<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body style="overflow-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;">Thank you Dirk, I have changed my overnight cron job that searches for updates to run now. All looking good.<div><br></div><div><p style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: normal; font-family: Menlo;"><span style="font-variant-ligatures: no-common-ligatures">DXSpider v1.57 (build 482 git: mojo/33e829e2[r]) using perl v5.28.1 on Linux</span></p><div><br></div><div>For those interested, I can confirm that Net::CIDR::Lite appears to already be installed on Raspbian Bullseye lite. I ran apt install libnet-cidr-lite-perl and it told me it’s already there.</div><div><br></div><div>73 Keith</div><div><br></div><div><br><div><br><blockquote type="cite"><div>On 20 Jan 2023, at 14:41, Dirk Koopman via Dxspider-support <dxspider-support@tobit.co.uk> wrote:</div><br class="Apple-interchange-newline"><div>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div>
<font size="4">There is a new release on the mojo branch. <br>
<br>
The main changes that will be of interest are:<br>
<br>
1. There is now a complete implementation of stopping logins from
TOR nodes and some other bad IP addresses. I maintain the
badip.torexit, badip.torrelay and badip.global files. If you
follow the instructions below for your local crontab, you will
keep a current set of 'bad ip addresses'. You can also add your
own local bad ip addresses with the set/badip command. But if you
think this IP address is a problem, tell the support mailing list
and I will add it to the 'global' list, which will be distributed
around those nodes that download the master lists. <br>
<br>
</font><font size="4"><font size="4">You will need to install
Net::CIDR::Lite to utilise the badip stuff.</font><br>
<br>
2. There is a mechanism for aliasing localhost on client
connections and/or other rfc1918 addresses for more complex node
arrangements such as web clusters etc. The default arrangement a
simple node with one external ip address will "just work"
automatically, once it has either connect to another node, or an
external user connects.<br>
<br>
This means that sshing into a node, running a console and doing a
few dx commands will result in the external address appearing in
the routing tables locally and externally automatically. If you
have a more complex networking arrangement, please get in touch on
here (or privately) for advice. <br>
<br>
3. There is a mechanism that uses information from incoming PC92 A
records as well as PC61 spots to "upgrade" PC11 spots into PC61s.
There is command 'show/spotstats' (or 'sh/spot' for short) that
displays some statistics as to how this is all going where you are
in the network. Don't be disheartened if you only see a small
percentage of upgrades. It depends very much on how many and which
nodes that only send PC11 spots you are connected to. I happen to
get upwards of 6% on my test machine, but that means there will be
that many fewer for some other node to do.<br>
<br>
I expect that there will be questions....<br>
<br>
73 Dirk G1TLH<br>
<br>
Here is the Changes file:<br>
<br>
<font face="monospace">20Jan23=======================================================================<br>
1. Add the variable @main::localhost_names to allow other IP
addresses to<br>
be treated in the same way as localhost in item 1 on 19Jan23
below. NOTE<br>
you must include ALL the normal localhost names + any other
interface<br>
names that you might want to include:<br>
<br>
set/var @main::localhost_names qw(127.0.0.1 ::1
192.168.1.30)<br>
<br>
using the qw() construction is easier than:<br>
<br>
set/var @main::localhost_names ('127.0.0.1', '::1',
'192.168.1.30')<br>
<br>
but either will work. You can define as many IP addresses as
you like and<br>
they can be IPV4 or 6. <br>
<br>
You do NOT need to fiddle with this unless you specifically
have more<br>
than just the normal definitions of localhost. So for
'normal' nodes with<br>
one external interface, you DO NOT NEED TO DO ANY OF THIS. <br>
2. Added CTY-3304 prefix data<br>
19Jan23=======================================================================<br>
1. Introduce aliasing for localhost in DX Spots and outgoing
PC92 A records<br>
on login. There are two variables which can be set with the
alias to use:<br>
$main::localhost_alias_ipv4<br>
$main::localhost_alias_ipv6 <br>
These can be set in the /spider/scripts/startup, but this is
only <br>
necessary if the node has more than one interface, or virtual
hosts. If <br>
there is ONLY ONE ipv4 and/or ipv6 IP address on the node
machine then <br>
these variables will be automatically populated on first use.
But the SAFE<br>
thing to do is to set them in the startup file. <br>
<br>
THIS FEATURE IS EXPERIMENTAL... <br>
18Jan23=======================================================================<br>
1. Make sure than *every* channel has an IP address. Thank you
(I think) Kin <br>
for pointing out that PC92 A records were not going out with
IP addresses.<br>
I'm guessing that other things (like spots) had a similar
problem. <br>
15Jan23=======================================================================<br>
1. Fix strange errors for carp on missing route_*_cache files on
startup.<br>
14Jan23=======================================================================<br>
1. Fixed route PC11 promotions so that a new PC61 is actually
generated and <br>
also sent instead of the original PC11 (to PC61 capable
nodes).<br>
13Jan23=======================================================================<br>
1. Periodically store Routing tables and, if they are young
enough (def: 3hrs)<br>
autotically restore them on restart of the node. This will
short circuit<br>
the need to rebuild the routing tables from scratch on every
restart - <br>
which is normally for something like software update. <br>
2. Fix pc11 debugging stats with the correct figures. Sigh...
Also move some<br>
of the totals to a different place.<br>
3. Add show/spotstats command which gives the current spot
statistics shown<br>
during pc11 debugging (which means you don't need to set/deb
pc11 unless<br>
you really want that extra noise).<br>
12Jan23=======================================================================<br>
1. Regularise 'set/debug pc11' output to track all the routes
through PC11 and<br>
PC61 processing and statistics.<br>
11Jan23=======================================================================<br>
1. Improve (?) the PC11 -> PC61 upgrading process that delays
incoming PC11s<br>
for a very short time in the hope that a PC61 will come in to
be used <br>
instead. It will also upgrade a PC11 if we have an uptodate
IP address <br>
that has come in from the routing system PC92s. do a
'set/debug pc11' to <br>
see it in action. <br>
2. I have chosen a definitive list of TOR exits and relays which
can be <br>
downloaded from
<a class="moz-txt-link-freetext" href="http://www.dxspider.net/download/badip.torexit">http://www.dxspider.net/download/badip.torexit</a>,<br>
<a class="moz-txt-link-freetext" href="http://www.dxspider.net/download/badip.torrelay">http://www.dxspider.net/download/badip.torrelay</a> and finally,
for those IP<br>
addresses that are deemed to be 'bad':<br>
<a class="moz-txt-link-freetext" href="http://www.dxspider.net/download/badip.global">http://www.dxspider.net/download/badip.global</a>. I have added
the following <br>
lines to my /spider/local_cmd/crontab:<br>
<br>
24 * * * * spawn('cd /spider/local_data; wget -qN
<a class="moz-txt-link-freetext" href="http://www.dxspider.net/download/badip.torexit">http://www.dxspider.net/download/badip.torexit</a>')<br>
24 * * * * spawn('cd /spider/local_data; wget -qN
<a class="moz-txt-link-freetext" href="http://www.dxspider.net/download/badip.torrelay">http://www.dxspider.net/download/badip.torrelay</a>')<br>
24 * * * * spawn('cd /spider/local_data; wget -qN
<a class="moz-txt-link-freetext" href="http://www.dxspider.net/download/badip.global">http://www.dxspider.net/download/badip.global</a>')<br>
25 * * * * run_cmd('load/badip')<br>
<br>
The tor files are downloaded from
<a class="moz-txt-link-freetext" href="https://lists.fissionrelays.net/tor/">https://lists.fissionrelays.net/tor/</a> at <br>
15 minutes past every hour, please would you use some other
minute than<br>
23 or 24 to get your own local copies. <br>
<br>
A 'set/debug badip' will show you what is being blocked. <br>
3. Fix set/badip so that it appends new IP addresses correctly.<br>
10Jan23=======================================================================<br>
1. Add baddx on incoming callsign in RBN.<br>
2. Search for all /spider/local_data/badip.* files to allow more
control on<br>
which IP addresses are detected. e.g. badip.torexit,
badip.torrelay as well<br>
as baddx.local. The suffixes, apart from .local (created by
set/badip) are<br>
completely arbitrary. You can use whichever suffix name you
like. This is<br>
a more useful arrangement for the ever increasing sources of
"bad ip<br>
addresses" that we need to deter. <br>
<br>
NOTE: all badip.<suffix> are read only EXCEPT
badip.local (which can be<br>
altered in real time by the sysop using set/badip <ip
address> ...). <br>
If one uses periodic crontab jobs to update any other
badip.<suffix><br>
files from web resources then don't forget to 'load/badip'
afterwards. <br>
3. Add a /spider/data/baddx.issue file which can be copied to
(or used as a <br>
basis to create) /spider/local_data/baddx<br>
09Jan23=======================================================================<br>
1. Finish implemention of DXCIDR ip address filtering. This
works on both <br>
logins (treated the same as locked out - i.e. just
disconnected) and also<br>
with PC61s where these sentences are just dropped. Also
attempt to prevent<br>
any *following* PC11s with the same data getting through. <br>
<br>
YOU WILL NEED either 'cpanm Net::CIDR::Lite' or debian/ubuntu
based distros <br>
'apt install libnet-cidr-lite-perl'. RedHat based systems
will have similar<br>
packages available.<br>
<br>
2. Recognise PC18s coming from CC Clusters more nicely.<br>
04Jan23=======================================================================<br>
1. Fillout DXCIDR, attach checks in PC61 and logins. Login that
fail will <br>
simply disconnect, like locked out callsigns<br>
2. Fix qrz.com URL in stock Internet.pm.<br>
3. Fix DXHash issues (baddx, badnode, badspotter etc)<br>
</font><br>
<br>
</font>
</div>
_______________________________________________<br>Dxspider-support mailing list<br>Dxspider-support@tobit.co.uk<br>https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support<br></div></blockquote></div><br></div></div></body></html>