Re: [expert] Updating SNF
On Thursday 28 November 2002 10:54, James Sparenberg wrote: > OK, > I've got SNF running on my firewall now comes the problem... How > do I update it? The update directories on the mirrors don't have > hdlist.cz so urpmi is out. The web pages insist that I'm not connected > (note if I wasn't connected the laptop I'm on wouldn't be sending this > e-mail) so I can't use them. SNF has no graphical interface so > MandrakeUpdate is out of the question. All in all it really looks like > it should be a nice product. Other than being slow as heck (speaking of > the web pages.) What it really wants is for me to admit that my cable > modem is my lan and my lan is the internet. (the web pages insist on > swapping eth1 and eth0 > > Basically .. I really would like to know another way to update this > box short of reading the file list in the updates directory and > comparing it to the version installed and downloading and running rpm > one file at a time. > > James Sorry for the late reaction (I've been out awhile) but in response to the basics: You could get a list of the installed packages using "rpmq -a" (or is that already rpmquery on 7.2?) and then use "rpm -Uvh xxx" to upgrade all of them in one go. Frankly I doubt if it'll work but it might:o) Maybe one of the perl-geecks could offer a nice script derived from the update scripts on the install cd's, or something of the sort. Personally I don't have the timenor the skill to do it offhand. For the rest: Me, I'm a very, very satisfied Smoothwall user:o) Good Luck, HarM Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
On Fri, 2002-12-06 at 07:27, Lorne wrote: > > The linux non gui version is NOT commercial. It is a shell script that leads > you question by question and when it is done asking you questions, it then > compiles the packages and settings and places them on a floppy for you. You > can create a floppy in about 5 minutes. Cost = 0.00 > Which still comes back to the original problem How to update 7.2 boxes (either SNF or regular) when you don't have a GUI. the urpmi capabilities that come with 7.2 are severely limited when it comes to a situtation that exists now. there is no hdlist.cz or synthlist.cz available for these. urpmi.addmedia is missing the following switches --update, -f (to force the creation of a hdlist when none exists.) and the ability to "name" the media. Question is ... could I take the urpmi from a later distro (since it is a noarch app and actually perl scripts) and force install it onto 7.2 so that I can have a way of remotely, and in fact automatically updating these boxes until the time when they can be replaced. The biggest help would be if hdlist.cz existed in the updates directory. But since it doesn't... James Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
On Thursday 05 December 2002 10:47 pm, Jack Coates wrote: > On Thu, 2002-12-05 at 18:46, Lorne wrote: > > On Thursday 05 December 2002 08:49 am, Mark Weaver wrote: > > > KevinO wrote: > > > > -BEGIN PGP SIGNED MESSAGE- > > > > Hash: SHA1 > > > > > > > > Mark Weaver wrote: > > > >>You mean you learned "nothing" about iptables and how to use them > > > >> during that time using SNF? > > > > > > > > It was a learning experience. > > > > I stand corrected... > > > > > > > > > > > > - -- > > > > KevinO > > > > > > you know...I've heard peanut linux is quite interesting and fits on a > > > floppy. (course I could be wrong - it's happened before.) I wonder if > > > one could fit Peanut and iptables on a floppy and run the firewall > > > thata way? > > > > I've used coyte-linux for years. http://www.coyote-linux.com I am pretty > > sure. It all goes on a floppy disk. DHCP client on the outside interface > > and DHCP server on the inside SSH and much more. VERY cool. > > > > > Mark > > This is another fork from the LRP tree, with a GUI configger. True... and not quite true. You can get a linux version that is not gui. > Commercial. The linux non gui version is NOT commercial. It is a shell script that leads you question by question and when it is done asking you questions, it then compiles the packages and settings and places them on a floppy for you. You can create a floppy in about 5 minutes. Cost = 0.00 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
On Thu, 2002-12-05 at 18:46, Lorne wrote: > On Thursday 05 December 2002 08:49 am, Mark Weaver wrote: > > KevinO wrote: > > > -BEGIN PGP SIGNED MESSAGE- > > > Hash: SHA1 > > > > > > Mark Weaver wrote: > > >>You mean you learned "nothing" about iptables and how to use them during > > >>that time using SNF? > > > > > > It was a learning experience. > > > I stand corrected... > > > > > > > > > - -- > > > KevinO > > > > you know...I've heard peanut linux is quite interesting and fits on a > > floppy. (course I could be wrong - it's happened before.) I wonder if > > one could fit Peanut and iptables on a floppy and run the firewall thata > > way? > > > I've used coyte-linux for years. http://www.coyote-linux.com I am pretty sure. > It all goes on a floppy disk. DHCP client on the outside interface and DHCP > server on the inside SSH and much more. VERY cool. > > Mark > This is another fork from the LRP tree, with a GUI configger. Commercial. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
On Thursday 05 December 2002 08:49 am, Mark Weaver wrote: > KevinO wrote: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA1 > > > > Mark Weaver wrote: > >>You mean you learned "nothing" about iptables and how to use them during > >>that time using SNF? > > > > It was a learning experience. > > I stand corrected... > > > > > > - -- > > KevinO > > you know...I've heard peanut linux is quite interesting and fits on a > floppy. (course I could be wrong - it's happened before.) I wonder if > one could fit Peanut and iptables on a floppy and run the firewall thata > way? > I've used coyte-linux for years. http://www.coyote-linux.com I am pretty sure. It all goes on a floppy disk. DHCP client on the outside interface and DHCP server on the inside SSH and much more. VERY cool. > Mark Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
Jack Coates scribbled nervously after reading Mark's message: > On Thu, 2002-12-05 at 07:49, Mark Weaver wrote: >> KevinO wrote: >> > -BEGIN PGP SIGNED MESSAGE- >> > Hash: SHA1 >> > >> > Mark Weaver wrote: >> > >> >>You mean you learned "nothing" about iptables and how to use >> them during that time using SNF? >> >> >> > >> > It was a learning experience. >> > I stand corrected... >> > >> > >> > - -- >> > KevinO >> >> you know...I've heard peanut linux is quite interesting and fits >> on a floppy. (course I could be wrong - it's happened before.) I >> wonder if one could fit Peanut and iptables on a floppy and run >> the firewall thata way? >> >> Mark >> > Looks like Peanut gave up on fitting into a floppy... I use LEAF > when I need something like that. Really nice package. > http://leaf.sourceforge.net. > > -- > Jack Coates > Monkeynoodle: A Scientific Venture... cool! thanks for the Link. -- Mark "Stupidity has no moral high ground. It can't see that high!" Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
LEAF is based on LRP -- it forked because LRP wasn't being actively developed and there was some bad blood with the people who were actively developing. If you use LRP, LEAF is really worth a look. Jack On Thu, 2002-12-05 at 09:34, James Sparenberg wrote: > For a floppy firewall I'd use LRP myself but I really did want > more... And after a fair amount of time at the command line I've > finally got it working reasonably. For the moment. > > James > > > On Thu, 2002-12-05 at 08:20, Jack Coates wrote: > > On Thu, 2002-12-05 at 07:49, Mark Weaver wrote: > > > KevinO wrote: > > > > -BEGIN PGP SIGNED MESSAGE- > > > > Hash: SHA1 > > > > > > > > Mark Weaver wrote: > > > > > > > >>You mean you learned "nothing" about iptables and how to use them during > > > >>that time using SNF? > > > >> > > > > > > > > It was a learning experience. > > > > I stand corrected... > > > > > > > > > > > > - -- > > > > KevinO > > > > > > you know...I've heard peanut linux is quite interesting and fits on a > > > floppy. (course I could be wrong - it's happened before.) I wonder if > > > one could fit Peanut and iptables on a floppy and run the firewall thata > > > way? > > > > > > Mark > > > > > Looks like Peanut gave up on fitting into a floppy... I use LEAF when I > > need something like that. Really nice package. > > http://leaf.sourceforge.net. > > > > -- > > Jack Coates > > Monkeynoodle: A Scientific Venture... > > > > > > > > > > > Want to buy your Pack or Services from MandrakeSoft? > > Go to http://www.mandrakestore.com > > > > > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
For a floppy firewall I'd use LRP myself but I really did want more... And after a fair amount of time at the command line I've finally got it working reasonably. For the moment. James On Thu, 2002-12-05 at 08:20, Jack Coates wrote: > On Thu, 2002-12-05 at 07:49, Mark Weaver wrote: > > KevinO wrote: > > > -BEGIN PGP SIGNED MESSAGE- > > > Hash: SHA1 > > > > > > Mark Weaver wrote: > > > > > >>You mean you learned "nothing" about iptables and how to use them during > > >>that time using SNF? > > >> > > > > > > It was a learning experience. > > > I stand corrected... > > > > > > > > > - -- > > > KevinO > > > > you know...I've heard peanut linux is quite interesting and fits on a > > floppy. (course I could be wrong - it's happened before.) I wonder if > > one could fit Peanut and iptables on a floppy and run the firewall thata > > way? > > > > Mark > > > Looks like Peanut gave up on fitting into a floppy... I use LEAF when I > need something like that. Really nice package. > http://leaf.sourceforge.net. > > -- > Jack Coates > Monkeynoodle: A Scientific Venture... > > > > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
On Thu, 2002-12-05 at 07:49, Mark Weaver wrote: > KevinO wrote: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA1 > > > > Mark Weaver wrote: > > > >>You mean you learned "nothing" about iptables and how to use them during > >>that time using SNF? > >> > > > > It was a learning experience. > > I stand corrected... > > > > > > - -- > > KevinO > > you know...I've heard peanut linux is quite interesting and fits on a > floppy. (course I could be wrong - it's happened before.) I wonder if > one could fit Peanut and iptables on a floppy and run the firewall thata > way? > > Mark > Looks like Peanut gave up on fitting into a floppy... I use LEAF when I need something like that. Really nice package. http://leaf.sourceforge.net. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
KevinO wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Weaver wrote: You mean you learned "nothing" about iptables and how to use them during that time using SNF? It was a learning experience. I stand corrected... - -- KevinO you know...I've heard peanut linux is quite interesting and fits on a floppy. (course I could be wrong - it's happened before.) I wonder if one could fit Peanut and iptables on a floppy and run the firewall thata way? Mark Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
James Sparenberg wrote: On Wed, 2002-12-04 at 15:41, Mark Weaver wrote: KevinO wrote: I ran (fought with, suffered with) SNF for several months. Now we use Smoothwall. (IPCop should be similar) My suggestion: Use smoothwall or something similar. Don't bother with SNF. Sorry Mandrake. I like your distributions and I support you financially. But, SNF was a terrible product. Slow, wouldn't forward UDP (despite allowing you to configure that in without any warnings or complaints.), and too big of a distribution for a firewall. SNF > 300MB download Smoothwall < 30MB download (and it does pretty much everything SNF claims it will) Easier to use/figure out web interface too. I consider the time I spent with SNF to have been a total waste. KevinO James Sparenberg wrote: You mean you learned "nothing" about iptables and how to use them during that time using SNF? Mark No SNF is the 2.2 kernel and uses ipchains. ah...well thats no fun. I knew there wasn't reason I hadn't bothered with that. Mark Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Weaver wrote: > > You mean you learned "nothing" about iptables and how to use them during > that time using SNF? > It was a learning experience. I stand corrected... - -- KevinO Matz's Law: A conclusion is the place where you got tired of thinking. -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE97wECjBS1mMJB+bQRAiOrAJ9dWgD9NUfyaFW9uhhkfQNuB7mgPACfcRfA Bl+T7glcmI4goSXUyJJuepI= =hfy1 -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
On Wednesday 04 December 2002 06:04 pm, James Sparenberg wrote: > On Wed, 2002-12-04 at 15:41, Mark Weaver wrote: > > KevinO wrote: > > > > > > I ran (fought with, suffered with) SNF for several months. Now we use > > > Smoothwall. (IPCop should be similar) > > > Well I must say I did the same about a year ago. Gave up. Then I got hacked and decided to give it another go. Same exact trouble. It would hang on reboot at eth1 (outside interface) Every time. I rebuilt it 4 times and each time same thing. I decided to research some more. I found on the mandrake security list serve. Snort was trying to bring the nic up in promiscous mode. Once I figured out a way around this, I was able to get it working. Some VERy nice features in it. Buggy, yes. It is a wonderful way (once up) to play with snort, snortsnarf, and it has some wonderful web based monitoring tools. > > > My suggestion: Use smoothwall or something similar. Don't bother with > > > SNF. > > > > > > Sorry Mandrake. I like your distributions and I support you > > > financially. > > > > > > But, SNF was a terrible product. Slow, wouldn't forward UDP (despite > > > allowing you to configure that in without any warnings or complaints.), > > > and too big of a distribution for a firewall. > > > > > > > > > SNF > 300MB download > > > > > > Smoothwall < 30MB download (and it does pretty much everything SNF > > > claims it will) Easier to use/figure out web interface too. > > > > > > I consider the time I spent with SNF to have been a total waste. > > > > > > > > > > > > KevinO > > > > > > James Sparenberg wrote: > > > > You mean you learned "nothing" about iptables and how to use them during > > that time using SNF? > > > > Mark > > No SNF is the 2.2 kernel and uses ipchains. > > > > > > > > > Want to buy your Pack or Services from MandrakeSoft? > > Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
On Wed, 2002-12-04 at 15:41, Mark Weaver wrote: > KevinO wrote: > > > > I ran (fought with, suffered with) SNF for several months. Now we use > > Smoothwall. (IPCop should be similar) > > > > My suggestion: Use smoothwall or something similar. Don't bother with SNF. > > > > Sorry Mandrake. I like your distributions and I support you financially. > > > > But, SNF was a terrible product. Slow, wouldn't forward UDP (despite allowing > > you to configure that in without any warnings or complaints.), and too big of > > a distribution for a firewall. > > > > > > SNF > 300MB download > > > > Smoothwall < 30MB download (and it does pretty much everything SNF claims it > > will) Easier to use/figure out web interface too. > > > > I consider the time I spent with SNF to have been a total waste. > > > > > > > > KevinO > > > > James Sparenberg wrote: > > You mean you learned "nothing" about iptables and how to use them during > that time using SNF? > > Mark No SNF is the 2.2 kernel and uses ipchains. > > > > > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
KevinO wrote: I ran (fought with, suffered with) SNF for several months. Now we use Smoothwall. (IPCop should be similar) My suggestion: Use smoothwall or something similar. Don't bother with SNF. Sorry Mandrake. I like your distributions and I support you financially. But, SNF was a terrible product. Slow, wouldn't forward UDP (despite allowing you to configure that in without any warnings or complaints.), and too big of a distribution for a firewall. SNF > 300MB download Smoothwall < 30MB download (and it does pretty much everything SNF claims it will) Easier to use/figure out web interface too. I consider the time I spent with SNF to have been a total waste. KevinO James Sparenberg wrote: You mean you learned "nothing" about iptables and how to use them during that time using SNF? Mark Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
I have to laugh... I came from smoothwall because of the problems of the inability to modify it to suite my needs. ... *sigh* Yes you are right about Mandrake/RH/SuSe having monster solutions. James On Thu, 2002-11-28 at 11:01, KevinO wrote: > > I ran (fought with, suffered with) SNF for several months. Now we use > Smoothwall. (IPCop should be similar) > > My suggestion: Use smoothwall or something similar. Don't bother with SNF. > > Sorry Mandrake. I like your distributions and I support you financially. > > But, SNF was a terrible product. Slow, wouldn't forward UDP (despite allowing > you to configure that in without any warnings or complaints.), and too big of > a distribution for a firewall. > > > SNF > 300MB download > > Smoothwall < 30MB download (and it does pretty much everything SNF claims it > will) Easier to use/figure out web interface too. > > I consider the time I spent with SNF to have been a total waste. > > > > KevinO > > James Sparenberg wrote: > > OK, > > I've got SNF running on my firewall now comes the problem... How > > do I update it? The update directories on the mirrors don't have > > hdlist.cz so urpmi is out. The web pages insist that I'm not connected > > (note if I wasn't connected the laptop I'm on wouldn't be sending this > > e-mail) so I can't use them. SNF has no graphical interface so > > MandrakeUpdate is out of the question. All in all it really looks like > > it should be a nice product. Other than being slow as heck (speaking of > > the web pages.) What it really wants is for me to admit that my cable > > modem is my lan and my lan is the internet. (the web pages insist on > > swapping eth1 and eth0 > > > > Basically .. I really would like to know another way to update this > > box short of reading the file list in the updates directory and > > comparing it to the version installed and downloading and running rpm > > one file at a time. > > > > James > > > > > > > > > > > > > > > > Want to buy your Pack or Services from MandrakeSoft? > > Go to http://www.mandrakestore.com > Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Updating SNF
I ran (fought with, suffered with) SNF for several months. Now we use Smoothwall. (IPCop should be similar) My suggestion: Use smoothwall or something similar. Don't bother with SNF. Sorry Mandrake. I like your distributions and I support you financially. But, SNF was a terrible product. Slow, wouldn't forward UDP (despite allowing you to configure that in without any warnings or complaints.), and too big of a distribution for a firewall. SNF > 300MB download Smoothwall < 30MB download (and it does pretty much everything SNF claims it will) Easier to use/figure out web interface too. I consider the time I spent with SNF to have been a total waste. KevinO James Sparenberg wrote: > OK, > I've got SNF running on my firewall now comes the problem... How > do I update it? The update directories on the mirrors don't have > hdlist.cz so urpmi is out. The web pages insist that I'm not connected > (note if I wasn't connected the laptop I'm on wouldn't be sending this > e-mail) so I can't use them. SNF has no graphical interface so > MandrakeUpdate is out of the question. All in all it really looks like > it should be a nice product. Other than being slow as heck (speaking of > the web pages.) What it really wants is for me to admit that my cable > modem is my lan and my lan is the internet. (the web pages insist on > swapping eth1 and eth0 > > Basically .. I really would like to know another way to update this > box short of reading the file list in the updates directory and > comparing it to the version installed and downloading and running rpm > one file at a time. > > James > > > > > > > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- KevinO Matz's Law: A conclusion is the place where you got tired of thinking. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Updating SNF
OK, I've got SNF running on my firewall now comes the problem... How do I update it? The update directories on the mirrors don't have hdlist.cz so urpmi is out. The web pages insist that I'm not connected (note if I wasn't connected the laptop I'm on wouldn't be sending this e-mail) so I can't use them. SNF has no graphical interface so MandrakeUpdate is out of the question. All in all it really looks like it should be a nice product. Other than being slow as heck (speaking of the web pages.) What it really wants is for me to admit that my cable modem is my lan and my lan is the internet. (the web pages insist on swapping eth1 and eth0 Basically .. I really would like to know another way to update this box short of reading the file list in the updates directory and comparing it to the version installed and downloading and running rpm one file at a time. James Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
