pixelserv pixelserv - A Better One-pixel Webserver for Adblock

[martinr]

I made a small change to the script. Pls try config-webgui.sh again.

I believe it shall resolve your problem..

Sorry to report it didn’t help.

To try and solve it, I formatted another usb stick (ext2), and started over again installing AMTM, AB-Solution, Skynet, DNSCrypt and pixelserve (and swap file creation) fully expecting that to fix the problem. Surprisingly, it didn’t. (I did reboot the router - twice.). When I run:

sh -c "$(wget -qO - https://kazoo.ga/pixelserv-tls/config-webgui.sh)"

and select option 1, I still see the message that pixelserv is either not installed or not running. But servstats is still presented and the server can still be pinged. Nevertheless,

ps | grep pixelserv

produces nothing except a re-presentation of the command prompt.

I think I’ll try all over again with another usb stick to fully confirm that whatever it was that I’ve corrupted isn’t on the usb drive.

 

[Twiglets]

Sorry to report it didn’t help.

To try and solve it, I formatted another usb stick (ext2), and started over again installing AMTM, AB-Solution, Skynet, DNSCrypt and pixelserve (and swap file creation) fully expecting that to fix the problem. Surprisingly, it didn’t. (I did reboot the router - twice.). When I run:

sh -c "$(wget -qO - https://kazoo.ga/pixelserv-tls/config-webgui.sh)"

and select option 1, I still see the message that pixelserv is either not installed or not running. But servstats is still presented and the server can still be pinged. Nevertheless,

ps | grep pixelserv

produces nothing except a re-presentation of the command prompt.

I think I’ll try all over again with another usb stick to fully confirm that whatever it was that I’ve corrupted isn’t on the usb drive.

Just a few ideas, if you have the time.

When you have it all re-installed and running again, just run 'ps' and capture the listing and post it as an attachment.
It would be useful to see 'what is running' on your router as it defies logic so something is being changed or missed somewhere.

The only way the grep for 'pixelserv' would fail and YET the 'servstats' are available is if the process is NOT called 'pixelserv' !!!
(The 'wget' command line cannot do this, unless 'config-webgui.sh' is changed somehow !!!)

Is there any possiblity that you have 'pixelserv' running elsewhere and you are picking that up ???
Is the pixelserv being updated when you 'reload' the page ? ('req' should increment on reload.)

When you access the 'servstats' could you use the IP address NOT the name, in case dns lookup is confused in some way.
i.e. http://192.168.2.2/servstats ........ substitute your IP address.

 

[kvic]

Sorry for the late reply. Wanted to observe the issue again. So it crashed again (process is not running anymore). It may be related to the fact that I blocked rgom10-en.url.trendmicro.com. I'll unblock it and try it again

here's some of the log-output right before the crash (last pixelserv-tls activity): https://hastebin.com/uhurimufuh.pl

Unfortunately the log doesn't lead to any guess of possible causes.

You would need a dedicated log file to avoid swamping /tmp/syslog.log. The default syslog isn't up for any meaningful logging. syslog-ng from Entware is recommended so that you can log to USB stick.

Then with log=4 let it run until it crashes. We might get some helpful traces for a better educated guess of possible causes.

 

[kvic]

Sorry to report it didn’t help.

I think you have "special" tinkering with your shell environment. If so, could you temporarily disable that and try?

Also what are the output of these commands:

$ sh -c "which sh"
$ sh -c "which ps"
$ sh -c "which pixelserv-tls"
$ sh -c "/bin/ps --version"
$ sh -c "ps --version"

 

[mrchow]

Unfortunately the log doesn't lead to any guess of possible causes.

You would need a dedicated log file to avoid swamping /tmp/syslog.log. The default syslog isn't up for any meaningful logging. syslog-ng from Entware is recommended so that you can log to USB stick.

Then with log=4 let it run until it crashes. We might get some helpful traces for a better educated guess of possible causes.

Ok I’ll set it up once I find the time. Thank you for your assistance!


Sent from my iPhone using Tapatalk

 

[martinr]

I think you have "special" tinkering with your shell environment. If so, could you temporarily disable that and try?

Also what are the output of these commands:

$ sh -c "which sh"
$ sh -c "which ps"
$ sh -c "which pixelserv-tls"
$ sh -c "/bin/ps --version"
$ sh -c "ps --version"

With extraneous info removed, here's the output to those commands:

# sh -c "which sh"
/opt/bin/sh

# sh -c "which ps"
/bin/ps

# sh -c "which pixelserv-tls"
/opt/bin/pixelserv-tls

# sh -c "/bin/ps --version"
/bin/ps: unrecognized option `--version'

# sh -c "ps --version"
ps: unrecognized option `--version'


I don't understand "I think you have "special" tinkering with your shell environment. If so, could you temporarily disable that and try?" If this is in place, it's not something I've intentionally done, and without guidance, I wouldn't know how to disable it, I'm afraid.

I'm convinced that I corrupted something during my recent upgrade to the 384 firmware and factory resetting thereafter.

 

[martinr]

Just a few ideas, if you have the time.

When you have it all re-installed and running again, just run 'ps' and capture the listing and post it as an attachment.
It would be useful to see 'what is running' on your router as it defies logic so something is being changed or missed somewhere.

The only way the grep for 'pixelserv' would fail and YET the 'servstats' are available is if the process is NOT called 'pixelserv' !!!
(The 'wget' command line cannot do this, unless 'config-webgui.sh' is changed somehow !!!)

Is there any possiblity that you have 'pixelserv' running elsewhere and you are picking that up ???
Is the pixelserv being updated when you 'reload' the page ? ('req' should increment on reload.)

When you access the 'servstats' could you use the IP address NOT the name, in case dns lookup is confused in some way.
i.e. http://192.168.2.2/servstats ........ substitute your IP address.

If I have the time? You're the one kind enough to devote your time to people's queries!

Not sure how to post the output of ps as an attachment unless it's in a "code" box, which is what I've done. (I've only been using the forum for 4 years!)

Pixelserv is listed at pid 1133 as 1133 nobody 31320 S pixelserv-tls 192.168.10.2 . I wonder if that "nobody" tells you what you need to know?

My setup is simply an Asus RT-AC68U with a usb drive in it, so pixelserrv shouldn't be running anywhere else.

I'm sure I've done something stupid during the transition to firmware 384, not having John's Save and Restore Utility to save me from foolishness. Of course, I did a factory reset.

As for 'req', yes, it does indeed increment by one each time I reload the page.

And I only ever access devices by their IP addresses.

 PID USER       VSZ STAT COMMAND
    1 adminasu  5328 S    /sbin/preinit
    2 adminasu     0 SW   [kthreadd]
    3 adminasu     0 SW   [ksoftirqd/0]
    4 adminasu     0 SW   [kworker/0:0]
    5 adminasu     0 SW   [kworker/u:0]
    6 adminasu     0 SW   [migration/0]
    7 adminasu     0 SW   [migration/1]
    8 adminasu     0 SW   [kworker/1:0]
    9 adminasu     0 SW   [ksoftirqd/1]
   10 adminasu     0 SW<  [khelper]
   11 adminasu     0 SW   [sync_supers]
   12 adminasu     0 SW   [bdi-default]
   13 adminasu     0 SW<  [kblockd]
   14 adminasu     0 SW   [kswapd0]
   15 adminasu     0 SW   [fsnotify_mark]
   16 adminasu     0 SW<  [crypto]
   24 adminasu     0 SW   [mtdblock0]
   25 adminasu     0 SW   [mtdblock1]
   26 adminasu     0 SW   [mtdblock2]
   27 adminasu     0 SW   [mtdblock3]
   28 adminasu     0 SW   [kworker/u:1]
   35 adminasu     0 SW   [kworker/0:1]
   36 adminasu     0 SW   [kworker/1:1]
   37 adminasu     0 SW   [mtdblock4]
   38 adminasu     0 SW   [mtdblock5]
   40 adminasu   664 S    hotplug2 --persistent --no-coldplug
  101 adminasu  5312 S    console
  103 adminasu  1420 S    /bin/sh
  108 adminasu     0 SW   [khubd]
  165 adminasu     0 SWN  [jffs2_gcd_mtd4]
  185 adminasu  1412 S    /sbin/syslogd -m 0 -S -O /tmp/syslog.log -s 256 -l 7
  187 adminasu  1416 S    /sbin/klogd -c 5
  259 adminasu  5320 S    /sbin/wanduck
  267 adminasu  5152 S    nt_monitor
  268 adminasu  2056 S    protect_srv
  279 adminasu  1148 S    dropbear -p 192.168.10.1:47777 -a
  283 adminasu  2056 S    protect_srv
  284 adminasu  2056 S    protect_srv
  285 adminasu  1252 S    /bin/eapd
  287 adminasu  5316 S    wpsaide
  288 adminasu  2124 S    /usr/sbin/wlc_nt
  291 adminasu  1824 S    nas
  292 adminasu  5152 S    nt_monitor
  293 adminasu  5152 S    nt_monitor
  295 adminasu  5304 S    nt_center
  308 adminasu  2248 S    /usr/sbin/wlceventd
  309 adminasu  5304 S    nt_center
  310 adminasu  5304 S    nt_center
  311 adminasu  5152 S    nt_monitor
  313 adminasu  1672 S    nt_actMail
  314 adminasu  1672 S    nt_actMail
  315 adminasu  1672 S    nt_actMail
  326 adminasu  1420 S    /usr/sbin/acsd
  347 adminasu  1440 S    crond -l 9
  366 adminasu  5560 S    httpd -i br0
  367 adminasu  1224 S    /usr/sbin/infosvr br0
  369 adminasu  2132 S    sysstate
  370 adminasu  5364 S    watchdog
  378 adminasu  5316 S    ots
  379 adminasu  2812 S    rstats
  393 adminasu  5824 S    networkmap --bootwait
  395 adminasu  1268 S    lld2d br0
  397 adminasu  5104 S    mastiff
  398 adminasu  5316 S    bwdpi_check
  406 adminasu  5316 S    erp_monitor
  412 adminasu  5104 S    mastiff
  413 adminasu  5104 S    mastiff
  419 adminasu  1168 S    lldpd -L /usr/sbin/lldpcli -I vlan1,eth1,eth2,wl0.1,
  422 nobody    1144 S    lldpd -L /usr/sbin/lldpcli -I vlan1,eth1,eth2,wl0.1,
  426 adminasu  3804 S    cfg_server
  538 adminasu  5316 S    ntp
  582 adminasu  3804 S    cfg_server
  584 adminasu  3804 S    cfg_server
  601 adminasu  5316 S    usbled
  602 adminasu  2436 S    u2ec
  603 adminasu  1300 S    lpd br0
  606 adminasu     0 SW   [scsi_eh_0]
  608 adminasu     0 SW   [usb-storage]
  618 adminasu  2436 S    u2ec
  619 adminasu  2436 S    u2ec
  753 adminasu  5316 S    disk_monitor
  809 adminasu  2072 S    avahi-daemon: running [RT-AC68U-2190.local]
  903 adminasu  5316 S    bwdpi_wred_alive
  906 adminasu  2976 S    wred -B
  907 adminasu  2976 S    wred -B
  909 adminasu  2976 S    wred -B
  936 adminasu  1872 S    dcd -i 3600 -p 43200 -b -d /tmp/bwdpi/
  937 adminasu  1872 S    dcd -i 3600 -p 43200 -b -d /tmp/bwdpi/
  938 adminasu  1872 S    dcd -i 3600 -p 43200 -b -d /tmp/bwdpi/
  978 adminasu  1872 S    dcd -i 3600 -p 43200 -b -d /tmp/bwdpi/
  979 adminasu  1872 S    dcd -i 3600 -p 43200 -b -d /tmp/bwdpi/
  980 adminasu  1872 S    dcd -i 3600 -p 43200 -b -d /tmp/bwdpi/
  983 adminasu  2976 S    wred -B
  984 adminasu  2976 S    wred -B
  985 adminasu  2976 S    wred -B
  986 adminasu  2976 S    wred -B
  987 adminasu  2976 S    wred -B
  988 adminasu  2976 S    wred -B
  989 adminasu  2976 S    wred -B
  990 adminasu  2976 S    wred -B
 1101 adminasu  4816 S    /etc/openvpn/vpnserver1 --cd /etc/openvpn/server1 --
 1103 adminasu  4288 S    /etc/openvpn/vpnserver1 --cd /etc/openvpn/server1 --
 1133 nobody   31320 S    pixelserv-tls 192.168.10.2
 1265 adminasu  1428 S    /sbin/udhcpc -i eth0 -p /var/run/udhcpc0.pid -s /tmp
 1276 adminasu  4660 S    /etc/openvpn/vpnserver2 --cd /etc/openvpn/server2 --
 1278 adminasu  4288 S    /etc/openvpn/vpnserver2 --cd /etc/openvpn/server2 --
 5900 adminasu  1176 S    dropbear -p 192.168.10.1:47777 -a
 5911 adminasu  1424 S    -sh
 7267 adminasu  1408 S    sleep 10
 7269 adminasu  1416 R    ps
12047 nobody    778m S    /jffs/dnscrypt/dnscrypt-proxy -syslog -config /jffs/
12075 adminasu  1428 S    {manager} /bin/sh /jffs/dnscrypt/manager monitor-sta
15146 nobody    6236 S    dnsmasq --log-async
18634 adminasu  1872 S    dcd -i 3600 -p 43200 -b -d /tmp/bwdpi/

 

[kvic]

@martinr

You shall try to figure out why "ps | grep pixelserv" returns nothing.

From your post above "ps" gives the output that includes "pixelserv-tls" process.

Pipe it through grep shall return the pixelserv-tls line.

 

[martinr]

@martinr

You shall try to figure out why "ps | grep pixelserv" returns nothing.

From your post above "ps" gives the output that includes "pixelserv-tls" process.

Pipe it through grep shall return the pixelserv-tls line.

ASUSWRT-Merlin RT-AC68U 384.5-0
# ps | grep pixelserv

 1133 nobody   31320 S    pixelserv-tls 192.168.10.2

Very sorry: I figured oit why it returned “nothing”: I’ve been using an iPhoneSE and holding it in portrait mode instead of using a bigger screen. When I rurn the phone on its side to landscape mode, I see that it does indeed return something:

1133 nobody 31320 S pixelserv-tls 192.168.10.2

 

[Twiglets]

ASUSWRT-Merlin RT-AC68U 384.5-0
# ps | grep pixelserv

 1133 nobody   31320 S    pixelserv-tls 192.168.10.2

Very sorry: I figured oit why it returned “nothing”: I’ve been using an iPhoneSE and holding it in portrait mode instead of using a bigger screen. When I rurn the phone on its side to landscape mode, I see that it does indeed return something:

1133 nobody 31320 S pixelserv-tls 192.168.10.2

Nothing else to be said !!!

............ that would be printable.

Therefore the original script 'IF statement' must be failing because the file is not 'executable' .

 

[Twiglets]

Nothing else to be said !!!

............ that would be printable.

Therefore the original script 'IF statement' must be failing because the file is not 'executable' .

I am begining to suspect that the original installs may have NOT completed cleanly and/or the usb stick is formatted with some low level errors that are corrupting the filesystem and its permissions.

I do not know what your desktop OS is but we need to test your USB stick for the integrity of the sectors.
Let me know what your desktop OS is and we can work from there.

Please can you use a 'proper' ssh terminal program that fully supports a 132 column display with logging etc.

I use on windows 'Xshell Ver 6' which is available with a free license for 'Home/School' use.
Latest version of the s/w that was used by 'TheLonelyCoder' to produce the screenshots for AB-Solution.
See https://www.netsarang.com/products/xsh_overview.html )

BTW: Support is very good .... even for the 'free users' (I contacted them with a question and got a quick and useful response. )

 

[martinr]

I am begining to suspect that the original installs may have NOT completed cleanly and/or the usb stick is formatted with some low level errors that are corrupting the filesystem and its permissions.

I do not know what your desktop OS is but we need to test your USB stick for the integrity of the sectors.
Let me know what your desktop OS is and we can work from there.

Please can you use a 'proper' ssh terminal program that fully supports a 132 column display with logging etc.

I use on windows 'Xshell Ver 6' which is available with a free license for 'Home/School' use.
Latest version of the s/w that was used by 'TheLonelyCoder' to produce the screenshots for AB-Solution.
See https://www.netsarang.com/products/xsh_overview.html )

BTW: Support is very good .... even for the 'free users' (I contacted them with a question and got a quick and useful response. )

"Please can you use a 'proper' ssh terminal program...."

You've hit the nail on the head: I formatted the USB drive and used XShell on my Windows laptop instead of vSSH on my iPhone, and it all worked perfectly. Up to now I'd used vSSH for a few years thinking it was the equal of the 'big boys', but now I realise that all SSH clients are not created equal. I guess I'd become lazy: it's a lot easier to pull out a smart 'phone than to boot up a laptop, wait for Windows to finish updating itself etc, by which time you've forgotten what it was you were going to do.

Many thanks for your kind patience, expertise and time.

 

[Asad Ali]

Up to now I'd used vSSH for a few years thinking it was the equal of the 'big boys', but now I realise that all SSH clients are not created equal.

Use "Termius" for iOS SSH'ing it's the best cleint for it and I've done all my SSH related stuff on it without any issues.

 

[Twiglets]

Yay !!!
Glad it is working

That was hard work !!!

There are 2 rules to 'Fight Club' Problem solving:
1. Never make assumptions !!!
2. Don't forget rule No. 1. !!!

(I relearn this at regular intervals BUT the intervals ARE getting bigger .... Honest !!! )

 

[martinr]

Yay !!!
Glad it is working

That was hard work !!!

There are 2 rules to 'Fight Club' Problem solving:
1. Never make assumptions !!!
2. Don't forget rule No. 1. !!!

(I relearn this at regular intervals BUT the intervals ARE getting bigger .... Honest !!! )

“Never assume: check!” was a flight-safety mantra drummed into us in the RAF; the problem is that you’re usually not aware you’ve made any assumptions until the analysis after the event. Nevertheless, it can help to remember to ask oneself what assumptions am I making in coming to this decision.

I’m glad you feel you’re making progress in that area; I find it hard work!

 

[XIII]

Use "Terminus" for iOS SSH'ing it's the best cleint for it

Maybe you mean "Termius"? (without the "n") https://www.termius.com/

Blink is also really nice on iOS: http://www.blink.sh/

 

[Asad Ali]

Maybe you mean "Termius"? (without the "n") https://www.termius.com/

Blink is also really nice on iOS: http://www.blink.sh/

Oh yeah "Termius" sorry it was a dreaded typo lol

P.S Blink is nice too but it's 19.99$ pricetag is too much for my needs. Termius free version works for everything I do.

 

[kvic]

Unknown TLS handshake errors

Remember slu / uce / uca that we introduced in pixelserv-tls 2.1?

I'm tired of glimpsing my pixelserv.log for suspicious errors. So wrote a little script to do the task for me. The script will skip suppressed (client, server) pairs, and highlight any new unknown cert/unknown CA entries for the day.

It sends an email report. See screenshot below. If there are new entries, they'll be listed in place of the "hooray" message.

The script has following requirements:

1. You enable minimum log LEVEL 2 in pixelserv-tls.
2. Set up a cron job for this script to run at the end of the day (23:59 recommended)
3. Supply your own email sending script that takes two arguments: 1st arg subject as in double quotes. 2nd arg body of email from a file.

Any privacy conscious ppl want to try...pls let me know.

 

[kvic]

Today's run.

145 uce. 0 uca. Among all, 127 are recognised by the script as in the suppress list. One is identified as new alert (that occurs and repeats 18 times). Now with the script, I have a much easier task to spot new and suspicious connection.

Upon checking, I confirm it's safe to ignore. So I could add the new (client, server) pair, "192.168.1.113 ping.chartbeat.net" to the suppress list and never have to see it and check again going forward.

 

[JaimeZX]

So that looks cool, but I guess I don't understand what you'd do with it at that point. ?