~dr|z3d
@RN
@RN_
@StormyCloud
@T3s|4
@T3s|4_
@eyedeekay
@orignal
@postman
@zzz
%Liorar
+FreefallHeavens
+Over
+Xeha
+acetone
+bak83
+cancername
+cumlord
+hk
+poriori
+profetikla
+uop23ip
+weko
An0nm0n
Arch
Danny
DeltaOreo
Irc2PGuest21357
Irc2PGuest21881
Irc2PGuest89954
Leopold_
Meow
Nausicaa
Onn4l7h
Onn4|7h
anon2
anu
boonst
mareki2pb
not_bob_afk
plap
shiver_
simprelay
solidx66
thetia
tr
u5657
NULL
Hey dr|z3d, when I roll the standard reseed package I am able to get the page to pull up on port 8443 but, when I do the version you showed me, in terminal it also shows the http server started on :8443 just like with the first package however the browser just returns 404 page not found
dr|z3d
NULL: there's probably no homepage configured.
dr|z3d
the server only serves su3 reseed files, not html. that's what nginx is for.
NULL
Ahhh, okay so then it probably is running correctly
NULL
The documentation mentions the url for reseed server but haven't located that or unaware what it would be so wasn't sure besides seeing the terminal if it was running properly. Trying my best to figure shit out bouncing between the different tutorials for info before asking here. Just not the most clear instructions
dr|z3d
y2kboy23: can you deploy standard i2pupdate.zip files on your docker image?
dr|z3d
if you can, then pull the latest /dev/ build for a fix for the job stats sorting.
T3s|4
lols dr|z3d - you must have u/ling the 7 Feb update at the exact same time I was d/ling 6 Feb 17:54 - that transfer failed, pulling your latest now :D
dr|z3d
:)
y2kboy23
dr|z3d I'll have to rebuild the image. I was thinking about how to fix it.
dr|z3d
handling updates, you mean, y2kboy23?
dr|z3d
I think there's a config option somewhere in the docker config for enabling inline updates, no?
dr|z3d
despite the job page sorting fix, if you want to try your hand and creating some customer sorters, the offer still applies :) regex skills and basic javascript knowledge required.
dr|z3d
*at
y2kboy23
The time sorting
y2kboy23
I've been fighting that router becoming relayed due to thinking it's firewalled issue
dr|z3d
I bypassed the js and went with hidden spans with the raw numbers instead. but yeah, time units. had a look at the javascript, tried a custom sorter, couldn't make it work.
dr|z3d
didn't you disabled ssu testing?
y2kboy23
I did momentarily but then went back.
dr|z3d
you may also want to specify an ip for ip config and tcp config on /confignet if the vps is on a fixed ip.
dr|z3d
those two things combined should resolve your issue.
y2kboy23
I think something broke with it when I had it off.
dr|z3d
grep for "Specify hostname or IP Address" on /confignet and set both fields to your static ip.
dr|z3d
then disable ssu testing. then restart router.
dr|z3d
for reference, if you want to keep a config in the router.config file but commented, prefix it with X
dr|z3d
then it'll persist. # comments get stripped.
dr|z3d
> i2np.udp.disablePeerTest=true
dr|z3d
and don't be tempted to blindly tweak values in the config, use the UI for that vis-a-vis networking.
y2kboy23
That's good to know about the X prefix
dr|z3d
capital X keeps those configs at the top of the config file.
dr|z3d
it's what I use, anyways. you can use an arbitrary alphanumeric there.
dr|z3d
if a config file doesn't parse, it's ignored.
dr|z3d
*config line
y2kboy23
Smart ;)
dr|z3d
:)
snowflakes
dr|z3d, hewwo.
snowflakes
dr|z3d, do you know about attack on floodfills of I2P network?
snowflakes
Or attack like simillar of attacks on floodfills
snowflakes
how to
dr|z3d_
hi snowflakes
snowflakes
Hi dr|z3d_
dr|z3d
you're attacking the network? :)
snowflakes
No. is not me.
dr|z3d
ah, ok. had to ask. :)
snowflakes
I did wrote zzz about it. but my irc client is bullshit in copy and paste.
snowflakes
So you know about this attack?
dr|z3d
I know it's happening, sure.
snowflakes
Is attack broken I2Pd, but like not broken vanilla I2P?
snowflakes
to broke*
snowflakes
how this attack works?
dr|z3d
it's probably not one attack but several.
snowflakes
zzz is know too?
dr|z3d
zzz is working on mitigations.
snowflakes
dr|z3d, do you know how this attack works?
snowflakes
this attacks
snowflakes
in i2pd some people think that it's special services of Chine, but not see some a ball in a sky
snowflakes
idk what them mean
dr|z3d
lol
dr|z3d
the attack is basically seeding a lot of fake RIs into the network as floodfills.
snowflakes
RI is destination?
snowflakes
router info
snowflakes
ok
snowflakes
so. why just not check simillar information from 2-10 floodfills, check information, compare?
snowflakes
and if this floodfill give much of fake information just ban it on some time
T3s|4
o/ snowflakes: by 'ball in the sky', do you actually mean CCP (Chinese Communist Party) Spy Balloon in the sky, traversing the entire width of the US? ;p
snowflakes
yeap
snowflakes
o/
dr|z3d
both i2p and i2pd need better validation. that's probably being worked on.
snowflakes
\o/
snowflakes
I think that the ballons I can buy on AliExpress
snowflakes
the ballon*
snowflakes
zzz on #i2pd-dev on irc.ilita.i2p
snowflakes
send some floodfill info
snowflakes
did
dr|z3d
yeah, we're slowly defanging the monster :)
T3s|4
snowflakes: the part that makes most Americans the most angry, is that if the US launched a similar Spy Balloon in western China, it would have been destroyed by Chinese fighter jets within seconds after launch, and all those involved would be either be already executed, or spending life in prison...
snowflakes
weko said that idea of some reputation for floodfills is already suggested
dr|z3d
new shiny merge just pushed, y2kboy23
dr|z3d
turns out the sort fixing wasn't complete. the js sorted concatenates content in a table cell and doesn't pay any attention to <span> separation.
dr|z3d
*sorter
y2kboy23
Great. I had an NPE and it seems my router crashed.
dr|z3d
you didn't manage to snag logs for that? :)
dr|z3d
OOM-related crashing has been reported lately due to the attack.
dr|z3d
what version are/were you running, roughly?
dr|z3d
couple days old, yesterday's merge..?
y2kboy23
Shortly after you banned the ffs for ntcp only
dr|z3d
ok
dr|z3d
well if you can get logs, great, they may be in ~/.i2p/
dr|z3d
otherwise, let me know if it happens again. some flag/lookup related NPE fixed recently.
dr|z3d
but that shouldn't entirely crash the router, just pages where the lookup(s) were happening, router should be just fine on other pages. but that should be fixed now.
y2kboy23
Well. Things aren't loading...
y2kboy23
CRIT [...ildExecutor] ...ol.BuildExecutor: B0rked in the tunnel builder
y2kboy23
java.lang.NullPointerException: Cannot invoke "java.util.List.isEmpty()" because "connected" is null
y2kboy23
at net.i2p.router.peermanager.ProfileOrganizer.selectActiveNotFailingPeers(ProfileOrganizer.java:737)
y2kboy23
at net.i2p.router.tunnel.pool.ExploratoryPeerSelector.selectPeers(ExploratoryPeerSelector.java:99)
y2kboy23
at net.i2p.router.tunnel.pool.TunnelPool.configureNewTunnel(TunnelPool.java:1217)
y2kboy23
at net.i2p.router.tunnel.pool.TunnelPool.configureNewTunnel(TunnelPool.java:1180)
y2kboy23
at net.i2p.router.tunnel.pool.BuildExecutor.run2(BuildExecutor.java:445)
y2kboy23
at net.i2p.router.tunnel.pool.BuildExecutor.run(BuildExecutor.java:349)
y2kboy23
at java.base/java.lang.Thread.run(Thread.java:833)
y2kboy23
at net.i2p.util.I2PThread.run(I2PThread.java:103)
dr|z3d
can you cake the full stacktrace?
y2kboy23
Sorry. Cake wasn't loading...http://cake.i2p/view/Tm2DFH61OX_t5nzUx8U4u6jGuRPtfNSeRTZwK12Xt_mV36PSVctO/Tm2DFH61OX.txt
dr|z3d
y2kboy23: got the irc paste before I d/c'd, fix has been pushed.
dr|z3d
wait a couple of minutes and I'll push another update. temporary attack mitigations...
dr|z3d
zzz will be coming with the heavy artillery soon.
dr|z3d
Blinded message
shiver
Total number of banned peers: 28628
shiver
graph looks funny :D
dr|z3d
26K. impressive, shiver :)
dr|z3d
just don't try looking at your console banned peers page.
dr|z3d
*28K
not_bob
Yeah, that seems like a bad idea.
dr|z3d
especially for shiver :)
not_bob
;)
dr|z3d
last time he looked at his graphs page in chrome his computer spewed chunks. :)
dr|z3d
what's your build success like, shiver?
shiver
dr|z3d, 30-40%
shiver
30563 banned now
shiver
tomorrow probably 100k xD
shiver
even with all the bans the integrated peers slowly go up, i'm at 2.5k soon
shiver
peak was 3.1k
not_bob
I don't have nearly as many banned.
not_bob
~400 in the last 14 hours?
shiver
i get around 500 bans in 10min
not_bob
I had a much higher number the day before.
not_bob
The attack seems to ebb and flow.
not_bob
Just when I think it's starting to get better *wham* I'm back down again.
shiver
did the update to -6+ rev 1e5cbb1b (Build date: 2023-02-07 10:16:58 UTC)
shiver
aftter that i had 12k banned from the start
shiver
before that 600 was avg.
not_bob
Yow
not_bob
I'll be updating to the latest build here in a while.
not_bob
i'll see if the numbers go up.
NULL
In wrapper.config is there anyway to force a minimum memory of 256? Would adding wrapper.java.minmemory=256 work for that?
NULL
dr|z3d had mentioned that as a good baseline with this attack but my router keeps defaulting to 128mb
shiver
i have wrapper.java.initmemory=384 and wrapper.java.maxmemory=896
shiver
everything works fine
shiver
but i also don't use snark
not_bob
I appear to have mine set to the defaults?
not_bob
For some reason I thought I had it set to 4 gigs of memory.
not_bob
Ok, I have that set now.
shiver
had it set to 2g but dr|z3d sait to high is bad because gc has to work more
shiver
*said
shiver
but you probably need it, maybe.
not_bob
I open a *lot* of tunnels.
not_bob
Though, I do ratelimit them so I don't open them all at once.
not_bob
Stupid, stupid ratelimiting tool. But, it works.
not_bob
At some point I need to write something that works smarter.
not_bob
Instead of just blindly doing it's thing.