Iptables not accounting for certain packets
Hi, Thanks to all who replied to my previous ip accounting question. I got iptables to account by using the following... /usr/local/sbin/iptables -A FORWARD -s 0.0.0.0/0 -d 202.65.74.116 -o eth0 /usr/local/sbin/iptables -A FORWARD -s 202.65.74.116 -d 0.0.0.0/0 -i eth0 this works fine accept that my accounting server is also a proxy server and internet traffic directed to the proxy server dose not get forwarded and hence is not accounted for. Having encountered this problem i thought easy, just account for INPUT and OUTPUT to that interface, i used /usr/local/sbin/iptables -A OUTPUT -s 0.0.0.0/0 -d 202.65.74.116 -o eth0 /usr/local/sbin/iptables -A INPUT -s 202.65.74.116 -d 0.0.0.0/0 -i eth0 now correct me if im wrong but this should give me accounting for all traffic going in eth 0 from 202.65.74.116 and going out eth 0 to 202.65.74.116 ?? What i found was that i got accounting for traffic that originated from the server ie) ping 202.65.74.116 from the proxy server but when i ping 202.65.74.116 from an other machine that is on a network on the other side of the server (server has two network cards with ip_forward) i get no accounting for that traffic. What's going wrong here ?? should my output rule not match all traffic going out eth0 to 202.65.74.116 even if it is coming in on eth1 getting routed through the box and going out eth 0 to 202.65.74.116 ? Any clarification would be muchly appreciated. Regards, Marcel
Iptables not accounting for certain packets
Hi, Thanks to all who replied to my previous ip accounting question. I got iptables to account by using the following... /usr/local/sbin/iptables -A FORWARD -s 0.0.0.0/0 -d 202.65.74.116 -o eth0 /usr/local/sbin/iptables -A FORWARD -s 202.65.74.116 -d 0.0.0.0/0 -i eth0 this works fine accept that my accounting server is also a proxy server and internet traffic directed to the proxy server dose not get forwarded and hence is not accounted for. Having encountered this problem i thought easy, just account for INPUT and OUTPUT to that interface, i used /usr/local/sbin/iptables -A OUTPUT -s 0.0.0.0/0 -d 202.65.74.116 -o eth0 /usr/local/sbin/iptables -A INPUT -s 202.65.74.116 -d 0.0.0.0/0 -i eth0 now correct me if im wrong but this should give me accounting for all traffic going in eth 0 from 202.65.74.116 and going out eth 0 to 202.65.74.116 ?? What i found was that i got accounting for traffic that originated from the server ie) ping 202.65.74.116 from the proxy server but when i ping 202.65.74.116 from an other machine that is on a network on the other side of the server (server has two network cards with ip_forward) i get no accounting for that traffic. What's going wrong here ?? should my output rule not match all traffic going out eth0 to 202.65.74.116 even if it is coming in on eth1 getting routed through the box and going out eth 0 to 202.65.74.116 ? Any clarification would be muchly appreciated. Regards, Marcel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
Wichert Akkerman <[EMAIL PROTECTED]> wrote: > > It leads to better solutions :) And fun and entertainment along the way! -- Sam Couter | Internet Engineer | http://www.topic.com.au/ [EMAIL PROTECTED]| tSA Consulting | OpenPGP key ID: DE89C75C, available on key servers OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C pgpvoKx45IU9Z.pgp Description: PGP signature
Re: shutting down computer using /dev/ttySx
On Wed, Dec 12, 2001 at 08:04:22PM -0200, Pedro Zorzenon Neto wrote: > head -c 9 /dev/ttyS0 #waits to receive 9 bits from serial port 9 bytes > echo -n "\007" > /dev/console #beep the pcspeaker echo -ne Plato
shutting down computer using /dev/ttySx
On Tue, Dec 11, 2001 at 01:46:11PM +0900, Olaf Meeuwissen wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Olaf Meeuwissen <[EMAIL PROTECTED]> wrote: > > > I'm maintaining a (small-time) group server for our department. In > > order to satisfy company policy requirements I need to provide a way > > to shutdown the server in case of emergencies. Our network admin was > > kind enough to give me two alternatives: > > > > 1) provide an on-screen shutdown button > > 2) provide a shutdown user account (and document its usage) > > > > Suggestions, discussions of pros and cons welcome, > > Thanks to everyone who responded. I should have been a little clearer > on the system setup. The machine in question consists of a main unit > and a bunch of externally attached hard disks connected to a network. > It has no monitor, keyboard (what Ctrl-Alt-Del?) and mouse. That is pretty simple :-) run this script during the boot with "nohup /dir/send.sh &" --- begin of send.sh --- #!/bin/sh while true; do echo -n "pzn" > /dev/ttyS0 #send 3 bytes to serial port sleep 1 done --- end of send.sh --- and also run this during boot "nohup /dir/receive.sh &" --- begin of receive.sh --- #!/bin/sh head -c 9 /dev/ttyS0 #waits to receive 9 bits from serial port echo -n "\007" > /dev/console #beep the pcspeaker sleep 1 echo -n "\007" > /dev/console #beep the pcspeaker sleep 1 halt #shutdown the system --- end of receive.sh --- then put a switch that when pressed shorts pins 2 and 3 of your serial port /dev/ttyS0. that is it. just press the switch for 3 seconds to shutdown the machine. if it does not work, then configure setserial to use "no flow control" on /dev/ttyS0 Good luck, Pedro
Re: ping problem
Wichert Akkerman <[EMAIL PROTECTED]> wrote: > > It leads to better solutions :) And fun and entertainment along the way! -- Sam Couter | Internet Engineer | http://www.topic.com.au/ [EMAIL PROTECTED]| tSA Consulting | OpenPGP key ID: DE89C75C, available on key servers OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C msg04773/pgp0.pgp Description: PGP signature
Re: shutting down computer using /dev/ttySx
On Wed, Dec 12, 2001 at 08:04:22PM -0200, Pedro Zorzenon Neto wrote: > head -c 9 /dev/ttyS0 #waits to receive 9 bits from serial port 9 bytes > echo -n "\007" > /dev/console #beep the pcspeaker echo -ne Plato -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
shutting down computer using /dev/ttySx
On Tue, Dec 11, 2001 at 01:46:11PM +0900, Olaf Meeuwissen wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Olaf Meeuwissen <[EMAIL PROTECTED]> wrote: > > > I'm maintaining a (small-time) group server for our department. In > > order to satisfy company policy requirements I need to provide a way > > to shutdown the server in case of emergencies. Our network admin was > > kind enough to give me two alternatives: > > > > 1) provide an on-screen shutdown button > > 2) provide a shutdown user account (and document its usage) > > > > Suggestions, discussions of pros and cons welcome, > > Thanks to everyone who responded. I should have been a little clearer > on the system setup. The machine in question consists of a main unit > and a bunch of externally attached hard disks connected to a network. > It has no monitor, keyboard (what Ctrl-Alt-Del?) and mouse. That is pretty simple :-) run this script during the boot with "nohup /dir/send.sh &" --- begin of send.sh --- #!/bin/sh while true; do echo -n "pzn" > /dev/ttyS0 #send 3 bytes to serial port sleep 1 done --- end of send.sh --- and also run this during boot "nohup /dir/receive.sh &" --- begin of receive.sh --- #!/bin/sh head -c 9 /dev/ttyS0 #waits to receive 9 bits from serial port echo -n "\007" > /dev/console #beep the pcspeaker sleep 1 echo -n "\007" > /dev/console #beep the pcspeaker sleep 1 halt #shutdown the system --- end of receive.sh --- then put a switch that when pressed shorts pins 2 and 3 of your serial port /dev/ttyS0. that is it. just press the switch for 3 seconds to shutdown the machine. if it does not work, then configure setserial to use "no flow control" on /dev/ttyS0 Good luck, Pedro -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
Am Mit, 12. Dez 2001, 15:02:40 +0200 schrieb Halil Demirezen: > How can i solve the problem that after i ping my computer(server) with > "ping localhost&" for about 160 times, the system starts not to give > response and the load average of the cpu raises to the %81. > > and i can manage this under an ordinary user account. > > So a normal user can make the whole system locked with a simple 160* "ping > localhost&" :< > > how can i solve this system problem.. > > should i remove ping command? I don't really understand what you're doing here are you doing here, are you starting 160 ping commands or is it just one command and the fun starts after it send out 160 packets? Well, if you're starting 160 ping commands in paralell, removing ping won't help you, there are other commands which can do that to (like make -j on the kernel tree or some tiny fork bomb, you can write one in every shell). In this case you want to look into pam-limits, as others in this thread suggested. If just one ping command is enough to do that, than you either found a bug somewhere in the software or you have a problem with your hardware. I had the problem once that tcp-connections got stuck after some kbytes on an old 486 on a 10MBit network, the problem was that the default WSS or MSS or something like that (I don't remeber exactly) was raised in newer kernel and my machine was simply to slow to handle it. I dont't believe though that this is exactly your problem. Regards, Jö. -- Of all the things I've lost, I miss my mind the most. pgpMu2kA7O6UI.pgp Description: PGP signature
Re: ping problem
Previously Ade Talabi wrote: > Hey! why are u guys always arguing It leads to better solutions :) Wichert. -- _ /[EMAIL PROTECTED] This space intentionally left occupied \ | [EMAIL PROTECTED]http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Re: ping problem
A suggestion does not necessarily have to solve the problem, it might to view the problem from another angle. Hey! why are u guys always arguing Rolf Kutz ([EMAIL PROTECTED]) said thusly on [12/12/01 at 14:36]: > Gergely Trifonov ([EMAIL PROTECTED]) wrote: > > > i did not say it'd solve the problem, i only suggested a solution > > instead of removing ping. > > If it doesn't solve the problem, it's no solution. > > -Rolf > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > ,[ ade talabi ]- | #--- | West and East Nigeria are as different as Ireland from Germany. The North is as different from either as China. Obafemi Awolowo, quoted in John Gunther, _Inside Africa_, 1955 | #--- `[ mutt rules ]-
Re: ping problem
Just a thought...(no ill intent)... If a ping command is taking up THAT much processor power, might it be time to upgrade? Phil - Original Message - From: Halil Demirezen <[EMAIL PROTECTED]> To: Sent: Wednesday, December 12, 2001 8:02 AM Subject: ping problem > How can i solve the problem that after i ping my computer(server) with > "ping localhost&" for about 160 times, the system starts not to give > response and the load average of the cpu raises to the %81. > > and i can manage this under an ordinary user account. > > So a normal user can make the whole system locked with a simple 160* "ping > localhost&" :< > > how can i solve this system problem.. > > should i remove ping command? > > > > > > > > /* > /* Icq uin : 1037072 > /* > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > >
Re: ping problem
Gergely Trifonov ([EMAIL PROTECTED]) wrote: > i did not say it'd solve the problem, i only suggested a solution > instead of removing ping. If it doesn't solve the problem, it's no solution. -Rolf
Re: ping problem
i did not say it'd solve the problem, i only suggested a solution instead of removing ping. On Wed, 2001-12-12 at 14:20, Rolf Kutz wrote: > Gergely Trifonov ([EMAIL PROTECTED]) wrote: > > > it's okay if you just remove the setuid bit from /bin/ping (chmod -s > > /bin/ping), so users won't be able to run it > > This doesn't help. Luser will be able to create a > 100% load with any command, so this doesn't help > and ping is a useful tool. Try ulimit instead. > > -Rolf > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- __ Gergely Trifonovmailto:[EMAIL PROTECTED] System Administrator, WSD IND - Interactive Net Design http://www.indweb.hu Széchenyi u. 70.H - 3530 Miskolc Hungary Phone: +36 46 505 106 Fax: +36 46 505 107 Mobile: +36 20 395 6476 !Please install IND CA Certification as TRUSTED CA! https://www.indweb.hu/IND.crt
Re: ping problem
Gergely Trifonov ([EMAIL PROTECTED]) wrote: > it's okay if you just remove the setuid bit from /bin/ping (chmod -s > /bin/ping), so users won't be able to run it This doesn't help. Luser will be able to create a 100% load with any command, so this doesn't help and ping is a useful tool. Try ulimit instead. -Rolf
Re: ping problem
Previously Gergely Trifonov wrote: > it's okay if you just remove the setuid bit from /bin/ping (chmod -s > /bin/ping), so users won't be able to run it That doesn't solve the real problem, which is not the fact that the user runs ping but that he can run too many processes starving machinen resources. Wichert. -- _ /[EMAIL PROTECTED] This space intentionally left occupied \ | [EMAIL PROTECTED]http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Re: ping problem
Halil Demirezen ([EMAIL PROTECTED]) wrote: > How can i solve the problem that after i ping my computer(server) with > "ping localhost&" for about 160 times, the system starts not to give > response and the load average of the cpu raises to the %81. > > how can i solve this system problem.. You can limit user-resources with ulimit (man bash). > should i remove ping command? No, ping is a very useful tool. -Rolf
Re: ping problem
Previously Halil Demirezen wrote: > How can i solve the problem that after i ping my computer(server) with > "ping localhost&" for about 160 times, the system starts not to give > response and the load average of the cpu raises to the %81. Look at the PAM limits documentation. Wichert. -- _ /[EMAIL PROTECTED] This space intentionally left occupied \ | [EMAIL PROTECTED]http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Re: ping problem
it's okay if you just remove the setuid bit from /bin/ping (chmod -s /bin/ping), so users won't be able to run it On Wed, 2001-12-12 at 14:02, Halil Demirezen wrote: > How can i solve the problem that after i ping my computer(server) with > "ping localhost&" for about 160 times, the system starts not to give > response and the load average of the cpu raises to the %81. > > and i can manage this under an ordinary user account. > > So a normal user can make the whole system locked with a simple 160* "ping > localhost&" :< > > how can i solve this system problem.. > > should i remove ping command? > > > > > > > > /* > /* Icq uin : 1037072 > /* > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- __ Gergely Trifonovmailto:[EMAIL PROTECTED] System Administrator, WSD IND - Interactive Net Design http://www.indweb.hu Széchenyi u. 70.H - 3530 Miskolc Hungary Phone: +36 46 505 106 Fax: +36 46 505 107 Mobile: +36 20 395 6476 !Please install IND CA Certification as TRUSTED CA! https://www.indweb.hu/IND.crt
ping problem
How can i solve the problem that after i ping my computer(server) with "ping localhost&" for about 160 times, the system starts not to give response and the load average of the cpu raises to the %81. and i can manage this under an ordinary user account. So a normal user can make the whole system locked with a simple 160* "ping localhost&" :< how can i solve this system problem.. should i remove ping command? /* /* Icq uin : 1037072 /*
Re: ping problem
Am Mit, 12. Dez 2001, 15:02:40 +0200 schrieb Halil Demirezen: > How can i solve the problem that after i ping my computer(server) with > "ping localhost&" for about 160 times, the system starts not to give > response and the load average of the cpu raises to the %81. > > and i can manage this under an ordinary user account. > > So a normal user can make the whole system locked with a simple 160* "ping > localhost&" :< > > how can i solve this system problem.. > > should i remove ping command? I don't really understand what you're doing here are you doing here, are you starting 160 ping commands or is it just one command and the fun starts after it send out 160 packets? Well, if you're starting 160 ping commands in paralell, removing ping won't help you, there are other commands which can do that to (like make -j on the kernel tree or some tiny fork bomb, you can write one in every shell). In this case you want to look into pam-limits, as others in this thread suggested. If just one ping command is enough to do that, than you either found a bug somewhere in the software or you have a problem with your hardware. I had the problem once that tcp-connections got stuck after some kbytes on an old 486 on a 10MBit network, the problem was that the default WSS or MSS or something like that (I don't remeber exactly) was raised in newer kernel and my machine was simply to slow to handle it. I dont't believe though that this is exactly your problem. Regards, Jö. -- Of all the things I've lost, I miss my mind the most. msg04770/pgp0.pgp Description: PGP signature
Re: ping problem
Previously Ade Talabi wrote: > Hey! why are u guys always arguing It leads to better solutions :) Wichert. -- _ [EMAIL PROTECTED] This space intentionally left occupied \ | [EMAIL PROTECTED]http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
A suggestion does not necessarily have to solve the problem, it might to view the problem from another angle. Hey! why are u guys always arguing Rolf Kutz ([EMAIL PROTECTED]) said thusly on [12/12/01 at 14:36]: > Gergely Trifonov ([EMAIL PROTECTED]) wrote: > > > i did not say it'd solve the problem, i only suggested a solution > > instead of removing ping. > > If it doesn't solve the problem, it's no solution. > > -Rolf > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > ,[ ade talabi ]- | #--- | West and East Nigeria are as different as Ireland from Germany. The North is as |different from either as China. Obafemi Awolowo, quoted in John Gunther, _Inside Africa_, 1955 | #--- `[ mutt rules ]- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
Just a thought...(no ill intent)... If a ping command is taking up THAT much processor power, might it be time to upgrade? Phil - Original Message - From: Halil Demirezen <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, December 12, 2001 8:02 AM Subject: ping problem > How can i solve the problem that after i ping my computer(server) with > "ping localhost&" for about 160 times, the system starts not to give > response and the load average of the cpu raises to the %81. > > and i can manage this under an ordinary user account. > > So a normal user can make the whole system locked with a simple 160* "ping > localhost&" :< > > how can i solve this system problem.. > > should i remove ping command? > > > > > > > > /* > /* Icq uin : 1037072 > /* > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
Gergely Trifonov ([EMAIL PROTECTED]) wrote: > i did not say it'd solve the problem, i only suggested a solution > instead of removing ping. If it doesn't solve the problem, it's no solution. -Rolf -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
i did not say it'd solve the problem, i only suggested a solution instead of removing ping. On Wed, 2001-12-12 at 14:20, Rolf Kutz wrote: > Gergely Trifonov ([EMAIL PROTECTED]) wrote: > > > it's okay if you just remove the setuid bit from /bin/ping (chmod -s > > /bin/ping), so users won't be able to run it > > This doesn't help. Luser will be able to create a > 100% load with any command, so this doesn't help > and ping is a useful tool. Try ulimit instead. > > -Rolf > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- __ Gergely Trifonovmailto:[EMAIL PROTECTED] System Administrator, WSD IND - Interactive Net Design http://www.indweb.hu Széchenyi u. 70.H - 3530 Miskolc Hungary Phone: +36 46 505 106 Fax: +36 46 505 107 Mobile: +36 20 395 6476 !Please install IND CA Certification as TRUSTED CA! https://www.indweb.hu/IND.crt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
Gergely Trifonov ([EMAIL PROTECTED]) wrote: > it's okay if you just remove the setuid bit from /bin/ping (chmod -s > /bin/ping), so users won't be able to run it This doesn't help. Luser will be able to create a 100% load with any command, so this doesn't help and ping is a useful tool. Try ulimit instead. -Rolf -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
Previously Gergely Trifonov wrote: > it's okay if you just remove the setuid bit from /bin/ping (chmod -s > /bin/ping), so users won't be able to run it That doesn't solve the real problem, which is not the fact that the user runs ping but that he can run too many processes starving machinen resources. Wichert. -- _ [EMAIL PROTECTED] This space intentionally left occupied \ | [EMAIL PROTECTED]http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
Halil Demirezen ([EMAIL PROTECTED]) wrote: > How can i solve the problem that after i ping my computer(server) with > "ping localhost&" for about 160 times, the system starts not to give > response and the load average of the cpu raises to the %81. > > how can i solve this system problem.. You can limit user-resources with ulimit (man bash). > should i remove ping command? No, ping is a very useful tool. -Rolf -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
Previously Halil Demirezen wrote: > How can i solve the problem that after i ping my computer(server) with > "ping localhost&" for about 160 times, the system starts not to give > response and the load average of the cpu raises to the %81. Look at the PAM limits documentation. Wichert. -- _ [EMAIL PROTECTED] This space intentionally left occupied \ | [EMAIL PROTECTED]http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ping problem
it's okay if you just remove the setuid bit from /bin/ping (chmod -s /bin/ping), so users won't be able to run it On Wed, 2001-12-12 at 14:02, Halil Demirezen wrote: > How can i solve the problem that after i ping my computer(server) with > "ping localhost&" for about 160 times, the system starts not to give > response and the load average of the cpu raises to the %81. > > and i can manage this under an ordinary user account. > > So a normal user can make the whole system locked with a simple 160* "ping > localhost&" :< > > how can i solve this system problem.. > > should i remove ping command? > > > > > > > > /* > /* Icq uin : 1037072 > /* > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- __ Gergely Trifonovmailto:[EMAIL PROTECTED] System Administrator, WSD IND - Interactive Net Design http://www.indweb.hu Széchenyi u. 70.H - 3530 Miskolc Hungary Phone: +36 46 505 106 Fax: +36 46 505 107 Mobile: +36 20 395 6476 !Please install IND CA Certification as TRUSTED CA! https://www.indweb.hu/IND.crt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ping problem
How can i solve the problem that after i ping my computer(server) with "ping localhost&" for about 160 times, the system starts not to give response and the load average of the cpu raises to the %81. and i can manage this under an ordinary user account. So a normal user can make the whole system locked with a simple 160* "ping localhost&" :< how can i solve this system problem.. should i remove ping command? /* /* Icq uin : 1037072 /* -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ssh and root
Hi, > BTW: I would prefer to keep the main cvs repository local and copy > (rsync ?) it to the foreign sever, if that's possible. Or would this > confuse cvs on the other server? Would I have direct write access to > 'my' files in the (foreign) repository or only over cvs? Hints welcome. (I only know about SF) I don't think you can rsync the SF CVS. You can import your files in, but you don't have a full control on your files: you can't remove directories from your CVS tree, and you can't change file permissions on your files (be careful if you commit script or executable). For both, you'll have to submit a request to SF team. And you don't have ssh access to SF CVS servers AFAIK (only to users server). -- Benoît Sibaud
Re: ssh and root
Hi, > BTW: I would prefer to keep the main cvs repository local and copy > (rsync ?) it to the foreign sever, if that's possible. Or would this > confuse cvs on the other server? Would I have direct write access to > 'my' files in the (foreign) repository or only over cvs? Hints welcome. (I only know about SF) I don't think you can rsync the SF CVS. You can import your files in, but you don't have a full control on your files: you can't remove directories from your CVS tree, and you can't change file permissions on your files (be careful if you commit script or executable). For both, you'll have to submit a request to SF team. And you don't have ssh access to SF CVS servers AFAIK (only to users server). -- Benoît Sibaud -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]