:05.52 | Xiaoman | (display showing correct information in the wrong place) |
22:06.54 | DocScrutinizer05 | I *guess* first time browser opened a connection localhost:42424 -> 192.168.69.23, it created a NAT session for localhost:42424<->${internet}:80 |
22:07.30 | DocScrutinizer05 | oh, of course I also fixed the gateway manually at printer |
22:08.26 | DocScrutinizer05 | (NAT session) and that prolly took precedence over a later added local NIC with IP:192.168.69.1/24 |
22:08.49 | DocScrutinizer05 | ohmy |
22:09.06 | *** join/#devuan Obri (daniel@sonne.alt-f4.ch) |
22:09.32 | DocScrutinizer05 | prolly the gateway is largely irrelevant, as you already said |
22:09.40 | KatolaZ | sorry DocScrutinizer05 |
22:09.47 | KatolaZ | I am back now |
22:09.54 | KatolaZ | have you solved the problem? |
22:10.09 | DocScrutinizer05 | np, seems I found the bug: it's me ;-) |
22:10.14 | KatolaZ | :) |
22:10.29 | KatolaZ | very good (that you found the bug!) |
22:10.50 | DocScrutinizer05 | prolly no bug |
22:11.11 | DocScrutinizer05 | just a dang "persistent" NAT session |
22:12.24 | DocScrutinizer05 | does a little victory dance, since it turned out his concept of how networking works wasn't that much off from reality as it seemed |
22:13.01 | DocScrutinizer05 | and NOW I can finally block internet access for that damn Printer |
22:13.48 | DocScrutinizer05 | question: I assume the routing table is 'global', in that all NICs use it? |
22:15.32 | DocScrutinizer05 | or let me put it this way: no matter which network and interface a package comes in from, they all are filled into the one large pot and distributed from there according to NIC IP addr/mask, routing table, and finally firewall rules? |
22:17.35 | KatolaZ | DocScrutinizer05: if you don't have an iptables rule which says otherwise, then yes, the routing decision does not depend on the device from which the packet has come |
22:18.04 | DocScrutinizer05 | iptables rule = firewall rule, right? |
22:18.20 | KatolaZ | well, iptables is not just a firewall |
22:18.25 | DocScrutinizer05 | sure |
22:18.27 | KatolaZ | is more a packet filtering system :) |
22:18.27 | Xiaoman | The decision chain of a packet is a little more complicated, but yes, all packets and interfaces are equal in the eyes of the kernel and routing table. |
22:18.50 | DocScrutinizer05 | thanks a lot pals! |
22:18.54 | DocScrutinizer05 | :-) |
22:19.51 | DocScrutinizer05 | I think I finally can improve my LAN to forbid each crappy "IoT" appliance to call home, receive exploits from internet, and spy my whole LAN |
22:20.31 | DocScrutinizer05 | honestly, why the heck does the Printer need access to internet? |
22:21.16 | Xiaoman | How else are you going to link with the google printing cloud thing? :D |
22:21.23 | DocScrutinizer05 | and I'd rather put that android device on its own network with no access at all to the other devices in LAN, it *only* needs access to internet |
22:21.30 | KatolaZ | DocScrutinizer05: ??? |
22:21.32 | Xiaoman | Or receives those "important security updates" from the US? :D |
22:21.41 | DocScrutinizer05 | yeah |
22:22.02 | KatolaZ | if you don't NAT ports explicitly from your router, then nothing inside your LAN is reachable from "the Internet" |
22:22.42 | DocScrutinizer05 | well, except those appliances like the printer, that call out to unknown IPs in the wild |
22:22.52 | Xiaoman | KatolaZ: In common PAT implementations, the NAT for each device is automatically reflexive for sessions established from the inside. |
22:23.09 | DocScrutinizer05 | they are not exactly "reachable" but they have a connection to the internet |
22:23.33 | Xiaoman | Or just wait until all your Internet of Shit starts doing NAT punching. |
22:24.04 | sixwheeledbeast | Generally outbound is allowed on most domestic setups, then there's uPnP too |
22:24.14 | DocScrutinizer05 | yeah |
22:24.19 | KatolaZ | well, they are not "technically" reachable from the Internet |
22:24.22 | DocScrutinizer05 | uPnP my ass |
22:24.27 | Xiaoman | When will the first IoT device run a tor hidden service for getting secure updates? |
22:24.27 | KatolaZ | they have made a connection to a server |
22:24.37 | DocScrutinizer05 | yes |
22:24.38 | KatolaZ | which is something you usually want to happen |
22:24.42 | KatolaZ | :) |
22:24.50 | KatolaZ | anyway, happy to hear that you found the problem |
22:24.51 | *** join/#devuan rleigh (~rleigh@unaffiliated/rleigh) |
22:24.52 | DocScrutinizer05 | no, i don't. For the printer |
22:24.52 | KatolaZ | :) |
22:24.56 | sixwheeledbeast | P2P connection |
22:25.03 | DocScrutinizer05 | neither for my home automation |
22:25.42 | DocScrutinizer05 | and for android, I want internet acces but absolutely no LAN access |
22:25.51 | *** join/#devuan blueness (~blueness@gentoo/developer/blueness) |
22:28.14 | DocScrutinizer05 | maybe I should mention I looked for an IP camera, and that gave me nausea |
22:28.38 | DocScrutinizer05 | http://foscam.us/forum/foscam-dialing-out-to-suspect-hosts-t17699-40.html#p70740 |
22:29.18 | DocScrutinizer05 | heck, when I want that critter to be exposed to internet, then *I* do that |
22:30.33 | DocScrutinizer05 | I don't want my printer, my homematic, my camera all calling home for some weird 'services' that "users expect to work OOTB" |
22:31.03 | DocScrutinizer05 | "google printing cloud thing" |
22:31.08 | DocScrutinizer05 | pukes |
22:31.29 | Xiaoman | It's a thing, look it up. |
22:31.47 | DocScrutinizer05 | I even heard of it, I think. Yes |
22:31.48 | Xiaoman | Or don't, I don't want you to get a heart attack before I can get my hands on a Neo900. |
22:31.55 | DocScrutinizer05 | doesn't make it less disgusting |
22:31.58 | *** join/#devuan pencilandpaper (~penciland@unaffiliated/pencilandpaper) |
22:33.00 | DocScrutinizer05 | I already pondered to print fuckfingers on arbitrary net exposed printers ;-) |
22:34.35 | DocScrutinizer05 | https://www.shodan.io FTW |
22:35.12 | DocScrutinizer05 | https://www.shodan.io/search?query=linux+upnp+avtech |
22:36.00 | DocScrutinizer05 | https://www.shodan.io/search?query=Server%3A+SQ-WEBCAM |
22:46.06 | DocScrutinizer05 | avtech still works great with admin admin |
22:47.19 | DocScrutinizer05 | once you got access, you also could 'update' the firmware of those avtech cams, to make it a nice LAN-internal spy |
22:49.14 | DocScrutinizer05 | ponders walking downtown, every now and then shouting "OK GOOGLE! delete all phonebook entries!" |
22:49.15 | *** join/#devuan dardevelin (~dardeveli@unaffiliated/dardevelin) |
23:00.09 | DocScrutinizer05 | a question with tongue in cheek a bit: does a /31 network make any sense? |
23:00.25 | sixwheeledbeast | avtech, yuk. I hated that stuff 10 years ago |
23:03.08 | Xiaoman | No. |
23:03.34 | Xiaoman | /32 for host. /30 is the next step. |
23:04.12 | Xiaoman | /31 is equilivant to /32 except for a broadcast to the host, which... Has no purpose in the context. |
23:05.38 | Xiaoman | /30 Wastes an address if you only need it for a single link network, but that is one of the reasons why IPv4 is shitty. |
23:16.18 | DocScrutinizer05 | HAH!! http://wstaw.org/m/2017/01/08/plasma-desktopx17764.png |
23:19.09 | DocScrutinizer05 | and why did nobody invent "equilivant" yet? I'm surprised and bow down to Xiaoman's creativity :-) |
23:19.11 | *** join/#devuan bman_ (~bman@cpe-70-117-65-153.austin.res.rr.com) |
23:20.06 | DocScrutinizer05 | or wait, is it actually a 'valid' word already? |
23:20.40 | Xiaoman | Spelling is hard. |
23:21.38 | DocScrutinizer05 | :-D |
23:21.43 | Xiaoman | Equivalent. |
23:21.58 | DocScrutinizer05 | I think if this word isn't 'official' yet, it should be asap |
23:22.28 | Xiaoman | It's how I'm saying it in my head everytime I forgot how to say the real word. |
23:23.53 | DocScrutinizer05 | looks just too good to believe it wasn't 'true'. Maybe ancient english |
23:24.45 | DocScrutinizer05 | like "resplended" |
23:26.03 | DocScrutinizer05 | sorry, replendent |
23:30.19 | DocScrutinizer05 | 2nd HAH! http://wstaw.org/m/2017/01/08/plasma-desktopY17764.png |
23:33.30 | *** join/#devuan cyteen (~cyteen@250.208.93.209.dyn.plus.net) |
23:36.14 | Xiaoman | Well, I do talk a language that is one of the bases of English ;) |
23:36.41 | KatolaZ | Xiaoman: latin? :) |
23:38.34 | Xiaoman | :) |