Re[2]: Question About Free File Transfering Apps

[Michael Grant]

Dan Ritter wrote:

The web browser technology called WebRTC does that quite well,
but for security reasons -- nobody wants a self-perpetuating
worm -- you need an intermediary device to introduce the two
participants but not to actually transfer the file.

And so there is snapdrop.net, which you can choose to trust or
you can run your own copy -- it's GPL3. Works between any two
devices that run modern web browsers, including iPhones,
Androids, Linux, Windows, Macs...

Cool, I played with this today.  So it seems like the website is called 
'pairdrop.net' that works by default with the android app.


Bit of a shame that it requires an external introducer site.  I read a 
bunch of sites, nothing seems to explicitly say that the file transfer 
is direct between one and the other and not through some sort of "bent 
pipe".  I'll tcpdump it at some point to convince myself.


I did not set up my own server (yet), though I read through the 
instructions.  Seems to be nodejs based and looks like a manual setup.  
I guess nobody has built a debian package yet...


There are bluetooth solutions between Linux and Android and
Windows, but Apple does not allow bluetooth file transfer from
or to IOS with any operating systems they don't control.

Did some research how to do this over bluetooth, apparently most android 
phones, certainly newer ones, you can pair the two phones and then use 
the share feature of one phone and choose bluetooth and share it.  Built 
into the OS.  Apparently works between phones and Windows.  No internet 
connection required, perfect.  Doesn't work between ios as you say.  
Learn something new every day!


Thanks for that!

Michael Grant

Re: Question About Free File Transfering Apps

[Larry Martell]

On Sat, Jun 1, 2024 at 2:24 AM gene heskett  wrote:
> Well, since I'm alone, my wife passed 3.5 years back, and was not
> computer literate, its my show. And sshfs Just Works. I use this machine
> as the src for my output for some 3d printers, although the 4 linuxcnc
> machines are largely standalone in that the gcode I run on them was all
> written by me on that machine.. I often have more than one login session
> to a given machine because that machine may also be its own buildbot.
> Every machine has access to the world, but its all hidden behind a
> dd-wrt running router doing the NAT. I don't have to fight with
> samba/cifs and its daily updates to keep it working, permissions are
> 100% linux, nor do I fool with nfs and its weekly updates that always
> break it.
>
> But age is playing a role too, I have short term memory problems.
> Perhaps because of my age, I'll be 90 in October if I don't fall over first.
>
> The only dis to ssh and friends has been the local key files and keeping
> them up to date. That's very minor, its probably been a year since a new
> install on one of my pi clones had me hunting down an aging key file.
> Nothing like this broken bookworm install, its far more annoyance than
> any of the other problems. I'll miss morning roll call, and disappear
> soon enough and then it will be a bit more peaceful here.
>
> In the meantime, everybody take care and stay well.  You are my
> connection to the rest of the world.

Gene, you are an inspiration to me. I hope that I am half as lucid as
you when I am 90. But when you miss morning roll call how will we
know?

Re: Question About Free File Transfering Apps

[gene heskett]

On 6/1/24 06:07, Michael Grant wrote:
I use sshfs, works great to let me drop files on my server from my 
desktop. But I wouldn't call that "file sharing".  I probably would call 
that a "network disk" or "remote mount".


There's probably some formal definition out there, but when I think of 
file sharing, I think of someone proffering up a single file (or folder) 
and sharing it point-to-point with one or some small group of people.


I have long been plagued by the problem if sitting in a room or on a 
boat with someone, 2 devices right next to one another, and no trivially 
easy way to send a file from one device to the other without say first 
uploading it to some mutual third party (e.g. whatsapp).


sshfs isn't going to let you share files between say 2 phones, at least, 
not very easily if at all.


By recommendation further up in this thread, I tried Google's Quick 
Share between my wife's phone and my phone.  Followed all the 
instructions, did not work.  Followed all the troubleshooting 
instructions.  Nope, my device doesn't appear on her phone when I share, 
and neither the other way around.  Searched the web, found a ton of 
people with same issue.  It's DoA I'm afraid.


Between family members, we have in the past shared files using a 
synology box and their Drive app.  It works just like Dropbox except 
file is on your own infra.  It's not open source though and I don't know 
how tied it actually is to Synology's infra.  One certainly needs to be 
on the net to use it.


To this day, I have yet ever to see an easy way to share a file between 
2 devices without full internet connectivity, except by say getting one 
to run an ftp or ssh server and ftp or ssh'ing over the file between 
local ip addrs (e.g. 192.168.x.y).  I'd love to know some well know 
good, not-evil, open source app that runs on all the platforms that I 
could tell people to install to send them a file without using the 
internet.  I can't really see any technical reason such an thing 
couldn't work, say over bluetooth or local IPs and maybe it does exist, 
I've just never run across such a thing.  The key word here is EASY.  I 
can't be hacking someone's phone for an hour just to transfer them a file.


Michael Grant


The keyword with a "phone" as you refer to that handheld computer, is 
locked in service. Just one of the reasons I only have an expired 
wallmart flip phone that hasn't been renewed in 4 or 5 years. If I'm 
going on a long trip where a vehicle problem might need a fone to yell 
for help, I'll go see what wally has today.  Until then its a nuisance, 
with every scammer on the planet calling you up at dinner time or in the 
middle of taking care of your horizontal homework. Amazons BIG red 
button has blocked 255 such scammers so far.


.


Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: Question About Free File Transfering Apps

[Joe]

On Sat, 01 Jun 2024 10:06:43 +
"Michael Grant"  wrote:


> 
> To this day, I have yet ever to see an easy way to share a file
> between 2 devices without full internet connectivity, except by say
> getting one to run an ftp or ssh server and ftp or ssh'ing over the
> file between local ip addrs (e.g. 192.168.x.y).  I'd love to know
> some well know good, not-evil, open source app that runs on all the
> platforms that I could tell people to install to send them a file
> without using the internet.  I can't really see any technical reason
> such an thing couldn't work, say over bluetooth or local IPs and
> maybe it does exist, I've just never run across such a thing.  The
> key word here is EASY.  I can't be hacking someone's phone for an
> hour just to transfer them a file.
> 
> Michael Grant
> 

a. I know nothing about iOS
b. I don't know if this will help

I have an Android phone. If I plug its micro USB charge/data connection
into my desktop's USB port, two entries appear on 'Device' in Thunar.
Pictures (only) can be transferred.

If I pull down the Android status menu and select the USB entry, then
tap for more options, then select file transfer. one of the Device
entries disappears and the other shows various directories. Files
of other kinds can be transferred to and from my workstation's
directories by copy and paste, and presumably by drag and drop. No
additional software is required on the phone.

Two Android devices plugged into something portable, such as a netbook
or Raspberry Pi could presumably transfer files fairly easily. I've
never needed to do it, so I haven't actually tried it between mobiles,
but I use one phone this way to transfer files to and from my network,
which is quicker than emailing them. I don't know what the earliest
version of Android with this ability is. Update: Google says Android 9.
There is a Mac app to do it, Windows and Linux machines including
Chromebook do it natively.

Maybe more ideas here:
https://www.grover.com/blog/en/7-ways-android-data-transfer
https://support.apple.com/en-gb/guide/iphone/iph3ea029318/17.0/ios/17.0


-- 
Joe

Re: Re[2]: Question About Free File Transfering Apps

[songbird]

Michael Grant wrote:
...
> I have long been plagued by the problem if sitting in a room or on a 
> boat with someone, 2 devices right next to one another, and no trivially 
> easy way to send a file from one device to the other without say first 
> uploading it to some mutual third party (e.g. whatsapp).

  USB stick or in the elder days i could wire up a 
RS232 cable and use that via serial ports.


...
> To this day, I have yet ever to see an easy way to share a file between 
> 2 devices without full internet connectivity, except by say getting one 
> to run an ftp or ssh server and ftp or ssh'ing over the file between 
> local ip addrs (e.g. 192.168.x.y).  I'd love to know some well know 
> good, not-evil, open source app that runs on all the platforms that I 
> could tell people to install to send them a file without using the 
> internet.  I can't really see any technical reason such an thing 
> couldn't work, say over bluetooth or local IPs and maybe it does exist, 
> I've just never run across such a thing.  The key word here is EASY.  I 
> can't be hacking someone's phone for an hour just to transfer them a 
> file.

  if i'm taking that long to do something, i'll just find
an easier method.

  for me sending an e-mail with the file attached
might also do it.


  songbird

Re: Question About Free File Transfering Apps

[Dan Ritter]

Michael Grant wrote: 
> I have long been plagued by the problem if sitting in a room or on a boat
> with someone, 2 devices right next to one another, and no trivially easy way
> to send a file from one device to the other without say first uploading it
> to some mutual third party (e.g. whatsapp).

...

> To this day, I have yet ever to see an easy way to share a file between 2
> devices without full internet connectivity, except by say getting one to run
> an ftp or ssh server and ftp or ssh'ing over the file between local ip addrs
> (e.g. 192.168.x.y).  I'd love to know some well know good, not-evil, open
> source app that runs on all the platforms that I could tell people to
> install to send them a file without using the internet.  I can't really see
> any technical reason such an thing couldn't work, say over bluetooth or
> local IPs and maybe it does exist, I've just never run across such a thing.
> The key word here is EASY.  I can't be hacking someone's phone for an hour
> just to transfer them a file.

The web browser technology called WebRTC does that quite well,
but for security reasons -- nobody wants a self-perpetuating
worm -- you need an intermediary device to introduce the two
participants but not to actually transfer the file.

And so there is snapdrop.net, which you can choose to trust or
you can run your own copy -- it's GPL3. Works between any two
devices that run modern web browsers, including iPhones,
Androids, Linux, Windows, Macs...

There are bluetooth solutions between Linux and Android and
Windows, but Apple does not allow bluetooth file transfer from
or to IOS with any operating systems they don't control.

-dsr-

Re[2]: Question About Free File Transfering Apps

[Michael Grant]

I use sshfs, works great to let me drop files on my server from my 
desktop. But I wouldn't call that "file sharing".  I probably would call 
that a "network disk" or "remote mount".


There's probably some formal definition out there, but when I think of 
file sharing, I think of someone proffering up a single file (or folder) 
and sharing it point-to-point with one or some small group of people.


I have long been plagued by the problem if sitting in a room or on a 
boat with someone, 2 devices right next to one another, and no trivially 
easy way to send a file from one device to the other without say first 
uploading it to some mutual third party (e.g. whatsapp).


sshfs isn't going to let you share files between say 2 phones, at least, 
not very easily if at all.


By recommendation further up in this thread, I tried Google's Quick 
Share between my wife's phone and my phone.  Followed all the 
instructions, did not work.  Followed all the troubleshooting 
instructions.  Nope, my device doesn't appear on her phone when I share, 
and neither the other way around.  Searched the web, found a ton of 
people with same issue.  It's DoA I'm afraid.


Between family members, we have in the past shared files using a 
synology box and their Drive app.  It works just like Dropbox except 
file is on your own infra.  It's not open source though and I don't know 
how tied it actually is to Synology's infra.  One certainly needs to be 
on the net to use it.


To this day, I have yet ever to see an easy way to share a file between 
2 devices without full internet connectivity, except by say getting one 
to run an ftp or ssh server and ftp or ssh'ing over the file between 
local ip addrs (e.g. 192.168.x.y).  I'd love to know some well know 
good, not-evil, open source app that runs on all the platforms that I 
could tell people to install to send them a file without using the 
internet.  I can't really see any technical reason such an thing 
couldn't work, say over bluetooth or local IPs and maybe it does exist, 
I've just never run across such a thing.  The key word here is EASY.  I 
can't be hacking someone's phone for an hour just to transfer them a 
file.


Michael Grant

Re: Question About Free File Transfering Apps

[gene heskett]

On 5/31/24 22:37, David Wright wrote:

On Fri 31 May 2024 at 17:30:19 (+0100), mick.crane wrote:

On 2024-05-31 13:58, gene heskett wrote:

On 5/30/24 20:09, mick.crane wrote:

On 2024-05-29 15:07, Carter Zhang wrote:

Are there any free apps for GNU/Linux and Android to share files over
LAN? There have already been LocalSend, LanXchange, LANDrop,
NitroShare, Sharik, Warpinator, TrebleShot, but they have respective
problems.


   I don't know if sshfs would have issues with more than one
connection.


It does not, I have open sessions to 6 other machines here,
possability's of up to 10 if all are turned on.


AFAICT from your posts Gene, you are the sole user on your LAN,
so "sharing files" takes on a particular meaning.


I only drag stuff in and out of the directory in Thunar. Dragging from
the directory takes a copy. I wondered what would happen if somebody
deleted a file while you were half way through fetching it.


AIUI you get a race. So unless you elaborate on who the potential
agents are on your LAN (spouse, kids, kids mates), I don't think
sshfs would be an appropriate choice, and neither does an author
of the wikipedia page:

  "SSHFS is an alternative to those protocols [A(pple)FP, NFS, SMB]
   only in situations where users are confident that files and
   directories will not be targeted for writing by another user,
   at the same time."

Well, since I'm alone, my wife passed 3.5 years back, and was not 
computer literate, its my show. And sshfs Just Works. I use this machine 
as the src for my output for some 3d printers, although the 4 linuxcnc 
machines are largely standalone in that the gcode I run on them was all 
written by me on that machine.. I often have more than one login session 
to a given machine because that machine may also be its own buildbot. 
Every machine has access to the world, but its all hidden behind a 
dd-wrt running router doing the NAT. I don't have to fight with 
samba/cifs and its daily updates to keep it working, permissions are 
100% linux, nor do I fool with nfs and its weekly updates that always 
break it.


But age is playing a role too, I have short term memory problems. 
Perhaps because of my age, I'll be 90 in October if I don't fall over first.


The only dis to ssh and friends has been the local key files and keeping 
them up to date. That's very minor, its probably been a year since a new 
install on one of my pi clones had me hunting down an aging key file. 
Nothing like this broken bookworm install, its far more annoyance than 
any of the other problems. I'll miss morning roll call, and disappear 
soon enough and then it will be a bit more peaceful here.


In the meantime, everybody take care and stay well.  You are my 
connection to the rest of the world.



Cheers,
David.


Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: Question About Free File Transfering Apps

[David Wright]

On Fri 31 May 2024 at 17:30:19 (+0100), mick.crane wrote:
> On 2024-05-31 13:58, gene heskett wrote:
> > On 5/30/24 20:09, mick.crane wrote:
> > > On 2024-05-29 15:07, Carter Zhang wrote:
> > > > Are there any free apps for GNU/Linux and Android to share files over
> > > > LAN? There have already been LocalSend, LanXchange, LANDrop,
> > > > NitroShare, Sharik, Warpinator, TrebleShot, but they have respective
> > > > problems.
> > > 
> > >   I don't know if sshfs would have issues with more than one
> > > connection.
> > > 
> > It does not, I have open sessions to 6 other machines here,
> > possability's of up to 10 if all are turned on.

AFAICT from your posts Gene, you are the sole user on your LAN,
so "sharing files" takes on a particular meaning.

> I only drag stuff in and out of the directory in Thunar. Dragging from
> the directory takes a copy. I wondered what would happen if somebody
> deleted a file while you were half way through fetching it.

AIUI you get a race. So unless you elaborate on who the potential
agents are on your LAN (spouse, kids, kids mates), I don't think
sshfs would be an appropriate choice, and neither does an author
of the wikipedia page:

 "SSHFS is an alternative to those protocols [A(pple)FP, NFS, SMB]
  only in situations where users are confident that files and
  directories will not be targeted for writing by another user,
  at the same time."

Cheers,
David.

Re: Question About Free File Transfering Apps

[tomas]

On Fri, May 31, 2024 at 01:16:28PM -0400, Greg Wooledge wrote:
> On Fri, May 31, 2024 at 05:30:19PM +0100, mick.crane wrote:
> > I only drag stuff in and out of the directory in Thunar. Dragging from the
> > directory takes a copy. I wondered what would happen if somebody deleted a
> > file while you were half way through fetching it.
> 
> If you're copying a file, that means some process has the file opened.

(that's what I meant with "the meaning of fetch". Is it the drag
process by the user? Then the file is not yet open -- and nothing
will be copied. Is it the actual copy? Then your description is
the most accurate one)

> Removing (unlinking) a file that's opened causes it to vanish from the
> raw directory, but the inode and the blocks of data are left alone until
> all processes have closed it.  Only then will it be marked for recyling.
> 
> You'll just have to hope that the (remote) copy succeeds on the first
> try, because once the remote reader loses connection, if the file is
> closed on the server, it's gone.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: Question About Free File Transfering Apps

[Greg Wooledge]

On Fri, May 31, 2024 at 05:30:19PM +0100, mick.crane wrote:
> I only drag stuff in and out of the directory in Thunar. Dragging from the
> directory takes a copy. I wondered what would happen if somebody deleted a
> file while you were half way through fetching it.

If you're copying a file, that means some process has the file opened.

Removing (unlinking) a file that's opened causes it to vanish from the
raw directory, but the inode and the blocks of data are left alone until
all processes have closed it.  Only then will it be marked for recyling.

You'll just have to hope that the (remote) copy succeeds on the first
try, because once the remote reader loses connection, if the file is
closed on the server, it's gone.

Re: Question About Free File Transfering Apps

[tomas]

On Fri, May 31, 2024 at 05:30:19PM +0100, mick.crane wrote:

[...]

> I only drag stuff in and out of the directory in Thunar. Dragging from the
> directory takes a copy. I wondered what would happen if somebody deleted a
> file while you were half way through fetching it.

This will depend on the precise values you assign to "you" and "fetch". And,
of course to "delete".

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: Question About Free File Transfering Apps

[mick.crane]

On 2024-05-31 13:58, gene heskett wrote:

On 5/30/24 20:09, mick.crane wrote:

On 2024-05-29 15:07, Carter Zhang wrote:

Are there any free apps for GNU/Linux and Android to share files over
LAN? There have already been LocalSend, LanXchange, LANDrop,
NitroShare, Sharik, Warpinator, TrebleShot, but they have respective
problems.


  I don't know if sshfs would have issues with more than one 
connection.

mick


It does not, I have open sessions to 6 other machines here,
possability's of up to 10 if all are turned on.


I only drag stuff in and out of the directory in Thunar. Dragging from 
the directory takes a copy. I wondered what would happen if somebody 
deleted a file while you were half way through fetching it.


mick

Re: Question About Free File Transfering Apps

[Greg Wooledge]

On Fri, May 31, 2024 at 08:58:34AM -0400, gene heskett wrote:
> On 5/30/24 20:09, mick.crane wrote:
> > On 2024-05-29 15:07, Carter Zhang wrote:
> > > Are there any free apps for GNU/Linux and Android to share files over
> > > LAN? There have already been LocalSend, LanXchange, LANDrop,
> > > NitroShare, Sharik, Warpinator, TrebleShot, but they have respective
> > > problems.
> > 
> >   I don't know if sshfs would have issues with more than one connection.
> > mick
> > 
> It does not, I have open sessions to 6 other machines here, possability's of
> up to 10 if all are turned on.
> > .

I interpreted mick's sentence to mean multiple connections between the
same two computers, or perhaps multiple clients all connecting to a
single server.  A single client connecting to multiple servers was never
in question, at least in my mind.

Re: Question About Free File Transfering Apps

[gene heskett]

On 5/30/24 20:09, mick.crane wrote:

On 2024-05-29 15:07, Carter Zhang wrote:

Are there any free apps for GNU/Linux and Android to share files over
LAN? There have already been LocalSend, LanXchange, LANDrop,
NitroShare, Sharik, Warpinator, TrebleShot, but they have respective
problems.


  I don't know if sshfs would have issues with more than one connection.
mick

It does not, I have open sessions to 6 other machines here, 
possability's of up to 10 if all are turned on.

.


Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: Question About Free File Transfering Apps

[Carter Zhang]

Dear Richard,

But I never use pre-complied packages since by doing this I won't know whether 
I will install proprietary binaries.

Yours,
Carter

On May 31, 2024 2:38:26 PM GMT+08:00, Richard  wrote:
>LocalSend and LanXchange are available as precompiled archives. Also,
>LocalSend is available as Flatpak.
>
>Am Fr., 31. Mai 2024 um 04:52 Uhr schrieb Carter Zhang <
>mcut17...@autistici.org>:
>
>> Dear Richard,
>>
>> Thank you for your reply. LocalSend, LanXchange, LANDrop, NitroShare,
>> Sharik, Warpinator, TrebleShot have their respective problems.
>>
>> LocalSend is not available in Debian's and Trisquel's official
>> repositories, and it is not so convenient to complie it from source using a
>> machine with a memory of 8GB.
>>
>> LanXchange is not available in Debian's and Trisquel's official
>> repositories, source as well, and its source complication on my machine
>> fails.
>>
>> The Android client for LANDrop is not libre.
>>
>> NitroShare, Sharik, Warpinator and TrebleShot are all no longer updated
>> and the latest version of them cannot be complied on modern GNU/Linux
>> environment.
>>
>> In addition, KDE Connect sometimes disconnects and cannot reconnect.
>>
>> Yours,
>> Carter
>>
>>
>> On May 29, 2024 10:56:02 PM GMT+08:00, Richard  wrote:
>>
>>> KDE connect? That has clients for many systems.
>>>
>>> But the question is, what's the issue with the existing solutions? It's
>>> quite a useless task to recommend file transfer apps when they all have the
>>> same issue you try to avoid.
>>>
>>> Richard
>>>
>>


signature.asc
Description: PGP signature

Re: Question About Free File Transfering Apps

[eben]

On 5/30/24 22:46, Carter Zhang wrote:

Dear Dan,

Thanks a lot for your reply but I am not clear how to use SFTP, SCP or
NFS on Android. Could you please show me how? Any help will be
appreciated.


(lines wrapped)

SFTP / SCP:

https://ic.pics.livejournal.com/pushpitha/50334853/1538653/1538653_800.jpg

NFS: it's not simple.

--
Answer: two spoonfuls in my cup, please.
Question: how much should I use?  (why top-posting is bad)
http://www.fscked.co.uk/writing/top-posting-cuss.html

Re: Question About Free File Transfering Apps

[Carter Zhang]

Dear Richard,

Thank you for your reply. LocalSend, LanXchange, LANDrop, NitroShare, Sharik, 
Warpinator, TrebleShot have their respective problems.

LocalSend is not available in Debian's and Trisquel's official repositories, 
and it is not so convenient to complie it from source using a machine with a 
memory of 8GB.

LanXchange is not available in Debian's and Trisquel's official repositories, 
source as well, and its source complication on my machine fails.

The Android client for LANDrop is not libre.

NitroShare, Sharik, Warpinator and TrebleShot are all no longer updated and the 
latest version of them cannot be complied on modern GNU/Linux environment.

In addition, KDE Connect sometimes disconnects and cannot reconnect.

Yours,
Carter

On May 29, 2024 10:56:02 PM GMT+08:00, Richard  wrote:
>KDE connect? That has clients for many systems.
>
>But the question is, what's the issue with the existing solutions? It's
>quite a useless task to recommend file transfer apps when they all have the
>same issue you try to avoid.
>
>Richard


signature.asc
Description: PGP signature

Re: Question About Free File Transfering Apps

[Carter Zhang]

Dear Dan,

Sorry I forgot an CC.

Thanks a lot for your reply but I am not clear how to use SFTP, SCP or NFS on 
Android. Could you please show me how? Any help will be appreciated. 

On May 29, 2024 11:37:55 PM GMT+08:00, Dan Ritter  wrote:
>Carter Zhang wrote: 
>> Dear Dan,
>> 
>> Thanks a lot for your reply but I am not clear how to use SFTP, SCP or NFS 
>> on Android. Could you please show me how? Any help will be appreciated. 
>> 
>
>Hi, Carter.
>
>The etiquette of the list is that everything goes in public, so
>that solutions can be shared and are searchable.
>
>The other side of it is that everyone is volunteering their own
>time, so discussions in public benefit everyone, whereas private 
>discussions are just unpaid consulting.
>
>
>-dsr-


signature.asc
Description: PGP signature

Re: Question About Free File Transfering Apps

[eben]

On 5/30/24 20:08, mick.crane wrote:

On 2024-05-29 15:07, Carter Zhang wrote:

Are there any free apps for GNU/Linux and Android to share files over
LAN? There have already been LocalSend, LanXchange, LANDrop,
NitroShare, Sharik, Warpinator, TrebleShot, but they have respective
problems.


  I don't know if sshfs would have issues with more than one connection.


You mean two different machines using sshfs to the same server?  I don't see
why it would.  It's vanilla SSH to the outside world and ssh works just fine
when multiple users log in.

--
Perhaps this final act was meant / to clinch a lifetime's argument
That nothing comes from violence and nothing ever could
Fr all thse born bneath an angry star / Lest we frget hw fragile we are
   -- Sting, "Fragile" from _... Nothing Like the Sun_

Re: Question About Free File Transfering Apps

[mick.crane]

On 2024-05-29 15:07, Carter Zhang wrote:

Are there any free apps for GNU/Linux and Android to share files over
LAN? There have already been LocalSend, LanXchange, LANDrop,
NitroShare, Sharik, Warpinator, TrebleShot, but they have respective
problems.


 I don't know if sshfs would have issues with more than one connection.
mick

Re: Question About Free File Transfering Apps

[Richard]

A client that by your own words barely works, while fully functional
alternatives have been available for many years already. So what's your
point?

Am Do., 30. Mai 2024 um 14:23 Uhr schrieb Anssi Saari <
anssi.sa...@debian-user.mail.kapsi.fi>:

>
> Wow. I already mentioned an open source client? What's your point?
>
>

Re: Question About Free File Transfering Apps

[Anssi Saari]

Richard  writes:

> There have already been many answers. And since it's highly unlikely any 
> third party will include support for such a
> closed down system, you might want to look at them. At least I don't think 
> Google will suddenly open source Nearby Share
> for everyone to write clients for it.

Wow. I already mentioned an open source client? What's your point?

Re: Question About Free File Transfering Apps

[Richard]

There have already been many answers. And since it's highly unlikely any
third party will include support for such a closed down system, you might
want to look at them. At least I don't think Google will suddenly open
source Nearby Share for everyone to write clients for it.

Am Do., 30. Mai 2024 um 11:00 Uhr schrieb Anssi Saari <
anssi.sa...@debian-user.mail.kapsi.fi>:

> I'd like to know too, assuming you're asking for transferring files
> between Android and Linux.
>
> I'd like Quick Share support in Linux as it's built into Android and
> available for Windows. Someone has an early version at
> https://github.com/Martichou/rquickshare but I only got it working one
> way, Linux PC to phone and even that needed disabling the firewall on
> the PC. But maybe that'll improve.
>
>

Re: Question About Free File Transfering Apps

[Anssi Saari]

Carter Zhang  writes:

> Are there any free apps for GNU/Linux and Android to share files over LAN? 
> There have already been LocalSend, LanXchange,
> LANDrop, NitroShare, Sharik, Warpinator, TrebleShot, but they have respective 
> problems. 

I'd like to know too, assuming you're asking for transferring files
between Android and Linux.

I'd like Quick Share support in Linux as it's built into Android and
available for Windows. Someone has an early version at
https://github.com/Martichou/rquickshare but I only got it working one
way, Linux PC to phone and even that needed disabling the firewall on
the PC. But maybe that'll improve.

Re: Question About Free File Transfering Apps

[gene heskett]

On 5/29/24 13:34, Monte Milanuk wrote:

SyncThing

On 5/29/24 07:07, Carter Zhang wrote:
Are there any free apps for GNU/Linux and Android to share files over 
LAN? There have already been LocalSend, LanXchange, LANDrop, 
NitroShare, Sharik, Warpinator, TrebleShot, but they have respective 
problems.




So does sshfs, but  its free, and it just works. I regularly move <1 to 
60 gigabyte gcode files to my printers with it. The occasional 30 to 60 
gigger gets moved to a pi clone over cat5-6 in 2 to 4 seconds.  I don't 
know why folks think they have to have an ap for something so simple as 
moving a file. sshfs mounts the target device as if its a storage disk. 
But since its ssh based, its also encrypted, making it relatively safe 
from wifi snoopers.  rsync operates much the same but uses checksums to 
verify the copy is verbatum.


Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: Question About Free File Transfering Apps

[Andy Smith]

Hi,

On Wed, May 29, 2024 at 10:07:17PM +0800, Carter Zhang wrote:
> Are there any free apps for GNU/Linux and Android to share files
> over LAN? There have already been LocalSend, LanXchange, LANDrop,
> NitroShare, Sharik, Warpinator, TrebleShot, but they have
> respective problems. 

Your post is woefully short of details.

Which of the above did you like best, despite it not being
sufficient? What was deficient about it?

No one can easily answer your question without knowing what your
requirements are and what problems you faced with the above
solutions.

Depending on what your needs are, the answer is possibly, "not that
we know of."

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: Question About Free File Transfering Apps

[Monte Milanuk]

On 5/29/24 07:58, Curt wrote:

I travel to https://pairdrop.net/ on both devices on the LAN for
the occasional file transfer. There is an Android app, although you
don't need one (merely a browser).



Thanks for that... I may have to set that up with my wife's iPhone.  
Getting her to use SyncThing - or any app outside the Apple ecosystem - 
has been a struggle.  This should make it easier for us to share the 
occasional photo or video!

Re: Question About Free File Transfering Apps

[Monte Milanuk]

SyncThing

On 5/29/24 07:07, Carter Zhang wrote:
Are there any free apps for GNU/Linux and Android to share files over 
LAN? There have already been LocalSend, LanXchange, LANDrop, 
NitroShare, Sharik, Warpinator, TrebleShot, but they have respective 
problems.

Re: Question About Free File Transfering Apps

[Charles Curley]

On Wed, 29 May 2024 22:07:17 +0800
Carter Zhang  wrote:

> but they have respective problems.

We can't advise you very well if we don't know what you think their
respective problems are.

A more important question: What problem would you like to solve?

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: Question About Free File Transfering Apps

[Curt]

On 2024-05-29, Carter Zhang  wrote:
>
> Are there any free apps for GNU/Linux and Android to share files over LAN?
> There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik
>  Warpinator, TrebleShot, but they have respective problems=2E 

I just go to https://pairdrop.net/ on the both devices on the land for
the occasional file transfer.

Newsgroups: gmane.linux.debian.user
From: Curt 
Subject: Re: Question About Free File Transfering Apps
References: <8d2a6e13-9f36-47ed-a2e4-7543b1701...@autistici.org>
Organization: Unorganized
Followup-To: 

On 2024-05-29, Carter Zhang  wrote:
>
> Are there any free apps for GNU/Linux and Android to share files over
> LAN?
> There have already been LocalSend, LanXchange, LANDrop, NitroShare,
> Sharik
>  Warpinator, TrebleShot, but they have respective problems=2E 

I travel to https://pairdrop.net/ on both devices on the LAN for
the occasional file transfer. There is an Android app, although you
don't need one (merely a browser).

https://github.com/schlagmichdoch/pairdrop/blob/master/docs/faq.md

Re: Question About Free File Transfering Apps

[Richard]

KDE connect? That has clients for many systems.

But the question is, what's the issue with the existing solutions? It's
quite a useless task to recommend file transfer apps when they all have the
same issue you try to avoid.

Richard

Re: Question About Free File Transfering Apps

[Hans]

rsync - which is biderectional and uses checksums for correct transfer.

Best

Hans

Re: Question About Free File Transfering Apps

[eben]

On 5/29/24 10:07, Carter Zhang wrote:

Are there any free apps for GNU/Linux and Android to share files over LAN? 
There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, 
Warpinator, TrebleShot, but they have respective problems.


scp / sshd
nc, but you don't get authentication _or_ encryption

--
You can't get a leopard to change his spots... You can explain it care-
fully to the leopard, but it will just sit there lookng at you, knowing
that you are made of meat. After a while it will perhaps kill you.
   Geoffrey Pullum, Language Log (2007-01-04)

Re: Question About Free File Transfering Apps

[Dan Ritter]

Carter Zhang wrote: 
> Are there any free apps for GNU/Linux and Android to share files over LAN? 
> There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, 
> Warpinator, TrebleShot, but they have respective problems. 


On the Debian side, options include:

- SFTP and SCP via SSH
- SMB via samba
- NFS v3 and v4
- various DAV implementations
- SyncThing
- and, although the server is not currently packaged, NextCloud
is reasonably easy to get up and running on Debian stable.

All of these have clients of various kinds on Android and other
systems.

-dsr-

Question About Free File Transfering Apps

[Carter Zhang]

Are there any free apps for GNU/Linux and Android to share files over LAN? 
There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, 
Warpinator, TrebleShot, but they have respective problems. 

signature.asc
Description: PGP signature

Re: And another Dell Vostro 1700 question

[Marco Moock]

Am 20.05.2024 um 12:59:40 Uhr schrieb Van Snyder:

> When I boot, there's junk (mixed graphics and text that seems to be
> out of sync) on one, and the other is dark. When I reboot, it's
> almost the same, except the monitors' roles have switched.
> 
> The graphics chip is NVidia G58M (GeForce 8400M) and the NVidia 340
> driver is running.
> 
> Would the nouveau driver work for the USB monitors?

Try it.
I've already experienced issues with the nouveau driver with multi
cards. It was a 6200TC and the internal Intel HD graphics.
Sometimes graphics card break (memory or GPU issue), but aren't
completely broken. This was especially the case for the older ones.
Many laptops with 7xxx, 8xxx and 9xxx had graphics issues.

-- 
Gruß
Marco

Send unsolicited bulk mail to 1716202780mu...@cartoonies.org

Re: And another Dell Vostro 1700 question

[Dan Ritter]

Van Snyder wrote: 
> I have some DisplayLink e1649Fwu USB monitors.
> 
> When I boot, there's junk (mixed graphics and text that seems to be out
> of sync) on one, and the other is dark. When I reboot, it's almost the
> same, except the monitors' roles have switched.
> 
> Would the nouveau driver work for the USB monitors?

No. The nouveau driver is for NVidia graphics controllers; the
USB monitors have their own on-board graphics controllers, which
are probably not made by NVidia, and certainly don't use the
standard drivers.

-dsr-

And another Dell Vostro 1700 question

[Van Snyder]

This is probably not specific to Dell Vostro.

I have a Dell Vostro 1700 running Debian Trixie.

I have some DisplayLink e1649Fwu USB monitors.

When I boot, there's junk (mixed graphics and text that seems to be out
of sync) on one, and the other is dark. When I reboot, it's almost the
same, except the monitors' roles have switched.

The graphics chip is NVidia G58M (GeForce 8400M) and the NVidia 340
driver is running.

Would the nouveau driver work for the USB monitors?

I tried to run the script for the contributed installer at 
https://github.com/AdnanHodzic/displaylink-debian/blob/master/displaylink-debian.sh
but it ran into version-conflict problems.

Any ideas?

Re: Question about what package to report bug

[Erwan David]

Le 06/03/2024 à 18:19, ke6jti a écrit :

Hi,

I have a possible kernel regression for a usb-dvb tuner card.  I know 
the error in dmesg points to kernel : au0828 but I am not sure what 
package this belongs to.  I think it belongs to v4l(video for linux) 
but I am still not sure what specific v4l package.



Thanks for you help.


apt-file shows au0828.ko comes in the linux-image-* packages. So report 
the bug for the one you use.

Question about what package to report bug

[ke6jti]

Hi,

I have a possible kernel regression for a usb-dvb tuner card.  I know 
the error in dmesg points to kernel : au0828 but I am not sure what 
package this belongs to.  I think it belongs to v4l(video for linux) but 
I am still not sure what specific v4l package.



Thanks for you help.

Re: electrons/the Internet doesn't like question authority niggahs?,oris it that I like to eat raw garlic, ...

[gene heskett]

On 3/5/24 00:34, to...@tuxteam.de wrote:

On Mon, Mar 04, 2024 at 07:44:41PM -0500, gene heskett wrote:

On 3/4/24 11:42, Albretch Mueller wrote:

spend days on end reading, coding and thinking about Math?

[...]
Your traceroute might be your isp throttling things as traceroute demands an
answer from every machine it passes thru to get to the destination. Some
ISP's might frown on that as its a huge traffic burst.


_LINK="https://christuniversity.in/uploads/course/E_21-25_Lateral
Entry(1)_20210618043317.pdf"


This above is busted and will continue to be until you replace the " "
wrapping it up with left & right arrows like: 


Sorry, Gene -- this is nonsense (at several levels).

The quotes (") prevent the shell from splitting the thing into two pieces.
You'll have to make sure to quote the expansion like so "$_LINK" if you
want to prevent it being split again where it's used (e.g. as an arg to
wget or curl, or...)

That hasn't changed.

The angle brackets may quote in very specific contexts (e.g. an email
body). Or they may not. That depends on all the mail handling tidbits
in their way.

For the shell, the angle brackets HAVE A TOTALLY DIFFERENT MEANING
(sorry for raising my voice). They might redirect your stdin/stdout
or kill all kitten in your household, depending on context.

Cheers


I'll summerize, Tomas, it works for me. I use FF as a browser, and 
prefer bash as a shell. Currently t-bird for email but its buggier than 
a 10 day old road kill in the filter to mailbox category. Its a full 
time job keeping the mail filters that sort mail to local stash working 
at a 50% catch rate.  Old school? Guilty.


Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: electrons/the Internet doesn't like question authority niggahs?, oris it that I like to eat raw garlic, ...

[tomas]

On Mon, Mar 04, 2024 at 07:44:41PM -0500, gene heskett wrote:
> On 3/4/24 11:42, Albretch Mueller wrote:
> > spend days on end reading, coding and thinking about Math?
> [...]
> Your traceroute might be your isp throttling things as traceroute demands an
> answer from every machine it passes thru to get to the destination. Some
> ISP's might frown on that as its a huge traffic burst.
> 
> > _LINK="https://christuniversity.in/uploads/course/E_21-25_Lateral
> > Entry(1)_20210618043317.pdf"
> 
> This above is busted and will continue to be until you replace the " "
> wrapping it up with left & right arrows like: 

Sorry, Gene -- this is nonsense (at several levels).

The quotes (") prevent the shell from splitting the thing into two pieces.
You'll have to make sure to quote the expansion like so "$_LINK" if you
want to prevent it being split again where it's used (e.g. as an arg to
wget or curl, or...)

That hasn't changed.

The angle brackets may quote in very specific contexts (e.g. an email
body). Or they may not. That depends on all the mail handling tidbits
in their way.

For the shell, the angle brackets HAVE A TOTALLY DIFFERENT MEANING
(sorry for raising my voice). They might redirect your stdin/stdout
or kill all kitten in your household, depending on context.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: electrons/the Internet doesn't like question authority niggahs?, oris it that I like to eat raw garlic, ...

[gene heskett]

On 3/4/24 11:42, Albretch Mueller wrote:

spend days on end reading, coding and thinking about Math?

[...]
Your traceroute might be your isp throttling things as traceroute 
demands an answer from every machine it passes thru to get to the 
destination. Some ISP's might frown on that as its a huge traffic burst.



_LINK="https://christuniversity.in/uploads/course/E_21-25_Lateral
Entry(1)_20210618043317.pdf"


This above is busted and will continue to be until you replace the " " 
wrapping it up with left & right arrows like:  
which unless your email agent is truly Jurassic, will protect the link 
from line wrapping. It can then be wrapped in transit and still work. It 
has been a std for 2 decades or more.


[...]

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: electrons/the Internet doesn't like question authority niggahs?, or is it that I like to eat raw garlic, ...

[Albretch Mueller]

On 3/4/24, Andy Smith  wrote:
> Please could you rephrase your entire email to only contain
> coherent, direct questions at least tenuously about Debian.

 I am downloading one by one a bunch of (relatively small) documents I
need (I work on corpora research) and the critical part of my bash
script looks like:

   wget --no-check-certificate --server-response --no-verbose
--continue --user-agent="${ua}" --keep-session-cookies --execute
robots=off --waitretry=1 --tries=5  --output-document="${opdf}"
--output-file="${log}" "${pdf}"
   if [[ $? -ne 0 ]]; then
echo "// __ [$_ix/$_lns): ${pdf}|${dmn}_${bn}| *~ download failed"
 >> "${failed_log}" 2>&1
ping="${odir}/${dmn}_${dt}_ping.txt"; time ( ping -c 4 "${dmn}" >
"${ping}" 2>&1 ) >> "${ping}" 2>&1
trace="${odir}/${dmn}_${dt}_traceroute.txt"; time( sudo traceroute
--debug --tcp "${dmn}" > "${trace}" 2>&1 ) >> "${trace}" 2>&1
dig="${odir}/${dmn}_${dt}_dig.txt"; time ( dig +time=5 "${dmn}" >
"${dig}" 2>&1 ) >> "${dig}" 2>&1
   fi

 Most connections attempts are either missed or dropped even though I
am testing first that the data is there. Maybe you know a better way
you would share?
 When I use brave/private/TOR (which apparently uses its own DNS
strategy) things become a lot less problematic (even if noticeably
slower than it already is), so it seems I may have to run brave
through Selenium ...
 I have never been able to see a traceroute log in all its integrity.
I would not go:
 sudo service networking restart
 after every traceroute run, because I am using my employers Internet
and I don't want to risk "electrons" getting even angrier with me.
 lbrtchx

Re: electrons/the Internet doesn't like question authority niggahs?, or is it that I like to eat raw garlic, ...

[David Christensen]

On 3/4/24 08:37, Albretch Mueller wrote:





Yes, networking problems are infuriating.



Something that shouldn't be happening at all is that after I use
traceroute once, it doesn't work again and my Internet access speed
describes like a sinus curve which amplitude remains for the most part
under 16KiB per second and for more than one second as 0B per second.

_LINK="https://christuniversity.in/uploads/course/E_21-25_Lateral
Entry(1)_20210618043317.pdf"



I have AT Internet service in Tracy, California.


My daily driver is:

2024-03-04 10:47:12 dpchrist@laalaa ~
$ cat /etc/debian_version ; uname -a
11.9
Linux laalaa 5.10.0-28-amd64 #1 SMP Debian 5.10.209-2 (2024-01-31) 
x86_64 GNU/Linux



When I click the above link in my mail client (Thunderbird), my browser 
(Firefox) attempts to open the URL.  But, the URL is mangled by mail 
client line wrap and/or indentation (?), and the connection times out:


https://christuniversity.in/uploads/course/E_21-25_Lateral

An error occurred during a connection to christuniversity.in.

The site could be temporarily unavailable or too busy. Try again in 
a few moments.
If you are unable to load any pages, check your computer’s network 
connection.
If your computer or network is protected by a firewall or proxy, 
make sure that Firefox is permitted to access the web.



The following URL's also time out (see DNS comments, below):

http://christuniversity.in/
http://103.105.225.131/
http://111.93.136.229/

https://christuniversity.in/
https://103.105.225.131/
https://111.93.136.229/



  1) is the file actually there?:

wget -q --spider "${_LINK}"; _WGETQ=$?



I refrain from spidering web sites -- being blackholed is not good.



$ ls -l /etc/resolv.conf
-rw-r--r-- 1 root root 204 Mar  3 18:59 /etc/resolv.conf



2024-03-04 10:50:49 dpchrist@laalaa ~
$ ls -l /etc/resolv.conf
-rw-r--r-- 1 root root 83 Mar  4 09:50 /etc/resolv.conf



$ cat /etc/resolv.conf
# Generated by NetworkManager
# nameserver 192.168.1.254
# nameserver 192.168.68.1

# https://serverfault.com/questions/76421/wget-cant-resolve-host
# RED 2013-03-31
nameserver 8.8.8.8
nameserver 8.8.4.4



2024-03-04 10:51:32 dpchrist@laalaa ~
$ cat /etc/resolv.conf
# Generated by NetworkManager
search tracy.holgerdanske.com
nameserver 192.168.5.1


I believe Debian rewrites /etc/resolv.conf on every boot.


Hard coding Google Public DNS servers should work, but letting your 
gateway do it for your LAN is easier to manage, is faster, and conserves 
WAN bandwidth.  I would revert your changes.



And, Google is watching you.


STFW for DNS privacy:

https://avoidthehack.com/best-dns-privacy


I think I will configure my gateway to use Quad9:

https://www.quad9.net/service/locations/


The next level up would be DNS over TLS (DoT), DNS over HTTPS (DoH), 
DNSCrypt, etc.:


https://en.wikipedia.org/wiki/DNS_over_TLS



$ ls -l /etc/nsswitch.conf
-rw-r--r-- 1 root root 613 Mar  3 12:57 /etc/nsswitch.conf



2024-03-04 10:52:04 dpchrist@laalaa ~
$ ls -l /etc/nsswitch.conf
-rw-r--r-- 1 root root 542 Jan  9  2022 /etc/nsswitch.conf



$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd: files
group:  files
shadow: files
gshadow:files

#hosts:  files mdns4_minimal [NOTFOUND=return] dns myhostname

hosts:  files dns mdns4_minimal [NOTFOUND=return] dns myhostname

networks:   files

protocols:  db files
services:   db files
ethers: db files
rpc:db files

netgroup:   nis



2024-03-04 10:56:37 dpchrist@laalaa ~
$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd: files systemd
group:  files systemd
shadow: files
gshadow:files

hosts:  files mdns4_minimal [NOTFOUND=return] dns
networks:   files

protocols:  db files
services:   db files
ethers: db files
rpc:db files

netgroup:   nis


It appears my /etc/nsswitch.conf has not been touched since 
installation.  I would revert your changes.




; <<>> DiG 9.18.19-1~deb12u1-Debian <<>> +time christuniversity.in
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49715
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;christuniversity.in.   IN  A

;; ANSWER SECTION:
christuniversity.in.60  IN  A   103.105.225.131
christuniversity.in.60  I

Re: electrons/the Internet doesn't like question authority niggahs?, or is it that I like to eat raw garlic, ...

[Andy Smith]

Hi,

On Mon, Mar 04, 2024 at 10:37:28AM -0600, Albretch Mueller wrote:
> spend days on end reading, coding and thinking about Math?

Please could you rephrase your entire email to only contain
coherent, direct questions at least tenuously about Debian.

If this results in an empty email, this is an indication that this
mailing list was not the correct place to send it to in the first
place.

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

electrons/the Internet doesn't like question authority niggahs?, or is it that I like to eat raw garlic, ...

[Albretch Mueller]

spend days on end reading, coding and thinking about Math?

As part of turning society/the world as a whole into an "all tangible
things" panopticon they have turned the Internet into a
"freedom-loving" gulag for which they are even using "AI"; so, they
don’t even need to use V-Leute. Those minitrue folks are so smart!

Something that shouldn't be happening at all is that after I use
traceroute once, it doesn't work again and my Internet access speed
describes like a sinus curve which amplitude remains for the most part
under 16KiB per second and for more than one second as 0B per second.

_LINK="https://christuniversity.in/uploads/course/E_21-25_Lateral
Entry(1)_20210618043317.pdf"

 1) is the file actually there?:

wget -q --spider "${_LINK}"; _WGETQ=$?
echo "// __ \$_WGETQ: |$_WGETQ|"

echo "// __ $_WGETQ: |0|"

 2) As one of the recommendations I found which might relate to this
problematic:

$ ls -l /etc/resolv.conf
-rw-r--r-- 1 root root 204 Mar  3 18:59 /etc/resolv.conf
$

$ cat /etc/resolv.conf
# Generated by NetworkManager
# nameserver 192.168.1.254
# nameserver 192.168.68.1

# https://serverfault.com/questions/76421/wget-cant-resolve-host
# RED 2013-03-31
nameserver 8.8.8.8
nameserver 8.8.4.4
$

$ ls -l /etc/nsswitch.conf
-rw-r--r-- 1 root root 613 Mar  3 12:57 /etc/nsswitch.conf
$

$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd: files
group:  files
shadow: files
gshadow:files

#hosts:  files mdns4_minimal [NOTFOUND=return] dns myhostname

hosts:  files dns mdns4_minimal [NOTFOUND=return] dns myhostname

networks:   files

protocols:  db files
services:   db files
ethers: db files
rpc:db files

netgroup:   nis

 3) dig, ping, traceroute and wget log:

$ ls -l christuniversity.in_*.*
-rwxrwxrwx 1 user user  617 Mar  4 05:42
christuniversity.in_20240304112021.846262299_dig.txt
-rwxrwxrwx 1 user user  219 Mar  4 05:42
christuniversity.in_20240304112021.846262299_ping.txt
-rwxrwxrwx 1 user user 1081 Mar  4 05:42
christuniversity.in_20240304112021.846262299_traceroute.txt
-rwxrwxrwx 1 user user  522 Mar  4 05:42
'christuniversity.in_EComp_21-25_Lateral
Entry1_20210618043317_20240304112021.846262299_wget.log'
-rwxrwxrwx 1 user user0 Mar  4 05:20
'christuniversity.in_EComp_21-25_Lateral Entry1_20210618043317.pdf'
$

// __ christuniversity.in_20240304112021.846262299_dig.txt


; <<>> DiG 9.18.19-1~deb12u1-Debian <<>> +time christuniversity.in
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49715
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;christuniversity.in.   IN  A

;; ANSWER SECTION:
christuniversity.in.60  IN  A   103.105.225.131
christuniversity.in.60  IN  A   111.93.136.229

;; Query time: 327 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
;; WHEN: Mon Mar 04 05:42:58 CST 2024
;; MSG SIZE  rcvd: 80


real0m0.428s
user0m0.040s
sys 0m0.046s

// __ christuniversity.in_20240304112021.846262299_ping.txt

PING christuniversity.in (103.105.225.131) 56(84) bytes of data.

--- christuniversity.in ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3080ms


real0m13.445s
user0m0.000s
sys 0m0.015s

// __ christuniversity.in_20240304112021.846262299_traceroute.txt

traceroute to christuniversity.in (111.93.136.229), 30 hops max, 60 byte packets
 1  _gateway (192.168.68.1)  16.964 ms  15.714 ms  17.508 ms
 2  * 192.168.1.254 (192.168.1.254)  18.381 ms *
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  ix-be-39.ecore1.ct8-chicago.as6453.net (66.198.27.4)  64.819 ms
64.547 ms  64.685 ms
10  if-ae-44-2.tcore1.ct8-chicago.as6453.net (63.243.129.56)  80.053
ms  81.180 ms  85.409 ms
11  if-ae-26-2.tcore3.nto-newyork.as6453.net (216.6.81.28)  86.478 ms
*  81.806 ms
12  if-ae-34-14.tcore4.njy-newark.as6453.net (66.198.111.26)  81.795
ms if-ae-34-15.tcore4.njy-newark.as6453.net (66.198.111.58)  84.297 ms
 82.801 ms
13  if-ae-1-3.tcore3.njy-newark.as6453.net (216.6.57.5)  97.965 ms
88.660 ms  89.184 ms
14  66.198.70.10 (66.198.70.10)  306.240 ms *  301.191 ms
15  * * *
16  * * *
17  * * *
18  111.93.136.229 (111.93.136.229)  307.868 ms  313.512 ms  306.604 ms
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

real0m21.725s
user0m0.016s
sys 0m0.025s

// __'christuniversity.in_EComp_21-25_Lateral
Entry1_20210618043317_20240304112021.846262299_wget.log'

failed: Connection tim

Re: Generic Linux / clib question

[tomas]

On Sat, Feb 10, 2024 at 08:45:32AM +0100, Thomas Schmitt wrote:
> Hi,
> 
> Greg Wooledge wrote:
> > > The readline library is released under the full GPL, not the LGPL.  If
> > > you dynamically link it with a program, then you can only release that
> > > program under terms compatible with the GPL.  This is an intentional
> > > choice.
> 
> to...@tuxteam.de wrote:
> > Practically it doesn't change much, but for some lawyer at Intel it might.
> 
> A substantial problem can be that libreadline became "GPLv3 or later" a
> few years ago and that GPLv3 is not compatible with GPLv2-only (i.e. not
> "or later"). The main reason is in the patent-fighting restrictions in
> GPLv3, which would be forbidden extra restrictions under GPLv2.

Yep, thanks for pointing that out. The "main" program would then have to
be GPLv3 compatible. There's no perfect world, sigh.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: Generic Linux / clib question

[Thomas Schmitt]

Hi,

Greg Wooledge wrote:
> > The readline library is released under the full GPL, not the LGPL.  If
> > you dynamically link it with a program, then you can only release that
> > program under terms compatible with the GPL.  This is an intentional
> > choice.

to...@tuxteam.de wrote:
> Practically it doesn't change much, but for some lawyer at Intel it might.

A substantial problem can be that libreadline became "GPLv3 or later" a
few years ago and that GPLv3 is not compatible with GPLv2-only (i.e. not
"or later"). The main reason is in the patent-fighting restrictions in
GPLv3, which would be forbidden extra restrictions under GPLv2.

So at best this causes "GPLv2 or later" programs to become "GPLv3 or later",
like the Debian binary of xorriso. At worst you would have a license clash
and would have to resort to e.g. libedit. (Not what the FSF would like.)


> The gist is that, if the user is the one doing the last linking step,
> all is fine. She's allowed anything.

She's allowed to use it but not to give it to others without obeying the
demands and restrictions of GPL.

Personally i would be ok with a more liberal use of my GPL'ed software.
But the official stance of the FSF is that the license applies on first
contact. In case of libreadline this would the line
  #include 
and as next occasion the preparations of the compiler and linker to employ
libreadline.so at run time.


Have a nice day :)

Thomas

Re: Generic Linux / clib question

[tomas]

On Fri, Feb 09, 2024 at 06:36:18PM -0500, Greg Wooledge wrote:

[...]

> The readline library is released under the full GPL, not the LGPL.  If
> you dynamically link it with a program, then you can only release that
> program under terms compatible with the GPL.  This is an intentional
> choice.
> 
> I don't know anything about those two programs, but if they aren't already
> being released under the GPL, I doubt Intel would choose to do it just to
> add readline support.

Nitpick: "...they aren't being released under a GPL compatible license and
the lawyers at Intel don't mind the linking result to become GPL".

Practically it doesn't change much, but for some lawyer at Intel it might.

Actually there is at least one well-known example [1] for this: libpq.

The gist is that, if the user is the one doing the last linking step,
all is fine. She's allowed anything.

Cheers

[1] https://postgrespro.com/list/thread-id/1596439
-- 
tomás


signature.asc
Description: PGP signature

Re: Generic Linux / clib question

[Greg Wooledge]

On Fri, Feb 09, 2024 at 03:20:46PM -0800, Van Snyder wrote:
> On Fri, 2024-02-09 at 17:37 -0500, Greg Wooledge wrote:
> > On Fri, Feb 09, 2024 at 02:30:54PM -0800, Van Snyder wrote:
> > > Years ago, I knew the name of the routines one could use to have some
> > > stdin history and be able to edit it, like you can do in XTerm or
> > > gnuplot or 
> > > 
> > > I can't remember them now, or find them.
> > 
> > I think you're talking about the readline library, which is used by bash
> > (I assume that's what you meant by "XTerm") and some other programs.
> > 
> > What, exactly, are you trying to do?
> 
> I'm hoping to convince Intel to add it to the stdin runtime support for
> ifx and ifort Fortran compilers.

The readline library is released under the full GPL, not the LGPL.  If
you dynamically link it with a program, then you can only release that
program under terms compatible with the GPL.  This is an intentional
choice.

I don't know anything about those two programs, but if they aren't already
being released under the GPL, I doubt Intel would choose to do it just to
add readline support.

You might have better results advocating for libedit, as Thomas suggested.

Or, if your *actual goal* is to have better editing in these programs
for your own *personal* use, rather than changing the world, maybe you
could just run them under the rlwrap program.

unicorn:~$ apt-cache show rlwrap
[...]
Description-en: readline feature command line wrapper
 This package provides a small utility that uses the GNU readline library
 to allow the editing of keyboard input for any other command.  Input
 history is remembered across invocations, separately for each command;
 history completion and search work as in bash and completion word lists
 can be specified on the command line.

Re: Generic Linux / clib question

[Van Snyder]

On Fri, 2024-02-09 at 17:37 -0500, Greg Wooledge wrote:
> On Fri, Feb 09, 2024 at 02:30:54PM -0800, Van Snyder wrote:
> > Years ago, I knew the name of the routines one could use to have some
> > stdin history and be able to edit it, like you can do in XTerm or
> > gnuplot or 
> > 
> > I can't remember them now, or find them.
> 
> I think you're talking about the readline library, which is used by bash
> (I assume that's what you meant by "XTerm") and some other programs.
> 
> What, exactly, are you trying to do?

I'm hoping to convince Intel to add it to the stdin runtime support for
ifx and ifort Fortran compilers.

Re: Generic Linux / clib question

[Thomas Schmitt]

Hi,

Van Snyder wrote:
> Years ago, I knew the name of the routines one could use to have some stdin
> history and be able to edit it, like you can do in XTerm or gnuplot or 

Sounds like readline:
  https://en.wikipedia.org/wiki/GNU_Readline
  https://tracker.debian.org/pkg/readline

An alternative with BSD license is libedit:
  https://tracker.debian.org/pkg/libedit


Have a nice day :)

Thomas

Re: Generic Linux / clib question

[Greg Wooledge]

On Fri, Feb 09, 2024 at 02:30:54PM -0800, Van Snyder wrote:
> Years ago, I knew the name of the routines one could use to have some
> stdin history and be able to edit it, like you can do in XTerm or
> gnuplot or 
> 
> I can't remember them now, or find them.

I think you're talking about the readline library, which is used by bash
(I assume that's what you meant by "XTerm") and some other programs.

What, exactly, are you trying to do?

Generic Linux / clib question

[Van Snyder]

Years ago, I knew the name of the routines one could use to have some
stdin history and be able to edit it, like you can do in XTerm or
gnuplot or 

I can't remember them now, or find them.

Does anybody know the names?

Thanks,
Van Snyder

Re: find question

[Greg Wooledge]

On Sun, Jan 14, 2024 at 12:25:03AM +1300, Richard Hector wrote:
> Except that from the man page, -delete implies -depth. Maybe that's a
> GNUism; I don't know.

Oh, maybe that's new?  I'm not sure.  Anyway, yeah, -delete is a GNUism.
POSIX find doesn't have it at all.

> That leaves the question: When using -delete (and -depth), does the deletion
> of files within a directory update the mtime of that directory, thereby
> rendering the directory inelegible for deletion when it would have been
> before? Or is the mtime of that directory recorded before the contents are
> processed?
> 
> I just did a quick test (using -mmin -1 instead), and it did delete the
> whole lot.

I don't know the answer to that.  Even in the worst case, though, you'd
just have an empty directory sitting around until some future run of
the cleanup script.  It would eventually be removed.

On the other hand, it might Just Work as you desire.

> So I'm still unclear why sometimes the top-level directory (or a directory
> within it) gets left behind. I've just noticed that one of the directories
> (not the one in $dir) contains a '@' symbol; I don't know if that affects
> it?

find should not care about the characters in the directory name.

> I'm tempted to avoid the problem by only using find for the top-level
> directory, and exec'ing "rm -r(f)" on it. I'm sure you'll tell me there are
> problems with that, too :-)

You never said that was an allowed solution. ;-)  The only drawback
to that solution would be if you didn't *want* to remove the entire
directory recursively.  If a directory has a timestamp that makes it
eligible for cleanup, but some file down inside it does not, do you
want to remove that file anyway?  If so, then sure, -exec rm -rf {} +
will get it done.

Re: find question

[Richard Hector]

On 30/12/23 01:27, Greg Wooledge wrote:

On Fri, Dec 29, 2023 at 10:56:52PM +1300, Richard Hector wrote:

find $dir -mtime +7 -delete


"$dir" should be quoted.


Got it, thanks.


Will that fail to delete higher directories, because the deletion of files
updated the mtime?

Or does it get all the mtimes first, and use those?


It doesn't delete directories recursively.

unicorn:~$ mkdir -p /tmp/foo/bar
unicorn:~$ touch /tmp/foo/bar/file
unicorn:~$ find /tmp/foo -name bar -delete
find: cannot delete ‘/tmp/foo/bar’: Directory not empty


Understood.


But I suppose you're asking "What if it deletes both the file and the
directory, because they both qualify?"

In that case, you should use the -depth option, so that it deletes
the deepest items first.

unicorn:~$ find /tmp/foo -depth -delete
unicorn:~$ ls /tmp/foo
ls: cannot access '/tmp/foo': No such file or directory

Without -depth, it would try to delete the directory first, and that
would fail because the directory's not empty.

-depth must appear AFTER the pathnames, but BEFORE any other arguments
such as -mtime or -name.


Except that from the man page, -delete implies -depth. Maybe that's a 
GNUism; I don't know.



And how precise are those times? If I'm running a cron job that deletes
7-day-old directories then creates a new one less than a second later, will
that reliably get the stuff that's just turned 7 days old?


The POSIX documentation describes it pretty well:

-mtime n  The primary shall evaluate as true if the  file  modification
  time  subtracted  from  the  initialization  time, divided by
  86400 (with any remainder discarded), is n.

To qualify for -mtime +7, a file's age as calculated above must be at
least 8 days.  (+7 means more than 7.  It does not mean 7 or more.)


So 7 days and one second doesn't count as "more than 7 days"? It 
truncates the value to integer days before comparing?


Ah, yes, I see that now under -atime. Confusing. Thanks for pushing me 
to investigate :-)



It's not uncommon for the POSIX documentation of a command to be superior
to the GNU documentation of that same command, especially a GNU man page.
GNU info pages are often better, but GNU man pages tend to be lacking.


Understood, thanks. Though it might be less correct where GNUisms exist.

That leaves the question: When using -delete (and -depth), does the 
deletion of files within a directory update the mtime of that directory, 
thereby rendering the directory inelegible for deletion when it would 
have been before? Or is the mtime of that directory recorded before the 
contents are processed?


I just did a quick test (using -mmin -1 instead), and it did delete the 
whole lot.


So I'm still unclear why sometimes the top-level directory (or a 
directory within it) gets left behind. I've just noticed that one of the 
directories (not the one in $dir) contains a '@' symbol; I don't know if 
that affects it?


I'm tempted to avoid the problem by only using find for the top-level 
directory, and exec'ing "rm -r(f)" on it. I'm sure you'll tell me there 
are problems with that, too :-)


Apologies for the slow response - sometimes the depression kicks in and 
I don't get back to a problem for a while :-(


Cheers,
Richard

Re: nftables firewall question: matching udp in ipv6

[Michel Verdier]

On 2024-01-12, Ralph Aichinger wrote:

> I "only" have to find out what mechanism adds the lower, en2 default
> route within a few minutes, once I delete it. I ran "radvdump", but
> that only dumped the correct announcement my provider sends for the
> net over the PPPoE connection. Hm.
>
> Thanks everybody, of course hints on how to find out what's adding
> default routes would also be appreciated ;)

It depends on how you setup your network. If you only use ifupdown (and
it is better for a server) look in /etc/network/interfaces and
/etc/network/interfaces.d/* for "gateway" stances

Re: nftables firewall question: matching udp in ipv6

[Ralph Aichinger]

On Fri, Jan 12, 2024 at 07:35:14PM +0100, Michel Verdier wrote:
>   meta l4proto udp log level info prefix "udp" accept

Thanks for that, and thanks to Michael Kjörling, your replies really
helped.

I found log lines similar to:

2024-01-12T19:51:32.999346+01:00 pi kernel: [3401524.305759] 
ralphfilterudpIN=en2 OUT=en2 MAC=08:00:1e:02:00:02:6c:cf:39:00:42:f4:86:dd 
SRC=2a02:0ab8:redacted DST=2a00:63c1:redacted LEN=96 TC=0 HOPLIMIT=63 
FLOWLBL=279176 PROTO=UDP SPT=40840 DPT=123 LEN=56 

with interestingly IN and OUT interfaces the same en2 (=dmz). And to my 
surprise, I
found a double IPv6 default route:

default via fe80::e25f:b9ff:fe1e:a100 dev ppp0 proto ra metric 1024 expires 
1791sec hoplimit 64 pref medium
default via fe80::a00:1eff:fe01:0 dev en2 proto ra metric 1024 expires 1588sec 
hoplimit 64 pref medium

Now I don't understand why pings/ICMP and tcp traffic seem to decide for
the correct route via ppp0 and only udp sems to prefer the one via en2,
but when I delete it, everything works. So while nftables might still 
contain some problematic stuff, at the core of my problem seems to be
routing.

I "only" have to find out what mechanism adds the lower, en2 default
route within a few minutes, once I delete it. I ran "radvdump", but
that only dumped the correct announcement my provider sends for the
net over the PPPoE connection. Hm.

Thanks everybody, of course hints on how to find out what's adding
default routes would also be appreciated ;)

Ralph

Re: nftables firewall question: matching udp in ipv6

[Michel Verdier]

On 2024-01-12, Ralph Aichinger wrote:

> If I insert the following rule at the bottom, everything starts to
> work:
>
> meta l4proto  udp  accept

Add log to see what would be dropped:

  meta l4proto udp log level info prefix "udp" accept

Provide "nft list ruleset" to better see what nft understands.

I suppose your udp is not "established" to not be accepted. Perhaps
something in your nat that breaks "established" ?

Re: nftables firewall question: matching udp in ipv6

[Ralph Aichinger]

On Fri, Jan 12, 2024 at 05:26:57PM +, Michael Kjörling wrote:
> My suggestion would be to insert a "udp log" rule. (Pretty sure you
> only need "udp", not "meta l4proto udp".)
  
Thanks,  I will try that. Yes "meta l4proto udp" might be cargo 
cult configuration ;)

> That will give you a firehose of information which will include ports,
> interfaces and other relevant information. You can then narrow it down
> until it logs the traffic you want to accept, at which point you can
> change the "log" action into an "accept" action.
> 
> Note that forwarding and filtering can interact in non-intuitive ways.
> You may need to add corresponding log rules to each relevant chain,
> maybe with a prefix to tell them apart.
  
Thanks a lot!

Ralph

Re: nftables firewall question: matching udp in ipv6

[Michael Kjörling]

On 12 Jan 2024 16:19 +0100, from r...@h5.or.at (Ralph Aichinger):
> If I insert the following rule at the bottom, everything starts to
> work:
> 
> meta l4proto  udp  accept
> 
> but I don't know how to limit this over broad rule (so it does not
> forward UDP to the internal network on en0, which I do not want). 

My suggestion would be to insert a "udp log" rule. (Pretty sure you
only need "udp", not "meta l4proto udp".)

That will give you a firehose of information which will include ports,
interfaces and other relevant information. You can then narrow it down
until it logs the traffic you want to accept, at which point you can
change the "log" action into an "accept" action.

Note that forwarding and filtering can interact in non-intuitive ways.
You may need to add corresponding log rules to each relevant chain,
maybe with a prefix to tell them apart.

-- 
Michael Kjörling  https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

Re: nftables firewall question: matching udp in ipv6

[Ralph Aichinger]

On Fri, Jan 12, 2024 at 03:52:46PM +, Tom Furie wrote:
> other input/output rules that are interfering, but since you've abridged
> your ruleset we have no way of knowing.

Sorry, wanted to include the full rulest an forgot. I've still have left
off the "table ip nat" and "table ip filter" chains, I hope this is OK.


#!/usr/sbin/nft -f

flush ruleset

table ip nat {
...
}

table ip filter {
...
}

table ip6 filter {
chain input {
type filter hook input priority 0; policy drop;
ct state invalid counter drop comment "early drop of invalid 
packets"
ct state {established, related} counter accept comment "accept 
all connections related to connections made by us"
iif lo accept comment "accept loopback"
iif != lo ip6 daddr ::1/128 counter drop comment "drop 
connections to loopback not coming from loopback"
meta l4proto ipv6-icmp counter accept comment "accept all ICMP 
types"
tcp dport 22 counter accept comment "accept SSH"
tcp dport 25 counter accept comment "accept SMTP"
tcp dport 53 counter accept comment "accept DNS"
udp dport 53 counter accept comment "accept DNS"
tcp dport 80 counter accept comment "accept HTTP"
tcp dport 443 counter accept comment "accept HTTPS"
counter comment "count dropped packets"
}


chain forward {
type filter hook forward priority 0; policy drop;

iifname ppp0 oifname en0 ct state established,related accept
iifname en0 oifname ppp0 accept

iifname en2 oifname ppp0 accept
iifname ppp0 oifname en2 accept

iifname en0 oifname en2 accept
iifname en2 oifname en0 ct state established,related accept

meta l4proto ipv6-icmp accept

}
}

Re: nftables firewall question: matching udp in ipv6

[Ralph Aichinger]

On Fri, Jan 12, 2024 at 03:52:46PM +, Tom Furie wrote:
> Where is the DNS server the dmz host is resolving against? In your dmz,
> your internal network, on the firewall machine, outside? You may have
> other input/output rules that are interfering, but since you've abridged
> your ruleset we have no way of knowing.

 
I've tried this with the public Gooogle DNS 2001:4860:4860::. The
behaviour seems consistent: If I try to resolve names over UDP with the
first ruleset I posted, it fails. If I try DNS over TCP (by using 
nslookup with the "-vc" option, it works.

Thanks,
Ralph

Re: nftables firewall question: matching udp in ipv6

[Tom Furie]

Ralph Aichinger  writes:

> I am currently fighting with the following problem: I've got a system
> that has 3 relevant interfaces: ppp0, en0 and en2, for external,
> internal and dmz respectively. 
>
> The dmz is IPv6 only, a homelab testbed more or less.
>
> I've got the follwing rules in /etc/nftables.conf for ipv6 (i am
> abreviating the chain input, because i am only fighting with
> forwarding):
>
> table ip6 filter {
> chain input {
> ...
> }
>
> 
> chain forward {
>   type filter hook forward priority 0; policy drop;
>
>   iifname ppp0 oifname en0 ct state established,related accept
>   iifname en0 oifname ppp0 accept
> 
>   iifname en2 oifname ppp0 accept
>   iifname ppp0 oifname en2 accept
>
>   iifname en0 oifname en2 accept
>   iifname en2 oifname en0 ct state established,related accept
>
>   meta l4proto ipv6-icmp accept
>  
>
> }
> }
>
> What does not work, and this puzzles me, is that UDP does not work. 
> E.g. if I lookup a DNS name in my dmz (connected to en2), I see no
> udp packets if i start tcpdump on the external interface ppp0. I see
> them entering on en2. 
>
Where is the DNS server the dmz host is resolving against? In your dmz,
your internal network, on the firewall machine, outside? You may have
other input/output rules that are interfering, but since you've abridged
your ruleset we have no way of knowing.

nftables firewall question: matching udp in ipv6

[Ralph Aichinger]

Hello!

I am currently fighting with the following problem: I've got a system
that has 3 relevant interfaces: ppp0, en0 and en2, for external,
internal and dmz respectively. 

The dmz is IPv6 only, a homelab testbed more or less.

I've got the follwing rules in /etc/nftables.conf for ipv6 (i am
abreviating the chain input, because i am only fighting with
forwarding):

table ip6 filter {
chain input {
...
}


chain forward {
  type filter hook forward priority 0; policy drop;

  iifname ppp0 oifname en0 ct state established,related accept
  iifname en0 oifname ppp0 accept

  iifname en2 oifname ppp0 accept
  iifname ppp0 oifname en2 accept

  iifname en0 oifname en2 accept
  iifname en2 oifname en0 ct state established,related accept

  meta l4proto ipv6-icmp accept
 

}
}

This "almost" works: I can do everything I want from my internal
network (connected to en0) towards the outside, and tcp connections
from and to the dmz also work. Ping works everywhere.

What does not work, and this puzzles me, is that UDP does not work. 
E.g. if I lookup a DNS name in my dmz (connected to en2), I see no
udp packets if i start tcpdump on the external interface ppp0. I see
them entering on en2. 

Why does UDP bevave differently from TCP here? Is this an nftables or
ipv6 specific gotcha?

If I insert the following rule at the bottom, everything starts to
work:

meta l4proto  udp  accept

but I don't know how to limit this over broad rule (so it does not
forward UDP to the internal network on en0, which I do not want). 
trying e.g. 

iifname en2 oifname ppp0 meta l4proto  udp  accept
iifname ppp0 oifname en0 meta l4proto  udp  accept

did not work either, ad behaved like my initial setup described on top.

Any hints for me?
TIA
Ralph 

Re: find question

[Greg Wooledge]

On Fri, Dec 29, 2023 at 10:56:52PM +1300, Richard Hector wrote:
> find $dir -mtime +7 -delete

"$dir" should be quoted.

> Will that fail to delete higher directories, because the deletion of files
> updated the mtime?
> 
> Or does it get all the mtimes first, and use those?

It doesn't delete directories recursively.

unicorn:~$ mkdir -p /tmp/foo/bar
unicorn:~$ touch /tmp/foo/bar/file
unicorn:~$ find /tmp/foo -name bar -delete
find: cannot delete ‘/tmp/foo/bar’: Directory not empty

But I suppose you're asking "What if it deletes both the file and the
directory, because they both qualify?"

In that case, you should use the -depth option, so that it deletes
the deepest items first.

unicorn:~$ find /tmp/foo -depth -delete
unicorn:~$ ls /tmp/foo
ls: cannot access '/tmp/foo': No such file or directory

Without -depth, it would try to delete the directory first, and that
would fail because the directory's not empty.

-depth must appear AFTER the pathnames, but BEFORE any other arguments
such as -mtime or -name.

> And how precise are those times? If I'm running a cron job that deletes
> 7-day-old directories then creates a new one less than a second later, will
> that reliably get the stuff that's just turned 7 days old?

The POSIX documentation describes it pretty well:

   -mtime n  The primary shall evaluate as true if the  file  modification
 time  subtracted  from  the  initialization  time, divided by
 86400 (with any remainder discarded), is n.

To qualify for -mtime +7, a file's age as calculated above must be at
least 8 days.  (+7 means more than 7.  It does not mean 7 or more.)

It's not uncommon for the POSIX documentation of a command to be superior
to the GNU documentation of that same command, especially a GNU man page.
GNU info pages are often better, but GNU man pages tend to be lacking.

find question

[Richard Hector]

Hi all,

When using:

find $dir -mtime +7 -delete

Will that fail to delete higher directories, because the deletion of 
files updated the mtime?


Or does it get all the mtimes first, and use those?

And how precise are those times? If I'm running a cron job that deletes 
7-day-old directories then creates a new one less than a second later, 
will that reliably get the stuff that's just turned 7 days old? Or will 
there be a race condition depending on how quickly cron starts the 
script, which could be different each time?


Is there a better way to do this?

Cheers,
Richard

Re: Question de Noël

[Sébastien Dinot]

Bonjour à tous,

didier gaumet a écrit :
> Donc globalement pas de dysfonctionnement avec Wayland si on emploie
> un bureau vraiment prévu pour (Gnome, peut-être KDE de nos jours (je
> connais mal)).

L'expérience m'a malheureusement montré le contraire. J'ai acheté en
juin 2023 un mini PC mis sur le marché par Intel à l'automne 2022 (Intel
NUC 12 Pro NUC12WSHi7). J'ai installé sur cette machine une Bookworm
avec son environnement graphique par défaut (wayland, GDM, Gnome) ainsi
que le paquet firmware-misc-nonfree.

GDM s'est révélé inutilisable. Lorsque le curseur de la souris passait
sur un élément graphique, c'était un autre qui se mettait en
surbrillance, puis deux ou trois qui étaient rafraichis sans la moindre
logique. Un appui sur la touche « Entrée » mettait l'écran de connexion
sans dessus-dessous.

Tout est rentré dans l'ordre après avoir reconfiguré GDM pour qu'il
utilise Xorg plutôt que Wayland.

Je ne fais pas partie de ceux qui regrettent déjà le protocole X11 et
l'approche historique de la pile graphique sur Unix. Son design lui
conférait quelques avantages, mais la condamnait aussi à des défauts
majeurs, à commencer par la lenteur. Pour autant, je ne peux que
constater qu'il m'est toujours impossible d'utiliser Wayland sur mes
deux PC.

> Je pense que les anciens problèmes d'accès de bureau à distance
> (télémaintenance) sous Wayland sont globalement résolus mais ça mérite
> d'être testé avant une éventuelle migration vers Wayland

Ce n'était toujours pas le cas cet été (date de mes derniers essais)
avec les outils de visio que j'utilise. Je n'arrivais toujours pas
à partager mon écran sous Wayland (échec logique puisque les
développeurs de Wayland voient – à raison si on ignore les motifs
légitimes – le partage de fenêtre entre applications comme une faille de
sécurité).

Il semblerait cependant que les choses s'améliorent progressivement
grâce à une palette d'outils conçus pour pallier / détourner les limites
de Wayland.

Sébastien


-- 
Sébastien Dinot, sebastien.di...@free.fr
http://www.palabritudes.net/
Ne goutez pas au logiciel libre, vous ne pourriez plus vous en passer !

Re: Question de Noël (mais quelle année?)

[Marc Chantreux]

hello,


> >   tout compte fait comparable à la compression protocolaire de type
> >   freeNX (comme X2go quoi). j'ai fais qq tentatives à l'époque et
> >   ce que j'ai vu était assez loin de pouvoir valider l'affirmation.
> 
> C'est possible en utilisant Waypipe [1], disponible dans Debian 12.
> Je ne l'ai encore jamais utilisé.

apt-cache search waypipe est prometeur en effet. Merci pour le lien.

marc

Re: Question de Noël (mais quelle année?)

[Marc Chantreux]

Salut,

> > * Il y a enfin un compositor qui m'attire:
> >   https://github.com/riverwm/river
> 
> Merci pour le lien. Est-ce que tu as évalué dwl qui est le remplaçant de
> dwm ?
> 
> https://codeberg.org/dwl/dwl

Nope: j'attend maintenant qu'un utilisateur me dise que wayland est
isofonctionnel à X11 au moins pour mes besoins.

marc

Re: Question de Noël (mais quelle année?)

[Sébastien NOBILI]

Bonjour,

Le 2023-12-26 10:43, Marc Chantreux a écrit :

* adieu remote display. visiblement c'est un WONTFIX de la communauté
  wayland qui dit en gros: utilise un truc qui render et compresse
  des images sur le réseau (VNC) en m'expliquant que c'est
  tout compte fait comparable à la compression protocolaire de type
  freeNX (comme X2go quoi). j'ai fais qq tentatives à l'époque et
  ce que j'ai vu était assez loin de pouvoir valider l'affirmation.


C'est possible en utilisant Waypipe [1], disponible dans Debian 12.
Je ne l'ai encore jamais utilisé.

Sébastien

1: https://gitlab.freedesktop.org/mstoeckl/waypipe

Re: Question de Noël (mais quelle année?)

[Michel Verdier]

Le 26 décembre 2023 Marc Chantreux a écrit :

> * à l'époque, rien dans le monde wayland ne ressemblait à dwm.
>
> Ce Noël-ci:
>
> * Il y a enfin un compositor qui m'attire:
>   https://github.com/riverwm/river

Merci pour le lien. Est-ce que tu as évalué dwl qui est le remplaçant de
dwm ?

https://codeberg.org/dwl/dwl

Question de Noël (mais quelle année?)

[Marc Chantreux]

salut à tous,

je suis passé sous wayland accidentellement lors d'une mise
à jour du passage à bulleye (à l'époque j'étais encore sous gnome3)
et déjà à l'époque, c'était stable. mais !!!

je ne pouvais plus partager mon écran pendant les confs (jitsi, BBB, …).
quand j'ai compris que j'étais sous wayland je me suis rendu compte
qu'il n'existait pas d'alternatives à des outils comme screenkey, ffmpeg
x11grab … aussi:

* le decorateur de fenetre n'est plus du fait du window manager
  (donc plus de point d'entrée unique pour les supprimer)
* adieu remote display. visiblement c'est un WONTFIX de la communauté
  wayland qui dit en gros: utilise un truc qui render et compresse
  des images sur le réseau (VNC) en m'expliquant que c'est
  tout compte fait comparable à la compression protocolaire de type
  freeNX (comme X2go quoi). j'ai fais qq tentatives à l'époque et
  ce que j'ai vu était assez loin de pouvoir valider l'affirmation.
* je n'ai pas trouvé de display manager aussi simple et elegant que slim.
* à l'époque, rien dans le monde wayland ne ressemblait à dwm.

Ce Noël-ci:

* Il y a enfin un compositor qui m'attire:
  https://github.com/riverwm/river
* j'ai bien compris que X11 est un cauchemard pour les développeurs
 et il me tarde de pouvoir jouer les bons élèves en passant sous wayland
 mais je ne sais si la situation a évolué sur mes 3 besoins fonctionnels.

tout retour sera lu avec intéret :)

joyeuse fete.
marc

Re: Resolu: Question de Noël

[didier gaumet]

Le 26/12/2023 à 08:04, Informatique BILLARD a écrit :

Bonjour

merci à vous, alors pour moi ce sera plus tard étant sous xfce avec un 
voeux PC portable.


François-Marie


Bonjour,

juste pour préciser: si Wayland est installé mais qu'un bureau 
incompatible avec Wayland est utilisé (ici Xfce), il n'y aura aucune 
conséquence fâcheuse: le bureau en question continuera à utiliser Xorg 
vu qu'il est incompatible avec Wayland (au moins pour le moment car 
certains de ces bureaux (Xfce et Cinnamon, pour les autres je ne sais 
pas) entreprennent des travaux de mise en compatibilité avec Wayland)

Resolu: Question de Noël

[Informatique BILLARD]

Bonjour

merci à vous, alors pour moi ce sera plus tard étant sous xfce avec un 
voeux PC portable.


François-Marie

Le 25/12/2023 à 14:46, Lamourec Alain a écrit :

Bonjour

Tout dépend de ton environnement de bureau :
gnome -> oui
kde -> oui
xfce -> non


Informatique BILLARD  writes:


Bonjour à toutes et tous,

en ce jour de Noêl je lis quelques pages sur Wayland le remplaçant de 
X11.


Et la une question émerge, peut-on sans trop de risque de
dysfonctionnement installer wayland sous debian 12 .

Merci

François-Marie

Re: Question de Noël

[Lamourec Alain]

Bonjour

Tout dépend de ton environnement de bureau :
gnome -> oui
kde -> oui
xfce -> non


Informatique BILLARD  
writes:



Bonjour à toutes et tous,

en ce jour de Noêl je lis quelques pages sur Wayland le 
remplaçant de X11.


Et la une question émerge, peut-on sans trop de risque de
dysfonctionnement installer wayland sous debian 12 .

Merci

François-Marie



--
Lamourec Alain

Re: Question de Noël

[didier gaumet]

Le 25/12/2023 à 10:52, Informatique BILLARD a écrit :

Bonjour à toutes et tous,

en ce jour de Noêl je lis quelques pages sur Wayland le remplaçant de X11.

Et la une question émerge, peut-on sans trop de risque de 
dysfonctionnement installer wayland sous debian 12 .


Bonjour,

Quand tu installes Debian avec un bureau, par défaut c'est Gnome avec 
les serveurs Wayland et Xorg. Par défaut toujours, Sous Debian de nos 
jours, Gnome est lancé sous Wayland (mais on peut changer pour Xorg dans 
le menu GDM)


Donc globalement pas de dysfonctionnement avec Wayland si on emploie un 
bureau vraiment prévu pour (Gnome, peut-être KDE de nos jours (je 
connais mal)).
Je pense que les anciens problèmes d'accès de bureau à distance 
(télémaintenance) sous Wayland sont globalement résolus mais ça mérite 
d'être testé avant une éventuelle migration vers Wayland

Question de Noël

[Informatique BILLARD]

Bonjour à toutes et tous,

en ce jour de Noêl je lis quelques pages sur Wayland le remplaçant de X11.

Et la une question émerge, peut-on sans trop de risque de 
dysfonctionnement installer wayland sous debian 12 .


Merci

François-Marie

Question about CNC

[Eric Risch]

Hi,

Does your company need machining details?

As a company with many years of experience on the market, we are able to 
provide competitive terms of cooperation, timely execution of orders, as well 
as details and components with high geometric accuracy and strength properties.

I can also offer welding, cutting and assembly based on the assembly of machine 
components and the prefabrication of electrical switchboards.

Let me know if you are interested in a short conversation regarding the order.


Best regards
Eric Risch

ntpsec as servr question

[gene heskett]

Actually I did find it, was not a journalctl command but tcpdump. So 
call in the St Bernards.


Thanks.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

RE: time question, as in ntp?

[Bonno Bloksma]

Hi,

>> $ cat /etc/network/interfaces
[...]
>> # The primary network interface
>> allow-hotplug ens32
>> iface ens32 inet static

> Depending on what services your computer runs, you may wish to change 
> "allow-hotplug ens32" to "auto ens32". 
Thanks that one got by me when I created a new server. :-(

> Of course, if everything is working as you have it, then "don't touch it" is 
> a wise course.  
Of course but then, if we know it is not the best config, why wait for it to go 
wrong. ;-)

Bonno Bloksma

Re: time question, as in ntp?

[Tom Dial]

On 12/4/23 02:43, gene heskett wrote:


So the next question is, is ntpsec serving my time, or utc. This hdware clock 
is supposedly set to UTC, but what is ntpsec serving? It s/b serving UTC IMO. 
But I'm in the dark here, haven't had to fool with this in the last 24 years.


I'm pretty sure your NTP server will be dealing UTC time; mine, running on a 
GPS, does, and all the the machines on the net stay in lockstep to within a few 
dozen microseconds most of the time.

I think you have to figure out how to tell your printer driver to set its timezone to 
Eastern; it's not Debian (or Red Hat or HP-UX or Solaris) and I don't have any idea. If 
it were debian(-derived) you could say "dpkg-reconfigure tzdata" - might be 
worth a try. Or maybe consult the vendor.

Regards,
Tom Dial




The current state is that the 3d printer has only a 169.254.x.y link-local 
address configured as a fallback.


Which is now fixed.

Thanks all.

Cheers, Gene Heskett.

Re: time question, as in ntp?

[John Hasler]

Gene writes:
> I've also setup ntpsec as a server on this machine, and have the
> printers chrony synching to this machine but the chrony on the printer
> is stuck in PST, exactly 4 hours behind this machine regardless of the
> setting in /etc/timezone.

Chrony only does UTC.

   chronyc tracking

will tell you what time Chrony thinks it is.
-- 
John Hasler 
j...@sugarbit.com
Elmwood, WI USA

Re: time question, as in ntp?

[tomas]

On Mon, Dec 04, 2023 at 09:30:14AM -0500, Stefan Monnier wrote:

[...]

> It's serving *the* time :-)

Well put :-)

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: time question, as in ntp?

[Stefan Monnier]

> So I put the dhcpd-server on this machine and it worked exact as Dan said it
> would.  Then I enabled ntpsec to serve and thats working to the whole world.
> But the chrony on the printer is stuck in the PST timezone, ignoring the
> contents of /etc/timezone.

In Unix/Linux/Posix, time is counted in "seconds since the epoch" and is
timezone-agnostic.  The timezone is only used when converting to/from
this number of seconds from/to the usual "year/month/day/hour/minutes/...".

> So the printer is 4 hours behind me here on
> US/Eastern or America/NewYork zone, both seem to work correctly here.

"The printer" is probably not 4 hours behind anything.  Presumably it's
just some part of the printer's software which chooses to use PST when
*displaying* time information.

> So the next question is, is ntpsec serving my time, or utc.

It's serving *the* time :-)


Stefan

Re: time question, as in ntp?

[Max Nikulin]

On 04/12/2023 11:38, John Hasler wrote:

Max Nikulin wrote:

 From my point of view, it should be possible to put a file with
mapping of mac addresses to desired IPs and names to his dd-wrt
router. I expect that dnsmasq is running or can be installed
there. Dnsmasq as a DHCP server on the router should be better than
maintaining hosts files on each machine.


dnsmasq will get the hostnames from the machines and put them in its
dns.  There is really no need to manually enter any MAC addresses or IPs
anywhere.


IP addresses may be added to some scripts or config files already. My 
point is that dnsmasq allows to fix IP addresses obtained by clients 
through DHCP. It is first step to convince that a network managed using 
a DHCP server is not unstable.



I suspect that had the machine been plugged into a network equipped with
a properly configured DHCP server it would just work.


Sure, but if DHCP server is not running on the router then it will be 
more tricky to debug next issue. Answering to questions people make 
enough assumptions and in home networks usually routers play this role.

Re: time question, as in ntp?

[gene heskett]

On 12/3/23 22:05, Max Nikulin wrote:

On 02/12/2023 23:39, John Hasler wrote:

Max Nikulin wrote:

As to a GPS receiver, it should be doable and 169.254.x.y addresses
will not be an issue any more. Be careful with cables when connecting
it however: https://www.wired.com/2012/02/neutrinos-faulty-cable/


CNC machines don't need accurate time.  They need precise internal
synchronization but that isn't related to the system clocks.  The
default NTP configuration in most Linux distributions will take care of
the system clocks if they have access to the Internet.


I was kidding. However "access to the Internet" is the real trouble in 
this particular case. It seems, the vendor of the 3d printer believes 
that users must connect the device to a network having a DHCP server. 
ifupdown is definitely broken in armbian, perhaps armbian way to setup 
network is broken on this device, but Gene is not going to debug it. His 
stance that it is NetworkManager that breaks his network.


1. I'll retract that, while there seem to be networkmanager leftovers 
here and there, there is no nm present on the printer NOW that I can 
find.  And I haven't removed it.


2. I have installed the ISC dhcpd-server on this machine, its working as 
expected, the printer is now inside my subnet of the 192.168.71 block.


3. I've also setup ntpsec as a server on this machine, and have the 
printers chrony synching to this machine but the chrony on the printer 
is stuck in PST, exactly 4 hours behind this machine regardless of the 
setting in /etc/timezone.


In addition, he is strongly against DHCP believing that it will make his 
network unstable.


See above, its installed and working, I've even done a small print job 
to prove it works.


 From my point of view, it should be possible to put a file with mapping 
of mac addresses to desired IPs and names to his dd-wrt router. I expect 
that dnsmasq is running or can be installed there. Dnsmasq as a DHCP 
server on the router should be better than maintaining hosts files on 
each machine.


Two reasons, the failure of those 2 seacraates within hours of each a 
year ago other destroyed all records of passwd's for it, and since the 
rot pw was 33 chars of random numbers, I'd have to do a factory reset to 
a broken dd-wrt (It can't do nat) and reinstall a new dd-wrt.  Its 
working so I won't muck with it.


So I put the dhcpd-server on this machine and it worked exact as Dan 
said it would.  Then I enabled ntpsec to serve and thats working to the 
whole world.  But the chrony on the printer is stuck in the PST 
timezone, ignoring the contents of /etc/timezone.  So the printer is 4 
hours behind me here on US/Eastern or America/NewYork zone, both seem to 
work correctly here.


So the next question is, is ntpsec serving my time, or utc. This hdware 
clock is supposedly set to UTC, but what is ntpsec serving? It s/b 
serving UTC IMO. But I'm in the dark here, haven't had to fool with this 
in the last 24 years.


The current state is that the 3d printer has only a 169.254.x.y 
link-local address configured as a fallback.


Which is now fixed.

Thanks all.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: time question, as in ntp?

[John Hasler]

Max Nikulin wrote:
> From my point of view, it should be possible to put a file with
> mapping of mac addresses to desired IPs and names to his dd-wrt
> router. I expect that dnsmasq is running or can be installed
> there. Dnsmasq as a DHCP server on the router should be better than
> maintaining hosts files on each machine.

dnsmasq will get the hostnames from the machines and put them in its
dns.  There is really no need to manually enter any MAC addresses or IPs
anywhere.

I suspect that had the machine been plugged into a network equipped with
a properly configured DHCP server it would just work.
-- 
John Hasler 
j...@sugarbit.com
Elmwood, WI USA

Re: time question, as in ntp?

[Max Nikulin]

On 02/12/2023 23:39, John Hasler wrote:

Max Nikulin wrote:

As to a GPS receiver, it should be doable and 169.254.x.y addresses
will not be an issue any more. Be careful with cables when connecting
it however: https://www.wired.com/2012/02/neutrinos-faulty-cable/


CNC machines don't need accurate time.  They need precise internal
synchronization but that isn't related to the system clocks.  The
default NTP configuration in most Linux distributions will take care of
the system clocks if they have access to the Internet.


I was kidding. However "access to the Internet" is the real trouble in 
this particular case. It seems, the vendor of the 3d printer believes 
that users must connect the device to a network having a DHCP server. 
ifupdown is definitely broken in armbian, perhaps armbian way to setup 
network is broken on this device, but Gene is not going to debug it. His 
stance that it is NetworkManager that breaks his network.


In addition, he is strongly against DHCP believing that it will make his 
network unstable.


From my point of view, it should be possible to put a file with mapping 
of mac addresses to desired IPs and names to his dd-wrt router. I expect 
that dnsmasq is running or can be installed there. Dnsmasq as a DHCP 
server on the router should be better than maintaining hosts files on 
each machine.


The current state is that the 3d printer has only a 169.254.x.y 
link-local address configured as a fallback.

Re: time question, as in ntp?

[John Hasler]

Max Nikulin wrote:
> As to a GPS receiver, it should be doable and 169.254.x.y addresses
> will not be an issue any more. Be careful with cables when connecting
> it however: https://www.wired.com/2012/02/neutrinos-faulty-cable/

CNC machines don't need accurate time.  They need precise internal
synchronization but that isn't related to the system clocks.  The
default NTP configuration in most Linux distributions will take care of
the system clocks if they have access to the Internet.  If not run an
NTP server on one machine.
-- 
John Hasler 
j...@sugarbit.com
Elmwood, WI USA

Re: time question, as in ntp?

[mick.crane]

On 2023-11-30 19:06, gene heskett wrote:

On 11/30/23 09:14, John Hasler wrote:

Gene writes:

I want to put it at 192.168.71.100/24. How do I do that in
/etc/dhcpcd.conf?


You don't.  That file tells the client how to get an ip (among other
things) from the server.  The default configuration should work.  You
assign static ips on the server when using dhcp.  But why do you want 
to

do that?



I don't want or need a dhcp-server.
For the router/firewall thing I have a PC with pfsense, specifying the 
DHCP pool.
As I don't know what I'm doing it has a web interface. A new install can 
get an IPaddress from that and I can go on the web interface and make it 
permanent.

So like everything is in one place.
cheers
mick

Re: time question, as in ntp?

[Max Nikulin]

On 02/12/2023 05:33, Greg Wooledge wrote:

In either case, the static-ness or dynamic-ness of the address is much
less important than the fact that the address*works*.  You are able
to communicate with the printer, using your network.

This means the printer should be able to communicate*back*, and
specifically, it should be able to contact an NTP server on your network
to synchronize its system clock.


My guest is that a 169.254.x.y address allows to connect from other 
hosts that belongs to the same network segment, but the router discards 
outgoing packets instead of applying masquerading rules. Or the host 
does not send non-local packets because it does not know a router and no 
hosts respond to ARP requests.


Having IPv4LL addresses, it is possible to connect to other hosts 
withing the same subnet using multicast mDNS (name.local) or LLMNR name 
resolution.


Actually having a spare ethernet port or a WiFi card that supports hot 
spot mode, it is possible to create a subnet for this 3d printer. 
NetworkManager allows to create a "shared" connection with a few clicks. 
It launches dnsmasq as DNS and DHCP server. The only downside is NAT, so 
ssh to the printer will require to connect the host sharing network. 
However it will solve the NTP issue.

Re: time question, as in ntp?

[gene heskett]

On 12/1/23 16:22, gene heskett wrote:

On 12/1/23 13:27, Andrew M.A. Cater wrote:

On Fri, Dec 01, 2023 at 07:30:35AM +, Andy Smith wrote:

Hello,

On Thu, Nov 30, 2023 at 10:24:35PM -0500, gene heskett wrote:




Gene,

Please do us *all* a favour to try and help you.

Write us out a list of all your machines - and if a printer has an
embedded SBC, it's a machine in this context - and the OS and versions
they are running.

List the functions you want each to have.

As others have noted, it's REALLY hard to work out what you're doing.

If machines and printers expect DHCP, then you're going to have to
amend files. Do back up the files you change.

1. There is nothing in Debian that ever overwrites the
    /etc/network/interfaces file. But you aren't running Debian on
    this machine, so we are all having difficulty helping you.
    Because this is DEBIAN-user.


I'm well aware of that Andy, but TBH, this list may be the deepest pool 
of knowledgeable people on the planet, most of my machines are running 
debian. Those that are running buster have been stuck as the switch to 
python 3 with bullseye broke linuxcnc.  Thats now been fixed and has 
been for a while but I've had my own projects that took priority.  There 
will not be any spinning rust here when I do update to bookworm or trixie.



As ever, our collective expertise here is primarily Debian - we have no
clue what a derived distribution may or may not do.


There is also an overtone of NIH here. These programs are tools and one 
does his (or her) best thinking well outside the box at times.



2. All you've described is a line in a file which says, "Network is
    managed by NetworkManager". There is NO indication WHICH piece of
    software put that line there, it really could be anything.
    Because you aren't running Debian. Since NetworkManager can be
    set up to run arbitrary commands, it certainly COULD be YOUR
    setup of NetworkManager. Or something else entirely different.
    It's nothing in Debian, though.


Then you are incompatible with software you are trying to run. Your
options:
- do not allow scripts coming with klipper or its installer to touch
network configuration


They never have, they just use it. And I've used up my patience in 
explaining that and being mostly ignored.



- setup a DHCP server in your network and provide to 3d wizards
environment they expect.



"Su and say" is not great: running third party scripts on non-Debian 
systems
and you get to keep both pieces unless you undersand what kiauh and 
Klipper

are doing, be careful.


Again, Max, its your way or the hiway. I'd be willing to guess that my
network experience goes back at least a decade before your first 
class in cs
101. /etc/hosts files worked in 1990 then as now, we just have to 
get the
dhcp crap out of the way.  And you and your insistence on using dhcp 
which

has never given me a stable address are definitely NOT helping.


This like some sort of farce.

You have an operating system hard-coded to use DHCP, but you won't
use DHCP, so it doesn't work. You can't work out how to make it not
want DHCP; you won't ask the people who made it how; instead you ask
us completely uninvolved folks how to do it. When we tell you to
configure it for static networking you say you can't because it
wants DHCP. When we say use DHCP then, you say, "oh I see it's your
way or the hiway, I'll have you know I was crafting IP packets from
raw bean sprouts before you kids ever drew breath!"

So would I be correct in saying that you want US to work out how to
do this thing in software we don't use and that's off-topic here,
and that's the only answer you'll accept?

Or have I misunderstood and there is some other direction you would
like to go with this?

Thanks,
Andy



It does seem to be a problem on this list that we can't always get
clear explanations of what has *actually* been done.

Andy



That list of machines is long Andy, and possibly boring.

1. The 2nd machine I converted, affectionately known as tlm.coyote.den, 
( The Little Monster ), a 7x12 lathe running buster with a real time 
kernel and linuxcnc, all uptdate. uname -a=

Linux TLM 4.19.0-25-rt-amd64 #1 SMP PREEMPT RT Debian 4.19.289-2
(2023-08-08) x86_64 GNU/Linux
Running on an off-lease Dell Optiplex computer.

2. A 4 axis mill sold by grizzly as the G0704 running on another 
off-lease Dell, named go704, using an uptodate buster, uname -a=
Linux GO704 4.19.0-25-rt-amd64 #1 SMP PREEMPT RT Debian 4.19.289-2 
(2023-08-08) x86_64 GNU/Linux

also using linuxcnc.

3. Another 4 axis gantry style mill sold as the 6040, also running 
buster with a rt kernel and linuxcnc on another off-lease Dell. uname -a=
Linux sixty40 4.19.0-25-rt-amd64 #1 SMP PREEMPT RT Debian 4.19.289-2 
(2023-08-08) x86_64 GNU/Linux


4. Another lathe, a bigger Sheldon from the mid WW-II time, running on a 
raspberry pi 4b, bookworm, uname -a=
Linux rpi4.coyote.den 6.1.54-rt15 #1 SMP PREEMPT_RT Wed Sep 20 20:36:44 
AEST 2023 

Re: time question, as in ntp?

[Max Nikulin]

On 02/12/2023 02:24, gene heskett wrote:

On 12/1/23 10:27, Max Nikulin wrote:


so I have to repeat it. You *do* *not* have NetworkManager installed 
hence it can not overwrite files.


What particular *evidences* do you have that namely NetworkManager 
overwrites /etc/network/interfaces? I am not interested in you 
*speculations*.

[...]
I do not know the mechanism by which my addition and deletions were done 
during boot, I had added the correct data to put eth0 at 192.168.71.100 
in /e/n/i, and had deleted the line saying it was managed by 
networkmanager. The evidence I have is that the original file was 
restored, has only lo and the line giving credit to networkmanager was 
restored, my additions were gone. Based on the evidence I can see, what 
else am I supposed to think?


The only problem is that neither upstream sources nor debian patches in 
buster or bookworm contain the "Network is managed" text as in (from an 
earlier message):



root@mkspi:/# cat /etc/network/interfaces
source /etc/network/interfaces.d/*
# Network is managed by Network manager<-this line I had removed
auto lo
iface lo inet loopback 


So ask the 3d printer vendor why you see this misleading line and why 
ifupdown and NetworkManager are broken.


I had a hope that you would at least check list of processes, systemd 
units, init scripts for something suspicious. Instead I still see 
speculations again and attempts to blame NetworkManager developers for 
no reason.


Have you tried some online translator to guess meaning of the following?


Jan 02 02:56:20 mkspi bash[1443]: 已获取到了扫描的结果
Jan 02 02:56:20 mkspi bash[1443]: [Dec 10 2022][15:22:28] 
/root/xindi/src/mks_wpa_cli.cpp: 416
Jan 02 02:56:20 mkspi bash[1443]: 收到wpa回调信息:
Jan 02 02:56:20 mkspi bash[1443]: WPS-AP-AVAILABLE 


Have you find files containing these messages?

Re: time question, as in ntp?

[John Hasler]

Gene writes:
> Like I said, boring.

Not boring at all. I assume that you also have a desktop or laptop on
that network?  If I was running it I would *definitely* be using DHCP.


-- 
John Hasler 
j...@sugarbit.com
Elmwood, WI USA

Re: time question, as in ntp?

[Charles Curley]

On Fri, 1 Dec 2023 23:21:05 +0700
Max Nikulin  wrote:

> As to a GPS receiver, it should be doable and 169.254.x.y addresses
> will not be an issue any more. Be careful with cables when connecting
> it however: https://www.wired.com/2012/02/neutrinos-faulty-cable/

And there is plenty of expertise on the gpsd email list. But I would
start with the web site, including the how-to on setting up a time
server. https://gpsd.io https://gpsd.io/gpsd-time-service-howto.html

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: time question, as in ntp?

[Greg Wooledge]

On Fri, Dec 01, 2023 at 04:57:25PM -0500, gene heskett wrote:
> root@mkspi:/etc#  ls -ld /etc/network/interfaces
> -rwxr-xr-x 1 root root 106 Jul 24 19:10 /etc/network/interfaces

OK.  Now we have something to work with, at least.

> date
> Tue 03 Jan 2023 06:44:56 AM PST

> The clock is apparently restarted from midnight 12/1/2022 at every reboot.

> This overwrite was done that way as soon as I could login at the old address
> with ssh so I have to say it was done by network start time in the bootup
> from a 10 second power down.

All right, then.  Let's see if I have everything straight.

At some point in the recent past, you edited /e/n/i.  Then you rebooted,
an undetermined amount of time later, and after the reboot, the file had
been restored to the state shown above.  Yes?

If we assume the file wasn't changed *prior* to the reboot, then something
in the operating system startup must be overwriting this file.

If your assertion about the clock being set to 2022-12-01 each boot is
correct, then the timestamp on the file is *not* coming from the system
clock.  It's probably coming from whatever "gold copy" of the file is
being restored during startup.

There are *lots* of ways a file could be copied and retain the mtime of
the original file.  "cp -a" is one of them.

unicorn:~$ cp -a .bashrc copy-of-bashrc; ls -lad .bashrc copy-of-bashrc; date
-rwxr-xr-x 1 greg greg 3329 Nov 12 08:28 .bashrc*
-rwxr-xr-x 1 greg greg 3329 Nov 12 08:28 copy-of-bashrc*
Fri Dec  1 17:05:52 EST 2023
unicorn:~$ 

Of course there are many others.  Extracting a .tar.gz archive, for
example, is another way to do it.

You could look through the system startup stuff, wherever that is on
this operating system, and see if you find anything about restoring
factory default configuration files.

If you can't find it, the people who support this operating system might
be able to tell you exactly what's happening, and why.  You really ought
to talk to them.

As a side note, copying a "gold standard" /e/n/i file which happens to
contain a comment *saying* that it's from Network Manager would retain
that comment, possibly leading to some confusion.  One might argue that
the OS vendor should have replaced the comment with something more
accurate. (E.g. "This interfaces file is copied from  to /etc/network
at boot time. Do not edit this file in /etc/network. If you need to
modify it, edit it in  instead, but you do so at your own risk.")
That's another thing you could talk to the OS support people about,
assuming my guesswork holds up.

***

Now let's talk about NTP.  Originally you asked about installing and
configuring an NTP service on this printer.  And you had some concerns
because you didn't know how to assign a static IP address to it.

However, you've stated a few times now that you *are* able to ssh into
it, from some other host on your network.

The fact that you can ssh into it means that it's got a working IP
address (either v4 or v6), and that your ssh client is able to determine
that IP address and connect to it.  So, either it's already got a static
address, or your ssh client configuration is very clever, and knows
how to determine the printer's dynamic address.

In either case, the static-ness or dynamic-ness of the address is much
less important than the fact that the address *works*.  You are able
to communicate with the printer, using your network.

This means the printer should be able to communicate *back*, and
specifically, it should be able to contact an NTP server on your network
to synchronize its system clock.

So all you should have to do is:

1) Determine which host on your network will act as your NTP server.  Get
   an NTP package installed and running on that host, and configure it
   to allow connections from your LAN.  You may select more than one if
   you like.

2) Make sure the NTP server(s) are getting their time synced correctly,
   most likely from public NTP sources on the Internet.

3) Install an NTP package on the printer, and configure it to use your
   designated local NTP server(s).

4) Ensure that the NTP services all start at boot time, and don't get
   their configuration files overwritten or anything like that.

If some part of this doesn't work, then please report the exact nature
of the failure, with details (commands and their output).  Example
commands that would be useful in debugging might include:

date
ntpq -p
systemctl status ntp# or some sysv-rc equivalent
ls -ld /etc/ntp.conf
cat /etc/ntp.conf
journalctl -u ntp   # if it's systemd-based; otherwise:
grep ntpd /var/log/syslog | tail -n20

You get the idea, I hope.  Your logs might be in some other location.
Find them.  Read them.

Re: time question, as in ntp?

[gene heskett]

On 12/1/23 14:42, Greg Wooledge wrote:

On Fri, Dec 01, 2023 at 02:24:20PM -0500, gene heskett wrote:

root@mkspi:/etc# nmcli
-bash: nmcli: command not found



I do not know the mechanism by which my addition and deletions were done
during boot, I had added the correct data to put eth0 at 192.168.71.100 in
/e/n/i, and had deleted the line saying it was managed by networkmanager.
The evidence I have is that the original file was restored, has only lo and
the line giving credit to networkmanager was restored, my additions were
gone. Based on the evidence I can see, what else am I supposed to think?


What you showed us above, where you tried to run nmcli, was perfect.
It contains your shell prompt (which tells us your username and hostname
and current working directory), the command you ran, and its output.
Hell, we even learned you're in a bash login shell, which is not
immediately relevant, but is a nice detail to have.

What we need is more of that.

 ls -ld /etc/network/interfaces


root@mkspi:/etc#  ls -ld /etc/network/interfaces
-rwxr-xr-x 1 root root 106 Jul 24 19:10 /etc/network/interfaces
The rest of the files mentioned here have an mtime about a day later but 
7 months newer than the actual time it has ATM,

date
Tue 03 Jan 2023 06:44:56 AM PST



would be an excellent starting point.  It would tell us whether your /e/n/i
is a regular file or a symbolic link.  If it's a regular file, we would
get the last modified time, so we'd know *when* it was altered, if your
system clock is accurate (which it might not be, given the thread's
original subject).


The clock is apparently restarted from midnight 12/1/2022 at every 
reboot. And I don't know if the rockchip64 has a clock. Most of the pi's 
don't.  Since this is 12/1/2023, saying it about a year out of date is a 
pretty accurate statement.



The mtime might not be useful to us, but it might be more useful to *you*,
as you might know what time the system clock had the last time you ran
that 'kiauh' script or whatever it was.  Maybe that's what undoes your
changes?

If it turns out the modification took place in the wee hours of the
morning, then it's more likely a cron job or systemd timer kicks off
the process that undoes the changes.

This overwrite was done that way as soon as I could login at the old 
address with ssh so I have to say it was done by network start time in 
the bootup from a 10 second power down.



If /e/n/i turns out to be a symbolic link on your system, then its
target may give us some hints about which program is messing with it.

.


Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis