Got it, looks good.
On Fri, Nov 20, 2009 at 5:18 PM, PatRiehecky jcp...@gmail.com wrote:
I believe I built the patch to update both rule sets I may have
botched it (and it wouldn't be the first time I've done that), but my
intent was for the first section to update IPv6 and the second to
These rules can be applied to ipv6 connections also (switch iptables
to ip6table).
On Fri, Nov 13, 2009 at 12:05 PM, PatRiehecky jcp...@gmail.com wrote:
I figured I would put forth a patch to implement the simplest starting
ground. Established connections aren't overly protected by this (there
They look very reasonable - great job!
On Fri, Nov 13, 2009 at 12:05 PM, PatRiehecky jcp...@gmail.com wrote:
I figured I would put forth a patch to implement the simplest starting
ground. Established connections aren't overly protected by this (there
are some easy things to do), but a basic
Speaking from an enterprise network perspective, I very much do *not*
want to see privacy addresses enabled by default, as they can make
complying with our network security policies much more difficult.
In terms of demographics, Ubuntu doesn't have nearly the market share in the
enterprise as
This issue appears to be fixed in dhclient 3.1.1 (Ubuntu 9.04)
--
prepend domain-name-servers does not allow other addresses
https://bugs.launchpad.net/bugs/285897
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing
Public bug reported:
Binary package hint: wireshark
From an Ubuntu Jaunty system that has been updated:
Package: wireshark
Priority: optional
Section: universe/net
Installed-Size: 1616
Maintainer: Ubuntu MOTU Developers ubuntu-m...@lists.ubuntu.com
Original-Maintainer: Frederic Peters
Public bug reported:
Binary package hint: python-scapy
~$ python
Python 2.6.2 (release26-maint, Apr 19 2009, 01:58:18)
[GCC 4.3.3] on linux2
Type help, copyright, credits or license for more information.
from scapy import all
a = IP()
Traceback (most recent call last):
File stdin, line 1,
Amos - the Squid packages in your PPA work as expected.
The Squid packages in Jaunty still appear to have broken IPv6
connectivity.
--
IPv6 does not work or not enabled
https://bugs.launchpad.net/bugs/236772
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Public bug reported:
Binary package hint: tspc
tspc appears to run correctly:
/etc/init.d/tspc start
* Restarting IPv6 tunnel tspc
[ OK ]
but the interface isn't brought
Public bug reported:
Binary package hint: oinkmaster
In a new installation, oinkmaster can't run since it expects
/var/run/oinkmaster/ to exist. After creating that directory, oinkmaster
works fine.
** Affects: oinkmaster (Ubuntu)
Importance: Undecided
Status: New
--
oinkmaster
Public bug reported:
Binary package hint: squid3
On 8.10, the squid3 package has not been compiled with IPv6 support.
** Affects: squid3 (Ubuntu)
Importance: Undecided
Status: New
--
squid3 ipv6 support
https://bugs.launchpad.net/bugs/320015
You received this bug notification
Same problem here. I removed pulseaudio and everything seems to work ok.
--
Tuxpaint 0.9.20 crashes with pulse audio error when run in VirtualBox
https://bugs.launchpad.net/bugs/289687
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
Thanks for the update, a typo in my original report:
-m hl --hl-eq 255 should be -m hl --hl-eq 64
An ip6tables guide that might be useful is here:
http://tools.ietf.org/html/rfc4890#appendix-B
--
UFW default ICMPv6 before6.rules modification
https://bugs.launchpad.net/bugs/299268
You received
Public bug reported:
Binary package hint: ufw
In before6.rules:
-A ufw6-before-input -s ff00::/8 -j ACCEPT
-A ufw6-before-input -d ff00::/8 -j ACCEPT
Most systems would only need
(http://www.iana.org/assignments/ipv6-multicast-addresses):
-A ufw6-before-input -p icmpv6 -s ff00::1/8 -j ACCEPT
Public bug reported:
Binary package hint: ufw
In ufw 0.23.2, a minor feature request:
in the before6.rules, restrict NDP messages to hop limit to 255:
-A ufw6-before-input -p icmpv6 --icmpv6-type neighbor-solicitation -m hl
--hl-eq 255 -j ACCEPT
-A ufw6-before-input -p icmpv6 --icmpv6-type
RFC 4861 specifies that NDP messages shouldn't be passed through
routers.
Also, host (non-router) systems shouldn't need the
-A ufw6-before-input -p icmpv6 --icmpv6-type router-solicitation -j ACCEPT
rule as they send router solicitations, they don't need to receive them.
--
UFW default
Yes, I was. I have since reinstalled but I can test again in a virtual
machine - please let me know if you'd like me to.
On Sun, Nov 9, 2008 at 4:56 AM, Dustin Kirkland
[EMAIL PROTECTED] wrote:
Thanks for the report, Ryan.
I tried to reproduce this, and I can't. I have a Private directory
Public bug reported:
The option
prepend domain-name-servers ;
in /etc/dhcp3/dhclient.conf
does not allow secondary and other servers to be added via DHCP.
For example,
prepend domain-name-servers 127.0.0.1;
puts 127.0.0.1 in /etc/resolv.conf but doesn't add the DNS servers offered by
DHCP.
**
It looks similar to an issue reported earlier today at bug#284150 (i
hope that links to it).
This is bug#284150.
--
Ubuntu Intrepid updates cause ipw3495 wireless cards to fail
https://bugs.launchpad.net/bugs/284150
You received this bug notification because you are a member of Ubuntu
Bugs,
Public bug reported:
My Intel 3495 wireless works fine after an 8.10 install. After updating,
nm-tool shows:
- Device: wlan0
Type: 802.11 WiFi
Driver:iwl3945
State: unavailable
Default:
Public bug reported:
The new private encrypted feature picked at install does not appear
under Kubuntu 8.10.
Description:Ubuntu intrepid (development branch)
Release:8.10
** Affects: ubuntu
Importance: Undecided
Status: New
--
encrypted folder does not appear in
Can the privacy extension be listed in /etc/sysctl.conf but commented
out by default?
putting sysctl -w net.ipv6.conf.all.use_tempaddr=2 in /etc/rc.local
seemed to get it working on 8.04.1 for me.
--
Ubuntu should activate the IPv6 privacy extension by default (echo 2
Public bug reported:
Binary package hint: dante-server
Using the dante-server username authentication method, I get these errors on an
Ubuntu 8.04.1 system:
danted[7847]: run_request(): sending ack to mother failed: Broken pipe (errno =
32)
The server runs successfully, but does not process
In my case, adding in the boot option all_generic_ide fixed the problem.
--
Hardy does not boot with newest generic kernel
https://bugs.launchpad.net/bugs/207019
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing
On Fri, Mar 14, 2008 at 4:27 AM, Matthew East [EMAIL PROTECTED] wrote:
I tend to agree with Phil that in general we shouldn't encourage
replacing default programs in Ubuntu unless absolutely necessary... but
we really need someone with a hardy system and a dvd player who can do a
bit of
25 matches
Mail list logo