Re: [CentOS] 1680x1050 Monitor
Here is my xorg.conf I hope it could be useful to you.
Good luck
On Dec 31, 2007 12:28 PM, <[EMAIL PROTECTED]> wrote:
> On Mon, 31 Dec 2007 02:28:58 -0700
> "Carlos Daniel Ruvalcaba Valenzuela" <[EMAIL PROTECTED]> wrote:
>
> > I have the same monitor actually, here are some tips:
> >
> > Add this modeline to your "Monitor" section:
> >
> > modeline "[EMAIL PROTECTED]" 147.14 1680 1784 1968 2256 1050 1051
> > 1054 1087 -hsync +vsync
> >
> > Add the new resolution to your "Screen" section ("[EMAIL PROTECTED]"),
> > finally restart X, set the new resolution using
> > system-config-desplay or Resolution Applet.
>
> Thanks, but did not work yet. Could you post your xorg.conf so I
> can compare?
>
> --
>
> Thanks
> http://www.911networks.com
> When the network has to work
>
xorg.conf
Description: Binary data
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] display resolution
On Dec 31, 2007 12:25 AM, Bart Schaefer <[EMAIL PROTECTED]> wrote: > Were you able to select your monitor from the list or are you choosing > some kind of generic monitor? > > Move your existing xorg.conf out of the way before running > system-config-display so that it's forced to start from scratch. It > probably got the wrong HorizSync and VertRefresh values. > > If that doesn't work you'll need to find a manual or other description > of your monitor and set HorizSync and VertRefresh and possibly a > couple of Modeline entries by hand. > yes. i removed xorg.conf to generate it from scratch. i selected generic 1024x768 monitor. still cant get 1024x768 to work. on some other distro and livecd i can even get 1280x1024. 800x600 works perfect. but it's just too low for me. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] display resolution
dny wrote: > On Dec 31, 2007 12:25 AM, Bart Schaefer <[EMAIL PROTECTED]> wrote: >> Were you able to select your monitor from the list or are you choosing >> some kind of generic monitor? >> >> Move your existing xorg.conf out of the way before running >> system-config-display so that it's forced to start from scratch. It >> probably got the wrong HorizSync and VertRefresh values. >> >> If that doesn't work you'll need to find a manual or other description >> of your monitor and set HorizSync and VertRefresh and possibly a >> couple of Modeline entries by hand. >> > > yes. i removed xorg.conf to generate it from scratch. i selected > generic 1024x768 monitor. > still cant get 1024x768 to work. > on some other distro and livecd i can even get 1280x1024. SO ... rsync that xorg.conf file off that machine (or copy it to the hard drive somewhere if the live CD can do that) and use it in CentOS-5. It should be interchangeable. Thanks, Johnny Hughes signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.1, mythtv, saa7134_dvb?
Akemi Yagi wrote: ... I do not know the answer but you can try building the module first - much faster than building the whole kernel anyway. I also suggest filing a request at bugs.centos.org. This will help remind Johnny when he does centosplus for the next release. Alas, the saa7134 in 2.6.18 is too old for my card :-( The driver in 2.6.18 supports card numbered 1 to 95. My card (medion) has number 96 :-( Putting saa7134 from a 2.6.23 kernel into 2.6.18 doesn't work. Mogens -- Mogens Kjaer, Carlsberg A/S, Computer Department Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark Phone: +45 33 27 53 25, Fax: +45 33 27 47 08 Email: [EMAIL PROTECTED] Homepage: http://www.crc.dk ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.1, mythtv, saa7134_dvb?
On Jan 1, 2008 4:44 AM, Mogens Kjaer <[EMAIL PROTECTED]> wrote: > Alas, the saa7134 in 2.6.18 is too old for my card :-( > The driver in 2.6.18 supports card numbered 1 to 95. > My card (medion) has number 96 :-( > > Putting saa7134 from a 2.6.23 kernel into 2.6.18 doesn't work. Oh, this is unfortunate. In that case, the "easiest" way to get your card to work may be to use the 2.6.23 kernel. Of course, you'd have to take care of security fixes etc yourself... Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall frustration
Mark Weaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 31 Dec 2007 12:21:34 -0500 Robert Moskowitz <[EMAIL PROTECTED]> wrote: William L. Maltby wrote: On Mon, 2007-12-31 at 09:33 -0500, Robert Moskowitz wrote: Peter Farrell wrote: "Problem is I want a REAL router/firewall with little work." Run a smoothwall installtion and replace your CentOS install. http://www.smoothwall.org/ well first challenge is my unit's USB ethernet dongles. Centos uses the RTL 8150 driver for them. Smoothwall only lists the RTL 8129, 8139, and 8169... I've used this at home for years. I don't know if it's suitable, but it seems *very* flexible. Allows for NAT or not, has typical zones, reporting, IPTables modification support, ... http://www.ipcop.org/ Has run/tested successfully on various configurations here. It's another "ditch your CentOS" solution though. But you can put it on any old junk laying around and it'ss probably work. Using cable modem in the boonies, 486DX/66 gives about 450KB/sec, Pentium 200MHz pci gives <= 700MB/sec - both from decent sites. Tested using both ISA and PCI bus adapters through both twisted pair and thin coax. As I thought about things this morning, trying to put up smoothwall, I realized that one of my goals is to have a tool to turn a Centos system that I am using for foo, into a firewall for bar for a day. I have Astaro for my serious firewall needs (see later post), but need something 'portable'. You see I have these plans with some small itx systems have you considered linux that fits on a floppy disk? http://mypage.uniserve.ca/~thelinuxguy/small_and_floppy_linux/ http://www.linuxlinks.com/Distributions/Floppy/ http://www.dmoz.org/Computers/Software/Operating_Systems/Linux/Distributions/Tiny/Floppy_Sized/ get one running and configured and save to floppy... things go south reboot the machine and everything is back. no hard drives to worry about... Have you ever thought about how rare floppy drives are now? At best you go with a bootable usb, if your notebook supports bootable USB. My Libretto does have a bootable floppy, but that is something extra to carry. It will not boot from anything else (besides its HD). My nc4010 (this notebook) will boot from usb. My corp notebook (nc2400) is locked down; and I don't see any value at getting corp IT bent out of shape. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall frustration
On Tue, 1 Jan 2008, Robert Moskowitz wrote: Mark Weaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 31 Dec 2007 12:21:34 -0500 Robert Moskowitz <[EMAIL PROTECTED]> wrote: William L. Maltby wrote: On Mon, 2007-12-31 at 09:33 -0500, Robert Moskowitz wrote: Peter Farrell wrote: "Problem is I want a REAL router/firewall with little work." Run a smoothwall installtion and replace your CentOS install. http://www.smoothwall.org/ well first challenge is my unit's USB ethernet dongles. Centos uses the RTL 8150 driver for them. Smoothwall only lists the RTL 8129, 8139, and 8169... I've used this at home for years. I don't know if it's suitable, but it seems *very* flexible. Allows for NAT or not, has typical zones, reporting, IPTables modification support, ... http://www.ipcop.org/ Has run/tested successfully on various configurations here. It's another "ditch your CentOS" solution though. But you can put it on any old junk laying around and it'ss probably work. Using cable modem in the boonies, 486DX/66 gives about 450KB/sec, Pentium 200MHz pci gives <= 700MB/sec - both from decent sites. Tested using both ISA and PCI bus adapters through both twisted pair and thin coax. As I thought about things this morning, trying to put up smoothwall, I realized that one of my goals is to have a tool to turn a Centos system that I am using for foo, into a firewall for bar for a day. I have Astaro for my serious firewall needs (see later post), but need something 'portable'. You see I have these plans with some small itx systems have you considered linux that fits on a floppy disk? http://mypage.uniserve.ca/~thelinuxguy/small_and_floppy_linux/ http://www.linuxlinks.com/Distributions/Floppy/ http://www.dmoz.org/Computers/Software/Operating_Systems/Linux/Distributions/Tiny/Floppy_Sized/ get one running and configured and save to floppy... things go south reboot the machine and everything is back. no hard drives to worry about... Have you ever thought about how rare floppy drives are now? At best you go with a bootable usb, if your notebook supports bootable USB. My Libretto does have a bootable floppy, but that is something extra to carry. It will not boot from anything else (besides its HD). My nc4010 (this notebook) will boot from usb. My corp notebook (nc2400) is locked down; and I don't see any value at getting corp IT bent out of shape. Yes, floppy drives are rare - but they are still incredibly valuable. I've dealt with needing to install drivers from floppy for OSes, and the OSse are looking to floppy. I've needed DOS' fdisk to get me out of problems at times, and having a bootable copy of DOS on-hand has done the job. Some BIOS updates are only available from a bootable floppy (won't install to anything else). Saves times and frusteration in having a reusable floppy around than having to sometimes create a bootable CD to put the files on. Reuse the floppy as often as needed. Old hardware still exists and is usable, and sometimes only work, or work best, with floppies. Sometimes "old school" is still "good school". We still often use "VT100" or "3270" emulation for remote connectivity... Think about their origins. Scott ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.1, mythtv, saa7134_dvb?
Akemi Yagi wrote: On Jan 1, 2008 4:44 AM, Mogens Kjaer <[EMAIL PROTECTED]> wrote: Alas, the saa7134 in 2.6.18 is too old for my card :-( The driver in 2.6.18 supports card numbered 1 to 95. My card (medion) has number 96 :-( Putting saa7134 from a 2.6.23 kernel into 2.6.18 doesn't work. Oh, this is unfortunate. In that case, the "easiest" way to get your card to work may be to use the 2.6.23 kernel. Of course, you'd have to take care of security fixes etc yourself... Is there anything special I have to do to use a vanilla kernel on a Centos 5.1 machine? Nothing special hardware (except for the TV card), /boot and / on software RAID 1. The centos 2.6.18 kernel is build with 1084 (!) patches, I assume they are there for a reason. I stopped doing kernel compilations around RedHat 9... Mogens -- Mogens Kjaer, Carlsberg A/S, Computer Department Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark Phone: +45 33 27 53 25, Fax: +45 33 27 47 08 Email: [EMAIL PROTECTED] Homepage: http://www.crc.dk ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall frustration
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 1 Jan 2008 08:57:22 -0500 Robert Moskowitz <[EMAIL PROTECTED]> wrote: > Have you ever thought about how rare floppy drives are now? At best > you go with a bootable usb, if your notebook supports bootable USB. > My Libretto does have a bootable floppy, but that is something extra > to carry. It will not boot from anything else (besides its HD). My > nc4010 (this notebook) will boot from usb. My corp notebook (nc2400) > is locked down; and I don't see any value at getting corp IT bent out > of shape. why would you even think about using a Notebook computer as a firewall? I was assuming you were going to delegate this task to an older machine with sufficient resources to handle the task and not give the task to a notebook computer. - -- Mark "Drunkenness is not an excuse for stupidity. If you're stupid when you're sober then that's one thing, but if you're sober when you're stupid, then you're just plain stupid!" == Powered by CentOS5 (RHEL5) -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHelHmAHUWFbtwPigRAnENAJ4lTmw4Y/zYA0o2UoLkS9kfS0BmBgCfdCaY MMt82ApSGiXMHn10XOFXslQ= =fm8P -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.1, mythtv, saa7134_dvb?
Mogens Kjaer wrote: > Akemi Yagi wrote: >> On Jan 1, 2008 4:44 AM, Mogens Kjaer <[EMAIL PROTECTED]> wrote: >> >>> Alas, the saa7134 in 2.6.18 is too old for my card :-( >>> The driver in 2.6.18 supports card numbered 1 to 95. >>> My card (medion) has number 96 :-( >>> >>> Putting saa7134 from a 2.6.23 kernel into 2.6.18 doesn't work. >> >> Oh, this is unfortunate. In that case, the "easiest" way to get your >> card to work may be to use the 2.6.23 kernel. Of course, you'd have >> to take care of security fixes etc yourself... > > Is there anything special I have to do to use a vanilla kernel > on a Centos 5.1 machine? Nothing special hardware (except for > the TV card), /boot and / on software RAID 1. > > The centos 2.6.18 kernel is build with 1084 (!) patches, > I assume they are there for a reason. > > I stopped doing kernel compilations around RedHat 9... > Hmm ... I would try to use a newer Fedora kernel SRPM that meets the requirements. Or maybe even just use MythDora for this machine as it is specifically designed for mythtv boxes. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Firewall frustration
Mark Weaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 1 Jan 2008 08:57:22 -0500 Robert Moskowitz <[EMAIL PROTECTED]> wrote: Have you ever thought about how rare floppy drives are now? At best you go with a bootable usb, if your notebook supports bootable USB. My Libretto does have a bootable floppy, but that is something extra to carry. It will not boot from anything else (besides its HD). My nc4010 (this notebook) will boot from usb. My corp notebook (nc2400) is locked down; and I don't see any value at getting corp IT bent out of shape. why would you even think about using a Notebook computer as a firewall? I was assuming you were going to delegate this task to an older machine with sufficient resources to handle the task and not give the task to a notebook computer. I guess he wants it to be portable. He seems to be knowing his requirements a lot better than we do. It looks like he wants an easy firewall that would boot for HD only, cost nothing, and runs with usb ethernet devices. I really think he should carry an embedded firewall (like a soekris or a wrap) with pfsense on it. Ugo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Create Live CD (was: Firewall frustration)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Weaver wrote: > On a whim I googled live CD creation and came up with some very > interesting results. A CentOS LiveCD project already exists. You can customize your own LiveCD using CentOS 5 as the base OS. https://projects.centos.org/trac/livecd/ - -- Patrice -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHemEYjCX40vq+oyIRAgcVAJ9a5Hu3U0b9d/qdZqklgXZEic7wUQCeLvLo Zs2ayye9sSWDLhQe8O9dfRg= =BeeF -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Firewall frustration
Ugo Bellavance wrote: Mark Weaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 1 Jan 2008 08:57:22 -0500 Robert Moskowitz <[EMAIL PROTECTED]> wrote: Have you ever thought about how rare floppy drives are now? At best you go with a bootable usb, if your notebook supports bootable USB. My Libretto does have a bootable floppy, but that is something extra to carry. It will not boot from anything else (besides its HD). My nc4010 (this notebook) will boot from usb. My corp notebook (nc2400) is locked down; and I don't see any value at getting corp IT bent out of shape. why would you even think about using a Notebook computer as a firewall? I was assuming you were going to delegate this task to an older machine with sufficient resources to handle the task and not give the task to a notebook computer. I guess he wants it to be portable. He seems to be knowing his requirements a lot better than we do. It looks like he wants an easy firewall that would boot for HD only, cost nothing, and runs with usb ethernet devices. I really think he should carry an embedded firewall (like a soekris or a wrap) with pfsense on it. Old laptops make pretty good firewalls, I think. They take little space, have a built-in battery backup and built-in keyboard/monitor to use when you are visiting the datacenter. I have repurposed a couple of older laptops for these reasons since the machine doesn't need to be very fast to accomplish the mission. A lot of 3-4 year old laptops cave in under the weight of Windows, but are really overkill for a simple unix firewall. Better than sending them to the dustbin. Best, ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Firewall frustration
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 01 Jan 2008 10:32:14 -0500 Ugo Bellavance <[EMAIL PROTECTED]> wrote: > I guess he wants it to be portable. > > He seems to be knowing his requirements a lot better than we do. It > looks like he wants an easy firewall that would boot for HD only, > cost nothing, and runs with usb ethernet devices. > > I really think he should carry an embedded firewall (like a soekris > or a wrap) with pfsense on it. > > Ugo > well... if he built a live CD that would essentially "be" a portable firewall. Just boot the CD in what ever machine you've got it configured for and off you go. - -- Mark "Drunkenness is not an excuse for stupidity. If you're stupid when you're sober then that's one thing, but if you're sober when you're stupid, then you're just plain stupid!" == Powered by CentOS5 (RHEL5) -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHemhKAHUWFbtwPigRAls+AJ9kK/E6npMSwZVbtk2EaTwsAJXijQCfZXtM mY7S6pC9N2eqTK+8oVY5qts= =1aig -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Firewall frustration
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 01 Jan 2008 10:59:17 -0500 Chris Mauritz <[EMAIL PROTECTED]> wrote: > Old laptops make pretty good firewalls, I think. They take little > space, have a built-in battery backup and built-in keyboard/monitor > to use when you are visiting the datacenter. I have repurposed a > couple of older laptops for these reasons since the machine doesn't > need to be very fast to accomplish the mission. A lot of 3-4 year > old laptops cave in under the weight of Windows, but are really > overkill for a simple unix firewall. Better than sending them to the > dustbin. > > Best, > true... - -- Mark "Drunkenness is not an excuse for stupidity. If you're stupid when you're sober then that's one thing, but if you're sober when you're stupid, then you're just plain stupid!" == Powered by CentOS5 (RHEL5) -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHemiHAHUWFbtwPigRAowzAJ429jU5WZsIo9yA87vemrXm22PUJACfVGp7 RxnJ+67PIkCU7Do6+Nvfl6A= =c3oq -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall frustration
Scott Ehrlich wrote: On Tue, 1 Jan 2008, Robert Moskowitz wrote: Mark Weaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 31 Dec 2007 12:21:34 -0500 Robert Moskowitz <[EMAIL PROTECTED]> wrote: William L. Maltby wrote: On Mon, 2007-12-31 at 09:33 -0500, Robert Moskowitz wrote: Peter Farrell wrote: "Problem is I want a REAL router/firewall with little work." Run a smoothwall installtion and replace your CentOS install. http://www.smoothwall.org/ well first challenge is my unit's USB ethernet dongles. Centos uses the RTL 8150 driver for them. Smoothwall only lists the RTL 8129, 8139, and 8169... I've used this at home for years. I don't know if it's suitable, but it seems *very* flexible. Allows for NAT or not, has typical zones, reporting, IPTables modification support, ... http://www.ipcop.org/ Has run/tested successfully on various configurations here. It's another "ditch your CentOS" solution though. But you can put it on any old junk laying around and it'ss probably work. Using cable modem in the boonies, 486DX/66 gives about 450KB/sec, Pentium 200MHz pci gives <= 700MB/sec - both from decent sites. Tested using both ISA and PCI bus adapters through both twisted pair and thin coax. As I thought about things this morning, trying to put up smoothwall, I realized that one of my goals is to have a tool to turn a Centos system that I am using for foo, into a firewall for bar for a day. I have Astaro for my serious firewall needs (see later post), but need something 'portable'. You see I have these plans with some small itx systems have you considered linux that fits on a floppy disk? http://mypage.uniserve.ca/~thelinuxguy/small_and_floppy_linux/ http://www.linuxlinks.com/Distributions/Floppy/ http://www.dmoz.org/Computers/Software/Operating_Systems/Linux/Distributions/Tiny/Floppy_Sized/ get one running and configured and save to floppy... things go south reboot the machine and everything is back. no hard drives to worry about... Have you ever thought about how rare floppy drives are now? At best you go with a bootable usb, if your notebook supports bootable USB. My Libretto does have a bootable floppy, but that is something extra to carry. It will not boot from anything else (besides its HD). My nc4010 (this notebook) will boot from usb. My corp notebook (nc2400) is locked down; and I don't see any value at getting corp IT bent out of shape. Yes, floppy drives are rare - but they are still incredibly valuable. I've dealt with needing to install drivers from floppy for OSes, and the OSse are looking to floppy. I've needed DOS' fdisk to get me out of problems at times, and having a bootable copy of DOS on-hand has done the job. Some BIOS updates are only available from a bootable floppy (won't install to anything else). Saves times and frusteration in having a reusable floppy around than having to sometimes create a bootable CD to put the files on. Reuse the floppy as often as needed. I have a USB floppy that came with my Toshiba 3490. It is a very valuable part of my 'tool box'. Old hardware still exists and is usable, and sometimes only work, or work best, with floppies. Sometimes "old school" is still "good school". Talk to me about 'old school'. I sat at my first Teletype in '66 as a Junior in High School, learning Dartmouth Basic... But I am looking at what I can easily travel with, and a floppy is NOT part of a traveling collection. Enough gear to upset TSA as it is. We still often use "VT100" or "3270" emulation for remote connectivity... Think about their origins. Check out who chaired the TN3270E workgroup ;) Want to discuss LU2 management layer? Not really, some things are best left in the dust heap. Along with those 55 Baud Teletypes! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall frustration
Mark Weaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 1 Jan 2008 08:57:22 -0500 Robert Moskowitz <[EMAIL PROTECTED]> wrote: Have you ever thought about how rare floppy drives are now? At best you go with a bootable usb, if your notebook supports bootable USB. My Libretto does have a bootable floppy, but that is something extra to carry. It will not boot from anything else (besides its HD). My nc4010 (this notebook) will boot from usb. My corp notebook (nc2400) is locked down; and I don't see any value at getting corp IT bent out of shape. why would you even think about using a Notebook computer as a firewall? I was assuming you were going to delegate this task to an older machine with sufficient resources to handle the task and not give the task to a notebook computer. Of course in my lab, the firewall is a 'older' machine. But I want to learn from this so that when I am at a conference or trade show and need a firewall 'fast', I can put up the services on one of my Centos notebooks. BTW, WRT 'older' machines. I am looking more at the cost of running these machines (power draw). It is not just a matter of the $0.124/KWH that I pay, but the cost to add another circuit (my NOC shares two circuits that were already runnning at 50% utilizatoin), and the cost of cooling in the summer (we added a tap into the cold air return system by the rack fans to capture the computer heat for the winter). I just got the firewall running (see later note) on a decTOP micro PC that I pulled the 10Gb 3.5" drive and installed a 2.5" 6Gb drive. The system pulls about 10W! Compared to ~100W for some of my Compaq SFFs. Let's see 90W/day = 2.16KWH = ~$0.27/day = ~$97.76/year. That can pay for replacing another old Compaq with another decTOP (well not really as you have to add memory, switch out drives, and add a second USB ethernet dongle; guess the ROI is around 2 years). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Firewall frustration
Chris Mauritz wrote: > Ugo Bellavance wrote: >> Mark Weaver wrote: >>> -BEGIN PGP SIGNED MESSAGE- >>> Hash: SHA1 >>> >>> On Tue, 1 Jan 2008 08:57:22 -0500 >>> Robert Moskowitz <[EMAIL PROTECTED]> wrote: Have you ever thought about how rare floppy drives are now? At best you go with a bootable usb, if your notebook supports bootable USB. My Libretto does have a bootable floppy, but that is something extra to carry. It will not boot from anything else (besides its HD). My nc4010 (this notebook) will boot from usb. My corp notebook (nc2400) is locked down; and I don't see any value at getting corp IT bent out of shape. >>> >>> why would you even think about using a Notebook computer as a firewall? >>> I was assuming you were going to delegate this task to an older machine >>> with sufficient resources to handle the task and not give the task to a >>> notebook computer. >> >> I guess he wants it to be portable. >> >> He seems to be knowing his requirements a lot better than we do. It >> looks like he wants an easy firewall that would boot for HD only, cost >> nothing, and runs with usb ethernet devices. >> >> I really think he should carry an embedded firewall (like a soekris or >> a wrap) with pfsense on it. > > Old laptops make pretty good firewalls, I think. They take little > space, have a built-in battery backup and built-in keyboard/monitor to > use when you are visiting the datacenter. I have repurposed a couple > of older laptops for these reasons since the machine doesn't need to be > very fast to accomplish the mission. A lot of 3-4 year old laptops cave > in under the weight of Windows, but are really overkill for a simple > unix firewall. Better than sending them to the dustbin. > hmmm ... I would think that they do not handle heat very well though. Maybe they do, and certainly it is better than throwing them away I guess. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Firewall frustration
Ugo Bellavance wrote: Mark Weaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 1 Jan 2008 08:57:22 -0500 Robert Moskowitz <[EMAIL PROTECTED]> wrote: Have you ever thought about how rare floppy drives are now? At best you go with a bootable usb, if your notebook supports bootable USB. My Libretto does have a bootable floppy, but that is something extra to carry. It will not boot from anything else (besides its HD). My nc4010 (this notebook) will boot from usb. My corp notebook (nc2400) is locked down; and I don't see any value at getting corp IT bent out of shape. why would you even think about using a Notebook computer as a firewall? I was assuming you were going to delegate this task to an older machine with sufficient resources to handle the task and not give the task to a notebook computer. I guess he wants it to be portable. He seems to be knowing his requirements a lot better than we do. It looks like he wants an easy firewall that would boot for HD only, cost nothing, and runs with usb ethernet devices. I really think he should carry an embedded firewall (like a soekris or a wrap) with pfsense on it. I have enough gear to get through TSA. My next trip will have me carrying 3 laptops (granted 2 are 12" and one 7") and one microITX box. Plus a bunch of USB gizmos, my Bose 2 headphones, etc. And I do carryon, so space is at a premium. The boxes here in the lab are not portable, but the learning has to be. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Firewall frustration
Chris Mauritz wrote: Ugo Bellavance wrote: Mark Weaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 1 Jan 2008 08:57:22 -0500 Robert Moskowitz <[EMAIL PROTECTED]> wrote: Have you ever thought about how rare floppy drives are now? At best you go with a bootable usb, if your notebook supports bootable USB. My Libretto does have a bootable floppy, but that is something extra to carry. It will not boot from anything else (besides its HD). My nc4010 (this notebook) will boot from usb. My corp notebook (nc2400) is locked down; and I don't see any value at getting corp IT bent out of shape. why would you even think about using a Notebook computer as a firewall? I was assuming you were going to delegate this task to an older machine with sufficient resources to handle the task and not give the task to a notebook computer. I guess he wants it to be portable. He seems to be knowing his requirements a lot better than we do. It looks like he wants an easy firewall that would boot for HD only, cost nothing, and runs with usb ethernet devices. I really think he should carry an embedded firewall (like a soekris or a wrap) with pfsense on it. Old laptops make pretty good firewalls, I think. They take little space, have a built-in battery backup and built-in keyboard/monitor to use when you are visiting the datacenter. I have repurposed a couple of older laptops for these reasons since the machine doesn't need to be very fast to accomplish the mission. A lot of 3-4 year old laptops cave in under the weight of Windows, but are really overkill for a simple unix firewall. Better than sending them to the dustbin. I have a Dell notebook that functions as my backup Win2000 family finance system. Next project is to see if I can reuse that old Toshiba 4000cdt box ;) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Firewall frustration
Mark Weaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 01 Jan 2008 10:32:14 -0500 Ugo Bellavance <[EMAIL PROTECTED]> wrote: I guess he wants it to be portable. He seems to be knowing his requirements a lot better than we do. It looks like he wants an easy firewall that would boot for HD only, cost nothing, and runs with usb ethernet devices. I really think he should carry an embedded firewall (like a soekris or a wrap) with pfsense on it. Ugo well... if he built a live CD that would essentially "be" a portable firewall. Just boot the CD in what ever machine you've got it configured for and off you go. bad assumption about available CD. But bootable USB is an option, and they are cheap enough (check out ecost countdowns), and hold more than a CD. That will be coming next. Centos on a USB drive. DSL on USB is supposedly 'easy'. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall frustration
Firewall is up and running. Used Shorewall with Webmin. Les Bell wrote: Robert Spangler <[EMAIL PROTECTED]> wrote: While IPTABLES might be CHEAP (price) it is a very good firewall. Learn to set it up from the command line, it isn't that hard. << Amen. I've been using CentOS for firewalls here for a long time now, with hand-written rules. Besides, generic firewall configuration tools don't - can't - know about many of the more advanced modules and features of iptables. I spent much of the past 24 hours trying to find out how to set up iptables for firewall routing WITHOUT NATing. Could not find anything. So I decided to try out shorewall, which has a front end in Webmin. The 'nice' thing about this was as I built a portion of Shorewall (say the zones), I could sue the Webmin edit the conf file directly to see the 'raw' config file and looky there, a URL for a help page! Taking it slow, I got Shorewall up in about 1 hour. But I have questions for the Shorewall people. They talk about iptables, then netfilter. The site says that Shorewall is not a deamon. Well I see a Shorewall service running. Can't see that is using any cpu cycles or how much memory. The iptables have the same content they had when I used the upstream's tool at Centos install time to set up basic 'firewall' features. So what gives ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Firewall frustration
--- Johnny Hughes <[EMAIL PROTECTED]> wrote: > Chris Mauritz wrote: > > Ugo Bellavance wrote: > >> Mark Weaver wrote: > >>> -BEGIN PGP SIGNED MESSAGE- > >>> Hash: SHA1 > >>> > >>> On Tue, 1 Jan 2008 08:57:22 -0500 > >>> Robert Moskowitz <[EMAIL PROTECTED]> wrote: > Have you ever thought about how rare floppy > drives are now? At best > you go with a bootable usb, if your notebook > supports bootable USB. > My Libretto does have a bootable floppy, but > that is something extra > to carry. It will not boot from anything else > (besides its HD). My > nc4010 (this notebook) will boot from usb. My > corp notebook (nc2400) > is locked down; and I don't see any value at > getting corp IT bent out > of shape. > >>> > >>> why would you even think about using a Notebook > computer as a firewall? > >>> I was assuming you were going to delegate this > task to an older machine > >>> with sufficient resources to handle the task and > not give the task to a > >>> notebook computer. > >> > >> I guess he wants it to be portable. > >> > >> He seems to be knowing his requirements a lot > better than we do. It > >> looks like he wants an easy firewall that would > boot for HD only, cost > >> nothing, and runs with usb ethernet devices. > >> > >> I really think he should carry an embedded > firewall (like a soekris or > >> a wrap) with pfsense on it. > > > > Old laptops make pretty good firewalls, I think. > They take little > > space, have a built-in battery backup and built-in > keyboard/monitor to > > use when you are visiting the datacenter. I have > repurposed a couple > > of older laptops for these reasons since the > machine doesn't need to be > > very fast to accomplish the mission. A lot of 3-4 > year old laptops cave > > in under the weight of Windows, but are really > overkill for a simple > > unix firewall. Better than sending them to the > dustbin. > > > > hmmm ... I would think that they do not handle heat > very well though. > > Maybe they do, and certainly it is better than > throwing them away I guess. > > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > The bad thing is if you always keep the laptop plugged in the battery will be useless and will not hold a charge. That is what happen with one of my laptops. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Firewall frustration
Robert Moskowitz wrote: Firewall is up and running. Used Shorewall with Webmin. Les Bell wrote: Robert Spangler <[EMAIL PROTECTED]> wrote: While IPTABLES might be CHEAP (price) it is a very good firewall. Learn to set it up from the command line, it isn't that hard. << Amen. I've been using CentOS for firewalls here for a long time now, with hand-written rules. Besides, generic firewall configuration tools don't - can't - know about many of the more advanced modules and features of iptables. I spent much of the past 24 hours trying to find out how to set up iptables for firewall routing WITHOUT NATing. Could not find anything. So I decided to try out shorewall, which has a front end in Webmin. The 'nice' thing about this was as I built a portion of Shorewall (say the zones), I could sue the Webmin edit the conf file directly to see the 'raw' config file and looky there, a URL for a help page! Taking it slow, I got Shorewall up in about 1 hour. But I have questions for the Shorewall people. They talk about iptables, then netfilter. The site says that Shorewall is not a deamon. Well I see a Shorewall service running. Can't see that is using any cpu cycles or how much memory. The iptables have the same content they had when I used the upstream's tool at Centos install time to set up basic 'firewall' features. So what gives There is also an iptables 'service', that doesn't mean there is a deamon. It is a simple way to start the firewall at boot time. Have you checked m0n0wall/pfsense livecd? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall frustration
On 02/01/2008, at 4:11 AM, Robert Moskowitz wrote: I spent much of the past 24 hours trying to find out how to set up iptables for firewall routing WITHOUT NATing. Could not find anything. *boggle* Is it really that hard? ## Clear up whatever is in there at the moment. iptables -F INPUT iptables -F FORWARD iptables -F OUTPUT iptables -t nat -F POSTROUTING ## Accept anything related to existing connections iptables -A INPUT -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT ## I want to allow incoming port 80 to 1.2.3.4 iptables -A FORWARD -i ppp0 -d 1.2.3.4 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT ## I want to allow incoming port 123 (ntp) to 1.2.3.6 iptables -A FORWARD -i ppp0 -d 1.2.3.6 -p udp -m udp --dport 123 -j ACCEPT ## Lets block ALL other incoming things iptables -A INPUT -j DROP iptables -A FORWARD -j DROP There you go. That's a very basic firewall using iptables in about 3 minutes :) -- Steven Haigh Email: [EMAIL PROTECTED] Web: http://www.crc.id.au Phone: (03) 9001 6090 - 0412 935 897 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] drbd on CentOS 5
On Fri, 2007-12-07 at 22:40 +0100, Fabian Arrotin wrote: > No, you don't need the centosplus kernel to use DRBD ... but actually > there is no (not yet) kmod-drbd for the current (and updated) CentOS 5.1 > kernel. They'll appear soon Sorry for the late reply: thanks for the answer, Fabian. Much appreciated. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.22.9-61.fc6 i686 GNU/Linux 13:28:34 up 15 days, 11:56, 1 user, load average: 0.44, 0.47, 0.42 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall frustration
Steven Haigh kirjoitti viestissään (lähetysaika tiistai, 1. tammikuuta 2008 20:23): > On 02/01/2008, at 4:11 AM, Robert Moskowitz wrote: > > I spent much of the past 24 hours trying to find out how to set up > > iptables for firewall routing WITHOUT NATing. Could not find anything. > There you go. That's a very basic firewall using iptables in about 3 > minutes :) > > -- > Steven Haigh How about look: http://easyfwgen.morizot.net/gen/ It has been quite long time very easy tool for n00bs to generate rules... I've using it for ages now. After generation very easy to use and configure more rules, if needed. Jarmo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Firewall frustration
--- Steven Vishoot <[EMAIL PROTECTED]> wrote: > > --- Johnny Hughes <[EMAIL PROTECTED]> wrote: > > > Chris Mauritz wrote: > > > Ugo Bellavance wrote: > > >> Mark Weaver wrote: > > >>> -BEGIN PGP SIGNED MESSAGE- > > >>> Hash: SHA1 > > >>> > > >>> On Tue, 1 Jan 2008 08:57:22 -0500 > > >>> Robert Moskowitz <[EMAIL PROTECTED]> wrote: > > Have you ever thought about how rare floppy > > drives are now? At best > > you go with a bootable usb, if your notebook > > supports bootable USB. > > My Libretto does have a bootable floppy, but > > that is something extra > > to carry. It will not boot from anything > else > > (besides its HD). My > > nc4010 (this notebook) will boot from usb. > My > > corp notebook (nc2400) > > is locked down; and I don't see any value at > > getting corp IT bent out > > of shape. > > >>> > > >>> why would you even think about using a > Notebook > > computer as a firewall? > > >>> I was assuming you were going to delegate this > > task to an older machine > > >>> with sufficient resources to handle the task > and > > not give the task to a > > >>> notebook computer. > > >> > > >> I guess he wants it to be portable. > > >> > > >> He seems to be knowing his requirements a lot > > better than we do. It > > >> looks like he wants an easy firewall that would > > boot for HD only, cost > > >> nothing, and runs with usb ethernet devices. > > >> > > >> I really think he should carry an embedded > > firewall (like a soekris or > > >> a wrap) with pfsense on it. > > > > > > Old laptops make pretty good firewalls, I think. > > > They take little > > > space, have a built-in battery backup and > built-in > > keyboard/monitor to > > > use when you are visiting the datacenter. I > have > > repurposed a couple > > > of older laptops for these reasons since the > > machine doesn't need to be > > > very fast to accomplish the mission. A lot of > 3-4 > > year old laptops cave > > > in under the weight of Windows, but are really > > overkill for a simple > > > unix firewall. Better than sending them to the > > dustbin. > > > > > > > hmmm ... I would think that they do not handle > heat > > very well though. > > > > Maybe they do, and certainly it is better than > > throwing them away I guess. > > > > > ___ > > CentOS mailing list > > CentOS@centos.org > > http://lists.centos.org/mailman/listinfo/centos > > > The bad thing is if you always keep the laptop > plugged > in the battery will be useless and will not hold a > charge. That is what happen with one of my laptops. > You can always take the battery out and keep it plugged in. Runs cooler, too. Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firewall frustration
Thanks I will read this through a bit later. Perhaps I was making more of it than needed, but my attempts were not working. And all I was trying for at first was to allow SSH through. Steven Haigh wrote: On 02/01/2008, at 4:11 AM, Robert Moskowitz wrote: I spent much of the past 24 hours trying to find out how to set up iptables for firewall routing WITHOUT NATing. Could not find anything. *boggle* Is it really that hard? ## Clear up whatever is in there at the moment. iptables -F INPUT iptables -F FORWARD iptables -F OUTPUT iptables -t nat -F POSTROUTING ## Accept anything related to existing connections iptables -A INPUT -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT ## I want to allow incoming port 80 to 1.2.3.4 iptables -A FORWARD -i ppp0 -d 1.2.3.4 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT ## I want to allow incoming port 123 (ntp) to 1.2.3.6 iptables -A FORWARD -i ppp0 -d 1.2.3.6 -p udp -m udp --dport 123 -j ACCEPT ## Lets block ALL other incoming things iptables -A INPUT -j DROP iptables -A FORWARD -j DROP There you go. That's a very basic firewall using iptables in about 3 minutes :) -- Steven Haigh Email: [EMAIL PROTECTED] Web: http://www.crc.id.au Phone: (03) 9001 6090 - 0412 935 897 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] cron clarification
What is the ramifications to simply placing scripts in the /etc/cron.hourly directory as opposed to actually adding jobs via the crontab -e method? Is there any significance to using one method versus the other? Thanks! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cron clarification
On Jan 1, 2008 6:08 PM, Joseph L. Casale <[EMAIL PROTECTED]> wrote: > What is the ramifications to simply placing scripts in the /etc/cron.hourly > directory as opposed to actually adding jobs via the crontab -e method? > Is there any significance to using one method versus the other? Using /etc/cron.hourly is better for applications which use cron jobs. When you install the application, it just has to drop a file in a directory rather than parsing a particular user's crontab. It also provides a central location to look for jobs, rather than parsing a number of different user files to figure out your hourly tasks (for system user tasks, not actual people tasks). -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cron clarification
On Tue, Jan 01, 2008 at 04:08:17PM -0700, Joseph L. Casale wrote: > What is the ramifications to simply placing scripts in the /etc/cron.hourly > directory as opposed to actually adding jobs via the crontab -e method? > Is there any significance to using one method versus the other? If you don't need to run something at a specific time then cron.hourly is easier and simpler. Just drop the script into the directory. If you need something at a specific time then look into /etc/cron.d/ which is similar to traditional crontab format, but again is simply a matter of dropping files into that directory. eg % cat /etc/cron.d/sysstat # run system activity accounting tool every 10 minutes */10 * * * * root /usr/lib/sa/sa1 1 1 # generate a daily summary of process accounting at 23:53 53 23 * * * root /usr/lib/sa/sa2 -A Traditional crontab entries do still work, if you really want to deal with that, but it's harder to automate install/uninstalls. -- rgds Stephen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] cron clarification
>Traditional crontab entries do still work, if you really want to deal >with that, but it's harder to automate install/uninstalls. > >-- > >rgds >Stephen Thanks Stephen and Jim! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Regd: CentOS 4.4 Installtion Screen Shots
Dear All, I want to take a moment to thank everyone who responded to my query. Regards -S.Balaji Craig White wrote: On Mon, 2007-12-31 at 17:55 -0500, Jim Perrin wrote: On Dec 31, 2007 4:55 PM, William L. Maltby <[EMAIL PROTECTED]> wrote: And I was so trying to not fill in for Perrin(?). We've had enough flame wars for this decade and I was hoping to avoid another. You'll notice that I consciously did not post a reply to this thread specifically to... DAMMIT how to I always get drawn into these things! :-P Hope everyone is having, had, or will have a happy new year! My resolutions involve being kinder to folks on the list, offering solid advice without snarky comments, and doing charity work once a month! Rails & Ruby developers understand...it's called MINASWAN 'Matz is nice and so we are nice' (Matz being the short name for the Yukihiro Matsumoto, the creator of the ruby language) It's civil territory. You couldn't handle it...they say once a dog gets the taste of blood into their mouth, they never forget. ;-) Happy new year back to ya Craig ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
