From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wi0-x236.google.com (mail-wi0-x236.google.com [IPv6:2a00:1450:400c:c05::236]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 1D86021F185 for ; Sun, 16 Mar 2014 14:45:47 -0700 (PDT) Received: by mail-wi0-f182.google.com with SMTP id d1so1406255wiv.9 for ; Sun, 16 Mar 2014 14:45:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=yBDO4qFa2qYRi/ADl1xH7OVUpo+xKHN4iJgDOEovVjM=; b=po6fDuU9piF+RVWq8u3AHz2XgBiWBTQLks2xPTgP8SLnaUy+25XBq2C7ocjOIhLOUe 4YEgWsABxi7xbnqEiAWsJaw0q4VIkrnnIESVXLRQJeR2Pyx7clkZC9NAbqiGuMN3e7H1 n85oL6wUHsQyRTzx6rUQQDRb14MPvpDVLb/09rs3B/pvJSLdopA18Y/WdO1vLfjjprmK dFe+Lbzap3mc9SaPM/OyAxzKhDALDVoawQEBaPHMf4g8GZrII6+oW7XFG3vfubUk/fxQ vrkBrXKxUdFlvwjlB1JDCfW79ffH+x/MVzUtpkZaJQroewKsRHHsgRUfTtei8gGL9wym 1OKw== MIME-Version: 1.0 X-Received: by 10.180.126.38 with SMTP id mv6mr6825740wib.46.1395006345974; Sun, 16 Mar 2014 14:45:45 -0700 (PDT) Received: by 10.216.8.1 with HTTP; Sun, 16 Mar 2014 14:45:45 -0700 (PDT) In-Reply-To: <145161.1395005271@turing-police.cc.vt.edu> References: <145161.1395005271@turing-police.cc.vt.edu> Date: Sun, 16 Mar 2014 14:45:45 -0700 Message-ID: From: Dave Taht To: Valdis Kletnieks Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: "cerowrt-devel@lists.bufferbloat.net" Subject: Re: [Cerowrt-devel] cerowrt-3.10.32-9 released X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Mar 2014 21:45:48 -0000 Valdis: 1) enable upnp and play some games? 2) what is the output of: cat /sys/kernel/debug/mips/unaligned_instructions 3) It does look like miniupnpd IS correctly rejecting connection attempts from the outside world, but I think I'd prefer to firewall it off completely. # logread Sat Jan 17 03:30:04 1970 daemon.warn miniupnpd[21982]: HTTP peer [::ffff:186.215.61.169]:41839 is not from a LAN, closing the connection Sat Jan 17 03:30:04 1970 daemon.warn miniupnpd[21982]: HTTP peer [::ffff:59.90.193.38]:54571 is not from a LAN, closing the connection And I'd love to improve the defensive sensor facility one day, to log and forward external cracker attempts to something like a rbl blocklist. Sat Jan 17 03:30:04 1970 daemon.crit xinetd[1416]: 1416 {process_sensor} Adding 103.26.122.210 to the global_no_access list for 120 minutes Still I sleep better knowing these limited protections are working. On Sun, Mar 16, 2014 at 2:27 PM, wrote: > On Sun, 16 Mar 2014 12:58:28 -0700, Dave Taht said: >> Get it at: >> >> http://snapon.lab.bufferbloat.net/~cero2/cerowrt/wndr/3.10.32-9/ > >> - untested with ipv6 as yet > > Running it on my 3800, IPv6 from my laptop to Google and work and > other places seems to be working just fine in my corner of Comcast land. > My laptop gets a DHCPv6 address, a SLAAC address, and generates itself > a privacy address, and they all are reachable from the outside, and my > Rasberry Pi is happily SLAAC'ing away as well. As far as I can tell, > my TV and my PS3 are IPv4-only, so that's as much as I can test. > > If I catch it misbehaving, or there's something in particular you want > poked, yell... > > --=20 Dave T=E4ht Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.= html