dangole has quit [Remote host closed the connection]
Tapper has joined #openwrt-devel
csrf has quit [Quit: Leaving]
MAbeeTT has joined #openwrt-devel
guerby has quit [Remote host closed the connection]
danitool has quit [Quit: Cubum autem in duos cubos, aut quadratoquadratum in duos quadratoquadratos]
yolo has joined #openwrt-devel
MAbeeTT2 has joined #openwrt-devel
MAbeeTT has quit [Ping timeout: 480 seconds]
Tapper has quit [Ping timeout: 480 seconds]
goliath has quit [Quit: SIGSEGV]
<yolo>
i have a 0.0.0.0 example.com in /etc/hosts, nslookup example.com gives both 0.0.0.0 and some non-authorative ansser of ipv6, ping example.com will return 127.0.0.1, which is good and expected
<yolo>
try block another site say 123porn.com in /etc/hosts, nslookup 123porn.com returns 0.0.0.0 and some ipv6, however when I ping it reaches that site via its ipv6, /etc/hosts can not block it. why the difference?
<schmars[m]>
i guess happy eyeballs should only be done if the host doesn't appear in /etc/hosts?
<schmars[m]>
have you tried putting both 0.0.0.0 and :: in there
<slh>
yesm it's probably about you not defining both, A and AAAA records. but the easy way out would be installing luci-app-adblock and (just-) using its internal blacklist
<\x>
you can also do like uhhhh echo "local=/123porn.com/" >> /tmp/dnsmasq.d/block_these
<\x>
then restart dnsmasq
<yolo>
adblock is a bit heavy, anyway now it works?!
<\x>
not that heavy nowadays with that significant dnsmasq update
<yolo>
what magic dnsmasq added? upgraded its internel linear search of all the entries with some better data structure?
<\x>
something like that, its still not as good as unbound though but yeah ill take the memory surplus in exchange of 1~2ms difference on dnscheck.tools
<yolo>
i recall dnsmasq just read /etc/hosts and /etc/dnsmasq.conf etc line by line and search them
<slh>
you can reduce those to your own, self-curated /etc/adblock/adblock.blacklist
<slh>
which then does exactly -and only- what you're trying to do manually now
<yolo>
in fact dnsmasq failed to load /etc/safe-search/enabled/<symlinks>, if I replace the symlinks with real files dnsmasq works well
<\x>
300k blocklist here loaded on dnsmasq serial to unbound. 1~2ms difference compared to direct loading the blocklist unbound. atleast on dnscheck.tools bench.
<slh>
blacklists in the tens of thousands of blocked domains are heavy, but not adblock itself
<\x>
on 2.85 and prior dnsmasq grinds to a halt doing that
<\x>
though I think 2.86/2.87 is only on snapshots? idk if its on 22.xx
<yolo>
anyways I bricked a archer a7v5 today and could not recover, solder uart and found out the 22.03.2 factory.bin does not work, used my own old factory.bin and it did the magic(get rid of those jffs2 errors)
<slh>
2.86 is in 22.03.x, 2.87 only in snapshotsa
<\x>
then good
<\x>
if youre short on memory load your blocklist on dnsmasq, memory use is also smaller now
<\x>
if you have a surplus, consider unbound and multithread it
<yolo>
isn't unbound overkill for a home router
<slh>
well, you need to make up your mind what you actually want to do ;)
<slh>
a few dozens of blocked hosts, just install luci-app-adblock, add them to /etc/adblock/adblock.blacklist, keep everything else at defaults /done
* yolo
just spent the whole day to upgrade to 22.03.2 from 21.02 due to the bricked device
<slh>
the big hammer with hundreds of thousands of blocked hosts needs more tweaking
<slh>
there is no reason to overthink the situation for 'a handful' (up to a few thousands) of blocked
<slh>
hosts
<slh>
once you get into the tens of thousands, you do have to consider RAM requirements <-- and maybe counteract with tweaking and/or reduce your blocklists
<slh>
but blocking a few dozens of hosts with adblock (and all defaults) is pretty much zero-cost
<\x>
its not overkill yolo. I do recommend it for everyone.
<yolo>
well dnsmasq can store the lists into sqlite3 to leverage its efficient internal data structure to save some memory
<\x>
we have multicore cpus on our APs now, unbound script should be updated hehe, I still have to config slabs there
<\x>
I also like a few features on it like ofcourse, full recursive and serve-expired
<yolo>
my poor AC1750 worked fine, youtube/surfing are smooth, I don't get why we need super high-power AP frankly, I don't watck 4k/8k at home though
<slh>
even a cheap'ish 802.11ax AP doubles the wireless throughput compared to high-end 802.11ac, compared to your a7-v5, it pretty much triples it
<slh>
I certainly agree that the a7's wireless throughput might be 'good enough' for your needs, if you care more about wired speed than wireless (and so do I), but the speedup is there, and real
<\x>
lets hope 7981 hits the cheap mass market sometime, it is pretty much the only choice
<\x>
ipq50xx has too much compromises
<slh>
on top of that you do get the additional routing speed improvements, that are necessary above ~150 MBit/s WAN speed (or ~75 MBit/s with sqm/cake)
<slh>
ftth (and to a lesser extent DOCSIS 3/4) has changed the eco system in this regard
<\x>
that dynalink you were pointing out last time seems so good slh, I saw it 80$ on amazon. maaan, das greato
<slh>
users suddenly do need vastly faster routers to keep up with their new found WAN speeds
<slh>
\x: so far I've resisted successfully, but it's hard not to click buy ;)
<\x>
I bought into 60xx already so mehhh, but man 4x4 on both bands and 1GB memory is hard to resist
<slh>
exactly that's my (only) reason not to buy, I already have the ax3600/ ipq8071a
<yolo>
I actually don't know if openwrt can support them yet, I mean those above-ac wifi speeds
<slh>
...and because filogic 830 is 'close'
<\x>
yolo: it does. its just linux.
<yolo>
I need openwrt, if the wifi is 1TB/s but there is no openwrt, I won't use it
<yolo>
is there a page to show high-end-superfast routers with solid openwrt support? I checked tplink's openwrt hardware support list, they seem are all older models
<\x>
if youre willing to join the bleeding edge, theres some viable platforms. MT7622, MT7986, IPQ807X, MT7981, IPQ60XX, these are ordered on how stable they are for now
<\x>
the last two are pretty much bleeding edge to the point youll have headaches ;)
<\x>
some last gen stuff are also still good and kinda got reborned, IPQ40XX is so good now man
<\x>
806x seems it has issues currently and I didnt experience it so I cant tell how good is it
<\x>
anything is an upgrade over that c7 anyway ;)
<slh>
well, given current pricing and availability, I wouldn't really look back anymore
<slh>
used markets or availability of the really cheap chinese-only stuff would be a different topic, of course
<\x>
I say for budget, a lot are decomissioning ipq40xx, stuff like asus lyras, those you can get for 15~20$ used
<slh>
heck, the rt3200 was at 45 EUR at the start of this week - that was really hard to let pass
<yolo>
slh: thanks. it's $70 here just slightly more than a7v5 archer 1750.
<\x>
for higher end stuff but isnt that stable yet I guess 807X/7986, for stable yeah 7622 seems stable already. for meme bleeding edge and free headaches, theres your 7981/60xx
<yolo>
so I assume openwrt support is stable on it? I'm interested in an upgrade if it's 'stable'
<\x>
7622 has a lot of users on the forum with the belkin rt3200 check the thread out
<slh>
it's very popular among developers and users at the moment, so yes, it should be stable (don't have it myself)
<yolo>
in the past I trust atheros chips more than mediateks, not sure if things changed
<yolo>
i recall 7621 had 2.4G stability issues
<slh>
ath11k has been a bit of a pain so far
<slh>
'working' well, but quite a lot of issues to get it to that point
<yolo>
so, mt76 is more robust?
<slh>
it's easier to work with for the developers
<yolo>
i bought a dozen 7621 routers and they're collecting dusts over the years due to 2.4Ghz problems, never reliable
<\x>
most robust 2.4GHz I experienced is old ath9k not the pre-n ones like 9380 I think and ipq40xx's but thats wifi 5
<\x>
slh: you think 807x will be PRd next year? lmao
<\x>
I guess robi is waiting for 6.1 and that regdb injection tool, so im sure not this year
<slh>
\x: it will hit that point before ipq60xx will, at least that part is very likely ;)
<slh>
so the joke's on you ;)
<\x>
yup, its literally a pre requisite
<slh>
it's been 'working' fine for over a year already
<\x>
i cant even post on the forums about 60xx since theres not much users
<\x>
so glad i memed mrnuke_ about it, he bought one lmao
minimal has quit [Quit: Leaving]
<\x>
though I was like ready ti use that 4.4 kernel that they shipped with the QSDK, it does work, its just that I had to update a lot of stuff manually like dnsmasq, openssl etc etc
<yolo>
slh: thanks! just bought an rt3200 at $75 tax included, hope it lasts
<\x>
enjoy yolo
<slh>
should be a really nice device
<yolo>
with this maybe my son will not curse me during tetris games when wifi kills his game
<\x>
slh: 807x also comes with that "pseudo-dsa" ethernet right?
<slh>
not really
<\x>
so its real dsa?
<slh>
nss-dp tries to fool the kernel into thinking all ports were independent interfaces
<\x>
or they just represent every port as a device
<slh>
no, not dsa at all
<\x>
ah yeah
<slh>
neither swconfig, nor dsa - but still ipq40xx-like hardware
<\x>
so is there some hidden pretagging again?
<slh>
probably
<\x>
I didnt have issues like ipq40xx but yeah I used gre again to pass vlans this time just to be sure
<\x>
normal tagging did work but yeah just to make sure for now
<\x>
slh: so it seems this is what qualcomm will be doing starting with 40xx huh
<\x>
some weird switching happening on the soc again
<slh>
ipq40xx, ipq807x, ipq60xx, ipq50xx are rather similar in this regard
<slh>
only ipq807x is the odd one out
<\x>
on the QSDK kernel one with 4.4 I had this issue, theres 5 ports right, so eth4, eth3, eth2, eth1 eth0, I create vlan with eth0.200 but wtf you can also get that same vlan leaking out on eth1
<\x>
like wtf
<\x>
but it might just be my setup so yeah
<\x>
havent tried with the 5.15 one yet but maybe sometime
<slh>
just gimme the bpi-r3 with case, radios, antennas and psu for <150 bucks ;)
<\x>
you can
<\x>
I think its 125$
<\x>
they sell it as a bundle now
<slh>
(dispatched from EU, sorry, I'm a coward when it comes to customs fun)
<\x>
they shouldve split that pcie x2 to 2x1 though put the other one on the mini pcie slot but yeah whatever, its still good
<slh>
if I'm not mistaken, none of those bundles ships with the actual radios?
<\x>
yup slh
<\x>
the radios are soldered n the board
<slh>
ah, yep, sorry
<\x>
the slots are, 1x mini pcie (usb only) and nvme slot underneath, key M I think
<slh>
well, I'm not on a hurry
<\x>
atleast when I tested with soxrok2212 its like 500 Mbps on SQM cake
<\x>
thats with tweaks so yeah
<\x>
we were expecting like 700
<slh>
what I have is working - and will do so for quite a while to come
<\x>
IO is real good on these maaan, this is based
guerby has joined #openwrt-devel
valku has quit [Quit: valku]
csrf has joined #openwrt-devel
Tapper has joined #openwrt-devel
rua has quit [Quit: Leaving.]
rua has joined #openwrt-devel
Tapper has quit [Ping timeout: 480 seconds]
srslypascal is now known as Guest136
srslypascal has joined #openwrt-devel
Guest136 has quit [Ping timeout: 480 seconds]
<Znevna>
so late last night I've decided to flash my 2nd Archer C6U and it worked fine, the first one doesn't see the wireless chips. can this have anything to do with it? https://paste.debian.net/plainh/9fe8bc1e
<Znevna>
first part is from the nonfunctional one.
csrf has quit [Quit: Leaving]
<\x>
is the flash erroring out for reals? maybe you can try to lower spi frequency?
<Znevna>
I don't know if it's some error. the partitions have different offsets
MaxSoniX has joined #openwrt-devel
noltari has quit [Quit: Bye ~ Happy Hacking!]
noltari has joined #openwrt-devel
<Znevna>
i'd try copying the flash from the working one to this one to rule out a hard problem
MaxS0niX has joined #openwrt-devel
MaxSoniX has quit [Read error: Connection reset by peer]
danitool has joined #openwrt-devel
<\x>
hi, regarding a firewall rule here, for example, I want to allow guest network to get IPV6 via slaac, to do this, I had to enable guest => wan input "accept"
<\x>
is there a rule to kinda just make that one "drop" but still allow ipv6 autoconfig?
<\x>
oh, so its an icmp type
<\x>
time to deduce which is needed to be enabled hehe
<dwfreed>
the "input" column on the main page of the firewall is not about forwarding, but about input into the router itself from that zone
<dwfreed>
and output is for output from the router into that zone; forward is for intra-zone forwarding that would have to go through the router at layer 2 (eg, 2 different interfaces, not bridged together, both in the same zone)
<dwfreed>
SLAAC needs the {Neighbor,Router} {Advertisement,Solicitation} ICMP types; and IPv6 in general will need Neighbor Advert and Solicit working
<dhewg>
iirc those are enabled in the default fw rules, if you wiped them they're still in /rom/etc/config/firewall for c&p
<\x>
thanks a lot dwfreed
<\x>
works well now
<\x>
dhewg: nah, its for another vlan, a guest network
<Znevna>
three binary identical reads count as a good backup right? ^^
<\x>
yeah Znevna, should be good enough
cbeznea has joined #openwrt-devel
<Znevna>
I don't wanna desolder the chips from these archers
<Znevna>
is the 'tplink' partition used for anything in OpenWrt ?
<Znevna>
nevermind, stupid question.
gladiac has quit [Quit: k thx bye]
<dhewg>
seeing that bcm buildbot message, are boards using brcm-wl going to be removed?
goliath has joined #openwrt-devel
<dhewg>
Can you even use wifi on those boards anymore? There's 5a1065758b "iwinfo: build with nl80211 backend only and make shared" which may have removed that "feature"
<Znevna>
So I've did a franken build, on the "working" dump I've replaced these from the non-working-wifi dump: u-boot (since it was newer), config and radio. All seems fine. I can't imagine someone else doing this but hey, it works.
<hitech95>
yea I'm trying to make it woking on my network but it is not happy
<\x>
ethernet?
<hitech95>
yea,
<hitech95>
web is read only
MaxS0niX has quit [Quit: Konversation terminated!]
<\x>
what does /proc/mounts say ?
<\x>
can it be remounted rw?
<hitech95>
gonna try
<\x>
if all else fails man, the only thing I can think off is really to echo a binary there
<\x>
itll be painful
<\x>
but something like nc built statically will help a lot
<hitech95>
ya it has no usb also... I'll have to puth the binary manually in
<\x>
maaan, last hope is webserver to atleast get a dump
<\x>
else youll be doing echo -en '\\blahblah" >> file
<hitech95>
no curl no wget but it has xlnat for god sake
<\x>
the meme is that is /dev/tcp available? lmao
<dhewg>
wrt to dt, it'll differ from the dts because of phandles, but if the kernel option is set there's /proc/device-tree/, which is the active dtb, which dtc in return accepts as input
<\x>
big doubt ofcourse
<hitech95>
no /dev/tcp
<\x>
find a way to use that webserver there then
<\x>
atleast youll be able to get a dump out
<\x>
hitech95: just a thought, uclient-fetch?
<hitech95>
nop
<hitech95>
I've found the binary for the web server
<hitech95>
the web ui is mount -t cramfs /dev/mtdblock20 /etc_ro/web
<\x>
cant you just run another instance?
<\x>
of the webserver
<\x>
that might be easier
<\x>
cramfs is ro
<\x>
ill sleep, but yeah if alll else fails, ahemm, start echoing a binary
<\x>
>inb4 all writable partitions are noexec, but yeah highly doubt
dangole_ is now known as dangole
<Znevna>
should I be worried that this appears after a sysupgrade? mtd: partition "kernel" doesn't end on an erase/write block -- force read-only
<Znevna>
and for rootfs too
<PaulFertser>
Znevna: no, that's ok, as only r/w filesystems need to be aligned.
<hitech95>
done! I have the dumps... what a mess
<G10h4ck>
nbd It's me getting too old or it's hostapd/wpa_supplicant code utterly convoluted? digging into function calls one and up falling in the white rabbit hole every a couple of them...
<dhewg>
it's not just you, been there yesterday
<G10h4ck>
i feel less alone :p
[Pokey] has quit [Quit: Hecc! My server must have died!]
<hitech95>
now I have to figure out where the DTCs are
<hitech95>
anyone know how to build from codeaurora? I know this is a bit out of topic but I cannot find any info online. Since ipq50xx is not supported
[Pokey] has joined #openwrt-devel
[Pokey] has quit []
[Pokey] has joined #openwrt-devel
[Pokey] has quit []
[Pokey] has joined #openwrt-devel
philipp64 has quit [Ping timeout: 480 seconds]
clayface_ has joined #openwrt-devel
clayface has quit [Ping timeout: 480 seconds]
[Pokey] has quit [Quit: Hecc! My server must have died!]
[Pokey] has joined #openwrt-devel
GNUmoon has quit [Remote host closed the connection]
GNUmoon has joined #openwrt-devel
<yolo>
dnsmasq could not read /etc/safe-search/enabled/some-symlinks due to ujail, where can I add /etc/safe-search/enabled to dnsmasq's ujail? do I need rebuild a new 22.03 image of my own
<yolo>
if i have /etc/safe-search/enabled/real-files it works fine, just not symlinks, guess ujails refuse to do that
[Pokey] has quit [Quit: Hecc! My server must have died!]
<yolo>
actually it's already added, strange. put a file there it works, put a symlink there it wont work
[Pokey] has quit []
[Pokey] has joined #openwrt-devel
soxrok2212 has quit [Read error: No route to host]
[Pokey] has quit []
[Pokey] has joined #openwrt-devel
[Pokey] has quit []
[Pokey] has joined #openwrt-devel
soxrok2212 has joined #openwrt-devel
nixuser has quit [Ping timeout: 480 seconds]
<yolo>
so, ujail disallows symlinks under '-r /what/ever/path', it will not fopen them.
<dangole>
yolo: ujail won't prevent dnsmasq from reading or opening the symlink, strictly speaking, but the file the symlink is pointing to will be missing if it's not inside one of the paths included in the jail
nixuser has joined #openwrt-devel
Borromini has joined #openwrt-devel
<Znevna>
Borromini: I've "fixed" that router. turns out something from the 'tplink' partition prevents detection of the chips?
<Znevna>
soo I took a full dump of both of them, flashed the broken one with the content of the good one, and it worked fine.
<Znevna>
then i've replaced config and radio witht the original
<Znevna>
something is wrong there but I'm in no way skilled to find out what :p
<Borromini>
is that log from your broken device?
cbeznea has quit [Quit: Leaving.]
<Znevna>
from two devices, first the one that didn't wanna work last night
<Borromini>
ok
<Borromini>
you should reflash OpenWrt if you are seeing those boundary errors
<Znevna>
I did, they didn't go away
<Borromini>
with sysupgrade -n?
<Znevna>
that's with not saving config, right? yes.
<Borromini>
yes, correct
<Znevna>
also they appear after a sysupgrade
<Borromini>
kernel and rootfs are perfectly okay being read-only but I'd think the firmware splitter would make sure they got split on a boundary
<Borromini>
PaulFertser: what's your take on that?
<Znevna>
<PaulFertser> Znevna: no, that's ok, as only r/w filesystems need to be aligned.
<Znevna>
:P
<Borromini>
ok =)
<Borromini>
so a non-issue then, good.
<Znevna>
I think it's something with those offsets and the "OF: Bad cell count " lines
<Znevna>
but I don't know how that can prevent the cards (chips) from detecting
<Znevna>
surprised that I'm the only lucky one with such a unit.
jlsalvador has quit [Quit: jlsalvador]
<Borromini>
maybe others will pop up...
<Borromini>
FWIW, make a backup of your bootloader *and* your radio calibration data
<Borromini>
might come in handy one day
<Znevna>
I have a backup of both units
<Borromini>
alrighty 👍
<Znevna>
that's how I messed building a franken-flash-content
<Borromini>
:)
<Borromini>
had to use flashrom?
<Znevna>
NeoProgrammer
<Borromini>
and a SOIC clamp then I suppose
<Znevna>
yeah
<Borromini>
:)
<Znevna>
nice that the clamp prevents it from booting
<Borromini>
feels like the deep end doesn't it
<Borromini>
yeah it does, provides just enough power to read/write the chip
<Znevna>
for such a cheap device, yes
<Znevna>
ah, no. It didn't.
<Borromini>
i recovered a TL-WR1043ND v2 with it that I had considered lost for like two years :P
<Borromini>
happy as a child when I got that clip
<Borromini>
saved my *rse quite a few times.
<Znevna>
I had to disconnect everything, connect the clamp to the chip and the programmer, power the router, wait for it to stop trying to boot, plug the programmer into usb, read, read, compare, read..
<Borromini>
oh?
<Borromini>
ok weird :-/
<Znevna>
with only the clamp it was wrongly detecting the chip, probably the router sucks too much power out of the programmer
G10h4ck has quit [Read error: Connection reset by peer]
<Znevna>
maybe someone that is more familiar with mediatek reads this log someday, I'll provide the flashdump if required to teach OpenWrt to handle it ^^
<Znevna>
Did you ever got DFS working on MT7613? found a post of yours. And I just encountered that earlier
<Borromini>
nope.
<Borromini>
from what I gathered the hardware does not support it
<Borromini>
and even if it does it needs tweaking in the driver which is beyond my moderate hacking skills
<Znevna>
It wasn't available in the OEM firmware, but many TP-Link models are castrated in EU (by software) vs the same ones sold in US
<Znevna>
donno why they do this.
jlsalvador has joined #openwrt-devel
<Borromini>
no idea. I thought we all got fucked because of what the FCC decided to prevent tampering with radios
<Znevna>
it's nice that I can change the country on this one
gladiac has joined #openwrt-devel
<SlimeyX>
heh
<SlimeyX>
dont forget to sync after writing things to mtd
<Znevna>
I didn't manually write anything :p
<Borromini>
Znevna: why?
<Borromini>
that's exactly why the FCC clamped down on this stuff :)
<Znevna>
because I don't live in the country written on this things flash
<Borromini>
oh.
<Znevna>
I saw DE in some partition on both units, I'm guessing the driver uses that as default?
<Znevna>
late. 'night!
<Borromini>
not sure.
<Borromini>
night
Borromini has quit [Quit: Lost terminal]
Nyshan has joined #openwrt-devel
<Nyshan>
Has anyone converted a device to DSA on github and, if they have, would they be willing to explain how/what they did?
Nyshan has quit [Remote host closed the connection]
Nyshan has quit [Remote host closed the connection]
[Pokey] has quit [Quit: Hecc! My server must have died!]
<yolo>
dangole: that's correct, dnsmasq includes addnhosts which only has /etc/safe-search/enabled for safe-search package, but /etc/safe-search/enabled/* are symlinks to /etc/safe-search/available/* which is not added to ujail, thus dnsmasq reports 'file not exist',for now I had to manually add /etc/safe-search/available to ujail to get around, it does raise a quesiton though: you need add both symlinks and
<yolo>
where their origins to ujail
<dhewg>
sounds more like an issue with the safe-search package, why's it symlinking round in overlayfs and wasting write cycles
Nyshan has joined #openwrt-devel
Nyshan has quit [Remote host closed the connection]
csrf has joined #openwrt-devel
philipp64 has joined #openwrt-devel
philipp64 has quit []
philipp64 has joined #openwrt-devel
Nyshan has joined #openwrt-devel
philipp64 is now known as Guest175
philipp64 has joined #openwrt-devel
Guest175 has quit [Read error: Connection reset by peer]
<\x>
nyshan: i have done an ipq40xx dsa conversion when it was early, like around november last year
<\x>
its a 02_network and dts edit
<\x>
there should be example conversions on pull requests that you can copy and try to replicate
Nyshan has quit [Remote host closed the connection]
philipp64 is now known as Guest176
philipp64 has joined #openwrt-devel
Nyshan has joined #openwrt-devel
Tapper has quit [Ping timeout: 480 seconds]
<Nyshan>
I'm just struggling to figure out why certain things changed and how the person making the changes knew how to use specific addresses for devices
<\x>
its not that they knew
<\x>
many did submit conversions
<\x>
and on some a lot asked some other people early for a conversion so they can try
<\x>
it kinda became "try if it works, if it did then we merge it"
<\x>
yup ucidev on 02_network and thos ports also needs to get added on the dts
<\x>
Nyshan-Desktop: when 4721 was still not merged there was a callout on the forums about it, some devices got converted that way, people testing conversions basically