92 replies to this topic

[WanWizard]

I know now why it don't work.

OpenPli uses this https://github.com/O...recipes-openpli.

Means it uses fix ab845c5 commit in e2openplugins repository. This is old commit without the added dependency. This has to be updated.

 

What is todo?

1. Why do we use upstream branch? If that's correct, add dependency to this branch (see master branch).

2. Update e2openplugins submodule in OpenPLi build env.

 

1. Don't know, it was, so I continued it. The entire repo is littered with hardcoded links, which we have to deal with for OpenPLi 5, quite an undertaking.

[littlesat]

I think the new stuff in owif looks very good and are real inprovements!

[Domi76]

This solution is not stable in remote (outside the own network - transcoding for instance)

init 4
opkg update
opkg install python-ipaddress
init 3

Can I remove the command ?

[Pr2]

This command simply add the package that is needed by OWIF to start, if you remove it then you will no longer have OWIF at all on your system.

So if there are access problem outside the LAN then it should be reported to OWIF creator.

 

Anyway you can of course uninstall the package:

init 4
opkg remove python-ipaddress
init 3

But keep in mind that OWIF will no longer be available at all since it won't start! So there is really no reason to remove it.

Edited by Pr2, 26 November 2016 - 16:54.

[betacentauri]

It's new that you also need to set password if you want to use webif outside your LAN.

[arn354]

This is probably because "other" images just install everything but the kitchen sink by default, while we prefer a small and lean image, so we only install by default what the package dependencies specify.

Sorry - thats simply nonsense. Maybe we are simply a little more agile and do not create a discussion about every change.
We just added the new depend to our openwebif bitbake recipe and all is fine.
https://github.com/o...ns-openwebif.bb

Edited by arn354, 26 November 2016 - 19:20.

[littlesat]

It's new that you also need to set password if you want to use webif outside your LAN. 

->

A good feature... but still allow the option that it is available outside the LAN when you arrange a password is still not save..

 

Sorry - thats simply nonsense. Maybe we are simply a little more agile and do create a discussion about every change.

We just added the new depend to our openwebif bitbake recipe and all is fine.

->

Snap!

I know it is not a game to make the image small as possible... But it is a fact e.g. OpenATV 5.3 for e.g. HD51 144 Mb v.s. Openpli5.0 for the same box 80 Mb... OpenPLi5.0 will be in image size 55% of e.g. OpenATV. 5.3/.... Or OpenATV 5.2 will be approx. 80% larger....

But of course OpenPLi 5.0 is not really released yet  And I think wanwizard was triggered by that in this case... B.t.w. OpenPLi5 had this specific package already included....

Edited by littlesat, 26 November 2016 - 19:34.

[betacentauri]

Yes, right. But a step into right direction.

[Domi76]

Thanks for your feedback, I keep it like this ????

[littlesat]

It's new that you also need to set password if you want to use webif outside your LAN. 

->

This does even not really work... I connect with box via open VPN and it blocks the 10.x.x.x ip address reange....

 

It would also be nice when the OWIF does not show the hidden number markers... now we see a channel with a - (dash)

Edited by littlesat, 26 November 2016 - 21:42.

[littlesat]

I'm also afraid 'blackbox' app needs to be changed.... Hopefully it is still a bit alive... or does a newer app exist....?

[SpaceRat]

This does even not really work... I connect with box via open VPN and it blocks the 10.x.x.x ip address reange....

It does work.

There are three levels:
1. Local access (= same subnet) is always allowed even if no login/pass is set (But if you enable auth, it will require auth).
2. VPN access (= any subnet from private address space) can be allowed to access w/o password (But if you enable auth, it will require auth).
3. External access non-optionally requires a login/pass to be set.

VPN access is disabled by default, just go to Extensions -> OpenWebif and toggle the setting "Enable access from VPNs" (or whatever it gets translated to) to "yes".
If set to "yes" VPNs count as local network, if set to "no" VPNs are treated the same way as external networks.

I decided to treat VPNs as external by default because the IPv4 address exhaustion has led to funny constructs as a remedy, e.g. smaller providers using private address space for their customers (Instead of the address space reserved for CGN).
Also if you share access with your neighbour(s) using a triangle router setup (Main router plus a cascaded router for each neighbour) will result in other people accessing from private address space.


And to stop the discussion about login/pass:
I know that a login "root:root" doesn't make it much any more secure.
The security gain comes from disabling the remote access in default setup and putting a landmark "Hm, why do they want me to set a pass here?".
Users are still able to set crap like "root:root" but they can not say anymore they haven't been warned.

Software by itself can not create security, we only stopped handing them the rifle for shooting their feet.

And it gives us the chance to tell them:
Do not open the ports - especially not port 80/http - using simple port forwarding at all!
Use a VPN or ssh tunneling instead!
You have been warned, from here on continue on your own risk!

Edited by SpaceRat, 27 November 2016 - 11:11.

[SpaceRat]

Maybe owif did not setup de master next or development bench for their big changes?

We have a 1.1-DEV branch for the upcoming changes (Which are in fact big).
Also the current themable OWIF has been developed within a separate "Theme" branch and was merged into master only when it was stable enough.

OWIF and other packages have added dependencies in the past all the time, that's not a big change.
python-ipaddress was even present in VTi and they are my landmark for an ancient distro. They use libraries and versions of tools where the comments inside the code are still written in Latin or Old Greek!
There was no indication to me that OpenPLi 4.0 env could be even more ancient and unable to build python-ipaddress.

[SpaceRat]

I'm also afraid 'blackbox' app needs to be changed.... Hopefully it is still a bit alive... or does a newer app exist....?

What is blackbox?

[betacentauri]

An app for mobile phones
http://www.rotapp.com/app/blackbox/

[SpaceRat]

And what's the problem with it?

[mrbeam]

te laat

 

Edited by mrbeam, 27 November 2016 - 11:45.

[isteric2005]

me problem with zgemma H2H and Osmini +

Pacht installed and all ok

Edited by isteric2005, 27 November 2016 - 11:56.

[littlesat]

Blackbox is working, you need to add the autharisation...
I would be nice to have an option what without autharisation you can still open the www... Default off ofcourse... Instead of that non config line within the configs. It would also be nice when you can config owif via owif... And that blind/hidden number markers are excluded from the Service lists...

And note openpli4 is probably the most ancient thing in this world...

Edited by littlesat, 27 November 2016 - 12:06.

[Pr2]

And pure cosmetic, in the plugin OpenWebif in the configuration at the botton line we have a static information:   OpenWebif url:  http://yourip:port   would be nice to make dynamic based on the information provided in the configuration.  So display the real IP address and port defined.