--- Log opened Fri Jul 13 00:00:36 2018
00:04 < spaces> varesa yoyoy!
00:04 < spaces> how are you doing ?
00:04 < mib_mib_> varesa: well - let me figure out how to get that part to work - since tunnelling all traffic isn't going to work for me now
00:05 < varesa> spaces: working (or chatting on IRC when I'm supposed to be working)
00:06 < varesa> not like here is much to do when customers and own employees alike are having vacations
00:06 < spaces> varesa perfect combination :P keep it leveled the IRC side
00:06 < spaces> varesa heh, always the same
00:07 < mib_mib_> varesa: so check this out - this is netstat -nr on the client while connected to the VPN
00:07 < mib_mib_> varesa: https://pastebin.com/PsbXT2bp
00:08 < varesa> what's the ip of utun1? And what's the IP of the server?
00:09 < varesa> those first two routes seem a bit weird
00:10 < mib_mib_> do you mean the public or private
00:10 < mib_mib_> i'd prefer not to disclose the public ip if possible =d
00:11 < mib_mib_> varesa: how do i find the ip of utun1
00:11 < varesa> the tunnel IP of the VPN server
00:11 < varesa> e.g. 10.8.0.x?
00:11 < varesa> try ifconfig (not sure what works on macos and what doesn't)
00:13 < mib_mib_> varesa: so: https://tunnelblick.net/cConnectedBut.html#if-openvpn-is-connected-to-the-server-but-your-ip-address-does-not-change according to this, it reccomends 'pushing' the data from the VPN to the client
00:14 < varesa> mib_mib_: that is only setting the "tunnel all traffic through VPN" which you've already tried but don't want
00:14 < mib_mib_> varesa: yah utun1 is 10.8.0.6
00:14 < spaces> heh why do these people who have a lot influence but are nerdish and not really nice and typical always a t-sahirt with a print like a child and have a float under it ?
00:15 < mib_mib_> varesa: well, the --redirect-gateway is, yes, but maybe it needs this to be able to properly route traffic back to the client?
00:15 < varesa> mib_mib_: if nothing appeared in the tcpdump on the VPN server, we can ignore return traffic for now
00:16 < mib_mib_> yah you're right
00:16 < varesa> what if you enable that (route all traffic) and then look at the routing table?
00:16 < mib_mib_> let me see that
00:17 < varesa> that 10.8.0.5 10.8.0.6 line looks pretty wrong to me
00:17 < varesa> unless macOS just does things in a weird way
00:17 < mib_mib_> utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500         inet 10.8.0.6 --> 10.8.0.5 netmask 0xffffffff
00:17 < varesa> so I'd like to see a working setup (even if different)
00:17 < mib_mib_> varesa: yah, maybe it will just be the same? not sure lets see
00:17 < mib_mib_> what i just pasted was the full utun1 when NOT working fyi
00:18 < varesa> spaces: what have you been upto?
00:19 < spaces> varesa myself ? doing what ?
00:20 < varesa> spaces: yes, you :) Just in general
00:21 < spaces> I have been busy with my geo backend and caching backend :) still not doing the dishwash, visted some friends here and experienced my dog got into her season :P
00:21 < spaces> and did some gardening :)
00:21 < spaces> in my forest :D
00:22 < varesa> nice
00:22  * varesa thinks of the pile of dishes at home
00:22 < spaces> and you ? setup another cluster ?
00:22 < spaces> varesa here the same, I don't have any plate left ;)
00:23 < varesa> time to start eating out ;)
00:23 < spaces> I clean what I need atm :D
00:23 < spaces> I have been suffering real bad diabetics so I have a "reason"
00:23 < varesa> I've not done that much in a while. Vacationing (family summer cottage at a lake), visiting some friends, playing video games
00:24 < spaces> sounds good!
00:24 < spaces> you have your own cottag e@ a lake ?
00:24 < varesa> added a syslog input to logstash today so I can forward all network logs to ELK
00:24 < spaces> yeah ELK is nice!
00:24 < spaces> didn't look into GREYLOG ?
00:25 < varesa> I've been planning to set it up in the lab but haven't got around to do it. ELK does all I need it to do
00:25 < spaces> yeah I don't know anymore if I did ELK or GREYLOG
00:25 < mib_mib_> varesa: https://pastebin.com/gDVuWQMR
00:25 < varesa> now I can search logs for example IPsec tunnel errors/drops, even see both ends at once!
00:26 < spaces> oh nice!
00:26 < spaces> varesa about the cottage ? your own ?
00:27 < varesa> spaces: a small one owned by family/some relatives
00:29 < mib_mib_> varesa: so i dont see anything in here - it would be interesting to try to remove the 0/1 route, and see if it still worked - i imagine thats whats forwarding everything?
00:29 < spaces> varesa nice! I have a pool in front of my cottage
00:29 < varesa> mib_mib_: yes, the 0/1 and 128/1
00:29 < spaces> varesa can you swim in that lake >?
00:29 < varesa> looks like the same "weird" routes are still there except the flags are different?
00:30 < varesa> spaces: yup
00:30 < spaces> varesa nice!
00:30 < spaces> are there sharks ??? :P
00:30 < varesa> in a lake? lol no
00:31 < spaces> varesa logness ?
00:31 < spaces> you never know :P
00:31 < spaces> salmon ?
00:32 < mib_mib> varesa: why are they weird?
00:33 < mib_mib> it seems to point everything at 10.8.0.5, then point that to 10.8.0.6
00:33 < mib_mib> its osx if that helps - would you think they would be like 192.168.x.x?
00:33 < varesa> spaces: some perch/bass(?), maybe pike, that kind of stuff
00:34 < varesa> mib_mib: the pointing to 10.8.0.6 is the weird one
00:34 < varesa> like why would it route traffic towards the VPN gateway towards your own IP??
00:34 < spaces> varesa brass ?
00:35 < spaces> varesa I would have expected a whale at least
00:35 < mib_mib> are you saying that 10.8.0.6 is my ip then, i.e. utun1?
00:35 < mib_mib> utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500         inet 10.8.0.6 --> 10.8.0.5 netmask 0xffffffff
00:36 < varesa> mib_mib: that's what you said at least :) <mib_mib> varesa: yah utun1 is 10.8.0.6
00:36 < varesa> tbh I'm not 100% sure how to read that inet 10.8.0.6 -> 10.8.0.5
00:36 < varesa> but it'd make sense that .0.6 is the local address and .0.5 is the peer address (which would be confirmed by the routes)
00:39 < varesa> mib_mib: just for reference this is more or less what it looks like on linux: https://paste.fedoraproject.org/paste/Otlrvz0Y6VVNuwM074vL~Q
00:39 < varesa> spaces: https://i.imgur.com/sDLOCeJ.jpg
00:40 < spaces> varesa holy cow that is really great!
00:41 < spaces> varesa do you own a lot of forest there with the family ?
00:42 < varesa> spaces: the lake is also a lot larger than it seems, there is this smaller bay that connects to the bigger part of the lake at a few points
00:42 < varesa> so if you've got a boat or something similar you can go quite far
00:42 < spaces> yeah I see that
00:42 < spaces> nice
00:43 < mib_mib> veragoing to try restarting =D
00:44 < varesa> spaces: not much forest near the cottage (the couple trees around the cottage :P)
00:44 < spaces> hehe, but a lot of lang in owning ?
00:45 < varesa> the whole lake is some 200km away from where my parents live, a bit more from where I live. The parents do have a fair bit of forests and fields near their home
00:45 < ozzhates> .g evilcowgod
00:45 < spaces> varesa nice
00:50 < mib_mib> varesa: yeah running out of ideas. I installed another vpn client, with the same issue
00:54 < mib_mib> varesa: do you think this could be related? https://github.com/Tunnelblick/Tunnelblick/issues/367
00:58 < varesa> mib_mib: what does 'route -n get <web server address>' say?
00:58 < mib_mib> varesa: when connected to the vpn in 'only forward necessary traffic' mode
00:58 < mib_mib> ?
00:58 < varesa> yeah
01:00 < mib_mib> https://pastebin.com/Zi7ZWs7g
01:00 < mib_mib> i tried using viscosity vpn client which people said worked, but doesnt either
01:00 < mib_mib> i'm using 'high sierra'
01:01 < varesa> unfortunately macOS is pretty far from my area of expertise so I won't be able to help that much any more
01:02 < varesa> though, checking your pastebin above, it seems that it is indeed using the wrong gateway
01:02 < varesa> what if you do that route change command from the Tunnelblick github issue?
01:06 < mib_mib_> varesa: hmmm - so im not sure what to actually run according to this github post - i appreciate all your time helping though thank you
01:10 < varesa> mib_mib_: maybe 'route change 172... 10.8.0.5 255.255.255.0'
01:11 < varesa> oh wait
01:11 < varesa> I think I spotted it
01:12 < varesa> You push a route of 172.31.0.0/24 right?
01:12 < varesa> and the web server is at 172.31.34.16?
01:12 < mib_mib_> hmmm
01:13 < mib_mib_> on the openvpn server?
01:13 < varesa> 172.31.0.0/24 only covers 172.31.0.0 - 172.31.0.254. Not 172.31.1-255.*
01:14  * spaces sexy 
01:14 < varesa> you'll want something like 172.31.0.0/16 or whatever the VPC subnet is (something like 172.31.34/24 or maybe /22-/20?)
01:15 < mib_mib_> ah 172.31/24
01:15 < mib_mib_> that doesnt cover it if i leave off the .0.0
01:15 < mib_mib_> how can i just do all of them, i.e. up to 172.31.255.255
01:15 < mib_mib_> thats /16 right
01:15 < varesa> yup
01:15 < mib_mib_> i always forget what the syntax means, okay, like 8 bits and 8 bits = 16
01:16 < mib_mib_> what does the 24 means?
01:16 < varesa> that's the number of 1s (in bits) in the network mask
01:16 < mib_mib_> oh right the number of leading bits
01:17 < mib_mib_> i guess i was confused and thought i twas trailing, okay let me try that
01:17 < varesa> e.g. /8 means x.*.*.*, /16 is x.x.*.* and /24 is x.x.x.*
01:17 < varesa> /0 being "everything" and /32 being a single host (no network)
01:19 < mib_mib_> varesa: so where again did i specify this
01:20 < varesa> mib_mib_: openvpn server config probably
01:20 < varesa> if you're pushing the route
01:21 < mib_mib_> well, my server.conf has push route "172.31.0.0 255.255.255.0"
01:21 < whatsNext_> closest you can get to single host is /30 isnt it? /32 would be no network or broadcast address?
01:22 < mib_mib_> varesa: https://pastebin.com/BRwiUhz7
01:22 < tds> whatsNext_: openvpn tun devices don't have like a traditional ethernet interface, so it's quite common to have a /32 on-link
01:23 < whatsNext_> ahh yes thx :)
01:23 < tds> s/have/behave/
01:23 < mib_mib_> varesa: it seems that it always adds a /24?
01:23 < varesa> indeed /32 is no network, just the CIDR/route of a single host
01:23 < varesa> mib_mib_: 255.255.255.0 means /24. Change that to 255.255.0.0
01:24 < mib_mib_> push route "172.31.0.0 255.255.0.0" then
01:26 < mib_mib_> varesa: YASSSSS
01:27 < varesa> :)
01:38 < spaces> everyone sexy ?
01:44 < spaces> ^ varesa you should respond with a positive boolean here :P
01:44 < varesa> lol :P
01:47 < lenarhoyt> Hi. Which protocol is responsible for broadcasting hostnames on LAN? I can do an nslookup on my Mac, but I cannot do it on a secondary OpenWRT router in the network (which I would like to do; the secondary one is not an DHCP server).
01:47 < spaces> lenarhoyt depends, could be winbond, whatever
01:47 < spaces> or apple shit
01:48 < spaces> lenarhoyt just run an internal DNS server and be done :)
01:50 < varesa> lenarhoyt: while there are other protocols like mDNS which is more of a broadcast type thing I think nslookup just goes to the plain old DNS
01:50 < varesa> does the mac have the same DNS resolvers setup as the router?
01:50 < spaces> was winbond not doig the wame ?
01:50 < spaces> *doing
01:50 < spaces> *same
01:50 < spaces> (I should go to bed I guess
01:50 < lenarhoyt> varesa: both my Mac and the OpenWRT device are configured to use the same DNS server (the main router) though
01:51 < varesa> spaces: there are indeed other protocols as well (I don't know how they work under the hood) but I think in any case nslookup is just DNS
01:51 < varesa> lenarhoyt: can they both resolve external addresses?
01:51 < lenarhoyt> yes
01:53 < lenarhoyt> what's curious is also that the OpenWRT device assigns itself a different LAN tld: localhost.lan, the rest of the LAN is actually .fritz.box
01:55 < spaces> lenarhoyt read about dns and hostname
01:55 < spaces> s
01:56 < varesa> could be different DHCP or the other one just not caring about DHCP provided suffix at all
01:57 < lenarhoyt> varesa: the OpenWRT machine is not a DHCP client. that might the the problem. but it does not seem to have a DHCP+static IP hybrid option :/
01:57 < lenarhoyt> which is what i want
01:59 < varesa> lenarhoyt: it doesn't have to be, that just explains the different suffix
01:59 < varesa> you should be able to enter all the relevant information by hand as well
02:00 < varesa> lenarhoyt: what does the output of nslookup on the mac look like? Can you paste it?
02:01 < lenarhoyt> https://pastebin.com/raw/9qguwD7G
02:01 < lenarhoyt> but on the OpenWRT device: ** server can't find ... NXDOMAIN
02:02 < varesa> lenarhoyt: tried ip -> hostname on the openwrt as well?
02:02 < lenarhoyt> yes, "server can't find .."
02:03 < varesa> I had an idea about the DNS suffix and domain search paths but that only applies to forward lookups (name -> IP)
02:03 < varesa> so the issue here is something else
02:04 < varesa> you're sure the openwrt is also using 192.168.178.1?
02:04 < lenarhoyt> openwrt is on .201
02:05 < varesa> but it should be using .1 as its DNS resolver, right?
02:06 < mchammerdad> Hey guys, I came into an opportunity to provide internet to a apartment complex (thats being constructed). What devices would you recommend to allow everything their own VLAN/isolated internet connection and how would you best set it up (50 apartments).
02:06 < lenarhoyt> yes both mac and openwrt use .1 as DNS resolver
02:10 < spaces> ah my poor dog
02:12 < spaces> varesa she came to tell me she really wanted to go to bed now she is having her period, lying against my legs even more then ever :P
02:16 < varesa> spaces: did you go with her?
02:18 < thatlizdude> What would be better for transferring files locally - Samba or FTP?
02:19 < varesa> SFTP ;p
02:20 < thatlizdude> I did try Samba before but couldn't connect from macOS to Ubuntu... is SFTP easy to setup>
02:20 < varesa> SFTP is very easy to setup, at least on linux
02:21 < varesa> if you've got SSH working, you've got SFTP as well
02:23 < spaces> varesa sure we are in bed now, she lying on the blanchet (which needs another wash again tomorrow... it's a white one... :S)
02:23 < thatlizdude> I did get SSH working on another machine before
02:24 < spaces> varesa she always sleeps on my bed since I got the diabetics, she checks me out
02:25 < varesa> spaces: :)
02:25 < varesa> take care of each other
02:26 < spaces> varesa she is a real smart one, she has a real character like it could be your human friend
02:27 < spaces> if I sneeze, she wakes up, checks me out and goes back to sleep, when I walk around she always checks if people are where she saw them last or the day before, etc... thinks, walks further
02:27 < spaces> etc
02:27 < riff-IRC> Hey
02:27 < spaces> varesa like looking around the corner, she really does that
02:28 < riff-IRC> holy cow
02:28 < riff-IRC> it's been 8 months since I was in here
02:28 < varesa> welcome back
02:28 < spaces> nothing changed
02:29 < spaces> varesa only when he brought the beer
02:29 < riff-IRC> thx
02:29 < riff-IRC> @seen pos
02:29 < riff-IRC> !seen pos
02:29 < riff-IRC> .seen pos
02:30 < riff-IRC> ._.
02:30  * spaces bitchslaps pos 
02:30 < spaces> riff-IRC he is hiding ;)
02:31 < riff-IRC> anyone wanna see some system specs?
02:31 < spaces> only if they are sexy
02:31 < riff-IRC> inbound
02:31 < riff-IRC> Client: HexChat 2.12.4 • OS: Ubuntu "xenial" 16.04 • CPU: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz (4.33GHz) • Memory: Physical: 7.6 GiB Total (4.9 GiB Free) Swap: 7.5 GiB Total (7.5 GiB Free) • Storage: 929.2 GB / 2.1 TB (1.1 TB Free) • VGA: 1002:67df @ Intel Corporation 4th Gen Core Processor DRAM Controller • Uptime: 3h 49m 15s
02:32 < spaces> MORE MEM!
02:32 < riff-IRC> yeah, I'm going to max the board when I get the dough
02:32 < riff-IRC> 32GB max
02:32 < spaces> 16G would be anough already, I"m on 20G nw
02:32 < spaces> now
02:33 < riff-IRC> eh
02:33 < spaces> riff-IRC upgrade 10 18.04 as well, much faster
02:33 < riff-IRC> I'm gonna throw 64 into a file server build that's coming up on the horizon
02:33 < spaces> *to
02:33 < varesa> nowadays all these electron apps eat tons of RAM
02:33 < varesa> I think I've managed to run out of the 32GB on my desktop a few times
02:33 < riff-IRC> o_O
02:34 < riff-IRC> ok
02:34 < spaces> wtf, my dog is always sleeping over 2/3 of the bed, it's that I'm small :P
02:34 < spaces> maybe I should start sleeping in the middle of the bed
02:34 < riff-IRC> your dog is either big or your bed is small
02:34 < spaces> riff-IRC no she wants to sleep against me
02:34 < riff-IRC> oh ok
02:34 < spaces> so when I move she moves too
02:34 < riff-IRC> XD
02:35 < riff-IRC> That fileserver build is going to happen when I fill up my 8TB backup drive
02:35 < spaces> she is actually in strech mode now so her legs are linda long
02:35 < spaces> *kinda
02:35 < varesa> riff-IRC: wanna hear the specs of the host my shell/IRC are running on? ;P
02:35 < riff-IRC> sure, send 'em
02:36 < spaces> varesa you are cheating, you cluster :P
02:36 < varesa> Xeon E5-2650Lv2 (10 core), 128GB DDR3 ECC, 2x 500GB SSD, 3x 2TB HDD, 10G ethernet
02:36 < varesa> (sure, it is running quite a few other VMs as well)
02:36 < riff-IRC> o_o
02:36 < riff-IRC> O_O
02:37 < spaces> you get that with 250+ channels
02:37 < riff-IRC> I mey get a dual sucket Threadripper board(if they even exist)
02:37 < riff-IRC> s/mey/may/
02:37 < riff-IRC> s/mey/may
02:37 < spaces> meh this dog is the type you cannot stop hugging
02:38 < riff-IRC> what breed?
02:38 < spaces> mix of bordercollie/labrador and herder
02:39 < spaces> so she is black with grey lines after her shoulder and also her back legs and has a white chest and stomach and 4 white toes each foot and a small shite tip on her tail
02:40 < riff-IRC> a small what?
02:40 < spaces> white
02:40 < riff-IRC> huh
02:40 < spaces> sec
02:41 < spaces> https://1drv.ms/u/s!AgHz6t0lBvQzgykdvCziDt8wYp-c
02:41 < riff-IRC> onedrive can go die
02:41 < spaces> https://1drv.ms/u/s!AgHz6t0lBvQzg02lCv9YDK7XYy8m
02:42 < spaces> but that is her
02:42 < spaces> perfect build actually
02:43 < spaces> and that social, never seen that before... so happy and forward going
02:44 < varesa> https://i.imgur.com/CFhWe4A.jpg
02:44 < spaces> oohhh!! adorable!
02:44 < spaces> varesa same type of mix almost
02:45 < varesa> that's german shepherd / tibetan mastiff
02:45 < spaces> kewl!
02:46 < spaces> I have another one well, don't be afraid: https://1drv.ms/u/s!AgHz6t0lBvQzg1blxs4IECp9gtSn
02:46 < thatlizdude> how come I have a sshd_config file on my Ubuntu but I don't seem to have sshd installed?
02:46 < thatlizdude> is that normal?
02:47 < varesa> thatlizdude: how did you determine sshd is not installed?
02:47 < spaces> thatlizdude client installs it I thought as well
02:47 < thatlizdude> "which sshd" won't show anything
02:47 < thatlizdude> and I can't do "sudo systemctl restart sshd"
02:48 < spaces> varesa that last one, nice hug
02:48 < spaces> *huh
02:48 < spaces> and indeed it was a hug of a goose
02:48 < varesa> fair enough. I don't use ubuntu so can't comment much on how they're packaged
02:48 < varesa> spaces: ouch
02:48 < spaces> varesa she didn't gave a kick
02:49 < spaces> I noticed it after a hour as it was dark
02:49 < spaces> and I wanted to go to sleep, during the winter she sleeps in the kitchen, my bedroom is freaking cold then
02:49 < spaces> so, bedtime kiss and I noticed it
02:50 < spaces> she ran away when letting her out, clip went lose and I thought it was egg or something when I saw it as I found he on my second search on her favorite vegetable pile nearby a house
02:51 < spaces> so I was freaked out, in the middle of the night @ the vet
02:51 < thatlizdude> nvm I figured I was editing ssh_config instead of sshd_config...
02:51 < spaces> but you don't se anything of it anymore
02:52 < spaces> thatlizdude yeah it's confusing sometimes
02:57 < thatlizdude> I am getting a "Connection to 127.0.0.1 port 22: Broken pipe" - what can I do about that? I setup the SFTP by this guide: https://www.digitalocean.com/community/tutorials/how-to-enable-sftp-without-shell-access-on-ubuntu-16-04
02:57 < Fizzik> pihole
02:57 < thatlizdude> ?
02:57 < spaces> varesa but their noses... oh my you can touch them all day long :P
02:57 < Fizzik> wrong window.
02:58 < spaces> and ears
02:58 < varesa> thatlizdude: are you getting it immediately or after a minute or two?
02:59 < thatlizdude> immediatelly
03:01 < spaces> varesa yoru dog ever slept on bed ?
03:02 < varesa> she likes to sleep under the bed for some reason
03:02 < varesa> and that's actually my sister's dog, not mine
03:05 < spaces> varesa sounds like a safe place :)
03:08 < thatlizdude> might it have something to do with permissions?
03:09 < varesa> thatlizdude: try checking the sshd server logs
03:10 < varesa> thatlizdude: how are you testing it?
03:15 < thatlizdude> one sec, I'll mess with the permissions again and see if it works
03:20 < thatlizdude> yeah it's perms
03:21 < thatlizdude> varesa: it says "fatal: bad ownership or modes for chroot directory "/var/sftp/myfolder""
03:22 < varesa> sounds like simple enough to fix
03:23 < thatlizdude> sounds simple but still not working :/
03:26 < thatlizdude> oh got it to work
03:26 < thatlizdude> thank you :)
03:27 < varesa> you're welcome (not that I did much)
03:28 < varesa> chrooted SFTP has those few extra steps. SFTP with shell access is pretty much "$package_manager install openssh-server && systemctl start sshd" and you're good to go
03:34  * varesa yawns at 4:30AM and takes some ice cream from the work freezer
03:54 < spaces> varesa you are a lowsy piece of shit again :P
03:56 < spaces> varesa am ? where are you located ?
03:57 < varesa> in a 5AM-right-now timezone :)
03:57 < spaces> 4 am here, but are you in Poland or so ?
03:58 < varesa> much more to the north
03:58 < spaces> wtf, just tell me :P
03:58 < varesa> like 5 countries up
03:58 < spaces> why are you working during the night ?
03:58 < varesa> starts with Fin and ends up in land
03:58 < varesa> ;P
03:59 < varesa> the company is manned 24/7
03:59 < varesa> I was just running updates to some production systems
03:59 < varesa> (and eating ice cream)
03:59 < spaces> haha nice
04:00 < spaces> yeah Finnish people are crazy, we know it
04:02 < spaces> varesa what type of company ?
04:03 < varesa> one that runs a lot of stuff from datacenter colocation, openstack cloud, AWS support services, solutions architecting, etc.
04:03 < varesa> + the whole dev side I don't know much about
04:03 < spaces> sounds nice
04:04 < spaces> how does openstack perform ?
04:04 < varesa> fairly well most of the time
04:05 < varesa> though it is quite a beast to deploy, update and manage
04:05 < spaces> nice, I don't like it but everything has it's cons I think
04:05  * dogbert2 works on some more patch-fu
04:06 < dogbert2> bwhahahaaha (youtube) - Worst Football Nut Shot Compilation
04:10 < fareast> ok i just took a network + practice exam and passed it without any formal education or study. Only field experience. I suppose I am g2g?
04:11 < dogbert2> farmast, N+ isn't that hard, or A+ or Linux+, etc
04:11 < fareast> what about system+
04:11 < fareast> isn't that just managing AD and domain?
04:12 < fareast> and hardware I suppose....
04:12 < fareast> like knowing what a raid array is
04:12 < fareast> partitioning schemes and deployment techniques.
04:13 < spaces> dogbert2 how is the farting today ?
04:13 < dogbert2> bwhahahaha....this stuff is too funny...
04:13 < dogbert2> https://www.youtube.com/watch?v=F3Z6pslRIdY
04:16 < spaces> dogbert2 how can that be SOOO painfull for them ? everything is tiny with them
04:17 < dogbert2> spaces, it's just funny 3rd or 4th one in the guy gets kicked right in da junk
04:17 < spaces> yeah I saw it
04:18 < thatlizdude> I got a message "Another device on the network is using your computer’s IP address" - any way to trace what could've happened?
04:18 < fareast> wow kicked in the balls
04:19 < spaces> thatlizdude check arp table
04:19 < fareast> hey can someone open a dcc with me?
04:20 < spaces> only if we can kick you in tha balls
04:20 < fareast> I will let you kick me in the balls hard as you can
04:20 < thatlizdude> spaces: wanna give me more than that? I'm not an expert :D
04:20 < spaces> no I let dogbert2 pay me so he can do it, I'm a business man ;)
04:22 < spaces> thatlizdude all I can say for now
04:23 < thatlizdude> should I just ignore the message then?
04:23 < thatlizdude> I mean something has to be broken if the router assigns something an already used IP doesn't it?
04:26 < xamithan> It only does whatever you set it up to do
04:27 < varesa> thatlizdude: either the router is buggy, something is configured with a static IP that overlaps the DHCP pool or some DHCP client is misbehaving
04:28 < thatlizdude> varesa: I have a Plex server configured, but that's for .25, not for .14 (which errored) - could that be related to it?
04:31 < Droog0x> I am still getting 355mbps+ from Spectrum, going on 18mo now. Paying for 300
04:32 < fareast> yeah
04:32 < fareast> don't overlap the dhcp scope
04:32 < fareast> with a static address without reservation
04:32 < varesa> shouldn't be
04:33 < fareast> else you disconnect your static address and dhcp takes it then you power it back up and conflict arises
04:33 < thatlizdude> so what should I do if I want a single device that has a static IP
04:34 < fareast> minimize the dhcp scope
04:34 < fareast> go above it
04:34 < fareast> or below the set values
04:34 < thatlizdude> well the limit is .0-.255 isn't it?
04:34 < fareast> yeah limit it to 200
04:34 < fareast> leave your 50 for static
04:34 < fareast> or 55
04:34 < fareast> or go from like 10-255
04:34 < thatlizdude> so .25 was a bad idea?
04:35 < fareast> yeah
04:35 < fareast> if you put it .26-255
04:35 < fareast> you would be good
04:35 < thatlizdude> oh I didn't configure anything on the router when i was setting the static IP
04:35 < thatlizdude> was I supposed to...
04:36 < thatlizdude> but even if it was set to .25, the error was with .14 - shouldn't it error with .25 only?
04:36 < fareast> yea
04:36 < fareast> if you want static you can't have the scope from like 2-255
04:37 < fareast> well you can just you will get a conflict if a dhcp occurance happens
04:37 < fareast> you are putting in manual stuff where the automatic is reserved
04:38 < thatlizdude> so it would be the Starting and Ending IP addresses in LAN setup?
04:38 < fareast> it happens more on networks with lots of stuff like phones printers and wireless devices wired pc
04:38 < fareast> yep
04:38 < fareast> so start static before the start
04:38 < fareast> or after the end that you set
04:38 < fareast> its called a dhcp pool
04:39 < fareast> don't throw static in the pool
04:39 < thatlizdude> I can leave the start alone at .2 and decrease the ending to like .230
04:39 < fareast> yeah or whatever you want static reservations to fill
04:39 < thatlizdude> then I'd set the static IP to .240
04:39 < thatlizdude> ok that makes sense
04:39 < fareast> I usually do like 230
04:39 < fareast> leave like 25 empty for statics
04:39 < thatlizdude> and do I need to restart the router for this?
04:39 < fareast> not really
04:40 < fareast> it should reboot itself when you apply
04:40 < thatlizdude> what if I change it and there's a device with .240
04:40 < thatlizdude> it just gets quickly disconnected and reconnected?
04:40 < fareast> yeah
04:40 < thatlizdude> ok cool :)
04:40 < fareast> its just pulling the uplink off and rerouting it on reboot
04:41 < DocScrutinizer05> are favicons not trendy anymore? or did there change anything during last 10 years so my browser doesn'
04:41 < DocScrutinizer05> t show them often
04:45 < thatlizd1de> test
04:45 < thatlizd1de> what the hell why did my nick change
04:46 < meingtsla> You reconnected and your previous connection hadn't timed out yet.
04:46 < thatlizd1de> uhh I guess that has something to do with the router lol
04:46 < thatlizd1de> well everything finally works now
04:47 < thatlizd1de> thank you!!
04:50 < DocScrutinizer05> meh, answering my own question above, it seems Konqueror had isses with verifying validity of https certs and for some weird reason that resulted in favicons not showing
05:13 < fareast> fuck shit!
06:03 < scientes> ewww
06:04 < linux_probe> ur mu was eeeeew too
08:03 < mikey_> Hi
08:03 < mikey_> I have setup proxy on my android device but one 3rd party application gets stuck at some point with an error: "Unable to connect". I am not getting any workaround for this so please  help!
08:05 <+pppingme> mikey_ sounds like the app isn't using the proxy, likely trying to handle its own connection.
08:06 < mikey_> But rest of the packets are going via proxy, So how can i handle it?
08:06 <+pppingme> from the same app?
08:07 < mikey_> yes
08:07 <+pppingme> I'd report it to the app developer as a bug
08:08 < mikey_> +pppingme like when i did signup it sent me the OTP and then verified that OTP via proxy but at the very next step it showed "Unable to connect" error.
08:08 <+pppingme> I'd report it to the app developer as a bug
08:09 < mikey_> +pppingme oh so i can't solve this?
08:09 <+pppingme> not easily
08:11 < updated> hi there, I am trying to redirect UDP traffic being forwarded through my host to a local port on my computer with the following iptables command "iptables -t nat -A PREROUTING -p udp --dport 5000:5500 -j REDIRECT --to-port 5213"
08:11 < updated> however it does not seem to match any packets
08:12 < mikey_> +pppingme ohk thanks
08:13 < updated> running tcpdump shows the packets however, I have also tried erasing conntrack cache which helped some people online but it does not make any difference
08:13 < detha> updated: are you letting those packets through the INPUT chain?
08:13 < updated> yeah INPUT and FORWARD have an ACCEPT policy
08:14 < updated> I think the packets are being forwarded through without any modification
08:14 < updated> based on the behaviour of the application generating the traffic
08:14 < detha> and iptables -t nat -vnL counters show 0?
08:15 <+pppingme> pastebin "iptables-save"
08:15 < detha> that'd be good too
08:16 < password2> hi
08:23 < updated> damn, after two or three hours of debugging it finally started working with me not changing anything whatsoever, might have been related to connection tracking after all
08:23 < XCE> rofl
08:24 < XCE> after countless hours of fixing, it now works in its original form and I still dont know what the problem was
08:24 < updated> :\
08:24 < updated> must have done somethign right
08:24 < XCE> gotta document it at least
08:24 < XCE> so next time you know to check
08:26 < cpplearner> What is a "routing domain" in routing? It seems that a metric is associated with a routing domain, but with "route" in ubuntu I don't see a column domain in routing table. =(
08:27 < cpplearner> *column named "routing domain"
08:47 < MikeSeth> cpplearner: a domain is a more general concept than DNS domains if that is what you're asking
08:48 < MikeSeth> cpplearner: in most trivial way, all your routers on the same network[s] are a routing domain
08:49 < MikeSeth> cpplearner: if you use RIP/OSPF etc they have their own protocol level conception of what constitutes a routing domain
08:50 < MikeSeth> a domain, in principle, is a partition of some global space
08:53 < cpplearner> MikeSeth: I'm briefly reading through a static routing part of RFC1812, and it states "For static routes not put into a specific routing domain, the route lookup algorithm is: ...". So I thought "what's a routing domain in the first place?"
08:54 < cpplearner> So I just type "route" in my ubuntu, but no column named "routing domain" exists.
08:55 < MikeSeth> cpplearner: under linux, you would create routing domains with e.g. policy routing and netns
08:56 < MikeSeth> http://linux-ip.net/html/routing-tables.html
08:59 < OlofL> Can Cisco CSR1000v run VXLAN?
09:05  * Atro did you even bother to google > https://www.cisco.com/c/en/us/td/docs/routers/csr1000/software/vxlan/m_csr-vxlan-support-book.html
09:05 < BatmansAdversary> hey can i ask a question
09:05 < Atro> no
09:05 < BatmansAdversary> but its important
09:06 < cpplearner> =D
09:06 < cpplearner> MikeSeth: Thank you. I'll look into it!
09:07 < my_mind> hey i'm using rdesktop to remote into a windows 10 machine from a Kubuntu 18.04 machine but it's really slow
09:08 < my_mind> my int speed is 100mbps in both locations
09:08 < my_mind> i even made the resolution 1024x768
09:09 < BatmansAdversary> then fix it up
09:09 < my_mind> i don't know what's wrong
09:10 < BatmansAdversary> sux 2 b u
09:10 < my_mind> BatmansAdversary: not cool man
09:10 < BatmansAdversary> not my problem bro
09:21 < MikeSeth> my_mind: reduce color and resolution, turn off multimedia relaying or whatever garbage rdesktop pushes by default
09:21 < MikeSeth> also, stop using rdesktop, it's deprecated, use remmina or something
09:31 < OxFEEDBACC> ya, thanks...
09:49 < my_mind> hey what would make a ping take a long time? I'm pinging my office from my home pc and it's slow. I've remoted into my office pc, and found out the rdp connection was slow, but the internet speed was fast
09:53 < monoxane> my_mind ping/latency is a function of both distance and number of routers and network devices between you and the endpoint that the traffic flows between, and the speed of those connections
09:55 < Surre> Hey guys, this may be a silly question but I know almost nothing about IPv6 so bear with me.
09:56 < Surre> If I setup a network interface with an IPv6, and possibly no IPv4, and I send an HTTP to a server, does the server get my IPv6 the same way it would have gotten my IPv4?
09:58 < h0dgep0dge> lulz
09:58 < Surre_> Sorry, got disconnected
09:58 < Surre_> And second question, if I setup a network interface with TWO IPv6, the way to select one or another is by their local address?
09:58 < h0dgep0dge> so, what do you mean by "get my ipv6"?
09:59 < h0dgep0dge> i mean, sure you set yourself up with an ipv6, then you send an http, with you so far lol
10:02 < Surre_> let me rephrase
10:02 < h0dgep0dge> if i can do some interpretting, you're asking if you connect to an http server using ipv6, does the http server know your ipv6 address? the answer to that question would be yes
10:02 < Surre_> when you send an http request it's easy to get your ip on the server side, you cannot "hide" it (other than through a proxy), does it work the same way with IPv6?
10:03 < h0dgep0dge> yes. if the server doesn't know your ip address, irrespective of the version, how is it going to get packets back to you?
10:03 < Surre_> well, that makes sense :9
10:03 < Surre_> :)
10:03 < Surre_> never mind, that was silly haha
10:03 < Surre_> second question is more interesting
10:03 < h0dgep0dge> shoot
10:04 < Surre_> If I setup a network interface with TWO IPv6, the way to select one or another is by their local address?
10:04 < Surre_> I never did that but I'm guessing I would have to associate each IPv6 to a private IPv4, right?
10:04 < Surre_> I never heard of a "private IPv6", but don't know really
10:05 < h0dgep0dge> yeah, private ipv6 doesn't really exist in the same way private ipv4 does, because ipv6 is deigned to be globally routable
10:05 < monoxane> ipv6 typically doesnt have NAT done to it, you get a large block of ipv6 addresses your router hands out to everything and all of them are public
10:06 < h0dgep0dge> you have link local addresses, but they're almost fundamentally different than what you think of as your private ipv4 network addresses
10:06 < Surre_> how does a local address for an ipv6 looks like?
10:06 < h0dgep0dge> starts with fe80
10:07 < h0dgep0dge> i believe that's it, i'd have to double check
10:07 < Surre_> oh I see, I actually got one in this computer
10:07 < Surre_> inet6 fe80::...
10:07 < h0dgep0dge> so i'm not really grasping what you mean by "select one or another" address
10:08 < Surre_> so by selecting that local address I'll be using that public IPv6 associated to it
10:08 < Surre_> h0dgep0dge, I mean when connecting to a server, using an http client
10:08 < Surre_> I would put that local address to send the request through that interface
10:09 < h0dgep0dge> put it where?
10:09 < h0dgep0dge> and which interface? we're talking about more than one interface now?
10:09 < h0dgep0dge> are you talking about having 2 ipv6 addresses on a single interface, or more than one interface?
10:09 < Surre_> does it matter? I think it's the same regardless of 1 interface with 2 ips or 2 interfaces with 1 ip
10:10 < h0dgep0dge> well, to a certain extent it informs the context of the question
10:10 < Surre_> for ipv4 at least I think the way you use them is the same, when opening a connection you set what local address to use
10:12 < h0dgep0dge> i mean, you can use a bind() call?
10:13 < Surre_> I have done that to select a private IPv4 local address, not sure for IPv6 that's why I was asking
10:20 < Surre_> ah, and last question!
10:22 <+catphish> Surre_: the process for ipv6 is the same as ipv4, but in no way linked to ipv4
10:22 < Surre_> yeah I got, I think
10:23 <+catphish> also, it's worth noting that 2 interfaces with 1 ip each is not really a valid configuration in most cases
10:23 < Surre_> I want to connect to a server that doesn't seems to have an IPv6. Does it mean I can't connect to it using this interface I have which does have an IPv6?
10:23 < Surre_> I'm not sure how that works because you know, in general you have an IPv4, they have an IPv4, everything works, no problem at all
10:23 <+catphish> if you connect to a server that only supports ipv4 then you will need to connect from an ipv4 address
10:24 <+catphish> it's like 2 totally separate internets, you use one or the other
10:24 <+catphish> if the server supports ipv6 you use your ipv6 address, if not, you use an ipv4 address
10:24 < Surre_> I'm not sure it has an IPv6, I know it doesn't have an AAAA but maybe they do have one
10:24 <+catphish> you don't really need to know
10:24 <+catphish> the system handles this for you and selects an appropriate address on your side automatically
10:25 < Surre_> how?
10:25 < XCE> automagically
10:25 <+catphish> ideally you should have both an ipv6 address and an ipv4 address, you look up a server in DNS, if it has an AAAA record, then your system makes a connection from your ipv6 address to their ipv6 address
10:26 <+catphish> if it only has an A record, then your system makes a connection from your ipv4 address to their ipv4 address
10:26 < Surre_> right, but I'm saying it doesn't have a AAAA record
10:26 <+catphish> see above
10:26 < Surre_> is there any way to tell if a server for which you only have an IPv4, has an IPv6 as well?
10:26 <+catphish> no
10:26 < Surre_> (apart from checking its DNS of course)
10:26 <+catphish> they're in no way connected
10:26 < Peng_> Email their sysadmins?
10:26 < Surre_> yeah. will do, just wanted to be sure
10:27 <+catphish> well, in theory you should be able to do a dns lookup on the IP
10:27 <+catphish> and that name might point back to an ipv6 address
10:27 < XCE> can you ssh into one with ipv6 through your ipv4 then check
10:27 <+catphish> like this:
10:27 <+catphish> charlie@charlie-XPS ~ $ host 185.22.208.134
10:27 <+catphish> 134.208.22.185.in-addr.arpa domain name pointer charlie.infra.atech.io.
10:27 <+catphish> charlie@charlie-XPS ~ $ host charlie.infra.atech.io.
10:27 <+catphish> charlie.infra.atech.io has address 185.22.208.134
10:27 <+catphish> charlie.infra.atech.io has IPv6 address 2a00:67a0:a:2::9
10:27 < Peng_> Back in the day it wasn't unusual to have IPv6 on a separate hostname. Like https://ipv6.google.com/ .
10:28 <+catphish> also true
10:28 < Peng_> Which would, one hopes, be in the documentation for whatever
10:28 <+catphish> most people don't have dns set up perfectly like that though, so i wouldn't rely on it
10:28 < Surre_> it looks like they're running on AWS which seems to provide a default IPv6 on interfaces, they should have one even if it's not public
10:28 < Peng_> Depends. Pre-VPC EC2 doesn't support IPv6.
10:28 < Surre_> don't know if their server is configured to listen to them, or if it's done by default - no idea
10:29 < Peng_> And you can certainly turn IPv6 off.
10:30 < Surre_> catphish, I did what you mentioned but ec2 hosts would only show one IPv4 when you run "host" on them :(
10:32 < Peng_> Yeahhh. EC2's pretty useless for rDNS.
10:50 < tds> if you do want to connect to v4 only stuff from a v6 only machine, you can run your own dns64 + nat64 servers, that'll synthesise aaaa records for domains without them
10:50 < tds> that's only really useful if you run an ipv6-only network, if the network supports v4 as well it's much easier to just enable v4
11:09 < Surre> <tds> if you do want to connect to v4 only stuff from a v6 only machine, you can run your own dns64 + nat64 servers, that'll synthesise aaaa records for domains without them
11:09 < Surre> interesting
11:10 < Surre> I guess the idea is from my machine to that nat server through v6, and then through that nat server to the endpoint using v4?
11:11 < Surre> I won't do that, it's not that necessary. just being curious
11:16 < backes> hey! what causes the traceroute to repeat the same host multiple times, like here https://pastebin.com/TACFqmS9 ?
11:16 < backes> https://paste.debian.net/1033525/ the same on paste.debian.net
11:20 < detha> that is ..... crafty. Some routing loop
11:26 < grawity> backes: the 3rd-hop router is lying to you and returning fake ICMP errors
11:26 < Arpanet69> heey guys ... am working here at an office we using about 65 accesspoints from Sophos. 2,4Ghz plan is implemented and works fine.. but 5Ghz doesnt implement our channelplan cause of DFS. Also we are restricted to use 80MHZ (thanks to Sophos). When modifying the channels to DFS channels according to our plan it ntice interference and jumps back to non DFS channels .... how can i fix this?
11:29 < Arpanet69> wish i could disable this dfx
11:29 < Arpanet69> dfs
11:29 < Arpanet69> ...but i cant :)
11:29 < Arpanet69> how do you guys setup 5ghz channelplan ?
11:30 < backes> grawity: so this might be an entry to/load balancer to google's internal servers and it changes all the ICMP messages to obfuscate their architecture?
11:30 < grawity> no, it's something your sysadmin or your ISP screwed up
11:31 < kalebris_> Arpanet69: with fiber :)
11:31 < Spice_Boy> Arpanet69: why do you have to use 80MHz channels?
11:31 < Spice_Boy> if you are forced to 80MHz channels, and don't use DFS channels, then you're pretty much stuck
11:31 < dogbert2> it's amazing how local leaders here seem to think everyone can learn to code without understanding the issues behind writing software...the local comm. college is starting to teach swift, but local business leaders make it sound like "anyone can do this"...
11:31 < Arpanet69> Spice_Boy, dunno ask Sophos... were limited to that
11:31 < Arpanet69> Spice_Boy, yes to 1 channel lo;
11:31 < Spice_Boy> who/what is sophos?
11:32 < Arpanet69> its an firewall with build in WLC
11:32 < Arpanet69> like Fortinet
11:32 < Arpanet69> has its buildin WLC too
11:32 < sk_tandt> Greetings everyone! I'm a bit of a pinch: I am reaching a remote LAN through OpenVPN, and some nodes work just fine, but 3 just won't hear reason
11:32 < Arpanet69> am considering to disable 5,Ghz
11:33 < grawity> backes: here's what a proper trace to that host looks like: https://ptpb.pw/VBmi.txt
11:33 < sk_tandt> Among the nodes that work, there is at least one on the same switch
11:33 < Arpanet69> but thats a shame the AP are brand new
11:35 < dogbert2> grawity to da rescue :)
11:35 < backes> grawity: okay that is indeed quite different
11:41 < purplex88> what are network packet statistics?
11:44 < grawity> [oh, ignore the silly rDNS I'd put in my /etc/hosts for that .115 thing]
11:45 < sparrowsword> anyone familiar with rootnerds vps? trying to apt-update and having a heck of a time... dont think dhcp is working properly... cant ping google.com, my only /etc/resolv.conf line is nameserver 8.8.8.8, when i try apt-update it just says Failed to fetch http://ftp.us.debian.org/.. tried with ftp://ftp doesnt work either Temporary failure resolving 'ftp.us.debian.org'
11:45 < sparrowsword> however, i can ping 8.8.8.8
12:25 < sparrowsword> anyone able to help?
12:30 < djph> what do you get when you dig / nslookup ftp.us.debian.org?
12:34 < ne2k> why do dotted quad subnet masks still exist as a thing?
12:36 < djph> because fuck you, that's why.  Also Cisco.
12:37 < ne2k> the number of times I hear people saying down the phone "two-five-five dot two-five-five dot two-five-five dot two-four-eight" instead of "twenty-nine"
12:37 < SwedeMike> ne2k: legacy reasons. People still call /24 a "class C", because... something.
12:37 < ne2k> SwedeMike, because their dumb
12:37 < ne2k> (yes, I did that on purpose)
12:37 < SwedeMike> ne2k: their hearing is just fine.
12:37 < SwedeMike> also speech
12:37 < ne2k> wut
12:38 < SwedeMike> (yes, I did that on purpose)
12:38 < SwedeMike> https://en.wiktionary.org/wiki/dumb "From Middle English dumb, from Old English dumb (“silent, speechless, mute, unable to speak”)"
12:39 < dogbert2> calling it class C space (which it was) is legacy :)
12:39 < ne2k> https://en.oxforddictionaries.com/definition/dumb #3
12:40 < ne2k> dogbert2, even worse is people calling 10.37.58.0/24 a Class C. no. no it's not. not in any sense of anything
12:41 < djph> ne2k: I do that because when I call somewhere, the person on the other end is a moron.
12:41 < dogbert2> yeah, that's not a class C at all, it's technically RFC 1918 class A space :)
12:41 < dogbert2> djph...bwhahahaha!
12:41 < SwedeMike> for some reason this class thing refuses to die, even though it became obsolete mid 90ties. It still shows up in books etc.
12:41 < djph> although, when I get to someone who knows what they're doing, I'll just give the last octet (because I suck at conversion from dotted-decimal to CIDR) ...
12:42 < ne2k> SwedeMike, 1993. TWENTY-FIVE YEARS AGO
12:42 < grawity> I thought it couldn't get worse than "10.x.y.0/24 is wrong because 10.x is class A"
12:42 < djph> grawity: where have you been lately? bahahaha
12:43 < ne2k> grawity, what's wrong with that? that's actually correct, surely?
12:43 < dogbert2> saw a funny comment this morning by the CIO of switch (data center) about learning swift and other programming languages: Speaking at an event Thursday about the new course, Missy Young, chief information officer for Las Vegas-based Switch, said this program can help fill those in-demand, high-paying jobs.  “You can be instantly employable in a field that cannot possibly find enough talented and qualified individuals to do thes
12:43 < dogbert2> e jobs,” she said.
12:43 < grawity> ne2k: how long has subnetting been around for, again?
12:43 < dogbert2> LOL, grawity
12:44 < ne2k> grawity, as in, if you're saying "it is class A", and you are following the class system, then that /is/ wrong.
12:45 < dogbert2> yeah :)
12:45 < ne2k> anyway
12:45 < nostrora> hi! i have ap ac pro and wifi is always disconnecting/reconnecting, i'm from 1 meter and "wifi power" is very high
12:45 < nostrora> how can i debug this kind of disconnection ? i'm on linux
12:45 < ne2k> I don't get why people would ever want dotted quad subnet masks for any purpose. why isn't it just an integer in all places where a subnet mask is wanted?
12:45 < SwedeMike> ne2k: for IPv6 at least it is.
12:46 < grawity> SwedeMike: ...usually. I have seen a thing or two use "/ffff:ffff:ffff:ffff::"
12:46 < ne2k> grawity, VLSM mentioned here https://tools.ietf.org/html/rfc950 (1985)
12:46 < grawity> ne2k: maybe it was born when someone still allowed non-contiguous masks, and now everyone's just used to it
12:46 < SwedeMike> grawity: ew.
12:49 < ne2k> CIDR removed non-contiguous masks as an option
12:50 < ne2k> An implementation following these rules should also be generalized,
12:50 < ne2k>    so that an arbitrary network number and mask are accepted for all
12:50 < ne2k>    routing destinations.  The only outstanding constraint is that the
12:50 < ne2k>    mask must be left contiguous.  Note that the degenerate route 0.0.0.0
12:50 < ne2k>    mask 0.0.0.0 is used as a default route and MUST be accepted by all
12:50 < ne2k>    implementations.
12:50 < ne2k> ooh, sorry for flood
12:50 < djph> eh,wot?
12:51 < grawity> I think that's already present in RFC 1338 a year earlier
12:56 < dogbert2> w00t...just found and fixed 5 potential null pointer dereferences in BIND :)
12:58 < djph> yay?
12:58 < djph> dogbert2: which (major) version?
12:58 < dogbert2> BIND-9.12.1-P2...
13:00 < Apachez> its people like dogbert2 who is responsible for why we cant have a nice vacation without major vulns...
13:00 < djph> bit farther along than me ... I'm only running 9.9
13:00 < djph> :|
13:00 < djph> stupid debian stable
13:00 < dogbert2> bwhahaha...
13:01 < dogbert2> who the hell takes a vacation in IT :P
13:02 < mspro> the manager
13:07 < dogbert2> muhahahaha - https://gitlab.isc.org/isc-projects/bind9/issues/413
13:10 < djph> I do - screw the users, I'm going to a beach somewhere where the nearest cell reception is 400 miles away.
13:13 < Apachez> dogbert2: shouldnt there be a syntax in the compiler who can check this stuff for the devs?
13:14 < dogbert2> Apachez...I find shit that coverity and clang-analyzer just plain miss...
13:14 < grawity> Apachez: iirc C is too flexible to have this checked 100% at compile time
13:14 < dogbert2> exactly :)
13:14 < grawity> (and if you integrate the static analysis into compilers, I imagine it being a little slow)
13:14 < dogbert2> though if C had compile time bounds checking :)
13:15 < grawity> well, there's always Rust
13:17 < Apachez> sure but checking if a function can return null should be something that the precompiler can check for
13:17 < Apachez> and if so verify if all uses of this function checks for null
13:17 < Apachez> and if not throw out an warning while compiling
13:20 < dogbert2> Apachez...well, it couldn't find the memory leak I found earlier in the week :)
13:21 < Apachez> well thats what Im saying why isnt there some flag to make the precompiler look for this shit?
13:21 < Apachez> I mean its easy
13:25 < dogbert2> the pre-compiler would probably die a fugly death
13:29 < dogbert2> djph...I usually do my bug-fu finding on downloaded tarballs...then I submit and let the upstream ninjas make sure it gets where it needs to go :P
13:30 < Apachez> how are those functions defined?
13:30 < djph> dogbert2: yay :)
13:30 < Apachez> void functioname(stuff);   ?
13:30 < Apachez> because     int functionname(stuff);     shouldnt allow for null in returns
13:30 < Apachez> or did I miss something?
13:31 < dogbert2> well, the first one doesn't have a return value...the 2nd expects a return of an int
13:31 < grawity> the 2nd one doesn't return a pointer in the first place
13:31 < grawity> though nothing says it can't return a zero, but it's still not a pointer
13:33 < dogbert2> yeah...
13:33 < dogbert2> welp...lemme go back to bed for about an hour...finding bug-fu on friday the 13th...hmmmmm!
13:38 < BatmansAdversary> i took a shit
13:38 < eirirs> Toblerone is the shit.
13:46 < _noblegas> Hi all
13:46 < _noblegas> Just going crazy trying to configure squid on my windows machine
13:51 < djph> _noblegas: format and upgrade to Linux.
13:53 < _noblegas> Can't my work pc
13:56 < _noblegas> Also I sit behind Corp network
14:01 < AlexCDev> Hi
14:02 < djph> _noblegas: then why're you installing squid on it?
14:02 < _noblegas> Uh, it's a long story but I'll try to explain
14:04 < spaces> varesa yoyo!
14:10 < _noblegas> Also I don't know the whole 'why', as I was told to 'follow the instructions'. Anyway, I have a linux virtual machine on my windows. In that virtual machine configuration it says to use proxy - address of the host machine with squid port. I assume it was done for a reason, so that VM could connect to external network - for example so I could run yum install. So I 'followed' the instructions - installed squid. Now when I
14:10 < _noblegas> do curl from the VM - I see it in squid access.log, but the results is 'dns server:' 'no name found' . Also I tried to see if squid works - from the host machine by configuring Firefox to use it as a proxy and also by running the squid client.  Basically, my understanding - is that because I sit behind Corp network/proxy/whatever - applications that need to reach the outside network should go through squid as it should
14:10 < _noblegas> "magically" go through Corp proxy/whatever.
14:11 < djph> none of that makes any sense, or is right in the slightest way.
14:12 < djph> I mean, you can simply set up the networking to NAT via the host machine
14:12 < _noblegas> Yes, as I told, I don't understand why
14:13 < djph> something with your instructions sounds extremely wrong - at this point, your best bet is to reconfirm with the IT guys / whoever wrote that howto WTF they're smoking.
14:13 < _noblegas> Yeah
14:16 < _noblegas> You're right
14:38 < _noblegas> Actually
14:39 < _noblegas> I think it all boils down to the fact that from the local machine certain programs cannot reach the outside world because of proxy
14:39 < _noblegas> Or whatever
14:39 < _noblegas> So maybe if I run a program in VM and it uses NAT - then they still won't be able to go through
14:40 < regdude> I have seen some companies have set up quite strict intranet, where some computer have access to the Internet and some don't and since no one wants to hire anyone who understands something, then they just setup proxy on their computers and can have Internet access on a computer in an intranet, might be your case
14:40 < djph> and if that's the case, then you have to configure the VM to talk to the corporate proxy, not some randomly setup proxy on your hsot.
14:41 < _noblegas> Well
14:41 < _noblegas> From what I understand Corp proxy works through pac file
14:41 < _noblegas> Ok I will try that also
14:42 < _noblegas> Thanks
15:03 < _noblegas> A bit stupid question,  but what is resolved first - proxy or dns
15:08 < Apachez> who are "they"?
15:08 < MikeSeth> _noblegas: the proxy will decide how it does that
15:08 < MikeSeth> assuming you're talking HTTP[s]
15:11 < _noblegas> Ok
15:11 < _noblegas> What I did so far
15:11 < ||cw> there are a few ways to restrict internet, and installing squid on your VM host doens't have anything to do with any of them
15:12 < _noblegas> I found the POC file
15:12 < _noblegas> I downloaded it
15:12 < _noblegas> From it I found what the proxy is
15:12 < _noblegas> *pac file
15:13 < _noblegas> I set this proxy in my guest Linux machine settings
15:13 < _noblegas> Now it says: proxy authentication required
15:15 < lupine> sounds like the proxy requires authentication
15:15 < _noblegas> Omg now it works from curl
15:17 < _noblegas> Ah, no its the webpage from the proxy
15:18 < _noblegas> Saying that authentication is required
15:18 < _noblegas> But how do I find out what authentication it needs?
15:21 < djph> probably your network username ( and password)
15:21 < _noblegas> Says 'kerberos with ntlm fallback'
15:22 < _noblegas> Probably proxy uses windows something to authenticate
15:22 < MikeSeth> Kerberos GSSAPI, yes
15:23 < _noblegas> That's probably why there is no way to set up the proxy configuration from guest Linux machine. Probably, it's why guest Linux machine should connect to squid - and squid will authenticate with the proxy.
15:24 < _noblegas> *squid running on the host machine
15:24 < MikeSeth> You can authenticate against a Windows domain with samba and krb5
15:24 < _noblegas> Thanks a lot I will search for this
15:25 < MikeSeth> You probably do not want to induce your guest vm into the domain just for this
15:25 < MikeSeth> though I am not sure it is required in your use case strictly speaking
15:26 < _noblegas> What I meant earlier is that from what I understood - the idea was that guest VM connects to squid on the host machine - and squid will do the authentication against the proxy
15:26 < _noblegas> As squid is running within windows environment
15:27 < MikeSeth> is this in the lab?
15:27 < MikeSeth> cause it makes no sense to me otherwise
15:27 < Apachez> _noblegas: but why?
15:27 < _noblegas> But how otherwise I can connect from guest VM application to the outside world
15:28 < MikeSeth> er
15:28 < MikeSeth> NAT or bridged interface?
15:28 < MikeSeth> I think it's time for xyproblem
15:28 < MikeSeth> _noblegas: http://xyproblem.info/
15:28 < _noblegas> Let me try
15:29 < Apachez> _noblegas: the vm guest runned on your host can either be bridged or nated
15:29 < Apachez> in any case you dont need any proxy on your host
15:29 < _noblegas> Well, the issue is - was told if Nat is used - then not urls are accessible
15:29 < MikeSeth> by whom
15:29 < _noblegas> Previous people who tried to set it up
15:29 < Apachez> who told you this?
15:29 < _noblegas> That's why they introduced squid
15:30 < Apachez> which incompetent moron told you this?
15:30 < Apachez> if you configure it as a bridge (if we talk virtualbox now) the bridge will use the same drivers as the host nic
15:30 < Apachez> so if your host use 192.168.0.1/24 your vm guest will use for example 192.168.0.2/24
15:30 < _noblegas> They are highly competent. It's just that I can't explain the problem clearly here as I am incompetent :(
15:31 < MikeSeth> Is this a high security environment?
15:31 < _noblegas> Yes
15:31 < Apachez> the other method when using nat then the traffic is nated to the host ip and the vm guest gets another range like 10.0.0.1/24
15:31 < MikeSeth> sigh
15:31 < Apachez> depending on how your nat is setup
15:31 < Apachez> in those case it will be a vbox nic
15:31 < Apachez> normally intel e1000
15:31 < MikeSeth> _noblegas: so web traffic is blocked and an interdicting proxy is forced on it?
15:32 < _noblegas> Probably, but I didn't understand what is interdirecting proxy is
15:32 < MikeSeth> _noblegas: well, a web proxy that examines your traffic and can't be avoided
15:33 < MikeSeth> in the sense that if you do not use it you can't have access at all
15:33 < _noblegas> Yes
15:33 < _noblegas> You're right
15:33 < _noblegas> So from browser I can access the outside world
15:34 < _noblegas> But applications cannot access the outside world (Google.com etc)
15:34 < MikeSeth> _noblegas: so you need to configure a browser under Linux to do NTLM authentication to the proxy
15:35 < _noblegas> Yes probably, what they told me I need to install squid or cntlm
15:35 < _noblegas> But there are some problems with cntlm - they told me. That's why I installed squid.
15:35 < MikeSeth> squid is not pretty on configuration
15:35 < _noblegas> In the past I managed to make it work with setting up fiddler as a reverse proxy
15:36 < _noblegas> MikeSeth: I am so happy that you understand my problem
15:36 < MikeSeth> if this is a high security set up, are you actually authorized to do this?
15:37 < MikeSeth> https://superuser.com/questions/128243/how-do-i-configure-ntlm-authentication-in-firefox-on-linux
15:37 < _noblegas> Yes it's a high security set up.
15:37 < _noblegas> So I am an application dev
15:37 < _noblegas> But I am working on my work computer that is connected to this high security network
15:38 < MikeSeth> see above
15:39 < _noblegas> Thank you
15:41 < _noblegas> Ok but I cannot install packages
15:42 < _noblegas> Because no Internet access
15:42 < _noblegas> Ok, I'll try downloading it and copying to machine
15:44 < nostrora> Hi someone know how unifi controller is working ? Because i'm connected on UAC AP PRO but Unifi controller dsn't see my UAC AP PRO :/
15:45 < eeee> Hi. I have wrt54gl router. Is it possible to configure wrt router to have standalone switch and separate router with ap via wan port?
15:46 < lupine> probably. if nothing else, slap openwrt on it. that will support it
15:47 < eeee> lupine: could it be done in dd-wrt?
15:47 < lupine> sure
15:50 < tds> It looks like that has a built in 5 port switch, so you can just put the wan port on one vlan, all the LAN ports on another, and then bridge the wan vlan interface on the cpu to the WiFi interface
15:54 < eeee> tds: can u link more detailed information on that
16:05 < ||cw> eeee: you want the switch ports to not connect to the router?
16:05 < eeee> ||cw: y
16:06 < black_13> how would I test echo or an echo server using nc
16:08 < ||cw> so, the default is that the 4 switch ports are vlan0, the wan port is vlan 1, both are tagged to the CPU on eth0, and the wifi is eth1 or wl0.  vlan0 and wl0 are bridged, and vlan1 then that's routed/nat'd to vlan1
16:09 < ||cw> you need to modify the config, likely from wifi, to remove vlan0 from the bridge.  technically that's all you should need to do, but be prepared to factory reset
16:09 < ||cw> black_13: connect to the port and type in the protocol commands
16:10 < black_13> is this right to place to ask about this question
16:11 < ||cw> black_13: sure, but nc is pretty simple, you might say what you tried that isn't working
16:11 < hatmadderz> I've developed a software which relies on being able to send and receive e-mail through an external API of some sort. That is, the program handles everything locally besides the actual sending of individual e-mails, and grabbing incoming e-mails from some always-on server. My program is not "always online" but run on a desktop computer daily. I don't need or want any fancy "managed mailing list", "e-mail templates" or any of that stuff --
16:11 < hatmadderz> just to talk to an API hosted by some company that handles all of the details of actually delivering/receiving and temporarily storing e-mails. I originally made this to support Mailgun, but their site has apparently stopped working or they silently deleted my account without any kind of notice, and all of their competitors either only allow "transactional" e-mails, don't support incoming e-mails at all, or both. I've visited numerous of
16:11 < hatmadderz> these dumbed-down websites now and feel as if I'm missing something. They all seem to be for a fully "managed" solution where they host everything and automate everything for a specific task (such as sending out "promotional" bulk e-mails). I'm looking for a generic, barebones thing that simply allows me to send and receive e-mail and it's entirely up to me whether I will get blocked by ISPs as a spammer if I behave in a way they don't like.
16:12 < hatmadderz> (Probably means I'm forced to buy a dedicated IP address from them, which is okay with me as long as it doesn't cost a fortune.) Please let me know if you can recommend something, or how I could possibly make this happen in some way without having to deal with setting up my own e-mail servers and all that headache.
16:12 < black_13> I am writing or trying to write an echo server using winsock and check it works correct with nc
16:12 < hatmadderz> I've developed a software which relies on being able to send and receive e-mail through an external API of some sort. That is, the program handles everything locally besides the actual sending of individual e-mails, and grabbing incoming e-mails from some always-on server. My program is not "always online" but run on a desktop computer daily. I don't need or want any fancy "managed mailing
16:12 < hatmadderz> list", "e-mail templates" or any of that stuff -- just to talk to an API hosted by some company that handles all of the details of actually delivering/receiving and temporarily storing e-mails. I originally made this to support Mailgun, but their site has apparently stopped working or they silently deleted my account without any kind of notice, and all of their competitors either only allow
16:13 < hatmadderz> "transactional" e-mails, don't support incoming e-mails at all, or both. I've visited numerous of these dumbed-down websites now and feel as if I'm missing something. They all seem to be for a fully "managed" solution where they host everything and automate everything for a specific task (such as sending out "promotional" bulk e-mails). I'm looking for a generic, barebones thing that simply
16:13 < hatmadderz> allows me to send and receive e-mail and it's entirely up to me whether I will get blocked by ISPs as a spammer if I behave in a way they don't like. (Probably means I'm forced to buy a dedicated IP address from them, which is okay with me as long as it doesn't cost a fortune.) Please let me know if you can recommend something, or how I could possibly make this happen in some way without having
16:14 < DocScrutinizer05> lolwut?
16:14 <+xand> WTF
16:16 < tonyt> hatmadderz you shouldnt be spamming. people dont like that
16:16 < ||cw> black_13: but what nc commands did you try?
16:17 < black_13> sorry I am being distracted
16:17 < ||cw> black_13: you might also try nc against a known working echo server just in case the issue is that your server isn't working
16:23 < gkwhc> hey guys, i was wondering why most proxy configurations ignore localhost/127.0.0.1?
16:38 < DocScrutinizer05> waaah, netstat not found :-O     ~> LC_ALL=C cnf netstat          The program 'netstat' can be found in following packages:   * net-tools-deprecated [ path: /bin/netstat, repository: zypp (download.opensuse.org-oss_2) ]   ---  DEPRECATED??? WHY? what else I'm supposed to use?
16:39 <+xand> use "ss"
16:40 <+xand> like you'd use "ip" instead of "ifconfig"
16:40 < DocScrutinizer05> I hate ip
16:40 < DocScrutinizer05> thanks anyway
16:40 <+xand> that's nice, but ifconfig doesn't work properly anymore.
16:40 < DocScrutinizer05> any hint *why* it's deprecated?
16:40 < DocScrutinizer05> ohmy
16:41 <+xand> e.g. ifconfig won't show secondary IPv4 addresses, and it can't handle some hardware addresses
16:41 < DocScrutinizer05> DAMN!
16:44 < DocScrutinizer05> all those monolithic monster programs like ip, systemd, whateverthename. their man pages could get published as a book, each one of them
16:47 < eeee> ||cw: thanks for help, what its bridged to what is kind of confusing at first.
16:47 < DocScrutinizer05> loosely related: do you know of any still working command sequence that compares your sysclock to the cmos clock and the NTP time, without changing any of the three?
16:47 < ||cw> yeah, especially they way dd-wrt's admin pages present it
16:49 < ||cw> DocScrutinizer05: that's OS specific
16:49 < DocScrutinizer05> linux
16:50 < ||cw> hwclock
16:53 < DocScrutinizer05> yeah, hwclock still works, but how do I get NTPtime without same time setting my local clocks ?
16:54 < Apachez> hwclock stores current time into rtc module
16:54 < Apachez> if you dont run hwclock your old clock will be shown after reboot and no ntp to sync against
16:54 < DocScrutinizer05> hm?
16:54 < Apachez> you can use ntpdate to manually query a ntp server
16:54 < DocScrutinizer05> hwclock transfers systime to cmos, or vice versa, or shows cmos time
16:55 <+pppingme> most distribs have "hwclock --systohc" somewhere in the shutdown scripts
16:55 < DocScrutinizer05> and it might adjust the adjtime file offsets
16:55 < DocScrutinizer05> my problem is NTP, not cmos clock
16:55 < Apachez> so whats your problem from the beginning then?
16:55 < DocScrutinizer05> ^^^
16:55 < Apachez> what kind of issue is it you are trying to solve?
16:56 <+pppingme>  but how do I get NTPtime without same time setting my local clocks ? <<  that not your question?
16:56 < Apachez> you use ntpdate
16:56 < DocScrutinizer05> how do I get NTPtime without same time setting my local clocks ?
16:56 < Apachez> already answered
16:56 < Apachez> NEXT!
16:56 < DocScrutinizer05> ooh I missed that answer
16:57 < DocScrutinizer05> no manpage for ntpdate
16:58 <+pppingme> not much to ntpdate...  literally "ntpadate server" and it tells you what it did
17:01 < DocScrutinizer05> what been the canonical "for lusers" NTP server URL?
17:01 <+pppingme> are you just trying to "see" the time on a remote ntp server?
17:01 < DocScrutinizer05> yep
17:01 <+pppingme> without doing anything locally (hwclock or system time)?
17:01 < DocScrutinizer05> yep
17:01 <+pppingme> ok, run "ntpdate -q remotentpserver"
17:01 < DocScrutinizer05> pool,ntp.org?
17:01 <+pppingme> the -q means query only..
17:02 < DocScrutinizer05> aah -q, thanks
17:02 < ||cw> DocScrutinizer05: ntpdate can do that
17:02 <+pppingme> it won't adjust sysclock or hwclock
17:02 < DocScrutinizer05> can you help me out with the URL?
17:03 < ||cw> DocScrutinizer05: I'm curious, what tools have you been check man pages on?
17:03 < DocScrutinizer05> please rephrase
17:03 < ||cw> why are you asking questions about the use of the standard linux date/time/ntp tools?
17:04 < DocScrutinizer05> I know there been ntpdate, ntptime, netdate and possibly nettime. I tried manpages for all of them
17:04 < ||cw> what are you looking at that the answers arne't clearly there?
17:04 < DocScrutinizer05> this suse leap15 has ntpdate but no manpage for it
17:05 <+pppingme> what command/syntax are you using to try it?
17:05 < ||cw> that's kinda lame, but, you can google man pages.
17:05 < DocScrutinizer05> a decade ago I used one of the 4 commands I quoted above, without providing a server URL
17:06 < ||cw> one of the core ntp commands can probably do that
17:06 < DocScrutinizer05> prolly it's not configured anymore, since systemd ate NTP
17:07 < ||cw> yeah, ntp is generally only run on ntp servers now, so many lighter alternatives
17:08 < Sout> most are going with chrony. and re the command ntpdate -q pool.ntp.org
17:09 < ||cw> or whatever ntp server you use
17:15 < DocScrutinizer05> that's the 1 million dollar question ;-) just tried pool.ntp.org and it seems like suffering a "DDoS" - takes 6 seconds to finish
17:16 < Poster> that's not uncommon, the synchronization has to do tests to calculate the latency between the client and server and apply that delta to whatever time is ultimately set
17:17 <+pppingme> DocScrutinizer05 by default, ntpdate does at least 4 queries, it will take a few seconds
17:18 < DocScrutinizer05> just a `date;ntpdate;date` a 10 years ago usually allowed me to estimate accuracy of local clock since first and seconfd `date` were no more than 0.2s apart
17:18 <+pppingme> time ntpdate -q pool.ntp.org takes real	0m6.979s
17:18 < Poster> you can see it in action if you run a tcpdump, otherwise your clock settings would be off by whatever latency existed between you and your time source
17:18 < DocScrutinizer05> real    0m6.738s :-)
17:18 <+pppingme> so nothing out of the normal
17:19 < linux_probe> lol
17:19 <+pppingme> why not just run it directly, it will tell you with high accuracy...
17:19 < DocScrutinizer05> yeah, I guess my config was "faster" back when ntpdate didn't need any parameters but used some /etc/ config files
17:19 <+pppingme> sudo time ntpdate pool.ntp.org
17:19 <+pppingme> 13 Jul 10:19:21 ntpdate[14285]: adjust time server 108.59.2.24 offset -0.005859 sec
17:22 < DocScrutinizer05> nah, sth changed in ntpdate, I guess. Even a /usr/sbin/ntpdate -q 192.168.4.1  takes 6s
17:23 < DocScrutinizer05> wireshark rime
17:23 < DocScrutinizer05> time
17:23 <+pppingme> you could add "-p 1" to shorten time, but results won't be as accurate
17:23 < DocScrutinizer05> oooh, thanks
17:24 < DocScrutinizer05> OHYEAH!
17:24 < DocScrutinizer05> real    0m0.119s
17:24 <+pppingme> but like I said, results not as accurate
17:24 < DocScrutinizer05> changed from "offset -0.002081 sec" to "offset -0.001835 sec"
17:25 <+pppingme> those are reasonably close
17:25 < DocScrutinizer05> thanks guys for the patience with me
17:25 <+pppingme> you'll get more varience than that just between ntpdate runs
17:26 < DocScrutinizer05> --- 192.168.4.1 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4095ms rtt min/avg/max/mdev = 0.171/0.183/0.205/0.021 ms
17:31 < DocScrutinizer05> do you know if default changed from -p1 to -p6 or whatever during last decade?
17:33 < DocScrutinizer05> Poster: do you know how the latency compensation works? a simple RTT/2 ?
17:36 < detha> with -p1, that is all it can do
17:36 < DocScrutinizer05> yeah, that's what I thought
17:37 < DocScrutinizer05> maybe do some magic in server, calculating own process runtime between receiving request and sending out reply, or somesuch
17:38 < detha> meh. that's going into PTP territory
17:38 < DocScrutinizer05> PTP?
17:38 < detha> precision time protocol
17:38 < DocScrutinizer05> hehe
17:39 < detha> server sends packet, NIC corrects timestamp
17:39 < DocScrutinizer05> I'm just genuinely curious. Not like a second off on my local time would matter
17:44 < detha> DocScrutinizer05: ntp and friends work off statistics. the more samples they have, over a long period, the more accurate they get
17:46 < Some_Person> What should I do with 100 ft of "Cat5e" cable that appears to contain no copper?
17:46 < detha> Call it fiber
17:50 < foxdie> lol detha
17:50 < ||cw> Some_Person: wait, what?
17:51 < Apachez> perhaps its using some aluminium instead of copper?
17:51 < DocScrutinizer05> a hoax?
17:51 < DocScrutinizer05> aah, alu. yeah
17:51 < DocScrutinizer05> Some_Person: what do you *want* to do with it?
17:52 < spaces> IRC is not that sexy on a friday afternoon
17:52 < Apachez> no the question is what spaces can do with it for *you*
17:52 < spaces> Apachez are you drunk again ?
17:52 < Some_Person> ||cw: Cheap ass cable I bought on ebay years ago. Got a refund, was told to keep it, and I still have it
17:52 < DocScrutinizer05> don't ask what your cable can do for you, ask what you can do for your cable
17:53 < ||cw> Some_Person: use it for a 100m link where performance doens't matter?
17:53 < Some_Person> I suspect it's probably aluminum, but have no way of knowing for sure
17:53 < my_mind> DocScrutinizer05: throw it away
17:56 < DocScrutinizer05> to construe a topical relevance: freenode has a new service  https://www.linuxjournal.com/content/freenode-launches-new-job-board-two-more-spectre-security-holes-discovered-debian-joins
18:07 < lizardlarry> For some reason my wireless LAN is hardblocked. Will resetting the BIOS fix this? I am running Debian.
18:11 < compdoc> doubtful the bios is involved
18:13 < lizardlarry> what remedies would you suggest?
18:14 < compdoc> what do you mean by hardblocked'
18:14 < spaces> compdoc long time no see :)
18:14 < compdoc> still kickin
18:14 < lizardlarry> as in I run rfkill and phy0 is hardblocked
18:14 < spaces> compdoc good to hear!
18:15 < compdoc> :)
18:15 < spaces> just try to stay sexy
18:15 < spaces> it's all you need
18:17 < compdoc> heh, harder to do as time goes by
18:18 < lizardlarry> I can toggle the softblock on and off using f12 on my keyboard, but rfkill unblock doesnt fix the hardblock issue