James G. Sack (jim) wrote:
Ralph Shumaker wrote:
James G. Sack (jim) wrote:
<heh> That looks like some kind of artifact of your email client or
display?
I don't think it's on my end. I received it that way, from you, thru
the list. So, somewhere between you sending and me receiving, inclusive.
I do believe you have discovered something funny with _my_ T'bird. Upon
punching the reply button (or picking Reply from the right-mouse context
menu), I find that _sometimes_ the reply gets prepended with something
-- it sort of looks the last thing I might have copied from a viewed
mail message. That could conceivably be embarrassing, I suppose.
==> Maybe others should be on the lookout for this, too.
Interesting, but I *always* reply by hitting [Ctrl]+R and I never see that.
..
nfs was not enabled. Stopped nfslock (which stopped rpc.statd). And
stopped rpcbind. Disabled them and saved.
I don't know if they are related, but rpcgssd is enabled and running, as
well as rpcidmapd.
I guess those are all related (because of the rpc prefix), and all
unnecessary in your setup.
rpcgssd failed to stop, but didn't claim to be running. It was
checkmarked for loading tho.
rpcidmapd shut down successfully.
Both said something about NFSv4, which I don't think I'm using. I have
disabled them from starting up again (in runlevel 5 anyway).
.. udp 0.0.0.0:631 0.0.0.0:* 2563/cupsd
If you have a network-connected printer, then cupsd is most likely
essential, but if you have a direct-connect (eg, parallel, usb), then
I'm not sure whether it is still needed or not -- I suspect it might be,
though. Let us know what you find out. ;-) I would definitely not want
any firewall forwarding enabled on port 631!
How could I be certain. Test print before and after disabling?
Printing before, worked fine. Then I disabled. Tried to print. The
printer queue(sp?) showed the job, but didn't seem to want to print.
Right-clicking on the job had all options grayed out except for Cancel,
but selecting Cancel would not work until I started cupsd back up. So
it seems to be necessary.
So what should I do about port 631?
Google-poking shows some clue that it has to do with making (and/or
seeing?) announcements of printer availability on your local network.
Also that it seems to be controlled by
/etc/cups/cupsd
at the lines near
# Show shared printers on the local network.
You might experiment with these, because it seems you have no need for a
udp port being open on 631
I don't know if this helps:
# ll /etc/cups/cupsd.conf*
-rw-r----- 1 root lp 2474 2008-07-01 04:46 /etc/cups/cupsd.conf
-rw-r----- 1 root lp 2474 2008-07-01 04:46 /etc/cups/cupsd.conf.default
# diff /etc/cups/cupsd.conf /etc/cups/cupsd.conf.default
Apparently, I have the default settings (Fedora 8). Being 2474 bytes,
I'm hesitant to include the contents.
..
If the W.X.Y.Z are private IP addresses (eg, 192.168.1.xxx) handed out
by your household dhcp server (in your DSL modem), then there's no
damage by publishing those addresses. Those addresses can't identify you
-- in fact there are probably thousands (or more) who have the same
private IP address as you. Mine is 192.168.9.51 (because I customized my
gateway). The range 192.168.0.xxx and 192.168.1.xxx are very common
private addresses used in residential gateways.
You ofen see an 192,168.122.xxx IPs which is self-assigned by that
zeroconf stuff -- related to what is done by that avahi-daemon. I
believe you have to explicitly unconfigure something to get rid of that,
so I just try to ignore it.
Mine is 68.183.yyy.zzz which doesn't resemble yours. My hostname
currently is netblock-68-183-yyy-zzz, kinda like what Cox does IIRC.
Oh, that is not a private IP address, it is a public one (accessible
from the internet), so you are right to avoid plastering it all around.
It is visible in your email headers -- but there's not anything you can
do about that, I believe.
So your DSL modem is not doing any NAT.
Which is port forwarding?
==> Somebody else will have to explain what is going on. I'd like to
know more about it myself. Maybe that implies there is no
... implies there is no ???
The DSL management interface may or may not be accessible, though.
Here's what I would try:
# ifconfig eth0:1 192.168.1.99
# ping 192.168.1.1
if ping works, point your browser at http://192.168.1.1, and poke around.
What the above is, is an ethernet "alias" which behaves like another
interface working through the same hardware and ethernet wiring.
Yep, that did the trick. I'm in. Now I need to regress in this thread
since what you suggested has either been snipped or I'm just not seeing it.
If I found it, you suggested looking for unexpected port forwarding. I
don't know where to look for that. There seems to be a _lot_ in there.
But I did find a list of services:
☐ FTP
☑ HTTP
☑ ICMP
☑ SNMP
☑ TELNET
☑ TFTP
The check mark in ICMP is grayed out, suggesting that I can NOT change it.
If there *is* anything anywhere in there about port forwarding, it
eluded me.
It will go away on next boot, or if desired you can get rid of it by
# ifconfig eth0:1 0.0.0.0
I see no harm in leaving it. In fact, how can I make it survive a reboot?
[snip]
..
Well, at least at the NCAS installfest (but not this month --- they're
on summer vacation), you could leave kbd, mouse, monitor home.
Where, and generally when, is that? I know I should know "NCAS", but
I'm drawing a blank.
National City Adult School
Go to
http://kernel-panic.org/
look down toward the page bottom, a couple-of-blocks above, with the
label Installfest. There is a link to a map, even. But the next one
there is in September -- the 13th, I guess.
When I looked on sparky, I thought I saw National City Adult *Center*,
which would have been sufficient to throw me.
--
We shall have World Government, whether or not we like it. The only
question is whether World Government will be achieved by conquest or
consent.
--Paul Warburg CFR (Council on Foreign Relations) and architect of the
Federal Reserve System in an address to the US Senate. 1950-02-17
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
