XYMer's Home away from Home

When http://bbs.xlr8yourmac.com is down (i.e. always)
It is currently Tue Sep 26, 2017 12:01 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 116 posts ]  Go to page Previous  1, 2, 3, 4, 5
Author Message
PostPosted: Thu Apr 13, 2017 12:17 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9444
Location: Caught between the moon and NYC
The nerve of that guy!

Some people think the new Mrs. Shibby might not be too keen on his "hobby." :lol:

I just switched to one of the latest Toastman builds tonight. Went a little bumpier than expected. But the quirks I was having before (router going into a weird limbo state for 3-5 minutes after changing settings) seem to have been nixed.

I'll have to try it out on an N12D1. Or, at least, what should be a compatible build... the no USB ports on the N12, so I shouldn't use the exact same file...

Or, at least I will after I get some sleep. Wasn't expecting it to take this long... (yawn)


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 12:51 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 14579
You're up late again!


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 4:45 am 
Online

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 5914
Location: NYC
Quote:
But the quirks I was having before (router going into a weird limbo state for 3-5 minutes after changing settings) seem to have been nixed.

Yeah, noticed that on this new N12. Not after any change, but often enough will get "the page was reloaded...," and have to wait until I don't know what to get back in. If installing the latest Toastman is "bumpier than expected" for you who know your way around this stuff, I'll probably pass. I can live with the zombie state when it happens, since it always comes back from zombie to alive...eventually.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 2:27 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9444
Location: Caught between the moon and NYC
I got the same zombie state with the new Toastman firmware but that went away after I did a long nvram erase and set it up from scratch. I think the new firmware versions don't cooperate with the default nvram values.

Toastman's been merging his code base with Shibby for a while now, so there's fewer duplicated nvram values created, which is why i stopped upgrading for a while. Then I switched to an AC build of Shibby since it supports the N66 with a different wireless driver, but there are quirks and eventually the quirks drove me back to the N builds which had the zombie problem, so then I looked into Toastman and this long circuitous tale is at an end.

I tried upgrading without using recovery mode and cabling directly into port 1 on the router which was half my trouble. Once I gave in and did it the "right" way everything worked pretty much as expected. I tried to cheat by cabling the switch my system was connected to into port 1.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 4:39 pm 
Online

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 5914
Location: NYC
How are things dnscrypt-proxy in that firmware?


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 4:42 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9444
Location: Caught between the moon and NYC
I'll have to take a closer look tonight. My only real impression was there were more dnscrypt providers in the dropdown list. Once I got it working I went to bed.


Top
 Profile  
 
PostPosted: Wed Apr 19, 2017 7:19 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9444
Location: Caught between the moon and NYC
Just noticed DNSCrypt is 1.6.1 in the version I'm running.

Unfortunately the website still does the zombie thing occasionally, goes away for about 3-5 minutes and then comes back after saving some settings.

Hmm. Wonder if it's dnscrypt related. Might just be the new multiwan stuff, there's a ton of stuff logged during the zombie period about deleting vlan interfaces, restarting dnsmasq, restarting most of Tomato...

I decided to give adguard a try. I liked opendns's malware filtering. The familyguard stuff is for porn, don't care about that, just want malware blocked, which is what adguard-dns does.


Top
 Profile  
 
PostPosted: Wed Apr 19, 2017 10:27 am 
Online

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 5914
Location: NYC
MonkeyBoy wrote:
Just noticed DNSCrypt is 1.6.1 in the version I'm running.

Unfortunately the website still does the zombie thing occasionally, goes away for about 3-5 minutes and then comes back after saving some settings.

Hmm. Wonder if it's dnscrypt related. Might just be the new multiwan stuff, there's a ton of stuff logged during the zombie period about deleting vlan interfaces, restarting dnsmasq, restarting most of Tomato...

I decided to give adguard a try. I liked opendns's malware filtering. The familyguard stuff is for porn, don't care about that, just want malware blocked, which is what adguard-dns does.

When it does its zombie thing, I can usually get back in by putting the URL in another tab.
Looking into adguard at https://adguard.com/en/adguard-dns/overview.html. Wonder if they're also non-logging and dnssec resolving? Is that a direct dnscrypt option in the Toastman build?

Adguard servers appear to be located near Moscow. Wonder about that? EDIT:"DNS servers are located in NJ, SF and Moscow, so for some locations ping may be huge." https://www.wilderssecurity.com/threads ... ta.387403/

I'm now at dnscrypt.eu-dk, after both the French and Dutch ones became quite flaky. Don't know how long this one will stay good.

A new issue: in order to keep the vz.net mail address, Verizon is forcing all its email customers to use the servers at AOL (thank god for mergers and acquisitions--not ready to send out five zillion emails notifying everyone on the planet of a change to a new email address, so keeping the current one.) After a full day of quite a lot of hassle, everything is now working quite well for Mac Mail at all three clients--hope it lasts.

But AOL webmail is really hideous, crammed full of click bait, spam and other idiotic, very pushy crap. Found a way to remove all that crap from a setting at the main mail page, so at least that's taken care of. Don't need to login to AOL webmail very often, but what I still can't find a way of doing is to block two quite obnoxious https/JavaScript redirects after logging out at the main mail site. Neither Refresh Blocker (only deals with meta refresh), nor Redirect Remover (the one I got a personal "license" for from AMO after the developer abandoned it) seem to be able to do anything at all.

Would iptables at the router, or anything else that you can think of, be able to nuke the following? These are the URLs of the two pages that get loaded one after the other. Probably pointless trying to get an IP for aol.com. Must be thousands.

https://membernotifications.aol.com/not ... xxxxxxxxxx (crap advertising which I can block with Adblock Plus, but not the page itself.)

https://www.aol.com/?xxxxxxxxxxxxxxxxxxxxxxxxx ("news" and main site)

Could try blocking the second one, AOL.com/, but don't know if I'd still be able to login at the webmail site, https://my.screenname.aol.com/xxxxxxxxxxxxxxxxxxxxxx if I did that.

And maybe if I could at least block the first one, it would stop the second.

xxxxxxxxxxxxx entered for long strings, since I don't know how much any of that is personally identifiable--probably none.

EDIT: for what it's worth, from an nslookup:

Non-authoritative answer:
Name: aol.com
Address: 149.174.110.105
Name: aol.com
Address: 149.174.107.100
Name: aol.com
Address: 64.12.249.135
Name: aol.com
Address: 207.200.74.55
Name: aol.com
Address: 149.174.149.73


Top
 Profile  
 
PostPosted: Wed Apr 19, 2017 11:27 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9444
Location: Caught between the moon and NYC
I don't know of any way a DNS solution would be able to block them. If it was a host that was only used for one particular thing it could block that host but I imagine http://www.aol.com is going to be used for more than just crap content. I really like ublock's ability to create custom filters just by right-clicking on the item you don't like. I haven't quite mastered its syntax but it's really good at ripping out ads and frames from websites. Right click on ad, block it, if a block of space remains where the ad was, right click on that and you'll usually find the frame (or its web 2.0 equivalent) it was in and block that and thennnnnnn it usually rearranges the page to compensate for the extra space. There are add-ons for adblock that do similar things but ublock is pretty lean despite having that integrated seems like a big plus.


Last edited by MonkeyBoy on Wed Apr 19, 2017 11:28 am, edited 1 time in total.

Top
 Profile  
 
PostPosted: Wed Apr 19, 2017 11:28 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 14579
Maybe Little Snitch to block 149.174.98.126 [memnotes.egslb.aol.com]?


Top
 Profile  
 
PostPosted: Wed Apr 19, 2017 11:31 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9444
Location: Caught between the moon and NYC
I'm noticing some annoying slowdowns with adguard, in particular some CDNs are slow as molasses. For the most part it's about 99% as fast as it used to be, but those CDNs are everywhere now.

I imagine that if you were in Australia and using adguard you'd be stuck back in the situation Australia was before OpenDNS built a server farm in their region. In the US using the east or west coast isn't too bad. Having everything you're visiting on the other end of either a satellite hop or a transpacific cable is bad.


Top
 Profile  
 
PostPosted: Wed Apr 19, 2017 12:24 pm 
Online

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 5914
Location: NYC
Thinking now that probably the best is to simply close that first tab/redirect as soon as it loads--end of any further redirects. I have the annoying ad that appears there blocked, so at least only seeing an empty page when it loads.

My first ever experience with AOL (in fact, hadn't heard or thought about them in twenty years), and had no idea they were so loaded up with so much intrusive, pushy bullshit/spam. They actually have the total chutzpah to tell you that for $4.99/mo, they won't inflict the pleasure of any ads. (Actually, NoScript + Adblock Plus gets rid of a good deal of that, but nowhere enough.) Would never give them a vomit covered penny, especially when there's a very simple checkbox, in settings, to stop their "AOL Today" crap (where all that spam and junk resides) from loading. Can go directly to the mail page now and not have to see any of that garbage--end of story. No idea why anyone would voluntarily have anything to do with them.


Top
 Profile  
 
PostPosted: Wed Apr 19, 2017 12:59 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9444
Location: Caught between the moon and NYC
Heh. If Verizon buys Yahoo they plan to merge AOL & Yahoo into one company. I think this is a great idea, since now you have only one entity to have no contact with whatsoever instead of two. Figure out what IP blocks are assigned to the merged company and reject them all. :coffee:


Top
 Profile  
 
PostPosted: Sun May 14, 2017 3:12 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9444
Location: Caught between the moon and NYC
I've figured out that MultiWAN builds are slow to respond after some configuration changes. In addition to this dnscrypt introduces its own delays. Combine the two and sometimes you have to wait 4+ minutes before it finally reloads httpd and the website will respond to requests again. If you have an ssh or telnet connection open it will remain open and you can monitor the logs to see how things are progressing but... it gets crazy slow.


Top
 Profile  
 
PostPosted: Sun May 14, 2017 4:44 am 
Online

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 5914
Location: NYC
Don't know for sure, but can always get right back in from another tab. But could be we're not talking about the same thing. For me, it's zombified when I get "Server not found," after making certain changes. Is my 1.28.0000 MIPSR2-132 K26 Max MultiWan?

Btw, after going through the French and Dutch servers, which became flaky, I've been getting fairly reliable latency, at around 97 ms, using dnscrypt.eu-dk 77.66.84.233. Been staying solid for the past few weeks, since I switched.


Top
 Profile  
 
PostPosted: Mon May 15, 2017 9:59 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9444
Location: Caught between the moon and NYC
I think dnscrypt introduces longer delays in the newer versions. However MultiWAN is a much longer delay. When it's "zombiefied" you'll be able to reach external sites that are already in your local DNS cache but not anything that requires DNS, since DNS takes a while to become functional in multiwan and httpd doesn't launch until after dns and other host-related services become available.

I'm back on 132. I turned off dnscrypt when I had trouble with newer versions and never got around to playing with it again.

Shibby came back from his honeymoon/vacation, he's working on 140 since someone else released their own 139 while he was away (some guys are crazy impatient).


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 116 posts ]  Go to page Previous  1, 2, 3, 4, 5

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group