<jusa_>
which means then given audio device is active, stuff in matching card-section is activated
<jusa_>
so for example for the bluetooth cards certain profile is enabled in pulseaudio's bt-card
P-G has joined #neo900
<jusa_>
ideally the same for [device]-stuff. actrive audio device matched to type, then what sink should be used for each audio device
<jusa_>
route_audio in [group] flags means "use the sink/source from active device"
<jusa_>
[stream] definitions are static configuration for some apps etc, so camera-ui binary is classified as group camera
<jusa_>
classification is done for each pulseaudio stream, and classification can be either static ([stream] sections in config) or dynamic (accomplished with libresource or libresource-qt)
<DocScrutinizer05>
I guess I lack the basics to understand all this
<jusa_>
maybe
<jusa_>
it's quite horrible system... :P
<jusa_>
the brains of all this is OHM
<DocScrutinizer05>
gathered as much
<jusa_>
which is configured with prolog
<jusa_>
which in itself says enough imo
<DocScrutinizer05>
yep
<jusa_>
to properly understand all this you'd need to know how pulseaudio works, how OHM works, and how the resource policy system works
<DocScrutinizer05>
:nod:
<DocScrutinizer05>
and I understand neither
<DocScrutinizer05>
anyway aiui in fremantle the OHM config and OHM itself is semi-closed blob
<jusa_>
if you need to look at the n900 prolog stuff
<DocScrutinizer05>
iirc Pali already did
<jusa_>
ok
<DocScrutinizer05>
but indeed the whole thing lacks some documantation, like "how to add [e.g.] a USB soundcard - and define it's the ringtone playback device"
<jusa_>
yep, and it would be slightly better if it was only prolog
<jusa_>
but noo
<Pali>
scripts for decompiling
<jusa_>
it's a combination of make-like configuration (policy.dres) and the actual prolo
<jusa_>
*prolog
<timclassic>
You guys sound like you're working on porting closed parts of Fremantle to make them open... is that right?
<DocScrutinizer05>
well, not really atm, just looking what's there
<DocScrutinizer05>
Pali and freemangordon though...
<Pali>
I did that decompilation in 2012, because I wanted to use headset button also in media player :D
<jusa_>
dres being custom language.. then the C-side is poking the dres, which changes some predicates, then the whole prolog is rebuilt and new state communicated back
<Pali>
original nokia prolog code disable headset button when there is no active call
<DocScrutinizer05>
exactly, and that's a microscopic change in those configs
<DocScrutinizer05>
I'd like to understand how to change for example the audio.source and audio.sink for cmt, and adapt/tweak the routing
<jusa_>
group name cscall, sink.voice & source.voice
<DocScrutinizer05>
in ALSA this would be sooooo simple, but we have dang polypaudio which got invented to simplify and improve stuff iirc >:-(
<jusa_>
pulseaudio hate is so boring.. poettering was the one who started it, but it works, and has gone a long way from what it was back in the day
<jusa_>
(and lennart hasn't been involved for a long while)
<DocScrutinizer05>
I still miss any info how to set up a certain PA config
<bencoh>
you're not just missing PA info, you're missing nokia-specific stuff
<DocScrutinizer05>
no, i miss PA info
<P-G>
This may be a stupid question but why not use ALSA?
<Pali>
yes, whats bad with ALSA?
<DocScrutinizer05>
if I had the idea to make ringtone of my softphone come from read speakers while call voice audio shall come from front speakers, I had ZILCH idea how to implement that in PA. In ALSA it's a matter of 3 minutes editing the .asoundrc file
<DocScrutinizer05>
on my linux PC
<jusa_>
in pulse it's editing alsa-mixer profiles and/or paths
<jusa_>
which map iirc quite directly to what alsa exposes
<Pali>
DocScrutinizer05: in PA you need to load module which create "virtual" sound card which has input from your read sound card and split channels to more output sinks
<Pali>
and then remap each app to which sink you want to send sound output
Kabouik has joined #neo900
<DocScrutinizer05>
and I even wrote an extensio .so for ALSA which would allow to define that some acme-usb-relay shall operate a 230V~ ringer while ringtone audio device is open
<Pali>
and yes, it is pain in PA
<jusa_>
:)
<P-G>
I don't know much about programming but I've only ever heard that ALSA is superior as a protocol.
<P-G>
That is, in terms of fidelity, latency, and reliability.
<P-G>
Pulse Audio may have more broad market support, I don't know, but ALSA isn't exactly new.
<DocScrutinizer05>
and maintainability
<P-G>
Actually PulseAudio is newer. Who knew.
<DocScrutinizer05>
me knew
<P-G>
He knew.
<DocScrutinizer05>
I seen PA usurp ALSA, and my audio started cocking up
<DocScrutinizer05>
can't be more than 8 years ago
<DocScrutinizer05>
while ALSA been around since last century iirc
<P-G>
Speaking for myself, I've got more support for ALSA than PulseAudio on my systems. It's my non-Windows audio codec of choice.
<DocScrutinizer05>
Pali: "remap"? how?
<P-G>
Wiki says ALSA is 1998 and PA is 2006.
<Pali>
DocScrutinizer05: open pavucontrol, click to tab of all running output application and change output sink of application which you want
<DocScrutinizer05>
err, what? *running* app?
<Pali>
yes, you can change settings only for connected running application
<DocScrutinizer05>
that's idiocy
<Pali>
(and then you can use module which will remember setting per applications)
<Pali>
I do not know about any way how to configure it in config file
<DocScrutinizer05>
see?
<Pali>
(before application start first time)
<DocScrutinizer05>
that's exactly the info I miss
<Pali>
you cannot
<Pali>
and I would say PA devs tell you that you do not need to do that
<P-G>
:(
<Pali>
or *ordinary* user do not need to do it
<DocScrutinizer05>
how would I reroute a touchscreen click? so it doesn't spoil my mp3 output on main soundcard?
<Pali>
my bluetooth patches are still in queue since September...
<Pali>
and because: current application are broken, they should be fixed
<Pali>
(current application which use PA for sound output)
<DocScrutinizer05>
when PA devs tell me I don't need to take care about that, then...
<Pali>
I implemented support for autoswitch between bluetooth A2DP and HSP modes
<Pali>
and devs thinks that is up to application to do that, because HSP profile has very low quality and nobody want to use it
<DocScrutinizer05>
aha! :-/
<Pali>
but I do not want to continue talk about it
<DocScrutinizer05>
I feel with you
<Pali>
I have my own opition about PA and devs
FIQ has joined #neo900
<DocScrutinizer05>
prolly identical to mine
FIQ has joined #neo900
FIQ has quit [Changing host]
<Pali>
I patched PA locally so bluetooth works fine and I will not upgrade it...
<Pali>
DocScrutinizer05: something like my above PA patches whould be implemented also in ALSA, once ALSA will have support for bluetooth...
<Pali>
I found on internet that lot of linux users (without technical knowledge) want to something like that... but PA devs have other idea about it
<Pali>
so I know that I'm not alone who want to use bluetooth microphone as default recording device and when it is not used, then A2DP mode for audio streaming should be used
b1101 has joined #neo900
<Pali>
PA dev: >> We do disagree on this. I don't think Bluetooth headsets should be used as general-purpose capture devices. If a user really wants to do so, there is a mechanism to allow a manual switch. Most users will not be using this and do not need this. <<<
<DocScrutinizer05>
this all sounds like PA is already at a fatal dead end with the whole concept
<Pali>
yes, most of users buy bluetooth headset with MIC only because they do not need it...
<Pali>
my question: >> Ok and what to do in case that there is no other PA card with recording capability? <<
<Pali>
PA dev: >> Then you have no capture devices capable of general purpose (i.e. not limited to low quality voice) capture, and you have to manually elect to make this device available if you're okay with that. <<
<Pali>
so once I connect my bluetooth headset on computer without normal sound card, I must also find some PA config where I can manually enable HSP mode
<Pali>
great
<Pali>
and when want to listen music, I again must open that PA config application and switch back
<DocScrutinizer05>
I wouldn't even know where to look for that switch
<DocScrutinizer05>
PA config app? never seen any
<DocScrutinizer05>
I'd be happy if there was
FIQ is now known as FIQ
<Pali>
"pavucontrol", "kmix", and also gnome and unity has own application
<Pali>
but all is just runtime config support
<DocScrutinizer05>
in ALSA I'd write a .asoundrc to define a btmic record device and btvoice playback device, and a btstereo playback device. And just chose the according devices in my app for record and playback
<DocScrutinizer05>
config? in kmix I have volume control for "config"
<Pali>
kmix has very little support, but with right click on running application stream you can move it to another sound card :D
<DocScrutinizer05>
wouldn't know how to choose front or read speakers for output
<DocScrutinizer05>
rear*
<DocScrutinizer05>
no pavu* on my machine
<Pali>
in PA there are more entities... there is sound card, there is port, there is sink, source, ...
<DocScrutinizer05>
and I installed everything that wasn't for ARM or MIPS processor
<Pali>
and one sound card has more channels
<Pali>
but application use all channels for output (or only first two if support only stereo output)
<Pali>
so you need virtual sound card which take as input some channels from real sound card and then provide virtually two different sources
<Pali>
and then you can tell PA to move application to that virtual source
<Pali>
or sink
<Pali>
its too complicated
<DocScrutinizer05>
and in ALSA I simply use a mixer plugin and define that right channel shall go 100% right front speaker and 50% right rear speaker. Same for left
<Pali>
in PA all this is done automatically and in way how most of people want to use it
<DocScrutinizer05>
worst case use sth like gnuradio
<DocScrutinizer05>
which actually would be the only correct comprehensive GUI paradigm for mixers
illwieckz has quit [Ping timeout: 255 seconds]
<DocScrutinizer05>
both software and hw mixers
<DocScrutinizer05>
PA is like a home stereo amplifier that has only a volume dial and nothing else. Everything else is either done "automatically" ('start CD player playback before turning on amp, so amp can detect your audio source and set the selector and preset accordingly') or via a cryptic RPC API over ethernet
<DocScrutinizer05>
dang, cya l8r, I have some *urgent* phonecalls pending
illwieckz has joined #neo900
b1101 has joined #neo900
<freemangordon>
Pali: a minor development on the xloader - I made a little mistake...
<freemangordon>
:)
<freemangordon>
new xloader does not call 2 more SMC functions, but 2 more *SVC* functions
<Pali>
what is svc? arm instruction?
<freemangordon>
the new fanci name for SWI
<Pali>
and what is SWI? :D
<freemangordon>
fancy even. (software interrupt, something like int 80)
<Pali>
I do not know all those abbrevs.
<freemangordon>
SVC caomes from "supervisor call"
<freemangordon>
*comes
<Pali>
so it register some function which is called after software interrupt?
<freemangordon>
Pali: you know DOS' int 2f?
<Pali>
yes, I know x86 int
<freemangordon>
the so called "multiplexer interrupt"?
<freemangordon>
ok
<freemangordon>
ok, SWI/SVC is this
<Pali>
there is some vector of nums, where is stored pointer for functions
<Pali>
something like that
<freemangordon>
it "calls" the OS handler
<freemangordon>
no, there is only one pointer
<freemangordon>
look at "Table 26-7. ROM Exception Vectors" in the TRM
<Pali>
and that callback function is in xloader?
<Pali>
or somewhere in ROM?
<freemangordon>
No idea :(
<freemangordon>
in bootrom it points to 0x4020FFD0
<freemangordon>
which is the same value as in the TRM
<Pali>
they are going to include bootloader into systemd!
<Pali>
morons
<Pali>
UEFI gummiboot to systemd
<Pali>
"for security reasons"
paulk-collins has joined #neo900
<DocScrutinizer05>
next step: load signed kernels only. Poettering has signing cert on his keyring
Kabouik has joined #neo900
<DocScrutinizer05>
then: download systemd sources only after authenticating with systemd cert, only on trusted environment
<kerio>
"Lennart says that the bootloader feature will remain option and you'll still be able to use systemd with GRUB2, etc."
<kerio>
LOL
<kerio>
we heard that multiple times
<DocScrutinizer05>
multiple times too often already
<DocScrutinizer05>
buzzword udev
arcean has quit [Quit: Application terminated!]
<wpwrak>
"no one has the intention of erecting a wall" :-)
<DocScrutinizer05>
I wonder how far the rest of industry will tolerate this hijacking of linux by redhat
arcean has joined #neo900
<DocScrutinizer05>
polyp-daemon
<DocScrutinizer05>
the "polyp" already gave it away
<DocScrutinizer05>
I guess they should rename systemd to system
<ShadowJK>
in before "But raspberry pi has quadcore now, why not Neo900!?"
<bencoh>
:))
Zero_Chaos has joined #neo900
<bencoh>
18:22 < Pali> they are going to include bootloader into systemd!
<bencoh>
is that serious ?
<Pali>
yes
<Pali>
:-(
<bencoh>
:/
<DocScrutinizer05>
they the F* should fork and call their crap System D, and leave linux alone
<P-G>
Does anybody here know about Asterisk configuration?
<bencoh>
a long time ago, yes
paulk-collins has quit [Ping timeout: 252 seconds]
<P-G>
Cool. I'm trying to find a good way to configure a call priority based firewall of sorts. I seems like some people have done this through call groups but I can't find any detailed information and that seems kind of inefficient. What do you think?
<P-G>
My goal is to take a list of phone numbers, times, locations, or whatever and attribute calls a specific integer priority which is used to decide firewall action based on user, group, or phone specific settings.
<DocScrutinizer05>
~xy
<infobot>
from memory, xy is The XY problem: You want to do X, but don't know how. You think you can solve it using Y, but don't know how to do that, either. You ask about Y, which is a strange thing to want to do. Just ask about X. http://www.catb.org/~esr/faqs/smart-questions.html#goal
<P-G>
That's basically it.
<P-G>
I want to allow users to screen calls, admins to screen calls by group, and users to set call screening by device on the server.
<bencoh>
so it's not a question of priority ?
<P-G>
By screen, I mean screen automatically to an action like accept with priority integer x, deny, or deny and notify user.
<P-G>
It is basically priority but how to implement it.
<P-G>
SIP doesn't provide for a call priority field, does it?
<DocScrutinizer05>
in client aka UA aka softphone, _not_ in PBX
<P-G>
Yeah but I want to do it from the server to simplify logistics and reduce client overhead.
<DocScrutinizer05>
though, since * is a B2B-UA...
<DocScrutinizer05>
anyway, pretty much off topic in here
<P-G>
Ok, I just figured you guys might know phone stuff.
<P-G>
I'll see what I can do.
<DocScrutinizer05>
the guys over at #asterisk might...
<P-G>
Is that on freenode?
<bencoh>
l/55
<bencoh>
woops
<bencoh>
yeah, better ask there :)
<P-G>
Ok, good call.
<P-G>
Thanks. :)
modem has quit [Quit: Quitte]
<DocScrutinizer05>
anyway you're right, SIP INVITE has no defined priority field. So how would random UA react on "priority". What is user supposed to do, based on what? You maybe can use some extension of standards to define the ringtone, based on priority asterisk assigned. For that asterisk could rewrite the INVITE content
<DocScrutinizer05>
you could rewrite the displayname of far end, so it doesn't show mere "number" but something more rich info
<DocScrutinizer05>
I think I don't really grok the usecase. So for sure you better ask in #asterisk
<P-G>
Yeah, I get the feeling this is going to be an adventure. In a worst case I could pass an integer and configure the client side firewall dynamically but I would rather deny the call from the PBX to decrease overhead and so users don't all need specialized configuration.
<P-G>
I'll see what I can figure out but I'm really looking forward to using this technology along with a Neo900. ;)
<DocScrutinizer05>
sorry, this is completely meaningless to me
<P-G>
No worries, it's pretty meaningless to me to. :(
<DocScrutinizer05>
again, focus on usecases, not tools
<P-G>
Well, most sip clients have firewalls. If necessary, I could just specify manual configuration but I'd like to allow fast, centralized administration. This may be kind of weird in a phone setting but it seems pretty necessary from an I.T. perspective.
<DocScrutinizer05>
most military have helicopters. they usually don't use them to sort the mail
<P-G>
Lol, this is true.
<P-G>
I'm probably a security nut.
<DocScrutinizer05>
you're probably the son of that siemens excel guy who wrote a complete word processor in excel sheets, each cell one character
<P-G>
D:
<P-G>
Why would anybody do that?
<bencoh>
because you can!
<DocScrutinizer05>
why would anybody sort/redirect/reject calls using netfilters
<bencoh>
wait, no. :)
<P-G>
To prevent call spamming.
<DocScrutinizer05>
check fail2ban!
<DocScrutinizer05>
and read about XY problem
<P-G>
I feel like there must be attack vectors that seem legitimate on that layer but what about legitimate calls?
<P-G>
Like if a certain department is receiving too many calls, they could allow only priority calls. Individual employees could do the same so as to not receive calls unless they are important enough.
vakkov has quit [Ping timeout: 245 seconds]
<DocScrutinizer05>
so you hope for netfilters to have an idea about a SIP call priority that not even exists in real life?
<DocScrutinizer05>
I guess your task will be hard enough when you focus on teaching your PBX about what's a "rogue" call and what's a "priority" call
<P-G>
No, it would be configured by users. Administrators configure rules for call groups (i.e. departments) and users can configure their priorities for their various devices.
<DocScrutinizer05>
adding a stateful packet inspection to netfilters to do that decision on behalf of your asterisk is... weird idea
<P-G>
Could also be assigned via extensions.
<P-G>
That's not what I had in mind, lol.
<P-G>
This isn't in netfilters, this is in asterisk. I don't think an external service is necessary.
<DocScrutinizer05>
please take it to #asterisk
<P-G>
Yeah, I will. Just need to figure out how to get in there. :(
<DocScrutinizer05>
maybe /join #asterisk ?
<P-G>
Lol...
<P-G>
"you need to be identified with services"
<P-G>
Either freenode or asterisk channel.
<DocScrutinizer05>
hmm, then maybe you should do that. It's best practice anyway
<P-G>
Freenode account?
<DocScrutinizer05>
/msk nickserv help register
<P-G>
Ok.
<DocScrutinizer05>
/msg *
<DocScrutinizer05>
/msg nickserv info p-g
<DocScrutinizer05>
you may ask in #freenode to drop that account
<DocScrutinizer05>
unless... you need authentication to join #freenode ;-)
<P-G>
Yeah...
<P-G>
I could just use another name but I'll give it a shot.
<P-G>
Think I should hide my email or no?
<P-G>
\msg nickserv info p-g shows email as HideMail.
<DocScrutinizer05>
freenode staff says #freenode is not +r, you should be able to join
<P-G>
Yeah, I can. Fortunately...
<P-G>
That would be a problem.
che1 has joined #neo900
<DocScrutinizer05>
so join #freenode, ask for staffers freeing the account for you to claim it
<DocScrutinizer05>
or choose another nick/account name
<DocScrutinizer05>
one that's not yet used
<DocScrutinizer05>
though p-g been used for *one* day, 18 months ago
<DocScrutinizer05>
this account is ready for taking over
paulk-collins has joined #neo900
<P-G>
Yeah but I don't want to steal it if it's their regular name. It is my regular name but I'm new to freenode.
<kerio>
they won't let you steal it if it's someone's regular username
<DocScrutinizer05>
kerio: account expired
<kerio>
yes
<kerio>
so it's not someone's regular username
<DocScrutinizer05>
definitely not
<DocScrutinizer05>
used for one day
<P-G>
Then why did they register it. ;(
<DocScrutinizer05>
who knows
<P-G>
Probably to access #asterisk.
<DocScrutinizer05>
((Think I should hide my email or no?)) that's default
<P-G>
"We strongly suggest that you avoid configuring your channel to "auto-op". Use the chanserv "op" command to obtain channel operator status only when needed. This will help to keep your channel temperature low and reduce conflicts."
<DocScrutinizer05>
yes
<DocScrutinizer05>
so?
<P-G>
Is that just to make users more comfortable or to prevent people trying to hack auto-op?
<DocScrutinizer05>
the former
<P-G>
Ok, that's reassuring.
<kerio>
chanserv will only autoop you if you're identified anyway
<kerio>
and if you're identified, you can op yourself manually
<DocScrutinizer05>
like this
<kerio>
BULLY ;-;
<DocScrutinizer05>
just testing my Konversation fix for broken %c
<DocScrutinizer05>
P-G: you need to keep an eye on #freenode and ask a staffer directly as soon as (s)he goes active and 'speaks'
<P-G>
Registration complete, #asterisk here I come!
<DocScrutinizer05>
don't forget to configure your client to auto-authenticate (identify) on startup
<P-G>
Good idea.
<P-G>
Last time I did that on a different server I forgot to save my credentials and lost them when I reinstalled my OS. Not this time!
nox- has joined #neo900
<DocScrutinizer05>
well, meanwhile you even can recover your password when you forgot it
vakkov has joined #neo900
<P-G>
Yeah, I'll need to look into that sometime.
<DocScrutinizer05>
I hope not :-)
<DocScrutinizer05>
raher keep your password and don't forget it
<P-G>
Not here, I have my credentials saved properly. now. :)
wazrus has joined #neo900
mvaenskae has quit [Ping timeout: 264 seconds]
fling has quit [Ping timeout: 276 seconds]
<kerio>
and by "auto-authenticate (identify)", DocScrutinizer05 means "use SASL"
<DocScrutinizer05>
oh, did I?
<kerio>
you did
<kerio>
or you suck at IRC
<kerio>
your choice
<DocScrutinizer05>
I opt for suck
<kerio>
HOW CAN YOU NOT USE SASL YOU'RE EVEN USING ZNC
<kerio>
there's like a module right there
<DocScrutinizer05>
what for do I need SASL?
<kerio>
never not be identified to services
<Pali>
freenode support also auth via SSL cert
<kerio>
Pali: yeah but without SASL EXTERNAL, so it's kinda meh
<Pali>
you do not use username+password but, private key from SSL cert
<kerio>
yeah but that still happens after you've connected
<DocScrutinizer05>
where's the problem?
<kerio>
it's icky :v
<Pali>
password auth is less secure as asymetric cryptography
<DocScrutinizer05>
IRC and secure in same line? LOL
<Pali>
(if you trust RSA)
<Pali>
its auth data in SSL layer
<kerio>
Pali: the true securest shit would be ECDSA-NIST256P-CHALLENGE
<DocScrutinizer05>
look, you have no idea who's sponsoring the server
<DocScrutinizer05>
so except for DCC I'd not even bother to think about level of security
<kerio>
with ECDSA-NIST256P-CHALLENGE nobody between you and services will be able to authenticate as you
* DocScrutinizer05
yawns
<Pali>
why to use some channel for clear-text password tranfer, if you can use RSA for auth?
<Pali>
or do you trust more clear-text password as RSA or other asymetric cryptography?
<DocScrutinizer05>
you know that snickers TV spot? "smell like you, who would want that?"
<DocScrutinizer05>
when somebody really wants to steal my ID, they would just intercept the password reset mail
<DocScrutinizer05>
mind you that mail isn't encrypted either
<Pali>
depends...
<DocScrutinizer05>
on what?
<Pali>
smtp server can communicate between via TSL
<Pali>
so there can be encryption
<Pali>
*TLS
<DocScrutinizer05>
there could, yes
<DocScrutinizer05>
unless the man in the middle who intercepts the mail simply doesn't offer TLS
<kerio>
yeah, TLS for mail is kinda sad
<Pali>
end-to-end ecryption is required for email security
<P-G>
Mail servers can be configured to require TLS.
<DocScrutinizer05>
anyway, any decent hacker gets that mail before it got sent out by IRC server
<kerio>
P-G: no they can't
<kerio>
or they're not mail servers
<P-G>
Why?
<kerio>
they would be kinda-mail-except-not-really servers
<kerio>
because the SMTP specs allow for plaintext communication
<Pali>
smtp server can be configured *only* to accept TLS connection from previous smtp server
<DocScrutinizer05>
sure
<Pali>
but you do not know if previous-previous connection was encrypted or not
<DocScrutinizer05>
but how does that help for MITM?
<kerio>
apart for that
<Pali>
[21:00:52] <Pali> end-to-end ecryption is required for email security
<kerio>
but you will actually fail to receive the email from that dude with the company's email server
<Pali>
DocScrutinizer05 ^^
<kerio>
that doesn't have TLS support
<Pali>
so something like PGP
<kerio>
because it's an ancient version of exchange
<kerio>
Pali: or s/mime
<Pali>
or whatever you will use as end-to-end
<kerio>
mail.app supports s/mime :3
<DocScrutinizer05>
IRC-D7 doesn't provide encrypted mails
<DocScrutinizer05>
so as long as everybody and his dog can make IRC server send out an unencrypted PW reset mail, I won't worry about encrypting my link to IRC server
<DocScrutinizer05>
I'm not using WLAN ;-)
<P-G>
That's fair enough but that's the server admin's fault, not a technical limitation.
<DocScrutinizer05>
I rather should worry about finally getting a VPN from my N900 to my box
<DocScrutinizer05>
or at least a ssh tunnel
<kerio>
DocScrutinizer05: lobby pali into adding the ttl ipfilter module to kernel-power