**** BEGIN LOGGING AT Wed Jul 18 03:00:02 2018 Jul 18 05:25:00 stintel: ping Jul 18 05:25:04 image boots Jul 18 05:26:28 stintel: how do i trigger the error ? Jul 18 06:09:59 blogic: heh Jul 18 06:10:24 blogic: sysupgraded my apu2 - hang, try to boot it in qemu - hang Jul 18 06:10:50 how did you boot which image Jul 18 06:13:13 blogic: gunzip openwrt-x86-64-combined-ext4.img.gz; qemu-system-x86_64 -drive file=openwrt-x86-64-combined-ext4.img Jul 18 06:13:40 it boots but never remounts / rw Jul 18 06:13:54 and if you hit enter you get root@(none) or so Jul 18 06:15:19 works like a charm Jul 18 06:15:32 uname -a reports .56 Jul 18 06:16:32 remount works Jul 18 06:16:41 is rw Jul 18 06:17:06 let me touch a file and reboot to see if it persists Jul 18 06:19:24 stintel: ehm, you need to pad the combined image first Jul 18 06:19:39 because felix thought padding images by default is a waste of space, it got disabled Jul 18 06:19:59 with the end result that everyone needs to do an extra step now to use the combined images in qemu Jul 18 06:20:17 jow: no Jul 18 06:20:22 works ootb like a charm Jul 18 06:20:35 blogic: with r/w overlay? Jul 18 06:20:45 i built stintels tree Jul 18 06:20:47 because by default there is no spare space on the blockdev Jul 18 06:20:57 booted it with qemu without any issues Jul 18 06:21:00 so you end up with a ram overlay or some weird loop mount errors Jul 18 06:21:01 i booted the ext4 image Jul 18 06:21:05 let me boot squash Jul 18 06:21:13 ah right, sorry ext image Jul 18 06:21:23 * jow was referring to squash Jul 18 06:21:24 and its rw Jul 18 06:21:29 let me try that and then fix it Jul 18 06:23:35 sqsh indeed does rpeinit and then hangs Jul 18 06:26:37 jow: ok, so padding to 64k makes it boot but its stuck in ro Jul 18 06:26:57 so this but gis not related to the recent ext4 fixes or our mkfs Jul 18 06:46:30 blogic: yesterday I saw a very short stack trace with ext4_has_uninit_itable Jul 18 06:46:34 I didn't capture it though :( Jul 18 06:46:41 that's why I was looking to ext4 patches Jul 18 06:47:17 blogic: mamarley also bricked a device using ext4 images with his own 4.14.55 kernel bump attempt (which contains the ext4 fixes) Jul 18 06:47:26 blogic: you need something like dd if=/dev/zero bs=1M count=200 of=image.bin; zcat openwrt-combined-squash.bin.gz | dd of=image.bin conv=notrunc Jul 18 06:47:46 that will allocate a 200MB disk and write the image contents into the beginning Jul 18 06:48:04 but anyhow, unrelated and not new Jul 18 06:51:15 let me try again Jul 18 06:51:24 stintel: i was gonna look at the issue but if i cant trigger it ...... Jul 18 06:51:31 please retry Jul 18 06:54:36 blogic: will do Jul 18 06:56:50 and probably should enable some debug options in the kernel Jul 18 07:02:29 DonkeyHotei: ping Jul 18 07:10:37 blogic: default config boots fine here as well apparently Jul 18 07:29:56 hi, I may have asked before, but if anyone has some ixp4xx and rtl8366 experience, please let me know. https://github.com/greguu/linux_kernel_xtm2_richland Jul 18 07:30:18 any help would be much appreciated Jul 18 07:30:49 greguu: what exactly is the issue ? Jul 18 07:31:06 ah ixp Jul 18 07:31:08 i though ipq Jul 18 07:31:11 sorry, no clue Jul 18 07:34:58 stintel: erm ... ok Jul 18 07:36:04 I need some help with the RTL8366S/SR in regards to GPIO and SMI, as well as with IXP43x PHY Jul 18 07:36:14 eventually this would become a new platform Jul 18 07:36:39 so far I got it to boot to OpenWrt/LEDE userland via USB. Jul 18 07:37:07 nice hardware and can be found on ebay now plentyfull as EOL Jul 18 07:57:42 looks like there has been some recent progress. https://marc.info/?l=linux-netdev&m=153156170818706&w=2 Jul 18 08:31:29 blogic: so it's probably something in my .config then Jul 18 09:05:30 blogic: ok it's my config apparently Jul 18 09:22:21 stintel: did you figure out the offending issue? Jul 18 09:29:40 jow: unfortunately not Jul 18 09:31:53 jow: hi, would you have some time tomorrow to deal with buildbot configs? Jul 18 09:33:42 f00b4r0: not sure yet Jul 18 09:34:39 ok. I do expect something smooth this time :) Just ping me if you can. Jul 18 09:59:49 Does anyone know anything about kernel’s overmounting protection preventing the mount /proc in lxc ? I am getting permission denied... Apparmour is disabled by default, right? Jul 18 10:26:30 blogic: can you try and reproduce it with my .config ? Jul 18 10:29:40 stintel: sure Jul 18 10:29:47 mail it over, john@phrozen.org Jul 18 10:39:03 I'm sorry I can't provide any more information about the ext4 brickage on my router, but the console port failed at some point since the last time I used it, leaving it almost completely hard-bricked. Jul 18 11:00:24 DonkeyHotei: Are you using seccomp ? Jul 18 11:20:01 lynxis: ping Jul 18 14:32:04 I'm trying to work out why I only get private IPV6 addresses on my network. The WAN has a public one but I don't know why it isn't "passing stuff on". Jul 18 14:32:11 Can anyone tell me what differences are between the modes (server, relay, hybrid) in IPV6 Settings on my LAN interface? Jul 18 14:39:29 jdarnley: what prefix are you assigned on wan? Jul 18 14:39:39 jdarnley: how wide is it? 64 bits? Jul 18 14:40:48 jow: ping Jul 18 14:41:08 64 I think Jul 18 14:41:37 Overview shows "address: 2a02:.../64" Jul 18 14:42:50 Does anybody know, what code is responsible for parameters (noatime) when /proc is mounted ? Jul 18 14:44:40 muhaha: procd Jul 18 14:45:26 distemper: If I want to patch it to use relatime instead of noatime what I need to edit?? Jul 18 14:48:08 muhaha: haha, i did exactly that for lxc, once: https://paste.pound-python.org/show/NRoqN3Yv1nehP92vTpyu/ Jul 18 14:48:35 goes in package/system/procd/patches Jul 18 14:48:58 distemper: It cause error when are you trying to run unprivileged container Jul 18 14:49:08 anyone know how I can get more information about the error code "One or more fields contain invalid values!" when making a custom taboption using a template? it's sending a table with self.error[section] as "invalid" but I just cant find out what about it is invalid Jul 18 14:49:24 Who manages the openwrt download servers? Jul 18 14:49:35 muhaha: pong Jul 18 14:49:39 aparcar: me Jul 18 14:49:52 jow: distemper already answered. Jul 18 14:50:44 TheBestJohn: one of the fields should get rendered with an "cbi-input-invalid" or similar css class Jul 18 14:51:16 muhaha: unpriv containers - that was exactly my problem, too... and i always forgot to file a bug Jul 18 14:51:25 jow perfect. There is an api json request to get all hosted files, could you offer the same for all hosted targets + subtargets, without created images? Jul 18 14:51:35 distemper: thats why it isn't fixed yet :P Jul 18 14:52:17 aparcar: erm... can you draft an example in a pastebin or so? Jul 18 14:52:40 jow: that's the real issue. There's nothing popping the invalid input flag and every field that will return a nil on validate also throws error text with it Jul 18 14:53:10 Sure! Jul 18 14:53:17 aparcar: especially I don't understand what "hosted targets + subtargets, without created images" means... a simple { target: [ subtargets... ] } dict? Jul 18 14:53:20 distemper: Do you file a bug? Or Should I ? Jul 18 14:53:41 muhaha: go for it, please ;) Jul 18 14:53:47 TheBestJohn: hmm, can you pastebin some more code context? Jul 18 14:56:05 TheBestJohn: I think an invalid tag besides a successful validation could happen if the transform() function fails Jul 18 14:56:15 I've gone so far as to edit the ucisection.htm to try to tell me which field it thinks is wrong. jow: I'll see what I can put together to show what I'm doing Jul 18 14:56:32 TheBestJohn: which is usually a no-op but I'd need to see some more of your lua code to understand the context. Feel free to pm if you do not want it public Jul 18 14:57:00 jthank you Jul 18 14:57:59 TheBestJohn: another q; is your validator stateless? Or will it fail when invoked twice? Jul 18 15:03:16 im running dd-wrt on a r9000 as is not that much opened to openwrt, now the issue i have now is getting traffic to oe1 onto the wiregaurd..is anything clued onto iptables or ip route to get the traffic to the wg Jul 18 15:03:40 anyone** sorry Jul 18 15:06:43 i have tryed PREROUTING and POSTROUTING like iptables -t nat -I PREROUTING -d 10.xx.xx.xx -j DNAT --to-destination 192.168.9.20 and iptables -t nat -I POSTROUTING -s 192.168.9.20 -j SNAT --to-source 10.xx.xx.xx and then with a iptables -t nat -I POSTROUTING -o oet1 -s 192.168.9.20 -j MASQUERADE Jul 18 15:08:18 afther that i cant get any packets and nothing even though the WAN interface...however i can still Ping and Traceroute if i login into SSH with traceroute -i oet1 1.1.1.1 Jul 18 15:08:47 within the router iself. Jul 18 15:10:40 bah, gonna have to split this package up I think Jul 18 15:10:52 can't convince it to build with KernelPackages in the same makefile Jul 18 15:12:59 oh I'm a mong Jul 18 15:13:00 nm Jul 18 15:18:20 jwh: I'm not an expert and never tried this also, but remember openswitch is packaging kernel modules and apps in single makefile. Maybe You can look at it for reference. https://github.com/openwrt/packages/blob/master/net/openvswitch/Makefile Jul 18 15:18:51 yeah I forgot to change BuildPackage to KernelPackage :D Jul 18 15:19:08 the error is kinda misleading though, it just says TITLE is not set, rather than the package isn't defined Jul 18 15:19:54 stumbled on this also few times Jul 18 15:21:12 need to fix up conflicts and depends Jul 18 15:21:36 as it can't coexist with another kernel module Jul 18 15:22:19 I mean, could probably patch it Jul 18 15:22:41 or just not include the feature (since its obselete and shouldn't be used anyway) Jul 18 15:37:39 SECTION:=kernel Jul 18 15:37:40 CATEGORY:=Kernel modules Jul 18 15:37:40 SUBMENU:=Network Support Jul 18 15:37:43 hm, not showing up Jul 18 15:37:59 search reveals no symbols either Jul 18 15:39:46 jwh: where did you add it? Jul 18 15:44:16 seperate feed, then i defined KernelPackage along with the userland Jul 18 15:44:24 same place as openvswitch Jul 18 15:44:49 userland is fine, but kernel mods don't show up Jul 18 15:54:04 jow: what server runs there? Apache? Nginx? Jul 18 15:54:54 aparcar: nginx Jul 18 15:55:07 aparcar: but shouldn't matter as the json feeds are created by a perl script Jul 18 15:59:14 jow: do you mind enable this native feature? http://nginx.org/en/docs/http/ngx_http_autoindex_module.html#autoindex_format Jul 18 15:59:37 does 4mb flash device compilations include luci still or not Jul 18 15:59:44 jwh: does KCOfnIG need to be presnt for it to show up? Jul 18 15:59:51 KCONFIG Jul 18 16:00:03 sigh, present too Jul 18 16:00:08 aparcar: you still haven't told me what you actually *want* Jul 18 16:00:23 and yes I do mind enabling it as we're not using autoindex Jul 18 16:08:37 I'd like to parse the contents of /targets and /targets// to feed the attendedsysupgrade server I'm still working on. Currently I'm parsing HTML what works but is somewhat ugly. Instead I'd like to something like the ?json funktion but without responding every file existing... Jul 18 16:12:20 I understood that, but what do *want* Jul 18 16:12:29 jow: I think I could also work with ?json, but the autoindex like version seems more appealing Jul 18 16:12:31 just give me a pastebin with some sample json Jul 18 16:12:33 hm, I'm only getting half a convo Jul 18 16:12:40 oh, must be on irccloud :D Jul 18 16:12:57 oh, matrix Jul 18 16:12:59 or a random copy of the uaotindex json, I'll produce it Jul 18 16:13:09 I cannot use autoindex for other reaons Jul 18 16:14:50 jwh: yes matrix, does it cause missing messages? Jul 18 16:23:28 aparcar: so you want this? https://pastebin.com/GTCgaMJw Jul 18 16:24:02 Having issues with procd/igmpproxy - /etc/init.d/igmpproxy stop doesn't actually stop the process. Jul 18 16:24:10 gninrom Jul 18 16:24:21 ldir: is igmpproxy forking away maybe? Jul 18 16:24:37 cg for 17.01.5 :-) Jul 18 16:24:58 I'll try running manually...see what it does.. Jul 18 16:26:17 jow: sorry had to find the vim command ":sort u" first... https://paste2.org/MVjGXpVH Jul 18 16:26:28 hmm, that's exactly what it's doing. needs to stay foreground for procd from what I remember. hmm. Jul 18 16:26:40 aparcar: okay, but that is not what autoindex would produce Jul 18 16:26:52 with autoindex you would need to traverse manually Jul 18 16:27:22 jow: yes sorry for the missunderstanding, I remebered it wrong :( Jul 18 16:27:25 first /targets/, then filter all type: "directory" entries and fetch the json index for each subdir Jul 18 16:29:15 yes, to many requests. So I can also fallback to the ?json thing and sort it locally Jul 18 16:30:41 jow: nm, I still suck, missed kernel.mk heh Jul 18 16:31:00 jow: I just realized that I'd need the same for releases as well... Jul 18 16:45:10 * ldir wonders how this has ever worked Jul 18 16:47:04 fuck sake github Jul 18 16:47:12 adding .patch to a commit isn't working Jul 18 16:47:19 url that is Jul 18 16:47:51 doesn't seem to work if going via the history route Jul 18 16:51:56 I think that Microsoft bought github and probably that is explanation for your situation Jul 18 16:54:22 yes, of course Jul 18 16:56:23 aparcar: and how do you expect the release information to be formatted? Jul 18 16:58:56 anyone here familiar with the brcm2708 / rpi target? Jul 18 16:59:09 jow: i bit Jul 18 16:59:21 s/i/a/ Jul 18 16:59:30 okay, so apparently we offer .img.gz files Jul 18 16:59:44 and these have json firmware signature metadata at the end Jul 18 16:59:53 breaking Jul 18 16:59:58 probably yes Jul 18 17:00:03 which makes the gnome archive manager complain that the archive is corrupted Jul 18 17:00:12 yep Jul 18 17:00:12 leading to bug reports Jul 18 17:00:17 so question Jul 18 17:00:27 drop the metadata from the gz files Jul 18 17:00:36 1) is the jsonm meta data really meant to be at the end of the .gz image or the end of the uncompressed image within Jul 18 17:01:01 a) its just not designed properly Jul 18 17:01:06 2) what kind of formats is sysupgrade expecting? Can it handle both .img and .img.gz ? Jul 18 17:01:14 or rather when designed, it was made to "works for my HW" Jul 18 17:01:20 jow: I talked with the dev about it and when unpacking and flashing the "raw" image the flash fails... Jul 18 17:01:32 aparcar: rpi? Jul 18 17:01:41 aparcar: on owrt or on the rPi default flash method Jul 18 17:02:10 jow: yes rpi Jul 18 17:02:21 so running owrt, flashing the gzip works fine, flashing the unpackged "raw" image fails Jul 18 17:02:46 okay and flashing means passing to sysupgrade ? Jul 18 17:02:58 jow: regarding json https://paste2.org/FGPPyhE4 - I don't want to waste your time, so I can parse stuff in a different manner as well (without dosing the server :P) Jul 18 17:03:03 jow: regarding RPI, yes Jul 18 17:04:41 okay, is the same image used for initial non-openwrt flashing as well? Jul 18 17:04:53 * aparcar sent a long message: < https://matrix.org/_matrix/media/v1/download/matrix.org/ZetNUOsNqGAPzOWdGnfOILgQ > Jul 18 17:04:54 if yes I would propose the following: Jul 18 17:05:22 rename .img.gz with metadata to -sysupgrade.bin, this way nobody expects it to be some unzippeable thing Jul 18 17:05:40 and offer a metadata-free .img.gz as -factory.bin.gz Jul 18 17:06:04 Good point, I'll forward this to him Jul 18 17:06:30 (except he reveals himself within the next minutes to be actually in this channel) Jul 18 17:06:43 are you talking to alvaro? Jul 18 17:07:44 no, christian lamparter Jul 18 17:08:05 i've got him in my jabber Jul 18 17:08:06 hang on Jul 18 17:08:10 jow: good idea Jul 18 17:09:02 jow: posted our proposal to him Jul 18 17:10:20 btw we had a discussion regarding the use of TARGET_IMAGES_GZIP, that this option should be removed (at least for some targets like x86, rpi) to save some bandwidth and confuse less: even with the option disabled the image x86 and rpi images are still compressed Jul 18 17:10:29 blogic: thanks Jul 18 17:13:02 jow: https://downloads.openwrt.org/releases/18.06.0-rc1/?json does not work :( Jul 18 17:13:26 oh and https://downloads.openwrt.org/ stills says .4 is the latest release Jul 18 17:18:49 aparcar: https://downloads.openwrt.org/releases/18.06.0-rc1/targets/?json Jul 18 17:22:58 aparcar: https://downloads.openwrt.org/releases/18.06.0-rc1/targets/?json-targets Jul 18 17:23:09 thanks Jul 18 17:23:31 awesome Jul 18 17:27:00 jow: ACK for creating a factory image without metadata for the rpi Jul 18 17:27:01 okay, works flawlessly Jul 18 17:29:06 aparcar: do you still need the non-targets json thing yet? I consider changing it to mimick the nginx json (type, size, date, name) and only one level deep Jul 18 17:29:23 thats more useful and can then be activated for all directories Jul 18 17:29:40 ... not just .../targets/ Jul 18 17:30:43 wouldn't that expose the secret 18.06-snapshots folder? Jul 18 17:31:08 no if I adapt my secret filter code :^) Jul 18 17:31:44 regarding the upgrade server, I'd stick to manually setting releases and would like to keep the json-targets functions as it saves the script from crawling Jul 18 17:32:06 it also not really secret, its jsut not there in the html view to prevent people from randomly clicking the most attractive looking link Jul 18 17:32:37 ... and then writing bug reports about not installable kmods with "the latest release" Jul 18 17:33:18 snapshots isn't as self explaining as "unstable" I'm afraid Jul 18 17:33:22 i've never yet seen a project with a version number of "latest" ;-) Jul 18 17:34:35 could be a cool release name. anyway I think ?json is actively used by m. warnings firmware wizard, I'd like to use ?json-targets and some generic way to know the latest release would be interesting as well, so the server could run fully autonomous Jul 18 17:35:07 I would like that too, would save me the hassle of updating index.html all the time Jul 18 17:35:19 Fishman: I think docker thinks that's the way to go Jul 18 17:35:48 jow: yea, these frequent releases of OpenWrt are insane... Jul 18 17:36:12 I know, having to update that index.html every 10 months is hard Jul 18 17:36:27 as you've seen, it didn't work ... again Jul 18 17:39:16 ldir: ping? Jul 18 17:40:46 besides mkresin, who else is maintaining ramips? Jul 18 17:45:46 f00b4r0: blogic and nbd Jul 18 17:45:57 jow: thanks. Jul 18 17:46:47 blogic, nbd could you take a look at #1185 and give your opinion? Jul 18 17:47:11 jow: are the script public you just created for json created? (ofc except of the filter parts ;)) Jul 18 17:50:49 blogic, nbd, jow: and #1184 too, now :( Jul 18 17:51:15 btw I created a "meta-imagebuilder" script that simplifies the handling of multiple imagebuilder instances as well as auto updates snapshots if they're outdated: https://github.com/aparcar/meta-imagebuilder/ Jul 18 17:51:16 The script is only a shell one as I'm lacking Makefile knowledge, but ideally this could be usable just like a regular imagebuilder with additional TARGET and SUBTARGET arguments Jul 18 17:52:27 aparcar: https://github.com/jow-/LEDE_Download_Index_Page Jul 18 17:55:25 jow: thanks Jul 18 18:18:17 hey uh, clever kernel people Jul 18 18:19:02 https://github.com/rakshasa/rtorrent/issues/156 Jul 18 18:19:10 is this still relevant on mips? Jul 18 18:19:26 or does gcc fix it up on its own Jul 18 18:20:26 mkresin: you do have an interesting definition of 'consensus' Jul 18 18:22:46 and if not, is __sync_add_and_fetch_4 safe on other platforms, or should I ifdef it for mips only? Jul 18 18:23:43 have only build tested x86 so far, so don't know it will actually run Jul 18 18:25:20 f00b4r0: I'm sorry, but I'm not going to waste more time on this. I provided alternative ways of doing what you are trying to do, but you refused ayn kind of input Jul 18 18:28:45 f00b4r0: as I'm not the first dev ending in that deadlock with you, I felt it would be better for both of use to make a decision Jul 18 18:32:56 f00b4r0: mkresin: what is the dispute about? Jul 18 18:33:17 I only watched the PRs from the distance and do not understand the problem Jul 18 18:33:48 mkresin: you did not offer alternative ways you demanded I do what you wanted Jul 18 18:34:08 mkresin: and you didn't wait for feedback from other committers to decide there was no consensus and close the PR. Jul 18 18:34:22 that's not what I (or the Oxford dictionary of English) call "consensus" (or lack thereof) Jul 18 18:37:27 i'm scatterbrained schizophrenic and i forgot who i was working on NAND stuff for the ar300m with. Jul 18 18:39:46 AR750S support looks to be added as of May 2018 but not for the NAND flash. Jul 18 18:40:08 afaik this is because LEDE team is in the process of making a universal NAND driver for all of the platforms? Jul 18 18:43:30 also, is #ifdef mips sufficient? Jul 18 18:44:25 ah, appears to be on gcc, that will do Jul 18 19:12:19 What is the best way to export an GPIO via devicetree? I did some gpio probing on my ER-X-SFP. Now I want to add the some outputs (POE) and inputs to the device tree Jul 18 19:14:01 yesssssssss, kmods build Jul 18 19:14:13 now to see if I've missed anything and need to update userland Jul 18 19:41:50 https://github.com/joeholden/staging-packages Jul 18 19:41:51 testing pls :D Jul 18 20:16:26 distemper: ping Jul 18 20:20:15 hm Jul 18 20:20:47 missing a shared library Jul 18 20:20:49 * jwh tinkrs Jul 18 21:06:54 looking at commits, fritzbox devices are getting a lot of OpenWrt love recently. I like it. Jul 18 21:07:44 especially glad to see more devices with internal modems supported. Jul 18 21:35:37 hi Jul 18 22:38:41 drmr: some of the fritzbox work is done by blocktrron , kudos to him ;) Jul 18 22:39:12 tip o' the hat, absolutely. Jul 18 22:39:45 I think He means mainly the lantiq stuff i have no stakes in Jul 18 22:40:38 ah, ok Jul 18 22:40:59 you've been working on the non-modem FBs Jul 18 22:41:39 not long ago, mkresin added the 3370 (which I'm using right now) ... 02d53e6a2113f80ae429664e7990d167fbf44604 today added the 7312. Jul 18 22:42:21 things are really looking up in annex-b land. Jul 18 22:44:58 Yeah, i also tried it. Interesting they put a dualband radio in there Jul 18 22:46:14 There was also support for the 7412 on the mailinglist. I have one here but did not yet tried the ability to use the device as a dumb modem, which i'm very interested in Jul 18 22:47:48 drmr: i'm still trying to get a usb-wifi-stick working to have true dual-band with the 3370 :-/ Jul 18 22:48:44 I'm using a tiny usb stick on the back for the two or three 2.4 GHz legacy devices in my home. Jul 18 22:49:06 and, obviously, the internal one for 5ghz. Jul 18 22:49:15 works perfectly fine. Jul 18 22:49:45 (my apartment is not particularly large, so the mini stick covers it just fine.) Jul 18 22:50:30 it's been a month since i last tried to get the stick running, i'll try again soon Jul 18 22:50:30 (in this regard, OpenWrt support for the 3390 would be amazing, but really it only differs in the dual-band wifi.) Jul 18 22:51:10 it was detected as a device but i couldn't get it detected as a wifi interface Jul 18 22:51:54 I just plugged it in, installed a handful of kmods for rt2800, wifi detect, done. Jul 18 22:52:27 ok, ive got a ath9k here Jul 18 22:53:23 mh, not familiar with those ones, but I think they need some kmods too. Jul 18 22:54:45 sure they need, i had them working with something openwrt cc based, maybe i try them again using another router running CC to test if it's me or just the newer release having a problem Jul 18 22:59:21 possible. I'm not hugely familiar with the topic, but ath9x seems to still be a point of contention with recent development. Jul 18 23:00:11 well, my ath9k devices are all working very well, but the usb stick needs another variant of the kmod Jul 18 23:14:48 yar, I have a rt28xx that detects with iw list, and lspci, but doesn't actually _work_ either. Jul 19 00:11:47 hrm i think i figured out what might be the cause of the link flapping. i've got a gpio irq handler set to RT (the pps line from the gps). the link/up down seems to be preceded by "jitter" reported by the pps driver. maybe there's noise on the pps line that's starving other interrupts? https://paste.ee/p/qWOZF#6LTQgcH7rn7yIHxRIGaWnbLkRieATSuz Jul 19 00:14:52 idk though, the dmesg timestamps seem inconsistent relative to the syslog timestamps. maybe they're being buffered and flushed at different times. Jul 19 00:15:30 Hello friends. Long time openwrt user looking for a hardware upgrade. Just moved into a new house, ISP offers gigabit. My trusty old archer c7s can push more than a gigabit over wifi, real world, but unfortunately it can't seem to NAT at that speed. Jul 19 00:15:55 What would you guys recommend as a good router? Only a router would be ideal, no wifi. Jul 19 00:16:12 might as well use the c7s for something Jul 19 00:16:40 MyFaceWhen: you can get an ubiquiti edgerouter-x for 50-60$. dual core 880mhz mips, but there is support being worked on to use the hw acceleration feature of the SoC Jul 19 00:17:56 oops, what did I miss Jul 19 00:18:07 MyFaceWhen: you can get an ubiquiti edgerouter-x for 50-60$. dual core 880mhz mips, but there is support being worked on to use the hw acceleration feature of the SoC Jul 19 00:18:26 ah, thanks. I had a routerstation pro for years, loved it. Didn't know they made that stuff nymore Jul 19 00:18:27 however, the nat accel isn't compatible with SQM/QoS apparenntly. something to consider. Jul 19 00:18:43 well it's a finished product. they don't do sbc's anymore. Jul 19 00:18:53 * m4t has been using rspro since 2010, for wifi+router Jul 19 00:18:54 ah Jul 19 00:21:12 MyFaceWhen: WRT3200ACM Jul 19 00:21:19 MyFaceWhen_ Jul 19 00:21:24 do you know if the chip can keep up with qos without the hardware accelleration? Jul 19 00:21:54 at a 1gbit line speed Jul 19 00:22:00 doubt it Jul 19 00:22:02 That's the most powerful OpenWRT-capable router. If you need higher, get APU2 board from PCEngines. Jul 19 00:22:48 i dont think apu2 can do gigabit nat+qos can they? Jul 19 00:23:14 hmm maybe with the new fast path stuff Jul 19 00:23:32 I think for gigabit DonkeyHotei went with a HP thin client. Jul 19 00:23:41 It's more powerful than APU2. Jul 19 00:24:02 i've got a wyse thin client w/ a dual core amd. fanless. but only 1 gigabit port :/ Jul 19 00:24:08 x86 with good kernel 4.4 drivers is the best option then? Jul 19 00:24:12 Build your own from mini-ITX board and at least a modern Celeron. Jul 19 00:24:16 there's a minipcie you could run a wire/jack out of the case with i guess Jul 19 00:24:18 Better Pentium. Jul 19 00:26:42 more cores or more hz in general for pure routing + qos? Jul 19 00:26:56 would more than 2gb ram be overkill? Jul 19 00:29:07 more Hz Jul 19 00:29:21 I think so at least. Jul 19 00:29:31 I don't think NAT can run on multiple cores. Jul 19 00:29:42 VPNs usually don't run on multiple cores either. Jul 19 00:29:56 Get 4GB, RAM is cheap. Jul 19 00:30:24 OpenWRT can run on 256MB even. Jul 19 00:30:32 it's just so funny, my little c7 has 128mb and a single core and can nat at 500mbps Jul 19 00:30:51 You don't need to throw c7 away, use it as AP. Jul 19 00:30:53 having that much power seems like overkill, but I'll take your word for it Jul 19 00:30:57 oh I will, I have 3 Jul 19 00:31:03 But if you want to run pfSense or OPNSense, use at least 4GB or so. Jul 19 00:31:04 802.11r working too Jul 19 00:31:28 pfSense is a full-fledged FreeBSD installation. Jul 19 00:32:02 I personally prefer OpenWRT for a gateway though. I need Wireguard support. Jul 19 00:32:23 Or at least Shadowsocks. Basically I need to encrypt my traffic while not slowing it down. Jul 19 00:32:47 my ISP blocks half of Internet Jul 19 00:32:55 thank you guys so much for all the info! I'll post back in a few days with what I come up with. Thanks again Jul 19 00:34:41 My ISP is very fast for rural Russia but blocks lots of websites. Jul 19 00:34:49 100Mbps. Jul 19 00:35:31 Oh and their DPI slows that down to 50Mbps but Shadowsocks sped that up to 80Mbps. Jul 19 00:36:43 I may move to a larger town where max speed is 300Mbps, but I need a VPN+NAT box that can handle the load. Jul 19 00:38:17 i feel for you... Jul 19 00:38:39 but it seems the DPI is not as bad as in china^^ Jul 19 00:38:43 Wireguard may take less CPU than Shadowsocks but it doesn't obfuscate the traffic. Jul 19 00:38:53 It still looks like VPN traffic. Jul 19 00:39:14 I suspect that exploit injection happens sometimes too. Jul 19 00:39:20 in RU. Jul 19 00:39:41 is the traffic to russian datacenters filtered, too? if not, you could rent a box there to serve as a Hop Jul 19 00:39:48 Government requires mitmboxes installed by all ISPs. Jul 19 00:40:20 I prefer Sweden or Finland I guess. Jul 19 00:40:39 To be completely outside of censoring/exploiting devices' area Jul 19 00:41:04 so mitm even happens between you and other in-russia-locations? Jul 19 00:41:42 I think MitM happens early in the connection. Jul 19 00:41:45 ultimate solution: moving to another country... *duck* Jul 19 00:42:07 it can be mitm or man on the side then. Jul 19 00:43:19 This may happen in any country lol. but only if *they* targeted *you* or some group you are in specifically. It's not wholesale. Jul 19 00:44:05 e.g. if you are coordinating protests or anti-government activity. But sometimes they sweep up the innocent people. Jul 19 00:44:31 So you can never feel completely safe. Jul 19 00:45:11 sometimes the selectors choose some innocent people while missing the real targets, and you have no idea what you said that caused you to be painted. Jul 19 00:45:38 I guess if you are exploited once, it can find you again anywhere. Jul 19 00:45:50 even if you completely replace all software and hardware. Jul 19 00:49:09 of course you need to change all the underwear, too. Jul 19 00:49:30 Yeah, you're right. Jul 19 00:49:43 :-D Jul 19 00:51:10 e.g. logging into any account you used to log into = instant mitm 0day attack. Jul 19 00:51:46 sounds dystopian, right? Jul 19 00:52:18 I wonder why OpenWRT doesn't try directly competing with pfSense? Jul 19 00:52:55 Selling firewall appliances for $499 or something. Jul 19 00:53:06 then it'd end up like netgate :( Jul 19 00:53:08 While they sell them for $599. Jul 19 00:53:35 netgate used to be pretty cool, like baltic networks Jul 19 00:53:40 selling sbc's and antennas and stuff Jul 19 00:54:09 netgate is not actually scam, their products work, but they cost 2x what they cost as diy. Jul 19 00:55:36 OpenWRT should really work at OpenWRT-in-a-datacenter products and beat pfSense. Jul 19 00:55:53 no way Jul 19 00:55:59 OpenWRT is Linux-based and that's the main advantage. Jul 19 00:56:09 openwrt should not be commercialized Jul 19 00:56:14 nor should debian etc. Jul 19 00:56:30 a network of paid consultants at the most Jul 19 00:57:43 https://store.netgate.com/APU4.aspx Jul 19 00:57:54 Not $599 but still. Jul 19 00:58:31 They charge more for simply preinstalling pfSense. Jul 19 00:58:32 i've found the oem's of some of their other products (not apu)...you can buy them cheaper unbranded Jul 19 00:58:46 QOTOM and Partaker? Jul 19 00:58:54 yeah something like that Jul 19 00:59:03 one of the big network appliance makers Jul 19 01:00:40 Ah, that's Chinese. Of course it's very cheap but not reliable IMO. Jul 19 01:00:53 They will never get BIOS and driver updates. Jul 19 01:01:00 They are one-off releases. Jul 19 01:02:01 I wish PC Engines released something with faster CPUs. Jul 19 01:02:22 Or maybe even a gaming PC board lol. I don't think any gaming board has coreboot. Jul 19 01:02:52 I would buy a gaming PC based on coreboot for more security. Jul 19 01:03:09 and option to require signed versions of coreboot only. Jul 19 01:03:32 AMT BIOS has code that dates back to 80s. Jul 19 01:03:45 of course it got to have security vulnerabilities. Jul 19 01:04:31 what's that SBC thing m4t? Jul 19 01:05:01 dunno? Jul 19 01:06:00 you mentioned them. Jul 19 01:06:03 https://store.netgate.com/Cable/NM9FF.aspx Jul 19 01:06:07 Nostalgia. Jul 19 01:07:03 oh they used to have a much wider selection of sbc's Jul 19 01:07:11 i think part of that is that not as many exist these days Jul 19 01:07:33 i bought my rspro+case from them Jul 19 01:08:07 https://store.netgate.com/SG-1000.aspx Jul 19 01:08:26 any idea who's OEM? Jul 19 01:10:02 That's a cool device, like RPi with 2 Gigabit ports. I have so many ideas how to use it. Jul 19 01:10:46 says adi engineering on the pcb Jul 19 01:10:49 Like a travel router for example. Jul 19 01:10:59 just without wifi. Jul 19 01:12:10 I would really want something sized like this but with x86 CPU. Jul 19 01:12:14 and wifi Jul 19 01:12:21 I guess impossible. Jul 19 01:13:23 http://www.adiengineering.com/products/micro-firewall/ Jul 19 01:15:06 Damn koops. That is crazy. I would love to discuss how your internet works there in PM. Jul 19 01:32:37 stop it Jul 19 01:32:37 :D Jul 19 01:34:20 what the shit, how did I break this Jul 19 01:34:25 Required libcrypto-0.9.8 or probably later (openssl-0.9.8) not found. Jul 19 01:34:26 :( Jul 19 01:34:32 maybe I had a package enabled Jul 19 01:34:45 or its being built before openssl Jul 19 01:36:14 ah yes, ordering Jul 19 01:44:17 Hash of the downloaded file does not match (file: 3ef1f21a998f340713a0259e61bce3f16accf7300914e71335e5e801e3d8c2cb, requested: e07d538704aa65e477b6a392b32ff9fc5edf75ab9a40ddfc876186c4ff4d68ac) - deleting download. Jul 19 01:44:26 hm, shady Jul 19 01:44:44 thats libpcre2, openwrt copy matches though Jul 19 02:22:38 build #49 of lantiq/xrx200 is complete: Success [build successful] Build details are at http://release-builds.openwrt.org/18.06/images/builders/lantiq%2Fxrx200/builds/49 Jul 19 02:26:19 build #48 of brcm2708/bcm2709 is complete: Success [build successful] Build details are at http://release-builds.openwrt.org/18.06/images/builders/brcm2708%2Fbcm2709/builds/48 **** ENDING LOGGING AT Thu Jul 19 03:00:02 2018