| View previous topic :: View next topic |
| Author |
Message |
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
 Posted: Wed Dec 03, 2014 2:47 am Post subject: No content in overlays.gentoo.org |
 |
|
Breaking a little under FUD created on me (wait: I don't blame anyone yet in any
of the stages on the way from me to Gentoo and back, OK?)...
But breaking a little, can't do no work like this...
So, given the circumstances, this can be a little hastily and clumsily put.
But there I go.
The issue that I am having is given some intro over in the topic:
Mutt without Portage/in Local Overlay, for Air-Gappers
https://forums.gentoo.org/viewtopic-t-1002146-start-50.html#7661248
(and next one post of mine, which...
Which pasting over:
| me wrote: |
| py-ro wrote: | | Yes, you are wrong, it is not meant for browsing. This is the Databases Layman uses to offer Overlays. |
|
Of course py-ro was right about that, but... I also told how I can't access the overlays.gentoo.org
| me wrote: | And accessing that (other one I reported about) page from some http client (Firefox and Lynx tested in these, what, two hours), gives no replies whatsoever?
And the 148.251.78.52 shows (to me) at times as host overlays.gentoo.org and at other times as oystercatcher.gentoo.org
But wait, never mind what it shows in Wireshark loaded pcap file (taken from command line with dumpcap) --at at least one time it didn't even show-- it brings to me in none of the two http clients mentioned no content in all these two or so hours.
That normal?
And if normal, that behavior, why does it show in search engine where 99+- per cent of people only use http agents to read pages?
Really, what could this be?
To prevent "your-system-b0rked" remarks. No problems with no other pages whatsoever. I can access anywhere else with Firefox.
|
Now how I studied what information I could glean (the Chinese ZXDSL 931VII
ADSL router doesn't even send the dynamic IP to the user! Can't get it with
dumpcap, can only get it from it's interface, as an example of the difficulies
I have...
And I'll try and post a few info.
First the address that I tried to connect from, the last time:
93.138.2.170
That should be a clue if someone over there at Gentoo was curious why I got no
content when pasting "overlays.gentoo.org" in Firefox's address bar and
hitting Enter. If...
That last time was exactly on 2014-12-03 at 03:12 CET (which is, I think 02:12
GMT at this time of year).
Much more coming... hopefully.
======= cut off from this line to end if verifying hashes =======
File corresponding to this post: Gen_141203_overlays-g-o_empty.txt,
has Publictimestamp # 1249292
--
publictimestamp.org/ptb/PTB-22251 sha256 2014-12-03 00:01:47
1CD620A81A5B7B6FE7C3B5BE71B1044DC7293C38AD4F43248FD80E745043EE0F |
|
| Back to top |
|
 |
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Wed Dec 03, 2014 3:47 am Post subject: |
|
|
Still the same 93.138.2.170 my address (just if, see previous post).
I thought about it. It must be a cookie issue.
This is the first time, this period of about one week, that I decided to connect with Gentoo, was connecting with Debian, with less important data in the system I was connecting with, and on old machine, for months...
And I actually got, currently, only two sites allowed (and I remembered miserably; I'm 57, not fresh)...
I got, currently, only three sites allowed to set cookies:
gentoo.org
wiki.gentoo.org
forums.gentoo.org
And I bet, haven't tried yet, but I bet, I'll be able to see content in the page in question (see previous post), if I allow cookies from that page (you don't need to see the previous post for that...  , sorry for misleading you, was intentional):
overlays.gentoo.org
I did it. Let's see now... Will be back. Hopefully. |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Wed Dec 03, 2014 3:59 am Post subject: |
|
|
| Quote: | ...
overlays.gentoo.org
...
|
Nope. I was wrong. Allowing cookies for that didn't help. Even after restarting Firefox, it doesn't show (and how did I forget that I tried with lynx; so it's not the cookies).
Anyway, this is the way I capture traffic and screencast, and conntrack along, the entire method.
First of all, I'm never online continuosly, unless downloading for my local mirror (see my Air-Gapped Gentoo Install, Tentative
https://forums.gentoo.org/viewtopic-t-987268.html ), or my Debian Jigdo DVDs.
And it's not physically plugging the line first.
First is, as regular user in same dir as seconds later will run commands below as root:
| Code: |
$ ffmpeg -f x11grab -s 1024x768 -r 25 -i :0.0 -c:v libx264 -preset ultrafast -threads 0 Screen_`date +%y%m%d_%H%M`_`hostname`.mkv
|
Then, as root, in same dir, both command below in one same terminal:
| Code: |
# conntrack -E 2>&1 | tee /some-where/conntrack-E_`date +%y%m%d_%H%M`.log &
# touch dump_`date +%y%m%d_%H%M`_`hostname`.pcap && dumpcap -i any -w dump_`date +%y%m%d_%H%M`_`hostname`.pcap &
|
And only then do I plug into the router.
When I do the work, I first, unplug from the internet (physically), then wait for conntrack to show the DESTROY lines, then twice
followed by Ctrl-C to kill the two processes in the root's terminal.
And only then Ctrl-Q in the regular user's terminal with the ffmpeg line.
And then I analyze that for sometimes a loong time.
You can see (but with "r 10", 10 frames per second rate, what I used to get on my Debian machine (haven't abandoned Debian, just this is even more powerful) here:
http://www.croatiafidelis.hr/gnu/Flowstamp/
(read there and find the Screencast; it's similar what I do now, just now is not jumply btwn frames at all).
And, since I would like to see a solution to this, I'll post some of my network capture next... If I make it. Headache moving in... It's been a sleepless night here in Europe's southern regions of Croatia...
And can't just post without conidering if I need to hide some date from it...
And, I almost forgot. But it couldn't be that... I also recently started finally using IPtables... It couldn't be that, I don't think, because I didn't put in there anytihing that would preclude a particular adress like the one that the overlays.gentoo.org translates into in my either Firefox or Lynx... |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Wed Dec 03, 2014 6:26 pm Post subject: |
|
|
So let's talk of what I caught in some two minutes (2m 20s) on 2014-12-03 at 3:12.
We are talking these files:
| Code: |
-rw-r--r-- 1 root root 18430 2014-12-03 03:14 conntrack-E_141203_0312.log
-rw-r--r-- 1 root root 262456 2014-12-03 03:14 dump_141203_0312_g0n.pcap
-rw-r--r-- 1 miro miro 14405142 2014-12-03 03:14 Screen_141203_0312_g0n.mkv
|
More precisely identified with hashes:
| Code: |
0f652f738fdedc52d4e913752ae081e1f600254b9b6408aae91657dd7064090a conntrack-E_141203_0312.log
00bb0cc486e9950662bc9a149ee45126a58654b44b1bf52fa477791697f28a6e dump_141203_0312_g0n.pcap
90d1f41c6945eb3c08848111cdb9717bf2ed4b476e03699c0a3904b14395a2e4 Screen_141203_0312_g0n.mkv
|
The screencast could be for explaining to even lay people what happened. The other two files are to really learn what happened, hopefully, and what to correct and where, to get that connection working, and the page in question showed.
The screencast shows how I did what I explained in the previous post, surely, you just don't see that I issued the ffmpeg command, you just see it starting to run, but you do see those other commands as root. May post it on www.CroatiaFidelis.hr and link here at some later unspecified time in the future (unless something were to prevent me from).
The dump pcap file consists of 554 packets, and that's huge information in there, very knowledge intensive as my teacher Oskar Andreasson wrote (via his books he gave us for free
Iptables-tutorial
https://www.frozentux.net/documents/iptables-tutorial/
). 554, five hundred and fifty four packets about what happened in those two minutes.
But I'll take out and post here just what happened in maybe two or three seconds, only a sequence of 12 packets, from packet 373 to packet 384, in the initial investigative attempt of the snail-pace slow worker Miro, and I'll post first the first 8 packets of that sequence, which do not appear to show errors (are colored normally in Wireshark), and then, in the next post, I'll try and post the remaining sequence of 4 packets, that show retransmission to overlays.gentoo.org and are colored in dark reverse.
So the first 8 packets, in this post.
| Code: |
No. Time Source Destination Protocol Length Info
373 39.244639000 192.168.1.2 192.168.1.1 DNS 81 Standard query 0x0bcf A overlays.gentoo.org
Frame 373: 81 bytes on wire (648 bits), 81 bytes captured (648 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:55.272768000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572775.272768000 seconds
[Time delta from previous captured frame: 6.653168000 seconds]
[Time delta from previous displayed frame: 6.653168000 seconds]
[Time since reference or first frame: 39.244639000 seconds]
Frame Number: 373
Frame Length: 81 bytes (648 bits)
Capture Length: 81 bytes (648 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: 192.168.1.1 (192.168.1.1)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 65
Identification: 0x5aaf (23215)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0x5ca9 [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.2 (192.168.1.2)
Destination: 192.168.1.1 (192.168.1.1)
User Datagram Protocol, Src Port: 52966 (52966), Dst Port: domain (53)
Source Port: 52966 (52966)
Destination Port: domain (53)
Length: 45
Checksum: 0x8392 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[Stream index: 4]
Domain Name System (query)
[Response In: 375]
Transaction ID: 0x0bcf
Flags: 0x0100 Standard query
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
overlays.gentoo.org: type A, class IN
Name: overlays.gentoo.org
[Name Length: 19]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
No. Time Source Destination Protocol Length Info
374 39.244655000 192.168.1.2 192.168.1.1 DNS 81 Standard query 0x4f75 AAAA overlays.gentoo.org
Frame 374: 81 bytes on wire (648 bits), 81 bytes captured (648 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:55.272784000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572775.272784000 seconds
[Time delta from previous captured frame: 0.000016000 seconds]
[Time delta from previous displayed frame: 0.000016000 seconds]
[Time since reference or first frame: 39.244655000 seconds]
Frame Number: 374
Frame Length: 81 bytes (648 bits)
Capture Length: 81 bytes (648 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: 192.168.1.1 (192.168.1.1)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 65
Identification: 0x5ab0 (23216)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0x5ca8 [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.2 (192.168.1.2)
Destination: 192.168.1.1 (192.168.1.1)
User Datagram Protocol, Src Port: 52966 (52966), Dst Port: domain (53)
Source Port: 52966 (52966)
Destination Port: domain (53)
Length: 45
Checksum: 0x8392 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[Stream index: 4]
Domain Name System (query)
[Response In: 376]
Transaction ID: 0x4f75
Flags: 0x0100 Standard query
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
overlays.gentoo.org: type AAAA, class IN
Name: overlays.gentoo.org
[Name Length: 19]
[Label Count: 3]
Type: AAAA (IPv6 Address) (28)
Class: IN (0x0001)
No. Time Source Destination Protocol Length Info
375 39.293745000 192.168.1.1 192.168.1.2 DNS 241 Standard query response 0x0bcf CNAME oystercatcher.gentoo.org A 148.251.78.52
Frame 375: 241 bytes on wire (1928 bits), 241 bytes captured (1928 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:55.321874000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572775.321874000 seconds
[Time delta from previous captured frame: 0.049090000 seconds]
[Time delta from previous displayed frame: 0.049090000 seconds]
[Time since reference or first frame: 39.293745000 seconds]
Frame Number: 375
Frame Length: 241 bytes (1928 bits)
Capture Length: 241 bytes (1928 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Linux cooked capture
Packet type: Unicast to us (0)
Link-layer address type: 1
Link-layer address length: 6
Source: Zte_41:b7:d5 (2c:95:7f:41:b7:d5)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.1 (192.168.1.1), Dst: 192.168.1.2 (192.168.1.2)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 225
Identification: 0x0000 (0)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0xb6b8 [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.1 (192.168.1.1)
Destination: 192.168.1.2 (192.168.1.2)
User Datagram Protocol, Src Port: domain (53), Dst Port: 52966 (52966)
Source Port: domain (53)
Destination Port: 52966 (52966)
Length: 205
Checksum: 0x4071 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[Stream index: 4]
Domain Name System (response)
[Request In: 373]
[Time: 0.049106000 seconds]
Transaction ID: 0x0bcf
Flags: 0x8180 Standard query response, No error
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 2
Authority RRs: 4
Additional RRs: 2
Queries
overlays.gentoo.org: type A, class IN
Name: overlays.gentoo.org
[Name Length: 19]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
Answers
overlays.gentoo.org: type CNAME, class IN, cname oystercatcher.gentoo.org
Name: overlays.gentoo.org
Type: CNAME (Canonical NAME for an alias) (5)
Class: IN (0x0001)
Time to live: 600
Data length: 16
CNAME: oystercatcher.gentoo.org
oystercatcher.gentoo.org: type A, class IN, addr 148.251.78.52
Name: oystercatcher.gentoo.org
Type: A (Host Address) (1)
Class: IN (0x0001)
Time to live: 82666
Data length: 4
Address: oystercatcher.gentoo.org (148.251.78.52)
Authoritative nameservers
gentoo.org: type NS, class IN, ns ns4.gentoo.org
Name: gentoo.org
Type: NS (authoritative Name Server) (2)
Class: IN (0x0001)
Time to live: 82665
Data length: 6
Name Server: ns4.gentoo.org
gentoo.org: type NS, class IN, ns ns2.gentoo.org
Name: gentoo.org
Type: NS (authoritative Name Server) (2)
Class: IN (0x0001)
Time to live: 82665
Data length: 6
Name Server: ns2.gentoo.org
gentoo.org: type NS, class IN, ns ns1.gentoo.org
Name: gentoo.org
Type: NS (authoritative Name Server) (2)
Class: IN (0x0001)
Time to live: 82665
Data length: 6
Name Server: ns1.gentoo.org
gentoo.org: type NS, class IN, ns ns3.gentoo.org
Name: gentoo.org
Type: NS (authoritative Name Server) (2)
Class: IN (0x0001)
Time to live: 82665
Data length: 6
Name Server: ns3.gentoo.org
Additional records
ns2.gentoo.org: type A, class IN, addr 194.116.84.30
Name: ns2.gentoo.org
Type: A (Host Address) (1)
Class: IN (0x0001)
Time to live: 74523
Data length: 4
Address: ns2.gentoo.org (194.116.84.30)
ns2.gentoo.org: type AAAA, class IN, addr 2001:7f8:23:323::1e
Name: ns2.gentoo.org
Type: AAAA (IPv6 Address) (28)
Class: IN (0x0001)
Time to live: 27743
Data length: 16
AAAA Address: ns2.gentoo.org (2001:7f8:23:323::1e)
No. Time Source Destination Protocol Length Info
376 39.295102000 192.168.1.1 192.168.1.2 DNS 253 Standard query response 0x4f75 CNAME oystercatcher.gentoo.org AAAA 2a01:4f8:202:4333::2
Frame 376: 253 bytes on wire (2024 bits), 253 bytes captured (2024 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:55.323231000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572775.323231000 seconds
[Time delta from previous captured frame: 0.001357000 seconds]
[Time delta from previous displayed frame: 0.001357000 seconds]
[Time since reference or first frame: 39.295102000 seconds]
Frame Number: 376
Frame Length: 253 bytes (2024 bits)
Capture Length: 253 bytes (2024 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Linux cooked capture
Packet type: Unicast to us (0)
Link-layer address type: 1
Link-layer address length: 6
Source: Zte_41:b7:d5 (2c:95:7f:41:b7:d5)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.1 (192.168.1.1), Dst: 192.168.1.2 (192.168.1.2)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 237
Identification: 0x0000 (0)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0xb6ac [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.1 (192.168.1.1)
Destination: 192.168.1.2 (192.168.1.2)
User Datagram Protocol, Src Port: domain (53), Dst Port: 52966 (52966)
Source Port: domain (53)
Destination Port: 52966 (52966)
Length: 217
Checksum: 0x7e21 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[Stream index: 4]
Domain Name System (response)
[Request In: 374]
[Time: 0.050447000 seconds]
Transaction ID: 0x4f75
Flags: 0x8180 Standard query response, No error
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 2
Authority RRs: 4
Additional RRs: 2
Queries
overlays.gentoo.org: type AAAA, class IN
Name: overlays.gentoo.org
[Name Length: 19]
[Label Count: 3]
Type: AAAA (IPv6 Address) (28)
Class: IN (0x0001)
Answers
overlays.gentoo.org: type CNAME, class IN, cname oystercatcher.gentoo.org
Name: overlays.gentoo.org
Type: CNAME (Canonical NAME for an alias) (5)
Class: IN (0x0001)
Time to live: 600
Data length: 16
CNAME: oystercatcher.gentoo.org
oystercatcher.gentoo.org: type AAAA, class IN, addr 2a01:4f8:202:4333::2
Name: oystercatcher.gentoo.org
Type: AAAA (IPv6 Address) (28)
Class: IN (0x0001)
Time to live: 82666
Data length: 16
AAAA Address: oystercatcher.gentoo.org (2a01:4f8:202:4333::2)
Authoritative nameservers
gentoo.org: type NS, class IN, ns ns4.gentoo.org
Name: gentoo.org
Type: NS (authoritative Name Server) (2)
Class: IN (0x0001)
Time to live: 82665
Data length: 6
Name Server: ns4.gentoo.org
gentoo.org: type NS, class IN, ns ns1.gentoo.org
Name: gentoo.org
Type: NS (authoritative Name Server) (2)
Class: IN (0x0001)
Time to live: 82665
Data length: 6
Name Server: ns1.gentoo.org
gentoo.org: type NS, class IN, ns ns2.gentoo.org
Name: gentoo.org
Type: NS (authoritative Name Server) (2)
Class: IN (0x0001)
Time to live: 82665
Data length: 6
Name Server: ns2.gentoo.org
gentoo.org: type NS, class IN, ns ns3.gentoo.org
Name: gentoo.org
Type: NS (authoritative Name Server) (2)
Class: IN (0x0001)
Time to live: 82665
Data length: 6
Name Server: ns3.gentoo.org
Additional records
ns2.gentoo.org: type A, class IN, addr 194.116.84.30
Name: ns2.gentoo.org
Type: A (Host Address) (1)
Class: IN (0x0001)
Time to live: 74523
Data length: 4
Address: ns2.gentoo.org (194.116.84.30)
ns2.gentoo.org: type AAAA, class IN, addr 2001:7f8:23:323::1e
Name: ns2.gentoo.org
Type: AAAA (IPv6 Address) (28)
Class: IN (0x0001)
Time to live: 27743
Data length: 16
AAAA Address: ns2.gentoo.org (2001:7f8:23:323::1e)
No. Time Source Destination Protocol Length Info
377 39.295467000 192.168.1.2 oystercatcher.gentoo.org TCP 76 36863→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145614907 TSecr=0 WS=128
Frame 377: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:55.323596000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572775.323596000 seconds
[Time delta from previous captured frame: 0.000365000 seconds]
[Time delta from previous displayed frame: 0.000365000 seconds]
[Time since reference or first frame: 39.295467000 seconds]
Frame Number: 377
Frame Length: 76 bytes (608 bits)
Capture Length: 76 bytes (608 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80 || http2]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: oystercatcher.gentoo.org (148.251.78.52)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 60
Identification: 0x0364 (868)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (6)
Header checksum: 0x927e [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.2 (192.168.1.2)
Destination: oystercatcher.gentoo.org (148.251.78.52)
Transmission Control Protocol, Src Port: 36863 (36863), Dst Port: http (80), Seq: 0, Len: 0
Source Port: 36863 (36863)
Destination Port: http (80)
[Stream index: 7]
[TCP Segment Len: 0]
Sequence number: 0 (relative sequence number)
Acknowledgment number: 0
Header Length: 40 bytes
.... 0000 0000 0010 = Flags: 0x002 (SYN)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...0 .... = Acknowledgment: Not set
.... .... 0... = Push: Not set
.... .... .0.. = Reset: Not set
.... .... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]
[Connection establish request (SYN): server port http]
[Severity level: Chat]
[Group: Sequence]
.... .... ...0 = Fin: Not set
Window size value: 29200
[Calculated window size: 29200]
Checksum: 0xa508 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Urgent pointer: 0
Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
Maximum segment size: 1460 bytes
Kind: Maximum Segment Size (2)
Length: 4
MSS Value: 1460
TCP SACK Permitted Option: True
Kind: SACK Permitted (4)
Length: 2
Timestamps: TSval 145614907, TSecr 0
Kind: Time Stamp Option (8)
Length: 10
Timestamp value: 145614907
Timestamp echo reply: 0
No-Operation (NOP)
Type: 1
0... .... = Copy on fragmentation: No
.00. .... = Class: Control (0)
...0 0001 = Number: No-Operation (NOP) (1)
Window scale: 7 (multiply by 128)
Kind: Window Scale (3)
Length: 3
Shift count: 7
[Multiplier: 128]
No. Time Source Destination Protocol Length Info
378 39.546131000 192.168.1.2 oystercatcher.gentoo.org TCP 76 36864→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145615158 TSecr=0 WS=128
Frame 378: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:55.574260000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572775.574260000 seconds
[Time delta from previous captured frame: 0.250664000 seconds]
[Time delta from previous displayed frame: 0.250664000 seconds]
[Time since reference or first frame: 39.546131000 seconds]
Frame Number: 378
Frame Length: 76 bytes (608 bits)
Capture Length: 76 bytes (608 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80 || http2]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: oystercatcher.gentoo.org (148.251.78.52)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 60
Identification: 0x5d7c (23932)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (6)
Header checksum: 0x3866 [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.2 (192.168.1.2)
Destination: oystercatcher.gentoo.org (148.251.78.52)
Transmission Control Protocol, Src Port: 36864 (36864), Dst Port: http (80), Seq: 0, Len: 0
Source Port: 36864 (36864)
Destination Port: http (80)
[Stream index: 8]
[TCP Segment Len: 0]
Sequence number: 0 (relative sequence number)
Acknowledgment number: 0
Header Length: 40 bytes
.... 0000 0000 0010 = Flags: 0x002 (SYN)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...0 .... = Acknowledgment: Not set
.... .... 0... = Push: Not set
.... .... .0.. = Reset: Not set
.... .... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]
[Connection establish request (SYN): server port http]
[Severity level: Chat]
[Group: Sequence]
.... .... ...0 = Fin: Not set
Window size value: 29200
[Calculated window size: 29200]
Checksum: 0xa508 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Urgent pointer: 0
Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
Maximum segment size: 1460 bytes
Kind: Maximum Segment Size (2)
Length: 4
MSS Value: 1460
TCP SACK Permitted Option: True
Kind: SACK Permitted (4)
Length: 2
Timestamps: TSval 145615158, TSecr 0
Kind: Time Stamp Option (8)
Length: 10
Timestamp value: 145615158
Timestamp echo reply: 0
No-Operation (NOP)
Type: 1
0... .... = Copy on fragmentation: No
.00. .... = Class: Control (0)
...0 0001 = Number: No-Operation (NOP) (1)
Window scale: 7 (multiply by 128)
Kind: Window Scale (3)
Length: 3
Shift count: 7
[Multiplier: 128]
No. Time Source Destination Protocol Length Info
379 39.551442000 192.168.1.2 192.168.1.1 DNS 81 Standard query 0x83ec A overlays.gentoo.org
Frame 379: 81 bytes on wire (648 bits), 81 bytes captured (648 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:55.579571000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572775.579571000 seconds
[Time delta from previous captured frame: 0.005311000 seconds]
[Time delta from previous displayed frame: 0.005311000 seconds]
[Time since reference or first frame: 39.551442000 seconds]
Frame Number: 379
Frame Length: 81 bytes (648 bits)
Capture Length: 81 bytes (648 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: 192.168.1.1 (192.168.1.1)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 65
Identification: 0x5aff (23295)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0x5c59 [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.2 (192.168.1.2)
Destination: 192.168.1.1 (192.168.1.1)
User Datagram Protocol, Src Port: 33504 (33504), Dst Port: domain (53)
Source Port: 33504 (33504)
Destination Port: domain (53)
Length: 45
Checksum: 0x8392 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[Stream index: 5]
Domain Name System (query)
[Response In: 380]
Transaction ID: 0x83ec
Flags: 0x0100 Standard query
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
overlays.gentoo.org: type A, class IN
Name: overlays.gentoo.org
[Name Length: 19]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
No. Time Source Destination Protocol Length Info
380 39.552243000 192.168.1.1 192.168.1.2 DNS 97 Standard query response 0x83ec A 148.251.78.52
Frame 380: 97 bytes on wire (776 bits), 97 bytes captured (776 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:55.580372000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572775.580372000 seconds
[Time delta from previous captured frame: 0.000801000 seconds]
[Time delta from previous displayed frame: 0.000801000 seconds]
[Time since reference or first frame: 39.552243000 seconds]
Frame Number: 380
Frame Length: 97 bytes (776 bits)
Capture Length: 97 bytes (776 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Linux cooked capture
Packet type: Unicast to us (0)
Link-layer address type: 1
Link-layer address length: 6
Source: Zte_41:b7:d5 (2c:95:7f:41:b7:d5)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.1 (192.168.1.1), Dst: 192.168.1.2 (192.168.1.2)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 81
Identification: 0x0000 (0)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0xb748 [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.1 (192.168.1.1)
Destination: 192.168.1.2 (192.168.1.2)
User Datagram Protocol, Src Port: domain (53), Dst Port: 33504 (33504)
Source Port: domain (53)
Destination Port: 33504 (33504)
Length: 61
Checksum: 0xd615 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[Stream index: 5]
Domain Name System (response)
[Request In: 379]
[Time: 0.000801000 seconds]
Transaction ID: 0x83ec
Flags: 0x8180 Standard query response, No error
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 1
Authority RRs: 0
Additional RRs: 0
Queries
overlays.gentoo.org: type A, class IN
Name: overlays.gentoo.org
[Name Length: 19]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
Answers
overlays.gentoo.org: type A, class IN, addr 148.251.78.52
Name: overlays.gentoo.org
Type: A (Host Address) (1)
Class: IN (0x0001)
Time to live: 600
Data length: 4
Address: overlays.gentoo.org (148.251.78.52)
|
======= cut off from this line to end if verifying hashes =======
File corresponding to this post: Gen_141203_overlays-g-o_empty_4.txt,
has Publictimestamp # 1249370
--
publictimestamp.org/ptb/PTB-22257 sha256 2014-12-03 18:01:45
3613E8A7542D29887C1A1D4FE003FB1A715DD1B169B89FE64ECE0D080F8508D9 |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Wed Dec 03, 2014 6:34 pm Post subject: |
|
|
The 4 dark colored (in Wireshark) sequence of packets right after the normally colored 8 (they altogether make one sequencs. Sole change, in the enrier sequence, is the MAC of the router (the ending), my eth1 MAC is always set non-permanent with macchanger).
| Code: |
No. Time Source Destination Protocol Length Info
381 40.296054000 192.168.1.2 overlays.gentoo.org TCP 76 [TCP Retransmission] 36863→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145615908 TSecr=0 WS=128
Frame 381: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:56.324183000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572776.324183000 seconds
[Time delta from previous captured frame: 0.743811000 seconds]
[Time delta from previous displayed frame: 0.743811000 seconds]
[Time since reference or first frame: 40.296054000 seconds]
Frame Number: 381
Frame Length: 76 bytes (608 bits)
Capture Length: 76 bytes (608 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:tcp]
[Coloring Rule Name: Bad TCP]
[Coloring Rule String: tcp.analysis.flags && !tcp.analysis.window_update]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: overlays.gentoo.org (148.251.78.52)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 60
Identification: 0x0365 (869)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (6)
Header checksum: 0x927d [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.2 (192.168.1.2)
Destination: overlays.gentoo.org (148.251.78.52)
Transmission Control Protocol, Src Port: 36863 (36863), Dst Port: http (80), Seq: 0, Len: 0
Source Port: 36863 (36863)
Destination Port: http (80)
[Stream index: 7]
[TCP Segment Len: 0]
Sequence number: 0 (relative sequence number)
Acknowledgment number: 0
Header Length: 40 bytes
.... 0000 0000 0010 = Flags: 0x002 (SYN)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...0 .... = Acknowledgment: Not set
.... .... 0... = Push: Not set
.... .... .0.. = Reset: Not set
.... .... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]
[Connection establish request (SYN): server port http]
[Severity level: Chat]
[Group: Sequence]
.... .... ...0 = Fin: Not set
Window size value: 29200
[Calculated window size: 29200]
Checksum: 0xa508 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Urgent pointer: 0
Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
Maximum segment size: 1460 bytes
Kind: Maximum Segment Size (2)
Length: 4
MSS Value: 1460
TCP SACK Permitted Option: True
Kind: SACK Permitted (4)
Length: 2
Timestamps: TSval 145615908, TSecr 0
Kind: Time Stamp Option (8)
Length: 10
Timestamp value: 145615908
Timestamp echo reply: 0
No-Operation (NOP)
Type: 1
0... .... = Copy on fragmentation: No
.00. .... = Class: Control (0)
...0 0001 = Number: No-Operation (NOP) (1)
Window scale: 7 (multiply by 128)
Kind: Window Scale (3)
Length: 3
Shift count: 7
[Multiplier: 128]
[SEQ/ACK analysis]
[TCP Analysis Flags]
[Expert Info (Note/Sequence): This frame is a (suspected) retransmission]
[This frame is a (suspected) retransmission]
[Severity level: Note]
[Group: Sequence]
[The RTO for this segment was: 1.000587000 seconds]
[RTO based on delta from frame: 377]
No. Time Source Destination Protocol Length Info
382 40.548052000 192.168.1.2 overlays.gentoo.org TCP 76 [TCP Retransmission] 36864→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145616160 TSecr=0 WS=128
Frame 382: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:56.576181000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572776.576181000 seconds
[Time delta from previous captured frame: 0.251998000 seconds]
[Time delta from previous displayed frame: 0.251998000 seconds]
[Time since reference or first frame: 40.548052000 seconds]
Frame Number: 382
Frame Length: 76 bytes (608 bits)
Capture Length: 76 bytes (608 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:tcp]
[Coloring Rule Name: Bad TCP]
[Coloring Rule String: tcp.analysis.flags && !tcp.analysis.window_update]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: overlays.gentoo.org (148.251.78.52)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 60
Identification: 0x5d7d (23933)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (6)
Header checksum: 0x3865 [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.2 (192.168.1.2)
Destination: overlays.gentoo.org (148.251.78.52)
Transmission Control Protocol, Src Port: 36864 (36864), Dst Port: http (80), Seq: 0, Len: 0
Source Port: 36864 (36864)
Destination Port: http (80)
[Stream index: 8]
[TCP Segment Len: 0]
Sequence number: 0 (relative sequence number)
Acknowledgment number: 0
Header Length: 40 bytes
.... 0000 0000 0010 = Flags: 0x002 (SYN)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...0 .... = Acknowledgment: Not set
.... .... 0... = Push: Not set
.... .... .0.. = Reset: Not set
.... .... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]
[Connection establish request (SYN): server port http]
[Severity level: Chat]
[Group: Sequence]
.... .... ...0 = Fin: Not set
Window size value: 29200
[Calculated window size: 29200]
Checksum: 0xa508 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Urgent pointer: 0
Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
Maximum segment size: 1460 bytes
Kind: Maximum Segment Size (2)
Length: 4
MSS Value: 1460
TCP SACK Permitted Option: True
Kind: SACK Permitted (4)
Length: 2
Timestamps: TSval 145616160, TSecr 0
Kind: Time Stamp Option (8)
Length: 10
Timestamp value: 145616160
Timestamp echo reply: 0
No-Operation (NOP)
Type: 1
0... .... = Copy on fragmentation: No
.00. .... = Class: Control (0)
...0 0001 = Number: No-Operation (NOP) (1)
Window scale: 7 (multiply by 128)
Kind: Window Scale (3)
Length: 3
Shift count: 7
[Multiplier: 128]
[SEQ/ACK analysis]
[TCP Analysis Flags]
[Expert Info (Note/Sequence): This frame is a (suspected) retransmission]
[This frame is a (suspected) retransmission]
[Severity level: Note]
[Group: Sequence]
[The RTO for this segment was: 1.001921000 seconds]
[RTO based on delta from frame: 378]
No. Time Source Destination Protocol Length Info
383 42.300063000 192.168.1.2 overlays.gentoo.org TCP 76 [TCP Retransmission] 36863→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145617912 TSecr=0 WS=128
Frame 383: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:58.328192000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572778.328192000 seconds
[Time delta from previous captured frame: 1.752011000 seconds]
[Time delta from previous displayed frame: 1.752011000 seconds]
[Time since reference or first frame: 42.300063000 seconds]
Frame Number: 383
Frame Length: 76 bytes (608 bits)
Capture Length: 76 bytes (608 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:tcp]
[Coloring Rule Name: Bad TCP]
[Coloring Rule String: tcp.analysis.flags && !tcp.analysis.window_update]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: overlays.gentoo.org (148.251.78.52)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 60
Identification: 0x0366 (870)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (6)
Header checksum: 0x927c [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.2 (192.168.1.2)
Destination: overlays.gentoo.org (148.251.78.52)
Transmission Control Protocol, Src Port: 36863 (36863), Dst Port: http (80), Seq: 0, Len: 0
Source Port: 36863 (36863)
Destination Port: http (80)
[Stream index: 7]
[TCP Segment Len: 0]
Sequence number: 0 (relative sequence number)
Acknowledgment number: 0
Header Length: 40 bytes
.... 0000 0000 0010 = Flags: 0x002 (SYN)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...0 .... = Acknowledgment: Not set
.... .... 0... = Push: Not set
.... .... .0.. = Reset: Not set
.... .... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]
[Connection establish request (SYN): server port http]
[Severity level: Chat]
[Group: Sequence]
.... .... ...0 = Fin: Not set
Window size value: 29200
[Calculated window size: 29200]
Checksum: 0xa508 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Urgent pointer: 0
Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
Maximum segment size: 1460 bytes
Kind: Maximum Segment Size (2)
Length: 4
MSS Value: 1460
TCP SACK Permitted Option: True
Kind: SACK Permitted (4)
Length: 2
Timestamps: TSval 145617912, TSecr 0
Kind: Time Stamp Option (8)
Length: 10
Timestamp value: 145617912
Timestamp echo reply: 0
No-Operation (NOP)
Type: 1
0... .... = Copy on fragmentation: No
.00. .... = Class: Control (0)
...0 0001 = Number: No-Operation (NOP) (1)
Window scale: 7 (multiply by 128)
Kind: Window Scale (3)
Length: 3
Shift count: 7
[Multiplier: 128]
[SEQ/ACK analysis]
[TCP Analysis Flags]
[Expert Info (Note/Sequence): This frame is a (suspected) retransmission]
[This frame is a (suspected) retransmission]
[Severity level: Note]
[Group: Sequence]
[The RTO for this segment was: 3.004596000 seconds]
[RTO based on delta from frame: 377]
No. Time Source Destination Protocol Length Info
384 42.552059000 192.168.1.2 overlays.gentoo.org TCP 76 [TCP Retransmission] 36864→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145618164 TSecr=0 WS=128
Frame 384: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0
Interface id: 0 (any)
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Dec 3, 2014 03:12:58.580188000 CET
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1417572778.580188000 seconds
[Time delta from previous captured frame: 0.251996000 seconds]
[Time delta from previous displayed frame: 0.251996000 seconds]
[Time since reference or first frame: 42.552059000 seconds]
Frame Number: 384
Frame Length: 76 bytes (608 bits)
Capture Length: 76 bytes (608 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:tcp]
[Coloring Rule Name: Bad TCP]
[Coloring Rule String: tcp.analysis.flags && !tcp.analysis.window_update]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)
Protocol: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: overlays.gentoo.org (148.251.78.52)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 60
Identification: 0x5d7e (23934)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (6)
Header checksum: 0x3864 [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.2 (192.168.1.2)
Destination: overlays.gentoo.org (148.251.78.52)
Transmission Control Protocol, Src Port: 36864 (36864), Dst Port: http (80), Seq: 0, Len: 0
Source Port: 36864 (36864)
Destination Port: http (80)
[Stream index: 8]
[TCP Segment Len: 0]
Sequence number: 0 (relative sequence number)
Acknowledgment number: 0
Header Length: 40 bytes
.... 0000 0000 0010 = Flags: 0x002 (SYN)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...0 .... = Acknowledgment: Not set
.... .... 0... = Push: Not set
.... .... .0.. = Reset: Not set
.... .... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]
[Connection establish request (SYN): server port http]
[Severity level: Chat]
[Group: Sequence]
.... .... ...0 = Fin: Not set
Window size value: 29200
[Calculated window size: 29200]
Checksum: 0xa508 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Urgent pointer: 0
Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
Maximum segment size: 1460 bytes
Kind: Maximum Segment Size (2)
Length: 4
MSS Value: 1460
TCP SACK Permitted Option: True
Kind: SACK Permitted (4)
Length: 2
Timestamps: TSval 145618164, TSecr 0
Kind: Time Stamp Option (8)
Length: 10
Timestamp value: 145618164
Timestamp echo reply: 0
No-Operation (NOP)
Type: 1
0... .... = Copy on fragmentation: No
.00. .... = Class: Control (0)
...0 0001 = Number: No-Operation (NOP) (1)
Window scale: 7 (multiply by 128)
Kind: Window Scale (3)
Length: 3
Shift count: 7
[Multiplier: 128]
[SEQ/ACK analysis]
[TCP Analysis Flags]
[Expert Info (Note/Sequence): This frame is a (suspected) retransmission]
[This frame is a (suspected) retransmission]
[Severity level: Note]
[Group: Sequence]
[The RTO for this segment was: 3.005928000 seconds]
[RTO based on delta from frame: 378]
|
And now, I believe it's one of two things, or three. Either, the first, I go and read from Oskar and his book, and/or other teachers from netfilter.org or from wireshark.org or elsewhere to figure out what happened, and why I cannot open overlays.gentoo.org... which can take an unspecified amount of time...
Or, second, I go back to problems (completely unrelated to here) in my life that I postponed and have not been solved, in case I decide that I can not keep postponing them...
Or, third, I do something else, don't know what...
Namely, without much much work on my part, I cannot get what this tells me, why the page does not open for me... But the work may be too much, the understanding too costly with time to reach...
I realize something else though. Even after some 12 hours that I hadn't accessed internet, right upon my connecting first time this evening, I see the same address that I have: 93.138.2.170 again. How strange! I always used to get a dynamic address, and I don't know what to think of it. Haven't looked at no logs/captures/other of this connection, as I've been writing this partly online now.
======= cut off from this line to end if verifying hashes =======
File corresponding to this post: Gen_141203_overlays-g-o_empty_5.txt,
has Publictimestamp # 1249376
--
publictimestamp.org/ptb/PTB-22257 sha256 2014-12-03 18:01:45
3613E8A7542D29887C1A1D4FE003FB1A715DD1B169B89FE64ECE0D080F8508D9 |
|
| Back to top |
|
|
Chiitoo
Administrator
Joined: 28 Feb 2010
Posts: 2519
Location: Here and Away Again
|
| Posted: Thu Dec 04, 2014 1:36 am Post subject: ><)))°€ |
|
|
Pardon me if I'm not understanding the issue correct-like, but if this is about not being able to access http://overlays.gentoo.org/ or not being able to view the content of it, that's actually quite normal (as far as I can tell). Strange it would be if you were able to. ^^
| http://infra-status.gentoo.org/ wrote: | Maintenance and Outage Notices for Overlays
CVS and Overlays Migration Complete
The CVS and Git Overlays services have been successfully migrated to the new hosts.
Please note the following:
Gitweb as well as the http://overlays.gentoo.org/ and http://anon{cvs,git}.gentoo.org/ web sites are currently not available pending restructuring of our read-only access setup.
The SSH keys for the machine have changed:
DSA: 5f:c3:fe:9a:ac:a7:99:f4:d3:c1:93:4c:52:87:74:28
RSA: 24:3b:2d:3b:47:ca:7e:62:48:97:49:6a:f5:ad:66:88
ECDSA: aa:6a:e4:74:1d:73:d2:5a:9f:45:9f:18:55:81:c9:9a
ED25519: 1c:2e:99:7d:c7:f0:bc:3b:a9:fb:d0:3e:2c:2a:79:ba
Update (2014-09-19):
At this point there's still no ETA to resume the gitweb and http access. We're waiting on systems from a new sponsor to host these services. |
Apologies if this isn't what you're asking about.
I do hope this helps!
_________________
Kind regards,
Chiitoo.
Sore wa sore, kore wa kore. |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Fri Dec 05, 2014 9:30 pm Post subject: Re: ><)))°€ |
|
|
| Chiitoo wrote: | Pardon me if I'm not understanding the issue correct-like, but if this is about not being able to access http://overlays.gentoo.org/ or not being able to view the content of it, that's actually quite normal (as far as I can tell). Strange it would be if you were able to. ^^
| http://infra-status.gentoo.org/ wrote: | Maintenance and Outage Notices for Overlays
CVS and Overlays Migration Complete
The CVS and Git Overlays services have been successfully migrated to the new hosts.
Please note the following:
Gitweb as well as the http://overlays.gentoo.org/ and http://anon{cvs,git}.gentoo.org/ web sites are currently not available pending restructuring of our read-only access setup.
The SSH keys for the machine have changed:
DSA: 5f:c3:fe:9a:ac:a7:99:f4:d3:c1:93:4c:52:87:74:28
RSA: 24:3b:2d:3b:47:ca:7e:62:48:97:49:6a:f5:ad:66:88
ECDSA: aa:6a:e4:74:1d:73:d2:5a:9f:45:9f:18:55:81:c9:9a
ED25519: 1c:2e:99:7d:c7:f0:bc:3b:a9:fb:d0:3e:2c:2a:79:ba
Update (2014-09-19):
At this point there's still no ETA to resume the gitweb and http access. We're waiting on systems from a new sponsor to host these services. |
Apologies if this isn't what you're asking about.
I do hope this helps! |
Chiitoo,
your reply is much appreciated. Thank you.
So it's the https://infra-status.gentoo.org/ to look at when things don't work.
I'm really busy elsewhere unrelated, and also in poor heath, so just, thanks again! |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Fri Jan 16, 2015 3:33 am Post subject: |
|
|
| Chiitoo wrote: | ...
http://overlays.gentoo.org/
...
|
And there goes the same notice as already pasted by Chitoo.
It looks just like me not having moneys to fix pluming and having to wash my dishes in the bathroom...
And we are talking the best, by design, FOSS Linux in the world. In my opinion.
How I wish I could help!
Gentoo, pls. don't commercialize anyway! Keep free as in by free people and for free people! |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
| Posted: Fri Jan 16, 2015 10:07 pm Post subject: |
|
|
I'm in a grip of nostalgia since I wrote about Gentoo being the best FOSS Linux in the world. above.
I fist remembered my thought that I put in writing a few months ago (the topic
"Why is Gentoo not switching to systemd?"):
| https://forums.gentoo.org/viewtopic-t-998108-start-300.html#7624044 wrote: |
...
would be relatively easy for me to try and use Funtoo or some BSD variant (which I recommend to readers; Funtoo for Gnome users because it has a fully functional systemd-free Gnome --as Shamus397 reported in this topic--, and because Daniel Robbins, I think I'm missing him in Gentoo; would be great if there were talk of a merge and him having an active high role in all Gentoo things, but I don't know enough about him to tell for sure)...
|
And later
and there's more there, but I'd need to look up how those things have evolved in this meantime, and I don't, really don't have the time...
(
I'm in a make or break situation currently, either I learn to figure out what happens when I go online, and I mean learn much more in-depth then when I discovered censorship by my then-provider on me.
Do take a look:
Postfix smtp-tls-wrapper, Bkp/Cloning Mthd, A Zerk Provider
https://forums.gentoo.org/viewtopic-t-999436.html
where find stuff like:
| Code: | | 147-226.dsl.iskon.hr (n4m3.localdomain) 550-[89.164.147.226]:41972 is in an RBL, see 550 http://www.spamhaus.org/query/bl?ip=89.164.147.226" (in reply to RCPT TO command)) |
and around; censorship undeniable; took me months of familiarizing with network capturing tools, as I'm not so very bright, to rub that into their noses...
And read the latest development:
[ same title as above ]
https://forums.gentoo.org/viewtopic-t-999436.html#7682770
I also can't finish:
Recover partly overwritten luks volume?
https://forums.gentoo.org/viewtopic-t-1004014.html
because I first need to borrow for the 4TB HDD...
And so, having in mind my situation of poverty (which I am not ashamed of; I would be ashamed if I sold out, I'm not ashamed of the scarcity and debt which political persecution of the unjust regime has brought on me).
And so, having in mind my situation, I remembered how Pappy similarly had to abandon his fine contribution to Gentoo:
Pappy's Kernel Seeds Part V
https://forums.gentoo.org/viewtopic-t-942572.html
Exampli gratia:
and:
and:
But if you look it up today, it's not worked on, I don't think:
http://www.funtoo.org/index.php?title=Kernel_Seeds
http://wiki.kernel-seeds.org/Main_Page
http://kernel-seeds.org/
Likewise, Funtoo are not basking in lavish abundance either.
And Daniel Robbins started Gentoo... and then, long story short (not that I'm familiar with it, I read it in different places)... [and then] left and spent those few year with Microsoft, which of course could not have been right, but, were he one of those moral robbers of the world for real, he would have stayed with them... He is not!
But I repeat (as can be found in some of the links of my posts on that issue above), that I don't know...
I'm only gripped with gut feeling of nostalgia for what could have gone, and didn't go right in the past, and with hope that things would turn good for Gentoo and Funtoo.
And I keep dreaming that the principal architect of the Gentoo marvel would try and reach with the Seniors in Gentoo, and that they would accept him and ask for his contribution, and that Gentoo and Funtoo would at least become really good brothers and strong in the FOSS world, as they are best by design and by architecture, if not actually merge and unite.
Tell this, somebody, to the Seniors and to Daniel. I'm really swamped with work fighting for my freedom on the internet, as I you can read in the link I gave above, else I would write to him, and them. Can't. No time.
(And sure I would need to get informed much much better to bother both those parties, for which I would't have the time even if I managed to borrow a few extra weeks from God specifically for that purpose, such as if He made a miracle and stopped the time for me, gave me those weeks, and them brought me back into the time I left, theoretically speaking...) |
|
| Back to top |
|
|
miroR
l33t
Joined: 05 Mar 2008
Posts: 826
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
