# No content in overlays.gentoo.org

## miroR

Breaking a little under FUD created on me (wait: I don't blame anyone yet in any

of the stages on the way from me to Gentoo and back, OK?)...

But breaking a little, can't do no work like this...

So, given the circumstances, this can be a little hastily and clumsily put.

But there I go.

The issue that I am having is given some intro over in the topic:

Mutt without Portage/in Local Overlay, for Air-Gappers

https://forums.gentoo.org/viewtopic-t-1002146-start-50.html#7661248

(and next one post of mine, which...

Which pasting over:

 *me wrote:*   

> 
> 
>  *py-ro wrote:*   Yes, you are wrong, it is not meant for browsing. This is the Databases Layman uses to offer Overlays. 

 

Of course py-ro was right about that, but... I also told how I can't access the overlays.gentoo.org

 *me wrote:*   

> And accessing that (other one I reported about) page from some http client (Firefox and Lynx tested in these, what, two hours), gives no replies whatsoever?
> 
> And the 148.251.78.52 shows (to me) at times as host overlays.gentoo.org and at other times as oystercatcher.gentoo.org
> 
> But wait, never mind what it shows in Wireshark loaded pcap file (taken from command line with dumpcap) --at at least one time it didn't even show-- it brings to me in none of the two http clients mentioned no content in all these two or so hours.
> ...

 

Now how I studied what information I could glean (the Chinese ZXDSL 931VII

ADSL router doesn't even send the dynamic IP to the user! Can't get it with

dumpcap, can only get it from it's interface, as an example of the difficulies

I have...

And I'll try and post a few info.

First the address that I tried to connect from, the last time:

93.138.2.170

That should be a clue if someone over there at Gentoo was curious why I got no

content when pasting "overlays.gentoo.org" in Firefox's address bar and

hitting Enter. If...

That last time was exactly on 2014-12-03 at 03:12 CET (which is, I think 02:12

GMT at this time of year).

Much more coming... hopefully.

======= cut off from this line to end if verifying hashes =======

File corresponding to this post: Gen_141203_overlays-g-o_empty.txt,

has Publictimestamp # 1249292

-- 

publictimestamp.org/ptb/PTB-22251 sha256 2014-12-03 00:01:47

1CD620A81A5B7B6FE7C3B5BE71B1044DC7293C38AD4F43248FD80E745043EE0F

----------

## miroR

Still the same 93.138.2.170 my address (just if, see previous post).

I thought about it. It must be a cookie issue.

This is the first time, this period of about one week, that I decided to connect with Gentoo, was connecting with Debian, with less important data in the system I was connecting with, and on old machine, for months...

And I actually got, currently, only two sites allowed (and I remembered miserably; I'm 57, not fresh)...

I got, currently, only three sites allowed to set cookies:

gentoo.org

wiki.gentoo.org

forums.gentoo.org

And I bet, haven't tried yet, but I bet, I'll be able to see content in the page in question (see previous post), if I allow cookies from that page (you don't need to see the previous post for that...  :Wink:  , sorry for misleading you, was intentional):

overlays.gentoo.org

I did it. Let's see now... Will be back. Hopefully.

----------

## miroR

 *Quote:*   

> ...
> 
> overlays.gentoo.org
> 
> ...
> ...

 

Nope. I was wrong. Allowing cookies for that didn't help. Even after restarting Firefox, it doesn't show (and how did I forget that I tried with lynx; so it's not the cookies).

Anyway, this is the way I capture traffic and screencast, and conntrack along, the entire method.

First of all, I'm never online continuosly, unless downloading for my local mirror (see my Air-Gapped Gentoo Install, Tentative

https://forums.gentoo.org/viewtopic-t-987268.html ), or my Debian Jigdo DVDs.

And it's not physically plugging the line first.

First is, as regular user in same dir as seconds later will run commands below as root:

```

$ ffmpeg -f x11grab -s 1024x768 -r 25 -i :0.0 -c:v libx264 -preset ultrafast -threads 0 Screen_`date +%y%m%d_%H%M`_`hostname`.mkv

```

Then, as root, in same dir, both command below in one same terminal:

```

# conntrack -E 2>&1 | tee /some-where/conntrack-E_`date +%y%m%d_%H%M`.log &

# touch dump_`date +%y%m%d_%H%M`_`hostname`.pcap && dumpcap -i any -w dump_`date +%y%m%d_%H%M`_`hostname`.pcap &

```

And only then do I plug into the router.

When I do the work, I first, unplug from the internet (physically), then wait for conntrack to show the DESTROY lines, then twice

```

# fg

```

followed by Ctrl-C to kill the two processes in the root's terminal.

And only then Ctrl-Q in the regular user's terminal with the ffmpeg line.

And then I analyze that for sometimes a loong time.

You can see (but with "r 10", 10 frames per second rate, what I used to get on my Debian machine (haven't abandoned Debian, just this is even more powerful) here:

http://www.croatiafidelis.hr/gnu/Flowstamp/

(read there and find the Screencast; it's similar what I do now, just now is not jumply btwn frames at all).

And, since I would like to see a solution to this, I'll post some of my network capture next... If I make it. Headache moving in... It's been a sleepless night here in Europe's southern regions of Croatia...

And can't just post without conidering if I need to hide some date from it...

And, I almost forgot. But it couldn't be that... I also recently started finally using IPtables... It couldn't be that, I don't think, because I didn't put in there anytihing that would preclude a particular adress like the one that the overlays.gentoo.org translates into in my either Firefox or Lynx...

----------

## miroR

So let's talk of what I caught in some two minutes (2m 20s) on 2014-12-03 at 3:12.

We are talking these files:

```

-rw-r--r-- 1 root root      18430 2014-12-03 03:14 conntrack-E_141203_0312.log

-rw-r--r-- 1 root root     262456 2014-12-03 03:14 dump_141203_0312_g0n.pcap

-rw-r--r-- 1 miro miro   14405142 2014-12-03 03:14 Screen_141203_0312_g0n.mkv

```

More precisely identified with hashes:

```

0f652f738fdedc52d4e913752ae081e1f600254b9b6408aae91657dd7064090a conntrack-E_141203_0312.log

00bb0cc486e9950662bc9a149ee45126a58654b44b1bf52fa477791697f28a6e dump_141203_0312_g0n.pcap

90d1f41c6945eb3c08848111cdb9717bf2ed4b476e03699c0a3904b14395a2e4 Screen_141203_0312_g0n.mkv

```

The screencast could be for explaining to even lay people what happened. The other two files are to really learn what happened, hopefully, and what to correct and where, to get that connection working, and the page in question showed.

The screencast shows how I did what I explained in the previous post, surely, you just don't see that I issued the ffmpeg command, you just see it starting to run, but you do see those other commands as root. May post it on www.CroatiaFidelis.hr and link here at some later unspecified time in the future (unless something were to prevent me from).

The dump pcap file consists of 554 packets, and that's huge information in there, very knowledge intensive as my teacher Oskar Andreasson wrote (via his books he gave us for free

Iptables-tutorial

https://www.frozentux.net/documents/iptables-tutorial/

). 554, five hundred and fifty four packets about what happened in those two minutes.

But I'll take out and post here just what happened in maybe two or three seconds, only a sequence of 12 packets, from packet 373 to packet 384, in the initial investigative attempt of the snail-pace slow worker Miro, and I'll post first the first 8 packets of that sequence, which do not appear to show errors (are colored normally in Wireshark), and then, in the next post, I'll try and post the remaining sequence of 4 packets, that show retransmission to overlays.gentoo.org and are colored in dark reverse.

So the first 8 packets, in this post.

```

No.     Time           Source                Destination           Protocol Length Info

    373 39.244639000   192.168.1.2           192.168.1.1           DNS      81     Standard query 0x0bcf  A overlays.gentoo.org

Frame 373: 81 bytes on wire (648 bits), 81 bytes captured (648 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:55.272768000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572775.272768000 seconds

    [Time delta from previous captured frame: 6.653168000 seconds]

    [Time delta from previous displayed frame: 6.653168000 seconds]

    [Time since reference or first frame: 39.244639000 seconds]

    Frame Number: 373

    Frame Length: 81 bytes (648 bits)

    Capture Length: 81 bytes (648 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:udp:dns]

    [Coloring Rule Name: UDP]

    [Coloring Rule String: udp]

Linux cooked capture

    Packet type: Sent by us (4)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: 192.168.1.1 (192.168.1.1)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 65

    Identification: 0x5aaf (23215)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: UDP (17)

    Header checksum: 0x5ca9 [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.2 (192.168.1.2)

    Destination: 192.168.1.1 (192.168.1.1)

User Datagram Protocol, Src Port: 52966 (52966), Dst Port: domain (53)

    Source Port: 52966 (52966)

    Destination Port: domain (53)

    Length: 45

    Checksum: 0x8392 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    [Stream index: 4]

Domain Name System (query)

    [Response In: 375]

    Transaction ID: 0x0bcf

    Flags: 0x0100 Standard query

        0... .... .... .... = Response: Message is a query

        .000 0... .... .... = Opcode: Standard query (0)

        .... ..0. .... .... = Truncated: Message is not truncated

        .... ...1 .... .... = Recursion desired: Do query recursively

        .... .... .0.. .... = Z: reserved (0)

        .... .... ...0 .... = Non-authenticated data: Unacceptable

    Questions: 1

    Answer RRs: 0

    Authority RRs: 0

    Additional RRs: 0

    Queries

        overlays.gentoo.org: type A, class IN

            Name: overlays.gentoo.org

            [Name Length: 19]

            [Label Count: 3]

            Type: A (Host Address) (1)

            Class: IN (0x0001)

No.     Time           Source                Destination           Protocol Length Info

    374 39.244655000   192.168.1.2           192.168.1.1           DNS      81     Standard query 0x4f75  AAAA overlays.gentoo.org

Frame 374: 81 bytes on wire (648 bits), 81 bytes captured (648 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:55.272784000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572775.272784000 seconds

    [Time delta from previous captured frame: 0.000016000 seconds]

    [Time delta from previous displayed frame: 0.000016000 seconds]

    [Time since reference or first frame: 39.244655000 seconds]

    Frame Number: 374

    Frame Length: 81 bytes (648 bits)

    Capture Length: 81 bytes (648 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:udp:dns]

    [Coloring Rule Name: UDP]

    [Coloring Rule String: udp]

Linux cooked capture

    Packet type: Sent by us (4)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: 192.168.1.1 (192.168.1.1)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 65

    Identification: 0x5ab0 (23216)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: UDP (17)

    Header checksum: 0x5ca8 [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.2 (192.168.1.2)

    Destination: 192.168.1.1 (192.168.1.1)

User Datagram Protocol, Src Port: 52966 (52966), Dst Port: domain (53)

    Source Port: 52966 (52966)

    Destination Port: domain (53)

    Length: 45

    Checksum: 0x8392 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    [Stream index: 4]

Domain Name System (query)

    [Response In: 376]

    Transaction ID: 0x4f75

    Flags: 0x0100 Standard query

        0... .... .... .... = Response: Message is a query

        .000 0... .... .... = Opcode: Standard query (0)

        .... ..0. .... .... = Truncated: Message is not truncated

        .... ...1 .... .... = Recursion desired: Do query recursively

        .... .... .0.. .... = Z: reserved (0)

        .... .... ...0 .... = Non-authenticated data: Unacceptable

    Questions: 1

    Answer RRs: 0

    Authority RRs: 0

    Additional RRs: 0

    Queries

        overlays.gentoo.org: type AAAA, class IN

            Name: overlays.gentoo.org

            [Name Length: 19]

            [Label Count: 3]

            Type: AAAA (IPv6 Address) (28)

            Class: IN (0x0001)

No.     Time           Source                Destination           Protocol Length Info

    375 39.293745000   192.168.1.1           192.168.1.2           DNS      241    Standard query response 0x0bcf  CNAME oystercatcher.gentoo.org A 148.251.78.52

Frame 375: 241 bytes on wire (1928 bits), 241 bytes captured (1928 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:55.321874000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572775.321874000 seconds

    [Time delta from previous captured frame: 0.049090000 seconds]

    [Time delta from previous displayed frame: 0.049090000 seconds]

    [Time since reference or first frame: 39.293745000 seconds]

    Frame Number: 375

    Frame Length: 241 bytes (1928 bits)

    Capture Length: 241 bytes (1928 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:udp:dns]

    [Coloring Rule Name: UDP]

    [Coloring Rule String: udp]

Linux cooked capture

    Packet type: Unicast to us (0)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: Zte_41:b7:d5 (2c:95:7f:41:b7:d5)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.1 (192.168.1.1), Dst: 192.168.1.2 (192.168.1.2)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 225

    Identification: 0x0000 (0)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: UDP (17)

    Header checksum: 0xb6b8 [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.1 (192.168.1.1)

    Destination: 192.168.1.2 (192.168.1.2)

User Datagram Protocol, Src Port: domain (53), Dst Port: 52966 (52966)

    Source Port: domain (53)

    Destination Port: 52966 (52966)

    Length: 205

    Checksum: 0x4071 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    [Stream index: 4]

Domain Name System (response)

    [Request In: 373]

    [Time: 0.049106000 seconds]

    Transaction ID: 0x0bcf

    Flags: 0x8180 Standard query response, No error

        1... .... .... .... = Response: Message is a response

        .000 0... .... .... = Opcode: Standard query (0)

        .... .0.. .... .... = Authoritative: Server is not an authority for domain

        .... ..0. .... .... = Truncated: Message is not truncated

        .... ...1 .... .... = Recursion desired: Do query recursively

        .... .... 1... .... = Recursion available: Server can do recursive queries

        .... .... .0.. .... = Z: reserved (0)

        .... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server

        .... .... ...0 .... = Non-authenticated data: Unacceptable

        .... .... .... 0000 = Reply code: No error (0)

    Questions: 1

    Answer RRs: 2

    Authority RRs: 4

    Additional RRs: 2

    Queries

        overlays.gentoo.org: type A, class IN

            Name: overlays.gentoo.org

            [Name Length: 19]

            [Label Count: 3]

            Type: A (Host Address) (1)

            Class: IN (0x0001)

    Answers

        overlays.gentoo.org: type CNAME, class IN, cname oystercatcher.gentoo.org

            Name: overlays.gentoo.org

            Type: CNAME (Canonical NAME for an alias) (5)

            Class: IN (0x0001)

            Time to live: 600

            Data length: 16

            CNAME: oystercatcher.gentoo.org

        oystercatcher.gentoo.org: type A, class IN, addr 148.251.78.52

            Name: oystercatcher.gentoo.org

            Type: A (Host Address) (1)

            Class: IN (0x0001)

            Time to live: 82666

            Data length: 4

            Address: oystercatcher.gentoo.org (148.251.78.52)

    Authoritative nameservers

        gentoo.org: type NS, class IN, ns ns4.gentoo.org

            Name: gentoo.org

            Type: NS (authoritative Name Server) (2)

            Class: IN (0x0001)

            Time to live: 82665

            Data length: 6

            Name Server: ns4.gentoo.org

        gentoo.org: type NS, class IN, ns ns2.gentoo.org

            Name: gentoo.org

            Type: NS (authoritative Name Server) (2)

            Class: IN (0x0001)

            Time to live: 82665

            Data length: 6

            Name Server: ns2.gentoo.org

        gentoo.org: type NS, class IN, ns ns1.gentoo.org

            Name: gentoo.org

            Type: NS (authoritative Name Server) (2)

            Class: IN (0x0001)

            Time to live: 82665

            Data length: 6

            Name Server: ns1.gentoo.org

        gentoo.org: type NS, class IN, ns ns3.gentoo.org

            Name: gentoo.org

            Type: NS (authoritative Name Server) (2)

            Class: IN (0x0001)

            Time to live: 82665

            Data length: 6

            Name Server: ns3.gentoo.org

    Additional records

        ns2.gentoo.org: type A, class IN, addr 194.116.84.30

            Name: ns2.gentoo.org

            Type: A (Host Address) (1)

            Class: IN (0x0001)

            Time to live: 74523

            Data length: 4

            Address: ns2.gentoo.org (194.116.84.30)

        ns2.gentoo.org: type AAAA, class IN, addr 2001:7f8:23:323::1e

            Name: ns2.gentoo.org

            Type: AAAA (IPv6 Address) (28)

            Class: IN (0x0001)

            Time to live: 27743

            Data length: 16

            AAAA Address: ns2.gentoo.org (2001:7f8:23:323::1e)

No.     Time           Source                Destination           Protocol Length Info

    376 39.295102000   192.168.1.1           192.168.1.2           DNS      253    Standard query response 0x4f75  CNAME oystercatcher.gentoo.org AAAA 2a01:4f8:202:4333::2

Frame 376: 253 bytes on wire (2024 bits), 253 bytes captured (2024 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:55.323231000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572775.323231000 seconds

    [Time delta from previous captured frame: 0.001357000 seconds]

    [Time delta from previous displayed frame: 0.001357000 seconds]

    [Time since reference or first frame: 39.295102000 seconds]

    Frame Number: 376

    Frame Length: 253 bytes (2024 bits)

    Capture Length: 253 bytes (2024 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:udp:dns]

    [Coloring Rule Name: UDP]

    [Coloring Rule String: udp]

Linux cooked capture

    Packet type: Unicast to us (0)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: Zte_41:b7:d5 (2c:95:7f:41:b7:d5)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.1 (192.168.1.1), Dst: 192.168.1.2 (192.168.1.2)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 237

    Identification: 0x0000 (0)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: UDP (17)

    Header checksum: 0xb6ac [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.1 (192.168.1.1)

    Destination: 192.168.1.2 (192.168.1.2)

User Datagram Protocol, Src Port: domain (53), Dst Port: 52966 (52966)

    Source Port: domain (53)

    Destination Port: 52966 (52966)

    Length: 217

    Checksum: 0x7e21 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    [Stream index: 4]

Domain Name System (response)

    [Request In: 374]

    [Time: 0.050447000 seconds]

    Transaction ID: 0x4f75

    Flags: 0x8180 Standard query response, No error

        1... .... .... .... = Response: Message is a response

        .000 0... .... .... = Opcode: Standard query (0)

        .... .0.. .... .... = Authoritative: Server is not an authority for domain

        .... ..0. .... .... = Truncated: Message is not truncated

        .... ...1 .... .... = Recursion desired: Do query recursively

        .... .... 1... .... = Recursion available: Server can do recursive queries

        .... .... .0.. .... = Z: reserved (0)

        .... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server

        .... .... ...0 .... = Non-authenticated data: Unacceptable

        .... .... .... 0000 = Reply code: No error (0)

    Questions: 1

    Answer RRs: 2

    Authority RRs: 4

    Additional RRs: 2

    Queries

        overlays.gentoo.org: type AAAA, class IN

            Name: overlays.gentoo.org

            [Name Length: 19]

            [Label Count: 3]

            Type: AAAA (IPv6 Address) (28)

            Class: IN (0x0001)

    Answers

        overlays.gentoo.org: type CNAME, class IN, cname oystercatcher.gentoo.org

            Name: overlays.gentoo.org

            Type: CNAME (Canonical NAME for an alias) (5)

            Class: IN (0x0001)

            Time to live: 600

            Data length: 16

            CNAME: oystercatcher.gentoo.org

        oystercatcher.gentoo.org: type AAAA, class IN, addr 2a01:4f8:202:4333::2

            Name: oystercatcher.gentoo.org

            Type: AAAA (IPv6 Address) (28)

            Class: IN (0x0001)

            Time to live: 82666

            Data length: 16

            AAAA Address: oystercatcher.gentoo.org (2a01:4f8:202:4333::2)

    Authoritative nameservers

        gentoo.org: type NS, class IN, ns ns4.gentoo.org

            Name: gentoo.org

            Type: NS (authoritative Name Server) (2)

            Class: IN (0x0001)

            Time to live: 82665

            Data length: 6

            Name Server: ns4.gentoo.org

        gentoo.org: type NS, class IN, ns ns1.gentoo.org

            Name: gentoo.org

            Type: NS (authoritative Name Server) (2)

            Class: IN (0x0001)

            Time to live: 82665

            Data length: 6

            Name Server: ns1.gentoo.org

        gentoo.org: type NS, class IN, ns ns2.gentoo.org

            Name: gentoo.org

            Type: NS (authoritative Name Server) (2)

            Class: IN (0x0001)

            Time to live: 82665

            Data length: 6

            Name Server: ns2.gentoo.org

        gentoo.org: type NS, class IN, ns ns3.gentoo.org

            Name: gentoo.org

            Type: NS (authoritative Name Server) (2)

            Class: IN (0x0001)

            Time to live: 82665

            Data length: 6

            Name Server: ns3.gentoo.org

    Additional records

        ns2.gentoo.org: type A, class IN, addr 194.116.84.30

            Name: ns2.gentoo.org

            Type: A (Host Address) (1)

            Class: IN (0x0001)

            Time to live: 74523

            Data length: 4

            Address: ns2.gentoo.org (194.116.84.30)

        ns2.gentoo.org: type AAAA, class IN, addr 2001:7f8:23:323::1e

            Name: ns2.gentoo.org

            Type: AAAA (IPv6 Address) (28)

            Class: IN (0x0001)

            Time to live: 27743

            Data length: 16

            AAAA Address: ns2.gentoo.org (2001:7f8:23:323::1e)

No.     Time           Source                Destination           Protocol Length Info

    377 39.295467000   192.168.1.2           oystercatcher.gentoo.org TCP      76     36863→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145614907 TSecr=0 WS=128

Frame 377: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:55.323596000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572775.323596000 seconds

    [Time delta from previous captured frame: 0.000365000 seconds]

    [Time delta from previous displayed frame: 0.000365000 seconds]

    [Time since reference or first frame: 39.295467000 seconds]

    Frame Number: 377

    Frame Length: 76 bytes (608 bits)

    Capture Length: 76 bytes (608 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:tcp]

    [Coloring Rule Name: HTTP]

    [Coloring Rule String: http || tcp.port == 80 || http2]

Linux cooked capture

    Packet type: Sent by us (4)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: oystercatcher.gentoo.org (148.251.78.52)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 60

    Identification: 0x0364 (868)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: TCP (6)

    Header checksum: 0x927e [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.2 (192.168.1.2)

    Destination: oystercatcher.gentoo.org (148.251.78.52)

Transmission Control Protocol, Src Port: 36863 (36863), Dst Port: http (80), Seq: 0, Len: 0

    Source Port: 36863 (36863)

    Destination Port: http (80)

    [Stream index: 7]

    [TCP Segment Len: 0]

    Sequence number: 0    (relative sequence number)

    Acknowledgment number: 0

    Header Length: 40 bytes

    .... 0000 0000 0010 = Flags: 0x002 (SYN)

        000. .... .... = Reserved: Not set

        ...0 .... .... = Nonce: Not set

        .... 0... .... = Congestion Window Reduced (CWR): Not set

        .... .0.. .... = ECN-Echo: Not set

        .... ..0. .... = Urgent: Not set

        .... ...0 .... = Acknowledgment: Not set

        .... .... 0... = Push: Not set

        .... .... .0.. = Reset: Not set

        .... .... ..1. = Syn: Set

            [Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]

                [Connection establish request (SYN): server port http]

                [Severity level: Chat]

                [Group: Sequence]

        .... .... ...0 = Fin: Not set

    Window size value: 29200

    [Calculated window size: 29200]

    Checksum: 0xa508 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    Urgent pointer: 0

    Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale

        Maximum segment size: 1460 bytes

            Kind: Maximum Segment Size (2)

            Length: 4

            MSS Value: 1460

        TCP SACK Permitted Option: True

            Kind: SACK Permitted (4)

            Length: 2

        Timestamps: TSval 145614907, TSecr 0

            Kind: Time Stamp Option (8)

            Length: 10

            Timestamp value: 145614907

            Timestamp echo reply: 0

        No-Operation (NOP)

            Type: 1

                0... .... = Copy on fragmentation: No

                .00. .... = Class: Control (0)

                ...0 0001 = Number: No-Operation (NOP) (1)

        Window scale: 7 (multiply by 128)

            Kind: Window Scale (3)

            Length: 3

            Shift count: 7

            [Multiplier: 128]

No.     Time           Source                Destination           Protocol Length Info

    378 39.546131000   192.168.1.2           oystercatcher.gentoo.org TCP      76     36864→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145615158 TSecr=0 WS=128

Frame 378: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:55.574260000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572775.574260000 seconds

    [Time delta from previous captured frame: 0.250664000 seconds]

    [Time delta from previous displayed frame: 0.250664000 seconds]

    [Time since reference or first frame: 39.546131000 seconds]

    Frame Number: 378

    Frame Length: 76 bytes (608 bits)

    Capture Length: 76 bytes (608 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:tcp]

    [Coloring Rule Name: HTTP]

    [Coloring Rule String: http || tcp.port == 80 || http2]

Linux cooked capture

    Packet type: Sent by us (4)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: oystercatcher.gentoo.org (148.251.78.52)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 60

    Identification: 0x5d7c (23932)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: TCP (6)

    Header checksum: 0x3866 [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.2 (192.168.1.2)

    Destination: oystercatcher.gentoo.org (148.251.78.52)

Transmission Control Protocol, Src Port: 36864 (36864), Dst Port: http (80), Seq: 0, Len: 0

    Source Port: 36864 (36864)

    Destination Port: http (80)

    [Stream index: 8]

    [TCP Segment Len: 0]

    Sequence number: 0    (relative sequence number)

    Acknowledgment number: 0

    Header Length: 40 bytes

    .... 0000 0000 0010 = Flags: 0x002 (SYN)

        000. .... .... = Reserved: Not set

        ...0 .... .... = Nonce: Not set

        .... 0... .... = Congestion Window Reduced (CWR): Not set

        .... .0.. .... = ECN-Echo: Not set

        .... ..0. .... = Urgent: Not set

        .... ...0 .... = Acknowledgment: Not set

        .... .... 0... = Push: Not set

        .... .... .0.. = Reset: Not set

        .... .... ..1. = Syn: Set

            [Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]

                [Connection establish request (SYN): server port http]

                [Severity level: Chat]

                [Group: Sequence]

        .... .... ...0 = Fin: Not set

    Window size value: 29200

    [Calculated window size: 29200]

    Checksum: 0xa508 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    Urgent pointer: 0

    Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale

        Maximum segment size: 1460 bytes

            Kind: Maximum Segment Size (2)

            Length: 4

            MSS Value: 1460

        TCP SACK Permitted Option: True

            Kind: SACK Permitted (4)

            Length: 2

        Timestamps: TSval 145615158, TSecr 0

            Kind: Time Stamp Option (8)

            Length: 10

            Timestamp value: 145615158

            Timestamp echo reply: 0

        No-Operation (NOP)

            Type: 1

                0... .... = Copy on fragmentation: No

                .00. .... = Class: Control (0)

                ...0 0001 = Number: No-Operation (NOP) (1)

        Window scale: 7 (multiply by 128)

            Kind: Window Scale (3)

            Length: 3

            Shift count: 7

            [Multiplier: 128]

No.     Time           Source                Destination           Protocol Length Info

    379 39.551442000   192.168.1.2           192.168.1.1           DNS      81     Standard query 0x83ec  A overlays.gentoo.org

Frame 379: 81 bytes on wire (648 bits), 81 bytes captured (648 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:55.579571000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572775.579571000 seconds

    [Time delta from previous captured frame: 0.005311000 seconds]

    [Time delta from previous displayed frame: 0.005311000 seconds]

    [Time since reference or first frame: 39.551442000 seconds]

    Frame Number: 379

    Frame Length: 81 bytes (648 bits)

    Capture Length: 81 bytes (648 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:udp:dns]

    [Coloring Rule Name: UDP]

    [Coloring Rule String: udp]

Linux cooked capture

    Packet type: Sent by us (4)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: 192.168.1.1 (192.168.1.1)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 65

    Identification: 0x5aff (23295)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: UDP (17)

    Header checksum: 0x5c59 [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.2 (192.168.1.2)

    Destination: 192.168.1.1 (192.168.1.1)

User Datagram Protocol, Src Port: 33504 (33504), Dst Port: domain (53)

    Source Port: 33504 (33504)

    Destination Port: domain (53)

    Length: 45

    Checksum: 0x8392 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    [Stream index: 5]

Domain Name System (query)

    [Response In: 380]

    Transaction ID: 0x83ec

    Flags: 0x0100 Standard query

        0... .... .... .... = Response: Message is a query

        .000 0... .... .... = Opcode: Standard query (0)

        .... ..0. .... .... = Truncated: Message is not truncated

        .... ...1 .... .... = Recursion desired: Do query recursively

        .... .... .0.. .... = Z: reserved (0)

        .... .... ...0 .... = Non-authenticated data: Unacceptable

    Questions: 1

    Answer RRs: 0

    Authority RRs: 0

    Additional RRs: 0

    Queries

        overlays.gentoo.org: type A, class IN

            Name: overlays.gentoo.org

            [Name Length: 19]

            [Label Count: 3]

            Type: A (Host Address) (1)

            Class: IN (0x0001)

No.     Time           Source                Destination           Protocol Length Info

    380 39.552243000   192.168.1.1           192.168.1.2           DNS      97     Standard query response 0x83ec  A 148.251.78.52

Frame 380: 97 bytes on wire (776 bits), 97 bytes captured (776 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:55.580372000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572775.580372000 seconds

    [Time delta from previous captured frame: 0.000801000 seconds]

    [Time delta from previous displayed frame: 0.000801000 seconds]

    [Time since reference or first frame: 39.552243000 seconds]

    Frame Number: 380

    Frame Length: 97 bytes (776 bits)

    Capture Length: 97 bytes (776 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:udp:dns]

    [Coloring Rule Name: UDP]

    [Coloring Rule String: udp]

Linux cooked capture

    Packet type: Unicast to us (0)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: Zte_41:b7:d5 (2c:95:7f:41:b7:d5)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.1 (192.168.1.1), Dst: 192.168.1.2 (192.168.1.2)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 81

    Identification: 0x0000 (0)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: UDP (17)

    Header checksum: 0xb748 [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.1 (192.168.1.1)

    Destination: 192.168.1.2 (192.168.1.2)

User Datagram Protocol, Src Port: domain (53), Dst Port: 33504 (33504)

    Source Port: domain (53)

    Destination Port: 33504 (33504)

    Length: 61

    Checksum: 0xd615 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    [Stream index: 5]

Domain Name System (response)

    [Request In: 379]

    [Time: 0.000801000 seconds]

    Transaction ID: 0x83ec

    Flags: 0x8180 Standard query response, No error

        1... .... .... .... = Response: Message is a response

        .000 0... .... .... = Opcode: Standard query (0)

        .... .0.. .... .... = Authoritative: Server is not an authority for domain

        .... ..0. .... .... = Truncated: Message is not truncated

        .... ...1 .... .... = Recursion desired: Do query recursively

        .... .... 1... .... = Recursion available: Server can do recursive queries

        .... .... .0.. .... = Z: reserved (0)

        .... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server

        .... .... ...0 .... = Non-authenticated data: Unacceptable

        .... .... .... 0000 = Reply code: No error (0)

    Questions: 1

    Answer RRs: 1

    Authority RRs: 0

    Additional RRs: 0

    Queries

        overlays.gentoo.org: type A, class IN

            Name: overlays.gentoo.org

            [Name Length: 19]

            [Label Count: 3]

            Type: A (Host Address) (1)

            Class: IN (0x0001)

    Answers

        overlays.gentoo.org: type A, class IN, addr 148.251.78.52

            Name: overlays.gentoo.org

            Type: A (Host Address) (1)

            Class: IN (0x0001)

            Time to live: 600

            Data length: 4

            Address: overlays.gentoo.org (148.251.78.52)

```

======= cut off from this line to end if verifying hashes =======

File corresponding to this post: Gen_141203_overlays-g-o_empty_4.txt,

has Publictimestamp # 1249370

-- 

publictimestamp.org/ptb/PTB-22257 sha256 2014-12-03 18:01:45

3613E8A7542D29887C1A1D4FE003FB1A715DD1B169B89FE64ECE0D080F8508D9

----------

## miroR

The 4 dark colored (in Wireshark) sequence of packets right after the normally colored 8 (they altogether make one sequencs. Sole change, in the enrier sequence, is the MAC of the router (the ending), my eth1 MAC is always set non-permanent with macchanger).

```

No.     Time           Source                Destination           Protocol Length Info

    381 40.296054000   192.168.1.2           overlays.gentoo.org   TCP      76     [TCP Retransmission] 36863→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145615908 TSecr=0 WS=128

Frame 381: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:56.324183000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572776.324183000 seconds

    [Time delta from previous captured frame: 0.743811000 seconds]

    [Time delta from previous displayed frame: 0.743811000 seconds]

    [Time since reference or first frame: 40.296054000 seconds]

    Frame Number: 381

    Frame Length: 76 bytes (608 bits)

    Capture Length: 76 bytes (608 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:tcp]

    [Coloring Rule Name: Bad TCP]

    [Coloring Rule String: tcp.analysis.flags && !tcp.analysis.window_update]

Linux cooked capture

    Packet type: Sent by us (4)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: overlays.gentoo.org (148.251.78.52)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 60

    Identification: 0x0365 (869)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: TCP (6)

    Header checksum: 0x927d [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.2 (192.168.1.2)

    Destination: overlays.gentoo.org (148.251.78.52)

Transmission Control Protocol, Src Port: 36863 (36863), Dst Port: http (80), Seq: 0, Len: 0

    Source Port: 36863 (36863)

    Destination Port: http (80)

    [Stream index: 7]

    [TCP Segment Len: 0]

    Sequence number: 0    (relative sequence number)

    Acknowledgment number: 0

    Header Length: 40 bytes

    .... 0000 0000 0010 = Flags: 0x002 (SYN)

        000. .... .... = Reserved: Not set

        ...0 .... .... = Nonce: Not set

        .... 0... .... = Congestion Window Reduced (CWR): Not set

        .... .0.. .... = ECN-Echo: Not set

        .... ..0. .... = Urgent: Not set

        .... ...0 .... = Acknowledgment: Not set

        .... .... 0... = Push: Not set

        .... .... .0.. = Reset: Not set

        .... .... ..1. = Syn: Set

            [Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]

                [Connection establish request (SYN): server port http]

                [Severity level: Chat]

                [Group: Sequence]

        .... .... ...0 = Fin: Not set

    Window size value: 29200

    [Calculated window size: 29200]

    Checksum: 0xa508 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    Urgent pointer: 0

    Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale

        Maximum segment size: 1460 bytes

            Kind: Maximum Segment Size (2)

            Length: 4

            MSS Value: 1460

        TCP SACK Permitted Option: True

            Kind: SACK Permitted (4)

            Length: 2

        Timestamps: TSval 145615908, TSecr 0

            Kind: Time Stamp Option (8)

            Length: 10

            Timestamp value: 145615908

            Timestamp echo reply: 0

        No-Operation (NOP)

            Type: 1

                0... .... = Copy on fragmentation: No

                .00. .... = Class: Control (0)

                ...0 0001 = Number: No-Operation (NOP) (1)

        Window scale: 7 (multiply by 128)

            Kind: Window Scale (3)

            Length: 3

            Shift count: 7

            [Multiplier: 128]

    [SEQ/ACK analysis]

        [TCP Analysis Flags]

            [Expert Info (Note/Sequence): This frame is a (suspected) retransmission]

                [This frame is a (suspected) retransmission]

                [Severity level: Note]

                [Group: Sequence]

            [The RTO for this segment was: 1.000587000 seconds]

            [RTO based on delta from frame: 377]

No.     Time           Source                Destination           Protocol Length Info

    382 40.548052000   192.168.1.2           overlays.gentoo.org   TCP      76     [TCP Retransmission] 36864→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145616160 TSecr=0 WS=128

Frame 382: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:56.576181000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572776.576181000 seconds

    [Time delta from previous captured frame: 0.251998000 seconds]

    [Time delta from previous displayed frame: 0.251998000 seconds]

    [Time since reference or first frame: 40.548052000 seconds]

    Frame Number: 382

    Frame Length: 76 bytes (608 bits)

    Capture Length: 76 bytes (608 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:tcp]

    [Coloring Rule Name: Bad TCP]

    [Coloring Rule String: tcp.analysis.flags && !tcp.analysis.window_update]

Linux cooked capture

    Packet type: Sent by us (4)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: overlays.gentoo.org (148.251.78.52)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 60

    Identification: 0x5d7d (23933)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: TCP (6)

    Header checksum: 0x3865 [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.2 (192.168.1.2)

    Destination: overlays.gentoo.org (148.251.78.52)

Transmission Control Protocol, Src Port: 36864 (36864), Dst Port: http (80), Seq: 0, Len: 0

    Source Port: 36864 (36864)

    Destination Port: http (80)

    [Stream index: 8]

    [TCP Segment Len: 0]

    Sequence number: 0    (relative sequence number)

    Acknowledgment number: 0

    Header Length: 40 bytes

    .... 0000 0000 0010 = Flags: 0x002 (SYN)

        000. .... .... = Reserved: Not set

        ...0 .... .... = Nonce: Not set

        .... 0... .... = Congestion Window Reduced (CWR): Not set

        .... .0.. .... = ECN-Echo: Not set

        .... ..0. .... = Urgent: Not set

        .... ...0 .... = Acknowledgment: Not set

        .... .... 0... = Push: Not set

        .... .... .0.. = Reset: Not set

        .... .... ..1. = Syn: Set

            [Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]

                [Connection establish request (SYN): server port http]

                [Severity level: Chat]

                [Group: Sequence]

        .... .... ...0 = Fin: Not set

    Window size value: 29200

    [Calculated window size: 29200]

    Checksum: 0xa508 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    Urgent pointer: 0

    Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale

        Maximum segment size: 1460 bytes

            Kind: Maximum Segment Size (2)

            Length: 4

            MSS Value: 1460

        TCP SACK Permitted Option: True

            Kind: SACK Permitted (4)

            Length: 2

        Timestamps: TSval 145616160, TSecr 0

            Kind: Time Stamp Option (8)

            Length: 10

            Timestamp value: 145616160

            Timestamp echo reply: 0

        No-Operation (NOP)

            Type: 1

                0... .... = Copy on fragmentation: No

                .00. .... = Class: Control (0)

                ...0 0001 = Number: No-Operation (NOP) (1)

        Window scale: 7 (multiply by 128)

            Kind: Window Scale (3)

            Length: 3

            Shift count: 7

            [Multiplier: 128]

    [SEQ/ACK analysis]

        [TCP Analysis Flags]

            [Expert Info (Note/Sequence): This frame is a (suspected) retransmission]

                [This frame is a (suspected) retransmission]

                [Severity level: Note]

                [Group: Sequence]

            [The RTO for this segment was: 1.001921000 seconds]

            [RTO based on delta from frame: 378]

No.     Time           Source                Destination           Protocol Length Info

    383 42.300063000   192.168.1.2           overlays.gentoo.org   TCP      76     [TCP Retransmission] 36863→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145617912 TSecr=0 WS=128

Frame 383: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:58.328192000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572778.328192000 seconds

    [Time delta from previous captured frame: 1.752011000 seconds]

    [Time delta from previous displayed frame: 1.752011000 seconds]

    [Time since reference or first frame: 42.300063000 seconds]

    Frame Number: 383

    Frame Length: 76 bytes (608 bits)

    Capture Length: 76 bytes (608 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:tcp]

    [Coloring Rule Name: Bad TCP]

    [Coloring Rule String: tcp.analysis.flags && !tcp.analysis.window_update]

Linux cooked capture

    Packet type: Sent by us (4)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: overlays.gentoo.org (148.251.78.52)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 60

    Identification: 0x0366 (870)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: TCP (6)

    Header checksum: 0x927c [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.2 (192.168.1.2)

    Destination: overlays.gentoo.org (148.251.78.52)

Transmission Control Protocol, Src Port: 36863 (36863), Dst Port: http (80), Seq: 0, Len: 0

    Source Port: 36863 (36863)

    Destination Port: http (80)

    [Stream index: 7]

    [TCP Segment Len: 0]

    Sequence number: 0    (relative sequence number)

    Acknowledgment number: 0

    Header Length: 40 bytes

    .... 0000 0000 0010 = Flags: 0x002 (SYN)

        000. .... .... = Reserved: Not set

        ...0 .... .... = Nonce: Not set

        .... 0... .... = Congestion Window Reduced (CWR): Not set

        .... .0.. .... = ECN-Echo: Not set

        .... ..0. .... = Urgent: Not set

        .... ...0 .... = Acknowledgment: Not set

        .... .... 0... = Push: Not set

        .... .... .0.. = Reset: Not set

        .... .... ..1. = Syn: Set

            [Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]

                [Connection establish request (SYN): server port http]

                [Severity level: Chat]

                [Group: Sequence]

        .... .... ...0 = Fin: Not set

    Window size value: 29200

    [Calculated window size: 29200]

    Checksum: 0xa508 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    Urgent pointer: 0

    Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale

        Maximum segment size: 1460 bytes

            Kind: Maximum Segment Size (2)

            Length: 4

            MSS Value: 1460

        TCP SACK Permitted Option: True

            Kind: SACK Permitted (4)

            Length: 2

        Timestamps: TSval 145617912, TSecr 0

            Kind: Time Stamp Option (8)

            Length: 10

            Timestamp value: 145617912

            Timestamp echo reply: 0

        No-Operation (NOP)

            Type: 1

                0... .... = Copy on fragmentation: No

                .00. .... = Class: Control (0)

                ...0 0001 = Number: No-Operation (NOP) (1)

        Window scale: 7 (multiply by 128)

            Kind: Window Scale (3)

            Length: 3

            Shift count: 7

            [Multiplier: 128]

    [SEQ/ACK analysis]

        [TCP Analysis Flags]

            [Expert Info (Note/Sequence): This frame is a (suspected) retransmission]

                [This frame is a (suspected) retransmission]

                [Severity level: Note]

                [Group: Sequence]

            [The RTO for this segment was: 3.004596000 seconds]

            [RTO based on delta from frame: 377]

No.     Time           Source                Destination           Protocol Length Info

    384 42.552059000   192.168.1.2           overlays.gentoo.org   TCP      76     [TCP Retransmission] 36864→http [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=145618164 TSecr=0 WS=128

Frame 384: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0

    Interface id: 0 (any)

    Encapsulation type: Linux cooked-mode capture (25)

    Arrival Time: Dec  3, 2014 03:12:58.580188000 CET

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1417572778.580188000 seconds

    [Time delta from previous captured frame: 0.251996000 seconds]

    [Time delta from previous displayed frame: 0.251996000 seconds]

    [Time since reference or first frame: 42.552059000 seconds]

    Frame Number: 384

    Frame Length: 76 bytes (608 bits)

    Capture Length: 76 bytes (608 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: sll:ethertype:ip:tcp]

    [Coloring Rule Name: Bad TCP]

    [Coloring Rule String: tcp.analysis.flags && !tcp.analysis.window_update]

Linux cooked capture

    Packet type: Sent by us (4)

    Link-layer address type: 1

    Link-layer address length: 6

    Source: EdimaxTe_91:c3:ab (00:0e:2e:91:c3:ab)

    Protocol: IP (0x0800)

Internet Protocol Version 4, Src: 192.168.1.2 (192.168.1.2), Dst: overlays.gentoo.org (148.251.78.52)

    Version: 4

    Header Length: 20 bytes

    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

        0000 00.. = Differentiated Services Codepoint: Default (0x00)

        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

    Total Length: 60

    Identification: 0x5d7e (23934)

    Flags: 0x02 (Don't Fragment)

        0... .... = Reserved bit: Not set

        .1.. .... = Don't fragment: Set

        ..0. .... = More fragments: Not set

    Fragment offset: 0

    Time to live: 64

    Protocol: TCP (6)

    Header checksum: 0x3864 [validation disabled]

        [Good: False]

        [Bad: False]

    Source: 192.168.1.2 (192.168.1.2)

    Destination: overlays.gentoo.org (148.251.78.52)

Transmission Control Protocol, Src Port: 36864 (36864), Dst Port: http (80), Seq: 0, Len: 0

    Source Port: 36864 (36864)

    Destination Port: http (80)

    [Stream index: 8]

    [TCP Segment Len: 0]

    Sequence number: 0    (relative sequence number)

    Acknowledgment number: 0

    Header Length: 40 bytes

    .... 0000 0000 0010 = Flags: 0x002 (SYN)

        000. .... .... = Reserved: Not set

        ...0 .... .... = Nonce: Not set

        .... 0... .... = Congestion Window Reduced (CWR): Not set

        .... .0.. .... = ECN-Echo: Not set

        .... ..0. .... = Urgent: Not set

        .... ...0 .... = Acknowledgment: Not set

        .... .... 0... = Push: Not set

        .... .... .0.. = Reset: Not set

        .... .... ..1. = Syn: Set

            [Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]

                [Connection establish request (SYN): server port http]

                [Severity level: Chat]

                [Group: Sequence]

        .... .... ...0 = Fin: Not set

    Window size value: 29200

    [Calculated window size: 29200]

    Checksum: 0xa508 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    Urgent pointer: 0

    Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale

        Maximum segment size: 1460 bytes

            Kind: Maximum Segment Size (2)

            Length: 4

            MSS Value: 1460

        TCP SACK Permitted Option: True

            Kind: SACK Permitted (4)

            Length: 2

        Timestamps: TSval 145618164, TSecr 0

            Kind: Time Stamp Option (8)

            Length: 10

            Timestamp value: 145618164

            Timestamp echo reply: 0

        No-Operation (NOP)

            Type: 1

                0... .... = Copy on fragmentation: No

                .00. .... = Class: Control (0)

                ...0 0001 = Number: No-Operation (NOP) (1)

        Window scale: 7 (multiply by 128)

            Kind: Window Scale (3)

            Length: 3

            Shift count: 7

            [Multiplier: 128]

    [SEQ/ACK analysis]

        [TCP Analysis Flags]

            [Expert Info (Note/Sequence): This frame is a (suspected) retransmission]

                [This frame is a (suspected) retransmission]

                [Severity level: Note]

                [Group: Sequence]

            [The RTO for this segment was: 3.005928000 seconds]

            [RTO based on delta from frame: 378]

```

And now, I believe it's one of two things, or three. Either, the first, I go and read from Oskar and his book, and/or other teachers from netfilter.org or from wireshark.org or elsewhere to figure out what happened, and why I cannot open overlays.gentoo.org... which can take an unspecified amount of time...

Or, second, I go back to problems (completely unrelated to here) in my life that I postponed and have not been solved, in case I decide that I can not keep postponing them...

Or, third, I do something else, don't know what...

Namely, without much much work on my part, I cannot get what this tells me, why the page does not open for me... But the work may be too much, the understanding too costly with time to reach...

I realize something else though. Even after some 12 hours that I hadn't accessed internet, right upon my connecting first time this evening, I see the same address that I have: 93.138.2.170 again. How strange! I always used to get a dynamic address, and I don't know what to think of it. Haven't looked at no logs/captures/other of this connection, as I've been writing this partly online now.

======= cut off from this line to end if verifying hashes =======

File corresponding to this post: Gen_141203_overlays-g-o_empty_5.txt,

has Publictimestamp # 1249376

-- 

publictimestamp.org/ptb/PTB-22257 sha256 2014-12-03 18:01:45

3613E8A7542D29887C1A1D4FE003FB1A715DD1B169B89FE64ECE0D080F8508D9

----------

## Chiitoo

Pardon me if I'm not understanding the issue correct-like, but if this is about not being able to access http://overlays.gentoo.org/ or not being able to view the content of it, that's actually quite normal (as far as I can tell).  Strange it would be if you were able to.  ^^

 *http://infra-status.gentoo.org/ wrote:*   

> Maintenance and Outage Notices for Overlays
> 
>  CVS and Overlays Migration Complete
> 
> The CVS and Git Overlays services have been successfully migrated to the new hosts.
> ...

 

Apologies if this isn't what you're asking about.

I do hope this helps!

----------

## miroR

 *Chiitoo wrote:*   

> Pardon me if I'm not understanding the issue correct-like, but if this is about not being able to access http://overlays.gentoo.org/ or not being able to view the content of it, that's actually quite normal (as far as I can tell).  Strange it would be if you were able to.  ^^
> 
>  *http://infra-status.gentoo.org/ wrote:*   Maintenance and Outage Notices for Overlays
> 
>  CVS and Overlays Migration Complete
> ...

 

Chiitoo,

your reply is much appreciated. Thank you.

So it's the https://infra-status.gentoo.org/ to look at when things don't work.

I'm really busy elsewhere unrelated, and also in poor heath, so just, thanks again!

----------

## miroR

 *Chiitoo wrote:*   

> ...
> 
> http://overlays.gentoo.org/
> 
> ...
> ...

 

And there goes the same notice as already pasted by Chitoo.

It looks just like me not having moneys to fix pluming and having to wash my dishes in the bathroom...

And we are talking the best, by design, FOSS Linux in the world. In my opinion.

How I wish I could help!

Gentoo, pls. don't commercialize anyway! Keep free as in by free people and for free people!

----------

## miroR

I'm in a grip of nostalgia since I wrote about Gentoo being the best FOSS Linux in the world. above.

I fist remembered my thought that I put in writing a few months ago (the topic

"Why is Gentoo not switching to systemd?"):

 *https://forums.gentoo.org/viewtopic-t-998108-start-300.html#7624044 wrote:*   

> 
> 
> ...
> 
> would be relatively easy for me to try and use Funtoo or some BSD variant (which I recommend to readers; Funtoo for Gnome users because it has a fully functional systemd-free Gnome --as Shamus397 reported in this topic--, and because Daniel Robbins, I think I'm missing him in Gentoo; would be great if there were talk of a merge and him having an active high role in all Gentoo things, but I don't know enough about him to tell for sure)... 
> ...

 

And later

 *https://forums.gentoo.org/viewtopic-t-998108-start-325.html#7625090 wrote:*   

> 
> 
> ...
> 
> shamus397, what's in the way of getting more closely Gentoo and Funtoo? I wish for good people and I wish to see some joining of forces...
> ...

 

and there's more there, but I'd need to look up how those things have evolved in this meantime, and I don't, really don't have the time...

(

I'm in a make or break situation currently, either I learn to figure out what happens when I go online, and I mean learn much more in-depth then when I discovered censorship by my then-provider on me.

Do take a look:

Postfix smtp-tls-wrapper, Bkp/Cloning Mthd, A Zerk Provider

https://forums.gentoo.org/viewtopic-t-999436.html

where find stuff like:

```
147-226.dsl.iskon.hr (n4m3.localdomain) 550-[89.164.147.226]:41972 is in an RBL, see 550 http://www.spamhaus.org/query/bl?ip=89.164.147.226" (in reply to RCPT TO command)) 
```

and around; censorship undeniable; took me months of familiarizing with network capturing tools, as I'm not so very bright, to rub that into their noses...

And read the latest development:

[ same title as above ]

https://forums.gentoo.org/viewtopic-t-999436.html#7682770

I also can't finish:

Recover partly overwritten luks volume?

https://forums.gentoo.org/viewtopic-t-1004014.html

because I first need to borrow for the 4TB HDD...

And so, having in mind my situation of poverty (which I am not ashamed of; I would be ashamed if I sold out, I'm not ashamed of the scarcity and debt which political persecution of the unjust regime has brought on me).

And so, having in mind my situation, I remembered how Pappy similarly had to abandon his fine contribution to Gentoo:

Pappy's Kernel Seeds Part V

https://forums.gentoo.org/viewtopic-t-942572.html

Exampli gratia:

 *https://forums.gentoo.org/viewtopic-t-942572-postdays-0-postorder-asc-start-300.html#7408382 wrote:*   

> 
> 
> ...
> 
> Concerns about car and money have been dominating my thoughts.
> ...

 

and:

 *https://forums.gentoo.org/viewtopic-t-942572-postdays-0-postorder-asc-start-300.html#7467730 wrote:*   

> 
> 
> ...
> 
> The site has been sold.
> ...

 

and:

 *https://forums.gentoo.org/viewtopic-t-942572-postdays-0-postorder-asc-start-325.html#7490502 wrote:*   

> 
> 
> ...
> 
> Anthony Pelaez from funtoo.org bought Kernel Seeds from pappy. 
> ...

 

But if you look it up today, it's not worked on, I don't think:

http://www.funtoo.org/index.php?title=Kernel_Seeds

http://wiki.kernel-seeds.org/Main_Page

http://kernel-seeds.org/

Likewise, Funtoo are not basking in lavish abundance either.

And Daniel Robbins started Gentoo... and then, long story short (not that I'm familiar with it, I read it in different places)... [and then] left and spent those few year with Microsoft, which of course could not have been right, but, were he one of those moral robbers of the world for real, he would have stayed with them... He is not!

But I repeat (as can be found in some of the links of my posts on that issue above), that I don't know...

I'm only gripped with gut feeling of nostalgia for what could have gone, and didn't go right in the past, and with hope that things would turn good for Gentoo and Funtoo.

And I keep dreaming that the principal architect of the Gentoo marvel would try and reach with the Seniors in Gentoo, and that they would accept him and ask for his contribution, and that Gentoo and Funtoo would at least become really good brothers and strong in the FOSS world, as they are best by design and by architecture, if not actually merge and unite.

Tell this, somebody, to the Seniors and to Daniel. I'm really swamped with work fighting for my freedom on the internet, as I you can read in the link I gave above, else I would write to him, and them. Can't. No time.

(And sure I would need to get informed much much better to bother both those parties, for which I would't have the time even if I managed to borrow a few extra weeks from God specifically for that purpose, such as if He made a miracle and stopped the time for me, gave me those weeks, and them brought me back into the time I left, theoretically speaking...)

----------

## miroR

Apparently, as mv wrote here:

https://forums.gentoo.org/viewtopic-t-465367-start-350.html#7679842

overlays are fine for git, but not for http, such as Firefox, the user way. 

 *mv wrote:*   

>  *Quote:*   I realised that http://overlays.gentoo.org/ is down for a while 
> 
> AFAIK, only the web interface is down. You can still use the overlay with git.

 

FYI, kind reader.

----------

