[gentoo-user] DOS SPT=53 DPT=53.
I have an intermitten problem, and I'm not sure if I have something misconfigured, or if someone or program is performing a dos on my address. I run named internally on my LAN. For the most part this appears to be working correctly then every now and then I can't browse the web, but other (irc) connections seem fine. In looking at my logs I see incomming new packets, from source port 53 going to port 53. The seems to prevent my named server from looking up addresses. The address from where it comes is different, but the hardware address appears to be the same. Any insight would bew greatly appreciated. The following is a sample of the logs. I can provide more if necessary. 64.125.133.202 DST=192.168.1.4 LEN=48 TOS=0x00 PREC=0x00 TTL=50 ID=35765 DF PROTO=TCP SPT=65326 DPT=25 WINDOW=24820 RES=0x00 SYN URGP=0 Nov 11 23:29:36 www INPUT(EST) IN=eth0 OUT= MAC=00:b0:d0:20:36:90:00:a0:c5:55:8f:ba:08:00 SRC=64.125.133.202 DST=192.168.1.4 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=35766 DF PROTO=TCP SPT=65326 DPT=25 WINDOW=25200 RES=0x00 ACK URGP=0 Nov 11 23:29:37 www INPUT(NEW) IN=eth0 OUT= MAC=00:b0:d0:20:36:90:00:a0:c5:55:8f:ba:08:00 SRC=192.5.5.241 DST=192.168.1.4 LEN=223 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=53 DPT=53 LEN=203 Nov 11 23:29:41 www INPUT(NEW) IN=eth0 OUT= MAC=00:b0:d0:20:36:90:00:a0:c5:55:8f:ba:08:00 SRC=128.9.0.107 DST=192.168.1.4 LEN=223 TOS=0x00 PREC=0x00 TTL=46 ID=0 DF PROTO=UDP SPT=53 DPT=53 LEN=203 Nov 11 23:29:45 www INPUT(NEW) IN=eth0 OUT= MAC=00:b0:d0:20:36:90:00:a0:c5:55:8f:ba:08:00 SRC=128.8.10.90 DST=192.168.1.4 LEN=223 TOS=0x00 PREC=0x00 TTL=49 ID=21860 PROTO=UDP SPT=53 DPT=53 LEN=203 Nov 11 23:29:49 www INPUT(NEW) IN=eth0 OUT= MAC=00:b0:d0:20:36:90:00:a0:c5:55:8f:ba:08:00 SRC=192.203.230.10 DST=192.168.1.4 LEN=223 TOS=0x00 PREC=0x00 TTL=53 ID=25536 PROTO=UDP SPT=53 DPT=53 LEN=203 Nov 11 23:29:53 www INPUT(NEW) IN=eth0 OUT= MAC=00:b0:d0:20:36:90:00:a0:c5:55:8f:ba:08:00 SRC=192.58.128.30 DST=192.168.1.4 LEN=470 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF PROTO=UDP SPT=53 DPT=53 LEN=450 Nov 11 23:29:57 www INPUT(NEW) IN=eth0 OUT= MAC=00:b0:d0:20:36:90:00:a0:c5:55:8f:ba:08:00 SRC=198.32.64.12 DST=192.168.1.4 LEN=223 TOS=0x00 PREC=0x00 TTL=43 ID=0 DF PROTO=UDP SPT=53 DPT=53 LEN=203 Thanks, Mojo -- [EMAIL PROTECTED] mailing list
[gentoo-user] Apache and php
I did an update -pu system; update -pu world. I managed to miss my apache conf file in etc-update:-( so I over wrote my old config) This didn't appear to be a big deal as it just moved the www root. Well then I noticed that my index.php didn't work, so I may have done an emerge mod_php. At anyrate I got php working, but alas my index.php doesn't work as a index file ie load automatically when you point at the ip. It does work if you specifically call it, which is confusing. my DirectoryIndex does include index.php for now I have fixed it by making an index.html explicitly redirect to index.php. Which I can live with this, just wondering what happened. Any help would be greatly appreciated, Mojo PS on that note, I never can rember which conf files I can update and which ones will hose me. It would be nice if there was a backup (maybe there is and I don't know about it) feature so that you could upgrade all and then when you discovered something a miss recover that config, or atleast compare notes. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Apache and php
Dennis == Dennis Freise [EMAIL PROTECTED] writes: On Wed, 05 Nov 2003 15:09:49 +0100 Redeeman [EMAIL PROTECTED] wrote: after upgrade of apache i had problems too, the documentroot simply HAVE to be in /var/www, i have excatly the same files, exactly same permissions/owner in both dir, when i use /var/www it works, /home/httpd it doesent, really weird Change all references to '/home/httpd' in /etc/apache2/conf/commonapache2.conf to '/var/www'. Then it'll work :) You should try to get your docroot beneath /var/www, because that's becoming something like a standard location and will be heavily refered to by the new virtualhost stuff coming up :) Thanks -- [EMAIL PROTECTED] mailing list
[gentoo-user] portage issues
I don't know if this is the right forum, if not please could some one direct me on where to post this stuff. my problems: On one host digest doesn't come out right I have removed the offending files several times and it still doesn't come out corret. mymachine root # emerge -u world Calculating world dependencies ...done! emerge (1 of 110) media-video/mplayer-0.92 to / Downloading http://gentoo.oregonstate.edu/distfiles/MPlayer-0.92.tar.bz2 --10:35:34-- http://gentoo.oregonstate.edu/distfiles/MPlayer-0.92.tar.bz2 = `/usr/portage/distfiles/MPlayer-0.92.tar.bz2' Resolving gentoo.oregonstate.edu... done. Connecting to gentoo.oregonstate.edu[128.193.0.3]:80... connected. HTTP request sent, awaiting response... 200 OK Length: 3,466,985 [application/x-tar] 100%[==] 3,466,985 92.45K/s ETA 00:00 10:36:11 (92.45 KB/s) - `/usr/portage/distfiles/MPlayer-0.92.tar.bz2' saved [3466985/3466985] md5 src_uri ;-) MPlayer-0.92.tar.bz2 !!! File is corrupt or incomplete. (Digests do not match) our recorded digest: 1ecd31d17b51f16332b1fcc7da36b312 your file's digest: 6c3f032ddf401ca522900291de03fee5 !!! File does not exist: /usr/portage/distfiles//font-arial-iso-8859-1.tar.bz2 On another host I get dispite having successful emerge opengl:-( checking OpenGL... no checking Mesa... no checking Mesa with pthreads... no configure: error: You need GL or MesaGL libraries !!! ERROR: x11-libs/gtkglarea-1.99.0 failed. !!! Function econf, Line 338, Exitcode 1 !!! econf failed Thanks in advance, Mojo -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] portage issues
Dhruba == Dhruba Bandopadhyay [EMAIL PROTECTED] writes: Mojo B. Nichols wrote: !!! File is corrupt or incomplete. (Digests do not match) our recorded digest: 1ecd31d17b51f16332b1fcc7da36b312 your file's digest: 6c3f032ddf401ca522900291de03fee5 !!! File does not exist: /usr/portage/distfiles//font-arial-iso-8859-1.tar.bz2 I just removed this file from SCR_URI in the ebuild. You can always re-emerge when problem is fixed in ebuild. Thanks that worked. configure: error: You need GL or MesaGL libraries !!! ERROR: x11-libs/gtkglarea-1.99.0 failed. !!! Function econf, Line 338, Exitcode 1 !!! econf failed $ opengl-update xfree $ emerge nvidia-glx (if using nvidia) $ opengl-update nvidia (if you are using nvidia) $ env-update source /etc/profile Hmm I use nvidia, but I just did an opengl-update nvidia (per Jasons message and many thanks Jason) and that got my emerge -u world rolling again. Is there some reason to perform the opengl-update xfree, emerge nvidia-glx ... that you described? (other reasons like it actually will use the opengl libs etc,) Thanks again, Mojo -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] portage issues
One more issue, now trying to to install libquicktime... seems to be related to opengl. Thanks in advance for any help. usr/lib/libGL.so: undefined reference to `__nvsym12135' /usr/lib/libGL.so: undefined reference to `__nvsym12316' collect2: ld returned 1 exit status make[3]: *** [lqtplay] Error 1 make[3]: Leaving directory `/var/tmp/portage/libquicktime-0.9.2_pre1/work/libquicktime-0.9.2pre1/utils' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/var/tmp/portage/libquicktime-0.9.2_pre1/work/libquicktime-0.9.2pre1/utils' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/tmp/portage/libquicktime-0.9.2_pre1/work/libquicktime-0.9.2pre1' make: *** [all] Error 2 !!! ERROR: media-libs/libquicktime-0.9.2_pre1 failed. !!! Function src_compile, Line 59, Exitcode 2 !!! (no error message) Mojo -- [EMAIL PROTECTED] mailing list
[gentoo-user] Nautilus
Nautilus 2.2.4 doesn't let you specify which applications open what. However, 2.2.3 does:-( is there any way easily emerge old portages? thanks, mojo -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Idiots guide to NAT and DHCP
Adam == Adam Mercer [EMAIL PROTECTED] writes: On Mon, Sep 22, 2003 at 09:43:37AM +0900, Jason Stubbs wrote: Well I've followed the NAT HOWTO and I still can't get it working. I have managed to get a DHCP server running, it gives an IP address out in the range 10.0.0.0 to 10.0.0.100 - this works. I've attached my firewall script, one thing I've noticed is that firewall status doesn't say anything regarding NAT when looking at the script it should? skymoo root # /etc/init.d/firewall status * status: started skymoo root # Also iptables -L shows nothing regarding NAT iptables -L -t nat but you proabably know that by now. skymoo root # iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ssh LOG all -- anywhere anywhere LOG level warning prefix `FIREWALL:INPUT ' Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere skymoo root # Any pointers would be appreciated. I'm not sure I know what your problem is, but this may help. # basic nat on extrenal device. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE This should get your nating working. I highly recommend using LOG to determine and trouble shoot what is going on in your firewall. If you have a rule that you don't know what it is doing copy the rule and replace the -J ACCEPT (whatever) with -j LOG --prefix TESTING RULE 3 in the first copy of the rule, or even comment out the old one until LOG is LOGING the rule you want. happy natting, Mojo -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Firewall on Cd
Patrick == Patrick Marquetecken [EMAIL PROTECTED] writes: Hi, Is it a good idee to setup a firewall witch runs from a CD, just for security reasons? Yes, and you can even do it with a floppy disk. google on floppy firewall. The advantages are easily recovered, read only media. You can send you logs to an internal device for analysis. Creating a small base system with iptables and then put it on a cd and boot the 'real firewall' Patrick -- You're dead, Jim. ... McCoy, Amok Time, stardate 3372.7.. PGP Key: http://users.pandora.be/rivendell/marquetp.gpg Fingerprint = 2792 057F C445 9486 F932 3AEA D3A3 1B0C 1059 273B ICQ# 316932703 Registered Linux User #44550 http://counter.li.org -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] iptables config file
On boot iptables script in /etc/runlenvels/boot/iptables complains about iptables-restore. I know that /var/lib/iptables/rules-save should exist, but what to put int that file? Thanx. :o) I think you simply touch that file. it will stop complaining. and then if type: /etc/init.d/iptables save it will save your current rules. iptables -L will list your current rules. and then you can add rules. to keep bad guys out. I bet the gentoo security document has a good basic start, but also www.netfilter.org is a good resource. Meka[ni] -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] iptables config file
sorry about losing the citation:-( Mojo == Mojo B Nichols [EMAIL PROTECTED] writes: On boot iptables script in /etc/runlenvels/boot/iptables complains about iptables-restore. I know that /var/lib/iptables/rules-save should exist, but what to put int that file? Thanx. :o) I think you simply touch that file. it will stop complaining. and then if type: /etc/init.d/iptables save it will save your current rules. iptables -L will list your current rules. and then you can add rules. to keep bad guys out. I bet the gentoo security document has a good basic start, but also www.netfilter.org is a good resource. Meka[ni] -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Happy am i
Jason == Jason Cooper [EMAIL PROTECTED] writes: I just received approval from my company's IT department to go ahead and wipe XP off of my work laptop. :v I've had a RedHat derivative (Vermillion) on half of it for six months, and have never used windows on it. I kept running out of space at work and my Gentoo system at home is spoiling me by working so well and all. I think it's time to buy some beer and do another Gentoo install this weekend... No questions or anything, just though folks would like to know of another corporate (engineering house) foothold for Linux and Gentoo. Cooper. Congrats. -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
