lug-bg: Slackware 9.0 is here
Slackware 9.0 . (unixsol.org ) Release notes: http://mirrors.unixsol.org/slackware/slackware-9.0/ANNOUNCE.9_0 ChangeLog: http://mirrors.unixsol.org/slackware/slackware-9.0/ChangeLog.txt Full distro (without sources): http://mirrors.unixsol.org/slackware/slackware-9.0/ Unofficial ISOs: http://mirrors.unixsol.org/slackware/slackware-9.0-iso-unofficial/ Slackware.com's GPG key: http://www.slackware.com/gpg-key Enjoy! = : http://georgi.unixsol.org/programs/slackcheck/ / -- Georgi Chorbadzhiyski http://georgi.unixsol.org/ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Cyrus + postfix
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tuesday 18 March 2003 22:10, Peter An. Zyumbilev wrote: spored teb ako sam tragnal da puskam mail server niama li pone s init.d da sam naiasno :):):):):) Pozdravi, BIVOL An optimist is a guy that has never had much experience. -- Don Marquis Naposleduk svetut e pulen sus 'specialisti', chovekut prosto se e zastrahoval :) - -- Take care Boris Jordanov (borj) [EMAIL PROTECTED] ICQ 10751645 PGP-key-fingerprint:-- CB23 8B52 5FBC F36A 1B61 F1ED 2831 E52D AAFF 7B08 - -- Public-key:--- http://borj.freeshell.org/borj.asc - -- To err is human... to really foul up requires the root password. -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+eC88KDHlLar/ewgRAp4lAKCMYv5eOl+i03409woT5gXy9QW+dgCfQYke oAeVzrv0kddCB9cPBgcgMmk= =WIu1 -END PGP SIGNATURE- A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
lug-bg: OpenPGP Keyserver Problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Zdraveite, Vchera, pri opit da exportirame certificate sydyrzhasht 4096 baziran signing key (RSA), az i Georgi Danchev se natyknahme na edin mnogo stranen problem. Postavianeto na certificate na servera proticha normalno, no sled tova servera ne pokazva korektno nito user-id shestnadesetichnia nomer, nito fingerprinta. Efekta e povtorim, t.e. nabliudava se na razlichni key-serveri, koito rabotiat s razlichen software za obsluzhvane na certifikatite. Ot druga strana, ako certifikata se importira v localnia keyring na gnupg, to vsichko e nared, t.e. vizhda se pravilnia shestnadesetichen nomer na signink key i pravilnia fingerprint. Interesen e sledniat efect. Ako keyserver se pretursva za key prez interface-a na PGP za Windows, tozi efekt ne se nabliudava. Iavno samo web-interface-a na key-serverite dava greshkata. Da znae niakoi ot vas dali tova e byg na serverskia software v chastta mu za pokazvane na danni za certificate-a ili prosto oshte ne e napraven web- interface za poddryzhka na predelni po dylzhina kliuchove. Ako ne, shte pisha i na MIT i na Veridan, da opraviat web-interface-a. Pozdravi Vesselin Kolev -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+eDK7+48lZPXaa+MRAooyAKD1gmcxgk9MMShaUPEQxWiPQtNSQQCgzljr kGtn6wItrpiiPNTa0H542rg= =QGMz -END PGP SIGNATURE- A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
lug-bg: neshto interesno
http://open.bsdcow.net/articles/woman-OpenBSD.htm.en Regards: Romeo Ninov A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
lug-bg: filtrirane na po6ta do user
Privet grupa . Interesuva me kak moga da naprava filtrirane na po6tata do opredelen user. Kato iskam primerno vsichki drugi da mogat da poluchavat mails ot tozi domain a samo opredelen da ne moze. i vtori variant: user1 vaob6te da ne poluchava po6ta ... kato estestveno otpada varianta s iztrivane na akaunta. Polzvam sendmail.8.12.8 kompiliran s podrazka na accessdb Mersi predvaritelno. - http://kino.GBG.bg - A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
RE: lug-bg: htb, cbq, wrr, red, gred, csz, wfq, hfsc, blue, etc.
V momenta polzvame chisto htb s okolo 520 klasa (v ednata posoka, i oshte tolkova v drugata) za ogranichenie i balansirane na trafik ot internet/peering kym vseki otdelen kabelen user i obratno. I obshti limiti za nqkoi grupi clasove. Moga da kaja che raboti vpechatlqvashto (v sravnenie s drugite resheniq pod linux, koito si imaha syotvetnite problemi). Drugite neshta koito probvahme bqha: CBQ chisto, samo obshtite klasove - raboti, propuska s nqkolko procenta poveche ot kolkoto moje da se ochakva. CBQ samo za obshtite klasove + SFQ na kraq - raboti, syshto kato gornoto CBQ za obshtite klasove + WRR za otdelnite potrebiteli (samo chestno razpredelenie, bez ogranichenie) - raboti syshto kato gornoto HTB za obshtite klasove + WRR za otdelnite potrebiteli (samo razpredelenie, bez ogranichenie) - raboti, no e znachitelno po-tochno HTB za obshtite klasove + WRR za chestno razpredelenite mejdu otdelnte useri + TBF za limit na otdelnite useri - raboti izvestno vreme i zabackva, zabravq da obslujva opashkite na otdelni potrebiteli. stoqh i gledah kak edna konkretna opashka si stoeshe na fixiran broj paketi (okolo 100) v prodyljenie na okolo minuta. HTB ot kraj do kraj (obshti klasove, chestno razpredelenie, ogranichenie per user) - prosto raboti vsichko koeto iskame ot nego. s HTB-to s mnogoto klasove i filtri imahme efekta che kernela se panirashe. zaobikolihme go kato postavihme 100ms sleep mejdu operaciite. predpolagame che e nqkakyv locking problem v kernela. Na predishnata (po-slaba) mashina imah efekta che ako pusna tc utilkata i gledam ogromniq i izhod prez less kernela neminuemo zabivashe sled izvestno vreme (naj-veroqtno poradi tova che drugo tc se puska ot vreme na vreme da sybira statistiki w rrd-ta) BR, Boyan -Original Message- From: Nickola Kolev [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 18, 2003 11:22 PM To: [EMAIL PROTECTED] Subject: lug-bg: htb, cbq, wrr, red, gred, csz, wfq, hfsc, blue, etc. Hola, grupa, Interesuvam se ot vasheto mnenie i opit, svyrzani s realni prilojeniq na spomenatite v %subj queueing/scheduling disciplini/algoritmi. Nqkoi ot tqh gi nqma portnati za GNU/Linux, no pri vse tova me interesuvat. Ako obichate, postaraite se da se vyzdyrjate ot zastypnichestvo za tova ili onova. Samo pure facts (po vyzmojnost)... success stories syshto vyrshat rabota. Blagodarq vi predvaritelno. -- _ , A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: filtrirane na po6ta do user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday 19 Mar 2003 11:57, Niki Nick wrote: Privet grupa . Interesuva me kak moga da naprava filtrirane na po6tata do opredelen user. Kato iskam primerno vsichki drugi da mogat da poluchavat mails ot tozi domain a samo opredelen da ne moze. i vtori variant: user1 vaob6te da ne poluchava po6ta ... kato estestveno otpada varianta s iztrivane na akaunta. Polzvam sendmail.8.12.8 kompiliran s podrazka na accessdb Pyrvoto stava kato syzdadesh LDAP bazirani filtri. Tova obache e malko slozhna procedura i e izvyn kompetenciite na MTA (po princip) T.e. tova ne e predmet na mehanizma na rabota na access_db. Filosofiata za tova mai sym ia obesniaval, no ne moga da si nameria thread-a... Ako ne moga da go otkria i se setia za lesno reshnenie... shte ti pisha na lichnia mail. Ako go haresash, shte go postna v lug-bg. Vtoroto mozhe da stane mnogo lesno, kato badlocaluser ERROR:550 Mailbox disabled for this username Pozdravi Vesselin Kolev -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+eEk++48lZPXaa+MRAlR8AKCzsh38BwexIqkegR6yw22/KpMdPACcC8R4 rrFlKgCdtHi7NVmQUtpnAPQ= =4EX4 -END PGP SIGNATURE- A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: filtrirane na po6ta do user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday 19 Mar 2003 11:57, Niki Nick wrote: Vsashnost... LDAP se polzva samo ako iskash da dadesh prava na klientite si da zabraniavat dostypa do svoia adres ot strana na sender ot daden domain. Sled kato osmislih vtoria ti vypros:) reshih, che vsashnost TI iskash da zabranish tova... :)) Prav sym, nali? Ako ti si administrator niama problemi da napravish tova. Neka si predstavim, che iskash da spresh vhodiashtata poshta izpratena ot [EMAIL PROTECTED] do [EMAIL PROTECTED] Vlez vyv faila /etc/mail/access i napishi slednoto: From:[EMAIL PROTECTED] To:[EMAIL PROTECTED] REJECT Posle sledva hashirane: makemap hash access.db access i si gotov... NO! Samo s access_db niama kak da pozvolish na vseki user da si regulira poltikata na priemana ili othvyrliane na pisma... Tam se zarovi dylboko v LDAP i procmail.. cheti i ako si uporit shte go napravish. Pozdravi i dano sym ti pomognal! Vesselin Kolev Privet grupa . Interesuva me kak moga da naprava filtrirane na po6tata do opredelen user. Kato iskam primerno vsichki drugi da mogat da poluchavat mails ot tozi domain a samo opredelen da ne moze. i vtori variant: user1 vaob6te da ne poluchava po6ta ... kato estestveno otpada varianta s iztrivane na akaunta. Polzvam sendmail.8.12.8 kompiliran s podrazka na accessdb Mersi predvaritelno. - http://kino.GBG.bg - === = A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html === = -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD4DBQE+eEwl+48lZPXaa+MRAtOhAKCklfWfR6rtrmEr5lbpsooYTXfwfgCXTOnO t8dDnhBzy8xEq9/3Qwcxqw== =1HvY -END PGP SIGNATURE- A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Slackware 9.0 is here
- slackwar-, mirror - netel.bg, mirror slackwar . - Original Message - From: Georgi Chorbadzhiyski [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, March 19, 2003 10:35 AM Subject: lug-bg: Slackware 9.0 is here Slackware 9.0 . (unixsol.org ) Release notes: http://mirrors.unixsol.org/slackware/slackware-9.0/ANNOUNCE.9_0 ChangeLog: http://mirrors.unixsol.org/slackware/slackware-9.0/ChangeLog.txt Full distro (without sources): http://mirrors.unixsol.org/slackware/slackware-9.0/ Unofficial ISOs: http://mirrors.unixsol.org/slackware/slackware-9.0-iso-unofficial/ Slackware.com's GPG key: http://www.slackware.com/gpg-key Enjoy! = : http://georgi.unixsol.org/programs/slackcheck/ / -- Georgi Chorbadzhiyski http://georgi.unixsol.org/ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: htb, cbq, wrr, red, gred, csz, wfq, hfsc, blue, etc.
s HTB-to s mnogoto klasove i filtri imahme efekta che kernela se ?panirashe. zaobikolihme go kato postavihme 100ms sleep mejdu operaciite. predpolagame che e nqkakyv locking problem v kernela. Na predishnata (po-slaba) mashina imah efekta che ako pusna tc utilkata i gledam ogromniq i izhod prez less kernela neminuemo zabivashe sled izvestno vreme (naj-veroqtno poradi tova che drugo tc se puska ot vreme na vreme da sybira statistiki w rrd-ta) kakuv message po-to4no ti dava kato zabie ili predi tova? Boyan Krosnov writes: V momenta polzvame chisto htb s okolo 520 klasa (v ednata posoka, i oshte tolkova v drugata) za ogranichenie i balansirane na trafik ot internet/peering kym vseki otdelen kabelen user i obratno. I obshti limiti za nqkoi grupi clasove. Moga da kaja che raboti vpechatlqvashto (v sravnenie s drugite resheniq pod linux, koito si imaha syotvetnite problemi). Drugite neshta koito probvahme bqha: CBQ chisto, samo obshtite klasove - raboti, propuska s nqkolko procenta poveche ot kolkoto moje da se ochakva. CBQ samo za obshtite klasove + SFQ na kraq - raboti, syshto kato gornoto CBQ za obshtite klasove + WRR za otdelnite potrebiteli (samo chestno razpredelenie, bez ogranichenie) - raboti syshto kato gornoto HTB za obshtite klasove + WRR za otdelnite potrebiteli (samo razpredelenie, bez ogranichenie) - raboti, no e znachitelno po-tochno HTB za obshtite klasove + WRR za chestno razpredelenite mejdu otdelnte useri + TBF za limit na otdelnite useri - raboti izvestno vreme i zabackva, zabravq da obslujva opashkite na otdelni potrebiteli. stoqh i gledah kak edna konkretna opashka si stoeshe na fixiran broj paketi (okolo 100) v prodyljenie na okolo minuta. HTB ot kraj do kraj (obshti klasove, chestno razpredelenie, ogranichenie per user) - prosto raboti vsichko koeto iskame ot nego. s HTB-to s mnogoto klasove i filtri imahme efekta che kernela se panirashe. zaobikolihme go kato postavihme 100ms sleep mejdu operaciite. predpolagame che e nqkakyv locking problem v kernela. Na predishnata (po-slaba) mashina imah efekta che ako pusna tc utilkata i gledam ogromniq i izhod prez less kernela neminuemo zabivashe sled izvestno vreme (naj-veroqtno poradi tova che drugo tc se puska ot vreme na vreme da sybira statistiki w rrd-ta) BR, Boyan -Original Message- From: Nickola Kolev [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 18, 2003 11:22 PM To: [EMAIL PROTECTED] Subject: lug-bg: htb, cbq, wrr, red, gred, csz, wfq, hfsc, blue, etc. Hola, grupa, Interesuvam se ot vasheto mnenie i opit, svyrzani s realni prilojeniq na spomenatite v %subj queueing/scheduling disciplini/algoritmi. Nqkoi ot tqh gi nqma portnati za GNU/Linux, no pri vse tova me interesuvat. Ako obichate, postaraite se da se vyzdyrjate ot zastypnichestvo za tova ili onova. Samo pure facts (po vyzmojnost)... success stories syshto vyrshat rabota. Blagodarq vi predvaritelno. -- _ ðÏÚÄÒÁ×É, îÉËÏÌÁ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html Svetlana Pesheva System Administrator VMT Design contact: 098/254246 #48332919 A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
RE: lug-bg: htb, cbq, wrr, red, gred, csz, wfq, hfsc, blue, etc.
panicva se kernela, bez utilkata da se uspee da izpljue neshto drugoto syobshtenie za quantum tvyrde malyk ili quantum tvyrde golqm se opravq lesno kato si setvash rychno proporcionalni quantumi ili prosto setnesh r2q na podhodqshta stojnost. quantum trqbva da e po-golqm ot mtu-to na interfeisa za da mogat po-golemite paketi da preskachat v 2.4.20 htb-to e mergenato s pusnat debugging i trqbva da mu se spre ot edin define v nego inache logva naistina mnogo zabravih da obyrna vnimanie na naj-chestata greshka koqto horata pravqt s tc-to: bps e BYTES per second kbps e 1024 BYTES per second mbps e 1024*1024 BYTES per second kbit e 1024 bits per second mbit e 1024*1024 bits per second t.e. realnite 128 kilobita (koito sa 128000 bits/s) ne se okazvat s 128kbit (kakto bi ochakval chovek) a kato 125Kbit ili kato 16000bps. BR, Boyan -Original Message- From: svetla [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 19, 2003 2:13 PM To: [EMAIL PROTECTED] Subject: Re: lug-bg: htb, cbq, wrr, red, gred, csz, wfq, hfsc, blue, etc. s HTB-to s mnogoto klasove i filtri imahme efekta che kernela se ?panirashe. zaobikolihme go kato postavihme 100ms sleep mejdu operaciite. predpolagame che e nqkakyv locking problem v kernela. Na predishnata (po-slaba) mashina imah efekta che ako pusna tc utilkata i gledam ogromniq i izhod prez less kernela neminuemo zabivashe sled izvestno vreme (naj-veroqtno poradi tova che drugo tc se puska ot vreme na vreme da sybira statistiki w rrd-ta) kakuv message po-to4no ti dava kato zabie ili predi tova? Boyan Krosnov writes: V momenta polzvame chisto htb s okolo 520 klasa (v ednata posoka, i oshte tolkova v drugata) za ogranichenie i balansirane na trafik ot internet/peering kym vseki otdelen kabelen user i obratno. I obshti limiti za nqkoi grupi clasove. Moga da kaja che raboti vpechatlqvashto (v sravnenie s drugite resheniq pod linux, koito si imaha syotvetnite problemi). Drugite neshta koito probvahme bqha: CBQ chisto, samo obshtite klasove - raboti, propuska s nqkolko procenta poveche ot kolkoto moje da se ochakva. CBQ samo za obshtite klasove + SFQ na kraq - raboti, syshto kato gornoto CBQ za obshtite klasove + WRR za otdelnite potrebiteli (samo chestno razpredelenie, bez ogranichenie) - raboti syshto kato gornoto HTB za obshtite klasove + WRR za otdelnite potrebiteli (samo razpredelenie, bez ogranichenie) - raboti, no e znachitelno po-tochno HTB za obshtite klasove + WRR za chestno razpredelenite mejdu otdelnte useri + TBF za limit na otdelnite useri - raboti izvestno vreme i zabackva, zabravq da obslujva opashkite na otdelni potrebiteli. stoqh i gledah kak edna konkretna opashka si stoeshe na fixiran broj paketi (okolo 100) v prodyljenie na okolo minuta. HTB ot kraj do kraj (obshti klasove, chestno razpredelenie, ogranichenie per user) - prosto raboti vsichko koeto iskame ot nego. s HTB-to s mnogoto klasove i filtri imahme efekta che kernela se panirashe. zaobikolihme go kato postavihme 100ms sleep mejdu operaciite. predpolagame che e nqkakyv locking problem v kernela. Na predishnata (po-slaba) mashina imah efekta che ako pusna tc utilkata i gledam ogromniq i izhod prez less kernela neminuemo zabivashe sled izvestno vreme (naj-veroqtno poradi tova che drugo tc se puska ot vreme na vreme da sybira statistiki w rrd-ta) BR, Boyan -Original Message- From: Nickola Kolev [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 18, 2003 11:22 PM To: [EMAIL PROTECTED] Subject: lug-bg: htb, cbq, wrr, red, gred, csz, wfq, hfsc, blue, etc. Hola, grupa, Interesuvam se ot vasheto mnenie i opit, svyrzani s realni prilojeniq na spomenatite v %subj queueing/scheduling disciplini/algoritmi. Nqkoi ot tqh gi nqma portnati za GNU/Linux, no pri vse tova me interesuvat. Ako obichate, postaraite se da se vyzdyrjate ot zastypnichestvo za tova ili onova. Samo pure facts (po vyzmojnost)... success stories syshto vyrshat rabota. Blagodarq vi predvaritelno. -- _ ðÏÚÄÒÁ×É, îÉËÏÌÁ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html Svetlana Pesheva System Administrator VMT Design contact: 098/254246 #48332919 A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: filtrirane na po6ta do user
Blagodaria ti Vesselin Kolev :) O6te s parvia mail mi pomogna, za6toto tova mi be6e parvonachalnoto zelanie da zabrania na [EMAIL PROTECTED] da poluchava vhodia6ta po6ta, no da si ima akaunt. Kadeto biah gledal ne sre6nah primer za tova a to e blizko do uma. A za parvia variant mi stana interesno kak 6te stane, da mogat da poluchavat vsichki users mailove ot [EMAIL PROTECTED] osven posochenia. A tova koeto si posochil kato primer mislia re6ava problema. From:[EMAIL PROTECTED] To:[EMAIL PROTECTED] REJECT O6te vednaz ti blagodaria za otzivchivosta. - http://kino.GBG.bg - A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: htb, cbq, wrr, red, gred, csz, wfq, hfsc, blue, etc.
Boyan wrote: V momenta polzvame chisto htb s okolo 520 klasa (v ednata posoka, i oshte tolkova v drugata) za ogranichenie i balansirane na trafik ot internet/peering kym vseki otdelen kabelen user i obratno. I obshti limiti za nqkoi grupi clasove. Moga da kaja che raboti vpechatlqvashto (v sravnenie s drugite resheniq pod linux, koito si imaha syotvetnite problemi). Da, i az polzvam htb - naistina raboti vpechatlqvashto. Imam okolo 1500 klasa, koito garantirat min skorost kakto po grupi, taka i na otdelni useri. s HTB-to s mnogoto klasove i filtri imahme efekta che kernela se panirashe. zaobikolihme go kato postavihme 100ms sleep mejdu operaciite. predpolagame che e nqkakyv locking problem v kernela. Na predishnata (po-slaba) mashina imah efekta che ako pusna tc utilkata i gledam ogromniq i izhod prez less kernela neminuemo zabivashe sled izvestno vreme (naj-veroqtno poradi tova che drugo tc se puska ot vreme na vreme da sybira statistiki w rrd-ta) Interesno, edinstveniq pyt, kogato uspqh da dokaram mashina s htb do kernel panic beshe, kogato rychkah, deto ne trqbvashe. A imenno, vyv versiq 2.0 na htb imashe ogranichenie za dylbochina na clasovete v ierarhiqta 4 (ili 8, ne pomnq veche). Ta pipah kakvoto pipah, i mashinata experience-vashe seriozni, hard lockups. ;))) No inak sys standartnoto htb v qdroto (kakto ver. 2.0, taka i 3.6 i 3.7) ne sym imal takiva problemi. -, pgp0.pgp Description: PGP signature
Re: lug-bg: Slackware 9.0 is here
Bozhan Bozhkov wrote: - slackwar-, mirror - netel.bg, mirror slackwar , :( ... 100Mbit , . -- Georgi Chorbadzhiyski http://georgi.unixsol.org/ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
lug-bg: ADSL to ADSL network
Zdraveite imam dva adsl routera DLINK DSL-504 i iskam da vyrja dve private network prez naeta liniq. nqkoi moje li da mi dade nasoki kakvo gore dolu trqbva da napravq. Nqmam mnogo opit v PPP over ATM ili ETHERNET ili v configuriraneto na podobni ustroistva. Obshto vzeto v dokumentaciqta na routera pishe kak da se vyrja kym ISP no nikyde ne pishe kak da si izgradq i servernata i klientskata chast. A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: OpenPGP Keyserver Problem
On 19 03 2003 11:04, Vesselin Kolev wrote: Zdraveite, Vchera, pri opit da exportirame certificate sydyrzhasht 4096 baziran signing key (RSA), az i Georgi Danchev se natyknahme na edin mnogo stranen problem. Postavianeto na certificate na servera proticha normalno, no sled tova servera ne pokazva korektno nito user-id shestnadesetichnia nomer, nito fingerprinta. Efekta e povtorim, t.e. nabliudava se na razlichni key-serveri, koito rabotiat s razlichen software za obsluzhvane na certifikatite. Molq ako nqkoj e uspql da ka4i i nabludava prez web iface svoq 4096 RSA korektno (HEX No, Finger) da spodelina koi e key server-a ;-) Ako ne, shte pisha i na MIT i na Veridan, da opraviat web-interface-a. Napravo pishi. T.e. po-dobre go napishi ti ;-) -- printk(KERN_EMERG Peace. No flames., panic_timeout); mdelay(panic_timeout*1000); machine_restart(NULL); A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: htb, cbq, wrr, red, gred, csz, wfq, hfsc, blue, etc.
On 19 03 2003 15:06, Nickola Kolev wrote: Boyan wrote: V momenta polzvame chisto htb s okolo 520 klasa (v ednata posoka, i oshte tolkova v drugata) za ogranichenie i balansirane na trafik ot internet/peering kym vseki otdelen kabelen user i obratno. I obshti limiti za nqkoi grupi clasove. Moga da kaja che raboti vpechatlqvashto (v sravnenie s drugite resheniq pod linux, koito si imaha syotvetnite problemi). Da, i az polzvam htb - naistina raboti vpechatlqvashto. Imam okolo 1500 klasa, koito garantirat min skorost kakto po grupi, taka i na otdelni useri. s HTB-to s mnogoto klasove i filtri imahme efekta che kernela se panirashe. zaobikolihme go kato postavihme 100ms sleep mejdu operaciite. predpolagame che e nqkakyv locking problem v kernela. Na predishnata (po-slaba) mashina imah efekta che ako pusna tc utilkata i gledam ogromniq i izhod prez less kernela neminuemo zabivashe sled izvestno vreme (naj-veroqtno poradi tova che drugo tc se puska ot vreme na vreme da sybira statistiki w rrd-ta) Interesno, edinstveniq pyt, kogato uspqh da dokaram mashina s htb do kernel panic beshe, kogato rychkah, deto ne trqbvashe. A imenno, vyv versiq 2.0 na htb imashe ogranichenie za dylbochina na clasovete v ierarhiqta 4 (ili 8, ne pomnq veche). Ta pipah kakvoto pipah, i mashinata experience-vashe seriozni, hard lockups. ;))) . hard lockups kernel hang. corrupted data structures , kernel thread (read/write) shared data structures. shared data structures. , Linuxadvanced locking primitives ( [hard lockpus],[locking] read/write, ;-)...qdisciplines kernel source user space tc () __ in safest way possible user space, tckernel space ( - kernel-data, shared data structures) user space .. tc... flames, htb others hard lockups/hang cases HTB , ...user space workaround, kernel-a... ... , ( ) user/kernel space. , . , flamewar , e.g. kernel's ...;-)... I'm just a Doc. -- printk(KERN_EMERG Peace. No flames., panic_timeout); mdelay(panic_timeout*1000); machine_restart(NULL); A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: TLS + MTA (malko teoria + praktika)
Vapreki tochniat i izcherpatelen otgovor ot strana na V. Kolev iskam da dobavia 2 drebni neshta. On Thu, Mar 13, 2003 at 12:20:25PM +0200, Dancho Mitev wrote: cut Wyzmovno li e da se izpolzwa samopodpisan sertifikat? (pone za testowe? - predpolagam che da). Wyzmovno li e da se izpolzwa syshtiqt sertifikat ot CA kojto se izpolzwa s apache ili trqbwa da se kupuwa otdelen? cut Vapreki che moje da se izpolzva, tai kato certificate ne se izdava za usluga, a za host - triabva uslugite da sa na edin i sasht hostname! T.e. ako imenata sa www.something.com i mail.something.com, a certificate e izdaden za www.something.com, to email clientite shte se jalvat, che certificate ne e validen za mail.something.com. cut Move li poluchatelq da razbere po nqkakyw nachin che mevdu dwata MTA negowoto syobshtenie e bilo ( ili ne e bilo ) transferirano w kriptiran wid s TLS? cut Eto taka izglejda pri qmail: --- cut --- Received: from dave.del.bg (HELO del.bg) ([EMAIL PROTECTED]) by mail.del.bg with RC4-MD5 encrypted SMTP; 19 Mar 2003 10:40:03 - --- cut --- Sas zdrave, -- Theodor MilkovHead Network Administrator Davidov Net Phone: +359 (2) 730158 A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Re: HTB:message in my log
vremenno opravih problema s htb-to kato:
#!/bin/sh
TC=/sbin/tc
#This function takes three params: ip, peering trafic, internat. traffic
limit_user() {
#trafic we send to the users
/usr/local/bin/usleep 10
${TC} class add dev eth0 parent 1: classid 1:$1 htb \
rate ${2}kbps ceil ${2}kbps
/usr/local/bin/usleep 10
${TC} class add dev eth0 parent 1: classid 1:$((256 + $1)) htb \
rate ${3}kbps ceil ${3}kbps
${TC} filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match \
ip dst 212.36.6.$1 match ip tos 0x40 0xff flowid 1:$((256 + $1))
${TC} filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match \
ip dst 212.36.6.$1 match ip tos 0x80 0xff flowid 1:$((256 + $1))
${TC} filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match \
ip dst 212.36.6.$1 flowid 1:$1
#traffic we send to internet
#/usr/local/bin/usleep 10
#${TC} class add dev eth1 parent 1: classid 1:$1 htb \
#rate ${2}kbps ceil ${2}kbps
#${TC} filter add dev eth1 protocol ip parent 1:0 prio 1 u32 \
#match ip src 212.36.6.$1 flowid 1:$1
}
start() {
echo Starting shaper
${TC} qdisc add dev eth0 root handle 1: htb r2q 1 default 255
${TC} class add dev eth0 parent 1: classid 1:255 htb rate 100Mbit ceil
100Mbit
/usr/local/bin/usleep 10
${TC} qdisc add dev eth1 root handle 1: htb default 255
${TC} class add dev eth1 parent 1: classid 1:255 htb rate 4Mbit ceil
4Mbit
/usr/local/bin/usleep 10
for ((i=3; i63; i++))
do
case $i in
2|7|55)
limit_user $i 256 256
;;
3)
limit_user $i 32 32
;;
54)
limit_user $i 4 2
;;
56)
limit_user $i 6 3
;;
*)
limit_user $i 70 70
;;
esac
done
}
stop () {
echo Stoping shaper ...
${TC} qdisc del dev eth0 root handle 1: htb default 255
${TC} qdisc del dev eth1 root handle 1: htb default 255
}
case $1 in
start)
start
;;
stop)
stop
;;
restart)
stop
sleep 1
start
;;
*)
echo $Usage: $0 {start|stop|restart}
esac
unsleep -a! Dano da izdurji..
makar che iznamerih edin pach..purvo shte probvam taka, da vidia kolko shte
izdurji
Pozdravi
SVetla
George Danchev writes:
On 18 03 2003 21:40, Nickola Kolev wrote:
On Tue, 18 Mar 2003 21:14:32 +0200
George Danchev [EMAIL PROTECTED] wrote:
[ cut ]
Íå, òîâà íÿìà ñúâñåì, àìà ñúâñåì íèùî îáùî. Ïúðâî, òîçè ñàéò å ïîñâåòåí
íà íåèçâåñòåí äîñåãà çà ìåí ïðîåêò, îñíîâàí ÂÚÐÕÓ htb (è ìàé cbq)
ïîääðúæêàòà â ÿäðîòî. Âòîðî, êàòåãîðè÷íî òâúðäÿ, ÷å ñúîáùåíèÿòà â
ëîãîâåòå îò òîçè âèä íå ñà ðåçóëòàò îò áúã â ÿäðîòî. Äà íå ãîâîðèì, ÷å
ñòàâà âúïðîñ çà îïðàâåí áúã â shaperd, à íå â êîäà íà sch_htb. Ïðî÷åòè
ïî-ïðåäíèÿ ìè ïîñò.
Íèêîëà, HTB âñå îùå íå å ÷àñò îò stock 2.4 kernel-a. Ñúäåéêè ïî òîâà
êîåòî êàçâà è Àíòîí Òîäîðîâ çà âêëþ÷åíèÿ äåáúã è ìÿòàíåòî íà íÿêàêâè
âúòðåøíè ñúñòîÿíèÿ íà ÿäòîðî â ëîã-à ñè ìèñëÿ ÷å áúäåùèÿ
net/sched/sch_htb.c êîéòî òðåáå äà âëèçà â stock å îùå åêñïåðèìåíòàëåí è
çà òîâà ñåäè îòâúí êàòî ïà÷.
[ cut ]
Ãåîðãè, íå èñêàì äà çàõâàùàìå ïîðåäíèÿ flame war, çàùîòî ìè å îìðúçíàëî îò
íåäîîáÿñíåíè ìèñëè è íåäîîáìèñëåíè îáÿñíåíèÿ. :)
àç ïîíå íå âèæäàì íèêàêâè ïðåòåíöèè çà çàõâàùàíå íà flamewar... ìàé ïðîñòî íå
òðÿáâà äà ñå ïðèêàçà çà ÿäðà çà äà íÿìà íåäîðàçóìåíèÿ ;-) Ê ;-)
 íèêàêúâ ñëó÷àé íå èñêàì äà èçðàçÿâàì íåñúãëàñèå ñ òåá. Ïðîñòî ñå îïèòàõ
äà ïîìîãíà ñ íÿêîëêî äîêóìåíòà, ñëåä ïðî÷èòàíåòî íà êîèòî ìîæå äà ñòàíå
ÿñíî êàê äà áúäå ðåøåí ïðîáëåìà ïîíå îòíîñíî ñúîáùåíèÿòà â ñèñòåìíèÿ
æóðíàë çà ãîëåìèíàòà íà quantum ñòîéíîñòòà â htb. Èìà ñè ãëîáàëíà (çà âñÿêî
åäíî ìðåæîâî óñòðîéñòâî, íà êîåòî å çàêà÷åíî htb) ïðîìåíëèâà, íàðå÷åíà r2q.
Êîéòî ãî èíòåðåñóâà, äà õîäè äà ÷åòå. :)
ÎÊ, ñúãëàñèõ ñå.
Çà sch_htb ñïîìåíàõ ìåæäó äðóãîòî, è êàêòî âèæäàø, íå ñúì íàâëèçàë â
ïîäðîáíîñòè, òúé êàòî íå ñúì kernel õàêåð. :) À ñïîìåíàõ çà íåãî, çàùîòî
àç ñúùî íå ñúì, íî òîâàíå ïðà÷è äà ñå áðàóçâà íàòàì íàñàì ...
Âèêòîð Âàñèëåâ äàäå àäðåñ, íà êîéòî áåøå îïèñàíî íåùî, íÿìàùî íèùî
îáùî ñ ïðîáëåìà, ïîñòíàò îò Ñâåòëà.
å ãîâîðåõìå çà htb â ÿäðîòî ... ìèñëÿ ÷å ñå ðàçáðàõìå ;-) ïðîñòî èñêàõ äà
ïîä÷åðòàÿ ÷å àêî ðàáîòè çà åäíè â äàäåíè óñëîâèÿ è ñèòóàöèÿ òî òîâà íå å
çàäúëæèòåëíî äà ðàáîòè çà äðóãè ... ñòðóâà ìè ñå ÷å ñ tc ñå øàøêà kernel's
htb, íå ñúì ñèãóðåí, íî ñå äàäîõà reports îò 2-3 ìàøèíè (íå âÿðâàì âñè÷êè äà
ñà ñ bad ram, ìîæå è òîâà äà å) ñ åâåíòóàëíî ðåøåíèå sleep seconds ìåæäó tc
èíæåêöèéòå ... ñúãëàñíè ñìå ÷å user space util íå ìîæå (ïî-òî÷íîíå áèâà) äà
ïðèòåñíÿâà ÿäðîòî ïî íèêàêâè íà÷èíè
À, è ìåæäó äðóãîòî, htb å ÷àñò îò îôèöèàëíîòî Linus'êî ÿäðî îò âåðñèÿ
2.4.20. Îò òîâà ïî-stock, çäðàâå ìó êàæè. :)))
ïðàâ ñè ... ãëåäàë ñúì 2.4.19 sources... poor me. Âñå îùå ñè ìèñëÿ ÷å HTB
ìàêàð è ïî-ïðîñò êàòî èìïëåìàíòàèÿ èìàäà ãîíè ïî robustness CBQ íà Êóçíåöîâ.
(èçâèíÿâàì ñå,
Re: lug-bg: TLS + MTA (malko teoria + praktika)
On 13 03 2003 12:04, Todor Belev wrote:
Vsyshnost,
tova koeto men lichno me kasae e ne principnia vypros che trebe da bydat
podpisani ot validno CA - sertifikat moje chovek da si generira sam. Iska
mi se da spedelia opit s hora, koito ne obmeniat mail potoci mejdu MTA, a
komunikaciata mejdu MTA i MUA. Sirech koi Mail klienti vladeiat prasthane
pres TLS kriptirana SMTP sesia, i kak po tochno naprimer v MS Outlook stava
importiraneto na sertifikat, ne podpisan ot CA. Opitite za takova
importirane na sertificat polzvan za secure SMTP na Postfix i MS Outlook
zasega sa neuspeshni. Za razlika ot naprimer sertifikatite za secure POP3 i
secure IMAP, koito se importiraha dosta uspeshno. Ima li niakoi opit s
Kmail, Evolution ili Sylpheed otnosno rabota s TLS MTA.
Tozi vypros e star, no milq 4e ima otgovor za mail klientite KMail,
Mozilla/Netscape (i Sytlpheed-{Claws}ima podobni vyzmozhnosti) v koito mogat
da se import-vat sertificates, dori generirani i ot teb samiq ili nqkoj
friend. Posle ako na MTA-to (s sertificates) mozhe da e ukazano da tretira
klienta na bazatana sertificate-a - verify=ok, then politika, da re4em
RELAY... Vyv vidovete sertificates i tehnite poleta i formati mozhe da se
izgubi 4ovek... myka myka ;-)
Onzi den Vesselin Kolev mi demonstrira tezi dejstviq za mail client/server,
dori mi polse prati instructions, no tezi za clients sa encrypted signed
li4no do men, taka 4e ostavqm na nego da reshi da re-port-ne in public...
--
printk(KERN_EMERG Peace. No flames., panic_timeout);
mdelay(panic_timeout*1000); machine_restart(NULL);
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Re: HTB:message in my log
On 19 03 2003 22:31, svetla wrote: vremenno opravih problema s htb-to kato: 1. da beshe kazal samo promqnata v tvoq script, e.g. de polzvash usleep10. Malko ora ste se zasiliqt da tyrsqt razlikite v predishniq ti i tozi script... unsleep -a! Dano da izdurji.. makar che iznamerih edin pach..purvo shte probvam taka, da vidia kolko shte izdurji 2. URL kym tozi patch ... ne 4e ste go razbereme, prosto da vidime za ko ide re4 ... 10x -- printk(KERN_EMERG Peace. No flames., panic_timeout); mdelay(panic_timeout*1000); machine_restart(NULL); A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Re: HTB:message in my log
On Wed, Mar 19, 2003 at 10:31:57PM +0200, svetla wrote: vremenno opravih problema s htb-to kato: Problemat e tozi (kakto spomena i Nickola Kolev): http://luxik.cdi.cz/~devik/qos/htb/htbfaq.htm Vidno e i ot loga, koito si prilojila - tvarde visoko r2q i ottam i quantum za rate, koito se opitvash da polzvash. -- Theodor MilkovHead Network Administrator Davidov Net Phone: +359 (2) 730158 A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Traffic nabliundavane
On Mon, Mar 17, 2003 at 04:12:26AM +0200, Marian Popov wrote: Zdraveite! Ima li niakakva programka, s koiato da moje da se gleda samo vhodiasht ili samo izhodiasht traffik na edna mashina. Naprimer da gledam samo packetite izlizashti prez eth0 ili vlizashti ot tam no ne obshto a po otdelno. Neshto kato tcpdump naprimer ama samo v ednata posoka. Ako znaesh koi sa mrejite v chiato posoka iskash da vidish trafica (napr. 192.168.168.0/24): tcpdump -i eth0 dst net 192.168.168.0/24 Ili ne e tochno tova? -- Theodor MilkovHead Network Administrator Davidov Net Phone: +359 (2) 730158 A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: TLS + MTA (malko teoria + praktika)
Vapreki che moje da se izpolzva, tai kato certificate ne se izdava za usluga, a za host - triabva uslugite da sa na edin i sasht hostname! T.e. ako imenata sa www.something.com i mail.something.com, a certificate e izdaden za www.something.com, to email clientite shte se jalvat, che certificate ne e validen za mail.something.com. Pravilno, taka e... Kato dopylnenie samo. Kogato TLS se poddyrzha ot strana na MTA ima dve principno razlichni deistvia po udostoveriavaneto: server i client. Edin MTA e client,kogato predava edno syobshtenie kym drug MTA. Edin MTA e server, kogato priema elektronen poshtenski potok za lokalna ili posledvashta obrabotka. V zavisimost ot tova ima DVA vida udostoverivane na MTA serverite v ramkite na TLS. Pri udostoverivaneto na nivo client, MTA, koito e v tazi rolia, proveriava certficate-a na servera, s koito ustanoviava sesia. Sled kato se ubedi, che vsichko e nared, priema da se svyrzhe s drugia MTA. Imenno tuk se proveriava i imeto na hosta, koeto e opisano v certificate-a.V syshtoto vreme obache i drugia MTA (koito e server ot gledna tochka na vryzkata) proveriava certificate-a na clienta. Tuk e nuzhno da se napravi edno vazhno utochnenie. Kogato servera proveriava certificate-a na clienta, toi ne izvyrshva proverka na imeto na hosta (obratnoto bi znachelo da se obvyrzhe systemata ot sertificati s in-addr.arpa ierarhichnoto tyrsene). Ako tova ne be taka, to ne bi syshtestuval virtualen hosting. Pri udostoverivaneto na nivo server, klientyt proveriava i imeto na host na servera, kym koito se svyrzva, a ne samo validnostta na certificate-a. Edin MTA mozhe da operira s dva certificate-a. Ediniat toi mozhe da izpolzva, kogato e v roliata na server, a drugia, kogato e v roliata na client. Serverskia certificate e obvyrzan s imeto na hosta, no tova ne e zadylzhitelno da e taka za clientskia certificate (tova mezhdu drugoto stana iasno i malko po-gore pri obiasniavane na principa na deistvie v dvete situacii). Ako edin client se opitva da se svyrzhe sys server i pri proverka na certificate-a stane iasno, che certificatyt na servera e nevaliden, vypreki, che nosi v poleto za ime imeto na hosta, to iavno ima sluchai na IP izmama. = *** === Configuration = *** === V m4 prototipa na sendmail.cf, faila sendmail.mc se pravi slednoto razgranichenie za certificatite izpolzvani za client i za server configuraciata na MTA dnl dnl Tova sa redovete, koito zadavat certificatite i key za servera define(`confSERVER_CERT',`/usr/share/ssl/certs/host.cert')dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/host.key')dnl dnl dnl a tova sa tezi, koito zadavat configuraciata na clienta define(`confCLIENT_CERT',`/usr/share/ssl/certs/mta.cert')dnl define(`confCLIENT_KEY',`/usr/share/ssl/certs/mta.key')dnl = *** === Log = *** === Eto edna ilustracia na tova, kakvi zapisi v zhurnalnia file na Sendmail se praviat za vsiaka TLS sesia. Eto kak MTA priema TLS sesia ot domashno baziran klient, obtabotva ia i ia izprashta kym drug server: Mar 19 23:22:04 lcpe sendmail[10459]: NOQUEUE: connect from Mandrake.nat-lan.lcpe.pip.digsys.bg [193.68.191.198] Mar 19 23:22:04 lcpe sendmail[10459]: STARTTLS=server, relay=Mandrake.nat-lan.lcpe.pip.digsys.bg [193.68.191.198], version=TLSv1/SSLv3, verify=OK, cipher=EXP1024-RC4-SHA, bits=128/56 Mar 19 23:22:04 lcpe sendmail[10459]: STARTTLS=server, cert-subject=/C=BG/ST=Sofia/L=Sofia/O=LCPE,+20University+20of+20Sofia/OU=LCPE+20Staff/CN=Vesselin+20Kolev /[EMAIL PROTECTED], cert-issuer=/C=BG/ST=Sofia/L=Sofia/O=LCPE,+20University+20of+20Sofia/OU=Net+20Division/CN=Vesselin+20Kolev/[EMAIL PROTECTED] # # STARTTLS=server ukazva na tova, che Sendmail uchastva v TLS sesia kato server # sled cipher e opianieto na izpolzvania kodirash algorithm # cert-subject opisva poletata na X.509 certificate ot strana na clienta # cert-issuer opisva poletata na X.509 certificate na izdatelia na certificate na clienta. # Nai-otgore stoi verify=OK, koeto znachi, che certificate-a na clienta e potvyrden kato validen # Interesnoto tuk e, che clientyt ne e MTA, a e nai-obiknoven Netscape Messenger 4.78 nastroen # da izpolzva PKCS#12 # Mar 19 23:22:04 lcpe sendmail[10459]: h2JLLpAh010459: from=[EMAIL PROTECTED], size=331, class=0, nrcpts=1, msgid=[EMAIL PROTECTED], proto=ESMTP, daemon=MTA, relay=Mandrake.nat-lan.lcpe.pip.digsys.bg [193.68.191.198] Mar 19 23:22:04 lcpe sendmail[10461]: h2JLLpAh010459: SMTP outgoing connect on eth-out.backbone-1.lcpe.uni-sofia.bg Mar 19 23:22:04 lcpe sendmail[10461]: STARTTLS=client, init=1 Mar 19 23:22:04 lcpe sendmail[10461]: STARTTLS=client, start=ok Mar 19 23:22:04 lcpe sendmail[10461]: STARTTLS=client, relay=ns.lcpe.uni-sofia.bg., version=TLSv1/SSLv3, verify=OK, cipher=EDH-RSA-DES-CBC3-SHA, bits=168/168 Mar 19 23:22:04 lcpe sendmail[10461]: STARTTLS=client,
Re: lug-bg: htb, cbq, wrr, red, gred, csz, wfq, hfsc, blue, etc.
On Wed, Mar 19, 2003 at 12:20:02PM +0200, Boyan Krosnov wrote: cut HTB ot kraj do kraj (obshti klasove, chestno razpredelenie, ogranichenie per user) - prosto raboti vsichko koeto iskame ot nego. cut Kakvo imash predvid pod chstno razpredeliane tuk? Fair Queueing? Ili vseki potrebitel v otdelen child class (koeto oznachava ujasno mnogo clasove)? -- Theodor MilkovHead Network Administrator Davidov Net Phone: +359 (2) 730158 A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: TLS + MTA (malko teoria + praktika)
Vsystnost ima razlichni porducti, az predi dve godini napazuravah ot Verisign certificate kojto moje da se izpolzva za 25 web domain-a za Novartis, mislja che ima i za 100 i za 250 domain-a, no sa tzjalo systojanie, GTE systo imat multi-domain SSL certificate kojto e sravnitelno eftin. BTW mislja che Thawte Personal Email Certificate e bezplaten. Theodor Milkov wrote: Vapreki tochniat i izcherpatelen otgovor ot strana na V. Kolev iskam da dobavia 2 drebni neshta. On Thu, Mar 13, 2003 at 12:20:25PM +0200, Dancho Mitev wrote: cut Wyzmovno li e da se izpolzwa samopodpisan sertifikat? (pone za testowe? - predpolagam che da). Wyzmovno li e da se izpolzwa syshtiqt sertifikat ot CA kojto se izpolzwa s apache ili trqbwa da se kupuwa otdelen? cut Vapreki che moje da se izpolzva, tai kato certificate ne se izdava za usluga, a za host - triabva uslugite da sa na edin i sasht hostname! T.e. ako imenata sa www.something.com i mail.something.com, a certificate e izdaden za www.something.com, to email clientite shte se jalvat, che certificate ne e validen za mail.something.com. cut Move li poluchatelq da razbere po nqkakyw nachin che mevdu dwata MTA negowoto syobshtenie e bilo ( ili ne e bilo ) transferirano w kriptiran wid s TLS? cut Eto taka izglejda pri qmail: --- cut --- Received: from dave.del.bg (HELO del.bg) ([EMAIL PROTECTED]) by mail.del.bg with RC4-MD5 encrypted SMTP; 19 Mar 2003 10:40:03 - --- cut --- Sas zdrave, A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Traffic nabliundavane
Iskam da gledam za moita si mreja kym kyde otivat Naprimer mrejata 10.0.0.0/24 iskam da gledam ot taia mreja na kyde otivat packets prez eth0 koito mi e izhodiasht interfase za tazi mreja. -- Marian Popov Siterm Engeneering Ltd. [EMAIL PROTECTED] - Original Message - From: Theodor Milkov [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, March 19, 2003 11:48 PM Subject: Re: lug-bg: Traffic nabliundavane On Mon, Mar 17, 2003 at 04:12:26AM +0200, Marian Popov wrote: Zdraveite! Ima li niakakva programka, s koiato da moje da se gleda samo vhodiasht ili samo izhodiasht traffik na edna mashina. Naprimer da gledam samo packetite izlizashti prez eth0 ili vlizashti ot tam no ne obshto a po otdelno. Neshto kato tcpdump naprimer ama samo v ednata posoka. Ako znaesh koi sa mrejite v chiato posoka iskash da vidish trafica (napr. 192.168.168.0/24): tcpdump -i eth0 dst net 192.168.168.0/24 Ili ne e tochno tova? -- Theodor MilkovHead Network Administrator Davidov Net Phone: +359 (2) 730158 A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: TLS + MTA (malko teoria + praktika)
Onzi den Vesselin Kolev mi demonstrira tezi dejstviq za mail client/server, dori mi polse prati instructions, no tezi za clients sa encrypted signed li4no do men, taka 4e ostavqm na nego da reshi da re-port-ne in public... Pisha documentacia po vyprosa... dano do kraia na sedmicata da e gotova, che naistina mnogo stanaha vyprosite, na koito triabva da se dade dobyr i tochen otgovor. Shte se postaraia da sym byrz i izcherpatelen. Pozdravi Vesselin Kolev A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
