**** BEGIN LOGGING AT Sun Jul 01 02:59:59 2018 Jul 01 06:54:56 I'm looking at the 18.06(-rc1) packages and I can't see kmod-fs-exfat. Anyone knows why? Jul 01 07:00:23 it depends on BUILD_PATENTED, which is no longer built Jul 01 07:01:56 pkgadd: Thanks Jul 01 07:42:52 hi Jul 01 10:54:27 hi, I'm about to install OpenWRT(?) on my router, I found out that I need 17.01.4, but I'm confused about whether I want OpenWRT or LEDE, half of the resources mention one, half the other Jul 01 11:00:27 Lorash: the projects merged again, basically, for the codebase, it was a rebrand from lede to openwrt (lede having the most recent codebase at that time) Jul 01 11:01:00 there might be some LEDE references lingering but try to join #lede-dev e.g. and you'll see you get forwarded to this channel (#openwrt-devel) Jul 01 11:01:17 I didn't know if 17.01 was pre- or post-merge Jul 01 11:01:22 it's pre Jul 01 11:01:26 hence the lede naming Jul 01 11:01:32 18.06 will be post Jul 01 11:01:57 so... lede 17.01 I guess? Jul 01 11:02:09 and there's an RC for that, I recommend you try that one depending on your hardware (4 MB flash / 32 MB RAM is not recommended) Jul 01 11:02:19 what hardware do you have? Jul 01 11:02:29 TP-Link Archer C7 v2 Jul 01 11:02:34 I'm about to look up its specs Jul 01 11:03:08 16MB flash 128MB RAM should be beefy enough Jul 01 11:03:32 sure it's just those old N/G devices Jul 01 11:03:38 n/g? Jul 01 11:04:10 802.11n/g Jul 01 11:04:21 I think it does ac Jul 01 11:04:37 yeah no worries Jul 01 11:04:38 https://openwrt.org/toh/tp-link/archer-c5-c7-wdr7500 Jul 01 11:05:23 https://downloads.openwrt.org/releases/18.06.0-rc1/targets/ar71xx/generic/ < pick your image Jul 01 11:05:31 i'd recommend trying the RC1 Jul 01 11:05:31 if I may have a generic question, do OpenWRT upgrades retain settings? In this case it would be from 18 RC to 18 release Jul 01 11:05:40 you can yes Jul 01 11:05:47 you can choose to wipe settings as well Jul 01 11:05:55 but 18.06 RC to stable should be a no-brainer Jul 01 11:05:59 last time I used OpenWRT it was already something considered legacy so no upgrades to worry about :) Jul 01 11:06:28 do you know roughly when will 18 stable be made? Jul 01 11:06:32 it keeps settings by default (as long as you upgrade from and to openwrt/lede) Jul 01 11:06:41 it should be around in a few weeks i think Jul 01 11:08:20 umm.. there are a whole bunch of images - eu and us are self-explanatory but what's "-il"? Jul 01 11:08:22 it's at RC already so there won't be any breaking changes. I already migrated my hardware as soon as 18.06 got branched. Jul 01 11:08:25 israel Jul 01 11:08:37 if you don't know what it is it probably means you don't need it Jul 01 11:09:00 trying to decide between EU and no suffix Jul 01 11:09:20 I could not find any labeling on the device but I have an upgraded FW from TP-Link which in theory locks to EU Jul 01 11:09:39 which one matters more? Jul 01 11:09:59 well the firmware will be rejected if the manufacturer's firmware doesn't like it Jul 01 11:10:02 so easy enough Jul 01 11:10:05 that's easy then Jul 01 11:10:07 it just won't flash Jul 01 11:10:16 thank you for the help, time to go offline as I flash it o/ Jul 01 11:10:16 but if you're in the EU, try EU. Jul 01 11:10:33 you're welcome, and good luck. Keep in mind wireless is disabled by default so keep a wire handy Jul 01 12:10:49 hello, just wanted to thank you for your help earlier, I'm back to the OpenWrt fold :) Jul 01 12:12:05 not surprisingly my DL bandwidth is more than doubled, and I have IPv6 working, something the official FW couldn't manage - I knew OpenWRT would be better, but not by this much ^^ Jul 01 12:12:13 bye and thanks again o/ Jul 01 13:22:11 Is there a C expert who can translate this into something I can understand please? #define IS_ALIGNED(x, a) (((x) & ((typeof(x))(a) - 1)) == 0) Jul 01 13:23:31 ultimately, does it return 0 if aligned or as I suspect non zero if aligned courtesy the ' == 0' at the end. Jul 01 13:24:05 but my internal c parser is having issues...probably due to heat. Jul 01 13:24:30 ayyyy heatwaves aren't real! that's #fakenews Jul 01 13:25:55 which doesn't a) answer my question b) stay on topic. Jul 01 13:27:44 (4 & (32*3-1)) == 0 Jul 01 13:43:09 Us Brits can't cope with this kind of heat for this long! (:| Jul 01 13:46:38 apparently it's fakenews, so quite frankly I've given up. Jul 01 13:54:41 ldir hahah mate I am baking! People just don't understand that the houses over here are not built for heat. The tile roofs and brick work holds so mutch heat it's daft. Plus we dont all have AC, like in a lot of other countries. Jul 01 13:55:36 It's up to 31 were I am with about %85 humidity Jul 01 13:56:23 In the car it says it's 34 lol Jul 01 15:54:20 is there a kernel module "k8temp" available somewhere in openwrt? Jul 01 15:54:28 can't find it atm... Jul 01 15:56:24 rotanid: on which architecture? Jul 01 15:56:32 oh, sorry, x86-64 Jul 01 15:56:38 rotanid: would only make sense on x86... Jul 01 15:56:42 ah, okay Jul 01 15:56:54 it's a sempron amd64 cpu Jul 01 15:57:24 no idea if it's built. Jul 01 15:58:39 i can only find k10temp, under debian though there's both Jul 01 16:00:41 maybe it's actually not built? Jul 01 16:00:49 maybe, i don't know ;) Jul 01 16:05:21 ok, it seems "CONFIG_SENSORS_K8TEMP=y" is only in 18.06, not in 17.01 Jul 01 16:05:28 crazy, as K8 cpus are really old :D Jul 01 16:06:30 ok, found it, was added only in december 2017: https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=f96085b35d8aa6d100429bd1e802b9a1bf1442a8 Jul 01 16:49:13 Spain are out. Jul 01 16:49:48 I don't know how Russia pulled that off. Jul 01 16:49:51 lol Jul 01 17:30:13 OT, but i read they ran 10km more than the other teams in every much, i call Doping.. Jul 01 17:30:18 *match Jul 01 17:39:12 rotanid lol Jul 01 18:23:34 updated openwrt/upstream, https://sdwalker.github.io/uscan/index.html Jul 01 21:00:56 How fast will this run wireguard? https://wikidevi.com/wiki/TP-LINK_TL-WR802N_v4.x Jul 01 21:01:13 I need a router for travel that can push 100Mbit/s wireguard. Jul 01 21:01:39 for some personal use cases, you're actually going to have to evaluate things yourself. Jul 01 21:02:23 By buying a router and running a benchmark? Jul 01 21:02:35 yes, if you have such particularly explicit needs. Jul 01 21:02:38 I can't buy something I have no idea will work. Jul 01 21:02:53 it will run wireguard, how fast is more subjecting. Jul 01 21:03:02 that device is very unlikely to cope with 100 MBit/s VPN traffic - and flash/ RAM will even make running a VPN service pretty tedious Jul 01 21:03:15 Well, it's 8/64. Jul 01 21:03:25 4/32 Jul 01 21:03:32 Ah, bad. Jul 01 21:03:36 it's only got one lan port anyway, good luck getting 100Mbits solid on the wifi anyway. Jul 01 21:04:25 100Mb/s wifi generally requires 802.11ac Jul 01 21:04:47 Isn't 100Mb/s doable on g? Jul 01 21:04:50 https://openwrt.org/toh/hwdata/gl.inet/gl.inet_gl-mt300n_v2 Jul 01 21:05:12 theoretical max on g is 54Mb/s Jul 01 21:05:25 it's n then. Jul 01 21:05:31 gl.inet is 16/128. Jul 01 21:05:49 That will run any software that can be realistically be put on a router. Jul 01 21:05:51 gl.inet makes many devices Jul 01 21:05:59 this one is 16/128/ Jul 01 21:06:05 n theoretical max is 150 to 433, but real-world max is around 40 Jul 01 21:06:53 I don't care if the router is small, it should only be small enough for airline to allow me to carry it on the plane. Preferably I should be able to power it on the plane to access the plane Wi-Fi. Jul 01 21:06:57 not really, 40MHz channel -> I can push about 200mbit Jul 01 21:07:16 you will not get 100 MBit/s VPN throughput with a 580 MHz mips CPU, about 3 MByte/s at most Jul 01 21:08:03 koops: just use usb phone tethering if you're going to access plane wifi. Jul 01 21:08:05 there is no way a public wifi will allow 100Mb/s Jul 01 21:08:07 why are you compilicated this. Jul 01 21:08:25 and yeah, like hell any airplane wifi will let you have even a fraction of 100Mbps Jul 01 21:08:41 I need it to run things like wireguard and dnscrypt-proxy. Jul 01 21:09:09 I need devices to use this connection and DNS. Jul 01 21:09:14 you can do that on the laptop itself. Jul 01 21:09:19 What about hotel wi-fi? Jul 01 21:09:27 and on the phone? Jul 01 21:09:52 how is it going to access dnscrypt-proxy over USB? Jul 01 21:10:02 NDIS? Jul 01 21:10:28 usb tethering just shows up as a usb NIC.... you can do what you like with it. Jul 01 21:11:04 And the phone can have DNS servers set to the ones on the laptop, and it will access them over USB? Jul 01 21:11:18 Ah, I forgot I can run Wi-Fi hotspot on a laptop. Jul 01 21:12:04 I would prefer somehow running it in Linux (easier to setup vpn and dns and needed for iptables) while browsing from Windows though. Jul 01 21:12:26 I have 2 phones, mine and my mate's, and 1 to 2 laptops. Jul 01 21:12:35 That's why I considered taking a router with me. Jul 01 21:13:24 if you want more than 50 MBit/s VPN throughput, you do need a highend ARM device. Jul 01 21:13:24 so, you suggest to use a laptop as a hotspot or tethering a phone? Jul 01 21:13:55 And that can't run on 5v 5a max of USB 3.1? Jul 01 21:14:28 so I can power it off a laptop or plane usb ports (with proper USB data protection) Jul 01 21:14:59 or x86 (laptop). Jul 01 21:15:54 * drmr points at DonkeyHotei's very valid point: there's no hotel and certainly no plane wifi that will give you 100 mbit in the first place. Jul 01 21:16:02 There are also x86 mini computers usually used with pfSense but I don't think there is one that can run on such low power. Jul 01 21:16:17 And if I stay in Airbnb? Jul 01 21:17:04 Then I will need to somehow secure the devices while they are connected to wired network of the leased house. Jul 01 21:17:08 CERN has Airbnb? Jul 01 21:17:58 I'm not sure if plugging a laptop instead of a secured Linux device specifically made for routing packets is a good idea. Jul 01 21:18:09 here's an idea. I completely get the need for a "network condom". get a cheap portable device that will just do that, sit as a tiny firewall between you and the network. and then open the VPN connection from your laptop. Jul 01 21:18:31 Most houses have 100mb/s in both the destination country and my country. Jul 01 21:18:36 (I use a nexx wt1520 for that. not great, but portable as duck.) Jul 01 21:18:41 drmr: dremora? Jul 01 21:18:57 dre-what? Jul 01 21:18:58 drmr: better completely hardware, no programmable components. Jul 01 21:19:18 then I will buy the entire stock. Jul 01 21:19:27 your nickname. Jul 01 21:19:32 now you lost me. completely. Jul 01 21:19:35 http://elderscrolls.wikia.com/wiki/Dremora Jul 01 21:20:03 eh, i'd take one of the glinet ar750 with me Jul 01 21:20:05 nah, not a gamer. sorry. Jul 01 21:20:25 A completely hardware, unhackable device that simply blocks all open ports is an amazing idea. Jul 01 21:20:34 oh, I have one of those Jul 01 21:20:43 it's called an ethernet cable with one end broken Jul 01 21:20:50 pretty much everything that runs OpenWrt does that for you. Jul 01 21:20:56 I mean incoming connections. Jul 01 21:21:13 yes, that's exactly what an openwrt box does. Jul 01 21:21:20 part of how ip masq works. Jul 01 21:21:28 No, what would be amazing is a device that is completely impossible to trick or compromise. Jul 01 21:21:37 yes, we callthat "airgapped" Jul 01 21:21:46 drmr: fighting a losing battle Jul 01 21:21:51 e.g. that has hardware logic. Jul 01 21:21:52 :D Jul 01 21:21:58 fully hardware. Jul 01 21:22:01 jwh: that's the tinfoil hat guy, right? I think I remember. Jul 01 21:22:03 tinfoil hat trumps sensibility Jul 01 21:22:10 Yeah I guess. Jul 01 21:22:25 Hi drmr you think I should start selling my hammers? Jul 01 21:22:27 After reading some stuff I became unhealthy paranoid. Jul 01 21:22:35 Still fighting that. Jul 01 21:22:37 ... "fully hardware"...? Jul 01 21:22:44 okay, maybe https://hackaday.com/2018/06/30/ddl-4-is-a-visually-pleasing-modular-cpu/ is what you want then Jul 01 21:24:15 no. no CPU at all. Simply block any packet that is not a part of a connection that is initiated by the device protected by the Ethernet condom. Jul 01 21:24:34 After you use my speshel hammer routers will keep your bits and bites safe for ever and a day for the low low price of your sole! Jul 01 21:24:37 go with the latex type then Jul 01 21:24:41 koops: I have a bag of switches I can sell you. Jul 01 21:24:55 ethernet cables take eight. Jul 01 21:25:08 Ah, okay. Here, my blue magic smoke firewall is $59.99.99, payable in payments once a month. Jul 01 21:25:20 Or maybe the type of CPU that physically can't execute arbitrary code, only the one hardcoded into it. Jul 01 21:25:49 I am sorry but your blue magic smoke joby is not as good as a blind mans hammer of fuckrey! Jul 01 21:25:52 I just figured out that it needs RAM to function, hence the CPU needed. Jul 01 21:26:28 Enlightenment! Tapper, I think your LART might have worked. Jul 01 21:26:35 he's pulling our leg, right? tell me he's pulling our leg. Jul 01 21:26:42 no Jul 01 21:26:47 gotta be Jul 01 21:26:58 genuinely nuts Jul 01 21:26:58 :D Jul 01 21:27:26 "Words make sense apart... But together??!???!" Jul 01 21:27:40 also, it's amazingly horrible how much of a rice snob you become once you spend a prolonged time in asia. Jul 01 21:28:08 basically a device you can plug into the random network, then plug a switch, and voila, you have a safe network. Jul 01 21:28:08 * Tapper strolls off in to the night with the blind mans hammer of fuckrey! slung over his shoulder ready for war! Jul 01 21:28:08 like, I ran out of rice today, and made some European rice. quite expensive one at that. it's rubbish. Jul 01 21:29:05 So what I want is basically a very minimalist router that is guaranteed to only perform its functions correctly. Sell that to all kinds of organizations at high risk of targeted attacks and make billions. Jul 01 21:29:22 Even better if it's portable. Jul 01 21:29:38 Does this make sense? Jul 01 21:29:39 no Jul 01 21:29:42 koops: why are you writing with a number in every fourth letter? Jul 01 21:29:55 makes your stuff really hard to read. Jul 01 21:30:01 drmr: that's something on your side. Jul 01 21:30:14 jwh: do you see it too? Jul 01 21:30:16 nope Jul 01 21:30:22 https://usercontent.irccloud-cdn.com/file/fBAeSqmG/image.png Jul 01 21:30:30 unprintable char perhaps? I strip all that Jul 01 21:30:50 his text looks good to the blind man! Jul 01 21:30:53 koops: I think someone has tapped into your connection. Jul 01 21:31:10 I can see everyone else's just fine. Jul 01 21:32:31 drmr: Yeah, they tapped into HTTPS connection lol. Jul 01 21:32:36 if you want guaranteed security with a mechanical switch, go with a W48 Jul 01 21:32:41 Just to make me look stupid. Jul 01 21:32:44 Satisfied? Jul 01 21:32:53 what you want is an FSM Jul 01 21:34:31 all praise the finite state machine and his noodly appendange. Jul 01 21:34:31 jwh: a flying spaghetti monster? Jul 01 21:34:43 lol yes Jul 01 21:35:14 I tried pastafarianism, but I couldn't handle the carbohydrates. Jul 01 21:36:05 lols Jul 01 21:36:45 Well, there's always jibbers. Jul 01 21:37:29 https://www.youtube.com/watch?v=ZZ_BtZ-5O60 ;) Jul 01 21:38:26 hahaha I have a holey hat! Jul 01 21:39:15 What about a VPN that uses one-time pads to boot? Jul 01 21:39:21 bundled with the device? Jul 01 21:39:26 lol. Jul 01 21:39:47 With both sides being specialized hardware. Jul 01 21:39:52 And you're going to provision the remote end... how? Jul 01 21:40:20 plug it into a more trusted area of the Internet. Jul 01 21:40:24 stop now Jul 01 21:40:33 lul. Jul 01 21:40:34 there's no place like 127.0.0.2 Jul 01 21:40:35 this is for dev not paranoia Jul 01 21:41:10 that was a joke lul. and you are not nice at all. Jul 01 21:41:59 "do you want answers, or do you want a hug?" Jul 01 21:42:00 play with fire, get burnt. Jul 01 21:42:08 agree. Jul 01 21:42:09 * karlp hi5s drmr Jul 01 21:42:34 :D Jul 01 21:42:37 referring to another thing though. Jul 01 21:43:06 I read the wrong page and now can't think straight. Everything feels like it's vulnerable to crap like this. Jul 01 21:43:22 and likely compromised already. Jul 01 21:43:38 what about the blind mans hammer of fuckrey? No tackers? Jul 01 21:43:39 I can give the link if you want to become like me or something. Jul 01 21:43:45 like your psyche? Jul 01 21:43:47 * jwh drops mic Jul 01 21:44:01 You won't want to live after reading. Jul 01 21:44:14 Sure, I'm curious as to how sane this article is. Jul 01 21:44:16 This is serious. Jul 01 21:44:32 koops come on now mate just nockit on the head! Jul 01 21:44:45 It's about so called QUANTUM attacks. Jul 01 21:44:45 probably a bunch of misinformed people spouting FUD as usual Jul 01 21:45:02 run by an agency we all know and love. Jul 01 21:45:10 post the link then I am board and could do with a laugh Jul 01 21:45:26 The implication is that most of the internet is compromised. Jul 01 21:45:34 Including your computer too. Jul 01 21:45:35 it isn't Jul 01 21:45:43 why do you persist Jul 01 21:45:50 literally malware Jul 01 21:46:13 I am safe! I have my blind mans hammer of fuckrey! Jul 01 21:46:25 bring it on CIA bitches! Jul 01 21:46:37 If you want to simply live like you used to, play Skyrim etc try to hold on that feeling that it's not true and just ravings of a madman. Jul 01 21:46:44 Looking for link w8. Jul 01 21:47:43 https://www.irccloud.com/pastebin/FHXiYWt3/ Jul 01 21:47:46 https://cryptostorm.org/viewtopic.php?f=67&t=8671 Jul 01 21:47:51 skyrim? I just upgraded my computer to play Wing Commander! Jul 01 21:47:56 both look like reliable sources Jul 01 21:47:59 koops https://www.youtube.com/watch?v=SjJHH6IL3Nc Jul 01 21:48:20 I've seen that URI before. Jul 01 21:48:20 none of my windows machines are infected with anythin Jul 01 21:48:21 hth Jul 01 21:48:27 koops: well, here's some data for you. The US government built a data warehouse in utah, 1.5 million square feet. The volume of that structure can contain enough servers to match *one* of amazon's AWS data warehouse sites. Jul 01 21:48:44 It's estimated they have the capacity to store less than 8 months of internet traffic. Jul 01 21:49:01 So they have to throw a lot of data away or render it to metadata. Jul 01 21:49:02 people who have something valid to say write papers, not irccloud hosted nonsense Jul 01 21:49:03 the operative word being "store" Jul 01 21:49:12 just putting that out there Jul 01 21:49:22 jwh: people talking sense aren't welcome here Jul 01 21:49:41 ha Jul 01 21:49:55 karlp: by order of the POTUS? Jul 01 21:50:01 I'm fine knowing I'm being monitored; and I'm even more fine knowing that I'm not a large enough target for long term storage to be an issue. Jul 01 21:50:04 I'm taking meds and they only make me calm but do not change my thinking, which shows that it's not psychotic in nature. I think the best bet is psychotherapy. Jul 01 21:50:18 just broken Jul 01 21:50:21 @jwh I copied it from the article. Jul 01 21:50:45 Yeah, mind-shattered completely I guess. Jul 01 21:50:50 Worse than death imo. Jul 01 21:51:05 there are lots of things worse than death. Jul 01 21:51:29 chinese food, for example. Jul 01 21:51:41 hurr Jul 01 21:51:43 I take apart packet capture appliances for work. Jul 01 21:51:57 Here's a really shitty video of me trying to explain how one works. https://www.youtube.com/watch?v=197QDmd-IWs Jul 01 21:52:06 Unless psychotherapy will give me answer to only one question (What's the point of living if you are going to be under lifelong surveillance and any machine you can ever own is compromised?), I will off myself. Jul 01 21:52:22 It's planned and not impulsive. Jul 01 21:52:34 If psycho won't help I will off myself. Jul 01 21:52:47 * Kamilion stares with cold eyes... Have you looked into brewer's nitrogen? Jul 01 21:53:06 s/brewers// Jul 01 21:53:41 I will most likely use it, or barb overdose, or a gun. Jul 01 21:53:47 koops: or you could just ... step out and enjoy the sunshine. you don't need a machine for that. Jul 01 21:53:59 or even better, self-immolation in front of *their* building. Jul 01 21:54:00 hehe, as long as they're not in iceland.... Jul 01 21:54:41 people take this internet and technology thing entirely too seriously. Jul 01 21:54:41 rained every single day in may. and june has had only 70% of teh sun hours of the 10 year average, only a single day sunny the whole day Jul 01 21:54:54 heh Jul 01 21:54:58 So yeah, either the most painless methods, or the most painful and impressive. Jul 01 21:55:31 just stop being so paranoid ;D Jul 01 21:56:14 also, lifelong surveillance is not the end of everything -- look at the lifting of the iron curtain Jul 01 21:57:22 koops: ever thought of taking a break? and I'm not talking coffee. doing something that doesn't put you in constant contact with your anxieties? Jul 01 21:58:03 koops: for example, and I'm not kidding, becoming a gardener, taking up rollerskating, building model planes. Jul 01 21:58:30 there is so much more to life, so many more possibilities that don't have CPUs in them. Jul 01 21:59:04 http://www.daileysfarmandbcsshop.com/ Buy a tractor. *grins* Jul 01 21:59:16 * drmr refers to https://joypad.de/ Jul 01 21:59:46 Purple tentacle should not be the one telling me this. Jul 01 22:00:03 koops: I grow veg Jul 01 22:00:37 I clean and repair old games. none of them have internet. Jul 01 22:00:47 I love it there is just somthing that makes me feel at pece digging in the dirt Jul 01 22:01:13 gardening/farming is actually pretty awesome. Jul 01 22:01:31 "If you're reading this chances are you are looking for that Monkey Island 2 font. I personally transferred it from the original bitmap, pixel by pixel. Feel free to download and use the WOFF webfont referenced in the CSS below. Cheers." <3 awesome developer. Jul 01 22:01:40 (thanks.) Jul 01 22:01:51 yeah I all so have kids and showing them what it takes to get some nice vegys to the table is grate fun for me Jul 01 22:02:34 and you couldn't buy that stuff, not for a lot of money. Jul 01 22:02:47 Tapper: boss bought one of those BCS walk behind tractors, and I've been goofing off with it on the weekends Jul 01 22:03:21 lol I dont have a verry big yard but I would love to get one and a bigger garden Jul 01 22:03:37 ooare! lol Jul 01 22:04:30 http://www.daileysfarmandbcsshop.com/tractor-test-page-link.html <--- these are about $1600 on sale. Jul 01 22:04:38 I live in a crappy part of my sitty and it is not unherd of for dudes to go to the pub then come home and have a falling out there wifes Jul 01 22:04:55 But when I want some pece i just go doun the yard Jul 01 22:05:05 or to the gym for a workout Jul 01 22:05:57 they have mowers, tillers, all kinds of modules that just pop on. No leccy, all mechanical. Really neat to play with, I feel like I'm a teenager playing with tonka or something Jul 01 22:06:11 Tapper: well you do live in Stoke Jul 01 22:06:13 :) Jul 01 22:06:38 it's the openwrt of lawnmowers... lmfao Jul 01 22:06:52 no tonka, only playmobil Jul 01 22:06:54 yes stoke mate Some times I love the people of stoke because some of them are realy nice and then some are just scum! Jul 01 22:07:11 that digger sounds like so mutch fun lol Jul 01 22:07:14 Tapper: that only coz you can't see it from the inside :D Jul 01 22:07:16 that's true for every place on earth. Jul 01 22:07:57 drmr there is some realy bad eggs around some parts of stoke Jul 01 22:08:39 jwh is it you that came to stoke when you were at uni? with your mate to see some girls? Jul 01 22:08:51 lol, no Jul 01 22:08:56 didn't go to uni Jul 01 22:09:00 jwh haha Jul 01 22:09:14 jwh how mutch do you know about stoke? Jul 01 22:09:17 wouldn't have gone to anywhere up here anyway Jul 01 22:09:26 lots, due to it being so close :( Jul 01 22:10:03 I don't go there often Jul 01 22:10:06 I am a vale fan that should give you a idea of which end of the sitty I am from. Jul 01 22:10:08 went out with a girl from stoke once though Jul 01 22:10:14 up 'anley Jul 01 22:10:57 jwh she live in hanley? Jul 01 22:11:06 close enough yeah Jul 01 22:11:13 cool Jul 01 22:11:31 my friend used to play for port vale too :D Jul 01 22:11:38 for a bit anyway Jul 01 22:11:39 O cool who is that? Jul 01 22:12:20 d. richards, don't think he played long enough to make it onto starting though Jul 01 22:12:40 If you know people around hanley or Tunstall I bet one of them nos a blind dude. Jul 01 22:12:42 injured pretty early on, gave up Jul 01 22:12:45 heh Jul 01 22:12:57 shame Jul 01 22:13:07 nah I don't really know anyone from stoke, not unless they've moved here Jul 01 22:13:19 O were are you now Jul 01 22:13:27 back in stafford Jul 01 22:13:32 for no Jul 01 22:13:33 w Jul 01 22:13:53 O rite you were the one talking to me about the weather when we had the thunder storms Jul 01 22:14:05 I think Jul 01 22:14:05 probably Jul 01 22:14:11 love a good thunder storm Jul 01 22:14:34 hah we all ways winge about the weather in the UK Jul 01 22:14:49 yeah me to Jul 01 22:15:07 yup, to hot, to cold, to dry, to wet Jul 01 22:15:09 ffs, the game has been over for more than an hour, the serbs are still driving around honking. Jul 01 22:15:16 lol Jul 01 22:15:32 My wife tells me when she sees the Lightning and then I know when to expect the thunder Jul 01 22:15:42 this WC has been delightful Jul 01 22:16:08 being in Germany right now, I agree. :) Jul 01 22:16:20 haha Jul 01 22:16:27 got a busy week, tuesday is the game, then my birthday, then off to London for second party :D Jul 01 22:16:35 don't expect to do any work Jul 01 22:16:36 drmr: ha Jul 01 22:16:37 except for the Blue Samurai, their last match was abysmal. Jul 01 22:16:42 let's hope they do better tomorrow. Jul 01 22:16:43 bizy boy partty! Jul 01 22:17:21 busy* Jul 01 22:17:27 heh Jul 01 22:17:28 yup Jul 01 22:17:42 was hoping to get some more patches sent but had a heavy weekend too Jul 01 22:17:55 Some words just don't sound rite when I try and think how to spell them! Jul 01 22:18:27 I must be blind and deslesic Jul 01 22:18:30 hah Jul 01 22:18:33 heh maybe Jul 01 22:18:53 today was spent trying to undo the damage of drunken facebook :DD Jul 01 22:18:55 rite people I am off to bed now Habve to get up at 6 with my mad kids pece out Jul 01 22:18:58 luckily I don't think it was too bad Jul 01 22:20:05 sleep well, Tapper Jul 01 22:20:10 later Jul 01 22:20:19 fuck drunken facebook are you trying to give me night mares. I left face book the day my mum joined. Jul 01 22:20:29 haha Jul 01 22:20:48 * Tapper runs off! Jul 01 22:20:59 went to a wedding do, ended up going out clubbing with the brides daughters, so obviously facebook stalking ensued Jul 01 22:21:03 lol Jul 01 22:21:32 one more thing befor i go jwh fucking hi five!! Jul 01 22:21:36 lol Jul 01 22:21:38 haha Jul 01 22:22:11 even with my "nobody knows I'm not a lesbian" tshirt on obviously that triggered them Jul 01 22:22:14 but a good talking point! Jul 01 22:24:26 dwmw2_gone: ping Jul 01 23:16:06 * jwh switches images to bird2 Jul 01 23:16:10 config rewrites all round Jul 01 23:35:48 pkgadd: will this mips crap run at least 10 MBit/s? Jul 01 23:36:10 GL.iNet or smth. Jul 01 23:36:19 lol Jul 01 23:36:22 Why is MIPS slower than ARM though? Jul 01 23:36:44 ok I get that it can be at most 24Mbit/s, but will it run 10 stable? Jul 01 23:44:45 koops: I don't know the context here, but I have a hard time imagining there is something home-router wise manufactured in the last 10-15 years that doesn't do 10 megabit/s in a stable way. Jul 01 23:45:01 at least not for normal usage, as in no stress-test (syn-flood for instance) Jul 01 23:45:10 he wants 100meg of tunnelled crypto Jul 01 23:45:12 SwedeMike: the context is wireguard VPN. Jul 01 23:45:18 (not happening) Jul 01 23:45:18 lull no. Jul 01 23:45:30 10mbps is fine. Jul 01 23:45:34 but also wants the device to not be programmable Jul 01 23:45:38 nope. Jul 01 23:45:41 and immune from all the people watching him Jul 01 23:45:47 that was an idea. Jul 01 23:45:56 for something completely different. Jul 01 23:45:56 obsession, itym :D Jul 01 23:46:18 that was an idea for a $1000 device to scam nonprofits with. Jul 01 23:46:25 not sure how serious this is. Jul 01 23:46:35 maybe I'm joking, maybe not. Jul 01 23:46:43 But one device would cost $1000. Jul 01 23:47:38 The idea is basically a simple firewall that is impossible to exploit or hack because it's all hardware. Jul 01 23:47:53 k so, actually an on-topic question for this channel Jul 01 23:48:08 why are the package feeds split? :D Jul 01 23:49:12 LuCI stuff separate from everything else? Jul 01 23:49:35 umm there is more than just luci Jul 01 23:50:54 not that it matters anyway, just curious Jul 01 23:51:15 I struggled to find luci app for shadowsocks until I figured out it's in other repo too. Jul 01 23:52:03 why? Jul 01 23:52:04 [jwh@aurbuilder nspv2]$ grep luci feeds.conf.default Jul 01 23:52:04 src-git luci https://git.openwrt.org/project/luci.git Jul 01 23:52:05 :D Jul 01 23:52:25 I'm new to OpenWRT. Jul 01 23:52:39 so am I Jul 01 23:58:07 koops: ok, then 10 megabit/s is kind of high, I don't even get that with my edgerouter ER5. Jul 01 23:58:24 SwedeMike: on edgeos? Jul 01 23:58:30 jwh: correct. Jul 01 23:58:33 you broke it :D Jul 01 23:58:35 (openvpn) Jul 01 23:58:37 ah Jul 01 23:58:43 jwh: nope, just anemic CPU. Jul 01 23:58:53 it has crypto offload though, you should be able to use that Jul 01 23:59:06 it's only supported for IPSEC from what I can tell. Jul 01 23:59:10 but its slow because single threaded and userland copying Jul 01 23:59:17 not generic crytpo operations. Jul 01 23:59:20 its a crypto COP, does AES too Jul 01 23:59:22 and md5 etc Jul 01 23:59:51 well, I tried telling openvpn to use the AES types that are supposedly supported, but no difference. So perhaps their openvpn isn't compiled with using crypto libraries that support this offload Jul 01 23:59:58 wireguard uses chacha20 Jul 01 23:59:58 yeah possibly Jul 02 00:00:09 probably need to tell it to use hardware anyway with the engine option Jul 02 00:00:35 at least, I did last time I used openvpn with hardware crypto Jul 02 00:00:38 but that was an older version Jul 02 00:00:39 afaik only x86 has chacha20 offloading Jul 02 00:01:11 jwh: https://community.ubnt.com/t5/EdgeMAX-Feature-Requests/OpenVPN-hardware-offload-support/idi-p/600283 says "Part of the reason why this gets complicated is that it's not just something you enable and re-compile. Currently we use the openvpn binaries from debian wheezy. So in order to apply the offload patch we would have to start maintaining/compiling our own verion openvpn. We try to Jul 02 00:01:17 avoid extra maintenance like that if at all possible given our limitted resources. However we do compile some packages, but openvpn would be even more different because instead of using the standard debian toolchain we would have to use the Cavium 64 bit toolchain. " So I guess this is a "no" Jul 02 00:01:25 ah heh Jul 02 00:01:29 so laziness is why it doesn't work Jul 02 00:01:30 :D Jul 02 00:01:46 good job they're not doing it for free Jul 02 00:01:49 DonkeyHotei: I don't think x86 has it Jul 02 00:01:58 ell, they don't charge Cisco pricing so I guess one can't demand big box vendor support. Jul 02 00:01:58 or that it's really needed. Jul 02 00:02:03 they also don't need to use the cavium toolchain Jul 02 00:02:04 heh Jul 02 00:02:04 chacha20 is very fast. Jul 02 00:02:55 jwh: but the point about openvpn not being easily accelerated is true, even with null cipher one doesn't get great speed. Jul 02 00:03:00 yeah Jul 02 00:03:10 a lot of the overhead is userland copies Jul 02 00:03:14 but its also single threaded Jul 02 00:03:22 and its pretty slow anything Jul 02 00:04:09 they probably don't have cryptodev in their kernel config either Jul 02 00:05:26 I just wish openvpn etc wasn't such a dog to configure in OpenWrt, then I could run it on my Omnia Turris which has a lot more cpu Jul 02 00:05:30 heh Jul 02 00:05:50 there are some alternatives but they aren't that great either Jul 02 00:06:07 well, I need OpenVPN specifically for this. Jul 02 00:06:07 for reasons other than performance, though Jul 02 00:06:17 heh Jul 02 00:07:04 hm, wonder if the CN71xx has straight AES-GCM offload Jul 02 00:07:41 would be nice if it was fast enough for macsec Jul 02 00:08:47 everyone needs macsec, etc Jul 02 00:09:13 just like everyone needs netflow Jul 02 00:15:03 jwh: what about ZBT WE1326? Jul 02 00:15:50 no ida Jul 02 00:15:51 idea Jul 02 00:16:05 has wireless, not interested :D Jul 02 00:16:27 It uses MT7621AT. Jul 02 00:17:51 might have hardware crypto, so why not Jul 02 00:18:08 wonder if the 7620 does Jul 02 00:18:34 7620 does not have gigabit ethernet Jul 02 00:18:42 7621 does Jul 02 00:18:45 only have 7621AT devices though, so doesn't matter Jul 02 00:18:46 DonkeyHotei: ah Jul 02 00:19:07 What about MT7628AN? Jul 02 00:19:28 that's the generation in between Jul 02 00:19:38 would be amazing if it had AES acceleration. Jul 02 00:19:46 it does, supposedly Jul 02 00:20:00 "AES Engine" Jul 02 00:20:12 but its also FE Jul 02 00:20:18 FE? Jul 02 00:20:31 https://openwrt.org/toh/hwdata/gl.inet/gl.inet_gl-mt300n_v2 Jul 02 00:20:35 That's the router. Jul 02 00:21:08 the edgerouter x has MT7621 and it has ipsec offload and offloads "3DES / AES-128 / AES-256 / MD5 / SHA-1 / SHA-256" according to https://help.ubnt.com/hc/en-us/articles/115006567467-EdgeRouter-Hardware-Offloading-Explained Jul 02 00:21:44 oh hm, I don't think AES engine is what it looks like Jul 02 00:21:52 oic Jul 02 00:22:05 I need a compact router that can be powered with a USB cable. Jul 02 00:22:09 That would be best. Jul 02 00:22:10 MTK are really secretive about their hardware/code Jul 02 00:22:57 IKE does not support GCM ciphers on these devices. Jul 02 00:22:58 L** Jul 02 00:23:00 :(( Jul 02 00:23:29 everyone sucks at supporting GCM Jul 02 00:23:57 even though its faster for network ops Jul 02 00:54:10 ooh, some new x86 boards from faff ltd Jul 02 00:54:52 https://www.mini-itx.com/~C3758D4I-4L, https://www.mini-itx.com/~JBC130-F533W6 Jul 02 00:59:45 I'd avoid baytrail-d at this time. the pentium j1900 still have issues with sleep states, which makes it freeze up from time to time Jul 02 01:00:08 baytrail is pretty terrible all round at power management Jul 02 01:00:14 but you can disable most of it Jul 02 01:00:44 it won't get more stable doing so Jul 02 01:00:54 i wouldn't call anything j1900 "new" Jul 02 01:01:13 mmm with all the ridiculous ones I had on the cmdline for my baytrail box it was pretty stable tbf Jul 02 01:01:23 been there, done that, got the t-shirt - and re-enabled all the power saving whizzbang, as disabling it didn't improve stability at all Jul 02 01:02:05 cpufreq.governor=performance intel_idle.max_cstate=0 tsc=reliable force_tsc_stable=1 clocksource_failover=tsc intel_pstate=disable nopti Jul 02 01:02:08 :D Jul 02 01:02:19 its *much* better post-4.13 Jul 02 01:02:32 used to be really ridiculous Jul 02 01:02:46 well, it can run weeks at a time - and crash half a dozen time the next day Jul 02 01:03:20 mmm, think the max I've had on this one I'm ircing from now has only had about 80 days before I rebooted for updates Jul 02 01:03:23 so probably not enough run time Jul 02 01:05:09 at least cpu scaling works now Jul 02 01:05:14 used to have to disable everything Jul 02 01:05:25 otherwise it would just die on its arse when cpu slowed down Jul 02 01:55:23 saw lots of "!fw3" comment in iptables output, what does it stand for? Jul 02 01:56:49 i'm using iptables + /etc/init.d/firewall + /etc/firewall.user for everything firewall, what's special about fw3? Jul 02 02:50:12 ausjke: ...firewall3 Jul 02 02:54:16 jwh: yes, what's the advantage of firewall3, comparing to iptables that is Jul 02 02:57:45 umm, it is iptables Jul 02 02:58:08 its a management tool Jul 02 02:58:43 so is iptables, wonder the key difference Jul 02 02:58:52 umm, n Jul 02 02:58:53 o Jul 02 02:59:19 but either way, a 5 second google would reveal the difference **** ENDING LOGGING AT Mon Jul 02 03:00:00 2018