Re: [SLUG] Best (most efficient method) recursive dir DEL
Thanks to all for the responses.
Interestingly, everyone has come back with "find" (followed by..) as
the best option. Perhaps this is simply a reflection of the fact my 3
examples all used 'find'.
I have always thought (believed) 'find' was a less efficient process
than 'locate' and kind of hoped 'locate' (or some other cmd I don't
know) might pop up as a solution. I understand 'locate' depends on an
updated 'db', but I figured that indexing process was still more
efficient than 'find' trawling the structure in realtime.
Kyle
On 22-05-2014 19:16, Darragh Bailey wrote:
Hi Kyle,
You might find it worth looking at the following invocation of find:
find -name -exec rm -rf {} \+ -prune
the '+' will support expansion of arguments, thus it works exactly
like xargs in building up a command line that is passed to rm. You may
also need to specify \"{}\" to handle whitespace in directory names,
untested.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Best (most efficient method) recursive dir DEL
Sorry, poorly worded.
I want to to loop a given structure and remove . /[specific, named]
/. (non-empty) directories below the top dir
Kyle
On 22-05-2014 14:12, Amos Shapira wrote:
What's the context of this question? Do you really want to keep all
empty directories?
"-delete" will fail on non-empty directories. Use "-print0 -prune |
xargs -0 rm -rf" to stop find from scanning the doomed directory.
On 22 May 2014 09:10, "Kyle" mailto:k...@attitia.com>>
wrote:
Hi folks,
I was wondering what is the best (as in most efficient method) for
doing an automated, scheduled recursive search and DEL exercise.
The scheduled part is just a cron job, no problem. But what's the
most efficient method to loop a given structure and remove all
(non-empty) directories below the top dir?
The 3 examples I've come up with are;
find -name -exec rm -rf {} \;
- what's the '\' for and is it necessary?
rm -rf `find -type d -name ` -
does it actually require the ' ` ' or are ' ' ' good enough?
find -name '' -type d -delete-
or won't this work for a non-empty dir?
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Best (most efficient method) recursive dir DEL
Hi folks,
I was wondering what is the best (as in most efficient method) for doing
an automated, scheduled recursive search and DEL exercise. The scheduled
part is just a cron job, no problem. But what's the most efficient
method to loop a given structure and remove all (non-empty) directories
below the top dir?
The 3 examples I've come up with are;
find -name -exec rm -rf {} \; -
what's the '\' for and is it necessary?
rm -rf `find -type d -name ` - does
it actually require the ' ` ' or are ' ' ' good enough?
find -name '' -type d -delete- or
won't this work for a non-empty dir?
Or is there a more efficient manner which I can slot into a cron job?
Much appreciate the input.
--
----
Kind Regards
Kyle
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Pickles Auctions and Linux
Hi All, has anyone ever managed to get a Firefox (or other browser) connection to a "Live" Pickles Car Auction and if so, how did you manage it please? Their website shows Mac and MS and a FF plugin that just happens to contain a DLL and given it's a bit of an Aust. problem, there doesn't appear to be a lot on the interwebs. Any input greatly appreciated. -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Linux Exchange Alternative
A big vote for Zimbra community edition here. Or you can also pay for support. Doesn't replace AD, but for groupware, works a treat. Kind Regards Kyle On 30-01-2014 14:32, Edwin Humphries wrote: G'day all. Some time ago I had a look at a Linux alternative to M$ Exchange - I seem to recall that it had been started by HP, then handed over to someone else. It was commercial software (paid) but a realistic alternative to Exchange. I have a client with 6 PCs using Outlook, who now needs an Exchange SErver, and is willing to look at a Linux alternative, but I now can't find the software i remember. There seem to be several others, so I wonder: what does everybody think is the best option (especially in terms of ease of installation and configuration). The main goal is Outlook-based shared calendaring. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] multi file rename matching moved multiple regex pattern matches using shell expansion only
I'm having a bit of trouble renaming some files I have and hoping someone might help. I have a bunch of bank statements named 'Statement_<4 digit yr>.pdf' which I want to rename to '<4 digit yr>__Statement.pdf' I can work out the regex, but having trouble figuring out how to feed this through the shell. Can you help please? -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] dns issues
This might be a bit simplistic but; If Verizon are claiming they are receiving a "Domain Not Found" error _and_ you are certain your domains are correctly configured, then isn't the problem likely to lie with Net Registry? The domains are 'hosted' (on a DNS basis) with them. Ergo they are supposed to return the record, surely? Or alternatively, is there some form of blacklisting going on somewhere in the chain? ---- Kind Regards Kyle On 12/08/12 8:53 AM, li...@sbt.net.au wrote: On Sat, August 11, 2012 10:20 pm, Amos Shapira wrote: thanks, Amos reverse is OK other domains have been on this server for some time, with same dns servers, no issues were seen in my testing on Sat, I also managed to get SERVFAIL responses at times I think I should maybe run a dig query every few minutes and log it ? I tried mxtoolbox and intodns to cross check, at one point, output from dig contradicted what the website was saying so, not sure and, mail server locked out mxtoolbox for portscanning the mailserver... -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] cPanel like multi-host dashboard software??
Thanks Dave. Kind Regards Kyle On 27/07/12 8:49 AM, Dave Kempe wrote: - Original Message - From: "K L" But would also want some type of software that could be used to administer each separate server ... effectively as a group ... from within a single UI. Whether that has an agent installed on each 'client' server or how it is configured, I don't know yet. But, have to start somewhere. You should be able to start and get pretty far with webmin/usermin/virtualmin and 3rd party modules. Dave -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Linux calendaring
Not sure this will fit exactly what you're looking for but; I use Thunderbird with Lightning plugin to CalDAV to a Zimbra server (which I run). I then have a calDAV client for the Android to read/write to the calendar. Kind Regards Kyle On 22/03/12 1:28 PM, pe...@chubb.wattle.id.au wrote: What calendaring clients are people using? I'm finding the need for a calendar that syncs to a CalDAV server, and to my PDA. Evolution used to be able to do this, but they've dropped PalmOS support now. And its user interface is uncomfortable to use for me --- too much screen real estate, and wants to be a MUA as well as a calendar and addressbook. I'm still using JPilot for most things, but it doesn't talk to CalDAV. Looking for recommendations... Peter C -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] gnome: folder shortcut on gpanel?
Could you not create the link in terminal and then either from file browser, drag it to the panel? Or create via whatever menu right click option there is? Kind Regards Kyle On 20/10/11 2:23 PM, Sonia Hamilton wrote: How do you put a link to a folder on gnome-panel? For example, in Nautilus I can create a link to a folder (/tmp say) in the Side Pane. Then when I click on the /tmp link, Nautilus opens up a view on /tmp. (A link to /tmp also appears in Places). How do a put a similar link directly on gnome-panel? ie so I don't have to go via places? I've been googling and reading pages like http://www.yolinux.com/TUTORIALS/GNOME.html but not much luck... -- Sonia Hamilton http://soniahamilton.wordpress.com http://www.linkedin.com/in/soniahamilton -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Email Client
I would've once agreed re Thunderbird and lists, specifically this one. There used to be a plugin "Reply to Mailing List" which was configurable and worked great. That said, since being on T'Bird 3.1.4 (on a MAC) writing this mail, the apparently in-built reply to list functionality seems to work like a charm. ---- Kind Regards Kyle On 13/06/11 6:57 PM, Jam wrote: IMHO thunderbird is completely unusable ... Try to reply to an issue (eg this one) when you get digest mail and you will get a deep and clear understanding of stress. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] PC won't recognise boot disk - SOLVED
I'd spent enough time pissing around with it. So I went and bought a cheap new pc. Thanks everyone. Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Choice of OS's
I reckon I'm dumb enough to called newbie still, and I play with both Ubuntu and CentOS. Ubuntu is as near to Redmond without being Windows as you can get I reckon. Even though, it's built on Debian isn't it? And CentOS makes for a great server. Wouldn't be keen to try Fedora anymore, but what's OpenSUSE like? I've not looked at that yet ---- Kind Regards Kyle On 09/06/11 11:30 PM, Heracles wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Derivatives such as Ubuntu 10.10 (11.04 is flawed) are easier to set up. OpenSuSE 11.4 and Fedora 14 are also excellent choices. OpenSuSE 11.4 is on the cover disk of this month's APC magazine. Heracles -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] PC won't recognise boot disk
Ben, thanks the info, but that's apparently not it. Or so it would seem. According to both fdisk and GParted from the liveCD, the boot flag is set on sda1 (/boot). P.S. Thanks for the lesson on partition numbering. Kind Regards Kyle On 08/06/11 10:04 PM, Ben Donohue wrote: Hi Kyle, The primary or boot partition is not set to active. Use a tool like a boot disk or anything that can set the boot partition to "active" partition. Thanks, Ben Donohue On 8/06/2011 9:54 PM, Kyle wrote: 2 or 3 yr old pc running SiS-661 chipset, celeron and 1GB. So your average every day bog standard pc with an 80GB IDE HDD. Ubuntu 10.10 runs fine from live CD, albeit a bit slow. Even installs fine, albeit slow. Used to dual-boot XP / Ubuntu till me dear sweet mother asked me to add in an old disk of hers formatted in FAT32. Suddenly, it popped up with; "Boot disk priority has changed. Please enter setup to check bla blah blah." Never booted since. FAT32 disk since removed. Original disk wiped, partition table wiped, reinstalled Ubuntu only. MBR zeroed out and full OS re-install. And the bloody thing STILL won't find the OS on boot. Does POST, finds HDD + 2 CD's, tries to boot from CD, then comes; "DISK BOOT FAILURE, INSERT SYSTEM DISK AND PRESS ENTER" Boot from live cd again; run fdisk, far as fdisk concerned all partitions there with sda1 marked as boot. MEMTest all good. Everything seems right. Only peculiarity I can see is despite wiping partition table and writing empty table to re-boot again from disc, is when creating partitions it gives me sda1, sda5 (swap) and sda6 (/). What happened to sda's 2, 3 & 4? BIOS shows this disc as first in HDD boot order after CD's. Can anyone offer any suggestions as to why this thing simply refuses to locate the boot partition please? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] PC won't recognise boot disk
2 or 3 yr old pc running SiS-661 chipset, celeron and 1GB. So your average every day bog standard pc with an 80GB IDE HDD. Ubuntu 10.10 runs fine from live CD, albeit a bit slow. Even installs fine, albeit slow. Used to dual-boot XP / Ubuntu till me dear sweet mother asked me to add in an old disk of hers formatted in FAT32. Suddenly, it popped up with; "Boot disk priority has changed. Please enter setup to check bla blah blah." Never booted since. FAT32 disk since removed. Original disk wiped, partition table wiped, reinstalled Ubuntu only. MBR zeroed out and full OS re-install. And the bloody thing STILL won't find the OS on boot. Does POST, finds HDD + 2 CD's, tries to boot from CD, then comes; "DISK BOOT FAILURE, INSERT SYSTEM DISK AND PRESS ENTER" Boot from live cd again; run fdisk, far as fdisk concerned all partitions there with sda1 marked as boot. MEMTest all good. Everything seems right. Only peculiarity I can see is despite wiping partition table and writing empty table to re-boot again from disc, is when creating partitions it gives me sda1, sda5 (swap) and sda6 (/). What happened to sda's 2, 3 & 4? BIOS shows this disc as first in HDD boot order after CD's. Can anyone offer any suggestions as to why this thing simply refuses to locate the boot partition please? -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] [SOLVED] DHCP -> DDNS not updating
And the gold star goes to John. Thanks John for thinking with me. And of course thanks also go to everyone else who kicked in. For posterity and by way of explanation: Because of the views and the fact the update was coming from dhcpd on localhost, the 'localhost_resolver' view was taking over and disallowing the update because it couldn't find the key "matched to the internal zone" anywhere, as of course neither could the rest of the www where it was further forwarding the request. Once I included the internal zones into the 'localhost_resolver' view, hey presto! I created the views pretty much carbon copy from the sample file in /usr/share/doc that comes with this dist. of BIND. That file states (verbatim); // All BIND 9 zones are in a "view", which allow different zones to be served // to different types of client addresses, and for options to be set for groups // of zones. // // By default, if named.conf contains no "view" clauses, all zones are in the // "default" view, which matches all clients. // // If named.conf contains any "view" clause, then all zones MUST be in a view; // so it is recommended to start off using views to avoid having to restructure // your configuration files in the future. The sample file does also state; // These are your "authoritative" internal zones, and would probably // also be included in the "localhost_resolver" view above : But doesn't state when/why/etc. Nor does the manpage. In fact, nothing I read anywhere made any determination of difference between running a DHCP->DDNS setup on a single box or separate boxes. What the hell does "probably" mean in that context? To be fair, I had already tried including the internal zones in the 'localhost_resolver' view on my original host, but when I started BIND thereafter, syslog showed each defined zone being loaded twice, so I had discounted that as being "not good" (obviously something else going on on the original host). And no level of debugging log BIND enabled me to set up provided any clues (any mortal could fathom anyway) as to why it wasn't authorised. Thanks again all. It's easy when you know how. Kind Regards Kyle On 17/02/11 6:24 PM, John Clarke wrote: This is just a guess because I've pretty much hit the limits of my knowledge, and I've never used BIND's views, but could it be something to do with the different views you've configured? You're trying to do the update from localhost, so that matches the view "localhost_resolver", but updates aren't allowed in that view configuration. Updates are allowed in the view "internal", which also matches localhost, but I wonder if BIND is simply using the first match and thus disallowing updates? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DHCP -> DDNS not updating
John, 'domain1.com' is obfuscated from the real value. But rest assured I am being painstakingly anal in ensuring the values are the same including the 'key name' in named and dhcpd being exactly the same as used in the dnssec-keygen command. transcript of interaction. Long story short, the error is 'NOTAUTH'. And the result is the same no matter whether I use the .private or .key files. [root@server3 etc]# rndc status number of zones: 8 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF recursive clients: 0/1000 tcp clients: 0/100 server is up and running [root@server3 etc]# rndc reload server reload successful [root@server3 etc]# nsupdate -d -k Kdomain1.com.+157+63230.private Creating key... > server 127.0.0.1 > zone domain1.com > update add client1.domain1.com 86400 A 192.168.1.100 > send Sending update to 127.0.0.1#53 Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 2442 ;; flags: ; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1 ;; ZONE SECTION: ;domain1.com.INSOA ;; UPDATE SECTION: client1.domain1.com.86400INA192.168.1.100 ;; TSIG PSEUDOSECTION: domain1.com.0ANYTSIGhmac-md5.sig-alg.reg.int. 1297920682 300 16 2442 NOERROR 0 Reply from update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOTAUTH, id: 2442 ;; flags: qr ra ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1 ;; TSIG PSEUDOSECTION: domain1.com.0ANYTSIGhmac-md5.sig-alg.reg.int. 1297920682 300 16 2442 NOERROR 0 > quit ---- Kind Regards Kyle On 17/02/11 3:42 PM, John Clarke wrote: On Thu, Feb 17, 2011 at 02:48:45PM +1100, Kyle wrote: What name did you give the key when you created it with dnssec-keygen? Was it "domain1.com"? Is that what name you passed to nsupdate (in the argument to -y)? Do you still have the keyfiles generated by dnssec-keygen? Does nsupdate work if you use -k instead of -y to pass the key? Does "rndc status" work? "rndc reload"? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DHCP -> DDNS not updating
Peter, exactly!! THAT IS MY ISSUE I believe. But I have not yet found a log to give me sufficient info to nut out WHY. All my config files are presently up for the world to see at; https://www.centos.org/modules/newbb/viewtopic.php?topic_id=30159 And from what I've read (LOTS in the last couple of days), they're picture perfect. Kind Regards Kyle On 17/02/11 3:02 PM, pe...@chubb.wattle.id.au wrote: I strongly suspect that the key setup is incorrect. .it will fail because of an authorisation problem. Peter C -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Reading TCP Dump
Ben, I'll be happy to try that, but I'd like to understand your thinking please. Can you clarify it for me please? From what I can tell from your process below, it appears you want to send a request to update an internal DNS server with an internal client's records (for viewing by other internal clients), outside of the network to the internet only to have it come back into the network to be picked up by my internal DNS server. Do I understand that correctly? If so, I believe that will cause a further issue as there are also public dns servers set up (@ dnsmadeeasy.com) for the same domain for the rest of the world to see only what they need to see. Would that be about right? Kind Regards Kyle On 17/02/11 1:52 PM, Ben Donohue wrote: Ok, since it is not working how it is now... then perhaps you'll try the following... setup your modem to point to internode DNS servers for DNS queries. Point your internal DNS server to point to the MODEM for upstream DNS queries. Don't set it up as DDNS. Just forwarding DNS to the next upstream DNS server in the chain if you know what I mean to get external DNS resolution. Also have port 53 TCP and UDP on your modem (coming in) to port forward to your internal DNS server. Thanks, Ben Donohue On 17/02/2011 1:44 PM, Kyle wrote: Ben, answers inline. ---- Kind Regards Kyle On 17/02/11 1:38 PM, Ben Donohue wrote: Hi Kyle, Do you have a static IP? ## Yes. Have you set your modem up to forward DNS queries to internode DNS primary and secondary? ## No. There shouldn't be any need. I run an internal DNS on CentOS 5.5. (Ok, at this point, I'm trying to run an internal dns :-( ) Are you hosting your own domains? ## From an internal client dns perspective, yes. If so, is your internal server setup as the primary name server for your own domains or are you using a third party DNS service or internode DNS services (I'm presuming they have these services) If not, are you pointing your internal server to your modem IP as the forwarder for DNS queries? ## Yes. I run an internal authoritative dns (from my 192.168 subnet's clients' perspective) It is set up to go out to the www and root servers if it can't find what it's looking for. At least, I believe it is. I'm beginning to doubt myself. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DHCP -> DDNS not updating
John, Answers inline. Kind Regards Kyle On 17/02/11 2:00 PM, John Clarke wrote: Are you having problems updating the A record or the PTR record, or both? ## Both. DHCP is simply not updating DNS journals when a lease is renewed. Can you manually update either or both with nsupdate run on the DNS server. ## No, nsupdate extract from last email was run on the dns server. Can you do the same with nsupdate on the DHCP server? ## Same box. Are the clocks on the DHCP server and the DNS server synchronised? I don't remember why this mattered (it's been years since I set this up myself), but I do remember having updates fail when the clocks were not synchronised. ## Same box Can you send me your DNS and DHCP config files? ## Whole sordid sorry saga here (files and all), fresh this a.m.; https://www.centos.org/modules/newbb/viewtopic.php?topic_id=30159 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Reading TCP Dump
Ben, answers inline. Kind Regards Kyle On 17/02/11 1:38 PM, Ben Donohue wrote: Hi Kyle, Do you have a static IP? ## Yes. Have you set your modem up to forward DNS queries to internode DNS primary and secondary? ## No. There shouldn't be any need. I run an internal DNS on CentOS 5.5. (Ok, at this point, I'm trying to run an internal dns :-( ) Are you hosting your own domains? ## From an internal client dns perspective, yes. If so, is your internal server setup as the primary name server for your own domains or are you using a third party DNS service or internode DNS services (I'm presuming they have these services) If not, are you pointing your internal server to your modem IP as the forwarder for DNS queries? ## Yes. I run an internal authoritative dns (from my 192.168 subnet's clients' perspective) It is set up to go out to the www and root servers if it can't find what it's looking for. At least, I believe it is. I'm beginning to doubt myself. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DHCP -> DDNS not updating
Ok, thanks John. I've tried lots since this thread started to the extent I installed a whole fresh machine on 192 subnet only, skimmed dhcpd and named confs down to a simple, by the book, 1 domain setup and I still get the same problem even on the fresh host. And this is a CentOS 5.5 (final) install. I.e. the latest they publish. Reply from update query: ;; ->>HEADER<<- opcode: UPDATE, status: _*NOTAUTH*_, id: 39734 ;; flags: qr ra ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1 ;; TSIG PSEUDOSECTION: domain1.com.0ANYTSIGhmac-md5.sig-alg.reg.int. 1297906252 300 16 39734 NOERROR 0 If I'm "reserving" an IP for a specific host in dhcpd.conf, am I supposed to then be already placing a PTR record in the reverse zone file for the reservation? If so, doesn't that simply defeat the whole purpose of dhcp? ---- Kind Regards Kyle On 17/02/11 1:26 PM, John Clarke wrote: On Tue, Feb 15, 2011 at 07:56:55PM +1100, Kyle wrote: Sorry for the late reply; I've been busy. I have always used BIND with rndc.key and it used to work. What's then the difference between nsupdate and rndc and using BIND? They have two quite different functions. nsupdate is used to modify zone data by sending dynamic DNS updates. rndc is used to control the name server itself, for example, to stop or restart the server, to reload config and/or zone files. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Reading TCP Dump
Ben, std internode ADSL2+ I get about 15.8MB (or Mb ??) down. Why ?? Kind Regards Kyle On 17/02/11 1:26 PM, Ben Donohue wrote: Hi Kyle, just a general question on your setup there... what sort of setup do you have regarding your internet connection? Is it a fairly typical home ADSL2+ modem with an account with an ISP? If so which one? O are you a corporate with a Telstra or Optus router? Or something like that? Thanks, Ben Donohue -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Reading TCP Dump
Hi Slug, I'd be grateful if someone could show me how to interpret this tcp dump pls. It is a sample from an attempt to renew a dhcp lease and update the dns journals. But the dns jounrals are not being updated, apparently due to the error "not authorized". I just don't understand why not. If I'm reading correctly, it is saying that the dhcp server IS attempting to update dns, but is failing for whatever reason? Is this correct? Or.. 2011-02-17 12:36:08.873160 IP 192.168.1.6.ssh > 192.168.1.100.52913: P 3763443825:3763444017(192) ack 1990205104 win 15048 2011-02-17 12:36:08.873441 IP 192.168.1.100.52913 > 192.168.1.6.ssh: . ack 3763444017 win 65535 2011-02-17 12:36:08.873688 IP 192.168.1.6.53310 > 192.168.1.6.domain: 65000+ PTR? 100.10.168.192.in-addr.arpa. (45) 2011-02-17 12:36:08.873854 IP 192.168.1.6.domain > 192.168.1.6.53310: 65000 NXDomain 0/1/0 (122) 2011-02-17 12:36:08.873990 IP 192.168.1.6.49224 > 192.168.1.6.domain: 4103+ PTR? 6.10.168.192.in-addr.arpa. (43) 2011-02-17 12:36:08.874086 IP 192.168.1.6.domain > 192.168.1.6.49224: 4103 NXDomain 0/1/0 (120) 2011-02-17 12:36:10.852268 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:1f:5b:f5:ec:e2 (oui Unknown), length: 300 2011-02-17 12:36:10.852471 arp who-has 192.168.1.100 tell 192.168.1.100 2011-02-17 12:36:10.852506 IP 192.168.1.6.18142 > 192.168.1.6.domain: 46943+ PTR? 255.255.255.255.in-addr.arpa. (46) 2011-02-17 12:36:10.852513 IP server3.domain1.com.37265 > server3.domain1.com.domain: 46789 update [1a] [2n] [1au] SOA? domain1.com. (192) 2011-02-17 12:36:10.852733 IP 192.168.1.6.domain > 192.168.1.6.18142: 46943 NXDomain* 0/1/0 (97) 2011-02-17 12:36:10.852858 IP server3.domain1.com.domain > server3.domain1.com.37265: 46789 update NotAuth [0q] 0/0/1 (93) 2011-02-17 12:36:10.852905 IP 192.168.1.6.40827 > 192.168.1.6.domain: 65149+ PTR? 0.0.0.0.in-addr.arpa. (38) 2011-02-17 12:36:10.853056 IP 192.168.1.6.domain > 192.168.1.6.40827: 65149 NXDomain* 0/1/0 (89) 2011-02-17 12:36:10.853093 Out (oui Unknown) ethertype Unknown (0x0003), length 344: 2011-02-17 12:36:11.720982 arp who-has server1.domain1.com tell 192.168.1.100 2011-02-17 12:36:11.854661 arp who-has server1.domain1.com tell 192.168.1.100 2011-02-17 12:36:16.032102 arp who-has 192.168.1.6 tell 192.168.1.100 2011-02-17 12:36:16.032116 arp reply 192.168.1.6 is-at (oui Unknown) 2011-02-17 12:36:16.032329 IP 192.168.1.100.52913 > 192.168.1.6.ssh: P 1990205104:1990205152(48) ack 3763444017 win 65535 -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DHCP -> DDNS not updating
I reckon I've narrowed it down to the fact that the DNS server is not accepting the key it's being offered. The final transaction I receive from an nsupdate exchange offers; --- ;; TSIG PSEUDOSECTION: domain1_key.0ANYTSIGhmac-md5.sig-alg.reg.int. 1297798631 300 16 P0HVLAVNuSartbLEAqQ3Lg== 22243 NOERROR 0 Reply from update query: ;; ->>HEADER<<- opcode: UPDATE, status: _*NOTAUTH*_, id: 22243 ;; flags: qr ra ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1 ;; TSIG PSEUDOSECTION: domain1_key.0ANYTSIGhmac-md5.sig-alg.reg.int. 1297798631 300 16 8KsZzvC3KJQNnX4EErqdXQ== 22243 NOERROR 0 -- So pretty much the same error as syslog was offering up. But I don't seem to be able to hit on the right google keyword combination to offer up the solution. Can anyone with some in-depth (basically more than me - which is not going to be hard) knowledge offer me avenues to chase down? I have checked, dbl-checked and triple-checked that the key is generated correctly. I have the correct key notation in named.conf, dhcpd.conf, rndc.conf and rndc.key. But I'm obviously missing come pivotal step in either permissions or configuration. ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DHCP -> DDNS not updating
Ah, ok.
Thanks for the explanation John.
I have never before had to use nsupdate. I just tried it because Peter
suggested it and I figured it's a way to test dns updates manually.
I have always used BIND with rndc.key and it used to work. What's then
the difference between nsupdate and rndc and using BIND?
Kind Regards
Kyle
On 15/02/11 6:52 PM, John Clarke wrote:
On Tue, Feb 15, 2011 at 05:35:10PM +1100, Kyle wrote:
domain domain1.com
incorrect section name: domain
I suspect you mean "zone domain1.com". "domain" is not a valid command.
nsupdate -k /etc/rndc.key - The man page says that that format
requires a filename in the format 'K{name}.+157.+{random}.private'.
That's a new one on me. Where, why& how is that needed?
That's been the case for as long as I've been using nsupdate, at least
five years. The filename format is what dnssec-keygen outputs when you
ask it to generate a key.
One other thing you need to make sure of is that the client and server
have their clocks synchronised (e.g. with ntp), otherwise the update
will fail.
There's an nsupdate HOWTO here:
http://caunter.ca/nsupdate.txt
and I have a page explaining how to get DHCP3 to do DDNS updates here:
http://kirriwa.net/john/doc/ddns.html
John
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DHCP -> DDNS not updating
Ok, that get's more info.
-
[root@server1 ~]# nsupdate -k /etc/rndc.key
could not read key from /etc/rndc.key: unexpected token
> [root@server1 ~]# man nsupdate
[root@server1 ~]# nsupdate -y domain1_key:
> server 127.0.0.1
> domain domain1.com
incorrect section name: domain
> update add client1.domain1.com 864000 A 192.168.1.104
> show
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags: ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
client1.domain1.com.864000INA192.168.1.104
> send
could not find enclosing zone
[root@server1 ~]# host client1
Host client1 not found: 3(NXDOMAIN)
[root@server1 ~]# host client1.domain1.com
Host client1.domain1.com not found: 3(NXDOMAIN)
---
So questions arising from that are;
nsupdate -k /etc/rndc.key - The man page says that that format
requires a filename in the format 'K{name}.+157.+{random}.private'.
That's a new one on me. Where, why & how is that needed?
Just that error alone leads me to think the "not authorized" part of the
'forward map' error I was getting has to do with not being able to find
the key. But then, after issuing the send command, I get the error;
"could not find enclosing zone". I can imagine if the key were not being
found, the zone would not be found but don't know how/where that might
becoming from?
I'm going to assume the;
> domain domain1.com
incorrect section name: domain
is just a spurious section because the "domain " command
doesn't exist.
----
Kind Regards
Kyle
On 15/02/11 1:55 PM, Peter Chubb wrote:
Hi Kyle,
I suggest looking in /var/log/messages (I believe the default
confiuration for CENTOS logs everything into there )
You should see lines like:
Feb 15 06:25:34 vampire dhcpd: DHCPREQUEST for A.B.C.D from
some:mac:address:here via eth0
then you might see something like
Feb 15 06:25:35 vampire named[3921]: client 127.0.0.1#53: update
'keg.ertos.in.nicta.com.au/IN' denied
or,
Feb 14 17:35:04 vampire named[4854]: client 127.0.0.1#42217: updating zone
'keg.ertos.in.nicta.com.au/IN': update unsuccessful:
bigmac.keg.ertos.in.nicta.com.au: 'name not in use' prerequisite not satisfied
(YXDOMAIN)
You may also want to check that can update named manually, using
nsupdate.
As root, on the machine running dhcpd, do
nsupdate -k keyfile
server whateveryournameserveris
domain domain.com
update add fred.domain.com 864000 A 192.168.1.100
show
send
or similar. Then try host fred.domain.com to see if you can see the
record you just added.
Peter C
--
Dr Peter Chubb peter DOT chubb AT nicta.com.au
http://www.ertos.nicta.com.au ERTOS within National ICT Australia
All things shall perish from under the sky/Music alone shall live, never to die
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DHCP -> DDNS not updating
Ben, Ok, maybe I'm misunderstanding you. Why would I need to be port forwarding? All my relevant hosts and my DNS server all sit on the 192.168 subnet all behind the same firewall with no reason to go near the modem? The DNS server does act as a firewall, but yes, the relevant ports on the eth1 side for DNS are open (namely 53 & for whatever reason - can't remember now - 953). For clarification the setup is modem (FW) | Server (FW, DNS, DHCP, etc) eth0 = 10.X subneteth1 = 192.168 subnet DHCP listens on 192.168.x.x | internal DHCP hosts on 192.168 subnet Kind Regards Kyle On 15/02/11 1:47 PM, Ben Donohue wrote: yes that's what I'm talking about. are you port forwarding DNS to your internal dns server? setup a test box on the inside of the modem and see if it works with just the modem in place. Thanks, Ben Donohue On 15/02/2011 1:28 PM, Kyle wrote: Ben, thanks for taking the time to look. Perhaps I wasn't clear. My issues are not external clients not updating; rather internal only. I.e. Everything behind my firewalls. ---- Kind Regards Kyle On 15/02/11 1:11 PM, Ben Donohue wrote: Hi, I'd check that you are port forwarding or "virtual server" from the modem port 53 tcp and udp to the internal dns server reboot everything starting from the modem and working your way inwards try to simplify the problem. Run up a new box if you can and stick it temporarily on the inside of the modem and see if it is getting dns correctly... go to websites etc if working then place it on the other side of the svr1 and test from there... Thanks, Ben Donohue On 15/02/2011 11:59 AM, Kyle wrote: Hi SLUG, I have an issue that is becoming more annoying the more I try to track it down. Can I ask those of you interested to take a look at the following thread please: https://www.centos.org/modules/newbb/viewtopic.php?topic_id=30080&forum=40 I realise this might be a little brave ... to ask you to go outside the list, but it is a fairly detailed thread (i.e. lengthy read) with all the necessary info on the box's config and all the testing I have done. In short; --- mixed clients XP, 7, OSX, Ubuntu 10 to a CentOS 5.5 svr all in an MS WORKGROUP type setup. DHCP licences handed out, some reserved. DNS zones supposedly set up to provide name-based network browsing within the WORKGROUP domain and for internal clients to find inbound mail servers for 5 other domains. --- But try as I might, I can't seem to get the DNS updated anymore and I swear it USED TO WORK. The only thing I have since done is update the packages as they came out. I am as far as the error: "Unable to add forward map from client1.domain1.com to 192.168.1.104: not authorized" and that's where it stops. No amount of googlage has so far shone a torch on the issue. The disheartening thing is the bloody redmond boxes CAN find other hosts by name, but not the linux or OSX boxes. If you have the time and incl. to have a read and point out where the hell I'm going wrong pls, I'd be grateful. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DHCP -> DDNS not updating
Ben, thanks for taking the time to look. Perhaps I wasn't clear. My issues are not external clients not updating; rather internal only. I.e. Everything behind my firewalls. Kind Regards Kyle On 15/02/11 1:11 PM, Ben Donohue wrote: Hi, I'd check that you are port forwarding or "virtual server" from the modem port 53 tcp and udp to the internal dns server reboot everything starting from the modem and working your way inwards try to simplify the problem. Run up a new box if you can and stick it temporarily on the inside of the modem and see if it is getting dns correctly... go to websites etc if working then place it on the other side of the svr1 and test from there... Thanks, Ben Donohue On 15/02/2011 11:59 AM, Kyle wrote: Hi SLUG, I have an issue that is becoming more annoying the more I try to track it down. Can I ask those of you interested to take a look at the following thread please: https://www.centos.org/modules/newbb/viewtopic.php?topic_id=30080&forum=40 I realise this might be a little brave ... to ask you to go outside the list, but it is a fairly detailed thread (i.e. lengthy read) with all the necessary info on the box's config and all the testing I have done. In short; --- mixed clients XP, 7, OSX, Ubuntu 10 to a CentOS 5.5 svr all in an MS WORKGROUP type setup. DHCP licences handed out, some reserved. DNS zones supposedly set up to provide name-based network browsing within the WORKGROUP domain and for internal clients to find inbound mail servers for 5 other domains. --- But try as I might, I can't seem to get the DNS updated anymore and I swear it USED TO WORK. The only thing I have since done is update the packages as they came out. I am as far as the error: "Unable to add forward map from client1.domain1.com to 192.168.1.104: not authorized" and that's where it stops. No amount of googlage has so far shone a torch on the issue. The disheartening thing is the bloody redmond boxes CAN find other hosts by name, but not the linux or OSX boxes. If you have the time and incl. to have a read and point out where the hell I'm going wrong pls, I'd be grateful. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] DHCP -> DDNS not updating
Hi SLUG, I have an issue that is becoming more annoying the more I try to track it down. Can I ask those of you interested to take a look at the following thread please: https://www.centos.org/modules/newbb/viewtopic.php?topic_id=30080&forum=40 I realise this might be a little brave ... to ask you to go outside the list, but it is a fairly detailed thread (i.e. lengthy read) with all the necessary info on the box's config and all the testing I have done. In short; --- mixed clients XP, 7, OSX, Ubuntu 10 to a CentOS 5.5 svr all in an MS WORKGROUP type setup. DHCP licences handed out, some reserved. DNS zones supposedly set up to provide name-based network browsing within the WORKGROUP domain and for internal clients to find inbound mail servers for 5 other domains. --- But try as I might, I can't seem to get the DNS updated anymore and I swear it USED TO WORK. The only thing I have since done is update the packages as they came out. I am as far as the error: "Unable to add forward map from client1.domain1.com to 192.168.1.104: not authorized" and that's where it stops. No amount of googlage has so far shone a torch on the issue. The disheartening thing is the bloody redmond boxes CAN find other hosts by name, but not the linux or OSX boxes. If you have the time and incl. to have a read and point out where the hell I'm going wrong pls, I'd be grateful. -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Upgrading OS RAID
Thanks SLUG, lots of ideas. I'll get reading further. -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Upgrading OS RAID
My goal is to replace ALL the current 500GB disks with all new 1TB disks into a new RAID 1 array and yet maintain the entire machine's installation and configuration. I.e. If it were as simple as; 1. as suggested by Menno - install disks separately; create new RAID 1 with appropriate /boot & / 2. Copy entire contents of old RAID1 /boot and / to new RAID 3. remove old RAID, replace old for new. 4. Perhaps some bios fiddling and presto new disks. that would be nice. But somewhere in there I've got to transfer the system onto the new RAID. Just haven't figured out how yet. Plus any other gotchas I don't yet know about. ---- Kind Regards Kyle On 10/01/11 9:32 AM, Dean Hamstead wrote: 1. How do I go about rebuilding the RAID with ALL brand new disks (obviously no longer the same disks, but now newer spec larger disks) such that I don't lose not only the data but don't have to rebuild the whole machine again? Your goal isnt clear. Can you please elaborate? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Upgrading OS RAID
Hi Folks, it appears one of the disks in my s'ware RAID is failing. So I've come to SLUG for some consensus and confirmation. 1. How do I go about rebuilding the RAID with ALL brand new disks (obviously no longer the same disks, but now newer spec larger disks) such that I don't lose not only the data but don't have to rebuild the whole machine again? 2. I'm better sticking with linux s'ware RAID rather than setting up a m'board BIOS supported RAID aren't I? 3. It's been a while since I delved into h'ware etc. So SATA II disks will simply plug into, and function correctly, SATA plugs, yes or no? Or are we now at a stage where I also have to worry about whether or not the m'board will actually support the disks I want to put in? -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Upgrading OS RAID
Hi Folks, it appears one of the disks in my s'ware RAID is failing. So I've come to SLUG for some consensus and confirmation. 1. How do I go about rebuilding the RAID with ALL brand new disks (obviously no longer the same disks, but now newer spec larger disks) such that I don't lose not only the data but don't have to rebuild the whole machine again? 2. I'm better sticking with linux s'ware RAID rather than setting up a m'board BIOS supported RAID aren't I? 3. It's been a while since I delved into h'ware etc. So SATA II disks will simply plug into, and function correctly, SATA plugs, yes or no? Or are we now at a stage where I also have to worry about whether or not the m'board will actually support the disks I want to put in? -- ---- Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Fax to Email server
or utbox.net Kind Regards Kyle On 03/11/10 11:16 AM, James Gray wrote: On 03/11/2010, at 10:52 AM, Ben Donohue wrote: Hi Kev, Another option would be to just subscribe to a fax to email (and email to fax) service. Save on the PSTN line rental, calls, and another box to administer. There are many of these services. Thanks, Ben Donohue donoh...@icafe.com.au Ok, someone else already mentioned it, so I'll share two vendors I've had a lot of success with for out sourced fax solutions (already passed these on to Kevin off-list): Ozefax - http://ozefax.com.au Salmat - http://www.salmat.com.au -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Aldi notebook
I've bought one, but not had the opportunity to play yet. By all accounts/reviews, it's got most everything you need. Personally, only things missing are 2GB RAM (1 instl.) and a GB Eth port (only 10/100) Otherwise with 2yr warranty - 60 Day return policy, it'll do me. Other one to think about is the Acer Aspire One . AO532H (I think that's the model no., certainly mentioned before on here) from Officeworks, last I saw it about 3 wks ago for $349. Differences: Acer N450 CPU - Medion N455RAM same, but Officeworks will upgrade; Aldi obviously not. But I'm hoping Medion local rep will, otherwise may have to do it myself. Acer 1yr Waranty - Medion 2 yrOf course you can buy xtra 2 yr extended from Officeworks for about $90 (again I think). Acer 160GB HDD - Medion 250GB I think this is correct re Acer, not 100%. I wouldn't wait for me to report back. My bet is by end of weekend, there won't be anymore. I didn't know they had spare DVD drive for $69. ---- Kind Regards Kyle On 17/07/10 7:44 AM, Jim Donovan wrote: Aldi are offering the Medion Akoya E1222 10" notebook for $389 (Win 7 Starter installed) plus $69 for an external DVD drive. Also see http://www.pcworld.idg.com.au/review/notebooks/medion/akoya_e1222/352359 Has anyone tried it, please? Starter does not permit DVD playback - see http://windowsteamblog.com/windows/b/windows7/archive/2009/05/29/let-s-talk-about-windows-7-starter.aspx - so there's another reason to add Ubuntu or similar. Jim Donovan -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] ubuntu 10.04
This may be typo, but you have gmail,com instead of gmail.com comma v dot Kind Regards Kyle On 14/06/10 6:35 PM, Craig Warner wrote: An interesting problem I'm having with Ubuntu 10.04 in accessing certain websites such as https sites and sending emails using evolution. When using Fedora 13, there no problems connecting to https sites and using email. Looking at the problem, with wireshark monitoring, I get "Destination unreachable (fragmentation needed)" when access https or sending a message with evolution. The ubuntu 10.04 and fedora 13 workstations connect thru a Netcomm N3G002W 3G router. Tried #tracerouter --mtu gmail,com on both workstations. Ubuntu 10.04 failed with same problem, before using launchpad, what other information should be gathered? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Oh I hate Shredder
Really? That's interesting. It's no longer there in my 3.0.4 (on OS X) nor my wife's (Win 7). We are talking about the "reading pane" aren't we? In the main UI. Whether you're using tabbed reading or not. Kind Regards Kyle On 03/06/10 9:35 PM, Ken Wilson wrote: the (-) sign is there on my 3.0.4 Ken On 03/06/10 17:05, Kyle wrote: The minus sign won't be there if you're using T'Bird 3.x. It's gone. The '-' sign is a relic of T-Bird 2.x. ---- Kind Regards Kyle On 03/06/10 2:05 PM, Peter Rundle wrote: On 31/05/10 17:14, Jake Anderson wrote: [snip] you can select weather to display all or "normal" headers in view | headers | normal Thank you, that's helped make it bearable. if that's still to much click the little - next to the subject header and it will reduce it to just the subject No little '-' is displayed anywhere on the page that I can see. (Yes there is the issue of whether I'm blind, but I reckon it ain't there). Pete -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Oh I hate Shredder
The minus sign won't be there if you're using T'Bird 3.x. It's gone. The '-' sign is a relic of T-Bird 2.x. ---- Kind Regards Kyle On 03/06/10 2:05 PM, Peter Rundle wrote: On 31/05/10 17:14, Jake Anderson wrote: [snip] you can select weather to display all or "normal" headers in view | headers | normal Thank you, that's helped make it bearable. if that's still to much click the little - next to the subject header and it will reduce it to just the subject No little '-' is displayed anywhere on the page that I can see. (Yes there is the issue of whether I'm blind, but I reckon it ain't there). Pete -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Old tech. books
I (as no doubt a lot of you) have been collecting over the years any number of technical books for which I no longer have any need. Rather than simply bin them, does anyone know of any organisation that willingly accepts old tech. books? At the moment, the list is basically; Some Solaris 8 admin books SOme Cisco technical books win32 api core java Is there any organisation anyone know of might want these? Or are they destined for no-frills loo paper? -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] iptables & netfilter TCP timeouts
I've been investigating some delays in my net connection recently and have become aware of the std tcp timeouts set in sysctl by netfilter's conntrack module. Namely; ip_conntrack_tcp_timeout_established 5 days ip_conntrack_tcp_timeout_fin_wait 2 min's ip_conntrack_tcp_timeout_max_retrans300 ip_conntrack_tcp_timeout_syn_sent 2 min's ip_conntrack_tcp_timeout_time_wait2 min's And it strikes me that these appear to be considerably long given the present day state of connectivity and general speed of connections. Especially, the 5 day timeout on an established connection. Isn't that just a recipe for leaving a no longer wanted connection open well beyond it's desirable lifespan? Can anyone offer up some form of opinion as to why I shouldn't reduce these values a bit (especially the established timeout) pls? For example; ip_conntrack_tcp_timeout_established 1 day ip_conntrack_tcp_timeout_fin_wait 2 min's (might leave this or possible to end up with unnecessary "established" conn's. waiting for timeout) ip_conntrack_tcp_timeout_max_retrans300 (Can see why this might be set high, but question it's genuine necessity) ip_conntrack_tcp_timeout_syn_sent 1 min ip_conntrack_tcp_timeout_time_wait1 min Am I about to completely screw things up by doing this? -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] resolv.conf.swp
Ben, IIRC, swap files start with a '.' (dot) and are thus hidden. Take a look for that. It basically means a previous editing session was ended uncleanly and vi (or your editor's) tmp file was cleaned up. DEL the swap and all will be good again. Kind Regards Kyle Ben Donohue wrote: Hi all, i'm trying to edit resolv.conf it keeps coming up with the message that there is a resolv.conf.swp so something else must be editing resolv.conf however i'm not and i've restarted the machine. I also cannot find resolv.conf.swp by doing... find / -name resolv.conf.swp anyone care to enlighten me on what's happening here? Thanks, Ben -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Netbooks .... Again (7 months on) Are you still happy?
Hi Slug, I know we did this a while back, but that was July last year already. So, as I'm now in the market for a new netbook, I wanted to follow up and ask those of you who have bought in the last 6 months; 1. What you bought 2. Are you still happy 3. How has the battery life stood up over the 6m. 4. What sort of battery life are you getting (esp. now after 6 months) 5. How easy was it to get your chosen Linux up and running (this is of course relative to the person - Me. I'm no genius, but I can figure it out if I have to) 6. How has the build quality stood up 7. What sorts of quirks have you discovered I know Marghanita was big on the Kogans. How many others bought one of those? Prob with Kogan is apparently sold out till April. Recent discussion on Whirlpool has lots of people buying a Benq from onlinecomputer.com.au, but they don't appear to be too linux friendly - some complaints there. What about MSI, Lenovo's, Sony, anything else? Which processor should I be avoiding at this point? -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] NTP Issues - resolved (apparently)
Thanks to all for the suggestions. It appears it was the deleting of the adjtime file which seems to have fixed the prob. Kind Regards Kyle Steffen Schulz wrote: Did you check /etc/adjtime? Not only will NTP refuse to change the clock in large steps, it also makes a record of past adjustments to continually adjust the system clock. (man adjtime) -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] NTP Issues
Amos Shapira wrote:
2010/1/21 SkoZombie :
You've probably done this already, but manually set the time correctly.
Correct, stop the server ("service ntpd stop") then run "ntpdate
server-name" (taking server-name from /etc/ntp.conf), then "service
ntpd start".
You can test status with "ntptrace" and the "peer" command to "ntpq".
--Amos
Probably should've said this in the original post but,
yes, I had stoppped and set the time correctly, 2ce now, and restarted,
to no avail.
Also an ntpq -pn shows I am finding servers, but they seem to be out
just as much. As best I can tell, it's the /var/lib/ntp/drift file which
tells ntp how far out it is.
remote refid st t when poll
reach delay offset jitter
==
+202.174.101.10 216.218.254.202 2 u 11 64 377 42.044
10.199 4.210
+203.161.129.2 202.83.64.3 3 u 27 64 377
41.393 16.127 5.334
*121.0.0.41 204.152.184.722 u 34 64 377
41.6315.0806.665
127.127.1.0 .LOCL. 10 l - 64
3770.000 0.000 0.001
Kind Regards
Kyle
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] NTP Issues
Ben Donohue wrote: I think from memory you can test whether NTP is working... isn't there a "test" button to check it can find an upstream NTP server? Also check basic network settings... has the gateway setting changed or is now missing. Ben NTP has a GUI??? What's that called pls (in KDE) ? Basic network settings haven't changed. ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] NTP Issues
Harrison Conlin wrote: On Thu, Jan 21, 2010 at 9:43 AM, Kyle wrote: I would start with changing the CMOS battery and seeing if that makes a difference. Indeed, but if the server isn't shut down at any time, then the CMOS doesn't come into play does it? Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] NTP Issues
Hi Slug, Having a bit of an issue at the moment with NTP. Server has been running for nigh on 2-3 years now. NTP was always running and always perfect. Recently had a truck take out power lines in the street and no power for 3-4 hours. Server sits behind somewhat out-of-date, (but still has reserve power) UPS and was shut down in time cleanly. However, since then server loses time BIG time. Funny thing is, other server in same subnet (also NTP) keeps perfect time. Both running CentOS 5.x. Now, could be any number of issues, just looking for some guidance on where to start looking pls? Anyone got any ideas? -- Kind Regards Kyle Lange Tel: +61 (0)431 88 3978 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Cisco Expertise
Hi folks, does anyone have any Cisco 2811 .w VLAN Trunking expertise. Friend of mine has what he thinks might be about a day's work for the right person. -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: Free DNS Services
Choices, choices. Thanks all. -- Kind Regards Kyle Original Message Hi Slug, whom can you recommend pls as reputable, reliable (as it gets for free) free full-control dns services along the lines of what dnsmadeeasy does please? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Free DNS services ?
Hi Slug, whom can you recommend pls as reputable, reliable (as it gets for free) free full-control dns services along the lines of what dnsmadeeasy does please? -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Server Admin comp's
Apologies if I'm dumping in the wrong place. There used to be a slug 'jobs' list, but site seems to indicate it goes elsewhere now, so sticking to what I know for now. Am looking to get in touch with those who run (or work for) a small server admin outsource comp. If I'm abusing list, again apologies, just point me in the right direction. Else if you care to get in touch direct -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] IPTables
Rick, it dawned on at 04:30 this morning (don't ask) that you probably want to tighten this up even more (and simplify it too) by doing the following; iptables -A INPUT -i ethX -s -m multiport -p tcp --dport www,ssh -j ACCEPT iptables -A INPUT -j DROP iptables -A OUTPUT -o ethX -d -j ACCEPT iptables -A OUTPUT -j DROP Just be aware that the two drop statements now prevent host A talking to any machine other than host B and only over ethX. So if ethX ever fails, you're screwed. And if you don't want host A initiating calls, change line 3 above back to include '-m state --state RELATED,ESTABLISHED' ---- Kind Regards Kyle r...@greyheads.net wrote: Kyle apologies for the top posting - mail2web is a bit dumb as this. Do you mean that the script should look like this iptables -A INPUT -m state --state NEW -m multiport -p tcp --dport www,ssh -i ethX -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -j DROP iptables -A OUTPUT -o ethX -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o ethX -j DROP Can you have two -m statements on the one line? Regards, Rick -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] IPTables
Rick, I do. I don't know whether it makes any difference or not your using the multiport keyword (I would imagine not), but I use three '-m' statements on one line as in; -A INPUT -i eth0 -p tcp -m tcp --dport 22 -m limit --limit 2/minute --limit-burst 2 -m state --state NEW -j ACCEPT Without wishing to join the debate others have initiated about DNS & NTP, etc., but I would suggest that if you are going to open 22 up to the big bad world, I would at least rate limit the connection[1] so as to avoid DOS, dictionary attacks and the like. Likewise, as mentioned previously by someone else, a very limited ping enables connectivity checking. -A INPUT -i eth0 -p icmp --icmp-type any -m state --state NEW -j REJECT --reject-with icmp-host-prohibited Finally, the second rule will still presently allow established connections from ethY, ethZ, ethA, ethB, ethC (you get the picture) IF they exist on the host. [1] Depending upon your needs. Kind Regards Kyle r...@greyheads.net wrote: Kyle apologies for the top posting - mail2web is a bit dumb as this. Do you mean that the script should look like this iptables -A INPUT -m state --state NEW -m multiport -p tcp --dport www,ssh -i ethX -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -j DROP iptables -A OUTPUT -o ethX -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o ethX -j DROP Can you have two -m statements on the one line? Regards, Rick No guarantees, as I'd have to think about it a bit more, but I would think you might want to add '-m state --state NEW' to the first rule otherwise the 2nd rule is irrelevant. The 2nd rule will presently allow ALL established connections from anywhere that managed to get in to the machine (from other interfaces as well) If you want B to talk to A ONLY, add a '-o ethX' to the 3rd rule. Then you also need a 'iptables -A INPUT -j DROP' (depending line above, add a '-i ethX' to this) I think... ---- Kind Regards Kyle Rick Phillips wrote: I am not very good at IPTables and was seeking opinions as to whether this formula would work to fully block a connection from computer A to B but allow ssh and web only from B to A. The tables would reside on A. iptables -A INPUT -m multiport -p tcp --dport www,ssh -i ethX -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o ethX -j DROP The network is off site and quite a distance away with no external admin so I would like to have it "right" before I visit. Thanks in advance. Rick -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] IPTables
No guarantees, as I'd have to think about it a bit more, but I would think you might want to add '-m state --state NEW' to the first rule otherwise the 2nd rule is irrelevant. The 2nd rule will presently allow ALL established connections from anywhere that managed to get in to the machine (from other interfaces as well) If you want B to talk to A ONLY, add a '-o ethX' to the 3rd rule. Then you also need a 'iptables -A INPUT -j DROP' (depending line above, add a '-i ethX' to this) I think... ---- Kind Regards Kyle Rick Phillips wrote: I am not very good at IPTables and was seeking opinions as to whether this formula would work to fully block a connection from computer A to B but allow ssh and web only from B to A. The tables would reside on A. iptables -A INPUT -m multiport -p tcp --dport www,ssh -i ethX -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o ethX -j DROP The network is off site and quite a distance away with no external admin so I would like to have it "right" before I visit. Thanks in advance. Rick -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Need to implement a Net Nanny on Ubuntu PDQ
Both valid points Daniel, but tell a 9yr old not to search for whatever naughty stuff it is that happens to be floating around school. Take into account that not everything that should be behind youtube's 18+ section IS actually behind the 18+ section and you get the picture. For now, I'll settle for blocking things in-house. I can't control what happens outside. At least not fully. Personally, though, I would solve this in a different fashion: social control, aided by small technical assistance. Specifically: Um, and assume that this is going to get worked around anyway, because there is always a way around it. For example, a friends house, a USB stick, or a suitable Internet cafe, or the school network, or... Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Need to implement a Net Nanny on Ubuntu PDQ
Hi Sluggers, well, tonight was certainly an eye opener. So, ok, I apparently need to implement some form of Net Nanny software and pretty damn quick too. Can anyone recommend some form of package-based (Ubuntu for the local machine or CentOS-RHEL for the gateway) Nanny software pls? I really need something I can just install, do some form of basic (I mean BASIC) config and it will keep itself uptodate with regular machine updates. I really haven't got the time to learn some heavily convoluted new package. What are my chances? -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Invision phpBB Site Content ripping
Just for the record, it is a lost forum of which I have been a long time contributor. And we now wish to migrate to a new setup. So nothing diabolical. But it appears we may be out of luck? Kind Regards Kyle Mark Walkom wrote: Well apart from the ethics of ripping off someones forums (unless they are yours that is) -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Invision phpBB Site Content ripping
Hi Folks, how hard/easy would it be to get something written which could log onto one IP.Board forum, crawl that site and download the content only, to import into another IP.board db? So users, forums, threads, PM's, user galleries, etc. Assuming one doesn't have access to the DB from the original site. -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Wireless Broadband for Net Book
??? Not sure I'm understanding you correctly but, my eeePC running eeebuntu NR2.0 works flawlessly with vodafone's USB wireless modem. Kind Regards Kyle Tim Bayfield wrote: Greetings SLUG, Can anyone advise if there is a USB Wireless Broadband device from any of the ISPs which will work with a PC based Net Book running Linux? Regards, Tim Bayfield -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Dreamweaver clone for Linux ?
Thanks all for the suggestions. Meryl, he's 9. I.e. the attention span of a goldfish. I think we'll start with baby steps. :-) Kind Regards Kyle meryl wrote: Kyle wrote: what is the best FOSS Dreamweaver clone for Linux? Bluefish or Quanta Plus would be what I'd recommend if a Dreamweaver style coding-helper is required. But Junior will really learn a lot more about standards, web development & clean code if he just uses gedit and follows the W3C schools pages. hth Meryl -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Dreamweaver clone for Linux ?
Hi Folks, what is the best FOSS Dreamweaver clone for Linux?Junior wants to start building his own website, so he's going to require some assistance. What do folks use pls? -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] HTTPD Authenticated User extraction
Big thanks to John & Daniel, I'll give that a go. Kind Regards Kyle John Ferlito wrote: On Sun, Jul 12, 2009 at 09:46:54AM +1000, Kyle wrote: I have a situation where htpasswd access is being used to authenticate user access to a particular URL by apache. Once authenticated, apache processes the relevant URL which is actually a pass-off to Tomcat. What I need to do is get hold of the now-authenticated user-name (i.e. the user name apache has just allowed through) and be able to attach that username to the POST now being sent to Tomcat. Normally this would be accessible using the REMOTE_USER environment variable. I assume that these are also accessible from with a java class run by tomcat. Cheers, John -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] HTTPD Authenticated User extraction
Hi Sluggers, I have a prob I hope you can help with pls. And I realise it might be a little outside a general Linux question. But if you have knowledge or are able to point me to the best forum/newsgroup/whatever, I would be grateful. I have a situation where htpasswd access is being used to authenticate user access to a particular URL by apache. Once authenticated, apache processes the relevant URL which is actually a pass-off to Tomcat. What I need to do is get hold of the now-authenticated user-name (i.e. the user name apache has just allowed through) and be able to attach that username to the POST now being sent to Tomcat. Whether attached to the URL or sent as part of the HTTP headers makes no difference. I just need the receiving Tomcat servlet to be able to get hold of it for logging purposes. Can anyone help please? -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] HTTPD Authenticated User extraction - POSS. REPOST
Hi Sluggers, If this has come though twice, I apologise. I didn't receive a post acknowledgement the first time I sent it. --- I have a prob I hope you can help with pls. And I realise it might be a little outside a general Linux question. But if you have knowledge or are able to point me to the best forum/newsgroup/whatever, I would be grateful. I have a situation where htpasswd access is being used to authenticate user access to a particular URL by apache. Once authenticated, apache processes the relevant URL which is actually a pass-off to Tomcat. What I need to do is get hold of the now-authenticated user-name (i.e. the user name apache has just allowed through) and be able to attach that username to the POST now being sent to Tomcat. Whether attached to the URL or sent as part of the HTTP headers makes no difference. I just need the receiving Tomcat servlet to be able to get hold of it for logging purposes. Can anyone help please? -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] HTTPD Authenticated User extraction
An attempt at repost because I can't seem to be able to get a message through. Kyle wrote: Hi Sluggers, I have a prob I hope you can help with pls. And I realise it might be a little outside a general Linux question. But if you have knowledge or are able to point me to the best forum/newsgroup/whatever, I would be grateful. I have a situation where htpasswd access is being used to authenticate user access to a particular URL by apache. Once authenticated, apache processes the relevant URL which is actually a pass-off to Tomcat. What I need to do is get hold of the now-authenticated user-name (i.e. the user name apache has just allowed through) and be able to attach that username to the POST now being sent to Tomcat. Whether attached to the URL or sent as part of the HTTP headers makes no difference. I just need the receiving Tomcat servlet to be able to get hold of it for logging purposes. Can anyone help please? Thanks Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Extracting string from a file - shell script
Thanks all. Multiple options. Will give them a go. Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Extracting string from a file - shell script
Hi Folks, I am trying to extract a substring from a string found in a file. The string is: *** End of TF0220 at Thu Jul 2 10:06:51 EST 2009 - RC = 0 and the substring I want to extract is TF0220. This is a program name and the length of this name varies. In other words I want to extract whatever is between the words "of" and "at" in a script. How would I likely go about that please? -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Ubuntu friendly 12' netbook
My only one experience with an Acer laptop has left me with the impression; I will never buy another Acer laptop. I can't quantify it, but it has effectively been slow since the day it was bought. Granted it runs MS, but it was always slow. Kind Regards Kyle Voytek Eymont wrote: I have no idea if Acer does Linux, BUT, (as I'm also on a netbook research for someone (though, with XP)): there is a new Acer out with 11.6 and 3g slot: btw, is there a site with Linux netbook compatibility ? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Ex: XBitHack - Hijacked to T'Bird ;-)
David, That's what I thought when someone had a go at me earlier. Turns out it's an extension. https://addons.mozilla.org/en-US/thunderbird/addon/4455 Kind Regards Kyle david wrote: PS.. and seeing that we have changed the subject... how do you make thudderbird reply to list? I can't find the function anywhere. Possibly because i'm stupid, I know. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: THANKS - Re: [SLUG] HD ( 1920 x 1080) monitor and Linux - advice pls.
What you describe below is my setup exactly. I have 2 CentOS boxes running through a KVM with VGA and PS2 connectors. I also just recently purchased a BENQ E2200HD and plugged it in via VGA to the KVM. I had a bit of a look at playing with xorg.conf, but discovered as you mention that the generic drivers don't appear to be set up for full HD just yet. That said, I have a 1yr old Intel board (on-board video) running KDE at 1440x900 happily and a much older card (I think its NVidea) running Gnome at 1680x1050 without issue. Kind Regards Kyle bill wrote: Havent purchased a new monior yet. Am ensuring that whatever I buy actually is compatible with Linux - had problems some time ago when I purchased an LG 20" widescreen and it didnt work at its default 1680 x 1050 until xorg was updated. I dont bother with proprietory drivers. 3 Desktops ( 2 NVidea and the Intel GPU) only have CGA output, and one (Nvidea) has a DVI. As I am running most of them through a KVM with only VGA and PS2 connectors I havent used the DVI output. I dont doubt that the Vid Cards will probably run 1920 x 1200 ( they currently handle 1680 x 1050 fine), but dont know about 1920 x 1080. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Burn .ISO to install USB
Rick Phillips wrote: Kyle, As I say, I haven't used UNetBootin because it apparently only supports Debian based distros and I run a RedHat based distro. I'm trying to put eeeBuntu on the Netbook. Dunno where you got that information from. I run Mandriva (RPM based ex Red Hat a long time ago) and it works just fine. Go to their web site and download and run the binary they supply. Make sure you have syslinux installed. There was something else it required but it will tell you when you run it. Ok. Thanks. It's just that across the top of their website, they list the various dist's they have packages for. Namely; Ubuntu Debian OpenSUSE Gentoo Which as far as I know are all Debian based. They don't mention any rpm's, so I just figured. ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Burn .ISO to install USB
Jeremy Visser wrote: On Sat, 2009-05-09 at 09:21 +1000, Kyle wrote: You're asking to be able to surf like a pro without getting wet. There's no one-size-fits-all method to do that. Not at all. What distro are you trying to put on? IIRC, UNetbootin supports Fedora and openSUSE. As I say, I haven't used UNetBootin because it apparently only supports Debian based distros and I run a RedHat based distro. I'm trying to put eeeBuntu on the Netbook. How far did you get? Did you get a syslinux boot screen when you tried to boot, or just some "Missing operating system" error? I never even got that. It would just stop at a flashing underscore in the top left corner. So obviously, I'm missing something of vital importance. Did you format the drive as FAT32 or ext2? If you formatted it as ext2, you want to use extlinux, not syslinux (a gotcha when I first started hacking on stuff like that). I tried FAT32, ext2 and finally FAT. The syslinux thing hasn't worked for me yet, despite the drive showing Idsyslinux.whatever. I've copied the ISO, I've dd'ed the ISO across. I've dd'ed direct to the drive. And when I do that and then check again in fdisk, it shows as an invalid partition. Did your drive have an MBR? It's all very well to set up syslinux and flag the partition as bootable, but you still need the MBR. The easiest way to do it on my setup is this: # dd if=/usr/lib/syslinux/mbr.bin of=/dev/sdX This is new information. Will give this a go, thanks. Oh, one other thing. Are you sure the system can actually boot from USB? Have you tried a distro that you know to work (e.g. Ubuntu 8.10 or later with its automatic USB formatter) from USB? Yes, I know it can boot from a USB. ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Burn .ISO to install USB
ARRRGGGH!!! I've spent the better part of a couple of days trying to get a .ISO image transferred to a USB stick to install to my netbook. I KNOW, it's NOT supposed to be that difficult. But all the pages on the web talk about installing to a USB or running Net Installs from USB. I just want to transfer the entire setup to a USB stick so I can plug that in and install from there. Yes, I know I could download UNetBootin, but apparently that doesn't support RedHat based distros. THERE MUST BE a simple old-fashioned, manual way to do it from the CLI. I've tried every combination I can think of with fdisk, dd, syslinux. I've mounted and copied and formatted and set active and dd'ed and ... Can someone please point in the direction of an idiot-proof howto to transfer a .ISO to .IMG or direct to the USB or whatever? Please. -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] XBitHack
Yeah, well Thunderbird has never had a Reply to List button. Yes, I know. I've now discovered the add-on. C Ya Kyle Erik de Castro Lopo wrote: Kyle wrote: MUST HIT "Reply to All" Actually, many people consider "Reply to All" a pain in the neck. Its much better to use "Reply to List" if your mail client supports it. Cheers, Erik -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] XBitHack
MUST HIT "Reply to All" MUST HIT "Reply to All" ---- Kind Regards Kyle Kyle wrote: Don't you need to have a global directive for that to work. Namely, XBitHack On ---- Kind Regards Kyle david wrote: I've got this snippet in apache config: Options +Includes XBitHack full IncludesNOEXEC da...@david:/etc/apache2$ sudo /etc/init.d/apache2 reload Syntax error on line 17 of /etc/apache2/sites-enabled/000-default: Illegal option XBitHack ...fail! da...@david:/etc/apache2$ mod-include is enabled /var/www/test does exist can anyone give me a clue about why XBitHack doesn't work? thanks David. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] w3c-libwww rpm
hello Slug, I'm looking at trying to update my BIOS and the Intel update utility is telling me I need to ensure I first have the w3c-libwww package installed. I have scoured high & low for this package in a repository, but seem unable to locate it and the only rpm's I can find all show a build date of sometime back in '04 or '05. This leads me to believe that what I'm looking for probably doesn't exist anymore or is already integrated into the base system. But I can't be sure. I read somewhere it's in rpmforge which I have enabled, but no joy. What can you tell me about this package please? -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] IPMISensors
Can anyone tell me off the top of their head pls, whether IPMISensors and the relevant necessary modules are compiled in, or already automatically loaded into 2.6.18 Kernels. I know the IPMISensors page tells me some form of patch is necessary. But you can never tell with these pages how present they are. It's possible the whole thing has already been added to the source tree. -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Thank you SLUG
I've had a minor annoyance with my one of my machines for a few weeks now, but it didn't bother me enough to do anything about it. It was just one of those nags. So this morning when I couldn't sleep, I decided to ask SLUG for advice. I proceeded to write out this longish email explaining the problem. As I wrote new ideas came to mind. So, I'd go away, check that, come back write some more, rephrase it all, think of something else and start the whole process over. In the end, I figured it out, resolved it well enough and learnt something in the process. So, I just wanted to say thanks for helping me out again SLUG. And you did it all in your sleep. -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Increasing RAM
Daniel Pittman wrote: Well, at the moment you have RAID 1 under everything except for swap, which you have on a RAID 0 array. (Implemented, in this case, through the Linux kernel balancing swap space use when areas have equal priority, as your two separate partitions do.) So, how would I perhaps go about setting priority of one SWAP over the other? In that way, based on the fact, I will now have some 6GB RAM in the server, whatever SWAP _is_ being used, I could ensure is "most likely" only being used in the one space. Thereby increasing the chances (but still having that single POF) that a crash on one disk _may_not_ completely take down the entire system. TiA Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Increasing RAM
Daniel Pittman wrote: Kyle writes: Maybe, but the last machine I had I ran LVM. I had a hard enough time remembering which volume belonged to which group belonged to which disk (and that despite naming them along the lines of; 'lv00Grp00Hda1', lv01Grp00Hda1'). My immediate response to that is "why would you bother?" Being anal. Plus I was new to LVM at the time. The only case I can think of where it would matter are wanting to have specific partitions on specific disk sets, for performance, exactly. That and local backups. Well, at the moment you have RAID 1 under everything except for swap, which you have on a RAID 0 array. (Implemented, in this case, through the Linux kernel balancing swap space use when areas have equal priority, as your two separate partitions do.) Hmmm. If I think about it... My logic at the time would probably have been; If one disk in the array fails, then all data is mirrored. Yes, the machine might crash and if it had anything in SWAP at that time, I would lose that information. Acceptable risk. However, with a single mirrored disk, and still a complete SWAP partition, I expected I would be able to restart and function on the one disk temporarily until such point in time as I was to rebuild the mirror. Are you saying that wouldn't work? It isn't, really: you could just turn those two swap partitions into a software RAID array like the rest of your data, but RAID 1 rather than RAID 0. :) Ok. So how do I do that? But are you sure my logic above isn't sound? TiA. K -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Increasing RAM
First, this would be vastly easier if you used LVM, since that makes allocating space on the fly a universe easier. Re LVM; Maybe, but the last machine I had I ran LVM. I had a hard enough time remembering which volume belonged to which group belonged to which disk (and that despite naming them along the lines of; 'lv00Grp00Hda1', 'lv01Grp00Hda1'). So this time I figured I'd simplify my life somewhat. I have all the necessary conf and data files, etc regularly backed up so if it does go down, it shouldn't be TOO MUCH hassle to get it all back. It is RAID 1. And if I understand Daniel correctly; "... you probably want to match the RAID setup underneath your swap to the setup underneath your data devices. .." You mean I should have the swap spread across the RAID as well. I'm pretty certain that how it is as the m'board controls the RAID of the 2 disks. I just installed on the one array for the OS. Either way, it's too late now. In short, on the advice of all, I just wont bother with increasing SWAP. I'll just dump in the RAM and see what happens. What's bugging me more now is trying to get bloody Ubuntu to recognise and operate my old Linksys-Broadcom Wireless PCI card. But that's a whole nother story. ---- Kindc Regards Kyle Daniel Pittman wrote: Kyle writes: [k...@bottlenose ~]$ cat /etc/fstab /dev/md1/ ext3defaults1 1 /dev/md2/boot ext3defaults1 2 Are these RAID 0 or RAID 1? If they are RAID 1 then this ... LABEL=SWAP-sdb2 swapswapdefaults0 0 LABEL=SWAP-sda2 swapswapdefaults0 0 ... means that your system will fail when a disk goes bad; you probably want to match the RAID setup underneath your swap to the setup underneath your data devices. Regards, Daniel -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Increasing RAM
Hi Slug, I've decided to increase the RAM on my home CentOS server. As best I can recall, the accepted wisdom is to have SWAP approx.~ 2 x RAM. Or was that approx.~ 50% of RAM? Can someone point me in the direction of an explicit tutorial on how I might go about increasing SWAP without destroying data on my other partitions please? Or if I'm actually upping the RAM, should I just not worry about it? Info I'm guessing would be relevant; [k...@bottlenose ~]$ cat /etc/fstab /dev/md1/ ext3defaults1 1 /dev/md2/boot ext3defaults1 2 tmpfs /dev/shmtmpfs defaults0 0 devpts /dev/ptsdevpts gid=5,mode=620 0 0 sysfs /syssysfs defaults0 0 proc/proc procdefaults0 0 LABEL=SWAP-sdb2 swapswapdefaults0 0 LABEL=SWAP-sda2 swapswapdefaults0 0 -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Re: chmod probs. - add. info
Thanks all. Have to admit, when I read Daniel's response telling me to use "find", I cringed. All my experiences with "find" have been very tortoise-like. But that command came back instantaneously and did the trick. Thanks again. ---- Kind Regards Kyle James Polley wrote: On Fri, Apr 10, 2009 at 12:32 PM, Kyle wrote: I should clarify; But then if I do a chmod -R 664 *.jpg (and repeat for all other extensions), for some reason the chmod doesn't work. it works in the directory I'm presently in, but doesn't recurse. Yes. Daniel explained why: *.jpg expands to a list of all files whose name ends with .jpg *in the current folder*. There are no directories in that list, so chmod has nothing to recurse into. Daniel provided some find fu which should do what you want (I haven't tried it, just glanced over it). ---- Kind Regards Kyle Kyle wrote: Hi Sluggers, I'm having a bit of grief with chmod and am hoping one of you gurus will set me straight pls. I have a bunch of directories with a bunch of files (pictures) in each. I want to set directories to 775 and files to 664. I can do a chmod -R 775 *. But then if I do a chmod -R 664 *.jpg (and repeat for all other extensions), for some reason the chmod doesn't work. the man page says; 'chmod -R ug=rwxX *' (if I understand it correctly) should change just the directories permissions for owner and group. (and I could do an o=rxX after). But that just works on everything as well. What am I missing? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: chmod probs. - add. info
I should clarify; But then if I do a chmod -R 664 *.jpg (and > repeat for all other extensions), for some reason the chmod doesn't work. it works in the directory I'm presently in, but doesn't recurse. ---- Kind Regards Kyle Kyle wrote: Hi Sluggers, I'm having a bit of grief with chmod and am hoping one of you gurus will set me straight pls. I have a bunch of directories with a bunch of files (pictures) in each. I want to set directories to 775 and files to 664. I can do a chmod -R 775 *. But then if I do a chmod -R 664 *.jpg (and repeat for all other extensions), for some reason the chmod doesn't work. the man page says; 'chmod -R ug=rwxX *' (if I understand it correctly) should change just the directories permissions for owner and group. (and I could do an o=rxX after). But that just works on everything as well. What am I missing? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] chmod probs.
Hi Sluggers, I'm having a bit of grief with chmod and am hoping one of you gurus will set me straight pls. I have a bunch of directories with a bunch of files (pictures) in each. I want to set directories to 775 and files to 664. I can do a chmod -R 775 *. But then if I do a chmod -R 664 *.jpg (and repeat for all other extensions), for some reason the chmod doesn't work. the man page says; 'chmod -R ug=rwxX *' (if I understand it correctly) should change just the directories permissions for owner and group. (and I could do an o=rxX after). But that just works on everything as well. What am I missing? -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] [ot] Free city wide wireless lan
There's actually a group in Dublin have been doing this for years. Bunch of friends got together and simply put up antennae and bridges across the entire city. Dublin is obviously a much smaller town than Sydders, but the concept is the same. Can't remember the name of them, but don't doubt a little googlage would bring it to the surface. Kind Regards Kyle Andrew Bennetts wrote: Richard Hayes wrote: Dear list, I am thinking about the chance of building an ad hoc wireless than would cover a lot of Sydney. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] A little SAMBA help, maybe?
Hi Dean, I have the 'write list' flag. The one diff between your share and mine is the 'read only' flag. But according to the man pages, that shouldn't matter. Unless order of params for the share makes a diff.? ---- Kind Regards Kyle Dean Hamstead wrote: I think you are approaching this in the wrong way try the "write list" flag. [tv5] comment = TV Shows path = /volumes/tv5 write list = @files read only = No create mask = 0644 directory mask = 0775 guest ok = Yes Dean Kyle wrote: Hi folks, version 3.0.28-1.el5_2.1 with a share config of; [media] path = /home/shares/media comment = Movies, downl. Videos, Music, etc guest ok = Yes writable = No write list = @restrict force group = +extended according to the man files, everyone in group 'restrict' should have write access irrespective of the 'writable' (read only) param. Does anyone have any ideas why someone in group 'restrict' would NOT be able to write to it pls? I can, but then I'm also the samba admin. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] A little SAMBA help, maybe?
Hi folks, version 3.0.28-1.el5_2.1 with a share config of; [media] path = /home/shares/media comment = Movies, downl. Videos, Music, etc guest ok = Yes writable = No write list = @restrict force group = +extended according to the man files, everyone in group 'restrict' should have write access irrespective of the 'writable' (read only) param. Does anyone have any ideas why someone in group 'restrict' would NOT be able to write to it pls? I can, but then I'm also the samba admin. -- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Firewall Distributions, Questions.
Only heard good reports of monowall But for mine, iptables is easy enough once you understand it. Kind Regards Kyle Blindraven wrote: Based on my set-up, which of the following would you recommend and why? pfSense, MoNoWaLL, Clark Connect. (Do you know any others?) -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Need a lesson in routing [WAS: memory]
Only just saw this msg. I did indeed load up wireshark and was using it. But I couldn't see any packet "identifying" itself as an ipv6 packet. I realise that is illogical. Every IP address registered by Wireshark was definitely an ipv4 format. I s'pose I could switch it back on and go again, but at this point it works. Once I read up on v6, I'll give it another shot. Thanks again folks. ---- Kind Regards Kyle Martin Visser wrote: Well done Michael! If you were using a wireshark to look at you application flow you would have seen the IPv6 query going out (but not getting an answer) and then a followup with a working IPv4 query and then a quick response. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Need a lesson in routing [WAS: memory]
... OK!!! That is indeed what it does Michael, when it doesn't timeout. I had previously read up on F'Fox and turned on the various turbocharging options, but hadn't thought of ipv6. So I changed "network.dns.disableIPv6" to true on the hosts behind the switch and Wow! That's a bit more like what I might expect. ipv6 has always been a bit of a black box I've tried to avoid as long as possible. Guess I need to start reading up on it. Or disabling it! Allow me here to thank each and every one of you that have put up with my ignorance to assist in debugging this issue. I'm not convinced that's all there is to it just yet. For instance, the Linux box is still an order of magnitude faster to load a page, network.dns.disableIPv6 is true by default in T'Bird on the hosts which still timeout on initial connection and all hosts are only using the linux box itself as name server. But where we are now will go a long way to dispersing aggravation in the local browsing community. Thanks again. ipv6 . mumble, groan, must read . pain in th. mumble, groan, ipv6 ---- Kind Regards Kyle Michael Chesterton wrote: Does it sit there for 11 seconds, then load all of a sudden, or does it start loading right from the start? I'm wondering if firefox is doing IPv6 lookups and failing. If you want to test, disable IPv6 in firefox (about:config) or use the same nameservers as the linux router -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Need a lesson in routing [WAS: memory]
Lots of help coming in here, for which I am eternally grateful. Thank you all. Chris, Yeah, nope. I've scoured the maillog and there's no errors there. IMAP Backend is local file based. The conversation seems to have migrated to the mail server, but its not just that. As mentioned HTTP calls through the box take their time coming up too. Martin, thanks the detailed response. Yes, James Polley pulled me on that earlier too. Sorry. A case of mis-capitalisation (or dropped zeroes). I can never remember which is which there. The modem is reporting a 15559Kbps/1219Kbps Down/Up connection and I'm not more than 1Km from the exchange (So I suspect Netcomm have it wrong too, because I read that as 15 Megabytes per second). As mentioned Noise Margin: ~9dB, Attentuation: ~26dB. Modem connects over PPPoA and I have set MTU to 1492 all the way through the chain (LAN hosts, Linux eth1, eth0, Modem LAN, WAN). I am with internode and the 10Meg test you offered lands literally in a blip. Keeping it simple with HTTP (using Firefox), a site like smh.com.au (where I visit daily, so if there's any local caching going on, it's cached and I reckon internode would likely be caching smh.com.au) takes a minimum 11 secs to load and regularly 20+ secs. This is from behind the linux box. However, if I attempt to load smh.com.au from the linux box, it loads in 3secs flat. I don't have squid or any proxying server running myself - at least not that I have personally configured. Same token; Firefox on linux to load www.telegraaf.nl (a miscellaneous EU website) 13.7secs. Firefox on an OSX MAC (4GB RAM) behind the linux box (with only switch in between) 27+ secs before it got anywhere near 99%. It just seems the Linux box is the bottleneck. Especially when if I _first try to connect either with HTTP _or_ IMAP, I get timeouts. It's like the box takes time to wake up from something. Just to recap. The machine is all-in-one; Postfix/Dovecot/Spamassasin/Amavisd/Clamav mail server. DHCP, DNS server LAN Router Firewall By all accounts memory seems to be working as it should and is not overloaded. CPU Load rarely goes above 30-40% DHCP licences work and zones are updated with no errors DNS calls from cli return almost instantaneously. nslookup some domain in the EU which I happen to know exists and the server instance of 'named' comes back almost instantaneously with a response. I can ping servers I know are located in the EU and get avg. 340ms responses. Relevant iptables rules look like; # IMAP(S) -A chain-IN -p tcp -m tcp --dport 993 -m state --state NEW -j ACCEPT # HTTP(S) -A chain-IN -m tcp -p tcp --dport 80 -m state --state NEW -j ACCEPT -A chain-IN -m tcp -p tcp --dport 443 -m state --state NEW -j ACCEPT The more I read from you good folk, the more inclined I am to believe I have indeed done the right thing with the linux box and it "may" not be the linux routing processes itself. But I've only the one Linksys SD-208 switch between linux and the rest of the network and all reviews I've read about the linksys are good. It's run well for a number of years now. ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Need a lesson in routing [WAS: memory]
Not sure I understand you there James. I telnet-ed in to test Peter's theories below. But for good measure, I just tried with openssl as a command too and that responds immediately. I just don't get it. One host behind the server/router is a MAC on OSX with 4GB, another WinXP with 2GB. The WinXP host is by far the worst. But irrespective the MAC is not exactly blindingly quick either. (Both wired connections) Kind Regards Kyle James Polley wrote: you can use openssl s_client in place of telnet to connect - http://www.jaharmi.com/2007/09/26/using_openssl_securely_connect_your_imap_account has a guide. But for good measure Telnetted (and Wiresharked) over both my SSL IMAP port and 25. Both responses come back PDQ. And Wireshark shows traffic moving from one host to the other and return. I'm pretty confident of my iptables setup as I have refined that over a period of years. pe...@chubb.wattle.id.au wrote: So, connexions to the (imap? smtp?) mail server time out. Can you run wireshark on the server, and see what's happening? Does the server have a correct route to the clients? If it's smtp, then try telnet from a client to the server (telnet 192.168.1.1 25) on the inside of the firewall, while watching top on the firewall. What does the load look like? Does the telnet session time out? During which part of the connexion? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Need a lesson in routing [WAS: memory]
It's all good. Keep the thoughts coming please. I actually use IMAP over SSL. But for good measure Telnetted (and Wiresharked) over both my SSL IMAP port and 25. Both responses come back PDQ. And Wireshark shows traffic moving from one host to the other and return. I'm pretty confident of my iptables setup as I have refined that over a period of years. Both NIC's in full-duplex (albeit negotiated down to 100Mbps for the switch behind the router.) Is there anything in sysctl.conf I can mess with other than the single; 'net.ipv4.ip_forward = 1' param which will help? If I switch off ipv6, will that help? ---- Kind Regards Kyle pe...@chubb.wattle.id.au wrote: So, connexions to the (imap? smtp?) mail server time out. Can you run wireshark on the server, and see what's happening? Does the server have a correct route to the clients? If it's smtp, then try telnet from a client to the server (telnet 192.168.1.1 25) on the inside of the firewall, while watching top on the firewall. What does the load look like? Does the telnet session time out? During which part of the connexion? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Need a lesson in routing [WAS: memory]
Hi Alex, No, I doubt it. I have recently checked, tested and setup MTU settings all the way through the chain and that made it a little better, but still not what I would expect from 15Kbps download. Kind Regards Kyle Alex Samad wrote: jumping into the discussion, have you got an mtu problem ? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Need a lesson in routing [WAS: memory]
Must remember to hit "Reply to All" Yes, the mail server *is* the box. It also serves DHCP and DNS. But I didn't think they were all that heavy. To address Kelvin's reply, DNS calls for internal and external machines are super quick, so I'm guessing the DNS server is also doing its job properly. ---- Kind Regards Kyle Peter Chubb wrote: The mail server *is* the box? Is this box also serving DHCP? Who serves DNS inside your firewall? == -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Need a lesson in routing [WAS: memory]
Thanks the response and explanation James. I get the following, sooo... not _too_ bad I guess from that perspective. [k...@bottlenose ~]$ free total used free sharedbuffers cached Mem: 20729081987788 85120 0 1710841096132 -/+ buffers/cache: 7205721352336 Swap: 41929441124192832 So I guess I need to look elsewhere as to why my experience is "slow". To clarify my thinking, my 'slow' experience relates to the Server/Router routing to/from the hosts behind it. Hosts behind the box timeout frequently when contacting the mail server. Likewise HTTP calls through the box seem unusually slow despite an ADSL2+ running at ~ 15Kbps D'Load connection (noise margin and attentuation seem in reasonable levels). Yet an HTTP call from the Server itself loads fairly quickly. 'route' shows what it needs to show. I have only ever read of one param in sysctl.conf that relates to routing. Where do I start to look? Kind Regards Kyle James Polley wrote: You haven't mentioned swap though - is your machine eating into swap? The best solution though is to get more RAM. It's cheap, and it makes everything faster. That is, assuming this is actually your problem On Fri, Feb 20, 2009 at 8:48 AM, Kyle wrote: Hi Slugger's It appears I need a lesson in Linux and memory management. If you could treat this request as if coming from a complete numpty please, and simply explain the differences between Cached, Buffered and Application Memory as they pertain to Linux? According to KDE SysGuard, my CentOS 5.2 server appears to "cache" its entire 2GB quotient of physical RAM. And my general experience of the box (implemented as file server, mail server, firewall and router) is that it is slow. Something tells me it shouldn't be behaving like this? -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Need a lesson in memory
Hi Slugger's It appears I need a lesson in Linux and memory management. If you could treat this request as if coming from a complete numpty please, and simply explain the differences between Cached, Buffered and Application Memory as they pertain to Linux? According to KDE SysGuard, my CentOS 5.2 server appears to "cache" its entire 2GB quotient of physical RAM. And my general experience of the box (implemented as file server, mail server, firewall and router) is that it is slow. Something tells me it shouldn't be behaving like this? -- ---- Kind Regards Kyle -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] dns attack
Alex Samad wrote:
> On Tue, Jan 27, 2009 at 01:15:25PM +1100, Daniel Pittman wrote:
>
> doesn't stop them getting down my adsl link, but atleast it keeps them
> off my dns server :{
>
>
Which begs the question;
IF it is your personal DNS, it is surely only caching the outside world
and updating for your internal world. Why have you got 53 open to the
outside world in the first place?
Kind Regards
Kyle
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
