creep.imwell, we just connected with Ge0rG just fine right now
creep.imMartin: you can send me your JID privately and I will add you myself first, this should work
MartinWouldn't work, as creep.im is on the blocklist now.
MartinBut it's the same as my email firstname.lastname@example.org
creep.imgood to know 😅
creep.imbut yeah, you can always drop me messages via email
MartinDid my emails to a arrive? I didn't get any error bounce so I assume they did.
Viktor Lindberghas left
Viktor Lindberghas joined
creep.imyes, I can see your emails
MartinI think I reported two or three times spammers and one time complained about the captcha spamming (see screenshot I shared earlier) which really pissed me off. 😂
Martinreally dislikes mod_block_strangers
creep.imthe only action I can take is to block this one spammer JID you mentioned in your fourth email
Martinfweslty@creep.im (1. Email) email@example.com (2. Email), Complaint about captcha spamming (3. Email). I don't see a fourth email in my sent folder. :-/
creep.imit's actually third. I see you first email was not specifically to me, but to the Operators list
creep.imit's actually third. I see that your first email was not specifically to me, but to the Operators list
creep.imit's actually third. I see that your first email was not addressed specifically to me, but to the Operators list
creep.imlifelockt is banned now
Martincreep.im: As my server has not yet fetched the updated blocklist I tried again. I successfully filled the captcha but I get
> 26.11.20 15:23:12 ! Error from firstname.lastname@example.org: Messages from strangers are rejected
alpha_deadhello guys, I'm trying to understand if my router is the culprit for my ejabberd server no to be available in my LAN when not specifying the local IP in the client as the host. Some of you were suspecting a hair-pinning issue with my consumer router, so as suggested I used tcpdump on port 5222 and tried to connect. I was supposed to check if the local IP would be issued instead of the external IP by the client. I have a log now, but I'm not really sure. I get the external IP most of time, the local appeared here and there but it's really not predominant. So I'm confused now.. do I have a hair-pinning problem?
alpha_deadI tried to specify the LAN IP of the server in the client and sniffed the packets with tcpdump, now I only get the LAN IP of my xmpp client, and the client does connect to ejabberd, while I get the "Server not found" error in Conversations if I leave the host unspecified. Could it be a DNS issue?
mjkalpha_dead: did you limit tcpdump to only incoming packets? I'm not an expert, but `tcpdump -n#Q in` gives me lines like the following one when I connect to a local http server from the same network, using the router's public addr:
`38 17:36:41.014306 IP 192.168.0.1.40401 > 192.168.0.42.443: Flags …`
(Where 192.168.0.1 is the router's internal addr, and 192.168.0.42 is server's)
And the server's logs confirm a connection from 192.168.0.1:40401. Needless to say, everything works.
mjkThat is, I don't see the router's external address anywhere at all
mjkYou should probably disable 5222 forwarding for the time of testing, so there would be no noise
mjkYou should probably disable 5222 forwarding for the time of testing, so there would be no noise from actual external connections
Licaon_Ktermjk: umm, maybe not a good idea, since you connect to domain:5222
Licaon_Kteralpha_dead: you already tried to search "my router model nat" ?
mjkLicaon_Kter: Oh yeah, that could introduce false negatives
Viktor Lindberghas left
alpha_deadLicaon_Kter, I have a NAT/PAT section in my router advanced panel, that's where I do the port-forwarding though
alpha_deadI'm trying with mjk's filter with tcpdump now
Viktor Lindberghas joined
alpha_deadmjk, by using your filter I get the same output, external IP:random port > external IP:5222
alpha_deadfrom time to time I get the pattern external IP:random port > local IP:5222, but only here and there
alpha_deadI couldn't set up proper SRV records due to Webmin limitations, I'm waiting for the company to write them properly, now I'm using the xmpp.domain.tld in my client to connect from outside of the network. I can connect with no issue but I plan on fixing it. I'm wondering if this might cause problems locally
alpha_deadLicaon_Kter, maybe you were suggesting something more, I'll research the exact model. It's a consumer HUAWEI router, nothing enteprise-grade
alpha_deadNot a HUAWEI, I'm sorry. I got confused, it's a Sagecom
mjk> external IP:random port > external IP:5222
Wait wat. Just to make sure: you run tcpdump on the server machine, and the server machine ≠ router, right?
mjkIf that's the case, then it seems something really is wrong with the router
mjkalpha_dead: I remember you saying it's rented, so not sure if your ISP would allow flashing a decent firmware (openwrt, dd-wrt...)
bastoonalpha_dead: do you have same behavior with a HTTP server? I'd advice focusing on testing with such a simpler protocol to check NAT on a non standard (80,443) port.
alpha_deadbastoon, I might indeed test with an http server to make sure, also.. I could host a Converse.js instance
bastoonYes that would push away the dns SRV and TLS issues. Use only http and not https. For your router perform all tests (http and XMPPs) without any "firewall", "syn flood" enabled broken features.
bastoonAlways reboot router after each router configuration modification.
alpha_deadbastoon, then I will use a non-standard port for an apache2 website, that's the daemon I have at hand
bastoon👍 Try the inside / outside network case with http://blabla:port