Re: [gentoo-user] update fails, but I don't see why
On Fri, 4 Dec 2020 at 09:40, n952162 wrote: > !!! Multiple package instances within a single package slot have been pulled > !!! into the dependency graph, resulting in a slot conflict: > > dev-python/requests:0 > >(dev-python/requests-2.24.0-r1:0/0::gentoo, ebuild scheduled for > merge) USE="ssl -socks5 -test" ABI_X86="(64)" PYTHON_TARGETS="python3_6 > python3_7 python3_8 (-pypy3) -python3_9" pulled in by > dev-python/requests[python_targets_pypy3(-)?,python_targets_python3_6(-)?,python_targets_python3_7(-)?,python_targets_python3_8(-)?,python_targets_python3_9(-)?,-python_single_target_pypy3(-),-python_single_target_python3_6(-),-python_single_target_python3_7(-),-python_single_target_python3_8(-),-python_single_target_python3_9(-)] > required by (app-portage/gemato-16.2:0/0::gentoo, ebuild scheduled for > merge) USE="gpg -test -tools" ABI_X86="(64)" PYTHON_TARGETS="python3_7 > python3_8 (-pypy3) -python3_6 -python3_9" > > dev-python/requests[python_targets_pypy3(-)?,python_targets_python3_6(-)?,python_targets_python3_7(-)?,python_targets_python3_8(-)?,python_targets_python3_9(-)?,-python_single_target_pypy3(-),-python_single_target_python3_6(-),-python_single_target_python3_7(-),-python_single_target_python3_8(-),-python_single_target_python3_9(-)] > required by (dev-python/sphinx-3.2.1:0/0::gentoo, ebuild scheduled for > merge) USE="-doc -latex -test" ABI_X86="(64)" PYTHON_TARGETS="python3_7 > python3_8 (-pypy3) -python3_6 -python3_9" > > >(dev-python/requests-2.24.0:0/0::gentoo, installed) USE="ssl -socks5 > -test" ABI_X86="(64)" PYTHON_TARGETS="python2_7 python3_6 python3_7 > (-pypy3) -python3_8 -python3_9" pulled in by > > >dev-python/requests-2.21.0[python_targets_python2_7(-),python_targets_python3_6(-),-python_single_target_jython2_7(-),-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python3_7(-),python_single_target_python3_6(+)] > required by (net-misc/streamlink-1.1.1:0/0::gentoo, installed) USE="-doc > -test" ABI_X86="(64)" PYTHON_SINGLE_TARGET="python3_6 -python2_7 -python3_5" > PYTHON_TARGETS="python2_7 python3_6 -python3_5" There seems to be some python3_6 and even python2_7 in your error output, maybe you have set some older python targets somewhere that you've forgotten about? Regards, Arve
Re: [gentoo-user] {OT} LWP::UserAgent slows website
> A little more infromation would help. like what webserver, what kind of > requests, etc > > -Kevin It's apache and the requests/responses are XML. I know this is pathetically little information with which to diagnose the problem. I'm just wondering if there is a tool or method that's good to diagnose things of this nature. - Grant >> I have a script that makes 6 successive HTTP requests via >> LWP::UserAgent. It runs fine and takes only about 3 seconds, but >> whenever it is run I start receiving alerts that my website is >> responding slowly to requests. This lasts for up to around 10 >> minutes. I've tried turning the timeout down to 3 seconds and I've >> tried LWPx::ParanoidAgent but the behavior is the same. >> >> Can anyone tell me how to go about tracking this down? >> >> - Grant >> > >
Re: [gentoo-user] update fails, but I don't see why
On 12/4/20 9:53 AM, Arve Barsnes wrote: On Fri, 4 Dec 2020 at 09:40, n952162 wrote: !!! Multiple package instances within a single package slot have been pulled !!! into the dependency graph, resulting in a slot conflict: dev-python/requests:0 (dev-python/requests-2.24.0-r1:0/0::gentoo, ebuild scheduled for merge) USE="ssl -socks5 -test" ABI_X86="(64)" PYTHON_TARGETS="python3_6 python3_7 python3_8 (-pypy3) -python3_9" pulled in by dev-python/requests[python_targets_pypy3(-)?,python_targets_python3_6(-)?,python_targets_python3_7(-)?,python_targets_python3_8(-)?,python_targets_python3_9(-)?,-python_single_target_pypy3(-),-python_single_target_python3_6(-),-python_single_target_python3_7(-),-python_single_target_python3_8(-),-python_single_target_python3_9(-)] required by (app-portage/gemato-16.2:0/0::gentoo, ebuild scheduled for merge) USE="gpg -test -tools" ABI_X86="(64)" PYTHON_TARGETS="python3_7 python3_8 (-pypy3) -python3_6 -python3_9" dev-python/requests[python_targets_pypy3(-)?,python_targets_python3_6(-)?,python_targets_python3_7(-)?,python_targets_python3_8(-)?,python_targets_python3_9(-)?,-python_single_target_pypy3(-),-python_single_target_python3_6(-),-python_single_target_python3_7(-),-python_single_target_python3_8(-),-python_single_target_python3_9(-)] required by (dev-python/sphinx-3.2.1:0/0::gentoo, ebuild scheduled for merge) USE="-doc -latex -test" ABI_X86="(64)" PYTHON_TARGETS="python3_7 python3_8 (-pypy3) -python3_6 -python3_9" (dev-python/requests-2.24.0:0/0::gentoo, installed) USE="ssl -socks5 -test" ABI_X86="(64)" PYTHON_TARGETS="python2_7 python3_6 python3_7 (-pypy3) -python3_8 -python3_9" pulled in by >dev-python/requests-2.21.0[python_targets_python2_7(-),python_targets_python3_6(-),-python_single_target_jython2_7(-),-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python3_7(-),python_single_target_python3_6(+)] required by (net-misc/streamlink-1.1.1:0/0::gentoo, installed) USE="-doc -test" ABI_X86="(64)" PYTHON_SINGLE_TARGET="python3_6 -python2_7 -python3_5" PYTHON_TARGETS="python2_7 python3_6 -python3_5" There seems to be some python3_6 and even python2_7 in your error output, maybe you have set some older python targets somewhere that you've forgotten about? Regards, Arve Forgotten about? I'm flattered! That would imply I understood something here ... Here's my python situation: $ sed -n -e '/^\s*#/d' -e '/python/Ip' * | sort -u */* PYTHON_TARGETS: python3_7 >=dev-lang/python-2.7.16:2.7 sqlite >=dev-lang/python-3.6.9 sqlite >=dev-libs/libxml2-2.9.9-r1 python >=dev-python/PySocks-1.7.1 python_targets_python3_6 >=dev-python/certifi-10001-r1 python_targets_python3_7 >=dev-python/certifi-2019.11.28 python_targets_python3_6 >=dev-python/cffi-1.14.0 python_targets_python3_6 >=dev-python/chardet-3.0.4 python_targets_python3_6 >=dev-python/cryptography-2.8-r1 python_targets_python3_6 >=dev-python/docutils-0.16 -python_targets_python2_7 >=dev-python/idna-2.8 python_targets_python3_6 >=dev-python/isodate-0.6.0-r1 python_targets_python3_6 >=dev-python/ply-3.11 python_targets_python3_6 >=dev-python/pycparser-2.20 python_targets_python3_6 >=dev-python/pycryptodome-3.9.4 python_targets_python3_6 >=dev-python/pyopenssl-19.1.0 python_targets_python3_6 >=dev-python/requests-2.23.0 python_targets_python3_6 >=dev-python/setuptools-46.4.0-r1 python_targets_python3_6 >=dev-python/setuptools-50.3.0 python_targets_python3_7 >=dev-python/setuptools_scm-4.1.2-r1 python_targets_python3_6 >=dev-python/setuptools_scm-4.1.2-r1 python_targets_python3_7 >=dev-python/six-1.14.0 python_targets_python3_6 >=dev-python/six-1.15.0-r1 python_targets_python3_7 >=dev-python/urllib3-1.25.8 python_targets_python3_6 >=virtual/python-cffi-0 python_targets_python3_6 dev-lang/python readline net-print/cups X python
Re: [gentoo-user] What's with all these "acct-group" ebuilds recently?
On 6/19/20 9:04 PM, Walter Dnes wrote: Inquiring minds want to know. What exactly do they accomplish, besides cluttering up a database somewhere? It's not the cluttering of databases that bother me, it's the creation of many ambiguous requests now. I went to emerge mythtv (I think) and now it says it's an ambiguous requests with *both* the group and user of the same name. I must say I'm baffled that a proposal that would create so many ambiguous requests passed... Dan
[gentoo-user] Hold on portage feature requests
Hello all, The subject says it all: no more feature requests for portage (the package manager) until further notice. This does not include submitting of patches that add new features. "Further notice" will likely mean when the next major version of portage becomes stable. The reason behind this is that at approximately two thirds of bugs received are feature requests and they are drowning at the real bugs. More importantly, the critical bugs are becoming very hard to keep track of. This, at a time when we are focusing on fixing major and critical bugs only so as to get the next version completed quicker. Most of the current feature requests will be available at the time when the next version goes stable (and that which isn't should be relatively painless to implement) so don't worry that things will go stagnant. However, if you are worried, I'll be posting a weekly summary of portage bug activity to gentoo-portage-dev@gentoo.org from now on. If you'd like to join the portage team or just feel like giving a quick hand, have a browse through the bugs and see what fixes you can come up with. -- Jason Stubbs pgp0LZa8QYoih.pgp Description: PGP signature
[gentoo-user] TCP Queuing problem
My web server's response time for http requests skyrockets every weekday between about 9am and 5pm. I've gone over my munin graphs and the only one that really correlates well with the slowdown is "TCP Queuing". It looks like I normally have about 400 packets per second graphed as "direct copy from queue" in munin throughout the day, but 2 to 3.5 times that many are periodically graphed during work hours. I don't see the same pattern at all from the graph of all traffic on my network interface which actually peaks over the weekend. TCP Queuing doesn't rise above 400 packets per second all weekend. This is consistent week after week. My two employees come into work during the hours in question, and they certainly make frequent requests of the web server while at work, but if their volume of requests were the cause of the problem then that would be reflected in the graph of web server requests but it is not. I do run a small MTU on the systems at work due to the config of the modem/router we have there. Is this a recognizable problem to anyone? - Grant
Re: [gentoo-user] {OT} LWP::UserAgent slows website
A little more infromation would help. like what webserver, what kind of requests, etc -Kevin On 02/06/2013 07:13 PM, Grant wrote: > I have a script that makes 6 successive HTTP requests via > LWP::UserAgent. It runs fine and takes only about 3 seconds, but > whenever it is run I start receiving alerts that my website is > responding slowly to requests. This lasts for up to around 10 > minutes. I've tried turning the timeout down to 3 seconds and I've > tried LWPx::ParanoidAgent but the behavior is the same. > > Can anyone tell me how to go about tracking this down? > > - Grant > signature.asc Description: OpenPGP digital signature
[gentoo-user] Re: TCP Queuing problem
> My web server's response time for http requests skyrockets every > weekday between about 9am and 5pm. I've gone over my munin graphs and > the only one that really correlates well with the slowdown is "TCP > Queuing". It looks like I normally have about 400 packets per second > graphed as "direct copy from queue" in munin throughout the day, but 2 > to 3.5 times that many are periodically graphed during work hours. I > don't see the same pattern at all from the graph of all traffic on my > network interface which actually peaks over the weekend. TCP Queuing > doesn't rise above 400 packets per second all weekend. This is > consistent week after week. > > My two employees come into work during the hours in question, and they > certainly make frequent requests of the web server while at work, but > if their volume of requests were the cause of the problem then that > would be reflected in the graph of web server requests but it is not. > I do run a small MTU on the systems at work due to the config of the > modem/router we have there. > > Is this a recognizable problem to anyone? I'm in the midst of this. Are there certain attacks I should check for? - Grant
[gentoo-user] Strange outbound requests
My firewall is blocking periodic outbound connections to port 3680 on a Rackspace IP. How can I find out more about what's going on? Maybe which program is generating the connection requests? - Grant
[gentoo-user] Re: TCP Queuing problem
>> My web server's response time for http requests skyrockets every >> weekday between about 9am and 5pm. I've gone over my munin graphs and >> the only one that really correlates well with the slowdown is "TCP >> Queuing". It looks like I normally have about 400 packets per second >> graphed as "direct copy from queue" in munin throughout the day, but 2 >> to 3.5 times that many are periodically graphed during work hours. I >> don't see the same pattern at all from the graph of all traffic on my >> network interface which actually peaks over the weekend. TCP Queuing >> doesn't rise above 400 packets per second all weekend. This is >> consistent week after week. >> >> My two employees come into work during the hours in question, and they >> certainly make frequent requests of the web server while at work, but >> if their volume of requests were the cause of the problem then that >> would be reflected in the graph of web server requests but it is not. >> I do run a small MTU on the systems at work due to the config of the >> modem/router we have there. >> >> Is this a recognizable problem to anyone? > > > I'm in the midst of this. Are there certain attacks I should check for? It looks like the TCP Queuing spike itself was due to imapproxy which I've now disabled. I'll post more info as I gather it. - Grant
Re: [gentoo-user] Strange outbound requests
>> >> My firewall is blocking periodic outbound connections to port 3680 on >> >> a Rackspace IP. How can I find out more about what's going on? Maybe >> >> which program is generating the connection requests? >> > >> > Uh, a packet sniffer? >> > >> > I have an old laptop here that I have a second (cardbus) network card in. >> > Really cheap and cheerful - the sort of thing you can pick up on >> > freecycle. It's been a while since I've done anything like this, but you >> > should be able to stick a box like that between the router and the rest >> > of your network, run Wireshark and filter on that port. If the >> > connection is encrypted then at least you'll see the originating IP. >> >> I've actually got the originating local IP from the shorewall log. >> I'm just trying to figure out which program and maybe which user on >> that system is generating the outbound requests to port 3680. Is >> there any way to get more info without setting up a new box? >> >> > I don't think it's relevant that the IP belongs to Rackspace - don't they >> > just hire (virtual) servers to anyone that wants one? >> >> Yeah I just meant the request could be going to "anyone". >> >> - Grant > > Are you running NPDS in your LAN and is it configured to access any sites on > rackspace? > -- > Regards, > Mick I am not running NPDS. I looked it up when I was researching port 3680 and read about it for the first time. I know which machine is making the requests. Any way to drill down further? - Grant
Re: [gentoo-user] Re: {OT} Allow work from home?
>> The answer to this may be an obvious "yes" but I've never done it so I'm >> not sure. Can I route requests from machine C through machine A only >> for my domain name, and not involve A for C's other internet requests? >> If so, where is that configured? > > While ZT can be used to route requests between networks, but it is mainly > used to talk directly between clients. If A wants to talk to C over ZT, > it uses C's ZT IP address. > > Here's a snippet from ifconfig on this machine, whch may help it make > sense to you > > wlan0: flags=4163 mtu 1500 > inet 192.168.1.6 netmask 255.255.255.0 broadcast 192.168.1.255 > ether c4:8e:8f:f7:55:c9 txqueuelen 1000 (Ethernet) > > zt0: flags=4163 mtu 2800 > inet 10.252.252.6 netmask 255.255.255.0 broadcast 10.252.252.255 > > To talk to this computer from another of my machines over ZT I would use > the 10.252... address. If you tried that address, you'd get nowhere as > you are not connected to my network. So if 10.252.252.6 were configured as a router, could I join your ZT network and use iptables to route my example.com 80/443 requests to 10.252.252.6, thereby granting me access to my web apps which are configured to only allow your machine's WAN IP? The first couple paragraphs here make it sound like a centralized SaaS as far as the setup phase of the connection: https://www.zerotier.com/blog/?p=577 Is it possible (easy?) to run your own "core node" and so not interact with the official core nodes at all? - Grant
Re: [gentoo-user] Can anyone give me a hint how to get this to update?
On 8/1/21 6:19 PM, Arve Barsnes wrote: On Sun, 1 Aug 2021 at 17:17, n952162 wrote: A couple of the things I have tried: - change default python from 3.7 to 3.9 - removing net-analyze from the world file - changing the license file. - running perl-cleaner - emerging only @system Many of the conflicts seem related to an old version of dev-python/requests. Could newer versions be masked, or could there be older python targets set for it in /etc/portage/package.use/ ? Regards, Arve I have this: 02/etc/portage/package.use>grep -i request * ... 201213:>=dev-python/requests-2.24.0-r1 python_targets_python3_7 ... use-flags-201110:>=dev-python/requests-2.23.0 python_targets_python3_6 Is it not the case that those just insist on a newer version? Or, is the problem python_targets+python3_6. I've got a lot of those. Do they all force that version and need to come out? To be replaced with something else?
[gentoo-user] Unable to locate printer
I have two network printers and all of a sudden when trying to print to them I get an error message in cups: Unable to locate printer Ping printer IP works, printing from VirtualBox - Windows works. lpstat -t scheduler is running no system default destination device for 3170-color: lpd://BRN30055C898DF9/BINARY_P1 device for 5370: lpd://brother-5370/BINARY_P1 device for L6200: lpd://BRNB42200553231/BINARY_P1 3170-color accepting requests since Sat 27 Jan 2024 11:10:13 AM MST 5370 accepting requests since Sat 27 Jan 2024 11:11:11 AM MST L6200 accepting requests since Thu 07 Apr 2022 12:24:10 PM MDT printer 3170-color now printing 3170-color-0. enabled since Sat 27 Jan 2024 11:10:13 AM MST Unable to locate printer "BRN30055C898DF9". printer 5370 now printing 5370-0. enabled since Sat 27 Jan 2024 11:11:11 AM MST Unable to locate printer "brother-5370". printer L6200 is idle. enabled since Thu 07 Apr 2022 12:24:10 PM MDT
[gentoo-user] Strange local connection requests from my laptop
My network's firewall is rejecting a bunch of attempts by my laptop to reach 192.168.x.x systems which don't exist. The requests are from and to very high port numbers. This must have to do with the p2p software I'm running (transmission), but I thought it was pretty creepy. Is that sort of thing expected from p2p software? - Grant
Re: [gentoo-user] Strange outbound requests
>> > `watch` isn't going to help too much unless you're looking at it. Append >> > the output to some log file instead. I chose netstat because its output >> > looked easier to parse with a stupid regexp. >> > >> > while true; do >> > netstat -antp | grep ':993 ' >> mystery.log; >> > sleep 1; >> > done; >> > >> > You'll want to change the port -- I tested to make sure that was really >> > logging my Thunderbird connections. >> >> I'm still getting the blocked outbound requests to port 3680 on my >> firewall and I'm running the above script (changed 993 to 3680) on the >> local system indicated by SRC in the firewall log, but mystery.log >> remains empty. I tested the script with other ports and it seems to >> be working fine. >> >> Also the MAC indicated in the firewall log is 14 blocks long and the >> local system in question has a MAC address 6 blocks long according to >> ifconfig, but the 6 blocks from ifconfig do match 6 of the blocks >> reported by the firewall. >> >> Does this make sense to anyone? > > Does not make sense to me, sorry. :-( Since my local firewall is rejecting the outbound requests, the time elapsed between the request and the block should be very short. Is it possible the 'sleep 1' portion of the script is causing the failure to log the connection request? The outbound connection is only attempted a few times per day. If so, how would you recommend fixing that? I'm also wondering if there is a command I could run on the router/firewall machine that would log something from the outbound request. Even if the information logged isn't useful, it would be nice to see a confirmation of the outbound requests logged from somewhere besides the firewall. - Grant
[gentoo-user] Re: TCP Queuing problem
>>> My web server's response time for http requests skyrockets every >>> weekday between about 9am and 5pm. I've gone over my munin graphs and >>> the only one that really correlates well with the slowdown is "TCP >>> Queuing". It looks like I normally have about 400 packets per second >>> graphed as "direct copy from queue" in munin throughout the day, but 2 >>> to 3.5 times that many are periodically graphed during work hours. I >>> don't see the same pattern at all from the graph of all traffic on my >>> network interface which actually peaks over the weekend. TCP Queuing >>> doesn't rise above 400 packets per second all weekend. This is >>> consistent week after week. >>> >>> My two employees come into work during the hours in question, and they >>> certainly make frequent requests of the web server while at work, but >>> if their volume of requests were the cause of the problem then that >>> would be reflected in the graph of web server requests but it is not. >>> I do run a small MTU on the systems at work due to the config of the >>> modem/router we have there. >>> >>> Is this a recognizable problem to anyone? >> >> >> I'm in the midst of this. Are there certain attacks I should check for? > > > It looks like the TCP Queuing spike itself was due to imapproxy which > I've now disabled. I'll post more info as I gather it. imapproxy was clearly affecting the TCP Queuing graph in munin but I still ended up with a massive TCP Queuing spike today and corresponding http response time issues long after I disabled imapproxy. Graph attached. I'm puzzled. - Grant
Re: [gentoo-user] {OT} LWP::UserAgent slows website
> There are several things you can do to improve the state of things. > The first and foremost is to add caching in front of the server, using > an accelerator proxy. (i.e. squid running in accelerator mode.) In > this way, you have a program which receives the user's request, checks > to see if it's a request that it already has a response for, checks > whether that response is still valid, and then checks to see whether > or not it's permitted to respond on the server's behalf...almost > entirely without bothering the main web server. This process is far, > far, far faster than having the request hit the serving application's > main code. > I was under the impression that Apache coded sensibly enough to handle incoming requests as least as well as Squid would. Agree with everything else tho. OP should look into what's required on the back end to process those 6 requests, as it superficially appears that a very small number of requests is generating a huge amount of work, and that means the site would be easy to DoS.
Re: [gentoo-user] Can anyone give me a hint how to get this to update?
On Sun, 1 Aug 2021 at 18:51, n952162 wrote: > > On 8/1/21 6:19 PM, Arve Barsnes wrote: > > Many of the conflicts seem related to an old version of > > dev-python/requests. Could newer versions be masked, or could there be > > older python targets set for it in /etc/portage/package.use/ ? > > > > Regards, > > Arve > > > I have this: > > 02/etc/portage/package.use>grep -i request * > ... > 201213:>=dev-python/requests-2.24.0-r1 python_targets_python3_7 > ... > use-flags-201110:>=dev-python/requests-2.23.0 python_targets_python3_6 > > Is it not the case that those just insist on a newer version? That sets both for all versions newer than 2.24.0-r1, but the oldest version available does not support 3.6. > Or, is the problem python_targets+python3_6. I've got a lot of those. > Do they all force that version and need to come out? To be replaced > with something else? Unless you have a special reason for them, I would try to remove them all, and let portage take care of pulling in the right versions. At least remove any 3.6 lines. Regards, Arve
Re: [gentoo-user] Unable to locate printer
What version of cups? On Saturday, January 27, 2024, Thelma wrote: > I have two network printers and all of a sudden when trying to print to > them I get an error message in cups: > > Unable to locate printer > > Ping printer IP works, printing from VirtualBox - Windows works. > > lpstat -t > scheduler is running > no system default destination > device for 3170-color: lpd://BRN30055C898DF9/BINARY_P1 > device for 5370: lpd://brother-5370/BINARY_P1 > device for L6200: lpd://BRNB42200553231/BINARY_P1 > 3170-color accepting requests since Sat 27 Jan 2024 11:10:13 AM MST > 5370 accepting requests since Sat 27 Jan 2024 11:11:11 AM MST > L6200 accepting requests since Thu 07 Apr 2022 12:24:10 PM MDT > printer 3170-color now printing 3170-color-0. enabled since Sat 27 Jan > 2024 11:10:13 AM MST >Unable to locate printer "BRN30055C898DF9". > printer 5370 now printing 5370-0. enabled since Sat 27 Jan 2024 11:11:11 > AM MST >Unable to locate printer "brother-5370". > printer L6200 is idle. enabled since Thu 07 Apr 2022 12:24:10 PM MDT > > > > -- Kind regards, Mike
Re: [gentoo-user] Strange outbound requests
>>>> I'm still getting the blocked outbound requests to port 3680 on my >>>> firewall and I'm running the above script (changed 993 to 3680) on the >>>> local system indicated by SRC in the firewall log, but mystery.log >>>> remains empty. I tested the script with other ports and it seems to >>>> be working fine. >>>> >>>> Also the MAC indicated in the firewall log is 14 blocks long and the >>>> local system in question has a MAC address 6 blocks long according to >>>> ifconfig, but the 6 blocks from ifconfig do match 6 of the blocks >>>> reported by the firewall. >>>> >>>> Does this make sense to anyone? >>> >>> Does not make sense to me, sorry. :-( >> >> Since my local firewall is rejecting the outbound requests, the time >> elapsed between the request and the block should be very short. Is it >> possible the 'sleep 1' portion of the script is causing the failure to >> log the connection request? The outbound connection is only attempted >> a few times per day. If so, how would you recommend fixing that? > > Try configuring your local firewall to log the request. There may be > something useful, such as logging an associated PID or user, that you > can add there. I don't know. > > Alternately, you could DROP the outbound packet rather than REJECT it; > that should cause the connecting process to wait several seconds until > it times out. I've just done this at your's and Michael Orlitzky's suggestion. Waiting for another connection attempt now. >> I'm also wondering if there is a command I could run on the >> router/firewall machine that would log something from the outbound >> request. Even if the information logged isn't useful, it would be >> nice to see a confirmation of the outbound requests logged from >> somewhere besides the firewall. > > Ow. We need to get a bit more specific. Is the 'local firewall' on the > connecting host, or is it on your router? The firewall runs on the router (which is a Gentoo system) in the local network. > As far as logging goes, you can set up a rule (prior to your DROP or > REJECT) with a target of LOG. The packet will show up in syslog. I just started running this on the router: tcpdump -i eth1 -n | grep the.offending.ip.address where eth1 is my LAN interface. I figure this will tell me if any requests are being made to the offending IP, including any that aren't being logged by the firewall. Nothing yet. - Grant
Re: [gentoo-user] Re: OT: iptables w/ 2 web servers
On Thursday 24 September 2009 16:30:51 James wrote: > One last thing. I can get a small subnet of say 5 IP address from my > ISP for an additional 20/month. That that help me? Possibly. If you manage to get two public IPs, each website using one, you can then DNAT requests arriving at the first IP to the first website, and requests arriving at the second IP to the second website.
[gentoo-user] {OT} LWP::UserAgent slows website
I have a script that makes 6 successive HTTP requests via LWP::UserAgent. It runs fine and takes only about 3 seconds, but whenever it is run I start receiving alerts that my website is responding slowly to requests. This lasts for up to around 10 minutes. I've tried turning the timeout down to 3 seconds and I've tried LWPx::ParanoidAgent but the behavior is the same. Can anyone tell me how to go about tracking this down? - Grant
Re: [gentoo-user] Strange outbound requests
>> My firewall is blocking periodic outbound connections to port 3680 on >> a Rackspace IP. How can I find out more about what's going on? Maybe >> which program is generating the connection requests? > > Uh, a packet sniffer? > > I have an old laptop here that I have a second (cardbus) network card in. > Really cheap and cheerful - the sort of thing you can pick up on freecycle. > It's been a while since I've done anything like this, but you should be able > to stick a box like that between the router and the rest of your network, run > Wireshark and filter on that port. If the connection is encrypted then at > least you'll see the originating IP. I've actually got the originating local IP from the shorewall log. I'm just trying to figure out which program and maybe which user on that system is generating the outbound requests to port 3680. Is there any way to get more info without setting up a new box? > I don't think it's relevant that the IP belongs to Rackspace - don't they > just hire (virtual) servers to anyone that wants one? Yeah I just meant the request could be going to "anyone". - Grant
Re: [gentoo-user] Unable to locate printer
On 1/27/24 23:19, Michael Dinon wrote: What version of cups? On Saturday, January 27, 2024, Thelma mailto:the...@sys-concept.com>> wrote: I have two network printers and all of a sudden when trying to print to them I get an error message in cups: Unable to locate printer Ping printer IP works, printing from VirtualBox - Windows works. lpstat -t scheduler is running no system default destination device for 3170-color: lpd://BRN30055C898DF9/BINARY_P1 device for 5370: lpd://brother-5370/BINARY_P1 device for L6200: lpd://BRNB42200553231/BINARY_P1 3170-color accepting requests since Sat 27 Jan 2024 11:10:13 AM MST 5370 accepting requests since Sat 27 Jan 2024 11:11:11 AM MST L6200 accepting requests since Thu 07 Apr 2022 12:24:10 PM MDT printer 3170-color now printing 3170-color-0. enabled since Sat 27 Jan 2024 11:10:13 AM MST Unable to locate printer "BRN30055C898DF9". printer 5370 now printing 5370-0. enabled since Sat 27 Jan 2024 11:11:11 AM MST Unable to locate printer "brother-5370". printer L6200 is idle. enabled since Thu 07 Apr 2022 12:24:10 PM MDT -- Kind regards, Mike cups-2.4.7-r1
Re: [gentoo-user] Strange outbound requests
>>>> >> My firewall is blocking periodic outbound connections to port 3680 on >>>> >> a Rackspace IP. How can I find out more about what's going on? Maybe >>>> >> which program is generating the connection requests? >>>> > >>>> > Uh, a packet sniffer? >>>> > >>>> > I have an old laptop here that I have a second (cardbus) network card in. >>>> > Really cheap and cheerful - the sort of thing you can pick up on >>>> > freecycle. It's been a while since I've done anything like this, but you >>>> > should be able to stick a box like that between the router and the rest >>>> > of your network, run Wireshark and filter on that port. If the >>>> > connection is encrypted then at least you'll see the originating IP. >>>> >>>> I've actually got the originating local IP from the shorewall log. >>>> I'm just trying to figure out which program and maybe which user on >>>> that system is generating the outbound requests to port 3680. Is >>>> there any way to get more info without setting up a new box? >>>> >>>> > I don't think it's relevant that the IP belongs to Rackspace - don't they >>>> > just hire (virtual) servers to anyone that wants one? >>>> >>>> Yeah I just meant the request could be going to "anyone". >>>> >>>> - Grant >>> >>> Are you running NPDS in your LAN and is it configured to access any sites on >>> rackspace? >>> -- >>> Regards, >>> Mick >> >> I am not running NPDS. I looked it up when I was researching port >> 3680 and read about it for the first time. I know which machine is >> making the requests. Any way to drill down further? > > If the machine is running linux, then 'watch "lsof -n|grep TCP|grep > 3680"' as root is a sloppy but effective way to find it. There's > probably some way to set up a firewall rule on the host in question > that logs out the user and (possibly) PID of the connection, but I > don't know. All of my systems run Gentoo. :) Where does watch come from? - Grant
Re: [gentoo-user] Re: TCP Queuing problem
On September 20, 2016 2:38:03 AM GMT+02:00, Grant wrote: >>>> My web server's response time for http requests skyrockets every >>>> weekday between about 9am and 5pm. I've gone over my munin graphs >and >>>> the only one that really correlates well with the slowdown is "TCP >>>> Queuing". It looks like I normally have about 400 packets per >second >>>> graphed as "direct copy from queue" in munin throughout the day, >but 2 >>>> to 3.5 times that many are periodically graphed during work hours. >I >>>> don't see the same pattern at all from the graph of all traffic on >my >>>> network interface which actually peaks over the weekend. TCP >Queuing >>>> doesn't rise above 400 packets per second all weekend. This is >>>> consistent week after week. >>>> >>>> My two employees come into work during the hours in question, and >they >>>> certainly make frequent requests of the web server while at work, >but >>>> if their volume of requests were the cause of the problem then that >>>> would be reflected in the graph of web server requests but it is >not. >>>> I do run a small MTU on the systems at work due to the config of >the >>>> modem/router we have there. >>>> >>>> Is this a recognizable problem to anyone? >>> >>> >>> I'm in the midst of this. Are there certain attacks I should check >for? >> >> >> It looks like the TCP Queuing spike itself was due to imapproxy which >> I've now disabled. I'll post more info as I gather it. > > >imapproxy was clearly affecting the TCP Queuing graph in munin but I >still ended up with a massive TCP Queuing spike today and >corresponding http response time issues long after I disabled >imapproxy. Graph attached. I'm puzzled. > >- Grant Things to check for: Torrent or other distributed downloads. Download program with multiple download threads Maybe another proxy running? Esp. as you saw this also with imapproxy. -- Joost -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
[gentoo-user] Does Firefox call Google?
I have a remote system on which shorewall blocks all outgoing 80/443 traffic except for 1 destination IP. I noticed that whenever someone logs in to an xfce4 session on that system, I see a bunch of rejected 80/443 requests from that system to various Google IPs from throughout their session. Does Firefox periodically make Google requests for some reason? The person logging in says they aren't attempting to access Google, and the home page is not set to go there. Does anyone know why this might be happening? - Grant
Re: [gentoo-user] Strange outbound requests
On Sunday 22 Jan 2012 20:26:13 Grant wrote: > I just started running this on the router: > > tcpdump -i eth1 -n | grep the.offending.ip.address > > where eth1 is my LAN interface. I figure this will tell me if any > requests are being made to the offending IP, including any that aren't > being logged by the firewall. Nothing yet. Add -s 0 to capture the whole size of packets if you want to see what is being sent/received. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] {OT} LWP::UserAgent slows website
On Fri, Feb 8, 2013 at 5:10 PM, Grant wrote: >> A little more infromation would help. like what webserver, what kind of >> requests, etc >> >> -Kevin > > It's apache and the requests/responses are XML. I know this is > pathetically little information with which to diagnose the problem. > I'm just wondering if there is a tool or method that's good to > diagnose things of this nature. The problems are server-side, not necessarily client-side. Your optimizations are going to need to be performed there. -- :wq
Re: [gentoo-user] OT, but short
On Saturday 23 December 2006 4:08 pm, Michael Sullivan wrote: > Is anyone out there using Residential SBC/Yahoo DSL with dynamic DNS? I > want to know if the ISP blocks incoming requests to your servers if > you're not paying them the rate for a static IP... Yes and yes. Unless you setup your sever(s) to receive requests from a non-standard port(s). Even then you'll want to be prepared to change ports if the bots catch on. -jm -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Idna version conflict
On Mon, 11 Jan 2021 at 11:34, Peter Humphrey wrote: > I've been getting this for a week or two. Is an upstream fix likely? > > (dev-python/idna-3.1:0/0::gentoo, ebuild scheduled for merge) USE="" > ABI_X86="(64)" PYTHON_TARGETS="python3_8 -pypy3 (-python3_6) -python3_7 > -python3_9" conflicts with > > required by (dev-python/requests-2.25.1:0/0::gentoo, installed) USE="ssl > -socks5 -test" ABI_X86="(64)" PYTHON_TARGETS="python3_8 -pypy3 (-python3_6) > -python3_7 -python3_9"^ Upstream knows about it at least: https://github.com/psf/requests/issues/5710 Regards, Arve
Re: [gentoo-user] {OT} LWP::UserAgent slows website
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/10/2013 12:05 AM, Grant wrote: >>> The responses all come back successfully within a few seconds. >>> Can you give me a really general description of the sort of >>> problem that could behave like this? >> >> Your server is just a single computer, running multiple >> processes. Each request from a user (be it you or someone else) >> requires a certain amount of resources while it's executing. If >> there aren't enough resources, some of the requests will have to >> wait until enough others have finished in order for the resources >> to be freed up. > > Here's where I'm confused. The requests are made via a browser and > the response is displayed in the browser. There is no additional > processing besides the display of the response. You're running a client-side script that causes the *server* to do work. The more work the server has to do, the slower it will perform for both serving up your requests and those of other users. This is completely independent of the work the client has to do. > The responses are received and displayed within about 3 seconds of > when the requests are made. Shouldn't this mean that all > processing related to these transactions is completed within 3 > seconds? There's client-side processing in handling the server's response, but there's also server-side processing in handling the client's request. What Stroller called a wall of text was a crash course in how a server can have too many things to do in a short amount of time, and some of the side-effects you can see--like having two nominally-3s queries both appear to take 6s, from the client's perspective. > If so, I don't understand why apache2 seems to bog down a bit for > about 10 minutes afterward. Now that's a new (and important!) piece of information. Your server runs slow for 10 *minutes* after your script has made its request? To me, that indicates that important data wound up getting swapped to disk on the server, and the slow behavior reported by other users is the result of that data being swapped back in on-demand. That also indicates that your script's requests (and, possibly, request pattern) cause some process in the server to allocate far more memory than usual, which is why the server is swapping things to disk. Why, exactly, the server is consuming so much memory depends on a lot of factors. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJRGS3FAAoJED5TcEBdxYwQs7oH/3Xy0d85bNJ2QtQ4YcTF7g9E TPZbwAUrwxrYf828AMlCUMOww2d1wr0DQOm4lBrzOb/93C8iwGKTjtu1dBaOspdC mEdVmkFXF8YUB8yA3SiSgteHNCDrN27UyJQNP7mOK8PXwri4BYyxTUEJ0UyZXc4F oIoSweHQg7tmyKN7Rudd69axREJ9yIpKt4lw7JZWHhX25hTVxWYF1zRDxNNC1vJ+ kQWSE3ZcP8EdotmcpARPF7N4leHOyU1+Rw9XatLVbb2W23Fza/4+Mqeam9fbObgH w1mdMCzIUxlUL91nU7Zc0zzb2qYS7Te1N7bOcFr1fXowcCBagUdzOKjEcshket0= =sWpw -END PGP SIGNATURE-
Re: [gentoo-user] Strange outbound requests
On 01/22/2012 02:29 PM, Grant wrote: Since my local firewall is rejecting the outbound requests, the time elapsed between the request and the block should be very short. Is it possible the 'sleep 1' portion of the script is causing the failure to log the connection request? The outbound connection is only attempted a few times per day. If so, how would you recommend fixing that? If the firewall is being nice and rejecting the connection, then yeah, it could be opening/closing in under a second. `sleep` doesn't require an integer[1], so you can probably have it sleep for 0.1s or something like that. I'm also wondering if there is a command I could run on the router/firewall machine that would log something from the outbound request. Even if the information logged isn't useful, it would be nice to see a confirmation of the outbound requests logged from somewhere besides the firewall. What kind of firewall is it? Can you update the rules? If so, make it silently drop outbound connections instead of rejecting them; that way, the connection will hang open for a little bit. [1] This is probably a bash-ism, but it works here.
[gentoo-user] RE: still can't print
maxim wexler wrote: > Then it worked! Well, not quite. The test page printed > OK but when I ran lpc reread as per the instructions > at the close of the apsfilter setup, got this: > > sarawak heathen # lpc reread > Printer '[EMAIL PROTECTED]' - cannot open connection - No > such file or directory > Make sure the remote host supports the LPD protocol I am afraid I have never used apsfilter to know its intricacies, although it is claimed that it 'works straight out of the box'. When I run this command on my non-apsfilter CUPS set up this is what I get: # lpc reread reread is not implemented by the CUPS version of lpc Someone else who is more versed on apsfilter will hopefully be able to help - you may want to start a new thread with apsfilter included in the title? PS. It is worth checking how many printer destinations are there and that you have set up the correct default printer by: ===== # lpstat -a Compaq-HP accepting requests since Jan 01 00:00 DeskJet-930C accepting requests since Jan 01 00:00 PS121 accepting requests since Jan 01 00:00 # lpstat -d system default destination: PS121 = The command lpoptions -d PS121 would set printer PS121 as the default printer. -- Regards, Mick -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Unable to locate printer
Have you installed Avahi-daemon set it up to start automatically deleted printer and re-added? ~ Joe B From: Thelma Sent: Saturday, January 27, 2024 11:38:48 AM To: Gentoo mailing list Subject: [gentoo-user] Unable to locate printer I have two network printers and all of a sudden when trying to print to them I get an error message in cups: Unable to locate printer Ping printer IP works, printing from VirtualBox - Windows works. lpstat -t scheduler is running no system default destination device for 3170-color: lpd://BRN30055C898DF9/BINARY_P1 device for 5370: lpd://brother-5370/BINARY_P1 device for L6200: lpd://BRNB42200553231/BINARY_P1 3170-color accepting requests since Sat 27 Jan 2024 11:10:13 AM MST 5370 accepting requests since Sat 27 Jan 2024 11:11:11 AM MST L6200 accepting requests since Thu 07 Apr 2022 12:24:10 PM MDT printer 3170-color now printing 3170-color-0. enabled since Sat 27 Jan 2024 11:10:13 AM MST Unable to locate printer "BRN30055C898DF9". printer 5370 now printing 5370-0. enabled since Sat 27 Jan 2024 11:11:11 AM MST Unable to locate printer "brother-5370". printer L6200 is idle. enabled since Thu 07 Apr 2022 12:24:10 PM MDT
Re: [gentoo-user] local caching DNS?
Hello On Wed, Apr 09, 2008 at 12:13:40PM +0200, Ralf Stephan wrote: > I'm fed up with waiting for ever the same name requests from my > browser (and open servers don't cut it either): which DNS cache > or caching DNS for simple local installation would you recommend? I use dnsmasq, can be used as a LAN cache too (by simply allowing requests from a given interface). Took me about 30 minutes to configure. I asked dhcp to save to resolv.conf.2 and made resolv.conf to request from localhost. -- ~, sweet ~ Michal 'vorner' Vaner pgp8l1ioXzK9Y.pgp Description: PGP signature
Re: [gentoo-user] Strange outbound requests
On Fri, Jan 20, 2012 at 5:32 PM, Grant wrote: >>> >> My firewall is blocking periodic outbound connections to port 3680 on >>> >> a Rackspace IP. How can I find out more about what's going on? Maybe >>> >> which program is generating the connection requests? >>> > >>> > Uh, a packet sniffer? >>> > >>> > I have an old laptop here that I have a second (cardbus) network card in. >>> > Really cheap and cheerful - the sort of thing you can pick up on >>> > freecycle. It's been a while since I've done anything like this, but you >>> > should be able to stick a box like that between the router and the rest >>> > of your network, run Wireshark and filter on that port. If the >>> > connection is encrypted then at least you'll see the originating IP. >>> >>> I've actually got the originating local IP from the shorewall log. >>> I'm just trying to figure out which program and maybe which user on >>> that system is generating the outbound requests to port 3680. Is >>> there any way to get more info without setting up a new box? >>> >>> > I don't think it's relevant that the IP belongs to Rackspace - don't they >>> > just hire (virtual) servers to anyone that wants one? >>> >>> Yeah I just meant the request could be going to "anyone". >>> >>> - Grant >> >> Are you running NPDS in your LAN and is it configured to access any sites on >> rackspace? >> -- >> Regards, >> Mick > > I am not running NPDS. I looked it up when I was researching port > 3680 and read about it for the first time. I know which machine is > making the requests. Any way to drill down further? If the machine is running linux, then 'watch "lsof -n|grep TCP|grep 3680"' as root is a sloppy but effective way to find it. There's probably some way to set up a firewall rule on the host in question that logs out the user and (possibly) PID of the connection, but I don't know. If the machine is running Windows, then I'd suggest SysInternals TCPView: http://technet.microsoft.com/en-us/sysinternals/bb897437 -- :wq
Re: [gentoo-user] Strange outbound requests
On Friday 20 Jan 2012 23:34:12 Grant wrote: > >>>> >> My firewall is blocking periodic outbound connections to port 3680 > >>>> >> on a Rackspace IP. How can I find out more about what's going on? > >>>> >> Maybe which program is generating the connection requests? > >>>> > > >>>> > Uh, a packet sniffer? > >>>> > > >>>> > I have an old laptop here that I have a second (cardbus) network > >>>> > card in. Really cheap and cheerful - the sort of thing you can pick > >>>> > up on freecycle. It's been a while since I've done anything like > >>>> > this, but you should be able to stick a box like that between the > >>>> > router and the rest of your network, run Wireshark and filter on > >>>> > that port. If the connection is encrypted then at least you'll see > >>>> > the originating IP. > >>>> > >>>> I've actually got the originating local IP from the shorewall log. > >>>> I'm just trying to figure out which program and maybe which user on > >>>> that system is generating the outbound requests to port 3680. Is > >>>> there any way to get more info without setting up a new box? > >>>> > >>>> > I don't think it's relevant that the IP belongs to Rackspace - don't > >>>> > they just hire (virtual) servers to anyone that wants one? > >>>> > >>>> Yeah I just meant the request could be going to "anyone". > >>>> > >>>> - Grant > >>> > >>> Are you running NPDS in your LAN and is it configured to access any > >>> sites on rackspace? > >>> -- > >>> Regards, > >>> Mick > >> > >> I am not running NPDS. I looked it up when I was researching port > >> 3680 and read about it for the first time. I know which machine is > >> making the requests. Any way to drill down further? > > > > If the machine is running linux, then 'watch "lsof -n|grep TCP|grep > > 3680"' as root is a sloppy but effective way to find it. There's > > probably some way to set up a firewall rule on the host in question > > that logs out the user and (possibly) PID of the connection, but I > > don't know. > > All of my systems run Gentoo. :) Where does watch come from? > > - Grant ps axf and look at the tree that contains the PID of what lsof | grep 3680 showed. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
[gentoo-user] Re: TCP Queuing problem
>>>> My web server's response time for http requests skyrockets every >>>> weekday between about 9am and 5pm. I've gone over my munin graphs and >>>> the only one that really correlates well with the slowdown is "TCP >>>> Queuing". It looks like I normally have about 400 packets per second >>>> graphed as "direct copy from queue" in munin throughout the day, but 2 >>>> to 3.5 times that many are periodically graphed during work hours. I >>>> don't see the same pattern at all from the graph of all traffic on my >>>> network interface which actually peaks over the weekend. TCP Queuing >>>> doesn't rise above 400 packets per second all weekend. This is >>>> consistent week after week. >>>> >>>> My two employees come into work during the hours in question, and they >>>> certainly make frequent requests of the web server while at work, but >>>> if their volume of requests were the cause of the problem then that >>>> would be reflected in the graph of web server requests but it is not. >>>> I do run a small MTU on the systems at work due to the config of the >>>> modem/router we have there. >>>> >>>> Is this a recognizable problem to anyone? >>> >>> >>> I'm in the midst of this. Are there certain attacks I should check for? >> >> >> It looks like the TCP Queuing spike itself was due to imapproxy which >> I've now disabled. I'll post more info as I gather it. > > > imapproxy was clearly affecting the TCP Queuing graph in munin but I > still ended up with a massive TCP Queuing spike today and > corresponding http response time issues long after I disabled > imapproxy. Graph attached. I'm puzzled. I just remembered that our AT&T modem/router does not respond to pings. My solution is to move PPPoE off of that device and onto my Gentoo router so that pings pass through the AT&T device to the Gentoo router but I haven't done that yet as I want to be on-site for it. Could that behavior somehow be contributing to this problem? There does seem to be a clear correlation between user activity at that location and the bad server behavior. - Grant
Re: [gentoo-user] Re: TCP Queuing problem
>>>>> My web server's response time for http requests skyrockets every >>>>> weekday between about 9am and 5pm. I've gone over my munin graphs >>and >>>>> the only one that really correlates well with the slowdown is "TCP >>>>> Queuing". It looks like I normally have about 400 packets per >>second >>>>> graphed as "direct copy from queue" in munin throughout the day, >>but 2 >>>>> to 3.5 times that many are periodically graphed during work hours. >>I >>>>> don't see the same pattern at all from the graph of all traffic on >>my >>>>> network interface which actually peaks over the weekend. TCP >>Queuing >>>>> doesn't rise above 400 packets per second all weekend. This is >>>>> consistent week after week. >>>>> >>>>> My two employees come into work during the hours in question, and >>they >>>>> certainly make frequent requests of the web server while at work, >>but >>>>> if their volume of requests were the cause of the problem then that >>>>> would be reflected in the graph of web server requests but it is >>not. >>>>> I do run a small MTU on the systems at work due to the config of >>the >>>>> modem/router we have there. >>>>> >>>>> Is this a recognizable problem to anyone? >>>> >>>> >>>> I'm in the midst of this. Are there certain attacks I should check >>for? >>> >>> >>> It looks like the TCP Queuing spike itself was due to imapproxy which >>> I've now disabled. I'll post more info as I gather it. >> >> >>imapproxy was clearly affecting the TCP Queuing graph in munin but I >>still ended up with a massive TCP Queuing spike today and >>corresponding http response time issues long after I disabled >>imapproxy. Graph attached. I'm puzzled. >> >>- Grant > > Things to check for: > Torrent or other distributed downloads. > Download program with multiple download threads There sure shouldn't be anything like that running either on the server or in the office. Is there a good way to find out? Maybe something that would clearly indicate it? > Maybe another proxy running? Esp. as you saw this also with imapproxy. nginx acts as a reverse proxy to apache2 but that's a pretty common config. Nothing else that I know of. - Grant
Re: [gentoo-user] Strange outbound requests
>>> `watch` isn't going to help too much unless you're looking at it. Append >>> the >>> output to some log file instead. I chose netstat because its output >>> looked >>> easier to parse with a stupid regexp. >>> >>> while true; do >>> netstat -antp | grep ':993 '>> mystery.log; >>> sleep 1; >>> done; >>> >>> You'll want to change the port -- I tested to make sure that was really >>> logging my Thunderbird connections. >> >> >> I'm still getting the blocked outbound requests to port 3680 on my >> firewall and I'm running the above script (changed 993 to 3680) on the >> local system indicated by SRC in the firewall log, but mystery.log >> remains empty. I tested the script with other ports and it seems to >> be working fine. >> >> Also the MAC indicated in the firewall log is 14 blocks long and the >> local system in question has a MAC address 6 blocks long according to >> ifconfig, but the 6 blocks from ifconfig do match 6 of the blocks >> reported by the firewall. >> >> Does this make sense to anyone? >> > > Are you running it as root? If not, you could be missing some connections. I'm running it as root. > I also typed the 't' in netstat out of habit -- that limits the output to > tcp connections. You can remove it to catch the UDP ones. According to the firewall log, the 3680 requests are TCP connections, but I just switched to 'lsof -i' anyway. - Grant
Re: [gentoo-user] OT, but short
On Sat, 2006-12-23 at 16:37 -0600, Joe Menola wrote: > On Saturday 23 December 2006 4:08 pm, Michael Sullivan wrote: > > Is anyone out there using Residential SBC/Yahoo DSL with dynamic DNS? I > > want to know if the ISP blocks incoming requests to your servers if > > you're not paying them the rate for a static IP... > > Yes and yes. Unless you setup your sever(s) to receive requests from a > non-standard port(s). Even then you'll want to be prepared to change ports if > the bots catch on. > > -jm But it's nonetheless doable? -- gentoo-user@gentoo.org mailing list
[gentoo-user] USB Power
Hi all I have gentoo install and a USB 2.0 Hard disk that required 500mA of power Now under Windows XP the drive worked perfectly, but under gentoo it wouldnt work (it have symptoms of not enough power). Now from what i remember about the USB specification 250mA is the max current availiable unless a device requests more. My drive requests it and Windows seems to honour that by providing more power, but gentoo doesnt. What can i do to get more power out of my port (i dont have windows anymore). Thanks for your help. -- gentoo-user@gentoo.org mailing list
[gentoo-user] USB Power
Hi all I have gentoo install and a USB 2.0 Hard disk that required 500mA of power Now under Windows XP the drive worked perfectly, but under gentoo it wouldnt work (it have symptoms of not enough power). Now from what i remember about the USB specification 250mA is the max current availiable unless a device requests more. My drive requests it and Windows seems to honour that by providing more power, but gentoo doesnt. What can i do to get more power out of my port (i dont have windows anymore). Thanks for your help. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Tue, Jun 7, 2011 at 8:27 PM, Dale wrote: > Funny thing is, I use googles DNS servers. 8.8.8.8 and 8.8.4.4 are the > settings. I find it ironic that Google is one of the ones hosting this > event and it appears their server is not ready. Makes me think. < Dale > scratches chin a bit > >From Google DNS FAQ: Does Google Public DNS support IPv6? Google Public DNS can respond to requests for IPv6 addresses ( requests), but it does not yet support native IPv6 transport and cannot talk to IPv6-only authoritative nameservers. Clients should use IPv4 network connections to use Google Public DNS.
Re: [gentoo-user] Idna version conflict
On Monday, 11 January 2021 11:02:30 GMT Arve Barsnes wrote: > On Mon, 11 Jan 2021 at 11:34, Peter Humphrey wrote: > > I've been getting this for a week or two. Is an upstream fix likely? > > > > (dev-python/idna-3.1:0/0::gentoo, ebuild scheduled for merge) USE="" > > ABI_X86="(64)" PYTHON_TARGETS="python3_8 -pypy3 (-python3_6) -python3_7 > > -python3_9" conflicts with> > > > ypy3(-),-python_single_target_python3_6(-),-python_single_target_pytho > > n3_7(-),-python_single_target_python3_8(-),-python_single_target_pytho > > n3_9(-)] required by (dev-python/requests-2.25.1:0/0::gentoo, > > installed) USE="ssl -socks5 -test" ABI_X86="(64)" > > PYTHON_TARGETS="python3_8 -pypy3 (-python3_6) -python3_7 -python3_9" > > ^ > Upstream knows about it at least: > https://github.com/psf/requests/issues/5710 Ah, yes, so they do. Thanks. -- Regards, Peter.
Re: [gentoo-user] Strange outbound requests
On Friday 20 Jan 2012 19:18:59 Grant wrote: > >> My firewall is blocking periodic outbound connections to port 3680 on > >> a Rackspace IP. How can I find out more about what's going on? Maybe > >> which program is generating the connection requests? > > > > Uh, a packet sniffer? > > > > I have an old laptop here that I have a second (cardbus) network card in. > > Really cheap and cheerful - the sort of thing you can pick up on > > freecycle. It's been a while since I've done anything like this, but you > > should be able to stick a box like that between the router and the rest > > of your network, run Wireshark and filter on that port. If the > > connection is encrypted then at least you'll see the originating IP. > > I've actually got the originating local IP from the shorewall log. > I'm just trying to figure out which program and maybe which user on > that system is generating the outbound requests to port 3680. Is > there any way to get more info without setting up a new box? > > > I don't think it's relevant that the IP belongs to Rackspace - don't they > > just hire (virtual) servers to anyone that wants one? > > Yeah I just meant the request could be going to "anyone". > > - Grant Are you running NPDS in your LAN and is it configured to access any sites on rackspace? -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Strange outbound requests
On Sunday 22 Jan 2012 19:29:47 Grant wrote: > >> > `watch` isn't going to help too much unless you're looking at it. > >> > Append the output to some log file instead. I chose netstat because > >> > its output looked easier to parse with a stupid regexp. > >> > > >> > while true; do > >> >netstat -antp | grep ':993 ' >> mystery.log; > >> >sleep 1; > >> > done; > >> > > >> > You'll want to change the port -- I tested to make sure that was > >> > really logging my Thunderbird connections. > >> > >> I'm still getting the blocked outbound requests to port 3680 on my > >> firewall and I'm running the above script (changed 993 to 3680) on the > >> local system indicated by SRC in the firewall log, but mystery.log > >> remains empty. I tested the script with other ports and it seems to > >> be working fine. > >> > >> Also the MAC indicated in the firewall log is 14 blocks long and the > >> local system in question has a MAC address 6 blocks long according to > >> ifconfig, but the 6 blocks from ifconfig do match 6 of the blocks > >> reported by the firewall. > >> > >> Does this make sense to anyone? > > > > Does not make sense to me, sorry. :-( > > Since my local firewall is rejecting the outbound requests, the time > elapsed between the request and the block should be very short. Is it > possible the 'sleep 1' portion of the script is causing the failure to > log the connection request? The outbound connection is only attempted > a few times per day. If so, how would you recommend fixing that? I'm the wrong guy to make recommendations on any sort of scripting, but if sleep 1 is not enough, could sleep 2 or 3 be adequate to complete writing what it is that is being watched? > I'm also wondering if there is a command I could run on the > router/firewall machine that would log something from the outbound > request. Even if the information logged isn't useful, it would be > nice to see a confirmation of the outbound requests logged from > somewhere besides the firewall. tcpdump will show you what the packets look like and their content if they are unencrypted. However, it may consume tonnes of disk space if you leave running all the time. Have you checked if such connection attempts take place when you start up the machine? If yes it may easier to capture it. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] local caching DNS?
=== On Wednesday 09 April 2008, Michal 'vorner' Vaner wrote: === > Hello > > On Wed, Apr 09, 2008 at 12:13:40PM +0200, Ralf Stephan wrote: > > I'm fed up with waiting for ever the same name requests from my > > browser (and open servers don't cut it either): which DNS cache > > or caching DNS for simple local installation would you recommend? > > I use dnsmasq, can be used as a LAN cache too (by simply allowing > requests from a given interface). Took me about 30 minutes to > configure. I asked dhcp to save to resolv.conf.2 and made resolv.conf > to request from localhost. What about permanent (with saving to hdd) caching? It seems like pdnsd do this thing only... -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Strange local connection requests from my laptop
2009/1/25 Grant > My network's firewall is rejecting a bunch of attempts by my laptop to > reach 192.168.x.x systems which don't exist. The requests are from > and to very high port numbers. This must have to do with the p2p > software I'm running (transmission), but I thought it was pretty > creepy. Is that sort of thing expected from p2p software? > > - Grant > > Thats likely to be normal, a lot of bittorrent clients these days support finding local peers, so its normal that they would send out queries on your local network. I know deluge has an option to enable/disable this, however i dont recall if transmission has this option. - Nick
Re: [gentoo-user] Strange local connection requests from my laptop
>> My network's firewall is rejecting a bunch of attempts by my laptop to >> reach 192.168.x.x systems which don't exist. The requests are from >> and to very high port numbers. This must have to do with the p2p >> software I'm running (transmission), but I thought it was pretty >> creepy. Is that sort of thing expected from p2p software? >> >> - Grant >> > > Thats likely to be normal, a lot of bittorrent clients these days support > finding local peers, so its normal that they would send out queries on your > local network. > > I know deluge has an option to enable/disable this, however i dont recall if > transmission has this option. > > - Nick Thanks Nick, I'll continue my download. - Grant
Re: [gentoo-user] Can anyone give me a hint how to get this to update?
On 8/1/21 7:51 PM, Arve Barsnes wrote: On Sun, 1 Aug 2021 at 19:18, n952162 wrote: I removed all python_targets_python3_6 from my use flags, but I still have a very similar looking situation, with python-requests still dominant. It seems to be blender holding you back now. If you are running stable, you can keyword the newer media-gfx/blender-2.93.0, which supports newer python. Regards, Arve Ok, I'm sure I can manage that, thank you... Can you clue me in, how you identified blender? I see it it forces dev-python/requests, but that target is just one of 10 apparently problem packages.
Re: [gentoo-user] Does Firefox call Google?
On Tuesday 22 September 2009, Grant wrote: > I have a remote system on which shorewall blocks all outgoing 80/443 > traffic except for 1 destination IP. I noticed that whenever someone > logs in to an xfce4 session on that system, I see a bunch of rejected > 80/443 requests from that system to various Google IPs from throughout > their session. Does Firefox periodically make Google requests for > some reason? The person logging in says they aren't attempting to > access Google, and the home page is not set to go there. Does anyone > know why this might be happening? > > - Grant It may have something to do with the default search engine in FF's drop down search field. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] mysqld invoked oom-killer
>> apache MaxClients has been lowered to 50 which is a shame because I >> have 30+ separate images on each of my pages and that number can not >> be reduced. This means I may not be able to serve more than 1 full >> page at a time. > > This is wrong. Agreed. From TFM; "The MaxClients directive sets the limit on the number of simultaneous requests that will be served" and i'd say when they say "requests", they're talking about TCP sessions. So in the old days of HTTP/1.0 you'd be right, and if you'd turned off pipelining (KeepAlives) you'd be right. The default for MaxKeepAliveRequests is 100, so no problems downloading the 30+ objects within a single session, assuming you have KeepAlive on.
Re: [gentoo-user] {OT} LWP::UserAgent slows website
>>> A little more infromation would help. like what webserver, what kind of >>> requests, etc >>> >>> -Kevin >> >> It's apache and the requests/responses are XML. I know this is >> pathetically little information with which to diagnose the problem. >> I'm just wondering if there is a tool or method that's good to >> diagnose things of this nature. > > The problems are server-side, not necessarily client-side. Your > optimizations are going to need to be performed there. Are you saying the problem may lie with the server to which I was making the request? The responses all come back successfully within a few seconds. Can you give me a really general description of the sort of problem that could behave like this? - Grant
Re: [gentoo-user] {OT} LWP::UserAgent slows website
On 10 February 2013, at 05:05, Grant wrote: >> ... >> Your server is just a single computer, running multiple processes. >> Each request from a user (be it you or someone else) requires a >> certain amount of resources while it's executing. If there aren't >> enough resources, some of the requests will have to wait until enough >> others have finished in order for the resources to be freed up. > > Here's where I'm confused. … The responses are > received and displayed within about 3 seconds of when the requests are > made. … , I don't understand > why apache2 seems to bog down a bit for about 10 minutes afterward. Seriously, after finishing Mr Mol's wall-of-text (learn to snip, Grant!) I wondered if he'd even read your question! Stroller.
Re: [gentoo-user] Strange outbound requests
On Fri, Jan 20, 2012 at 6:34 PM, Grant wrote: >>>>> >> My firewall is blocking periodic outbound connections to port 3680 on >>>>> >> a Rackspace IP. How can I find out more about what's going on? Maybe >>>>> >> which program is generating the connection requests? >>>>> > >>>>> > Uh, a packet sniffer? >>>>> > >>>>> > I have an old laptop here that I have a second (cardbus) network card >>>>> > in. >>>>> > Really cheap and cheerful - the sort of thing you can pick up on >>>>> > freecycle. It's been a while since I've done anything like this, but you >>>>> > should be able to stick a box like that between the router and the rest >>>>> > of your network, run Wireshark and filter on that port. If the >>>>> > connection is encrypted then at least you'll see the originating IP. >>>>> >>>>> I've actually got the originating local IP from the shorewall log. >>>>> I'm just trying to figure out which program and maybe which user on >>>>> that system is generating the outbound requests to port 3680. Is >>>>> there any way to get more info without setting up a new box? >>>>> >>>>> > I don't think it's relevant that the IP belongs to Rackspace - don't >>>>> > they >>>>> > just hire (virtual) servers to anyone that wants one? >>>>> >>>>> Yeah I just meant the request could be going to "anyone". >>>>> >>>>> - Grant >>>> >>>> Are you running NPDS in your LAN and is it configured to access any sites >>>> on >>>> rackspace? >>>> -- >>>> Regards, >>>> Mick >>> >>> I am not running NPDS. I looked it up when I was researching port >>> 3680 and read about it for the first time. I know which machine is >>> making the requests. Any way to drill down further? >> >> If the machine is running linux, then 'watch "lsof -n|grep TCP|grep >> 3680"' as root is a sloppy but effective way to find it. There's >> probably some way to set up a firewall rule on the host in question >> that logs out the user and (possibly) PID of the connection, but I >> don't know. > > All of my systems run Gentoo. :) Where does watch come from? shortcircuit@saffron ~ $ equery b `which watch` /usr/lib64/portage/pym/portage/package/ebuild/config.py:353: UserWarning: 'cache.metadata_overlay.database' is deprecated: /etc/portage/modules (user_auxdbmodule, modules_file)) * Searching for /usr/bin/watch ... sys-process/procps-3.2.8_p11 (/usr/bin/watch) shortcircuit@saffron ~ $ Incidentally, does anyone know why all my portage-related executions get that 'cache.metadata_overlay.database' warning? I've been seeing it for weeks, even on fresh installs. I would have assumed a bug like that would have been fixed by now. -- :wq
Re: [gentoo-user] Strange outbound requests
On Sun, Jan 22, 2012 at 2:29 PM, Grant wrote: >>> > `watch` isn't going to help too much unless you're looking at it. Append >>> > the output to some log file instead. I chose netstat because its output >>> > looked easier to parse with a stupid regexp. >>> > >>> > while true; do >>> > netstat -antp | grep ':993 ' >> mystery.log; >>> > sleep 1; >>> > done; >>> > >>> > You'll want to change the port -- I tested to make sure that was really >>> > logging my Thunderbird connections. >>> >>> I'm still getting the blocked outbound requests to port 3680 on my >>> firewall and I'm running the above script (changed 993 to 3680) on the >>> local system indicated by SRC in the firewall log, but mystery.log >>> remains empty. I tested the script with other ports and it seems to >>> be working fine. >>> >>> Also the MAC indicated in the firewall log is 14 blocks long and the >>> local system in question has a MAC address 6 blocks long according to >>> ifconfig, but the 6 blocks from ifconfig do match 6 of the blocks >>> reported by the firewall. >>> >>> Does this make sense to anyone? >> >> Does not make sense to me, sorry. :-( > > Since my local firewall is rejecting the outbound requests, the time > elapsed between the request and the block should be very short. Is it > possible the 'sleep 1' portion of the script is causing the failure to > log the connection request? The outbound connection is only attempted > a few times per day. If so, how would you recommend fixing that? Try configuring your local firewall to log the request. There may be something useful, such as logging an associated PID or user, that you can add there. I don't know. Alternately, you could DROP the outbound packet rather than REJECT it; that should cause the connecting process to wait several seconds until it times out. > > I'm also wondering if there is a command I could run on the > router/firewall machine that would log something from the outbound > request. Even if the information logged isn't useful, it would be > nice to see a confirmation of the outbound requests logged from > somewhere besides the firewall. Ow. We need to get a bit more specific. Is the 'local firewall' on the connecting host, or is it on your router? As far as logging goes, you can set up a rule (prior to your DROP or REJECT) with a target of LOG. The packet will show up in syslog. -- :wq
Re: [gentoo-user] Re: TCP Queuing problem
On September 20, 2016 4:53:41 PM GMT+02:00, Grant wrote: >>>>>> My web server's response time for http requests skyrockets every >>>>>> weekday between about 9am and 5pm. I've gone over my munin >graphs >>>and >>>>>> the only one that really correlates well with the slowdown is >"TCP >>>>>> Queuing". It looks like I normally have about 400 packets per >>>second >>>>>> graphed as "direct copy from queue" in munin throughout the day, >>>but 2 >>>>>> to 3.5 times that many are periodically graphed during work >hours. >>>I >>>>>> don't see the same pattern at all from the graph of all traffic >on >>>my >>>>>> network interface which actually peaks over the weekend. TCP >>>Queuing >>>>>> doesn't rise above 400 packets per second all weekend. This is >>>>>> consistent week after week. >>>>>> >>>>>> My two employees come into work during the hours in question, and >>>they >>>>>> certainly make frequent requests of the web server while at work, >>>but >>>>>> if their volume of requests were the cause of the problem then >that >>>>>> would be reflected in the graph of web server requests but it is >>>not. >>>>>> I do run a small MTU on the systems at work due to the config of >>>the >>>>>> modem/router we have there. >>>>>> >>>>>> Is this a recognizable problem to anyone? >>>>> >>>>> >>>>> I'm in the midst of this. Are there certain attacks I should >check >>>for? >>>> >>>> >>>> It looks like the TCP Queuing spike itself was due to imapproxy >which >>>> I've now disabled. I'll post more info as I gather it. >>> >>> >>>imapproxy was clearly affecting the TCP Queuing graph in munin but I >>>still ended up with a massive TCP Queuing spike today and >>>corresponding http response time issues long after I disabled >>>imapproxy. Graph attached. I'm puzzled. >>> >>>- Grant >> >> Things to check for: >> Torrent or other distributed downloads. >> Download program with multiple download threads > > >There sure shouldn't be anything like that running either on the >server or in the office. Is there a good way to find out? Maybe >something that would clearly indicate it? > > >> Maybe another proxy running? Esp. as you saw this also with >imapproxy. > > >nginx acts as a reverse proxy to apache2 but that's a pretty common >config. Nothing else that I know of. > >- Grant Any way to find out between which hosts/servers those connections are for? That might help in locating the cause. Eg. which of your desktops/laptops inside your network and where they are trying to connect to. -- Joost -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: [gentoo-user] {OT} LWP::UserAgent slows website
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/09/2013 05:36 AM, Adam Carter wrote: > > There are several things you can do to improve the state of > things. The first and foremost is to add caching in front of the > server, using an accelerator proxy. (i.e. squid running in > accelerator mode.) In this way, you have a program which receives > the user's request, checks to see if it's a request that it already > has a response for, checks whether that response is still valid, > and then checks to see whether or not it's permitted to respond on > the server's behalf...almost entirely without bothering the main > web server. This process is far, far, far faster than having the > request hit the serving application's main code. > > > > I was under the impression that Apache coded sensibly enough to > handle incoming requests as least as well as Squid would. Agree > with everything else tho. Sure, so long as Apache doesn't have any additional modules loaded. If it's got something like mod_php loaded (extraordinarily common), mod_perl or mod_python (less common, now) then the init time of mod_php gets added to the init time for every request handler. > OP should look into what's required on the back end to process > those 6 requests, as it superficially appears that a very small > number of requests is generating a huge amount of work, and that > means the site would be easy to DoS. Absolutely, hence the steps I outlined to reduce or optimize backend processing. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJRFlRSAAoJED5TcEBdxYwQ7BwH/Aj3hgQgGjzBoQhlZqPKDzEW pZJJVcVf4CF4sk88el8X/hPMfx2cTpuM53tLDsv3KGR1dwjP48O2oiiTubH/HRxI lNR5I22QK2YEbLzeRTZN+pkpGnyA1W+d3kF7F9aiNXVUV8KyuyxSxx+7Xm1tRW/W xcNhSLTQIpyTAx+R9MGNkJFs0gFGFgIMML4bfi5BpIrbeeVWsoe1C0syFF+HIFWP WZRtsCFhdWrZkvKUYIBkoFq9VKkSTt13eIvrPjxFUVJwFSmntxSgfqiaZxfHXp5A oSLtyz0vR6qByoivkuilNK7sI3fK8fHA0q4XF1AUaOuwcHg9AFG9pCFBUF2KOgk= =R/kD -END PGP SIGNATURE-
Re: [gentoo-user] SSH UseDNS without IPv6?
On 09/02/2013 20:22, Florian Philipp wrote: > Hi list! > > I have an issue with SSH. It's a variation of the old "Set 'UseDNS no' > to avoid delays with faulty DNS records" theme. > > Following setup: > 1. I have a server with IPv6 compiled into the SSH daemon but no actual > IPv6 network interface. > > 2. The SSH client has no IPv6, neither compiled nor active. > > 3. The DNS server doesn't serve or support records. Apparently it > drops all such requests. All other records for IP and reverse lookup are > correct. > > Now I'm experiencing the classic, very long delay when connecting to the > server via SSH because it does DNS lookups. When I look at wireshark > dumps, I see correctly served A and reverse lookups but the server also > insists on doing requests which time out. When you say "the server also insists on doing requests" you mean the SSH server, right? > > I tried limiting the sshd "AddressFamily" to inet (aka IPv4) but this > didn't change anything. Is there another workaround or do I really have > to deactivate DNS lookups? Is the server Gentoo and do you really need IPv6 support on it? Did you consider rebuilding that host with IPv6 disabled in USE? IPv6 coexisting with IPv4 is always going to be a tricky problem, and the recommended defaults you run into all over are usually intended to force people to hurry IPv6 implementation along :-) There's always a way to change defaults, and I found this: http://askubuntu.com/questions/32298/prefer-a-ipv4-dns-lookups-before-ipv6-lookups The magic file you need to edit appears to be /etc/gai.conf -- Alan McKinnon alan.mckin...@gmail.com
[gentoo-user] linux' IO performance sucks
Hi, sorry for the silly subject, but did you ever experience the following?: i have a fileserver, i copy a file to it - let's say 600MB. So about every 200MB (i guess the linux box writes the data into the cache in the RAM first) linux writes the harddisk. But during that time - during the time it writes that 200MB to disk, there is no chance for any other IO. I'm playing an mp3 from the very same fileserver. It stops playing, because the machine does answer the read-requests. So what's going on here? Why does Linux write so huge amounts of data to the disk? Why does Linux not stop writing for a while to fullfil the read-requests? And so on ... Any idea, on how to imrpove that? signature.asc Description: OpenPGP digital signature
[gentoo-user] Configuring /etc/cups/cupsd.conf for external client printing
This is for any newbies out there like me ... I spent days trying to figure out how to get a Gentoo linux laptop to print to a Gentoo server through Cups. I was consistently getting "connection refused" messages from the print server. In order for the Cups server to accept incoming requests it is necessary to change Listen "127.0.0.1:631" to "Port 631". The default configuration binds the 631 port to Localhost resulting in all external port requests being refused. After making this change then edit /etc/cups/cupsd.conf for the security settings you want to allow for external access. This may be obvious to most of you, but it drove me crazy until I figured it out ... Alan -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.322 / Virus Database: 267.4.0 - Release Date: 1/06/2005 -- gentoo-user@gentoo.org mailing list
[gentoo-user] Call for feature requests for 2008.0
Hello everyone, Release Engineering is in the planning stages for 2008.0, so we're asking for input from the community on things that they'd like to see added/changed/removed from our release media. All requests should be something Release Engineering actually can accomplish, like profile changes, or changes to the stages or ISO images. We are interested in all ideas, though we may only choose a few, as time and mirror space are definite considerations. So, if you'd like to see something changed in Gentoo's releases, come on over to the gentoo-releng mailing list and join in the fun! Replies sent to this list will *not* be seen by Release Engineering, so make sure that you send your responses to the correct list. You'll have to join the list first, if you're not a subscriber, already. -- Chris Gianelloni Release Engineering Strategic Lead Games Developer -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Strange outbound requests
On 20 January 2012, at 18:34, Grant wrote: > My firewall is blocking periodic outbound connections to port 3680 on > a Rackspace IP. How can I find out more about what's going on? Maybe > which program is generating the connection requests? Uh, a packet sniffer? I have an old laptop here that I have a second (cardbus) network card in. Really cheap and cheerful - the sort of thing you can pick up on freecycle. It's been a while since I've done anything like this, but you should be able to stick a box like that between the router and the rest of your network, run Wireshark and filter on that port. If the connection is encrypted then at least you'll see the originating IP. I don't think it's relevant that the IP belongs to Rackspace - don't they just hire (virtual) servers to anyone that wants one? Stroller.
Re: [gentoo-user] USB Power
Ognjen Bezanov wrote: Hi all I have gentoo install and a USB 2.0 Hard disk that required 500mA of power Now under Windows XP the drive worked perfectly, but under gentoo it wouldnt work (it have symptoms of not enough power). Now from what i remember about the USB specification 250mA is the max current availiable unless a device requests more. My drive requests it and Windows seems to honour that by providing more power, but gentoo doesnt. What can i do to get more power out of my port (i dont have windows anymore). Thanks for your help. There are probably better solutions which I do not know yet, but a fallback is probably to get a self-powered hub; i.e.: one that has its own wall-wart. You should also mention what computer & maybe what external drive -- might help someone help you. Luck, rgh. -- gentoo-user@gentoo.org mailing list
[gentoo-user] Q: How is that terminus technicus for...
Hi, I connected a Arietta.G25 via Ethernet over USB (using a simple USB cable and hardware USB->Ethernet Adaptor to my Gentoo PC. I can ssh on that little tiny board. Now I want to access the internat from within the Arietta. Therefore all requests need to be transfered from the Arietta board to my PC, which then plays the role of an ISP to the Arietta board and itself places the requests to the internet instead of the Arietta board itself. But this is a too longish explanation to be put into a google request. Is there any name for that...so I am able to find the tutorials/howtos myself? Sorry...I am no native english speaker... Best regards, Meino PS: What USB->Ethernet adaptor could one recommend...the Arietta is USB-powered...?
[gentoo-user] root on nfs and multiple ip addresses
Hi, I have just reinstalled my 32 bit Gentoo on a raspberry pi 3B with a Gentoo aarch64 image also with boot on an sdcard and root on nfs (both working fine with boot on an sdcard and root on an nfs share hosted on an moosefs cluster). Both have a problem where the initial boot loader requests an IP address using "IP=dhcp", then the main operating system requests it again on initialising the interface. Despite asking using the same MAC address, ISC dhcp issues a new and different IP address - this seems counter intuitive so why is it happening? Have I missed a configuration option somewhere? The standard advice is to stop the OS requesting an address (Ubuntu and the like) - but shouldn't dhcp know that its already issued a valid IP address to that MAC address? BillK
Re: [gentoo-user] {OT} Allow work from home?
On Sun, Jan 24, 2016 at 10:56 AM, Grant wrote: > > So the user is safe if I send all internet requests from her remote > laptop through the Zerotier connection (instead of only sending > requests to my server through Zerotier)? > It depends on what you mean by "safe." If you mean that there is no possibility of malware stealing or messing with your data this is the case if: As long as: 1. You ensure that no malware enters through zerotier. 2. No malware is present before you set up zerotier. 3. No network connections are ever used other than zerotier. If you mean safe to mean that nothing bad happens to the user's system that wouldn't have happened if they use their own internet connect, there is no real harm in using yours, assuming you don't leak your own malware onto their system. -- Rich
Re: [gentoo-user] Re: TCP Queuing problem
>>>>>>> My web server's response time for http requests skyrockets every >>>>>>> weekday between about 9am and 5pm. I've gone over my munin >>graphs >>>>and >>>>>>> the only one that really correlates well with the slowdown is >>"TCP >>>>>>> Queuing". It looks like I normally have about 400 packets per >>>>second >>>>>>> graphed as "direct copy from queue" in munin throughout the day, >>>>but 2 >>>>>>> to 3.5 times that many are periodically graphed during work >>hours. >>>>I >>>>>>> don't see the same pattern at all from the graph of all traffic >>on >>>>my >>>>>>> network interface which actually peaks over the weekend. TCP >>>>Queuing >>>>>>> doesn't rise above 400 packets per second all weekend. This is >>>>>>> consistent week after week. >>>>>>> >>>>>>> My two employees come into work during the hours in question, and >>>>they >>>>>>> certainly make frequent requests of the web server while at work, >>>>but >>>>>>> if their volume of requests were the cause of the problem then >>that >>>>>>> would be reflected in the graph of web server requests but it is >>>>not. >>>>>>> I do run a small MTU on the systems at work due to the config of >>>>the >>>>>>> modem/router we have there. >>>>>>> >>>>>>> Is this a recognizable problem to anyone? >>>>>> >>>>>> >>>>>> I'm in the midst of this. Are there certain attacks I should >>check >>>>for? >>>>> >>>>> >>>>> It looks like the TCP Queuing spike itself was due to imapproxy >>which >>>>> I've now disabled. I'll post more info as I gather it. >>>> >>>> >>>>imapproxy was clearly affecting the TCP Queuing graph in munin but I >>>>still ended up with a massive TCP Queuing spike today and >>>>corresponding http response time issues long after I disabled >>>>imapproxy. Graph attached. I'm puzzled. >>>> >>>>- Grant >>> >>> Things to check for: >>> Torrent or other distributed downloads. >>> Download program with multiple download threads >> >> >>There sure shouldn't be anything like that running either on the >>server or in the office. Is there a good way to find out? Maybe >>something that would clearly indicate it? >> >> >>> Maybe another proxy running? Esp. as you saw this also with >>imapproxy. >> >> >>nginx acts as a reverse proxy to apache2 but that's a pretty common >>config. Nothing else that I know of. >> >>- Grant > > Any way to find out between which hosts/servers those connections are for? > That might help in locating the cause. > > Eg. which of your desktops/laptops inside your network and where they are > trying to connect to. The spikes are taking place on my remote server but they seem to roughly coincide with user activity within my own network. My technical knowledge of networking internals is weak. Does anyone know which tool will tell me more about the connections that are causing the TCP Queuing spikes? - Grant
Re: [gentoo-user] Re: TCP Queuing problem
Am 20.09.2016 um 21:52 schrieb Grant: >>>>>>>> My web server's response time for http requests skyrockets every >>>>>>>> weekday between about 9am and 5pm. I've gone over my munin >>> graphs >>>>> and >>>>>>>> the only one that really correlates well with the slowdown is >>> "TCP >>>>>>>> Queuing". It looks like I normally have about 400 packets per >>>>> second >>>>>>>> graphed as "direct copy from queue" in munin throughout the day, >>>>> but 2 >>>>>>>> to 3.5 times that many are periodically graphed during work >>> hours. >>>>> I >>>>>>>> don't see the same pattern at all from the graph of all traffic >>> on >>>>> my >>>>>>>> network interface which actually peaks over the weekend. TCP >>>>> Queuing >>>>>>>> doesn't rise above 400 packets per second all weekend. This is >>>>>>>> consistent week after week. >>>>>>>> >>>>>>>> My two employees come into work during the hours in question, and >>>>> they >>>>>>>> certainly make frequent requests of the web server while at work, >>>>> but >>>>>>>> if their volume of requests were the cause of the problem then >>> that >>>>>>>> would be reflected in the graph of web server requests but it is >>>>> not. >>>>>>>> I do run a small MTU on the systems at work due to the config of >>>>> the >>>>>>>> modem/router we have there. >>>>>>>> >>>>>>>> Is this a recognizable problem to anyone? >>>>>>> >>>>>>> I'm in the midst of this. Are there certain attacks I should >>> check >>>>> for? >>>>>> >>>>>> It looks like the TCP Queuing spike itself was due to imapproxy >>> which >>>>>> I've now disabled. I'll post more info as I gather it. >>>>> >>>>> imapproxy was clearly affecting the TCP Queuing graph in munin but I >>>>> still ended up with a massive TCP Queuing spike today and >>>>> corresponding http response time issues long after I disabled >>>>> imapproxy. Graph attached. I'm puzzled. >>>>> >>>>> - Grant >>>> Things to check for: >>>> Torrent or other distributed downloads. >>>> Download program with multiple download threads >>> >>> There sure shouldn't be anything like that running either on the >>> server or in the office. Is there a good way to find out? Maybe >>> something that would clearly indicate it? >>> >>> >>>> Maybe another proxy running? Esp. as you saw this also with >>> imapproxy. >>> >>> >>> nginx acts as a reverse proxy to apache2 but that's a pretty common >>> config. Nothing else that I know of. >>> >>> - Grant >> Any way to find out between which hosts/servers those connections are for? >> That might help in locating the cause. >> >> Eg. which of your desktops/laptops inside your network and where they are >> trying to connect to. > > The spikes are taking place on my remote server but they seem to > roughly coincide with user activity within my own network. My > technical knowledge of networking internals is weak. Does anyone know > which tool will tell me more about the connections that are causing > the TCP Queuing spikes? > > - Grant > > wireshark or whatever it is called at the moment?
Re: [gentoo-user] SSH UseDNS without IPv6?
Am 09.02.2013 20:58, schrieb Alan McKinnon: > On 09/02/2013 20:22, Florian Philipp wrote: >> Hi list! >> >> I have an issue with SSH. It's a variation of the old "Set 'UseDNS no' >> to avoid delays with faulty DNS records" theme. >> >> Following setup: >> 1. I have a server with IPv6 compiled into the SSH daemon but no actual >> IPv6 network interface. >> >> 2. The SSH client has no IPv6, neither compiled nor active. >> >> 3. The DNS server doesn't serve or support records. Apparently it >> drops all such requests. All other records for IP and reverse lookup are >> correct. >> >> Now I'm experiencing the classic, very long delay when connecting to the >> server via SSH because it does DNS lookups. When I look at wireshark >> dumps, I see correctly served A and reverse lookups but the server also >> insists on doing requests which time out. > > When you say "the server also insists on doing requests" you mean > the SSH server, right? > >> >> I tried limiting the sshd "AddressFamily" to inet (aka IPv4) but this >> didn't change anything. Is there another workaround or do I really have >> to deactivate DNS lookups? > > Is the server Gentoo and do you really need IPv6 support on it? Did you > consider rebuilding that host with IPv6 disabled in USE? > > IPv6 coexisting with IPv4 is always going to be a tricky problem, and > the recommended defaults you run into all over are usually intended to > force people to hurry IPv6 implementation along :-) > > There's always a way to change defaults, and I found this: > > http://askubuntu.com/questions/32298/prefer-a-ipv4-dns-lookups-before-ipv6-lookups > > The magic file you need to edit appears to be > > /etc/gai.conf > Okay, I fixed my issue: An intermediate DNS server was misconfigured and recursed on queries for which it is authoritative. Now queries are properly answered. Regards, Florian Philipp signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Unable to locate printer
Systems show Avahi-daemon status: started. but it I don't know how it helps me find a local printer. I'm puzzled as printers were working last week without any problems. I did not do any update or modification to the system but all of a sudden they stop working "Unable to locate printer" The solution was to change printer setting: lpd://BRN30055C898DF9/BINARY_P1 lpd://brother-5370/BINARY_P1 with: lpd://printer-IP-address/BINARY_P1 lpd://printer-IP-address/BINARY_P1 How to set Avahi-daemon to start automatically deleted printer? On 1/27/24 23:36, Joe B wrote: Have you installed Avahi-daemon set it up to start automatically deleted printer and re-added? ~ Joe B -- *From:* Thelma *Sent:* Saturday, January 27, 2024 11:38:48 AM *To:* Gentoo mailing list *Subject:* [gentoo-user] Unable to locate printer I have two network printers and all of a sudden when trying to print to them I get an error message in cups: Unable to locate printer Ping printer IP works, printing from VirtualBox - Windows works. lpstat -t scheduler is running no system default destination device for 3170-color: lpd://BRN30055C898DF9/BINARY_P1 device for 5370: lpd://brother-5370/BINARY_P1 device for L6200: lpd://BRNB42200553231/BINARY_P1 3170-color accepting requests since Sat 27 Jan 2024 11:10:13 AM MST 5370 accepting requests since Sat 27 Jan 2024 11:11:11 AM MST L6200 accepting requests since Thu 07 Apr 2022 12:24:10 PM MDT printer 3170-color now printing 3170-color-0. enabled since Sat 27 Jan 2024 11:10:13 AM MST Unable to locate printer "BRN30055C898DF9". printer 5370 now printing 5370-0. enabled since Sat 27 Jan 2024 11:11:11 AM MST Unable to locate printer "brother-5370". printer L6200 is idle. enabled since Thu 07 Apr 2022 12:24:10 PM MDT
[gentoo-user] Disk Backup From One Machine To Another
Hi there, I have one machine (Machine 1) that I need backup its files periodically. I also have another machine (Machine 2) that will hold the backup. Machine 2 can "see" (make requests to) Machine 1, but the opposite isn't true. The network is covered by a firewall, so I don need a paranoid solution. I was thinking about doing the following: On Machine 1, put it on the crontab to put netcat waiting for requests, and when it did receive a request, dump the files. Like this: tar -jc / | nc -l -p 500 And on the crontab of Machine 2, I'd put something like this, only a few minutes later, to avoid any errors from clock differences: nc machine1 500 > backup.tar.bz2 But before doing this, I'd like some suggestions or may be some better solutions you guys might know. Thanks for the attention, Raphael. -- gentoo-user@gentoo.org mailing list
[gentoo-user] SSH UseDNS without IPv6?
Hi list! I have an issue with SSH. It's a variation of the old "Set 'UseDNS no' to avoid delays with faulty DNS records" theme. Following setup: 1. I have a server with IPv6 compiled into the SSH daemon but no actual IPv6 network interface. 2. The SSH client has no IPv6, neither compiled nor active. 3. The DNS server doesn't serve or support records. Apparently it drops all such requests. All other records for IP and reverse lookup are correct. Now I'm experiencing the classic, very long delay when connecting to the server via SSH because it does DNS lookups. When I look at wireshark dumps, I see correctly served A and reverse lookups but the server also insists on doing requests which time out. I tried limiting the sshd "AddressFamily" to inet (aka IPv4) but this didn't change anything. Is there another workaround or do I really have to deactivate DNS lookups? Thanks in advance! Florian Philipp signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] linux' IO performance sucks
On Wednesday 05 July 2006 05:43, Sven Köhler wrote: > Hi, > > sorry for the silly subject, but did you ever experience the following?: > > i have a fileserver, i copy a file to it - let's say 600MB. > > So about every 200MB (i guess the linux box writes the data into the > cache in the RAM first) linux writes the harddisk. But during that time > - during the time it writes that 200MB to disk, there is no chance for > any other IO. I'm playing an mp3 from the very same fileserver. It stops > playing, because the machine does answer the read-requests. > > So what's going on here? > > Why does Linux write so huge amounts of data to the disk? Why does Linux > not stop writing for a while to fullfil the read-requests? And so on ... > > Any idea, on how to imrpove that? using the cfq or deadline io-scheduler? -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Can anyone give me a hint how to get this to update?
On Sun, 1 Aug 2021 at 20:02, n952162 wrote: > Ok, I'm sure I can manage that, thank you... > > Can you clue me in, how you identified blender? I see it it forces > dev-python/requests, but that target is just one of 10 apparently > problem packages. Your output was a little mangled for me, so it was mostly luck, but I spotted blender there, and remembered having a python problem with it myself only a few months ago. The main thing is that the little block showing the slot conflict for dev-python/requests itself showed blender holding it back, and I don't think blender can be a dependency of any other packages, so it's something you can definitely directly affect yourself (worse case scenario uninstall it). Side note: summer brain in full effect, it took me a long time to remember the word "uninstall". Regards, Arve
[gentoo-user] Re: {OT} Allow work from home?
Neil Bothwick digimed.co.uk> writes: > > The answer to this may be an obvious "yes" but I've never done it so I'm > > not sure. Can I route requests from machine C through machine A only > > for my domain name, and not involve A for C's other internet requests? > > If so, where is that configured? >From what I read, 10 nodes or less are free. I'd be willing to participate as a remote node so a small group of gentoo users can figured this out and document some example configurations, as it seems to be very interesting and useful. Additionally, a custom set of iptables rules or a bridge-filter would be keen information to add to a gentoo wiki page on this topic, imho. This could also be a wonderful way for proxy-maintainers to hang in a group and work more closely on things like digesting EAPI-6 and teaming up on more complex ebuild issues. It does like sound fun! James
Re: [gentoo-user] Strange outbound requests
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 21.01.2012 02:39, Michael Mol wrote: > On Fri, Jan 20, 2012 at 6:34 PM, Grant > wrote: >>>>>>>> My firewall is blocking periodic outbound connections >>>>>>>> to port 3680 on a Rackspace IP. How can I find out >>>>>>>> more about what's going on? Maybe which program is >>>>>>>> generating the connection requests? >>>>>>> >>>>>>> Uh, a packet sniffer? >>>>>>> >>>>>>> I have an old laptop here that I have a second >>>>>>> (cardbus) network card in. Really cheap and cheerful - >>>>>>> the sort of thing you can pick up on freecycle. It's >>>>>>> been a while since I've done anything like this, but >>>>>>> you should be able to stick a box like that between the >>>>>>> router and the rest of your network, run Wireshark and >>>>>>> filter on that port. If the connection is encrypted >>>>>>> then at least you'll see the originating IP. >>>>>> >>>>>> I've actually got the originating local IP from the >>>>>> shorewall log. I'm just trying to figure out which >>>>>> program and maybe which user on that system is generating >>>>>> the outbound requests to port 3680. Is there any way to >>>>>> get more info without setting up a new box? >>>>>> >>>>>>> I don't think it's relevant that the IP belongs to >>>>>>> Rackspace - don't they just hire (virtual) servers to >>>>>>> anyone that wants one? >>>>>> >>>>>> Yeah I just meant the request could be going to >>>>>> "anyone". >>>>>> >>>>>> - Grant >>>>> >>>>> Are you running NPDS in your LAN and is it configured to >>>>> access any sites on rackspace? -- Regards, Mick >>>> >>>> I am not running NPDS. I looked it up when I was researching >>>> port 3680 and read about it for the first time. I know which >>>> machine is making the requests. Any way to drill down >>>> further? >>> >>> If the machine is running linux, then 'watch "lsof -n|grep >>> TCP|grep 3680"' as root is a sloppy but effective way to find >>> it. There's probably some way to set up a firewall rule on the >>> host in question that logs out the user and (possibly) PID of >>> the connection, but I don't know. >> >> All of my systems run Gentoo. :) Where does watch come from? > > shortcircuit@saffron ~ $ equery b `which watch` > /usr/lib64/portage/pym/portage/package/ebuild/config.py:353: > UserWarning: 'cache.metadata_overlay.database' is deprecated: > /etc/portage/modules (user_auxdbmodule, modules_file)) * Searching > for /usr/bin/watch ... sys-process/procps-3.2.8_p11 > (/usr/bin/watch) shortcircuit@saffron ~ $ > > Incidentally, does anyone know why all my portage-related > executions get that 'cache.metadata_overlay.database' warning? I've > been seeing it for weeks, even on fresh installs. I would have > assumed a bug like that would have been fixed by now. > > You get the warning, because you hat a directory /etc/portage/modules - - simply remove it (or move it, if you are afraid to break something). -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJPGhmmAAoJEJwwOFaNFkYcBFQIAJlWjVqACiqCSxwNnigFvXfa olRedLttuzZUGcJKsx59gptBeaRxSc/kQ7oEai6QSmFzY7nq5bsz3QMtJEB5QJpo rOwD844f6pKRKv4GWjCg++1W6LJJcbMs4s0TARLM1+o+uaTC8Lgb/tjdJCov6cWF Hhl/KxRpdy/mCL/QB7/kOQRL/lDryy23xoxCln8S60xzD8pWQ/HsPdMNKg2LDpOL RxKyywJQ/y35OTJU60w6vgkPhJnhQQ4WgzrruvsNCSS60t1Mr51XXdmj5ATEChCw qaxml/3x1eHc4L2j5GekjED0PL2fROOTYujoDlpuTHGTUy5tHNvww+/2upqLf9U= =t8zl -END PGP SIGNATURE-
Re: [gentoo-user] Disk Backup From One Machine To Another
Use rsh to just pip data over with rsync? Use iptables to restrict rsh... On Fri, 24 Jun 2005, Raphael Melo de Oliveira Bastos Sales wrote: Hi there, I have one machine (Machine 1) that I need backup its files periodically. I also have another machine (Machine 2) that will hold the backup. Machine 2 can "see" (make requests to) Machine 1, but the opposite isn't true. The network is covered by a firewall, so I don need a paranoid solution. I was thinking about doing the following: On Machine 1, put it on the crontab to put netcat waiting for requests, and when it did receive a request, dump the files. Like this: tar -jc / | nc -l -p 500 And on the crontab of Machine 2, I'd put something like this, only a few minutes later, to avoid any errors from clock differences: nc machine1 500 > backup.tar.bz2 But before doing this, I'd like some suggestions or may be some better solutions you guys might know. Thanks for the attention, Raphael. -- Bryan Whitehead Email:[EMAIL PROTECTED] -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] local caching DNS?
Hello On Wed, Apr 09, 2008 at 02:45:18PM +0400, Andrew Gaydenko wrote: > > On Wed, Apr 09, 2008 at 12:13:40PM +0200, Ralf Stephan wrote: > > > I'm fed up with waiting for ever the same name requests from my > > > browser (and open servers don't cut it either): which DNS cache > > > or caching DNS for simple local installation would you recommend? > > > > I use dnsmasq, can be used as a LAN cache too (by simply allowing > > requests from a given interface). Took me about 30 minutes to > > configure. I asked dhcp to save to resolv.conf.2 and made resolv.conf > > to request from localhost. > > What about permanent (with saving to hdd) caching? It seems like pdnsd > do this thing only... Does not seem to matter here much, since I suspend, not turn off. But anyway, most DNS names should be cached only few hours, half a day or so (well, there are some that have week long timeouts, but not many). -- chown -R us $BASE Michal 'vorner' Vaner pgpb1MefE5rBg.pgp Description: PGP signature
[gentoo-user] Re: RE: Home Network Printing
Richard Fish wrote: > First, let me say that I don't have this setup, but based on > /usr/share/doc/cups-1.1.23-r4/html/ipp.pdf, you should have something > like: > > ipp://192.168.0.3/printers/Compaq-HP Wey-hey! It WORKS! :-D Thanks Richard, thank you all. The mistake was with me missing out the /printers/ part of the address. Hmm, perhaps the Example given on the gui needs improving? Last question and then I'll be good to print until I run out of money to pay for the *extremely expensive* HP ink ;-) What rule should I add to the firewall on the server to allow it to accept cups requests from the client. I don't want to open a great big hole for all traffic, just the cups requests only. With the firewall working the client logs show: Network host '192.168.0.3' is busy; will retry in 30 seconds... Also, if I were to tweak the cupsd.conf file with security in mind what would be your recommendations for a good set up? -- Regards, Mick -- gentoo-user@gentoo.org mailing list
[gentoo-user] Emerge stalls
My machine is on a Public School system network, behind a firewall. I wonder whether this is affecting the merging process. I'm not knowledgeable enough about networking to understand how the firewall works, what it affects. When emerging a package, often the process starts, runs for a short while, then stalls out. If I restart it (kill it and rerun the same command) the same thing goes on---I get maybe another 10, 20, or even 50MB, then the process stalls again. Sometimes, afterhours, when everyone is gone, I can restart a stalled process, and it starts and finishes immediately, even if it a 10+MB file that is involved. Can someone suggest to me what this suggests, in terms of firewall activity? I have heard remarks about the quality of the firewall. Could it be a router? I saw some mention of routers not allowing certain kinds of requests or certain numbers of requests. I don't intend to swamp this system. It's pretty dismal anyway, but I wonder what's happening. Maybe I can point something out to the sysops. Alan Davis -- gentoo-user@gentoo.org mailing list
[gentoo-user] Re: Q: How is that terminus technicus for...
On Sun, 16 Nov 2014 14:49:02 +0100, meino.cramer wrote: > I connected a Arietta.G25 via Ethernet over USB (using a simple USB > cable and hardware USB->Ethernet Adaptor to my Gentoo PC. I can ssh > on that little tiny board. Now I want to access the internat from > within the Arietta. Therefore all requests need to be transfered from > the Arietta board to my PC, which then plays the role of an ISP to > the Arietta board and itself places the requests to the internet > instead of the Arietta board itself. > > But this is a too longish explanation to be put into a google request. :) > Is there any name for that...so I am able to find the tutorials/howtos > myself? If I understood this correctly this should do what you want: - on the board set the default route to the PC - on the PC set up "packet forwarding" That's the best explanation I can give you without writing a full-blown tutorial, but searching for that should get you going. :) -h
Re: [gentoo-user] Getting maximum space out of a hard drive
On 8/20/22 4:45 PM, Dale wrote: I figured it was something like that. ;-) :-) This drive is not supposed to be SMR. It's a 10TB and according to a site I looked on, none of them are SMR, yet. I found another site that said it was CMR. So, pretty sure it isn't SMR. Nothing is 100% tho. I might add, it's been at about that speed since I started the backup. If you have a better source of info, it's a WD model WD101EDBZ-11B1DA0 drive. I am so far from an authority and wouldn't know anything better than a web search for manufacturer's documents. I noticed there is a kcrypt something thread running, a few actually but it's hard to keep up since I see it on gkrellm's top process list. The CPU is running at about 40% or so average but I do have mplayer, a couple Firefox profiles, Seamonkey and other stuff running as well. I still got plenty of CPU pedal left if needed. Having Ktorrent and qbittorrent running together isn't helping. Thinking of switching torrent software. Qbit does seem to use more memory tho. Ya, the number of things hitting the drive will impact performance. The type of requests will also impact things. In my limited experience, lots of little requests seem to be harder for a drive than fewer but bigger requests. I think the 512 has something to do with key size or something. Am I wrong on that? If I need to use 256 or something, I can. My understanding was that 512 was stronger than 256 as far as the encryption goes. Agreed. At least that's the quick look at the cryptsetup man page on line showed me. But I suspect the underlying concept may still stand, even if the particular parameter in your previous message is not related. I'm going to try some tests Rich mentioned after it is done doing its backup. I don't want to stop it if I can avoid it. It's about half way through, give or take a little. :-) -- Grant. . . . unix || die
Re: [gentoo-user] Re: {OT} Allow work from home?
On Fri, 22 Jan 2016 04:29:00 -0800, Grant wrote: > The answer to this may be an obvious "yes" but I've never done it so I'm > not sure. Can I route requests from machine C through machine A only > for my domain name, and not involve A for C's other internet requests? > If so, where is that configured? While ZT can be used to route requests between networks, but it is mainly used to talk directly between clients. If A wants to talk to C over ZT, it uses C's ZT IP address. Here's a snippet from ifconfig on this machine, whch may help it make sense to you wlan0: flags=4163 mtu 1500 inet 192.168.1.6 netmask 255.255.255.0 broadcast 192.168.1.255 ether c4:8e:8f:f7:55:c9 txqueuelen 1000 (Ethernet) zt0: flags=4163 mtu 2800 inet 10.252.252.6 netmask 255.255.255.0 broadcast 10.252.252.255 To talk to this computer from another of my machines over ZT I would use the 10.252... address. If you tried that address, you'd get nowhere as you are not connected to my network. Set up a network and play with it. It costs nothing to set up a network with up to 10 clients. The main benefit is that it is so easy to administer and add new clients. If you use it between two machines in the same LAN, the traffic doesn't go outside of the LAN, so it works at more or less the same speed. > BTW, how did you find ZT? Pity there's no ebuild yet. Someone mentioned it during a talk at Liverpool LUG. It wasn't the topic of the talk, he just used it to grab something from his home network to answer a question. An ebuild would be nice, but the installer script works perfectly here, both for systemd and openrc systems. -- Neil Bothwick In the 60's people took acid to make the world weird. Now the world is weird and people take Prozac to make it normal. pgp9qNW4XkBZc.pgp Description: OpenPGP digital signature
Re: [gentoo-user] Strange outbound requests
>> > `watch` isn't going to help too much unless you're looking at it. Append >> > the output to some log file instead. I chose netstat because its output >> > looked easier to parse with a stupid regexp. >> > >> > while true; do >> > netstat -antp | grep ':993 ' >> mystery.log; >> > sleep 1; >> > done; >> > >> > You'll want to change the port -- I tested to make sure that was really >> > logging my Thunderbird connections. >> >> I'm still getting the blocked outbound requests to port 3680 on my >> firewall and I'm running the above script (changed 993 to 3680) on the >> local system indicated by SRC in the firewall log, but mystery.log >> remains empty. I tested the script with other ports and it seems to >> be working fine. >> >> Also the MAC indicated in the firewall log is 14 blocks long and the >> local system in question has a MAC address 6 blocks long according to >> ifconfig, but the 6 blocks from ifconfig do match 6 of the blocks >> reported by the firewall. >> >> Does this make sense to anyone? > > Does not make sense to me, sorry. :-( > > Have you tried running the script on lsof instead? OK I changed 'netstat -antp' to 'lsof -i'. - Grant
Re: [gentoo-user] {OT} LWP::UserAgent slows website
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/10/2013 08:53 PM, Stroller wrote: > > On 10 February 2013, at 05:05, Grant wrote: >>> ... Your server is just a single computer, running multiple >>> processes. Each request from a user (be it you or someone else) >>> requires a certain amount of resources while it's executing. If >>> there aren't enough resources, some of the requests will have >>> to wait until enough others have finished in order for the >>> resources to be freed up. >> >> Here's where I'm confused. … The responses are received and >> displayed within about 3 seconds of when the requests are made. >> … , I don't understand why apache2 seems to bog down a bit for >> about 10 minutes afterward. > > Seriously, after finishing Mr Mol's wall-of-text (learn to snip, > Grant!) I wondered if he'd even read your question! > > Stroller. > > I've been using online communications for twenty years...and nobody tempts me to create my first killfile like you do. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJRGS4wAAoJED5TcEBdxYwQZEsIAI7eJacq8rIMP87EIVGvGrt+ z2xYvNohVovAI9b4sIwddL5spf4GLdVvvzjJNQqQb4e9wNgu08qPYCJCFNceSvE3 Hs/LNworkwFwFnNMK7jNfMaCp/GETFLMoaG/6A/jniKd1N/b/S5XBYfEqStbaaO8 vfqXCY6uem8p9zLig31eWDLzkIwanarp0LCUbZvDJbxaPpP6r9uRFVBBP/2IuvpS u+XUEqYoeBBlzVo3wFqAUJMaSP5hLt6fEYXvId2VVcLwUfg653KwFgAXseYHDEci vM39FeYUzwHevp7G7A1SYdKi0QmcIdfn2Pv96ZedSnjx/T0TglLJe3Y9DoY0x4c= =TpVE -END PGP SIGNATURE-
Re: [gentoo-user] Re: udev blocks systemd etc
On 2013-03-27 4:41 PM, Michael Mol wrote: On 03/27/2013 04:00 PM, Grant Edwards wrote: On 2013-03-27, Kevin Chadwick wrote: The real drive behind systemd is enterprise cloud type computing for Red Hat. The rest is snake oil and much of the features already exist without systemd. With more snake oil of promises of faster boot up on a portion of the code which is already fast and gains you maybe two seconds. I'm not trying to fan the flames: I'm genuinely confused... I just don't get the whole "parallel startup for faster boot thing". Most of my machines just don't boot up often enough for a few seconds or even tens of seconds to matter at all. With cloud-based computing, you don't have a bunch of servers running, waiting to received requests. Instead, you have is a bunch of idle hardware, waiting to have pre-built system images spun up on them on-demand. The faster those pre-built images can spin up, the faster they can serve requests. Ok, well, that actually makes perfect sense (and answers my question about why Redhat is interested in and pushing it).
Re: [gentoo-user] How to prevent a dns amplification attack
On 03/28/2013 04:51 AM, Norman Rieß wrote: > Hello, > > i am using pdns recursor to provide a dns server which should be usable > for everybody.The problem is, that the server seems to be used in dns > amplification attacks. > I googled around on how to prevent this but did not really find > something usefull. > > Does anyone got an idea about this? I'm not sure it can be done. You can't make a resolver available to "everybody" without somebody in that "everybody" group abusing it, and that's exacly what happens in a DNS amplification attack. Restrict your resolver to be accessible only to your network or, at most, those of the specific group of people you're seeking to help. You *might* try restricting the resolver to only respond to TCP requests rather than UDP requests, but if the resolver sends response data along with that first SYN+ACK, then nothing is solved, and you've opened yourself up to a SYN flood-based DoS attack. (OTOH, if your resolver went offline as a result of a SYN flood, at least it wouldn't be part of an amplification attack any longer...) signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Going through these one by one.
On Sun, 14 Feb 2021 16:03:40 -0500, Steven Lembark wrote: > !!! Multiple package instances within a single package slot have > been pulled !!! into the dependency graph, resulting in a slot conflict: > > dev-python/idna:0 > > (dev-python/idna-3.1:0/0::gentoo, ebuild scheduled for merge) > USE="" ABI_X86="(64)" PYTHON_TARGETS="python3_8 -pypy3 -python3_7 > -python3_9" pulled in by (no parents that aren't satisfied by other > packages in this slot) > > (dev-python/idna-2.10-r1:0/0::gentoo, ebuild scheduled for merge) > USE="" ABI_X86="(64)" PYTHON_TARGETS="python3_8 -pypy3 -python3_7 > -python3_9" pulled in by > required by (dev-python/requests-2.25.1-r1:0/0::gentoo, ebuild > scheduled for merge) USE="-socks5 -test" ABI_X86="(64)" > PYTHON_TARGETS="python3_8 -pypy3 -python3_7 -python3_9" I have vague recollections of both idna and requests causing problems for me when 2.7 was removed, I had to re-emerge both of those, and one or two others, in order to clean things up. Look for anything that is currently installed with python2_7 in PYTHON_TARGETS, something like this should do it eix --installed-with-use python_targets_python2_7 -- Neil Bothwick Anything is possible if you don't know what you are talking about. pgpEWhparr3cx.pgp Description: OpenPGP digital signature
Re: [gentoo-user] No torrent upload
On Tue, 2007-06-12 at 16:27 +0200, Florian Philipp wrote: > > Have you tried running netstat? > > netstat > Active Internet connections (w/o servers) > Proto Recv-Q Send-Q Local Address Foreign Address State > tcp0 1 HOMER_GENTOO64.PHHE:ftp 212-87-13-68.sds.:40202 FIN_WAIT1 > > Active UNIX domain sockets (w/o servers) > Proto RefCnt Flags Type State I-Node Path > unix 2 [ ] DGRAM975 > @/org/kernel/udev/udevd > [...] > nothing interesting except the first line. So you see no SYN requests to your server on port 21 > > > > Have you ensured rtorrent is > > listning on TCP 21 (in Linux you usually have to be running as root to > > do this) > > Yes. It runs as root (not that I would like it, maybe I should chroot it...) > and port 21 is rtorrent's only chance to download. So, it works. Chrooting is not going to get around needding root access to listen on port 21. Plus don't you still need to be root to chroot? > > You mean stuff like iptables? No. This is my theory but I haven't verified it. Bittorrent clients are programmed to listen/connect to a range of ports by default (I think it starts at 6882). Your client is connecting and saying "connect to me on port 21". The other clients see this but it's not in their IP range so they refuse to connect to you. You might be able to tell your client to listen on tcp/21 but that doesn't mean everyone else has told their clients to connect. But if you are sure this *has* worked then that would make my theory incorrect. Like I said I've never verified it, but that seems like the likely scenario. The other scenario is if you're not even seeing SYN requests is that requests are being blocked to your computer from that port, possibly by your ISP. But again if this were the case then it should also be the case for Windows, Knoppix, etc. Can you verify your claim (i.e. go into knoppix or whatever, run rtorrent on tcp/21 and verify via netstat that clients are connecting to you on that port)? -- Albert W. Hopkins -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Unable to locate printer
On 1/29/24 04:23, Michael wrote: On Sunday, 28 January 2024 19:17:06 GMT Thelma wrote: On 1/28/24 11:46, Michael wrote: On Sunday, 28 January 2024 17:43:22 GMT Thelma wrote: Systems show Avahi-daemon status: started. but it I don't know how it helps me find a local printer. I'm puzzled as printers were working last week without any problems. I did not do any update or modification to the system but all of a sudden they stop working "Unable to locate printer" The solution was to change printer setting: lpd://BRN30055C898DF9/BINARY_P1 lpd://brother-5370/BINARY_P1 with: lpd://printer-IP-address/BINARY_P1 lpd://printer-IP-address/BINARY_P1 How to set Avahi-daemon to start automatically deleted printer? I don't think avahi is needed unless you are printing from different temporary clients and you want the printers to be automatically discovered on the network. If this is not your use case, you could try something like this: lpadmin -p 3170-color -E -v ipp:///BINARY_P1 -m everywhere Which will use the CUPS driverless method: https://wiki.gentoo.org/wiki/Driverless_printing These instruction on Gengoo Driveless printing are not clear. I tried to follow this example and run: lpadmin -p foobar -E -v ipp://10.0.0.106/ipp -m everywhere did not create file: foobar.ppd in /etc/cups/ppd/ ls -al /etc/cups/ppd/ -rw-r- 1 root lp 26945 Nov 30 2020 3170-color.ppd -rw-r- 1 root lp 26929 Nov 30 2020 3170-color.ppd.O -rw-r- 1 root lp 16460 Jan 27 13:48 5370.ppd -rw-r- 1 root lp 25537 Jan 27 13:46 5370.ppd.O -rw-r--r-- 1 root root 0 Dec 13 17:47 .keep_net-print_cups-0 -rw-r- 1 root lp 16476 Apr 7 2022 L6200.ppd -rw-r- 1 root lp 16476 Apr 7 2022 L6200.ppd.O Did you run the lpadmin command as root? But it did create foobar local raw printer name foobar, and when I tried to print to it, it spit out strange characters. Where did you find this local raw printer? locahost:631 When I select printer it show what driver it using. What does 'lpstat -t' run as your plain user show? as user: $ lpstat -t scheduler is running no system default destination device for 3170-color: lpd://10.0.0.105/BINARY_P1 device for 3170-color2: ipp://10.0.0.105/BINARY_P1 device for 5370: lpd://10.0.0.106/BINARY_P1 device for 5370-bw: ipp://10.0.0.106/ipp/print 3170-color accepting requests since Sat 27 Jan 2024 06:12:01 PM MST 3170-color2 accepting requests since Sun 28 Jan 2024 12:07:59 PM MST 5370 accepting requests since Mon 29 Jan 2024 08:55:47 AM MST 5370-bw accepting requests since Mon 29 Jan 2024 10:40:51 AM MST L6200 accepting requests since Thu 07 Apr 2022 12:24:10 PM MDT printer 3170-color is idle. enabled since Sat 27 Jan 2024 06:12:01 PM MST printer 3170-color2 is idle. enabled since Sun 28 Jan 2024 12:07:59 PM MST printer 5370 is idle. enabled since Mon 29 Jan 2024 08:55:47 AM MST printer 5370-bw disabled since Mon 29 Jan 2024 10:40:51 AM MST - The printer configuration is incorrect or the printer no longer exists. I noticed you substitute after /ipp with /BINARY_P1 This is not very clear in Gentoo Documentation Trying it: lpadmin -p 3170-color2 -E -v ipp://10.0.0.105/BINARY_P1 -m everywhere It did not create any file name: 3170-color2.ppd ; but it did create entry in printer entry 3170-color2 - local raw printer and printing to it works OK. Thank you! You can try moving temporarily all .ppd files from /etc/cups/ppd/ and try running the lpadmin command again. Perhaps if it finds some ppd file already in there with the same settings it won't create a new file. Can you explain the /ipp vs. /BINARY_P1 If you login into the printer's admin GUI with your browser and navigate to Network, Services, you will see a list of service names. You can try configuring CUPS with each one at a time to see what works for you. I'm using XFCE it doesn't have GUI setting for printers. But I can login via http://localhost:631 to see the printers
[gentoo-user] Re: ....Gentoo update killed Gentoo update?
Wolfram Schlich wrote: > So, you (also) are effectively the maintainer There was some dispute. It seems that now my requests are ignored: https://bugs.gentoo.org/628512
Re: [gentoo-user] Strange outbound requests
On 01/22/2012 12:54 PM, Grant wrote: `watch` isn't going to help too much unless you're looking at it. Append the output to some log file instead. I chose netstat because its output looked easier to parse with a stupid regexp. while true; do netstat -antp | grep ':993 '>> mystery.log; sleep 1; done; You'll want to change the port -- I tested to make sure that was really logging my Thunderbird connections. I'm still getting the blocked outbound requests to port 3680 on my firewall and I'm running the above script (changed 993 to 3680) on the local system indicated by SRC in the firewall log, but mystery.log remains empty. I tested the script with other ports and it seems to be working fine. Also the MAC indicated in the firewall log is 14 blocks long and the local system in question has a MAC address 6 blocks long according to ifconfig, but the 6 blocks from ifconfig do match 6 of the blocks reported by the firewall. Does this make sense to anyone? Are you running it as root? If not, you could be missing some connections. I also typed the 't' in netstat out of habit -- that limits the output to tcp connections. You can remove it to catch the UDP ones.
Re: [gentoo-user] IPv6 not ready here; Hmmm
Apparently, though unproven, at 21:45 on Wednesday 08 June 2011, Paul Hartman did opine thusly: > On Tue, Jun 7, 2011 at 8:27 PM, Dale wrote: > > Funny thing is, I use googles DNS servers. 8.8.8.8 and 8.8.4.4 are the > > settings. I find it ironic that Google is one of the ones hosting this > > event and it appears their server is not ready. Makes me think. < Dale > > scratches chin a bit > > > From Google DNS FAQ: > > Does Google Public DNS support IPv6? > Google Public DNS can respond to requests for IPv6 addresses ( > requests), but it does not yet support native IPv6 transport and > cannot talk to IPv6-only authoritative nameservers. Clients should use > IPv4 network connections to use Google Public DNS. Almost all large auth servers out there are in exactly that position. Mine certainly are. Cisco are waiting in the wings with a gigantic[1] quote for what it will take to change that. [1] When I say "gigantic" I really do mean "gigantic", as in "OMFG, does the number of $US fit into the money field in Oracle Financials??". Not "gigantic" as in "oh, that's big, bigger than what we normally call big". Just wanted to add some perspective... -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] mysqld invoked oom-killer
>>> apache MaxClients has been lowered to 50 which is a shame because I >>> have 30+ separate images on each of my pages and that number can not >>> be reduced. This means I may not be able to serve more than 1 full >>> page at a time. >> >> This is wrong. > > Agreed. From TFM; "The MaxClients directive sets the limit on the > number of simultaneous requests that will be served" and i'd say when > they say "requests", they're talking about TCP sessions. So in the old > days of HTTP/1.0 you'd be right, and if you'd turned off pipelining > (KeepAlives) you'd be right. > > The default for MaxKeepAliveRequests is 100, so no problems > downloading the 30+ objects within a single session, assuming you have > KeepAlive on. I'm trying to figure out the maximum number of apache2 processes that could run simultaneously according to my config so I don't run out of memory again. I have KeepAlive on, but I can see in the log that a different pid serves each file associated with a particular page request. Doesn't that mean a different apache2 process is serving each file and I need one process for each file served at any particular moment? How does KeepAlive relate to the number of running apache2 processes? - Grant
Re: [gentoo-user] emerge xfce-base/thunar: lobotomy needed
On Mon, Sep 10, 2012 at 8:26 PM, Chris Stankevitz wrote: [snip] > I got farther this time, but it seems that emerge is still asking a lot of me. > > Eventhough I think it's odd (and a sign that I screwed up somewhere), > I can satisfy the USE flag requests and the ~amd64 requests. > > I do not know how to solve the slot conflicts. This is weird. xfce-base/thunar-1.4.0 (the only available version) is stable; every one of its dependencies should be stable. You should not require to keyword any package. Can I see your USE variable in /etc/make.conf (or /etc/portage/make.conf, if you use the new recommended location)? Also, if you have it, your /etc/portage/package.use file or files? I have an old server running without nothing X-related, and portage allows me to merge thunar by just setting "X" and "gudev" to my USE flags. Also, your xfce-meta installation didn't pull thunar because you didn't set the (surprise) thunar USE flag. Before merging something, do a: emerge -pv xfce-meta You will see the possible USE flags, and which ones are set. Regards. -- Canek Peláez Valdés Posgrado en Ciencia e Ingeniería de la Computación Universidad Nacional Autónoma de México
Re: [gentoo-user] Re: RE: Home Network Printing
allow port 631tcp and udp. On Dec 1, 2005, at 5:02 PM, Mick wrote: Richard Fish wrote: First, let me say that I don't have this setup, but based on /usr/share/doc/cups-1.1.23-r4/html/ipp.pdf, you should have something like: ipp://192.168.0.3/printers/Compaq-HP Wey-hey! It WORKS! :-D Thanks Richard, thank you all. The mistake was with me missing out the /printers/ part of the address. Hmm, perhaps the Example given on the gui needs improving? Last question and then I'll be good to print until I run out of money to pay for the *extremely expensive* HP ink ;-) What rule should I add to the firewall on the server to allow it to accept cups requests from the client. I don't want to open a great big hole for all traffic, just the cups requests only. With the firewall working the client logs show: Network host '192.168.0.3' is busy; will retry in 30 seconds... Also, if I were to tweak the cupsd.conf file with security in mind what would be your recommendations for a good set up? -- Regards, Mick -- gentoo-user@gentoo.org mailing list -- gentoo-user@gentoo.org mailing list