--- Log opened Sun Mar 25 00:00:11 2012 00:00 < RangerZ> i purposely go to non-3d films 00:01 < RangerZ> and in nashville, it sucks there isn't any drive ins 00:01 <@Evilpig> I thought there was one close to here 00:01 < RangerZ> we have 2 close to where i used to live, 6.50 a person 00:01 < RangerZ> and then the consessions were reasonably priced like a dairy queen braiser(the ones with hot food) 00:02 < RangerZ> 20$ and me and the girl would go and get food/drinks and the show 00:03 <@Evilpig> http://www.calvertdrivein.com/ <-- that's the one back home 00:03 <@Evilpig> and their website is still fuckign horrible 00:03 < eryc> Evilpig: ahhh. haha i thought that looked digusting too. thanks for the detail. 00:04 < eryc> i was like wtf green egg salad out of cadbury creme.. sick 00:04 <@Evilpig> eryc: the lettuce looking stuff was coconut dyed green. 00:04 <@Evilpig> so actually that would be pretty damned tasty. 00:05 <@Evilpig> okay so popcorn at the drive in. Popcorn $.50 $1.00 $1.50 $3.00 00:05 < eryc> i had tilapia on coconut rice yesterday 00:05 < eryc> it was pretty good 00:05 <@Evilpig> popcorn at regal theaters starts at $6.00 00:05 <@Evilpig> drinks start at lik $5.50 I think 00:06 < RangerZ> http://www.elmroadtripledrivein.com/ 00:06 <@Evilpig> drive in: Fountain Drinks 12oz $.50, 16oz $1.00, 24oz $1.25, 32oz $1.50 00:06 < RangerZ> the one back home I used to go to 00:06 < RangerZ> wow... that one is even worse than elm road... 00:06 < RangerZ> impressive 00:06 <@Bahhumbug> I don't see the 2d/3d thing as anything other then the media cartels wanting more monies. 00:06 <@Bahhumbug> s/then/than/ 00:06 <@Bahhumbug> sigh - tired. 00:06 <@Bahhumbug> g'nite 00:06 * Bahhumbug & 00:06 <@Evilpig> later 00:07 <@Evilpig> i've tried to get them to do a better site but the guy that runs it does it himself and just won't take the help 00:07 <@Evilpig> 00:08 < ZombieChicken> http://web.mac.com/pkurland/Site/Darkhorse.html <- go see a play at one of Nashville's theatres 00:09 < ZombieChicken> and for the love of$DEITY, if anyone does Noises Off, go see it 00:12 <@Evilpig> I need to head over to the other datacenter and take a few stock photo shots of some stuff 00:50 <@Dagmar> FInally. 00:50 <@Dagmar> Dragon Soul: 6/8 00:50 <@Dagmar> Warchief Blackass is goddamn hard 00:51 -!- Corydon76-home [indigo@c-69-137-80-31.hsd1.tn.comcast.net] has quit [Ping timeout: 276 seconds] 00:51 <@Dagmar> Now that I've got the gloves AND the pants I can use the set bonus 01:07 <@Evilpig> bout time 01:08 <@Evilpig> jump on evilpig for me and kill deathwing and try to get a 2nd sword 01:10 <@Dagmar> *bleary eyed* 01:11 <@Evilpig> come on. it'll only take like 30 min and you can do some major deeps. 01:11 <@Evilpig> as a bonus you'll leave little tentacles everywhere 01:12 -!- Corydon76-home [red@c-69-137-80-31.hsd1.tn.comcast.net] has joined #se2600 01:12 -!- mode/#se2600 [+o Corydon76-home] by ChanServ 01:15 <@Evilpig> come on... just look at http://www.askmrrobot.com/wow/gear/usa/mal%27ganis/evilpig how could you not kick much ass? 01:22 < RangerZ> by having a life? 01:22 < RangerZ> and with that, goodnight 01:23 -!- RangerZ [~mwalker@c-98-211-44-193.hsd1.tn.comcast.net] has quit [Quit: Leaving.] 01:36 <@Dagmar> I'm so tired it took me a few minutes to figure out why you were gearing for strength 01:36 <@Evilpig> lol. 01:38 <@Dagmar> That new ship is NOT A JOLLY, CANDYLIKE ship 01:40 <@Evilpig> http://kaztronics.wilpig.com/ <-- that doesn't look horrid does it? 01:41 < ZombieChicken> what about it? The graphics? 01:42 <@Evilpig> layout in general 01:42 < ZombieChicken> Not too bad 01:43 < ZombieChicken> imo the lower center image should be placed along an edge to seperate it out more if it is supposed to fit in with a specific article 01:43 <@Evilpig> I just put it there for an image that was floated right example 01:43 < ZombieChicken> Looks good to me 01:44 <@Evilpig> I gotta do somethign with his logo though. the jpg he gave me of it is god awful 02:02 -!- Corydon76-home [red@c-69-137-80-31.hsd1.tn.comcast.net] has quit [Quit: No Ping reply in 180 seconds.] 02:03 -!- Corydon76-home [brown@c-69-137-80-31.hsd1.tn.comcast.net] has joined #se2600 02:03 -!- mode/#se2600 [+o Corydon76-home] by ChanServ 07:22 -!- stowbari [~Stowbari@cpe-24-165-215-6.neo.res.rr.com] has joined #se2600 09:53 -!- Dickie [~Dickie@unaffiliated/dickie] has quit [Read error: Operation timed out] 10:07 -!- Dickie [~Dickie@unaffiliated/dickie] has joined #se2600 10:07 -!- mode/#se2600 [+o Dickie] by ChanServ 11:24 * rhia scrolls - 11:32 -!- sync350 [~sync@c-24-30-78-161.hsd1.ga.comcast.net] has quit [Quit: This computer has gone to sleep] 11:42 -!- RangerZ [~mwalker@c-98-211-44-193.hsd1.tn.comcast.net] has joined #se2600 11:58 < RangerZ> https://fbcdn-sphotos-a.akamaihd.net/hphotos-ak-ash3/532454_10150632530791275_177486166274_9637396_1695750554_n.jpg hehehe 11:58 < RangerZ> Dagmar: you're safe 12:00 <@rhia> oh, sigh, damn, this again: Evilpig, MaxieZ, and anyone else curious: 12:00 <@rhia> yes, it was Drag0n, dfused, Cobb, Charon, & me at the very first @LANtaCON meeting at the apartment (which we all but Cobb shared at the time) - once we agreed to give it a try, we mentioned it at the next se2600 meeting at Lenox and the next few con meetings added HugMe, James Dean, Vudu, monster, & laughingboy, & then some other 404 & ALE folks came to meetings later on (had over 20 at a few of them) including you, MaxieZ, but the orig 12:00 <@rhia> inal, initial core was who i just listed 12:01 <@rhia> \Drag0n did networking, dfused was in charge of the venue, etc., Cobb was mostly moral support (had some other rather important issues come up) Charon was the webmaster, I was whip/chief cat herder, James advertised the con, Vudu handled the tee-shirt design, monster was helping out everywhere at once (he was a great help) and ... rest is kinda blurry - but, to answer the next question which seems to inevitably follow, rockit did not appe 12:01 <@rhia> ar until he showed up as a guest at the first con, not before 12:02 <@rhia> you'd think over a decade later that this would be a non-starter by now 12:18 < eryc> omg drama 12:19 < eryc> let me set the record straight people! 12:19 < eryc> i started phreaknic 12:23 < eryc> it was originally named krypticon 12:23 <@rhia> eryc: MaxieZ asked, I responded, deal 12:24 < eryc> no u deal! 12:24 < eryc> are you still in mexico or wherever? 12:24 < eryc> seattle? 12:24 <@rhia> OZ, emerald city, yeah 12:25 < eryc> heh 12:25 < eryc> i googled that thinking it was a real nickname for a city 12:25 < eryc> <- trolled 12:26 < eryc> so how is seattle? 12:27 <@rhia> pretty much ideal 12:28 <@rhia> but i like overcast & misty, so the typical weather doesn't bother me - altho this weekend is sunny & very spring 12:29 < eryc> heh i had a feeling it was warm friday 12:29 < eryc> 2 guys at our seattle office went awol 12:29 <@rhia> hehe 12:30 <@rhia> yeah, taking "sun"day off happens here a lot 13:18 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has quit [Remote host closed the connection] 13:37 -!- sdodson [~sdodson@serenity.ninjr.org] has joined #se2600 13:38 -!- mode/#se2600 [+o sdodson] by ChanServ 13:45 <@Catonic> sunday bloody snuday 13:49 <@Dagmar> GOod lord 13:50 <@Dagmar> http://www.newschannel5.com/story/17248007/homemade-bomb-found-in-suv 13:50 <@Dagmar> Redneck demolition squad, I swear 13:52 * sdodson happy to be in Raleigh which is the south minus rednecks 13:54 -!- rangerz1 [~mwalker@c-98-211-44-193.hsd1.tn.comcast.net] has joined #se2600 13:57 <@rhia> how would he recover the money owed to him if he blew the debtor to pieces? 13:57 <@rhia> skoppy 13:57 <@rhia> sloppy, even 13:58 <@Dagmar> You should look closely at the description of the bomb. 13:59 -!- sync350 [~sync@c-24-30-78-161.hsd1.ga.comcast.net] has joined #se2600 13:59 <@Dagmar> He clearly had more motive than technical skill. 13:59 <@rhia> and not enough working brain cells for either 14:00 < rangerz1> someone else blow up his house to get out of the mortgage? 14:00 <@rhia> http://www.newschannel5.com/story/17248007/homemade-bomb-found-in-suv 14:03 < rangerz1> Dagmar: did you owe him money? 14:03 < rangerz1> lol 14:07 < rangerz1> protip: http://video.adultswim.com/family-guy/you-got-my-money.html much better method 14:30 -!- sync350 [~sync@c-24-30-78-161.hsd1.ga.comcast.net] has quit [Quit: This computer has gone to sleep] 14:32 -!- stowbari [~Stowbari@cpe-24-165-215-6.neo.res.rr.com] has quit [Ping timeout: 260 seconds] 14:33 < rangerz1> http://www.franklindrive-in.com/concession.html 14:33 < rangerz1> LOL...... 14:33 < rangerz1> the scrolling list of the consessions is a java applet 14:36 -!- stowbari [~Stowbari@cpe-24-165-215-6.neo.res.rr.com] has joined #se2600 14:40 <@Catonic> did someone 14:42 -!- stowbari [~Stowbari@cpe-24-165-215-6.neo.res.rr.com] has quit [Ping timeout: 240 seconds] 14:42 -!- stowbari [~Stowbari@cpe-24-165-215-6.neo.res.rr.com] has joined #se2600 15:18 <@Dagmar> Aieee! Facebook is down! 15:18 <@Dagmar> *runs in circles* 15:24 -!- RangerZ [~mwalker@c-98-211-44-193.hsd1.tn.comcast.net] has quit [Quit: Leaving.] 16:25 -!- sync350 [~sync@c-24-30-78-161.hsd1.ga.comcast.net] has joined #se2600 17:54 <@sdodson> Dagmar: no it's not, it just detected you have no friends and blocked you 17:55 <@sdodson> omg it's rhia 19:33 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has joined #se2600 19:34 -!- mode/#se2600 [+o Feltenix] by ChanServ 19:43 <@Evilpig> rhia: it wasn't a drama thing this time it was a history question 19:48 < eryc> draaaamaaaaa 19:51 <@sdodson> eryc is dramatic 19:57 -!- sync350 [~sync@c-24-30-78-161.hsd1.ga.comcast.net] has quit [Quit: This computer has gone to sleep] 19:57 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has quit [Remote host closed the connection] 19:58 -!- CNwaV [~yaaic@68-189-190-128.dhcp.spbg.sc.charter.com] has joined #se2600 19:58 -!- mode/#se2600 [+o CNwaV] by ChanServ 20:00 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has joined #se2600 20:00 -!- mode/#se2600 [+o Feltenix] by ChanServ 20:20 <@rhia> Evilpig: and i gave the history 20:21 * Evilpig humps rhia's leg 20:21 <@Evilpig> let's make some history. dragon said it was okay 20:22 <@rhia> obituaries tend to be history 20:22 <@Evilpig> dragon died?! 20:23 <@CNwaV> May I please loot the body? 20:23 <@CNwaV> I need some scales 20:24 <@Evilpig> one day she won't be a country's length away and I will be in alot of trouble. 20:24 <@rhia> CNwaV: you'd be looting pig 20:24 <@oddball> evening all 20:24 <@CNwaV> That is OK too, I love bacon 20:25 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has quit [Ping timeout: 244 seconds] 20:27 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has joined #se2600 20:27 <@CNwaV> Identify yourself! 20:35 -!- mode/#se2600 [+o Feltenix] by ChanServ 20:35 <@CNwaV> Yes, yes, all part of my master plan! 20:37 <@Evilpig> "IE9 will change the web forever" LOL it did do that indeed. 20:38 < ZombieChicken> doesn't MS always say that? 20:39 <@CNwaV> Ie9 will change the way you hate your computer.... 20:39 <@am1n0> ie changes everything 20:39 <@am1n0> again 20:40 <@CNwaV> There were ie commercials during movie previews when I saw hunger games the other day 20:40 <@Evilpig> that commercial was just one tv 20:40 <@Evilpig> on 20:41 <@CNwaV> Man, I need to goto Thailand... 20:42 <@Evilpig> http://vimeo.com/37918278 20:42 <@Evilpig> now we can all be on the same page about this piece of bullshit marketing 20:45 < ZombieChicken> Like so many commercials today, the one makes no sense. 20:46 <@CNwaV> I think they were using quotes about html5.. Not ie 20:47 < ZombieChicken> I don't recall them even mentioning IE in those quotes, so it might have been for Firefox or Chrome 20:47 <@CNwaV> Grrr... Need to start trying to get to sleep... Have to wake up balls ass early tomorrow... New job, yay... 20:47 * Evilpig checks the clock for "balls ass early" 20:48 <@CNwaV> You need a colloquial clock to find that 20:49 < ZombieChicken> 'balls ass early', so 4AM? 20:49 <@CNwaV> No, 6 20:49 <@CNwaV> But I am not a daywalker 20:49 < ZombieChicken> that isn't too bad. I had a job that required me to be in at 6 20:49 <@CNwaV> So it is balls ass early for me 20:50 <@CNwaV> I did too... But that was a long time ago... 20:50 < ZombieChicken> those kinds of jobs suck 20:53 <@Evilpig> so i've taken another look at a problem i've had for a few years. one of those you keep coming back to ones. again I can't figure out what is wrong. stupid openvpn 20:54 <@Evilpig> got a connection between notlarry and me. me 10.0.0.0/24, notlarry 10.10.0.0/24. my firewall is the server end. all of his clients can't hit every one of my clients. I cannot hit any of his. 20:54 <@Evilpig> tcpdumped it and the packets are hitting my vpn interface tun1. but they aren't getting past that 20:56 <@am1n0> so notlarry's clients can ping some of yours? 20:56 <@Evilpig> they can ping all of mine 20:56 <@sdodson> so what sort interesting things you kids getting into these days? 20:57 <@Evilpig> the tcp dump on my end is showing that it is forwarding the packet into the vpn interface it just isn't showing up on the other side. 20:57 <@Evilpig> 20:56:08.570026 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 10.0.5.1 > 10.10.0.251: ICMP echo request, id 27828, seq 1, length 64 20:57 <@am1n0> what do you use as firewall? 20:57 <@Evilpig> plain ole iptables 20:58 <@CNwaV> Have you linked the subnets with iptables? 20:58 <@CNwaV> I remember back when it was just ipchains 20:58 <@Evilpig> i've routed them 20:58 <@CNwaV> It has been a while since I have messed with it 20:59 <@Evilpig> [root@blueboy openvpn]# route -n 20:59 <@Evilpig> Kernel IP routing table 20:59 <@Evilpig> Destination Gateway Genmask Flags Metric Ref Use Iface 20:59 <@Evilpig> 10.0.5.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun1 20:59 <@Evilpig> 10.0.5.0 10.0.5.2 255.255.255.0 UG 0 0 0 tun1 20:59 <@Evilpig> 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 20:59 <@Evilpig> 10.10.0.0 10.0.5.2 255.255.255.0 UG 0 0 0 tun1 21:00 <@CNwaV> Don't you have to set up a rule for each direction? 21:00 <@am1n0> and .5.2 is notlarry right 21:00 <@Evilpig> as far as I can tell everything is right. something tiny somewhere is causing it and it is driving me nuts 21:00 <@Evilpig> 5.2 is the vpn interface 21:00 <@Evilpig> 10.10.0.0 is notlarry 21:01 <@am1n0> have you tried anything that isn't a ping? 21:02 <@Evilpig> yeah 21:02 <@Evilpig> tried ssh. that's the fucking weird part too 21:02 <@Evilpig> so if I ssh to 10.0.5.5 which is his end of the vpn I can connect to his server 21:03 <@Evilpig> but if I try to connect to 10.10.0.251 which is the other IP on his server it's a no go 21:03 < ZombieChicken> Are you sure something isn't damaging the packet in transit? 21:03 <@Evilpig> nope 21:04 <@CNwaV> Is there a discrepancy in mtu's between the networks? 21:04 <@Evilpig> shouldn't be. 21:05 <@CNwaV> That might allow icmp to go through, but mess with other stuff 21:05 <@Evilpig> icmp isn't going through either though. 21:05 <@CNwaV> What iptables rules are you using? 21:05 <@CNwaV> Oh, sorry, I must have misread that 21:05 <@Evilpig> of the ones that matter. on input I have: 21:06 <@Evilpig> Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 21:06 <@Evilpig> 21979 2144K ACCEPT all -- !eth0 * 0.0.0.0/0 0.0.0.0/0 21:06 <@am1n0> connecting to 10.10.0.251 would involve routing on his machine, right? 21:06 <@am1n0> are ypou pushing the right routes? 21:06 <@Evilpig> Chain POSTROUTING (policy ACCEPT 2819K packets, 169M bytes) 21:06 <@Evilpig> pkts bytes target prot opt in out source destination 21:06 <@Evilpig> 21 1740 MASQUERADE all -- * * 10.0.5.0/24 0.0.0.0/0 21:06 <@Evilpig> 81410 5605K MASQUERADE all -- * * 10.0.0.0/24 0.0.0.0/0 21:06 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has quit [Ping timeout: 246 seconds] 21:06 <@Evilpig> yeah the routes are right. 21:07 <@Evilpig> if I remove even one of the routes his boxes stop connecting to me 21:07 <@am1n0> does his machine route? 21:07 <@am1n0> echo 1 > proc sys net ipv4_forward ? 21:07 <@am1n0> oh 21:07 <@am1n0> huh 21:07 <@CNwaV> Should be 1 21:07 <@Evilpig> I'm probably goign to collect all my configs and break down and post on the openvpn forum and see if they have an idea 21:07 <@Evilpig> yeah both boxes are setup with forwarding. 21:08 <@CNwaV> Should it be 5.2? 21:08 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has joined #se2600 21:08 <@Evilpig> yes. 5.2 is the router interface 5.1 is the other 21:08 <@Evilpig> [root@blueboy openvpn]# ip addr show tun1 21:08 <@Evilpig> 28: tun1: mtu 1500 qdisc pfifo_fast qlen 100 link/[65534] inet 10.0.5.1 peer 10.0.5.2/32 scope global tun1 21:09 <@CNwaV> You are missing the 10.10, aren't you? 21:09 <@Evilpig> I wouldn't have a masquerade for 10.10 but the route is in there for it 21:09 <@CNwaV> Ah, okie 21:12 <@CNwaV> Do you have it setup to force it to the correct port for the tunnel adapter? 21:12 <@Evilpig> yeah cause the vpn does work 21:12 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has quit [Remote host closed the connection] 21:16 <@CNwaV> Are you doing any prerouting? 21:18 <@Evilpig> yeah but nothing that would catch that traffic 21:18 <@CNwaV> Are do you have a rule for forwarding from tun to eth? 21:18 <@Evilpig> no forward rule but forward is set to default to accept 21:20 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has joined #se2600 21:23 <@CNwaV> I mean, do you have a iptables rule to forward from tun to eth? 21:23 <@Evilpig> no. I have no forward rules 21:23 <@CNwaV> Don't you have to do that? 21:24 <@Evilpig> it isn't a bridge. it's routed packets so they go through pre and postroute 21:24 <@CNwaV> Or are you using some black magic that I don't know of? 21:24 <@Evilpig> Chain FORWARD (policy ACCEPT 547M packets, 347G bytes) pkts bytes target prot opt in out source destination 21:25 <@CNwaV> Iptables -A FORWARD -i tun1 -o eth0 -j ACCEPT 21:25 <@Evilpig> if it hits the forward chain it moves on. 21:27 <@CNwaV> I don't think everything got pasted from your clipboard 21:27 <@Evilpig> yeah it did 21:27 <@Evilpig> there are no rules because it doesn't filter that. itj ust says. "you wanna forward.. fuck yeah i'll forward" 21:27 <@Evilpig> [root@blueboy openvpn]# iptables -L -v 21:27 <@Evilpig> Chain INPUT (policy DROP 0 packets, 0 bytes) 21:27 <@Evilpig> pkts bytes target prot opt in out source destination 21:27 <@Evilpig> 25681 2483K ACCEPT all -- !eth0 any anywhere anywhere 21:27 <@Evilpig> 22691 3045K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 21:27 <@Evilpig> 211 12572 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh state NEW 21:27 <@Evilpig> 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:openvpn 21:27 <@Evilpig> 5 210 ACCEPT udp -- any any anywhere anywhere udp dpt:rsf-1 21:27 <@Evilpig> 621 64844 ACCEPT icmp -- any any anywhere anywhere icmp echo-request 21:27 <@Evilpig> 177 9637 REJECT tcp -- eth0 any anywhere anywhere reject-with tcp-reset 21:27 <@Evilpig> 313 46976 DROP udp -- any any anywhere anywhere 21:28 <@Evilpig> Chain FORWARD (policy ACCEPT 547M packets, 347G bytes) pkts bytes target prot opt in out source destination 21:28 <@Evilpig> Chain OUTPUT (policy ACCEPT 7367K packets, 3394M bytes) pkts bytes target prot opt in out source destination 21:28 <@CNwaV> I guess that I used to do things all ghetto 21:29 <@Evilpig> mine is uber simplistic 21:29 <@Bahhumbug> Boo... You don't filter egress traffic. 21:29 < MaxieZ> Line 1 seems a bit scary. Any other tcp/ip device gets a free pass? 21:29 <@Evilpig> MaxieZ: if it is behind my firewall I don't care. 21:29 <@CNwaV> Ah, you are just sending everything 21:29 <@Evilpig> eth0 = internets 21:29 < MaxieZ> eth1 = ? 21:29 <@Evilpig> network 21:30 < MaxieZ> eth2 = ? 21:30 < MaxieZ> ;) 21:30 <@Evilpig> nonexistant 21:30 <@Evilpig> yes I could be more specific. but am I really stopping anything at that point other than myself when I forget I have it locked down? 21:31 < MaxieZ> To Bahhumbug's point, you could let out RELATED,ESTABLISHED and Log the rest. 21:31 <@CNwaV> Um, you are forwarding everything from the Internet? That is scary 21:32 <@CNwaV> Oh wait, that is a reject 21:32 <@CNwaV> Sorry, misread that somehow 21:32 < MaxieZ> Assuming eth1 is RFC1918, he's probably safe. 21:32 < MaxieZ> It says policy ACCEPT on the forward chain. 21:32 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has quit [Ping timeout: 252 seconds] 21:33 <@Evilpig> 3: eth1: mtu 1500 qdisc pfifo_fast qlen 1000 21:33 <@Evilpig> link/ether 00:10:b5:91:a6:e7 brd ff:ff:ff:ff:ff:ff 21:33 <@Evilpig> inet 10.0.0.251/24 brd 10.0.0.255 scope global eth1 21:33 <@Evilpig> inet6 fe80::210:b5ff:fe91:a6e7/64 scope link 21:33 <@Evilpig> valid_lft forever preferred_lft forever 21:33 <@Evilpig> i'm good 21:33 < MaxieZ> Looks like RFC1918 21:33 < MaxieZ> If you wanted to see the masquerading nating that's : iptables -L -n -t nat -v 21:34 <@Evilpig> didn't I post those earlier? 21:34 -!- Feltenix [~Tanstaafl@adsl-074-166-075-102.sip.asm.bellsouth.net] has joined #se2600 21:34 <@CNwaV> Wait, doesn't that allow for leaking over the vpn? 21:35 <@Evilpig> I just need to make a config dump. 21:35 <@Bahhumbug> which side of this is the originator on the vpn? you or notlarry? 21:36 <@Evilpig> i'm server, he's client 21:37 <@CNwaV> Sorry, you shouldn't listen to me.. It has been a while since I have used it 21:37 <@CNwaV> And I always have to pull up the documentation 21:37 <@Bahhumbug> I'd suggest dropping the vpn circuit, drop your firewall, have him reconnect and see if you can get packets across bidirectionally. 21:38 <@Bahhumbug> at least rule the firewall in or out. 21:38 <@Evilpig> i've tried that too 21:38 <@Evilpig> same problem 21:39 < ZombieChicken> this is OpenVPN, right? 21:39 <@Evilpig> yeah 21:39 <@Bahhumbug> my vpns terminate on hosts that are inside my secure perimeter; there is a port forward on my firewall to the openvpn server here at the house. 21:39 < ZombieChicken> any special router firmware or version mismatches? 21:39 < MaxieZ> tcpdump on tboth sides and see if you are getting the packets across 21:39 <@Bahhumbug> I don't dick around with iptables rules for it, it Just Works For Me (tm) 21:39 < ZombieChicken> like tomato or openwrt 21:39 <@Evilpig> iptables on FC7 to iptables on Ubunut 10.04 21:40 <@Bahhumbug> Looking at my standard config I see nothing magical about it, either. 21:40 <@Bahhumbug> Why are you passing such large networks across? 21:40 <@Evilpig> easier. he's using a /24 and I already had /24 21:41 <@Bahhumbug> Or is 10.0.5.x his internal 1918 space? 21:41 <@Evilpig> the 10.0.5.xxx is just the vpn interface 21:41 < MaxieZ> Another possibility is he's using a larger network and screwing up the routes based on that. 21:41 <@Bahhumbug> that's possible, yes. 21:42 < MaxieZ> So if he's got a 10.0.5.0/16 and you're adding 10.0.0.21x on his side, that won't work 21:43 <@Evilpig> one sec. nearly done here 21:43 <@Evilpig> this will make things alot clearer 21:43 <@Bahhumbug> to make things easier for myself, since I'm pretty dim at times, I use alternate 1918's for the tun0 / PtP vpn links. I'm 10.x.x.x inside, I use 172.16.1.x for the vpn, for instance. 21:45 <@Bahhumbug> I've yet to exceed the /12 on 172.16.x.x so it's worked fine for me. YMMV. 21:46 <@Evilpig> http://wilpig.org/temp/config.txt 21:46 -!- stowbari [~Stowbari@cpe-24-165-215-6.neo.res.rr.com] has quit [Quit: Leaving.] 21:50 < MaxieZ> I don't know why you'd need to masq 10.0.5. 21:50 < MaxieZ> I could be wrong there. 21:50 <@Evilpig> cause i've tried everythign else at this point 21:50 < MaxieZ> My theory that routing is wrong on the otherside could be at issue 21:50 <@Evilpig> collecting that info now 21:50 < MaxieZ> I wouldn't worry about all that. You shouldn't need masquerading to simply hit his machine. 21:51 < MaxieZ> You should have a p2p between you when he connects. 21:51 <@Evilpig> http://wilpig.org/temp/clientconfig.txt 21:52 <@Bahhumbug> masq's adds all sorts of nonsense to the mix. 21:52 <@Evilpig> okay the masq has been removed 21:55 < MaxieZ> Client has two default routes (not the problem). Other than that everything looks like it would work. I'd try a tcpdump -n -i tun0 on both machines and ping between them. See if the packets are coming through. 21:56 <@Evilpig> tun1 they aren't making ti through 21:56 <@Evilpig> on my end they hit tun1 and stop 21:56 <@Evilpig> his end they flow through just fine 21:57 <@Evilpig> [root@blueboy openvpn]# tcpdump -i tun1 -vv 21:57 <@Evilpig> tcpdump: WARNING: arptype 65534 not supported by libpcap - falling back to cooked socket 21:57 <@Evilpig> tcpdump: listening on tun1, link-type LINUX_SLL (Linux cooked), capture size 96 bytes 21:57 <@Evilpig> 21:56:52.073276 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 10.0.5.1 > 10.10.0.251: ICMP echo request, id 36693, seq 1, length 64 21:57 <@Evilpig> 21:56:53.072954 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 10.0.5.1 > 10.10.0.251: ICMP echo request, id 36693, seq 2, length 64 22:23 <@NotLarry> Anyone actually able to run minecraft? It laggs out after about 4 minutes for me. 22:23 <@Evilpig> haven't played the latest version but it seemed like it was playing okay 22:25 < ZombieChicken> give me the server address and I can try it out on my end. Been meaning to ask for that anyways 22:26 <@Evilpig> wilpig.org 22:26 <@Evilpig> or his is angry.endoftheinternet.org 22:26 <@Evilpig> but he'll have to whitelist your account on his 22:29 < ZombieChicken> not 2 minutes in and I get into a boxing match with a spider 22:30 <@Evilpig> haha 22:31 <@Evilpig> well you didn't die. otherwise we'd have seen it 22:31 <@Bahhumbug> And laughed. 22:32 < MinecraftRelay> this door opens in the strangest way 22:32 < MinecraftRelay> double doors, and the left one opens as if its hinges are in the center of the doorway 22:33 < eryc> non-euclidian minecraft http://youtu.be/0pmSPlYHxoY 22:34 < MinecraftRelay> Death: *fell* kelmv134 learned to fly...briefly... 22:35 <@Bahhumbug> hahahaha 22:35 <@Bahhumbug> see? 22:35 < ZombieChicken> tooks you almost a whole minute there 22:36 <@Bahhumbug> yes, my real life got in the way for a moment. 22:36 <@Bahhumbug> hate when that happens. 22:39 <@Evilpig> when they updated teh code for the double doors pretty much all the doors have to be rehung 22:40 <@Bahhumbug> gotta just love that stability. 23:23 -!- mode/#se2600 [+o Feltenix] by ChanServ 23:27 < ZombieChicken> the complete lack of wild grass on the server is disturbing 23:42 <@Evilpig> is there really none? near the spawn there wouldn't be much cause that was all old world 23:42 <@Evilpig> we have it in other areas 23:43 <@Evilpig> I really need to fix the waypoints 23:46 < ZombieChicken> I didn't see any but then I may just not have left the old world 23:51 <@Bahhumbug> My people left the old world some generations ago. 23:57 <@Evilpig> Bahhumbug: are they currently getting reparations and demanding equal pay? --- Log closed Mon Mar 26 00:00:11 2012