Re: [SOLVED] [gentoo-user] CPU flags unsatisfied

[Arve Barsnes]

On 30 March 2017 at 02:24,  wrote:

> replace in make.conf CFLAGS=
> with (in my case)
> CPU_FLAGS_X86="aes avx avx2 fma3 mmx mmxext popcnt sse sse2 sse3 sse4_1
> sse4_2 ssse3"
>

CFLAGS and CPU_FLAGS_X86 are NOT the same thing, you can't replace one with
the other, you want both.

[gentoo-user] [OT] busybox fsck vs. fsck.ext4 ... experiences?

[tuxic]

Hi,

Before doing the wrong decision:
How "secure" is it to use fsck of busybox in a limited environment
(SoC) to check sdcard partitions (etx4) occasionally instead of using
fsck.ext4 ?
Does someone has some experiences with this ?

Thanks a lot in advance for any help!
Cheers
Meino

Re: [SOLVED] [gentoo-user] CPU flags unsatisfied

[Daniel Frey]

On 03/29/2017 05:24 PM, the...@sys-concept.com wrote:
> Yes, that was the solution, thank you.
> 
> run: cpuinfo2cpuflags-x86
> 
> replace in make.conf CFLAGS=
> with (in my case)
> CPU_FLAGS_X86="aes avx avx2 fma3 mmx mmxext popcnt sse sse2 sse3 sse4_1 
> sse4_2 ssse3"
> 
> run:
> emerge --deep -a --changed-use @world
> 
> Three files recompiled and solved the problem.
> 
> 
> Thelam
>  
> 

This information was also here (scroll to the bottom):

https://wiki.gentoo.org/wiki/Handbook:AMD64/Working/USE

It also would've been a news item at some point (like when installing.)
Did you even read those? A lot of them are important have to do with
configuration changes such as this one.

`eselect news list`

Dan

Re: [gentoo-user] CPU flags unsatisfied

[thelma]

On 03/29/2017 05:08 PM, Alan McKinnon wrote:
> On 29/03/2017 23:11, the...@sys-concept.com wrote:
>> When I try to emerge any application that require audio eg: firefox, ffmpeg, 
>> asterisk etc.
>> I get 
>>
>> !!! The ebuild selected to satisfy 
>> ">=media-video/ffmpeg-3.2.4:0=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?]"
>>  has unmet requirements.
>> - media-video/ffmpeg-3.2.4::gentoo USE="X alsa bzip2 encode gpl 
>> hardcoded-tables iconv mp3 network opengl postproc sdl threads truetype 
>> vorbis x264 xcb xvid zlib (-altivec) -amr -amrenc (-armv5te) (-armv6) 
>> (-armv6t2) (-armvfp) -bluray -bs2b -cdio -celt -chromaprint -cpudetection 
>> -debug -doc -ebur128 -fdk -flite -fontconfig -frei0r -fribidi -gcrypt -gme 
>> -gmp -gnutls -gsm -iec61883 -ieee1394 -jack -jpeg2k -kvazaar -ladspa -libass 
>> -libcaca -libilbc -librtmp -libsoxr -libv4l -lzma (-mipsdspr1) (-mipsdspr2) 
>> (-mipsfpu) (-mmal) -modplug (-neon) -nvenc -openal -openh264 -openssl -opus 
>> -oss -pic -pulseaudio -rubberband -samba -schroedinger -snappy -speex -ssh 
>> -static-libs -test -theora -twolame -v4l -vaapi -vdpau -vpx -wavpack -webp 
>> -x265 -zimg -zvbi" ABI_X86="64 -32 -x32" CPU_FLAGS_X86="mmx sse sse2 -3dnow 
>> -3dnowext -aes -avx -avx2 -fma3 -fma4 -mmxext -sse3 -sse4_1 -sse4_2 -ssse3 
>> -xop" FFTOOLS="aviocat cws2fws ffescape ffeval ffhash fourcc2pixfmt 
>> graph2dot ismindex pktdumper qt-faststart sidxindex trasher"
>>
>>   The following REQUIRED_USE flag constraints are unsatisfied:
>> cpu_flags_x86_sse? ( cpu_flags_x86_mmxext )
> 
> 
> Thelma,
> 
> Do you EVER bother to read what portage is telling you?
> 
> Or do you just by default see an error on-screen, not actually think for
> yourself, and dump a paste to gentoo-user expecting everyone here to do
> your thinking for you?
> 
> Seriously, this is getting tiresome.
> I hope you are not being paid wages to work these Gentoo machine(s).

Alan, you keep repeating yourself.
No, I don't get paid for my work, I just run my network; and sometimes I
need help.

When I post a problem I don't wait for the solution; I keep searching.

--
Thelma

Re: [SOLVED] [gentoo-user] CPU flags unsatisfied

[thelma]

On 03/29/2017 05:33 PM, Dale wrote:
> the...@sys-concept.com wrote:
>> When I try to emerge any application that require audio eg: firefox, ffmpeg, 
>> asterisk etc.
>> I get 
>>
>>
 SNIPPY >>>
> 
> You may want to try this:
> 
> root@fireball / # equery b cpuinfo2cpuflags-x86
>  * Searching for cpuinfo2cpuflags-x86 ...
> app-portage/cpuid2cpuflags-2 (/usr/bin/cpuinfo2cpuflags-x86)
> root@fireball / #
> 
> Makes it easy to find out what is and is not supported for your CPU. 
> 
> Dale
> 
> :-)  :-) 

Yes, that was the solution, thank you.

run: cpuinfo2cpuflags-x86

replace in make.conf CFLAGS=
with (in my case)
CPU_FLAGS_X86="aes avx avx2 fma3 mmx mmxext popcnt sse sse2 sse3 sse4_1 sse4_2 
ssse3"

run:
emerge --deep -a --changed-use @world

Three files recompiled and solved the problem.


Thelam
 

Re: [gentoo-user] CPU flags unsatisfied

[Dale]

the...@sys-concept.com wrote:
> When I try to emerge any application that require audio eg: firefox, ffmpeg, 
> asterisk etc.
> I get 
>
>
>>> SNIPPY >>>

You may want to try this:

root@fireball / # equery b cpuinfo2cpuflags-x86
 * Searching for cpuinfo2cpuflags-x86 ...
app-portage/cpuid2cpuflags-2 (/usr/bin/cpuinfo2cpuflags-x86)
root@fireball / #

Makes it easy to find out what is and is not supported for your CPU. 

Dale

:-)  :-) 

Re: [gentoo-user] CPU flags unsatisfied

[Alan McKinnon]

On 29/03/2017 23:11, the...@sys-concept.com wrote:
> When I try to emerge any application that require audio eg: firefox, ffmpeg, 
> asterisk etc.
> I get 
> 
> !!! The ebuild selected to satisfy 
> ">=media-video/ffmpeg-3.2.4:0=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?]"
>  has unmet requirements.
> - media-video/ffmpeg-3.2.4::gentoo USE="X alsa bzip2 encode gpl 
> hardcoded-tables iconv mp3 network opengl postproc sdl threads truetype 
> vorbis x264 xcb xvid zlib (-altivec) -amr -amrenc (-armv5te) (-armv6) 
> (-armv6t2) (-armvfp) -bluray -bs2b -cdio -celt -chromaprint -cpudetection 
> -debug -doc -ebur128 -fdk -flite -fontconfig -frei0r -fribidi -gcrypt -gme 
> -gmp -gnutls -gsm -iec61883 -ieee1394 -jack -jpeg2k -kvazaar -ladspa -libass 
> -libcaca -libilbc -librtmp -libsoxr -libv4l -lzma (-mipsdspr1) (-mipsdspr2) 
> (-mipsfpu) (-mmal) -modplug (-neon) -nvenc -openal -openh264 -openssl -opus 
> -oss -pic -pulseaudio -rubberband -samba -schroedinger -snappy -speex -ssh 
> -static-libs -test -theora -twolame -v4l -vaapi -vdpau -vpx -wavpack -webp 
> -x265 -zimg -zvbi" ABI_X86="64 -32 -x32" CPU_FLAGS_X86="mmx sse sse2 -3dnow 
> -3dnowext -aes -avx -avx2 -fma3 -fma4 -mmxext -sse3 -sse4_1 -sse4_2 -ssse3 
> -xop" FFTOOLS="aviocat cws2fws ffescape ffeval ffhash fourcc2pixfmt graph2dot 
> ismindex pktdumper qt-faststart sidxindex trasher"
> 
>   The following REQUIRED_USE flag constraints are unsatisfied:
> cpu_flags_x86_sse? ( cpu_flags_x86_mmxext )


Thelma,

Do you EVER bother to read what portage is telling you?

Or do you just by default see an error on-screen, not actually think for
yourself, and dump a paste to gentoo-user expecting everyone here to do
your thinking for you?

Seriously, this is getting tiresome.
I hope you are not being paid wages to work these Gentoo machine(s).

-- 
Alan McKinnon
alan.mckin...@gmail.com

Re: [gentoo-user] CPU flags unsatisfied

[Neil Bothwick]

On Wed, 29 Mar 2017 15:11:17 -0600, the...@sys-concept.com wrote:

>   The following REQUIRED_USE flag constraints are unsatisfied:
> cpu_flags_x86_sse? ( cpu_flags_x86_mmxext )

If you have sse in CPU_FLAGS_X86 you must also have mmxext.

man 5 ebuild explains the syntax of these statements.


-- 
Neil Bothwick

WinErr 01D: System crash - We are unable to figure out our own code.


pgpeqWD31CM5U.pgp
Description: OpenPGP digital signature

Re: [gentoo-user] Re: Firefox occasionally stalls

[Dale]

Peter Humphrey wrote:
> On Tuesday 21 Mar 2017 14:59:48 Dale wrote:
>
>> Ublock is another option as well.  I use it on some Firefox profiles.
>> It does seem to respond better than Adblock but some things I don't like
>> about Ublock.
>>
>> I may look into that Ghostery too.  See if it is available for Firefox
>> and Seamonkey.
> I don't know about Seamonkey, but it is available for Firefox. It's a bit of 
> an eye-opener too. I had no idea how many people are out there keeping watch 
> over all our journeys around the web.
>

I tried it on one profile I have and it was not good.  It slowed Firefox
to a crawl.  It took a good ten minutes just to get the add-ons manager
to open and me to disable Ghostery.  Once I did that, it got better. 
After I restarted Firefox, it was back to normal. 

I suspect it clashes with another add-on I use.  I'm not sure which one
so I'll have to play with it when I have more time to spend on it. 
Right now, forestry and gardening is taking up my time tho. 

I couldn't find it for Seamonkey tho, which is where I'd rather use it
really.  Oh well.

Dale

:-)  :-) 

Re: [gentoo-user] HD 630?

[R0b0t1]

On Wed, Mar 29, 2017 at 7:46 AM, Todd Goodman  wrote:
> * Jorge Almeida  [170327 18:04]:
>> This may be a stupid question, for one of two possible reasons, but
>> here it goes:
>>
>> I'm thinking of buying a recent Intel CPU (7th generation, in
>> saleslang), say an i5-7400, and it came to mind, not too late yet,
>> that the integrated GPU may not be supported in linux. I'm talking
>> about the latest kernels, not necessarily the gentoo-packaged one.
>> Anyone knows something about it? And if not supported, is it likely
>> that it will be sometime soon? I can use a spare Radeon card
>> meanwhile...
>>
>> (And, for someone who is not a gamer, is a 7th generation CPU worth it
>> at all, as opposed to a 6th generation one?)
>>
>> Any input is appreciated
>>
>> Jorge Almeida
>
> Not a stupid question, but also not a concern in my opinion.
>
> I've built a number of desktop machines using Intel i7 (mostly) CPUs
> with integrated GPU and all have been supported well in my
> gentoo-sources kernels.
>
> I find Intel GPU support "just works" far more often than AMD or nVidia.
>
> Of course for heavy duty gaming then those go into a machine.
>
> But the Intel machines seem to have decent support for "lite" gaming
> (though certainly not "heavy duty")
>
> Todd
>

The iGPU on my i4770K performs much better than I ever expected.
Playing Minecraft with a large number of mods is a decent stress test
of both CPU and GPU capacity and it seems to be able to max out the
settings like a graphics card might. I'm not entirely sure there are
programs or games that run natively on Linux that can exceed the
capabilities of an iGPU, save GPGPU libraries or CAD software.

Re: [gentoo-user] drivers for INTEL integrated GPU?

[R0b0t1]

On Wed, Mar 29, 2017 at 11:54 AM, Jorge Almeida  wrote:
> On Tue, Mar 28, 2017 at 2:28 PM, R0b0t1  wrote:
>> On Tue, Mar 28, 2017 at 3:39 AM, Jorge Almeida  wrote:
>
>>
>> http://www.intel.com/content/www/us/en/support/graphics-drivers/05520.html
>> ev says that everything up to Intel HD 620 is supported. It is
>> probably reasonable to assume that a HD 630 device is supported.
>>
>
> OTOH, the gentoo WiKi https://wiki.gentoo.org/wiki/Intel seems to
> imply that the commitment of Intel with Linux may be somewhat
> colder...
>
>>
>> There are Intel HD devices, but there are also Iris devices. Per
>> marketing materials I found the Iris line is intended to be
>> distributed with higher-end computers for "professional" use. Do Iris
>> and HD devices actually differ in driver support or is it mostly the
>> name that shows up in lspci or Window's device manager that differs?
>
> First time I read about it. Wikipedia
> https://en.wikipedia.org/wiki/Intel_HD_and_Iris_Graphics has a few
> tables suggesting Iris is higher end stuff. I don't know about kernel
> support.
>>
>

They seem to be shipped with very high-end mobile devices (elitebooks,
dell XPS line, Microsoft's Surface) that do not have a discrete GPU.
>From what I can tell it may be hardware differences that don't
propagate up to the driver level, but there seems to be no info on it.
I had been assuming they were compatible but had no proof.

[gentoo-user] CPU flags unsatisfied

[thelma]

When I try to emerge any application that require audio eg: firefox, ffmpeg, 
asterisk etc.
I get 

!!! The ebuild selected to satisfy 
">=media-video/ffmpeg-3.2.4:0=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?]"
 has unmet requirements.
- media-video/ffmpeg-3.2.4::gentoo USE="X alsa bzip2 encode gpl 
hardcoded-tables iconv mp3 network opengl postproc sdl threads truetype vorbis 
x264 xcb xvid zlib (-altivec) -amr -amrenc (-armv5te) (-armv6) (-armv6t2) 
(-armvfp) -bluray -bs2b -cdio -celt -chromaprint -cpudetection -debug -doc 
-ebur128 -fdk -flite -fontconfig -frei0r -fribidi -gcrypt -gme -gmp -gnutls 
-gsm -iec61883 -ieee1394 -jack -jpeg2k -kvazaar -ladspa -libass -libcaca 
-libilbc -librtmp -libsoxr -libv4l -lzma (-mipsdspr1) (-mipsdspr2) (-mipsfpu) 
(-mmal) -modplug (-neon) -nvenc -openal -openh264 -openssl -opus -oss -pic 
-pulseaudio -rubberband -samba -schroedinger -snappy -speex -ssh -static-libs 
-test -theora -twolame -v4l -vaapi -vdpau -vpx -wavpack -webp -x265 -zimg 
-zvbi" ABI_X86="64 -32 -x32" CPU_FLAGS_X86="mmx sse sse2 -3dnow -3dnowext -aes 
-avx -avx2 -fma3 -fma4 -mmxext -sse3 -sse4_1 -sse4_2 -ssse3 -xop" 
FFTOOLS="aviocat cws2fws ffescape ffeval ffhash fourcc2pixfmt graph2dot 
ismindex pktdumper qt-faststart sidxindex trasher"

  The following REQUIRED_USE flag constraints are unsatisfied:
cpu_flags_x86_sse? ( cpu_flags_x86_mmxext )

  The above constraints are a subset of the following complete expression:
libv4l? ( v4l ) fftools_cws2fws? ( zlib ) test? ( encode ) postproc? ( gpl 
) frei0r? ( gpl ) cdio? ( gpl ) samba? ( gpl ) encode? ( x264? ( gpl ) x265? ( 
gpl ) xvid? ( gpl ) X? ( !xcb? ( gpl ) ) ) cpu_flags_x86_avx2? ( 
cpu_flags_x86_avx ) cpu_flags_x86_fma4? ( cpu_flags_x86_avx ) 
cpu_flags_x86_fma3? ( cpu_flags_x86_avx ) cpu_flags_x86_xop? ( 
cpu_flags_x86_avx ) cpu_flags_x86_avx? ( cpu_flags_x86_sse4_2 ) 
cpu_flags_x86_aes? ( cpu_flags_x86_sse4_2 ) cpu_flags_x86_sse4_2? ( 
cpu_flags_x86_sse4_1 ) cpu_flags_x86_sse4_1? ( cpu_flags_x86_ssse3 ) 
cpu_flags_x86_ssse3? ( cpu_flags_x86_sse3 ) cpu_flags_x86_sse3? ( 
cpu_flags_x86_sse2 ) cpu_flags_x86_sse2? ( cpu_flags_x86_sse ) 
cpu_flags_x86_sse? ( cpu_flags_x86_mmxext ) cpu_flags_x86_mmxext? ( 
cpu_flags_x86_mmx ) cpu_flags_x86_3dnowext? ( cpu_flags_x86_3dnow ) 
cpu_flags_x86_3dnow? ( cpu_flags_x86_mmx )

My cpuinfo flags:
processor   : 3
vendor_id   : GenuineIntel
cpu family  : 6
model   : 69
model name  : Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz

flags   : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov 
pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb 
rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology 
nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 
ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 movbe popcnt 
tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm epb tpr_shadow vnmi 
flexpriority ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid 
xsaveopt dtherm ida arat pln pts

make.conf
CFLAGS="-march=native -O2 -pipe"
CXXFLAGS="${CFLAGS}"
CHOST="x86_64-pc-linux-gnu"
MAKEOPTS="-j5"

lspci -v | grep -i audio
00:03.0 Audio device: Intel Corporation Haswell-ULT HD Audio Controller (rev 09)
Subsystem: Intel Corporation Haswell-ULT HD Audio Controller
00:1b.0 Audio device: Intel Corporation 8 Series HD Audio Controller (rev 04)
Subsystem: Intel Corporation 8 Series HD Audio Controller

cat /proc/asound/card*/codec* | grep Codec
Codec: Intel Haswell HDMI
Codec: Realtek ALC892

speaker-test -t wave -c 6

speaker-test 1.1.2

Playback device is default
Stream parameters are 48000Hz, S16_LE, 6 channels
WAV file(s)
ALSA lib 
/var/tmp/portage/media-libs/alsa-lib-1.1.2/work/alsa-lib-1.1.2/src/pcm/pcm_dmix.c:1041:(snd_pcm_dmix_open)
 unable to open slave
Playback open error: -2,No such file or directory

-- 
Thelma

Re: [gentoo-user] Re: [OT] router woes

[Jorge Almeida]

On Wed, Mar 29, 2017 at 12:56 PM, Gregory Woodbury  wrote:
> I have a similar setup here in Frontier territory.  The ADSL circuit
> connects to their Netgeat/Westell B90
> which has wifi and 4 ethernet ports. One ethernet port connects to my
> "internal" DLink-615 which serves
> the rest of the unit.
>
> The only limiting link is the ADSL link, the rest of the place runs at
> 10/100/1000 depending on the device
> capabilities and switch limits. The DLink has a decent processor and only
> loses its mind occasionally when

I found this 
https://www.cnet.com/products/d-link-dir-615-wireless-n-router/review/

I suppose it's not the same model?! Are you sure the DLink is not a bottleneck?

> a memory leak in their implementation overwrites part of the routing tables.

Would dd-wrt or tomato be an alternative to the original firmware?

know you have detected that the TP-link is underpowered and limiting your
> speeds, so replacing that seems
> to be you best option.

I just bought the TP-Link to replace an old ASUS. Another replacement
is not an option.

Regards,

Jorge

Re: [gentoo-user] Re: [OT] router woes

[Jorge Almeida]

On Wed, Mar 29, 2017 at 12:49 PM, Daniel Frey  wrote:
> On 03/29/2017 12:07 PM, Jorge Almeida wrote:
>> I think I need wan-to-lan. Anyway, those numbers seem too good to be
>> true. 919Mbps with a $61 TP-Link AC1200? What would explain my poor
>> results?
>>
>
> I just looked and that's not your router. The router they tested has a
> dual core 800MHz CPU. The model that you have is a single core model and
> I can't find anything after a quick google on speed. It could be a
> 600/800MHz model. The extra core with hardware offloading makes a big
> difference.
Well, that explains it. But just $61? I feel doubly ripped-off.

Thanks

Jorge

Re: [gentoo-user] Re: [OT] router woes

[Gregory Woodbury]

I have a similar setup here in Frontier territory.  The ADSL circuit
connects to their Netgeat/Westell B90
which has wifi and 4 ethernet ports. One ethernet port connects to my
"internal" DLink-615 which serves
the rest of the unit.

The only limiting link is the ADSL link, the rest of the place runs at
10/100/1000 depending on the device
capabilities and switch limits. The DLink has a decent processor and only
loses its mind occasionally when
a memory leak in their implementation overwrites part of the routing
tables. We reboot the DLink daily to avoid
this problem.  The B90 needs a reboot on occasion when Frontier does
something to their internal gateways
that makes the B90 lose sync.

The DLink uses MAC filtering to only allow known devices to use its
services (wifi and ether.) In both the B90
and the DLink there are some virtual servers defined for bitorrent and a
few other protocols. Otherwise, both
devices NAT connections. The double NATting doesn't cause any real
problems, but XBox services detects that
they are double NATted and complain mildly but work anyway. DNS works fine,
but Frontier blocks certain inbound
ports (HTTP/S, SMTP, etc.) so most servers are out of the question.

I know you have detected that the TP-link is underpowered and limiting your
speeds, so replacing that seems
to be you best option.

I'm having ATT FTTH put in early next month and I'm going to opt for SMTP
capability (at an extra charge) but still
no HTTP servers are allowed for consumer/residential connections

-- 
G.Wolfe Woodbury
redwo...@gmail.com

Re: [gentoo-user] Re: [OT] router woes

[Daniel Frey]

On 03/29/2017 12:07 PM, Jorge Almeida wrote:
> I think I need wan-to-lan. Anyway, those numbers seem too good to be
> true. 919Mbps with a $61 TP-Link AC1200? What would explain my poor
> results?
> 

I just looked and that's not your router. The router they tested has a
dual core 800MHz CPU. The model that you have is a single core model and
I can't find anything after a quick google on speed. It could be a
600/800MHz model. The extra core with hardware offloading makes a big
difference.

Dan

Re: [gentoo-user] Too many invalid recipients. (in reply to MAIL FROM command))

[Neil Bothwick]

On Wed, 29 Mar 2017 10:53:35 -0600, the...@sys-concept.com wrote:

> I don't have anything in "mydestination" it is commented out and I think
> it should be. When I put my in mydestination=my domain
> in outgoing email syslog was showing: relay=local
> and I never got the email the relayhost= as below wasn't working
> 
> relayhost = mail.shawhosting.ca
> 
> commenting out #mydestination solved the problems.
> 
> However, when I get an email from portage (emerge) it is to:
> r...@mail101c7.megamailservers.com
> 
> where is: "mail101c7.megamailservers.com" coming from and how to change
> it/control it?

I take it you have already tried

grep -r mail101c7 /etc


-- 
Neil Bothwick

Idaho - It's not the end of the world, but you can see it from there.


pgpPHbxOZKnud.pgp
Description: OpenPGP digital signature

Re: [gentoo-user] Re: [OT] router woes

[Jorge Almeida]

On Wed, Mar 29, 2017 at 11:28 AM, Kai Krakow  wrote:
> Am Wed, 29 Mar 2017 04:52:08 -0700
> schrieb Jorge Almeida :
>
>> On Wed, Mar 29, 2017 at 12:45 AM, Neil Bothwick 
>> wrote:
>> > On Tue, 28 Mar 2017 22:52:25 -0700, Jorge Almeida wrote:
>> >
>>
>> >
> >
>> >
>> The ISP provided router is officially managed (whatever this means) by
>> them. As to privacy, I know a packet is visible once it leaves the
>> router via Wan port. What I worry a bit is about the possibility of
>> foul play towards the home network. The computers are firewalled via
>> iptables, but accept connections from 192.168 What prevents a
>> hacked router of impersonating a local origin?
>
> Block packets originating from the router MAC address and that don't
> belong to a known connection. Then deploy a managed switch that can do
> MAC address filtering so it allows only the one MAC address on the
> router port. This should be safe enough. It would be difficult to get
> around such a setup. To be even more safe, use VLAN and exclude all
> your computers from the management port.
>
> This, however, doesn't prevent tampering with packets on their way
> through the router. You could use VPN and place the tunnel endpoints
> only on trusted routers. That way, your ISP only relays VPN traffic,
> and ensures the transfer networks below are only used for VPN and your
> machines accept nothing else.
>
> --
Assuming that the router speed issue has no solution, I think I'll
adopt a different setup: All computers (just 3) with 2 network cards;
one card connected to the ISP router, rejecting all incoming packets
that are not part of an established connection; the other card
connected to one of my routers, accepting  local connections
(different subnet from the one associated with the ISP router;
computers with static IPs, for good measure); This secondary router
has the Wan port disconnected (is this the same as a switch?). This
should allow the home computers to communicate with each other without
any outside interference. Am I missing something?

Regards

Jorge

Re: [gentoo-user] Re: [OT] router woes

[Jorge Almeida]

On Wed, Mar 29, 2017 at 11:16 AM, Kai Krakow  wrote:
> Am Tue, 28 Mar 2017 21:19:29 +0100
> schrieb Jorge Almeida :
>

>
> I'm using a 400 MBps cable link here, directly connected, I can get 48
> MBytes/s out of it (which should be very close if not even little above
> 400 MBps), even when using the TP-Link as switch. If I use bridge mode
> and use TP-Link as router, it stop roughly around 300 MBps. My previous
> router even stopped at 30 MBps. It's a CPU issue. The internal CPU
> needs to do layer 3 routing. Layer 2 routing (switching) can be done by
> hardware. Login to your router and see how the CPU is loaded. Use top.
> If you still loaded it with its original hardware, you cannot do this,
> tho. Try OpenWRT (that is what I used).

You mean, check the % of cpu usage? It must be at about 100%, right?


>
> I think there's a database which contains throughput test results with
> different router hardware and different firmware. However, with a quick
> google search, I cannot find it. You may have more luck.
>
> [some moments later]
>
> I think it's here:
> https://www.smallnetbuilder.com/tools/charts/router/bar/180-lan-to-wan-tcp/31
>

I think I need wan-to-lan. Anyway, those numbers seem too good to be
true. 919Mbps with a $61 TP-Link AC1200? What would explain my poor
results?

Jorge

[gentoo-user] Re: [OT] router woes

[Kai Krakow]

Am Wed, 29 Mar 2017 04:52:08 -0700
schrieb Jorge Almeida :

> On Wed, Mar 29, 2017 at 12:45 AM, Neil Bothwick 
> wrote:
> > On Tue, 28 Mar 2017 22:52:25 -0700, Jorge Almeida wrote:
> >  
> 
> >
> > It's more a privacy issue that security for me. I have a similar
> > setup with a virgin cable router, which I set to what they call
> > modem mode, where only one of the ports works and connects to my
> > router. The one time I ran tech support they were able to see that
> > I was using it this way and even reset the modem for me. I suppose
> > it makes life easier for them and their typical customers, but it
> > was a little unnerving.
> >
> >  
> The ISP provided router is officially managed (whatever this means) by
> them. As to privacy, I know a packet is visible once it leaves the
> router via Wan port. What I worry a bit is about the possibility of
> foul play towards the home network. The computers are firewalled via
> iptables, but accept connections from 192.168 What prevents a
> hacked router of impersonating a local origin?

Block packets originating from the router MAC address and that don't
belong to a known connection. Then deploy a managed switch that can do
MAC address filtering so it allows only the one MAC address on the
router port. This should be safe enough. It would be difficult to get
around such a setup. To be even more safe, use VLAN and exclude all
your computers from the management port.

This, however, doesn't prevent tampering with packets on their way
through the router. You could use VPN and place the tunnel endpoints
only on trusted routers. That way, your ISP only relays VPN traffic,
and ensures the transfer networks below are only used for VPN and your
machines accept nothing else.

-- 
Regards,
Kai

Replies to list-only preferred.

[gentoo-user] Re: [OT] router woes

[Kai Krakow]

Am Tue, 28 Mar 2017 21:19:29 +0100
schrieb Jorge Almeida :

> I have net by cable with nominal speed 200Mbps. The ISP provides a
> modem/router Netgear (from Numericable). I disabled the WiFi and I
> have 2 computers connected via ethernet to the router. The speed is
> about 156Mbps (measured by http://www.speedtest.net), which seems to
> be what to expect.
> 
> Now, having a device provided by the ISP to act as router seems to be
> good for people who trust both the ISP and the manufacturer. (Please
> comment if I'm being too paranoid.)
> 
> So, I setup the router to work in bridge mode and connected one of the
> 4 lan ports to the Wan port of a secondary router TP-link (Archer
> C1200, Wireless dual band gigabit). It is supposed to comply with
> 802.11b/g/n 2.4GHz and 802.11a/n/ac 5GHz. Not that this matters per
> se, as I disabled the WiFi.
> 
> The point is: I connected the computers to the lan ports of my
> secondary router (with original firmware, but I intended to install
> ddwrt), and the setup works, except that the speed never reaches
> 100Mbps.
> 
> Which part is to blame? The secondary router boasts 1300Mbps on 5GHz
> WiFi, so I assumed it could deal with 150Mbps on cat5e ethernet cable.
> The power consumption is about 4.5w, which seems a bit flimsy.
> Or maybe the primary router is thottling speed when in bridge mode? Is
> this possible at all? (And if so, what could be the purpose of such
> measure? *spooky*)
> 
> Someone has a similar setup? Any experience with that (TP-link)
> router?

I'm using a 400 MBps cable link here, directly connected, I can get 48
MBytes/s out of it (which should be very close if not even little above
400 MBps), even when using the TP-Link as switch. If I use bridge mode
and use TP-Link as router, it stop roughly around 300 MBps. My previous
router even stopped at 30 MBps. It's a CPU issue. The internal CPU
needs to do layer 3 routing. Layer 2 routing (switching) can be done by
hardware. Login to your router and see how the CPU is loaded. Use top.
If you still loaded it with its original hardware, you cannot do this,
tho. Try OpenWRT (that is what I used).

I think there's a database which contains throughput test results with
different router hardware and different firmware. However, with a quick
google search, I cannot find it. You may have more luck.

[some moments later]

I think it's here:
https://www.smallnetbuilder.com/tools/charts/router/bar/180-lan-to-wan-tcp/31

-- 
Regards,
Kai

Replies to list-only preferred.

Re: [gentoo-user] Bluetooth and hciconfig

[Foster McLane]

On Tue, Mar 28, 2017 at 04:53:44PM +0100, Mick wrote:
> # AutoEnable defines option to enable all controllers when they are found.
> # This includes adapters present on start as well as adapters that are plugged
> # in later on. Defaults to 'false'.
> AutoEnable = true
> ===

Can you remove the spaces around the '=' and try again?

Foster

[gentoo-user] Re: [OT] Redirecting traffic for a TCP port to another gateway

[Kai Krakow]

Am Wed, 29 Mar 2017 19:30:11 +1100
schrieb Adam Carter :

> >
> > schrieb Dan Johansson :  
> >>  
>  [...]  
> >>  
> The general term for that is "policy routing".
> 
> If you're doing it to hack around some network weirdness that you
> cant fix because you dont have control of the network, it might be a
> necessary evil, but its generally a bad idea, Think about routing
> asymmetry, and whether you should use a NAT to prevent that side
> effect.

There are two gateways that probably will NAT. The machine itself does
not NAT as far as I understood. So there will be no problem with
asymmetric routing. Setting up NAT on an internal machine not being the
gateway itself would be unnecessary evil. And it would not help this
case as you still need to route packets to the proper (still internal)
gateway.

-- 
Regards,
Kai

Replies to list-only preferred.

[gentoo-user] Re: Too many invalid recipients. (in reply to MAIL FROM command))

[Kai Krakow]

Am Tue, 28 Mar 2017 23:24:15 -0600
schrieb the...@sys-concept.com:

> On 03/28/2017 10:57 PM, the...@sys-concept.com wrote:
> [snip
>  [...]  
> >>
> >> "man aliases" will probably give you the answer.
> >>
> >> --
> >> Regards
> >> wabe  
> > 
> > No, it will not! 

Well, actually it will. But the resulting behavior is obviously not
what you wanted. Maybe you should explain better what you try to
achieve. Your original request was just looking for a solution to the
error message which was provided properly. You didn't say you wanted to
keep the mail local.

Actually you asked this:

| My system mail is not going out via my system provider


> > The explanation is here:
> > https://www.experts-exchange.com/questions/21895287/SMTP-550-Too-many-invalid-recipients.html
> > 
> > --
> > Thelma  
> 
> I don't run an internal mail server but was wondering is there an easy
> way to configure the postfix so it will keep local mail (portage
> notifications, hylafax etc) away from system provider.
> My boxes are connected over VPN.
> 
> When I was setting up a new box today, something happen to cron email
> notification I started receiving bunch of emails like:
> Cron  root   test -x /usr/sbin/run-crons
> && /usr/sbin/run-crons
> 
> So provide mail server block my internal system emails from passing
> through their server.

Still, "man aliases" is your friend. You need to provide proper aliases
for "root" and "operator", maybe more. Give a local alias, e.g. your
username, without "@" and without domain.

Now, properly configure the LDA in postfix. Your transport
configuration probably excludes local delivery and instead passes
everything to the relay. I can recommend Dovecot as LDA, it will allow
you to use IMAP and Sieve locally which is probably what you want
anyway in your setup:

https://wiki.dovecot.org/LDA/Postfix

Tho, handling a full blown IMAP server for local mail is it's own
beast. If you don't want to use Dovecot, you can use procmail to
directly deliver to files in your $HOME:

http://wiki.kartbuilding.net/index.php/Procmail_-_setup_with_postfix

This requires a mail app that can work with local maildirs or mbox
files. Usually every mail software can do that (tho, I'm not sure for
Thunderbird). I recommend sticking to maildir as mbox can become very
slow.

You should get to know how postfix works. Postfix only delivers and
relays mails. You need to define agents to store mails - which is what
you are looking for.

Also, you can use "aliases" to define processes to deliver mail: Just
start an alias definition with "|" followed by a process, instead of
mail addresses.

Procmail supports filtering by simple rule definition, similar to
sieve. Maildrop is also an alternative.

Don't forget to run newaliases and maybe "postfix reload" after
modifications. Changes to *.db files are usually picked up by postfix
automatically, tho.

-- 
Regards,
Kai

Replies to list-only preferred.

Re: [gentoo-user] Too many invalid recipients. (in reply to MAIL FROM command))

[J. Roeleveld]

On March 29, 2017 5:34:48 PM GMT+02:00, wabe  wrote:
>"J. Roeleveld"  wrote:
>
>> On March 29, 2017 7:24:15 AM GMT+02:00, the...@sys-concept.com wrote:
>> >On 03/28/2017 10:57 PM, the...@sys-concept.com wrote:
>> >[snip  
>> [69.49.] said: 550 5.7.1 <>... Too many
>>  invalid recipients. (in reply to MAIL FROM command))
>> 
>>  How to setup postfix correctly?
>> 
>>  The only syscon7.localdomain is the entry from /etc/hosts
>> 
>>  in: /etc/mail/aliases I have:
>>  root:   the...@sys-concept.com
>> 
>>  So why postfix is sending it to:   
>> >>>
>> >>> "man aliases" will probably give you the answer.
>> >>>
>> >>> --
>> >>> Regards
>> >>> wabe  
>> >> 
>> >> No, it will not! 
>> >> 
>> >> The explanation is here:
>> >>  
>>
>>https://www.experts-exchange.com/questions/21895287/SMTP-550-Too-many-invalid-recipients.html
> 
>> >> 
>> >> --
>> >> Thelma  
>> >
>> >I don't run an internal mail server but was wondering is there an
>> >easy way to configure the postfix so it will keep local mail
>(portage
>> >notifications, hylafax etc) away from system provider.
>> >My boxes are connected over VPN.
>> >
>> >When I was setting up a new box today, something happen to cron
>email
>> >notification I started receiving bunch of emails like:
>> >Cron  root test -x /usr/sbin/run-crons
>> >&& /usr/sbin/run-crons
>> >
>> >So provide mail server block my internal system emails from passing
>> >through their server.
>> >
>> >--
>> >Thelma  
>> 
>> There are plenty of howtos, guides and documents online detailing how
>> to do this with a variety of mail servers.
>> 
>> Please use Google.
>
>Hint: Search for "postfix mydestination"
>
>--
>Regards
>wabe

That will only work when postfix knows where to send local mail to.
As I said, there are plenty of howtos on how to setup a local mailserver. It 
will require more software, Postfix is only part of the solution.

--
Joost
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: [gentoo-user] HD 630?

[Jorge Almeida]

On Wed, Mar 29, 2017 at 5:46 AM, Todd Goodman  wrote:
> * Jorge Almeida  [170327 18:04]:
>
>
> I've built a number of desktop machines using Intel i7 (mostly) CPUs
> with integrated GPU and all have been supported well in my
> gentoo-sources kernels.
>
> I find Intel GPU support "just works" far more often than AMD or nVidia.
>

That's my experience too, but only with lower end stuff. I'm not so
sure about Kaby Lake. I think I'll take a chance, though.

> Of course for heavy duty gaming then those go into a machine.
>
> But the Intel machines seem to have decent support for "lite" gaming
> (though certainly not "heavy duty")
>
Not a problem

Regards

Jorge

Re: [gentoo-user] drivers for INTEL integrated GPU?

[Jorge Almeida]

On Tue, Mar 28, 2017 at 2:28 PM, R0b0t1  wrote:
> On Tue, Mar 28, 2017 at 3:39 AM, Jorge Almeida  wrote:

>
> http://www.intel.com/content/www/us/en/support/graphics-drivers/05520.html
> ev says that everything up to Intel HD 620 is supported. It is
> probably reasonable to assume that a HD 630 device is supported.
>

OTOH, the gentoo WiKi https://wiki.gentoo.org/wiki/Intel seems to
imply that the commitment of Intel with Linux may be somewhat
colder...

>
> There are Intel HD devices, but there are also Iris devices. Per
> marketing materials I found the Iris line is intended to be
> distributed with higher-end computers for "professional" use. Do Iris
> and HD devices actually differ in driver support or is it mostly the
> name that shows up in lspci or Window's device manager that differs?

First time I read about it. Wikipedia
https://en.wikipedia.org/wiki/Intel_HD_and_Iris_Graphics has a few
tables suggesting Iris is higher end stuff. I don't know about kernel
support.
>

Re: [gentoo-user] Too many invalid recipients. (in reply to MAIL FROM command))

[thelma]

On 03/29/2017 09:34 AM, wabe wrote:
> "J. Roeleveld"  wrote:
> 
[snip]
>>
>> There are plenty of howtos, guides and documents online detailing how
>> to do this with a variety of mail servers.
>>
>> Please use Google.
> 
> Hint: Search for "postfix mydestination"
> 
> --
> Regards
> wabe

I don't have anything in "mydestination" it is commented out and I think
it should be. When I put my in mydestination=my domain
in outgoing email syslog was showing: relay=local
and I never got the email the relayhost= as below wasn't working

relayhost = mail.shawhosting.ca

commenting out #mydestination solved the problems.

However, when I get an email from portage (emerge) it is to:
r...@mail101c7.megamailservers.com

where is: "mail101c7.megamailservers.com" coming from and how to change
it/control it?

--
Thelma

[gentoo-user] Setting up shorewall

[Peter Humphrey]

Hello list,

I've been using shorewall happily for many years, but now I have a LAN setup 
that the docs seem not to cover. The new web-server box I mentioned recently 
has two Ethernet ports, which I want to connect as follows:

Port 1 (enp1s0) will be connected to a spare port on my vDSL modem/router 
and be accessible from outside. An HTTP hole* will be opened in the router 
for this.

Port 2 (enp2s0) is connected to my LAN switch, which is connected in turn to 
another port on the vDSL modem, which has no holes open to this port. Once 
the server goes into service this interface will be down most of the time.

I want to ensure that no bridging occurs between the two ports in the web 
server.

Shorewall has very good documentation, but I can't see an example similar to 
this; they assume that a two-homed machine is to act as a firewall, which is 
not at all what I want to do. http://shorewall.org/MultiISP.html isn't quite 
it either.

Does anyone have any tips or examples showing how to go about this? I'm 
confronted with that terrifying blank sheet of paper.

* Yes, I know I should go the whole hog and insist on HTTPS only, but that's 
another kettle of fish altogether. I prefer to think about it separately.

-- 
Regards
Peter

Re: [gentoo-user] Too many invalid recipients. (in reply to MAIL FROM command))

[wabe]

"J. Roeleveld"  wrote:

> On March 29, 2017 7:24:15 AM GMT+02:00, the...@sys-concept.com wrote:
> >On 03/28/2017 10:57 PM, the...@sys-concept.com wrote:
> >[snip  
> [69.49.] said: 550 5.7.1 <>... Too many
>  invalid recipients. (in reply to MAIL FROM command))
> 
>  How to setup postfix correctly?
> 
>  The only syscon7.localdomain is the entry from /etc/hosts
> 
>  in: /etc/mail/aliases I have:
>  root:the...@sys-concept.com
> 
>  So why postfix is sending it to:   
> >>>
> >>> "man aliases" will probably give you the answer.
> >>>
> >>> --
> >>> Regards
> >>> wabe  
> >> 
> >> No, it will not! 
> >> 
> >> The explanation is here:
> >>  
> >https://www.experts-exchange.com/questions/21895287/SMTP-550-Too-many-invalid-recipients.html
> >  
> >> 
> >> --
> >> Thelma  
> >
> >I don't run an internal mail server but was wondering is there an
> >easy way to configure the postfix so it will keep local mail (portage
> >notifications, hylafax etc) away from system provider.
> >My boxes are connected over VPN.
> >
> >When I was setting up a new box today, something happen to cron email
> >notification I started receiving bunch of emails like:
> >Cron  root  test -x /usr/sbin/run-crons
> >&& /usr/sbin/run-crons
> >
> >So provide mail server block my internal system emails from passing
> >through their server.
> >
> >--
> >Thelma  
> 
> There are plenty of howtos, guides and documents online detailing how
> to do this with a variety of mail servers.
> 
> Please use Google.

Hint: Search for "postfix mydestination"

--
Regards
wabe

Re: [gentoo-user] emerge : what generates this error message

[Helmut Jarausch]

On 03/29/2017 02:06:40 PM, Raffaele Belardi wrote:

Helmut Jarausch wrote:

Hi,

I have unmerged the package sci-libs/opencascade.

From then on, for any emerge action, I get the error message

!!! File Not Found: '/etc/env.d/51opencascade'


This occurs, e.g., between


media-sound/amarok-2.8.90-r2 merged.


and


Regenerating /etc/ld.so.cache...


What part of Gentoo (probably an eclass) does produce this error  
message

and how to stop this?

Many thanks for a hint,
Helmut



I think it's env-update. Could it be that you have a broken symlink  
left in /etc/env.d?




Many thanks, Raffaele - that's shot in the bull's eye

Helmut

.. and thanks to all who have helped.

Re: [gentoo-user] Re: Online hosting recommendation - VMs?

[Todd Goodman]

* Harry Putnam  [170327 22:09]:
> Stroller, just a note on my experience this evening.  I liked what I
> saw about linode in this thread..  Decided to try them out.
> 
> Got started with them... I was working from the command line in my new
> gentoo vm provided by linode.  Getting things setup the way I like
> them.
> 
> In the course of about 2 hrs my connections were dropped at least 15
> times and I think probably more.  At some points I have more than one
> login going, and I noticed if I left one idle for a few minutes it
> would b dropped when I next attemtpted to use it... I mean really a
> few minutes like 3 or so.
> 
> Sometimes connections would drop while the login instance was
> working... for example in the middle of a kernel compile.
> 
> I decided I'd seen enough and was not interested in spending time
> trying to determine what this was happening... so backed out and asked
> for my account to be cancelled and charges to my Credit card canceled.
> 
> Remains to be seen how they respond.  I only turned my trouble ticket
> 7 minutes ago.
> 

Wow.  I've never had that experience and I've been using them for years.

If I allow it I can keep SSH sessions to the instance up for weeks.

I can't comment on customer service as I've never needed to speak to
them.

I'm using the Newark, NJ location.

Todd

Re: [gentoo-user] HD 630?

[Todd Goodman]

* Jorge Almeida  [170327 18:04]:
> This may be a stupid question, for one of two possible reasons, but
> here it goes:
> 
> I'm thinking of buying a recent Intel CPU (7th generation, in
> saleslang), say an i5-7400, and it came to mind, not too late yet,
> that the integrated GPU may not be supported in linux. I'm talking
> about the latest kernels, not necessarily the gentoo-packaged one.
> Anyone knows something about it? And if not supported, is it likely
> that it will be sometime soon? I can use a spare Radeon card
> meanwhile...
> 
> (And, for someone who is not a gamer, is a 7th generation CPU worth it
> at all, as opposed to a 6th generation one?)
> 
> Any input is appreciated
> 
> Jorge Almeida

Not a stupid question, but also not a concern in my opinion.

I've built a number of desktop machines using Intel i7 (mostly) CPUs
with integrated GPU and all have been supported well in my
gentoo-sources kernels.

I find Intel GPU support "just works" far more often than AMD or nVidia.

Of course for heavy duty gaming then those go into a machine.

But the Intel machines seem to have decent support for "lite" gaming
(though certainly not "heavy duty")

Todd

Re: [gentoo-user] [OT] router woes

[Alarig Le Lay]

On mer. 29 mars 05:02:16 2017, Jorge Almeida wrote:
> BTW, I've been using dnscache (from djbdns) for years. I suppose that
> protects against spoofing?

It depends of from what you want to protect. DNS is an all clear
protocol, it’s easy to modify packet. Plus, the DNSSEC deployment is
too few, and even with DNSSEC, you have to validate localy.

It’s just more difficult for the ISP to spoof DNS packets than make their
resolver lying.

-- 
alarig


signature.asc
Description: PGP signature

Re: [gentoo-user] [OT] router woes

[Jorge Almeida]

On Wed, Mar 29, 2017 at 1:59 AM, Adam Carter  wrote:
> On Wed, Mar 29, 2017 at 7:19 AM, Jorge Almeida  wrote:
>>

>
> The next hop after the ISP supplied router is another piece of the ISPs
> network equipment, so the ISP access to your data is equivalent, since the
> geography is not important. I dont think Netgear is any less trustworthy
> than TP-link or whatever. Here the trust is probably more about reliability
> of the device than data privacy. Probably being too paranoid.

The difference between Netgear and TP-link is not about which company
is less trustworthy. The point is that the Netgear belongs to the ISP,
wheras the TP-link belongs to me and its crappy firmware (crappy
interface, at least) can be replaced by dd-wrt.

>
>>


>>
>>
>> Which part is to blame? The secondary router boasts 1300Mbps on 5GHz
>> WiFi, so I assumed it could deal with 150Mbps on cat5e ethernet cable.
>> The power consumption is about 4.5w, which seems a bit flimsy.
>> Or maybe the primary router is thottling speed when in bridge mode? Is
>> this possible at all? (And if so, what could be the purpose of such
>> measure? *spooky*)
>
>
> Does ifconfig show any interface errors?
>
> You can probably setup PPPoA, or whatever is required, on your Gentoo box to
> bring the service up instead of the TP-link, and test the bridge mode
> throughput. This also means you can have maximum flexibility since Gentoo
> will do all the interesting network stuff. However, unless you wanted to do
> that as a learning exercise its probably a waste of time and effort.
>
> Does TPlink provide any performance stats?
>

I already found that the TP-Link router is the culprit, due to low
processing power, Netgear is innocent.

regards

Jorge Almeida

Re: [gentoo-user] emerge : what generates this error message

[Raffaele Belardi]

Helmut Jarausch wrote:

Hi,

I have unmerged the package sci-libs/opencascade.

From then on, for any emerge action, I get the error message

!!! File Not Found: '/etc/env.d/51opencascade'


This occurs, e.g., between


media-sound/amarok-2.8.90-r2 merged.


and


Regenerating /etc/ld.so.cache...


What part of Gentoo (probably an eclass) does produce this error message
and how to stop this?

Many thanks for a hint,
Helmut



I think it's env-update. Could it be that you have a broken symlink left in 
/etc/env.d?

raffaele

Re: [gentoo-user] [OT] router woes

[Jorge Almeida]

On Wed, Mar 29, 2017 at 12:47 AM, Mick  wrote:
> On Tuesday 28 Mar 2017 22:52:25 Jorge Almeida wrote:
>

> Many ISPs today implement TR-069 (a standard of the DSL forum) to access
> customer equipment remotely for service provisioning.  They use configuration
> servers to implement management access to *their* routers and update
> firmware/software, reset the configuration to defaults, or more secure
> settings.
>
> http://www.broadband-forum.org/technical/download/TR-069.pdf
>
> This also allows them to undertake status and performance monitoring and run
> some diagnostics tests to manage their customers' complaints.
>
> The extent to which all this also allows spying on your connections is
> debatable, but if they have access to your DNS resolver, I guess they can
> route your queries on the fly, wherever they like.
> --
Spying on packets is probably something they'll be able to do if they
want to. Infiltrating the home network is what I find spooky. No one
seems to talk about it, maybe I'm missing something that is obvious
for more knowledgeable people.

BTW, I've been using dnscache (from djbdns) for years. I suppose that
protects against spoofing?

Regards

Jorge

Re: [gentoo-user] [OT] router woes

[Jorge Almeida]

On Wed, Mar 29, 2017 at 12:45 AM, Neil Bothwick  wrote:
> On Tue, 28 Mar 2017 22:52:25 -0700, Jorge Almeida wrote:
>

>
> It's more a privacy issue that security for me. I have a similar setup
> with a virgin cable router, which I set to what they call modem mode,
> where only one of the ports works and connects to my router. The one time
> I ran tech support they were able to see that I was using it this way and
> even reset the modem for me. I suppose it makes life easier for them and
> their typical customers, but it was a little unnerving.
>
>
The ISP provided router is officially managed (whatever this means) by
them. As to privacy, I know a packet is visible once it leaves the
router via Wan port. What I worry a bit is about the possibility of
foul play towards the home network. The computers are firewalled via
iptables, but accept connections from 192.168 What prevents a
hacked router of impersonating a local origin?

J.A.

Re: [gentoo-user] emerge : what generates this error message

[Hogren]

On 29/03/2017 13:15, Alexander Kapshuk wrote:
> On Wed, Mar 29, 2017 at 2:03 PM, Helmut Jarausch  wrote:
>> Hi,
>>
>> I have unmerged the package sci-libs/opencascade.
>>
>> From then on, for any emerge action, I get the error message
>>
>> !!! File Not Found: '/etc/env.d/51opencascade'
>>
>>
>> This occurs, e.g., between
>>
> media-sound/amarok-2.8.90-r2 merged.
>>
>> and
>>
> Regenerating /etc/ld.so.cache...
>>
>> What part of Gentoo (probably an eclass) does produce this error message
>> and how to stop this?
>>
>> Many thanks for a hint,
>> Helmut
>>
> Perhaps running 'revdep-rebuild' after unmerging the pkg in question
> would fix that.
>
Hello,
If that doesn't work. Try to use grep to find if this file filename is
hard coded anywhere.
#grep -Ri "opencascade" /etc/*
 
Bye
Hogren

Re: [gentoo-user] emerge : what generates this error message

[Alexander Kapshuk]

On Wed, Mar 29, 2017 at 2:03 PM, Helmut Jarausch  wrote:
> Hi,
>
> I have unmerged the package sci-libs/opencascade.
>
> From then on, for any emerge action, I get the error message
>
> !!! File Not Found: '/etc/env.d/51opencascade'
>
>
> This occurs, e.g., between
>
 media-sound/amarok-2.8.90-r2 merged.
>
>
> and
>
 Regenerating /etc/ld.so.cache...
>
>
> What part of Gentoo (probably an eclass) does produce this error message
> and how to stop this?
>
> Many thanks for a hint,
> Helmut
>

Perhaps running 'revdep-rebuild' after unmerging the pkg in question
would fix that.

[gentoo-user] emerge : what generates this error message

[Helmut Jarausch]

Hi,

I have unmerged the package sci-libs/opencascade.

From then on, for any emerge action, I get the error message

!!! File Not Found: '/etc/env.d/51opencascade'


This occurs, e.g., between


media-sound/amarok-2.8.90-r2 merged.


and


Regenerating /etc/ld.so.cache...


What part of Gentoo (probably an eclass) does produce this error message
and how to stop this?

Many thanks for a hint,
Helmut

Re: [gentoo-user] [OT] router woes

[Mick]

On Wednesday 29 Mar 2017 19:59:18 Adam Carter wrote:
> On Wed, Mar 29, 2017 at 7:19 AM, Jorge Almeida  wrote:

> > Which part is to blame? The secondary router boasts 1300Mbps on 5GHz
> > WiFi, so I assumed it could deal with 150Mbps on cat5e ethernet cable.
> > The power consumption is about 4.5w, which seems a bit flimsy.
> > Or maybe the primary router is thottling speed when in bridge mode? Is
> > this possible at all? (And if so, what could be the purpose of such
> > measure? *spooky*)
> 
> Does ifconfig show any interface errors?

Also check output from dmesg, ethtool, mii-tool to confirm if the link is 
negotiated as 1Gbps half or full duplex when you connect your PC to the 
router, as opposed to when you connect directly to the modem.  BTW, even as 
full duplex, a 100Mbps connection will give you a throughput < 100Mbps no 
matter how enthusiastic it is.  For example, on my home network (100baseT 
switch) on a full duplex link:

$ dmesg | grep duplex
[   19.420820] tg3 :0b:00.0 enp11s0: Link is up at 100 Mbps, full duplex

... I never see more 96Mpbs data throughput.

-- 
Regards,
Mick

signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-user] [OT] router woes

[Adam Carter]

On Wed, Mar 29, 2017 at 7:19 AM, Jorge Almeida  wrote:

> I have net by cable with nominal speed 200Mbps. The ISP provides a
> modem/router Netgear (from Numericable). I disabled the WiFi and I
> have 2 computers connected via ethernet to the router. The speed is
> about 156Mbps (measured by http://www.speedtest.net), which seems to
> be what to expect.
>
> Now, having a device provided by the ISP to act as router seems to be
> good for people who trust both the ISP and the manufacturer. (Please
> comment if I'm being too paranoid.)
>

The next hop after the ISP supplied router is another piece of the ISPs
network equipment, so the ISP access to your data is equivalent, since the
geography is not important. I dont think Netgear is any less trustworthy
than TP-link or whatever. Here the trust is probably more about reliability
of the device than data privacy. Probably being too paranoid.


> So, I setup the router to work in bridge mode and connected one of the
> 4 lan ports to the Wan port of a secondary router TP-link (Archer
> C1200, Wireless dual band gigabit). It is supposed to comply with
> 802.11b/g/n 2.4GHz and 802.11a/n/ac 5GHz. Not that this matters per
> se, as I disabled the WiFi.
>
> The point is: I connected the computers to the lan ports of my
> secondary router (with original firmware, but I intended to install
> ddwrt), and the setup works, except that the speed never reaches
> 100Mbps.
>

Ok so i think you've downgraded your performance without any real change in
security.

>
> Which part is to blame? The secondary router boasts 1300Mbps on 5GHz
> WiFi, so I assumed it could deal with 150Mbps on cat5e ethernet cable.
> The power consumption is about 4.5w, which seems a bit flimsy.
> Or maybe the primary router is thottling speed when in bridge mode? Is
> this possible at all? (And if so, what could be the purpose of such
> measure? *spooky*)
>

Does ifconfig show any interface errors?

You can probably setup PPPoA, or whatever is required, on your Gentoo box
to bring the service up instead of the TP-link, and test the bridge mode
throughput. This also means you can have maximum flexibility since Gentoo
will do all the interesting network stuff. However, unless you wanted to do
that as a learning exercise its probably a waste of time and effort.

Does TPlink provide any performance stats?

Re: [gentoo-user] [OT] router woes

[Mick]

On Wednesday 29 Mar 2017 08:45:33 Neil Bothwick wrote:
> On Tue, 28 Mar 2017 22:52:25 -0700, Jorge Almeida wrote:
> > PS. I still would like to know what people in this list think about
> > having an ISP managed device as router, re security. Not that I have
> > any real option if I want the contracted speed...
> 
> It's more a privacy issue that security for me. I have a similar setup
> with a virgin cable router, which I set to what they call modem mode,
> where only one of the ports works and connects to my router. The one time
> I ran tech support they were able to see that I was using it this way and
> even reset the modem for me. I suppose it makes life easier for them and
> their typical customers, but it was a little unnerving.

Perhaps your 'modem mode' is a half-bridge set up with a public IP address and 
they can still access it via WAN?  Bear in mind the TR-069 daemons may still 
be running no matter how you set up the router, unless you stop them manually.  
I have a Huawei which I use in a fully bridged mode as a modem and have to 
stop such services manually on every reboot, after I log into it with SSH.
-- 
Regards,
Mick

signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-user] Re: [OT] Redirecting traffic for a TCP port to another gateway

[Adam Carter]

>
> schrieb Dan Johansson :
>>
>>>
>>> Is it possible, using iptables or something equivalent, to redirect
>>> traffic to some specific TCP ports to another gateway than the
>>> default-gateway?
>>>
>>
The general term for that is "policy routing".

If you're doing it to hack around some network weirdness that you cant fix
because you dont have control of the network, it might be a necessary evil,
but its generally a bad idea, Think about routing asymmetry, and whether
you should use a NAT to prevent that side effect.

Re: [gentoo-user] [OT] router woes

[Alarig Le Lay]

On mar. 28 mars 22:52:25 2017, Jorge Almeida wrote:
> I've been using an RT-N16 for years, and it still works fine. They
> don't advertise big speeds and I understood it doesn't have the CPU
> power to cope. I assumed a new generation router would do the job. Big
> mistake.

I have an 1G fiber at home, I kept the provided ONT, plug the RJ-45
cable to an APU, I can use the whole downlink. For the Wi-Fi, I have an
old WRT54G (birdged), I didn’t test the bandwidth but I don’t expect so
much.

-- 
alarig


signature.asc
Description: PGP signature

Re: [gentoo-user] HD 630?

[Håkon Alstadheim]

Den 28. mars 2017 00:03, skrev Jorge Almeida:

This may be a stupid question, for one of two possible reasons, but
here it goes:

I'm thinking of buying a recent Intel CPU (7th generation, in
saleslang), say an i5-7400, and it came to mind, not too late yet,
that the integrated GPU may not be supported in linux. I'm talking
about the latest kernels, not necessarily the gentoo-packaged one.
Anyone knows something about it? And if not supported, is it likely
that it will be sometime soon? I can use a spare Radeon card
meanwhile...
Google "linux intel graphics", and you'll find lots of hits from Intel 
itself. Most likely also from linux kernel maintainers. My impression 
(though I do not have one of these cpus) is that this is very well 
supported, and Intel is eager to get their latest offering out into the 
linux community, in a fairly stable form.




(And, for someone who is not a gamer, is a 7th generation CPU worth it
at all, as opposed to a 6th generation one?)
Read some benchmarks for your work-load. My guess: yes. Calculate 
percent increase performance, compare prices. Prices change all the 
time, so you need to do this the same week as you place your order.


Point to keep in mind: not just raw power but also heat/performance is 
relevant. Newer cpus waste less energy/need fewer fans/make less noise 
per work-unit done.


Running gentoo you might also be well positioned to take advantage of 
latest optimizations, but this can be a huge sink for your personal 
time. For reasonable effort, expect to wait at least a couple of years 
before stable gcc and kernel modules will push your rig to the max.

Re: [gentoo-user] [OT] router woes

[Mick]

On Tuesday 28 Mar 2017 22:52:25 Jorge Almeida wrote:

> PS. I still would like to know what people in this list think about
> having an ISP managed device as router, re security. Not that I have
> any real option if I want the contracted speed...

Many ISPs today implement TR-069 (a standard of the DSL forum) to access 
customer equipment remotely for service provisioning.  They use configuration 
servers to implement management access to *their* routers and update 
firmware/software, reset the configuration to defaults, or more secure 
settings.  

http://www.broadband-forum.org/technical/download/TR-069.pdf

This also allows them to undertake status and performance monitoring and run 
some diagnostics tests to manage their customers' complaints.

The extent to which all this also allows spying on your connections is 
debatable, but if they have access to your DNS resolver, I guess they can 
route your queries on the fly, wherever they like.
-- 
Regards,
Mick

signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-user] [OT] router woes

[Neil Bothwick]

On Tue, 28 Mar 2017 22:52:25 -0700, Jorge Almeida wrote:

> PS. I still would like to know what people in this list think about
> having an ISP managed device as router, re security. Not that I have
> any real option if I want the contracted speed...

It's more a privacy issue that security for me. I have a similar setup
with a virgin cable router, which I set to what they call modem mode,
where only one of the ports works and connects to my router. The one time
I ran tech support they were able to see that I was using it this way and
even reset the modem for me. I suppose it makes life easier for them and
their typical customers, but it was a little unnerving.


-- 
Neil Bothwick

One of the nice things about standards is that there are so many of them.


pgpNcOUdo352J.pgp
Description: OpenPGP digital signature

[gentoo-user] RE: elibtoolize Portage patch requested, but failed to apply!

[Erwan Rigollot]

Hi all,

It's solved and it was my fault.

I have had to put elt-patches in /etc/portage/profile/package.provided to 
compile new version of portage with success two days ago and I forget it .

Have a good days !


Easy Service Informatique
Erwan Rigollot
Intervenant technique
Easy Service Informatique
8 rue Saint Augustin - 75002 Paris
Email: er...@easy-info.com
Tel: +33 (0)1 42 96 06 71
Fax: +33 (0)1 42 96 41 72

De : Erwan RIGOLLOT [mailto:er...@rigollot.eu]
Envoyé : lundi 27 mars 2017 13:41
À : gentoo-user@lists.gentoo.org
Objet : [gentoo-user] elibtoolize Portage patch requested, but failed to apply!

Hi all,


I just did an emerge -sync and a porting update on two gentoo.

Some packages do not want to compile anymore.

Exemples

gcc :
* updating multilib directories to be: ../lib64 ../lib32
* Running elibtoolize in: gcc-4.9.4/

* Portage patch requested, but failed to apply!
* Please file a bug report to add a proper patch.
* ERROR: sys-devel/gcc-4.9.4::gentoo failed (prepare phase):
*   Portage patch requested, but failed to apply!


php-5.6.30 :
Running elibtoolize in: apr-1.5.2/build/

* Portage patch failed to apply 
(ltmain.sh
 version 2.4.6)!
* Please file a bug report to add a proper patch.
* ERROR: dev-libs/apr-1.5.2::gentoo failed (prepare phase):
*   Portage patch failed to apply!
*
* Call stack:
* 
ebuild.sh,
 line  115:  Called src_prepare
*   environment, line 2726:  Called eautoreconf
*   environment, line  864:  Called elibtoolize '--force' 
'/var/tmp/portage/dev-libs/apr-1.5.2/work/apr-1.5.2'
*   environment, line 1116:  Called die
* The specific snippet of code:
*   die "Portage patch failed to apply!";
*
* If you need support, post the output of `emerge --info 
'=dev-libs/apr-1.5.2::gentoo'`,
* the complete build log and the output of `emerge -pqv 
'=dev-libs/apr-1.5.2::gentoo'`.
* The complete build log is located at 
'/var/tmp/portage/dev-libs/apr-1.5.2/temp/build.log'.
* The ebuild environment file is located at 
'/var/tmp/portage/dev-libs/apr-1.5.2/temp/environment'.
* Working directory: '/var/tmp/portage/dev-libs/apr-1.5.2/work/apr-1.5.2'
* S: '/var/tmp/portage/dev-libs/apr-1.5.2/work/apr-1.5.2'


I tried many things without success.

Does anyone have any idea what I could do?

Thank you

Re: [gentoo-user] Re: [OT] Redirecting traffic for a TCP port to another gateway

[Dan Johansson]

On 2017-03-28 21:48, Kai Krakow wrote:

Am Tue, 28 Mar 2017 21:26:05 +0200
schrieb Dan Johansson :


Is it possible, using iptables or something equivalent, to redirect
traffic to some specific TCP ports to another gateway than the
default-gateway?

Eg.

Host 192.168.1.100/24 has a default-gateway of 192.168.1.1
Now I want to send all traffic from this host to destination-tcp-port
80 to gateway 192.168.2.1 instead (the host has a second interface
with the address 192.168.2.100/24 as well).
I only want the traffic to port 80 to go thru this GW (and then to
its final destination).
And port 80 is just an example, it could be port 12345 as well.

Is this possible? If yes, any suggestion on how to do it?


If I understand you correctly, you want to do the redirect decision on
the source machine 192.168.1.100, and not on the default gateway
192.168.1.1.


Yes, correct, that is the way I want it.


This means you need to mark packages with iptables, and then doing the
routing based on the mark. For this, you need to setup policy routing.
Look here:

http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.netfilter.html


That link looks promising, it is quite close to my planned setup/needs.


That example uses port 25 instead of 80. It marks packets, and then
creates a second routing table to use for such marked packets.


That is not a problem as I was only using port 80 as an example.

Thanks for the link, my google searches did not find that :-(

D/\N

Re: [gentoo-user] Online hosting recommendation - VMs?

[Stroller]

> On 29 Mar 2017, at 06:43, Arthur Țițeică  wrote:
>> 
>> €5 a month seems an ideal price, but I can probably afford a little
>> more.
> 
> Dedibox/Online has real hardware (dedicated servers) for 15 or 30€ on the 
> personal range. The more expensive one has 2 SSDs for software raid 6 cores 
> Xeon and 32gb memory.

Not sure why I'd need a dedicated hardware.

I think I'd probably rather have two VMs at €5 or €10 each a month, than one 
high-powered machine at the same price.

It would be handy to have another shell I can run back up to, run unattended 
downloads on and so forth when I'm on a flakey connection (and then pop the 
download into my Google Drive).

PS: can anyone explain how the Amazon web services work, please? I have the 
impression they're charged by usage and can be very cheap. But it's not clear 
to me if you can use AWS just like a regular Linux cloud server.