44net May 2013

44net@mailman.ampr.org

18 participants
25 discussions

44.133.48.66 !!!
by Maiko Langelaar 12 Apr '14

12 Apr '14

Good afternoon, It would see that 44.133.48.66 is popping, snmpding, and other amounts of traffic from time to time to various ampr.org systems and doing so *without warning* type of thing. I just got hit with a bunch of SNMP requests, others have been hit with POP requests. Can anyone find out who the owner of that particular system or network is, so that I can contact the entity or person. Or perhaps a bit more draconian, can someone deal with it. Thanks in advance. Maiko Langelaar VE4KLM

4 5

Newbie issue
by lleachii＠aol.com 26 Jul '13

26 Jul '13

Marc, LX1DUC, Per Brian in a Jan 22 note: 44.0.0.1 responds to pings received from the Internet. It does not respond to pings coming into it over an encap connection to it, for some reason that I've not been able to figure out. I believe it to be a difficulty in getting it to recognize decapped pings. If you are receiving the rip44 announcements, you have properly configured your tunnel to receive IP-in-IP encapsulation from 44.0.0.1. Feel free to use: http://44.60.44.10/tools or http://kb3vwg-010.ampr.org/tools I see your encap as: 44.161.202.0 via 46.29.183.253 dev tunl0 onlink window 840 44.161.203.0 via 46.29.183.253 dev tunl0 onlink window 840 44.161.229.0 via 46.29.183.253 dev tunl0 onlink window 840 Also, I am unable to ping 44.161.229.126. What script/configuration did you use to enable your tunnel; did you specify a local or remote IP (un-needed)? Feel free to look at my script at http://44.60.44.13/startampr 73, Lynwood KB3VWG

15 65

CentOS 5-Baycom-Card I/O Help please
by Janusz Przybylski SP1LOP 09 Jun '13

09 Jun '13

POL: Potrzebuje pomocy. Jak modem podłączę pod ttyS0 (iobase 3f8 irq 4) na płycie głównej modem działa idealnie nadaje i odbiera. A jak podłączę go do ttyS1 (iobase 2400 irq 177) na karcie I/O to tylko odbiera nie chce nadawać ENG: I need help. How do I plug the modem into ttyS0 (iobase 3f8 irq 4) on the main board modem works perfectly transmits and receives. And when I connect it to ttyS1 (iobase 2400 irq 177) on the I/O just does not want to give answers ------ POL: Mam komputer z 2 modemami Baycom Linux CentOS 5, Kernel 2.6.18-274.18.1.el5ax25.2, używam sterownik: baycom_ser_fdx ENG: I have a computer with two modems Baycom Linux CentOS 5 Kernel 2.6.18-274.18.1.el5ax25.2, I use the driver: baycom_ser_fdx ------ POL: Używam modemów Baycom, podłączone do karty I/O PCI Modemy tylko odbierają (Rx) ale nie nadają (not Tx) ENG: I use Baycom modems, connected to the I/O PCI Modems only receive (Rx), but does not transmit (Tx not) ------ POL: A to konfiguracja karty I/O z komendy: lspci -vvv ENG: And this is the configuration I/O card with the command: lspci-vvv Serial controller: Device 4348:3253 (rev 10) (prog-if 02 [16550]) Subsystem: Device 4348:3253 Control: I/O+ Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Interrupt: pin A routed to IRQ 177 Region 0: I/O ports at 2400 [size=8] Region 1: I/O ports at 2000 [size=8] Kernel driver in use: serial ------ ttyS0, iobase: 0x03f8, irq: 4 (mainboard) ttyS1, iobase: 0x2400, irq: 177 (Card I/O) ttyS2, iobase: 0x2000, irq: 177 (Card I/O) ------ baycom_ser_fdx: version 0.10 compiled hdlcdrv: version 0.8 compiled POL: Może ktoś mi powie dlaczego na ttyS0 działa idealnie a na karcie I/O tylko odbiera .... Gdzie mam błąd. Może w baycom_ser_fdx.c ??? ENG: Can someone tell me why the ttyS0 works perfectly and on the I/O only .... Where do I receive an error. Maybe baycom_ser_fdx.c??? -- 73 de Janusz / SP1LOP ===== Janusz J. Przybylski, SP1LOP ================== Poland AMPRNet Co-ordinator [44.165/16] from Mar 2003 =====================================================

3 4

VPN access to AMPRNet using amateur X.509 certificates
by Heikki Hannikainen 07 Jun '13

07 Jun '13

Hi, The AMPRNet might be more useful if it had: (1) more services which would be interesting to hams (2) more access to the AMPRNet Tonight I tried to attack (2) a bit. Access to the AMPRNet over the Internet could maybe be made easier to hams by allowing them to connect over VPNs instead of setting up their own IPIP tunnels at home, or trying to find a working radio gateway. After getting a VPN running it might be easier for them to set up a radio gateway, or some services. As discussed on the other mailing list, VPNs are easier to get up on NATed residential networks than IPIP tunnels. Setting up VPN user accounts and maintaining them can be a pain. It doesn't take a lot of weekly or monthly maintenance work to run a VPN service, but it can be a major pain to manage an user account database for thousands of hams and check if your users around the Internet are, in fact, licensed. It turns out that ARRL's Logbook of the World has already given out cryptographic X.509 certificates to 57334 amateur users, after verifying their license status against the FCC database (they send a postcard with a random token code to the FCC-listed snail-mail address to make sure they give the certificate to the right guy) or after looking at a paper photocopy of a license + a photo ID. I had to physically mail in a photo of my ham license and my driver's license and wait a couple weeks to get the cert. If they can get 50k contesters and DXers to work with certificates, maybe certs can work for the AMPRnet, too. Technically, we can validate if a VPN user is in possession of one of those certificates and the respective private key. Politically, K4JH asked the ARRL guys, and they said that they don't mind if we use them for other ham authentication needs. We can start accepting other CAs too once they come around. I plan to help SRAL, the Finnish amateur radio union, to set up a CA within their web site (they already have user accounts for members). I know ARRL isn't for everyone, but smaller clubs could set up CAs too, or even commercial entities - as long as we trust them to do the license validation in a proper manner. Tonight I hacked up an OpenVPN setup which authenticates users with LoTW certs, and wrote a little documentation: http://wiki.ampr.org/index.php/AMPRNet_VPN What do you think? Technically, it seems to work - try it out if you like. It's not very straightforward to set up, but the license validation is pretty strong, and running the service shouldn't be a lot of work. There can be many VPN servers around the world, serving the whole customer base (VPN servers do not need access to any central user database, they just need the certificates of the trusted CAs). With a little Dynamic DNS magic, you could get a oh7lzb.vpn.ampr.org hostname on DNS within a few seconds after connecting (I've got code for that in another project). (Yes, eventually certificates need to be revoked after they accidentally get into wrong hands, or ham licenses are revoked. Technically that can be done using CRLs and/or OCSP, but ARRL apparently does not do those yet. Maybe they will, if the need arises. We can also set up a blocked certificates list of our own.) - Hessu, OH7LZB

5 5

Fwd: JNOS / RIP
by kd6oat 31 May '13

31 May '13

It's been a while since I encountered this problem I have forgotten the fix. My JNOS has stopped populating routes broadcast by the rip server. I've verified that I am receiving the broadcasts through tun0 and there have been no changes to my autoexec.nos file in a long time. I think routing via rip stopped sometime within the past few days. Any ideas ? tx ~Ken

2 2

[newbie] So I'm all connected...
by Matt Grice 28 May '13

28 May '13

...I have my machine all set up to route packets through my local gateway(I was originally going to tinker with high speed mesh networks but an equipment supplier let me down) and I got thinking: what kind of services are intended to run over the new improved 44net? I've being lurking, and I see are discussions on VPNs, routing and stuff but nothing higher up the stack. Web servers? Twitter-like services? Bulletin boards? POP3? What can we *do* with it? Please forgive me for asking this question! I get the feeling everyone else is up to speed except me! 73 de Matt M0ZAI

2 1

Re: [44net] dd-wrt and ipip
by kb9mwr＠gmail.com 20 May '13

20 May '13

I am using the standard, gateway mode. I assume yours is set to Router?

1 0

dd-wrt and ipip
by kb9mwr＠gmail.com 19 May '13

19 May '13

Well I don't know what to tell you. I should really try DD-WRT on other hardware to see if it behaves differently (I can't imagine so) I have the standard dd-wrt build, Firmware: DD-WRT v24-sp2 (08/07/10) std on a Ubiquiti Router Station pro. With two terminals open on my linux server, one running rip44d -v and the other running tcpdump, and an entry in the portal, I see nothing. Shortly after I enable DMZ, set to 192.168.1.100 (my linux servers inside address) I see them. I logged into the DD-WRT terminal and ran iptables -L, before and after enabling DMZ in the GUI to see what it changes. the magic appears to be this line: target prot opt source destination ACCEPT 0 -- anywhere 192.168.1.100 This is under the Chain FORWARD (policy ACCEPT) That line is absent without DMZ enabled. I have no rules that specify a broadcast address. That is really the only way I can imagine IPIP reaching a machine on the inside of a network, without a specific forwarding rule directing it to a specific inside IP address. Lynwood, could you share a dump of your iptables -L (sanitize as needed) Curiosity has the best of me at this point. Steve, KB9MWR

1 0

(no subject)
by kb9mwr＠gmail.com 18 May '13

18 May '13

Lynwood, Thanks for the info. It must have something to do with the mega version of DD-WRT that you are using. I am using the standard version, and it does not pass, even with the VPN passthough options enabled. I see the mega version has IPV6 support. Since that is usually tunneled, I suspect that is what makes it work for you. - Question for anyone. Is there anyway to use the ampr.org name service as a dynamic dns? For my IPIP gateway, and other ham radio related things, I have have been using dyn.com to provide a dynamic dns name. With the new http://dyn.com update policy,, makes me think the ham community could use a dynamic dns of their own.. anyone?

1 0

Mikrotik and NET44
by Claudio Chicon 18 May '13

18 May '13

Hello good evening Would you like to receive examples of configuration of network mikrotik to 44 73/s Claudio PY3NZ

2 1

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

44net May 2013