**** BEGIN LOGGING AT Sun Sep 16 03:00:00 2018
Sep 16 07:16:32 <Tohin> DonkeyHotei: i think that I found error in 18.01 release. But I'm not sure. I described my problem on the forum, and I would like to draw the attention of a specialist.https://forum.openwrt.org/t/mtk-7632n-bpi-r2-openwrt-18-06-1-only-have-0kb-available-on-filesystem/19907
Sep 16 09:45:53 <f00b4r0> interesting find on qca953x: if 'enable_vlan' is disabled on the switch, the switch switches (no pun intended) to isolation mode
Sep 16 09:46:29 <f00b4r0> (when no vlan is actually used)
Sep 16 09:49:48 <KanjiMonster> that's a software feature, not a hardware feature, and intentional to prevent wan<->lan crosstalk when the switch is unconfigured
Sep 16 09:50:05 <f00b4r0> good to know
Sep 16 11:51:19 <Tohin> Does anybody speak Russian?
Sep 16 13:41:07 <karlp> what's wrong with the squashfs image now?
Sep 16 13:41:16 <karlp> the initramfs image was "working as designed"
Sep 16 13:41:29 <karlp> are you _sure_ you write the squashfs the way you did?
Sep 16 13:58:33 <karlp> heh, being suggersted a realtek board, "openwrt software provided"
Sep 16 13:58:35 <karlp> "This branch is 41712 commits ahead, 37487 commits behind master"
Sep 16 13:58:37 <karlp> rightt.....
Sep 16 13:58:46 <karlp> that sounds suuuuper easy to work with
Sep 16 14:46:22 <swalker> updated openwrt/upstream, https://sdwalker.github.io/uscan/index.html
Sep 16 21:09:32 <stangri> networking question. what if I reserve the IP/name by mac thru dhcp.host and another device in my network manually sets the same IP for themselves? What would happen in both CC and 17.x/18.x?
Sep 16 21:21:47 <m4t> stangri:               (IPv4 only) By default, the DHCP server will attempt to ensure that an address is not in use before allocating it to a host. It does this by sending an ICMP echo request (aka "ping") to the address in question.  If  it
Sep 16 21:21:49 <m4t>               gets a reply, then the address must already be in use, and another is tried. This flag disables this check. Use with caution.
Sep 16 21:22:01 <m4t> unconfirmed. -5/--no-ping disables that
Sep 16 21:23:49 <stangri> m4t: ty. where did you find this? it was a PITA to google because of all the articles explaining how to set the assignmetns on different routers.
Sep 16 21:23:58 <stintel> s/icmp/arp/
Sep 16 21:23:59 <stintel> no?
Sep 16 21:24:04 <m4t> dnsmasq --help
Sep 16 21:24:07 <m4t> no...icmp
Sep 16 21:24:08 <stangri> ty
Sep 16 21:24:23 <m4t> easy to confirm the behavior with tcpdump 'icmp || udp port 67'
Sep 16 21:24:29 <m4t> on br-lan
Sep 16 21:25:04 <stangri> m4t: what if the address is reserved with dhcp.host, but no actual device is using it, and then another device with manual IP joins network?
Sep 16 21:25:33 <m4t> i'd imagine the logic would be the same as if the address were just allocated from a pool
Sep 16 21:26:28 <m4t> but, dnsmasq doesn't care about the manually assigned host until the mac address whose got that ip reserved makes a dhcp request
Sep 16 21:39:03 <m4t> stangri: btw slightly different context but still relevant http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q1/010314.html
Sep 16 21:39:09 <m4t> (from the author)
Sep 16 21:42:18 <m4t> if your rogue host isn't responding to icmp echo then the check won't matter i think
Sep 16 21:45:13 <stangri> m4t: so essentially, priority will be given to device which joins network first, be it the rogue device or device for which the dhcp.host entry is made?
Sep 16 21:48:21 <m4t> well, dnsmasq can't make the rogue device unbind its IP, so yes
Sep 16 21:49:19 <m4t> but the rogue device, if it's using a static IP, won't check to see if the dhcp host has the IP. i guess windows does some duplicate ip checks
Sep 16 21:49:41 <m4t> best bet is to fix the bad device and not rely on something working around it
Sep 16 21:50:22 <stangri> m4t: no way to prevent any rogue device from using one specific IP address with just dnsmasq?
Sep 16 21:50:32 <m4t> no
Sep 16 21:50:54 <stangri> if the goal was to prevent rogue devices from using one specific ip address, how would you go about it?
Sep 16 21:50:57 <m4t> without knowing anything about the device or if it checks to see if the ip is already in use, etc, i can't say anything about what it will or won't do
Sep 16 21:51:07 <m4t> port security on a managed switch
Sep 16 21:51:18 <stangri> so a hardware solution?
Sep 16 21:51:38 <m4t> well. maybe not just port security, some kind of layer2 acl might be needed
Sep 16 21:51:51 <m4t> yes. i'd fix the device and keep it from assigning a conflicting ip
Sep 16 21:51:57 <stangri> gotcha. thank you so much for elaborate replies.
Sep 16 21:53:40 <m4t> btw i meant layer3 acl, not layer2
Sep 16 21:57:44 <pkgadd> the problem is, even if you would configure your router to totally block the rogue client - it could still wreak havoc within its own physical subnet (assuming unmanaged switches), so the only only option here would really be to use managed switches throughout (ideally with ieee 802.1x)
Sep 16 21:58:25 <DonkeyHotei> authentication?
Sep 16 21:58:46 <pkgadd> better managed switches offer that option, yes
Sep 16 21:59:13 <pkgadd> requiring a radius instance running somewhere else, of course
Sep 16 21:59:20 <stangri> ty slh
Sep 16 22:00:19 <pkgadd> I'm not sure how well openwrt would be equipped to run 802.1x for the wired switch (without totally killing performance)
Sep 16 22:02:24 <pkgadd> so in practice you'll end up with one of the better (ieee 802.1x supporting) managed switches either ways - or you live with the potential conflict and just punish the offendor ;)
Sep 16 22:05:48 <pkgadd> the former is needed (and regularly done) in bigger networks (e.g. universities or larger companies), the later is pretty much the only thing you can do at home (without spending big time)
Sep 16 22:27:47 <MrFantastik> is it possible to have a custom dns server per client? like for example, my desktop uses dns server A and my roomates laptop uses dns server B? or better yet all devices use dns server b except for my desktop, which uses A?
Sep 16 22:29:07 <stangri> MrFantastik: yes, looks up dnsmasq tag I believe
Sep 16 22:29:47 <pkgadd> there are dnsmasq options allowing that, yes (haven't tested it myself though)
Sep 16 22:30:25 <stangri> MrFantastik: there were posts on forum more or less recently with OpenWrt-specific syntax
Sep 16 22:31:26 <MrFantastik> could you guys point me in the write driection in the docs or those forum posts? I've been banging my head against the wall on this all day lol Im really not sure where to start
Sep 16 22:31:43 <MrFantastik> im not sure if this is the proper way to accomplish my goal either
Sep 16 22:32:18 <MrFantastik> i just want to be able to disable access to sites like reddit on this computer, and hopefully with a toggle interface, but i can live with a permablock
Sep 16 22:33:58 <MrFantastik> right now im looking at this https://openwrt.org/docs/guide-user/base-system/dhcp#multiple_dhcpdns_serverforwarder_instances
Sep 16 23:02:45 <MrFantastik> i fixed this by editing the resolve.conf on my host machine and editing network-manager so that it doesn't overwrite it
Sep 16 23:03:05 <MrFantastik> kind of ugly though, but in case anyone was wondering about a solution
Sep 16 23:06:11 <MrFantastik> so that actually breaks your dns settings so nvm
**** ENDING LOGGING AT Mon Sep 17 02:59:59 2018