Menu
▾
▴
devil-linux-discuss — General Mailing List for all discussions
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(59) |
Sep
(57) |
Oct
(5) |
Nov
(45) |
Dec
(21) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(13) |
Feb
(22) |
Mar
(14) |
Apr
(7) |
May
(33) |
Jun
(57) |
Jul
(25) |
Aug
(40) |
Sep
(53) |
Oct
(58) |
Nov
(75) |
Dec
(22) |
| 2003 |
Jan
(101) |
Feb
(101) |
Mar
(103) |
Apr
(125) |
May
(85) |
Jun
(57) |
Jul
(62) |
Aug
(42) |
Sep
(76) |
Oct
(214) |
Nov
(290) |
Dec
(274) |
| 2004 |
Jan
(187) |
Feb
(172) |
Mar
(313) |
Apr
(209) |
May
(169) |
Jun
(147) |
Jul
(118) |
Aug
(193) |
Sep
(227) |
Oct
(125) |
Nov
(246) |
Dec
(191) |
| 2005 |
Jan
(244) |
Feb
(175) |
Mar
(165) |
Apr
(130) |
May
(217) |
Jun
(122) |
Jul
(188) |
Aug
(235) |
Sep
(165) |
Oct
(133) |
Nov
(209) |
Dec
(88) |
| 2006 |
Jan
(66) |
Feb
(89) |
Mar
(108) |
Apr
(91) |
May
(29) |
Jun
(45) |
Jul
(64) |
Aug
(42) |
Sep
(44) |
Oct
(81) |
Nov
(64) |
Dec
(9) |
| 2007 |
Jan
(24) |
Feb
(122) |
Mar
(55) |
Apr
(50) |
May
(84) |
Jun
(13) |
Jul
(80) |
Aug
(70) |
Sep
(78) |
Oct
(45) |
Nov
(56) |
Dec
(42) |
| 2008 |
Jan
(65) |
Feb
(3) |
Mar
(51) |
Apr
(151) |
May
(54) |
Jun
(72) |
Jul
(73) |
Aug
(47) |
Sep
(55) |
Oct
(123) |
Nov
(16) |
Dec
(4) |
| 2009 |
Jan
(23) |
Feb
(39) |
Mar
(27) |
Apr
(36) |
May
(35) |
Jun
(51) |
Jul
(11) |
Aug
(14) |
Sep
(40) |
Oct
(67) |
Nov
(38) |
Dec
(13) |
| 2010 |
Jan
(15) |
Feb
(35) |
Mar
(40) |
Apr
(11) |
May
(26) |
Jun
(10) |
Jul
(5) |
Aug
(50) |
Sep
(86) |
Oct
(67) |
Nov
(36) |
Dec
(11) |
| 2011 |
Jan
(50) |
Feb
(6) |
Mar
(13) |
Apr
(13) |
May
(29) |
Jun
(27) |
Jul
(26) |
Aug
(27) |
Sep
(21) |
Oct
(7) |
Nov
(27) |
Dec
(4) |
| 2012 |
Jan
(11) |
Feb
(20) |
Mar
(48) |
Apr
(18) |
May
(8) |
Jun
(19) |
Jul
|
Aug
(15) |
Sep
(3) |
Oct
(4) |
Nov
(5) |
Dec
(1) |
| 2013 |
Jan
(13) |
Feb
(7) |
Mar
(4) |
Apr
(25) |
May
(2) |
Jun
(8) |
Jul
(4) |
Aug
(8) |
Sep
(7) |
Oct
|
Nov
(5) |
Dec
(10) |
| 2014 |
Jan
|
Feb
|
Mar
(6) |
Apr
(20) |
May
(5) |
Jun
|
Jul
(2) |
Aug
|
Sep
(8) |
Oct
(21) |
Nov
(4) |
Dec
(7) |
| 2015 |
Jan
(10) |
Feb
(9) |
Mar
(4) |
Apr
|
May
|
Jun
|
Jul
|
Aug
(5) |
Sep
(11) |
Oct
|
Nov
(17) |
Dec
(32) |
| 2016 |
Jan
(10) |
Feb
(15) |
Mar
(4) |
Apr
(7) |
May
(10) |
Jun
(11) |
Jul
(15) |
Aug
(26) |
Sep
(13) |
Oct
(10) |
Nov
(16) |
Dec
(6) |
| 2017 |
Jan
(9) |
Feb
(3) |
Mar
|
Apr
(2) |
May
(2) |
Jun
|
Jul
|
Aug
(3) |
Sep
(3) |
Oct
(6) |
Nov
(8) |
Dec
|
| 2018 |
Jan
(12) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Ivan S. <is...@gm...> - 2007-04-03 09:36:18
|
On 4/3/07, "Rudner, Bj=F6rn" <br...@ba...> wrote: > Yes, I've encountered the same problem. > > You can change PuTTY to use Blowfish as a workaround. Yes, I did that already, this workaround will do for now. Ivan |
|
From: <br...@ba...> - 2007-04-03 07:05:06
|
Yes, I've encountered the same problem. You can change PuTTY to use Blowfish as a workaround. Mit freundlichen Gr=FC=DFen/Kind regards, Bj=F6rn Rudner Administrator=20 phone: +49 (89) 930 839-16 pers. fax.: 01805-456 987-200 16 mobile: +49 (151) 121 623 71 e-mail: br...@ba...=20 =20 -----Urspr=FCngliche Nachricht----- Von: dev...@li... = [mailto:dev...@li...] Im Auftrag = von Ivan Savcic Gesendet: Dienstag, 3. April 2007 07:21 An: dev...@li... Betreff: [Devil-Linux-discuss] Devil Linux 1.2.13 affected by OpenSSL = 0.9.8eAES bug Hello, Devil Linux 1.2.13 seems to be affected by following OpenSSL bug: http://bugzilla.mindrot.org/show_bug.cgi?id=3D1291 PuTTY-specific details: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-aesctr-op= enssh.html Can anyone confirm the same results when using the AES (default) cipher = in PuTTY when connecting to Devil Linux 1.2.13 box? Thanks, Ivan Savcic _________________________________________________________________________= ___ baulogis GmbH Zamdorfer Str. 100 81677 M=FCnchen / Munich Deutschland / Germany www.baulogis.com Gesch=E4ftsf=FChrer / Managing Director: Thomas Bachmaier HRB 133832, Amtsgericht M=FCnchen Ust-ID: DE 212 020 193 Der Inhalt dieser E-Mail ist vertraulich und ausschlie=DFlich f=FCr den = bezeichneten Adressaten (dev...@li...) = bestimmt. Wenn Sie nicht der vorgesehene Adressat dieser E-Mail oder dessen = Vertreter sein sollten, so beachten Sie bitte, dass jede Form der Kenntnisnahme, = Ver=F6ffentlichung,=20 Vervielf=E4ltigung oder Wiedergabe des Inhalts dieser E-Mail = unzul=E4ssig ist. Bitte setzen Sie sich in diesem Fall mit dem Absender der E-Mail in = Verbindung (br...@ba...). |
|
From: Ivan S. <is...@gm...> - 2007-04-03 05:21:02
|
Hello, Devil Linux 1.2.13 seems to be affected by following OpenSSL bug: http://bugzilla.mindrot.org/show_bug.cgi?id=1291 PuTTY-specific details: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-aesctr-openssh.html Can anyone confirm the same results when using the AES (default) cipher in PuTTY when connecting to Devil Linux 1.2.13 box? Thanks, Ivan Savcic |
|
From: Vesselin K. <vk...@ex...> - 2007-04-01 08:35:19
|
> I've configure it (running pppoe-setup, and manually following the > HOWTO) but when I run pppoe-start all I get is a TIMEOUT. The modem > gets his 10/100M light green but nothing else happends. The modem needs to get its ADSL light on too. Nothing will happen while the ADSL light is off. However the ADSL light being ON still does not guarantee a connection. Contact your ADSL provider and ask them to double-check your account. Regards Vesselin |
|
From: <dna...@ya...> - 2007-04-01 02:46:40
|
Hi, I'm new to Linux and I've read all I've found about configuring an ADSL connection, but still can't connect to the net. I don't read german, so I guessed most of the HOWTO about PPPOE. I also read the list archives, but everywhere it says that configuring an running pppoe (rp-ppoe) is enough. I've configure it (running pppoe-setup, and manually following the HOWTO) but when I run pppoe-start all I get is a TIMEOUT. The modem gets his 10/100M light green but nothing else happends. Have try different user names, different net cards. Any help will be great (remember I'm new to Linux...). Thanks a lot. David. __________________________________________________ Preguntá. Respondé. Descubrí. Todo lo que querías saber, y lo que ni imaginabas, está en Yahoo! Respuestas (Beta). ¡Probalo ya! http://www.yahoo.com.ar/respuestas |
|
From: Martin H. <ma...@ho...> - 2007-03-27 14:52:26
|
Heiko Zuerker schrieb: > We're currently working on getting DL 1.3 in a working condition, which > uses the latest 2.6 kernel. This one may solve your problem. > > By the way, any more sponsors for speeding up the DL 1.3 development ? ah, well, I haven't agreed to enter into the whole sum that was privately discussed (as I explained), but I will definitely have the ability to add to the hardware stuff. martin |
|
From: Zsolt Z. <zsz...@gm...> - 2007-03-27 13:26:12
|
Hi! You can also use rate limit which is a nice netfilter feature. In Shorewall/rules file you can write following line, which allows two new connections per minute to ssh port. ACCEPT net fw tcp 22 - - 1/min:2 Zsolt On 3/27/07, Matthew Hattersley <mat...@va...> wrote: > Sounds like a wonderful tool. Would defo get a thumbs up from me. > > Mat > > -----Original Message----- > From: dev...@li... > [mailto:dev...@li...] On Behalf Of > Bruce Smith > Sent: 27 March 2007 13:57 > To: Devil Linux > Subject: [Devil-Linux-discuss] A new tool for defending against ssh > bruteforce attacks. > > Is this worth adding to DL? > > http://www.linux.com/article.pl?sid=07/03/20/2043209 > > - BS |
|
From: Frank W. <Fra...@ct...> - 2007-03-27 13:16:37
|
I have also come across this tiny piece of software: http://packages.debian.org/unstable/admin/molly-guard It prevents you form accidentally halt/reboot-ing a machine when your logge= d=20 via ssh.... ATM I have aliased halt reboot etc commands to echo a warning o= n=20 my DL boxes and servers but this is nicer.... =46rank =2D-=20 _______________________________________________ Centre de Technologie de l'Education 29 avenue John F. Kennedy L-1855 Luxembourg-Kirchberg email: Fra...@ct... t=E9l.: +352 478-5973 fax: +352 333797 _______________________________________________ |
|
From: Matthew H. <mat...@va...> - 2007-03-27 13:03:41
|
Sounds like a wonderful tool. Would defo get a thumbs up from me. Mat -----Original Message----- From: dev...@li... [mailto:dev...@li...] On Behalf Of Bruce Smith Sent: 27 March 2007 13:57 To: Devil Linux Subject: [Devil-Linux-discuss] A new tool for defending against ssh bruteforce attacks. Is this worth adding to DL? http://www.linux.com/article.pl?sid=3D07/03/20/2043209 - BS ------------------------------------------------------------------------ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3D= DEVDE V _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss |
|
From: Bruce S. <br...@ar...> - 2007-03-27 12:57:23
|
Is this worth adding to DL? http://www.linux.com/article.pl?sid=07/03/20/2043209 - BS |
|
From: Heiko Z. <he...@zu...> - 2007-03-27 12:54:36
|
On Tue, March 27, 2007 06:15, Andrew van Dyk wrote: > Hi, > > > > > We have a new Dell sc1435 and devillinux isn't seeing the USB memory > sticks, > > or the SATA HDD that is in there.. > > > > When inserting a usb flash memory device it comes up with > > > > > Mar 24 17:38:32 fw301 kernel: hub.c: USB device not accepting new address > (error=-71) > > > > > Any ideas on what the problem is? I think the new hardware may not be > supported by the kernel Yes that's very likely. We're currently working on getting DL 1.3 in a working condition, which uses the latest 2.6 kernel. This one may solve your problem. By the way, any more sponsors for speeding up the DL 1.3 development ? -- Regards Heiko Zuerker http://www.devil-linux.org |
|
From: Andrew v. D. <an...@ph...> - 2007-03-27 11:13:55
|
Hi, We have a new Dell sc1435 and devillinux isn't seeing the USB memory sticks, or the SATA HDD that is in there.. When inserting a usb flash memory device it comes up with Mar 24 17:38:32 fw301 kernel: hub.c: USB device not accepting new address (error=-71) Any ideas on what the problem is? I think the new hardware may not be supported by the kernel |
|
From: Andrew C. <an...@du...> - 2007-03-25 03:07:39
|
Hi, I'm trying to get iproute2 to route outgoing packets marked using iptables to an alternate route. I have ver 1.2.13 of devil-linux and I'm using the following commands to try to route in /etc/iproute2/rt_tables I have appended the following entry 200 alt.net I have then executed the following command ip rule add fwmark 1 table alt.net ip route add default via 172.16.1.1 dev eth2 table alt.net ip route flush cache My normal routing has eth0 as the default route so the above should override the routing for rules that mark packets with a 1. I'm using firewall builder to manage iptables and have used their marking action to mark the packets. I have rules that I'm using to test this to NAT outgoing traffic to tcp port 119 with policy rules to 1st mark packets destined through this route, then another rule to accept it. It doesn't seem to matter which things I change, the data always seems to go out through the default route and the the alt.net route. (I'm using tcpdump to confirm this) The lartc docs have the following kernel options required for routing marked packets in iproute2 IP: advanced router (CONFIG_IP_ADVANCED_ROUTER) [Y/n/?] IP: policy routing (CONFIG_IP_MULTIPLE_TABLES) [Y/n/?] IP: use netfilter MARK value as routing key (CONFIG_IP_ROUTE_FWMARK) [Y/n/?] all of which are correctly set according to DL-kernel-config file included in the devil-linux download, so the correct compile options look to be set. Does anyone have any suggestions on what I may be doing wrong or further things I could check. Thanks, Andrew |
|
From: Heiko Z. <he...@zu...> - 2007-03-16 13:48:14
|
On Fri, March 16, 2007 07:44, Martin Hotze wrote: > Bruce Smith schrieb: > > >> Dansguardian is already in DL, and has been for some time. >> > > from changes file (1.2.10): --- > - tar'ed up dansguardian /etc/ files and put in /config on CD, > must be manually installed in this DL release (bs) --- > > > IIRC this was because of the uncertain licensing policy. We could go ahead and put most (except the config files themselves) of the stuff from /etc/dansguardian into /usr/share/dansguardian/etc and just symlink it. If a user wants to update i.e. the wordlists, he can simply overwrite the symlinks. -- Regards Heiko Zuerker http://www.devil-linux.org |
|
From: Heiko Z. <he...@zu...> - 2007-03-16 13:39:33
|
On Fri, March 16, 2007 07:57, Bruce Smith wrote: >>> Dansguardian is already in DL, and has been for some time. >>> >> >> from changes file (1.2.10): --- >> - tar'ed up dansguardian /etc/ files and put in /config on CD, >> must be manually installed in this DL release (bs) --- >> >> >> IIRC this was because of the uncertain licensing policy. >> > > No, I believe we did that for a different reason. > > > There are some packages that have large amounts of data in /etc. And > since /etc/ is in ram-disk, it's wasting a lot of memory for people who > don't use those packages. Plus the 'save-config' tar file may get too > large to fit on a floppy. > > So, we've been tarring up some of the packages with large /etc/ usage > and putting it on the CD. People who run those packages will need to untar > the data from the CD into their /etc. > > This saves a lot of memory and 'save-config' disk space for everyone. > > > I guess we need to document this better. Maybe something in the > official DL docs? Heiko? (I never learned how to do that) :-) I'd be more then happy to show you (if I remember...). -- Regards Heiko Zuerker http://www.devil-linux.org |
|
From: Bruce S. <bw...@ar...> - 2007-03-16 12:57:23
|
> > Dansguardian is already in DL, and has been for some time. > > from changes file (1.2.10): > --- > - tar'ed up dansguardian /etc/ files and put in /config on CD, > must be manually installed in this DL release (bs) > --- > > IIRC this was because of the uncertain licensing policy. No, I believe we did that for a different reason. There are some packages that have large amounts of data in /etc. And since /etc/ is in ram-disk, it's wasting a lot of memory for people who don't use those packages. Plus the 'save-config' tar file may get too large to fit on a floppy. So, we've been tarring up some of the packages with large /etc/ usage and putting it on the CD. People who run those packages will need to untar the data from the CD into their /etc. This saves a lot of memory and 'save-config' disk space for everyone. I guess we need to document this better. Maybe something in the official DL docs? Heiko? (I never learned how to do that) :-) - BS |
|
From: Martin H. <ma...@ho...> - 2007-03-16 12:44:45
|
Bruce Smith schrieb: > Dansguardian is already in DL, and has been for some time. from changes file (1.2.10): --- - tar'ed up dansguardian /etc/ files and put in /config on CD, must be manually installed in this DL release (bs) --- IIRC this was because of the uncertain licensing policy. #m > - BS > > >> I had an Email exchange with Daniel Barron. He is the >> developer/maintainer of Dansguardian. >> >> I forward the exchange below. As you can see we now have the go for >> integrating Dansguardian into DL and the problems with licensing should >> now be solved. >> >> So please integrate Dansguardian ASAP into both the 1.2 and 1.3 versions >> of DL. >> >> Thanks! >> >> Martin |
|
From: Bruce S. <bw...@ar...> - 2007-03-16 12:38:41
|
Dansguardian is already in DL, and has been for some time. - BS > I had an Email exchange with Daniel Barron. He is the > developer/maintainer of Dansguardian. > > I forward the exchange below. As you can see we now have the go for > integrating Dansguardian into DL and the problems with licensing should > now be solved. > > So please integrate Dansguardian ASAP into both the 1.2 and 1.3 versions > of DL. > > Thanks! > > Martin > > > -------- Original-Nachricht -------- > Betreff: Re: integration of DansGuardian into Devil-Linux? > Datum: Thu, 15 Mar 2007 13:10:28 +0000 (GMT) > Von: Daniel Barron <da...@ja...> > An: Martin Hotze <ma...@ho...> > > On Thu 15 Mar, Martin Hotze wrote: > > > Daniel Barron schrieb: > > > > > On Wed 14 Mar, Martin Hotze wrote: > > >> Hi, > > >> > > >> we are currently using devil linux (DL) as firewall (see > > >> www.devil-linux.org) and thre might be an interest of integrating > > >> DansGuardian as a standard feature for all devil linux firewall users, > > >> no matter if they are commercial or private users. > > >> > > >> Can you think about a one time (and a oncefor ever) license for using > > >> and integrating DansGuardian into devil linux? Means: integrating it > > >> into DL as a standard package and maintaining it so that every user of > > >> DL (no matter if commercial user or not) is able to also use > > >> DansGuardian (without paying any extra licensing fees). > > >> > > >> Thanks, > > >> > > >> Martin > > >> > > > > > > > > > Hi, > > > > > I assume devil-linux is free as in without cost? > > > > > > yes, devil-linux is free for private and commercial use without any > > restrictions (GPL, though). > > > > > If so then simply take > > > DG under the GPL. > > > > > > So you hereby grant permission to integrate and use DansGuardian > > into/with devil-linux without restriction (GPL; private and commercial > > [!] use)? > > If this is OK with you I will then forward your statement to the > > devil-linux mailinglist. > > > > Yes you may download and use it under the GPL. The GPL allows you to > integrate it into whatever you want including devil-linux provided the GPL > is adheared to. > |
|
From: Martin H. <ma...@ho...> - 2007-03-16 07:12:32
|
Hi, I had an Email exchange with Daniel Barron. He is the developer/maintainer of Dansguardian. I forward the exchange below. As you can see we now have the go for integrating Dansguardian into DL and the problems with licensing should now be solved. So please integrate Dansguardian ASAP into both the 1.2 and 1.3 versions of DL. Thanks! Martin -------- Original-Nachricht -------- Betreff: Re: integration of DansGuardian into Devil-Linux? Datum: Thu, 15 Mar 2007 13:10:28 +0000 (GMT) Von: Daniel Barron <da...@ja...> An: Martin Hotze <ma...@ho...> On Thu 15 Mar, Martin Hotze wrote: > Daniel Barron schrieb: > > > On Wed 14 Mar, Martin Hotze wrote: > >> Hi, > >> > >> we are currently using devil linux (DL) as firewall (see > >> www.devil-linux.org) and thre might be an interest of integrating > >> DansGuardian as a standard feature for all devil linux firewall users, > >> no matter if they are commercial or private users. > >> > >> Can you think about a one time (and a oncefor ever) license for using > >> and integrating DansGuardian into devil linux? Means: integrating it > >> into DL as a standard package and maintaining it so that every user of > >> DL (no matter if commercial user or not) is able to also use > >> DansGuardian (without paying any extra licensing fees). > >> > >> Thanks, > >> > >> Martin > >> > > > > > Hi, > > > I assume devil-linux is free as in without cost? > > > yes, devil-linux is free for private and commercial use without any > restrictions (GPL, though). > > > If so then simply take > > DG under the GPL. > > > So you hereby grant permission to integrate and use DansGuardian > into/with devil-linux without restriction (GPL; private and commercial > [!] use)? > If this is OK with you I will then forward your statement to the > devil-linux mailinglist. Yes you may download and use it under the GPL. The GPL allows you to integrate it into whatever you want including devil-linux provided the GPL is adheared to. -- Daniel Barron (Visit http://dansguardian.org/ - True web content filtering for all) "Tis true, there's magic in the web" (Othello - William Shakespeare) |
|
From: <lm...@de...> - 2007-03-14 06:28:00
|
Hello My name is Lara Thynne and I am a PhD candidate at Deakin University Australia. I am currently researching the boundary between work and leisure activities directly related to the open source community and open source program development. As part of this I am running a survey at the following address. https://dcarf.deakin.edu.au/surveys/oss/ The survey is completely confidential and looks at your views and motivations to use Open Source software and to participate in the community. It will only take a five to ten minutes to complete and your contact details will not be recorded. You can withdraw your participation at any stage. I sincerely apologize for the spammish nature of this e-mail - I don't mean to abuse this list. I am trying to collect responses from as many open source developers and users as possible and a mailing list like can be the only way to reach many developers. Thanks again Lara P.S The program that I am using is open source, of course (www.phpsurveyor.org)! |
|
From: Bogdan P. <pet...@ya...> - 2007-03-14 03:44:33
|
Thanks, I'll try it too. I have found some similar stuff on ntp bugzilla : https://ntp.isc.org/bugs/show_bug.cgi?id=716 https://ntp.isc.org/bugs/show_bug.cgi?id=387 I'll keep an eye on this stuff maybe the ntp guys will fix it Best regards --- Philip Peake <ph...@vo...> wrote: > Forgot to mention how to do it: > > Setup -> Services to be started on boot -> IPV6_ROUTING > > Turn this off. Save config. Reboot. > > > > Philip Peake wrote: > > Yes its IPV6 that breaks it. > > I disables IPV6 routing and it then works ok. > > > > Philip > > > > --------------- > > Bruce Smith wrote: > >> I can confirm that ntpd is broken, with the default config anyway. > >> > >> I did some strace'ing and it's trying to listen on a IPv6 wildcard > >> address "::". > >> > >> I'm guessing it's not working because I'm not running IPv6, and I > >> haven't figured out if how to turn off IPv6 in ntp.conf, or if it's even > >> possible to turn off IPv6 in ntpd. > >> > >> Anyone with some IPv6 knowledge have any ideas? > >> Maybe if I activated IPv6 on eth0? How do I do that? > >> > >> For now, I guess I'll stick a 'ntpdate' in an hourly cron job to keep my > >> server's time correct. But that won't help people who need to run a > >> real NTP server. > >> > >> - BS > >> > >> > >> > >>> Yep, after reboot, and everytime I try to start xntpd. > >>> I found another guy on the web who was complaining that he notices the same thing when > running ntp > >>> and one of the eth interfaces was down. Mine are up but that's why I rather think it's and > ntp bug > >>> ... > >>> > >>> lsof output: > >>> > >>> COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME > >>> dhcpcd 545 root 4u IPv4 5090 UDP *:bootpc > >>> dnsmasq 684 nobody 4u IPv4 5796 UDP *:domain > >>> dnsmasq 684 nobody 5u IPv4 5797 TCP *:domain (LISTEN) > >>> dnsmasq 684 nobody 9u IPv4 5810 UDP *:filenet-tms > >>> dhcpd 771 root 5u IPv4 6329 UDP *:bootps > >>> sshd 901 root 3u IPv4 7006 TCP esgaroth:ssh (LISTEN) > >>> smbd 1243 root 18u IPv4 8570 TCP esgaroth:microsoft-ds (LISTEN) > >>> smbd 1243 root 19u IPv4 8571 TCP esgaroth:netbios-ssn (LISTEN) > >>> nmbd 1247 root 6u IPv4 8793 UDP *:netbios-ns > >>> nmbd 1247 root 7u IPv4 8794 UDP *:netbios-dgm > >>> nmbd 1247 root 8u IPv4 8796 UDP esgaroth:netbios-ns > >>> nmbd 1247 root 9u IPv4 8797 UDP esgaroth:netbios-dgm > >>> > >>> as you see no port 123. Also I see no ntp in the process list > >>> > >>> Best regards > >>> --- Heiko Zuerker <he...@zu...> wrote: > >>> > >>> > >>>> Do you get this message after you reboot the box? > >>>> > >>>> What's the output of the following commands: > >>>> lsof -i tcp:123 > >>>> lsof -i udp:123 > >>>> > >> > >> > >> ------------------------------------------------------------------------- > >> Take Surveys. Earn Cash. Influence the Future of IT > >> Join SourceForge.net's Techsay panel and you'll get the chance to share your > >> opinions on IT & business topics through brief surveys-and earn cash > >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > >> _______________________________________________ > >> Devil-linux-discuss mailing list > >> Dev...@li... > >> https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > >> > > > > ------------------------------------------------------------------------ > > > > ------------------------------------------------------------------------- > > Take Surveys. Earn Cash. Influence the Future of IT > > Join SourceForge.net's Techsay panel and you'll get the chance to share your > > opinions on IT & business topics through brief surveys-and earn cash > > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Devil-linux-discuss mailing list > > Dev...@li... > > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV> _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > -------------------------------- Being in the majority means that most people agree with you; it does not mean that you are right. -------------------------------- ____________________________________________________________________________________ We won't tell. Get more on shows you hate to love (and love to hate): Yahoo! TV's Guilty Pleasures list. http://tv.yahoo.com/collections/265 |
|
From: Michele P. <10...@ti...> - 2007-03-13 18:53:29
|
At 10.45 13/03/2007 -0700, you wrote: >One other item I noticed. >I use a different firewall than the ones provided (don't know if this >matters here). > >When networking is started, network communications are blocked (all >packets dropped). Starting up the firewall opens up the network (as much >as the firewall allows). >This is fine, since it closes a security hole during boot. > >However, syslog is started BEFORE the firewall is brought up. If you are >logging to a remote system, it, of course, fails since it can't connect. >The workaround for that is to change the order of startup to have syslog >start after the firewall is set up. > >Philip Thank you Philip! You gave me a possible (and quite plausible!!) reason for a remote syslog failure I was having some time ago (at that time I decided to syslog locally instead and put a cron job to tar.gz /var/log/messages every 15 minutes). Tomorrow I'll try your suggestion! If it works I owe you an ale! ^_^ (If you ever pass by) Live long and prosper! (and keep pushing the button! [ 4 8 15 16 23 42 EXECUTE ]) Michele |
|
From: Bruce S. <bw...@ar...> - 2007-03-13 17:56:28
|
> > However, syslog is started BEFORE the firewall is brought up. If you are > > logging to a remote system, it, of course, fails since it can't connect. > > The workaround for that is to change the order of startup to have syslog > > start after the firewall is set up. > > I'm fine with doing this change if nobody else has a complain about it. I agree that syslog (and all other network services that I can think of) should be started after the firewall. - BS |
|
From: Heiko Z. <he...@zu...> - 2007-03-13 17:52:20
|
On Tue, March 13, 2007 12:45, Philip Peake wrote: > One other item I noticed. > I use a different firewall than the ones provided (don't know if this > matters here). > > When networking is started, network communications are blocked (all > packets dropped). Starting up the firewall opens up the network (as much as > the firewall allows). This is fine, since it closes a security hole during > boot. > > However, syslog is started BEFORE the firewall is brought up. If you are > logging to a remote system, it, of course, fails since it can't connect. > The workaround for that is to change the order of startup to have syslog > start after the firewall is set up. I'm fine with doing this change if nobody else has a complain about it. -- Regards Heiko Zuerker http://www.devil-linux.org |
|
From: Philip P. <ph...@vo...> - 2007-03-13 17:47:26
|
One other item I noticed. I use a different firewall than the ones provided (don't know if this matters here). When networking is started, network communications are blocked (all packets dropped). Starting up the firewall opens up the network (as much as the firewall allows). This is fine, since it closes a security hole during boot. However, syslog is started BEFORE the firewall is brought up. If you are logging to a remote system, it, of course, fails since it can't connect. The workaround for that is to change the order of startup to have syslog start after the firewall is set up. Philip Bruce Smith wrote: > Yup, that "fixes" it! :-) > > - BS > > > >> Forgot to mention how to do it: >> >> Setup -> Services to be started on boot -> IPV6_ROUTING >> >> Turn this off. Save config. Reboot. >> >> >> >> Philip Peake wrote: >> >>> Yes its IPV6 that breaks it. >>> I disables IPV6 routing and it then works ok. >>> >>> Philip >>> >>> --------------- >>> Bruce Smith wrote: >>> >>>> I can confirm that ntpd is broken, with the default config anyway. >>>> >>>> I did some strace'ing and it's trying to listen on a IPv6 wildcard >>>> address "::". >>>> >>>> I'm guessing it's not working because I'm not running IPv6, and I >>>> haven't figured out if how to turn off IPv6 in ntp.conf, or if it's even >>>> possible to turn off IPv6 in ntpd. >>>> >>>> Anyone with some IPv6 knowledge have any ideas? >>>> Maybe if I activated IPv6 on eth0? How do I do that? >>>> >>>> For now, I guess I'll stick a 'ntpdate' in an hourly cron job to keep my >>>> server's time correct. But that won't help people who need to run a >>>> real NTP server. >>>> >>>> - BS >>>> >>>> >>>> >>>> >>>>> Yep, after reboot, and everytime I try to start xntpd. >>>>> I found another guy on the web who was complaining that he notices the same thing when running ntp >>>>> and one of the eth interfaces was down. Mine are up but that's why I rather think it's and ntp bug >>>>> ... >>>>> >>>>> lsof output: >>>>> >>>>> COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME >>>>> dhcpcd 545 root 4u IPv4 5090 UDP *:bootpc >>>>> dnsmasq 684 nobody 4u IPv4 5796 UDP *:domain >>>>> dnsmasq 684 nobody 5u IPv4 5797 TCP *:domain (LISTEN) >>>>> dnsmasq 684 nobody 9u IPv4 5810 UDP *:filenet-tms >>>>> dhcpd 771 root 5u IPv4 6329 UDP *:bootps >>>>> sshd 901 root 3u IPv4 7006 TCP esgaroth:ssh (LISTEN) >>>>> smbd 1243 root 18u IPv4 8570 TCP esgaroth:microsoft-ds (LISTEN) >>>>> smbd 1243 root 19u IPv4 8571 TCP esgaroth:netbios-ssn (LISTEN) >>>>> nmbd 1247 root 6u IPv4 8793 UDP *:netbios-ns >>>>> nmbd 1247 root 7u IPv4 8794 UDP *:netbios-dgm >>>>> nmbd 1247 root 8u IPv4 8796 UDP esgaroth:netbios-ns >>>>> nmbd 1247 root 9u IPv4 8797 UDP esgaroth:netbios-dgm >>>>> >>>>> as you see no port 123. Also I see no ntp in the process list >>>>> >>>>> Best regards >>>>> --- Heiko Zuerker <he...@zu...> wrote: >>>>> >>>>> >>>>> >>>>>> Do you get this message after you reboot the box? >>>>>> >>>>>> What's the output of the following commands: >>>>>> lsof -i tcp:123 >>>>>> lsof -i udp:123 >>>>>> > > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > |
50 messages has been excluded from this view by a project administrator.
