Thanks, stemsee, your kind words are very much appreciated. The point is, I too agree with myself only in principle!stemsee wrote:First of all my agreement with Anikin is in principle only
Criticism of woof-CE and of the people involved in it.
- Iguleder
- Posts: 2026
- Joined: Tue 11 Aug 2009, 09:36
- Location: Israel, somewhere in the beautiful desert
- Contact:
At last. Thank you. Exactly the answer I wanted.anikin wrote:Most probably, pings are harmless.
No!anikin wrote:Do pinging logs have a potential to become a tracking issue?
Yes I do, sometimes.anikin wrote:You never know,
What servers? I haven't heard of any servers that log ICMP traffic. And even if duckduckgo.com keeps such logs, they contain nothing but your public IP address and the TTL.anikin wrote:but servers keep logs
What risk?! Most sites you visit keep logs containing you address (think Apache, nginx, ...) in addition to other information (the browser agent, the URL you visited and so on), so those pings are less "risky" than your very own, "normal" activity on the internet.why take risks then?
So, to sum it up: if I get you right, if these pings need to be disabled, the browser and the ability to install a browser should be disabled as well.
[url=http://dimakrasner.com/]My homepage[/url]
[url=https://github.com/dimkr]My GitHub profile[/url]
[url=https://github.com/dimkr]My GitHub profile[/url]
- Iguleder
- Posts: 2026
- Joined: Tue 11 Aug 2009, 09:36
- Location: Israel, somewhere in the beautiful desert
- Contact:
While I don't think there's any reason to disable those pings (as I said earlier, there's no privacy/security problem), I won't stand in your way if you:anikin wrote:How about my practical proposal above?
1) Fork woof-CE, implement this feature cleanly and send a pull request
2) Don't alter the default behavior - pings should be on by default so no functionality is lost
[url=http://dimakrasner.com/]My homepage[/url]
[url=https://github.com/dimkr]My GitHub profile[/url]
[url=https://github.com/dimkr]My GitHub profile[/url]
Short-answer: Legacy.stemsee wrote:But why are there so many 's/bin' directories and not just one of each? (linux in general actually)
Long-answer:
"bin" = directory for binaries (=executable files = programs)
"sbin" = directory system binaries
Now, in some systems, it is possible to boot the computer with a minimal set of utilities (=boot-time utilities); and then use them to connect to a network directory containing the rest of the system (very similar to Puppy's initrd which contains minimal set of tools, and the puppy basesfs that contains the full-sized tools). For these systems, /bin and /sbin are the directories that contain the boot-time utilities, and /usr/bin and /usr/sbin contain the complete utilities.
In large time sharing systems, you're not supposed to touch /bin /sbin (=or you risk bricking the system) and you can't modify /usr/bin /usr/sbin which comes from read-only network directory. If you need to add your own binaries (=self-compiled programs etc) you need to add it into a special place. This special place is /usr/local/bin & /usr/local/sbin --- it's called "local" because the change you do is "local" to that particular system (ie, not shared / exported across the networks).
/opt/xxx/bin is the location of binaries of "optional" application called "xxx".
/root/my-applications/bin is puppy's invention. It hailed from the day before puppy used unionfs/aufs, so only certain directories can be saved back to the savefile (the rest of the directories were read-only). /root is one of them, so custom / self-compiled programs need to go there; and /root/my-applications/bin sounds like a reasonable name.
Fatdog64 forum links: [url=http://murga-linux.com/puppy/viewtopic.php?t=117546]Latest version[/url] | [url=https://cutt.ly/ke8sn5H]Contributed packages[/url] | [url=https://cutt.ly/se8scrb]ISO builder[/url]
In the long term I think it would be handy to be able to use Puppies in the following modes:
1) Stealth mode:
- Wired network cable ignored
- Wifi interface ignored
- Puppy working offline
2) Local network mode:
- Wired network available
- Wifi network available
- Internet locked out
3) Internet mode
- All local and global networks and internet activity available.
If it were possible I would like to be able to switch between these modes from desktop/tray icons and/or from a config file that forced booting into the mode I choose as a default.
At the moment if I don't want to be exposed to the internet I simply leave the wired cable out and switch off my wifi (rfkill) switch. This works for me because I don't currently use the home network. I do everything as a standalone machine.
1) Stealth mode:
- Wired network cable ignored
- Wifi interface ignored
- Puppy working offline
2) Local network mode:
- Wired network available
- Wifi network available
- Internet locked out
3) Internet mode
- All local and global networks and internet activity available.
If it were possible I would like to be able to switch between these modes from desktop/tray icons and/or from a config file that forced booting into the mode I choose as a default.
At the moment if I don't want to be exposed to the internet I simply leave the wired cable out and switch off my wifi (rfkill) switch. This works for me because I don't currently use the home network. I do everything as a standalone machine.
greengeek, I do something like that with a few Pups and multiple save files, SFS, etc. for security and other purposes. I use Tahr as an every-day OS, and Vivid beta as a full-fledged working OS. For special purposes, Unicorn is small, fast, and versatile. As I always end up doing something I hadn't planned for and constant rebooting is a bit inconvenient, I frequently run two machines next to each other. (I have 4 monitors @ 8 P4s in a row.) If I start playing with pen drives, things get complicated, especially accessing shared files. I would like to consolidate things a bit with modules and modes, as you suggest. SFS on-the-fly is a solid step in this direction. However, I think it might be best to use something like Puli for real security concerns. If you truly want to be safe, it's smart to not risk any compromise for convenience.
Today only. Anger not. Worry not. Be grateful working karma. Be kind.
Puppy pinging the Internet, to test for connection, is a normal function of connecting to the Internet.
How else are you going to know it is working.
You ping a selected location and see if the ping info returns in full.
I would be worried about who is trying to ping your computer.
How do you think a hacker finds a computer on the Internet?
They send out a ping and see who answers.
Example:
http://www.technologyreview.com/news/51 ... -internet/
How else are you going to know it is working.
You ping a selected location and see if the ping info returns in full.
I would be worried about who is trying to ping your computer.
How do you think a hacker finds a computer on the Internet?
They send out a ping and see who answers.
Example:
http://www.technologyreview.com/news/51 ... -internet/
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
You may want to look at line 21 of the /usr/sbin/ipinfo in luci-511darry1966 wrote:Ok lets cut to the chase the older Pups namely in this case 5.11 Lucid never included this Icanzahip stuff in ipfinfo and worked without said feature as seen in this scrot. So the question is why is it needed in the new ones?????
Ipinfo is actually in all the puppies since 2009, always querying icanhazip for the external IP. However, all the old puppies (till a couple of years back) never offer the option to inactivate this step.
As jamesbond explained above, there is no way to get that info unless you actually connect (not ping) somewhere.
(BTW can you link to a smaller picture. Is really messing the page layout)
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==
- MochiMoppel
- Posts: 2084
- Joined: Wed 26 Jan 2011, 09:06
- Location: Japan
Hmmm..I doubt that for setting up an internet connection it is a normal, let alone necessary procedure. I even doubt that Puppy is using it for this purpose, but I can be wrong.bigpup wrote:Puppy pinging the Internet, to test for connection, is a normal function of connecting to the Internet.
Just fire up your browser, download manager or whatever tool you intend to use and try. If the internet is down, they will tell you with a meaningful error message - if they are properly designed. I see this pinging business not much as a security risk but rather as a useless waste of electrons. If you need to know if your internet is running then pinging can get get you this information, but only for the exact moment you ping. Can change any moment and when you then send a request to a site you *really* want to connect to, then this ping information is as old as yesterday's paper.How else are you going to know it is working.
As far as I can see nobody claimed that this is needed. But so is most of the information on the "Interfaces" tab. It's only an info dialog. I personally couldn't care less about my external IP address.darry1966 wrote:Lucid never included this Icanzahip stuff in ipfinfo and worked without said feature as seen in this scrot. So the question is why is it needed in the new ones?????
I wouldn't argue what's normal and not about what's involved in setting up an internet connection. That's very subjective. However, bigpup talk about "to test for connection" being part of it. Sure, you can set up a connection without testing whether that connection actually works. But that's not the Puppy way. Now you may have missed that I said about what is involved in "testing for connections" - please see here (page 2 of this thread). Happy to hear your feedback if you think that's not right.MochiMoppel wrote:Hmmm..I doubt that for setting up an internet connection it is a normal, let alone necessary procedure.bigpup wrote:Puppy pinging the Internet, to test for connection, is a normal function of connecting to the Internet.
So what do you think Puppy is doing it for?MochiMoppel wrote:I even doubt that Puppy is using it for this purpose, but I can be wrong.
You're not really suggesting that we fire chrome before launching PPM just to test the connection, are you? From my other post here, I saidMochiMoppel wrote:Just fire up your browser, download manager or whatever tool you intend to use and try. If the internet is down, they will tell you with a meaningful error message - if they are properly designed.
To add to that, I recall vaguely (but not sure myself) that the pinging was originally added exactly because of that: because directly doing the operation when the network was on certain invalid state caused exactly the problematic delays I said above.jamesbond wrote:And sometimes, just by doing the job directly (e.g. in PPM, instead of pinging ibiblio.org; just do wget ibiblio.org if what you want to do is just to grab its contents) can result in an annoying user experience where the operation will eventually fail but it takes a very long time to do so. By pinging, we can (sort of) test the network connection and if it is not sufficiently good enough, we can fail fast and tell the user about that.
I can even give you a direct example, which I reported in slacko64 thread: if you fire slacko64 in qemu, the "firstrun" dialogbox will not show up (I waited for 10 mins). Why? because it was trying to do wget to ibiblio.org (perhaps to test for updates?); and that wget was hanging thanks to qemu's weired networking. I can only get the firstrun dialog if I open a terminal and "killall wget". You may claim that qemu is not a real hardware - that's beside the point. The point is, there are certain network states that can cause problems to hang indefinitely or a very long time, before finally failing and giving up. Of course, pinging is *not* the only way to handle this; but this is what Woof-CE has for the moment. If you have a better way, as mavrothal always say, "patches are welcome".
How true. Past performance is not an indicator of future performance. Just because your still have a heart beat a second ago does not mean in the next second you will still have it. Yet many people buy stock based on their past performances. And most likely you're still alive to read this post too. So yes, just because you've successfully ping a server a second ago doesn't mean that the internet is still up a second later. But *chances are*, it is.MochiMoppel wrote:If you need to know if your internet is running then pinging can get get you this information, but only for the exact moment you ping. Can change any moment and when you then send a request to a site you *really* want to connect to, then this ping information is as old as yesterday's paper.
One man's delicacy is someone else's poison. So choose your poison carefullyMochiMoppel wrote:As far as I can see nobody claimed that this is needed. But so is most of the information on the "Interfaces" tab. It's only an info dialog. I personally couldn't care less about my external IP address.
E.g. those people who like to the peer-to-peer VOIP calls while behind NAT router, they need the external IP address information. And I know a few of regular puppy users who do exactly this. Just because it's not useful for you doesn't mean it's not useful for others.
Fatdog64 forum links: [url=http://murga-linux.com/puppy/viewtopic.php?t=117546]Latest version[/url] | [url=https://cutt.ly/ke8sn5H]Contributed packages[/url] | [url=https://cutt.ly/se8scrb]ISO builder[/url]
Yes the wget thing to ibiblio was my idea.. perhaps not so clever... (self critique ) but in saying that we do need a reliable method to test connection.jamesbond wrote:I can even give you a direct example, which I reported in slacko64 thread: if you fire slacko64 in qemu, the "firstrun" dialogbox will not show up (I waited for 10 mins). Why? because it was trying to do wget to ibiblio.org (perhaps to test for updates?); and that wget was hanging thanks to qemu's weired networking. I can only get the firstrun dialog if I open a terminal and "killall wget".
You see, the new firewall is aggressive, perhaps too aggressive and perhaps needs revisiting, but to cut a long story short, it was apparently not working for browsing if you set it with default settings before connection is up, so a connection test was needed such that the button to set the firewall could be greyed out.
Perhaps what is really needed is a standard script that can test a)router connectivity, then b)internet connectivity then c)DNS resolution, which should cover all the bases.
For a) maybe simple parsing of output from 'busybox route' will do. Remember, some machines might be part of a network that does not have internet connectivity. For b) and c) probably ping is the best, especially if we consider that some may be on dialup or have very slow connections due to other reasons. If a ping response isn't returned in less than 5 seconds then we error.
Ah.. but whom do we ping? Ibiblio (and mirrors) isn't always up. Most reliable ones I can think of are one of the 13 root hint servers (duck and google it) but as has been pointed out to me that these are run or at least sponsored by corporate interests.
Maybe a traceroute with a limit of 4 hops is enough as it should return something from your ISP and with some really clever regex maybe we can grok that out!
Any suggestion is welcome but seriously, if anyone suggest we don't do tests then we are heading backwards as far as being 'man's best friend' is concerned.
Puppy Linux Blog - contact me for access
Hmm .. have not read the whole thread ..
ABOUT PING :
Slacko-5.3.X had weird code in /usr/sbin/delayedrun .
That was the worst case of nested if I have ever seen in Puppy : some 1-2 dozen if just to ping google.com to tell the F****** childish USER some bullshit ..!
Barry Kauler does not use functions much, but even if code is called only once ,
functions allow to escape code easily without huge mountains of if's .
Sometimes I doubt, he even was a professor, and if he was, then I understand he retired,
because learning from him is to learn by mistakes !
WOOFWOOF !
ABOUT PING :
Slacko-5.3.X had weird code in /usr/sbin/delayedrun .
That was the worst case of nested if I have ever seen in Puppy : some 1-2 dozen if just to ping google.com to tell the F****** childish USER some bullshit ..!
Barry Kauler does not use functions much, but even if code is called only once ,
functions allow to escape code easily without huge mountains of if's .
Sometimes I doubt, he even was a professor, and if he was, then I understand he retired,
because learning from him is to learn by mistakes !
WOOFWOOF !
«Give me GUI or Death» -- I give you [[Xx]term[inal]] [[Cc]on[s][ole]] .
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal :P
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal :P
Hmmm .. /etc/resolv.conf is needed by firefox !01micko wrote: Yes the wget thing to ibiblio was my idea.. perhaps not so clever... (self critique ) but in saying that we do need a reliable method to test connection.
Code: Select all
test -s /etc/resolv.conf
grep '[[:alnum:]]' /etc/resolv.conf
Code: Select all
ifconfig | grep -E 'wlan|eth|ppp'
Code: Select all
ping murga-linux.com || ping github.com
«Give me GUI or Death» -- I give you [[Xx]term[inal]] [[Cc]on[s][ole]] .
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal :P
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal :P
PostPosted: Today, at 00:27 Post subject: Reply with quote
darry1966 wrote:
Ok lets cut to the chase the older Pups namely in this case 5.11 Lucid never included this Icanzahip stuff in ipfinfo and worked without said feature as seen in this scrot. So the question is why is it needed in the new ones?????
You may want to look at line 21 of the /usr/sbin/ipinfo in luci-511 Wink
Ipinfo is actually in all the puppies since 2009, always querying icanhazip for the external IP. However, all the old puppies (till a couple of years back) never offer the option to inactivate this step.
As jamesbond explained above, there is no way to get that info unless you actually connect (not ping) somewhere.
Thank you Mathrothal and MochiMoppel for the clarifications. I shall look at line 21.
darry1966 wrote:
Ok lets cut to the chase the older Pups namely in this case 5.11 Lucid never included this Icanzahip stuff in ipfinfo and worked without said feature as seen in this scrot. So the question is why is it needed in the new ones?????
You may want to look at line 21 of the /usr/sbin/ipinfo in luci-511 Wink
Ipinfo is actually in all the puppies since 2009, always querying icanhazip for the external IP. However, all the old puppies (till a couple of years back) never offer the option to inactivate this step.
As jamesbond explained above, there is no way to get that info unless you actually connect (not ping) somewhere.
Thank you Mathrothal and MochiMoppel for the clarifications. I shall look at line 21.