receieveFile()
)? 🤔
@xuu@txt.sour.is For what reason?
receieveFile()
)? 🤔
@xuu@txt.sour.is For what reason?
receieveFile()
)? 🤔
@abucci@anthony.buc.ci Just making sure you’re seeing @xuu@txt.sour.is’s twt, in case he’s still on your blacklist:
Hey so.. i just got an email from my ISP saying they will terminate my service. Did i break something @abucci ?
receieveFile()
)? 🤔
Hey so.. i just got an email from my ISP saying they will terminate my service. Did i break something @abucci@anthony.buc.ci ?
/tmp
is also fine now! Thanks for your help @prologic!
@abucci@anthony.buc.ci No worries! All in the name of better reliability and security 😅
@stigatle@yarn.stigatle.no Thanks! Sooo cold 🥶
receieveFile()
)? 🤔
@stigatle@yarn.stigatle.no no problems 👌 one problem solved at least 🤣
@prologic@twtxt.net sleep well!
receieveFile()
)? 🤔
@stigatle@yarn.stigatle.no @prologic@twtxt.net my /tmp
is also fine now! Thanks for your help @prologic@twtxt.net!
Anyway, I’m gonna have to go to bed… We’ll continue this on the weekend. Still trying to hunt down some kind of suspected mult-GB avatar using @stigatle@yarn.stigatle.no ’s pod’s cache:
$ (echo "URL Bytes"; sort -n -k 2 -r < avatars.txt | head) | column -t
URL Bytes
https://birkbak.neocities.org/avatar.jpg 667640
https://darch.neocities.org/avatar.png 652960
http://darch.dk/avatar.png 603210
https://social.naln1.ca/media/0c4f65a4be32ff3caf54efb60166a8c965cc6ac7c30a0efd1e51c307b087f47b.png 327947
...
But so far nothing much… Still running the search…
receieveFile()
)? 🤔
@prologic@twtxt.net @abucci@anthony.buc.ci my /tmp is fine now, no avatars there. I have to drive my daughter to a birthday party now, but I keep things running and I’ll check when I get back.
receieveFile()
)? 🤔
Out of interest, are you able to block whole ASN(s)? I blocked the entirely of teh AWS and Facebook ASN(s) recently.
receieveFile()
)? 🤔
@abucci@anthony.buc.ci Oh 🤣 Well my IP is a known subnet and static, so if you need to know what it is, Email me 😅
receieveFile()
)? 🤔
@abucci@anthony.buc.ci Seems to be okay now hmmm
@abucci@anthony.buc.ci Hmm I can see your twts on my pod now 🤔
receieveFile()
)? 🤔
@stigatle@yarn.stigatle.no Sweet, thank you! I’ve been shooting myself in the foot over here and want to make sure the situation is getting fixed!
receieveFile()
)? 🤔
@abucci@anthony.buc.ci yeah I can see it :)
receieveFile()
)? 🤔
@stigatle@yarn.stigatle.no @prologic@twtxt.net testing 1 2 3 can either of you see this?
Hmm, I wonder if I banned too many IPs and caused these issues for myself 😆
twts are taking a very long time to post from yarn
after the latest upgrade. Like a good 60 seconds.
receieveFile()
)? 🤔
@prologic@twtxt.net I don’t know if this is new, but I’m seeing:
Jul 25 16:01:17 buc yarnd[1921547]: time="2024-07-25T16:01:17Z" level=error msg="https://yarn.stigatle.no/user/stigatle/twtxt.txt: client.Do fail: Get \"https://yarn.stigatle.no/user/stigatle/twtxt.txt\": dial tcp 185.97.32.18:443: i/o timeout (Client.Timeout exceeded while awaiting headers)" error="Get \"https://yarn.stigatle.no/user/stigatle/twtxt.txt\": dial tcp 185.97.32.18:443: i/o timeout (Client.Timeout exceeded while awaiting headers)"
I no longer see twts from @stigatle@yarn.stigatle.no at all.
receieveFile()
)? 🤔
@prologic@twtxt.net Have you been seeing any of my replies?
@abucci@anthony.buc.ci / @abucci@anthony.buc.ci Any interesting errors pop up in the server logs since the the flaw got fixed (unbounded receieveFile()
)? 🤔
Hmmm 🧐
for url in $(jq -r '.Twters[].avatar' cache.json | sed '/^$/d' | grep -v -E '(twtxt.net|anthony.buc.ci|yarn.stigatle.no|yarn.mills.io)' | sort -u); do echo "$url $(curl -I -s -o /dev/null -w '%header{content-length}' "$url")"; done
...
😅 Let’s see… 🤔
It shows up in my twtxt feed so that’s good.
@movq@www.uninformativ.de My issue is, now that we have the chance of getting something fast, people artificially slow it down again. Wether they think it’s cool that they added some slow animation or just lack of knowledge or whatever. The absolute performance does not translate to the relative performance that I observe. Completely wasted potential. :-(
In today’s economy, nobody optimizes something if it can be just called good enough with the next generation hardware. That’s especially the mindset of big coorporations.
Anyway, getting sidetracked from the original post. :-)
@prologic@twtxt.net will do, thanks for the tip!
This is a test. I am not seeing twts from @stigatle@yarn.stigatle.no and it seems like @prologic@twtxt.net might not be seeing twts from me. Do people see this?
@prologic@twtxt.net I am not seeing twts from @stigatle@yarn.stigatle.no anymore. Are you seeing twts from me?
@stigatle@yarn.stigatle.no The one you sent is fine. I’m inspecting it now. I’m just saying, do yourself a favor and nuke your pod’s garbage cache 🤣 It’ll rebuild automatically in a much more prestine state.
@prologic@twtxt.net you want a new cache from me - or was the one I sent OK for what you needed?
That was also a source of abuse that also got plugged (being able to fill up the cache with garbage data)
Ooof
$ jq '.Feeds | keys[]' cache.json | wc -l
4402
If you both don’t mind dropping your caches. I would recommend it. Settings -> Poderator Settings -> Refresh cache.
./tools/dump_cache.sh: line 8: bat: command not found
No Token Provided
I don’t have bat
on my VPS and there is no package for installing it. Is cat
a reasonable alternate?
@prologic@twtxt.net No worries, thanks for working on the fix for it so fast :)
@prologic@twtxt.net Yup. Didn’t regret climbing these three hundred odd meters of elevation. :-)
@stigatle@yarn.stigatle.no Thank you! 🙏
@prologic@twtxt.net Try hitting this URL:
https://twtxt.net/external?nick=nosuchuser&uri=https://foo.com
Change nosuchuser
to any phrase at all.
If you hit https://twtxt.net/external?nick=nosuchuser , you’re given an error. If you hit that URL above with the uri
parameter, you can a legitimate-looking page. I think that is a bug.
@prologic@twtxt.net here you go:
https://drive.proton.me/urls/XRKQQ632SG#LXWehEZMNQWF
@stigatle@yarn.stigatle.no Ta. I hope my theory is right 😅
@prologic@twtxt.net Hitting that URL returns a bunch of HTML even though there is no user named lovetocode999
on my pod. I think it should 404, and maybe with a delay, to discourage whatever this abuse is. Basically this can be used to DDoS a pod by forcing it to generate a hunch of HTML just by doing a bogus GET like this.
@prologic@twtxt.net thank you. I run it now as you said, I’ll get the files put somewhere shortly.
But just have a look at the yarnd
server logs too. Any new interesting errors? 🤔 No more multi-GB tmp files? 🤔
@stigatle@yarn.stigatle.no You want to run backup_db.sh
and dump_cache.sh
They pipe JSON to stdout and prompt for your admin password. Example:
URL=<your_pod_url> ADMIN=<your_admin_user> ./tools/dump_cache.sh > cache.json
I’m seeing GETs like this over and over again:
"GET /external?nick=lovetocode999&uri=https://vuf.minagricultura.gov.co/Lists/Informacin%20Servicios%20Web/DispForm.aspx?ID=8375144 HTTP/1.1" 200 35861 17.077914ms
always to nick=lovetocode999
, but with different uri
s. What are these calls?
@stigatle@yarn.stigatle.no Worky, worky now! :-)
Mate, these are some really nice gems! What a stunning landscape. I love it. Holy cow, that wooden church looks really sick. Even though, I’m not a scroll guy and prefer simple, straight designs, I have to say, that the interior craftmanship is something to admire.
@prologic@twtxt.net so, if I’m correct the dump tool made a pods.txt and a stats.txt file, those are the ones you want? or do you want the output that it spits out in the console window?
Just thinking out loud here… With that PR merged (or if you built off that branch), you might hopefully see new errors popup and we might catch this problematic bad feed in the act? Hmmm 🧐
@slashdot@feeds.twtxt.net I thought Sunday was the hottest day on Earth 🤦♂️ wtf is wrong with Slashdot these days?! 🤣
if we can figure out wtf is going on here and my theory is right, we can blacklist that feed, hell even add it to the codebase as an “asshole”.
@stigatle@yarn.stigatle.no The problem is it’ll only cause the attack to stop and error out. It won’t stop your pod from trying to do this over and over again. That’s why I need some help inspecting both your pods for “bad feeds”.