Date   

Re: PGP Key ring key problem

David McGough
 

Dear Dave, K9DC,

I don't think I've previously talked with you. However, I have some comments. My e-mail box is full of messages from angry, innocent HamVoIP / IRLP users.

Intentionally pulling keys from any network with no notice WILL NOT fly in today's world. There is already established legal precedent in that regard, specifically in the ham radio world.
Think about the ramifications if your unannounced action had crippled IRLP nodes or networks during an emergency?

HamVoIP does not condone nor support any groups attempting to "harvest" IRLP nodes or keys. If some unscrupulous persons attempt to obtain keys, claiming they purchased hardware where they did not, we have no knowledge of nor condone those activities.  However, if this is all about purchasing something, there is a really simple solution: IRLP should just charge an acceptably large fee to obtain or transfer a key to a different call sign! This is a simple problem to solve!

I am hopeful that IRLP REFLECTOR owners who had ANY problems with known HamVoIP users will contact me directly (kb4fxc .at. gmail.com). I'd like to hear more details about who was causing problems and what kind of problems??  Was it not possible to simply block those individual IRLP nodes??

While I realize legacy policies may exist, I'm a bit baffled as to why cross-linking between networks is of any significance at the individual node level? The HamVoIP software DOES NOT by default provide an automatic gateway mechanism. Bridges between networks can only be established or allowed by the node owner / control-op.  Easily enough, this similarly could be done with stock IRLP hardware.

Having been a ham for almost 40 years, I firmly believe in keeping the RADIO in ham radio. However, we ALL need to realize that this year is 2020. It is not the world of 2000. Nor the world of 1980.  Laws regarding ham radio have changed and been relaxed globally. We all must focus on the future, evolving as changes happen, otherwise we'll end up simply as pages of history.


73, David KB4FXC


Re: resolv.conf

Charlie Wa2gug
 

I'll get n2wro to log in and check the error. He does it for a living. I learned along time ago when to resort to a pro. I'll also have him check the name servers.


Charlie wa2gug
ARRL FIELD INSTRUCTOR, VE



-------- Original message --------
From k9dc <Dave@...>
Date: 01/12/2020 13:42 (GMT-05:00)
To IRLP@irlp.groups.io
Subject Re: [IRLP] resolv.conf



Well, it won’t work until you fix TCP 15425. So something is amiss in your router. Are all ports outgoing allowed?  Did DNS pass okay?  DNS is required to update the status page, but your node has been gone for a long time.

http://status.irlp.net/?nodeid=4827

-k9dc



> On Jan 12, 2020, at 13:34, Charlie Wa2gug <wa2gug@...> wrote:
>
> Dave,
>
> This is the only error I get :
>
> Performing INBOUND UDP and TCP Port Forwarding Test
> Detecting Incoming IP = 24.148.124.200
> Testing TCP and UDP ports .. done.
>
> -----------------------------------------------------------------------------
> TEST No. 2a REPORT - TCP ERROR - TCP port 15425 is NOT forwarded
>                                            correctly.
> Waiting 4 seconds .... done.
> TEST No. 2b REPORT - UDP PASS - UDP ports 2074-2093 are forwarded correctly.
> TEST No. 2c REPORT - EchoLink UDP ERROR - The following UDP port(s):
>  5198  5199  is/are not forwarded correctly.
>
> Can't find any thing wrong in Fortigate router.
>
> My node is 4827
>
> On 1/12/2020 13:25, k9dc wrote:
>>> On Jan 12, 2020, at 06:13, Charlie Wa2gug <wa2gug@...>
>>>  wrote:
>>>
>>> Guy's finally cleaning up the node. I noticed the node was not on the active list. I checked the resolv,conf. I do have 2 name servers in it. I'm using google 8.8.8.8,8.8.4.4
>>> Any ideas?
>>>
>> What is troubleshoot-irlp telling you?  Also what is your node number?
>>
>> -k9dc
>>
>>
>>
> --
> Charles L. Alfano
> WA2GUG
> ARRL VE, Instructor
>
>
> <wa2gug.vcf>





Re: resolv.conf

Dave K9DC
 

Well, it won’t work until you fix TCP 15425. So something is amiss in your router. Are all ports outgoing allowed? Did DNS pass okay? DNS is required to update the status page, but your node has been gone for a long time.

http://status.irlp.net/?nodeid=4827

-k9dc

On Jan 12, 2020, at 13:34, Charlie Wa2gug <wa2gug@wa2gug.net> wrote:

Dave,

This is the only error I get :

Performing INBOUND UDP and TCP Port Forwarding Test
Detecting Incoming IP = 24.148.124.200
Testing TCP and UDP ports .. done.

-----------------------------------------------------------------------------
TEST No. 2a REPORT - TCP ERROR - TCP port 15425 is NOT forwarded
correctly.
Waiting 4 seconds .... done.
TEST No. 2b REPORT - UDP PASS - UDP ports 2074-2093 are forwarded correctly.
TEST No. 2c REPORT - EchoLink UDP ERROR - The following UDP port(s):
5198 5199 is/are not forwarded correctly.

Can't find any thing wrong in Fortigate router.

My node is 4827

On 1/12/2020 13:25, k9dc wrote:
On Jan 12, 2020, at 06:13, Charlie Wa2gug <wa2gug@wa2gug.net>
wrote:

Guy's finally cleaning up the node. I noticed the node was not on the active list. I checked the resolv,conf. I do have 2 name servers in it. I'm using google 8.8.8.8,8.8.4.4
Any ideas?
What is troubleshoot-irlp telling you? Also what is your node number?

-k9dc


--
Charles L. Alfano
WA2GUG
ARRL VE, Instructor


<wa2gug.vcf>


Re: resolv.conf

Charlie Wa2gug
 

Dave,

This is the only error I get :

Performing INBOUND UDP and TCP Port Forwarding Test
Detecting Incoming IP = 24.148.124.200
Testing TCP and UDP ports .. done.

-----------------------------------------------------------------------------
TEST No. 2a REPORT - TCP ERROR - TCP port 15425 is NOT forwarded
                                           correctly.
Waiting 4 seconds .... done.
TEST No. 2b REPORT - UDP PASS - UDP ports 2074-2093 are forwarded correctly.
TEST No. 2c REPORT - EchoLink UDP ERROR - The following UDP port(s):
 5198  5199  is/are not forwarded correctly.

Can't find any thing wrong in Fortigate router.

My node is 4827

On 1/12/2020 13:25, k9dc wrote:

      
On Jan 12, 2020, at 06:13, Charlie Wa2gug <wa2gug@...> wrote:

Guy's finally cleaning up the node. I noticed the node was not on the active list. I checked the resolv,conf. I do have 2 name servers in it. I'm using google 8.8.8.8,8.8.4.4
Any ideas?
What is troubleshoot-irlp telling you?  Also what is your node number?

-k9dc


-- 
Charles L. Alfano
WA2GUG
ARRL VE, Instructor


Re: resolv.conf

Dave K9DC
 

On Jan 12, 2020, at 06:13, Charlie Wa2gug <wa2gug@wa2gug.net> wrote:

Guy's finally cleaning up the node. I noticed the node was not on the active list. I checked the resolv,conf. I do have 2 name servers in it. I'm using google 8.8.8.8,8.8.4.4
Any ideas?
What is troubleshoot-irlp telling you? Also what is your node number?

-k9dc


Re: PGP Key ring key problem

Dave K9DC
 

On Jan 12, 2020, at 00:33, Richard Hyde <kyserver@gmail.com> wrote:

Yep... It would be nice to have been notified... Instead of your repeater going down in the middle of an emergency EOC net…
Crossover links into IRLP from other networks have always been prohibited by IRLP policy, unless done at a Reflector. So you should not have been surprised.

The problem caused by the HAMvoip package was that it allowed folks from non-IRLP networks to dial in to IRLP. This in effect, reduced the effectiveness of our security policy. Also many of the non-IRLP networks had policies inconsistent with the RF-required end-point policy of IRLP. The EchoIRLP package for example, was designed to allow node participation in both the IRLP and Echolink networks, yet was specifically designed to prevent Echolink stations to enter the IRLP Network (and vice versa).

At the same time some Reflectors were modified to also be Echolink Conference bridges. Unfortunately that has fallen from favor a bit because now Echolink charges an annual fee to operate a conference bridge.

HAMvoip also seems to have created an informal network of passing around IRLP Boards so folks could surreptitiously obtain keys without buying the IRLP hardware. Then harvesting the PGP keys for use in an unauthorized software package such as HAMvoip.

We have been aware of this activity for quite some time (couple of years), but we kind of hoped it would go away and not cause any problems, or not be that popular. Unfortunately we have begun to receive complaints from Reflector admins about possible mis-use of the network. Therefore an automated routine was created to scan the network and identify nodes running the HAMvoip package, and remove those keys.

We are also working on a method of connecting Allstar Link conferences and designated IRLP Reflectors together in the network, much like the way Echolink Conferences and IRLP Reflectors are shared today. I am not sure that will come to pass, but it may be easier than we think. Stay tuned.

-k9dc


Re: PGP Key ring key problem

Richard Hyde
 

Yep... It would be nice to have been notified... Instead of your repeater going down in the middle of an emergency EOC net...  


On Sat, Jan 11, 2020, 10:30 PM Dan Sellmeyer <dsellmeyer@...> wrote:
So... If I hook back up my old computer with the IRLP board in it "OR" My board I bought for a raspberry pi can it be validated ??  Do I have to do a full re-install ? I would like to keep my old node number of 3619. I didn't know this would be such a problem....


Re: PGP Key ring key problem

Dave K9DC
 

You will have to perform a NEW installation on regular IRLP hardware. If you want to recover 3619, contact installs@ irlp.net for assistance. They must be engaged BEFORE you do anything, if you would like to recover your old number.

-k9dc

On Jan 11, 2020, at 22:30, Dan Sellmeyer <dsellmeyer@neb.rr.com> wrote:

So... If I hook back up my old computer with the IRLP board in it "OR" My board I bought for a raspberry pi can it be validated ?? Do I have to do a full re-install ? I would like to keep my old node number of 3619. I didn't know this would be such a problem....


resolv.conf

Charlie Wa2gug
 

Guy's finally cleaning up the node. I noticed the node was not on the active list. I checked the resolv,conf. I do have 2 name servers in it. I'm using google 8.8.8.8,8.8.4.4
Any ideas?


Re: PGP Key ring key problem

Dan Sellmeyer <dsellmeyer@...>
 

So... If I hook back up my old computer with the IRLP board in it "OR" My board I bought for a raspberry pi can it be validated ??  Do I have to do a full re-install ? I would like to keep my old node number of 3619. I didn't know this would be such a problem....


Re: Question on the os versions

Dave K9DC
 

The installs team *suggests* that you upgrade to the latest IRLP release which is Debian 9 or 10 (links to the download are on the installation documentation page). But you do not absolutely have to. If your node is behind a router, and working ok, and you do not have grand plans for adding new features, it is not absolutely mandatory for you to upgrade. If your hardware is very old (ISA slots), it may not be possible. Technically CentOS 4 is no longer supported by the manufacturer any longer.

-k9dc

On Jan 11, 2020, at 21:18, Larry Ellsworth - K6KUS via Groups.Io <k6kusman=yahoo.com@groups.io> wrote:

If My node is running the older centos do I need to upgrade to the latest os and what is the latest os?


Re: PGP Key ring key problem

Dave K9DC
 

Node 3619 was removed from the network because we found that it was running a version of IRLP that is not compatible with the network (HAMvoip). All stations running that package were permanently removed from the network a few days ago.

--
Dave K9DC, IRLP Installation Team

On Jan 11, 2020, at 21:06, Dan Sellmeyer <dsellmeyer@neb.rr.com> wrote:

Can someone please help..

I can't connect to another node or reflector. It continously says my PGP key is not Vaild and if trouble persist to send email to installs@irlp.net.
I have a e-mail sent into intstalls@irlp.net with no responses yet..
Can someone re-validate it ?
Call : W0APQ

Node number:3619


Question on the os versions

Larry Ellsworth - K6KUS
 

 If My node is running the older centos do I need to upgrade to the latest os and what is the latest os?


Re: No audio out

Jim Howe N2TDI
 

It’s been up for a while then suddenly there’s no audio.

Sent from my  iPhone X

On Jan 11, 2020, at 20:58, Teton Amateur Radio Repeater Association (TARRA) <tarra@wyocat.com> wrote:


Re: PGP Key ring key problem

WD5M David M.
 

Anything interesting returned when you run troubleshoot-irlp from user repeater? I believe one of the tests is for the pgp key. 

David M.
WD5M


On Sat, Jan 11, 2020 at 8:06 PM Dan Sellmeyer <dsellmeyer@...> wrote:
Can someone please help..

I can't connect to another node or reflector. It continously says my PGP key is not Vaild and if trouble persist to send email to installs@....  
I have a e-mail sent into intstalls@... with no responses yet..
Can someone re-validate it ?
Call : W0APQ

Node number:3619 


Re: PGP Key ring key problem

 

Usually installs gets to these things pretty quickly, hang in there... they'll get ya reset soon.


>< Dave Parks ><
WB8ODF@...
http://wb8odf.com



On Saturday, January 11, 2020, 9:06:19 PM EST, Dan Sellmeyer <dsellmeyer@...> wrote:


Can someone please help..

I can't connect to another node or reflector. It continously says my PGP key is not Vaild and if trouble persist to send email to installs@....  
I have a e-mail sent into intstalls@... with no responses yet..
Can someone re-validate it ?
Call : W0APQ

Node number:3619 


PGP Key ring key problem

Dan Sellmeyer <dsellmeyer@...>
 

Can someone please help..

I can't connect to another node or reflector. It continously says my PGP key is not Vaild and if trouble persist to send email to installs@....  
I have a e-mail sent into intstalls@... with no responses yet..
Can someone re-validate it ?
Call : W0APQ

Node number:3619 


Re: No audio out

Teton Amateur Radio Repeater Association (TARRA)
 

I would probably suggest the next thing to do is start checking all of your wiring. Is this node a new set up or one that you were running for a while?

Mick - W7CAT
Node 3464

----- Original Message -----
From: Jim Howe
To: IRLP@irlp.groups.io
Sent: Saturday, January 11, 2020 06:28:37 PM
Subject: Re: [IRLP] No audio out

> Everything passed when I ran it.
>
> On Fri, 10 Jan 2020 at 20:41, Teton Amateur Radio Repeater Association
> (TARRA) wrote:
>
> > What do you get when you run troubleshoot-irlp?
> >
> > As repeater: troubleshoot-irlp
> > Mick - W7CAT
> > Node 3464
> >
> > ----- Original Message -----
> > From: David Snow Sr
> > To: IRLP@irlp.groups.io
> > Sent: Friday, January 10, 2020 06:05:12 PM
> > Subject: [IRLP] No audio out
> >
> > > Any one have this problem I can connect to a node but no one can hear me
> > so went to node 9999 to see if my voice would come through but it did not
> > so I unplugged the Pi to reset it but after it came back up still the
> > problem is there . The node i'm having the problem with is (node 3209) I'm
> > thinking maybe the Pi is bad ?
> > >
> > > Thanks for any help out there
> > > David Snow KD6RGX
> > >
> > >
> > >
> > >
> > --
> >
> >
> >
> >
>
>
>
>
--


Re: No audio out

Jim Howe N2TDI
 

Everything passed when I ran it.


On Fri, 10 Jan 2020 at 20:41, Teton Amateur Radio Repeater Association (TARRA) <tarra@...> wrote:

What do you get when you run troubleshoot-irlp?

As repeater: troubleshoot-irlp

Mick - W7CAT
Node 3464

----- Original Message -----
From: David Snow Sr
To: IRLP@irlp.groups.io
Sent: Friday, January 10, 2020 06:05:12 PM
Subject: [IRLP] No audio out

> Any one have this problem I can connect to a node but no one can hear me so went to node 9999 to see if my voice would come through but it did not so I unplugged the Pi to reset it but after it came back up still the problem is there . The node i'm having the problem with is (node 3209) I'm thinking maybe the Pi is bad ?
>
> Thanks for any help out there
> David Snow KD6RGX
>
>
>
>
--


Re: Wired to Wireless on AT Computer

John
 

Morning Bob..

I might presume you have resolved the DNS error?
stn3437 is online and I can telnet it.
The idea was to ping an outside known url, e.g. irlp.net
If not, try this sequence:

For the record, k9dc and others have put this simple DNS diagnostic sequence together.

DNS error?
1. try to ping your router IP address
2. Try to ping your ISP nameserver IP addresses
3. try to ping 4.2.2.2 (4.2.2.2 is a public namserver operated by Level 3 Communications)
4. If 4.2.2.2 works, you can use that as a valid nameserver in resolv.conf in lieu of your ISP suggested name servers.
5. If 4.2.2.2 does not work, your node is not connected to your network.
6. Check your node config with the ‘ifconfig’ command and make sure interface eth0 has a valid IP address on it.
7. what does "cat /etc/resolv.conf" return? (run w/o quotes)

On 12/01/2020 9:44 am, Bob Redoutey N5KF wrote:
Hi John,
Not sure what you mean. Node computer or other computer?
Thanks
Bob N5KF
Node 3437
On Fri, Jan 10, 2020, 11:02 PM John <gielisj@westnet.com.au <mailto:gielisj@westnet.com.au>> wrote:
Can you ping irlp.net <http://irlp.net> from the node console, may need
root, not sure?
John @ 6163
> On 11/01/2020 2:48:18 PM, Bob Redoutey N5KF (redoutey@gmail.com
<mailto:redoutey@gmail.com>) wrote:
> > Hi John,
>
> I rebooted the IRLP, all port forward information I had put in the router I
> removed, and left only the DMZ setup, and it started working.  Still get a
> DNS error, not sure why...but good for now.
>
> Thanks for everybody's help!
>
> Bob N5KF
> Node 3437
> Georgetown TX
>
> On Fri, Jan 10, 2020, 9:59 PM John <gielisj@westnet.com.au
<mailto:gielisj@westnet.com.au>> wrote:
>
> > Have you RE booted both router and irlp, Bob?
> >
> > John @ 6163
> >
> > > On 11/01/2020 1:39:26 PM, Bob Redoutey N5KF (redoutey@gmail.com
<mailto:redoutey@gmail.com>) wrote:
> > > > The troubleshooting script still gives the same errors.
> > >
> > > Somewhere I am not getting it set right....ugh!
> > >
> > > Bob N5KF
> > >
> > > Ps...sorry for all the bandwidth on this issue.
> > >
> > > On Fri, Jan 10, 2020, 9:16 PM Teton Amateur Radio Repeater Association
> > > (TARRA) <tarra@wyocat.com <mailto:tarra@wyocat.com>> wrote:
> > >
> > > > Log into your IRLP computer and run the command    ifconfig  Look for
> > this:
> > > >
> > > > wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
> > > >  inet 192.168.8.168  netmask 255.255.255.0  broadcast 192.168.8.255
> > > >
> > > > The inet will

2181 - 2200 of 78813