beneroth changed the topic of #picolisp to: PicoLisp language | The scalpel of software development | Channel Log: https://libera.irclog.whitequark.org/picolisp | Check www.picolisp.com for more information
aw- has joined #picolisp
aw- has quit [Quit: Leaving.]
teddydd has quit [Ping timeout: 256 seconds]
aw- has joined #picolisp
wineroots has quit [Remote host closed the connection]
tooDumbToFleng has joined #picolisp
razzy has joined #picolisp
<tankf33der> morning all
<tankf33der> implementing
<Regenaxer> Hi tankf33der! Good ☺
razzy has quit [Ping timeout: 256 seconds]
razzy has joined #picolisp
tooDumbToFleng has quit [Quit: -a- Connection Timed Out]
tooDumbToFleng has joined #picolisp
beneroth has joined #picolisp
razzy has quit [Ping timeout: 252 seconds]
teddydd has joined #picolisp
razzy has joined #picolisp
tooDumbToFleng has quit [Quit: -a- Connection Timed Out]
tooDumbToFleng has joined #picolisp
razzy has quit [Ping timeout: 252 seconds]
razzy has joined #picolisp
razzy has quit [Ping timeout: 245 seconds]
razzy has joined #picolisp
razzy has quit [Ping timeout: 256 seconds]
razzy has joined #picolisp
<razzy> I plan on building open source "hardware firewall" on opensource hardware. Rock Pro 64. I want to have at least one trusted network node. any ideas?
<aw-> razzy: sure
<beneroth> does openbsd run on rock64 ?
<aw-> rockpro64 only has 1 ethernet...
<beneroth> xD
<aw-> how do you plan to make a HW firewall with only one NIC?
<aw-> or, do you plan to add a PCIe NIC?
<aw-> probably better to use hardware more suited for the purpose
<aw-> like Macchiatobin
<aw-> which has multiple NICs and SFP adapters for fiber optic
<aw-> or don't focus on the "hardware" aspect and just make the software/UI to manage a firewall that can run on Linux on any hardware
<aw-> beneroth: hey, i think it does btw
<aw-> those rock64/rockpro64 hardware can run a bunch of different OS's nowadays
<aw-> OSS community put a lot of work into them over the last few years
<beneroth> nice
<beneroth> for a pure firewall, OpenBSD / pfSense would probably be the best choice. or a firewall/router-distro based on Linux.
<beneroth> razzy, MicroTik hardware. not open I guess? but the software offers more control than you need.
<aw-> oh yeah i like MicroTik despite their wonky updates that fix one thing and break two
<aw-> MikroTik*
<beneroth> T
<aw-> i just stopped updating my switch, it gives me nightmares haha
<beneroth> hehe
<beneroth> good software should not need updates all the time. but nobody wants to pay properly completed software except space stuff.
<beneroth> I had to learn that business customers are more happy with broken software delivered on arbitrarily chosen deadline dates (before scope/feature-creep to the moon) than having working software delivered
<beneroth> people who make the pay decisions in companies are often not the users. they want to buy good feelings, not tangible benefits.
<beneroth> depressing
<beneroth> or I should improve my way of selecting customers *g*
payphone has joined #picolisp
<aw-> hmmmm
<aw-> yes i think you need better customers ;)
<aw-> indeed, "good software should not need updates all the time."
<aw-> agreed 100%
<aw-> and "buggy software guarantees a job" is bullshit
<aw-> we've been too conditioned to accept that bad software is acceptable
<aw-> too conditioned to believe it
<razzy> aw-: beneroth: I plan on double NICs in PCIe. I want opensource HW, because I cannot trust my closed source unupdatable network HW.
<aw-> razzy: sure, but the rockpro64 is not open source.. i mean.. the schematics are available but you can't just go and get JLCPCB to fab the board for you, also the CPU (arm64) is closed source
<aw-> and your PCIe NIC is likely closed source as well
<aw-> it all depends on your threat model.
<aw-> if you're super paranoid, your only option is to build all the hardware yourself, including the PCB and the ICs you solder onto them
<aw-> razzy: if you just want a small personal HW firewall that you have full control over, I would recommend a different board.. not rockpro64+pcie.. that's a bit ridiculous for your purpose unless you already own the hardware
<aw-> razzy: check out the NanoPi RS2
<razzy> aw-: I am super paranoid, i also have limited resources. I have 2 RPIs, but RPIs have huge close sourced blobs in graphics chips with acess to everything
<razzy> so RPI is not an inmprovement over current state
<razzy> rock64 seems better in that regard
<aw-> i agree, RPi is not good if you want 100% open
<aw-> i have a bunch of rock64 devices, they're good but not recommended for your goal
<razzy> aw-: why not recommnded?
<razzy> aw-: i do not mind few euros.
<aw-> razzy: i explained it above.. with rockpro64 you'll need an extra PCIe adapter because it only has 1 onboard NIC
<aw-> so more $$$ and more power usage
<aw-> PCIe adapters can draw a lot of current.. just my SFP fiber optic PCIe uses about 15W, the rockpro64 will need ~40W.. so 55W for a shitty SBC with shit specs just to act as a firewall? whereas the NanoPi RS2 has 2 onboard NICs, costs less money, and will run around 5W to 10W MAX
<aw-> and you dont need high specs for a personal firewall
<beneroth> aw-> if you're super paranoid, your only option is to build all the hardware yourself
<beneroth> supposedly there is a super-talented family into electronics in Mexico. you can fly there and they teach you. but you have to learn old Aztec language first. true story. (no idea where the links are though..)
<beneroth> <aw-> we've been too conditioned to accept that bad software is acceptable
<beneroth> THIS
<beneroth> it's so horrible
<razzy> aw-: true, thank you for advice.
<beneroth> see also all the ransomware cases.. in Europe it's handled (esp. in media) as natural disaster which are nobodys fault, and advanced superdupercyberevil hackers, clearly Russian state (without a shred of evidence) - both at the same time
<beneroth> or even: yeah we need to close office/system/street tunnel for a weekend because software updates
<beneroth> natural, nothing can be done about that
<beneroth> probably decided by an algorithm, so it's not a human fault and nobody is responsible
<beneroth> my mum had some wise proverbs on the fridge. reminds me of "Winners always look for a strategy, Losers always look for an excuse".
<aw-> razzy: if you want truly open, perhaps you can look into an ice40 FPGA soldered to a pair of Magjack RJ45s
<aw-> the ice40 FPGA is the closest thing you can get to "open" IC without going down the route of 8-bit TTL breadboard CPUs
<aw-> this rabbit hole goes very deep ;)
tooDumbToFleng has quit [Quit: -a- Connection Timed Out]
tooDumbToFleng has joined #picolisp
<razzy> aw-: indeed deep rabbit hole. I think FPGA is next stage propably never implemented..
aw- has quit [Quit: Leaving.]
<beneroth> razzy, maybe you should aim for smaller goals, to have some success to motivate yourself. if you pick them well, then they're not a waste on the road to reach your bigger goals.
tooDumb24 has joined #picolisp
tooDumbToFleng has quit [Read error: Connection reset by peer]
<razzy> beneroth: agreed. I found nanoPi R2S with big machined heat sink/case, good value. I will be ok with it for a while.
<beneroth> cool. let us know how it goes :)
tooDumb24 has quit [Quit: -a- Connection Timed Out]
tooDumbToFleng has joined #picolisp
tooDumb41 has joined #picolisp
tooDumbToFleng has quit [Ping timeout: 252 seconds]
tooDumb41 is now known as tooDumbToFleng
tooDumb68 has joined #picolisp
tooDumbToFleng has quit [Read error: Connection reset by peer]
tooDumb68 has quit [Read error: Connection reset by peer]
tooDumb89 has joined #picolisp
tooDumb89 has quit [Read error: Connection reset by peer]
tooDumb39 has joined #picolisp
tooDumb39 has quit [Read error: Connection reset by peer]
tooDumbToFleng has joined #picolisp
tooDumbToFleng has quit [Read error: Connection reset by peer]
tooDumbToFleng has joined #picolisp
razzy has quit [Ping timeout: 252 seconds]
razzy has joined #picolisp
<razzy> how can i close only one buffer in vip? qq close all buffers.
tooDumbToFleng has quit [Read error: Connection reset by peer]
tooDumbToFleng has joined #picolisp
tooDumbToFleng has quit [Quit: -a- Connection Timed Out]
tooDumbToFleng has joined #picolisp