IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#saltr
/2023/02/07
NULL Hey dr|z3d, when I roll the standard reseed package I am able to get the page to pull up on port 8443 but, when I do the version you showed me, in terminal it also shows the http server started on :8443 just like with the first package however the browser just returns 404 page not found
dr|z3d NULL: there's probably no homepage configured.
dr|z3d the server only serves su3 reseed files, not html. that's what nginx is for.
NULL Ahhh, okay so then it probably is running correctly
NULL The documentation mentions the url for reseed server but haven't located that or unaware what it would be so wasn't sure besides seeing the terminal if it was running properly. Trying my best to figure shit out bouncing between the different tutorials for info before asking here. Just not the most clear instructions
dr|z3d y2kboy23: can you deploy standard i2pupdate.zip files on your docker image?
dr|z3d if you can, then pull the latest /dev/ build for a fix for the job stats sorting.
T3s|4 lols dr|z3d - you must have u/ling the 7 Feb update at the exact same time I was d/ling 6 Feb 17:54 - that transfer failed, pulling your latest now :D
y2kboy23 dr|z3d I'll have to rebuild the image. I was thinking about how to fix it.
dr|z3d handling updates, you mean, y2kboy23?
dr|z3d I think there's a config option somewhere in the docker config for enabling inline updates, no?
dr|z3d despite the job page sorting fix, if you want to try your hand and creating some customer sorters, the offer still applies :) regex skills and basic javascript knowledge required.
y2kboy23 The time sorting
y2kboy23 I've been fighting that router becoming relayed due to thinking it's firewalled issue
dr|z3d I bypassed the js and went with hidden spans with the raw numbers instead. but yeah, time units. had a look at the javascript, tried a custom sorter, couldn't make it work.
dr|z3d didn't you disabled ssu testing?
y2kboy23 I did momentarily but then went back.
dr|z3d you may also want to specify an ip for ip config and tcp config on /confignet if the vps is on a fixed ip.
dr|z3d those two things combined should resolve your issue.
y2kboy23 I think something broke with it when I had it off.
dr|z3d grep for "Specify hostname or IP Address" on /confignet and set both fields to your static ip.
dr|z3d then disable ssu testing. then restart router.
dr|z3d for reference, if you want to keep a config in the router.config file but commented, prefix it with X
dr|z3d then it'll persist. # comments get stripped.
dr|z3d > i2np.udp.disablePeerTest=true
dr|z3d and don't be tempted to blindly tweak values in the config, use the UI for that vis-a-vis networking.
y2kboy23 That's good to know about the X prefix
dr|z3d capital X keeps those configs at the top of the config file.
dr|z3d it's what I use, anyways. you can use an arbitrary alphanumeric there.
dr|z3d if a config file doesn't parse, it's ignored.
dr|z3d *config line
y2kboy23 Smart ;)
snowflakes dr|z3d, hewwo.
snowflakes dr|z3d, do you know about attack on floodfills of I2P network?
snowflakes Or attack like simillar of attacks on floodfills
dr|z3d_ hi snowflakes
snowflakes Hi dr|z3d_
dr|z3d you're attacking the network? :)
snowflakes No. is not me.
dr|z3d ah, ok. had to ask. :)
snowflakes I did wrote zzz about it. but my irc client is bullshit in copy and paste.
snowflakes So you know about this attack?
dr|z3d I know it's happening, sure.
snowflakes Is attack broken I2Pd, but like not broken vanilla I2P?
snowflakes to broke*
snowflakes how this attack works?
dr|z3d it's probably not one attack but several.
snowflakes zzz is know too?
dr|z3d zzz is working on mitigations.
snowflakes dr|z3d, do you know how this attack works?
snowflakes this attacks
snowflakes in i2pd some people think that it's special services of Chine, but not see some a ball in a sky
snowflakes idk what them mean
dr|z3d the attack is basically seeding a lot of fake RIs into the network as floodfills.
snowflakes RI is destination?
snowflakes router info
snowflakes so. why just not check simillar information from 2-10 floodfills, check information, compare?
snowflakes and if this floodfill give much of fake information just ban it on some time
T3s|4 o/ snowflakes: by 'ball in the sky', do you actually mean CCP (Chinese Communist Party) Spy Balloon in the sky, traversing the entire width of the US? ;p
dr|z3d both i2p and i2pd need better validation. that's probably being worked on.
snowflakes I think that the ballons I can buy on AliExpress
snowflakes the ballon*
snowflakes zzz on #i2pd-dev on irc.ilita.i2p
snowflakes send some floodfill info
dr|z3d yeah, we're slowly defanging the monster :)
T3s|4 snowflakes: the part that makes most Americans the most angry, is that if the US launched a similar Spy Balloon in western China, it would have been destroyed by Chinese fighter jets within seconds after launch, and all those involved would be either be already executed, or spending life in prison...
snowflakes weko said that idea of some reputation for floodfills is already suggested
dr|z3d new shiny merge just pushed, y2kboy23
dr|z3d turns out the sort fixing wasn't complete. the js sorted concatenates content in a table cell and doesn't pay any attention to <span> separation.
dr|z3d *sorter
y2kboy23 Great. I had an NPE and it seems my router crashed.
dr|z3d you didn't manage to snag logs for that? :)
dr|z3d OOM-related crashing has been reported lately due to the attack.
dr|z3d what version are/were you running, roughly?
dr|z3d couple days old, yesterday's merge..?
y2kboy23 Shortly after you banned the ffs for ntcp only
dr|z3d well if you can get logs, great, they may be in ~/.i2p/
dr|z3d otherwise, let me know if it happens again. some flag/lookup related NPE fixed recently.
dr|z3d but that shouldn't entirely crash the router, just pages where the lookup(s) were happening, router should be just fine on other pages. but that should be fixed now.
y2kboy23 Well. Things aren't loading...
y2kboy23 CRIT [...ildExecutor] ...ol.BuildExecutor: B0rked in the tunnel builder
y2kboy23 java.lang.NullPointerException: Cannot invoke "java.util.List.isEmpty()" because "connected" is null
y2kboy23 at net.i2p.router.peermanager.ProfileOrganizer.selectActiveNotFailingPeers(ProfileOrganizer.java:737)
y2kboy23 at net.i2p.router.tunnel.pool.ExploratoryPeerSelector.selectPeers(ExploratoryPeerSelector.java:99)
y2kboy23 at net.i2p.router.tunnel.pool.TunnelPool.configureNewTunnel(TunnelPool.java:1217)
y2kboy23 at net.i2p.router.tunnel.pool.TunnelPool.configureNewTunnel(TunnelPool.java:1180)
y2kboy23 at net.i2p.router.tunnel.pool.BuildExecutor.run2(BuildExecutor.java:445)
y2kboy23 at net.i2p.router.tunnel.pool.BuildExecutor.run(BuildExecutor.java:349)
y2kboy23 at java.base/java.lang.Thread.run(Thread.java:833)
y2kboy23 at net.i2p.util.I2PThread.run(I2PThread.java:103)
dr|z3d can you cake the full stacktrace?
y2kboy23 Sorry. Cake wasn't loading...http://cake.i2p/view/Tm2DFH61OX_t5nzUx8U4u6jGuRPtfNSeRTZwK12Xt_mV36PSVctO/Tm2DFH61OX.txt
dr|z3d y2kboy23: got the irc paste before I d/c'd, fix has been pushed.
dr|z3d wait a couple of minutes and I'll push another update. temporary attack mitigations...
dr|z3d zzz will be coming with the heavy artillery soon.
dr|z3d Blinded message
shiver Total number of banned peers: 28628
shiver graph looks funny :D
dr|z3d 26K. impressive, shiver :)
dr|z3d just don't try looking at your console banned peers page.
not_bob Yeah, that seems like a bad idea.
dr|z3d especially for shiver :)
dr|z3d last time he looked at his graphs page in chrome his computer spewed chunks. :)
dr|z3d what's your build success like, shiver?
shiver dr|z3d, 30-40%
shiver 30563 banned now
shiver tomorrow probably 100k xD
shiver even with all the bans the integrated peers slowly go up, i'm at 2.5k soon
shiver peak was 3.1k
not_bob I don't have nearly as many banned.
not_bob ~400 in the last 14 hours?
shiver i get around 500 bans in 10min
not_bob I had a much higher number the day before.
not_bob The attack seems to ebb and flow.
not_bob Just when I think it's starting to get better *wham* I'm back down again.
shiver did the update to -6+ rev 1e5cbb1b (Build date: 2023-02-07 10:16:58 UTC)
shiver aftter that i had 12k banned from the start
shiver before that 600 was avg.
not_bob I'll be updating to the latest build here in a while.
not_bob i'll see if the numbers go up.
NULL In wrapper.config is there anyway to force a minimum memory of 256? Would adding wrapper.java.minmemory=256 work for that?
NULL dr|z3d had mentioned that as a good baseline with this attack but my router keeps defaulting to 128mb
shiver i have wrapper.java.initmemory=384 and wrapper.java.maxmemory=896
shiver everything works fine
shiver but i also don't use snark
not_bob I appear to have mine set to the defaults?
not_bob For some reason I thought I had it set to 4 gigs of memory.
not_bob Ok, I have that set now.
shiver had it set to 2g but dr|z3d sait to high is bad because gc has to work more
shiver *said
shiver but you probably need it, maybe.
not_bob I open a *lot* of tunnels.
not_bob Though, I do ratelimit them so I don't open them all at once.
not_bob Stupid, stupid ratelimiting tool. But, it works.
not_bob At some point I need to write something that works smarter.
not_bob Instead of just blindly doing it's thing.