| marblood | Anyone here use OpenSnitch? Was thinking of trying Devuan and am curious if it works on it. | 03:20 |
|---|---|---|
| gnarface | marblood: i've never tried it personally, but it's in the repo, so it probably works | 03:28 |
| gnarface | there's a live iso you can download to test without commitment | 03:28 |
| marblood | Fair enough, I'll give it a shot :) | 03:29 |
| sfox | my Devuan installation keeps using the mngt address despite net.ipv6.conf.all.use_tempaddr=2, net.ipv6.conf.eth0.use_tempaddr=2 and temporary addresses existing | 05:11 |
| sfox | i don't know what else to try | 05:11 |
| sfox | everything i do and outgoing connections are still encoding the mac address | 05:11 |
| sfox | i also set privext 2 in the networking configuration | 05:12 |
| gnarface | sfox: you using NetworkManager? you might have to make some changes to its config too | 05:22 |
| rwp | fsmithred, Is there a refracta-nox boot image with an active serial port console? console=ttyS0,9600n8 | 06:46 |
| sfox | gnarface: no i'm not using any network manager besides the one that comes with debian | 07:44 |
| sfox | just /etc/network/interfaces.d | 07:44 |
| gnarface | sfox: i assume you already tried to ifdown then ifup the interface? | 07:48 |
| sfox | no | 07:49 |
| sfox | can i do that without breaking stuff or losing connection? | 07:49 |
| sfox | it's used like a mainframe with multiple users on different Xservers | 07:49 |
| gnarface | sfox: well, you'll definitely lose the connection while its down... | 07:50 |
| gnarface | oh, also, try setting this too: net.ipv6.conf.default.use_tempaddr=2 | 07:50 |
| sfox | that's fine as long as it comes back up without manual intervention | 07:50 |
| gnarface | well in a fair world it will... TBH i can't guarantee it | 07:50 |
| gnarface | what i'm seeing from here: https://tldp.org/HOWTO/Linux+IPv6-HOWTO/ch06s05.html | 07:50 |
| gnarface | ... says that if it runs before eth0 is created, it won't work unless ... | 07:51 |
| gnarface | ... net.ipv6.conf.default.use_tempaddr=2 is also set | 07:51 |
| sfox | gnarface: i set net.ipv6.conf.default.use_tempaddr=2 and curl ifconfig.me is still reporting the mac | 07:51 |
| gnarface | you'd still have to down/up the interfaces aiui | 07:51 |
| sfox | the weird thing is it was working then one night it stopped | 07:52 |
| sfox | ifdown eth0 && ifup eth0? | 07:52 |
| gnarface | race condition in the startup scripts perhaps? anyway, with "default" also set in addition to "all", instead of just "all" and "eth0" then in theory according to this it should work on boot and thereafter | 07:52 |
| gnarface | yea, ifdown eth0, then ifup eth0 | 07:53 |
| gnarface | if you actually use the "&&" you need to make sure ifdown doesn't so much as throw a warning | 07:53 |
| gnarface | full disclosure, i don't use ipv6 because it's not worth it for any of my use cases | 07:54 |
| gnarface | i typically just disable it and create more NATs | 07:54 |
| sfox | race condition could explain it i guess | 07:54 |
| sfox | gnarface: please stop doing that | 07:54 |
| gnarface | lol | 07:54 |
| sfox | there aren't any more ipv4 addresses to go around | 07:55 |
| sfox | and level of hacks i have to do just to remain compatible with legacy ip because people do what your doing is crazy | 07:55 |
| gnarface | there's plenty of designated private ipv4 addresses for my use, and in the private range it doesn't matter if anyone else is using them | 07:55 |
| sfox | your ruining end to end connectivity | 07:56 |
| sfox | your making everyone in your nat not able to participate in the net, only consume it | 07:56 |
| sfox | through multiple layers of proxies and nat | 07:56 |
| gnarface | these are my private LANs; end-to-end connectivity would be a catastrophic failure in security | 07:56 |
| sfox | that's what a firewall is for | 07:56 |
| sfox | not nat | 07:56 |
| gnarface | oh, there's also firewalls, lol | 07:56 |
| gnarface | anyway, you probably can't fix this without at least briefly interrupting connectivity, but as long as nothing else is misconfigured i don't see why it wouldn't come back up | 07:58 |
| gnarface | still, if anything really important is using the connection you should probably wait until its finished | 07:59 |
| sfox | what would be better then &&? | 07:59 |
| gnarface | just ifdown eth0 and wait | 07:59 |
| sfox | i thought of ;; but that caues a race condition | 07:59 |
| gnarface | maybe run "ifconfig -a" in another terminal until you visually verify it's actually down | 08:00 |
| sfox | if i just ifdown there's nothing to bring it back up | 08:00 |
| sfox | i'll lose my connection | 08:00 |
| gnarface | right, you'd run "ifup eth0" manually when you were personally sure it was down | 08:00 |
| gnarface | OH, this is a remote server? that's a problem... | 08:00 |
| gnarface | that changes things, there's a real risk of locking yourself out | 08:00 |
| sfox | yes | 08:02 |
| gnarface | you might want to wait to talk to someone who has actually done this before, as i have not | 08:03 |
| onefang | If there's some sort of IPMI remote console or something, you might be able to fiddle with it while the connection is down. Also some connections tend to wait for the timeout before dropping, so you could drop and bring up a connection quickly, and some things will survive. | 08:08 |
| onefang | I've had unreliable Internet that drops out daily, and all my ssh connections survived. | 08:10 |
| onefang | No guarantees though. | 08:12 |
| sfox | i brought it back up | 08:21 |
| sfox | it'd like to figure out a better way to do this in the future | 08:21 |
| gnarface | if you set "default" and "all" instead of just "eth0" and "all" it's supposed to work right | 08:22 |
| gnarface | that's what tldp.org says anyway | 08:22 |
| gnarface | i can't be sure nothing else is wrong though, you'll just have to test it | 08:23 |
| * rrq tends to use: while sleep 1 ; do ifup eth0 && break ; ifdown -f eth0 ; done | 09:41 | |
| sfox | rrq: thanks | 21:59 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!