Re: PHP 4.1.2
On 12/22/04 11:03, Jason Lim wrote: Hi all, I was wondering... are you guys concerned about the latest PHP vulnerabilities, which affect the Debian stable 4.1.2? How are you handling it? Debian Security Team still hasn't released any patches, so concerned and worried about this. Or perhaps you guys think there is no need to worry? Jas FWIW dotdeb.org has updated php4 packages for woody -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cheap Mainboard whith autostart ?
On 07/17/04 15:35, Rod Rodolico wrote: Michelle, I am not sure about the conversion from euro's to USD, but I have an ASUS A7V600 that supports auto-restart. Caveat: I have not used this feature. But, I rarely buy motherboards that are over $100 USD, and I am pretty sure it supports your CPU and memory. Just can't find the documenation. I use it as my workstation, which runs SUSE, but I see no reason it should not run Debian just fine (I believe I had it as my Debian server at one time, but don't remember for sure). It has been a stable MB so far. Rod My A7V600 won't boot without an AGP card plugged in. This may be annoying for servers. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
> In all cases I use > the SMTP server provided by the ISP at no extra cost, because they > recognise that you couldn't e-mail from a PC in any other way. Unfortunately Italian bigger ISP's don't have admins like Mr. Cocker :( Generally speaking their smtp server sucks: are often down (for _several_ days) or way too busy (4xx at connection time), misconfigured and might take ages to delivery your 1/2kb plain text message. > If, though, you have a need to set up a corporate identity with your own > recognised domain names for both IP and MX, then I think you can't > really avoid getting a static IP address and a 'business ADSL' tariff, > which is available from at least those three providers I mentioned > above, but obviously not at 'home ADSL' prices. Sure... except this won't solve the problem... You can buy the most expensive adsl solution from any of the ISP you've quoted with your own _statically_ allocated ip addresses (and pls note that you do pay for each static ip) only to find out that the assigned _static_ ip/range is actually marked as *dialup* in the whois db. Acording to my own experience the only way to have this problem solved is barking at the isp every damn day, annoy everyone at their call center for weeks and if you're lucky enough you can end up speaking with a tech guy and see the infamous "dial" removed. Regards
Re: Which Spam Block List to use for a network?
> In all cases I use > the SMTP server provided by the ISP at no extra cost, because they > recognise that you couldn't e-mail from a PC in any other way. Unfortunately Italian bigger ISP's don't have admins like Mr. Cocker :( Generally speaking their smtp server sucks: are often down (for _several_ days) or way too busy (4xx at connection time), misconfigured and might take ages to delivery your 1/2kb plain text message. > If, though, you have a need to set up a corporate identity with your own > recognised domain names for both IP and MX, then I think you can't > really avoid getting a static IP address and a 'business ADSL' tariff, > which is available from at least those three providers I mentioned > above, but obviously not at 'home ADSL' prices. Sure... except this won't solve the problem... You can buy the most expensive adsl solution from any of the ISP you've quoted with your own _statically_ allocated ip addresses (and pls note that you do pay for each static ip) only to find out that the assigned _static_ ip/range is actually marked as *dialup* in the whois db. Acording to my own experience the only way to have this problem solved is barking at the isp every damn day, annoy everyone at their call center for weeks and if you're lucky enough you can end up speaking with a tech guy and see the infamous "dial" removed. Regards -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Fun with routes
Sorry, i didn't want a holy war to break out. Thanks every one for their reply.
Re: Fun with routes
Sorry, i didn't want a holy war to break out. Thanks every one for their reply. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Fun with routes
Thanks you all for your quick replies. The situation in the place I live is gonna look quite weird to you folk. Here are NO small ISP's and only a few major telco's are offering ADSL. Moreover none of them can be bothered setting up specially crafted connections or routing disciplines; they do plug in their pre-configured c*sco's and sell their fixed ADSL packages. Period. If you want something more you have to choose CDN or fibre. That said, I repeat: I'm not willing to set-up a real life environment Featuring ADSL bonding via IP spoofing, I was just willing to satisfy my curiosity: is that possible? And if so can it be achieved? Does this sound strange? First off, ISP-B should be dropping your spoofed packets on the floor once they hit their network. I'm a strange guy, I know, but I totally disagree. IMHO An ISP should provide a customer with the internet. That's it. An ISP should not (unless asked to) mangle/NAT packets, stop pings, block backdoor scans, scan mails for viruses or do any activity limiting somehow their users freedom over the net. They can and should of cause identify and fight troublemakers through the customers. We could discuss a lot about what an ISP should and should not, but I don't feel this is the proper time for such a discussion. Load balancing the two will become a problem... how does your computer decide which path to send on? Aside from a few specific cases (like equal-cost load balancing) your routing protocol/procedure/program should make the same decision every time for where a packet should be routed. Ok you got the point. This is exactly what i was asking. From my point of view even a quite rudimental approach as route each packet through a different interfcae/isp would be enough. Even a random mechanism would be ok. A much easier way to do this, using existing proven technology would be MLPPP to one provider (assuming that your provider supports MLPPP and that you can get client hardware to do so as well). Some careful routing with two separate DSL connections to the same provider will work as well. A part that no one here is offering MLPPP or _even_ two adsl (dont ask me why, but i guess this is done to sell dedicated lines instead), that is no fun, which is somewhat in contrast with the subject of my mail. Thanks again for your time!
Re: Fun with routes
Thanks you all for your quick replies. The situation in the place I live is gonna look quite weird to you folk. Here are NO small ISP's and only a few major telco's are offering ADSL. Moreover none of them can be bothered setting up specially crafted connections or routing disciplines; they do plug in their pre-configured c*sco's and sell their fixed ADSL packages. Period. If you want something more you have to choose CDN or fibre. That said, I repeat: I'm not willing to set-up a real life environment Featuring ADSL bonding via IP spoofing, I was just willing to satisfy my curiosity: is that possible? And if so can it be achieved? Does this sound strange? First off, ISP-B should be dropping your spoofed packets on the floor once they hit their network. I'm a strange guy, I know, but I totally disagree. IMHO An ISP should provide a customer with the internet. That's it. An ISP should not (unless asked to) mangle/NAT packets, stop pings, block backdoor scans, scan mails for viruses or do any activity limiting somehow their users freedom over the net. They can and should of cause identify and fight troublemakers through the customers. We could discuss a lot about what an ISP should and should not, but I don't feel this is the proper time for such a discussion. Load balancing the two will become a problem... how does your computer decide which path to send on? Aside from a few specific cases (like equal-cost load balancing) your routing protocol/procedure/program should make the same decision every time for where a packet should be routed. Ok you got the point. This is exactly what i was asking. From my point of view even a quite rudimental approach as route each packet through a different interfcae/isp would be enough. Even a random mechanism would be ok. A much easier way to do this, using existing proven technology would be MLPPP to one provider (assuming that your provider supports MLPPP and that you can get client hardware to do so as well). Some careful routing with two separate DSL connections to the same provider will work as well. A part that no one here is offering MLPPP or _even_ two adsl (dont ask me why, but i guess this is done to sell dedicated lines instead), that is no fun, which is somewhat in contrast with the subject of my mail. Thanks again for your time! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Fun with routes
I was trying to figure out a cheap solution to increase upload speed for one of my customers (currently using ADSL). I soon realized that dedicated lines such as CDN, HDSL etc are too expensive in respect to common ADSL and come up with a brain-dead idea of bounding various ADSL lines together... Let's say I have ISP-A and ISP-B providing me 2 lines with static addresses IP-A and IP-B; both ISP's allows source address spoofing. For simplicity let's also say I will only accept incoming connections on IP-A, but, to increase upload speed, I want reply packets to come out both from ISP-A (with no modifications) AND ISP-B (with source address spoofing). I'm quite sure this can be done, but I'm not sure if iproute2 would do this. Any ideas? I'm aware of legal concerns regarding IP spoofing, so that this idea is quite unlikely to become a real life example, but I'd still like to know about it for my own curiosity's sake. Thanks a lot.
Fun with routes
I was trying to figure out a cheap solution to increase upload speed for one of my customers (currently using ADSL). I soon realized that dedicated lines such as CDN, HDSL etc are too expensive in respect to common ADSL and come up with a brain-dead idea of bounding various ADSL lines together... Let's say I have ISP-A and ISP-B providing me 2 lines with static addresses IP-A and IP-B; both ISP's allows source address spoofing. For simplicity let's also say I will only accept incoming connections on IP-A, but, to increase upload speed, I want reply packets to come out both from ISP-A (with no modifications) AND ISP-B (with source address spoofing). I'm quite sure this can be done, but I'm not sure if iproute2 would do this. Any ideas? I'm aware of legal concerns regarding IP spoofing, so that this idea is quite unlikely to become a real life example, but I'd still like to know about it for my own curiosity's sake. Thanks a lot. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to investigate kernel failure?
Cheers!!! I'm having a look at that Markus Oswald ha scritto: Am Son, 2003-10-19 um 08.29 schrieb Arnt Karlsen: ..I saw "raid over net" somewhere, where? Testing? Sid? I allway keep finding stuff I can use, the next month. ;-) You probably mean DRBD. As far as I remember it's packaged for testing and unstable... best regards Markus
Re: How to investigate kernel failure?
Cheers!!! I'm having a look at that Markus Oswald ha scritto: Am Son, 2003-10-19 um 08.29 schrieb Arnt Karlsen: ..I saw "raid over net" somewhere, where? Testing? Sid? I allway keep finding stuff I can use, the next month. ;-) You probably mean DRBD. As far as I remember it's packaged for testing and unstable... best regards Markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to investigate kernel failure?
The above are stack dumps. As you can see the most-recently invoked function in each case was getblk(), so I'd say you need to check your filesystem (and/or replace the hard drive). Marcin Thanks a lot for your help. Now everything seems a bit more clear. But this leads to another question... The disks are software raided so the failed one should have been kicked out of the array which, in fact, didn't happen. Any hints? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
How to investigate kernel failure?
Not sure if this is OT, just hope someone can help. I experienced a kernel crash last night at cron.daily time. As i'm totally new to this kind of things i'd like to know where to start from? This machine, which run quite fine for over a year a 2.4.18 kernel (build from vanilla source taken from kernel.org), was upgraded to 2.4.22 (again from kernel.org) around 1 month ago. The 1st block is this: Oct 17 04:48:38 fserv kernel: printing eip: Oct 17 04:48:38 fserv kernel: c0135158 Oct 17 04:48:38 fserv kernel: Oops: Oct 17 04:48:38 fserv kernel: CPU:0 Oct 17 04:48:38 fserv kernel: EIP:0010:[get_hash_table+104/144] Not tainted Oct 17 04:48:38 fserv kernel: EFLAGS: 00010202 Oct 17 04:48:38 fserv kernel: eax: dffc ebx: 0003 ecx: 403de5b0 edx: 403de5b0 Oct 17 04:48:38 fserv kernel: esi: 0009 edi: 0901 ebp: 00010e9e esp: ca897df0 Oct 17 04:48:38 fserv kernel: ds: 0018 es: 0018 ss: 0018 Oct 17 04:48:38 fserv kernel: Process find (pid: 20377, stackpage=ca897000) Oct 17 04:48:38 fserv kernel: Stack: 0901 1000 00010e9e 0ab8 c01356b9 0901 00010e9e Oct 17 04:48:38 fserv kernel:1000 c0158dc9 0901 00010e9e Oct 17 04:48:38 fserv kernel:1000 ca897f18 d75b1b80 ce204a00 Oct 17 04:48:38 fserv kernel: Call Trace:[getblk+25/80] [ext3_getblk+185/624] [vc_resize+289/1168] [ext3_find_entry+501/768] [ext3_bread+35/128] Oct 17 04:48:38 fserv kernel: [ext3_readdir+150/912] [permission+42/48] [vfs_readdir+97/144] [filldir64+0/368] [sys_getdents64+79/259] [filldir64+0/368] Oct 17 04:48:38 fserv kernel: [sys_fcntl64+128/144] [system_call+51/56] Oct 17 04:48:38 fserv kernel: Oct 17 04:48:38 fserv kernel: Code: 39 6a 04 75 f3 0f b7 42 08 3b 44 24 20 75 e9 66 39 7a 0c 75 Oct 17 04:48:38 fserv syslogd 1.4.1#10: restart. Oct 17 04:48:50 fserv kernel: <1>Unable to handle kernel paging request at virtual address 403de5b4 Oct 17 04:48:50 fserv kernel: printing eip: Oct 17 04:48:50 fserv kernel: c0135158 Oct 17 04:48:50 fserv kernel: Oops: Oct 17 04:48:50 fserv kernel: CPU:0 Oct 17 04:48:50 fserv kernel: EIP:0010:[get_hash_table+104/144] Not tainted Oct 17 04:48:50 fserv kernel: EFLAGS: 00010202 Oct 17 04:48:50 fserv kernel: eax: dffc ebx: 0003 ecx: 403de5b0 edx: 403de5b0 Oct 17 04:48:50 fserv kernel: esi: 0009 edi: 0901 ebp: 001e1941 esp: d061fdf0 Oct 17 04:48:50 fserv kernel: ds: 0018 es: 0018 ss: 0018 Oct 17 04:48:50 fserv kernel: Process tar (pid: 20504, stackpage=d061f000) Oct 17 04:48:50 fserv kernel: Stack: 0901 1000 001e1941 0ab8 c01356b9 0901 001e1941 Oct 17 04:48:50 fserv kernel:1000 c0158dc9 0901 001e1941 Oct 17 04:48:50 fserv kernel:1000 d061ff18 d3ba4480 caf4c3c0 Oct 17 04:48:50 fserv kernel: Call Trace:[getblk+25/80] [ext3_getblk+185/624] [vc_resize+289/1168] [ext3_find_entry+501/768] [ext3_bread+35/128] Oct 17 04:48:50 fserv kernel: [ext3_readdir+150/912] [vfs_permission+121/256] [permission+42/48] [vfs_readdir+97/144] [filldir64+0/368] [sys_getdents64+79/259] Oct 17 04:48:50 fserv kernel: [filldir64+0/368] [sys_fcntl64+128/144] [system_call+51/56] Oct 17 04:48:50 fserv kernel: Oct 17 04:48:50 fserv kernel: Code: 39 6a 04 75 f3 0f b7 42 08 3b 44 24 20 75 e9 66 39 7a 0c 75 At this time most (possibly all) services were still alive, according to the logs. Then a second crash around 3 hours later: Oct 17 08:13:58 fserv kernel: <1>Unable to handle kernel paging request at virtual address 403de5b4 Oct 17 08:13:58 fserv kernel: printing eip: Oct 17 08:13:58 fserv kernel: c0135158 Oct 17 08:13:58 fserv kernel: Oops: Oct 17 08:13:58 fserv kernel: CPU:0 Oct 17 08:13:58 fserv kernel: EIP:0010:[get_hash_table+104/144] Not tainted Oct 17 08:13:58 fserv kernel: EFLAGS: 00010202 Oct 17 08:13:58 fserv kernel: eax: dffc ebx: 0003 ecx: 403de5b0 edx: 403de5b0 Oct 17 08:13:58 fserv kernel: esi: 0009 edi: 0801 ebp: 16df esp: df445e30 Oct 17 08:13:58 fserv kernel: ds: 0018 es: 0018 ss: 0018 Oct 17 08:13:58 fserv kernel: Process kjournald (pid: 16, stackpage=df445000) Oct 17 08:13:58 fserv kernel: Stack: dfd9a800 0801 1000 16df 0ab8 c01356b9 0801 16df Oct 17 08:13:58 fserv kernel:1000 dfd9a800 cae65390 d9eceec0 c0164cb9 0801 16df Oct 17 08:13:58 fserv kernel:1000 dfd9a800 cae65390 16df c01621ad dfd9a800 dfd9a850 dfd9a800 Oct 17 08:13:58 fserv kernel: Call Trace:[getblk+25/80] [journal_get_descriptor_buffer+57/112] [journal_commit_transaction+1373/3799] [schedule+758/800] [kjournald+278/448] Oct 17 08:13:58 fserv kernel: [commit_timeout+0/16] [arch_kernel_thread+40/64] Oct 17 08:13:58 fserv kernel: Oct 17 08:13:58 fserv kernel: Code:
Re: Postfix: Multiple recipients alias?
Not an alias, strictly speaking, but Procmail's recipes might do what you've asked. Have a look at procmail, procmailrc, procmailex and formail man pages. Regards Jon Wood ha scritto: On Fri, 2003-09-26 at 12:40, R.M. Evers wrote: Hi, This could be a stupid question, but I'm trying to accomplish the following: In our company, we run a Debian mailserver with Postfix. The server runs a lot of accounts and virtual domains for our customers, but also for our own employees. Now, what i want to do, is make some sort of alias for our employees, so that they can send an e-mail to, for example "[EMAIL PROTECTED]", which would deliver to all of our mailboxes. But, I only want this alias to be available for our own employees. Not for the outside world, of course.. Would this be possible? I looked into this recently, and as far as I can tell, you'll need some sort of mailing list manager in place to do that, although I may be hideously wrong. Regards, -- R.M. Evers <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: multiple ppp connections
Have a look at /etc/ppp/ip-up and ip-down scripts they both export some env vars you may find useful when setting iptables rules. Does anyone know how can I put iptables firewall script onto a firewall where is more ppp connectoins? Expl. There is a firewall with two dsl connection the first is ppp0 the 2nd is the ppp1. It's clear. How can I build firewall If I do not know which dsl connection wil be the ppp0 or the ppp1? Any ideas? Thanks Robert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: PPP-= SERVER and RADIUS
Many possibilities: man inittab, man crontab, ip-up/down (man pppd) Moreover, if u're describing a dial-in box: man mgetty Hello, I'm looking the way to configure a debian box as a PPP-server. Today, I have to run `pppd call myscript' everytime I want someone to connect. What is the way to automaticaly rerun pppd to accept new connections. Then, is there any way use radius server with pppd ? Thanks a lot. François
Re: PPP-= SERVER and RADIUS
Many possibilities: man inittab, man crontab, ip-up/down (man pppd) Moreover, if u're describing a dial-in box: man mgetty Hello, I'm looking the way to configure a debian box as a PPP-server. Today, I have to run `pppd call myscript' everytime I want someone to connect. What is the way to automaticaly rerun pppd to accept new connections. Then, is there any way use radius server with pppd ? Thanks a lot. François -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sharing ppp conections without chanel bundling
You may want to read the adv-routing HOWTO @ http://lartc.org/howto I. Forbes ha scritto: Hi All I am looking that the posibility sharing traffic through two pppoe conections without chanel bundling. I want to use a linux box as a NAT router, but the outgoing ip's must be shared in "round-robin" fashion between two ppp interfaces. Obviously each tcp connection will be linked to one outgoing ppp interface (eg ppp0). But the next one should pickup the next ppp interface (ppp1) etc. Thus each ppp conection should provide a default route. Can Linux kernel + iptables handle something like this? Thanks Ian - Ian Forbes ZSD http://www.zsd.co.za Office: +27 21 683-1388 Fax: +27 21 674-1106 Snail Mail: P.O. Box 46827, Glosderry, 7702, South Africa -
Re: Sharing ppp conections without chanel bundling
You may want to read the adv-routing HOWTO @ http://lartc.org/howto I. Forbes ha scritto: Hi All I am looking that the posibility sharing traffic through two pppoe conections without chanel bundling. I want to use a linux box as a NAT router, but the outgoing ip's must be shared in "round-robin" fashion between two ppp interfaces. Obviously each tcp connection will be linked to one outgoing ppp interface (eg ppp0). But the next one should pickup the next ppp interface (ppp1) etc. Thus each ppp conection should provide a default route. Can Linux kernel + iptables handle something like this? Thanks Ian - Ian Forbes ZSD http://www.zsd.co.za Office: +27 21 683-1388 Fax: +27 21 674-1106 Snail Mail: P.O. Box 46827, Glosderry, 7702, South Africa - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: {G} Problem Compiling Exim on woody
Had the same problem a few months ago and as far as i remember u may need to install libdb3-dev package. Gregory Machin ha scritto: > I have compiled exim on this system before no problem , but no when i try > and compile i get the following error. > " If file include from exim.h:341, > from exim_dbmbuild.c:30: > dbstuff.h:101: db.h: No such file or directory > make[1]: *** [exim_dbmbuild.o] Error 1 > make[1] Levbing directory '/home/installs/exim-4.14/build-Linux-i386' > make: *** [go] Error 2 > > Is there a list anyware of all the libraries requied for a full compile of > exim . As i need to do the same on other versions of linux , and don't > want to have to experiment every time .. > > Many thanks > Gregory Machin > > >
Re: {G} Problem Compiling Exim on woody
Had the same problem a few months ago and as far as i remember u may need to install libdb3-dev package. Gregory Machin ha scritto: > I have compiled exim on this system before no problem , but no when i try > and compile i get the following error. > " If file include from exim.h:341, > from exim_dbmbuild.c:30: > dbstuff.h:101: db.h: No such file or directory > make[1]: *** [exim_dbmbuild.o] Error 1 > make[1] Levbing directory '/home/installs/exim-4.14/build-Linux-i386' > make: *** [go] Error 2 > > Is there a list anyware of all the libraries requied for a full compile of > exim . As i need to do the same on other versions of linux , and don't > want to have to experiment every time .. > > Many thanks > Gregory Machin > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: multiple hisax ?
Ciao Leonardo, i've been running 2 hisax based cards (elsa) on a dialin box since debian slink and never had any issues. Leonardo Boselli ha scritto: can i put more than one hisax driven card in the same machine ? either the same model or different ? -- Leonardo Boselli Nucleo informatico e Telematico Dipartimento Ingegneria Civile Universita` di Firenze Via Santa Marta 3 I-50139 Firenze +39 055-4796-431 +39 348-8605-348 fax 055-495-333
Re: multiple hisax ?
Ciao Leonardo, i've been running 2 hisax based cards (elsa) on a dialin box since debian slink and never had any issues. Leonardo Boselli ha scritto: can i put more than one hisax driven card in the same machine ? either the same model or different ? -- Leonardo Boselli Nucleo informatico e Telematico Dipartimento Ingegneria Civile Universita` di Firenze Via Santa Marta 3 I-50139 Firenze +39 055-4796-431 +39 348-8605-348 fax 055-495-333 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Antivirus license
Amavis knows nothing about virus signatures. It only knows how to query some av softwares being them daemons or a command line based. Tomàs Núñez Lirola (by way of Tomàs Núñez Lirola ) ha scritto: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have a doubt respecting amavis... I've read there are some antiviruses that run in daemon mode (clamav-daemon, sophie) because if you want to check a lot of files every 2 or 3 seconds (like a mail server does), it takes a lot of resources to load virus definitions every time, so they load definitions once and stay as a daemon. But I thought AMaViS implemented this. Am I certain? Does AMaViS load virus definitions every time a mail is checked? I mean, is useless a daemon antivirus with amavis? El Martes, 10 de Junio de 2003 10:38, Samuele Catusian escribió:
Re: Antivirus license
Amavis knows nothing about virus signatures. It only knows how to query some av softwares being them daemons or a command line based. Tomàs Núñez Lirola (by way of Tomàs Núñez Lirola ) ha scritto: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have a doubt respecting amavis... I've read there are some antiviruses that run in daemon mode (clamav-daemon, sophie) because if you want to check a lot of files every 2 or 3 seconds (like a mail server does), it takes a lot of resources to load virus definitions every time, so they load definitions once and stay as a daemon. But I thought AMaViS implemented this. Am I certain? Does AMaViS load virus definitions every time a mail is checked? I mean, is useless a daemon antivirus with amavis? El Martes, 10 de Junio de 2003 10:38, Samuele Catusian escribió: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Setting up VPN's
Your cross posted question has already been discussed in debian-isp ml on 19-20-21 March 2003. Please have a look at the archives: http://lists.debian.org/debian-isp/2003/debian-isp-200303/threads.html Hi Guys We have to setup a VPN for a client and was wondering what software packages we could use for this, what works well and is reliable ? And what I need to do to get it working on their firewall ... Thanks Craig
Re: Anti-Virus
The open source choice is openantivirus.org + amavis: altough still partly incomplete and not that up to date, it basically works. If u feel that's not enough for your needs, go grab one of the many commercial products i won't mention here. acab Rod Rodolico ha scritto: Suggestions on which server-side AV software to use? Running Exim 3.35 + procmail. Would prefer users have the ability to turn virus checking on and off, maybe via a procmail rule. Rod
Re: VPN
Ciao Samuele, I've tried both ssh and ipsec. SSH+PPPD is quite easy to set up and works just fine but has sometimes some minor problems with the connection link not being taken down. IPSec+FreeS/wan is (maybe) a cleaner solution but has some strong requirements you should take into considration. Imho pptpd should be avoided at all: i run it only to communicate with an adsl modem (so i don't have any real life experience) and i'm not really happy with it. Moreover it seems to be less reliable then the above. Samuele wrote: Hi there. I have to set up a VPN service on some Debian (woody) servers, and since I have no experienced with this I am searching for advices and hints about the best implementation among: . SSH + PPPD (as explained in the VPN HOWTO) . IPSec + FreeSwan (which seems to be more secure) . OpenVPN . tinc . pptpd ... Suggestions and advices are welcome. Bye. -- Samuele Catusian
Re: VPN
Ciao Samuele, I've tried both ssh and ipsec. SSH+PPPD is quite easy to set up and works just fine but has sometimes some minor problems with the connection link not being taken down. IPSec+FreeS/wan is (maybe) a cleaner solution but has some strong requirements you should take into considration. Imho pptpd should be avoided at all: i run it only to communicate with an adsl modem (so i don't have any real life experience) and i'm not really happy with it. Moreover it seems to be less reliable then the above. Samuele wrote: Hi there. I have to set up a VPN service on some Debian (woody) servers, and since I have no experienced with this I am searching for advices and hints about the best implementation among: . SSH + PPPD (as explained in the VPN HOWTO) . IPSec + FreeSwan (which seems to be more secure) . OpenVPN . tinc . pptpd ... Suggestions and advices are welcome. Bye. -- Samuele Catusian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Web stats for multiple domains
Here i assume u have a structure like this: - Path to each domain: /var/www/DOMAINNAME - Path to domain stats: /var/www/DOMAINNAME/stats but you can edit below to fit your needs. First tell apache to use different log files for each domain and to save them in /var/log/apache. Just put the following line inside each "": CustomLog /var/log/apache/DOMAINNAME_access.log combined Then in /etc/cron.daily set up a script like this: for LOGFILE in `ls /var/log/apache | egrep ".*_access.log$"` do webazolver -Q -N 10 -c /etc/webalizer.conf -o /var/cache -D /var/cache/webalizer_dns.db /var/log/apache/$LOGFILE done for LOGFILE in `ls /var/log/apache | egrep ".*_access.log$"` do DOMAIN=`echo $LOGFILE | sed -e "s/_access.log$//"` /usr/bin/webalizer -Q -p -c /etc/webalizer.conf -n $DOMAIN -o /var/www/$DOMAIN/stats -M 0 /var/log/apache/$LOGFILE done Jasper Metselaar wrote: Hi, I am currently using webalizer to generate website statistics for my customers, but to keep a systemwide view I would like to have some kind of stats overview that will provide statistics (especially data traffic) per virtual domain. (and if possible on one page) Does somebody know a way to achieve this? Thanks in advance! - Jasper ___
Re: Web stats for multiple domains
Here i assume u have a structure like this: - Path to each domain: /var/www/DOMAINNAME - Path to domain stats: /var/www/DOMAINNAME/stats but you can edit below to fit your needs. First tell apache to use different log files for each domain and to save them in /var/log/apache. Just put the following line inside each "": CustomLog /var/log/apache/DOMAINNAME_access.log combined Then in /etc/cron.daily set up a script like this: for LOGFILE in `ls /var/log/apache | egrep ".*_access.log$"` do webazolver -Q -N 10 -c /etc/webalizer.conf -o /var/cache -D /var/cache/webalizer_dns.db /var/log/apache/$LOGFILE done for LOGFILE in `ls /var/log/apache | egrep ".*_access.log$"` do DOMAIN=`echo $LOGFILE | sed -e "s/_access.log$//"` /usr/bin/webalizer -Q -p -c /etc/webalizer.conf -n $DOMAIN -o /var/www/$DOMAIN/stats -M 0 /var/log/apache/$LOGFILE done Jasper Metselaar wrote: Hi, I am currently using webalizer to generate website statistics for my customers, but to keep a systemwide view I would like to have some kind of stats overview that will provide statistics (especially data traffic) per virtual domain. (and if possible on one page) Does somebody know a way to achieve this? Thanks in advance! - Jasper ___ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
