Re: [SLUG] Running my cronjobs in a different timezone

[Robert Collins]

Tried setting TZ ?

Rob
-- 
GPG key available at: .


signature.asc
Description: This is a digitally signed message part
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] freeswan on debian

[Patrick Lesslie]

On Tue, Feb 10, 2004 at 01:44:29PM +1100, [EMAIL PROTECTED] wrote:
> On Mon, Feb 09, 2004 at 04:56:40PM +1100, Patrick Lesslie wrote:
> > 
> > Is anyone successfully running freeswan through a router?
> 
> As others have commented, ipsec is a bit hairy through ciscos.
> 
> You might want to consider openvpn instead.
> It is apparently easier to get running.
> 
> It doesn't use ipsec.

It uses SSL/TLS, can use certificates, tunnels everything over
a single UDP or TCP port, handles NAT and installs on nearly
anything.  The best thing is that it has a self-installing
executable for windows machines, so that remote users can install
without (apparently) any difficulty.

And here was I thinking it must use PPTP.  So anyway, thanks
very much for the suggestion, I really appreciate it and I'm
going to run with it.

Patrick
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] Running my cronjobs in a different timezone

[Jeff Waugh]

Hey all,

Here's a sticky one. Well, it seems sticky, but it might be totally simple.
But I don't know, so that's why I'm posting.

I have some cronjobs on a machine in the US. It runs on US Eastern Standard
Time. I would like to run those cronjobs at Australian times. Note, although
I do want to run the cron-spawn in Australian time, what I *really* want is
for the cronjobs to be launched at Australian times. So when I set up a
midnight job, it will run at midnight in .au, respecting daylight saving,
and so on.

Can I do this by setting something in my crontab? Could I do it via my
bashrs or profile or something? I don't mind affecting every single process
I run on the machine - that would be a reasonably pleasant side-effect.

Thoughts?

- Jeff

-- 
GVADEC 2004: Kristiansand, Norwayhttp://2004.guadec.org/
 
   For a list of reasons why technology has failed to improve our lives,
  please press 3.
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] Shared Calendar and Groupware Server

[Kevin Fitzgerald]

Title: Message



Hi 
All
 
I have a situation 
where I have a few Techs situated around the country that all need to access a 
Shared Calendar/Job Logging system so we can all see what Jobs are in action and 
what Techs are working WHat days. I have heard mention that there is such a 
beast as part of the e-smith server, does anyone else know of anything that may 
be of use to me? It needs to be free, and something I can install on an internet 
server so all my Techs have access from the web.
 
I appreciate any 
suggestions and URL's
 
Kev
 


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.581 / Virus Database: 368 - Release Date: 9/02/2004
 
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] Replace Organizer

[ksaenz]

You could try something like opengroupware.
Or you could go to freshmeat.net and do a search for groupware
> Hi all,
> I am once again trying to replace Lotus Organizer on our network without
> having to resort to MS Exchange Server and MS Outlook. The only
> functionality we need is the Diary, Shared and Private, with decent
> printouts and potentially alarms or alerts. The ability to sync with a PDA
> would be great. I don't want to add anything other than  the
> diary/calendar program, we already have Squirrellmail running nicely and
> have replaced Pegasus for the bulk of our users.
> 
> Any ideas?
> 
> 
> -- 
> 
> Simon Bryan
> IT Manager
> OLMC Parramatta

-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] Replace Organizer

[Simon Bryan]

Hi all,
I am once again trying to replace Lotus Organizer on our network without
having to resort to MS Exchange Server and MS Outlook. The only
functionality we need is the Diary, Shared and Private, with decent
printouts and potentially alarms or alerts. The ability to sync with a PDA
would be great. I don't want to add anything other than  the
diary/calendar program, we already have Squirrellmail running nicely and
have replaced Pegasus for the bulk of our users.

Any ideas?


-- 

Simon Bryan
IT Manager
OLMC Parramatta
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] \setlength{\parsep}{15mm}

[Terry Collins]

Mary Gardiner wrote:
> 
> On Tue, Feb 10, 2004, Terry Collins wrote:
> > Latex question. I am not getting any space between paragraphs in Latex.
> >
> > \setlength{\parsep}{15mm}
> >
> > Is this the setting that I fiddle?
> 
> I believe it's parskip.

Yes, thank you. That fixed it. Muchos Gracious (sp?)
I know it is one of the three latex books, but if you don't know the
jargon, you canna use the index.

-- 
   Terry Collins {:-)}}} email: terryc at woa.com.au  www:
http://www.woa.com.au  
   Wombat Outdoor Adventures 

 "People without trees are like fish without clean water"
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] freeswan on debian

[Alexander Samad]

On Tue, Feb 10, 2004 at 11:00:09AM +1100, Patrick Lesslie wrote:
> On Mon, Feb 09, 2004 at 07:43:37PM +1100, Matthew Palmer wrote:
> > The problem is that IPSec requires that both source and destination ports for
> > an IKE connection be UDP 500.  Now, with a sane NAT engine (*cough* iptables
> > *cough*) this works, because it tries to keep ports the same as much as
> > possible.  However, Ciscos don't - you'll get a source port out of the NAT
> > router in the high range, which your other end will take one look at and go
> > "screw that and the horse it rode in on".
> > 
> > The way to fix it is to configure the Cisco to do port forwarding of UDP 500 to
> > your IPSec machine inside, and initiate the connection from outside to the
> > public interface.  That way both source and dest port will be 500, and your
> > IPSec boxes are none the wiser.
> > 
> > Short of making NAT traversal work (and it's a PITA, if only by the fact that
> > there's several different "standards" for doing it), this is the best way if
> > you've got to make it work over a brain-dead NAT device.  Naturally, this way
> > won't work for multiple separate VPN endpoints behind your NAT device, but it's
> > better than nothing.
> 
> Ok, I see what you mean now; since I'm forwarding UDP 500 to one
> machine, that machine is the only VPN endpoint.
> 
> > Anyway, if you've got VPN connections flying all over the
> > place, then the network design probably needs to be rethought a little, to
> > accomodate those sorts of things more gracefully...
> 
> I'm curious, how are other people doing this?

I don't have to pass through 2 NAT devices, but I can handle only 1.

I use 2.4.22 (from kernel.org), freeswan 2.01-3 (from debian).  I use
process to make the kernel.  It comes x509 patch, NAT-T, dead
connection check, extra ciphers (AES,...) and allows for NAT'ing on the
box as well.

> 
> Patrick
> -- 
> SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
> Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] \setlength{\parsep}{15mm}

[Mary Gardiner]

On Tue, Feb 10, 2004, Terry Collins wrote:
> Latex question. I am not getting any space between paragraphs in Latex.
> 
> \setlength{\parsep}{15mm}
> 
> Is this the setting that I fiddle?

I believe it's parskip.

> Is it affected by \usepackage{fancyhdr}?

No idea, sorry :(

-Mary
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] \setlength{\parsep}{15mm}

[Terry Collins]

Latex question. I am not getting any space between paragraphs in Latex.

\setlength{\parsep}{15mm}

Is this the setting that I fiddle?
Is it affected by \usepackage{fancyhdr}?

Just a tad frustrating.


TIA
-- 
   Terry Collins {:-)}}} email: terryc at woa.com.au  www:
http://www.woa.com.au  
   Wombat Outdoor Adventures 

 "People without trees are like fish without clean water"
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] Virus Found in message "MAIL DELIVERY SYSTEM"

[Judy Ferris]

Norton AntiVirus found a virus in an attachment you ([EMAIL PROTECTED] <[EMAIL 
PROTECTED]>) sent to Judy Ferris.

To ensure the recipient(s) are able to use the files you sent, perform a virus scan on 
your computer, clean any infected files, then resend this attachment.


Attachment:  message.zip
Virus name: [EMAIL PROTECTED]
Action taken:  Clean failed : Quarantine succeeded : 
File status:  Infected



<>-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] freeswan on debian

[mlh]

On Mon, Feb 09, 2004 at 04:56:40PM +1100, Patrick Lesslie wrote:
> I'm trying to get freeswan running on debian stable.  The trouble is
> there is a cisco router doing DSL and doing NAT to the debian box, 
> which also masquerades to another internal network.
> 
> Is anyone successfully running freeswan through a router?

As others have commented, ipsec is a bit hairy through ciscos.

You might want to consider openvpn instead.
It is apparently easier to get running.

It doesn't use ipsec.

Matt
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] OT: Computer hardware stores in Syd CBD

[mlh]

On Mon, Feb 09, 2004 at 12:43:44PM +1100, Rajnish Tiwari wrote:
>   Can you give me names of computer hardware
>   stores in Sydney CBD (around Martin place)  
>   that may stock netgear hubs/switches ? Need to
>   get one really quickly.

Computerworld, 89 York St.

http://www.cworld.com.au/

huge range, good prices

Matt

-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: Debian install process not recommended (Re: [SLUG] Trouble finding Linux)

[Bret Comstock Waldow]

On Tue, 2004-02-10 at 10:30, Mary Gardiner wrote:

> My advice to people considering Debian is to have someone who's done a
> Debian install help you out, or fill you in in advance. I would not
> recommend it to someone looking to dip their toe in the water unless
> they get someone else to install it for them.

I'd offer another suggestion for getting Debian - install a Knoppix
variant.  There are a number of flavors, sone Gnome based, some with a
slant towards multimedia.  All allow trying before writing to the hard
disk, all end up with Debian.

"Straight" Knoppix installed fine for me, as did MediaLinux.  I'm
currently checking out Mepis - I don't know if it's Knoppix based off
hand, but it also allows booting from CD to trial it before writing it
to disk.

Regards,
Bret


-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] Re: Trouble Finding Linuc

[billb]

Try the newsagent in York St just behind the QVB (next to Chemist). This 
AM they has Australian Developer mag with Mandrake 9.2, plus Linux Format 
(DVD and CD issues) with Suse 9.0 Live CD Edition.




--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

RE: [SLUG] copyright breaches - multi user platforms

[Rowling, Jill]

I doubt it. Microsoft's Unix services appear to be BSD-based. They did buy
AT&T licenses early on and more recently paid SCO (or so we're told) for
rights to use certain Unix (or Linux?) components. Of course they may choose
later to get a refund from SCO if their purchase was for nothing! But that
should not concern us if they want to waste their money.
The multi-user environment used by NT/2k/XP appears to still use VMS style
scheduling, so no, I don't think it has anything to do with Unix. Not yet
anyway.

Also Unix was not the first multi-user OS around 20+ years ago. Multi-user
has been around in various guises since the 1960's.

- Jill.

-Original Message-
From: Nicholas Tomlin [mailto:[EMAIL PROTECTED] 
Sent: Monday, 9 February 2004 8:46 AM
To: [EMAIL PROTECTED]
Subject: [SLUG] copyright breaches - multi user platforms


Hell sluggers..

I note all this affray to do with SCOs claims for breach of copyright by IBM

and like Co´s and their imagined inclusion of code in Linux.

How do we know they aren´t affiliated with m$

Is anybody going Microsoft for copying the Unix multi user environment with 
their NT, 2000 server and XP platforms?? I know Unix was first at it, 20
plus 
years ago when I was at Uni...

--
IMPORTANT NOTICES
This email (including any documents referred to in, or attached, to this
email) may contain information that is personal, confidential or the subject
of copyright or other proprietary rights in favour of Aristocrat, its
affiliates or third parties. This email is intended only for the named
addressee. Any privacy, confidence, copyright or other proprietary rights in
favour of Aristocrat, its affiliates or third parties, is not lost because
this email was sent to you by mistake.

If you received this email by mistake you should: (i) not copy, disclose,
distribute or otherwise use it, or its contents, without the consent of
Aristocrat or the owner of the relevant rights; (ii) let us know of the
mistake by reply email or by telephone (+61 2 9413 6300); and (iii) delete
it from your system and destroy all copies.

Any personal information contained in this email must be handled in
accordance with applicable privacy laws.

Electronic and internet communications can be interfered with or affected by
viruses and other defects. As a result, such communications may not be
successfully received or, if received, may cause interference with the
integrity of receiving, processing or related systems (including hardware,
software and data or information on, or using, that hardware or software).
Aristocrat gives no assurances in relation to these matters.

If you have any doubts about the veracity or integrity of any electronic
communication we appear to have sent you, please call +61 2 9413 6300 for
clarification.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] asking about coldfusion support in linux

[David Gillies]

pesoy misak wrote:
Dear all
 
I want to ask you something about coldfusion. I recently got a project 
about handling their network. This company already has their website 
which is hosted under windows that support coldfusion markup language. 
Now the company would like to integrate their own website and would like 
to make the network solution under linux. my question is apache web 
server support cold fusion markup language.
I'm not sure if apache can support cfml, but there is a version of 
ColdFusion server for linux

http://www.macromedia.com/software/coldfusion/

Currently supported is Red Hat Linux 7.2, 7.3, 8.0, 9, AS & ES 2.1, AS & 
ES 3.0, SuSE Linux 7.2, 7.3, or 8.x, TurboLinux 8 Server and Linux for 
zSeries: SuSE Linux Enterprise Server 8 Service Pack 2 running in 31-bit 
mode
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] freeswan on debian

[Patrick Lesslie]

On Mon, Feb 09, 2004 at 07:43:37PM +1100, Matthew Palmer wrote:
> The problem is that IPSec requires that both source and destination ports for
> an IKE connection be UDP 500.  Now, with a sane NAT engine (*cough* iptables
> *cough*) this works, because it tries to keep ports the same as much as
> possible.  However, Ciscos don't - you'll get a source port out of the NAT
> router in the high range, which your other end will take one look at and go
> "screw that and the horse it rode in on".
> 
> The way to fix it is to configure the Cisco to do port forwarding of UDP 500 to
> your IPSec machine inside, and initiate the connection from outside to the
> public interface.  That way both source and dest port will be 500, and your
> IPSec boxes are none the wiser.
> 
> Short of making NAT traversal work (and it's a PITA, if only by the fact that
> there's several different "standards" for doing it), this is the best way if
> you've got to make it work over a brain-dead NAT device.  Naturally, this way
> won't work for multiple separate VPN endpoints behind your NAT device, but it's
> better than nothing.

Ok, I see what you mean now; since I'm forwarding UDP 500 to one
machine, that machine is the only VPN endpoint.

> Anyway, if you've got VPN connections flying all over the
> place, then the network design probably needs to be rethought a little, to
> accomodate those sorts of things more gracefully...

I'm curious, how are other people doing this?

Patrick
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Debian install process not recommended (Re: [SLUG] Trouble finding Linux)

[Mary Gardiner]

On Tue, Feb 10, 2004, Andrew Cowie wrote:
> > I'm interested in installing Linux on my home pc.
> 
> There are a considerable number of ways to bootstrap and install Linux
> that don't require a CD-ROM ISO. Debian's installer pages go into this
> in great detail; any other distro that is fundamentally
> download-it-from-the-internet based will be similar.

But these have bandwidth requirements that are not dissimilar to that of
a CD-ROM ISO, perhaps at a minimum you download about 1/3 of the data,
possibly more.  This is still prohibitive for dialup users who don't
want to be connected to the net for two or three continuous days of
downloading.

I also wouldn't recommend the Debian install process to people new to
Linux: even if you can get through the install with the standard
installer, you then have to either figure out Debian's upgrade process
(no it isn't hard once you know it exists and know how to use it, but
that's a big assumption) or deal with having old software that may not
work with some new hardware.

Have spent part of the last week helping a Linux "old hand" with a
Debian install. He ran Linux back in 95 or so for a while, stopped being
so interested in fixing everything by hand and moved on. Now he wants a
second machine with LaTeX and so on and decided to go with Linux for
that machine. So far so good. He's familiar with UNIX, disk paritioning
and basic "computer stuff". But he did the default Debian install with a
2.2 kernel, and we couldn't for the life of us get his hardware working
even with a kernel upgrade. He had also made the classic Debian newbie
mistake of installing every package on the CD, and had patiently walked
through the configuration options for all of them.  Damned if we could
undo these mistakes. (Yeah, probably we could have, given sufficient
patience, but even so, other installers have much saner defaults for
desktop machines than the woody installer.)

My advice to people considering Debian is to have someone who's done a
Debian install help you out, or fill you in in advance. I would not
recommend it to someone looking to dip their toe in the water unless
they get someone else to install it for them.

Therefore, I think the original correspondent's choice of Mandrake is a
better choice.

-Mary
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

RE: [SLUG] OT: Computer hardware stores in Syd CBD

[Andrew Cowie]

On Mon, 2004-02-09 at 15:00, ksaenz wrote:
> But who with non internet exploder browser can visit that site? I have
> boycotted them because I can't view their site. :)

As others have pointed out it does "work" in Mozilla (the problem being
that their site is just plain bad)...

... but you could always *telephone* them to order. [I recommend it, in
fact. They're pretty fast, BTW]

AfC

-- 
Andrew Frederick Cowie
Operational Dynamics Consulting Pty Ltd

Australia: +61 2 9977 6866  North America: +1 646 472 5054

http://www.operationaldynamics.com/
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] Any GricDial experience with Linux?

[Grant Parnell]

Got a client that's just got international roaming dialup through Telstra. 
They send them off to this site www.gricdial.co.uk where you download this 
7MB executable for Windows to support the global dialup... WTF?  {time 
passes} oh... thankfully looks like it's just software to get phone 
numbers of local ISP's... hopefully I can just dial up normally.

-- 
--
Electronic Hobbyist, Former Arcadia BBS nut, Occasional nudist, 
Linux Guru, SLUG/AUUG/Linux Australia member, Sydney Flashmobber,
BMX rider, Walker, Raver & rave music lover, Big kid that refuses
to grow up. I'd make a good family pet, take me home today!
Do people actually read these things?


-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

RE: [SLUG] Trouble finding Linux

[Andrew Cowie]

> I'm interested in installing Linux on my home pc.

There are a considerable number of ways to bootstrap and install Linux
that don't require a CD-ROM ISO. Debian's installer pages go into this
in great detail; any other distro that is fundamentally
download-it-from-the-internet based will be similar.

> I would prefer not to order
> online

Not sure what underlies that concern, but a fantastic place to get ISOs
from in Australia (especially Sydney region) is 

www.everythinglinux.com.au

They're prompt, and with it.

AfC
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] Modem and ADSL

[Robert Collins]

On Tue, 2004-02-10 at 10:02, Kevin Saenz wrote:
> Hi all,
> I have both a modem and ADSL connection and use ip route commands to direct 
> connection.
> 
> I would like to keep my modem connection and like to force the assignment of ppp0 
> and force my ADSL connection to have the assignment of ppp1. What I have found is at 
> boot up my ADSL connection would take ppp0 and modem would be ppp1 and they would 
> swap if connection was lost forcing my routes command not to work.
> 
> Is what I want possible?

unit 1 in the options for the adsl. (As has been mentioned here several
times).

Rob
-- 
GPG key available at: .


signature.asc
Description: This is a digitally signed message part
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] Modem and ADSL

[Kevin Saenz]

Hi all,
I have both a modem and ADSL connection and use ip route commands to direct connection.

I would like to keep my modem connection and like to force the assignment of ppp0 and 
force my ADSL connection to have the assignment of ppp1. What I have found is at boot 
up my ADSL connection would take ppp0 and modem would be ppp1 and they would swap if 
connection was lost forcing my routes command not to work.

Is what I want possible?

TIA
Kevin Saenz

Spinaweb
Security, Trust, and Service

P: 0246205130
M: 0418455661
W: www.spinaweb.com.au

--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] freeswan on debian

[Patrick Lesslie]

On Tue, Feb 10, 2004 at 09:39:51AM +1100, Alexander Samad wrote:
> On Mon, Feb 09, 2004 at 11:06:47PM +1100, Patrick Lesslie wrote:
> > On Mon, Feb 09, 2004 at 07:43:37PM +1100, Matthew Palmer wrote:
> > > On Mon, Feb 09, 2004 at 04:56:40PM +1100, Patrick Lesslie wrote:
>  --- snip ---
> > I thought perhaps I might be able to get the Cisco into bridging mode,
> > or just replace it with a brick, I mean a bridge (I guess?).
> > That way the diagrams would be simpler, and I could talk using the 
> > external IP.  I guess that means running pppoe as well.
> > 
> > Since the cisco has 4 external IPs, it would be great to bridge 
> > at least one of them, so that there were sort of two independent
> > external interfaces, debian on one and cisco on the others. 
> 
> Why not forward one of this IP addresses to the linux box, you can still
> filter on the cisco and the linux box and no NAT'ing.
> 
> Not sure if it is possible on Cisco, I have done a similiar thing on a
> linux box.

I hope it is, that would be great.  So the debian box would have
the external IP on it's outward facing interface, which I could
put in network/interfaces as static.

Patrick
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] freeswan on debian

[Alexander Samad]

On Mon, Feb 09, 2004 at 11:06:47PM +1100, Patrick Lesslie wrote:
> On Mon, Feb 09, 2004 at 07:43:37PM +1100, Matthew Palmer wrote:
> > On Mon, Feb 09, 2004 at 04:56:40PM +1100, Patrick Lesslie wrote:
 --- snip ---
> I thought perhaps I might be able to get the Cisco into bridging mode,
> or just replace it with a brick, I mean a bridge (I guess?).
> That way the diagrams would be simpler, and I could talk using the 
> external IP.  I guess that means running pppoe as well.
> 
> Since the cisco has 4 external IPs, it would be great to bridge 
> at least one of them, so that there were sort of two independent
> external interfaces, debian on one and cisco on the others. 

Why not forward one of this IP addresses to the linux box, you can still
filter on the cisco and the linux box and no NAT'ing.

Not sure if it is possible on Cisco, I have done a similiar thing on a
linux box.

> 
> Later with another box I'd like to be able to split the internal
> firewall and the freeswan one, in which case I suppose freeswan
> should go on an independently strong machine in a demilitarised
> zone.
> 
> Then IPtables would just have to allow ipsec through, and if someone
> broke the freeswan machine, they could just vpn into the LAN :-)
> 
> There actually doesn't seem to be much need for the router's fancy
> features above being a bridge anyway, now that the linux box is
> running the firewall, so swapping it out might be feasible if that
> were the best way to go.
> 
> I still need NAT traversal anyway, going to try superfreeswan,
> because there might be NAT going on at the road warrior end ...
> 
> The more I re-read this, the less it makes sense ;-}
> Thanks for the tips,
> Patrick
> -- 
> SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
> Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] copyright breaches - multi user platforms

[DE LUCA Ben]

Plus MS has a license from SCO and does not release source code. So even if
it does contain direct code its ok.



> From: Jeff Waugh <[EMAIL PROTECTED]>
> Date: Mon, 9 Feb 2004 21:04:08 +1100
> To: [EMAIL PROTECTED]
> Subject: Re: [SLUG] copyright breaches - multi user platforms
> 
> 
> 
>> Is anybody going Microsoft for copying the Unix multi user environment
>> with their NT, 2000 server and XP platforms?? I know Unix was first at it,
>> 20 plus years ago when I was at Uni...
> 
> The NT platforms were largely based on VMS design (not code), and are wildly
> dissimilar to *nix (though there is a POSIX compatibility layer - which is
> not really all that compatible - and so on). Drawing any © conclusions
> from the fact that two systems provide a similar feature is broken at best
> (and surprisingly similar to what SCO were alleging with regards to IBM's
> contributions to Linux). There are lots of multi-user operating systems
> around, many of them vastly different to NT and *nix platforms...
> 
> Trying to follow the MS conspiracy lines too far will drive you (and every
> one who has to listen) up the wall. :-)
> 
> - Jeff
> 
> -- 
> GVADEC 2004: Kristiansand, Norwayhttp://2004.guadec.org/
> 
>  "People keep asking me why we aren't married, and he says, 'Every time
>  I am about to ask you, you do something annoying'." - Kate Beckinsale
> -- 
> SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
> Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
> 

-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] freeswan on debian

[Patrick Lesslie]

On Mon, Feb 09, 2004 at 07:43:37PM +1100, Matthew Palmer wrote:
> On Mon, Feb 09, 2004 at 04:56:40PM +1100, Patrick Lesslie wrote:
> > I'm trying to get freeswan running on debian stable.  The trouble is
> > there is a cisco router doing DSL and doing NAT to the debian box, 
> > which also masquerades to another internal network.
> > 
> > Is anyone successfully running freeswan through a router?
> 
> Yes, but it's a hack.
> 
> The problem is that IPSec requires that both source and destination ports for
> an IKE connection be UDP 500.  Now, with a sane NAT engine (*cough* iptables
> *cough*) this works, because it tries to keep ports the same as much as
> possible.  However, Ciscos don't - you'll get a source port out of the NAT
> router in the high range, which your other end will take one look at and go
> "screw that and the horse it rode in on".
>
> The way to fix it is to configure the Cisco to do port forwarding of UDP 500 to
> your IPSec machine inside, and initiate the connection from outside to the
> public interface.  That way both source and dest port will be 500, and your
> IPSec boxes are none the wiser.

I think I see.  The source port gets preserved if the packet is
explicitly port-forwarded..

So at the moment it's configured to do a source NAT sending packets
addressed to 203.x.x.1 to 192.168.1.2 (debian) and the packets appear
to be from the router (192.168.1.1) instead of from the remote IP,
which means that UDP 500 packets to the external IP do get to debian,
but presumably with the source ports altered for some Cisco reason,
and I should also port-forward UDP 500.  Do I also need NAT-T just
to get the packets to be UDP packets, or is IKE always like that,
and I still have to get the router to forward the ESP and GRE packets?

> Short of making NAT traversal work (and it's a PITA, if only by the fact that
> there's several different "standards" for doing it), this is the best way if
> you've got to make it work over a brain-dead NAT device.  Naturally, this way
> won't work for multiple separate VPN endpoints behind your NAT device, but it's
> better than nothing. 

I don't mind if they can only access one machine, so long as it runs
windows and is on the internal lan ;-P
But you didn't mean that there can only be one person coming in at once
did you?  After all I want VPN connections flying all over the place...

> Anyway, if you've got VPN connections flying all over the
> place, then the network design probably needs to be rethought a little, to
> accomodate those sorts of things more gracefully...

That would be excellent.  I was wondering though, how to do it.

I thought perhaps I might be able to get the Cisco into bridging mode,
or just replace it with a brick, I mean a bridge (I guess?).
That way the diagrams would be simpler, and I could talk using the 
external IP.  I guess that means running pppoe as well.

Since the cisco has 4 external IPs, it would be great to bridge 
at least one of them, so that there were sort of two independent
external interfaces, debian on one and cisco on the others. 

Later with another box I'd like to be able to split the internal
firewall and the freeswan one, in which case I suppose freeswan
should go on an independently strong machine in a demilitarised
zone.

Then IPtables would just have to allow ipsec through, and if someone
broke the freeswan machine, they could just vpn into the LAN :-)

There actually doesn't seem to be much need for the router's fancy
features above being a bridge anyway, now that the linux box is
running the firewall, so swapping it out might be feasible if that
were the best way to go.

I still need NAT traversal anyway, going to try superfreeswan,
because there might be NAT going on at the road warrior end ...

The more I re-read this, the less it makes sense ;-}
Thanks for the tips,
Patrick
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] Message quarantined

[mailscan]

Scanner: MailMonitor for SMTP v1.2.0 

This mail has been rejected for one of the following possible reasons:

> Executable attached.
> Virus Infection.
> Corrupted / Encrypted attachment(s).

Please ensure you have virus scanned your files before sending them.

Problem description:
Email data:
MessageID: 
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: 
Subject: Szupeavmytijjuqpa
Scanning part []

Scanning part [document.zip]
Attachment validity check: passed.
Virus identity found: W32/MyDoom-A
Virus identity found: W32/MyDoom-A

Virus identity found: W32/MyDoom-A
Virus identity found: W32/MyDoom-A




-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] Virus found in the message

[mailscan]

Scanner: MailMonitor for SMTP v1.2.0 

This mail has been rejected for one of the following possible reasons:

> Executable attached.
> Virus Infection.
> Corrupted / Encrypted attachment(s).

Please ensure you have virus scanned your files before sending them.

Problem description:
Email data:
MessageID: 
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: 
Subject: Szupeavmytijjuqpa
Scanning part []

Scanning part [document.zip]
Attachment validity check: passed.
Virus identity found: W32/MyDoom-A
Virus identity found: W32/MyDoom-A

Virus identity found: W32/MyDoom-A
Virus identity found: W32/MyDoom-A




-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] Trouble finding Linux

[David Kempe]

Greg Brennan wrote:
I'm interested in installing Linux on my home pc. I've heard that
Mandrake is probably the best for a beginner like myself, but I'm having
trouble finding a copy of this or any other version. As I would prefer
Greg,
my company (http://solutionsfirst.com.au) is still handing out a copy of 
Knoppix to anyone who turns up to our office. Its in Hornsby though.
http://www.knoppix.net
knoppix is pretty good for beginners

dave
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] copyright breaches - multi user platforms

[Jeff Waugh]

> Is anybody going Microsoft for copying the Unix multi user environment
> with their NT, 2000 server and XP platforms?? I know Unix was first at it,
> 20 plus years ago when I was at Uni...

The NT platforms were largely based on VMS design (not code), and are wildly
dissimilar to *nix (though there is a POSIX compatibility layer - which is
not really all that compatible - and so on). Drawing any © conclusions
from the fact that two systems provide a similar feature is broken at best
(and surprisingly similar to what SCO were alleging with regards to IBM's
contributions to Linux). There are lots of multi-user operating systems
around, many of them vastly different to NT and *nix platforms...

Trying to follow the MS conspiracy lines too far will drive you (and every
one who has to listen) up the wall. :-)

- Jeff

-- 
GVADEC 2004: Kristiansand, Norwayhttp://2004.guadec.org/
 
   "People keep asking me why we aren't married, and he says, 'Every time
   I am about to ask you, you do something annoying'." - Kate Beckinsale
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] copyright breaches - multi user platforms

[Nicholas Tomlin]

Hell sluggers..

I note all this affray to do with SCOs claims for breach of copyright by IBM 
and like Co´s and their imagined inclusion of code in Linux.

How do we know they aren´t affiliated with m$

Is anybody going Microsoft for copying the Unix multi user environment with 
their NT, 2000 server and XP platforms?? I know Unix was first at it, 20 plus 
years ago when I was at Uni...

Just some food for thought... pass it on to someone who can do something about 
it, I don´t know anyone who could.

Regards,

Nicholas Tomlin

--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

RE: [SLUG] Trouble finding Linux

[Kazik Malenczak]

I have a number of ISOs of various distributions that I have amassed over a
couple of years and am willing to help anyone with what they want (if ive
got it) for a beer!!!
I sometimes go into the city but I can meet anyone at the Great Northern
Chatswood to hand over a CD.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Greg Brennan
Sent: Monday, 9 February 2004 3:24 PM
To: [EMAIL PROTECTED]
Subject: [SLUG] Trouble finding Linux

I'm interested in installing Linux on my home pc. I've heard that Mandrake
is probably the best for a beginner like myself, but I'm having trouble
finding a copy of this or any other version. As I would prefer not to order
online, I have been scouring newsagents trying to find a copy included with
a magazine (as recommended by the SLUG website and others) with no luck. Do
you know of any current publications that have this included, and if so,
which newsagents in Sydney City might stock it?


**
* IMPORTANT INFORMATION *
This document should be read only by those persons to whom
it is addressed and its content is not intended for use by
any other persons. If you have received this message in
error, please notify us immediately. Please also destroy and
delete the message from your computer. Any unauthorised form
of reproduction of this message is strictly prohibited.
St.George is not liable for the proper and complete transmission
of the information contained in this communication, nor for any
delay in its receipt.
**



-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] re: Trouble finding Linux

[Nicholas Tomlin]

Greg,

Go to www.elx.com.au or www.lankum.com.au.

Get the phone number - call them, you don´t have to go on line.

Distro´s on disk can be had for as little as $30.00 plus postage, or visit 
them.

Regards,

Nicholas Tomlin.

--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] The ACS open source SIG

[Bruce Badger]

It has been suggested that I post information here about upcomming
meetings of the ACS (yes, the Australian Computer Society) open source
SIG.

The SIG is open to all.  The ACS NSW branch only ask that you sign a
register of guests.

We meet on the last Thursday of the month, which is typically the day
before the SLUG meeting.  The venue is the ACS NSW branch office at Lv
4, 122 Castlereagh Street. The building is directly opposite David
Jones'.

This month we have Rob Collins who will be talking about Arch.

Rob asked me to stress that this will *not* be the same talk he did at
SLUG - it's a new one.  And for those of you who don't know (not many,
I'm sure), arch is version control system, so those in search of a
version control system, or a better version control system, will find
this talk most interesting, I'm sure.

So, Rob will be talking at our February meeting, which will be held on
Thursday 26th February @ 18:00, at the NSW ACS HQ which is  at Lv 4, 122
Castlereagh Street here in the CBD.

The home page of the SIG (such as it is) is here:
http://www.acs.org.au/nsw/sigs/opensource/index.html

We use a Yahoo! group to coordinate the SIG, and you are most welcome to
join that.  There is a little form at the bottom of the SIG home page.

All the best,
Bruce
-- 
Make the most of your skills - with OpenSkills
http://www.openskills.com


signature.asc
Description: This is a digitally signed message part
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] freeswan on debian

[Matthew Palmer]

On Mon, Feb 09, 2004 at 04:56:40PM +1100, Patrick Lesslie wrote:
> I'm trying to get freeswan running on debian stable.  The trouble is
> there is a cisco router doing DSL and doing NAT to the debian box, 
> which also masquerades to another internal network.
> 
> Is anyone successfully running freeswan through a router?

Yes, but it's a hack.

The problem is that IPSec requires that both source and destination ports for
an IKE connection be UDP 500.  Now, with a sane NAT engine (*cough* iptables
*cough*) this works, because it tries to keep ports the same as much as
possible.  However, Ciscos don't - you'll get a source port out of the NAT
router in the high range, which your other end will take one look at and go
"screw that and the horse it rode in on".

The way to fix it is to configure the Cisco to do port forwarding of UDP 500 to
your IPSec machine inside, and initiate the connection from outside to the
public interface.  That way both source and dest port will be 500, and your
IPSec boxes are none the wiser.

Short of making NAT traversal work (and it's a PITA, if only by the fact that
there's several different "standards" for doing it), this is the best way if
you've got to make it work over a brain-dead NAT device.  Naturally, this way
won't work for multiple separate VPN endpoints behind your NAT device, but it's
better than nothing.  Anyway, if you've got VPN connections flying all over the
place, then the network design probably needs to be rethought a little, to
accomodate those sorts of things more gracefully...

- Matt
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] asking about coldfusion support in linux

[pesoy misak]

Dear all
 
I want to ask you something about coldfusion. I recently got a project about handling their network. This company already has their website which is hosted under windows that support coldfusion markup language. Now the company would like to integrate their own website and would like to make the network solution under linux. my question is apache web server support cold fusion markup language. 
 
many thank
 
pesoy
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] OT: Computer hardware stores in Syd CBD

[Piers Wren]

On Mon, 2004-02-09 at 15:09, Darren Williams wrote:
> Hi Rajnish
> Computer World
> Resonable Prices, fair service:
> www.cworld.com.au, 

I've had problems with these guys when either ordering something that's
not in stock (never arrived) or claiming on warranty (after about 2
months, they admitted they had lost the disk)

They're fine as long as you want to walk in and pickup something quickly
though.

-Piers.

> I have purchased bits and pices plus full systems, and as long
> as you know what you what they are competitive. I had a couple
> of problems that were resolved fairly quickly though I have had better
> service, of course at a price.
> 
> Darren
> 
> 
> On Mon, 09 Feb 2004, Rajnish Tiwari wrote:
> 
> > Hi All,
> > 
> > Can you give me names of computer hardware
> > stores in Sydney CBD (around Martin place)  
> > that may stock netgear hubs/switches ? Need to
> > get one really quickly.
> > 
> > Thanking you in anticipation.
> > 
> > Regards,
> > Rajnish
> > 
> > -- 
> > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
> > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
> --
> Darren Williams 
> [EMAIL PROTECTED] 
> --

-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: Fw: [SLUG] freeswan on debian

[Patrick Lesslie]

On Mon, Feb 09, 2004 at 05:19:26PM +1100, [EMAIL PROTECTED] wrote:
> Not freeswan, but "super-freeswan" - www.freeswan.ca
> The feature you are looking for is "nat traversal".
> afaik there is no deb for it - and you need to recompile the kernel 
> for nat traversal.
> Alternatively you could download the nat traversal patch for freeswan.

Thanks, I'll give that a go :-)
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html