**** BEGIN LOGGING AT Fri Jun 08 03:00:18 2018 Jun 08 03:08:22 hi i have a router like this one: https://wiki.openwrt.org/toh/sagem/livebox.2 Jun 08 03:08:37 as far i read it seems is not posible to install openwrt on it :/ Jun 08 03:09:02 but im noticing something interesting, every place i see everybody mentions firmware versions bigger than the one i have Jun 08 03:09:19 mine is old because the router never was used :) Jun 08 03:10:04 my firmware is named: FAST3yyy_691252 Jun 08 03:10:34 ...and i guess it should have an even older one stored as backup, right ? Jun 08 03:11:05 are this ancient firmware versions i have of some use ? Jun 08 03:11:14 for research purposes i mean Jun 08 03:11:32 the lexra architecture is a reduced MIPS ISA, which is not supported by OpenWrt and has never been (fortunately it seems as if RealTek would abandon it in favour of regular mips in their most recent devices, not that this would help you - it just lessens the problems for future users) Jun 08 03:12:18 (but that also means that's even less likely that OpenWrt will 'ever' gain support for lexra) Jun 08 03:12:31 i see :/ Jun 08 03:13:01 i guess i need to find another router from my junkyard heheh Jun 08 03:13:10 for soem reason i always liked this livebox2 Jun 08 03:15:38 RealTek is just one of the worst possible hardware combinations Jun 08 03:16:16 even if you had SOC support (which you don't have), and libc (musl) support (neither), there'd still be the problem if wireless support Jun 08 03:17:09 the realtek wireless drivers are a special kind of mess, AP mode not being support (and the vendor drivers would need ancient/ insecure hostapd forks to work) Jun 08 03:25:44 how about this one ?... i have 2 of them Jun 08 03:25:45 https://wiki.openwrt.org/toh/astoria/arv7518pw Jun 08 03:26:28 some notable problems that worths to be mentioned ? Jun 08 03:27:19 I wouldn't exactly recommend buying it new (as you'll find newer vr9/ xrx200 based devices in a roughly similar price bracket), but lantiq/ danube should be fine Jun 08 03:28:17 initial flashing, like with most other lantiq devices, is a bit involved, but other than that... Jun 08 03:28:20 nice, thx :) Jun 08 03:29:06 i have a few old routers, trying to see which one is best to experiment with it Jun 08 03:29:29 this is a good candidate because i have 2... so i can kill one safelly in the process XD Jun 08 03:29:31 for science Jun 08 03:29:33 at least you get a rather good wireless chipset, which is a rarity among lantiq devices (most vendor opt for cheaper RaLink/ rt2xx0 ones instead) Jun 08 03:30:29 fitting asterisk+chan_lantiq into 8 MB (if you care about FXS support) will be a tad challenging, but it's possible Jun 08 03:33:26 * ldir wanders in Jun 08 03:34:17 * salcedo enters from the southeast, riding on a noble hippogriff. Jun 08 04:50:10 /win 39 Jun 08 05:50:12 /win 98 Jun 08 05:51:40 just make sure to skip ME Jun 08 05:52:17 it had some innovations tho Jun 08 05:53:26 never had the questionable pleasure to test it, I skipped towards w2k early - and stuck to it way past its shelf life (beyond vista) Jun 08 05:53:57 nostalgic memories Jun 08 05:53:59 getting old :( Jun 08 05:57:22 pkgadd: https://www.youtube.com/watch?v=oNXzMBA9VU4 Jun 08 05:58:57 abenz: you can't really spark any memories with that, yes, I've collected a couple of XP OEM licenses over the years - but the first thing I always did on an XP machine (after ~15 minutes of confirming that the hardware was o.k.) was installing w2k ;) Jun 08 05:59:22 heh :) Jun 08 05:59:59 most people never heard that actually, because of lack of drivers.. you only heard that music if your soundcard was supported in default install (which was rare) Jun 08 06:03:18 stuff like that is exactly why I preferred w2k, no shenanigans Jun 08 06:04:36 there's still a systems with it installed right next to me (I haven't booted it in probably half a decade though) Jun 08 06:04:56 you'd be surprised how many are still in use Jun 08 06:04:59 commercially that is Jun 08 06:05:24 ATMs, outlet stores..etc Jun 08 06:06:52 jow: vlans :) Jun 08 06:12:43 sekil_: morning Jun 08 06:14:17 :) i'm send you info in pastebin yesterday Jun 08 06:17:07 sekil_: ok and can you also pastebin the manual command sequence that works? Jun 08 06:21:42 build #16 of mediatek/mt7623 is complete: Success [build successful] Build details are at http://phase1.builds.lede-project.org/builders/mediatek%2Fmt7623/builds/16 Jun 08 06:22:15 Oh.. This normal cli command. Example swconfig dev switch0 vlan 2 set ports '0t 4' Jun 08 06:23:09 And after apply with - dev switch0 set apply 1 Jun 08 06:23:35 sekil_: and this works? Jun 08 06:23:40 Yes Jun 08 06:24:45 okay, can you try reordering the vlans in /etc/config/network ? Move the vlan 3 / vid 2001 between vlan 1 and vlan 2, then run an /etc/init.d/network restart Jun 08 06:24:53 and tell me if this works Jun 08 06:25:06 abenz: https://www.youtube.com/watch?v=FsJdplLB1Bs Jun 08 06:25:12 this is just to rule out some config parsing bugs in the driver Jun 08 06:25:51 yes - i can, but later - now i'm in hospital :) Jun 08 06:26:44 allright, thanks Jun 08 06:55:54 Is it possible to configure OpenWRT project to use a proxy for downloading packages when compiling? Jun 08 06:56:58 edgasm1: export CURL_OPTIONS="--proxy http://1.2.3.4:8080/" Jun 08 06:57:22 jow: Thank You Jun 08 07:03:46 nbd: ping Jun 08 07:12:54 jow Is there any 18.6 snapshot builds? Jun 08 07:13:18 https://downloads.openwrt.org/releases/18.06-SNAPSHOT/ Jun 08 07:13:27 Thanks dude Jun 08 07:13:37 but note that they're moving target, like the master snapshot builds Jun 08 07:13:46 they're not fixed like an rc1 Jun 08 07:14:25 jow do they have luci? Jun 08 07:14:41 jow OK thanks Jun 08 07:14:45 they should, yes Jun 08 07:14:53 nice Jun 08 07:17:24 jow do you know how far away from a rc we are? Jun 08 07:17:49 Is there anything big we are wating on? Jun 08 07:31:31 blogic:ping Jun 08 07:48:12 Tapper: personally I'd say its not stable yet Jun 08 07:48:57 flow offloading (the whole reason for the overhasty 4.14 switch) is allegedly not stable yet Jun 08 07:49:15 there's still a lot of outstanding PRs Jun 08 07:49:23 and we didn't not yet review still open issues Jun 08 07:49:39 so I'd say 14days away at the very least, likely longer Jun 08 07:57:29 <_lore_> ping nbd Jun 08 07:59:44 dedeckeh: hi Jun 08 08:06:46 morning Jun 08 08:13:10 wigyori: we still have a tool in the tree which is able to create a squashfs3 Jun 08 08:13:55 wigyori: it is the mksquashfs-lzma binary and it allows to chose between LE and BE (squashfs4 is LE) Jun 08 08:14:24 wigyori: hence the append-squashfs-fakeroot-be works perfect fine Jun 08 08:32:36 mkresin: yes, that's what i was talking about - however, squashfs3 was not added as tools for the ath79 target, at least as of yesterday's checkout Jun 08 08:37:17 * ldir waits for an ath79 toolchain to build. Jun 08 10:05:31 welcome aboard the ath79 train ldir ;) Jun 08 10:16:20 ldir: ! Jun 08 10:16:31 there is a PR for ar71xx v4.14 Jun 08 10:16:36 i am inclined to not merge it Jun 08 10:17:55 let it be for now Jun 08 10:18:25 I'd also favor not merging it but we can leave it open for the time being Jun 08 10:19:42 karlp: I don't actually have an ath79 device... I'm checking this report of failing to build miniupnpd... which as default settings doesn't fail. Jun 08 10:20:07 blogic: not sure if the bump comment was aimed at me. Jun 08 10:21:09 blogic: it is was. My opinion... even as a person who has ath79 unsupported (as yet) Archer C7 v2, is to not bump ar71xx to 4.14 Jun 08 10:22:49 bumping IMO would delay the impetus to import missing devices to ath79. Jun 08 10:24:31 jow: yes, agreed Jun 08 10:24:42 ldir: correct, its an incentive Jun 08 10:25:15 * blogic flashes ew-dorin for his vacation Jun 08 10:25:19 :-D Jun 08 10:26:05 selfishly speaking, I hope Archer C7 v2 isn't too far away/'too much to ask for'. Jun 08 10:26:25 ldir: dont own one otherwise i'd have done that already Jun 08 10:26:38 ah actually i do, but its the wifi i am using right now :-D Jun 08 10:26:42 the main problem with archer c7- ath79, for what I can see, is the irq cascade driver... Solved this problem, the following porting should go faster... Jun 08 10:27:40 blogic: my perception is that they're a popular device. Jun 08 10:27:48 ldir: noted Jun 08 10:28:03 well after the vacation ist 18.06 and then i'll do more ath79 Jun 08 10:28:05 blogic: hence why you're using to provide your wifi :-) Jun 08 10:28:18 and my clock and so on Jun 08 10:28:39 its also the unit that pulls time of gps and has my failover 4g and my vpn dialin and dmz Jun 08 10:28:56 its kinda the heart of my setup Jun 08 10:29:26 lol Jun 08 10:37:34 regarding archer C7, there's a PR for the v5 waiting for a review :D Jun 08 10:37:50 (and also the v2 of CPE210 basically waiting for months) Jun 08 10:39:52 rotanid: there was some reason why its not merged Jun 08 10:40:00 rotanid: remind me of the link and i'll tell you Jun 08 10:40:05 i looked at them last night Jun 08 10:40:15 ah you did, sorry Jun 08 10:40:26 rotanid: any clean PR / patch gets merged fast Jun 08 10:40:37 look at patchwork i have it down to 10-15 pending patches max Jun 08 10:40:41 c7v5: https://github.com/openwrt/openwrt/pull/893 Jun 08 10:40:43 and most of them are long term pending Jun 08 10:41:24 fritz 450e: https://github.com/openwrt/openwrt/pull/993 Jun 08 10:41:33 (there you already reviewed, thanks) Jun 08 10:41:51 cpe210: https://github.com/openwrt/openwrt/pull/937 Jun 08 10:41:52 v5 patch looks good Jun 08 10:41:57 i'll look again later and merge it Jun 08 10:42:01 i see no big issue in any of these 3 Jun 08 10:42:09 and these are devices very common in germany Jun 08 10:42:25 i know i live in hamburg ;) Jun 08 10:42:30 ha, ok :D Jun 08 10:44:14 thanks for having a look, thanks for your time/work/"engagement", i like to emphasize that often. Jun 08 10:44:41 (somewhat related: can I just say that I'm thoroughly impressed by the singular commit mkresin did on the fritzbox 3370? that thing just became my favorite "cheap" device.) Jun 08 10:45:40 blogic: would it be more effective (in terms of visibility for you as developers with commit rights) for the people to do these requests via Mailing List than on github? but basically it would be better if both ways are treated equally Jun 08 10:45:52 drmr: looks interesting. is the dsl modem supported? Jun 08 10:45:59 drmr: do you have the commit hash at hand? Jun 08 10:46:02 rot13: it is, and it is working beautifully. Jun 08 10:46:18 rotanid: 0b62fe5ed87ecac52301096b15abb69f96117c8c Jun 08 10:46:28 https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=0b62fe5ed87ecac52301096b15abb69f96117c8c Jun 08 10:47:37 hm, seems the device is EOL, cant find a shop with instant delivery Jun 08 10:47:45 the only thing it doesn't have is dual-radio, and I solved that by plugging in a random usb wifi dongle I had laying around. the on-board wifi is doing 5ghz, and the dongle does 2.4ghz for the two or three super-legacy devices that still need it. Jun 08 10:48:17 rotanid: very much possible. I got one for €10 used. Jun 08 10:49:16 10€ :D Jun 08 10:49:48 yeah, apparantly it was given out by major ISPs at some point, so it's easy to pick one up for cheap. Jun 08 10:50:21 yeah, see it on ebay now, sold for 15-20€ Jun 08 10:51:06 nice, that could replace the crappy router+modem combo at my dads place Jun 08 10:53:35 /dev/ubi0_1 37.1M 5.1M 30.2M 14% /overlay Jun 08 10:54:02 37 MB available flash is a plus, too. :) Jun 08 11:02:20 rotanid: I don't know what magic AVM pulled with the modem hardware, but it's especially good for crappy ADSL2+ lines (like my home line) Jun 08 11:03:57 right now it's still keeping its sync flawlessly, 16.3 MB/s at an SNR of 3.9. :o Jun 08 11:04:11 rotanid: we have a 3370 here, it is neat device, however if you get a supported revision seems to be luck based. Jun 08 11:04:29 blocktrron: oh, there is more than one... thanks for the warning -.- Jun 08 11:04:45 rotanid: Maybe relevant: https://lists.openwrt.org/pipermail/openwrt-devel/2018-March/011506.html Jun 08 11:04:50 from the commit I see that you need revision 2+ Jun 08 11:05:12 you can actually get the HW revision from the manufacturer's firmware, if you know where to look. Jun 08 11:06:13 the second CPU core is working fine for me. Jun 08 11:07:47 I find it interesting that AVM didn't allow to use the 5GHz Band of the WiFi chip Jun 08 11:07:48 for the record (I should add that to the Wiki, too): https://avm.de/service/fritzbox/fritzbox-6490-cable/wissensdatenbank/publication/show/1426_Support-Daten-erstellen/ ... the resulting support.txt also contains the HW revision. Jun 08 11:08:05 blocktrron: they didn't? Jun 08 11:08:05 blocktrron: is your link only a full quote?!? Jun 08 11:08:26 the "luck based" was about shooting such a device of ebay Jun 08 11:08:38 yup, my bad Jun 08 11:09:04 rotanid: i do ML and sometime github Jun 08 11:09:20 github is a puddle of mud and you get brain damage looking at most of the submissions Jun 08 11:09:29 blocktrron: I'm pretty sure you can tell a "newer" device from the style of the sticker on the bottom. :) Jun 08 11:09:32 rotanid: the ML has a higher entry barrier Jun 08 11:09:54 rotanid: if people want my best attention they need to send me mails Jun 08 11:10:38 i read those daily i dont read github regularly, specially as there is no easy method of tracking updates to PRs Jun 08 11:10:40 blogic: fyi ^ Jun 08 11:10:42 äh Jun 08 11:10:46 blocktrron: fyi ^^ Jun 08 11:10:54 uh, I should check my serial number, maybe it hints at the HW revision. Jun 08 11:11:37 I only wish patchwork handled DMARC related rewriting better... I didn't send my last kernel bump as email instead raising a github PR 'cos I cannot tidy up after myself in patchwork if I need to send in V2,3,4, etc Jun 08 11:12:10 'cos of the re-write, my patches aren't 'mine' anymore. Jun 08 11:12:37 ldir: once jk replied i'll tell him to set the admin flag for your account Jun 08 11:12:43 that'll allow you edit any patch Jun 08 11:13:13 ok, great. I'll start emailing again :-) Jun 08 11:14:58 blogic: there's still a led class comign from the wifi driver on ath79, "ath9k-phy0" that I guess is something hardcoded? Jun 08 11:16:11 * karlp will keep using github until spamhaus burns in their pit of hell. Jun 08 11:16:31 I've never managed to get git-send-email to talk to the office365 mail server Jun 08 11:16:49 lol Jun 08 11:17:23 karlp: really? I use office365 no problem at all. Jun 08 11:18:21 what'syour git send email config like? Jun 08 11:18:26 maybe I can try again Jun 08 11:19:00 https://pastebin.com/8RN0NYqg Jun 08 11:19:11 I couldn't get it to work with the inhouse exchange in the past, always had to git format-patch, scp to my own machine, git-send-email there Jun 08 11:19:33 urgh, tedious! Jun 08 11:19:46 well, it _worked_ until spamhaus got involved :) Jun 08 11:20:04 * karlp is even dealing with mail problems at work today. hooray for mail. Jun 08 11:20:32 I don't think I've quite got your feelings about spamhaus... you need to be more direct :-) Jun 08 11:20:50 no, that might be rude. Jun 08 11:23:07 wheee, thanks, that works! Jun 08 11:24:09 * ldir celebrates fixing *something* today.... the positive of the day :-) Jun 08 11:31:17 blocktrron: I just did some digging. you can tell the production year from the serial number. serials starting with "D" are built in 2013, so there's a pretty good chance that it's not the unsupported HW revision 1. (3370 serials started with "B" in 2011) Jun 08 11:34:40 mine seems to be a rather late production model, starting with "D305" which decodes to D=2013, 30th week, 5th weekday. Jun 08 11:34:49 and it's a HW Rev 5 Jun 08 11:51:43 hrm, make clean, build, still getting "r7054+106" instead of "7160" like git describe is showing me... Jun 08 11:52:18 ok, question of the day. CONFIG_PKG_ASLR_PIE adds -fPIC to TARGET_CFLAGS, should it also add them by default to TARGET_LDFLAGS? I've encountered a couple of packages that blow up building with User space ASLR PIE compilation enabled. Jun 08 11:52:32 add -fPIC to LDFLAGS that is. Jun 08 11:52:44 should it add $(FPIC) instead? so it gets the right arch form? Jun 08 11:53:07 answering a question with a question is cheating! Jun 08 11:53:31 I would expect it should be in LDFLAGS too, but I don't _know_ Jun 08 11:57:52 hmmm, we both need to find a clever person then Jun 08 11:57:58 Hi, I want to use second uart of ar9344. Is there any way to make it work? Thanks. Jun 08 12:02:05 netprince_:ping Jun 08 12:24:23 netprince_: ping Jun 08 12:24:58 netprince_: can you please test the proposed qos-scripts fixes here: https://github.com/openwrt/openwrt/commit/2b785b80dca3cd6729df3d28cea8b1ccb1293d97 ? I asked the original author of the uci api changes to take a look at qos-scripts Jun 08 12:57:33 Hi what's the login for 18.6 fresh install? Jun 08 12:57:37 the password Jun 08 12:59:11 there isn't one. Jun 08 12:59:13 there shouldn't be one. Jun 08 12:59:23 the luci ui will ask, but you can put in anything/blank Jun 08 12:59:34 it should have a banner asking you to set a password too Jun 08 12:59:44 I am getting Jun 08 12:59:45 No password set! Jun 08 12:59:45 There is no password set on this router. Please configure a root password to protect the web interface and enable SSH. Jun 08 12:59:45 Go to password configuration... Jun 08 12:59:45 Authorization Required Jun 08 12:59:45 Please enter your username and password. Jun 08 12:59:54 yes, and just cliuck ok Jun 08 13:00:05 but when i tipe in a password it comes back to same thing Jun 08 13:00:11 root username, should be already filled in? Jun 08 13:00:29 yes username is root Jun 08 13:00:39 There's no password Jun 08 13:00:42 So.. don't enter a password. Jun 08 13:00:55 K I will try that brb Jun 08 13:18:23 karlp: what on earth is 'ack' ? Jun 08 13:21:05 like grep Jun 08 13:21:37 faster for big recursive trees, and has some filetype handling built in. Jun 08 13:23:06 Sorry for being a n00b, but I can't figure it out. TL-WR940N v6 page says it's supported in "snapshots", but there is no tl-wrt940n-... in snapshots. Which one do I need?!.. Jun 08 13:24:14 I mean, no tl-wr940-v6-... . Jun 08 13:26:39 It seems to be on the same SoC as v4, so it should be in the same directory, but there is no tl-wr940... at all! Jun 08 13:30:19 darkpenguin: http://downloads.lede-project.org/snapshots/targets/ar71xx/tiny/ Jun 08 13:30:35 tl-wr940 got migreated to the tiny subtarget due to flash contraints Jun 08 13:31:14 Hot Belgian waffles, I didn't even think to look there! Thank you!) Jun 08 13:40:55 * ldir wants whatever Hot Belgian Waffles are now....especially if they're chocolatey. Jun 08 14:12:16 * ldir needs to get some of his locally carried patches out of his tree Jun 08 14:17:03 anyone have any worms of wisdom on https://github.com/openwrt/packages/pull/6231 Jun 08 14:18:28 ldir: $(FPIC) Jun 08 14:19:23 even though the hardening.mk forces -fPIC Jun 08 14:19:36 jow: https://pastebin.com/CCzHMHWX Jun 08 14:19:42 more strange :) Jun 08 14:20:04 * ldir will do it anyway 'cos he always does what jow tells him :-) Jun 08 14:38:08 Anyone know if VPNFilter is a worry with OpenWrt? Jun 08 14:43:16 jg: not really Jun 08 14:43:38 jg: the $russians use public exploits of off the shelf HW and install a bot Jun 08 14:43:45 similar to what mira did Jun 08 14:43:58 but mira used the root/root login if i recall correctly Jun 08 14:43:58 didn't think so. It's important to note this on OpenWrt's web site. Jun 08 14:44:13 and vpnfilter uses random unpatched shitty $vendor exploits Jun 08 14:44:22 jg: its a wiki Jun 08 14:44:27 which you can do without pissing off downstream vendors, if done diplomatically. Jun 08 14:44:56 not that i would care Jun 08 14:45:15 on the home page? That's where I would put it... Jun 08 14:45:17 but yeah, point taken Jun 08 14:45:25 no, pissing them off Jun 08 14:45:37 there's no reason to make a claim that openwrt is or isn't vuln to a particular threat actor Jun 08 14:45:55 because configurations and software selection of individual openwrt users may be different Jun 08 14:46:01 salcedo: correct Jun 08 14:46:08 default image wont be attackable Jun 08 14:46:18 but say you insatll upnp Jun 08 14:46:26 or some ancient samba Jun 08 14:46:28 noting that much is really useful. Jun 08 14:46:34 or simply open ssh on wan with no passwd Jun 08 14:47:11 does anyone actually know what the attack vectors are? For me there's a decided lack of info beyond switch it off and on again. Jun 08 14:47:13 you can't protect people from shooting themselves in the foot. Noting that OOTB is not known to be affected is, however useful. Jun 08 14:47:31 ldir: there is a good writeup about how the attacks work here: https://blog.talosintelligence.com/2018/05/VPNFilter.html Jun 08 14:47:32 ldir: its like a dropper Jun 08 14:47:35 ldir: so far, they don't seem to be burning 0days... Jun 08 14:47:55 given how bad most kit is, they won't do that until they need to. Jun 08 14:47:57 jg: its just unpatched publicly documented exploits Jun 08 14:48:06 yup. Jun 08 14:48:49 $russians are very pragmatic Jun 08 14:49:11 blogic: you put a $ before russions to indicate that it's really USGov :P Jun 08 14:49:21 salcedo: no Jun 08 14:49:27 its a variable Jun 08 14:49:35 digital attribution is a thing the media does Jun 08 14:49:40 With $Trump in charge it's the same thing Shirly ;-) Jun 08 14:49:53 and main outlets tells us its that APT whatever from russia Jun 08 14:50:03 ldir: yes sire Jun 08 14:50:15 salcedo: that talos blog is no good write up but pure scare fud Jun 08 14:50:25 jow: i agree Jun 08 14:50:38 jow: the first 1/2 of it is all BS. agreed. but then they start talking about some of the attack vector analysis Jun 08 14:50:54 *mubmble* *mumble* horrible malware! *mumble* mumble* state actors! russians! half a million devices! *mumble* *mumble* Jun 08 14:51:04 jow: :-D Jun 08 14:51:07 thats essentailly all information Jun 08 14:51:23 security companies have to make the big dollar though Jun 08 14:51:28 yeah, but it's the russians that have it in for the Ukraine to that degree.... Jun 08 14:51:54 jg: yes they burned the reichstag Jun 08 14:52:00 and have WMD Jun 08 14:52:03 they probably left a conventient "teh russians was here" in their extremely sophisticated multi stage malware Jun 08 14:52:07 and the other 100 red flags Jun 08 14:52:12 if they just went straight to the goodies without bringing up scarey foreign threat-actors and nation-state boogymen, they wouldn't get any traffic to their blog :) Jun 08 14:52:26 jow: they left russian kbd codes and russian TZ stamps Jun 08 14:52:28 I really don't like persistent malware. Jun 08 14:52:36 jg: nope it sucks Jun 08 14:52:37 don't care who wrote it. Jun 08 14:52:51 ok so sorry for the sillyness, lets get serious again Jun 08 14:53:13 jow: ok, its a trigger for me Jun 08 14:53:30 jg: the main problem is the update fiasco Jun 08 14:53:31 the only true statement would be "no idea" Jun 08 14:53:39 its even worse than in the android world Jun 08 14:53:45 yeah, I know. Jun 08 14:53:52 probably relies on outdates software, probably relies on default credentails Jun 08 14:53:53 jg: you are paranoid like me. i build openwrt w/o luci. ssh only. no upnp no samba no anything except what is needed. Jun 08 14:53:58 vendors are way to scared about the RMA flood Jun 08 14:54:00 probably could affact, maybe it could not Jun 08 14:54:06 salcedo: I'm not that paranoid. Jun 08 14:54:13 neither did someone approach us, nor did we hear of any injections Jun 08 14:54:20 *infections Jun 08 14:54:23 no upnp, no samba, of course. Jun 08 14:55:13 after all these years - i still don't know who thought it was a good idea to put usb ports on internet-facing network devices for the purposes of sharing files. Jun 08 14:55:37 "for the pruposes of sharing files" Jun 08 14:55:39 why else? Jun 08 14:55:51 why connect to the internet at all? :) Jun 08 14:55:55 skimmed that talos blog again Jun 08 14:56:07 it still onyl tells *what* the malware does, not *how* it gets onto the device Jun 08 14:56:23 ^^^^ exactly! Jun 08 14:56:26 not sure they know, other than the plethora of well known problems. Jun 08 14:57:09 if I ssh to my box as root I can also deploy multi stage payloads (opkg install), run dynamic code (shell, lua), exfiltrate data (wget, curl, netcat) and intercept traffic (iptables) Jun 08 14:57:21 so on that basis nobody can actually say that their device is immune. Jun 08 14:57:33 if they're truly honest that is. Jun 08 14:57:47 ldir: opposite Jun 08 14:57:49 you're back to, "if you're a target, you're screwed" Jun 08 14:57:55 I am sure all devices have valid exploits Jun 08 14:57:59 and no device is secure Jun 08 14:58:11 ldir: with enough resources you'll get into anything Jun 08 14:58:17 I think they were agreeing with that :) Jun 08 14:58:29 karlp: :-) Jun 08 14:58:31 karlp: if you are a target, you are screwed. The problem is minimizing the collatoral damage. Jun 08 14:58:32 blogic: yes I agree with you. Jun 08 14:58:39 the fact that this malware ships custom infrastructure and does things with "nvram" could be a hint that it is not targeting openwrt Jun 08 14:58:45 you don't want to be collatoral damage Jun 08 14:59:16 jow: ........ yet. Jun 08 14:59:16 lets not get on the wrong side of that other big country that is not russia then Jun 08 14:59:31 Belgium? Jun 08 14:59:42 ldir: andorra Jun 08 14:59:57 ldir: I can think of only one active attack vector (ssh) and multiple passive ones (dnsmasq, udhcpc, odhcpd) Jun 08 15:00:12 jow: and kernel level ones Jun 08 15:00:25 in theory a iptables or net stack bug ispossible Jun 08 15:00:30 right Jun 08 15:01:16 jg: thing is making a statement just attracts attention Jun 08 15:01:19 so waht I am getting at is that they either use "lame" vulnerabilites (broken httpds, old miniupnpds etc.) or really potent 0day ones Jun 08 15:01:26 dont want to challenge someone to proove us wrong Jun 08 15:01:35 in the latter case we'd be in the same boat, in the former we'd likely not be affected Jun 08 15:01:39 we don't have to worry about kernel/net stack/iptables types of bugs unless we're posting "Monsanto is the Anti-Christ" on social media. :) Jun 08 15:01:49 So the correct (but politically unpleasant answer) to jg's question is 'we don't think so, but we don't actually know for sure'. Jun 08 15:02:00 blogic: all I'd say is "currently not known to be affected by VPNFilter". Jun 08 15:02:15 jg: sounds reasonable Jun 08 15:02:18 that doesn't imply "better". Jun 08 15:02:40 * ldir buys jg's statement wording Jun 08 15:05:11 jg: so, what threshold do we use to decide which PR security fiasco of the week should warrant front page website attention? Jun 08 15:05:17 that's just whoring upð attention for the security firms. Jun 08 15:06:04 I'd say _maybe_ make statements when found to _be_ vulnerable to something special, but otherwise just ignore fluffy PR campaigns Jun 08 15:06:36 doesn't have to be on the home page. I do not htat a search on the home page for VPNfilter brings back nothing. I don't think nothing is the right answer. Jun 08 15:07:04 karlp: persistent malware, probably by some state actor, is beyond the usual. Jun 08 15:07:23 all malware is persistent. Jun 08 15:07:35 do you have a statement from your isp stating they're "not vulnerable" ? Jun 08 15:07:46 should openwrt have made a statement about what the beep? Jun 08 15:09:03 karlp: i thought you.... omg Jun 08 15:09:09 the issue is, whether you like it or not, the FBI has made it a big deal. People are looking for what they can do about the problem. I believe OpenWrt is a much better thing for many of those looking than running commercial firmware. Jun 08 15:09:25 salcedo: this is why I brought it up, there's security exploits ~daily. Jun 08 15:09:27 Did they really find a privesc bug in the beep command line tool and assign it a trendy vulnerability name called "What the Beep" ?! Jun 08 15:09:30 IRC jow started a security ML before the reboot, I liked the idea. Jun 08 15:09:52 it's absurd to try and make a statement that generically says, "not to our knowledge in the default case" to all of them Jun 08 15:10:17 karlp: yes, but this isn't the usual case. Jun 08 15:10:36 I disagree :) Jun 08 15:11:31 karlp: https://holeybeep.ninja/ Jun 08 15:11:44 karlp: this sounds pretty serious. i think openwrt needs a statement about it. :P Jun 08 15:11:56 LOL Jun 08 15:12:06 these security companies have completely run out of gas Jun 08 15:12:39 it got a freaking CVE Jun 08 15:12:43 jfc Jun 08 15:12:44 salcedo: add that as a link on the page about VPNfilter.... Jun 08 15:12:47 :-). Jun 08 15:15:28 jg: TarPit is a new security vulnerability wherin a malicious state-sponsored ukranian russian botnet threat actor could send someone an innocent .tar.gz file that contains .ssh/authorized_keys with the malware authors' public key. It is advised that you stop using tar(1) until patches are available. Please share this so we get invited to infosec conference :) Jun 08 15:18:22 I find it interesting that WNDR3700 is allegedly vulnerable Jun 08 15:18:26 Does sound like centralizing such things someplace is worthwhile. Jun 08 15:18:41 jow: why is that particularly interesting? Jun 08 15:18:45 that rules out my "NAS devices" only theory Jun 08 15:19:02 any linux + busybox with crap firmware... Jun 08 15:19:36 however it features smartphone config + dlna + readyshare + mobile device "simple setup" Jun 08 15:19:49 lots of exploitation space in custom setup protocols I'd guess Jun 08 15:20:09 jow: don't need it; most don't bother to do things like set passwords. Jun 08 15:20:50 and yet qnap had fixes in about a year ago...apparently. So how do they know? Jun 08 15:21:24 mikrotik also confirmed some exploit vectors which have been patches a while back Jun 08 15:21:29 *patched Jun 08 15:21:38 it was their custom httpd Jun 08 15:22:51 anyway /me goes and uninstalls tar (plays along ;-) Jun 08 15:25:38 jow: there are many other vendors listed here https://blog.talosintelligence.com/2018/06/vpnfilter-update.html Jun 08 15:31:02 guys, i have a question, maybe it's dumb maybe it's not. Jun 08 15:31:45 how do you guys get the exact knowledge about a given SoC, and the changes you make in the drivers for them Jun 08 15:33:24 as in let's say i bought a ipq4019 device, i know my C, but where do I learn how to write a driver for the nand chip? how do i get from "the damn radio isn't going up" to "i need to fix a clock in the board file" ? Jun 08 15:33:52 would one just get code from codeaurora and try to work backwards? Jun 08 15:36:16 see i've been doing devops for a while, but i was thinking maybe it's time to switch things around, get a book to refresh my C knowledge and get involved Jun 08 15:42:36 jow: vlans :) Jun 08 16:02:41 any common tricks with interrupting cfe? Jun 08 16:02:56 I get a "press any key to stop auto run (1 second)" but I don't seem to be interrupting it. Jun 08 16:03:07 I _might_ not have the right pad probed yet, but.... Jun 08 16:03:15 I've heard of other tricks? Jun 08 16:08:04 mkresin: ping - query / pm Jun 08 16:08:49 mkresin: Tommy calling Fritz ;-) Jun 08 16:25:45 "running wifi router without antennas could fry the radios" Jun 08 16:25:49 I read this on lede forum Jun 08 16:25:54 is this true? Jun 08 16:26:16 I'm not an EE, but it sounds like BS to me. Jun 08 16:26:48 I've always wondered this as well, I thought power reduction on high SWR would be something standard in these radios Jun 08 16:30:23 it's possible to fry the chipset but unlikely. Jun 08 16:33:53 bleh, I'm out of plausible pads for a serial rx pin. Jun 08 16:48:35 ok, holding down reset during boot got me to a prompt at least.... Jun 08 16:48:50 this is a bit easier to probe around in then than trying to hit boot :) Jun 08 16:53:11 karlp: You got a photo of the device? Jun 08 16:59:10 not here. will trya nd get another one. Jun 08 16:59:18 one tick though, thnk I may have had a short Jun 08 16:59:50 nope, that wasn't it. Jun 08 17:04:56 Monkeh: https://imgur.com/a/IqN8Gvz Jun 08 17:07:24 karlp: Melty melty Jun 08 17:08:27 oh shush ;) Jun 08 17:08:48 those pins have curved leads so I had to push more than I was expecting and yeah, it got a bit warmer Jun 08 17:08:58 I hate factory solder, it's always so hard Jun 08 17:10:49 * Monkeh passes karlp the good iron Jun 08 17:11:57 anyway..... :) Jun 08 17:12:18 I don't get paid to do rework :) Jun 08 17:12:33 any points you want to bet on? Jun 08 17:12:52 I've got it sitting in CFE, I'm _expecting_ I'll get local echo when I find the right pad, surely? Jun 08 17:13:17 karlp: Top right looks interesting, dual resistors - could be shorted to ground to annoy you Jun 08 17:13:31 hrm, never thought of that. Jun 08 17:14:01 Could also just be a bootstrap Jun 08 17:14:29 Checked bottom left? Jun 08 17:14:47 hrmm, pin one on the 14pin, the square, is at 0.23V, the oher pins around that cluster on top right are all at 3v3 Jun 08 17:15:15 That's either a badly specced pull or it's AC Jun 08 17:15:34 bottom left on 14pin is at 3v3 now, but no good Jun 08 17:16:22 Good chance that pin 1 is MOSI or something and is also a bootstrap Jun 08 17:17:11 Where does that resistor at pin 12 go? Jun 08 17:17:24 it's a bit tedious. I've gone through dozens of pages of bcm63xx wiki internals and none of them are like this one :) Jun 08 17:17:55 And of course it's a *BLEEP*ing BGA, isn't it? Jun 08 17:18:09 the vertical resistor between the two connectors? Jun 08 17:18:13 Yeah Jun 08 17:18:24 that's a curious one, one side goes to the unpoppulated pad, which goes tot he top connector Jun 08 17:18:29 other side goes to the other connector Jun 08 17:18:36 I've tried both sides there too. Jun 08 17:19:18 I've nto tried _removing_ anything yet, but I really wasn't expecting to have to take things off for _rx_ but *shrugs* who knows what the italians got up to. Jun 08 17:19:29 Italians are involved? Run away. Jun 08 17:19:52 there's printk in italian interspersed in the bootlog :) Jun 08 17:20:04 Poor soul Jun 08 17:20:22 Tried pin 6? Jun 08 17:21:51 I've tried every pad of both the 10pin and 14pin connectors, yes. Jun 08 17:22:03 Hmpf Jun 08 17:22:07 and both sides of all resistors and open pads between them, and the top right. Jun 08 17:22:18 haven't rried the far side of the trio on top middle yet, might as well. Jun 08 17:22:31 They're all common Jun 08 17:22:35 That's bound to just be 3V3 Jun 08 17:22:56 I'd expect so, all those pads are 3v3 while running Jun 08 17:23:08 Yeah, that's just 3V3 up there Jun 08 17:23:45 Maybe they killed it somewhere else Jun 08 17:24:58 https://zerobin.net/?46330ffb6d765551#MsIQj6D3SHRvuHgcA2Wpy4YvBkWBkuFZ2wQ7EcZLjS4= (for italian snippets, nothing very interesting) Jun 08 17:25:30 Horrifying and ancient Jun 08 17:25:48 I love the insmod line. Jun 08 17:25:53 oh yar :) Jun 08 17:26:18 still, it's bcm63xx which is supported, and it has ralink wifi, so it should "just work" Jun 08 17:26:26 hah. Jun 08 17:26:34 at least, that was the reason I decided to even try bothering Jun 08 17:26:45 It's BGA and therefore unprobable? Jun 08 17:26:48 unprobeable Jun 08 17:26:48 yeah. Jun 08 17:26:53 Blah Jun 08 17:29:39 I added a enw image to that imgur album, bottom side. Jun 08 17:30:00 I _guess_ I could try alllll the pins on that double wide connector.... Jun 08 17:30:51 Oh no you didn't Jun 08 17:31:18 no, not yet, they look to be mostly just flash lines, Jun 08 17:31:25 though they seem to also go to the ralink wifi Jun 08 17:31:35 No, I mean the image Jun 08 17:31:48 There's still only two in the album Jun 08 17:31:52 https://imgur.com/a/IqN8Gvz ? Jun 08 17:32:15 ... I forced refreshed that five times Jun 08 17:32:21 Open it in a new tab and there's a new image Jun 08 17:32:24 ... Firefox.. Jun 08 17:34:20 Give that header a continuity wipe down to TX and see if it's present Jun 08 17:34:34 hrm, good idea Jun 08 17:35:28 nah Jun 08 17:35:34 I feel I must be missing something easy Jun 08 17:36:06 Check how hard the pins either side of TX are pulled Jun 08 17:38:32 ,,,the one to the right in the middle (vertical) seems to be ~0 ohms Jun 08 17:39:12 but probing resistance onboard is pretty flaky Jun 08 17:39:38 There's no trace there so I can pretty much guarantee that's a supply pin. Jun 08 17:40:01 yeah, I expectred a 10k pullup for rx, but if they've got ~0, that will kill me :) Jun 08 17:40:22 Yep, but there'd have to be a resistor for it Jun 08 17:40:36 You're looking for something abnormally low with a part to remove :) Jun 08 17:40:48 hrm? the horizontal, unpopulated, shold connect it, Jun 08 17:41:06 and then the vertical one should be 10k, but it's ~0, so it stays high, no ttl adapter can out drive it low. Jun 08 17:41:18 You said middle - I assumed you meant pin 11. Jun 08 17:41:56 But if that vertical resistor is 0 ohm to 3V3 that's your culprit Jun 08 17:42:09 Yank 'er and bridge the other Jun 08 17:42:32 pin 8 is tx out, then pin 9 goes to an unpopulated pad, other side of that goes to the vertical one that _appears_ to be 0 ohms Jun 08 17:42:38 off to the lab Jun 08 17:43:00 Yeah, pin 9's probably what you want, short the unpopulated pads and remove the resistor-that-isn't Jun 08 17:44:53 Also I think we're both off by 1, 9 is TX, 10 is what you're looking at Jun 08 17:45:14 yes, true Jun 08 17:45:37 kthats it :) Jun 08 17:45:45 * karlp cheers Jun 08 17:47:10 Dirty trick they play, that. :) Jun 08 17:52:23 right... that's not ... entirely what I was meant to be doing this afternoon :) but let's call it success anyway. Jun 08 18:13:32 Why is SpaceRat in out like cock in a whore? Jun 08 18:20:25 rotanid: ping Jun 08 18:20:36 mkresin: huh, yes? Jun 08 18:20:48 rotanid: are you blocktrron? Jun 08 18:20:57 nope, blocktrron ist blocktrron :D Jun 08 18:21:07 ohwow Jun 08 18:21:12 rotanid: #fail Jun 08 18:21:19 mkresin: np Jun 08 18:21:47 blocktrron: I'm quite sure your firtzbox 4020 PR broke the package selection of the 300e Jun 08 18:21:58 blocktrron: can we switch to query? Jun 08 18:22:10 sure Jun 08 18:36:05 * ldir replaces the banana he stole (and threw at Borromini) yesterday. Jun 08 18:37:57 morning Jun 08 18:48:20 if I configure a kernel driver under kernel_menuconfig will it override the kernel module ipkg from 'make menuconfig'? Jun 08 18:48:32 assume they're overlapped Jun 08 18:49:42 Tapper: steady on dear boy... that's a bit fruity! Jun 08 18:53:25 lol Jun 08 18:58:59 ldir sorry good man! It was the first simmaly that came to mind. I will ind-ever to not let rip with my fruity ways again. Jun 08 18:59:12 filthy mind Jun 08 18:59:46 a +b wouldn't go amiss though, no excuse for broken connectivity :D Jun 08 18:59:58 SpaceRat must be running dd-wrt Jun 08 19:00:03 hur Jun 08 19:00:25 lol - there could be children watching..... and then there's me.... yes think of my delicate mind :-) Jun 08 19:00:55 kinda weird - keeps happening exactly every 10min Jun 08 19:02:05 not actually losing connectivity actually, just part/join Jun 08 19:02:13 idiocy or bot, pick one Jun 08 19:02:13 :D Jun 08 19:02:24 idiotic bot Jun 08 19:03:59 I blame ddwrt! Jun 08 19:06:41 funny nobody has mentioned it until now, it's been going on */10 since at least end of may lol Jun 08 19:09:25 I notest because I had bin out all day and was reading back through the log to see what had bin said Jun 08 19:10:17 can you block a user from here? Jun 08 19:15:23 someone with chanserv access can Jun 08 19:17:06 Just a quick question, I’ve searched git and the forums to no avail. What was the group consensus about importing the Qualcomm fast path (sfe) code or some equivalent into master/18.06? Are we going to have any fast path support at all? Jun 08 19:17:56 Yes hardload will be in 18.6 but I don't know if it is for all targets Jun 08 19:18:04 hardwair off load Jun 08 19:19:43 Thanks! Is it the sfe or fast-classifier or some other patchset? Jun 08 19:24:12 there is ipt offload due for 18.06 Jun 08 19:24:33 applies to all platforms in software, no idea on hardware support Jun 08 19:31:41 18.06 will be on monday? Jun 08 19:33:23 ultito: don't you think that question is getting a bit long in the teeth. as a developer (albeit not on OpenWrt), I can tell you that there's barely anything more demotivating than this. Jun 08 19:39:20 pkgadd: as a medium voltage engineer working in engineering and bid&proposal department I understand what you mean Jun 08 19:40:30 ultito: https://openwrt.org/releases/18.06/start, and please take to heart what's pkgadd written. Jun 08 19:40:32 pkgadd: Here I mean it in good way, because I am looking forward for a new release :-) Jun 08 19:43:27 pkgadd: So please do not take my questions like a object of demotivation. Beer? Jun 08 19:44:00 ultito: as I'm not an OpenWrt developer, /my/ motivation doesn't matter ;) Jun 08 19:44:55 pkgadd: so what are you developer of...? Jun 08 19:45:00 * Monkeh strips pkgadd of all motivation Jun 08 19:45:09 I can always use more. Jun 08 19:52:31 hi Jun 08 19:54:32 Ah, suppose my question is better asked here: Jun 08 19:54:41 I'm new to OpenWRT development, which branch should new development be based off of? master, lede-17.01, openwrt-18.08? Jun 08 19:56:00 azarus: development only happens in master Jun 08 19:56:08 I'm asking because I master seems not to have all the subtargets lede had Jun 08 19:56:50 or... I might be seeing it wrong, sorry Jun 08 19:57:23 a couple of abandoned targets (those that were stuck on old kernels, like 3.18 or 4.4, have been removed, as there hasn't been anyone working on them for a long time) Jun 08 19:57:52 OK, thanks. Jun 08 19:58:42 I'm planning to port OpenWRT to a new device; the Helios4: https://kobol.io/helios4/ Jun 08 19:58:57 It has pretty neat specs: https://wiki.kobol.io/ Jun 08 19:59:26 And it's already supported by armbian and there are .dts files. Jun 08 20:00:27 bleh, what is it with lack of ethernet ports Jun 08 20:00:33 dual port chips aren't expensive Jun 08 20:00:49 jwh: eh, personally, don't need more than one Jun 08 20:01:34 it's not like I have two networks anyway :P Jun 08 20:02:01 more is always useful even if you don't use them :d Jun 08 20:02:24 also hm Jun 08 20:02:25 Sure, wouldn't hurt to have them; that's for sure. Jun 08 20:02:48 there are existing targets supporting that soc Jun 08 20:02:52 so it should be fairly easy Jun 08 20:03:33 need to create a board profile I guess Jun 08 20:03:39 Yup, but I have no prior experience with the source tree >.< but I'll take a look at the wiki. Jun 08 20:06:05 for me personally, the standard 4+1 ports present on most routers are already pretty tight Jun 08 20:06:10 yup Jun 08 20:06:22 I'd very much prefer at least 8 ports Jun 08 20:06:23 especially as most of those are also on a switch Jun 08 20:06:28 yep Jun 08 20:06:46 i'm not that much of a networking guy that ports on existing devices run out for me Jun 08 20:14:50 What's generally preferred; GitHub PRs or patches via mail? both of them are fine by me Jun 08 20:17:43 it depends, both is possible - many developers prefer the mailing list, but if your patches are very large (unlikely in your case), you might run into the size limit Jun 08 20:18:36 OK, will proceed with email then. Thanks. Jun 08 20:19:52 it tends to be that the patch quality is higher on the mailing list... and hence tends to get better attention because the reviews are a bit less of a chore. Jun 08 20:21:55 Wonder why that is, are the people that use GitHub just not as careful? Jun 08 20:22:52 because github makes it really easy to contribute for some reason Jun 08 20:23:10 "git send-email -1" vs. using a web interface Jun 08 20:23:19 pretty much the same to me :P Jun 08 20:23:20 I find git-send-email equally easy but for some reason many don't :) Jun 08 20:24:05 Agreed, in fact, I now much prefer send-email over Github, ... for reasons. ;) Jun 08 20:24:18 yeah, not having to use a webinterface ;) Jun 08 20:24:36 and I guess microsoft but tbh I don't care about that at all Jun 08 20:24:41 it's not that github was open before Jun 08 20:24:48 Fair enough, I suppose. Jun 08 20:24:49 I struggled with git & git sendmail for a while... now that I get it, I much prefer it! Jun 08 20:25:13 just need a proper .git/config, and send-email becomes a breeze Jun 08 20:25:29 this was before openwrt accepted github PRs Jun 08 20:27:13 coming from nothing to git, to patches and quilt was quite a journey for me Jun 08 20:28:02 I need to take a look at quilt, know barely anything about it yet :/ Jun 08 20:29:07 one of the most useful pages on quilt..for me... https://raphaelhertzog.com/2012/08/08/how-to-use-quilt-to-manage-patches-in-debian-packages/ Jun 08 20:30:07 and of course https://openwrt.org/docs/guide-developer/build-system/use-patches-with-buildsystem Jun 08 20:44:34 Thanks :) Jun 08 20:49:56 Speaking of PR quality, I see #1005 was taken.. I guess I'll clean up after that.. Jun 08 21:00:27 Seems the WRT1900AC(s) has been dropped :/ Jun 08 21:01:16 hm, seems I'm wrong -- but I can't seem to select it as a subtarget? Jun 08 21:02:28 That's because it's a profile, not a subtarget Jun 08 21:03:04 Has this changed since LEDE or is my memory failing me? :o Jun 08 22:16:00 * mangix looks at ldir patch Jun 08 22:19:42 non, je ne crois pas Jun 08 23:23:01 hmm Jun 08 23:24:04 i forward dlna stream traffic between networks. somehow the server software opens one connection and only transfers like 15-30mb over it and then opens a new connection Jun 08 23:24:18 resulting in a large number of time_wait connections Jun 08 23:24:47 will net.ipv4.tcp_tw_reuse help here? are there any negative side effects on a router? Jun 08 23:29:18 hmm i guess it does nothing when enabled on the router? Jun 08 23:43:17 have a module, showing the load on the CPU cores similar to the information about the loading of the cores as in the Mate in the task Manager? Jun 08 23:43:17 For me it does not matter, the load will on the cores CPU is shown in the text or in the image. Pi2 Jun 08 23:43:34 cpu cores real time Jun 08 23:46:05 qwefytuiityty: htop Jun 09 00:22:20 hmm i think i will try the timeouts from here https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Connection_tracking i know mikrotik meh Jun 09 00:26:33 but htop or top this for console, for me not problem, i use PuTTY, but as this, it is problem https://screenshots.firefox.com/8vmMzhtAtmLc3ZaU/null https://screenshots.firefox.com/FI9Y6fQ82sWDz0uR/null Jun 09 00:31:03 in windows cmd load cpu cores very dim color I don't see numbers Jun 09 00:33:57 funny, but not funny Jun 09 00:35:21 you can change colors Jun 09 00:35:49 in cmd ? Jun 09 00:36:00 or htop? Jun 09 00:36:18 F2 then scroll to colors, right arrow, then scroll up/down and hit space Jun 09 00:40:40 I almost didn't use htop or top, f2 ok Jun 09 01:49:48 lede (pi2 51 seeds of ubuntustudio, download ~ 80 Mbits, realtek usb, dhcp) -> router realtek (internet l2tp without encription isp CGN) -> lan local 10.8.50.6 dhcp isp. ISP one. Core: max 94, avrg 86, min 74. https://screenshots.firefox.com/ugaBB0dGTkYpQvFG/null Jun 09 01:50:58 witout router realtek with linux l2tp max ~40Mbit Jun 09 01:51:37 without Jun 09 01:52:17 realtek router, cpu 350 hz Jun 09 01:52:27 or 384 Jun 09 01:52:48 realtek cpu Jun 09 01:53:48 linux on router 2.4 flash 2 mb Jun 09 01:54:11 kernel 2.4 Jun 09 01:56:39 linux l2tp = l2tp lede Jun 09 01:58:20 what on earth are you waffling on about Jun 09 01:58:29 windows + routers Jun 09 01:58:48 oh, ok Jun 09 02:04:33 ubuntustudio not installed, i download ubuntu studio as exemple for see speed and load cpu. i use windows Jun 09 02:06:11 so whats the problem? Jun 09 02:06:17 you're just spewing nonsense Jun 09 02:11:03 no max speed on lede with l2tp, max ~ 40 Mbps and if big load for pi2 on cpu on lede with dhcp, what with l2tp in lede pi2? and why used one core? Jun 09 02:12:36 none of that is a problem, but if you actually described the setup, showed your configuration etc then someone might be able to help Jun 09 02:19:24 i think not help . first: routers have for l2tp hardware aceleration or xl2tpd linux bad optimization for l2tp. I am not an advanced Linux user. Lede Standard installation of the latest release. Jun 09 02:20:43 on linux destributiv i see tha same for l2tp without router ~40 mbps Jun 09 02:21:04 and cpu Jun 09 02:21:49 ppp (and l2tp) is single threaded for a start, and you still haven't given hardware or configuration details Jun 09 02:27:54 is more concrete what should be given? Jun 09 02:29:53 in exemple pi2 with lde not used l2tp, l2tp used onather router. lede used dhcp trought other router with l2tp Jun 09 02:31:47 in example pi2 with lede not used l2tp, l2tp used another router. lede used dhcp through other router with l2tp Jun 09 02:33:13 you're using.. a raspberry pi? Jun 09 02:33:35 window -> pi2 lede dhcp -> other router l2tp,dhsp local, isp Jun 09 02:33:53 rasppbery pi2 Jun 09 02:34:02 and you're surprised its garbage? Jun 09 02:40:14 amd cpu qad core x4 fm2 3300 hz with linux ubuntu mate, with xl2tpd for l2tp = max ~40 mbit = garbage? Or bad xl2tpd? or something? amd cpu qad core x4 fm2 3300 hz for game Jun 09 02:40:25 fm2+ Jun 09 02:41:05 amd cpu qad core x4 fm2 3300 hz not for game, game me not interesting Jun 09 02:43:58 router with kernel 2.4, with l2tp 20$, max 97 mbit for l2tp without encription, cpu realtek 384 hz Jun 09 02:44:12 15$ Jun 09 02:49:50 yeah I give up Jun 09 02:49:52 sorry Jun 09 02:49:53 :D Jun 09 02:51:18 maybe you'll be lucky and someone will speak russian Jun 09 02:52:26 norm my roter 15$i think have nardware aceleration for l2tp chines optimization )))) Jun 09 02:52:39 hardware Jun 09 02:52:56 your english is appalling, wait for someone else who speaks russian Jun 09 02:55:42 my router 15 i think have hardware acceleration for l2tp and optimization for my ru l2tp isp, chinese optimization )))) Jun 09 02:55:56 jwh: sorry - ok Jun 09 02:56:14 15$ Jun 09 02:57:32 https://github.com/xebd/accel-ppp Jun 09 02:57:43 might be useful Jun 09 02:57:50 something I had on my list to investigate Jun 09 02:58:17 might be server only **** ENDING LOGGING AT Sat Jun 09 03:00:06 2018