Re: Problem with RAID1 on kernel 2.4
Hello Russell Yes it was nr-spare-disks 1 I just cut and copied setup from another machine and edited to illustrate my message. I missed the spare disks. :-( At least raidtools2 shouts very quickly when you do that (I know!). Thanks Ian On 27 Feb 2002, at 15:14, Russell Coker wrote: On Wed, 27 Feb 2002 14:53, you wrote: when it should have been raiddev /dev/md0 raid-level1 nr-raid-disks 2 nr-spare-disks0 Surely that should be nr-spare-disks 1? chunk-size4 persistent-superblock 1 device/dev/hda5 raid-disk 0 device/dev/hdc5 failed-disk 1 device/dev/hde5 spare-disk 0 NB note the last line of each block. The man page shows and example but it is not clear on how the index numbers should be set. The man page for mdctl is worse... :( -- If you send email to me or to a mailing list that I use which has 4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void. - Ian Forbes ZSD http://www.zsd.co.za Office: +27 21 683-1388 Fax: +27 21 674-1106 Snail Mail: P.O. Box 46827, Glosderry, 7702, South Africa - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Welcome to Liers_dot_net_Liers_dot_org_auction_notification_list
-- Welcome to the liers.org/liers.net auction notification list. You are receiving this message because you have been subscribed to this list. This list has been setup to notify you when the auction of liers.org and liers.net, on eBay commences. If you do not wish to be on this list you can unsubscribe at: http://x.vwx.com:81/guest/RemoteListSummary/Liers_dot_net_Liers_dot_org_auction_notification_list; You have been added to this list either by your request or the request of another as an interested party to this auction. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: duplicate file
On Thu, Feb 28, 2002 at 11:15:27 +0100, Michal Novotny wrote: Hello, could anybody help me with error below? Maildrop wasn't been installed :( A bug report has already been filed for this problem and is being worked on; see http://bugs.debian.org/134639 . dpkg: error processing /var/cache/apt/archives/maildrop_1.3.7-2_i386.deb (--unpack): trying to overwrite `/usr/share/man/man7/maildirquota.7.gz', which is also in package courier-base As a workaround, install the package manually: dpkg --force-overwrite -OEG -i /var/cache/apt/archives/maildrop_1.3.7-2_i386.deb HTH, Ray -- UNFAIR Term applied to advantages enjoyed by other people which we tried to cheat them out of and didn't manage. See also DISHONESTY, SNEAKY, UNDERHAND and JUST LUCKY I GUESS. - The Hipcrime Vocab by Chad C. Mulligan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: LSM or GRSecurity
On Wed, 27 Feb 2002 15:14, Jason Lim wrote: So you just applied the kernel patches (they work on 2.4.17, right?), and that should be it? Blah... I know I should be installing the package and Yes, it just works! I started with Linux when patching your own kernel was expected, and something you did regularly. So I've never had any aversion to patching kernels, running beta kernels on servers, etc. I can understand how you might get nervous about it though. One thing to note with grsecurity, lsm, and probably many other kernel patches is that the feature set that's available depends on the version of the kernel you use. The current grsecurity kernel-patch package has two versions of the patch, 1.9.2 for kernels = 2.4.16 and 1.8.9 for kernels = 2.4.14. I am not sure which version you'll get if you apply it to 2.4.15. -- If you send email to me or to a mailing list that I use which has 4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Traffic monitoring/logging question
mm nice scheme. Did you wrote an RFC or ?? (uppercase must, can ;) The key is to the be able to account the traffic which is a miss in squid and this, on a per client basis. Squid have a mib which give you such stats, this is good. I developed an addon to this mib to get a per subnet stats, if you 're interested, i can send you the patch. So, you can use iptables accounting: using the right setup should be easy. The only tricky part is for ftp, irc etc.. traffic: you need to use the new --helper feature of iptables which match any traffic that use the ipconntrack helper moduler XXX. Aggregating all these information will give you the numbers you want. For stocking and reporting, you can use mrtg or cricket or a script and RRDtool or logtrend which is pretty nice but still very poor snmp wise. Hope that help, JeF On Wed, Feb 27, 2002 at 04:41:36PM +0100, Auke Rensen wrote: For our company's shared internet connection, I'm looking for a utility to monitor and log the generated traffic over the internet connection. As you can see there are two LAN's connected to a firewall/proxy server. The firewall uses IPTables, DNAT and SNAT. Situation sketch -- | Internet | -- | _| / | = eth0 _| |__| --- |__| = | Debian GNU/Linux Firewall | | | = | Release: Unstable | | | = | Kernel: 2.4.16| |+ === | = | Proxy: Squid | | | --- | | | | |__| eth1 = || = eth2 || ||__ | | | | |---|---| | LAN1 | | |---|---| LAN2 What I'm looking for is a application (or a combination of multiple) witch can build some usage reports. We need this information to share the bill of the internet connection fairly. I'd like to be able to create daily, weekly, monthly and yearly reports. What I'd like to know is if someone knows a utility witch is at least capable of giving the following statistics: Traffic from: - - LAN1 = internet, in bytes. - LAN2 = internet, in bytes. - LAN1 = LAN2, in bytes. - Total amount of traffic from all LAN's = Internet. Reports: I'd prefer the reports in some kind of graphical way, but plain text would also be fine. I need to get per host statistics, to compare them to the total amount of traffic Note: - The clients on both LAN's use the firewall as proxy server (...) This traffic MUST also be included in the statistics. I know this all CAN be done, but I don't know where to start. Can anybody help me? Thanks in advance, A.M. (Auke) Rensen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- - Jean-Francois Dive -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: BGP4/OSPF routing daemon for Linux?
Hi, We've had gated running as a customer router a few years ago on a bsdi system with 20+ network interfaces and it ran pretty stable. Probably it would run pretty stable on linux too. However i think gated is not really 'free' so i would choose zebra if i ever needed bgp or ospf on linux again. I remember licence costs of gated were as much as a huge cisco few years back (but i could be wrong, ofcourse). Regards, Tommy On Thu, 28 Feb 2002, Christian Hammers wrote: Hello I would like to replace a Cisco router by a Linux box and therefore need a stable(!) BGP4/OSPF routing daemon. Has anybody here ever used Zebra/MRTd/gated in production environment? thanks, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 [EMAIL PROTECTED] Internet Security for ProfessionalsFax 0241/911879 WESTEND ist CISCO Systems Partner - Premium Certified -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Best mail setup?
Hi, I'm currently looking to impliment a new mail system. I was wondering what your recommendations would be for 50 (and growing) virtual hosts. We want something that doesn't require a seperate system user for each virt-user account, and something that's relatively easy to configure. Any suggestions are welcome. Thanks, Darryl -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: BGP4/OSPF routing daemon for Linux?
That's a yes, but because of security/bugs you'll have to update your ios more often than a current woody installation. ios needs a reboot, linux don't. I bet if you count montly uptimes in % a woody will currently get higher availability % than an average ios ;) (but i personally prefer ios above linux too.. who's gonna port an ios interface to linux? ios uses gpl fragments, shouldn't it be released in source anyway?) Tommy On Fri, 1 Mar 2002, Jean-Francois Dive wrote: a stable BGP imlementation is very importantn, i'd personally keep the cisco for that, especially if you are a 'CISCO Systems Partner - Premium Certified' ;) JeF On Thu, Feb 28, 2002 at 03:45:23PM +0100, Christian Hammers wrote: Hello I would like to replace a Cisco router by a Linux box and therefore need a stable(!) BGP4/OSPF routing daemon. Has anybody here ever used Zebra/MRTd/gated in production environment? thanks, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 [EMAIL PROTECTED] Internet Security for ProfessionalsFax 0241/911879 WESTEND ist CISCO Systems Partner - Premium Certified -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- - Jean-Francois Dive -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] --- Hi how are u? I'll send you my .sig in order to have your advice -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Traffic monitoring/logging question
Auke Rensen, Wed, Feb 27, 2002 at 04:41:36PM +0100: What I'm looking for is a application (or a combination of multiple) witch can build some usage reports We need this information to share the bill of the internet connection fairly I'd like to be able to create daily, weekly, monthly and yearly reports What I'd like to know is if someone knows a utility witch is at least capable of giving the following statistics: If I'm not mistaken, mrtg can be integrated with iptables/ipchains to produce the stats you need You might want to have a look at ntop as well g msg05584/pgp0.pgp Description: PGP signature
Re: Traffic monitoring/logging question
Be aware that on-the-wire counting will give you traffic counts inclusive of packet overhead, whereas counting in squid will give you only the size of the content in question. Don't do math on these things, as one rather large provider used to do ;) Be aware of media-specific packet wrapping sizes, and be aware of the difference between the size of the content, and the size of the content + IP headers. KevinL On Fri, 2002-03-01 at 08:17, Jean-Francois Dive wrote: mm nice scheme. Did you wrote an RFC or ?? (uppercase must, can ;) The key is to the be able to account the traffic which is a miss in squid and this, on a per client basis. Squid have a mib which give you such stats, this is good. I developed an addon to this mib to get a per subnet stats, if you 're interested, i can send you the patch. So, you can use iptables accounting: using the right setup should be easy. The only tricky part is for ftp, irc etc.. traffic: you need to use the new --helper feature of iptables which match any traffic that use the ipconntrack helper moduler XXX. Aggregating all these information will give you the numbers you want. For stocking and reporting, you can use mrtg or cricket or a script and RRDtool or logtrend which is pretty nice but still very poor snmp wise. Hope that help, JeF -- Internet techieObsidian Consulting Group Phone: +613 9653 9364Fax: +613 9354 2681 http://www.obsidian.com.au/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: BGP4/OSPF routing daemon for Linux?
On Fri, Mar 01, 2002 at 02:26:32AM +0100, Tommy van Leeuwen wrote: That's a yes, but because of security/bugs you'll have to update your ios more often than a current woody installation. ios needs a reboot, linux don't. mmm well, BGP security bugs in IOS are not that common. If you have a quite secure setup around it and not use fancy setup, the uptime should stay pretty good i reckon. Even if i agree that rebooting a BGP router is always a pain.. I dont specifically prefer IOS over linux, it really depends on what i wanna do with the box. Honestly, you dont want to see the IOS code, really: it is fat, huge (more than 700 Mo last time i looked) and is not all the time very nice to read. For the ios interface, i reckon it does already exist. some guys at the Cisco TAC in brussel are working on it. JeF I bet if you count montly uptimes in % a woody will currently get higher availability % than an average ios ;) (but i personally prefer ios above linux too.. who's gonna port an ios interface to linux? ios uses gpl fragments, shouldn't it be released in source anyway?) Tommy On Fri, 1 Mar 2002, Jean-Francois Dive wrote: a stable BGP imlementation is very importantn, i'd personally keep the cisco for that, especially if you are a 'CISCO Systems Partner - Premium Certified' ;) JeF On Thu, Feb 28, 2002 at 03:45:23PM +0100, Christian Hammers wrote: Hello I would like to replace a Cisco router by a Linux box and therefore need a stable(!) BGP4/OSPF routing daemon. Has anybody here ever used Zebra/MRTd/gated in production environment? thanks, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 [EMAIL PROTECTED] Internet Security for ProfessionalsFax 0241/911879 WESTEND ist CISCO Systems Partner - Premium Certified -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- - Jean-Francois Dive -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] --- Hi how are u? I'll send you my .sig in order to have your advice -- - Jean-Francois Dive -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: LSM or GRSecurity
Thanks for the info on this. I'll try out GRSec 1.9.2. Are there any Debian packages, besides the actual patch itself, that i need to download (or perhaps would be benefitial in supplementing GRSec, even if not required)? Thanks. - Original Message - From: Russell Coker [EMAIL PROTECTED] To: Jason Lim [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, February 28, 2002 10:31 PM Subject: Re: LSM or GRSecurity On Wed, 27 Feb 2002 15:14, Jason Lim wrote: So you just applied the kernel patches (they work on 2.4.17, right?), and that should be it? Blah... I know I should be installing the package and Yes, it just works! I started with Linux when patching your own kernel was expected, and something you did regularly. So I've never had any aversion to patching kernels, running beta kernels on servers, etc. I can understand how you might get nervous about it though. One thing to note with grsecurity, lsm, and probably many other kernel patches is that the feature set that's available depends on the version of the kernel you use. The current grsecurity kernel-patch package has two versions of the patch, 1.9.2 for kernels = 2.4.16 and 1.8.9 for kernels = 2.4.14. I am not sure which version you'll get if you apply it to 2.4.15. -- If you send email to me or to a mailing list that I use which has 4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Problem with RAID1 on kernel 2.4
Hello Russell Yes it was nr-spare-disks 1 I just cut and copied setup from another machine and edited to illustrate my message. I missed the spare disks. :-( At least raidtools2 shouts very quickly when you do that (I know!). Thanks Ian On 27 Feb 2002, at 15:14, Russell Coker wrote: On Wed, 27 Feb 2002 14:53, you wrote: when it should have been raiddev /dev/md0 raid-level1 nr-raid-disks 2 nr-spare-disks0 Surely that should be nr-spare-disks 1? chunk-size4 persistent-superblock 1 device/dev/hda5 raid-disk 0 device/dev/hdc5 failed-disk 1 device/dev/hde5 spare-disk 0 NB note the last line of each block. The man page shows and example but it is not clear on how the index numbers should be set. The man page for mdctl is worse... :( -- If you send email to me or to a mailing list that I use which has 4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void. - Ian Forbes ZSD http://www.zsd.co.za Office: +27 21 683-1388 Fax: +27 21 674-1106 Snail Mail: P.O. Box 46827, Glosderry, 7702, South Africa -
duplicate file
Hello, could anybody help me with error below? Maildrop wasn't been installed :( Thank you. Regards Michal Novotny dpkg: error processing /var/cache/apt/archives/maildrop_1.3.7-2_i386.deb (--unpack): trying to overwrite `/usr/share/man/man7/maildirquota.7.gz', which is also in package courier-base Errors were encountered while processing: /var/cache/apt/archives/maildrop_1.3.7-2_i386.deb E: Sub-process /usr/bin/dpkg returned an error code (1)
Welcome to Liers_dot_net_Liers_dot_org_auction_notification_list
-- Welcome to the liers.org/liers.net auction notification list. You are receiving this message because you have been subscribed to this list. This list has been setup to notify you when the auction of liers.org and liers.net, on eBay commences. If you do not wish to be on this list you can unsubscribe at: http://x.vwx.com:81/guest/RemoteListSummary/Liers_dot_net_Liers_dot_org_auction_notification_list. You have been added to this list either by your request or the request of another as an interested party to this auction.
Re: duplicate file
On Thu, Feb 28, 2002 at 11:15:27 +0100, Michal Novotny wrote: Hello, could anybody help me with error below? Maildrop wasn't been installed :( A bug report has already been filed for this problem and is being worked on; see http://bugs.debian.org/134639 . dpkg: error processing /var/cache/apt/archives/maildrop_1.3.7-2_i386.deb (--unpack): trying to overwrite `/usr/share/man/man7/maildirquota.7.gz', which is also in package courier-base As a workaround, install the package manually: dpkg --force-overwrite -OEG -i /var/cache/apt/archives/maildrop_1.3.7-2_i386.deb HTH, Ray -- UNFAIR Term applied to advantages enjoyed by other people which we tried to cheat them out of and didn't manage. See also DISHONESTY, SNEAKY, UNDERHAND and JUST LUCKY I GUESS. - The Hipcrime Vocab by Chad C. Mulligan
Re: LSM or GRSecurity
I got the base functionality working on my systems without any problems, so I never felt it necessary to write any documentation. I never completed packaging the Oblivion (ACL) management programs so that's a problematic area (but you don't really need it). Just give it a go on a test machine, once you see how easy it is you'll just put it on all machines! True...in our situation we don't need ACL. So you just applied the kernel patches (they work on 2.4.17, right?), and that should be it? Blah... I know I should be installing the package and experimenting,etc., but I am always pretty wary of kernel modifications (had a bad experience with the IDE driver before).
Re: LSM or GRSecurity
On Wed, 27 Feb 2002 15:14, Jason Lim wrote: So you just applied the kernel patches (they work on 2.4.17, right?), and that should be it? Blah... I know I should be installing the package and Yes, it just works! I started with Linux when patching your own kernel was expected, and something you did regularly. So I've never had any aversion to patching kernels, running beta kernels on servers, etc. I can understand how you might get nervous about it though. One thing to note with grsecurity, lsm, and probably many other kernel patches is that the feature set that's available depends on the version of the kernel you use. The current grsecurity kernel-patch package has two versions of the patch, 1.9.2 for kernels = 2.4.16 and 1.8.9 for kernels = 2.4.14. I am not sure which version you'll get if you apply it to 2.4.15. -- If you send email to me or to a mailing list that I use which has 4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void.
RE: Welcome to Liers_dot_net_Liers_dot_org_auction_notification_list
thats just great. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, February 28, 2002 4:17 AM To: debian-isp@lists.debian.org Subject: Welcome to Liers_dot_net_Liers_dot_org_auction_notification_list -- Welcome to the liers.org/liers.net auction notification list. You are receiving this message because you have been subscribed to this list. This list has been setup to notify you when the auction of liers.org and liers.net, on eBay commences. If you do not wish to be on this list you can unsubscribe at: http://x.vwx.com:81/guest/RemoteListSummary/Liers_dot_net_Liers_dot_org_auction_notification_list. You have been added to this list either by your request or the request of another as an interested party to this auction. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
BGP4/OSPF routing daemon for Linux?
Hello I would like to replace a Cisco router by a Linux box and therefore need a stable(!) BGP4/OSPF routing daemon. Has anybody here ever used Zebra/MRTd/gated in production environment? thanks, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 ch@westend.com Internet Security for ProfessionalsFax 0241/911879 WESTEND ist CISCO Systems Partner - Premium Certified
Apache + FP Extensions (+ mod_vhost_alias?)
Hi, I'm trying to get the M$ FrontPage Extensions (2000/2002) working in a Debian/Woody with no luck. I tried to do it the debian way, I mean, downloading the sources with apt-get source, putting the patch in upstream/patches, modifiyng the debian/control file adding: --fpexec-caller=www-data \ --fpexec-uidmin=33 \ --fpexec-gidmin=33 \ --server-uid=33 \ --server-gid=33 \ --fpexec-fpuser=root \ --fpexec-fpgroup=root \ --enable-module=frontpage Does anyone have any experience with this? Regards, -- German O. Gutierrez Departamento Operaciones Desarrollos Digitales S.A.
Re: Traffic monitoring/logging question
mm nice scheme. Did you wrote an RFC or ?? (uppercase must, can ;) The key is to the be able to account the traffic which is a miss in squid and this, on a per client basis. Squid have a mib which give you such stats, this is good. I developed an addon to this mib to get a per subnet stats, if you 're interested, i can send you the patch. So, you can use iptables accounting: using the right setup should be easy. The only tricky part is for ftp, irc etc.. traffic: you need to use the new --helper feature of iptables which match any traffic that use the ipconntrack helper moduler XXX. Aggregating all these information will give you the numbers you want. For stocking and reporting, you can use mrtg or cricket or a script and RRDtool or logtrend which is pretty nice but still very poor snmp wise. Hope that help, JeF On Wed, Feb 27, 2002 at 04:41:36PM +0100, Auke Rensen wrote: For our company's shared internet connection, I'm looking for a utility to monitor and log the generated traffic over the internet connection. As you can see there are two LAN's connected to a firewall/proxy server. The firewall uses IPTables, DNAT and SNAT. Situation sketch -- | Internet | -- | _| / | = eth0 _| |__| --- |__| = | Debian GNU/Linux Firewall | | | = | Release: Unstable | | | = | Kernel: 2.4.16| |+ === | = | Proxy: Squid | | | --- | | | | |__| eth1 = || = eth2 || ||__ | | | | |---|---| | LAN1 | | |---|---| LAN2 What I'm looking for is a application (or a combination of multiple) witch can build some usage reports. We need this information to share the bill of the internet connection fairly. I'd like to be able to create daily, weekly, monthly and yearly reports. What I'd like to know is if someone knows a utility witch is at least capable of giving the following statistics: Traffic from: - - LAN1 = internet, in bytes. - LAN2 = internet, in bytes. - LAN1 = LAN2, in bytes. - Total amount of traffic from all LAN's = Internet. Reports: I'd prefer the reports in some kind of graphical way, but plain text would also be fine. I need to get per host statistics, to compare them to the total amount of traffic Note: - The clients on both LAN's use the firewall as proxy server (...) This traffic MUST also be included in the statistics. I know this all CAN be done, but I don't know where to start. Can anybody help me? Thanks in advance, A.M. (Auke) Rensen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- - Jean-Francois Dive -- [EMAIL PROTECTED]
Re: BGP4/OSPF routing daemon for Linux?
a stable BGP imlementation is very importantn, i'd personally keep the cisco for that, especially if you are a 'CISCO Systems Partner - Premium Certified' ;) JeF On Thu, Feb 28, 2002 at 03:45:23PM +0100, Christian Hammers wrote: Hello I would like to replace a Cisco router by a Linux box and therefore need a stable(!) BGP4/OSPF routing daemon. Has anybody here ever used Zebra/MRTd/gated in production environment? thanks, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 ch@westend.com Internet Security for ProfessionalsFax 0241/911879 WESTEND ist CISCO Systems Partner - Premium Certified -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- - Jean-Francois Dive -- [EMAIL PROTECTED]
Apache + FP Extensions (+ mod_vhost_alias?)
Hi, I'm trying to get the M$ FrontPage Extensions (2000/2002) working in a Debian/Woody with no luck. I tried to do it the debian way, I mean, downloading the sources with apt-get source, putting the patch in upstream/patches, modifiyng the debian/control file adding: --fpexec-caller=www-data \ --fpexec-uidmin=33 \ --fpexec-gidmin=33 \ --server-uid=33 \ --server-gid=33 \ --fpexec-fpuser=root \ --fpexec-fpgroup=root \ --enable-module=frontpage Does anyone have any experience with this? Regards, -- German O. Gutierrez Departamento Operaciones Desarrollos Digitales S.A. - End forwarded message - -- German O. Gutierrez Departamento Operaciones Desarrollos Digitales S.A.
Re: BGP4/OSPF routing daemon for Linux?
Hi, We've had gated running as a customer router a few years ago on a bsdi system with 20+ network interfaces and it ran pretty stable. Probably it would run pretty stable on linux too. However i think gated is not really 'free' so i would choose zebra if i ever needed bgp or ospf on linux again. I remember licence costs of gated were as much as a huge cisco few years back (but i could be wrong, ofcourse). Regards, Tommy On Thu, 28 Feb 2002, Christian Hammers wrote: Hello I would like to replace a Cisco router by a Linux box and therefore need a stable(!) BGP4/OSPF routing daemon. Has anybody here ever used Zebra/MRTd/gated in production environment? thanks, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 ch@westend.com Internet Security for ProfessionalsFax 0241/911879 WESTEND ist CISCO Systems Partner - Premium Certified -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Best mail setup?
Hi, I'm currently looking to impliment a new mail system. I was wondering what your recommendations would be for 50 (and growing) virtual hosts. We want something that doesn't require a seperate system user for each virt-user account, and something that's relatively easy to configure. Any suggestions are welcome. Thanks, Darryl
Re: BGP4/OSPF routing daemon for Linux?
That's a yes, but because of security/bugs you'll have to update your ios more often than a current woody installation. ios needs a reboot, linux don't. I bet if you count montly uptimes in % a woody will currently get higher availability % than an average ios ;) (but i personally prefer ios above linux too.. who's gonna port an ios interface to linux? ios uses gpl fragments, shouldn't it be released in source anyway?) Tommy On Fri, 1 Mar 2002, Jean-Francois Dive wrote: a stable BGP imlementation is very importantn, i'd personally keep the cisco for that, especially if you are a 'CISCO Systems Partner - Premium Certified' ;) JeF On Thu, Feb 28, 2002 at 03:45:23PM +0100, Christian Hammers wrote: Hello I would like to replace a Cisco router by a Linux box and therefore need a stable(!) BGP4/OSPF routing daemon. Has anybody here ever used Zebra/MRTd/gated in production environment? thanks, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 ch@westend.com Internet Security for ProfessionalsFax 0241/911879 WESTEND ist CISCO Systems Partner - Premium Certified -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- - Jean-Francois Dive -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] --- Hi how are u? I'll send you my .sig in order to have your advice
Re: Traffic monitoring/logging question
Auke Rensen, Wed, Feb 27, 2002 at 04:41:36PM +0100: What I'm looking for is a application (or a combination of multiple) witch can build some usage reports. We need this information to share the bill of the internet connection fairly. I'd like to be able to create daily, weekly, monthly and yearly reports. What I'd like to know is if someone knows a utility witch is at least capable of giving the following statistics: If I'm not mistaken, mrtg can be integrated with iptables/ipchains to produce the stats you need. You might want to have a look at ntop as well. g pgpnxsYxXEypn.pgp Description: PGP signature
Re: Traffic monitoring/logging question
Be aware that on-the-wire counting will give you traffic counts inclusive of packet overhead, whereas counting in squid will give you only the size of the content in question. Don't do math on these things, as one rather large provider used to do ;) Be aware of media-specific packet wrapping sizes, and be aware of the difference between the size of the content, and the size of the content + IP headers. KevinL On Fri, 2002-03-01 at 08:17, Jean-Francois Dive wrote: mm nice scheme. Did you wrote an RFC or ?? (uppercase must, can ;) The key is to the be able to account the traffic which is a miss in squid and this, on a per client basis. Squid have a mib which give you such stats, this is good. I developed an addon to this mib to get a per subnet stats, if you 're interested, i can send you the patch. So, you can use iptables accounting: using the right setup should be easy. The only tricky part is for ftp, irc etc.. traffic: you need to use the new --helper feature of iptables which match any traffic that use the ipconntrack helper moduler XXX. Aggregating all these information will give you the numbers you want. For stocking and reporting, you can use mrtg or cricket or a script and RRDtool or logtrend which is pretty nice but still very poor snmp wise. Hope that help, JeF -- Internet techieObsidian Consulting Group Phone: +613 9653 9364Fax: +613 9354 2681 http://www.obsidian.com.au/ [EMAIL PROTECTED]
Re: BGP4/OSPF routing daemon for Linux?
On Fri, Mar 01, 2002 at 02:26:32AM +0100, Tommy van Leeuwen wrote: That's a yes, but because of security/bugs you'll have to update your ios more often than a current woody installation. ios needs a reboot, linux don't. mmm well, BGP security bugs in IOS are not that common. If you have a quite secure setup around it and not use fancy setup, the uptime should stay pretty good i reckon. Even if i agree that rebooting a BGP router is always a pain.. I dont specifically prefer IOS over linux, it really depends on what i wanna do with the box. Honestly, you dont want to see the IOS code, really: it is fat, huge (more than 700 Mo last time i looked) and is not all the time very nice to read. For the ios interface, i reckon it does already exist. some guys at the Cisco TAC in brussel are working on it. JeF I bet if you count montly uptimes in % a woody will currently get higher availability % than an average ios ;) (but i personally prefer ios above linux too.. who's gonna port an ios interface to linux? ios uses gpl fragments, shouldn't it be released in source anyway?) Tommy On Fri, 1 Mar 2002, Jean-Francois Dive wrote: a stable BGP imlementation is very importantn, i'd personally keep the cisco for that, especially if you are a 'CISCO Systems Partner - Premium Certified' ;) JeF On Thu, Feb 28, 2002 at 03:45:23PM +0100, Christian Hammers wrote: Hello I would like to replace a Cisco router by a Linux box and therefore need a stable(!) BGP4/OSPF routing daemon. Has anybody here ever used Zebra/MRTd/gated in production environment? thanks, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 ch@westend.com Internet Security for ProfessionalsFax 0241/911879 WESTEND ist CISCO Systems Partner - Premium Certified -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- - Jean-Francois Dive -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] --- Hi how are u? I'll send you my .sig in order to have your advice -- - Jean-Francois Dive -- [EMAIL PROTECTED]