Re: Online Status Design + Program Input
On Fri, 2009-12-04 at 18:09 +1300, Simon Geard wrote: > No. No, it's not. Not when software uses that information to change it's > behavior. Like Firefox, which used to go into offline mode when NM said > there wasn't a network connection, denying me access to my local web > server. Or IM clients going offline because no internet connection is > available. > > Much better to falsely report a working connection than to tell the user > and their applications that they can't access the internet when they > really can. That's a completely different use case. What you want to tell client programs needs to be different to what your telling users when your unsure about what you've got. Firefox for instance should never deny you access to local networks just because it goes into offline mode. Checking for any network settings was a bad idea and still is. Other programs have a choice. Although this conflict has just made me think of an interesting idea. What if we instead of testing for connectivity ourselves, simply allow programs to report to networkmanager that they can't connect (specify protocol, port, address) and then we could at least do some tests to see if things have gone wrong and what it was. If anything we'd just list them out and specify that _something_ is wrong because some programs aren't getting connected. Anything from IM client, email client, firefox or update manager. Thoughts? Martin, ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Online Status Design
On Thu, 2009-12-03 at 14:42 +, Martin Owens wrote: > I think proxies are going to be the tricky one, requires someone who > knows about them tbh. But in any case, reporting that your not online > when you are is slightly more desirable that reporting that your online > when your not. No. No, it's not. Not when software uses that information to change it's behavior. Like Firefox, which used to go into offline mode when NM said there wasn't a network connection, denying me access to my local web server. Or IM clients going offline because no internet connection is available. Much better to falsely report a working connection than to tell the user and their applications that they can't access the internet when they really can. Simon. signature.asc Description: This is a digitally signed message part ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: OpenSSH VPN support
On Thu, Dec 3, 2009 at 4:29 PM, Daiki Ueno wrote: > Hello! > > I created a VPN plugin to use the OpenSSH VPN. It now basically works > with the OpenSSH 5.1p1 server. Current source code is available at: > http://github.com/ueno/network-manager-openssh > > I would appreciate any comments on this. The feature was formerly > requested at: > http://thread.gmane.org/gmane.linux.network.networkmanager.devel/11235 > but there was no response. I wonder whether it is worth going further. > > Regards, > -- > Daiki Ueno > ___ > NetworkManager-list mailing list > NetworkManager-list@gnome.org > http://mail.gnome.org/mailman/listinfo/networkmanager-list > This sounds great to me! I have been considering trying OpenSSH VPN's but never bothered since OpenVPN worked so well with Network Manager. I might give it a shot now, I would encourage you to continue, there are certainly people out there who could use this. ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
OpenSSH VPN support
Hello! I created a VPN plugin to use the OpenSSH VPN. It now basically works with the OpenSSH 5.1p1 server. Current source code is available at: http://github.com/ueno/network-manager-openssh I would appreciate any comments on this. The feature was formerly requested at: http://thread.gmane.org/gmane.linux.network.networkmanager.devel/11235 but there was no response. I wonder whether it is worth going further. Regards, -- Daiki Ueno ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Online Status Design
2009/12/3 Martin Owens > Hey Darren, > > On Wed, 2009-12-02 at 16:48 -0500, Darren Albers wrote: > > There are a number of challenges here and it has been discussed in the > > past on this list which might help provide some more details. At a > > high level: > > 1) Sites that require a proxy or sites that use captive portals will > > give inaccurate results > > Sites that require proxy or sites that use captive portals should be > reported as such, this shouldn't be too difficult to work out when you > make a http request and it fails to get the information it expected. > > I think proxies are going to be the tricky one, requires someone who > knows about them tbh. But in any case, reporting that your not online > when you are is slightly more desirable that reporting that your online > when your not. > > > 2) Needless traffic for people in countries with costly access charges > > That's a concern, although many tools and services already attempt to > make requests, updates etc and people from these countries have learned > how to turn things off they find undesirable. Although making the tests > use the smallest amount of bandwidth is also important. > > > 3) Who would host this site that is checked? > > You'd have a number of them, mirrors of the same file or the same > challenge script that returns a predictable result. > > > 4) Do we want to rely on an internet hosted site to determine our > > network status? What happens when the site goes down or is otherwise > > unavailable? > > When it's down, you check the second mirror, then the third and then > conclude that your offline (or the internet has been destroyed by > skynet) > > > 5) For most "Home" users if they have a link they are "Online" for all > > intents and purposes. > > That isn't true, I work with home users all the time and one of their > problems is the inaccurate reporting of what they want (to be online) > and what the computer can tell them (that they're on a network) there > are all sorts of problems that crop up in all sorts of situations, > especially for people with laptops on wifi networks. > > To think that network link is the same as online is to go against the > evidence of user behviour. It's also making it hard to teach, what do I > tell my users? lie to them and say that when it's link they're online? > or tell them the truth and spend 40 mins explaining the complexity of > when they won't be online? > > > It might be better to have a troubleshooter > > option that they can run if they can't connect that checks what type > > of link (PPPOE, Wireless etc..) that gives them instructions on how to > > connect and can ping internet sites to determine connectivity and > > suggest options etc... This way it is more of a troubleshooting tool > > and the items above don't matter. > > Instructions for how to fix the problem is a good idea, possibly a > second phaise that you can implement higher up once you have the lower > level detection. > > > I personally don't see this as being very valuable and causing > > potential confusion but I am not a developer so my opinion doesn't > > carry much weight ;-) > > Unfortunately experienced users won't find value because they're used to > how it works already. New and casual users on the other hand (and even I > who is a programmer) have had examples of trying to check my email in > evolution and it not getting a connection because my wifi has been stuck > behind a paywall. > > It's most definitely a feature which should have always existed. > > Martin, > > > I think you need to be really careful about the use-case here. I think the blueprint is aiming this feature at home users, so the issue of proxies is vastly reduced. Also, there's no reason why a tiered approach couldn't be used : 1. Test for http://amionline.ubuntu.com 2. If (1) fails, test for any site and see if the response headers include a 302 or similar code (which many inline proxies will use to redirect you to an accept page - usually for terms and conditions, or possibly to enter your username/password) 3. If (2) fails, test for ping against the default gateway. 4. Report findings back to user appropriately. And example error messages could be, based on the above, All fail : "Your router appears to be down" 3 works, 1 and 2 fail : "Your router does not appear to be connected to the internet" 3 and 2 work, 1 fails : "You appear to be behind a firewall/proxy which requires authentication" All work : "You are connected to the internet". That would be a million miles more useful than Vista's vague "Local/Limited Connectivity" rubbish. I mean, you could probably test for DHCP failing too? Doesn't network-manager just fail silently in that case (unless you have "static" version of the same network defined)? ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: modem manager choose incorrect port for onda mt503hsa
On Wed, 2009-12-02 at 13:52 -0800, Dan Williams wrote: > On Tue, 2009-12-01 at 09:58 +0100, Alessandro Bono wrote: > > On Tue, 2009-12-01 at 00:26 -0800, Dan Williams wrote: > > > On Mon, 2009-11-30 at 09:16 +0100, Alessandro Bono wrote: > > > > On Sun, 2009-11-29 at 23:50 -0800, Dan Williams wrote: > > > > > On Fri, 2009-11-27 at 11:56 +0100, Alessandro Bono wrote: > > > > > > Hi all > > > > > > > > > > > > I have an onda mt503hsa that worked without problem with > > > > > > networkmanager > > > > > > 0.7, after upgrade system to ubuntu karmic and networkmanager 0.8 + > > > > > > modem-manager I have a problem with correct port selection > > > > > > Modem manager sometimes choose incorrect port ttyUSB1 instead of > > > > > > ttyUSB2 > > > > > > to open ppp connection, this depends on which port is probed first > > > > > > below a log with correct and incorrect port selection > > > > > > > > > > What is the 'lsusb' output when the modem is plugged in an > > > > > modeswitched? > > > > > We need to make sure the device is listed in > > > > > 77-mm-zte-port-types.rules > > > > > with the correct port. The port #s there were taken from the ZTE > > > > > windows drivers, so if this is a newer device we may need to just add > > > > > it. > > > > Hi Dan > > > > > > > > lsusb -v log below > > > > > > > > Bus 002 Device 008: ID 19d2:0037 ONDA Communication S.p.A. > > > > > > That's the value I want :) I found the correct port tag for your device > > > and pushed to modem-manager. Can you also do an experiment for me? I > > > need to determine the aux port #. I want to find out which ports > > > respond to AT commands. Most will, one or more won't. > > > > > > For each of the ones that *do* (use minicom or screen or whatever and > > > send "ATI" to the port), please do the following: > > > > > > cd -P /sys/class/tty/ttyUSBx (where of course X is the tty number) > > > pwd > > > > > > and the 'pwd' will print out something like this: > > > > > > /sys/devices/pci:00/:00:1d.7/usb2/2-6/2-6:1.1/tty/ttyACM0 > > > > > > which is what I'm interested in. > > > > port ttyUSB1 and ttyUSB2 respond to ATI > > > > /sys/devices/pci:00/:00:1d.7/usb2/2-5/2-5:1.1/ttyUSB1/tty/ttyUSB1 > > /sys/devices/pci:00/:00:1d.7/usb2/2-5/2-5:1.3/ttyUSB2/tty/ttyUSB2 > > Thanks; 0.7.x and ModemManager have been updated for your device and a > few others that I could find .INF files for. Can you give those a shot? > In your case, grab this file and put it into /lib/udev/rules.d/: > > http://cgit.freedesktop.org/ModemManager/ModemManager/plain/plugins/77-mm-zte-port-types.rules > > Then unplug and replug the device and lets see where we get to. Hi Dan now MM recognize port correctly Dec 3 19:22:08 champagne modem-manager: (ttyUSB3) opening serial device... Dec 3 19:22:08 champagne modem-manager: (ttyUSB3): probe requested by plugin 'ZTE' Dec 3 19:22:08 champagne modem-manager: (ttyUSB0) opening serial device... Dec 3 19:22:18 champagne modem-manager: (ttyUSB0): probe requested by plugin 'ZTE' Dec 3 19:22:23 champagne modem-manager: (ttyUSB1) opening serial device... Dec 3 19:22:33 champagne modem-manager: (ttyUSB1): probe requested by plugin 'ZTE' Dec 3 19:22:48 champagne modem-manager: (ttyUSB2) opening serial device... Dec 3 19:22:48 champagne modem-manager: (ttyUSB2): probe requested by plugin 'ZTE' Dec 3 19:22:50 champagne modem-manager: Got failure code 100: Unknown error Dec 3 19:22:51 champagne modem-manager: Got failure code 100: Unknown error Dec 3 19:22:52 champagne modem-manager: Got failure code 100: Unknown error
NM 0.7.0 on SLED11
I am not able to connect to my companies WPA2 enterprise wireless. A windows-savvy network friend of mine says he thinks the problem is: "the company is not using client-side certificates AFAIK. The problem is probably that the certificate is invalid (expired) because our PKI at the company is not properly configured. You will need to get SLED to trust the invalid certificate presented during connection time. I know where this option is in Windows but not in the EAP supplicant." I can see in NM the option to use "system CA certificates" -- I wonder if I need to add the company CA cert to the system cert store? Is this done using NM, in some fashion? Peter "The aftermath of battle, is art" http://www.the-brights.net http://xkcd.com/167 ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: NM deleting WPA key secret in Fedora 12?
Brian Morrison wrote: > The fix was to paste my WPA key into the entry field after using the > edit menu for my home SSID and then going to the advanced tab (at least > I think that's it, don't have it in front of me just now). There is only > an SSID stored, no BSSID. I should have added that clicking on the network SSID in the NM applet's left click menu does nothing, it doesn't bring up a dialog asking for the connection's secrets and in fact it does precisely nothing. If this ever happened in F11 then I would be prompted for the WPA PSK which no longer happens. -- Brian ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
NM deleting WPA key secret in Fedora 12?
Has anyone else suffered from a problem where on occasion F12 will boot and then be unable to connect to a previously usable AP because the WPA key is no longer stored? My home network has two APs with the same SSID but different BSSIDs on each channel. I have now had this happen twice, the first time I thought it was because it was I had just upgraded from F11 to F12 on my laptop, but it did it again this morning. The fix was to paste my WPA key into the entry field after using the edit menu for my home SSID and then going to the advanced tab (at least I think that's it, don't have it in front of me just now). There is only an SSID stored, no BSSID. Is this a common problem? I didn't see anything in the Fedora Common Bugs page. I have all the latest patches applied to F12 as of a day or two ago, I see there are a load more in updates though so will apply those. This is not very deterministic, it's hit me twice in a dozen boots I think. -- Brian ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Online Status Design
Hey Darren, On Wed, 2009-12-02 at 16:48 -0500, Darren Albers wrote: > There are a number of challenges here and it has been discussed in the > past on this list which might help provide some more details. At a > high level: > 1) Sites that require a proxy or sites that use captive portals will > give inaccurate results Sites that require proxy or sites that use captive portals should be reported as such, this shouldn't be too difficult to work out when you make a http request and it fails to get the information it expected. I think proxies are going to be the tricky one, requires someone who knows about them tbh. But in any case, reporting that your not online when you are is slightly more desirable that reporting that your online when your not. > 2) Needless traffic for people in countries with costly access charges That's a concern, although many tools and services already attempt to make requests, updates etc and people from these countries have learned how to turn things off they find undesirable. Although making the tests use the smallest amount of bandwidth is also important. > 3) Who would host this site that is checked? You'd have a number of them, mirrors of the same file or the same challenge script that returns a predictable result. > 4) Do we want to rely on an internet hosted site to determine our > network status? What happens when the site goes down or is otherwise > unavailable? When it's down, you check the second mirror, then the third and then conclude that your offline (or the internet has been destroyed by skynet) > 5) For most "Home" users if they have a link they are "Online" for all > intents and purposes. That isn't true, I work with home users all the time and one of their problems is the inaccurate reporting of what they want (to be online) and what the computer can tell them (that they're on a network) there are all sorts of problems that crop up in all sorts of situations, especially for people with laptops on wifi networks. To think that network link is the same as online is to go against the evidence of user behviour. It's also making it hard to teach, what do I tell my users? lie to them and say that when it's link they're online? or tell them the truth and spend 40 mins explaining the complexity of when they won't be online? > It might be better to have a troubleshooter > option that they can run if they can't connect that checks what type > of link (PPPOE, Wireless etc..) that gives them instructions on how to > connect and can ping internet sites to determine connectivity and > suggest options etc... This way it is more of a troubleshooting tool > and the items above don't matter. Instructions for how to fix the problem is a good idea, possibly a second phaise that you can implement higher up once you have the lower level detection. > I personally don't see this as being very valuable and causing > potential confusion but I am not a developer so my opinion doesn't > carry much weight ;-) Unfortunately experienced users won't find value because they're used to how it works already. New and casual users on the other hand (and even I who is a programmer) have had examples of trying to check my email in evolution and it not getting a connection because my wifi has been stuck behind a paywall. It's most definitely a feature which should have always existed. Martin, ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
NAT-T in PCF file for NM-vpnc
Hi guys, how can I set NAT-T in a PCF file so I can import the file into NetworkManager-vpnc? Every time I import a PCF file into NM it insists to set NAT Traversal option to Cisco UDP but I need to set this to NAT-T. Is there an option in PCF format I can set? I'm using RHEL 5.4 and NetworkManager-0.7.0-9 NetworkManager-vpnc-0.7.0.99-1 I've also tested in F12 and the got the same result (it shows Cisco UDP). Thanks in advance, Murilo. ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: NM-vpn no vpn secrets
On Wed, Dec 02, 2009 at 07:17:46PM -0500, Neal Becker wrote: > On Wednesday 02 December 2009, Dan Williams wrote: > > What appears to be the issue here is that you haven't set any secrets in > > the connection editor the VPN. That means passwords, shared keys, etc. > > Or that the secrets didn't pass validation. When you open the > > connection editor, are your passwords still there? If you're not > > entering any, are you asked for a password when you connect? > > > > Dan > > > > I entered the certificates. Same as I use to start openvpn manually. No > password is needed, and none is entered into 'Private key password' field (if > that's what you mean). > > I don't know if it's a permission issue. The private key can only be read as > root (but of course, that's normal). I remember that there was a bug about not being able to configure VPNs that have no password. maybe thats the case here? Maybe just an overly strict settings verify? - Alexander ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Online Status Design
On Wed, 2009-12-02 at 16:48 -0500, Darren Albers wrote: > 1) Sites that require a proxy or sites that use captive portals will > give inaccurate results Definitely a problem. On my workplace network, all external HTTP access must go through a proxy, which means that any tool must not only be proxy capable, but also configured to use that proxy. The Python example on the Launchpad page would fail that test, since while Firefox will have proxies configured, Gnome won't unless a user has configured it, and command line tools are pretty much guaranteed not to, since almost all of them do things there own way.. Simon. signature.asc Description: This is a digitally signed message part ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
huawei e220 - connecting at gprs but looking for hsdpa
Hi there! Newbie ubuntu 9.10 user looking to try to connect at hsdpa instead of gprs. i've only used this dongle in windows and it had the option of choosing gsm or hsdpa but I can't find anywhere to set this in NetworkManager. I was wondering if there might be a way via gconf-editor or something like that - i had a poke about but couldn't see anything other than the 'type' field which is currently set at gsm. I did try hsdpa randomly but then it couldn't parse the configuration. Any tips or advice would be appreciated Kind Regards Mike ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list