Re: [SLUG] Firewall
On Saturday 08 July 2006 14:14, [EMAIL PROTECTED] wrote: > > If you want something simple, firehol is pretty good. Debian (and > > therefore probably Ubuntu) has a bunch of example config files that > > are really easy to use. The advantage to say shorewall (although > > things may have changed) is that with fussy protocols like SMB, you > > just enable it and it works, where as I found with shorewall that you > > needed to worry about traffic directions and such. It also lets you > > do NATting and stuff extremely simply. > > > > And that's my 5 cents. > > Yes, same with Firestarter. I used Shorewall for quite some time on a > Linux router. It is good, but something like Firestarter is (I think) > the way to go for a simple Ubuntu setup. Doesn't do as much as > Shorewall, but it is dead simple to set up and run a simple desktop > protection firewall. > > My 5 cents. Thanks Alan guidedog guarddog worked. It seems that there is no option to: * trust the local network (everything allowed) * allow ESTABLISHED/RELATED packets back * allow arbitary complex stuff (still investigating) eg for my openvpn iptables -A INPUT -i tun+ -j ACCEPT iptables -A FORWARD -i tun+ -j ACCEPT But its mostly working James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Re: ubuntu routing
On Saturday 08 July 2006 14:14, [EMAIL PROTECTED] wrote: > > I cant find anything that does the equivalent of > > echo 1 > /proc/sys/net/ipv4/ip_forward > > on my newly installed ubuntu box. Before I invent a way, does anybody > > know if I'm missing something. > > sed -i s/ip_forward=no/ip_forward=yes/ /etc/network/options [EMAIL PROTECTED]:~$ cat /etc/network/options cat: /etc/network/options: No such file or directory so ... /etc/sysctl.conf # Uncomment the next line to enable packet forwarding for IPv4 net/ipv4/ip_forward=1 I have now solved all my network problems. Thanks James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: Linux compatible Sydney 3G for notebooks
On Sat, Jul 08, 2006 at 02:51:00PM +1000, Ben Alex wrote: > Matthew Palmer wrote: > >I've got a Vodafone 3G (Merlin) card through work and it works nicely -- a > >bit fiddly to setup, perhaps, but doable. A client I've been at has the > >"other model" of Vodafone 3G card and it works in Ubuntu Dapper, but not > >earlier versions -- so you'll need a pretty new kernel if you get lumped > >with that card. > Thanks to everyone for their suggestions. Because I actually live in > Newcastle - but travel to the capitals enough of the time to warrant > mobile coverage - probably the Vodafone service makes most sense as I > can fallback to GPRS when at home. I also didn't realise the iBurst > coverage was sketchy - does anyone else have experiences with that, > particularly in the CBD areas of Sydney and Brisbane? My experience is a year old, but it was patchy even in the city (Sydney). I got fantastic reception at the Sol1 office in Hornsby, but elsewhere it was really hit-n-miss. I'd assume they've done a lot more build-out since then, though. > As for Vodafone, > is there any chance of posting some notes on installing it >From memory, it was plug in the card, watch dmesg to ensure it actually registered, and then put the following wvdial snippet in the config file and run "wvdial vodafone" to start it up. [Dialer vodafone] Modem = /dev/ttyS1 Baud = 460800 Init1 = ATZ Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 Init3 = AT+CGDCONT=1,"IP","vfinternet.au" Area Code = Stupid Mode = 1 Phone = *99***1# Username = dummy Password = dummy Ask Password = 0 Dial Command = ATD Idle Seconds = 3000 DialMessage1 = DialMessage2 = ISDN = 0 Auto DNS = 1 Check DNS = 0 > and was the card detailed at > http://store.vodafone.com.au/mobile_detail.cfm?mobID=18 the one that > worked with Dapper? That page doesn't give exact model numbers, so it's hard to tell. It certainly looks more like the one I didn't get (Huawei brand, I think?); the Merlin I got has the SIM slot toward the back of the card. Both of them work fine with Dapper, though -- they appear to the kernel as being little more than an ACM modem. - Matt -- Non-PHB basically told $MANAGER to go check his drive integrity. -- steve, ASR -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Re: Linux compatible Sydney 3G for notebooks
Matthew Palmer wrote: I've got a Vodafone 3G (Merlin) card through work and it works nicely -- a bit fiddly to setup, perhaps, but doable. A client I've been at has the "other model" of Vodafone 3G card and it works in Ubuntu Dapper, but not earlier versions -- so you'll need a pretty new kernel if you get lumped with that card. Thanks to everyone for their suggestions. Because I actually live in Newcastle - but travel to the capitals enough of the time to warrant mobile coverage - probably the Vodafone service makes most sense as I can fallback to GPRS when at home. I also didn't realise the iBurst coverage was sketchy - does anyone else have experiences with that, particularly in the CBD areas of Sydney and Brisbane? As for Vodafone, is there any chance of posting some notes on installing it, and was the card detailed at http://store.vodafone.com.au/mobile_detail.cfm?mobID=18 the one that worked with Dapper? Cheers Ben -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Re: Linux compatible Sydney 3G for notebooks
I hope those drivers have gotten a *lot* better since I used them about a year ago -- they were horrendous back then. If you're considering getting iBurst, get a trial period first. Between the shithouse drivers and woeful coverage (I rarely got a useable signal) it wasn't worth it for me to get it. YMMV, of course. - Matt Yes they have been rewritten from scratch. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: Linux compatible Sydney 3G for notebooks
On Sat, Jul 08, 2006 at 01:23:45PM +1000, mark wrote: > Ben Alex wrote: > >Hi everybody > > > >Does anyone know of a wireless (preferably 3G) Internet service which > >is compatible with Linux-based notebooks (Ubuntu)? Most of the service > >providers like iBurst etc seem to specify the use of Windows. > > > >Cheers > >Ben > > The linux drivers for iburst can be found at this link > > http://sourceforge.net/projects/ibdriver/ I hope those drivers have gotten a *lot* better since I used them about a year ago -- they were horrendous back then. If you're considering getting iBurst, get a trial period first. Between the shithouse drivers and woeful coverage (I rarely got a useable signal) it wasn't worth it for me to get it. YMMV, of course. - Matt -- Sure, it's possible to write C in an object-oriented way. But, in practice, getting an entire team to do that is like telling them to walk along a straight line painted on the floor, with the lights off. -- Tess Snider, [EMAIL PROTECTED] -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: Linux compatible Sydney 3G for notebooks
On Sat, Jul 08, 2006 at 10:14:15AM +1000, Ben Alex wrote: > Does anyone know of a wireless (preferably 3G) Internet service which is > compatible with Linux-based notebooks (Ubuntu)? Most of the service > providers like iBurst etc seem to specify the use of Windows. I've got a Vodafone 3G (Merlin) card through work and it works nicely -- a bit fiddly to setup, perhaps, but doable. A client I've been at has the "other model" of Vodafone 3G card and it works in Ubuntu Dapper, but not earlier versions -- so you'll need a pretty new kernel if you get lumped with that card. - Matt -- For instance "Mine eyes haves seen the glory of the coming of the Lord," the anthem of the abolitionists (and the Union forces in the civil war) doesn't actually refer to theology but the superiority of Arch over CVS. -- Jaldhar H. Vyas, debian-devel -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Linux compatible Sydney 3G for notebooks
Ben Alex wrote: Hi everybody Does anyone know of a wireless (preferably 3G) Internet service which is compatible with Linux-based notebooks (Ubuntu)? Most of the service providers like iBurst etc seem to specify the use of Windows. Cheers Ben The linux drivers for iburst can be found at this link http://sourceforge.net/projects/ibdriver/ Follow the instructions the install doc for the pcmcia card. If you are using the desktop modem you can use the drivers and configure it for the usb port. If you just intend on using the Ethernet port just simply plug it in and use a dialing program like RP-PPPoE http://www.roaringpenguin.com/penguin/open_source_rp-pppoe.php Cheers Mark -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Firewall
On Sat, 8 Jul 2006 12:20:20 +1000 Metrics <[EMAIL PROTECTED]> wrote: > On Sat, Jul 08, 2006 at 11:33:44AM +1000, Sonia Hamilton wrote: > > * On Fri, Jul 07, 2006 at 04:19:21PM +0800, [EMAIL PROTECTED] wrote: > > > 1) How to setup a firewall in ubuntu? It seems suitable iptables > > > settings do work but that's awefully primitive. This article did > > > not help http://www.linux.com/article.pl?sid=06/06/26/1556259 (no > > > lokkit or guarddog can be found by apt-get) > > > > I use shorewall [1], basically a perl wrapper on iptables. Easy to > > config with a collection of files in /etc/shorewall, and very > > flexible - from a single laptop to a large network. > > > > [1] http://www.shorewall.net > > > > If you want something simple, firehol is pretty good. Debian (and > therefore probably Ubuntu) has a bunch of example config files that > are really easy to use. The advantage to say shorewall (although > things may have changed) is that with fussy protocols like SMB, you > just enable it and it works, where as I found with shorewall that you > needed to worry about traffic directions and such. It also lets you > do NATting and stuff extremely simply. > > And that's my 5 cents. Yes, same with Firestarter. I used Shorewall for quite some time on a Linux router. It is good, but something like Firestarter is (I think) the way to go for a simple Ubuntu setup. Doesn't do as much as Shorewall, but it is dead simple to set up and run a simple desktop protection firewall. My 5 cents. Alan > > Byron > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- Alan L Tyreehttp://www2.austlii.edu.au/~alan Tel: +61 2 4782 2670Mobile: +61 427 486 206 Fax: +61 2 4782 7092FWD: 615662 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Firewall
Metrics wrote: On Sat, Jul 08, 2006 at 11:33:44AM +1000, Sonia Hamilton wrote: * On Fri, Jul 07, 2006 at 04:19:21PM +0800, [EMAIL PROTECTED] wrote: 1) How to setup a firewall in ubuntu? It seems suitable iptables settings do work but that's awefully primitive. This article did not help http://www.linux.com/article.pl?sid=06/06/26/1556259 (no lokkit or guarddog can be found by apt-get) I use shorewall [1], basically a perl wrapper on iptables. Easy to config with a collection of files in /etc/shorewall, and very flexible - from a single laptop to a large network. [1] http://www.shorewall.net If you want something simple, firehol is pretty good. Debian (and therefore probably Ubuntu) has a bunch of example config files that are really easy to use. The advantage to say shorewall (although things may have changed) is that with fussy protocols like SMB, you just enable it and it works, where as I found with shorewall that you needed to worry about traffic directions and such. It also lets you do NATting and stuff extremely simply. In the current release, to block or permit SMB traffic, all you do in "rules" is you do "SMB/REJECT" or "SMB/ACCEPT". The macros are in /usr/share/shorewall. You can make up macros for any service. O Plameras -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: ubuntu routing
On Fri, Jul 07, 2006 at 09:57:18PM +0800, [EMAIL PROTECTED] wrote: > I cant find anything that does the equivalent of > echo 1 > /proc/sys/net/ipv4/ip_forward > on my newly installed ubuntu box. Before I invent a way, does anybody know if > I'm missing something. sed -i s/ip_forward=no/ip_forward=yes/ /etc/network/options - Matt -- I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: ubuntu routing
On Sat, Jul 08, 2006 at 08:42:45AM +1000, O Plameras wrote: > David Kempe wrote: > >If you want a good firewall, use shorewall. and have it do it for you > > How will shorewall solved this particular problem when he is missing > this functionality ? > "echo 1 > /proc/sys/net/ipv4/ip_forward" > > One of the things "shorewall" does is to enable "ip forwarding" ? "Yes". - Matt -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Firewall
On Sat, Jul 08, 2006 at 11:33:44AM +1000, Sonia Hamilton wrote: > * On Fri, Jul 07, 2006 at 04:19:21PM +0800, [EMAIL PROTECTED] wrote: > > 1) How to setup a firewall in ubuntu? It seems suitable iptables settings > > do > > work but that's awefully primitive. This article did not help > > http://www.linux.com/article.pl?sid=06/06/26/1556259 (no lokkit or guarddog > > can be found by apt-get) > > I use shorewall [1], basically a perl wrapper on iptables. Easy to > config with a collection of files in /etc/shorewall, and very flexible - > from a single laptop to a large network. > > [1] http://www.shorewall.net > If you want something simple, firehol is pretty good. Debian (and therefore probably Ubuntu) has a bunch of example config files that are really easy to use. The advantage to say shorewall (although things may have changed) is that with fussy protocols like SMB, you just enable it and it works, where as I found with shorewall that you needed to worry about traffic directions and such. It also lets you do NATting and stuff extremely simply. And that's my 5 cents. Byron -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Linux compatible Sydney 3G for notebooks
* On Sat, Jul 08, 2006 at 10:14:15AM +1000, Ben Alex wrote: > Hi everybody > > Does anyone know of a wireless (preferably 3G) Internet service which is > compatible with Linux-based notebooks (Ubuntu)? Most of the service > providers like iBurst etc seem to specify the use of Windows. I use a Telstra Minimax - decidely not 3G - it's CDMA, and also not exactly cheap for the bandwidth. But it has the advantage of working in country areas and Perth, which I travel to for work occasionally. I wrote up my experiences here http://www.snowfrog.net/?q=node/322; Quozl in NT/WA also has it: http://quozl.linux.org.au/mm-5100/ I think you'll find some of the providers specify Windows, even though basically all you need is a DHCP client... -- Sonia Hamilton. GPG key A8B77238. . "Complaining that Linux doesn't work well with Windows is like ... oh, say, evaluating an early automobile and complaining that there's no place to hitch up a horse." (Daniel Dvorkin) -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Firewall
* On Fri, Jul 07, 2006 at 04:19:21PM +0800, [EMAIL PROTECTED] wrote: > 1) How to setup a firewall in ubuntu? It seems suitable iptables settings do > work but that's awefully primitive. This article did not help > http://www.linux.com/article.pl?sid=06/06/26/1556259 (no lokkit or guarddog > can be found by apt-get) I use shorewall [1], basically a perl wrapper on iptables. Easy to config with a collection of files in /etc/shorewall, and very flexible - from a single laptop to a large network. [1] http://www.shorewall.net -- Sonia Hamilton. GPG key A8B77238. . "Complaining that Linux doesn't work well with Windows is like ... oh, say, evaluating an early automobile and complaining that there's no place to hitch up a horse." (Daniel Dvorkin) -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] ubuntu routing
Jeff Waugh wrote: David Kempe wrote: If you want a good firewall, use shorewall. and have it do it for you How will shorewall solved this particular problem when he is missing this functionality ? "echo 1 > /proc/sys/net/ipv4/ip_forward" One of the things "shorewall" does is to enable "ip forwarding" ? Yes, it's essentially a firewall construction kit, and makes deployment and configuration of firewalls and modular rules quite simple. And "shorewall" is such a user-friendly kit that anyone using it is not required to know how to "iptables". It is even made simpler with the current release because a user simply use "SMTP/REJECT" to block SMTP packets or "SMTP/ACCEPT" to permit SMTP packets. Of course what one needs is know to RTFM and understand what's meant in it. There are samples of how to construct these MACROS in "shorewall" documentations. O Plameras -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Linux compatible Sydney 3G for notebooks
Hi everybody Does anyone know of a wireless (preferably 3G) Internet service which is compatible with Linux-based notebooks (Ubuntu)? Most of the service providers like iBurst etc seem to specify the use of Windows. Cheers Ben -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Firewall
On Saturday 08 July 2006 05:35, [EMAIL PROTECTED] wrote: > > Hi > > my ongoing frustrations: > > > > 1) How to setup a firewall in ubuntu? It seems suitable iptables settings > > do work but that's awefully primitive. This article did not help > > http://www.linux.com/article.pl?sid=06/06/26/1556259 (no lokkit or > > guarddog can be found by apt-get) > > If you enable universe you can get these: > > erikd > apt-cache search guarddog > guarddog - firewall configuration utility for KDE > guidedog - NAT/masquerading/port-forwarding configuration tool for KDE > erikd > apt-cache search lokkit > gnome-lokkit - basic interactive firewall configuration tool (GNOME > interface) lokkit - basic interactive firewall configuration tool (console > interface) Thanks for all the help! The missing link: I DID enable universe, I needed to apt-get update I did not understand that I needed to do that on a new install: jam> apt-cache search lokkit jam> James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] ubuntu routing
> David Kempe wrote: > >If you want a good firewall, use shorewall. and have it do it for you > > How will shorewall solved this particular problem when he is missing this > functionality ? "echo 1 > /proc/sys/net/ipv4/ip_forward" > > One of the things "shorewall" does is to enable "ip forwarding" ? Yes, it's essentially a firewall construction kit, and makes deployment and configuration of firewalls and modular rules quite simple. - Jeff -- linux.conf.au 2007: Sydney, Australia http://lca2007.linux.org.au/ i wish i could write good flames boc: you can't win if you don't play -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] ubuntu routing
David Kempe wrote: If you want a good firewall, use shorewall. and have it do it for you How will shorewall solved this particular problem when he is missing this functionality ? "echo 1 > /proc/sys/net/ipv4/ip_forward" One of the things "shorewall" does is to enable "ip forwarding" ? dave [EMAIL PROTECTED] wrote: Hi I cant find anything that does the equivalent of echo 1 > /proc/sys/net/ipv4/ip_forward on my newly installed ubuntu box. Before I invent a way, does anybody know if I'm missing something. Thanks James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Dynamic routing - RIP or BGP or what?
Howard Lowndes wrote: Tks for that. I have got 192.168.1.2 advertising 192.168.2.0/24 directed to 192.168.1.1 as per RFC1723, and I have got 192.168.1.1 listening on udp/520. My problem now is: how do I get 192.168.1.1 to do things with the packets that it is receiving, because the route table is not adjusting. I guess the question is: how do I set up ripd on 192.168.1.1 to operate in "receive" mode? Did you advertise network 192.168.2.0/24 at 192.168.1.1 ? Remember the basic rule - routing happens at the the Gateway ? Every Gateway needs to know What you want routed. And dynamic routing is a Pull not a Push. Now, you can mix static and dynamic. To figure out where your problem is you insert your static route with dynamic and then, remove static one-by-one to zero-in to a problem. O Plameras wrote: Howard Lowndes wrote: I want to do some dynamic routing in a network and I don't know whether I should be using RIP or BGP. } quagga } 1.2.3.4 ||192.168.1.1192.168.1.0/24 I'net }|eth1eth0|-|>>> } ||default gw | } | |192.168.1.2 || | eth1 | | quagga| | eth0 | || |192.168.2.1 | V V 192.168.2.0/24 When I bring the 192.168.2.0/24 network up I want to be able to broadcast that 192.168.1.0/24 network so that the 192.169.1.0/24 network and anything coming in via 1.2.3.4 knows that it is accessible via the 192.168.1.2 interface, but when I don't have the 192.168.2.0/24 network up I don't want to broadcast it, or let the 192.168.1.0/24 or the public world know anything about it. Dynamic routing is the most appropriate and efficient solution. You simply advertise your network address to receive traffic. If you don't wish to receive traffic you remove the advertisement. Because of this it is easier and cleaner to configure and maintain your routes. Dynamic routing is PULL routing whilst static routing is PUSH routing and therefore in dynamic routing the receiver has better control for in-coming traffic. I have installed quagga where shown but I don't know whether I should be using RIP or BGP and I don't know wheta the config files should look like. You can do RIP, OSPF, or BGP, although BGP is especially intended for multi-homing (more that one uplink/downlink). When you do BGP you can invent your AS Number but don't advertise your Network outside your local network. These protocols are all intended to simplify configuration and maintenance of your routes. For small networks like less than 5 networks, RIP works well. For complex networks use OSPF or BGP. Definitely BGP if you have multi-home nodes. For example, your Albury node sends/receives traffic to/from Canberra, to/from Wagga, to/from Gundagai, to/from Mebourne, etc, this is BGP routing. In other words if you use STAR-nodes network definitely BGP. Hope this helps. O Plameras -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Firewall
On Fri, 7 Jul 2006 16:19:21 +0800 [EMAIL PROTECTED] wrote: > Hi > my ongoing frustrations: > > 1) How to setup a firewall in ubuntu? It seems suitable iptables > settings do work but that's awefully primitive. This article did not > help http://www.linux.com/article.pl?sid=06/06/26/1556259 (no lokkit > or guarddog can be found by apt-get) Firestarter is a nice simple firewall. > > 2) How to manipulate and configure services. I CAN and have been > sym-linking /etc/init.d/service to rc2.d/SNNservice. That too is > awefully primitive. system -> administration -> services lists 8 > services from anacron to ssh. What about the zillion others? > > Help shows not available pictures: > each service [] > with a [] > checkbox [] > > Thanks > James > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- Alan L Tyreehttp://www2.austlii.edu.au/~alan Tel: +61 2 4782 2670Mobile: +61 427 486 206 Fax: +61 2 4782 7092FWD: 615662 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] ubuntu routing
If you want a good firewall, use shorewall. and have it do it for you dave [EMAIL PROTECTED] wrote: Hi I cant find anything that does the equivalent of echo 1 > /proc/sys/net/ipv4/ip_forward on my newly installed ubuntu box. Before I invent a way, does anybody know if I'm missing something. Thanks James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] ubuntu routing
Hi I cant find anything that does the equivalent of echo 1 > /proc/sys/net/ipv4/ip_forward on my newly installed ubuntu box. Before I invent a way, does anybody know if I'm missing something. Thanks James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: Microsoft kinda do ODF
Phil Scarratt wrote: Thought this was interesting and worth posting just in case someone out there hadn't read it. Fil Oh dear http://www.computerworld.com/blogs/node/2911 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Microsoft kinda do ODF
Thought this was interesting and worth posting just in case someone out there hadn't read it. Fil -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Nokia 770 Internet Tablet on Ebay from Perth
Guys, Just thought I'd post up that I'm Ebaying a new Nokia 770 Internet tablet. The buy-it-now price is exactly how much it costs to buy in the US so it's a pretty good deal. You can check it out here: http://cgi.ebay.com.au/ws/eBayISAPI.dll?ViewItem&ih=001&item=110005964260&rd=1&sspagename=STRK%3AMESE%3AIT&rd=1 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Dynamic routing - RIP or BGP or what?
Howard Lowndes wrote: I want to do some dynamic routing in a network and I don't know whether I should be using RIP or BGP. } quagga } 1.2.3.4 ||192.168.1.1192.168.1.0/24 I'net }|eth1eth0|-|>>> } ||default gw | } | |192.168.1.2 || | eth1 | | quagga| | eth0 | || |192.168.2.1 | V V 192.168.2.0/24 When I bring the 192.168.2.0/24 network up I want to be able to broadcast that 192.168.1.0/24 network so that the 192.169.1.0/24 network and anything coming in via 1.2.3.4 knows that it is accessible via the 192.168.1.2 interface, but when I don't have the 192.168.2.0/24 network up I don't want to broadcast it, or let the 192.168.1.0/24 or the public world know anything about it. Dynamic routing is the most appropriate and efficient solution. You simply advertise your network address to receive traffic. If you don't wish to receive traffic you remove the advertisement. Because of this it is easier and cleaner to configure and maintain your routes. Dynamic routing is PULL routing whilst static routing is PUSH routing and therefore in dynamic routing the receiver has better control for in-coming traffic. I have installed quagga where shown but I don't know whether I should be using RIP or BGP and I don't know wheta the config files should look like. You can do RIP, OSPF, or BGP, although BGP is especially intended for multi-homing (more that one uplink/downlink). When you do BGP you can invent your AS Number but don't advertise your Network outside your local network. These protocols are all intended to simplify configuration and maintenance of your routes. For small networks like less than 5 networks, RIP works well. For complex networks use OSPF or BGP. Definitely BGP if you have multi-home nodes. For example, your Albury node sends/receives traffic to/from Canberra, to/from Wagga, to/from Gundagai, to/from Mebourne, etc, this is BGP routing. In other words if you use STAR-nodes network definitely BGP. Hope this helps. O Plameras -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Firewall
[EMAIL PROTECTED] wrote: > Hi > my ongoing frustrations: > > 1) How to setup a firewall in ubuntu? It seems suitable iptables settings do > work but that's awefully primitive. This article did not help > http://www.linux.com/article.pl?sid=06/06/26/1556259 (no lokkit or guarddog > can be found by apt-get) If you enable universe you can get these: erikd > apt-cache search guarddog guarddog - firewall configuration utility for KDE guidedog - NAT/masquerading/port-forwarding configuration tool for KDE erikd > apt-cache search lokkit gnome-lokkit - basic interactive firewall configuration tool (GNOME interface) lokkit - basic interactive firewall configuration tool (console interface) > 2) How to manipulate and configure services. I CAN and have been > sym-linking /etc/init.d/service to rc2.d/SNNservice. That too is awefully > primitive. Yes. For a commandline way of doing this on Debian/Ubuntu try update-rc.d. I'm pretty sure there are gui tools for this as well. Erik -- +---+ Erik de Castro Lopo +---+ "These are the finest moments in (post)modern life, when satire is completly indistinguishable from reality... I usually have to rely on the presidential elections for such dada." -- frenomulax on Jesux a christian Linux distro. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Firewall
Hi my ongoing frustrations: 1) How to setup a firewall in ubuntu? It seems suitable iptables settings do work but that's awefully primitive. This article did not help http://www.linux.com/article.pl?sid=06/06/26/1556259 (no lokkit or guarddog can be found by apt-get) 2) How to manipulate and configure services. I CAN and have been sym-linking /etc/init.d/service to rc2.d/SNNservice. That too is awefully primitive. system -> administration -> services lists 8 services from anacron to ssh. What about the zillion others? Help shows not available pictures: each service [] with a [] checkbox [] Thanks James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: Dynamic routing - RIP or BGP or what?
Howard Lowndes <[EMAIL PROTECTED]> uttered the following thing: > I want to do some dynamic routing in a network and I don't know whether > I should be using RIP or BGP. [...] BGP is for external routing - not suitable. RIP is old, and it's convergence time is pityful. If Quagga allows it, OSPF would be a better option. Or for the non-network way, you could always put scripts between the two routing boxes that simply setup static routes when the right interface comes up. BB -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: Looking for some Raw DV footage to practice on
elliott-brennan <[EMAIL PROTECTED]> uttered the following thing: > > I'm going to have a more in-depth look at > Cinelerra too; my limited experience with it has > brought me to the conclusion that I really need to > RTM more so than with Kino :) The difference between Kino and Cinelerra is like the difference between Nano and Vim - ie the latter's a lot more powerful but a bitch to learn :) BB -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Ubuntu 6.06 wireless networking
> * On Fri, Jul 07, 2006 at 01:57:31AM +1000, Jeff Waugh wrote: > > The default software isn't clever enough to do this for you. However, > > with a little help from Network Manager (install network-manager-gnome), > > you will have a *very* pleasurable network switching experience; both > > wifi and wired. > > Hey Jeff, > > I installed network manager, but I couldn't seem to find a way of > configuring or running it. I had a look around with dpkg -L > network-manager, couldn't see anything obvious. Is it just Friday > afternoon & my brain has gone to sleep? No, it's just a bit obtuse at the moment because it's not nicely integrated for you. Run nm-applet (which is in network-manager-gnome). You should also check that it is in your startup list (System > Preferences > Sessions). - Jeff -- linux.conf.au 2007: Sydney, Australia http://lca2007.linux.org.au/ "Old timers will tell you what a pain unstable was during the new testament transition." - Jon Corbet on Debian's KJV packages -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
