[CentOS-docs] wiki access
Hi, since I, just hours ago, followed http://wiki.centos.org/HowTos/JavaOnCentOS (Sun's JDK) I thought I'd confirm and update the A less simple approach with information that's a bit newer than jdk 1.4. Registered WIKI account: MikaelFridh Furthermore, I'd like to ask you if anyone know what was meant by the comment on the wiki: *This HowTo is not complete yet. There is a report that the following part of this writeup is outdated in the IRC channel on 27 July 2007 outdated as in what? referencing 1.4? Because the procedure itself seems to work fine! Regards, -- Fridh ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] wiki access
Mikael Fridh wrote: Hi, since I, just hours ago, followed http://wiki.centos.org/HowTos/JavaOnCentOS (Sun's JDK) I thought I'd confirm and update the A less simple approach with information that's a bit newer than jdk 1.4. Go ahead. Furthermore, I'd like to ask you if anyone know what was meant by the comment on the wiki: *This HowTo is not complete yet. There is a report that the following part of this writeup is outdated in the IRC channel on 27 July 2007 outdated as in what? referencing 1.4? Because the procedure itself seems to work fine! No idea, really :) Cheers, Ralph pgpptsH3faXlN.pgp Description: PGP signature ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Create page about rebuilding SRPMS and preparing RPM environment
On 11/07/2008, Filipe Brandenburger [EMAIL PROTECTED] wrote: This content today exists here: http://wiki.centos.org/HowTos/I_need_the_Kernel_Source#head-a8dae925eec15786df9f6f8c918eff16bf67be0d By all means refer to it but please do not modify it. I would suggest creating these two: 1) http://wiki.centos.org/HowTos/RebuildSRPM - what SRPMs are, how to download them, how to install them, how to rebuild them - link to the other page on how to set up your rpm-build environment What other page? 2) http://wiki.centos.org/HowTos/SetupRpmBuildEnvironment - install rpm-build package with yum - set up ~/.rpmmacros - tips on packages that are usually needed when building rpms (*-devel, gcc, make, etc.) Yes. Once those pages are done, the page on building the kernel may refer to that one for the generic instructions on how to set up rpm building environment. No. Alan. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
[CentOS-docs] Create page about rebuilding SRPMS and preparing RPM environment
On Fri, 11 Jul 2008, Filipe Brandenburger wrote: As discussed on the centos-users list, I would like to create some pages on the CentOS Wiki with instructions on how to set up your environment to build RPMs and how to rebuild RPMs. ummm ... it exists several places .. also, out pointers at: http://wiki.centos.org/PackageManagement/Rpm I would suggest creating these two: 1) http://wiki.centos.org/HowTos/RebuildSRPM 2) http://wiki.centos.org/HowTos/SetupRpmBuildEnvironment I guess the question in my mind becomes multiplication and maintenance. How is it a win to add yet more pages, rather than extend the existing one; the whole topic of packag building -- as root, as an end user, in a chroot, in a chroot with defined base packages, using one of the several tools from mach, on ... ? -- Russ herrold ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Create page about rebuilding SRPMS and preparing RPM environment
Alan Bartlett wrote: By all means refer to it but please do not modify it. Why? Once those pages are done, the page on building the kernel may refer to that one for the generic instructions on how to set up rpm building environment. No. Again: Why? Ralph pgpSE0XeEcV3C.pgp Description: PGP signature ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Create page about rebuilding SRPMS and preparing RPM environment
R P Herrold wrote: I guess the question in my mind becomes multiplication and maintenance. Well, the existing pages have rather short snippets on that issue. If there were to be pages which explain the issues at hand in a more verbose way, then one can edit out the snippets and link to the more verbose pages. I think that this is a good idea to avoid multiplication. How is it a win to add yet more pages, rather than extend the existing one; the whole topic of packag building -- as root, as an end user, in a chroot, in a chroot with defined base packages, using one of the several tools from mach, on ... ? I think that extending stuff into own articles is a great way to reach the goal you showed in your last sentence ... IMHO at least. Cheers, Ralph pgpuUmsEkE4Zp.pgp Description: PGP signature ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Create page about rebuilding SRPMS and preparing RPM environment
On 11/07/2008, Ralph Angenendt [EMAIL PROTECTED][EMAIL PROTECTED] wrote: Alan Bartlett wrote: By all means refer to it but please do not modify it. Why? Because a considerable amount of work has been put into maintaining the three inter-related pages (of which that is one) and they are currently maintained. Once those pages are done, the page on building the kernel may refer to that one for the generic instructions on how to set up rpm building environment. No. Again: Why? Think about it, Ralph. Alan. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Create page about rebuilding SRPMS and preparing RPM environment
On Fri, Jul 11, 2008 at 8:18 AM, Ralph Angenendt [EMAIL PROTECTED] wrote: R P Herrold wrote: I guess the question in my mind becomes multiplication and maintenance. Well, the existing pages have rather short snippets on that issue. If there were to be pages which explain the issues at hand in a more verbose way, then one can edit out the snippets and link to the more verbose pages. I think that this is a good idea to avoid multiplication. How is it a win to add yet more pages, rather than extend the existing one; the whole topic of packag building -- as root, as an end user, in a chroot, in a chroot with defined base packages, using one of the several tools from mach, on ... ? I think that extending stuff into own articles is a great way to reach the goal you showed in your last sentence ... When helping in the forums, there often is a need to explain how to build from srpm. Currently, there is no *single* point of reference that I can use. So, yes, I think it is a good idea to have a page which can cover the entire topic. Akemi ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Create page about rebuilding SRPMS and preparing RPM environment
R P Herrold wrote: On Fri, 11 Jul 2008, Filipe Brandenburger wrote: As discussed on the centos-users list, I would like to create some pages on the CentOS Wiki with instructions on how to set up your environment to build RPMs and how to rebuild RPMs. ummm ... it exists several places .. also, out pointers at: http://wiki.centos.org/PackageManagement/Rpm I think this is best place to start refactoring from. My views on this : 1) drop all external links to other websites that dont have comprehensive and centos specific content. Contact the people on those websites to see if they will bring in updated content, if not, - move that content into wiki.centos.org ( if licensing permits it ) 2) Have a section on building rpms, whats involved and why its a good idea. 3) use the /PackageManagement/ trunk to farm out pages that address parallel setups that people must live with, and notes on how best to integrate that into an rpm environment ( think... gems, pear, cpan, easy_setup. egg etc ) I guess the question in my mind becomes multiplication and maintenance. I agree. for this issue, perhaps there already is a fair bit of multiple sources of info and could do with a bit of refactoring down into a structure. How is it a win to add yet more pages, rather than extend the existing one; the whole topic of packag building -- as root, as an end user, in a chroot, in a chroot with defined base packages, using one of the several tools from mach, on ... ? on a related note, I wonder if some of these bits might be script'able and we might be able to provide some of these scripts. - KB ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Create page about rebuilding SRPMS and preparing RPM environment
Alan Bartlett wrote: On 11/07/2008, Ralph Angenendt [EMAIL PROTECTED][EMAIL PROTECTED] wrote: Alan Bartlett wrote: By all means refer to it but please do not modify it. Why? Because a considerable amount of work has been put into maintaining the three inter-related pages (of which that is one) and they are currently maintained. So? That shoudln't/doesn't keep others from improving those pages and the wiki. Once those pages are done, the page on building the kernel may refer to that one for the generic instructions on how to set up rpm building environment. No. Again: Why? Think about it, Ralph. I did. It's a wiki. So anyone who wants to improve on a page is invited to do so. Sure, if someone is maintaining that page those people should work together. But I really did not expect a No. without any explanation here. Ralph pgpOgcYpgwWP2.pgp Description: PGP signature ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
[CentOS-virt] Re: [CentOS-devel] Any news about next kvm release for centos 5.2?
carlopmart wrote: Hi all, Which will be next stable release for CentOS 5.2?? Can i use on a production enviromment?? KVM is not part of the main CentOS distro, it is in CentOS extras for CentOS-5. The stable version is quite old (kvm-36-1). Newer versions than that are in our testing repository: http://dev.centos.org/centos/5/ Whether or not they can be used in production is totally dependent on your unique situation, your specific hardware and what you plan to install on the VMs. At some point in the future, Red Hat is going to release KVM technology in RHEL ... when that happens, then I would call it good enough to use in the enterprise without reservation. It certainly may already be good enough for your needs as released in our extras repo ... the only real way to tell is try it in your situation is to try it and see if it meets your needs. Thanks, Johnny Hughes signature.asc Description: OpenPGP digital signature ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Re: [CentOS-devel] Any news about next kvm release for centos 5.2?
On Fri, Jul 11, 2008 at 2:29 AM, Johnny Hughes [EMAIL PROTECTED] wrote: carlopmart wrote: Which will be next stable release for CentOS 5.2?? Can i use on a production enviromment?? KVM is not part of the main CentOS distro, it is in CentOS extras for CentOS-5. The stable version is quite old (kvm-36-1). Newer versions than that are in our testing repository: http://dev.centos.org/centos/5/ Whether or not they can be used in production is totally dependent on your unique situation, your specific hardware and what you plan to install on the VMs. At some point in the future, Red Hat is going to release KVM technology in RHEL ... when that happens, then I would call it good enough to use in the enterprise without reservation. It certainly may already be good enough for your needs as released in our extras repo ... the only real way to tell is try it in your situation is to try it and see if it meets your needs. Thanks, Johnny Hughes Just wanted to add a note to say we have a nice Wiki article on how to install kvm: http://wiki.centos.org/HowTos/KVM Akemi ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
[CentOS] XEN virtualization Problem
Hi, I am trying to install windows XP on XEN. The Base operating system is Centos 5.1 I used GUI tool Virtual Manager. Once this Virtual manager is started is connected the XEN and QEMU. i used new tab placed below to install a virtual OS ( ex. Winxp.) after passing through the wizard. i wizard option for the partition a created a new 10 GB partition my case /dev/hda8 and then it asked the location where the os image was kept.i created a .iso image using dd command. then i specified the path where this iso image was kept in the wizard. then i told next and then finish button . it opened one more window and the installation of WinXP started. after some time it asked for reboot and it rebooted then it is asking for Winxp OS cd. i inserted into the DVD RW drive i mounted it but still its asking the same. please help me out what to do. is there any addition packages to be installed for recognizing the Cdrom or any other thing to be done. please guide me. Regards, Gopinath ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tape drive
yes, when the computer reboots, i saw the tape drive as device detected. but i can not use it when i log on --- En date de : Ven 11.7.08, nate [EMAIL PROTECTED] a écrit : De: nate [EMAIL PROTECTED] Objet: Re: [CentOS] tape drive À: centos@centos.org Date: Vendredi 11 Juillet 2008, 7h51 Pitshou Asingalembi wrote: cat /proc/scsi/scsi gave me only the HDD, the st module was loaded by typing modprobe st but i don't have the st file under /dev. Doesn't matter if the st module is loaded or not. If it's a SCSI tape drive, and if it's connected to your SCSI controller, and if the SCSI driver for your SCSI controller is loaded, the tape drive will show up as a SCSI device. Does your SCSI controller have a BIOS? Does the tape drive show up in the SCSI bios? nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos _ Envoyez avec Yahoo! Mail. Une boite mail plus intelligente http://mail.yahoo.fr___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tape drive
Pitshou Asingalembi wrote: yes, when the computer reboots, i saw the tape drive as device detected. but i can not use it when i log on What kind of scsi controller exactly? send the output of 'dmesg' as well. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] XEN virtualization Problem
Gopinath Achari a écrit : Hi, I am trying to install windows XP on XEN. The Base operating system is Centos 5.1 I used GUI tool Virtual Manager. Once this Virtual manager is started is connected the XEN and QEMU. i used new tab placed below to install a virtual OS ( ex. Winxp.) after passing through the wizard. i wizard option for the partition a created a new 10 GB partition my case /dev/hda8 and then it asked the location where the os image was kept.i created a .iso image using dd command. then i specified the path where this iso image was kept in the wizard. then i told next and then finish button . it opened one more window and the installation of WinXP started. after some time it asked for reboot and it rebooted then it is asking for Winxp OS cd. i inserted into the DVD RW drive i mounted it but still its asking the same. please help me out what to do. is there any addition packages to be installed for recognizing the Cdrom or any other thing to be done. please guide me. Regards, Gopinath Hello, See http://kbase.redhat.com/faq/FAQ_108_10987.shtm Regards js. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tape drive
the hp smart array 6400 controller. --- En date de : Ven 11.7.08, nate [EMAIL PROTECTED] a écrit : De: nate [EMAIL PROTECTED] Objet: Re: [CentOS] tape drive À: centos@centos.org Date: Vendredi 11 Juillet 2008, 8h17 Pitshou Asingalembi wrote: yes, when the computer reboots, i saw the tape drive as device detected. but i can not use it when i log on What kind of scsi controller exactly? send the output of 'dmesg' as well. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos _ Envoyez avec Yahoo! Mail. Une boite mail plus intelligente http://mail.yahoo.fr___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tape drive
Pitshou Asingalembi wrote: the hp smart array 6400 controller. It's usually not a good idea to connect a tape drive to a raid controller. The 6400 is made to be connected to something like a MSA20/MSA30 (JBOD SCSI shelf) Send the output of the command 'dmesg'. But I think you need to get another SCSI card to connect the tape drive to. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tape drive
Pitshou Asingalembi wrote: the hp smart array 6400 controller. Using the cciss driver? yum install kernel-doc Read /usr/share/doc/kernel-doc-2.6.18/Documentation/cciss.txt There's a section on how to enable the tape drive. Mogens -- Mogens Kjaer, Carlsberg A/S, Computer Department Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark Phone: +45 33 27 53 25, Fax: +45 33 27 47 08 Email: [EMAIL PROTECTED] Homepage: http://www.crc.dk ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tape drive
Pitshou Asingalembi wrote: the hp smart array 6400 controller. thats a raid controller. are you sure it supports plain scsi devices like tape?many raid controllers are disk only, and for things like tape drives, you need a seperate plain scsi port. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tape drive
nate schrieb: Pitshou Asingalembi wrote: the hp smart array 6400 controller. It's usually not a good idea to connect a tape drive to a raid controller. Exactly. Buy a dedicated SCSI-card for that. Tapes sometimes produce interesting events on the SCSI-bus (you might have got to switch it on/off while the server is online). You don't want to have your disk-drives hanging on the same SCSI-bus at that point. Rainer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] redirecting when behind a firewall
On Thu, Jul 10, 2008 at 12:29:18PM -0700, bruce wrote: So i don't have the ability to do something like forward foo.gotdns.com to machine1, and forward foo2.gotdns.com to machine2 which is exactly what i'm trying to accomplish!! You wrote a really long mail so sorry if I missed some of your intentions but here's some pseudo-code showing an example ... DNS === foo.example.com. IN A 123.123.123.123 foo1.example.com. IN CNAME foo.gotdns.com foo2.example.com. IN CNAME foo.gotdns.com ROUTER == redirects all WAN traffic to internal LAN server: WAN: 123.123.123.123 = LAN: 192.168.0.10 FRONT-END APACHE (192.168.0.10) NameVirtualHost *:80 VirtualHost *:80 ServerName foo1.example.com ProxyRequests Off Proxy * Order deny,allow Allow from all /Proxy ProxyPass / http://internal1.foo.example.com/ ProxyPassReverse / http://internal1.foo.example.com/ /VirtualHost VirtualHost *:80 ServerName foo2.example.com ProxyRequests Off Proxy * Order deny,allow Allow from all /Proxy ProxyPass / http://internal2.foo.example.com/ ProxyPassReverse / http://internal2.foo.example.com/ /VirtualHost Now all you need is to set up internal[12].foo.example.com as either vhosts or on physical web servers. That's one possible solution. Others might be more complex load balancer setups. -- Fridh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
OT: [centos] open source inventory system with invoicing and serial no tracking
Dear All, Sorry, cause this is OT. I am asking this for my client, they hope to find a simple open source web base software with invoicing and serial no tracking, preferably if can generate continuous serial no by its own. Thanks in advance. David ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: OT: [centos] open source inventory system with invoicing and serial no tracking
david chong wrote: Dear All, Sorry, cause this is OT. I am asking this for my client, they hope to find a simple open source web base software with invoicing and serial no tracking, preferably if can generate continuous serial no by its own. Thanks in advance. Maybe GLPI can do what you expect: http://glpi-project.org/spip.php?lang=en It can easily be combined with OCS Inventory NG: OCSNG: http://www.ocsinventory-ng.org/ Regards, Peter ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: OT: [centos] open source inventory system with invoicing and serial no tracking
david chong wrote: Dear All, Sorry, cause this is OT. I am asking this for my client, they hope to find a simple open source web base software with invoicing and serial no tracking, preferably if can generate continuous serial no by its own. Thanks in advance. David ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos SugarCRM VTiger could do this, check it out -- Kind Regards Rudi Ahlers CEO, SoftDux Web: http://www.SoftDux.com Check out my technical blog, http://blog.softdux.com for Linux or other technical stuff, or visit http://www.WebHostingTalk.co.za for Web Hosting stuff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Multiple LVM snapshots
I have a Centos 5.2 fileserver running LVM2, ext3 and Samba. I want to periodically snapshot a filesystem and offer them as read only backups to my users. I'm looking for something similar to what's available on Netapp filers. I am successfully able to create snapshots using LVM. But are there any performance issues in having multiple snapshots of the same filesystem at the same time? Is there any other way i can offer filesystem snapshots to my users? Thanks for any guidance! - Raja ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: CentOS 5.2 VMI support
Hello, nate [EMAIL PROTECTED] schreef in bericht news:[EMAIL PROTECTED] Ruslan Sivak wrote: I'm using VMWare Server 2 RC1 to on top of CentOS 5.2 x86_64 running a CentOS 5.2 i386 guest. I have enabled VMI in VMware, so I guess it won't let me install if VMI wasn't available in the kernel? How do I know whether VMI is supported/enabled and what performance benefits can I expect from it? I'm still not getting full hard drive speeds (only getting about 1/3 when using hdparm -t ). I don't believe it is supported in CentOS 5.x. I am using Fedora Core 8 for VMI support. [EMAIL PROTECTED]:~]# dmesg | grep -i vmi VMI: Found VMware, Inc. Hypervisor OPROM, API version 3.0, ROM version 1.0 vmi: registering clock event vmi-timer. mult=7809995 shift=22 Booting paravirtualized kernel on vmi vmi: registering clock source khz=1862048 Time: vmi-timer clocksource has been installed. I suspect it will be in RHEL/CentOS 6.x nate Indeed, It's not in the EL5 kernel, but I hope that Redhat backport the VMI 3.0 patch for Update 3. It Can be done, SuSE did it with SLES10 SP2 and kernel 2.6.16. Maybe some one with enough kernel knowledge can try to integrate the Novell / SuSE patches in EL5 2.6.18 kernel. SLES 10 src.rpm kernels are available at ftp://ftp.suse.com/pub/projects/kernel/kotd/SLES10_SP2_BRANCH/ Eventually it maybe an addition for the plus repo. But, I'm afraid that I don't have the knowledge to pull this off :( The easiest way to get VMI support, is to rebuild the latest FC7 (2.6.23.xx) kernel, It compiles and installs correctly on CentOS5.2. It will complain about a to old mkinitrd, but with an forced install, it will create a correct initrd. The later FC8 needs also and updated / backported new mkinitrd, and updated Vmware-tools. The Vmware tools included with ESX3.5 update 1 won't compile on kernel 2.6.25. This is an known issue. Rumours go that the Vmware-tools in latest Server packages are 2.6.25 compatible, but I haven't tested that I tested rebuild FC7 kernel with an test VM in ESX 3.5. It runs OK. John . ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
On Thu, 2008-07-10 at 19:31 -0500, Lanny Marcus wrote: On 7/10/08, Scott Silva [EMAIL PROTECTED] wrote: snip snip I will try to SSH into the ipcop box. I've never tried to SSH into it. I've always looked at it via the web interface. Be aware that port 222, no 22, is used for slightly increased resistance to attacks. I just tried it from one of my ipcop boxes and got a query all the way to the root servers; dig +trace gmail.com I tried dig +trace from my Desktop and it didn't work. Probably because I'm behind the Firewall. If I can SSH into the ipcop box I will try dig +trace from there. IPCop is based on 2.4 kernel, IIRC. I don't know if it has dig. Try using nslookup (see the man page for details - I don't remember them all). snip HTH -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] command line configuration of DSL access
Hi there, how can I configure a DSL access using the command line? The Red Hat Certified Engineer Linux Study Guide does not describe this and I could not find any description on the internet. - Gergely ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
On Thu, 2008-07-10 at 20:07 -0500, Lanny Marcus wrote: On 7/10/08, Lanny Marcus [EMAIL PROTECTED] wrote: snip snip Still not able to SSH into the IPCop box. Something wrong in the syntax I tried or SSH didn't get turned on in the IPCop box, via the web interface, as I thought? The sshd is running in my Desktop box. Sshd is for incoming connections. You need to enable it on IPCop (using web interface is easiest). I also suggest using ssh keys instead of password *if* you want increased security. Paranoia level is the determining factor. You should not need to fron the trace (dig or nslookup from the IPCop box. [EMAIL PROTECTED] ~]$ dig +trace smtp-server.triad.rr.com ; DiG 9.3.4-P1 +trace smtp-server.triad.rr.com ;; global options: printcmd . 376531 IN NS E.ROOT-SERVERS.NET. . 376531 IN NS D.ROOT-SERVERS.NET. . 376531 IN NS M.ROOT-SERVERS.NET. . 376531 IN NS B.ROOT-SERVERS.NET. . 376531 IN NS F.ROOT-SERVERS.NET. . 376531 IN NS K.ROOT-SERVERS.NET. . 376531 IN NS A.ROOT-SERVERS.NET. . 376531 IN NS L.ROOT-SERVERS.NET. . 376531 IN NS I.ROOT-SERVERS.NET. . 376531 IN NS H.ROOT-SERVERS.NET. . 376531 IN NS C.ROOT-SERVERS.NET. . 376531 IN NS J.ROOT-SERVERS.NET. . 376531 IN NS G.ROOT-SERVERS.NET. ;; Received 504 bytes from 192.168.2.20#53(192.168.2.20) in 28 ms com.172800 IN NS F.GTLD-SERVERS.NET. com.172800 IN NS H.GTLD-SERVERS.NET. snip [EMAIL PROTECTED] ~]# ssh ipcop.homelan:222 ssh: ipcop.homelan:222: Name or service not known [EMAIL PROTECTED] ~]# I've not used it for awhile, but I think you need to look at the man page. ISTR that [EMAIL PROTECTED] is somewhere in there. Unsure though. snip sig stuff -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] command line configuration of DSL access
Hi, On Fri, 2008-07-11 at 12:13 +0200, Gergely Buday wrote: Hi there, how can I configure a DSL access using the command line? The Red Hat Certified Engineer Linux Study Guide does not describe this and I could not find any description on the internet. Maybe you can provide us with some more information, as like which provider are you using in which country, what kind of hardware are you using to connect to DSL (router/pci card?), which version of CentOS are you using and maybe other info that might be of use ? kind regards, Michel ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] command line configuration of DSL access
Michel van Deventer wrote: how can I configure a DSL access using the command line? The Red Hat Certified Engineer Linux Study Guide does not describe this and I could not find any description on the internet. Maybe you can provide us with some more information, as like which provider are you using in which country, what kind of hardware are you using to connect to DSL (router/pci card?), which version of CentOS are you using and maybe other info that might be of use ? The case is that I used the GUI for my fedora box and now would like to set the same to my centos server that would be the firewall. I use eth0 to connect to my service provider's network. When I set up on fedora I choose DSL and gave login name and password and worked out of the box. I use CentOs 5.1 on my server. I would like to use an editor better than the GUI to configure this. My provider is Digi Tv in Hungary. I wonder why do you need all this, isn't there a good description of the config scripts somewhere? - Gergely ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
On 7/10/08, Ian Blackwell [EMAIL PROTECTED] wrote: Lanny Marcus wrote: [EMAIL PROTECTED] ~]# ssh ipcop.homelan:222 ssh: ipcop.homelan:222: Name or service not known [EMAIL PROTECTED] ~]# Try:- ssh -p 222 ipcop.homelan Bingo! Ian, I was able to get into the IPCop box. :-) Thank you, for giving me the correct syntax! Lanny ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Understanding iptables
On Thu, 2008-07-10 at 21:29 -0400, Filipe Brandenburger wrote: snip P.S.: Once again: although it's great that you are digging into the problem, using iptables, and learning a lot on the process, you should *REALLY* consider ditching rsh/rlogin and sticking to SSH. I would consider using rsh/rlogin instead of SSH today about the same as using gopher instead of the WWW these days (for those of you who still remember it). Of course! And it has a new career too! NASCAR on Fox has an in track camera system that uses gopher as its character. They have named it Digger. snip sig stuff -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Understanding iptables
On Fri, 2008-07-11 at 13:43 +1200, Spiro Harvey, Knossos Networks Ltd wrote: snip what are you talking about? I'm writing a Tor wrapper that funnels all my http requests thru gopher for extra security. It's called Gor. And I'm writing it in GW-BASIC! we don't need no steenkin new fangled tecnomologies. next you'll be telling me our internets shouldn't use tubes. That's right! Since most of you youngsters can't swim worth a crap, your intertubes should use nets! -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] command line configuration of DSL access
Gergely Buday wrote: Michel van Deventer wrote: how can I configure a DSL access using the command line? The Red Hat Certified Engineer Linux Study Guide does not describe this and I could not find any description on the internet. Maybe you can provide us with some more information, as like which provider are you using in which country, what kind of hardware are you using to connect to DSL (router/pci card?), which version of CentOS are you using and maybe other info that might be of use ? The case is that I used the GUI for my fedora box and now would like to set the same to my centos server that would be the firewall. I use eth0 to connect to my service provider's network. When I set up on fedora I choose DSL and gave login name and password and worked out of the box. I use CentOs 5.1 on my server. I would like to use an editor better than the GUI to configure this. My provider is Digi Tv in Hungary. adsl-setp does the configuration. Then there is an adsl-start script. But I set my ifcfg-ppp0 file to bring the ppp0 interface up at boot time and it does. A 'simple' service network restart or: ifdown ppp0 ; ifup ppp0 bounces the connection nicely. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Understanding iptables
Filipe Brandenburger schrieb: P.S.: Once again: although it's great that you are digging into the problem, using iptables, and learning a lot on the process, you should *REALLY* consider ditching rsh/rlogin and sticking to SSH. I would consider using rsh/rlogin instead of SSH today about the same as using gopher instead of the WWW these days (for those of you who still remember it). In an isolated subnet (where the only users are root anyway on all machines - think research lab), it might have its uses (e.g. when ssh via key-authentication is too slow for whatever is needed). So, I wouldn't ditch it completely. But on a normal LAN, it's not a good idea. Rainer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
On 7/11/08, William L. Maltby [EMAIL PROTECTED] wrote: snip Sshd is for incoming connections. You need to enable it on IPCop (using web interface is easiest). I also suggest using ssh keys instead of password *if* you want increased security. Paranoia level is the determining factor. Paranoia level has me wanting to: (a) Be able to dig +trace and verify that opendns.com is not in the loop; Preferably from both my Desktop and from the ipcop box (b) Be using Authoritative DNS servers at all times, as dnscache does. (c) Avoid DNS Cache poisoning, if possible. :-) http://en.wikipedia.org/wiki/DNS_cache_poisoning You should not need to fron the trace (dig or nslookup from the IPCop box. I cannot dig +trace from my Desktop, as me or as root and I also cannot dig +trace from the ipcop box as of this time. [EMAIL PROTECTED] ~]$ dig +trace smtp-server.triad.rr.com ; DiG 9.3.4-P1 +trace smtp-server.triad.rr.com ;; global options: printcmd snip results of Bill's dig +trace from his Desktop Here's what happens when I try that from my Desktop: [EMAIL PROTECTED] ~]$ dig +trace smtp-server.triad.rr.com ; DiG 9.3.4-P1 +trace smtp-server.triad.rr.com ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED] ~]$ su - Password: [EMAIL PROTECTED] ~]# dig +trace smtp-server.triad.rr.com ; DiG 9.3.4-P1 +trace smtp-server.triad.rr.com ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED] ~]# snip Here's what happened, when I tried dig +trace from the ipcop box: After SSH into ipcop.homelan I can dig gmail.com but I cannot dig +trace gmail.com as Scott Silva did on his IPCop box. [EMAIL PROTECTED]:~ # dig +trace gmail.com ; DiG 9.4.0 +trace gmail.com ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED]:~ # dig gmail.com ; DiG 9.4.0 gmail.com ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 26895 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;gmail.com. IN A ;; ANSWER SECTION: gmail.com. 55 IN A 209.85.171.83 gmail.com. 55 IN A 64.233.171.83 gmail.com. 55 IN A 64.233.161.83 ;; AUTHORITY SECTION: gmail.com. 311436 IN NS ns1.google.com. gmail.com. 311436 IN NS ns3.google.com. gmail.com. 311436 IN NS ns2.google.com. gmail.com. 311436 IN NS ns4.google.com. ;; ADDITIONAL SECTION: ns4.google.com. 345468 IN A 216.239.38.10 ns1.google.com. 345285 IN A 216.239.32.10 ns2.google.com. 345383 IN A 216.239.34.10 ns3.google.com. 341939 IN A 216.239.36.10 ;; Query time: 166 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jul 11 06:18:17 2008 ;; MSG SIZE rcvd: 218 I need to get out of here now. Later, I will try this on our backup IPCop box. I want to be able to ssh into the IPCop box, and make the change Scott Silva suggested for the DNS Server, rather than using the IPCop web interface / GUI, because I know that it is common for GUI's not to work as advertised. If I screw up the backup IPCop box, I can continue using the one we are now using and we will still be online until I get this working the way I want it to. :-) I have the Firewall running in my Desktop, which possibly is a factor here. I greatly appreciate the time and help of everyone in this mailing list! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Latest samaba updates
On Thu, 2008-07-10 at 12:32 -0400, John wrote: Remember this. It is going to work when set to Permisive regardless!! Thanks, I will remember. Now I just need to find out what it means by read-only. A find -perm 400 on the directory gives no hits, nor do most other variations, like 444, etc. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.2 VMI support
On Thu, 2008-07-10 at 17:31 -0700, nate wrote: No it requires changes to the kernel itself, changes which I don't think Red Hat will introduce in a minor release as their current VM stuff is Xen based which has it's own paravirtualization support in the existing kernel(pre VMI). I read that Red Hat is moving towards KVM though, I don't have any knowledge on that project, maybe it uses VMI as well. There's a big splash on Redhat's home page. Take a look at http://www.ovirt.org. That uses libvirt. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Finding a python module
A colleague supplied me with a set of rpms he built on his Fedora box and when I tried to install them with yum localinstall I got a missing dependency: Resolving Dependencies -- Running transaction check --- Package hipl-doc.i386 0:1.0.4-1 set to be updated --- Package hipl-tools.i386 0:1.0.4-1 set to be updated -- Processing Dependency: python(abi) = 2.5 for package: hipl-tools --- Package hipl-firewall.i386 0:1.0.4-1 set to be updated --- Package hipl-lib.i386 0:1.0.4-1 set to be updated -- Processing Dependency: python(abi) = 2.5 for package: hipl-lib --- Package hipl-agent.i386 0:1.0.4-1 set to be updated --- Package hipl-debuginfo.i386 0:1.0.4-1 set to be updated --- Package hipl-test.i386 0:1.0.4-1 set to be updated --- Package hipl-daemon.i386 0:1.0.4-1 set to be updated -- Finished Dependency Resolution Error: Missing Dependency: python(abi) = 2.5 is needed by package hipl-lib Error: Missing Dependency: python(abi) = 2.5 is needed by package hipl-tools Centos 5.2 provides python 2.5.1. My colleague's system where he made these rpms also has 2.5.1. How do I determine what rpm I need to install to get this dependency? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Latest samaba updates
On Fri, Jul 11, 2008 at 8:24 AM, David G. Mackay [EMAIL PROTECTED] wrote: Thanks, I will remember. Now I just need to find out what it means by read-only. A find -perm 400 on the directory gives no hits, nor do most other variations, like 444, etc. Try: find . \! -perm /222 See man find for details. HTH, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Finding a python module
On Fri, Jul 11, 2008 at 9:08 AM, Robert Moskowitz [EMAIL PROTECTED] wrote: Error: Missing Dependency: python(abi) = 2.5 is needed by package hipl-lib Centos 5.2 provides python 2.5.1. Are you sure? On an up to date system: # cat /etc/redhat-release CentOS release 5.2 (Final) # rpm -q python python-2.4.3-21.el5 # rpm -q --provides python | grep -Fw 'python(abi)' python(abi) = 2.4 You should look at where your friend got this Python from. HTH, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
On Fri, 2008-07-11 at 06:49 -0500, Lanny Marcus wrote: On 7/11/08, William L. Maltby [EMAIL PROTECTED] wrote: snip snip I cannot dig +trace from my Desktop, as me or as root and I also cannot dig +trace from the ipcop box as of this time. Must be either firewall on your desktop or IPCop has some blocked resources. Try to dig something from your desktop that is on your local lan. Your IPCop box(es) should make good targets *if* nothing blocks the needed responses. If you can get dig +trace to any other box on the lan, with trace information shown, that means your desktop should be fine. If not, inconclusive I guess. I would use the web interface to the IPCop box and see what has been enabled/disabled. Unless the IPCop box has been really buttoned down tight, this should work as it does here. Caveat: IIRC, you don't have the caching DNS running on the IPCop box? Maybe that has some affect? I can't figure how, since when you try from the IPCop box it works. That means the remote DNS server allows this action and IPCop should normally just do a pass through of these packets. Hmm... opined the grizzled old veteran. I guess we should ask the version of IPCop here - they are not all created equally. Mine is the 1.4.18 (IIRC), latest and greatest. Which reminds me - project has not had an upgrade for a long time now. I wonder if it died? [EMAIL PROTECTED] ~]$ dig +trace smtp-server.triad.rr.com ; DiG 9.3.4-P1 +trace smtp-server.triad.rr.com ;; global options: printcmd snip results of Bill's dig +trace from his Desktop Here's what happens when I try that from my Desktop: [EMAIL PROTECTED] ~]$ dig +trace smtp-server.triad.rr.com ; DiG 9.3.4-P1 +trace smtp-server.triad.rr.com ;; global options: printcmd ;; connection timed out; no servers could be reached Try specifying the DNS server on the end of the line (IIRC - maybe check the man page to see). [EMAIL PROTECTED] ~]$ su - Password: [EMAIL PROTECTED] ~]# dig +trace smtp-server.triad.rr.com ; DiG 9.3.4-P1 +trace smtp-server.triad.rr.com ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED] ~]# snip Here's what happened, when I tried dig +trace from the ipcop box: After SSH into ipcop.homelan I can dig gmail.com but I cannot dig +trace gmail.com as Scott Silva did on his IPCop box. Works OK here. So there's certainly something different there. [EMAIL PROTECTED]:~ # dig +trace gmail.com ; DiG 9.4.0 +trace gmail.com ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED]:~ # dig gmail.com snip -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Finding a python module
Filipe Brandenburger wrote: On Fri, Jul 11, 2008 at 9:08 AM, Robert Moskowitz [EMAIL PROTECTED] wrote: Error: Missing Dependency: python(abi) = 2.5 is needed by package hipl-lib Centos 5.2 provides python 2.5.1. Are you sure? On an up to date system: # cat /etc/redhat-release CentOS release 5.2 (Final) # rpm -q python python-2.4.3-21.el5 # rpm -q --provides python | grep -Fw 'python(abi)' python(abi) = 2.4 Oh, interesting. I got the same answer, but I also get: # python -V Python 2.5.1 So which is it? You should look at where your friend got this Python from. HTH, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Finding a python module
Robert Moskowitz schrieb: Centos 5.2 provides python 2.5.1. Nope. CentOS 5.2 comes with Python 2.4 only! fs ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Finding a python module
Oh, wow, is my system hosed now Filipe Brandenburger wrote: On Fri, Jul 11, 2008 at 9:08 AM, Robert Moskowitz [EMAIL PROTECTED] wrote: Error: Missing Dependency: python(abi) = 2.5 is needed by package hipl-lib Centos 5.2 provides python 2.5.1. Are you sure? On an up to date system: # cat /etc/redhat-release CentOS release 5.2 (Final) # rpm -q python python-2.4.3-21.el5 # rpm -q --provides python | grep -Fw 'python(abi)' python(abi) = 2.4 You should look at where your friend got this Python from. Some more testing shows # python -V Python 2.4.3 as well. He had me download the 2.5.1 source for Python and compile it. Of course that broke the previously installed rpms, like yum! I am going to either have to find 2.5 that I can install on Centos (from a Fedora box), but that will most likely break even more things. Or get him to build a Centos box and do the build there... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Finding a python module
On Fri, Jul 11, 2008 at 9:42 AM, Robert Moskowitz [EMAIL PROTECTED] wrote:
Oh, wow, is my system hosed now
Yes, for sure! Replacing the system's python is a pretty bad idea
these days, as many of RedHat's tools depend on it.
I am going to either have to find 2.5 that I can install on Centos (from a
Fedora box), but that will most likely break even more things.
Yes it will. Restore the one from CentOS by reinstalling the CentOS
RPM with --force.
Or get him to build a Centos box and do the build there...
You can do that on your own box (after you fix it). Just get the
source rpm (.src.rpm) file, install the rpm-build package, and then
use the rpmbuild command to build the package.
Basically the steps to configure rpmbuild to work on your machine are:
$ mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
$ echo '%_topdir %(echo $HOME)/rpmbuild' ~/.rpmmacros
And then to rebuild a source rpm:
$ rpmbuild --rebuild xx.src.rpm
By the way, do we already have something on CentOS Wiki to help people
build their own RPMs? I think this would be helpful, since it's not
that easy to find that information from the man pages and
documentation.
HTH,
Filipe
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Latest samaba updates
On Fri, 2008-07-11 at 09:09 -0400, Filipe Brandenburger wrote: On Fri, Jul 11, 2008 at 8:24 AM, David G. Mackay [EMAIL PROTECTED] wrote: Thanks, I will remember. Now I just need to find out what it means by read-only. A find -perm 400 on the directory gives no hits, nor do most other variations, like 444, etc. Try: find . \! -perm /222 See man find for details. Thank you. The other question is whether selinux is concerned about a file being r/o at the owner, group, or anonymous level. Is 644 OK, or 640, or 644? Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] command line configuration of DSL access
Gergely Buday wrote: Hi there, how can I configure a DSL access using the command line? The Red Hat Certified Engineer Linux Study Guide does not describe this and I could not find any description on the internet. For my DSL it's pretty simple: ifconfig eth0 216.39.174.24 netmask 255.255.255.0 route add default gw 216.39.174.1 And off I go ..(until I reboot so I put the network config in the right location) My DSL modem is in bridged mode and I have direct IP access. I don't think it gets any easier. It's like having a direct ethernet drop. And I have 4 static IPs to play with. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Is there a FC8 update repo out there?
So I need python 2.5.1, and all of its dependecies. And 2.5.1 is at least in FC8. So this leads to wanting to try to do the update right via yum, thus needing a repo. Does such a thing exist? I find a directory out there, but no repodata directory with it: http://rpmfind.net/linux/RPM/fedora/updates/testing/8/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is there a FC8 update repo out there?
On Fri, Jul 11, 2008 at 09:02:18AM -0700, Robert Moskowitz wrote: So I need python 2.5.1, and all of its dependecies. And 2.5.1 is at least in FC8. So this leads to wanting to try to do the update right via yum, thus needing a repo. Does such a thing exist? I find a directory out there, but no repodata directory with it: http://rpmfind.net/linux/RPM/fedora/updates/testing/8/ I'm guessing you'll spark a nice discussion on this, but in general, replacing or upgrading the system version of Python is a bad idea. Many OS tools are written against the specific version of Python that comes with your version of CentOS... updating it not only would result in lots of complaints from RPM, but probably would break a lot of stuff too. I'm not sure if there's a great way to have concurrent version of Python installed cleanly or not... the Python project itself used to maintain some RPM's and a Yum repo, but I believe that project is somewhat dormant and last time I tried it it still wasn't a real smooth process. I think most will recommend you build from source and install somewhere like /opt or /usr/local... My $0.02 anyways. Ray ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is there a FC8 update repo out there?
Ray Van Dolson wrote: On Fri, Jul 11, 2008 at 09:02:18AM -0700, Robert Moskowitz wrote: So I need python 2.5.1, and all of its dependecies. And 2.5.1 is at least in FC8. So this leads to wanting to try to do the update right via yum, thus needing a repo. Does such a thing exist? I find a directory out there, but no repodata directory with it: http://rpmfind.net/linux/RPM/fedora/updates/testing/8/ I'm guessing you'll spark a nice discussion on this, but in general, replacing or upgrading the system version of Python is a bad idea. Many OS tools are written against the specific version of Python that comes with your version of CentOS... updating it not only would result in lots of complaints from RPM, but probably would break a lot of stuff too. I'm not sure if there's a great way to have concurrent version of Python installed cleanly or not... the Python project itself used to maintain some RPM's and a Yum repo, but I believe that project is somewhat dormant and last time I tried it it still wasn't a real smooth process. I think most will recommend you build from source and install somewhere like /opt or /usr/local... How do I find out if Python 2.4.3 contains abi? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is there a FC8 update repo out there?
How do I find out if Python 2.4.3 contains abi? I'm not sure what you're asking. Python's ABI version would be 2.4.3, but if you're referring to a module 'abi', I don't think one exists? You can always fire up python and type 'import modulename' to see if that module exists. Ray ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum-updatesd not working on CentOS 5.2
On Tue, 2008-07-08 at 12:12 +0200, Santi Saez wrote: So, appears that yum-updatesd can download, notify and install updates.. but none of this works on a fresh CentOS 5.2 :-( I will try yum-cron.. but I'm also interested in testing yum- updatesd, none is using it? there's no patch to solve this? Thanks.. Hi, We use yum-updatesd on CentOS 5.1, 5.2 and Fedora systems. I have to admit that I have a 5.1 server sitting here telling me that it has a whole load of patches to install (the 5.2 updates), and I just didn't associate it with yum-updatesd not installing them. Like you we have configured yum-updatesd to do automatic installs, although we exclude things like the kernel for manual updating. Anyway. I've currently set yum-updatesd to do a check every 15mins (900 seconds) on one server. I'll look and see if there is anything obvious as to why it doesn't do the updates. I could see nothing about this on the RedHat bugzilla (no bugs reported for yum-updatesd at all under Fedora 9). I may test that tonight at home. John. -- --- John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287 E-mail: [EMAIL PROTECTED] Fax: +44 (0)1752 587001 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is there a FC8 update repo out there?
On Jul 11, 2008, at 12:07 PM, Ray Van Dolson wrote: I'm not sure if there's a great way to have concurrent version of Python installed cleanly or not... the Python project itself used to maintain some RPM's and a Yum repo, but I believe that project is somewhat dormant and last time I tried it it still wasn't a real smooth process. sounds like you're referring to PyVault (http://www.python.org/ pyvault/). unfortunately, there is not yet a distribution for CentOS 5. i remember having some degree of success with the PyVault RPMs for CentOS 3, though. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Linux equivalent of 'format' in solaris
On Fri, Jul 11, 2008 at 12:04 PM, Ed Donahue [EMAIL PROTECTED] wrote: It shows the physical disks on the server bash-2.05b# format Searching for disks...done AVAILABLE DISK SELECTIONS: 0. c0t2d0 SUN18G cyl 7506 alt 2 hd 19 sec 248 /[EMAIL PROTECTED],0/SUNW,[EMAIL PROTECTED],880/[EMAIL PROTECTED],0 1. c0t3d0 SUN18G cyl 7506 alt 2 hd 19 sec 248 /[EMAIL PROTECTED],0/SUNW,[EMAIL PROTECTED],880/[EMAIL PROTECTED],0 2. c0t4d0 SUN18G cyl 7506 alt 2 hd 19 sec 248 /[EMAIL PROTECTED],0/SUNW,[EMAIL PROTECTED],880/[EMAIL PROTECTED],0 3. c1t10d0 SUN18G cyl 7506 alt 2 hd 19 sec 248 /[EMAIL PROTECTED],0/QLGC,[EMAIL PROTECTED],1/[EMAIL PROTECTED],0 4. c1t11d0 SUN18G cyl 7506 alt 2 hd 19 sec 248 /[EMAIL PROTECTED],0/QLGC,[EMAIL PROTECTED],1/[EMAIL PROTECTED],0 5. c1t12d0 SUN18G cyl 7506 alt 2 hd 19 sec 248 /[EMAIL PROTECTED],0/QLGC,[EMAIL PROTECTED],1/[EMAIL PROTECTED],0 Specify disk (enter its number): There is no 'one' equivalent. If you want to partition disks, use fdisk. If you want to see the physical hardware info, try cat /proc/scsi/scsi or cat /proc/ide/hd?/model -- Jeff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is there a FC8 update repo out there?
Ray Van Dolson wrote: How do I find out if Python 2.4.3 contains abi? I'm not sure what you're asking. Python's ABI version would be 2.4.3, but if you're referring to a module 'abi', I don't think one exists? You can always fire up python and type 'import modulename' to see if that module exists. Well no such module exists in either 2.4.3 or 2.5.1, so what is being complained about in the yum install below? Only that python v2.5 is needed? (I have been trying to get my colleague to either set me up to compile the source or for him to build a Centos host to do it himself). yum localinstall hip* Loading fastestmirror plugin Loading priorities plugin Setting up Local Package Process Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: medon.htt-consult.com * updates: medon.htt-consult.com * addons: mirror.steadfast.net * extras: pubmirrors.reflected.net 272 packages excluded due to repository priority protections Examining hipl-agent-1.0.4-1.i386.rpm: hipl-agent - 1.0.4-1.i386 Examining hipl-daemon-1.0.4-1.i386.rpm: hipl-daemon - 1.0.4-1.i386 Examining hipl-debuginfo-1.0.4-1.i386.rpm: hipl-debuginfo - 1.0.4-1.i386 Examining hipl-doc-1.0.4-1.i386.rpm: hipl-doc - 1.0.4-1.i386 Examining hipl-firewall-1.0.4-1.i386.rpm: hipl-firewall - 1.0.4-1.i386 Examining hipl-lib-1.0.4-1.i386.rpm: hipl-lib - 1.0.4-1.i386 Examining hipl-test-1.0.4-1.i386.rpm: hipl-test - 1.0.4-1.i386 Examining hipl-tools-1.0.4-1.i386.rpm: hipl-tools - 1.0.4-1.i386 Marking hipl-agent-1.0.4-1.i386.rpm to be installed Marking hipl-daemon-1.0.4-1.i386.rpm to be installed Marking hipl-debuginfo-1.0.4-1.i386.rpm to be installed Marking hipl-doc-1.0.4-1.i386.rpm to be installed Marking hipl-firewall-1.0.4-1.i386.rpm to be installed Marking hipl-lib-1.0.4-1.i386.rpm to be installed Marking hipl-test-1.0.4-1.i386.rpm to be installed Marking hipl-tools-1.0.4-1.i386.rpm to be installed Resolving Dependencies -- Running transaction check --- Package hipl-doc.i386 0:1.0.4-1 set to be updated --- Package hipl-tools.i386 0:1.0.4-1 set to be updated -- Processing Dependency: python(abi) = 2.5 for package: hipl-tools --- Package hipl-firewall.i386 0:1.0.4-1 set to be updated --- Package hipl-lib.i386 0:1.0.4-1 set to be updated -- Processing Dependency: python(abi) = 2.5 for package: hipl-lib --- Package hipl-agent.i386 0:1.0.4-1 set to be updated --- Package hipl-debuginfo.i386 0:1.0.4-1 set to be updated --- Package hipl-test.i386 0:1.0.4-1 set to be updated --- Package hipl-daemon.i386 0:1.0.4-1 set to be updated -- Finished Dependency Resolution Error: Missing Dependency: python(abi) = 2.5 is needed by package hipl-lib Error: Missing Dependency: python(abi) = 2.5 is needed by package hipl-tools BTW, if you are interested, this is the hipl implementation of the HIP protocol. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Linux equivalent of 'format' in solaris
It shows the physical disks on the server bash-2.05b# format Searching for disks...done snip I like to use 'fdisk -l'. -John ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
on 7-10-2008 5:52 PM Lanny Marcus spake the following: On 7/10/08, Scott Silva [EMAIL PROTECTED] wrote: snip When you set up your connection to your provider, do you have a static address or dynamic? Dynamic IP If static, you had to set your next step resolver in the config. If you are dynamic, you get what your provider sends with the dhcp request. Since you said you have an ipcop box for your router you should be able to ssh into it and run setup and change your nameserver setting to 127.0.0.1 and your ipcop should be a caching nameserver. If you have another address there it will query to that server. I never tried to SSH into the IPCop box before. I've always connected to it via the web interface. I tried to SSH into it, but apparently I have that Blocked, in the IPCop configuration settings. [EMAIL PROTECTED] ~]# ssh ipcop.homelan ssh: connect to host ipcop.homelan port 22: Connection refused [EMAIL PROTECTED] ~]# Obviously, I need to change that, so I can run Setup from a terminal window, run the dig + trace command as you did from one of your IPCop boxes, etc. I just turned on SSH access in IPCop. It says it uses Port 222 which is non standard for SSH I am looking at it from the web interface. Under DHCP, for the Green Interface, for Primary DNS, it shows 192.168.10.1If I change that to 127.0.0.1 I'm done? Other than possibly needing to change a configuration setting in the ADSL Modem, regarding DNS? Thanks much! No !!! Don't change it there. That is the IP address sent to your dhcp clients for them to use for dns. If you set that to 127.0.0.1, no one will find anything. You need to run setup either from a terminal window on the ipcop box or by ssh. About halfway down is Networking which you select, and in that menu is Dns and Gateway Settings. You would set the primary dns to 127.0.0.1 and if you want set the secondary dns to what your primary dns was set at. You might have to play with the options to have dhcp assigned red and still be able to set your nameserver settings. The ipcop boxes I have are all on static ip's, on either T1's or business class DSL, so the settings are a little different. Whatever you do, write down the original settings of anything you change so you can restore it if it horribly breaks. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Problem with Bonding Driver
Tim, That works! I did not realize that the Red Hat network scripts have support for bonding options. (I did not find this documented anywhere.) But sure enough, I am able to set up a different primary interface for each bond using this method. Thanks so much! Sam Hi, I configure bonding interfaces a bit differently. I put only this line into /etc/modprobe.conf : alias bond0 bonding And use this in /etc/sysconfig/network-scripts/ifcfg-bondX : DEVICE=bond0 BOOTPROTO=none IPADDR=192.168.100.1 NETMASK=255.255.0.0 ONBOOT=yes BONDING_OPTS=miimon=100 mode=1 primary=eth0 I've got setup running like this in mode 1 (failover) and in mode 4 (LACP). Unfortunately I don't have any systems with more then 1 bond and I don't have anything spare to set this up. But you can try your setup using this way to configure it, maybe that helps. Regards, Tim On Tue, Jul 8, 2008 at 3:06 PM, Art Age Software [EMAIL PROTECTED] wrote: So, has anybody on this list gotten the bonding driver working with more than a single bond and **different options** on the bonds in CentOS 3/4/5 (I'm using 5.2)? I am starting to believe that this is in fact a problem with Red Hat kernels. But if so, I am surprised that it has persisted so long without being addressed. Should I file a bug with Red Hat? It is possible for CentOS to fix kernel problems? Or must they always be fixed upstream? On Mon, Jul 7, 2008 at 12:00 AM, Art Age Software [EMAIL PROTECTED] wrote: Does the second bonding interface have no primary interface, then? What exactly happens? Yes, exactly. The second bond comes up with no primary interface: # cat /proc/net/bonding/bond0 Bonding Mode: fault-tolerance (active-backup) Primary Slave: eth0 Currently Active Slave: eth0 MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 # cat /proc/net/bonding/bond1 Bonding Mode: fault-tolerance (active-backup) Primary Slave: None Currently Active Slave: eth2 MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 On Sat, Jul 5, 2008 at 9:45 AM, Art Age Software [EMAIL PROTECTED] wrote: Hi, could you describe in more detail? What exactly is ignored? The options do not look much different. As I said, I am trying to set a different primary interface for each bond: eth0 for bond0, and eth2 for bond1. Did you try without renaming? I do not use it, but it works nonetheless: alias bond0 bonding options bond0 mode=2 alias bond1 bonding options bond1 mode=2 You are setting identical options for both bonds. This masks the fact that your second options line is ignored and essentially does nothing. Try changing an option on bond1 (eg. set a different mode or a different miimon value), and I think you will see that it is ignored. On Fri, Jul 4, 2008 at 1:11 PM, Art Age Software [EMAIL PROTECTED] wrote: Hi, I've using linux bonding in active-backup mode to combine two pairs of GigE NICs (eth0/eth1, eth2/eth3) into two logical bonds (bond0/bond1). All is working fine. However, I would like to specify a primary interface for each bond. This means I need to specify different options to the bonding module for each bond. I have tried every conceivable incantation of options and cannot get the kernel to recognize the second set of options. Initially, my modprobe.conf looked like this: alias bond0 bonding alias bond1 bonding options bonding mode=active-backup miimon=100 max_bonds=2 What I am trying to achieve should be possible by changing modprobe.conf to this: alias bond0 bonding options bond0 -o bond0 miimon=100 mode=active-backup primary=eth0 alias bond1 bonding options bond1 -o bond1 miimon=100 mode=active-backup primary=eth2 But this results in fatal errors while bringing up the bonding interfaces. Changing to this eliminates the errors, but bond1 ignores the different options: alias bond0 bonding options bond0 -o bond0 miimon=100 mode=active-backup primary=eth0 max_bonds=1 alias bond1 bonding options bond1 -o bond1 miimon=100 mode=active-backup primary=eth2 max_bonds=1 I have tried many other combinations as well: install bond1 /sbin/modprobe --ignore-install bonding -o bond1 mode=active-backup primary=eth2 Nothing works. I also came across this note in the bonding docs: NOTE: It has been observed that some Red Hat supplied kernels are apparently unable to rename modules at load time (the -o bond1 part). Attempts to pass that option to modprobe will produce an Operation not permitted error. This has been reported on some Fedora Core kernels, and has been seen on RHEL 4 as well. On kernels exhibiting this problem, it will be impossible to configure multiple bonds with differing parameters. I have seen that error as well with certain combinations of options in my modprobe.conf. Am I simply out of luck here? Does anyone know of a solution? Thanks. ___ CentOS mailing list CentOS@centos.org
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
On 7/11/08, Scott Silva [EMAIL PROTECTED] wrote: snip I am looking at it from the web interface. Under DHCP, for the Green Interface, for Primary DNS, it shows 192.168.10.1If I change that to 127.0.0.1 I'm done? Other than possibly needing to change a configuration setting in the ADSL Modem, regarding DNS? Thanks much! No !!! Don't change it there. That is the IP address sent to your dhcp clients for them to use for dns. If you set that to 127.0.0.1, no one will find anything. You need to run setup either from a terminal window on the ipcop box or by ssh. About halfway down is Networking which you select, and in that menu is Dns and Gateway Settings. You would set the primary dns to 127.0.0.1 and if you want set the secondary dns to what your primary dns was set at. You might have to play with the options to have dhcp assigned red and still be able to set your nameserver settings. The ipcop boxes I have are all on static ip's, on either T1's or business class DSL, so the settings are a little different. Scott: Thank you, for the above explanation! I was able to SSH into the IPCop box on Port 222, very early this morning (with the syntax correct, that was easy) and I saw the Setup menu. Whatever you do, write down the original settings of anything you change so you can restore it if it horribly breaks. Amen. I will write down the original settings, before I change them. In a tiny way, the IPCop box is a Production Server in our house. I have two (2) very demanding users: a wife and a 7 year old daughter and I don't want them mad :-) Something like not wanting your boss at work mad at you I am going to be working on this, when they are not using their Desktop boxes and I am going to do this on our Backup IPCop box, which actually has much better HW than the one we normally use for IPCop. If I can't get this to work on IPCop, that is the one I will install SME Server or the CentOS 4.4 Server CD on. It sounds like this is going to work on IPCop, which will be much easier and much faster for me to get up and running properly. Question: Awhile ago, I got into the configuration settings for our ZTE ADSL Modem. For the change to me having my own Caching DNS Server, in the settings for the ADSL modem at this time, using the DNS servers at our ISP: Primary DNS Server 200.29.104.22 Secondary DNS Server200.29.96.22 When I think I am ready to test the change I make to IPCop setting(s), should I set those to 0.0.0.0. so I can use my own DNS Server ? Or. leave those spaces blank? Or, leave them as they are now? Thank you, very much, for your time and help, which are greatly appreciated! Lanny ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Problem with Bonding Driver
On Fri, Jul 11, 2008 at 3:06 PM, Art Age Software [EMAIL PROTECTED] wrote: That works! I did not realize that the Red Hat network scripts have support for bonding options. (I did not find this documented anywhere.) But sure enough, I am able to set up a different primary interface for each bond using this method. Very interesting. Looking under the hood, it's actually handled by the /etc/sysconfig/network-scripts/ifup-eth script, which writes the values to the pseudo-files under /sys/class/net/bondX/bonding/, so there you go, another way to change that dinamically without having to restart the interface. Would you be kind to see if you can change the primary on-the-fly using this method? Thanks, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Firefox 3 for CentOS 4
Hi, I'm trying to make Firefox 3 work in CentOS 4. So far I was able to do it by installing the evolution28-* rpms, which have a more recent GTK, Cairo, Pango, etc. With those libs installed and configured, Firefox 3 from mozilla.org works fine. The only thing is that it doesn't use the Bluecurve theme as the other applications do. I was seeing that the evolution28-* packages use themes under /usr/evolution28/share/themes instead of the default /usr/share/themes. I can copy the bluecurve theme there, but the libbluecurve.so that actually themes the widgets is missing. I tried to make it work with one from CentOS 5, but with no luck. So I'm wondering. Has anyone made those evolution28-* libs work with themes other than the ones included? Or, going through another easier route: has anyone made Firefox 3 work well on CentOS 4? How? I know Firefox 3 is supposed to be released on RHEL 4.7 so, is there already any SRPM from RedHat I could use? Thanks! Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: OT: [centos] open source inventory system with invoicing and serial no tracking
On Fri, 11 Jul 2008, david chong wrote: Dear All, Sorry, cause this is OT. I am asking this for my client, they hope to find a simple open source web base software with invoicing and serial no tracking, preferably if can generate continuous serial no by its own. Look at http://www.sql-ledger.com. I am not sure about the serial numberi generation part but it rusn on a web server, does inventory and invoicing and is licensed under the GPL. Regards, -- Tom Diehl [EMAIL PROTECTED] Spamtrap address [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
On 7/11/08, Lanny Marcus [EMAIL PROTECTED] wrote: On 7/11/08, William L. Maltby [EMAIL PROTECTED] wrote: snip I cannot dig +trace from my Desktop, as me or as root and I also cannot dig +trace from the ipcop box as of this time. Must be either firewall on your desktop or IPCop has some blocked resources. Try to dig something from your desktop that is on your local lan. Your IPCop box(es) should make good targets *if* nothing blocks the needed responses. If you can get dig +trace to any other box on the lan, with trace information shown, that means your desktop should be fine. I disabled the Firewall in my Desktop. I can dig to my daughters box, but I cannot dig +trace to it. Same results as with the Firewall in my Desktop enabled. I have SELinux running in Permissive Mode in my box and am not receiving Warnings, so I do not believe that is causing the problem. I will look at the web interface for the IPCop box, to see if I can find something I think might cause this problem. [EMAIL PROTECTED] ~]$ dig dell1602.homelan ; DiG 9.3.4-P1 dell1602.homelan ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 28804 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;dell1602.homelan. IN A ;; ANSWER SECTION: dell1602.homelan. 0 IN A 192.168.10.57 ;; Query time: 2 msec ;; SERVER: 192.168.10.1#53(192.168.10.1) ;; WHEN: Fri Jul 11 16:35:11 2008 ;; MSG SIZE rcvd: 50 [EMAIL PROTECTED] ~]$ dig +trace dell1602.homelan ; DiG 9.3.4-P1 +trace dell1602.homelan ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED] ~]$ dig dell1602.homelan ; DiG 9.3.4-P1 dell1602.homelan ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 55631 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;dell1602.homelan. IN A ;; ANSWER SECTION: dell1602.homelan. 0 IN A 192.168.10.57 ;; Query time: 2 msec ;; SERVER: 192.168.10.1#53(192.168.10.1) ;; WHEN: Fri Jul 11 16:36:38 2008 ;; MSG SIZE rcvd: 50 [EMAIL PROTECTED] ~]$ dig +trace dell1602.homelan ; DiG 9.3.4-P1 +trace dell1602.homelan ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED] ~]$ I then Disabled the Firewall on my daughters box: [EMAIL PROTECTED] ~]$ dig +trace dell1602.homelan ; DiG 9.3.4-P1 +trace dell1602.homelan ;; global options: printcmd . 0 IN A 192.168.1.1 ;; Received 33 bytes from 192.168.10.1#53(192.168.10.1) in 2 ms [EMAIL PROTECTED] ~]$ That is the FIRST time I have been able to use the dig +trace successfully! :-) The Firewall is off in my Desktop and also in my Daughter's Desktop. [EMAIL PROTECTED] ~]$ dig +trace gmail.com ; DiG 9.3.4-P1 +trace gmail.com ;; global options: printcmd . 0 IN A 192.168.1.1 ;; Received 33 bytes from 192.168.10.1#53(192.168.10.1) in 2 ms [EMAIL PROTECTED] ~]$ The dig +trace to gmail.com does not look at all correct to me, but I only know about 1% of what I would like to know about Linux or Networking. Probably that is caused by settings in the IPCop box? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
On Fri, 2008-07-11 at 16:15 -0500, Lanny Marcus wrote: On 7/11/08, William L. Maltby [EMAIL PROTECTED] wrote: snip snip My wife is using her Desktop box (compaq1300) on MS Windows at this time. I can dig but I cannot dig + trace to her box: That makes sense. I was thinking that you would have the backup (new) IPCop going with DNS caching going (and, naturally, local hosts defined, local domain defined, ...). Sorry for the confusion. Unless some unit is a DNS server, or caching sever on the local lan, that would be a wasted effort. [EMAIL PROTECTED] ~]$ dig compaq1300.homelan ; DiG 9.3.4-P1 compaq1300.homelan ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 45929 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;compaq1300.homelan.IN A ;; ANSWER SECTION: compaq1300.homelan. 0 IN A 192.168.10.56 ;; Query time: 19 msec ;; SERVER: 192.168.10.1#53(192.168.10.1) ;; WHEN: Fri Jul 11 15:52:34 2008 ;; MSG SIZE rcvd: 52 [EMAIL PROTECTED] ~]$ [EMAIL PROTECTED] ~]$ dig +trace compaq1300.homelan ; DiG 9.3.4-P1 +trace compaq1300.homelan ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED] ~] If not, inconclusive I guess. snip I would use the web interface to the IPCop box and see what has been enabled/disabled. Unless the IPCop box has been really buttoned down tight, this should work as it does here. I believe it is pretty much out of the box. Possibly the only setting I changed was not to respond to ping on the Red interface. Caveat: IIRC, you don't have the caching DNS running on the IPCop box? Maybe that has some affect? I can't figure how, since when you try from the IPCop box it works. No Bill. Very early this morning, when I was able to SSH into the IPCop box, I was *not* able to dig +trace from it, with the results Scott Silva showed to gmail.com Caching DNS in the IPCop box is not running at this time. I will try that on our Backup IPCop box, when my demanding users (wife and 7 year old daughter) are not online. That means the remote DNS server allows this action and IPCop should normally just do a pass through of these packets. Hmm... opined the grizzled old veteran. I guess we should ask the version of IPCop here - they are not all created equally. Mine is the 1.4.18 (IIRC), latest and greatest. Which reminds me - project has not had an upgrade for a long time now. I wonder if it died? My IPCop installation shows that no Updates are available for it. Available updates: All updates installed He-he! A misleading message if there ever was one! IPCop expects that you have downloaded an update image. Later you can install it. There is no yum-like facility going on there (from a paranoid security POV that would be a big NO-NO). You have to check your version (should appear in the installed updates section), go to the website and see if there is something new. The 1.4.18 was latest last I looked. Linux ipcop.homelan 2.4.34 #1 Mon Jul 16 23:11:03 GMT 2007 i586 pentium-mmx i386 GNU/Linux That doesn't show the IPCop software version. From the web interface, IIRC you can find out the version on one of its screens. snip snip Thank you, very much, for your time and help! Lanny NP! snip sig stuff -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
On Fri, 2008-07-11 at 17:12 -0500, Lanny Marcus wrote: On 7/11/08, Lanny Marcus [EMAIL PROTECTED] wrote: On 7/11/08, William L. Maltby [EMAIL PROTECTED] wrote: snip I cannot dig +trace from my Desktop, as me or as root and I also cannot dig +trace from the ipcop box as of this time. Must be either firewall on your desktop or IPCop has some blocked resources. Try to dig something from your desktop that is on your local lan. Your IPCop box(es) should make good targets *if* nothing blocks the needed responses. If you can get dig +trace to any other box on the lan, with trace information shown, that means your desktop should be fine. I disabled the Firewall in my Desktop. I can dig to my daughters box, but I cannot dig +trace to it. Same results as with the Firewall in my Desktop enabled. After reading your other post, I see why. With no DNS server (caching or otherwise), your routing is strictly via routing tables and /etc/hosts. So no trace is possible because no DNS server is involved. When you have some kind of DNS going on, your *first* attempt to do a look-up (presuming /etc/hosts on you machine does not contain the host - address resolution is then required to get the IP address) may give you something. I have SELinux running in Permissive Mode in my box and am not receiving Warnings, so I do not believe that is causing the problem. I Selinux would not be involved in this I think. will look at the web interface for the IPCop box, to see if I can find something I think might cause this problem. See above. W/o a DNS function, with hosts defined in /etc/hosts, +trace should not give anything. Dig needs some kind of DNS server to be found to get the results we are looking for. For doing a dig *outside* your local lan, it will/should got to the servers specified when the IPCop boots and gets dynamic IP from your USP or gets fixed IP and you have coded the servers in /etc/resolv.conf. E.g. my workstation has this (populated when IPCop assigns the IP - do not modify by hand if your IPCop is dispatching dynamic IPs). $ cat /etc/resolv.conf ; generated by /sbin/dhclient-script search HomeGroanNetworking nameserver 192.168.2.20 Note that IPCop is the ...20 address and has the DNS caching active and also has the dhcpd daemon running to assign IPs to my local network. snip WAIT! You *do* have DNS cache running I think. Check the lines below that say server:: *cluebat for me/you/us* Knowing this, you can't test on the local lan using +trace because there are no other servers. One hop and back to you. /*cluebat for me/you/us* [EMAIL PROTECTED] ~]$ dig dell1602.homelan ; DiG 9.3.4-P1 dell1602.homelan ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 28804 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;dell1602.homelan. IN A ;; ANSWER SECTION: dell1602.homelan. 0 IN A 192.168.10.57 ;; Query time: 2 msec ;; SERVER: 192.168.10.1#53(192.168.10.1) ;; WHEN: Fri Jul 11 16:35:11 2008 ;; MSG SIZE rcvd: 50 [EMAIL PROTECTED] ~]$ dig +trace dell1602.homelan ; DiG 9.3.4-P1 +trace dell1602.homelan ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED] ~]$ dig dell1602.homelan ; DiG 9.3.4-P1 dell1602.homelan ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 55631 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;dell1602.homelan. IN A ;; ANSWER SECTION: dell1602.homelan. 0 IN A 192.168.10.57 ;; Query time: 2 msec ;; SERVER: 192.168.10.1#53(192.168.10.1) ;; WHEN: Fri Jul 11 16:36:38 2008 ;; MSG SIZE rcvd: 50 [EMAIL PROTECTED] ~]$ dig +trace dell1602.homelan ; DiG 9.3.4-P1 +trace dell1602.homelan ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED] ~]$ I then Disabled the Firewall on my daughters box: [EMAIL PROTECTED] ~]$ dig +trace dell1602.homelan ; DiG 9.3.4-P1 +trace dell1602.homelan ;; global options: printcmd . 0 IN A 192.168.1.1 ;; Received 33 bytes from 192.168.10.1#53(192.168.10.1) in 2 ms [EMAIL PROTECTED] ~]$ That is the FIRST time I have been able to use the dig +trace successfully! :-) The Firewall is off in my Desktop and also in my Daughter's Desktop. [EMAIL PROTECTED] ~]$ dig +trace gmail.com ; DiG 9.3.4-P1 +trace gmail.com ;; global options: printcmd . 0 IN A 192.168.1.1 ;; Received 33 bytes from 192.168.10.1#53(192.168.10.1) in 2 ms [EMAIL PROTECTED] ~]$ The dig +trace to gmail.com does not look at all correct to me, but I only know about 1% of what I would like to know about Linux or Networking. Try the smtp-server.triad.rr.com or
[CentOS] CUPS and system-config-printer question
I was tasked with migrating a bunch of printer entries from one box to another. What I did is I got a list of printer names along with IP addresses and using the CUPS lpadmin -p printer-name -E -v lpd://IP_ADDR/lp I loaded them onto the new machine running RHEL 4.6. Printer tests show that it works fine. And if I use the CUPS web interface at http://localhost:631 Everything shows up. But if I launch the RH (and presumably CentOS works the same way) system-config-printer interface after adding the printers the CUPS way, nothing shows up in the RH interface. Probably not a big deal, but I have a colleague that will go nuts over this. He's attached to his interfaces, but there was no way I was going to manually enter those printers in that interface. Where do I look to make that interface see the CUPS-only printers? === Al ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
on 7-11-2008 1:48 PM Lanny Marcus spake the following: On 7/11/08, Scott Silva [EMAIL PROTECTED] wrote: snip I am looking at it from the web interface. Under DHCP, for the Green Interface, for Primary DNS, it shows 192.168.10.1If I change that to 127.0.0.1 I'm done? Other than possibly needing to change a configuration setting in the ADSL Modem, regarding DNS? Thanks much! No !!! Don't change it there. That is the IP address sent to your dhcp clients for them to use for dns. If you set that to 127.0.0.1, no one will find anything. You need to run setup either from a terminal window on the ipcop box or by ssh. About halfway down is Networking which you select, and in that menu is Dns and Gateway Settings. You would set the primary dns to 127.0.0.1 and if you want set the secondary dns to what your primary dns was set at. You might have to play with the options to have dhcp assigned red and still be able to set your nameserver settings. The ipcop boxes I have are all on static ip's, on either T1's or business class DSL, so the settings are a little different. Scott: Thank you, for the above explanation! I was able to SSH into the IPCop box on Port 222, very early this morning (with the syntax correct, that was easy) and I saw the Setup menu. Whatever you do, write down the original settings of anything you change so you can restore it if it horribly breaks. Amen. I will write down the original settings, before I change them. In a tiny way, the IPCop box is a Production Server in our house. I have two (2) very demanding users: a wife and a 7 year old daughter and I don't want them mad :-) Something like not wanting your boss at work mad at you I am going to be working on this, when they are not using their Desktop boxes and I am going to do this on our Backup IPCop box, which actually has much better HW than the one we normally use for IPCop. If I can't get this to work on IPCop, that is the one I will install SME Server or the CentOS 4.4 Server CD on. It sounds like this is going to work on IPCop, which will be much easier and much faster for me to get up and running properly. Question: Awhile ago, I got into the configuration settings for our ZTE ADSL Modem. For the change to me having my own Caching DNS Server, in the settings for the ADSL modem at this time, using the DNS servers at our ISP: Primary DNS Server 200.29.104.22 Secondary DNS Server200.29.96.22 When I think I am ready to test the change I make to IPCop setting(s), should I set those to 0.0.0.0. so I can use my own DNS Server ? Or. leave those spaces blank? Or, leave them as they are now? Thank you, very much, for your time and help, which are greatly appreciated! Lanny It looks as if your ADSL modem is in NAT mode, so it is acting like a very simple router already. What settings does it actually have? I think you can leave those settings alone, as they only will be used if you point DNS settings at the modems ip address. If you set your IPcop box at 127.0.0.1 it should seek out to the root servers by itself. As I posted earlier, you will have to poke around in the ipcop setup menu to get dhcp and custom DNS settings both working. I just played with one of my test vmware ipcop images and set it to dhcp on our internal network (which should simulate your natted connection through your adsl modem) for the red interface and I was able to dig +trace google.com with proper answers. So it is possible to get it working unless your ISP blocks DNS queries to anywhere else but their own servers. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Is there a FC8 update repo out there?
on 7-11-2008 10:13 AM Robert Moskowitz spake the following: Ray Van Dolson wrote: How do I find out if Python 2.4.3 contains abi? I'm not sure what you're asking. Python's ABI version would be 2.4.3, but if you're referring to a module 'abi', I don't think one exists? You can always fire up python and type 'import modulename' to see if that module exists. Well no such module exists in either 2.4.3 or 2.5.1, so what is being complained about in the yum install below? Only that python v2.5 is needed? (I have been trying to get my colleague to either set me up to compile the source or for him to build a Centos host to do it himself). snip BTW, if you are interested, this is the hipl implementation of the HIP protocol. ABI is the Application Binary Interface. It is not a module. See http://en.wikipedia.org/wiki/Application_binary_interface -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
Scott Silva wrote: You would set the primary dns to 127.0.0.1 and if you want set the secondary dns to what your primary dns was set at. You might have to play with the options to have dhcp assigned red and still be able to set your nameserver settings. The ipcop boxes I have are all on static ip's, on either T1's or business class DSL, so the settings are a little different. For what it is worth, my IPCop box has the DNS values supplied by my ISP entered here instead of 127.0.0.1. My dig +trace tests are all running fine. Scott: Thank you, for the above explanation! I was able to SSH into the IPCop box on Port 222, very early this morning (with the syntax correct, that was easy) and I saw the Setup menu. Whatever you do, write down the original settings of anything you change so you can restore it if it horribly breaks. You can also create a backup using the web-interface. The backup will be saved on your local machine and you can restore it from there if needed. Amen. I will write down the original settings, before I change them. In a tiny way, the IPCop box is a Production Server in our house. I have two (2) very demanding users: a wife and a 7 year old daughter and I don't want them mad :-) Something like not wanting your boss at work mad at you I am going to be working on this, when they are not using their Desktop boxes and I am going to do this on our Backup IPCop box, which actually has much better HW than the one we normally use for IPCop. If I can't get this to work on IPCop, that is the one I will install SME Server or the CentOS 4.4 Server CD on. It sounds like this is going to work on IPCop, which will be much easier and much faster for me to get up and running properly. Question: Awhile ago, I got into the configuration settings for our ZTE ADSL Modem. For the change to me having my own Caching DNS Server, in the settings for the ADSL modem at this time, using the DNS servers at our ISP: Primary DNS Server 200.29.104.22 Secondary DNS Server 200.29.96.22 These are the number I would enter into the IPCop setup screen for DNS and Gateway. My gateway value is the IP address of my ADSL modem. Ian ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: anything in CentOS 5.2 that uses opendns.com whenbrowsing web?
Lanny Marcus wrote: On 7/10/08, Dennis McLeod [EMAIL PROTECTED] wrote: IPCOP here. Use it for Masq, dhcp, NAT, time, Transparent Webfiltering via URLFilter plugin (and automatic blacklist downloads) and banned internal MAC addresses (our inside machines) via advancedproxy plugin, and more. It's on our public access wifi network with a dedicated DSL connection. Been up for 2 years. It's on an old IBM Netvista SFF Celeron 900 with 512M of ram. I'm gonna build one at home, cause my kids are getting to the age Dennis Great. I have IPCop running on a Pentium 233 MMX box with 64 MB of RAM. It's our oldest box and it does the job for our house. :-) IPCop here too - since 2004 - with a full Blue, Orange, Green and Red configuration (CentOS in Orange for email/web etc). I too used a really old P200 with about 96Mb RAM. It will work OK on that hardware - as it does on yours - but you just can't get it to do the extra stuff - e.g. CopFilter, Snort, etc. I've just updated to an AMD Athlon XP 1700+ with 512Mb of RAM and I can now run all the cool add-ons I couldn't before. Ian ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] pnm2ppa gone, in any repo?
Ted Miller wrote: I can't get my HP DeskJet 712C to print via cups. I believe the reason is that according to http://www.redhat.com/archives/epel-devel-list/2007-May/msg2.html the pnm2ppa filter got dropped between RHEL 4 and RHEL 5, or between Fedora 6 and RHEL 5, depending on how you look at it. Foomatic still generates the pnm2ppa.xml file, but there is no pnm2ppa binary filter installed, so any print attempt ends with an error message. I don't find that any repo I have installed has picked this up for x86_64 architecture. Do I need to add a repo? Has this not been an issue for enough people that someone has made it available from a repo? Right now this has been a show-stopper on upgrading from Centos 4 to 5, as it is hard to use the workstation without a printer. Any help appreciated. Since no repo seems to be interested in adding this printer driver, I installed the one included with Fedora 6 (rpm doesn't care what repo it came from, if you can get the URL right), and so far it is working. At least I can start using my Centos 5 workstation. It would be nice if someone would add this to some repo somewhere, so it could be installed by yum. Unfortunately, it only supports a half dozen printers, so I guess it is hard to get anyone motivated. Ted Miller ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Firefox 3 for CentOS 4
Filipe Brandenburger wrote: Hi, I'm trying to make Firefox 3 work in CentOS 4. So far I was able to do it by installing the evolution28-* rpms, which have a more recent GTK, Cairo, Pango, etc. With those libs installed and configured, Firefox 3 from mozilla.org works fine. The only thing is that it doesn't use the Bluecurve theme as the other applications do. I was seeing that the evolution28-* packages use themes under /usr/evolution28/share/themes instead of the default /usr/share/themes. I can copy the bluecurve theme there, but the libbluecurve.so that actually themes the widgets is missing. I tried to make it work with one from CentOS 5, but with no luck. So I'm wondering. Has anyone made those evolution28-* libs work with themes other than the ones included? Or, going through another easier route: has anyone made Firefox 3 work well on CentOS 4? How? I know Firefox 3 is supposed to be released on RHEL 4.7 so, is there already any SRPM from RedHat I could use? well ... it is not just one RPM, it is several. The whole mess is built with different gcc and glibc versions than released now ... so i would recommend waiting for the 4.7 version and not the 4.7 beta version. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Iptables not blocking UDP port 53
Sean Carolan wrote: I'm attempting to block access to port 53 from internet hosts for an internal server. This device is behind a gateway router so all traffic appears to come from source ip 10.100.1.1. Here are my (non-working) iptables rules: If it is behind a gateway router, how is port 53 traffic getting from the internet to that DNS server in the first place. Also ... IF you are PORT FORWARDING port 53 from the internet to the DNS server, then the SOURCE IP will not be the IP of the forwarding device, but the IP of the machine making the request. If this device is really behind a firewall why are you even forwarding any traffic to it from port 53 in the first palce? signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is there a FC8 update repo out there?
Robert Moskowitz wrote: Ray Van Dolson wrote: How do I find out if Python 2.4.3 contains abi? I'm not sure what you're asking. Python's ABI version would be 2.4.3, but if you're referring to a module 'abi', I don't think one exists? You can always fire up python and type 'import modulename' to see if that module exists. Well no such module exists in either 2.4.3 or 2.5.1, so what is being complained about in the yum install below? Only that python v2.5 is needed? (I have been trying to get my colleague to either set me up to compile the source or for him to build a Centos host to do it himself). yum localinstall hip* Loading fastestmirror plugin Loading priorities plugin Setting up Local Package Process Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: medon.htt-consult.com * updates: medon.htt-consult.com * addons: mirror.steadfast.net * extras: pubmirrors.reflected.net 272 packages excluded due to repository priority protections Examining hipl-agent-1.0.4-1.i386.rpm: hipl-agent - 1.0.4-1.i386 Examining hipl-daemon-1.0.4-1.i386.rpm: hipl-daemon - 1.0.4-1.i386 Examining hipl-debuginfo-1.0.4-1.i386.rpm: hipl-debuginfo - 1.0.4-1.i386 Examining hipl-doc-1.0.4-1.i386.rpm: hipl-doc - 1.0.4-1.i386 Examining hipl-firewall-1.0.4-1.i386.rpm: hipl-firewall - 1.0.4-1.i386 Examining hipl-lib-1.0.4-1.i386.rpm: hipl-lib - 1.0.4-1.i386 Examining hipl-test-1.0.4-1.i386.rpm: hipl-test - 1.0.4-1.i386 Examining hipl-tools-1.0.4-1.i386.rpm: hipl-tools - 1.0.4-1.i386 Marking hipl-agent-1.0.4-1.i386.rpm to be installed Marking hipl-daemon-1.0.4-1.i386.rpm to be installed Marking hipl-debuginfo-1.0.4-1.i386.rpm to be installed Marking hipl-doc-1.0.4-1.i386.rpm to be installed Marking hipl-firewall-1.0.4-1.i386.rpm to be installed Marking hipl-lib-1.0.4-1.i386.rpm to be installed Marking hipl-test-1.0.4-1.i386.rpm to be installed Marking hipl-tools-1.0.4-1.i386.rpm to be installed Resolving Dependencies -- Running transaction check --- Package hipl-doc.i386 0:1.0.4-1 set to be updated --- Package hipl-tools.i386 0:1.0.4-1 set to be updated -- Processing Dependency: python(abi) = 2.5 for package: hipl-tools --- Package hipl-firewall.i386 0:1.0.4-1 set to be updated --- Package hipl-lib.i386 0:1.0.4-1 set to be updated -- Processing Dependency: python(abi) = 2.5 for package: hipl-lib --- Package hipl-agent.i386 0:1.0.4-1 set to be updated --- Package hipl-debuginfo.i386 0:1.0.4-1 set to be updated --- Package hipl-test.i386 0:1.0.4-1 set to be updated --- Package hipl-daemon.i386 0:1.0.4-1 set to be updated -- Finished Dependency Resolution Error: Missing Dependency: python(abi) = 2.5 is needed by package hipl-lib Error: Missing Dependency: python(abi) = 2.5 is needed by package hipl-tools BTW, if you are interested, this is the hipl implementation of the HIP protocol. It looks like those RPMS are not built for CentOS-5 ... but were instead built against a version of linux with a newer version of python installed. You can't install FC8 packages (for example) directly on CentOS-5 ... all the shared libraries are different, so the required things will not exist. depending on the item in question, you might be able to BUILD it from the sources on CentOS-5 and then use it ... I have no idea what hipl is or does. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?
On Sat, 2008-07-12 at 09:05 +0930, Ian Blackwell wrote: Scott Silva wrote: snip Question: Awhile ago, I got into the configuration settings for our ZTE ADSL Modem. For the change to me having my own Caching DNS Server, in the settings for the ADSL modem at this time, using the DNS servers at our ISP: Primary DNS Server 200.29.104.22 Secondary DNS Server 200.29.96.22 These are the number I would enter into the IPCop setup screen for DNS and Gateway. My gateway value is the IP address of my ADSL modem. Unless your IPCop box is assigned a dynamic IP address? In that case, IIUC the DHCP server from the ISP/modem setup will provide the primary and secondary servers. I know they can be overridden if you massage the files though. But then if the ISP reassigns the servers' IP addresses you'll have to massage again - after the angst of it not working and you having to figure out that's what happened. Ian snip sig stuff -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Understanding iptables
On Thursday 10 July 2008 22:49, Filipe Brandenburger wrote: Could you post /etc/sysconfig/iptables? /etc/sysconfig/iptables doesn't necessarily reflect what is running right now, and you can't include the counters with it. I'm not interested in the counters I want to see how the rules are applied. Are you telling me that the GUI tool he is using to write the rules doesn't write them to the iptables file when he exits the program? An acceptable compromise would be posting the output of the iptables-save -c command, which doesn't have the two issues above. However, I still think that anyone handling firewalls on Linux using iptables should be familiar with the output of iptables -nvL which IMO is quite useful itself. I handle firewall rules quit nice thank you. Since you are in the mood to tell me I should know how to read this output please tell me what this means: [snip] Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere [/snip] What are we accepting here? All packets? If this is the case then there is no need for the rest of the rules in this chain. Oh, by the way I prefer to use iptables -L -v -n | less -SCi I also prefer not to write any rules in the FORWARDing chain except the rules that JUMP to predefined chains LAN or WAN. Make it easier to read the rules and know what applies to what interface at a glance also making it easier to add rules or remove them in the order you want. Again this is all personal preference. -- Regards Robert Smile... it increases your face value! Linux User #296285 http://counter.li.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] apt vrs yum ?
Robert - elists wrote: I was checking out Dag's ( not dagw ;- ) new blog... I don't know how much, if at all, this has been debated... http://dag.wieers.com/blog/using-apt-in-an-rpm-world if he is so adamant about apt over yum, why are we using yum still? Laziness? ;-) ...or are we just tasty food centric? Yum yum yum !!! - rh The real answer is this ... upstream uses yum. Dag does like apt better than yum, and there are some things apt does better than yum. However, I really don't think Red Hat will ever shift from yum to apt, certainly not in the foreseeable future. Newer yum things are happening in fedora, and it looks like RHEL6 will also have yum, so we will continue supporting yum. If you want to use apt (or red carpet, or yast, or put_your_app_here then if it works for you, great. However, yum is the supported way to get updates. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is there a FC8 update repo out there?
Robert Moskowitz wrote: yum localinstall hip* Loading fastestmirror plugin Loading priorities plugin Setting up Local Package Process Loading mirror speeds from cached hostfile * rpmforge: fr2.rpmfind.net * base: medon.htt-consult.com * updates: medon.htt-consult.com * addons: mirror.steadfast.net * extras: pubmirrors.reflected.net 272 packages excluded due to repository priority protections Examining hipl-agent-1.0.4-1.i386.rpm: hipl-agent - 1.0.4-1.i386 Yeah, what is this hipl package? http://infrahip.hiit.fi/index.php?index=home Is that it? Although yours seems to be newer and has additional packages. Do they provide a src rpm which you could then just rebuild against CentOS 5? Ray ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: OT: [centos] open source inventory system with invoicing and serial no tracking
On Fri, Jul 11, 2008 at 3:56 AM, david chong [EMAIL PROTECTED] wrote: Dear All, Sorry, cause this is OT. I am asking this for my client, they hope to find a simple open source web base software with invoicing and serial no tracking, preferably if can generate continuous serial no by its own. Thanks in advance. David ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos That is essentially built into MySQL / phpMyAdmin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Iptables not blocking UDP port 53
On Fri, Jul 11, 2008 at 7:03 PM, Johnny Hughes [EMAIL PROTECTED] wrote: Sean Carolan wrote: I'm attempting to block access to port 53 from internet hosts for an internal server. This device is behind a gateway router so all traffic appears to come from source ip 10.100.1.1. Here are my (non-working) iptables rules: If it is behind a gateway router, how is port 53 traffic getting from the internet to that DNS server in the first place. Also ... IF you are PORT FORWARDING port 53 from the internet to the DNS server, then the SOURCE IP will not be the IP of the forwarding device, but the IP of the machine making the request. If this device is really behind a firewall why are you even forwarding any traffic to it from port 53 in the first palce? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Assuming a SOHO LinkSys firewall preferably with dd-wrt alternative firmware. Are you sure this DNS Server is not in the DMZ? Are you sure the port isn't opened under the UPnP section? It is conceivable that mDNS / AVAHI with a UPnP router automatically open this port on the firewall. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
