**** BEGIN LOGGING AT Fri Jun 22 03:00:01 2018
Jun 22 05:37:19 <mangix> dissent1: ping
Jun 22 06:07:26 <dissent1> mangix: pong
Jun 22 06:09:28 <owrt-snap-builde> build #53 of gemini/generic is complete: Failure [failed images]  Build details are at http://phase1.builds.lede-project.org/builders/gemini%2Fgeneric/builds/53  blamelist: Hans Dedecker <dedeckeh@gmail.com>, Chuanhong Guo <gch981213@gmail.com>, Stijn Tintel <stijn@linux-ipv6.be>, Mathias Kresin <dev@kresin.me>
Jun 22 06:27:25 <landwork> blogic: can you please take a look at this before I pull request -> https://github.com/TouchStar/openwrt/commit/90e379fabe8dda20576b1745df1d51733cc93181
Jun 22 06:27:53 <landwork> to save myself embarrassment on pull request ;P
Jun 22 06:31:44 <blogic> landwork: looks good
Jun 22 06:54:35 <samin8300> Hi I need openwrt for EA8300?
Jun 22 06:54:39 <samin8300> !
Jun 22 07:06:21 <blogic> landwork: idea''y you send it now and we can backport it to 18.06
Jun 22 07:15:39 <blogic> landwork: merged and backported, Thanks !
Jun 22 07:20:13 <blogic> nbd: https://github.com/openwrt/openwrt/pull/1083
Jun 22 07:22:01 <dedeckeh> blogic:ping
Jun 22 07:22:06 <blogic> dedeckeh: hi
Jun 22 07:25:32 <jow> dedeckeh: https://bugs.openwrt.org/index.php?do=details&task_id=1426
Jun 22 07:26:15 <jow> likely also fixes https://bugs.openwrt.org/index.php?do=details&task_id=1591
Jun 22 07:26:54 <jow> can you look into it? The patch suggested in 1426 looks sane to me. Poking you because you're most familiar with our ipv6 userland
Jun 22 07:29:26 <dedeckeh> jow:will have a look
Jun 22 07:30:06 <jow> also ping KanjiMonster ^
Jun 22 07:35:04 <jow> dedeckeh: KanjiMonster: un-ping; this was fixed with "58f7b5b96c kernel: add missing in6_dev_put_clear call to an ipv6 network patch"
Jun 22 07:35:36 <dedeckeh> jow:correct I thought nbd fixed this
Jun 22 07:57:04 <owrt-1806-builds> build #30 of arc770/generic is complete: Failure [failed pkgbuild]  Build details are at http://release-builds.openwrt.org/18.06/images/builders/arc770%2Fgeneric/builds/30  blamelist: David Thornley <david.thornley@touchstargroup.com>, John Crispin <john@phrozen.org>, Ansuel Smith <ansuelsmth@gmail.com>
Jun 22 08:04:33 <owrt-1806-builds> build #38 of malta/be is complete: Failure [failed pkgbuild]  Build details are at http://release-builds.openwrt.org/18.06/images/builders/malta%2Fbe/builds/38  blamelist: David Thornley <david.thornley@touchstargroup.com>, John Crispin <john@phrozen.org>, Ansuel Smith <ansuelsmth@gmail.com>
Jun 22 08:06:10 <owrt-1806-builds> build #39 of apm821xx/nand is complete: Failure [failed pkgbuild]  Build details are at http://release-builds.openwrt.org/18.06/images/builders/apm821xx%2Fnand/builds/39  blamelist: David Thornley <david.thornley@touchstargroup.com>, John Crispin <john@phrozen.org>, Ansuel Smith <ansuelsmth@gmail.com>
Jun 22 08:09:23 <nbd> blogic: ack for pull request 1083
Jun 22 08:09:34 <owrt-1806-builds> build #39 of ramips/rt3883 is complete: Failure [failed pkgbuild]  Build details are at http://release-builds.openwrt.org/18.06/images/builders/ramips%2Frt3883/builds/39  blamelist: David Thornley <david.thornley@touchstargroup.com>, John Crispin <john@phrozen.org>, Ansuel Smith <ansuelsmth@gmail.com>
Jun 22 08:10:06 <blogic> i have borkage it
Jun 22 08:12:37 <blogic> looks like one of the ath10k patches fails, let me build a tree to fix it
Jun 22 08:17:12 <stintel> mornin'
Jun 22 08:17:21 <owrt-1806-builds> build #37 of ar71xx/mikrotik is complete: Failure [failed pkgbuild]  Build details are at http://release-builds.openwrt.org/18.06/images/builders/ar71xx%2Fmikrotik/builds/37  blamelist: David Thornley <david.thornley@touchstargroup.com>, John Crispin <john@phrozen.org>, Ansuel Smith <ansuelsmth@gmail.com>
Jun 22 08:20:07 <dedeckeh> jow:I reverted the uci config parsing and callback handling patch in openwrt-18.06 and lede-17.01 which broke the qos scripts
Jun 22 08:38:41 <owrt-1806-builds> build #36 of ixp4xx/harddisk is complete: Failure [failed pkgbuild]  Build details are at http://release-builds.openwrt.org/18.06/images/builders/ixp4xx%2Fharddisk/builds/36  blamelist: David Thornley <david.thornley@touchstargroup.com>, John Crispin <john@phrozen.org>, Ansuel Smith <ansuelsmth@gmail.com>
Jun 22 08:39:53 <owrt-1806-builds> build #36 of cns3xxx/generic is complete: Failure [failed pkgbuild]  Build details are at http://release-builds.openwrt.org/18.06/images/builders/cns3xxx%2Fgeneric/builds/36  blamelist: David Thornley <david.thornley@touchstargroup.com>, John Crispin <john@phrozen.org>, Ansuel Smith <ansuelsmth@gmail.com>
Jun 22 08:44:46 <owrt-1806-builds> build #36 of ar71xx/tiny is complete: Failure [failed pkgbuild]  Build details are at http://release-builds.openwrt.org/18.06/images/builders/ar71xx%2Ftiny/builds/36  blamelist: David Thornley <david.thornley@touchstargroup.com>, John Crispin <john@phrozen.org>, Ansuel Smith <ansuelsmth@gmail.com>
Jun 22 08:52:37 <blogic> fixed the ath10k build breakage
Jun 22 08:54:54 <owrt-1806-builds> build #38 of mvebu/cortexa9 is complete: Failure [failed images]  Build details are at http://release-builds.openwrt.org/18.06/images/builders/mvebu%2Fcortexa9/builds/38  blamelist: David Thornley <david.thornley@touchstargroup.com>, John Crispin <john@phrozen.org>, Ansuel Smith <ansuelsmth@gmail.com>
Jun 22 08:59:51 <wigyori> morning
Jun 22 09:06:31 <wigyori> blogic: btw, there are new releases for the amd64/intel-microcode packages, but i won't bump them before -rc1, only in the next point release, as they're not tested
Jun 22 09:07:38 <blogic> wigyori: yep, saw that
Jun 22 09:09:03 <wigyori> ok. i'll do that in trunk in the next few days.
Jun 22 09:21:21 <Tapper> Hi is ath79 ready for the c7 yet?
Jun 22 09:21:27 <Tapper> c7-v2
Jun 22 09:22:01 <Tapper> I am just flashing snapshots to my router and APs
Jun 22 09:22:11 <blogic> there is a pending PR for it
Jun 22 09:22:32 <Tapper> That's why I am asking if I should stick with r71xx for my c7 or ath79
Jun 22 09:25:12 <Tapper> never mind I have my ancer
Jun 22 09:47:29 <blogic> jow: i think i am done
Jun 22 10:24:26 <wilson2860> has anyone tried to get the hardware crypto support going with the mt7621 ? there's a driver in the 4.14 kernel is there ?
Jun 22 10:26:23 <blogic> no and no
Jun 22 10:26:45 <blogic> wilson2860: the crypto driver is for mt7623
Jun 22 10:26:50 <blogic> and works very well there
Jun 22 10:27:02 <blogic> but will need a bit of loving care to get going on 7621
Jun 22 10:28:11 <wilson2860> ah ok, my bad then
Jun 22 10:37:47 <Rene__> blogic: I try to get SFP port working on ubiquity ER-X-SFP. I know that you done a lot on the mt7623. Because I am not a hardcore developer I struggle with link between the code and DTS.
Jun 22 10:39:49 <wilson2860> i've been trying to get a d-link dir645 working again but something is going wrong somewhere, i've been merging in trees with support for the realtek switch mdio, that might be the problem, but it used to work
Jun 22 10:40:09 <wilson2860> next think i might try is mkreskin tree and edting the dts file
Jun 22 10:46:05 <huaracheguarache> blogic: hi! when you have time, can you please take a look at this kernel bump and merge it if all is ok: https://patchwork.ozlabs.org/patch/932897/
Jun 22 10:47:35 <huaracheguarache> blogic: it fixes an issue with single stream iperf3 throughput on the r7800
Jun 22 10:48:39 <huaracheguarache> blogic: btw, for some reason patchwork lists me as the author of that patch when it's actually Kevin
Jun 22 10:54:22 <mangix> dissent1: what temperature do you get on mwlwofi? /sys/kernel/debug/ieee80211/phy[01]/mwlwifi/temperature or something similar
Jun 22 10:54:59 <mangix> i'm getting 141 on a WRT1900v1
Jun 22 10:56:16 <nitroshift> mangix, i'd say that's a reading error
Jun 22 10:56:42 <mangix> oh?
Jun 22 10:57:34 <stintel> cool. ath10k_thermal seems to work on my DAP-2695
Jun 22 10:57:49 <nitroshift> stintel, o/
Jun 22 10:57:54 <stintel> nitroshift: \o
Jun 22 10:58:08 <stintel> driving to Belgium tomorrow
Jun 22 10:58:27 <nitroshift> yeah, not going through my town, are you?
Jun 22 10:58:35 <stintel> nah that's too big of a detour
Jun 22 10:58:42 <stintel> and need to be at $client on monday
Jun 22 10:58:55 <nitroshift> heh... petrol ain't cheap :p
Jun 22 10:59:07 <stintel> it isn't. and I'm about to use ~250l
Jun 22 10:59:14 <stintel> in <25h :P
Jun 22 10:59:28 <nitroshift> petrol head ^
Jun 22 10:59:31 <nitroshift> :))
Jun 22 10:59:38 <stintel> /sys/class/ieee80211/phy0/device/hwmon/hwmon0/temp1_input:57000
Jun 22 10:59:54 <wilson2860> belgium hey, had some Hoegaarden White Beer the other day, very nioce
Jun 22 11:00:07 <stintel> I really don't like hoegaarden
Jun 22 11:00:15 <stintel> I'll have a Duvel instead
Jun 22 11:00:43 <stintel> I guess CONFIG_ATH10K_THERMAL is not something we can enable per-device
Jun 22 11:00:51 <nitroshift> stintel, have a good trip
Jun 22 11:00:59 <nitroshift> talk whenever we catch up
Jun 22 11:01:08 * nitroshift goes on week-end
Jun 22 11:08:44 <aparcar> does it make sense to add PKG_BUILD_PARALLEL to every package which consists of scripts (Lua, Shell) only?
Jun 22 11:12:28 <jow> aparcar: not really as there'd be not much to parallellize
Jun 22 11:13:00 <jow> unless you have elaborate makefiles doing install commands or something which could be parallelized
Jun 22 11:14:34 <dissent1> mangix: i'll chexk when i'm at home
Jun 22 11:22:18 <aparcar> jow thanks, I though it tells the make process that it may continue to build other packages in parallel
Jun 22 11:27:07 <rotanid> hm, is it expected to still have the URLs with lede-project.org for the package feeds in current master snapshot builds?
Jun 22 11:29:05 <jow> aparcar: no, the flag you mentioned is about parallelizing the make process within the package build
Jun 22 11:29:33 <jow> rotanid: no. compare /etc/opkg/distfeeds.conf with /rom/etc/opkg/distfeeds.conf
Jun 22 11:30:20 <rotanid> device elsewehre and offline atm. but it was a fresh flash, build date 21.06.2018 from snapshot downloads server, device had no LEDE/OpenWrt before
Jun 22 11:30:51 <jow> rotanid: then your buildroot is maybe unclean, you have version overrides in .config or overlayed stuff in files/
Jun 22 11:31:01 <rotanid> i didnt build myself
Jun 22 11:31:12 <rotanid> "build date 21.06.2018 from snapshot downloads server"
Jun 22 11:31:24 <rotanid> lantiq target
Jun 22 11:31:55 <rotanid> maybe the buildroot is unclean on the "official" buildservers?
Jun 22 11:32:38 <owrt-snap-builde> build #39 of mediatek/mt7623 is complete: Failure [failed kmods]  Build details are at http://phase1.builds.lede-project.org/builders/mediatek%2Fmt7623/builds/39  blamelist: Chen Minqiang <ptpt52@gmail.com>, David Thornley <david.thornley@touchstargroup.com>, Kristian Evensen <kristian.evensen@gmail.com>, John Crispin <john@phrozen.org>, Ansuel Smith
Jun 22 11:32:38 <owrt-snap-builde> <ansuelsmth@gmail.com>
Jun 22 11:35:49 <jow> maybe
Jun 22 11:38:01 <movi> is john crispin here? :)
Jun 22 11:38:02 <rotanid> i could try another target this weekend
Jun 22 11:38:38 <rotanid> but best would be someone having a lantiq device also tests the build from yesterday
Jun 22 11:42:51 <jow> rotanid: the builders are fine, include/version.mk was never updated
Jun 22 11:43:31 <stintel> blogic: what about https://git.openwrt.org/d0b8ab60 ?
Jun 22 11:44:54 <rotanid> jow: oh wow, i really spotted a bug ;)
Jun 22 11:45:15 <rotanid> maybe a grep for "lede" over the whole tree... :D
Jun 22 11:46:13 <rotanid> jow: if you're changig it, consider using "https" for the bugs and forum and website links maybe
Jun 22 11:50:11 <stintel> yay, I have a working 5GHz LED on my DAP-2695 \o/
Jun 22 11:50:53 <f00b4r0> 5GHz LED? that's lightspeed fast :3
Jun 22 11:50:56 <stintel> oops, needs some cleanup
Jun 22 11:50:59 <stintel> hahaha
Jun 22 11:51:25 <movi> it works for c2600 as well :3
Jun 22 11:51:56 <movi> stintel: how can i enable ATH10K_THERMAL in 18.06-rc1, i don't see it in the makefile ?
Jun 22 11:55:46 <stintel> movi: you can't, this patch is not backported
Jun 22 11:56:13 <movi> :<
Jun 22 11:56:42 <movi> i see it in the backports dir, just not in the openwrt menuconfig
Jun 22 11:57:45 <jow> backports dir != backported commit from one branch to another
Jun 22 12:05:26 <ultito> morning
Jun 22 12:05:40 <ultito> and congratulate for RC1
Jun 22 12:08:38 <Monkeh> stintel: Pffff, I have a working 468THz LED
Jun 22 12:08:44 <stintel> 😂
Jun 22 12:11:19 <ultito> it is still light frequency?
Jun 22 12:11:58 <Monkeh> It pales in comparison to the 638THz ones. I try not to use those.
Jun 22 12:13:07 <ultito> :-)
Jun 22 12:13:50 <stintel> blogic: updated commit for enabling ath10k LED support -> https://git.openwrt.org/6dcf44e2
Jun 22 12:17:55 <stintel> what tool is used to compare sizes before and after enabling something? the one with hex, text, something something
Jun 22 12:18:38 <Monkeh> stintel: That would be, wait for it
Jun 22 12:18:40 <Monkeh> size.
Jun 22 12:19:07 <stintel> heh
Jun 22 12:19:10 <stintel> TIL ...
Jun 22 12:19:25 <Monkeh> It's from binutils
Jun 22 12:19:26 <stintel> thanks
Jun 22 12:24:40 <stintel> hmm, no size difference in ath10k_{core,pci}.ko with that LED support enabled, is that even possible?
Jun 22 12:26:10 <stintel> ugh, nvm
Jun 22 12:26:47 <stintel> must be friday
Jun 22 12:32:44 <stintel> 684 byte
Jun 22 12:32:49 <stintel> is that too much to enable it by default?
Jun 22 12:34:11 <mamarley> I would think most devices with ath10k chips would be new enough that they wouldn't be severely space-constrained.
Jun 22 12:46:08 <stintel> https://git.openwrt.org/f7d3ba75 enabled by default now
Jun 22 12:46:29 <stintel> mkresin: as I'm referring to one of your commits there, what do you think ^
Jun 22 12:49:01 <mkresin> stintel: I'm not entirely happy with ath10k led patch
Jun 22 12:49:20 <mkresin> stintel: added my notes at the time it was discussed on linux-wireless
Jun 22 12:50:10 <stintel> mkresin: well it was added to the repo earlier today. I just want to make it useful ;)
Jun 22 12:50:29 <mkresin> stintel: the patch should add the ath10k gpio support as well
Jun 22 12:51:10 <mkresin> stintel: I would prefer to enable the gpio chip and add a gpio-led instead of using ath10k-phy0
Jun 22 12:52:00 <mkresin> stintel: here an ath9k example: https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=target/linux/lantiq/files-4.14/arch/mips/boot/dts/TDW89X0.dtsi;h=233b7e33342c86f9d84c88de1ef4c37c77f09cc9;hb=HEAD#l228
Jun 22 12:52:27 <stintel> I see
Jun 22 12:54:10 <stintel> makes sense
Jun 22 12:54:22 <blogic> stintel: thx
Jun 22 12:55:09 <stintel> mkresin: what about keeping it how it is now, and replacing it with GPIO based led once someone takes the time to write proper support?
Jun 22 12:56:30 <ldir> stintel: because 'it works' the incentive to 'do it properly' tends to get lost.
Jun 22 12:56:44 <stintel> cleaned up a bit more (whitespace and some typo in commit msg) -> https://git.openwrt.org/5efd8603
Jun 22 12:57:32 <stintel> ldir: true. but we accepted the patch already anyway
Jun 22 12:57:47 <stintel> so either we throw it out, or we make it useful
Jun 22 12:57:54 <ldir> revert revert :-)
Jun 22 13:06:58 <mkresin> stintel: you commit message should encourage people to do it the right way (tm)
Jun 22 13:07:21 <mkresin> stintel: bug i really need to check if ath10 gpio was included in the patch
Jun 22 13:08:25 <mkresin> teh led trigger is nice for minipcie and/or usb ath10k devices, as the wireless led will work out of the box
Jun 22 13:09:17 <stintel> well it mentions something about GPIO controls
Jun 22 13:09:34 <mkresin> if the leds can be better described, we should use propper led names
Jun 22 13:19:02 <movi> won't they be a bit device-dependent?
Jun 22 13:19:48 <movi> since you're getting them from the card and not the board
Jun 22 13:31:43 <jow> ping dedeckeh
Jun 22 13:36:45 <dedeckeh> jow:pong
Jun 22 13:39:04 <ausjke> just reported to debian team that 'apt upgrade' behaves different from 'apt-get upgrade', one upgrades another keeps back, unexpected
Jun 22 13:39:27 <ausjke> they should both switch to opkg instead
Jun 22 13:40:07 <jow> dedeckeh: https://github.com/openwrt/openwrt/pull/1093
Jun 22 13:40:25 <jow> dedeckeh: I recall that Axel tried to get feedback on this one a while back already
Jun 22 13:40:32 <muhaha> Ola guys, can I do something like this ? https://pastebin.com/BiLg2UFA  Install one package from antoher branch feed?
Jun 22 13:40:52 <jow> that fmr patch of ours apparently breaks some legit IPv6 IP-IP tunnel use cases
Jun 22 13:42:08 <dedeckeh> jow:will have a look; problem is I don't have access to a map-e setup
Jun 22 13:43:00 <dedeckeh> jow:recently there was a japanese guy who logged an issue related to map-e; maybe I can ask him to do some testing
Jun 22 13:43:20 <jow> dedeckeh: from looking at the change and the surrounding context it looks sane to me though
Jun 22 13:43:29 <jow> if no FMR stuff is defined, don't enforce any checks
Jun 22 13:43:49 <jow> (https://github.com/aparcar/openwrt/blob/d39909df8fd004c84e6b516374ea3e7898272359/target/linux/generic/pending-4.4/666-Add-support-for-MAP-E-FMRs-mesh-mode.patch#L276)
Jun 22 13:47:43 <dedeckeh> jow:looks indeed sane
Jun 22 13:48:56 <dedeckeh> jow:will merge the patch
Jun 22 13:49:55 <Tapper> Any one know if flow off load is fixt now in 18.6? I had a prob were I would get to menny open tcp connections.
Jun 22 13:51:41 <Tapper> Software flow offloading I am talking about
Jun 22 13:55:23 <Tapper> nice I still get a B for BufferBloat with flow off loading
Jun 22 13:55:34 <Tapper> but mutch faster speeds
Jun 22 13:55:54 * ldir swears he saw a patch go by that fixed that.  Can't find it.
Jun 22 13:56:10 <jow> Tapper: yes, the many-open-connections-issue was adressed by felix
Jun 22 13:56:12 <Tapper> It's A+ with sqm but I loose about 50 meg of download speed
Jun 22 13:56:34 <Tapper> Nice seems to be working good now
Jun 22 13:56:39 <Tapper> so thanks to all
Jun 22 13:56:59 <Tapper> I will kick it around for a day or to to see if it brakes
Jun 22 13:57:29 <Tapper> I have a lot of through put so my house is a good testing ground for some thing like this
Jun 22 13:58:48 <muhaha> Guys, is possible to do something like this ? https://pastebin.com/q7xpiWFY Thanks
Jun 22 13:58:56 <ldir> ahhh commits 18f18a2054 and 244fd1aac6 in 18.06 branch Tapper
Jun 22 13:59:13 <Tapper> Ok thanks mate
Jun 22 13:59:30 <jow> muhaha: in principle yes
Jun 22 13:59:40 <muhaha> but?
Jun 22 13:59:52 <jow> muhaha: 1) I recommend to copy feeds.conf.default to feeds.conf (avoids git collissions in the future(
Jun 22 14:00:29 <Tapper> I have a friend with a wdr3600 who was using sqm on a slow connection I am going to get him to flash a new build and switch to flow offloding to see how that copes
Jun 22 14:00:30 <jow> muhaha: 2) use something like ./scripts/feeds update -a; ./scripts/feeds install -a; ./scripts/feeds uninstall luci-app-lxc; ./scripts/feeds install -p customfeed luci-app-lxc
Jun 22 14:01:32 <Tapper> because his connection is slow he was loosing about 20 % of his speed
Jun 22 14:02:10 <Tapper> for me changing to flow off load is a good trade off for from sqm
Jun 22 14:02:30 <muhaha> jow
Jun 22 14:02:30 <muhaha> jow: superb. Thank you. I guess its better way instead of patching, right?
Jun 22 14:03:44 <ausjke> i always do './scripts/feeds install -a -p myfeed && ./scripts/feeds install -a', in this order my custom feeds will overwrite the official feeds for same packages
Jun 22 14:04:31 <ausjke> if you 'uninstall somepkg', what about future 'feeds update', will it be pulled back in?
Jun 22 14:05:59 * ausjke is reading dns-rebind-attach, basically disable access luci via WAN port will stop it
Jun 22 14:06:12 <ausjke> s/attach/attack/, can never type
Jun 22 14:06:42 <ausjke> disable access luci via WAN while from LAN, that is
Jun 22 14:07:59 <mkresin> movi: for minipcie they are device dependend and the pseudo led should be used. for soldered ath10k pci chips a fixed cnfig can be added
Jun 22 14:09:06 <ausjke> can uhttpd bind to interface instead of IPs
Jun 22 14:10:45 <jow> ausjke: yes
Jun 22 14:10:48 <jow> erm no
Jun 22 14:10:51 <jow> it can't
Jun 22 14:10:57 <jow> bind(2) has no notion of interfaces
Jun 22 14:11:27 <ausjke> SO_BINDTODEVICE?
Jun 22 14:12:00 <jow> will fail hard if the ifindex changes
Jun 22 14:12:24 <jow> change something in luci -> restart network -> br-lan gets recreated -> uhttpd unreachable
Jun 22 14:12:50 <ausjke> ok then, live with IP-binding while using iptables/https/strong-passwd for rebinding attack
Jun 22 14:12:55 <jow> could be solved with interface triggers but mehr
Jun 22 14:13:01 <jow> *meh
Jun 22 14:13:11 <jow> uhttpd has rebind countermesaures for ipv4 at least
Jun 22 14:13:18 <qwefytuiityty> Who knows. Can one L2TP connection to bras/server run in multiple threads for internet trafic? I can use search.
Jun 22 14:13:54 <ausjke> tried lighttpd, have to bind to br-lan IP directly,seems working
Jun 22 14:14:11 <jow> ausjke: you can do that with uhttpd too
Jun 22 14:14:17 <ausjke> yes.
Jun 22 14:14:18 <jow> listen_http 192.168.1.1:80
Jun 22 14:14:54 <ausjke> by the way does it make sense to use letsencrypt to get 'official' ssl cert for openwrt by default these days
Jun 22 14:15:15 <ausjke> there are letsencyrpt update script in pure bash, should be able to port to ash
Jun 22 14:15:36 <ausjke> so when i visit luci i don't see that little red warning
Jun 22 14:16:02 <ausjke> probably need ddns or something
Jun 22 14:16:11 <jow> and a fixed hostname
Jun 22 14:16:26 <jow> what would work is
Jun 22 14:16:36 <jow> 1) ship with something like mdns by default to register some openwrt.lan
Jun 22 14:16:57 <jow> 2) get some proper trusted cert for openwrt.lan
Jun 22 14:17:04 <jow> this will however fail due to:
Jun 22 14:17:17 <jow> 1) requires shipping openwrt.lan secret key
Jun 22 14:17:21 <jow> 2) no CA will do that
Jun 22 14:17:32 <jow> 3) increases install base size
Jun 22 14:17:59 <jow> 4) does not work well with multiple openwrt devices in a network
Jun 22 14:18:03 <muhaha> jow: ./scripts/feeds update -a; ./scripts/feeds install -a (it means that even all packages from customfeeds are installed, right ? ) ./scripts/feeds uninstall luci-app-lxc; ./scripts/feeds install -p customfeed luci-app-lxc
Jun 22 14:18:37 <jow> muhaha: oh right, yeah could be
Jun 22 14:18:53 <jow> didn't check how scripts/feeds reacts to duplicates; you need to play around with it
Jun 22 14:19:13 <ausjke> ./scripts/feeds update -a && /scripts/feeds install -a -p customfeed && ./scripts/feeds update -a; will do the same consistenly for future updates/installs too
Jun 22 14:19:40 <ausjke> ./scripts/feeds update -a && /scripts/feeds install -a -p customfeed &&./scripts/feeds  install -a;
Jun 22 14:20:20 <ausjke> at least that's how I let my own pkg overrides upstream pkgs when needed
Jun 22 14:20:32 <muhaha> ausjke: thanks
Jun 22 14:23:01 <ausjke> jow: on the point 4), if mdns why not working with other openwrt on the LAN, i assume each one will get a different hostname? anyway looks like it's a hassle for letsencrypt
Jun 22 14:23:33 <jow> you can't have four hosts claiming to be openwrt.lan
Jun 22 14:23:42 <ausjke> are you saying mdns giving you a different IP, but all openwrt still have the same openwrt.lan as hostname?
Jun 22 14:23:43 <jow> the browser needs to conenct by name
Jun 22 14:24:04 <jow> if you connect to http://192.168.1.5/ and get a cert for "openwrt.lan" the browser will complain
Jun 22 14:24:13 <jow> you need to use http://openwrt.lan/
Jun 22 14:24:15 <ausjke> yes
Jun 22 14:24:23 <jow> which only one appliance can claim at a time
Jun 22 14:24:56 * ausjke does not know how zeroconf deals with hostnames when there is duplicates in LAN...
Jun 22 14:25:50 <jow> tls + non-internet-facing-appliances => bad
Jun 22 14:26:54 <jow> I mean tls itself is fine obviously
Jun 22 14:27:02 <jow> but the required cert raindance is not
Jun 22 14:27:57 <jow> either browsers stop treating selfsigned certs like huge big errors and simply offer some kind of "trust & install certificate" dialog on first connect
Jun 22 14:28:14 <ausjke> or, have your own CA, import it to your browsers, then no warnings, good for private deployment at scale
Jun 22 14:28:19 <jow> or they come up with another mechanism to bootstrap tls without internet / signing CA access
Jun 22 14:31:45 <qwefytuiityty> Who knows. Can one L2TP connection to bras/server run in multiple threads for internet trafic? I can use search. I see an interesting thing. If I am connected to different the IP L2TP tunnel of the provider I receive: with ony IP loading goes on one core, with other IP loading goes also on other cores. core https://ufile.io/lwg7l , cores https://ufile.io/fa22q Lede/PI 2
Jun 22 14:33:45 <qwefytuiityty> isp for the l2tp use a domain name, different ip addresses
Jun 22 14:35:38 <ausjke> zeroconf will append a number to hostname if it founds duplicates for its addressing needs, it can not change the real hostname, of course
Jun 22 14:36:04 <qwefytuiityty> l2tp client (i) have CGNAT my ip for l2tp 10.13...
Jun 22 14:36:08 <ausjke> best if to make sure hostname will be different at deployment if zeroconf is involved
Jun 22 14:36:15 <ausjke> s/if/is/
Jun 22 14:36:25 <qwefytuiityty> isp have cgnat
Jun 22 14:38:38 <qwefytuiityty> https://screenshots.firefox.com/PteZUuczPawW5ZjM/null
Jun 22 14:46:50 <qwefytuiityty> wan DHCP not CGNAt, DHCP WAN  big local network  in my town, L2tp have GNAT
Jun 22 14:52:04 <mangix> jow: let's encrypt had an announcement on localhost certificates.
Jun 22 15:02:13 <rotanid> mangix: do you have a link?
Jun 22 15:02:52 <qwefytuiityty> Humour: it is magic
Jun 22 15:03:44 <qwefytuiityty> Humour: it is magi - not ?
Jun 22 15:37:22 <muhaha> jow: ? How will be handled package updates from running wrt/luci? https://pastebin.com/24x0dDhu Will it download always newest version? So it will ignore luci-app-lxc from luci feed and offer a luci-app-lxc from customfeed, right?
Jun 22 15:45:49 <muhaha> ausjke?
Jun 22 16:37:56 <mangix> rotanid: https://letsencrypt.org/docs/certificates-for-localhost/
Jun 22 16:38:30 <rotanid> thx
Jun 22 16:38:46 <mangix> openwrt should partner up with let's encrypt
Jun 22 17:02:57 <ausjke> muhaha: i used the steps described above and it worked well, same package can co-exist in both customfeed and upstream feed
Jun 22 17:09:40 <ausjke> mangix: how? the url is a good reading though it mainly focuses on nativeapp and webapp communications via ssl
Jun 22 17:19:10 <mkresin> stintel: could you give the "mac80211: ath10k: use tpt LED trigger by default" commit from my staging tree a try
Jun 22 17:19:45 <mkresin> stintel: should work, but due to lack of hardware with leds attached to ath10k I couldn't really test it
Jun 22 17:22:44 <koops> mangix: I remember there was something bad about Qualcomm IPQ8065.
Jun 22 17:23:28 <koops> I need to choose between this and Marvell, which has Wi-Fi issues.
Jun 22 17:26:01 <ldir> anyone any thoughts on this panic? https://pastebin.com/raw/Ww2YK6v3
Jun 22 17:27:43 <koops> ldir: Did you type kill -9 1 in terminal?
Jun 22 17:37:17 <ausjke> koops: i feel there is no perfect oss wifi router, yet, especially with 11ac
Jun 22 17:37:45 <ausjke> mostly related to wifi drivers
Jun 22 17:37:58 <koops> And if I'm ok with disabled wifi?
Jun 22 17:38:11 <koops> I can plug a AP into a router.
Jun 22 17:38:19 <koops> Like Ubiquiti ones.
Jun 22 17:38:37 <ausjke> that might be better, what are you going to run on dumbAPs
Jun 22 17:38:46 <ausjke> or just use them as is
Jun 22 17:39:02 <koops> I don't want to buy another device for wifi though.
Jun 22 17:39:10 <koops> Simply use them as is I guess.
Jun 22 17:39:32 <koops> I need OpenWRT for DNSCrypt and VPN mostly.
Jun 22 17:39:37 <koops> And for VLANs.
Jun 22 17:39:54 <koops> And of course for better security than built-in firmware.
Jun 22 17:40:17 <ausjke> for wired network security there are a lot options i feel, software and hardware
Jun 22 17:41:03 <koops> I don't want anything FreeBSD-based to be hones.
Jun 22 17:41:06 <ausjke> something like a $250 x86 box running pfsense etc
Jun 22 17:41:09 <ausjke> or vyos
Jun 22 17:41:36 <koops> OpenWRT can run on x86 too. Maybe I will go this route.
Jun 22 17:41:37 <ausjke> vyos is decent running debian, which is what ubnt uses on all its mid-range to high-range network gears
Jun 22 17:42:16 <koops> Can I run Shadowsocks or WireGuard on it?
Jun 22 17:42:19 <ausjke> though it 'customizes' it intensively
Jun 22 17:42:27 <koops> Also, how well-maintained VyOS is?
Jun 22 17:42:45 <koops> I don't want to use an obscure OS with no security patches for months.
Jun 22 17:42:45 <ausjke> not as well as openwrt, one reason why i'm here :)
Jun 22 17:43:19 <ausjke> i think debian has shadowsocks packaged but unsure
Jun 22 17:43:32 <ausjke> you can easily compile, same for wireguard
Jun 22 17:43:51 <ausjke> i built wireguard for ubuntu and it's pretty straightforward
Jun 22 17:46:12 <koops> Do you think simply installing Debian and setting up iptables is the best way to secure a network?
Jun 22 17:47:02 <ausjke> that will be what i do, but i'm not a security expert
Jun 22 17:47:46 <ausjke> depends how valuable your network is, normally the network scanner are just trying to find easy targets
Jun 22 17:48:20 <koops> I'm still not sure about my threat model.
Jun 22 17:49:03 <ausjke> i only open 443 port and ssh on my servers, that's it, nothing else
Jun 22 17:49:08 <koops> I would like to protect against a targeted attack by any ordinary hacker.
Jun 22 17:49:23 <koops> But not against APTs (impossible with current state of technology).
Jun 22 17:49:32 <ausjke> ssh was changed to a non-22 port because port 22 is attacked all the time by bots
Jun 22 17:49:56 <koops> Simply use fail2ban or whitelist IPs.
Jun 22 17:50:09 <koops> No point in changing port, security by obscurity basically.
Jun 22 17:51:18 <ausjke> yes i use fail2ban and ossec, but can't whiltelist ip as i login from other places
Jun 22 17:52:20 <koops> Then use OpenVPN to connect to your servers instead of direct connections. With correct configuration, servers won't have any open ports other than HTTP/HTTPS.
Jun 22 17:52:37 <koops> You will connect through a hardened gateway server.
Jun 22 17:53:01 <koops> Install grsecurity, PaX and AppArmor on all servers too.
Jun 22 17:53:19 <ausjke> i am planning to put openvpn client on  openwrt so the whole family lan can benefit
Jun 22 17:54:04 <ausjke> but i don't run openvpn on my pc directly, as i am messing up networks topology at lot, vpn makes things complicated sometimes
Jun 22 17:57:37 <koops> OpenWRT can work as a hypervisor guest too.
Jun 22 17:57:56 <koops> You can make your PC work as a router in addition to its usual functions.
Jun 22 18:23:44 <aparcar> anyone here owns the openwrt docker account? https://hub.docker.com/u/openwrt/
Jun 22 18:57:03 <owrt-snap-builde> build #54 of gemini/generic is complete: Success [build successful]  Build details are at http://phase1.builds.lede-project.org/builders/gemini%2Fgeneric/builds/54
Jun 22 19:19:28 <movi> stintel: i "ported" ATH10K_THERMAL to 18.06-rc1. Works just fine on a c2600 :)
Jun 22 19:21:29 <Borromini> i ported ldir's 4.14 bump to 18.06, but i won't vouch for it :P
Jun 22 19:26:01 <mangix> koops: yeah. abandoned.
Jun 22 19:42:07 <koops> mangix: are you sure there will be no development on it?
Jun 22 20:59:24 <mangix>  koops: not by qualcomm
Jun 22 20:59:51 <mangix> they've moved on to ipq4
Jun 22 21:02:14 <koops> mangix: Isn't it only single-core
Jun 22 21:22:25 <mangix> koops: quad
Jun 22 21:26:12 <koops> mangix: So Asus RT-AC58U may be a good open-source router?
Jun 22 21:26:32 <koops> Or GL.iNet GL-B1300
Jun 22 21:26:53 <koops> these are the only ones that use it
Jun 22 21:30:02 <pkgadd> ipq806x is a pretty nice SOC in practice, I wouldn't recommend it for WAN speeds exceeding ~300-400 MBit/s, but it's still solid - and ipq8074 (ARMv8) will become its successor (nor ipq40xx, which is targetted at the lower end of the spectrum)
Jun 22 21:33:26 <mangix> pkgadd: you try qca8k to see if it's faster?
Jun 22 21:33:47 <pkgadd> mangix: I can't, doesn't work on the nbg6817 yet
Jun 22 21:34:03 <mangix> why's that?
Jun 22 21:34:04 <koops> I have 100 Mbit/s
Jun 22 21:34:27 <koops> And I need Shadowsocks/WireGuard
Jun 22 21:34:54 <pkgadd> I'm not 100% sure, but blogıc mentioned that it still needs some work for the nbg6817, part of it decoding ASCII MAC addresses from ubootenv, but I'm not sure about the details
Jun 22 21:35:48 <pkgadd> my last attempt (using dıssent1's patch) bricked the router
Jun 22 21:41:46 <blogic> pkgadd: got side tracked
Jun 22 21:41:53 <blogic> its all there just the mac parsing is missing
Jun 22 21:42:09 <pkgadd> blogic: don't worry, I'm not in a hurry
Jun 22 21:42:10 <blogic> and with rc1 and vacation etc i did not find the time yet to make it work
Jun 22 21:42:19 <blogic> i know, just explaining the situation
Jun 22 21:42:27 <blogic> i'll be real busy next week aswell
Jun 22 21:42:40 <blogic> week after, i might have time, its quite high on my list
Jun 22 21:44:53 <mangix> blogic: qca8k works real well. latency seems low too.
Jun 22 21:49:32 <blogic> we'll figure that out
Jun 22 21:51:06 <luaraneda[m]> blogic: Is there a DSA driver for the internal switch of ipq40x? From what I remember qca8k don't support it
Jun 22 21:59:09 <blogic> luaraneda[m]: it will soonish
Jun 22 21:59:33 <blogic> its the same switch core but requires mmio mapped registers rather than mdio and a different tag driver
Jun 22 22:01:44 <luaraneda[m]> Great. Count me as an early tester then :)
Jun 22 22:02:33 <blogic> dont hold your breath
Jun 22 22:02:49 <blogic> i have a rewritten ethernet driver for ipq4019 that i need to clean up first
Jun 22 22:06:07 <luaraneda[m]> I would like to help with that, but for now it's out of my league (still learning driver Linux and driver development)
Jun 22 22:24:22 <luke-jr> anyone know the last commit on 17.01 where qos-scripts actually worked? :/
Jun 22 22:25:12 <Tapper> luke-jr flash 18.6
Jun 22 22:25:55 <ntd> 1806 is out?
Jun 22 22:26:11 <ntd> rc1
Jun 22 22:26:12 <ntd> nice
Jun 22 22:26:14 <blogic> rc1 is building
Jun 22 22:26:21 <Tapper> https://downloads.openwrt.org/releases/18.06.0-rc1/
Jun 22 22:26:27 <ntd> then it's finally happening
Jun 22 22:26:49 <ntd> speaking of rc, have they decided on the naming convention yet?
Jun 22 22:27:09 <ntd> keeping up with drink names would be sweet
Jun 22 22:28:56 <Tapper> no drinks just 18.0.6
Jun 22 22:31:11 <luke-jr> Tapper: will opkg keep working for the next year?
Jun 22 22:31:46 <Tapper> why would it not work?
Jun 22 22:31:59 <Tapper> and why would it stop working
Jun 22 22:38:35 <luke-jr> Tapper: dunno, config_get for srchost is getting null for a config that has it non-null it seems
Jun 22 22:38:59 <luke-jr> so it ends up calling [pid 11844] execve("/usr/sbin/iptables", ["iptables", "-w", "-t", "mangle", "-A", "qos_Default", "-m", "mark", "--mark", "0/0xf0", "-s", "-m", "comment", "--comment", "", "-j", "MARK", "--set-mark", "34/0xff"], [/* 73 vars */]) = 0
Jun 22 22:42:41 <wilson2860> wonder if broadcom will ever release CLM blobs for devices other than the one on the raspberry pi 3
Jun 22 22:43:15 <wilson2860> i downloaded some windows drivers and the CLM data appears to be in the bin file, but I'd have no idea exactly where to cut
Jun 22 23:48:04 <wilson2860> why does spacerat keep doing that
Jun 22 23:48:32 <wilson2860> data mine ?
Jun 22 23:50:14 <movi> dissent1: is there a 4.14 version of this somewhere? https://github.com/dissent1/r7800/commit/026ae921121b496fb753a656d6d3412f744657b1
Jun 23 00:03:24 <pkgadd> movi: https://github.com/dissent1/openwrt/commit/5c17ab1f8673d6fb69163052ac7e3f71bf385405.patch   but the most current version would be https://git.openwrt.org/?p=openwrt/staging/blogic.git;a=shortlog;h=refs/heads/qca8k_trunk  neither is fully complete though
Jun 23 00:04:51 <movi> pkgadd: what's missing? except for the pie-in-the-sky conversion of uci configs?
Jun 23 00:12:23 <pkgadd> e.g. compatibility with devices that don't encode the MAC address in binary, but in ASCII - e.g. like the nbg6817, where the MAC adress is in ubootenv (respectively APPSBLENV)
Jun 23 00:13:02 <pkgadd> movi: if you scroll up about 3 hours, you'll see the discussion
Jun 23 00:14:12 <movi> ah, i remember reading that. how can i check what's in my uboot without a serial console? i don't see any fun stuff in dmesg
Jun 23 00:16:24 <pkgadd> https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=target/linux/ipq806x/base-files/etc/board.d/02_network;h=f5daf626537f6d4602ffb1950e2504f91a3545c8;hb=HEAD   suggests (not necessarily complete) at leasz all devices using mtd_get_mac_ascii, which would amount to (at least) Linksys EA8500 and ZyXEL NBG6817
Jun 23 00:20:05 <luaraneda[m]> movi: you can print the content of U-Boot's environment with fw_printenv, if it's supported for your device
Jun 23 00:20:23 <movi> Cannot parse config file '/etc/fw_env.config': No such file or directory
Jun 23 00:21:34 <luaraneda[m]> That means your router is not supported by the package. Is it an R7800?
Jun 23 00:22:28 <movi> C2600, but still ipq8064
Jun 23 00:23:24 <pkgadd> APPSBLCFG is probably what you're looking for
Jun 23 00:24:20 <pkgadd> ah, LEDE labels it correctly [ 1.040530] 0x000000170000-0x0000001b0000 : "0:APPSBLENV"
Jun 23 00:24:38 <luaraneda[m]> movi: Whats the output of #fw_printenv -version
Jun 23 00:24:59 <movi> pkgadd: actually it's even better : [    1.107424] 0x000000170000-0x0000001b0000 : "uboot-env"
Jun 23 00:25:20 <movi> luaraneda[m]: Compiled with U-Boot 2018.03
Jun 23 00:26:04 <movi> pkgadd: may be a noob question, but any way to figure out whych mtdblock that is?
Jun 23 00:26:37 <pkgadd> check cat /proc/mtd
Jun 23 00:26:39 <luaraneda[m]> movi: Nice, that means the package is updated, so you can pass an external configuration file
Jun 23 00:26:56 <movi> pkgadd: bingo
Jun 23 00:27:45 <luaraneda[m]> now you can create a temporal configuration file and pass it to fw_printenv
Jun 23 00:28:04 <luaraneda[m]> lke: fw_printenv -c /tmp/env.cfg
Jun 23 00:28:27 <luaraneda[m]> The content of mine is: /dev/mtd5 0x0 0x10000 0x10000
Jun 23 00:28:39 <luaraneda[m]> For an ASUS RT-AC58U
Jun 23 00:28:58 <movi> pkgadd: i dd'ed that part, and it's all FF :<
Jun 23 00:29:44 <luaraneda[m]> You can check on this file some posible values for the ipq8x https://github.com/openwrt/openwrt/blob/master/package/boot/uboot-envtools/files/ipq806x
Jun 23 00:29:50 <pkgadd> that's possible, if uboot falls back to its hardcoded defaults
Jun 23 00:30:20 <pkgadd> as in, there is no stored environment
Jun 23 00:30:56 <movi> so how's it getting all that data?
Jun 23 00:31:27 <movi> i don't think they burn a special uboot for each particular board?
Jun 23 00:31:48 <pkgadd> TP-Link has patched suitable defaults into the main u-boot binary - and as long as uboot-env is empty, it uses those
Jun 23 00:33:05 <movi> oh sure, but then it somehow gets a unique mac address anyway? or is that stored inside the actual NICs ?
Jun 23 00:33:28 <pkgadd> that's the case for a couple of devices, even many devices where openwrt provides u-boot itself (e.g. lantiq, where ubootenv is empty by default, but can be used to override the hardcoded defaults)
Jun 23 00:33:56 <pkgadd> there are plenty of ways how to determine the MAC address
Jun 23 00:35:05 <movi> argh :D
Jun 23 00:35:29 <pkgadd> no one ever said embedded devices were easy or even logical
Jun 23 00:35:58 <movi> they're right there next to gaming consoles in that regard :)
Jun 23 00:36:30 <movi> but aside from that, it just occured to me, why do i care if u-boot gives me the mac address anyway?
Jun 23 00:36:58 <movi> as in, isn't that the drivers duty anyway? it seems to be doing fine?
Jun 23 02:19:45 <luaraneda> movi: I just had an idea, and tested it successfully. The U-Boot environment is just an bunch of null-terminated strings, so it can be read with the command "strings"
Jun 23 02:19:46 <owrt-1806-builds> build #31 of arc770/generic is complete: Success [build successful]  Build details are at http://release-builds.openwrt.org/18.06/images/builders/arc770%2Fgeneric/builds/31
Jun 23 02:20:41 <luaraneda> by doing #strings /dev/mtd5
Jun 23 02:20:41 <luaraneda> On an RT-AC58U I was able to read all environments variables
Jun 23 02:21:26 <luaraneda> So, if your environment is truly empty you won't get any output from that command
**** ENDING LOGGING AT Sat Jun 23 03:00:01 2018