--nodeps
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
as usual ... cooker moves all the time. The setup packages must have been
rebuilt when you tried to install. You can try after some time, when the
new setup package is uploaded.
cheers,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
shorewall clear (it's not
configured so it blocks everything).
cheers,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
Gael Martin [EMAIL PROTECTED] writes:
Anyone tried to connect a MNF box to an Astaro Box using IPSec VPN?
How's VPN in MNF?
Is it working using freeswan?
Gael
I'll try that this weekend and tell you about it. And yes, it uses
freeswan, with x509 certificates.
--
Florin
), misc.rules and shellcode.rules).
Re. package : snort-1.8.7-1mdk
ok, I have updated this on the CVS.
cheers,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
I have tried to hack the code a bit to fix things, if someone is interested
I can
post the diffs here for review.
I'm interrested :o)
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
of clients.
http://openresources.info.ucl.ac.be/rsip/
but, of course if you're willing to package and test it ... we'll be
interested to hear your comments about it. I'll do myself too next week.
have a nice day,
--
Florin http://www.mandrakesoft.com
http
. Speaking of which do you know of
where I can find example of the latter?
what do mean by limited outgoing connections ?
Gabriel
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
can't fix it.
florin?
you mean with the 1.3.7a ?
I have no such problems here :)
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
the result of the
command:
grep -v ^# /etc/shorewall/{zones,interfaces,policy,rules}|grep -v ^$
have a nice day,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
allow for servers
connection. What about client connections?
I selected it and the same classic DNS error of cannot find such and
such url.
I clear Shorewall and everything works so it's related to Shorewall's
configuration.
gabriel
same thing for /etc/shorewall/masq
--
Florin
configurations, we have
adpated tinyfirewall and drakgw to Shorewall. This is only the begining
... A more complex tool will be added in the future.
cheers,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
very quickly.
it doesn't have all the Shorewall features ...
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
these packages then ?
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
for those of us who want a safe
machine, but who are not TCP/IP ninjas, as seems to be required to
configure shorewall.
With best regards,
Chuck Shirley
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
[EMAIL PROTECTED] (Chuck Shirley) writes:
On Monday 26 August 2002 05:21, Florin wrote:
I'm surprised to notice that you didn't succeed in configuring Shorewall.
It's really a piece of cake. Maybe the problem is that the firewall
approach is a bit different and has several (more logical
+. By
experience, I've started by using eth1 (where is connected by ADSL modem) and spent
some time to find why my connection was not working.
it's in the online docs though ... but this could be also feasable.
thx for your thoughts,
have a nice day,
--
Florin http
be done directly with iptables now and, therefore,
shorewall does it too. We have left the ipvsadm and iptoip packages ...
but we could remove that, you're right.
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
will be soon available, hopefuly in
september.
In the meanwhile, enjoy our wonderful packages from cooker =8o)
cheers,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
), misc.rules and shellcode.rules).
Re. package : snort-1.8.7-1mdk
Regards
Marc Bethenod
what version of the firewall are we talking about ?
cheers,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
for
effective user 'squid'
Aug 8 16:28:30 ftgme squid: ^[[65G[^[[1;31m
Aug 8 16:28:30 ftgme squid: /etc/rc6.d/K25squid: line -18: 22693
Aborted $SQUID -k check /dev/null 21
Aug 8 16:28:30 ftgme squid:
Aug 8 16:28:30 ftgme rc: Stopping squid: failed
--
Florin
]
mailing list archive. Feel free to ask any questions on the topic there.
cheers,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
[EMAIL PROTECTED] (Oden Eriksson) writes:
Hi.
I just found this project at freshmeat, would that be interesting for
Mandrake?
http://www.pcxperience.org/dgvirus/
thanks alot ... I'll have a look and eventually add it to our firewall ...
cheers,
--
Florin http
on they show up there
again. Permissions on their scripts in
/etc/rc.d/init.d don't seem to have been changed, so I
don't know what's going on.
isn't that the behaviour of the latest chkconfig that ntsysv uses anyway ?
If I remeber correctly the off-services are not displayed at all ...
--
Florin
[EMAIL PROTECTED] (Oden Eriksson) writes:
On Thursdayen den 1 August 2002 12.04, Florin wrote:
[EMAIL PROTECTED] (Oden Eriksson) writes:
Hi.
I just found this project at freshmeat, would that be interesting for
Mandrake?
http://www.pcxperience.org/dgvirus/
thanks alot
Borsenkow Andrej [EMAIL PROTECTED] writes:
В Пнд, 08.07.2002, в 17:36, Florin написал:
did you install the mod_ssl package ?
I guess yes. Build date of mod_ssl is July, the 3rd and I updated on
July, the 4th which means I updated mod_ssl as well.
Hmm ... mod_ssl includes /etc/ssl
6988 Jun 24 16:57
ssl.httpd-naat-vhost.conf
{pts/2}% rpm -q httpd-naat
httpd-naat-0.8-7mdk
Looks like certificate has been moved away at update but not restored or
generated.
-andrej
--
Florin http://www.mandrakesoft.com
http
[EMAIL PROTECTED] (Ralph Crongeyer) writes:
What is the planed release date of SNF 8.2??
next week
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
Oden Eriksson [EMAIL PROTECTED] writes:
On Monday 01 July 2002 13.14, Florin wrote:
[EMAIL PROTECTED] (Ralph Crongeyer) writes:
What is the planed release date of SNF 8.2??
next week
Very nice!
Will it be possible to buy it via OEM contacts?
I guess so,
Fred, could you confirm
have to patch this program too for the gcc-3.1
I'll do it today ...
cheers,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
in SNF, unforunately Konqueror as HTML
browser is still far from being suitable for everyday use).
-andrej
Hi there,
the only supported browsers are Mozilla/Galeon and Ie for the moment as
the other are not standard compliant (konqueror is one of them).
cheers,
--
Florin http
...
Could anybody test if it works using Windows browser with MS Java?
-andrej
Hello again,
it doesn't work with windows either ... I'll have a look at it as this was
a know mindterm prb.
cheers,
--
Florin http://www.mandrakesoft.com
)?
-andrej
we should add this in near future ... for the moment you cannot customize
the log views.
cheers,
--
Florin http://www.mandrakesoft.com
(inter-)connects several networks there is no Internet at all.
While it is possible to define one of zones as Internet it is very
misleading, because it has some implied semantics w.r.t. default access
policy and in such configurations it is usually wrong.
-andrej
--
Florin
the firewall now?.
Hello,
indeed, the shorewall service should be disabled at the beggining ...
then, the first you should do is to configure your firewall ... the
iptables Rules, that is.
cheers,
--
Florin http://www.mandrakesoft.com
? :-)
what script are we talking about ?
--
Florin http://www.mandrakesoft.com
[EMAIL PROTECTED] (Cosmic Flo) writes:
I just done a cooker install (it's not easy at this date) with just icewm as
wm.
Label in menus of icewm are broken (font problem).
Are the font missing in dependencies of icewm package ?
Thanks
I'll have a look at it ...
--
Florin
Borsenkow Andrej [EMAIL PROTECTED] writes:
snf-en requires pptp-adsl and pptp-client but pptp-client conflicts with
pptp-adsl.
-andrej
I know, this was an error appeared at the very last moment in the 8.2
distro ... simply use --nodeps
cheers,
--
Florin http
and hopefully soon with a first VPN configuration version/support.
simply use the latest kernels as they have been recompiled with i586 support.
cheers,
--
Florin http://www.mandrakesoft.com
[EMAIL PROTECTED] (Borsenkow Andrej) writes:
Is there any specific release schedule for new version of SNF?
-andrej
the client/server features have to be added by the end of the month ... so
a new version will come out.
cheers,
--
Florin http://www.mandrakesoft.com
use a cooker iso and install the
snf-* packages on the top of it ...
VPN si not reallly ready yet but several DMZ are supported and several
VPNs are also going to be supported ...
cheers,
--
Florin http://www.mandrakesoft.com
configuration.
cheers
--
Florin http://www.mandrakesoft.com
installing /home/Mandrake/contrib/i586/bind-chroot-8.3.1-3mdk.i586.rpm
Preparing...##
file /etc/named.conf from install of bind-chroot-8.3.1-3mdk
that
has zillions of hosts. So..., you could say it's pretty mature compared to
the bind 9.x series.
I do not agree but I won't argue on that anyway ...
cheers,
--
Florin http://www.mandrakesoft.com
[EMAIL PROTECTED] (Oden Eriksson) writes:
On Mondayen den 29 April 2002 14.07, Florin wrote:
[EMAIL PROTECTED] (Oden Eriksson) writes:
there is already a script I have written, included in the bind package,
which does the same thing.
First, you set up a working bind
, I wonder ?
cheers,
--
Florin http://www.mandrakesoft.com
versions compiled
for kerberos ...)
cheers,
--
Florin http://www.mandrakesoft.com
packages for an 8.2
distro. I think somebody has already done that but I don't know if they
are updated on a regular basis ...
I haven't tested the cooker packages on an 8.2 but it might work ...
cheers,
--
Florin http://www.mandrakesoft.com
for these packages?
(florin@bi)[~]-% rpmmon -p openh323_1
florin
SO YOU HAVE UPLOADED ALL THESE PACKAGES AND SIMPLY LEAVE GNOMEMEETING
BROKEN, IS THAT IT ?
NO I DIDN'T. As I said in my e-mail I didn't upload because gnomemeeting
is broken.
I have explained
DID YOU READ MY PREVIOUS MAIL ABOUT THAT ?
MAYBE I SHOULD PUT SOME KEYWORD TO FILTER THE UPLOAD FOR THE PACKAGES I'M
MAINTAING ?
SO YOU HAVE UPLOADED ALL THESE PACKAGES AND SIMPLY LEAVE GNOMEMEETING
BROKEN, IS THAT IT ?
MAYBE YOU DON'T HAVE ANYTHING ELSE TO DO ...
--
Florin http
on the help pages and everything should
be finished by the end of the month. The fonctional part is practically ready.
cheers,
--
Florin http://www.mandrakesoft.com
,
--
Florin http://www.mandrakesoft.com
.
If you have any further questions, don't hesitate.
cheers,
--
Florin http://www.mandrakesoft.com
try with another filesystem then if you want ... but are you sure your
configuration files are correct ?
cheers,
--
Florin http://www.mandrakesoft.com
http://127.0.0.1/cgi-bin/squidGuard.cgi?clientaddr=%asrcclass=targetclass=%turl=0
}
default {
pass none
redirect
http://127.0.0.1/cgi-bin/squidGuard.cgi?clientaddr=%asrcclass=targetclass=%turl=0
}
}
cheers,
--
Florin
strange, i cannot reproduce it despite net-tools hasn't be rebuilded
since january.
florin, could you test on a mdk8.2 ?
it works for me with the latest cooker
--
Florin http://www.mandrakesoft.com
Thierry Vignaud [EMAIL PROTECTED] writes:
Florin [EMAIL PROTECTED] writes:
[laurent@linux laurent]$ netstat -c -ip
Table d'interfaces noyau
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 542 0 0 0 674 0
[EMAIL PROTECTED] (David Relson) writes:
sarg expects file /etc/cron.daily/sarg to have -rw-rw, i.e. installs it
without execute permission. Surely, this is wrong...
Hello,
I was in vacation but now that I'm back in business, you'll see it fixed
in no time ...
cheers,
--
Florin
,
--
Florin http://www.mandrakesoft.com
. Remove the previous one and
reinstall it ...
--
Florin http://www.mandrakesoft.com
-0.8-11mdk
symlink for /usr/sbin/httpd-naat is broken.
-randy
I'll check for that one ...
--
Florin http://www.mandrakesoft.com
[EMAIL PROTECTED] (Randy Welch) writes:
Looks like keyword filtering in squid didn't get fixed?
-randy
what do you mean ?
it works pretty well here ...
cheers,
--
Florin http://www.mandrakesoft.com
Would it be possible to use the NNTP list from the drakx installer for
setting the NNTP server in the naat frontend?
maybe in the future ... not for the moment (this is was really not a
priority :o)
cheers,
--
Florin http://www.mandrakesoft.com
files or run squidGuard with
a -C command to recreate the db files ... or
wait for the latest squidGuard package (I won't create the db files in
post for the SNF sections). I will upload it ASAP.
cheers,
--
Florin http://www.mandrakesoft.com
- kernel 2.2
8.2 - kernel 2.4
cheers,
--
Florin http://www.mandrakesoft.com
For the dhcp-dns configuration you could check the examples i've put in
docs (both for the bind and dhcp packages), the dhcp-dynamic-dns-examples/
directory.
You could also check some samples configs I've put on the web at
people.mandrakesoft.com/~florin
cheers,
--
Florin
client has a hostname such as my laptop is
sidell.home.network.
Hi there,
you're saying that this used tp work with rc7 ?
what is your dhcpd.conf file ? Have you configured bind to work with dhcp
?
cheers,
--
Florin http://www.mandrakesoft.com
anyting on either keyword or url.
yes, you should remove the .db files in
/usr/share/squidGuard-1.2.0/db/banneddestination/ and restart squid and
try if this works for you ...
--
Florin http://www.mandrakesoft.com
[EMAIL PROTECTED] (Marc Lijour) writes:
Hi,
do you plan to include IPSec and VPN capabilities in the future?
yes, by the end of the week ...
You may know what's happening there :
www.coyotelinux.org
it's www.coyotelinux.com I presume ...
have a nice day,
--
Florin
Hi again,
I have nothing to say about your dhcpd.conf file ... but can you type on a
Linux client the following command :
ps auwx |grep dhcpcd and make sure you're using the -h argument ?
cheers,
--
Florin http://www.mandrakesoft.com
[EMAIL PROTECTED] (SI Reasoning) writes:
--- Florin [EMAIL PROTECTED] wrote:
Hi again,
I have nothing to say about your dhcpd.conf file ...
but can you type on a
Linux client the following command :
ps auwx |grep dhcpcd and make sure you're using
the -h argument ?
[sczjd
/ifcfg-eth0.
So, add a line like this in your /etc/sysconfig/network-scripts/ifcfg-eth0
file:
NEEDHOSTNAME=whatever
ifdown eth0 and ifup eth0.
This should use the -H option for your dhcpcd.
Other ideas... you coulod use other dhcp client (dhcp-client, pump, dhcpxd)
cheers,
--
Florin
that has a special
configuration within a lan with a dhcp server ?
cheers,
--
Florin http://www.mandrakesoft.com
if this works for you ...
Nope...
any error messages ?
tail -f /var/log/squidGuard/squidGuard.log
tail -f /var/log/messages
tail -f /var/log/squid/store.log
--
Florin http://www.mandrakesoft.com
192.168.200.1 to 192.168.200.255
hope this helps,
--
Florin http://www.mandrakesoft.com
11:33:58 2002
* Thu Mar 07 2002 Philippe Libat [EMAIL PROTECTED] 0.8-6mdk
- new features, new style (first step), beta version
Cool!
Anyone having success with this naat stuff yet?
yup, me :o)
--
Florin http://www.mandrakesoft.com
yup,
--
Florin http://www.mandrakesoft.com
[EMAIL PROTECTED] (Claudio) writes:
Il 18:16, venerdì 8 marzo 2002, Florin ha scritto:
--=-=-=
Name: bind Relocations: (not relocateable)
Version : 9.2.0 Vendor: MandrakeSoft
[...]
--=-=-=
* Fri Mar 08 2002 Florin
... I'll have a look at it ...
--
Florin http://www.mandrakesoft.com
[EMAIL PROTECTED] (Claudio) writes:
Il 18:16, venerdì 8 marzo 2002, Florin ha scritto:
--=-=-=
Name: bind Relocations: (not relocateable)
Version : 9.2.0 Vendor: MandrakeSoft
[...]
--=-=-=
* Fri Mar 08 2002 Florin
... You can use one of
the sample configuration files I've added in the docs.
Are you behind a firewall or something ?
what is your configuration file ?
cheers,
--
Florin http://www.mandrakesoft.com
should do the thing :o)
thank you for your message,
--
Florin http://www.mandrakesoft.com
yet?
One other item. For some reason the restricted site
functionality in squid ( ~8.2 beta2, prior to the shorewall
change ) doesn't seem to be working
-randy
as I said in my previous mails use the cvs or the latest packages at
http://people.mandrakesoft.com/~florin/www/rpms
cheers
selected how do you configure
it).
right enough ... you could check the latest packages at
people.mandrakesoft.com/~florin/www/rpms but indeed, I have some problems
with the dansguardian restart service. It simply doesn't want to restart
using a script and it does restart by hand ... I'll have
a system shutdown or reboot.
Hi there,
what version of squid are we talking about ?
--
Florin http://www.mandrakesoft.com
of some specific urls ? weird ?
What are these urls ?
cheers,
--
Florin http://www.mandrakesoft.com
with tail -f /var/log/httpd-naat/httpd-naat.error_log
cheers,
--
Florin http://www.mandrakesoft.com
.
Please, fix it.
-andrej
ok, thank you for your message. We will fix it ASAP.
have a nice day,
--
Florin http://www.mandrakesoft.com
David Relson [EMAIL PROTECTED] writes:
At 04:01 PM 2/25/02, you wrote:
perhaps Desactivate should be Deactivate ...
-Z
That'd be even better!
David
you're right, I'll fix that ASAP ...
--
Florin http://www.mandrakesoft.com
-3mdk.noarch.rpm
Florin,
I've just installed snf-en-8.2-3mdk.noarch.rpm,
shorewall-1.2.6-2mdk.noarch.rpm, and fwlogwatch-0.5.2-1mdk.i586.rpm from
rpmfind.net. The Official Mirror List is still empty.
well, it worked here two days ago ... I'll check again :)
--
Florin http
Florin [EMAIL PROTECTED] writes:
Z. [EMAIL PROTECTED] writes:
i just did a new install today of snf-en-8.2-3mdk.noarch.rpm and the
official mirror list is populated. it doesn't appear to be broken.
-Z
same thing here ...
but if you want to dig and see how it's done
are we talking about ?
cheers,
--
Florin http://www.mandrakesoft.com
that will come out at the end of the week.
--
Florin http://www.mandrakesoft.com
-qa | grep naat
naat-backend-0.8-5mdk
naat-frontend-www-en-0.8-3mdk
httpd-naat-0.8-3mdk
{pts/2}% rpm -qa | grep apache
apache-mod_perl-1.3.23_1.26-4mdk
apache-conf-1.3.23-1mdk
apache-modules-1.3.23-1mdk
apache-common-1.3.23-1mdk
--
Florin http://www.mandrakesoft.com
/lib/perl5/5.6.1/i386-linux/perllocal.pod from install of
perl-Text-Template-1.31-2mdk conflicts with file from package
irssi-0.8.1-1mdk
Installation failed
--
Florin http://www.mandrakesoft.com
.
I guess if we rely on shorewall we should Require shorewall?
(florin@penguin)[~]-% rpm -qpR snf-en-8.2-3mdk.noarch.rpm|grep shorewall
shorewall
--
Florin http://www.mandrakesoft.com
httpd-naat-perl: could not open document config file
/etc/httpd/conf/httpd-naat-perl.conf
as root, create the following link:
ln -sf /usr/sbin/httpd-perl /usr/sbin/httpd-naat
--
Florin http://www.mandrakesoft.com
Phil Connor [EMAIL PROTECTED] writes:
Thanks Florin,
I'm not able to bring up the login page at all, Not sure naat is working
at this point, doing
A status on httpd-naat says it not running although extendedstatus says
it's waiting?
Did I miss something else to be done after fixing
does not work. Can anybody point me in a semi
right direction PLEASE!
Hi there,
what is your problem actually ?
I'll need some details on your prb in order to be able to eventually help
you :)
cheers,
--
Florin http://www.mandrakesoft.com
that using
Mandatory Access Control (MAC) in a firewall would improve/enhance
security.
we're using some security kernel patchesthat you can find on
http://www.grsecurity.net/features.htm
--
Florin http://www.mandrakesoft.com
:)
sincerely,
--
Florin http://www.mandrakesoft.com
201 - 300 of 445 matches
Mail list logo