Setting up a Firewall DMZ
Hi, Could someone point me to definitive documentation on setting up a DMZ using either ipchains, iptables or some other firewall package. I would sure appreciate any help given. TIA -mk Michael W. Kuhar * [EMAIL PROTECTED]
RE: Setting up a Firewall DMZ
Thank You. -Original Message- From: Ilya Martynov [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 24, 2001 8:03 AM To: Kuhar, Mike Cc: 'Debian-user' Subject: Re: Setting up a Firewall DMZ KM Hi, KM Could someone point me to definitive documentation on setting up a KM DMZ using either ipchains, iptables or some other firewall KM package. I would sure appreciate any help given. See IPCHAINS-HOWTO. It has an example of such setup. If you have installed HOWTOs it should be in file /usr/share/doc/HOWTO/en-txt/IPCHAINS-HOWTO.txt.gz -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=- | Ilya Martynov (http://martynov.org/) | | GnuPG 1024D/323BDEE6 D7F7 561E 4C1D 8A15 8E80 E4AE BE1A 53EB 323B DEE6 | | AGAVA Software Company (http://www.agava.com/) | -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-
RE: su in X
When you log in as a regular user, and you 'su -' to root, you have to define you 'export DISPLAY=:0.0' again. The minus sign after the su command means that you want to assume root's environment. So if there is not an explicit export DISPLAY statement in /root/.bash_profile or /root/.bashrc, the root environment has no idea what the display should be. Hope this helps -mk -Original Message- From: Erik van der Meulen [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 11, 2001 5:26 AM To: debian-user@lists.debian.org Subject: Fw: su in X Dear list, this should be easy, but I have not managed yet... I run Gnome desktop as a 'regular' user. If I need to do systemsmanagment, I do 'su -' in a terminal to get root access. Only if I need to start an X app (just installed red-carper), I get an error: Gtk-WARNING **: cannot open display: Can anyone suggest how to avoid this? I recall something with export display, but do not get it to work... Thanks a lot. Erk van der Meulen NB I probably end up wanting to have a menu-button for this application. Is 'sudo' than the way to go? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: Shutdown
Well, I don't really see anything wrong with the IRQ's. Hmmm. I took a stab at it, and I was wrong. Are you doing the same thing when the system freezes? If you're running X, try running top in a window so that the top system users are displayed. Maybe you can get a handle on the offending package that way. Good luck. -mk -Original Message- From: D. Hoyem [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 8:56 PM To: Kuhar, Mike Subject: RE: Shutdown here is the output that I get from: daduu:~/ltmodem-5.78e# cat /proc/interrupts CPU0 0: 379397 XT-PIC timer 1: 1188 XT-PIC keyboard 2: 0 XT-PIC cascade 8: 1 XT-PIC rtc 10:1076350 XT-PIC au88xx 12: 83512 XT-PIC PS/2 Mouse 13: 1 XT-PIC fpu 14: 234977 XT-PIC ide0 15: 7 XT-PIC ide1 NMI: 0 and here is the output that I get from: daduu:~# setserial -g /dev/ttyS* /dev/ttyS0, UART: 16550A, Port: 0x03f8, IRQ: 4 /dev/ttyS1, UART: 16550A, Port: 0x02f8, IRQ: 3 /dev/ttyS14, UART: 16950/954, Port: 0x1400, IRQ: 10 /dev/ttyS2, UART: unknown, Port: 0x03e8, IRQ: 4 /dev/ttyS3, UART: unknown, Port: 0x02e8, IRQ: 3 daduu:~# setserial -g /dev/ttyLT0 /dev/ttyLT0, UART: 16950/954, Port: 0x1400, IRQ: 10 As I see it the au8xx and /dev/ttyLT0 (Lucent WinModem) are sharing the same irq. THis has not caused problems on previous Linuc Distro, but on one of the distro the dmesg said sharing IRQ ok or something like that. Any hints on how to resolve this? Thanks for you time Don --- Kuhar, Mike [EMAIL PROTECTED] wrote: You might do cat /proc/interrupts to see who is sharing IRQ's. Check for IRQ sharing between video card and NIC or sound car and NIC. Things like that. -mk -Original Message- From: D. Hoyem [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 10:31 AM To: Kuhar, Mike; Debian List Subject: RE: Shutdown I have also tried Ctl+Alt+Bksp and that will not work. This is not a constant problem, I can log on usually but it does happen a lot. I know that is a ambigious statement, but hard to explain. I have looked in the .Xsession error log after this happens and I can log on and do not see anything. Is there another log that I can look at to see if it identifies a problem? Thanks --- Kuhar, Mike [EMAIL PROTECTED] wrote: Can you shutdown X with Ctl+Alt+Bksp? I would highly recommend that you find the source of the system hang, if that's what is happening. I would guess that you are sharing an IRQ with two devices that shouldn't be shared, i.e. your sound card and your NIC. Something along those lines. What might give you a hint is determining what you're doing when the hang occurs. -mk -Original Message- From: D. Hoyem [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 9:14 AM To: Kuhar, Mike; Debian List Subject: RE: Shutdown I have tried that also..Ctl+Alt+F2, the cursor will not move either ie xdm is up and shows the cursor. --- Kuhar, Mike [EMAIL PROTECTED] wrote: Are you sure that linux is froze? You might try doing Ctl+Alt+F2 to see if you can open another virtual console. -Original Message- From: D. Hoyem [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 8:57 AM To: Ales Jerman; Debian List Subject: Re: Shutdown Same subject different question. How do you shutdown your system if it is FROZE, Ctrl+Alt+Del, nor the system power button will not shut it down, the only way that I know is to turn off the power strip. Is there another way? --- Ales Jerman [EMAIL PROTECTED] wrote: Hello! Is there any combination like Ctrl+Alt+Del, but not for reboot system, but for halt or shutdown system? Thank you! Bye, Ales -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED
apt-get ftp sites
Greetings, Due to a proxy server on our local net, my Debian box cannot use http:// sites in the /etc/apt/sources.list. However, ftp sites do. (go figure). The only site I have in my sources.list file is: deb ftp://ftp.us.debian.org/debian stable main contrib non-free Does anyone know of other ftp sites I can add to sources.list? Thanks in advance. -mk
RE: apt-get ftp sites
Thanks Roy. I'll look into it. -mk -Original Message- From: Roy G. Culley [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 04, 2001 7:37 AM To: Kuhar, Mike Subject: Re: apt-get ftp sites Hi Mike, Due to a proxy server on our local net, my Debian box cannot use http:/ / sites in the /etc/apt/sources.list. However, ftp sites do. (go figure). The only site I have in my sources.list file is: You can set the http_proxy environment variable if you must go through a proxy server. See the sources.list man page for more details. Regards, Roy
RE: apt-get ftp sites
It would seem that I need to use the form, http://user:[EMAIL PROTECTED]:port/ . However, it appears that the MS proxy server doesn't like this method. Probably due to not being authenticated through a login into a MS Windows box. OK. I just got off the phone with the proxy system admin. The problem was with the proxy server. I can now get out to http sites. Thanks to those who helped. One more request. Can someone e-mail me the recommended apt-get http sites? Again, thank you. -mk -Original Message- From: Jean-Luc Anthoine [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 04, 2001 9:33 AM To: Kuhar, Mike Subject: Re: apt-get ftp sites Kuhar, Mike wrote: Greetings, Due to a proxy server on our local net, my Debian box cannot use http:// sites in the /etc/apt/sources.list. However, ftp sites do. (go figure). The only site I have in my sources.list file is: deb ftp://ftp.us.debian.org/debian stable main contrib non-free Does anyone know of other ftp sites I can add to sources.list? www.debian.org contains a file of all primary and secondary mirrors. Thanks in advance. -mk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] Hi, If You read manual page for sources.list You will find that: URI specification The currently recognized URI types are cdrom, file, http, and ftp. file The file scheme allows an arbitrary directory in the file system to be considered an archive. This is useful for NFS mounts and local mirrors or archives. cdrom The cdrom scheme allows APT to use a local CDROM drive with media swapping. Use the apt-cdrom(8) program to create cdrom entires in the source list. http The http scheme specifies an HTTP server for the archive. If an environment variable $http_proxy is set with the format http://server:port/, the proxy server specified in $http_proxy will be used. Users of authenticated HTTP/1.1 proxies may use a string of the format http://user:[EMAIL PROTECTED]:port/ Note that this is an insecure method of authentication. apt 5 Dec 1998 2 sources.list(5) sources.list(5) -- Amities. Jean-Luc ANTHOINE [EMAIL PROTECTED] I.U.T. de Belfort,Departement Informatique,BP 527,F-90016 BELFORT CEDEX Phone : (33) (0)3 84 58 77 87 Fax : (33) (0)3 84 58 77 81
RE: can't use cron
If you're trying to add the line as given: 0 1 * * 5 root /root/update remove the word root after the number 5. This field is for a command, not a user. You might also want to clean it up so that any test output is handled correctly, such as: 0 1 * * 5 /root/update /dev/null 21 # Some comment for documentation -mk -Original Message- From: Kim De Smaele [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 8:21 AM To: Colin Watson Cc: debian-user@lists.debian.org Subject: Re: can't use cron maybe it's just a litle mistake: make sure you are root ( I made this mistake once ! ) greets, Kim: Colin Watson wrote: dko [EMAIL PROTECTED] wrote: I wrote a script and I want cron to start it everyweek I added 10 1 * * 5 root /root/update in crontab file and restarted cron when I put crontab -l, it says no crontab for root ?!? root's crontab is different from /etc/crontab (you edit root's crontab with 'crontab -e'). As long as /root/update is executable, what you've done should work fine. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: Shutdown
Are you sure that linux is froze? You might try doing Ctl+Alt+F2 to see if you can open another virtual console. -Original Message- From: D. Hoyem [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 8:57 AM To: Ales Jerman; Debian List Subject: Re: Shutdown Same subject different question. How do you shutdown your system if it is FROZE, Ctrl+Alt+Del, nor the system power button will not shut it down, the only way that I know is to turn off the power strip. Is there another way? --- Ales Jerman [EMAIL PROTECTED] wrote: Hello! Is there any combination like Ctrl+Alt+Del, but not for reboot system, but for halt or shutdown system? Thank you! Bye, Ales -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: Shutdown
Can you shutdown X with Ctl+Alt+Bksp? I would highly recommend that you find the source of the system hang, if that's what is happening. I would guess that you are sharing an IRQ with two devices that shouldn't be shared, i.e. your sound card and your NIC. Something along those lines. What might give you a hint is determining what you're doing when the hang occurs. -mk -Original Message- From: D. Hoyem [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 9:14 AM To: Kuhar, Mike; Debian List Subject: RE: Shutdown I have tried that also..Ctl+Alt+F2, the cursor will not move either ie xdm is up and shows the cursor. --- Kuhar, Mike [EMAIL PROTECTED] wrote: Are you sure that linux is froze? You might try doing Ctl+Alt+F2 to see if you can open another virtual console. -Original Message- From: D. Hoyem [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 8:57 AM To: Ales Jerman; Debian List Subject: Re: Shutdown Same subject different question. How do you shutdown your system if it is FROZE, Ctrl+Alt+Del, nor the system power button will not shut it down, the only way that I know is to turn off the power strip. Is there another way? --- Ales Jerman [EMAIL PROTECTED] wrote: Hello! Is there any combination like Ctrl+Alt+Del, but not for reboot system, but for halt or shutdown system? Thank you! Bye, Ales -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
RE: Shutdown
You might do cat /proc/interrupts to see who is sharing IRQ's. Check for IRQ sharing between video card and NIC or sound car and NIC. Things like that. -mk -Original Message- From: D. Hoyem [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 10:31 AM To: Kuhar, Mike; Debian List Subject: RE: Shutdown I have also tried Ctl+Alt+Bksp and that will not work. This is not a constant problem, I can log on usually but it does happen a lot. I know that is a ambigious statement, but hard to explain. I have looked in the .Xsession error log after this happens and I can log on and do not see anything. Is there another log that I can look at to see if it identifies a problem? Thanks --- Kuhar, Mike [EMAIL PROTECTED] wrote: Can you shutdown X with Ctl+Alt+Bksp? I would highly recommend that you find the source of the system hang, if that's what is happening. I would guess that you are sharing an IRQ with two devices that shouldn't be shared, i.e. your sound card and your NIC. Something along those lines. What might give you a hint is determining what you're doing when the hang occurs. -mk -Original Message- From: D. Hoyem [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 9:14 AM To: Kuhar, Mike; Debian List Subject: RE: Shutdown I have tried that also..Ctl+Alt+F2, the cursor will not move either ie xdm is up and shows the cursor. --- Kuhar, Mike [EMAIL PROTECTED] wrote: Are you sure that linux is froze? You might try doing Ctl+Alt+F2 to see if you can open another virtual console. -Original Message- From: D. Hoyem [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 8:57 AM To: Ales Jerman; Debian List Subject: Re: Shutdown Same subject different question. How do you shutdown your system if it is FROZE, Ctrl+Alt+Del, nor the system power button will not shut it down, the only way that I know is to turn off the power strip. Is there another way? --- Ales Jerman [EMAIL PROTECTED] wrote: Hello! Is there any combination like Ctrl+Alt+Del, but not for reboot system, but for halt or shutdown system? Thank you! Bye, Ales -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
RE: Q: Mass Text convert Linux-DOS?
Jonathan,
The command /usr/vin/fromdos will convert text files from/to dos. I think
it might be easier to use than recode.
Good luck. -mk
-Original Message-
From: Christopher Mosley [mailto:[EMAIL PROTECTED]
Sent: Friday, March 30, 2001 12:18 PM
To: Erik Steffl
Cc: Debian List
Subject: Re: Q: Mass Text convert Linux-DOS?
On Thu, 29 Mar 2001, Erik Steffl wrote:
Jonathan Gift wrote:
...
I have a great many text files I have to convert from Linux to DOS
format. I tries recode by hand once but it took hours.
There has to be an
automatic way.
...
for file in ~/documents; do
recode latin1..ibmpc $file
done
find ~/documents -type f -exec recode latin1..ibmpc '{}' \;
see man find
don't forget to backup before you experiment!
erik
You can also recursively *zip* into directories using the the
zip LF CR
conversion options, then unzip. This is not really what zip
is for and it is
a problem if you are short on disk disk space but it a way to do what
you want.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
[EMAIL PROTECTED]
RE: setting up autofs
Two things, Robert. Make sure that autofs is built into your kernel. And to start off, use a copy of /etc/auto.master.dpkg-dist and /etc/auto.misc.dpkg-dist into /etc/auto.master and /etc/auto.misc to get you going with a good example. I would make one change, however. In /etc/auto.master, change /var/autofs/misc to /misc, leaving the rest of the line as is. This should give you the ability to automount both your cd and floppy. You may also have to mkdir /misc. Good luck. -mk -Original Message- From: Robert Voigt [mailto:[EMAIL PROTECTED] Sent: Thursday, March 29, 2001 10:08 AM To: debian-user@lists.debian.org Subject: setting up autofs I installed autofs. I want it to automount the floppy, the cdrom and a couple directories on another machine via nfs. I just don't want to type mount and umount everytime I access them (is autofs the right choice for this?). Unfortunately the manpages and the HOWTO aren't written for someone who hasn't used it before (who are they for?). Can someone please tell me what to put in what conf file, for instance for the case that I want to mount the floppy drive to /floppy? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: 1 linux box: 10 simultaneous telnet sessions
Joe, 8 telnet sessions will cause no undo hardships on your system. Just make sure that the TERM variable is set correctly for the terminal emulation you're using. -mk -Original Message- From: Joris Lambrecht [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 21, 2001 7:15 AM To: 'debian-user@lists.debian.org' Subject: RE: 1 linux box: 10 simultaneous telnet sessions Download TeraTerm Pro from any of it's many mirror's, support VT100 emulation etc. as well as an ssh implementation. Download @ http://hp.vector.co.jp/authors/VA002416/teraterm.html Download ssh plugin @ http://www.zip.com.au/~roca/ttssh.html (just for your information) Configure the needed terminal sessions (set the required terminal emulation) to support a better then telnet terminal emulation and have a try. Should work perfectly. Main advantage of TeraTerm is that it is quite good software and free. I guess you could also use HyperTerminal to connect to the linux machine. I suppose that if you're running an introduction course you might not need more RAM to be able to run those scripts/perl simultaneously, RAM might get consumed rather rapidly if doing some more serious tasks. Greets, Joris -Original Message- From: joe golden [mailto:[EMAIL PROTECTED] Sent: woensdag 21 maart 2001 13:05 To: debian-user@lists.debian.org Subject: 1 linux box: 10 simultaneous telnet sessions I'm planning on teaching a short intro to perl unit in our middle school. I have one linux box running kernel 2.2.18pre21 on our windows NT 4.0 ethernet connected network of 9 machines. telnet version is 0.16-4potato.1 telnetd version is same Is it feasible to have eight telnet sessions, one from each individual NT workstation, into the one linbox? I think telnet is not the most elegant at timesharing with this type of load. I'm not sure if it is designed for this (clunky) application. Any tips on optimizing the setup for this scenario? Three students have logged in simultaneously via telnet, so I think the basic setup is sound, but we haven't done much yet. _ Get your FREE download of MSN Explorer at http://explorer.msn.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: apt cache clean
Yes, Matthieu Try: apt-get autoclean This will remove all older package versions. -mk -Original Message- From: Matthieu Paindavoine [mailto:[EMAIL PROTECTED] Sent: Monday, March 19, 2001 11:23 PM To: debian-user@lists.debian.org Subject: apt cache clean Hello, I am a happy user of apt... and my cache is getting big. I notice that I pile up several versions of programs as newer ones become available. Is there a command to clean this up a little bit. Searched in apt-cache and apt-conf. I saw a Cache-Limit, but it's not exactly what I need. Thank you for providing any suggestion. Matthieu -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: quick howto-command questions?
If you're just interested in the current directory for #1, 3 and 4, they are just variations of: ls -la | wc -l or ls -la *.c If you want to look down a subdirectory tree use: find . -name \*.c -print | wc -l -mk -Original Message- From: David B. Harris [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 20, 2001 6:38 AM To: john smith Cc: debian-user@lists.debian.org Subject: Re: quick howto-command questions? To quote john smith [EMAIL PROTECTED], # 1. How can I find out the total number of files (also hidden) in the current # directory? # # 2. How can I find out the total number of executable files (also hidden) in # the current directory? # # 3. how to find the total number of files of a given an extension? # (ex.*.tar.gz) # # 4.how to list files alphabetically that end in *.c? You can use 'find' for all of those. 'man find' :) David Barclay Harris, Clan Barclay Aut agere, aut mori. (Either action, or death.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: 593964
? -Original Message- From: debian-user@lists.debian.org [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 07, 2001 3:28 PM To: debian-user@lists.debian.org Subject: 593964
