Re: KVM Networking Hell

2010-06-08 Thread Soren Hansen 
On Tue, Jun 08, 2010 at 10:49:04PM +0100, Jamie McDonald wrote:
>  START /etc/network/interfaces on HOST 
> 
> auto eth0
> iface eth0 inet manual
> 
> auto br0
> iface br0 inet static
> address 88.208.249.44
> network 88.208.249.0
> netmask 255.255.252.0
> gateway 88.208.248.1

I probably doesn't matter, but that address with that netmask doesn't
give that network.

> auto eth0
> iface eth0 inet static
> address 88.208.249.45
> netmask 255.255.252.0
> network 88.208.248.0
> broadcast 88.208.251.255
> gateway 88.208.248.1

This adds up, though :)

> Symptoms
> 
> I can now ssh from the host into the guest (from the host) and from the
> guest to the host, however try as I might I cannot get the guest to access
> the outside world or the host to pass packets to the guest.

It is not the job of the host to do any of this, really.

> As you can see, the bridge is working and when I start the VM from
> virsh# the vnet0 adapter is created, however no tap0 is being created.

vnet0 is the tap device. This is the expected behaviour.

> As far as I am aware you should not need ipv4 forwarding enabled in
> the Kernel for bridged networks

That's correct.

> If any of you could shed any light on this issue (since I can't seem
> to find anyone else with the issue) it would be most appreciated.

Off the top of my (arguably quite tired) head, it looks good. Can I see
the routing table in the guest?


-- 
Soren Hansen
Ubuntu Developer
http://www.ubuntu.com/


signature.asc
Description: Digital signature
-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: block p2p traffic

2010-06-08 Thread Bill 
I think mrtg is a little better. It graphs it out for ya so you can see 
where the peaks are. It is a fantastic tool to see in a quick glance 
what is going on with traffic and loads. If your working in say a data 
center where you need to monitor several routers you can graph each and 
every port. It was a great tool for DOS attacks we could see real quick 
where the trouble was.

On 6/8/2010 11:32 AM, Jorge Armando Medina wrote:
> Bill wrote:
>
>> I also use snmp and mrtg. I like seeing how much traffic is coming
>> through during the night.
>>
>>  
> vnstat is good for that, here a example:
>
> # vnstat -i eth1 -d
>
>   eth1  /  daily
>
>  day rx  | tx  |  total
> +-+
> 10.05.  1.55 GB  |  614.03 MB  |2.15 GB   %%:::
> 11.05.  1.95 GB  |  830.82 MB  |2.76 GB   
> 12.05.  1.79 GB  |  897.25 MB  |2.66 GB   
> 13.05.  1.75 GB  |  885.00 MB  |2.61 GB   %%%
> 14.05.  2.31 GB  |  845.42 MB  |3.14 GB   %%
> 15.05.504.79 MB  |  372.75 MB  |  877.54 MB   %%:
> 16.05. 43.93 MB  |   92.58 MB  |  136.51 MB
> 17.05.  1.35 GB  |  746.94 MB  |2.08 GB   %%:::
> 18.05.  1.91 GB  |1.14 GB  |3.05 GB   :
> 19.05.  1.38 GB  |  943.80 MB  |2.30 GB   %%
> 20.05.  1.29 GB  |  852.66 MB  |2.12 GB   %
> 21.05.  1.40 GB  |  729.03 MB  |2.11 GB   %%:::
> 22.05.394.85 MB  |  280.23 MB  |  675.08 MB   %%:
> 23.05. 78.72 MB  |  184.89 MB  |  263.61 MB   :
> 24.05.  1.42 GB  |  838.88 MB  |2.24 GB   %%
> 25.05.  1.50 GB  |  871.23 MB  |2.35 GB   %%
> 26.05.  1.61 GB  |  893.04 MB  |2.48 GB   %%%
> 27.05.  1.67 GB  |  993.82 MB  |2.65 GB   
> 28.05.  1.57 GB  |1.71 GB  |3.29 GB   %%%
> 29.05.718.45 MB  |  360.40 MB  |1.05 GB   %%%:
> 30.05. 44.14 MB  |   81.51 MB  |  125.65 MB
> 31.05.  1.04 GB  |  775.54 MB  |1.80 GB   %:::
> 01.06.  1.15 GB  |  642.65 MB  |1.78 GB   %:::
> 02.06.  1.56 GB  |1.12 GB  |2.68 GB   %%%:
> 03.06.  3.85 GB  |1.62 GB  |5.47 GB
> %%:::
> 04.06.  2.32 GB  |1.49 GB  |3.81 GB   %%:::
> 05.06.876.30 MB  |  449.40 MB  |1.29 GB   %%%::
> 06.06.117.62 MB  |  158.43 MB  |  276.05 MB   :
> 07.06.  1.99 GB  |1.38 GB  |3.37 GB   %::
> 08.06.981.30 MB  |  712.62 MB  |1.65 GB   :::
> +-+
>   estimated 1.70 GB  |1.23 GB  |2.93 GB
>
> Best regards.
>
>> On 6/8/2010 8:52 AM, Eric Peters wrote:
>>
>>  
>>> I agree, proactively monitoring your network, makes for good practice,
>>> and also peace of mind. Security through obscurity, and passive
>>> reactionary monitoring is just asking for your network to be abused.
>>> Here are just some tools that I use on a daily basis which
>>> would easily detect p2p traffic and other abuses.
>>>
>>> Ntop= /ntop/ is a network traffic probe that shows the network
>>> usage, similar to what the popular top Unix command does, but prettier!
>>> Snort   = /Snort/ is a free and open source network intrusion
>>> prevention system (NIPS) and network intrusion detection system (NIDS)
>>> Snorby = Great front end for Snort, I'm currently working on a howto
>>> for this under Ubuntu 10.4
>>> ET Rules  = Emerging Threats is an open source community project with
>>> the fastest moving and most diverse Snort Signature set and firewall
>>> rules available
>>> Wireshark = /Wireshark/ is a network protocol analyzer
>>> nmap   = Security Scanner For Network Exploration&  computer scanning
>>>
>>> I'm curious as to what everyone else is using? Did I leave anything out?
>>> What's your thoughts on this subject?
>>>
>>>
>>> Cheers,
>>> Eric
>>>
>>>
>>> On Sat, Jun 5, 2010 at 5:53 PM, Michael Sanders>> >  wrote:
>>>
>>>  I second Paul that is the way to go, once one finds out they have
>>>  eyes on them, it "can" fix it's self.  We had a problem with an
>>>  individual serving up files and the big bad record industry sent a
>>>  letter. That gave us the right to cut the user off. Once turned back
>>>  on behavior changed.   You will get some flack on the front end but
>>>  over time a majority of the community will get in line.
>>>
>>> Danny Michael Sanders
>>> IT Support Analyst
>>>
>>>  - "Paul Graydon">>  >  wrote:
>>>   >  That will help, but realistically you're going to have to block
>>>  every "high port" to stop P2P through

KVM Networking Hell

2010-06-08 Thread Jamie McDonald 
I've been playing with KVM on Ubuntu Server 9.10 - I've successfully got
machines working however try as I might I cannot get the network bridge to
work.

I've been trying this for a very long time and was putting off posting this
but I'm getting to the end of my tether and it's holding me up.

I'll try if I may be outlining the steps taken so far followed by the
symptoms experienced.

1) The host machine has a br0 interfaced bridged to eth0. The config file in
/etc/network/interfaces on the host reads as follows - this seems to work, I
have internet access from the host etc.

 START /etc/network/interfaces on HOST 

auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
address 88.208.249.44
network 88.208.249.0
netmask 255.255.252.0
gateway 88.208.248.1
bridge_ports eth0
bridge_stp off
bridge_fd 0
bridge_maxwait 0

 END /etc/network/interfaces on HOST ###

2) The virtual machine was created on the host using the following:

virt-install --connect qemu:///system -n nameserver -r 512 --vcpus=1 -f
/home/vm_disks/testbox.qcow2 -s 4 -c
/home/vm_disks/ubuntu-9.04-server-i386.iso --vnc --noautoconsole --os-type
linux --accelerate --network=bridge:br0 --hvm

3) The VM can be connected to at this point it was then configured with the
following /etc/network/interfaces

## START /etc/network/interfaces on guest ##

auto eth0
iface eth0 inet static
address 88.208.249.45
netmask 255.255.252.0
network 88.208.248.0
broadcast 88.208.251.255
gateway 88.208.248.1

## END /etc/network/interfaces on guest ##


Symptoms

I can now ssh from the host into the guest (from the host) and from the
guest to the host, however try as I might I cannot get the guest to access
the outside world or the host to pass packets to the guest.

On the host when I do 'ifconfig' I get the following output.

# ifconfig
br0   Link encap:Ethernet  HWaddr 00:19:99:70:5a:61
  inet addr:88.208.249.44  Bcast:88.208.251.255  Mask:255.255.252.0
  inet6 addr: fe80::219:99ff:fe70:5a61/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:5863 errors:0 dropped:0 overruns:0 frame:0
  TX packets:2034 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:378572 (378.5 KB)  TX bytes:1465549 (1.4 MB)

eth0  Link encap:Ethernet  HWaddr 00:19:99:70:5a:61
  inet6 addr: fe80::219:99ff:fe70:5a61/64 Scope:Link
  UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
  RX packets:19595 errors:0 dropped:0 overruns:0 frame:0
  TX packets:4387 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:100
  RX bytes:1573365 (1.5 MB)  TX bytes:2319893 (2.3 MB)
  Memory:fc40-fc42

loLink encap:Local Loopback
  inet addr:127.0.0.1  Mask:255.0.0.0
  inet6 addr: ::1/128 Scope:Host
  UP LOOPBACK RUNNING  MTU:16436  Metric:1
  RX packets:3089 errors:0 dropped:0 overruns:0 frame:0
  TX packets:3089 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:1810345 (1.8 MB)  TX bytes:1810345 (1.8 MB)

vnet0 Link encap:Ethernet  HWaddr ce:59:6f:23:ef:e8
  inet6 addr: fe80::cc59:6fff:fe23:efe8/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:115 errors:0 dropped:0 overruns:0 frame:0
  TX packets:2295 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:500
  RX bytes:15107 (15.1 KB)  TX bytes:564732 (564.7 KB)




As you can see, the bridge is working and when I start the VM from virsh#
the vnet0 adapter is created, however no tap0 is being created.

The /etc/libvirt/qemu/testbox.xml file is as follows

## Start testbox.xml ###


  testbox
  1b625323-0a4e-b725-b60d-a66e11472e44
  524288
  524288
  1
  
hvm

  
  



  
  
  destroy
  restart
  restart
  
/usr/bin/kvm

  
  


  
  


  
  


  


  



  


## END testbox.xml ##

The MAC address used for that guest VM is unique as it was created by
virt-install. I have also tried several VM's to no avail.

As far as I am aware you should not need ipv4 forwarding enabled in the
Kernel for bridged networks however despite this it is enabled.

If any of you could shed any light on this issue (since I can't seem to find
anyone else with the issue) it would be most appreciated.

Kind Regards,
Jamie.
-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: Install 10.04 on software raid

2010-06-08 Thread Imre Gergely 

Maybe you have this problem? Just a guess... are those sata HDDs 500GB
in size?

https://bugs.launchpad.net/bugs/569900

On 06/08/2010 06:38 PM, lzantal wrote:
> Hi All,
> 
> I am trying to install 10.04LTS on 3 sata hdd with software raid 5.
> The install goes without any issue but when I try to boot into the new  
> system it fails to boot.
> I have an identical server setup with 9.10 and there everything worked  
> fine.
> Could someone point me to the right direction?
> 
> Thank you
> 
> lzantal
> 

-- 
Imre Gergely
Yahoo!: gergelyimre | ICQ#: 101510959
MSN: gergely_imre | GoogleTalk: gergelyimre
gpg --keyserver subkeys.pgp.net --recv-keys 0x34525305

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: block p2p traffic

2010-06-08 Thread Jorge Armando Medina 
Bill wrote:
> I also use snmp and mrtg. I like seeing how much traffic is coming 
> through during the night.
>   
vnstat is good for that, here a example:

# vnstat -i eth1 -d

 eth1  /  daily

day rx  | tx  |  total
+-+
   10.05.  1.55 GB  |  614.03 MB  |2.15 GB   %%:::
   11.05.  1.95 GB  |  830.82 MB  |2.76 GB   
   12.05.  1.79 GB  |  897.25 MB  |2.66 GB   
   13.05.  1.75 GB  |  885.00 MB  |2.61 GB   %%%
   14.05.  2.31 GB  |  845.42 MB  |3.14 GB   %%
   15.05.504.79 MB  |  372.75 MB  |  877.54 MB   %%:
   16.05. 43.93 MB  |   92.58 MB  |  136.51 MB
   17.05.  1.35 GB  |  746.94 MB  |2.08 GB   %%:::
   18.05.  1.91 GB  |1.14 GB  |3.05 GB   :
   19.05.  1.38 GB  |  943.80 MB  |2.30 GB   %%
   20.05.  1.29 GB  |  852.66 MB  |2.12 GB   %
   21.05.  1.40 GB  |  729.03 MB  |2.11 GB   %%:::
   22.05.394.85 MB  |  280.23 MB  |  675.08 MB   %%:
   23.05. 78.72 MB  |  184.89 MB  |  263.61 MB   :
   24.05.  1.42 GB  |  838.88 MB  |2.24 GB   %%
   25.05.  1.50 GB  |  871.23 MB  |2.35 GB   %%
   26.05.  1.61 GB  |  893.04 MB  |2.48 GB   %%%
   27.05.  1.67 GB  |  993.82 MB  |2.65 GB   
   28.05.  1.57 GB  |1.71 GB  |3.29 GB   %%%
   29.05.718.45 MB  |  360.40 MB  |1.05 GB   %%%:
   30.05. 44.14 MB  |   81.51 MB  |  125.65 MB
   31.05.  1.04 GB  |  775.54 MB  |1.80 GB   %:::
   01.06.  1.15 GB  |  642.65 MB  |1.78 GB   %:::
   02.06.  1.56 GB  |1.12 GB  |2.68 GB   %%%:
   03.06.  3.85 GB  |1.62 GB  |5.47 GB  
%%:::
   04.06.  2.32 GB  |1.49 GB  |3.81 GB   %%:::
   05.06.876.30 MB  |  449.40 MB  |1.29 GB   %%%::
   06.06.117.62 MB  |  158.43 MB  |  276.05 MB   :
   07.06.  1.99 GB  |1.38 GB  |3.37 GB   %::
   08.06.981.30 MB  |  712.62 MB  |1.65 GB   :::
+-+
 estimated 1.70 GB  |1.23 GB  |2.93 GB

Best regards.
> On 6/8/2010 8:52 AM, Eric Peters wrote:
>   
>> I agree, proactively monitoring your network, makes for good practice,
>> and also peace of mind. Security through obscurity, and passive
>> reactionary monitoring is just asking for your network to be abused.
>> Here are just some tools that I use on a daily basis which
>> would easily detect p2p traffic and other abuses.
>>
>> Ntop= /ntop/ is a network traffic probe that shows the network
>> usage, similar to what the popular top Unix command does, but prettier!
>> Snort   = /Snort/ is a free and open source network intrusion
>> prevention system (NIPS) and network intrusion detection system (NIDS)
>> Snorby = Great front end for Snort, I'm currently working on a howto
>> for this under Ubuntu 10.4
>> ET Rules  = Emerging Threats is an open source community project with
>> the fastest moving and most diverse Snort Signature set and firewall
>> rules available
>> Wireshark = /Wireshark/ is a network protocol analyzer
>> nmap   = Security Scanner For Network Exploration & computer scanning
>>
>> I'm curious as to what everyone else is using? Did I leave anything out?
>> What's your thoughts on this subject?
>>
>>
>> Cheers,
>> Eric
>>
>>
>> On Sat, Jun 5, 2010 at 5:53 PM, Michael Sanders > > wrote:
>>
>> I second Paul that is the way to go, once one finds out they have
>> eyes on them, it "can" fix it's self.  We had a problem with an
>> individual serving up files and the big bad record industry sent a
>> letter. That gave us the right to cut the user off. Once turned back
>> on behavior changed.   You will get some flack on the front end but
>> over time a majority of the community will get in line.
>>
>>Danny Michael Sanders
>>IT Support Analyst
>>
>> - "Paul Graydon" > > wrote:
>>  > That will help, but realistically you're going to have to block
>> every "high port" to stop P2P through that method.
>>  >
>>  > The only way to effectively block P2P is to do packet sniffing
>> and analysis.. and that's just one big hassle.
>>  >
>>  > My belief is this is usually the wrong way to tackle the problem,
>> looking for a technical solution to a human resource problem.
>>  > User education (and LARTing if necessary) is the key.  Using
>> software like Cacti to monitor and graph per-port traffic stats,
>> identify the largest bandwidth users and then focus on them and find
>> out just why they're using up so much bandwidth.
>>  > It's remarkable just how soon the problem al

Re: block p2p traffic

2010-06-08 Thread Bill 
I also use snmp and mrtg. I like seeing how much traffic is coming 
through during the night.

On 6/8/2010 8:52 AM, Eric Peters wrote:
> I agree, proactively monitoring your network, makes for good practice,
> and also peace of mind. Security through obscurity, and passive
> reactionary monitoring is just asking for your network to be abused.
> Here are just some tools that I use on a daily basis which
> would easily detect p2p traffic and other abuses.
>
> Ntop= /ntop/ is a network traffic probe that shows the network
> usage, similar to what the popular top Unix command does, but prettier!
> Snort   = /Snort/ is a free and open source network intrusion
> prevention system (NIPS) and network intrusion detection system (NIDS)
> Snorby = Great front end for Snort, I'm currently working on a howto
> for this under Ubuntu 10.4
> ET Rules  = Emerging Threats is an open source community project with
> the fastest moving and most diverse Snort Signature set and firewall
> rules available
> Wireshark = /Wireshark/ is a network protocol analyzer
> nmap   = Security Scanner For Network Exploration & computer scanning
>
> I'm curious as to what everyone else is using? Did I leave anything out?
> What's your thoughts on this subject?
>
>
> Cheers,
> Eric
>
>
> On Sat, Jun 5, 2010 at 5:53 PM, Michael Sanders  > wrote:
>
> I second Paul that is the way to go, once one finds out they have
> eyes on them, it "can" fix it's self.  We had a problem with an
> individual serving up files and the big bad record industry sent a
> letter. That gave us the right to cut the user off. Once turned back
> on behavior changed.   You will get some flack on the front end but
> over time a majority of the community will get in line.
>
>Danny Michael Sanders
>IT Support Analyst
>
> - "Paul Graydon"  > wrote:
>  > That will help, but realistically you're going to have to block
> every "high port" to stop P2P through that method.
>  >
>  > The only way to effectively block P2P is to do packet sniffing
> and analysis.. and that's just one big hassle.
>  >
>  > My belief is this is usually the wrong way to tackle the problem,
> looking for a technical solution to a human resource problem.
>  > User education (and LARTing if necessary) is the key.  Using
> software like Cacti to monitor and graph per-port traffic stats,
> identify the largest bandwidth users and then focus on them and find
> out just why they're using up so much bandwidth.
>  > It's remarkable just how soon the problem all goes away after you
> find just one or two individuals who are abusing the network
> infrastructure and explain to them what the disciplinary procedures
> are (or enact if it's appropriate and you have concrete evidence.)
> The message soon spreads!
>  >
>  > Paul
>  >
>  > On 06/04/2010 05:03 AM, Greyson Farias wrote:
>
> Hello,
>  >
>  > You can use these iptables rules, because I don't like, don't
> use and I don't wanna learn ufw. hehehehehe
>  >
>  > # Block P2P connections
>  > iptables -A FORWARD -p tcp --dport 1214:1215 -j DROP
>  > iptables -A FORWARD -p udp --dport 1214:1215 -j DROP
>  > iptables -A FORWARD -p tcp --dport 1981 -j DROP
>  > iptables -A FORWARD -p udp --dport 1981 -j DROP
>  > iptables -A FORWARD -p tcp --dport 2037 -j DROP
>  > iptables -A FORWARD -p udp --dport 2037 -j DROP
>  > iptables -A FORWARD -p tcp --dport 3501 -j DROP
>  > iptables -A FORWARD -p udp --dport 3501 -j DROP
>  > iptables -A FORWARD -p tcp --dport 3531 -j DROP
>  > iptables -A FORWARD -p udp --dport 3531 -j DROP
>  > iptables -A FORWARD -p tcp --dport 3587 -j DROP
>  > iptables -A FORWARD -p udp --dport 3587 -j DROP
>  > iptables -A FORWARD -p tcp --dport 3955 -j DROP
>  > iptables -A FORWARD -p udp --dport 3955 -j DROP
>  > iptables -A FORWARD -p tcp --dport 4242 -j DROP
>  > iptables -A FORWARD -p udp --dport 4242 -j DROP
>  > iptables -A FORWARD -p tcp --dport 4661:4672 -j DROP
>  > iptables -A FORWARD -p udp --dport 4661:4672 -j DROP
>  > iptables -A FORWARD -p tcp --dport 4688 -j DROP
>  > iptables -A FORWARD -p udp --dport 4688 -j DROP
>  > iptables -A FORWARD -p tcp --dport 5121 -j DROP
>  > iptables -A FORWARD -p udp --dport 5121 -j DROP
>  > iptables -A FORWARD -p tcp --dport 5662 -j DROP
>  > iptables -A FORWARD -p udp --dport 5662 -j DROP
>  > iptables -A FORWARD -p tcp --dport 6085:6086 -j DROP
>  > iptables -A FORWARD -p udp --dport 6085:6086 -j DROP
>  > iptables -A FORWARD -p tcp --dport 6346:6347 -j DROP
>  > iptables -A FORWARD -p udp --dport 6346:6347 -j DROP
>

Re: block p2p traffic

2010-06-08 Thread Eric Peters 
I agree, proactively monitoring your network, makes for good practice, and
also peace of mind. Security through obscurity, and passive reactionary
monitoring is just asking for your network to be abused. Here are just some
tools that I use on a daily basis which would easily detect p2p traffic and
other abuses.

Ntop= *ntop* is a network traffic probe that shows the network
usage, similar to what the popular top Unix command does, but prettier!
Snort   = *Snort* is a free and open source network intrusion prevention
system (NIPS) and network intrusion detection system (NIDS)
Snorby = Great front end for Snort, I'm currently working on a howto for
this under Ubuntu 10.4
ET Rules  = Emerging Threats is an open source community project with the
fastest moving and most diverse Snort Signature set and firewall rules
available
Wireshark = *Wireshark* is a network protocol analyzer
nmap   = Security Scanner For Network Exploration & computer scanning

I'm curious as to what everyone else is using? Did I leave anything out?
What's your thoughts on this subject?


Cheers,
Eric


On Sat, Jun 5, 2010 at 5:53 PM, Michael Sanders  wrote:

> I second Paul that is the way to go, once one finds out they have eyes on
> them, it "can" fix it's self.  We had a problem with an individual serving
> up files and the big bad record industry sent a letter. That gave us the
> right to cut the user off. Once turned back on behavior changed.   You will
> get some flack on the front end but over time a majority of the community
> will get in line.
>
>   Danny Michael Sanders
>   IT Support Analyst
>
> - "Paul Graydon"  wrote:
> > That will help, but realistically you're going to have to block every
> "high port" to stop P2P through that method.
> >
> > The only way to effectively block P2P is to do packet sniffing and
> analysis.. and that's just one big hassle.
> >
> > My belief is this is usually the wrong way to tackle the problem, looking
> for a technical solution to a human resource problem.
> > User education (and LARTing if necessary) is the key.  Using software
> like Cacti to monitor and graph per-port traffic stats, identify the largest
> bandwidth users and then focus on them and find out just why they're using
> up so much bandwidth.
> > It's remarkable just how soon the problem all goes away after you find
> just one or two individuals who are abusing the network infrastructure and
> explain to them what the disciplinary procedures are (or enact if it's
> appropriate and you have concrete evidence.)  The message soon spreads!
> >
> > Paul
> >
> > On 06/04/2010 05:03 AM, Greyson Farias wrote:
>
> Hello,
> >
> > You can use these iptables rules, because I don't like, don't use and I
> don't wanna learn ufw. hehehehehe
> >
> > # Block P2P connections
> > iptables -A FORWARD -p tcp --dport 1214:1215 -j DROP
> > iptables -A FORWARD -p udp --dport 1214:1215 -j DROP
> > iptables -A FORWARD -p tcp --dport 1981 -j DROP
> > iptables -A FORWARD -p udp --dport 1981 -j DROP
> > iptables -A FORWARD -p tcp --dport 2037 -j DROP
> > iptables -A FORWARD -p udp --dport 2037 -j DROP
> > iptables -A FORWARD -p tcp --dport 3501 -j DROP
> > iptables -A FORWARD -p udp --dport 3501 -j DROP
> > iptables -A FORWARD -p tcp --dport 3531 -j DROP
> > iptables -A FORWARD -p udp --dport 3531 -j DROP
> > iptables -A FORWARD -p tcp --dport 3587 -j DROP
> > iptables -A FORWARD -p udp --dport 3587 -j DROP
> > iptables -A FORWARD -p tcp --dport 3955 -j DROP
> > iptables -A FORWARD -p udp --dport 3955 -j DROP
> > iptables -A FORWARD -p tcp --dport 4242 -j DROP
> > iptables -A FORWARD -p udp --dport 4242 -j DROP
> > iptables -A FORWARD -p tcp --dport 4661:4672 -j DROP
> > iptables -A FORWARD -p udp --dport 4661:4672 -j DROP
> > iptables -A FORWARD -p tcp --dport 4688 -j DROP
> > iptables -A FORWARD -p udp --dport 4688 -j DROP
> > iptables -A FORWARD -p tcp --dport 5121 -j DROP
> > iptables -A FORWARD -p udp --dport 5121 -j DROP
> > iptables -A FORWARD -p tcp --dport 5662 -j DROP
> > iptables -A FORWARD -p udp --dport 5662 -j DROP
> > iptables -A FORWARD -p tcp --dport 6085:6086 -j DROP
> > iptables -A FORWARD -p udp --dport 6085:6086 -j DROP
> > iptables -A FORWARD -p tcp --dport 6346:6347 -j DROP
> > iptables -A FORWARD -p udp --dport 6346:6347 -j DROP
> > iptables -A FORWARD -p tcp --dport 6699 -j DROP
> > iptables -A FORWARD -p udp --dport 6699 -j DROP
> > iptables -A FORWARD -p udp --dport 6881:6889 -j DROP
> > iptables -A FORWARD -p tcp --dport 6881:6889 -j DROP
> > iptables -A FORWARD -p tcp --dport 8473 -j DROP
> > iptables -A FORWARD -p udp --dport 8473 -j DROP
> >
> >
> >
> >
> > 2010/6/4 Kaushal Shriyan 
> >
>>
>> Hi,
>> >
>> > is there a howto for blocking p2p traffic on ubuntu 10.04 server ?
>> >
>> > Thanks,
>> >
>> > Kaushal
>> >
>> > --
>> > ubuntu-server mailing list
>> > ubuntu-server@lists.ubuntu.com
>> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
>> > More info: https://wiki.ubuntu.com/ServerTeam
>> >
>

Install 10.04 on software raid

2010-06-08 Thread lzantal 
Hi All,

I am trying to install 10.04LTS on 3 sata hdd with software raid 5.
The install goes without any issue but when I try to boot into the new  
system it fails to boot.
I have an identical server setup with 9.10 and there everything worked  
fine.
Could someone point me to the right direction?

Thank you

lzantal

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: block p2p traffic

2010-06-08 Thread Kaushal Shriyan 
On Mon, Jun 7, 2010 at 2:26 PM, Kaushal Shriyan wrote:

>
>
> On Sun, Jun 6, 2010 at 6:23 AM, Michael Sanders  wrote:
>
>> I second Paul that is the way to go, once one finds out they have eyes on
>> them, it "can" fix it's self.  We had a problem with an individual serving
>> up files and the big bad record industry sent a letter. That gave us the
>> right to cut the user off. Once turned back on behavior changed.   You will
>> get some flack on the front end but over time a majority of the community
>> will get in line.
>>
>>   Danny Michael Sanders
>>   IT Support Analyst
>>
>> - "Paul Graydon"  wrote:
>> > That will help, but realistically you're going to have to block every
>> "high port" to stop P2P through that method.
>> >
>> > The only way to effectively block P2P is to do packet sniffing and
>> analysis.. and that's just one big hassle.
>> >
>> > My belief is this is usually the wrong way to tackle the problem,
>> looking for a technical solution to a human resource problem.
>> > User education (and LARTing if necessary) is the key.  Using software
>> like Cacti to monitor and graph per-port traffic stats, identify the largest
>> bandwidth users and then focus on them and find out just why they're using
>> up so much bandwidth.
>> > It's remarkable just how soon the problem all goes away after you find
>> just one or two individuals who are abusing the network infrastructure and
>> explain to them what the disciplinary procedures are (or enact if it's
>> appropriate and you have concrete evidence.)  The message soon spreads!
>> >
>> > Paul
>> >
>> > On 06/04/2010 05:03 AM, Greyson Farias wrote:
>>
>> Hello,
>> >
>> > You can use these iptables rules, because I don't like, don't use and I
>> don't wanna learn ufw. hehehehehe
>> >
>> > # Block P2P connections
>> > iptables -A FORWARD -p tcp --dport 1214:1215 -j DROP
>> > iptables -A FORWARD -p udp --dport 1214:1215 -j DROP
>> > iptables -A FORWARD -p tcp --dport 1981 -j DROP
>> > iptables -A FORWARD -p udp --dport 1981 -j DROP
>> > iptables -A FORWARD -p tcp --dport 2037 -j DROP
>> > iptables -A FORWARD -p udp --dport 2037 -j DROP
>> > iptables -A FORWARD -p tcp --dport 3501 -j DROP
>> > iptables -A FORWARD -p udp --dport 3501 -j DROP
>> > iptables -A FORWARD -p tcp --dport 3531 -j DROP
>> > iptables -A FORWARD -p udp --dport 3531 -j DROP
>> > iptables -A FORWARD -p tcp --dport 3587 -j DROP
>> > iptables -A FORWARD -p udp --dport 3587 -j DROP
>> > iptables -A FORWARD -p tcp --dport 3955 -j DROP
>> > iptables -A FORWARD -p udp --dport 3955 -j DROP
>> > iptables -A FORWARD -p tcp --dport 4242 -j DROP
>> > iptables -A FORWARD -p udp --dport 4242 -j DROP
>> > iptables -A FORWARD -p tcp --dport 4661:4672 -j DROP
>> > iptables -A FORWARD -p udp --dport 4661:4672 -j DROP
>> > iptables -A FORWARD -p tcp --dport 4688 -j DROP
>> > iptables -A FORWARD -p udp --dport 4688 -j DROP
>> > iptables -A FORWARD -p tcp --dport 5121 -j DROP
>> > iptables -A FORWARD -p udp --dport 5121 -j DROP
>> > iptables -A FORWARD -p tcp --dport 5662 -j DROP
>> > iptables -A FORWARD -p udp --dport 5662 -j DROP
>> > iptables -A FORWARD -p tcp --dport 6085:6086 -j DROP
>> > iptables -A FORWARD -p udp --dport 6085:6086 -j DROP
>> > iptables -A FORWARD -p tcp --dport 6346:6347 -j DROP
>> > iptables -A FORWARD -p udp --dport 6346:6347 -j DROP
>> > iptables -A FORWARD -p tcp --dport 6699 -j DROP
>> > iptables -A FORWARD -p udp --dport 6699 -j DROP
>> > iptables -A FORWARD -p udp --dport 6881:6889 -j DROP
>> > iptables -A FORWARD -p tcp --dport 6881:6889 -j DROP
>> > iptables -A FORWARD -p tcp --dport 8473 -j DROP
>> > iptables -A FORWARD -p udp --dport 8473 -j DROP
>> >
>> >
>> >
>> >
>> > 2010/6/4 Kaushal Shriyan 
>> >
>>>
>>> Hi,
>>> >
>>> > is there a howto for blocking p2p traffic on ubuntu 10.04 server ?
>>> >
>>> > Thanks,
>>> >
>>> > Kaushal
>>> >
>>> > --
>>> > ubuntu-server mailing list
>>> > ubuntu-server@lists.ubuntu.com
>>> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
>>> > More info: https://wiki.ubuntu.com/ServerTeam
>>> >
>>
>>
>> >
>>
>> > --
>> > Greyson Farias
>> > Técnico em Informática - CREA/AC 9329TD
>> > Ubuntu user
>> > Eu prefiro receber documentos em ODF.
>> > http://ubuntu.com/download/getubuntu
>> > Blog Ubuntu Acre: http://ubuntu-ac.org
>> >
>>
>>
>> >
>> >
>>
>> --
>> ubuntu-server mailing list
>> ubuntu-server@lists.ubuntu.com
>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
>> More info: https://wiki.ubuntu.com/ServerTeam
>>
>
> Hi Again
>
> I did followed http://www.debian-administration.org/articles/562
> when i run the make command i get http://pastebin.ubuntu.com/445975/
>
> Please suggest/guide.
>
> Thanks,
>
> Kaushal
>
Hi,

For the benefit of others in this email thread, I did followed this steps

#apt-get install xtables-addons-common
#module-assistant --verbose --text-mode auto-install xtables-addons
#modprobe xt_ipp2p

I added the below line at the end of /etc/init.d/shorewall and restarted
shorewall, it worked.

/sbin/i

Re: tinydns server

2010-06-08 Thread Armindo Silva 
Hi,

It appears to be working. Try with another browser, i am also a chrome user
(on linux) on sometimes i get this same error with other links but open just
fine with firefox.

Cheers

armindo

On Mon, Jun 7, 2010 at 5:43 PM, Kaushal Shriyan wrote:

>
>
> On Mon, Jun 7, 2010 at 9:44 PM, Miano, Steven M. <
> steven.mi...@mybrighthouse.com> wrote:
>
>>  http://smarden.org/pape/Debian/
>>
>> Is the package if you'd like it.
>>
>>
>> Hi Steven
>
> I am unable to open it
>
> Oops! Google Chrome could not find smarden.org
>
> Try reloading: smarden. org/ pape/ Debian/
>
>
> Thanks,
>
>
> Kaushal
>
>
>
> --
> ubuntu-server mailing list
> ubuntu-server@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
> More info: https://wiki.ubuntu.com/ServerTeam
>



-- 



--
"The only way of discovering the limits of the possible is to venture a
little way past them into the impossible."
Sir Arthur C. Clarke
-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam