[05:02] good morning [05:34] good morning magespawn [05:34] wow, chesedo, your IRC client is having fun [06:00] Morning magespawn, superfly [06:00] hey paddatrapper [06:01] How goes it superfly? [06:02] paddatrapper: full of hate right now, to be honest. too many things that don't work and cost me money that I don't have. [06:02] and I can rant and rage, but it's not going to change anything. [06:02] Department of Home Affairs. Need I say more? [06:05] Say no more. I perfectly understand your rage... [06:21] superfly: "despite all my rage, Home Affairs is still taking and age" [rat in a cage] [06:22] andrewlsd: no, they're nopt taking an age, they're outsourcing their visa stuff to a company that has no clue on the requirements for visas, so that I get a rejection 2 years later because of said company's incompetence [06:56] yip. ... and at your expense. [07:14] Good morning [07:16] hi ra1v3n [07:17] Hello andrewlsd [07:30] superfly: you need visa to be in SA? [07:31] Depends on your country of origin [07:32] of course .. that's why i'm asking [07:32] * Sicelo thought superfly was SA citizen [07:32] Sicelo: I am, but my wife isn't [07:34] ah .. i'm also non-South African, and completely agree that the VFS system is just a mess :( [07:35] and the hectic fees they have, omg! [07:42] Sicelo: exactly. and because my wife is married to a South African, we don't have to pay Home Affairs' fees. Now we're getting slapped with VFS's fees when we would not normally pay, and we never asked for VFS in the first palce [07:42] *place === MaNL is now known as MaNI [08:16] hi superfly inetpro paddatrapper magespawn Langjan MaNI and all others [08:16] what happened Langjan [08:16] evening Kilos [08:17] you broke it [08:18] Hey Kilos [08:46] Hi Kilos het jy lekker gerus? [08:57] ai! [09:11] Chasing sheep Kilos? [09:15] i was [09:15] hehe [09:16] actually moving hay / lucerne mix where they can get to it [09:16] Langjan so tell what you broke man [09:19] Hi Kilos vertel my eers of je lekker geslaap het en uitgerus is vir die nuwe uitdagings wat my brekasies bied? [09:19] jy [09:20] man ek het geslaap [09:20] Uitgerus? [09:20] lekker warm in die bed , wou nie opstaan nie [09:20] Ek het so gesien...lmga! [09:20] haha [09:21] was 7 uur wakker maar was te koud om op te sit of staan [09:21] ai, was net onder 7° hier, nie te sleg nie [09:21] now tell me what i need to start thinking about [09:22] ryp hier weer [09:23] Ok, I decided to use the other HDD with Zorin installed because its IDE and I want to get it to a stgae where I can get my onconverted friend to sit down and do everything that he does on windopz [09:23] stage [09:23] ok [09:24] Its running nicely, just had to sort the jumpers out first [09:24] so have a spare 160 GB HDD [09:25] I upgraded his ram from 1,5 to 2 GB in trade for the HDD [09:25] ok [09:25] Another Q [09:26] ? [09:26] I have a 5,7 GB folder named Systemback, dunno where it came from, want to delete it [09:26] systemback is that tool for making an iso of your running system [09:27] Its not a tool, its a folder [09:27] yes man but the tool makes folders when you run it so it knows what you have going there [09:28] Contents look the same as /home except my documents and pics are not there [09:28] you ran system back before right? [09:28] make it into an Iso burn to dvd ... then clear the backup [09:28] simples [09:28] ^^ [09:29] Cant remember if I did [09:29] too big for dvd [09:29] thks ra1v3n [09:29] you cant have a systemback folder unless you ran it [09:30] ok then I ran it, do I need it? [09:30] well [09:30] debatable [09:30] well [09:30] lets debate [09:30] did you make a stick with the iso on [09:30] Langjan, you can clear the system back folder from within system back [09:31] I never include playonlinux etc. you can exclude certain folders [09:31] Kilos, you mean an iso of the systemback? No [09:32] back those up separately [09:32] that was the whole idea of running it Langjan [09:32] I always back up my file and pic and email folders separately [09:32] if you feel you dont need it you can aptitude purge systemback [09:32] if your system is running perfectly and you want a backup .... clear the systemback and create a new one [09:33] OK that makes sense thks ra1v3n [09:33] listen to ra1v3n [09:33] what I do Is I create a new user with full priveledges (so that I get a clean homefolder) [09:33] then run systemback from inside that user [09:33] then once done I write to dvd [09:34] destroy the temporary user [09:34] clear the systemback folder [09:34] back up all your aps with aptoncd [09:35] sounds complicated but worth doing [09:35] what about vbox? [09:35] then write that to a dvd aswell (make sure you select dvd image NOT cd) [09:36] then back up the excluded folder like your WINE and Playonlinux and all your doccies and pics [09:36] then if the shite does hit the fan you can recover quickly [09:36] will vbox also run after backup [09:36] yes its complicated but it makes life easier after a crash [09:36] virtualbox? [09:36] dont use wine and playonlinux [09:37] In what way? [09:37] yes [09:37] the virtualbox app itself will be backed up [09:37] but I suggest you backup your vbox appliances seperately [09:38] this is why I create a dummy user .... clean homefolder no fluff like masive vbox appliances [09:38] By appliances do you mean the Win xp os running there? [09:38] yes [09:39] and so the truth comes out [09:39] on the HDD the will be a folder called Win Xp etc ... it will contain the virtual HDD and associated files [09:39] hidden xp [09:39] LOL Kilos [09:39] sigh [09:40] Within the menu tab of Vbox you can select to backup this applaiance and vbox will create a single compressed bundled file similar to a tarball [09:40] OK I will give it a go and see how far I can get before knocking on your door [09:41] take that and write it to a backup dvd or place it on another HDD [09:41] google if you get stuck .... tons of tutorials on all of these online [09:41] OK many thks [09:41] I normally do this all as soon as I have my setup installed and everything is working [09:42] i made a systemback flash disk and installed from it and asll pics and everything same on desktop as on lappy [09:42] 'm here often aswell if you need help [09:42] yeah systemback is awesome especially if you need to clone a system in a hurry [09:43] Many thanks ra1v3n, will do [09:43] hidden xp [09:43] now youve ruined a friendship [09:43] I make the Dummy User so that I'm working from a clean homefolder [09:43] think up an excuse quickly [09:44] because after a few weeks of working your homefolder will never fit on a dvd [09:44] hi exupboy welcome to ubuntu-za [09:45] dvds are old fashioned things [09:45] flash sicks come in many sizes [09:45] So thats my story for the day Kilos - nothing broke. Fortunately I'm not using kde, lmga! [09:46] sticks/disks [09:46] drives? [09:46] haha so cheeky this bally [09:46] ja man memory sticks [09:46] flash disks [09:46] 'cause I know I can outrun you [09:46] flash drives [09:47] usb memory modules [09:47] flash drives, usb sticks, stiffies, whatchamacallits [09:48] and you must remember the turmeric stuff Langjan the you wont find things you have no idea how or where they came from [09:48] katottertjies [09:48] Hi There, thanks [09:48] We chat again when youre pushing 74 Kilos [09:49] nono you wont be around [09:49] I will, dunno about you [09:49] chat now before you forget who i am [09:49] lmga1 [09:49] hee hee [09:49] ! [09:50] Ok im gonna log off and practice some systemrestore [09:50] enjoy [09:50] where do I find the dam thing? [09:50] what [09:51] luckily you head is glued on [09:51] system restore - and my computer! [09:51] in the dam things place, where else [09:51] lol [09:51] if its in the dam its broken, not waterproof. Hi magespawn how are you keeping? [09:52] good and you Langjan ? [09:53] fine thks [09:53] just battling a bit with the laatslapers [09:53] hahaha [09:53] see the guilty conscience? [09:53] hehehehe [09:53] lmga [09:54] glad youre honest my friend, thats why I like you so much [09:54] oh only because of my honestly [09:54] even if you keep nagging [09:54] honesty [09:54] haha [09:55] those with blocked ears need nagging [09:55] now youre fishing for compliments... [09:55] oh [09:55] how many you want? [09:55] and those with bad memories [09:55] i dont need compliments ty sir [09:55] I have 8 Gb [09:56] Arrogant young man! [09:56] that will make a good backup iso [09:56] on my RAM? [09:56] i have systemback iso on an 8g stick as well [09:57] Can see you chase too many rams and ewes around [09:57] what are you talking about [09:57] you have 8g ram [09:58] maybe its 4, I forgot [09:58] lmga [09:58] hahaha [09:58] jy moet mooi bly en die dag geniet [09:59] i have found the best time to help peeps that need nagging is when they are in the bath [09:59] make them wash their ears well so they can hear properly [09:59] good idea, will tell my caregiver [10:00] lol [10:00] bye for now [10:00] cheers Langjan have a good day sir [10:01] You too thks Kilos [10:01] superfly: i'm suspecting bad internet [10:01] afternoon all btw... [10:01] hi chesedo [10:02] Fun reading: http://www.eweek.com/security/black-hat-do-usb-keys-left-in-parking-lots-get-picked-up.html [10:10] Never under any circumstances insert a USB key that you don't own or haven't just removed from its packaging after purchase [10:30] ^ yip [10:50] but why, could be so much of fun [11:17] whats a usb key? a thing you open car doors with? [11:17] Im back [11:18] usb key, stick, drive flashdrive [11:18] same thing [11:19] why would they be left lying around in parking lots [11:19] i go read that link [11:19] lol [11:22] too much to read [11:25] lol [11:28] Kilos: TL;DR : make USB with malicious software / firmware. "lose" them at strategic points. Wait for users to insert USB dongles into their computers. Profit from the pwnage. [11:34] ah [11:35] even linux pcs? [11:35] yes [11:35] oh my [11:35] there are some rootkits that can easily infect a linux box [11:36] and there are certain virii that are at the firmware level [11:40] +1 ra1v3n [11:40] nothing like physical access to bypass many layers of security [11:41] oh yeah [11:41] bare metal access [11:51] later all [11:51] ciao 4 now [11:51] ciao [12:32] Have a good afternoon everyone :-) [12:34] hehe [12:34] you too andrewlsd [12:35] dunno how you did that [12:35] go to go out chat later [12:35] Have a good afternoon everyone [12:35] go well magespawn [13:02] enjoy the weekend everyone [14:01] Hello again all [14:02] hi ra1v3n [14:04] Hello kilos [15:07] can anyone tell me which part is the driver code here, https://github.com/lwfinger/rtlwifi_new/pull/74/files ? [15:07] and Greetings ZA! [15:54] I'm Back! [16:02] theblazehen: you around? [16:54] can anyone tell me which part is the driver code here, https://github.com/lwfinger/rtlwifi_new/pull/74/files ? [16:55] pavlushka ask that at #ubuntu as well [16:55] Kilos: copy [16:56] no one knows who is doing what here on friday evening [16:56] pavlushka, there is no driver code there [16:58] ra1v3n: in the result of "lspci | grep Wireless" [16:59] the code is at the beginning of the output [17:00] then just follow the instructions [17:01] should be in this format: 00.00.0 (Unless I'm mistaken) [17:01] ra1v3n: you mean something like "01:00.0" ? [17:01] yep [17:01] ra1v3n: thanks :) [17:02] give it a go [17:02] your'e welcome ^^ [17:04] let me know how you do [17:26] kulelu88: what's up? [18:03] Hello pavlushka did you win? [18:09] ra1v3n: its on someone else's pc, will confirm you after getting the result, :) [18:10] kewl [18:10] kewl [18:17] Goodnight guys have a good one [18:20] chat later all [18:41] hi SEptic inetpro superfly [18:41] evening ... *tips hat* [19:07] mmmmm [19:07] anyone here run their own DNS recusors? [19:10] pft, silly kdewallt [19:10] kdewallet [19:10] lol [19:11] beautifully engineered concept of software... it's finding the start button thats the problem :P [19:12] i think it's just being a bit of a woman with 16.04, but sure it'll get fixed up as we go [19:13] got my office colleagues to wipe windows and come over to the dark-side [19:13] cool [19:14] SEptic: there's a cunning trick with KWallet, if you don't mind the security aspects of it too much. Just set your password to be blank, and it no longer prompts for your password. [19:15] i did try that cunning plan me Lord, it did work for a couple reboots [19:16] i'm having issues with it not opening wallets, not even prompting to open them [19:16] if i create a new wallet and do things then its 100% [19:17] but after a couple boots it just doesn't prompt to open the wallet at all [19:17] if i gooi the wallet manager and click "open", then my laptop just sits and stares blankly at me [19:18] i am new to the wallet-y thing though [19:18] I last saw KWallet ages ago. if it is in use, I am not seeing it. [19:19] I no longer use KMail for my e-mail, so that's probably also why. [19:19] haha, yea, i tried disabling completely, but then have to enter wifi passwords everytime i connect [19:30] hehe, theblazehen ping [19:30] now I am a quassel dude, yo [19:31] pavlushka__: nice :) [19:31] haha [19:31] dammit, this is driving me nuts, I have two identical servers [19:31] if I direct ALL dns queries to one of them, it seems to peak out at 4k queries/second [19:32] if I direct them all to the other it does 800 / second [19:32] configs are identical [19:32] Symmetria: Would you be fine with sharing the IPs? [19:34] theblazehen yeah try and do recursive queries against 41.216.125.179 [19:34] thats the problem server [19:37] Symmetria: All configs, or just the dns server? [19:39] theblaze will send you configs in a second [19:39] just waiting to see something first (I just modified something on one of the servers) [19:39] sure [19:44] Symmetria: What's the other server? [19:46] try recurse3-zw-anycast.liquidtelecom.net [19:46] recurse1 is the problem one [19:46] 3 is ok [19:47] recurse1-za-anycast quite happily handles *SHITLOADS* of queries per second [19:47] am waiting for the cacti polling to show me latest stats [19:48] Where are you testing from? [19:49] heh, both local to the servers and outside, but what I'm really looking at is the queries per second before I start seeing them top out where i'm cacti graphing [19:50] Symmetria: Could it be a network issue? They go through different routes [19:50] no, they are both ESXI servers, on the same ESXI platform, just different (yet identical) blades, so same network interface [19:52] Im wondering if its not some operating system setting with regards to buffers or something [19:52] And this is from a fresh deployment? As in wipe both, and let confg management do its thing? [19:52] What does sysctl -a say? [19:53] Maybe diff those [19:54] just did, and sysctl's are now identical, still doeesnt seem to have helped *ponders* [19:55] (btw, just as a note, these servers form a part of the largest african recursive anycast in existence) [19:55] basically, they are the zimbabwe nodes of 5.11.11.5 and 5.11.11.11 (africas equiv. of 8.8.8.8 / 4.2.2.2) [19:55] Nice. And running bind from what I can see? [19:55] awesome [19:56] yeah they are running bind [19:57] And all the others seem to run around 4k/s as well? [19:59] yeah, something aint right on the linux box though, looking at the packets per second through the interface, the RX PPS is about half (which I expect if I'm handling a lot less queries), but the TX is a fraction, like, 10% of the other [19:59] so something is bottlenecking the UDP outbound [19:59] Hmm [20:00] I wonder, try iperf maybe? [20:00] See if it's a PPS or bandwidth issue [20:00] night all. sleep tight [20:00] cheers Kilos [20:01] Updating network configuration over ssh is always fun [20:02] More so if the remote management tool sometimes (for large values of sometimes) drops keystrokes [20:04] LOL, I generally write a new network config file on a third party platform and then copy it onto the system and either reboot or go in via console to apply it [20:05] Yeah, well, console is kind of not a possibility here.. [20:06] Hosting company got bought out, and can't log in at new company [20:06] But I had old link to customer portal that didn't redirect me to new company [20:06] So I can turn it off and on again remotely [20:07] That's about it [20:10] heh buyouts are always interesting [20:11] though in my case I'm generally the guy that goes into the companies we just bought and integrate/change/restructure etc on the networking side [20:11] Cool [20:11] lol our next project is going to be very very interesting [20:12] heh next project - neotel ;p [20:12] fun [20:15] Looks like it's all going in a bash script then.. [20:20] Well. It looks like I'm the type of guy that uses uses regex to extract info from anything (Seriously. I'm writing a smtp relay (*not* esmtp), using sed. And parsing notification emails with a regex and python), uses chattr +i when I don't want the file to be modified the right way, and uses bash scripts when there isn't a nice way to do something the right way [20:21] LOL [20:21] I do a lot of bash scripting shit as well [20:21] Unless someone knows how to bring up an openvpn bridge in /etc/network/interfaces, and then have a bridge to that defined? [20:22] Or can I use the openvpn tap device as a bridge directly? I don't *think* so [20:23] ARGHHHHH I think I found the problem and if I'm right Im gonna shoot myself in the head for being an idiot [20:24] heh, I don't know openvpn sadly, so can't comment [20:24] Symmetria: Don't worry. I spent around 10 hours easy this weak to track down a single line of code in a module that I wasn't even looking in even though I should have.. [20:24] week* [20:25] haha holy shit, that made a difference ;p [20:25] I had fucked up something on the DNS rate limiting on recurse1 [20:25] Ah.. [20:26] Why are you rate limiting? [20:26] Also, I'm sure you have, but if not, the cloudflare blog has some really interesting stuff on dns [20:27] have read it* [20:27] heh, we exempt all on net [20:28] and rate limit off net to a specific number of queries per second [20:28] Ah. Yeah, makes sense [20:28] to avoid people using the servers for recursion attacks [20:28] _all_ on net? [20:28] basically, we limit to 255 queries a second for offnet stuff - which is still pretty bloody high [20:29] So say, if a customer hasn't paid for their account [20:29] sometimes the isp will redirect to a landing page etc [20:29] Can they still query dns? [20:29] doesnt matter, rate limits on the DNS on these recursors are PURELY based on ip subnets [20:29] its basically an ip tables list of aggregated subnets that are a straight pass through, and then a connection tracking rule to limit everything else [20:30] sure. I'm just thinking if people on the inside can run dns tunneling? [20:30] eg. iodine [20:30] lol, they probably could but if they are that desperate *shrug* [20:31] It's faster than you'd think actually [20:31] And might be faster if you use a kind of parallel implementation [20:32] Or use a closer host [20:32] Or increase the window size I guess [20:32] heh yeah but we would see it, very fast [20:32] iodine uses specific query types [20:33] and we graph every server in terms of queries per second and in terms of number of queries per second of each TYPE of query [20:33] Yeah, but you can tell it to use A, AAAA etc too. But, by numbers, sure [20:33] yeah, but to get DECENT throughput, you'd still need to be doing thousands of queries a second [20:34] and thats gonna show up [20:34] and the other thing that would break it - and this is interesting, is the anycast [20:34] because when you send the queries to the normal anycast addresses [20:34] you can't guarantee WHICH server the query will end up as [20:34] yeah. Just saying that it might not be the query *type* that's gonna tip you off, but it'll definitely throw up red flags [20:34] that will break state tracking which is a requirement for TCP [20:35] heh, the whole DNS cluster, is made up of 14 seperate servers at the moment [20:35] and its about to go to 18 [20:36] Would it break it? Iodine supports tracking connections on an identifier, and has sequence numbers etc [20:36] Cool [20:36] theblazehen, keep in mind, if you're doing TCP [20:36] I mean, with a single dns server there isn't any connection either if you're tunneling [20:36] you need to keep the connection properly orientated to a specific server [20:36] because TCP has to be able to syn/ack to specific addresses [20:37] Yeah, but this isn't running TCP itself [20:37] and here is the other trick involved, if you hit server 1 [20:37] yeah but hold on [20:37] It's just doing dns queries to NS you specify [20:37] if you hit server 1 server 1's QUERY address [20:37] Which is then running the vpn [20:37]