[Bug 748887] [NEW] DNS resolving seems to be failing often and is taking way too long.
Public bug reported: Binary package hint: bind9 A couple of days ago (Tuesday?) my internet connections suddenly became very slow/intermittant. I thought the problem was at my DSL provider but after more checking the problem seems to be in Ubuntu/Linux somewhere. Reason: I can dual boot with windows 7 and have no problem at all. Also I tried a Ubuntu laptop on the same router ethernet port and it also works fine. So its not my hardware or my provider, and its not a general Ubuntu problem either. There are no error messages in any of the /var/log files and ifconfig looks normal. It seems to be a DNS problem as it's the initial connection to a host which often times out. If I get a connection, I can e.g. stream an radio station fine. If I try to e.g. traceroute any host it times out (no reply). Ubuntu 10.10 is totally up to date as of today. Other people are reporting the same problem e.g. http://ubuntuforums.org/showthread.php?t=1683691 PS Because of the nature of the problem, I am having to report this bug from another computer, however the software it at the same level. I would be happy to gather the information from the problem machine if you could tell me how gather it and get it to you. Thanks, John ProblemType: Bug DistroRelease: Ubuntu 10.10 Package: dnsutils 1:9.7.1.dfsg.P2-2ubuntu0.2 ProcVersionSignature: Ubuntu 2.6.35-25.44-generic 2.6.35.10 Uname: Linux 2.6.35-25-generic x86_64 NonfreeKernelModules: nvidia Architecture: amd64 Date: Sun Apr 3 09:01:27 2011 ProcEnviron: PATH=(custom, user) LANG=en_DK.utf8 SHELL=/bin/bash SourcePackage: bind9 ** Affects: bind9 (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug maverick -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bind9 in Ubuntu. https://bugs.launchpad.net/bugs/748887 Title: DNS resolving seems to be failing often and is taking way too long. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 748887] Re: DNS resolving seems to be failing often and is taking way too long.
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bind9 in Ubuntu. https://bugs.launchpad.net/bugs/748887 Title: DNS resolving seems to be failing often and is taking way too long. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 748887] Re: DNS resolving seems to be failing often and is taking way too long.
I've just noticed that there was a kernel update last Sunday -rw-r--r-- 1 root root 11M 2011-03-27 16:01 initrd.img-2.6.35-28-generic Should this bug be filed against the kernel? Or is dnsutils correct? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bind9 in Ubuntu. https://bugs.launchpad.net/bugs/748887 Title: DNS resolving seems to be failing often and is taking way too long. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 733914] Re: autofs races network interfaces, ends up not working
This bug was fixed in the package autofs5 - 5.0.5-0ubuntu5 --- autofs5 (5.0.5-0ubuntu5) natty; urgency=low * Improve autofs.conf upstart script. Prevent race when trying to start networking. (LP: #733914) * debian/autofs5-ldap.install: Install schema in the right place. (LP: #699855) * Suggest smbfs if you want to use cifs. (LP: #579857) * Dropped 13ldap_module_linkage.dpatch no longer needed. * Refresh with missing upstream patches. -- Chuck Short zul...@ubuntu.com Sat, 02 Apr 2011 22:25:34 -0400 ** Changed in: autofs5 (Ubuntu Natty) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to autofs5 in ubuntu. https://bugs.launchpad.net/bugs/733914 Title: autofs races network interfaces, ends up not working -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 699855] Re: autofs.schema in wrong location
This bug was fixed in the package autofs5 - 5.0.5-0ubuntu5 --- autofs5 (5.0.5-0ubuntu5) natty; urgency=low * Improve autofs.conf upstart script. Prevent race when trying to start networking. (LP: #733914) * debian/autofs5-ldap.install: Install schema in the right place. (LP: #699855) * Suggest smbfs if you want to use cifs. (LP: #579857) * Dropped 13ldap_module_linkage.dpatch no longer needed. * Refresh with missing upstream patches. -- Chuck Short zul...@ubuntu.com Sat, 02 Apr 2011 22:25:34 -0400 ** Changed in: autofs5 (Ubuntu) Status: Triaged = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to autofs5 in ubuntu. https://bugs.launchpad.net/bugs/699855 Title: autofs.schema in wrong location -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 579857] Re: automount and auto.smb not working
This bug was fixed in the package autofs5 - 5.0.5-0ubuntu5 --- autofs5 (5.0.5-0ubuntu5) natty; urgency=low * Improve autofs.conf upstart script. Prevent race when trying to start networking. (LP: #733914) * debian/autofs5-ldap.install: Install schema in the right place. (LP: #699855) * Suggest smbfs if you want to use cifs. (LP: #579857) * Dropped 13ldap_module_linkage.dpatch no longer needed. * Refresh with missing upstream patches. -- Chuck Short zul...@ubuntu.com Sat, 02 Apr 2011 22:25:34 -0400 ** Changed in: autofs5 (Ubuntu) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to autofs5 in ubuntu. https://bugs.launchpad.net/bugs/579857 Title: automount and auto.smb not working -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 749444] [NEW] grub-legacy-ec2 cannot be purged
Public bug reported: Binary package hint: cloud-init Running current Maverick-Server as a Xen pv_ops domu. Installed the grub-legacy-ec2 package, and now it cannot be purged. It does not properly account for the pv_ops kernels (detected as non-domu) so it is not much use to me to create a menu.lst for use with Debian Squeeze/6 Dom0 pygrub . It removes the diversion of /usr/sbin/grub-set-default and then trys to remove it again during the purge.. and fails. So it is stuck on my system in a removed state, with no dpkg --force options to purge/workaround. The following apt/dpkg output shows a reinstall followed by remove, and purge. Note the purge fails. root@ibm-main:/usr/sbin# apt-get install grub-legacy-ec2 --reinstall Reading package lists... Done Building dependency tree Reading state information... Done 0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 0 not upgraded. Need to get 0B/28.4kB of archives. After this operation, 0B of additional disk space will be used. Preconfiguring packages ... (Reading database ... 145664 files and directories currently installed.) Preparing to replace grub-legacy-ec2 0.5.15-0ubuntu3 (using .../grub-legacy-ec2_0.5.15-0ubuntu3_all.deb) ... Leaving 'diversion of /usr/sbin/grub-set-default to /usr/sbin/grub-set-default.real by grub-legacy-ec2' Unpacking replacement grub-legacy-ec2 ... Setting up grub-legacy-ec2 (0.5.15-0ubuntu3) ... Searching for GRUB installation directory ... found: /boot/grub Searching for default file ... found: /boot/grub/default Testing for an existing GRUB menu.lst file ... found: /boot/grub/menu.lst Searching for splash image ... none found, skipping ... Ignoring non-Xen Kernel on Xen domU host: vmlinuz-2.6.35-28-server Updating /boot/grub/menu.lst ... done root@ibm-main:/usr/sbin# apt-get remove grub-legacy-ec2 Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be REMOVED: grub-legacy-ec2 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. After this operation, 160kB disk space will be freed. Do you want to continue [Y/n]? (Reading database ... 145663 files and directories currently installed.) Removing grub-legacy-ec2 ... Removing 'diversion of /usr/sbin/grub-set-default to /usr/sbin/grub-set-default.real by grub-legacy-ec2' root@ibm-main:/usr/sbin# apt-get remove --purge grub-legacy-ec2 Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be REMOVED: grub-legacy-ec2* 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. After this operation, 0B of additional disk space will be used. Do you want to continue [Y/n]? (Reading database ... 145656 files and directories currently installed.) Removing grub-legacy-ec2 ... Purging configuration files for grub-legacy-ec2 ... No diversion 'diversion of /usr/sbin/grub-set-default to /usr/sbin/grub-set-default.real by grub-legacy-ec2', none removed. dpkg: error processing grub-legacy-ec2 (--purge): subprocess installed post-removal script returned error exit status 128 Errors were encountered while processing: grub-legacy-ec2 E: Sub-process /usr/bin/dpkg returned an error code (1) root@ibm-main:/usr/sbin# root@ibm-main:/usr/sbin# dpkg -l | grep grub ii grub-common 1.98+20100804-5ubuntu3.1 GRand Unified Bootloader, version 2 (common files) pc grub-legacy-ec2 0.5.15-0ubuntu3 Handles update-grub for ec2 instances ii grub-pc 1.98+20100804-5ubuntu3.1 GRand Unified Bootloader, version 2 (PC/BIOS version) root@ibm-main:/usr/sbin# ** Affects: cloud-init (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to cloud-init in Ubuntu. https://bugs.launchpad.net/bugs/749444 Title: grub-legacy-ec2 cannot be purged -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 749444] Re: grub-legacy-ec2 cannot be purged
Not related to the bug, but I noted the option inDomU=true can be set in menu.lst, to override detection for pv_ops kernels. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to cloud-init in Ubuntu. https://bugs.launchpad.net/bugs/749444 Title: grub-legacy-ec2 cannot be purged -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 749444] Re: grub-legacy-ec2 cannot be purged
Premature comment.. ignore my last, as the option does not work as expected (menu.lst is recreated with each grub-legacy-ec2-update). Anyhow, to get this package off your system, edit the /var/lib/dpkg/info /grub-legacy-ec2.postrm script and find the following if statement, if [ $1 = remove -o $1 = purge ]; then dpkg-divert --package grub-legacy-ec2 --remove --rename --divert \ /usr/sbin/grub-set-default.real /usr/sbin/grub-set-default fi Simply change the first line, if [ $1 = remove -o $1 = purge ]; then to if [ $1 = remove ]; then This removes the diversion removal step from the purge function, allowing a removal, followed by a clean purge. #apt-get remove grub-legacy-ec2 #apt-get remove grub-legacy-ec2 --purge ..and it is gone.. root@ibm-main:/var/lib/dpkg/info# dpkg -l | grep grub ii grub-common 1.98+20100804-5ubuntu3.1 GRand Unified Bootloader, version 2 (common files) ii grub-pc 1.98+20100804-5ubuntu3.1 GRand Unified Bootloader, version 2 (PC/BIOS version) root@ibm-main:/var/lib/dpkg/info# -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to cloud-init in Ubuntu. https://bugs.launchpad.net/bugs/749444 Title: grub-legacy-ec2 cannot be purged -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 748834] Re: libvirt segfaults on networkIsActive or networkIsPersistent
Quoting pdf (748...@bugs.launchpad.net): Upstream fix is here: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=6d4bd59cf82d96531abe1527bc80caa2ba86249e;hp=bf6789d913a5edb029af8fe959c0d54ede2a2719#patch1 Thanks very much for the bug posting and pointing to the fix. I'll reproduce, test, and SRU the fix. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in Ubuntu. https://bugs.launchpad.net/bugs/748834 Title: libvirt segfaults on networkIsActive or networkIsPersistent -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 700945] Re: backport of patch for error message undefined method `closed?' for Nil:NilClass required.
Nominating for SRU, fulfills: (1) have an obviously safe patch and (2) affect an application rather than critical infrastructure packages. Justification: The bug hides error messages, which makes diagnosing connection problems to a puppetmaster a real PITA. The fix is from upstream (Maverick's puppet package has a newer version which already contains the fix): http://projects.puppetlabs.com/projects/puppet/repository/revisions/ae0b0bf23e418e8c6665e9dc135148b78bdbd913 Regression potential: none. TEST CASE: (these instructions assume an already working puppet installation) 1) On a puppet client computer, stop the puppet service 2) Add a new line to your /etc/hosts file, containing an entry for the IP address of your puppetmaster, but with a wrong hostname, eg. like this: 1.2.3.4 foo.local 3) Add this line to your puppet client's /etc/puppet/puppet.conf file: server=foo.local 4) Run puppetd --test on the client Wrong output: info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': undefined method `closed?' for nil:NilClass err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: undefined method `closed?' for nil:NilClass Could not retrieve file metadata for puppet://foo.local/plugins: undefined method `closed?' for nil:NilClass err: Could not retrieve catalog from remote server: undefined method `closed?' for nil:NilClass warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run Expected output: info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': hostname was not match with the server certificate err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: hostname was not match with the server certificate Could not retrieve file metadata for puppet://foo.local/plugins: hostname was not match with the server certificate err: Could not retrieve catalog from remote server: hostname was not match with the server certificate warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run ** Patch added: puppet_0.25.4-2ubuntu6.1.diff https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/700945/+attachment/1973794/+files/puppet_0.25.4-2ubuntu6.1.diff -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/700945 Title: backport of patch for error message undefined method `closed?' for Nil:NilClass required. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 700945] Re: backport of patch for error message undefined method `closed?' for Nil:NilClass required.
** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to puppet in Ubuntu. https://bugs.launchpad.net/bugs/700945 Title: backport of patch for error message undefined method `closed?' for Nil:NilClass required. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 721320] Re: DKIM-related failures should not end up in the panic log
If you don't have any custom logic for panic log (i.e. /usr/local/lib/exim4/nonzero_paniclog_hook), you can work around this issue by editing /etc/cron.daily/exim4-base and changing line 18 from: E4BCD_PANICLOG_NOISE= to E4BCD_PANICLOG_NOISE=DKIM: Error while running this message through validation, disabling signature verification.$ -- Steve -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to exim4 in Ubuntu. https://bugs.launchpad.net/bugs/721320 Title: DKIM-related failures should not end up in the panic log -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 749620] [NEW] ssh-keygen -h or ssh-keygen --help does not show help
Public bug reported: I think the subject describes it all. I realize this should probably be a patch sent to openssh themselves. I'm tracking here for ubuntu usability. ** Affects: openssh (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/749620 Title: ssh-keygen -h or ssh-keygen --help does not show help -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 749620] Re: ssh-keygen -h or ssh-keygen --help does not show help
The (illegal) -? switch does show help. Turns out -h is for Generate host certificate instead of a user certificate. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/749620 Title: ssh-keygen -h or ssh-keygen --help does not show help -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 733914] Re: autofs races network interfaces, ends up not working
The fix for this: --- autofs5-5.0.5/debian/autofs5.autofs.upstart +++ autofs5-5.0.5/debian/autofs5.autofs.upstart @@ -4,56 +4,15 @@ start on (filesystem - and net-device-up IFACE!=lo) + and net-device-up + and mounting TYPE=nfs) stop on runlevel [!2345] Causes mountall to fail to mount any NFS mounts in /etc/fstab. The reason is mounting TYPE=nfs comes every time an NFS mount is *attempted* ... even when it will fail.. TO test this: Add this to /etc/fstab (replacing ip/dir with a valid NFS mount of course): 192.168.122.1:/home/clint /mnt nfs ro,nolock 0 0 With the previous version of autofs, this would work fine on reboot. Now install 5.0.5-0ubuntu5 .. on reboot, /mnt will not be mounted. Also there is no explanation given as to why we are now ignoring /etc/default/autofs which is a bug since upgrades from Maverick will break. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to autofs5 in Ubuntu. https://bugs.launchpad.net/bugs/733914 Title: autofs races network interfaces, ends up not working -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 749720] [NEW] Wrong symlink in libapache2-mod-wsgi-py3
Public bug reported:
I just installed libapache2-mod-wsgi-py3. Apache gave an error after the
attempt to restart:
# service apache2 restart
apache2: Syntax error on line 203 of /etc/apache2/apache2.conf: Syntax error on
line 1 of /etc/apache2/mods-enabled/wsgi.load: Cannot load
/usr/lib/apache2/modules/mod_wsgi.so into server:
/usr/lib/apache2/modules/mod_wsgi.so: cannot open shared object file: No such
file or directory
Action 'configtest' failed.
The Apache error log may have more information.
...fail!
# ls /usr/lib/apache2/modules/mod_wsgi.so* -l
lrwxrwxrwx 1 root root 17 2011-04-03 18:54
/usr/lib/apache2/modules/mod_wsgi.so - mod_wsgi.so-3.2-1
-rw-r--r-- 1 root root 156320 2010-12-03 19:59
/usr/lib/apache2/modules/mod_wsgi.so-3.1
-rw-r--r-- 1 root root 156320 2010-12-03 19:59
/usr/lib/apache2/modules/mod_wsgi.so-3.2
Attempt to fix:
# cp -sf /usr/lib/apache2/modules/mod_wsgi.so{-3.2,}
Now i get:
# service apache2 restart
apache2: Syntax error on line 203 of /etc/apache2/apache2.conf: Syntax error on
line 1 of /etc/apache2/mods-enabled/wsgi.load: Cannot load
/usr/lib/apache2/modules/mod_wsgi.so into server:
/usr/lib/apache2/modules/mod_wsgi.so: undefined symbol: PyCObject_FromVoidPtr
Action 'configtest' failed.
The Apache error log may have more information.
...fail!
** Affects: mod-wsgi (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mod-wsgi in Ubuntu.
https://bugs.launchpad.net/bugs/749720
Title:
Wrong symlink in libapache2-mod-wsgi-py3
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 749720] Re: Wrong symlink in libapache2-mod-wsgi-py3
Ok, i can get it working with mod_wsgi.so-3.1
# cp -sf /usr/lib/apache2/modules/mod_wsgi.so{-3.1,}
# service apache2 restart
* Restarting web server apache2
... waiting . ...done.
** Description changed:
I just installed libapache2-mod-wsgi-py3. Apache gave an error after the
attempt to restart:
# service apache2 restart
apache2: Syntax error on line 203 of /etc/apache2/apache2.conf: Syntax error
on line 1 of /etc/apache2/mods-enabled/wsgi.load: Cannot load
/usr/lib/apache2/modules/mod_wsgi.so into server:
/usr/lib/apache2/modules/mod_wsgi.so: cannot open shared object file: No such
file or directory
Action 'configtest' failed.
The Apache error log may have more information.
-...fail!
+ ...fail!
# ls /usr/lib/apache2/modules/mod_wsgi.so* -l
lrwxrwxrwx 1 root root 17 2011-04-03 18:54
/usr/lib/apache2/modules/mod_wsgi.so - mod_wsgi.so-3.2-1
-rw-r--r-- 1 root root 156320 2010-12-03 19:59
/usr/lib/apache2/modules/mod_wsgi.so-3.1
-rw-r--r-- 1 root root 156320 2010-12-03 19:59
/usr/lib/apache2/modules/mod_wsgi.so-3.2
Attempt to fix:
- # cp -lf /usr/lib/apache2/modules/mod_wsgi.so{-3.2,}
+ # cp -sf /usr/lib/apache2/modules/mod_wsgi.so{-3.2,}
Now i get:
# service apache2 restart
apache2: Syntax error on line 203 of /etc/apache2/apache2.conf: Syntax error
on line 1 of /etc/apache2/mods-enabled/wsgi.load: Cannot load
/usr/lib/apache2/modules/mod_wsgi.so into server:
/usr/lib/apache2/modules/mod_wsgi.so: undefined symbol: PyCObject_FromVoidPtr
Action 'configtest' failed.
The Apache error log may have more information.
-...fail!
+ ...fail!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mod-wsgi in Ubuntu.
https://bugs.launchpad.net/bugs/749720
Title:
Wrong symlink in libapache2-mod-wsgi-py3
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 748834] Re: libvirt segfaults on networkIsActive or networkIsPersistent
On 04/04/11 02:31, Serge Hallyn wrote: Thanks very much for the bug posting and pointing to the fix. I'll reproduce, test, and SRU the fix. Great, thanks for the quick response Serge. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in Ubuntu. https://bugs.launchpad.net/bugs/748834 Title: libvirt segfaults on networkIsActive or networkIsPersistent -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 749895] [NEW] package amavisd-new-postfix 1:2.6.4-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1
Public bug reported: Binary package hint: amavisd-new amavisd package fails to install using synaptic manager ProblemType: Package DistroRelease: Ubuntu 11.04 Package: amavisd-new-postfix 1:2.6.4-1ubuntu6 ProcVersionSignature: Ubuntu 2.6.38-7.39-generic 2.6.38 Uname: Linux 2.6.38-7-generic i686 Architecture: i386 Date: Sun Apr 3 21:02:45 2011 ErrorMessage: subprocess installed post-installation script returned error exit status 1 InstallationMedia: Ubuntu 11.04 Natty Narwhal - Beta i386 (20110402) SourcePackage: amavisd-new Title: package amavisd-new-postfix 1:2.6.4-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: amavisd-new (Ubuntu) Importance: Undecided Status: New ** Tags: apport-package i386 natty -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to amavisd-new in Ubuntu. https://bugs.launchpad.net/bugs/749895 Title: package amavisd-new-postfix 1:2.6.4-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 749895] Re: package amavisd-new-postfix 1:2.6.4-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to amavisd-new in Ubuntu. https://bugs.launchpad.net/bugs/749895 Title: package amavisd-new-postfix 1:2.6.4-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 561779] Re: squid is not started on runlevel transition 1 - 2
This bug was fixed in the package squid - 2.7.STABLE9-2.1ubuntu6 --- squid (2.7.STABLE9-2.1ubuntu6) natty; urgency=low * debian/squid.upstart: start on changed to start on transition to runlevel 2 (LP: #561779) * debian/squid.upstart: SQUID_ARGS default value set to -D so DNS checks are not performed at startup (LP: #561750) -- Clint Byrum cl...@ubuntu.com Fri, 01 Apr 2011 13:59:06 -0700 ** Changed in: squid (Ubuntu Natty) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid in Ubuntu. https://bugs.launchpad.net/bugs/561779 Title: squid is not started on runlevel transition 1 - 2 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 561750] Re: squid starts and stops immediately (after upgrade from karmic to lucid)
This bug was fixed in the package squid - 2.7.STABLE9-2.1ubuntu6 --- squid (2.7.STABLE9-2.1ubuntu6) natty; urgency=low * debian/squid.upstart: start on changed to start on transition to runlevel 2 (LP: #561779) * debian/squid.upstart: SQUID_ARGS default value set to -D so DNS checks are not performed at startup (LP: #561750) -- Clint Byrum cl...@ubuntu.com Fri, 01 Apr 2011 13:59:06 -0700 ** Changed in: squid (Ubuntu) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid in Ubuntu. https://bugs.launchpad.net/bugs/561750 Title: squid starts and stops immediately (after upgrade from karmic to lucid) -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 365054] Re: [Jaunty] exception occured in vmbuilder
*** This bug is a duplicate of bug 352568 ***
https://bugs.launchpad.net/bugs/352568
I get this on Lucid (and it doesn't seem related to #352568 to me).
I ran with debug, but it produced no more output in the actual bit that
fails:
2011-04-04 17:06:50,987 DEBUG : Output from template
'/etc/vmbuilder/ubuntu/timezone.tmpl': UTC
2011-04-04 17:06:50,987 DEBUG : ['chroot', '/tmp/tmp0SkIqz',
'dpkg-reconfigure', '-fnoninteractive', '-pcritical', 'tzdata']
2011-04-04 17:06:51,140 INFO:
2011-04-04 17:06:51,140 INFO: Current default time zone: 'Etc/UTC'
2011-04-04 17:06:51,143 INFO: Local time is now: Mon Apr 4 05:06:51
UTC 2011.
2011-04-04 17:06:51,144 INFO: Universal Time is now: Mon Apr 4 05:06:51
UTC 2011.
2011-04-04 17:06:51,144 INFO:
2011-04-04 17:06:51,173 DEBUG : Output from template
'/etc/vmbuilder/ubuntu/locale.tmpl': LANG=C
2011-04-04 17:06:51,174 DEBUG : ['chroot', '/tmp/tmp0SkIqz', 'locale-gen',
'C']
2011-04-04 17:06:51,183 ERROR : Process (['chroot', '/tmp/tmp0SkIqz',
'locale-gen', 'C']) returned 1. stdout: , stderr:
Traceback (most recent call last):
File /usr/bin/vmbuilder, line 24, in module
cli.main()
File /usr/lib/python2.6/dist-packages/VMBuilder/contrib/cli.py, line 110, in
main
distro.build_chroot()
File /usr/lib/python2.6/dist-packages/VMBuilder/distro.py, line 83, in
build_chroot
self.call_hooks('configure_os')
File /usr/lib/python2.6/dist-packages/VMBuilder/distro.py, line 66, in
call_hooks
call_hooks(self, *args, **kwargs)
File /usr/lib/python2.6/dist-packages/VMBuilder/util.py, line 165, in
call_hooks
getattr(context, func, log_no_such_method)(*args, **kwargs)
File /usr/lib/python2.6/dist-packages/VMBuilder/plugins/ubuntu/distro.py,
line 156, in configure_os
self.suite.set_locale()
File /usr/lib/python2.6/dist-packages/VMBuilder/plugins/ubuntu/dapper.py,
line 350, in set_locale
self.run_in_target('locale-gen', lang)
File /usr/lib/python2.6/dist-packages/VMBuilder/plugins/ubuntu/dapper.py,
line 327, in run_in_target
return self.context.run_in_target(*args, **kwargs)
File /usr/lib/python2.6/dist-packages/VMBuilder/plugins/__init__.py, line 86,
in run_in_target
return util.run_cmd('chroot', self.chroot_dir, *args, **kwargs)
File /usr/lib/python2.6/dist-packages/VMBuilder/util.py, line 120, in run_cmd
raise VMBuilderException, Process (%s) returned %d. stdout: %s, stderr: %s %
(args.__repr__(), status, mystdout.buf, mystderr.buf)
VMBuilder.exception.VMBuilderException: Process (['chroot', '/tmp/tmp0SkIqz',
'locale-gen', 'C']) returned 1. stdout: , stderr:
To workaround, I ran vmbuilder under LANG=en_US.utf8.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to vm-builder in Ubuntu.
https://bugs.launchpad.net/bugs/365054
Title:
[Jaunty] exception occured in vmbuilder
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 731976] Re: SAMBA - Can't access Windows 7 computer via SAMBA
Alright, Firstly, André let me sincerely apologize for thinking that your original idea, of wiping the clients was ludicrous, as it would seem that the problem was on their side. I was so frustrated with my computers/samba this weekend, I decided to try one last thing and formatted/reinstalled two of my Windows 7 machines. Lo and behold, the problem is solved - I can't believe that the problem would be on the client's side - Or at least, I was so sure it's samba! Anyway, bottom line is, I also got my SAMBA working 100%, by, strangely enough, reinstalling Windows 7. I haven't tested if samba gives the same problems on Mac or other Linux boxes - but my preliminary testing would indicate that they don't have this problem. Thanks again Andrè! -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/731976 Title: SAMBA - Can't access Windows 7 computer via SAMBA -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Oneiric-Topic] Revisit Xen support
Excerpts from Clint Byrum's message of Fri Apr 01 16:51:04 -0700 2011: Excerpts from Chuck Short's message of Wed Mar 30 07:27:50 -0700 2011: Hi, In the past Xen support in Ubuntu as a host has been difficult for a variety of reasons most notably no upstream kernel support. Now that dom0 should be coming into the vanilla kernel soon. I think its time to revisit supporting Xen as a hypervisor as well. Just playing devil's advocate here. Other than people already having familiarity with Xen, what is a compelling reason to support it in favor of, or in addition to, KVM? Really awesome feedback guys, and thanks for putting up with my tire kicking on this idea. So what I'm reading is that KVM should be good once hardware catches up with it. Xen takes advantage of older hardware more effectively, and may also have a better I/O system. Not one person has stood up and said that KVM blows Xen away, or is even better. I have very little operational experience with either.. having had my website and IMAP server on a Xen domU running CentOS 5 for a few years, I can say that it is fine for the lightweight work of a wordpress blog and courier-imap. So, with all of that said, and xen dom0 support coming to the vanilla kernel, it sounds like a slam dunk for Ubuntu to raise xen to first class status. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: [Oneiric-Topic] Revisit Xen support
Quoting Serge van Ginderachter (se...@vanginderachter.be): On 2 April 2011 16:58, Clint Byrum cl...@ubuntu.com wrote: Some general conclusions were: * VMWare ESXi was the clear winner, * Xen on Debian Lenny was a close second, and the winner amongst Open Source solutions. * Xen performance is way better than KVM, especially when looking at disk access * Xen performs in a more stable and predictable way, whilst KVM seemed to perform more at random (which confirms Iustin's observations, ) * CentOS (5.4) performed remarkably well for being older sofwtare versions (KVM, Xen, Linux kernel) * performance on Ubuntu was really bad. The then recent Ubuntu Lucid was far worse than CentOS 5.5 (both KVM) On the one hand, you can't make claims like this without giving very detailed info on the storage configuration. On the other hand, kvm (and libvirt) tend to make changes which impact how you need to tune things to get best performance. Which is not really acceptable in a real enterprise deployment. We've gotten complaints before - valid IMHO - about 'undocumented changes' like that. This is IMO a strong consideration for considering re-enabling xen. It also may deserve a UDS topic on whethere there is something we can do. Perhaps we can spend a week around alpha-3 time doing performance tests of various configurations. Perhaps we can query the community for what they consider current best practices, and document those at release time. Perhaps query, then do our week of performance tests to validate, then document. -serge signature.asc Description: Digital signature -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: [Oneiric-Topic] Byobu
Well, I do use Byobu, but I would vote against its default on server... You see, I use both Windows and Ubuntu to manage my Ubuntu servers (and I guess I am not the only one), and on Windows, I have to use a few different terminal emulators to SSH my way into the servers, such as Putty and SecureCRT... but Byobu simply wont work on them (most likely due to a escape code missing or to many, it will fill up the screen on byobu updates rolling up, instead of keeping to the bottom) Therefore, I use byobu only whe I am already at a Ubuntu machine (or other linux, for that matter) 2011/4/2 Dustin Kirkland kirkl...@ubuntu.com On Fri, Apr 1, 2011 at 2:12 PM, Clint Byrum cl...@ubuntu.com wrote: I took your statement of we'll have almost everything we need. to mean, we'll have almost everything we need to make it the default terminal shell. Hey Clint, one important clarification here. Just need to update the vocabulary here... This isn't about byobu as a default shell. Byobu/screen is not a shell itself, but rather a command line window manager. It's a program that runs within a shell, and allows you to launch and manage dozens (40, by default) of shells within a single user process. Your default shell is bash, or dash, ash, csh, tsh, ksh, etc. etc. etc. All of those do (or at least should -- file bugs if not) work just fine under Linux. Ubuntu chooses a default user shell of bash for you. There's no intention to change that. The way byobu at login currently works is by adding a line to the very end of your ~/.profile: case $- in *i*) byobu-launcher exit 0; esac; This says if the shell being launched is interactive, then run byobu and exit when byobu is done. There is always room for improvement there, and that's part of what a blueprint would design and fix. Anyway, this is an interesting point in the thread. I'm going to put together a blog post that actually walks through all of what happens when you login into an Ubuntu command line shell, from a low-level technical perspective ;-) -- :-Dustin Dustin Kirkland Ubuntu Core Developer -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- Fábio Leitão ..-. .- -... .. --- .-.. . .. - .- --- ...-.- -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Ubuntu Gateway
Hi, I have planned to use 10.04 LTS for setting up Internet Gateway in my office. What should be the hardware configuration and what all recommended applications are needed ? Thanks Kaushal -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Ubuntu Gateway
Hello Kaushal. I've been using Ubuntu Server as a gateway and firewall since the last LTS before 10.04 LTS. Currently, my company's Internet gateway is 10.04.02 LTS, handling 4 Internet Connections (2Mbps, 2Mbps, 10Mbps, 1Mbps), outgoing *and* incoming. You'll need to be familiar with iptables. And by familiar, I mean *really* familiar. I'd say I know iptables better than I know my wife :) ... well, just kidding. Sort of. You'll also need to become familiar with iproute2 if you need Policy-Based Routing (e.g., routing based on source instead of destination). And you will want to learn fwmark-based routing. If you want to throttle connections, you also have to familiarize yourself with tc. Or use tcng for a (much) friendlier way to configure tc. You will want to tune the box's networking parameters. In particular, various timeouts and buffer sizes. Oh, and use HTCP rather than CUBIC. Finally, when you've gone the highly-customized system route like I did, you can't rely on simple iptables management like iptables-persistent. Even Shorewall or Arno's can't fulfill my needs. I have to create my own 'harness' to run everything, e.g.: + Custom startup scripts to ensure ipset's sets get loaded before iptables' rules + Custom startup scripts to populate the routing table + Custom scripts to save the state of the firewall/gateway when a change has been made (so that the next startup will properly restore the state) I am currently in the progress of making Python-based scripts to help in my firewall/gateway maintenance. But it's still in 'Deep Alpha' state, so I can't share it with you yet. Feel free to contact me privately if you want to see how I set things up. I'll share my scripts and configs. Rgds, On 2011-04-04, Kaushal Shriyan kaushalshri...@gmail.com wrote: Hi, I have planned to use 10.04 LTS for setting up Internet Gateway in my office. What should be the hardware configuration and what all recommended applications are needed ? Thanks Kaushal -- -- Pandu E Poluan - IT Optimizer My website: http://pandu.poluan.info/ -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: [Oneiric-Topic] Byobu
Which George are you referring to? George Harrison, George Weasley, or Curious George? :D (sorry, can't stop myself) Rgds, On 2011-04-03, Clint Byrum cl...@ubuntu.com wrote: Excerpts from Dustin Kirkland's message of Sat Apr 02 08:14:48 -0700 2011: On Fri, Apr 1, 2011 at 2:12 PM, Clint Byrum cl...@ubuntu.com wrote: I took your statement of we'll have almost everything we need. to mean, we'll have almost everything we need to make it the default terminal shell. Hey Clint, one important clarification here. Just need to update the vocabulary here... This isn't about byobu as a default shell. Byobu/screen is not a shell itself, but rather a command line window manager. It's a program that runs within a shell, and allows you to launch and manage dozens (40, by default) of shells within a single user process. http://en.wikipedia.org/wiki/Shell_(computing) A shell is a piece of software that provides an interface for users of an operating system which provides access to the services of a kernel. We can call it a shell, a command line window manager, or George. What is being proposed is that it become the default user interface for the CLI of Ubuntu. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- -- Pandu E Poluan - IT Optimizer My website: http://pandu.poluan.info/ -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Ubuntu Gateway
I think what Pandu suggested is great but way to advanced for some people (including me), I would say shorewall can fulfill most people needs, and what they say its true (shorewall, iptables made easy). I use it and have had no problems at all with it. For me, just shorewall + squid does the job, I mantain 2 offices, 1 with + clients and the other one with 56, in both I have the same setup and works very well. Pandu's approach is great but like he said, you need to know iptables more than you know your wife. cheers and hope it helped 2011/4/3 Pandu Poluan pa...@poluan.info Hello Kaushal. I've been using Ubuntu Server as a gateway and firewall since the last LTS before 10.04 LTS. Currently, my company's Internet gateway is 10.04.02 LTS, handling 4 Internet Connections (2Mbps, 2Mbps, 10Mbps, 1Mbps), outgoing *and* incoming. You'll need to be familiar with iptables. And by familiar, I mean *really* familiar. I'd say I know iptables better than I know my wife :) ... well, just kidding. Sort of. You'll also need to become familiar with iproute2 if you need Policy-Based Routing (e.g., routing based on source instead of destination). And you will want to learn fwmark-based routing. If you want to throttle connections, you also have to familiarize yourself with tc. Or use tcng for a (much) friendlier way to configure tc. You will want to tune the box's networking parameters. In particular, various timeouts and buffer sizes. Oh, and use HTCP rather than CUBIC. Finally, when you've gone the highly-customized system route like I did, you can't rely on simple iptables management like iptables-persistent. Even Shorewall or Arno's can't fulfill my needs. I have to create my own 'harness' to run everything, e.g.: + Custom startup scripts to ensure ipset's sets get loaded before iptables' rules + Custom startup scripts to populate the routing table + Custom scripts to save the state of the firewall/gateway when a change has been made (so that the next startup will properly restore the state) I am currently in the progress of making Python-based scripts to help in my firewall/gateway maintenance. But it's still in 'Deep Alpha' state, so I can't share it with you yet. Feel free to contact me privately if you want to see how I set things up. I'll share my scripts and configs. Rgds, On 2011-04-04, Kaushal Shriyan kaushalshri...@gmail.com wrote: Hi, I have planned to use 10.04 LTS for setting up Internet Gateway in my office. What should be the hardware configuration and what all recommended applications are needed ? Thanks Kaushal -- -- Pandu E Poluan - IT Optimizer My website: http://pandu.poluan.info/ -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- X1R1 -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Ubuntu Gateway
Heh, to each their own poison, I guess :-) But Diego is right: For most use-cases, Shorewall or Arno's would be enough. So it all depends on one's needs. On Mon, Apr 4, 2011 at 12:24, Diego Xirinachs dxiri...@gmail.com wrote: I think what Pandu suggested is great but way to advanced for some people (including me), I would say shorewall can fulfill most people needs, and what they say its true (shorewall, iptables made easy). I use it and have had no problems at all with it. For me, just shorewall + squid does the job, I mantain 2 offices, 1 with + clients and the other one with 56, in both I have the same setup and works very well. Pandu's approach is great but like he said, you need to know iptables more than you know your wife. cheers and hope it helped 2011/4/3 Pandu Poluan pa...@poluan.info Hello Kaushal. I've been using Ubuntu Server as a gateway and firewall since the last LTS before 10.04 LTS. Currently, my company's Internet gateway is 10.04.02 LTS, handling 4 Internet Connections (2Mbps, 2Mbps, 10Mbps, 1Mbps), outgoing *and* incoming. You'll need to be familiar with iptables. And by familiar, I mean *really* familiar. I'd say I know iptables better than I know my wife :) ... well, just kidding. Sort of. You'll also need to become familiar with iproute2 if you need Policy-Based Routing (e.g., routing based on source instead of destination). And you will want to learn fwmark-based routing. If you want to throttle connections, you also have to familiarize yourself with tc. Or use tcng for a (much) friendlier way to configure tc. You will want to tune the box's networking parameters. In particular, various timeouts and buffer sizes. Oh, and use HTCP rather than CUBIC. Finally, when you've gone the highly-customized system route like I did, you can't rely on simple iptables management like iptables-persistent. Even Shorewall or Arno's can't fulfill my needs. I have to create my own 'harness' to run everything, e.g.: + Custom startup scripts to ensure ipset's sets get loaded before iptables' rules + Custom startup scripts to populate the routing table + Custom scripts to save the state of the firewall/gateway when a change has been made (so that the next startup will properly restore the state) I am currently in the progress of making Python-based scripts to help in my firewall/gateway maintenance. But it's still in 'Deep Alpha' state, so I can't share it with you yet. Feel free to contact me privately if you want to see how I set things up. I'll share my scripts and configs. Rgds, On 2011-04-04, Kaushal Shriyan kaushalshri...@gmail.com wrote: Hi, I have planned to use 10.04 LTS for setting up Internet Gateway in my office. What should be the hardware configuration and what all recommended applications are needed ? -- Pandu E Poluan ~ IT Optimizer ~ Visit my Blog: http://pepoluan.posterous.com -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Ubuntu Gateway
On Mon, Apr 4, 2011 at 11:14 AM, Pandu Poluan pa...@poluan.info wrote: Heh, to each their own poison, I guess :-) But Diego is right: For most use-cases, Shorewall or Arno's would be enough. So it all depends on one's needs. Arno's ? what does it mean ? Thanks Kaushal On Mon, Apr 4, 2011 at 12:24, Diego Xirinachs dxiri...@gmail.com wrote: I think what Pandu suggested is great but way to advanced for some people (including me), I would say shorewall can fulfill most people needs, and what they say its true (shorewall, iptables made easy). I use it and have had no problems at all with it. For me, just shorewall + squid does the job, I mantain 2 offices, 1 with + clients and the other one with 56, in both I have the same setup and works very well. Pandu's approach is great but like he said, you need to know iptables more than you know your wife. cheers and hope it helped 2011/4/3 Pandu Poluan pa...@poluan.info Hello Kaushal. I've been using Ubuntu Server as a gateway and firewall since the last LTS before 10.04 LTS. Currently, my company's Internet gateway is 10.04.02 LTS, handling 4 Internet Connections (2Mbps, 2Mbps, 10Mbps, 1Mbps), outgoing *and* incoming. You'll need to be familiar with iptables. And by familiar, I mean *really* familiar. I'd say I know iptables better than I know my wife :) ... well, just kidding. Sort of. You'll also need to become familiar with iproute2 if you need Policy-Based Routing (e.g., routing based on source instead of destination). And you will want to learn fwmark-based routing. If you want to throttle connections, you also have to familiarize yourself with tc. Or use tcng for a (much) friendlier way to configure tc. You will want to tune the box's networking parameters. In particular, various timeouts and buffer sizes. Oh, and use HTCP rather than CUBIC. Finally, when you've gone the highly-customized system route like I did, you can't rely on simple iptables management like iptables-persistent. Even Shorewall or Arno's can't fulfill my needs. I have to create my own 'harness' to run everything, e.g.: + Custom startup scripts to ensure ipset's sets get loaded before iptables' rules + Custom startup scripts to populate the routing table + Custom scripts to save the state of the firewall/gateway when a change has been made (so that the next startup will properly restore the state) I am currently in the progress of making Python-based scripts to help in my firewall/gateway maintenance. But it's still in 'Deep Alpha' state, so I can't share it with you yet. Feel free to contact me privately if you want to see how I set things up. I'll share my scripts and configs. Rgds, On 2011-04-04, Kaushal Shriyan kaushalshri...@gmail.com wrote: Hi, I have planned to use 10.04 LTS for setting up Internet Gateway in my office. What should be the hardware configuration and what all recommended applications are needed ? -- Pandu E Poluan ~ IT Optimizer ~ Visit my Blog: http://pepoluan.posterous.com -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Ubuntu Gateway
Hi On Monday 04 April 2011 07:46:12 Kaushal Shriyan wrote: Arno's ? what does it mean ? Try apt-cache show arno-iptables-firewall or (irony alarm ;)) http://lmgtfy.com/?q=arno%27s+firewall HTH Carsten -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
