| mappps | hi all | 03:48 |
|---|---|---|
| diddledan | morning mappps | 04:27 |
| mappps | morning..still up or just got up? | 04:28 |
| diddledan | still up :-p | 04:28 |
| mappps | ;D | 04:30 |
| MooDoo | hello all | 06:57 |
| === Kris_Douglas is now known as KrisDouglas | ||
| knightwork | Morning | 08:11 |
| czajkowski | aloha | 08:12 |
| davmor2 | Morning all | 08:17 |
| davmor2 | I miss JamesTait's morning greetings he so has to have a bot in place for next year | 08:18 |
| brobostigon | morning boys and girls. | 08:18 |
| knightwork | ehlo brobostigon , czajkowski | 08:18 |
| brobostigon | hello knightwork | 08:18 |
| knightwork | Watching a youtube video on how to get my simcard out of my Oneplus one. | 08:20 |
| knightwork | it slid off the simcard cassette and is now stuck inside the device | 08:20 |
| brobostigon | eeeek, | 08:21 |
| knightwork | yep , the thing needs surgery now. | 08:22 |
| brobostigon | oh dear, good luck. | 08:22 |
| knightwork | brobostigon: should work if I slide a plastic card into it to "guide it out". | 08:23 |
| knightwork | after that i'm kinda done with the oneplus i think. | 08:23 |
| knightwork | next phone will probaly be a huawei or something. | 08:24 |
| nucc1 | when i see stories like this, i kinda feel glad i stick to the well-known brands :p | 08:37 |
| nucc1 | although my sony xperia z3 was a crappy build too — screen fell right off after about 3 months — poor glue job | 08:37 |
| nucc1 | and sony support is practically non-existent. | 08:40 |
| diplo | Morning all | 08:50 |
| diplo | Anyone fancy helping with a mail issue I'm having, "timed out while send Mail From" 442 error, it was just just one domian recieinb email from | 08:51 |
| diplo | now 2-3 | 08:51 |
| diplo | Anything to look out for ? | 08:51 |
| nucc1 | port 25 working? | 08:59 |
| nucc1 | or is the mail client configured with the correct port? | 08:59 |
| nucc1 | and TLS or Starttls ? | 08:59 |
| diplo | From what I can see it can be related to the sending server thinking you're spam but we're not in any blacklists | 09:05 |
| nucc1 | timed out suggests a network issue | 09:07 |
| diplo | Yeah I thought the same ( Sorry issues with line herre, keep getting disconnected ) | 09:08 |
| diplo | Yeah receive 100's of other mails, just ttwo domains so far that are an issue | 09:08 |
| diplo | Another thing I've just read is about MTU's being different on router / mail server | 09:09 |
| nucc1 | that shouldn't matter | 09:09 |
| nucc1 | TCP has a way of dealing with that. | 09:09 |
| nucc1 | if your internet is ADSL, you almost always have a lower MTU than the typical | 09:09 |
| nucc1 | there's only a problem with MTU if your MTU is bigger and there is a misconfigured router in the way that is not sending ICMP messages informing your router | 09:10 |
| nucc1 | diplo: try sending a small test email with no attachments. see if that goes through. | 09:11 |
| diplo | yeah it's from remote mail to my clients, my emails go to them fine, it's just from two domains | 09:11 |
| diplo | But those 2 customers are huge and want top make sure I've checked everything my end first before approaching them | 09:13 |
| nucc1 | you can't receive emails from 2 domains, or you can't send emails to those two domains? | 09:15 |
| diplo | Receive | 09:15 |
| nucc1 | if the problem is receive, then the problem is at your end. | 09:15 |
| diplo | And I can receive, it's sporadic 4.4.2 messages they get, some emails come through others don't | 09:16 |
| nucc1 | take some network captures on your mail server and see what's happening | 09:16 |
| diplo | 100's of other emails come through fine each day | 09:16 |
| diplo | hehe, just reading a post about that right now | 09:16 |
| diplo | Rebooting my router brb can't deal with this lag | 09:16 |
| nucc1 | tcpdump -i any -s0 -w /var/tmp/smtp.cap host <mail-server-ip> and port <mail-port> | 09:16 |
| diplo | k thanks | 09:18 |
| nucc1 | that will generate a file in /var/tmp/smtp.cap which you can view in wireshark | 09:18 |
| nucc1 | you run that capture, and send a test email (it's easier to see what's happening if there's no tls) | 09:19 |
| * bashrc_ also has a mesh icmp issue, which is probably firewall related | 09:19 | |
| nucc1 | if you know the source IP of the smtp client from which the email will arrive, it's also easier to follow the relevant tcp stream | 09:19 |
| nucc1 | bashrc_: what issue? | 09:19 |
| bashrc_ | at the weekend I was trying to set up batman adv. I could see the test peer via avahi, but couldn't ping it | 09:20 |
| nucc1 | likely firewall doesn't allow icmp yes — which is a bit of a silly thing to do anyway | 09:21 |
| bashrc_ | indeed the default firewall is pretty strict. Is there a port for icmp? | 09:22 |
| diplo | k thanks | 09:24 |
| nucc1 | bashrc_: icmp is a layer 3 protocol. no ports. | 09:25 |
| bashrc_ | ah. So can it be blocked via firewall? | 09:26 |
| nucc1 | yes, a sensible firewall should have a checkmark that says "allow icmp" | 09:26 |
| nucc1 | Windows Firwall blocks icmp by default too | 09:26 |
| bashrc_ | almost certainly I don't have that, so will need to check | 09:26 |
| * bashrc_ is using iptables | 09:26 | |
| nucc1 | i never figured out how to allow icmp except by disabling the damn thing | 09:26 |
| bashrc_ | I have an ultra strict firewall which blocks all the things, and then I selectively open only the needed ports | 09:27 |
| nucc1 | ping is icmp-type echo-request and echo-reply | 09:28 |
| nucc1 | probably wiser to allow all icmp | 09:28 |
| bashrc_ | yes | 09:28 |
| nucc1 | some people think that disabling icmp improves security, but it doesnt. | 09:28 |
| nucc1 | disabling icmp is like shooting the internet in the foot | 09:28 |
| nucc1 | people can still detect that your server is live by opening a connection to port 80, 443, 25, etc | 09:29 |
| bashrc_ | for the regular internet server I do disable icmp (I don't need it), but for mesh being able to ping is useful | 09:29 |
| nucc1 | especially for the internet server, you shoudl enable icmp | 09:29 |
| nucc1 | icmp is the mechanism via which clients detect mismatch on MTU and workaround it | 09:29 |
| nucc1 | when a client sends a packet that is too big, the router is supposed to send an ICMP Fragmentation-Needed packet | 09:30 |
| nucc1 | the receiving client then knows to use smaller packets. | 09:30 |
| nucc1 | If firewalls drop this icmp, the connection will eventually fail, because the packets aren't making it through, and the client is not being told | 09:30 |
| nucc1 | and like i said, disabling icmp does not make you "invisible" on the internet. | 09:31 |
| bashrc_ | in my case disabling icmp on the internet server doesn't have any deleterious effects. It's been running for years that way | 09:32 |
| nucc1 | you might not realise it | 09:33 |
| nucc1 | if your server is not critical, people would just ignore any issues they have with it | 09:34 |
| nucc1 | you're not less safe if you enable it | 09:34 |
| nucc1 | personally, i use 2-Fa auth, and fail2ban | 09:35 |
| bashrc_ | http://www.cyberciti.biz/tips/linux-iptables-9-allow-icmp-ping.html | 09:35 |
| nucc1 | i only use iptables to block outright abusers. | 09:35 |
| nucc1 | bashrc_: ping is not important. it's the other icmp types that are important. | 09:36 |
| bashrc_ | in my case I'd just like to test mesh peers with ping | 09:37 |
| bashrc_ | I can use batctl ping, but I also want to test layer 3 | 09:37 |
| === Kris_Douglas is now known as KrisDouglas | ||
| bigcalm | Good morning peeps :) | 10:22 |
| davmor2 | Morning bigcalm | 10:23 |
| popey | afternoon | 10:23 |
| bigcalm | So, back to trying to upgrade these client servers | 10:25 |
| bigcalm | Being ill last week got in the way a little | 10:25 |
| popey | clients or servers? | 10:25 |
| bigcalm | Servers owned by a client | 10:25 |
| davmor2 | popey: their clients, servers | 10:25 |
| bigcalm | Client's servers | 10:26 |
| bigcalm | <jpds> bigcalm: It's more likely that they block port 11371 | 10:26 |
| bigcalm | <jpds> bigcalm: Try: hkp://keyserver.ubuntu.com:80 | 10:26 |
| bigcalm | So I tried this: http://paste.ubuntu.com/12106844/ & http://paste.ubuntu.com/12106850/ | 10:26 |
| davmor2 | popey: keep up it's only been a fortnight since he spoke about it last what's wrong with you ;) | 10:26 |
| bigcalm | It was last Tuesday | 10:27 |
| bigcalm | apt-get update still fails: http://paste.ubuntu.com/12106878/ | 10:28 |
| davmor2 | bigcalm: that's like a month in canonical time ;) | 10:28 |
| bigcalm | Heh | 10:28 |
| davmor2 | bigcalm: sounds like the system they use is using a bastardised version of ubuntu possibly | 10:29 |
| popey | well, again, you need the key :) | 10:29 |
| bigcalm | 5 weeks to beer train :) | 10:29 |
| bigcalm | popey: but the import with apt-key didn't work I take it | 10:30 |
| popey | i just tested that command and it worked perfectly from my machine here | 10:30 |
| popey | (the sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 40976EAF437D05B5 ) | 10:30 |
| bigcalm | Okay, so I did get the correct format | 10:31 |
| popey | yes | 10:31 |
| bigcalm | The client's hosting company is getting in the way with their firewall I guess | 10:31 |
| popey | http://paste.ubuntu.com/12106897/ | 10:31 |
| popey | you can test that with telnet surely? | 10:31 |
| popey | telnet keyserver.ubuntu.com 80 | 10:32 |
| awilkins | At the worst you could get the key manually and paste it into the terminal? | 10:32 |
| popey | then "GET /" and see what happens | 10:32 |
| popey | you should get a bunch of html from cassava.canonical.com | 10:32 |
| popey | if you don't then probably a firewall or some other nonsense in the way | 10:32 |
| bigcalm | http://paste.ubuntu.com/12106909/ | 10:33 |
| bigcalm | It returned HTML, but with a status 400 | 10:34 |
| popey | ok, good, so not a firewall issue | 10:34 |
| bigcalm | I get the same response from my machine here | 10:35 |
| awilkins | Response is from a squid proxy | 10:35 |
| popey | there are lots of results on google for "gpg: [don't know]: invalid packet (ctb=2d)" | 10:36 |
| popey | like you're receiving a corrupt key | 10:36 |
| jpds | bigcalm: Can't you just put the key into a text file and copy and paste it into the server? | 10:36 |
| popey | bigcalm: what happens if you just "gpg --recv-key 1054b7a24bd6ec30" ? | 10:37 |
| bigcalm | jpds: it may come to that | 10:37 |
| popey | yeah, you could just get it from http://pool.sks-keyservers.net:11371/pks/lookup?op=get&search=0x1054B7A24BD6EC30 | 10:37 |
| jpds | bigcalm: Seems like it'll make your life easier | 10:37 |
| popey | doesn't explain why it fails to get it though | 10:37 |
| bigcalm | guruuser@GRU01DBS01TEST:~$ gpg --recv-key 1054b7a24bd6ec30 | 10:38 |
| bigcalm | gpg: requesting key 4BD6EC30 from hkp server keys.gnupg.net | 10:38 |
| bigcalm | It's sitting there, doing nothing | 10:38 |
| bigcalm | I guess it'll timeout | 10:38 |
| jpds | bigcalm: Nice hostname | 10:38 |
| bigcalm | :D | 10:38 |
| nucc1 | usually those hostnames are derived from a pattern | 10:39 |
| nucc1 | sometimes, organisation, department, location, and a serial | 10:39 |
| bigcalm | Which would make sense for a hosting company | 10:39 |
| nucc1 | yea | 10:39 |
| awilkins | Ugh, I hate those hostnames | 10:42 |
| awilkins | And I know they have a purpose | 10:42 |
| nucc1 | they are easy to work with once you know the pattern | 10:42 |
| nucc1 | it's better than "fancy" names which you have to remember | 10:43 |
| nucc1 | somebody tells you we have a problem with the accounting server 03, and you can workout the hostname | 10:43 |
| nucc1 | if they all have star names or movie character names etc, then you need a lookup to determine which accounting server is being referred to | 10:43 |
| awilkins | I say have both... a scheme of boring names for that reason, and memorable names for other reasons | 10:43 |
| awilkins | I tend to select names that have *some* correlation with the server purpose | 10:44 |
| awilkins | Gods from old pantheons are good :-) | 10:44 |
| awilkins | Like haephestus for a build server | 10:44 |
| nucc1 | memorable names tend not to work | 10:45 |
| * bashrc_ named one server "Zardos" | 10:45 | |
| * jpds always names his stuff after a theme | 10:49 | |
| jpds | Plenty of "List of" wikipedia pages | 10:49 |
| popey | we used to use themes | 10:50 |
| popey | we don't seem to anymore | 10:50 |
| popey | i blame jpds | 10:50 |
| jpds | popey: I blame cloud | 10:50 |
| awilkins | I started using Wikipedia lists of things to name releases in the Ubuntu manner ( Apple, Banana, Clementine ) | 10:51 |
| awilkins | Themed, where possible (for software designed to do things for a surgical classification, particular operations) | 10:52 |
| awilkins | (the one for diseases was great fun) | 10:52 |
| awilkins | opening with your "Anthrax" release :-) | 10:52 |
| popey | we used to use herbs, birds | 10:53 |
| popey | elements, rocks? | 10:53 |
| popey | painters... | 10:53 |
| popey | https://launchpad.net/builders | 10:53 |
| jpds | popey: So you don't like Gatwick? | 10:54 |
| popey | haha | 10:54 |
| awilkins | Ah, good old lgw-01-22 | 10:54 |
| jpds | lcy01-13 was always my favourite | 10:54 |
| popey | I had a build fail on lgw01-12 yesterday :( | 10:55 |
| popey | knew he was no good | 10:55 |
| popey | https://launchpad.net/~ubuntu-touch-coreapps-drivers/+archive/ubuntu/daily/+build/7805065 :( | 10:56 |
| jpds | Well, can't really blame him given it's libreoffiec | 10:56 |
| popey | it builds locally | 10:57 |
| awilkins | That's always a problem with people not checking in local resources though :-P | 11:00 |
| === rich is now known as trickyBytes | ||
| bigcalm | I've gone with the installing keys from files, but apt-get update is still unhappy: http://paste.ubuntu.com/12107046/ | 11:04 |
| bigcalm | I then wondered what sudo apt-key list would give: http://paste.ubuntu.com/12107047/ | 11:05 |
| bigcalm | Not sure where to go from here | 11:07 |
| popey | file a support ticket with provider? | 11:07 |
| bigcalm | Already did so with the client who then talks to the provider. Client has gone on holiday for 2 weeks | 11:09 |
| bigcalm | If there is nothing else I can do, I'll move on to other things I guess | 11:09 |
| === alan_g is now known as alan_g|lunch | ||
| davmor2 | popey: this will make you smile I just had an insurance quote at £722 :D When I said ouch I think she knew they had not got the sale :) | 12:46 |
| popey | hah | 12:48 |
| popey | why so high? | 12:48 |
| davmor2 | popey: my average is around £360 | 12:49 |
| popey | our babysitter just got a brand new Audi on lease, for insurance she has to have a black box tracking her speed etc | 12:49 |
| popey | mine's about 270 iirc | 12:49 |
| directhex | i have no idea what i'm paying for insurance | 12:49 |
| directhex | i had to fork over a few quid extra vs. the prius, mid-policy | 12:49 |
| davmor2 | popey: Our issue is that our address is on one of the busiest roads in wolverhampton it also how like 8 sets of traffic lights that people refuse to stop for if they can avoid it so there are plenty of accidents so mine goes rocketing | 12:51 |
| directhex | renewal is october | 12:51 |
| davmor2 | popey: our old address the other side of the carpark the same carpark the car is still parked on was £160 cheaper | 12:52 |
| davmor2 | sorry £120 | 12:52 |
| popey | blimey | 12:55 |
| zmoylan-pi | your baby sitter drives an audi... | 13:02 |
| popey | yes. | 13:02 |
| * bigcalm drums his fingers waiting for the Talos Principle to download on the office computer | 13:03 | |
| bigcalm | Office broadband sucjs | 13:03 |
| bigcalm | and sucks | 13:03 |
| zmoylan-pi | or more accurately lacks suckage :-) | 13:03 |
| === alan_g|lunch is now known as alan_g | ||
| bigcalm | directhex: I have screen shots of you getting out of a coffin. It's most disturbing | 13:04 |
| directhex | bigcalm: sounds like a friday night to me | 13:04 |
| bigcalm | I guess you are the only person I know on Steam who has played the game, so your name keeps popping up | 13:05 |
| bigcalm | Would see other names if other people played it | 13:05 |
| bigcalm | Or are you Elohim? | 13:07 |
| bigcalm | Is there a way to get a process back after it has been started with a trailing & | 16:13 |
| bigcalm | ? | 16:13 |
| popey | reptyr can do that | 16:15 |
| daftykins | hmm there's something about foregrounding | 16:15 |
| popey | https://github.com/nelhage/reptyr | 16:15 |
| popey | not tried it for a while tho | 16:15 |
| bigcalm | iain@dumbo:~$ reptyr 26080 | 16:17 |
| bigcalm | Unable to attach to pid 26080: Operation not permitted | 16:17 |
| bigcalm | It's a cp that I should have started behind a screen | 16:17 |
| zleap | 20,000 that is a lot of processes if you have nearly 20,000 | 16:17 |
| bigcalm | Was trying to move it over, but did an incorrect step | 16:18 |
| bigcalm | iain@dumbo:~$ ps aux | wc | 16:18 |
| bigcalm | 130 1518 10642 | 16:18 |
| bigcalm | There isn't 20k of processes running | 16:18 |
| shauno | more likely just a lot of uptime. pids aren't recycled until they need to be | 16:19 |
| bigcalm | 192 days | 16:19 |
| popey | does reptyr need root/sudo? | 16:20 |
| zleap | nice | 16:20 |
| bigcalm | iain@dumbo:~$ sudo reptyr 26080 | 16:24 |
| bigcalm | [-] Unable to open the tty in the child. | 16:24 |
| bigcalm | Unable to attach to pid 26080: Permission denied | 16:24 |
| popey | bigcalm: there's some notes on the github page | 16:36 |
| popey | [M#bIptrace_scope on Ubuntu Maverick and up | 16:36 |
| bigcalm | Only 200GB left in the copy | 16:36 |
| popey | that bit | 16:36 |
| bigcalm | Aha | 16:37 |
| bigcalm | popey: thanks :) | 16:37 |
| daftykins | bigcalm: does "jobs" list the copy that's running out of interest? | 16:37 |
| bigcalm | daftykins: no | 16:38 |
| daftykins | probably irrelevant but happened to see it in a google result | 16:38 |
| daftykins | ah ok | 16:38 |
| bigcalm | Because it's been placed into the background | 16:38 |
| bigcalm | Woot, reptyr 26080 worked that time | 16:39 |
| popey | yay | 16:40 |
| === alan_g is now known as alan_g|EOD | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!