I've always provided that data on the basis that it costs very little effort, so why not? Never attempted to track how much it's used though. Web clients would definitely benefit the most.
SouLhas left
pintoseskhas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
Ivan A.has left
kikuchiyohas left
kikuchiyohas joined
Melhas left
Melhas joined
Marandahas left
argon3771has left
argon3771has joined
jayteeukhas left
jayteeukhas joined
ajeremiashas left
jayteeukhas left
jayteeukhas joined
im0209has joined
Bakuninhas joined
Bakuninhas left
im0209has left
reedhhwhas left
derventiohas left
abidal3has left
alex-a-sotohas left
alex-a-sotohas joined
Licaon_Kterhas left
argon3771has left
stvnhas left
argon3771has joined
henrikhas left
stvnhas joined
NosoyHacker404has left
argon3771has left
argon3771has joined
NosoyHacker404has joined
henrikhas joined
argon3771has left
argon3771has joined
alex-a-sotohas left
thndrbvrhas joined
alex-a-sotohas joined
Ivan A.has joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
Bakuninhas joined
Bakuninhas left
derventiohas joined
henrikhas left
mjkhas left
alex-a-sotohas left
alex-a-sotohas joined
mjkhas joined
henrikhas joined
Douglas Terabytehas left
Douglas Terabytehas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
SouLhas joined
nickomemohas joined
NosoyHacker404has left
NosoyHacker404has joined
Melhas left
lorddavidiiihas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
Huxxhas joined
Melhas joined
stvnhas left
derventiohas left
stvnhas joined
Licaon_Kterhas joined
jayteeukhas left
jayteeukhas joined
Beherithas left
Beherithas joined
jayteeukhas left
jayteeukhas joined
pintoseskhas left
argon3771has left
argon3771has joined
wladmishas joined
argon3771has left
argon3771has joined
SouLhas left
antranigvhas left
podhas joined
ibikkhas joined
solhas left
solhas joined
hobiya4088has joined
froghas joined
tomhas left
tomhas joined
wladmishas left
wladmishas joined
vu764hd68fxthas joined
dropshas left
SouLhas joined
nickomemohas left
lorddavidiiihas left
undefinedhas left
Martinhas left
froghas left
Jonnyhas joined
Martinhas joined
undefinedhas joined
Alex (elaon.de)has left
lorddavidiiihas joined
Marandahas joined
mjkhas left
Melhas left
thndrbvrhas left
mjkhas joined
neoxhas joined
mehdihas joined
lorddavidiiihas left
bastoonhas joined
mjkhas left
Bakuninhas joined
Bakuninhas left
mjkhas joined
lorddavidiiihas joined
Melhas joined
Lilyhas left
Lilyhas joined
hobiya4088has left
derventiohas joined
argon3771has left
argon3771has joined
derventiohas left
ajeremiashas joined
ezra-koschitzkyhas left
thndrbvrhas joined
SouLhas left
Marandahas left
Marandahas joined
SouLhas joined
alienhas left
perflysthas joined
alienhas joined
perflysthas left
perflysthas joined
argon3771has left
argon3771has joined
antranigvhas joined
mehdihas left
ajeremiashas left
abidal3has joined
mehdihas joined
Arne
I See. I will try it later. Thanks!
SouLhas left
argon3771has left
argon3771has joined
perflysthas left
thndrbvrhas left
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
stvnhas left
stvnhas joined
Melhas left
Melhas joined
SouLhas joined
lorddavidiiihas left
stvnhas left
stvnhas joined
Arnehas left
bastoon
0156 is only declarative. Same "security" level than adding SRV.
Thought, you should use "standard" endpoint naming (/http-bind, /xmpp-websocket). So, that would make no impact at all.✎
SouLhas left
lorddavidiiihas joined
stvnhas left
stvnhas joined
Arnehas joined
abidal3has left
mehdihas left
mehdihas joined
stvnhas left
stvnhas joined
mehdihas left
froghas joined
hobiya4088has joined
loopboomhas joined
mehdihas joined
lorddavidiiihas left
abidal3has joined
ajeremiashas joined
argon3771has left
argon3771has joined
mehdihas left
abidal3has left
lorddavidiiihas joined
andrey.utkinhas joined
mehdihas joined
hobiya4088has left
Link Mauve
bastoon, any reason for that? I’ve been using a bosh and a ws subdomains with pretty much no issue.
madmalkavhas joined
froghas left
nickomemohas joined
ajeremiashas left
bastoon
Link Mauve: It actually depends on your use cases but few clients don't support XEP-0156 and only propose default URIs to ignorent users. ✏
Bjarkanhas joined
jayteeukhas left
jayteeukhas joined
Viktor Lindberghas left
mehdihas left
Viktor Lindberghas joined
jayteeukhas left
jayteeukhas joined
bastoon
(precious message, I used "message correction" instead of "new message", but I believe it is seen as a new message anyway on this MUC)
mathieui
I saw it as a correction.
bastoon
oh so, I just erased and mixed up messages, sorry for that!
dinosaurdynastyhas left
loopboomhas left
mehdihas joined
dinosaurdynastyhas joined
arnehas joined
Link Mauve
bastoon, better fix these clients. :)
MattJ
+1
bastoon
Yes but I offer users the choice to use whatever client they want
arnehas left
arnehas joined
arnehas left
stvnhas left
ajeremiashas joined
Alex (elaon.de)has joined
stvnhas joined
mehdihas left
jayteeukhas left
jayteeukhas joined
mehdihas joined
jayteeukhas left
jayteeukhas joined
argon3771has left
argon3771has joined
undefinedhas left
undefinedhas joined
froghas joined
mehdihas left
mehdihas joined
Viktor Lindberghas left
rom1dephas joined
ajeremiashas left
mehdihas left
Viktor Lindberghas joined
mehdihas joined
j.r (jugendhacker.de)has left
j.r (jugendhacker.de)has joined
jayteeukhas left
jayteeukhas joined
stvnhas left
mjkhas left
jayteeukhas left
jayteeukhas joined
Viktor Lindberghas left
Viktor Lindberghas joined
mjkhas joined
j.r (jugendhacker.de)has left
j.r (jugendhacker.de)has joined
stvnhas joined
mehdihas left
mjkhas left
SouLhas joined
froghas left
vu764hd68fxthas left
lorddavidiiihas left
mjkhas joined
Viktor Lindberghas left
Viktor Lindberghas joined
argon3771has left
argon3771has joined
jayteeukhas left
jayteeukhas joined
lorddavidiiihas joined
ahas left
ahas joined
vu764hd68fxthas joined
argon3771has left
argon3771has joined
Bakuninhas joined
Bakuninhas left
j.r (jugendhacker.de)has left
jayteeukhas left
jayteeukhas joined
Alexhas joined
hobiya4088has joined
j.r (jugendhacker.de)has joined
argon3771has left
Viktor Lindberghas left
argon3771has joined
stvnhas left
stvnhas joined
abidal3has joined
lorddavidiiihas left
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
lorddavidiiihas joined
jayteeukhas left
jayteeukhas joined
abidal3has left
j.r (jugendhacker.de)has left
alacerhas left
404.cityhas joined
alacerhas joined
j.r (jugendhacker.de)has joined
hobiya4088has left
jayteeukhas left
jayteeukhas joined
perflysthas joined
ajeremiashas joined
froghas joined
stvnhas left
nickomemohas left
jayteeukhas left
jayteeukhas joined
stvnhas joined
jayteeukhas left
jayteeukhas joined
stvnhas left
stvnhas joined
perflysthas left
alex-a-sotohas left
alex-a-sotohas joined
arnehas joined
hobiya4088has joined
lorddavidiiihas left
lorddavidiiihas joined
mjkhas left
mjkhas joined
hobiya4088has left
hobiya4088has joined
lorddavidiiihas left
lorddavidiiihas joined
jayteeukhas left
jayteeukhas joined
NosoyHacker404has left
hobiya4088has left
NosoyHacker404has joined
hobiya4088has joined
antranigvhas left
henrikhas left
lorddavidiiihas left
henrikhas joined
alpha_deadhas joined
froghas left
ajeremiashas left
stvnhas left
inkyhas left
stvnhas joined
alpha_dead
hello guys, I set up an ejabberd server with a domain name but when I'm on the very same LAN network as the server my xmpp clients all fail to connect. I see in ejabberd logs that the connection is accepted but there seems to be no authentication going on. I don't understand... I enabled all the IP pools and the external public IP address of the server in the access rules (in the loopback section). Is there anything you notice I'm doing wrong?
alpha_dead
if I explicitely set the local IP address of the server inside the host option of my clients, they do log in just fine✎
alpha_dead
if I explicitly set the local IP address of the server inside the host option of my clients, they do log in just fine ✏
alpha_dead
I had the same problem using prosody in another environment, with a different router, some time ago. So, there may be something I just ignore
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
nickomemohas joined
ajeremiashas joined
froghas joined
stvnhas left
hobiya4088has left
hobiya4088has joined
Viktor Lindberghas joined
SouLhas left
SouLhas joined
argon3771has left
SouLhas left
SouLhas joined
argon3771has joined
Licaon_Kter
alpha_dead: as said elswhere, fix your router, "hairpin NAT" or thereabout
ajeremiashas left
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
404.cityhas left
froghas left
froghas joined
Beherithas left
Beherithas joined
alpha_dead
Licaon_Kter, thank you. That's a good starting point I was missing. I am looking into it
Bakuninhas joined
Bakuninhas left
Bakuninhas joined
alex-a-sotohas left
Bakuninhas left
alex-a-sotohas joined
Arnehas left
Arnehas joined
Viktor Lindberghas left
arnehas left
alpha_dead
Licaon_Kter, the only thing I don't understand is why does ejabberd receives a connection, I can see it in the log, if the router is the problem? Isn't it enough to get to connect to the machine? That is happening, it's just no authentication happens
Licaon_Kter
alpha_dead: the router sends the connection but with what ip? set hide_ip to false and check
Viktor Lindberghas joined
alpha_dead
Licaon_Kter, with the external public IP on the internet, which resolves to the local IP machine, I see that in ejabberd log
alpha_dead
I enabled both IP in the loopback section of the access rules of ejabberd, but still I locally I can only connect by declaring the LAN IP in the client (tried with Conversations and Gajim, works in both cases)✎
alpha_dead
I enabled both IP addresses in the loopback section of the access rules of ejabberd, but still I locally I can only connect by declaring the LAN IP in the client (tried with Conversations and Gajim, works in both cases)✎✏
mjkhas left
argon3771has left
argon3771has joined
mjkhas joined
alpha_dead
I enabled both IP addresses in the loopback section of the access rules of ejabberd, but still locally I can only connect by declaring the LAN IP in the client (tried with Conversations and Gajim, works in both cases) ✏
hobiya4088has left
Ivan A.has left
Ivan A.has joined
Licaon_Kter
How did you setup your router? (Don't mess with ejabberd defaults for access rules)
Only setting up port forwarding is not enough...
Licaon_Kter
What kind of router?
alpha_dead
Licaon_Kter, it's a consumer router, Huawei, provided by the ISP. I indeed set up port-forwarding and open the additional firewall to make sure it was not in the way
alpha_dead
I have a few advanced options, but it's clearly not as advanced as a Mikrotik or similar
hobiya4088has joined
froghas left
lorddavidiiihas joined
mjkhas left
rom1dephas left
hobiya4088has left
argon3771has left
argon3771has joined
hobiya4088has joined
mjkhas joined
hobiya4088has left
mjkhas left
mjkhas joined
alacerhas left
hobiya4088has joined
Douglas Terabytehas left
Douglas Terabytehas joined
ezra-koschitzkyhas joined
thndrbvrhas joined
hobiya4088has left
hobiya4088has joined
Arnehas left
Arnehas joined
abidal3has joined
alpha_deadhas left
abidal3has left
Arnehas left
Arnehas joined
alpha_deadhas joined
alpha_dead
I hope I didn't miss something
derventiohas joined
Beherithas left
Bakuninhas joined
Arnehas left
Arnehas joined
Beherithas joined
cuchas joined
mjkhas left
abidal3has joined
mjkhas joined
froghas joined
Bakuninhas left
Bakuninhas joined
mjkhas left
jayteeukhas left
jayteeukhas joined
Bakuninhas left
jayteeukhas left
jayteeukhas joined
cuchas left
inkyhas joined
cuchas joined
perflysthas joined
Beherithas left
Beherithas joined
mehdihas joined
mehdihas left
mjkhas joined
solhas left
solhas joined
vanitasvitaehas left
mss_cyclisthas left
mjkhas left
mss_cyclisthas joined
mjkhas joined
mss_cyclist
I guess it is something with NAT and ip resolution.
The server probably needs the client to have an external ip. However in this case it connects with an internal.
perflysthas left
hobiya4088has left
derventiohas left
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
hobiya4088has joined
Arnehas left
SouLhas left
Arnehas joined
inkyhas left
vanitasvitaehas joined
Arnehas left
Arnehas joined
argon3771has left
argon3771has joined
hobiya4088has left
lorddavidiiihas left
hobiya4088has joined
mjkhas left
ezra-koschitzkyhas left
lorddavidiiihas joined
thndrbvrhas left
Beherithas left
Beherithas joined
hobiya4088has left
argon3771has left
hobiya4088has joined
argon3771has joined
mjkhas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
rom1dephas joined
sonnyhas left
sonnyhas joined
lorddavidiiihas left
j.r (jugendhacker.de)has left
inkyhas joined
j.r (jugendhacker.de)has joined
perflysthas joined
mjkhas left
hobiya4088has left
mjkhas joined
perflysthas left
hobiya4088has joined
perflysthas joined
marc0shas left
marc0shas joined
Bakuninhas joined
Bakuninhas left
SouLhas joined
argon3771has left
argon3771has joined
jayteeukhas left
jayteeukhas joined
pintoseskhas joined
jayteeukhas left
jayteeukhas joined
mss_cyclisthas left
bastoon
alpha_dead: is there a difference between :
$ telnet <public_ip> 5222
$ telnet <private_ip> 5222
?
mehdihas joined
mss_cyclisthas joined
Licaon_Kter
I'm more concerned that the ejabberd answer is lost by the router, which needs to be smart and track it back....locally or through the internet.
hobiya4088has left
jonas’
alpha_dead, on the ejabberd machine, start a tcpdump on port 5222 before you connect to ejabberd via the external IP from a LAN client
jonas’
if you see the *LAN* IP of the client in there, you are doomed
jonas’
(that means your router doesn’t do hairpin NAT properly)
jonas’
then the SYN packet will arrive in ejabberd (and it’ll accept the connection), but no data can flow from ejabberd back to the client
jonas’
then the only way you could fix this is by solving that one layer up, for example with additional SRV records or split-horizon DNS
mjkhas left
jonas’
this really stinks like a broken hairpin NAT thing.
mjkhas joined
mss_cyclisthas left
mss_cyclisthas joined
mehdihas left
wladmishas left
alacerhas joined
alpha_dead
jonas’, thanks a lot! That's an amazing tip
bastoon
Just to add some blur: are you using same kind of network ? Buggy IPv6 conf for firewall / server ?
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
alpha_dead
bastoon, I'm not sure if I understood your question, I'd answer that the router generates the network of the server so they are on the same network, and it works as the firewall and port-forwards too.. that router generates two subnets, one for guests and one for the server. I've been using the server network to connect to ejabberd
alacerhas left
alacerhas joined
Licaon_Kter
alpha_dead, do you serve a static route on your local lan DNS for domain.tld -> LANIP so DNS clients pick that?
mss_cyclisthas left
alpha_dead
I didn't set a local DNS server, I thought a lot of clients would ignore it
Licaon_Kter
yeah they might, true, but you can test if it helps.
mjkhas left
alpha_dead
that could be a good idea, for sure. I want to go back to the machine and try what jonas' suggested
alpha_dead
and would try the bastoon telnet test too
bastoon
I would said :
bastoon
from external : maybe ipv4 is used, from internal ipv6
j.r (jugendhacker.de)has left
j.r (jugendhacker.de)has joined
bastoon
check telnet from inside : public + private ; and from outside (public). And pay attention to address resolution and connection opening or not